From 8ea67f3cc2d394bebd459902bea90f8cc4616978 Mon Sep 17 00:00:00 2001 From: Gildasio Junior Date: Fri, 28 Feb 2025 19:54:44 -0300 Subject: [PATCH] Set grep to show filename that contains passwords This way one can identify which file contains the relevant information, eg: /var/log/responder/Poisoners-Session.log:2025-02-09 21:12:12,701 - [*] Skipping previously captured cleartext password for donald /var/log/responder/Responder-Session.log:11/02/2025 12:33:11 PM - [HTTP] Basic Password : bambam /var/log/responder/Responder-Session.log:11/02/2025 12:36:12 PM - [HTTP] Basic Password : estrella --- .../linpeas_parts/9_interesting_files/27_Passwords_in_logs.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/linPEAS/builder/linpeas_parts/9_interesting_files/27_Passwords_in_logs.sh b/linPEAS/builder/linpeas_parts/9_interesting_files/27_Passwords_in_logs.sh index 9cce13c..fe3cfc9 100644 --- a/linPEAS/builder/linpeas_parts/9_interesting_files/27_Passwords_in_logs.sh +++ b/linPEAS/builder/linpeas_parts/9_interesting_files/27_Passwords_in_logs.sh @@ -15,6 +15,6 @@ if ! [ "$SEARCH_IN_FOLDER" ]; then print_2title "Searching passwords inside logs (limit 70)" - (find /var/log/ /var/logs/ /private/var/log -type f -exec grep -R -i "pwd\|passw" "{}" \;) 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | grep -v "File does not exist:\|modules-config/config-set-passwords\|config-set-passwords already ran\|script not found or unable to stat:\|\"GET /.*\" 404" | head -n 70 | sed -${E} "s,pwd|passw,${SED_RED}," + (find /var/log/ /var/logs/ /private/var/log -type f -exec grep -R -H -i "pwd\|passw" "{}" \;) 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | grep -v "File does not exist:\|modules-config/config-set-passwords\|config-set-passwords already ran\|script not found or unable to stat:\|\"GET /.*\" 404" | head -n 70 | sed -${E} "s,pwd|passw,${SED_RED}," echo "" -fi \ No newline at end of file +fi