#!/bin/bash
function main()
{ printf "\nThis script enumerates system information and appends it to a textfile.\n"
printf "\nThese items will be enumerated:
1. User IDs and login history.
2. OS details and mounted disks.
3. Network status and information.
4. Running processes.\n\n"
read -p 'Continue? Y/n : ' choice2
if [[ $choice2 == 'y' ]]; then
enum
else
echo "Aborted"
exit 1
fi
}
function enum()
{ printf "\n\nPlease provide a path to which the output will be saved. I.e /tmp/output.txt\n"
read -p 'Path? : ' outfile
echo "+-+-+-+-+" | tee -a $outfile 1>&2
echo "|L|O|G|S|" | tee -a $outfile 1>&2
echo "+-+-+-+-+" | tee -a $outfile 1>&2
printf "\n\nUser IDs\n" | tee -a $outfile 1>&2
whoami | tee -a $outfile 1>&2
printf "\n\n" | tee -a $outfile 1>&2
id | tee -a $outfile 1>&2
printf "\n\n" | tee -a $outfile 1>&2
last | tee -a $outfile 1>&2
sleep 0.5 && clear
printf "\n\nOS details and mounted disks\n\n" | tee -a $outfile 1>&2
uname -a | tee -a $outfile 1>&2
printf "\n\n" | tee -a $outfile 1>&2
df -h | tee -a $outfile 1>&2
sleep 0.5 && clear
printf "\n\nNetwork status & info\n\n" | tee -a $outfile 1>&2
ifconfig -a | tee -a $outfile 1>&2
printf "\n\n" | tee -a $outfile 1>&2
arp -a | tee -a $outfile 1>&2
printf "\n\n" | tee -a $outfile 1>&2
netstat -atp | tee -a $outfile 1>&2
sleep 0.5 && clear
printf "\n\nProcess info\n\n" | tee -a $outfile 1>&2
ps -d -f | tee -a $outfile 1>&2
sleep 0.5 && clear
echo "Done, output saved to $outfile"
exit 1
}
if [[ "$EUID" -ne 0 ]]; then
echo "It is recommended that this script is run as root"
printf "\nRunning it without super user privilege will affect the results\n"
read -p 'Continue without root? Y/n : ' choice1
if [[ $choice1 == 'y' ]]; then
main
else
echo "Aborted"
exit 1
fi
else
main
fi
I am building a bash multi tool in effect. I will be combing features i have in some other bash scripts so that it will be useful, not only for sysadmin stuff but for OffSec purposes as well.
I will be including features from RootHelper and KernMan, see below for those scripts.
#!/bin/bash
function usage()
{ printf "%b \a\n\nRoothelper will aid in the process of privilege escalation on a Linux system you compromised by fetching a number of enumeration
and exploit suggestion scripts. Below is a quick overview of the available options.
The 'Help' option displays this informational message.
The 'Download' option fetches the relevant files and places them in the /tmp/ directory.
The option 'Download and unzip' downloads all files and extracts the contents of zip archives to their individual subdirectories respectively, please
note; if the 'mkdir' command is unavailable however, the operation will not succeed and the 'Download' option should be used instead
The 'Clean up' option removes all downloaded files and 'Quit' exits roothelper.\n "
}
# Download and unzip
function dzip()
{ echo "Downloading and extracting scripts..."
`wget -O /tmp/ExploitSuggest.py http://www.securitysift.com/download/linuxprivchecker.py`
`wget -O /tmp/LinEnum.zip https://github.com/rebootuser/LinEnum/archive/master.zip`
`wget -O /tmp/ExploitSuggest_perl.zip https://github.com/PenturaLabs/Linux_Exploit_Suggester/archive/master.zip`
`wget -O /tmp/unixprivesc.zip https://github.com/pentestmonkey/unix-privesc-check/archive/1_x.zip`
`wget -O /tmp/firmwalker.zip https://github.com/craigz28/firmwalker/archive/master.zip`
for zip in *.zip
do
dirname=`echo $zip | sed 's/\.zip$//'`
if mkdir $dirname
then
if cd $dirname
then
unzip ../$zip
cd ..
rm -f $zip
else
echo "Could not unpack $zip - cd failed"
fi
else
echo "Could not unpack $zip - mkdir failed"
fi
done
}
dir="/tmp/"
usage
printf "%b" "\a\n\nTo use roothelper please select an option below.:\n"
PS3='Please enter your choice: '
options=("Help" "Download" "Download and unzip" "Clean up" "Quit")
select opt in "${options[@]}"
do
case $opt in
"Help")
usage
printf "%b \n"
;;
"Download")
echo "Downloading scripts to /tmp/"
`wget -O /tmp/ExploitSuggest.py http://www.securitysift.com/download/linuxprivchecker.py`
`wget -O /tmp/LinEnum.zip https://github.com/rebootuser/LinEnum/archive/master.zip`
`wget -O /tmp/ExploitSuggest_perl.zip https://github.com/PenturaLabs/Linux_Exploit_Suggester/archive/master.zip`
`wget -O /tmp/unixprivesc.zip https://github.com/pentestmonkey/unix-privesc-check/archive/1_x.zip`
`wget -O /tmp/firmwalker.zip https://github.com/craigz28/firmwalker/archive/master.zip`
printf "%b \n"
;;
"Download and unzip")
dzip
printf "%b \n"
;;
"Clean up")
echo "Removing downloaded files"
find $dir/* -exec rm {} \;
printf "%b \n"
;;
"Quit")
break
;;
*) echo invalid option;;
esac
done
#!/bin/bash
if [[ "$EUID" -ne 0 ]]; then
echo "This script must be run as root" 1>&2
exit 1
fi
function logo()
{ echo " _____ _____ "
echo "| | |___ ___ ___| |___ ___ "
echo "| -| -_| _| | | | | .'| |"
echo "|__|__|___|_| |_|_|_|_|_|__,|_|_|"
printf "\nKernMan - Kernel Management Assistant.\n"
}
logo
function usage()
{ printf "\nKernMan is a script written for the purpuse of simplyfying Kernel Managenemt.
Select the option 'List' to display all installed kernels. Select the option 'Purge' to display
all kernels that can be removed and subsequently do so\n\n"
}
PS3='Please enter your choice: '
options=("Usage" "List" "Purge" "Quit")
select opt in "${options[@]}"
do
case $opt in
"Usage")
usage
;;
"List")
dpkg -l linux-image-\* | grep ^ii
;;
"Purge")
kernelver=$(uname -r | sed -r 's/-[a-z]+//')
dpkg -l linux-{image,headers}-"[0-9]*" | awk '/ii/{print $2}' | grep -ve $kernelver
printf "\nThese items will be deleted.\n"
read -p 'Continue? Y/n ' choice
if [[ $choice == "y" ]]; then
sudo apt-get purge $(dpkg -l linux-{image,headers}-"[0-9]*" | awk '/ii/{print $2}' | grep -ve "$(uname -r | sed -r 's/-[a-z]+//')")
else
echo "Aborted"
break
exit 1
fi
;;
"Quit")
break
;;
*) echo invalid option;;
esac
done
The scripts are up on my github as well.
https://github.com/NullArrayPost last edited by Sophie at 2017-01-31T15:01:25.800871+00:00
