- cleanup

- fixed using on IDisposables
This commit is contained in:
makikvues 2021-01-25 23:52:29 +01:00
parent 24754e374f
commit 27e8867236
9 changed files with 223 additions and 153 deletions

View File

@ -14,8 +14,8 @@ namespace winPEAS._3rdParty.Watson
{ {
using (var searcher = new ManagementObjectSearcher(@"root\cimv2", "SELECT HotFixID FROM Win32_QuickFixEngineering")) using (var searcher = new ManagementObjectSearcher(@"root\cimv2", "SELECT HotFixID FROM Win32_QuickFixEngineering"))
{ {
var hotFixes = searcher.Get(); using (var hotFixes = searcher.Get())
{
foreach (var hotFix in hotFixes) foreach (var hotFix in hotFixes)
{ {
var line = hotFix["HotFixID"].ToString().Remove(0, 2); var line = hotFix["HotFixID"].ToString().Remove(0, 2);
@ -27,6 +27,7 @@ namespace winPEAS._3rdParty.Watson
} }
} }
} }
}
catch (ManagementException e) catch (ManagementException e)
{ {
Console.Error.WriteLine(" [!] {0}", e.Message); Console.Error.WriteLine(" [!] {0}", e.Message);
@ -41,8 +42,8 @@ namespace winPEAS._3rdParty.Watson
{ {
using (var searcher = new ManagementObjectSearcher(@"root\cimv2", "SELECT BuildNumber FROM Win32_OperatingSystem")) using (var searcher = new ManagementObjectSearcher(@"root\cimv2", "SELECT BuildNumber FROM Win32_OperatingSystem"))
{ {
var collection = searcher.Get(); using (var collection = searcher.Get())
{
foreach (var num in collection) foreach (var num in collection)
{ {
if (int.TryParse(num["BuildNumber"] as string, out int buildNumber)) if (int.TryParse(num["BuildNumber"] as string, out int buildNumber))
@ -52,6 +53,7 @@ namespace winPEAS._3rdParty.Watson
} }
} }
} }
}
catch (ManagementException e) catch (ManagementException e)
{ {
Console.Error.WriteLine(" [!] {0}", e.Message); Console.Error.WriteLine(" [!] {0}", e.Message);

View File

@ -264,7 +264,7 @@ namespace winPEAS.Checks
colors); colors);
Beaprint.PrintLineSeparator(); Beaprint.PrintLineSeparator();
} }
catch (Exception e) { } catch (Exception) { }
} }
} }
else else
@ -272,7 +272,7 @@ namespace winPEAS.Checks
Beaprint.GoodPrint(" WSL - no installed Linux distributions found."); Beaprint.GoodPrint(" WSL - no installed Linux distributions found.");
} }
} }
catch (Exception e) { } catch (Exception) { }
} }
} }
@ -512,6 +512,8 @@ namespace winPEAS.Checks
var files = SearchHelper.GetFilesFast(user, isFoldersIncluded: true); var files = SearchHelper.GetFilesFast(user, isFoldersIncluded: true);
foreach (var file in files) foreach (var file in files)
{
try
{ {
FileAttributes attr = File.GetAttributes(file.FullPath); FileAttributes attr = File.GetAttributes(file.FullPath);
if ((attr & FileAttributes.Directory) == FileAttributes.Directory) if ((attr & FileAttributes.Directory) == FileAttributes.Directory)
@ -533,6 +535,10 @@ namespace winPEAS.Checks
} }
} }
} }
catch (Exception)
{
}
}
Beaprint.PrintLineSeparator(); Beaprint.PrintLineSeparator();
} }
@ -637,8 +643,8 @@ namespace winPEAS.Checks
Beaprint.BadPrint($" {file.FullPath}"); Beaprint.BadPrint($" {file.FullPath}");
} }
} }
catch (PathTooLongException ex) { } catch (PathTooLongException) { }
catch (Exception ex) catch (Exception)
{ {
// & other exceptions // & other exceptions
} }
@ -656,12 +662,14 @@ namespace winPEAS.Checks
@"c:\esupport", @"c:\esupport",
@"c:\perflogs", @"c:\perflogs",
@"c:\programdata", @"c:\programdata",
@"c:\program files(x86)", @"c:\program files (x86)",
@"c:\program files", @"c:\program files",
@"c:\windows", @"c:\windows",
@"c:\windows.old", @"c:\windows.old",
}; };
var currentUserDir = @$"{systemDrive}users\{Environment.GetEnvironmentVariable("USERNAME")}".ToLower();
var allowedExtensions = new HashSet<string>() var allowedExtensions = new HashSet<string>()
{ {
".bat", ".bat",
@ -672,6 +680,8 @@ namespace winPEAS.Checks
var files = SearchHelper.GetFilesFast(systemDrive, "*", excludedDirs); var files = SearchHelper.GetFilesFast(systemDrive, "*", excludedDirs);
foreach (var file in files) foreach (var file in files)
{
try
{ {
if (file.Extension != null && allowedExtensions.Contains(file.Extension.ToLower())) if (file.Extension != null && allowedExtensions.Contains(file.Extension.ToLower()))
{ {
@ -680,8 +690,21 @@ namespace winPEAS.Checks
if (fileRights.Count > 0) if (fileRights.Count > 0)
{ {
Beaprint.BadPrint($" File Permissions \"{file.FullPath}\": " + string.Join(",", fileRights)); string log = $" File Permissions \"{file.FullPath}\": " + string.Join(",", fileRights);
if (file.FullPath.ToLower().StartsWith(currentUserDir))
{
Beaprint.NoColorPrint(log);
} }
else
{
Beaprint.BadPrint(log);
}
}
}
}
catch (Exception)
{
} }
} }
} }

View File

@ -354,9 +354,8 @@ namespace winPEAS.Helpers.AppLocker
return true; return true;
} }
} }
catch (Exception e) catch (Exception)
{ {
// unauthorized access ?
} }
return false; return false;

View File

@ -83,6 +83,10 @@ namespace winPEAS.Helpers.Search
{ {
return new List<FileInfo>(); return new List<FileInfo>();
} }
catch (Exception)
{
return new List<FileInfo>();
}
List<FileInfo> result = new List<FileInfo>(); List<FileInfo> result = new List<FileInfo>();
@ -104,6 +108,9 @@ namespace winPEAS.Helpers.Search
catch (DirectoryNotFoundException) catch (DirectoryNotFoundException)
{ {
} }
catch (Exception)
{
}
return result; return result;
} }
@ -151,6 +158,10 @@ namespace winPEAS.Helpers.Search
{ {
return new List<DirectoryInfo>(); return new List<DirectoryInfo>();
} }
catch (Exception)
{
return new List<DirectoryInfo>();
}
return GetStartDirectories(directories[0].FullName, files, pattern); return GetStartDirectories(directories[0].FullName, files, pattern);
} }

View File

@ -355,7 +355,7 @@ namespace winPEAS.Info.ApplicationInfo
} }
} }
} }
catch (Exception e) catch (Exception)
{ {
} }
@ -381,7 +381,7 @@ namespace winPEAS.Info.ApplicationInfo
}); });
} }
} }
catch (Exception e) catch (Exception)
{ {
} }
} }
@ -408,7 +408,7 @@ namespace winPEAS.Info.ApplicationInfo
{ "isUnquotedSpaced", "" } { "isUnquotedSpaced", "" }
}); });
} }
catch (Exception e) catch (Exception)
{ {
} }
} }
@ -422,8 +422,9 @@ namespace winPEAS.Info.ApplicationInfo
try try
{ {
SelectQuery query = new SelectQuery("Win32_StartupCommand"); SelectQuery query = new SelectQuery("Win32_StartupCommand");
ManagementObjectSearcher searcher = new ManagementObjectSearcher(query);
using (ManagementObjectSearcher searcher = new ManagementObjectSearcher(query))
{
using (ManagementObjectCollection win32_startup = searcher.Get()) using (ManagementObjectCollection win32_startup = searcher.Get())
{ {
foreach (ManagementObject startup in win32_startup) foreach (ManagementObject startup in win32_startup)
@ -465,6 +466,7 @@ namespace winPEAS.Info.ApplicationInfo
} }
} }
} }
}
catch (Exception e) catch (Exception e)
{ {
Beaprint.GrayPrint("Error getting autoruns from WMIC: " + e); Beaprint.GrayPrint("Error getting autoruns from WMIC: " + e);
@ -511,7 +513,7 @@ namespace winPEAS.Info.ApplicationInfo
}); });
} }
} }
catch (Exception e) catch (Exception)
{ {
} }
} }

View File

@ -269,10 +269,10 @@ namespace winPEAS.Info.NetworkInfo
List<Dictionary<string, string>> results = new List<Dictionary<string, string>>(); List<Dictionary<string, string>> results = new List<Dictionary<string, string>>();
try try
{ {
using (ManagementObjectSearcher wmiData = new ManagementObjectSearcher(@"root\standardcimv2", "SELECT * FROM MSFT_DNSClientCache"))
ManagementObjectSearcher wmiData = new ManagementObjectSearcher(@"root\standardcimv2", "SELECT * FROM MSFT_DNSClientCache"); {
ManagementObjectCollection data = wmiData.Get(); using (ManagementObjectCollection data = wmiData.Get())
{
foreach (ManagementObject result in data) foreach (ManagementObject result in data)
{ {
Dictionary<string, string> dnsEntry = new Dictionary<string, string>(); Dictionary<string, string> dnsEntry = new Dictionary<string, string>();
@ -285,6 +285,8 @@ namespace winPEAS.Info.NetworkInfo
results.Add(dnsEntry); results.Add(dnsEntry);
} }
} }
}
}
catch (ManagementException ex) when (ex.ErrorCode == ManagementStatus.InvalidNamespace) catch (ManagementException ex) when (ex.ErrorCode == ManagementStatus.InvalidNamespace)
{ {
Console.WriteLine(" [X] 'MSFT_DNSClientCache' WMI class unavailable (minimum supported versions of Windows: 8/2012)", ex.Message); Console.WriteLine(" [X] 'MSFT_DNSClientCache' WMI class unavailable (minimum supported versions of Windows: 8/2012)", ex.Message);

View File

@ -25,9 +25,10 @@ namespace winPEAS.Info.ServicesInfo
try try
{ {
ManagementObjectSearcher wmiData = new ManagementObjectSearcher(@"root\cimv2", "SELECT * FROM win32_service"); using (ManagementObjectSearcher wmiData = new ManagementObjectSearcher(@"root\cimv2", "SELECT * FROM win32_service"))
ManagementObjectCollection data = wmiData.Get(); {
using (ManagementObjectCollection data = wmiData.Get())
{
foreach (ManagementObject result in data) foreach (ManagementObject result in data)
{ {
if (result["PathName"] != null) if (result["PathName"] != null)
@ -65,10 +66,13 @@ namespace winPEAS.Info.ServicesInfo
} }
} }
} }
}
}
catch (Exception ex) catch (Exception ex)
{ {
Beaprint.PrintException(ex.Message); Beaprint.PrintException(ex.Message);
} }
return results; return results;
} }
@ -239,7 +243,7 @@ namespace winPEAS.Info.ServicesInfo
} }
} }
catch (Exception ex) catch (Exception)
{ {
//Beaprint.PrintException(ex.Message) //Beaprint.PrintException(ex.Message)
} }

View File

@ -76,14 +76,22 @@ namespace winPEAS.Info.SystemInfo
string dnsDomain = properties.DomainName; string dnsDomain = properties.DomainName;
const string query = "SELECT HotFixID FROM Win32_QuickFixEngineering"; const string query = "SELECT HotFixID FROM Win32_QuickFixEngineering";
var search = new ManagementObjectSearcher(query);
var collection = search.Get(); using (var search = new ManagementObjectSearcher(query))
{
using (var collection = search.Get())
{
string hotfixes = ""; string hotfixes = "";
foreach (ManagementObject quickFix in collection) foreach (ManagementObject quickFix in collection)
{
hotfixes += quickFix["HotFixID"].ToString() + ", "; hotfixes += quickFix["HotFixID"].ToString() + ", ";
}
results.Add("Hostname", strHostName); results.Add("Hostname", strHostName);
if (dnsDomain.Length > 1) results.Add("Domain Name", dnsDomain); if (dnsDomain.Length > 1)
{
results.Add("Domain Name", dnsDomain);
}
results.Add("ProductName", ProductName); results.Add("ProductName", ProductName);
results.Add("EditionID", EditionID); results.Add("EditionID", EditionID);
results.Add("ReleaseId", ReleaseId); results.Add("ReleaseId", ReleaseId);
@ -101,6 +109,8 @@ namespace winPEAS.Info.SystemInfo
results.Add("PartOfDomain", Checks.Checks.IsPartOfDomain.ToString()); results.Add("PartOfDomain", Checks.Checks.IsPartOfDomain.ToString());
results.Add("Hotfixes", hotfixes); results.Add("Hotfixes", hotfixes);
} }
}
}
catch (Exception ex) catch (Exception ex)
{ {
Beaprint.PrintException(ex.Message); Beaprint.PrintException(ex.Message);
@ -153,7 +163,9 @@ namespace winPEAS.Info.SystemInfo
whitelistpaths = String.Join("\n ", RegistryHelper.GetRegValues("HKLM", @"SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths").Keys); whitelistpaths = String.Join("\n ", RegistryHelper.GetRegValues("HKLM", @"SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths").Keys);
using (ManagementObjectSearcher wmiData = new ManagementObjectSearcher(@"root\SecurityCenter2", "SELECT * FROM AntiVirusProduct")) using (ManagementObjectSearcher wmiData = new ManagementObjectSearcher(@"root\SecurityCenter2", "SELECT * FROM AntiVirusProduct"))
{ {
foreach (ManagementObject virusChecker in wmiData.Get()) using (var data = wmiData.Get())
{
foreach (ManagementObject virusChecker in data)
{ {
results["Name"] = (string)virusChecker["displayName"]; results["Name"] = (string)virusChecker["displayName"];
results["ProductEXE"] = (string)virusChecker["pathToSignedProductExe"]; results["ProductEXE"] = (string)virusChecker["pathToSignedProductExe"];
@ -161,6 +173,7 @@ namespace winPEAS.Info.SystemInfo
} }
} }
} }
}
catch (Exception ex) catch (Exception ex)
{ {
Beaprint.PrintException(ex.Message); Beaprint.PrintException(ex.Message);

View File

@ -137,13 +137,18 @@ namespace winPEAS.Info.UserInfo
List<string> retList = new List<string>(); List<string> retList = new List<string>();
try try
{ {
ManagementObjectSearcher searcher = new ManagementObjectSearcher("SELECT * FROM Win32_UserProfile WHERE Loaded = True"); using (ManagementObjectSearcher searcher = new ManagementObjectSearcher("SELECT * FROM Win32_UserProfile WHERE Loaded = True"))
foreach (ManagementObject user in searcher.Get()) {
using (var data = searcher.Get())
{
foreach (ManagementObject user in data)
{ {
string username = new SecurityIdentifier(user["SID"].ToString()).Translate(typeof(NTAccount)).ToString(); string username = new SecurityIdentifier(user["SID"].ToString()).Translate(typeof(NTAccount)).ToString();
if (!username.Contains("NT AUTHORITY")) retList.Add(username); if (!username.Contains("NT AUTHORITY")) retList.Add(username);
} }
} }
}
}
catch (Exception ex) catch (Exception ex)
{ {
Beaprint.PrintException(ex.Message); Beaprint.PrintException(ex.Message);
@ -157,8 +162,12 @@ namespace winPEAS.Info.UserInfo
try try
{ {
SelectQuery query = new SelectQuery("Win32_UserProfile"); SelectQuery query = new SelectQuery("Win32_UserProfile");
ManagementObjectSearcher searcher = new ManagementObjectSearcher(query);
foreach (ManagementObject user in searcher.Get()) using (ManagementObjectSearcher searcher = new ManagementObjectSearcher(query))
{
using (var data = searcher.Get())
{
foreach (ManagementObject user in data)
{ {
try try
{ {
@ -174,6 +183,8 @@ namespace winPEAS.Info.UserInfo
} }
} }
} }
}
}
catch (Exception ex) catch (Exception ex)
{ {
Beaprint.PrintException(ex.Message); Beaprint.PrintException(ex.Message);
@ -195,7 +206,9 @@ namespace winPEAS.Info.UserInfo
SelectQuery query = new SelectQuery("Win32_UserAccount"); SelectQuery query = new SelectQuery("Win32_UserAccount");
using (ManagementObjectSearcher searcher = new ManagementObjectSearcher(query)) using (ManagementObjectSearcher searcher = new ManagementObjectSearcher(query))
{ {
foreach (ManagementObject envVar in searcher.Get()) using (var data = searcher.Get())
{
foreach (ManagementObject envVar in data)
{ {
string username = (string)envVar["Name"]; string username = (string)envVar["Name"];
username = username?.ToLower(); username = username?.ToLower();
@ -211,6 +224,7 @@ namespace winPEAS.Info.UserInfo
} }
} }
} }
}
return result; return result;
} }