From b3e50770460d4bd61e2d8e1941e48c9b44c4add3 Mon Sep 17 00:00:00 2001 From: Martin Monerjan Date: Fri, 24 Sep 2021 10:40:29 +0200 Subject: [PATCH] Empty LD_LIBRARY_PATH before running strace. Prevents false positives, since strace does follow the variable, but SUID binaries don't. --- linPEAS/linpeas.sh | 3 +++ 1 file changed, 3 insertions(+) diff --git a/linPEAS/linpeas.sh b/linPEAS/linpeas.sh index 4efa2f9..8b8eb23 100755 --- a/linPEAS/linpeas.sh +++ b/linPEAS/linpeas.sh @@ -3156,10 +3156,13 @@ if echo $CHECKS | grep -q IntFiles; then printf $ITALIC echo "----------------------------------------------------------------------------------------" echo " --- Trying to execute $sname with strace in order to look for hijackable libraries..." + OLD_LD_LIBRARY_PATH=$LD_LIBRARY_PATH + export LD_LIBRARY_PATH="" timeout 2 "$STRACE" "$sname" 2>&1 | grep -i -E "open|access|no such file" | sed -${E} "s,open|access|No such file,${SED_RED}$ITALIC,g" printf $NC echo "----------------------------------------------------------------------------------------" echo "" + export LD_LIBRARY_PATH=$OLD_LD_LIBRARY_PATH fi fi fi