Merge pull request #15 from Cx01N/main

Added GitHub actions for compiling executable
BC-SECURITY · Mar 26, 2024 · afc8023 · afc8023
2 parents be2ab69 + e01636e
commit afc8023
Show file tree

Hide file tree

Showing 2 changed files with 88 additions and 27 deletions.
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
@@ -0,0 +1,43 @@
+name: .NET Framework Build and Release
+
+on:
+  release:
+    types: [created]
+
+jobs:
+  build:
+    name: Build .NET Framework Application
+    runs-on: windows-latest
+
+    steps:
+    - uses: actions/[email protected]
+
+    - name: Setup MSBuild path
+      uses: microsoft/setup-msbuild@v2
+
+    - name: Restore NuGet packages
+      run: nuget restore Moriarty.sln
+
+    - name: Build the project
+      run: msbuild Moriarty.sln /p:Configuration=Release /p:Platform="Any CPU"
+
+    - name: Upload Build Artifact
+      uses: actions/[email protected]
+      with:
+        name: MoriartyExecutable
+        path: Moriarty/bin/Release/Moriarty.exe
+
+  release:
+    needs: build
+    runs-on: windows-latest
+    steps:
+    - uses: actions/[email protected]
+      with:
+        name: MoriartyExecutable
+        path: ./ 
+
+    - uses: softprops/[email protected]
+      with:
+        files: './Moriarty.exe'
+      env:
+        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
diff --git a/README.md b/README.md
@@ -1,12 +1,54 @@
 # Moriarty
 Moriarty is a comprehensive .NET tool that extends the functionality of [Watson](https://github.com/rasta-mouse/Watson) and [Sherlock](https://github.com/rasta-mouse/sherlock), originally developed by [@_RastaMouse](https://twitter.com/_RastaMouse). It is designed to enumerate missing KBs, detect various vulnerabilities, and suggest potential exploits for Privilege Escalation in Windows environments. Moriarty combines the capabilities of Watson and Sherlock, adding enhanced scanning for newer vulnerabilities and integrating additional checks.
 
-# Supported Versions
+## Supported Versions
 - Windows 10 (Versions: 1507, 1511, 1607, 1703, 1709, 1803, 1809, 1903, 1909, 2004, 20H2, 21H1, 21H2, 22H1, 22H2)
 - Windows 11 (Versions: 21H2, 22H1, 22H2, 23H1)
 - Server 2016, 2019, 2022
 
-# CVEs and Vulnerabilities
+## Installation and Build Instructions
+First, clone the Moriarty repository to your local machine using Git:
+
+```bash
+git clone https://github.com/BC-SECURITY/Moriarty.git
+```
+
+### Building the Project
+
+After cloning the repository, you can build the Moriarty executable using Visual Studio.
+
+### Using Visual Studio
+
+1. Open `Moriarty.sln` in Visual Studio.
+2. Right-click on the solution in Solution Explorer and select "Restore NuGet Packages" to ensure all dependencies are up to date.
+3. Set the build configuration to "Release".
+4. Build the solution by selecting "Build > Build Solution" from the menu.
+
+## Usage
+```
+C:\> Moriarty.exe
+███    ███  ██████  ██████  ██  █████  ██████  ████████ ██    ██
+████  ████ ██    ██ ██   ██ ██ ██   ██ ██   ██    ██     ██  ██
+██ ████ ██ ██    ██ ██████  ██ ███████ ██████     ██      ████
+██  ██  ██ ██    ██ ██   ██ ██ ██   ██ ██   ██    ██       ██
+██      ██  ██████  ██   ██ ██ ██   ██ ██   ██    ██       ██
+
+                                                 v1.0
+                                                 BC Security
+
+ [*] OS Version: 22H2 (22621)
+ [*] Enumerating installed KBs...
+ [+] CVE-2023-36664 : VULNERABLE
+  [>] https://github.com/jakabakos/CVE-2023-36664-Ghostscript-command-injection
+
+ [+] PrintNightmare (CVE-2021-1675, CVE-2021-34527) : VULNERABLE
+  [>] https://github.com/xbufu/PrintNightmareCheck/tree/main
+
+ [*] Vulnerabilities found: 2/30
+ [+] Scan Complete!
+```
+
+## CVEs and Vulnerabilities
 Moriarty scans for a variety of CVEs and vulnerabilities. Below is a table detailing each, along with a more detailed description and links to the CVE database.
 
 | CVE/Vulnerability ID | Description | 
@@ -45,28 +87,4 @@ Moriarty scans for a variety of CVEs and vulnerabilities. Below is a table detai
 | [CVE-2021-36934](https://www.cve.org/CVERecord?id=CVE-2021-36934) | HiveNightmare - A vulnerability that allows for local privilege escalation due to overly permissive Access Control Lists (ACLs) on system files, including the Security Accounts Manager (SAM). |
 | [CVE-2022-40140](https://www.cve.org/CVERecord?id=CVE-2022-40140) | A vulnerability in Microsoft Exchange Server leading to remote code execution. |
 | [CVE-2022-22965](https://www.cve.org/CVERecord?id=CVE-2022-22965) | Spring4Shell, a remote code execution vulnerability in Spring Framework. |
-| [CVE-2023-36664](https://www.cve.org/CVERecord?id=CVE-2023-36664) | Artifex Ghostscript through 10.01.2 mishandles permission validation for pipe devices (with the %pipe% prefix or the | pipe character prefix). |
-
-# Usage
-```
-C:\> Moriarty.exe
-███    ███  ██████  ██████  ██  █████  ██████  ████████ ██    ██
-████  ████ ██    ██ ██   ██ ██ ██   ██ ██   ██    ██     ██  ██
-██ ████ ██ ██    ██ ██████  ██ ███████ ██████     ██      ████
-██  ██  ██ ██    ██ ██   ██ ██ ██   ██ ██   ██    ██       ██
-██      ██  ██████  ██   ██ ██ ██   ██ ██   ██    ██       ██
-
-                                                 v1.0
-                                                 BC Security
-
- [*] OS Version: 22H2 (22621)
- [*] Enumerating installed KBs...
- [+] CVE-2023-36664 : VULNERABLE
-  [>] https://github.com/jakabakos/CVE-2023-36664-Ghostscript-command-injection
-
- [+] PrintNightmare (CVE-2021-1675, CVE-2021-34527) : VULNERABLE
-  [>] https://github.com/xbufu/PrintNightmareCheck/tree/main
-
- [*] Vulnerabilities found: 2/30
- [+] Scan Complete!
-```
+| [CVE-2023-36664](https://www.cve.org/CVERecord?id=CVE-2023-36664) | Artifex Ghostscript through 10.01.2 mishandles permission validation for pipe devices (with the %pipe% prefix or the | pipe character prefix). |