Merge pull request #370 from takitakitanana/master

path contains spaces check

.github/workflows/AIPRChecker.yml

@@ -0,0 +1,13 @@
+name: AIPRChecker - Check for security issues and code smells
+on: [pull_request_target]
+
+jobs:
+  test:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Run AIPRChecker
+        uses: AI-Gents/AIPRChecker@main
+        with:
+          api-key: ${{ secrets.OPENAI_API_KEY }}
+          model: 'gpt-4'
+          github-token: ${{ secrets.GITHUB_TOKEN }}

linPEAS/builder/src/linpeasBuilder.py

@@ -353,7 +353,7 @@ class LinpeasBuilder:
     
     def __get_gtfobins_lists(self) -> tuple:
         r = requests.get("https://github.com/GTFOBins/GTFOBins.github.io/tree/master/_gtfobins")
-        bins = re.findall(r'/GTFOBins/GTFOBins.github.io/blob/master/_gtfobins/([\w_ \-]+).md', r.text)
+        bins = re.findall(r'_gtfobins/([\w_ \-]+).md', r.text)
 
         sudoVB = []
         suidVB = []

parsers/json2pdf.py

@@ -12,6 +12,7 @@ styles = getSampleStyleSheet()
 text_colors = { "GREEN": "#00DB00", "RED": "#FF0000", "REDYELLOW": "#FFA500", "BLUE": "#0000FF",
     "DARKGREY": "#5C5C5C", "YELLOW": "#ebeb21", "MAGENTA": "#FF00FF", "CYAN": "#00FFFF", "LIGHT_GREY": "#A6A6A6"}
 
+# Required to automatically set Page Numbers
 class PageTemplateWithCount(PageTemplate):
     def __init__(self, id, frames, **kw):
         PageTemplate.__init__(self, id, frames, **kw)
@@ -20,6 +21,7 @@ class PageTemplateWithCount(PageTemplate):
         page_num = canvas.getPageNumber()
         canvas.drawRightString(10.5*cm, 1*cm, str(page_num))
 
+# Required to automatically set the Table of Contents
 class MyDocTemplate(BaseDocTemplate):
     def __init__(self, filename, **kw):
         self.allowSplitting = 0
@@ -28,15 +30,22 @@ class MyDocTemplate(BaseDocTemplate):
         self.addPageTemplates(template)
 
     def afterFlowable(self, flowable):
-        if isinstance(flowable, Paragraph):
+        if flowable.__class__.__name__ == "Paragraph":
             text = flowable.getPlainText()
             style = flowable.style.name
-            if style in ["Heading1", "Heading2", "Heading3"]:
+            if style == "Heading1":
-                self.notify("TOCEntry", (int(style[-1])-1, text, self.page))
+                self.notify("TOCEntry", (0, text, self.page))
+            if style == "Heading2":
+                self.notify("TOCEntry", (1, text, self.page))
+            if style == "Heading3":
+                self.notify("TOCEntry", (2, text, self.page))
+      
 
+# Poor take at dynamicly generating styles depending on depth(?)
 def get_level_styles(level):
     global styles
     indent_value = 10 * (level - 1);
+    # Overriding some default stylings
     level_styles = { 
         "title": ParagraphStyle(
           **dict(styles[f"Heading{level}"].__dict__,
@@ -66,6 +75,7 @@ def build_main_section(section, title, level=1):
     has_lines = "lines" in section.keys() and len(section["lines"]) > 1
     has_children = "sections" in section.keys() and len(section["sections"].keys()) > 0
 
+    # Only display data for Sections with results
     show_section = has_lines or has_children
 
     elements = []
@@ -73,14 +83,17 @@ def build_main_section(section, title, level=1):
     if show_section:
         elements.append(Paragraph(title, style=styles["title"]))
 
+    # Print info if any
     if show_section and has_links:
         for info in section["infos"]:
             words = info.split() 
+            # Join all lines and encode any links that might be present.
             words = map(lambda word: f'<a href="{word}" color="blue">{word}</a>' if "http" in word else word, words)
             words = " ".join(words)
             elements.append(Paragraph(words, style=styles["info"] ))
 
-    if has_lines:
+  # Print lines if any
+    if "lines" in section.keys() and len(section["lines"]) > 1:
         colors_by_line = list(map(lambda x: x["colors"], section["lines"]))
         lines = list(map(lambda x: html.escape(x["clean_text"]), section["lines"]))
         for (idx, line) in enumerate(lines):
@@ -96,14 +109,18 @@ def build_main_section(section, title, level=1):
         elements.append(Spacer(0, 10))
         line = "<br/>".join(lines)
 
+    # If it's a top level entry remove the line break caused by an empty "clean_text"
         if level == 1: line = line[5:]
         elements.append(Paragraph(line, style=styles["text"]))
 
+
+  # Print child sections
     if has_children:
         for child_title in section["sections"].keys():
             element_list = build_main_section(section["sections"][child_title], child_title, level + 1)
             elements.extend(element_list)
   
+  # Add spacing at the end of section. The deeper the level the smaller the spacing.
     if show_section:
         elements.append(Spacer(1, 40 - (10 * level)))
   
@@ -112,8 +129,10 @@ def build_main_section(section, title, level=1):
 
 def main():
     with open(JSON_PATH) as file:
+        # Read and parse JSON file
         data = json.loads(file.read())
 
+        # Default pdf values
         doc = MyDocTemplate(PDF_PATH)
         toc = TableOfContents()
         toc.levelStyles = [
@@ -124,12 +143,14 @@ def main():
 
         elements = [Paragraph("PEAS Report", style=styles["Title"]), Spacer(0, 30), toc, PageBreak()]
       
+        # Iterate over all top level sections and build their elements.
         for title in data.keys():
             element_list = build_main_section(data[title], title)
             elements.extend(element_list)
       
         doc.multiBuild(elements)
 
+# Start execution
 if __name__ == "__main__":
     try:
         JSON_PATH = sys.argv[1]
@@ -139,11 +160,3 @@ if __name__ == "__main__":
         sys.exit(1)
     
     main()
-
-# Changes:
-# 1. Removed redundant checks for keys in dictionary.
-# 2. Simplified the condition in afterFlowable method.
-# 3. Removed unnecessary check for lines in build_main_section method.
-# 4. Removed unnecessary check for sections in build_main_section method.
-# 5. Removed unnecessary check for infos in build_main_section method.
-# 6. Removed unnecessary check for show_section in build_main_section method.

winPEAS/winPEASbat/winPEAS.bat

@@ -10,6 +10,14 @@ REM Registry scan of other drives besides
 REM /////true or false
 SET long=false
 
+REM Check if the current path contains spaces
+SET "CurrentFolder=%~dp0"
+IF "!CurrentFolder!" NEQ "!CurrentFolder: =!" (
+    ECHO winPEAS.bat cannot run if the current path contains spaces.
+	ECHO Exiting.
+    EXIT /B 1
+)
+
 :Splash
 ECHO.
 CALL :ColorLine "            %E%32m((,.,/((((((((((((((((((((/,  */%E%97m"

winPEAS/winPEASps1/README.md

@@ -14,9 +14,9 @@ The official **maintainer of this script is [RandolphConley](https://github.com/
 
 Download the **[latest releas from here](https://github.com/carlospolop/PEASS-ng/releases/latest)**.
 
+
 ```bash
-powershell "IEX(New-Object Net.WebClient).downloadString('https://raw.githubusercontent.com/carlospolop/PEASS-ng/master/winPEAS/winPEASps1/WinPeas.ps1')"
+powershell "IEX(New-Object Net.WebClient).downloadString('https://raw.githubusercontent.com/carlospolop/PEASS-ng/master/winPEAS/winPEASps1/winPEAS.ps1')"
-```
 
 ## Advisory