From dc022894dc1e8a248a5186c94b02a5de62cb01fc Mon Sep 17 00:00:00 2001 From: Scott Sutherland Date: Fri, 23 Aug 2024 16:59:13 -0500 Subject: [PATCH] Update PowerHuntShares.psm1 Fixed export function. --- PowerHuntShares.psm1 | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/PowerHuntShares.psm1 b/PowerHuntShares.psm1 index f76b47e..6d278c2 100644 --- a/PowerHuntShares.psm1 +++ b/PowerHuntShares.psm1 @@ -4,7 +4,7 @@ #-------------------------------------- # Author: Scott Sutherland, 2024 NetSPI # License: 3-clause BSD -# Version: v1.111 +# Version: v1.112 # References: This script includes custom code and code taken and modified from the open source projects PowerView, Invoke-Ping, and Invoke-Parrell. function Invoke-HuntSMBShares { @@ -245,7 +245,7 @@ function Invoke-HuntSMBShares Write-Output " [*][$Time] Scan Start" # Nova format - If ($Nova) { + If ($ExportNova) { Write-Verbose " [*][$Time] The results will be export to the NOVA format as well." $rMasterFindingId = "FindingTemplateSourceIdentifier" $rFindingName = "FindingName" @@ -6631,7 +6631,7 @@ Folder groups are SMB shares that contain the exact same file listing. Each fold
- This section provides an interactive graph that can be used to explore the computer, share, files, and identity relationships. This functionality is still experimental. + This section provides an interactive graph that can be used to explore the computer, share, files, and identity relationships.
 Selected Node: None
@@ -10063,7 +10063,7 @@ Write-Output "" $object | add-member noteproperty $rMasterFindingId $ExcessivePrivID $object | add-member noteproperty $rFindingName "Excessive Share ACL" $object | add-member noteproperty $rAssetName $ComputerName - if(-not $Nova){$object | add-member noteproperty IssueFirstFoundDate $EndTime} + if(-not $ExportNova){$object | add-member noteproperty IssueFirstFoundDate $EndTime} $object | add-member noteproperty VerificationCaption01 "$IdentityReference has $FileSystemRights privileges on $SharePath." $ShareDetails = @" Computer Name: $ComputerName @@ -10083,7 +10083,7 @@ File Count: $FileCount File List Sample: $FileList "@ - if($Nova){ + if($ExportNova){ $object | add-member noteproperty VerificationText01 "
$ShareDetails
" }else{ $object | add-member noteproperty VerificationText01 $ShareDetails @@ -10105,12 +10105,12 @@ $FileList $object | add-member noteproperty $rMasterFindingId $ExcessivePrivID $object | add-member noteproperty $rFindingName "Domain ACL Summary" $object | add-member noteproperty $rAssetName $TargetDomain - if(-not $Nova){ + if(-not $ExportNova){ $object | add-member noteproperty IssueFirstFoundDate $EndTime } $object | add-member noteproperty VerificationCaption01 "$ExcessiveSharesCount shares across $ComputerWithExcessive systems are configured with $ExcessiveSharePrivsCount potentially excessive ACLs." $ShareDetails = $ExcessiveSharePrivs | Select-Object SharePath -Unique -ExpandProperty SharePath | Out-String - if($Nova){ + if($ExportNova){ $object | add-member noteproperty VerificationText01 "
$ShareDetails
" }else{ $object | add-member noteproperty VerificationText01 $ShareDetails @@ -10149,7 +10149,7 @@ The 5 most common share names are: $SummaryFinal = $Summary1 + $Summary2 - if($Nova){ + if($ExportNova){ $object | add-member noteproperty VerificationText02 "
$SummaryFinal
" }else{ $object | add-member noteproperty VerificationText02 $SummaryFinal @@ -10204,7 +10204,7 @@ The 5 most common share names are: $object | add-member noteproperty $rMasterFindingId $ExcessivehighRiskID $object | add-member noteproperty $rFindingName "Excessive Share ACL" $object | add-member noteproperty $rAssetName $ComputerName - if(-not $Nova){ + if(-not $ExportNova){ $object | add-member noteproperty IssueFirstFoundDate $EndTime } $object | add-member noteproperty VerificationCaption01 "$IdentityReference has $FileSystemRights privileges on $SharePath." @@ -10245,12 +10245,12 @@ $FileList $object | add-member noteproperty $rMasterFindingId $ExcessivehighRiskID $object | add-member noteproperty $rFindingName "Domain ACL Summary" $object | add-member noteproperty $rAssetName $TargetDomain - if(-not $Nova){ + if(-not $ExportNova){ $object | add-member noteproperty IssueFirstFoundDate $EndTime } $object | add-member noteproperty VerificationCaption01 "$SharesHighRiskCount shares across $ComputerwithHighRisk systems are considered high risk." $ShareDetails = $SharesHighRisk | Select-Object SharePath -Unique -ExpandProperty SharePath | Out-String - if($Nova){ + if($ExportNova){ $object | add-member noteproperty VerificationText01 "
$ShareDetails
" }else{ $object | add-member noteproperty VerificationText01 $ShareDetails @@ -10289,7 +10289,7 @@ The 5 most common share names are: $SummaryFinal = $Summary1 + $Summary2 - if($Nova){ + if($ExportNova){ $object | add-member noteproperty VerificationText02 "
$SummaryFinal
" }else{ $object | add-member noteproperty VerificationText02 $SummaryFinal