winpeas.exe is not compatible with the version of Windows you're running. Check your computer's system information and then contact the software publisher

peass-ng / PEASS-ng

PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)

https://book.hacktricks.xyz

Other

15.73k stars 3.05k forks source link

winpeas.exe is not compatible with the version of Windows you're running. Check your computer's system information and then contact the software publisher #25

Closed gearcapitan closed 4 years ago

gearcapitan commented 4 years ago

imagen

i try version obfuscated and normal version, with two architecture x64 and x86 help

carlospolop commented 4 years ago

Hi @gearcapitan,

Could you share some information about the system where you are trying to execute winpeas?

ghost commented 4 years ago

Can confirm, the update of last month likely broke it. This above screenshot is from #HTB Sauna.

carlospolop commented 4 years ago

Sorry guys I cannot see the problem, I accessed Sauna an I just tried the latest version of WinpeasANY (obfuscated) and it worked:

ghost commented 4 years ago

Can you explain this?

wget https://github.com/carlospolop/privilege-escalation-awesome-scripts-suite/blob/master/winPEAS/winPEASexe/winPEAS/bin/Obfuscated%20Releases/winPEASany.exe

`Info: Uploading /var/www/html/winPEASany.exe to C:\Users\svc_loanmgr\Documents\winPEASany.exe

Data: 93044 bytes of 93044 bytes copied

Info: Upload successful! `

`Mode LastWriteTime Length Name

-a---- 3/25/2020 5:23 PM 69785 winPEASany.exe `

carlospolop commented 4 years ago

what do you want me to explain? You are downloading the binary using wget.

@isee2it or @gearcapitan could you give detailed explanations to reproduce the error? If I cannot reproduce it, I can't fix it.

ghost commented 4 years ago

Can confirm it's not broken: the RAW file was the correct item. Not the filename. Verified.

carlospolop commented 4 years ago

So everything is working good?

ghost commented 4 years ago

Yes

aaaguirrep commented 4 years ago

I have the next issue on sauna box

*Evil-WinRM* PS C:\Users\FSmith\Documents> upload winPEASany.exe

Warning: Remember that in docker environment all local paths should be at /data and it must be mapped correctly as a volume on docker run command

Info: Uploading winPEASany.exe to C:\Users\FSmith\Documents\winPEASany.exe

Data: 94724 bytes of 94724 bytes copied

Info: Upload successful!

*Evil-WinRM* PS C:\Users\FSmith\Documents> dir

    Directory: C:\Users\FSmith\Documents

Mode                LastWriteTime         Length Name
----                -------------         ------ ----
-a----        3/28/2020   1:48 AM          71045 winPEASany.exe

*Evil-WinRM* PS C:\Users\FSmith\Documents> .\winPEASany.exe
Program 'winPEASany.exe' failed to run: The specified executable is not a valid application for this OS platform.At line:1 char:1
+ .\winPEASany.exe
+ ~~~~~~~~~~~~~~~~.
At line:1 char:1
+ .\winPEASany.exe
+ ~~~~~~~~~~~~~~~~
    + CategoryInfo          : ResourceUnavailable: (:) [], ApplicationFailedException
    + FullyQualifiedErrorId : NativeCommandFailed
*Evil-WinRM* PS C:\Users\FSmith\Documents>

carlospolop commented 4 years ago

Hi @aaaguirrep, are you using the latest winpeas version?

aaaguirrep commented 4 years ago

I tried with the binaries from the next link:

https://github.com/carlospolop/privilege-escalation-awesome-scripts-suite/tree/master/winPEAS/winPEASexe/winPEAS/bin/Obfuscated%20Releases

ghost commented 4 years ago

Let me try to help and assist. Use the RAW locations. So manually: Klik on the FileName winPEASx64.exe and you get into the next view, and then click download RAW

Another method:

wget https://github.com/carlospolop/privilege-escalation-awesome-scripts-suite/raw/master/winPEAS/winPEASexe/winPEAS/bin/Obfuscated%20Releases/winPEASany.exe wget https://github.com/carlospolop/privilege-escalation-awesome-scripts-suite/raw/master/winPEAS/winPEASexe/winPEAS/bin/Obfuscated%20Releases/winPEASx64.exe wget https://github.com/carlospolop/privilege-escalation-awesome-scripts-suite/raw/master/winPEAS/winPEASexe/winPEAS/bin/Obfuscated%20Releases/winPEASx86.exe

Kind regards, Martijn

aaaguirrep commented 4 years ago

Thanks for the links. It worked.

Sorry for the question but how i can find the raw location in github?

ghost commented 4 years ago

Please read all when I try to explain it.

Let me try to help and assist. Use the RAW locations. So manually: Klik on the FileName winPEASx64.exe and you get into the next view, and then click download RAW

jayakrishnan1985 commented 3 years ago

winPEASany.exe not at all working for windows 12 R2. can anyone help I am getting the message the version is not compatible

carlospolop commented 3 years ago

Could you try all the versions in https://github.com/carlospolop/privilege-escalation-awesome-scripts-suite/tree/master/winPEAS/winPEASexe/winPEAS/bin/Obfuscated%20Releases?

If any of them are working, I would recommend you to try to compile winpeas inside the machine you want to test it in, or in one running the same Windows version.

MASAbirokou commented 2 years ago

transfer with binary mode!! Probably this can solve this problem😄. Though I got the reverse shell, I can't execute winPEASany.exe, accesschk.exe, mimikatx.exe, JuicyPotato.exe e.t.c. All these problems come from not transferring with binary mode of ftp.