[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"project-71448":3},{"id":4,"name":5,"fullName":6,"owner":7,"repo":5,"description":8,"homepage":9,"htmlUrl":10,"language":11,"languages":10,"totalLinesOfCode":10,"stars":12,"forks":13,"watchers":14,"openIssues":15,"contributorsCount":16,"subscribersCount":16,"size":16,"stars1d":16,"stars7d":17,"stars30d":18,"stars90d":16,"forks30d":16,"starsTrendScore":16,"compositeScore":19,"rankGlobal":10,"rankLanguage":10,"license":20,"archived":21,"fork":21,"defaultBranch":22,"hasWiki":21,"hasPages":21,"topics":23,"createdAt":10,"pushedAt":10,"updatedAt":35,"readmeContent":36,"aiSummary":37,"trendingCount":16,"starSnapshotCount":16,"syncStatus":38,"lastSyncTime":39,"discoverSource":40},71448,"traitor","liamg\u002Ftraitor","liamg",":arrow_up: :skull_and_crossbones: :fire: Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins, pwnkit, dirty pipe, +w docker.sock","",null,"Go",7140,705,114,20,0,6,9,68.45,"MIT License",false,"main",[24,25,26,27,28,29,30,31,32,33,34],"cve-2021-3560","cve-2022-0847","dirtypipe","exploit","gtfobins","hackthebox","infosec","privesc","privilege-escalation","redteam-tools","security-tools","2026-06-12 04:01:01","# Traitor\n\nAutomatically exploit low-hanging fruit to pop a root shell. Linux privilege escalation made easy!\n\nTraitor packages up a bunch of methods to exploit local misconfigurations and vulnerabilities in order to pop a root shell:\n\n- Nearly all of [GTFOBins](https:\u002F\u002Fgtfobins.github.io\u002F)\n- Writeable docker.sock\n- CVE-2022-0847 (Dirty pipe)\n- CVE-2021-4034 (pwnkit)\n- CVE-2021-3560\n\n![Demo](demo.gif)\n\nIt'll exploit most sudo privileges listed in GTFOBins to pop a root shell, as well as exploiting issues like a writable `docker.sock`, or the recent dirty pipe (CVE-2022-0847). More routes to root will be added over time too.\n\n## Usage\n\nRun with no arguments to find potential vulnerabilities\u002Fmisconfigurations which could allow privilege escalation. Add the `-p` flag if the current user password is known. The password will be requested if it's needed to analyse sudo permissions etc.\n\n```bash\ntraitor -p\n```\n\nRun with the `-a`\u002F`--any` flag to find potential vulnerabilities, attempting to exploit each, stopping if a root shell is gained. Again, add the `-p` flag if the current user password is known.\n\n```bash\ntraitor -a -p\n```\n\nRun with the `-e`\u002F`--exploit` flag to attempt to exploit a specific vulnerability and gain a root shell.\n\n```bash\ntraitor -p -e docker:writable-socket\n```\n\n## Supported Platforms\n\nTraitor will run on all Unix-like systems, though certain exploits will only function on certain systems.\n\n## Getting Traitor\n\nGrab a binary from the [releases page](https:\u002F\u002Fgithub.com\u002Fliamg\u002Ftraitor\u002Freleases), or use go:\n\n```\nCGO_ENABLED=0 go get -u github.com\u002Fliamg\u002Ftraitor\u002Fcmd\u002Ftraitor\n```\n\nFor go1.18:\n\n```\nCGO_ENABLED=0 go install github.com\u002Fliamg\u002Ftraitor\u002Fcmd\u002Ftraitor@latest\n```\n\nIf the machine you're attempting privesc on cannot reach GitHub to download the binary, and you have no way to upload the binary to the machine over SCP\u002FFTP etc., then you can try base64 encoding the binary on your machine, and echoing the base64 encoded string to `| base64 -d > \u002Ftmp\u002Ftraitor` on the target machine, remembering to `chmod +x` it once it arrives.\n\n## In The News\n- 20\u002F06\u002F21: [Console 58](https:\u002F\u002Fconsole.substack.com\u002Fp\u002Fconsole-58) - Awesome newsletter featuring tools and beta releases for developers.\n- 28\u002F04\u002F21: [Intigriti Bug Bytes #120](https:\u002F\u002Fblog.intigriti.com\u002F2021\u002F04\u002F28\u002Fbug-bytes-120-macos-pwned-homebrew-rce-the-worlds-shortest-backdoor\u002F) - Recommended tools\n- 09\u002F03\u002F21: [Hacker News thread](https:\u002F\u002Fnews.ycombinator.com\u002Fitem?id=26224719)\n","Traitor 是一个自动化利用低级漏洞以在Linux系统上提权并获取root shell的工具。它集成了多种方法来利用本地配置错误和已知漏洞，如GTFOBins列表中的sudo权限、可写docker.sock、Dirty Pipe (CVE-2022-0847) 和PwnKit (CVE-2021-4034) 等。该工具使用Go语言编写，具有跨平台特性，但某些特定漏洞的利用可能受限于操作系统版本。适合信息安全专业人员在渗透测试或红队活动中评估目标系统的安全性时使用。通过简单的命令行参数即可启动自动检测与利用过程，为用户提供了一种快速便捷的方式来识别潜在的安全弱点。",2,"2026-06-11 03:37:46","high_star"]