8000 Let's use argparse · Issue #48 · rootm0s/WinPwnage · GitHub
[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to content

Let's use argparse #48

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
cclauss opened this issue Mar 28, 2019 · 6 comments
Closed

Let's use argparse #48

cclauss opened this issue Mar 28, 2019 · 6 comments

Comments

@cclauss
Copy link
Contributor
cclauss commented Mar 28, 2019
edited
Loading

This is a task on #19 Can you please try out this locallly and tune it to your preferences?

Once it is the right stuff, we can add it into #41.

usage: argparse_hack.py [-h]
                        {scan,use} {uac,persist,elevate,execute}
                        [function_number] [target]

positional arguments:
  {scan,use}            'scan' shows information and 'use' applies a function
  {uac,persist,elevate,execute}
  function_number       'use' only: function ID in the function group
  target                'use' only: filepath to the target

optional arguments:
  -h, --help            show this help message and exit

#!/usr/bin/env python3

import argparse


def parse_the_args():
    scan_or_use = ("scan", "use")
    choices = "uac persist elevate execute".split()
    parser = argparse.ArgumentParser()
    parser.add_argument("scan_or_use", choices=scan_or_use,
                        help="'scan' shows information and 'use' applies a function")
    parser.add_argument("function_group", choices=choices)
    parser.add_argument("function_number", default=0, type=int, nargs="?",
                        help="'use' only: function ID in the function group")
    parser.add_argument("target", default="C:windows\\system32\\cmd.exe", nargs="?",
                        help="'use' only: filepath to the target")
    print("=" * 10)
    parser.print_help()
    print("=" * 10)

    for verb in scan_or_use:
        for choice in choices:
            print(verb, choice, 1)
            print(parser.parse_args([verb, choice, "1"]))

    # Should exit with error
    print(parser.parse_args([]))


if __name__ == '__main__':
    parse_the_args()
@rootm0s
Copy link
Owner
rootm0s commented Mar 28, 2019

I'll check it out within a few days! I'll update here.

@rootm0s
Copy link
Owner
rootm0s commented Apr 9, 2019
edited
Loading

Haven't had the time to play around as much as I like but, this is a working example that works with current code. Not sure if I even use argparse as intended, can probably change/optimize the code a lot.

from __future__ import print_function
from winpwnage.core.prints import print_info
from winpwnage.core.scanner import scanner, function
from winpwnage.core.utils import *
import argparse
import sys

print("""
        _
  _ _ _|_|___ ___ _ _ _ ___ ___ ___ ___
 | | | | |   | . | | | |   | .'| . | -_|
 |_____|_|_|_|  _|_____|_|_|__,|_  |___|
             |_|               |___|
""")

def main():
	scan_cmds = ["uac", "persist", "elevate", "execute"]

	parser = argparse.ArgumentParser()
	parser.add_argument("--scan", nargs="+", required=False, help="None")
	parser.add_argument("--use", nargs="+", required=False, help="None")
	args = parser.parse_args()

	if args.scan:
		if scan_cmds[0] in args.scan:
			scanner(uac=True, persist=False, elevate=False, execute=False).start()
		elif scan_cmds[1] in args.scan:
			scanner(uac=False, persist=True, elevate=False, execute=Fal
8000
se).start()
		elif scan_cmds[2] in args.scan:
			scanner(uac=False, persist=False, elevate=True, execute=False).start()
		elif scan_cmds[3] in args.scan:
			scanner(uac=False, persist=False, elevate=False, execute=True).start()
		else:
			print ("Unknown scan args was passed")

	if args.use:
		#Use uac functions (Required args are id, payload)
		if scan_cmds[0] in args.use:
			if int(args.use[1]):
				if str(args.use[2]):
					function(uac=True, persist=False, elevate=False, execute=False).run(id=args.use[1], payload=args.use[2])
	
		#Use persist functions (Required args are add/remove, id, payload)
		elif scan_cmds[1] in args.use:
			if "add" in args.use:
				function(uac=False, persist=True, elevate=False, execute=False).run(id=args.use[2], payload=args.use[3], add=True)
			if "remove" in args.use:
				function(uac=False, persist=True, elevate=False, execute=False).run(id=args.use[2], payload=args.use[3], add=False)

		#Use elevate functions (Required args are id, payload)
		elif scan_cmds[2] in args.use:
			if int(args.use[1]):
				if str(args.use[2]):
					function(uac=False, persist=False, elevate=True, execute=False).run(id=args.use[1], payload=args.use[2])

		#Use execute functions (Required args are id, payload)
		elif scan_cmds[3] in args.use:
			if int(args.use[1]):
				if str(args.use[2]):
					function(uac=False, persist=False, elevate=False, execute=True).run(id=args.use[1], payload=args.use[2])
		else:
			print ("Unknown use args was passed")

if __name__ == '__main__':
	main()

@rootm0s
Copy link
Owner
rootm0s commented Apr 10, 2019

Small changes

from __future__ import print_function
from winpwnage.core.prints import print_info, print_error
from winpwnage.core.scanner import scanner, function
from winpwnage.core.utils import *
import argparse
import sys

print("""
        _
  _ _ _|_|___ ___ _ _ _ ___ ___ ___ ___
 | | | | |   | . | | | |   | .'| . | -_|
 |_____|_|_|_|  _|_____|_|_|__,|_  |___|
             |_|               |___|
""")

print_info("UAC level: {}".format(information().uac_level()))
print_info("Build number: {}".format(information().build_number()))
print_info("Running elevated: {}".format(information().admin()))
print_info("Python version: {}.{}.{}\n".format(*sys.version_info))


def main():
	scan_cmds = ["uac",
		        "persist",
			"elevate",
			"execute"]

	parser = argparse.ArgumentParser()
	parser.add_argument("-s", "--scan", nargs="+", required=False)
	parser.add_argument("-u", "--use", nargs="+", required=False)
	parser.add_argument("-i", "--id", nargs="+", required=False)
	parser.add_argument("-p", "--payload", nargs="+", required=False)
	parser.add_argument("-a", "--add", action="store_true", required=False)
	parser.add_argument("-r", "--remove", action="store_true", required=False)

	args = parser.parse_args()

	if args.scan:
		if scan_cmds[0] in args.scan:
			scanner(uac=True, persist=False, elevate=False, execute=False).start()
		elif scan_cmds[1] in args.scan:
			scanner(uac=False, persist=True, elevate=False, execute=False).start()
		elif scan_cmds[2] in args.scan:
			scanner(uac=False, persist=False, elevate=True, execute=False).start()
		elif scan_cmds[3] in args.scan:
			scanner(uac=False, persist=False, elevate=False, execute=True).start()
		else:
			parser.print_help()

	if args.use:
		if scan_cmds[0] in args.use:
			if args.id:
				if args.payload:
					function(uac=True, persist=False, elevate=False,
						execute=False).run(id=args.id[0], payload=args.payload[0])
		elif scan_cmds[1] in args.use:		
			if args.add:
				function(uac=False, persist=True, elevate=False,
						execute=False).run(id=args.id[0], payload=args.payload[0], add=True)							
			elif args.remove:
				function(uac=False, persist=True, elevate=False,
						execute=False).run(id=args.id[0], payload=args.payload[0], add=False)
		elif scan_cmds[2] in args.use:
			if args.id:
				if args.payload:
					function(uac=False, persist=False, elevate=True,
						execute=False).run(id=args.id[0], payload=args.payload[0])
		elif scan_cmds[3] in args.use:
			if args.id:
				if args.payload:
					function(uac=False, persist=False, elevate=False,
						execute=True).run(id=args.id[0], payload=args.payload[0])
		else:
			parser.print_help()

if __name__ == '__main__':
	main()

@cclauss
Copy link
Contributor Author
cclauss commented Apr 10, 2019
edited
Loading

I was thinking more like a git-style command line...

  • git remote add upstream

What text does command -h print out?

@cclauss
Copy link
Contributor Author
cclauss commented Apr 10, 2019

I kinda liked:

usage: argparse_hack.py [-h]
                        {scan,use} {uac,persist,elevate,execute}
                        [function_number] [target]

positional arguments:
  {scan,use}            'scan' shows information and 'use' applies a function
  {uac,persist,elevate,execute}
  function_number       'use' only: function ID in the function group
  target                'use' only: filepath to the target

optional arguments:
  -h, --help            show this help message and exit

@rootm0s
Copy link
Owner
rootm0s commented Apr 11, 2019
edited
Loading

I was thinking more like a git-style command line...

  • git remote add upstream

Right now it's designed like this:
python winpwnage.py --use uac --id 16 --payload c:\windows\system32\cmd.exe
python winpwnage.py --use persist --id 6 --payload c:\windows\system32\cmd.exe --add
python winpwnage.py --use persist --id 6 --payload c:\windows\system32\cmd.exe --remove

What text does command -h print out?

It doesn't print anything at the moment, I rarely think of "user-friendly" since I know how to use it lol.

@rootm0s rootm0s closed this as completed Apr 22, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@cclauss @rootm0s
0