Tips-Of-Mine/PowerHuntShares
Tips-Of-Mine/PowerHuntShares
2
0
Fork 0
mirror of https://github.com/NetSPI/PowerHuntShares.git synced 2025-05-05 03:38:42 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity

Update PowerHuntShares.psm1

Browse Source 
Added new risk chart.
This commit is contained in:
Scott Sutherland 2024-09-12 09:41:13 -05:00 committed by GitHub
parent 0f0e5081fb
commit 9d4ecb3c0d
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 105 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

124
PowerHuntShares.psm1
View File

@ -4,7 +4,7 @@
#-------------------------------------- #--------------------------------------
# Author: Scott Sutherland, 2024 NetSPI # Author: Scott Sutherland, 2024 NetSPI
# License: 3-clause BSD # License: 3-clause BSD
# Version: v1.115 # Version: v1.116
# References: This script includes custom code and code taken and modified from the open source projects PowerView, Invoke-Ping, and Invoke-Parrell. # References: This script includes custom code and code taken and modified from the open source projects PowerView, Invoke-Ping, and Invoke-Parrell.
function Invoke-HuntSMBShares function Invoke-HuntSMBShares
{ {
@ -3572,6 +3572,63 @@ function Invoke-HuntSMBShares
$GetRowUncPathsCount = $GetRowUncPathsRaw | measure | select count -ExpandProperty count $GetRowUncPathsCount = $GetRowUncPathsRaw | measure | select count -ExpandProperty count
$GetRowUncPaths = $GetRowUncPathsRaw | ForEach-Object { $ASDF = $_.SharePath; "$ASDF<br>" } | Out-String $GetRowUncPaths = $GetRowUncPathsRaw | ForEach-Object { $ASDF = $_.SharePath; "$ASDF<br>" } | Out-String
# ----------------------------------------------------------------------
# Create Share Summary Information
# ----------------------------------------------------------------------
# Get share path count
$SharePathChartCount = $ExcessiveSharePrivsFinal | where SharePath -ne "" |
foreach{
if( ($_.sharename -ne 'SYSVOL') -and ($_.sharename -ne 'NETLOGON'))
{
$_
}
} | select SharePath -Unique | measure | select count -ExpandProperty count
# Get share path severity
# Reivew ACLs for each share path, highest severity wins
$RiskLevelSharePathCountCritical = 0
$RiskLevelSharePathCountHigh = 0
$RiskLevelSharePathCountMedium = 0
$RiskLevelSharePathCountLow = 0
$ExcessiveSharePrivsFinal | where SharePath -ne "" |
foreach{
# filter out sysvol and netlogon
if( ($_.SharePath -ne 'SYSVOL') -and ($_.SharePath -ne 'NETLOGON'))
{
$_
}
} | select SharePath -Unique |
foreach {
# Set target share name
$TargetRiskSharePath = $_.SharePath
# Grab the risk level for the highest risk acl for the share name
$SharePathTopACLRiskScore = $ExcessiveSharePrivsFinal | where SharePath -eq $TargetRiskSharePath | select RiskScore | sort RiskScore -Descending | select -First 1 | select RiskScore -ExpandProperty RiskScore
# Check risk level - Highest wins
If($SharePathTopACLRiskScore -le 4 ) { $RiskLevelSharePathResult = "Low"}
If($SharePathTopACLRiskScore -gt 4 -and $SharePathTopACLRiskScore -lt 11 ) { $RiskLevelSharePathResult = "Medium"}
If($SharePathTopACLRiskScore -ge 11 -and $SharePathTopACLRiskScore -lt 20 ) { $RiskLevelSharePathResult = "High"}
If($SharePathTopACLRiskScore -ge 20 ) { $RiskLevelSharePathResult = "Critical"}
# Increment counts
if($RiskLevelSharePathResult -eq "Low" ){$RiskLevelSharePathCountLow = $RiskLevelSharePathCountLow + 1}
if($RiskLevelSharePathResult -eq "Medium" ){$RiskLevelSharePathCountMedium = $RiskLevelSharePathCountMedium + 1}
if($RiskLevelSharePathResult -eq "High" ){$RiskLevelSharePathCountHigh = $RiskLevelSharePathCountHigh + 1}
if($RiskLevelSharePathResult -eq "Critical"){$RiskLevelSharePathCountCritical = $RiskLevelSharePathCountCritical + 1}
}
# Counts
<#
$RiskLevelSharePathCountLow
$RiskLevelSharePathCountMedium
$RiskLevelSharePathCountHigh
$RiskLevelSharePathCountCritical
#>
# ---------------------------------------------------------------------- # ----------------------------------------------------------------------
# Build Share Name Summary Page Rows # Build Share Name Summary Page Rows
# ---------------------------------------------------------------------- # ----------------------------------------------------------------------
@ -9487,7 +9544,7 @@ const ChartDashboardIFOptions = {
}], }],
chart: { chart: {
type: 'bar', type: 'bar',
height: 250 height: 300
}, },
plotOptions: { plotOptions: {
bar: { bar: {
@ -9735,44 +9792,73 @@ ChartDashboardIF.render();
// Dashboard Page: Risk Level chart // Dashboard Page: Risk Level chart
// -------------------------- // --------------------------
// Set data series
var DataSeriesComputers = [$RiskLevelComputersCountLow, $RiskLevelComputersCountMedium, $RiskLevelComputersCountHigh, $RiskLevelComputersCountCritical];
var DataSeriesShares = [$RiskLevelSharePathCountLow, $RiskLevelSharePathCountMedium, $RiskLevelSharePathCountHigh, $RiskLevelSharePathCountCritical];
var DataSeriesACEs = [$RiskLevelCountLow, $RiskLevelCountMedium, $RiskLevelCountHigh,$RiskLevelCountCritical];
// Reverse each array
DataSeriesComputers.reverse();
DataSeriesShares.reverse();
DataSeriesACEs.reverse();
// Find max values
var maxComputer = Math.max(...DataSeriesComputers);
var maxShares = Math.max(...DataSeriesShares);
var maxACEs = Math.max(...DataSeriesACEs);
var maxValueOverall = Math.max(maxComputer, maxShares, maxACEs);
// Initialize ApexCharts // Initialize ApexCharts
const ChartDashboardRiskOptions = { const ChartDashboardRiskOptions = {
series: [{ series: [{
data: [$RiskLevelCountCritical, $RiskLevelCountHigh, $RiskLevelCountMedium, $RiskLevelCountLow] name: 'Computers',
data: DataSeriesComputers
//color: 'blue' // Set color for Computers series
},{
name: 'Shares',
data: DataSeriesShares
//color: 'green' // Set color for Shares series
},{
name: 'ACEs',
data: DataSeriesACEs
//color: 'red' // Set color for ACEs series
}], }],
chart: { chart: {
type: 'bar', type: 'bar',
height: 250 height: 300
}, },
plotOptions: { plotOptions: {
bar: { bar: {
borderRadius: 0, borderRadius: 0,
borderRadiusApplication: 'end', borderRadiusApplication: 'end',
horizontal: true, horizontal: true,
colors: { barHeight: '90%', // Reduce bar height for more space
backgroundBarColors: ['#e0e0e0'], barGap: '0%', // Adds gap between bars in the same group
backgroundBarOpacity: 1, // barSpacing: 0.0 // Adds space between the groups (risk levels)
ranges: [{
from: 0,
to: 1000,
color: '#f08c41'
}]
}
} }
}, },
colors: ['#DBDCD6', '#E4A628', '#07142A'], // Colors for the bars
dataLabels: { dataLabels: {
enabled: false enabled: true,
style: {
fontSize: '12px',
colors: ['#07142A', '#07142A', '#E4A628'] // colors for the lables #FF9965
},
offsetX: 0
}, },
grid: { grid: {
show: false show: true,
opacity: 0.5
}, },
xaxis: { xaxis: {
categories: ['Critical','High','Medium','Low'] categories: ['Critical','High','Medium','Low'],
max: maxValueOverall,
min: 0
}, },
title: { title: {
text: 'ACE Count by Risk Level', text: 'Asset Count by Risk Level',
align: 'center', // Aligns the title, can be 'left', 'center', or 'right' align: 'center',
margin: 10, // Adjusts the space between the title and the chart margin: 10,
style: { style: {
fontSize: '16px', fontSize: '16px',
fontWeight: 'bold', fontWeight: 'bold',