Comments (7)
carlospolop
commented on May 8, 2024
Hi @kazkansouh,
Thanks for the suggestion.
I haven't run the code but I suppose we cannot filter by provider name the list of drivers given by the C code as you did in the power-shell on-liner right?
Also, would you like to try to implement it and make a push request?
from peass-ng.
kazkansouh
commented on May 8, 2024
@carlospolop yep, you are correct the API I pointed out just lists the file names, and optionally the whole path of the loaded dll. As far as I can tell the additional information from tools like driverquery appear (I still need to check) to come from the SCM, and the meta information from the Win32_PnPSignedDriver WMI class comes from the digital signatures.
It might make sense to try taking the module names and reading the signatures from them. This would alleviate the need for having a whitelist of Microsoft drivers (assuming all Microsoft drivers are signed, the devil is always in the detail) and come close to the one-liner placed before without the need for WMI access.
Sure, I'll can think about putting PR together, but I still need to do some more testing of the ideas. Hopefully within a couple weeks Ill find the time to submit something.
from peass-ng.
carlospolop
commented on May 8, 2024
Hey @kazkansouh,
That looks really promising. Good idea to try to filter Microsoft drivers.
If you can prepare a PR and I will merge it with the master version.
Thank you.
from peass-ng.
carlospolop
commented on May 8, 2024
Hi @kazkansouh,
How is this going?
from peass-ng.
kazkansouh
commented on May 8, 2024
Hello @carlospolop -- I'm currently focused working through OSCP labs at the moment. Ideally I'm waiting to come across a nice machine to develop and test the code against (so I am killing two birds in one stone 😎), if not, Ill set one up myself but that will be when I have time to look at this in more depth.
from peass-ng.
carlospolop
commented on May 8, 2024
Hi @kazkansouh,
Thank you very much for the pull request. I have merged it and updated Winpeas to add colours to the output (file and folder permissions of the drivers are now checked).
I have also created a new release (Winpeasv1.1) where the new functionality is working.
Thank you again, and let me know if you have more ideas!
from peass-ng.
kazkansouh
commented on May 8, 2024
The changes look good - that's a nice idea to check permissions.
from peass-ng.
Related Issues (20)
- not detecting PUTTY credentials in the registry HOT 1
- WinPEAS and LinPEAS do auto exploitation? HOT 1
- Could not load file or assembly with One liner to download and execute winPEASany from memory in a PS shell? HOT 1
- Build Error HOT 2
- Cargo CVE-2023-38497 HOT 1
- Show where the passwords in config PHP files were found. HOT 1
- Searching passwords in config PHP files HOT 1
- WinPEAS - Exploit Suggester Feature
- Unable to skip deep file scans in WinPEASx64
- LinPEAS stuck at "Users with console" stage (Oracle Linux 7)
- [WinPEAS.ps1] - Process is terminated due to StackOverflowException
- Script (linpeas_base.sh) does not run/work HOT 1
- PrintNightmare in 2024
- Exchange Watson with wesng
- Winpeas Crash - Requested Registry
- Powershell history bug? HOT 1
- AWS EC2 detected as Tencent CVM causing long run time due to incorrect Tencent enumeration HOT 2
- Winpeas logs full of garbage exceptions. Error looking for regex define ?\(['"](\w*pass|\w*pwd|\w*user|\w*datab) HOT 8
- serious formatting issues in output of newest release -- Release refs/heads/master 20240414-ed0a5fac
- Support for Windows LAPS
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from peass-ng.