Fix variable reference when parsing URLs

Merge pull request #473 from Signum21/master
Fix IdentityNotMappedException in Vulnerable Leaked Handlers
2025-12-06 17:11:29 +00:00 · 2025-06-06 00:01:17 +02:00 · 2025-05-31 22:36:49 +02:00 · 2025-05-31 04:56:14 +02:00
3 changed files with 10 additions and 5 deletions
--- a/linPEAS/builder/src/linpeasBuilder.py
+++ b/linPEAS/builder/src/linpeasBuilder.py
@@ -97,7 +97,7 @@ class LinpeasBuilder:
        for orig_url in urls:
            tar_gz_bin_name = ""
            if ",,," in orig_url:
-                tar_gz_bin_name = url.split(",,,")[1]
+                tar_gz_bin_name = orig_url.split(",,,")[1]
                url = orig_url.split(",,,")[0]
            else:
                url = orig_url
--- a/winPEAS/winPEASexe/winPEAS/Info/ProcessInfo/ProcessesInfo.cs
+++ b/winPEAS/winPEASexe/winPEAS/Info/ProcessInfo/ProcessesInfo.cs
@@ -195,11 +195,11 @@ namespace winPEAS.Info.ProcessInfo
                                continue;

                            List<string> permsFile = PermissionsHelper.GetPermissionsFile(sFilePath, Checks.Checks.CurrentUserSiDs, PermissionType.WRITEABLE_OR_EQUIVALENT);
+                            IdentityReference sid = null;
                            try
                            {
                                System.Security.AccessControl.FileSecurity fs = System.IO.File.GetAccessControl(sFilePath);
-                                IdentityReference sid = fs.GetOwner(typeof(SecurityIdentifier));
-                                string ownerName = sid.Translate(typeof(NTAccount)).ToString();
+                                sid = fs.GetOwner(typeof(SecurityIdentifier));

                                // If current user already have permissions over that file or the proc belongs to the owner of the file,
                                // handler not interesting to elevate privs
@@ -207,6 +207,8 @@ namespace winPEAS.Info.ProcessInfo
                                    continue;

                                to_add["File Path"] = sFilePath;
+
+                                string ownerName = sid.Translate(typeof(NTAccount)).ToString();
                                to_add["File Owner"] = ownerName;
                            }
                            catch (System.IO.FileNotFoundException)
@@ -218,7 +220,10 @@ namespace winPEAS.Info.ProcessInfo
                            {
                                continue;
                            }
-
+                            catch (System.Security.Principal.IdentityNotMappedException)
+                            {
+                                to_add["File Owner"] = sid.ToString();
+                            }
                        }

                        else if (typeName == "key")
Author	SHA1	Message	Date
SirBroccoli	4e556fd594	Fix variable reference when parsing URLs	2025-06-06 00:01:17 +02:00
SirBroccoli	c3a93a57fe	Merge pull request #473 from Signum21/master Fix IdentityNotMappedException in Vulnerable Leaked Handlers	2025-05-31 22:36:49 +02:00
Signum21	f62d9fc550	Fix System.Security.Principal.IdentityNotMappedException in Vulnerable Leaked Handlers	2025-05-31 04:56:14 +02:00