winPEAS.ps1 powershell script does not work on non-english systems

[shaaati]

This happens to me quite often, as I am mostly pentesting German companies. It should be a general issue with every non-english system, though.

In certain lines, winPEAS references command output by its column names. At least the following two lines are affected:

https://github.com/peass-ng/PEASS-ng/blob/7979c470a175fe9dc3ebb7ceca6f9b18724b493c/winPEAS/winPEASps1/winPEAS.ps1#L70

https://github.com/peass-ng/PEASS-ng/blob/7979c470a175fe9dc3ebb7ceca6f9b18724b493c/winPEAS/winPEASps1/winPEAS.ps1#L1228

On non-english systems, the property "group name" does not exist and therefore the command fails. I am no Powershell/Windows CLI expert and therefore do not know how this should be implemented in a language-agnostic way. Can columns be adressed by their index?

Currently, I sed "s/group name/Gruppenname/", but this is obviously not the way to go.

@RandolphConley since you are the maintainer of the powershell script, it probably makes sense to tag you.

Edit: This also affects the "USER INFO" block where local groups are accessed by their English names: https://github.com/peass-ng/PEASS-ng/blob/7979c470a175fe9dc3ebb7ceca6f9b18724b493c/winPEAS/winPEASps1/winPEAS.ps1#L1236-L1249

[carlospolop]

Any news about this @RandolphConley ?

[RandolphConley]

I am looking into this. Hopefully will have a solution soon.

[RandolphConley]

This was a fun problem. I have updated the code and will push to origin. It should be resolved now.

[shaaati]

@RandolphConley the "USER INFO" part is still unchanged, isn't it? The English group names (e.g., "Administrators") do not work in other locales.

[RandolphConley]

@shaaati - thank you for your patience. This has been fixed as well and has been submitted for approval to origin.

[shaaati]

No worries, I appreciate a lot that you put work into this in your spare time! Just wanted to make sure that no aspect is missed. I hope I didn't come over too pushy/greedy.

Thank you for your support and for the prompt fix!