From f3e29a509f0cc01d5d05c47c9bac98aeb8bd68b0 Mon Sep 17 00:00:00 2001 From: carlospolop Date: Sat, 24 May 2025 23:02:18 +0200 Subject: [PATCH] fix winpeas --- .../winPEASexe/winPEAS/Checks/NetworkInfo.cs | 72 ++++++++----------- .../Info/NetworkInfo/HostnameResolution.cs | 70 ++++++++++++++++++ .../InternetConnectivity.cs | 57 +++++++++++---- .../NetworkScanner/HostnameResolution.cs | 69 ------------------ 4 files changed, 143 insertions(+), 125 deletions(-) create mode 100644 winPEAS/winPEASexe/winPEAS/Info/NetworkInfo/HostnameResolution.cs rename winPEAS/winPEASexe/winPEAS/Info/NetworkInfo/{NetworkScanner => }/InternetConnectivity.cs (82%) delete mode 100644 winPEAS/winPEASexe/winPEAS/Info/NetworkInfo/NetworkScanner/HostnameResolution.cs diff --git a/winPEAS/winPEASexe/winPEAS/Checks/NetworkInfo.cs b/winPEAS/winPEASexe/winPEAS/Checks/NetworkInfo.cs index 5668c86..91d31a1 100644 --- a/winPEAS/winPEASexe/winPEAS/Checks/NetworkInfo.cs +++ b/winPEAS/winPEASexe/winPEAS/Checks/NetworkInfo.cs @@ -29,7 +29,8 @@ namespace winPEAS.Checks { Beaprint.GreatPrint("Network Information"); - var baseChecks = new List + // Base checklist + var checks = new List { PrintNetShares, PrintMappedDrivesWMI, @@ -39,15 +40,16 @@ namespace winPEAS.Checks PrintFirewallRules, PrintDNSCache, PrintInternetSettings, - PrintInternetConnectivity, + PrintInternetConnectivity }; - // Only create hostnameCheck list if we want to run it - var allChecks = !Checks.DontCheckHostname - ? baseChecks.Concat(new List { () => PrintHostnameResolution().GetAwaiter().GetResult() }) - : baseChecks; + // **Add hostname‑resolution check only when requested** + if (!Checks.DontCheckHostname) + checks.Add(PrintHostnameResolution); - allChecks.ForEach(action => CheckRunner.Run(action, isDebug)); + // **Run every selected check** + foreach (var action in checks) + CheckRunner.Run(action, isDebug); } private void PrintNetShares() @@ -449,47 +451,36 @@ namespace winPEAS.Checks var connectivityInfo = InternetConnectivity.CheckConnectivity(); // HTTP Access - Beaprint.AnsiPrint($" HTTP (80) Access: {(connectivityInfo.HttpAccess ? Beaprint.ansi_color_good + "Yes" + Beaprint.NOCOLOR : Beaprint.ansi_color_bad + "No" + Beaprint.NOCOLOR)}"); - if (connectivityInfo.HttpAccess) + var colorsBool = new Dictionary + { + { "Accessible", Beaprint.ansi_color_good }, + { "Not Accessible", Beaprint.ansi_color_bad }, + }; + Beaprint.AnsiPrint($" HTTP (80) Access: {(connectivityInfo.HttpAccess ? "Accessible" : "Not Accessible")}", colorsBool); + if (!string.IsNullOrEmpty(connectivityInfo.HttpError)) { - Beaprint.AnsiPrint($" Successful IP: {connectivityInfo.SuccessfulHttpIp}"); - } - else if (!string.IsNullOrEmpty(connectivityInfo.HttpError)) - { - Beaprint.AnsiPrint($" Error: {connectivityInfo.HttpError}"); + Beaprint.PrintException($" Error: {connectivityInfo.HttpError}"); } // HTTPS Access - Beaprint.AnsiPrint($" HTTPS (443) Access: {(connectivityInfo.HttpsAccess ? Beaprint.ansi_color_good + "Yes" + Beaprint.NOCOLOR : Beaprint.ansi_color_bad + "No" + Beaprint.NOCOLOR)}"); - if (connectivityInfo.HttpsAccess) + Beaprint.AnsiPrint($" HTTPS (443) Access: {(connectivityInfo.HttpsAccess ? "Accessible" : "Not Accessible")}", colorsBool); + if (!string.IsNullOrEmpty(connectivityInfo.HttpsError)) { - Beaprint.AnsiPrint($" Successful IP: {connectivityInfo.SuccessfulHttpsIp}"); - } - else if (!string.IsNullOrEmpty(connectivityInfo.HttpsError)) - { - Beaprint.AnsiPrint($" Error: {connectivityInfo.HttpsError}"); + Beaprint.PrintException($" Error: {connectivityInfo.HttpsError}"); } // DNS Access - Beaprint.AnsiPrint($" DNS (53) Access: {(connectivityInfo.DnsAccess ? Beaprint.ansi_color_good + "Yes" + Beaprint.NOCOLOR : Beaprint.ansi_color_bad + "No" + Beaprint.NOCOLOR)}"); - if (connectivityInfo.DnsAccess) + Beaprint.AnsiPrint($" DNS (53) Access: {(connectivityInfo.DnsAccess ? "Accessible" : "Not Accessible")}", colorsBool); + if (!string.IsNullOrEmpty(connectivityInfo.DnsError)) { - Beaprint.AnsiPrint($" Successful IP: {connectivityInfo.SuccessfulDnsIp}"); - } - else if (!string.IsNullOrEmpty(connectivityInfo.DnsError)) - { - Beaprint.AnsiPrint($" Error: {connectivityInfo.DnsError}"); + Beaprint.PrintException($" Error: {connectivityInfo.DnsError}"); } // ICMP Access - Beaprint.AnsiPrint($" ICMP (ping) Access: {(connectivityInfo.IcmpAccess ? Beaprint.ansi_color_good + "Yes" + Beaprint.NOCOLOR : Beaprint.ansi_color_bad + "No" + Beaprint.NOCOLOR)}"); - if (connectivityInfo.IcmpAccess) + Beaprint.AnsiPrint($" ICMP (ping) Access: {(connectivityInfo.IcmpAccess ? "Accessible" : "Not Accessible")}", colorsBool); + if (!string.IsNullOrEmpty(connectivityInfo.IcmpError)) { - Beaprint.AnsiPrint($" Successful IP: {connectivityInfo.SuccessfulIcmpIp}"); - } - else if (!string.IsNullOrEmpty(connectivityInfo.IcmpError)) - { - Beaprint.AnsiPrint($" Error: {connectivityInfo.IcmpError}"); + Beaprint.PrintException($" Error: {connectivityInfo.IcmpError}"); } } catch (Exception ex) @@ -498,24 +489,23 @@ namespace winPEAS.Checks } } - private async Task PrintHostnameResolution() + private void PrintHostnameResolution() { try { Beaprint.MainPrint("Hostname Resolution"); Beaprint.LinkPrint("", "Checking if the hostname can be resolved externally"); - var resolutionInfo = await HostnameResolution.CheckResolution(); - - Beaprint.AnsiPrint($" Hostname: {resolutionInfo.Hostname}"); + var resolutionInfo = HostnameResolution.TryExternalCheck(); if (!string.IsNullOrEmpty(resolutionInfo.ExternalCheckResult)) { - Beaprint.AnsiPrint($" External Check Result: {resolutionInfo.ExternalCheckResult}"); + Beaprint.GoodPrint($" External Check Result:"); + Beaprint.NoColorPrint(resolutionInfo.ExternalCheckResult); } else if (!string.IsNullOrEmpty(resolutionInfo.Error)) { - Beaprint.AnsiPrint($" {Beaprint.ansi_color_bad}{resolutionInfo.Error}{Beaprint.NOCOLOR}"); + Beaprint.BadPrint($" {resolutionInfo.Error}"); } } catch (Exception ex) diff --git a/winPEAS/winPEASexe/winPEAS/Info/NetworkInfo/HostnameResolution.cs b/winPEAS/winPEASexe/winPEAS/Info/NetworkInfo/HostnameResolution.cs new file mode 100644 index 0000000..7ad52d7 --- /dev/null +++ b/winPEAS/winPEASexe/winPEAS/Info/NetworkInfo/HostnameResolution.cs @@ -0,0 +1,70 @@ +using System; +using System.Net; +using System.Net.Http; +using System.Text; +using System.Text.Json; + +namespace winPEAS.Info.NetworkInfo +{ + public class HostnameResolutionInfo + { + public string Hostname { get; set; } + public string ExternalCheckResult { get; set; } + public string Error { get; set; } + } + + public static class HostnameResolution + { + private const int INTERNET_SEARCH_TIMEOUT = 15; + private static readonly HttpClient httpClient = new HttpClient(); + + /// + /// Attempts to resolve the local hostname via the external lambda. + /// Always returns a populated object. + /// + public static HostnameResolutionInfo TryExternalCheck() + { + var info = new HostnameResolutionInfo(); + + try + { + // 1. Determine hostname + info.Hostname = Dns.GetHostName(); + if (string.IsNullOrEmpty(info.Hostname)) + info.Hostname = Environment.MachineName; + + // 2. Prepare JSON body + var payload = new StringContent( + JsonSerializer.Serialize(new { hostname = info.Hostname }), + Encoding.UTF8, + "application/json"); + + // 3. Configure HttpClient (header added once) + if (!httpClient.DefaultRequestHeaders.Contains("User-Agent")) + httpClient.DefaultRequestHeaders.Add("User-Agent", "winpeas"); + httpClient.Timeout = TimeSpan.FromSeconds(INTERNET_SEARCH_TIMEOUT); + + // 4. Call external checker + var resp = httpClient + .PostAsync("https://2e6ppt7izvuv66qmx2r3et2ufi0mxwqs.lambda-url.us-east-1.on.aws/", payload) + .GetAwaiter().GetResult(); + + if (resp.IsSuccessStatusCode) + { + info.ExternalCheckResult = resp.Content.ReadAsStringAsync() + .GetAwaiter().GetResult(); + } + else + { + info.Error = $"External check failed (HTTP {(int)resp.StatusCode})"; + } + } + catch (Exception ex) + { + info.Error = $"Error during hostname check: {ex.Message}"; + } + + return info; + } + } +} diff --git a/winPEAS/winPEASexe/winPEAS/Info/NetworkInfo/NetworkScanner/InternetConnectivity.cs b/winPEAS/winPEASexe/winPEAS/Info/NetworkInfo/InternetConnectivity.cs similarity index 82% rename from winPEAS/winPEASexe/winPEAS/Info/NetworkInfo/NetworkScanner/InternetConnectivity.cs rename to winPEAS/winPEASexe/winPEAS/Info/NetworkInfo/InternetConnectivity.cs index b23befc..7535f5b 100644 --- a/winPEAS/winPEASexe/winPEAS/Info/NetworkInfo/NetworkScanner/InternetConnectivity.cs +++ b/winPEAS/winPEASexe/winPEAS/Info/NetworkInfo/InternetConnectivity.cs @@ -1,12 +1,15 @@ using System; -using System.Net; -using System.Net.NetworkInformation; -using System.Threading.Tasks; using System.Collections.Generic; +using System.Net; +using System.Net.Http; +using System.Net.Http.Headers; +using System.Net.NetworkInformation; using System.Net.Sockets; using System.Text; +using System.Threading; +using System.Threading.Tasks; -namespace winPEAS.Info.NetworkInfo.NetworkScanner +namespace winPEAS.Info.NetworkInfo { public class InternetConnectivityInfo { @@ -37,13 +40,20 @@ namespace winPEAS.Info.NetworkInfo.NetworkScanner { try { - using (var client = new WebClient()) + using var cts = new CancellationTokenSource(TimeSpan.FromSeconds(HTTP_TIMEOUT)); + using var client = new HttpClient { Timeout = TimeSpan.FromSeconds(HTTP_TIMEOUT) }; + + var resp = client.GetAsync($"http://{ip}", cts.Token) + .GetAwaiter().GetResult(); + + if (resp.IsSuccessStatusCode) { - client.Timeout = HTTP_TIMEOUT; - client.DownloadString($"http://{ip}"); error = null; return true; } + + error = $"HTTP status {(int)resp.StatusCode}"; + return false; } catch (Exception ex) { @@ -56,13 +66,20 @@ namespace winPEAS.Info.NetworkInfo.NetworkScanner { try { - using (var client = new WebClient()) + using var cts = new CancellationTokenSource(TimeSpan.FromSeconds(HTTP_TIMEOUT)); + using var client = new HttpClient { Timeout = TimeSpan.FromSeconds(HTTP_TIMEOUT) }; + + var resp = client.GetAsync($"https://{ip}", cts.Token) + .GetAwaiter().GetResult(); + + if (resp.IsSuccessStatusCode) { - client.Timeout = HTTP_TIMEOUT; - client.DownloadString($"https://{ip}"); error = null; return true; } + + error = $"HTTPS status {(int)resp.StatusCode}"; + return false; } catch (Exception ex) { @@ -75,15 +92,24 @@ namespace winPEAS.Info.NetworkInfo.NetworkScanner { try { - using (var client = new WebClient()) + using var cts = new CancellationTokenSource(TimeSpan.FromSeconds(HTTP_TIMEOUT)); + using var client = new HttpClient { Timeout = TimeSpan.FromSeconds(HTTP_TIMEOUT) }; + + var req = new HttpRequestMessage(HttpMethod.Get, LAMBDA_URL); + req.Headers.UserAgent.ParseAdd("winpeas"); + req.Headers.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json")); + + var resp = client.SendAsync(req, cts.Token) + .GetAwaiter().GetResult(); + + if (resp.IsSuccessStatusCode) { - client.Timeout = HTTP_TIMEOUT; - client.Headers.Add("User-Agent", "winpeas"); - client.Headers.Add("Content-Type", "application/json"); - client.DownloadString(LAMBDA_URL); error = null; return true; } + + error = $"Lambda status {(int)resp.StatusCode}"; + return false; } catch (Exception ex) { @@ -92,6 +118,7 @@ namespace winPEAS.Info.NetworkInfo.NetworkScanner } } + private static bool TryDnsAccess(string ip, out string error) { try diff --git a/winPEAS/winPEASexe/winPEAS/Info/NetworkInfo/NetworkScanner/HostnameResolution.cs b/winPEAS/winPEASexe/winPEAS/Info/NetworkInfo/NetworkScanner/HostnameResolution.cs deleted file mode 100644 index 96297cd..0000000 --- a/winPEAS/winPEASexe/winPEAS/Info/NetworkInfo/NetworkScanner/HostnameResolution.cs +++ /dev/null @@ -1,69 +0,0 @@ -using System; -using System.Net; -using System.Net.Http; -using System.Threading.Tasks; -using System.Text.Json; -using System.Text; - -namespace winPEAS.Info.NetworkInfo.NetworkScanner -{ - public class HostnameResolutionInfo - { - public string Hostname { get; set; } - public string ExternalCheckResult { get; set; } - public string Error { get; set; } - } - - public static class HostnameResolution - { - private const int INTERNET_SEARCH_TIMEOUT = 15; - private static readonly HttpClient httpClient = new HttpClient(); - - public static async Task CheckResolution() - { - var result = new HostnameResolutionInfo(); - - try - { - // Get the current hostname - result.Hostname = Dns.GetHostName(); - - // Environment.MachineName if hostname empty - if (string.IsNullOrEmpty(result.Hostname)) - { - result.Hostname = Environment.MachineName; - } - - // Prepare the request - var content = new StringContent( - JsonSerializer.Serialize(new { hostname = result.Hostname }), - Encoding.UTF8, - "application/json" - ); - httpClient.DefaultRequestHeaders.Add("User-Agent", "winpeas"); - httpClient.Timeout = TimeSpan.FromSeconds(INTERNET_SEARCH_TIMEOUT); - - // Make the request to the same endpoint as Linux version - var response = await httpClient.PostAsync( - "https://2e6ppt7izvuv66qmx2r3et2ufi0mxwqs.lambda-url.us-east-1.on.aws/", - content - ); - - if (response.IsSuccessStatusCode) - { - result.ExternalCheckResult = await response.Content.ReadAsStringAsync(); - } - else - { - result.ExternalCheckResult = $"External check failed with status code: {response.StatusCode}"; - } - } - catch (Exception ex) - { - result.Error = $"Error during hostname check: {ex.Message}"; - } - - return result; - } - } -} \ No newline at end of file