PenTest/privilege-escalation-awesome-scripts-suite
1
0
Fork 0
mirror of https://github.com/carlospolop/privilege-escalation-awesome-scripts-suite.git synced 2025-12-28 10:49:05 +00:00
Code Issues Projects Releases Wiki Activity

- fixed getting data from clipboard

Browse Source 
- fixed GetExecutableFromPath
- unified exception logging
- cleanup
This commit is contained in:
makikvues
2021-01-14 23:50:19 +01:00
parent bf10cd7c0c
commit 448a1aaf5b
16 changed files with 89 additions and 130 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
winPEAS/winPEASexe/winPEAS/Checks/Checks.cs
View File

@@ -239,7 +239,7 @@ namespace winPEAS.Checks
// create the file lists
try
{
Beaprint.GrayPrint(" - Files/directories list for search...");
Beaprint.GrayPrint(" - Creating files/directories list for search...");
SearchHelper.CreateSearchDirectoriesList();
}
catch (Exception ex)

2
winPEAS/winPEASexe/winPEAS/Checks/UserInfo.cs
View File

@@ -114,7 +114,7 @@ namespace winPEAS.Checks
{
Beaprint.MainPrint("Clipboard text");
string clipboard = Info.UserInfo.UserInfoHelper.GetClipboardText();
if (string.IsNullOrEmpty(clipboard))
if (!string.IsNullOrEmpty(clipboard))
{
Beaprint.BadPrint(clipboard);
}

2
winPEAS/winPEASexe/winPEAS/Helpers/DomainHelper.cs
View File

@@ -78,7 +78,7 @@ namespace winPEAS.Helpers
}
catch (Exception ex)
{
Beaprint.GrayPrint(String.Format(" [X] Exception: {0}", ex.Message));
Beaprint.PrintException(ex.Message);
}
//By default local
return "";

8
winPEAS/winPEASexe/winPEAS/Helpers/MyUtils.cs
View File

@@ -55,7 +55,15 @@ namespace winPEAS.Helpers
string binaryPath = "";
Match match_path = Regex.Match(path, @"^\W*([a-z]:\\.+?(\.exe|\.dll|\.sys))\W*", RegexOptions.RightToLeft | RegexOptions.IgnoreCase);
if (match_path.Groups.Count > 1)
{
binaryPath = match_path.Groups[1].ToString();
}
if (binaryPath.Contains('"'))
{
binaryPath = binaryPath.Split('"')[0];
binaryPath = binaryPath.Trim();
}
//Check if rundll32
string[] binaryPathdll32 = binaryPath.Split(new string[] {"Rundll32.exe"}, StringSplitOptions.None);

12
winPEAS/winPEASexe/winPEAS/Helpers/PermissionsHelper.cs
View File

@@ -87,7 +87,9 @@ namespace winPEAS.Helpers
int current_perm = (int)rule.FileSystemRights;
string current_perm_str = PermInt2Str(current_perm, false);
if (current_perm_str == "")
{
continue;
}
foreach (KeyValuePair<string, string> mySID in SIDs)
{
@@ -99,7 +101,9 @@ namespace winPEAS.Helpers
if (container.ContainsKey(SID_name))
{
if (!container[SID_name].Contains(current_perm_str))
{
container[SID_name] += " " + current_perm_str;
}
}
else
container[SID_name] = current_perm_str;
@@ -161,7 +165,7 @@ namespace winPEAS.Helpers
}
catch (Exception ex)
{
Beaprint.GrayPrint(String.Format(" [X] Exception: {0}", ex.Message));
Beaprint.PrintException(ex.Message);
}
return results;
}
@@ -215,7 +219,9 @@ namespace winPEAS.Helpers
foreach (KeyValuePair<string, int> entry in interesting_perms)
{
if ((entry.Value & current_perm) == entry.Value)
return entry.Key;
{
return entry.Key;
}
}
}
catch (Exception ex)
@@ -249,7 +255,9 @@ namespace winPEAS.Helpers
Dictionary<string, string> results = new Dictionary<string, string>();
int max_dir_recurse = 130;
if (cont > max_dir_recurse)
{
return results; //"Limit" for apps with hundreds of thousands of folders
}
results[path] = ""; //If you cant open, then there are no privileges for you (and the try will explode)
try

41
winPEAS/winPEASexe/winPEAS/Helpers/Search/SearchHelper.cs
View File

@@ -248,31 +248,15 @@ namespace winPEAS.Helpers.Search
}
internal static List<string> SearchUsersInterestingFiles()
{
//SearchHelper.FindFiles(searchPath, _patternsFileCreds, colorF);
//string patterns = string.Join(";", patternsFileCreds);
{
var result = new List<string>();
foreach (var file in SearchHelper.RootDirCurrentUser)
{
// !!! too slow - regexp
//foreach (var pattern in Patterns.PatternsFileCreds2)
//{
// if (Regex.IsMatch(file, pattern, RegexOptions.IgnoreCase))
// {
// //files2.Add(file + $" [pattern: '{pattern}']");
// files2.Add(file);
// break;
// }
//}
string extLower = file.Extension.ToLower();
string nameLower = file.Filename.ToLower();
// string nameExtLower = nameLower + "." + extLower;
if (Patterns.WhitelistExtensions.Contains(extLower) ||
// Patterns.WhiteListFilenames.Contains(nameLower) ||
Patterns.WhiteListExactfilenamesWithExtensions.Contains(nameLower))
{
result.Add(file.FullPath);
@@ -296,9 +280,6 @@ namespace winPEAS.Helpers.Search
internal static List<string> FindCachedGPPPassword()
{
//SearchHelper.FindFiles(searchPath, _patternsFileCreds, colorF);
//string patterns = string.Join(";", patternsFileCreds);
var result = new List<string>();
var allowedExtensions = new HashSet<string>
@@ -307,13 +288,13 @@ namespace winPEAS.Helpers.Search
};
foreach (var file in SearchHelper.GroupPolicyHistory)
{
string extLower = file.Extension.ToLower();
{
string extLower = file.Extension.ToLower();
if (allowedExtensions.Contains(extLower))
{
result.Add(file.FullPath);
}
}
}
return result;
@@ -328,14 +309,6 @@ namespace winPEAS.Helpers.Search
"sitelist.xml"
};
//string[] searchLocations =
//{
// $"{drive}\\Program Files\\",
// $"{drive}\\Program Files (x86)\\",
// $"{drive}\\Documents and Settings\\",
// $"{drive}\\Users\\",
//};
var searchFiles = new List<CustomFileInfo>();
searchFiles.AddRange(SearchHelper.ProgramFiles);
searchFiles.AddRange(SearchHelper.ProgramFilesX86);
@@ -359,8 +332,6 @@ namespace winPEAS.Helpers.Search
{
var result = new List<string>();
string patterns = "*diagram*;*.pdf;*.vsd;*.doc;*docx;*.xls;*.xlsx";
var allowedRegexp = new List<string>
{
".*diagram.*",
@@ -380,7 +351,6 @@ namespace winPEAS.Helpers.Search
{
string extLower = file.Extension.ToLower();
string nameLower = file.Filename.ToLower();
// string nameExtLower = nameLower + "." + extLower;
if (allowedExtensions.Contains(extLower))
{
@@ -407,8 +377,6 @@ namespace winPEAS.Helpers.Search
{
var result = new List<string>();
string patterns = "*diagram*;*.pdf;*.vsd;*.doc;*docx;*.xls;*.xlsx";
var allowedRegexp = new List<string>
{
".*diagram.*",
@@ -428,7 +396,6 @@ namespace winPEAS.Helpers.Search
{
string extLower = file.Extension.ToLower();
string nameLower = file.Filename.ToLower();
// string nameExtLower = nameLower + "." + extLower;
if (allowedExtensions.Contains(extLower))
{

2
winPEAS/winPEASexe/winPEAS/Info/ApplicationInfo/AutoRuns.cs
View File

@@ -242,7 +242,7 @@ namespace winPEAS.Info.ApplicationInfo
}
catch (Exception ex)
{
Beaprint.GrayPrint(string.Format(" [X] Exception: {0}", ex.Message));
Beaprint.PrintException(ex.Message);
}
return results;
}

100
winPEAS/winPEASexe/winPEAS/Info/ApplicationInfo/InstalledApps.cs
View File

@@ -3,7 +3,6 @@ using System.Collections.Generic;
using System.IO;
using System.Linq;
using winPEAS.Helpers;
using winPEAS.KnownFileCreds;
namespace winPEAS.Info.ApplicationInfo
{
@@ -12,76 +11,53 @@ namespace winPEAS.Info.ApplicationInfo
public static SortedDictionary<string, Dictionary<string, string>> GetInstalledAppsPerms()
{
//Get from Program Files
SortedDictionary<string, Dictionary<string, string>> results = GetInstalledAppsPermsPath(@Path.GetPathRoot(Environment.SystemDirectory) + "Program Files");
SortedDictionary<string, Dictionary<string, string>> results2 = GetInstalledAppsPermsPath(@Path.GetPathRoot(Environment.SystemDirectory) + "Program Files (x86)");
SortedDictionary<string, Dictionary<string, string>> results = GetInstalledAppsPermsPath(Path.GetPathRoot(Environment.SystemDirectory) + "Program Files");
SortedDictionary<string, Dictionary<string, string>> results2 = GetInstalledAppsPermsPath(Path.GetPathRoot(Environment.SystemDirectory) + "Program Files (x86)");
results.Concat(results2).ToDictionary(kvp => kvp.Key, kvp => kvp.Value);
//Get from Uninstall
string[] subkeys = RegistryHelper.GetRegSubkeys("HKLM", @"SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall");
if (subkeys != null)
string[] registryPaths = new string[]
{
foreach (string app in subkeys)
@"SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall",
@"SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall"
};
foreach (var registryPath in registryPaths)
{
string[] subkeys = RegistryHelper.GetRegSubkeys("HKLM", registryPath);
if (subkeys != null)
{
string installLocation = RegistryHelper.GetRegValue("HKLM", String.Format(@"SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{0}", app), "InstallLocation");
if (string.IsNullOrEmpty(installLocation))
foreach (string app in subkeys)
{
continue;
}
installLocation = installLocation.Replace("\"", "");
if (installLocation.EndsWith(@"\"))
installLocation = installLocation.Substring(0, installLocation.Length - 1);
if (!results.ContainsKey(installLocation) && Directory.Exists(installLocation))
{
bool already = false;
foreach (string path in results.Keys)
string installLocation = RegistryHelper.GetRegValue("HKLM", string.Format(@"SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{0}", app), "InstallLocation");
if (string.IsNullOrEmpty(installLocation))
{
if (installLocation.IndexOf(path) != -1) //Check for subfoldres of already found folders
continue;
}
installLocation = installLocation.Replace("\"", "");
if (installLocation.EndsWith(@"\"))
{
installLocation = installLocation.Substring(0, installLocation.Length - 1);
}
if (!results.ContainsKey(installLocation) && Directory.Exists(installLocation))
{
bool already = false;
foreach (string path in results.Keys)
{
already = true;
break;
if (installLocation.IndexOf(path) != -1) //Check for subfoldres of already found folders
{
already = true;
break;
}
}
if (!already)
{
results[installLocation] = PermissionsHelper.GetRecursivePrivs(installLocation);
}
}
if (!already)
{
results[installLocation] = PermissionsHelper.GetRecursivePrivs(installLocation);
}
}
}
}
subkeys = RegistryHelper.GetRegSubkeys("HKLM", @"SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall");
if (subkeys != null)
{
foreach (string app in subkeys)
{
string installLocation = RegistryHelper.GetRegValue("HKLM", String.Format(@"SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{0}", app), "InstallLocation");
if (string.IsNullOrEmpty(installLocation))
{
continue;
}
installLocation = installLocation.Replace("\"", "");
if (installLocation.EndsWith(@"\"))
installLocation = installLocation.Substring(0, installLocation.Length - 1);
if (!results.ContainsKey(installLocation) && Directory.Exists(installLocation))
{
bool already = false;
foreach (string path in results.Keys)
{
if (installLocation.IndexOf(path) != -1) //Check for subfoldres of already found folders
{
already = true;
break;
}
}
if (!already)
results[installLocation] = PermissionsHelper.GetRecursivePrivs(installLocation);
}
}
}

8
winPEAS/winPEASexe/winPEAS/Info/NetworkInfo/NetworkInfoHelper.cs
View File

@@ -170,7 +170,7 @@ namespace winPEAS.Info.NetworkInfo
}
catch (Exception ex)
{
Beaprint.GrayPrint(String.Format(" [X] Exception: {0}", ex.Message));
Beaprint.PrintException(ex.Message);
}
results = adapters.Values.ToList();
return results;
@@ -213,7 +213,7 @@ namespace winPEAS.Info.NetworkInfo
}
catch (Exception ex)
{
Beaprint.GrayPrint(String.Format(" [X] Exception: {0}", ex.Message));
Beaprint.PrintException(ex.Message);
}
return results;
@@ -258,7 +258,7 @@ namespace winPEAS.Info.NetworkInfo
}
catch (Exception ex)
{
Beaprint.GrayPrint(String.Format(" [X] Exception: {0}", ex.Message));
Beaprint.PrintException(ex.Message);
}
return results;
}
@@ -291,7 +291,7 @@ namespace winPEAS.Info.NetworkInfo
}
catch (Exception ex)
{
Beaprint.GrayPrint(String.Format(" [X] Exception: {0}", ex.Message));
Beaprint.PrintException(ex.Message);
}
return results;
}

2
winPEAS/winPEASexe/winPEAS/Info/ProcessInfo/ProcessesInfo.cs
View File

@@ -95,7 +95,7 @@ namespace winPEAS.Info.ProcessInfo
}
catch (Exception ex)
{
Beaprint.GrayPrint(String.Format(" [X] Exception: {0}", ex.Message));
Beaprint.PrintException(ex.Message);
}
return f_results;
}

10
winPEAS/winPEASexe/winPEAS/Info/ServicesInfo/ServicesInfoHelper.cs
View File

@@ -65,7 +65,7 @@ namespace winPEAS.Info.ServicesInfo
}
catch (Exception ex)
{
Beaprint.GrayPrint(String.Format(" [X] Exception: {0}", ex.Message));
Beaprint.PrintException(ex.Message);
}
return results;
}
@@ -147,7 +147,7 @@ namespace winPEAS.Info.ServicesInfo
}
catch (Exception ex)
{
Beaprint.GrayPrint(String.Format(" [X] Exception: {0}", ex.Message));
Beaprint.PrintException(ex.Message);
}
return results;
}
@@ -233,7 +233,7 @@ namespace winPEAS.Info.ServicesInfo
}
catch (Exception)
{
//Beaprint.GrayPrint(String.Format(" [X] Exception: {0}", ex.Message));
//Beaprint.PrintException(ex.Message)
}
}
return results;
@@ -264,7 +264,7 @@ namespace winPEAS.Info.ServicesInfo
}
catch (Exception ex)
{
Beaprint.GrayPrint(String.Format(" [X] Exception: {0}", ex.Message));
Beaprint.PrintException(ex.Message);
}
return results;
}
@@ -292,7 +292,7 @@ namespace winPEAS.Info.ServicesInfo
}
catch (Exception ex)
{
Beaprint.GrayPrint(String.Format(" [X] Exception: {0}", ex.Message));
Beaprint.PrintException(ex.Message);
}
return results;
}

10
winPEAS/winPEASexe/winPEAS/Info/SystemInfo/SystemInfo.cs
View File

@@ -39,7 +39,7 @@ namespace winPEAS.Info.SystemInfo
}
catch (Exception ex)
{
Beaprint.GrayPrint(String.Format(" [X] Exception: {0}", ex.Message));
Beaprint.PrintException(ex.Message);
}
return false;
}
@@ -103,7 +103,7 @@ namespace winPEAS.Info.SystemInfo
}
catch (Exception ex)
{
Beaprint.GrayPrint(String.Format(" [X] Exception: {0}", ex.Message));
Beaprint.PrintException(ex.Message);
}
return results;
}
@@ -138,7 +138,7 @@ namespace winPEAS.Info.SystemInfo
}
catch (Exception ex)
{
Beaprint.GrayPrint(String.Format(" [X] Exception: {0}", ex.Message));
Beaprint.PrintException(ex.Message);
}
return results;
}
@@ -163,7 +163,7 @@ namespace winPEAS.Info.SystemInfo
}
catch (Exception ex)
{
Beaprint.GrayPrint(String.Format(" [X] Exception: {0}", ex.Message));
Beaprint.PrintException(ex.Message);
}
if (!String.IsNullOrEmpty(whitelistpaths))
results["whitelistpaths"] = " " + whitelistpaths; //Add this info the last
@@ -454,7 +454,7 @@ namespace winPEAS.Info.SystemInfo
}
catch (Exception ex)
{
Beaprint.GrayPrint(String.Format(" [X] Exception: {0}", ex.Message));
Beaprint.PrintException(ex.Message);
}
return result;
}

6
winPEAS/winPEASexe/winPEAS/Info/UserInfo/UserInfoHelper.cs
View File

@@ -48,7 +48,7 @@ namespace winPEAS.Info.UserInfo
}
catch
{
Beaprint.GrayPrint(String.Format(" [X] Exception: {0}", ex.Message));
Beaprint.PrintException(ex.Message);
}
}
@@ -61,7 +61,7 @@ namespace winPEAS.Info.UserInfo
}
catch (Exception ex)
{
Beaprint.GrayPrint(String.Format(" [X] Exception: {0}", ex.Message));
Beaprint.PrintException(ex.Message);
}
}
return groupName;
@@ -78,7 +78,7 @@ namespace winPEAS.Info.UserInfo
}
catch (Exception ex)
{
Beaprint.GrayPrint(String.Format(" [X] Exception: {0}", ex.Message));
Beaprint.PrintException(ex.Message);
}
return groupName;
}

8
winPEAS/winPEASexe/winPEAS/KnownFileCreds/Kerberos/Kerberos.cs
View File

@@ -171,7 +171,7 @@ namespace winPEAS.KnownFileCreds.Kerberos
}
catch (Exception ex)
{
Beaprint.GrayPrint(String.Format(" [X] Exception: {0}", ex.Message));
Beaprint.PrintException(ex.Message);
}
return results;
}
@@ -260,7 +260,7 @@ namespace winPEAS.KnownFileCreds.Kerberos
}
catch (Exception ex)
{
Beaprint.GrayPrint(String.Format(" [X] Exception: {0}", ex.Message));
Beaprint.PrintException(ex.Message);
}
return results;
}
@@ -449,7 +449,7 @@ namespace winPEAS.KnownFileCreds.Kerberos
}
catch (Exception ex)
{
Beaprint.GrayPrint(String.Format(" [X] Exception: {0}", ex.Message));
Beaprint.PrintException(ex.Message);
}
return results;
}
@@ -560,7 +560,7 @@ namespace winPEAS.KnownFileCreds.Kerberos
}
catch (Exception ex)
{
Beaprint.GrayPrint(String.Format(" [X] Exception: {0}", ex.Message));
Beaprint.PrintException(ex.Message);
}
return results;
}

4
winPEAS/winPEASexe/winPEAS/KnownFileCreds/KnownFileCredsInfo.cs
View File

@@ -425,7 +425,7 @@ namespace winPEAS.KnownFileCreds
}
catch (Exception ex)
{
Beaprint.GrayPrint(String.Format(" [X] Exception: {0}", ex.Message));
Beaprint.PrintException(ex.Message);
}
return results;
}
@@ -585,7 +585,7 @@ namespace winPEAS.KnownFileCreds
}
catch (Exception ex)
{
Beaprint.GrayPrint(String.Format(" [X] Exception: {0}", ex.Message));
Beaprint.PrintException(ex.Message);
}
return results;
}

2
winPEAS/winPEASexe/winPEAS/KnownFileCreds/Vault/VaultCli.cs
View File

@@ -193,7 +193,7 @@ namespace winPEAS.KnownFileCreds.Vault
}
catch (Exception ex)
{
Beaprint.GrayPrint(String.Format(" [X] Exception: {0}", ex.Message));
Beaprint.PrintException(ex.Message);
}
return results;
}