awinrm 0.0.1__tar.gz

awinrm-0.0.1/LICENSE

@@ -0,0 +1,45 @@
+MIT License
+
+Copyright (c) 2023 Tamas Jos (@skelsec)
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.
+
+##############################################################################
+Original project (also MIT) was taken from https://github.com/diyan/pywinrm
+
+
+Copyright (c) 2013 Alexey Diyan
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.

awinrm-0.0.1/MANIFEST.in

@@ -0,0 +1,2 @@
+include LICENSE
+include README.md

awinrm-0.0.1/PKG-INFO

@@ -0,0 +1,20 @@
+Metadata-Version: 2.1
+Name: awinrm
+Version: 0.0.1
+Summary: Asynchronous Python library for Windows Remote Management
+Home-page: https://github.com/skelsec/awinrm
+Author: Tamas Jos
+Author-email: info@skelsecprojects.com
+Classifier: Programming Language :: Python :: 3.7
+Classifier: Programming Language :: Python :: 3.8
+Classifier: License :: OSI Approved :: MIT License
+Classifier: Operating System :: OS Independent
+Requires-Python: >=3.7
+License-File: LICENSE
+Requires-Dist: unicrypto==0.0.10
+Requires-Dist: asysocks>=0.2.10
+Requires-Dist: asyauth>=0.0.14
+Requires-Dist: six
+Requires-Dist: xmltodict
+
+Asynchronous Python library for Windows Remote Management

awinrm-0.0.1/README.md

@@ -0,0 +1 @@
+# awinrm

awinrm-0.0.1/awinrm/__init__.py

@@ -0,0 +1,213 @@
+from __future__ import unicode_literals
+import logging
+logger = logging.getLogger('awinrm')
+handler = logging.StreamHandler()
+formatter = logging.Formatter(
+        '%(asctime)s %(name)-12s %(levelname)-8s %(message)s')
+handler.setFormatter(formatter)
+logger.addHandler(handler)
+logger.setLevel(logging.INFO)
+logger.propagate = False
+
+
+import re
+from base64 import b64encode
+import xml.etree.ElementTree as ET
+import warnings
+import asyncio
+
+
+from asysocks.unicomm.protocol.client.http.commons.factory import HTTPConnectionFactory
+from awinrm.protocol import Protocol
+
+
+class Session:
+	def __init__(self, url:str, ssl_ctx = None, authtype='auto', factory:HTTPConnectionFactory = None, **kwargs):
+		if factory is None:
+			if url is None:
+				raise Exception('Either url or factory parameter is required')
+			factory = HTTPConnectionFactory.from_url(url)
+		cred = factory.get_credential()
+		target = factory.get_target()
+		self.url = self._build_url(target.get_url(), kwargs.get('transport', 'plaintext'))
+		self.protocol = Protocol(self.url, cred, ssl_ctx = ssl_ctx, authtype=authtype, proxies=target.proxies, **kwargs)
+		self.__shells = []
+
+	async def __aenter__(self):
+		return self
+	
+	async def __aexit__(self, exc_type, exc, tb):
+		for shell in self.__shells:
+			await shell.close()
+		await self.protocol.close()
+
+	def create_shell(self, working_directory=None, env_vars=None, noprofile=False,
+					codepage=437, lifetime=None, idle_timeout=None):
+		shell = WinRMShell(self, working_directory=working_directory, env_vars=env_vars, noprofile=noprofile,
+					codepage=codepage, lifetime=lifetime, idle_timeout=idle_timeout)
+		self.__shells.append(shell)
+		return shell
+
+	async def run_cmd(self, command, args=()):
+		shell_id = await self.protocol.open_shell()
+		command_id = await self.protocol.run_command(shell_id, command, args)
+		stdout_buff = b''
+		stderr_buff = b''
+		return_code = -1
+		async for stdout, stderr, return_code in self.protocol.get_command_output(shell_id, command_id):
+			stdout_buff += stdout
+			stderr_buff += stderr
+			return_code = return_code
+		await self.protocol.cleanup_command(shell_id, command_id)
+		await self.protocol.close_shell(shell_id)
+		return stdout_buff, stderr_buff, return_code
+
+	async def run_ps(self, script):
+		"""base64 encodes a Powershell script and executes the powershell
+		encoded script command
+		"""
+		# must use utf16 little endian on windows
+		encoded_ps = b64encode(script.encode('utf_16_le')).decode('ascii')
+		rs = self.run_cmd('powershell -encodedcommand {0}'.format(encoded_ps))
+		if len(rs.std_err):
+			# if there was an error message, clean it it up and make it human
+			# readable
+			rs.std_err = self._clean_error_msg(rs.std_err)
+		return rs
+
+	def _clean_error_msg(self, msg):
+		"""converts a Powershell CLIXML message to a more human readable string
+		"""
+		# TODO prepare unit test, beautify code
+		# if the msg does not start with this, return it as is
+		if msg.startswith(b"#< CLIXML\r\n"):
+			# for proper xml, we need to remove the CLIXML part
+			# (the first line)
+			msg_xml = msg[11:]
+			try:
+				# remove the namespaces from the xml for easier processing
+				msg_xml = self._strip_namespace(msg_xml)
+				root = ET.fromstring(msg_xml)
+				# the S node is the error message, find all S nodes
+				nodes = root.findall("./S")
+				new_msg = ""
+				for s in nodes:
+					# append error msg string to result, also
+					# the hex chars represent CRLF so we replace with newline
+					new_msg += s.text.replace("_x000D__x000A_", "\n")
+			except Exception as e:
+				# if any of the above fails, the msg was not true xml
+				# print a warning and return the original string
+				warnings.warn(
+					"There was a problem converting the Powershell error "
+					"message: %s" % (e))
+			else:
+				# if new_msg was populated, that's our error message
+				# otherwise the original error message will be used
+				if len(new_msg):
+					# remove leading and trailing whitespace while we are here
+					return new_msg.strip().encode('utf-8')
+
+		# either failed to decode CLIXML or there was nothing to decode
+		# just return the original message
+		return msg
+
+	def _strip_namespace(self, xml):
+		"""strips any namespaces from an xml string"""
+		p = re.compile(b"xmlns=*[\"\"][^\"\"]*[\"\"]")
+		allmatches = p.finditer(xml)
+		for match in allmatches:
+			xml = xml.replace(match.group(), b"")
+		return xml
+
+	@staticmethod
+	def _build_url(target, transport):
+		match = re.match(
+			r'(?i)^((?P<scheme>http[s]?)://)?(?P<host>[0-9a-z-_.]+)(:(?P<port>\d+))?(?P<path>(/)?(wsman)?)?', target)  # NOQA
+		scheme = match.group('scheme')
+		if not scheme:
+			# TODO do we have anything other than HTTP/HTTPS
+			scheme = 'https' if transport == 'ssl' else 'http'
+		host = match.group('host')
+		port = match.group('port')
+		if not port:
+			port = 5986 if transport == 'ssl' else 5985
+		path = match.group('path')
+		if not path:
+			path = 'wsman'
+		return '{0}://{1}:{2}/{3}'.format(scheme, host, port, path.lstrip('/'))
+
+
+
+class WinRMShell:
+	def __init__(self, session:Session, working_directory:str=None, env_vars=None, noprofile:bool=False,
+				codepage:int=437, lifetime:int=None, idle_timeout:int=None):
+		self.session = session
+		self.working_directory = working_directory
+		self.env_vars = env_vars
+		self.noprofile = noprofile
+		self.codepage = codepage
+		self.lifetime = lifetime
+		self.idle_timeout = idle_timeout
+		self.shell_cmd = 'cmd.exe'
+		self.command_id = None
+		self.closed_evt = asyncio.Event()
+
+		self.shell_id = None
+		self.stdin = asyncio.Queue()
+		self.stdout = asyncio.Queue()
+		self.stderr = asyncio.Queue()
+		self.return_code = None
+
+	async def __aenter__(self):
+		try:
+			self.shell_id = await self.session.protocol.open_shell(
+				working_directory = self.working_directory,
+				env_vars = self.env_vars,
+				noprofile = self.noprofile,
+				codepage = self.codepage,
+				lifetime = self.lifetime,
+				idle_timeout = self.idle_timeout
+			)
+			self.command_id = await self.session.protocol.run_command(self.shell_id, self.shell_cmd)
+			stdout, stderr, return_code, command_done = await self.session.protocol._raw_get_command_output(self.shell_id, self.command_id)
+			await self.stdout.put(stdout)
+			await self.stderr.put(stderr)
+			self.return_code = return_code
+
+			return self
+		except Exception as e:
+			await self.__aexit__(None, None, None)
+			raise e
+	
+	async def __aexit__(self, exc_type, exc, tb):
+		await self.close()
+
+	async def close(self):
+		if self.closed_evt.is_set():
+			return
+		await self.session.protocol.cleanup_command(self.shell_id, self.command_id)
+		await self.session.protocol.close_shell(self.shell_id)
+		self.closed_evt.set()
+
+	async def send_input(self, data):
+		await self.session.protocol.send_command_input(self.shell_id, self.command_id, data)
+		await self.read_output()
+
+	async def read_output(self):
+		stdout, stderr, return_code, command_done = await self.session.protocol._raw_get_command_output(self.shell_id, self.command_id)
+		await self.stdout.put(stdout)
+		await self.stderr.put(stderr)
+		self.return_code = return_code
+
+
+def decode_bytes(data:bytes, hint:str='cp437'):
+	encodings = ['utf-8', 'cp1252', 'cp1251', 'cp932', 'cp936']
+	if hint is not None and len(hint) > 0:
+		encodings.insert(0, hint)
+	for encoding in encodings:
+		try:
+			return data.decode(encoding)
+		except UnicodeDecodeError:
+			continue
+	raise UnicodeDecodeError("Unable to decode the input data with the provided encodings.")

awinrm-0.0.1/awinrm/_version.py

@@ -0,0 +1,7 @@
+
+__version__ = "0.0.1"
+__banner__ = \
+"""
+# awinrm %s 
+# Author: Tamas Jos @skelsec (info@skelsecprojects.com)
+""" % __version__

awinrm-0.0.1/awinrm/encryption.py

@@ -0,0 +1,229 @@
+import re
+import struct
+from awinrm import logger
+from awinrm.exceptions import WinRMError
+from urllib.parse import urlsplit
+
+from asyauth.common.credentials.ntlm import NTLMCredential
+from asyauth.common.credentials.kerberos import KerberosCredential
+from asyauth.common.credentials.spnego import SPNEGOCredential
+from asyauth.common.credentials.credssp import CREDSSPCredential
+
+class Encryption(object):
+
+    SIXTEN_KB = 16384
+    MIME_BOUNDARY = b'--Encrypted Boundary'
+
+    def __init__(self, session, protocol:str):
+        """
+        [MS-WSMV] v30.0 2016-07-14
+
+        2.2.9.1 Encrypted Message Types
+        When using Encryption, there are three options available
+            1. Negotiate/SPNEGO
+            2. Kerberos
+            3. CredSSP
+        Details for each implementation can be found in this document under this section
+
+        This init sets the following values to use to encrypt and decrypt. This is to help generify
+        the methods used in the body of the class.
+            wrap: A method that will return the encrypted message and a signature
+            unwrap: A method that will return an unencrypted message and verify the signature
+            protocol_string: The protocol string used for the particular auth protocol
+
+        :param session: The handle of the session to get GSS-API wrap and unwrap methods
+        :param protocol: The auth protocol used, will determine the wrapping and unwrapping method plus
+                         the protocol string to use. Currently only NTLM and CredSSP is supported
+        """
+        self.protocol = protocol.lower()
+        self.session = session
+        self.sequence_number = 0
+        logger.debug('Using encryption protocol: %s' % self.protocol)
+        cred = self.session.authmanager.authobj.get_active_credential()
+        if self.protocol == 'spnego':  # Details under Negotiate [2.2.9.1.1] in MS-WSMV
+            self.protocol_string = b"application/HTTP-SPNEGO-session-encrypted"
+            if isinstance(cred, NTLMCredential):
+                self._build_message = self._build_ntlm_message
+                self._decrypt_message = self._decrypt_ntlm_message
+            elif isinstance(cred, KerberosCredential):
+                self._build_message = self._build_kerberos_message
+                self._decrypt_message = self._decrypt_kerberos_message
+
+        elif self.protocol == 'credssp':  # Details under CredSSP [2.2.9.1.3] in MS-WSMV
+            self.protocol_string = b"application/HTTP-CredSSP-session-encrypted"
+            self._build_message = self._build_credssp_message
+            self._decrypt_message = self._decrypt_credssp_message
+            
+        else:
+            raise WinRMError("Encryption for protocol '%s' not supported in awinrm" % self.protocol)
+
+    async def prepare_encrypted_request(self, endpoint, message):
+        """
+        Creates a prepared request to send to the server with an encrypted message
+        and correct headers
+
+        :param endpoint: The endpoint/server to prepare requests to
+        :param message: The unencrypted message to send to the server
+        :return: A prepared request that has an encrypted message
+        """
+        host = urlsplit(endpoint).hostname
+
+        if self.protocol == 'credssp' and len(message) > self.SIXTEN_KB:
+            content_type = 'multipart/x-multi-encrypted'
+            encrypted_message = b''
+            message_chunks = [message[i:i+self.SIXTEN_KB] for i in range(0, len(message), self.SIXTEN_KB)]
+            for message_chunk in message_chunks:
+                encrypted_chunk = await self._encrypt_message(message_chunk, host)
+                encrypted_message += encrypted_chunk
+        else:
+            content_type = 'multipart/encrypted'
+            encrypted_message = await self._encrypt_message(message, host)
+        encrypted_message += self.MIME_BOUNDARY + b"--\r\n"
+        
+        headers = []
+        headers.append(('Content-Type', '{0};protocol="{1}";boundary="Encrypted Boundary"'\
+            .format(content_type, self.protocol_string.decode())))
+
+        return encrypted_message, headers
+
+    async def parse_encrypted_response(self, response, data):
+        """
+        Takes in the encrypted response from the server and decrypts it
+
+        :param response: The response that needs to be decrypted
+        :return: The unencrypted message from the server
+        """
+        
+        content_type = response.getheaders('content-type')
+        if content_type is None:
+            return data
+        content_type = content_type[0]
+        if 'protocol="{0}"'.format(self.protocol_string.decode()) in content_type:
+            host = urlsplit(response.url).hostname
+            msg = await self._decrypt_response(host, data)
+        else:
+            msg = data
+
+        return msg
+
+    async def _encrypt_message(self, message, host):
+        message_length = str(len(message)).encode()
+        encrypted_stream = await self._build_message(message, host)
+
+        message_payload = self.MIME_BOUNDARY + b"\r\n" \
+                                               b"\tContent-Type: " + self.protocol_string + b"\r\n" \
+                                               b"\tOriginalContent: type=application/soap+xml;charset=UTF-8;Length=" + message_length + b"\r\n" + \
+                                               self.MIME_BOUNDARY + b"\r\n" \
+                                               b"\tContent-Type: application/octet-stream\r\n" + \
+                                               encrypted_stream
+
+        return message_payload
+
+    async def _decrypt_response(self, host, data):
+        parts = data.split(self.MIME_BOUNDARY + b'\r\n')
+        parts = list(filter(None, parts))  # filter out empty parts of the split
+        message = b''
+
+        for i in range(0, len(parts)):
+            if i % 2 == 1:
+                continue
+
+            header = parts[i].strip()
+            payload = parts[i + 1]
+
+            expected_length = int(header.split(b'Length=')[1])
+
+            # remove the end MIME block if it exists
+            if payload.endswith(self.MIME_BOUNDARY + b'--\r\n'):
+                payload = payload[:len(payload) - 24]
+
+            encrypted_data = payload.replace(b'\tContent-Type: application/octet-stream\r\n', b'')
+            decrypted_message = await self._decrypt_message(encrypted_data, host)
+            actual_length = len(decrypted_message)
+
+            if actual_length != expected_length:
+                raise WinRMError('Encrypted length from server does not match the '
+                                 'expected size, message has been tampered with')
+            message += decrypted_message
+
+        return message
+
+    async def _decrypt_ntlm_message(self, encrypted_data, host):
+        message = await self.session.authmanager.authobj.decrypt(encrypted_data[4:], None)
+        return message[0]
+
+    async def _decrypt_credssp_message(self, encrypted_data, host):
+        message, signature = await self.session.authmanager.authobj.decrypt(encrypted_data[4:], None)
+        return message
+
+    async def _decrypt_kerberos_message(self, encrypted_data, host):
+        signature_length = struct.unpack("<i", encrypted_data[:4])[0]
+        signature = b'\x00'*8 + encrypted_data[4:signature_length + 4]
+        encrypted_message = encrypted_data[signature_length + 4:]
+
+        message, _ = await self.session.authmanager.authobj.decrypt(encrypted_message, None, auth_data=signature)
+        return message
+
+    async def _build_ntlm_message(self, message, host):
+        sealed_message, signature = await self.session.authmanager.authobj.encrypt(message, self.sequence_number)
+        signature_length = struct.pack("<i", len(signature))
+        self.sequence_number += 1
+        return signature_length + signature + sealed_message
+
+    async def _build_credssp_message(self, message, host):
+        sealed_message, _ = await self.session.authmanager.authobj.encrypt(message, self.sequence_number) ##TODO: Check if this is correct
+        cipher_negotiated = self.session.authmanager.authobj.get_cipher_name()
+        trailer_length = self._get_credssp_trailer_length(len(message), cipher_negotiated)
+        return struct.pack("<i", trailer_length) + sealed_message
+
+    async def _build_kerberos_message(self, message, host):
+        self.sequence_number = 0
+        sealed_message, signature = await self.session.authmanager.authobj.encrypt(message, self.sequence_number) ##TODO: Check if this is correct
+        self.sequence_number += 1
+        signature_length = struct.pack("<i", len(signature))
+        return signature_length + signature + sealed_message
+
+    def _get_credssp_trailer_length(self, message_length, cipher_suite):
+        # I really don't like the way this works but can't find a better way, MS
+        # allows you to get this info through the struct SecPkgContext_StreamSizes
+        # but there is no GSSAPI/OpenSSL equivalent so we need to calculate it
+        # ourselves
+
+        if re.match(r'^.*-GCM-[\w\d]*$', cipher_suite):
+            # We are using GCM for the cipher suite, GCM has a fixed length of 16
+            # bytes for the TLS trailer making it easy for us
+            trailer_length = 16
+        else:
+            # We are not using GCM so need to calculate the trailer size. The
+            # trailer length is equal to the length of the hmac + the length of the
+            # padding required by the block cipher
+            hash_algorithm = cipher_suite.split('-')[-1]
+
+            # while there are other algorithms, SChannel doesn't support them
+            # as of yet https://msdn.microsoft.com/en-us/library/windows/desktop/aa374757(v=vs.85).aspx
+            if hash_algorithm == 'MD5':
+                hash_length = 16
+            elif hash_algorithm == 'SHA':
+                hash_length = 20
+            elif hash_algorithm == 'SHA256':
+                hash_length = 32
+            elif hash_algorithm == 'SHA384':
+                hash_length = 48
+            else:
+                hash_length = 0
+
+            pre_pad_length = message_length + hash_length
+
+            if "RC4" in cipher_suite:
+                # RC4 is a stream cipher so no padding would be added
+                padding_length = 0
+            elif "DES" in cipher_suite or "3DES" in cipher_suite:
+                # 3DES is a 64 bit block cipher
+                padding_length = 8 - (pre_pad_length % 8)
+            else:
+                # AES is a 128 bit block cipher
+                padding_length = 16 - (pre_pad_length % 16)
+
+            trailer_length = (pre_pad_length + padding_length) - message_length
+
+        return trailer_length

awinrm-0.0.1/awinrm/examples/authcheck.py

@@ -0,0 +1,33 @@
+import asyncio
+from awinrm import Session
+from asysocks.unicomm.protocol.client.http.client import ClientSession
+
+async def check_auth(url):
+	async with ClientSession() as session:
+		async with session.post(url) as resp:
+			if resp.status == 401:
+				return resp.get_all('www-authenticate', [])
+			return ['NOAUTH']
+
+async def amain(url):
+	transport = 'ssl'
+	if url.startswith('http://'):
+		transport = 'plaintext'
+	url = Session._build_url(url, transport)
+	print('[+] Testing URL: ' + url)
+	headers = await check_auth(url)
+	for entry in headers:
+		print('[+] Authenthod: %s' % entry)
+
+
+def main():
+	import argparse
+
+	parser = argparse.ArgumentParser(description='WinRM - Enumerate authentication types supported by the remote server')
+	parser.add_argument('url', type=str, help = 'URL to connect to. Must start with http:// or https://')
+	args = parser.parse_args()
+	
+	asyncio.run(amain(args.url))
+
+if __name__ == '__main__':
+	main()

awinrm-0.0.1/awinrm/examples/runcmd.py

@@ -0,0 +1,48 @@
+import sys
+import asyncio
+import traceback
+from awinrm import Session, decode_bytes
+from awinrm import logger
+
+async def amain(url, command, authtype):
+	async with Session(url, authtype=authtype) as session:
+		try:
+			stdout, stderr, return_code = await session.run_cmd(command)
+			if len(stdout) > 0:
+				print(decode_bytes(stdout))
+			if len(stderr) > 0:
+				print(decode_bytes(stderr), file=sys.stderr)
+			sys.exit(return_code)
+		except Exception as e:
+			traceback.print_exc()
+			print('[-] Error: %s' % str(e))
+			sys.exit(1)
+
+def main():
+	import argparse
+	import logging
+	from asyauth import logger as authlogger
+	from asysocks import logger as sockslogger
+
+	parser = argparse.ArgumentParser(description='WinRM - Execute a single shell command remotely')
+	parser.add_argument('-v', '--verbose', action='count', default=0, help='Verbosity')
+	parser.add_argument('-c', '--command', type=str, default = 'ipconfig /all', help = 'Shell command to execute')
+	parser.add_argument('-a', '--authproto', choices=['spnego', 'credssp'], default = 'spnego', help = 'Authentication protocol to use')
+	parser.add_argument('url', type=str, help = 'URL to connect to')
+	args = parser.parse_args()
+
+	if args.verbose == 0:
+		logging.basicConfig(level=logging.INFO)
+		logger.setLevel(logging.ERROR)
+		authlogger.setLevel(logging.ERROR)
+		sockslogger.setLevel(logging.ERROR)
+	else:
+		logging.basicConfig(level=logging.DEBUG)
+		logger.setLevel(logging.DEBUG)
+		authlogger.setLevel(logging.DEBUG)
+		sockslogger.setLevel(logging.DEBUG)
+	
+	asyncio.run(amain(args.url, args.command, args.authproto))
+
+if __name__ == '__main__':
+	main()

awinrm-0.0.1/awinrm/examples/shell.py

@@ -0,0 +1,62 @@
+import sys
+import asyncio
+import traceback
+from awinrm import Session, decode_bytes
+from awinrm import logger
+
+import aioconsole
+
+async def print_output(shell):
+	while True:
+		try:
+			stdout = await shell.stdout.get()
+			if len(stdout) > 0:
+				print(decode_bytes(stdout), end='')
+			stderr = await shell.stderr.get()
+			if len(stderr) > 0:
+				print(decode_bytes(stderr), end='', file=sys.stderr)
+		except asyncio.CancelledError:
+			break
+		except Exception as e:
+			traceback.print_exc()
+			print('[-] Error: %s' % str(e))
+			sys.exit(1)
+
+async def amain(url, authtype):
+	async with Session(url, authtype=authtype) as session:
+		async with session.create_shell() as shell:
+			try:
+				x = asyncio.create_task(print_output(shell))
+				while True:
+					user_input = await aioconsole.ainput("")
+					await shell.send_input(user_input + '\r\n')
+			except Exception as e:
+				traceback.print_exc()
+				print('[-] Error: %s' % str(e))
+				sys.exit(1)
+	
+
+def main():
+	import argparse
+	import logging
+	from asyauth import logger as authlogger
+
+	parser = argparse.ArgumentParser(description='WinRM - Execute a single shell command remotely')
+	parser.add_argument('-v', '--verbose', action='count', default=0, help='Verbosity')
+	parser.add_argument('-a', '--authproto', choices=['spnego', 'credssp'], default = 'spnego', help = 'Authentication protocol to use')
+	parser.add_argument('url', type=str, help = 'URL to connect to')
+	args = parser.parse_args()
+
+	if args.verbose == 0:
+		logging.basicConfig(level=logging.INFO)
+		logger.setLevel(logging.ERROR)
+		authlogger.setLevel(logging.ERROR)
+	else:
+		logging.basicConfig(level=logging.DEBUG)
+		logger.setLevel(logging.DEBUG)
+		authlogger.setLevel(logging.DEBUG)
+	
+	asyncio.run(amain(args.url, args.authproto))
+
+if __name__ == '__main__':
+	main()