proposed extra bits to script and spelling fix#1
Conversation
strikoder
left a comment
strikoder
left a comment
There was a problem hiding this comment.
I like the script a lot, but still needs some improvements.
I'm going to change readme completely, since it has yet more typos that are not in the PR as well.
|
|
||
|
|
||
| # ---- Shell users cross-reference hunt ---- | ||
| echo -e "\n${YELLOW}[+] ${NC}Harvesting users with a login shell from /etc/passwd:" |
There was a problem hiding this comment.
I really like this idea. However, this takes a lot of time on many boxes, IRL, it should be added as a flag like --hunt-users or smth similar.
| done | ||
|
|
||
| # ---- Dot files in home directories ---- | ||
| echo -e "\n${YELLOW}[+] ${NC}Readable dot-config files in home directories:" |
There was a problem hiding this comment.
I think the dot files section could be combined with the word readable files and could put under the WRITABLE LOCATIONS section.
| fi | ||
|
|
||
| # ---- Config files readable in common app dirs ---- | ||
| echo -e "\n${YELLOW}[+] ${NC}Readable config files in common application directories:" |
There was a problem hiding this comment.
This generates a lot of noise, especially when a custom application is installed on the machine, I think manual enumeration would be better for such a case.
Thanks mate, I can try to make the requested changes during the week then push them if that's okay |
|
Of course, take your time & I'm sorry about the delay on my side, I just wanted to do some testing before merging anything into main. |
| > A focused, stable, OSCP-oriented Linux privilege escalation enumeration script. | ||
| >  | ||
| <img width="640" height="640" alt="LinEnum-ng" src="https://github.com/user-attachments/assets/bed1425d-3133-46c6-bf91-dd49ee8d47bf" /> | ||
|
|
There was a problem hiding this comment.
I mean that's not a huge diff but okay
There was a problem hiding this comment.
Could you change the repo's version to 1.0.1 so that when I accept your PR, the version in the readme and the script would be updated instantly?
| | Color output | ❌ | ✅ linPEAS-style color scheme | | ||
| | Password spray hint | ❌ | ✅ Reminds you to try found passwords against all users | | ||
| | | LinEnum | LinEnum-ng | | ||
| |---|---|---| |
| **linPEAS changes too much between versions and has too much noise for a 24H exam.** | ||
|
|
||
| If you've done enough OSCP boxes, you've hit this: a specific linPEAS version finds the vector immediately, then you update and the next version misses it entirely (happend to me on the exam), output restructured, noise level changed. | ||
| If you've done enough OSCP boxes, you've hit this: a specific linPEAS version finds the vector immediately, then you update and the next version misses it entirely (happened to me on the exam)! |
There was a problem hiding this comment.
I will just accept the typo fix in here
| | 🟣 Magenta | Exploitation steps, links, and remediation hints | | ||
| | Color | Meaning | | ||
| |-------|---------| | ||
| | **Red text on yellow background** | Confirmed vulnerability or critical misconfiguration | |
There was a problem hiding this comment.
Please keep the emojis. Also, the extra spaces in the Markdown table don't affect the rendered output, so there's no need to change them.
| | OSCP-scoped, no noise | ✅ | ⚠️ Very verbose | ✅ | | ||
| | Feature | LinEnum | linPEAS | LinEnum-ng | | ||
| |---------|---------|---------|------------| | ||
| | Kernel CVE matching | No | Yes | Yes | |
|
Thanks for the new PR! I'll put it through extensive testing and get back to you with feedback in about a week. |
|
@Prezj1 |
2 participants
proposed changes and spelling fixes