search

peass-ng / PEASS-ng

PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)
https://book.hacktricks.xyz
Other
15.73k stars 3.05k forks source link

WinPEAS hangs after files searches #136

Closed AmandaBSobrinho closed 3 years ago

AmandaBSobrinho commented 3 years ago

Running the latest winPEASany.exe and winPEASx64.exe, I noticed that when it gets to "Searching interesting files in other users home directories (can be slow)", the script just hangs and it doesn't go back to the reverse shell I ran it into (image below).

2021-05-12_23-56

I can't tell if it finished running or not. Does anyone know why?

carlospolop commented 3 years ago

Hi @AmandaBSobrinho , Thank you for reporting this bug! @makikvues could you take a look to it?

AmandaBSobrinho commented 3 years ago

Hi! I also forgot to mention something that was brought to my attention in the Telegram group. I was using a basic reverse shell that I got from a msfvenom reverse shell payload, so it was a "dumb" reverse shell. Maybe that's the reason? If it is, sorry for opening the issue.

makikvues commented 3 years ago

Hello @AmandaBSobrinho, first of all, thank you for reporting the bug! I would say the basic reverse shell timed out, because the search is too slow. I would like to ask you:

  1. can you please run winpeas in upgraded shell and check if the issue is still there?
  2. have you used the "domain" argument, to enumerate also the domain? this might be also very slow, if the domain is too big. by default it is disabled
  3. have you experienced this issue if you run winpeas in a normal cmd "terminal" (not a reverse shell)?

Thank you :)

AmandaBSobrinho commented 3 years ago

Hey @makikvues! Answering:

  1. I'll run it and get back to you, but I'm pretty sure it will run without issues. The thing that is bugging me is that I saw some videos of people solving the same machine I was solving when I used winPEAS (it is a room from TryHackMe), and in the videos they download winPEAS from Github (an older version, from 2020) and run it in the same "dumb" shell I was using, and it doesn't hang. I can provide a link to one of the videos, if you'd like. It made me think that maybe the issue has to do with any updates made since then.
  2. I didn't use any arguments, I just ran winPEASany.exe.
  3. I haven't tried to run winPEAS in a normal terminal, just reverse shells, but I'll perform that test too and I'll relate the results here.

Thank you very much for the answer! I hope we can find out why this is happening.

AmandaBSobrinho commented 3 years ago

Ok, so I ran it in a better reverse shell, obtained with Meterpreter, and it ran without issues. So, I think it really has something to do with the dumb shell, for a reason. Since it worked, I didn't ran it in a normal cmd, because it will much likely work normally.