mirror of
https://github.com/peass-ng/PEASS-ng.git
synced 2025-12-23 15:37:38 -08:00
Compare commits
17 Commits
20240828-7
...
20240923-4
| Author | SHA1 | Date | |
|---|---|---|---|
|
faf6be53a8 | ||
|
|
83f18f891f | ||
|
|
b6ec3236d8 | ||
|
|
2ab6e7047e | ||
|
|
bf1edc9a18 | ||
|
|
8d096a4c72 | ||
|
|
d9f6e3eb46 | ||
|
|
abfb06e77c | ||
|
|
cb39091bfa | ||
|
|
7979c470a1 | ||
|
|
746ef49fc8 | ||
|
|
5fa7823e38 | ||
|
|
2e615f7bc6 | ||
|
|
5ecb01ed14 | ||
|
|
ac8a3fac97 | ||
|
|
f881a4719d | ||
|
|
b3bcfa4466 |
66
.github/workflows/CI-master_tests.yml
vendored
66
.github/workflows/CI-master_tests.yml
vendored
@@ -9,7 +9,7 @@ on:
|
||||
- '.github/**'
|
||||
|
||||
schedule:
|
||||
- cron: "5 4 * * SUN"
|
||||
- cron: "5 4 1 * *"
|
||||
|
||||
workflow_dispatch:
|
||||
|
||||
@@ -100,43 +100,43 @@ jobs:
|
||||
|
||||
# Upload all the versions for the release
|
||||
- name: Upload winpeasx64
|
||||
uses: actions/upload-artifact@v2
|
||||
uses: actions/upload-artifact@v4
|
||||
with:
|
||||
name: winPEASx64.exe
|
||||
path: winPEAS\winPEASexe\binaries\x64\Release\winPEASx64.exe
|
||||
|
||||
- name: Upload winpeasx86
|
||||
uses: actions/upload-artifact@v2
|
||||
uses: actions/upload-artifact@v4
|
||||
with:
|
||||
name: winPEASx86.exe
|
||||
path: winPEAS\winPEASexe\binaries\x86\Release\winPEASx86.exe
|
||||
|
||||
- name: Upload winpeasany
|
||||
uses: actions/upload-artifact@v2
|
||||
uses: actions/upload-artifact@v4
|
||||
with:
|
||||
name: winPEASany.exe
|
||||
path: winPEAS\winPEASexe\binaries\Release\winPEASany.exe
|
||||
|
||||
- name: Upload winpeasx64ofs
|
||||
uses: actions/upload-artifact@v2
|
||||
uses: actions/upload-artifact@v4
|
||||
with:
|
||||
name: winPEASx64_ofs.exe
|
||||
path: winPEAS\winPEASexe\binaries\Obfuscated Releases\winPEASx64_ofs.exe
|
||||
|
||||
- name: Upload winpeasx86ofs
|
||||
uses: actions/upload-artifact@v2
|
||||
uses: actions/upload-artifact@v4
|
||||
with:
|
||||
name: winPEASx86_ofs.exe
|
||||
path: winPEAS\winPEASexe\binaries\Obfuscated Releases\winPEASx86_ofs.exe
|
||||
|
||||
- name: Upload winpeasanyofs
|
||||
uses: actions/upload-artifact@v2
|
||||
uses: actions/upload-artifact@v4
|
||||
with:
|
||||
name: winPEASany_ofs.exe
|
||||
path: winPEAS\winPEASexe\binaries\Obfuscated Releases\winPEASany_ofs.exe
|
||||
|
||||
- name: Upload winpeas.bat
|
||||
uses: actions/upload-artifact@v2
|
||||
uses: actions/upload-artifact@v4
|
||||
with:
|
||||
name: winPEAS.bat
|
||||
path: winPEAS\winPEASbat\winPEAS.bat
|
||||
@@ -240,57 +240,57 @@ jobs:
|
||||
|
||||
# Upload files for release
|
||||
- name: Upload linpeas.sh
|
||||
uses: actions/upload-artifact@v2
|
||||
uses: actions/upload-artifact@v4
|
||||
with:
|
||||
name: linpeas.sh
|
||||
path: linPEAS/linpeas.sh
|
||||
|
||||
- name: Upload linpeas_fat.sh
|
||||
uses: actions/upload-artifact@v2
|
||||
uses: actions/upload-artifact@v4
|
||||
with:
|
||||
name: linpeas_fat.sh
|
||||
path: linPEAS/linpeas_fat.sh
|
||||
|
||||
- name: Upload linpeas_small.sh
|
||||
uses: actions/upload-artifact@v2
|
||||
uses: actions/upload-artifact@v4
|
||||
with:
|
||||
name: linpeas_small.sh
|
||||
path: linPEAS/linpeas_small.sh
|
||||
|
||||
## Linux bins
|
||||
- name: Upload linpeas_linux_386
|
||||
uses: actions/upload-artifact@v2
|
||||
uses: actions/upload-artifact@v4
|
||||
with:
|
||||
name: linpeas_linux_386
|
||||
path: sh2bin/builds/linpeas_linux_386
|
||||
|
||||
- name: Upload linpeas_linux_amd64
|
||||
uses: actions/upload-artifact@v2
|
||||
uses: actions/upload-artifact@v4
|
||||
with:
|
||||
name: linpeas_linux_amd64
|
||||
path: sh2bin/builds/linpeas_linux_amd64
|
||||
|
||||
- name: Upload linpeas_linux_arm
|
||||
uses: actions/upload-artifact@v2
|
||||
uses: actions/upload-artifact@v4
|
||||
with:
|
||||
name: linpeas_linux_arm
|
||||
path: sh2bin/builds/linpeas_linux_arm
|
||||
|
||||
- name: Upload linpeas_linux_arm64
|
||||
uses: actions/upload-artifact@v2
|
||||
uses: actions/upload-artifact@v4
|
||||
with:
|
||||
name: linpeas_linux_arm64
|
||||
path: sh2bin/builds/linpeas_linux_arm64
|
||||
|
||||
## Darwin bins
|
||||
- name: Upload linpeas_darwin_amd64
|
||||
uses: actions/upload-artifact@v2
|
||||
uses: actions/upload-artifact@v4
|
||||
with:
|
||||
name: linpeas_darwin_amd64
|
||||
path: sh2bin/builds/linpeas_darwin_amd64
|
||||
|
||||
- name: Upload linpeas_darwin_arm64
|
||||
uses: actions/upload-artifact@v2
|
||||
uses: actions/upload-artifact@v4
|
||||
with:
|
||||
name: linpeas_darwin_arm64
|
||||
path: sh2bin/builds/linpeas_darwin_arm64
|
||||
@@ -345,82 +345,82 @@ jobs:
|
||||
steps:
|
||||
# Download files to release
|
||||
- name: Download winpeasx64ofs
|
||||
uses: actions/download-artifact@v2
|
||||
uses: actions/download-artifact@v4.1.7
|
||||
with:
|
||||
name: winPEASx64_ofs.exe
|
||||
|
||||
- name: Download winpeasx86ofs
|
||||
uses: actions/download-artifact@v2
|
||||
uses: actions/download-artifact@v4.1.7
|
||||
with:
|
||||
name: winPEASx86_ofs.exe
|
||||
|
||||
- name: Download winpeasanyofs
|
||||
uses: actions/download-artifact@v2
|
||||
uses: actions/download-artifact@v4.1.7
|
||||
with:
|
||||
name: winPEASany_ofs.exe
|
||||
|
||||
- name: Download winpeasx64
|
||||
uses: actions/download-artifact@v2
|
||||
uses: actions/download-artifact@v4.1.7
|
||||
with:
|
||||
name: winPEASx64.exe
|
||||
|
||||
- name: Download winpeasx86
|
||||
uses: actions/download-artifact@v2
|
||||
uses: actions/download-artifact@v4.1.7
|
||||
with:
|
||||
name: winPEASx86.exe
|
||||
|
||||
- name: Download winpeasany
|
||||
uses: actions/download-artifact@v2
|
||||
uses: actions/download-artifact@v4.1.7
|
||||
with:
|
||||
name: winPEASany.exe
|
||||
|
||||
- name: Download winpeas.bat
|
||||
uses: actions/download-artifact@v2
|
||||
uses: actions/download-artifact@v4.1.7
|
||||
with:
|
||||
name: winPEAS.bat
|
||||
|
||||
- name: Download linpeas.sh
|
||||
uses: actions/download-artifact@v2
|
||||
uses: actions/download-artifact@v4.1.7
|
||||
with:
|
||||
name: linpeas.sh
|
||||
|
||||
- name: Download linpeas_fat.sh
|
||||
uses: actions/download-artifact@v2
|
||||
uses: actions/download-artifact@v4.1.7
|
||||
with:
|
||||
name: linpeas_fat.sh
|
||||
|
||||
- name: Download linpeas_small.sh
|
||||
uses: actions/download-artifact@v2
|
||||
uses: actions/download-artifact@v4.1.7
|
||||
with:
|
||||
name: linpeas_small.sh
|
||||
|
||||
- name: Download linpeas_linux_386
|
||||
uses: actions/download-artifact@v2
|
||||
uses: actions/download-artifact@v4.1.7
|
||||
with:
|
||||
name: linpeas_linux_386
|
||||
|
||||
- name: Download linpeas_linux_amd64
|
||||
uses: actions/download-artifact@v2
|
||||
uses: actions/download-artifact@v4.1.7
|
||||
with:
|
||||
name: linpeas_linux_amd64
|
||||
|
||||
- name: Download linpeas_linux_arm
|
||||
uses: actions/download-artifact@v2
|
||||
uses: actions/download-artifact@v4.1.7
|
||||
with:
|
||||
name: linpeas_linux_arm
|
||||
|
||||
- name: Download linpeas_linux_arm64
|
||||
uses: actions/download-artifact@v2
|
||||
uses: actions/download-artifact@v4.1.7
|
||||
with:
|
||||
name: linpeas_linux_arm64
|
||||
|
||||
- name: Download linpeas_darwin_amd64
|
||||
uses: actions/download-artifact@v2
|
||||
uses: actions/download-artifact@v4.1.7
|
||||
with:
|
||||
name: linpeas_darwin_amd64
|
||||
|
||||
- name: Download linpeas_darwin_arm64
|
||||
uses: actions/download-artifact@v2
|
||||
uses: actions/download-artifact@v4.1.7
|
||||
with:
|
||||
name: linpeas_darwin_arm64
|
||||
|
||||
|
||||
@@ -13,7 +13,7 @@ If you want to **contribute adding the search of new files that can contain sens
|
||||
Also, in the comments of this PR, put links to pages where and example of the file containing sensitive information can be foud.
|
||||
|
||||
## Specific LinPEAS additions
|
||||
From the PEASS-ng release **linpeas is auto-build from [linpeas/builder](https://github.com/peass-ng/PEASS-ng/blob/master/linPEAS/builder/)**. Therefore, if you want to contribute adding any new check for linpeas/macpeas, please **add it in this directory and create a PR to master**. *Note that some code is auto-generated in the python but most of it it's just written in different files that willbe merged into linpeas.sh*.
|
||||
From the PEASS-ng release **linpeas is auto-build from [linpeas/builder](https://github.com/peass-ng/PEASS-ng/blob/master/linPEAS/builder/)**. Therefore, if you want to contribute adding any new check for linpeas/macpeas, please **add it in this directory and create a PR to master**. *Note that some code is auto-generated in the python but most of it it's just written in different files that will be merged into linpeas.sh*.
|
||||
The new linpeas.sh script will be auto-generated in the PR.
|
||||
|
||||
## Specific WinPEAS additions
|
||||
|
||||
@@ -29,7 +29,7 @@ Note that by default, in the releases pages of this repository, you will find a
|
||||
- **linpeas_small.sh**: Contains only the most *important* checks making its size smaller.
|
||||
|
||||
## Quick Start
|
||||
Find the **latest versions of all the scripts and binaries in [the releases page](releases/latest)**.
|
||||
Find the **latest versions of all the scripts and binaries in [the releases page](https://github.com/peass-ng/PEASS-ng/releases/latest)**.
|
||||
|
||||
```bash
|
||||
# From public github
|
||||
|
||||
@@ -26,7 +26,7 @@ if [ "$is_ibm_vm" = "Yes" ]; then
|
||||
|
||||
ibm_req=""
|
||||
if [ "$(command -v curl || echo -n '')" ]; then
|
||||
ibm_req="curl -s -f -H '$TOKEN_HEADER' -H '$ACCEPT_HEADER'"
|
||||
ibm_req="curl -s -f -L -H '$TOKEN_HEADER' -H '$ACCEPT_HEADER'"
|
||||
elif [ "$(command -v wget || echo -n '')" ]; then
|
||||
ibm_req="wget -q -O - -H '$TOKEN_HEADER' -H '$ACCEPT_HEADER'"
|
||||
else
|
||||
|
||||
@@ -19,7 +19,7 @@ if [ "$is_aliyun_ecs" = "Yes" ]; then
|
||||
aliyun_token=""
|
||||
if [ "$(command -v curl)" ]; then
|
||||
aliyun_token=$(curl -X PUT "http://100.100.100.200/latest/api/token" -H "X-aliyun-ecs-metadata-token-ttl-seconds:1000")
|
||||
aliyun_req='curl -s -f -H "X-aliyun-ecs-metadata-token: $aliyun_token"'
|
||||
aliyun_req='curl -s -f -L -H "X-aliyun-ecs-metadata-token: $aliyun_token"'
|
||||
elif [ "$(command -v wget)" ]; then
|
||||
aliyun_token=$(wget -q -O - --method PUT "http://100.100.100.200/latest/api/token" --header "X-aliyun-ecs-metadata-token-ttl-seconds:1000")
|
||||
aliyun_req='wget -q -O --header "X-aliyun-ecs-metadata-token: $aliyun_token"'
|
||||
|
||||
@@ -21,7 +21,7 @@ if [ "$is_aws_ec2" = "Yes" ]; then
|
||||
|
||||
aws_req=""
|
||||
if [ "$(command -v curl || echo -n '')" ]; then
|
||||
aws_req="curl -s -f -H '$HEADER'"
|
||||
aws_req="curl -s -f -L -H '$HEADER'"
|
||||
elif [ "$(command -v wget || echo -n '')" ]; then
|
||||
aws_req="wget -q -O - -H '$HEADER'"
|
||||
else
|
||||
|
||||
@@ -16,7 +16,7 @@
|
||||
if [ "$is_gcp_function" = "Yes" ]; then
|
||||
gcp_req=""
|
||||
if [ "$(command -v curl)" ]; then
|
||||
gcp_req='curl -s -f -H "Metadata-Flavor: Google"'
|
||||
gcp_req='curl -s -f -L -H "Metadata-Flavor: Google"'
|
||||
elif [ "$(command -v wget)" ]; then
|
||||
gcp_req='wget -q -O - --header "Metadata-Flavor: Google"'
|
||||
else
|
||||
|
||||
@@ -16,7 +16,7 @@
|
||||
if [ "$is_gcp_vm" = "Yes" ]; then
|
||||
gcp_req=""
|
||||
if [ "$(command -v curl || echo -n '')" ]; then
|
||||
gcp_req='curl -s -f -H "Metadata-Flavor: Google"'
|
||||
gcp_req='curl -s -f -L -H "Metadata-Flavor: Google"'
|
||||
elif [ "$(command -v wget || echo -n '')" ]; then
|
||||
gcp_req='wget -q -O - --header "Metadata-Flavor: Google"'
|
||||
else
|
||||
|
||||
@@ -22,7 +22,7 @@ if [ "$is_az_vm" = "Yes" ]; then
|
||||
|
||||
az_req=""
|
||||
if [ "$(command -v curl || echo -n '')" ]; then
|
||||
az_req="curl -s -f -H '$HEADER'"
|
||||
az_req="curl -s -f -L -H '$HEADER'"
|
||||
elif [ "$(command -v wget || echo -n '')" ]; then
|
||||
az_req="wget -q -O - -H '$HEADER'"
|
||||
else
|
||||
|
||||
@@ -23,7 +23,7 @@ if [ "$is_az_app" = "Yes" ]; then
|
||||
|
||||
az_req=""
|
||||
if [ "$(command -v curl || echo -n '')" ]; then
|
||||
az_req="curl -s -f -H '$HEADER'"
|
||||
az_req="curl -s -f -L -H '$HEADER'"
|
||||
elif [ "$(command -v wget || echo -n '')" ]; then
|
||||
az_req="wget -q -O - -H '$HEADER'"
|
||||
else
|
||||
|
||||
@@ -18,7 +18,7 @@ if [ "$is_do" = "Yes" ]; then
|
||||
|
||||
do_req=""
|
||||
if [ "$(command -v curl || echo -n '')" ]; then
|
||||
do_req='curl -s -f '
|
||||
do_req='curl -s -f -L '
|
||||
elif [ "$(command -v wget || echo -n '')" ]; then
|
||||
do_req='wget -q -O - '
|
||||
else
|
||||
|
||||
@@ -13,4 +13,4 @@
|
||||
# Small linpeas: 1
|
||||
|
||||
|
||||
USEFUL_SOFTWARE="authbind aws az base64 ctr curl doas docker fetch g++ gcc gcloud gdb kubectl lxc make nc nc.traditional ncat netcat nmap perl php ping podman python python2 python2.6 python2.7 python3 python3.6 python3.7 pwsh rkt ruby runc socat sudo wget xterm"
|
||||
USEFUL_SOFTWARE="authbind aws az base64 ctr curl doas docker fetch g++ gcc gcloud gdb go kubectl lua lxc make nc nc.traditional ncat netcat nmap perl php ping podman python python2 python2.6 python2.7 python3 python3.6 python3.7 pwsh rkt ruby runc socat sudo wget xterm"
|
||||
|
||||
@@ -25,6 +25,9 @@ sidB="/apache2$%Read_root_passwd__apache2_-f_/etc/shadow\(CVE-2019-0211\)\
|
||||
/dtappgather$%Solaris_7_<_11_\(SPARC/x86\)\(CVE-2017-3622\)\
|
||||
/dtprintinfo$%Solaris_10_\(x86\)_and_lower_versions_also_SunOS_5.7_to_5.10\
|
||||
/dtsession$%Oracle_Solaris_10_1/13_and_earlier\(CVE-2020-2696\)\
|
||||
/enlightenment_backlight$%Before_0.25.4_\(CVE-2022-37706\)\
|
||||
/enlightenment_ckpasswd$%Before_0.25.4_\(CVE-2022-37706\)\
|
||||
/enlightenment_sys$%Before_0.25.4_\(CVE-2022-37706\)\
|
||||
/eject$%FreeBSD_mcweject_0.9/SGI_IRIX_6.2\
|
||||
/ibstat$%IBM_AIX_Version_6.1/7.1\(09-2013\)\
|
||||
/kcheckpass$%KDE_3.2.0_<-->_3.4.2_\(both_included\)\
|
||||
@@ -42,7 +45,7 @@ sidB="/apache2$%Read_root_passwd__apache2_-f_/etc/shadow\(CVE-2019-0211\)\
|
||||
/newgrp$%HP-UX_10.20\
|
||||
/ntfs-3g$%Debian9/8/7/Ubuntu/Gentoo/others/Ubuntu_Server_16.10_and_others\(02-2017\)\
|
||||
/passwd$%Apple_Mac_OSX\(03-2006\)/Solaris_8/9\(12-2004\)/SPARC_8/9/Sun_Solaris_2.3_to_2.5.1\(02-1997\)\
|
||||
/pkexec$%Linux4.10_to_5.1.17\(CVE-2019-13272\)/rhel_6\(CVE-2011-1485\)\
|
||||
/pkexec$%Linux4.10_to_5.1.17\(CVE-2019-13272\)/rhel_6\(CVE-2011-1485\)/Generic_CVE-2021-4034\
|
||||
/pppd$%Apple_Mac_OSX_10.4.8\(05-2007\)\
|
||||
/pt_chown$%GNU_glibc_2.1/2.1.1_-6\(08-1999\)\
|
||||
/pulseaudio$%\(Ubuntu_9.04/Slackware_12.2.0\)\
|
||||
|
||||
@@ -13,4 +13,4 @@
|
||||
# Small linpeas: 1
|
||||
|
||||
|
||||
sudovB="[01].[012345678].[0-9]+|1.9.[01234]|1.9.5p1"
|
||||
sudovB="[01].[012345678].[0-9]+|1.9.[01234][^0-9]|1.9.[01234]$|1.9.5p1"
|
||||
@@ -75,7 +75,6 @@ namespace winPEAS.Checks
|
||||
//Check parameters
|
||||
bool isAllChecks = true;
|
||||
bool isFileSearchEnabled = false;
|
||||
var searchEnabledChecks = new HashSet<string>() { "fileanalysis, filesinfo" };
|
||||
bool wait = false;
|
||||
FileStream fileStream = null;
|
||||
StreamWriter fileWriter = null;
|
||||
@@ -114,6 +113,12 @@ namespace winPEAS.Checks
|
||||
if (string.Equals(arg, "fileanalysis", StringComparison.CurrentCultureIgnoreCase))
|
||||
{
|
||||
print_fileanalysis_warn = false;
|
||||
isFileSearchEnabled = true;
|
||||
}
|
||||
|
||||
if (string.Equals(arg, "filesinfo", StringComparison.CurrentCultureIgnoreCase))
|
||||
{
|
||||
isFileSearchEnabled = true;
|
||||
}
|
||||
|
||||
if (string.Equals(arg, "all", StringComparison.CurrentCultureIgnoreCase))
|
||||
@@ -268,11 +273,6 @@ namespace winPEAS.Checks
|
||||
{
|
||||
_systemCheckSelectedKeysHashSet.Add(argToLower);
|
||||
isAllChecks = false;
|
||||
|
||||
if (searchEnabledChecks.Contains(argToLower))
|
||||
{
|
||||
isFileSearchEnabled = true;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@@ -1282,7 +1282,7 @@ $CCreds = @(".aws\credentials",
|
||||
".azure\azureProfile.json")
|
||||
foreach ($u in $users) {
|
||||
$CCreds | ForEach-Object {
|
||||
if (Test-Path "c:\$u\$_") { Write-Host "$_ found!" -ForegroundColor Red }
|
||||
if (Test-Path "c:\Users\$u\$_") { Write-Host "$_ found!" -ForegroundColor Red }
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user