mirror of
https://github.com/carlospolop/PEASS-ng
synced 2024-11-24 01:26:22 +01:00
Obfuscation anti AV
This commit is contained in:
carlospolop
parent
7d7e12c33d
commit
c08744708c
0
linPEAS/linpeas.sh
Executable file → Normal file
0
linPEAS/linpeas.sh
Executable file → Normal file
@ -1,21 +0,0 @@
|
||||
MIT License
|
||||
|
||||
Copyright (c) 2019 Carlos Polop
|
||||
|
||||
Permission is hereby granted, free of charge, to any person obtaining a copy
|
||||
of this software and associated documentation files (the "Software"), to deal
|
||||
in the Software without restriction, including without limitation the rights
|
||||
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
||||
copies of the Software, and to permit persons to whom the Software is
|
||||
furnished to do so, subject to the following conditions:
|
||||
|
||||
The above copyright notice and this permission notice shall be included in all
|
||||
copies or substantial portions of the Software.
|
||||
|
||||
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
||||
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
||||
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
||||
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
||||
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
||||
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
|
||||
SOFTWARE.
|
||||
@ -1,18 +1,18 @@
|
||||
# Windows Privilege Escalation Awesome Scripts
|
||||
|
||||
|
||||
|
||||
|
||||
Check the **Local Windows Privilege Escalation checklist** from **[book.hacktricks.xyz](https://book.hacktricks.xyz/windows/checklist-windows-privilege-escalation)**
|
||||
|
||||
Check more **information about how to exploit** found misconfigurations in **[book.hacktricks.xyz](https://book.hacktricks.xyz/windows/windows-local-privilege-escalation)**
|
||||
|
||||
## WinPEAS .exe and .bat
|
||||
- [Link to WinPEAS C# project (.exe)](https://github.com/carlospolop/privilege-escalation-awesome-script-suite/tree/master/winPEAS/winPEASexe)
|
||||
- [Link to WinPEAS .bat project](https://github.com/carlospolop/privilege-escalation-awesome-script-suite/tree/master/winPEAS/winPEASbat) Notice that WinPEAS.bat is a batch script made for Windows systems which don't support WinPEAS.exe (Net.4 required)
|
||||
- [Link to WinPEAS C# project (.exe)](https://github.com/carlospolop/privilege-escalation-awesome-scripts-suite/tree/master/winPEAS/winPEASexe)
|
||||
- [Link to WinPEAS .bat project](https://github.com/carlospolop/privilege-escalation-awesome-scripts-suite/tree/master/winPEAS/winPEASbat) Notice that WinPEAS.bat is a batch script made for Windows systems which don't support WinPEAS.exe (Net.4 required)
|
||||
|
||||
## Let's improve PEASS together
|
||||
|
||||
If you want to **add something** and have **any cool idea** related to this project, please let me know it in the **Telegram group https://t.me/peass** or using **[github issues](https://github.com/carlospolop/privilege-escalation-awesome-scripts-suite/issues)** and we will update the master version.
|
||||
If you want to **add something** and have **any cool idea** related to this project, please let me know it in the **telegram group https://t.me/peass** or using **[github issues](https://github.com/carlospolop/privilege-escalation-awesome-scripts-suite/issues)** and we will update the master version.
|
||||
|
||||
## Please, if this tool has been useful for you consider to donate
|
||||
|
||||
@ -24,8 +24,7 @@ Contact me and ask about the **Privilege Escalation Course** I am preparing for
|
||||
|
||||
## Advisory
|
||||
|
||||
All the scripts/binaries of the PEAS suite should be used for authorized penetration testing and/or educational purposes only. Any misuse of this software will not be the responsibility of the author or of any other collaborator. Use it at your own networks and/or with the network owner's permission.
|
||||
|
||||
All the scripts/binaries of the PEAS Suite should be used for authorized penetration testing and/or educational purposes only. Any misuse of this software will not be the responsibility of the author or of any other collaborator. Use it at your own networks and/or with the network owner's permission.
|
||||
|
||||
## License
|
||||
|
||||
|
||||
BIN
winPEAS/winPEASexe/images/dotfuscator.PNG
Normal file
BIN
winPEAS/winPEASexe/images/dotfuscator.PNG
Normal file
Binary file not shown.
|
After Width: | Height: | Size: 31 KiB |
Binary file not shown.
Binary file not shown.
@ -1,5 +0,0 @@
|
||||
<Project xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
|
||||
<ItemGroup>
|
||||
<WeaverFiles Include="$(MsBuildThisFileDirectory)..\weaver\$(MSBuildThisFileName).dll" />
|
||||
</ItemGroup>
|
||||
</Project>
|
||||
Binary file not shown.
@ -1,18 +0,0 @@
|
||||
<?xml version="1.0"?>
|
||||
<doc>
|
||||
<assembly>
|
||||
<name>Costura</name>
|
||||
</assembly>
|
||||
<members>
|
||||
<member name="T:CosturaUtility">
|
||||
<summary>
|
||||
Contains methods for interacting with the Costura system.
|
||||
</summary>
|
||||
</member>
|
||||
<member name="M:CosturaUtility.Initialize">
|
||||
<summary>
|
||||
Call this to Initialize the Costura system.
|
||||
</summary>
|
||||
</member>
|
||||
</members>
|
||||
</doc>
|
||||
Binary file not shown.
@ -1,85 +0,0 @@
|
||||
<?xml version="1.0" encoding="utf-8" ?>
|
||||
<xs:complexType xmlns:xs="http://www.w3.org/2001/XMLSchema">
|
||||
<xs:all>
|
||||
<xs:element minOccurs="0" maxOccurs="1" name="ExcludeAssemblies" type="xs:string">
|
||||
<xs:annotation>
|
||||
<xs:documentation>A list of assembly names to exclude from the default action of "embed all Copy Local references", delimited with line breaks</xs:documentation>
|
||||
</xs:annotation>
|
||||
</xs:element>
|
||||
<xs:element minOccurs="0" maxOccurs="1" name="IncludeAssemblies" type="xs:string">
|
||||
<xs:annotation>
|
||||
<xs:documentation>A list of assembly names to include from the default action of "embed all Copy Local references", delimited with line breaks.</xs:documentation>
|
||||
</xs:annotation>
|
||||
</xs:element>
|
||||
<xs:element minOccurs="0" maxOccurs="1" name="Unmanaged32Assemblies" type="xs:string">
|
||||
<xs:annotation>
|
||||
<xs:documentation>A list of unmanaged 32 bit assembly names to include, delimited with line breaks.</xs:documentation>
|
||||
</xs:annotation>
|
||||
</xs:element>
|
||||
<xs:element minOccurs="0" maxOccurs="1" name="Unmanaged64Assemblies" type="xs:string">
|
||||
<xs:annotation>
|
||||
<xs:documentation>A list of unmanaged 64 bit assembly names to include, delimited with line breaks.</xs:documentation>
|
||||
</xs:annotation>
|
||||
</xs:element>
|
||||
<xs:element minOccurs="0" maxOccurs="1" name="PreloadOrder" type="xs:string">
|
||||
<xs:annotation>
|
||||
<xs:documentation>The order of preloaded assemblies, delimited with line breaks.</xs:documentation>
|
||||
</xs:annotation>
|
||||
</xs:element>
|
||||
</xs:all>
|
||||
<xs:attribute name="CreateTemporaryAssemblies" type="xs:boolean">
|
||||
<xs:annotation>
|
||||
<xs:documentation>This will copy embedded files to disk before loading them into memory. This is helpful for some scenarios that expected an assembly to be loaded from a physical file.</xs:documentation>
|
||||
</xs:annotation>
|
||||
</xs:attribute>
|
||||
<xs:attribute name="IncludeDebugSymbols" type="xs:boolean">
|
||||
<xs:annotation>
|
||||
<xs:documentation>Controls if .pdbs for reference assemblies are also embedded.</xs:documentation>
|
||||
</xs:annotation>
|
||||
</xs:attribute>
|
||||
<xs:attribute name="DisableCompression" type="xs:boolean">
|
||||
<xs:annotation>
|
||||
<xs:documentation>Embedded assemblies are compressed by default, and uncompressed when they are loaded. You can turn compression off with this option.</xs:documentation>
|
||||
</xs:annotation>
|
||||
</xs:attribute>
|
||||
<xs:attribute name="DisableCleanup" type="xs:boolean">
|
||||
<xs:annotation>
|
||||
<xs:documentation>As part of Costura, embedded assemblies are no longer included as part of the build. This cleanup can be turned off.</xs:documentation>
|
||||
</xs:annotation>
|
||||
</xs:attribute>
|
||||
<xs:attribute name="LoadAtModuleInit" type="xs:boolean">
|
||||
<xs:annotation>
|
||||
<xs:documentation>Costura by default will load as part of the module initialization. This flag disables that behavior. Make sure you call CosturaUtility.Initialize() somewhere in your code.</xs:documentation>
|
||||
</xs:annotation>
|
||||
</xs:attribute>
|
||||
<xs:attribute name="IgnoreSatelliteAssemblies" type="xs:boolean">
|
||||
<xs:annotation>
|
||||
<xs:documentation>Costura will by default use assemblies with a name like 'resources.dll' as a satellite resource and prepend the output path. This flag disables that behavior.</xs:documentation>
|
||||
</xs:annotation>
|
||||
</xs:attribute>
|
||||
<xs:attribute name="ExcludeAssemblies" type="xs:string">
|
||||
<xs:annotation>
|
||||
<xs:documentation>A list of assembly names to exclude from the default action of "embed all Copy Local references", delimited with |</xs:documentation>
|
||||
</xs:annotation>
|
||||
</xs:attribute>
|
||||
<xs:attribute name="IncludeAssemblies" type="xs:string">
|
||||
<xs:annotation>
|
||||
<xs:documentation>A list of assembly names to include from the default action of "embed all Copy Local references", delimited with |.</xs:documentation>
|
||||
</xs:annotation>
|
||||
</xs:attribute>
|
||||
<xs:attribute name="Unmanaged32Assemblies" type="xs:string">
|
||||
<xs:annotation>
|
||||
<xs:documentation>A list of unmanaged 32 bit assembly names to include, delimited with |.</xs:documentation>
|
||||
</xs:annotation>
|
||||
</xs:attribute>
|
||||
<xs:attribute name="Unmanaged64Assemblies" type="xs:string">
|
||||
<xs:annotation>
|
||||
<xs:documentation>A list of unmanaged 64 bit assembly names to include, delimited with |.</xs:documentation>
|
||||
</xs:annotation>
|
||||
</xs:attribute>
|
||||
<xs:attribute name="PreloadOrder" type="xs:string">
|
||||
<xs:annotation>
|
||||
<xs:documentation>The order of preloaded assemblies, delimited with |.</xs:documentation>
|
||||
</xs:annotation>
|
||||
</xs:attribute>
|
||||
</xs:complexType>
|
||||
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
@ -1,110 +0,0 @@
|
||||
<Project ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
|
||||
|
||||
<PropertyGroup>
|
||||
<ProjectWeaverXml Condition="$(ProjectWeaverXml) == ''">$(ProjectDir)FodyWeavers.xml</ProjectWeaverXml>
|
||||
<FodyPath Condition="$(FodyPath) == ''">$(MSBuildThisFileDirectory)..\</FodyPath>
|
||||
<FodyAssemblyDirectory Condition="$(MSBuildRuntimeType) == 'Core'">$(FodyPath)netstandardtask</FodyAssemblyDirectory>
|
||||
<FodyAssemblyDirectory Condition="$(MSBuildRuntimeType) != 'Core'">$(FodyPath)netclassictask</FodyAssemblyDirectory>
|
||||
<FodyAssembly Condition="$(FodyAssembly) == ''">$(FodyAssemblyDirectory)\Fody.dll</FodyAssembly>
|
||||
<DefaultItemExcludes>$(DefaultItemExcludes);FodyWeavers.xsd</DefaultItemExcludes>
|
||||
<FodyGenerateXsd Condition="$(FodyGenerateXsd) == ''">true</FodyGenerateXsd>
|
||||
<MsBuildMajorVersion>15</MsBuildMajorVersion>
|
||||
<MsBuildMajorVersion Condition="'$(MSBuildVersion)' != ''">$([System.Version]::Parse($(MSBuildVersion)).Major)</MsBuildMajorVersion>
|
||||
</PropertyGroup>
|
||||
|
||||
<ItemGroup Condition="Exists($(ProjectWeaverXml))">
|
||||
<UpToDateCheckInput Include="$(ProjectWeaverXml)" />
|
||||
<CustomAdditionalCompileInputs Include="$(ProjectWeaverXml)" />
|
||||
</ItemGroup>
|
||||
|
||||
<!-- Support for NCrunch -->
|
||||
<ItemGroup Condition="'$(NCrunch)' == '1' and '$(TargetFramework)' == '' and '$(TargetFrameworks)' == ''">
|
||||
<None Include="$(FodyAssemblyDirectory)\*.*" />
|
||||
<None Include="@(WeaverFiles)" />
|
||||
</ItemGroup>
|
||||
|
||||
<UsingTask TaskName="Fody.WeavingTask" AssemblyFile="$(FodyAssembly)" />
|
||||
<UsingTask TaskName="Fody.UpdateReferenceCopyLocalTask" AssemblyFile="$(FodyAssembly)" />
|
||||
<UsingTask TaskName="Fody.VerifyTask" AssemblyFile="$(FodyAssembly)" />
|
||||
|
||||
<Target
|
||||
Name="FodyTarget"
|
||||
AfterTargets="AfterCompile"
|
||||
Condition="Exists(@(IntermediateAssembly)) And $(DesignTimeBuild) != true And $(DisableFody) != true"
|
||||
DependsOnTargets="$(FodyDependsOnTargets)"
|
||||
Inputs="@(IntermediateAssembly);$(ProjectWeaverXml)"
|
||||
Outputs="$(IntermediateOutputPath)$(MSBuildProjectFile).Fody.CopyLocal.cache">
|
||||
|
||||
<Error Condition="($(MsBuildMajorVersion) < 16)"
|
||||
Text="Fody is only supported on MSBuild 16 and above. Current version: $(MsBuildMajorVersion)." />
|
||||
<Fody.WeavingTask
|
||||
AssemblyFile="@(IntermediateAssembly)"
|
||||
IntermediateDirectory="$(ProjectDir)$(IntermediateOutputPath)"
|
||||
KeyOriginatorFile="$(KeyOriginatorFile)"
|
||||
AssemblyOriginatorKeyFile="$(AssemblyOriginatorKeyFile)"
|
||||
ProjectDirectory="$(MSBuildProjectDirectory)"
|
||||
ProjectFile="$(MSBuildProjectFullPath)"
|
||||
SolutionDirectory="$(SolutionDir)"
|
||||
References="@(ReferencePath)"
|
||||
SignAssembly="$(SignAssembly)"
|
||||
ReferenceCopyLocalFiles="@(ReferenceCopyLocalPaths)"
|
||||
DefineConstants="$(DefineConstants)"
|
||||
DebugType="$(DebugType)"
|
||||
DocumentationFile="@(DocFileItem->'%(FullPath)')"
|
||||
WeaverFiles="@(WeaverFiles)"
|
||||
NCrunchOriginalSolutionDirectory="$(NCrunchOriginalSolutionDir)"
|
||||
IntermediateCopyLocalFilesCache="$(IntermediateOutputPath)$(MSBuildProjectFile).Fody.CopyLocal.cache"
|
||||
GenerateXsd="$(FodyGenerateXsd)"
|
||||
>
|
||||
|
||||
<Output
|
||||
TaskParameter="ExecutedWeavers"
|
||||
PropertyName="FodyExecutedWeavers" />
|
||||
|
||||
</Fody.WeavingTask>
|
||||
|
||||
<ItemGroup>
|
||||
<FileWrites Include="$(IntermediateOutputPath)$(MSBuildProjectFile).Fody.CopyLocal.cache" />
|
||||
</ItemGroup>
|
||||
|
||||
</Target>
|
||||
|
||||
<Target
|
||||
Name="FodyUpdateCopyLocalFilesTarget"
|
||||
AfterTargets="FodyTarget"
|
||||
>
|
||||
|
||||
<Fody.UpdateReferenceCopyLocalTask
|
||||
ReferenceCopyLocalFiles="@(ReferenceCopyLocalPaths)"
|
||||
IntermediateCopyLocalFilesCache="$(IntermediateOutputPath)$(MSBuildProjectFile).Fody.CopyLocal.cache"
|
||||
>
|
||||
|
||||
<Output
|
||||
TaskParameter="UpdatedReferenceCopyLocalFiles"
|
||||
ItemName="FodyUpdatedReferenceCopyLocalPaths" />
|
||||
|
||||
</Fody.UpdateReferenceCopyLocalTask>
|
||||
|
||||
<ItemGroup>
|
||||
<ReferenceCopyLocalPaths Remove="@(ReferenceCopyLocalPaths)" />
|
||||
<ReferenceCopyLocalPaths Include="@(FodyUpdatedReferenceCopyLocalPaths)" />
|
||||
</ItemGroup>
|
||||
|
||||
</Target>
|
||||
|
||||
<Target
|
||||
Name="FodyVerifyTarget"
|
||||
AfterTargets="AfterBuild"
|
||||
Condition="'$(NCrunch)' != '1' And $(FodyExecutedWeavers) != '' And $(DisableFody) != true"
|
||||
DependsOnTargets="$(FodyVerifyDependsOnTargets)">
|
||||
|
||||
<Fody.VerifyTask
|
||||
ProjectDirectory="$(MSBuildProjectDirectory)"
|
||||
TargetPath="$(TargetPath)"
|
||||
SolutionDirectory="$(SolutionDir)"
|
||||
DefineConstants="$(DefineConstants)"
|
||||
NCrunchOriginalSolutionDirectory="$(NCrunchOriginalSolutionDir)"
|
||||
/>
|
||||
</Target>
|
||||
|
||||
</Project>
|
||||
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
@ -1,7 +1,5 @@
|
||||
//using Colorful; // http://colorfulconsole.com/
|
||||
using System;
|
||||
using System;
|
||||
using System.Collections.Generic;
|
||||
using System.Drawing;
|
||||
using System.Text.RegularExpressions;
|
||||
using System.Threading;
|
||||
|
||||
@ -20,10 +18,10 @@ namespace winPEAS
|
||||
static string BLUE = "\x1b[34m";
|
||||
public static string LBLUE = "\x1b[1;34m";
|
||||
static string MAGENTA = "\x1b[1:35m";
|
||||
static string LMAGENTA = "\x1b[1;35m";
|
||||
//static string LMAGENTA = "\x1b[1;35m";
|
||||
static string CYAN = "\x1b[36m";
|
||||
static string LCYAN = "\x1b[1;36m";
|
||||
static string REDYELLOW = "\x1b[31;103m";
|
||||
//static string REDYELLOW = "\x1b[31;103m";
|
||||
public static string NOCOLOR = "\x1b[0m";
|
||||
public static string ansi_color_bad = RED;
|
||||
public static string ansi_color_good = GREEN;
|
||||
@ -39,8 +37,6 @@ namespace winPEAS
|
||||
/////////////////////////////////
|
||||
public static void PrintBanner()
|
||||
{
|
||||
try
|
||||
{
|
||||
System.Console.WriteLine(BLUE + String.Format(@"
|
||||
{0}*((,.,/((((((((((((((((((((/, */
|
||||
{0},/*,..*((((((((((((((((((((((((((((((((((,
|
||||
@ -73,47 +69,30 @@ namespace winPEAS
|
||||
System.Console.WriteLine(LYELLOW + "ADVISORY: " + BLUE + Program.advisory);
|
||||
System.Console.WriteLine();
|
||||
Thread.Sleep(700);
|
||||
}
|
||||
catch (Exception ex)
|
||||
{
|
||||
GrayPrint("Error in PrintBanner: " + ex);
|
||||
}
|
||||
}
|
||||
|
||||
public static void PrintInit()
|
||||
{
|
||||
try
|
||||
{
|
||||
if (Program.banner)
|
||||
PrintBanner();
|
||||
if (Program.banner)
|
||||
PrintBanner();
|
||||
|
||||
System.Console.WriteLine(YELLOW + " WinPEAS " + GREEN + Program.version + NOCOLOR + YELLOW + " by carlospolop" + NOCOLOR);
|
||||
System.Console.WriteLine();
|
||||
PrintLeyend();
|
||||
System.Console.WriteLine();
|
||||
LinkPrint("https://book.hacktricks.xyz/windows/checklist-windows-privilege-escalation", "You can find a Windows local PE Checklist here:");
|
||||
|
||||
System.Console.WriteLine(YELLOW + " WinPEAS " + GREEN + Program.version + NOCOLOR + YELLOW + " by carlospolop" + NOCOLOR);
|
||||
System.Console.WriteLine();
|
||||
PrintLeyend();
|
||||
System.Console.WriteLine();
|
||||
LinkPrint("https://book.hacktricks.xyz/windows/checklist-windows-privilege-escalation", "You can find a Windows local PE Checklist here:");
|
||||
}
|
||||
catch(Exception ex)
|
||||
{
|
||||
GrayPrint("Error in PrintInit: " + ex);
|
||||
}
|
||||
}
|
||||
|
||||
static void PrintLeyend()
|
||||
{
|
||||
try
|
||||
{
|
||||
System.Console.WriteLine(YELLOW + " [+] " + GREEN + "Leyend:" + NOCOLOR);
|
||||
System.Console.WriteLine(RED + " Red" + GRAY + " Indicates a special privilege over an object or something is misconfigured" + NOCOLOR);
|
||||
System.Console.WriteLine(GREEN + " Green" + GRAY + " Indicates that some protection is enabled or something is well configured" + NOCOLOR);
|
||||
System.Console.WriteLine(CYAN + " Cyan" + GRAY + " Indicates active users" + NOCOLOR);
|
||||
System.Console.WriteLine(BLUE + " Blue" + GRAY + " Indicates disabled users" + NOCOLOR);
|
||||
System.Console.WriteLine(LYELLOW + " LightYellow" + GRAY + " Indicates links" + NOCOLOR);
|
||||
}
|
||||
catch(Exception ex)
|
||||
{
|
||||
GrayPrint("Error in PrintLeyend: " + ex);
|
||||
}
|
||||
System.Console.WriteLine(YELLOW + " [+] " + GREEN + "Leyend:" + NOCOLOR);
|
||||
System.Console.WriteLine(RED + " Red" + GRAY + " Indicates a special privilege over an object or something is misconfigured" + NOCOLOR);
|
||||
System.Console.WriteLine(GREEN + " Green" + GRAY + " Indicates that some protection is enabled or something is well configured" + NOCOLOR);
|
||||
System.Console.WriteLine(CYAN + " Cyan" + GRAY + " Indicates active users" + NOCOLOR);
|
||||
System.Console.WriteLine(BLUE + " Blue" + GRAY + " Indicates disabled users" + NOCOLOR);
|
||||
System.Console.WriteLine(LYELLOW + " LightYellow" + GRAY + " Indicates links" + NOCOLOR);
|
||||
|
||||
}
|
||||
|
||||
public static void PrintUsage()
|
||||
@ -142,54 +121,27 @@ namespace winPEAS
|
||||
/////////////////////////////////
|
||||
public static void GreatPrint(string toPrint)
|
||||
{
|
||||
try
|
||||
{
|
||||
System.Console.WriteLine();
|
||||
System.Console.WriteLine();
|
||||
int halfTotal = 60;
|
||||
System.Console.WriteLine(LCYAN + " " + new String('=', halfTotal - toPrint.Length) + "(" + NOCOLOR + YELLOW + toPrint + LCYAN + ")" + new String('=', halfTotal - toPrint.Length) + NOCOLOR);
|
||||
}
|
||||
catch (Exception ex)
|
||||
{
|
||||
GrayPrint(String.Format("{0}", ex));
|
||||
}
|
||||
|
||||
System.Console.WriteLine();
|
||||
System.Console.WriteLine();
|
||||
int halfTotal = 60;
|
||||
System.Console.WriteLine(LCYAN + " " + new String('=', halfTotal - toPrint.Length) + "(" + NOCOLOR + YELLOW + toPrint + LCYAN + ")" + new String('=', halfTotal - toPrint.Length) + NOCOLOR);
|
||||
}
|
||||
|
||||
public static void MainPrint(string toPrint, string attackid)
|
||||
{
|
||||
try
|
||||
{
|
||||
System.Console.WriteLine();
|
||||
System.Console.WriteLine(YELLOW + " [+] " + GREEN + toPrint + YELLOW + "(" + DGRAY + attackid + YELLOW + ")" + NOCOLOR);
|
||||
}
|
||||
catch (Exception ex)
|
||||
{
|
||||
GrayPrint(String.Format("{0}", ex));
|
||||
}
|
||||
System.Console.WriteLine();
|
||||
System.Console.WriteLine(YELLOW + " [+] " + GREEN + toPrint + YELLOW + "(" + DGRAY + attackid + YELLOW + ")" + NOCOLOR);
|
||||
}
|
||||
|
||||
public static void LinkPrint(string link, string comment = "")
|
||||
{
|
||||
try
|
||||
{
|
||||
System.Console.WriteLine(YELLOW + " [?] " + LBLUE + comment + " " + LYELLOW + link + NOCOLOR);
|
||||
}
|
||||
catch (Exception ex)
|
||||
{
|
||||
GrayPrint(String.Format("{0}", ex));
|
||||
}
|
||||
System.Console.WriteLine(YELLOW + " [?] " + LBLUE + comment + " " + LYELLOW + link + NOCOLOR);
|
||||
}
|
||||
|
||||
public static void InfoPrint(string toPrint)
|
||||
{
|
||||
try
|
||||
{
|
||||
System.Console.WriteLine(YELLOW + " [i] " + LBLUE + toPrint + NOCOLOR);
|
||||
}
|
||||
catch (Exception ex)
|
||||
{
|
||||
GrayPrint(String.Format("{0}", ex));
|
||||
}
|
||||
System.Console.WriteLine(YELLOW + " [i] " + LBLUE + toPrint + NOCOLOR);
|
||||
}
|
||||
|
||||
public static void NotFoundPrint()
|
||||
@ -247,131 +199,92 @@ namespace winPEAS
|
||||
}
|
||||
public static void DictPrint(Dictionary<string, string> dicprint, Dictionary<string, string> ansi_colors_regexp, bool delete_nulls, bool no_gray = false)
|
||||
{
|
||||
try
|
||||
foreach (KeyValuePair<string, string> entry in dicprint)
|
||||
{
|
||||
foreach (KeyValuePair<string, string> entry in dicprint)
|
||||
{
|
||||
if (delete_nulls && String.IsNullOrEmpty(entry.Value.Trim()))
|
||||
continue;
|
||||
string value = entry.Value;
|
||||
string key = entry.Key;
|
||||
string line = "";
|
||||
if (! no_gray)
|
||||
line = ansi_color_gray + " " + key + ": " + NOCOLOR + value;
|
||||
else
|
||||
line = " " + key + ": " + value;
|
||||
if (delete_nulls && String.IsNullOrEmpty(entry.Value.Trim()))
|
||||
continue;
|
||||
string value = entry.Value;
|
||||
string key = entry.Key;
|
||||
string line = "";
|
||||
if (!no_gray)
|
||||
line = ansi_color_gray + " " + key + ": " + NOCOLOR + value;
|
||||
else
|
||||
line = " " + key + ": " + value;
|
||||
|
||||
foreach (KeyValuePair<string, string> color in ansi_colors_regexp)
|
||||
line = Regexansi(line, color.Value, color.Key);
|
||||
|
||||
System.Console.WriteLine(line);
|
||||
}
|
||||
}
|
||||
catch (Exception ex)
|
||||
{
|
||||
GrayPrint(String.Format("{0}", ex));
|
||||
foreach (KeyValuePair<string, string> color in ansi_colors_regexp)
|
||||
line = Regexansi(line, color.Value, color.Key);
|
||||
|
||||
System.Console.WriteLine(line);
|
||||
}
|
||||
|
||||
}
|
||||
public static void DictPrint(Dictionary<string, string> dicprint, bool delete_nulls)
|
||||
{
|
||||
try
|
||||
if (dicprint.Count > 0)
|
||||
{
|
||||
if (dicprint.Count > 0)
|
||||
foreach (KeyValuePair<string, string> entry in dicprint)
|
||||
{
|
||||
foreach (KeyValuePair<string, string> entry in dicprint)
|
||||
{
|
||||
if (delete_nulls && String.IsNullOrEmpty(entry.Value))
|
||||
continue;
|
||||
System.Console.WriteLine(ansi_color_gray + " " + entry.Key + ": " + NOCOLOR + entry.Value);
|
||||
}
|
||||
if (delete_nulls && String.IsNullOrEmpty(entry.Value))
|
||||
continue;
|
||||
System.Console.WriteLine(ansi_color_gray + " " + entry.Key + ": " + NOCOLOR + entry.Value);
|
||||
}
|
||||
else
|
||||
NotFoundPrint();
|
||||
}
|
||||
catch (Exception ex)
|
||||
{
|
||||
GrayPrint(String.Format("{0}", ex));
|
||||
}
|
||||
else
|
||||
NotFoundPrint();
|
||||
}
|
||||
|
||||
public static void DictPrint(List<Dictionary<string, string>> listdicprint, bool delete_nulls)
|
||||
{
|
||||
try
|
||||
if (listdicprint.Count > 0)
|
||||
{
|
||||
if (listdicprint.Count > 0)
|
||||
foreach (Dictionary<string, string> dicprint in listdicprint)
|
||||
{
|
||||
foreach (Dictionary<string, string> dicprint in listdicprint)
|
||||
{
|
||||
DictPrint(dicprint, delete_nulls);
|
||||
PrintLineSeparator();
|
||||
}
|
||||
DictPrint(dicprint, delete_nulls);
|
||||
PrintLineSeparator();
|
||||
}
|
||||
else
|
||||
NotFoundPrint();
|
||||
}
|
||||
catch (Exception ex)
|
||||
{
|
||||
GrayPrint(String.Format("{0}", ex));
|
||||
}
|
||||
else
|
||||
NotFoundPrint();
|
||||
}
|
||||
|
||||
public static void DictPrint(Dictionary<string, object> dicprint, bool delete_nulls)
|
||||
{
|
||||
try
|
||||
|
||||
if (dicprint != null)
|
||||
{
|
||||
if (dicprint != null)
|
||||
{
|
||||
Dictionary<string, string> results = new Dictionary<string, string>();
|
||||
foreach (KeyValuePair<string, object> entry in dicprint)
|
||||
results[entry.Key] = String.Format("{0}", entry.Value);
|
||||
DictPrint(results, delete_nulls);
|
||||
}
|
||||
else
|
||||
NotFoundPrint();
|
||||
}
|
||||
catch (Exception ex)
|
||||
{
|
||||
GrayPrint(String.Format("{0}", ex));
|
||||
Dictionary<string, string> results = new Dictionary<string, string>();
|
||||
foreach (KeyValuePair<string, object> entry in dicprint)
|
||||
results[entry.Key] = String.Format("{0}", entry.Value);
|
||||
DictPrint(results, delete_nulls);
|
||||
}
|
||||
else
|
||||
NotFoundPrint();
|
||||
|
||||
}
|
||||
|
||||
public static void DictPrint(List<Dictionary<string, string>> listdicprint, Dictionary<string, string> colors, bool delete_nulls, bool no_gray = false)
|
||||
{
|
||||
try
|
||||
if (listdicprint.Count > 0)
|
||||
{
|
||||
if (listdicprint.Count > 0)
|
||||
foreach (Dictionary<string, string> dicprint in listdicprint)
|
||||
{
|
||||
foreach (Dictionary<string, string> dicprint in listdicprint)
|
||||
{
|
||||
DictPrint(dicprint, colors, delete_nulls, no_gray);
|
||||
PrintLineSeparator();
|
||||
}
|
||||
DictPrint(dicprint, colors, delete_nulls, no_gray);
|
||||
PrintLineSeparator();
|
||||
}
|
||||
else
|
||||
NotFoundPrint();
|
||||
}
|
||||
catch (Exception ex)
|
||||
{
|
||||
GrayPrint(String.Format("{0}", ex));
|
||||
}
|
||||
else
|
||||
NotFoundPrint();
|
||||
}
|
||||
|
||||
public static void ListPrint(List<string> list_to_print)
|
||||
{
|
||||
try
|
||||
if (list_to_print.Count > 0)
|
||||
{
|
||||
if (list_to_print.Count > 0)
|
||||
{
|
||||
foreach (string elem in list_to_print)
|
||||
System.Console.WriteLine(" " + elem);
|
||||
}
|
||||
else
|
||||
NotFoundPrint();
|
||||
}
|
||||
catch (Exception ex)
|
||||
{
|
||||
GrayPrint(String.Format("{0}", ex));
|
||||
foreach (string elem in list_to_print)
|
||||
System.Console.WriteLine(" " + elem);
|
||||
}
|
||||
else
|
||||
NotFoundPrint();
|
||||
}
|
||||
|
||||
public static void ListPrint(List<string> list_to_print, Dictionary<string, string> dic_colors)
|
||||
@ -401,10 +314,10 @@ namespace winPEAS
|
||||
BLUE = "";
|
||||
LBLUE = "";
|
||||
MAGENTA = "";
|
||||
LMAGENTA = "";
|
||||
//LMAGENTA = "";
|
||||
CYAN = "";
|
||||
LCYAN = "";
|
||||
REDYELLOW = "";
|
||||
//REDYELLOW = "";
|
||||
NOCOLOR = "";
|
||||
ansi_color_bad = "";
|
||||
ansi_color_good = "";
|
||||
|
||||
@ -1,5 +1,4 @@
|
||||
using CredentialManagement;
|
||||
using Microsoft.Win32;
|
||||
using Microsoft.Win32;
|
||||
using System;
|
||||
using System.Collections.Generic;
|
||||
using System.Diagnostics;
|
||||
@ -829,11 +828,6 @@ namespace winPEAS
|
||||
return results;
|
||||
}
|
||||
|
||||
public static void GetCredsCredmanager()
|
||||
{
|
||||
var cm = new Credential { };
|
||||
cm.Load();
|
||||
}
|
||||
|
||||
public static List<Dictionary<string, string>> GetSavedRDPConnections()
|
||||
{
|
||||
@ -2007,25 +2001,7 @@ namespace winPEAS
|
||||
return false;
|
||||
}
|
||||
}
|
||||
public static IEnumerable<string> Split(string text, int partLength)
|
||||
{
|
||||
if (text == null) { Console.WriteLine("[ERROR] Split() - singleLineString"); }
|
||||
if (partLength < 1) { Console.WriteLine("[ERROR] Split() - 'columns' must be greater than 0."); }
|
||||
|
||||
var partCount = Math.Ceiling((double)text.Length / partLength);
|
||||
if (partCount < 2)
|
||||
{
|
||||
yield return text;
|
||||
}
|
||||
|
||||
for (int i = 0; i < partCount; i++)
|
||||
{
|
||||
var index = i * partLength;
|
||||
var lengthLeft = Math.Min(partLength, text.Length - index);
|
||||
var line = text.Substring(index, lengthLeft);
|
||||
yield return line;
|
||||
}
|
||||
}
|
||||
public static List<Dictionary<string, string>> ListKerberosTickets()
|
||||
{
|
||||
if (MyUtils.IsHighIntegrity())
|
||||
@ -2194,6 +2170,7 @@ namespace winPEAS
|
||||
}
|
||||
return results;
|
||||
}
|
||||
|
||||
public static List<Dictionary<string, string>> ListKerberosTicketsCurrentUser()
|
||||
{
|
||||
List<Dictionary<string, string>> results = new List<Dictionary<string, string>>();
|
||||
@ -2294,6 +2271,7 @@ namespace winPEAS
|
||||
return ListKerberosTGTDataCurrentUser();
|
||||
}
|
||||
}
|
||||
|
||||
public static List<Dictionary<string, string>> ListKerberosTGTDataAllUsers()
|
||||
{
|
||||
List<Dictionary<string, string>> results = new List<Dictionary<string, string>>();
|
||||
|
||||
@ -9,7 +9,6 @@ using System.Text.RegularExpressions;
|
||||
using System.Reflection;
|
||||
using System.Security.AccessControl;
|
||||
using System.Runtime.InteropServices;
|
||||
//using Colorful;
|
||||
using System.Threading;
|
||||
|
||||
namespace winPEAS
|
||||
@ -623,22 +622,6 @@ namespace winPEAS
|
||||
//////////////////////
|
||||
//////// MISC ////////
|
||||
//////////////////////
|
||||
public static Dictionary<string, string> RemoveEmptyKeys(Dictionary<string, string> dic_in)
|
||||
{
|
||||
Dictionary<string, string> results = new Dictionary<string, string>();
|
||||
try
|
||||
{
|
||||
foreach (KeyValuePair<string, string> entry in dic_in)
|
||||
if (!String.IsNullOrEmpty(entry.Value.Trim()))
|
||||
results[entry.Key] = entry.Value;
|
||||
return results;
|
||||
}
|
||||
catch (Exception ex)
|
||||
{
|
||||
Beaprint.GrayPrint(String.Format(" [X] Exception: {0}", ex.Message));
|
||||
}
|
||||
return results;
|
||||
}
|
||||
public static List<string> ListFolder(String path)
|
||||
{
|
||||
string root = @Path.GetPathRoot(Environment.SystemDirectory) + path;
|
||||
|
||||
File diff suppressed because it is too large
Load Diff
@ -1,5 +1,4 @@
|
||||
//using Colorful; // http://colorfulconsole.com/
|
||||
using System;
|
||||
using System;
|
||||
using System.Collections.Generic;
|
||||
using System.IO;
|
||||
using System.Management;
|
||||
@ -654,33 +653,31 @@ namespace winPEAS
|
||||
{
|
||||
void PrintInterestingProcesses()
|
||||
{
|
||||
/* Colors Code
|
||||
* RED:
|
||||
* ---- Write privileges in path
|
||||
* ---- Different Owner than myself
|
||||
* GREEN:
|
||||
* ---- No Write privileges in path
|
||||
* MAGENTA:
|
||||
* ---- Current username
|
||||
*/
|
||||
try
|
||||
{
|
||||
Beaprint.MainPrint("Interesting Processes -non Microsoft-", "T1010&T1057&T1007");
|
||||
Beaprint.LinkPrint("https://book.hacktricks.xyz/windows/windows-local-privilege-escalation#running-processes", "Check if any interesting proccesses for memmory dump or if you could overwrite some binary running");
|
||||
List<Dictionary<string, string>> processes_info = ProcessesInfo.GetProcessInfo();
|
||||
List<Dictionary<string, string>> processes_info = ProcessesInfo.GetProcInfo();
|
||||
foreach (Dictionary<string, string> proc_info in processes_info)
|
||||
{
|
||||
Dictionary<string, string> colorsP = new Dictionary<string, string>()
|
||||
{
|
||||
{ " "+currentUserName, Beaprint.ansi_current_user },
|
||||
{ "Permissions:.*", Beaprint.ansi_color_bad },
|
||||
{ "Possible DLL Hijacking.*", Beaprint.ansi_color_bad },
|
||||
};
|
||||
|
||||
if (ProcessesInfo.defensiveProcesses.ContainsKey(proc_info["Name"]))
|
||||
{
|
||||
proc_info["Product"] = ProcessesInfo.defensiveProcesses[proc_info["Name"]].ToString();
|
||||
if (!String.IsNullOrEmpty(ProcessesInfo.defensiveProcesses[proc_info["Name"]].ToString()))
|
||||
proc_info["Product"] = ProcessesInfo.defensiveProcesses[proc_info["Name"]].ToString();
|
||||
colorsP[proc_info["Product"]] = Beaprint.ansi_color_good;
|
||||
}
|
||||
else if (ProcessesInfo.interestingProcesses.ContainsKey(proc_info["Name"]))
|
||||
{
|
||||
proc_info["Product"] = ProcessesInfo.interestingProcesses[proc_info["Name"]].ToString();
|
||||
}
|
||||
else if (ProcessesInfo.browserProcesses.ContainsKey(proc_info["Name"]))
|
||||
{
|
||||
proc_info["Product"] = ProcessesInfo.browserProcesses[proc_info["Name"]].ToString();
|
||||
if (!String.IsNullOrEmpty(ProcessesInfo.defensiveProcesses[proc_info["Name"]].ToString()))
|
||||
proc_info["Product"] = ProcessesInfo.interestingProcesses[proc_info["Name"]].ToString();
|
||||
colorsP[proc_info["Product"]] = Beaprint.ansi_color_bad;
|
||||
}
|
||||
|
||||
List<string> file_rights = MyUtils.GetPermissionsFile(proc_info["ExecutablePath"], currentUserSIDs);
|
||||
@ -688,6 +685,8 @@ namespace winPEAS
|
||||
if (proc_info["ExecutablePath"] != null && proc_info["ExecutablePath"] != "")
|
||||
dir_rights = MyUtils.GetPermissionsFolder(Path.GetDirectoryName(proc_info["ExecutablePath"]), currentUserSIDs);
|
||||
|
||||
colorsP[proc_info["ExecutablePath"].Replace("\\", "\\\\").Replace("(", "\\(").Replace(")", "\\)").Replace("]", "\\]").Replace("[", "\\[").Replace("?", "\\?").Replace("+", "\\+") + "[^\"^']"] = (file_rights.Count > 0 || dir_rights.Count > 0) ? Beaprint.ansi_color_bad : Beaprint.ansi_color_good;
|
||||
|
||||
string formString = " {0}({1})[{2}]";
|
||||
if (proc_info["Product"] != null && proc_info["Product"].Length > 1)
|
||||
formString += ": {3}";
|
||||
@ -702,13 +701,7 @@ namespace winPEAS
|
||||
if (proc_info["CommandLine"].Length > 1)
|
||||
formString += "\n "+ Beaprint.ansi_color_gray + "Command Line: {9}";
|
||||
|
||||
Dictionary<string, string> colorsP = new Dictionary<string, string>()
|
||||
{
|
||||
{ " "+currentUserName, Beaprint.ansi_current_user },
|
||||
{ "Permissions:.*", Beaprint.ansi_color_bad },
|
||||
{ "Possible DLL Hijacking.*", Beaprint.ansi_color_bad },
|
||||
{ proc_info["ExecutablePath"].Replace("\\", "\\\\").Replace("(", "\\(").Replace(")", "\\)").Replace("]", "\\]").Replace("[", "\\[").Replace("?", "\\?").Replace("+","\\+")+"[^\"^']", (file_rights.Count > 0 || dir_rights.Count > 0) ? Beaprint.ansi_color_bad : Beaprint.ansi_color_good },
|
||||
};
|
||||
|
||||
Beaprint.AnsiPrint(String.Format(formString, proc_info["Name"], proc_info["ProcessID"], proc_info["ExecutablePath"], proc_info["Product"], proc_info["Owner"], proc_info["isDotNet"], String.Join(", ", file_rights), dir_rights.Count > 0 ? Path.GetDirectoryName(proc_info["ExecutablePath"]) : "", String.Join(", ", dir_rights), proc_info["CommandLine"]), colorsP);
|
||||
Beaprint.PrintLineSeparator();
|
||||
}
|
||||
|
||||
@ -5,11 +5,11 @@ using System.Runtime.InteropServices;
|
||||
// General Information about an assembly is controlled through the following
|
||||
// set of attributes. Change these attribute values to modify the information
|
||||
// associated with an assembly.
|
||||
[assembly: AssemblyTitle("winPEAS")]
|
||||
[assembly: AssemblyTitle("asdas2dasd")]
|
||||
[assembly: AssemblyDescription("")]
|
||||
[assembly: AssemblyConfiguration("")]
|
||||
[assembly: AssemblyCompany("")]
|
||||
[assembly: AssemblyProduct("winPEAS")]
|
||||
[assembly: AssemblyProduct("asdas2dasd")]
|
||||
[assembly: AssemblyCopyright("Copyright © 2019")]
|
||||
[assembly: AssemblyTrademark("")]
|
||||
[assembly: AssemblyCulture("")]
|
||||
@ -20,7 +20,7 @@ using System.Runtime.InteropServices;
|
||||
[assembly: ComVisible(false)]
|
||||
|
||||
// The following GUID is for the ID of the typelib if this project is exposed to COM
|
||||
[assembly: Guid("d934058e-a7db-493f-a741-ae8e3df867f4")]
|
||||
[assembly: Guid("1928358e-a64b-493f-a741-ae8e3d029374")]
|
||||
|
||||
// Version information for an assembly consists of the following four values:
|
||||
//
|
||||
|
||||
@ -9,7 +9,6 @@ using System.ServiceProcess;
|
||||
using System.Reflection;
|
||||
using System.Security.AccessControl;
|
||||
using System.Runtime.InteropServices;
|
||||
using System.Security.Principal;
|
||||
|
||||
namespace winPEAS
|
||||
{
|
||||
|
||||
@ -564,6 +564,7 @@ namespace winPEAS
|
||||
}
|
||||
return user;
|
||||
}
|
||||
|
||||
public static UserPrincipal GetUserLocal(string sUserName)
|
||||
{
|
||||
// Extract local user information
|
||||
@ -575,6 +576,7 @@ namespace winPEAS
|
||||
user = searcher.FindOne() as UserPrincipal;
|
||||
return user;
|
||||
}
|
||||
|
||||
public static UserPrincipal GetUserDomain(string sUserName, string domain)
|
||||
{
|
||||
//if not local, try to extract domain user information
|
||||
@ -979,8 +981,8 @@ namespace winPEAS
|
||||
else if (Clipboard.ContainsFileDropList())
|
||||
c = String.Format("{0}", Clipboard.GetFileDropList());
|
||||
|
||||
else if (Clipboard.ContainsImage())
|
||||
c = String.Format("{0}", Clipboard.GetImage());
|
||||
//else if (Clipboard.ContainsImage()) //No system.Drwing import
|
||||
//c = String.Format("{0}", Clipboard.GetImage());
|
||||
}
|
||||
catch (Exception ex)
|
||||
{
|
||||
|
||||
@ -1,7 +1,5 @@
|
||||
//using Colorful;
|
||||
using System;
|
||||
using System;
|
||||
using System.Collections.Generic;
|
||||
using System.Drawing;
|
||||
using System.Linq;
|
||||
using System.Management;
|
||||
|
||||
|
||||
Binary file not shown.
Binary file not shown.
Binary file not shown.
56
winPEAS/winPEASexe/winPEAS/bin/Release/Dotfuscator1.xml
Normal file
56
winPEAS/winPEASexe/winPEAS/bin/Release/Dotfuscator1.xml
Normal file
@ -0,0 +1,56 @@
|
||||
<?xml version="1.0" encoding="utf-8" standalone="no"?>
|
||||
<!--This config file was generated by Dotfuscator. Please use the Dotfuscator Config Editor to modify.-->
|
||||
<!DOCTYPE dotfuscator SYSTEM "http://www.preemptive.com/dotfuscator/dtd/dotfuscator_v2.5.dtd">
|
||||
<dotfuscator version="2.3">
|
||||
<global>
|
||||
<option>debugauto</option>
|
||||
</global>
|
||||
<input>
|
||||
<loadpaths />
|
||||
<asmlist>
|
||||
<inputassembly refid="e530c479-7674-4845-a184-2dc88a7a642f">
|
||||
<option>honoroas</option>
|
||||
<option>stripoa</option>
|
||||
<option>library</option>
|
||||
<option>transformxaml</option>
|
||||
<file dir="D:\shared\cambiado-privilege-escalation-awesome-scripts-suite-master\winPEAS\winPEASexe\winPEAS\bin\x86\Release" name="Microsoft.Win32.TaskScheduler.dll" />
|
||||
</inputassembly>
|
||||
<inputassembly refid="bf3fde19-95ca-4d0e-b46f-6136ba4e2100">
|
||||
<option>honoroas</option>
|
||||
<option>stripoa</option>
|
||||
<option>library</option>
|
||||
<option>transformxaml</option>
|
||||
<file dir="D:\shared\cambiado-privilege-escalation-awesome-scripts-suite-master\winPEAS\winPEASexe\winPEAS\bin\x86\Release" name="winPEAS.exe" />
|
||||
</inputassembly>
|
||||
</asmlist>
|
||||
</input>
|
||||
<output>
|
||||
<file dir="${configdir}\Dotfuscated" />
|
||||
</output>
|
||||
<renaming>
|
||||
<option>xmlserialization</option>
|
||||
<mapping>
|
||||
<mapoutput overwrite="false">
|
||||
<file dir="${configdir}\Dotfuscated" name="Map.xml" />
|
||||
</mapoutput>
|
||||
</mapping>
|
||||
<referencerulelist>
|
||||
<referencerule rulekey="{6655B10A-FD58-462d-8D4F-5B1316DFF0FF}" />
|
||||
<referencerule rulekey="{7D9C8B02-2383-420f-8740-A9760394C2C1}" />
|
||||
<referencerule rulekey="{229FD6F8-5BCC-427b-8F72-A7A413ECDF1A}" />
|
||||
<referencerule rulekey="{2B7E7C8C-A39A-4db8-9DFC-6AFD38509061}" />
|
||||
<referencerule rulekey="{494EA3BA-B947-44B5-BEE8-A11CC85AAF9B}" />
|
||||
<referencerule rulekey="{89769974-93E9-4e71-8D92-BE70E855ACFC}" />
|
||||
<referencerule rulekey="{4D81E604-A545-4631-8B6D-C3735F793F80}" />
|
||||
<referencerule rulekey="{62bd3899-7d53-4336-8ca2-4e5dbae187d5}" />
|
||||
</referencerulelist>
|
||||
</renaming>
|
||||
<sos mergeruntime="true">
|
||||
<option>version:v4</option>
|
||||
<option>sendanalytics</option>
|
||||
<option>dontsendtamper</option>
|
||||
</sos>
|
||||
<smartobfuscation>
|
||||
<smartobfuscationreport verbosity="all" overwrite="false" />
|
||||
</smartobfuscation>
|
||||
</dotfuscator>
|
||||
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
@ -47,3 +47,19 @@ D:\shared\privilege-escalation-awesome-scripts-suite-master\winPEAS\winPEASexe\w
|
||||
D:\shared\privilege-escalation-awesome-scripts-suite-master\winPEAS\winPEASexe\winPEAS\obj\Release\winPEAS.csproj.CopyComplete
|
||||
D:\shared\privilege-escalation-awesome-scripts-suite-master\winPEAS\winPEASexe\winPEAS\obj\Release\winPEAS.exe
|
||||
D:\shared\privilege-escalation-awesome-scripts-suite-master\winPEAS\winPEASexe\winPEAS\obj\Release\winPEAS.pdb
|
||||
D:\shared\cambiado-privilege-escalation-awesome-scripts-suite-master\winPEAS\winPEASexe\winPEAS\bin\Release\winPEAS.exe.config
|
||||
D:\shared\cambiado-privilege-escalation-awesome-scripts-suite-master\winPEAS\winPEASexe\winPEAS\bin\Release\winPEAS.exe
|
||||
D:\shared\cambiado-privilege-escalation-awesome-scripts-suite-master\winPEAS\winPEASexe\winPEAS\bin\Release\winPEAS.pdb
|
||||
D:\shared\cambiado-privilege-escalation-awesome-scripts-suite-master\winPEAS\winPEASexe\winPEAS\bin\Release\Microsoft.Win32.TaskScheduler.xml
|
||||
D:\shared\cambiado-privilege-escalation-awesome-scripts-suite-master\winPEAS\winPEASexe\winPEAS\obj\Release\winPEAS.csprojAssemblyReference.cache
|
||||
D:\shared\cambiado-privilege-escalation-awesome-scripts-suite-master\winPEAS\winPEASexe\winPEAS\obj\Release\winPEAS.csproj.CopyComplete
|
||||
D:\shared\cambiado-privilege-escalation-awesome-scripts-suite-master\winPEAS\winPEASexe\winPEAS\obj\Release\winPEAS.exe
|
||||
D:\shared\cambiado-privilege-escalation-awesome-scripts-suite-master\winPEAS\winPEASexe\winPEAS\obj\Release\winPEAS.pdb
|
||||
D:\shared\cambiado-privilege-escalation-awesome-scripts-suite-master\winPEAS\winPEASexe\winPEAS\bin\Release\Microsoft.Win32.TaskScheduler.dll
|
||||
D:\shared\cambiado-privilege-escalation-awesome-scripts-suite-master\winPEAS\winPEASexe\winPEAS\bin\Release\de\Microsoft.Win32.TaskScheduler.resources.dll
|
||||
D:\shared\cambiado-privilege-escalation-awesome-scripts-suite-master\winPEAS\winPEASexe\winPEAS\bin\Release\es\Microsoft.Win32.TaskScheduler.resources.dll
|
||||
D:\shared\cambiado-privilege-escalation-awesome-scripts-suite-master\winPEAS\winPEASexe\winPEAS\bin\Release\fr\Microsoft.Win32.TaskScheduler.resources.dll
|
||||
D:\shared\cambiado-privilege-escalation-awesome-scripts-suite-master\winPEAS\winPEASexe\winPEAS\bin\Release\it\Microsoft.Win32.TaskScheduler.resources.dll
|
||||
D:\shared\cambiado-privilege-escalation-awesome-scripts-suite-master\winPEAS\winPEASexe\winPEAS\bin\Release\pl\Microsoft.Win32.TaskScheduler.resources.dll
|
||||
D:\shared\cambiado-privilege-escalation-awesome-scripts-suite-master\winPEAS\winPEASexe\winPEAS\bin\Release\ru\Microsoft.Win32.TaskScheduler.resources.dll
|
||||
D:\shared\cambiado-privilege-escalation-awesome-scripts-suite-master\winPEAS\winPEASexe\winPEAS\bin\Release\zh-CN\Microsoft.Win32.TaskScheduler.resources.dll
|
||||
|
||||
@ -1 +0,0 @@
|
||||
D:\shared\privilege-escalation-awesome-scripts-suite-master\winPEAS\winPEASexe\packages\TaskScheduler.2.8.16\lib\net40\Microsoft.Win32.TaskScheduler.xml
|
||||
Binary file not shown.
Binary file not shown.
Binary file not shown.
@ -23,3 +23,19 @@ D:\shared\privilege-escalation-awesome-scripts-suite-master\winPEAS\winPEASexe\w
|
||||
D:\shared\privilege-escalation-awesome-scripts-suite-master\winPEAS\winPEASexe\winPEAS\obj\x64\Release\winPEAS.exe
|
||||
D:\shared\privilege-escalation-awesome-scripts-suite-master\winPEAS\winPEASexe\winPEAS\obj\x64\Release\winPEAS.pdb
|
||||
D:\shared\privilege-escalation-awesome-scripts-suite-master\winPEAS\winPEASexe\winPEAS\obj\x64\Release\winPEAS.csprojAssemblyReference.cache
|
||||
D:\shared\cambiado-privilege-escalation-awesome-scripts-suite-master\winPEAS\winPEASexe\winPEAS\bin\x64\Release\winPEAS.exe.config
|
||||
D:\shared\cambiado-privilege-escalation-awesome-scripts-suite-master\winPEAS\winPEASexe\winPEAS\bin\x64\Release\winPEAS.exe
|
||||
D:\shared\cambiado-privilege-escalation-awesome-scripts-suite-master\winPEAS\winPEASexe\winPEAS\bin\x64\Release\winPEAS.pdb
|
||||
D:\shared\cambiado-privilege-escalation-awesome-scripts-suite-master\winPEAS\winPEASexe\winPEAS\bin\x64\Release\Microsoft.Win32.TaskScheduler.xml
|
||||
D:\shared\cambiado-privilege-escalation-awesome-scripts-suite-master\winPEAS\winPEASexe\winPEAS\obj\x64\Release\winPEAS.csprojAssemblyReference.cache
|
||||
D:\shared\cambiado-privilege-escalation-awesome-scripts-suite-master\winPEAS\winPEASexe\winPEAS\obj\x64\Release\winPEAS.csproj.CopyComplete
|
||||
D:\shared\cambiado-privilege-escalation-awesome-scripts-suite-master\winPEAS\winPEASexe\winPEAS\obj\x64\Release\winPEAS.exe
|
||||
D:\shared\cambiado-privilege-escalation-awesome-scripts-suite-master\winPEAS\winPEASexe\winPEAS\obj\x64\Release\winPEAS.pdb
|
||||
D:\shared\cambiado-privilege-escalation-awesome-scripts-suite-master\winPEAS\winPEASexe\winPEAS\bin\x64\Release\Microsoft.Win32.TaskScheduler.dll
|
||||
D:\shared\cambiado-privilege-escalation-awesome-scripts-suite-master\winPEAS\winPEASexe\winPEAS\bin\x64\Release\de\Microsoft.Win32.TaskScheduler.resources.dll
|
||||
D:\shared\cambiado-privilege-escalation-awesome-scripts-suite-master\winPEAS\winPEASexe\winPEAS\bin\x64\Release\es\Microsoft.Win32.TaskScheduler.resources.dll
|
||||
D:\shared\cambiado-privilege-escalation-awesome-scripts-suite-master\winPEAS\winPEASexe\winPEAS\bin\x64\Release\fr\Microsoft.Win32.TaskScheduler.resources.dll
|
||||
D:\shared\cambiado-privilege-escalation-awesome-scripts-suite-master\winPEAS\winPEASexe\winPEAS\bin\x64\Release\it\Microsoft.Win32.TaskScheduler.resources.dll
|
||||
D:\shared\cambiado-privilege-escalation-awesome-scripts-suite-master\winPEAS\winPEASexe\winPEAS\bin\x64\Release\pl\Microsoft.Win32.TaskScheduler.resources.dll
|
||||
D:\shared\cambiado-privilege-escalation-awesome-scripts-suite-master\winPEAS\winPEASexe\winPEAS\bin\x64\Release\ru\Microsoft.Win32.TaskScheduler.resources.dll
|
||||
D:\shared\cambiado-privilege-escalation-awesome-scripts-suite-master\winPEAS\winPEASexe\winPEAS\bin\x64\Release\zh-CN\Microsoft.Win32.TaskScheduler.resources.dll
|
||||
|
||||
@ -1 +0,0 @@
|
||||
D:\shared\privilege-escalation-awesome-scripts-suite-master\winPEAS\winPEASexe\packages\TaskScheduler.2.8.16\lib\net40\Microsoft.Win32.TaskScheduler.xml
|
||||
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
@ -23,3 +23,19 @@ D:\shared\privilege-escalation-awesome-scripts-suite-master\winPEAS\winPEASexe\w
|
||||
D:\shared\privilege-escalation-awesome-scripts-suite-master\winPEAS\winPEASexe\winPEAS\obj\x86\Release\winPEAS.exe
|
||||
D:\shared\privilege-escalation-awesome-scripts-suite-master\winPEAS\winPEASexe\winPEAS\obj\x86\Release\winPEAS.pdb
|
||||
D:\shared\privilege-escalation-awesome-scripts-suite-master\winPEAS\winPEASexe\winPEAS\obj\x86\Release\winPEAS.csprojAssemblyReference.cache
|
||||
D:\shared\cambiado-privilege-escalation-awesome-scripts-suite-master\winPEAS\winPEASexe\winPEAS\bin\x86\Release\winPEAS.exe.config
|
||||
D:\shared\cambiado-privilege-escalation-awesome-scripts-suite-master\winPEAS\winPEASexe\winPEAS\bin\x86\Release\winPEAS.exe
|
||||
D:\shared\cambiado-privilege-escalation-awesome-scripts-suite-master\winPEAS\winPEASexe\winPEAS\bin\x86\Release\winPEAS.pdb
|
||||
D:\shared\cambiado-privilege-escalation-awesome-scripts-suite-master\winPEAS\winPEASexe\winPEAS\bin\x86\Release\Microsoft.Win32.TaskScheduler.xml
|
||||
D:\shared\cambiado-privilege-escalation-awesome-scripts-suite-master\winPEAS\winPEASexe\winPEAS\obj\x86\Release\winPEAS.csprojAssemblyReference.cache
|
||||
D:\shared\cambiado-privilege-escalation-awesome-scripts-suite-master\winPEAS\winPEASexe\winPEAS\obj\x86\Release\winPEAS.csproj.CopyComplete
|
||||
D:\shared\cambiado-privilege-escalation-awesome-scripts-suite-master\winPEAS\winPEASexe\winPEAS\obj\x86\Release\winPEAS.exe
|
||||
D:\shared\cambiado-privilege-escalation-awesome-scripts-suite-master\winPEAS\winPEASexe\winPEAS\obj\x86\Release\winPEAS.pdb
|
||||
D:\shared\cambiado-privilege-escalation-awesome-scripts-suite-master\winPEAS\winPEASexe\winPEAS\bin\x86\Release\Microsoft.Win32.TaskScheduler.dll
|
||||
D:\shared\cambiado-privilege-escalation-awesome-scripts-suite-master\winPEAS\winPEASexe\winPEAS\bin\x86\Release\de\Microsoft.Win32.TaskScheduler.resources.dll
|
||||
D:\shared\cambiado-privilege-escalation-awesome-scripts-suite-master\winPEAS\winPEASexe\winPEAS\bin\x86\Release\es\Microsoft.Win32.TaskScheduler.resources.dll
|
||||
D:\shared\cambiado-privilege-escalation-awesome-scripts-suite-master\winPEAS\winPEASexe\winPEAS\bin\x86\Release\fr\Microsoft.Win32.TaskScheduler.resources.dll
|
||||
D:\shared\cambiado-privilege-escalation-awesome-scripts-suite-master\winPEAS\winPEASexe\winPEAS\bin\x86\Release\it\Microsoft.Win32.TaskScheduler.resources.dll
|
||||
D:\shared\cambiado-privilege-escalation-awesome-scripts-suite-master\winPEAS\winPEASexe\winPEAS\bin\x86\Release\pl\Microsoft.Win32.TaskScheduler.resources.dll
|
||||
D:\shared\cambiado-privilege-escalation-awesome-scripts-suite-master\winPEAS\winPEASexe\winPEAS\bin\x86\Release\ru\Microsoft.Win32.TaskScheduler.resources.dll
|
||||
D:\shared\cambiado-privilege-escalation-awesome-scripts-suite-master\winPEAS\winPEASexe\winPEAS\bin\x86\Release\zh-CN\Microsoft.Win32.TaskScheduler.resources.dll
|
||||
|
||||
@ -1 +0,0 @@
|
||||
D:\shared\privilege-escalation-awesome-scripts-suite-master\winPEAS\winPEASexe\packages\TaskScheduler.2.8.16\lib\net40\Microsoft.Win32.TaskScheduler.xml
|
||||
Binary file not shown.
Binary file not shown.
Binary file not shown.
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in New Issue
Block a user