{"id":268,"date":"2019-08-14T13:27:37","date_gmt":"2019-08-14T11:27:37","guid":{"rendered":"https:\/\/privat.andreas-klingler.de\/itsec\/?p=268"},"modified":"2023-12-20T19:21:23","modified_gmt":"2023-12-20T18:21:23","slug":"linux-smart-enumeration","status":"publish","type":"post","link":"https:\/\/infosec.andreas-klingler.de\/?p=268","title":{"rendered":"Linux Smart Enumeration"},"content":{"rendered":"\n<p class=\"wp-block-paragraph\"><a href=\"https:\/\/github.com\/diego-treitos\/linux-smart-enumeration\">https:\/\/github.com\/diego-treitos\/linux-smart-enumeration<\/a><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">This script will show rel\u00ade\u00advant infor\u00adma\u00adtion about the secu\u00adri\u00adty of the local Lin\u00adux system.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Quick install<\/h2>\n\n\n\n<ul class=\"wp-block-list\">\n<li>On an own system:&nbsp;<ul class=\"wp-block-list\">\n<li>Down\u00adload the lse.sh script\n<pre>git clone https:\/\/github.com\/diego-treitos\/linux-smart-enumeration.git<\/pre>\n<\/li>\n\n\n\n<li>Start a web\u00adserv\u00ader like\n<pre>python -m SimpleHTTPServer 8000<\/pre>\n<\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>On the vic\u00adtim system:&nbsp;<ul class=\"wp-block-list\">\n<li>Down\u00adload e.g. with\n<pre>wget &lt;url&gt;\/lse.sh<\/pre>\n<\/li>\n\n\n\n<li>Exe\u00adcute the script.<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\">Details from the manual<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">It has 3 lev\u00adels of ver\u00adbosi\u00adty so you can con\u00adtrol how much infor\u00adma\u00adtion you&nbsp;see.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">In the default lev\u00adel you should see the high\u00adly impor\u00adtant secu\u00adri\u00adty flaws in the sys\u00adtem. The lev\u00adel <code>1<\/code> (<code>.\/lse.sh -l1<\/code>) shows inter\u00adest\u00ading infor\u00adma\u00adtion that should help you to privesc. The lev\u00adel <code>2<\/code> (<code>.\/lse.sh -l2<\/code>) will just dump all the infor\u00adma\u00adtion it gath\u00aders about the system.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">By default it will ask you some ques\u00adtions: main\u00adly the cur\u00adrent user pass\u00adword (if you know it \ud83d\ude09 so it can do some addi\u00adtion\u00adal&nbsp;tests.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">&nbsp;<\/h2>\n\n\n\n<h2 class=\"wp-block-heading\">How to use&nbsp;it?<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">The idea is to get the infor\u00adma\u00adtion gradually.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">First you should exe\u00adcute it just like <code>.\/lse.sh<\/code>. If you see some green <code>yes!<\/code>, you prob\u00ada\u00adbly have already some good stuff to work&nbsp;with.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">If not, you should try the <code>level 1<\/code> ver\u00adbosi\u00adty with <code>.\/lse.sh -l1<\/code> and you will see some more infor\u00adma\u00adtion that can be interesting.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">If that does not help, <code>level 2<\/code> will just dump every\u00adthing you can gath\u00ader about the ser\u00advice using <code>.\/lse.sh -l2<\/code>. In this case you might find use\u00adful to use <code>.\/lse.sh -l2 | less -r<\/code>.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">You can also select what tests to exe\u00adcute by pass\u00ading the <code>-s<\/code> para\u00adme\u00adter. With it you can select spe\u00adcif\u00adic tests or sec\u00adtions to be exe\u00adcut\u00aded. For exam\u00adple <code>.\/lse.sh -l2 -s usr010,net,pro<\/code> will exe\u00adcute the test <code>usr010<\/code> and all the tests in the sec\u00adtions <code>net<\/code> and <code>pro<\/code>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>https:\/\/github.com\/diego-treitos\/linux-smart-enumeration This script will show rel\u00ade\u00advant infor\u00adma\u00adtion about the secu\u00adri\u00adty of the local Lin\u00adux sys\u00adtem. Quick install Details from the man\u00adu\u00adal It has 3 lev\u00adels of ver\u00adbosi\u00adty so you can con\u00adtrol how much infor\u00adma\u00adtion you&nbsp;see. In the default lev\u00adel you should see the high\u00adly impor\u00adtant secu\u00adri\u00adty flaws in the sys\u00adtem. The lev\u00adel 1 (.\/lse.sh \u2011l1) [\u2026]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"wp_typography_post_enhancements_disabled":false,"footnotes":""},"categories":[471,475],"tags":[480,68],"class_list":["post-268","post","type-post","status-publish","format-standard","hentry","category-privesc","category-attack-tool","tag-lse","tag-scanner"],"_links":{"self":[{"href":"https:\/\/infosec.andreas-klingler.de\/index.php?rest_route=\/wp\/v2\/posts\/268","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/infosec.andreas-klingler.de\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/infosec.andreas-klingler.de\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/infosec.andreas-klingler.de\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/infosec.andreas-klingler.de\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=268"}],"version-history":[{"count":4,"href":"https:\/\/infosec.andreas-klingler.de\/index.php?rest_route=\/wp\/v2\/posts\/268\/revisions"}],"predecessor-version":[{"id":3801,"href":"https:\/\/infosec.andreas-klingler.de\/index.php?rest_route=\/wp\/v2\/posts\/268\/revisions\/3801"}],"wp:attachment":[{"href":"https:\/\/infosec.andreas-klingler.de\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=268"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/infosec.andreas-klingler.de\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=268"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/infosec.andreas-klingler.de\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=268"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}