1 | 1 | | #!/bin/bash |
2 | | - | test |
| 2 | + | |
3 | 3 | | ############################################################################################################### |
4 | 4 | | ## [Title]: linuxprivchecker.sh -- a Linux Privilege Escalation Check Script |
5 | 5 | | ## [Original Author]: Mike Czumak (T_v3rn1x) -- @SecuritySift |
| skipped 88 lines |
94 | 94 | | |
95 | 95 | | systemNAME="Hostname"; |
96 | 96 | | cmdRESPONSE "hostname -f"; |
97 | | - | |
98 | | - | systemNAME="Environment Variables"; |
99 | | - | cmdRESPONSE "env | grep -v "LS_COLORS""; |
100 | | - | |
101 | | - | systemNAME="Printer"; |
102 | | - | cmdRESPONSE "lpstat -a"; |
103 | 97 | | } |
104 | 98 | | |
105 | 99 | | netWORK(){ |
| skipped 1 lines |
107 | 101 | | systemAREAtitle; |
108 | 102 | | |
109 | 103 | | systemNAME="Network Interfaces"; |
110 | | - | cmdRESPONSE "if [ -x "$(command -v ifconfig)" ]; then ifconfig; else ip a; fi"; |
| 104 | + | cmdRESPONSE "ifconfig || ip a"; |
111 | 105 | | |
112 | 106 | | systemNAME="DNS Resolver"; |
| 107 | + | cmdRESPONSE "cat /etc/resolv.conf"; |
113 | 108 | | |
114 | 109 | | systemNAME="Route"; |
115 | | - | cmdRESPONSE "if [ -x "$(command -v route)" ]; then route -n; else ip route; fi"; |
| 110 | + | cmdRESPONSE "route -n || ip route"; |
116 | 111 | | } |
117 | 112 | | |
118 | | - | userACCOUNTS(){ |
119 | | - | systemAREA="Users"; |
| 113 | + | userENVIRONMENT(){ |
| 114 | + | systemAREA="USERS & ENVIRONMENT"; |
120 | 115 | | systemAREAtitle; |
121 | 116 | | |
122 | | - | systemNAME="All Users"; |
123 | | - | cmdRESPONSE "cat /etc/passwd"; |
| 117 | + | systemNAME="Current User"; |
| 118 | + | cmdRESPONSE "whoami"; |
124 | 119 | | |
125 | | - | systemNAME="My ID & Group(s)"; |
| 120 | + | systemNAME="Current User ID"; |
126 | 121 | | cmdRESPONSE "id"; |
127 | 122 | | |
128 | 123 | | systemNAME="Who's Logged Right Now"; |
| skipped 2 lines |
131 | 126 | | systemNAME="Who's Logged Last"; |
132 | 127 | | cmdRESPONSE "last"; |
133 | 128 | | |
| 129 | + | systemNAME="All Users"; |
| 130 | + | cmdRESPONSE "cat /etc/passwd"; |
| 131 | + | |
| 132 | + | systemNAME="All Groups"; |
| 133 | + | cmdRESPONSE "cat /etc/group"; |
| 134 | + | |
| 135 | + | systemNAME="Shadow File"; |
| 136 | + | cmdRESPONSE "cat /etc/shadow"; |
| 137 | + | |
134 | 138 | | systemNAME="Super Users"; |
135 | 139 | | cmdRESPONSE "grep -v -E '^#' /etc/passwd | awk -F: '(/$3 == 0) { print /$1 }'"; |
136 | 140 | | |
| skipped 6 lines |
143 | 147 | | systemNAME="Sudoers Files (Privileged) [/etc/sudoers.d/*]"; |
144 | 148 | | cmdRESPONSE "cat /etc/sudoers.d/* | grep -v '#'"; |
145 | 149 | | |
146 | | - | systemNAME="Shadow File"; |
147 | | - | cmdRESPONSE "cat /etc/shadow"; |
148 | | - | |
149 | 150 | | systemNAME="Root and Current User History (depends on privs)"; |
150 | 151 | | cmdRESPONSE "ls -al ~/.*_history 2>/dev/null; ls -la /root/.*_history"; |
| 152 | + | |
| 153 | + | systemNAME="Environment Variables"; |
| 154 | + | cmdRESPONSE "env | grep -v "LS_COLORS""; |
| 155 | + | |
| 156 | + | systemNAME="Printer"; |
| 157 | + | cmdRESPONSE "lpstat -a"; |
151 | 158 | | } |
152 | 159 | | |
153 | | - | fileSYSTEMS(){ |
154 | | - | systemAREA="FILE SYSTEMS"; |
| 160 | + | filePERMISSIONS(){ |
| 161 | + | systemAREA="FILE SYSTEMS & PERMISSIONS"; |
155 | 162 | | systemAREAtitle; |
156 | 163 | | |
157 | 164 | | systemNAME="Mounts"; |
| skipped 25 lines |
183 | 190 | | |
184 | 191 | | systemNAME="Configuration Files Containing Keyword 'password'"; |
185 | 192 | | cmdRESPONSE "find /var/log -name '*.log' | xargs -l10 egrep 'pwd|password' 2>/dev/null"; |
186 | | - | |
187 | 193 | | } |
188 | 194 | | |
189 | 195 | | applicationSERVICES(){ |
| skipped 51 lines |
241 | 247 | | fi |
242 | 248 | | } |
243 | 249 | | |
244 | | - | cleanUP(){ |
245 | | - | systemAREA="Clean Up"; |
246 | | - | systemAREAtitle; |
247 | | - | |
248 | | - | systemNAME="Clearing /var/log/auth.log"; |
249 | | - | cmdRESPONSE "echo " " > /var/log/auth.log"; |
250 | | - | |
251 | | - | systemNAME="Clearning bash_history"; |
252 | | - | cmdRESPONSE "echo " " > ~/.bash_history"; |
253 | | - | |
254 | | - | systemNAME="Clearing Current Session History"; |
255 | | - | cmdRESPONSE "history -c"; |
256 | | - | |
257 | | - | systemNAME="Setting history max lines to 0"; |
258 | | - | cmdRESPONSE "export HISTFILESIZE=0"; |
259 | | - | |
260 | | - | systemNAME="Setting history max cmds to 0"; |
261 | | - | cmdRESPONSE "export HISTSIZE=0"; |
262 | | - | |
263 | | - | echo ${titleLINE}; |
264 | | - | echo "FINISHED" |
265 | | - | echo -e ${titleLINE}${RESET}; |
266 | | - | } |
267 | | - | |
268 | 250 | | start(){ |
269 | 251 | | scriptTITLE; |
270 | 252 | | operatingSYSTEM; |
271 | 253 | | netWORK; |
272 | | - | userACCOUNTS; |
273 | | - | fileSYSTEMS; |
| 254 | + | userENVIRONMENT; |
| 255 | + | filePERMISSIONS; |
274 | 256 | | applicationSERVICES; |
275 | 257 | | searchEXPLOITS; |
276 | | - | cleanUP; |
| 258 | + | echo ${titleLINE}; |
| 259 | + | echo "FINISHED" |
| 260 | + | echo -e ${titleLINE}${RESET}; |
277 | 261 | | echo -e $RESET; |
278 | 262 | | } |
279 | 263 | | |
| skipped 2 lines |