linPEAS/builder/README.md
You can build you own linpeas which will contain only the checks you want. This is useful to reduce the time it takes to run linpeas and to make linpeas more stealth and modular.
It's possible to indicate the params --all, --all-no-fat and --small to build the classic linpeas_fat.sh, linpeas.sh and linpeas_small.sh outputs:
When testing builder changes locally, prefer writing the output to /tmp so you don't overwrite tracked release artifacts by accident.
linpeas_fat.sh: Contains all checks, even third party applications in base64 embedded.
linpeas.sh: Contains all checks, but only the third party application linux exploit suggester is embedded. This is the default linpeas.sh.
linpeas_small.sh: Contains only the most important checks making its size smaller.
However, in order to indicate only some specific checks, you can use the --include and --exclude params. These arguments supports a comma separated list of modules to add or remove from the final linpeas. Note that the matchs are done by checking if the module path string contains any of the words indicated in those params. Therefore, if you want to inde all the tests from the linpeas_parts/3_cloud it's enough to indicate --include "cloud". Or if you want to include only the check linpeas_parts/3_cloud/1_Check_if_in_Cloud you can indicate --include "Check_if_in_Cloud".
# Run this commands from 1 level above the builder folder. From here: cd ..
# Build linpeas_fat (linpeas with all checks, even third party applications in base64 embedded)
python3 -m builder.linpeas_builder --all --output /tmp/linpeas_fat.sh
# Build regular linpeas
python3 -m builder.linpeas_builder --all-no-fat --output /tmp/linpeas.sh
# Build small linpeas
python3 -m builder.linpeas_builder --small --output /tmp/linpeas_small.sh
# Build linpeas only with container and cloud checks
python3 -m builder.linpeas_builder --include "container,cloud" --output /tmp/linpeas_custom.sh
# Build linpeas only with regexes
python3 -m builder.linpeas_builder --include "api_keys_regex" --output /tmp/linpeas_custom.sh
# Build linpeas only with some specific modules
## You can customize it as much as you want
python3 -m builder.linpeas_builder --include "CPU_info,Sudo_version,Clipboard_highlighted_text" --output /tmp/linpeas_custom.sh
# Build linpeas excluding some specific modules
python3 -m builder.linpeas_builder --exclude "CPU_info,Sudo_version,Clipboard_highlighted_text" --output /tmp/linpeas_custom.sh
Adding new modules is very easy. You just need to create a new file in the linpeas_parts/<corresponding section> folder with the following structure with the bash code to run. Note that every new module should have some specific metadata at the beggining of the file. This metadata is used by the builder to generate the final linpeas.
Metadata example:
# Title: Cloud - Check if in cloud
# ID: CL_Check_if_in_cloud
# Author: Carlos Polop
# Last Update: 22-08-2023
# Description: Check if the current system is inside a cloud environment
# License: GNU GPL
# Version: 1.0
# Functions Used: check_aws_codebuild, check_aws_ec2, check_aws_ecs, check_aws_lambda, check_az_app, check_az_vm, check_do, check_gcp, check_ibm_vm, check_tencent_cvm, print_list
# Global Variables: $is_aws_codebuild, $is_aws_ecs, $is_aws_ec2, , $is_aws_lambda, $is_az_app, $is_az_vm, $is_do, $is_gcp_vm, $is_gcp_function, $is_ibm_vm, $is_aws_ec2_beanstalk, $is_aliyun_ecs, $is_tencent_cvm
# Initial Functions: check_gcp, check_aws_ecs, check_aws_ec2, check_aws_lambda, check_aws_codebuild, check_do, check_ibm_vm, check_az_vm, check_az_app, check_aliyun_ecs, check_tencent_cvm
# Generated Global Variables:
# Fat linpeas: 0
# Small linpeas: 1
<code>
CL)