darnellkeith/PEASS-ng
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge bb8e09df71 into c36a2b05d2

Browse Source
This commit is contained in:
Carlos Polop 2021-09-13 10:53:27 +00:00 committed by GitHub
commit 6a600b1df9
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
linPEAS/builder/linpeas_base.sh
View File

@ -2714,7 +2714,7 @@ if echo $CHECKS | grep -q IntFiles; then
printf "$ITALIC --- It looks like $RED$sname$NC$ITALIC is using $RED$sline_first$NC$ITALIC and you can modify it (strings line: $sline) (https://tinyurl.com/suidpath)\n" printf "$ITALIC --- It looks like $RED$sname$NC$ITALIC is using $RED$sline_first$NC$ITALIC and you can modify it (strings line: $sline) (https://tinyurl.com/suidpath)\n"
fi fi
else #If not a path else #If not a path
if [ ${#sline_first} -gt 2 ] && command -v "$sline_first" 2>/dev/null | grep -q '/' && echo "$sline_first" | grep -qv ".."; then #Check if existing binary if [ ${#sline_first} -gt 2 ] && command -v "$sline_first" 2>/dev/null | grep -q '/' && echo "$sline_first" | grep -Eqv "\.\."; then #Check if existing binary
printf "$ITALIC --- It looks like $RED$sname$NC$ITALIC is executing $RED$sline_first$NC$ITALIC and you can impersonate it (strings line: $sline) (https://tinyurl.com/suidpath)\n" printf "$ITALIC --- It looks like $RED$sname$NC$ITALIC is executing $RED$sline_first$NC$ITALIC and you can impersonate it (strings line: $sline) (https://tinyurl.com/suidpath)\n"
fi fi
fi fi
@ -2769,7 +2769,7 @@ if echo $CHECKS | grep -q IntFiles; then
printf $ITALIC printf $ITALIC
if [ "$STRINGS" ]; then if [ "$STRINGS" ]; then
$STRINGS "$sname" | sort | uniq | while read sline; do $STRINGS "$sname" | sort | uniq | while read sline; do
sline_first="$(echo \"$sline\" | cut -d ' ' -f1)" sline_first="$(echo $sline | cut -d ' ' -f1)"
if echo "$sline_first" | grep -qEv "$cfuncs"; then if echo "$sline_first" | grep -qEv "$cfuncs"; then
if echo "$sline_first" | grep -q "/" && [ -f "$sline_first" ]; then #If a path if echo "$sline_first" | grep -q "/" && [ -f "$sline_first" ]; then #If a path
if [ -O "$sline_first" ] || [ -w "$sline_first" ]; then #And modifiable if [ -O "$sline_first" ] || [ -w "$sline_first" ]; then #And modifiable

4
linPEAS/builder/src/linpeasBuilder.py
View File

@ -77,8 +77,8 @@ class LinpeasBuilder:
print("[+] Building GTFOBins lists...") print("[+] Building GTFOBins lists...")
suidVB, sudoVB, capsVB = self.__get_gtfobins_lists() suidVB, sudoVB, capsVB = self.__get_gtfobins_lists()
assert len(suidVB) > 200, f"Len suidVB is {len(suidVB)}" assert len(suidVB) > 185, f"Len suidVB is {len(suidVB)}"
assert len(suidVB) > 250, f"Len sudo is {len(sudoVB)}" assert len(sudoVB) > 250, f"Len sudo is {len(sudoVB)}"
assert len(capsVB) > 10, f"Len suidVB is {len(capsVB)}" assert len(capsVB) > 10, f"Len suidVB is {len(capsVB)}"
self.__replace_mark(SUIDVB1_MARKUP, suidVB[:int(len(suidVB)/2)], "|") self.__replace_mark(SUIDVB1_MARKUP, suidVB[:int(len(suidVB)/2)], "|")