darnellkeith/PEASS-ng
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

l

Browse Source
This commit is contained in:
carlospolop 2025-05-26 02:55:07 +02:00
parent 322792c4ec
commit 88f08a405e
4 changed files with 43 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
linPEAS/builder/linpeas_parts/1_system_information/10_Environment.sh
View File

@ -26,7 +26,7 @@
# License: GNU GPL # License: GNU GPL
# Version: 1.0 # Version: 1.0
# Functions Used: echo_not_found, print_2title, print_info # Functions Used: echo_not_found, print_2title, print_info
# Global Variables: # Global Variables: $NoEnvVars, $EnvVarsRed
# Initial Functions: # Initial Functions:
# Generated Global Variables: # Generated Global Variables:
# Fat linpeas: 0 # Fat linpeas: 0
@ -35,5 +35,5 @@
print_2title "Environment" print_2title "Environment"
print_info "Any private information inside environment variables?" print_info "Any private information inside environment variables?"
(env || printenv || set) 2>/dev/null | grep -v "RELEVANT*|FIND*|^VERSION=|dbuslistG|mygroups|ldsoconfdG|pwd_inside_history|kernelDCW_Ubuntu_Precise|kernelDCW_Ubuntu_Trusty|kernelDCW_Ubuntu_Xenial|kernelDCW_Rhel|^sudovB=|^rootcommon=|^mounted=|^mountG=|^notmounted=|^mountpermsB=|^mountpermsG=|^kernelB=|^C=|^RED=|^GREEN=|^Y=|^B=|^NC=|TIMEOUT=|groupsB=|groupsVB=|knw_grps=|sidG|sidB=|sidVB=|sidVB2=|sudoB=|sudoG=|sudoVB=|timersG=|capsB=|notExtensions=|Wfolders=|writeB=|writeVB=|_usrs=|compiler=|LS_COLORS=|pathshG=|notBackup=|processesDump|processesB|commonrootdirs|USEFUL_SOFTWARE|PSTORAGE_" | sed -${E} "s,[pP][aA][sS][sS][wW]|[aA][pP][iI][kK][eE][yY]|[aA][pP][iI][_][kK][eE][yY]|KRB5CCNAME,${SED_RED},g" || echo_not_found "env || set" (env || printenv || set) 2>/dev/null | grep -Eiv "$NoEnvVars" | sed -${E} "s,$EnvVarsRed,${SED_RED},g" || echo_not_found "env || set"
echo "" echo ""

18
linPEAS/builder/linpeas_parts/9_interesting_files/29_Interesting_environment_variables.sh
View File

@ -6,21 +6,17 @@
# License: GNU GPL # License: GNU GPL
# Version: 1.0 # Version: 1.0
# Functions Used: print_2title # Functions Used: print_2title
# Global Variables: $MACPEAS # Global Variables: $MACPEAS, $NoEnvVars, $EnvVarsRed
# Initial Functions: # Initial Functions:
# Generated Global Variables: # Generated Global Variables:
# Fat linpeas: 0 # Fat linpeas: 0
# Small linpeas: 1 # Small linpeas: 1
if [ -z "$MACPEAS" ]; then if [ -z "$MACPEAS" ]; then
print_2title "Searching possible sensitive environment variables inside of /proc/*/environ" print_2title "Checking all env variables in /proc/*/environ removing duplicates and filtering out useless env vars"
for f in /proc/[0-9]*/environ; do cat /proc/[0-9]*/environ 2>/dev/null | \
[ -r "$f" ] || continue tr '\0' '\n' | \
tr '\0' '\n' < "$f" | \ grep -Eiv "$NoEnvVars" | \
grep -aEi "(token|password|secret|aws|azure|gcp|api|key|jwt|session|cookie|database|sql|mongo|postgres)" | \ sort -u | \
grep -avEi '(XDG_SESSION|DBUS_SESSION|systemd\/sessions)' | \ sed -${E} "s,$EnvVarsRed,${SED_RED},g"
while read -r g; do
echo "$f: $g"
done
done
fi fi

18
linPEAS/builder/linpeas_parts/variables/EnvVarsRed.sh Normal file
View File

@ -0,0 +1,18 @@
# Title: Variables - EnvVarsRed
# ID: EnvVarsRed
# Author: Carlos Polop
# Last Update: 26-05-2025
# Description: Useless env vars
# License: GNU GPL
# Version: 1.0
# Functions Used:
# Global Variables:
# Initial Functions:
# Generated Global Variables: $EnvVarsRed
# Fat linpeas: 0
# Small linpeas: 1
EnvVarsRed="[pP][aA][sS][sS][wW]|[aA][pP][iI][kK][eE][yY]|[aA][pP][iI][_][kK][eE][yY]|KRB5CCNAME|[aA][pP][iI][_][kK][eE][yY]|[aA][wW][sS]|[aA][zZ][uU][rR][eE]|[gG][cC][pP]|[aA][pP][iI]|[sS][eE][cC][rR][eE][tT]|[sS][qQ][lL]|[dD][aA][tT][aA][bB][aA][sS][eE]|[tT][oO][kK][eE][nN]"

16
linPEAS/builder/linpeas_parts/variables/NoEnvVars.sh Normal file
View File

@ -0,0 +1,16 @@
# Title: Variables - NoEnvVars
# ID: NoEnvVars
# Author: Carlos Polop
# Last Update: 26-05-2025
# Description: Useless env vars
# License: GNU GPL
# Version: 1.0
# Functions Used:
# Global Variables:
# Initial Functions:
# Generated Global Variables: $NoEnvVars
# Fat linpeas: 0
# Small linpeas: 1
NoEnvVars="LESS_TERMCAP|JOURNAL_STREAM|XDG_SESSION|DBUS_SESSION|systemd\/sessions|systemd_exec|MEMORY_PRESSURE_WATCH|RELEVANT*|FIND*|^VERSION=|dbuslistG|mygroups|ldsoconfdG|pwd_inside_history|kernelDCW_Ubuntu_Precise|kernelDCW_Ubuntu_Trusty|kernelDCW_Ubuntu_Xenial|kernelDCW_Rhel|^sudovB=|^rootcommon=|^mounted=|^mountG=|^notmounted=|^mountpermsB=|^mountpermsG=|^kernelB=|^C=|^RED=|^GREEN=|^Y=|^B=|^NC=|TIMEOUT=|groupsB=|groupsVB=|knw_grps=|sidG|sidB=|sidVB=|sidVB2=|sudoB=|sudoG=|sudoVB=|timersG=|capsB=|notExtensions=|Wfolders=|writeB=|writeVB=|_usrs=|compiler=|LS_COLORS=|pathshG=|notBackup=|processesDump|processesB|commonrootdirs|USEFUL_SOFTWARE|PSTORAGE_"