diff options
| -rw-r--r-- | Privesc/PowerUp.ps1 | 2 | ||||
| -rwxr-xr-x | Recon/PowerView.ps1 | 1 |
2 files changed, 2 insertions, 1 deletions
diff --git a/Privesc/PowerUp.ps1 b/Privesc/PowerUp.ps1 index 977efda..c1b9072 100644 --- a/Privesc/PowerUp.ps1 +++ b/Privesc/PowerUp.ps1 @@ -1404,7 +1404,7 @@ function Test-ServiceDaclPermission { else { ForEach($TargetPermission in $TargetPermissions) { # check permissions || style - if (($ServiceDacl.AccessRights -band $AccessMask[$TargetPermission]) -eq $AccessMask[$TargetPermission]) { + if (($ServiceDacl.AceType -eq 'AccessAllowed') -and ($ServiceDacl.AccessRights -band $AccessMask[$TargetPermission]) -eq $AccessMask[$TargetPermission]) { Write-Verbose "Current user has '$TargetPermission' for $IndividualService" $TargetService break diff --git a/Recon/PowerView.ps1 b/Recon/PowerView.ps1 index 34d9458..f1dd0a9 100755 --- a/Recon/PowerView.ps1 +++ b/Recon/PowerView.ps1 @@ -1382,6 +1382,7 @@ function Request-SPNTicket { [System.Collections.ArrayList]$Parts = ($TicketHexStream -replace '^(.*?)04820...(.*)','$2') -Split "A48201" $Parts.RemoveAt($Parts.Count - 1) $Parts -join "A48201" + break } } } |