Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

added interactive mode to allow manual stepping through the output #53

Open
wants to merge 2 commits into
base: master
Choose a base branch
from
Open

added interactive mode to allow manual stepping through the output #53

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
34bf5e2
added interactive mode to allow manual stepping through the output
jsav0 Apr 28, 2020
bf8e38e
added interactive mode
jsav0 Apr 28, 2020
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
42 changes: 41 additions & 1 deletion LinEnum.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -35,6 +35,12 @@ echo -e "\e[00;33m# $version\e[00m\n"

}

is_interactive() {
printf "\n"
read -p "Press any key to continue.."
printf "\n"
}

debug_info()
{
echo "[-] Debug Info"
Expand Down Expand Up @@ -111,6 +117,9 @@ if [ "$hostnamed" ]; then
echo -e "\e[00;31m[-] Hostname:\e[00m\n$hostnamed"
echo -e "\n"
fi

[ "$interactive" ] && is_interactive

}

user_info()
Expand Down Expand Up @@ -350,6 +359,9 @@ if [ "$sshrootlogin" = "yes" ]; then
echo -e "\e[00;31m[-] Root is allowed to login via SSH:\e[00m" ; grep "PermitRootLogin " /etc/ssh/sshd_config 2>/dev/null | grep -v "#"
echo -e "\n"
fi

[ "$interactive" ] && is_interactive

}

environmental_info()
Expand Down Expand Up @@ -413,6 +425,9 @@ if [ "$export" ] && [ "$logindefs" ]; then
mkdir $format/etc-export/ 2>/dev/null
cp /etc/login.defs $format/etc-export/login.defs 2>/dev/null
fi

[ "$interactive" ] && is_interactive

}

job_info()
Expand Down Expand Up @@ -480,6 +495,8 @@ if [ "$systemdtimers" ]; then
echo -e "\n"
fi

[ "$interactive" ] && is_interactive

}

networking_info()
Expand Down Expand Up @@ -564,6 +581,9 @@ if [ ! "$udpservs" ] && [ "$udpservsip" ]; then
echo -e "\e[00;31m[-] Listening UDP:\e[00m\n$udpservsip"
echo -e "\n"
fi

[ "$interactive" ] && is_interactive

}

services_info()
Expand Down Expand Up @@ -697,6 +717,9 @@ if [ "$systemdperms" ]; then
echo -e "\e[00;33m[+] /lib/systemd/* config files not belonging to root:\e[00m\n$systemdperms"
echo -e "\n"
fi

[ "$interactive" ] && is_interactive

}

software_configs()
Expand Down Expand Up @@ -805,6 +828,8 @@ if [ "$thorough" = "1" ]; then
fi
fi

[ "$interactive" ] && is_interactive

}

interesting_files()
Expand Down Expand Up @@ -947,6 +972,7 @@ privatekeyfiles=`grep -rl "PRIVATE KEY-----" /home 2>/dev/null`
echo -e "\e[00;33m[+] Private SSH keys found!:\e[00m\n$privatekeyfiles"
echo -e "\n"
fi
[ "$interactive" ] && is_interactive
fi

#look for AWS keys - thanks djhohnstein
Expand All @@ -956,6 +982,7 @@ awskeyfiles=`grep -rli "aws_secret_access_key" /home 2>/dev/null`
echo -e "\e[00;33m[+] AWS secret keys found!:\e[00m\n$awskeyfiles"
echo -e "\n"
fi
[ "$interactive" ] && is_interactive
fi

#look for git credential files - thanks djhohnstein
Expand All @@ -965,6 +992,7 @@ gitcredfiles=`find / -name ".git-credentials" 2>/dev/null`
echo -e "\e[00;33m[+] Git credentials saved on the machine!:\e[00m\n$gitcredfiles"
echo -e "\n"
fi
[ "$interactive" ] && is_interactive
fi

#list all world-writable files excluding /proc and /sys
Expand All @@ -974,13 +1002,15 @@ wwfiles=`find / ! -path "*/proc/*" ! -path "/sys/*" -perm -2 -type f -exec ls -l
echo -e "\e[00;31m[-] World-writable files (excluding /proc and /sys):\e[00m\n$wwfiles"
echo -e "\n"
fi
[ "$interactive" ] && is_interactive
fi

if [ "$thorough" = "1" ]; then
if [ "$export" ] && [ "$wwfiles" ]; then
mkdir $format/ww-files/ 2>/dev/null
for i in $wwfiles; do cp --parents $i $format/ww-files/; done 2>/dev/null
fi
[ "$interactive" ] && is_interactive
fi

#are any .plan files accessible in /home (could contain useful information)
Expand All @@ -1006,6 +1036,8 @@ if [ "$export" ] && [ "$bsdusrplan" ]; then
for i in $bsdusrplan; do cp --parents $i $format/plan_files/; done 2>/dev/null
fi

[ "$interactive" ] && is_interactive

#are there any .rhosts files accessible - these may allow us to login as another user etc.
rhostsusr=`find /home -iname *.rhosts -exec ls -la {} 2>/dev/null \; -exec cat {} 2>/dev/null \;`
if [ "$rhostsusr" ]; then
Expand Down Expand Up @@ -1061,6 +1093,7 @@ if [ "$thorough" = "1" ]; then
echo -e "$fstab"
echo -e "\n"
fi
[ "$interactive" ] && is_interactive
fi

#looking for credentials in /etc/fstab
Expand Down Expand Up @@ -1255,6 +1288,9 @@ if [ "$export" ] && [ "$readmailroot" ]; then
mkdir $format/mail-from-root/ 2>/dev/null
cp $readmailroot $format/mail-from-root/ 2>/dev/null
fi

[ "$interactive" ] && is_interactive

}

docker_checks()
Expand Down Expand Up @@ -1294,6 +1330,9 @@ if [ "$dockeryml" ]; then
echo -e "\e[00;31m[-] Anything juicy in docker-compose.yml:\e[00m\n$dockeryml"
echo -e "\n"
fi

[ "$interactive" ] && is_interactive

}

lxc_container_checks()
Expand Down Expand Up @@ -1336,13 +1375,14 @@ call_each()
footer
}

while getopts "h:k:r:e:st" option; do
while getopts "h:k:r:e:sti" option; do
case "${option}" in
k) keyword=${OPTARG};;
r) report=${OPTARG}"-"`date +"%d-%m-%y"`;;
e) export=${OPTARG};;
s) sudopass=1;;
t) thorough=1;;
i) interactive=1;;
h) usage; exit;;
*) usage; exit;;
esac
Expand Down
1 change: 1 addition & 0 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,7 @@ OPTIONS:
* -e Enter export location
* -t Include thorough (lengthy) tests
* -s Supply current user password to check sudo perms (INSECURE)
* -i Step through the output interactively
* -r Enter report name
* -h Displays this help text

Expand Down