1
mirror of https://github.com/carlospolop/PEASS-ng synced 2025-02-21 10:30:58 +01:00

fastest winpeas.exe

This commit is contained in:
carlospolop 2019-11-07 14:36:47 -05:00
parent 54150c4224
commit fb1f7d85b5
37 changed files with 7734 additions and 118 deletions
winPEAS/winPEASexe/winPEAS
Beaprint.csMyUtils.csProgram.csUserInfo.cs
bin
obj

@ -88,7 +88,7 @@ namespace winPEAS
if (Program.using_ansi)
{
System.Console.WriteLine(YELLOW + " " + NOCOLOR + "WinPEAS " + GREEN + Program.version + NOCOLOR + YELLOW + " by carlospolop" + NOCOLOR );
System.Console.WriteLine(YELLOW + " " + NOCOLOR + "WinPEAS " + GREEN + Program.version + NOCOLOR + YELLOW + " by carlospolop" + NOCOLOR);
}
else
{
@ -181,7 +181,7 @@ namespace winPEAS
System.Console.WriteLine();
int halfTotal = 60;
if (Program.using_ansi)
System.Console.WriteLine(LCYAN + " " + new String('=', halfTotal - toPrint.Length) + "(" +NOCOLOR + YELLOW + toPrint + LCYAN + ")" + new String('=', halfTotal - toPrint.Length) + NOCOLOR);
System.Console.WriteLine(LCYAN + " " + new String('=', halfTotal - toPrint.Length) + "(" + NOCOLOR + YELLOW + toPrint + LCYAN + ")" + new String('=', halfTotal - toPrint.Length) + NOCOLOR);
else
{
StyleSheet styleSheet = new StyleSheet(Color.White);
@ -192,7 +192,7 @@ namespace winPEAS
}
catch (Exception ex)
{
System.Console.WriteLine(ex);
GrayPrint(String.Format("{0}", ex));
}
}
@ -216,7 +216,7 @@ namespace winPEAS
}
catch (Exception ex)
{
System.Console.WriteLine(ex);
GrayPrint(String.Format("{0}", ex));
}
}
@ -239,7 +239,7 @@ namespace winPEAS
}
catch (Exception ex)
{
System.Console.WriteLine(ex);
GrayPrint(String.Format("{0}", ex));
}
}
@ -261,7 +261,7 @@ namespace winPEAS
}
catch (Exception ex)
{
System.Console.WriteLine(ex);
GrayPrint(String.Format("{0}", ex));
}
}
@ -342,7 +342,7 @@ namespace winPEAS
}
catch (Exception ex)
{
System.Console.WriteLine(ex);
GrayPrint(String.Format("{0}", ex));
}
}
public static void DictPrint(Dictionary<string, string> dicprint, bool delete_nulls)
@ -375,7 +375,7 @@ namespace winPEAS
}
catch (Exception ex)
{
System.Console.WriteLine(ex);
GrayPrint(String.Format("{0}", ex));
}
}
@ -413,7 +413,7 @@ namespace winPEAS
}
catch (Exception ex)
{
System.Console.WriteLine(ex);
GrayPrint(String.Format("{0}", ex));
}
}
@ -434,7 +434,7 @@ namespace winPEAS
}
catch (Exception ex)
{
System.Console.WriteLine(ex);
GrayPrint(String.Format("{0}", ex));
}
}
@ -454,7 +454,7 @@ namespace winPEAS
}
catch (Exception ex)
{
System.Console.WriteLine(ex);
GrayPrint(String.Format("{0}", ex));
}
}
@ -475,7 +475,7 @@ namespace winPEAS
}
catch (Exception ex)
{
System.Console.WriteLine(ex);
GrayPrint(String.Format("{0}", ex));
}
}
@ -496,7 +496,7 @@ namespace winPEAS
}
catch (Exception ex)
{
System.Console.WriteLine(ex);
GrayPrint(String.Format("{0}", ex));
}
}
@ -513,7 +513,7 @@ namespace winPEAS
}
catch (Exception ex)
{
System.Console.WriteLine(ex);
GrayPrint(String.Format("{0}",ex));
}
}
@ -537,7 +537,7 @@ namespace winPEAS
}
catch (Exception ex)
{
System.Console.WriteLine(ex);
GrayPrint(String.Format("{0}",ex));
}
}*/
@ -563,7 +563,7 @@ namespace winPEAS
}
catch (Exception ex)
{
System.Console.WriteLine(ex);
GrayPrint(String.Format("{0}", ex));
}
}
@ -592,7 +592,7 @@ namespace winPEAS
}
catch (Exception ex)
{
System.Console.WriteLine(ex);
GrayPrint(String.Format("{0}", ex));
}
}

@ -16,10 +16,9 @@ namespace winPEAS
{
class MyUtils
{
public static bool IsDomainJoined()
public static string IsDomainJoined()
{
// returns true if the system is likely a virtual machine
// Adapted from RobSiklos' code from https://stackoverflow.com/questions/498371/how-to-detect-if-my-application-is-running-in-a-virtual-machine/11145280#11145280
// returns Compuer Domain if the system is inside an AD (an nothing if it is not)
try
{
using (var searcher = new System.Management.ManagementObjectSearcher("Select * from Win32_ComputerSystem"))
@ -28,7 +27,7 @@ namespace winPEAS
{
foreach (var item in items)
{
return (bool)item["PartOfDomain"];
return (string)item["Domain"];
}
}
}
@ -38,7 +37,7 @@ namespace winPEAS
System.Console.WriteLine(ex);
}
//By default tru, because this way wiill check domain and local, but never should get here the code
return true;
return "";
}
public static Dictionary<string, string> RemoveEmptyKeys(Dictionary<string, string> dic_in)

@ -3,13 +3,14 @@ using System;
using System.Collections.Generic;
using System.Drawing;
using System.IO;
using System.Management;
using System.Text.RegularExpressions;
namespace winPEAS
{
class Program
{
public static string version = "vBETA VERSION";
public static string version = "vBETA VERSION, Please if you find any issue let me know in https://github.com/carlospolop/privilege-escalation-awesome-scripts-suite/issues";
public static bool banner = true;
public static bool search_fast = false;
public static int search_time = 150;
@ -47,17 +48,34 @@ namespace winPEAS
static StyleSheet onlyKeyStyleSheet = new StyleSheet(color_key);
// Create Dynamic blacklists
public static bool partofdomain = MyUtils.IsDomainJoined();
static string currentUserName = Environment.UserName;
static string currentDomainName = Environment.UserDomainName;
static List<string> currentUserGroups = UserInfo.GetUserGroups(currentUserName, currentDomainName);
public static string currentUserDomainName = Environment.UserDomainName;
public static string currentADDomainName = MyUtils.IsDomainJoined();
public static bool partofdomain = currentADDomainName == "" ? false : true;
public static bool currentUserIsLocal = currentADDomainName != currentUserDomainName;
static SelectQuery query = new SelectQuery("Win32_UserAccount");
static ManagementObjectSearcher searcher = new ManagementObjectSearcher(query);
public static ManagementObjectCollection win32_users = searcher.Get();
public static List<string> interestingUsersGroups = new List<string> { "Everyone", "Users", "Todos", currentUserName }; //Authenticated Users (Authenticated left behin to avoid repetitions)
static string paint_interestingUserGroups = String.Join("|", currentUserGroups);
static string paint_activeUsers = String.Join("|", UserInfo.GetMachineUsers(true, false, false, false, false));
static string paint_disabledUsers = String.Join("|", UserInfo.GetMachineUsers(false, true, false, false, false));
//static string paint_lockoutUsers = String.Join("|", UserInfo.GetMachineUsers(false, false, true, false, false));
static string paint_adminUsers = String.Join("|", UserInfo.GetMachineUsers(false, false, false, true, false));
static List<string> currentUserGroups = new List<string>();
static string paint_interestingUserGroups = "";
static string paint_activeUsers = "";
static string paint_disabledUsers = "";
//static string paint_lockoutUsers = "";
static string paint_adminUsers = "";
public static void CreateDynamicLists()
{
Beaprint.GrayPrint(" Creating Dynamic lists, this could take a while, please wait...");
currentUserGroups = UserInfo.GetUserGroups(currentUserName, currentUserDomainName);
paint_interestingUserGroups = String.Join("|", currentUserGroups);
paint_activeUsers = String.Join("|", UserInfo.GetMachineUsers(true, false, false, false, false));
paint_disabledUsers = String.Join("|", UserInfo.GetMachineUsers(false, true, false, false, false));
//paint_lockoutUsers = String.Join("|", UserInfo.GetMachineUsers(false, false, true, false, false));
paint_adminUsers = String.Join("|", UserInfo.GetMachineUsers(false, false, false, true, false));
interestingUsersGroups.AddRange(currentUserGroups);
paint_interestingUserGroups = String.Join("|", interestingUsersGroups);
}
@ -92,7 +110,7 @@ namespace winPEAS
}
catch (Exception ex)
{
Colorful.Console.WriteLine(ex);
Beaprint.GrayPrint(String.Format("{0}", ex));
}
}
@ -106,7 +124,7 @@ namespace winPEAS
}
catch (Exception ex)
{
Colorful.Console.WriteLine(ex);
Beaprint.GrayPrint(String.Format("{0}", ex));
}
}
@ -121,7 +139,7 @@ namespace winPEAS
}
catch (Exception ex)
{
Colorful.Console.WriteLine(ex);
Beaprint.GrayPrint(String.Format("{0}", ex));
}
}
@ -136,7 +154,7 @@ namespace winPEAS
}
catch (Exception ex)
{
Colorful.Console.WriteLine(ex);
Beaprint.GrayPrint(String.Format("{0}", ex));
}
}
@ -164,7 +182,7 @@ namespace winPEAS
}
catch (Exception ex)
{
Colorful.Console.WriteLine(ex);
Beaprint.GrayPrint(String.Format("{0}", ex));
}
}
@ -192,7 +210,7 @@ namespace winPEAS
}
catch (Exception ex)
{
Colorful.Console.WriteLine(ex);
Beaprint.GrayPrint(String.Format("{0}", ex));
}
}
@ -220,7 +238,7 @@ namespace winPEAS
}
catch (Exception ex)
{
Colorful.Console.WriteLine(ex);
Beaprint.GrayPrint(String.Format("{0}", ex));
}
}
@ -238,7 +256,7 @@ namespace winPEAS
}
catch (Exception ex)
{
Colorful.Console.WriteLine(ex);
Beaprint.GrayPrint(String.Format("{0}", ex));
}
}
@ -290,7 +308,7 @@ namespace winPEAS
}
catch (Exception ex)
{
Colorful.Console.WriteLine(ex);
Beaprint.GrayPrint(String.Format("{0}", ex));
}
}
@ -309,7 +327,7 @@ namespace winPEAS
}
catch (Exception ex)
{
Colorful.Console.WriteLine(ex);
Beaprint.GrayPrint(String.Format("{0}", ex));
}
}
@ -353,7 +371,7 @@ namespace winPEAS
}
catch (Exception ex)
{
Colorful.Console.WriteLine(ex);
Beaprint.GrayPrint(String.Format("{0}", ex));
}
}
@ -399,36 +417,29 @@ namespace winPEAS
styleSheetUsers.AddStyle(paint_activeUsers, Color.Cyan);
if (paint_disabledUsers.Length > 1) styleSheetUsers.AddStyle(paint_disabledUsers + "|Disabled", Color.MediumPurple);
//if (paint_lockoutUsers.Length > 1) styleSheetUsers.AddStyle(paint_lockoutUsers + "|Lockout", Color.Blue);
styleSheetUsers.AddStyle(currentUserName, Color.Magenta);
styleSheetUsers.AddStyle(currentDomainName, Color.Magenta);
styleSheetUsers.AddStyle(paint_adminUsers, color_bad);
styleSheetUsers.AddStyle(badgroups, color_bad);
styleSheetUsers.AddStyle(badpasswd, color_bad);
styleSheetUsers.AddStyle(badPrivileges, color_bad);
styleSheetUsers.AddStyle("DefaultPassword.*", color_bad);
styleSheetUsers.AddStyle(currentUserName + "|" + currentUserDomainName, Color.Magenta);
styleSheetUsers.AddStyle(paint_adminUsers + "|" + badgroups + "|" + badgroups + "|" + badpasswd + "|" + badPrivileges + "|" + "DefaultPassword.*", color_bad);
styleSheetUsers.AddStyle(@"\|->Groups:|\|->Password:|Current user:", color_key);
}
catch (Exception ex)
{
Colorful.Console.WriteLine(ex);
Beaprint.GrayPrint(String.Format("{0}", ex));
}
return styleSheetUsers;
}
Dictionary<string, string> colorsU()
{
return new Dictionary<string, string>()
Dictionary<string, string> usersColors = new Dictionary<string, string>()
{
{ paint_activeUsers, ansi_users_active },
{ paint_disabledUsers, ansi_users_disabled },
{ currentUserName, ansi_current_user },
{ currentDomainName, ansi_current_user },
{ paint_adminUsers, ansi_color_bad },
{ badgroups, ansi_color_bad },
{ badpasswd, ansi_color_bad },
{ badPrivileges, ansi_color_bad },
{ "DefaultPassword.*", ansi_color_bad },
{ currentUserName + "|"+ currentUserDomainName, ansi_current_user },
{ paint_adminUsers+"|"+ badgroups + "|" + badgroups + "|" + badpasswd + "|" + badPrivileges + "|" + "DefaultPassword.*", ansi_color_bad },
};
if (paint_disabledUsers.Length > 1)
usersColors[paint_disabledUsers] = ansi_users_disabled;
return usersColors;
}
void PrintCU()
@ -451,7 +462,7 @@ namespace winPEAS
}
catch (Exception ex)
{
Colorful.Console.WriteLine(ex);
Beaprint.GrayPrint(String.Format("{0}", ex));
}
}
@ -469,7 +480,7 @@ namespace winPEAS
}
catch (Exception ex)
{
Colorful.Console.WriteLine(ex);
Beaprint.GrayPrint(String.Format("{0}", ex));
}
}
@ -495,7 +506,7 @@ namespace winPEAS
}
catch (Exception ex)
{
Colorful.Console.WriteLine(ex);
Beaprint.GrayPrint(String.Format("{0}", ex));
}
}
@ -512,7 +523,7 @@ namespace winPEAS
}
catch (Exception ex)
{
Colorful.Console.WriteLine(ex);
Beaprint.GrayPrint(String.Format("{0}", ex));
}
}
@ -544,7 +555,7 @@ namespace winPEAS
}
catch (Exception ex)
{
Colorful.Console.WriteLine(ex);
Beaprint.GrayPrint(String.Format("{0}", ex));
}
}
@ -561,7 +572,7 @@ namespace winPEAS
}
catch (Exception ex)
{
Colorful.Console.WriteLine(ex);
Beaprint.GrayPrint(String.Format("{0}", ex));
}
}
@ -597,7 +608,7 @@ namespace winPEAS
}
catch (Exception ex)
{
Colorful.Console.WriteLine(ex);
Beaprint.GrayPrint(String.Format("{0}", ex));
}
}
@ -618,7 +629,7 @@ namespace winPEAS
}
catch (Exception ex)
{
Colorful.Console.WriteLine(ex);
Beaprint.GrayPrint(String.Format("{0}", ex));
}
}
@ -636,7 +647,7 @@ namespace winPEAS
}
catch (Exception ex)
{
Colorful.Console.WriteLine(ex);
Beaprint.GrayPrint(String.Format("{0}", ex));
}
}
@ -746,7 +757,7 @@ namespace winPEAS
}
catch (Exception ex)
{
Colorful.Console.WriteLine(ex);
Beaprint.GrayPrint(String.Format("{0}", ex));
}
}
@ -843,7 +854,7 @@ namespace winPEAS
}
catch (Exception ex)
{
Colorful.Console.WriteLine(ex);
Beaprint.GrayPrint(String.Format("{0}", ex));
}
}
@ -864,7 +875,7 @@ namespace winPEAS
}
catch (Exception ex)
{
Colorful.Console.WriteLine(ex);
Beaprint.GrayPrint(String.Format("{0}", ex));
}
}
@ -885,7 +896,7 @@ namespace winPEAS
}
catch (Exception ex)
{
Colorful.Console.WriteLine(ex);
Beaprint.GrayPrint(String.Format("{0}", ex));
}
}
@ -927,7 +938,7 @@ namespace winPEAS
}
catch (Exception ex)
{
Colorful.Console.WriteLine(ex);
Beaprint.GrayPrint(String.Format("{0}", ex));
}
}
@ -984,7 +995,7 @@ namespace winPEAS
}
catch
{
//Colorful.Console.WriteLine(ex);
//Beaprint.GrayPrint(String.Format("{0}",ex));
}
}
@ -1099,7 +1110,7 @@ namespace winPEAS
}
catch (Exception ex)
{
Colorful.Console.WriteLine(ex);
Beaprint.GrayPrint(String.Format("{0}", ex));
}
}
@ -1153,7 +1164,7 @@ namespace winPEAS
}
catch (Exception ex)
{
Colorful.Console.WriteLine(ex);
Beaprint.GrayPrint(String.Format("{0}", ex));
}
}
@ -1194,7 +1205,7 @@ namespace winPEAS
}
catch (Exception ex)
{
Colorful.Console.WriteLine(ex);
Beaprint.GrayPrint(String.Format("{0}", ex));
}
}
@ -1212,7 +1223,7 @@ namespace winPEAS
}
catch (Exception ex)
{
Colorful.Console.WriteLine(ex);
Beaprint.GrayPrint(String.Format("{0}", ex));
}
}
@ -1253,7 +1264,7 @@ namespace winPEAS
}
catch (Exception ex)
{
Colorful.Console.WriteLine(ex);
Beaprint.GrayPrint(String.Format("{0}", ex));
}
}
@ -1285,7 +1296,7 @@ namespace winPEAS
}
catch (Exception ex)
{
Colorful.Console.WriteLine(ex);
Beaprint.GrayPrint(String.Format("{0}", ex));
}
}
@ -1347,7 +1358,7 @@ namespace winPEAS
}
catch (Exception ex)
{
Colorful.Console.WriteLine(ex);
Beaprint.GrayPrint(String.Format("{0}", ex));
}
}
@ -1363,7 +1374,7 @@ namespace winPEAS
}
catch (Exception ex)
{
Colorful.Console.WriteLine(ex);
Beaprint.GrayPrint(String.Format("{0}", ex));
}
}
@ -1411,7 +1422,7 @@ namespace winPEAS
}
catch (Exception ex)
{
Colorful.Console.WriteLine(ex);
Beaprint.GrayPrint(String.Format("{0}", ex));
}
}
@ -1448,7 +1459,7 @@ namespace winPEAS
}
catch (Exception ex)
{
Colorful.Console.WriteLine(ex);
Beaprint.GrayPrint(String.Format("{0}", ex));
}
}
@ -1470,7 +1481,7 @@ namespace winPEAS
}
catch (Exception ex)
{
Colorful.Console.WriteLine(ex);
Beaprint.GrayPrint(String.Format("{0}", ex));
}
}
@ -1484,7 +1495,7 @@ namespace winPEAS
}
catch (Exception ex)
{
Colorful.Console.WriteLine(ex);
Beaprint.GrayPrint(String.Format("{0}", ex));
}
}
@ -1516,7 +1527,7 @@ namespace winPEAS
}
catch (Exception ex)
{
Colorful.Console.WriteLine(ex);
Beaprint.GrayPrint(String.Format("{0}", ex));
}
}
@ -1533,7 +1544,7 @@ namespace winPEAS
}
catch (Exception ex)
{
Colorful.Console.WriteLine(ex);
Beaprint.GrayPrint(String.Format("{0}", ex));
}
}
@ -1550,7 +1561,7 @@ namespace winPEAS
}
catch (Exception ex)
{
Colorful.Console.WriteLine(ex);
Beaprint.GrayPrint(String.Format("{0}", ex));
}
}
@ -1565,7 +1576,7 @@ namespace winPEAS
}
catch (Exception ex)
{
Colorful.Console.WriteLine(ex);
Beaprint.GrayPrint(String.Format("{0}", ex));
}
}
@ -1579,7 +1590,7 @@ namespace winPEAS
}
catch (Exception ex)
{
Colorful.Console.WriteLine(ex);
Beaprint.GrayPrint(String.Format("{0}", ex));
}
}
@ -1614,7 +1625,7 @@ namespace winPEAS
}
catch (Exception ex)
{
Colorful.Console.WriteLine(ex);
Beaprint.GrayPrint(String.Format("{0}", ex));
}
}
@ -1631,7 +1642,7 @@ namespace winPEAS
}
catch (Exception ex)
{
Colorful.Console.WriteLine(ex);
Beaprint.GrayPrint(String.Format("{0}", ex));
}
}
@ -1648,7 +1659,7 @@ namespace winPEAS
}
catch (Exception ex)
{
Colorful.Console.WriteLine(ex);
Beaprint.GrayPrint(String.Format("{0}", ex));
}
}
@ -1670,7 +1681,7 @@ namespace winPEAS
}
catch (Exception ex)
{
Colorful.Console.WriteLine(ex);
Beaprint.GrayPrint(String.Format("{0}", ex));
}
}
@ -1705,7 +1716,7 @@ namespace winPEAS
}
catch (Exception ex)
{
Colorful.Console.WriteLine(ex);
Beaprint.GrayPrint(String.Format("{0}", ex));
}
}
@ -1754,7 +1765,7 @@ namespace winPEAS
}
catch (Exception ex)
{
Colorful.Console.WriteLine(ex);
Beaprint.GrayPrint(String.Format("{0}", ex));
}
}
@ -1797,7 +1808,7 @@ namespace winPEAS
}
catch (Exception ex)
{
Colorful.Console.WriteLine(ex);
Beaprint.GrayPrint(String.Format("{0}", ex));
}
}
@ -1825,7 +1836,7 @@ namespace winPEAS
}
catch (Exception ex)
{
Colorful.Console.WriteLine(ex);
Beaprint.GrayPrint(String.Format("{0}", ex));
}
}
@ -1875,7 +1886,7 @@ namespace winPEAS
}
catch (Exception ex)
{
Colorful.Console.WriteLine(ex);
Beaprint.GrayPrint(String.Format("{0}", ex));
}
}
@ -1904,7 +1915,7 @@ namespace winPEAS
}
catch (Exception ex)
{
Colorful.Console.WriteLine(ex);
Beaprint.GrayPrint(String.Format("{0}", ex));
}
}
@ -1950,7 +1961,7 @@ namespace winPEAS
}
catch (Exception ex)
{
Colorful.Console.WriteLine(ex);
Beaprint.GrayPrint(String.Format("{0}", ex));
}
}
@ -1995,7 +2006,7 @@ namespace winPEAS
}
catch (Exception ex)
{
Colorful.Console.WriteLine(ex);
Beaprint.GrayPrint(String.Format("{0}", ex));
}
}
@ -2009,7 +2020,7 @@ namespace winPEAS
}
catch (Exception ex)
{
Colorful.Console.WriteLine(ex);
Beaprint.GrayPrint(String.Format("{0}", ex));
}
}
@ -2041,7 +2052,7 @@ namespace winPEAS
}
catch (Exception ex)
{
Colorful.Console.WriteLine(ex);
Beaprint.GrayPrint(String.Format("{0}", ex));
}
}
@ -2066,7 +2077,7 @@ namespace winPEAS
}
catch (Exception ex)
{
Colorful.Console.WriteLine(ex);
Beaprint.GrayPrint(String.Format("{0}", ex));
}
}
@ -2114,7 +2125,7 @@ namespace winPEAS
}
catch (Exception ex)
{
Colorful.Console.WriteLine(ex);
Beaprint.GrayPrint(String.Format("{0}", ex));
}
}
@ -2152,7 +2163,7 @@ namespace winPEAS
}
catch (Exception ex)
{
Colorful.Console.WriteLine(ex);
Beaprint.GrayPrint(String.Format("{0}", ex));
}
}
@ -2174,7 +2185,7 @@ namespace winPEAS
}
catch (Exception ex)
{
Colorful.Console.WriteLine(ex);
Beaprint.GrayPrint(String.Format("{0}", ex));
}
}
@ -2188,7 +2199,7 @@ namespace winPEAS
}
catch (Exception ex)
{
Colorful.Console.WriteLine(ex);
Beaprint.GrayPrint(String.Format("{0}", ex));
}
}
@ -2216,7 +2227,7 @@ namespace winPEAS
}
catch (Exception ex)
{
Colorful.Console.WriteLine(ex);
Beaprint.GrayPrint(String.Format("{0}", ex));
}
}
@ -2241,8 +2252,7 @@ namespace winPEAS
static void Main(string[] args)
{
//AppDomain.CurrentDomain.AssemblyResolve += (sender, arg) => { if (arg.Name.StartsWith("Colorful.Console")) return Assembly.Load(Properties.Resources.String1); return null; };
interestingUsersGroups.AddRange(currentUserGroups);
paint_interestingUserGroups = String.Join("|", interestingUsersGroups);
CreateDynamicLists();
//Check parameters
bool check_all = true;

@ -283,9 +283,7 @@ namespace winPEAS
List<string> retList = new List<string>();
try
{
SelectQuery query = new SelectQuery("Win32_UserAccount");
ManagementObjectSearcher searcher = new ManagementObjectSearcher(query);
foreach (ManagementObject user in searcher.Get())
foreach (ManagementObject user in Program.win32_users)
{
if (onlyActive && !(bool)user["Disabled"] && !(bool)user["Lockout"]) retList.Add((string)user["Name"]);
else if (onlyDisabled && (bool)user["Disabled"] && !(bool)user["Lockout"]) retList.Add((string)user["Name"]);
@ -317,12 +315,21 @@ namespace winPEAS
return retList;
}
public static bool IsLocaluser(string UserName, string domain)
{
return Program.currentADDomainName != Program.currentUserDomainName && domain != Program.currentUserDomainName;
}
// https://stackoverflow.com/questions/3679579/check-for-groups-a-local-user-is-a-member-of/3681442#3681442
public static List<string> GetUserGroups(string sUserName, string domain)
{
List<string> myItems = new List<string>();
try
{
if (Program.currentUserIsLocal && domain != Program.currentUserDomainName)
return myItems; //If local user and other domain, do not look
UserPrincipal oUserPrincipal = GetUser(sUserName, domain);
if (oUserPrincipal != null)
{
@ -347,13 +354,13 @@ namespace winPEAS
UserPrincipal user = null;
try
{
if (Program.partofdomain) //Check if partof domain
if (Program.partofdomain && !Program.currentUserIsLocal) //Check if part of domain and notlocal users
{
user = GetUserDomain(sUserName, domain);
if (user == null) //If part of domain but null, then user is local
user = GetUserLocal(sUserName);
}
else //If not part of a domain, thn user is local
else //If not part of a domain, then check local
user = GetUserLocal(sUserName);
}
catch

File diff suppressed because it is too large Load Diff

Binary file not shown.

@ -0,0 +1,6 @@
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<startup>
<supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.0"/>
</startup>
</configuration>

Binary file not shown.

@ -0,0 +1,9 @@
D:\shared\privilege-escalation-awesome-script-suite\winPEAS\winPEASexe\winPEAS\bin\x64\Debug\winPEAS.exe.config
D:\shared\privilege-escalation-awesome-script-suite\winPEAS\winPEASexe\winPEAS\bin\x64\Debug\winPEAS.exe
D:\shared\privilege-escalation-awesome-script-suite\winPEAS\winPEASexe\winPEAS\bin\x64\Debug\winPEAS.pdb
D:\shared\privilege-escalation-awesome-script-suite\winPEAS\winPEASexe\winPEAS\bin\x64\Debug\Microsoft.Win32.TaskScheduler.xml
D:\shared\privilege-escalation-awesome-script-suite\winPEAS\winPEASexe\winPEAS\obj\x64\Debug\winPEAS.csprojAssemblyReference.cache
D:\shared\privilege-escalation-awesome-script-suite\winPEAS\winPEASexe\winPEAS\obj\x64\Debug\winPEAS.csproj.Fody.CopyLocal.cache
D:\shared\privilege-escalation-awesome-script-suite\winPEAS\winPEASexe\winPEAS\obj\x64\Debug\winPEAS.csproj.CopyComplete
D:\shared\privilege-escalation-awesome-script-suite\winPEAS\winPEASexe\winPEAS\obj\x64\Debug\winPEAS.exe
D:\shared\privilege-escalation-awesome-script-suite\winPEAS\winPEASexe\winPEAS\obj\x64\Debug\winPEAS.pdb

@ -0,0 +1 @@
D:\shared\privilege-escalation-awesome-script-suite\winPEAS\winPEASexe\packages\TaskScheduler.2.8.16\lib\net40\Microsoft.Win32.TaskScheduler.xml

Binary file not shown.

Binary file not shown.