darnellkeith/PEASS-ng
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge 5d195b8934 into 83909f7fce

Browse Source
This commit is contained in:
Carlos Polop 2021-11-17 20:59:24 +00:00 committed by GitHub
commit 1707851668
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 6 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
linPEAS/builder/linpeas_base.sh
View File

@ -287,7 +287,10 @@ if [ $myuid -gt 2147483646 ]; then baduid="|$myuid"; fi
idB="euid|egid$baduid" idB="euid|egid$baduid"
sudovB="[01].[012345678].[0-9]+|1.9.[01234]|1.9.5p1" sudovB="[01].[012345678].[0-9]+|1.9.[01234]|1.9.5p1"
mounted=$( (mount -l || cat /proc/mounts || cat /proc/self/mounts) 2>/dev/null | grep "^/" | cut -d " " -f1 | tr '\n' '|')$(cat /etc/fstab 2>/dev/null | grep -v "#" | grep -E '\W/\W' | awk '{print $1}') mounted=$( (cat /proc/self/mountinfo || cat /proc/1/mountinfo) 2>/dev/null | cut -d " " -f5 | grep "^/" | tr '\n' '|')$(cat /etc/fstab 2>/dev/null | grep -v "#" | grep -E '\W/\W' | awk '{print $1}')
if ! [ "$mounted" ]; then
mounted=$( (mount -l || cat /proc/mounts || cat /proc/self/mounts || cat /proc/1/mounts) 2>/dev/null | grep "^/" | cut -d " " -f1 | tr '\n' '|')$(cat /etc/fstab 2>/dev/null | grep -v "#" | grep -E '\W/\W' | awk '{print $1}')
fi
if ! [ "$mounted" ]; then mounted="ImPoSSssSiBlEee"; fi #Don't let any blacklist to be empty if ! [ "$mounted" ]; then mounted="ImPoSSssSiBlEee"; fi #Don't let any blacklist to be empty
mountG="swap|/cdrom|/floppy|/dev/shm" mountG="swap|/cdrom|/floppy|/dev/shm"
notmounted=$(cat /etc/fstab 2>/dev/null | grep "^/" | grep -Ev "$mountG" | awk '{print $1}' | grep -Ev "$mounted" | tr '\n' '|')"ImPoSSssSiBlEee" notmounted=$(cat /etc/fstab 2>/dev/null | grep "^/" | grep -Ev "$mountG" | awk '{print $1}' | grep -Ev "$mounted" | tr '\n' '|')"ImPoSSssSiBlEee"
@ -520,7 +523,7 @@ CONTAINER_CMDS="docker lxc rkt kubectl podman runc"
TIP_DOCKER_ROOTLESS="In rootless mode privilege escalation to root will not be possible." TIP_DOCKER_ROOTLESS="In rootless mode privilege escalation to root will not be possible."
GREP_DOCKER_SOCK_INFOS="Architecture|OSType|Name|DockerRootDir|NCPU|OperatingSystem|KernelVersion|ServerVersion" GREP_DOCKER_SOCK_INFOS="Architecture|OSType|Name|DockerRootDir|NCPU|OperatingSystem|KernelVersion|ServerVersion"
GREP_DOCKER_SOCK_INFOS_IGNORE="IndexConfig" GREP_DOCKER_SOCK_INFOS_IGNORE="IndexConfig"
GREP_IGNORE_MOUNTS="/ /|/cgroup|/var/lib/docker/|/null | proc proc |/dev/console|docker.sock" GREP_IGNORE_MOUNTS="/ /|/null | proc proc |/dev/console"
INT_HIDDEN_FILES="peass{INT_HIDDEN_FILES}" INT_HIDDEN_FILES="peass{INT_HIDDEN_FILES}"
@ -1380,7 +1383,7 @@ if echo $CHECKS | grep -q Container; then
echo "" echo ""
print_2title "Interesting Files Mounted" print_2title "Interesting Files Mounted"
grep -Ev "$GREP_IGNORE_MOUNTS" /proc/self/mountinfo | cut -d' ' -f 4- (mount -l || cat /proc/self/mountinfo || cat /proc/1/mountinfo || cat /proc/mounts || cat /proc/self/mounts || cat /proc/1/mounts )2>/dev/null | grep -Ev "$GREP_IGNORE_MOUNTS"
echo "" echo ""
print_2title "Possible Entrypoints" print_2title "Possible Entrypoints"