Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Added sudo/sudoers check #37

Merged
merged 1 commit into from
Dec 28, 2023
Merged

Added sudo/sudoers check #37

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
57 changes: 39 additions & 18 deletions deepce.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -195,7 +195,7 @@ printTip() {
if [ "$quiet" ]; then
return
fi
printer "$DG" "$1" | fold -s -w 95
printer "$DG" "$1" | fold -s -w 95
nl
}

Expand Down Expand Up @@ -369,14 +369,37 @@ userCheck() {
printQuestion "User ...................."
if [ "$(id -u)" = 0 ]; then
isUserRoot="1"
printSuccess "root"
printEx "root"
else
printSuccess "$(whoami)"
fi

printQuestion "Groups .................."
groups=$(groups| sed "s/\($DANGEROUS_GROUPS\)/${LG}${EX}&${NC}${DG}/g")
printStatus "$groups" "None"

if ! [ $isUserRoot ]; then
printQuestion "Sudo ...................."
if [ -x "$(command -v sudo)" ]; then
if sudo -n -l 2>/dev/null; then
printEx "Passwordless Sudo"
isUserHasSudo="1"
else
printError "Password required"
fi
else
printError "sudo not found"
fi
else
printQuestion "Sudoers ................."
if [ -r /etc/sudoers ]; then
sudoers=$(grep -v "#\|^$\|^Defaults\|@include" /etc/sudoers)
printYes
printStatus "$sudoers"
else
printNo
fi
fi
}

dockerSockCheck() {
Expand Down Expand Up @@ -443,9 +466,7 @@ enumerateContainer() {

containerID() {
# Get container ID
containerID="$(cat /etc/hostname)"
#containerID="$(hostname)"
#containerID="$(uname -n)"
containerID="$(cat /etc/hostname || uname -n || hostname)"
# Get container full ID
printResult "Container ID ............" "$containerID" "Unknown"

Expand Down Expand Up @@ -499,13 +520,13 @@ containerName() {
# Requires containerIP
if [ "$containerIP" ]; then
if [ -x "$(command -v host)" ]; then
containerName=$(host "$containerIP" | rev | cut -d' ' -f1 | rev)
containerName=$(host "$containerIP" | rev | cut -d' ' -f1 | rev)
elif [ -x "$(command -v dig)" ]; then
containerName=$(dig -x "$containerIP" +noall +answer | grep 'PTR' | rev | cut -f1 | rev)
containerName=$(dig -x "$containerIP" +noall +answer | grep 'PTR' | rev | cut -f1 | rev)
elif [ -x "$(command -v nslookup)" ]; then
containerName=$(nslookup "$containerIP" 2>/dev/null | grep 'name = ' | rev | cut -d' ' -f1 | rev)
containerName=$(nslookup "$containerIP" 2>/dev/null | grep 'name = ' | rev | cut -d' ' -f1 | rev)
else
missingTools="1"
missingTools="1"
fi
fi
else
Expand Down Expand Up @@ -807,16 +828,17 @@ findInterestingFiles() {
printNo
fi

hashes=$(cut -d':' -f2 < /etc/shadow 2>/dev/null | grep -v '^*$\|^!')
printQuestion "Hashes in shadow file ..............."
if [ "$hashes" ]; then
printYes
printStatus "$hashes"
elif test -r /etc/shadow; then
# Cannot check...
printFail "No permissions"
if test -r /etc/shadow; then
hashes=$(cut -d':' -f2 < /etc/shadow 2>/dev/null | grep -v '^*$\|^!')
if [ "$hashes" ]; then
printYes
printStatus "$hashes"
else
printNo
fi
else
printNo
printFail "Not readable"
fi

# TODO: Check this file /run/secrets/
Expand All @@ -829,7 +851,6 @@ findInterestingFiles() {
printMsg "$(ls -lAh "$p")"
fi
done

}

checkDockerRootless() {
Expand Down
Loading