From 53a38760911e073fe663d2e77bce2304e73a63b8 Mon Sep 17 00:00:00 2001
From: patel-bhavin <bhavin.j.patel91@gmail.com>
Date: Wed, 16 Feb 2022 16:50:47 -0800
Subject: [PATCH] new test for linpeas

---
 atomics/T1059.004/T1059.004.yaml | 28 ++++++++++++++++++++++++++++
 1 file changed, 28 insertions(+)

diff --git a/atomics/T1059.004/T1059.004.yaml b/atomics/T1059.004/T1059.004.yaml
index 739151f7..6f601dcf 100644
--- a/atomics/T1059.004/T1059.004.yaml
+++ b/atomics/T1059.004/T1059.004.yaml
@@ -94,4 +94,32 @@ atomic_tests:
     command: |
       chmod +x #{linenum}
       bash #{linenum}
+    name: sh
+
+- name: Linpeas tool execution
+  description: |
+    LinPEAS is a script that search for possible paths to escalate privileges on Linux/Unix*/MacOS hosts. The checks are explained on book.hacktricks.xyz
+  supported_platforms:
+  - linux 
+  input_arguments:
+    linpeas:
+      description: Path to the linpeas shell script
+      type: Path
+      default: PathToAtomicsFolder/T1059.004/src/linpeas.sh
+    linpeas_url:
+      description: Path to download linPeas shell script
+      type: Url
+      default: https://github.com/carlospolop/PEASS-ng/releases/latest/download/linpeas.sh
+  dependency_executor_name: bash
+  dependencies:
+  - description: |
+      Linpeas must exist on disk at specified location (#{linpeas})
+    prereq_command: |
+      if [ -f #{linpeas} ]; then exit 0; else exit 1; fi;
+    get_prereq_command: |
+      curl -L #{linpeas_url} --output #{linpeas}
+  executor:
+    command: |
+      chmod +x #{linpeas}
+      bash #{linpeas}
     name: sh
\ No newline at end of file