darnellkeith/PEASS-ng
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

images, banners & options

Browse Source
This commit is contained in:
carlospolop 2019-11-04 07:59:43 -05:00
parent 42ff07fe8c
commit 938c2e13b0
40 changed files with 1095 additions and 8595 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.gitignore vendored Normal file → Executable file
View File

@ -1,2 +1,4 @@
.vs/* .vs/*
winPEAS/winPEASexe/.vs/* winPEAS/winPEASexe/.vs/*
Debug/*
winPEAS/winPEASexe/winPEAS/bin/Debug/*

BIN
linPEAS/images/help.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 43 KiB

After

Width:  |  Height:  |  Size: 356 KiB

1717
linPEAS/linpeas.sh
View File

File diff suppressed because it is too large Load Diff

BIN
winPEAS/winPEASexe/.vs/winPEAS/v16/.suo
View File

Binary file not shown.

BIN
winPEAS/winPEASexe/.vs/winPEAS/v16/Server/sqlite3/storage.ide
View File

Binary file not shown.

BIN
winPEAS/winPEASexe/.vs/winPEAS/v16/Server/sqlite3/storage.ide-shm
View File

Binary file not shown.

BIN
winPEAS/winPEASexe/.vs/winPEAS/v16/Server/sqlite3/storage.ide-wal
View File

Binary file not shown.

4
winPEAS/winPEASexe/README.md
View File

@ -10,7 +10,7 @@ Check also the **Local Windows Privilege Escalation checklist** from **[book.hac
Download the **[latest version from here](https://github.com/carlospolop/privilege-escalation-awesome-script-suite/tree/master/winPEAS/winPEASexe/winPEAS/bin)** or **compile it yourself**. Download the **[latest version from here](https://github.com/carlospolop/privilege-escalation-awesome-script-suite/tree/master/winPEAS/winPEASexe/winPEAS/bin)** or **compile it yourself**.
```bash ```bash
winpeas.exe ansii #ANSII color for linux consoles (reverse shell) winpeas.exe ansi #ANSI color for linux consoles (reverse shell)
winpeas.exe #Will execute all checks except the ones that execute MD commands winpeas.exe #Will execute all checks except the ones that execute MD commands
winpeas.exe cmd #All checks winpeas.exe cmd #All checks
winpeas.exe cmd fast #All except the one that search for files winpeas.exe cmd fast #All except the one that search for files
@ -27,7 +27,7 @@ The **ouput will be colored**. Below you have some indications about what does e
The tool is heavily based in **[SeatBelt](https://github.com/GhostPack/Seatbelt)**. The tool is heavily based in **[SeatBelt](https://github.com/GhostPack/Seatbelt)**.
**IMPORTANT TO NOTICE:** By default WinPEAS will use colord for Windows terminals (without ANSII characters). If execute winpeas.exe from a reverse shell without any option **no color will be printed**. To see colors in a linux terminal you need to use the **ansii** parameter. **IMPORTANT TO NOTICE:** By default WinPEAS will use colors for Windows terminals (without ANSI characters). If you are executing winpeas.exe from a reverse shell without any option **any color will be appear**. To see colors in a linux terminal you need to use the **ansi** parameter.
## Help ## Help

BIN
winPEAS/winPEASexe/images/help.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 159 KiB

After

Width:  |  Height:  |  Size: 157 KiB

BIN
winPEAS/winPEASexe/privilege-escalation-awesome-script-suite-master.zip
View File

Binary file not shown.

99
winPEAS/winPEASexe/winPEAS/Beaprint.cs
View File

@ -23,11 +23,11 @@ namespace winPEAS
static string LCYAN = "\x1b[1;36m"; static string LCYAN = "\x1b[1;36m";
static string REDYELLOW = "\x1b[31;103m"; static string REDYELLOW = "\x1b[31;103m";
public static string NOCOLOR = "\x1b[0m"; public static string NOCOLOR = "\x1b[0m";
public static string ansii_color_bad = RED; public static string ansi_color_bad = RED;
public static string ansii_color_good = GREEN; public static string ansi_color_good = GREEN;
public static string ansii_users_active = CYAN; public static string ansi_users_active = CYAN;
public static string ansii_users_disabled = BLUE; public static string ansi_users_disabled = BLUE;
public static string ansii_current_user = MAGENTA; public static string ansi_current_user = MAGENTA;
public static Color color_key = Color.DarkSeaGreen; public static Color color_key = Color.DarkSeaGreen;
public static Color color_not_found = Color.Gray; public static Color color_not_found = Color.Gray;
@ -47,25 +47,56 @@ namespace winPEAS
Color.Peru Color.Peru
}; };
public static void PrintBanner()
{
System.Console.WriteLine(@"
*((,.,/((((((((((((((((((((/, */
,/*,..*(((((((((((((((((((((((((((((((((, ,/
.,*/((((((((((((((((((/, .*//((//**, .*((((((* ./,
(((((((((((((((((* .****,,,/((##########(* ,((((((* (
((((((((((((/* .***************,,/(########(. ((((((* *,
,.. ...,****************(@@@#(/***/(#####* /((((((./
,,,..**********************&@@@#@@@@@(***,.*(###* /(((((*.
,, ,**********************#@@&(#%@@@%*********,,((/ /(((((
,. ...........,,*********/%@@&&@@@@@/*************,,..((((
,,**(################(/*****//&@@@@%****************** /((
.**(########################(/,.,/(/*******************.*(
.*/(#############################(/*********************,*
,*/(##################################(/*****************.
,*((######################################(**************.
.*((######(,.***.,(###################(..***(/***********.
.,/(######*(#####((##################((######/(**********.
,.*/##################(/**********(################(*****.
,.,*(####################/*******(####################((/.
,, **((############################################/ /((
,,, ,*((#########################################(..((((((
. .. ,**/(#####################################( .((((((((
(((((* ,(#################################((* /(((((((((
((((((((((. ,(############################(../((((((((((
(((((((((/, ,####################(/..((((((((((
(((((((((/,. ,*//////*,. ./(((((((((((
((((((((((((((((((((((((((((/");
}
public static void PrintInit() public static void PrintInit()
{ {
Colorful.Console.WriteLine(); Colorful.Console.WriteLine();
Colorful.Console.WriteLine(); if (Program.banner)
PrintBanner();
if (Program.using_ansii) if (Program.using_ansi)
{ {
System.Console.WriteLine(YELLOW + "[+] " + NOCOLOR + "WinPEAS" + GREEN + Program.version + NOCOLOR ); System.Console.WriteLine(YELLOW + " " + NOCOLOR + "WinPEAS " + GREEN + Program.version + NOCOLOR + YELLOW + " by carlospolop" + NOCOLOR );
} }
else else
{ {
Formatter[] colorsString = new Formatter[] Formatter[] colorsString = new Formatter[]
{ {
new Formatter( " [+] ", Color.Yellow), new Formatter( " WinPEAS", color_key),
new Formatter( "WinPEASv", color_key),
new Formatter( Program.version, color_default), new Formatter( Program.version, color_default),
}; };
Colorful.Console.WriteLineFormatted("{0}{1}{2}", color_key, colorsString); Colorful.Console.WriteLineFormatted("{0} {1} by carlospolop", Color.Yellow, colorsString);
} }
LinkPrint("https://book.hacktricks.xyz/windows/checklist-windows-privilege-escalation", "You can find a Windows local PE Checklist here:"); LinkPrint("https://book.hacktricks.xyz/windows/checklist-windows-privilege-escalation", "You can find a Windows local PE Checklist here:");
PrintLeyend(); PrintLeyend();
@ -73,7 +104,7 @@ namespace winPEAS
static void PrintLeyend() static void PrintLeyend()
{ {
if (Program.using_ansii) if (Program.using_ansi)
{ {
System.Console.WriteLine(YELLOW + " [+] " + GREEN + "Leyend:" + NOCOLOR); System.Console.WriteLine(YELLOW + " [+] " + GREEN + "Leyend:" + NOCOLOR);
System.Console.WriteLine(RED + " Red" + GRAY + " Indicates a special privilege over an object or something is misconfigured" + NOCOLOR); System.Console.WriteLine(RED + " Red" + GRAY + " Indicates a special privilege over an object or something is misconfigured" + NOCOLOR);
@ -98,10 +129,11 @@ namespace winPEAS
public static void PrintUsage() public static void PrintUsage()
{ {
if (Program.using_ansii) if (Program.using_ansi)
{ {
System.Console.WriteLine(YELLOW + " [*] " + GREEN + "WinPEAS is a binary to enumerate possible paths to escalate privileges locally" + NOCOLOR); System.Console.WriteLine(YELLOW + " [*] " + GREEN + "WinPEAS is a binary to enumerate possible paths to escalate privileges locally" + NOCOLOR);
System.Console.WriteLine(LBLUE + "\tansii" + GRAY + " Use ANSII colors (see color from linux terminal)" + NOCOLOR); System.Console.WriteLine(LBLUE + "\tquiet" + GRAY + " Do not print banner" + NOCOLOR);
System.Console.WriteLine(LBLUE + "\tansi" + GRAY + " Use ansi colors (see color from linux terminal)" + NOCOLOR);
System.Console.WriteLine(LBLUE + "\tfast" + GRAY + " This will avoid very time consuming checks" + NOCOLOR); System.Console.WriteLine(LBLUE + "\tfast" + GRAY + " This will avoid very time consuming checks" + NOCOLOR);
System.Console.WriteLine(LBLUE + "\tcmd" + GRAY + " Obtain wifi, cred manager and clipboard information executing CMD commands" + NOCOLOR); System.Console.WriteLine(LBLUE + "\tcmd" + GRAY + " Obtain wifi, cred manager and clipboard information executing CMD commands" + NOCOLOR);
System.Console.WriteLine(LBLUE + "\tsysteminfo" + GRAY + " Search system information" + NOCOLOR); System.Console.WriteLine(LBLUE + "\tsysteminfo" + GRAY + " Search system information" + NOCOLOR);
@ -118,7 +150,8 @@ namespace winPEAS
else else
{ {
Colorful.Console.Write(" [*] ", Color.Yellow); Colorful.Console.WriteLine("WinPEAS is a binary to enumerate possible paths to escalate privileges locally", color_key); Colorful.Console.Write(" [*] ", Color.Yellow); Colorful.Console.WriteLine("WinPEAS is a binary to enumerate possible paths to escalate privileges locally", color_key);
Colorful.Console.Write("\tansii", color_default); Colorful.Console.WriteLine(" Use ANSII colors (see color from linux terminal)", Color.Gray); Colorful.Console.Write("\tquiet", color_default); Colorful.Console.WriteLine(" Do not print banner", Color.Gray);
Colorful.Console.Write("\tansi", color_default); Colorful.Console.WriteLine(" Use ansi colors (see color from linux terminal)", Color.Gray);
Colorful.Console.Write("\tfast", color_default); Colorful.Console.WriteLine(" This will avoid very time consuming checks", Color.Gray); Colorful.Console.Write("\tfast", color_default); Colorful.Console.WriteLine(" This will avoid very time consuming checks", Color.Gray);
Colorful.Console.Write("\tcmd", color_default); Colorful.Console.WriteLine(" Obtain wifi, cred manager and clipboard information executing CMD commands", Color.Gray); Colorful.Console.Write("\tcmd", color_default); Colorful.Console.WriteLine(" Obtain wifi, cred manager and clipboard information executing CMD commands", Color.Gray);
Colorful.Console.Write("\tsysteminfo", color_default); Colorful.Console.WriteLine(" Search system information", Color.Gray); Colorful.Console.Write("\tsysteminfo", color_default); Colorful.Console.WriteLine(" Search system information", Color.Gray);
@ -141,7 +174,7 @@ namespace winPEAS
System.Console.WriteLine(); System.Console.WriteLine();
System.Console.WriteLine(); System.Console.WriteLine();
int halfTotal = 60; int halfTotal = 60;
if (Program.using_ansii) if (Program.using_ansi)
System.Console.WriteLine(LCYAN + " " + new String('=', halfTotal - toPrint.Length) + "(" +NOCOLOR + YELLOW + toPrint + LCYAN + ")" + new String('=', halfTotal - toPrint.Length) + NOCOLOR); System.Console.WriteLine(LCYAN + " " + new String('=', halfTotal - toPrint.Length) + "(" +NOCOLOR + YELLOW + toPrint + LCYAN + ")" + new String('=', halfTotal - toPrint.Length) + NOCOLOR);
else else
{ {
@ -162,7 +195,7 @@ namespace winPEAS
try try
{ {
Colorful.Console.WriteLine(); Colorful.Console.WriteLine();
if (Program.using_ansii) if (Program.using_ansi)
System.Console.WriteLine(YELLOW + " [+] " + LRED + toPrint + YELLOW + "(" + GRAY + attackid + YELLOW + ")" + NOCOLOR); System.Console.WriteLine(YELLOW + " [+] " + LRED + toPrint + YELLOW + "(" + GRAY + attackid + YELLOW + ")" + NOCOLOR);
else else
{ {
@ -185,7 +218,7 @@ namespace winPEAS
{ {
try try
{ {
if (Program.using_ansii) if (Program.using_ansi)
System.Console.WriteLine(YELLOW + " [?] " + LBLUE + comment + " " + LYELLOW + link + NOCOLOR); System.Console.WriteLine(YELLOW + " [?] " + LBLUE + comment + " " + LYELLOW + link + NOCOLOR);
else else
{ {
@ -208,7 +241,7 @@ namespace winPEAS
{ {
try try
{ {
if (Program.using_ansii) if (Program.using_ansi)
System.Console.WriteLine(YELLOW + " [i] " + LBLUE + toPrint + NOCOLOR); System.Console.WriteLine(YELLOW + " [i] " + LBLUE + toPrint + NOCOLOR);
else else
{ {
@ -233,7 +266,7 @@ namespace winPEAS
public static void GoodPrint(string to_print) public static void GoodPrint(string to_print)
{ {
if (Program.using_ansii) if (Program.using_ansi)
System.Console.WriteLine(GREEN + to_print + NOCOLOR); System.Console.WriteLine(GREEN + to_print + NOCOLOR);
else else
Colorful.Console.WriteLine(to_print, color_good); Colorful.Console.WriteLine(to_print, color_good);
@ -241,7 +274,7 @@ namespace winPEAS
public static void BadPrint(string to_print) public static void BadPrint(string to_print)
{ {
if (Program.using_ansii) if (Program.using_ansi)
System.Console.WriteLine(RED + to_print + NOCOLOR); System.Console.WriteLine(RED + to_print + NOCOLOR);
else else
Colorful.Console.WriteLine(to_print, color_bad); Colorful.Console.WriteLine(to_print, color_bad);
@ -249,7 +282,7 @@ namespace winPEAS
public static void GrayPrint(string to_print) public static void GrayPrint(string to_print)
{ {
if (Program.using_ansii) if (Program.using_ansi)
System.Console.WriteLine(GRAY + to_print + NOCOLOR); System.Console.WriteLine(GRAY + to_print + NOCOLOR);
else else
Colorful.Console.WriteLine(to_print, color_not_found); Colorful.Console.WriteLine(to_print, color_not_found);
@ -260,22 +293,22 @@ namespace winPEAS
{ {
GrayPrint(" ================================================================================================="); GrayPrint(" =================================================================================================");
} }
public static void AnsiiPrint(string to_print, Dictionary<string, string> ansii_colors_regexp) public static void AnsiPrint(string to_print, Dictionary<string, string> ansi_colors_regexp)
{ {
if (to_print.Trim().Length > 0) if (to_print.Trim().Length > 0)
{ {
foreach (string line in to_print.Split('\n')) foreach (string line in to_print.Split('\n'))
{ {
string new_line = line; string new_line = line;
foreach (KeyValuePair<string, string> color in ansii_colors_regexp) foreach (KeyValuePair<string, string> color in ansi_colors_regexp)
new_line = RegexAnsii(new_line, color.Value, color.Key); new_line = Regexansi(new_line, color.Value, color.Key);
System.Console.WriteLine(new_line); System.Console.WriteLine(new_line);
} }
} }
} }
static string RegexAnsii(string to_match, string color, string rgxp) static string Regexansi(string to_match, string color, string rgxp)
{ {
Regex regex = new Regex(rgxp); Regex regex = new Regex(rgxp);
Match match = regex.Match(to_match); Match match = regex.Match(to_match);
@ -283,7 +316,7 @@ namespace winPEAS
return to_match.Replace(match.Value, color + match.Value + NOCOLOR); return to_match.Replace(match.Value, color + match.Value + NOCOLOR);
return to_match; return to_match;
} }
public static void DictPrint(Dictionary<string, string> dicprint, Dictionary<string, string> ansii_colors_regexp, bool delete_nulls) public static void DictPrint(Dictionary<string, string> dicprint, Dictionary<string, string> ansi_colors_regexp, bool delete_nulls)
{ {
try try
{ {
@ -293,10 +326,10 @@ namespace winPEAS
continue; continue;
string value = entry.Value; string value = entry.Value;
string key = entry.Key; string key = entry.Key;
foreach (KeyValuePair<string, string> color in ansii_colors_regexp) foreach (KeyValuePair<string, string> color in ansi_colors_regexp)
{ {
key = RegexAnsii(key, color.Value, color.Key); key = Regexansi(key, color.Value, color.Key);
value = RegexAnsii(value, color.Value, color.Key); value = Regexansi(value, color.Value, color.Key);
} }
System.Console.WriteLine(" " + key + ": " + value); System.Console.WriteLine(" " + key + ": " + value);
} }
@ -316,7 +349,7 @@ namespace winPEAS
{ {
if (delete_nulls && String.IsNullOrEmpty(entry.Value)) if (delete_nulls && String.IsNullOrEmpty(entry.Value))
continue; continue;
if (Program.using_ansii) if (Program.using_ansi)
System.Console.WriteLine(" " + entry.Key + ": " + entry.Value); System.Console.WriteLine(" " + entry.Key + ": " + entry.Value);
else else
@ -508,7 +541,7 @@ namespace winPEAS
{ {
if (list_to_print.Count > 0) if (list_to_print.Count > 0)
{ {
if (Program.using_ansii) if (Program.using_ansi)
{ {
foreach (string elem in list_to_print) foreach (string elem in list_to_print)
System.Console.WriteLine(" " + elem); System.Console.WriteLine(" " + elem);
@ -533,7 +566,7 @@ namespace winPEAS
if (list_to_print.Count > 0) if (list_to_print.Count > 0)
{ {
foreach (string elem in list_to_print) foreach (string elem in list_to_print)
AnsiiPrint(" " + elem, dic_colors); AnsiPrint(" " + elem, dic_colors);
} }
else else
NotFoundPrint(); NotFoundPrint();

4
winPEAS/winPEASexe/winPEAS/MyUtils.cs
View File

@ -554,8 +554,8 @@ namespace winPEAS
// search every pattern in this directory's files // search every pattern in this directory's files
foreach (string pattern in patterns.Split(';')) foreach (string pattern in patterns.Split(';'))
{ {
if (Program.using_ansii) if (Program.using_ansi)
Beaprint.AnsiiPrint(String.Join("\n", Directory.GetFiles(path, pattern, SearchOption.TopDirectoryOnly).Where(filepath => !filepath.Contains(".dll"))), color); Beaprint.AnsiPrint(String.Join("\n", Directory.GetFiles(path, pattern, SearchOption.TopDirectoryOnly).Where(filepath => !filepath.Contains(".dll"))), color);
else else
Colorful.Console.WriteLineStyled(String.Join("\n", Directory.GetFiles(path, pattern, SearchOption.TopDirectoryOnly).Where(filepath => !filepath.Contains(".dll"))), ss); // .exe can be contained because of appcmd.exe Colorful.Console.WriteLineStyled(String.Join("\n", Directory.GetFiles(path, pattern, SearchOption.TopDirectoryOnly).Where(filepath => !filepath.Contains(".dll"))), ss); // .exe can be contained because of appcmd.exe
} }

234
winPEAS/winPEASexe/winPEAS/Program.cs
View File

@ -9,10 +9,11 @@ namespace winPEAS
{ {
class Program class Program
{ {
public static string version = "BETA VERSION"; public static bool banner = true;
public static string version = "vBETA VERSION";
static bool is_fast = false; static bool is_fast = false;
static bool exec_cmd = false; static bool exec_cmd = false;
public static bool using_ansii = false; public static bool using_ansi = false;
// Static blacklists // Static blacklists
static string strTrue = "True"; static string strTrue = "True";
@ -35,11 +36,11 @@ namespace winPEAS
static Color color_key = Beaprint.color_key; static Color color_key = Beaprint.color_key;
static Color color_good = Beaprint.color_good; static Color color_good = Beaprint.color_good;
static Color color_bad = Beaprint.color_bad; static Color color_bad = Beaprint.color_bad;
static string ansii_color_bad = Beaprint.ansii_color_bad; static string ansi_color_bad = Beaprint.ansi_color_bad;
static string ansii_color_good = Beaprint.ansii_color_good; static string ansi_color_good = Beaprint.ansi_color_good;
static string ansii_users_active = Beaprint.ansii_users_active; static string ansi_users_active = Beaprint.ansi_users_active;
static string ansii_users_disabled = Beaprint.ansii_users_disabled; static string ansi_users_disabled = Beaprint.ansi_users_disabled;
static string ansii_current_user = Beaprint.ansii_current_user; static string ansi_current_user = Beaprint.ansi_current_user;
static StyleSheet onlyDefaultStyleSheet = new StyleSheet(color_default); static StyleSheet onlyDefaultStyleSheet = new StyleSheet(color_default);
static StyleSheet onlyKeyStyleSheet = new StyleSheet(color_key); static StyleSheet onlyKeyStyleSheet = new StyleSheet(color_key);
@ -69,11 +70,11 @@ namespace winPEAS
Beaprint.MainPrint("Basic System Information", "T1082&T1124&T1012&T1497&T1212"); Beaprint.MainPrint("Basic System Information", "T1082&T1124&T1012&T1497&T1212");
Beaprint.LinkPrint("https://book.hacktricks.xyz/windows/windows-local-privilege-escalation#kernel-exploits", "Check if the Windows versions is vulnerable to some known exploit"); Beaprint.LinkPrint("https://book.hacktricks.xyz/windows/windows-local-privilege-escalation#kernel-exploits", "Check if the Windows versions is vulnerable to some known exploit");
Dictionary<string, string> basicDictSystem = SystemInfo.GetBasicOSInfo(); Dictionary<string, string> basicDictSystem = SystemInfo.GetBasicOSInfo();
if (using_ansii) if (using_ansi)
{ {
Dictionary<string, string> colorsSI = new Dictionary<string, string>() Dictionary<string, string> colorsSI = new Dictionary<string, string>()
{ {
{ strTrue, ansii_color_bad } { strTrue, ansi_color_bad }
}; };
Beaprint.DictPrint(basicDictSystem, colorsSI, false); Beaprint.DictPrint(basicDictSystem, colorsSI, false);
} }
@ -143,11 +144,11 @@ namespace winPEAS
Beaprint.MainPrint("LAPS Settings", "T1012"); Beaprint.MainPrint("LAPS Settings", "T1012");
Beaprint.LinkPrint("", "If installed, local administrator password change frequently in domain-joined boxes and is restricted by ACL"); Beaprint.LinkPrint("", "If installed, local administrator password change frequently in domain-joined boxes and is restricted by ACL");
Dictionary<string, string> lapsDict = SystemInfo.GetLapsSettings(); Dictionary<string, string> lapsDict = SystemInfo.GetLapsSettings();
if (using_ansii) if (using_ansi)
{ {
Dictionary<string, string> colorsSI = new Dictionary<string, string>() Dictionary<string, string> colorsSI = new Dictionary<string, string>()
{ {
{ badLAPS, ansii_color_bad } { badLAPS, ansi_color_bad }
}; };
Beaprint.DictPrint(lapsDict, colorsSI, false); Beaprint.DictPrint(lapsDict, colorsSI, false);
} }
@ -171,11 +172,11 @@ namespace winPEAS
Beaprint.MainPrint("User Environment Variables", ""); Beaprint.MainPrint("User Environment Variables", "");
Beaprint.LinkPrint("", "Check for some passwords or keys in the env variables"); Beaprint.LinkPrint("", "Check for some passwords or keys in the env variables");
Dictionary<string, string> userEnvDict = SystemInfo.GetUserEnvVariables(); Dictionary<string, string> userEnvDict = SystemInfo.GetUserEnvVariables();
if (using_ansii) if (using_ansi)
{ {
Dictionary<string, string> colorsSI = new Dictionary<string, string>() Dictionary<string, string> colorsSI = new Dictionary<string, string>()
{ {
{ print_credStrings, ansii_color_bad } { print_credStrings, ansi_color_bad }
}; };
Beaprint.DictPrint(userEnvDict, colorsSI, false); Beaprint.DictPrint(userEnvDict, colorsSI, false);
} }
@ -199,11 +200,11 @@ namespace winPEAS
Beaprint.MainPrint("System Environment Variables", ""); Beaprint.MainPrint("System Environment Variables", "");
Beaprint.LinkPrint("", "Check for some passwords or keys in the env variables"); Beaprint.LinkPrint("", "Check for some passwords or keys in the env variables");
Dictionary<string, string> sysEnvDict = SystemInfo.GetSystemEnvVariables(); Dictionary<string, string> sysEnvDict = SystemInfo.GetSystemEnvVariables();
if (using_ansii) if (using_ansi)
{ {
Dictionary<string, string> colorsSI = new Dictionary<string, string>() Dictionary<string, string> colorsSI = new Dictionary<string, string>()
{ {
{ print_credStrings, ansii_color_bad } { print_credStrings, ansi_color_bad }
}; };
Beaprint.DictPrint(sysEnvDict, colorsSI, false); Beaprint.DictPrint(sysEnvDict, colorsSI, false);
} }
@ -260,13 +261,13 @@ namespace winPEAS
if (drive_permissions.Length > 0) if (drive_permissions.Length > 0)
dToPrint += "(Permissions: {5})"; dToPrint += "(Permissions: {5})";
if (using_ansii) if (using_ansi)
{ {
Dictionary<string, string> colorsSI = new Dictionary<string, string>() Dictionary<string, string> colorsSI = new Dictionary<string, string>()
{ {
{ "Permissions.*", ansii_color_bad} { "Permissions.*", ansi_color_bad}
}; };
Beaprint.AnsiiPrint(String.Format(dToPrint, drive["Name"], drive["Type"], drive["Volume label"], drive["Filesystem"], (((Int64.Parse(drive["Available space"]) / 1024) / 1024) / 1024).ToString(), drive_permissions), colorsSI); Beaprint.AnsiPrint(String.Format(dToPrint, drive["Name"], drive["Type"], drive["Volume label"], drive["Filesystem"], (((Int64.Parse(drive["Available space"]) / 1024) / 1024) / 1024).ToString(), drive_permissions), colorsSI);
} }
else else
@ -316,12 +317,12 @@ namespace winPEAS
Beaprint.LinkPrint("https://book.hacktricks.xyz/windows/windows-local-privilege-escalation#basic-uac-bypass-full-file-system-access", "If you are in the Administrators group check how to bypass the UAC"); Beaprint.LinkPrint("https://book.hacktricks.xyz/windows/windows-local-privilege-escalation#basic-uac-bypass-full-file-system-access", "If you are in the Administrators group check how to bypass the UAC");
Dictionary<string, string> uacDict = SystemInfo.GetUACSystemPolicies(); Dictionary<string, string> uacDict = SystemInfo.GetUACSystemPolicies();
if (using_ansii) if (using_ansi)
{ {
Dictionary<string, string> colorsSI = new Dictionary<string, string>() Dictionary<string, string> colorsSI = new Dictionary<string, string>()
{ {
{ badUAC, ansii_color_bad }, { badUAC, ansi_color_bad },
{ goodUAC, ansii_color_good } { goodUAC, ansi_color_good }
}; };
Beaprint.DictPrint(uacDict, colorsSI, false); Beaprint.DictPrint(uacDict, colorsSI, false);
} }
@ -414,15 +415,15 @@ namespace winPEAS
{ {
return new Dictionary<string, string>() return new Dictionary<string, string>()
{ {
{ paint_activeUsers, ansii_users_active }, { paint_activeUsers, ansi_users_active },
{ paint_disabledUsers, ansii_users_disabled }, { paint_disabledUsers, ansi_users_disabled },
{ currentUserName, ansii_current_user }, { currentUserName, ansi_current_user },
{ currentDomainName, ansii_current_user }, { currentDomainName, ansi_current_user },
{ paint_adminUsers, ansii_color_bad }, { paint_adminUsers, ansi_color_bad },
{ badgroups, ansii_color_bad }, { badgroups, ansi_color_bad },
{ badpasswd, ansii_color_bad }, { badpasswd, ansi_color_bad },
{ badPrivileges, ansii_color_bad }, { badPrivileges, ansi_color_bad },
{ "DefaultPassword.*", ansii_color_bad }, { "DefaultPassword.*", ansi_color_bad },
}; };
} }
@ -433,9 +434,9 @@ namespace winPEAS
Beaprint.MainPrint("Current users", "T1087&T1069&T1033"); Beaprint.MainPrint("Current users", "T1087&T1069&T1033");
Beaprint.LinkPrint("https://book.hacktricks.xyz/windows/windows-local-privilege-escalation#users-and-groups", "Check if you have some admin equivalent privileges"); Beaprint.LinkPrint("https://book.hacktricks.xyz/windows/windows-local-privilege-escalation#users-and-groups", "Check if you have some admin equivalent privileges");
List<string> users_grps = UserInfo.GetMachineUsers(false, false, false, false, true); List<string> users_grps = UserInfo.GetMachineUsers(false, false, false, false, true);
if (using_ansii) if (using_ansi)
{ {
Beaprint.AnsiiPrint(" Current user: " + currentUserName, colorsU()); Beaprint.AnsiPrint(" Current user: " + currentUserName, colorsU());
Beaprint.ListPrint(users_grps, colorsU()); Beaprint.ListPrint(users_grps, colorsU());
} }
else else
@ -457,7 +458,7 @@ namespace winPEAS
Beaprint.MainPrint("Current Token privileges", "T1134"); Beaprint.MainPrint("Current Token privileges", "T1134");
Beaprint.LinkPrint("https://book.hacktricks.xyz/windows/windows-local-privilege-escalation#token-manipulation", "Check if you can escalate privilege using some enabled token"); Beaprint.LinkPrint("https://book.hacktricks.xyz/windows/windows-local-privilege-escalation#token-manipulation", "Check if you can escalate privilege using some enabled token");
Dictionary<string, string> token_privs = UserInfo.GetTokenGroupPrivs(); Dictionary<string, string> token_privs = UserInfo.GetTokenGroupPrivs();
if (using_ansii) if (using_ansi)
Beaprint.DictPrint(token_privs, colorsU(), false); Beaprint.DictPrint(token_privs, colorsU(), false);
else else
Beaprint.DictPrint(token_privs, CreateUsersSS(), false); Beaprint.DictPrint(token_privs, CreateUsersSS(), false);
@ -499,7 +500,7 @@ namespace winPEAS
{ {
Beaprint.MainPrint("Logged users", "T1087&T1033"); Beaprint.MainPrint("Logged users", "T1087&T1033");
List<string> loggedusers = UserInfo.GetLoggedUsers(); List<string> loggedusers = UserInfo.GetLoggedUsers();
if (using_ansii) if (using_ansi)
Beaprint.ListPrint(loggedusers, colorsU()); Beaprint.ListPrint(loggedusers, colorsU());
else else
Beaprint.ListPrint(loggedusers, CreateUsersSS()); Beaprint.ListPrint(loggedusers, CreateUsersSS());
@ -520,10 +521,10 @@ namespace winPEAS
{ {
string format = " {0,-10}{1,-15}{2,-15}{3,-25}{4,-10}{5}"; string format = " {0,-10}{1,-15}{2,-15}{3,-25}{4,-10}{5}";
string header = String.Format(format, "SessID", "pSessionName", "pUserName", "pDomainName", "State", "SourceIP"); string header = String.Format(format, "SessID", "pSessionName", "pUserName", "pDomainName", "State", "SourceIP");
if (using_ansii) { if (using_ansi) {
System.Console.WriteLine(header); System.Console.WriteLine(header);
foreach (Dictionary<string, string> rdp_ses in rdp_sessions) foreach (Dictionary<string, string> rdp_ses in rdp_sessions)
Beaprint.AnsiiPrint(String.Format(format, rdp_ses["SessionID"], rdp_ses["pSessionName"], rdp_ses["pUserName"], rdp_ses["pDomainName"], rdp_ses["State"], rdp_ses["SourceIP"]), colorsU()); Beaprint.AnsiPrint(String.Format(format, rdp_ses["SessionID"], rdp_ses["pSessionName"], rdp_ses["pUserName"], rdp_ses["pDomainName"], rdp_ses["State"], rdp_ses["SourceIP"]), colorsU());
} }
else { else {
Colorful.Console.WriteLineStyled(header, onlyKeyStyleSheet); Colorful.Console.WriteLineStyled(header, onlyKeyStyleSheet);
@ -546,7 +547,7 @@ namespace winPEAS
{ {
Beaprint.MainPrint("Ever logged users", "T1087&T1033"); Beaprint.MainPrint("Ever logged users", "T1087&T1033");
List<string> everlogged = UserInfo.GetEverLoggedUsers(); List<string> everlogged = UserInfo.GetEverLoggedUsers();
if (using_ansii) if (using_ansi)
Beaprint.ListPrint(everlogged, colorsU()); Beaprint.ListPrint(everlogged, colorsU());
else else
Beaprint.ListPrint(everlogged, CreateUsersSS()); Beaprint.ListPrint(everlogged, CreateUsersSS());
@ -574,8 +575,8 @@ namespace winPEAS
Beaprint.BadPrint("Some AutoLogon credentials were found!!"); Beaprint.BadPrint("Some AutoLogon credentials were found!!");
ban = true; ban = true;
} }
if (using_ansii) if (using_ansi)
Beaprint.AnsiiPrint(String.Format(" {0,-30}: {1}", entry.Key, entry.Value), colorsU()); Beaprint.AnsiPrint(String.Format(" {0,-30}: {1}", entry.Key, entry.Value), colorsU());
else else
Colorful.Console.WriteLineStyled(String.Format(" {0,-30}: {1}", entry.Key, entry.Value), CreateUsersSS()); Colorful.Console.WriteLineStyled(String.Format(" {0,-30}: {1}", entry.Key, entry.Value), CreateUsersSS());
} }
@ -620,7 +621,7 @@ namespace winPEAS
Beaprint.MainPrint("Password Policies", "T1201"); Beaprint.MainPrint("Password Policies", "T1201");
Beaprint.LinkPrint("", "This is insteresting for brute-force"); Beaprint.LinkPrint("", "This is insteresting for brute-force");
List<Dictionary<string, string>> PPy = UserInfo.GetPasswordPolicy(); List<Dictionary<string, string>> PPy = UserInfo.GetPasswordPolicy();
if (using_ansii) if (using_ansi)
Beaprint.DictPrint(PPy, colorsU(), false); Beaprint.DictPrint(PPy, colorsU(), false);
else else
Beaprint.DictPrint(PPy, CreateUsersSS(), false); Beaprint.DictPrint(PPy, CreateUsersSS(), false);
@ -705,16 +706,16 @@ namespace winPEAS
if (proc_info["CommandLine"].Length > 1) if (proc_info["CommandLine"].Length > 1)
formString += "\n {8}"; formString += "\n {8}";
if (using_ansii) if (using_ansi)
{ {
Dictionary<string, string> colorsP = new Dictionary<string, string>() Dictionary<string, string> colorsP = new Dictionary<string, string>()
{ {
{ currentUserName, ansii_current_user }, { currentUserName, ansi_current_user },
{ "Permissions:.*", ansii_color_bad }, { "Permissions:.*", ansi_color_bad },
{ "Possible DLL Hijacking.*", ansii_color_bad }, { "Possible DLL Hijacking.*", ansi_color_bad },
{ proc_info["ExecutablePath"].Replace("\\", "\\\\").Replace("(", "\\(").Replace(")", "\\)").Replace("]", "\\]").Replace("[", "\\[").Replace("?", "\\?"), (file_rights.Count > 0 || dir_rights.Count > 0) ? ansii_color_bad : ansii_color_good }, { proc_info["ExecutablePath"].Replace("\\", "\\\\").Replace("(", "\\(").Replace(")", "\\)").Replace("]", "\\]").Replace("[", "\\[").Replace("?", "\\?"), (file_rights.Count > 0 || dir_rights.Count > 0) ? ansi_color_bad : ansi_color_good },
}; };
Beaprint.AnsiiPrint(String.Format(formString, proc_info["Name"], proc_info["ProcessID"], proc_info["ExecutablePath"], proc_info["Product"], proc_info["Owner"], proc_info["isDotNet"], String.Join(", ", file_rights), dir_rights.Count > 0 ? Path.GetDirectoryName(proc_info["ExecutablePath"]) : "", String.Join(", ", dir_rights), proc_info["CommandLine"]), colorsP); Beaprint.AnsiPrint(String.Format(formString, proc_info["Name"], proc_info["ProcessID"], proc_info["ExecutablePath"], proc_info["Product"], proc_info["Owner"], proc_info["isDotNet"], String.Join(", ", file_rights), dir_rights.Count > 0 ? Path.GetDirectoryName(proc_info["ExecutablePath"]) : "", String.Join(", ", dir_rights), proc_info["CommandLine"]), colorsP);
} }
else else
{ {
@ -799,17 +800,17 @@ namespace winPEAS
if (service_info["Description"].Length > 1) if (service_info["Description"].Length > 1)
formString += "\n {10}"; formString += "\n {10}";
if (using_ansii) if (using_ansi)
{ {
Dictionary<string, string> colorsS = new Dictionary<string, string>() Dictionary<string, string> colorsS = new Dictionary<string, string>()
{ {
{ "File Permissions:.*", ansii_color_bad }, { "File Permissions:.*", ansi_color_bad },
{ "Possible DLL Hijacking.*", ansii_color_bad }, { "Possible DLL Hijacking.*", ansi_color_bad },
{ "No quotes and Space detected", ansii_color_bad }, { "No quotes and Space detected", ansi_color_bad },
{ service_info["PathName"].Replace("\\", "\\\\").Replace("(", "\\(").Replace(")", "\\)").Replace("]", "\\]").Replace("[", "\\[").Replace("?", "\\?"), (file_rights.Count > 0 || dir_rights.Count > 0 || no_quotes_and_space) ? ansii_color_bad : ansii_color_good }, { service_info["PathName"].Replace("\\", "\\\\").Replace("(", "\\(").Replace(")", "\\)").Replace("]", "\\]").Replace("[", "\\[").Replace("?", "\\?"), (file_rights.Count > 0 || dir_rights.Count > 0 || no_quotes_and_space) ? ansi_color_bad : ansi_color_good },
{ service_info["StartMode"].Replace("\\", "\\\\").Replace("(", "\\(").Replace(")", "\\)").Replace("]", "\\]").Replace("[", "\\[").Replace("?", "\\?"), (service_info["StartMode"].ToLower() == "auto") ? ansii_color_bad : ansii_color_good }, { service_info["StartMode"].Replace("\\", "\\\\").Replace("(", "\\(").Replace(")", "\\)").Replace("]", "\\]").Replace("[", "\\[").Replace("?", "\\?"), (service_info["StartMode"].ToLower() == "auto") ? ansi_color_bad : ansi_color_good },
}; };
Beaprint.AnsiiPrint(String.Format(formString, service_info["Name"], service_info["CompanyName"], service_info["DisplayName"], service_info["PathName"], service_info["StartMode"], service_info["State"], service_info["isDotNet"], "No quotes and Space detected", String.Join(", ", file_rights), dir_rights.Count > 0 ? Path.GetDirectoryName(service_info["FilteredPath"]) : "", String.Join(", ", dir_rights), service_info["Description"]), colorsS); Beaprint.AnsiPrint(String.Format(formString, service_info["Name"], service_info["CompanyName"], service_info["DisplayName"], service_info["PathName"], service_info["StartMode"], service_info["State"], service_info["isDotNet"], "No quotes and Space detected", String.Join(", ", file_rights), dir_rights.Count > 0 ? Path.GetDirectoryName(service_info["FilteredPath"]) : "", String.Join(", ", dir_rights), service_info["Description"]), colorsS);
} }
else else
{ {
@ -958,11 +959,11 @@ namespace winPEAS
Colorful.Console.WriteLine(); Colorful.Console.WriteLine();
Beaprint.MainPrint("Installed Applications --Via Registry--", "T1083&T1012&T1010"); Beaprint.MainPrint("Installed Applications --Via Registry--", "T1083&T1012&T1010");
if (using_ansii) if (using_ansi)
{ {
Dictionary<string, string> colorsA = new Dictionary<string, string>() Dictionary<string, string> colorsA = new Dictionary<string, string>()
{ {
{ goodSoft, ansii_color_good } { goodSoft, ansi_color_good }
}; };
Beaprint.ListPrint(ApplicationInfo.GetAppsRegistry(), colorsA); Beaprint.ListPrint(ApplicationInfo.GetAppsRegistry(), colorsA);
} }
@ -991,13 +992,13 @@ namespace winPEAS
{ {
Dictionary<string, string> colorsA = new Dictionary<string, string>() Dictionary<string, string> colorsA = new Dictionary<string, string>()
{ {
{ "FolderPerms:.*", ansii_color_bad }, { "FolderPerms:.*", ansi_color_bad },
{ "FilePerms:.*", ansii_color_bad }, { "FilePerms:.*", ansi_color_bad },
{ "(Unquoted and Space detected)", ansii_color_bad }, { "(Unquoted and Space detected)", ansi_color_bad },
{ "(RegPath is writable)", ansii_color_bad }, { "(RegPath is writable)", ansi_color_bad },
{ (app["Folder"].Length > 0) ? app["Folder"].Replace("\\", "\\\\").Replace("(", "\\(").Replace(")", "\\)").Replace("]", "\\]").Replace("[", "\\[").Replace("?", "\\?") : "ouigyevb2uivydi2u3id2ddf3", !String.IsNullOrEmpty(app["interestingFolderRights"]) ? ansii_color_bad : ansii_color_good }, { (app["Folder"].Length > 0) ? app["Folder"].Replace("\\", "\\\\").Replace("(", "\\(").Replace(")", "\\)").Replace("]", "\\]").Replace("[", "\\[").Replace("?", "\\?") : "ouigyevb2uivydi2u3id2ddf3", !String.IsNullOrEmpty(app["interestingFolderRights"]) ? ansi_color_bad : ansi_color_good },
{ (app["File"].Length > 0) ? app["File"].Replace("\\", "\\\\").Replace("(", "\\(").Replace(")", "\\)").Replace("]", "\\]").Replace("[", "\\[").Replace("?", "\\?") : "adu8v298hfubibuidiy2422r", !String.IsNullOrEmpty(app["interestingFileRights"]) ? ansii_color_bad : ansii_color_good }, { (app["File"].Length > 0) ? app["File"].Replace("\\", "\\\\").Replace("(", "\\(").Replace(")", "\\)").Replace("]", "\\]").Replace("[", "\\[").Replace("?", "\\?") : "adu8v298hfubibuidiy2422r", !String.IsNullOrEmpty(app["interestingFileRights"]) ? ansi_color_bad : ansi_color_good },
{ (app["Reg"].Length > 0) ? app["Reg"].Replace("\\", "\\\\").Replace("(", "\\(").Replace(")", "\\)").Replace("]", "\\]").Replace("[", "\\[").Replace("?", "\\?") : "o8a7eduia37ibduaunbf7a4g7ukdhk4ua", (app["isWritableReg"].ToLower() == "true") ? ansii_color_bad : ansii_color_good }, { (app["Reg"].Length > 0) ? app["Reg"].Replace("\\", "\\\\").Replace("(", "\\(").Replace(")", "\\)").Replace("]", "\\]").Replace("[", "\\[").Replace("?", "\\?") : "o8a7eduia37ibduaunbf7a4g7ukdhk4ua", (app["isWritableReg"].ToLower() == "true") ? ansi_color_bad : ansi_color_good },
}; };
StyleSheet styleSheetAA = new StyleSheet(color_default); StyleSheet styleSheetAA = new StyleSheet(color_default);
styleSheetAA.AddStyle("FolderPerms", color_bad); styleSheetAA.AddStyle("FolderPerms", color_bad);
@ -1015,10 +1016,10 @@ namespace winPEAS
if (!String.IsNullOrEmpty(app["Folder"])) if (!String.IsNullOrEmpty(app["Folder"]))
styleSheetAA.AddStyle(app["Folder"].Replace("\\", "\\\\").Replace("(", "\\(").Replace(")", "\\)"), color_good); styleSheetAA.AddStyle(app["Folder"].Replace("\\", "\\\\").Replace("(", "\\(").Replace(")", "\\)"), color_good);
} }
if (using_ansii) if (using_ansi)
{ {
Beaprint.AnsiiPrint(string1, colorsA); Beaprint.AnsiPrint(string1, colorsA);
Beaprint.AnsiiPrint(string2, colorsA); Beaprint.AnsiPrint(string2, colorsA);
} }
else else
{ {
@ -1074,10 +1075,10 @@ namespace winPEAS
styleSheetAA.AddStyle(app["Reg"].Replace("\\", "\\\\").Replace("(", "\\(").Replace(")", "\\)"), color_good); styleSheetAA.AddStyle(app["Reg"].Replace("\\", "\\\\").Replace("(", "\\(").Replace(")", "\\)"), color_good);
} }
if (using_ansii) if (using_ansi)
{ {
Beaprint.AnsiiPrint(string1, colorsA); Beaprint.AnsiPrint(string1, colorsA);
Beaprint.AnsiiPrint(string2, colorsA); Beaprint.AnsiPrint(string2, colorsA);
} }
else else
{ {
@ -1116,14 +1117,14 @@ namespace winPEAS
if (String.IsNullOrEmpty(sapp["Description"])) if (String.IsNullOrEmpty(sapp["Description"]))
formString += "\n {6}"; formString += "\n {6}";
if (using_ansii) if (using_ansi)
{ {
Dictionary<string, string> colorsS = new Dictionary<string, string>() Dictionary<string, string> colorsS = new Dictionary<string, string>()
{ {
{ "Permissions.*", ansii_color_bad }, { "Permissions.*", ansi_color_bad },
{ sapp["Action"].Replace("\\", "\\\\").Replace("(", "\\(").Replace(")", "\\)").Replace("]", "\\]").Replace("[", "\\[").Replace("?", "\\?"), (file_rights.Count > 0 || dir_rights.Count > 0) ? ansii_color_bad : ansii_color_good }, { sapp["Action"].Replace("\\", "\\\\").Replace("(", "\\(").Replace(")", "\\)").Replace("]", "\\]").Replace("[", "\\[").Replace("?", "\\?"), (file_rights.Count > 0 || dir_rights.Count > 0) ? ansi_color_bad : ansi_color_good },
}; };
Beaprint.AnsiiPrint(String.Format(formString, sapp["Author"], sapp["Name"], sapp["Action"], String.Join(", ", file_rights), String.Join(", ", dir_rights), sapp["Trigger"], sapp["Description"]), colorsS); Beaprint.AnsiPrint(String.Format(formString, sapp["Author"], sapp["Name"], sapp["Action"], String.Join(", ", file_rights), String.Join(", ", dir_rights), sapp["Trigger"], sapp["Description"]), colorsS);
} }
else else
{ {
@ -1168,11 +1169,11 @@ namespace winPEAS
try try
{ {
Beaprint.MainPrint("Network Shares", "T1135"); Beaprint.MainPrint("Network Shares", "T1135");
if (using_ansii) if (using_ansi)
{ {
Dictionary<string, string> colorsN = new Dictionary<string, string>() Dictionary<string, string> colorsN = new Dictionary<string, string>()
{ {
{ badShares, ansii_color_bad }, { badShares, ansi_color_bad },
}; };
Beaprint.ListPrint(NetworkInfo.GetNetworkShares("127.0.0.1"), colorsN); Beaprint.ListPrint(NetworkInfo.GetNetworkShares("127.0.0.1"), colorsN);
} }
@ -1222,7 +1223,7 @@ namespace winPEAS
if (card["arp"].Length > 1) if (card["arp"].Length > 1)
formString += "\n\tKnown hosts:\n{6}"; formString += "\n\tKnown hosts:\n{6}";
if (using_ansii) if (using_ansi)
{ {
System.Console.WriteLine(String.Format(formString, card["Name"], card["PysicalAddr"], card["IPs"], card["Netmasks"].Replace(", 0.0.0.0", ""), card["Gateways"], card["DNSs"], card["arp"])); System.Console.WriteLine(String.Format(formString, card["Name"], card["PysicalAddr"], card["IPs"], card["Netmasks"].Replace(", 0.0.0.0", ""), card["Gateways"], card["DNSs"], card["arp"]));
} }
@ -1256,14 +1257,14 @@ namespace winPEAS
Beaprint.LinkPrint("", "Check for services restricted from the outside"); Beaprint.LinkPrint("", "Check for services restricted from the outside");
List<List<string>> conns = NetworkInfo.GetNetConnections(); List<List<string>> conns = NetworkInfo.GetNetConnections();
if (using_ansii) if (using_ansi)
{ {
Dictionary<string, string> colorsN = new Dictionary<string, string>() Dictionary<string, string> colorsN = new Dictionary<string, string>()
{ {
{ badIps, ansii_color_bad }, { badIps, ansi_color_bad },
}; };
foreach (List<string> conn in conns) foreach (List<string> conn in conns)
Beaprint.AnsiiPrint(String.Format(" {0,-10}{1,-23}{2,-23}{3}", conn[0], conn[1], conn[2], conn[3]), colorsN); Beaprint.AnsiPrint(String.Format(" {0,-10}{1,-23}{2,-23}{3}", conn[0], conn[1], conn[2], conn[3]), colorsN);
} }
else else
{ {
@ -1305,15 +1306,15 @@ namespace winPEAS
formString += "\n Folder Permissions: {9}"; formString += "\n Folder Permissions: {9}";
formString += "\n {10}"; formString += "\n {10}";
if (using_ansii) { if (using_ansi) {
Dictionary<string, string> colorsN = new Dictionary<string, string>() Dictionary<string, string> colorsN = new Dictionary<string, string>()
{ {
{ strFalse, ansii_color_bad }, { strFalse, ansi_color_bad },
{ strTrue, ansii_color_good }, { strTrue, ansi_color_good },
{ "File Permissions.*|Folder Permissions.*", ansii_color_bad }, { "File Permissions.*|Folder Permissions.*", ansi_color_bad },
{ rule["AppName"].Replace("\\", "\\\\").Replace("(", "\\(").Replace(")", "\\)").Replace("]", "\\]").Replace("[", "\\[").Replace("?", "\\?"), (file_perms.Length > 0 || folder_perms.Length > 0) ? ansii_color_bad : ansii_color_good }, { rule["AppName"].Replace("\\", "\\\\").Replace("(", "\\(").Replace(")", "\\)").Replace("]", "\\]").Replace("[", "\\[").Replace("?", "\\?"), (file_perms.Length > 0 || folder_perms.Length > 0) ? ansi_color_bad : ansi_color_good },
}; };
Beaprint.AnsiiPrint(String.Format(formString, rule["Profiles"], rule["Name"], rule["AppName"], rule["Action"], rule["Protocol"], rule["Direction"], rule["Direction"] == "IN" ? rule["Local"] : rule["Remote"], rule["Direction"] == "IN" ? rule["Remote"] : rule["Local"], file_perms, folder_perms, rule["Description"]), colorsN); Beaprint.AnsiPrint(String.Format(formString, rule["Profiles"], rule["Name"], rule["AppName"], rule["Action"], rule["Protocol"], rule["Direction"], rule["Direction"] == "IN" ? rule["Local"] : rule["Remote"], rule["Direction"] == "IN" ? rule["Remote"] : rule["Local"], file_perms, folder_perms, rule["Description"]), colorsN);
} }
else else
{ {
@ -1382,11 +1383,11 @@ namespace winPEAS
Beaprint.LinkPrint("https://book.hacktricks.xyz/windows/windows-local-privilege-escalation#credentials-manager-windows-vault"); Beaprint.LinkPrint("https://book.hacktricks.xyz/windows/windows-local-privilege-escalation#credentials-manager-windows-vault");
List<Dictionary<string, string>> vault_creds = KnownFileCredsInfo.DumpVault(); List<Dictionary<string, string>> vault_creds = KnownFileCredsInfo.DumpVault();
if (using_ansii) if (using_ansi)
{ {
Dictionary<string, string> colorsC = new Dictionary<string, string>() Dictionary<string, string> colorsC = new Dictionary<string, string>()
{ {
{ "Identity.*|Credential.*", ansii_color_bad }, { "Identity.*|Credential.*", ansi_color_bad },
}; };
Beaprint.DictPrint(vault_creds, colorsC, true); Beaprint.DictPrint(vault_creds, colorsC, true);
} }
@ -1413,13 +1414,13 @@ namespace winPEAS
Beaprint.LinkPrint("https://book.hacktricks.xyz/windows/windows-local-privilege-escalation#credentials-manager-windows-vault"); Beaprint.LinkPrint("https://book.hacktricks.xyz/windows/windows-local-privilege-escalation#credentials-manager-windows-vault");
if (exec_cmd) if (exec_cmd)
{ {
if (using_ansii) if (using_ansi)
{ {
Dictionary<string, string> colorsC = new Dictionary<string, string>() Dictionary<string, string> colorsC = new Dictionary<string, string>()
{ {
{ "User:.*", ansii_color_bad }, { "User:.*", ansi_color_bad },
}; };
Beaprint.AnsiiPrint(MyUtils.ExecCMD("cmdkey /list"), colorsC); Beaprint.AnsiPrint(MyUtils.ExecCMD("cmdkey /list"), colorsC);
} }
else else
{ {
@ -1580,13 +1581,13 @@ namespace winPEAS
Beaprint.MainPrint("Looking saved Wifis", ""); Beaprint.MainPrint("Looking saved Wifis", "");
if (exec_cmd) if (exec_cmd)
{ {
if (using_ansii) if (using_ansi)
{ {
Dictionary<string, string> colorsC = new Dictionary<string, string>() Dictionary<string, string> colorsC = new Dictionary<string, string>()
{ {
{ ": .*", ansii_color_bad }, { ": .*", ansi_color_bad },
}; };
Beaprint.AnsiiPrint(" " + MyUtils.ExecCMD("netsh wlan show profile"), colorsC); Beaprint.AnsiPrint(" " + MyUtils.ExecCMD("netsh wlan show profile"), colorsC);
} }
else else
{ {
@ -1757,16 +1758,16 @@ namespace winPEAS
List<string> firefoxHist = KnownFileCredsInfo.GetFirefoxHistory(); List<string> firefoxHist = KnownFileCredsInfo.GetFirefoxHistory();
if (firefoxHist.Count > 0) if (firefoxHist.Count > 0)
{ {
if (using_ansii) if (using_ansi)
{ {
Dictionary<string, string> colorsB = new Dictionary<string, string>() Dictionary<string, string> colorsB = new Dictionary<string, string>()
{ {
{ print_credStrings, ansii_color_bad }, { print_credStrings, ansi_color_bad },
}; };
foreach (string url in firefoxHist) foreach (string url in firefoxHist)
{ {
if (MyUtils.ContainsAnyRegex(url.ToUpper(), credStringsRegex)) if (MyUtils.ContainsAnyRegex(url.ToUpper(), credStringsRegex))
Beaprint.AnsiiPrint(" " + url, colorsB); Beaprint.AnsiPrint(" " + url, colorsB);
} }
} }
else else
@ -1831,16 +1832,16 @@ namespace winPEAS
if (history.Count > 0) if (history.Count > 0)
{ {
if (using_ansii) if (using_ansi)
{ {
Dictionary<string, string> colorsB = new Dictionary<string, string>() Dictionary<string, string> colorsB = new Dictionary<string, string>()
{ {
{ print_credStrings, ansii_color_bad }, { print_credStrings, ansi_color_bad },
}; };
foreach (string url in history) foreach (string url in history)
{ {
if (MyUtils.ContainsAnyRegex(url.ToUpper(), credStringsRegex)) if (MyUtils.ContainsAnyRegex(url.ToUpper(), credStringsRegex))
Beaprint.AnsiiPrint(" " + url, colorsB); Beaprint.AnsiPrint(" " + url, colorsB);
} }
} }
else else
@ -1877,11 +1878,11 @@ namespace winPEAS
Beaprint.LinkPrint("https://book.hacktricks.xyz/windows/windows-local-privilege-escalation#browsers-history"); Beaprint.LinkPrint("https://book.hacktricks.xyz/windows/windows-local-privilege-escalation#browsers-history");
List<string> urls = KnownFileCredsInfo.GetCurrentIETabs(); List<string> urls = KnownFileCredsInfo.GetCurrentIETabs();
if (using_ansii) if (using_ansi)
{ {
Dictionary<string, string> colorsB = new Dictionary<string, string>() Dictionary<string, string> colorsB = new Dictionary<string, string>()
{ {
{ print_credStrings, ansii_color_bad }, { print_credStrings, ansi_color_bad },
}; };
Beaprint.ListPrint(urls, colorsB); Beaprint.ListPrint(urls, colorsB);
} }
@ -1910,16 +1911,16 @@ namespace winPEAS
if (history.Count > 0) if (history.Count > 0)
{ {
if (using_ansii) if (using_ansi)
{ {
Dictionary<string, string> colorsB = new Dictionary<string, string>() Dictionary<string, string> colorsB = new Dictionary<string, string>()
{ {
{ print_credStrings, ansii_color_bad }, { print_credStrings, ansi_color_bad },
}; };
foreach (string url in history) foreach (string url in history)
{ {
if (MyUtils.ContainsAnyRegex(url.ToUpper(), credStringsRegex)) if (MyUtils.ContainsAnyRegex(url.ToUpper(), credStringsRegex))
Beaprint.AnsiiPrint(" " + url, colorsB); Beaprint.AnsiPrint(" " + url, colorsB);
} }
} }
else else
@ -1967,11 +1968,11 @@ namespace winPEAS
Beaprint.MainPrint("Putty Sessions", ""); Beaprint.MainPrint("Putty Sessions", "");
List<Dictionary<string, string>> putty_sess = KnownFileCredsInfo.GetPuttySessions(); List<Dictionary<string, string>> putty_sess = KnownFileCredsInfo.GetPuttySessions();
if (using_ansii) if (using_ansi)
{ {
Dictionary<string, string> colorF = new Dictionary<string, string>() Dictionary<string, string> colorF = new Dictionary<string, string>()
{ {
{ "ProxyPassword.*", ansii_color_bad }, { "ProxyPassword.*", ansi_color_bad },
}; };
Beaprint.DictPrint(putty_sess, colorF, true); Beaprint.DictPrint(putty_sess, colorF, true);
} }
@ -2071,7 +2072,7 @@ namespace winPEAS
styleSheetPCF.AddStyle(pattern_color, color_bad); styleSheetPCF.AddStyle(pattern_color, color_bad);
Dictionary<string, string> colorF = new Dictionary<string, string>() Dictionary<string, string> colorF = new Dictionary<string, string>()
{ {
{ pattern_color, ansii_color_bad }, { pattern_color, ansi_color_bad },
}; };
Beaprint.MainPrint("Looking for possible password files in users homes", "T1083&T1081"); Beaprint.MainPrint("Looking for possible password files in users homes", "T1083&T1081");
@ -2082,8 +2083,8 @@ namespace winPEAS
{ {
if (!Path.GetFileName(file_path).Contains(".")) if (!Path.GetFileName(file_path).Contains("."))
{ {
if (using_ansii) if (using_ansi)
Beaprint.AnsiiPrint(" " + file_path, colorF); Beaprint.AnsiPrint(" " + file_path, colorF);
else else
Colorful.Console.WriteLineStyled(" " + file_path, styleSheetPCF); Colorful.Console.WriteLineStyled(" " + file_path, styleSheetPCF);
} }
@ -2093,8 +2094,8 @@ namespace winPEAS
{ {
if (file_path.Contains(ext)) if (file_path.Contains(ext))
{ {
if (using_ansii) if (using_ansi)
Beaprint.AnsiiPrint(" " + file_path, colorF); Beaprint.AnsiPrint(" " + file_path, colorF);
else else
Colorful.Console.WriteLineStyled(" " + file_path, styleSheetPCF); Colorful.Console.WriteLineStyled(" " + file_path, styleSheetPCF);
} }
@ -2117,7 +2118,7 @@ namespace winPEAS
string pattern_bin = patterns_file_creds + ";*password*;*credential*"; string pattern_bin = patterns_file_creds + ";*password*;*credential*";
Dictionary<string, string> colorF = new Dictionary<string, string>() Dictionary<string, string> colorF = new Dictionary<string, string>()
{ {
{ patterns_file_creds + "|.*password.*|.*credential.*", ansii_color_bad }, { patterns_file_creds + "|.*password.*|.*credential.*", ansi_color_bad },
}; };
Beaprint.MainPrint("Looking inside the Recycle Bin for creds files", "T1083&T1081&T1145"); Beaprint.MainPrint("Looking inside the Recycle Bin for creds files", "T1083&T1081&T1145");
@ -2129,7 +2130,7 @@ namespace winPEAS
{ {
if (Regex.Match(rec_file["Name"], pattern.Replace("*", ".*"), RegexOptions.IgnoreCase).Success) if (Regex.Match(rec_file["Name"], pattern.Replace("*", ".*"), RegexOptions.IgnoreCase).Success)
{ {
if (using_ansii) if (using_ansi)
Beaprint.DictPrint(rec_file, colorF, true); Beaprint.DictPrint(rec_file, colorF, true);
else else
Beaprint.DictPrint(rec_file, styleSheetRB, true); Beaprint.DictPrint(rec_file, styleSheetRB, true);
@ -2154,7 +2155,7 @@ namespace winPEAS
styleSheetPCF.AddStyle(patterns_file_creds_color, color_bad); styleSheetPCF.AddStyle(patterns_file_creds_color, color_bad);
Dictionary<string, string> colorF = new Dictionary<string, string>() Dictionary<string, string> colorF = new Dictionary<string, string>()
{ {
{ patterns_file_creds_color, ansii_color_bad }, { patterns_file_creds_color, ansi_color_bad },
}; };
Beaprint.MainPrint("Looking for possible known files that can contain creds", "T1083&T1081"); Beaprint.MainPrint("Looking for possible known files that can contain creds", "T1083&T1081");
@ -2253,8 +2254,11 @@ namespace winPEAS
if (string.Equals(arg, "cmd", StringComparison.CurrentCultureIgnoreCase)) if (string.Equals(arg, "cmd", StringComparison.CurrentCultureIgnoreCase))
exec_cmd = true; exec_cmd = true;
if (string.Equals(arg, "ansii", StringComparison.CurrentCultureIgnoreCase)) if (string.Equals(arg, "ansi", StringComparison.CurrentCultureIgnoreCase))
using_ansii = true; using_ansi = true;
if (string.Equals(arg, "quiet", StringComparison.CurrentCultureIgnoreCase))
banner = false;
if (string.Equals(arg, "help", StringComparison.CurrentCultureIgnoreCase)) if (string.Equals(arg, "help", StringComparison.CurrentCultureIgnoreCase))
{ {

6
winPEAS/winPEASexe/winPEAS/Watson.cs
View File

@ -110,9 +110,9 @@ namespace winPEAS
if (_vulnerabilities.Any(e => e.Vulnerable)) if (_vulnerabilities.Any(e => e.Vulnerable))
{ {
if (Program.using_ansii) if (Program.using_ansi)
{ {
System.Console.WriteLine(Beaprint.GRAY + " Finished. Found " + Beaprint.ansii_color_bad + _vulnerabilities.Count(i => i.Vulnerable) + Beaprint.GRAY + " potential vulnerabilities." + Beaprint.NOCOLOR); System.Console.WriteLine(Beaprint.GRAY + " Finished. Found " + Beaprint.ansi_color_bad + _vulnerabilities.Count(i => i.Vulnerable) + Beaprint.GRAY + " potential vulnerabilities." + Beaprint.NOCOLOR);
} }
else else
{ {
@ -722,7 +722,7 @@ namespace winPEAS
{ {
public static void FindVulns() public static void FindVulns()
{ {
if (Program.using_ansii) if (Program.using_ansi)
{ {
System.Console.WriteLine(Beaprint.YELLOW + " [?] " + Beaprint.LBLUE + "Windows vulns search powered by" + Beaprint.LRED + "Watson" + Beaprint.LBLUE + "(https://github.com/rasta-mouse/Watson)" + Beaprint.NOCOLOR); System.Console.WriteLine(Beaprint.YELLOW + " [?] " + Beaprint.LBLUE + "Windows vulns search powered by" + Beaprint.LRED + "Watson" + Beaprint.LBLUE + "(https://github.com/rasta-mouse/Watson)" + Beaprint.NOCOLOR);
} }

7584
winPEAS/winPEASexe/winPEAS/bin/Debug/Microsoft.Win32.TaskScheduler.xml
View File

File diff suppressed because it is too large Load Diff

BIN
winPEAS/winPEASexe/winPEAS/bin/Debug/winPEAS.exe
View File

Binary file not shown.

6
winPEAS/winPEASexe/winPEAS/bin/Debug/winPEAS.exe.config
View File

@ -1,6 +0,0 @@
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<startup>
<supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.0"/>
</startup>
</configuration>

BIN
winPEAS/winPEASexe/winPEAS/bin/Debug/winPEAS.pdb
View File

Binary file not shown.

BIN
winPEAS/winPEASexe/winPEAS/bin/Release/winPEAS.exe
View File

Binary file not shown.

BIN
winPEAS/winPEASexe/winPEAS/bin/Release/winPEAS.pdb
View File

Binary file not shown.

BIN
winPEAS/winPEASexe/winPEAS/bin/x64/Release/winPEAS.exe
View File

Binary file not shown.

BIN
winPEAS/winPEASexe/winPEAS/bin/x64/Release/winPEAS.pdb
View File

Binary file not shown.

BIN
winPEAS/winPEASexe/winPEAS/bin/x86/Release/winPEAS.exe
View File

Binary file not shown.

BIN
winPEAS/winPEASexe/winPEAS/bin/x86/Release/winPEAS.pdb
View File

Binary file not shown.

BIN
winPEAS/winPEASexe/winPEAS/obj/Debug/DesignTimeResolveAssemblyReferencesInput.cache Executable file
View File

Binary file not shown.

BIN
winPEAS/winPEASexe/winPEAS/obj/Debug/winPEAS.csprojAssemblyReference.cache Executable file
View File

Binary file not shown.

9
winPEAS/winPEASexe/winPEAS/obj/Release/winPEAS.csproj.FileListAbsolute.txt
View File

@ -30,3 +30,12 @@ C:\Users\carlos\source\repos\PEASS\winPEAS\winPEASexe\winPEAS\obj\Release\winPEA
C:\Users\carlos\source\repos\PEASS\winPEAS\winPEASexe\winPEAS\obj\Release\winPEAS.csproj.CopyComplete C:\Users\carlos\source\repos\PEASS\winPEAS\winPEASexe\winPEAS\obj\Release\winPEAS.csproj.CopyComplete
C:\Users\carlos\source\repos\PEASS\winPEAS\winPEASexe\winPEAS\obj\Release\winPEAS.exe C:\Users\carlos\source\repos\PEASS\winPEAS\winPEASexe\winPEAS\obj\Release\winPEAS.exe
C:\Users\carlos\source\repos\PEASS\winPEAS\winPEASexe\winPEAS\obj\Release\winPEAS.pdb C:\Users\carlos\source\repos\PEASS\winPEAS\winPEASexe\winPEAS\obj\Release\winPEAS.pdb
D:\shared\privilege-escalation-awesome-script-suite\winPEAS\winPEASexe\winPEAS\bin\Release\winPEAS.exe.config
D:\shared\privilege-escalation-awesome-script-suite\winPEAS\winPEASexe\winPEAS\bin\Release\winPEAS.exe
D:\shared\privilege-escalation-awesome-script-suite\winPEAS\winPEASexe\winPEAS\bin\Release\winPEAS.pdb
D:\shared\privilege-escalation-awesome-script-suite\winPEAS\winPEASexe\winPEAS\bin\Release\Microsoft.Win32.TaskScheduler.xml
D:\shared\privilege-escalation-awesome-script-suite\winPEAS\winPEASexe\winPEAS\obj\Release\winPEAS.csprojAssemblyReference.cache
D:\shared\privilege-escalation-awesome-script-suite\winPEAS\winPEASexe\winPEAS\obj\Release\winPEAS.csproj.Fody.CopyLocal.cache
D:\shared\privilege-escalation-awesome-script-suite\winPEAS\winPEASexe\winPEAS\obj\Release\winPEAS.csproj.CopyComplete
D:\shared\privilege-escalation-awesome-script-suite\winPEAS\winPEASexe\winPEAS\obj\Release\winPEAS.exe
D:\shared\privilege-escalation-awesome-script-suite\winPEAS\winPEASexe\winPEAS\obj\Release\winPEAS.pdb

2
winPEAS/winPEASexe/winPEAS/obj/Release/winPEAS.csproj.Fody.CopyLocal.cache
View File

@ -1 +1 @@
C:\Users\carlos\source\repos\PEASS\winPEAS\winPEASexe\packages\TaskScheduler.2.8.16\lib\net40\Microsoft.Win32.TaskScheduler.xml D:\shared\privilege-escalation-awesome-script-suite\winPEAS\winPEASexe\packages\TaskScheduler.2.8.16\lib\net40\Microsoft.Win32.TaskScheduler.xml

BIN
winPEAS/winPEASexe/winPEAS/obj/Release/winPEAS.csprojAssemblyReference.cache Executable file
View File

Binary file not shown.

BIN
winPEAS/winPEASexe/winPEAS/obj/Release/winPEAS.exe
View File

Binary file not shown.

BIN
winPEAS/winPEASexe/winPEAS/obj/Release/winPEAS.pdb
View File

Binary file not shown.

8
winPEAS/winPEASexe/winPEAS/obj/x64/Release/winPEAS.csproj.FileListAbsolute.txt
View File

@ -6,3 +6,11 @@ C:\Users\carlos\source\repos\PEASS\winPEAS\winPEASexe\winPEAS\obj\x64\Release\wi
C:\Users\carlos\source\repos\PEASS\winPEAS\winPEASexe\winPEAS\obj\x64\Release\winPEAS.csproj.CopyComplete C:\Users\carlos\source\repos\PEASS\winPEAS\winPEASexe\winPEAS\obj\x64\Release\winPEAS.csproj.CopyComplete
C:\Users\carlos\source\repos\PEASS\winPEAS\winPEASexe\winPEAS\obj\x64\Release\winPEAS.exe C:\Users\carlos\source\repos\PEASS\winPEAS\winPEASexe\winPEAS\obj\x64\Release\winPEAS.exe
C:\Users\carlos\source\repos\PEASS\winPEAS\winPEASexe\winPEAS\obj\x64\Release\winPEAS.pdb C:\Users\carlos\source\repos\PEASS\winPEAS\winPEASexe\winPEAS\obj\x64\Release\winPEAS.pdb
D:\shared\privilege-escalation-awesome-script-suite\winPEAS\winPEASexe\winPEAS\bin\x64\Release\winPEAS.exe.config
D:\shared\privilege-escalation-awesome-script-suite\winPEAS\winPEASexe\winPEAS\bin\x64\Release\winPEAS.exe
D:\shared\privilege-escalation-awesome-script-suite\winPEAS\winPEASexe\winPEAS\bin\x64\Release\winPEAS.pdb
D:\shared\privilege-escalation-awesome-script-suite\winPEAS\winPEASexe\winPEAS\bin\x64\Release\Microsoft.Win32.TaskScheduler.xml
D:\shared\privilege-escalation-awesome-script-suite\winPEAS\winPEASexe\winPEAS\obj\x64\Release\winPEAS.csproj.Fody.CopyLocal.cache
D:\shared\privilege-escalation-awesome-script-suite\winPEAS\winPEASexe\winPEAS\obj\x64\Release\winPEAS.csproj.CopyComplete
D:\shared\privilege-escalation-awesome-script-suite\winPEAS\winPEASexe\winPEAS\obj\x64\Release\winPEAS.exe
D:\shared\privilege-escalation-awesome-script-suite\winPEAS\winPEASexe\winPEAS\obj\x64\Release\winPEAS.pdb

2
winPEAS/winPEASexe/winPEAS/obj/x64/Release/winPEAS.csproj.Fody.CopyLocal.cache
View File

@ -1 +1 @@
C:\Users\carlos\source\repos\PEASS\winPEAS\winPEASexe\packages\TaskScheduler.2.8.16\lib\net40\Microsoft.Win32.TaskScheduler.xml D:\shared\privilege-escalation-awesome-script-suite\winPEAS\winPEASexe\packages\TaskScheduler.2.8.16\lib\net40\Microsoft.Win32.TaskScheduler.xml

BIN
winPEAS/winPEASexe/winPEAS/obj/x64/Release/winPEAS.exe
View File

Binary file not shown.

BIN
winPEAS/winPEASexe/winPEAS/obj/x64/Release/winPEAS.pdb
View File

Binary file not shown.

8
winPEAS/winPEASexe/winPEAS/obj/x86/Release/winPEAS.csproj.FileListAbsolute.txt
View File

@ -6,3 +6,11 @@ C:\Users\carlos\source\repos\PEASS\winPEAS\winPEASexe\winPEAS\obj\x86\Release\wi
C:\Users\carlos\source\repos\PEASS\winPEAS\winPEASexe\winPEAS\obj\x86\Release\winPEAS.csproj.CopyComplete C:\Users\carlos\source\repos\PEASS\winPEAS\winPEASexe\winPEAS\obj\x86\Release\winPEAS.csproj.CopyComplete
C:\Users\carlos\source\repos\PEASS\winPEAS\winPEASexe\winPEAS\obj\x86\Release\winPEAS.exe C:\Users\carlos\source\repos\PEASS\winPEAS\winPEASexe\winPEAS\obj\x86\Release\winPEAS.exe
C:\Users\carlos\source\repos\PEASS\winPEAS\winPEASexe\winPEAS\obj\x86\Release\winPEAS.pdb C:\Users\carlos\source\repos\PEASS\winPEAS\winPEASexe\winPEAS\obj\x86\Release\winPEAS.pdb
D:\shared\privilege-escalation-awesome-script-suite\winPEAS\winPEASexe\winPEAS\bin\x86\Release\winPEAS.exe.config
D:\shared\privilege-escalation-awesome-script-suite\winPEAS\winPEASexe\winPEAS\bin\x86\Release\winPEAS.exe
D:\shared\privilege-escalation-awesome-script-suite\winPEAS\winPEASexe\winPEAS\bin\x86\Release\winPEAS.pdb
D:\shared\privilege-escalation-awesome-script-suite\winPEAS\winPEASexe\winPEAS\bin\x86\Release\Microsoft.Win32.TaskScheduler.xml
D:\shared\privilege-escalation-awesome-script-suite\winPEAS\winPEASexe\winPEAS\obj\x86\Release\winPEAS.csproj.Fody.CopyLocal.cache
D:\shared\privilege-escalation-awesome-script-suite\winPEAS\winPEASexe\winPEAS\obj\x86\Release\winPEAS.csproj.CopyComplete
D:\shared\privilege-escalation-awesome-script-suite\winPEAS\winPEASexe\winPEAS\obj\x86\Release\winPEAS.exe
D:\shared\privilege-escalation-awesome-script-suite\winPEAS\winPEASexe\winPEAS\obj\x86\Release\winPEAS.pdb

2
winPEAS/winPEASexe/winPEAS/obj/x86/Release/winPEAS.csproj.Fody.CopyLocal.cache
View File

@ -1 +1 @@
C:\Users\carlos\source\repos\PEASS\winPEAS\winPEASexe\packages\TaskScheduler.2.8.16\lib\net40\Microsoft.Win32.TaskScheduler.xml D:\shared\privilege-escalation-awesome-script-suite\winPEAS\winPEASexe\packages\TaskScheduler.2.8.16\lib\net40\Microsoft.Win32.TaskScheduler.xml

BIN
winPEAS/winPEASexe/winPEAS/obj/x86/Release/winPEAS.exe
View File

Binary file not shown.

BIN
winPEAS/winPEASexe/winPEAS/obj/x86/Release/winPEAS.pdb
View File

Binary file not shown.

3
winPEAS/winPEASexe/winPEAS/winPEAS.csproj.user
View File

@ -4,7 +4,8 @@
<StartArguments>help</StartArguments> <StartArguments>help</StartArguments>
</PropertyGroup> </PropertyGroup>
<PropertyGroup Condition="'$(Configuration)|$(Platform)' == 'Debug|AnyCPU'"> <PropertyGroup Condition="'$(Configuration)|$(Platform)' == 'Debug|AnyCPU'">
<StartArguments>help</StartArguments> <StartArguments>
</StartArguments>
</PropertyGroup> </PropertyGroup>
<PropertyGroup Condition="'$(Configuration)|$(Platform)' == 'Debug|x64'"> <PropertyGroup Condition="'$(Configuration)|$(Platform)' == 'Debug|x64'">
<StartArguments>cmd fast</StartArguments> <StartArguments>cmd fast</StartArguments>