From d2a79360abc500f20e64c10cdfa4b4ebc4190cb6 Mon Sep 17 00:00:00 2001 From: John Hammond Date: Fri, 18 Jun 2021 19:50:37 -0400 Subject: [PATCH] Added system localtime module --- .../windows/enumerate/system/localtime.py | 48 +++++++++++++++++++ 1 file changed, 48 insertions(+) create mode 100644 pwncat/modules/windows/enumerate/system/localtime.py diff --git a/pwncat/modules/windows/enumerate/system/localtime.py b/pwncat/modules/windows/enumerate/system/localtime.py new file mode 100644 index 0000000..3d9663a --- /dev/null +++ b/pwncat/modules/windows/enumerate/system/localtime.py @@ -0,0 +1,48 @@ +#!/usr/bin/env python3 + +import datetime + +import rich.markup + +from pwncat.db import Fact +from pwncat.modules import ModuleFailed +from pwncat.platform.windows import Windows, PowershellError +from pwncat.modules.enumerate import EnumerateModule + + +class LocalTime(Fact): + def __init__(self, source, localtime_string: str): + super().__init__(source=source, types=["system.localtime"]) + + self.localtime_string: str = localtime_string + self.localtime: str = datetime.datetime.strptime( + localtime_string, "%A, %B %d, %Y %I:%M:%S %p" + ) + + def title(self, session): + return f"Local time is: {rich.markup.escape(self.localtime_string)}" + + +class Module(EnumerateModule): + """Enumerate the current Windows Defender settings on the target""" + + PROVIDES = ["system.localtime"] + PLATFORM = [Windows] + + def enumerate(self, session): + + try: + result = session.platform.powershell('Get-Date -Format "F"') + + if not result: + return + + if isinstance(result[0], list) and result: + date_time = result[0] + else: + date_time = result[0] + + except PowershellError as exc: + raise ModuleFailed("failed to retrieve local time") from exc + + yield LocalTime(self.name, date_time)