From 54fcb8a98be18f422fe2f7f62a0c72a9720f4fe8 Mon Sep 17 00:00:00 2001
From: 0x48756773 <Johnathan.drozdowski@gmail.com>
Date: Wed, 9 Oct 2024 09:23:46 -0500
Subject: [PATCH 1/2] Update winPEAS.ps1

---
 winPEAS/winPEASps1/winPEAS.ps1 | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/winPEAS/winPEASps1/winPEAS.ps1 b/winPEAS/winPEASps1/winPEAS.ps1
index 7b6951c..9b7269e 100644
--- a/winPEAS/winPEASps1/winPEAS.ps1
+++ b/winPEAS/winPEASps1/winPEAS.ps1
@@ -68,7 +68,7 @@ Function Start-ACLCheck {
       $Identity += "$env:COMPUTERNAME\$env:USERNAME"
       if ($ACLObject.Owner -like $Identity ) { Write-Host "$Identity has ownership of $Target" -ForegroundColor Red }
       # This should now work for any language. Command runs whoami group, removes the first two line of output, converts from csv to object, but adds "group name" to the first column.
-      whoami.exe /groups /fo csv | select-objet -skip 2 | ConvertFrom-Csv -Header 'group name' | Select-Object -ExpandProperty 'group name' | ForEach-Object { $Identity += $_ }
+      whoami.exe /groups /fo csv | select-object -skip 2 | ConvertFrom-Csv -Header 'group name' | Select-Object -ExpandProperty 'group name' | ForEach-Object { $Identity += $_ }
       $IdentityFound = $false
       foreach ($i in $Identity) {
         $permission = $ACLObject.Access | Where-Object { $_.IdentityReference -like $i }
@@ -1227,7 +1227,7 @@ Write-Host "Will enumerate SMB Shares and Access if any are available"
 Get-SmbShare | Get-SmbShareAccess | ForEach-Object {
   $SMBShareObject = $_
 # see line 70 for explanation of what this does
-  whoami.exe /groups /fo csv | select-objet -skip 2 | ConvertFrom-Csv -Header 'group name' | Select-Object -ExpandProperty 'group name' | ForEach-Object {
+  whoami.exe /groups /fo csv | select-object -skip 2 | ConvertFrom-Csv -Header 'group name' | Select-Object -ExpandProperty 'group name' | ForEach-Object {
     if ($SMBShareObject.AccountName -like $_ -and ($SMBShareObject.AccessRight -like "Full" -or "Change") -and $SMBShareObject.AccessControlType -like "Allow" ) {
       Write-Host -ForegroundColor red "$($SMBShareObject.AccountName) has $($SMBShareObject.AccessRight) to $($SMBShareObject.Name)"
     }

From 85ab89511e769364572da0018320c9a9e95baf41 Mon Sep 17 00:00:00 2001
From: SirBroccoli <carlospolop@gmail.com>
Date: Fri, 11 Oct 2024 02:56:41 +0200
Subject: [PATCH 2/2] Update sensitive_files.yaml

---
 build_lists/sensitive_files.yaml | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/build_lists/sensitive_files.yaml b/build_lists/sensitive_files.yaml
index 0629541..42fe1f5 100644
--- a/build_lists/sensitive_files.yaml
+++ b/build_lists/sensitive_files.yaml
@@ -1428,6 +1428,16 @@ search:
                 type: d
                 search_in: 
                   - common
+
+          - name: "Google Password Sync"
+            value: 
+                files:
+                  - name: "*.xml"
+                    value:
+                        bad_regex: "baseDN.*|authorizeUsername.*"
+                type: d
+                search_in: 
+                  - common
           
   
   - name: Road Recon