1
mirror of https://github.com/carlospolop/PEASS-ng synced 2025-02-21 10:30:58 +01:00
This commit is contained in:
carlospolop 2019-11-04 06:23:32 -05:00
parent 385c23be93
commit f5b3b83ece
3 changed files with 49 additions and 3 deletions

2
.gitignore vendored Normal file

@ -0,0 +1,2 @@
.vs/*
winPEAS/winPEASexe/.vs/*

22
linPEAS/a.sh Normal file

@ -0,0 +1,22 @@

@ -1,6 +1,6 @@
#!/bin/sh
VERSION="v2.1.6"
VERSION="v2.1.7"
###########################################
#---------------) Colors (----------------#
@ -197,6 +197,7 @@ SUPERFAST=""
NOTEXPORT=""
DISCOVERY=""
PORTS=""
QUIET=""
HELP=$GREEN"Enumerate and search Privilege Escalation vectors.\n\
$Y\t-h$B To show this message\n\
$Y\t-f$B Fast (don't check 1min of processes)\n\
@ -206,7 +207,7 @@ HELP=$GREEN"Enumerate and search Privilege Escalation vectors.\n\
$Y\t-p <PORT(s)> -d <IP/NETMASK>$B Discover hosts looking for TCP open ports (via nc). By default ports 80,443,445,3389 and another one indicated by you will be scanned (select 22 if you don't want to add more). You can also add a list of ports.$DG Ex: -d 192.168.0.1/24 -p 53,139
$Y\t-i <IP> [-p <PORT(s)>]$B Scan an IP using nc. By default (no -p), top1000 of nmap will be scanned, but you can select a list of ports instead.$DG Ex: -i 127.0.0.1 -p 53,80,443,8000,8080"
while getopts "h?fsd:p:i:" opt; do
while getopts "h?fsd:p:i:q" opt; do
case "$opt" in
h|\?) printf "$HELP"$NC; exit 0;;
f) FAST=1;;
@ -215,6 +216,7 @@ while getopts "h?fsd:p:i:" opt; do
d) DISCOVERY=$OPTARG;;
p) PORTS=$OPTARG;;
i) IP=$OPTARG;;
q) QUIET=1;;
esac
done
@ -235,6 +237,22 @@ print_ps (){
(for f in `ls -d /proc/*/`; do CMDLINE=`cat $f/cmdline 2>/dev/null`; if [ "$CMDLINE" ]; then USER=ls -ld $f | awk '{print $3}'; PID=`echo $f | cut -d "/" -f3`; printf " %-13s %-8s %s\n" "$USER" "$PID" "$CMDLINE"; fi; done) 2>/dev/null | sort -r
}
print_banner(){
echo "        
             
       
        
     
       
       
        
         
        
            
       
       "
}
###########################################
#----------) Network functions (----------#
###########################################
@ -403,7 +421,9 @@ fi
###########################################
echo ""
echo "linpeas $VERSION" | sed "s,.*,${C}[1;94m&${C}[0m,"
if [ !"$QUIET" ]; then print_banner; fi
printf " linpeas $VERSION" | sed "s,.*,${C}[1;94m&${C}[0m,"; printf $Y" by carlospolop\n"$NC
echo ""
printf $B"Linux Privesc Checklist: "$Y"https://book.hacktricks.xyz/linux-unix/linux-privilege-escalation-checklist\n"$NC
echo "LEYEND:" | sed "s,LEYEND,${C}[1;4m&${C}[0m,"
echo "RED/YELLOW: 99% a PE vector" | sed "s,RED/YELLOW,${C}[1;31;103m&${C}[0m,"
@ -413,7 +433,9 @@ echo "Blue: Users without console & mounted devs" | sed "s,Blue,${C}[1;34m&${C}[
echo "Green: Common things (users, groups, SUID/SGID, mounts, .sh scripts) " | sed "s,Green,${C}[1;32m&${C}[0m,"
echo "LightMangenta: Your username" | sed "s,LightMangenta,${C}[1;95m&${C}[0m,"
if [ "$(/usr/bin/id -u)" -eq "0" ]; then
echo ""
echo " YOU ARE ALREADY ROOT!!! (it could take longer to complete execution)" | sed "s,YOU ARE ALREADY ROOT!!!,${C}[1;31;103m&${C}[0m,"
sleep 3
fi
echo ""
echo ""