Some syntax error while passing data to sed

[dmknght]

Version: linpeas v2.4.4 by carlospolop
Tested with Parrot OS 4.8

[+] PATH
[i] Any writable folder in original PATH? (a new completed path will be exported)
./linpeas.sh: 625: sed: Argument list too long
./linpeas.sh: 626: sed: Argument list too long

[i] Check if you can mount umounted devices
./linpeas.sh: 695: sed: Argument list too long

================================( Processes, Cron & Services )================================
[+] Cleaned processes
[i] Check weird & unexpected proceses run by root: https://book.hacktricks.xyz/linux-unix/privilege-escalation#processes
./linpeas.sh: 736: sed: Argument list too long

[+] Binary processes permissions
[i] https://book.hacktricks.xyz/linux-unix/privilege-escalation#processes
./linpeas.sh: 742: sed: Argument list too long

[+] Cron jobs
[i] https://book.hacktricks.xyz/linux-unix/privilege-escalation#scheduled-jobs
./linpeas.sh: 757: sed: Argument list too long
-rw-r--r-- 1 root root 1042 Mar 10  2019 /etc/crontab

[carlospolop]

Hey @dmknght,
Could you execute

WF=`find /dev /srv /proc /home /media /sys /lost+found /run /etc /root /var /tmp /mnt /boot /opt -type d -maxdepth $MAXPATH_FIND_W -writable 2>/dev/null | sort`

Modify (but not delete as I need to see how many results you have) any confidential info and share the value of the variable $WF? I would need that value to replay the error

[dmknght]

Hey @dmknght,
Could you execute

WF=`find /dev /srv /proc /home /media /sys /lost+found /run /etc /root /var /tmp /mnt /boot /opt -type d -maxdepth $MAXPATH_FIND_W -writable 2>/dev/null | sort`

Modify (but not delete as I need to see how many results you have) any confidential info and share the value of the variable $WF? I would need that value to replay the error

Well it is empty. So i guess you should make if-else to display "not found"

[carlospolop]

That line is looking for writable files in your disk, if it's empty that means you don't have writable permissions over any file.
is that true?

[dmknght]

That line is looking for writable files in your disk, if it's empty that means you don't have writable permissions over any file.
is that true?

I have in $HOME. But you are using -type d which is directory. So as you said, you should use -type f for files.
p/s: OFC i'm having writeable files and folders in $HOME

[carlospolop]

Sorry mate, it is looking for writable directories not files, and thats good. The problem here is that you have too much writable directories that break grep. Therefore $WF shouldn't be empty.
Anyway, when I have time I will try to replicate an environment with thousands of writable directories and will find way to fix it in an efficient manner. In the meantime you can change in line 15 the code MAXPATH_FIND_W="7" for MAXPATH_FIND_W="3" as temporary fix.

[dmknght]

Sorry mate, it is looking for writable directories not files, and thats good. The problem here is that you have too much writable directories that break grep. Therefore $WF shouldn't be empty.
Anyway, when I have time I will try to replicate an environment with thousands of writable directories and will find way to fix it in an efficient manner. In the meantime you can change in line 15 the code MAXPATH_FIND_W="7" for MAXPATH_FIND_W="3" as temporary fix.

ah shit i copied your whole command and $MAXPATH_FIND_W was empty value so it didn't work. So i tested with find /root /tmp -type d -maxdepth 3 -writable 2>/dev/null and it showed.

[dmknght]

BTW the search for private key is extremely slow because of grep so many files. So do you have any idea to improve it or avoid it?

[dmknght]

The problem here is that you have too much writable directories that break grep

The maximum is 127 or 255 am i right?

[carlospolop]

Hi @dmknght,

I have uploaded a new linpeas version. In this version if should automatically check if that error is occurring an in that case find less writable directories until the error stop appearing.
Could you check if it's working on your environment?

[dmknght]

Hi @dmknght,

I have uploaded a new linpeas version. In this version if should automatically check if that error is occurring an in that case find less writable directories until the error stop appearing.
Could you check if it's working on your environment?

I'm testing it right now :D

[dmknght]

Hi @dmknght,

I have uploaded a new linpeas version. In this version if should automatically check if that error is occurring an in that case find less writable directories until the error stop appearing.
Could you check if it's working on your environment?

./linpeas.sh: 166: 7=6: not found. It shows this in a loop

[carlospolop]

Sorry mate, try now

[dmknght]

Sorry mate, try now

looks good. New version brings other problem i'm creating nnew issue right now.