From fbdfc12e487557803df449992ba7de887bf52ae9 Mon Sep 17 00:00:00 2001
From: Naveen Ranasinghe <naveenyasiru98@gmail.com>
Date: Wed, 6 Sep 2023 21:53:40 +0530
Subject: [PATCH 1/3] Update LinEnum.sh binarylist

#updated the binarylist according to gtfobins on 06/09/3023
---
 LinEnum.sh | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/LinEnum.sh b/LinEnum.sh
index d8c69f2..e148b4d 100755
--- a/LinEnum.sh
+++ b/LinEnum.sh
@@ -79,7 +79,8 @@ echo -e "\e[00m\n"
 }
 
 # useful binaries (thanks to https://gtfobins.github.io/)
-binarylist='aria2c\|arp\|ash\|awk\|base64\|bash\|busybox\|cat\|chmod\|chown\|cp\|csh\|curl\|cut\|dash\|date\|dd\|diff\|dmsetup\|docker\|ed\|emacs\|env\|expand\|expect\|file\|find\|flock\|fmt\|fold\|ftp\|gawk\|gdb\|gimp\|git\|grep\|head\|ht\|iftop\|ionice\|ip$\|irb\|jjs\|jq\|jrunscript\|ksh\|ld.so\|ldconfig\|less\|logsave\|lua\|make\|man\|mawk\|more\|mv\|mysql\|nano\|nawk\|nc\|netcat\|nice\|nl\|nmap\|node\|od\|openssl\|perl\|pg\|php\|pic\|pico\|python\|readelf\|rlwrap\|rpm\|rpmquery\|rsync\|ruby\|run-parts\|rvim\|scp\|script\|sed\|setarch\|sftp\|sh\|shuf\|socat\|sort\|sqlite3\|ssh$\|start-stop-daemon\|stdbuf\|strace\|systemctl\|tail\|tar\|taskset\|tclsh\|tee\|telnet\|tftp\|time\|timeout\|ul\|unexpand\|uniq\|unshare\|vi\|vim\|watch\|wget\|wish\|xargs\|xxd\|zip\|zsh'
+#updated the binary list according to gtfobins on 06/09/3023
+binarylist='sg|tshark|elvish|octave|rsync|wget|bzip2|red|w3m|systemd-resolve|agetty|look|psql|socat|zypper|rvim|csplit|more|ascii85|less|wireshark|hexdump|gtester|emacs|timedatectl|hping3|ul|script|knife|joe|ruby|nohup|easy_install|stdbuf|pdftex|soelim|pry|chroot|choom|snap|dig|bpftrace|mount|cpio|rpmdb|ksu|latex|msgattrib|psftp|luatex|openvpn|mosquitto|ncftp|strace|ip|nm|pico|install|exiftool|rc|find|apt-get|awk|pr|c89|od|csvtool|msgcat|journalctl|nroff|dd|curl|dpkg|ascii-xfr|gimp|capsh|tex|torify|ksh|date|base58|tail|shuf|check_ssl_cert|gcloud|ftp|cpan|dmsetup|whiptail|cowthink|espeak|update-alternatives|cancel|bash|rev|paste|check_log|ssh|dvips|uniq|ash|lwp-request|aa-exec|unsquashfs|ht|logsave|dstat|redcarpet|debugfs|gdb|tmux|dialog|tmate|openvt|check_cups|neofetch|check_memory|dotnet|scrot|highlight|wc|ar|vimdiff|unshare|jq|socket|pwsh|msguniq|cmp|ptx|perlbug|iftop|virsh|mail|run-parts|jtag|pic|lftp|aws|atobm|mtr|top|pdflatex|tcpdump|cp|python|finger|man|jrunscript|ispell|cut|apt|chown|pidstat|ginsh|sort|tbl|comm|ex|task|rpmquery|lwp-download|flock|tftp|check_by_ssh|kubectl|pkg|msfconsole|check_raid|gem|rpm|nasm|su|pkexec|grc|make|perf|telnet|c99|arp|nc|multitime|latexmk|sftp|run-mailcap|ssh-agent|ss|ld.so|scanmem|vi|bundle|mv|hd|torsocks|efax|loginctl|tee|fping|7z|tclsh|pexec|setfacl|dnf|msgconv|ltrace|node|rview|zip|sash|base32|ssh-keyscan|vigr|gcore|systemctl|netcat|diff|setlock|dos2unix|rake|facter|pdb|time|gzip|eqn|ssh-keygen|scp|busybox|split|irb|mawk|ansible-test|unexpand|clamscan|ed|file|ghci|nice|nft|check_statusfile|nawk|valgrind|sysctl|vipw|crontab|uuencode|ghc|base64|byebug|tac|zsh|genie|tar|bconsole|batcat|slsh|fold|basenc|whois|tasksh|uudecode|tdbtool|rlwrap|csh|msgfilter|git|watch|aria2c|bc|ip$|unzip|pg|perl|ln|view|fish|service|setarch|sshpass|dmesg|fmt|openssl|certbot|ssh$|jjs|lp|pax|alpine|ansible-playbook|distcc|gcc|cupsfilter|opkg|puppet|nl|nmap|taskset|xargs|genisoimage|bundler|nano|env|julia|aoss|tic|cabal|at|dmidecode|lua|sh|ksshell|wish|grep|start-stop-daemon|crash|dosbox|busctl|vagrant|mysql|lualatex|chmod|column|cowsay|troff|ionice|readelf|php|screen|docker|softlimit|timeout|composer|join|ab|aspell|dash|ldconfig|pandoc|gawk|sqlite3|arj|head|as|expect|msgmerge|bridge|terraform|rlogin|sqlmap|volatility|nsenter|expand|iconv|xxd|basez|sed|restic|cat|eb|vim|posh|wall|cdist|rpmverify|npm|strings|smbclient|redis|zsoelim|rtorrent|pip|cobc|cpulimit'
 
 system_info()
 {

From 793802b9dd669aa90ca3e1e0331e32a5ef4a7e98 Mon Sep 17 00:00:00 2001
From: Naveen Ranasinghe <naveenyasiru98@gmail.com>
Date: Wed, 6 Sep 2023 23:26:47 +0530
Subject: [PATCH 2/3] Update LinEnum.sh

list format error corrected
---
 LinEnum.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/LinEnum.sh b/LinEnum.sh
index e148b4d..dff8f86 100755
--- a/LinEnum.sh
+++ b/LinEnum.sh
@@ -80,7 +80,7 @@ echo -e "\e[00m\n"
 
 # useful binaries (thanks to https://gtfobins.github.io/)
 #updated the binary list according to gtfobins on 06/09/3023
-binarylist='sg|tshark|elvish|octave|rsync|wget|bzip2|red|w3m|systemd-resolve|agetty|look|psql|socat|zypper|rvim|csplit|more|ascii85|less|wireshark|hexdump|gtester|emacs|timedatectl|hping3|ul|script|knife|joe|ruby|nohup|easy_install|stdbuf|pdftex|soelim|pry|chroot|choom|snap|dig|bpftrace|mount|cpio|rpmdb|ksu|latex|msgattrib|psftp|luatex|openvpn|mosquitto|ncftp|strace|ip|nm|pico|install|exiftool|rc|find|apt-get|awk|pr|c89|od|csvtool|msgcat|journalctl|nroff|dd|curl|dpkg|ascii-xfr|gimp|capsh|tex|torify|ksh|date|base58|tail|shuf|check_ssl_cert|gcloud|ftp|cpan|dmsetup|whiptail|cowthink|espeak|update-alternatives|cancel|bash|rev|paste|check_log|ssh|dvips|uniq|ash|lwp-request|aa-exec|unsquashfs|ht|logsave|dstat|redcarpet|debugfs|gdb|tmux|dialog|tmate|openvt|check_cups|neofetch|check_memory|dotnet|scrot|highlight|wc|ar|vimdiff|unshare|jq|socket|pwsh|msguniq|cmp|ptx|perlbug|iftop|virsh|mail|run-parts|jtag|pic|lftp|aws|atobm|mtr|top|pdflatex|tcpdump|cp|python|finger|man|jrunscript|ispell|cut|apt|chown|pidstat|ginsh|sort|tbl|comm|ex|task|rpmquery|lwp-download|flock|tftp|check_by_ssh|kubectl|pkg|msfconsole|check_raid|gem|rpm|nasm|su|pkexec|grc|make|perf|telnet|c99|arp|nc|multitime|latexmk|sftp|run-mailcap|ssh-agent|ss|ld.so|scanmem|vi|bundle|mv|hd|torsocks|efax|loginctl|tee|fping|7z|tclsh|pexec|setfacl|dnf|msgconv|ltrace|node|rview|zip|sash|base32|ssh-keyscan|vigr|gcore|systemctl|netcat|diff|setlock|dos2unix|rake|facter|pdb|time|gzip|eqn|ssh-keygen|scp|busybox|split|irb|mawk|ansible-test|unexpand|clamscan|ed|file|ghci|nice|nft|check_statusfile|nawk|valgrind|sysctl|vipw|crontab|uuencode|ghc|base64|byebug|tac|zsh|genie|tar|bconsole|batcat|slsh|fold|basenc|whois|tasksh|uudecode|tdbtool|rlwrap|csh|msgfilter|git|watch|aria2c|bc|ip$|unzip|pg|perl|ln|view|fish|service|setarch|sshpass|dmesg|fmt|openssl|certbot|ssh$|jjs|lp|pax|alpine|ansible-playbook|distcc|gcc|cupsfilter|opkg|puppet|nl|nmap|taskset|xargs|genisoimage|bundler|nano|env|julia|aoss|tic|cabal|at|dmidecode|lua|sh|ksshell|wish|grep|start-stop-daemon|crash|dosbox|busctl|vagrant|mysql|lualatex|chmod|column|cowsay|troff|ionice|readelf|php|screen|docker|softlimit|timeout|composer|join|ab|aspell|dash|ldconfig|pandoc|gawk|sqlite3|arj|head|as|expect|msgmerge|bridge|terraform|rlogin|sqlmap|volatility|nsenter|expand|iconv|xxd|basez|sed|restic|cat|eb|vim|posh|wall|cdist|rpmverify|npm|strings|smbclient|redis|zsoelim|rtorrent|pip|cobc|cpulimit'
+binarylist='sg/|tshark/|elvish/|octave/|rsync/|wget/|bzip2/|red/|w3m/|systemd-resolve/|agetty/|look/|psql/|socat/|zypper/|rvim/|csplit/|more/|ascii85/|less/|wireshark/|hexdump/|gtester/|emacs/|timedatectl/|hping3/|ul/|script/|knife/|joe/|ruby/|nohup/|easy_install/|stdbuf/|pdftex/|soelim/|pry/|chroot/|choom/|snap/|dig/|bpftrace/|mount/|cpio/|rpmdb/|ksu/|latex/|msgattrib/|psftp/|luatex/|openvpn/|mosquitto/|ncftp/|strace/|ip/|nm/|pico/|install/|exiftool/|rc/|find/|apt-get/|awk/|pr/|c89/|od/|csvtool/|msgcat/|journalctl/|nroff/|dd/|curl/|dpkg/|ascii-xfr/|gimp/|capsh/|tex/|torify/|ksh/|date/|base58/|tail/|shuf/|check_ssl_cert/|gcloud/|ftp/|cpan/|dmsetup/|whiptail/|cowthink/|espeak/|update-alternatives/|cancel/|bash/|rev/|paste/|check_log/|ssh/|dvips/|uniq/|ash/|lwp-request/|aa-exec/|unsquashfs/|ht/|logsave/|dstat/|redcarpet/|debugfs/|gdb/|tmux/|dialog/|tmate/|openvt/|check_cups/|neofetch/|check_memory/|dotnet/|scrot/|highlight/|wc/|ar/|vimdiff/|unshare/|jq/|socket/|pwsh/|msguniq/|cmp/|ptx/|perlbug/|iftop/|virsh/|mail/|run-parts/|jtag/|pic/|lftp/|aws/|atobm/|mtr/|top/|pdflatex/|tcpdump/|cp/|python/|finger/|man/|jrunscript/|ispell/|cut/|apt/|chown/|pidstat/|ginsh/|sort/|tbl/|comm/|ex/|task/|rpmquery/|lwp-download/|flock/|tftp/|check_by_ssh/|kubectl/|pkg/|msfconsole/|check_raid/|gem/|rpm/|nasm/|su/|pkexec/|grc/|make/|perf/|telnet/|c99/|arp/|nc/|multitime/|latexmk/|sftp/|run-mailcap/|ssh-agent/|ss/|ld.so/|scanmem/|vi/|bundle/|mv/|hd/|torsocks/|efax/|loginctl/|tee/|fping/|7z/|tclsh/|pexec/|setfacl/|dnf/|msgconv/|ltrace/|node/|rview/|zip/|sash/|base32/|ssh-keyscan/|vigr/|gcore/|systemctl/|netcat/|diff/|setlock/|dos2unix/|rake/|facter/|pdb/|time/|gzip/|eqn/|ssh-keygen/|scp/|busybox/|split/|irb/|mawk/|ansible-test/|unexpand/|clamscan/|ed/|file/|ghci/|nice/|nft/|check_statusfile/|nawk/|valgrind/|sysctl/|vipw/|crontab/|uuencode/|ghc/|base64/|byebug/|tac/|zsh/|genie/|tar/|bconsole/|batcat/|slsh/|fold/|basenc/|whois/|tasksh/|uudecode/|tdbtool/|rlwrap/|csh/|msgfilter/|git/|watch/|aria2c/|bc/|ip$/|unzip/|pg/|perl/|ln/|view/|fish/|service/|setarch/|sshpass/|dmesg/|fmt/|openssl/|certbot/|ssh$/|jjs/|lp/|pax/|alpine/|ansible-playbook/|distcc/|gcc/|cupsfilter/|opkg/|puppet/|nl/|nmap/|taskset/|xargs/|genisoimage/|bundler/|nano/|env/|julia/|aoss/|tic/|cabal/|at/|dmidecode/|lua/|sh/|ksshell/|wish/|grep/|start-stop-daemon/|crash/|dosbox/|busctl/|vagrant/|mysql/|lualatex/|chmod/|column/|cowsay/|troff/|ionice/|readelf/|php/|screen/|docker/|softlimit/|timeout/|composer/|join/|ab/|aspell/|dash/|ldconfig/|pandoc/|gawk/|sqlite3/|arj/|head/|as/|expect/|msgmerge/|bridge/|terraform/|rlogin/|sqlmap/|volatility/|nsenter/|expand/|iconv/|xxd/|basez/|sed/|restic/|cat/|eb/|vim/|posh/|wall/|cdist/|rpmverify/|npm/|strings/|smbclient/|redis/|zsoelim/|rtorrent/|pip/|cobc/|cpulimit'
 
 system_info()
 {

From c2435f1f2f14564ce37917999ff1e4ee86a65363 Mon Sep 17 00:00:00 2001
From: Naveen Ranasinghe <naveenyasiru98@gmail.com>
Date: Wed, 6 Sep 2023 23:32:26 +0530
Subject: [PATCH 3/3] Update LinEnum.sh

format error corrected
---
 LinEnum.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/LinEnum.sh b/LinEnum.sh
index dff8f86..6b00f28 100755
--- a/LinEnum.sh
+++ b/LinEnum.sh
@@ -80,7 +80,7 @@ echo -e "\e[00m\n"
 
 # useful binaries (thanks to https://gtfobins.github.io/)
 #updated the binary list according to gtfobins on 06/09/3023
-binarylist='sg/|tshark/|elvish/|octave/|rsync/|wget/|bzip2/|red/|w3m/|systemd-resolve/|agetty/|look/|psql/|socat/|zypper/|rvim/|csplit/|more/|ascii85/|less/|wireshark/|hexdump/|gtester/|emacs/|timedatectl/|hping3/|ul/|script/|knife/|joe/|ruby/|nohup/|easy_install/|stdbuf/|pdftex/|soelim/|pry/|chroot/|choom/|snap/|dig/|bpftrace/|mount/|cpio/|rpmdb/|ksu/|latex/|msgattrib/|psftp/|luatex/|openvpn/|mosquitto/|ncftp/|strace/|ip/|nm/|pico/|install/|exiftool/|rc/|find/|apt-get/|awk/|pr/|c89/|od/|csvtool/|msgcat/|journalctl/|nroff/|dd/|curl/|dpkg/|ascii-xfr/|gimp/|capsh/|tex/|torify/|ksh/|date/|base58/|tail/|shuf/|check_ssl_cert/|gcloud/|ftp/|cpan/|dmsetup/|whiptail/|cowthink/|espeak/|update-alternatives/|cancel/|bash/|rev/|paste/|check_log/|ssh/|dvips/|uniq/|ash/|lwp-request/|aa-exec/|unsquashfs/|ht/|logsave/|dstat/|redcarpet/|debugfs/|gdb/|tmux/|dialog/|tmate/|openvt/|check_cups/|neofetch/|check_memory/|dotnet/|scrot/|highlight/|wc/|ar/|vimdiff/|unshare/|jq/|socket/|pwsh/|msguniq/|cmp/|ptx/|perlbug/|iftop/|virsh/|mail/|run-parts/|jtag/|pic/|lftp/|aws/|atobm/|mtr/|top/|pdflatex/|tcpdump/|cp/|python/|finger/|man/|jrunscript/|ispell/|cut/|apt/|chown/|pidstat/|ginsh/|sort/|tbl/|comm/|ex/|task/|rpmquery/|lwp-download/|flock/|tftp/|check_by_ssh/|kubectl/|pkg/|msfconsole/|check_raid/|gem/|rpm/|nasm/|su/|pkexec/|grc/|make/|perf/|telnet/|c99/|arp/|nc/|multitime/|latexmk/|sftp/|run-mailcap/|ssh-agent/|ss/|ld.so/|scanmem/|vi/|bundle/|mv/|hd/|torsocks/|efax/|loginctl/|tee/|fping/|7z/|tclsh/|pexec/|setfacl/|dnf/|msgconv/|ltrace/|node/|rview/|zip/|sash/|base32/|ssh-keyscan/|vigr/|gcore/|systemctl/|netcat/|diff/|setlock/|dos2unix/|rake/|facter/|pdb/|time/|gzip/|eqn/|ssh-keygen/|scp/|busybox/|split/|irb/|mawk/|ansible-test/|unexpand/|clamscan/|ed/|file/|ghci/|nice/|nft/|check_statusfile/|nawk/|valgrind/|sysctl/|vipw/|crontab/|uuencode/|ghc/|base64/|byebug/|tac/|zsh/|genie/|tar/|bconsole/|batcat/|slsh/|fold/|basenc/|whois/|tasksh/|uudecode/|tdbtool/|rlwrap/|csh/|msgfilter/|git/|watch/|aria2c/|bc/|ip$/|unzip/|pg/|perl/|ln/|view/|fish/|service/|setarch/|sshpass/|dmesg/|fmt/|openssl/|certbot/|ssh$/|jjs/|lp/|pax/|alpine/|ansible-playbook/|distcc/|gcc/|cupsfilter/|opkg/|puppet/|nl/|nmap/|taskset/|xargs/|genisoimage/|bundler/|nano/|env/|julia/|aoss/|tic/|cabal/|at/|dmidecode/|lua/|sh/|ksshell/|wish/|grep/|start-stop-daemon/|crash/|dosbox/|busctl/|vagrant/|mysql/|lualatex/|chmod/|column/|cowsay/|troff/|ionice/|readelf/|php/|screen/|docker/|softlimit/|timeout/|composer/|join/|ab/|aspell/|dash/|ldconfig/|pandoc/|gawk/|sqlite3/|arj/|head/|as/|expect/|msgmerge/|bridge/|terraform/|rlogin/|sqlmap/|volatility/|nsenter/|expand/|iconv/|xxd/|basez/|sed/|restic/|cat/|eb/|vim/|posh/|wall/|cdist/|rpmverify/|npm/|strings/|smbclient/|redis/|zsoelim/|rtorrent/|pip/|cobc/|cpulimit'
+binarylist='sg\|tshark\|elvish\|octave\|rsync\|wget\|bzip2\|red\|w3m\|systemd-resolve\|agetty\|look\|psql\|socat\|zypper\|rvim\|csplit\|more\|ascii85\|less\|wireshark\|hexdump\|gtester\|emacs\|timedatectl\|hping3\|ul\|script\|knife\|joe\|ruby\|nohup\|easy_install\|stdbuf\|pdftex\|soelim\|pry\|chroot\|choom\|snap\|dig\|bpftrace\|mount\|cpio\|rpmdb\|ksu\|latex\|msgattrib\|psftp\|luatex\|openvpn\|mosquitto\|ncftp\|strace\|ip\|nm\|pico\|install\|exiftool\|rc\|find\|apt-get\|awk\|pr\|c89\|od\|csvtool\|msgcat\|journalctl\|nroff\|dd\|curl\|dpkg\|ascii-xfr\|gimp\|capsh\|tex\|torify\|ksh\|date\|base58\|tail\|shuf\|check_ssl_cert\|gcloud\|ftp\|cpan\|dmsetup\|whiptail\|cowthink\|espeak\|update-alternatives\|cancel\|bash\|rev\|paste\|check_log\|ssh\|dvips\|uniq\|ash\|lwp-request\|aa-exec\|unsquashfs\|ht\|logsave\|dstat\|redcarpet\|debugfs\|gdb\|tmux\|dialog\|tmate\|openvt\|check_cups\|neofetch\|check_memory\|dotnet\|scrot\|highlight\|wc\|ar\|vimdiff\|unshare\|jq\|socket\|pwsh\|msguniq\|cmp\|ptx\|perlbug\|iftop\|virsh\|mail\|run-parts\|jtag\|pic\|lftp\|aws\|atobm\|mtr\|top\|pdflatex\|tcpdump\|cp\|python\|finger\|man\|jrunscript\|ispell\|cut\|apt\|chown\|pidstat\|ginsh\|sort\|tbl\|comm\|ex\|task\|rpmquery\|lwp-download\|flock\|tftp\|check_by_ssh\|kubectl\|pkg\|msfconsole\|check_raid\|gem\|rpm\|nasm\|su\|pkexec\|grc\|make\|perf\|telnet\|c99\|arp\|nc\|multitime\|latexmk\|sftp\|run-mailcap\|ssh-agent\|ss\|ld.so\|scanmem\|vi\|bundle\|mv\|hd\|torsocks\|efax\|loginctl\|tee\|fping\|7z\|tclsh\|pexec\|setfacl\|dnf\|msgconv\|ltrace\|node\|rview\|zip\|sash\|base32\|ssh-keyscan\|vigr\|gcore\|systemctl\|netcat\|diff\|setlock\|dos2unix\|rake\|facter\|pdb\|time\|gzip\|eqn\|ssh-keygen\|scp\|busybox\|split\|irb\|mawk\|ansible-test\|unexpand\|clamscan\|ed\|file\|ghci\|nice\|nft\|check_statusfile\|nawk\|valgrind\|sysctl\|vipw\|crontab\|uuencode\|ghc\|base64\|byebug\|tac\|zsh\|genie\|tar\|bconsole\|batcat\|slsh\|fold\|basenc\|whois\|tasksh\|uudecode\|tdbtool\|rlwrap\|csh\|msgfilter\|git\|watch\|aria2c\|bc\|ip$\|unzip\|pg\|perl\|ln\|view\|fish\|service\|setarch\|sshpass\|dmesg\|fmt\|openssl\|certbot\|ssh$\|jjs\|lp\|pax\|alpine\|ansible-playbook\|distcc\|gcc\|cupsfilter\|opkg\|puppet\|nl\|nmap\|taskset\|xargs\|genisoimage\|bundler\|nano\|env\|julia\|aoss\|tic\|cabal\|at\|dmidecode\|lua\|sh\|ksshell\|wish\|grep\|start-stop-daemon\|crash\|dosbox\|busctl\|vagrant\|mysql\|lualatex\|chmod\|column\|cowsay\|troff\|ionice\|readelf\|php\|screen\|docker\|softlimit\|timeout\|composer\|join\|ab\|aspell\|dash\|ldconfig\|pandoc\|gawk\|sqlite3\|arj\|head\|as\|expect\|msgmerge\|bridge\|terraform\|rlogin\|sqlmap\|volatility\|nsenter\|expand\|iconv\|xxd\|basez\|sed\|restic\|cat\|eb\|vim\|posh\|wall\|cdist\|rpmverify\|npm\|strings\|smbclient\|redis\|zsoelim\|rtorrent\|pip\|cobc\|cpulimit'
 
 system_info()
 {