darnellkeith/PEASS-ng
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

linpeas.sh auto update

Browse Source
This commit is contained in:
CI-linpeas-ubuntu 2021-12-18 22:19:49 +00:00
parent 1d4617bcf7
commit 110de1f2d2
1 changed files with 364 additions and 363 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

727
linPEAS/linpeas.sh
View File

@ -1086,145 +1086,145 @@ if echo $CHECKS | grep -q ProCronSrvcsTmrsSocks || echo $CHECKS | grep -q IntFil
CONT_THREADS=0
# FIND ALL KNOWN INTERESTING SOFTWARE FILES
FIND_DIR_APPLICATIONS=`eval_bckgrd "find /applications -type d -name \".bluemix\" -o -name \"sites-enabled\" -o -name \"keyrings\" -o -name \".cloudflared\" -o -name \"seeddms*\" -o -name \".irssi\" -o -name \"neo4j\" -o -name \"zabbix\" -o -name \"mysql\" -o -name \"logstash\" -o -name \"ldap\" -o -name \"environments\" -o -name \"couchdb\" -o -name \"postfix\" -o -name \"roundcube\" -o -name \"cacti\" -o -name \"filezilla\" -o -name \".svn\" -o -name \".vnc\" -o -name \"sentry\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"`
FIND_DIR_BIN=`eval_bckgrd "find /bin -type d -name \".bluemix\" -o -name \"sites-enabled\" -o -name \"keyrings\" -o -name \".cloudflared\" -o -name \"seeddms*\" -o -name \".irssi\" -o -name \"neo4j\" -o -name \"zabbix\" -o -name \"mysql\" -o -name \"logstash\" -o -name \"ldap\" -o -name \"environments\" -o -name \"couchdb\" -o -name \"postfix\" -o -name \"roundcube\" -o -name \"cacti\" -o -name \"filezilla\" -o -name \".svn\" -o -name \".vnc\" -o -name \"sentry\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"`
FIND_DIR_CACHE=`eval_bckgrd "find /.cache -type d -name \".bluemix\" -o -name \"sites-enabled\" -o -name \"keyrings\" -o -name \".cloudflared\" -o -name \"seeddms*\" -o -name \".irssi\" -o -name \"neo4j\" -o -name \"zabbix\" -o -name \"mysql\" -o -name \"logstash\" -o -name \"ldap\" -o -name \"environments\" -o -name \"couchdb\" -o -name \"postfix\" -o -name \"roundcube\" -o -name \"cacti\" -o -name \"filezilla\" -o -name \".svn\" -o -name \".vnc\" -o -name \"sentry\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"`
FIND_DIR_CDROM=`eval_bckgrd "find /cdrom -type d -name \".bluemix\" -o -name \"sites-enabled\" -o -name \"keyrings\" -o -name \".cloudflared\" -o -name \"seeddms*\" -o -name \".irssi\" -o -name \"neo4j\" -o -name \"zabbix\" -o -name \"mysql\" -o -name \"logstash\" -o -name \"ldap\" -o -name \"environments\" -o -name \"couchdb\" -o -name \"postfix\" -o -name \"roundcube\" -o -name \"cacti\" -o -name \"filezilla\" -o -name \".svn\" -o -name \".vnc\" -o -name \"sentry\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"`
FIND_DIR_ETC=`eval_bckgrd "find /etc -type d -name \".bluemix\" -o -name \"sites-enabled\" -o -name \"keyrings\" -o -name \".cloudflared\" -o -name \"seeddms*\" -o -name \".irssi\" -o -name \"neo4j\" -o -name \"system.d\" -o -name \"zabbix\" -o -name \"mysql\" -o -name \"logstash\" -o -name \"ldap\" -o -name \"bind\" -o -name \"environments\" -o -name \"couchdb\" -o -name \"postfix\" -o -name \"roundcube\" -o -name \"cacti\" -o -name \"filezilla\" -o -name \".svn\" -o -name \".vnc\" -o -name \"sentry\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"`
FIND_DIR_HOMESEARCH=`eval_bckgrd "find $HOMESEARCH -type d -name \".bluemix\" -o -name \"sites-enabled\" -o -name \"keyrings\" -o -name \".cloudflared\" -o -name \"seeddms*\" -o -name \".irssi\" -o -name \"neo4j\" -o -name \"zabbix\" -o -name \"mysql\" -o -name \"logstash\" -o -name \"ldap\" -o -name \"environments\" -o -name \"couchdb\" -o -name \"postfix\" -o -name \"roundcube\" -o -name \"cacti\" -o -name \"filezilla\" -o -name \".svn\" -o -name \".vnc\" -o -name \"sentry\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"`
FIND_DIR_MEDIA=`eval_bckgrd "find /media -type d -name \".bluemix\" -o -name \"sites-enabled\" -o -name \"keyrings\" -o -name \".cloudflared\" -o -name \"seeddms*\" -o -name \".irssi\" -o -name \"neo4j\" -o -name \"zabbix\" -o -name \"mysql\" -o -name \"logstash\" -o -name \"ldap\" -o -name \"environments\" -o -name \"couchdb\" -o -name \"postfix\" -o -name \"roundcube\" -o -name \"cacti\" -o -name \"filezilla\" -o -name \".svn\" -o -name \".vnc\" -o -name \"sentry\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"`
FIND_DIR_MNT=`eval_bckgrd "find /mnt -type d -name \".bluemix\" -o -name \"sites-enabled\" -o -name \"keyrings\" -o -name \".cloudflared\" -o -name \"seeddms*\" -o -name \".irssi\" -o -name \"neo4j\" -o -name \"zabbix\" -o -name \"mysql\" -o -name \"logstash\" -o -name \"ldap\" -o -name \"environments\" -o -name \"couchdb\" -o -name \"postfix\" -o -name \"roundcube\" -o -name \"cacti\" -o -name \"filezilla\" -o -name \".svn\" -o -name \".vnc\" -o -name \"sentry\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"`
FIND_DIR_OPT=`eval_bckgrd "find /opt -type d -name \".bluemix\" -o -name \"sites-enabled\" -o -name \"keyrings\" -o -name \".cloudflared\" -o -name \"seeddms*\" -o -name \".irssi\" -o -name \"neo4j\" -o -name \"zabbix\" -o -name \"mysql\" -o -name \"logstash\" -o -name \"ldap\" -o -name \"environments\" -o -name \"couchdb\" -o -name \"postfix\" -o -name \"roundcube\" -o -name \"cacti\" -o -name \"filezilla\" -o -name \".svn\" -o -name \".vnc\" -o -name \"sentry\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"`
FIND_DIR_PRIVATE=`eval_bckgrd "find /private -type d -name \".bluemix\" -o -name \"sites-enabled\" -o -name \"keyrings\" -o -name \".cloudflared\" -o -name \"seeddms*\" -o -name \".irssi\" -o -name \"neo4j\" -o -name \"zabbix\" -o -name \"mysql\" -o -name \"logstash\" -o -name \"ldap\" -o -name \"environments\" -o -name \"couchdb\" -o -name \"postfix\" -o -name \"roundcube\" -o -name \"cacti\" -o -name \"filezilla\" -o -name \".svn\" -o -name \".vnc\" -o -name \"sentry\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"`
FIND_DIR_SBIN=`eval_bckgrd "find /sbin -type d -name \".bluemix\" -o -name \"sites-enabled\" -o -name \"keyrings\" -o -name \".cloudflared\" -o -name \"seeddms*\" -o -name \".irssi\" -o -name \"neo4j\" -o -name \"zabbix\" -o -name \"mysql\" -o -name \"logstash\" -o -name \"ldap\" -o -name \"environments\" -o -name \"couchdb\" -o -name \"postfix\" -o -name \"roundcube\" -o -name \"cacti\" -o -name \"filezilla\" -o -name \".svn\" -o -name \".vnc\" -o -name \"sentry\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"`
FIND_DIR_SNAP=`eval_bckgrd "find /snap -type d -name \".bluemix\" -o -name \"sites-enabled\" -o -name \"keyrings\" -o -name \".cloudflared\" -o -name \"seeddms*\" -o -name \".irssi\" -o -name \"neo4j\" -o -name \"zabbix\" -o -name \"mysql\" -o -name \"logstash\" -o -name \"ldap\" -o -name \"environments\" -o -name \"couchdb\" -o -name \"postfix\" -o -name \"roundcube\" -o -name \"cacti\" -o -name \"filezilla\" -o -name \".svn\" -o -name \".vnc\" -o -name \"sentry\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"`
FIND_DIR_SRV=`eval_bckgrd "find /srv -type d -name \".bluemix\" -o -name \"sites-enabled\" -o -name \"keyrings\" -o -name \".cloudflared\" -o -name \"seeddms*\" -o -name \".irssi\" -o -name \"neo4j\" -o -name \"zabbix\" -o -name \"mysql\" -o -name \"logstash\" -o -name \"ldap\" -o -name \"environments\" -o -name \"couchdb\" -o -name \"postfix\" -o -name \"roundcube\" -o -name \"cacti\" -o -name \"filezilla\" -o -name \".svn\" -o -name \".vnc\" -o -name \"sentry\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"`
FIND_DIR_TMP=`eval_bckgrd "find /tmp -type d -name \".bluemix\" -o -name \"sites-enabled\" -o -name \"keyrings\" -o -name \".cloudflared\" -o -name \"seeddms*\" -o -name \".irssi\" -o -name \"neo4j\" -o -name \"zabbix\" -o -name \"mysql\" -o -name \"logstash\" -o -name \"ldap\" -o -name \"environments\" -o -name \"couchdb\" -o -name \"postfix\" -o -name \"roundcube\" -o -name \"cacti\" -o -name \"filezilla\" -o -name \".svn\" -o -name \".vnc\" -o -name \"sentry\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"`
FIND_DIR_USR=`eval_bckgrd "find /usr -type d -name \".bluemix\" -o -name \"sites-enabled\" -o -name \"keyrings\" -o -name \".cloudflared\" -o -name \"seeddms*\" -o -name \".irssi\" -o -name \"neo4j\" -o -name \"zabbix\" -o -name \"mysql\" -o -name \"logstash\" -o -name \"ldap\" -o -name \"bind\" -o -name \"environments\" -o -name \"couchdb\" -o -name \"postfix\" -o -name \"roundcube\" -o -name \"cacti\" -o -name \"filezilla\" -o -name \".svn\" -o -name \".vnc\" -o -name \"sentry\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"`
FIND_DIR_VAR=`eval_bckgrd "find /var -type d -name \".bluemix\" -o -name \"sites-enabled\" -o -name \"keyrings\" -o -name \".cloudflared\" -o -name \"seeddms*\" -o -name \".irssi\" -o -name \"neo4j\" -o -name \"zabbix\" -o -name \"mysql\" -o -name \"logstash\" -o -name \"ldap\" -o -name \"bind\" -o -name \"environments\" -o -name \"couchdb\" -o -name \"postfix\" -o -name \"roundcube\" -o -name \"cacti\" -o -name \"filezilla\" -o -name \".svn\" -o -name \".vnc\" -o -name \"sentry\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"`
FIND_APPLICATIONS=`eval_bckgrd "find /applications -name \"racoon.conf\" -o -name \".sudo_as_admin_successful\" -o -name \"psk.txt\" -o -name \"filezilla.xml\" -o -name \"rsyncd.secrets\" -o -name \"secrets.ldb\" -o -name \"pagefile.sys\" -o -name \"docker.socket\" -o -name \"setupinfo.bak\" -o -name \"supervisord.conf\" -o -name \"unattend.txt\" -o -name \".recently-used.xbel\" -o -name \"setupinfo\" -o -name \"*.csr\" -o -name \"software.sav\" -o -name \".git\" -o -name \"mariadb.cnf\" -o -name \"accessTokens.json\" -o -name \".bashrc\" -o -name \".plan\" -o -name \"settings.php\" -o -name \".github\" -o -name \"authorized_hosts\" -o -name \"cloud.cfg\" -o -name \"*config*.php\" -o -name \"azureProfile.json\" -o -name \"autologin\" -o -name \"*.db\" -o -name \".k5login\" -o -name \"*.sqlite\" -o -name \"SYSTEM\" -o -name \"default.sav\" -o -name \"software\" -o -name \"httpd.conf\" -o -name \".vault-token\" -o -name \"sites.ini\" -o -name \"db.php\" -o -name \".htpasswd\" -o -name \".*_history.*\" -o -name \"wp-config.php\" -o -name \"config.php\" -o -name \"Dockerfile\" -o -name \"authorized_keys\" -o -name \"*.der\" -o -name \"sitemanager.xml\" -o -name \"KeePass.enforced*\" -o -name \"*.p12\" -o -name \"*.kdbx\" -o -name \"pg_hba.conf\" -o -name \"*.keyring\" -o -name \"ipsec.secrets\" -o -name \"*credential*\" -o -name \".wgetrc\" -o -name \"ipsec.conf\" -o -name \"sysprep.inf\" -o -name \"passwd\" -o -name \"drives.xml\" -o -name \".gitconfig\" -o -name \"ftp.config\" -o -name \".secrets.mkey\" -o -name \"legacy_credentials.db\" -o -name \"wcx_ftp.ini\" -o -name \"id_dsa*\" -o -name \".erlang.cookie\" -o -name \"krb5.keytab\" -o -name \"mongod*.conf\" -o -name \"unattended.xml\" -o -name \"influxdb.conf\" -o -name \"docker.sock\" -o -name \"zabbix_agentd.conf\" -o -name \"gitlab.rm\" -o -name \"scclient.exe\" -o -name \"*.cer\" -o -name \"gvm-tools.conf\" -o -name \"kadm5.acl\" -o -name \"*.gpg\" -o -name \"tomcat-users.xml\" -o -name \"AzureRMContext.json\" -o -name \"error.log\" -o -name \"sysprep.xml\" -o -name \".git-credentials\" -o -name \"kcpassword\" -o -name \"*.swp\" -o -name \"KeePass.config*\" -o -name \"winscp.ini\" -o -name \".profile\" -o -name \"my.ini\" -o -name \"printers.xml\" -o -name \"elasticsearch.y*ml\" -o -name \"SecEvent.Evt\" -o -name \"ffftp.ini\" -o -name \"anaconda-ks.cfg\" -o -name \"php.ini\" -o -name \"credentials.db\" -o -name \"*.jks\" -o -name \"index.dat\" -o -name \"recentservers.xml\" -o -name \"*vnc*.txt\" -o -name \"my.cnf\" -o -name \"*.keystore\" -o -name \"*password*\" -o -name \"database.php\" -o -name \"hosts.equiv\" -o -name \"bash.exe\" -o -name \"backups\" -o -name \"docker-compose.yml\" -o -name \".env\" -o -name \"*.socket\" -o -name \"access_tokens.json\" -o -name \"*.gnupg\" -o -name \"protecteduserkey.bin\" -o -name \"system.sav\" -o -name \"security.sav\" -o -name \"kibana.y*ml\" -o -name \"jetty-realm.properties\" -o -name \"known_hosts\" -o -name \"datasources.xml\" -o -name \"rsyncd.conf\" -o -name \"ws_ftp.ini\" -o -name \"https-xampp.conf\" -o -name \"cesi.conf\" -o -name \"access_tokens.db\" -o -name \"autologin.conf\" -o -name \"unattend.inf\" -o -name \"*.rdg\" -o -name \"*.ftpconfig\" -o -name \"hostapd.conf\" -o -name \"groups.xml\" -o -name \"sssd.conf\" -o -name \"*.pem\" -o -name \"*.service\" -o -name \"*vnc*.ini\" -o -name \"web*.config\" -o -name \"*.pgp\" -o -name \".pypirc\" -o -name \"sentry.conf.py\" -o -name \"*.pfx\" -o -name \"*.crt\" -o -name \"snmpd.conf\" -o -name \"Ntds.dit\" -o -name \"access.log\" -o -name \"unattend.xml\" -o -name \".msmtprc\" -o -name \"*vnc*.c*nf*\" -o -name \"storage.php\" -o -name \"passbolt.php\" -o -name \"SAM\" -o -name \"mosquitto.conf\" -o -name \".lesshst\" -o -name \"zabbix_server.conf\" -o -name \"NetSetup.log\" -o -name \".google_authenticator\" -o -name \"pgsql.conf\" -o -name \"https.conf\" -o -name \"fastcgi_params\" -o -name \"secrets.yml\" -o -name \"pgadmin*.db\" -o -name \"wsl.exe\" -o -name \"ftp.ini\" -o -name \"*.timer\" -o -name \"id_rsa*\" -o -name \"KeePass.ini\" -o -name \"gitlab.yml\" -o -name \".rhosts\" -o -name \"*.key\" -o -name \"*.sqlite3\" -o -name \"RDCMan.settings\" -o -name \"ntuser.dat\" -o -name \"server.xml\" -o -name \"redis.conf\" -o -name \"debian.cnf\" -o -name \"iis6.log\" -o -name \"*.viminfo\" -o -name \"000-default.conf\" -o -name \"krb5.conf\" -o -name \"backup\" -o -name \"ConsoleHost_history.txt\" -o -name \"TokenCache.dat\" -o -name \"postgresql.conf\" -o -name \"creds*\" -o -name \"*vnc*.xml\" -o -name \"FreeSSHDservice.ini\" -o -name \"appcmd.exe\" -o -name \"vault-ssh-helper.hcl\" -o -name \"AppEvent.Evt\" -o -name \"scheduledtasks.xml\" -o -name \"credentials\" -o -name \"*.ovpn\" -o -name \".ldaprc\" -o -name \"ddclient.conf\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"`
FIND_BIN=`eval_bckgrd "find /bin -name \"racoon.conf\" -o -name \".sudo_as_admin_successful\" -o -name \"psk.txt\" -o -name \"filezilla.xml\" -o -name \"rsyncd.secrets\" -o -name \"secrets.ldb\" -o -name \"pagefile.sys\" -o -name \"docker.socket\" -o -name \"setupinfo.bak\" -o -name \"supervisord.conf\" -o -name \"unattend.txt\" -o -name \".recently-used.xbel\" -o -name \"setupinfo\" -o -name \"*.csr\" -o -name \"software.sav\" -o -name \".git\" -o -name \"mariadb.cnf\" -o -name \"accessTokens.json\" -o -name \".bashrc\" -o -name \".plan\" -o -name \"settings.php\" -o -name \".github\" -o -name \"authorized_hosts\" -o -name \"cloud.cfg\" -o -name \"*config*.php\" -o -name \"azureProfile.json\" -o -name \"autologin\" -o -name \"*.db\" -o -name \".k5login\" -o -name \"*.sqlite\" -o -name \"SYSTEM\" -o -name \"default.sav\" -o -name \"software\" -o -name \"httpd.conf\" -o -name \".vault-token\" -o -name \"sites.ini\" -o -name \"db.php\" -o -name \".htpasswd\" -o -name \".*_history.*\" -o -name \"wp-config.php\" -o -name \"config.php\" -o -name \"Dockerfile\" -o -name \"authorized_keys\" -o -name \"*.der\" -o -name \"sitemanager.xml\" -o -name \"KeePass.enforced*\" -o -name \"*.p12\" -o -name \"*.kdbx\" -o -name \"pg_hba.conf\" -o -name \"*.keyring\" -o -name \"ipsec.secrets\" -o -name \"*credential*\" -o -name \".wgetrc\" -o -name \"ipsec.conf\" -o -name \"sysprep.inf\" -o -name \"passwd\" -o -name \"drives.xml\" -o -name \".gitconfig\" -o -name \"ftp.config\" -o -name \".secrets.mkey\" -o -name \"legacy_credentials.db\" -o -name \"wcx_ftp.ini\" -o -name \"id_dsa*\" -o -name \".erlang.cookie\" -o -name \"krb5.keytab\" -o -name \"mongod*.conf\" -o -name \"unattended.xml\" -o -name \"influxdb.conf\" -o -name \"docker.sock\" -o -name \"zabbix_agentd.conf\" -o -name \"gitlab.rm\" -o -name \"scclient.exe\" -o -name \"*.cer\" -o -name \"gvm-tools.conf\" -o -name \"kadm5.acl\" -o -name \"*.gpg\" -o -name \"tomcat-users.xml\" -o -name \"AzureRMContext.json\" -o -name \"error.log\" -o -name \"sysprep.xml\" -o -name \".git-credentials\" -o -name \"kcpassword\" -o -name \"*.swp\" -o -name \"KeePass.config*\" -o -name \"winscp.ini\" -o -name \".profile\" -o -name \"my.ini\" -o -name \"printers.xml\" -o -name \"elasticsearch.y*ml\" -o -name \"SecEvent.Evt\" -o -name \"ffftp.ini\" -o -name \"anaconda-ks.cfg\" -o -name \"php.ini\" -o -name \"credentials.db\" -o -name \"*.jks\" -o -name \"index.dat\" -o -name \"recentservers.xml\" -o -name \"*vnc*.txt\" -o -name \"my.cnf\" -o -name \"*.keystore\" -o -name \"*password*\" -o -name \"database.php\" -o -name \"hosts.equiv\" -o -name \"bash.exe\" -o -name \"backups\" -o -name \"docker-compose.yml\" -o -name \".env\" -o -name \"*.socket\" -o -name \"access_tokens.json\" -o -name \"*.gnupg\" -o -name \"protecteduserkey.bin\" -o -name \"system.sav\" -o -name \"security.sav\" -o -name \"kibana.y*ml\" -o -name \"jetty-realm.properties\" -o -name \"known_hosts\" -o -name \"datasources.xml\" -o -name \"rsyncd.conf\" -o -name \"ws_ftp.ini\" -o -name \"https-xampp.conf\" -o -name \"cesi.conf\" -o -name \"access_tokens.db\" -o -name \"autologin.conf\" -o -name \"unattend.inf\" -o -name \"*.rdg\" -o -name \"*.ftpconfig\" -o -name \"hostapd.conf\" -o -name \"groups.xml\" -o -name \"sssd.conf\" -o -name \"*.pem\" -o -name \"*.service\" -o -name \"*vnc*.ini\" -o -name \"web*.config\" -o -name \"*.pgp\" -o -name \".pypirc\" -o -name \"sentry.conf.py\" -o -name \"*.pfx\" -o -name \"*.crt\" -o -name \"snmpd.conf\" -o -name \"Ntds.dit\" -o -name \"access.log\" -o -name \"unattend.xml\" -o -name \".msmtprc\" -o -name \"*vnc*.c*nf*\" -o -name \"storage.php\" -o -name \"passbolt.php\" -o -name \"SAM\" -o -name \"mosquitto.conf\" -o -name \".lesshst\" -o -name \"zabbix_server.conf\" -o -name \"NetSetup.log\" -o -name \".google_authenticator\" -o -name \"pgsql.conf\" -o -name \"https.conf\" -o -name \"fastcgi_params\" -o -name \"secrets.yml\" -o -name \"pgadmin*.db\" -o -name \"wsl.exe\" -o -name \"ftp.ini\" -o -name \"*.timer\" -o -name \"id_rsa*\" -o -name \"KeePass.ini\" -o -name \"gitlab.yml\" -o -name \".rhosts\" -o -name \"*.key\" -o -name \"*.sqlite3\" -o -name \"RDCMan.settings\" -o -name \"ntuser.dat\" -o -name \"server.xml\" -o -name \"redis.conf\" -o -name \"debian.cnf\" -o -name \"iis6.log\" -o -name \"*.viminfo\" -o -name \"000-default.conf\" -o -name \"krb5.conf\" -o -name \"backup\" -o -name \"ConsoleHost_history.txt\" -o -name \"TokenCache.dat\" -o -name \"postgresql.conf\" -o -name \"creds*\" -o -name \"*vnc*.xml\" -o -name \"FreeSSHDservice.ini\" -o -name \"appcmd.exe\" -o -name \"vault-ssh-helper.hcl\" -o -name \"AppEvent.Evt\" -o -name \"scheduledtasks.xml\" -o -name \"credentials\" -o -name \"*.ovpn\" -o -name \".ldaprc\" -o -name \"ddclient.conf\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"`
FIND_CACHE=`eval_bckgrd "find /.cache -name \"racoon.conf\" -o -name \".sudo_as_admin_successful\" -o -name \"psk.txt\" -o -name \"filezilla.xml\" -o -name \"rsyncd.secrets\" -o -name \"secrets.ldb\" -o -name \"pagefile.sys\" -o -name \"docker.socket\" -o -name \"setupinfo.bak\" -o -name \"supervisord.conf\" -o -name \"unattend.txt\" -o -name \".recently-used.xbel\" -o -name \"setupinfo\" -o -name \"*.csr\" -o -name \"software.sav\" -o -name \".git\" -o -name \"mariadb.cnf\" -o -name \"accessTokens.json\" -o -name \".bashrc\" -o -name \".plan\" -o -name \"settings.php\" -o -name \".github\" -o -name \"authorized_hosts\" -o -name \"cloud.cfg\" -o -name \"*config*.php\" -o -name \"azureProfile.json\" -o -name \"autologin\" -o -name \"*.db\" -o -name \".k5login\" -o -name \"*.sqlite\" -o -name \"SYSTEM\" -o -name \"default.sav\" -o -name \"software\" -o -name \"httpd.conf\" -o -name \".vault-token\" -o -name \"sites.ini\" -o -name \"db.php\" -o -name \".htpasswd\" -o -name \".*_history.*\" -o -name \"wp-config.php\" -o -name \"config.php\" -o -name \"Dockerfile\" -o -name \"authorized_keys\" -o -name \"*.der\" -o -name \"sitemanager.xml\" -o -name \"KeePass.enforced*\" -o -name \"*.p12\" -o -name \"*.kdbx\" -o -name \"pg_hba.conf\" -o -name \"*.keyring\" -o -name \"ipsec.secrets\" -o -name \"*credential*\" -o -name \".wgetrc\" -o -name \"ipsec.conf\" -o -name \"sysprep.inf\" -o -name \"passwd\" -o -name \"drives.xml\" -o -name \".gitconfig\" -o -name \"ftp.config\" -o -name \".secrets.mkey\" -o -name \"legacy_credentials.db\" -o -name \"wcx_ftp.ini\" -o -name \"id_dsa*\" -o -name \".erlang.cookie\" -o -name \"krb5.keytab\" -o -name \"mongod*.conf\" -o -name \"unattended.xml\" -o -name \"influxdb.conf\" -o -name \"docker.sock\" -o -name \"zabbix_agentd.conf\" -o -name \"gitlab.rm\" -o -name \"scclient.exe\" -o -name \"*.cer\" -o -name \"gvm-tools.conf\" -o -name \"kadm5.acl\" -o -name \"*.gpg\" -o -name \"tomcat-users.xml\" -o -name \"AzureRMContext.json\" -o -name \"error.log\" -o -name \"sysprep.xml\" -o -name \".git-credentials\" -o -name \"kcpassword\" -o -name \"*.swp\" -o -name \"KeePass.config*\" -o -name \"winscp.ini\" -o -name \".profile\" -o -name \"my.ini\" -o -name \"printers.xml\" -o -name \"elasticsearch.y*ml\" -o -name \"SecEvent.Evt\" -o -name \"ffftp.ini\" -o -name \"anaconda-ks.cfg\" -o -name \"php.ini\" -o -name \"credentials.db\" -o -name \"*.jks\" -o -name \"index.dat\" -o -name \"recentservers.xml\" -o -name \"*vnc*.txt\" -o -name \"my.cnf\" -o -name \"*.keystore\" -o -name \"*password*\" -o -name \"database.php\" -o -name \"hosts.equiv\" -o -name \"bash.exe\" -o -name \"backups\" -o -name \"docker-compose.yml\" -o -name \".env\" -o -name \"*.socket\" -o -name \"access_tokens.json\" -o -name \"*.gnupg\" -o -name \"protecteduserkey.bin\" -o -name \"system.sav\" -o -name \"security.sav\" -o -name \"kibana.y*ml\" -o -name \"jetty-realm.properties\" -o -name \"known_hosts\" -o -name \"datasources.xml\" -o -name \"rsyncd.conf\" -o -name \"ws_ftp.ini\" -o -name \"https-xampp.conf\" -o -name \"cesi.conf\" -o -name \"access_tokens.db\" -o -name \"autologin.conf\" -o -name \"unattend.inf\" -o -name \"*.rdg\" -o -name \"*.ftpconfig\" -o -name \"hostapd.conf\" -o -name \"groups.xml\" -o -name \"sssd.conf\" -o -name \"*.pem\" -o -name \"*.service\" -o -name \"*vnc*.ini\" -o -name \"web*.config\" -o -name \"*.pgp\" -o -name \".pypirc\" -o -name \"sentry.conf.py\" -o -name \"*.pfx\" -o -name \"*.crt\" -o -name \"snmpd.conf\" -o -name \"Ntds.dit\" -o -name \"access.log\" -o -name \"unattend.xml\" -o -name \".msmtprc\" -o -name \"*vnc*.c*nf*\" -o -name \"storage.php\" -o -name \"passbolt.php\" -o -name \"SAM\" -o -name \"mosquitto.conf\" -o -name \".lesshst\" -o -name \"zabbix_server.conf\" -o -name \"NetSetup.log\" -o -name \".google_authenticator\" -o -name \"pgsql.conf\" -o -name \"https.conf\" -o -name \"fastcgi_params\" -o -name \"secrets.yml\" -o -name \"pgadmin*.db\" -o -name \"wsl.exe\" -o -name \"ftp.ini\" -o -name \"*.timer\" -o -name \"id_rsa*\" -o -name \"KeePass.ini\" -o -name \"gitlab.yml\" -o -name \".rhosts\" -o -name \"*.key\" -o -name \"*.sqlite3\" -o -name \"RDCMan.settings\" -o -name \"ntuser.dat\" -o -name \"server.xml\" -o -name \"redis.conf\" -o -name \"debian.cnf\" -o -name \"iis6.log\" -o -name \"*.viminfo\" -o -name \"000-default.conf\" -o -name \"krb5.conf\" -o -name \"backup\" -o -name \"ConsoleHost_history.txt\" -o -name \"TokenCache.dat\" -o -name \"postgresql.conf\" -o -name \"creds*\" -o -name \"*vnc*.xml\" -o -name \"FreeSSHDservice.ini\" -o -name \"appcmd.exe\" -o -name \"vault-ssh-helper.hcl\" -o -name \"AppEvent.Evt\" -o -name \"scheduledtasks.xml\" -o -name \"credentials\" -o -name \"*.ovpn\" -o -name \".ldaprc\" -o -name \"ddclient.conf\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"`
FIND_CDROM=`eval_bckgrd "find /cdrom -name \"racoon.conf\" -o -name \".sudo_as_admin_successful\" -o -name \"psk.txt\" -o -name \"filezilla.xml\" -o -name \"rsyncd.secrets\" -o -name \"secrets.ldb\" -o -name \"pagefile.sys\" -o -name \"docker.socket\" -o -name \"setupinfo.bak\" -o -name \"supervisord.conf\" -o -name \"unattend.txt\" -o -name \".recently-used.xbel\" -o -name \"setupinfo\" -o -name \"*.csr\" -o -name \"software.sav\" -o -name \".git\" -o -name \"mariadb.cnf\" -o -name \"accessTokens.json\" -o -name \".bashrc\" -o -name \".plan\" -o -name \"settings.php\" -o -name \".github\" -o -name \"authorized_hosts\" -o -name \"cloud.cfg\" -o -name \"*config*.php\" -o -name \"azureProfile.json\" -o -name \"autologin\" -o -name \"*.db\" -o -name \".k5login\" -o -name \"*.sqlite\" -o -name \"SYSTEM\" -o -name \"default.sav\" -o -name \"software\" -o -name \"httpd.conf\" -o -name \".vault-token\" -o -name \"sites.ini\" -o -name \"db.php\" -o -name \".htpasswd\" -o -name \".*_history.*\" -o -name \"wp-config.php\" -o -name \"config.php\" -o -name \"Dockerfile\" -o -name \"authorized_keys\" -o -name \"*.der\" -o -name \"sitemanager.xml\" -o -name \"KeePass.enforced*\" -o -name \"*.p12\" -o -name \"*.kdbx\" -o -name \"pg_hba.conf\" -o -name \"*.keyring\" -o -name \"ipsec.secrets\" -o -name \"*credential*\" -o -name \".wgetrc\" -o -name \"ipsec.conf\" -o -name \"sysprep.inf\" -o -name \"passwd\" -o -name \"drives.xml\" -o -name \".gitconfig\" -o -name \"ftp.config\" -o -name \".secrets.mkey\" -o -name \"legacy_credentials.db\" -o -name \"wcx_ftp.ini\" -o -name \"id_dsa*\" -o -name \".erlang.cookie\" -o -name \"krb5.keytab\" -o -name \"mongod*.conf\" -o -name \"unattended.xml\" -o -name \"influxdb.conf\" -o -name \"docker.sock\" -o -name \"zabbix_agentd.conf\" -o -name \"gitlab.rm\" -o -name \"scclient.exe\" -o -name \"*.cer\" -o -name \"gvm-tools.conf\" -o -name \"kadm5.acl\" -o -name \"*.gpg\" -o -name \"tomcat-users.xml\" -o -name \"AzureRMContext.json\" -o -name \"error.log\" -o -name \"sysprep.xml\" -o -name \".git-credentials\" -o -name \"kcpassword\" -o -name \"*.swp\" -o -name \"KeePass.config*\" -o -name \"winscp.ini\" -o -name \".profile\" -o -name \"my.ini\" -o -name \"printers.xml\" -o -name \"elasticsearch.y*ml\" -o -name \"SecEvent.Evt\" -o -name \"ffftp.ini\" -o -name \"anaconda-ks.cfg\" -o -name \"php.ini\" -o -name \"credentials.db\" -o -name \"*.jks\" -o -name \"index.dat\" -o -name \"recentservers.xml\" -o -name \"*vnc*.txt\" -o -name \"my.cnf\" -o -name \"*.keystore\" -o -name \"*password*\" -o -name \"database.php\" -o -name \"hosts.equiv\" -o -name \"bash.exe\" -o -name \"backups\" -o -name \"docker-compose.yml\" -o -name \".env\" -o -name \"*.socket\" -o -name \"access_tokens.json\" -o -name \"*.gnupg\" -o -name \"protecteduserkey.bin\" -o -name \"system.sav\" -o -name \"security.sav\" -o -name \"kibana.y*ml\" -o -name \"jetty-realm.properties\" -o -name \"known_hosts\" -o -name \"datasources.xml\" -o -name \"rsyncd.conf\" -o -name \"ws_ftp.ini\" -o -name \"https-xampp.conf\" -o -name \"cesi.conf\" -o -name \"access_tokens.db\" -o -name \"autologin.conf\" -o -name \"unattend.inf\" -o -name \"*.rdg\" -o -name \"*.ftpconfig\" -o -name \"hostapd.conf\" -o -name \"groups.xml\" -o -name \"sssd.conf\" -o -name \"*.pem\" -o -name \"*.service\" -o -name \"*vnc*.ini\" -o -name \"web*.config\" -o -name \"*.pgp\" -o -name \".pypirc\" -o -name \"sentry.conf.py\" -o -name \"*.pfx\" -o -name \"*.crt\" -o -name \"snmpd.conf\" -o -name \"Ntds.dit\" -o -name \"access.log\" -o -name \"unattend.xml\" -o -name \".msmtprc\" -o -name \"*vnc*.c*nf*\" -o -name \"storage.php\" -o -name \"passbolt.php\" -o -name \"SAM\" -o -name \"mosquitto.conf\" -o -name \".lesshst\" -o -name \"zabbix_server.conf\" -o -name \"NetSetup.log\" -o -name \".google_authenticator\" -o -name \"pgsql.conf\" -o -name \"https.conf\" -o -name \"fastcgi_params\" -o -name \"secrets.yml\" -o -name \"pgadmin*.db\" -o -name \"wsl.exe\" -o -name \"ftp.ini\" -o -name \"*.timer\" -o -name \"id_rsa*\" -o -name \"KeePass.ini\" -o -name \"gitlab.yml\" -o -name \".rhosts\" -o -name \"*.key\" -o -name \"*.sqlite3\" -o -name \"RDCMan.settings\" -o -name \"ntuser.dat\" -o -name \"server.xml\" -o -name \"redis.conf\" -o -name \"debian.cnf\" -o -name \"iis6.log\" -o -name \"*.viminfo\" -o -name \"000-default.conf\" -o -name \"krb5.conf\" -o -name \"backup\" -o -name \"ConsoleHost_history.txt\" -o -name \"TokenCache.dat\" -o -name \"postgresql.conf\" -o -name \"creds*\" -o -name \"*vnc*.xml\" -o -name \"FreeSSHDservice.ini\" -o -name \"appcmd.exe\" -o -name \"vault-ssh-helper.hcl\" -o -name \"AppEvent.Evt\" -o -name \"scheduledtasks.xml\" -o -name \"credentials\" -o -name \"*.ovpn\" -o -name \".ldaprc\" -o -name \"ddclient.conf\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"`
FIND_ETC=`eval_bckgrd "find /etc -name \"racoon.conf\" -o -name \".sudo_as_admin_successful\" -o -name \"psk.txt\" -o -name \"filezilla.xml\" -o -name \"rsyncd.secrets\" -o -name \"secrets.ldb\" -o -name \"pagefile.sys\" -o -name \"docker.socket\" -o -name \"setupinfo.bak\" -o -name \"supervisord.conf\" -o -name \"unattend.txt\" -o -name \".recently-used.xbel\" -o -name \"setupinfo\" -o -name \"*.csr\" -o -name \"software.sav\" -o -name \".git\" -o -name \"mariadb.cnf\" -o -name \"accessTokens.json\" -o -name \".bashrc\" -o -name \".plan\" -o -name \"settings.php\" -o -name \".github\" -o -name \"authorized_hosts\" -o -name \"cloud.cfg\" -o -name \"*config*.php\" -o -name \"azureProfile.json\" -o -name \"autologin\" -o -name \"*.db\" -o -name \".k5login\" -o -name \"*.sqlite\" -o -name \"SYSTEM\" -o -name \"default.sav\" -o -name \"software\" -o -name \"httpd.conf\" -o -name \".vault-token\" -o -name \"sites.ini\" -o -name \"db.php\" -o -name \".htpasswd\" -o -name \".*_history.*\" -o -name \"wp-config.php\" -o -name \"config.php\" -o -name \"Dockerfile\" -o -name \"authorized_keys\" -o -name \"*.der\" -o -name \"sitemanager.xml\" -o -name \"KeePass.enforced*\" -o -name \"*.p12\" -o -name \"*.kdbx\" -o -name \"pg_hba.conf\" -o -name \"*.keyring\" -o -name \"ipsec.secrets\" -o -name \"*credential*\" -o -name \".wgetrc\" -o -name \"ipsec.conf\" -o -name \"sysprep.inf\" -o -name \"passwd\" -o -name \"*knockd*\" -o -name \".gitconfig\" -o -name \"drives.xml\" -o -name \"ftp.config\" -o -name \".secrets.mkey\" -o -name \"legacy_credentials.db\" -o -name \"wcx_ftp.ini\" -o -name \"id_dsa*\" -o -name \".erlang.cookie\" -o -name \"krb5.keytab\" -o -name \"mongod*.conf\" -o -name \"unattended.xml\" -o -name \"influxdb.conf\" -o -name \"docker.sock\" -o -name \"zabbix_agentd.conf\" -o -name \"gitlab.rm\" -o -name \"scclient.exe\" -o -name \"*.cer\" -o -name \"gvm-tools.conf\" -o -name \"kadm5.acl\" -o -name \"*.gpg\" -o -name \"tomcat-users.xml\" -o -name \"AzureRMContext.json\" -o -name \"error.log\" -o -name \"sysprep.xml\" -o -name \".git-credentials\" -o -name \"kcpassword\" -o -name \"*.swp\" -o -name \"KeePass.config*\" -o -name \"winscp.ini\" -o -name \".profile\" -o -name \"my.ini\" -o -name \"printers.xml\" -o -name \"elasticsearch.y*ml\" -o -name \"SecEvent.Evt\" -o -name \"ffftp.ini\" -o -name \"anaconda-ks.cfg\" -o -name \"php.ini\" -o -name \"credentials.db\" -o -name \"*.jks\" -o -name \"index.dat\" -o -name \"recentservers.xml\" -o -name \"*vnc*.txt\" -o -name \"my.cnf\" -o -name \"*.keystore\" -o -name \"*password*\" -o -name \"database.php\" -o -name \"hosts.equiv\" -o -name \"bash.exe\" -o -name \"backups\" -o -name \"docker-compose.yml\" -o -name \".env\" -o -name \"*.socket\" -o -name \"access_tokens.json\" -o -name \"*.gnupg\" -o -name \"protecteduserkey.bin\" -o -name \"system.sav\" -o -name \"security.sav\" -o -name \"kibana.y*ml\" -o -name \"jetty-realm.properties\" -o -name \"known_hosts\" -o -name \"datasources.xml\" -o -name \"rsyncd.conf\" -o -name \"ws_ftp.ini\" -o -name \"https-xampp.conf\" -o -name \"cesi.conf\" -o -name \"access_tokens.db\" -o -name \"autologin.conf\" -o -name \"unattend.inf\" -o -name \"*.rdg\" -o -name \"*.ftpconfig\" -o -name \"hostapd.conf\" -o -name \"groups.xml\" -o -name \"sssd.conf\" -o -name \"*.pem\" -o -name \"*.service\" -o -name \"*vnc*.ini\" -o -name \"web*.config\" -o -name \"*.pgp\" -o -name \".pypirc\" -o -name \"sentry.conf.py\" -o -name \"*.pfx\" -o -name \"*.crt\" -o -name \"snmpd.conf\" -o -name \"Ntds.dit\" -o -name \"access.log\" -o -name \"unattend.xml\" -o -name \".msmtprc\" -o -name \"*vnc*.c*nf*\" -o -name \"storage.php\" -o -name \"passbolt.php\" -o -name \"SAM\" -o -name \"mosquitto.conf\" -o -name \".lesshst\" -o -name \"zabbix_server.conf\" -o -name \"NetSetup.log\" -o -name \".google_authenticator\" -o -name \"pgsql.conf\" -o -name \"https.conf\" -o -name \"fastcgi_params\" -o -name \"secrets.yml\" -o -name \"pgadmin*.db\" -o -name \"wsl.exe\" -o -name \"ftp.ini\" -o -name \"*.timer\" -o -name \"id_rsa*\" -o -name \"KeePass.ini\" -o -name \"gitlab.yml\" -o -name \".rhosts\" -o -name \"*.key\" -o -name \"*.sqlite3\" -o -name \"RDCMan.settings\" -o -name \"ntuser.dat\" -o -name \"server.xml\" -o -name \"redis.conf\" -o -name \"debian.cnf\" -o -name \"iis6.log\" -o -name \"*.viminfo\" -o -name \"000-default.conf\" -o -name \"krb5.conf\" -o -name \"backup\" -o -name \"ConsoleHost_history.txt\" -o -name \"TokenCache.dat\" -o -name \"postgresql.conf\" -o -name \"creds*\" -o -name \"*vnc*.xml\" -o -name \"FreeSSHDservice.ini\" -o -name \"appcmd.exe\" -o -name \"vault-ssh-helper.hcl\" -o -name \"AppEvent.Evt\" -o -name \"scheduledtasks.xml\" -o -name \"credentials\" -o -name \"*.ovpn\" -o -name \".ldaprc\" -o -name \"ddclient.conf\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"`
FIND_HOMESEARCH=`eval_bckgrd "find $HOMESEARCH -name \"racoon.conf\" -o -name \".sudo_as_admin_successful\" -o -name \"psk.txt\" -o -name \"filezilla.xml\" -o -name \"rsyncd.secrets\" -o -name \"secrets.ldb\" -o -name \"pagefile.sys\" -o -name \"docker.socket\" -o -name \"setupinfo.bak\" -o -name \"supervisord.conf\" -o -name \"unattend.txt\" -o -name \".recently-used.xbel\" -o -name \"setupinfo\" -o -name \"*.csr\" -o -name \"software.sav\" -o -name \".git\" -o -name \"mariadb.cnf\" -o -name \"accessTokens.json\" -o -name \".bashrc\" -o -name \".plan\" -o -name \"settings.php\" -o -name \".github\" -o -name \"authorized_hosts\" -o -name \"cloud.cfg\" -o -name \"*config*.php\" -o -name \"azureProfile.json\" -o -name \"autologin\" -o -name \"*.db\" -o -name \".k5login\" -o -name \"*.sqlite\" -o -name \"SYSTEM\" -o -name \"default.sav\" -o -name \"software\" -o -name \"httpd.conf\" -o -name \".vault-token\" -o -name \"sites.ini\" -o -name \"db.php\" -o -name \".htpasswd\" -o -name \".*_history.*\" -o -name \"wp-config.php\" -o -name \"config.php\" -o -name \"Dockerfile\" -o -name \"authorized_keys\" -o -name \"*.der\" -o -name \"sitemanager.xml\" -o -name \"KeePass.enforced*\" -o -name \"*.p12\" -o -name \"*.kdbx\" -o -name \"pg_hba.conf\" -o -name \"*.keyring\" -o -name \"ipsec.secrets\" -o -name \"*credential*\" -o -name \".wgetrc\" -o -name \"ipsec.conf\" -o -name \"sysprep.inf\" -o -name \"passwd\" -o -name \"drives.xml\" -o -name \".gitconfig\" -o -name \"ftp.config\" -o -name \".secrets.mkey\" -o -name \"legacy_credentials.db\" -o -name \"wcx_ftp.ini\" -o -name \"id_dsa*\" -o -name \".erlang.cookie\" -o -name \"krb5.keytab\" -o -name \"mongod*.conf\" -o -name \"unattended.xml\" -o -name \"influxdb.conf\" -o -name \"docker.sock\" -o -name \"zabbix_agentd.conf\" -o -name \"gitlab.rm\" -o -name \"scclient.exe\" -o -name \"*.cer\" -o -name \"gvm-tools.conf\" -o -name \"kadm5.acl\" -o -name \"*.gpg\" -o -name \"tomcat-users.xml\" -o -name \"AzureRMContext.json\" -o -name \"error.log\" -o -name \"sysprep.xml\" -o -name \".git-credentials\" -o -name \"kcpassword\" -o -name \"*.swp\" -o -name \"KeePass.config*\" -o -name \"winscp.ini\" -o -name \".profile\" -o -name \"my.ini\" -o -name \"printers.xml\" -o -name \"elasticsearch.y*ml\" -o -name \"SecEvent.Evt\" -o -name \"ffftp.ini\" -o -name \"anaconda-ks.cfg\" -o -name \"php.ini\" -o -name \"credentials.db\" -o -name \"*.jks\" -o -name \"index.dat\" -o -name \"recentservers.xml\" -o -name \"*vnc*.txt\" -o -name \"my.cnf\" -o -name \"*.keystore\" -o -name \"*password*\" -o -name \"database.php\" -o -name \"hosts.equiv\" -o -name \"bash.exe\" -o -name \"backups\" -o -name \"docker-compose.yml\" -o -name \".env\" -o -name \"*.socket\" -o -name \"access_tokens.json\" -o -name \"*.gnupg\" -o -name \"protecteduserkey.bin\" -o -name \"system.sav\" -o -name \"security.sav\" -o -name \"kibana.y*ml\" -o -name \"jetty-realm.properties\" -o -name \"known_hosts\" -o -name \"datasources.xml\" -o -name \"rsyncd.conf\" -o -name \"ws_ftp.ini\" -o -name \"https-xampp.conf\" -o -name \"cesi.conf\" -o -name \"access_tokens.db\" -o -name \"autologin.conf\" -o -name \"unattend.inf\" -o -name \"*.rdg\" -o -name \"*.ftpconfig\" -o -name \"hostapd.conf\" -o -name \"groups.xml\" -o -name \"sssd.conf\" -o -name \"*.pem\" -o -name \"*.service\" -o -name \"*vnc*.ini\" -o -name \"web*.config\" -o -name \"*.pgp\" -o -name \".pypirc\" -o -name \"sentry.conf.py\" -o -name \"*.pfx\" -o -name \"*.crt\" -o -name \"snmpd.conf\" -o -name \"Ntds.dit\" -o -name \"access.log\" -o -name \"unattend.xml\" -o -name \".msmtprc\" -o -name \"*vnc*.c*nf*\" -o -name \"storage.php\" -o -name \"passbolt.php\" -o -name \"SAM\" -o -name \"mosquitto.conf\" -o -name \"ssh*config\" -o -name \".lesshst\" -o -name \"zabbix_server.conf\" -o -name \"NetSetup.log\" -o -name \".google_authenticator\" -o -name \"pgsql.conf\" -o -name \"https.conf\" -o -name \"fastcgi_params\" -o -name \"secrets.yml\" -o -name \"pgadmin*.db\" -o -name \"wsl.exe\" -o -name \"ftp.ini\" -o -name \"*.timer\" -o -name \"id_rsa*\" -o -name \"KeePass.ini\" -o -name \"gitlab.yml\" -o -name \".rhosts\" -o -name \"*.key\" -o -name \"*.sqlite3\" -o -name \"RDCMan.settings\" -o -name \"ntuser.dat\" -o -name \"server.xml\" -o -name \"redis.conf\" -o -name \"debian.cnf\" -o -name \"iis6.log\" -o -name \"*.viminfo\" -o -name \"000-default.conf\" -o -name \"krb5.conf\" -o -name \"backup\" -o -name \"ConsoleHost_history.txt\" -o -name \"TokenCache.dat\" -o -name \"postgresql.conf\" -o -name \"creds*\" -o -name \"*vnc*.xml\" -o -name \"FreeSSHDservice.ini\" -o -name \"appcmd.exe\" -o -name \"vault-ssh-helper.hcl\" -o -name \"AppEvent.Evt\" -o -name \"scheduledtasks.xml\" -o -name \"credentials\" -o -name \"*.ovpn\" -o -name \".ldaprc\" -o -name \"ddclient.conf\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"`
FIND_LIB=`eval_bckgrd "find /lib -name \"*.timer\" -o -name \"*.socket\" -o -name \"*.service\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"`
FIND_LIB32=`eval_bckgrd "find /lib32 -name \"*.timer\" -o -name \"*.socket\" -o -name \"*.service\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"`
FIND_LIB64=`eval_bckgrd "find /lib64 -name \"*.timer\" -o -name \"*.socket\" -o -name \"*.service\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"`
FIND_MEDIA=`eval_bckgrd "find /media -name \"racoon.conf\" -o -name \".sudo_as_admin_successful\" -o -name \"psk.txt\" -o -name \"filezilla.xml\" -o -name \"rsyncd.secrets\" -o -name \"secrets.ldb\" -o -name \"pagefile.sys\" -o -name \"docker.socket\" -o -name \"setupinfo.bak\" -o -name \"supervisord.conf\" -o -name \"unattend.txt\" -o -name \".recently-used.xbel\" -o -name \"setupinfo\" -o -name \"*.csr\" -o -name \"software.sav\" -o -name \".git\" -o -name \"mariadb.cnf\" -o -name \"accessTokens.json\" -o -name \".bashrc\" -o -name \".plan\" -o -name \"settings.php\" -o -name \".github\" -o -name \"authorized_hosts\" -o -name \"cloud.cfg\" -o -name \"*config*.php\" -o -name \"azureProfile.json\" -o -name \"autologin\" -o -name \"*.db\" -o -name \".k5login\" -o -name \"*.sqlite\" -o -name \"SYSTEM\" -o -name \"default.sav\" -o -name \"software\" -o -name \"httpd.conf\" -o -name \".vault-token\" -o -name \"sites.ini\" -o -name \"db.php\" -o -name \".htpasswd\" -o -name \".*_history.*\" -o -name \"wp-config.php\" -o -name \"config.php\" -o -name \"Dockerfile\" -o -name \"authorized_keys\" -o -name \"*.der\" -o -name \"sitemanager.xml\" -o -name \"KeePass.enforced*\" -o -name \"*.p12\" -o -name \"*.kdbx\" -o -name \"pg_hba.conf\" -o -name \"*.keyring\" -o -name \"ipsec.secrets\" -o -name \"*credential*\" -o -name \".wgetrc\" -o -name \"ipsec.conf\" -o -name \"sysprep.inf\" -o -name \"passwd\" -o -name \"drives.xml\" -o -name \".gitconfig\" -o -name \"ftp.config\" -o -name \".secrets.mkey\" -o -name \"legacy_credentials.db\" -o -name \"wcx_ftp.ini\" -o -name \"id_dsa*\" -o -name \".erlang.cookie\" -o -name \"krb5.keytab\" -o -name \"mongod*.conf\" -o -name \"unattended.xml\" -o -name \"influxdb.conf\" -o -name \"docker.sock\" -o -name \"zabbix_agentd.conf\" -o -name \"gitlab.rm\" -o -name \"scclient.exe\" -o -name \"*.cer\" -o -name \"gvm-tools.conf\" -o -name \"kadm5.acl\" -o -name \"*.gpg\" -o -name \"tomcat-users.xml\" -o -name \"AzureRMContext.json\" -o -name \"error.log\" -o -name \"sysprep.xml\" -o -name \".git-credentials\" -o -name \"kcpassword\" -o -name \"*.swp\" -o -name \"KeePass.config*\" -o -name \"winscp.ini\" -o -name \".profile\" -o -name \"my.ini\" -o -name \"printers.xml\" -o -name \"elasticsearch.y*ml\" -o -name \"SecEvent.Evt\" -o -name \"ffftp.ini\" -o -name \"anaconda-ks.cfg\" -o -name \"php.ini\" -o -name \"credentials.db\" -o -name \"*.jks\" -o -name \"index.dat\" -o -name \"recentservers.xml\" -o -name \"*vnc*.txt\" -o -name \"my.cnf\" -o -name \"*.keystore\" -o -name \"*password*\" -o -name \"database.php\" -o -name \"hosts.equiv\" -o -name \"bash.exe\" -o -name \"backups\" -o -name \"docker-compose.yml\" -o -name \".env\" -o -name \"*.socket\" -o -name \"access_tokens.json\" -o -name \"*.gnupg\" -o -name \"protecteduserkey.bin\" -o -name \"system.sav\" -o -name \"security.sav\" -o -name \"kibana.y*ml\" -o -name \"jetty-realm.properties\" -o -name \"known_hosts\" -o -name \"datasources.xml\" -o -name \"rsyncd.conf\" -o -name \"ws_ftp.ini\" -o -name \"https-xampp.conf\" -o -name \"cesi.conf\" -o -name \"access_tokens.db\" -o -name \"autologin.conf\" -o -name \"unattend.inf\" -o -name \"*.rdg\" -o -name \"*.ftpconfig\" -o -name \"hostapd.conf\" -o -name \"groups.xml\" -o -name \"sssd.conf\" -o -name \"*.pem\" -o -name \"*.service\" -o -name \"*vnc*.ini\" -o -name \"web*.config\" -o -name \"*.pgp\" -o -name \".pypirc\" -o -name \"sentry.conf.py\" -o -name \"*.pfx\" -o -name \"*.crt\" -o -name \"snmpd.conf\" -o -name \"Ntds.dit\" -o -name \"access.log\" -o -name \"unattend.xml\" -o -name \".msmtprc\" -o -name \"*vnc*.c*nf*\" -o -name \"storage.php\" -o -name \"passbolt.php\" -o -name \"SAM\" -o -name \"mosquitto.conf\" -o -name \".lesshst\" -o -name \"zabbix_server.conf\" -o -name \"NetSetup.log\" -o -name \".google_authenticator\" -o -name \"pgsql.conf\" -o -name \"https.conf\" -o -name \"fastcgi_params\" -o -name \"secrets.yml\" -o -name \"pgadmin*.db\" -o -name \"wsl.exe\" -o -name \"ftp.ini\" -o -name \"*.timer\" -o -name \"id_rsa*\" -o -name \"KeePass.ini\" -o -name \"gitlab.yml\" -o -name \".rhosts\" -o -name \"*.key\" -o -name \"*.sqlite3\" -o -name \"RDCMan.settings\" -o -name \"ntuser.dat\" -o -name \"server.xml\" -o -name \"redis.conf\" -o -name \"debian.cnf\" -o -name \"iis6.log\" -o -name \"*.viminfo\" -o -name \"000-default.conf\" -o -name \"krb5.conf\" -o -name \"backup\" -o -name \"ConsoleHost_history.txt\" -o -name \"TokenCache.dat\" -o -name \"postgresql.conf\" -o -name \"creds*\" -o -name \"*vnc*.xml\" -o -name \"FreeSSHDservice.ini\" -o -name \"appcmd.exe\" -o -name \"vault-ssh-helper.hcl\" -o -name \"AppEvent.Evt\" -o -name \"scheduledtasks.xml\" -o -name \"credentials\" -o -name \"*.ovpn\" -o -name \".ldaprc\" -o -name \"ddclient.conf\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"`
FIND_MNT=`eval_bckgrd "find /mnt -name \"racoon.conf\" -o -name \".sudo_as_admin_successful\" -o -name \"psk.txt\" -o -name \"filezilla.xml\" -o -name \"rsyncd.secrets\" -o -name \"secrets.ldb\" -o -name \"pagefile.sys\" -o -name \"docker.socket\" -o -name \"setupinfo.bak\" -o -name \"supervisord.conf\" -o -name \"unattend.txt\" -o -name \".recently-used.xbel\" -o -name \"setupinfo\" -o -name \"*.csr\" -o -name \"software.sav\" -o -name \".git\" -o -name \"mariadb.cnf\" -o -name \"accessTokens.json\" -o -name \".bashrc\" -o -name \".plan\" -o -name \"settings.php\" -o -name \".github\" -o -name \"authorized_hosts\" -o -name \"cloud.cfg\" -o -name \"*config*.php\" -o -name \"azureProfile.json\" -o -name \"autologin\" -o -name \"*.db\" -o -name \".k5login\" -o -name \"*.sqlite\" -o -name \"SYSTEM\" -o -name \"default.sav\" -o -name \"software\" -o -name \"httpd.conf\" -o -name \".vault-token\" -o -name \"sites.ini\" -o -name \"db.php\" -o -name \".htpasswd\" -o -name \".*_history.*\" -o -name \"wp-config.php\" -o -name \"config.php\" -o -name \"Dockerfile\" -o -name \"authorized_keys\" -o -name \"*.der\" -o -name \"sitemanager.xml\" -o -name \"KeePass.enforced*\" -o -name \"*.p12\" -o -name \"*.kdbx\" -o -name \"pg_hba.conf\" -o -name \"*.keyring\" -o -name \"ipsec.secrets\" -o -name \"*credential*\" -o -name \".wgetrc\" -o -name \"ipsec.conf\" -o -name \"sysprep.inf\" -o -name \"passwd\" -o -name \"drives.xml\" -o -name \".gitconfig\" -o -name \"ftp.config\" -o -name \".secrets.mkey\" -o -name \"legacy_credentials.db\" -o -name \"wcx_ftp.ini\" -o -name \"id_dsa*\" -o -name \".erlang.cookie\" -o -name \"krb5.keytab\" -o -name \"mongod*.conf\" -o -name \"unattended.xml\" -o -name \"influxdb.conf\" -o -name \"docker.sock\" -o -name \"zabbix_agentd.conf\" -o -name \"gitlab.rm\" -o -name \"scclient.exe\" -o -name \"*.cer\" -o -name \"gvm-tools.conf\" -o -name \"kadm5.acl\" -o -name \"*.gpg\" -o -name \"tomcat-users.xml\" -o -name \"AzureRMContext.json\" -o -name \"error.log\" -o -name \"sysprep.xml\" -o -name \".git-credentials\" -o -name \"kcpassword\" -o -name \"*.swp\" -o -name \"KeePass.config*\" -o -name \"winscp.ini\" -o -name \".profile\" -o -name \"my.ini\" -o -name \"printers.xml\" -o -name \"elasticsearch.y*ml\" -o -name \"SecEvent.Evt\" -o -name \"ffftp.ini\" -o -name \"anaconda-ks.cfg\" -o -name \"php.ini\" -o -name \"credentials.db\" -o -name \"*.jks\" -o -name \"index.dat\" -o -name \"recentservers.xml\" -o -name \"*vnc*.txt\" -o -name \"my.cnf\" -o -name \"*.keystore\" -o -name \"*password*\" -o -name \"database.php\" -o -name \"hosts.equiv\" -o -name \"bash.exe\" -o -name \"backups\" -o -name \"docker-compose.yml\" -o -name \".env\" -o -name \"*.socket\" -o -name \"access_tokens.json\" -o -name \"*.gnupg\" -o -name \"protecteduserkey.bin\" -o -name \"system.sav\" -o -name \"security.sav\" -o -name \"kibana.y*ml\" -o -name \"jetty-realm.properties\" -o -name \"known_hosts\" -o -name \"datasources.xml\" -o -name \"rsyncd.conf\" -o -name \"ws_ftp.ini\" -o -name \"https-xampp.conf\" -o -name \"cesi.conf\" -o -name \"access_tokens.db\" -o -name \"autologin.conf\" -o -name \"unattend.inf\" -o -name \"*.rdg\" -o -name \"*.ftpconfig\" -o -name \"hostapd.conf\" -o -name \"groups.xml\" -o -name \"sssd.conf\" -o -name \"*.pem\" -o -name \"*.service\" -o -name \"*vnc*.ini\" -o -name \"web*.config\" -o -name \"*.pgp\" -o -name \".pypirc\" -o -name \"sentry.conf.py\" -o -name \"*.pfx\" -o -name \"*.crt\" -o -name \"snmpd.conf\" -o -name \"Ntds.dit\" -o -name \"access.log\" -o -name \"unattend.xml\" -o -name \".msmtprc\" -o -name \"*vnc*.c*nf*\" -o -name \"storage.php\" -o -name \"passbolt.php\" -o -name \"SAM\" -o -name \"mosquitto.conf\" -o -name \"sess_*\" -o -name \".lesshst\" -o -name \"zabbix_server.conf\" -o -name \"NetSetup.log\" -o -name \".google_authenticator\" -o -name \"pgsql.conf\" -o -name \"https.conf\" -o -name \"fastcgi_params\" -o -name \"secrets.yml\" -o -name \"pgadmin*.db\" -o -name \"wsl.exe\" -o -name \"ftp.ini\" -o -name \"*.timer\" -o -name \"id_rsa*\" -o -name \"KeePass.ini\" -o -name \"gitlab.yml\" -o -name \".rhosts\" -o -name \"*.key\" -o -name \"*.sqlite3\" -o -name \"RDCMan.settings\" -o -name \"ntuser.dat\" -o -name \"server.xml\" -o -name \"redis.conf\" -o -name \"debian.cnf\" -o -name \"iis6.log\" -o -name \"*.viminfo\" -o -name \"000-default.conf\" -o -name \"krb5.conf\" -o -name \"backup\" -o -name \"ConsoleHost_history.txt\" -o -name \"TokenCache.dat\" -o -name \"postgresql.conf\" -o -name \"creds*\" -o -name \"*vnc*.xml\" -o -name \"FreeSSHDservice.ini\" -o -name \"appcmd.exe\" -o -name \"vault-ssh-helper.hcl\" -o -name \"AppEvent.Evt\" -o -name \"scheduledtasks.xml\" -o -name \"credentials\" -o -name \"*.ovpn\" -o -name \".ldaprc\" -o -name \"ddclient.conf\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"`
FIND_OPT=`eval_bckgrd "find /opt -name \"racoon.conf\" -o -name \".sudo_as_admin_successful\" -o -name \"psk.txt\" -o -name \"filezilla.xml\" -o -name \"rsyncd.secrets\" -o -name \"secrets.ldb\" -o -name \"pagefile.sys\" -o -name \"docker.socket\" -o -name \"setupinfo.bak\" -o -name \"supervisord.conf\" -o -name \"unattend.txt\" -o -name \".recently-used.xbel\" -o -name \"setupinfo\" -o -name \"*.csr\" -o -name \"software.sav\" -o -name \".git\" -o -name \"mariadb.cnf\" -o -name \"accessTokens.json\" -o -name \".bashrc\" -o -name \".plan\" -o -name \"settings.php\" -o -name \".github\" -o -name \"authorized_hosts\" -o -name \"cloud.cfg\" -o -name \"*config*.php\" -o -name \"azureProfile.json\" -o -name \"autologin\" -o -name \"*.db\" -o -name \".k5login\" -o -name \"*.sqlite\" -o -name \"SYSTEM\" -o -name \"default.sav\" -o -name \"software\" -o -name \"httpd.conf\" -o -name \".vault-token\" -o -name \"sites.ini\" -o -name \"db.php\" -o -name \".htpasswd\" -o -name \".*_history.*\" -o -name \"wp-config.php\" -o -name \"config.php\" -o -name \"Dockerfile\" -o -name \"authorized_keys\" -o -name \"*.der\" -o -name \"sitemanager.xml\" -o -name \"KeePass.enforced*\" -o -name \"*.p12\" -o -name \"*.kdbx\" -o -name \"pg_hba.conf\" -o -name \"*.keyring\" -o -name \"ipsec.secrets\" -o -name \"*credential*\" -o -name \".wgetrc\" -o -name \"ipsec.conf\" -o -name \"sysprep.inf\" -o -name \"passwd\" -o -name \"drives.xml\" -o -name \".gitconfig\" -o -name \"ftp.config\" -o -name \".secrets.mkey\" -o -name \"legacy_credentials.db\" -o -name \"wcx_ftp.ini\" -o -name \"id_dsa*\" -o -name \".erlang.cookie\" -o -name \"krb5.keytab\" -o -name \"mongod*.conf\" -o -name \"unattended.xml\" -o -name \"influxdb.conf\" -o -name \"docker.sock\" -o -name \"zabbix_agentd.conf\" -o -name \"gitlab.rm\" -o -name \"scclient.exe\" -o -name \"*.cer\" -o -name \"gvm-tools.conf\" -o -name \"kadm5.acl\" -o -name \"*.gpg\" -o -name \"tomcat-users.xml\" -o -name \"AzureRMContext.json\" -o -name \"error.log\" -o -name \"sysprep.xml\" -o -name \".git-credentials\" -o -name \"kcpassword\" -o -name \"*.swp\" -o -name \"KeePass.config*\" -o -name \"winscp.ini\" -o -name \".profile\" -o -name \"my.ini\" -o -name \"printers.xml\" -o -name \"elasticsearch.y*ml\" -o -name \"SecEvent.Evt\" -o -name \"ffftp.ini\" -o -name \"anaconda-ks.cfg\" -o -name \"php.ini\" -o -name \"credentials.db\" -o -name \"*.jks\" -o -name \"index.dat\" -o -name \"recentservers.xml\" -o -name \"*vnc*.txt\" -o -name \"my.cnf\" -o -name \"*.keystore\" -o -name \"*password*\" -o -name \"database.php\" -o -name \"hosts.equiv\" -o -name \"bash.exe\" -o -name \"backups\" -o -name \"docker-compose.yml\" -o -name \".env\" -o -name \"*.socket\" -o -name \"access_tokens.json\" -o -name \"*.gnupg\" -o -name \"protecteduserkey.bin\" -o -name \"system.sav\" -o -name \"security.sav\" -o -name \"kibana.y*ml\" -o -name \"jetty-realm.properties\" -o -name \"known_hosts\" -o -name \"datasources.xml\" -o -name \"rsyncd.conf\" -o -name \"ws_ftp.ini\" -o -name \"https-xampp.conf\" -o -name \"cesi.conf\" -o -name \"access_tokens.db\" -o -name \"autologin.conf\" -o -name \"unattend.inf\" -o -name \"*.rdg\" -o -name \"*.ftpconfig\" -o -name \"hostapd.conf\" -o -name \"groups.xml\" -o -name \"sssd.conf\" -o -name \"*.pem\" -o -name \"*.service\" -o -name \"*vnc*.ini\" -o -name \"web*.config\" -o -name \"*.pgp\" -o -name \".pypirc\" -o -name \"sentry.conf.py\" -o -name \"*.pfx\" -o -name \"*.crt\" -o -name \"snmpd.conf\" -o -name \"Ntds.dit\" -o -name \"access.log\" -o -name \"unattend.xml\" -o -name \".msmtprc\" -o -name \"*vnc*.c*nf*\" -o -name \"storage.php\" -o -name \"passbolt.php\" -o -name \"SAM\" -o -name \"mosquitto.conf\" -o -name \".lesshst\" -o -name \"zabbix_server.conf\" -o -name \"NetSetup.log\" -o -name \".google_authenticator\" -o -name \"pgsql.conf\" -o -name \"https.conf\" -o -name \"fastcgi_params\" -o -name \"secrets.yml\" -o -name \"pgadmin*.db\" -o -name \"wsl.exe\" -o -name \"ftp.ini\" -o -name \"*.timer\" -o -name \"id_rsa*\" -o -name \"KeePass.ini\" -o -name \"gitlab.yml\" -o -name \".rhosts\" -o -name \"*.key\" -o -name \"*.sqlite3\" -o -name \"RDCMan.settings\" -o -name \"ntuser.dat\" -o -name \"server.xml\" -o -name \"redis.conf\" -o -name \"debian.cnf\" -o -name \"iis6.log\" -o -name \"*.viminfo\" -o -name \"000-default.conf\" -o -name \"krb5.conf\" -o -name \"backup\" -o -name \"ConsoleHost_history.txt\" -o -name \"TokenCache.dat\" -o -name \"postgresql.conf\" -o -name \"creds*\" -o -name \"*vnc*.xml\" -o -name \"FreeSSHDservice.ini\" -o -name \"appcmd.exe\" -o -name \"vault-ssh-helper.hcl\" -o -name \"AppEvent.Evt\" -o -name \"scheduledtasks.xml\" -o -name \"credentials\" -o -name \"*.ovpn\" -o -name \".ldaprc\" -o -name \"ddclient.conf\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"`
FIND_PRIVATE=`eval_bckgrd "find /private -name \"racoon.conf\" -o -name \".sudo_as_admin_successful\" -o -name \"psk.txt\" -o -name \"filezilla.xml\" -o -name \"rsyncd.secrets\" -o -name \"secrets.ldb\" -o -name \"pagefile.sys\" -o -name \"docker.socket\" -o -name \"setupinfo.bak\" -o -name \"supervisord.conf\" -o -name \"unattend.txt\" -o -name \".recently-used.xbel\" -o -name \"setupinfo\" -o -name \"*.csr\" -o -name \"software.sav\" -o -name \".git\" -o -name \"mariadb.cnf\" -o -name \"accessTokens.json\" -o -name \".bashrc\" -o -name \".plan\" -o -name \"settings.php\" -o -name \".github\" -o -name \"authorized_hosts\" -o -name \"cloud.cfg\" -o -name \"*config*.php\" -o -name \"azureProfile.json\" -o -name \"autologin\" -o -name \"*.db\" -o -name \".k5login\" -o -name \"*.sqlite\" -o -name \"SYSTEM\" -o -name \"default.sav\" -o -name \"software\" -o -name \"httpd.conf\" -o -name \".vault-token\" -o -name \"sites.ini\" -o -name \"db.php\" -o -name \".htpasswd\" -o -name \".*_history.*\" -o -name \"wp-config.php\" -o -name \"config.php\" -o -name \"Dockerfile\" -o -name \"authorized_keys\" -o -name \"*.der\" -o -name \"sitemanager.xml\" -o -name \"KeePass.enforced*\" -o -name \"*.p12\" -o -name \"*.kdbx\" -o -name \"pg_hba.conf\" -o -name \"*.keyring\" -o -name \"ipsec.secrets\" -o -name \"*credential*\" -o -name \".wgetrc\" -o -name \"ipsec.conf\" -o -name \"sysprep.inf\" -o -name \"passwd\" -o -name \"drives.xml\" -o -name \".gitconfig\" -o -name \"ftp.config\" -o -name \".secrets.mkey\" -o -name \"legacy_credentials.db\" -o -name \"wcx_ftp.ini\" -o -name \"id_dsa*\" -o -name \".erlang.cookie\" -o -name \"krb5.keytab\" -o -name \"mongod*.conf\" -o -name \"unattended.xml\" -o -name \"influxdb.conf\" -o -name \"docker.sock\" -o -name \"zabbix_agentd.conf\" -o -name \"gitlab.rm\" -o -name \"scclient.exe\" -o -name \"*.cer\" -o -name \"gvm-tools.conf\" -o -name \"kadm5.acl\" -o -name \"*.gpg\" -o -name \"tomcat-users.xml\" -o -name \"AzureRMContext.json\" -o -name \"error.log\" -o -name \"agent*\" -o -name \"sysprep.xml\" -o -name \".git-credentials\" -o -name \"kcpassword\" -o -name \"*.swp\" -o -name \"KeePass.config*\" -o -name \"winscp.ini\" -o -name \".profile\" -o -name \"my.ini\" -o -name \"printers.xml\" -o -name \"elasticsearch.y*ml\" -o -name \"SecEvent.Evt\" -o -name \"ffftp.ini\" -o -name \"anaconda-ks.cfg\" -o -name \"php.ini\" -o -name \"credentials.db\" -o -name \"*.jks\" -o -name \"index.dat\" -o -name \"recentservers.xml\" -o -name \"*vnc*.txt\" -o -name \"my.cnf\" -o -name \"*.keystore\" -o -name \"*password*\" -o -name \"database.php\" -o -name \"hosts.equiv\" -o -name \"bash.exe\" -o -name \"backups\" -o -name \"docker-compose.yml\" -o -name \".env\" -o -name \"*.socket\" -o -name \"access_tokens.json\" -o -name \"*.gnupg\" -o -name \"protecteduserkey.bin\" -o -name \"system.sav\" -o -name \"security.sav\" -o -name \"kibana.y*ml\" -o -name \"jetty-realm.properties\" -o -name \"known_hosts\" -o -name \"datasources.xml\" -o -name \"rsyncd.conf\" -o -name \"ws_ftp.ini\" -o -name \"https-xampp.conf\" -o -name \"cesi.conf\" -o -name \"access_tokens.db\" -o -name \"autologin.conf\" -o -name \"unattend.inf\" -o -name \"*.rdg\" -o -name \"*.ftpconfig\" -o -name \"hostapd.conf\" -o -name \"groups.xml\" -o -name \"sssd.conf\" -o -name \"*.pem\" -o -name \"*.service\" -o -name \"*vnc*.ini\" -o -name \"web*.config\" -o -name \"*.pgp\" -o -name \".pypirc\" -o -name \"sentry.conf.py\" -o -name \"*.pfx\" -o -name \"*.crt\" -o -name \"snmpd.conf\" -o -name \"Ntds.dit\" -o -name \"access.log\" -o -name \"unattend.xml\" -o -name \".msmtprc\" -o -name \"*vnc*.c*nf*\" -o -name \"storage.php\" -o -name \"passbolt.php\" -o -name \"SAM\" -o -name \"mosquitto.conf\" -o -name \"sess_*\" -o -name \".lesshst\" -o -name \"zabbix_server.conf\" -o -name \"NetSetup.log\" -o -name \".google_authenticator\" -o -name \"pgsql.conf\" -o -name \"https.conf\" -o -name \"fastcgi_params\" -o -name \"secrets.yml\" -o -name \"pgadmin*.db\" -o -name \"wsl.exe\" -o -name \"ftp.ini\" -o -name \"*.timer\" -o -name \"id_rsa*\" -o -name \"KeePass.ini\" -o -name \"gitlab.yml\" -o -name \".rhosts\" -o -name \"*.key\" -o -name \"*.sqlite3\" -o -name \"RDCMan.settings\" -o -name \"ntuser.dat\" -o -name \"server.xml\" -o -name \"redis.conf\" -o -name \"debian.cnf\" -o -name \"iis6.log\" -o -name \"*.viminfo\" -o -name \"000-default.conf\" -o -name \"krb5.conf\" -o -name \"backup\" -o -name \"ConsoleHost_history.txt\" -o -name \"TokenCache.dat\" -o -name \"postgresql.conf\" -o -name \"creds*\" -o -name \"*vnc*.xml\" -o -name \"FreeSSHDservice.ini\" -o -name \"appcmd.exe\" -o -name \"vault-ssh-helper.hcl\" -o -name \"AppEvent.Evt\" -o -name \"scheduledtasks.xml\" -o -name \"credentials\" -o -name \"*.ovpn\" -o -name \".ldaprc\" -o -name \"ddclient.conf\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"`
FIND_RUN=`eval_bckgrd "find /run -name \"*.timer\" -o -name \"*.socket\" -o -name \"*.service\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"`
FIND_SBIN=`eval_bckgrd "find /sbin -name \"racoon.conf\" -o -name \".sudo_as_admin_successful\" -o -name \"psk.txt\" -o -name \"filezilla.xml\" -o -name \"rsyncd.secrets\" -o -name \"secrets.ldb\" -o -name \"pagefile.sys\" -o -name \"docker.socket\" -o -name \"setupinfo.bak\" -o -name \"supervisord.conf\" -o -name \"unattend.txt\" -o -name \".recently-used.xbel\" -o -name \"setupinfo\" -o -name \"*.csr\" -o -name \"software.sav\" -o -name \".git\" -o -name \"mariadb.cnf\" -o -name \"accessTokens.json\" -o -name \".bashrc\" -o -name \".plan\" -o -name \"settings.php\" -o -name \".github\" -o -name \"authorized_hosts\" -o -name \"cloud.cfg\" -o -name \"*config*.php\" -o -name \"azureProfile.json\" -o -name \"autologin\" -o -name \"*.db\" -o -name \".k5login\" -o -name \"*.sqlite\" -o -name \"SYSTEM\" -o -name \"default.sav\" -o -name \"software\" -o -name \"httpd.conf\" -o -name \".vault-token\" -o -name \"sites.ini\" -o -name \"db.php\" -o -name \".htpasswd\" -o -name \".*_history.*\" -o -name \"wp-config.php\" -o -name \"config.php\" -o -name \"Dockerfile\" -o -name \"authorized_keys\" -o -name \"*.der\" -o -name \"sitemanager.xml\" -o -name \"KeePass.enforced*\" -o -name \"*.p12\" -o -name \"*.kdbx\" -o -name \"pg_hba.conf\" -o -name \"*.keyring\" -o -name \"ipsec.secrets\" -o -name \"*credential*\" -o -name \".wgetrc\" -o -name \"ipsec.conf\" -o -name \"sysprep.inf\" -o -name \"passwd\" -o -name \"drives.xml\" -o -name \".gitconfig\" -o -name \"ftp.config\" -o -name \".secrets.mkey\" -o -name \"legacy_credentials.db\" -o -name \"wcx_ftp.ini\" -o -name \"id_dsa*\" -o -name \".erlang.cookie\" -o -name \"krb5.keytab\" -o -name \"mongod*.conf\" -o -name \"unattended.xml\" -o -name \"influxdb.conf\" -o -name \"docker.sock\" -o -name \"zabbix_agentd.conf\" -o -name \"gitlab.rm\" -o -name \"scclient.exe\" -o -name \"*.cer\" -o -name \"gvm-tools.conf\" -o -name \"kadm5.acl\" -o -name \"*.gpg\" -o -name \"tomcat-users.xml\" -o -name \"AzureRMContext.json\" -o -name \"error.log\" -o -name \"sysprep.xml\" -o -name \".git-credentials\" -o -name \"kcpassword\" -o -name \"*.swp\" -o -name \"KeePass.config*\" -o -name \"winscp.ini\" -o -name \".profile\" -o -name \"my.ini\" -o -name \"printers.xml\" -o -name \"elasticsearch.y*ml\" -o -name \"SecEvent.Evt\" -o -name \"ffftp.ini\" -o -name \"anaconda-ks.cfg\" -o -name \"php.ini\" -o -name \"credentials.db\" -o -name \"*.jks\" -o -name \"index.dat\" -o -name \"recentservers.xml\" -o -name \"*vnc*.txt\" -o -name \"my.cnf\" -o -name \"*.keystore\" -o -name \"*password*\" -o -name \"database.php\" -o -name \"hosts.equiv\" -o -name \"bash.exe\" -o -name \"backups\" -o -name \"docker-compose.yml\" -o -name \".env\" -o -name \"*.socket\" -o -name \"access_tokens.json\" -o -name \"*.gnupg\" -o -name \"protecteduserkey.bin\" -o -name \"system.sav\" -o -name \"security.sav\" -o -name \"kibana.y*ml\" -o -name \"jetty-realm.properties\" -o -name \"known_hosts\" -o -name \"datasources.xml\" -o -name \"rsyncd.conf\" -o -name \"ws_ftp.ini\" -o -name \"https-xampp.conf\" -o -name \"cesi.conf\" -o -name \"access_tokens.db\" -o -name \"autologin.conf\" -o -name \"unattend.inf\" -o -name \"*.rdg\" -o -name \"*.ftpconfig\" -o -name \"hostapd.conf\" -o -name \"groups.xml\" -o -name \"sssd.conf\" -o -name \"*.pem\" -o -name \"*.service\" -o -name \"*vnc*.ini\" -o -name \"web*.config\" -o -name \"*.pgp\" -o -name \".pypirc\" -o -name \"sentry.conf.py\" -o -name \"*.pfx\" -o -name \"*.crt\" -o -name \"snmpd.conf\" -o -name \"Ntds.dit\" -o -name \"access.log\" -o -name \"unattend.xml\" -o -name \".msmtprc\" -o -name \"*vnc*.c*nf*\" -o -name \"storage.php\" -o -name \"passbolt.php\" -o -name \"SAM\" -o -name \"mosquitto.conf\" -o -name \".lesshst\" -o -name \"zabbix_server.conf\" -o -name \"NetSetup.log\" -o -name \".google_authenticator\" -o -name \"pgsql.conf\" -o -name \"https.conf\" -o -name \"fastcgi_params\" -o -name \"secrets.yml\" -o -name \"pgadmin*.db\" -o -name \"wsl.exe\" -o -name \"ftp.ini\" -o -name \"*.timer\" -o -name \"id_rsa*\" -o -name \"KeePass.ini\" -o -name \"gitlab.yml\" -o -name \".rhosts\" -o -name \"*.key\" -o -name \"*.sqlite3\" -o -name \"RDCMan.settings\" -o -name \"ntuser.dat\" -o -name \"server.xml\" -o -name \"redis.conf\" -o -name \"debian.cnf\" -o -name \"iis6.log\" -o -name \"*.viminfo\" -o -name \"000-default.conf\" -o -name \"krb5.conf\" -o -name \"backup\" -o -name \"ConsoleHost_history.txt\" -o -name \"TokenCache.dat\" -o -name \"postgresql.conf\" -o -name \"creds*\" -o -name \"*vnc*.xml\" -o -name \"FreeSSHDservice.ini\" -o -name \"appcmd.exe\" -o -name \"vault-ssh-helper.hcl\" -o -name \"AppEvent.Evt\" -o -name \"scheduledtasks.xml\" -o -name \"credentials\" -o -name \"*.ovpn\" -o -name \".ldaprc\" -o -name \"ddclient.conf\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"`
FIND_SNAP=`eval_bckgrd "find /snap -name \"racoon.conf\" -o -name \".sudo_as_admin_successful\" -o -name \"psk.txt\" -o -name \"filezilla.xml\" -o -name \"rsyncd.secrets\" -o -name \"secrets.ldb\" -o -name \"pagefile.sys\" -o -name \"docker.socket\" -o -name \"setupinfo.bak\" -o -name \"supervisord.conf\" -o -name \"unattend.txt\" -o -name \".recently-used.xbel\" -o -name \"setupinfo\" -o -name \"*.csr\" -o -name \"software.sav\" -o -name \".git\" -o -name \"mariadb.cnf\" -o -name \"accessTokens.json\" -o -name \".bashrc\" -o -name \".plan\" -o -name \"settings.php\" -o -name \".github\" -o -name \"authorized_hosts\" -o -name \"cloud.cfg\" -o -name \"*config*.php\" -o -name \"azureProfile.json\" -o -name \"autologin\" -o -name \"*.db\" -o -name \".k5login\" -o -name \"*.sqlite\" -o -name \"SYSTEM\" -o -name \"default.sav\" -o -name \"software\" -o -name \"httpd.conf\" -o -name \".vault-token\" -o -name \"sites.ini\" -o -name \"db.php\" -o -name \".htpasswd\" -o -name \".*_history.*\" -o -name \"wp-config.php\" -o -name \"config.php\" -o -name \"Dockerfile\" -o -name \"authorized_keys\" -o -name \"*.der\" -o -name \"sitemanager.xml\" -o -name \"KeePass.enforced*\" -o -name \"*.p12\" -o -name \"*.kdbx\" -o -name \"pg_hba.conf\" -o -name \"*.keyring\" -o -name \"ipsec.secrets\" -o -name \"*credential*\" -o -name \".wgetrc\" -o -name \"ipsec.conf\" -o -name \"sysprep.inf\" -o -name \"passwd\" -o -name \"drives.xml\" -o -name \".gitconfig\" -o -name \"ftp.config\" -o -name \".secrets.mkey\" -o -name \"legacy_credentials.db\" -o -name \"wcx_ftp.ini\" -o -name \"id_dsa*\" -o -name \".erlang.cookie\" -o -name \"krb5.keytab\" -o -name \"mongod*.conf\" -o -name \"unattended.xml\" -o -name \"influxdb.conf\" -o -name \"docker.sock\" -o -name \"zabbix_agentd.conf\" -o -name \"gitlab.rm\" -o -name \"scclient.exe\" -o -name \"*.cer\" -o -name \"gvm-tools.conf\" -o -name \"kadm5.acl\" -o -name \"*.gpg\" -o -name \"tomcat-users.xml\" -o -name \"AzureRMContext.json\" -o -name \"error.log\" -o -name \"sysprep.xml\" -o -name \".git-credentials\" -o -name \"kcpassword\" -o -name \"*.swp\" -o -name \"KeePass.config*\" -o -name \"winscp.ini\" -o -name \".profile\" -o -name \"my.ini\" -o -name \"printers.xml\" -o -name \"elasticsearch.y*ml\" -o -name \"SecEvent.Evt\" -o -name \"ffftp.ini\" -o -name \"anaconda-ks.cfg\" -o -name \"php.ini\" -o -name \"credentials.db\" -o -name \"*.jks\" -o -name \"index.dat\" -o -name \"recentservers.xml\" -o -name \"*vnc*.txt\" -o -name \"my.cnf\" -o -name \"*.keystore\" -o -name \"*password*\" -o -name \"database.php\" -o -name \"hosts.equiv\" -o -name \"bash.exe\" -o -name \"backups\" -o -name \"docker-compose.yml\" -o -name \".env\" -o -name \"*.socket\" -o -name \"access_tokens.json\" -o -name \"*.gnupg\" -o -name \"protecteduserkey.bin\" -o -name \"system.sav\" -o -name \"security.sav\" -o -name \"kibana.y*ml\" -o -name \"jetty-realm.properties\" -o -name \"known_hosts\" -o -name \"datasources.xml\" -o -name \"rsyncd.conf\" -o -name \"ws_ftp.ini\" -o -name \"https-xampp.conf\" -o -name \"cesi.conf\" -o -name \"access_tokens.db\" -o -name \"autologin.conf\" -o -name \"unattend.inf\" -o -name \"*.rdg\" -o -name \"*.ftpconfig\" -o -name \"hostapd.conf\" -o -name \"groups.xml\" -o -name \"sssd.conf\" -o -name \"*.pem\" -o -name \"*.service\" -o -name \"*vnc*.ini\" -o -name \"web*.config\" -o -name \"*.pgp\" -o -name \".pypirc\" -o -name \"sentry.conf.py\" -o -name \"*.pfx\" -o -name \"*.crt\" -o -name \"snmpd.conf\" -o -name \"Ntds.dit\" -o -name \"access.log\" -o -name \"unattend.xml\" -o -name \".msmtprc\" -o -name \"*vnc*.c*nf*\" -o -name \"storage.php\" -o -name \"passbolt.php\" -o -name \"SAM\" -o -name \"mosquitto.conf\" -o -name \".lesshst\" -o -name \"zabbix_server.conf\" -o -name \"NetSetup.log\" -o -name \".google_authenticator\" -o -name \"pgsql.conf\" -o -name \"https.conf\" -o -name \"fastcgi_params\" -o -name \"secrets.yml\" -o -name \"pgadmin*.db\" -o -name \"wsl.exe\" -o -name \"ftp.ini\" -o -name \"*.timer\" -o -name \"id_rsa*\" -o -name \"KeePass.ini\" -o -name \"gitlab.yml\" -o -name \".rhosts\" -o -name \"*.key\" -o -name \"*.sqlite3\" -o -name \"RDCMan.settings\" -o -name \"ntuser.dat\" -o -name \"server.xml\" -o -name \"redis.conf\" -o -name \"debian.cnf\" -o -name \"iis6.log\" -o -name \"*.viminfo\" -o -name \"000-default.conf\" -o -name \"krb5.conf\" -o -name \"backup\" -o -name \"ConsoleHost_history.txt\" -o -name \"TokenCache.dat\" -o -name \"postgresql.conf\" -o -name \"creds*\" -o -name \"*vnc*.xml\" -o -name \"FreeSSHDservice.ini\" -o -name \"appcmd.exe\" -o -name \"vault-ssh-helper.hcl\" -o -name \"AppEvent.Evt\" -o -name \"scheduledtasks.xml\" -o -name \"credentials\" -o -name \"*.ovpn\" -o -name \".ldaprc\" -o -name \"ddclient.conf\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"`
FIND_SRV=`eval_bckgrd "find /srv -name \"racoon.conf\" -o -name \".sudo_as_admin_successful\" -o -name \"psk.txt\" -o -name \"filezilla.xml\" -o -name \"rsyncd.secrets\" -o -name \"secrets.ldb\" -o -name \"pagefile.sys\" -o -name \"docker.socket\" -o -name \"setupinfo.bak\" -o -name \"supervisord.conf\" -o -name \"unattend.txt\" -o -name \".recently-used.xbel\" -o -name \"setupinfo\" -o -name \"*.csr\" -o -name \"software.sav\" -o -name \".git\" -o -name \"mariadb.cnf\" -o -name \"accessTokens.json\" -o -name \".bashrc\" -o -name \".plan\" -o -name \"settings.php\" -o -name \".github\" -o -name \"authorized_hosts\" -o -name \"cloud.cfg\" -o -name \"*config*.php\" -o -name \"azureProfile.json\" -o -name \"autologin\" -o -name \"*.db\" -o -name \".k5login\" -o -name \"*.sqlite\" -o -name \"SYSTEM\" -o -name \"default.sav\" -o -name \"software\" -o -name \"httpd.conf\" -o -name \".vault-token\" -o -name \"sites.ini\" -o -name \"db.php\" -o -name \".htpasswd\" -o -name \".*_history.*\" -o -name \"wp-config.php\" -o -name \"config.php\" -o -name \"Dockerfile\" -o -name \"authorized_keys\" -o -name \"*.der\" -o -name \"sitemanager.xml\" -o -name \"KeePass.enforced*\" -o -name \"*.p12\" -o -name \"*.kdbx\" -o -name \"pg_hba.conf\" -o -name \"*.keyring\" -o -name \"ipsec.secrets\" -o -name \"*credential*\" -o -name \".wgetrc\" -o -name \"ipsec.conf\" -o -name \"sysprep.inf\" -o -name \"passwd\" -o -name \"drives.xml\" -o -name \".gitconfig\" -o -name \"ftp.config\" -o -name \".secrets.mkey\" -o -name \"legacy_credentials.db\" -o -name \"wcx_ftp.ini\" -o -name \"id_dsa*\" -o -name \".erlang.cookie\" -o -name \"krb5.keytab\" -o -name \"mongod*.conf\" -o -name \"unattended.xml\" -o -name \"influxdb.conf\" -o -name \"docker.sock\" -o -name \"zabbix_agentd.conf\" -o -name \"gitlab.rm\" -o -name \"scclient.exe\" -o -name \"*.cer\" -o -name \"gvm-tools.conf\" -o -name \"kadm5.acl\" -o -name \"*.gpg\" -o -name \"tomcat-users.xml\" -o -name \"AzureRMContext.json\" -o -name \"error.log\" -o -name \"sysprep.xml\" -o -name \".git-credentials\" -o -name \"kcpassword\" -o -name \"*.swp\" -o -name \"KeePass.config*\" -o -name \"winscp.ini\" -o -name \".profile\" -o -name \"my.ini\" -o -name \"printers.xml\" -o -name \"elasticsearch.y*ml\" -o -name \"SecEvent.Evt\" -o -name \"ffftp.ini\" -o -name \"anaconda-ks.cfg\" -o -name \"php.ini\" -o -name \"credentials.db\" -o -name \"*.jks\" -o -name \"index.dat\" -o -name \"recentservers.xml\" -o -name \"*vnc*.txt\" -o -name \"my.cnf\" -o -name \"*.keystore\" -o -name \"*password*\" -o -name \"database.php\" -o -name \"hosts.equiv\" -o -name \"bash.exe\" -o -name \"backups\" -o -name \"docker-compose.yml\" -o -name \".env\" -o -name \"*.socket\" -o -name \"access_tokens.json\" -o -name \"*.gnupg\" -o -name \"protecteduserkey.bin\" -o -name \"system.sav\" -o -name \"security.sav\" -o -name \"kibana.y*ml\" -o -name \"jetty-realm.properties\" -o -name \"known_hosts\" -o -name \"datasources.xml\" -o -name \"rsyncd.conf\" -o -name \"ws_ftp.ini\" -o -name \"https-xampp.conf\" -o -name \"cesi.conf\" -o -name \"access_tokens.db\" -o -name \"autologin.conf\" -o -name \"unattend.inf\" -o -name \"*.rdg\" -o -name \"*.ftpconfig\" -o -name \"hostapd.conf\" -o -name \"groups.xml\" -o -name \"sssd.conf\" -o -name \"*.pem\" -o -name \"*.service\" -o -name \"*vnc*.ini\" -o -name \"web*.config\" -o -name \"*.pgp\" -o -name \".pypirc\" -o -name \"sentry.conf.py\" -o -name \"*.pfx\" -o -name \"*.crt\" -o -name \"snmpd.conf\" -o -name \"Ntds.dit\" -o -name \"access.log\" -o -name \"unattend.xml\" -o -name \".msmtprc\" -o -name \"*vnc*.c*nf*\" -o -name \"storage.php\" -o -name \"passbolt.php\" -o -name \"SAM\" -o -name \"mosquitto.conf\" -o -name \".lesshst\" -o -name \"zabbix_server.conf\" -o -name \"NetSetup.log\" -o -name \".google_authenticator\" -o -name \"pgsql.conf\" -o -name \"https.conf\" -o -name \"fastcgi_params\" -o -name \"secrets.yml\" -o -name \"pgadmin*.db\" -o -name \"wsl.exe\" -o -name \"ftp.ini\" -o -name \"*.timer\" -o -name \"id_rsa*\" -o -name \"KeePass.ini\" -o -name \"gitlab.yml\" -o -name \".rhosts\" -o -name \"*.key\" -o -name \"*.sqlite3\" -o -name \"RDCMan.settings\" -o -name \"ntuser.dat\" -o -name \"server.xml\" -o -name \"redis.conf\" -o -name \"debian.cnf\" -o -name \"iis6.log\" -o -name \"*.viminfo\" -o -name \"000-default.conf\" -o -name \"krb5.conf\" -o -name \"backup\" -o -name \"ConsoleHost_history.txt\" -o -name \"TokenCache.dat\" -o -name \"postgresql.conf\" -o -name \"creds*\" -o -name \"*vnc*.xml\" -o -name \"FreeSSHDservice.ini\" -o -name \"appcmd.exe\" -o -name \"vault-ssh-helper.hcl\" -o -name \"AppEvent.Evt\" -o -name \"scheduledtasks.xml\" -o -name \"credentials\" -o -name \"*.ovpn\" -o -name \".ldaprc\" -o -name \"ddclient.conf\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"`
FIND_SYS=`eval_bckgrd "find /sys -name \"*.timer\" -o -name \"*.socket\" -o -name \"*.service\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"`
FIND_SYSTEM=`eval_bckgrd "find /system -name \"*.timer\" -o -name \"*.socket\" -o -name \"*.service\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"`
FIND_SYSTEMD=`eval_bckgrd "find /systemd -name \"*.timer\" -o -name \"*.socket\" -o -name \"*.service\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"`
FIND_TMP=`eval_bckgrd "find /tmp -name \"racoon.conf\" -o -name \".sudo_as_admin_successful\" -o -name \"psk.txt\" -o -name \"filezilla.xml\" -o -name \"rsyncd.secrets\" -o -name \"secrets.ldb\" -o -name \"pagefile.sys\" -o -name \"docker.socket\" -o -name \"setupinfo.bak\" -o -name \"supervisord.conf\" -o -name \"unattend.txt\" -o -name \".recently-used.xbel\" -o -name \"setupinfo\" -o -name \"*.csr\" -o -name \"software.sav\" -o -name \".git\" -o -name \"mariadb.cnf\" -o -name \"accessTokens.json\" -o -name \".bashrc\" -o -name \".plan\" -o -name \"settings.php\" -o -name \".github\" -o -name \"authorized_hosts\" -o -name \"cloud.cfg\" -o -name \"*config*.php\" -o -name \"azureProfile.json\" -o -name \"autologin\" -o -name \"*.db\" -o -name \".k5login\" -o -name \"*.sqlite\" -o -name \"SYSTEM\" -o -name \"default.sav\" -o -name \"software\" -o -name \"httpd.conf\" -o -name \".vault-token\" -o -name \"sites.ini\" -o -name \"db.php\" -o -name \".htpasswd\" -o -name \".*_history.*\" -o -name \"wp-config.php\" -o -name \"config.php\" -o -name \"Dockerfile\" -o -name \"authorized_keys\" -o -name \"*.der\" -o -name \"sitemanager.xml\" -o -name \"KeePass.enforced*\" -o -name \"*.p12\" -o -name \"*.kdbx\" -o -name \"pg_hba.conf\" -o -name \"*.keyring\" -o -name \"ipsec.secrets\" -o -name \"*credential*\" -o -name \".wgetrc\" -o -name \"ipsec.conf\" -o -name \"sysprep.inf\" -o -name \"passwd\" -o -name \"drives.xml\" -o -name \".gitconfig\" -o -name \"ftp.config\" -o -name \".secrets.mkey\" -o -name \"legacy_credentials.db\" -o -name \"wcx_ftp.ini\" -o -name \"id_dsa*\" -o -name \".erlang.cookie\" -o -name \"krb5.keytab\" -o -name \"mongod*.conf\" -o -name \"unattended.xml\" -o -name \"influxdb.conf\" -o -name \"docker.sock\" -o -name \"zabbix_agentd.conf\" -o -name \"gitlab.rm\" -o -name \"scclient.exe\" -o -name \"*.cer\" -o -name \"gvm-tools.conf\" -o -name \"kadm5.acl\" -o -name \"*.gpg\" -o -name \"tomcat-users.xml\" -o -name \"AzureRMContext.json\" -o -name \"error.log\" -o -name \"agent*\" -o -name \"sysprep.xml\" -o -name \".git-credentials\" -o -name \"kcpassword\" -o -name \"*.swp\" -o -name \"KeePass.config*\" -o -name \"winscp.ini\" -o -name \".profile\" -o -name \"my.ini\" -o -name \"printers.xml\" -o -name \"elasticsearch.y*ml\" -o -name \"SecEvent.Evt\" -o -name \"ffftp.ini\" -o -name \"anaconda-ks.cfg\" -o -name \"php.ini\" -o -name \"credentials.db\" -o -name \"*.jks\" -o -name \"index.dat\" -o -name \"recentservers.xml\" -o -name \"*vnc*.txt\" -o -name \"my.cnf\" -o -name \"*.keystore\" -o -name \"*password*\" -o -name \"database.php\" -o -name \"hosts.equiv\" -o -name \"bash.exe\" -o -name \"backups\" -o -name \"docker-compose.yml\" -o -name \".env\" -o -name \"*.socket\" -o -name \"access_tokens.json\" -o -name \"*.gnupg\" -o -name \"protecteduserkey.bin\" -o -name \"system.sav\" -o -name \"security.sav\" -o -name \"kibana.y*ml\" -o -name \"jetty-realm.properties\" -o -name \"known_hosts\" -o -name \"datasources.xml\" -o -name \"rsyncd.conf\" -o -name \"ws_ftp.ini\" -o -name \"https-xampp.conf\" -o -name \"cesi.conf\" -o -name \"access_tokens.db\" -o -name \"autologin.conf\" -o -name \"unattend.inf\" -o -name \"*.rdg\" -o -name \"*.ftpconfig\" -o -name \"hostapd.conf\" -o -name \"groups.xml\" -o -name \"sssd.conf\" -o -name \"*.pem\" -o -name \"*.service\" -o -name \"*vnc*.ini\" -o -name \"web*.config\" -o -name \"*.pgp\" -o -name \".pypirc\" -o -name \"sentry.conf.py\" -o -name \"*.pfx\" -o -name \"*.crt\" -o -name \"snmpd.conf\" -o -name \"Ntds.dit\" -o -name \"access.log\" -o -name \"unattend.xml\" -o -name \".msmtprc\" -o -name \"*vnc*.c*nf*\" -o -name \"storage.php\" -o -name \"passbolt.php\" -o -name \"SAM\" -o -name \"mosquitto.conf\" -o -name \"sess_*\" -o -name \".lesshst\" -o -name \"zabbix_server.conf\" -o -name \"NetSetup.log\" -o -name \".google_authenticator\" -o -name \"pgsql.conf\" -o -name \"https.conf\" -o -name \"fastcgi_params\" -o -name \"secrets.yml\" -o -name \"pgadmin*.db\" -o -name \"wsl.exe\" -o -name \"ftp.ini\" -o -name \"*.timer\" -o -name \"id_rsa*\" -o -name \"KeePass.ini\" -o -name \"gitlab.yml\" -o -name \".rhosts\" -o -name \"*.key\" -o -name \"*.sqlite3\" -o -name \"RDCMan.settings\" -o -name \"ntuser.dat\" -o -name \"server.xml\" -o -name \"redis.conf\" -o -name \"debian.cnf\" -o -name \"iis6.log\" -o -name \"*.viminfo\" -o -name \"000-default.conf\" -o -name \"krb5.conf\" -o -name \"backup\" -o -name \"ConsoleHost_history.txt\" -o -name \"TokenCache.dat\" -o -name \"postgresql.conf\" -o -name \"creds*\" -o -name \"*vnc*.xml\" -o -name \"FreeSSHDservice.ini\" -o -name \"appcmd.exe\" -o -name \"vault-ssh-helper.hcl\" -o -name \"AppEvent.Evt\" -o -name \"scheduledtasks.xml\" -o -name \"credentials\" -o -name \"*.ovpn\" -o -name \".ldaprc\" -o -name \"ddclient.conf\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"`
FIND_USR=`eval_bckgrd "find /usr -name \"racoon.conf\" -o -name \".sudo_as_admin_successful\" -o -name \"psk.txt\" -o -name \"filezilla.xml\" -o -name \"rsyncd.secrets\" -o -name \"secrets.ldb\" -o -name \"pagefile.sys\" -o -name \"docker.socket\" -o -name \"setupinfo.bak\" -o -name \"supervisord.conf\" -o -name \"unattend.txt\" -o -name \".recently-used.xbel\" -o -name \"setupinfo\" -o -name \"*.csr\" -o -name \"software.sav\" -o -name \".git\" -o -name \"mariadb.cnf\" -o -name \"accessTokens.json\" -o -name \".bashrc\" -o -name \".plan\" -o -name \"settings.php\" -o -name \".github\" -o -name \"authorized_hosts\" -o -name \"cloud.cfg\" -o -name \"*config*.php\" -o -name \"azureProfile.json\" -o -name \"autologin\" -o -name \"*.db\" -o -name \".k5login\" -o -name \"*.sqlite\" -o -name \"SYSTEM\" -o -name \"default.sav\" -o -name \"software\" -o -name \"httpd.conf\" -o -name \".vault-token\" -o -name \"sites.ini\" -o -name \"db.php\" -o -name \".htpasswd\" -o -name \".*_history.*\" -o -name \"wp-config.php\" -o -name \"config.php\" -o -name \"Dockerfile\" -o -name \"authorized_keys\" -o -name \"*.der\" -o -name \"sitemanager.xml\" -o -name \"KeePass.enforced*\" -o -name \"*.p12\" -o -name \"*.kdbx\" -o -name \"pg_hba.conf\" -o -name \"*.keyring\" -o -name \"ipsec.secrets\" -o -name \"*credential*\" -o -name \".wgetrc\" -o -name \"ipsec.conf\" -o -name \"sysprep.inf\" -o -name \"passwd\" -o -name \"drives.xml\" -o -name \".gitconfig\" -o -name \"ftp.config\" -o -name \".secrets.mkey\" -o -name \"legacy_credentials.db\" -o -name \"wcx_ftp.ini\" -o -name \"id_dsa*\" -o -name \".erlang.cookie\" -o -name \"krb5.keytab\" -o -name \"mongod*.conf\" -o -name \"unattended.xml\" -o -name \"influxdb.conf\" -o -name \"docker.sock\" -o -name \"zabbix_agentd.conf\" -o -name \"gitlab.rm\" -o -name \"scclient.exe\" -o -name \"*.cer\" -o -name \"gvm-tools.conf\" -o -name \"kadm5.acl\" -o -name \"*.gpg\" -o -name \"tomcat-users.xml\" -o -name \"AzureRMContext.json\" -o -name \"error.log\" -o -name \"sysprep.xml\" -o -name \".git-credentials\" -o -name \"kcpassword\" -o -name \"*.swp\" -o -name \"KeePass.config*\" -o -name \"winscp.ini\" -o -name \".profile\" -o -name \"my.ini\" -o -name \"printers.xml\" -o -name \"elasticsearch.y*ml\" -o -name \"SecEvent.Evt\" -o -name \"ffftp.ini\" -o -name \"anaconda-ks.cfg\" -o -name \"php.ini\" -o -name \"credentials.db\" -o -name \"*.jks\" -o -name \"index.dat\" -o -name \"recentservers.xml\" -o -name \"*vnc*.txt\" -o -name \"my.cnf\" -o -name \"*.keystore\" -o -name \"*password*\" -o -name \"database.php\" -o -name \"hosts.equiv\" -o -name \"bash.exe\" -o -name \"backups\" -o -name \"docker-compose.yml\" -o -name \".env\" -o -name \"*.socket\" -o -name \"access_tokens.json\" -o -name \"*.gnupg\" -o -name \"protecteduserkey.bin\" -o -name \"system.sav\" -o -name \"security.sav\" -o -name \"kibana.y*ml\" -o -name \"jetty-realm.properties\" -o -name \"known_hosts\" -o -name \"datasources.xml\" -o -name \"rsyncd.conf\" -o -name \"ws_ftp.ini\" -o -name \"https-xampp.conf\" -o -name \"cesi.conf\" -o -name \"access_tokens.db\" -o -name \"autologin.conf\" -o -name \"unattend.inf\" -o -name \"*.rdg\" -o -name \"*.ftpconfig\" -o -name \"hostapd.conf\" -o -name \"groups.xml\" -o -name \"sssd.conf\" -o -name \"*.pem\" -o -name \"*.service\" -o -name \"*vnc*.ini\" -o -name \"web*.config\" -o -name \"*.pgp\" -o -name \".pypirc\" -o -name \"sentry.conf.py\" -o -name \"*.pfx\" -o -name \"*.crt\" -o -name \"snmpd.conf\" -o -name \"Ntds.dit\" -o -name \"access.log\" -o -name \"unattend.xml\" -o -name \".msmtprc\" -o -name \"*vnc*.c*nf*\" -o -name \"storage.php\" -o -name \"passbolt.php\" -o -name \"SAM\" -o -name \"mosquitto.conf\" -o -name \"ssh*config\" -o -name \".lesshst\" -o -name \"zabbix_server.conf\" -o -name \"NetSetup.log\" -o -name \".google_authenticator\" -o -name \"pgsql.conf\" -o -name \"https.conf\" -o -name \"fastcgi_params\" -o -name \"secrets.yml\" -o -name \"pgadmin*.db\" -o -name \"wsl.exe\" -o -name \"ftp.ini\" -o -name \"*.timer\" -o -name \"id_rsa*\" -o -name \"KeePass.ini\" -o -name \"gitlab.yml\" -o -name \".rhosts\" -o -name \"*.key\" -o -name \"*.sqlite3\" -o -name \"RDCMan.settings\" -o -name \"ntuser.dat\" -o -name \"server.xml\" -o -name \"redis.conf\" -o -name \"debian.cnf\" -o -name \"iis6.log\" -o -name \"*.viminfo\" -o -name \"000-default.conf\" -o -name \"krb5.conf\" -o -name \"backup\" -o -name \"ConsoleHost_history.txt\" -o -name \"TokenCache.dat\" -o -name \"postgresql.conf\" -o -name \"creds*\" -o -name \"*vnc*.xml\" -o -name \"FreeSSHDservice.ini\" -o -name \"appcmd.exe\" -o -name \"vault-ssh-helper.hcl\" -o -name \"AppEvent.Evt\" -o -name \"scheduledtasks.xml\" -o -name \"credentials\" -o -name \"*.ovpn\" -o -name \".ldaprc\" -o -name \"ddclient.conf\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"`
FIND_VAR=`eval_bckgrd "find /var -name \"racoon.conf\" -o -name \".sudo_as_admin_successful\" -o -name \"psk.txt\" -o -name \"filezilla.xml\" -o -name \"rsyncd.secrets\" -o -name \"secrets.ldb\" -o -name \"pagefile.sys\" -o -name \"docker.socket\" -o -name \"setupinfo.bak\" -o -name \"supervisord.conf\" -o -name \"unattend.txt\" -o -name \".recently-used.xbel\" -o -name \"setupinfo\" -o -name \"*.csr\" -o -name \"software.sav\" -o -name \".git\" -o -name \"mariadb.cnf\" -o -name \"accessTokens.json\" -o -name \".bashrc\" -o -name \".plan\" -o -name \"settings.php\" -o -name \".github\" -o -name \"authorized_hosts\" -o -name \"cloud.cfg\" -o -name \"*config*.php\" -o -name \"azureProfile.json\" -o -name \"autologin\" -o -name \"*.db\" -o -name \".k5login\" -o -name \"*.sqlite\" -o -name \"SYSTEM\" -o -name \"default.sav\" -o -name \"software\" -o -name \"httpd.conf\" -o -name \".vault-token\" -o -name \"sites.ini\" -o -name \"db.php\" -o -name \".htpasswd\" -o -name \".*_history.*\" -o -name \"wp-config.php\" -o -name \"config.php\" -o -name \"Dockerfile\" -o -name \"authorized_keys\" -o -name \"*.der\" -o -name \"sitemanager.xml\" -o -name \"KeePass.enforced*\" -o -name \"*.p12\" -o -name \"*.kdbx\" -o -name \"pg_hba.conf\" -o -name \"*.keyring\" -o -name \"ipsec.secrets\" -o -name \"*credential*\" -o -name \".wgetrc\" -o -name \"ipsec.conf\" -o -name \"sysprep.inf\" -o -name \"passwd\" -o -name \"drives.xml\" -o -name \".gitconfig\" -o -name \"ftp.config\" -o -name \".secrets.mkey\" -o -name \"legacy_credentials.db\" -o -name \"wcx_ftp.ini\" -o -name \"id_dsa*\" -o -name \".erlang.cookie\" -o -name \"krb5.keytab\" -o -name \"mongod*.conf\" -o -name \"unattended.xml\" -o -name \"influxdb.conf\" -o -name \"docker.sock\" -o -name \"zabbix_agentd.conf\" -o -name \"gitlab.rm\" -o -name \"scclient.exe\" -o -name \"*.cer\" -o -name \"gvm-tools.conf\" -o -name \"kadm5.acl\" -o -name \"*.gpg\" -o -name \"tomcat-users.xml\" -o -name \"AzureRMContext.json\" -o -name \"error.log\" -o -name \"sysprep.xml\" -o -name \".git-credentials\" -o -name \"kcpassword\" -o -name \"*.swp\" -o -name \"KeePass.config*\" -o -name \"winscp.ini\" -o -name \".profile\" -o -name \"my.ini\" -o -name \"printers.xml\" -o -name \"elasticsearch.y*ml\" -o -name \"SecEvent.Evt\" -o -name \"ffftp.ini\" -o -name \"anaconda-ks.cfg\" -o -name \"php.ini\" -o -name \"credentials.db\" -o -name \"*.jks\" -o -name \"index.dat\" -o -name \"recentservers.xml\" -o -name \"*vnc*.txt\" -o -name \"my.cnf\" -o -name \"*.keystore\" -o -name \"*password*\" -o -name \"database.php\" -o -name \"hosts.equiv\" -o -name \"bash.exe\" -o -name \"backups\" -o -name \"docker-compose.yml\" -o -name \".env\" -o -name \"*.socket\" -o -name \"access_tokens.json\" -o -name \"*.gnupg\" -o -name \"protecteduserkey.bin\" -o -name \"system.sav\" -o -name \"security.sav\" -o -name \"kibana.y*ml\" -o -name \"jetty-realm.properties\" -o -name \"known_hosts\" -o -name \"datasources.xml\" -o -name \"rsyncd.conf\" -o -name \"ws_ftp.ini\" -o -name \"https-xampp.conf\" -o -name \"cesi.conf\" -o -name \"access_tokens.db\" -o -name \"autologin.conf\" -o -name \"unattend.inf\" -o -name \"*.rdg\" -o -name \"*.ftpconfig\" -o -name \"hostapd.conf\" -o -name \"groups.xml\" -o -name \"sssd.conf\" -o -name \"*.pem\" -o -name \"*.service\" -o -name \"*vnc*.ini\" -o -name \"web*.config\" -o -name \"*.pgp\" -o -name \".pypirc\" -o -name \"sentry.conf.py\" -o -name \"*.pfx\" -o -name \"*.crt\" -o -name \"snmpd.conf\" -o -name \"Ntds.dit\" -o -name \"access.log\" -o -name \"unattend.xml\" -o -name \".msmtprc\" -o -name \"*vnc*.c*nf*\" -o -name \"storage.php\" -o -name \"passbolt.php\" -o -name \"SAM\" -o -name \"mosquitto.conf\" -o -name \"sess_*\" -o -name \".lesshst\" -o -name \"zabbix_server.conf\" -o -name \"NetSetup.log\" -o -name \".google_authenticator\" -o -name \"pgsql.conf\" -o -name \"https.conf\" -o -name \"fastcgi_params\" -o -name \"secrets.yml\" -o -name \"pgadmin*.db\" -o -name \"wsl.exe\" -o -name \"ftp.ini\" -o -name \"*.timer\" -o -name \"id_rsa*\" -o -name \"KeePass.ini\" -o -name \"gitlab.yml\" -o -name \".rhosts\" -o -name \"*.key\" -o -name \"*.sqlite3\" -o -name \"RDCMan.settings\" -o -name \"ntuser.dat\" -o -name \"server.xml\" -o -name \"redis.conf\" -o -name \"debian.cnf\" -o -name \"iis6.log\" -o -name \"*.viminfo\" -o -name \"000-default.conf\" -o -name \"krb5.conf\" -o -name \"backup\" -o -name \"ConsoleHost_history.txt\" -o -name \"TokenCache.dat\" -o -name \"postgresql.conf\" -o -name \"creds*\" -o -name \"*vnc*.xml\" -o -name \"FreeSSHDservice.ini\" -o -name \"appcmd.exe\" -o -name \"vault-ssh-helper.hcl\" -o -name \"AppEvent.Evt\" -o -name \"scheduledtasks.xml\" -o -name \"credentials\" -o -name \"*.ovpn\" -o -name \".ldaprc\" -o -name \"ddclient.conf\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"`
FIND_DIR_APPLICATIONS=`eval_bckgrd "find /applications -type d -name \"neo4j\" -o -name \".cloudflared\" -o -name \"sentry\" -o -name \"zabbix\" -o -name \"environments\" -o -name \"ldap\" -o -name \"sites-enabled\" -o -name \"postfix\" -o -name \"mysql\" -o -name \".vnc\" -o -name \"couchdb\" -o -name \"roundcube\" -o -name \".svn\" -o -name \"logstash\" -o -name \".irssi\" -o -name \"seeddms*\" -o -name \"filezilla\" -o -name \"keyrings\" -o -name \"cacti\" -o -name \".bluemix\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"`
FIND_DIR_BIN=`eval_bckgrd "find /bin -type d -name \"neo4j\" -o -name \".cloudflared\" -o -name \"sentry\" -o -name \"zabbix\" -o -name \"environments\" -o -name \"ldap\" -o -name \"sites-enabled\" -o -name \"postfix\" -o -name \"mysql\" -o -name \".vnc\" -o -name \"couchdb\" -o -name \"roundcube\" -o -name \".svn\" -o -name \"logstash\" -o -name \".irssi\" -o -name \"seeddms*\" -o -name \"filezilla\" -o -name \"keyrings\" -o -name \"cacti\" -o -name \".bluemix\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"`
FIND_DIR_CACHE=`eval_bckgrd "find /.cache -type d -name \"neo4j\" -o -name \".cloudflared\" -o -name \"sentry\" -o -name \"zabbix\" -o -name \"environments\" -o -name \"ldap\" -o -name \"sites-enabled\" -o -name \"postfix\" -o -name \"mysql\" -o -name \".vnc\" -o -name \"couchdb\" -o -name \"roundcube\" -o -name \".svn\" -o -name \"logstash\" -o -name \".irssi\" -o -name \"seeddms*\" -o -name \"filezilla\" -o -name \"keyrings\" -o -name \"cacti\" -o -name \".bluemix\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"`
FIND_DIR_CDROM=`eval_bckgrd "find /cdrom -type d -name \"neo4j\" -o -name \".cloudflared\" -o -name \"sentry\" -o -name \"zabbix\" -o -name \"environments\" -o -name \"ldap\" -o -name \"sites-enabled\" -o -name \"postfix\" -o -name \"mysql\" -o -name \".vnc\" -o -name \"couchdb\" -o -name \"roundcube\" -o -name \".svn\" -o -name \"logstash\" -o -name \".irssi\" -o -name \"seeddms*\" -o -name \"filezilla\" -o -name \"keyrings\" -o -name \"cacti\" -o -name \".bluemix\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"`
FIND_DIR_ETC=`eval_bckgrd "find /etc -type d -name \"neo4j\" -o -name \".cloudflared\" -o -name \"sentry\" -o -name \"zabbix\" -o -name \"environments\" -o -name \"ldap\" -o -name \"sites-enabled\" -o -name \"system.d\" -o -name \"postfix\" -o -name \"mysql\" -o -name \".vnc\" -o -name \"couchdb\" -o -name \"roundcube\" -o -name \".svn\" -o -name \"logstash\" -o -name \".irssi\" -o -name \"seeddms*\" -o -name \"filezilla\" -o -name \"keyrings\" -o -name \"cacti\" -o -name \".bluemix\" -o -name \"bind\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"`
FIND_DIR_HOMESEARCH=`eval_bckgrd "find $HOMESEARCH -type d -name \"neo4j\" -o -name \".cloudflared\" -o -name \"sentry\" -o -name \"zabbix\" -o -name \"environments\" -o -name \"ldap\" -o -name \"sites-enabled\" -o -name \"postfix\" -o -name \"mysql\" -o -name \".vnc\" -o -name \"couchdb\" -o -name \"roundcube\" -o -name \".svn\" -o -name \"logstash\" -o -name \".irssi\" -o -name \"seeddms*\" -o -name \"filezilla\" -o -name \"keyrings\" -o -name \"cacti\" -o -name \".bluemix\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"`
FIND_DIR_MEDIA=`eval_bckgrd "find /media -type d -name \"neo4j\" -o -name \".cloudflared\" -o -name \"sentry\" -o -name \"zabbix\" -o -name \"environments\" -o -name \"ldap\" -o -name \"sites-enabled\" -o -name \"postfix\" -o -name \"mysql\" -o -name \".vnc\" -o -name \"couchdb\" -o -name \"roundcube\" -o -name \".svn\" -o -name \"logstash\" -o -name \".irssi\" -o -name \"seeddms*\" -o -name \"filezilla\" -o -name \"keyrings\" -o -name \"cacti\" -o -name \".bluemix\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"`
FIND_DIR_MNT=`eval_bckgrd "find /mnt -type d -name \"neo4j\" -o -name \".cloudflared\" -o -name \"sentry\" -o -name \"zabbix\" -o -name \"environments\" -o -name \"ldap\" -o -name \"sites-enabled\" -o -name \"postfix\" -o -name \"mysql\" -o -name \".vnc\" -o -name \"couchdb\" -o -name \"roundcube\" -o -name \".svn\" -o -name \"logstash\" -o -name \".irssi\" -o -name \"seeddms*\" -o -name \"filezilla\" -o -name \"keyrings\" -o -name \"cacti\" -o -name \".bluemix\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"`
FIND_DIR_OPT=`eval_bckgrd "find /opt -type d -name \"neo4j\" -o -name \".cloudflared\" -o -name \"sentry\" -o -name \"zabbix\" -o -name \"environments\" -o -name \"ldap\" -o -name \"sites-enabled\" -o -name \"postfix\" -o -name \"mysql\" -o -name \".vnc\" -o -name \"couchdb\" -o -name \"roundcube\" -o -name \".svn\" -o -name \"logstash\" -o -name \".irssi\" -o -name \"seeddms*\" -o -name \"filezilla\" -o -name \"keyrings\" -o -name \"cacti\" -o -name \".bluemix\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"`
FIND_DIR_PRIVATE=`eval_bckgrd "find /private -type d -name \"neo4j\" -o -name \".cloudflared\" -o -name \"sentry\" -o -name \"zabbix\" -o -name \"environments\" -o -name \"ldap\" -o -name \"sites-enabled\" -o -name \"postfix\" -o -name \"mysql\" -o -name \".vnc\" -o -name \"couchdb\" -o -name \"roundcube\" -o -name \".svn\" -o -name \"logstash\" -o -name \".irssi\" -o -name \"seeddms*\" -o -name \"filezilla\" -o -name \"keyrings\" -o -name \"cacti\" -o -name \".bluemix\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"`
FIND_DIR_SBIN=`eval_bckgrd "find /sbin -type d -name \"neo4j\" -o -name \".cloudflared\" -o -name \"sentry\" -o -name \"zabbix\" -o -name \"environments\" -o -name \"ldap\" -o -name \"sites-enabled\" -o -name \"postfix\" -o -name \"mysql\" -o -name \".vnc\" -o -name \"couchdb\" -o -name \"roundcube\" -o -name \".svn\" -o -name \"logstash\" -o -name \".irssi\" -o -name \"seeddms*\" -o -name \"filezilla\" -o -name \"keyrings\" -o -name \"cacti\" -o -name \".bluemix\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"`
FIND_DIR_SNAP=`eval_bckgrd "find /snap -type d -name \"neo4j\" -o -name \".cloudflared\" -o -name \"sentry\" -o -name \"zabbix\" -o -name \"environments\" -o -name \"ldap\" -o -name \"sites-enabled\" -o -name \"postfix\" -o -name \"mysql\" -o -name \".vnc\" -o -name \"couchdb\" -o -name \"roundcube\" -o -name \".svn\" -o -name \"logstash\" -o -name \".irssi\" -o -name \"seeddms*\" -o -name \"filezilla\" -o -name \"keyrings\" -o -name \"cacti\" -o -name \".bluemix\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"`
FIND_DIR_SRV=`eval_bckgrd "find /srv -type d -name \"neo4j\" -o -name \".cloudflared\" -o -name \"sentry\" -o -name \"zabbix\" -o -name \"environments\" -o -name \"ldap\" -o -name \"sites-enabled\" -o -name \"postfix\" -o -name \"mysql\" -o -name \".vnc\" -o -name \"couchdb\" -o -name \"roundcube\" -o -name \".svn\" -o -name \"logstash\" -o -name \".irssi\" -o -name \"seeddms*\" -o -name \"filezilla\" -o -name \"keyrings\" -o -name \"cacti\" -o -name \".bluemix\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"`
FIND_DIR_TMP=`eval_bckgrd "find /tmp -type d -name \"neo4j\" -o -name \".cloudflared\" -o -name \"sentry\" -o -name \"zabbix\" -o -name \"environments\" -o -name \"ldap\" -o -name \"sites-enabled\" -o -name \"postfix\" -o -name \"mysql\" -o -name \".vnc\" -o -name \"couchdb\" -o -name \"roundcube\" -o -name \".svn\" -o -name \"logstash\" -o -name \".irssi\" -o -name \"seeddms*\" -o -name \"filezilla\" -o -name \"keyrings\" -o -name \"cacti\" -o -name \".bluemix\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"`
FIND_DIR_USR=`eval_bckgrd "find /usr -type d -name \"neo4j\" -o -name \".cloudflared\" -o -name \"sentry\" -o -name \"zabbix\" -o -name \"environments\" -o -name \"ldap\" -o -name \"sites-enabled\" -o -name \"postfix\" -o -name \"mysql\" -o -name \".vnc\" -o -name \"couchdb\" -o -name \"roundcube\" -o -name \".svn\" -o -name \"logstash\" -o -name \".irssi\" -o -name \"seeddms*\" -o -name \"filezilla\" -o -name \"keyrings\" -o -name \"cacti\" -o -name \".bluemix\" -o -name \"bind\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"`
FIND_DIR_VAR=`eval_bckgrd "find /var -type d -name \"neo4j\" -o -name \".cloudflared\" -o -name \"sentry\" -o -name \"zabbix\" -o -name \"environments\" -o -name \"ldap\" -o -name \"sites-enabled\" -o -name \"postfix\" -o -name \"mysql\" -o -name \".vnc\" -o -name \"couchdb\" -o -name \"roundcube\" -o -name \".svn\" -o -name \"logstash\" -o -name \".irssi\" -o -name \"seeddms*\" -o -name \"filezilla\" -o -name \"keyrings\" -o -name \"cacti\" -o -name \".bluemix\" -o -name \"bind\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"`
FIND_APPLICATIONS=`eval_bckgrd "find /applications -name \"appcmd.exe\" -o -name \"sites.ini\" -o -name \"*.gnupg\" -o -name \"wcx_ftp.ini\" -o -name \"krb5.conf\" -o -name \".htpasswd\" -o -name \"NetSetup.log\" -o -name \"KeePass.ini\" -o -name \"*.p12\" -o -name \"autologin\" -o -name \"unattend.xml\" -o -name \"pgadmin*.db\" -o -name \"krb5.keytab\" -o -name \"AppEvent.Evt\" -o -name \".msmtprc\" -o -name \"*password*\" -o -name \"pg_hba.conf\" -o -name \"access.log\" -o -name \"*.sqlite\" -o -name \"storage.php\" -o -name \"drives.xml\" -o -name \"Ntds.dit\" -o -name \"bash.exe\" -o -name \"https-xampp.conf\" -o -name \"protecteduserkey.bin\" -o -name \".pypirc\" -o -name \"ffftp.ini\" -o -name \"accessTokens.json\" -o -name \"influxdb.conf\" -o -name \"access_tokens.json\" -o -name \"docker-compose.yml\" -o -name \".rhosts\" -o -name \"php.ini\" -o -name \"*.der\" -o -name \"*.timer\" -o -name \"unattend.inf\" -o -name \"passbolt.php\" -o -name \"software.sav\" -o -name \"*.pgp\" -o -name \"zabbix_agentd.conf\" -o -name \"*.ovpn\" -o -name \"SecEvent.Evt\" -o -name \"*.csr\" -o -name \"azureProfile.json\" -o -name \"Dockerfile\" -o -name \"backups\" -o -name \".erlang.cookie\" -o -name \"ftp.config\" -o -name \"ddclient.conf\" -o -name \"snmpd.conf\" -o -name \"printers.xml\" -o -name \"fastcgi_params\" -o -name \".ldaprc\" -o -name \"secrets.ldb\" -o -name \".env\" -o -name \"credentials.db\" -o -name \"security.sav\" -o -name \"sysprep.xml\" -o -name \"unattended.xml\" -o -name \"*.sqlite3\" -o -name \"racoon.conf\" -o -name \"pagefile.sys\" -o -name \"*.ftpconfig\" -o -name \"setupinfo\" -o -name \"*vnc*.xml\" -o -name \"config.php\" -o -name \"cloud.cfg\" -o -name \"docker.sock\" -o -name \"pgsql.conf\" -o -name \"*config*.php\" -o -name \"cesi.conf\" -o -name \"my.ini\" -o -name \"*vnc*.ini\" -o -name \"kadm5.acl\" -o -name \"passwd\" -o -name \"gitlab.rm\" -o -name \"ws_ftp.ini\" -o -name \"*.crt\" -o -name \"sssd.conf\" -o -name \"setupinfo.bak\" -o -name \"000-default.conf\" -o -name \"creds*\" -o -name \"docker.socket\" -o -name \"my.cnf\" -o -name \".sudo_as_admin_successful\" -o -name \"TokenCache.dat\" -o -name \"supervisord.conf\" -o -name \"winscp.ini\" -o -name \"debian.cnf\" -o -name \".git-credentials\" -o -name \".bashrc\" -o -name \".secrets.mkey\" -o -name \"software\" -o -name \"SAM\" -o -name \"unattend.txt\" -o -name \".recently-used.xbel\" -o -name \"*.kdbx\" -o -name \"groups.xml\" -o -name \"sitemanager.xml\" -o -name \"authorized_keys\" -o -name \".google_authenticator\" -o -name \"jetty-realm.properties\" -o -name \"RDCMan.settings\" -o -name \"*.swp\" -o -name \"rsyncd.conf\" -o -name \".plan\" -o -name \"*.rdg\" -o -name \"SYSTEM\" -o -name \"*.pfx\" -o -name \"*.jks\" -o -name \".wgetrc\" -o -name \"filezilla.xml\" -o -name \"scclient.exe\" -o -name \"error.log\" -o -name \"*credential*\" -o -name \"*.key\" -o -name \"mariadb.cnf\" -o -name \".lesshst\" -o -name \"AzureRMContext.json\" -o -name \"*vnc*.txt\" -o -name \"KeePass.enforced*\" -o -name \"access_tokens.db\" -o -name \"secrets.yml\" -o -name \"ftp.ini\" -o -name \".github\" -o -name \"autologin.conf\" -o -name \"kibana.y*ml\" -o -name \"*.pem\" -o -name \"index.dat\" -o -name \"postgresql.conf\" -o -name \"system.sav\" -o -name \"KeePass.config*\" -o -name \"*.db\" -o -name \"ConsoleHost_history.txt\" -o -name \"https.conf\" -o -name \"wsl.exe\" -o -name \"database.php\" -o -name \"kcpassword\" -o -name \".git\" -o -name \".profile\" -o -name \"redis.conf\" -o -name \"iis6.log\" -o -name \"*.keyring\" -o -name \"id_dsa*\" -o -name \"*.service\" -o -name \"elasticsearch.y*ml\" -o -name \"ntuser.dat\" -o -name \"psk.txt\" -o -name \"backup\" -o -name \"*.socket\" -o -name \"mongod*.conf\" -o -name \"*.cer\" -o -name \"FreeSSHDservice.ini\" -o -name \"*.viminfo\" -o -name \"mosquitto.conf\" -o -name \"rsyncd.secrets\" -o -name \"gvm-tools.conf\" -o -name \"ipsec.secrets\" -o -name \"server.xml\" -o -name \"sysprep.inf\" -o -name \".gitconfig\" -o -name \"settings.php\" -o -name \"sentry.conf.py\" -o -name \"wp-config.php\" -o -name \"anaconda-ks.cfg\" -o -name \"*.keystore\" -o -name \"datasources.xml\" -o -name \"recentservers.xml\" -o -name \"vault-ssh-helper.hcl\" -o -name \"known_hosts\" -o -name \"*vnc*.c*nf*\" -o -name \"id_rsa*\" -o -name \"legacy_credentials.db\" -o -name \"ipsec.conf\" -o -name \"httpd.conf\" -o -name \"default.sav\" -o -name \"*.gpg\" -o -name \"tomcat-users.xml\" -o -name \"gitlab.yml\" -o -name \".*_history.*\" -o -name \"db.php\" -o -name \".vault-token\" -o -name \"scheduledtasks.xml\" -o -name \"zabbix_server.conf\" -o -name \"credentials\" -o -name \"web*.config\" -o -name \"hosts.equiv\" -o -name \"hostapd.conf\" -o -name \"authorized_hosts\" -o -name \".k5login\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"`
FIND_BIN=`eval_bckgrd "find /bin -name \"appcmd.exe\" -o -name \"sites.ini\" -o -name \"*.gnupg\" -o -name \"wcx_ftp.ini\" -o -name \"krb5.conf\" -o -name \".htpasswd\" -o -name \"NetSetup.log\" -o -name \"KeePass.ini\" -o -name \"*.p12\" -o -name \"autologin\" -o -name \"unattend.xml\" -o -name \"pgadmin*.db\" -o -name \"krb5.keytab\" -o -name \"AppEvent.Evt\" -o -name \".msmtprc\" -o -name \"*password*\" -o -name \"pg_hba.conf\" -o -name \"access.log\" -o -name \"*.sqlite\" -o -name \"storage.php\" -o -name \"drives.xml\" -o -name \"Ntds.dit\" -o -name \"bash.exe\" -o -name \"https-xampp.conf\" -o -name \"protecteduserkey.bin\" -o -name \".pypirc\" -o -name \"ffftp.ini\" -o -name \"accessTokens.json\" -o -name \"influxdb.conf\" -o -name \"access_tokens.json\" -o -name \"docker-compose.yml\" -o -name \".rhosts\" -o -name \"php.ini\" -o -name \"*.der\" -o -name \"*.timer\" -o -name \"unattend.inf\" -o -name \"passbolt.php\" -o -name \"software.sav\" -o -name \"*.pgp\" -o -name \"zabbix_agentd.conf\" -o -name \"*.ovpn\" -o -name \"SecEvent.Evt\" -o -name \"*.csr\" -o -name \"azureProfile.json\" -o -name \"Dockerfile\" -o -name \"backups\" -o -name \".erlang.cookie\" -o -name \"ftp.config\" -o -name \"ddclient.conf\" -o -name \"snmpd.conf\" -o -name \"printers.xml\" -o -name \"fastcgi_params\" -o -name \".ldaprc\" -o -name \"secrets.ldb\" -o -name \".env\" -o -name \"credentials.db\" -o -name \"security.sav\" -o -name \"sysprep.xml\" -o -name \"unattended.xml\" -o -name \"*.sqlite3\" -o -name \"racoon.conf\" -o -name \"pagefile.sys\" -o -name \"*.ftpconfig\" -o -name \"setupinfo\" -o -name \"*vnc*.xml\" -o -name \"config.php\" -o -name \"cloud.cfg\" -o -name \"docker.sock\" -o -name \"pgsql.conf\" -o -name \"*config*.php\" -o -name \"cesi.conf\" -o -name \"my.ini\" -o -name \"*vnc*.ini\" -o -name \"kadm5.acl\" -o -name \"passwd\" -o -name \"gitlab.rm\" -o -name \"ws_ftp.ini\" -o -name \"*.crt\" -o -name \"sssd.conf\" -o -name \"setupinfo.bak\" -o -name \"000-default.conf\" -o -name \"creds*\" -o -name \"docker.socket\" -o -name \"my.cnf\" -o -name \".sudo_as_admin_successful\" -o -name \"TokenCache.dat\" -o -name \"supervisord.conf\" -o -name \"winscp.ini\" -o -name \"debian.cnf\" -o -name \".git-credentials\" -o -name \".bashrc\" -o -name \".secrets.mkey\" -o -name \"software\" -o -name \"SAM\" -o -name \"unattend.txt\" -o -name \".recently-used.xbel\" -o -name \"*.kdbx\" -o -name \"groups.xml\" -o -name \"sitemanager.xml\" -o -name \"authorized_keys\" -o -name \".google_authenticator\" -o -name \"jetty-realm.properties\" -o -name \"RDCMan.settings\" -o -name \"*.swp\" -o -name \"rsyncd.conf\" -o -name \".plan\" -o -name \"*.rdg\" -o -name \"SYSTEM\" -o -name \"*.pfx\" -o -name \"*.jks\" -o -name \".wgetrc\" -o -name \"filezilla.xml\" -o -name \"scclient.exe\" -o -name \"error.log\" -o -name \"*credential*\" -o -name \"*.key\" -o -name \"mariadb.cnf\" -o -name \".lesshst\" -o -name \"AzureRMContext.json\" -o -name \"*vnc*.txt\" -o -name \"KeePass.enforced*\" -o -name \"access_tokens.db\" -o -name \"secrets.yml\" -o -name \"ftp.ini\" -o -name \".github\" -o -name \"autologin.conf\" -o -name \"kibana.y*ml\" -o -name \"*.pem\" -o -name \"index.dat\" -o -name \"postgresql.conf\" -o -name \"system.sav\" -o -name \"KeePass.config*\" -o -name \"*.db\" -o -name \"ConsoleHost_history.txt\" -o -name \"https.conf\" -o -name \"wsl.exe\" -o -name \"database.php\" -o -name \"kcpassword\" -o -name \".git\" -o -name \".profile\" -o -name \"redis.conf\" -o -name \"iis6.log\" -o -name \"*.keyring\" -o -name \"id_dsa*\" -o -name \"*.service\" -o -name \"elasticsearch.y*ml\" -o -name \"ntuser.dat\" -o -name \"psk.txt\" -o -name \"backup\" -o -name \"*.socket\" -o -name \"mongod*.conf\" -o -name \"*.cer\" -o -name \"FreeSSHDservice.ini\" -o -name \"*.viminfo\" -o -name \"mosquitto.conf\" -o -name \"rsyncd.secrets\" -o -name \"gvm-tools.conf\" -o -name \"ipsec.secrets\" -o -name \"server.xml\" -o -name \"sysprep.inf\" -o -name \".gitconfig\" -o -name \"settings.php\" -o -name \"sentry.conf.py\" -o -name \"wp-config.php\" -o -name \"anaconda-ks.cfg\" -o -name \"*.keystore\" -o -name \"datasources.xml\" -o -name \"recentservers.xml\" -o -name \"vault-ssh-helper.hcl\" -o -name \"known_hosts\" -o -name \"*vnc*.c*nf*\" -o -name \"id_rsa*\" -o -name \"legacy_credentials.db\" -o -name \"ipsec.conf\" -o -name \"httpd.conf\" -o -name \"default.sav\" -o -name \"*.gpg\" -o -name \"tomcat-users.xml\" -o -name \"gitlab.yml\" -o -name \".*_history.*\" -o -name \"db.php\" -o -name \".vault-token\" -o -name \"scheduledtasks.xml\" -o -name \"zabbix_server.conf\" -o -name \"credentials\" -o -name \"web*.config\" -o -name \"hosts.equiv\" -o -name \"hostapd.conf\" -o -name \"authorized_hosts\" -o -name \".k5login\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"`
FIND_CACHE=`eval_bckgrd "find /.cache -name \"appcmd.exe\" -o -name \"sites.ini\" -o -name \"*.gnupg\" -o -name \"wcx_ftp.ini\" -o -name \"krb5.conf\" -o -name \".htpasswd\" -o -name \"NetSetup.log\" -o -name \"KeePass.ini\" -o -name \"*.p12\" -o -name \"autologin\" -o -name \"unattend.xml\" -o -name \"pgadmin*.db\" -o -name \"krb5.keytab\" -o -name \"AppEvent.Evt\" -o -name \".msmtprc\" -o -name \"*password*\" -o -name \"pg_hba.conf\" -o -name \"access.log\" -o -name \"*.sqlite\" -o -name \"storage.php\" -o -name \"drives.xml\" -o -name \"Ntds.dit\" -o -name \"bash.exe\" -o -name \"https-xampp.conf\" -o -name \"protecteduserkey.bin\" -o -name \".pypirc\" -o -name \"ffftp.ini\" -o -name \"accessTokens.json\" -o -name \"influxdb.conf\" -o -name \"access_tokens.json\" -o -name \"docker-compose.yml\" -o -name \".rhosts\" -o -name \"php.ini\" -o -name \"*.der\" -o -name \"*.timer\" -o -name \"unattend.inf\" -o -name \"passbolt.php\" -o -name \"software.sav\" -o -name \"*.pgp\" -o -name \"zabbix_agentd.conf\" -o -name \"*.ovpn\" -o -name \"SecEvent.Evt\" -o -name \"*.csr\" -o -name \"azureProfile.json\" -o -name \"Dockerfile\" -o -name \"backups\" -o -name \".erlang.cookie\" -o -name \"ftp.config\" -o -name \"ddclient.conf\" -o -name \"snmpd.conf\" -o -name \"printers.xml\" -o -name \"fastcgi_params\" -o -name \".ldaprc\" -o -name \"secrets.ldb\" -o -name \".env\" -o -name \"credentials.db\" -o -name \"security.sav\" -o -name \"sysprep.xml\" -o -name \"unattended.xml\" -o -name \"*.sqlite3\" -o -name \"racoon.conf\" -o -name \"pagefile.sys\" -o -name \"*.ftpconfig\" -o -name \"setupinfo\" -o -name \"*vnc*.xml\" -o -name \"config.php\" -o -name \"cloud.cfg\" -o -name \"docker.sock\" -o -name \"pgsql.conf\" -o -name \"*config*.php\" -o -name \"cesi.conf\" -o -name \"my.ini\" -o -name \"*vnc*.ini\" -o -name \"kadm5.acl\" -o -name \"passwd\" -o -name \"gitlab.rm\" -o -name \"ws_ftp.ini\" -o -name \"*.crt\" -o -name \"sssd.conf\" -o -name \"setupinfo.bak\" -o -name \"000-default.conf\" -o -name \"creds*\" -o -name \"docker.socket\" -o -name \"my.cnf\" -o -name \".sudo_as_admin_successful\" -o -name \"TokenCache.dat\" -o -name \"supervisord.conf\" -o -name \"winscp.ini\" -o -name \"debian.cnf\" -o -name \".git-credentials\" -o -name \".bashrc\" -o -name \".secrets.mkey\" -o -name \"software\" -o -name \"SAM\" -o -name \"unattend.txt\" -o -name \".recently-used.xbel\" -o -name \"*.kdbx\" -o -name \"groups.xml\" -o -name \"sitemanager.xml\" -o -name \"authorized_keys\" -o -name \".google_authenticator\" -o -name \"jetty-realm.properties\" -o -name \"RDCMan.settings\" -o -name \"*.swp\" -o -name \"rsyncd.conf\" -o -name \".plan\" -o -name \"*.rdg\" -o -name \"SYSTEM\" -o -name \"*.pfx\" -o -name \"*.jks\" -o -name \".wgetrc\" -o -name \"filezilla.xml\" -o -name \"scclient.exe\" -o -name \"error.log\" -o -name \"*credential*\" -o -name \"*.key\" -o -name \"mariadb.cnf\" -o -name \".lesshst\" -o -name \"AzureRMContext.json\" -o -name \"*vnc*.txt\" -o -name \"KeePass.enforced*\" -o -name \"access_tokens.db\" -o -name \"secrets.yml\" -o -name \"ftp.ini\" -o -name \".github\" -o -name \"autologin.conf\" -o -name \"kibana.y*ml\" -o -name \"*.pem\" -o -name \"index.dat\" -o -name \"postgresql.conf\" -o -name \"system.sav\" -o -name \"KeePass.config*\" -o -name \"*.db\" -o -name \"ConsoleHost_history.txt\" -o -name \"https.conf\" -o -name \"wsl.exe\" -o -name \"database.php\" -o -name \"kcpassword\" -o -name \".git\" -o -name \".profile\" -o -name \"redis.conf\" -o -name \"iis6.log\" -o -name \"*.keyring\" -o -name \"id_dsa*\" -o -name \"*.service\" -o -name \"elasticsearch.y*ml\" -o -name \"ntuser.dat\" -o -name \"psk.txt\" -o -name \"backup\" -o -name \"*.socket\" -o -name \"mongod*.conf\" -o -name \"*.cer\" -o -name \"FreeSSHDservice.ini\" -o -name \"*.viminfo\" -o -name \"mosquitto.conf\" -o -name \"rsyncd.secrets\" -o -name \"gvm-tools.conf\" -o -name \"ipsec.secrets\" -o -name \"server.xml\" -o -name \"sysprep.inf\" -o -name \".gitconfig\" -o -name \"settings.php\" -o -name \"sentry.conf.py\" -o -name \"wp-config.php\" -o -name \"anaconda-ks.cfg\" -o -name \"*.keystore\" -o -name \"datasources.xml\" -o -name \"recentservers.xml\" -o -name \"vault-ssh-helper.hcl\" -o -name \"known_hosts\" -o -name \"*vnc*.c*nf*\" -o -name \"id_rsa*\" -o -name \"legacy_credentials.db\" -o -name \"ipsec.conf\" -o -name \"httpd.conf\" -o -name \"default.sav\" -o -name \"*.gpg\" -o -name \"tomcat-users.xml\" -o -name \"gitlab.yml\" -o -name \".*_history.*\" -o -name \"db.php\" -o -name \".vault-token\" -o -name \"scheduledtasks.xml\" -o -name \"zabbix_server.conf\" -o -name \"credentials\" -o -name \"web*.config\" -o -name \"hosts.equiv\" -o -name \"hostapd.conf\" -o -name \"authorized_hosts\" -o -name \".k5login\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"`
FIND_CDROM=`eval_bckgrd "find /cdrom -name \"appcmd.exe\" -o -name \"sites.ini\" -o -name \"*.gnupg\" -o -name \"wcx_ftp.ini\" -o -name \"krb5.conf\" -o -name \".htpasswd\" -o -name \"NetSetup.log\" -o -name \"KeePass.ini\" -o -name \"*.p12\" -o -name \"autologin\" -o -name \"unattend.xml\" -o -name \"pgadmin*.db\" -o -name \"krb5.keytab\" -o -name \"AppEvent.Evt\" -o -name \".msmtprc\" -o -name \"*password*\" -o -name \"pg_hba.conf\" -o -name \"access.log\" -o -name \"*.sqlite\" -o -name \"storage.php\" -o -name \"drives.xml\" -o -name \"Ntds.dit\" -o -name \"bash.exe\" -o -name \"https-xampp.conf\" -o -name \"protecteduserkey.bin\" -o -name \".pypirc\" -o -name \"ffftp.ini\" -o -name \"accessTokens.json\" -o -name \"influxdb.conf\" -o -name \"access_tokens.json\" -o -name \"docker-compose.yml\" -o -name \".rhosts\" -o -name \"php.ini\" -o -name \"*.der\" -o -name \"*.timer\" -o -name \"unattend.inf\" -o -name \"passbolt.php\" -o -name \"software.sav\" -o -name \"*.pgp\" -o -name \"zabbix_agentd.conf\" -o -name \"*.ovpn\" -o -name \"SecEvent.Evt\" -o -name \"*.csr\" -o -name \"azureProfile.json\" -o -name \"Dockerfile\" -o -name \"backups\" -o -name \".erlang.cookie\" -o -name \"ftp.config\" -o -name \"ddclient.conf\" -o -name \"snmpd.conf\" -o -name \"printers.xml\" -o -name \"fastcgi_params\" -o -name \".ldaprc\" -o -name \"secrets.ldb\" -o -name \".env\" -o -name \"credentials.db\" -o -name \"security.sav\" -o -name \"sysprep.xml\" -o -name \"unattended.xml\" -o -name \"*.sqlite3\" -o -name \"racoon.conf\" -o -name \"pagefile.sys\" -o -name \"*.ftpconfig\" -o -name \"setupinfo\" -o -name \"*vnc*.xml\" -o -name \"config.php\" -o -name \"cloud.cfg\" -o -name \"docker.sock\" -o -name \"pgsql.conf\" -o -name \"*config*.php\" -o -name \"cesi.conf\" -o -name \"my.ini\" -o -name \"*vnc*.ini\" -o -name \"kadm5.acl\" -o -name \"passwd\" -o -name \"gitlab.rm\" -o -name \"ws_ftp.ini\" -o -name \"*.crt\" -o -name \"sssd.conf\" -o -name \"setupinfo.bak\" -o -name \"000-default.conf\" -o -name \"creds*\" -o -name \"docker.socket\" -o -name \"my.cnf\" -o -name \".sudo_as_admin_successful\" -o -name \"TokenCache.dat\" -o -name \"supervisord.conf\" -o -name \"winscp.ini\" -o -name \"debian.cnf\" -o -name \".git-credentials\" -o -name \".bashrc\" -o -name \".secrets.mkey\" -o -name \"software\" -o -name \"SAM\" -o -name \"unattend.txt\" -o -name \".recently-used.xbel\" -o -name \"*.kdbx\" -o -name \"groups.xml\" -o -name \"sitemanager.xml\" -o -name \"authorized_keys\" -o -name \".google_authenticator\" -o -name \"jetty-realm.properties\" -o -name \"RDCMan.settings\" -o -name \"*.swp\" -o -name \"rsyncd.conf\" -o -name \".plan\" -o -name \"*.rdg\" -o -name \"SYSTEM\" -o -name \"*.pfx\" -o -name \"*.jks\" -o -name \".wgetrc\" -o -name \"filezilla.xml\" -o -name \"scclient.exe\" -o -name \"error.log\" -o -name \"*credential*\" -o -name \"*.key\" -o -name \"mariadb.cnf\" -o -name \".lesshst\" -o -name \"AzureRMContext.json\" -o -name \"*vnc*.txt\" -o -name \"KeePass.enforced*\" -o -name \"access_tokens.db\" -o -name \"secrets.yml\" -o -name \"ftp.ini\" -o -name \".github\" -o -name \"autologin.conf\" -o -name \"kibana.y*ml\" -o -name \"*.pem\" -o -name \"index.dat\" -o -name \"postgresql.conf\" -o -name \"system.sav\" -o -name \"KeePass.config*\" -o -name \"*.db\" -o -name \"ConsoleHost_history.txt\" -o -name \"https.conf\" -o -name \"wsl.exe\" -o -name \"database.php\" -o -name \"kcpassword\" -o -name \".git\" -o -name \".profile\" -o -name \"redis.conf\" -o -name \"iis6.log\" -o -name \"*.keyring\" -o -name \"id_dsa*\" -o -name \"*.service\" -o -name \"elasticsearch.y*ml\" -o -name \"ntuser.dat\" -o -name \"psk.txt\" -o -name \"backup\" -o -name \"*.socket\" -o -name \"mongod*.conf\" -o -name \"*.cer\" -o -name \"FreeSSHDservice.ini\" -o -name \"*.viminfo\" -o -name \"mosquitto.conf\" -o -name \"rsyncd.secrets\" -o -name \"gvm-tools.conf\" -o -name \"ipsec.secrets\" -o -name \"server.xml\" -o -name \"sysprep.inf\" -o -name \".gitconfig\" -o -name \"settings.php\" -o -name \"sentry.conf.py\" -o -name \"wp-config.php\" -o -name \"anaconda-ks.cfg\" -o -name \"*.keystore\" -o -name \"datasources.xml\" -o -name \"recentservers.xml\" -o -name \"vault-ssh-helper.hcl\" -o -name \"known_hosts\" -o -name \"*vnc*.c*nf*\" -o -name \"id_rsa*\" -o -name \"legacy_credentials.db\" -o -name \"ipsec.conf\" -o -name \"httpd.conf\" -o -name \"default.sav\" -o -name \"*.gpg\" -o -name \"tomcat-users.xml\" -o -name \"gitlab.yml\" -o -name \".*_history.*\" -o -name \"db.php\" -o -name \".vault-token\" -o -name \"scheduledtasks.xml\" -o -name \"zabbix_server.conf\" -o -name \"credentials\" -o -name \"web*.config\" -o -name \"hosts.equiv\" -o -name \"hostapd.conf\" -o -name \"authorized_hosts\" -o -name \".k5login\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"`
FIND_ETC=`eval_bckgrd "find /etc -name \"appcmd.exe\" -o -name \"sites.ini\" -o -name \"*.gnupg\" -o -name \"wcx_ftp.ini\" -o -name \"krb5.conf\" -o -name \".htpasswd\" -o -name \"NetSetup.log\" -o -name \"KeePass.ini\" -o -name \"*.p12\" -o -name \"autologin\" -o -name \"unattend.xml\" -o -name \"pgadmin*.db\" -o -name \"krb5.keytab\" -o -name \"AppEvent.Evt\" -o -name \".msmtprc\" -o -name \"*password*\" -o -name \"pg_hba.conf\" -o -name \"access.log\" -o -name \"*.sqlite\" -o -name \"storage.php\" -o -name \"drives.xml\" -o -name \"Ntds.dit\" -o -name \"*knockd*\" -o -name \"bash.exe\" -o -name \"https-xampp.conf\" -o -name \"protecteduserkey.bin\" -o -name \".pypirc\" -o -name \"ffftp.ini\" -o -name \"accessTokens.json\" -o -name \"influxdb.conf\" -o -name \"access_tokens.json\" -o -name \"docker-compose.yml\" -o -name \".rhosts\" -o -name \"php.ini\" -o -name \"*.der\" -o -name \"*.timer\" -o -name \"unattend.inf\" -o -name \"passbolt.php\" -o -name \"software.sav\" -o -name \"*.pgp\" -o -name \"zabbix_agentd.conf\" -o -name \"*.ovpn\" -o -name \"SecEvent.Evt\" -o -name \"*.csr\" -o -name \"azureProfile.json\" -o -name \"Dockerfile\" -o -name \"backups\" -o -name \".erlang.cookie\" -o -name \"ftp.config\" -o -name \"ddclient.conf\" -o -name \"snmpd.conf\" -o -name \"printers.xml\" -o -name \"fastcgi_params\" -o -name \".ldaprc\" -o -name \"secrets.ldb\" -o -name \".env\" -o -name \"credentials.db\" -o -name \"security.sav\" -o -name \"sysprep.xml\" -o -name \"unattended.xml\" -o -name \"*.sqlite3\" -o -name \"racoon.conf\" -o -name \"pagefile.sys\" -o -name \"*.ftpconfig\" -o -name \"setupinfo\" -o -name \"*vnc*.xml\" -o -name \"config.php\" -o -name \"cloud.cfg\" -o -name \"docker.sock\" -o -name \"pgsql.conf\" -o -name \"*config*.php\" -o -name \"cesi.conf\" -o -name \"my.ini\" -o -name \"*vnc*.ini\" -o -name \"kadm5.acl\" -o -name \"passwd\" -o -name \"gitlab.rm\" -o -name \"ws_ftp.ini\" -o -name \"*.crt\" -o -name \"sssd.conf\" -o -name \"setupinfo.bak\" -o -name \"000-default.conf\" -o -name \"creds*\" -o -name \"docker.socket\" -o -name \"my.cnf\" -o -name \".sudo_as_admin_successful\" -o -name \"TokenCache.dat\" -o -name \"supervisord.conf\" -o -name \"winscp.ini\" -o -name \"debian.cnf\" -o -name \".git-credentials\" -o -name \".bashrc\" -o -name \".secrets.mkey\" -o -name \"software\" -o -name \"SAM\" -o -name \"unattend.txt\" -o -name \".recently-used.xbel\" -o -name \"*.kdbx\" -o -name \"groups.xml\" -o -name \"sitemanager.xml\" -o -name \"authorized_keys\" -o -name \".google_authenticator\" -o -name \"jetty-realm.properties\" -o -name \"RDCMan.settings\" -o -name \"*.swp\" -o -name \"rsyncd.conf\" -o -name \".plan\" -o -name \"*.rdg\" -o -name \"SYSTEM\" -o -name \"*.pfx\" -o -name \"*.jks\" -o -name \".wgetrc\" -o -name \"filezilla.xml\" -o -name \"scclient.exe\" -o -name \"error.log\" -o -name \"*credential*\" -o -name \"*.key\" -o -name \"mariadb.cnf\" -o -name \".lesshst\" -o -name \"AzureRMContext.json\" -o -name \"*vnc*.txt\" -o -name \"KeePass.enforced*\" -o -name \"access_tokens.db\" -o -name \"secrets.yml\" -o -name \"ftp.ini\" -o -name \".github\" -o -name \"autologin.conf\" -o -name \"kibana.y*ml\" -o -name \"*.pem\" -o -name \"index.dat\" -o -name \"postgresql.conf\" -o -name \"system.sav\" -o -name \"KeePass.config*\" -o -name \"*.db\" -o -name \"ConsoleHost_history.txt\" -o -name \"https.conf\" -o -name \"wsl.exe\" -o -name \"database.php\" -o -name \"kcpassword\" -o -name \".git\" -o -name \".profile\" -o -name \"redis.conf\" -o -name \"iis6.log\" -o -name \"*.keyring\" -o -name \"id_dsa*\" -o -name \"*.service\" -o -name \"elasticsearch.y*ml\" -o -name \"ntuser.dat\" -o -name \"psk.txt\" -o -name \"backup\" -o -name \"*.socket\" -o -name \"mongod*.conf\" -o -name \"*.cer\" -o -name \"FreeSSHDservice.ini\" -o -name \"*.viminfo\" -o -name \"mosquitto.conf\" -o -name \"rsyncd.secrets\" -o -name \"gvm-tools.conf\" -o -name \"ipsec.secrets\" -o -name \"server.xml\" -o -name \"sysprep.inf\" -o -name \".gitconfig\" -o -name \"settings.php\" -o -name \"sentry.conf.py\" -o -name \"wp-config.php\" -o -name \"anaconda-ks.cfg\" -o -name \"*.keystore\" -o -name \"datasources.xml\" -o -name \"recentservers.xml\" -o -name \"vault-ssh-helper.hcl\" -o -name \"known_hosts\" -o -name \"*vnc*.c*nf*\" -o -name \"id_rsa*\" -o -name \"legacy_credentials.db\" -o -name \"ipsec.conf\" -o -name \"httpd.conf\" -o -name \"default.sav\" -o -name \"*.gpg\" -o -name \"tomcat-users.xml\" -o -name \"gitlab.yml\" -o -name \".*_history.*\" -o -name \"db.php\" -o -name \".vault-token\" -o -name \"scheduledtasks.xml\" -o -name \"zabbix_server.conf\" -o -name \"credentials\" -o -name \"web*.config\" -o -name \"hosts.equiv\" -o -name \"hostapd.conf\" -o -name \"authorized_hosts\" -o -name \".k5login\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"`
FIND_HOMESEARCH=`eval_bckgrd "find $HOMESEARCH -name \"appcmd.exe\" -o -name \"sites.ini\" -o -name \"*.gnupg\" -o -name \"wcx_ftp.ini\" -o -name \"krb5.conf\" -o -name \".htpasswd\" -o -name \"NetSetup.log\" -o -name \"KeePass.ini\" -o -name \"*.p12\" -o -name \"autologin\" -o -name \"unattend.xml\" -o -name \"pgadmin*.db\" -o -name \"krb5.keytab\" -o -name \"AppEvent.Evt\" -o -name \".msmtprc\" -o -name \"*password*\" -o -name \"pg_hba.conf\" -o -name \"access.log\" -o -name \"*.sqlite\" -o -name \"storage.php\" -o -name \"drives.xml\" -o -name \"Ntds.dit\" -o -name \"bash.exe\" -o -name \"https-xampp.conf\" -o -name \"protecteduserkey.bin\" -o -name \".pypirc\" -o -name \"ffftp.ini\" -o -name \"accessTokens.json\" -o -name \"influxdb.conf\" -o -name \"access_tokens.json\" -o -name \"docker-compose.yml\" -o -name \".rhosts\" -o -name \"php.ini\" -o -name \"*.der\" -o -name \"*.timer\" -o -name \"unattend.inf\" -o -name \"passbolt.php\" -o -name \"software.sav\" -o -name \"*.pgp\" -o -name \"zabbix_agentd.conf\" -o -name \"*.ovpn\" -o -name \"SecEvent.Evt\" -o -name \"*.csr\" -o -name \"azureProfile.json\" -o -name \"Dockerfile\" -o -name \"backups\" -o -name \".erlang.cookie\" -o -name \"ftp.config\" -o -name \"ddclient.conf\" -o -name \"snmpd.conf\" -o -name \"printers.xml\" -o -name \"fastcgi_params\" -o -name \".ldaprc\" -o -name \"secrets.ldb\" -o -name \".env\" -o -name \"credentials.db\" -o -name \"security.sav\" -o -name \"sysprep.xml\" -o -name \"unattended.xml\" -o -name \"*.sqlite3\" -o -name \"racoon.conf\" -o -name \"pagefile.sys\" -o -name \"*.ftpconfig\" -o -name \"setupinfo\" -o -name \"*vnc*.xml\" -o -name \"config.php\" -o -name \"cloud.cfg\" -o -name \"docker.sock\" -o -name \"pgsql.conf\" -o -name \"*config*.php\" -o -name \"cesi.conf\" -o -name \"my.ini\" -o -name \"*vnc*.ini\" -o -name \"kadm5.acl\" -o -name \"passwd\" -o -name \"gitlab.rm\" -o -name \"ws_ftp.ini\" -o -name \"*.crt\" -o -name \"sssd.conf\" -o -name \"setupinfo.bak\" -o -name \"000-default.conf\" -o -name \"creds*\" -o -name \"docker.socket\" -o -name \"my.cnf\" -o -name \".sudo_as_admin_successful\" -o -name \"TokenCache.dat\" -o -name \"supervisord.conf\" -o -name \"winscp.ini\" -o -name \"debian.cnf\" -o -name \".git-credentials\" -o -name \".bashrc\" -o -name \".secrets.mkey\" -o -name \"software\" -o -name \"SAM\" -o -name \"unattend.txt\" -o -name \".recently-used.xbel\" -o -name \"*.kdbx\" -o -name \"groups.xml\" -o -name \"sitemanager.xml\" -o -name \"authorized_keys\" -o -name \".google_authenticator\" -o -name \"jetty-realm.properties\" -o -name \"RDCMan.settings\" -o -name \"ssh*config\" -o -name \"*.swp\" -o -name \"rsyncd.conf\" -o -name \".plan\" -o -name \"*.rdg\" -o -name \"SYSTEM\" -o -name \"*.pfx\" -o -name \"*.jks\" -o -name \".wgetrc\" -o -name \"filezilla.xml\" -o -name \"scclient.exe\" -o -name \"error.log\" -o -name \"*credential*\" -o -name \"*.key\" -o -name \"mariadb.cnf\" -o -name \".lesshst\" -o -name \"AzureRMContext.json\" -o -name \"*vnc*.txt\" -o -name \"KeePass.enforced*\" -o -name \"access_tokens.db\" -o -name \"secrets.yml\" -o -name \"ftp.ini\" -o -name \".github\" -o -name \"autologin.conf\" -o -name \"kibana.y*ml\" -o -name \"*.pem\" -o -name \"index.dat\" -o -name \"postgresql.conf\" -o -name \"system.sav\" -o -name \"KeePass.config*\" -o -name \"*.db\" -o -name \"ConsoleHost_history.txt\" -o -name \"https.conf\" -o -name \"wsl.exe\" -o -name \"database.php\" -o -name \"kcpassword\" -o -name \".git\" -o -name \".profile\" -o -name \"redis.conf\" -o -name \"iis6.log\" -o -name \"*.keyring\" -o -name \"id_dsa*\" -o -name \"*.service\" -o -name \"elasticsearch.y*ml\" -o -name \"ntuser.dat\" -o -name \"psk.txt\" -o -name \"backup\" -o -name \"*.socket\" -o -name \"mongod*.conf\" -o -name \"*.cer\" -o -name \"FreeSSHDservice.ini\" -o -name \"*.viminfo\" -o -name \"mosquitto.conf\" -o -name \"rsyncd.secrets\" -o -name \"gvm-tools.conf\" -o -name \"ipsec.secrets\" -o -name \"server.xml\" -o -name \"sysprep.inf\" -o -name \".gitconfig\" -o -name \"settings.php\" -o -name \"sentry.conf.py\" -o -name \"wp-config.php\" -o -name \"anaconda-ks.cfg\" -o -name \"*.keystore\" -o -name \"datasources.xml\" -o -name \"recentservers.xml\" -o -name \"vault-ssh-helper.hcl\" -o -name \"known_hosts\" -o -name \"*vnc*.c*nf*\" -o -name \"id_rsa*\" -o -name \"legacy_credentials.db\" -o -name \"ipsec.conf\" -o -name \"httpd.conf\" -o -name \"default.sav\" -o -name \"*.gpg\" -o -name \"tomcat-users.xml\" -o -name \"gitlab.yml\" -o -name \".*_history.*\" -o -name \"db.php\" -o -name \".vault-token\" -o -name \"scheduledtasks.xml\" -o -name \"zabbix_server.conf\" -o -name \"credentials\" -o -name \"web*.config\" -o -name \"hosts.equiv\" -o -name \"hostapd.conf\" -o -name \"authorized_hosts\" -o -name \".k5login\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"`
FIND_LIB=`eval_bckgrd "find /lib -name \"*.service\" -o -name \"*.socket\" -o -name \"*.timer\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"`
FIND_LIB32=`eval_bckgrd "find /lib32 -name \"*.service\" -o -name \"*.socket\" -o -name \"*.timer\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"`
FIND_LIB64=`eval_bckgrd "find /lib64 -name \"*.service\" -o -name \"*.socket\" -o -name \"*.timer\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"`
FIND_MEDIA=`eval_bckgrd "find /media -name \"appcmd.exe\" -o -name \"sites.ini\" -o -name \"*.gnupg\" -o -name \"wcx_ftp.ini\" -o -name \"krb5.conf\" -o -name \".htpasswd\" -o -name \"NetSetup.log\" -o -name \"KeePass.ini\" -o -name \"*.p12\" -o -name \"autologin\" -o -name \"unattend.xml\" -o -name \"pgadmin*.db\" -o -name \"krb5.keytab\" -o -name \"AppEvent.Evt\" -o -name \".msmtprc\" -o -name \"*password*\" -o -name \"pg_hba.conf\" -o -name \"access.log\" -o -name \"*.sqlite\" -o -name \"storage.php\" -o -name \"drives.xml\" -o -name \"Ntds.dit\" -o -name \"bash.exe\" -o -name \"https-xampp.conf\" -o -name \"protecteduserkey.bin\" -o -name \".pypirc\" -o -name \"ffftp.ini\" -o -name \"accessTokens.json\" -o -name \"influxdb.conf\" -o -name \"access_tokens.json\" -o -name \"docker-compose.yml\" -o -name \".rhosts\" -o -name \"php.ini\" -o -name \"*.der\" -o -name \"*.timer\" -o -name \"unattend.inf\" -o -name \"passbolt.php\" -o -name \"software.sav\" -o -name \"*.pgp\" -o -name \"zabbix_agentd.conf\" -o -name \"*.ovpn\" -o -name \"SecEvent.Evt\" -o -name \"*.csr\" -o -name \"azureProfile.json\" -o -name \"Dockerfile\" -o -name \"backups\" -o -name \".erlang.cookie\" -o -name \"ftp.config\" -o -name \"ddclient.conf\" -o -name \"snmpd.conf\" -o -name \"printers.xml\" -o -name \"fastcgi_params\" -o -name \".ldaprc\" -o -name \"secrets.ldb\" -o -name \".env\" -o -name \"credentials.db\" -o -name \"security.sav\" -o -name \"sysprep.xml\" -o -name \"unattended.xml\" -o -name \"*.sqlite3\" -o -name \"racoon.conf\" -o -name \"pagefile.sys\" -o -name \"*.ftpconfig\" -o -name \"setupinfo\" -o -name \"*vnc*.xml\" -o -name \"config.php\" -o -name \"cloud.cfg\" -o -name \"docker.sock\" -o -name \"pgsql.conf\" -o -name \"*config*.php\" -o -name \"cesi.conf\" -o -name \"my.ini\" -o -name \"*vnc*.ini\" -o -name \"kadm5.acl\" -o -name \"passwd\" -o -name \"gitlab.rm\" -o -name \"ws_ftp.ini\" -o -name \"*.crt\" -o -name \"sssd.conf\" -o -name \"setupinfo.bak\" -o -name \"000-default.conf\" -o -name \"creds*\" -o -name \"docker.socket\" -o -name \"my.cnf\" -o -name \".sudo_as_admin_successful\" -o -name \"TokenCache.dat\" -o -name \"supervisord.conf\" -o -name \"winscp.ini\" -o -name \"debian.cnf\" -o -name \".git-credentials\" -o -name \".bashrc\" -o -name \".secrets.mkey\" -o -name \"software\" -o -name \"SAM\" -o -name \"unattend.txt\" -o -name \".recently-used.xbel\" -o -name \"*.kdbx\" -o -name \"groups.xml\" -o -name \"sitemanager.xml\" -o -name \"authorized_keys\" -o -name \".google_authenticator\" -o -name \"jetty-realm.properties\" -o -name \"RDCMan.settings\" -o -name \"*.swp\" -o -name \"rsyncd.conf\" -o -name \".plan\" -o -name \"*.rdg\" -o -name \"SYSTEM\" -o -name \"*.pfx\" -o -name \"*.jks\" -o -name \".wgetrc\" -o -name \"filezilla.xml\" -o -name \"scclient.exe\" -o -name \"error.log\" -o -name \"*credential*\" -o -name \"*.key\" -o -name \"mariadb.cnf\" -o -name \".lesshst\" -o -name \"AzureRMContext.json\" -o -name \"*vnc*.txt\" -o -name \"KeePass.enforced*\" -o -name \"access_tokens.db\" -o -name \"secrets.yml\" -o -name \"ftp.ini\" -o -name \".github\" -o -name \"autologin.conf\" -o -name \"kibana.y*ml\" -o -name \"*.pem\" -o -name \"index.dat\" -o -name \"postgresql.conf\" -o -name \"system.sav\" -o -name \"KeePass.config*\" -o -name \"*.db\" -o -name \"ConsoleHost_history.txt\" -o -name \"https.conf\" -o -name \"wsl.exe\" -o -name \"database.php\" -o -name \"kcpassword\" -o -name \".git\" -o -name \".profile\" -o -name \"redis.conf\" -o -name \"iis6.log\" -o -name \"*.keyring\" -o -name \"id_dsa*\" -o -name \"*.service\" -o -name \"elasticsearch.y*ml\" -o -name \"ntuser.dat\" -o -name \"psk.txt\" -o -name \"backup\" -o -name \"*.socket\" -o -name \"mongod*.conf\" -o -name \"*.cer\" -o -name \"FreeSSHDservice.ini\" -o -name \"*.viminfo\" -o -name \"mosquitto.conf\" -o -name \"rsyncd.secrets\" -o -name \"gvm-tools.conf\" -o -name \"ipsec.secrets\" -o -name \"server.xml\" -o -name \"sysprep.inf\" -o -name \".gitconfig\" -o -name \"settings.php\" -o -name \"sentry.conf.py\" -o -name \"wp-config.php\" -o -name \"anaconda-ks.cfg\" -o -name \"*.keystore\" -o -name \"datasources.xml\" -o -name \"recentservers.xml\" -o -name \"vault-ssh-helper.hcl\" -o -name \"known_hosts\" -o -name \"*vnc*.c*nf*\" -o -name \"id_rsa*\" -o -name \"legacy_credentials.db\" -o -name \"ipsec.conf\" -o -name \"httpd.conf\" -o -name \"default.sav\" -o -name \"*.gpg\" -o -name \"tomcat-users.xml\" -o -name \"gitlab.yml\" -o -name \".*_history.*\" -o -name \"db.php\" -o -name \".vault-token\" -o -name \"scheduledtasks.xml\" -o -name \"zabbix_server.conf\" -o -name \"credentials\" -o -name \"web*.config\" -o -name \"hosts.equiv\" -o -name \"hostapd.conf\" -o -name \"authorized_hosts\" -o -name \".k5login\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"`
FIND_MNT=`eval_bckgrd "find /mnt -name \"appcmd.exe\" -o -name \"sites.ini\" -o -name \"*.gnupg\" -o -name \"wcx_ftp.ini\" -o -name \"krb5.conf\" -o -name \".htpasswd\" -o -name \"NetSetup.log\" -o -name \"KeePass.ini\" -o -name \"*.p12\" -o -name \"autologin\" -o -name \"unattend.xml\" -o -name \"pgadmin*.db\" -o -name \"krb5.keytab\" -o -name \"AppEvent.Evt\" -o -name \".msmtprc\" -o -name \"*password*\" -o -name \"pg_hba.conf\" -o -name \"access.log\" -o -name \"*.sqlite\" -o -name \"storage.php\" -o -name \"drives.xml\" -o -name \"Ntds.dit\" -o -name \"bash.exe\" -o -name \"https-xampp.conf\" -o -name \"protecteduserkey.bin\" -o -name \".pypirc\" -o -name \"ffftp.ini\" -o -name \"accessTokens.json\" -o -name \"influxdb.conf\" -o -name \"access_tokens.json\" -o -name \"docker-compose.yml\" -o -name \".rhosts\" -o -name \"php.ini\" -o -name \"*.der\" -o -name \"*.timer\" -o -name \"unattend.inf\" -o -name \"passbolt.php\" -o -name \"software.sav\" -o -name \"*.pgp\" -o -name \"zabbix_agentd.conf\" -o -name \"*.ovpn\" -o -name \"SecEvent.Evt\" -o -name \"*.csr\" -o -name \"azureProfile.json\" -o -name \"Dockerfile\" -o -name \"backups\" -o -name \".erlang.cookie\" -o -name \"ftp.config\" -o -name \"ddclient.conf\" -o -name \"snmpd.conf\" -o -name \"printers.xml\" -o -name \"fastcgi_params\" -o -name \".ldaprc\" -o -name \"secrets.ldb\" -o -name \".env\" -o -name \"credentials.db\" -o -name \"security.sav\" -o -name \"sysprep.xml\" -o -name \"unattended.xml\" -o -name \"*.sqlite3\" -o -name \"racoon.conf\" -o -name \"pagefile.sys\" -o -name \"sess_*\" -o -name \"*.ftpconfig\" -o -name \"setupinfo\" -o -name \"*vnc*.xml\" -o -name \"config.php\" -o -name \"cloud.cfg\" -o -name \"docker.sock\" -o -name \"pgsql.conf\" -o -name \"*config*.php\" -o -name \"cesi.conf\" -o -name \"my.ini\" -o -name \"*vnc*.ini\" -o -name \"kadm5.acl\" -o -name \"passwd\" -o -name \"gitlab.rm\" -o -name \"ws_ftp.ini\" -o -name \"*.crt\" -o -name \"sssd.conf\" -o -name \"setupinfo.bak\" -o -name \"000-default.conf\" -o -name \"creds*\" -o -name \"docker.socket\" -o -name \"my.cnf\" -o -name \".sudo_as_admin_successful\" -o -name \"TokenCache.dat\" -o -name \"supervisord.conf\" -o -name \"winscp.ini\" -o -name \"debian.cnf\" -o -name \".git-credentials\" -o -name \".bashrc\" -o -name \".secrets.mkey\" -o -name \"software\" -o -name \"SAM\" -o -name \"unattend.txt\" -o -name \".recently-used.xbel\" -o -name \"*.kdbx\" -o -name \"groups.xml\" -o -name \"sitemanager.xml\" -o -name \"authorized_keys\" -o -name \".google_authenticator\" -o -name \"jetty-realm.properties\" -o -name \"RDCMan.settings\" -o -name \"*.swp\" -o -name \"rsyncd.conf\" -o -name \".plan\" -o -name \"*.rdg\" -o -name \"SYSTEM\" -o -name \"*.pfx\" -o -name \"*.jks\" -o -name \".wgetrc\" -o -name \"filezilla.xml\" -o -name \"scclient.exe\" -o -name \"error.log\" -o -name \"*credential*\" -o -name \"*.key\" -o -name \"mariadb.cnf\" -o -name \".lesshst\" -o -name \"AzureRMContext.json\" -o -name \"*vnc*.txt\" -o -name \"KeePass.enforced*\" -o -name \"access_tokens.db\" -o -name \"secrets.yml\" -o -name \"ftp.ini\" -o -name \".github\" -o -name \"autologin.conf\" -o -name \"kibana.y*ml\" -o -name \"*.pem\" -o -name \"index.dat\" -o -name \"postgresql.conf\" -o -name \"system.sav\" -o -name \"KeePass.config*\" -o -name \"*.db\" -o -name \"ConsoleHost_history.txt\" -o -name \"https.conf\" -o -name \"wsl.exe\" -o -name \"database.php\" -o -name \"kcpassword\" -o -name \".git\" -o -name \".profile\" -o -name \"redis.conf\" -o -name \"iis6.log\" -o -name \"*.keyring\" -o -name \"id_dsa*\" -o -name \"*.service\" -o -name \"elasticsearch.y*ml\" -o -name \"ntuser.dat\" -o -name \"psk.txt\" -o -name \"backup\" -o -name \"*.socket\" -o -name \"mongod*.conf\" -o -name \"*.cer\" -o -name \"FreeSSHDservice.ini\" -o -name \"*.viminfo\" -o -name \"mosquitto.conf\" -o -name \"rsyncd.secrets\" -o -name \"gvm-tools.conf\" -o -name \"ipsec.secrets\" -o -name \"server.xml\" -o -name \"sysprep.inf\" -o -name \".gitconfig\" -o -name \"settings.php\" -o -name \"sentry.conf.py\" -o -name \"wp-config.php\" -o -name \"anaconda-ks.cfg\" -o -name \"*.keystore\" -o -name \"datasources.xml\" -o -name \"recentservers.xml\" -o -name \"vault-ssh-helper.hcl\" -o -name \"known_hosts\" -o -name \"*vnc*.c*nf*\" -o -name \"id_rsa*\" -o -name \"legacy_credentials.db\" -o -name \"ipsec.conf\" -o -name \"httpd.conf\" -o -name \"default.sav\" -o -name \"*.gpg\" -o -name \"tomcat-users.xml\" -o -name \"gitlab.yml\" -o -name \".*_history.*\" -o -name \"db.php\" -o -name \".vault-token\" -o -name \"scheduledtasks.xml\" -o -name \"zabbix_server.conf\" -o -name \"credentials\" -o -name \"web*.config\" -o -name \"hosts.equiv\" -o -name \"hostapd.conf\" -o -name \"authorized_hosts\" -o -name \".k5login\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"`
FIND_OPT=`eval_bckgrd "find /opt -name \"appcmd.exe\" -o -name \"sites.ini\" -o -name \"*.gnupg\" -o -name \"wcx_ftp.ini\" -o -name \"krb5.conf\" -o -name \".htpasswd\" -o -name \"NetSetup.log\" -o -name \"KeePass.ini\" -o -name \"*.p12\" -o -name \"autologin\" -o -name \"unattend.xml\" -o -name \"pgadmin*.db\" -o -name \"krb5.keytab\" -o -name \"AppEvent.Evt\" -o -name \".msmtprc\" -o -name \"*password*\" -o -name \"pg_hba.conf\" -o -name \"access.log\" -o -name \"*.sqlite\" -o -name \"storage.php\" -o -name \"drives.xml\" -o -name \"Ntds.dit\" -o -name \"bash.exe\" -o -name \"https-xampp.conf\" -o -name \"protecteduserkey.bin\" -o -name \".pypirc\" -o -name \"ffftp.ini\" -o -name \"accessTokens.json\" -o -name \"influxdb.conf\" -o -name \"access_tokens.json\" -o -name \"docker-compose.yml\" -o -name \".rhosts\" -o -name \"php.ini\" -o -name \"*.der\" -o -name \"*.timer\" -o -name \"unattend.inf\" -o -name \"passbolt.php\" -o -name \"software.sav\" -o -name \"*.pgp\" -o -name \"zabbix_agentd.conf\" -o -name \"*.ovpn\" -o -name \"SecEvent.Evt\" -o -name \"*.csr\" -o -name \"azureProfile.json\" -o -name \"Dockerfile\" -o -name \"backups\" -o -name \".erlang.cookie\" -o -name \"ftp.config\" -o -name \"ddclient.conf\" -o -name \"snmpd.conf\" -o -name \"printers.xml\" -o -name \"fastcgi_params\" -o -name \".ldaprc\" -o -name \"secrets.ldb\" -o -name \".env\" -o -name \"credentials.db\" -o -name \"security.sav\" -o -name \"sysprep.xml\" -o -name \"unattended.xml\" -o -name \"*.sqlite3\" -o -name \"racoon.conf\" -o -name \"pagefile.sys\" -o -name \"*.ftpconfig\" -o -name \"setupinfo\" -o -name \"*vnc*.xml\" -o -name \"config.php\" -o -name \"cloud.cfg\" -o -name \"docker.sock\" -o -name \"pgsql.conf\" -o -name \"*config*.php\" -o -name \"cesi.conf\" -o -name \"my.ini\" -o -name \"*vnc*.ini\" -o -name \"kadm5.acl\" -o -name \"passwd\" -o -name \"gitlab.rm\" -o -name \"ws_ftp.ini\" -o -name \"*.crt\" -o -name \"sssd.conf\" -o -name \"setupinfo.bak\" -o -name \"000-default.conf\" -o -name \"creds*\" -o -name \"docker.socket\" -o -name \"my.cnf\" -o -name \".sudo_as_admin_successful\" -o -name \"TokenCache.dat\" -o -name \"supervisord.conf\" -o -name \"winscp.ini\" -o -name \"debian.cnf\" -o -name \".git-credentials\" -o -name \".bashrc\" -o -name \".secrets.mkey\" -o -name \"software\" -o -name \"SAM\" -o -name \"unattend.txt\" -o -name \".recently-used.xbel\" -o -name \"*.kdbx\" -o -name \"groups.xml\" -o -name \"sitemanager.xml\" -o -name \"authorized_keys\" -o -name \".google_authenticator\" -o -name \"jetty-realm.properties\" -o -name \"RDCMan.settings\" -o -name \"*.swp\" -o -name \"rsyncd.conf\" -o -name \".plan\" -o -name \"*.rdg\" -o -name \"SYSTEM\" -o -name \"*.pfx\" -o -name \"*.jks\" -o -name \".wgetrc\" -o -name \"filezilla.xml\" -o -name \"scclient.exe\" -o -name \"error.log\" -o -name \"*credential*\" -o -name \"*.key\" -o -name \"mariadb.cnf\" -o -name \".lesshst\" -o -name \"AzureRMContext.json\" -o -name \"*vnc*.txt\" -o -name \"KeePass.enforced*\" -o -name \"access_tokens.db\" -o -name \"secrets.yml\" -o -name \"ftp.ini\" -o -name \".github\" -o -name \"autologin.conf\" -o -name \"kibana.y*ml\" -o -name \"*.pem\" -o -name \"index.dat\" -o -name \"postgresql.conf\" -o -name \"system.sav\" -o -name \"KeePass.config*\" -o -name \"*.db\" -o -name \"ConsoleHost_history.txt\" -o -name \"https.conf\" -o -name \"wsl.exe\" -o -name \"database.php\" -o -name \"kcpassword\" -o -name \".git\" -o -name \".profile\" -o -name \"redis.conf\" -o -name \"iis6.log\" -o -name \"*.keyring\" -o -name \"id_dsa*\" -o -name \"*.service\" -o -name \"elasticsearch.y*ml\" -o -name \"ntuser.dat\" -o -name \"psk.txt\" -o -name \"backup\" -o -name \"*.socket\" -o -name \"mongod*.conf\" -o -name \"*.cer\" -o -name \"FreeSSHDservice.ini\" -o -name \"*.viminfo\" -o -name \"mosquitto.conf\" -o -name \"rsyncd.secrets\" -o -name \"gvm-tools.conf\" -o -name \"ipsec.secrets\" -o -name \"server.xml\" -o -name \"sysprep.inf\" -o -name \".gitconfig\" -o -name \"settings.php\" -o -name \"sentry.conf.py\" -o -name \"wp-config.php\" -o -name \"anaconda-ks.cfg\" -o -name \"*.keystore\" -o -name \"datasources.xml\" -o -name \"recentservers.xml\" -o -name \"vault-ssh-helper.hcl\" -o -name \"known_hosts\" -o -name \"*vnc*.c*nf*\" -o -name \"id_rsa*\" -o -name \"legacy_credentials.db\" -o -name \"ipsec.conf\" -o -name \"httpd.conf\" -o -name \"default.sav\" -o -name \"*.gpg\" -o -name \"tomcat-users.xml\" -o -name \"gitlab.yml\" -o -name \".*_history.*\" -o -name \"db.php\" -o -name \".vault-token\" -o -name \"scheduledtasks.xml\" -o -name \"zabbix_server.conf\" -o -name \"credentials\" -o -name \"web*.config\" -o -name \"hosts.equiv\" -o -name \"hostapd.conf\" -o -name \"authorized_hosts\" -o -name \".k5login\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"`
FIND_PRIVATE=`eval_bckgrd "find /private -name \"appcmd.exe\" -o -name \"sites.ini\" -o -name \"*.gnupg\" -o -name \"wcx_ftp.ini\" -o -name \"krb5.conf\" -o -name \".htpasswd\" -o -name \"NetSetup.log\" -o -name \"KeePass.ini\" -o -name \"*.p12\" -o -name \"autologin\" -o -name \"unattend.xml\" -o -name \"pgadmin*.db\" -o -name \"krb5.keytab\" -o -name \"AppEvent.Evt\" -o -name \".msmtprc\" -o -name \"*password*\" -o -name \"pg_hba.conf\" -o -name \"access.log\" -o -name \"*.sqlite\" -o -name \"storage.php\" -o -name \"drives.xml\" -o -name \"Ntds.dit\" -o -name \"bash.exe\" -o -name \"https-xampp.conf\" -o -name \"protecteduserkey.bin\" -o -name \".pypirc\" -o -name \"ffftp.ini\" -o -name \"accessTokens.json\" -o -name \"influxdb.conf\" -o -name \"access_tokens.json\" -o -name \"docker-compose.yml\" -o -name \".rhosts\" -o -name \"php.ini\" -o -name \"*.der\" -o -name \"*.timer\" -o -name \"unattend.inf\" -o -name \"passbolt.php\" -o -name \"software.sav\" -o -name \"*.pgp\" -o -name \"zabbix_agentd.conf\" -o -name \"*.ovpn\" -o -name \"SecEvent.Evt\" -o -name \"*.csr\" -o -name \"azureProfile.json\" -o -name \"Dockerfile\" -o -name \"backups\" -o -name \".erlang.cookie\" -o -name \"ftp.config\" -o -name \"ddclient.conf\" -o -name \"snmpd.conf\" -o -name \"printers.xml\" -o -name \"fastcgi_params\" -o -name \".ldaprc\" -o -name \"secrets.ldb\" -o -name \".env\" -o -name \"credentials.db\" -o -name \"security.sav\" -o -name \"sysprep.xml\" -o -name \"unattended.xml\" -o -name \"*.sqlite3\" -o -name \"racoon.conf\" -o -name \"pagefile.sys\" -o -name \"sess_*\" -o -name \"*.ftpconfig\" -o -name \"setupinfo\" -o -name \"*vnc*.xml\" -o -name \"config.php\" -o -name \"cloud.cfg\" -o -name \"docker.sock\" -o -name \"pgsql.conf\" -o -name \"*config*.php\" -o -name \"cesi.conf\" -o -name \"my.ini\" -o -name \"*vnc*.ini\" -o -name \"kadm5.acl\" -o -name \"passwd\" -o -name \"gitlab.rm\" -o -name \"agent*\" -o -name \"ws_ftp.ini\" -o -name \"*.crt\" -o -name \"sssd.conf\" -o -name \"setupinfo.bak\" -o -name \"000-default.conf\" -o -name \"creds*\" -o -name \"docker.socket\" -o -name \"my.cnf\" -o -name \".sudo_as_admin_successful\" -o -name \"TokenCache.dat\" -o -name \"supervisord.conf\" -o -name \"winscp.ini\" -o -name \"debian.cnf\" -o -name \".git-credentials\" -o -name \".bashrc\" -o -name \".secrets.mkey\" -o -name \"software\" -o -name \"SAM\" -o -name \"unattend.txt\" -o -name \".recently-used.xbel\" -o -name \"*.kdbx\" -o -name \"groups.xml\" -o -name \"sitemanager.xml\" -o -name \"authorized_keys\" -o -name \".google_authenticator\" -o -name \"jetty-realm.properties\" -o -name \"RDCMan.settings\" -o -name \"*.swp\" -o -name \"rsyncd.conf\" -o -name \".plan\" -o -name \"*.rdg\" -o -name \"SYSTEM\" -o -name \"*.pfx\" -o -name \"*.jks\" -o -name \".wgetrc\" -o -name \"filezilla.xml\" -o -name \"scclient.exe\" -o -name \"error.log\" -o -name \"*credential*\" -o -name \"*.key\" -o -name \"mariadb.cnf\" -o -name \".lesshst\" -o -name \"AzureRMContext.json\" -o -name \"*vnc*.txt\" -o -name \"KeePass.enforced*\" -o -name \"access_tokens.db\" -o -name \"secrets.yml\" -o -name \"ftp.ini\" -o -name \".github\" -o -name \"autologin.conf\" -o -name \"kibana.y*ml\" -o -name \"*.pem\" -o -name \"index.dat\" -o -name \"postgresql.conf\" -o -name \"system.sav\" -o -name \"KeePass.config*\" -o -name \"*.db\" -o -name \"ConsoleHost_history.txt\" -o -name \"https.conf\" -o -name \"wsl.exe\" -o -name \"database.php\" -o -name \"kcpassword\" -o -name \".git\" -o -name \".profile\" -o -name \"redis.conf\" -o -name \"iis6.log\" -o -name \"*.keyring\" -o -name \"id_dsa*\" -o -name \"*.service\" -o -name \"elasticsearch.y*ml\" -o -name \"ntuser.dat\" -o -name \"psk.txt\" -o -name \"backup\" -o -name \"*.socket\" -o -name \"mongod*.conf\" -o -name \"*.cer\" -o -name \"FreeSSHDservice.ini\" -o -name \"*.viminfo\" -o -name \"mosquitto.conf\" -o -name \"rsyncd.secrets\" -o -name \"gvm-tools.conf\" -o -name \"ipsec.secrets\" -o -name \"server.xml\" -o -name \"sysprep.inf\" -o -name \".gitconfig\" -o -name \"settings.php\" -o -name \"sentry.conf.py\" -o -name \"wp-config.php\" -o -name \"anaconda-ks.cfg\" -o -name \"*.keystore\" -o -name \"datasources.xml\" -o -name \"recentservers.xml\" -o -name \"vault-ssh-helper.hcl\" -o -name \"known_hosts\" -o -name \"*vnc*.c*nf*\" -o -name \"id_rsa*\" -o -name \"legacy_credentials.db\" -o -name \"ipsec.conf\" -o -name \"httpd.conf\" -o -name \"default.sav\" -o -name \"*.gpg\" -o -name \"tomcat-users.xml\" -o -name \"gitlab.yml\" -o -name \".*_history.*\" -o -name \"db.php\" -o -name \".vault-token\" -o -name \"scheduledtasks.xml\" -o -name \"zabbix_server.conf\" -o -name \"credentials\" -o -name \"web*.config\" -o -name \"hosts.equiv\" -o -name \"hostapd.conf\" -o -name \"authorized_hosts\" -o -name \".k5login\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"`
FIND_RUN=`eval_bckgrd "find /run -name \"*.service\" -o -name \"*.socket\" -o -name \"*.timer\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"`
FIND_SBIN=`eval_bckgrd "find /sbin -name \"appcmd.exe\" -o -name \"sites.ini\" -o -name \"*.gnupg\" -o -name \"wcx_ftp.ini\" -o -name \"krb5.conf\" -o -name \".htpasswd\" -o -name \"NetSetup.log\" -o -name \"KeePass.ini\" -o -name \"*.p12\" -o -name \"autologin\" -o -name \"unattend.xml\" -o -name \"pgadmin*.db\" -o -name \"krb5.keytab\" -o -name \"AppEvent.Evt\" -o -name \".msmtprc\" -o -name \"*password*\" -o -name \"pg_hba.conf\" -o -name \"access.log\" -o -name \"*.sqlite\" -o -name \"storage.php\" -o -name \"drives.xml\" -o -name \"Ntds.dit\" -o -name \"bash.exe\" -o -name \"https-xampp.conf\" -o -name \"protecteduserkey.bin\" -o -name \".pypirc\" -o -name \"ffftp.ini\" -o -name \"accessTokens.json\" -o -name \"influxdb.conf\" -o -name \"access_tokens.json\" -o -name \"docker-compose.yml\" -o -name \".rhosts\" -o -name \"php.ini\" -o -name \"*.der\" -o -name \"*.timer\" -o -name \"unattend.inf\" -o -name \"passbolt.php\" -o -name \"software.sav\" -o -name \"*.pgp\" -o -name \"zabbix_agentd.conf\" -o -name \"*.ovpn\" -o -name \"SecEvent.Evt\" -o -name \"*.csr\" -o -name \"azureProfile.json\" -o -name \"Dockerfile\" -o -name \"backups\" -o -name \".erlang.cookie\" -o -name \"ftp.config\" -o -name \"ddclient.conf\" -o -name \"snmpd.conf\" -o -name \"printers.xml\" -o -name \"fastcgi_params\" -o -name \".ldaprc\" -o -name \"secrets.ldb\" -o -name \".env\" -o -name \"credentials.db\" -o -name \"security.sav\" -o -name \"sysprep.xml\" -o -name \"unattended.xml\" -o -name \"*.sqlite3\" -o -name \"racoon.conf\" -o -name \"pagefile.sys\" -o -name \"*.ftpconfig\" -o -name \"setupinfo\" -o -name \"*vnc*.xml\" -o -name \"config.php\" -o -name \"cloud.cfg\" -o -name \"docker.sock\" -o -name \"pgsql.conf\" -o -name \"*config*.php\" -o -name \"cesi.conf\" -o -name \"my.ini\" -o -name \"*vnc*.ini\" -o -name \"kadm5.acl\" -o -name \"passwd\" -o -name \"gitlab.rm\" -o -name \"ws_ftp.ini\" -o -name \"*.crt\" -o -name \"sssd.conf\" -o -name \"setupinfo.bak\" -o -name \"000-default.conf\" -o -name \"creds*\" -o -name \"docker.socket\" -o -name \"my.cnf\" -o -name \".sudo_as_admin_successful\" -o -name \"TokenCache.dat\" -o -name \"supervisord.conf\" -o -name \"winscp.ini\" -o -name \"debian.cnf\" -o -name \".git-credentials\" -o -name \".bashrc\" -o -name \".secrets.mkey\" -o -name \"software\" -o -name \"SAM\" -o -name \"unattend.txt\" -o -name \".recently-used.xbel\" -o -name \"*.kdbx\" -o -name \"groups.xml\" -o -name \"sitemanager.xml\" -o -name \"authorized_keys\" -o -name \".google_authenticator\" -o -name \"jetty-realm.properties\" -o -name \"RDCMan.settings\" -o -name \"*.swp\" -o -name \"rsyncd.conf\" -o -name \".plan\" -o -name \"*.rdg\" -o -name \"SYSTEM\" -o -name \"*.pfx\" -o -name \"*.jks\" -o -name \".wgetrc\" -o -name \"filezilla.xml\" -o -name \"scclient.exe\" -o -name \"error.log\" -o -name \"*credential*\" -o -name \"*.key\" -o -name \"mariadb.cnf\" -o -name \".lesshst\" -o -name \"AzureRMContext.json\" -o -name \"*vnc*.txt\" -o -name \"KeePass.enforced*\" -o -name \"access_tokens.db\" -o -name \"secrets.yml\" -o -name \"ftp.ini\" -o -name \".github\" -o -name \"autologin.conf\" -o -name \"kibana.y*ml\" -o -name \"*.pem\" -o -name \"index.dat\" -o -name \"postgresql.conf\" -o -name \"system.sav\" -o -name \"KeePass.config*\" -o -name \"*.db\" -o -name \"ConsoleHost_history.txt\" -o -name \"https.conf\" -o -name \"wsl.exe\" -o -name \"database.php\" -o -name \"kcpassword\" -o -name \".git\" -o -name \".profile\" -o -name \"redis.conf\" -o -name \"iis6.log\" -o -name \"*.keyring\" -o -name \"id_dsa*\" -o -name \"*.service\" -o -name \"elasticsearch.y*ml\" -o -name \"ntuser.dat\" -o -name \"psk.txt\" -o -name \"backup\" -o -name \"*.socket\" -o -name \"mongod*.conf\" -o -name \"*.cer\" -o -name \"FreeSSHDservice.ini\" -o -name \"*.viminfo\" -o -name \"mosquitto.conf\" -o -name \"rsyncd.secrets\" -o -name \"gvm-tools.conf\" -o -name \"ipsec.secrets\" -o -name \"server.xml\" -o -name \"sysprep.inf\" -o -name \".gitconfig\" -o -name \"settings.php\" -o -name \"sentry.conf.py\" -o -name \"wp-config.php\" -o -name \"anaconda-ks.cfg\" -o -name \"*.keystore\" -o -name \"datasources.xml\" -o -name \"recentservers.xml\" -o -name \"vault-ssh-helper.hcl\" -o -name \"known_hosts\" -o -name \"*vnc*.c*nf*\" -o -name \"id_rsa*\" -o -name \"legacy_credentials.db\" -o -name \"ipsec.conf\" -o -name \"httpd.conf\" -o -name \"default.sav\" -o -name \"*.gpg\" -o -name \"tomcat-users.xml\" -o -name \"gitlab.yml\" -o -name \".*_history.*\" -o -name \"db.php\" -o -name \".vault-token\" -o -name \"scheduledtasks.xml\" -o -name \"zabbix_server.conf\" -o -name \"credentials\" -o -name \"web*.config\" -o -name \"hosts.equiv\" -o -name \"hostapd.conf\" -o -name \"authorized_hosts\" -o -name \".k5login\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"`
FIND_SNAP=`eval_bckgrd "find /snap -name \"appcmd.exe\" -o -name \"sites.ini\" -o -name \"*.gnupg\" -o -name \"wcx_ftp.ini\" -o -name \"krb5.conf\" -o -name \".htpasswd\" -o -name \"NetSetup.log\" -o -name \"KeePass.ini\" -o -name \"*.p12\" -o -name \"autologin\" -o -name \"unattend.xml\" -o -name \"pgadmin*.db\" -o -name \"krb5.keytab\" -o -name \"AppEvent.Evt\" -o -name \".msmtprc\" -o -name \"*password*\" -o -name \"pg_hba.conf\" -o -name \"access.log\" -o -name \"*.sqlite\" -o -name \"storage.php\" -o -name \"drives.xml\" -o -name \"Ntds.dit\" -o -name \"bash.exe\" -o -name \"https-xampp.conf\" -o -name \"protecteduserkey.bin\" -o -name \".pypirc\" -o -name \"ffftp.ini\" -o -name \"accessTokens.json\" -o -name \"influxdb.conf\" -o -name \"access_tokens.json\" -o -name \"docker-compose.yml\" -o -name \".rhosts\" -o -name \"php.ini\" -o -name \"*.der\" -o -name \"*.timer\" -o -name \"unattend.inf\" -o -name \"passbolt.php\" -o -name \"software.sav\" -o -name \"*.pgp\" -o -name \"zabbix_agentd.conf\" -o -name \"*.ovpn\" -o -name \"SecEvent.Evt\" -o -name \"*.csr\" -o -name \"azureProfile.json\" -o -name \"Dockerfile\" -o -name \"backups\" -o -name \".erlang.cookie\" -o -name \"ftp.config\" -o -name \"ddclient.conf\" -o -name \"snmpd.conf\" -o -name \"printers.xml\" -o -name \"fastcgi_params\" -o -name \".ldaprc\" -o -name \"secrets.ldb\" -o -name \".env\" -o -name \"credentials.db\" -o -name \"security.sav\" -o -name \"sysprep.xml\" -o -name \"unattended.xml\" -o -name \"*.sqlite3\" -o -name \"racoon.conf\" -o -name \"pagefile.sys\" -o -name \"*.ftpconfig\" -o -name \"setupinfo\" -o -name \"*vnc*.xml\" -o -name \"config.php\" -o -name \"cloud.cfg\" -o -name \"docker.sock\" -o -name \"pgsql.conf\" -o -name \"*config*.php\" -o -name \"cesi.conf\" -o -name \"my.ini\" -o -name \"*vnc*.ini\" -o -name \"kadm5.acl\" -o -name \"passwd\" -o -name \"gitlab.rm\" -o -name \"ws_ftp.ini\" -o -name \"*.crt\" -o -name \"sssd.conf\" -o -name \"setupinfo.bak\" -o -name \"000-default.conf\" -o -name \"creds*\" -o -name \"docker.socket\" -o -name \"my.cnf\" -o -name \".sudo_as_admin_successful\" -o -name \"TokenCache.dat\" -o -name \"supervisord.conf\" -o -name \"winscp.ini\" -o -name \"debian.cnf\" -o -name \".git-credentials\" -o -name \".bashrc\" -o -name \".secrets.mkey\" -o -name \"software\" -o -name \"SAM\" -o -name \"unattend.txt\" -o -name \".recently-used.xbel\" -o -name \"*.kdbx\" -o -name \"groups.xml\" -o -name \"sitemanager.xml\" -o -name \"authorized_keys\" -o -name \".google_authenticator\" -o -name \"jetty-realm.properties\" -o -name \"RDCMan.settings\" -o -name \"*.swp\" -o -name \"rsyncd.conf\" -o -name \".plan\" -o -name \"*.rdg\" -o -name \"SYSTEM\" -o -name \"*.pfx\" -o -name \"*.jks\" -o -name \".wgetrc\" -o -name \"filezilla.xml\" -o -name \"scclient.exe\" -o -name \"error.log\" -o -name \"*credential*\" -o -name \"*.key\" -o -name \"mariadb.cnf\" -o -name \".lesshst\" -o -name \"AzureRMContext.json\" -o -name \"*vnc*.txt\" -o -name \"KeePass.enforced*\" -o -name \"access_tokens.db\" -o -name \"secrets.yml\" -o -name \"ftp.ini\" -o -name \".github\" -o -name \"autologin.conf\" -o -name \"kibana.y*ml\" -o -name \"*.pem\" -o -name \"index.dat\" -o -name \"postgresql.conf\" -o -name \"system.sav\" -o -name \"KeePass.config*\" -o -name \"*.db\" -o -name \"ConsoleHost_history.txt\" -o -name \"https.conf\" -o -name \"wsl.exe\" -o -name \"database.php\" -o -name \"kcpassword\" -o -name \".git\" -o -name \".profile\" -o -name \"redis.conf\" -o -name \"iis6.log\" -o -name \"*.keyring\" -o -name \"id_dsa*\" -o -name \"*.service\" -o -name \"elasticsearch.y*ml\" -o -name \"ntuser.dat\" -o -name \"psk.txt\" -o -name \"backup\" -o -name \"*.socket\" -o -name \"mongod*.conf\" -o -name \"*.cer\" -o -name \"FreeSSHDservice.ini\" -o -name \"*.viminfo\" -o -name \"mosquitto.conf\" -o -name \"rsyncd.secrets\" -o -name \"gvm-tools.conf\" -o -name \"ipsec.secrets\" -o -name \"server.xml\" -o -name \"sysprep.inf\" -o -name \".gitconfig\" -o -name \"settings.php\" -o -name \"sentry.conf.py\" -o -name \"wp-config.php\" -o -name \"anaconda-ks.cfg\" -o -name \"*.keystore\" -o -name \"datasources.xml\" -o -name \"recentservers.xml\" -o -name \"vault-ssh-helper.hcl\" -o -name \"known_hosts\" -o -name \"*vnc*.c*nf*\" -o -name \"id_rsa*\" -o -name \"legacy_credentials.db\" -o -name \"ipsec.conf\" -o -name \"httpd.conf\" -o -name \"default.sav\" -o -name \"*.gpg\" -o -name \"tomcat-users.xml\" -o -name \"gitlab.yml\" -o -name \".*_history.*\" -o -name \"db.php\" -o -name \".vault-token\" -o -name \"scheduledtasks.xml\" -o -name \"zabbix_server.conf\" -o -name \"credentials\" -o -name \"web*.config\" -o -name \"hosts.equiv\" -o -name \"hostapd.conf\" -o -name \"authorized_hosts\" -o -name \".k5login\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"`
FIND_SRV=`eval_bckgrd "find /srv -name \"appcmd.exe\" -o -name \"sites.ini\" -o -name \"*.gnupg\" -o -name \"wcx_ftp.ini\" -o -name \"krb5.conf\" -o -name \".htpasswd\" -o -name \"NetSetup.log\" -o -name \"KeePass.ini\" -o -name \"*.p12\" -o -name \"autologin\" -o -name \"unattend.xml\" -o -name \"pgadmin*.db\" -o -name \"krb5.keytab\" -o -name \"AppEvent.Evt\" -o -name \".msmtprc\" -o -name \"*password*\" -o -name \"pg_hba.conf\" -o -name \"access.log\" -o -name \"*.sqlite\" -o -name \"storage.php\" -o -name \"drives.xml\" -o -name \"Ntds.dit\" -o -name \"bash.exe\" -o -name \"https-xampp.conf\" -o -name \"protecteduserkey.bin\" -o -name \".pypirc\" -o -name \"ffftp.ini\" -o -name \"accessTokens.json\" -o -name \"influxdb.conf\" -o -name \"access_tokens.json\" -o -name \"docker-compose.yml\" -o -name \".rhosts\" -o -name \"php.ini\" -o -name \"*.der\" -o -name \"*.timer\" -o -name \"unattend.inf\" -o -name \"passbolt.php\" -o -name \"software.sav\" -o -name \"*.pgp\" -o -name \"zabbix_agentd.conf\" -o -name \"*.ovpn\" -o -name \"SecEvent.Evt\" -o -name \"*.csr\" -o -name \"azureProfile.json\" -o -name \"Dockerfile\" -o -name \"backups\" -o -name \".erlang.cookie\" -o -name \"ftp.config\" -o -name \"ddclient.conf\" -o -name \"snmpd.conf\" -o -name \"printers.xml\" -o -name \"fastcgi_params\" -o -name \".ldaprc\" -o -name \"secrets.ldb\" -o -name \".env\" -o -name \"credentials.db\" -o -name \"security.sav\" -o -name \"sysprep.xml\" -o -name \"unattended.xml\" -o -name \"*.sqlite3\" -o -name \"racoon.conf\" -o -name \"pagefile.sys\" -o -name \"*.ftpconfig\" -o -name \"setupinfo\" -o -name \"*vnc*.xml\" -o -name \"config.php\" -o -name \"cloud.cfg\" -o -name \"docker.sock\" -o -name \"pgsql.conf\" -o -name \"*config*.php\" -o -name \"cesi.conf\" -o -name \"my.ini\" -o -name \"*vnc*.ini\" -o -name \"kadm5.acl\" -o -name \"passwd\" -o -name \"gitlab.rm\" -o -name \"ws_ftp.ini\" -o -name \"*.crt\" -o -name \"sssd.conf\" -o -name \"setupinfo.bak\" -o -name \"000-default.conf\" -o -name \"creds*\" -o -name \"docker.socket\" -o -name \"my.cnf\" -o -name \".sudo_as_admin_successful\" -o -name \"TokenCache.dat\" -o -name \"supervisord.conf\" -o -name \"winscp.ini\" -o -name \"debian.cnf\" -o -name \".git-credentials\" -o -name \".bashrc\" -o -name \".secrets.mkey\" -o -name \"software\" -o -name \"SAM\" -o -name \"unattend.txt\" -o -name \".recently-used.xbel\" -o -name \"*.kdbx\" -o -name \"groups.xml\" -o -name \"sitemanager.xml\" -o -name \"authorized_keys\" -o -name \".google_authenticator\" -o -name \"jetty-realm.properties\" -o -name \"RDCMan.settings\" -o -name \"*.swp\" -o -name \"rsyncd.conf\" -o -name \".plan\" -o -name \"*.rdg\" -o -name \"SYSTEM\" -o -name \"*.pfx\" -o -name \"*.jks\" -o -name \".wgetrc\" -o -name \"filezilla.xml\" -o -name \"scclient.exe\" -o -name \"error.log\" -o -name \"*credential*\" -o -name \"*.key\" -o -name \"mariadb.cnf\" -o -name \".lesshst\" -o -name \"AzureRMContext.json\" -o -name \"*vnc*.txt\" -o -name \"KeePass.enforced*\" -o -name \"access_tokens.db\" -o -name \"secrets.yml\" -o -name \"ftp.ini\" -o -name \".github\" -o -name \"autologin.conf\" -o -name \"kibana.y*ml\" -o -name \"*.pem\" -o -name \"index.dat\" -o -name \"postgresql.conf\" -o -name \"system.sav\" -o -name \"KeePass.config*\" -o -name \"*.db\" -o -name \"ConsoleHost_history.txt\" -o -name \"https.conf\" -o -name \"wsl.exe\" -o -name \"database.php\" -o -name \"kcpassword\" -o -name \".git\" -o -name \".profile\" -o -name \"redis.conf\" -o -name \"iis6.log\" -o -name \"*.keyring\" -o -name \"id_dsa*\" -o -name \"*.service\" -o -name \"elasticsearch.y*ml\" -o -name \"ntuser.dat\" -o -name \"psk.txt\" -o -name \"backup\" -o -name \"*.socket\" -o -name \"mongod*.conf\" -o -name \"*.cer\" -o -name \"FreeSSHDservice.ini\" -o -name \"*.viminfo\" -o -name \"mosquitto.conf\" -o -name \"rsyncd.secrets\" -o -name \"gvm-tools.conf\" -o -name \"ipsec.secrets\" -o -name \"server.xml\" -o -name \"sysprep.inf\" -o -name \".gitconfig\" -o -name \"settings.php\" -o -name \"sentry.conf.py\" -o -name \"wp-config.php\" -o -name \"anaconda-ks.cfg\" -o -name \"*.keystore\" -o -name \"datasources.xml\" -o -name \"recentservers.xml\" -o -name \"vault-ssh-helper.hcl\" -o -name \"known_hosts\" -o -name \"*vnc*.c*nf*\" -o -name \"id_rsa*\" -o -name \"legacy_credentials.db\" -o -name \"ipsec.conf\" -o -name \"httpd.conf\" -o -name \"default.sav\" -o -name \"*.gpg\" -o -name \"tomcat-users.xml\" -o -name \"gitlab.yml\" -o -name \".*_history.*\" -o -name \"db.php\" -o -name \".vault-token\" -o -name \"scheduledtasks.xml\" -o -name \"zabbix_server.conf\" -o -name \"credentials\" -o -name \"web*.config\" -o -name \"hosts.equiv\" -o -name \"hostapd.conf\" -o -name \"authorized_hosts\" -o -name \".k5login\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"`
FIND_SYS=`eval_bckgrd "find /sys -name \"*.service\" -o -name \"*.socket\" -o -name \"*.timer\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"`
FIND_SYSTEM=`eval_bckgrd "find /system -name \"*.service\" -o -name \"*.socket\" -o -name \"*.timer\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"`
FIND_SYSTEMD=`eval_bckgrd "find /systemd -name \"*.service\" -o -name \"*.socket\" -o -name \"*.timer\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"`
FIND_TMP=`eval_bckgrd "find /tmp -name \"appcmd.exe\" -o -name \"sites.ini\" -o -name \"*.gnupg\" -o -name \"wcx_ftp.ini\" -o -name \"krb5.conf\" -o -name \".htpasswd\" -o -name \"NetSetup.log\" -o -name \"KeePass.ini\" -o -name \"*.p12\" -o -name \"autologin\" -o -name \"unattend.xml\" -o -name \"pgadmin*.db\" -o -name \"krb5.keytab\" -o -name \"AppEvent.Evt\" -o -name \".msmtprc\" -o -name \"*password*\" -o -name \"pg_hba.conf\" -o -name \"access.log\" -o -name \"*.sqlite\" -o -name \"storage.php\" -o -name \"drives.xml\" -o -name \"Ntds.dit\" -o -name \"bash.exe\" -o -name \"https-xampp.conf\" -o -name \"protecteduserkey.bin\" -o -name \".pypirc\" -o -name \"ffftp.ini\" -o -name \"accessTokens.json\" -o -name \"influxdb.conf\" -o -name \"access_tokens.json\" -o -name \"docker-compose.yml\" -o -name \".rhosts\" -o -name \"php.ini\" -o -name \"*.der\" -o -name \"*.timer\" -o -name \"unattend.inf\" -o -name \"passbolt.php\" -o -name \"software.sav\" -o -name \"*.pgp\" -o -name \"zabbix_agentd.conf\" -o -name \"*.ovpn\" -o -name \"SecEvent.Evt\" -o -name \"*.csr\" -o -name \"azureProfile.json\" -o -name \"Dockerfile\" -o -name \"backups\" -o -name \".erlang.cookie\" -o -name \"ftp.config\" -o -name \"ddclient.conf\" -o -name \"snmpd.conf\" -o -name \"printers.xml\" -o -name \"fastcgi_params\" -o -name \".ldaprc\" -o -name \"secrets.ldb\" -o -name \".env\" -o -name \"credentials.db\" -o -name \"security.sav\" -o -name \"sysprep.xml\" -o -name \"unattended.xml\" -o -name \"*.sqlite3\" -o -name \"racoon.conf\" -o -name \"pagefile.sys\" -o -name \"sess_*\" -o -name \"*.ftpconfig\" -o -name \"setupinfo\" -o -name \"*vnc*.xml\" -o -name \"config.php\" -o -name \"cloud.cfg\" -o -name \"docker.sock\" -o -name \"pgsql.conf\" -o -name \"*config*.php\" -o -name \"cesi.conf\" -o -name \"my.ini\" -o -name \"*vnc*.ini\" -o -name \"kadm5.acl\" -o -name \"passwd\" -o -name \"gitlab.rm\" -o -name \"agent*\" -o -name \"ws_ftp.ini\" -o -name \"*.crt\" -o -name \"sssd.conf\" -o -name \"setupinfo.bak\" -o -name \"000-default.conf\" -o -name \"creds*\" -o -name \"docker.socket\" -o -name \"my.cnf\" -o -name \".sudo_as_admin_successful\" -o -name \"TokenCache.dat\" -o -name \"supervisord.conf\" -o -name \"winscp.ini\" -o -name \"debian.cnf\" -o -name \".git-credentials\" -o -name \".bashrc\" -o -name \".secrets.mkey\" -o -name \"software\" -o -name \"SAM\" -o -name \"unattend.txt\" -o -name \".recently-used.xbel\" -o -name \"*.kdbx\" -o -name \"groups.xml\" -o -name \"sitemanager.xml\" -o -name \"authorized_keys\" -o -name \".google_authenticator\" -o -name \"jetty-realm.properties\" -o -name \"RDCMan.settings\" -o -name \"*.swp\" -o -name \"rsyncd.conf\" -o -name \".plan\" -o -name \"*.rdg\" -o -name \"SYSTEM\" -o -name \"*.pfx\" -o -name \"*.jks\" -o -name \".wgetrc\" -o -name \"filezilla.xml\" -o -name \"scclient.exe\" -o -name \"error.log\" -o -name \"*credential*\" -o -name \"*.key\" -o -name \"mariadb.cnf\" -o -name \".lesshst\" -o -name \"AzureRMContext.json\" -o -name \"*vnc*.txt\" -o -name \"KeePass.enforced*\" -o -name \"access_tokens.db\" -o -name \"secrets.yml\" -o -name \"ftp.ini\" -o -name \".github\" -o -name \"autologin.conf\" -o -name \"kibana.y*ml\" -o -name \"*.pem\" -o -name \"index.dat\" -o -name \"postgresql.conf\" -o -name \"system.sav\" -o -name \"KeePass.config*\" -o -name \"*.db\" -o -name \"ConsoleHost_history.txt\" -o -name \"https.conf\" -o -name \"wsl.exe\" -o -name \"database.php\" -o -name \"kcpassword\" -o -name \".git\" -o -name \".profile\" -o -name \"redis.conf\" -o -name \"iis6.log\" -o -name \"*.keyring\" -o -name \"id_dsa*\" -o -name \"*.service\" -o -name \"elasticsearch.y*ml\" -o -name \"ntuser.dat\" -o -name \"psk.txt\" -o -name \"backup\" -o -name \"*.socket\" -o -name \"mongod*.conf\" -o -name \"*.cer\" -o -name \"FreeSSHDservice.ini\" -o -name \"*.viminfo\" -o -name \"mosquitto.conf\" -o -name \"rsyncd.secrets\" -o -name \"gvm-tools.conf\" -o -name \"ipsec.secrets\" -o -name \"server.xml\" -o -name \"sysprep.inf\" -o -name \".gitconfig\" -o -name \"settings.php\" -o -name \"sentry.conf.py\" -o -name \"wp-config.php\" -o -name \"anaconda-ks.cfg\" -o -name \"*.keystore\" -o -name \"datasources.xml\" -o -name \"recentservers.xml\" -o -name \"vault-ssh-helper.hcl\" -o -name \"known_hosts\" -o -name \"*vnc*.c*nf*\" -o -name \"id_rsa*\" -o -name \"legacy_credentials.db\" -o -name \"ipsec.conf\" -o -name \"httpd.conf\" -o -name \"default.sav\" -o -name \"*.gpg\" -o -name \"tomcat-users.xml\" -o -name \"gitlab.yml\" -o -name \".*_history.*\" -o -name \"db.php\" -o -name \".vault-token\" -o -name \"scheduledtasks.xml\" -o -name \"zabbix_server.conf\" -o -name \"credentials\" -o -name \"web*.config\" -o -name \"hosts.equiv\" -o -name \"hostapd.conf\" -o -name \"authorized_hosts\" -o -name \".k5login\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"`
FIND_USR=`eval_bckgrd "find /usr -name \"appcmd.exe\" -o -name \"sites.ini\" -o -name \"*.gnupg\" -o -name \"wcx_ftp.ini\" -o -name \"krb5.conf\" -o -name \".htpasswd\" -o -name \"NetSetup.log\" -o -name \"KeePass.ini\" -o -name \"*.p12\" -o -name \"autologin\" -o -name \"unattend.xml\" -o -name \"pgadmin*.db\" -o -name \"krb5.keytab\" -o -name \"AppEvent.Evt\" -o -name \".msmtprc\" -o -name \"*password*\" -o -name \"pg_hba.conf\" -o -name \"access.log\" -o -name \"*.sqlite\" -o -name \"storage.php\" -o -name \"drives.xml\" -o -name \"Ntds.dit\" -o -name \"bash.exe\" -o -name \"https-xampp.conf\" -o -name \"protecteduserkey.bin\" -o -name \".pypirc\" -o -name \"ffftp.ini\" -o -name \"accessTokens.json\" -o -name \"influxdb.conf\" -o -name \"access_tokens.json\" -o -name \"docker-compose.yml\" -o -name \".rhosts\" -o -name \"php.ini\" -o -name \"*.der\" -o -name \"*.timer\" -o -name \"unattend.inf\" -o -name \"passbolt.php\" -o -name \"software.sav\" -o -name \"*.pgp\" -o -name \"zabbix_agentd.conf\" -o -name \"*.ovpn\" -o -name \"SecEvent.Evt\" -o -name \"*.csr\" -o -name \"azureProfile.json\" -o -name \"Dockerfile\" -o -name \"backups\" -o -name \".erlang.cookie\" -o -name \"ftp.config\" -o -name \"ddclient.conf\" -o -name \"snmpd.conf\" -o -name \"printers.xml\" -o -name \"fastcgi_params\" -o -name \".ldaprc\" -o -name \"secrets.ldb\" -o -name \".env\" -o -name \"credentials.db\" -o -name \"security.sav\" -o -name \"sysprep.xml\" -o -name \"unattended.xml\" -o -name \"*.sqlite3\" -o -name \"racoon.conf\" -o -name \"pagefile.sys\" -o -name \"*.ftpconfig\" -o -name \"setupinfo\" -o -name \"*vnc*.xml\" -o -name \"config.php\" -o -name \"cloud.cfg\" -o -name \"docker.sock\" -o -name \"pgsql.conf\" -o -name \"*config*.php\" -o -name \"cesi.conf\" -o -name \"my.ini\" -o -name \"*vnc*.ini\" -o -name \"kadm5.acl\" -o -name \"passwd\" -o -name \"gitlab.rm\" -o -name \"ws_ftp.ini\" -o -name \"*.crt\" -o -name \"sssd.conf\" -o -name \"setupinfo.bak\" -o -name \"000-default.conf\" -o -name \"creds*\" -o -name \"docker.socket\" -o -name \"my.cnf\" -o -name \".sudo_as_admin_successful\" -o -name \"TokenCache.dat\" -o -name \"supervisord.conf\" -o -name \"winscp.ini\" -o -name \"debian.cnf\" -o -name \".git-credentials\" -o -name \".bashrc\" -o -name \".secrets.mkey\" -o -name \"software\" -o -name \"SAM\" -o -name \"unattend.txt\" -o -name \".recently-used.xbel\" -o -name \"*.kdbx\" -o -name \"groups.xml\" -o -name \"sitemanager.xml\" -o -name \"authorized_keys\" -o -name \".google_authenticator\" -o -name \"jetty-realm.properties\" -o -name \"RDCMan.settings\" -o -name \"ssh*config\" -o -name \"*.swp\" -o -name \"rsyncd.conf\" -o -name \".plan\" -o -name \"*.rdg\" -o -name \"SYSTEM\" -o -name \"*.pfx\" -o -name \"*.jks\" -o -name \".wgetrc\" -o -name \"filezilla.xml\" -o -name \"scclient.exe\" -o -name \"error.log\" -o -name \"*credential*\" -o -name \"*.key\" -o -name \"mariadb.cnf\" -o -name \".lesshst\" -o -name \"AzureRMContext.json\" -o -name \"*vnc*.txt\" -o -name \"KeePass.enforced*\" -o -name \"access_tokens.db\" -o -name \"secrets.yml\" -o -name \"ftp.ini\" -o -name \".github\" -o -name \"autologin.conf\" -o -name \"kibana.y*ml\" -o -name \"*.pem\" -o -name \"index.dat\" -o -name \"postgresql.conf\" -o -name \"system.sav\" -o -name \"KeePass.config*\" -o -name \"*.db\" -o -name \"ConsoleHost_history.txt\" -o -name \"https.conf\" -o -name \"wsl.exe\" -o -name \"database.php\" -o -name \"kcpassword\" -o -name \".git\" -o -name \".profile\" -o -name \"redis.conf\" -o -name \"iis6.log\" -o -name \"*.keyring\" -o -name \"id_dsa*\" -o -name \"*.service\" -o -name \"elasticsearch.y*ml\" -o -name \"ntuser.dat\" -o -name \"psk.txt\" -o -name \"backup\" -o -name \"*.socket\" -o -name \"mongod*.conf\" -o -name \"*.cer\" -o -name \"FreeSSHDservice.ini\" -o -name \"*.viminfo\" -o -name \"mosquitto.conf\" -o -name \"rsyncd.secrets\" -o -name \"gvm-tools.conf\" -o -name \"ipsec.secrets\" -o -name \"server.xml\" -o -name \"sysprep.inf\" -o -name \".gitconfig\" -o -name \"settings.php\" -o -name \"sentry.conf.py\" -o -name \"wp-config.php\" -o -name \"anaconda-ks.cfg\" -o -name \"*.keystore\" -o -name \"datasources.xml\" -o -name \"recentservers.xml\" -o -name \"vault-ssh-helper.hcl\" -o -name \"known_hosts\" -o -name \"*vnc*.c*nf*\" -o -name \"id_rsa*\" -o -name \"legacy_credentials.db\" -o -name \"ipsec.conf\" -o -name \"httpd.conf\" -o -name \"default.sav\" -o -name \"*.gpg\" -o -name \"tomcat-users.xml\" -o -name \"gitlab.yml\" -o -name \".*_history.*\" -o -name \"db.php\" -o -name \".vault-token\" -o -name \"scheduledtasks.xml\" -o -name \"zabbix_server.conf\" -o -name \"credentials\" -o -name \"web*.config\" -o -name \"hosts.equiv\" -o -name \"hostapd.conf\" -o -name \"authorized_hosts\" -o -name \".k5login\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"`
FIND_VAR=`eval_bckgrd "find /var -name \"appcmd.exe\" -o -name \"sites.ini\" -o -name \"*.gnupg\" -o -name \"wcx_ftp.ini\" -o -name \"krb5.conf\" -o -name \".htpasswd\" -o -name \"NetSetup.log\" -o -name \"KeePass.ini\" -o -name \"*.p12\" -o -name \"autologin\" -o -name \"unattend.xml\" -o -name \"pgadmin*.db\" -o -name \"krb5.keytab\" -o -name \"AppEvent.Evt\" -o -name \".msmtprc\" -o -name \"*password*\" -o -name \"pg_hba.conf\" -o -name \"access.log\" -o -name \"*.sqlite\" -o -name \"storage.php\" -o -name \"drives.xml\" -o -name \"Ntds.dit\" -o -name \"bash.exe\" -o -name \"https-xampp.conf\" -o -name \"protecteduserkey.bin\" -o -name \".pypirc\" -o -name \"ffftp.ini\" -o -name \"accessTokens.json\" -o -name \"influxdb.conf\" -o -name \"access_tokens.json\" -o -name \"docker-compose.yml\" -o -name \".rhosts\" -o -name \"php.ini\" -o -name \"*.der\" -o -name \"*.timer\" -o -name \"unattend.inf\" -o -name \"passbolt.php\" -o -name \"software.sav\" -o -name \"*.pgp\" -o -name \"zabbix_agentd.conf\" -o -name \"*.ovpn\" -o -name \"SecEvent.Evt\" -o -name \"*.csr\" -o -name \"azureProfile.json\" -o -name \"Dockerfile\" -o -name \"backups\" -o -name \".erlang.cookie\" -o -name \"ftp.config\" -o -name \"ddclient.conf\" -o -name \"snmpd.conf\" -o -name \"printers.xml\" -o -name \"fastcgi_params\" -o -name \".ldaprc\" -o -name \"secrets.ldb\" -o -name \".env\" -o -name \"credentials.db\" -o -name \"security.sav\" -o -name \"sysprep.xml\" -o -name \"unattended.xml\" -o -name \"*.sqlite3\" -o -name \"racoon.conf\" -o -name \"pagefile.sys\" -o -name \"sess_*\" -o -name \"*.ftpconfig\" -o -name \"setupinfo\" -o -name \"*vnc*.xml\" -o -name \"config.php\" -o -name \"cloud.cfg\" -o -name \"docker.sock\" -o -name \"pgsql.conf\" -o -name \"*config*.php\" -o -name \"cesi.conf\" -o -name \"my.ini\" -o -name \"*vnc*.ini\" -o -name \"kadm5.acl\" -o -name \"passwd\" -o -name \"gitlab.rm\" -o -name \"ws_ftp.ini\" -o -name \"*.crt\" -o -name \"sssd.conf\" -o -name \"setupinfo.bak\" -o -name \"000-default.conf\" -o -name \"creds*\" -o -name \"docker.socket\" -o -name \"my.cnf\" -o -name \".sudo_as_admin_successful\" -o -name \"TokenCache.dat\" -o -name \"supervisord.conf\" -o -name \"winscp.ini\" -o -name \"debian.cnf\" -o -name \".git-credentials\" -o -name \".bashrc\" -o -name \".secrets.mkey\" -o -name \"software\" -o -name \"SAM\" -o -name \"unattend.txt\" -o -name \".recently-used.xbel\" -o -name \"*.kdbx\" -o -name \"groups.xml\" -o -name \"sitemanager.xml\" -o -name \"authorized_keys\" -o -name \".google_authenticator\" -o -name \"jetty-realm.properties\" -o -name \"RDCMan.settings\" -o -name \"*.swp\" -o -name \"rsyncd.conf\" -o -name \".plan\" -o -name \"*.rdg\" -o -name \"SYSTEM\" -o -name \"*.pfx\" -o -name \"*.jks\" -o -name \".wgetrc\" -o -name \"filezilla.xml\" -o -name \"scclient.exe\" -o -name \"error.log\" -o -name \"*credential*\" -o -name \"*.key\" -o -name \"mariadb.cnf\" -o -name \".lesshst\" -o -name \"AzureRMContext.json\" -o -name \"*vnc*.txt\" -o -name \"KeePass.enforced*\" -o -name \"access_tokens.db\" -o -name \"secrets.yml\" -o -name \"ftp.ini\" -o -name \".github\" -o -name \"autologin.conf\" -o -name \"kibana.y*ml\" -o -name \"*.pem\" -o -name \"index.dat\" -o -name \"postgresql.conf\" -o -name \"system.sav\" -o -name \"KeePass.config*\" -o -name \"*.db\" -o -name \"ConsoleHost_history.txt\" -o -name \"https.conf\" -o -name \"wsl.exe\" -o -name \"database.php\" -o -name \"kcpassword\" -o -name \".git\" -o -name \".profile\" -o -name \"redis.conf\" -o -name \"iis6.log\" -o -name \"*.keyring\" -o -name \"id_dsa*\" -o -name \"*.service\" -o -name \"elasticsearch.y*ml\" -o -name \"ntuser.dat\" -o -name \"psk.txt\" -o -name \"backup\" -o -name \"*.socket\" -o -name \"mongod*.conf\" -o -name \"*.cer\" -o -name \"FreeSSHDservice.ini\" -o -name \"*.viminfo\" -o -name \"mosquitto.conf\" -o -name \"rsyncd.secrets\" -o -name \"gvm-tools.conf\" -o -name \"ipsec.secrets\" -o -name \"server.xml\" -o -name \"sysprep.inf\" -o -name \".gitconfig\" -o -name \"settings.php\" -o -name \"sentry.conf.py\" -o -name \"wp-config.php\" -o -name \"anaconda-ks.cfg\" -o -name \"*.keystore\" -o -name \"datasources.xml\" -o -name \"recentservers.xml\" -o -name \"vault-ssh-helper.hcl\" -o -name \"known_hosts\" -o -name \"*vnc*.c*nf*\" -o -name \"id_rsa*\" -o -name \"legacy_credentials.db\" -o -name \"ipsec.conf\" -o -name \"httpd.conf\" -o -name \"default.sav\" -o -name \"*.gpg\" -o -name \"tomcat-users.xml\" -o -name \"gitlab.yml\" -o -name \".*_history.*\" -o -name \"db.php\" -o -name \".vault-token\" -o -name \"scheduledtasks.xml\" -o -name \"zabbix_server.conf\" -o -name \"credentials\" -o -name \"web*.config\" -o -name \"hosts.equiv\" -o -name \"hostapd.conf\" -o -name \"authorized_hosts\" -o -name \".k5login\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"`
wait # Always wait at the end
CONT_THREADS=0 #Reset the threads counter
#GENERATE THE STORAGES OF THE FOUND FILES
PSTORAGE_SYSTEMD=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/snap|^/bin|^/tmp|^/.cache|^/sys|^/etc|^/run|^/srv|^/media|^/var|^/cdrom|^/systemd|^/sbin|^/lib64|^/private|^/lib|^$GREPHOMESEARCH|^/applications|^/mnt|^/system|^/opt|^/usr|^/lib32" | grep -E ".*\.service$" | sort | uniq | head -n 70)
PSTORAGE_TIMER=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/snap|^/bin|^/tmp|^/.cache|^/sys|^/etc|^/run|^/srv|^/media|^/var|^/cdrom|^/systemd|^/sbin|^/lib64|^/private|^/lib|^$GREPHOMESEARCH|^/applications|^/mnt|^/system|^/opt|^/usr|^/lib32" | grep -E ".*\.timer$" | sort | uniq | head -n 70)
PSTORAGE_SOCKET=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/snap|^/bin|^/tmp|^/.cache|^/sys|^/etc|^/run|^/srv|^/media|^/var|^/cdrom|^/systemd|^/sbin|^/lib64|^/private|^/lib|^$GREPHOMESEARCH|^/applications|^/mnt|^/system|^/opt|^/usr|^/lib32" | grep -E ".*\.socket$" | sort | uniq | head -n 70)
PSTORAGE_DBUS=$(echo -e "$FIND_DIR_CDROM\n$FIND_DIR_MEDIA\n$FIND_DIR_SBIN\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_MNT\n$FIND_DIR_ETC\n$FIND_DIR_OPT\n$FIND_DIR_PRIVATE\n$FIND_DIR_SNAP\n$FIND_DIR_SRV\n$FIND_DIR_USR\n$FIND_DIR_VAR\n$FIND_DIR_TMP\n$FIND_DIR_CACHE\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_BIN" | grep -E "^/etc" | grep -E "system\.d$" | sort | uniq | head -n 70)
PSTORAGE_MYSQL=$(echo -e "$FIND_DIR_CDROM\n$FIND_DIR_MEDIA\n$FIND_DIR_SBIN\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_MNT\n$FIND_DIR_ETC\n$FIND_DIR_OPT\n$FIND_DIR_PRIVATE\n$FIND_DIR_SNAP\n$FIND_DIR_SRV\n$FIND_DIR_USR\n$FIND_DIR_VAR\n$FIND_DIR_TMP\n$FIND_DIR_CACHE\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_BIN" | grep -v -E 'mysql/mysql' | grep -E '^/etc/.*mysql|/usr/var/lib/.*mysql|/var/lib/.*mysql' | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "mysql$" | sort | uniq | head -n 70)
PSTORAGE_MARIADB=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "mariadb\.cnf$|debian\.cnf$" | sort | uniq | head -n 70)
PSTORAGE_POSTGRESQL=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "pgadmin.*\.db$|pg_hba\.conf$|postgresql\.conf$|pgsql\.conf$" | sort | uniq | head -n 70)
PSTORAGE_APACHE=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC\n$FIND_DIR_CDROM\n$FIND_DIR_MEDIA\n$FIND_DIR_SBIN\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_MNT\n$FIND_DIR_ETC\n$FIND_DIR_OPT\n$FIND_DIR_PRIVATE\n$FIND_DIR_SNAP\n$FIND_DIR_SRV\n$FIND_DIR_USR\n$FIND_DIR_VAR\n$FIND_DIR_TMP\n$FIND_DIR_CACHE\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_BIN" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "sites-enabled$|000-default\.conf$|php\.ini$" | sort | uniq | head -n 70)
PSTORAGE_PHP_SESSIONS=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E '/tmp/.*sess_.*|/var/tmp/.*sess_.*' | grep -E "^/var|^/private|^/mnt|^/tmp" | grep -E "sess_.*$" | sort | uniq | head -n 70)
PSTORAGE_PHP_FILES=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E ".*config.*\.php$|database\.php$|db\.php$|storage\.php$|settings\.php$" | sort | uniq | head -n 70)
PSTORAGE_WORDPRESS=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "wp-config\.php$" | sort | uniq | head -n 70)
PSTORAGE_DRUPAL=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E '/default/settings.php' | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "settings\.php$" | sort | uniq | head -n 70)
PSTORAGE_MOODLE=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E 'moodle/config.php' | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "config\.php$" | sort | uniq | head -n 70)
PSTORAGE_TOMCAT=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "tomcat-users\.xml$" | sort | uniq | head -n 70)
PSTORAGE_MONGO=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "mongod.*\.conf$" | sort | uniq | head -n 70)
PSTORAGE_SUPERVISORD=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "supervisord\.conf$" | sort | uniq | head -n 70)
PSTORAGE_CESI=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "cesi\.conf$" | sort | uniq | head -n 70)
PSTORAGE_RSYNC=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "rsyncd\.conf$|rsyncd\.secrets$" | sort | uniq | head -n 70)
PSTORAGE_HOSTAPD=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "hostapd\.conf$" | sort | uniq | head -n 70)
PSTORAGE_ANACONDA_KS=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "anaconda-ks\.cfg$" | sort | uniq | head -n 70)
PSTORAGE_RACOON=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "racoon\.conf$|psk\.txt$" | sort | uniq | head -n 70)
PSTORAGE_VNC=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC\n$FIND_DIR_CDROM\n$FIND_DIR_MEDIA\n$FIND_DIR_SBIN\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_MNT\n$FIND_DIR_ETC\n$FIND_DIR_OPT\n$FIND_DIR_PRIVATE\n$FIND_DIR_SNAP\n$FIND_DIR_SRV\n$FIND_DIR_USR\n$FIND_DIR_VAR\n$FIND_DIR_TMP\n$FIND_DIR_CACHE\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_BIN" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "\.vnc$|.*vnc.*\.c.*nf.*$|.*vnc.*\.ini$|.*vnc.*\.txt$|.*vnc.*\.xml$" | sort | uniq | head -n 70)
PSTORAGE_LDAP=$(echo -e "$FIND_DIR_CDROM\n$FIND_DIR_MEDIA\n$FIND_DIR_SBIN\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_MNT\n$FIND_DIR_ETC\n$FIND_DIR_OPT\n$FIND_DIR_PRIVATE\n$FIND_DIR_SNAP\n$FIND_DIR_SRV\n$FIND_DIR_USR\n$FIND_DIR_VAR\n$FIND_DIR_TMP\n$FIND_DIR_CACHE\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_BIN" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "ldap$" | sort | uniq | head -n 70)
PSTORAGE_OPENVPN=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E ".*\.ovpn$" | sort | uniq | head -n 70)
PSTORAGE_SSH=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "id_dsa.*$|id_rsa.*$|known_hosts$|authorized_hosts$|authorized_keys$" | sort | uniq | head -n 70)
PSTORAGE_CERTSB4=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -v -E '^/usr/share/|^/etc/ssl/|^/usr/local/lib/|^/usr/lib.*' | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E ".*\.pem$|.*\.cer$|.*\.crt$" | sort | uniq | head -n 70)
PSTORAGE_CERTSBIN=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -v -E '^/usr/share/|^/etc/ssl/|^/usr/local/lib/|^/usr/lib/.*' | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E ".*\.csr$|.*\.der$" | sort | uniq | head -n 70)
PSTORAGE_CERTSCLIENT=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -v -E '^/usr/share/|^/etc/ssl/|^/usr/local/lib/|^/usr/lib/.*' | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E ".*\.pfx$|.*\.p12$" | sort | uniq | head -n 70)
PSTORAGE_SSH_AGENTS=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/private|^/tmp" | grep -E "agent.*$" | sort | uniq | head -n 70)
PSTORAGE_SSH_CONFIG=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/usr|^$GREPHOMESEARCH" | grep -E "ssh.*config$" | sort | uniq | head -n 70)
PSTORAGE_CLOUD_CREDENTIALS=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC\n$FIND_DIR_CDROM\n$FIND_DIR_MEDIA\n$FIND_DIR_SBIN\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_MNT\n$FIND_DIR_ETC\n$FIND_DIR_OPT\n$FIND_DIR_PRIVATE\n$FIND_DIR_SNAP\n$FIND_DIR_SRV\n$FIND_DIR_USR\n$FIND_DIR_VAR\n$FIND_DIR_TMP\n$FIND_DIR_CACHE\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_BIN" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "credentials$|credentials\.db$|legacy_credentials\.db$|access_tokens\.db$|access_tokens\.json$|accessTokens\.json$|azureProfile\.json$|TokenCache\.dat$|AzureRMContext\.json$|\.bluemix$" | sort | uniq | head -n 70)
PSTORAGE_KERBEROS=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "krb5\.conf$|krb5\.keytab$|\.k5login$|kadm5\.acl$|secrets\.ldb$|\.secrets\.mkey$|sssd\.conf$" | sort | uniq | head -n 70)
PSTORAGE_KIBANA=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "kibana\.y.*ml$" | sort | uniq | head -n 70)
PSTORAGE_KNOCKD=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E '/etc/init.d/' | grep -E "^/etc" | grep -E ".*knockd.*$" | sort | uniq | head -n 70)
PSTORAGE_LOGSTASH=$(echo -e "$FIND_DIR_CDROM\n$FIND_DIR_MEDIA\n$FIND_DIR_SBIN\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_MNT\n$FIND_DIR_ETC\n$FIND_DIR_OPT\n$FIND_DIR_PRIVATE\n$FIND_DIR_SNAP\n$FIND_DIR_SRV\n$FIND_DIR_USR\n$FIND_DIR_VAR\n$FIND_DIR_TMP\n$FIND_DIR_CACHE\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_BIN" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "logstash$" | sort | uniq | head -n 70)
PSTORAGE_ELASTICSEARCH=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "elasticsearch\.y.*ml$" | sort | uniq | head -n 70)
PSTORAGE_VAULT_SSH_HELPER=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "vault-ssh-helper\.hcl$" | sort | uniq | head -n 70)
PSTORAGE_VAULT_SSH_TOKEN=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "\.vault-token$" | sort | uniq | head -n 70)
PSTORAGE_COUCHDB=$(echo -e "$FIND_DIR_CDROM\n$FIND_DIR_MEDIA\n$FIND_DIR_SBIN\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_MNT\n$FIND_DIR_ETC\n$FIND_DIR_OPT\n$FIND_DIR_PRIVATE\n$FIND_DIR_SNAP\n$FIND_DIR_SRV\n$FIND_DIR_USR\n$FIND_DIR_VAR\n$FIND_DIR_TMP\n$FIND_DIR_CACHE\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_BIN" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "couchdb$" | sort | uniq | head -n 70)
PSTORAGE_REDIS=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "redis\.conf$" | sort | uniq | head -n 70)
PSTORAGE_MOSQUITTO=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "mosquitto\.conf$" | sort | uniq | head -n 70)
PSTORAGE_NEO4J=$(echo -e "$FIND_DIR_CDROM\n$FIND_DIR_MEDIA\n$FIND_DIR_SBIN\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_MNT\n$FIND_DIR_ETC\n$FIND_DIR_OPT\n$FIND_DIR_PRIVATE\n$FIND_DIR_SNAP\n$FIND_DIR_SRV\n$FIND_DIR_USR\n$FIND_DIR_VAR\n$FIND_DIR_TMP\n$FIND_DIR_CACHE\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_BIN" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "neo4j$" | sort | uniq | head -n 70)
PSTORAGE_CLOUD_INIT=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "cloud\.cfg$" | sort | uniq | head -n 70)
PSTORAGE_ERLANG=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "\.erlang\.cookie$" | sort | uniq | head -n 70)
PSTORAGE_GMV_AUTH=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "gvm-tools\.conf$" | sort | uniq | head -n 70)
PSTORAGE_IPSEC=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "ipsec\.secrets$|ipsec\.conf$" | sort | uniq | head -n 70)
PSTORAGE_IRSSI=$(echo -e "$FIND_DIR_CDROM\n$FIND_DIR_MEDIA\n$FIND_DIR_SBIN\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_MNT\n$FIND_DIR_ETC\n$FIND_DIR_OPT\n$FIND_DIR_PRIVATE\n$FIND_DIR_SNAP\n$FIND_DIR_SRV\n$FIND_DIR_USR\n$FIND_DIR_VAR\n$FIND_DIR_TMP\n$FIND_DIR_CACHE\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_BIN" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "\.irssi$" | sort | uniq | head -n 70)
PSTORAGE_KEYRING=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC\n$FIND_DIR_CDROM\n$FIND_DIR_MEDIA\n$FIND_DIR_SBIN\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_MNT\n$FIND_DIR_ETC\n$FIND_DIR_OPT\n$FIND_DIR_PRIVATE\n$FIND_DIR_SNAP\n$FIND_DIR_SRV\n$FIND_DIR_USR\n$FIND_DIR_VAR\n$FIND_DIR_TMP\n$FIND_DIR_CACHE\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_BIN" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "keyrings$|.*\.keyring$|.*\.keystore$|.*\.jks$" | sort | uniq | head -n 70)
PSTORAGE_FILEZILLA=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC\n$FIND_DIR_CDROM\n$FIND_DIR_MEDIA\n$FIND_DIR_SBIN\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_MNT\n$FIND_DIR_ETC\n$FIND_DIR_OPT\n$FIND_DIR_PRIVATE\n$FIND_DIR_SNAP\n$FIND_DIR_SRV\n$FIND_DIR_USR\n$FIND_DIR_VAR\n$FIND_DIR_TMP\n$FIND_DIR_CACHE\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_BIN" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "filezilla$|filezilla\.xml$|recentservers\.xml$" | sort | uniq | head -n 70)
PSTORAGE_BACKUP_MANAGER=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "storage\.php$|database\.php$" | sort | uniq | head -n 70)
PSTORAGE_SPLUNK=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "passwd$" | sort | uniq | head -n 70)
PSTORAGE_GITLAB=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -v -E '/lib' | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "secrets\.yml$|gitlab\.yml$|gitlab\.rm$" | sort | uniq | head -n 70)
PSTORAGE_PGP_GPG=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -v -E 'README.gnupg' | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E ".*\.pgp$|.*\.gpg$|.*\.gnupg$" | sort | uniq | head -n 70)
PSTORAGE_CACHE_VI=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E ".*\.swp$|.*\.viminfo$" | sort | uniq | head -n 70)
PSTORAGE_DOCKER=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "docker\.socket$|docker\.sock$|Dockerfile$|docker-compose\.yml$" | sort | uniq | head -n 70)
PSTORAGE_FIREFOX=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^" | grep -E "\.mozilla$|Firefox$" | sort | uniq | head -n 70)
PSTORAGE_CHROME=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^" | grep -E "google-chrome$|Chrome$" | sort | uniq | head -n 70)
PSTORAGE_OPERA=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^" | grep -E "com\.operasoftware\.Opera$" | sort | uniq | head -n 70)
PSTORAGE_SAFARI=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^" | grep -E "Safari$" | sort | uniq | head -n 70)
PSTORAGE_AUTOLOGIN=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "autologin$|autologin\.conf$" | sort | uniq | head -n 70)
PSTORAGE_FASTCGI=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "fastcgi_params$" | sort | uniq | head -n 70)
PSTORAGE_SNMP=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "snmpd\.conf$" | sort | uniq | head -n 70)
PSTORAGE_PYPIRC=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "\.pypirc$" | sort | uniq | head -n 70)
PSTORAGE_POSTFIX=$(echo -e "$FIND_DIR_CDROM\n$FIND_DIR_MEDIA\n$FIND_DIR_SBIN\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_MNT\n$FIND_DIR_ETC\n$FIND_DIR_OPT\n$FIND_DIR_PRIVATE\n$FIND_DIR_SNAP\n$FIND_DIR_SRV\n$FIND_DIR_USR\n$FIND_DIR_VAR\n$FIND_DIR_TMP\n$FIND_DIR_CACHE\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_BIN" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "postfix$" | sort | uniq | head -n 70)
PSTORAGE_CLOUDFLARE=$(echo -e "$FIND_DIR_CDROM\n$FIND_DIR_MEDIA\n$FIND_DIR_SBIN\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_MNT\n$FIND_DIR_ETC\n$FIND_DIR_OPT\n$FIND_DIR_PRIVATE\n$FIND_DIR_SNAP\n$FIND_DIR_SRV\n$FIND_DIR_USR\n$FIND_DIR_VAR\n$FIND_DIR_TMP\n$FIND_DIR_CACHE\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_BIN" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "\.cloudflared$" | sort | uniq | head -n 70)
PSTORAGE_HISTORY=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "\..*_history\..*$" | sort | uniq | head -n 70)
PSTORAGE_HTTP_CONF=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "httpd\.conf$" | sort | uniq | head -n 70)
PSTORAGE_HTPASSWD=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "\.htpasswd$" | sort | uniq | head -n 70)
PSTORAGE_LDAPRC=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "\.ldaprc$" | sort | uniq | head -n 70)
PSTORAGE_ENV=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "\.env$" | sort | uniq | head -n 70)
PSTORAGE_MSMTPRC=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "\.msmtprc$" | sort | uniq | head -n 70)
PSTORAGE_INFLUXDB=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "influxdb\.conf$" | sort | uniq | head -n 70)
PSTORAGE_ZABBIX=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC\n$FIND_DIR_CDROM\n$FIND_DIR_MEDIA\n$FIND_DIR_SBIN\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_MNT\n$FIND_DIR_ETC\n$FIND_DIR_OPT\n$FIND_DIR_PRIVATE\n$FIND_DIR_SNAP\n$FIND_DIR_SRV\n$FIND_DIR_USR\n$FIND_DIR_VAR\n$FIND_DIR_TMP\n$FIND_DIR_CACHE\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_BIN" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "zabbix_server\.conf$|zabbix_agentd\.conf$|zabbix$" | sort | uniq | head -n 70)
PSTORAGE_GITHUB=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "\.github$|\.gitconfig$|\.git-credentials$|\.git$" | sort | uniq | head -n 70)
PSTORAGE_SVN=$(echo -e "$FIND_DIR_CDROM\n$FIND_DIR_MEDIA\n$FIND_DIR_SBIN\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_MNT\n$FIND_DIR_ETC\n$FIND_DIR_OPT\n$FIND_DIR_PRIVATE\n$FIND_DIR_SNAP\n$FIND_DIR_SRV\n$FIND_DIR_USR\n$FIND_DIR_VAR\n$FIND_DIR_TMP\n$FIND_DIR_CACHE\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_BIN" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "\.svn$" | sort | uniq | head -n 70)
PSTORAGE_KEEPASS=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E ".*\.kdbx$|KeePass\.config.*$|KeePass\.ini$|KeePass\.enforced.*$" | sort | uniq | head -n 70)
PSTORAGE_FTP=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E ".*\.ftpconfig$|ffftp\.ini$|ftp\.ini$|ftp\.config$|sites\.ini$|wcx_ftp\.ini$|winscp\.ini$|ws_ftp\.ini$" | sort | uniq | head -n 70)
PSTORAGE_BIND=$(echo -e "$FIND_DIR_CDROM\n$FIND_DIR_MEDIA\n$FIND_DIR_SBIN\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_MNT\n$FIND_DIR_ETC\n$FIND_DIR_OPT\n$FIND_DIR_PRIVATE\n$FIND_DIR_SNAP\n$FIND_DIR_SRV\n$FIND_DIR_USR\n$FIND_DIR_VAR\n$FIND_DIR_TMP\n$FIND_DIR_CACHE\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_BIN" | grep -E "^/etc|^/usr|^/var" | grep -E "bind$" | sort | uniq | head -n 70)
PSTORAGE_SEEDDMS=$(echo -e "$FIND_DIR_CDROM\n$FIND_DIR_MEDIA\n$FIND_DIR_SBIN\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_MNT\n$FIND_DIR_ETC\n$FIND_DIR_OPT\n$FIND_DIR_PRIVATE\n$FIND_DIR_SNAP\n$FIND_DIR_SRV\n$FIND_DIR_USR\n$FIND_DIR_VAR\n$FIND_DIR_TMP\n$FIND_DIR_CACHE\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_BIN" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "seeddms.*$" | sort | uniq | head -n 70)
PSTORAGE_DDCLIENT=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "ddclient\.conf$" | sort | uniq | head -n 70)
PSTORAGE_KCPASSWORD=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "kcpassword$" | sort | uniq | head -n 70)
PSTORAGE_SENTRY=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC\n$FIND_DIR_CDROM\n$FIND_DIR_MEDIA\n$FIND_DIR_SBIN\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_MNT\n$FIND_DIR_ETC\n$FIND_DIR_OPT\n$FIND_DIR_PRIVATE\n$FIND_DIR_SNAP\n$FIND_DIR_SRV\n$FIND_DIR_USR\n$FIND_DIR_VAR\n$FIND_DIR_TMP\n$FIND_DIR_CACHE\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_BIN" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "sentry$|sentry\.conf\.py$" | sort | uniq | head -n 70)
PSTORAGE_STRAPI=$(echo -e "$FIND_DIR_CDROM\n$FIND_DIR_MEDIA\n$FIND_DIR_SBIN\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_MNT\n$FIND_DIR_ETC\n$FIND_DIR_OPT\n$FIND_DIR_PRIVATE\n$FIND_DIR_SNAP\n$FIND_DIR_SRV\n$FIND_DIR_USR\n$FIND_DIR_VAR\n$FIND_DIR_TMP\n$FIND_DIR_CACHE\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_BIN" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "environments$" | sort | uniq | head -n 70)
PSTORAGE_CACTI=$(echo -e "$FIND_DIR_CDROM\n$FIND_DIR_MEDIA\n$FIND_DIR_SBIN\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_MNT\n$FIND_DIR_ETC\n$FIND_DIR_OPT\n$FIND_DIR_PRIVATE\n$FIND_DIR_SNAP\n$FIND_DIR_SRV\n$FIND_DIR_USR\n$FIND_DIR_VAR\n$FIND_DIR_TMP\n$FIND_DIR_CACHE\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_BIN" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "cacti$" | sort | uniq | head -n 70)
PSTORAGE_ROUNDCUBE=$(echo -e "$FIND_DIR_CDROM\n$FIND_DIR_MEDIA\n$FIND_DIR_SBIN\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_MNT\n$FIND_DIR_ETC\n$FIND_DIR_OPT\n$FIND_DIR_PRIVATE\n$FIND_DIR_SNAP\n$FIND_DIR_SRV\n$FIND_DIR_USR\n$FIND_DIR_VAR\n$FIND_DIR_TMP\n$FIND_DIR_CACHE\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_BIN" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "roundcube$" | sort | uniq | head -n 70)
PSTORAGE_PASSBOLT=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "passbolt\.php$" | sort | uniq | head -n 70)
PSTORAGE_JETTY=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "jetty-realm\.properties$" | sort | uniq | head -n 70)
PSTORAGE_WGET=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "\.wgetrc$" | sort | uniq | head -n 70)
PSTORAGE_INTERESTING_LOGS=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "access\.log$|error\.log$" | sort | uniq | head -n 70)
PSTORAGE_OTHER_INTERESTING_FILES=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "\.bashrc$|\.google_authenticator$|hosts\.equiv$|\.lesshst$|\.plan$|\.profile$|\.recently-used\.xbel$|\.rhosts$|\.sudo_as_admin_successful$" | sort | uniq | head -n 70)
PSTORAGE_WINDOWS_FILES=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "unattend\.inf$|.*\.rdg$|AppEvent\.Evt$|ConsoleHost_history\.txt$|FreeSSHDservice\.ini$|NetSetup\.log$|Ntds\.dit$|protecteduserkey\.bin$|RDCMan\.settings$|SAM$|SYSTEM$|SecEvent\.Evt$|appcmd\.exe$|bash\.exe$|datasources\.xml$|default\.sav$|drives\.xml$|groups\.xml$|https-xampp\.conf$|https\.conf$|iis6\.log$|index\.dat$|my\.cnf$|my\.ini$|ntuser\.dat$|pagefile\.sys$|printers\.xml$|recentservers\.xml$|scclient\.exe$|scheduledtasks\.xml$|security\.sav$|server\.xml$|setupinfo$|setupinfo\.bak$|sitemanager\.xml$|sites\.ini$|software$|software\.sav$|sysprep\.inf$|sysprep\.xml$|system\.sav$|unattend\.txt$|unattend\.xml$|unattended\.xml$|wcx_ftp\.ini$|ws_ftp\.ini$|web.*\.config$|winscp\.ini$|wsl\.exe$" | sort | uniq | head -n 70)
PSTORAGE_DATABASE=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -v -E '/man/|/usr/|/var/cache/' | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E ".*\.db$|.*\.sqlite$|.*\.sqlite3$" | sort | uniq | head -n 70)
PSTORAGE_BACKUPS=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "backup$|backups$" | sort | uniq | head -n 70)
PSTORAGE_PASSWORD_FILES=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E ".*password.*$|.*credential.*$|creds.*$|.*\.key$" | sort | uniq | head -n 70)
PSTORAGE_SYSTEMD=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA" | grep -E "^/lib|^/run|^/var|^$GREPHOMESEARCH|^/systemd|^/snap|^/private|^/mnt|^/cdrom|^/etc|^/usr|^/tmp|^/.cache|^/srv|^/lib32|^/bin|^/applications|^/lib64|^/media|^/sys|^/opt|^/sbin|^/system" | grep -E ".*\.service$" | sort | uniq | head -n 70)
PSTORAGE_TIMER=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA" | grep -E "^/lib|^/run|^/var|^$GREPHOMESEARCH|^/systemd|^/snap|^/private|^/mnt|^/cdrom|^/etc|^/usr|^/tmp|^/.cache|^/srv|^/lib32|^/bin|^/applications|^/lib64|^/media|^/sys|^/opt|^/sbin|^/system" | grep -E ".*\.timer$" | sort | uniq | head -n 70)
PSTORAGE_SOCKET=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA" | grep -E "^/lib|^/run|^/var|^$GREPHOMESEARCH|^/systemd|^/snap|^/private|^/mnt|^/cdrom|^/etc|^/usr|^/tmp|^/.cache|^/srv|^/lib32|^/bin|^/applications|^/lib64|^/media|^/sys|^/opt|^/sbin|^/system" | grep -E ".*\.socket$" | sort | uniq | head -n 70)
PSTORAGE_DBUS=$(echo -e "$FIND_DIR_CACHE\n$FIND_DIR_MNT\n$FIND_DIR_CDROM\n$FIND_DIR_SNAP\n$FIND_DIR_TMP\n$FIND_DIR_VAR\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_SRV\n$FIND_DIR_ETC\n$FIND_DIR_OPT\n$FIND_DIR_MEDIA\n$FIND_DIR_BIN\n$FIND_DIR_SBIN\n$FIND_DIR_PRIVATE\n$FIND_DIR_USR" | grep -E "^/etc" | grep -E "system\.d$" | sort | uniq | head -n 70)
PSTORAGE_MYSQL=$(echo -e "$FIND_DIR_CACHE\n$FIND_DIR_MNT\n$FIND_DIR_CDROM\n$FIND_DIR_SNAP\n$FIND_DIR_TMP\n$FIND_DIR_VAR\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_SRV\n$FIND_DIR_ETC\n$FIND_DIR_OPT\n$FIND_DIR_MEDIA\n$FIND_DIR_BIN\n$FIND_DIR_SBIN\n$FIND_DIR_PRIVATE\n$FIND_DIR_USR" | grep -v -E 'mysql/mysql' | grep -E '^/etc/.*mysql|/usr/var/lib/.*mysql|/var/lib/.*mysql' | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E "mysql$" | sort | uniq | head -n 70)
PSTORAGE_MARIADB=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA" | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E "mariadb\.cnf$|debian\.cnf$" | sort | uniq | head -n 70)
PSTORAGE_POSTGRESQL=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA" | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E "pgadmin.*\.db$|pg_hba\.conf$|postgresql\.conf$|pgsql\.conf$" | sort | uniq | head -n 70)
PSTORAGE_APACHE=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA\n$FIND_DIR_CACHE\n$FIND_DIR_MNT\n$FIND_DIR_CDROM\n$FIND_DIR_SNAP\n$FIND_DIR_TMP\n$FIND_DIR_VAR\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_SRV\n$FIND_DIR_ETC\n$FIND_DIR_OPT\n$FIND_DIR_MEDIA\n$FIND_DIR_BIN\n$FIND_DIR_SBIN\n$FIND_DIR_PRIVATE\n$FIND_DIR_USR" | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E "sites-enabled$|000-default\.conf$|php\.ini$" | sort | uniq | head -n 70)
PSTORAGE_PHP_SESSIONS=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA" | grep -E '/tmp/.*sess_.*|/var/tmp/.*sess_.*' | grep -E "^/mnt|^/private|^/tmp|^/var" | grep -E "sess_.*$" | sort | uniq | head -n 70)
PSTORAGE_PHP_FILES=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA" | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E ".*config.*\.php$|database\.php$|db\.php$|storage\.php$|settings\.php$" | sort | uniq | head -n 70)
PSTORAGE_WORDPRESS=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA" | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E "wp-config\.php$" | sort | uniq | head -n 70)
PSTORAGE_DRUPAL=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA" | grep -E '/default/settings.php' | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E "settings\.php$" | sort | uniq | head -n 70)
PSTORAGE_MOODLE=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA" | grep -E 'moodle/config.php' | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E "config\.php$" | sort | uniq | head -n 70)
PSTORAGE_TOMCAT=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA" | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E "tomcat-users\.xml$" | sort | uniq | head -n 70)
PSTORAGE_MONGO=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA" | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E "mongod.*\.conf$" | sort | uniq | head -n 70)
PSTORAGE_SUPERVISORD=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA" | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E "supervisord\.conf$" | sort | uniq | head -n 70)
PSTORAGE_CESI=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA" | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E "cesi\.conf$" | sort | uniq | head -n 70)
PSTORAGE_RSYNC=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA" | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E "rsyncd\.conf$|rsyncd\.secrets$" | sort | uniq | head -n 70)
PSTORAGE_HOSTAPD=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA" | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E "hostapd\.conf$" | sort | uniq | head -n 70)
PSTORAGE_ANACONDA_KS=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA" | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E "anaconda-ks\.cfg$" | sort | uniq | head -n 70)
PSTORAGE_RACOON=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA" | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E "racoon\.conf$|psk\.txt$" | sort | uniq | head -n 70)
PSTORAGE_VNC=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA\n$FIND_DIR_CACHE\n$FIND_DIR_MNT\n$FIND_DIR_CDROM\n$FIND_DIR_SNAP\n$FIND_DIR_TMP\n$FIND_DIR_VAR\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_SRV\n$FIND_DIR_ETC\n$FIND_DIR_OPT\n$FIND_DIR_MEDIA\n$FIND_DIR_BIN\n$FIND_DIR_SBIN\n$FIND_DIR_PRIVATE\n$FIND_DIR_USR" | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E "\.vnc$|.*vnc.*\.c.*nf.*$|.*vnc.*\.ini$|.*vnc.*\.txt$|.*vnc.*\.xml$" | sort | uniq | head -n 70)
PSTORAGE_LDAP=$(echo -e "$FIND_DIR_CACHE\n$FIND_DIR_MNT\n$FIND_DIR_CDROM\n$FIND_DIR_SNAP\n$FIND_DIR_TMP\n$FIND_DIR_VAR\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_SRV\n$FIND_DIR_ETC\n$FIND_DIR_OPT\n$FIND_DIR_MEDIA\n$FIND_DIR_BIN\n$FIND_DIR_SBIN\n$FIND_DIR_PRIVATE\n$FIND_DIR_USR" | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E "ldap$" | sort | uniq | head -n 70)
PSTORAGE_OPENVPN=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA" | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E ".*\.ovpn$" | sort | uniq | head -n 70)
PSTORAGE_SSH=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA" | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E "id_dsa.*$|id_rsa.*$|known_hosts$|authorized_hosts$|authorized_keys$" | sort | uniq | head -n 70)
PSTORAGE_CERTSB4=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA" | grep -v -E '^/usr/share/|^/etc/ssl/|^/usr/local/lib/|^/usr/lib.*' | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E ".*\.pem$|.*\.cer$|.*\.crt$" | sort | uniq | head -n 70)
PSTORAGE_CERTSBIN=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA" | grep -v -E '^/usr/share/|^/etc/ssl/|^/usr/local/lib/|^/usr/lib/.*' | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E ".*\.csr$|.*\.der$" | sort | uniq | head -n 70)
PSTORAGE_CERTSCLIENT=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA" | grep -v -E '^/usr/share/|^/etc/ssl/|^/usr/local/lib/|^/usr/lib/.*' | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E ".*\.pfx$|.*\.p12$" | sort | uniq | head -n 70)
PSTORAGE_SSH_AGENTS=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA" | grep -E "^/private|^/tmp" | grep -E "agent.*$" | sort | uniq | head -n 70)
PSTORAGE_SSH_CONFIG=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA" | grep -E "^/usr|^$GREPHOMESEARCH" | grep -E "ssh.*config$" | sort | uniq | head -n 70)
PSTORAGE_CLOUD_CREDENTIALS=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA\n$FIND_DIR_CACHE\n$FIND_DIR_MNT\n$FIND_DIR_CDROM\n$FIND_DIR_SNAP\n$FIND_DIR_TMP\n$FIND_DIR_VAR\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_SRV\n$FIND_DIR_ETC\n$FIND_DIR_OPT\n$FIND_DIR_MEDIA\n$FIND_DIR_BIN\n$FIND_DIR_SBIN\n$FIND_DIR_PRIVATE\n$FIND_DIR_USR" | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E "credentials$|credentials\.db$|legacy_credentials\.db$|access_tokens\.db$|access_tokens\.json$|accessTokens\.json$|azureProfile\.json$|TokenCache\.dat$|AzureRMContext\.json$|\.bluemix$" | sort | uniq | head -n 70)
PSTORAGE_KERBEROS=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA" | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E "krb5\.conf$|krb5\.keytab$|\.k5login$|kadm5\.acl$|secrets\.ldb$|\.secrets\.mkey$|sssd\.conf$" | sort | uniq | head -n 70)
PSTORAGE_KIBANA=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA" | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E "kibana\.y.*ml$" | sort | uniq | head -n 70)
PSTORAGE_KNOCKD=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA" | grep -E '/etc/init.d/' | grep -E "^/etc" | grep -E ".*knockd.*$" | sort | uniq | head -n 70)
PSTORAGE_LOGSTASH=$(echo -e "$FIND_DIR_CACHE\n$FIND_DIR_MNT\n$FIND_DIR_CDROM\n$FIND_DIR_SNAP\n$FIND_DIR_TMP\n$FIND_DIR_VAR\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_SRV\n$FIND_DIR_ETC\n$FIND_DIR_OPT\n$FIND_DIR_MEDIA\n$FIND_DIR_BIN\n$FIND_DIR_SBIN\n$FIND_DIR_PRIVATE\n$FIND_DIR_USR" | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E "logstash$" | sort | uniq | head -n 70)
PSTORAGE_ELASTICSEARCH=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA" | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E "elasticsearch\.y.*ml$" | sort | uniq | head -n 70)
PSTORAGE_VAULT_SSH_HELPER=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA" | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E "vault-ssh-helper\.hcl$" | sort | uniq | head -n 70)
PSTORAGE_VAULT_SSH_TOKEN=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA" | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E "\.vault-token$" | sort | uniq | head -n 70)
PSTORAGE_COUCHDB=$(echo -e "$FIND_DIR_CACHE\n$FIND_DIR_MNT\n$FIND_DIR_CDROM\n$FIND_DIR_SNAP\n$FIND_DIR_TMP\n$FIND_DIR_VAR\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_SRV\n$FIND_DIR_ETC\n$FIND_DIR_OPT\n$FIND_DIR_MEDIA\n$FIND_DIR_BIN\n$FIND_DIR_SBIN\n$FIND_DIR_PRIVATE\n$FIND_DIR_USR" | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E "couchdb$" | sort | uniq | head -n 70)
PSTORAGE_REDIS=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA" | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E "redis\.conf$" | sort | uniq | head -n 70)
PSTORAGE_MOSQUITTO=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA" | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E "mosquitto\.conf$" | sort | uniq | head -n 70)
PSTORAGE_NEO4J=$(echo -e "$FIND_DIR_CACHE\n$FIND_DIR_MNT\n$FIND_DIR_CDROM\n$FIND_DIR_SNAP\n$FIND_DIR_TMP\n$FIND_DIR_VAR\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_SRV\n$FIND_DIR_ETC\n$FIND_DIR_OPT\n$FIND_DIR_MEDIA\n$FIND_DIR_BIN\n$FIND_DIR_SBIN\n$FIND_DIR_PRIVATE\n$FIND_DIR_USR" | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E "neo4j$" | sort | uniq | head -n 70)
PSTORAGE_CLOUD_INIT=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA" | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E "cloud\.cfg$" | sort | uniq | head -n 70)
PSTORAGE_ERLANG=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA" | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E "\.erlang\.cookie$" | sort | uniq | head -n 70)
PSTORAGE_GMV_AUTH=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA" | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E "gvm-tools\.conf$" | sort | uniq | head -n 70)
PSTORAGE_IPSEC=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA" | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E "ipsec\.secrets$|ipsec\.conf$" | sort | uniq | head -n 70)
PSTORAGE_IRSSI=$(echo -e "$FIND_DIR_CACHE\n$FIND_DIR_MNT\n$FIND_DIR_CDROM\n$FIND_DIR_SNAP\n$FIND_DIR_TMP\n$FIND_DIR_VAR\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_SRV\n$FIND_DIR_ETC\n$FIND_DIR_OPT\n$FIND_DIR_MEDIA\n$FIND_DIR_BIN\n$FIND_DIR_SBIN\n$FIND_DIR_PRIVATE\n$FIND_DIR_USR" | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E "\.irssi$" | sort | uniq | head -n 70)
PSTORAGE_KEYRING=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA\n$FIND_DIR_CACHE\n$FIND_DIR_MNT\n$FIND_DIR_CDROM\n$FIND_DIR_SNAP\n$FIND_DIR_TMP\n$FIND_DIR_VAR\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_SRV\n$FIND_DIR_ETC\n$FIND_DIR_OPT\n$FIND_DIR_MEDIA\n$FIND_DIR_BIN\n$FIND_DIR_SBIN\n$FIND_DIR_PRIVATE\n$FIND_DIR_USR" | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E "keyrings$|.*\.keyring$|.*\.keystore$|.*\.jks$" | sort | uniq | head -n 70)
PSTORAGE_FILEZILLA=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA\n$FIND_DIR_CACHE\n$FIND_DIR_MNT\n$FIND_DIR_CDROM\n$FIND_DIR_SNAP\n$FIND_DIR_TMP\n$FIND_DIR_VAR\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_SRV\n$FIND_DIR_ETC\n$FIND_DIR_OPT\n$FIND_DIR_MEDIA\n$FIND_DIR_BIN\n$FIND_DIR_SBIN\n$FIND_DIR_PRIVATE\n$FIND_DIR_USR" | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E "filezilla$|filezilla\.xml$|recentservers\.xml$" | sort | uniq | head -n 70)
PSTORAGE_BACKUP_MANAGER=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA" | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E "storage\.php$|database\.php$" | sort | uniq | head -n 70)
PSTORAGE_SPLUNK=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA" | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E "passwd$" | sort | uniq | head -n 70)
PSTORAGE_GITLAB=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA" | grep -v -E '/lib' | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E "secrets\.yml$|gitlab\.yml$|gitlab\.rm$" | sort | uniq | head -n 70)
PSTORAGE_PGP_GPG=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA" | grep -v -E 'README.gnupg' | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E ".*\.pgp$|.*\.gpg$|.*\.gnupg$" | sort | uniq | head -n 70)
PSTORAGE_CACHE_VI=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA" | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E ".*\.swp$|.*\.viminfo$" | sort | uniq | head -n 70)
PSTORAGE_DOCKER=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA" | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E "docker\.socket$|docker\.sock$|Dockerfile$|docker-compose\.yml$" | sort | uniq | head -n 70)
PSTORAGE_FIREFOX=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA" | grep -E "^" | grep -E "\.mozilla$|Firefox$" | sort | uniq | head -n 70)
PSTORAGE_CHROME=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA" | grep -E "^" | grep -E "google-chrome$|Chrome$" | sort | uniq | head -n 70)
PSTORAGE_OPERA=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA" | grep -E "^" | grep -E "com\.operasoftware\.Opera$" | sort | uniq | head -n 70)
PSTORAGE_SAFARI=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA" | grep -E "^" | grep -E "Safari$" | sort | uniq | head -n 70)
PSTORAGE_AUTOLOGIN=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA" | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E "autologin$|autologin\.conf$" | sort | uniq | head -n 70)
PSTORAGE_FASTCGI=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA" | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E "fastcgi_params$" | sort | uniq | head -n 70)
PSTORAGE_SNMP=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA" | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E "snmpd\.conf$" | sort | uniq | head -n 70)
PSTORAGE_PYPIRC=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA" | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E "\.pypirc$" | sort | uniq | head -n 70)
PSTORAGE_POSTFIX=$(echo -e "$FIND_DIR_CACHE\n$FIND_DIR_MNT\n$FIND_DIR_CDROM\n$FIND_DIR_SNAP\n$FIND_DIR_TMP\n$FIND_DIR_VAR\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_SRV\n$FIND_DIR_ETC\n$FIND_DIR_OPT\n$FIND_DIR_MEDIA\n$FIND_DIR_BIN\n$FIND_DIR_SBIN\n$FIND_DIR_PRIVATE\n$FIND_DIR_USR" | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E "postfix$" | sort | uniq | head -n 70)
PSTORAGE_CLOUDFLARE=$(echo -e "$FIND_DIR_CACHE\n$FIND_DIR_MNT\n$FIND_DIR_CDROM\n$FIND_DIR_SNAP\n$FIND_DIR_TMP\n$FIND_DIR_VAR\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_SRV\n$FIND_DIR_ETC\n$FIND_DIR_OPT\n$FIND_DIR_MEDIA\n$FIND_DIR_BIN\n$FIND_DIR_SBIN\n$FIND_DIR_PRIVATE\n$FIND_DIR_USR" | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E "\.cloudflared$" | sort | uniq | head -n 70)
PSTORAGE_HISTORY=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA" | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E "\..*_history\..*$" | sort | uniq | head -n 70)
PSTORAGE_HTTP_CONF=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA" | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E "httpd\.conf$" | sort | uniq | head -n 70)
PSTORAGE_HTPASSWD=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA" | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E "\.htpasswd$" | sort | uniq | head -n 70)
PSTORAGE_LDAPRC=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA" | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E "\.ldaprc$" | sort | uniq | head -n 70)
PSTORAGE_ENV=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA" | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E "\.env$" | sort | uniq | head -n 70)
PSTORAGE_MSMTPRC=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA" | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E "\.msmtprc$" | sort | uniq | head -n 70)
PSTORAGE_INFLUXDB=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA" | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E "influxdb\.conf$" | sort | uniq | head -n 70)
PSTORAGE_ZABBIX=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA\n$FIND_DIR_CACHE\n$FIND_DIR_MNT\n$FIND_DIR_CDROM\n$FIND_DIR_SNAP\n$FIND_DIR_TMP\n$FIND_DIR_VAR\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_SRV\n$FIND_DIR_ETC\n$FIND_DIR_OPT\n$FIND_DIR_MEDIA\n$FIND_DIR_BIN\n$FIND_DIR_SBIN\n$FIND_DIR_PRIVATE\n$FIND_DIR_USR" | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E "zabbix_server\.conf$|zabbix_agentd\.conf$|zabbix$" | sort | uniq | head -n 70)
PSTORAGE_GITHUB=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA" | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E "\.github$|\.gitconfig$|\.git-credentials$|\.git$" | sort | uniq | head -n 70)
PSTORAGE_SVN=$(echo -e "$FIND_DIR_CACHE\n$FIND_DIR_MNT\n$FIND_DIR_CDROM\n$FIND_DIR_SNAP\n$FIND_DIR_TMP\n$FIND_DIR_VAR\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_SRV\n$FIND_DIR_ETC\n$FIND_DIR_OPT\n$FIND_DIR_MEDIA\n$FIND_DIR_BIN\n$FIND_DIR_SBIN\n$FIND_DIR_PRIVATE\n$FIND_DIR_USR" | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E "\.svn$" | sort | uniq | head -n 70)
PSTORAGE_KEEPASS=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA" | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E ".*\.kdbx$|KeePass\.config.*$|KeePass\.ini$|KeePass\.enforced.*$" | sort | uniq | head -n 70)
PSTORAGE_FTP=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA" | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E ".*\.ftpconfig$|ffftp\.ini$|ftp\.ini$|ftp\.config$|sites\.ini$|wcx_ftp\.ini$|winscp\.ini$|ws_ftp\.ini$" | sort | uniq | head -n 70)
PSTORAGE_BIND=$(echo -e "$FIND_DIR_CACHE\n$FIND_DIR_MNT\n$FIND_DIR_CDROM\n$FIND_DIR_SNAP\n$FIND_DIR_TMP\n$FIND_DIR_VAR\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_SRV\n$FIND_DIR_ETC\n$FIND_DIR_OPT\n$FIND_DIR_MEDIA\n$FIND_DIR_BIN\n$FIND_DIR_SBIN\n$FIND_DIR_PRIVATE\n$FIND_DIR_USR" | grep -E "^/etc|^/usr|^/var" | grep -E "bind$" | sort | uniq | head -n 70)
PSTORAGE_SEEDDMS=$(echo -e "$FIND_DIR_CACHE\n$FIND_DIR_MNT\n$FIND_DIR_CDROM\n$FIND_DIR_SNAP\n$FIND_DIR_TMP\n$FIND_DIR_VAR\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_SRV\n$FIND_DIR_ETC\n$FIND_DIR_OPT\n$FIND_DIR_MEDIA\n$FIND_DIR_BIN\n$FIND_DIR_SBIN\n$FIND_DIR_PRIVATE\n$FIND_DIR_USR" | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E "seeddms.*$" | sort | uniq | head -n 70)
PSTORAGE_DDCLIENT=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA" | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E "ddclient\.conf$" | sort | uniq | head -n 70)
PSTORAGE_KCPASSWORD=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA" | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E "kcpassword$" | sort | uniq | head -n 70)
PSTORAGE_SENTRY=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA\n$FIND_DIR_CACHE\n$FIND_DIR_MNT\n$FIND_DIR_CDROM\n$FIND_DIR_SNAP\n$FIND_DIR_TMP\n$FIND_DIR_VAR\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_SRV\n$FIND_DIR_ETC\n$FIND_DIR_OPT\n$FIND_DIR_MEDIA\n$FIND_DIR_BIN\n$FIND_DIR_SBIN\n$FIND_DIR_PRIVATE\n$FIND_DIR_USR" | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E "sentry$|sentry\.conf\.py$" | sort | uniq | head -n 70)
PSTORAGE_STRAPI=$(echo -e "$FIND_DIR_CACHE\n$FIND_DIR_MNT\n$FIND_DIR_CDROM\n$FIND_DIR_SNAP\n$FIND_DIR_TMP\n$FIND_DIR_VAR\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_SRV\n$FIND_DIR_ETC\n$FIND_DIR_OPT\n$FIND_DIR_MEDIA\n$FIND_DIR_BIN\n$FIND_DIR_SBIN\n$FIND_DIR_PRIVATE\n$FIND_DIR_USR" | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E "environments$" | sort | uniq | head -n 70)
PSTORAGE_CACTI=$(echo -e "$FIND_DIR_CACHE\n$FIND_DIR_MNT\n$FIND_DIR_CDROM\n$FIND_DIR_SNAP\n$FIND_DIR_TMP\n$FIND_DIR_VAR\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_SRV\n$FIND_DIR_ETC\n$FIND_DIR_OPT\n$FIND_DIR_MEDIA\n$FIND_DIR_BIN\n$FIND_DIR_SBIN\n$FIND_DIR_PRIVATE\n$FIND_DIR_USR" | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E "cacti$" | sort | uniq | head -n 70)
PSTORAGE_ROUNDCUBE=$(echo -e "$FIND_DIR_CACHE\n$FIND_DIR_MNT\n$FIND_DIR_CDROM\n$FIND_DIR_SNAP\n$FIND_DIR_TMP\n$FIND_DIR_VAR\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_SRV\n$FIND_DIR_ETC\n$FIND_DIR_OPT\n$FIND_DIR_MEDIA\n$FIND_DIR_BIN\n$FIND_DIR_SBIN\n$FIND_DIR_PRIVATE\n$FIND_DIR_USR" | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E "roundcube$" | sort | uniq | head -n 70)
PSTORAGE_PASSBOLT=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA" | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E "passbolt\.php$" | sort | uniq | head -n 70)
PSTORAGE_JETTY=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA" | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E "jetty-realm\.properties$" | sort | uniq | head -n 70)
PSTORAGE_WGET=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA" | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E "\.wgetrc$" | sort | uniq | head -n 70)
PSTORAGE_INTERESTING_LOGS=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA" | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E "access\.log$|error\.log$" | sort | uniq | head -n 70)
PSTORAGE_OTHER_INTERESTING_FILES=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA" | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E "\.bashrc$|\.google_authenticator$|hosts\.equiv$|\.lesshst$|\.plan$|\.profile$|\.recently-used\.xbel$|\.rhosts$|\.sudo_as_admin_successful$" | sort | uniq | head -n 70)
PSTORAGE_WINDOWS_FILES=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA" | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E "unattend\.inf$|.*\.rdg$|AppEvent\.Evt$|ConsoleHost_history\.txt$|FreeSSHDservice\.ini$|NetSetup\.log$|Ntds\.dit$|protecteduserkey\.bin$|RDCMan\.settings$|SAM$|SYSTEM$|SecEvent\.Evt$|appcmd\.exe$|bash\.exe$|datasources\.xml$|default\.sav$|drives\.xml$|groups\.xml$|https-xampp\.conf$|https\.conf$|iis6\.log$|index\.dat$|my\.cnf$|my\.ini$|ntuser\.dat$|pagefile\.sys$|printers\.xml$|recentservers\.xml$|scclient\.exe$|scheduledtasks\.xml$|security\.sav$|server\.xml$|setupinfo$|setupinfo\.bak$|sitemanager\.xml$|sites\.ini$|software$|software\.sav$|sysprep\.inf$|sysprep\.xml$|system\.sav$|unattend\.txt$|unattend\.xml$|unattended\.xml$|wcx_ftp\.ini$|ws_ftp\.ini$|web.*\.config$|winscp\.ini$|wsl\.exe$" | sort | uniq | head -n 70)
PSTORAGE_DATABASE=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA" | grep -v -E '/man/|/usr/|/var/cache/' | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E ".*\.db$|.*\.sqlite$|.*\.sqlite3$" | sort | uniq | head -n 70)
PSTORAGE_BACKUPS=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA" | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E "backup$|backups$" | sort | uniq | head -n 70)
PSTORAGE_PASSWORD_FILES=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA" | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E ".*password.*$|.*credential.*$|creds.*$|.*\.key$" | sort | uniq | head -n 70)
##### POST SERACH VARIABLES #####
@ -1245,7 +1245,7 @@ fi
if echo $CHECKS | grep -q system_information;
if echo $CHECKS | grep -q system_information; then
print_title "System Information"
###########################################
#-------------) System Info (-------------#
@ -1434,11 +1434,11 @@ else
fi
fi
echo''
echo''
echo ''
echo ''
if [ "$WAIT" ]; then echo "Press enter to continue"; read "asd"; fi
if echo $CHECKS | grep -q container;
if echo $CHECKS | grep -q container; then
print_title "Container"
##############################################
#---------------) Containers (---------------#
@ -1458,90 +1458,90 @@ podmancontainers=$(podman ps --format "{{.Names}}" 2>/dev/null | wc -l)
lxccontainers=$(lxc list -c n --format csv 2>/dev/null | wc -l)
rktcontainers=$(rkt list 2>/dev/null | tail -n +2 | wc -l)
if [ "$dockercontainers" -eq "0" ] && [ "$lxccontainers" -eq "0" ] && [ "$rktcontainers" -eq "0" ] && [ "$podmancontainers" -eq "0" ]; then
echo_no
echo_no
else
containerCounts=""
if [ "$dockercontainers" -ne "0" ]; then containerCounts="${containerCounts}docker($dockercontainers) "; fi
if [ "$podmancontainers" -ne "0" ]; then containerCounts="${containerCounts}podman($podmancontainers) "; fi
if [ "$lxccontainers" -ne "0" ]; then containerCounts="${containerCounts}lxc($lxccontainers) "; fi
if [ "$rktcontainers" -ne "0" ]; then containerCounts="${containerCounts}rkt($rktcontainers) "; fi
echo "Yes $containerCounts" | sed -${E} "s,.*,${SED_RED},"
# List any running containers
if [ "$dockercontainers" -ne "0" ]; then echo "Running Docker Containers" | sed -${E} "s,.*,${SED_RED},"; docker ps | tail -n +2 2>/dev/null; echo ""; fi
if [ "$podmancontainers" -ne "0" ]; then echo "Running Podman Containers" | sed -${E} "s,.*,${SED_RED},"; podman ps | tail -n +2 2>/dev/null; echo ""; fi
if [ "$lxccontainers" -ne "0" ]; then echo "Running LXC Containers" | sed -${E} "s,.*,${SED_RED},"; lxc list 2>/dev/null; echo ""; fi
if [ "$rktcontainers" -ne "0" ]; then echo "Running RKT Containers" | sed -${E} "s,.*,${SED_RED},"; rkt list 2>/dev/null; echo ""; fi
containerCounts=""
if [ "$dockercontainers" -ne "0" ]; then containerCounts="${containerCounts}docker($dockercontainers) "; fi
if [ "$podmancontainers" -ne "0" ]; then containerCounts="${containerCounts}podman($podmancontainers) "; fi
if [ "$lxccontainers" -ne "0" ]; then containerCounts="${containerCounts}lxc($lxccontainers) "; fi
if [ "$rktcontainers" -ne "0" ]; then containerCounts="${containerCounts}rkt($rktcontainers) "; fi
echo "Yes $containerCounts" | sed -${E} "s,.*,${SED_RED},"
# List any running containers
if [ "$dockercontainers" -ne "0" ]; then echo "Running Docker Containers" | sed -${E} "s,.*,${SED_RED},"; docker ps | tail -n +2 2>/dev/null; echo ""; fi
if [ "$podmancontainers" -ne "0" ]; then echo "Running Podman Containers" | sed -${E} "s,.*,${SED_RED},"; podman ps | tail -n +2 2>/dev/null; echo ""; fi
if [ "$lxccontainers" -ne "0" ]; then echo "Running LXC Containers" | sed -${E} "s,.*,${SED_RED},"; lxc list 2>/dev/null; echo ""; fi
if [ "$rktcontainers" -ne "0" ]; then echo "Running RKT Containers" | sed -${E} "s,.*,${SED_RED},"; rkt list 2>/dev/null; echo ""; fi
fi
#If docker
if echo "$containerType" | grep -qi "docker"; then
print_2title "Docker Container details"
inDockerGroup
print_list "Am I inside Docker group .......$NC $DOCKER_GROUP\n" | sed -${E} "s,Yes,${SED_RED_YELLOW},"
print_list "Looking and enumerating Docker Sockets\n"$NC
enumerateDockerSockets
print_list "Docker version .................$NC$dockerVersion"
checkDockerVersionExploits
print_list "Vulnerable to CVE-2019-5736 ....$NC$VULN_CVE_2019_5736"$NC | sed -${E} "s,Yes,${SED_RED_YELLOW},"
print_list "Vulnerable to CVE-2019-13139 ...$NC$VULN_CVE_2019_13139"$NC | sed -${E} "s,Yes,${SED_RED_YELLOW},"
if [ "$inContainer" ]; then
checkDockerRootless
print_list "Rootless Docker? ................ $DOCKER_ROOTLESS\n"$NC | sed -${E} "s,No,${SED_RED}," | sed -${E} "s,Yes,${SED_GREEN},"
fi
if df -h | grep docker; then
print_2title "Docker Overlays"
df -h | grep docker
fi
fi
if [ "$inContainer" ]; then
echo ""
print_2title "Container & breakout enumeration"
print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation/docker-breakout"
print_list "Container ID ...................$NC $(cat /etc/hostname)"
if echo "$containerType" | grep -qi "docker"; then
print_list "Container Full ID ..............$NC $(basename $(cat /proc/1/cpuset))\n"
fi
if echo "$containerType" | grep -qi "kubernetes"; then
print_list "Kubernetes namespace ...........$NC $(cat /run/secrets/kubernetes.io/serviceaccount/namespace /secrets/kubernetes.io/serviceaccount/namespace 2>/dev/null)\n"
print_list "Kubernetes token ...............$NC $(cat /run/secrets/kubernetes.io/serviceaccount/token /secrets/kubernetes.io/serviceaccount/token 2>/dev/null)\n"
fi
checkContainerExploits
print_list "Vulnerable to CVE-2019-5021 .. $VULN_CVE_2019_5021\n"$NC | sed -${E} "s,Yes,${SED_RED_YELLOW},"
echo ""
print_2title "Container Capabilities"
capsh --print 2>/dev/null | sed -${E} "s,$containercapsB,${SED_RED},g"
echo ""
print_2title "Privilege Mode"
if [ -x "$(command -v fdisk)" ]; then
if [ "$(fdisk -l 2>/dev/null | wc -l)" -gt 0 ]; then
echo "Privilege Mode is enabled"| sed -${E} "s,enabled,${SED_RED_YELLOW},"
else
echo "Privilege Mode is disabled"| sed -${E} "s,disabled,${SED_GREEN},"
print_2title "Docker Container details"
inDockerGroup
print_list "Am I inside Docker group .......$NC $DOCKER_GROUP\n" | sed -${E} "s,Yes,${SED_RED_YELLOW},"
print_list "Looking and enumerating Docker Sockets\n"$NC
enumerateDockerSockets
print_list "Docker version .................$NC$dockerVersion"
checkDockerVersionExploits
print_list "Vulnerable to CVE-2019-5736 ....$NC$VULN_CVE_2019_5736"$NC | sed -${E} "s,Yes,${SED_RED_YELLOW},"
print_list "Vulnerable to CVE-2019-13139 ...$NC$VULN_CVE_2019_13139"$NC | sed -${E} "s,Yes,${SED_RED_YELLOW},"
if [ "$inContainer" ]; then
checkDockerRootless
print_list "Rootless Docker? ................ $DOCKER_ROOTLESS\n"$NC | sed -${E} "s,No,${SED_RED}," | sed -${E} "s,Yes,${SED_GREEN},"
fi
if df -h | grep docker; then
print_2title "Docker Overlays"
df -h | grep docker
fi
else
echo_not_found
fi
echo ""
print_2title "Interesting Files Mounted"
(mount -l || cat /proc/self/mountinfo || cat /proc/1/mountinfo || cat /proc/mounts || cat /proc/self/mounts || cat /proc/1/mounts )2>/dev/null | grep -Ev "$GREP_IGNORE_MOUNTS"
echo ""
print_2title "Possible Entrypoints"
ls -lah /*.sh /*entrypoint* /**/entrypoint* /**/*.sh /deploy* 2>/dev/null | sort | uniq
echo ""
fi
if [ "$inContainer" ]; then
echo ""
print_2title "Container & breakout enumeration"
print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation/docker-breakout"
print_list "Container ID ...................$NC $(cat /etc/hostname)"
if echo "$containerType" | grep -qi "docker"; then
print_list "Container Full ID ..............$NC $(basename $(cat /proc/1/cpuset))\n"
fi
if echo "$containerType" | grep -qi "kubernetes"; then
print_list "Kubernetes namespace ...........$NC $(cat /run/secrets/kubernetes.io/serviceaccount/namespace /secrets/kubernetes.io/serviceaccount/namespace 2>/dev/null)\n"
print_list "Kubernetes token ...............$NC $(cat /run/secrets/kubernetes.io/serviceaccount/token /secrets/kubernetes.io/serviceaccount/token 2>/dev/null)\n"
fi
checkContainerExploits
print_list "Vulnerable to CVE-2019-5021 .. $VULN_CVE_2019_5021\n"$NC | sed -${E} "s,Yes,${SED_RED_YELLOW},"
echo ""
print_2title "Container Capabilities"
capsh --print 2>/dev/null | sed -${E} "s,$containercapsB,${SED_RED},g"
echo ""
print_2title "Privilege Mode"
if [ -x "$(command -v fdisk)" ]; then
if [ "$(fdisk -l 2>/dev/null | wc -l)" -gt 0 ]; then
echo "Privilege Mode is enabled"| sed -${E} "s,enabled,${SED_RED_YELLOW},"
else
echo "Privilege Mode is disabled"| sed -${E} "s,disabled,${SED_GREEN},"
fi
else
echo_not_found
fi
echo ""
print_2title "Interesting Files Mounted"
(mount -l || cat /proc/self/mountinfo || cat /proc/1/mountinfo || cat /proc/mounts || cat /proc/self/mounts || cat /proc/1/mounts )2>/dev/null | grep -Ev "$GREP_IGNORE_MOUNTS"
echo ""
print_2title "Possible Entrypoints"
ls -lah /*.sh /*entrypoint* /**/entrypoint* /**/*.sh /deploy* 2>/dev/null | sort | uniq
echo ""
fi
echo''
echo''
fi
echo ''
echo ''
if [ "$WAIT" ]; then echo "Press enter to continue"; read "asd"; fi
if echo $CHECKS | grep -q available_software;
if echo $CHECKS | grep -q available_software; then
print_title "Available Software"
###########################################
#---------) Available Software (----------#
@ -1558,15 +1558,15 @@ print_2title "Installed Compiler"
echo ""
if [ "$(command -v pkg 2>/dev/null)" ]; then
print_2title "Vulnerable Packages"
pkg audit -F | sed -${E} "s,vulnerable,${SED_RED},g"
echo ""
print_2title "Vulnerable Packages"
pkg audit -F | sed -${E} "s,vulnerable,${SED_RED},g"
echo ""
fi
if [ "$(command -v brew 2>/dev/null)" ]; then
print_2title "Brew Installed Packages"
brew list
echo ""
print_2title "Brew Installed Packages"
brew list
echo ""
fi
if [ "$MACPEAS" ]; then
@ -1582,14 +1582,15 @@ system_profiler SPFrameworksDataType | grep "Location:" | cut -d ":" -f 2 | cut
echo "$f is writable" | sed -${E} "s,.*,${SED_RED},g"
fi
done
fi
echo''
echo''
fi
echo ''
echo ''
if [ "$WAIT" ]; then echo "Press enter to continue"; read "asd"; fi
if echo $CHECKS | grep -q procs_crons_timers_srvcs_sockets;
if echo $CHECKS | grep -q procs_crons_timers_srvcs_sockets; then
print_title "Processes, Crons, Timers, Services and Sockets"
####################################################
#-----) Processes & Cron & Services & Timers (-----#
####################################################
@ -1597,46 +1598,46 @@ print_title "Processes, Crons, Timers, Services and Sockets"
#-- PCS) Cleaned proccesses
print_2title "Cleaned processes"
if [ "$NOUSEPS" ]; then
printf ${BLUE}"[i]$GREEN Looks like ps is not finding processes, going to read from /proc/ and not going to monitor 1min of processes\n"$NC
printf ${BLUE}"[i]$GREEN Looks like ps is not finding processes, going to read from /proc/ and not going to monitor 1min of processes\n"$NC
fi
print_info "Check weird & unexpected proceses run by root: https://book.hacktricks.xyz/linux-unix/privilege-escalation#processes"
if [ "$NOUSEPS" ]; then
print_ps | sed -${E} "s,$Wfolders,${SED_RED},g" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$rootcommon,${SED_GREEN}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed "s,root,${SED_RED}," | sed -${E} "s,$processesVB,${SED_RED_YELLOW},g" | sed "s,$processesB,${SED_RED}," | sed -${E} "s,$processesDump,${SED_RED},"
pslist=$(print_ps)
print_ps | sed -${E} "s,$Wfolders,${SED_RED},g" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$rootcommon,${SED_GREEN}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed "s,root,${SED_RED}," | sed -${E} "s,$processesVB,${SED_RED_YELLOW},g" | sed "s,$processesB,${SED_RED}," | sed -${E} "s,$processesDump,${SED_RED},"
pslist=$(print_ps)
else
(ps fauxwww || ps auxwww | sort ) 2>/dev/null | grep -v "\[" | grep -v "%CPU" | while read psline; do
(ps fauxwww || ps auxwww | sort ) 2>/dev/null | grep -v "\[" | grep -v "%CPU" | while read psline; do
echo "$psline" | sed -${E} "s,$Wfolders,${SED_RED},g" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$rootcommon,${SED_GREEN}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed "s,root,${SED_RED}," | sed -${E} "s,$processesVB,${SED_RED_YELLOW},g" | sed "s,$processesB,${SED_RED}," | sed -${E} "s,$processesDump,${SED_RED},"
if [ "$(command -v capsh)" ] && ! echo "$psline" | grep -q root; then
cpid=$(echo "$psline" | awk '{print $2}')
caphex=0x"$(cat /proc/$cpid/status 2> /dev/null | grep CapEff | awk '{print $2}')"
if [ "$caphex" ] && [ "$caphex" != "0x" ] && echo "$caphex" | grep -qv '0x0000000000000000'; then
cpid=$(echo "$psline" | awk '{print $2}')
caphex=0x"$(cat /proc/$cpid/status 2> /dev/null | grep CapEff | awk '{print $2}')"
if [ "$caphex" ] && [ "$caphex" != "0x" ] && echo "$caphex" | grep -qv '0x0000000000000000'; then
printf " └─(${DG}Caps${NC}) "; capsh --decode=$caphex 2>/dev/null | grep -v "WARNING:" | sed -${E} "s,$capsB,${SED_RED},g"
fi
fi
fi
done
pslist=$(ps auxwww)
echo ""
done
pslist=$(ps auxwww)
echo ""
#-- PCS) Binary processes permissions
print_2title "Binary processes permissions"
print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#processes"
binW="IniTialiZZinnggg"
ps auxwww 2>/dev/null | awk '{print $11}' | while read bpath; do
#-- PCS) Binary processes permissions
print_2title "Binary processes permissions"
print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#processes"
binW="IniTialiZZinnggg"
ps auxwww 2>/dev/null | awk '{print $11}' | while read bpath; do
if [ -w "$bpath" ]; then
binW="$binW|$bpath"
binW="$binW|$bpath"
fi
done
ps auxwww 2>/dev/null | awk '{print $11}' | xargs ls -la 2>/dev/null |awk '!x[$0]++' 2>/dev/null | grep -v "$USER " | sed -${E} "s,$Wfolders,${SED_RED_YELLOW},g" | sed -${E} "s,$binW,${SED_RED_YELLOW},g" | sed -${E} "s,$sh_usrs,${SED_RED}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_RED}," | sed "s,root,${SED_GREEN},"
done
ps auxwww 2>/dev/null | awk '{print $11}' | xargs ls -la 2>/dev/null |awk '!x[$0]++' 2>/dev/null | grep -v "$USER " | sed -${E} "s,$Wfolders,${SED_RED_YELLOW},g" | sed -${E} "s,$binW,${SED_RED_YELLOW},g" | sed -${E} "s,$sh_usrs,${SED_RED}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_RED}," | sed "s,root,${SED_GREEN},"
fi
echo ""
#-- PCS) Files opened by processes belonging to other users
if ! [ "$IAMROOT" ]; then
print_2title "Files opened by processes belonging to other users"
print_info "This is usually empty because of the lack of privileges to read other user processes information"
lsof 2>/dev/null | grep -v "$USER" | grep -iv "permission denied" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed "s,root,${SED_RED},"
echo ""
print_2title "Files opened by processes belonging to other users"
print_info "This is usually empty because of the lack of privileges to read other user processes information"
lsof 2>/dev/null | grep -v "$USER" | grep -iv "permission denied" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed "s,root,${SED_RED},"
echo ""
fi
#-- PCS) Processes with credentials inside memory
@ -1652,11 +1653,11 @@ echo ""
#-- PCS) Different processes 1 min
if ! [ "$FAST" ] && ! [ "$SUPERFAST" ]; then
print_2title "Different processes executed during 1 min (interesting is low number of repetitions)"
print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#frequent-cron-jobs"
temp_file=$(mktemp)
if [ "$(ps -e -o command 2>/dev/null)" ]; then for i in $(seq 1 1250); do ps -e -o command >> "$temp_file" 2>/dev/null; sleep 0.05; done; sort "$temp_file" 2>/dev/null | uniq -c | grep -v "\[" | sed '/^.\{200\}./d' | sort -r -n | grep -E -v "\s*[1-9][0-9][0-9][0-9]"; rm "$temp_file"; fi
echo ""
print_2title "Different processes executed during 1 min (interesting is low number of repetitions)"
print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#frequent-cron-jobs"
temp_file=$(mktemp)
if [ "$(ps -e -o command 2>/dev/null)" ]; then for i in $(seq 1 1250); do ps -e -o command >> "$temp_file" 2>/dev/null; sleep 0.05; done; sort "$temp_file" 2>/dev/null | uniq -c | grep -v "\[" | sed '/^.\{200\}./d' | sort -r -n | grep -E -v "\s*[1-9][0-9][0-9][0-9]"; rm "$temp_file"; fi
echo ""
fi
#-- PCS) Cron
@ -1674,42 +1675,42 @@ atq 2>/dev/null
echo ""
if [ "$MACPEAS" ]; then
print_2title "Third party LaunchAgents & LaunchDemons"
print_info "https://book.hacktricks.xyz/macos/macos-security-and-privilege-escalation#launchd"
ls -l /Library/LaunchAgents/ /Library/LaunchDaemons/ ~/Library/LaunchAgents/ ~/Library/LaunchDaemons/ 2>/dev/null
echo ""
print_2title "Third party LaunchAgents & LaunchDemons"
print_info "https://book.hacktricks.xyz/macos/macos-security-and-privilege-escalation#launchd"
ls -l /Library/LaunchAgents/ /Library/LaunchDaemons/ ~/Library/LaunchAgents/ ~/Library/LaunchDaemons/ 2>/dev/null
echo ""
print_2title "Writable System LaunchAgents & LaunchDemons"
find /System/Library/LaunchAgents/ /System/Library/LaunchDaemons/ /Library/LaunchAgents/ /Library/LaunchDaemons/ | grep ".plist" | while read f; do
print_2title "Writable System LaunchAgents & LaunchDemons"
find /System/Library/LaunchAgents/ /System/Library/LaunchDaemons/ /Library/LaunchAgents/ /Library/LaunchDaemons/ | grep ".plist" | while read f; do
program=""
program=$(defaults read "$f" Program 2>/dev/null)
if ! [ "$program" ]; then
program=$(defaults read /Library/LaunchDaemons/MonitorHelper.plist ProgramArguments | grep -Ev "^\(|^\)" | cut -d '"' -f 2)
program=$(defaults read /Library/LaunchDaemons/MonitorHelper.plist ProgramArguments | grep -Ev "^\(|^\)" | cut -d '"' -f 2)
fi
if [ -w "$program" ]; then
echo "$program" is writable | sed -${E} "s,.*,${SED_RED_YELLOW},";
echo "$program" is writable | sed -${E} "s,.*,${SED_RED_YELLOW},";
fi
done
echo ""
done
echo ""
print_2title "StartupItems"
print_info "https://book.hacktricks.xyz/macos/macos-security-and-privilege-escalation#startup-items"
ls -l /Library/StartupItems/ /System/Library/StartupItems/ 2>/dev/null
echo ""
print_2title "StartupItems"
print_info "https://book.hacktricks.xyz/macos/macos-security-and-privilege-escalation#startup-items"
ls -l /Library/StartupItems/ /System/Library/StartupItems/ 2>/dev/null
echo ""
print_2title "Login Items"
print_info "https://book.hacktricks.xyz/macos/macos-security-and-privilege-escalation#login-items"
osascript -e 'tell application "System Events" to get the name of every login item' 2>/dev/null
echo ""
print_2title "Login Items"
print_info "https://book.hacktricks.xyz/macos/macos-security-and-privilege-escalation#login-items"
osascript -e 'tell application "System Events" to get the name of every login item' 2>/dev/null
echo ""
print_2title "SPStartupItemDataType"
system_profiler SPStartupItemDataType
echo ""
print_2title "SPStartupItemDataType"
system_profiler SPStartupItemDataType
echo ""
print_2title "Emond scripts"
print_info "https://book.hacktricks.xyz/macos/macos-security-and-privilege-escalation#emond"
ls -l /private/var/db/emondClients
echo ""
print_2title "Emond scripts"
print_info "https://book.hacktricks.xyz/macos/macos-security-and-privilege-escalation#emond"
ls -l /private/var/db/emondClients
echo ""
fi
#-- PCS) Services
@ -1730,26 +1731,26 @@ echo ""
print_2title "Analyzing .service files"
print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#services"
printf "%s\n" "$PSTORAGE_SYSTEMD\n" | while read s; do
if [ ! -O "$s" ]; then #Remove services that belongs to the current user
if [ ! -O "$s" ]; then #Remove services that belongs to the current user
if ! [ "$IAMROOT" ] && [ -w "$s" ] && [ -f "$s" ]; then
echo "$s" | sed -${E} "s,.*,${SED_RED_YELLOW},g"
echo "$s" | sed -${E} "s,.*,${SED_RED_YELLOW},g"
fi
servicebinpaths=$(grep -Eo '^Exec.*?=[!@+-]*[a-zA-Z0-9_/\-]+' "$s" 2>/dev/null | cut -d '=' -f2 | sed 's,^[@\+!-]*,,') #Get invoked paths
printf "%s\n" "$servicebinpaths\n" | while read sp; do
if [ -w "$sp" ]; then
if [ -w "$sp" ]; then
echo "$s is calling this writable executable: $sp" | sed "s,writable.*,${SED_RED_YELLOW},g"
fi
fi
done
relpath1=$(grep -E '^Exec.*=(?:[^/]|-[^/]|\+[^/]|![^/]|!![^/]|)[^/@\+!-].*' "$s" 2>/dev/null | grep -Iv "=/")
relpath2=$(grep -E '^Exec.*=.*/bin/[a-zA-Z0-9_]*sh ' "$s" 2>/dev/null | grep -Ev "/[a-zA-Z0-9_]+/")
if [ "$relpath1" ] || [ "$relpath2" ]; then
if [ "$WRITABLESYSTEMDPATH" ]; then
if [ "$WRITABLESYSTEMDPATH" ]; then
echo "$s is executing some relative path" | sed -${E} "s,.*,${SED_RED},";
else
else
echo "$s is executing some relative path"
fi
fi
fi
fi
fi
done
if [ ! "$WRITABLESYSTEMDPATH" ]; then echo "You can't write on systemd PATH" | sed -${E} "s,.*,${SED_GREEN},"; fi
echo ""
@ -1764,116 +1765,116 @@ echo ""
print_2title "Analyzing .timer files"
print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#timers"
printf "%s\n" "$PSTORAGE_TIMER\n" | while read t; do
if ! [ "$IAMROOT" ] && [ -w "$t" ]; then
if ! [ "$IAMROOT" ] && [ -w "$t" ]; then
echo "$t" | sed -${E} "s,.*,${SED_RED},g"
fi
timerbinpaths=$(grep -Po '^Unit=*(.*?$)' $t 2>/dev/null | cut -d '=' -f2)
printf "%s\n" "$timerbinpaths" | while read tb; do
fi
timerbinpaths=$(grep -Po '^Unit=*(.*?$)' $t 2>/dev/null | cut -d '=' -f2)
printf "%s\n" "$timerbinpaths" | while read tb; do
if [ -w "$tb" ]; then
echo "$t timer is calling this writable executable: $tb" | sed "s,writable.*,${SED_RED},g"
echo "$t timer is calling this writable executable: $tb" | sed "s,writable.*,${SED_RED},g"
fi
done
#relpath="`grep -Po '^Unit=[^/].*' \"$t\" 2>/dev/null`"
#for rp in "$relpath"; do
# echo "$t is calling a relative path: $rp" | sed "s,relative.*,${SED_RED},g"
#done
done
#relpath="`grep -Po '^Unit=[^/].*' \"$t\" 2>/dev/null`"
#for rp in "$relpath"; do
# echo "$t is calling a relative path: $rp" | sed "s,relative.*,${SED_RED},g"
#done
done
echo ""
#-- PSC) .socket files
#TODO: .socket files in MACOS are folders
if ! [ "$IAMROOT" ]; then
print_2title "Analyzing .socket files"
print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#sockets"
printf "%s\n" "$PSTORAGE_SOCKET" | while read s; do
print_2title "Analyzing .socket files"
print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#sockets"
printf "%s\n" "$PSTORAGE_SOCKET" | while read s; do
if ! [ "$IAMROOT" ] && [ -w "$s" ] && [ -f "$s" ]; then
echo "Writable .socket file: $s" | sed "s,/.*,${SED_RED},g"
echo "Writable .socket file: $s" | sed "s,/.*,${SED_RED},g"
fi
socketsbinpaths=$(grep -Eo '^(Exec).*?=[!@+-]*/[a-zA-Z0-9_/\-]+' "$s" 2>/dev/null | cut -d '=' -f2 | sed 's,^[@\+!-]*,,')
printf "%s\n" "$socketsbinpaths" | while read sb; do
if [ -w "$sb" ]; then
if [ -w "$sb" ]; then
echo "$s is calling this writable executable: $sb" | sed "s,writable.*,${SED_RED},g"
fi
fi
done
socketslistpaths=$(grep -Eo '^(Listen).*?=[!@+-]*/[a-zA-Z0-9_/\-]+' "$s" 2>/dev/null | cut -d '=' -f2 | sed 's,^[@\+!-]*,,')
printf "%s\n" "$socketslistpaths" | while read sl; do
if [ -w "$sl" ]; then
if [ -w "$sl" ]; then
echo "$s is calling this writable listener: $sl" | sed "s,writable.*,${SED_RED},g";
fi
fi
done
done
if ! [ "$IAMROOT" ] && [ -w "/var/run/docker.sock" ]; then
done
if ! [ "$IAMROOT" ] && [ -w "/var/run/docker.sock" ]; then
echo "Docker socket /var/run/docker.sock is writable (https://book.hacktricks.xyz/linux-unix/privilege-escalation#writable-docker-socket)" | sed "s,/var/run/docker.sock is writable,${SED_RED_YELLOW},g"
fi
if ! [ "$IAMROOT" ] && [ -w "/run/docker.sock" ]; then
fi
if ! [ "$IAMROOT" ] && [ -w "/run/docker.sock" ]; then
echo "Docker socket /run/docker.sock is writable (https://book.hacktricks.xyz/linux-unix/privilege-escalation#writable-docker-socket)" | sed "s,/var/run/docker.sock is writable,${SED_RED_YELLOW},g"
fi
echo ""
fi
echo ""
print_2title "Unix Sockets Listening"
print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#sockets"
# Search sockets using netstat and ss
unix_scks_list=$(ss -xlp -H state listening 2>/dev/null | grep -Eo "/.* " | cut -d " " -f1)
if ! [ "$unix_scks_list" ];then
print_2title "Unix Sockets Listening"
print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#sockets"
# Search sockets using netstat and ss
unix_scks_list=$(ss -xlp -H state listening 2>/dev/null | grep -Eo "/.* " | cut -d " " -f1)
if ! [ "$unix_scks_list" ];then
unix_scks_list=$(ss -l -p -A 'unix' 2>/dev/null | grep -Ei "listen|Proc" | grep -Eo "/[a-zA-Z0-9\._/\-]+")
fi
if ! [ "$unix_scks_list" ];then
fi
if ! [ "$unix_scks_list" ];then
unix_scks_list=$(netstat -a -p --unix 2>/dev/null | grep -Ei "listen|PID" | grep -Eo "/[a-zA-Z0-9\._/\-]+" | tail -n +2)
fi
fi
# But also search socket files
unix_scks_list2=$(find / -type s 2>/dev/null)
# But also search socket files
unix_scks_list2=$(find / -type s 2>/dev/null)
# Detele repeated dockets and check permissions
(printf "%s\n" "$unix_scks_list" && printf "%s\n" "$unix_scks_list2") | sort | uniq | while read l; do
# Detele repeated dockets and check permissions
(printf "%s\n" "$unix_scks_list" && printf "%s\n" "$unix_scks_list2") | sort | uniq | while read l; do
perms=""
if [ -r "$l" ]; then
perms="Read "
perms="Read "
fi
if [ -w "$l" ];then
perms="${perms}Write"
perms="${perms}Write"
fi
if ! [ "$perms" ]; then echo "$l" | sed -${E} "s,$l,${SED_GREEN},g";
else
echo "$l" | sed -${E} "s,$l,${SED_RED},g"
echo " └─(${RED}${perms}${NC})"
# Try to contact the socket
socketcurl=$(curl --max-time 2 --unix-socket "$s" http:/index 2>/dev/null)
if [ $? -eq 0 ]; then
echo "$l" | sed -${E} "s,$l,${SED_RED},g"
echo " └─(${RED}${perms}${NC})"
# Try to contact the socket
socketcurl=$(curl --max-time 2 --unix-socket "$s" http:/index 2>/dev/null)
if [ $? -eq 0 ]; then
owner=$(ls -l "$s" | cut -d ' ' -f 3)
echo "Socket $s owned by $owner uses HTTP. Response to /index: (limt 30)" | sed -${E} "s,$groupsB,${SED_RED},g" | sed -${E} "s,$groupsVB,${SED_RED},g" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN},g" | sed "s,$USER,${SED_LIGHT_MAGENTA},g" | sed -${E} "s,$nosh_usrs,${SED_BLUE},g" | sed -${E} "s,$knw_usrs,${SED_GREEN},g" | sed "s,root,${SED_RED}," | sed -${E} "s,$knw_grps,${SED_GREEN},g" | sed -${E} "s,$idB,${SED_RED},g"
echo "$socketcurl" | head -n 30
fi
fi
fi
done
echo ""
done
echo ""
fi
#-- PSC) Writable and weak policies in D-Bus config files
print_2title "D-Bus config files"
print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#d-bus"
if [ "$PSTORAGE_DBUS" ]; then
printf "%s\n" "$PSTORAGE_DBUS" | while read d; do
printf "%s\n" "$PSTORAGE_DBUS" | while read d; do
for f in $d/*; do
if ! [ "$IAMROOT" ] && [ -w "$f" ]; then
if ! [ "$IAMROOT" ] && [ -w "$f" ]; then
echo "Writable $f" | sed -${E} "s,.*,${SED_RED},g"
fi
fi
genpol=$(grep "<policy>" "$f" 2>/dev/null)
if [ "$genpol" ]; then printf "Weak general policy found on $f ($genpol)\n" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN},g" | sed "s,$USER,${SED_RED},g" | sed -${E} "s,$nosh_usrs,${SED_BLUE},g" | sed -${E} "s,$mygroups,${SED_RED},g"; fi
#if [ "`grep \"<policy user=\\\"$USER\\\">\" \"$f\" 2>/dev/null`" ]; then printf "Possible weak user policy found on $f () \n" | sed "s,$USER,${SED_RED},g"; fi
genpol=$(grep "<policy>" "$f" 2>/dev/null)
if [ "$genpol" ]; then printf "Weak general policy found on $f ($genpol)\n" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN},g" | sed "s,$USER,${SED_RED},g" | sed -${E} "s,$nosh_usrs,${SED_BLUE},g" | sed -${E} "s,$mygroups,${SED_RED},g"; fi
#if [ "`grep \"<policy user=\\\"$USER\\\">\" \"$f\" 2>/dev/null`" ]; then printf "Possible weak user policy found on $f () \n" | sed "s,$USER,${SED_RED},g"; fi
userpol=$(grep "<policy user=" "$f" 2>/dev/null | grep -v "root")
if [ "$userpol" ]; then printf "Possible weak user policy found on $f ($userpol)\n" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN},g" | sed "s,$USER,${SED_RED},g" | sed -${E} "s,$nosh_usrs,${SED_BLUE},g" | sed -${E} "s,$mygroups,${SED_RED},g"; fi
#for g in `groups`; do
# if [ "`grep \"<policy group=\\\"$g\\\">\" \"$f\" 2>/dev/null`" ]; then printf "Possible weak group ($g) policy found on $f\n" | sed "s,$g,${SED_RED},g"; fi
#done
grppol=$(grep "<policy group=" "$f" 2>/dev/null | grep -v "root")
if [ "$grppol" ]; then printf "Possible weak user policy found on $f ($grppol)\n" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN},g" | sed "s,$USER,${SED_RED},g" | sed -${E} "s,$nosh_usrs,${SED_BLUE},g" | sed -${E} "s,$mygroups,${SED_RED},g"; fi
userpol=$(grep "<policy user=" "$f" 2>/dev/null | grep -v "root")
if [ "$userpol" ]; then printf "Possible weak user policy found on $f ($userpol)\n" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN},g" | sed "s,$USER,${SED_RED},g" | sed -${E} "s,$nosh_usrs,${SED_BLUE},g" | sed -${E} "s,$mygroups,${SED_RED},g"; fi
#for g in `groups`; do
# if [ "`grep \"<policy group=\\\"$g\\\">\" \"$f\" 2>/dev/null`" ]; then printf "Possible weak group ($g) policy found on $f\n" | sed "s,$g,${SED_RED},g"; fi
#done
grppol=$(grep "<policy group=" "$f" 2>/dev/null | grep -v "root")
if [ "$grppol" ]; then printf "Possible weak user policy found on $f ($grppol)\n" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN},g" | sed "s,$USER,${SED_RED},g" | sed -${E} "s,$nosh_usrs,${SED_BLUE},g" | sed -${E} "s,$mygroups,${SED_RED},g"; fi
#TODO: identify allows in context="default"
#TODO: identify allows in context="default"
done
done
done
fi
echo ""
@ -1881,24 +1882,24 @@ print_2title "D-Bus Service Objects list"
print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#d-bus"
dbuslist=$(busctl list 2>/dev/null)
if [ "$dbuslist" ]; then
busctl list | while read line; do
busctl list | while read line; do
echo "$line" | sed -${E} "s,$dbuslistG,${SED_GREEN},g" | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$rootcommon,${SED_GREEN}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed "s,root,${SED_RED},";
if ! echo "$line" | grep -qE "$dbuslistG"; then
srvc_object=$(echo $line | cut -d " " -f1)
srvc_object_info=$(busctl status "$srvc_object" 2>/dev/null | grep -E "^UID|^EUID|^OwnerUID" | tr '\n' ' ')
if [ "$srvc_object_info" ]; then
srvc_object=$(echo $line | cut -d " " -f1)
srvc_object_info=$(busctl status "$srvc_object" 2>/dev/null | grep -E "^UID|^EUID|^OwnerUID" | tr '\n' ' ')
if [ "$srvc_object_info" ]; then
echo " -- $srvc_object_info" | sed "s,UID=0,${SED_RED},"
fi
fi
fi
done
done
else echo_not_found "busctl"
fi
fi
echo''
echo''
echo ''
echo ''
if [ "$WAIT" ]; then echo "Press enter to continue"; read "asd"; fi
if echo $CHECKS | grep -q network_information;
if echo $CHECKS | grep -q network_information; then
print_title "Network Information"
###########################################
#---------) Network Information (---------#
@ -2077,11 +2078,11 @@ if [ "$MACOS" ]; then
echo ""
fi
fi
echo''
echo''
echo ''
echo ''
if [ "$WAIT" ]; then echo "Press enter to continue"; read "asd"; fi
if echo $CHECKS | grep -q users_information;
if echo $CHECKS | grep -q users_information; then
print_title "Users Information"
###########################################
#----------) Users Information (----------#
@ -2310,11 +2311,11 @@ else
fi
print_2title "Do not forget to execute 'sudo -l' without password or with valid password (if you know it)!!\n"$NC
fi
echo''
echo''
echo ''
echo ''
if [ "$WAIT" ]; then echo "Press enter to continue"; read "asd"; fi
if echo $CHECKS | grep -q software_information;
if echo $CHECKS | grep -q software_information; then
print_title "Software Information"
###########################################
#--------) Software Information (---------#
@ -3163,11 +3164,11 @@ echo ""
fi
echo''
echo''
echo ''
echo ''
if [ "$WAIT" ]; then echo "Press enter to continue"; read "asd"; fi
if echo $CHECKS | grep -q interesting_files;
if echo $CHECKS | grep -q interesting_files; then
print_title "Interesting Files"
###########################################
#----------) Interesting files (----------#
@ -3809,6 +3810,6 @@ if ! [ "$SUPERFAST" ] && ! [ "$FAST" ]; then
echo ""
fi
fi
echo''
echo''
echo ''
echo ''
if [ "$WAIT" ]; then echo "Press enter to continue"; read "asd"; fi