Renamed Get-RegistryAutoRun to Get-ModifiableRegistryAutoRun

Renamed Find-PathHijack to Find-PathDLLHijack
Fixed exposed functions in PowerSploit.psd1

3 files changed, 12 insertions, 13 deletions

diff --git a/Privesc/PowerUp.ps1 b/Privesc/PowerUp.ps1
index 6e473d6..4071f6a 100644
--- a/Privesc/PowerUp.ps1
+++ b/Privesc/PowerUp.ps1
@@ -2361,7 +2361,7 @@ function Find-ProcessDLLHijack {
 }
 
 
-function Find-PathHijack {
+function Find-PathDLLHijack {
 <#
     .SYNOPSIS
 
@@ -2379,7 +2379,7 @@ function Find-PathHijack {
 
     .EXAMPLE
 
-        PS C:\> Find-PathHijack
+        PS C:\> Find-PathDLLHijack
 
         Finds all %PATH% .DLL hijacking opportunities.
 
@@ -2720,8 +2720,7 @@ function Get-RegistryAutoLogon {
     }
 }
 
-
-function Get-RegistryAutoRun {
+function Get-ModifiableRegistryAutoRun {
 <#
     .SYNOPSIS
 
@@ -2736,7 +2735,7 @@ function Get-RegistryAutoRun {
 
     .EXAMPLE
 
-        PS C:\> Get-RegistryAutoRun
+        PS C:\> Get-ModifiableRegistryAutoRun
 
         Return vulneable autorun binaries (or associated configs).
 #>
@@ -3571,7 +3570,7 @@ function Invoke-AllChecks {
     # DLL hijacking
 
     "`n`n[*] Checking %PATH% for potentially hijackable DLL locations..."
-    $Results = Find-PathHijack
+    $Results = Find-PathDLLHijack
     $Results | Foreach-Object {
         $AbuseString = "Write-HijackDll -DllPath '$($_.Path)\wlbsctrl.dll'"
         $_ | Add-Member Noteproperty 'AbuseFunction' $AbuseString
@@ -3604,8 +3603,8 @@ function Invoke-AllChecks {
     }
 
 
-    "`n`n[*] Checking for registry autoruns and configs..."
-    $Results = Get-RegistryAutoRun
+    "`n`n[*] Checking for modifidable registry autoruns and configs..."
+    $Results = Get-ModifiableRegistryAutoRun
     $Results | Format-List
     if($HTMLReport) {
         $Results | ConvertTo-HTML -Head $Header -Body "<H2>Registry Autoruns</H2>" | Out-File -Append $HtmlReportFile
diff --git a/Privesc/Privesc.psd1 b/Privesc/Privesc.psd1
index e4222bf..97b7652 100644
--- a/Privesc/Privesc.psd1
+++ b/Privesc/Privesc.psd1
@@ -24,17 +24,17 @@ PowerShellVersion = '2.0'
 # Functions to export from this module
 FunctionsToExport = @(
     'Add-ServiceDacl',
-    'Find-PathHijack',
+    'Find-PathDLLHijack',
     'Find-ProcessDLLHijack',
     'Get-ApplicationHost',
     'Get-CurrentUserTokenGroupSid',
     'Get-ModifiablePath',
+    'Get-ModifiableRegistryAutoRun',
     'Get-ModifiableScheduledTaskFile',
     'Get-ModifiableService',
     'Get-ModifiableServiceFile',
     'Get-RegistryAlwaysInstallElevated',
     'Get-RegistryAutoLogon',
-    'Get-RegistryAutoRun',
     'Get-ServiceDetail',
     'Get-ServiceUnquoted',
     'Get-SiteListPassword',
diff --git a/Privesc/README.md b/Privesc/README.md
index 8e4b75d..7f57768 100644
--- a/Privesc/README.md
+++ b/Privesc/README.md
@@ -41,13 +41,13 @@ Optional Dependencies: None
 
 ### DLL Hijacking:
     Find-ProcessDLLHijack               -   finds potential DLL hijacking opportunities for currently running processes
-    Find-PathHijack                     -   finds service %PATH% .dll hijacking opportunities
-    Write-HijackDll                     -   writes out a hijackable .dll
+    Find-PathDLLHijack                  -   finds service %PATH% DLL hijacking opportunities
+    Write-HijackDll                     -   writes out a hijackable DLL
     
 ### Registry Checks:
     Get-RegistryAlwaysInstallElevated   -  checks if the AlwaysInstallElevated registry key is set
     Get-RegistryAutoLogon               -   checks for Autologon credentials in the registry
-    Get-RegistryAutoRun                 -   checks for any modifiable binaries/scripts (or their configs) in HKLM autoruns
+    Get-ModifiableRegistryAutoRun       -   checks for any modifiable binaries/scripts (or their configs) in HKLM autoruns
 
 ### Miscellaneous Checks:
     Get-ModifiableScheduledTaskFile     -   find schtasks with modifiable target files