PenTest/privilege-escalation-awesome-scripts-suite
1
0
Fork 0
mirror of https://github.com/carlospolop/privilege-escalation-awesome-scripts-suite.git synced 2026-01-29 16:59:02 +00:00
Code Issues Projects Releases Wiki Activity

impr winpeas

Browse Source
This commit is contained in:
Carlos Polop
2025-03-20 05:02:34 +01:00
parent ce5cb1ad9c
commit 62022abc47
3 changed files with 45 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

31
winPEAS/winPEASexe/winPEAS/Info/CloudInfo/AzureInfo.cs
View File

@@ -28,7 +28,20 @@ namespace winPEAS.Info.CloudInfo
const string API_VERSION = "2021-12-13";
const string CONTAINER_API_VERSION = "2019-08-01";
// **New helper method to detect if running inside an Azure container**
public static bool DoesProcessExist(string processName)
{
// Return false if the process name is null or empty
if (string.IsNullOrEmpty(processName))
{
return false;
}
// Retrieve all processes matching the specified name
Process[] processes = Process.GetProcessesByName(processName);
return processes.Length > 0;
}
// New helper method to detect if running inside an Azure container
private bool IsContainer()
{
return !string.IsNullOrEmpty(Environment.GetEnvironmentVariable("IDENTITY_ENDPOINT")) ||
@@ -123,6 +136,22 @@ namespace winPEAS.Info.CloudInfo
}
}
string hwsRun = DoesProcessExist("HybridWorkerService") ? "Yes" : "No";
_endpointDataList.Add(new EndpointData()
{
EndpointName = "HybridWorkerService.exe Running",
Data = hwsRun,
IsAttackVector = true
});
string OSRun = DoesProcessExist("Orchestrator.Sandbox") ? "Yes" : "No";
_endpointDataList.Add(new EndpointData()
{
EndpointName = "Orchestrator.Sandbox.exe Running",
Data = OSRun,
IsAttackVector = true
});
_endpointData.Add("General", _endpointDataList);
}
catch (Exception ex)