Auto-merge PR #570 (Codex)

Auto-merge PR #569 (Codex)
Auto-merge PR #568 (Codex)
2026-01-20 21:09:06 +00:00 · 2026-01-20 17:25:25 +00:00 · 2026-01-20 17:25:00 +00:00 · 2026-01-20 17:24:04 +00:00 · 2026-01-20 17:23:33 +00:00 · 2026-01-20 17:22:47 +00:00
5 changed files with 42 additions and 10 deletions
--- a/linPEAS/builder/linpeas_parts/1_system_information/15_CVE_2021_3560.sh
+++ b/linPEAS/builder/linpeas_parts/1_system_information/15_CVE_2021_3560.sh
@@ -31,8 +31,8 @@
 # Small linpeas: 0

 if apt list --installed 2>/dev/null | grep -E 'polkit.*0\.105-26' | grep -qEv 'ubuntu1\.[1-9]' || \
-   yum list installed 2>/dev/null | grep -q 'polkit.*\(0\.117-2\|0\.115-6\)' || \
-   rpm -qa 2>/dev/null | grep -q 'polkit.*\(0\.117-2\|0\.115-6\)'; then
+   yum list installed 2>/dev/null | grep -qE 'polkit.*\(0\.117-2\|0\.115-6\|0\.11[3-9]\)' || \
+   rpm -qa 2>/dev/null | grep -qE 'polkit.*\(0\.117-2\|0\.115-6\|0\.11[3-9]\)'; then
    echo "Vulnerable to CVE-2021-3560" | sed -${E} "s,.*,${SED_RED_YELLOW},"
    echo ""
 fi
--- a/linPEAS/builder/linpeas_parts/6_users_information/12_Users_with_console.sh
+++ b/linPEAS/builder/linpeas_parts/6_users_information/12_Users_with_console.sh
@@ -6,7 +6,7 @@
 # License: GNU GPL
 # Version: 1.0
 # Functions Used: print_2title
-# Global Variables: $MACPEAS, $sh_usrs, $USER 
+# Global Variables: $MACPEAS, $sh_usrs, $TIMEOUT, $USER 
 # Initial Functions:
 # Generated Global Variables: $ushell, $no_shells, $unexpected_shells
 # Fat linpeas: 0
@@ -26,8 +26,16 @@ else
  no_shells=$(grep -Ev "sh$" /etc/passwd 2>/dev/null | cut -d ':' -f 7 | sort | uniq)
  unexpected_shells=""
  printf "%s\n" "$no_shells" | while read f; do
-    if $f -c 'whoami' 2>/dev/null | grep -q "$USER"; then
-      unexpected_shells="$f\n$unexpected_shells"
+    if [ -x "$f" ]; then
+      if [ "$TIMEOUT" ]; then
+        if $TIMEOUT 1 "$f" -c 'whoami' 2>/dev/null | grep -q "$USER"; then
+          unexpected_shells="$f\n$unexpected_shells"
+        fi
+      else
+        if "$f" -c 'whoami' 2>/dev/null | grep -q "$USER"; then
+          unexpected_shells="$f\n$unexpected_shells"
+        fi
+      fi
    fi
  done
  grep "sh$" /etc/passwd 2>/dev/null | sort | sed -${E} "s,$sh_usrs,${SED_LIGHT_CYAN}," | sed "s,$USER,${SED_LIGHT_MAGENTA}," | sed "s,root,${SED_RED},"
@@ -41,4 +49,4 @@ else
    done
  fi
 fi
-echo ""
+echo ""
--- a/winPEAS/winPEASbat/winPEAS.bat
+++ b/winPEAS/winPEASbat/winPEAS.bat
@@ -71,7 +71,7 @@ CALL :T_Progress 2
 :ListHotFixes
 where wmic >nul 2>&1
 if %errorlevel% equ 0 (
-    wmic qfe get Caption,Description,HotFixID,InstalledOn | more
+    wmic qfe get Caption,Description,HotFixID,InstalledOn
 ) else (
    powershell -command "Get-HotFix | Format-Table -AutoSize"
 )
@@ -204,7 +204,7 @@ CALL :T_Progress 1
 CALL :ColorLine " %E%33m[+]%E%97m Registered Anti-Virus(AV)"
 where wmic >nul 2>&1
 if %errorlevel% equ 0 (
-    WMIC /Node:localhost /Namespace:\\root\SecurityCenter2 Path AntiVirusProduct Get displayName /Format:List | more
+    WMIC /Node:localhost /Namespace:\\root\SecurityCenter2 Path AntiVirusProduct Get displayName /Format:List
 ) else (
    powershell -command "Get-CimInstance -Namespace root/SecurityCenter2 -ClassName AntiVirusProduct | Select-Object -ExpandProperty displayName"
 ) 
@@ -238,7 +238,7 @@ CALL :ColorLine " %E%33m[+]%E%97m MOUNTED DISKS"
 ECHO.   [i] Maybe you find something interesting
 where wmic >nul 2>&1
 if %errorlevel% equ 0 (
-    wmic logicaldisk get caption | more
+    wmic logicaldisk get caption
 ) else (
    fsutil fsinfo drives
 )
@@ -670,7 +670,7 @@ if "%long%" == "true" (
 	ECHO.
 	where wmic >nul 2>&1
 	if !errorlevel! equ 0 (
-		for /f %%x in ('wmic logicaldisk get name ^| more') do (
+		for /f %%x in ('wmic logicaldisk get name') do (
 			set tdrive=%%x
 			if "!tdrive:~1,2!" == ":" (
 				%%x
--- a/winPEAS/winPEASexe/winPEAS/Info/UserInfo/SAM/Structs.cs
+++ b/winPEAS/winPEASexe/winPEAS/Info/UserInfo/SAM/Structs.cs
@@ -16,6 +16,10 @@ namespace winPEAS.Info.UserInfo.SAM
        {
            get
            {
+                if (_maxPasswordAge == long.MinValue)
+                {
+                    return TimeSpan.MinValue;
+                }
                return -new TimeSpan(_maxPasswordAge);
            }
            set
@@ -28,6 +32,10 @@ namespace winPEAS.Info.UserInfo.SAM
        {
            get
            {
+                if (_minPasswordAge == long.MinValue)
+                {
+                    return TimeSpan.MinValue;
+                }
                return -new TimeSpan(_minPasswordAge);
            }
            set
--- a/winPEAS/winPEASexe/winPEAS/KnownFileCreds/Putty.cs
+++ b/winPEAS/winPEASexe/winPEAS/KnownFileCreds/Putty.cs
@@ -88,6 +88,10 @@ namespace winPEAS.KnownFileCreds
                    if (SID.StartsWith("S-1-5") && !SID.EndsWith("_Classes"))
                    {
                        string[] subKeys = RegistryHelper.GetRegSubkeys("HKU", string.Format("{0}\\Software\\SimonTatham\\PuTTY\\Sessions\\", SID));
+                        if (subKeys.Length == 0)
+                        {
+                            subKeys = RegistryHelper.GetRegSubkeys("HKU", string.Format("{0}\\Software\\SimonTatham\\PuTTY\\Sessions", SID));
+                        }

                        foreach (string sessionName in subKeys)
                        {
@@ -129,6 +133,10 @@ namespace winPEAS.KnownFileCreds
            else
            {
                string[] subKeys = RegistryHelper.GetRegSubkeys("HKCU", "Software\\SimonTatham\\PuTTY\\Sessions\\");
+                if (subKeys.Length == 0)
+                {
+                    subKeys = RegistryHelper.GetRegSubkeys("HKCU", "Software\\SimonTatham\\PuTTY\\Sessions");
+                }
                RegistryKey selfKey = Registry.CurrentUser.OpenSubKey(@"Software\\SimonTatham\\PuTTY\\Sessions"); // extract own Sessions registry keys           

                if (selfKey != null)
@@ -198,6 +206,10 @@ namespace winPEAS.KnownFileCreds
                    if (SID.StartsWith("S-1-5") && !SID.EndsWith("_Classes"))
                    {
                        Dictionary<string, object> hostKeys = RegistryHelper.GetRegValues("HKU", string.Format("{0}\\Software\\SimonTatham\\PuTTY\\SshHostKeys\\", SID));
+                        if ((hostKeys == null) || (hostKeys.Count == 0))
+                        {
+                            hostKeys = RegistryHelper.GetRegValues("HKU", string.Format("{0}\\Software\\SimonTatham\\PuTTY\\SshHostKeys", SID));
+                        }
                        if ((hostKeys != null) && (hostKeys.Count != 0))
                        {
                            Dictionary<string, string> putty_ssh = new Dictionary<string, string>
@@ -216,6 +228,10 @@ namespace winPEAS.KnownFileCreds
            else
            {
                Dictionary<string, object> hostKeys = RegistryHelper.GetRegValues("HKCU", "Software\\SimonTatham\\PuTTY\\SshHostKeys\\");
+                if ((hostKeys == null) || (hostKeys.Count == 0))
+                {
+                    hostKeys = RegistryHelper.GetRegValues("HKCU", "Software\\SimonTatham\\PuTTY\\SshHostKeys");
+                }
                if ((hostKeys != null) && (hostKeys.Count != 0))
                {
                    Dictionary<string, string> putty_ssh = new Dictionary<string, string>();
Author	SHA1	Message	Date
SirBroccoli	2344f5b106	Auto-merge PR #570 (Codex)	2026-01-20 17:25:25 +00:00
SirBroccoli	485f91d46c	Auto-merge PR #569 (Codex)	2026-01-20 17:25:00 +00:00
SirBroccoli	018e8866e6	Auto-merge PR #568 (Codex)	2026-01-20 17:24:04 +00:00
SirBroccoli	d707317278	Auto-merge PR #567 (Codex)	2026-01-20 17:23:33 +00:00
SirBroccoli	f4ef371afc	Auto-merge PR #566 (Codex)	2026-01-20 17:22:47 +00:00
SirBroccoli	61f6282b5f	Auto-merge PR #565 (Codex)	2026-01-20 17:22:35 +00:00