HackTricks News Bot
2e5bae66ea
Add linpeas privilege escalation checks from: HTB: Dump — Zip argument injection to RCE and tcpdump sudo misconfig to root
2025-11-04 12:57:12 +00:00
SirBroccoli
d75525ebbc
Merge pull request #512 from moscowchill/pr-bat-fix
...
Fix winPEAS.bat compatibility with Windows 11 and modern Windows 10
2025-10-28 01:51:48 +01:00
moscow chill
29d8132d93
Fix winPEAS.bat compatibility with Windows 11 and modern Windows 10
...
WMIC has been deprecated since Windows 10 20H1 and removed in Windows 11.
The script was exiting early when WMIC commands failed instead of continuing.
Changes:
- Add proper WMIC existence checks using 'where wmic' before execution
- Implement PowerShell fallbacks for all WMIC commands
- Fix hotfix enumeration (Get-HotFix)
- Fix antivirus detection (Get-CimInstance)
- Fix mounted disk enumeration (Get-PSDrive)
- Fix running process checks (Get-Process)
- Fix service binary permission checks (Get-CimInstance Win32_Service)
- Add error suppression (2>nul) to conditional WMIC exploit checks
The script now properly detects WMIC availability and falls back to
PowerShell equivalents, ensuring full functionality on modern Windows
systems while maintaining backward compatibility with older systems.
🤖 Generated with [Claude Code](https://claude.com/claude-code )
Co-Authored-By: Claude <noreply@anthropic.com >
2025-10-27 16:10:42 +01:00
carlospolop
c16c5de36f
f
2025-10-18 00:59:40 +02:00
SirBroccoli
be3fe91da4
Merge pull request #507 from CravateRouge/master
...
Add ADCS ESC DC registry checks
2025-10-07 10:50:43 +02:00
CravateRouge
b8b4a0fc14
Fix InterfaceFlags syntax
2025-10-07 11:14:45 +08:00
CravateRouge
7042a182df
Add ADCS ESC DC registry checks
2025-10-06 17:18:44 +02:00
SirBroccoli
c83eef9cd8
Merge pull request #502 from peass-ng/update_PEASS-linpeas-HTB_Planning__Grafana_CVE-2024-9264__20250913_182726
...
[LINPEAS] Add privilege escalation check: HTB Planning Grafana CVE-2024-9264 to Co...
2025-10-04 10:38:22 +02:00
SirBroccoli
e15a1f2e12
Update 16_Crontab_UI_misconfig.sh
2025-10-04 10:38:02 +02:00
SirBroccoli
24e9c54290
Merge pull request #505 from jtothef/patch-1
...
Update README.md
2025-10-04 10:36:24 +02:00
SirBroccoli
bdb5c61dad
Merge pull request #504 from peass-ng/update_PEASS-linpeas-Forgotten_20250917_063428
...
[LINPEAS] Add privilege escalation check: Forgotten
2025-10-04 10:36:09 +02:00
SirBroccoli
ee83c23a74
Update 16_Crontab_UI_misconfig.sh
2025-10-04 10:34:04 +02:00
SirBroccoli
7b36014699
Merge pull request #499 from peass-ng/update_PEASS-linpeas-HTB_Environment__Laravel_env_overrid_20250907_013120
...
[LINPEAS] Add privilege escalation check: HTB Environment Laravel env override (CV...
2025-10-04 10:29:32 +02:00
SirBroccoli
6fe8304783
Merge pull request #506 from tropkal/tropkal-patch-1
...
Update the regex for the sudo version
2025-10-04 10:29:01 +02:00
tropkal
262feb9896
Updated the sudo regex to catch 2 more CVE's.
2025-10-04 08:43:00 +02:00
tropkal
40cf08af85
Update sudovB.sh
...
Modified the regex that checks for vulnerable sudo versions to include sudo version 1.9.17 (not including 1.9.17p1), which is vulnerable to CVE-2025-32463 (https://www.exploit-db.com/exploits/52352 ).
2025-10-04 09:08:37 +03:00
jtothef
7c9f431649
Update README.md
...
Fix typo
2025-09-23 12:49:05 -05:00
HackTricks News Bot
31bdb339d7
Add linpeas privilege escalation checks from: Forgotten
2025-09-17 06:48:40 +00:00
HackTricks News Bot
bdcebadde0
Add linpeas privilege escalation checks from: HTB Planning: Grafana CVE-2024-9264 to Container Root, Env-Creds Pivot, Crontab
2025-09-13 18:33:45 +00:00
HackTricks News Bot
4b3f4aa19e
Add linpeas privilege escalation checks from: HTB Environment: Laravel env override (CVE‑2024‑52301) → LFM upload RCE (CVE‑202
2025-09-07 01:38:03 +00:00
carlospolop
7c7884fb72
f tf
2025-09-05 01:04:53 +02:00
carlospolop
35300e499b
tf
2025-09-05 01:04:18 +02:00
carlospolop
147de0fc88
f
2025-09-03 14:19:59 +02:00
carlospolop
afaf596342
f
2025-09-03 13:39:15 +02:00
SirBroccoli
215c5d074e
Merge pull request #456 from peass-ng/dependabot/nuget/winPEAS/winPEASexe/Tests/System.Text.RegularExpressions-4.3.1
...
Bump System.Text.RegularExpressions from 4.3.0 to 4.3.1 in /winPEAS/winPEASexe/Tests
2025-09-03 13:36:40 +02:00
SirBroccoli
ca383a4548
Merge pull request #496 from peass-ng/update_PEASS-linpeas-Case_study__Backup_leak___CI_abuse___20250827_193408
...
[LINPEAS] Add privilege escalation check: Case study Backup leak → CI abuse → inte...
2025-09-03 13:36:13 +02:00
SirBroccoli
46264bf239
Merge pull request #497 from peass-ng/update_PEASS-winpeas-HTB_Sendai__From_password_spray_to_g_20250828_184040
...
[WINPEAS] Add privilege escalation check: HTB Sendai From password spray to gMSA d...
2025-09-03 13:31:10 +02:00
SirBroccoli
642c33304f
Merge pull request #494 from peass-ng/update_PEASS-winpeas-HTB__TheFrizz__High-level__redacted__20250827_190719
...
[WINPEAS] Add privilege escalation check: HTB TheFrizz (High-level, redacted for s...
2025-09-03 13:27:06 +02:00
HackTricks News Bot
54d861ab04
Add winpeas privilege escalation checks from: HTB Sendai: From password spray to gMSA dump, then ADCS ESC4 or SQL+Silver Ticke
2025-08-28 18:51:59 +00:00
HackTricks News Bot
bbb932d6d3
feat(winpeas): add ActiveDirectoryInfo check (gMSA readable passwords, AD CS template rights) and include in project
2025-08-28 18:50:51 +00:00
HackTricks News Bot
626ea2d298
docs(usage): add activedirectoryinfo option to usage output
2025-08-28 18:50:22 +00:00
HackTricks News Bot
ed01b32a95
Add linpeas privilege escalation checks from: Case study: Backup leak → CI abuse → internal trust misconfigurations → escalati
2025-08-27 19:45:02 +00:00
HackTricks News Bot
c314cfd23d
Add winpeas privilege escalation checks from: HTB: TheFrizz (High-level, redacted for safety)
2025-08-27 19:14:43 +00:00
SirBroccoli
cc5ab76991
Merge pull request #486 from soobinrho/fix-typo-on-color-explanations
...
docs: fix typo (conten -> content)
2025-08-27 12:12:28 +02:00
carlospolop
36001d644e
Merge branch 'master' of github.com:peass-ng/PEASS-ng
2025-08-25 11:18:18 +02:00
carlospolop
fdd414f4aa
new workflow
2025-08-25 11:18:16 +02:00
Soobin Rho
c3e50dbdbf
docs: fix typo (conten -> content)
2025-08-08 17:56:41 -05:00
SirBroccoli
41128808a6
Merge pull request #483 from securitytime/patch-1
...
Update Beaprint.cs
2025-07-01 16:23:13 +02:00
carlospolop
6fd96f4bdb
f
2025-07-01 12:12:01 +02:00
carlospolop
a745f00dd7
fix
2025-07-01 11:10:21 +02:00
securitytime
933e12d7f1
Update Beaprint.cs
...
A space character is missing here:
"... educational purposes only.Any misuse of this software ..."
2025-06-28 09:12:40 +02:00
SirBroccoli
4061cef7e8
Merge pull request #476 from peass-ng/codex/fix-url-reference-in-linpeasbuilder.py
...
Fix url variable reference in linpeasBuilder
2025-06-25 01:59:43 +02:00
SirBroccoli
b66ced3c63
Merge pull request #475 from peass-ng/codex/find-and-fix-a-bug
...
Fix parser global state reuse
2025-06-25 01:59:03 +02:00
SirBroccoli
cde725dacc
Merge pull request #477 from peass-ng/codex/update-docstring-and-fix-typo
...
Fix docstring and comment in linpeasBuilder
2025-06-25 01:57:58 +02:00
SirBroccoli
f0f829890c
Merge pull request #479 from peass-ng/codex/replace--parth--with--path--in-argparse
...
Fix typo in linpeas builder arg help
2025-06-25 01:57:11 +02:00
SirBroccoli
99c36b8562
Merge pull request #480 from Signum21/master
...
Fixed multiple bugs in Vulnerable Leaked Handlers
2025-06-25 01:56:58 +02:00
SirBroccoli
a74c6c820f
Merge pull request #482 from Aarav-Juneja/builder-exclude-fix
...
Fix exclude modules on linPEASS
2025-06-25 01:55:48 +02:00
SirBroccoli
53fd4d8dc8
Merge pull request #481 from ertaku12/master
...
Added a privilege escalation vulnerability for MySQL 4.x/5.x versions.
2025-06-25 01:55:25 +02:00
Aarav Juneja
9b37fd4ef4
Fix exclude modules on linPEASS
2025-06-24 13:05:10 -07:00
John Doe
f27b1d4816
Added a privilege escalation vulnerability for MySQL 4.x/5.x versions.
2025-06-23 22:37:44 +03:00
