darnellkeith/PEASS-ng
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge 713cef277d into 8ccf553b5b

Browse Source
This commit is contained in:
Carlos Polop 2021-10-28 09:30:01 +00:00 committed by GitHub
commit 7747b071db
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 63 additions and 69 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
linPEAS/builder/linpeas_base.sh
View File

@ -1675,6 +1675,7 @@ if echo $CHECKS | grep -q ProCronSrvcsTmrsSocks; then
#-- PSC) .socket files #-- PSC) .socket files
#TODO: .socket files in MACOS are folders #TODO: .socket files in MACOS are folders
if ! [ "$IAMROOT" ]; then
print_2title "Analyzing .socket files" print_2title "Analyzing .socket files"
print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#sockets" print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#sockets"
printf "%s\n" "$PSTORAGE_SOCKET" | while read s; do printf "%s\n" "$PSTORAGE_SOCKET" | while read s; do
@ -1702,14 +1703,6 @@ if echo $CHECKS | grep -q ProCronSrvcsTmrsSocks; then
fi fi
echo "" echo ""
print_2title "Writable Sockets"
print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#sockets"
find / -type s 2>/dev/null | while read l; do
if [ -w "$l" ]; then
echo "Socket '$l' is writable" | sed "s,.*,${SED_RED},";
fi
done
print_2title "Unix Sockets Listening" print_2title "Unix Sockets Listening"
print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#sockets" print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#sockets"
# Search sockets using netstat and ss # Search sockets using netstat and ss
@ -1747,6 +1740,7 @@ if echo $CHECKS | grep -q ProCronSrvcsTmrsSocks; then
fi fi
done done
echo "" echo ""
fi
#-- PSC) Writable and weak policies in D-Bus config files #-- PSC) Writable and weak policies in D-Bus config files
print_2title "D-Bus config files" print_2title "D-Bus config files"
@ -2459,7 +2453,7 @@ if echo $CHECKS | grep -q SofI; then
ptrace_scope="$(cat /proc/sys/kernel/yama/ptrace_scope 2>/dev/null)" ptrace_scope="$(cat /proc/sys/kernel/yama/ptrace_scope 2>/dev/null)"
if [ "$ptrace_scope" ] && [ "$ptrace_scope" -eq 0 ]; then echo "ptrace protection is disabled (0), you might find tickets inside processes memory" | sed "s,is disabled,${SED_RED},g"; if [ "$ptrace_scope" ] && [ "$ptrace_scope" -eq 0 ]; then echo "ptrace protection is disabled (0), you might find tickets inside processes memory" | sed "s,is disabled,${SED_RED},g";
else echo "ptrace protection is enabled ($ptrace_scope), you need to disable it to search for tickets inside processes memory" | sed "s,is enabled,${SED_GREEN},g"; else echo "ptrace protection is enabled ($ptrace_scope), you need to disable it to search for tickets inside processes memory" | sed "s,is enabled,${SED_GREEN},g";
fi
printf "%s\n" "$PSTORAGE_KERBEROS" | while read f; do printf "%s\n" "$PSTORAGE_KERBEROS" | while read f; do
if [ -r "$f" ]; then if [ -r "$f" ]; then