PenTest/privilege-escalation-awesome-scripts-suite
1
0
Fork 0
mirror of https://github.com/carlospolop/privilege-escalation-awesome-scripts-suite.git synced 2025-12-06 00:51:28 +00:00
Code Issues Projects Releases Wiki Activity

sensitive_files.yaml(SNMP) add createUser to bad_regex

Browse Source 
Add `createUser` to `bad_regex` as it likely contains a hardcoded
password.

As an example:
```
createUser bootstrap MD5 SuperSecurePassword123__ DES
```
where `SuperSecurePassword123__` is the password and `bootstrap` is the
username, though I should mention the username maybe misleading here.

Spec/Man-page link:
[freebsd.org - snmpd.conf]

[freebsd.org - snmpd.conf]: https://man.freebsd.org/cgi/man.cgi?query=snmpd.conf#:~:text=your%2D%0A%20%20%20%20%20%20%20self%20instead%3A-,createUser,-%5B%2De%09%20%20%20%20%20%20%20ENGINEID%5D%09%20%20%20%20%20%20username
This commit is contained in:
Zoe Kahala
2023-03-11 11:08:20 -06:00
parent ded6f3045f
commit eabec47c08
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
build_lists/sensitive_files.yaml
View File

@@ -2123,7 +2123,7 @@ search:
files:
- name: "snmpd.conf"
value:
bad_regex: "rocommunity|rwcommunity|extend.*"
bad_regex: "rocommunity|rwcommunity|extend.*|^createUser"
only_bad_lines: True
type: f
search_in: