search

peass-ng / PEASS-ng

PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)
https://book.hacktricks.xyz
Other
15.59k stars 3.03k forks source link

Space in directory path breaks ColorLine/FORFILES logic within winPEAS.bat #301

Open naterobbified opened 2 years ago

naterobbified commented 2 years ago

Issue description

If the batch script is run from a directory path with a space, it breaks the ColorLine logic specifically within the FORFILES.exe loop. I attempted to debug the issue by adding quotes to the FORFILES.exe command but I couldn't figure out a working solution.

Steps to reproduce the issue

  1. Place the winPEAS.bat file in a path with a space, in my example I used C:\test folder. (I originally ran into this issue as I had a space in my Windows username so my path looked something like C:\Users\Bob Jones\Desktop)
  2. Run the script and you should see FORFILES.exe errors as shown below: 
    
C:\test folder>winPEAS.bat

ERROR: Invalid argument/option - 'folder\'. Type "FORFILES /?" for usage. ERROR: Invalid argument/option - 'folder\'. Type "FORFILES /?" for usage. ERROR: Invalid argument/option - 'folder\'. Type "FORFILES /?" for usage. ERROR: Invalid argument/option - 'folder\'. Type "FORFILES /?" for usage. ...



#### Which parameters did you use for executing the script and how did you execute it?
none

#### If winpeas, did you use a clean or obfuscated winpeas, and for which architecture?
Just used the vanilla batch file from the repo.

#### Is there any AV / Threat protection in the system?
Yes, but its all disabled.

#### Please, indicate the OS, the OS version, and the kernel version (build number in case of Windows)
Windows 10 Build 19043.1826

#### Please, indicate the check that is failing and add a screenshot showing the problem
As described above, the ColorLine logic breaks when the batch script is run from a directory path with a space, resulting in FORFILES errors:
<img width="674" alt="Capture2" src="https://user-images.githubusercontent.com/3721692/179841942-9c7188df-b576-45da-9944-79ee77b90981.PNG">

#### How did you expect it to work?
I expected the script to run without errors.

#### Additional details / screenshot
carlospolop commented 1 year ago

Hey @naterobbified, Sorry for the waiting. Could you send a PR that if the current path contains spaces Winpeas notifies it and ends the execution?