CVE-2021-3560 #478
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: CI-master_test | |
on: | |
push: | |
branches: | |
- master | |
- main | |
paths-ignore: | |
- '.github/**' | |
schedule: | |
- cron: "5 4 1 * *" | |
workflow_dispatch: | |
jobs: | |
Build_and_test_winpeas_master: | |
runs-on: windows-latest | |
# environment variables | |
env: | |
Solution_Path: 'winPEAS\winPEASexe\winPEAS.sln' | |
Configuration: 'Release' | |
DotFuscatorGeneratedPath: 'winPEAS\winPEASexe\binaries\Obfuscated Releases\Dotfuscated' | |
steps: | |
# checkout | |
- name: Checkout | |
uses: actions/checkout@master | |
with: | |
ref: ${{ github.head_ref }} | |
- name: Download regexes | |
run: | | |
powershell.exe -ExecutionPolicy Bypass -File build_lists/download_regexes.ps1 | |
# Add MSBuild to the PATH: https://github.com/microsoft/setup-msbuild | |
- name: Setup MSBuild.exe | |
uses: microsoft/[email protected] | |
# Setup NuGet | |
- name: Setup NuGet.exe | |
uses: nuget/setup-nuget@v1 | |
# Restore the packages for testing | |
- name: Restore the application | |
run: nuget restore $env:Solution_Path | |
# build | |
- name: run MSBuild | |
run: msbuild $env:Solution_Path | |
# Execute all unit tests in the solution | |
#- name: Execute unit tests | |
# run: dotnet test $env:Solution_Path | |
# Build & update all versions | |
- name: Build all versions | |
run: | | |
echo "build x64" | |
msbuild -m $env:Solution_Path /t:Rebuild /p:Configuration=$env:Configuration /p:Platform="x64" | |
echo "build x86" | |
msbuild -m $env:Solution_Path /t:Rebuild /p:Configuration=$env:Configuration /p:Platform="x86" | |
echo "build Any CPU" | |
msbuild -m $env:Solution_Path /t:Rebuild /p:Configuration=$env:Configuration /p:Platform="Any CPU" | |
- name: Execute winPEAS -h | |
shell: pwsh | |
run: | | |
$Configuration = "Release" | |
$exePath = "winPEAS/winPEASexe/winPEAS/bin/$Configuration/winPEAS.exe" | |
if (Test-Path $exePath) { | |
& $exePath -h | |
} else { | |
Write-Error "winPEAS.exe not found at $exePath" | |
} | |
- name: Execute winPEAS cloudinfo | |
shell: pwsh | |
run: | | |
$Configuration = "Release" | |
$exePath = "winPEAS/winPEASexe/winPEAS/bin/$Configuration/winPEAS.exe" | |
if (Test-Path $exePath) { | |
& $exePath cloudinfo | |
} else { | |
Write-Error "winPEAS.exe not found at $exePath" | |
} | |
- name: Execute winPEAS systeminfo | |
shell: pwsh | |
run: | | |
$Configuration = "Release" | |
$exePath = "winPEAS/winPEASexe/winPEAS/bin/$Configuration/winPEAS.exe" | |
if (Test-Path $exePath) { | |
& $exePath systeminfo | |
} else { | |
Write-Error "winPEAS.exe not found at $exePath" | |
} | |
# Copy the built versions | |
- name: Copy all versions | |
run: | | |
echo "copy x64" | |
cp winPEAS\winPEASexe\winPEAS\bin\x64\$env:Configuration\winPEAS.exe winPEAS\winPEASexe\binaries\x64\$env:Configuration\winPEASx64.exe | |
echo "copy x86" | |
cp winPEAS\winPEASexe\winPEAS\bin\x86\$env:Configuration\winPEAS.exe winPEAS\winPEASexe\binaries\x86\$env:Configuration\winPEASx86.exe | |
echo "copy Any" | |
cp winPEAS\winPEASexe\winPEAS\bin\$env:Configuration\winPEAS.exe winPEAS\winPEASexe\binaries\$env:Configuration\winPEASany.exe | |
# Setup DotFuscator | |
- name: Setup DotFuscator | |
run: | | |
7z x winPEAS\winPEASexe\Dotfuscator\DotfuscatorCE.zip | |
whoami | |
mkdir -p $env:USERPROFILE\AppData\Local\"PreEmptive Solutions"\"Dotfuscator Community Edition"\6.0 -erroraction 'silentlycontinue' | |
cp DotfuscatorCE\license\* $env:USERPROFILE\AppData\Local\"PreEmptive Solutions"\"Dotfuscator Community Edition"\6.0\ | |
# build obfuscated versions | |
- name: Build obfuscated versions | |
run: | | |
DotfuscatorCE\dotfuscator.exe "winPEAS\winPEASexe\binaries\Obfuscated Releases\x64.xml" | |
DotfuscatorCE\dotfuscator.exe "winPEAS\winPEASexe\binaries\Obfuscated Releases\x86.xml" | |
DotfuscatorCE\dotfuscator.exe "winPEAS\winPEASexe\binaries\Obfuscated Releases\any.xml" | |
# copy the files | |
- name: Copy Dotfuscator generated files | |
run: | | |
cp $env:DotFuscatorGeneratedPath\x64\winPEASx64.exe "winPEAS\winPEASexe\binaries\Obfuscated Releases\winPEASx64_ofs.exe" | |
cp $env:DotFuscatorGeneratedPath\x86\winPEASx86.exe "winPEAS\winPEASexe\binaries\Obfuscated Releases\winPEASx86_ofs.exe" | |
cp $env:DotFuscatorGeneratedPath\any\winPEASany.exe "winPEAS\winPEASexe\binaries\Obfuscated Releases\winPEASany_ofs.exe" | |
# Upload all the versions for the release | |
- name: Upload winpeasx64 | |
uses: actions/upload-artifact@v4 | |
with: | |
name: winPEASx64.exe | |
path: winPEAS\winPEASexe\binaries\x64\Release\winPEASx64.exe | |
- name: Upload winpeasx86 | |
uses: actions/upload-artifact@v4 | |
with: | |
name: winPEASx86.exe | |
path: winPEAS\winPEASexe\binaries\x86\Release\winPEASx86.exe | |
- name: Upload winpeasany | |
uses: actions/upload-artifact@v4 | |
with: | |
name: winPEASany.exe | |
path: winPEAS\winPEASexe\binaries\Release\winPEASany.exe | |
- name: Upload winpeasx64ofs | |
uses: actions/upload-artifact@v4 | |
with: | |
name: winPEASx64_ofs.exe | |
path: winPEAS\winPEASexe\binaries\Obfuscated Releases\winPEASx64_ofs.exe | |
- name: Upload winpeasx86ofs | |
uses: actions/upload-artifact@v4 | |
with: | |
name: winPEASx86_ofs.exe | |
path: winPEAS\winPEASexe\binaries\Obfuscated Releases\winPEASx86_ofs.exe | |
- name: Upload winpeasanyofs | |
uses: actions/upload-artifact@v4 | |
with: | |
name: winPEASany_ofs.exe | |
path: winPEAS\winPEASexe\binaries\Obfuscated Releases\winPEASany_ofs.exe | |
- name: Upload winpeas.bat | |
uses: actions/upload-artifact@v4 | |
with: | |
name: winPEAS.bat | |
path: winPEAS\winPEASbat\winPEAS.bat | |
# Git add | |
#- name: Create local changes | |
# run: | | |
# git add winPEAS\winPEASexe\binaries\Release\* | |
# git add winPEAS\winPEASexe\binaries\x64\* | |
# git add winPEAS\winPEASexe\binaries\x86\* | |
# git add "winPEAS\winPEASexe\binaries\Obfuscated Releases\*.exe" | |
# Git commit | |
#- name: Commit results to Github | |
# run: | | |
# git config --local user.email "[email protected]" | |
# git config --global user.name "CI-winpeas" | |
# git pull origin "${{ github.ref }}" --autostash --rebase -Xours | |
# git commit -m "winpeas binaries auto update" -a --allow-empty | |
# Git push | |
#- name: Push changes | |
# uses: ad-m/github-push-action@master | |
# with: | |
# branch: ${{ github.head_ref }} | |
# github_token: ${{ secrets.GITHUB_TOKEN }} | |
# force: true | |
Build_and_test_linpeas_master: | |
runs-on: ubuntu-latest | |
steps: | |
# Download repo | |
- uses: actions/checkout@v2 | |
with: | |
ref: ${{ github.head_ref }} | |
# Setup go | |
- uses: actions/setup-go@v2 | |
with: | |
go-version: 1.17.0-rc1 | |
stable: false | |
- run: go version | |
# Build linpeas | |
- name: Build linpeas | |
run: | | |
python3 -m pip install PyYAML | |
cd linPEAS | |
python3 -m builder.linpeas_builder --all --output linpeas_fat.sh | |
python3 -m builder.linpeas_builder --all-no-fat --output linpeas.sh | |
python3 -m builder.linpeas_builder --small --output linpeas_small.sh | |
# Build linpeas binaries | |
- name: Build linpeas binaries | |
run: | | |
git clone https://github.com/carlospolop/sh2bin | |
cd sh2bin | |
bash build.sh ../linPEAS/linpeas.sh | |
mv builds/sh2bin_linux_386 builds/linpeas_linux_386 | |
mv builds/sh2bin_linux_amd64 builds/linpeas_linux_amd64 | |
mv builds/sh2bin_linux_arm builds/linpeas_linux_arm | |
mv builds/sh2bin_linux_arm64 builds/linpeas_linux_arm64 | |
mv builds/sh2bin_darwin_amd64 builds/linpeas_darwin_amd64 | |
mv builds/sh2bin_darwin_arm64 builds/linpeas_darwin_arm64 | |
ls -lR ./ | |
# Run linpeas help as quick test | |
- name: Run linpeas help | |
run: linPEAS/linpeas_fat.sh -h && linPEAS/linpeas.sh -h && linPEAS/linpeas_small.sh -h | |
# Run linpeas as a test | |
- name: Run linpeas system_information | |
run: linPEAS/linpeas_fat.sh -o system_information -a | |
- name: Run linpeas container | |
run: linPEAS/linpeas_fat.sh -o container -a | |
- name: Run linpeas cloud | |
run: linPEAS/linpeas_fat.sh -o cloud -a | |
- name: Run linpeas procs_crons_timers_srvcs_sockets | |
run: linPEAS/linpeas_fat.sh -o procs_crons_timers_srvcs_sockets -a | |
- name: Run linpeas network_information | |
run: linPEAS/linpeas_fat.sh -o network_information -t -a | |
- name: Run linpeas users_information | |
run: linPEAS/linpeas_fat.sh -o users_information -a | |
- name: Run linpeas software_information | |
run: linPEAS/linpeas_fat.sh -o software_information -a | |
- name: Run linpeas interesting_perms_files | |
run: linPEAS/linpeas_fat.sh -o interesting_perms_files -a | |
- name: Run linpeas interesting_files | |
run: linPEAS/linpeas_fat.sh -o interesting_files -a | |
# Too much time | |
#- name: Run linpeas api_keys_regex | |
# run: linPEAS/linpeas.sh -o api_keys_regex -r | |
# Upload files for release | |
- name: Upload linpeas.sh | |
uses: actions/upload-artifact@v4 | |
with: | |
name: linpeas.sh | |
path: linPEAS/linpeas.sh | |
- name: Upload linpeas_fat.sh | |
uses: actions/upload-artifact@v4 | |
with: | |
name: linpeas_fat.sh | |
path: linPEAS/linpeas_fat.sh | |
- name: Upload linpeas_small.sh | |
uses: actions/upload-artifact@v4 | |
with: | |
name: linpeas_small.sh | |
path: linPEAS/linpeas_small.sh | |
## Linux bins | |
- name: Upload linpeas_linux_386 | |
uses: actions/upload-artifact@v4 | |
with: | |
name: linpeas_linux_386 | |
path: sh2bin/builds/linpeas_linux_386 | |
- name: Upload linpeas_linux_amd64 | |
uses: actions/upload-artifact@v4 | |
with: | |
name: linpeas_linux_amd64 | |
path: sh2bin/builds/linpeas_linux_amd64 | |
- name: Upload linpeas_linux_arm | |
uses: actions/upload-artifact@v4 | |
with: | |
name: linpeas_linux_arm | |
path: sh2bin/builds/linpeas_linux_arm | |
- name: Upload linpeas_linux_arm64 | |
uses: actions/upload-artifact@v4 | |
with: | |
name: linpeas_linux_arm64 | |
path: sh2bin/builds/linpeas_linux_arm64 | |
## Darwin bins | |
- name: Upload linpeas_darwin_amd64 | |
uses: actions/upload-artifact@v4 | |
with: | |
name: linpeas_darwin_amd64 | |
path: sh2bin/builds/linpeas_darwin_amd64 | |
- name: Upload linpeas_darwin_arm64 | |
uses: actions/upload-artifact@v4 | |
with: | |
name: linpeas_darwin_arm64 | |
path: sh2bin/builds/linpeas_darwin_arm64 | |
# Clean sh2bin repo | |
- name: Cleaning sh2bin | |
run: rm -rf sh2bin | |
# - name: Create local changes | |
# run: git add linPEAS/linpeas.sh | |
# - name: Commit results to Github | |
# run: | | |
# git config --local user.email "" | |
# git config --global user.name "CI-linpeas-ubuntu" | |
# git pull origin "${{ github.ref }}" --autostash --rebase -Xours | |
# git commit -m "linpeas.sh auto update" -a --allow-empty | |
# - name: Push changes | |
# uses: ad-m/github-push-action@master | |
# with: | |
# branch: ${{ github.head_ref }} | |
# github_token: ${{ secrets.GITHUB_TOKEN }} | |
# force: true | |
Build_and_test_macpeas_master: | |
runs-on: macos-latest | |
steps: | |
# Download repo | |
- uses: actions/checkout@v2 | |
# Build linpeas | |
- name: Build macpeas | |
run: | | |
python3 -m pip install PyYAML --break-system-packages | |
python3 -m pip install requests --break-system-packages | |
cd linPEAS | |
python3 -m builder.linpeas_builder --all --output linpeas_fat.sh | |
# Run linpeas help as quick test | |
- name: Run macpeas help | |
run: linPEAS/linpeas_fat.sh -h | |
# Run macpeas parts to test it | |
#- name: Run macpeas | |
# run: linPEAS/linpeas.sh -D -o system_information,container,procs_crons_timers_srvcs_sockets,network_information,users_information,software_information | |
Publish_release: | |
runs-on: ubuntu-latest | |
needs: [Build_and_test_winpeas_master, Build_and_test_linpeas_master, Build_and_test_macpeas_master] | |
steps: | |
# Download files to release | |
- name: Download winpeasx64ofs | |
uses: actions/[email protected] | |
with: | |
name: winPEASx64_ofs.exe | |
- name: Download winpeasx86ofs | |
uses: actions/[email protected] | |
with: | |
name: winPEASx86_ofs.exe | |
- name: Download winpeasanyofs | |
uses: actions/[email protected] | |
with: | |
name: winPEASany_ofs.exe | |
- name: Download winpeasx64 | |
uses: actions/[email protected] | |
with: | |
name: winPEASx64.exe | |
- name: Download winpeasx86 | |
uses: actions/[email protected] | |
with: | |
name: winPEASx86.exe | |
- name: Download winpeasany | |
uses: actions/[email protected] | |
with: | |
name: winPEASany.exe | |
- name: Download winpeas.bat | |
uses: actions/[email protected] | |
with: | |
name: winPEAS.bat | |
- name: Download linpeas.sh | |
uses: actions/[email protected] | |
with: | |
name: linpeas.sh | |
- name: Download linpeas_fat.sh | |
uses: actions/[email protected] | |
with: | |
name: linpeas_fat.sh | |
- name: Download linpeas_small.sh | |
uses: actions/[email protected] | |
with: | |
name: linpeas_small.sh | |
- name: Download linpeas_linux_386 | |
uses: actions/[email protected] | |
with: | |
name: linpeas_linux_386 | |
- name: Download linpeas_linux_amd64 | |
uses: actions/[email protected] | |
with: | |
name: linpeas_linux_amd64 | |
- name: Download linpeas_linux_arm | |
uses: actions/[email protected] | |
with: | |
name: linpeas_linux_arm | |
- name: Download linpeas_linux_arm64 | |
uses: actions/[email protected] | |
with: | |
name: linpeas_linux_arm64 | |
- name: Download linpeas_darwin_amd64 | |
uses: actions/[email protected] | |
with: | |
name: linpeas_darwin_amd64 | |
- name: Download linpeas_darwin_arm64 | |
uses: actions/[email protected] | |
with: | |
name: linpeas_darwin_arm64 | |
- name: Get current date | |
id: date | |
run: echo "::set-output name=date::$(date +'%Y%m%d')" | |
- name: Generate random | |
id: random_n | |
run: echo "::set-output name=some_rand::$(openssl rand -hex 4)" | |
# Create the release | |
- name: Create Release | |
id: create_release | |
uses: actions/create-release@v1 | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
with: | |
tag_name: ${{steps.date.outputs.date}}-${{steps.random_n.outputs.some_rand}} | |
release_name: Release ${{ github.ref }} ${{steps.date.outputs.date}}-${{steps.random_n.outputs.some_rand}} | |
draft: false | |
prerelease: false | |
- id: upload_release_assets | |
uses: dwenegar/upload-release-assets@v1 | |
with: | |
release_id: ${{ steps.create_release.outputs.id }} | |
assets_path: . | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} |