Example #1
0
        public static async Task Main()
        {
            Console.WriteLine("Starting VulnerabilityTracker");

            var check = new VulnerabilityCheck();

            check.AddSource(DependencyManagerTypes.NuGet, new OssIndexVulnerabilitySource("https://ossindex.sonatype.org"));

            var vulnerabilities = (await check.ExecuteAsync("Flurl.Http.Xml", "1.5.0"))
                                  .ToList();

            if (vulnerabilities.Any())
            {
                foreach (var vulnerability in vulnerabilities)
                {
                    Console.WriteLine($"Vulnerability: {vulnerability.Title}");
                }
            }
            else
            {
                Console.WriteLine("No vulnerabilities found");
            }

            Console.WriteLine("Press Enter to exit");
            Console.ReadLine();
        }
Example #2
0
        public static void PrivescChecks(Type[] checks)
        {
            bool isHighIntegrity = IsHighIntegrity();
            bool isLocalAdmin = IsLocalAdmin();
            bool shouldQuit = false;

            if (isHighIntegrity)
            {
                Console.WriteLine("\r\n[*] Already in high integrity, no need to privesc!");
                shouldQuit = true;
            }
            else if (!isHighIntegrity && isLocalAdmin)
            {
                Console.WriteLine("\r\n[*] In medium integrity but user is a local administrator- UAC can be bypassed.");
                shouldQuit = true;
            }

            // if already admin we can quit without running all checks
            if (shouldQuit)
            {
                if (!auditMode)
                {
                    Console.WriteLine("\r\n[*] Quitting now, re-run with \"audit\" argument to run checks anyway (audit mode).");
                    return;
                }
                else
                {
                    // except if auditMode has explictly been asked
                    Console.WriteLine($"\r\n[*] Audit mode: running an additional {checks.Length} check(s).");
                    if (isHighIntegrity)
                    {
                        Console.WriteLine("[*] Note: Running audit mode in high integrity will yield a large number of false positives.");
                    }
                }
            }
            
            List<VulnerabilityCheck> vulnerableChecks = new List<VulnerabilityCheck>();
            Mutex mtx = new Mutex();
            List<Thread> runningThreads = new List<Thread>();
            foreach(Type t in checks)
            {
                Thread vulnThread = new Thread(() =>
                {
                    try
                    {
                        VulnerabilityCheck c = (VulnerabilityCheck)Activator.CreateInstance(t);
                        if (c.IsVulnerable())
                        {
                            mtx.WaitOne();
                            vulnerableChecks.Add(c);
                            mtx.ReleaseMutex();
                        }
                    } catch (Exception ex)
                    {
                        Console.WriteLine("[X] Unhandled exception in {0}: {1}", t.Name, ex.Message);
                    }
                });
                vulnThread.Start();
                runningThreads.Add(vulnThread);
            }
            foreach(Thread t in runningThreads)
            {
                t.Join();
            }

            if (vulnerableChecks.Count == 0)
            {
                Console.WriteLine($"\r\n[-] Not vulnerable to any of the {checks.Length} checked modules.");
            } else
            {
                foreach(VulnerabilityCheck c in vulnerableChecks)
                {
                    Console.WriteLine($"\r\n=== {c.Name()} ===");
                    foreach(string s in c.Details())
                    {
                        Console.WriteLine($"\t{s}");
                    }
                    Console.WriteLine();
                }
            }
        }
Example #3
0
 public VulnerabilityCheckShould()
 {
     _check = new VulnerabilityCheck();
 }