Home

Awesome

SharpUp


SharpUp is a C# port of various PowerUp functionality. Currently, only the most common checks have been ported; no weaponization functions have yet been implemented.

@harmj0y is the primary author.

SharpUp is licensed under the BSD 3-Clause license.

Usage

SharpUp.exe [audit] [check1] [check2]...

    audit   - Specifies whether or not to enable audit mode. If enabled, SharpUp will run vulenrability checks
              regardless if the process is in high integrity or the user is in the local administrator's group.
              If no checks are specified, audit will run all checks. Otherwise, each check following audit will
              be ran.

    check*  - The individual vulnerability check to be ran. Must be one of the following:

              - AlwaysInstallElevated
              - CachedGPPPassword
              - DomainGPPPassword
              - HijackablePaths
              - McAfeeSitelistFiles
              - ModifiableScheduledTask
              - ModifiableServiceBinaries
              - ModifiableServiceRegistryKeys
              - ModifiableServices
              - ProcessDLLHijack
              - RegistryAutoLogons
              - RegistryAutoruns
              - TokenPrivileges
              - UnattendedInstallFiles
              - UnquotedServicePath
            

    Examples:
        SharpUp.exe audit
            -> Runs all vulnerability checks regardless of integrity level or group membership.
        
        SharpUp.exe HijackablePaths
            -> Check only if there are modifiable paths in the user's %PATH% variable.

        SharpUp.exe audit HijackablePaths
            -> Check only for modifiable paths in the user's %PATH% regardless of integrity level or group membership. 

Compile Instructions

We are not planning on releasing binaries for SharpUp, so you will have to compile yourself :)

SharpUp has been built against .NET 3.5 and is compatible with Visual Studio 2015 Community Edition. Simply open up the project .sln, choose "release", and build.

Acknowledgments

SharpUp incorporates various code C# snippets and bits of PoCs found throughout research for its capabilities. These snippets and authors are highlighted in the appropriate locations in the source code, and include: