gitea-mirror/PEASS-ng
1
0
Fork 0
mirror of https://github.com/peass-ng/PEASS-ng.git synced 2026-03-12 21:23:13 -07:00
Code Issues Packages Projects Releases Wiki Activity

autoimprover: simplify winpeas checks

Browse Source
This commit is contained in:
HackTricks PEASS Autoimprover
2026-02-24 15:04:27 +00:00
parent 1375f61d38
commit be22ccbd87
1 changed files with 23 additions and 86 deletions
Download Patch File Download Diff File Expand all files Collapse all files

109
winPEAS/winPEASexe/winPEAS/Checks/NetworkInfo.cs
View File

@@ -141,63 +141,33 @@ namespace winPEAS.Checks
Beaprint.MainPrint("Current TCP Listening Ports"); Beaprint.MainPrint("Current TCP Listening Ports");
Beaprint.LinkPrint("", "Check for services restricted from the outside"); Beaprint.LinkPrint("", "Check for services restricted from the outside");
PrintListeningPortsTcpIPv4(processesByPid); PrintListeningPortsTcpByVersion(processesByPid, IPVersion.IPv4,
@"{0,-12} {1,-21} {2,-13} {3,-21} {4,-15} {5,-17} {6,-15} {7}",
address => address.ToString());
Beaprint.ColorPrint("", Beaprint.NOCOLOR); Beaprint.ColorPrint("", Beaprint.NOCOLOR);
PrintListeningPortsTcpIPv6(processesByPid); PrintListeningPortsTcpByVersion(processesByPid, IPVersion.IPv6,
@"{0,-12} {1,-43} {2,-13} {3,-43} {4,-15} {5,-17} {6,-15} {7}",
address => $"[{address}]");
} }
private void PrintListeningPortsTcpIPv4(Dictionary<int, Process> processesByPid) private void PrintListeningPortsTcpByVersion(Dictionary<int, Process> processesByPid, IPVersion ipVersion, string formatString, Func<System.Net.IPAddress, string> addressFormatter)
{ {
try try
{ {
Beaprint.ColorPrint(" Enumerating IPv4 connections\n", Beaprint.LBLUE); string versionLabel = ipVersion == IPVersion.IPv4 ? "IPv4" : "IPv6";
Beaprint.ColorPrint($" Enumerating {versionLabel} connections\n", Beaprint.LBLUE);
string formatString = @"{0,-12} {1,-21} {2,-13} {3,-21} {4,-15} {5,-17} {6,-15} {7}";
Beaprint.NoColorPrint( Beaprint.NoColorPrint(
string.Format($"{formatString}\n", " Protocol", "Local Address", "Local Port", "Remote Address", "Remote Port", "State", "Process ID", "Process Name")); string.Format($"{formatString}\n", " Protocol", "Local Address", "Local Port", "Remote Address", "Remote Port", "State", "Process ID", "Process Name"));
foreach (var tcpConnectionInfo in NetworkInfoHelper.GetTcpConnections(IPVersion.IPv4, processesByPid)) foreach (var tcpConnectionInfo in NetworkInfoHelper.GetTcpConnections(ipVersion, processesByPid))
{ {
Beaprint.AnsiPrint( Beaprint.AnsiPrint(
string.Format(formatString, string.Format(formatString,
" TCP", " TCP",
tcpConnectionInfo.LocalAddress, addressFormatter(tcpConnectionInfo.LocalAddress),
tcpConnectionInfo.LocalPort, tcpConnectionInfo.LocalPort,
tcpConnectionInfo.RemoteAddress, addressFormatter(tcpConnectionInfo.RemoteAddress),
tcpConnectionInfo.RemotePort,
tcpConnectionInfo.State.GetDescription(),
tcpConnectionInfo.ProcessId,
tcpConnectionInfo.ProcessName
),
colorsN);
}
}
catch (Exception ex)
{
Beaprint.PrintException(ex.Message);
}
}
private void PrintListeningPortsTcpIPv6(Dictionary<int, Process> processesByPid)
{
try
{
Beaprint.ColorPrint(" Enumerating IPv6 connections\n", Beaprint.LBLUE);
string formatString = @"{0,-12} {1,-43} {2,-13} {3,-43} {4,-15} {5,-17} {6,-15} {7}";
Beaprint.NoColorPrint(
string.Format($"{formatString}\n", " Protocol", "Local Address", "Local Port", "Remote Address", "Remote Port", "State", "Process ID", "Process Name"));
foreach (var tcpConnectionInfo in NetworkInfoHelper.GetTcpConnections(IPVersion.IPv6, processesByPid))
{
Beaprint.AnsiPrint(
string.Format(formatString,
" TCP",
$"[{tcpConnectionInfo.LocalAddress}]",
tcpConnectionInfo.LocalPort,
$"[{tcpConnectionInfo.RemoteAddress}]",
tcpConnectionInfo.RemotePort, tcpConnectionInfo.RemotePort,
tcpConnectionInfo.State.GetDescription(), tcpConnectionInfo.State.GetDescription(),
tcpConnectionInfo.ProcessId, tcpConnectionInfo.ProcessId,
@@ -217,23 +187,26 @@ namespace winPEAS.Checks
Beaprint.MainPrint("Current UDP Listening Ports"); Beaprint.MainPrint("Current UDP Listening Ports");
Beaprint.LinkPrint("", "Check for services restricted from the outside"); Beaprint.LinkPrint("", "Check for services restricted from the outside");
PrintListeningPortsUdpIPv4(processesByPid); PrintListeningPortsUdpByVersion(processesByPid, IPVersion.IPv4,
@"{0,-12} {1,-21} {2,-13} {3,-30} {4,-17} {5}",
address => address.ToString());
Beaprint.ColorPrint("", Beaprint.NOCOLOR); Beaprint.ColorPrint("", Beaprint.NOCOLOR);
PrintListeningPortsUdpIPv6(processesByPid); PrintListeningPortsUdpByVersion(processesByPid, IPVersion.IPv6,
@"{0,-12} {1,-43} {2,-13} {3,-30} {4,-17} {5}",
address => $"[{address}]");
} }
private void PrintListeningPortsUdpIPv4(Dictionary<int, Process> processesByPid) private void PrintListeningPortsUdpByVersion(Dictionary<int, Process> processesByPid, IPVersion ipVersion, string formatString, Func<System.Net.IPAddress, string> addressFormatter)
{ {
try try
{ {
Beaprint.ColorPrint(" Enumerating IPv4 connections\n", Beaprint.LBLUE); string versionLabel = ipVersion == IPVersion.IPv4 ? "IPv4" : "IPv6";
Beaprint.ColorPrint($" Enumerating {versionLabel} connections\n", Beaprint.LBLUE);
string formatString = @"{0,-12} {1,-21} {2,-13} {3,-30} {4,-17} {5}";
Beaprint.NoColorPrint( Beaprint.NoColorPrint(
string.Format($"{formatString}\n", " Protocol", "Local Address", "Local Port", "Remote Address:Remote Port", "Process ID", "Process Name")); string.Format($"{formatString}\n", " Protocol", "Local Address", "Local Port", "Remote Address:Remote Port", "Process ID", "Process Name"));
foreach (var udpConnectionInfo in NetworkInfoHelper.GetUdpConnections(IPVersion.IPv4, processesByPid)) foreach (var udpConnectionInfo in NetworkInfoHelper.GetUdpConnections(ipVersion, processesByPid))
{ {
if (udpConnectionInfo.ProcessName == "dns") // Hundreds of them sometimes if (udpConnectionInfo.ProcessName == "dns") // Hundreds of them sometimes
{ {
@@ -243,43 +216,7 @@ namespace winPEAS.Checks
Beaprint.AnsiPrint( Beaprint.AnsiPrint(
string.Format(formatString, string.Format(formatString,
" UDP", " UDP",
udpConnectionInfo.LocalAddress, addressFormatter(udpConnectionInfo.LocalAddress),
udpConnectionInfo.LocalPort,
"*:*", // UDP does not have remote address/port
udpConnectionInfo.ProcessId,
udpConnectionInfo.ProcessName
),
colorsN);
}
}
catch (Exception ex)
{
Beaprint.PrintException(ex.Message);
}
}
private void PrintListeningPortsUdpIPv6(Dictionary<int, Process> processesByPid)
{
try
{
Beaprint.ColorPrint(" Enumerating IPv6 connections\n", Beaprint.LBLUE);
string formatString = @"{0,-12} {1,-43} {2,-13} {3,-30} {4,-17} {5}";
Beaprint.NoColorPrint(
string.Format($"{formatString}\n", " Protocol", "Local Address", "Local Port", "Remote Address:Remote Port", "Process ID", "Process Name"));
foreach (var udpConnectionInfo in NetworkInfoHelper.GetUdpConnections(IPVersion.IPv6, processesByPid))
{
if (udpConnectionInfo.ProcessName == "dns") // Hundreds of them sometimes
{
continue;
}
Beaprint.AnsiPrint(
string.Format(formatString,
" UDP",
$"[{udpConnectionInfo.LocalAddress}]",
udpConnectionInfo.LocalPort, udpConnectionInfo.LocalPort,
"*:*", // UDP does not have remote address/port "*:*", // UDP does not have remote address/port
udpConnectionInfo.ProcessId, udpConnectionInfo.ProcessId,