Merge c53425d4bc into 3723327e21

.github/workflows/CI-master_tests.yml

@@ -4,9 +4,6 @@ on:
   pull_request:
     branches:
       - master
-  
-  schedule:
-    - cron: "5 4 * * SUN"
 
   workflow_dispatch:
 
@@ -365,10 +362,6 @@ jobs:
       with:
         name: linpeas_darwin_arm64
     
-    - name: Get current date
-      id: date
-      run: echo "::set-output name=date::$(date +'%Y%m%d')"
-    
     # Create the release
     - name: Create Release
       id: create_release
@@ -376,8 +369,8 @@ jobs:
       env:
         GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
       with:
-        tag_name: ${{steps.date.outputs.date}}
-        release_name: Release ${{ github.ref }} ${{steps.date.outputs.date}}
+        tag_name: ${{ github.ref }}
+        release_name: Release ${{ github.ref }}
         draft: false
         prerelease: false
         

linPEAS/builder/linpeas_parts/1_system_information.sh

@@ -21,17 +21,6 @@ else echo_not_found "sudo"
 fi
 echo ""
 
-#-- SY) CVE-2021-4034
-if [ `command -v pkexec` ] && stat -c '%a' $(which pkexec) | grep -q 4755 && [ "$(stat -c '%Y' $(which pkexec))" -lt "1642035600" ]; then 
-    echo "Vulnerable to CVE-2021-4034" | sed -${E} "s,.*,${SED_RED_YELLOW},"
-fi
-
-#-- SY) CVE-2021-3560
-polkitVersion=$(systemctl status polkit.service | grep version | cut -d " " -f 9)
-if [[ "$(apt list --installed 2>/dev/null | grep polkit | grep -c 0.105-26)" -ge 1 || "$(yum list installed | grep polkit | grep -c 0.117-2)" ]]; then
-    echo "Vulnerable to CVE-2021-3560" | sed -${E} "s,.*,${SED_RED_YELLOW},"
-fi
-
 #--SY) USBCreator
 if (busctl list 2>/dev/null | grep -q com.ubuntu.USBCreator) || [ "$DEBUG" ]; then
     print_2title "USBCreator"

metasploit/peass.rb

@@ -37,7 +37,7 @@ class MetasploitModule < Msf::Post
     ))
     register_options(
       [
-        OptString.new('PEASS_URL', [true, 'Path to the PEASS script. Accepted: http(s):// URL or absolute local path. Linpeas: https://github.com/carlospolop/PEASS-ng/releases/latest/download/linpeas.sh', "https://github.com/carlospolop/PEASS-ng/releases/latest/download/winPEASany_ofs.exe"]),
+        OptString.new('PEASS_URL', [true, 'Path to the PEASS script. Accepted: http(s):// URL or absolute local path. Linpeas: https://raw.githubusercontent.com/carlospolop/PEASS-ng/master/linPEAS/linpeas.sh', "https://raw.githubusercontent.com/carlospolop/PEASS-ng/master/winPEAS/winPEASexe/binaries/Obfuscated%20Releases/winPEASany.exe"]),
         OptString.new('PASSWORD', [false, 'Password to encrypt and obfuscate the script (randomly generated). The length must be 32B. If no password is set, only base64 will be used.', rand(36**32).to_s(36)]),
         OptString.new('TEMP_DIR', [false, 'Path to upload the obfuscated PEASS script inside the compromised machine. By default "C:\Windows\System32\spool\drivers\color" is used in Windows and "/tmp" in Unix.', '']),
         OptString.new('PARAMETERS', [false, 'Parameters to pass to the script', nil]),

parser/peass-parser.py

@@ -5,7 +5,7 @@ import re
 import json
 
 # Pattern to identify main section titles
-TITLE1_PATTERN = r"══════════════╣" # The size of the first pattern varies, but at least should be that large
+TITLE1_PATTERN = r"════════════════════════════════════╣"
 TITLE2_PATTERN = r"╔══════════╣"
 TITLE3_PATTERN = r"══╣"
 INFO_PATTERN = r"╚ "
@@ -14,15 +14,15 @@ TITLE_CHARS = ['═', '╔', '╣', '╚']
 # Patterns for colors
 ## The order is important, the first string colored with a color will be the one selected (the same string cannot be colored with different colors)
 COLORS = {
-    "REDYELLOW": ['\x1b[1;31;103m'],
-    "RED": ['\x1b[1;31m'],
-    "GREEN": ['\x1b[1;32m'],
-    "YELLOW": ['\x1b[1;33m'],
-    "BLUE": ['\x1b[1;34m'],
-    "MAGENTA": ['\x1b[1;95m', '\x1b[1;35m'],
-    "CYAN": ['\x1b[1;36m', '\x1b[1;96m'],
-    "LIGHT_GREY": ['\x1b[1;37m'],
-    "DARKGREY": ['\x1b[1;90m'],
+    "REDYELLOW": [r"\x1b\[1;31;103m"],
+    "RED": [r"\x1b\[1;31m"],
+    "GREEN": [r"\x1b\[1;32m"],
+    "YELLOW": [r"\x1b\[1;33m"],
+    "BLUE": [r"\x1b\[1;34m"],
+    "MAGENTA": [r"\x1b\[1;95m", r"\x1b\[1;35m"],
+    "CYAN": [r"\x1b\[1;36m", r"\x1b\[1;96m"],
+    "LIGHT_GREY": [r"\x1b\[1;37m"],
+    "DARKGREY": [r"\x1b\[1;90m"],
 }
 
 
@@ -52,23 +52,11 @@ def get_colors(line: str) -> dict:
     for c,regexs in COLORS.items():
         colors[c] = []
         for reg in regexs:
-            split_color = line.split(reg)
-            
-            # Start from the index 1 as the index 0 isn't colored
-            if split_color and len(split_color) > 1:
-                split_color = split_color[1:]
-                
-                # For each potential color, find the string before any possible color terminatio
-                for potential_color_str in split_color:
-                    color_str1 = potential_color_str.split('\x1b')[0]
-                    color_str2 = potential_color_str.split("\[0")[0]
-                    color_str = color_str1 if len(color_str1) < len(color_str2) else color_str2
-
-                    if color_str:
-                        color_str = clean_colors(color_str.strip())
-                        #Avoid having the same color for the same string
-                        if color_str and not any(color_str in values for values in colors.values()):
-                            colors[c].append(color_str)
+            for re_found in re.findall(reg+"(.+?)\x1b|$", line):
+                re_found = clean_colors(re_found.strip())
+                #Avoid having the same color for the same string
+                if re_found and not any(re_found in values for values in colors.values()):
+                    colors[c].append(re_found)
         
         if not colors[c]:
             del colors[c]
@@ -87,10 +75,10 @@ def clean_title(line: str) -> str:
 def clean_colors(line: str) -> str:
     """Given a line clean the colors inside of it"""
 
-    for reg in re.findall(r'\x1b\[[^a-zA-Z]+\dm', line):
+    for reg in re.findall(r'\x1b[^ ]+\dm', line):
         line = line.replace(reg,"")
     
-    line = line.replace('\x1b',"").replace("[0m", "") #Sometimes that byte stays
+    line = line.replace('\x1b',"") #Sometimes that byte stays
     line = line.strip()
     return line
 
@@ -106,9 +94,6 @@ def parse_line(line: str):
 
     global FINAL_JSON, C_SECTION, C_MAIN_SECTION, C_2_SECTION, C_3_SECTION
 
-    if "Cron jobs" in line:
-        a=1
-
     if is_section(line, TITLE1_PATTERN):
         title = parse_title(line)
         FINAL_JSON[title] = { "sections": {}, "lines": [], "infos": [] }
@@ -139,8 +124,8 @@ def parse_line(line: str):
 
         C_SECTION["lines"].append({
             "raw_text": line,
-            "colors": get_colors(line),
-            "clean_text": clean_title(clean_colors(line))
+            "clean_text": clean_colors(line),
+            "colors": get_colors(line)
         })