Cron jobs output has incomplete output

[virenpawar]

If you are going to suggest something, please remove the following template.

Issue description

For output from latest linpeas.sh the output for CRON JOBS section is as follows:

╔══════════╣ Cron jobs                                                
╚ https://book.hacktricks.xyz/linux-unix/privilege-escalation#scheduled-cron-jobs
/usr/bin/crontab                                                    
incrontab Not Found                                                                                                                                                                                                                                                                       
-rw-r--r-- 1 root root     723 May 11  2020 /etc/crontab                                                                                                                                                                                                                                  

/etc/cron.d:                                                                                                                                                                                                                                                                              
total 12                                                              
drwxr-xr-x  2 root root 4096 Apr 22  2020 .
drwxr-xr-x 76 root root 4096 Jul 28  2020 ..                        

<SNIP>

-rw-r--r--  1 root root  102 Oct  7  2017 .placeholder

SHELL=/bin/sh              
PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin

╔══════════╣ Systemd PATH  

However, the missing output here is as follows:

$ cat /etc/cron* /etc/at* /etc/anacrontab /var/spool/cron/crontabs/root 2>/dev/null | grep -v "^#"

SHELL=/bin/sh
PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin

*/5 *   * * *   root    cd / && run-parts --report /etc/cron.hourly
25 6    * * *   root    test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.daily )
47 6    * * 7   root    test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.weekly )
52 6    1 * *   root    test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.monthly )

The command used above is from https://book.hacktricks.xyz/linux-unix/privilege-escalation#scheduled-cron-jobs. In this particular instance, I had misconfigured PATH setup and was looking for any binary which was being used without a proper path so I could go for privilege escalation, but due to missing output, I couldn't reach this point via LinPeas.

Steps to reproduce the issue

1. Just run linpeas.sh on any Linux system and refer to the issue mentioned.

Which parameters did you use for executing the script and how did you execute it?

bash linpeas.sh | tee lin.out

If winpeas, did you use a clean or obfuscated winpeas, and for which architecture?

No.

Is there any AV / Threat protection in the system?

No.

Please, indicate the OS, the OS version, and the kernel version (build number in case of Windows)

$ uname -a
Linux machine 4.9.0-12-amd64 #1 SMP Debian 4.9.210-1 (2020-01-20) x86_64 GNU/Linux
$ uname -m
x86_64
$ uname -o
GNU/Linux

Please, indicate the check that is failing and add a screenshot showing the problem

Cron jobs complete output, as mentioned in issue description.

How did you expect it to work?

Expected complete output as the scripts like the commands used on https://book.hacktricks.xyz/linux-unix/privilege-escalation#scheduled-cron-jobs.

Additional details / screenshot

N/A

[carlospolop]

Hi @virenpawar, The output you were looking for is default in most systems and linpeas was removing that part from the output. However, it's try that for a miss-configured path it can be useful to escalate privs so the next release of linpeas won't be removing those lines. Feel free to test the new version in a couple of hours and reopen this issue if the bug persists. And thanks for sharing the bug!