Tips-Of-Mine/PowerHuntShares
Tips-Of-Mine/PowerHuntShares
2
0
Fork 0
mirror of https://github.com/NetSPI/PowerHuntShares.git synced 2025-05-04 19:28:42 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity

Update PowerHuntShares.psm1

Browse Source 
Fixed majority check bug on share name page.
This commit is contained in:
Scott Sutherland 2024-06-11 09:36:24 -05:00 committed by GitHub
parent 8c2cc8f676
commit a62b9d4022
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 8 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
PowerHuntShares.psm1
View File

@ -4,7 +4,7 @@
#-------------------------------------- #--------------------------------------
# Author: Scott Sutherland, 2024 NetSPI # Author: Scott Sutherland, 2024 NetSPI
# License: 3-clause BSD # License: 3-clause BSD
# Version: v1.53 # Version: v1.54
# References: This script includes custom code and code taken and modified from the open source projects PowerView, Invoke-Ping, and Invoke-Parrell. # References: This script includes custom code and code taken and modified from the open source projects PowerView, Invoke-Ping, and Invoke-Parrell.
function Invoke-HuntSMBShares function Invoke-HuntSMBShares
{ {
@ -1713,6 +1713,7 @@ function Invoke-HuntSMBShares
# divide the number of instances by individual # divide the number of instances by individual
# foreach loop until yes. # foreach loop until yes.
$fiftyorgreater = 0 $fiftyorgreater = 0
$SimularityCalc50P = 0
$ExcessiveSharePrivs | where sharename -EQ "$ShareName" | select ShareName,FileListGroup -Unique | Group-Object FileListGroup | sort count -Descending | select count, name | $ExcessiveSharePrivs | where sharename -EQ "$ShareName" | select ShareName,FileListGroup -Unique | Group-Object FileListGroup | sort count -Descending | select count, name |
foreach{ foreach{
@ -1743,11 +1744,11 @@ function Invoke-HuntSMBShares
# WeightLastMod = 1 # WeightLastMod = 1
# condense into 0-1, low (0-.50), medium(.51-.80), high similary (.81-1) # condense into 0-1, low (0-.50), medium(.51-.80), high similary (.81-1)
$SimularityCalcShareFgFinal = $SimularityCalcShareFg * 4 $SimularityCalcShareFgFinal = $SimularityCalcShareFg * 4 # File group ratio
$SimularityCalc50PFinal = $SimularityCalc50P * 3 $SimularityCalc50PFinal = $SimularityCalc50P * 3 # A file group exists with 50% or more
$SimularityCalcFGOwnerAvgFinal = $SimularityCalcFGOwnerAvg * 2 $SimularityCalcFGOwnerAvgFinal = $SimularityCalcFGOwnerAvg * 2 # Owner to share file group ratio average
$SimularityCalcCreateDateFinal = $SimularityCalcCreateDate * 1 $SimularityCalcCreateDateFinal = $SimularityCalcCreateDate * 1 # Share to creation date ratio
$SimularityCalcLastModDateFinal = $SimularityCalcLastModDate * 1 $SimularityCalcLastModDateFinal = $SimularityCalcLastModDate * 1 # Share to modification date ratio
# Max is 4 + 3 + 2 + 1 + 1 = 11; Min is 0 # Max is 4 + 3 + 2 + 1 + 1 = 11; Min is 0
$SimilarityTotal = $SimularityCalcShareFgFinal + $SimularityCalc50PFinal + $SimularityCalcFGOwnerAvgFinal +$SimularityCalcCreateDateFinal + $SimularityCalcLastModDateFinal $SimilarityTotal = $SimularityCalcShareFgFinal + $SimularityCalc50PFinal + $SimularityCalcFGOwnerAvgFinal +$SimularityCalcCreateDateFinal + $SimularityCalcLastModDateFinal
@ -1756,8 +1757,7 @@ function Invoke-HuntSMBShares
$SimilarityScoreP = "$SimilarityScoreP1%" $SimilarityScoreP = "$SimilarityScoreP1%"
If($SimilarityScore -gt .80){ $SimLevel = "High"} If($SimilarityScore -gt .80){ $SimLevel = "High"}
If($SimilarityScore -lt .80){ $SimLevel = "Medium"} If($SimilarityScore -lt .80){ $SimLevel = "Medium"}
If($SimilarityScore -lt .50){ $SimLevel = "Low"} If($SimilarityScore -lt .50){ $SimLevel = "Low"}
# Calculate similarity here - END # Calculate similarity here - END
# ---- # ----