1
0
mirror of https://github.com/calebstewart/pwncat.git synced 2024-11-30 20:34:15 +01:00

Added environment variable enumeration module for Windows

This commit is contained in:
John Hammond 2021-06-05 01:07:05 -04:00
parent f78dd52500
commit 0ce37fbed7

View File

@ -0,0 +1,54 @@
#!/usr/bin/env python3
from typing import Any, Dict, List
import pwncat
import rich.markup
from pwncat import util
from pwncat.db import Fact
from pwncat.modules import ModuleFailed
from pwncat.modules.enumerate import EnumerateModule, Schedule
from pwncat.platform import PlatformError
from pwncat.platform.windows import PowershellError, Windows
class EnvironmentData(Fact):
def __init__(self, source, variable:str, value:str):
super().__init__(source=source, types=["system.environment"])
self.variable: bool = variable
self.value: str = value
def title(self, session):
return f"[cyan]{rich.markup.escape(self.variable)}[/cyan] = [blue]{rich.markup.escape(self.value)} [/blue]"
class Module(EnumerateModule):
"""Enumerate the current Windows Defender settings on the target"""
PROVIDES = ["system.environment"]
PLATFORM = [Windows]
def enumerate(self, session):
try:
result = session.platform.powershell(
f"Get-ChildItem env:\\ | Select Name,Value"
)
if not result:
raise ModuleFailed(
f"failed to retrieve env: PSDrive"
)
environment = result[0]
except PowershellError as exc:
raise ModuleFailed(
f"failed to retrieve env: PSDrive"
) from exc
for pair in environment:
yield EnvironmentData(self.name, pair["Name"], pair["Value"])