- cleanup
- fixed using on IDisposables
This commit is contained in:
parent
24754e374f
commit
27e8867236
@ -14,8 +14,8 @@ namespace winPEAS._3rdParty.Watson
|
|||||||
{
|
{
|
||||||
using (var searcher = new ManagementObjectSearcher(@"root\cimv2", "SELECT HotFixID FROM Win32_QuickFixEngineering"))
|
using (var searcher = new ManagementObjectSearcher(@"root\cimv2", "SELECT HotFixID FROM Win32_QuickFixEngineering"))
|
||||||
{
|
{
|
||||||
var hotFixes = searcher.Get();
|
using (var hotFixes = searcher.Get())
|
||||||
|
{
|
||||||
foreach (var hotFix in hotFixes)
|
foreach (var hotFix in hotFixes)
|
||||||
{
|
{
|
||||||
var line = hotFix["HotFixID"].ToString().Remove(0, 2);
|
var line = hotFix["HotFixID"].ToString().Remove(0, 2);
|
||||||
@ -27,6 +27,7 @@ namespace winPEAS._3rdParty.Watson
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
}
|
||||||
catch (ManagementException e)
|
catch (ManagementException e)
|
||||||
{
|
{
|
||||||
Console.Error.WriteLine(" [!] {0}", e.Message);
|
Console.Error.WriteLine(" [!] {0}", e.Message);
|
||||||
@ -41,8 +42,8 @@ namespace winPEAS._3rdParty.Watson
|
|||||||
{
|
{
|
||||||
using (var searcher = new ManagementObjectSearcher(@"root\cimv2", "SELECT BuildNumber FROM Win32_OperatingSystem"))
|
using (var searcher = new ManagementObjectSearcher(@"root\cimv2", "SELECT BuildNumber FROM Win32_OperatingSystem"))
|
||||||
{
|
{
|
||||||
var collection = searcher.Get();
|
using (var collection = searcher.Get())
|
||||||
|
{
|
||||||
foreach (var num in collection)
|
foreach (var num in collection)
|
||||||
{
|
{
|
||||||
if (int.TryParse(num["BuildNumber"] as string, out int buildNumber))
|
if (int.TryParse(num["BuildNumber"] as string, out int buildNumber))
|
||||||
@ -52,6 +53,7 @@ namespace winPEAS._3rdParty.Watson
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
}
|
||||||
catch (ManagementException e)
|
catch (ManagementException e)
|
||||||
{
|
{
|
||||||
Console.Error.WriteLine(" [!] {0}", e.Message);
|
Console.Error.WriteLine(" [!] {0}", e.Message);
|
||||||
|
@ -264,7 +264,7 @@ namespace winPEAS.Checks
|
|||||||
colors);
|
colors);
|
||||||
Beaprint.PrintLineSeparator();
|
Beaprint.PrintLineSeparator();
|
||||||
}
|
}
|
||||||
catch (Exception e) { }
|
catch (Exception) { }
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
@ -272,7 +272,7 @@ namespace winPEAS.Checks
|
|||||||
Beaprint.GoodPrint(" WSL - no installed Linux distributions found.");
|
Beaprint.GoodPrint(" WSL - no installed Linux distributions found.");
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
catch (Exception e) { }
|
catch (Exception) { }
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -512,6 +512,8 @@ namespace winPEAS.Checks
|
|||||||
var files = SearchHelper.GetFilesFast(user, isFoldersIncluded: true);
|
var files = SearchHelper.GetFilesFast(user, isFoldersIncluded: true);
|
||||||
|
|
||||||
foreach (var file in files)
|
foreach (var file in files)
|
||||||
|
{
|
||||||
|
try
|
||||||
{
|
{
|
||||||
FileAttributes attr = File.GetAttributes(file.FullPath);
|
FileAttributes attr = File.GetAttributes(file.FullPath);
|
||||||
if ((attr & FileAttributes.Directory) == FileAttributes.Directory)
|
if ((attr & FileAttributes.Directory) == FileAttributes.Directory)
|
||||||
@ -533,6 +535,10 @@ namespace winPEAS.Checks
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
catch (Exception)
|
||||||
|
{
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
Beaprint.PrintLineSeparator();
|
Beaprint.PrintLineSeparator();
|
||||||
}
|
}
|
||||||
@ -637,8 +643,8 @@ namespace winPEAS.Checks
|
|||||||
Beaprint.BadPrint($" {file.FullPath}");
|
Beaprint.BadPrint($" {file.FullPath}");
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
catch (PathTooLongException ex) { }
|
catch (PathTooLongException) { }
|
||||||
catch (Exception ex)
|
catch (Exception)
|
||||||
{
|
{
|
||||||
// & other exceptions
|
// & other exceptions
|
||||||
}
|
}
|
||||||
@ -656,12 +662,14 @@ namespace winPEAS.Checks
|
|||||||
@"c:\esupport",
|
@"c:\esupport",
|
||||||
@"c:\perflogs",
|
@"c:\perflogs",
|
||||||
@"c:\programdata",
|
@"c:\programdata",
|
||||||
@"c:\program files(x86)",
|
@"c:\program files (x86)",
|
||||||
@"c:\program files",
|
@"c:\program files",
|
||||||
@"c:\windows",
|
@"c:\windows",
|
||||||
@"c:\windows.old",
|
@"c:\windows.old",
|
||||||
};
|
};
|
||||||
|
|
||||||
|
var currentUserDir = @$"{systemDrive}users\{Environment.GetEnvironmentVariable("USERNAME")}".ToLower();
|
||||||
|
|
||||||
var allowedExtensions = new HashSet<string>()
|
var allowedExtensions = new HashSet<string>()
|
||||||
{
|
{
|
||||||
".bat",
|
".bat",
|
||||||
@ -672,6 +680,8 @@ namespace winPEAS.Checks
|
|||||||
var files = SearchHelper.GetFilesFast(systemDrive, "*", excludedDirs);
|
var files = SearchHelper.GetFilesFast(systemDrive, "*", excludedDirs);
|
||||||
|
|
||||||
foreach (var file in files)
|
foreach (var file in files)
|
||||||
|
{
|
||||||
|
try
|
||||||
{
|
{
|
||||||
if (file.Extension != null && allowedExtensions.Contains(file.Extension.ToLower()))
|
if (file.Extension != null && allowedExtensions.Contains(file.Extension.ToLower()))
|
||||||
{
|
{
|
||||||
@ -680,8 +690,21 @@ namespace winPEAS.Checks
|
|||||||
|
|
||||||
if (fileRights.Count > 0)
|
if (fileRights.Count > 0)
|
||||||
{
|
{
|
||||||
Beaprint.BadPrint($" File Permissions \"{file.FullPath}\": " + string.Join(",", fileRights));
|
string log = $" File Permissions \"{file.FullPath}\": " + string.Join(",", fileRights);
|
||||||
|
|
||||||
|
if (file.FullPath.ToLower().StartsWith(currentUserDir))
|
||||||
|
{
|
||||||
|
Beaprint.NoColorPrint(log);
|
||||||
}
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
Beaprint.BadPrint(log);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
catch (Exception)
|
||||||
|
{
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -354,9 +354,8 @@ namespace winPEAS.Helpers.AppLocker
|
|||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
catch (Exception e)
|
catch (Exception)
|
||||||
{
|
{
|
||||||
// unauthorized access ?
|
|
||||||
}
|
}
|
||||||
|
|
||||||
return false;
|
return false;
|
||||||
|
@ -83,6 +83,10 @@ namespace winPEAS.Helpers.Search
|
|||||||
{
|
{
|
||||||
return new List<FileInfo>();
|
return new List<FileInfo>();
|
||||||
}
|
}
|
||||||
|
catch (Exception)
|
||||||
|
{
|
||||||
|
return new List<FileInfo>();
|
||||||
|
}
|
||||||
|
|
||||||
List<FileInfo> result = new List<FileInfo>();
|
List<FileInfo> result = new List<FileInfo>();
|
||||||
|
|
||||||
@ -104,6 +108,9 @@ namespace winPEAS.Helpers.Search
|
|||||||
catch (DirectoryNotFoundException)
|
catch (DirectoryNotFoundException)
|
||||||
{
|
{
|
||||||
}
|
}
|
||||||
|
catch (Exception)
|
||||||
|
{
|
||||||
|
}
|
||||||
|
|
||||||
return result;
|
return result;
|
||||||
}
|
}
|
||||||
@ -151,6 +158,10 @@ namespace winPEAS.Helpers.Search
|
|||||||
{
|
{
|
||||||
return new List<DirectoryInfo>();
|
return new List<DirectoryInfo>();
|
||||||
}
|
}
|
||||||
|
catch (Exception)
|
||||||
|
{
|
||||||
|
return new List<DirectoryInfo>();
|
||||||
|
}
|
||||||
|
|
||||||
return GetStartDirectories(directories[0].FullName, files, pattern);
|
return GetStartDirectories(directories[0].FullName, files, pattern);
|
||||||
}
|
}
|
||||||
|
@ -355,7 +355,7 @@ namespace winPEAS.Info.ApplicationInfo
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
catch (Exception e)
|
catch (Exception)
|
||||||
{
|
{
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -381,7 +381,7 @@ namespace winPEAS.Info.ApplicationInfo
|
|||||||
});
|
});
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
catch (Exception e)
|
catch (Exception)
|
||||||
{
|
{
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -408,7 +408,7 @@ namespace winPEAS.Info.ApplicationInfo
|
|||||||
{ "isUnquotedSpaced", "" }
|
{ "isUnquotedSpaced", "" }
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
catch (Exception e)
|
catch (Exception)
|
||||||
{
|
{
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -422,8 +422,9 @@ namespace winPEAS.Info.ApplicationInfo
|
|||||||
try
|
try
|
||||||
{
|
{
|
||||||
SelectQuery query = new SelectQuery("Win32_StartupCommand");
|
SelectQuery query = new SelectQuery("Win32_StartupCommand");
|
||||||
ManagementObjectSearcher searcher = new ManagementObjectSearcher(query);
|
|
||||||
|
|
||||||
|
using (ManagementObjectSearcher searcher = new ManagementObjectSearcher(query))
|
||||||
|
{
|
||||||
using (ManagementObjectCollection win32_startup = searcher.Get())
|
using (ManagementObjectCollection win32_startup = searcher.Get())
|
||||||
{
|
{
|
||||||
foreach (ManagementObject startup in win32_startup)
|
foreach (ManagementObject startup in win32_startup)
|
||||||
@ -465,6 +466,7 @@ namespace winPEAS.Info.ApplicationInfo
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
}
|
||||||
catch (Exception e)
|
catch (Exception e)
|
||||||
{
|
{
|
||||||
Beaprint.GrayPrint("Error getting autoruns from WMIC: " + e);
|
Beaprint.GrayPrint("Error getting autoruns from WMIC: " + e);
|
||||||
@ -511,7 +513,7 @@ namespace winPEAS.Info.ApplicationInfo
|
|||||||
});
|
});
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
catch (Exception e)
|
catch (Exception)
|
||||||
{
|
{
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -269,10 +269,10 @@ namespace winPEAS.Info.NetworkInfo
|
|||||||
List<Dictionary<string, string>> results = new List<Dictionary<string, string>>();
|
List<Dictionary<string, string>> results = new List<Dictionary<string, string>>();
|
||||||
try
|
try
|
||||||
{
|
{
|
||||||
|
using (ManagementObjectSearcher wmiData = new ManagementObjectSearcher(@"root\standardcimv2", "SELECT * FROM MSFT_DNSClientCache"))
|
||||||
ManagementObjectSearcher wmiData = new ManagementObjectSearcher(@"root\standardcimv2", "SELECT * FROM MSFT_DNSClientCache");
|
{
|
||||||
ManagementObjectCollection data = wmiData.Get();
|
using (ManagementObjectCollection data = wmiData.Get())
|
||||||
|
{
|
||||||
foreach (ManagementObject result in data)
|
foreach (ManagementObject result in data)
|
||||||
{
|
{
|
||||||
Dictionary<string, string> dnsEntry = new Dictionary<string, string>();
|
Dictionary<string, string> dnsEntry = new Dictionary<string, string>();
|
||||||
@ -285,6 +285,8 @@ namespace winPEAS.Info.NetworkInfo
|
|||||||
results.Add(dnsEntry);
|
results.Add(dnsEntry);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
catch (ManagementException ex) when (ex.ErrorCode == ManagementStatus.InvalidNamespace)
|
catch (ManagementException ex) when (ex.ErrorCode == ManagementStatus.InvalidNamespace)
|
||||||
{
|
{
|
||||||
Console.WriteLine(" [X] 'MSFT_DNSClientCache' WMI class unavailable (minimum supported versions of Windows: 8/2012)", ex.Message);
|
Console.WriteLine(" [X] 'MSFT_DNSClientCache' WMI class unavailable (minimum supported versions of Windows: 8/2012)", ex.Message);
|
||||||
|
@ -25,9 +25,10 @@ namespace winPEAS.Info.ServicesInfo
|
|||||||
|
|
||||||
try
|
try
|
||||||
{
|
{
|
||||||
ManagementObjectSearcher wmiData = new ManagementObjectSearcher(@"root\cimv2", "SELECT * FROM win32_service");
|
using (ManagementObjectSearcher wmiData = new ManagementObjectSearcher(@"root\cimv2", "SELECT * FROM win32_service"))
|
||||||
ManagementObjectCollection data = wmiData.Get();
|
{
|
||||||
|
using (ManagementObjectCollection data = wmiData.Get())
|
||||||
|
{
|
||||||
foreach (ManagementObject result in data)
|
foreach (ManagementObject result in data)
|
||||||
{
|
{
|
||||||
if (result["PathName"] != null)
|
if (result["PathName"] != null)
|
||||||
@ -65,10 +66,13 @@ namespace winPEAS.Info.ServicesInfo
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
catch (Exception ex)
|
catch (Exception ex)
|
||||||
{
|
{
|
||||||
Beaprint.PrintException(ex.Message);
|
Beaprint.PrintException(ex.Message);
|
||||||
}
|
}
|
||||||
|
|
||||||
return results;
|
return results;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -239,7 +243,7 @@ namespace winPEAS.Info.ServicesInfo
|
|||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
catch (Exception ex)
|
catch (Exception)
|
||||||
{
|
{
|
||||||
//Beaprint.PrintException(ex.Message)
|
//Beaprint.PrintException(ex.Message)
|
||||||
}
|
}
|
||||||
|
@ -76,14 +76,22 @@ namespace winPEAS.Info.SystemInfo
|
|||||||
string dnsDomain = properties.DomainName;
|
string dnsDomain = properties.DomainName;
|
||||||
|
|
||||||
const string query = "SELECT HotFixID FROM Win32_QuickFixEngineering";
|
const string query = "SELECT HotFixID FROM Win32_QuickFixEngineering";
|
||||||
var search = new ManagementObjectSearcher(query);
|
|
||||||
var collection = search.Get();
|
using (var search = new ManagementObjectSearcher(query))
|
||||||
|
{
|
||||||
|
using (var collection = search.Get())
|
||||||
|
{
|
||||||
string hotfixes = "";
|
string hotfixes = "";
|
||||||
foreach (ManagementObject quickFix in collection)
|
foreach (ManagementObject quickFix in collection)
|
||||||
|
{
|
||||||
hotfixes += quickFix["HotFixID"].ToString() + ", ";
|
hotfixes += quickFix["HotFixID"].ToString() + ", ";
|
||||||
|
}
|
||||||
|
|
||||||
results.Add("Hostname", strHostName);
|
results.Add("Hostname", strHostName);
|
||||||
if (dnsDomain.Length > 1) results.Add("Domain Name", dnsDomain);
|
if (dnsDomain.Length > 1)
|
||||||
|
{
|
||||||
|
results.Add("Domain Name", dnsDomain);
|
||||||
|
}
|
||||||
results.Add("ProductName", ProductName);
|
results.Add("ProductName", ProductName);
|
||||||
results.Add("EditionID", EditionID);
|
results.Add("EditionID", EditionID);
|
||||||
results.Add("ReleaseId", ReleaseId);
|
results.Add("ReleaseId", ReleaseId);
|
||||||
@ -101,6 +109,8 @@ namespace winPEAS.Info.SystemInfo
|
|||||||
results.Add("PartOfDomain", Checks.Checks.IsPartOfDomain.ToString());
|
results.Add("PartOfDomain", Checks.Checks.IsPartOfDomain.ToString());
|
||||||
results.Add("Hotfixes", hotfixes);
|
results.Add("Hotfixes", hotfixes);
|
||||||
}
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
catch (Exception ex)
|
catch (Exception ex)
|
||||||
{
|
{
|
||||||
Beaprint.PrintException(ex.Message);
|
Beaprint.PrintException(ex.Message);
|
||||||
@ -153,7 +163,9 @@ namespace winPEAS.Info.SystemInfo
|
|||||||
whitelistpaths = String.Join("\n ", RegistryHelper.GetRegValues("HKLM", @"SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths").Keys);
|
whitelistpaths = String.Join("\n ", RegistryHelper.GetRegValues("HKLM", @"SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths").Keys);
|
||||||
using (ManagementObjectSearcher wmiData = new ManagementObjectSearcher(@"root\SecurityCenter2", "SELECT * FROM AntiVirusProduct"))
|
using (ManagementObjectSearcher wmiData = new ManagementObjectSearcher(@"root\SecurityCenter2", "SELECT * FROM AntiVirusProduct"))
|
||||||
{
|
{
|
||||||
foreach (ManagementObject virusChecker in wmiData.Get())
|
using (var data = wmiData.Get())
|
||||||
|
{
|
||||||
|
foreach (ManagementObject virusChecker in data)
|
||||||
{
|
{
|
||||||
results["Name"] = (string)virusChecker["displayName"];
|
results["Name"] = (string)virusChecker["displayName"];
|
||||||
results["ProductEXE"] = (string)virusChecker["pathToSignedProductExe"];
|
results["ProductEXE"] = (string)virusChecker["pathToSignedProductExe"];
|
||||||
@ -161,6 +173,7 @@ namespace winPEAS.Info.SystemInfo
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
}
|
||||||
catch (Exception ex)
|
catch (Exception ex)
|
||||||
{
|
{
|
||||||
Beaprint.PrintException(ex.Message);
|
Beaprint.PrintException(ex.Message);
|
||||||
|
@ -137,13 +137,18 @@ namespace winPEAS.Info.UserInfo
|
|||||||
List<string> retList = new List<string>();
|
List<string> retList = new List<string>();
|
||||||
try
|
try
|
||||||
{
|
{
|
||||||
ManagementObjectSearcher searcher = new ManagementObjectSearcher("SELECT * FROM Win32_UserProfile WHERE Loaded = True");
|
using (ManagementObjectSearcher searcher = new ManagementObjectSearcher("SELECT * FROM Win32_UserProfile WHERE Loaded = True"))
|
||||||
foreach (ManagementObject user in searcher.Get())
|
{
|
||||||
|
using (var data = searcher.Get())
|
||||||
|
{
|
||||||
|
foreach (ManagementObject user in data)
|
||||||
{
|
{
|
||||||
string username = new SecurityIdentifier(user["SID"].ToString()).Translate(typeof(NTAccount)).ToString();
|
string username = new SecurityIdentifier(user["SID"].ToString()).Translate(typeof(NTAccount)).ToString();
|
||||||
if (!username.Contains("NT AUTHORITY")) retList.Add(username);
|
if (!username.Contains("NT AUTHORITY")) retList.Add(username);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
catch (Exception ex)
|
catch (Exception ex)
|
||||||
{
|
{
|
||||||
Beaprint.PrintException(ex.Message);
|
Beaprint.PrintException(ex.Message);
|
||||||
@ -157,8 +162,12 @@ namespace winPEAS.Info.UserInfo
|
|||||||
try
|
try
|
||||||
{
|
{
|
||||||
SelectQuery query = new SelectQuery("Win32_UserProfile");
|
SelectQuery query = new SelectQuery("Win32_UserProfile");
|
||||||
ManagementObjectSearcher searcher = new ManagementObjectSearcher(query);
|
|
||||||
foreach (ManagementObject user in searcher.Get())
|
using (ManagementObjectSearcher searcher = new ManagementObjectSearcher(query))
|
||||||
|
{
|
||||||
|
using (var data = searcher.Get())
|
||||||
|
{
|
||||||
|
foreach (ManagementObject user in data)
|
||||||
{
|
{
|
||||||
try
|
try
|
||||||
{
|
{
|
||||||
@ -174,6 +183,8 @@ namespace winPEAS.Info.UserInfo
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
catch (Exception ex)
|
catch (Exception ex)
|
||||||
{
|
{
|
||||||
Beaprint.PrintException(ex.Message);
|
Beaprint.PrintException(ex.Message);
|
||||||
@ -195,7 +206,9 @@ namespace winPEAS.Info.UserInfo
|
|||||||
SelectQuery query = new SelectQuery("Win32_UserAccount");
|
SelectQuery query = new SelectQuery("Win32_UserAccount");
|
||||||
using (ManagementObjectSearcher searcher = new ManagementObjectSearcher(query))
|
using (ManagementObjectSearcher searcher = new ManagementObjectSearcher(query))
|
||||||
{
|
{
|
||||||
foreach (ManagementObject envVar in searcher.Get())
|
using (var data = searcher.Get())
|
||||||
|
{
|
||||||
|
foreach (ManagementObject envVar in data)
|
||||||
{
|
{
|
||||||
string username = (string)envVar["Name"];
|
string username = (string)envVar["Name"];
|
||||||
username = username?.ToLower();
|
username = username?.ToLower();
|
||||||
@ -211,6 +224,7 @@ namespace winPEAS.Info.UserInfo
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
}
|
||||||
|
|
||||||
return result;
|
return result;
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user