peass-ng

2025-12-26 01:39:04 +00:00 · 2021-07-15 23:01:51 +02:00
parent 83865dddda
commit e67097e123
5 changed files with 157 additions and 48 deletions
--- a/parser/README.md
+++ b/parser/README.md
@@ -1,3 +1,78 @@
 # Privilege Escalation Awesome Scripts JSON exporter

+This script allows you to transform the output of linpeas/macpeas/winpeas to JSON.

+```python3
+python3 peass-parser.py </path/to/executed_peass> </path/to/output_peass.json>
+```
+
+This script is still in beta version and has been tested only with linpeas output.
+
+## Format
+Basically, **each section has**:
+ - Infos (URLs or info about the section)
+ - Text lines (the real text info found in the section, colors included)
+ - More sections
+
+There is a **maximun of 3 levels of sections**.
+
+```json
+{
+  "<Main Section Name>": {
+    "sections": {
+      "<Secondary Section Name>": {
+        "sections": {},
+        "lines": [
+          {
+            "raw_text": "\u001b[0m\u001b[1;33m[+] \u001b[1;32mnmap\u001b[1;34m is available for network discover & port scanning, you should use it yourself",
+            "clean_text": "[+]  is available for network discover & port scanning, you should use it yourself",
+            "colors": {
+                "GREEN": [
+                    "nmap"
+                ],
+                "YELLOW": [
+                    "[+]"
+                ]
+            }
+          }
+        ],
+        "infos": [
+          "https://book.hacktricks.xyz/linux-unix/privilege-escalation#kernel-exploits"
+        ]
+      },
+      "infos": []
+```
+
+```json
+{
+  "System Information": {
+    "sections": {
+      "Operative system": {
+        "sections": {},
+        "lines": [
+          {
+            "raw_text": "\u001b[0m\u001b[1;33m[+] \u001b[1;32mnmap\u001b[1;34m is available for network discover & port scanning, you should use it yourself",
+            "clean_text": "[+]  is available for network discover & port scanning, you should use it yourself",
+            "colors": {
+                "GREEN": [
+                    "nmap"
+                ],
+                "YELLOW": [
+                    "[+]"
+                ]
+            }
+          }
+        ],
+        "infos": [
+          "https://book.hacktricks.xyz/linux-unix/privilege-escalation#kernel-exploits"
+        ]
+      },
+      "infos": []
+```
+
+
+There can also be a `<Third level Section Name>`
+
+# TODO:
+
+I'm looking for **someone that could create HTML and PDF reports** from this JSON.
--- a/parser/peass-parser.py
+++ b/parser/peass-parser.py
@@ -12,13 +12,18 @@ INFO_PATTERN = r"╚ "
 TITLE_CHARS = ['═', '╔', '╣', '╚']

 # Patterns for colors
+## The order is important, the first string colored with a color will be the one selected (the same string cannot be colored with different colors)
 COLORS = {
+    "REDYELLOW": [r"\x1b\[1;31;103m"],
    "RED": [r"\x1b\[1;31m"],
    "GREEN": [r"\x1b\[1;32m"],
    "YELLOW": [r"\x1b\[1;33m"],
-    "REDYELLOW": [r"\x1b\[1;31;103m"],
    "BLUE": [r"\x1b\[1;34m"],
-    "LIGHTGREY": [r"\x1b\[1;37m"],
+    "LIGHT_MAGENTA": [r"\x1b\[1;95m"],
+    "MAGENTA": [r"\x1b\[1;35m"],
+    "CYAN": [r"\x1b\[1;36m"],
+    "LIGHT_CYAN": [r"\x1b\[1;96m"],
+    "LIGHT_GREY": [r"\x1b\[1;37m"],
    "DARKGREY": [r"\x1b\[1;90m"],
 }

@@ -49,8 +54,14 @@ def get_colors(line: str) -> dict:
    for c,regexs in COLORS.items():
        colors[c] = []
        for reg in regexs:
-            for re_found in re.findall(reg+".*\x1b", line):
-                colors[c].append(clean_colors(re_found))
+            for re_found in re.findall(reg+"(.+?)\x1b|$", line):
+                re_found = clean_colors(re_found.strip())
+                #Avoid having the same color for the same string
+                if re_found and not any(re_found in values for values in colors.values()):
+                    colors[c].append(re_found)
+        
+        if not colors[c]:
+            del colors[c]
    
    return colors

@@ -93,14 +104,14 @@ def parse_line(line: str):
    
    elif is_section(line, TITLE2_PATTERN):
        title = parse_title(line)
-        FINAL_JSON[C_MAIN_SECTION]["sections"][title] = { "sections": {}, "lines": [], "infos": [] }
-        C_2_SECTION = FINAL_JSON[C_MAIN_SECTION]["sections"][title]
+        C_MAIN_SECTION["sections"][title] = { "sections": {}, "lines": [], "infos": [] }
+        C_2_SECTION = C_MAIN_SECTION["sections"][title]
        C_SECTION = C_2_SECTION

    elif is_section(line, TITLE3_PATTERN):
        title = parse_title(line)
-        FINAL_JSON[C_MAIN_SECTION]["sections"][C_2_SECTION]["sections"][title] = { "sections": {}, "lines": [], "infos": [] }
-        C_3_SECTION = FINAL_JSON[C_MAIN_SECTION]["sections"][title]
+        C_2_SECTION["sections"][title] = { "sections": {}, "lines": [], "infos": [] }
+        C_3_SECTION = C_2_SECTION["sections"][title]
        C_SECTION = C_3_SECTION

    elif is_section(line, INFO_PATTERN):
@@ -123,7 +134,7 @@ def parse_line(line: str):
 def main():
    for line in open(OUTPUT_PATH, 'r').readlines():
        line = line.strip()
-        if not line:
+        if not line or not clean_colors(line): #Remove empty lines or lines just with colors hex
            continue

        parse_line(line)