name: CI-master_test on: push: branches: - master - main paths-ignore: - '.github/**' schedule: - cron: "5 4 1 * *" workflow_dispatch: jobs: Build_and_test_winpeas_master: runs-on: windows-latest # environment variables env: Solution_Path: 'winPEAS\winPEASexe\winPEAS.sln' Configuration: 'Release' DotFuscatorGeneratedPath: 'winPEAS\winPEASexe\binaries\Obfuscated Releases\Dotfuscated' steps: # checkout - name: Checkout uses: actions/checkout@master with: ref: ${{ github.head_ref }} - name: Download regexes run: | powershell.exe -ExecutionPolicy Bypass -File build_lists/download_regexes.ps1 # Add MSBuild to the PATH: https://github.com/microsoft/setup-msbuild - name: Setup MSBuild.exe uses: microsoft/setup-msbuild@v1.0.2 # Setup NuGet - name: Setup NuGet.exe uses: nuget/setup-nuget@v1 # Restore the packages for testing - name: Restore the application run: nuget restore $env:Solution_Path # build - name: run MSBuild run: msbuild $env:Solution_Path # Execute all unit tests in the solution #- name: Execute unit tests # run: dotnet test $env:Solution_Path # Build & update all versions - name: Build all versions run: | echo "build x64" msbuild -m $env:Solution_Path /t:Rebuild /p:Configuration=$env:Configuration /p:Platform="x64" echo "build x86" msbuild -m $env:Solution_Path /t:Rebuild /p:Configuration=$env:Configuration /p:Platform="x86" echo "build Any CPU" msbuild -m $env:Solution_Path /t:Rebuild /p:Configuration=$env:Configuration /p:Platform="Any CPU" - name: Execute winPEAS -h shell: pwsh run: | $Configuration = "Release" $exePath = "winPEAS/winPEASexe/winPEAS/bin/$Configuration/winPEAS.exe" if (Test-Path $exePath) { & $exePath -h } else { Write-Error "winPEAS.exe not found at $exePath" } - name: Execute winPEAS cloudinfo shell: pwsh run: | $Configuration = "Release" $exePath = "winPEAS/winPEASexe/winPEAS/bin/$Configuration/winPEAS.exe" if (Test-Path $exePath) { & $exePath cloudinfo } else { Write-Error "winPEAS.exe not found at $exePath" } - name: Execute winPEAS systeminfo shell: pwsh run: | $Configuration = "Release" $exePath = "winPEAS/winPEASexe/winPEAS/bin/$Configuration/winPEAS.exe" if (Test-Path $exePath) { & $exePath systeminfo } else { Write-Error "winPEAS.exe not found at $exePath" } # Copy the built versions - name: Copy all versions run: | echo "copy x64" cp winPEAS\winPEASexe\winPEAS\bin\x64\$env:Configuration\winPEAS.exe winPEAS\winPEASexe\binaries\x64\$env:Configuration\winPEASx64.exe echo "copy x86" cp winPEAS\winPEASexe\winPEAS\bin\x86\$env:Configuration\winPEAS.exe winPEAS\winPEASexe\binaries\x86\$env:Configuration\winPEASx86.exe echo "copy Any" cp winPEAS\winPEASexe\winPEAS\bin\$env:Configuration\winPEAS.exe winPEAS\winPEASexe\binaries\$env:Configuration\winPEASany.exe # Setup DotFuscator - name: Setup DotFuscator run: | 7z x winPEAS\winPEASexe\Dotfuscator\DotfuscatorCE.zip whoami mkdir -p $env:USERPROFILE\AppData\Local\"PreEmptive Solutions"\"Dotfuscator Community Edition"\6.0 -erroraction 'silentlycontinue' cp DotfuscatorCE\license\* $env:USERPROFILE\AppData\Local\"PreEmptive Solutions"\"Dotfuscator Community Edition"\6.0\ # build obfuscated versions - name: Build obfuscated versions run: | DotfuscatorCE\dotfuscator.exe "winPEAS\winPEASexe\binaries\Obfuscated Releases\x64.xml" DotfuscatorCE\dotfuscator.exe "winPEAS\winPEASexe\binaries\Obfuscated Releases\x86.xml" DotfuscatorCE\dotfuscator.exe "winPEAS\winPEASexe\binaries\Obfuscated Releases\any.xml" # copy the files - name: Copy Dotfuscator generated files run: | cp $env:DotFuscatorGeneratedPath\x64\winPEASx64.exe "winPEAS\winPEASexe\binaries\Obfuscated Releases\winPEASx64_ofs.exe" cp $env:DotFuscatorGeneratedPath\x86\winPEASx86.exe "winPEAS\winPEASexe\binaries\Obfuscated Releases\winPEASx86_ofs.exe" cp $env:DotFuscatorGeneratedPath\any\winPEASany.exe "winPEAS\winPEASexe\binaries\Obfuscated Releases\winPEASany_ofs.exe" # Upload all the versions for the release - name: Upload winpeasx64 uses: actions/upload-artifact@v4 with: name: winPEASx64.exe path: winPEAS\winPEASexe\binaries\x64\Release\winPEASx64.exe - name: Upload winpeasx86 uses: actions/upload-artifact@v4 with: name: winPEASx86.exe path: winPEAS\winPEASexe\binaries\x86\Release\winPEASx86.exe - name: Upload winpeasany uses: actions/upload-artifact@v4 with: name: winPEASany.exe path: winPEAS\winPEASexe\binaries\Release\winPEASany.exe - name: Upload winpeasx64ofs uses: actions/upload-artifact@v4 with: name: winPEASx64_ofs.exe path: winPEAS\winPEASexe\binaries\Obfuscated Releases\winPEASx64_ofs.exe - name: Upload winpeasx86ofs uses: actions/upload-artifact@v4 with: name: winPEASx86_ofs.exe path: winPEAS\winPEASexe\binaries\Obfuscated Releases\winPEASx86_ofs.exe - name: Upload winpeasanyofs uses: actions/upload-artifact@v4 with: name: winPEASany_ofs.exe path: winPEAS\winPEASexe\binaries\Obfuscated Releases\winPEASany_ofs.exe - name: Upload winpeas.bat uses: actions/upload-artifact@v4 with: name: winPEAS.bat path: winPEAS\winPEASbat\winPEAS.bat # Git add #- name: Create local changes # run: | # git add winPEAS\winPEASexe\binaries\Release\* # git add winPEAS\winPEASexe\binaries\x64\* # git add winPEAS\winPEASexe\binaries\x86\* # git add "winPEAS\winPEASexe\binaries\Obfuscated Releases\*.exe" # Git commit #- name: Commit results to Github # run: | # git config --local user.email "ci@winpeas.com" # git config --global user.name "CI-winpeas" # git pull origin "${{ github.ref }}" --autostash --rebase -Xours # git commit -m "winpeas binaries auto update" -a --allow-empty # Git push #- name: Push changes # uses: ad-m/github-push-action@master # with: # branch: ${{ github.head_ref }} # github_token: ${{ secrets.GITHUB_TOKEN }} # force: true Build_and_test_linpeas_master: runs-on: ubuntu-latest steps: # Download repo - uses: actions/checkout@v2 with: ref: ${{ github.head_ref }} # Setup go - uses: actions/setup-go@v2 with: go-version: 1.17.0-rc1 stable: false - run: go version # Build linpeas - name: Build linpeas run: | python3 -m pip install PyYAML cd linPEAS python3 -m builder.linpeas_builder --all --output linpeas_fat.sh python3 -m builder.linpeas_builder --all-no-fat --output linpeas.sh python3 -m builder.linpeas_builder --small --output linpeas_small.sh # Build linpeas binaries - name: Build linpeas binaries run: | git clone https://github.com/carlospolop/sh2bin cd sh2bin bash build.sh ../linPEAS/linpeas.sh mv builds/sh2bin_linux_386 builds/linpeas_linux_386 mv builds/sh2bin_linux_amd64 builds/linpeas_linux_amd64 mv builds/sh2bin_linux_arm builds/linpeas_linux_arm mv builds/sh2bin_linux_arm64 builds/linpeas_linux_arm64 mv builds/sh2bin_darwin_amd64 builds/linpeas_darwin_amd64 mv builds/sh2bin_darwin_arm64 builds/linpeas_darwin_arm64 ls -lR ./ # Run linpeas help as quick test - name: Run linpeas help run: linPEAS/linpeas_fat.sh -h && linPEAS/linpeas.sh -h && linPEAS/linpeas_small.sh -h # Run linpeas as a test - name: Run linpeas system_information run: linPEAS/linpeas_fat.sh -o system_information -a - name: Run linpeas container run: linPEAS/linpeas_fat.sh -o container -a - name: Run linpeas cloud run: linPEAS/linpeas_fat.sh -o cloud -a - name: Run linpeas procs_crons_timers_srvcs_sockets run: linPEAS/linpeas_fat.sh -o procs_crons_timers_srvcs_sockets -a - name: Run linpeas network_information run: linPEAS/linpeas_fat.sh -o network_information -t -a - name: Run linpeas users_information run: linPEAS/linpeas_fat.sh -o users_information -a - name: Run linpeas software_information run: linPEAS/linpeas_fat.sh -o software_information -a - name: Run linpeas interesting_perms_files run: linPEAS/linpeas_fat.sh -o interesting_perms_files -a - name: Run linpeas interesting_files run: linPEAS/linpeas_fat.sh -o interesting_files -a # Too much time #- name: Run linpeas api_keys_regex # run: linPEAS/linpeas.sh -o api_keys_regex -r # Upload files for release - name: Upload linpeas.sh uses: actions/upload-artifact@v4 with: name: linpeas.sh path: linPEAS/linpeas.sh - name: Upload linpeas_fat.sh uses: actions/upload-artifact@v4 with: name: linpeas_fat.sh path: linPEAS/linpeas_fat.sh - name: Upload linpeas_small.sh uses: actions/upload-artifact@v4 with: name: linpeas_small.sh path: linPEAS/linpeas_small.sh ## Linux bins - name: Upload linpeas_linux_386 uses: actions/upload-artifact@v4 with: name: linpeas_linux_386 path: sh2bin/builds/linpeas_linux_386 - name: Upload linpeas_linux_amd64 uses: actions/upload-artifact@v4 with: name: linpeas_linux_amd64 path: sh2bin/builds/linpeas_linux_amd64 - name: Upload linpeas_linux_arm uses: actions/upload-artifact@v4 with: name: linpeas_linux_arm path: sh2bin/builds/linpeas_linux_arm - name: Upload linpeas_linux_arm64 uses: actions/upload-artifact@v4 with: name: linpeas_linux_arm64 path: sh2bin/builds/linpeas_linux_arm64 ## Darwin bins - name: Upload linpeas_darwin_amd64 uses: actions/upload-artifact@v4 with: name: linpeas_darwin_amd64 path: sh2bin/builds/linpeas_darwin_amd64 - name: Upload linpeas_darwin_arm64 uses: actions/upload-artifact@v4 with: name: linpeas_darwin_arm64 path: sh2bin/builds/linpeas_darwin_arm64 # Clean sh2bin repo - name: Cleaning sh2bin run: rm -rf sh2bin # - name: Create local changes # run: git add linPEAS/linpeas.sh # - name: Commit results to Github # run: | # git config --local user.email "" # git config --global user.name "CI-linpeas-ubuntu" # git pull origin "${{ github.ref }}" --autostash --rebase -Xours # git commit -m "linpeas.sh auto update" -a --allow-empty # - name: Push changes # uses: ad-m/github-push-action@master # with: # branch: ${{ github.head_ref }} # github_token: ${{ secrets.GITHUB_TOKEN }} # force: true Build_and_test_macpeas_master: runs-on: macos-latest steps: # Download repo - uses: actions/checkout@v2 # Build linpeas - name: Build macpeas run: | python3 -m pip install PyYAML --break-system-packages python3 -m pip install requests --break-system-packages cd linPEAS python3 -m builder.linpeas_builder --all --output linpeas_fat.sh # Run linpeas help as quick test - name: Run macpeas help run: linPEAS/linpeas_fat.sh -h # Run macpeas parts to test it #- name: Run macpeas # run: linPEAS/linpeas.sh -D -o system_information,container,procs_crons_timers_srvcs_sockets,network_information,users_information,software_information Publish_release: runs-on: ubuntu-latest needs: [Build_and_test_winpeas_master, Build_and_test_linpeas_master, Build_and_test_macpeas_master] steps: # Download files to release - name: Download winpeasx64ofs uses: actions/download-artifact@v4.1.7 with: name: winPEASx64_ofs.exe - name: Download winpeasx86ofs uses: actions/download-artifact@v4.1.7 with: name: winPEASx86_ofs.exe - name: Download winpeasanyofs uses: actions/download-artifact@v4.1.7 with: name: winPEASany_ofs.exe - name: Download winpeasx64 uses: actions/download-artifact@v4.1.7 with: name: winPEASx64.exe - name: Download winpeasx86 uses: actions/download-artifact@v4.1.7 with: name: winPEASx86.exe - name: Download winpeasany uses: actions/download-artifact@v4.1.7 with: name: winPEASany.exe - name: Download winpeas.bat uses: actions/download-artifact@v4.1.7 with: name: winPEAS.bat - name: Download linpeas.sh uses: actions/download-artifact@v4.1.7 with: name: linpeas.sh - name: Download linpeas_fat.sh uses: actions/download-artifact@v4.1.7 with: name: linpeas_fat.sh - name: Download linpeas_small.sh uses: actions/download-artifact@v4.1.7 with: name: linpeas_small.sh - name: Download linpeas_linux_386 uses: actions/download-artifact@v4.1.7 with: name: linpeas_linux_386 - name: Download linpeas_linux_amd64 uses: actions/download-artifact@v4.1.7 with: name: linpeas_linux_amd64 - name: Download linpeas_linux_arm uses: actions/download-artifact@v4.1.7 with: name: linpeas_linux_arm - name: Download linpeas_linux_arm64 uses: actions/download-artifact@v4.1.7 with: name: linpeas_linux_arm64 - name: Download linpeas_darwin_amd64 uses: actions/download-artifact@v4.1.7 with: name: linpeas_darwin_amd64 - name: Download linpeas_darwin_arm64 uses: actions/download-artifact@v4.1.7 with: name: linpeas_darwin_arm64 - name: Get current date id: date run: echo "::set-output name=date::$(date +'%Y%m%d')" - name: Generate random id: random_n run: echo "::set-output name=some_rand::$(openssl rand -hex 4)" # Create the release - name: Create Release id: create_release uses: actions/create-release@v1 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} with: tag_name: ${{steps.date.outputs.date}}-${{steps.random_n.outputs.some_rand}} release_name: Release ${{ github.ref }} ${{steps.date.outputs.date}}-${{steps.random_n.outputs.some_rand}} draft: false prerelease: false - id: upload_release_assets uses: dwenegar/upload-release-assets@v1 with: release_id: ${{ steps.create_release.outputs.id }} assets_path: . env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}