-
Notifications
You must be signed in to change notification settings - Fork 13.8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
enum_commands: Cleanup #17334
enum_commands: Cleanup #17334
Conversation
As the output is quite large it may make more sense to store the output as loot. |
2ae2f3b
to
736fee6
Compare
@@ -0,0 +1,52 @@ | |||
## Vulnerable Application | |||
|
|||
This module will check which shell commands are available on a system. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
not a blocker: I think shell commands
normally refers to inbuilt shell commands like cd
/env
/pwd
etc; Potentially the module should've been called enum_path_binaries
or similar
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Agreed, although enum_path_binaries
is not suitable either as the module searches outside of the system PATH
. I'll leave it as is.
736fee6
to
78906a8
Compare
Release NotesMultiple improvements to |
Notes
module meta information.Also fixes a few bugs:
Duplicate paths were allowed, resulting in searching the same directory more than once.
BusyBox commands were unnecessarily printed twice.
BusyBox output was not parsed properly, resulting in messed up output. For example:
This PR also adds
unix
toPlatform
. Not necessary, but there's no reason this module can't also run on UNIX sessions (ie, *NIX command sessions). Addingunix
prevents a warning message.Although untested, this module could likely be moved to
post/multi
as it should also work on Solaris, FreeBSD, Mac OSX, etc.While
find -executable
could be used, my understanding is that this module is intended to be portable (find
may not be available and-executable
applies only to the user running the command, so this would skip "commands" which may be executable for other users). Thus the existing logic in this module has been left largely untouched.