https://github.com/diego-treitos/linux-smart-enumeration

This script will show rel­e­vant infor­ma­tion about the secu­ri­ty of the local Lin­ux system.

Quick install

• On an own system: 
  • Down­load the lse.sh script

    git clone https://github.com/diego-treitos/linux-smart-enumeration.git

  • Start a web­serv­er like

    python -m SimpleHTTPServer 8000

• On the vic­tim system: 
  • Down­load e.g. with

    wget <url>/lse.sh

  • Exe­cute the script.

Details from the manual

It has 3 lev­els of ver­bosi­ty so you can con­trol how much infor­ma­tion you see.

In the default lev­el you should see the high­ly impor­tant secu­ri­ty flaws in the sys­tem. The lev­el 1 (./lse.sh -l1) shows inter­est­ing infor­ma­tion that should help you to privesc. The lev­el 2 (./lse.sh -l2) will just dump all the infor­ma­tion it gath­ers about the system.

By default it will ask you some ques­tions: main­ly the cur­rent user pass­word (if you know it 😉 so it can do some addi­tion­al tests.

 

How to use it?

The idea is to get the infor­ma­tion gradually.

First you should exe­cute it just like ./lse.sh. If you see some green yes!, you prob­a­bly have already some good stuff to work with.

If not, you should try the level 1 ver­bosi­ty with ./lse.sh -l1 and you will see some more infor­ma­tion that can be interesting.

If that does not help, level 2 will just dump every­thing you can gath­er about the ser­vice using ./lse.sh -l2. In this case you might find use­ful to use ./lse.sh -l2 | less -r.

You can also select what tests to exe­cute by pass­ing the -s para­me­ter. With it you can select spe­cif­ic tests or sec­tions to be exe­cut­ed. For exam­ple ./lse.sh -l2 -s usr010,net,pro will exe­cute the test usr010 and all the tests in the sec­tions net and pro.