darnellkeith/PEASS-ng
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
1,747 Commits 14 Branches 285 Tags 63 MiB
master
Commit Graph

708 Commits

Author SHA1 Message Date
carlospolop
6fd96f4bdb f 2025-07-01 12:12:01 +02:00
carlospolop
a745f00dd7 fix 2025-07-01 11:10:21 +02:00
SirBroccoli
4061cef7e8
Merge pull request #476 from peass-ng/codex/fix-url-reference-in-linpeasbuilder.py 
Fix url variable reference in linpeasBuilder
 2025-06-25 01:59:43 +02:00
SirBroccoli
cde725dacc
Merge pull request #477 from peass-ng/codex/update-docstring-and-fix-typo 
Fix docstring and comment in linpeasBuilder
 2025-06-25 01:57:58 +02:00
SirBroccoli
f0f829890c
Merge pull request #479 from peass-ng/codex/replace--parth--with--path--in-argparse 
Fix typo in linpeas builder arg help
 2025-06-25 01:57:11 +02:00
SirBroccoli
a74c6c820f
Merge pull request #482 from Aarav-Juneja/builder-exclude-fix 
Fix exclude modules on linPEASS
 2025-06-25 01:55:48 +02:00
Aarav Juneja
9b37fd4ef4 Fix exclude modules on linPEASS 2025-06-24 13:05:10 -07:00
John Doe
f27b1d4816 Added a privilege escalation vulnerability for MySQL 4.x/5.x versions. 2025-06-23 22:37:44 +03:00
SirBroccoli
d5e3c2a885 Fix typo in linpeas builder output argument 2025-06-06 00:38:05 +02:00
SirBroccoli
4af321d138 Fix docstring and comment typo 2025-06-06 00:01:29 +02:00
SirBroccoli
4e556fd594 Fix variable reference when parsing URLs 2025-06-06 00:01:17 +02:00
Jack Vaughn
b9a9ad5ddf
Add 4 noisy and useless environment variables to NoEnvVars.sh 
These variables (^PATH=|^INVOCATION_ID=|^WATCHDOG_PID=|^LISTEN_PID=) frequently appear across processes 
on busy systems (10+ each on tested system) and produce a large volume of irrelevant output
 2025-05-25 21:32:51 -04:00
carlospolop
88f08a405e l 2025-05-26 02:55:07 +02:00
SirBroccoli
322792c4ec
Merge pull request #471 from Jack-Vaughn/environ-check 
Add module to check for sensitive environment variables via /proc/*/environ
 2025-05-26 02:33:43 +02:00
Jack
c150e63b52 This module scans /proc/*/environ for potentially sensitive environment variables on Linux systems. 
It targets common keywords like token, password, secret, AWS, API, etc.

Uses 'tr' instead of 'strings' to improve compatibility in minimal environments like containers.

The check is skipped entirely on MacPEAS.
 2025-05-25 12:55:34 -04:00
carlospolop
aac3667247 f l 2025-05-25 08:15:48 +02:00
carlospolop
64ab193d25 f linpeas 2025-05-25 07:05:48 +02:00
carlospolop
aab8241ede f 2025-05-25 02:21:39 +02:00
carlospolop
1e7a90d29f cursor rewrite + network checks 2025-05-24 08:29:47 +02:00
carlospolop
604580adbd more 2025-05-19 06:36:39 +02:00
carlospolop
9820c18697 Cursor improvements parts 1 and 2 2025-05-19 06:36:35 +02:00
carlospolop
ea9b930fdb fix capabilities module 2025-05-18 14:33:02 +02:00
SirBroccoli
dae0f7a533
Merge pull request #468 from ThatTotallyRealMyth/ThatTotallyRealMyth-4_capEdit-1 
Update 4_Capabilities.sh: Fix capability decoding to prevent shell breaking output from shell/process capabiltiy checking.
 2025-05-18 14:19:28 +02:00
carlospolop
3a317cc5c4 fix ec2 2025-05-18 14:17:15 +02:00
ThatTotallyRealMyth
01bf3a4ef8
Update 4_Capabilities.sh: Fix capability decoding to prevent sequence number output 
Testing confirmed that certain capability values (specifically ffffffffffffffff) cause memory allocation errors in capsh:
"xrealloc: cannot allocate 716488832 bytes (57344 bytes allocated)"

These memory errors were being propagated into the output, causing the long sequence of numbers. The fix prevents these errors from affecting the script's output.
 2025-05-18 16:05:01 +10:00
carlospolop
ef28ef7a33 fix linpeas not getting EC2 metadata 2025-05-18 04:58:22 +02:00
carlospolop
58c107df40 fix kill? 2025-05-18 04:46:19 +02:00
carlospolop
63c090059b kill frozen external binaries 2025-05-18 01:20:32 +02:00
carlospolop
4c16f72ae2 fix 2025-05-17 16:09:36 +02:00
carlospolop
85684b39ad add timeout 120 when executing external binary 2025-05-17 16:06:35 +02:00
Carlos Polop
97ae1d2e3b Merge branch 'master' of github.com:peass-ng/PEASS-ng 2025-04-24 04:20:22 +02:00
Carlos Polop
3b6f0a5bdc f 2025-04-24 04:20:19 +02:00
Gildasio Junior
8ea67f3cc2
Set grep to show filename that contains passwords 
This way one can identify which file contains the relevant information,
eg:

/var/log/responder/Poisoners-Session.log:2025-02-09 21:12:12,701 - [*] Skipping previously captured cleartext password for donald
/var/log/responder/Responder-Session.log:11/02/2025 12:33:11 PM - [HTTP] Basic Password : bambam
/var/log/responder/Responder-Session.log:11/02/2025 12:36:12 PM - [HTTP] Basic Password : estrella
 2025-02-28 19:54:44 -03:00
Carlos Polop
516aafff27 fix wget 2025-02-16 17:36:01 +01:00
Carlos Polop
2b64ffc803 a 2025-02-16 16:15:19 +01:00
Carlos Polop
9f8563c751 improve linpeas 2025-02-15 18:14:56 +01:00
Carlos Polop
573acee58c improve azure linpeas 2025-02-15 17:43:42 +01:00
SirBroccoli
41e00d5618
Merge pull request #458 from DidierA/macos_echo 
Fix echo -n on macOS
 2025-02-02 13:49:16 +01:00
DidierA
4d771fb1f6
Fix echo -n on macOS 2025-01-31 16:45:24 +01:00
Gary Corrall
4964033d44 Fix 28_Files_with_passwords.sh 2025-01-29 16:33:54 +00:00
KatsuragiCSL
7abe31c107
swap ppid and pid user in "PPID belongs to a different user (not root)" test 
Seems like it is reporting processes with ppid user root instead of not root. e.g. I see it reports "proc xyz with ppid 1 is run by user messagebus but the ppid user is root" when run in a linux box
 2025-01-13 18:17:51 +08:00
Carlos Polop
3e8078f1cb fix reponse var 2025-01-12 13:23:01 +01:00
Carlos Polop
abd1f3d4b5 improved support az metadata 2025-01-11 19:51:14 +01:00
Carlos Polop
7e749c50ac fix 2025-01-10 09:33:20 +01:00
Carlos Polop
2e74ef4a2c fix id check_az_automation_acc 2025-01-10 09:23:20 +01:00
Carlos Polop
bc9a368626 az automation account 2025-01-10 09:21:52 +01:00
Jimmy
96b7bdaf91 Brief description of your changes 2025-01-06 13:55:15 +01:00
Carlos Polop
aa5f5c0e2f tested 2024-12-22 01:28:12 +01:00
Carlos Polop
d576055342 update azure apps 2024-12-21 17:49:41 +01:00
Carlos Polop
a3e3e9799b fix azure apps 2024-12-21 15:12:59 +01:00