PenTest/privilege-escalation-awesome-scripts-suite
1
0
Fork 0
mirror of https://github.com/carlospolop/privilege-escalation-awesome-scripts-suite.git synced 2025-12-09 02:21:28 +00:00
Code Issues Projects Releases Wiki Activity

Add linpeas privilege escalation checks from: HTB Eureka: From Actuator HeapDump to SSH, credential capture via Gateway, and r

Browse Source
This commit is contained in:
HackTricks News Bot
2025-08-30 18:41:38 +00:00
parent cc5ab76991
commit aaecb3e728
2 changed files with 219 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
linPEAS/README.md
View File

@@ -22,6 +22,10 @@ Check how to **select the checks you want to build [in your own linpeas followin
Note that by default, in the releases pages of this repository, you will find a **linpeas with all the checks**.
### New in Aug 2025
- Added heuristic detection for Bash arithmetic injection in root-run periodic parsers (cron/timers). LinPEAS now inspects root cron entries and systemd timers to find shell scripts that parse logs and use arithmetic contexts like (( ... )), let, or declare -i with untrusted variables. This may reveal dangerous patterns where attacker-controlled log lines can trigger command substitution inside arithmetic evaluation.
## Differences between `linpeas_fat.sh`, `linpeas.sh` and `linpeas_small.sh`:
- **linpeas_fat.sh**: Contains all checks, even third party applications in base64 embedded.