Skip to content

ILightThings/earlywinter

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

5 Commits
.idea
.idea
 
 
.gitattributes
.gitattributes
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
go.mod
go.mod
 
 
go.sum
go.sum
 
 
main.go
main.go
 
 
readme.md
readme.md
 
 

Repository files navigation

A small golang binary made to search for files on a (potentially compromosed) host. Useful for a quick priv esc via hard coded credients. Will print out file paths of discovered files.

Usage of C:\dev\earlywinter.exe:
  -ext string
        Extentions to search for (default ".ps1,.bat,.sh,.py,.txt")
  -h    Displays this help file
  -path string
        Path to check. Network example("\\client.local\sharename") (default "c:")

Current sensitive strings are

/u:
/p:
psexec
net user
net use
net account
/runas

If the binary is searching locally, will ignore common system folders:

C:\ProgramData
C:\Program Files (x86)
C:\Program Files
C:\$WinREAgent
C:\$Windows.~WS
C:\$WINDOWS.~BT
C:\Windows"
C:\Windows10Upgrade
C:\Documents and Settings
C:\Python27

Check a network share. Requires a network share (\\server.local\share) directly. Server name alone (\\server.local) will not work.

earlywinter.exe -path "\\client.local\sharename"

Change the files to search for. Format is .ext with comma separation.

earlywinter.exe -ext ".jpeg,.config,.html"

About

No description, website, or topics provided.

Resources

Readme

License

MIT license
Activity

Stars

2 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages