del color blue

winPEAS/winPEASexe/winPEAS/Beaprint.cs

@@ -35,18 +35,18 @@ namespace winPEAS
         public static Color color_default = Color.LightSkyBlue;
         public static Color color_good = Color.Green;
         public static Color color_bad = Color.Red;
-        static List<Color> color_line = new List<Color>() {
+        /*static List<Color> color_line = new List<Color>() {
-            Color.SkyBlue,
+            Color.DarkOrange,
-            Color.LightPink,
+            Color.MediumPurple,
             Color.MediumVioletRed,
             Color.Linen,
             Color.MediumTurquoise,
-            Color.MediumPurple,
+            Color.SkyBlue,
             Color.Tomato,
             Color.GreenYellow,
             Color.HotPink,
             Color.Peru
-        };
+        };*/
 
         public static void PrintBanner()
         {
@@ -126,7 +126,7 @@ namespace winPEAS
                 Colorful.Console.Write("         Lightblue", color_default); Colorful.Console.WriteLine("  Indicates information extracted from the host (host dependant)");
                 Colorful.Console.Write("         Magenta", Color.Magenta); Colorful.Console.WriteLine("    Indicates current user and domain");
                 Colorful.Console.Write("         Cyan", Color.Cyan); Colorful.Console.WriteLine("       Indicates active users");
-                Colorful.Console.Write("         Blue", Color.Blue); Colorful.Console.WriteLine("       Indicates locked users");
+                //Colorful.Console.Write("         Blue", Color.Blue); Colorful.Console.WriteLine("       Indicates locked users");
                 Colorful.Console.Write("         Purple", Color.MediumPurple); Colorful.Console.WriteLine("     Indicates disablde users and links (and other info for coloring purposes)");
             }
         }
@@ -500,7 +500,7 @@ namespace winPEAS
             }
         }
 
-        public static void LinePrint(string formString, List<string> to_complete)
+        /*public static void LinePrint(string formString, List<string> to_complete)
         {
             try
             {
@@ -539,7 +539,7 @@ namespace winPEAS
             {
                 System.Console.WriteLine(ex);
             }
-        }
+        }*/
 
         public static void ListPrint(List<string> list_to_print)
         {

winPEAS/winPEASexe/winPEAS/Program.cs

@@ -20,7 +20,7 @@ namespace winPEAS
         // Static blacklists
         static string strTrue = "True";
         static string strFalse = "False";
-        static string badgroups = "docker|Remote|Admins";
+        static string badgroups = "docker|Remote |Admins";//The space in Remote is important to not mix with SeShutdownRemotePrivilege
         static string badpasswd = "NotChange|NotExpi";
         static string badPrivileges = "Enabled|ENABLED|SeImpersonatePrivilege|SeAssignPrimaryPrivilege|SeTcbPrivilege|SeBackupPrivilege|SeRestorePrivilege|SeCreateTokenPrivilege|SeLoadDriverPrivilege|SeTakeOwnershipPrivilege|SeDebugPrivilege";
         static string goodSoft = "Windows Phone Kits|Windows Kits|Windows Defender|Windows Mail|Windows Media Player|Windows Multimedia Platform|windows nt|Windows Photo Viewer|Windows Portable Devices|Windows Security|Windows Sidebar|WindowsApps|WindowsPowerShell|Microsoft|WOW6432Node|internet explorer|Internet Explorer|Common Files";
@@ -55,7 +55,7 @@ namespace winPEAS
         static string paint_interestingUserGroups = String.Join("|", currentUserGroups);
         static string paint_activeUsers = String.Join("|", UserInfo.GetMachineUsers(true, false, false, false, false));
         static string paint_disabledUsers = String.Join("|", UserInfo.GetMachineUsers(false, true, false, false, false));
-        static string paint_lockoutUsers = String.Join("|", UserInfo.GetMachineUsers(false, false, true, false, false));
+        //static string paint_lockoutUsers = String.Join("|", UserInfo.GetMachineUsers(false, false, true, false, false));
         static string paint_adminUsers = String.Join("|", UserInfo.GetMachineUsers(false, false, false, true, false));
 
 
@@ -398,7 +398,7 @@ namespace winPEAS
                 {
                     styleSheetUsers.AddStyle(paint_activeUsers, Color.Cyan);
                     if (paint_disabledUsers.Length > 1) styleSheetUsers.AddStyle(paint_disabledUsers + "|Disabled", Color.MediumPurple);
-                    if (paint_lockoutUsers.Length > 1) styleSheetUsers.AddStyle(paint_lockoutUsers + "|Lockout", Color.Blue);
+                    //if (paint_lockoutUsers.Length > 1) styleSheetUsers.AddStyle(paint_lockoutUsers + "|Lockout", Color.Blue);
                     styleSheetUsers.AddStyle(currentUserName, Color.Magenta);
                     styleSheetUsers.AddStyle(currentDomainName, Color.Magenta);
                     styleSheetUsers.AddStyle(paint_adminUsers, color_bad);
@@ -1241,7 +1241,7 @@ namespace winPEAS
                                 {
                             new Formatter(card["Name"], Color.DarkOrange),
                             new Formatter(card["PysicalAddr"], color_default),
-                            new Formatter(card["IPs"], Color.OrangeRed),
+                            new Formatter(card["IPs"], Color.DarkOrange),
                             new Formatter(card["Netmasks"].Replace(", 0.0.0.0", ""), Color.Gray),
                             new Formatter(card["Gateways"], Color.MediumPurple),
                             new Formatter(card["DNSs"], Color.MediumPurple),
@@ -1332,11 +1332,11 @@ namespace winPEAS
                                 new Formatter(rule["Profiles"], Color.Gray),
                                 new Formatter(rule["Name"], Color.DarkOrange),
                                 new Formatter(rule["AppName"], (file_perms.Length > 0 || folder_perms.Length > 0) ? color_bad : color_good),
-                                new Formatter(rule["Action"], Color.OrangeRed),
+                                new Formatter(rule["Action"], Color.Cyan),
                                 new Formatter(rule["Protocol"], Color.MediumPurple),
                                 new Formatter(rule["Direction"], color_default),
-                                new Formatter(rule["Direction"] == "IN" ? rule["Local"] : rule["Remote"], rule["Direction"] == "IN" ? color_default : Color.White),
+                                new Formatter(rule["Direction"] == "IN" ? rule["Local"] : rule["Remote"], rule["Direction"] == "IN" ? color_default : Color.Cyan),
-                                new Formatter(rule["Direction"] == "IN" ? rule["Remote"] : rule["Local"], rule["Direction"] == "IN" ? Color.White : color_default),
+                                new Formatter(rule["Direction"] == "IN" ? rule["Remote"] : rule["Local"], rule["Direction"] == "IN" ? Color.Cyan : color_default),
                                 new Formatter(file_perms, color_bad),
                                 new Formatter(folder_perms, color_bad),
                                 new Formatter(rule["Description"], Color.Gray),

winPEAS/winPEASexe/winPEAS/obj/x86/Release/winPEAS.csproj.FileListAbsolute.txt

@@ -14,4 +14,3 @@ D:\shared\privilege-escalation-awesome-script-suite\winPEAS\winPEASexe\winPEAS\o
 D:\shared\privilege-escalation-awesome-script-suite\winPEAS\winPEASexe\winPEAS\obj\x86\Release\winPEAS.csproj.CopyComplete
 D:\shared\privilege-escalation-awesome-script-suite\winPEAS\winPEASexe\winPEAS\obj\x86\Release\winPEAS.exe
 D:\shared\privilege-escalation-awesome-script-suite\winPEAS\winPEASexe\winPEAS\obj\x86\Release\winPEAS.pdb
-D:\shared\privilege-escalation-awesome-script-suite\winPEAS\winPEASexe\winPEAS\obj\x86\Release\winPEAS.csprojAssemblyReference.cache