Fix Systemd module generated vars metadata

f
2026-02-04 03:36:32 +00:00 · 2026-02-03 23:51:27 +01:00 · 2026-02-03 18:11:07 +01:00
1 changed files with 12 additions and 10 deletions
--- a/linPEAS/builder/linpeas_parts/4_procs_crons_timers_srvcs_sockets/11_Systemd.sh
+++ b/linPEAS/builder/linpeas_parts/4_procs_crons_timers_srvcs_sockets/11_Systemd.sh
@@ -17,7 +17,7 @@
 # Functions Used: print_2title, print_list, echo_not_found
 # Global Variables: $SEARCH_IN_FOLDER, $Wfolders, $SED_RED, $SED_RED_YELLOW, $NC
 # Initial Functions:
-# Generated Global Variables: $WRITABLESYSTEMDPATH, $line, $service, $file, $version, $user, $caps, $path, $path_line, $service_file, $exec_line, $cmd
+# Generated Global Variables: $WRITABLESYSTEMDPATH, $line, $service, $file, $version, $user, $caps, $path, $path_line, $service_file, $exec_line, $exec_value, $cmd, $cmd_path
 # Fat linpeas: 0
 # Small linpeas: 1

@@ -116,18 +116,20 @@ if ! [ "$SEARCH_IN_FOLDER" ]; then
                # Check ExecStart paths
                grep -E "ExecStart|ExecStartPre|ExecStartPost" "$service_file" 2>/dev/null | 
                while read -r exec_line; do
-                    # Extract the first word after ExecStart* as the command
-                    cmd=$(echo "$exec_line" | awk '{print $2}' | tr -d '"')
-                    # Extract the rest as arguments
-                    args=$(echo "$exec_line" | awk '{$1=$2=""; print $0}' | tr -d '"')
+                    # Extract command from the right side of Exec*=, not from argv
+                    exec_value="${exec_line#*=}"
+                    exec_value=$(echo "$exec_value" | sed 's/^[[:space:]]*//')
+                    cmd=$(echo "$exec_value" | awk '{print $1}' | tr -d '"')
+                    # Strip systemd command prefixes (-, @, :, +, !) before path checks
+                    cmd_path=$(echo "$cmd" | sed -E 's/^[-@:+!]+//')
                    
                    # Only check the command path, not arguments
-                    if [ -n "$cmd" ] && [ -w "$cmd" ]; then
-                        echo "$service: $cmd (from $exec_line)" | sed -${E} "s,.*,${SED_RED},g"
+                    if [ -n "$cmd_path" ] && [ -w "$cmd_path" ]; then
+                        echo "$service: $cmd_path (from $exec_line)" | sed -${E} "s,.*,${SED_RED},g"
                    fi
                    # Check for relative paths only in the command, not arguments
-                    if [ -n "$cmd" ] && [ "${cmd#/}" = "$cmd" ] && ! echo "$cmd" | grep -qE '^-|^--'; then
-                        echo "$service: Uses relative path '$cmd' (from $exec_line)" | sed -${E} "s,.*,${SED_RED},g"
+                    if [ -n "$cmd_path" ] && [ "${cmd_path#/}" = "$cmd_path" ] && [ "${cmd_path#\$}" = "$cmd_path" ]; then
+                        echo "$service: Uses relative path '$cmd_path' (from $exec_line)" | sed -${E} "s,.*,${SED_RED},g"
                    fi
                done
            fi
@@ -153,4 +155,4 @@ if ! [ "$SEARCH_IN_FOLDER" ]; then
    fi

    echo ""
-fi
+fi
Author	SHA1	Message	Date
Carlos Polop	c5a77725db	Fix Systemd module generated vars metadata	2026-02-03 23:51:27 +01:00
Carlos Polop	04c0b8aab3	f	2026-02-03 18:11:07 +01:00