Added environment variable enumeration module for Windows

pwncat/modules/windows/enumerate/system/environment.py

@@ -0,0 +1,54 @@
+#!/usr/bin/env python3
+
+from typing import Any, Dict, List
+
+import pwncat
+import rich.markup
+from pwncat import util
+from pwncat.db import Fact
+from pwncat.modules import ModuleFailed
+from pwncat.modules.enumerate import EnumerateModule, Schedule
+from pwncat.platform import PlatformError
+from pwncat.platform.windows import PowershellError, Windows
+
+
+class EnvironmentData(Fact):
+    def __init__(self, source, variable:str, value:str):
+        super().__init__(source=source, types=["system.environment"])
+
+        self.variable: bool = variable
+        self.value: str = value
+
+
+    def title(self, session):
+        return f"[cyan]{rich.markup.escape(self.variable)}[/cyan] = [blue]{rich.markup.escape(self.value)} [/blue]"
+
+
+class Module(EnumerateModule):
+    """Enumerate the current Windows Defender settings on the target"""
+
+    PROVIDES = ["system.environment"]
+    PLATFORM = [Windows]
+
+    def enumerate(self, session):
+
+
+        try:
+            result = session.platform.powershell(
+                f"Get-ChildItem env:\\ | Select Name,Value"
+            )
+
+            if not result:
+                raise ModuleFailed(
+                    f"failed to retrieve env: PSDrive"
+                )
+
+            environment = result[0]
+
+        except PowershellError as exc:
+            raise ModuleFailed(
+                f"failed to retrieve env: PSDrive"
+            ) from exc
+
+        for pair in environment:
+            yield EnvironmentData(self.name, pair["Name"], pair["Value"])