Merge pull request #415 from LionelOvaert/patch-1

Add try-except for PrintCachedCreds

winPEAS/winPEASexe/winPEAS/Checks/FileAnalysis.cs

@@ -158,16 +158,19 @@ namespace winPEAS.Checks
                 bool is_re_match = false;
                 try
                 {
+                    // Escape backslashes in the regex string
+                    string escapedRegex = regex_str.Trim().Replace(@"\", @"\\");
+                    
                     // Use "IsMatch" because it supports timeout, if exception is thrown exit the func to avoid ReDoS in "rgx.Matches"
                     if (caseinsensitive)
                     {
-                        is_re_match = Regex.IsMatch(text, regex_str.Trim(), RegexOptions.IgnoreCase, TimeSpan.FromSeconds(120));
-                        rgx = new Regex(regex_str.Trim(), RegexOptions.IgnoreCase);
+                        is_re_match = Regex.IsMatch(text, escapedRegex, RegexOptions.IgnoreCase, TimeSpan.FromSeconds(120));
+                        rgx = new Regex(escapedRegex, RegexOptions.IgnoreCase);
                     }
                     else
                     {
-                        is_re_match = Regex.IsMatch(text, regex_str.Trim(), RegexOptions.None, TimeSpan.FromSeconds(120));
-                        rgx = new Regex(regex_str.Trim());
+                        is_re_match = Regex.IsMatch(text, escapedRegex, RegexOptions.None, TimeSpan.FromSeconds(120));
+                        rgx = new Regex(escapedRegex);
                     }
                 }
                 catch (RegexMatchTimeoutException e)

winPEAS/winPEASexe/winPEAS/Checks/SystemInfo.cs

@@ -387,21 +387,28 @@ namespace winPEAS.Checks
 
         static void PrintCachedCreds()
         {
-            Beaprint.MainPrint("Cached Creds");
-            Beaprint.LinkPrint("https://book.hacktricks.xyz/windows-hardening/stealing-credentials/credentials-protections#cached-credentials", "If > 0, credentials will be cached in the registry and accessible by SYSTEM user");
-            string cachedlogonscount = RegistryHelper.GetRegValue("HKLM", @"SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon", "CACHEDLOGONSCOUNT");
-            if (!string.IsNullOrEmpty(cachedlogonscount))
+            try
             {
-                int clc = Int16.Parse(cachedlogonscount);
-                if (clc > 0)
+                Beaprint.MainPrint("Cached Creds");
+                Beaprint.LinkPrint("https://book.hacktricks.xyz/windows-hardening/stealing-credentials/credentials-protections#cached-credentials", "If > 0, credentials will be cached in the registry and accessible by SYSTEM user");
+                string cachedlogonscount = RegistryHelper.GetRegValue("HKLM", @"SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon", "CACHEDLOGONSCOUNT");
+                if (!string.IsNullOrEmpty(cachedlogonscount))
                 {
-                    Beaprint.BadPrint("    cachedlogonscount is " + cachedlogonscount);
-                }
-                else
-                {
-                    Beaprint.BadPrint("    cachedlogonscount is " + cachedlogonscount);
+                    int clc = Int16.Parse(cachedlogonscount);
+                    if (clc > 0)
+                    {
+                        Beaprint.BadPrint("    cachedlogonscount is " + cachedlogonscount);
+                    }
+                    else
+                    {
+                        Beaprint.BadPrint("    cachedlogonscount is " + cachedlogonscount);
+                    }
                 }
             }
+            catch (Exception ex)
+            {
+                Beaprint.PrintException(ex.Message);
+            }
         }
 
         static void PrintUserEV()