evil-winrm 1.7 → 1.8
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/evil-winrm.rb +28 -12
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: d0b098dfe30ffa9ff59a66cbb864ab9afb87b5210f67dc995ca7812ea376f401
|
|
4
|
+
data.tar.gz: 467111a369daeb2ee03af500e8688c3f48578c5fa5f43a3ef59e8c86ec802b8e
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 02335e0cc9402ca597d28291a1d73d55dd37791c194d5a61bf51211613eb1f0758ba41e1e5626b169b7977526e8a0f21c1d271345ae38609e887aa6b474a3e8a
|
|
7
|
+
data.tar.gz: 21b63b0cc7be7c325c05a73f55f1f800039cef7569dead55ab7122a1809b544610c50075636a83ff23ae814d00f5b461a7c8b21dd36eb261c85132b0c5e95072
|
data/lib/evil-winrm.rb
CHANGED
|
@@ -17,7 +17,7 @@ require 'io/console'
|
|
|
17
17
|
# Constants
|
|
18
18
|
|
|
19
19
|
# Version
|
|
20
|
-
VERSION = '1.
|
|
20
|
+
VERSION = '1.8'
|
|
21
21
|
|
|
22
22
|
# Msg types
|
|
23
23
|
TYPE_INFO = 0
|
|
@@ -55,7 +55,7 @@ class EvilWinRM
|
|
|
55
55
|
def arguments()
|
|
56
56
|
options = { port:$port, url:$url }
|
|
57
57
|
optparse = OptionParser.new do |opts|
|
|
58
|
-
opts.banner = "Usage: evil-winrm -i IP -u USER [-s SCRIPTS_PATH] [-e EXES_PATH] [-P PORT] [-p PASS] [-U URL] [-S] [-c PUBLIC_KEY_PATH ] [-k PRIVATE_KEY_PATH ]"
|
|
58
|
+
opts.banner = "Usage: evil-winrm -i IP -u USER [-s SCRIPTS_PATH] [-e EXES_PATH] [-P PORT] [-p PASS] [-H HASH] [-U URL] [-S] [-c PUBLIC_KEY_PATH ] [-k PRIVATE_KEY_PATH ]"
|
|
59
59
|
opts.on("-S", "--ssl", "Enable ssl") do |val|
|
|
60
60
|
$ssl = true
|
|
61
61
|
options[:port] = "5986"
|
|
@@ -68,17 +68,29 @@ class EvilWinRM
|
|
|
68
68
|
opts.on("-U", "--url URL", "Remote url endpoint (default /wsman)") { |val| options[:url] = val }
|
|
69
69
|
opts.on("-u", "--user USER", "Username (required)") { |val| options[:user] = val }
|
|
70
70
|
opts.on("-p", "--password PASS", "Password") { |val| options[:password] = val }
|
|
71
|
+
opts.on("-H", "--hash HASH", "NTLM hash") do |val|
|
|
72
|
+
if options[:password] != nil and val != nil
|
|
73
|
+
self.print_header()
|
|
74
|
+
self.print_message("You must choose either password or hash auth. Both at the same time are not allowed", TYPE_ERROR)
|
|
75
|
+
self.custom_exit(1, false)
|
|
76
|
+
end
|
|
77
|
+
if !val.match /^[a-fA-F0-9]{32}$/
|
|
78
|
+
self.print_header()
|
|
79
|
+
self.print_message("Invalid hash format", TYPE_ERROR)
|
|
80
|
+
self.custom_exit(1, false)
|
|
81
|
+
end
|
|
82
|
+
options[:password] = "00000000000000000000000000000000:" + val
|
|
83
|
+
end
|
|
71
84
|
opts.on("-P", "--port PORT", "Remote host port (default 5985)") { |val| options[:port] = val }
|
|
72
85
|
opts.on("-V", "--version", "Show version") do |val|
|
|
73
86
|
puts("v" + VERSION)
|
|
74
|
-
custom_exit(0, false)
|
|
87
|
+
self.custom_exit(0, false)
|
|
75
88
|
end
|
|
76
89
|
opts.on('-h', '--help', 'Display this help message') do
|
|
77
|
-
|
|
78
|
-
self.print_message("Evil-WinRM shell v" + VERSION, TYPE_INFO, false)
|
|
90
|
+
self.print_header()
|
|
79
91
|
puts(opts)
|
|
80
92
|
puts()
|
|
81
|
-
custom_exit(0, false)
|
|
93
|
+
self.custom_exit(0, false)
|
|
82
94
|
end
|
|
83
95
|
end
|
|
84
96
|
|
|
@@ -90,8 +102,7 @@ class EvilWinRM
|
|
|
90
102
|
raise OptionParser::MissingArgument.new(missing.join(', '))
|
|
91
103
|
end
|
|
92
104
|
rescue OptionParser::InvalidOption, OptionParser::MissingArgument
|
|
93
|
-
|
|
94
|
-
self.print_message("Evil-WinRM shell v" + VERSION, TYPE_INFO, false)
|
|
105
|
+
self.print_header()
|
|
95
106
|
self.print_message($!.to_s, TYPE_ERROR)
|
|
96
107
|
puts(optparse)
|
|
97
108
|
puts()
|
|
@@ -112,6 +123,12 @@ class EvilWinRM
|
|
|
112
123
|
$priv_key = options[:priv_key]
|
|
113
124
|
end
|
|
114
125
|
|
|
126
|
+
# Print script header
|
|
127
|
+
def print_header()
|
|
128
|
+
puts()
|
|
129
|
+
self.print_message("Evil-WinRM shell v" + VERSION, TYPE_INFO, false)
|
|
130
|
+
end
|
|
131
|
+
|
|
115
132
|
# Generate connection object
|
|
116
133
|
def connection_initialization()
|
|
117
134
|
if $ssl then
|
|
@@ -277,8 +294,7 @@ class EvilWinRM
|
|
|
277
294
|
self.arguments()
|
|
278
295
|
self.connection_initialization()
|
|
279
296
|
file_manager = WinRM::FS::FileManager.new($conn)
|
|
280
|
-
|
|
281
|
-
self.print_message("Starting Evil-WinRM shell v" + VERSION, TYPE_INFO)
|
|
297
|
+
self.print_header()
|
|
282
298
|
|
|
283
299
|
if !$ssl and ($pub_key or $priv_key) then
|
|
284
300
|
self.print_message("Useless cert/s provided, SSL is not enabled", TYPE_WARNING)
|
|
@@ -394,7 +410,7 @@ class EvilWinRM
|
|
|
394
410
|
end
|
|
395
411
|
print(output.output)
|
|
396
412
|
rescue
|
|
397
|
-
self.print_message("Check
|
|
413
|
+
self.print_message("Check filenames", TYPE_ERROR)
|
|
398
414
|
end
|
|
399
415
|
|
|
400
416
|
elsif command.start_with?('Donut-Loader') then
|
|
@@ -412,7 +428,7 @@ class EvilWinRM
|
|
|
412
428
|
end
|
|
413
429
|
print(output.output)
|
|
414
430
|
rescue
|
|
415
|
-
self.print_message("Check
|
|
431
|
+
self.print_message("Check filenames", TYPE_ERROR)
|
|
416
432
|
end
|
|
417
433
|
|
|
418
434
|
elsif command.start_with?('services') then
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: evil-winrm
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: '1.
|
|
4
|
+
version: '1.8'
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- CyberVaca
|
|
@@ -11,7 +11,7 @@ authors:
|
|
|
11
11
|
autorequire:
|
|
12
12
|
bindir: bin
|
|
13
13
|
cert_chain: []
|
|
14
|
-
date: 2019-
|
|
14
|
+
date: 2019-10-20 00:00:00.000000000 Z
|
|
15
15
|
dependencies:
|
|
16
16
|
- !ruby/object:Gem::Dependency
|
|
17
17
|
name: winrm
|