Comments (3)
Hi @websecnl,
Thanks for the suggestion.
A list like all the CLSID's in the machine could be very annoying if it's not useful.
Could let me know where is it useful so we can think when is interesting to list the CLSIDs? Maybe for exploiting Juicy Potato?
from peass-ng.
It is useful for privileges escalation using the Juicy Potato exploit.
this requires enumeration of service CLSID's.
For more information regarding this see: https://github.com/TsukiCTF/Lovely-Potato
I Believe it would be great for the winPEASany as this might be one of the tasks during the OSCP Exam / Labs.
So far i can only find powershell scripts that do this, however it would be great if someone was willing to add this into a binary without the requirement of having powershell enabled.
from peass-ng.
Hi again @websecnl,
The problem in this case is that there are so many CLSIDs that listing them will make very ugly the output of the tool (making it useless in my perspective).
Also, even if Winpeas just list CLSIDs when SeImpersonatePrivilege is discovered, the user probably won't be able to look formore privilege escalation vectors due to the amount od CLSIDs listed.
Moreover, notice that (I think) JuicyPotato is not working in the latest versions of Windows, at least I read something about it some weeks ago.
Thank you for the suggestion but I'm not going to add this feature due to the problems mentioned before.
Please, feel free to make other suggestions in the future.
from peass-ng.
Related Issues (20)
- not detecting PUTTY credentials in the registry HOT 1
- WinPEAS and LinPEAS do auto exploitation? HOT 1
- Could not load file or assembly with One liner to download and execute winPEASany from memory in a PS shell? HOT 1
- Build Error HOT 2
- Cargo CVE-2023-38497 HOT 1
- Show where the passwords in config PHP files were found. HOT 1
- Searching passwords in config PHP files HOT 1
- WinPEAS - Exploit Suggester Feature
- Unable to skip deep file scans in WinPEASx64
- LinPEAS stuck at "Users with console" stage (Oracle Linux 7)
- [WinPEAS.ps1] - Process is terminated due to StackOverflowException
- Script (linpeas_base.sh) does not run/work HOT 1
- PrintNightmare in 2024
- Exchange Watson with wesng
- Winpeas Crash - Requested Registry
- Powershell history bug? HOT 1
- AWS EC2 detected as Tencent CVM causing long run time due to incorrect Tencent enumeration HOT 2
- Winpeas logs full of garbage exceptions. Error looking for regex define ?\(['"](\w*pass|\w*pwd|\w*user|\w*datab) HOT 8
- serious formatting issues in output of newest release -- Release refs/heads/master 20240414-ed0a5fac
- Support for Windows LAPS
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from peass-ng.