Skip to content

Introduction#

There are plenty of tools which can be used for automating post-exploitation enumeration on Linux machines.

Linux Enumeration with LinPEAS#

[[https://github.com/carlospolop/PEASS-ng/tree/master/linPEAS|LinPEAS]] is an amazing tool for automation enumeration. It is written in Bash which means that it requires no additional dependencies and can be freely run. In order to acquire the latest version of LinPEAS, run the following command:

wget https://github.com/carlospolop/PEASS-ng/releases/latest/download/linpeas.sh

![[res/linpeas_help.png]]

By default, running LinPEAS will perform many checks on the system and spit out a deluge of information. However, the tool can also be used to only perform specific tasks using the -o argument.

Enumerate system information:

./linpeas.sh -o system_information

![[res/linpeas_sysinfo_1.png]]

![[res/linpeas_sysinfo_2.png]]

![[res/linpeas_sysinfo_3.png]]

Enumerate containers on the machine:

./linpeas.sh -o container

![[res/linpeas_container.png]]

Enumerate cloud platforms:

./linpeas.sh -o cloud

![[res/linpeas_cloud.png]]

Enumerate available software:

./linpeas.sh -o software_information

![[res/linpeas_softinfo_1.png]]

Enumerate processes, cronjobs, services, and sockets:

./linpeas.sh -o procs_crons_timers_srvcs_sockets

![[res/linpeas_ptss1.png]]

![[res/linpeas_ptss2.png]]

![[res/linpeas_ptss3.png]]

Enumerate network information:

./linpeas.sh -o network_information

![[res/linpeas_net.png]]

Enumerate user information:

./linpeas.sh -o users_information

![[res/linpeas_usersinfo_1.png]]

![[res/linpeas_usersinfo_2.png]]

Enumerate interesting files:

./linpeas.sh -o interesting_files