Trigger PR tests after chack-agent fix

Fix CI failures for PR #585
Test chack-agent workflows with intentional PR failure
2026-02-14 08:36:38 +00:00 · 2026-02-11 14:12:27 +01:00 · 2026-02-11 13:10:57 +00:00 · 2026-02-11 13:52:44 +01:00
33 changed files with 137 additions and 781 deletions
--- a/.github/workflows/chack-agent-pr-triage.yml
+++ b/.github/workflows/chack-agent-pr-triage.yml
@@ -12,8 +12,6 @@ jobs:
    permissions:
      contents: write
      pull-requests: write
-    env:
-      CHACK_LOGS_HTTP_URL: ${{ secrets.CHACK_LOGS_HTTP_URL }}
    outputs:
      should_run: ${{ steps.gate.outputs.should_run }}
      pr_number: ${{ steps.gate.outputs.pr_number }}
@@ -30,15 +28,10 @@ jobs:
      - name: Resolve PR context
        id: gate
        env:
-          PR_NUMBER: ${{ github.event.workflow_run.pull_requests[0].number }}
-          HEAD_BRANCH: ${{ github.event.workflow_run.head_branch }}
          GH_REPO: ${{ github.repository }}
          GH_TOKEN: ${{ github.token }}
        run: |
-          pr_number="${PR_NUMBER}"
-          if [ -z "$pr_number" ] && [ -n "$HEAD_BRANCH" ]; then
-            pr_number="$(gh pr list --state open --head "$HEAD_BRANCH" --json number --jq '.[0].number')"
-          fi
+          pr_number="${{ github.event.workflow_run.pull_requests[0].number }}"
          if [ -z "$pr_number" ]; then
            echo "No pull request found for this workflow_run; skipping."
            echo "should_run=false" >> "$GITHUB_OUTPUT"
@@ -87,25 +80,13 @@ jobs:
            ${{ steps.gate.outputs.base_ref }} \
            +refs/pull/${{ steps.gate.outputs.pr_number }}/head

-      - name: Set up Node.js for Codex
-        if: ${{ steps.gate.outputs.should_run == 'true' }}
-        uses: actions/setup-node@v5
-        with:
-          node-version: "20"
-
-      - name: Install Codex CLI
-        if: ${{ steps.gate.outputs.should_run == 'true' }}
-        run: |
-          npm install -g @openai/codex
-          codex --version
-
      - name: Run Chack Agent
        id: run_chack
        if: ${{ steps.gate.outputs.should_run == 'true' }}
        uses: carlospolop/chack-agent@master
        with:
-          provider: codex
-          model_primary: CHEAP_BUT_QUALITY
+          provider: openrouter
+          model_primary: BEST_QUALITY
          main_action: peass-ng
          sub_action: Chack-Agent PR Triage
          system_prompt: |
@@ -115,7 +96,6 @@ jobs:
            Remember taht you are an autonomouts agent, use the exec tool to run the needed commands to list, read, analyze, modify, test...
          tools_config_json: "{\"exec_enabled\": true}"
          session_config_json: "{\"long_term_memory_enabled\": false}"
-          agent_config_json: "{\"self_critique_enabled\": false, \"require_task_steps_manager_init_first\": true}"
          output_schema_file: .github/chack-agent/pr-merge-schema.json
          user_prompt: |
            You are reviewing PR #${{ steps.gate.outputs.pr_number }} for ${{ github.repository }}.
@@ -139,7 +119,7 @@ jobs:

            Output JSON only, following the provided schema:
            .github/chack-agent/pr-merge-schema.json
-          openai_api_key: ${{ secrets.OPENAI_API_KEY }}
+          openrouter_api_key: ${{ secrets.OPENROUTER_API_KEY }}

      - name: Parse Chack Agent decision
        id: parse
@@ -151,18 +131,9 @@ jobs:
          import json
          import os

-          raw = (os.environ.get('CHACK_MESSAGE', '') or '').strip()
-          decision = 'comment'
-          message = 'Chack Agent did not provide details.'
-          try:
-            data = json.loads(raw or '{}')
-            if isinstance(data, dict):
-              decision = data.get('decision', 'comment')
-              message = data.get('message', '').strip() or message
-            else:
-              message = raw or message
-          except Exception:
-            message = raw or message
+          data = json.loads(os.environ.get('CHACK_MESSAGE', '') or '{}')
+          decision = data.get('decision', 'comment')
+          message = data.get('message', '').strip() or 'Chack Agent did not provide details.'
          with open(os.environ['GITHUB_OUTPUT'], 'a') as handle:
            handle.write(f"decision={decision}\n")
            handle.write("message<<EOF\n")
--- a/.github/workflows/ci-master-failure-chack-agent-pr.yml
+++ b/.github/workflows/ci-master-failure-chack-agent-pr.yml
@@ -20,7 +20,6 @@ jobs:
    env:
      TARGET_BRANCH: master
      FIX_BRANCH: chack-agent/ci-master-fix-${{ github.event.workflow_run.id }}
-      CHACK_LOGS_HTTP_URL: ${{ secrets.CHACK_LOGS_HTTP_URL }}
    steps:
      - name: Checkout failing commit
        uses: actions/checkout@v5
@@ -97,22 +96,12 @@ jobs:
            echo "Leave the repo in a state ready to commit; changes will be committed and pushed automatically."
          } > chack_prompt.txt

-      - name: Set up Node.js for Codex
-        uses: actions/setup-node@v5
-        with:
-          node-version: "20"
-
-      - name: Install Codex CLI
-        run: |
-          npm install -g @openai/codex
-          codex --version
-
      - name: Run Chack Agent
        id: run_chack
        uses: carlospolop/chack-agent@master
        with:
-          provider: codex
-          model_primary: CHEAP_BUT_QUALITY
+          provider: openrouter
+          model_primary: BEST_QUALITY
          main_action: peass-ng
          sub_action: CI-master Failure Chack-Agent PR
          system_prompt: |
@@ -121,8 +110,7 @@ jobs:
          prompt_file: chack_prompt.txt
          tools_config_json: "{\"exec_enabled\": true}"
          session_config_json: "{\"long_term_memory_enabled\": false}"
-          agent_config_json: "{\"self_critique_enabled\": false, \"require_task_steps_manager_init_first\": true}"
-          openai_api_key: ${{ secrets.OPENAI_API_KEY }}
+          openrouter_api_key: ${{ secrets.OPENROUTER_API_KEY }}

      - name: Commit and push fix branch if changed
        id: push_fix
@@ -135,27 +123,9 @@ jobs:

          rm -f chack_failure_summary.txt chack_prompt.txt chack_failed_steps_logs.txt
          git add -A
-          # Avoid workflow-file pushes with token scopes that cannot write workflows.
-          git reset -- .github/workflows || true
-          git checkout -- .github/workflows || true
-          git clean -fdx -- .github/workflows || true
          git reset -- chack_failure_summary.txt chack_prompt.txt chack_failed_steps_logs.txt
-          if git diff --cached --name-only | grep -q '^.github/workflows/'; then
-            echo "Workflow-file changes are still staged; skipping push without workflows permission."
-            echo "pushed=false" >> "$GITHUB_OUTPUT"
-            exit 0
-          fi
-          if git diff --cached --quiet; then
-            echo "No committable changes left after filtering."
-            echo "pushed=false" >> "$GITHUB_OUTPUT"
-            exit 0
-          fi
          git commit -m "Fix CI-master failures for run #${{ github.event.workflow_run.id }}"
-          if ! git push origin HEAD:"$FIX_BRANCH"; then
-            echo "Push failed (likely token workflow permission limits); skipping PR creation."
-            echo "pushed=false" >> "$GITHUB_OUTPUT"
-            exit 0
-          fi
+          git push origin HEAD:"$FIX_BRANCH"
          echo "pushed=true" >> "$GITHUB_OUTPUT"

      - name: Create PR to master
--- a/.github/workflows/pr-failure-chack-agent-dispatch.yml
+++ b/.github/workflows/pr-failure-chack-agent-dispatch.yml
@@ -9,7 +9,9 @@ jobs:
  resolve_pr_context:
    if: >
      ${{ github.event.workflow_run.conclusion == 'failure' &&
-          !startsWith(github.event.workflow_run.head_commit.message || '', 'Fix CI failures for PR #') }}
+          github.event.workflow_run.pull_requests &&
+          github.event.workflow_run.pull_requests[0] &&
+          !startsWith(github.event.workflow_run.head_commit.message, 'Fix CI failures for PR #') }}
    runs-on: ubuntu-latest
    permissions:
      pull-requests: read
@@ -25,23 +27,8 @@ jobs:
        id: pr_context
        env:
          PR_NUMBER: ${{ github.event.workflow_run.pull_requests[0].number }}
-          HEAD_BRANCH: ${{ github.event.workflow_run.head_branch }}
          GH_TOKEN: ${{ github.token }}
        run: |
-          if [ -z "$PR_NUMBER" ] && [ -n "$HEAD_BRANCH" ]; then
-            PR_NUMBER="$(gh pr list --state open --head "$HEAD_BRANCH" --json number --jq '.[0].number')"
-          fi
-          if [ -z "$PR_NUMBER" ]; then
-            echo "No pull request found for workflow_run; skipping."
-            {
-              echo "number="
-              echo "author="
-              echo "head_repo="
-              echo "head_branch=${HEAD_BRANCH}"
-              echo "should_run=false"
-            } >> "$GITHUB_OUTPUT"
-            exit 0
-          fi
          pr_author=$(gh api -H "Accept: application/vnd.github+json" \
            /repos/${{ github.repository }}/pulls/${PR_NUMBER} \
            --jq '.user.login')
@@ -76,9 +63,7 @@ jobs:
      contents: write
      pull-requests: write
      issues: write
-      actions: write
-    env:
-      CHACK_LOGS_HTTP_URL: ${{ secrets.CHACK_LOGS_HTTP_URL }}
+      actions: read
    steps:
      - name: Comment on PR with failure info
        uses: actions/github-script@v7
@@ -167,22 +152,12 @@ jobs:
            echo "Leave the repo in a state ready to commit as when you finish, it'll be automatically committed and pushed."
          } > chack_prompt.txt

-      - name: Set up Node.js for Codex
-        uses: actions/setup-node@v5
-        with:
-          node-version: "20"
-
-      - name: Install Codex CLI
-        run: |
-          npm install -g @openai/codex
-          codex --version
-
      - name: Run Chack Agent
        id: run_chack
        uses: carlospolop/chack-agent@master
        with:
-          provider: codex
-          model_primary: CHEAP_BUT_QUALITY
+          provider: openrouter
+          model_primary: BEST_QUALITY
          main_action: peass-ng
          sub_action: PR Failure Chack-Agent Dispatch
          system_prompt: |
@@ -192,51 +167,22 @@ jobs:
          prompt_file: chack_prompt.txt
          tools_config_json: "{\"exec_enabled\": true}"
          session_config_json: "{\"long_term_memory_enabled\": false}"
-          agent_config_json: "{\"self_critique_enabled\": false, \"require_task_steps_manager_init_first\": true}"
-          openai_api_key: ${{ secrets.OPENAI_API_KEY }}
+          openrouter_api_key: ${{ secrets.OPENROUTER_API_KEY }}

      - name: Commit and push if changed
        env:
          TARGET_BRANCH: ${{ needs.resolve_pr_context.outputs.head_branch }}
          PR_NUMBER: ${{ needs.resolve_pr_context.outputs.number }}
-          ORIGINAL_HEAD_SHA: ${{ github.event.workflow_run.head_sha }}
-          GH_TOKEN: ${{ github.token }}
        run: |
+          if git diff --quiet; then
+            echo "No changes to commit."
+            exit 0
+          fi
          rm -f chack_failure_summary.txt chack_prompt.txt
-
-          pushed=false
-
-          if ! git diff --quiet; then
-            git add -A
-            # Avoid workflow-file pushes with token scopes that cannot write workflows.
-            git reset -- .github/workflows || true
-            git checkout -- .github/workflows || true
-            git clean -fdx -- .github/workflows || true
-            git reset -- chack_failure_summary.txt chack_prompt.txt
-            if git diff --cached --name-only | grep -q '^.github/workflows/'; then
-              echo "Workflow-file changes are still staged; skipping push without workflows permission."
-              exit 0
-            fi
-            if ! git diff --cached --quiet; then
-              git commit -m "Fix CI failures for PR #${PR_NUMBER}"
-            fi
-          fi
-
-          after_head="$(git rev-parse HEAD)"
-          if [ "$after_head" = "$ORIGINAL_HEAD_SHA" ]; then
-            echo "No commit produced by Chack Agent for PR #${PR_NUMBER}."
-            exit 0
-          fi
-
-          if ! git push origin HEAD:${TARGET_BRANCH}; then
-            echo "Push failed (likely token workflow permission limits); leaving run successful without push."
-            exit 0
-          fi
-          pushed=true
-
-          if [ "$pushed" = "true" ]; then
-            gh workflow run PR-tests.yml --ref "${TARGET_BRANCH}"
-          fi
+          git add -A
+          git reset -- chack_failure_summary.txt chack_prompt.txt
+          git commit -m "Fix CI failures for PR #${PR_NUMBER}"
+          git push origin HEAD:${TARGET_BRANCH}

      - name: Comment with Chack Agent result
        if: ${{ steps.run_chack.outputs.final-message != '' }}
--- a/build_lists/sensitive_files.yaml
+++ b/build_lists/sensitive_files.yaml
@@ -813,12 +813,6 @@ search:
                      bad_regex: "auth|accessfile=|secret=|user"
                      remove_regex:  "^#|^@"
                      type: f
-                - name: "*"
-                  value:
-                      bad_regex: "nullok|nullok_secure|pam_permit\\.so|pam_rootok\\.so|pam_exec\\.so|pam_unix\\.so.*(nullok|remember=0)|sufficient\\s+pam_unix\\.so"
-                      only_bad_lines: True
-                      remove_regex: "^#|^@"
-                      type: f
              type: d
              search_in: 
                - ${ROOT_FOLDER}etc
@@ -1241,20 +1235,12 @@ search:
          auto_check: False
    
        files:
-          - name: "agent.*"
+          - name: "agent*"
            value: 
                type: f
                remove_path: ".dll"
                search_in: 
                  - ${ROOT_FOLDER}tmp
-                  - ${ROOT_FOLDER}run
-
-          - name: "ssh-agent.sock"
-            value:
-                type: f
-                search_in:
-                  - ${ROOT_FOLDER}tmp
-                  - ${ROOT_FOLDER}run
      
  - name: SSH_CONFIG
    value:
@@ -2081,45 +2067,6 @@ search:
                type: f
                search_in: 
                  - common
-
-          - name: "*.asc"
-            value:
-                type: f
-                remove_path: "/usr/share/|/usr/lib/|/lib/|/man/"
-                search_in:
-                  - common
-
-          - name: "secring.gpg"
-            value:
-                type: f
-                search_in:
-                  - common
-
-          - name: "pubring.kbx"
-            value:
-                type: f
-                search_in:
-                  - common
-
-          - name: "trustdb.gpg"
-            value:
-                type: f
-                search_in:
-                  - common
-
-          - name: "gpg-agent.conf"
-            value:
-                type: f
-                search_in:
-                  - common
-
-          - name: "secret.asc"
-            value:
-                type: f
-                just_list_file: True
-                search_in:
-                  - common
-
          - name: "private-keys-v1.d/*.key"
            value: 
                type: f
@@ -2897,85 +2844,6 @@ search:
                remove_path: "example"
                search_in: 
                  - common
-
-  - name: Proxy_Config
-    value:
-        config:
-          auto_check: True
-
-        files:
-          - name: "environment"
-            value:
-                bad_regex: "(http|https|ftp|all)_proxy|no_proxy"
-                only_bad_lines: True
-                remove_empty_lines: True
-                remove_regex: '^#'
-                type: f
-                check_extra_path: "^/etc/environment$"
-                search_in:
-                  - common
-
-          - name: "apt.conf"
-            value:
-                bad_regex: "Acquire::http::Proxy|Acquire::https::Proxy|proxy"
-                only_bad_lines: True
-                remove_empty_lines: True
-                remove_regex: '^#'
-                type: f
-                search_in:
-                  - common
-
-          - name: "apt.conf.d"
-            value:
-                type: d
-                files:
-                  - name: "*"
-                    value:
-                        bad_regex: "Acquire::http::Proxy|Acquire::https::Proxy|proxy"
-                        only_bad_lines: True
-                        remove_empty_lines: True
-                        remove_regex: '^#'
-                        type: f
-                search_in:
-                  - common
-    
-  - name: Sniffing_Artifacts
-    value:
-        config:
-          auto_check: True
-
-        files:
-          - name: "*.pcap"
-            value:
-                just_list_file: True
-                type: f
-                search_in:
-                  - common
-
-          - name: "*.pcapng"
-            value:
-                just_list_file: True
-                type: f
-                search_in:
-                  - common
-
-          - name: "keys.log"
-            value:
-                bad_regex: "CLIENT_RANDOM|SERVER_HANDSHAKE_TRAFFIC_SECRET|CLIENT_HANDSHAKE_TRAFFIC_SECRET|EXPORTER_SECRET|RESUMPTION_MASTER_SECRET"
-                only_bad_lines: True
-                remove_empty_lines: True
-                type: f
-                search_in:
-                  - common
-
-          - name: "sslkeylog.log"
-            value:
-                bad_regex: "CLIENT_RANDOM|SERVER_HANDSHAKE_TRAFFIC_SECRET|CLIENT_HANDSHAKE_TRAFFIC_SECRET|EXPORTER_SECRET|RESUMPTION_MASTER_SECRET"
-                only_bad_lines: True
-                remove_empty_lines: True
-                type: f
-                search_in:
-                  - common
    
  - name: Msmtprc
    value:
@@ -4080,13 +3948,6 @@ search:
                search_in: 
                  - common

-          - name: "*.maintenance*"
-            value:
-                just_list_file: True
-                type: f
-                search_in:
-                  - common
-
          - name: "*.key"
            value: 
                just_list_file: True
--- a/chack_failed_steps_logs.txt
+++ b/chack_failed_steps_logs.txt
@@ -1,78 +0,0 @@
-Build_and_test_linpeas_master	Build linpeas	2026-02-14T00:11:52.0971447Z ##[group]Run python3 -m pip install PyYAML
-Build_and_test_linpeas_master	Build linpeas	2026-02-14T00:11:52.0973220Z [36;1mpython3 -m pip install PyYAML[0m
-Build_and_test_linpeas_master	Build linpeas	2026-02-14T00:11:52.0974295Z [36;1mcd linPEAS[0m
-Build_and_test_linpeas_master	Build linpeas	2026-02-14T00:11:52.0975572Z [36;1mpython3 -m builder.linpeas_builder --all --output linpeas_fat.sh[0m
-Build_and_test_linpeas_master	Build linpeas	2026-02-14T00:11:52.0977560Z [36;1mpython3 -m builder.linpeas_builder --all-no-fat --output linpeas.sh[0m
-Build_and_test_linpeas_master	Build linpeas	2026-02-14T00:11:52.0979599Z [36;1mpython3 -m builder.linpeas_builder --small --output linpeas_small.sh[0m
-Build_and_test_linpeas_master	Build linpeas	2026-02-14T00:11:52.1030508Z shell: /usr/bin/bash -e {0}
-Build_and_test_linpeas_master	Build linpeas	2026-02-14T00:11:52.1031413Z env:
-Build_and_test_linpeas_master	Build linpeas	2026-02-14T00:11:52.1032274Z   GOTOOLCHAIN: local
-Build_and_test_linpeas_master	Build linpeas	2026-02-14T00:11:52.1033062Z ##[endgroup]
-Build_and_test_linpeas_master	Build linpeas	2026-02-14T00:11:53.2773854Z Defaulting to user installation because normal site-packages is not writeable
-Build_and_test_linpeas_master	Build linpeas	2026-02-14T00:11:53.9179829Z Requirement already satisfied: PyYAML in /usr/lib/python3/dist-packages (6.0.1)
-Build_and_test_linpeas_master	Build linpeas	2026-02-14T00:11:54.4874406Z [+] Downloading regexes...
-Build_and_test_linpeas_master	Build linpeas	2026-02-14T00:11:54.4875412Z Downloaded and saved in '/home/runner/work/PEASS-ng/PEASS-ng/build_lists/regexes.yaml' successfully!
-Build_and_test_linpeas_master	Build linpeas	2026-02-14T00:11:56.4167144Z Traceback (most recent call last):
-Build_and_test_linpeas_master	Build linpeas	2026-02-14T00:11:56.4168210Z   File "<frozen runpy>", line 198, in _run_module_as_main
-Build_and_test_linpeas_master	Build linpeas	2026-02-14T00:11:56.4168928Z   File "<frozen runpy>", line 88, in _run_code
-Build_and_test_linpeas_master	Build linpeas	2026-02-14T00:11:56.4169887Z   File "/home/runner/work/PEASS-ng/PEASS-ng/linPEAS/builder/linpeas_builder.py", line 55, in <module>
-Build_and_test_linpeas_master	Build linpeas	2026-02-14T00:11:56.4171167Z     main(all_modules, all_no_fat_modules, no_network_scanning, small, include_modules, exclude_modules, output)
-Build_and_test_linpeas_master	Build linpeas	2026-02-14T00:11:56.4174426Z   File "/home/runner/work/PEASS-ng/PEASS-ng/linPEAS/builder/linpeas_builder.py", line 21, in main
-Build_and_test_linpeas_master	Build linpeas	2026-02-14T00:11:56.4175184Z     lbuilder.build()
-Build_and_test_linpeas_master	Build linpeas	2026-02-14T00:11:56.4175907Z   File "/home/runner/work/PEASS-ng/PEASS-ng/linPEAS/builder/src/linpeasBuilder.py", line 49, in build
-Build_and_test_linpeas_master	Build linpeas	2026-02-14T00:11:56.4176725Z     variables = self.__generate_variabless()
-Build_and_test_linpeas_master	Build linpeas	2026-02-14T00:11:56.4177314Z                 ^^^^^^^^^^^^^^^^^^^^^^^^^^
-Build_and_test_linpeas_master	Build linpeas	2026-02-14T00:11:56.4178354Z AttributeError: 'LinpeasBuilder' object has no attribute '_LinpeasBuilder__generate_variabless'. Did you mean: '_LinpeasBuilder__generate_variables'?
-Build_and_test_linpeas_master	Build linpeas	2026-02-14T00:11:56.4179375Z [+] Checking the syntax of the modules...
-Build_and_test_linpeas_master	Build linpeas	2026-02-14T00:11:56.4179814Z [+] 161 checks located
-Build_and_test_linpeas_master	Build linpeas	2026-02-14T00:11:56.4180275Z [+] Building temporary linpeas_base.sh with the indicated modules...
-Build_and_test_linpeas_master	Build linpeas	2026-02-14T00:11:56.4180829Z [+] Building variables...
-Build_and_test_linpeas_master	Build linpeas	2026-02-14T00:11:56.4408740Z ##[error]Process completed with exit code 1.
-Build_and_test_macpeas_master	Build macpeas	2026-02-14T00:11:50.7998800Z ##[group]Run python3 -m pip install PyYAML --break-system-packages
-Build_and_test_macpeas_master	Build macpeas	2026-02-14T00:11:50.8000500Z [36;1mpython3 -m pip install PyYAML --break-system-packages[0m
-Build_and_test_macpeas_master	Build macpeas	2026-02-14T00:11:50.8002330Z [36;1mpython3 -m pip install requests --break-system-packages[0m
-Build_and_test_macpeas_master	Build macpeas	2026-02-14T00:11:50.8003570Z [36;1mcd linPEAS[0m
-Build_and_test_macpeas_master	Build macpeas	2026-02-14T00:11:50.8004650Z [36;1mpython3 -m builder.linpeas_builder --all --output linpeas_fat.sh[0m
-Build_and_test_macpeas_master	Build macpeas	2026-02-14T00:11:50.8064280Z shell: /bin/bash -e {0}
-Build_and_test_macpeas_master	Build macpeas	2026-02-14T00:11:50.8066060Z ##[endgroup]
-Build_and_test_macpeas_master	Build macpeas	2026-02-14T00:11:52.4294420Z Collecting PyYAML
-Build_and_test_macpeas_master	Build macpeas	2026-02-14T00:11:52.4743840Z   Downloading pyyaml-6.0.3-cp314-cp314-macosx_11_0_arm64.whl.metadata (2.4 kB)
-Build_and_test_macpeas_master	Build macpeas	2026-02-14T00:11:52.4954660Z Downloading pyyaml-6.0.3-cp314-cp314-macosx_11_0_arm64.whl (173 kB)
-Build_and_test_macpeas_master	Build macpeas	2026-02-14T00:11:52.5318410Z Installing collected packages: PyYAML
-Build_and_test_macpeas_master	Build macpeas	2026-02-14T00:11:52.5701980Z Successfully installed PyYAML-6.0.3
-Build_and_test_macpeas_master	Build macpeas	2026-02-14T00:11:52.9577360Z Collecting requests
-Build_and_test_macpeas_master	Build macpeas	2026-02-14T00:11:52.9800800Z   Downloading requests-2.32.5-py3-none-any.whl.metadata (4.9 kB)
-Build_and_test_macpeas_master	Build macpeas	2026-02-14T00:11:53.0525640Z Collecting charset_normalizer<4,>=2 (from requests)
-Build_and_test_macpeas_master	Build macpeas	2026-02-14T00:11:53.0742810Z   Downloading charset_normalizer-3.4.4-cp314-cp314-macosx_10_13_universal2.whl.metadata (37 kB)
-Build_and_test_macpeas_master	Build macpeas	2026-02-14T00:11:53.0836310Z Collecting idna<4,>=2.5 (from requests)
-Build_and_test_macpeas_master	Build macpeas	2026-02-14T00:11:53.0937740Z   Downloading idna-3.11-py3-none-any.whl.metadata (8.4 kB)
-Build_and_test_macpeas_master	Build macpeas	2026-02-14T00:11:53.1041400Z Collecting urllib3<3,>=1.21.1 (from requests)
-Build_and_test_macpeas_master	Build macpeas	2026-02-14T00:11:53.1142970Z   Downloading urllib3-2.6.3-py3-none-any.whl.metadata (6.9 kB)
-Build_and_test_macpeas_master	Build macpeas	2026-02-14T00:11:53.1190720Z Requirement already satisfied: certifi>=2017.4.17 in /opt/homebrew/lib/python3.14/site-packages (from requests) (2026.1.4)
-Build_and_test_macpeas_master	Build macpeas	2026-02-14T00:11:53.1197310Z Downloading requests-2.32.5-py3-none-any.whl (64 kB)
-Build_and_test_macpeas_master	Build macpeas	2026-02-14T00:11:53.1265270Z Downloading charset_normalizer-3.4.4-cp314-cp314-macosx_10_13_universal2.whl (207 kB)
-Build_and_test_macpeas_master	Build macpeas	2026-02-14T00:11:53.1306710Z Downloading idna-3.11-py3-none-any.whl (71 kB)
-Build_and_test_macpeas_master	Build macpeas	2026-02-14T00:11:53.1392250Z Downloading urllib3-2.6.3-py3-none-any.whl (131 kB)
-Build_and_test_macpeas_master	Build macpeas	2026-02-14T00:11:53.1589340Z Installing collected packages: urllib3, idna, charset_normalizer, requests
-Build_and_test_macpeas_master	Build macpeas	2026-02-14T00:11:53.3645880Z 
-Build_and_test_macpeas_master	Build macpeas	2026-02-14T00:11:53.3747140Z Successfully installed charset_normalizer-3.4.4 idna-3.11 requests-2.32.5 urllib3-2.6.3
-Build_and_test_macpeas_master	Build macpeas	2026-02-14T00:11:53.6562290Z [+] Downloading regexes...
-Build_and_test_macpeas_master	Build macpeas	2026-02-14T00:11:53.6667880Z Downloaded and saved in '/Users/runner/work/PEASS-ng/PEASS-ng/build_lists/regexes.yaml' successfully!
-Build_and_test_macpeas_master	Build macpeas	2026-02-14T00:11:55.4616130Z Traceback (most recent call last):
-Build_and_test_macpeas_master	Build macpeas	2026-02-14T00:11:55.4616610Z [+] Checking the syntax of the modules...
-Build_and_test_macpeas_master	Build macpeas	2026-02-14T00:11:55.4725080Z   File "<frozen runpy>", line 198, in _run_module_as_main
-Build_and_test_macpeas_master	Build macpeas	2026-02-14T00:11:55.4725360Z [+] 161 checks located
-Build_and_test_macpeas_master	Build macpeas	2026-02-14T00:11:55.4828080Z   File "<frozen runpy>", line 88, in _run_code
-Build_and_test_macpeas_master	Build macpeas	2026-02-14T00:11:55.4828560Z [+] Building temporary linpeas_base.sh with the indicated modules...
-Build_and_test_macpeas_master	Build macpeas	2026-02-14T00:11:55.4930770Z   File "/Users/runner/work/PEASS-ng/PEASS-ng/linPEAS/builder/linpeas_builder.py", line 55, in <module>
-Build_and_test_macpeas_master	Build macpeas	2026-02-14T00:11:55.4931470Z [+] Building variables...
-Build_and_test_macpeas_master	Build macpeas	2026-02-14T00:11:55.5000130Z     main(all_modules, all_no_fat_modules, no_network_scanning, small, include_modules, exclude_modules, output)
-Build_and_test_macpeas_master	Build macpeas	2026-02-14T00:11:55.5101380Z     ~~~~^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
-Build_and_test_macpeas_master	Build macpeas	2026-02-14T00:11:55.5202990Z   File "/Users/runner/work/PEASS-ng/PEASS-ng/linPEAS/builder/linpeas_builder.py", line 21, in main
-Build_and_test_macpeas_master	Build macpeas	2026-02-14T00:11:55.5304190Z     lbuilder.build()
-Build_and_test_macpeas_master	Build macpeas	2026-02-14T00:11:55.5405030Z     ~~~~~~~~~~~~~~^^
-Build_and_test_macpeas_master	Build macpeas	2026-02-14T00:11:55.5506090Z   File "/Users/runner/work/PEASS-ng/PEASS-ng/linPEAS/builder/src/linpeasBuilder.py", line 49, in build
-Build_and_test_macpeas_master	Build macpeas	2026-02-14T00:11:55.5610220Z     variables = self.__generate_variabless()
-Build_and_test_macpeas_master	Build macpeas	2026-02-14T00:11:55.5711540Z                 ^^^^^^^^^^^^^^^^^^^^^^^^^^
-Build_and_test_macpeas_master	Build macpeas	2026-02-14T00:11:55.5813140Z AttributeError: 'LinpeasBuilder' object has no attribute '_LinpeasBuilder__generate_variabless'. Did you mean: '_LinpeasBuilder__generate_variables'?
-Build_and_test_macpeas_master	Build macpeas	2026-02-14T00:11:55.5911930Z ##[error]Process completed with exit code 1.
--- a/chack_failure_summary.txt
+++ b/chack_failure_summary.txt
@@ -1,7 +0,0 @@
-Job: Build_and_test_linpeas_master (id 63593607403)
-URL: https://github.com/peass-ng/PEASS-ng/actions/runs/22007237743/job/63593607403
-  Step: Build linpeas
-
-Job: Build_and_test_macpeas_master (id 63593607406)
-URL: https://github.com/peass-ng/PEASS-ng/actions/runs/22007237743/job/63593607406
-  Step: Build macpeas
--- a/chack_prompt.txt
+++ b/chack_prompt.txt
@@ -1,19 +0,0 @@
-You are fixing a failing CI-master_test run in peass-ng/PEASS-ng.
-The failing workflow run is: https://github.com/peass-ng/PEASS-ng/actions/runs/22007237743
-The failing commit SHA is: 381bf74ebd87e5005525d68d52021dd646477f8b
-The target branch for the final PR is: master
-
-Failure summary:
-Job: Build_and_test_linpeas_master (id 63593607403)
-URL: https://github.com/peass-ng/PEASS-ng/actions/runs/22007237743/job/63593607403
-  Step: Build linpeas
-
-Job: Build_and_test_macpeas_master (id 63593607406)
-URL: https://github.com/peass-ng/PEASS-ng/actions/runs/22007237743/job/63593607406
-  Step: Build macpeas
-Failed-step logs file absolute path (local runner): /home/runner/work/PEASS-ng/PEASS-ng/chack_failed_steps_logs.txt
-Read that file to inspect the exact failing logs.
-
-Please identify the cause, apply an easy, simple and minimal fix, and update files accordingly.
-Run any fast checks you can locally (no network).
-Leave the repo in a state ready to commit; changes will be committed and pushed automatically.
--- a/linPEAS/builder/linpeas_builder.py
+++ b/linPEAS/builder/linpeas_builder.py
@@ -53,3 +53,4 @@ if __name__ == "__main__":
        exit(1)
    
    main(all_modules, all_no_fat_modules, no_network_scanning, small, include_modules, exclude_modules, output)
+
--- a/linPEAS/builder/linpeas_parts/2_container/3_Container_details.sh
+++ b/linPEAS/builder/linpeas_parts/2_container/3_Container_details.sh
@@ -36,14 +36,6 @@ print_2title "Container details"

 print_list "Is this a container? ...........$NC $containerType"

-if [ -e "/proc/vz" ] && ! [ -e "/proc/bc" ]; then
-    print_list "Container Runtime ..............$NC OpenVZ"
-fi
-
-if [ -f "/run/systemd/container" ]; then
-     print_list "Systemd Container ..............$NC $(cat /run/systemd/container)"
-fi
-
 # Get container runtime info
 if [ "$(command -v docker || echo -n '')" ]; then
    print_list "Docker version ...............$NC "
--- a/linPEAS/builder/linpeas_parts/2_container/5_Container_breakout.sh
+++ b/linPEAS/builder/linpeas_parts/2_container/5_Container_breakout.sh
@@ -37,10 +37,10 @@
 #       - Container escape tool execution
 # License: GNU GPL
 # Version: 1.0
-# Functions Used: checkContainerExploits, checkProcSysBreakouts, containerCheck, enumerateDockerSockets, print_2title, print_3title, print_info, print_list, warn_exec
+# Functions Used: checkContainerExploits, checkProcSysBreakouts, containerCheck, print_2title, print_3title, print_info, print_list, warn_exec
 # Global Variables: $binfmt_misc_breakout, $containercapsB, $containerType, $core_pattern_breakout, $dev_mounted, $efi_efivars_writable, $efi_vars_writable, $GREP_IGNORE_MOUNTS, $inContainer, $kallsyms_readable, $kcore_readable, $kmem_readable, $kmem_writable, $kmsg_readable, $mem_readable, $mem_writable, $modprobe_present, $mountinfo_readable, $panic_on_oom_dos, $panic_sys_fs_dos, $proc_configgz_readable, $proc_mounted, $run_unshare, $release_agent_breakout1, $release_agent_breakout2, $release_agent_breakout3, $sched_debug_readable, $security_present, $security_writable, $sysreq_trigger_dos, $uevent_helper_breakout, $vmcoreinfo_readable, $VULN_CVE_2019_5021, $self_mem_readable
 # Initial Functions: containerCheck
-# Generated Global Variables: $defautl_docker_caps, $containerd_version, $runc_version, $seccomp_mode_num, $seccomp_mode_desc
+# Generated Global Variables: $defautl_docker_caps, $containerd_version, $runc_version, $containerd_version
 # Fat linpeas: 0
 # Small linpeas: 0

@@ -57,34 +57,14 @@ if [ "$inContainer" ]; then
    
    # Security mechanisms
    print_3title "Security Mechanisms"
-    seccomp_mode_num="$(awk '/^Seccomp:/{print $2}' /proc/self/status 2>/dev/null)"
-    seccomp_mode_desc="unknown"
-    case "$seccomp_mode_num" in
-      0) seccomp_mode_desc="disabled" ;;
-      1) seccomp_mode_desc="strict" ;;
-      2) seccomp_mode_desc="filtering" ;;
-    esac
-
-    print_list "Seccomp mode ................... "$NC
-    (printf "%s (%s)\n" "$seccomp_mode_desc" "${seccomp_mode_num:-?}") | sed "s,disabled,${SED_RED}," | sed "s,strict,${SED_RED_YELLOW}," | sed "s,filtering,${SED_GREEN},"
-
-    if grep -q "^Seccomp_filters:" /proc/self/status 2>/dev/null; then
-      print_list "Seccomp filters ............... "$NC
-      awk '/^Seccomp_filters:/{print $2}' /proc/self/status 2>/dev/null | sed -${E} "s,^[0-9]+$,${SED_GREEN}&,"
-    fi
+    print_list "Seccomp enabled? ............... "$NC
+    ([ "$(grep Seccomp /proc/self/status | grep -v 0)" ] && echo "enabled" || echo "disabled") | sed "s,disabled,${SED_RED}," | sed "s,enabled,${SED_GREEN},"

    print_list "AppArmor profile? .............. "$NC
    (cat /proc/self/attr/current 2>/dev/null || echo "disabled") | sed "s,disabled,${SED_RED}," | sed "s,kernel,${SED_GREEN},"

    print_list "User proc namespace? ........... "$NC
-    if [ "$(cat /proc/self/uid_map 2>/dev/null)" ]; then 
-        (printf "enabled"; cat /proc/self/uid_map) | sed "s,enabled,${SED_GREEN},"; 
-        echo ""
-        echo "  Mappings (Container -> Host -> Range):"
-        cat /proc/self/uid_map | awk '{print "  " $1 " -> " $2 " -> " $3}'
-    else 
-        echo "disabled" | sed "s,disabled,${SED_RED},"; 
-    fi
+    if [ "$(cat /proc/self/uid_map 2>/dev/null)" ]; then (printf "enabled"; cat /proc/self/uid_map) | sed "s,enabled,${SED_GREEN},"; else echo "disabled" | sed "s,disabled,${SED_RED},"; fi

    # Known vulnerabilities
    print_3title "Known Vulnerabilities"
@@ -175,9 +155,6 @@ if [ "$inContainer" ]; then
        cat /proc/self/status | tr '\t' ' ' | grep Cap | sed -${E} "s, .*,${SED_RED},g" | sed -${E} "s/00000000a80425fb/$defautl_docker_caps/g" | sed -${E} "s,0000000000000000|00000000a80425fb,${SED_GREEN},g"
        echo $ITALIC"Run capsh --decode=<hex> to decode the capabilities"$NC
    fi
-
-    print_list "Ambient capabilities ........... "$NC
-    (grep "CapAmb:" /proc/self/status 2>/dev/null | grep -v "0000000000000000" | sed "s,CapAmb:.,," || echo "No") | sed -${E} "s,No,${SED_GREEN}," | sed -${E} "s,[0-9a-fA-F]\+,${SED_RED}&,"
    
    # Additional capability checks
    print_list "Dangerous syscalls allowed ... "$NC
@@ -223,10 +200,6 @@ if [ "$inContainer" ]; then
        echo "No"
    fi
    
-    
-    print_list "Looking and enumerating Docker Sockets (if any):\n"$NC
-    enumerateDockerSockets
-    
    # Additional breakout vectors
    print_3title "Additional Breakout Vectors"
    
--- a/linPEAS/builder/linpeas_parts/4_procs_crons_timers_srvcs_sockets/11_Systemd.sh
+++ b/linPEAS/builder/linpeas_parts/4_procs_crons_timers_srvcs_sockets/11_Systemd.sh
@@ -17,7 +17,7 @@
 # Functions Used: print_2title, print_list, echo_not_found
 # Global Variables: $SEARCH_IN_FOLDER, $Wfolders, $SED_RED, $SED_RED_YELLOW, $NC
 # Initial Functions:
-# Generated Global Variables: $WRITABLESYSTEMDPATH, $line, $service, $file, $version, $user, $caps, $path, $path_line, $service_file, $exec_line, $exec_value, $cmd, $cmd_path, $svc_path_entry, $svc_writable_path
+# Generated Global Variables: $WRITABLESYSTEMDPATH, $line, $service, $file, $version, $user, $caps, $path, $path_line, $service_file, $exec_line, $exec_value, $cmd, $cmd_path
 # Fat linpeas: 0
 # Small linpeas: 1

@@ -113,19 +113,6 @@ if ! [ "$SEARCH_IN_FOLDER" ]; then
            service=$(echo "$line" | awk '{print $1}')
            service_file=$(get_service_file "$service")
            if [ -n "$service_file" ]; then
-                # Check service-specific PATH entries (Environment=PATH=...)
-                svc_writable_path=$(grep -E '^Environment=.*PATH=' "$service_file" 2>/dev/null | sed -E 's/^Environment=//; s/^"//; s/"$//; s/^PATH=//' | tr ':' '\n' | while read -r svc_path_entry; do
-                    [ -z "$svc_path_entry" ] && continue
-                    if [ -d "$svc_path_entry" ] && [ -w "$svc_path_entry" ]; then
-                        echo "$svc_path_entry"
-                    fi
-                done)
-                if [ "$svc_writable_path" ]; then
-                    for svc_path_entry in $svc_writable_path; do
-                        echo "$service: Writable service PATH entry '$svc_path_entry'" | sed -${E} "s,.*,${SED_RED_YELLOW},g"
-                    done
-                fi
-
                # Check ExecStart paths
                grep -E "ExecStart|ExecStartPre|ExecStartPost" "$service_file" 2>/dev/null | 
                while read -r exec_line; do
@@ -143,9 +130,6 @@ if ! [ "$SEARCH_IN_FOLDER" ]; then
                    # Check for relative paths only in the command, not arguments
                    if [ -n "$cmd_path" ] && [ "${cmd_path#/}" = "$cmd_path" ] && [ "${cmd_path#\$}" = "$cmd_path" ]; then
                        echo "$service: Uses relative path '$cmd_path' (from $exec_line)" | sed -${E} "s,.*,${SED_RED},g"
-                        if [ "$svc_writable_path" ]; then
-                            echo "$service: Relative Exec path + writable service PATH can allow path hijacking" | sed -${E} "s,.*,${SED_RED_YELLOW},g"
-                        fi
                    fi
                done
            fi
--- a/linPEAS/builder/linpeas_parts/4_procs_crons_timers_srvcs_sockets/13_Unix_sockets_listening.sh
+++ b/linPEAS/builder/linpeas_parts/4_procs_crons_timers_srvcs_sockets/13_Unix_sockets_listening.sh
@@ -11,7 +11,7 @@
 # License: GNU GPL
 # Version: 1.1
 # Functions Used: print_2title, print_info
-# Global Variables: $EXTRA_CHECKS, $groupsB, $groupsVB, $IAMROOT, $idB, $knw_grps, $knw_usrs, $nosh_usrs, $SEARCH_IN_FOLDER, $sh_usrs, $USER, $SED_RED, $SED_GREEN, $SED_RED_YELLOW, $NC, $RED
+# Global Variables: $EXTRA_CHECKS, $groupsB, $groupsVB, $IAMROOT, $idB, $knw_grps, $knw_usrs, $nosh_usrs, $SEARCH_IN_FOLDER, $sh_usrs, $USER, $SED_RED, $SED_GREEN, $NC, $RED
 # Initial Functions:
 # Generated Global Variables: $unix_scks_list, $unix_scks_list2, $perms, $owner, $owner_info, $response, $socket, $cmd, $mode, $group
 # Fat linpeas: 0
@@ -142,13 +142,10 @@ if ! [ "$IAMROOT" ]; then
                    # Highlight dangerous ownership
                    if echo "$owner_info" | grep -q "root"; then
                        echo "  └─(${RED}Owned by root${NC})"
-                        if echo "$perms" | grep -q "Write"; then
-                            echo "  └─High risk: root-owned and writable Unix socket" | sed -${E} "s,.*,${SED_RED_YELLOW},g"
-                        fi
                    fi
                fi
            fi
        done
    fi
    echo ""
-fi
+fi
--- a/linPEAS/builder/linpeas_parts/5_network_information/11_Internet_access.sh
+++ b/linPEAS/builder/linpeas_parts/5_network_information/11_Internet_access.sh
@@ -5,10 +5,10 @@
 # Description: Check for internet access
 # License: GNU GPL
 # Version: 1.0
-# Functions Used: check_dns, check_icmp, check_tcp_443, check_tcp_443_bin, check_tcp_80, print_2title, print_3title, print_info, check_external_hostname
-# Global Variables: $E
+# Functions Used: check_dns, check_icmp, check_tcp_443, check_tcp_443_bin, check_tcp_80, print_2title, check_external_hostname
+# Global Variables:
 # Initial Functions:
-# Generated Global Variables: $pid4, $pid2, $pid1, $pid3, $tcp443_bin_status, $NOT_CHECK_EXTERNAL_HOSTNAME, $TIMEOUT_INTERNET_SECONDS
+# Generated Global Variables: $pid4, $pid2, $pid1, $pid3, $$tcp443_bin_status, $NOT_CHECK_EXTERNAL_HOSTNAME, $TIMEOUT_INTERNET_SECONDS
 # Fat linpeas: 0
 # Small linpeas: 0

@@ -29,8 +29,8 @@ check_tcp_443 "$TIMEOUT_INTERNET_SECONDS" 2>/dev/null & pid2=$!
 check_icmp "$TIMEOUT_INTERNET_SECONDS" 2>/dev/null & pid3=$!
 check_dns "$TIMEOUT_INTERNET_SECONDS" 2>/dev/null & pid4=$!

-# Kill all check workers after timeout + 1s without relying on integer arithmetic
-(sleep "$TIMEOUT_INTERNET_SECONDS"; sleep 1; kill -9 $pid1 $pid2 $pid3 $pid4 2>/dev/null) &
+# Kill all after 10 seconds
+(sleep $(( $TIMEOUT_INTERNET_SECONDS + 1 )) && kill -9 $pid1 $pid2 $pid3 $pid4 2>/dev/null) &

 check_tcp_443_bin $TIMEOUT_INTERNET_SECONDS 2>/dev/null
 tcp443_bin_status=$?
@@ -50,9 +50,3 @@ if [ "$tcp443_bin_status" -eq 0 ] && \
 fi

 echo ""
-print_3title "Proxy discovery"
-print_info "Checking common proxy env vars and apt proxy config"
-(env | grep -iE '^(http|https|ftp|all)_proxy=|^no_proxy=') 2>/dev/null | sed -${E} "s,_proxy|no_proxy,${SED_RED_YELLOW},g"
-grep -RinE 'Acquire::(http|https)::Proxy|proxy' /etc/apt/apt.conf /etc/apt/apt.conf.d 2>/dev/null | sed -${E} "s,proxy|Acquire::http::Proxy|Acquire::https::Proxy,${SED_RED_YELLOW},g"
-
-echo ""
--- a/linPEAS/builder/linpeas_parts/5_network_information/1_Network_interfaces.sh
+++ b/linPEAS/builder/linpeas_parts/5_network_information/1_Network_interfaces.sh
@@ -5,8 +5,8 @@
 # Description: Check network interfaces
 # License: GNU GPL
 # Version: 1.0
-# Functions Used: print_2title, print_3title
-# Global Variables: $E, $SED_RED_YELLOW
+# Functions Used: print_2title
+# Global Variables:
 # Initial Functions:
 # Generated Global Variables: $iface, $state, $mac, $ip_file, $line
 # Fat linpeas: 0
@@ -73,22 +73,4 @@ else
    parse_network_interfaces
 fi

-if command -v ip >/dev/null 2>&1; then
-    print_3title "Routing & policy quick view"
-    ip route 2>/dev/null
-    ip -6 route 2>/dev/null | head -n 30
-    echo ""
-    ip rule 2>/dev/null
-
-    print_3title "Virtual/overlay interfaces quick view"
-    ip -d link 2>/dev/null | grep -E "^[0-9]+:|veth|docker|cni|flannel|br-|bridge|vlan|bond|tun|tap|wg|tailscale" | sed -${E} "s,veth|docker|cni|flannel|br-|bridge|vlan|bond|tun|tap|wg|tailscale,${SED_RED_YELLOW},g"
-
-    print_3title "Network namespaces quick view"
-    ip netns list 2>/dev/null
-    ls -la /var/run/netns/ 2>/dev/null
-fi
-
-print_3title "Forwarding status"
-sysctl net.ipv4.ip_forward net.ipv6.conf.all.forwarding 2>/dev/null | sed -${E} "s,=[[:space:]]*1,${SED_RED_YELLOW},g"
-
-echo ""
+echo ""
--- a/linPEAS/builder/linpeas_parts/5_network_information/4_Open_ports.sh
+++ b/linPEAS/builder/linpeas_parts/5_network_information/4_Open_ports.sh
@@ -6,7 +6,7 @@
 # License: GNU GPL
 # Version: 1.0
 # Functions Used: print_2title, print_3title, print_info
-# Global Variables: $E, $SED_RED, $SED_RED_YELLOW
+# Global Variables: $E, $SED_RED
 # Initial Functions:
 # Generated Global Variables: $pid_dir, $tx_queue, $pid, $rem_port, $proc_file, $rem_ip, $local_ip, $rx_queue, $proto, $rem_addr, $program, $state, $header_sep, $proc_info, $inode, $header, $line, $local_addr, $local_port
 # Fat linpeas: 0
@@ -122,45 +122,6 @@ get_open_ports() {
        parse_proc_net_ports "udp"
    fi

-    # Focused local service exposure view
-    print_3title "Local-only listeners (loopback)"
-    if command -v ss >/dev/null 2>&1; then
-        ss -nltpu 2>/dev/null | grep -E "127\.0\.0\.1:|::1:" | sed -${E} "s,127\.0\.0\.1:|::1:,${SED_RED},g"
-    elif command -v netstat >/dev/null 2>&1; then
-        netstat -punta 2>/dev/null | grep -i listen | grep -E "127\.0\.0\.1:|::1:" | sed -${E} "s,127\.0\.0\.1:|::1:,${SED_RED},g"
-    fi
-
-    print_3title "Unique listener bind addresses"
-    if command -v ss >/dev/null 2>&1; then
-        ss -nltpuH 2>/dev/null | awk '{
-            a=$5
-            if (a ~ /^\[/) {
-                sub(/^\[/, "", a)
-                sub(/\]:[0-9]+$/, "", a)
-            } else if (a ~ /:[0-9]+$/) {
-                sub(/:[0-9]+$/, "", a)
-            }
-            sub(/^::ffff:/, "", a)
-            if (a != "") print a
-        }' | sort -u | sed -${E} "s,127\.0\.0\.1|::1,${SED_RED},g"
-    elif command -v netstat >/dev/null 2>&1; then
-        netstat -punta 2>/dev/null | grep -i listen | awk '{
-            a=$4
-            if (a ~ /^\[/) {
-                sub(/^\[/, "", a)
-                sub(/\]:[0-9]+$/, "", a)
-            } else if (a ~ /:[0-9]+$/) {
-                sub(/:[0-9]+$/, "", a)
-            }
-            if (a == ":::" ) a="::"
-            sub(/^::ffff:/, "", a)
-            if (a != "") print a
-        }' | sort -u | sed -${E} "s,127\.0\.0\.1|::1,${SED_RED},g"
-    fi
-
-    print_3title "Potential local forwarders/relays"
-    ps aux 2>/dev/null | grep -E "[s]ocat|[s]sh .*(-L|-R|-D)|[n]cat|[n]c .*-l" | sed -${E} "s,socat|ssh|-L|-R|-D|ncat|nc,${SED_RED_YELLOW},g"
-
    # Additional port information
    if [ "$EXTRA_CHECKS" ] || [ "$DEBUG" ]; then
        print_3title "Additional Port Information"
--- a/linPEAS/builder/linpeas_parts/5_network_information/7_Tcpdump.sh
+++ b/linPEAS/builder/linpeas_parts/5_network_information/7_Tcpdump.sh
@@ -6,9 +6,9 @@
 # License: GNU GPL
 # Version: 1.0
 # Functions Used: print_2title, print_3title, print_info, warn_exec
-# Global Variables: $EXTRA_CHECKS, $E, $SED_RED, $SED_GREEN, $SED_RED_YELLOW
+# Global Variables: $EXTRA_CHECKS, $E, $SED_RED, $SED_GREEN
 # Initial Functions:
-# Generated Global Variables: $tools_found, $tool, $interfaces, $interfaces_found, $iface, $cmd, $pattern, $patterns, $dumpcap_test_file
+# Generated Global Variables: $tools_found, $tool, $interfaces, $interfaces_found, $iface, $cmd, $pattern, $patterns
 # Fat linpeas: 0
 # Small linpeas: 1

@@ -26,17 +26,8 @@ check_command() {
 # Function to check if we can sniff on an interface
 check_interface_sniffable() {
    local iface=$1
-    if check_command tcpdump; then
-        if timeout 1 tcpdump -i "$iface" -c 1 >/dev/null 2>&1; then
-            return 0
-        fi
-    elif check_command dumpcap; then
-        dumpcap_test_file="/tmp/.linpeas_dumpcap_test_$$.pcap"
-        if timeout 2 dumpcap -i "$iface" -c 1 -q -w "$dumpcap_test_file" >/dev/null 2>&1; then
-            rm -f "$dumpcap_test_file" 2>/dev/null
-            return 0
-        fi
-        rm -f "$dumpcap_test_file" 2>/dev/null
+    if timeout 1 tcpdump -i "$iface" -c 1 >/dev/null 2>&1; then
+        return 0
    fi
    return 1
 }
@@ -64,20 +55,6 @@ check_network_traffic_analysis() {
        tools_found=1
        # Check tcpdump version and capabilities
        warn_exec tcpdump --version 2>/dev/null | head -n 1
-        getcap "$(command -v tcpdump)" 2>/dev/null
-    fi
-
-    if check_command dumpcap; then
-        echo "dumpcap is available" | sed -${E} "s,.*,${SED_GREEN},g"
-        tools_found=1
-        warn_exec dumpcap --version 2>/dev/null | head -n 1
-        getcap "$(command -v dumpcap)" 2>/dev/null
-
-        if id -nG 2>/dev/null | grep -qw wireshark; then
-            echo "Current user is in wireshark group" | sed -${E} "s,.*,${SED_GREEN},g"
-        elif getent group wireshark >/dev/null 2>&1; then
-            echo "wireshark group exists but current user is not in it" | sed -${E} "s,.*,${SED_RED_YELLOW},g"
-        fi
    fi
    
    if check_command tshark; then
@@ -91,28 +68,10 @@ check_network_traffic_analysis() {
        echo "wireshark is available" | sed -${E} "s,.*,${SED_GREEN},g"
        tools_found=1
    fi
-
-    if check_command ngrep; then
-        echo "ngrep is available" | sed -${E} "s,.*,${SED_GREEN},g"
-        tools_found=1
-    fi
-
-    if check_command tcpflow; then
-        echo "tcpflow is available" | sed -${E} "s,.*,${SED_GREEN},g"
-        tools_found=1
-    fi
    
    if [ $tools_found -eq 0 ]; then
        echo "No sniffing tools found" | sed -${E} "s,.*,${SED_RED},g"
    fi
-
-    if check_command tcpdump; then
-        echo "Sniffable interfaces according to tcpdump -D:"
-        timeout 2 tcpdump -D 2>/dev/null
-    elif check_command dumpcap; then
-        echo "Sniffable interfaces according to dumpcap -D:"
-        timeout 2 dumpcap -D 2>/dev/null
-    fi
    
    # Check network interfaces
    echo ""
@@ -129,28 +88,25 @@ check_network_traffic_analysis() {
    fi
    
    for iface in $interfaces; do
-        if [ "$iface" = "lo" ]; then
-            echo -n "Interface $iface (loopback): "
-        else
+        if [ "$iface" != "lo" ]; then  # Skip loopback
            echo -n "Interface $iface: "
-        fi
-
-        if check_interface_sniffable "$iface"; then
-            echo "Sniffable" | sed -${E} "s,.*,${SED_GREEN},g"
-            interfaces_found=1
-
-            # Check promiscuous mode
-            if [ "$iface" != "lo" ] && check_promiscuous_mode "$iface"; then
-                echo "  - Promiscuous mode enabled" | sed -${E} "s,.*,${SED_RED},g"
+            if check_interface_sniffable "$iface"; then
+                echo "Sniffable" | sed -${E} "s,.*,${SED_GREEN},g"
+                interfaces_found=1
+                
+                # Check promiscuous mode
+                if check_promiscuous_mode "$iface"; then
+                    echo "  - Promiscuous mode enabled" | sed -${E} "s,.*,${SED_RED},g"
+                fi
+                
+                # Get interface details
+                if [ "$EXTRA_CHECKS" ]; then
+                    echo "  - Interface details:"
+                    warn_exec ip addr show "$iface" 2>/dev/null || ifconfig "$iface" 2>/dev/null
+                fi
+            else
+                echo "Not sniffable" | sed -${E} "s,.*,${SED_RED},g"
            fi
-
-            # Get interface details
-            if [ "$EXTRA_CHECKS" ]; then
-                echo "  - Interface details:"
-                warn_exec ip addr show "$iface" 2>/dev/null || ifconfig "$iface" 2>/dev/null
-            fi
-        else
-            echo "Not sniffable" | sed -${E} "s,.*,${SED_RED},g"
        fi
    done
    
@@ -189,12 +145,7 @@ check_network_traffic_analysis() {
        print_info "To capture sensitive traffic, you can use:"
        echo "tcpdump -i <interface> -w capture.pcap" | sed -${E} "s,.*,${SED_GREEN},g"
        echo "tshark -i <interface> -w capture.pcap" | sed -${E} "s,.*,${SED_GREEN},g"
-        echo "dumpcap -i <interface> -w capture.pcap" | sed -${E} "s,.*,${SED_GREEN},g"
    fi
-
-    echo ""
-    print_3title "Running sniffing/traffic reconstruction processes"
-    ps aux 2>/dev/null | grep -E "[t]cpdump|[d]umpcap|[t]shark|[w]ireshark|[n]grep|[t]cpflow" | sed -${E} "s,.*,${SED_RED_YELLOW},g"
    
    # Additional information
    if [ "$EXTRA_CHECKS" ]; then
--- a/linPEAS/builder/linpeas_parts/5_network_information/8_Iptables.sh
+++ b/linPEAS/builder/linpeas_parts/5_network_information/8_Iptables.sh
@@ -6,9 +6,9 @@
 # License: GNU GPL
 # Version: 1.0
 # Functions Used: print_2title, print_3title, warn_exec, echo_not_found
-# Global Variables: $EXTRA_CHECKS, $E, $SED_RED, $SED_GREEN, $SED_YELLOW, $SED_RED_YELLOW
+# Global Variables: $EXTRA_CHECKS, $E, $SED_RED, $SED_GREEN, $SED_YELLOW
 # Initial Functions:
-# Generated Global Variables: $rules_file, $cmd, $tool, $config_file, $sysctl_var
+# Generated Global Variables: $rules_file, $cmd, $tool, $config_file
 # Fat linpeas: 0
 # Small linpeas: 1

@@ -90,9 +90,6 @@ analyze_nftables() {
    # List all rules
    echo -e "\nNftables Ruleset:"
    warn_exec nft list ruleset 2>/dev/null
-
-    echo -e "\nNftables Ruleset with handles (-a):"
-    warn_exec nft -a list ruleset 2>/dev/null | sed -${E} "s,\\bdrop\\b|\\breject\\b|handle [0-9]+,${SED_RED_YELLOW},g"
    
    # Check for saved rules
    echo -e "\nSaved Rules:"
@@ -183,17 +180,6 @@ analyze_firewall_rules() {
    analyze_nftables
    analyze_firewalld
    analyze_ufw
-
-    echo ""
-    print_3title "Forwarding and rp_filter"
-    for sysctl_var in net.ipv4.ip_forward net.ipv6.conf.all.forwarding net.ipv4.conf.all.rp_filter; do
-        sysctl "$sysctl_var" 2>/dev/null | sed -${E} "s,=[[:space:]]*1,${SED_RED_YELLOW},g"
-    done
-
-    if check_command conntrack; then
-        echo -e "\nConntrack state (first 20):"
-        warn_exec conntrack -L 2>/dev/null | head -n 20
-    fi
    
    # Additional checks if EXTRA_CHECKS is enabled
    if [ "$EXTRA_CHECKS" ]; then
@@ -221,4 +207,4 @@ analyze_firewall_rules() {
 }

 # Run the main function
-analyze_firewall_rules
+analyze_firewall_rules
--- a/linPEAS/builder/linpeas_parts/6_users_information/7_Sudo_l.sh
+++ b/linPEAS/builder/linpeas_parts/6_users_information/7_Sudo_l.sh
@@ -34,9 +34,6 @@ if ! [ "$IAMROOT" ] && [ -w '/etc/sudoers.d/' ]; then
  echo "You can create a file in /etc/sudoers.d/ and escalate privileges" | sed -${E} "s,.*,${SED_RED_YELLOW},"
 fi
 for f in /etc/sudoers.d/*; do
-  if [ -w "$f" ]; then
-    echo "Sudoers file: $f is writable and may allow privilege escalation" | sed -${E} "s,.*,${SED_RED_YELLOW},g"
-  fi
  if [ -r "$f" ]; then
    echo "Sudoers file: $f is readable" | sed -${E} "s,.*,${SED_RED},g"
    grep -Iv "^$" "$f" | grep -v "#" | sed "s,_proxy,${SED_RED},g" | sed "s,$sudoG,${SED_GREEN},g" | sed -${E} "s,$sudoVB1,${SED_RED_YELLOW}," | sed -${E} "s,$sudoVB2,${SED_RED_YELLOW}," | sed -${E} "s,$sudoB,${SED_RED},g" | sed "s,pwfeedback,${SED_RED},g"
--- a/linPEAS/builder/linpeas_parts/7_software_information/Screen_sessions.sh
+++ b/linPEAS/builder/linpeas_parts/7_software_information/Screen_sessions.sh
@@ -8,12 +8,12 @@
 # Functions Used: print_2title, print_info
 # Global Variables:$DEBUG, $SEARCH_IN_FOLDER, $USER, $wgroups
 # Initial Functions:
-# Generated Global Variables: $screensess, $screensess2, $uscreen
+# Generated Global Variables: $screensess, $screensess2
 # Fat linpeas: 0
 # Small linpeas: 1


-if (command -v screen >/dev/null 2>&1 || [ -d "/run/screen" ] || [ "$DEBUG" ]) && ! [ "$SEARCH_IN_FOLDER" ]; then
+if ([ "$screensess" ] || [ "$screensess2" ] || [ "$DEBUG" ]) && ! [ "$SEARCH_IN_FOLDER" ]; then
  print_2title "Searching screen sessions"
  print_info "https://book.hacktricks.wiki/en/linux-hardening/privilege-escalation/index.html#open-shell-sessions"
  screensess=$(screen -ls 2>/dev/null)
@@ -25,16 +25,5 @@ if (command -v screen >/dev/null 2>&1 || [ -d "/run/screen" ] || [ "$DEBUG" ]) &
  find /run/screen -type s -path "/run/screen/S-*" -not -user $USER '(' '(' -perm -o=w ')' -or  '(' -perm -g=w -and '(' $wgroups ')' ')' ')' 2>/dev/null | while read f; do
    echo "Other user screen socket is writable: $f" | sed "s,$f,${SED_RED_YELLOW},"
  done
-
-  if [ -r "/etc/passwd" ]; then
-    print_3title "Checking other users screen sessions"
-    cut -d: -f1,7 /etc/passwd 2>/dev/null | grep "sh$" | cut -d: -f1 | grep -v "^$USER$" | while read u; do
-      uscreen=$(screen -ls "${u}/" 2>/dev/null | grep -v "No Sockets found" | grep -v "^$")
-      if [ "$uscreen" ]; then
-        echo "User $u screen sessions:"
-        printf "%s\n" "$uscreen" | sed -${E} "s,.*,${SED_RED},"
-      fi
-    done
-  fi
  echo ""
-fi
+fi
--- a/linPEAS/builder/linpeas_parts/7_software_information/Ssh.sh
+++ b/linPEAS/builder/linpeas_parts/7_software_information/Ssh.sh
@@ -8,7 +8,7 @@
 # Functions Used: print_2title, print_3title
 # Global Variables: $HOME, $HOMESEARCH, $ROOT_FOLDER, $SEARCH_IN_FOLDER, $TIMEOUT, $USER, $wgroups
 # Initial Functions:
-# Generated Global Variables: $certsb4_grep, $hostsallow, $hostsdenied, $sshconfig, $writable_agents, $agent_sockets, $privatekeyfilesetc, $privatekeyfileshome, $privatekeyfilesroot, $privatekeyfilesmnt,
+# Generated Global Variables: $certsb4_grep, $hostsallow, $hostsdenied, $sshconfig, $writable_agents, $privatekeyfilesetc, $privatekeyfileshome, $privatekeyfilesroot, $privatekeyfilesmnt,
 # Fat linpeas: 0
 # Small linpeas: 1

@@ -19,18 +19,12 @@ if ! [ "$SEARCH_IN_FOLDER" ]; then
  sshconfig="$(ls /etc/ssh/ssh_config 2>/dev/null)"
  hostsdenied="$(ls /etc/hosts.denied 2>/dev/null)"
  hostsallow="$(ls /etc/hosts.allow 2>/dev/null)"
-  agent_sockets=$(find /run/user /tmp -type s \( -path "/run/user/*/ssh-*/agent.*" -o -name "ssh-agent.sock" -o -path "/tmp/ssh-*" \) 2>/dev/null)
-  writable_agents=$(find /tmp /etc /home /run/user \
-    \( -type s -a \( -name "agent.*" -o -name "ssh-agent.sock" -o -path "*/ssh-*/agent.*" -o -name "*gpg-agent*" \) \
-    -a \( \( -user "$USER" \) -o \( -perm -o=w \) -o \( -perm -g=w -a \( $wgroups \) \) \) \) 2>/dev/null)
+  writable_agents=$(find /tmp /etc /home -type s -name "agent.*" -or -name "*gpg-agent*" '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or  '(' -perm -g=w -and '(' $wgroups ')' ')' ')' 2>/dev/null)
 else
  sshconfig="$(ls ${ROOT_FOLDER}etc/ssh/ssh_config 2>/dev/null)"
  hostsdenied="$(ls ${ROOT_FOLDER}etc/hosts.denied 2>/dev/null)"
  hostsallow="$(ls ${ROOT_FOLDER}etc/hosts.allow 2>/dev/null)"
-  agent_sockets=$(find "${ROOT_FOLDER}"tmp "${ROOT_FOLDER}"run -type s \( -name "agent.*" -o -name "ssh-agent.sock" \) 2>/dev/null)
-  writable_agents=$(find "${ROOT_FOLDER}" \
-    \( -type s -a \( -name "agent.*" -o -name "ssh-agent.sock" -o -path "*/ssh-*/agent.*" -o -name "*gpg-agent*" \) \
-    -a \( \( -user "$USER" \) -o \( -perm -o=w \) -o \( -perm -g=w -a \( $wgroups \) \) \) \) 2>/dev/null)
+  writable_agents=$(find  ${ROOT_FOLDER} -type s -name "agent.*" -or -name "*gpg-agent*" '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or  '(' -perm -g=w -and '(' $wgroups ')' ')' ')' 2>/dev/null)
 fi

 peass{SSH}
@@ -64,7 +58,7 @@ fi
 if [ "$certsb4_grep" ] || [ "$PSTORAGE_CERTSBIN" ]; then
  print_3title "Some certificates were found (out limited):"
  printf "$certsb4_grep\n" | head -n 20
-  printf "$PSTORAGE_CERTSBIN\n" | head -n 20
+  printf "$$PSTORAGE_CERTSBIN\n" | head -n 20
    echo ""
 fi
 if [ "$PSTORAGE_CERTSCLIENT" ]; then
@@ -77,11 +71,6 @@ if [ "$PSTORAGE_SSH_AGENTS" ]; then
  printf "$PSTORAGE_SSH_AGENTS\n"
  echo ""
 fi
-if [ "$agent_sockets" ]; then
-  print_3title "Potential SSH agent sockets were found:"
-  printf "%s\n" "$agent_sockets" | sed -${E} "s,.*,${SED_RED},"
-  echo ""
-fi
 if ssh-add -l 2>/dev/null | grep -qv 'no identities'; then
  print_3title "Listing SSH Agents"
  ssh-add -l
--- a/linPEAS/builder/linpeas_parts/8_interesting_perms_files/1_SUID.sh
+++ b/linPEAS/builder/linpeas_parts/8_interesting_perms_files/1_SUID.sh
@@ -23,7 +23,6 @@ if ! [ "$STRACE" ]; then
 fi
 suids_files=$(find $ROOT_FOLDER -perm -4000 -type f ! -path "/dev/*" 2>/dev/null)
 printf "%s\n" "$suids_files" | while read s; do
-  [ -z "$s" ] && continue
  s=$(ls -lahtr "$s")
  #If starts like "total 332K" then no SUID bin was found and xargs just executed "ls" in the current folder
  if echo "$s" | grep -qE "^total"; then break; fi
@@ -60,8 +59,6 @@ printf "%s\n" "$suids_files" | while read s; do
                  if [ -O "$sline_first" ] || [ -w "$sline_first" ]; then #And modifiable
                    printf "$ITALIC  --- It looks like $RED$sname$NC$ITALIC is using $RED$sline_first$NC$ITALIC and you can modify it (strings line: $sline) (https://tinyurl.com/suidpath)\n"
                  fi
-                elif echo "$sline_first" | grep -q "/" && [ -d "$(dirname "$sline_first")" ] && [ -w "$(dirname "$sline_first")" ]; then #If path does not exist but can be created
-                  printf "$ITALIC  --- It looks like $RED$sname$NC$ITALIC is using $RED$sline_first$NC$ITALIC and you can create it inside writable dir $RED$(dirname "$sline_first")$NC$ITALIC (strings line: $sline) (https://tinyurl.com/suidpath)\n"
                else #If not a path
                  if [ ${#sline_first} -gt 2 ] && command -v "$sline_first" 2>/dev/null | grep -q '/' && echo "$sline_first" | grep -Eqv "\.\."; then #Check if existing binary
                    printf "$ITALIC  --- It looks like $RED$sname$NC$ITALIC is executing $RED$sline_first$NC$ITALIC and you can impersonate it (strings line: $sline) (https://tinyurl.com/suidpath)\n"
--- a/linPEAS/builder/linpeas_parts/8_interesting_perms_files/2_SGID.sh
+++ b/linPEAS/builder/linpeas_parts/8_interesting_perms_files/2_SGID.sh
@@ -17,7 +17,6 @@ print_2title "SGID"
 print_info "https://book.hacktricks.wiki/en/linux-hardening/privilege-escalation/index.html#sudo-and-suid"
 sgids_files=$(find $ROOT_FOLDER -perm -2000 -type f ! -path "/dev/*" 2>/dev/null)
 printf "%s\n" "$sgids_files" | while read s; do
-  [ -z "$s" ] && continue
  s=$(ls -lahtr "$s")
  #If starts like "total 332K" then no SUID bin was found and xargs just executed "ls" in the current folder
  if echo "$s" | grep -qE "^total";then break; fi
@@ -54,8 +53,6 @@ printf "%s\n" "$sgids_files" | while read s; do
                  if [ -O "$sline_first" ] || [ -w "$sline_first" ]; then #And modifiable
                    printf "$ITALIC  --- It looks like $RED$sname$NC$ITALIC is using $RED$sline_first$NC$ITALIC and you can modify it (strings line: $sline)\n"
                  fi
-                elif echo "$sline_first" | grep -q "/" && [ -d "$(dirname "$sline_first")" ] && [ -w "$(dirname "$sline_first")" ]; then #If path does not exist but can be created
-                  printf "$ITALIC  --- It looks like $RED$sname$NC$ITALIC is using $RED$sline_first$NC$ITALIC and you can create it inside writable dir $RED$(dirname "$sline_first")$NC$ITALIC (strings line: $sline)\n"
                else #If not a path
                  if [ ${#sline_first} -gt 2 ] && command -v "$sline_first" 2>/dev/null | grep -q '/'; then #Check if existing binary
                    printf "$ITALIC  --- It looks like $RED$sname$NC$ITALIC is executing $RED$sline_first$NC$ITALIC and you can impersonate it (strings line: $sline)\n"
@@ -93,4 +90,4 @@ printf "%s\n" "$sgids_files" | while read s; do
    fi
  fi
 done;
-echo ""
+echo ""
--- a/linPEAS/builder/linpeas_parts/8_interesting_perms_files/3_Files_ACLs.sh
+++ b/linPEAS/builder/linpeas_parts/8_interesting_perms_files/3_Files_ACLs.sh
@@ -6,7 +6,7 @@
 # License: GNU GPL
 # Version: 1.0
 # Functions Used: echo_not_found, print_2title, print_info
-# Global Variables: $HOMESEARCH, $knw_usrs, $MACPEAS, $nosh_usrs, $SEARCH_IN_FOLDER, $sh_usrs, $USER, $writeB, $writeVB
+# Global Variables: $HOMESEARCH, $knw_usrs, $MACPEAS, $nosh_usrs, $SEARCH_IN_FOLDER, $sh_usrs, $USER
 # Initial Functions:
 # Generated Global Variables:
 # Fat linpeas: 0
@@ -16,12 +16,12 @@
 print_2title "Files with ACLs (limited to 50)"
 print_info "https://book.hacktricks.wiki/en/linux-hardening/privilege-escalation/index.html#acls"
 if ! [ "$SEARCH_IN_FOLDER" ]; then
-  ( (getfacl -t -s -R -p /bin /etc $HOMESEARCH /opt /sbin /usr /tmp /root 2>/dev/null) || echo_not_found "files with acls in searched folders" ) | head -n 70 | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_RED}," | sed -${E} "s,$writeVB,${SED_RED_YELLOW},g" | sed -${E} "s,$writeB,${SED_RED},g"
+  ( (getfacl -t -s -R -p /bin /etc $HOMESEARCH /opt /sbin /usr /tmp /root 2>/dev/null) || echo_not_found "files with acls in searched folders" ) | head -n 70 | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_RED},"
 else
-  ( (getfacl -t -s -R -p $SEARCH_IN_FOLDER 2>/dev/null) || echo_not_found "files with acls in searched folders" ) | head -n 70 | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_RED}," | sed -${E} "s,$writeVB,${SED_RED_YELLOW},g" | sed -${E} "s,$writeB,${SED_RED},g"
+  ( (getfacl -t -s -R -p $SEARCH_IN_FOLDER 2>/dev/null) || echo_not_found "files with acls in searched folders" ) | head -n 70 | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_RED},"
 fi

 if [ "$MACPEAS" ] && ! [ "$FAST" ] && ! [ "$SUPERFAST" ] && ! [ "$(command -v getfacl || echo -n '')" ]; then  #Find ACL files in macos (veeeery slow)
-  ls -RAle / 2>/dev/null | grep -v "group:everyone deny delete" | grep -E -B1 "\d: " | head -n 70 | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_RED}," | sed -${E} "s,$writeVB,${SED_RED_YELLOW},g" | sed -${E} "s,$writeB,${SED_RED},g"
+  ls -RAle / 2>/dev/null | grep -v "group:everyone deny delete" | grep -E -B1 "\d: " | head -n 70 | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_RED},"
 fi
-echo ""
+echo ""
--- a/linPEAS/builder/linpeas_parts/8_interesting_perms_files/4_Capabilities.sh
+++ b/linPEAS/builder/linpeas_parts/8_interesting_perms_files/4_Capabilities.sh
@@ -8,7 +8,7 @@
 # Functions Used: echo_not_found, print_2title, print_info, print_3title
 # Global Variables: $capsB, $capsVB, $IAMROOT, $SEARCH_IN_FOLDER
 # Initial Functions:
-# Generated Global Variables: $cap_name, $cap_value, $cap_line, $capVB, $capname, $capbins, $capsVB_vuln, $proc_status, $proc_pid, $proc_name, $proc_uid, $user_name, $proc_inh, $proc_prm, $proc_eff, $proc_bnd, $proc_amb, $proc_inh_dec, $proc_prm_dec, $proc_eff_dec, $proc_bnd_dec, $proc_amb_dec
+# Generated Global Variables: $cap_name, $cap_value, $cap_line, $capVB, $capname, $capbins, $capsVB_vuln
 # Fat linpeas: 0
 # Small linpeas: 1

@@ -69,40 +69,6 @@ if ! [ "$SEARCH_IN_FOLDER" ]; then
      fi
    done
    echo ""
-
-    print_3title "Processes with capability sets (non-zero CapEff/CapAmb, limit 40)"
-    find /proc -maxdepth 2 -path "/proc/[0-9]*/status" 2>/dev/null | head -n 400 | while read -r proc_status; do
-      proc_pid=$(echo "$proc_status" | cut -d/ -f3)
-      proc_name=$(awk '/^Name:/{print $2}' "$proc_status" 2>/dev/null)
-      proc_uid=$(awk '/^Uid:/{print $2}' "$proc_status" 2>/dev/null)
-      user_name=$(awk -F: -v uid="$proc_uid" '$3==uid{print $1; exit}' /etc/passwd 2>/dev/null)
-      [ -z "$user_name" ] && user_name="$proc_uid"
-
-      proc_inh=$(awk '/^CapInh:/{print $2}' "$proc_status" 2>/dev/null)
-      proc_prm=$(awk '/^CapPrm:/{print $2}' "$proc_status" 2>/dev/null)
-      proc_eff=$(awk '/^CapEff:/{print $2}' "$proc_status" 2>/dev/null)
-      proc_bnd=$(awk '/^CapBnd:/{print $2}' "$proc_status" 2>/dev/null)
-      proc_amb=$(awk '/^CapAmb:/{print $2}' "$proc_status" 2>/dev/null)
-
-      [ -z "$proc_eff" ] && continue
-      if [ "$proc_eff" != "0000000000000000" ] || [ "$proc_amb" != "0000000000000000" ]; then
-        echo "PID $proc_pid ($proc_name) user=$user_name"
-
-        proc_inh_dec=$(capsh --decode=0x"$proc_inh" 2>/dev/null)
-        proc_prm_dec=$(capsh --decode=0x"$proc_prm" 2>/dev/null)
-        proc_eff_dec=$(capsh --decode=0x"$proc_eff" 2>/dev/null)
-        proc_bnd_dec=$(capsh --decode=0x"$proc_bnd" 2>/dev/null)
-        proc_amb_dec=$(capsh --decode=0x"$proc_amb" 2>/dev/null)
-
-        echo "  CapInh: $proc_inh_dec" | sed -${E} "s,$capsB,${SED_RED},g"
-        echo "  CapPrm: $proc_prm_dec" | sed -${E} "s,$capsB,${SED_RED},g"
-        echo "  CapEff: $proc_eff_dec" | sed -${E} "s,$capsB,${SED_RED_YELLOW},g"
-        echo "  CapBnd: $proc_bnd_dec" | sed -${E} "s,$capsB,${SED_RED},g"
-        echo "  CapAmb: $proc_amb_dec" | sed -${E} "s,$capsB,${SED_RED_YELLOW},g"
-        echo ""
-      fi
-    done | head -n 240
-    echo ""
  
  else
    print_3title "Current shell capabilities"
--- a/linPEAS/builder/linpeas_parts/8_interesting_perms_files/5_Users_with_capabilities.sh
+++ b/linPEAS/builder/linpeas_parts/8_interesting_perms_files/5_Users_with_capabilities.sh
@@ -6,27 +6,19 @@
 # License: GNU GPL
 # Version: 1.0
 # Functions Used: echo_not_found, print_2title, print_info
-# Global Variables: $capsB, $DEBUG, $knw_usrs, $nosh_usrs, $sh_usrs, $USER
+# Global Variables: $DEBUG, $knw_usrs, $nosh_usrs, $sh_usrs, $USER
 # Initial Functions:
-# Generated Global Variables: $pam_cap_lines
+# Generated Global Variables:
 # Fat linpeas: 0
 # Small linpeas: 0


-if [ -f "/etc/security/capability.conf" ] || [ "$DEBUG" ] || grep -Rqs "pam_cap\.so" /etc/pam.d /etc/pam.conf 2>/dev/null; then
+if [ -f "/etc/security/capability.conf" ] || [ "$DEBUG" ]; then
  print_2title "Users with capabilities"
  print_info "https://book.hacktricks.wiki/en/linux-hardening/privilege-escalation/index.html#capabilities"
  if [ -f "/etc/security/capability.conf" ]; then
-    grep -v '^#\|none\|^$' /etc/security/capability.conf 2>/dev/null | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_RED}," | sed -${E} "s,$capsB,${SED_RED},g"
+    grep -v '^#\|none\|^$' /etc/security/capability.conf 2>/dev/null | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_RED},"
  else echo_not_found "/etc/security/capability.conf"
  fi
  echo ""
-  print_info "Checking if PAM loads pam_cap.so"
-  pam_cap_lines=$(grep -RIn "pam_cap\.so" /etc/pam.d /etc/pam.conf 2>/dev/null)
-  if [ "$pam_cap_lines" ]; then
-    printf "%s\n" "$pam_cap_lines" | sed -${E} "s,pam_cap\\.so,${SED_RED_YELLOW},g"
-  else
-    echo_not_found "pam_cap.so in /etc/pam.d or /etc/pam.conf"
-  fi
-  echo ""
-fi
+fi
--- a/linPEAS/builder/linpeas_parts/8_interesting_perms_files/6_Misconfigured_ldso.sh
+++ b/linPEAS/builder/linpeas_parts/8_interesting_perms_files/6_Misconfigured_ldso.sh
@@ -6,7 +6,7 @@
 # License: GNU GPL
 # Version: 1.0
 # Functions Used: print_2title, print_info
-# Global Variables: $IAMROOT, $ITALIC, $SEARCH_IN_FOLDER, $USER, $Wfolders, $ldsoconfdG, $wgroups
+# Global Variables: $IAMROOT, $ITALIC, $SEARCH_IN_FOLDER, $USER, $Wfolders, $wgroups
 # Initial Functions:
 # Generated Global Variables: $ini_path, $fpath
 # Fat linpeas: 0
@@ -26,53 +26,40 @@ if ! [ "$SEARCH_IN_FOLDER" ] && ! [ "$IAMROOT" ]; then
  echo "Content of /etc/ld.so.conf:"
  cat /etc/ld.so.conf 2>/dev/null | sed -${E} "s,$Wfolders,${SED_RED_YELLOW},g"

-  # Check each configured folder and include directives
-  cat /etc/ld.so.conf 2>/dev/null | while IFS= read -r l; do
-    l=$(echo "$l" | sed 's/#.*$//' | xargs 2>/dev/null)
-    [ -z "$l" ] && continue
-
-    if echo "$l" | grep -qE '^include[[:space:]]+'; then
+  # Check each configured folder
+  cat /etc/ld.so.conf 2>/dev/null | while read l; do
+    if echo "$l" | grep -q include; then
      ini_path=$(echo "$l" | cut -d " " -f 2)
      fpath=$(dirname "$ini_path")

-      if [ -d "$fpath" ] && [ -w "$fpath" ]; then
-        echo "You have write privileges over $fpath" | sed -${E} "s,.*,${SED_RED_YELLOW},";
+      if [ -d "/etc/ld.so.conf" ] && [ -w "$fpath" ]; then 
+        echo "You have write privileges over $fpath" | sed -${E} "s,.*,${SED_RED_YELLOW},"; 
        printf $RED_YELLOW$ITALIC"$fpath\n"$NC;
      else
        printf $GREEN$ITALIC"$fpath\n"$NC;
      fi

-      if [ "$(find "$fpath" -type f '(' '(' -user "$USER" ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' 2>/dev/null)" ]; then
-        echo "You have write privileges over $(find "$fpath" -type f '(' '(' -user "$USER" ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' 2>/dev/null)" | sed -${E} "s,.*,${SED_RED_YELLOW},";
+      if [ "$(find $fpath -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or  '(' -perm -g=w -and '(' $wgroups ')' ')' ')' 2>/dev/null)" ]; then
+        echo "You have write privileges over $(find $fpath -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or  '(' -perm -g=w -and '(' $wgroups ')' ')' ')' 2>/dev/null)" | sed -${E} "s,.*,${SED_RED_YELLOW},"; 
      fi

-      for f in $ini_path; do
-        [ -f "$f" ] || continue
-
-        if [ -w "$f" ]; then
-          echo "You have write privileges over $f" | sed -${E} "s,.*,${SED_RED_YELLOW},";
+      for f in $fpath/*; do
+        if [ -w "$f" ]; then 
+          echo "You have write privileges over $f" | sed -${E} "s,.*,${SED_RED_YELLOW},"; 
          printf $RED_YELLOW$ITALIC"$f\n"$NC;
        else
          printf $GREEN$ITALIC"  $f\n"$NC;
        fi

-        cat "$f" 2>/dev/null | grep -v "^#" | while IFS= read -r l2; do
-          l2=$(echo "$l2" | xargs 2>/dev/null)
-          [ -z "$l2" ] && continue
-
-          if [ -d "$l2" ] && [ -w "$l2" ]; then
-            echo "You have write privileges over $l2" | sed -${E} "s,.*,${SED_RED_YELLOW},";
+        cat "$f" | grep -v "^#" | while read l2; do
+          if [ -f "$l2" ] && [ -w "$l2" ]; then 
+            echo "You have write privileges over $l2" | sed -${E} "s,.*,${SED_RED_YELLOW},"; 
            printf $RED_YELLOW$ITALIC"  - $l2\n"$NC;
-          elif [ -d "$l2" ]; then
-            echo $ITALIC"  - $l2"$NC | sed -${E} "s,$ldsoconfdG,${SED_GREEN},g" | sed -${E} "s,$Wfolders,${SED_RED_YELLOW},g";
+          else
+            echo $ITALIC"  - $l2"$NC | sed -${E} "s,$l2,${SED_GREEN}," | sed -${E} "s,$Wfolders,${SED_RED_YELLOW},g";
          fi
        done
      done
-    elif [ -d "$l" ] && [ -w "$l" ]; then
-      echo "You have write privileges over $l" | sed -${E} "s,.*,${SED_RED_YELLOW},";
-      printf $RED_YELLOW$ITALIC"$l\n"$NC;
-    else
-      echo $ITALIC"$l"$NC | sed -${E} "s,$ldsoconfdG,${SED_GREEN},g" | sed -${E} "s,$Wfolders,${SED_RED_YELLOW},g";
    fi
  done
  echo ""
@@ -88,4 +75,4 @@ if ! [ "$SEARCH_IN_FOLDER" ] && ! [ "$IAMROOT" ]; then
    if [ -f "$l" ] && [ -w "$l" ]; then echo "You have write privileges over $l" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi
  done

-fi
+fi
--- a/linPEAS/builder/linpeas_parts/functions/enumerateDockerSockets.sh
+++ b/linPEAS/builder/linpeas_parts/functions/enumerateDockerSockets.sh
@@ -6,9 +6,9 @@
 # License: GNU GPL
 # Version: 1.0
 # Functions Used: echo_not_found
-# Global Variables: $GREP_DOCKER_SOCK_INFOS, $GREP_DOCKER_SOCK_INFOS_IGNORE
+# Global Variables: $GREP_DOCKER_SOCK_INFOS, $GREP_DOCKER_SOCK_INFOS_IGNORE, $IAMROOT
 # Initial Functions:
-# Generated Global Variables: $SEARCHED_DOCKER_SOCKETS, $docker_enumerated, $dockerVersion, $int_sock, $sockInfoResponse
+# Generated Global Variables: $SEARCHED_DOCKER_SOCKETS, $dock_sock, $docker_enumerated, $dockerVersion, $int_sock, $sockInfoResponse
 # Fat linpeas: 0
 # Small linpeas: 1

@@ -17,55 +17,34 @@ enumerateDockerSockets() {
  dockerVersion="$(echo_not_found)"
  if ! [ "$SEARCHED_DOCKER_SOCKETS" ]; then
    SEARCHED_DOCKER_SOCKETS="1"
-    # NOTE: This is intentionally "lightweight" (checks common runtime socket names) and avoids
-    # pseudo filesystems (/sys, /proc) to reduce noise and latency.
-    for int_sock in $(find / \
-      -path "/sys" -prune -o \
-      -path "/proc" -prune -o \
-      -type s \( \
-        -name "docker.sock" -o \
-        -name "docker.socket" -o \
-        -name "dockershim.sock" -o \
-        -name "containerd.sock" -o \
-        -name "crio.sock" -o \
-        -name "frakti.sock" -o \
-        -name "rktlet.sock" \
-      \) -print 2>/dev/null); do
-
-      # Basic permissions hint (you generally need write perms to connect to a unix socket).
-      if [ -w "$int_sock" ]; then
+    for int_sock in $(find / ! -path "/sys/*" -type s -name "docker.sock" -o -name "docker.socket" -o -name "dockershim.sock" -o -name "containerd.sock" -o -name "crio.sock" -o -name "frakti.sock" -o -name "rktlet.sock" 2>/dev/null); do
+      if ! [ "$IAMROOT" ] && [ -w "$int_sock" ]; then
        if echo "$int_sock" | grep -Eq "docker"; then
-          echo "You have write permissions over Docker socket $int_sock" | sed -${E} "s,$int_sock,${SED_RED_YELLOW},g"
+          dock_sock="$int_sock"
+          echo "You have write permissions over Docker socket $dock_sock" | sed -${E} "s,$dock_sock,${SED_RED_YELLOW},g"
+          echo "Docker enummeration:"
+          docker_enumerated=""
+
+          if [ "$(command -v curl || echo -n '')" ]; then
+            sockInfoResponse="$(curl -s --unix-socket $dock_sock http://localhost/info)"
+            dockerVersion=$(echo "$sockInfoResponse" | tr ',' '\n' | grep 'ServerVersion' | cut -d'"' -f 4)
+            echo $sockInfoResponse | tr ',' '\n' | grep -E "$GREP_DOCKER_SOCK_INFOS" | grep -v "$GREP_DOCKER_SOCK_INFOS_IGNORE" | tr -d '"'
+            if [ "$sockInfoResponse" ]; then docker_enumerated="1"; fi
+          fi
+
+          if [ "$(command -v docker || echo -n '')" ] && ! [ "$docker_enumerated" ]; then
+            sockInfoResponse="$(docker info)"
+            dockerVersion=$(echo "$sockInfoResponse" | tr ',' '\n' | grep 'Server Version' | cut -d' ' -f 4)
+            printf "$sockInfoResponse" | tr ',' '\n' | grep -E "$GREP_DOCKER_SOCK_INFOS" | grep -v "$GREP_DOCKER_SOCK_INFOS_IGNORE" | tr -d '"'
+          fi
+        
        else
          echo "You have write permissions over interesting socket $int_sock" | sed -${E} "s,$int_sock,${SED_RED},g"
        fi
+
      else
        echo "You don't have write permissions over interesting socket $int_sock" | sed -${E} "s,$int_sock,${SED_GREEN},g"
      fi
-
-      # Validate whether this looks like a Docker Engine API socket (amicontained-style) when curl exists.
-      docker_enumerated=""
-      if [ "$(command -v curl 2>/dev/null || echo -n '')" ]; then
-        sockInfoResponse="$(curl -s --max-time 2 --unix-socket "$int_sock" http://localhost/info 2>/dev/null)"
-        if echo "$sockInfoResponse" | grep -q "ServerVersion"; then
-          echo "Valid Docker API socket: $int_sock" | sed -${E} "s,$int_sock,${SED_RED_YELLOW},g"
-          dockerVersion=$(echo "$sockInfoResponse" | tr ',' '\n' | grep 'ServerVersion' | cut -d'"' -f 4)
-          echo "$sockInfoResponse" | tr ',' '\n' | grep -E "$GREP_DOCKER_SOCK_INFOS" | grep -v "$GREP_DOCKER_SOCK_INFOS_IGNORE" | tr -d '"'
-          docker_enumerated="1"
-        fi
-      fi
-
-      # Fallback to docker CLI if curl is missing or the /info request didn't work.
-      # Use DOCKER_HOST so we can target non-default socket paths when possible.
-      if [ "$(command -v docker 2>/dev/null || echo -n '')" ] && ! [ "$docker_enumerated" ]; then
-        if [ -w "$int_sock" ] && echo "$int_sock" | grep -Eq "docker"; then
-          sockInfoResponse="$(DOCKER_HOST="unix://$int_sock" docker info 2>/dev/null)"
-          if [ "$sockInfoResponse" ]; then
-            dockerVersion=$(echo "$sockInfoResponse" | grep -i "^ Server Version:" | awk '{print $4}' | head -n 1)
-            printf "%s\n" "$sockInfoResponse" | grep -E "$GREP_DOCKER_SOCK_INFOS" | grep -v "$GREP_DOCKER_SOCK_INFOS_IGNORE" | tr -d '"'
-          fi
-        fi
-      fi
    done
  fi
 }
--- a/linPEAS/builder/linpeas_parts/linpeas_base/0_variables_base.sh
+++ b/linPEAS/builder/linpeas_parts/linpeas_base/0_variables_base.sh
@@ -217,7 +217,7 @@ print_title(){
  max_title_len=80
  rest_len=$((($max_title_len - $title_len) / 2))

-  printf "%s" "${BLUE}"
+  printf ${BLUE}
  for i in $(seq 1 $rest_len); do printf " "; done
  printf "╔"
  for i in $(seq 1 $title_len); do printf "═"; done; printf "═";
@@ -231,13 +231,13 @@ print_title(){

  echo ""

-  printf "%s" "${BLUE}"
+  printf ${BLUE}
  for i in $(seq 1 $rest_len); do printf " "; done
  printf "╚"
  for i in $(seq 1 $title_len); do printf "═"; done; printf "═";
  printf "╝"

-  printf "%s" "${NC}"
+  printf $NC
  echo ""
 }

--- a/linPEAS/builder/linpeas_parts/variables/capsB.sh
+++ b/linPEAS/builder/linpeas_parts/variables/capsB.sh
@@ -13,4 +13,4 @@
 # Small linpeas: 1


-capsB="=ep|cap_chown|cap_fowner|cap_fsetid|cap_setpcap|cap_setfcap|cap_dac_override|cap_dac_read_search|cap_setuid|cap_setgid|cap_kill|cap_net_bind_service|cap_net_raw|cap_net_admin|cap_sys_admin|cap_sys_ptrace|cap_sys_module|cap_sys_rawio|cap_bpf|cap_perfmon"
+capsB="=ep|cap_chown|cap_former|cap_setfcap|cap_dac_override|cap_dac_read_search|cap_setuid|cap_setgid|cap_kill|cap_net_bind_service|cap_net_raw|cap_net_admin|cap_sys_admin|cap_sys_ptrace|cap_sys_module"
--- a/linPEAS/builder/linpeas_parts/variables/capsVB.sh
+++ b/linPEAS/builder/linpeas_parts/variables/capsVB.sh
@@ -18,9 +18,7 @@ cap_sys_ptrace:python \
 cap_sys_module:kmod|python \
 cap_dac_override:python|vim \
 cap_chown:chown|python \
-cap_fowner:chown|python \
-cap_setfcap:python|perl|ruby|php|node|lua|bash \
-cap_setpcap:python|perl|ruby|php|node|lua|bash \
+cap_former:chown|python \
 cap_setuid:peass{CAP_SETUID_HERE} \
 cap_setgid:peass{CAP_SETGID_HERE} \
-cap_net_raw:python|tcpdump|dumpcap|tcpflow"
+cap_net_raw:python|tcpdump"
--- a/linPEAS/builder/linpeas_parts/variables/pwd_in_variables.sh
+++ b/linPEAS/builder/linpeas_parts/variables/pwd_in_variables.sh
@@ -24,4 +24,4 @@ pwd_in_variables7="MAILGUN_APIKEY|MAILGUN_API_KEY|MAILGUN_DOMAIN|MAILGUN_PRIV_KE
 pwd_in_variables8="OKTA_OAUTH2_ISSUER|OMISE_KEY|OMISE_PKEY|OMISE_PUBKEY|OMISE_SKEY|ONESIGNAL_API_KEY|ONESIGNAL_USER_AUTH_KEY|OPENWHISK_KEY|OPEN_WHISK_KEY|OSSRH_PASS|OSSRH_SECRET|OSSRH_USER|OS_AUTH_URL|OS_PROJECT_NAME|OS_TENANT_ID|OS_TENANT_NAME|PAGERDUTY_APIKEY|PAGERDUTY_ESCALATION_POLICY_ID|PAGERDUTY_FROM_USER|PAGERDUTY_PRIORITY_ID|PAGERDUTY_SERVICE_ID|PANTHEON_SITE|PARSE_APP_ID|PARSE_JS_KEY|PAYPAL_CLIENT_ID|PAYPAL_CLIENT_SECRET|PERCY_TOKEN|PERSONAL_KEY|PERSONAL_SECRET|PG_DATABASE|PG_HOST|PLACES_APIKEY|PLACES_API_KEY|PLACES_APPID|PLACES_APPLICATION_ID|PLOTLY_APIKEY|POSTGRESQL_DB|POSTGRESQL_PASS|POSTGRES_ENV_POSTGRES_DB|POSTGRES_ENV_POSTGRES_USER|POSTGRES_PORT|PREBUILD_AUTH|PROD.ACCESS.KEY.ID|PROD.SECRET.KEY|PROD_BASE_URL_RUNSCOPE|PROJECT_CONFIG|PUBLISH_KEY|PUBLISH_SECRET|PUSHOVER_TOKEN|PUSHOVER_USER|PYPI_PASSOWRD|QUIP_TOKEN|RABBITMQ_SERVER_ADDR|REDISCLOUD_URL|REDIS_STUNNEL_URLS|REFRESH_TOKEN|RELEASE_GH_TOKEN|RELEASE_TOKEN|remoteUserToShareTravis|REPORTING_WEBDAV_URL|REPORTING_WEBDAV_USER|repoToken|REST_API_KEY|RINKEBY_PRIVATE_KEY|ROPSTEN_PRIVATE_KEY|route53_access_key_id|RTD_KEY_PASS|RTD_STORE_PASS|RUBYGEMS_AUTH_TOKEN|s3_access_key|S3_ACCESS_KEY_ID|S3_BUCKET_NAME_APP_LOGS|S3_BUCKET_NAME_ASSETS|S3_KEY"
 pwd_in_variables9="S3_KEY_APP_LOGS|S3_KEY_ASSETS|S3_PHOTO_BUCKET|S3_SECRET_APP_LOGS|S3_SECRET_ASSETS|S3_SECRET_KEY|S3_USER_ID|S3_USER_SECRET|SACLOUD_ACCESS_TOKEN|SACLOUD_ACCESS_TOKEN_SECRET|SACLOUD_API|SALESFORCE_BULK_TEST_SECURITY_TOKEN|SANDBOX_ACCESS_TOKEN|SANDBOX_AWS_ACCESS_KEY_ID|SANDBOX_AWS_SECRET_ACCESS_KEY|SANDBOX_LOCATION_ID|SAUCE_ACCESS_KEY|SECRETACCESSKEY|SECRETKEY|SECRET_0|SECRET_10|SECRET_11|SECRET_1|SECRET_2|SECRET_3|SECRET_4|SECRET_5|SECRET_6|SECRET_7|SECRET_8|SECRET_9|SECRET_KEY_BASE|SEGMENT_API_KEY|SELION_SELENIUM_SAUCELAB_GRID_CONFIG_FILE|SELION_SELENIUM_USE_SAUCELAB_GRID|SENDGRID|SENDGRID_API_KEY|SENDGRID_FROM_ADDRESS|SENDGRID_KEY|SENDGRID_USER|SENDWITHUS_KEY|SENTRY_AUTH_TOKEN|SERVICE_ACCOUNT_SECRET|SES_ACCESS_KEY|SES_SECRET_KEY|setDstAccessKey|setDstSecretKey|setSecretKey|SIGNING_KEY|SIGNING_KEY_SECRET|SIGNING_KEY_SID|SNOOWRAP_CLIENT_SECRET|SNOOWRAP_REDIRECT_URI|SNOOWRAP_REFRESH_TOKEN|SNOOWRAP_USER_AGENT|SNYK_API_TOKEN|SNYK_ORG_ID|SNYK_TOKEN|SOCRATA_APP_TOKEN|SOCRATA_USER|SONAR_ORGANIZATION_KEY|SONAR_PROJECT_KEY|SONAR_TOKEN|SONATYPE_GPG_KEY_NAME|SONATYPE_GPG_PASSPHRASE|SONATYPE_PASSSONATYPE_TOKEN_USER|SONATYPE_USER|SOUNDCLOUD_CLIENT_ID|SOUNDCLOUD_CLIENT_SECRET|SPACES_ACCESS_KEY_ID|SPACES_SECRET_ACCESS_KEY"
 pwd_in_variables10="SPA_CLIENT_ID|SPOTIFY_API_ACCESS_TOKEN|SPOTIFY_API_CLIENT_ID|SPOTIFY_API_CLIENT_SECRET|sqsAccessKey|sqsSecretKey|SRCCLR_API_TOKEN|SSHPASS|SSMTP_CONFIG|STARSHIP_ACCOUNT_SID|STARSHIP_AUTH_TOKEN|STAR_TEST_AWS_ACCESS_KEY_ID|STAR_TEST_BUCKET|STAR_TEST_LOCATION|STAR_TEST_SECRET_ACCESS_KEY|STORMPATH_API_KEY_ID|STORMPATH_API_KEY_SECRET|STRIPE_PRIVATE|STRIPE_PUBLIC|STRIP_PUBLISHABLE_KEY|STRIP_SECRET_KEY|SURGE_LOGIN|SURGE_TOKEN|SVN_PASS|SVN_USER|TESCO_API_KEY|THERA_OSS_ACCESS_ID|THERA_OSS_ACCESS_KEY|TRAVIS_ACCESS_TOKEN|TRAVIS_API_TOKEN|TRAVIS_COM_TOKEN|TRAVIS_E2E_TOKEN|TRAVIS_GH_TOKEN|TRAVIS_PULL_REQUEST|TRAVIS_SECURE_ENV_VARS|TRAVIS_TOKEN|TREX_CLIENT_ORGURL|TREX_CLIENT_TOKEN|TREX_OKTA_CLIENT_ORGURL|TREX_OKTA_CLIENT_TOKEN|TWILIO_ACCOUNT_ID|TWILIO_ACCOUNT_SID|TWILIO_API_KEY|TWILIO_API_SECRET|TWILIO_CHAT_ACCOUNT_API_SERVICE|TWILIO_CONFIGURATION_SID|TWILIO_SID|TWILIO_TOKEN|TWITTEROAUTHACCESSSECRET|TWITTEROAUTHACCESSTOKEN|TWITTER_CONSUMER_KEY|TWITTER_CONSUMER_SECRET|UNITY_SERIAL|URBAN_KEY|URBAN_MASTER_SECRET|URBAN_SECRET|userTravis|USER_ASSETS_ACCESS_KEY_ID|USER_ASSETS_SECRET_ACCESS_KEY|VAULT_APPROLE_SECRET_ID|VAULT_PATH|VIP_GITHUB_BUILD_REPO_DEPLOY_KEY|VIP_GITHUB_DEPLOY_KEY|VIP_GITHUB_DEPLOY_KEY_PASS"
-pwd_in_variables11="VIRUSTOTAL_APIKEY|VISUAL_RECOGNITION_API_KEY|V_SFDC_CLIENT_ID|V_SFDC_CLIENT_SECRET|WAKATIME_API_KEY|WAKATIME_PROJECT|WATSON_CLIENT|WATSON_CONVERSATION_WORKSPACE|WATSON_DEVICE|WATSON_DEVICE_TOPIC|WATSON_TEAM_ID|WATSON_TOPIC|WIDGET_BASIC_USER_2|WIDGET_BASIC_USER_3|WIDGET_BASIC_USER_4|WIDGET_BASIC_USER_5|WIDGET_FB_USER|WIDGET_FB_USER_2|WIDGET_FB_USER_3|WIDGET_TEST_SERVERWORDPRESS_DB_USER|WORKSPACE_ID|WPJM_PHPUNIT_GOOGLE_GEOCODE_API_KEY|WPT_DB_HOST|WPT_DB_NAME|WPT_DB_USER|WPT_PREPARE_DIR|WPT_REPORT_API_KEY|WPT_SSH_CONNECT|WPT_SSH_PRIVATE_KEY_BASE64|YANGSHUN_GH_TOKEN|YT_ACCOUNT_CHANNEL_ID|YT_ACCOUNT_CLIENT_ID|YT_ACCOUNT_CLIENT_SECRET|YT_ACCOUNT_REFRESH_TOKEN|YT_API_KEY|YT_CLIENT_ID|YT_CLIENT_SECRET|YT_PARTNER_CHANNEL_ID|YT_PARTNER_CLIENT_ID|YT_PARTNER_CLIENT_SECRET|YT_PARTNER_ID|YT_PARTNER_REFRESH_TOKEN|YT_SERVER_API_KEY|ZHULIANG_GH_TOKEN|ZOPIM_ACCOUNT_KEY|USERNAME|PASSWORD|PASSWD|CREDENTIALS?"
+pwd_in_variables11="VIRUSTOTAL_APIKEY|VISUAL_RECOGNITION_API_KEY|V_SFDC_CLIENT_ID|V_SFDC_CLIENT_SECRET|WAKATIME_API_KEY|WAKATIME_PROJECT|WATSON_CLIENT|WATSON_CONVERSATION_WORKSPACE|WATSON_DEVICE|WATSON_DEVICE_TOPIC|WATSON_TEAM_ID|WATSON_TOPIC|WIDGET_BASIC_USER_2|WIDGET_BASIC_USER_3|WIDGET_BASIC_USER_4|WIDGET_BASIC_USER_5|WIDGET_FB_USER|WIDGET_FB_USER_2|WIDGET_FB_USER_3|WIDGET_TEST_SERVERWORDPRESS_DB_USER|WORKSPACE_ID|WPJM_PHPUNIT_GOOGLE_GEOCODE_API_KEY|WPT_DB_HOST|WPT_DB_NAME|WPT_DB_USER|WPT_PREPARE_DIR|WPT_REPORT_API_KEY|WPT_SSH_CONNECT|WPT_SSH_PRIVATE_KEY_BASE64|YANGSHUN_GH_TOKEN|YT_ACCOUNT_CHANNEL_ID|YT_ACCOUNT_CLIENT_ID|YT_ACCOUNT_CLIENT_SECRET|YT_ACCOUNT_REFRESH_TOKEN|YT_API_KEY|YT_CLIENT_ID|YT_CLIENT_SECRET|YT_PARTNER_CHANNEL_ID|YT_PARTNER_CLIENT_ID|YT_PARTNER_CLIENT_SECRET|YT_PARTNER_ID|YT_PARTNER_REFRESH_TOKEN|YT_SERVER_API_KEY|ZHULIANG_GH_TOKEN|ZOPIM_ACCOUNT_KEY"
--- a/linPEAS/builder/linpeas_parts/variables/sudoB.sh
+++ b/linPEAS/builder/linpeas_parts/variables/sudoB.sh
@@ -12,4 +12,4 @@
 # Fat linpeas: 0
 # Small linpeas: 1

-sudoB="$(whoami)|ALL:ALL|ALL : ALL|ALL|env_keep|NOPASSWD|SETENV|/apache2|/cryptsetup|/mount|/restic|/usermod|/sbin/ldconfig|/usr/sbin/ldconfig|ldconfig -f|--password-command|--password-file|-o ProxyCommand|-o PreferredAuthentications"
+sudoB="$(whoami)|ALL:ALL|ALL : ALL|ALL|env_keep|NOPASSWD|SETENV|/apache2|/cryptsetup|/mount|/restic|--password-command|--password-file|-o ProxyCommand|-o PreferredAuthentications"
--- a/linPEAS/builder/linpeas_parts/variables/writeVB.sh
+++ b/linPEAS/builder/linpeas_parts/variables/writeVB.sh
@@ -13,4 +13,4 @@
 # Small linpeas: 1


-writeVB="/etc/anacrontab|/etc/apt/apt.conf.d|/etc/bash.bashrc|/etc/bash_completion|/etc/bash_completion.d/|/etc/cron|/etc/environment|/etc/environment.d/|/etc/group|/etc/incron.d/|/etc/init|/etc/ld.so.conf.d/|/etc/ld.so.preload|/etc/master.passwd|/etc/passwd|/etc/profile.d/|/etc/profile|/etc/rc.d|/etc/shadow|/etc/skey/|/etc/sudoers|/etc/sudoers.d/|/etc/supervisor/conf.d/|/etc/supervisor/supervisord.conf|/etc/systemd|/etc/sys|/lib/systemd|/etc/update-motd.d/|/root/.ssh/|/run/systemd|/usr/lib/cron/tabs/|/usr/lib/systemd|/systemd/system|/var/db/yubikey/|/var/spool/anacron|/var/spool/cron/crontabs|"$(echo $PATH 2>/dev/null | sed 's/:\.:/:/g' | sed 's/:\.$//g' | sed 's/^\.://g' | sed 's/:/$|^/g') #Add Path but remove simple dot in PATH
+writeVB="/etc/anacrontab|/etc/apt/apt.conf.d|/etc/bash.bashrc|/etc/bash_completion|/etc/bash_completion.d/|/etc/cron|/etc/environment|/etc/environment.d/|/etc/group|/etc/incron.d/|/etc/init|/etc/ld.so.conf.d/|/etc/master.passwd|/etc/passwd|/etc/profile.d/|/etc/profile|/etc/rc.d|/etc/shadow|/etc/skey/|/etc/sudoers|/etc/sudoers.d/|/etc/supervisor/conf.d/|/etc/supervisor/supervisord.conf|/etc/systemd|/etc/sys|/lib/systemd|/etc/update-motd.d/|/root/.ssh/|/run/systemd|/usr/lib/cron/tabs/|/usr/lib/systemd|/systemd/system|/var/db/yubikey/|/var/spool/anacron|/var/spool/cron/crontabs|"$(echo $PATH 2>/dev/null | sed 's/:\.:/:/g' | sed 's/:\.$//g' | sed 's/^\.://g' | sed 's/:/$|^/g') #Add Path but remove simple dot in PATH
Author	SHA1	Message	Date
Carlos Polop	10e1786e6d	Trigger PR tests after chack-agent fix	2026-02-11 14:12:27 +01:00
chack-agent	e60c50100e	Fix CI failures for PR #585	2026-02-11 13:10:57 +00:00
Carlos Polop	8e917c239f	Test chack-agent workflows with intentional PR failure	2026-02-11 13:52:44 +01:00