From e68e9b4e0f365002b02e8bcd45d1679d4c102336 Mon Sep 17 00:00:00 2001 From: carlospolop Date: Sat, 28 Nov 2020 06:43:26 -0500 Subject: [PATCH] linpeasv2.9.4 --- linPEAS/linpeas.sh | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/linPEAS/linpeas.sh b/linPEAS/linpeas.sh index c52662a..dce891a 100755 --- a/linPEAS/linpeas.sh +++ b/linPEAS/linpeas.sh @@ -1,6 +1,6 @@ #!/bin/sh -VERSION="v2.9.3" +VERSION="v2.9.4" ADVISORY="This script should be used for authorized penetration testing and/or educational purposes only. Any misuse of this software will not be the responsibility of the author or of any other collaborator. Use it at your own networks and/or with the network owner's permission." ########################################### @@ -2259,6 +2259,10 @@ if [ "`echo $CHECKS | grep SofI`" ]; then gitlab-rails runner 'User.where.not(username: "peasssssssss").each { |u| pp u.attributes }' echo "If you have enough privileges, you can change the password of any user runnig: gitlab-rails runner 'user = User.find_by(email: \"admin@example.com\"); user.password = \"pass_peass_pass\"; user.password_confirmation = \"pass_peass_pass\"; user.save!'" fi + if [ "`which gitlab-backup`" ]; then + echo "If you have enough privileges, you can create a backup of all the repositories inside gitlab using 'gitlab-backup create'" + echo "Then you can get the plain-text with something like 'git clone \@hashed/19/23/14348274[...]38749234.bundle'" + fi #Check gitlab files gitlabfiles=$(echo "$FIND_HOME $FIND_ETC $FIND_VAR $FIND_TMP $FIND_OPT $FIND_USR $FIND_MNT $FIND_SYSTEM $FIND_PRIVATE $FIND_APPLICATIONS" | grep -E "secrets.yml$|gitlab.yml$") printf "$gitlabfiles\n" | sort | uniq | while read f; do