Bash script purposed for system enumeration, vulnerability identification and privilege escalation.
Switch branches/tags
Nothing to show
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Failed to load latest commit information.
LICENSE Create LICENSE May 31, 2017
README.md
mida.sh Added BashArk Post-Exploit Sep 19, 2018

README.md

MIDA - Multitool

Bash script purposed for system enumeration, vulnerability identification and privilege escalation.

MIDA Multitool draws functionality from several of my previous scripts namely SysEnum and RootHelper and is in many regards RootHelpers successor.

Besides functionality from these two previous scripts it incorporates some of it's own and as such aims to be a comprehensive assistant for operations and utilities related to system enumeration, vulnerability identification, exploitation and privilege escalation.

Usage

After a system has been succesfully compromised MIDA should be downloaded to the host in question either with git or wget, after it has been unpacked/cloned the shellscript needs to be made executable with chmod +x mida.sh

Upon doing so it can be run on the target host. The options available to the user are below.

The 'Usage' option prints this informational message. The option 'System Enumeration' attempts to retrieve system information such as OS and kernel details, network status, processes, system logs and more. 'Common Utilities' checks for the existence of useful utilities such as telnet, netcat, tcpdump etc. 'External Utilities' opens a menu which lets you download external utilities that may prove to be helpful with further enumeration, vulnerability identification and privilege escalation.

Finally the option 'Cleartext Credentials' searches for text and web application files that contain certain keywords in order to find potential cleartext passwords.

Scripts available for download with MIDA

LinEnum by RebootUser

Firmwalker by Craigz28

BashArk by TheSecondSun

LUNAR by Lateralblast

Linux Priv Checker by SecuritySift

Linux Exploit Suggester by Jondonas

Unix Priv-Esc Check by Pentestmonkey