From 066c1a623095df42731f687b19ec7184bf7d3a2b Mon Sep 17 00:00:00 2001 From: ad1s0n Date: Sat, 5 Aug 2023 14:06:59 +0200 Subject: [PATCH] Upgrading network_enum, adding env and file enum. Updating readme --- README.md | 17 +++++++++++++++- lees.sh | 61 ++++++++++++++++++++++++++++++++++++++++++++++++++++++- 2 files changed, 76 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 5a4f847..1a95702 100644 --- a/README.md +++ b/README.md @@ -10,4 +10,19 @@ For now, script perfrom these tasks: * OS release * User enumeration: * Groups - * Content of /etc/passwd and /etc/shadow \ No newline at end of file + * Content of /etc/passwd and /etc/shadow + * Checking existing users + * Sudo versions, sudo commands + * Writable files + * .ssh directories +* Network enumeration: + * ARP table + * Network interfaces + * Routing + * DNS information + * Listening TCP/UDP ports +* Evironment enumeration: + * Checkinge env variables + * Checking /etc/shells +* Files enum: + * SUID binaries \ No newline at end of file diff --git a/lees.sh b/lees.sh index 1e18b48..d24308c 100755 --- a/lees.sh +++ b/lees.sh @@ -183,6 +183,63 @@ function net_enum(){ else echo -e "[-] No listening TCP ports" fi + + # Enumerating DNS + dns=`cat /etc/resolv.conf 2>/dev/null` + if [[ $dns ]]; then + echo -e "[*] DNS info: \n$dns" + else + echo -e "[-] Can't get any DNS info" + fi + + # Route information + route=`ip r 2>/dev/null | grep default` + if [[ $route ]]; then + echo -e "[*] Route info: \n$route" + else + echo -e "[-] Can't get any route info" + fi +} + +function env_enum(){ + echo -e '\e[0;32m-------------------Performing environment enumeration-------------------\e[m' + # checking env variables + env=`env 2>/dev/null` + if [[ $env ]]; then + echo -e "[*] Env variables: \n$env" + else + echo -e "[-] Can't get any env variables" + fi + + # check current PATH + path=`echo $PATH 2>/dev/null` + if [[ $path ]]; then + echo -e "[*] Current PATH: \n$path" + else + echo -e "[-] Can't get current PATH" + fi + + # check available shells + shells=`cat /etc/shells 2>/dev/null` + if [[ $shells ]]; then + echo -e "[*] Available shells: \n$shells" + else + echo -e "[-] Can't get available shells" + fi + + +} + +function files_enum(){ + echo -e '\e[0;32m-------------------Performing files enumeration-------------------\e[m' + # checking suid binaries from GTFO, via HackTheBox + suid_binaries=`timeout 1 find / -perm -4000 -type f 2>/dev/null` + if [[ $suid_binaries ]]; then + echo -e "\e[0;31m[+] SUID binaries: \n$suid_binaries\e[m" + else + echo -e "[-] Can't get any SUID binaries" + fi + } @@ -191,4 +248,6 @@ function net_enum(){ system_enum user_enum -net_enum \ No newline at end of file +net_enum +env_enum +files_enum \ No newline at end of file