Closed gearcapitan closed 4 years ago
Hi @gearcapitan,
Could you share some information about the system where you are trying to execute winpeas?
Can confirm, the update of last month likely broke it. This above screenshot is from #HTB Sauna.
Sorry guys I cannot see the problem, I accessed Sauna an I just tried the latest version of WinpeasANY (obfuscated) and it worked:
Can you explain this?
wget https://github.com/carlospolop/privilege-escalation-awesome-scripts-suite/blob/master/winPEAS/winPEASexe/winPEAS/bin/Obfuscated%20Releases/winPEASany.exe
`Info: Uploading /var/www/html/winPEASany.exe to C:\Users\svc_loanmgr\Documents\winPEASany.exe
Data: 93044 bytes of 93044 bytes copied
Info: Upload successful! `
`Mode LastWriteTime Length Name
-a---- 3/25/2020 5:23 PM 69785 winPEASany.exe `
what do you want me to explain?
You are downloading the binary using wget
.
@isee2it or @gearcapitan could you give detailed explanations to reproduce the error? If I cannot reproduce it, I can't fix it.
Can confirm it's not broken: the RAW file was the correct item. Not the filename. Verified.
So everything is working good?
Yes
I have the next issue on sauna box
*Evil-WinRM* PS C:\Users\FSmith\Documents> upload winPEASany.exe
Warning: Remember that in docker environment all local paths should be at /data and it must be mapped correctly as a volume on docker run command
Info: Uploading winPEASany.exe to C:\Users\FSmith\Documents\winPEASany.exe
Data: 94724 bytes of 94724 bytes copied
Info: Upload successful!
*Evil-WinRM* PS C:\Users\FSmith\Documents> dir
Directory: C:\Users\FSmith\Documents
Mode LastWriteTime Length Name
---- ------------- ------ ----
-a---- 3/28/2020 1:48 AM 71045 winPEASany.exe
*Evil-WinRM* PS C:\Users\FSmith\Documents> .\winPEASany.exe
Program 'winPEASany.exe' failed to run: The specified executable is not a valid application for this OS platform.At line:1 char:1
+ .\winPEASany.exe
+ ~~~~~~~~~~~~~~~~.
At line:1 char:1
+ .\winPEASany.exe
+ ~~~~~~~~~~~~~~~~
+ CategoryInfo : ResourceUnavailable: (:) [], ApplicationFailedException
+ FullyQualifiedErrorId : NativeCommandFailed
*Evil-WinRM* PS C:\Users\FSmith\Documents>
Hi @aaaguirrep, are you using the latest winpeas version?
I tried with the binaries from the next link:
Let me try to help and assist. Use the RAW locations. So manually: Klik on the FileName winPEASx64.exe and you get into the next view, and then click download RAW
Another method:
wget https://github.com/carlospolop/privilege-escalation-awesome-scripts-suite/raw/master/winPEAS/winPEASexe/winPEAS/bin/Obfuscated%20Releases/winPEASany.exe wget https://github.com/carlospolop/privilege-escalation-awesome-scripts-suite/raw/master/winPEAS/winPEASexe/winPEAS/bin/Obfuscated%20Releases/winPEASx64.exe wget https://github.com/carlospolop/privilege-escalation-awesome-scripts-suite/raw/master/winPEAS/winPEASexe/winPEAS/bin/Obfuscated%20Releases/winPEASx86.exe
Kind regards, Martijn
Thanks for the links. It worked.
Sorry for the question but how i can find the raw location in github?
Please read all when I try to explain it.
Let me try to help and assist. Use the RAW locations. So manually: Klik on the FileName winPEASx64.exe and you get into the next view, and then click download RAW
winPEASany.exe not at all working for windows 12 R2. can anyone help I am getting the message the version is not compatible
Could you try all the versions in https://github.com/carlospolop/privilege-escalation-awesome-scripts-suite/tree/master/winPEAS/winPEASexe/winPEAS/bin/Obfuscated%20Releases?
If any of them are working, I would recommend you to try to compile winpeas inside the machine you want to test it in, or in one running the same Windows version.
transfer with binary mode!! Probably this can solve this problem😄. Though I got the reverse shell, I can't execute winPEASany.exe, accesschk.exe, mimikatx.exe, JuicyPotato.exe e.t.c. All these problems come from not transferring with binary mode of ftp.
i try version obfuscated and normal version, with two architecture x64 and x86 help