-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathunsafe-capa.sh
37 lines (32 loc) · 2.1 KB
/
unsafe-capa.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
#!/bin/bash
echo """
██╗ ██╗███╗ ██╗███████╗ █████╗ ███████╗███████╗ ██████╗ █████╗ ██████╗ █████╗
██║ ██║████╗ ██║██╔════╝██╔══██╗██╔════╝██╔════╝ ██╔════╝██╔══██╗██╔══██╗██╔══██╗
██║ ██║██╔██╗ ██║███████╗███████║█████╗ █████╗ ██║ ███████║██████╔╝███████║
██║ ██║██║╚██╗██║╚════██║██╔══██║██╔══╝ ██╔══╝ ██║ ██╔══██║██╔═══╝ ██╔══██║
╚██████╔╝██║ ╚████║███████║██║ ██║██║ ███████╗ ╚██████╗██║ ██║██║ ██║ ██║
╚═════╝ ╚═╝ ╚═══╝╚══════╝╚═╝ ╚═╝╚═╝ ╚══════╝ ╚═════╝╚═╝ ╚═╝╚═╝ ╚═╝ ╚═╝
Author: https://github.com/nagasivakrishna
version 1.0
"""
unsafe_caps=(CAP_CHOWN CAP_DAC_OVERRIDE CAP_DAC_READ_SEARCH CAP_SETUID CAP_SETGID CAP_NET_RAW CAP_SYS_ADMIN CAP_SYS_PTRACE CAP_SYS_MODULE CAP_FOWNER CAP_SETFCAP)
echo """
The following capabilities can be misused for privesc. These can be potential vectors :)
========================================================
"""
for i in "${unsafe_caps[@]}";
do
echo "$i"
done
echo """
========================================================
Running...
"""
for i in "${unsafe_caps[@]}";
do
getcap -r / 2>/dev/null | grep --color=always -i "$i"
done
echo """
========================================================
Complete.
"""