public static async Task Main()
{
Console.WriteLine("Starting VulnerabilityTracker");
var check = new VulnerabilityCheck();
check.AddSource(DependencyManagerTypes.NuGet, new OssIndexVulnerabilitySource("https://ossindex.sonatype.org"));
var vulnerabilities = (await check.ExecuteAsync("Flurl.Http.Xml", "1.5.0"))
.ToList();
if (vulnerabilities.Any())
{
foreach (var vulnerability in vulnerabilities)
{
Console.WriteLine($"Vulnerability: {vulnerability.Title}");
}
}
else
{
Console.WriteLine("No vulnerabilities found");
}
Console.WriteLine("Press Enter to exit");
Console.ReadLine();
}
public static void PrivescChecks(Type[] checks)
{
bool isHighIntegrity = IsHighIntegrity();
bool isLocalAdmin = IsLocalAdmin();
bool shouldQuit = false;
if (isHighIntegrity)
{
Console.WriteLine("\r\n[*] Already in high integrity, no need to privesc!");
shouldQuit = true;
}
else if (!isHighIntegrity && isLocalAdmin)
{
Console.WriteLine("\r\n[*] In medium integrity but user is a local administrator- UAC can be bypassed.");
shouldQuit = true;
}
// if already admin we can quit without running all checks
if (shouldQuit)
{
if (!auditMode)
{
Console.WriteLine("\r\n[*] Quitting now, re-run with \"audit\" argument to run checks anyway (audit mode).");
return;
}
else
{
// except if auditMode has explictly been asked
Console.WriteLine($"\r\n[*] Audit mode: running an additional {checks.Length} check(s).");
if (isHighIntegrity)
{
Console.WriteLine("[*] Note: Running audit mode in high integrity will yield a large number of false positives.");
}
}
}
List<VulnerabilityCheck> vulnerableChecks = new List<VulnerabilityCheck>();
Mutex mtx = new Mutex();
List<Thread> runningThreads = new List<Thread>();
foreach(Type t in checks)
{
Thread vulnThread = new Thread(() =>
{
try
{
VulnerabilityCheck c = (VulnerabilityCheck)Activator.CreateInstance(t);
if (c.IsVulnerable())
{
mtx.WaitOne();
vulnerableChecks.Add(c);
mtx.ReleaseMutex();
}
} catch (Exception ex)
{
Console.WriteLine("[X] Unhandled exception in {0}: {1}", t.Name, ex.Message);
}
});
vulnThread.Start();
runningThreads.Add(vulnThread);
}
foreach(Thread t in runningThreads)
{
t.Join();
}
if (vulnerableChecks.Count == 0)
{
Console.WriteLine($"\r\n[-] Not vulnerable to any of the {checks.Length} checked modules.");
} else
{
foreach(VulnerabilityCheck c in vulnerableChecks)
{
Console.WriteLine($"\r\n=== {c.Name()} ===");
foreach(string s in c.Details())
{
Console.WriteLine($"\t{s}");
}
Console.WriteLine();
}
}
}
public VulnerabilityCheckShould()
{
_check = new VulnerabilityCheck();
}
