Winpeas logs full of garbage exceptions. Error looking for regex define ?\(['"](\w*pass|\w*pwd|\w*user|\w*datab)

[bmigette]

If you are going to suggest something, please remove the following template.
If your issue is related with WinPEAS.ps1 please mention https://github.com/RandolphConley

Issue description

Winpeas logs full of garbage exceptions. The same exception repeat 1000s of time, causing output log to be up to 100Mb

Steps to reproduce the issue

1. Run winpeas. Tested with release https://github.com/carlospolop/PEASS-ng/releases/tag/20240310-532aceca

Which parameters did you use for executing the script and how did you execute it?

*Evil-WinRM* PS C:\tmp> .\winPEASx64.exe log=winpeas.log

If winpeas, did you use a clean or obfuscated winpeas, and for which architecture?

N/A

Is there any AV / Threat protection in the system?

No

Please, indicate the OS, the OS version, and the kernel version (build number in case of Windows)

Windows 10 / Server 2019 Build 19041

Please, indicate the check that is failing and add a screenshot showing the problem

�[1;36m════════════════════════════════════╣ �[1;32mFile Analysis�[1;36m ╠════════════════════════════════════�[0m

�[1;36m╔══════════╣ �[1;32mFound NFS Exports Files�[0m
File: C:\Program Files (x86)\Microsoft SQL Server Management Studio 18\Common7\IDE\CommonExtensions\Microsoft\Web\�[0m�[1;31mExports�[0m
�[1;90mError looking for regex define ?\(['"](\w*pass|\w*pwd|\w*user|\w*datab)
 inside files: System.ArgumentException: parsing "define ?\\(['"](\\w*pass|\\w*pwd|\\w*user|\\w*datab)" - Not enough )'s.
   at System.Text.RegularExpressions.RegexParser.ScanRegex()
   at System.Text.RegularExpressions.RegexParser.Parse(String re, RegexOptions op)
   at System.Text.RegularExpressions.Regex..ctor(String pattern, RegexOptions options, TimeSpan matchTimeout, Boolean useCache)
   at winPEAS.Checks.FileAnalysis.SearchContent(String text, String regex_str, Boolean caseinsensitive)�[0m
�[1;90mError looking for regex define ?\(['"](\w*pass|\w*pwd|\w*user|\w*datab)
 inside files: System.ArgumentException: parsing "define ?\\(['"](\\w*pass|\\w*pwd|\\w*user|\\w*datab)" - Not enough )'s.
   at System.Text.RegularExpressions.RegexParser.ScanRegex()
   at System.Text.RegularExpressions.RegexParser.Parse(String re, RegexOptions op)
   at System.Text.RegularExpressions.Regex..ctor(String pattern, RegexOptions options, TimeSpan matchTimeout, Boolean useCache)
   at winPEAS.Checks.FileAnalysis.SearchContent(String text, String regex_str, Boolean caseinsensitive)�[0m

How did you expect it to work?

No exceptions filling logs

Additional details / screenshot

┌──(babadmin㉿kakali) - 19:59:45 - [~/xxx]
└─$ grep -a -e "Error looking for regex define" winpeas.log | wc -l
19423

[superboy-zjc]

same issue

[perceval1252]

I also have the same issue

[StayPirate]

Same here. The affected version for me is Version: 20240310.532aceca-0kali1.

[StayPirate]

I reverted back to 20240221-e5eff12e which is the last unaffected release. That means the bug was introduced at 20240221-e5eff12e...20240223-ab2bb023.

[superboy-zjc]

I reverted back to 20240221-e5eff12e which is the last unaffected release. That means the bug was introduced at 20240221-e5eff12e...20240223-ab2bb023.

Thanks for your valuable information.

[achute]

same issue - worked with 20240221-e5eff12e

[carlospolop]

Thanks for the info guys, specially to @StayPirate!
I have reverted the changes from that PR and there should be a new release in some mins, let me know if that fix it pls!

[bmigette]

@carlospolop Tried on one windows machine today (not the same as before though), and didn't got the issue. Will try on a few others and update if I still face the issue