Update linpeas_base.sh

Update sensitive_files.yaml
Merge pull request #270 from secnigma/master
2025-12-12 15:49:51 -08:00 · 2022-02-13 17:00:40 +00:00 · 2022-02-13 16:58:44 +00:00 · 2022-02-11 19:22:44 +00:00 · 2022-02-11 13:23:50 -05:00 · 2022-02-09 12:02:26 +00:00
4 changed files with 20 additions and 3 deletions
--- a/build_lists/sensitive_files.yaml
+++ b/build_lists/sensitive_files.yaml
@@ -551,6 +551,21 @@ search:
              search_in: 
                - common
  
+  - name: Rocketchat
+    value:
+        config:
+          auto_check: True
+
+        files:
+          - name: "rocketchat.service"
+            value: 
+                bad_regex: "mongodb://.*"
+                line_grep: '-i "Environment"'
+                type: f
+                search_in: 
+                  - common
+                  - /lib
+                  - /systemd
  
  - name: Supervisord
    value:
--- a/linPEAS/builder/linpeas_parts/1_system_information.sh
+++ b/linPEAS/builder/linpeas_parts/1_system_information.sh
@@ -24,12 +24,14 @@ echo ""
 #-- SY) CVE-2021-4034
 if [ `command -v pkexec` ] && stat -c '%a' $(which pkexec) | grep -q 4755 && [ "$(stat -c '%Y' $(which pkexec))" -lt "1642035600" ]; then 
    echo "Vulnerable to CVE-2021-4034" | sed -${E} "s,.*,${SED_RED_YELLOW},"
+    echo ""
 fi

 #-- SY) CVE-2021-3560
 polkitVersion=$(systemctl status polkit.service | grep version | cut -d " " -f 9)
-if [[ "$(apt list --installed 2>/dev/null | grep polkit | grep -c 0.105-26)" -ge 1 || "$(yum list installed | grep polkit | grep -c 0.117-2)" ]]; then
+if [[ "$(apt list --installed 2>/dev/null | grep polkit | grep -c 0.105-26)" -ge 1 || "$(rpm -qa | grep polkit | grep -c '0.117-2\|0.115-6')" -ge 1 ]]; then
    echo "Vulnerable to CVE-2021-3560" | sed -${E} "s,.*,${SED_RED_YELLOW},"
+    echo ""
 fi

 #--SY) USBCreator
--- a/linPEAS/builder/linpeas_parts/linpeas_base.sh
+++ b/linPEAS/builder/linpeas_parts/linpeas_base.sh
@@ -220,7 +220,7 @@ print_support () {
    |---------------------------------------------------------------------------| 
    |         ${YELLOW}Become a Patreon${GREEN}    :     ${RED}https://www.patreon.com/peass${GREEN}           |
    |         ${YELLOW}Follow on Twitter${GREEN}   :     ${RED}@carlospolopm${GREEN}                           |
-    |         ${YELLOW}Respect on HTB${GREEN}      :     ${RED}SirBroccoli & makikvues${GREEN}                 |
+    |         ${YELLOW}Respect on HTB${GREEN}      :     ${RED}SirBroccoli            ${GREEN}                 |
    |---------------------------------------------------------------------------|
    |                                 ${BLUE}Thank you! ${GREEN}                               |
    \---------------------------------------------------------------------------/
--- a/parsers/peas2json.py
+++ b/parsers/peas2json.py
@@ -145,7 +145,7 @@ def parse_line(line: str):


 def main():
-    for line in open(OUTPUT_PATH, 'r').readlines():
+    for line in open(OUTPUT_PATH, 'r', encoding="utf8").readlines():
        line = line.strip()
        if not line or not clean_colors(line): #Remove empty lines or lines just with colors hex
            continue
Author	SHA1	Message	Date
Carlos Polop	a89f235c43	Update linpeas_base.sh	2022-02-13 17:00:40 +00:00
Carlos Polop	7f0bbdbaae	Update sensitive_files.yaml	2022-02-13 16:58:44 +00:00
Carlos Polop	4206e78080	Merge pull request #270 from secnigma/master Improved CVE-2021-3560 Check	2022-02-11 19:22:44 +00:00
secnigma	dc7c9db7dd	Improved CVE-2021-3560 Check * Swapped `yum ` for `rpm ` for improved compatibility * Added known vulnerable version of Polkit	2022-02-11 13:23:50 -05:00
Carlos Polop	48ff8b061b	Update 1_system_information.sh	2022-02-09 12:02:26 +00:00
Carlos Polop	ea09bd5f3a	Update peas2json.py	2022-02-08 01:40:50 +00:00
Carlos Polop	68f1cf35b5	Merge pull request #267 from carlospolop/linpeas_dev html and pdf	2022-02-07 13:52:33 +00:00