Closed Donovoi closed 1 year ago
Hi @Donovoi,
Sorry for the waiting. As you suggests, it looks like modifying a key in the registry will fix this (https://stackoverflow.com/questions/8745215/best-way-to-resolve-file-path-too-long-exception). However, you need high privileges to modify that key do you know any other way?
Moreover, I tried to fix this issue with https://github.com/carlospolop/PEASS-ng/commit/f86e301a1b16b989ab4f802dd3a03781216c1620 but I didn't have that error so I don't know if the patch will work. Could you please test the latest version (it will be build on Sunday) and check if the errors still appear? And if they do could you send a PR improving the patch? Thank you
Awesome thank you @carlospolop I'll work on this tonight. I had a look at this https://c-nergy.be/blog/?p=15339 I'm thinking we can change the path somehow using DOS Device Syntax. Have look here https://learn.microsoft.com/en-us/dotnet/standard/io/file-path-formats#traditional-dos-paths
I'll let you know how I go
Hi Carlos, Though changing the registry might be an easy fix my preference would be to somehow convert all paths to dos device syntax:
The Windows API has many functions that also have Unicode versions to permit an extended-length path for a maximum total path length of 32,767 characters. This type of path is composed of components separated by backslashes, each up to the value returned in the lpMaximumComponentLength parameter of the GetVolumeInformation function (this value is commonly 255 characters). To specify an extended-length path, use the "\?\" prefix. For example, "\?\D:\very long path".
https://learn.microsoft.com/en-us/windows/win32/fileio/maximum-file-path-limitation?tabs=registry
OR
Using the Wide Character versions of the functions instead of the ANSI versions:
In the Windows API, there is an infamous constant known as MAX_PATH. MAXPATH is 260 characters. The NTFS file system actually supports file paths of up to 32,767 characters. And you can still use 32,767 character long path names by accessing the Unicode (or "wide") versions of the Windows API functions, and also by prefixing the path with \?.
https://serverfault.com/questions/232986/overcoming-maximum-file-path-length-restrictions-in-windows
I would love to do this for you, but being a new c# developer I just don't know where to start.
All in all, I'm happy with the error handling you've done so far. If you want to close it go ahead, otherwise I'll keep working on this in my spare time.
Thank you
Hey @Donovoi! I'm pretty busy and not doing many things related to Windows at the moment. Could you try send a PR to correctly fix this? Following the commit I shared with you you can see the code related to the error, you can start working from there.
I had never program C# until I started developing winpeas, I'm sure that if you want to find a fix for this you will be able to find one:)
Let me know!
Hi @Donovoi,
Any news on this? Will you have time to try to fix this?
Hey Carlos!
Sorry I didn't reply, I have been working on a solution in my free time. I have found a few possible solutions but need to double check - Did you want to target the same .net framework? I think atm it is 4.5.2 - If we target a newer one, it may be easier (at least for me) to find a good solution.
I'm thinking along the lines of using cswin32/pinvoke/dllimport/ or some sort of source generation to import a c/c++ function that is not affected by this limit.
let me know what you think
If possible I would like to keep the same .Net version, if possible. If not, just send the PR using a different version. In this case it would be interesting if somehow we could make winpeas work as it's currently working if the newest version isn't installed and with the fix if the version is installed (but I don't know how complex this could be)
Ok all good. I've got a solution using WIN32_FIND_DATA struct, just need to work out how to properly implement it.
I also saw this issue. Here is the stacktrace. It has to do with nested junctions in this case.... I haven't run into this issue before but definitely will hit recursion limit:
- Creating files/directories list for search...
The path C:\Users\Administrator\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\IconCache.db is too large, try to enable LongPaths in the registry (no more warning about this will be shown)
Error while creating directory list: System.AggregateException: One or more errors occurred. ---> System.AggregateException: One or more errors occurred. ---> System.IO.PathTooLongException: The specified path, file name, or both are too long. The fully qualified file name must be less than 260 characters, and the directory name must be less than 248 characters.
at System.IO.Path.LegacyNormalizePath(String path, Boolean fullCheck, Int32 maxPathLength, Boolean expandShortPaths)
at System.IO.Path.InternalGetDirectoryName(String path)
at System.IO.FileInfo.get_DirectoryName()
at System.IO.FileInfo.get_Directory()
at ib.a.g(FileInfo A_0)
at System.Collections.Generic.List`1.ForEach(Action`1 action)
at System.Threading.Tasks.Parallel.<>c__DisplayClass17_0`1.<ForWorker>b__1()
at System.Threading.Tasks.Task.InnerInvokeWithArg(Task childTask)
at System.Threading.Tasks.Task.<>c__DisplayClass176_0.<ExecuteSelfReplicating>b__0(Object )
--- End of inner exception stack trace ---
at System.Threading.Tasks.Task.ThrowIfExceptional(Boolean includeTaskCanceledExceptions)
at System.Threading.Tasks.Task.Wait(Int32 millisecondsTimeout, CancellationToken cancellationToken)
at System.Threading.Tasks.Parallel.ForWorker[TLocal](Int32 fromInclusive, Int32 toExclusive, ParallelOptions parallelOptions, Action`1 body, Action`2 bodyWithState, Func`4 bodyWithLocal, Func`1 localInit, Action`1 localFinally)
at System.Threading.Tasks.Parallel.ForEachWorker[TSource,TLocal](IEnumerable`1 source, ParallelOptions parallelOptions, Action`1 body, Action`2 bodyWithState, Action`3 bodyWithStateAndIndex, Func`4 bodyWithStateAndLocal, Func`5 bodyWithEverything, Func`1 localInit, Action`1 localFinally)
at System.Threading.Tasks.Parallel.ForEach[TSource](IEnumerable`1 source, Action`1 body)
at ib.a.h(DirectoryInfo A_0)
at System.Threading.Tasks.Parallel.<>c__DisplayClass17_0`1.<ForWorker>b__1()
at System.Threading.Tasks.Task.InnerInvokeWithArg(Task childTask)
at System.Threading.Tasks.Task.<>c__DisplayClass176_0.<ExecuteSelfReplicating>b__0(Object )
--- End of inner exception stack trace ---
at System.Threading.Tasks.Task.ThrowIfExceptional(Boolean includeTaskCanceledExceptions)
at System.Threading.Tasks.Task.Wait(Int32 millisecondsTimeout, CancellationToken cancellationToken)
at System.Threading.Tasks.Parallel.ForWorker[TLocal](Int32 fromInclusive, Int32 toExclusive, ParallelOptions parallelOptions, Action`1 body, Action`2 bodyWithState, Func`4 bodyWithLocal, Func`1 localInit, Action`1 localFinally)
at System.Threading.Tasks.Parallel.ForEachWorker[TSource,TLocal](IEnumerable`1 source, ParallelOptions parallelOptions, Action`1 body, Action`2 bodyWithState, Action`3 bodyWithStateAndIndex, Func`4 bodyWithStateAndLocal, Func`5 bodyWithEverything, Func`1 localInit, Action`1 localFinally)
at System.Threading.Tasks.Parallel.ForEach[TSource](IEnumerable`1 source, Action`1 body)
at ib.a(String A_0, String A_1, HashSet`1 A_2, Boolean A_3)
at ib.h()
at winPEAS.Checks.Checks.d()
---> (Inner Exception #0) System.AggregateException: One or more errors occurred. ---> System.IO.PathTooLongException: The specified path, file name, or both are too long. The fully qualified file name must be less than 260 characters, and the directory name must be less than 248 characters.
at System.IO.Path.LegacyNormalizePath(String path, Boolean fullCheck, Int32 maxPathLength, Boolean expandShortPaths)
at System.IO.Path.InternalGetDirectoryName(String path)
at System.IO.FileInfo.get_DirectoryName()
at System.IO.FileInfo.get_Directory()
at ib.a.g(FileInfo A_0)
at System.Collections.Generic.List`1.ForEach(Action`1 action)
at System.Threading.Tasks.Parallel.<>c__DisplayClass17_0`1.<ForWorker>b__1()
at System.Threading.Tasks.Task.InnerInvokeWithArg(Task childTask)
at System.Threading.Tasks.Task.<>c__DisplayClass176_0.<ExecuteSelfReplicating>b__0(Object )
--- End of inner exception stack trace ---
at System.Threading.Tasks.Task.ThrowIfExceptional(Boolean includeTaskCanceledExceptions)
at System.Threading.Tasks.Task.Wait(Int32 millisecondsTimeout, CancellationToken cancellationToken)
at System.Threading.Tasks.Parallel.ForWorker[TLocal](Int32 fromInclusive, Int32 toExclusive, ParallelOptions parallelOptions, Action`1 body, Action`2 bodyWithState, Func`4 bodyWithLocal, Func`1 localInit, Action`1 localFinally)
at System.Threading.Tasks.Parallel.ForEachWorker[TSource,TLocal](IEnumerable`1 source, ParallelOptions parallelOptions, Action`1 body, Action`2 bodyWithState, Action`3 bodyWithStateAndIndex, Func`4 bodyWithStateAndLocal, Func`5 bodyWithEverything, Func`1 localInit, Action`1 localFinally)
at System.Threading.Tasks.Parallel.ForEach[TSource](IEnumerable`1 source, Action`1 body)
at ib.a.h(DirectoryInfo A_0)
at System.Threading.Tasks.Parallel.<>c__DisplayClass17_0`1.<ForWorker>b__1()
at System.Threading.Tasks.Task.InnerInvokeWithArg(Task childTask)
at System.Threading.Tasks.Task.<>c__DisplayClass176_0.<ExecuteSelfReplicating>b__0(Object )
---> (Inner Exception #0) System.IO.PathTooLongException: The specified path, file name, or both are too long. The fully qualified file name must be less than 260 characters, and the directory name must be less than 248 characters.
at System.IO.Path.LegacyNormalizePath(String path, Boolean fullCheck, Int32 maxPathLength, Boolean expandShortPaths)
at System.IO.Path.InternalGetDirectoryName(String path)
at System.IO.FileInfo.get_DirectoryName()
at System.IO.FileInfo.get_Directory()
at ib.a.g(FileInfo A_0)
at System.Collections.Generic.List`1.ForEach(Action`1 action)
at System.Threading.Tasks.Parallel.<>c__DisplayClass17_0`1.<ForWorker>b__1()
at System.Threading.Tasks.Task.InnerInvokeWithArg(Task childTask)
at System.Threading.Tasks.Task.<>c__DisplayClass176_0.<ExecuteSelfReplicating>b__0(Object )<---
---> (Inner Exception #1) System.IO.PathTooLongException: The specified path, file name, or both are too long. The fully qualified file name must be less than 260 characters, and the directory name must be less than 248 characters.
at System.IO.Path.LegacyNormalizePath(String path, Boolean fullCheck, Int32 maxPathLength, Boolean expandShortPaths)
at System.IO.Path.InternalGetDirectoryName(String path)
at System.IO.FileInfo.get_DirectoryName()
at System.IO.FileInfo.get_Directory()
at ib.a.g(FileInfo A_0)
at System.Collections.Generic.List`1.ForEach(Action`1 action)
at System.Threading.Tasks.Parallel.<>c__DisplayClass17_0`1.<ForWorker>b__1()
at System.Threading.Tasks.Task.InnerInvokeWithArg(Task childTask)
at System.Threading.Tasks.Task.<>c__DisplayClass176_0.<ExecuteSelfReplicating>b__0(Object )<---
<---
I ran in to this as well on a freshly compiled winpeas. even with the registry setting it would still crash. For what it's worth, I was able to avoid this issue by changing the target .NET framework to 4.7.2. anything < 4.6.1 had issues with legacy filepath limitations and 4.7.2 seems to ignore any filepath length restrictions. running great now with no unhandled exceptions! Great tool btw
Hi @musicmancorley ! You mean that just updating the .Net framework to 4.7.2 would fix this issue without needing to change the code?
hey Carlos, yes that is correct. Based on my testing with windows 11 and .Net 4.7.2 even with NOT setting the registry setting for longpath filenames, Winpeas will continue and not throw an unhandled exception. This is the only message I see if I intentionally don't allow longfilenames via windows registry. Otherwise, Winpeas runs just fine:
I'm using the latest build https://github.com/carlospolop/PEASS-ng/releases/tag/20230618-1fa055b6 and I'm still getting the same error for 64 bit winpeas
Searching executable files in non-default folders with write (equivalent) permissions (can be slow)
Unhandled Exception: System.IO.FileNotFoundException: Could not load file or assembly 'AlphaFS, Version=2.2.0.0, Culture=neutral, PublicKeyToken=4d31a58f7d7ad5c9' or one of its dependencies. The system cannot find the file specified.
at ib.a(String A_0, String A_1, HashSet`1 A_2, Boolean A_3)
at ik.g()
at h5.a(Action A_0, Boolean A_1, String A_2)
at System.Collections.Generic.List`1.ForEach(Action`1 action)
at winPEAS.Checks.Checks.a(Boolean A_0, Boolean A_1)
at winPEAS.Checks.Checks.b.c()
at h5.a(Action A_0, Boolean A_1, String A_2)
at winPEAS.Checks.Checks.a(String[] A_0)
at winPEAS.Program.Main(String[] args)
Hi @asadzz this was fixed at the end of July, please use a more recent release and let me know if you find the same problem
If you are going to suggest something, please remove the following template.
Issue description
Path too long exception when running winpeasx64.exe (non ofs) 20220901
Steps to reproduce the issue
Which parameters did you use for executing the script and how did you execute it?
none
If winpeas, did you use a clean or obfuscated winpeas, and for which architecture?
clean x64
Is there any AV / Threat protection in the system?
no disabled by gpo - but im finding defender is repairing it self even when it is disabled
Please, indicate the OS, the OS version, and the kernel version (build number in case of Windows)
Microsoft Windows [Version 10.0.25193.1000]
Please, indicate the check that is failing and add a screenshot showing the problem
Happens again at
Searching executable files in non-default folders with write (equivalent) permissions (can be slow)
Then program crashes
How did you expect it to work?
no stack trace and no error
Additional details / screenshot
Obviously we can fix this via registry, should we check for this limit before running the script? Make adjustments to handle it or Maybe just warn the user and/or direct them on how to change this value?