Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Linpeas stuck at Analyzing Redis Files (limit 70) #433

Open
zWhoAmI opened this issue Sep 9, 2024 · 3 comments
Open

Linpeas stuck at Analyzing Redis Files (limit 70) #433

zWhoAmI opened this issue Sep 9, 2024 · 3 comments

Comments

@zWhoAmI
Copy link

zWhoAmI commented Sep 9, 2024
edited
Loading

Issue description

1.Getting stuck at :

Analyzing Redis Files (limit 70) ( see screenshot )

  1. Didn't detected the CVE-2021-4034
    [pablo@sybaris tmp]$ pkexec --version
    pkexec version 0.112 ( see screenshot )

Steps to reproduce the issue

Which parameters did you use for executing the script and how did you execute it?

./linpeash.sh

If winpeas, did you use a clean or obfuscated winpeas, and for which architecture?

Release refs/heads/master 20240908-e068962e
I used => linpeas.sh

Is there any AV / Threat protection in the system?

No AV

Please, indicate the OS, the OS version, and the kernel version (build number in case of Windows)

Linux sybaris 3.10.0-1127.19.1.el7.x86_64 #1 SMP Tue Aug 25 17:23:54 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux

Please, indicate the check that is failing and add a screenshot showing the problem

How did you expect it to work?

Additional details / screenshot

pkexec
redis
@carlospolop
Copy link
Collaborator

Hi!

I have added something to try to detect the CVE.
Regarding the issue you describes with that information I have no idea why is that happening. Would you be able to debug it a bit more and find out the exact like that causes the crash as it might be something after the redis check?

@s4m-u-ra1
Copy link

ay, came accross the same problem.. same system ;) oscp preps..
concerning troubleshooting:
looking into the process tree (ps af) we see it stuck at the "_ redis-cli INFO"
checking /proc//status process is sleeping.
-> what i think is the following: need to set a context.
to get user access to the system, we use the "https://github.com/n0b0dyCN/RedisModules-ExecuteCommand" exploit.
which somehow locks down the redis-cli service because if i drop the shell i can't use redis anoymore -> reset of machine is then necessary..
so my question, is there an option to exlude the redis scan from linpeas by passing a commandline argument?
thx, sam

@carlospolop
Copy link
Collaborator

Hi @s4m-u-ra1 !
To not run a check you can either get Linpeas and look the Redis check and remove that from the script. Or you can rebuild Linpeas indicating you don't want that check included in the final build

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@carlospolop @zWhoAmI @s4m-u-ra1