evil-winrm 2.3 → 2.4
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/evil-winrm.rb +24 -7
- metadata +4 -5
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 8ad89cb0e9f8954bb567652c0ac9efaf25adf2df59207ff517c1328c13176c76
|
4
|
+
data.tar.gz: c5bb1cbea2d39ebc04101dbe5b6b3467fc16356e5f5c8bf9be7a1a256d6612c7
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 83787fb7677f6c73423929449fd4728c81254fb6613391374540354ba6c369aaf968cba56d99dca82308f60855cfeb8a9c6ddf7a5fc166b1347e4fbb2c5a4399
|
7
|
+
data.tar.gz: 35ab318b763a7bff03b4c711bffec6b636ebfbd3ca5238a7e273a8528ad8049d6ff70fd562c7e3dc40bf3033c7e307d388d69b55daa5b02eaee0822a77ccc531
|
data/lib/evil-winrm.rb
CHANGED
@@ -17,7 +17,7 @@ require 'time'
|
|
17
17
|
# Constants
|
18
18
|
|
19
19
|
# Version
|
20
|
-
VERSION = '2.
|
20
|
+
VERSION = '2.4'
|
21
21
|
|
22
22
|
# Msg types
|
23
23
|
TYPE_INFO = 0
|
@@ -46,6 +46,7 @@ $port = "5985"
|
|
46
46
|
$user = ""
|
47
47
|
$password = ""
|
48
48
|
$url = "wsman"
|
49
|
+
$default_service = "HTTP"
|
49
50
|
|
50
51
|
# Redefine download method from winrm-fs
|
51
52
|
module WinRM
|
@@ -85,9 +86,9 @@ class EvilWinRM
|
|
85
86
|
|
86
87
|
# Arguments
|
87
88
|
def arguments()
|
88
|
-
options = { port:$port, url:$url }
|
89
|
+
options = { port:$port, url:$url, service:$service }
|
89
90
|
optparse = OptionParser.new do |opts|
|
90
|
-
opts.banner = "Usage: evil-winrm -i IP -u USER [-s SCRIPTS_PATH] [-e EXES_PATH] [-P PORT] [-p PASS] [-H HASH] [-U URL] [-S] [-c PUBLIC_KEY_PATH ] [-k PRIVATE_KEY_PATH ] [-r REALM]"
|
91
|
+
opts.banner = "Usage: evil-winrm -i IP -u USER [-s SCRIPTS_PATH] [-e EXES_PATH] [-P PORT] [-p PASS] [-H HASH] [-U URL] [-S] [-c PUBLIC_KEY_PATH ] [-k PRIVATE_KEY_PATH ] [-r REALM] [--spn SPN_PREFIX]"
|
91
92
|
opts.on("-S", "--ssl", "Enable ssl") do |val|
|
92
93
|
$ssl = true
|
93
94
|
options[:port] = "5986"
|
@@ -96,10 +97,11 @@ class EvilWinRM
|
|
96
97
|
opts.on("-k", "--priv-key PRIVATE_KEY_PATH", "Local path to private key certificate") { |val| options[:priv_key] = val }
|
97
98
|
opts.on("-r", "--realm DOMAIN", "Kerberos auth, it has to be set also in /etc/krb5.conf file using this format -> CONTOSO.COM = { kdc = fooserver.contoso.com }") { |val| options[:realm] = val.upcase }
|
98
99
|
opts.on("-s", "--scripts PS_SCRIPTS_PATH", "Powershell scripts local path") { |val| options[:scripts] = val }
|
100
|
+
opts.on("--spn SPN_PREFIX", "SPN prefix for Kerberos auth (default HTTP)") { |val| options[:service] = val }
|
99
101
|
opts.on("-e", "--executables EXES_PATH", "C# executables local path") { |val| options[:executables] = val }
|
100
102
|
opts.on("-i", "--ip IP", "Remote host IP or hostname. FQDN for Kerberos auth (required)") { |val| options[:ip] = val }
|
101
103
|
opts.on("-U", "--url URL", "Remote url endpoint (default /wsman)") { |val| options[:url] = val }
|
102
|
-
opts.on("-u", "--user USER", "Username (required)") { |val| options[:user] = val }
|
104
|
+
opts.on("-u", "--user USER", "Username (required if not using kerberos)") { |val| options[:user] = val }
|
103
105
|
opts.on("-p", "--password PASS", "Password") { |val| options[:password] = val }
|
104
106
|
opts.on("-H", "--hash HASH", "NTHash") do |val|
|
105
107
|
if !options[:password].nil? and !val.nil?
|
@@ -163,6 +165,12 @@ class EvilWinRM
|
|
163
165
|
$pub_key = options[:pub_key]
|
164
166
|
$priv_key = options[:priv_key]
|
165
167
|
$realm = options[:realm]
|
168
|
+
$service = options[:service]
|
169
|
+
if !$realm.nil? then
|
170
|
+
if $service.nil? then
|
171
|
+
$service = $default_service
|
172
|
+
end
|
173
|
+
end
|
166
174
|
end
|
167
175
|
|
168
176
|
# Print script header
|
@@ -200,7 +208,8 @@ class EvilWinRM
|
|
200
208
|
user: "",
|
201
209
|
password: "",
|
202
210
|
transport: :kerberos,
|
203
|
-
realm: $realm
|
211
|
+
realm: $realm,
|
212
|
+
service: $service
|
204
213
|
)
|
205
214
|
else
|
206
215
|
$conn = WinRM::Connection.new(
|
@@ -225,7 +234,7 @@ class EvilWinRM
|
|
225
234
|
def colorize(text, color = "default")
|
226
235
|
colors = {"default" => "38", "blue" => "34", "red" => "31", "yellow" => "1;33", "magenta" => "35"}
|
227
236
|
color_code = colors[color]
|
228
|
-
return "\033[0;#{color_code}m#{text}\033[0m"
|
237
|
+
return "\001\033[0;#{color_code}m\002#{text}\001\033[0m\002"
|
229
238
|
end
|
230
239
|
|
231
240
|
# Messsage printing
|
@@ -393,6 +402,10 @@ class EvilWinRM
|
|
393
402
|
self.print_message("Password is not needed for Kerberos auth. Ticket will be used", TYPE_WARNING)
|
394
403
|
end
|
395
404
|
|
405
|
+
if $realm.nil? and !$service.nil? then
|
406
|
+
self.print_message("Useless spn provided, only used for Kerberos auth", TYPE_WARNING)
|
407
|
+
end
|
408
|
+
|
396
409
|
if !$scripts_path.nil? then
|
397
410
|
self.check_directories($scripts_path, "scripts")
|
398
411
|
functions = self.read_scripts($scripts_path)
|
@@ -412,7 +425,7 @@ class EvilWinRM
|
|
412
425
|
when Readline.line_buffer =~ /help.*/i
|
413
426
|
puts("#{$LIST.join("\t")}")
|
414
427
|
when Readline.line_buffer =~ /\[.*/i
|
415
|
-
$LISTASSEM.grep( /^#{Regexp.escape(str)}/i ) unless str.nil?
|
428
|
+
$LISTASSEM.grep( /^#{Regexp.escape(str)}/i ) unless str.nil?
|
416
429
|
when Readline.line_buffer =~ /Invoke-Binary.*/i
|
417
430
|
executables.grep( /^#{Regexp.escape(str)}/i ) unless str.nil?
|
418
431
|
when Readline.line_buffer =~ /donutfile.*/i
|
@@ -590,6 +603,10 @@ class EvilWinRM
|
|
590
603
|
STDERR.print(stderr)
|
591
604
|
end
|
592
605
|
end
|
606
|
+
rescue Errno::EACCES => ex
|
607
|
+
puts()
|
608
|
+
self.print_message("An error of type #{ex.class} happened, message is #{ex.message}", TYPE_ERROR)
|
609
|
+
retry
|
593
610
|
rescue Interrupt
|
594
611
|
puts("\n\n")
|
595
612
|
self.print_message("Press \"y\" to exit, press any other key to continue", TYPE_WARNING)
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: evil-winrm
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: '2.
|
4
|
+
version: '2.4'
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- CyberVaca
|
@@ -10,7 +10,7 @@ authors:
|
|
10
10
|
autorequire:
|
11
11
|
bindir: bin
|
12
12
|
cert_chain: []
|
13
|
-
date:
|
13
|
+
date: 2021-03-09 00:00:00.000000000 Z
|
14
14
|
dependencies:
|
15
15
|
- !ruby/object:Gem::Dependency
|
16
16
|
name: winrm
|
@@ -75,15 +75,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
75
75
|
requirements:
|
76
76
|
- - ">="
|
77
77
|
- !ruby/object:Gem::Version
|
78
|
-
version: '2.
|
78
|
+
version: '2.4'
|
79
79
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
80
80
|
requirements:
|
81
81
|
- - ">="
|
82
82
|
- !ruby/object:Gem::Version
|
83
83
|
version: '0'
|
84
84
|
requirements: []
|
85
|
-
|
86
|
-
rubygems_version: 2.7.6.2
|
85
|
+
rubygems_version: 3.2.5
|
87
86
|
signing_key:
|
88
87
|
specification_version: 4
|
89
88
|
summary: Evil-WinRM
|