Merge 757dbc83cc into 06ba5a10d6
This commit is contained in:
Carlos Polop
GitHub
commit
40bedf822e
23
.github/ISSUE_TEMPLATE.md
vendored
Normal file
23
.github/ISSUE_TEMPLATE.md
vendored
Normal file
@ -0,0 +1,23 @@
|
||||
#### Issue description
|
||||
|
||||
|
||||
#### Steps to reproduce the issue
|
||||
|
||||
1.
|
||||
2.
|
||||
3.
|
||||
|
||||
#### clean / obfuscated winpeas?
|
||||
|
||||
|
||||
#### AV / Threat protection used
|
||||
|
||||
|
||||
#### Windows version / build
|
||||
|
||||
|
||||
#### Failing Winpeas check
|
||||
|
||||
|
||||
#### Additional details / screenshot
|
||||
|
||||
7
.github/workflows/CI-master_tests.yml
vendored
7
.github/workflows/CI-master_tests.yml
vendored
@ -80,22 +80,18 @@ jobs:
|
||||
whoami
|
||||
mkdir -p $env:USERPROFILE\AppData\Local\"PreEmptive Solutions"\"Dotfuscator Community Edition"\6.0 -erroraction 'silentlycontinue'
|
||||
cp DotfuscatorCE\license\* $env:USERPROFILE\AppData\Local\"PreEmptive Solutions"\"Dotfuscator Community Edition"\6.0\
|
||||
|
||||
# build obfuscated versions
|
||||
- name: Build obfuscated versions
|
||||
run: |
|
||||
DotfuscatorCE\dotfuscator.exe "winPEAS\winPEASexe\binaries\Obfuscated Releases\x64.xml"
|
||||
DotfuscatorCE\dotfuscator.exe "winPEAS\winPEASexe\binaries\Obfuscated Releases\x86.xml"
|
||||
DotfuscatorCE\dotfuscator.exe "winPEAS\winPEASexe\binaries\Obfuscated Releases\any.xml"
|
||||
|
||||
|
||||
# copy the files
|
||||
- name: Copy Dotfuscator generated files
|
||||
run: |
|
||||
cp $env:DotFuscatorGeneratedPath\x64\winPEASx64.exe "winPEAS\winPEASexe\binaries\Obfuscated Releases\winPEASx64.exe"
|
||||
cp $env:DotFuscatorGeneratedPath\x86\winPEASx86.exe "winPEAS\winPEASexe\binaries\Obfuscated Releases\winPEASx86.exe"
|
||||
cp $env:DotFuscatorGeneratedPath\any\winPEASany.exe "winPEAS\winPEASexe\binaries\Obfuscated Releases\winPEASany.exe"
|
||||
|
||||
# Git add
|
||||
- name: Create local changes
|
||||
run: |
|
||||
@ -103,7 +99,6 @@ jobs:
|
||||
git add winPEAS\winPEASexe\binaries\x64\*
|
||||
git add winPEAS\winPEASexe\binaries\x86\*
|
||||
git add "winPEAS\winPEASexe\binaries\Obfuscated Releases\*.exe"
|
||||
|
||||
# Git commit
|
||||
- name: Commit results to Github
|
||||
run: |
|
||||
@ -177,4 +172,4 @@ jobs:
|
||||
run: linPEAS/linpeas.sh -h
|
||||
|
||||
- name: Run macpeas
|
||||
run: linPEAS/linpeas.sh -o SysI,Container,Devs,AvaSof,ProCronSrvcsTmrsSocks,Net,UsrI,SofI
|
||||
run: linPEAS/linpeas.sh -o SysI,Container,Devs,AvaSof,ProCronSrvcsTmrsSocks,Net,UsrI,SofI
|
||||
@ -2,6 +2,7 @@
|
||||
## LINPEAS SPECIFICATIONS ##
|
||||
############################
|
||||
|
||||
|
||||
root_folders:
|
||||
- /applications #common
|
||||
- /bin #common
|
||||
|
||||
@ -7,12 +7,9 @@ Check the **Local Windows Privilege Escalation checklist** from **[book.hacktric
|
||||
Check more **information about how to exploit** found misconfigurations in **[book.hacktricks.xyz](https://book.hacktricks.xyz/windows/windows-local-privilege-escalation)**
|
||||
|
||||
## WinPEAS .exe and .bat
|
||||
- [Link to WinPEAS C# project (.exe)](https://github.com/carlospolop/privilege-escalation-awesome-scripts-suite/tree/master/winPEAS/winPEASexe) (.Net >= 4.5 required)
|
||||
- [Link to WinPEAS .bat project](https://github.com/carlospolop/privilege-escalation-awesome-scripts-suite/tree/master/winPEAS/winPEASbat)
|
||||
|
||||
## Let's improve PEASS together
|
||||
|
||||
If you want to **add something** and have **any cool idea** related to this project, please let me know it in the **telegram group https://t.me/peass** or using **[github issues](https://github.com/carlospolop/privilege-escalation-awesome-scripts-suite/issues)** and we will update the master version.
|
||||
- [Link to WinPEAS C# project (.exe)](https://github.com/carlospolop/privilege-escalation-awesome-scripts-suite/tree/master/winPEAS/winPEASexe) (.Net >= 4.5.2 required)
|
||||
- **Please, read the Readme of that folder to learn how to execute winpeas from memory or how make colors work among other tricks**
|
||||
|
||||
## Please, if this tool has been useful for you consider to donate
|
||||
|
||||
|
||||
@ -133,11 +133,6 @@ This is the kind of outpuf that you have to look for when usnig the winPEAS.bat
|
||||
|
||||
[](https://www.patreon.com/peass)
|
||||
|
||||
## Let's improve PEASS together
|
||||
|
||||
If you want to **add something** and have **any cool idea** related to this project, please let me know it in the **telegram group https://t.me/peass** or using **[github issues](https://github.com/carlospolop/privilege-escalation-awesome-scripts-suite/issues)** and we will update the master version.
|
||||
|
||||
|
||||
## Advisory
|
||||
|
||||
All the scripts/binaries of the PEAS Suite should be used for authorized penetration testing and/or educational purposes only. Any misuse of this software will not be the responsibility of the author or of any other collaborator. Use it at your own networks and/or with the network owner's permission.
|
||||
|
||||
@ -10,7 +10,7 @@ Check also the **Local Windows Privilege Escalation checklist** from **[book.hac
|
||||
|
||||
## Quick Start
|
||||
|
||||
**.Net >= 4.5 is required**
|
||||
**.Net >= 4.5.2 is required**
|
||||
|
||||
Precompiled binaries:
|
||||
- Download the **[latest obfuscated version from here](https://github.com/carlospolop/privilege-escalation-awesome-scripts-suite/tree/master/winPEAS/winPEASexe/binaries/Obfuscated%20Releases)** or **compile it yourself** (read instructions for compilation).
|
||||
@ -107,7 +107,7 @@ REG ADD HKCU\Console /v VirtualTerminalLevel /t REG_DWORD /d 1
|
||||
Below you have some indications about what does each color means exacty, but keep in mind that **Red** is for something interesting (from a pentester perspective) and **Green** is something well configured (from a defender perspective).
|
||||
|
||||
|
||||
## Instructions to compile
|
||||
## Instructions to compile you own obfuscated version
|
||||
|
||||
In order to compile an **ofuscated version** of Winpeas and bypass some AVs you need to ** install dotfuscator ** in *VisualStudio*.
|
||||
|
||||
@ -264,11 +264,6 @@ Once you have installed and activated it you need to:
|
||||
|
||||
</details>
|
||||
|
||||
## Let's improve PEASS together
|
||||
|
||||
If you want to **add something** and have **any cool idea** related to this project, please let me know it in the **telegram group https://t.me/peass** or using **[github issues](https://github.com/carlospolop/privilege-escalation-awesome-scripts-suite/issues)** and we will update the master version.
|
||||
|
||||
|
||||
## TODO
|
||||
- Add more checks
|
||||
- Mantain updated Watson (last JAN 2021)
|
||||
|
||||
24
winPEAS/winPEASexe/winPEAS.Tests/SmokeTests.cs
Normal file
24
winPEAS/winPEASexe/winPEAS.Tests/SmokeTests.cs
Normal file
@ -0,0 +1,24 @@
|
||||
using Microsoft.VisualStudio.TestTools.UnitTesting;
|
||||
using System;
|
||||
|
||||
namespace winPEAS.Tests
|
||||
{
|
||||
[TestClass]
|
||||
public class SmokeTests
|
||||
{
|
||||
[TestMethod]
|
||||
public void ShouldRunWinPeass()
|
||||
{
|
||||
try
|
||||
{
|
||||
string[] args = new string[] { "systeminfo", "userinfo", "networkinfo", "servicesinfo","processinfo" };
|
||||
Program.Main(args);
|
||||
}
|
||||
catch (Exception e)
|
||||
{
|
||||
Assert.Fail($"Exception thrown: {e.Message}");
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@ -139,7 +139,7 @@ namespace winPEAS.Checks
|
||||
|
||||
// get our properties
|
||||
// ref - https://docs.microsoft.com/en-us/windows/win32/api/wuapi/nn-wuapi-iupdatehistoryentry
|
||||
var title = searcherObj.GetType().InvokeMember("Title", BindingFlags.GetProperty, null, item, new object[] { }).ToString();
|
||||
var title = searcherObj.GetType().InvokeMember("Title", BindingFlags.GetProperty, null, item, new object[] { })?.ToString() ?? string.Empty;
|
||||
var date = searcherObj.GetType().InvokeMember("Date", BindingFlags.GetProperty, null, item, new object[] { });
|
||||
var description = searcherObj.GetType().InvokeMember("Description", BindingFlags.GetProperty, null, item, new object[] { });
|
||||
var clientApplicationID = searcherObj.GetType().InvokeMember("ClientApplicationID", BindingFlags.GetProperty, null, item, new object[] { });
|
||||
|
||||
@ -80,12 +80,15 @@ namespace winPEAS.Helpers.AppLocker
|
||||
|
||||
Beaprint.NoColorPrint($" AppLockerPolicy version: {appLockerSettings.Version}\n listing rules:\n\n");
|
||||
|
||||
foreach (var rule in appLockerSettings.RuleCollection)
|
||||
if (appLockerSettings.RuleCollection != null)
|
||||
{
|
||||
PrintFileHashRules(rule);
|
||||
PrintFilePathRules(rule);
|
||||
PrintFilePublisherRules(rule);
|
||||
}
|
||||
foreach (var rule in appLockerSettings.RuleCollection)
|
||||
{
|
||||
PrintFileHashRules(rule);
|
||||
PrintFilePathRules(rule);
|
||||
PrintFilePublisherRules(rule);
|
||||
}
|
||||
}
|
||||
}
|
||||
catch (COMException)
|
||||
{
|
||||
|
||||
@ -143,6 +143,12 @@ namespace winPEAS.Helpers.Registry
|
||||
{
|
||||
myKey = Microsoft.Win32.Registry.CurrentUser.OpenSubKey(path);
|
||||
}
|
||||
|
||||
if (myKey == null)
|
||||
{
|
||||
return new string[0];
|
||||
}
|
||||
|
||||
String[] subkeyNames = myKey.GetSubKeyNames();
|
||||
return myKey.GetSubKeyNames();
|
||||
}
|
||||
|
||||
@ -92,6 +92,12 @@ namespace winPEAS.Info.SystemInfo.SysMon
|
||||
try
|
||||
{
|
||||
var key = registryKey.OpenSubKey(paramsKey);
|
||||
|
||||
if (key == null)
|
||||
{
|
||||
return null;
|
||||
}
|
||||
|
||||
byte[] result = (byte[])key.GetValue(val);
|
||||
|
||||
return result;
|
||||
|
||||
@ -90,7 +90,10 @@ namespace winPEAS.Wifi.NativeWifiApi
|
||||
|
||||
~WlanClient()
|
||||
{
|
||||
WlanApi.WlanCloseHandle(clientHandle, IntPtr.Zero);
|
||||
if (clientHandle != IntPtr.Zero)
|
||||
{
|
||||
WlanApi.WlanCloseHandle(clientHandle, IntPtr.Zero);
|
||||
}
|
||||
}
|
||||
|
||||
/// <summary>
|
||||
|
||||
Loading…
Reference in New Issue
Block a user