Less false possitives applied to small names

added new suids cves
add CVE-2021-4034
2026-01-03 16:48:12 -08:00 · 2024-09-24 11:49:57 +02:00 · 2024-09-23 15:00:23 +02:00 · 2024-09-23 14:57:12 +02:00 · 2024-09-23 14:44:11 +02:00 · 2024-09-23 14:41:54 +02:00
3 changed files with 9 additions and 3 deletions
--- a/.github/workflows/CI-master_tests.yml
+++ b/.github/workflows/CI-master_tests.yml
@@ -9,7 +9,7 @@ on:
        - '.github/**'
  
  schedule:
-    - cron: "5 4 * * SUN"
+    - cron: "5 4 1 * *"

  workflow_dispatch:

--- a/linPEAS/builder/linpeas_parts/variables/sidB.sh
+++ b/linPEAS/builder/linpeas_parts/variables/sidB.sh
@@ -25,6 +25,9 @@ sidB="/apache2$%Read_root_passwd__apache2_-f_/etc/shadow\(CVE-2019-0211\)\
 /dtappgather$%Solaris_7_<_11_\(SPARC/x86\)\(CVE-2017-3622\)\
 /dtprintinfo$%Solaris_10_\(x86\)_and_lower_versions_also_SunOS_5.7_to_5.10\
 /dtsession$%Oracle_Solaris_10_1/13_and_earlier\(CVE-2020-2696\)\
+ /enlightenment_backlight$%Before_0.25.4_\(CVE-2022-37706\)\
+ /enlightenment_ckpasswd$%Before_0.25.4_\(CVE-2022-37706\)\
+ /enlightenment_sys$%Before_0.25.4_\(CVE-2022-37706\)\
 /eject$%FreeBSD_mcweject_0.9/SGI_IRIX_6.2\
 /ibstat$%IBM_AIX_Version_6.1/7.1\(09-2013\)\
 /kcheckpass$%KDE_3.2.0_<-->_3.4.2_\(both_included\)\
@@ -42,7 +45,7 @@ sidB="/apache2$%Read_root_passwd__apache2_-f_/etc/shadow\(CVE-2019-0211\)\
 /newgrp$%HP-UX_10.20\
 /ntfs-3g$%Debian9/8/7/Ubuntu/Gentoo/others/Ubuntu_Server_16.10_and_others\(02-2017\)\
 /passwd$%Apple_Mac_OSX\(03-2006\)/Solaris_8/9\(12-2004\)/SPARC_8/9/Sun_Solaris_2.3_to_2.5.1\(02-1997\)\
- /pkexec$%Linux4.10_to_5.1.17\(CVE-2019-13272\)/rhel_6\(CVE-2011-1485\)\
+ /pkexec$%Linux4.10_to_5.1.17\(CVE-2019-13272\)/rhel_6\(CVE-2011-1485\)/Generic_CVE-2021-4034\
 /pppd$%Apple_Mac_OSX_10.4.8\(05-2007\)\
 /pt_chown$%GNU_glibc_2.1/2.1.1_-6\(08-1999\)\
 /pulseaudio$%\(Ubuntu_9.04/Slackware_12.2.0\)\
--- a/linPEAS/builder/src/linpeasBuilder.py
+++ b/linPEAS/builder/src/linpeasBuilder.py
@@ -364,7 +364,10 @@ class LinpeasBuilder:
                except:
                    rb = requests.get(f"https://raw.githubusercontent.com/GTFOBins/GTFOBins.github.io/master/_gtfobins/{b}.md", timeout=5)
            if "sudo:" in rb.text:
-                sudoVB.append(b+"$")
+                if len(b) <= 3:
+                    sudoVB.append("[^a-ZA-Z0-9]"+b+"$") # Less false possitives applied to small names
+                else:
+                    sudoVB.append(b+"$")
            if "suid:" in rb.text:
                suidVB.append("/"+b+"$")
            if "capabilities:" in rb.text:
Author	SHA1	Message	Date
Carlos Polop	7a9ea40cbb	Less false possitives applied to small names	2024-09-24 11:49:57 +02:00
Carlos Polop	faf6be53a8	added new suids cves	2024-09-23 15:00:23 +02:00
Carlos Polop	83f18f891f	add CVE-2021-4034	2024-09-23 14:57:12 +02:00
SirBroccoli	b6ec3236d8	Change to once a month releases	2024-09-23 14:44:11 +02:00
SirBroccoli	2ab6e7047e	Merge pull request #439 from peass-ng/carlospolop-patch-3 Update CONTRIBUTING.md	2024-09-23 14:41:54 +02:00