Merge pull request #274 from janroring/fix-lse-typo

Fixed typo that caused linux-exploit-suggester results not being displayed
2025-12-22 15:59:01 +00:00 · 2022-03-03 14:41:31 +00:00 · 2022-03-02 17:47:14 +01:00 · 2022-02-13 17:00:40 +00:00 · 2022-02-13 16:58:44 +00:00 · 2022-02-11 19:22:44 +00:00
3 changed files with 18 additions and 3 deletions
--- a/build_lists/sensitive_files.yaml
+++ b/build_lists/sensitive_files.yaml
@@ -551,6 +551,21 @@ search:
              search_in: 
                - common
  
+  - name: Rocketchat
+    value:
+        config:
+          auto_check: True
+
+        files:
+          - name: "rocketchat.service"
+            value: 
+                bad_regex: "mongodb://.*"
+                line_grep: '-i "Environment"'
+                type: f
+                search_in: 
+                  - common
+                  - /lib
+                  - /systemd
  
  - name: Supervisord
    value:
--- a/linPEAS/builder/linpeas_parts/1_system_information.sh
+++ b/linPEAS/builder/linpeas_parts/1_system_information.sh
@@ -29,7 +29,7 @@ fi

 #-- SY) CVE-2021-3560
 polkitVersion=$(systemctl status polkit.service | grep version | cut -d " " -f 9)
-if [[ "$(apt list --installed 2>/dev/null | grep polkit | grep -c 0.105-26)" -ge 1 || "$(yum list installed | grep polkit | grep -c 0.117-2)" -ge 1 ]]; then
+if [[ "$(apt list --installed 2>/dev/null | grep polkit | grep -c 0.105-26)" -ge 1 || "$(rpm -qa | grep polkit | grep -c '0.117-2\|0.115-6')" -ge 1 ]]; then
    echo "Vulnerable to CVE-2021-3560" | sed -${E} "s,.*,${SED_RED_YELLOW},"
    echo ""
 fi
@@ -138,7 +138,7 @@ if [ "$(command -v bash 2>/dev/null)" ]; then
    if [ "$EXTRA_CHECKS" ]; then
        echo $les_b64 | base64 -d | bash -s -- --checksec | sed "s,$(printf '\033')\\[[0-9;]*[a-zA-Z],,g" | sed -E "s,\[CVE-[0-9]+-[0-9]+\].*,${SED_RED},g"
    else
-        echo $les_b64 | base64 -d | bash | sed "s,$(printf '\033')\\[[0-9;]*[a-zA-Z],,g" | grep -i "\[CVE" -A 10 | grep -Ev "^\-\-$" | sed -${E} "s,\[CVE-[0-9]+-[0-9]+\],*,${SED_RED},g"
+        echo $les_b64 | base64 -d | bash | sed "s,$(printf '\033')\\[[0-9;]*[a-zA-Z],,g" | grep -i "\[CVE" -A 10 | grep -Ev "^\-\-$" | sed -${E} "s,\[CVE-[0-9]+-[0-9]+\].*,${SED_RED},g"
    fi
    echo ""
 fi
--- a/linPEAS/builder/linpeas_parts/linpeas_base.sh
+++ b/linPEAS/builder/linpeas_parts/linpeas_base.sh
@@ -220,7 +220,7 @@ print_support () {
    |---------------------------------------------------------------------------| 
    |         ${YELLOW}Become a Patreon${GREEN}    :     ${RED}https://www.patreon.com/peass${GREEN}           |
    |         ${YELLOW}Follow on Twitter${GREEN}   :     ${RED}@carlospolopm${GREEN}                           |
-    |         ${YELLOW}Respect on HTB${GREEN}      :     ${RED}SirBroccoli & makikvues${GREEN}                 |
+    |         ${YELLOW}Respect on HTB${GREEN}      :     ${RED}SirBroccoli            ${GREEN}                 |
    |---------------------------------------------------------------------------|
    |                                 ${BLUE}Thank you! ${GREEN}                               |
    \---------------------------------------------------------------------------/
Author	SHA1	Message	Date
Carlos Polop	fb57aaa3d5	Merge pull request #274 from janroring/fix-lse-typo Fixed typo that caused linux-exploit-suggester results not being displayed	2022-03-03 14:41:31 +00:00
Jan Roring	dd122b2f10	Fixed typo that caused linux-exploit-suggester results not being displayed	2022-03-02 17:47:14 +01:00
Carlos Polop	a89f235c43	Update linpeas_base.sh	2022-02-13 17:00:40 +00:00
Carlos Polop	7f0bbdbaae	Update sensitive_files.yaml	2022-02-13 16:58:44 +00:00
Carlos Polop	4206e78080	Merge pull request #270 from secnigma/master Improved CVE-2021-3560 Check	2022-02-11 19:22:44 +00:00
secnigma	dc7c9db7dd	Improved CVE-2021-3560 Check * Swapped `yum ` for `rpm ` for improved compatibility * Added known vulnerable version of Polkit	2022-02-11 13:23:50 -05:00