Fix leftover debug code and reset state in parser

Merge pull request #473 from Signum21/master
Fix IdentityNotMappedException in Vulnerable Leaked Handlers
2025-12-17 13:49:01 +00:00 · 2025-06-06 00:00:39 +02:00 · 2025-05-31 22:36:49 +02:00 · 2025-05-31 04:56:14 +02:00
3 changed files with 24 additions and 12 deletions
--- a/parsers/peas2json.py
+++ b/parsers/peas2json.py
@@ -106,8 +106,6 @@ def parse_line(line: str):
    global FINAL_JSON, C_SECTION, C_MAIN_SECTION, C_2_SECTION, C_3_SECTION
    if "Cron jobs" in line:
        a=1
    if is_section(line, TITLE1_PATTERN):
        title = parse_title(line)
@@ -145,14 +143,23 @@ def parse_line(line: str):
 def parse_peass(outputpath: str, jsonpath: str = ""):
-    global OUTPUT_PATH, JSON_PATH
+    global OUTPUT_PATH, JSON_PATH, FINAL_JSON, C_SECTION, C_MAIN_SECTION, C_2_SECTION, C_3_SECTION
    OUTPUT_PATH = outputpath
    JSON_PATH = jsonpath
-    for line in open(OUTPUT_PATH, 'r', encoding="utf8").readlines():
+    # Reset globals to avoid data leaking between executions
    FINAL_JSON = {}
    C_SECTION = FINAL_JSON
    C_MAIN_SECTION = FINAL_JSON
    C_2_SECTION = FINAL_JSON
    C_3_SECTION = FINAL_JSON
    with open(OUTPUT_PATH, 'r', encoding="utf8") as f:
        for line in f.readlines():
            line = line.strip()
-        if not line or not clean_colors(line): #Remove empty lines or lines just with colors hex
+            # Remove empty lines or lines containing only color codes
            if not line or not clean_colors(line):
                continue
            parse_line(line)
--- a/winPEAS/winPEASexe/winPEAS/Info/ProcessInfo/ProcessesInfo.cs
+++ b/winPEAS/winPEASexe/winPEAS/Info/ProcessInfo/ProcessesInfo.cs
@@ -195,11 +195,11 @@ namespace winPEAS.Info.ProcessInfo
                                continue;
                            List<string> permsFile = PermissionsHelper.GetPermissionsFile(sFilePath, Checks.Checks.CurrentUserSiDs, PermissionType.WRITEABLE_OR_EQUIVALENT);
                            IdentityReference sid = null;
                            try
                            {
                                System.Security.AccessControl.FileSecurity fs = System.IO.File.GetAccessControl(sFilePath);
-                                IdentityReference sid = fs.GetOwner(typeof(SecurityIdentifier));
+                                sid = fs.GetOwner(typeof(SecurityIdentifier));
                                string ownerName = sid.Translate(typeof(NTAccount)).ToString();
                                // If current user already have permissions over that file or the proc belongs to the owner of the file,
                                // handler not interesting to elevate privs
@@ -207,6 +207,8 @@ namespace winPEAS.Info.ProcessInfo
                                    continue;
                                to_add["File Path"] = sFilePath;
                                string ownerName = sid.Translate(typeof(NTAccount)).ToString();
                                to_add["File Owner"] = ownerName;
                            }
                            catch (System.IO.FileNotFoundException)
@@ -218,7 +220,10 @@ namespace winPEAS.Info.ProcessInfo
                            {
                                continue;
                            }
-
+                            catch (System.Security.Principal.IdentityNotMappedException)
                            {
                                to_add["File Owner"] = sid.ToString();
                            }
                        }
                        else if (typeName == "key")
Author	SHA1	Message	Date
SirBroccoli	39066f6867	Fix leftover debug code and reset state in parser	2025-06-06 00:00:39 +02:00
SirBroccoli	c3a93a57fe	Merge pull request #473 from Signum21/master Fix IdentityNotMappedException in Vulnerable Leaked Handlers	2025-05-31 22:36:49 +02:00
Signum21	f62d9fc550	Fix System.Security.Principal.IdentityNotMappedException in Vulnerable Leaked Handlers	2025-05-31 04:56:14 +02:00