mirror of https://github.com/peass-ng/PEASS-ng.git synced 2026-04-28 11:53:22 -07:00

Go to file

s1d3r 65d6e4662a fix(linpeas): highlight writable shell binaries as 95% PE vector on merged-usr systems (#630 )

The PATH-derived portion of writeVB uses `sed 's/:/$|^/g'` to turn the
colon-separated PATH into an alternation regex. This produces patterns like
`^/usr/bin$|^/sbin$|^/bin` where every entry except the last gets a trailing
`$` anchor — making it an exact match on the directory name itself rather than
a prefix match on files inside it.

On modern merged-/usr distributions (Debian 10+, Ubuntu 20.04+, Fedora 17+,
Arch) `/bin` is a symlink to `usr/bin`, so `find /` returns `/usr/bin/bash`
rather than `/bin/bash`.  The pattern `^/usr/bin$` does not match
`/usr/bin/bash` (the `$` prevents it), so a writable bash binary falls through
to the lower-severity writeB coloring (plain RED) instead of the 95% PE vector
RED/YELLOW.

Add explicit patterns for the common shell interpreters and env so they are
always flagged as 95% PE vectors regardless of PATH ordering or /usr-merge
layout:

  /bin/bash  /usr/bin/bash
  /bin/sh    /usr/bin/sh
  /bin/dash  /usr/bin/dash
  /bin/zsh   /usr/bin/zsh
  /usr/bin/env

Co-authored-by: s1d3r <s1d3r@users.noreply.github.com>

2026-04-12 23:44:18 +02:00

.github

Add OpenAI fallback to Chack workflows

2026-03-19 19:11:09 +01:00

build_lists

chore(winpeas): update windows version vulnerability definitions (#626 )

2026-04-01 12:46:54 +02:00

linPEAS

fix(linpeas): highlight writable shell binaries as 95% PE vector on merged-usr systems (#630 )

2026-04-12 23:44:18 +02:00

metasploit

Fix: LinPEASS doesn't run via metasploit module

2025-10-28 13:19:03 +02:00

parsers

Auto-merge PR #572 (Codex)

2026-01-20 22:17:02 +00:00

scripts

MITRE ATT&CK Integration for LinPEAS and WinPEAS (#614 )

2026-03-08 01:26:40 +01:00

winPEAS

Auto-merge PR #627 (Chack Agent)

2026-03-31 05:08:57 +00:00

.gitignore

MITRE ATT&CK Integration for LinPEAS and WinPEAS (#614 )

2026-03-08 01:26:40 +01:00

CONTRIBUTING.md

Update CONTRIBUTING.md

2024-09-23 14:41:43 +02:00

LICENSE

Auto-merge PR #555 (Codex)

2026-01-20 16:58:29 +00:00

README.md

Auto-merge PR #555 (Codex)

2026-01-20 16:58:29 +00:00

TODO.md

peass-ng

2024-04-04 11:30:56 +02:00

README.md

PEASS-ng - Privilege Escalation Awesome Scripts SUITE new generation

Basic Tutorial

Here you will find privilege escalation tools for Windows and Linux/Unix* and MacOS.

These tools search for possible local privilege escalation paths that you could exploit and print them to you with nice colors so you can recognize the misconfigurations easily.

Check the Local Windows Privilege Escalation checklist from book.hacktricks.wiki
WinPEAS - Windows local Privilege Escalation Awesome Script (C#.exe and .bat)
Check the Local Linux Privilege Escalation checklist from book.hacktricks.wiki
LinPEAS - Linux local Privilege Escalation Awesome Script (.sh)

Quick Start

Find the latest versions of all the scripts and binaries in the releases page.

JSON, HTML & PDF output

Check the parsers directory to transform PEASS outputs to JSON, HTML and PDF

Join us!

If you are a PEASS & Hacktricks enthusiast, you can get your hands now on our custom swag and show how much you like our projects!

You can also, join the 💬 Discord group or the telegram group to learn about the latest news in cybersecurity and meet other cybersecurity enthusiasts, or follow me on Twitter 🐦 @hacktricks_live.

Let's improve PEASS together

If you want to add something and have any cool idea related to this project, please let me know it in the telegram group https://t.me/peass or contribute reading the CONTRIBUTING.md file.

Advisory

All the scripts/binaries of the PEAS suite should be used for authorized penetration testing and/or educational purposes only. Any misuse of this software will not be the responsibility of the author or of any other collaborator. Use it at your own machines and/or with the owner's permission.

Languages

C# 59%

Shell 19.7%

PowerShell 11.7%

Python 7.8%

Batchfile 1%

Other 0.8%