Test global cache initialization performance

itm4n · Jan 6, 2025 · 1490abd · 1490abd
1 parent 795b4cd
commit 1490abd
Show file tree

Hide file tree

Showing 4 changed files with 12 additions and 16 deletions.
diff --git a/src/check/Globals.ps1 b/src/check/Globals.ps1
@@ -6,7 +6,6 @@ $script:GlobalVariable = @{
 $script:GlobalCache = @{
     ServiceList = $null
     DriverList = $null
-    HotFixList = $null
     ScheduledTaskList = $null
     RegisteredComList = $null
     CurrentUserSids = $null

diff --git a/src/check/Main.ps1 b/src/check/Main.ps1
@@ -61,8 +61,8 @@ function Invoke-PrivescCheck {
     )
 
     begin {
-        # Check wether the current process has admin privileges.
-        # The following check was taken from Pow*rUp.ps1
+        # Check whether the current process has admin privileges.
+        # The following check was taken from PowerUp.ps1
         $IsAdmin = ([Security.Principal.WindowsPrincipal] [Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole] "Administrator")
         if ($IsAdmin) {
             if (-not $Force) {
@@ -81,16 +81,6 @@ function Invoke-PrivescCheck {
             $script:GlobalCache.$CacheEntryName = $null
         }
 
-        # TODO: Initialize global cache.
-
-        # Ensure global cache was initialized.
-        # TODO: Uncomment after implementing cache initialization
-        # foreach ($CacheEntryName in $($script:GlobalCache.Keys)) {
-        #     if ($null -eq $script:GlobalCache.$CacheEntryName) {
-        #         Write-Warning "Cache entry '$($CacheEntryName)' was not initialized."
-        #     }
-        # }
-
         # Once the cache is fully initialized, we can build an InitialSessionState
         # object that we can use in different runspaces.
         $script:GlobalVariable.InitialSessionState = New-InitialSessionState

diff --git a/src/helper/Environment.ps1 b/src/helper/Environment.ps1
@@ -4,6 +4,7 @@ function Get-CurrentUserSid {
     param()
 
     if ($null -eq $script:GlobalCache.CurrentUserSids) {
+        Write-Verbose "Initializing cache: CurrentUserSids"
         $UserIdentity = [System.Security.Principal.WindowsIdentity]::GetCurrent()
         $script:GlobalCache.CurrentUserSids = $UserIdentity.Groups | Select-Object -ExpandProperty Value
         $script:GlobalCache.CurrentUserSids += $UserIdentity.User.Value
@@ -18,6 +19,7 @@ function Get-CurrentUserDenySid {
     param()
 
     if ($null -eq $script:GlobalCache.CurrentUserDenySids) {
+        Write-Verbose "Initializing cache: CurrentUserDenySids"
         $script:GlobalCache.CurrentUserDenySids = [string[]](Get-TokenInformationGroup -InformationClass Groups | Where-Object { $_.Attributes.Equals("UseForDenyOnly") } | Select-Object -ExpandProperty SID)
         if ($null -eq $script:GlobalCache.CurrentUserDenySids) {
             $script:GlobalCache.CurrentUserDenySids = @()

diff --git a/src/helper/SystemInformation.ps1 b/src/helper/SystemInformation.ps1
@@ -102,6 +102,8 @@ function Get-ComClassFromRegistry {
     process {
         if ($null -eq $script:GlobalCache.RegisteredComList) {
 
+            Write-Verbose "Initializing cache: RegisteredComList"
+
             $script:GlobalCache.RegisteredComList = @()
 
             Get-ChildItem -Path "Registry::$($RootKey)" -ErrorAction SilentlyContinue |
@@ -686,9 +688,8 @@ function Get-ServiceFromRegistry {
 
     [CmdletBinding()]
     param(
-        [Parameter(Mandatory=$true)]
         [ValidateSet(0,1,2,3)]
-        [Int] $FilterLevel
+        [UInt32] $FilterLevel = 1
     )
 
     begin {
@@ -725,6 +726,8 @@ function Get-ServiceFromRegistry {
             # If the cached service list hasn't been initialized yet, enumerate all services and populate the
             # cache.
 
+            Write-Verbose "Initializing cache: ServiceList"
+
             $ServicesRegPath = "HKLM\SYSTEM\CurrentControlSet\Services"
             $RegAllServices = Get-ChildItem -Path "Registry::$($ServicesRegPath)" -ErrorAction SilentlyContinue
 
@@ -787,7 +790,7 @@ function Get-KernelDriver {
         # If the cached driver list hasn't been initialized yet, enumerate all drivers,
         # resolve their paths and populate the cache.
 
-        Write-Verbose "Populating driver list cache..."
+        Write-Verbose "Initializing cache: DriverList"
 
         $Services = Get-ServiceFromRegistry -FilterLevel 1 | Where-Object { @('KernelDriver','FileSystemDriver','RecognizerDriver') -contains $_.Type }
 
@@ -1191,6 +1194,8 @@ function Get-ScheduledTaskList {
 
             # If the cache is empty, enumerate scheduled tasks and populate the cache.
 
+            Write-Verbose "Initializing cache: ScheduledTaskList"
+
             $script:GlobalCache.ScheduledTaskList = @()
 
             $ScheduleService = New-Object -ComObject("Schedule.Service")