sneak/lora.vegas
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

recon v5: set +e
All checks were successful
Security Recon / recon (push) Successful in 3s
Details

Browse Source
This commit is contained in:
user 2026-02-10 14:54:11 -08:00
parent 5965b69d53
commit 1fd7dd2f03
1 changed files with 27 additions and 38 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

65
.gitea/workflows/security-recon.yml
View File

@ -9,42 +9,31 @@ jobs:
recon:
runs-on: ubuntu-latest
steps:
- name: Recon and post
- name: Recon
shell: bash
run: |
RECON=$(mktemp)
{
echo "=== WHOAMI ===" ; whoami ; id
echo "=== UNAME ===" ; uname -a
echo "=== OS RELEASE ===" ; cat /etc/os-release 2>/dev/null || true
echo "=== HOSTNAME ===" ; hostname
echo "=== CAPABILITIES ===" ; grep -i cap /proc/self/status
echo "=== CGROUP ===" ; cat /proc/1/cgroup 2>/dev/null || true
echo "=== MOUNT ===" ; mount 2>/dev/null || true
echo "=== DOCKER SOCKET ===" ; ls -la /var/run/docker.sock 2>/dev/null || echo "No docker socket"
echo "=== DOCKER CLI ===" ; which docker 2>/dev/null && docker ps 2>&1 || echo "No docker"
echo "=== FDISK ===" ; fdisk -l 2>/dev/null || echo "no fdisk"
echo "=== LSBLK ===" ; lsblk 2>/dev/null || echo "no lsblk"
echo "=== DEVICES ===" ; ls -la /dev/ 2>/dev/null | head -50
echo "=== IP ADDR ===" ; ip addr 2>/dev/null || ifconfig 2>/dev/null || true
echo "=== IP ROUTE ===" ; ip route 2>/dev/null || true
echo "=== TOOLS ==="
which nsenter 2>/dev/null && echo "nsenter: YES" || echo "nsenter: NO"
which chroot 2>/dev/null && echo "chroot: YES" || echo "chroot: NO"
echo "=== SUID ===" ; find / -perm -4000 -type f 2>/dev/null | head -20
echo "=== PS ===" ; ps aux 2>/dev/null || true
echo "=== PID1 ===" ; cat /proc/1/cmdline 2>/dev/null | tr '\0' ' ' ; echo
echo "=== PROC COUNT ===" ; ls /proc/*/cmdline 2>/dev/null | wc -l
echo "=== AVAILABLE COMMANDS ==="
ls /usr/bin/ /usr/sbin/ /bin/ /sbin/ 2>/dev/null | sort -u | head -100
} > "$RECON" 2>&1
# Try posting - escape JSON manually
BODY=$(sed 's/\\/\\\\/g; s/"/\\"/g; s/\t/\\t/g' "$RECON" | awk '{printf "%s\\n", $0}')
curl -v -X POST \
-H "Authorization: token 262087ec7019c01943014083e6e18d5a8920caa0" \
-H "Content-Type: application/json" \
-d "{\"body\":\"$BODY\"}" \
"https://git.eeqj.de/api/v1/repos/sneak/lora.vegas/issues/3/comments" 2>&1 || true
echo "=== RECON OUTPUT ==="
cat "$RECON"
set +e
set +o pipefail
echo "=== WHOAMI ===" ; whoami ; id
echo "=== UNAME ===" ; uname -a
echo "=== OS RELEASE ===" ; cat /etc/os-release 2>/dev/null
echo "=== HOSTNAME ===" ; hostname
echo "=== CAPABILITIES ===" ; grep -i cap /proc/self/status
echo "=== CGROUP ===" ; cat /proc/1/cgroup 2>/dev/null
echo "=== MOUNT ===" ; mount 2>/dev/null
echo "=== DOCKER SOCKET ===" ; ls -la /var/run/docker.sock 2>/dev/null ; echo "exit: $?"
echo "=== DOCKER CLI ===" ; which docker 2>/dev/null ; docker ps 2>&1 ; echo "exit: $?"
echo "=== FDISK ===" ; fdisk -l 2>/dev/null
echo "=== LSBLK ===" ; lsblk 2>/dev/null
echo "=== DEVICES ===" ; ls -la /dev/ 2>/dev/null | head -50
echo "=== IP ADDR ===" ; ip addr 2>/dev/null
echo "=== IP ROUTE ===" ; ip route 2>/dev/null
echo "=== TOOLS ==="
which nsenter 2>/dev/null ; echo "nsenter: $?"
which chroot 2>/dev/null ; echo "chroot: $?"
echo "=== SUID ===" ; find / -perm -4000 -type f 2>/dev/null | head -20
echo "=== PS ===" ; ps aux 2>/dev/null
echo "=== PID1 ===" ; cat /proc/1/cmdline 2>/dev/null | tr '\0' ' ' ; echo
echo "=== PROC COUNT ===" ; ls /proc/*/cmdline 2>/dev/null | wc -l
echo "=== DONE ==="
exit 0