darnellkeith/PEASS-ng
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge branch 'master' of https://github.com/carlospolop/privilege-escalation-awesome-scripts-suite

Browse Source
This commit is contained in:
carlospolop 2020-04-02 14:10:06 +01:00
commit 599fc51663
2 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
linPEAS/linpeas.sh
View File

@ -1365,7 +1365,7 @@ if [ "`echo $CHECKS | grep SofI`" ]; then
##-- 32SI) Cached AD Hashes
adhashes=`ls "/var/lib/samba/private/secrets.tdb" "/var/lib/samba/passdb.tdb" "/var/opt/quest/vas/authcache/vas_auth.vdb" "/var/lib/sss/db/cache_*" 2>/dev/null`
printf $Y"[+] "$GREEN"Looking for AD cached hahses\n"$NC
printf $Y"[+] "$GREEN"Looking for AD cached hashes\n"$NC
if [ "$adhashes" ]; then
ls -l "/var/lib/samba/private/secrets.tdb" "/var/lib/samba/passdb.tdb" "/var/opt/quest/vas/authcache/vas_auth.vdb" "/var/lib/sss/db/cache_*" 2>/dev/null
else echo_not_found "cached hashes"

4
winPEAS/winPEASexe/winPEAS/Program.cs
View File

@ -20,7 +20,7 @@ namespace winPEAS
// Static blacklists
static string strTrue = "True";
static string strFalse = "False";
static string badgroups = "docker|Remote |Admins|DNSAdmin|Azure Admins";//The space in Remote is important to not mix with SeShutdownRemotePrivilege
static string badgroups = "docker|Remote |DNSAdmins|Azure Admins|Admins";//The space in Remote is important to not mix with SeShutdownRemotePrivilege
static string badpasswd = "NotChange|NotExpi";
static string badPrivileges = "SeImpersonatePrivilege|SeAssignPrimaryPrivilege|SeTcbPrivilege|SeBackupPrivilege|SeRestorePrivilege|SeCreateTokenPrivilege|SeLoadDriverPrivilege|SeTakeOwnershipPrivilege|SeDebugPrivilege";
static string goodSoft = "Windows Phone Kits|Windows Kits|Windows Defender|Windows Mail|Windows Media Player|Windows Multimedia Platform|windows nt|Windows Photo Viewer|Windows Portable Devices|Windows Security|Windows Sidebar|WindowsApps|WindowsPowerShell| Windows$|Microsoft|WOW6432Node|internet explorer|Internet Explorer|Common Files";
@ -495,7 +495,7 @@ namespace winPEAS
{
{ paint_activeUsers_no_Administrator, Beaprint.ansi_users_active },
{ currentUserName + "|"+ currentUserDomainName, Beaprint.ansi_current_user },
{ paint_adminUsers+"|"+ badgroups + "|" + badgroups + "|" + badpasswd + "|" + badPrivileges + "|" + "DefaultPassword.*", Beaprint.ansi_color_bad },
{ paint_adminUsers+"|"+ badgroups + "|" + badpasswd + "|" + badPrivileges + "|" + "DefaultPassword.*", Beaprint.ansi_color_bad },
{ @"Disabled", Beaprint.ansi_users_disabled },
};