Tips-Of-Mine/PowerHuntShares
Tips-Of-Mine/PowerHuntShares
2
0
Fork 0
mirror of https://github.com/NetSPI/PowerHuntShares.git synced 2025-05-05 03:38:42 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity

Update PowerHuntShares.psm1

Browse Source
This commit is contained in:
Scott Sutherland 2024-06-03 09:29:52 -05:00 committed by GitHub
parent ad5cb43a65
commit 76946cac82
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 17 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
PowerHuntShares.psm1
View File

@ -4,7 +4,7 @@
#-------------------------------------- #--------------------------------------
# Author: Scott Sutherland, 2024 NetSPI # Author: Scott Sutherland, 2024 NetSPI
# License: 3-clause BSD # License: 3-clause BSD
# Version: v1.43 # Version: v1.44
# References: This script includes custom code and code taken and modified from the open source projects PowerView, Invoke-Ping, and Invoke-Parrell. # References: This script includes custom code and code taken and modified from the open source projects PowerView, Invoke-Ping, and Invoke-Parrell.
function Invoke-HuntSMBShares function Invoke-HuntSMBShares
{ {
@ -1625,6 +1625,12 @@ function Invoke-HuntSMBShares
# Last modified # Last modified
$ShareLastModified = $ExcessiveSharePrivs | where sharename -EQ "$ShareName" | select LastModifiedDate | foreach{[datetime]$_.LastModifiedDate } | Sort-Object -Descending | select -First 1 | foreach {$_.tostring("MM.dd.yyyy HH:mm:ss")} $ShareLastModified = $ExcessiveSharePrivs | where sharename -EQ "$ShareName" | select LastModifiedDate | foreach{[datetime]$_.LastModifiedDate } | Sort-Object -Descending | select -First 1 | foreach {$_.tostring("MM.dd.yyyy HH:mm:ss")}
# Share owner list
$ShareOwnerList = $ExcessiveSharePrivs | where sharename -EQ "$ShareName" | Sort-Object | select ShareOwner -Unique -ExpandProperty ShareOwner
# Share owner list count
$ShareOwnerListCount = $ShareOwnerList | measure-object | select count -expandproperty count
# Share folder group list # Share folder group list
$ShareFolderGroupList = $ExcessiveSharePrivs | where sharename -EQ "$ShareName" | select ShareName,FileListGroup -Unique | Group-Object FileListGroup | sort count -Descending | select count, name | $ShareFolderGroupList = $ExcessiveSharePrivs | where sharename -EQ "$ShareName" | select ShareName,FileListGroup -Unique | Group-Object FileListGroup | sort count -Descending | select count, name |
foreach { foreach {
@ -1667,8 +1673,7 @@ function Invoke-HuntSMBShares
Last Modified: $ShareLastModified<br> Last Modified: $ShareLastModified<br>
</span> </span>
</td> </td>
<td> <td>
<button class="collapsible"><span style="color:#CE112D;"></span>$ShareFolderGroupCount</button> <button class="collapsible"><span style="color:#CE112D;"></span>$ShareFolderGroupCount</button>
<div class="content"> <div class="content">
<div class="filelistparent" > <div class="filelistparent" >
@ -1676,6 +1681,14 @@ function Invoke-HuntSMBShares
</div> </div>
</div> </div>
</td> </td>
<td>
<button class="collapsible"><span style="color:#CE112D;"></span>$ShareOwnerListCount</button>
<div class="content">
<div class="filelistparent" >
$ShareOwnerList
</div>
</div>
</td>
<td> <td>
$ComputerBar $ComputerBar
</td> </td>
@ -3644,6 +3657,7 @@ This section contains a list of the most common SMB share names. In some cases,
<th align="left">Share Count</th> <th align="left">Share Count</th>
<th align="left">Share Name</th> <th align="left">Share Name</th>
<th align="left">Unique Folder Group Count</th> <th align="left">Unique Folder Group Count</th>
<th align="left">Unique Owners</th>
<th align="left">Affected Computers</th> <th align="left">Affected Computers</th>
<th align="left">Affected Shares</th> <th align="left">Affected Shares</th>
<th align="left">Affected ACLs</th> <th align="left">Affected ACLs</th>