darnellkeith/PEASS-ng
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix linpeas not getting EC2 metadata

Browse Source
This commit is contained in:
carlospolop 2025-05-18 04:58:22 +02:00
parent 58c107df40
commit ef28ef7a33
2 changed files with 10 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
linPEAS/builder/linpeas_parts/3_cloud/2_AWS_EC2.sh
View File

@ -16,14 +16,20 @@
if [ "$is_aws_ec2" = "Yes" ]; then if [ "$is_aws_ec2" = "Yes" ]; then
print_2title "AWS EC2 Enumeration" print_2title "AWS EC2 Enumeration"
HEADER="X-aws-ec2-metadata-token: " TOKEN=""
TOKEN_HEADER="X-aws-ec2-metadata-token"
TOKEN_TTL="X-aws-ec2-metadata-token-ttl-seconds: 21600"
URL="http://169.254.169.254/latest/meta-data" URL="http://169.254.169.254/latest/meta-data"
aws_req="" aws_req=""
if [ "$(command -v curl || echo -n '')" ]; then if [ "$(command -v curl || echo -n '')" ]; then
aws_req="curl -s -f -L -H '$HEADER'" # Get token for IMDSv2
TOKEN=$(curl -s -f -X PUT "http://169.254.169.254/latest/api/token" -H "$TOKEN_TTL" 2>/dev/null)
aws_req="curl -s -f -L -H '$TOKEN_HEADER: $TOKEN'"
elif [ "$(command -v wget || echo -n '')" ]; then elif [ "$(command -v wget || echo -n '')" ]; then
aws_req="wget -q -O - --header '$HEADER'" # Get token for IMDSv2
TOKEN=$(wget -q -O - --method=PUT --header="$TOKEN_TTL" "http://169.254.169.254/latest/api/token" 2>/dev/null)
aws_req="wget -q -O - --header '$TOKEN_HEADER: $TOKEN'"
else else
echo "Neither curl nor wget were found, I can't enumerate the metadata service :(" echo "Neither curl nor wget were found, I can't enumerate the metadata service :("
fi fi

5
linPEAS/builder/linpeas_parts/functions/execBin.sh
View File

@ -31,13 +31,10 @@ execBin() {
# ---------------- 120second wallclock timeout ---------------- # ---------------- 120second wallclock timeout ----------------
if command -v timeout >/dev/null 2>&1; then # GNU/BSD timeout if command -v timeout >/dev/null 2>&1; then # GNU/BSD timeout
print_info "Running $TOOL_NAME with 120s timeout"
timeout --preserve-status -s 9 120 "$TMP_BIN" $PARAMS timeout --preserve-status -s 9 120 "$TMP_BIN" $PARAMS
elif command -v gtimeout >/dev/null 2>&1; then # Homebrew coreutils (macOS) elif command -v gtimeout >/dev/null 2>&1; then # Homebrew coreutils (macOS)
print_info "Running $TOOL_NAME with 120s gtimeout" gtimeout --preserve-status -s 9 120 "$TMP_BIN" $PARAMS
gtimeout --preserve-status 120 "$TMP_BIN" $PARAMS
else # POSIX fallback else # POSIX fallback
print_info "Running $TOOL_NAME with 120s custom timeout"
( (
"$TMP_BIN" $PARAMS & # run in background "$TMP_BIN" $PARAMS & # run in background
cmdpid=$! cmdpid=$!