Skip to content

Instantly share code, notes, and snippets.

@dmaynor

dmaynor/gist:91258a0b5b5f9a236bce032bdc1c4231

Created November 14, 2022 19:21
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 1 You must be signed in to fork a gist
  • Save dmaynor/91258a0b5b5f9a236bce032bdc1c4231 to your computer and use it in GitHub Desktop.
Save dmaynor/91258a0b5b5f9a236bce032bdc1c4231 to your computer and use it in GitHub Desktop.
Download ZIP
GITHUB Codespaces linpeas run
Raw
gistfile1.txt
▄▄▄▄▄▄▄▄▄▄▄▄▄▄
▄▄▄▄▄▄▄             ▄▄▄▄▄▄▄▄
▄▄▄▄▄▄▄      ▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄  ▄▄▄▄
▄▄▄▄     ▄ ▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄ ▄▄▄▄▄▄
▄    ▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄ ▄▄▄▄▄       ▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
▄▄▄▄▄▄▄▄▄▄▄          ▄▄▄▄▄▄               ▄▄▄▄▄▄ ▄
▄▄▄▄▄▄              ▄▄▄▄▄▄▄▄                 ▄▄▄▄ 
▄▄                  ▄▄▄ ▄▄▄▄▄                  ▄▄▄
▄▄                ▄▄▄▄▄▄▄▄▄▄▄▄                  ▄▄
▄            ▄▄ ▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄   ▄▄
▄      ▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
▄▄▄▄▄▄▄▄▄▄▄▄▄▄                                ▄▄▄▄
▄▄▄▄▄  ▄▄▄▄▄                       ▄▄▄▄▄▄     ▄▄▄▄
▄▄▄▄   ▄▄▄▄▄                       ▄▄▄▄▄      ▄ ▄▄
▄▄▄▄▄  ▄▄▄▄▄        ▄▄▄▄▄▄▄        ▄▄▄▄▄     ▄▄▄▄▄
▄▄▄▄▄▄  ▄▄▄▄▄▄▄      ▄▄▄▄▄▄▄      ▄▄▄▄▄▄▄   ▄▄▄▄▄ 
 ▄▄▄▄▄▄▄▄▄▄▄▄▄▄        ▄          ▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄ 
▄▄▄▄▄▄▄▄▄▄▄▄▄                       ▄▄▄▄▄▄▄▄▄▄▄▄▄▄
▄▄▄▄▄▄▄▄▄▄▄                         ▄▄▄▄▄▄▄▄▄▄▄▄▄▄
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄            ▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
▀▀▄▄▄   ▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄ ▄▄▄▄▄▄▄▀▀▀▀▀▀
▀▀▀▄▄▄▄▄      ▄▄▄▄▄▄▄▄▄▄  ▄▄▄▄▄▄▀▀
▀▀▀▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▀▀▀
/---------------------------------------------------------------------------------\
| Do you like PEASS? |
|---------------------------------------------------------------------------------|
| Get the latest version : https://github.com/sponsors/carlospolop |
| Follow on Twitter : @carlospolopm |
| Respect on HTB : SirBroccoli  |
|---------------------------------------------------------------------------------|
| Thank you!  |
\---------------------------------------------------------------------------------/
 linpeas-ng by carlospolop

ADVISORY: This script should be used for authorized penetration testing and/or educational purposes only. Any misuse of this software will not be the responsibility of the author or of any other collaborator. Use it at your own computers and/or with the computer owner's permission.

Linux Privesc Checklist: https://book.hacktricks.xyz/linux-hardening/linux-privilege-escalation-checklist
 LEGEND:
RED/YELLOW: 95% a PE vector
RED: You should take a look to it
LightCyan: Users with console
Blue: Users without console & mounted devs
Green: Common things (users, groups, SUID/SGID, mounts, .sh scripts, cronjobs)
LightMagenta: Your username
YOU ARE ALREADY ROOT!!! (it could take longer to complete execution)
Starting linpeas. Caching Writable Folders...
 ╔═══════════════════╗
═══════════════════════════════╣ Basic information ╠═══════════════════════════════
 ╚═══════════════════╝
OS: Linux version 5.4.0-1094-azure (buildd@lcy02-amd64-108) (gcc version 7.5.0 (Ubuntu 7.5.0-3ubuntu1~18.04)) #100~18.04.1-Ubuntu SMP Mon Oct 17 11:44:30 UTC 2022
User & Groups: uid=0(root) gid=0(root) groups=0(root)
Hostname: codespaces-554f3c
Writable folder: /dev/shm
Remember that you can use the '-t' option to call the Internet connectivity checks and automatic network recon!
[-] No network discovery capabilities (fping or ping not found)
[+] /usr/bin/bash is available for network discovery, port scanning and port forwarding (linpeas can discover hosts, scan ports, and forward ports. Learn more with -h)

Caching directories DONE

 ╔════════════════════╗
══════════════════════════════╣ System Information ╠══════════════════════════════
 ╚════════════════════╝
╔══════════╣ Operative system
╚ https://book.hacktricks.xyz/linux-hardening/privilege-escalation#kernel-exploits
Linux version 5.4.0-1094-azure (buildd@lcy02-amd64-108) (gcc version 7.5.0 (Ubuntu 7.5.0-3ubuntu1~18.04)) #100~18.04.1-Ubuntu SMP Mon Oct 17 11:44:30 UTC 2022
Distributor ID: Ubuntu
Description: Ubuntu 20.04.5 LTS
Release: 20.04
Codename: focal
╔══════════╣ Sudo version
╚ https://book.hacktricks.xyz/linux-hardening/privilege-escalation#sudo-version
Sudo version 1.8.31
╔══════════╣ CVEs Check
Vulnerable to CVE-2021-3560
Potentially Vulnerable to CVE-2022-2588
╔══════════╣ PATH
╚ https://book.hacktricks.xyz/linux-hardening/privilege-escalation#writable-path-abuses
New path exported: /opt/conda/condabin:/usr/local/rvm/gems/ruby-3.1.2/bin:/usr/local/rvm/gems/ruby-3.1.2@global/bin:/usr/local/rvm/rubies/ruby-3.1.2/bin:/usr/local/share/nvm/versions/node/v16.18.0/bin:/home/codespace/.dotnet:/home/codespace/.nodejs/current/bin:/home/codespace/.php/current/bin:/home/codespace/.python/current/bin:/home/codespace/.java/current/bin:/home/codespace/.ruby/current/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/local/bin:/usr/local/share:/home/codespace/.local/bin:/home/codespace/.dotnet:/home/codespace/.nodejs/current/bin:/home/codespace/.php/current/bin:/home/codespace/.python/current/bin:/home/codespace/.java/current/bin:/home/codespace/.ruby/current/bin:/home/codespace/.local/bin:/usr/local/oryx:/usr/local/go/bin:/go/bin:/usr/local/sdkman/bin:/usr/local/sdkman/candidates/java/current/bin:/usr/local/sdkman/candidates/gradle/current/bin:/usr/local/sdkman/candidates/maven/current/bin:/usr/local/rvm/gems/default/bin:/usr/local/rvm/gems/default@global/bin:/usr/local/rvm/rubies/default/bin:/usr/local/share/rbenv/bin:/opt/conda/bin:/usr/local/php/current/bin:/usr/local/python/current/bin:/usr/local/py-utils/bin:/usr/local/nvs:/usr/local/share/nvm/current/bin:/usr/local/hugo/bin:/usr/local/dotnet/current:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/root/.local/bin:/usr/local/rvm/bin
╔══════════╣ Date & uptime
Mon 14 Nov 2022 06:06:56 PM UTC
18:06:56 up 4:03, 0 users, load average: 0.52, 0.38, 0.39
╔══════════╣ System stats
Filesystem Size Used Avail Use% Mounted on
overlay 31G 15G 15G 50% /
tmpfs 64M 0 64M 0% /dev
tmpfs 3.9G 0 3.9G 0% /sys/fs/cgroup
shm 64M 40K 64M 1% /dev/shm
/dev/sdb1 29G 11G 19G 36% /usr/sbin/docker-init
/dev/sda1 32G 296K 30G 1% /tmp
/dev/loop0 31G 15G 15G 50% /workspaces
total used free shared buff/cache available
Mem: 8148708 1652684 150356 984 6345668 6179612
Swap: 0 0 0
╔══════════╣ CPU info
Architecture: x86_64
CPU op-mode(s): 32-bit, 64-bit
Byte Order: Little Endian
Address sizes: 46 bits physical, 48 bits virtual
CPU(s): 4
On-line CPU(s) list: 0-3
Thread(s) per core: 2
Core(s) per socket: 2
Socket(s): 1
NUMA node(s): 1
Vendor ID: GenuineIntel
CPU family: 6
Model: 85
Model name: Intel(R) Xeon(R) Platinum 8168 CPU @ 2.70GHz
Stepping: 4
CPU MHz: 2693.855
BogoMIPS: 5387.71
Virtualization: VT-x
Hypervisor vendor: Microsoft
Virtualization type: full
L1d cache: 64 KiB
L1i cache: 64 KiB
L2 cache: 2 MiB
L3 cache: 33 MiB
NUMA node0 CPU(s): 0-3
Vulnerability Itlb multihit: KVM: Mitigation: Split huge pages
Vulnerability L1tf: Mitigation; PTE Inversion; VMX conditional cache flushes, SMT vulnerable
Vulnerability Mds: Mitigation; Clear CPU buffers; SMT Host state unknown
Vulnerability Meltdown: Mitigation; PTI
Vulnerability Mmio stale data: Vulnerable: Clear CPU buffers attempted, no microcode; SMT Host state unknown
Vulnerability Spec store bypass: Vulnerable
Vulnerability Spectre v1: Mitigation; usercopy/swapgs barriers and __user pointer sanitization
Vulnerability Spectre v2: Mitigation; Retpolines, STIBP disabled, RSB filling, PBRSB-eIBRS Not affected
Vulnerability Srbds: Not affected
Vulnerability Tsx async abort: Mitigation; Clear CPU buffers; SMT Host state unknown
Flags: fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 ss ht syscall nx pdpe1gb rdtscp lm constant_tsc rep_good nopl xtopology cpuid pni pclmulqdq vmx ssse3 fma cx16 pcid sse4_1 sse4_2 movbe popcnt aes xsave avx f16c rdrand hypervisor lahf_lm abm 3dnowprefetch invpcid_single pti tpr_shadow vnmi ept vpid fsgsbase bmi1 hle avx2 smep bmi2 erms invpcid rtm avx512f avx512dq rdseed adx smap clflushopt avx512cd avx512bw avx512vl xsaveopt xsavec xsaves md_clear
╔══════════╣ Any sd*/disk* disk in /dev? (limit 20)
sda
sda1
sdb
sdb1
sdb14
sdb15
╔══════════╣ Unmounted file-system?
╚ Check if you can mount umounted devices

╔══════════╣ Environment
╚ Any private information inside environment variables?
SUDO_GID=1000
DOCKER_BUILDKIT=1
LESSOPEN=| /usr/bin/lesspipe %s
ENABLE_DYNAMIC_INSTALL=true
HISTFILESIZE=0
SDKMAN_VERSION=5.16.0
PYTHONIOENCODING=UTF-8
MAIL=/var/mail/root
USER=root
RVM_PATH=/usr/local/rvm
HOSTNAME=codespaces-554f3c
PIPX_HOME=/usr/local/py-utils
CONDA_SCRIPT=/opt/conda/etc/profile.d/conda.sh
SHLVL=1
HUGO_ROOT=/home/codespace/.hugo
HOME=/root
CONDA_SHLVL=0
ORYX_ENV_TYPE=vsonline-present
NVM_BIN=/usr/local/share/nvm/versions/node/v16.18.0/bin
NVM_INC=/usr/local/share/nvm/versions/node/v16.18.0/include/node
CODESPACES=true
PIPX_BIN_DIR=/usr/local/py-utils/bin
DYNAMIC_INSTALL_ROOT_DIR=/opt
NVM_SYMLINK_CURRENT=true
GRADLE_HOME=/usr/local/sdkman/candidates/gradle/current
ORYX_DIR=/usr/local/oryx
MAVEN_HOME=/usr/local/sdkman/candidates/maven/current
JUPYTERLAB_PATH=/home/codespace/.local/bin
GOROOT=/usr/local/go
NODE_ROOT=/home/codespace/.nodejs
COLORTERM=truecolor
_CE_M=
PYTHON_PATH=/usr/local/python/current
NVM_DIR=/usr/local/share/nvm
DOTNET_SKIP_FIRST_TIME_EXPERIENCE=1
SUDO_UID=1000
LOGNAME=root
ContainerVersion=12
NVS_HOME=/home/codespace/.nvs
RepositoryName=codespaces-jupyter
rvm_bin_path=/usr/local/rvm/bin
SDKMAN_CANDIDATES_API=https://api.sdkman.io/2
_=./linpeas.sh
RUBY_VERSION=ruby-3.1.2
PROMPT_DIRTRIM=4
IRBRC=/usr/local/rvm/rubies/ruby-3.1.2/.irbrc
TERM=xterm-256color
DOTNET_ROOT=/usr/local/dotnet/current
NVS_DIR=/usr/local/nvs
_CE_CONDA=
PHP_ROOT=/home/codespace/.php
PATH=/opt/conda/condabin:/usr/local/rvm/gems/ruby-3.1.2/bin:/usr/local/rvm/gems/ruby-3.1.2@global/bin:/usr/local/rvm/rubies/ruby-3.1.2/bin:/usr/local/share/nvm/versions/node/v16.18.0/bin:/home/codespace/.dotnet:/home/codespace/.nodejs/current/bin:/home/codespace/.php/current/bin:/home/codespace/.python/current/bin:/home/codespace/.java/current/bin:/home/codespace/.ruby/current/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/local/bin:/usr/local/share:/home/codespace/.local/bin:/home/codespace/.dotnet:/home/codespace/.nodejs/current/bin:/home/codespace/.php/current/bin:/home/codespace/.python/current/bin:/home/codespace/.java/current/bin:/home/codespace/.ruby/current/bin:/home/codespace/.local/bin:/usr/local/oryx:/usr/local/go/bin:/go/bin:/usr/local/sdkman/bin:/usr/local/sdkman/candidates/java/current/bin:/usr/local/sdkman/candidates/gradle/current/bin:/usr/local/sdkman/candidates/maven/current/bin:/usr/local/rvm/gems/default/bin:/usr/local/rvm/gems/default@global/bin:/usr/local/rvm/rubies/default/bin:/usr/local/share/rbenv/bin:/opt/conda/bin:/usr/local/php/current/bin:/usr/local/python/current/bin:/usr/local/py-utils/bin:/usr/local/nvs:/usr/local/share/nvm/current/bin:/usr/local/hugo/bin:/usr/local/dotnet/current:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/root/.local/bin:/usr/local/rvm/bin
JAVA_ROOT=/home/codespace/.java
SDKMAN_CANDIDATES_DIR=/usr/local/sdkman/candidates
NPM_GLOBAL=/home/codespace/.npm-global
HUGO_DIR=/usr/local/hugo/bin
MY_RUBY_HOME=/usr/local/rvm/rubies/ruby-3.1.2
LANG=en_US.UTF-8
HISTSIZE=0
LS_COLORS=rs=0:di=01;34:ln=01;36:mh=00:pi=40;33:so=01;35:do=01;35:bd=40;33;01:cd=40;33;01:or=40;31;01:mi=00:su=37;41:sg=30;43:ca=30;41:tw=30;42:ow=34;42:st=37;44:ex=01;32:*.tar=01;31:*.tgz=01;31:*.arc=01;31:*.arj=01;31:*.taz=01;31:*.lha=01;31:*.lz4=01;31:*.lzh=01;31:*.lzma=01;31:*.tlz=01;31:*.txz=01;31:*.tzo=01;31:*.t7z=01;31:*.zip=01;31:*.z=01;31:*.dz=01;31:*.gz=01;31:*.lrz=01;31:*.lz=01;31:*.lzo=01;31:*.xz=01;31:*.zst=01;31:*.tzst=01;31:*.bz2=01;31:*.bz=01;31:*.tbz=01;31:*.tbz2=01;31:*.tz=01;31:*.deb=01;31:*.rpm=01;31:*.jar=01;31:*.war=01;31:*.ear=01;31:*.sar=01;31:*.rar=01;31:*.alz=01;31:*.ace=01;31:*.zoo=01;31:*.cpio=01;31:*.7z=01;31:*.rz=01;31:*.cab=01;31:*.wim=01;31:*.swm=01;31:*.dwm=01;31:*.esd=01;31:*.jpg=01;35:*.jpeg=01;35:*.mjpg=01;35:*.mjpeg=01;35:*.gif=01;35:*.bmp=01;35:*.pbm=01;35:*.pgm=01;35:*.ppm=01;35:*.tga=01;35:*.xbm=01;35:*.xpm=01;35:*.tif=01;35:*.tiff=01;35:*.png=01;35:*.svg=01;35:*.svgz=01;35:*.mng=01;35:*.pcx=01;35:*.mov=01;35:*.mpg=01;35:*.mpeg=01;35:*.m2v=01;35:*.mkv=01;35:*.webm=01;35:*.ogm=01;35:*.mp4=01;35:*.m4v=01;35:*.mp4v=01;35:*.vob=01;35:*.qt=01;35:*.nuv=01;35:*.wmv=01;35:*.asf=01;35:*.rm=01;35:*.rmvb=01;35:*.flc=01;35:*.avi=01;35:*.fli=01;35:*.flv=01;35:*.gl=01;35:*.dl=01;35:*.xcf=01;35:*.xwd=01;35:*.yuv=01;35:*.cgm=01;35:*.emf=01;35:*.ogv=01;35:*.ogx=01;35:*.aac=00;36:*.au=00;36:*.flac=00;36:*.m4a=00;36:*.mid=00;36:*.midi=00;36:*.mka=00;36:*.mp3=00;36:*.mpc=00;36:*.ogg=00;36:*.ra=00;36:*.wav=00;36:*.oga=00;36:*.opus=00;36:*.spx=00;36:*.xspf=00;36:
SDKMAN_DIR=/usr/local/sdkman
RUBY_ROOT=/home/codespace/.ruby
SDKMAN_PLATFORM=linuxx64
SUDO_COMMAND=/usr/bin/bash
CONDA_PYTHON_EXE=/opt/conda/bin/python
SHELL=/bin/bash
GOPATH=/go
rvm_prefix=/usr/local
SUDO_USER=codespace
GEM_HOME=/usr/local/rvm/gems/ruby-3.1.2
LESSCLOSE=/usr/bin/lesspipe %s %s
ORYX_PREFER_USER_INSTALLED_SDKS=true
ORYX_SDK_STORAGE_BASE_URL=https://oryx-cdn.microsoft.io
rvm_version=1.29.12 (latest)
CONDA_DIR=/opt/conda
DEBIAN_FLAVOR=focal-scm
JAVA_HOME=/usr/local/sdkman/candidates/java/current
PWD=/home/codespace
GEM_PATH=/usr/local/rvm/gems/ruby-3.1.2:/usr/local/rvm/gems/ruby-3.1.2@global
CONDA_EXE=/opt/conda/bin/conda
NVM_CD_FLAGS=
PYTHON_ROOT=/home/codespace/.python
PHP_PATH=/usr/local/php/current
RAILS_DEVELOPMENT_HOSTS=.githubpreview.dev,.app.github.dev
HISTFILE=/dev/null
MAVEN_ROOT=/home/codespace/.maven
RUBY_HOME=/usr/local/rvm/rubies/default
rvm_path=/usr/local/rvm
NUGET_XMLDOC_MODE=skip
╔══════════╣ Searching Signature verification failed in dmesg
╚ https://book.hacktricks.xyz/linux-hardening/privilege-escalation#dmesg-signature-verification-failed
dmesg Not Found

╔══════════╣ Executing Linux Exploit Suggester
╚ https://github.com/mzet-/linux-exploit-suggester
[+] [CVE-2022-2586] nft_object UAF
Details: https://www.openwall.com/lists/oss-security/2022/08/29/5
Exposure: probable
Tags: [ ubuntu=(20.04) ]{kernel:5.12.13}
Download URL: https://www.openwall.com/lists/oss-security/2022/08/29/5/1
Comments: kernel.unprivileged_userns_clone=1 required (to obtain CAP_NET_ADMIN)
[+] [CVE-2021-4034] PwnKit
Details: https://www.qualys.com/2022/01/25/cve-2021-4034/pwnkit.txt
Exposure: probable
Tags: [ ubuntu=10|11|12|13|14|15|16|17|18|19|20|21 ],debian=7|8|9|10|11,fedora,manjaro
Download URL: https://codeload.github.com/berdav/CVE-2021-4034/zip/main
[+] [CVE-2021-3156] sudo Baron Samedit
Details: https://www.qualys.com/2021/01/26/cve-2021-3156/baron-samedit-heap-based-overflow-sudo.txt
Exposure: probable
Tags: mint=19,[ ubuntu=18|20 ], debian=10
Download URL: https://codeload.github.com/blasty/CVE-2021-3156/zip/main
[+] [CVE-2021-3156] sudo Baron Samedit 2
Details: https://www.qualys.com/2021/01/26/cve-2021-3156/baron-samedit-heap-based-overflow-sudo.txt
Exposure: probable
Tags: centos=6|7|8,[ ubuntu=14|16|17|18|19|20 ], debian=9|10
Download URL: https://codeload.github.com/worawit/CVE-2021-3156/zip/main
[+] [CVE-2021-22555] Netfilter heap out-of-bounds write
Details: https://google.github.io/security-research/pocs/linux/cve-2021-22555/writeup.html
Exposure: probable
Tags: [ ubuntu=20.04 ]{kernel:5.8.0-*}
Download URL: https://raw.githubusercontent.com/google/security-research/master/pocs/linux/cve-2021-22555/exploit.c
ext-url: https://raw.githubusercontent.com/bcoles/kernel-exploits/master/CVE-2021-22555/exploit.c
Comments: ip_tables kernel module must be loaded
[+] [CVE-2022-32250] nft_object UAF (NFT_MSG_NEWSET)
Details: https://research.nccgroup.com/2022/09/01/settlers-of-netlink-exploiting-a-limited-uaf-in-nf_tables-cve-2022-32250/
https://blog.theori.io/research/CVE-2022-32250-linux-kernel-lpe-2022/
Exposure: less probable
Tags: ubuntu=(22.04){kernel:5.15.0-27-generic}
Download URL: https://raw.githubusercontent.com/theori-io/CVE-2022-32250-exploit/main/exp.c
Comments: kernel.unprivileged_userns_clone=1 required (to obtain CAP_NET_ADMIN)
[+] [CVE-2021-27365] linux-iscsi
Details: https://blog.grimm-co.com/2021/03/new-old-bugs-in-linux-kernel.html
Exposure: less probable
Tags: RHEL=8
Download URL: https://codeload.github.com/grimm-co/NotQuite0DayFriday/zip/trunk
Comments: CONFIG_SLAB_FREELIST_HARDENED must not be enabled
╔══════════╣ Executing Linux Exploit Suggester 2
╚ https://github.com/jondonas/linux-exploit-suggester-2

╔══════════╣ Protections
═╣ AppArmor enabled? .............. /etc/apparmor.d
═╣ grsecurity present? ............ grsecurity Not Found
═╣ PaX bins present? .............. PaX Not Found
═╣ Execshield enabled? ............ Execshield Not Found
═╣ SELinux enabled? ............... sestatus Not Found
═╣ Seccomp enabled? ............... disabled
═╣ AppArmor profile? .............. unconfined
═╣ User namespace? ................ enabled
═╣ Cgroup2 enabled? ............... enabled
═╣ Is ASLR enabled? ............... Yes
═╣ Printer? ....................... No
═╣ Is this a virtual machine? ..... Yes (docker)
 ╔═══════════╗
═══════════════════════════════════╣ Container ╠═══════════════════════════════════
 ╚═══════════╝
╔══════════╣ Container related tools present
/usr/bin/docker
/usr/local/bin/kubectl
/usr/bin/runc
╔══════════╣ Am I Containered?
╔══════════╣ Container details
═╣ Is this a container? ........... docker
═╣ Any running containers? ........ No
╔══════════╣ Docker Container details
═╣ Am I inside Docker group ....... No
═╣ Looking and enumerating Docker Sockets
You don't have write permissions over interesting socket /run/docker/containerd/containerd.sock
You don't have write permissions over interesting socket /run/docker.sock
You don't have write permissions over interesting socket /var/lib/systemd/deb-systemd-helper-enabled/sockets.target.wants/docker.socket
You don't have write permissions over interesting socket /etc/systemd/system/sockets.target.wants/docker.socket
You don't have write permissions over interesting socket /usr/lib/systemd/system/docker.socket
═╣ Docker version ................. Not Found
═╣ Vulnerable to CVE-2019-5736 .... Not Found
═╣ Vulnerable to CVE-2019-13139 ... Not Found
═╣ Rootless Docker? ................ No

/dev/sdb1 29G 11G 19G 36% /usr/sbin/docker-init
╔══════════╣ Docker Overlays
/dev/sdb1 29G 11G 19G 36% /usr/sbin/docker-init
╔══════════╣ Container & breakout enumeration
╚ https://book.hacktricks.xyz/linux-hardening/privilege-escalation/docker-breakout
═╣ Container ID ................... codespaces-554f3c═╣ Container Full ID .............. da49b08ad78e7b81e94915da01383394dc365faf8b2d1ac49fd9f24d658396c2
═╣ Seccomp enabled? ............... disabled
═╣ AppArmor profile? .............. unconfined
═╣ User proc namespace? ........... enabled
═╣ Vulnerable to CVE-2019-5021 .... No

══╣ Breakout via mounts
╚ https://book.hacktricks.xyz/linux-hardening/privilege-escalation/docker-breakout/docker-breakout-privilege-escalation/sensitive-mounts
═╣ release_agent breakout 1........ No
═╣ release_agent breakout 2........ Yes
═╣ core_pattern breakout .......... Yes
═╣ binfmt_misc breakout ........... No
═╣ uevent_helper breakout ......... Yes
═╣ core_pattern breakout .......... Yes
═╣ is modprobe present ............ No
═╣ DoS via panic_on_oom ........... Yes
═╣ DoS via panic_sys_fs ........... Yes
═╣ DoS via sysreq_trigger_dos ..... Yes
═╣ /proc/config.gz readable ....... No
═╣ /proc/sched_debug readable ..... Yes
═╣ /proc/*/mountinfo readable ..... Yes
═╣ /sys/kernel/security present ... Yes
═╣ /sys/kernel/security writable .. No
═╣ /proc/kmsg readable ............ Yes
═╣ /proc/kallsyms readable ........ Yes
═╣ /proc/self/mem readable ........ Yes
═╣ /proc/kcore readable ........... No
═╣ /proc/kmem readable ............ No
═╣ /proc/kmem writable ............ No
═╣ /proc/mem readable ............. No
═╣ /proc/mem writable ............. No
═╣ /sys/kernel/vmcoreinfo readable Yes
═╣ /sys/firmware/efi/vars writable No
═╣ /sys/firmware/efi/efivars writable No

══╣ Namespaces
╚ https://book.hacktricks.xyz/linux-hardening/privilege-escalation/docker-breakout/namespaces
total 0
lrwxrwxrwx 1 root root 0 Nov 14 18:07 cgroup -> cgroup:[4026531835]
lrwxrwxrwx 1 root root 0 Nov 14 18:07 ipc -> ipc:[4026532181]
lrwxrwxrwx 1 root root 0 Nov 14 18:07 mnt -> mnt:[4026532179]
lrwxrwxrwx 1 root root 0 Nov 14 18:07 net -> net:[4026531992]
lrwxrwxrwx 1 root root 0 Nov 14 18:07 pid -> pid:[4026532182]
lrwxrwxrwx 1 root root 0 Nov 14 18:07 pid_for_children -> pid:[4026532182]
lrwxrwxrwx 1 root root 0 Nov 14 18:07 user -> user:[4026531837]
lrwxrwxrwx 1 root root 0 Nov 14 18:07 uts -> uts:[4026532180]
╔══════════╣ Container Capabilities
╚ https://book.hacktricks.xyz/linux-hardening/privilege-escalation/docker-breakout/docker-breakout-privilege-escalation#capabilities-abuse-escape
Current: =ep
Bounding set =cap_chown,cap_dac_override,cap_dac_read_search,cap_fowner,cap_fsetid,cap_kill,cap_setgid,cap_setuid,cap_setpcap,cap_linux_immutable,cap_net_bind_service,cap_net_broadcast,cap_net_admin,cap_net_raw,cap_ipc_lock,cap_ipc_owner,cap_sys_module,cap_sys_rawio,cap_sys_chroot,cap_sys_ptrace,cap_sys_pacct,cap_sys_admin,cap_sys_boot,cap_sys_nice,cap_sys_resource,cap_sys_time,cap_sys_tty_config,cap_mknod,cap_lease,cap_audit_write,cap_audit_control,cap_setfcap,cap_mac_override,cap_mac_admin,cap_syslog,cap_wake_alarm,cap_block_suspend,cap_audit_read
Ambient set =
Securebits: 00/0x0/1'b0
secure-noroot: no (unlocked)
secure-no-suid-fixup: no (unlocked)
secure-keep-caps: no (unlocked)
secure-no-ambient-raise: no (unlocked)
uid=0(root) euid=0(root)
gid=0(root)
groups=0(root)
Guessed mode: UNCERTAIN (0)
╔══════════╣ Privilege Mode
Privilege Mode is enabled
╔══════════╣ Interesting Files Mounted
overlay on / type overlay (rw,relatime,lowerdir=/var/lib/docker/overlay2/l/U6QP4WRU345SM53YRYZSPCZLX7:/var/lib/docker/overlay2/l/T2P7IZAJQHA3UGFM744EDYK5NB:/var/lib/docker/overlay2/l/E2IMSATUS2KSVNV3CTUS7ZT6MT:/var/lib/docker/overlay2/l/GZQXABIYYL65KSW6UF6JQZKWVZ:/var/lib/docker/overlay2/l/7XLQCILZ22OGSFL7T47LLUWPN6:/var/lib/docker/overlay2/l/6UNR22V76WMN6ZRWPPJNGRHH7P:/var/lib/docker/overlay2/l/W5SJEWMAGIUUDSV623GURFB3PH:/var/lib/docker/overlay2/l/NCGJANFBJWZQO6A4PQ3G3H3IQX:/var/lib/docker/overlay2/l/WLAGLMSPVGKTB2J2R2ZC3ZSFC2:/var/lib/docker/overlay2/l/WUMN4SHZP72SQJQW4DQCFAGFCY:/var/lib/docker/overlay2/l/JODJGTA34JZ4EJ5HRXSVWE4UQG:/var/lib/docker/overlay2/l/W3CRUVNM3NWRUDXELURZ3Y66K7:/var/lib/docker/overlay2/l/AXOA2X4TJVC7WI3ZKBHTAGUWQP:/var/lib/docker/overlay2/l/OEK6QUFME4GLMSC2LETXEKGHUX:/var/lib/docker/overlay2/l/DDLRA2DOYWVXYY7CIBFPCU3MN3:/var/lib/docker/overlay2/l/IBM4WTQ7DUQUXHJYWDLOWD4LVW:/var/lib/docker/overlay2/l/AN2TZ5GM7FWI7I3HUQQZ2WKBG3:/var/lib/docker/overlay2/l/DAOPO4RXJXIEQJFZFKZ6IOL5FH:/var/lib/docker/overlay2/l/NMB4VXH5H2EZ35PLMKF33D633Z:/var/lib/docker/overlay2/l/X535JLOHSX5UMFTGRE7JLJJU36:/var/lib/docker/overlay2/l/WLNS77KBOZIB22CCUBZRY7FNKV:/var/lib/docker/overlay2/l/QJUIS7NQQGN4XJHZGCNVFIVOIG:/var/lib/docker/overlay2/l/PNPSE3CAAHZEVYRUYBBBH4FOXM:/var/lib/docker/overlay2/l/BS5AS4URQYSMCWF7C7Y47MVLG2:/var/lib/docker/overlay2/l/L2H55OACNXQCTTCS5W5X4WVO25:/var/lib/docker/overlay2/l/DLOCX7IIJLVIDCX5ALT7USA5YH:/var/lib/docker/overlay2/l/GEG4ZNJFSYXET25NSR7JI3VEIN:/var/lib/docker/overlay2/l/4DKUGNX4WYNNLBJ24HFULV2JXA:/var/lib/docker/overlay2/l/VDF46ZDSFE2WRD2ZZGNUV5HYH5:/var/lib/docker/overlay2/l/NPQSQ75HTLQKBWH4FAW4FHSAMR:/var/lib/docker/overlay2/l/LNGEQS3TLKZAEK7S53E4TMIHR5:/var/lib/docker/overlay2/l/MRCVMPDL76A3L5Q7ZGTEE2PHZC:/var/lib/docker/overlay2/l/6E4MJUNPGWIPJITZI5QY2XYXI2,upperdir=/var/lib/docker/overlay2/91f010747c8e258a60079e9f385661c3517611040bb6b80e657b201c89037db1/diff,workdir=/var/lib/docker/overlay2/91f010747c8e258a60079e9f385661c3517611040bb6b80e657b201c89037db1/work,xino=off)
proc on /proc type proc (rw,nosuid,nodev,noexec,relatime)
tmpfs on /dev type tmpfs (rw,nosuid,size=65536k,mode=755)
devpts on /dev/pts type devpts (rw,nosuid,noexec,relatime,gid=5,mode=620,ptmxmode=666)
sysfs on /sys type sysfs (rw,nosuid,nodev,noexec,relatime)
tmpfs on /sys/fs/cgroup type tmpfs (rw,nosuid,nodev,noexec,relatime,mode=755)
cgroup on /sys/fs/cgroup/systemd type cgroup (rw,nosuid,nodev,noexec,relatime,xattr,name=systemd)
cgroup on /sys/fs/cgroup/hugetlb type cgroup (rw,nosuid,nodev,noexec,relatime,hugetlb)
cgroup on /sys/fs/cgroup/cpu,cpuacct type cgroup (rw,nosuid,nodev,noexec,relatime,cpu,cpuacct)
cgroup on /sys/fs/cgroup/blkio type cgroup (rw,nosuid,nodev,noexec,relatime,blkio)
cgroup on /sys/fs/cgroup/pids type cgroup (rw,nosuid,nodev,noexec,relatime,pids)
cgroup on /sys/fs/cgroup/cpuset type cgroup (rw,nosuid,nodev,noexec,relatime,cpuset)
cgroup on /sys/fs/cgroup/perf_event type cgroup (rw,nosuid,nodev,noexec,relatime,perf_event)
cgroup on /sys/fs/cgroup/devices type cgroup (rw,nosuid,nodev,noexec,relatime,devices)
cgroup on /sys/fs/cgroup/rdma type cgroup (rw,nosuid,nodev,noexec,relatime,rdma)
cgroup on /sys/fs/cgroup/net_cls,net_prio type cgroup (rw,nosuid,nodev,noexec,relatime,net_cls,net_prio)
cgroup on /sys/fs/cgroup/memory type cgroup (rw,nosuid,nodev,noexec,relatime,memory)
cgroup on /sys/fs/cgroup/freezer type cgroup (rw,nosuid,nodev,noexec,relatime,freezer)
mqueue on /dev/mqueue type mqueue (rw,nosuid,nodev,noexec,relatime)
shm on /dev/shm type tmpfs (rw,nosuid,nodev,noexec,relatime,size=65536k)
/dev/sdb1 on /usr/sbin/docker-init type ext4 (ro,relatime,discard) [cloudimg-rootfs]
/dev/sda1 on /tmp type ext4 (rw,relatime)
/dev/sdb1 on /vscode type ext4 (rw,relatime,discard) [cloudimg-rootfs]
/dev/loop0 on /workspaces type ext4 (rw,nodev,relatime)
/dev/sdb1 on /.codespaces/bin type ext4 (rw,relatime,discard) [cloudimg-rootfs]
/dev/loop0 on /etc/hosts type ext4 (rw,nodev,relatime)
/dev/loop0 on /etc/resolv.conf type ext4 (rw,nodev,relatime)
/dev/loop0 on /etc/hostname type ext4 (rw,nodev,relatime)
/dev/loop0 on /var/lib/docker type ext4 (rw,nodev,relatime)
/dev/loop0 on /workspaces/.codespaces/.persistedshare type ext4 (rw,nodev,relatime)
/dev/sdb1 on /workspaces/.codespaces/shared type ext4 (rw,relatime,discard) [cloudimg-rootfs]
/dev/loop0 on /home/vscode/.minikube type ext4 (rw,nodev,relatime)
none on /sys/kernel/security type securityfs (rw,relatime)
cgroup on /tmp/cgroup_3628d4 type cgroup (rw,relatime,memory)
╔══════════╣ Possible Entrypoints
lrwxrwxrwx 1 root root 17 Feb 23 2019 /lib/tkConfig.sh -> tk8.6/tkConfig.sh
lrwxrwxrwx 1 root root 19 Feb 23 2019 /lib/tclConfig.sh -> tcl8.6/tclConfig.sh
lrwxrwxrwx 1 root root 21 Feb 23 2019 /lib/tclooConfig.sh -> tcl8.6/tclooConfig.sh
-rwxr-xr-x 1 root root 4.6K Mar 22 2020 /bin/gettext.sh
 ╔═══════╗
═════════════════════════════════════╣ Cloud ╠═════════════════════════════════════
 ╚═══════╝
═╣ Google Cloud Platform? ............... No
═╣ AWS ECS? ............................. No
═╣ AWS EC2? ............................. No
═╣ AWS Lambda? .......................... No

 ╔════════════════════════════════════════════════╗
════════════════╣ Processes, Crons, Timers, Services and Sockets ╠════════════════
 ╚════════════════════════════════════════════════╝
╔══════════╣ Cleaned processes
╚ Check weird & unexpected proceses run by root: https://book.hacktricks.xyz/linux-hardening/privilege-escalation#processes
codespa+ 6728 0.0 0.3 319248 32192 ? Ssl 17:47 0:00 /home/codespace/.vscode-remote/bin/6261075646f055b99068d3688932416f2346dd3b/node -e ????const net = require('net'); ????const fs = require('fs'); ????process.stdin.pause(); ????const client = net.createConnection({ host: '127.0.0.1', port: 41617 }, () => { ?????console.error('Connection established'); ?????client.pipe(process.stdout); ?????process.stdin.pipe(client); ????}); ????client.on('close', function (hadError) { ?????console.error(hadError ? 'Remote close with error' : 'Remote close'); ?????process.exit(hadError ? 1 : 0); ????}); ????client.on('error', function (err) { ?????process.stderr.write(err && (err.stack || err.message) || String(err)); ????}); ????process.stdin.on('close', function (hadError) { ?????console.error(hadError ? 'Remote stdin close with error' : 'Remote stdin close'); ?????process.exit(hadError ? 1 : 0); ????}); ????process.on('uncaughtException', function (err) { ?????fs.writeSync(process.stderr.fd, `Uncaught Exception: ${String(err && (err.stack || err.message) || err)}n`); ????}); ???
codespa+ 6701 0.0 0.3 319248 32208 ? Ssl 17:47 0:00 /home/codespace/.vscode-remote/bin/6261075646f055b99068d3688932416f2346dd3b/node -e ????const net = require('net'); ????const fs = require('fs'); ????process.stdin.pause(); ????const client = net.createConnection({ host: '127.0.0.1', port: 41617 }, () => { ?????console.error('Connection established'); ?????client.pipe(process.stdout); ?????process.stdin.pipe(client); ????}); ????client.on('close', function (hadError) { ?????console.error(hadError ? 'Remote close with error' : 'Remote close'); ?????process.exit(hadError ? 1 : 0); ????}); ????client.on('error', function (err) { ?????process.stderr.write(err && (err.stack || err.message) || String(err)); ????}); ????process.stdin.on('close', function (hadError) { ?????console.error(hadError ? 'Remote stdin close with error' : 'Remote stdin close'); ?????process.exit(hadError ? 1 : 0); ????}); ????process.on('uncaughtException', function (err) { ?????fs.writeSync(process.stderr.fd, `Uncaught Exception: ${String(err && (err.stack || err.message) || err)}n`); ????}); ???
root 6408 0.0 0.0 2608 596 ? Ss 17:47 0:00 /bin/sh
codespa+ 6337 0.0 0.0 2608 1648 ? Ss 17:47 0:00 /bin/sh
root 4829 0.0 0.0 2608 528 ? Ss 17:47 0:00 /bin/sh
codespa+ 4682 0.0 0.0 2608 1628 ? Ss 17:47 0:00 /bin/sh
codespa+ 4199 0.1 0.5 588132 45088 ? Ssl 17:47 0:01 /home/codespace/.vscode-remote/bin/6261075646f055b99068d3688932416f2346dd3b/node -e ????const net = require('net'); ????const fs = require('fs'); ????process.stdin.pause(); ????const client = net.createConnection({ host: '127.0.0.1', port: 41617 }, () => { ?????console.error('Connection established'); ?????client.pipe(process.stdout); ?????process.stdin.pipe(client); ????}); ????client.on('close', function (hadError) { ?????console.error(hadError ? 'Remote close with error' : 'Remote close'); ?????process.exit(hadError ? 1 : 0); ????}); ????client.on('error', function (err) { ?????process.stderr.write(err && (err.stack || err.message) || String(err)); ????}); ????process.stdin.on('close', function (hadError) { ?????console.error(hadError ? 'Remote stdin close with error' : 'Remote stdin close'); ?????process.exit(hadError ? 1 : 0); ????}); ????process.on('uncaughtException', function (err) { ?????fs.writeSync(process.stderr.fd, `Uncaught Exception: ${String(err && (err.stack || err.message) || err)}n`); ????}); ???
codespa+ 4170 0.1 0.5 586492 44384 ? Ssl 17:47 0:01 /home/codespace/.vscode-remote/bin/6261075646f055b99068d3688932416f2346dd3b/node -e ????const net = require('net'); ????const fs = require('fs'); ????process.stdin.pause(); ????const client = net.createConnection({ host: '127.0.0.1', port: 41617 }, () => { ?????console.error('Connection established'); ?????client.pipe(process.stdout); ?????process.stdin.pipe(client); ????}); ????client.on('close', function (hadError) { ?????console.error(hadError ? 'Remote close with error' : 'Remote close'); ?????process.exit(hadError ? 1 : 0); ????}); ????client.on('error', function (err) { ?????process.stderr.write(err && (err.stack || err.message) || String(err)); ????}); ????process.stdin.on('close', function (hadError) { ?????console.error(hadError ? 'Remote stdin close with error' : 'Remote stdin close'); ?????process.exit(hadError ? 1 : 0); ????}); ????process.on('uncaughtException', function (err) { ?????fs.writeSync(process.stderr.fd, `Uncaught Exception: ${String(err && (err.stack || err.message) || err)}n`); ????}); ???
codespa+ 4090 0.0 0.0 2616 604 ? Ss 17:47 0:00 sh /home/codespace/.vscode-remote/bin/6261075646f055b99068d3688932416f2346dd3b/server.sh --log trace --force-disable-user-env --server-data-dir /home/codespace/.vscode-remote --accept-server-license-terms --host 127.0.0.1 --port 0 --connection-secret /home/codespace/.vscode-remote/data/Machine/.connection-token-6261075646f055b99068d3688932416f2346dd3b --extensions-download-dir /home/codespace/.vscode-remote/extensionsCache --install-builtin-extension GitHub.vscode-pull-request-github --install-builtin-extension github.github-vscode-theme --install-builtin-extension github.codespaces --install-extension GitHub.vscode-pull-request-github --install-extension ms-toolsai.jupyter --install-extension ms-python.python --do-not-sync --start-server --enable-remote-auto-shutdown
codespa+ 4097 4.1 1.3 970024 113244 ? Sl 17:47 0:50 _ /home/codespace/.vscode-remote/bin/6261075646f055b99068d3688932416f2346dd3b/node /home/codespace/.vscode-remote/bin/6261075646f055b99068d3688932416f2346dd3b/out/server-main.js --compatibility=1.63 --log trace --force-disable-user-env --server-data-dir /home/codespace/.vscode-remote --accept-server-license-terms --host 127.0.0.1 --port 0 --connection-secret /home/codespace/.vscode-remote/data/Machine/.connection-token-6261075646f055b99068d3688932416f2346dd3b --extensions-download-dir /home/codespace/.vscode-remote/extensionsCache --install-builtin-extension GitHub.vscode-pull-request-github --install-builtin-extension github.github-vscode-theme --install-builtin-extension github.codespaces --install-extension GitHub.vscode-pull-request-github --install-extension ms-toolsai.jupyter --install-extension ms-python.python --do-not-sync --start-server --enable-remote-auto-shutdown
codespa+ 4124 0.4 0.7 662584 62132 ? Sl 17:47 0:05 _ /vscode/bin/linux-x64/6261075646f055b99068d3688932416f2346dd3b/node /vscode/bin/linux-x64/6261075646f055b99068d3688932416f2346dd3b/out/bootstrap-fork --type=ptyHost --logsPath /home/codespace/.vscode-remote/data/logs/20221114T174708
codespa+ 7186 0.0 0.1 15040 12140 pts/2 Ss 17:47 0:00 | _ /usr/bin/bash --init-file /vscode/bin/linux-x64/6261075646f055b99068d3688932416f2346dd3b/out/vs/workbench/contrib/terminal/browser/media/shellIntegration-bash.sh
root 31525 0.0 0.0 8468 3940 pts/2 S 18:06 0:00 | _ sudo bash
root 31526 0.1 0.1 13716 10424 pts/2 S 18:06 0:00 | _ bash
root 32108 0.2 0.0 3532 2712 pts/2 S+ 18:06 0:00 | _ /bin/sh ./linpeas.sh -a
root 3161 0.0 0.0 3532 1136 pts/2 S+ 18:07 0:00 | _ /bin/sh ./linpeas.sh -a
root 3164 0.0 0.0 8892 3276 pts/2 R+ 18:07 0:00 | | _ ps fauxwww
root 3165 0.0 0.0 3532 1136 pts/2 S+ 18:07 0:00 | _ /bin/sh ./linpeas.sh -a
codespa+ 4334 0.1 0.7 966324 63776 ? Sl 17:47 0:01 _ /vscode/bin/linux-x64/6261075646f055b99068d3688932416f2346dd3b/node /vscode/bin/linux-x64/6261075646f055b99068d3688932416f2346dd3b/out/bootstrap-fork --type=fileWatcher
codespa+ 4533 4.3 5.2 32919028 431432 ? Sl 17:47 0:52 _ /vscode/bin/linux-x64/6261075646f055b99068d3688932416f2346dd3b/node /vscode/bin/linux-x64/6261075646f055b99068d3688932416f2346dd3b/out/bootstrap-fork --type=extensionHost --transformURIs --useHostProxy=false
codespa+ 5857 0.0 0.5 589368 42016 ? Sl 17:47 0:00 _ /vscode/bin/linux-x64/6261075646f055b99068d3688932416f2346dd3b/node /vscode/bin/linux-x64/6261075646f055b99068d3688932416f2346dd3b/extensions/markdown-language-features/server/dist/node/main --node-ipc --clientProcessId=4533
codespa+ 7655 0.1 1.4 11334592 115984 ? Sl 17:47 0:01 _ /vscode/bin/linux-x64/6261075646f055b99068d3688932416f2346dd3b/node /home/codespace/.vscode-remote/extensions/ms-python.vscode-pylance-2022.11.20/dist/server.bundle.js --cancellationReceive=file:c9169c069ed5b7c3e6c1133a344bd6d51146d5a339 --node-ipc --clientProcessId=4533
root 3179 0.0 0.0 2608 532 ? Ss 17:47 0:00 /bin/sh
codespa+ 3086 0.0 0.0 2608 1584 ? Ss 17:47 0:00 /bin/sh
codespa+ 1 0.0 0.0 1080 4 ? Ss 14:34 0:00 /sbin/docker-init -- /bin/sh -c echo Container started trap "exit 0" 15 /usr/local/share/ssh-init.sh /usr/local/share/docker-init.sh exec "$@" while sleep 1 & wait $!; do :; done - /usr/local/share/docker-init.sh /usr/local/share/ssh-init.sh sleep infinity
codespa+ 7 0.0 0.0 2508 516 ? S 14:34 0:00 sleep infinity
root 61 0.0 0.4 1517824 39640 ? Sl 14:34 0:01 dockerd --dns 168.63.129.16
root 117 0.0 0.3 1412952 28564 ? Ssl 14:34 0:02 _ containerd --config /var/run/docker/containerd/containerd.toml --log-level info
codespa+ 15916 0.0 0.0 81200 972 ? Ss 17:52 0:00 gpg-agent --homedir /home/codespace/.gnupg --use-standard-socket --daemon[0m
╔══════════╣ Binary processes permissions (non 'root root' and not belonging to current user)
╚ https://book.hacktricks.xyz/linux-hardening/privilege-escalation#processes

╔══════════╣ Processes with credentials in memory (root req)
╚ https://book.hacktricks.xyz/linux-hardening/privilege-escalation#credentials-from-process-memory
gdm-password Not Found
gnome-keyring-daemon Not Found
lightdm Not Found
vsftpd Not Found
apache2 Not Found
sshd: process found (dump creds from memory as root)
╔══════════╣ Different processes executed during 1 min (interesting is low number of repetitions)
╚ https://book.hacktricks.xyz/linux-hardening/privilege-escalation#frequent-cron-jobs
 34 top -bn1
14 runc init
2 ps h --ppid 48
2 ps -F -A -l
2 /bin/sh -c ps -F -A -l | grep root
1 ps 48
1 grep root
╔══════════╣ Cron jobs
╚ https://book.hacktricks.xyz/linux-hardening/privilege-escalation#scheduled-cron-jobs
crontab Not Found
incrontab Not Found
/etc/cron.d:
total 16
drwxr-xr-x 2 root root 4096 Oct 19 16:50 .
drwxr-xr-x 1 root root 4096 Nov 14 17:47 ..
-rw-r--r-- 1 root root  201 Feb 14  2020 e2scrub_all

/etc/cron.daily:
total 28
drwxr-xr-x 1 root root 4096 Nov  2 18:27 .
drwxr-xr-x 1 root root 4096 Nov 14 17:47 ..
-rwxr-xr-x 1 root root 1478 Apr  9  2020 apt-compat
-rwxr-xr-x 1 root root  355 Dec 29  2017 bsdmainutils
-rwxr-xr-x 1 root root 1187 Sep  5  2019 dpkg
-rwxr-xr-x 1 root root 1123 Feb 25  2020 man-db

/etc/cron.weekly:
total 16
drwxr-xr-x 2 root root 4096 Nov  2 18:27 .
drwxr-xr-x 1 root root 4096 Nov 14 17:47 ..
-rwxr-xr-x 1 root root  813 Feb 25  2020 man-db
╔══════════╣ Services
╚ Search for outdated versions
 [ - ] dbus
[ - ] procps
[ - ] rsync
[ + ] ssh
[ - ] x11-common
╔══════════╣ Systemd PATH
╚ https://book.hacktricks.xyz/linux-hardening/privilege-escalation#systemd-path-relative-paths

╔══════════╣ Analyzing .service files
╚ https://book.hacktricks.xyz/linux-hardening/privilege-escalation#services
You can't write on systemd PATH
╔══════════╣ System timers
╚ https://book.hacktricks.xyz/linux-hardening/privilege-escalation#timers
"systemd" is not running in this container due to its overhead.
Use the "service" command to start services instead. e.g.:
service --status-all
╔══════════╣ Analyzing .timer files
╚ https://book.hacktricks.xyz/linux-hardening/privilege-escalation#timers

╔══════════╣ D-Bus config files
╚ https://book.hacktricks.xyz/linux-hardening/privilege-escalation#d-bus

╔══════════╣ D-Bus Service Objects list
╚ https://book.hacktricks.xyz/linux-hardening/privilege-escalation#d-bus
busctl Not Found

 ╔═════════════════════╗
══════════════════════════════╣ Network Information ╠══════════════════════════════
 ╚═════════════════════╝
╔══════════╣ Hostname, hosts and DNS
codespaces-554f3c
127.0.0.1 localhost
::1 localhost ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
127.0.0.1 codespaces-554f3c
nameserver 127.0.0.53
search 2fm3guw4ukvudhcjsqypc5qyvf.bx.internal.cloudapp.net
options timeout:1 attempts:5
nameserver 168.63.129.16
╔══════════╣ Content of /etc/inetd.conf & /etc/xinetd.conf
/etc/inetd.conf Not Found

╔══════════╣ Interfaces
# symbolic names for networks, see networks(5) for more information
link-local 169.254.0.0
docker0: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500
inet 172.17.0.1 netmask 255.255.0.0 broadcast 172.17.255.255
ether 02:42:0e:10:e6:ce txqueuelen 0 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 172.16.5.4 netmask 255.255.255.0 broadcast 172.16.5.255
inet6 fe80::6245:bdff:fed3:c4c prefixlen 64 scopeid 0x20<link>
ether 60:45:bd:d3:0c:4c txqueuelen 1000 (Ethernet)
RX packets 5077755 bytes 6988159271 (6.9 GB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 365974 bytes 1879490591 (1.8 GB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1000 (Local Loopback)
RX packets 81865 bytes 65491954 (65.4 MB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 81865 bytes 65491954 (65.4 MB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
╔══════════╣ Networks and neighbours
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
default _gateway 0.0.0.0 UG 100 0 0 eth0
168.63.129.16 _gateway 255.255.255.255 UGH 100 0 0 eth0
169.254.169.254 _gateway 255.255.255.255 UGH 100 0 0 eth0
172.16.5.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
172.17.0.0 0.0.0.0 255.255.0.0 U 0 0 0 docker0
Address HWtype HWaddress Flags Mask Iface
_gateway ether 12:34:56:78:9a:bc C eth0
╔══════════╣ Iptables rules
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy DROP)
target prot opt source destination
DOCKER-USER all -- anywhere anywhere
DOCKER-ISOLATION-STAGE-1 all -- anywhere anywhere
ACCEPT all -- anywhere anywhere ctstate RELATED,ESTABLISHED
DOCKER all -- anywhere anywhere
ACCEPT all -- anywhere anywhere
ACCEPT all -- anywhere anywhere
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Chain DOCKER (1 references)
target prot opt source destination
Chain DOCKER-ISOLATION-STAGE-1 (1 references)
target prot opt source destination
DOCKER-ISOLATION-STAGE-2 all -- anywhere anywhere
RETURN all -- anywhere anywhere
Chain DOCKER-ISOLATION-STAGE-2 (1 references)
target prot opt source destination
DROP all -- anywhere anywhere
RETURN all -- anywhere anywhere
Chain DOCKER-USER (1 references)
target prot opt source destination
RETURN all -- anywhere anywhere
iptables rules Not Found

╔══════════╣ Active Ports
╚ https://book.hacktricks.xyz/linux-hardening/privilege-escalation#open-ports
tcp 0 0 0.0.0.0:2222 0.0.0.0:* LISTEN 48/sshd: /usr/sbin/
tcp 0 0 0.0.0.0:2000 0.0.0.0:* LISTEN -
tcp 0 0 127.0.0.1:40465 0.0.0.0:* LISTEN 4533/node
tcp 0 0 127.0.0.1:41617 0.0.0.0:* LISTEN 4097/node
tcp 0 0 127.0.0.1:44661 0.0.0.0:* LISTEN -
tcp 0 0 127.0.0.1:46165 0.0.0.0:* LISTEN -
tcp 0 0 127.0.0.53:53 0.0.0.0:* LISTEN -
tcp 0 0 127.0.0.1:38169 0.0.0.0:* LISTEN 4533/node
tcp 0 0 127.0.0.1:16634 0.0.0.0:* LISTEN -
tcp 0 0 127.0.0.1:16635 0.0.0.0:* LISTEN -
tcp 0 0 127.0.0.1:36093 0.0.0.0:* LISTEN -
tcp 0 0 127.0.0.1:46055 0.0.0.0:* LISTEN 4533/node
tcp 0 0 127.0.0.1:36615 0.0.0.0:* LISTEN -
tcp6 0 0 :::2222 :::* LISTEN 48/sshd: /usr/sbin/
tcp6 0 0 :::2000 :::* LISTEN -
tcp6 0 0 ::1:16634 :::* LISTEN -
tcp6 0 0 ::1:16635 :::* LISTEN -
tcp6 0 0 :::5990 :::* LISTEN -
tcp6 0 0 :::5991 :::* LISTEN -
╔══════════╣ Can I sniff with tcpdump?
No

 ╔═══════════════════╗
═══════════════════════════════╣ Users Information ╠═══════════════════════════════
 ╚═══════════════════╝
╔══════════╣ My user
╚ https://book.hacktricks.xyz/linux-hardening/privilege-escalation#users
uid=0(root) gid=0(root) groups=0(root)
╔══════════╣ Do I have PGP keys?
/usr/bin/gpg
netpgpkeys Not Found
netpgp Not Found

╔══════════╣ Clipboard or highlighted text?
Clipboard:
Highlighted text:
╔══════════╣ Checking 'sudo -l', /etc/sudoers, and /etc/sudoers.d
╚ https://book.hacktricks.xyz/linux-hardening/privilege-escalation#sudo-and-suid
Matching Defaults entries for root on codespaces-554f3c:
env_reset, mail_badpass, secure_path=/usr/local/sbin\:/usr/local/bin\:/usr/sbin\:/usr/bin\:/sbin\:/bin\:/snap/bin, secure_path=/home/codespace/.dotnet\:/home/codespace/.nodejs/current/bin\:/home/codespace/.php/current/bin\:/home/codespace/.python/current/bin\:/home/codespace/.java/current/bin\:/home/codespace/.ruby/current/bin\:/usr/local/sbin\:/usr/local/bin\:/usr/sbin\:/usr/bin\:/sbin\:/bin\:/usr/local/bin\:/usr/local/share\:/home/codespace/.local/bin\:/home/codespace/.dotnet\:/home/codespace/.nodejs/current/bin\:/home/codespace/.php/current/bin\:/home/codespace/.python/current/bin\:/home/codespace/.java/current/bin\:/home/codespace/.ruby/current/bin\:/home/codespace/.local/bin\:/usr/local/oryx\:/usr/local/go/bin\:/go/bin\:/usr/local/sdkman/bin\:/usr/local/sdkman/candidates/java/current/bin\:/usr/local/sdkman/candidates/gradle/current/bin\:/usr/local/sdkman/candidates/maven/current/bin\:/usr/local/rvm/gems/default/bin\:/usr/local/rvm/gems/default@global/bin\:/usr/local/rvm/rubies/default/bin\:/usr/local/share/rbenv/bin\:/opt/conda/bin\:/usr/local/php/current/bin\:/usr/local/python/current/bin\:/usr/local/py-utils/bin\:/usr/local/nvs\:/usr/local/share/nvm/current/bin\:/usr/local/hugo/bin\:/usr/local/dotnet/current\:/usr/local/sbin\:/usr/local/bin\:/usr/sbin\:/usr/bin\:/sbin\:/bin
User root may run the following commands on codespaces-554f3c:
(ALL : ALL) ALL
/etc/sudoers:Defaults env_reset
/etc/sudoers:Defaults mail_badpass
/etc/sudoers:Defaults secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/bin"
/etc/sudoers:root ALL=(ALL:ALL) ALL
/etc/sudoers:%admin ALL=(ALL) ALL
/etc/sudoers:%sudo ALL=(ALL:ALL) ALL
╔══════════╣ Checking sudo tokens
╚ https://book.hacktricks.xyz/linux-hardening/privilege-escalation#reusing-sudo-tokens
ptrace protection is enabled (1)
gdb was found in PATH
╔══════════╣ Checking Pkexec policy
╚ https://book.hacktricks.xyz/linux-hardening/privilege-escalation/interesting-groups-linux-pe#pe-method-2

[Configuration]
AdminIdentities=unix-user:0
[Configuration]
AdminIdentities=unix-group:sudo;unix-group:admin
╔══════════╣ Superusers
root:x:0:0:root:/root:/bin/bash
╔══════════╣ Users with console
codespace:x:1000:1000::/home/codespace:/bin/bash
root:x:0:0:root:/root:/bin/bash
╔══════════╣ All users & groups
uid=0(root) gid=0(root) groups=0(root)
uid=1000(codespace) gid=1000(codespace) groups=1000(codespace),106(ssh),999(dotnet),998(hugo),997(nvm),996(nvs),995(python),994(pipx),993(php),992(conda),991(rvm),990(sdkman),107(docker),989(golang),988(oryx)
uid=100(_apt) gid=65534(nogroup) groups=65534(nogroup)
uid=101(systemd-timesync) gid=101(systemd-timesync) groups=101(systemd-timesync)
uid=102(systemd-network) gid=103(systemd-network) groups=103(systemd-network)
uid=103(systemd-resolve) gid=104(systemd-resolve) groups=104(systemd-resolve)
uid=104(messagebus) gid=105(messagebus) groups=105(messagebus)
uid=105(sshd) gid=65534(nogroup) groups=65534(nogroup)
uid=10(uucp) gid=10(uucp) groups=10(uucp)
uid=13(proxy) gid=13(proxy) groups=13(proxy)
uid=1(daemon[0m) gid=1(daemon[0m) groups=1(daemon[0m)
uid=2(bin) gid=2(bin) groups=2(bin)
uid=33(www-data) gid=33(www-data) groups=33(www-data)
uid=34(backup) gid=34(backup) groups=34(backup)
uid=38(list) gid=38(list) groups=38(list)
uid=39(irc) gid=39(irc) groups=39(irc)
uid=3(sys) gid=3(sys) groups=3(sys)
uid=41(gnats) gid=41(gnats) groups=41(gnats)
uid=4(sync) gid=65534(nogroup) groups=65534(nogroup)
uid=5(games) gid=60(games) groups=60(games)
uid=65534(nobody) gid=65534(nogroup) groups=65534(nogroup)
uid=6(man) gid=12(man) groups=12(man)
uid=7(lp) gid=7(lp) groups=7(lp)
uid=8(mail) gid=8(mail) groups=8(mail)
uid=9(news) gid=9(news) groups=9(news)
╔══════════╣ Login now
 18:08:19 up 4:04, 0 users, load average: 0.75, 0.47, 0.43
USER TTY FROM LOGIN@ IDLE JCPU PCPU WHAT
╔══════════╣ Last logons

wtmp begins Mon Nov 14 07:01:05 2022
╔══════════╣ Last time logon each user
Username Port From Latest
╔══════════╣ Password policy
PASS_MAX_DAYS 99999
PASS_MIN_DAYS 0
PASS_WARN_AGE 7
ENCRYPT_METHOD SHA512
╔══════════╣ Do not forget to test 'su' as any other user with shell: without password and with their names as password (I can't do it...)

╔══════════╣ Do not forget to execute 'sudo -l' without password or with valid password (if you know it)!!


 ╔══════════════════════╗
═════════════════════════════╣ Software Information ╠═════════════════════════════
 ╚══════════════════════╝
╔══════════╣ Useful software
/usr/bin/base64
/usr/bin/ctr
/usr/bin/curl
/usr/bin/docker
/usr/bin/g++
/usr/bin/gcc
/usr/bin/gdb
/usr/local/bin/kubectl
/usr/bin/make
/usr/bin/perl
/home/codespace/.php/current/bin/php
/home/codespace/.python/current/bin/python
/usr/bin/python2
/usr/bin/python2.7
/home/codespace/.python/current/bin/python3
/usr/local/rvm/gems/ruby-3.1.2/bin/ruby
/usr/bin/runc
/usr/bin/sudo
/usr/bin/wget
╔══════════╣ Installed Compilers
ii clang 1:10.0-50~exp1 amd64 C, C++ and Objective-C compiler (LLVM based)
ii clang-10 1:10.0.0-4ubuntu1 amd64 C, C++ and Objective-C compiler
ii g++ 4:9.3.0-1ubuntu2 amd64 GNU C++ compiler
ii g++-9 9.4.0-1ubuntu1~20.04.1 amd64 GNU C++ compiler
ii gcc 4:9.3.0-1ubuntu2 amd64 GNU C compiler
ii gcc-9 9.4.0-1ubuntu1~20.04.1 amd64 GNU C compiler
ii llvm-10 1:10.0.0-4ubuntu1 amd64 Modular compiler and toolchain technologies
ii llvm-10-runtime 1:10.0.0-4ubuntu1 amd64 Modular compiler and toolchain technologies, IR interpreter
ii llvm-10-tools 1:10.0.0-4ubuntu1 amd64 Modular compiler and toolchain technologies, tools
/usr/bin/gcc
╔══════════╣ Searching mysql credentials and exec
Found readable /etc/mysql/my.cnf
!includedir /etc/mysql/conf.d/
╔══════════╣ Analyzing Apache-Nginx Files (limit 70)
Apache version: apache2 Not Found
httpd Not Found

Nginx version: nginx Not Found

══╣ PHP exec extensions

-rw-rw-r-- 1 codespace php 72530 Nov 2 18:37 /usr/local/php/8.0.16/ini/php.ini
allow_url_fopen = On
allow_url_include = Off
odbc.allow_persistent = On
mysqli.allow_persistent = On
pgsql.allow_persistent = On
-rw-rw-r-- 1 codespace php 72908 Nov 2 18:35 /usr/local/php/8.1.4/ini/php.ini
allow_url_fopen = On
allow_url_include = Off
odbc.allow_persistent = On
mysqli.allow_persistent = On
pgsql.allow_persistent = On
drwxrwsr-x 1 codespace codespace 4096 Nov 14 07:12 /home/codespace/.local/lib/python3.10/site-packages/nbclassic/static/components/codemirror/mode/nginx
-rw-r--r-- 1 root rvm 142 Nov 2 18:43 /usr/local/rvm/gems/ruby-3.1.2/gems/rouge-4.0.0/lib/rouge/demos/nginx
╔══════════╣ Analyzing Rsync Files (limit 70)
-rw-r--r-- 1 root root 1044 Aug 16 18:48 /usr/share/doc/rsync/examples/rsyncd.conf
[ftp]
comment = public archive
path = /var/www/pub
use chroot = yes
lock file = /var/lock/rsyncd
read only = yes
list = yes
uid = nobody
gid = nogroup
strict modes = yes
ignore errors = no
ignore nonreadable = yes
transfer logging = no
timeout = 600
refuse options = checksum dry-run
dont compress = *.gz *.tgz *.zip *.z *.rpm *.deb *.iso *.bz2 *.tbz
╔══════════╣ Analyzing Ldap Files (limit 70)
The password hash is from the {SSHA} to 'structural'
drwxr-xr-x 2 root root 4096 Nov 2 18:26 /etc/ldap
╔══════════╣ Searching ssl/ssh files
Port 2222
PermitRootLogin yes
ChallengeResponseAuthentication no
UsePAM yes
══╣ Possible private SSH keys were found!
/etc/ssh/ssh_host_rsa_key
/etc/ssh/ssh_host_ecdsa_key
/etc/ssh/ssh_host_ed25519_key
/home/codespace/.vscode-remote/extensions/ms-python.python-2022.18.2/out/client/node_modules/request.js
/home/codespace/.vscode-remote/extensions/hashicorp.terraform-2.19.0/node_modules/@hashicorp/js-releases/node_modules/openpgp/dist/openpgp.js
/home/codespace/.vscode-remote/extensions/hashicorp.terraform-2.19.0/node_modules/@hashicorp/js-releases/node_modules/openpgp/dist/node/openpgp.js
/home/codespace/.vscode-remote/extensions/hashicorp.terraform-2.19.0/node_modules/@hashicorp/js-releases/node_modules/openpgp/dist/node/openpgp.min.js.map
/home/codespace/.vscode-remote/extensions/hashicorp.terraform-2.19.0/node_modules/@hashicorp/js-releases/node_modules/openpgp/dist/node/openpgp.min.js
/home/codespace/.vscode-remote/extensions/hashicorp.terraform-2.19.0/node_modules/@hashicorp/js-releases/node_modules/openpgp/dist/node/openpgp.min.mjs.map
/home/codespace/.vscode-remote/extensions/hashicorp.terraform-2.19.0/node_modules/@hashicorp/js-releases/node_modules/openpgp/dist/node/openpgp.mjs
/home/codespace/.vscode-remote/extensions/hashicorp.terraform-2.19.0/node_modules/@hashicorp/js-releases/node_modules/openpgp/dist/node/openpgp.min.mjs
/home/codespace/.vscode-remote/extensions/hashicorp.terraform-2.19.0/node_modules/@hashicorp/js-releases/node_modules/openpgp/dist/openpgp.min.js.map
/home/codespace/.vscode-remote/extensions/hashicorp.terraform-2.19.0/node_modules/@hashicorp/js-releases/node_modules/openpgp/dist/openpgp.min.js
/home/codespace/.vscode-remote/extensions/hashicorp.terraform-2.19.0/node_modules/@hashicorp/js-releases/node_modules/openpgp/dist/openpgp.min.mjs.map
/home/codespace/.vscode-remote/extensions/hashicorp.terraform-2.19.0/node_modules/@hashicorp/js-releases/node_modules/openpgp/dist/lightweight/openpgp.min.mjs.map
/home/codespace/.vscode-remote/extensions/hashicorp.terraform-2.19.0/node_modules/@hashicorp/js-releases/node_modules/openpgp/dist/lightweight/openpgp.mjs
/home/codespace/.vscode-remote/extensions/hashicorp.terraform-2.19.0/node_modules/@hashicorp/js-releases/node_modules/openpgp/dist/lightweight/openpgp.min.mjs
/home/codespace/.vscode-remote/extensions/hashicorp.terraform-2.19.0/node_modules/@hashicorp/js-releases/node_modules/openpgp/dist/openpgp.mjs
/home/codespace/.vscode-remote/extensions/hashicorp.terraform-2.19.0/node_modules/@hashicorp/js-releases/node_modules/openpgp/dist/openpgp.min.mjs
/home/codespace/.vscode-remote/extensions/hashicorp.terraform-2.19.0/node_modules/@hashicorp/js-releases/node_modules/openpgp/README.md
/home/codespace/.vscode-remote/extensions/hashicorp.terraform-2.19.0/node_modules/openpgp/dist/compat/openpgp.js
/home/codespace/.vscode-remote/extensions/hashicorp.terraform-2.19.0/node_modules/openpgp/dist/compat/openpgp.min.js
/home/codespace/.vscode-remote/extensions/hashicorp.terraform-2.19.0/node_modules/openpgp/dist/openpgp.js
/home/codespace/.vscode-remote/extensions/hashicorp.terraform-2.19.0/node_modules/openpgp/dist/openpgp.min.js
/home/codespace/.vscode-remote/extensions/hashicorp.terraform-2.19.0/node_modules/openpgp/dist/lightweight/openpgp.js
/home/codespace/.vscode-remote/extensions/hashicorp.terraform-2.19.0/node_modules/openpgp/dist/lightweight/openpgp.min.js
/home/codespace/.vscode-remote/extensions/hashicorp.terraform-2.19.0/node_modules/openpgp/src/encoding/armor.js
/home/codespace/.vscode-remote/extensions/hashicorp.terraform-2.19.0/node_modules/openpgp/test/general/openpgp.js
/home/codespace/.vscode-remote/extensions/hashicorp.terraform-2.19.0/node_modules/openpgp/test/general/x25519.js
/home/codespace/.vscode-remote/extensions/hashicorp.terraform-2.19.0/node_modules/openpgp/test/general/armor.js
/home/codespace/.vscode-remote/extensions/hashicorp.terraform-2.19.0/node_modules/openpgp/test/general/signature.js
/home/codespace/.vscode-remote/extensions/hashicorp.terraform-2.19.0/node_modules/openpgp/test/general/ecc_secp256k1.js
/home/codespace/.vscode-remote/extensions/hashicorp.terraform-2.19.0/node_modules/openpgp/test/general/brainpool.js
/home/codespace/.vscode-remote/extensions/hashicorp.terraform-2.19.0/node_modules/openpgp/test/general
══╣ Some certificates were found (out limited):
/home/codespace/.local/lib/python3.10/site-packages/tornado/test/test.crt
/home/codespace/.vscode-remote/extensions/visualstudioexptteam.vscodeintellicode-1.2.29/node_modules/ms-vsintellicode-typescript/node_modules/public-encrypt/test/test_cert.pem
/home/codespace/.vscode-remote/extensions/visualstudioexptteam.vscodeintellicode-1.2.29/node_modules/ms-vsintellicode-typescript/node_modules/public-encrypt/test/test_key.pem
/home/codespace/.vscode-remote/extensions/visualstudioexptteam.vscodeintellicode-1.2.29/node_modules/ms-vsintellicode-typescript/node_modules/public-encrypt/test/test_rsa_privkey_encrypted.pem
/home/codespace/.vscode-remote/extensions/visualstudioexptteam.vscodeintellicode-1.2.29/node_modules/ms-vsintellicode-typescript/node_modules/public-encrypt/test/test_rsa_privkey.pem
/home/codespace/.vscode-remote/extensions/visualstudioexptteam.vscodeintellicode-1.2.29/node_modules/ms-vsintellicode-typescript/node_modules/public-encrypt/test/test_rsa_pubkey.pem
/usr/local/dotnet/6/sdk/6.0.402/trustedroots/codesignctl.pem
/usr/local/go/src/crypto/tls/testdata/example-cert.pem
/usr/local/go/src/crypto/tls/testdata/example-key.pem
/usr/local/go/src/crypto/x509/testdata/test-dir.crt
/usr/local/go/src/crypto/x509/test-file.crt
/usr/local/python/3.10.4/lib/python3.10/test/badcert.pem
/usr/local/python/3.10.4/lib/python3.10/test/badkey.pem
/usr/local/python/3.10.4/lib/python3.10/test/keycert2.pem
/usr/local/python/3.10.4/lib/python3.10/test/keycert.passwd.pem
/usr/local/python/3.10.4/lib/python3.10/test/keycert.pem
/usr/local/python/3.10.4/lib/python3.10/test/nullcert.pem
/usr/local/python/3.10.4/lib/python3.10/test/pycakey.pem
/usr/local/python/3.10.4/lib/python3.10/test/selfsigned_pythontestdotnet.pem
/usr/local/python/3.10.4/lib/python3.10/test/ssl_cert.pem
32108PSTORAGE_CERTSBIN
══╣ Some client certificates were found:
/root/.dotnet/corefx/cryptography/x509stores/my/C0F6BF6067E13B47D7706CE0746F23AB345001B2.pfx
══╣ Writable ssh and gpg agents
/etc/systemd/user/sockets.target.wants/gpg-agent-browser.socket
/etc/systemd/user/sockets.target.wants/gpg-agent-extra.socket
/etc/systemd/user/sockets.target.wants/gpg-agent-ssh.socket
/etc/systemd/user/sockets.target.wants/gpg-agent.socket
/etc/logcheck/ignore.d.server/gpg-agent
/etc/X11/Xsession.d/90gpg-agent
══╣ Some home ssh config file was found
/usr/share/openssh/sshd_config
Include /etc/ssh/sshd_config.d/*.conf
ChallengeResponseAuthentication no
UsePAM yes
X11Forwarding yes
PrintMotd no
AcceptEnv LANG LC_*
Subsystem sftp /usr/lib/openssh/sftp-server
══╣ /etc/hosts.allow file found, trying to read the rules:
/etc/hosts.allow
Searching inside /etc/ssh/ssh_config for interesting info
Include /etc/ssh/ssh_config.d/*.conf
Host *
SendEnv LANG LC_*
HashKnownHosts yes
GSSAPIAuthentication yes
╔══════════╣ Analyzing PAM Auth Files (limit 70)
drwxr-xr-x 1 root root 4096 Nov 14 07:10 /etc/pam.d
-rw-r--r-- 1 root root 2126 Nov 2 18:39 /etc/pam.d/sshd
╔══════════╣ Analyzing Keyring Files (limit 70)
drwxr-xr-x 1 root root 4096 Nov 14 07:11 /usr/share/keyrings
╔══════════╣ Searching uncommon passwd files (splunk)
passwd file: /etc/pam.d/passwd
passwd file: /etc/passwd
passwd file: /usr/share/bash-completion/completions/passwd
passwd file: /usr/share/lintian/overrides/passwd
╔══════════╣ Analyzing Github Files (limit 70)
drwxrwsr-x 1 codespace codespace 4096 Nov 14 07:09 /home/codespace/.oh-my-zsh/.github
drwxr-sr-x 3 codespace codespace 4096 Nov 14 17:56 /home/codespace/PEASS-ng/.github
drwxr-sr-x 4 codespace codespace 4096 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/felipecaputo.git-project-manager-1.8.2/.github
drwxr-sr-x 2 codespace codespace 4096 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/hashicorp.terraform-2.19.0/node_modules/balanced-match/.github
drwxr-sr-x 3 codespace codespace 4096 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/hashicorp.terraform-2.19.0/node_modules/fastq/.github
drwxr-sr-x 3 codespace codespace 4096 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/ms-kubernetes-tools.vscode-kubernetes-tools-1.3.11/.github
drwxr-sr-x 3 codespace codespace 4096 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/ms-toolsai.vscode-jupyter-cell-tags-0.1.6/.github
drwxr-sr-x 2 codespace codespace 4096 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/rogalmic.bash-debug-0.3.9/.github
drwxr-sr-x 2 codespace codespace 4096 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/rogalmic.zsh-debug-0.1.3/.github
drwxr-sr-x 2 codespace codespace 4096 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/uctakeoff.vscode-counter-3.1.0/node_modules/balanced-match/.github
drwxr-sr-x 2 codespace codespace 4096 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/uctakeoff.vscode-counter-3.1.0/node_modules/brace-expansion/.github
drwxr-sr-x 2 codespace codespace 4096 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/visualstudioexptteam.vscodeintellicode-1.2.29/node_modules/ms-vsintellicode-typescript/node_modules/balanced-match/.github
drwxr-sr-x 3 codespace codespace 4096 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/visualstudioexptteam.vscodeintellicode-1.2.29/node_modules/ms-vsintellicode-typescript/node_modules/fastq/.github
drwxr-sr-x 2 codespace codespace 4096 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/visualstudioexptteam.vscodeintellicode-1.2.29/node_modules/ms-vsintellicode-typescript/node_modules/path-browserify/.github
drwxr-sr-x 2 codespace codespace 4096 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/visualstudioexptteam.vscodeintellicode-1.2.29/node_modules/ms-vsintellicode-typescript/node_modules/stream-browserify/.github
drwxr-sr-x 2 codespace codespace 4096 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/zignd.html-css-class-completion-1.20.0/node_modules/aws4/.github
drwxr-sr-x 2 codespace codespace 4096 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/zignd.html-css-class-completion-1.20.0/node_modules/fast-json-stable-stringify/.github
drwxr-xr-x 4 root root 4096 Nov 14 07:08 /root/.oh-my-zsh/.github
drwxr-sr-x 2 root rvm 4096 Nov 14 07:09 /usr/local/rvm/gems/ruby-3.1.2/gems/ffi-1.15.5/ext/ffi_c/libffi/.github
drwxr-sr-x 3 root rvm 4096 Nov 14 07:10 /usr/local/rvm/gems/ruby-3.1.2/gems/http_parser.rb-0.8.0/.github
drwxr-sr-x 3 root rvm 4096 Nov 14 07:11 /usr/local/rvm/gems/ruby-3.1.2/gems/public_suffix-5.0.0/.github
drwxr-sr-x 3 root rvm 4096 Nov 14 07:11 /usr/local/rvm/gems/ruby-3.1.2/gems/terminal-table-3.0.2/.github
drwxrwsr-x 3 codespace nvm 4096 Nov 14 07:09 /usr/local/share/nvm/.github
drwxrwsr-x 3 codespace nvm 4096 Nov 14 07:09 /usr/local/share/nvm/versions/node/v14.21.0/lib/node_modules/npm/node_modules/meant/.github
drwxrwsr-x 3 codespace nvm 4096 Nov 14 07:09 /usr/local/share/nvm/versions/node/v14.21.0/lib/node_modules/npm/node_modules/node-gyp/.github
drwxrwsr-x 2 codespace nvm 4096 Nov 14 07:09 /usr/local/share/nvm/versions/node/v14.21.0/lib/node_modules/npm/node_modules/npm-normalize-package-bin/.github
drwxrwsr-x 3 codespace nvm 4096 Nov 14 07:09 /usr/local/share/nvm/versions/node/v16.18.0/lib/node_modules/npm/node_modules/node-gyp/.github
drwxrwsr-x 3 codespace nvm 4096 Nov 14 07:09 /usr/local/share/nvm/versions/node/v16.18.0/lib/node_modules/npm/node_modules/node-gyp/gyp/.github
drwxr-xr-x 3 root root 4096 Nov 14 07:10 /usr/local/share/rbenv/.github
drwxr-xr-x 4 root root 4096 Nov 14 07:10 /usr/local/share/ruby-build/.github
-rw-r--r-- 1 root root 161 Nov 2 18:39 /root/.gitconfig
drwxrwsr-x 1 codespace codespace 4096 Nov 14 07:09 /home/codespace/.oh-my-zsh/.git
drwxr-sr-x 8 codespace codespace 4096 Nov 14 17:56 /home/codespace/PEASS-ng/.git
drwxr-xr-x 8 root root 4096 Nov 14 07:08 /root/.oh-my-zsh/.git
drwxrwsr-x 8 codespace nvm 4096 Nov 14 07:09 /usr/local/share/nvm/.git
drwxr-xr-x 8 root root 4096 Nov 14 07:09 /usr/local/share/rbenv/.git
drwxr-xr-x 8 root root 4096 Nov 14 07:10 /usr/local/share/ruby-build/.git
╔══════════╣ Analyzing PGP-GPG Files (limit 70)
/usr/bin/gpg
netpgpkeys Not Found
netpgp Not Found

-rw-r--r-- 1 root root 2796 Mar 29 2021 /etc/apt/trusted.gpg.d/ubuntu-keyring-2012-archive.gpg
-rw-r--r-- 1 root root 2794 Mar 29 2021 /etc/apt/trusted.gpg.d/ubuntu-keyring-2012-cdimage.gpg
-rw-r--r-- 1 root root 1733 Mar 29 2021 /etc/apt/trusted.gpg.d/ubuntu-keyring-2018-archive.gpg
-rw------- 1 codespace codespace 1200 Nov 14 17:51 /home/codespace/.gnupg/trustdb.gpg
-rw-r--r-- 1 root root 3267 Jul 4 16:20 /usr/share/gnupg/distsigkey.gpg
-rw-r--r-- 1 root root 1201 Nov 2 18:37 /usr/share/keyrings/conda-archive-keyring.gpg
-rw-r--r-- 1 root root 2825 Nov 2 18:39 /usr/share/keyrings/gitlfs-archive-keyring.gpg
-rw-r--r-- 1 root root 641 Nov 2 18:39 /usr/share/keyrings/microsoft-archive-keyring.gpg
-rw-r--r-- 1 root root 7399 Sep 17 2018 /usr/share/keyrings/ubuntu-archive-keyring.gpg
-rw-r--r-- 1 root root 6713 Oct 27 2016 /usr/share/keyrings/ubuntu-archive-removed-keys.gpg
-rw-r--r-- 1 root root 4097 Feb 6 2018 /usr/share/keyrings/ubuntu-cloudimage-keyring.gpg
-rw-r--r-- 1 root root 0 Jan 17 2018 /usr/share/keyrings/ubuntu-cloudimage-removed-keys.gpg
-rw-r--r-- 1 root root 1227 May 27 2010 /usr/share/keyrings/ubuntu-master-keyring.gpg
-rw-r--r-- 1 root root 11460 Nov 2 18:27 /usr/share/keyrings/yarn-archive-keyring.gpg
drwx--S--- 3 codespace codespace 4096 Nov 14 17:52 /home/codespace/.gnupg
╔══════════╣ Checking if containerd(ctr) is available
╚ https://book.hacktricks.xyz/linux-hardening/privilege-escalation/containerd-ctr-privilege-escalation
ctr was found in /usr/bin/ctr, you may be able to escalate privileges with it
ctr: failed to dial "/run/containerd/containerd.sock": context deadline exceeded
╔══════════╣ Checking if runc is available
╚ https://book.hacktricks.xyz/linux-hardening/privilege-escalation/runc-privilege-escalation
runc was found in /usr/bin/runc, you may be able to escalate privileges with it
╔══════════╣ Searching docker files (limit 70)
╚ https://book.hacktricks.xyz/linux-hardening/privilege-escalation/docker-breakout/docker-breakout-privilege-escalation
lrwxrwxrwx 1 root root 33 Nov 2 18:40 /etc/systemd/system/sockets.target.wants/docker.socket -> /lib/systemd/system/docker.socket
-rw-r--r-- 1 codespace codespace 945 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/esbenp.prettier-vscode-9.9.0/.devcontainer/Dockerfile
-rw-r--r-- 1 codespace codespace 430 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/github.codespaces-1.13.1/out/bundle/node_modules/vscode-dev-containers/containers/alpine/.devcontainer/Dockerfile
-rw-r--r-- 1 codespace codespace 2026 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/github.codespaces-1.13.1/out/bundle/node_modules/vscode-dev-containers/containers/azure-ansible/.devcontainer/Dockerfile
-rw-r--r-- 1 codespace codespace 666 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/github.codespaces-1.13.1/out/bundle/node_modules/vscode-dev-containers/containers/azure-bicep/.devcontainer/Dockerfile
-rw-r--r-- 1 codespace codespace 991 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/github.codespaces-1.13.1/out/bundle/node_modules/vscode-dev-containers/containers/azure-cli/.devcontainer/Dockerfile
-rw-r--r-- 1 codespace codespace 930 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/github.codespaces-1.13.1/out/bundle/node_modules/vscode-dev-containers/containers/azure-functions-dotnet-6-inprocess/.devcontainer/Dockerfile
-rw-r--r-- 1 codespace codespace 961 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/github.codespaces-1.13.1/out/bundle/node_modules/vscode-dev-containers/containers/azure-functions-dotnet-6-isolated/.devcontainer/Dockerfile
-rw-r--r-- 1 codespace codespace 1000 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/github.codespaces-1.13.1/out/bundle/node_modules/vscode-dev-containers/containers/azure-functions-dotnetcore-3.1/.devcontainer/Dockerfile
-rw-r--r-- 1 codespace codespace 919 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/github.codespaces-1.13.1/out/bundle/node_modules/vscode-dev-containers/containers/azure-functions-java-11/.devcontainer/Dockerfile
-rw-r--r-- 1 codespace codespace 1340 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/github.codespaces-1.13.1/out/bundle/node_modules/vscode-dev-containers/containers/azure-functions-java-8/.devcontainer/Dockerfile
-rw-r--r-- 1 codespace codespace 933 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/github.codespaces-1.13.1/out/bundle/node_modules/vscode-dev-containers/containers/azure-functions-node/.devcontainer/Dockerfile
-rw-r--r-- 1 codespace codespace 403 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/github.codespaces-1.13.1/out/bundle/node_modules/vscode-dev-containers/containers/azure-functions-pwsh/.devcontainer/Dockerfile
-rw-r--r-- 1 codespace codespace 231 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/github.codespaces-1.13.1/out/bundle/node_modules/vscode-dev-containers/containers/azure-functions-python-3/.devcontainer/Dockerfile
-rw-r--r-- 1 codespace codespace 3624 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/github.codespaces-1.13.1/out/bundle/node_modules/vscode-dev-containers/containers/azure-machine-learning-python-3/.devcontainer/Dockerfile
-rw-r--r-- 1 codespace codespace 1498 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/github.codespaces-1.13.1/out/bundle/node_modules/vscode-dev-containers/containers/azure-static-web-apps/.devcontainer/Dockerfile
-rw-r--r-- 1 codespace codespace 2220 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/github.codespaces-1.13.1/out/bundle/node_modules/vscode-dev-containers/containers/azure-terraform/.devcontainer/Dockerfile
-rw-r--r-- 1 codespace codespace 410 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/github.codespaces-1.13.1/out/bundle/node_modules/vscode-dev-containers/containers/bash/.devcontainer/Dockerfile
-rw-r--r-- 1 codespace codespace 1411 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/github.codespaces-1.13.1/out/bundle/node_modules/vscode-dev-containers/containers/bazel/.devcontainer/Dockerfile
-rw-r--r-- 1 codespace codespace 3233 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/github.codespaces-1.13.1/out/bundle/node_modules/vscode-dev-containers/containers/clojure/.devcontainer/Dockerfile
-rw-r--r-- 1 codespace codespace 466 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/github.codespaces-1.13.1/out/bundle/node_modules/vscode-dev-containers/containers/codespaces-linux/.devcontainer/Dockerfile
-rw-r--r-- 1 codespace codespace 1275 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/github.codespaces-1.13.1/out/bundle/node_modules/vscode-dev-containers/containers/cpp/.devcontainer/Dockerfile
-rw-r--r-- 1 codespace codespace 1446 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/github.codespaces-1.13.1/out/bundle/node_modules/vscode-dev-containers/containers/cpp-mariadb/.devcontainer/docker-compose.yml
-rw-r--r-- 1 codespace codespace 1532 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/github.codespaces-1.13.1/out/bundle/node_modules/vscode-dev-containers/containers/cpp-mariadb/.devcontainer/Dockerfile
-rw-r--r-- 1 codespace codespace 1065 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/github.codespaces-1.13.1/out/bundle/node_modules/vscode-dev-containers/containers/dapr-dotnet/.devcontainer/docker-compose.yml
-rw-r--r-- 1 codespace codespace 2248 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/github.codespaces-1.13.1/out/bundle/node_modules/vscode-dev-containers/containers/dapr-dotnet/.devcontainer/Dockerfile
-rw-r--r-- 1 codespace codespace 1101 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/github.codespaces-1.13.1/out/bundle/node_modules/vscode-dev-containers/containers/dapr-javascript-node/.devcontainer/docker-compose.yml
-rw-r--r-- 1 codespace codespace 1580 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/github.codespaces-1.13.1/out/bundle/node_modules/vscode-dev-containers/containers/dapr-javascript-node/.devcontainer/Dockerfile
-rw-r--r-- 1 codespace codespace 1561 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/github.codespaces-1.13.1/out/bundle/node_modules/vscode-dev-containers/containers/dart/.devcontainer/Dockerfile
-rw-r--r-- 1 codespace codespace 533 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/github.codespaces-1.13.1/out/bundle/node_modules/vscode-dev-containers/containers/debian/.devcontainer/Dockerfile
-rw-r--r-- 1 codespace codespace 584 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/github.codespaces-1.13.1/out/bundle/node_modules/vscode-dev-containers/containers/deno/.devcontainer/Dockerfile
-rw-r--r-- 1 codespace codespace 1790 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/github.codespaces-1.13.1/out/bundle/node_modules/vscode-dev-containers/containers/docker-existing-docker-compose/.devcontainer/docker-compose.yml
-rw-r--r-- 1 codespace codespace 938 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/github.codespaces-1.13.1/out/bundle/node_modules/vscode-dev-containers/containers/docker-from-docker-compose/.devcontainer/docker-compose.yml
-rw-r--r-- 1 codespace codespace 1726 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/github.codespaces-1.13.1/out/bundle/node_modules/vscode-dev-containers/containers/docker-from-docker-compose/.devcontainer/Dockerfile
-rw-r--r-- 1 codespace codespace 1900 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/github.codespaces-1.13.1/out/bundle/node_modules/vscode-dev-containers/containers/docker-from-docker/.devcontainer/Dockerfile
-rw-r--r-- 1 codespace codespace 1897 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/github.codespaces-1.13.1/out/bundle/node_modules/vscode-dev-containers/containers/docker-in-docker/.devcontainer/Dockerfile
-rw-r--r-- 1 codespace codespace 924 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/github.codespaces-1.13.1/out/bundle/node_modules/vscode-dev-containers/containers/dotnet/.devcontainer/Dockerfile
-rw-r--r-- 1 codespace codespace 689 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/github.codespaces-1.13.1/out/bundle/node_modules/vscode-dev-containers/containers/dotnet-fsharp/.devcontainer/Dockerfile
-rw-r--r-- 1 codespace codespace 1158 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/github.codespaces-1.13.1/out/bundle/node_modules/vscode-dev-containers/containers/dotnet-mssql/.devcontainer/docker-compose.yml
-rw-r--r-- 1 codespace codespace 935 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/github.codespaces-1.13.1/out/bundle/node_modules/vscode-dev-containers/containers/dotnet-mssql/.devcontainer/Dockerfile
-rw-r--r-- 1 codespace codespace 1257 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/github.codespaces-1.13.1/out/bundle/node_modules/vscode-dev-containers/containers/dotnet-postgres/.devcontainer/docker-compose.yml
-rw-r--r-- 1 codespace codespace 765 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/github.codespaces-1.13.1/out/bundle/node_modules/vscode-dev-containers/containers/dotnet-postgres/.devcontainer/Dockerfile
-rw-r--r-- 1 codespace codespace 1860 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/github.codespaces-1.13.1/out/bundle/node_modules/vscode-dev-containers/containers/elixir/.devcontainer/Dockerfile
-rw-r--r-- 1 codespace codespace 873 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/github.codespaces-1.13.1/out/bundle/node_modules/vscode-dev-containers/containers/elixir-phoenix-postgres/.devcontainer/docker-compose.yml
-rw-r--r-- 1 codespace codespace 2752 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/github.codespaces-1.13.1/out/bundle/node_modules/vscode-dev-containers/containers/elixir-phoenix-postgres/.devcontainer/Dockerfile
-rw-r--r-- 1 codespace codespace 1277 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/github.codespaces-1.13.1/out/bundle/node_modules/vscode-dev-containers/containers/elm/.devcontainer/Dockerfile
-rw-r--r-- 1 codespace codespace 1141 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/github.codespaces-1.13.1/out/bundle/node_modules/vscode-dev-containers/containers/go/.devcontainer/Dockerfile
-rw-r--r-- 1 codespace codespace 1745 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/github.codespaces-1.13.1/out/bundle/node_modules/vscode-dev-containers/containers/go-postgres/.devcontainer/docker-compose.yml
-rw-r--r-- 1 codespace codespace 1011 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/github.codespaces-1.13.1/out/bundle/node_modules/vscode-dev-containers/containers/go-postgres/.devcontainer/Dockerfile
-rw-r--r-- 1 codespace codespace 1134 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/github.codespaces-1.13.1/out/bundle/node_modules/vscode-dev-containers/containers/haskell/.devcontainer/Dockerfile
-rw-r--r-- 1 codespace codespace 1488 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/github.codespaces-1.13.1/out/bundle/node_modules/vscode-dev-containers/containers/hugo/.devcontainer/Dockerfile
-rw-r--r-- 1 codespace codespace 1401 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/github.codespaces-1.13.1/out/bundle/node_modules/vscode-dev-containers/containers/java-8/.devcontainer/Dockerfile
-rw-r--r-- 1 codespace codespace 1442 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/github.codespaces-1.13.1/out/bundle/node_modules/vscode-dev-containers/containers/java/.devcontainer/Dockerfile
-rw-r--r-- 1 codespace codespace 1848 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/github.codespaces-1.13.1/out/bundle/node_modules/vscode-dev-containers/containers/java-postgres/.devcontainer/docker-compose.yml
-rw-r--r-- 1 codespace codespace 1297 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/github.codespaces-1.13.1/out/bundle/node_modules/vscode-dev-containers/containers/java-postgres/.devcontainer/Dockerfile
-rw-r--r-- 1 codespace codespace 1271 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/github.codespaces-1.13.1/out/bundle/node_modules/vscode-dev-containers/containers/javascript-node-azurite/.devcontainer/docker-compose.yml
-rw-r--r-- 1 codespace codespace 883 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/github.codespaces-1.13.1/out/bundle/node_modules/vscode-dev-containers/containers/javascript-node-azurite/.devcontainer/Dockerfile
-rw-r--r-- 1 codespace codespace 812 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/github.codespaces-1.13.1/out/bundle/node_modules/vscode-dev-containers/containers/javascript-node/.devcontainer/Dockerfile
-rw-r--r-- 1 codespace codespace 1381 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/github.codespaces-1.13.1/out/bundle/node_modules/vscode-dev-containers/containers/javascript-node-mongo/.devcontainer/docker-compose.yml
-rw-r--r-- 1 codespace codespace 1666 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/github.codespaces-1.13.1/out/bundle/node_modules/vscode-dev-containers/containers/javascript-node-mongo/.devcontainer/Dockerfile
-rw-r--r-- 1 codespace codespace 1329 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/github.codespaces-1.13.1/out/bundle/node_modules/vscode-dev-containers/containers/javascript-node-postgres/.devcontainer/docker-compose.yml
-rw-r--r-- 1 codespace codespace 812 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/github.codespaces-1.13.1/out/bundle/node_modules/vscode-dev-containers/containers/javascript-node-postgres/.devcontainer/Dockerfile
-rw-r--r-- 1 codespace codespace 930 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/github.codespaces-1.13.1/out/bundle/node_modules/vscode-dev-containers/containers/jekyll/.devcontainer/Dockerfile
-rw-r--r-- 1 codespace codespace 1210 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/github.codespaces-1.13.1/out/bundle/node_modules/vscode-dev-containers/containers/jupyter-datascience-notebooks/.devcontainer/Dockerfile
-rw-r--r-- 1 codespace codespace 1929 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/github.codespaces-1.13.1/out/bundle/node_modules/vscode-dev-containers/containers/kubernetes-helm/.devcontainer/Dockerfile
-rw-r--r-- 1 codespace codespace 1603 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/github.codespaces-1.13.1/out/bundle/node_modules/vscode-dev-containers/containers/kubernetes-helm-minikube/.devcontainer/Dockerfile
-rw-r--r-- 1 codespace codespace 271 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/github.codespaces-1.13.1/out/bundle/node_modules/vscode-dev-containers/containers/markdown/.devcontainer/Dockerfile
-rw-r--r-- 1 codespace codespace 1240 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/github.codespaces-1.13.1/out/bundle/node_modules/vscode-dev-containers/containers/mit-scheme/.devcontainer/Dockerfile
-rw-r--r-- 1 codespace codespace 940 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/github.codespaces-1.13.1/out/bundle/node_modules/vscode-dev-containers/containers/perl/.devcontainer/Dockerfile
-rw-r--r-- 1 codespace codespace 1079 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/github.codespaces-1.13.1/out/bundle/node_modules/vscode-dev-containers/containers/php/.devcontainer/Dockerfile
╔══════════╣ Analyzing Postfix Files (limit 70)
-rw-r--r-- 1 root root 813 Feb 2 2020 /usr/share/bash-completion/completions/postfix
╔══════════╣ Analyzing Env Files (limit 70)
-rw-r--r-- 1 codespace codespace 24 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/ms-python.python-2022.18.2/pythonFiles/.env
PYTHONPATH=./lib/python
-rw-r--r-- 1 codespace codespace 24 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/ms-toolsai.jupyter-2022.9.1202862440/pythonFiles/.env
PYTHONPATH=./lib/python
╔══════════╣ Analyzing Bind Files (limit 70)
-rw-r--r-- 1 root root 832 Feb 2 2020 /usr/share/bash-completion/completions/bind
-rw-r--r-- 1 root root 832 Feb 2 2020 /usr/share/bash-completion/completions/bind
╔══════════╣ Analyzing Strapi Files (limit 70)
drwxrwsr-x 2 codespace rvm 4096 Nov 14 07:09 /usr/local/rvm/environments
╔══════════╣ Analyzing Windows Files (limit 70)

drwxr-sr-x 2 codespace codespace 4096 Nov 14 17:56 /home/codespace/PEASS-ng/winPEAS/winPEASexe/winPEAS/Info/UserInfo/SAM
lrwxrwxrwx 1 root root 26 Nov 2 18:26 /etc/alternatives/my.cnf -> /etc/mysql/my.cnf.fallback
lrwxrwxrwx 1 root root 24 Nov 2 18:26 /etc/mysql/my.cnf -> /etc/alternatives/my.cnf
-rw-r--r-- 1 root root 56 Nov 2 18:26 /var/lib/dpkg/alternatives/my.cnf
-rw-rw-r-- 1 codespace oryx 479 Nov 2 18:45 /usr/local/buildscriptgen/web.config
╔══════════╣ Analyzing Other Interesting Files (limit 70)
-rw-r--r-- 1 root root 3771 Feb 25 2020 /etc/skel/.bashrc
-rw-rw-r-- 1 codespace codespace 4910 Nov 2 18:27 /home/codespace/.bashrc
-rw-r--r-- 1 root root 4286 Nov 2 18:37 /root/.bashrc
-rw-r--r-- 1 root root 807 Feb 25 2020 /etc/skel/.profile
-rw-rw-r-- 1 codespace codespace 807 Feb 25 2020 /home/codespace/.profile
-rw-r--r-- 1 root root 161 Dec 5 2019 /root/.profile
╔══════════╣ Checking leaks in git repositories

 ╔═══════════════════╗
═══════════════════════════════╣ Interesting Files ╠═══════════════════════════════
 ╚═══════════════════╝
╔══════════╣ SUID - Check easy privesc, exploits and write perms
╚ https://book.hacktricks.xyz/linux-hardening/privilege-escalation#sudo-and-suid
-rwsr-xr-x 1 root root 84K Mar 14 2022 /usr/bin/chfn ---> SuSE_9.3/10
-rwsr-xr-x 1 root root 52K Mar 14 2022 /usr/bin/chsh
-rwsr-xr-x 1 root root 87K Mar 14 2022 /usr/bin/gpasswd
-rwsr-xr-x 1 root root 67K Feb 7 2022 /usr/bin/su
-rwsr-xr-x 1 root root 67K Mar 14 2022 /usr/bin/passwd ---> Apple_Mac_OSX(03-2006)/Solaris_8/9(12-2004)/SPARC_8/9/Sun_Solaris_2.3_to_2.5.1(02-1997)
-rwsr-xr-x 1 root root 44K Mar 14 2022 /usr/bin/newgrp ---> HP-UX_10.20
-rwsr-xr-x 1 root root 55K Feb 7 2022 /usr/bin/mount ---> Apple_Mac_OSX(Lion)_Kernel_xnu-1699.32.7_except_xnu-1699.24.8
-rwsr-xr-x 1 root root 39K Feb 7 2022 /usr/bin/umount ---> BSD/Linux(08-1996)
-rwsr-xr-x 1 root root 163K Jan 19 2021 /usr/bin/sudo ---> check_if_the_sudo_version_is_vulnerable
-rwsr-xr-x 1 root root 31K Feb 21 2022 /usr/bin/pkexec ---> Linux4.10_to_5.1.17(CVE-2019-13272)/rhel_6(CVE-2011-1485)
-rwsr-xr-x 1 root root 463K Mar 30 2022 /usr/lib/openssh/ssh-keysign
-rwsr-xr-x 1 root root 23K Feb 21 2022 /usr/lib/policykit-1/polkit-agent-helper-1
-rwsr-xr-- 1 root messagebus 51K Oct 25 13:09 /usr/lib/dbus-1.0/dbus-daemon-launch-helper
╔══════════╣ SGID
╚ https://book.hacktricks.xyz/linux-hardening/privilege-escalation#sudo-and-suid
-rwxr-sr-x 1 root shadow 31K Mar 14 2022 /usr/bin/expiry
-rwxr-sr-x 1 root shadow 83K Mar 14 2022 /usr/bin/chage
-rwxr-sr-x 1 root tty 35K Feb 7 2022 /usr/bin/wall
-rwxr-sr-x 1 root ssh 343K Mar 30 2022 /usr/bin/ssh-agent
-rwxr-sr-x 1 root tty 15K Mar 30 2020 /usr/bin/bsd-write
-rwxr-sr-x 1 root shadow 43K Sep 17 2021 /usr/sbin/pam_extrausers_chkpwd
-rwxr-sr-x 1 root shadow 43K Sep 17 2021 /usr/sbin/unix_chkpwd
╔══════════╣ Capabilities
╚ https://book.hacktricks.xyz/linux-hardening/privilege-escalation#capabilities
Current env capabilities:
Current: =ep
Current proc capabilities:
CapInh: 0000000000000000
CapPrm: 0000003fffffffff
CapEff: 0000003fffffffff
CapBnd: 0000003fffffffff
CapAmb: 0000000000000000
Parent Shell capabilities:
0x0000003fffffffff=cap_chown,cap_dac_override,cap_dac_read_search,cap_fowner,cap_fsetid,cap_kill,cap_setgid,cap_setuid,cap_setpcap,cap_linux_immutable,cap_net_bind_service,cap_net_broadcast,cap_net_admin,cap_net_raw,cap_ipc_lock,cap_ipc_owner,cap_sys_module,cap_sys_rawio,cap_sys_chroot,cap_sys_ptrace,cap_sys_pacct,cap_sys_admin,cap_sys_boot,cap_sys_nice,cap_sys_resource,cap_sys_time,cap_sys_tty_config,cap_mknod,cap_lease,cap_audit_write,cap_audit_control,cap_setfcap,cap_mac_override,cap_mac_admin,cap_syslog,cap_wake_alarm,cap_block_suspend,cap_audit_read
Files with capabilities (limited to 50):
/usr/lib/x86_64-linux-gnu/gstreamer1.0/gstreamer-1.0/gst-ptp-helper = cap_net_bind_service,cap_net_admin+ep
╔══════════╣ AppArmor binary profiles
-rw-r--r-- 1 root root 3202 Feb 25 2020 usr.bin.man
╔══════════╣ Files with ACLs (limited to 50)
╚ https://book.hacktricks.xyz/linux-hardening/privilege-escalation#acls
files with acls in searched folders Not Found

╔══════════╣ .sh files in path
╚ https://book.hacktricks.xyz/linux-hardening/privilege-escalation#script-binaries-in-path
/usr/bin/gettext.sh
/usr/local/share/nvm/rename_test.sh
/usr/local/share/nvm/update_test_mocks.sh
/usr/local/share/nvm/versions/node/v14.21.0/lib/node_modules/npm/node_modules/lockfile/gen-changelog.sh
/usr/local/share/nvm/versions/node/v14.21.0/lib/node_modules/npm/node_modules/node-gyp/gyp/tools/emacs/run-unit-tests.sh
/usr/local/share/nvm/versions/node/v14.21.0/lib/node_modules/npm/scripts/relocate.sh
/usr/local/share/nvm/versions/node/v14.21.0/lib/node_modules/npm/scripts/clean-old.sh
/usr/local/share/nvm/versions/node/v14.21.0/lib/node_modules/npm/scripts/update-authors.sh
/usr/local/share/nvm/versions/node/v14.21.0/lib/node_modules/npm/scripts/install.sh
/usr/local/share/nvm/versions/node/v14.21.0/lib/node_modules/npm/scripts/release.sh
/usr/local/share/nvm/versions/node/v14.21.0/lib/node_modules/npm/lib/utils/completion.sh
/usr/local/share/nvm/versions/node/v16.18.0/lib/node_modules/npm/node_modules/node-gyp/macOS_Catalina_acid_test.sh
/usr/local/share/nvm/versions/node/v16.18.0/lib/node_modules/npm/node_modules/node-gyp/gyp/tools/emacs/run-unit-tests.sh
/usr/local/share/nvm/versions/node/v16.18.0/lib/node_modules/npm/lib/utils/completion.sh
/usr/local/share/nvm/test/common.sh
/usr/local/share/nvm/install.sh
/usr/local/share/nvm/nvm.sh
/usr/local/share/docker-init.sh
/usr/local/share/ssh-init.sh
/usr/local/share/ruby-build/install.sh
/usr/local/sdkman/bin/sdkman-init.sh
/usr/local/nvs/nvs.sh
/usr/local/nvs/homebrew/install.sh
/usr/bin/gettext.sh
╔══════════╣ Executable files potentially added by user (limit 70)
2022-11-14+18:02:59.2867745060 /home/codespace/linpeas.sh
2022-11-14+17:56:28.9361732660 /home/codespace/PEASS-ng/winPEAS/winPEASexe/winPEAS/winPEAS.csproj.user
2022-11-14+17:56:28.9361732660 /home/codespace/PEASS-ng/winPEAS/winPEASexe/winPEAS/winPEAS.csproj
2022-11-14+17:56:28.9281729810 /home/codespace/PEASS-ng/winPEAS/winPEASexe/winPEAS/Properties/AssemblyInfo.cs
2022-11-14+17:56:28.9281729810 /home/codespace/PEASS-ng/winPEAS/winPEASexe/winPEAS/Program.cs
2022-11-14+17:56:28.9161725540 /home/codespace/PEASS-ng/winPEAS/winPEASexe/winPEAS/FodyWeavers.xsd
2022-11-14+17:56:28.9161725540 /home/codespace/PEASS-ng/winPEAS/winPEASexe/winPEAS/FodyWeavers.xml
2022-11-14+17:56:28.9161725540 /home/codespace/PEASS-ng/winPEAS/winPEASexe/winPEAS/App.config
2022-11-14+17:56:28.8801712730 /home/codespace/PEASS-ng/winPEAS/winPEASexe/winPEAS.sln
2022-11-14+17:56:28.8801712730 /home/codespace/PEASS-ng/winPEAS/winPEASexe/README.md
2022-11-14+17:56:28.8801712730 /home/codespace/PEASS-ng/winPEAS/winPEASexe/images/winpeas.png
2022-11-14+17:56:28.8801712730 /home/codespace/PEASS-ng/winPEAS/winPEASexe/images/screen.png
2022-11-14+17:56:28.8801712730 /home/codespace/PEASS-ng/winPEAS/winPEASexe/images/help.png
2022-11-14+17:56:28.8801712730 /home/codespace/PEASS-ng/winPEAS/winPEASexe/images/dotfuscator.PNG
2022-11-14+17:56:28.8801712730 /home/codespace/PEASS-ng/winPEAS/winPEASexe/images/colors.png
2022-11-14+17:56:28.8361697060 /home/codespace/PEASS-ng/winPEAS/winPEASbat/winPEAS.bat
2022-11-14+17:56:28.8361697060 /home/codespace/PEASS-ng/winPEAS/winPEASbat/README.md
2022-11-14+17:56:28.8361697060 /home/codespace/PEASS-ng/winPEAS/README.md
2022-11-14+17:56:28.8361697060 /home/codespace/PEASS-ng/parsers/peas2json.py
2022-11-14+17:56:28.8361697060 /home/codespace/PEASS-ng/parsers/json2pdf.py
2022-11-14+17:56:28.8361697060 /home/codespace/PEASS-ng/linPEAS/images/peass.png
2022-11-14+17:56:28.8361697060 /home/codespace/PEASS-ng/linPEAS/images/network.png
2022-11-14+17:56:28.8361697060 /home/codespace/PEASS-ng/linPEAS/images/linpeas.png
2022-11-14+17:56:28.8321695640 /home/codespace/PEASS-ng/linPEAS/builder/linpeas_parts/linpeas_base.sh
2022-11-14+17:56:28.8281694220 /home/codespace/PEASS-ng/README.md
2022-11-14+17:56:28.8281694220 /home/codespace/PEASS-ng/linPEAS/README.md
2022-11-14+17:56:28.8281694220 /home/codespace/PEASS-ng/LICENSE
2022-11-14+17:56:28.8281694220 /home/codespace/PEASS-ng/.gitignore
2022-11-14+17:47:56.3396595060 /home/codespace/.vscode-remote/extensions/vizzuhq.code-viz-stat-0.1.4/docs/vizzu_logo.png
2022-11-14+17:47:56.2996540390 /home/codespace/.vscode-remote/extensions/vizzuhq.code-viz-stat-0.1.4/assets/vizzu_logo.png
2022-11-14+17:47:55.9636081140 /workspaces/codespaces-jupyter/PEASS-ng/winPEAS/winPEASexe/winPEAS/winPEAS.csproj.user
2022-11-14+17:47:55.9636081140 /workspaces/codespaces-jupyter/PEASS-ng/winPEAS/winPEASexe/winPEAS/winPEAS.csproj
2022-11-14+17:47:55.9556070210 /workspaces/codespaces-jupyter/PEASS-ng/winPEAS/winPEASexe/winPEAS/Properties/AssemblyInfo.cs
2022-11-14+17:47:55.9556070210 /workspaces/codespaces-jupyter/PEASS-ng/winPEAS/winPEASexe/winPEAS/Program.cs
2022-11-14+17:47:55.9396048340 /workspaces/codespaces-jupyter/PEASS-ng/winPEAS/winPEASexe/winPEAS/FodyWeavers.xsd
2022-11-14+17:47:55.9396048340 /workspaces/codespaces-jupyter/PEASS-ng/winPEAS/winPEASexe/winPEAS/FodyWeavers.xml
2022-11-14+17:47:55.9356042870 /workspaces/codespaces-jupyter/PEASS-ng/winPEAS/winPEASexe/winPEAS/App.config
2022-11-14+17:47:55.8915982730 /workspaces/codespaces-jupyter/PEASS-ng/winPEAS/winPEASexe/winPEAS.sln
2022-11-14+17:47:55.8915982730 /workspaces/codespaces-jupyter/PEASS-ng/winPEAS/winPEASexe/images/winpeas.png
2022-11-14+17:47:55.8915982730 /workspaces/codespaces-jupyter/PEASS-ng/winPEAS/winPEASexe/images/screen.png
2022-11-14+17:47:55.8875977270 /workspaces/codespaces-jupyter/PEASS-ng/winPEAS/winPEASexe/README.md
2022-11-14+17:47:55.8875977270 /workspaces/codespaces-jupyter/PEASS-ng/winPEAS/winPEASexe/images/help.png
2022-11-14+17:47:55.8875977270 /workspaces/codespaces-jupyter/PEASS-ng/winPEAS/winPEASexe/images/dotfuscator.PNG
2022-11-14+17:47:55.8875977270 /workspaces/codespaces-jupyter/PEASS-ng/winPEAS/winPEASexe/images/colors.png
2022-11-14+17:47:55.8275895260 /workspaces/codespaces-jupyter/PEASS-ng/winPEAS/winPEASbat/winPEAS.bat
2022-11-14+17:47:55.8275895260 /workspaces/codespaces-jupyter/PEASS-ng/winPEAS/winPEASbat/README.md
2022-11-14+17:47:55.8275895260 /workspaces/codespaces-jupyter/PEASS-ng/winPEAS/README.md
2022-11-14+17:47:55.8275895260 /workspaces/codespaces-jupyter/PEASS-ng/parsers/peas2json.py
2022-11-14+17:47:55.8275895260 /workspaces/codespaces-jupyter/PEASS-ng/parsers/json2pdf.py
2022-11-14+17:47:55.8235889790 /workspaces/codespaces-jupyter/PEASS-ng/linPEAS/images/peass.png
2022-11-14+17:47:55.8235889790 /workspaces/codespaces-jupyter/PEASS-ng/linPEAS/images/network.png
2022-11-14+17:47:55.8235889790 /workspaces/codespaces-jupyter/PEASS-ng/linPEAS/images/linpeas.png
2022-11-14+17:47:55.8235889790 /workspaces/codespaces-jupyter/PEASS-ng/linPEAS/builder/linpeas_parts/linpeas_base.sh
2022-11-14+17:47:55.8155878860 /workspaces/codespaces-jupyter/PEASS-ng/README.md
2022-11-14+17:47:55.8155878860 /workspaces/codespaces-jupyter/PEASS-ng/linPEAS/README.md
2022-11-14+17:47:55.8155878860 /workspaces/codespaces-jupyter/PEASS-ng/LICENSE
2022-11-14+17:47:55.8155878860 /workspaces/codespaces-jupyter/PEASS-ng/.gitignore
2022-11-14+17:47:55.5595528960 /home/codespace/.vscode-remote/extensions/rogalmic.zsh-debug-0.1.3/zshdb_dir/zshdb
2022-11-14+17:47:54.2833784930 /home/codespace/.vscode-remote/extensions/rogalmic.bash-debug-0.3.9/bashdb_dir/bashdb
2022-11-14+17:47:47.7425645960 /home/codespace/.vscode-remote/extensions/github.copilot-1.58.7236/dist/worker.js
2022-11-14+17:47:47.7385640310 /home/codespace/.vscode-remote/extensions/github.copilot-1.58.7236/dist/tree-sitter.wasm
2022-11-14+17:47:47.7385640310 /home/codespace/.vscode-remote/extensions/github.copilot-1.58.7236/dist/tree-sitter-typescript.wasm
2022-11-14+17:47:47.7145606400 /home/codespace/.vscode-remote/extensions/github.copilot-1.58.7236/dist/tree-sitter-ruby.wasm
2022-11-14+17:47:47.7065595100 /home/codespace/.vscode-remote/extensions/github.copilot-1.58.7236/dist/tree-sitter-python.wasm
2022-11-14+17:47:47.7065595100 /home/codespace/.vscode-remote/extensions/github.copilot-1.58.7236/dist/tree-sitter-javascript.wasm
2022-11-14+17:47:47.7025589450 /home/codespace/.vscode-remote/extensions/github.copilot-1.58.7236/dist/tree-sitter-go.wasm
2022-11-14+17:47:45.8743006790 /home/codespace/.vscode-remote/extensions/rebornix.ruby-0.28.1/scripts/link-dist.sh
2022-11-14+17:47:45.8743006790 /home/codespace/.vscode-remote/extensions/rebornix.ruby-0.28.1/scripts/build-dist.sh
2022-11-14+17:47:41.1577634620 /home/codespace/.vscode-remote/extensions/donjayamanne.githistory-0.6.19/resources/fileicons/images/FolderOpen_16x_inverse.svg
2022-11-14+17:47:41.1537630140 /home/codespace/.vscode-remote/extensions/donjayamanne.githistory-0.6.19/resources/fileicons/images/Folder_16x_inverse.svg
╔══════════╣ Unexpected in /opt (usually empty)
total 40
drwxrwsr-x 1 codespace oryx 4096 Nov 14 07:09 .
drwxr-xr-x 1 root root 4096 Nov 14 07:09 ..
drwxrwsr-x 1 codespace oryx 4096 Nov 14 07:09 conda
drwx--s--x 4 root oryx 4096 Nov 14 07:09 containerd
drwxrwsr-x 3 codespace oryx 4096 Nov 14 07:10 dotnet
drwxrwsr-x 2 codespace oryx 4096 Nov 14 07:10 oryx
lrwxrwxrwx 1 codespace oryx 17 Nov 2 18:45 python -> /usr/local/python
drwxrwsr-x 1 codespace oryx 4096 Nov 14 07:10 tmp
╔══════════╣ Unexpected in root
/.codespaces
/vscode
/workspaces
/.dockerenv
/go
/get-pip.py
╔══════════╣ Files (scripts) in /etc/profile.d/
╚ https://book.hacktricks.xyz/linux-hardening/privilege-escalation#profiles-files

╔══════════╣ Permissions in init, init.d, systemd, and rc.d
╚ https://book.hacktricks.xyz/linux-hardening/privilege-escalation#init-init-d-systemd-and-rc-d

═╣ Hashes inside passwd file? ........... No
═╣ Writable passwd file? ................ /etc/passwd is writable
═╣ Credentials in fstab/mtab? ........... No
═╣ Can I read shadow files? ............. root:*:19284:0:99999:7:::
daemon:*:19284:0:99999:7:::
bin:*:19284:0:99999:7:::
sys:*:19284:0:99999:7:::
sync:*:19284:0:99999:7:::
games:*:19284:0:99999:7:::
man:*:19284:0:99999:7:::
lp:*:19284:0:99999:7:::
mail:*:19284:0:99999:7:::
news:*:19284:0:99999:7:::
uucp:*:19284:0:99999:7:::
proxy:*:19284:0:99999:7:::
www-data:*:19284:0:99999:7:::
backup:*:19284:0:99999:7:::
list:*:19284:0:99999:7:::
irc:*:19284:0:99999:7:::
gnats:*:19284:0:99999:7:::
nobody:*:19284:0:99999:7:::
_apt:*:19284:0:99999:7:::
systemd-timesync:*:19298:0:99999:7:::
systemd-network:*:19298:0:99999:7:::
systemd-resolve:*:19298:0:99999:7:::
messagebus:*:19298:0:99999:7:::
codespace:!:19298:0:99999:7:::
sshd:*:19298:0:99999:7:::
root:*:19284:0:99999:7:::
daemon:*:19284:0:99999:7:::
bin:*:19284:0:99999:7:::
sys:*:19284:0:99999:7:::
sync:*:19284:0:99999:7:::
games:*:19284:0:99999:7:::
man:*:19284:0:99999:7:::
lp:*:19284:0:99999:7:::
mail:*:19284:0:99999:7:::
news:*:19284:0:99999:7:::
uucp:*:19284:0:99999:7:::
proxy:*:19284:0:99999:7:::
www-data:*:19284:0:99999:7:::
backup:*:19284:0:99999:7:::
list:*:19284:0:99999:7:::
irc:*:19284:0:99999:7:::
gnats:*:19284:0:99999:7:::
nobody:*:19284:0:99999:7:::
_apt:*:19284:0:99999:7:::
systemd-timesync:*:19298:0:99999:7:::
systemd-network:*:19298:0:99999:7:::
systemd-resolve:*:19298:0:99999:7:::
messagebus:*:19298:0:99999:7:::
codespace:!:19298:0:99999:7:::
sshd:*:19298:0:99999:7:::
root:*::
daemon:*::
bin:*::
sys:*::
adm:*::
tty:*::
disk:*::
lp:*::
mail:*::
news:*::
uucp:*::
man:*::
proxy:*::
kmem:*::
dialout:*::
fax:*::
voice:*::
cdrom:*::
floppy:*::
tape:*::
sudo:*::
audio:*::
dip:*::
www-data:*::
backup:*::
operator:*::
list:*::
irc:*::
src:*::
gnats:*::
shadow:*::
utmp:*::
video:*::
sasl:*::
plugdev:*::
staff:*::
games:*::
users:*::
nogroup:*::
systemd-timesync:!::
systemd-journal:!::
systemd-network:!::
systemd-resolve:!::
messagebus:!::
ssh:!::codespace
codespace:!::
dotnet:!::codespace
hugo:!::codespace
nvm:!::codespace
nvs:!::codespace
python:!::codespace
pipx:!::codespace
php:!::codespace
conda:!::codespace
rvm:!::codespace
sdkman:!::codespace
docker:!::codespace
golang:!::codespace
oryx:!::codespace
root:*::
daemon:*::
bin:*::
sys:*::
adm:*::
tty:*::
disk:*::
lp:*::
mail:*::
news:*::
uucp:*::
man:*::
proxy:*::
kmem:*::
dialout:*::
fax:*::
voice:*::
cdrom:*::
floppy:*::
tape:*::
sudo:*::
audio:*::
dip:*::
www-data:*::
backup:*::
operator:*::
list:*::
irc:*::
src:*::
gnats:*::
shadow:*::
utmp:*::
video:*::
sasl:*::
plugdev:*::
staff:*::
games:*::
users:*::
nogroup:*::
systemd-timesync:!::
systemd-journal:!::
systemd-network:!::
systemd-resolve:!::
messagebus:!::
ssh:!::codespace
codespace:!::
dotnet:!::codespace
hugo:!::codespace
nvm:!::codespace
nvs:!::codespace
python:!::codespace
pipx:!::codespace
php:!::codespace
conda:!::codespace
rvm:!::codespace
sdkman:!::codespace
docker:!::codespace
golang:!::codespace
oryx:!::
═╣ Can I read shadow plists? ............ No
═╣ Can I write shadow plists? ........... No
═╣ Can I read opasswd file? ............. ═╣ Can I write in network-scripts? ...... No
═╣ Can I read root folder? .............. total 76
drwx------ 1 root root 4096 Nov 14 18:08 .
drwxr-xr-x 1 root root 4096 Nov 14 07:09 ..
-rw-r--r-- 1 root root 4286 Nov 2 18:37 .bashrc
drwxr-xr-x 3 root root 4096 Nov 2 18:26 .cache
-rw-r--r-- 1 root root 46 Nov 2 18:37 .condarc
drwxr-xr-x 3 root root 4096 Nov 14 07:10 .config
drwxr-xr-x 5 root root 4096 Nov 14 07:09 .dotnet
-rw-r--r-- 1 root root 161 Nov 2 18:39 .gitconfig
drwx------ 3 root root 4096 Nov 14 18:09 .gnupg
drwxr-xr-x 1 root root 4096 Nov 14 07:10 .local
drwxr-xr-x 12 root root 4096 Nov 14 07:08 .oh-my-zsh
-rw-r--r-- 1 root root 161 Dec 5 2019 .profile
drwxr-xr-x 3 root root 4096 Nov 14 07:09 .rbenv
-rw-r--r-- 1 root root 84 Nov 14 18:06 .rvmrc
-rw-r--r-- 1 root root 165 Nov 2 18:39 .wget-hsts
-rw-r--r-- 1 root root 3897 Nov 2 18:27 .zshrc
╔══════════╣ Searching root files in home dirs (limit 30)
/home/
/home/codespace/.docker
/home/vscode
/home/vscode/.minikube
/root/
/root/.bashrc
/root/.profile
/root/.rvmrc
/root/.gnupg
/root/.gnupg/S.gpg-agent.ssh
/root/.gnupg/trustdb.gpg
/root/.gnupg/S.gpg-agent.extra
/root/.gnupg/private-keys-v1.d
/root/.gnupg/S.gpg-agent.browser
/root/.gnupg/pubring.kbx
/root/.gnupg/S.gpg-agent
/root/.local
/root/.local/share
/root/.local/share/gem
/root/.local/share/gem/specs
/root/.local/share/gem/specs/index.rubygems.org%443
/root/.local/share/gem/specs/index.rubygems.org%443/quick
/root/.local/share/gem/specs/index.rubygems.org%443/quick/Marshal.4.8
/root/.local/share/gem/specs/index.rubygems.org%443/quick/Marshal.4.8/rake-13.0.6.gemspec
/root/.local/share/gem/specs/index.rubygems.org%443/quick/Marshal.4.8/debase-ruby_core_source-0.10.17.gemspec
/root/.local/share/gem/specs/index.rubygems.org%443/quick/Marshal.4.8/ruby-debug-ide-0.7.3.gemspec
/root/.local/share/gem/specs/index.rubygems.org%443/quick/Marshal.4.8/debase-0.2.5.beta2.gemspec
/root/.local/share/gem/specs/index.rubygems.org%443/quick/Marshal.4.8/debase-0.2.4.1.gemspec
/root/.local/share/gem/specs/index.rubygems.org%443/quick/Marshal.4.8/rb-inotify-0.10.1.gemspec
/root/.local/share/gem/specs/index.rubygems.org%443/quick/Marshal.4.8/forwardable-extended-2.6.0.gemspec
╔══════════╣ Modified interesting files in the last 5mins (limit 100)
/home/codespace/.vscode-remote/data/User/workspaceStorage/5c2a5543/vscode.lock
/home/codespace/.vscode-remote/data/logs/20221114T174708/exthost1/output_logging_20221114T174713/1-GitHub Codespaces.log
/tmp/codespaces_logs/20221114_174714_16684480346830_VSCode.log
/tmp/cgroup_3628d4/cgroup.procs
/tmp/cgroup_3628d4/memory.use_hierarchy
/tmp/cgroup_3628d4/memory.kmem.tcp.usage_in_bytes
/tmp/cgroup_3628d4/memory.soft_limit_in_bytes
/tmp/cgroup_3628d4/cgroup.sane_behavior
/tmp/cgroup_3628d4/memory.force_empty
/tmp/cgroup_3628d4/memory.pressure_level
/tmp/cgroup_3628d4/memory.move_charge_at_immigrate
/tmp/cgroup_3628d4/memory.kmem.tcp.max_usage_in_bytes
/tmp/cgroup_3628d4/memory.max_usage_in_bytes
/tmp/cgroup_3628d4/memory.oom_control
/tmp/cgroup_3628d4/memory.stat
/tmp/cgroup_3628d4/memory.kmem.slabinfo
/tmp/cgroup_3628d4/docker/cgroup.procs
/tmp/cgroup_3628d4/docker/memory.use_hierarchy
/tmp/cgroup_3628d4/docker/memory.kmem.tcp.usage_in_bytes
/tmp/cgroup_3628d4/docker/memory.soft_limit_in_bytes
/tmp/cgroup_3628d4/docker/memory.force_empty
/tmp/cgroup_3628d4/docker/memory.pressure_level
/tmp/cgroup_3628d4/docker/memory.move_charge_at_immigrate
/tmp/cgroup_3628d4/docker/memory.kmem.tcp.max_usage_in_bytes
/tmp/cgroup_3628d4/docker/memory.max_usage_in_bytes
/tmp/cgroup_3628d4/docker/memory.oom_control
/tmp/cgroup_3628d4/docker/memory.stat
/tmp/cgroup_3628d4/docker/memory.kmem.slabinfo
/tmp/cgroup_3628d4/docker/memory.limit_in_bytes
/tmp/cgroup_3628d4/docker/memory.swappiness
/tmp/cgroup_3628d4/docker/memory.numa_stat
/tmp/cgroup_3628d4/docker/memory.kmem.failcnt
/tmp/cgroup_3628d4/docker/memory.kmem.max_usage_in_bytes
/tmp/cgroup_3628d4/docker/memory.usage_in_bytes
/tmp/cgroup_3628d4/docker/tasks
/tmp/cgroup_3628d4/docker/memory.failcnt
/tmp/cgroup_3628d4/docker/cgroup.event_control
/tmp/cgroup_3628d4/docker/da49b08ad78e7b81e94915da01383394dc365faf8b2d1ac49fd9f24d658396c2/cgroup.procs
/tmp/cgroup_3628d4/docker/da49b08ad78e7b81e94915da01383394dc365faf8b2d1ac49fd9f24d658396c2/memory.use_hierarchy
/tmp/cgroup_3628d4/docker/da49b08ad78e7b81e94915da01383394dc365faf8b2d1ac49fd9f24d658396c2/memory.kmem.tcp.usage_in_bytes
/tmp/cgroup_3628d4/docker/da49b08ad78e7b81e94915da01383394dc365faf8b2d1ac49fd9f24d658396c2/memory.soft_limit_in_bytes
/tmp/cgroup_3628d4/docker/da49b08ad78e7b81e94915da01383394dc365faf8b2d1ac49fd9f24d658396c2/memory.force_empty
/tmp/cgroup_3628d4/docker/da49b08ad78e7b81e94915da01383394dc365faf8b2d1ac49fd9f24d658396c2/memory.pressure_level
/tmp/cgroup_3628d4/docker/da49b08ad78e7b81e94915da01383394dc365faf8b2d1ac49fd9f24d658396c2/memory.move_charge_at_immigrate
/tmp/cgroup_3628d4/docker/da49b08ad78e7b81e94915da01383394dc365faf8b2d1ac49fd9f24d658396c2/memory.kmem.tcp.max_usage_in_bytes
/tmp/cgroup_3628d4/docker/da49b08ad78e7b81e94915da01383394dc365faf8b2d1ac49fd9f24d658396c2/memory.max_usage_in_bytes
/tmp/cgroup_3628d4/docker/da49b08ad78e7b81e94915da01383394dc365faf8b2d1ac49fd9f24d658396c2/memory.oom_control
/tmp/cgroup_3628d4/docker/da49b08ad78e7b81e94915da01383394dc365faf8b2d1ac49fd9f24d658396c2/memory.stat
/tmp/cgroup_3628d4/docker/da49b08ad78e7b81e94915da01383394dc365faf8b2d1ac49fd9f24d658396c2/memory.kmem.slabinfo
/tmp/cgroup_3628d4/docker/da49b08ad78e7b81e94915da01383394dc365faf8b2d1ac49fd9f24d658396c2/memory.limit_in_bytes
/tmp/cgroup_3628d4/docker/da49b08ad78e7b81e94915da01383394dc365faf8b2d1ac49fd9f24d658396c2/memory.swappiness
/tmp/cgroup_3628d4/docker/da49b08ad78e7b81e94915da01383394dc365faf8b2d1ac49fd9f24d658396c2/memory.numa_stat
/tmp/cgroup_3628d4/docker/da49b08ad78e7b81e94915da01383394dc365faf8b2d1ac49fd9f24d658396c2/memory.kmem.failcnt
/tmp/cgroup_3628d4/docker/da49b08ad78e7b81e94915da01383394dc365faf8b2d1ac49fd9f24d658396c2/memory.kmem.max_usage_in_bytes
/tmp/cgroup_3628d4/docker/da49b08ad78e7b81e94915da01383394dc365faf8b2d1ac49fd9f24d658396c2/memory.usage_in_bytes
/tmp/cgroup_3628d4/docker/da49b08ad78e7b81e94915da01383394dc365faf8b2d1ac49fd9f24d658396c2/tasks
/tmp/cgroup_3628d4/docker/da49b08ad78e7b81e94915da01383394dc365faf8b2d1ac49fd9f24d658396c2/memory.failcnt
/tmp/cgroup_3628d4/docker/da49b08ad78e7b81e94915da01383394dc365faf8b2d1ac49fd9f24d658396c2/memory.kmem.tcp.failcnt
/tmp/cgroup_3628d4/docker/da49b08ad78e7b81e94915da01383394dc365faf8b2d1ac49fd9f24d658396c2/memory.kmem.limit_in_bytes
/tmp/cgroup_3628d4/docker/da49b08ad78e7b81e94915da01383394dc365faf8b2d1ac49fd9f24d658396c2/notify_on_release
/tmp/cgroup_3628d4/docker/da49b08ad78e7b81e94915da01383394dc365faf8b2d1ac49fd9f24d658396c2/memory.kmem.usage_in_bytes
/tmp/cgroup_3628d4/docker/da49b08ad78e7b81e94915da01383394dc365faf8b2d1ac49fd9f24d658396c2/memory.kmem.tcp.limit_in_bytes
/tmp/cgroup_3628d4/docker/da49b08ad78e7b81e94915da01383394dc365faf8b2d1ac49fd9f24d658396c2/cgroup.clone_children
/tmp/cgroup_3628d4/docker/memory.kmem.tcp.failcnt
/tmp/cgroup_3628d4/docker/memory.kmem.limit_in_bytes
/tmp/cgroup_3628d4/docker/notify_on_release
/tmp/cgroup_3628d4/docker/memory.kmem.usage_in_bytes
/tmp/cgroup_3628d4/docker/memory.kmem.tcp.limit_in_bytes
/tmp/cgroup_3628d4/docker/cgroup.clone_children
/tmp/cgroup_3628d4/azsec/cgroup.procs
/tmp/cgroup_3628d4/azsec/memory.use_hierarchy
/tmp/cgroup_3628d4/azsec/memory.kmem.tcp.usage_in_bytes
/tmp/cgroup_3628d4/azsec/memory.force_empty
/tmp/cgroup_3628d4/azsec/memory.pressure_level
/tmp/cgroup_3628d4/azsec/memory.move_charge_at_immigrate
/tmp/cgroup_3628d4/azsec/memory.kmem.tcp.max_usage_in_bytes
/tmp/cgroup_3628d4/azsec/memory.max_usage_in_bytes
/tmp/cgroup_3628d4/azsec/memory.oom_control
/tmp/cgroup_3628d4/azsec/memory.stat
/tmp/cgroup_3628d4/azsec/memory.kmem.slabinfo
/tmp/cgroup_3628d4/azsec/memory.swappiness
/tmp/cgroup_3628d4/azsec/memory.numa_stat
/tmp/cgroup_3628d4/azsec/memory.kmem.failcnt
/tmp/cgroup_3628d4/azsec/memory.kmem.max_usage_in_bytes
/tmp/cgroup_3628d4/azsec/memory.usage_in_bytes
/tmp/cgroup_3628d4/azsec/tasks
/tmp/cgroup_3628d4/azsec/memory.failcnt
/tmp/cgroup_3628d4/azsec/cgroup.event_control
/tmp/cgroup_3628d4/azsec/memory.kmem.tcp.failcnt
/tmp/cgroup_3628d4/azsec/memory.kmem.limit_in_bytes
/tmp/cgroup_3628d4/azsec/notify_on_release
/tmp/cgroup_3628d4/azsec/memory.kmem.usage_in_bytes
/tmp/cgroup_3628d4/azsec/memory.kmem.tcp.limit_in_bytes
/tmp/cgroup_3628d4/azsec/cgroup.clone_children
/tmp/cgroup_3628d4/memory.limit_in_bytes
/tmp/cgroup_3628d4/memory.swappiness
/tmp/cgroup_3628d4/user.slice/cgroup.procs
/tmp/cgroup_3628d4/user.slice/memory.use_hierarchy
/tmp/cgroup_3628d4/user.slice/memory.kmem.tcp.usage_in_bytes
/tmp/cgroup_3628d4/user.slice/memory.soft_limit_in_bytes
╔══════════╣ Files inside /root (limit 20)
total 76
drwx------ 1 root root 4096 Nov 14 18:08 .
drwxr-xr-x 1 root root 4096 Nov 14 07:09 ..
-rw-r--r-- 1 root root 4286 Nov 2 18:37 .bashrc
drwxr-xr-x 3 root root 4096 Nov 2 18:26 .cache
-rw-r--r-- 1 root root 46 Nov 2 18:37 .condarc
drwxr-xr-x 3 root root 4096 Nov 14 07:10 .config
drwxr-xr-x 5 root root 4096 Nov 14 07:09 .dotnet
-rw-r--r-- 1 root root 161 Nov 2 18:39 .gitconfig
drwx------ 3 root root 4096 Nov 14 18:09 .gnupg
drwxr-xr-x 1 root root 4096 Nov 14 07:10 .local
drwxr-xr-x 12 root root 4096 Nov 14 07:08 .oh-my-zsh
-rw-r--r-- 1 root root 161 Dec 5 2019 .profile
drwxr-xr-x 3 root root 4096 Nov 14 07:09 .rbenv
-rw-r--r-- 1 root root 84 Nov 14 18:06 .rvmrc
-rw-r--r-- 1 root root 165 Nov 2 18:39 .wget-hsts
-rw-r--r-- 1 root root 3897 Nov 2 18:27 .zshrc
╔══════════╣ Files inside others home (limit 20)
/home/codespace/.oh-my-zsh/LICENSE.txt
/home/codespace/.oh-my-zsh/.github/PULL_REQUEST_TEMPLATE.md
/home/codespace/.oh-my-zsh/.github/CODEOWNERS
/home/codespace/.oh-my-zsh/.github/ISSUE_TEMPLATE/feature_request.yml
/home/codespace/.oh-my-zsh/.github/ISSUE_TEMPLATE/bug_report_omz.yml
/home/codespace/.oh-my-zsh/.github/ISSUE_TEMPLATE/config.yml
/home/codespace/.oh-my-zsh/.github/ISSUE_TEMPLATE/bug_report.yml
/home/codespace/.oh-my-zsh/.github/workflows/project.yml
/home/codespace/.oh-my-zsh/.github/workflows/main.yml
/home/codespace/.oh-my-zsh/.github/FUNDING.yml
/home/codespace/.oh-my-zsh/custom/themes/codespaces.zsh-theme
/home/codespace/.oh-my-zsh/custom/themes/example.zsh-theme
/home/codespace/.oh-my-zsh/custom/example.zsh
/home/codespace/.oh-my-zsh/custom/plugins/example/example.plugin.zsh
/home/codespace/.oh-my-zsh/SECURITY.md
/home/codespace/.oh-my-zsh/oh-my-zsh.sh
/home/codespace/.oh-my-zsh/.gitignore
/home/codespace/.oh-my-zsh/themes/robbyrussell.zsh-theme
/home/codespace/.oh-my-zsh/themes/gallifrey.zsh-theme
/home/codespace/.oh-my-zsh/themes/xiong-chiamiov-plus.zsh-theme
╔══════════╣ Searching installed mail applications

╔══════════╣ Mails (limit 50)

╔══════════╣ Backup files (limited 100)
-rw-r--r-- 1 codespace codespace 7138 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/zignd.html-css-class-completion-1.20.0/node_modules/form-data/README.md.bak
-rw-r--r-- 1 codespace codespace 26578 Nov 14 17:56 /home/codespace/PEASS-ng/winPEAS/winPEASexe/winPEAS/3rdParty/SQLite/src/backup_c.cs
-rw-rw-r-- 1 codespace nvm 7138 Nov 1 11:14 /usr/local/share/nvm/versions/node/v14.21.0/lib/node_modules/npm/node_modules/form-data/README.md.bak
-rw-rw-r-- 1 codespace python 7785 Nov 2 18:29 /usr/local/python/3.10.4/lib/python3.10/sqlite3/test/__pycache__/backup.cpython-310.opt-2.pyc
-rw-rw-r-- 1 codespace python 7785 Nov 2 18:29 /usr/local/python/3.10.4/lib/python3.10/sqlite3/test/__pycache__/backup.cpython-310.pyc
-rw-rw-r-- 1 codespace python 7785 Nov 2 18:29 /usr/local/python/3.10.4/lib/python3.10/sqlite3/test/__pycache__/backup.cpython-310.opt-1.pyc
-rw-rw-r-- 1 codespace python 5849 Nov 2 18:29 /usr/local/python/3.10.4/lib/python3.10/sqlite3/test/backup.py
-rw-rw-r-- 1 codespace python 7784 Nov 2 18:30 /usr/local/python/3.9.7/lib/python3.9/sqlite3/test/__pycache__/backup.cpython-39.opt-1.pyc
-rw-rw-r-- 1 codespace python 7784 Nov 2 18:30 /usr/local/python/3.9.7/lib/python3.9/sqlite3/test/__pycache__/backup.cpython-39.opt-2.pyc
-rw-rw-r-- 1 codespace python 7784 Nov 2 18:30 /usr/local/python/3.9.7/lib/python3.9/sqlite3/test/__pycache__/backup.cpython-39.pyc
-rw-rw-r-- 1 codespace python 5963 Nov 2 18:30 /usr/local/python/3.9.7/lib/python3.9/sqlite3/test/backup.py
-rw-r--r-- 1 root rvm 264 Nov 2 18:45 /usr/local/rvm/gems/ruby-3.1.2/doc/jekyll-4.3.1/ri/Jekyll/EntryFilter/backup%3f-i.ri
-rw-r--r-- 1 root rvm 255479 Nov 2 18:43 /usr/local/rvm/gems/ruby-3.1.2/gems/ffi-1.15.5/ext/ffi_c/libffi/ChangeLog.old
-rw-r--r-- 1 root root 392817 Feb 9 2020 /usr/share/doc/manpages/Changes.old.gz
-rw-r--r-- 1 root root 97218 Aug 20 2020 /usr/share/doc/valgrind/html/dist.news.old.html
-rw-rw-rw- 1 codespace codespace 26578 Nov 14 17:47 /workspaces/codespaces-jupyter/PEASS-ng/winPEAS/winPEASexe/winPEAS/3rdParty/SQLite/src/backup_c.cs
-rw-r--r-- 1 root root 0 Nov 14 17:47 /workspaces/.codespaces/.persistedshare/prefetched_user_data.old
-rw-r--r-- 1 codespace root 431 Nov 14 14:34 /workspaces/.codespaces/.persistedshare/ContainerTerminalLogbackup.txt
-rw-r--r-- 1 codespace root 12782 Nov 14 14:34 /workspaces/.codespaces/.persistedshare/ContainerLogbackup.txt
╔══════════╣ Searching tables inside readable .db/.sql/.sqlite files (limit 100)
Found /var/lib/docker/buildkit/cache.db: data
Found /var/lib/docker/buildkit/containerdmeta.db: data
Found /var/lib/docker/buildkit/metadata_v2.db: data
Found /var/lib/docker/buildkit/snapshots.db: data
Found /var/lib/docker/containerd/daemon/io.containerd.metadata.v1.bolt/meta.db: data
Found /var/lib/docker/network/files/local-kv.db: data
Found /var/lib/docker/volumes/metadata.db: data
╔══════════╣ Web files?(output limit)

╔══════════╣ All hidden files (not in /sys/ or the ones listed in the previous check) (limit 70)
-rw-rw-r-- 1 codespace codespace 115 Nov 2 18:27 /home/codespace/.oh-my-zsh/.editorconfig
-rw-rw-r-- 1 codespace codespace 44 Nov 2 18:27 /home/codespace/.oh-my-zsh/plugins/shell-proxy/.editorconfig
-rw-rw-r-- 1 codespace codespace 3897 Nov 2 18:27 /home/codespace/.zshrc
-rw-rw-r-- 1 codespace codespace 220 Feb 25 2020 /home/codespace/.bash_logout
-rw-r--r-- 1 codespace codespace 116 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/redhat.java-1.1.0/.sdkmanrc
-rw-r--r-- 1 codespace codespace 2824 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/redhat.java-1.1.0/.vsixmanifest
-rw-r--r-- 1 codespace codespace 3225 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/ms-python.python-2022.18.2/.vsixmanifest
-rw-r--r-- 1 codespace codespace 14203 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/ms-python.python-2022.18.2/.eslintignore
-rw-r--r-- 1 codespace codespace 2703 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/vscjava.vscode-java-dependency-0.21.1/.vsixmanifest
-rw-r--r-- 1 codespace codespace 2719 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/vscjava.vscode-java-debug-0.46.0/.vsixmanifest
-rw-r--r-- 1 codespace codespace 2745 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/ms-vscode.cmake-tools-1.12.27/.vsixmanifest
-rw-r--r-- 1 codespace codespace 48 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/rogalmic.zsh-debug-0.1.3/node_modules/minimist/.travis.yml
-rw-r--r-- 1 codespace codespace 116 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/rogalmic.zsh-debug-0.1.3/node_modules/mkdirp/.travis.yml
-rw-r--r-- 1 codespace codespace 82 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/rogalmic.zsh-debug-0.1.3/node_modules/npm-which/.travis.yml
-rw-r--r-- 1 codespace codespace 1142 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/rogalmic.zsh-debug-0.1.3/node_modules/npm-path/.travis.yml
-rw-r--r-- 1 codespace codespace 26 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/rogalmic.zsh-debug-0.1.3/node_modules/npm-path/.babelrc
-rw-r--r-- 1 codespace codespace 3069 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/rogalmic.zsh-debug-0.1.3/.vsixmanifest
-rw-r--r-- 1 codespace codespace 2818 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/ms-python.isort-2022.6.0/.vsixmanifest
-rw-r--r-- 1 codespace codespace 2648 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/ms-toolsai.vscode-jupyter-slideshow-0.1.5/.vsixmanifest
-rw-r--r-- 1 codespace codespace 23 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/vizzuhq.code-viz-stat-0.1.4/node_modules/@microsoft/fast-web-utilities/.prettierignore
-rw-r--r-- 1 codespace codespace 86 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/vizzuhq.code-viz-stat-0.1.4/node_modules/@microsoft/fast-web-utilities/.eslintrc.js
-rw-r--r-- 1 codespace codespace 137 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/vizzuhq.code-viz-stat-0.1.4/node_modules/@microsoft/fast-web-utilities/.mocharc.json
-rw-r--r-- 1 codespace codespace 167 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/vizzuhq.code-viz-stat-0.1.4/node_modules/@microsoft/fast-web-utilities/.eslintignore
-rw-r--r-- 1 codespace codespace 2742 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/vizzuhq.code-viz-stat-0.1.4/.vsixmanifest
-rw-r--r-- 1 codespace codespace 2570 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/wingrunr21.vscode-ruby-0.28.0/.vsixmanifest
-rw-r--r-- 1 codespace codespace 97 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/hashicorp.terraform-2.19.0/node_modules/@hashicorp/js-releases/.mocharc.json
-rw-r--r-- 1 codespace codespace 284 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/hashicorp.terraform-2.19.0/node_modules/reusify/.travis.yml
-rw-r--r-- 1 codespace codespace 46 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/hashicorp.terraform-2.19.0/node_modules/reusify/.coveralls.yml
-rw-r--r-- 1 codespace codespace 43 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/hashicorp.terraform-2.19.0/node_modules/concat-map/.travis.yml
-rw-r--r-- 1 codespace codespace 3658 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/hashicorp.terraform-2.19.0/node_modules/short-unique-id/.all-contributorsrc
-rw-r--r-- 1 codespace codespace 58 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/hashicorp.terraform-2.19.0/node_modules/node-localstorage/.travis.yml
-rw-r--r-- 1 codespace codespace 71 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/hashicorp.terraform-2.19.0/node_modules/node-localstorage/.coveralls.yml
-rw-r--r-- 1 codespace codespace 377 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/hashicorp.terraform-2.19.0/node_modules/asn1.js/.eslintrc.js
-rw-r--r-- 1 codespace codespace 2828 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/hashicorp.terraform-2.19.0/.vsixmanifest
-rw-r--r-- 1 codespace codespace 2716 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/vscjava.vscode-maven-0.39.2/.vsixmanifest
-rw-r--r-- 1 codespace codespace 32 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/cschlosser.doxdocgen-1.4.0/node_modules/is-url/.travis.yml
-rw-r--r-- 1 codespace codespace 527 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/cschlosser.doxdocgen-1.4.0/.nycrc
-rw-r--r-- 1 codespace codespace 3220 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/cschlosser.doxdocgen-1.4.0/.vsixmanifest
-rw-r--r-- 1 codespace codespace 2802 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/uctakeoff.vscode-counter-3.1.0/.vsixmanifest
-rw-r--r-- 1 codespace codespace 2611 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/ms-python.vscode-pylance-2022.11.20/.vsixmanifest
-rw-r--r-- 1 codespace codespace 129 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/ms-vscode.cpptools-1.7.1/ui/.eslintrc.js
-rw-r--r-- 1 codespace codespace 2892 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/ms-vscode.cpptools-1.7.1/.vsixmanifest
-rw-r--r-- 1 codespace codespace 65 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/ms-vscode.cpptools-1.7.1/.eslintignore
-rw-r--r-- 1 codespace codespace 3131 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/esbenp.prettier-vscode-9.9.0/.vsixmanifest
-rw-r--r-- 1 codespace codespace 444 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/ms-azuretools.vscode-docker-1.22.2/resources/templates/.dockerignore.template
-rw-r--r-- 1 codespace codespace 2890 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/ms-azuretools.vscode-docker-1.22.2/.vsixmanifest
-rw-r--r-- 1 codespace codespace 2608 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/jeff-hykin.better-cpp-syntax-1.16.3/.vsixmanifest
-rw-r--r-- 1 codespace codespace 32 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/redhat.vscode-yaml-1.10.1/.prettierignore
-rw-r--r-- 1 codespace codespace 2734 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/redhat.vscode-yaml-1.10.1/.vsixmanifest
-rw-r--r-- 1 codespace codespace 2774 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/visualstudioexptteam.intellicode-api-usage-examples-0.2.6/.vsixmanifest
-rw-r--r-- 1 codespace codespace 3223 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/ms-toolsai.jupyter-2022.9.1202862440/.vsixmanifest
-rw-r--r-- 1 codespace codespace 2893 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/ms-vscode.powershell-2022.10.0/.vsixmanifest
-rw-r--r-- 1 codespace codespace 2723 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/ms-vscode.cpptools-extension-pack-1.3.0/.vsixmanifest
-rw-r--r-- 1 codespace codespace 2618 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/vscjava.vscode-java-test-0.37.1/.vsixmanifest
-rw-r--r-- 1 codespace codespace 2762 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/ms-toolsai.vscode-jupyter-cell-tags-0.1.6/.vsixmanifest
-rw-r--r-- 1 codespace codespace 2567 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/mohd-akram.vscode-html-format-0.0.5/.vsixmanifest
-rw-r--r-- 1 codespace codespace 91 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/zignd.html-css-class-completion-1.20.0/node_modules/aws4/.travis.yml
-rw-r--r-- 1 codespace codespace 113 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/zignd.html-css-class-completion-1.20.0/node_modules/getpass/.travis.yml
-rw-r--r-- 1 codespace codespace 439 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/zignd.html-css-class-completion-1.20.0/node_modules/ajv/.tonic_example.js
-rw-r--r-- 1 codespace codespace 62 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/zignd.html-css-class-completion-1.20.0/node_modules/ajv/scripts/.eslintrc.yml
-rw-r--r-- 1 codespace codespace 554 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/zignd.html-css-class-completion-1.20.0/node_modules/qs/.eslintrc
-rw-r--r-- 1 codespace codespace 348 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/zignd.html-css-class-completion-1.20.0/node_modules/qs/test/.eslintrc
-rw-r--r-- 1 codespace codespace 399 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/zignd.html-css-class-completion-1.20.0/node_modules/qs/.editorconfig
-rw-r--r-- 1 codespace codespace 5 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/zignd.html-css-class-completion-1.20.0/node_modules/qs/.eslintignore
-rw-r--r-- 1 codespace codespace 65 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/zignd.html-css-class-completion-1.20.0/node_modules/performance-now/.travis.yml
-rw-r--r-- 1 codespace codespace 193 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/zignd.html-css-class-completion-1.20.0/node_modules/performance-now/.tm_properties
-rw-r--r-- 1 codespace codespace 189 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/zignd.html-css-class-completion-1.20.0/node_modules/sshpk/.travis.yml
-rw-r--r-- 1 codespace codespace 111 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/zignd.html-css-class-completion-1.20.0/node_modules/fast-json-stable-stringify/.travis.yml
-rw-r--r-- 1 codespace codespace 562 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/zignd.html-css-class-completion-1.20.0/node_modules/fast-json-stable-stringify/.eslintrc.yml
-rw-r--r-- 1 codespace codespace 397 Nov 14 17:47 /home/codespace/.vscode-remote/extensions/zignd.html-css-class-completion-1.20.0/node_modules/extend/.eslintrc
╔══════════╣ Readable files inside /tmp, /var/tmp, /private/tmp, /private/var/at/tmp, /private/var/tmp, and backup folders (limit 70)
-rw-r--rw- 1 root root 10510 Nov 14 14:34 /tmp/dockerd.log
-rw-r--rw- 1 codespace codespace 240905 Nov 14 18:09 /tmp/codespaces_logs/20221114_174714_16684480346830_VSCode.log
-rw-r--r-- 1 root root 0 Nov 14 18:09 /tmp/cgroup_3628d4/cgroup.procs
-rw-r--r-- 1 root root 0 Nov 14 18:09 /tmp/cgroup_3628d4/memory.use_hierarchy
-r--r--r-- 1 root root 0 Nov 14 18:09 /tmp/cgroup_3628d4/memory.kmem.tcp.usage_in_bytes
-rw-r--r-- 1 root root 0 Nov 14 18:09 /tmp/cgroup_3628d4/memory.soft_limit_in_bytes
-r--r--r-- 1 root root 0 Nov 14 18:09 /tmp/cgroup_3628d4/cgroup.sane_behavior
--w------- 1 root root 0 Nov 14 18:09 /tmp/cgroup_3628d4/memory.force_empty
---------- 1 root root 0 Nov 14 18:09 /tmp/cgroup_3628d4/memory.pressure_level
-rw-r--r-- 1 root root 0 Nov 14 18:09 /tmp/cgroup_3628d4/memory.move_charge_at_immigrate
-rw-r--r-- 1 root root 0 Nov 14 18:09 /tmp/cgroup_3628d4/memory.kmem.tcp.max_usage_in_bytes
-rw-r--r-- 1 root root 0 Nov 14 18:09 /tmp/cgroup_3628d4/memory.max_usage_in_bytes
-rw-r--r-- 1 root root 0 Nov 14 18:09 /tmp/cgroup_3628d4/memory.oom_control
-r--r--r-- 1 root root 0 Nov 14 18:09 /tmp/cgroup_3628d4/memory.stat
-r--r--r-- 1 root root 0 Nov 14 18:09 /tmp/cgroup_3628d4/memory.kmem.slabinfo
-rw-r--r-- 1 root root 0 Nov 14 18:09 /tmp/cgroup_3628d4/docker/cgroup.procs
-rw-r--r-- 1 root root 0 Nov 14 18:09 /tmp/cgroup_3628d4/docker/memory.use_hierarchy
-r--r--r-- 1 root root 0 Nov 14 18:09 /tmp/cgroup_3628d4/docker/memory.kmem.tcp.usage_in_bytes
-rw-r--r-- 1 root root 0 Nov 14 18:09 /tmp/cgroup_3628d4/docker/memory.soft_limit_in_bytes
--w------- 1 root root 0 Nov 14 18:09 /tmp/cgroup_3628d4/docker/memory.force_empty
---------- 1 root root 0 Nov 14 18:09 /tmp/cgroup_3628d4/docker/memory.pressure_level
-rw-r--r-- 1 root root 0 Nov 14 18:09 /tmp/cgroup_3628d4/docker/memory.move_charge_at_immigrate
-rw-r--r-- 1 root root 0 Nov 14 18:09 /tmp/cgroup_3628d4/docker/memory.kmem.tcp.max_usage_in_bytes
-rw-r--r-- 1 root root 0 Nov 14 18:09 /tmp/cgroup_3628d4/docker/memory.max_usage_in_bytes
-rw-r--r-- 1 root root 0 Nov 14 18:09 /tmp/cgroup_3628d4/docker/memory.oom_control
-r--r--r-- 1 root root 0 Nov 14 18:09 /tmp/cgroup_3628d4/docker/memory.stat
-r--r--r-- 1 root root 0 Nov 14 18:09 /tmp/cgroup_3628d4/docker/memory.kmem.slabinfo
-rw-r--r-- 1 root root 0 Nov 14 18:09 /tmp/cgroup_3628d4/docker/memory.limit_in_bytes
-rw-r--r-- 1 root root 0 Nov 14 18:09 /tmp/cgroup_3628d4/docker/memory.swappiness
-r--r--r-- 1 root root 0 Nov 14 18:09 /tmp/cgroup_3628d4/docker/memory.numa_stat
-rw-r--r-- 1 root root 0 Nov 14 18:09 /tmp/cgroup_3628d4/docker/memory.kmem.failcnt
-rw-r--r-- 1 root root 0 Nov 14 18:09 /tmp/cgroup_3628d4/docker/memory.kmem.max_usage_in_bytes
-r--r--r-- 1 root root 0 Nov 14 18:09 /tmp/cgroup_3628d4/docker/memory.usage_in_bytes
-rw-r--r-- 1 root root 0 Nov 14 18:09 /tmp/cgroup_3628d4/docker/tasks
-rw-r--r-- 1 root root 0 Nov 14 18:09 /tmp/cgroup_3628d4/docker/memory.failcnt
--w--w--w- 1 root root 0 Nov 14 18:09 /tmp/cgroup_3628d4/docker/cgroup.event_control
-rw-r--r-- 1 root root 0 Nov 14 18:09 /tmp/cgroup_3628d4/docker/da49b08ad78e7b81e94915da01383394dc365faf8b2d1ac49fd9f24d658396c2/cgroup.procs
-rw-r--r-- 1 root root 0 Nov 14 18:09 /tmp/cgroup_3628d4/docker/da49b08ad78e7b81e94915da01383394dc365faf8b2d1ac49fd9f24d658396c2/memory.use_hierarchy
-r--r--r-- 1 root root 0 Nov 14 18:09 /tmp/cgroup_3628d4/docker/da49b08ad78e7b81e94915da01383394dc365faf8b2d1ac49fd9f24d658396c2/memory.kmem.tcp.usage_in_bytes
-rw-r--r-- 1 root root 0 Nov 14 18:09 /tmp/cgroup_3628d4/docker/da49b08ad78e7b81e94915da01383394dc365faf8b2d1ac49fd9f24d658396c2/memory.soft_limit_in_bytes
--w------- 1 root root 0 Nov 14 18:09 /tmp/cgroup_3628d4/docker/da49b08ad78e7b81e94915da01383394dc365faf8b2d1ac49fd9f24d658396c2/memory.force_empty
---------- 1 root root 0 Nov 14 18:09 /tmp/cgroup_3628d4/docker/da49b08ad78e7b81e94915da01383394dc365faf8b2d1ac49fd9f24d658396c2/memory.pressure_level
-rw-r--r-- 1 root root 0 Nov 14 18:09 /tmp/cgroup_3628d4/docker/da49b08ad78e7b81e94915da01383394dc365faf8b2d1ac49fd9f24d658396c2/memory.move_charge_at_immigrate
-rw-r--r-- 1 root root 0 Nov 14 18:09 /tmp/cgroup_3628d4/docker/da49b08ad78e7b81e94915da01383394dc365faf8b2d1ac49fd9f24d658396c2/memory.kmem.tcp.max_usage_in_bytes
-rw-r--r-- 1 root root 0 Nov 14 18:09 /tmp/cgroup_3628d4/docker/da49b08ad78e7b81e94915da01383394dc365faf8b2d1ac49fd9f24d658396c2/memory.max_usage_in_bytes
-rw-r--r-- 1 root root 0 Nov 14 18:09 /tmp/cgroup_3628d4/docker/da49b08ad78e7b81e94915da01383394dc365faf8b2d1ac49fd9f24d658396c2/memory.oom_control
-r--r--r-- 1 root root 0 Nov 14 18:09 /tmp/cgroup_3628d4/docker/da49b08ad78e7b81e94915da01383394dc365faf8b2d1ac49fd9f24d658396c2/memory.stat
-r--r--r-- 1 root root 0 Nov 14 18:09 /tmp/cgroup_3628d4/docker/da49b08ad78e7b81e94915da01383394dc365faf8b2d1ac49fd9f24d658396c2/memory.kmem.slabinfo
-rw-r--r-- 1 root root 0 Nov 14 18:09 /tmp/cgroup_3628d4/docker/da49b08ad78e7b81e94915da01383394dc365faf8b2d1ac49fd9f24d658396c2/memory.limit_in_bytes
-rw-r--r-- 1 root root 0 Nov 14 18:09 /tmp/cgroup_3628d4/docker/da49b08ad78e7b81e94915da01383394dc365faf8b2d1ac49fd9f24d658396c2/memory.swappiness
-r--r--r-- 1 root root 0 Nov 14 18:09 /tmp/cgroup_3628d4/docker/da49b08ad78e7b81e94915da01383394dc365faf8b2d1ac49fd9f24d658396c2/memory.numa_stat
-rw-r--r-- 1 root root 0 Nov 14 18:09 /tmp/cgroup_3628d4/docker/da49b08ad78e7b81e94915da01383394dc365faf8b2d1ac49fd9f24d658396c2/memory.kmem.failcnt
-rw-r--r-- 1 root root 0 Nov 14 18:09 /tmp/cgroup_3628d4/docker/da49b08ad78e7b81e94915da01383394dc365faf8b2d1ac49fd9f24d658396c2/memory.kmem.max_usage_in_bytes
-r--r--r-- 1 root root 0 Nov 14 18:09 /tmp/cgroup_3628d4/docker/da49b08ad78e7b81e94915da01383394dc365faf8b2d1ac49fd9f24d658396c2/memory.usage_in_bytes
-rw-r--r-- 1 root root 0 Nov 14 18:09 /tmp/cgroup_3628d4/docker/da49b08ad78e7b81e94915da01383394dc365faf8b2d1ac49fd9f24d658396c2/tasks
-rw-r--r-- 1 root root 0 Nov 14 18:09 /tmp/cgroup_3628d4/docker/da49b08ad78e7b81e94915da01383394dc365faf8b2d1ac49fd9f24d658396c2/memory.failcnt
--w--w--w- 1 root root 0 Nov 14 14:34 /tmp/cgroup_3628d4/docker/da49b08ad78e7b81e94915da01383394dc365faf8b2d1ac49fd9f24d658396c2/cgroup.event_control
-rw-r--r-- 1 root root 0 Nov 14 18:09 /tmp/cgroup_3628d4/docker/da49b08ad78e7b81e94915da01383394dc365faf8b2d1ac49fd9f24d658396c2/memory.kmem.tcp.failcnt
-rw-r--r-- 1 root root 0 Nov 14 18:09 /tmp/cgroup_3628d4/docker/da49b08ad78e7b81e94915da01383394dc365faf8b2d1ac49fd9f24d658396c2/memory.kmem.limit_in_bytes
-rw-r--r-- 1 root root 0 Nov 14 18:09 /tmp/cgroup_3628d4/docker/da49b08ad78e7b81e94915da01383394dc365faf8b2d1ac49fd9f24d658396c2/notify_on_release
-r--r--r-- 1 root root 0 Nov 14 18:09 /tmp/cgroup_3628d4/docker/da49b08ad78e7b81e94915da01383394dc365faf8b2d1ac49fd9f24d658396c2/memory.kmem.usage_in_bytes
-rw-r--r-- 1 root root 0 Nov 14 18:09 /tmp/cgroup_3628d4/docker/da49b08ad78e7b81e94915da01383394dc365faf8b2d1ac49fd9f24d658396c2/memory.kmem.tcp.limit_in_bytes
-rw-r--r-- 1 root root 0 Nov 14 18:09 /tmp/cgroup_3628d4/docker/da49b08ad78e7b81e94915da01383394dc365faf8b2d1ac49fd9f24d658396c2/cgroup.clone_children
-rw-r--r-- 1 root root 0 Nov 14 18:09 /tmp/cgroup_3628d4/docker/memory.kmem.tcp.failcnt
-rw-r--r-- 1 root root 0 Nov 14 18:09 /tmp/cgroup_3628d4/docker/memory.kmem.limit_in_bytes
-rw-r--r-- 1 root root 0 Nov 14 18:09 /tmp/cgroup_3628d4/docker/notify_on_release
-r--r--r-- 1 root root 0 Nov 14 18:09 /tmp/cgroup_3628d4/docker/memory.kmem.usage_in_bytes
-rw-r--r-- 1 root root 0 Nov 14 18:09 /tmp/cgroup_3628d4/docker/memory.kmem.tcp.limit_in_bytes
-rw-r--r-- 1 root root 0 Nov 14 18:09 /tmp/cgroup_3628d4/docker/cgroup.clone_children
-rw-r--r-- 1 root root 0 Nov 14 18:09 /tmp/cgroup_3628d4/azsec/cgroup.procs
╔══════════╣ Searching passwords in history files
Binary file /home/codespace/.local/lib/python3.10/site-packages/IPython/core/tests/__pycache__/test_history.cpython-310.pyc matches
Binary file /opt/conda/lib/python3.10/idlelib/idle_test/__pycache__/test_history.cpython-310.pyc matches
@classmethod
@classmethod
cls.root = tk.Tk()
cls.root.withdraw()
self.text = text = TextWrapper(self.root)
@classmethod
cls.root.destroy()
del cls.root
Binary file /usr/local/python/3.10.4/lib/python3.10/idlelib/idle_test/__pycache__/test_history.cpython-310.opt-1.pyc matches
Binary file /usr/local/python/3.10.4/lib/python3.10/idlelib/idle_test/__pycache__/test_history.cpython-310.opt-2.pyc matches
Binary file /usr/local/python/3.10.4/lib/python3.10/idlelib/idle_test/__pycache__/test_history.cpython-310.pyc matches
@classmethod
@classmethod
cls.root = tk.Tk()
cls.root.withdraw()
self.text = text = TextWrapper(self.root)
@classmethod
cls.root.destroy()
del cls.root
Binary file /usr/local/python/3.9.7/lib/python3.9/idlelib/idle_test/__pycache__/test_history.cpython-39.opt-1.pyc matches
Binary file /usr/local/python/3.9.7/lib/python3.9/idlelib/idle_test/__pycache__/test_history.cpython-39.opt-2.pyc matches
Binary file /usr/local/python/3.9.7/lib/python3.9/idlelib/idle_test/__pycache__/test_history.cpython-39.pyc matches
@classmethod
@classmethod
cls.root = tk.Tk()
cls.root.withdraw()
self.text = text = TextWrapper(self.root)
@classmethod
cls.root.destroy()
del cls.root
@stats = stats
@items = { _seq_: 1 }
@threads = { _seq_: "A" }
@stats = stats
@items = { _seq_: 1 }
@threads = { _seq_: "A" }
@stats = stats
@items = { _seq_: 1 }
@threads = { _seq_: "A" }
SUFFIX="$SUFFIX$ISUFFIX"
_history_complete_word "$@"
"r:root - strip suffix"
╔══════════╣ Searching *password* or *credential* files in home (limit 70)
/etc/pam.d/common-password
/home/codespace/.local/lib/python3.10/site-packages/argon2/_password_hasher.py
/home/codespace/.local/lib/python3.10/site-packages/argon2/__pycache__/_password_hasher.cpython-310.pyc
/home/codespace/.local/lib/python3.10/site-packages/jedi/third_party/django-stubs/django-stubs/contrib/auth/management/commands/changepassword.pyi
/home/codespace/.local/lib/python3.10/site-packages/jedi/third_party/django-stubs/django-stubs/contrib/auth/password_validation.pyi
/home/codespace/.local/lib/python3.10/site-packages/tornado/test/test.key
/home/codespace/.oh-my-zsh/plugins/1password
/home/codespace/.oh-my-zsh/plugins/1password/1password.plugin.zsh
/home/codespace/.vscode-remote/extensions/ms-python.python-2022.18.2/pythonFiles/lib/jedilsp/jedi/third_party/django-stubs/django-stubs/contrib/auth/management/commands/changepassword.pyi
/home/codespace/.vscode-remote/extensions/ms-python.python-2022.18.2/pythonFiles/lib/jedilsp/jedi/third_party/django-stubs/django-stubs/contrib/auth/password_validation.pyi
/home/codespace/.vscode-remote/extensions/ms-python.vscode-pylance-2022.11.20/dist/bundled/stubs/django/contrib/auth/management/commands/changepassword.pyi
/home/codespace/.vscode-remote/extensions/ms-python.vscode-pylance-2022.11.20/dist/bundled/stubs/django/contrib/auth/password_validation.pyi
/home/codespace/.vscode-remote/extensions/ms-python.vscode-pylance-2022.11.20/dist/bundled/stubs/django-stubs/contrib/auth/management/commands/changepassword.pyi
/home/codespace/.vscode-remote/extensions/ms-python.vscode-pylance-2022.11.20/dist/bundled/stubs/django-stubs/contrib/auth/password_validation.pyi
/home/codespace/.vscode-remote/extensions/ms-python.vscode-pylance-2022.11.20/dist/typeshed-fallback/stubs/braintree/braintree/credentials_parser.pyi
/home/codespace/.vscode-remote/extensions/ms-python.vscode-pylance-2022.11.20/dist/typeshed-fallback/stubs/braintree/braintree/oauth_credentials.pyi
/home/codespace/.vscode-remote/extensions/ms-python.vscode-pylance-2022.11.20/dist/typeshed-fallback/stubs/oauthlib/oauthlib/oauth2/rfc6749/grant_types/client_credentials.pyi
/home/codespace/.vscode-remote/extensions/ms-python.vscode-pylance-2022.11.20/dist/typeshed-fallback/stubs/oauthlib/oauthlib/oauth2/rfc6749/grant_types/resource_owner_password_credentials.pyi
/root/.oh-my-zsh/plugins/1password
/root/.oh-my-zsh/plugins/1password/1password.plugin.zsh
/usr/bin/systemd-ask-password
/usr/bin/systemd-tty-ask-password-agent
/usr/include/gio-unix-2.0/gio/gunixcredentialsmessage.h
/usr/include/glib-2.0/gio/gcredentials.h
/usr/include/glib-2.0/gio/gtlspassword.h
/usr/include/libsecret-1/libsecret/secret-password.h
/usr/lib/git-core/git-credential
/usr/lib/git-core/git-credential-cache
/usr/lib/git-core/git-credential-cache--daemon
/usr/lib/git-core/git-credential-store
#)There are more creds/passwds files in the previous parent folder
/usr/lib/systemd/system/multi-user.target.wants/systemd-ask-password-wall.path
/usr/lib/systemd/system/sysinit.target.wants/systemd-ask-password-console.path
/usr/lib/systemd/system/systemd-ask-password-console.path
/usr/lib/systemd/system/systemd-ask-password-console.service
/usr/lib/systemd/system/systemd-ask-password-wall.path
/usr/lib/systemd/system/systemd-ask-password-wall.service
#)There are more creds/passwds files in the previous parent folder
/usr/local/libexec/git-core/git-credential
/usr/local/libexec/git-core/git-credential-cache
/usr/local/libexec/git-core/git-credential-cache--daemon
/usr/local/libexec/git-core/git-credential-store
#)There are more creds/passwds files in the previous parent folder
/usr/local/php/8.1.4/include/php/ext/standard/php_password.h
/usr/local/py-utils/venvs/bandit/lib/python3.10/site-packages/bandit/plugins/general_hardcoded_password.py
/usr/local/py-utils/venvs/bandit/lib/python3.10/site-packages/bandit/plugins/__pycache__/general_hardcoded_password.cpython-310.pyc
/usr/local/rvm/gems/ruby-3.1.2/doc/addressable-2.8.1/ri/Addressable/URI/normalized_password-i.ri
/usr/local/rvm/gems/ruby-3.1.2/doc/addressable-2.8.1/ri/Addressable/URI/password%3d-i.ri
/usr/local/rvm/gems/ruby-3.1.2/doc/addressable-2.8.1/ri/Addressable/URI/password-i.ri
/usr/local/rvm/gems/ruby-3.1.2/gems/eventmachine-1.2.7/tests/client.key
/usr/local/rvm/rubies/ruby-3.0.4/lib/ruby/3.0.0/bundler/uri_credentials_filter.rb
/usr/local/rvm/rubies/ruby-3.1.2/lib/ruby/3.1.0/bundler/uri_credentials_filter.rb
/usr/local/sdkman/candidates/java/11.0.17-ms/conf/management/jmxremote.password.template
/usr/local/sdkman/candidates/java/17.0.5-ms/conf/management/jmxremote.password.template
/usr/local/share/nvm/versions/node/v14.21.0/lib/node_modules/npm/lib/config/clear-credentials-by-uri.js
/usr/local/share/nvm/versions/node/v14.21.0/lib/node_modules/npm/lib/config/get-credentials-by-uri.js
/usr/local/share/nvm/versions/node/v14.21.0/lib/node_modules/npm/lib/config/set-credentials-by-uri.js
/usr/share/doc/dialog/examples/password
/usr/share/doc/dialog/examples/password1
/usr/share/doc/dialog/examples/password2
/usr/share/doc/git/contrib/credential
/usr/share/doc/git/contrib/credential/gnome-keyring/git-credential-gnome-keyring.c
/usr/share/doc/git/contrib/credential/libsecret/git-credential-libsecret.c
/usr/share/doc/git/contrib/credential/netrc/git-credential-netrc
/usr/share/doc/git/contrib/credential/netrc/t-git-credential-netrc.sh
/usr/share/doc/git/contrib/credential/osxkeychain/git-credential-osxkeychain.c
/usr/share/doc/git/contrib/credential/wincred/git-credential-wincred.c
╔══════════╣ Checking for TTY (sudo/su) passwords in audit logs

╔══════════╣ Searching passwords inside logs (limit 70)
2022-10-19 16:47:13 configure base-passwd:amd64 3.5.47 3.5.47
2022-10-19 16:47:13 install base-passwd:amd64 <none> 3.5.47
2022-10-19 16:47:13 status half-configured base-passwd:amd64 3.5.47
2022-10-19 16:47:13 status half-installed base-passwd:amd64 3.5.47
2022-10-19 16:47:13 status installed base-passwd:amd64 3.5.47
2022-10-19 16:47:13 status unpacked base-passwd:amd64 3.5.47
2022-10-19 16:47:14 status half-configured base-passwd:amd64 3.5.47
2022-10-19 16:47:14 status half-installed base-passwd:amd64 3.5.47
2022-10-19 16:47:14 status unpacked base-passwd:amd64 3.5.47
2022-10-19 16:47:14 upgrade base-passwd:amd64 3.5.47 3.5.47
2022-10-19 16:47:17 install passwd:amd64 <none> 1:4.8.1-1ubuntu5
2022-10-19 16:47:17 status half-installed passwd:amd64 1:4.8.1-1ubuntu5
2022-10-19 16:47:17 status unpacked passwd:amd64 1:4.8.1-1ubuntu5
2022-10-19 16:47:18 configure base-passwd:amd64 3.5.47 <none>
2022-10-19 16:47:18 status half-configured base-passwd:amd64 3.5.47
2022-10-19 16:47:18 status installed base-passwd:amd64 3.5.47
2022-10-19 16:47:18 status unpacked base-passwd:amd64 3.5.47
2022-10-19 16:47:19 configure passwd:amd64 1:4.8.1-1ubuntu5 <none>
2022-10-19 16:47:19 status half-configured passwd:amd64 1:4.8.1-1ubuntu5
2022-10-19 16:47:19 status installed passwd:amd64 1:4.8.1-1ubuntu5
2022-10-19 16:47:19 status unpacked passwd:amd64 1:4.8.1-1ubuntu5
2022-10-19 16:47:27 configure base-passwd:amd64 3.5.47 <none>
2022-10-19 16:47:27 status half-configured base-passwd:amd64 3.5.47
2022-10-19 16:47:27 status half-installed base-passwd:amd64 3.5.47
2022-10-19 16:47:27 status unpacked base-passwd:amd64 3.5.47
2022-10-19 16:47:27 upgrade base-passwd:amd64 3.5.47 3.5.47
2022-10-19 16:47:28 status installed base-passwd:amd64 3.5.47
2022-10-19 16:49:36 configure passwd:amd64 1:4.8.1-1ubuntu5 <none>
2022-10-19 16:49:36 status half-configured passwd:amd64 1:4.8.1-1ubuntu5
2022-10-19 16:49:36 status half-installed passwd:amd64 1:4.8.1-1ubuntu5
2022-10-19 16:49:36 status installed passwd:amd64 1:4.8.1-1ubuntu5
2022-10-19 16:49:36 status unpacked passwd:amd64 1:4.8.1-1ubuntu5
2022-10-19 16:49:36 upgrade passwd:amd64 1:4.8.1-1ubuntu5 1:4.8.1-1ubuntu5
2022-10-19 16:50:01 configure passwd:amd64 1:4.8.1-1ubuntu5.20.04.2 <none>
2022-10-19 16:50:01 status half-configured passwd:amd64 1:4.8.1-1ubuntu5
2022-10-19 16:50:01 status half-configured passwd:amd64 1:4.8.1-1ubuntu5.20.04.2
2022-10-19 16:50:01 status half-installed passwd:amd64 1:4.8.1-1ubuntu5
2022-10-19 16:50:01 status installed passwd:amd64 1:4.8.1-1ubuntu5.20.04.2
2022-10-19 16:50:01 status unpacked passwd:amd64 1:4.8.1-1ubuntu5
2022-10-19 16:50:01 status unpacked passwd:amd64 1:4.8.1-1ubuntu5.20.04.2
2022-10-19 16:50:01 upgrade passwd:amd64 1:4.8.1-1ubuntu5 1:4.8.1-1ubuntu5.20.04.2
2022-11-02 18:25:33 configure base-passwd:amd64 3.5.47 <none>
2022-11-02 18:25:33 status half-configured base-passwd:amd64 3.5.47
2022-11-02 18:25:33 status half-configured passwd:amd64 1:4.8.1-1ubuntu5.20.04.2
2022-11-02 18:25:33 status half-installed base-passwd:amd64 3.5.47
2022-11-02 18:25:33 status half-installed passwd:amd64 1:4.8.1-1ubuntu5.20.04.2
2022-11-02 18:25:33 status installed base-passwd:amd64 3.5.47
2022-11-02 18:25:33 status unpacked base-passwd:amd64 3.5.47
2022-11-02 18:25:33 status unpacked passwd:amd64 1:4.8.1-1ubuntu5.20.04.2
2022-11-02 18:25:33 upgrade base-passwd:amd64 3.5.47 3.5.47
2022-11-02 18:25:33 upgrade passwd:amd64 1:4.8.1-1ubuntu5.20.04.2 1:4.8.1-1ubuntu5.20.04.2
2022-11-02 18:25:34 configure passwd:amd64 1:4.8.1-1ubuntu5.20.04.2 <none>
2022-11-02 18:25:34 status half-configured passwd:amd64 1:4.8.1-1ubuntu5.20.04.2
2022-11-02 18:25:34 status installed passwd:amd64 1:4.8.1-1ubuntu5.20.04.2
2022-11-02 18:25:34 status unpacked passwd:amd64 1:4.8.1-1ubuntu5.20.04.2
base-passwd depends on libc6 (>= 2.8); however:
base-passwd depends on libdebconfclient0 (>= 0.145); however:
Commandline: apt-get install --reinstall base-passwd
Commandline: apt-get install --reinstall passwd
dpkg: base-passwd: dependency problems, but configuring anyway as you requested:
Preparing to unpack .../base-passwd_3.5.47_amd64.deb ...
Preparing to unpack .../base-passwd_3.5.47_amd64.deb ...
Preparing to unpack .../passwd_1%3a4.8.1-1ubuntu5.20.04.2_amd64.deb ...
Preparing to unpack .../passwd_1%3a4.8.1-1ubuntu5_amd64.deb ...
Reinstall: base-passwd:amd64 (3.5.47)
Reinstall: passwd:amd64 (1:4.8.1-1ubuntu5)
Selecting previously unselected package base-passwd.
Selecting previously unselected package passwd.
Setting up base-passwd (3.5.47) ...
Setting up base-passwd (3.5.47) ...
╔══════════╣ Searching passwords inside key folders (limit 70) - only PHP files

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment