mirror of
https://github.com/calebstewart/pwncat.git
synced 2024-11-30 20:34:15 +01:00
Added environment variable enumeration module for Windows
This commit is contained in:
parent
f78dd52500
commit
0ce37fbed7
54
pwncat/modules/windows/enumerate/system/environment.py
Normal file
54
pwncat/modules/windows/enumerate/system/environment.py
Normal file
@ -0,0 +1,54 @@
|
||||
#!/usr/bin/env python3
|
||||
|
||||
from typing import Any, Dict, List
|
||||
|
||||
import pwncat
|
||||
import rich.markup
|
||||
from pwncat import util
|
||||
from pwncat.db import Fact
|
||||
from pwncat.modules import ModuleFailed
|
||||
from pwncat.modules.enumerate import EnumerateModule, Schedule
|
||||
from pwncat.platform import PlatformError
|
||||
from pwncat.platform.windows import PowershellError, Windows
|
||||
|
||||
|
||||
class EnvironmentData(Fact):
|
||||
def __init__(self, source, variable:str, value:str):
|
||||
super().__init__(source=source, types=["system.environment"])
|
||||
|
||||
self.variable: bool = variable
|
||||
self.value: str = value
|
||||
|
||||
|
||||
def title(self, session):
|
||||
return f"[cyan]{rich.markup.escape(self.variable)}[/cyan] = [blue]{rich.markup.escape(self.value)} [/blue]"
|
||||
|
||||
|
||||
class Module(EnumerateModule):
|
||||
"""Enumerate the current Windows Defender settings on the target"""
|
||||
|
||||
PROVIDES = ["system.environment"]
|
||||
PLATFORM = [Windows]
|
||||
|
||||
def enumerate(self, session):
|
||||
|
||||
|
||||
try:
|
||||
result = session.platform.powershell(
|
||||
f"Get-ChildItem env:\\ | Select Name,Value"
|
||||
)
|
||||
|
||||
if not result:
|
||||
raise ModuleFailed(
|
||||
f"failed to retrieve env: PSDrive"
|
||||
)
|
||||
|
||||
environment = result[0]
|
||||
|
||||
except PowershellError as exc:
|
||||
raise ModuleFailed(
|
||||
f"failed to retrieve env: PSDrive"
|
||||
) from exc
|
||||
|
||||
for pair in environment:
|
||||
yield EnvironmentData(self.name, pair["Name"], pair["Value"])
|
Loading…
Reference in New Issue
Block a user