improved support az metadata

peass-ng · Jan 11, 2025 · abd1f3d · abd1f3d
1 parent 7e749c5
commit abd1f3d
Show file tree

Hide file tree

Showing 2 changed files with 22 additions and 4 deletions.
diff --git a/linPEAS/builder/linpeas_parts/3_cloud/1_Check_if_in_cloud.sh b/linPEAS/builder/linpeas_parts/3_cloud/1_Check_if_in_cloud.sh
@@ -25,7 +25,7 @@ print_list "AWS Lambda? .......................... $is_aws_lambda\n"$NC | sed "s
 print_list "AWS Codebuild? ....................... $is_aws_codebuild\n"$NC | sed "s,Yes,${SED_RED}," | sed "s,No,${SED_GREEN},"
 print_list "DO Droplet? .......................... $is_do\n"$NC | sed "s,Yes,${SED_RED}," | sed "s,No,${SED_GREEN},"
 print_list "IBM Cloud VM? ........................ $is_ibm_vm\n"$NC | sed "s,Yes,${SED_RED}," | sed "s,No,${SED_GREEN},"
-print_list "Azure VM? ............................ $is_az_vm\n"$NC | sed "s,Yes,${SED_RED}," | sed "s,No,${SED_GREEN},"
+print_list "Azure VM or Az metadata? ............. $is_az_vm\n"$NC | sed "s,Yes,${SED_RED}," | sed "s,No,${SED_GREEN},"
 print_list "Azure APP? ........................... $is_az_app\n"$NC | sed "s,Yes,${SED_RED}," | sed "s,No,${SED_GREEN},"
 print_list "Azure Automation Account? ............ $is_az_automation_acc\n"$NC | sed "s,Yes,${SED_RED}," | sed "s,No,${SED_GREEN},"
 print_list "Aliyun ECS? .......................... $is_aliyun_ecs\n"$NC | sed "s,Yes,${SED_RED}," | sed "s,No,${SED_GREEN},"

diff --git a/linPEAS/builder/linpeas_parts/functions/check_az_vm.sh b/linPEAS/builder/linpeas_parts/functions/check_az_vm.sh
@@ -16,10 +16,28 @@
 check_az_vm(){
   is_az_vm="No"
 
+  # 1. Check if the Azure log directory exists
   if [ -d "/var/log/azure/" ]; then
     is_az_vm="Yes"
-
-  elif cat /etc/resolv.conf 2>/dev/null | grep -q "search reddog.microsoft.com"; then
+
+  # 2. Check if 'reddog.microsoft.com' is found in /etc/resolv.conf
+  elif grep -q "search reddog.microsoft.com" /etc/resolv.conf 2>/dev/null; then
     is_az_vm="Yes"
+
+  else
+    # 3. Try querying the Azure Metadata Service for more wide support (e.g. Azure Container Registry tasks need this)
+    if command -v curl &> /dev/null; then
+      response=$(curl -s --max-time 2 \
+        "http://169.254.169.254/metadata/identity/oauth2/token")
+      if echo "$response" | grep -q "Missing"; then
+        is_az_vm="Yes"
+      fi
+    elif command -v wget &> /dev/null; then
+      response=$(wget -qO- --timeout=2 \
+        "http://169.254.169.254/metadata/identity/oauth2/token")
+      if echo "$response" | grep -q "Missing"; then
+        is_az_vm="Yes"
+      fi
+    fi
   fi
-}
+}