Linux Privilege Escalation
Fail
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: HIGHREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATIONCREDENTIALS_UNSAFE
Full Analysis
- [REMOTE_CODE_EXECUTION]: The skill executes a shell script downloaded from an external third-party GitHub repository (PEASS-ng) by piping the output of curl directly into the sh command.
- [EXTERNAL_DOWNLOADS]: It fetches several exploitation and enumeration tools, such as LinPEAS and Linux Exploit Suggester, from non-trusted external URLs and arbitrary IP addresses.
- [COMMAND_EXECUTION]: Provides comprehensive instructions for escalating privileges, including compiling C code exploits (e.g., Dirty COW, Dirty Pipe), abusing SUID binaries, and exploiting Sudo misconfigurations to spawn root-level shells.
- [DATA_EXFILTRATION]: Contains multiple reverse shell one-liners in Bash, Python, Perl, and Netcat designed to establish an outbound connection to a remote, attacker-controlled machine.
- [CREDENTIALS_UNSAFE]: Outlines techniques for reading and extracting hashed user passwords from restricted system files such as /etc/shadow and /etc/passwd.
Recommendations
- HIGH: Downloads and executes remote code from: https://github.com/carlospolop/PEASS-ng/releases/latest/download/linpeas.sh - DO NOT USE without thorough review
- AI detected serious security threats
Audit Metadata