From f690977f5267d2b1e49fbca683607f87c163f68f Mon Sep 17 00:00:00 2001 From: HackTricks PEASS Autoimprover Date: Thu, 30 Apr 2026 05:31:17 +0000 Subject: [PATCH] autoimprover: simplify winpeas checks --- .../KnownFileCreds/Browsers/BrowserBase.cs | 40 ++++++++++++++++++- .../KnownFileCreds/Browsers/Chrome/Chrome.cs | 29 ++------------ .../Browsers/Firefox/Firefox.cs | 29 ++------------ .../Browsers/InternetExplorer.cs | 29 ++------------ 4 files changed, 48 insertions(+), 79 deletions(-) diff --git a/winPEAS/winPEASexe/winPEAS/KnownFileCreds/Browsers/BrowserBase.cs b/winPEAS/winPEASexe/winPEAS/KnownFileCreds/Browsers/BrowserBase.cs index 08119b3..413c3bc 100644 --- a/winPEAS/winPEASexe/winPEAS/KnownFileCreds/Browsers/BrowserBase.cs +++ b/winPEAS/winPEASexe/winPEAS/KnownFileCreds/Browsers/BrowserBase.cs @@ -1,5 +1,7 @@ -using System.Collections.Generic; +using System; +using System.Collections.Generic; using System.Linq; +using winPEAS.Checks; using winPEAS.Helpers; using winPEAS.KnownFileCreds.Browsers.Models; @@ -7,6 +9,8 @@ namespace winPEAS.KnownFileCreds.Browsers { internal abstract class BrowserBase : IBrowser { + protected const string BrowserHistoryLink = "https://book.hacktricks.wiki/en/windows-hardening/windows-local-privilege-escalation/index.html#browsers-history"; + public abstract string Name { get; } public abstract IEnumerable GetSavedCredentials(); public abstract void PrintInfo(); @@ -35,5 +39,39 @@ namespace winPEAS.KnownFileCreds.Browsers } } } + + protected static void PrintBrowserHistoryLink() + { + Beaprint.LinkPrint(BrowserHistoryLink); + } + + protected static void PrintCredentialHistory(List history, string browserName) + { + if (history.Count > 0) + { + Dictionary colors = new Dictionary + { + { Globals.PrintCredStrings, Beaprint.ansi_color_bad }, + }; + + foreach (string url in history) + { + if (MyUtils.ContainsAnyRegex(url.ToUpper(), Browser.CredStringsRegex)) + { + Beaprint.AnsiPrint(" " + url, colors); + } + } + + Console.WriteLine(); + + int limit = 50; + Beaprint.MainPrint($"{browserName} history -- limit {limit}\n"); + Beaprint.ListPrint(history.Take(limit).ToList()); + } + else + { + Beaprint.NotFoundPrint(); + } + } } } diff --git a/winPEAS/winPEASexe/winPEAS/KnownFileCreds/Browsers/Chrome/Chrome.cs b/winPEAS/winPEASexe/winPEAS/KnownFileCreds/Browsers/Chrome/Chrome.cs index 03697ce..4db8ee4 100644 --- a/winPEAS/winPEASexe/winPEAS/KnownFileCreds/Browsers/Chrome/Chrome.cs +++ b/winPEAS/winPEASexe/winPEAS/KnownFileCreds/Browsers/Chrome/Chrome.cs @@ -27,7 +27,7 @@ namespace winPEAS.KnownFileCreds.Browsers.Chrome try { Beaprint.MainPrint("Looking for Chrome DBs"); - Beaprint.LinkPrint("https://book.hacktricks.wiki/en/windows-hardening/windows-local-privilege-escalation/index.html#browsers-history"); + PrintBrowserHistoryLink(); Dictionary chromeDBs = GetChromeDbs(); if (chromeDBs.ContainsKey("userChromeCookiesPath")) @@ -59,35 +59,12 @@ namespace winPEAS.KnownFileCreds.Browsers.Chrome try { Beaprint.MainPrint("Looking for GET credentials in Chrome history"); - Beaprint.LinkPrint("https://book.hacktricks.wiki/en/windows-hardening/windows-local-privilege-escalation/index.html#browsers-history"); + PrintBrowserHistoryLink(); Dictionary> chromeHistBook = GetChromeHistBook(); List history = chromeHistBook["history"]; List bookmarks = chromeHistBook["bookmarks"]; - if (history.Count > 0) - { - Dictionary colorsB = new Dictionary() - { - { Globals.PrintCredStrings, Beaprint.ansi_color_bad }, - }; - - foreach (string url in history) - { - if (MyUtils.ContainsAnyRegex(url.ToUpper(), Browser.CredStringsRegex)) - { - Beaprint.AnsiPrint(" " + url, colorsB); - } - } - Console.WriteLine(); - - int limit = 50; - Beaprint.MainPrint($"Chrome history -- limit {limit}\n"); - Beaprint.ListPrint(history.Take(limit).ToList()); - } - else - { - Beaprint.NotFoundPrint(); - } + PrintCredentialHistory(history, "Chrome"); Beaprint.MainPrint("Chrome bookmarks"); Beaprint.ListPrint(bookmarks); diff --git a/winPEAS/winPEASexe/winPEAS/KnownFileCreds/Browsers/Firefox/Firefox.cs b/winPEAS/winPEASexe/winPEAS/KnownFileCreds/Browsers/Firefox/Firefox.cs index ddb81f4..049ac83 100644 --- a/winPEAS/winPEASexe/winPEAS/KnownFileCreds/Browsers/Firefox/Firefox.cs +++ b/winPEAS/winPEASexe/winPEAS/KnownFileCreds/Browsers/Firefox/Firefox.cs @@ -28,7 +28,7 @@ namespace winPEAS.KnownFileCreds.Browsers.Firefox try { Beaprint.MainPrint("Looking for Firefox DBs"); - Beaprint.LinkPrint("https://book.hacktricks.wiki/en/windows-hardening/windows-local-privilege-escalation/index.html#browsers-history"); + PrintBrowserHistoryLink(); List firefoxDBs = GetFirefoxDbs(); if (firefoxDBs.Count > 0) { @@ -55,32 +55,9 @@ namespace winPEAS.KnownFileCreds.Browsers.Firefox try { Beaprint.MainPrint("Looking for GET credentials in Firefox history"); - Beaprint.LinkPrint("https://book.hacktricks.wiki/en/windows-hardening/windows-local-privilege-escalation/index.html#browsers-history"); + PrintBrowserHistoryLink(); List history = GetFirefoxHistory(); - if (history.Count > 0) - { - Dictionary colorsB = new Dictionary() - { - { Globals.PrintCredStrings, Beaprint.ansi_color_bad }, - }; - - foreach (string url in history) - { - if (MyUtils.ContainsAnyRegex(url.ToUpper(), Browser.CredStringsRegex)) - { - Beaprint.AnsiPrint(" " + url, colorsB); - } - } - Console.WriteLine(); - - int limit = 50; - Beaprint.MainPrint($"Firefox history -- limit {limit}\n"); - Beaprint.ListPrint(history.Take(limit).ToList()); - } - else - { - Beaprint.NotFoundPrint(); - } + PrintCredentialHistory(history, "Firefox"); } catch (Exception ex) { diff --git a/winPEAS/winPEASexe/winPEAS/KnownFileCreds/Browsers/InternetExplorer.cs b/winPEAS/winPEASexe/winPEAS/KnownFileCreds/Browsers/InternetExplorer.cs index a887708..fa1c011 100644 --- a/winPEAS/winPEASexe/winPEAS/KnownFileCreds/Browsers/InternetExplorer.cs +++ b/winPEAS/winPEASexe/winPEAS/KnownFileCreds/Browsers/InternetExplorer.cs @@ -29,7 +29,7 @@ namespace winPEAS.KnownFileCreds.Browsers try { Beaprint.MainPrint("Current IE tabs"); - Beaprint.LinkPrint("https://book.hacktricks.wiki/en/windows-hardening/windows-local-privilege-escalation/index.html#browsers-history"); + PrintBrowserHistoryLink(); List urls = GetCurrentIETabs(); Dictionary colorsB = new Dictionary() @@ -50,35 +50,12 @@ namespace winPEAS.KnownFileCreds.Browsers try { Beaprint.MainPrint("Looking for GET credentials in IE history"); - Beaprint.LinkPrint("https://book.hacktricks.wiki/en/windows-hardening/windows-local-privilege-escalation/index.html#browsers-history"); + PrintBrowserHistoryLink(); Dictionary> ieHistoryBook = GetIEHistFav(); List history = ieHistoryBook["history"]; List favorites = ieHistoryBook["favorites"]; - if (history.Count > 0) - { - Dictionary colorsB = new Dictionary() - { - { Globals.PrintCredStrings, Beaprint.ansi_color_bad }, - }; - - foreach (string url in history) - { - if (MyUtils.ContainsAnyRegex(url.ToUpper(), Browser.CredStringsRegex)) - { - Beaprint.AnsiPrint(" " + url, colorsB); - } - } - Console.WriteLine(); - - int limit = 50; - Beaprint.MainPrint($"IE history -- limit {limit}\n"); - Beaprint.ListPrint(history.Take(limit).ToList()); - } - else - { - Beaprint.NotFoundPrint(); - } + PrintCredentialHistory(history, "IE"); Beaprint.MainPrint("IE favorites"); Beaprint.ListPrint(favorites);