Tips-Of-Mine/PowerHuntShares
Tips-Of-Mine/PowerHuntShares
2
0
Fork 0
mirror of https://github.com/NetSPI/PowerHuntShares.git synced 2025-05-04 19:28:42 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity

Update PowerHuntShares.psm1

Browse Source 
Added llm application guesses to share name page.
This commit is contained in:
Scott Sutherland 2024-11-05 17:20:52 -06:00 committed by GitHub
parent 9f37db9858
commit 3d9c87d5db
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 20 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
PowerHuntShares.psm1
View File

@ -4,7 +4,7 @@
#-------------------------------------- #--------------------------------------
# Author: Scott Sutherland, 2024 NetSPI # Author: Scott Sutherland, 2024 NetSPI
# License: 3-clause BSD # License: 3-clause BSD
# Version: v1.189 # Version: v1.190
# References: This script includes custom code and code taken and modified from the open source projects PowerView, Invoke-Ping, and Invoke-Parrell. # References: This script includes custom code and code taken and modified from the open source projects PowerView, Invoke-Ping, and Invoke-Parrell.
function Invoke-HuntSMBShares function Invoke-HuntSMBShares
{ {
@ -3743,6 +3743,20 @@ function Invoke-HuntSMBShares
$ShareBar = $ShareNameBars.ShareBar $ShareBar = $ShareNameBars.ShareBar
$AclBar = $ShareNameBars.AclBar $AclBar = $ShareNameBars.AclBar
# Get app description from llm results
if($ApiKey -and $Endpoint){
# Get lmm fingerprint matches for sharename
$SnLLmMatchesRaw = $ExcessiveSharePrivsFinal |
Where-Object { $_.ShareName -eq "$ShareName" -and $_.ShareGuessApp -notlike "" } |
Select-Object ShareGuessApp -ExpandProperty ShareGuessApp -Unique
# Join the results into a comma-separated list
$SnLLmMatchesList = $SnLLmMatchesRaw -join ', '
}else{
$SnLLmMatchesList= "LLM lookup was not run."
}
# Share Description # Share Description
$ShareDescriptionSample = $ExcessiveSharePrivs | where sharename -EQ "$ShareName" | where ShareDescription -NE "" | select ShareDescription -first 1 -expandproperty ShareDescription | foreach {"<strong>Sample Description</strong><br> $_ <br><br> "} $ShareDescriptionSample = $ExcessiveSharePrivs | where sharename -EQ "$ShareName" | where ShareDescription -NE "" | select ShareDescription -first 1 -expandproperty ShareDescription | foreach {"<strong>Sample Description</strong><br> $_ <br><br> "}
@ -4685,6 +4699,9 @@ function Invoke-HuntSMBShares
<strong>Share Context Guess</strong><br> <strong>Share Context Guess</strong><br>
$ShareNameListValue $ShareNameListValue
<br><br> <br><br>
<strong>LLM Application Guess</strong><br>
$SnLLmMatchesList
<br><br>
<a style="font-size: 10px; cursor: default;" onClick="applyFadedClassAndUpdate(cy, '$ShareName');radiobtn = document.getElementById('ShareGraph');radiobtn.checked = true;updateLabelColors('tabs', 'btnShareGraph');">View in ShareGraph</a><br> <a style="font-size: 10px; cursor: default;" onClick="applyFadedClassAndUpdate(cy, '$ShareName');radiobtn = document.getElementById('ShareGraph');radiobtn.checked = true;updateLabelColors('tabs', 'btnShareGraph');">View in ShareGraph</a><br>
<br><strong>Affected Assets</strong><br> <br><strong>Affected Assets</strong><br>
<table class="subtable"> <table class="subtable">