darnellkeith/PEASS-ng
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge pull request #473 from Signum21/master

Browse Source 
Fix IdentityNotMappedException in Vulnerable Leaked Handlers
This commit is contained in:
SirBroccoli 2025-05-31 22:36:49 +02:00 committed by GitHub
commit c3a93a57fe
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 9 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
winPEAS/winPEASexe/winPEAS/Helpers/Beaprint.cs
View File

@ -81,7 +81,7 @@ namespace winPEAS.Helpers
/---------------------------------------------------------------------------------\ /---------------------------------------------------------------------------------\
| {1}Do you like PEASS?{0} | | {1}Do you like PEASS?{0} |
|---------------------------------------------------------------------------------| |---------------------------------------------------------------------------------|
| {3}Learn Cloud Hacking{0} : {2}training.hacktricks.xyz {0} | | {3}Learn Cloud Hacking{0} : {2}training.hacktricks.xyz {0} |
| {3}Follow on Twitter{0} : {2}@hacktricks_live{0} | | {3}Follow on Twitter{0} : {2}@hacktricks_live{0} |
| {3}Respect on HTB{0} : {2}SirBroccoli {0} | | {3}Respect on HTB{0} : {2}SirBroccoli {0} |
|---------------------------------------------------------------------------------| |---------------------------------------------------------------------------------|

11
winPEAS/winPEASexe/winPEAS/Info/ProcessInfo/ProcessesInfo.cs
View File

@ -195,11 +195,11 @@ namespace winPEAS.Info.ProcessInfo
continue; continue;
List<string> permsFile = PermissionsHelper.GetPermissionsFile(sFilePath, Checks.Checks.CurrentUserSiDs, PermissionType.WRITEABLE_OR_EQUIVALENT); List<string> permsFile = PermissionsHelper.GetPermissionsFile(sFilePath, Checks.Checks.CurrentUserSiDs, PermissionType.WRITEABLE_OR_EQUIVALENT);
IdentityReference sid = null;
try try
{ {
System.Security.AccessControl.FileSecurity fs = System.IO.File.GetAccessControl(sFilePath); System.Security.AccessControl.FileSecurity fs = System.IO.File.GetAccessControl(sFilePath);
IdentityReference sid = fs.GetOwner(typeof(SecurityIdentifier)); sid = fs.GetOwner(typeof(SecurityIdentifier));
string ownerName = sid.Translate(typeof(NTAccount)).ToString();
// If current user already have permissions over that file or the proc belongs to the owner of the file, // If current user already have permissions over that file or the proc belongs to the owner of the file,
// handler not interesting to elevate privs // handler not interesting to elevate privs
@ -207,6 +207,8 @@ namespace winPEAS.Info.ProcessInfo
continue; continue;
to_add["File Path"] = sFilePath; to_add["File Path"] = sFilePath;
string ownerName = sid.Translate(typeof(NTAccount)).ToString();
to_add["File Owner"] = ownerName; to_add["File Owner"] = ownerName;
} }
catch (System.IO.FileNotFoundException) catch (System.IO.FileNotFoundException)
@ -218,7 +220,10 @@ namespace winPEAS.Info.ProcessInfo
{ {
continue; continue;
} }
catch (System.Security.Principal.IdentityNotMappedException)
{
to_add["File Owner"] = sid.ToString();
}
} }
else if (typeName == "key") else if (typeName == "key")