mirror of https://github.com/peass-ng/PEASS-ng.git synced 2026-04-28 03:43:23 -07:00

Go to file

R Muthra ac31bcefab feat: detect hidden group access via newgrp (gshadow desync) (#625 )

* feat: detect hidden group access via newgrp (gshadow desync)

Problem: groups/id only show current session memberships
Fix: probe all system groups via newgrp to detect accessible groups not shown
Impact: identifies hidden access (docker, lxd, etc.) missed by standard checks

Real case: user present in gshadow docker group but not reflected in session
newgrp docker succeeds -> container escape -> root

* Update linPEAS/builder/linpeas_parts/6_users_information/19_Actual_groups.sh

fixed the  command-injection vector.

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>

* Apply suggestion from @Copilot

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>

---------

Co-authored-by: Muthra <muthra@example.com>
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
Co-authored-by: SirBroccoli <carlospolop@gmail.com>

2026-03-23 16:29:33 +01:00

.github

Add OpenAI fallback to Chack workflows

2026-03-19 19:11:09 +01:00

build_lists

Fix CI-master failures for run #23351051018 (#623 )

2026-03-20 17:25:26 +01:00

linPEAS

feat: detect hidden group access via newgrp (gshadow desync) (#625 )

2026-03-23 16:29:33 +01:00

metasploit

Fix: LinPEASS doesn't run via metasploit module

2025-10-28 13:19:03 +02:00

parsers

Auto-merge PR #572 (Codex)

2026-01-20 22:17:02 +00:00

scripts

MITRE ATT&CK Integration for LinPEAS and WinPEAS (#614 )

2026-03-08 01:26:40 +01:00

winPEAS

2026-03-15 23:33:31 +01:00

.gitignore

MITRE ATT&CK Integration for LinPEAS and WinPEAS (#614 )

2026-03-08 01:26:40 +01:00

CONTRIBUTING.md

Update CONTRIBUTING.md

2024-09-23 14:41:43 +02:00

LICENSE

Auto-merge PR #555 (Codex)

2026-01-20 16:58:29 +00:00

README.md

Auto-merge PR #555 (Codex)

2026-01-20 16:58:29 +00:00

TODO.md

peass-ng

2024-04-04 11:30:56 +02:00

README.md

PEASS-ng - Privilege Escalation Awesome Scripts SUITE new generation

Basic Tutorial

Here you will find privilege escalation tools for Windows and Linux/Unix* and MacOS.

These tools search for possible local privilege escalation paths that you could exploit and print them to you with nice colors so you can recognize the misconfigurations easily.

Check the Local Windows Privilege Escalation checklist from book.hacktricks.wiki
WinPEAS - Windows local Privilege Escalation Awesome Script (C#.exe and .bat)
Check the Local Linux Privilege Escalation checklist from book.hacktricks.wiki
LinPEAS - Linux local Privilege Escalation Awesome Script (.sh)

Quick Start

Find the latest versions of all the scripts and binaries in the releases page.

JSON, HTML & PDF output

Check the parsers directory to transform PEASS outputs to JSON, HTML and PDF

Join us!

If you are a PEASS & Hacktricks enthusiast, you can get your hands now on our custom swag and show how much you like our projects!

You can also, join the 💬 Discord group or the telegram group to learn about the latest news in cybersecurity and meet other cybersecurity enthusiasts, or follow me on Twitter 🐦 @hacktricks_live.

Let's improve PEASS together

If you want to add something and have any cool idea related to this project, please let me know it in the telegram group https://t.me/peass or contribute reading the CONTRIBUTING.md file.

Advisory

All the scripts/binaries of the PEAS suite should be used for authorized penetration testing and/or educational purposes only. Any misuse of this software will not be the responsibility of the author or of any other collaborator. Use it at your own machines and/or with the owner's permission.

Languages

C# 59%

Shell 19.7%

PowerShell 11.7%

Python 7.8%

Batchfile 1%

Other 0.8%