1
mirror of https://github.com/carlospolop/PEASS-ng synced 2024-11-24 01:26:22 +01:00

- updated PrintMcAffeSitelistFiles

- linpeas & lolbas checks running optionally if specified
This commit is contained in:
makikvues 2021-02-13 17:02:03 +01:00
parent d6d7b4e0e0
commit 1ceb041ee5
4 changed files with 90 additions and 25 deletions

View File

@ -17,6 +17,8 @@ namespace winPEAS.Checks
public static bool IsNoColor = false;
public static bool Banner = true;
public static bool IsDebug = false;
public static bool IsLinpeas = false;
public static bool IsLolbas = false;
// Create Dynamic blacklists
public static readonly string CurrentUserName = Environment.UserName;
@ -127,16 +129,29 @@ namespace winPEAS.Checks
IsDebug = true;
}
if (arg.StartsWith("linpeasUrl", StringComparison.CurrentCultureIgnoreCase))
if (string.Equals(arg, "-lolbas", StringComparison.CurrentCultureIgnoreCase))
{
var parts = arg.Split('=');
if (parts.Length != 2 || string.IsNullOrEmpty(parts[1]))
{
Beaprint.PrintUsage();
return;
}
IsLolbas = true;
}
LinpeasUrl = parts[1];
if (arg.StartsWith("-linpeas", StringComparison.CurrentCultureIgnoreCase))
{
IsLinpeas = true;
var parts = arg.Split('=');
if (parts.Length >= 2 && !string.IsNullOrEmpty(parts[1]))
{
LinpeasUrl = parts[1];
var isReachable = MyUtils.IsUrlReachable(LinpeasUrl);
if (!isReachable)
{
Beaprint.ColorPrint($" [!] the provided linpeas.sh url: '{LinpeasUrl}' is invalid / unreachable / returned empty response.", Beaprint.YELLOW);
return;
}
}
}
string argToLower = arg.ToLower();

View File

@ -227,15 +227,15 @@ namespace winPEAS.Checks
foreach (var site in sitelistFilesInfo.Sites)
{
Beaprint.BadPrint($" ShareName : {site.ShareName}\n" +
$" UserName : {site.UserName}\n" +
$" Server : {site.Server}\n" +
$" EncPassword : {site.EncPassword}\n" +
$" DecPassword : {site.DecPassword}\n" +
$" DomainName : {site.DomainName}\n" +
$" Name : {site.Name}\n" +
$" Type : {site.Type}\n" +
$" RelativePath : {site.RelativePath}\n");
Beaprint.NoColorPrint($" Share Name : {site.ShareName}");
PrintColored( $" User Name : {site.UserName}", !string.IsNullOrWhiteSpace(site.UserName));
PrintColored( $" Server : {site.Server}", !string.IsNullOrWhiteSpace(site.Server));
PrintColored( $" Encrypted Password : {site.EncPassword}", !string.IsNullOrWhiteSpace(site.EncPassword));
PrintColored( $" Decrypted Password : {site.DecPassword}", !string.IsNullOrWhiteSpace(site.DecPassword));
Beaprint.NoColorPrint( $" Domain Name : {site.DomainName}\n" +
$" Name : {site.Name}\n" +
$" Type : {site.Type}\n" +
$" Relative Path : {site.RelativePath}\n");
}
Beaprint.PrintLineSeparator();
@ -247,6 +247,18 @@ namespace winPEAS.Checks
}
}
private static void PrintColored(string str, bool isBad)
{
if (isBad)
{
Beaprint.BadPrint(str);
}
else
{
Beaprint.NoColorPrint(str);
}
}
void PrintWSLDistributions()
{
Beaprint.MainPrint("Looking for Linux shells/distributions - wsl.exe, bash.exe");
@ -307,13 +319,20 @@ namespace winPEAS.Checks
Beaprint.ColorPrint($" Running {linpeas} in the default distribution\n" +
$" Using linpeas.sh URL: {Checks.LinpeasUrl}", Beaprint.LBLUE);
try
if (Checks.IsLinpeas)
{
WSL.RunLinpeas(Checks.LinpeasUrl);
try
{
WSL.RunLinpeas(Checks.LinpeasUrl);
}
catch (Exception ex)
{
Beaprint.PrintException($" Unable to run linpeas.sh: {ex.Message}");
}
}
catch (Exception ex)
else
{
Beaprint.PrintException($" Unable to run linpeas.sh: {ex.Message}");
Beaprint.ColorPrint(" [!] Check skipped, if you want to run it, please specify '-linpeas=[url]' argument", Beaprint.YELLOW);
}
}
else
@ -985,6 +1004,13 @@ namespace winPEAS.Checks
Beaprint.MainPrint("Looking for LOL Binaries and Scripts (can be slow)");
Beaprint.LinkPrint("https://lolbas-project.github.io/");
if (!Checks.IsLolbas)
{
Beaprint.ColorPrint(" [!] Check skipped, if you want to run it, please specify '-lolbas' argument", Beaprint.YELLOW);
return;
}
var systemDrive = $"{Environment.GetEnvironmentVariable("SystemDrive")}\\";
string rootUsersSearchPath = $"{systemDrive}\\users";

View File

@ -74,7 +74,6 @@ namespace winPEAS.Helpers
Console.WriteLine();
Console.WriteLine(LYELLOW + "ADVISORY: " + BLUE + Advisory);
Console.WriteLine();
Thread.Sleep(700);
}
public static void PrintInit()
@ -84,7 +83,7 @@ namespace winPEAS.Helpers
PrintBanner();
}
Console.WriteLine(YELLOW + " WinPEAS " + GREEN + Version + NOCOLOR + YELLOW + " by carlospolop, makikvues(makikvues2[at]gmail[dot]com)" + NOCOLOR);
Console.WriteLine(YELLOW + " WinPEAS " + GREEN + Version + NOCOLOR + YELLOW + " by @carlospolopm, makikvues(makikvues2[at]gmail[dot]com)" + NOCOLOR);
Console.WriteLine();
PrintLegend();
@ -121,8 +120,13 @@ namespace winPEAS.Helpers
Console.WriteLine(LBLUE + " wait" + GRAY + " Wait for user input between checks" + NOCOLOR);
Console.WriteLine(LBLUE + " debug" + GRAY + " Display debugging information - memory usage, method execution time" + NOCOLOR);
Console.WriteLine(LBLUE + " log" + GRAY +$" Log all output to file \"{Checks.Checks.LogFile}\"" + NOCOLOR);
Console.WriteLine(LBLUE + " linpeasUrl=<url>" + GRAY + $" Provide linpeas.sh URL for WSL checks (default: {Checks.Checks.LinpeasUrl})" + NOCOLOR);
Console.WriteLine(YELLOW + " [+] " + LYELLOW + "By default all checks (except CMD checks) are executed" + NOCOLOR);
Console.WriteLine(YELLOW + " [+] " + LYELLOW + "By default all checks (except CMD checks and additional checks) are executed" + NOCOLOR);
Console.WriteLine();
Console.WriteLine(LCYAN + " Additional checks (slower):");
Console.WriteLine(LBLUE + " -lolbas" + GRAY + $" Run additional LOLBAS check" + NOCOLOR);
Console.WriteLine(LBLUE + " -linpeas=[url]" + GRAY + $" Run additional linpeas.sh check for default WSL distribution, optionally provide custom linpeas.sh URL\n" +
$" (default: {Checks.Checks.LinpeasUrl})" + NOCOLOR);
}

View File

@ -4,6 +4,7 @@ using System.Diagnostics;
using System.Diagnostics.Eventing.Reader;
using System.IO;
using System.Linq;
using System.Net;
using System.Reflection;
using System.Security.Principal;
using System.Text;
@ -171,6 +172,25 @@ namespace winPEAS.Helpers
return false;
}
internal static bool IsUrlReachable(string url)
{
try
{
HttpWebRequest request = (HttpWebRequest)WebRequest.Create(url);
request.Timeout = 5000;
request.Method = "HEAD";
using (HttpWebResponse response = (HttpWebResponse)request.GetResponse())
{
return response.StatusCode == HttpStatusCode.OK && response.ContentLength > 0;
}
}
catch (Exception)
{
return false;
}
}
// From https://stackoverflow.com/questions/206323/how-to-execute-command-line-in-c-get-std-out-results
public static string ExecCMD(string args, string alternative_binary = "")