diff --git a/linPEAS/builder/linpeas_parts/1_system_information.sh b/linPEAS/builder/linpeas_parts/1_system_information.sh index 2cbb0b8..40660da 100644 --- a/linPEAS/builder/linpeas_parts/1_system_information.sh +++ b/linPEAS/builder/linpeas_parts/1_system_information.sh @@ -22,7 +22,7 @@ fi echo "" #--SY) USBCreator -if (busctl list 2>/dev/null | grep -q com.ubuntu.USBCreator) || [ "$VERBOSE" ]; then +if (busctl list 2>/dev/null | grep -q com.ubuntu.USBCreator) || [ "$DEBUG" ]; then print_2title "USBCreator" print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation/d-bus-enumeration-and-command-injection-privilege-escalation" @@ -76,7 +76,7 @@ print_info "Any private information inside environment variables?" echo "" #-- SY) Dmesg -if [ "$(command -v dmesg 2>/dev/null)" ] || [ "$VERBOSE" ]; then +if [ "$(command -v dmesg 2>/dev/null)" ] || [ "$DEBUG" ]; then print_2title "Searching Signature verification failed in dmesg" print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#dmesg-signature-verification-failed" (dmesg 2>/dev/null | grep "signature") || echo_not_found "dmesg" diff --git a/linPEAS/builder/linpeas_parts/5_users_information.sh b/linPEAS/builder/linpeas_parts/5_users_information.sh index cc86dba..6ec65b8 100644 --- a/linPEAS/builder/linpeas_parts/5_users_information.sh +++ b/linPEAS/builder/linpeas_parts/5_users_information.sh @@ -42,7 +42,7 @@ command -v netpgp 2>/dev/null || echo_not_found "netpgp" echo "" #-- UI) Clipboard and highlighted text -if [ "$(command -v xclip 2>/dev/null)" ] || [ "$(command -v xsel 2>/dev/null)" ] || [ "$(command -v pbpaste 2>/dev/null)" ] || [ "$VERBOSE" ]; then +if [ "$(command -v xclip 2>/dev/null)" ] || [ "$(command -v xsel 2>/dev/null)" ] || [ "$(command -v pbpaste 2>/dev/null)" ] || [ "$DEBUG" ]; then print_2title "Clipboard or highlighted text?" if [ "$(command -v xclip 2>/dev/null)" ]; then echo "Clipboard: "$(xclip -o -selection clipboard 2>/dev/null) | sed -${E} "s,$pwd_inside_history,${SED_RED}," @@ -105,7 +105,7 @@ fi echo "" #-- UI) Doas -if [ -f "/etc/doas.conf" ] || [ "$VERBOSE" ]; then +if [ -f "/etc/doas.conf" ] || [ "$DEBUG" ]; then print_2title "Checking doas.conf" doas_dir_name=$(dirname "$(command -v doas)" 2>/dev/null) if [ "$(cat /etc/doas.conf $doas_dir_name/doas.conf $doas_dir_name/../etc/doas.conf $doas_dir_name/etc/doas.conf 2>/dev/null)" ]; then diff --git a/linPEAS/builder/linpeas_parts/6_software_information.sh b/linPEAS/builder/linpeas_parts/6_software_information.sh index f600435..3eb34f9 100644 --- a/linPEAS/builder/linpeas_parts/6_software_information.sh +++ b/linPEAS/builder/linpeas_parts/6_software_information.sh @@ -40,7 +40,7 @@ if [ "$MACPEAS" ]; then fi #-- SI) Mysql version -if [ "$(command -v mysql)" ] || [ "$(command -v mysqladmin)" ] || [ "$VERBOSE" ]; then +if [ "$(command -v mysql)" ] || [ "$(command -v mysqladmin)" ] || [ "$DEBUG" ]; then print_2title "MySQL version" mysql --version 2>/dev/null || echo_not_found "mysql" echo "" @@ -71,11 +71,12 @@ if [ "$(command -v mysql)" ] || [ "$(command -v mysqladmin)" ] || [ "$VERBOSE" ] mysql -u root -e "SELECT User,Host,authentication_string FROM mysql.user;" 2>/dev/null | sed -${E} "s,.*,${SED_RED}," else echo_no fi -elif [ "$VERBOSE" ]; then echo_not_found + echo "" +elif [ "$DEBUG" ]; then echo_not_found fi #-- SI) Mysql credentials -if [ "$PSTORAGE_MYSQL" ] || [ "$VERBOSE" ]; then +if [ "$PSTORAGE_MYSQL" ] || [ "$DEBUG" ]; then print_2title "Searching mysql credentials and exec" printf "%s\n" "$PSTORAGE_MYSQL" | while read d; do for f in $(find $d -name debian.cnf 2>/dev/null); do @@ -108,7 +109,7 @@ if [ "$PSTORAGE_MYSQL" ] || [ "$VERBOSE" ]; then echo "If you can login in MySQL you can execute commands doing: SELECT sys_eval('id');" | sed -${E} "s,.*,${SED_RED}," fi done -elif [ "$VERBOSE" ]; then echo_not_found +elif [ "$DEBUG" ]; then echo_not_found fi echo "" @@ -117,7 +118,7 @@ peass{MariaDB} peass{PostgreSQL} #-- SI) PostgreSQL brute -if [ "$TIMEOUT" ] && [ "$(command -v psql)" ] || [ "$VERBOSE" ]; then # In some OS (like OpenBSD) it will expect the password from console and will pause the script. Also, this OS doesn't have the "timeout" command so lets only use this checks in OS that has it. +if [ "$TIMEOUT" ] && [ "$(command -v psql)" ] || [ "$DEBUG" ]; then # In some OS (like OpenBSD) it will expect the password from console and will pause the script. Also, this OS doesn't have the "timeout" command so lets only use this checks in OS that has it. #checks to see if any postgres password exists and connects to DB 'template0' - following commands are a variant on this print_list "PostgreSQL connection to template0 using postgres/NOPASS ........ " if [ "$(timeout 1 psql -U postgres -d template0 -c 'select version()' 2>/dev/null)" ]; then echo "Yes" | sed -${E} "s,.*,${SED_RED}," @@ -139,7 +140,7 @@ if [ "$TIMEOUT" ] && [ "$(command -v psql)" ] || [ "$VERBOSE" ]; then # In some else echo_no fi echo "" -elif [ "$VERBOSE" ]; then echo_not_found +elif [ "$DEBUG" ]; then echo_not_found fi peass{Mongo} @@ -269,11 +270,11 @@ peass{PAM Auth} #-- SI) Passwords inside pam.d pamdpass=$(grep -Ri "passwd" /etc/pam.d/ 2>/dev/null | grep -v ":#") -if [ "$pamdpass" ] || [ "$VERBOSE" ]; then +if [ "$pamdpass" ] || [ "$DEBUG" ]; then print_2title "Passwords inside pam.d" grep -Ri "passwd" /etc/pam.d/ 2>/dev/null | grep -v ":#" | sed "s,passwd,${SED_RED}," echo "" -elif [ "$VERBOSE" ]; then echo_not_found +elif [ "$DEBUG" ]; then echo_not_found fi peass{NFS Exports} @@ -281,7 +282,7 @@ peass{NFS Exports} #-- SI) Kerberos kadmin_exists="$(command -v kadmin)" klist_exists="$(command -v klist)" -if [ "$kadmin_exists" ] || [ "$klist_exists" ] || [ "$PSTORAGE_KERBEROS" ] || [ "$VERBOSE" ]; then +if [ "$kadmin_exists" ] || [ "$klist_exists" ] || [ "$PSTORAGE_KERBEROS" ] || [ "$DEBUG" ]; then print_2title "Searching kerberos conf files and tickets" print_info "http://book.hacktricks.xyz/linux-unix/privilege-escalation/linux-active-directory" @@ -330,7 +331,7 @@ if [ "$kadmin_exists" ] || [ "$klist_exists" ] || [ "$PSTORAGE_KERBEROS" ] || [ klist 2>/dev/null || echo_not_found "klist" echo "" -elif [ "$VERBOSE" ]; then echo_not_found +elif [ "$DEBUG" ]; then echo_not_found fi peass{Knockd} @@ -341,7 +342,7 @@ peass{Elasticsearch} ##-- SI) Logstash print_2title "Searching logstash files" -if [ "$PSTORAGE_LOGSTASH" ] || [ "$VERBOSE" ]; then +if [ "$PSTORAGE_LOGSTASH" ] || [ "$DEBUG" ]; then printf "$PSTORAGE_LOGSTASH" printf "%s\n" "$PSTORAGE_LOGSTASH" | while read d; do if [ -r "$d/startup.options" ]; then @@ -351,33 +352,33 @@ if [ "$PSTORAGE_LOGSTASH" ] || [ "$VERBOSE" ]; then cat "$d/conf.d/out*" | grep "exec\s*{\|command\s*=>" | sed -${E} "s,exec\W*\{|command\W*=>,${SED_RED}," cat "$d/conf.d/filt*" | grep "path\s*=>\|code\s*=>\|ruby\s*{" | sed -${E} "s,path\W*=>|code\W*=>|ruby\W*\{,${SED_RED}," done -elif [ "$VERBOSE" ]; then echo_not_found +elif [ "$DEBUG" ]; then echo_not_found fi echo "" #-- SI) Vault-ssh -if [ "$PSTORAGE_VAULT_SSH_HELPER" ] || [ "$VERBOSE" ]; then +if [ "$PSTORAGE_VAULT_SSH_HELPER" ] || [ "$DEBUG" ]; then print_2title "Searching Vault-ssh files" printf "$PSTORAGE_VAULT_SSH_HELPER\n" printf "%s\n" "$PSTORAGE_VAULT_SSH_HELPER" | while read f; do cat "$f" 2>/dev/null; vault-ssh-helper -verify-only -config "$f" 2>/dev/null; done echo "" vault secrets list 2>/dev/null printf "%s\n" "$PSTORAGE_VAULT_SSH_TOKEN" | sed -${E} "s,.*,${SED_RED}," 2>/dev/null -elif [ "$VERBOSE" ]; then echo_not_found "vault-ssh-helper.hcl" +elif [ "$DEBUG" ]; then echo_not_found "vault-ssh-helper.hcl" fi echo "" #-- SI) Cached AD Hashes adhashes=$(ls "/var/lib/samba/private/secrets.tdb" "/var/lib/samba/passdb.tdb" "/var/opt/quest/vas/authcache/vas_auth.vdb" "/var/lib/sss/db/cache_*" 2>/dev/null) -if [ "$adhashes" ] || [ "$VERBOSE" ]; then +if [ "$adhashes" ] || [ "$DEBUG" ]; then print_2title "Searching AD cached hashes" ls -l "/var/lib/samba/private/secrets.tdb" "/var/lib/samba/passdb.tdb" "/var/opt/quest/vas/authcache/vas_auth.vdb" "/var/lib/sss/db/cache_*" 2>/dev/null echo "" -elif [ "$VERBOSE" ]; then echo_not_found +elif [ "$DEBUG" ]; then echo_not_found fi #-- SI) Screen sessions -if [ "$screensess" ] || [ "$screensess2" ] || [ "$VERBOSE" ]; then +if [ "$screensess" ] || [ "$screensess2" ] || [ "$DEBUG" ]; then print_2title "Searching screen sessions" print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#open-shell-sessions" screensess=$(screen -ls 2>/dev/null) @@ -390,14 +391,14 @@ if [ "$screensess" ] || [ "$screensess2" ] || [ "$VERBOSE" ]; then echo "Other user screen socket is writable: $f" | sed "s,$f,${SED_RED_YELLOW}," done echo "" -elif [ "$VERBOSE" ]; then echo_not_found +elif [ "$DEBUG" ]; then echo_not_found fi #-- SI) Tmux sessions tmuxdefsess=$(tmux ls 2>/dev/null) tmuxnondefsess=$(ps auxwww | grep "tmux " | grep -v grep) tmuxsess2=$(find /tmp -type d -path "/tmp/tmux-*" 2>/dev/null) -if [ "$tmuxdefsess" ] || [ "$tmuxnondefsess" ] || [ "$tmuxsess2" ] || [ "$VERBOSE" ]; then +if [ "$tmuxdefsess" ] || [ "$tmuxnondefsess" ] || [ "$tmuxsess2" ] || [ "$DEBUG" ]; then print_2title "Searching tmux sessions"$N print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#open-shell-sessions" tmux -V @@ -407,7 +408,7 @@ if [ "$tmuxdefsess" ] || [ "$tmuxnondefsess" ] || [ "$tmuxsess2" ] || [ "$VERBOS echo "Other user tmux socket is writable: $f" | sed "s,$f,${SED_RED_YELLOW}," done echo "" -elif [ "$VERBOSE" ]; then echo_not_found +elif [ "$DEBUG" ]; then echo_not_found fi peass{CouchDB} @@ -417,7 +418,7 @@ peass{Redis} #-- SI) Dovecot # Needs testing dovecotpass=$(grep -r "PLAIN" /etc/dovecot 2>/dev/null) -if [ "$dovecotpass" ] || [ "$VERBOSE" ]; then +if [ "$dovecotpass" ] || [ "$DEBUG" ]; then print_2title "Searching dovecot files" if [ -z "$dovecotpass" ]; then echo_not_found "dovecot credentials" @@ -430,7 +431,7 @@ if [ "$dovecotpass" ] || [ "$VERBOSE" ]; then done fi echo "" -elif [ "$VERBOSE" ]; then echo_not_found +elif [ "$DEBUG" ]; then echo_not_found fi peass{Mosquitto} @@ -459,7 +460,7 @@ peass{Backup Manager} ##-- SI) passwd files (splunk) SPLUNK_BIN="$(command -v splunk 2>/dev/null)" -if [ "$PSTORAGE_SPLUNK" ] || [ "$SPLUNK_BIN" ] || [ "$VERBOSE" ]; then +if [ "$PSTORAGE_SPLUNK" ] || [ "$SPLUNK_BIN" ] || [ "$DEBUG" ]; then print_2title "Searching uncommon passwd files (splunk)" if [ "$SPLUNK_BIN" ]; then echo "splunk binary was found installed on $SPLUNK_BIN" | sed "s,.*,${SED_RED},"; fi printf "%s\n" "$PSTORAGE_SPLUNK" | sort | uniq | while read f; do @@ -469,10 +470,10 @@ if [ "$PSTORAGE_SPLUNK" ] || [ "$SPLUNK_BIN" ] || [ "$VERBOSE" ]; then fi done echo "" -elif [ "$VERBOSE" ]; then echo_not_found +elif [ "$DEBUG" ]; then echo_not_found fi -if [ "$PSTORAGE_KCPASSWORD" ] || [ "$VERBOSE" ]; then +if [ "$PSTORAGE_KCPASSWORD" ] || [ "$DEBUG" ]; then print_2title "Analyzing kcpassword files" print_info "https://book.hacktricks.xyz/macos/macos-security-and-privilege-escalation#kcpassword" printf "%s\n" "$PSTORAGE_KCPASSWORD" | while read f; do @@ -480,11 +481,11 @@ if [ "$PSTORAGE_KCPASSWORD" ] || [ "$VERBOSE" ]; then base64 "$f" 2>/dev/null | sed -${E} "s,.*,${SED_RED}," done echo "" -elif [ "$VERBOSE" ]; then echo_not_found +elif [ "$DEBUG" ]; then echo_not_found fi ##-- SI) Gitlab -if [ "$(command -v gitlab-rails)" ] || [ "$(command -v gitlab-backup)" ] || [ "$PSTORAGE_GITLAB" ] || [ "$VERBOSE" ]; then +if [ "$(command -v gitlab-rails)" ] || [ "$(command -v gitlab-backup)" ] || [ "$PSTORAGE_GITLAB" ] || [ "$DEBUG" ]; then print_2title "Searching GitLab related files" #Check gitlab-rails if [ "$(command -v gitlab-rails)" ]; then @@ -514,7 +515,7 @@ if [ "$(command -v gitlab-rails)" ] || [ "$(command -v gitlab-backup)" ] || [ "$ echo "" done echo "" -elif [ "$VERBOSE" ]; then echo_not_found +elif [ "$DEBUG" ]; then echo_not_found fi peass{Github} @@ -529,7 +530,7 @@ peass{Wget} ##-- SI) containerd installed containerd=$(command -v ctr) -if [ "$containerd" ] || [ "$VERBOSE" ]; then +if [ "$containerd" ] || [ "$DEBUG" ]; then print_2title "Checking if containerd(ctr) is available" print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation/containerd-ctr-privilege-escalation" if [ "$containerd" ]; then @@ -537,23 +538,23 @@ if [ "$containerd" ] || [ "$VERBOSE" ]; then ctr image list fi echo "" -elif [ "$VERBOSE" ]; then echo_not_found +elif [ "$DEBUG" ]; then echo_not_found fi ##-- SI) runc installed runc=$(command -v runc) -if [ "$runc" ] || [ "$VERBOSE" ]; then +if [ "$runc" ] || [ "$DEBUG" ]; then print_2title "Checking if runc is available" print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation/runc-privilege-escalation" if [ "$runc" ]; then echo "runc was found in $runc, you may be able to escalate privileges with it" | sed -${E} "s,.*,${SED_RED}," fi echo "" -elif [ "$VERBOSE" ]; then echo_not_found +elif [ "$DEBUG" ]; then echo_not_found fi #-- SI) Docker -if [ "$PSTORAGE_DOCKER" ] || [ "$VERBOSE" ]; then +if [ "$PSTORAGE_DOCKER" ] || [ "$DEBUG" ]; then print_2title "Searching docker files (limit 70)" print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#writable-docker-socket" printf "%s\n" "$PSTORAGE_DOCKER" | head -n 70 | while read f; do @@ -563,7 +564,7 @@ if [ "$PSTORAGE_DOCKER" ] || [ "$VERBOSE" ]; then fi done echo "" -elif [ "$VERBOSE" ]; then echo_not_found +elif [ "$DEBUG" ]; then echo_not_found fi peass{Firefox} @@ -573,7 +574,7 @@ peass{Chrome} peass{Autologin} #-- SI) S/Key athentication -if (grep auth= /etc/login.conf 2>/dev/null | grep -v "^#" | grep -q skey) || [ "$VERBOSE" ] ; then +if (grep auth= /etc/login.conf 2>/dev/null | grep -v "^#" | grep -q skey) || [ "$DEBUG" ] ; then print_2title "S/Key authentication" printf "System supports$RED S/Key$NC authentication\n" if ! [ -d /etc/skey/ ]; then @@ -584,12 +585,12 @@ if (grep auth= /etc/login.conf 2>/dev/null | grep -v "^#" | grep -q skey) || [ " else ls -ld /etc/skey/ 2>/dev/null fi -elif [ "$VERBOSE" ]; then echo_not_found +elif [ "$DEBUG" ]; then echo_not_found fi echo "" #-- SI) YubiKey athentication -if (grep "auth=" /etc/login.conf 2>/dev/null | grep -v "^#" | grep -q yubikey) || [ "$VERBOSE" ]; then +if (grep "auth=" /etc/login.conf 2>/dev/null | grep -v "^#" | grep -q yubikey) || [ "$DEBUG" ]; then print_2title "YubiKey authentication" printf "System supports$RED YubiKey$NC authentication\n" if ! [ "$IAMROOT" ] && [ -w /var/db/yubikey/ ]; then @@ -599,7 +600,7 @@ if (grep "auth=" /etc/login.conf 2>/dev/null | grep -v "^#" | grep -q yubikey) | ls -ld /var/db/yubikey/ 2>/dev/null fi echo "" -elif [ "$VERBOSE" ]; then echo_not_found +elif [ "$DEBUG" ]; then echo_not_found fi peass{SNMP} diff --git a/linPEAS/builder/linpeas_parts/7_interesting_files.sh b/linPEAS/builder/linpeas_parts/7_interesting_files.sh index fbc81a6..84e9074 100644 --- a/linPEAS/builder/linpeas_parts/7_interesting_files.sh +++ b/linPEAS/builder/linpeas_parts/7_interesting_files.sh @@ -203,7 +203,7 @@ done echo "" ##-- IF) Users with capabilities -if [ -f "/etc/security/capability.conf" ] || [ "$VERBOSE" ]; then +if [ -f "/etc/security/capability.conf" ] || [ "$DEBUG" ]; then print_2title "Users with capabilities" print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#capabilities" if [ -f "/etc/security/capability.conf" ]; then @@ -249,7 +249,7 @@ echo "" broken_links=$(find "$d" -type l 2>/dev/null | xargs file 2>/dev/null | grep broken) -if [ "$broken_links" ] || [ "$VERBOSE" ]; then +if [ "$broken_links" ] || [ "$DEBUG" ]; then print_2title "Broken links in path" echo $PATH | tr ":" "\n" | while read d; do find "$d" -type l 2>/dev/null | xargs file 2>/dev/null | grep broken | sed -${E} "s,broken,${SED_RED},"; @@ -534,7 +534,7 @@ if ! [ "$IAMROOT" ]; then print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#writable-files" for g in $(groups); do iwfbg=$(find / '(' -type f -or -type d ')' -group $g -perm -g=w ! -path "/proc/*" ! -path "/sys/*" ! -path "$HOME/*" 2>/dev/null | grep -Ev "$notExtensions" | awk -F/ '{line_init=$0; if (!cont){ cont=0 }; $NF=""; act=$0; if (act == pre){(cont += 1)} else {cont=0}; if (cont < 5){ print line_init; } if (cont == "5"){print "#)You_can_write_even_more_files_inside_last_directory\n"}; pre=act }' | head -n500) - if [ "$iwfbg" ] || [ "$VERBOSE" ]; then + if [ "$iwfbg" ] || [ "$DEBUG" ]; then printf " Group $GREEN$g:\n$NC"; printf "%s\n" "$iwfbg" | while read entry; do if echo "$entry" | grep -q "You_can_write_even_more_files_inside_last_directory"; then printf $ITALIC"$entry\n"$NC; @@ -550,14 +550,14 @@ if ! [ "$IAMROOT" ]; then fi ##-- IF) Passwords in history files -if [ "$PSTORAGE_HISTORY" ] || [ "$VERBOSE" ]; then +if [ "$PSTORAGE_HISTORY" ] || [ "$DEBUG" ]; then print_2title "Searching passwords in history files" printf "%s\n" "$PSTORAGE_HISTORY" | while read f; do grep -Ei "$pwd_inside_history" "$f" 2>/dev/null | sed -${E} "s,$pwd_inside_history,${SED_RED},"; done echo "" fi ##-- IF) Passwords in config PHP files -if [ "$PSTORAGE_PHP_FILES" ] || [ "$VERBOSE" ]; then +if [ "$PSTORAGE_PHP_FILES" ] || [ "$DEBUG" ]; then print_2title "Searching passwords in config PHP files" printf "%s\n" "$PSTORAGE_PHP_FILES" | while read c; do grep -EiI "(pwd|passwd|password|PASSWD|PASSWORD|dbuser|dbpass).*[=:].+|define ?\('(\w*passw|\w*user|\w*datab)" "$c" 2>/dev/null | grep -Ev "function|password.*= ?\"\"|password.*= ?''" | sed '/^.\{150\}./d' | sort | uniq | sed -${E} "s,[pP][aA][sS][sS][wW]|[dD][bB]_[pP][aA][sS][sS],${SED_RED},g"; done echo "" diff --git a/linPEAS/builder/linpeas_parts/linpeas_base.sh b/linPEAS/builder/linpeas_parts/linpeas_base.sh index cc14775..857d224 100755 --- a/linPEAS/builder/linpeas_parts/linpeas_base.sh +++ b/linPEAS/builder/linpeas_parts/linpeas_base.sh @@ -607,9 +607,25 @@ print_title(){ rest_len=$((($max_title_len - $title_len) / 2)) printf ${BLUE} + for i in $(seq 1 $rest_len); do printf " "; done + printf "╔" + for i in $(seq 1 $title_len); do printf "═"; done; printf "══"; + printf "╗" + + echo "" + for i in $(seq 1 $rest_len); do printf "═"; done printf "╣ $GREEN${title}${BLUE} ╠" for i in $(seq 1 $rest_len); do printf "═"; done + + echo "" + + printf ${BLUE} + for i in $(seq 1 $rest_len); do printf " "; done + printf "╚" + for i in $(seq 1 $title_len); do printf "═"; done; printf "══"; + printf "╝" + printf $NC echo "" } diff --git a/linPEAS/builder/src/linpeasBuilder.py b/linPEAS/builder/src/linpeasBuilder.py index ceaf027..a1bd47e 100644 --- a/linPEAS/builder/src/linpeasBuilder.py +++ b/linPEAS/builder/src/linpeasBuilder.py @@ -208,7 +208,7 @@ class LinpeasBuilder: for precord in self.ploaded.peasrecords: if precord.auto_check: - section = f'if [ "$PSTORAGE_{precord.bash_name}" ] || [ "$VERBOSE" ]; then\n' + section = f'if [ "$PSTORAGE_{precord.bash_name}" ] || [ "$DEBUG" ]; then\n' section += f' print_2title "Analyzing {precord.name.replace("_"," ")} Files (limit 70)"\n' for exec_line in precord.exec: @@ -218,7 +218,6 @@ class LinpeasBuilder: for frecord in precord.filerecords: section += " " + self.__construct_file_line(precord, frecord) + "\n" - section += 'elif [ "$VERBOSE" ]; then echo_not_found\n' section += "fi\n" sections[precord.name] = section @@ -285,8 +284,9 @@ class LinpeasBuilder: for ffrecord in frecord.files: ff_real_regex = ffrecord.regex[1:] if ffrecord.regex.startswith("*") and ffrecord.regex != "*" else ffrecord.regex ff_real_regex = ff_real_regex.replace("*",".*") - analise_line += 'for ff in $(find "$f" -name "'+ffrecord.regex+'"); do ls -ld "$ff" | sed -${E} "s,'+ff_real_regex+',${SED_RED},"; ' + self.__construct_file_line(precord, ffrecord, init=False) - + #analise_line += 'for ff in $(find "$f" -name "'+ffrecord.regex+'"); do ls -ld "$ff" | sed -${E} "s,'+ff_real_regex+',${SED_RED},"; ' + self.__construct_file_line(precord, ffrecord, init=False) + analise_line += 'find "$f" -name "'+ffrecord.regex+'" | while read ff; do ls -ld "$ff" | sed -${E} "s,'+ff_real_regex+',${SED_RED},"; ' + self.__construct_file_line(precord, ffrecord, init=False) + analise_line += 'done; echo "";' return analise_line