Update 3_cloud.sh

Merge pull request #415 from LionelOvaert/patch-1
Add try-except for PrintCachedCreds
2026-01-11 04:35:56 -08:00 · 2024-02-25 20:50:25 +01:00 · 2024-02-23 15:12:38 +01:00 · 2024-02-23 15:10:27 +01:00 · 2024-02-18 21:09:53 +01:00 · 2024-02-13 21:54:08 +00:00
3 changed files with 26 additions and 16 deletions
--- a/linPEAS/builder/linpeas_parts/3_cloud.sh
+++ b/linPEAS/builder/linpeas_parts/3_cloud.sh
@@ -154,7 +154,7 @@ check_do
 print_list "DO Droplet? .......................... $is_do\n"$NC | sed "s,Yes,${SED_RED}," | sed "s,No,${SED_GREEN},"
 check_aliyun_ecs
 print_list "Aliyun ECS? .......................... $is_aliyun_ecs\n"$NC | sed "s,Yes,${SED_RED}," | sed "s,No,${SED_GREEN},"
-check_tencent_cvm
+#check_tencent_cvm
 print_list "Tencent CVM? .......................... $is_tencent_cvm\n"$NC | sed "s,Yes,${SED_RED}," | sed "s,No,${SED_GREEN},"
 check_ibm_vm
 print_list "IBM Cloud VM? ........................ $is_ibm_vm\n"$NC | sed "s,Yes,${SED_RED}," | sed "s,No,${SED_GREEN},"
--- a/winPEAS/winPEASexe/winPEAS/Checks/FileAnalysis.cs
+++ b/winPEAS/winPEASexe/winPEAS/Checks/FileAnalysis.cs
@@ -158,16 +158,19 @@ namespace winPEAS.Checks
                bool is_re_match = false;
                try
                {
+                    // Escape backslashes in the regex string
+                    string escapedRegex = regex_str.Trim().Replace(@"\", @"\\");
+                    
                    // Use "IsMatch" because it supports timeout, if exception is thrown exit the func to avoid ReDoS in "rgx.Matches"
                    if (caseinsensitive)
                    {
-                        is_re_match = Regex.IsMatch(text, regex_str.Trim(), RegexOptions.IgnoreCase, TimeSpan.FromSeconds(120));
-                        rgx = new Regex(regex_str.Trim(), RegexOptions.IgnoreCase);
+                        is_re_match = Regex.IsMatch(text, escapedRegex, RegexOptions.IgnoreCase, TimeSpan.FromSeconds(120));
+                        rgx = new Regex(escapedRegex, RegexOptions.IgnoreCase);
                    }
                    else
                    {
-                        is_re_match = Regex.IsMatch(text, regex_str.Trim(), RegexOptions.None, TimeSpan.FromSeconds(120));
-                        rgx = new Regex(regex_str.Trim());
+                        is_re_match = Regex.IsMatch(text, escapedRegex, RegexOptions.None, TimeSpan.FromSeconds(120));
+                        rgx = new Regex(escapedRegex);
                    }
                }
                catch (RegexMatchTimeoutException e)
--- a/winPEAS/winPEASexe/winPEAS/Checks/SystemInfo.cs
+++ b/winPEAS/winPEASexe/winPEAS/Checks/SystemInfo.cs
@@ -387,21 +387,28 @@ namespace winPEAS.Checks

        static void PrintCachedCreds()
        {
-            Beaprint.MainPrint("Cached Creds");
-            Beaprint.LinkPrint("https://book.hacktricks.xyz/windows-hardening/stealing-credentials/credentials-protections#cached-credentials", "If > 0, credentials will be cached in the registry and accessible by SYSTEM user");
-            string cachedlogonscount = RegistryHelper.GetRegValue("HKLM", @"SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon", "CACHEDLOGONSCOUNT");
-            if (!string.IsNullOrEmpty(cachedlogonscount))
+            try
            {
-                int clc = Int16.Parse(cachedlogonscount);
-                if (clc > 0)
+                Beaprint.MainPrint("Cached Creds");
+                Beaprint.LinkPrint("https://book.hacktricks.xyz/windows-hardening/stealing-credentials/credentials-protections#cached-credentials", "If > 0, credentials will be cached in the registry and accessible by SYSTEM user");
+                string cachedlogonscount = RegistryHelper.GetRegValue("HKLM", @"SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon", "CACHEDLOGONSCOUNT");
+                if (!string.IsNullOrEmpty(cachedlogonscount))
                {
-                    Beaprint.BadPrint("    cachedlogonscount is " + cachedlogonscount);
-                }
-                else
-                {
-                    Beaprint.BadPrint("    cachedlogonscount is " + cachedlogonscount);
+                    int clc = Int16.Parse(cachedlogonscount);
+                    if (clc > 0)
+                    {
+                        Beaprint.BadPrint("    cachedlogonscount is " + cachedlogonscount);
+                    }
+                    else
+                    {
+                        Beaprint.BadPrint("    cachedlogonscount is " + cachedlogonscount);
+                    }
                }
            }
+            catch (Exception ex)
+            {
+                Beaprint.PrintException(ex.Message);
+            }
        }

        static void PrintUserEV()
Author	SHA1	Message	Date
Carlos Polop	a79fb7f5d5	Update 3_cloud.sh	2024-02-25 20:50:25 +01:00
Carlos Polop	0dccf2f2a8	Merge pull request #415 from LionelOvaert/patch-1 Add try-except for PrintCachedCreds	2024-02-23 15:12:38 +01:00
Carlos Polop	0cc314fe04	Merge pull request #413 from md347/master Update FileAnalysis.cs	2024-02-23 15:10:27 +01:00
Lionel Ovaert	b430fc80bd	Add try-except for PrintCachedCreds	2024-02-18 21:09:53 +01:00
md347	41d6a03db3	Update FileAnalysis.cs escape backslashes in regex	2024-02-13 21:54:08 +00:00