From ac04c495f49a4116fd3c2d50cca0239b1244de84 Mon Sep 17 00:00:00 2001 From: mpgn Date: Mon, 11 Nov 2019 06:04:12 -0500 Subject: [PATCH 01/13] migration to python3 --- pywerview/cli/helpers.py | 371 ++++++++++++++++---------------- pywerview/cli/main.py | 2 +- pywerview/functions/gpo.py | 4 +- pywerview/functions/net.py | 4 +- pywerview/objects/rpcobjects.py | 2 +- pywerview/requester.py | 6 +- 6 files changed, 194 insertions(+), 195 deletions(-) diff --git a/pywerview/cli/helpers.py b/pywerview/cli/helpers.py index 4f531dc..c415e98 100644 --- a/pywerview/cli/helpers.py +++ b/pywerview/cli/helpers.py @@ -24,305 +24,304 @@ from pywerview.functions.hunting import UserHunter, ProcessHunter, EventHunter def get_adobject(domain_controller, domain, user, password=str(), - lmhash=str(), nthash=str(), queried_domain=str(), queried_sid=str(), - queried_name=str(), queried_sam_account_name=str(), ads_path=str(), - custom_filter=str()): + lmhash=str(), nthash=str(), queried_domain=str(), queried_sid=str(), + queried_name=str(), queried_sam_account_name=str(), ads_path=str(), + custom_filter=str()): requester = NetRequester(domain_controller, domain, user, password, - lmhash, nthash) + lmhash, nthash) return requester.get_adobject(queried_domain=queried_domain, - queried_sid=queried_sid, queried_name=queried_name, - queried_sam_account_name=queried_sam_account_name, - ads_path=ads_path, custom_filter=custom_filter) + queried_sid=queried_sid, queried_name=queried_name, + queried_sam_account_name=queried_sam_account_name, + ads_path=ads_path, custom_filter=custom_filter) def get_netuser(domain_controller, domain, user, password=str(), lmhash=str(), nthash=str(), queried_username=str(), queried_domain=str(), ads_path=str(), admin_count=False, spn=False, unconstrained=False, allow_delegation=False, preauth_notreq=False, custom_filter=str()): requester = NetRequester(domain_controller, domain, user, password, - lmhash, nthash) + lmhash, nthash) return requester.get_netuser(queried_username=queried_username, queried_domain=queried_domain, ads_path=ads_path, admin_count=admin_count, spn=spn, unconstrained=unconstrained, allow_delegation=allow_delegation, preauth_notreq=preauth_notreq, custom_filter=custom_filter) def get_netgroup(domain_controller, domain, user, password=str(), - lmhash=str(), nthash=str(), queried_groupname='*', queried_sid=str(), - queried_username=str(), queried_domain=str(), ads_path=str(), - admin_count=False, full_data=False, custom_filter=str()): + lmhash=str(), nthash=str(), queried_groupname='*', queried_sid=str(), + queried_username=str(), queried_domain=str(), ads_path=str(), + admin_count=False, full_data=False, custom_filter=str()): requester = NetRequester(domain_controller, domain, user, password, - lmhash, nthash) + lmhash, nthash) return requester.get_netgroup(queried_groupname=queried_groupname, - queried_sid=queried_sid, queried_username=queried_username, - queried_domain=queried_domain, ads_path=ads_path, admin_count=admin_count, - full_data=full_data, custom_filter=custom_filter) + queried_sid=queried_sid, queried_username=queried_username, + queried_domain=queried_domain, ads_path=ads_path, admin_count=admin_count, + full_data=full_data, custom_filter=custom_filter) def get_netcomputer(domain_controller, domain, user, password=str(), - lmhash=str(), nthash=str(), queried_computername='*', queried_spn=str(), - queried_os=str(), queried_sp=str(), queried_domain=str(), ads_path=str(), - printers=False, unconstrained=False, ping=False, full_data=False, - custom_filter=str()): + lmhash=str(), nthash=str(), queried_computername='*', queried_spn=str(), + queried_os=str(), queried_sp=str(), queried_domain=str(), ads_path=str(), + printers=False, unconstrained=False, ping=False, full_data=False, + custom_filter=str()): requester = NetRequester(domain_controller, domain, user, password, - lmhash, nthash) + lmhash, nthash) return requester.get_netcomputer(queried_computername=queried_computername, - queried_spn=queried_spn, queried_os=queried_os, queried_sp=queried_sp, - queried_domain=queried_domain, ads_path=ads_path, printers=printers, - unconstrained=unconstrained, ping=ping, full_data=full_data, - custom_filter=custom_filter) + queried_spn=queried_spn, queried_os=queried_os, queried_sp=queried_sp, + queried_domain=queried_domain, ads_path=ads_path, printers=printers, + unconstrained=unconstrained, ping=ping, full_data=full_data, + custom_filter=custom_filter) def get_netdomaincontroller(domain_controller, domain, user, password=str(), - lmhash=str(), nthash=str(), queried_domain=str()): + lmhash=str(), nthash=str(), queried_domain=str()): requester = NetRequester(domain_controller, domain, user, password, - lmhash, nthash) + lmhash, nthash) return requester.get_netdomaincontroller(queried_domain=queried_domain) def get_netfileserver(domain_controller, domain, user, password=str(), - lmhash=str(), nthash=str(), queried_domain=str(), target_users=list()): + lmhash=str(), nthash=str(), queried_domain=str(), target_users=list()): requester = NetRequester(domain_controller, domain, user, password, - lmhash, nthash) + lmhash, nthash) return requester.get_netfileserver(queried_domain=queried_domain, - target_users=target_users) + target_users=target_users) def get_dfsshare(domain_controller, domain, user, password=str(), - lmhash=str(), nthash=str(), version=['v1', 'v2'], queried_domain=str(), - ads_path=str()): + lmhash=str(), nthash=str(), version=['v1', 'v2'], queried_domain=str(), + ads_path=str()): requester = NetRequester(domain_controller, domain, user, password, - lmhash, nthash) + lmhash, nthash) return requester.get_dfsshare(version=version, queried_domain=queried_domain, ads_path=ads_path) def get_netou(domain_controller, domain, user, password=str(), lmhash=str(), - nthash=str(), queried_domain=str(), queried_ouname='*', queried_guid=str(), - ads_path=str(), full_data=False): + nthash=str(), queried_domain=str(), queried_ouname='*', queried_guid=str(), + ads_path=str(), full_data=False): requester = NetRequester(domain_controller, domain, user, password, - lmhash, nthash) + lmhash, nthash) return requester.get_netou(queried_domain=queried_domain, - queried_ouname=queried_ouname, queried_guid=queried_guid, ads_path=ads_path, - full_data=full_data) + queried_ouname=queried_ouname, queried_guid=queried_guid, ads_path=ads_path, + full_data=full_data) def get_netsite(domain_controller, domain, user, password=str(), lmhash=str(), - nthash=str(), queried_domain=str(), queried_sitename=str(), - queried_guid=str(), ads_path=str(), full_data=False): + nthash=str(), queried_domain=str(), queried_sitename=str(), + queried_guid=str(), ads_path=str(), full_data=False): requester = NetRequester(domain_controller, domain, user, password, - lmhash, nthash) + lmhash, nthash) return requester.get_netsite(queried_domain=queried_domain, - queried_sitename=queried_sitename, queried_guid=queried_guid, - ads_path=ads_path, full_data=full_data) + queried_sitename=queried_sitename, queried_guid=queried_guid, + ads_path=ads_path, full_data=full_data) def get_netsubnet(domain_controller, domain, user, password=str(), - lmhash=str(), nthash=str(), queried_domain=str(), queried_sitename=str(), - ads_path=str(), full_data=False): + lmhash=str(), nthash=str(), queried_domain=str(), queried_sitename=str(), + ads_path=str(), full_data=False): requester = NetRequester(domain_controller, domain, user, password, - lmhash, nthash) + lmhash, nthash) return requester.get_netsubnet(queried_domain=queried_domain, - queried_sitename=queried_sitename, ads_path=ads_path, full_data=full_data) + queried_sitename=queried_sitename, ads_path=ads_path, full_data=full_data) def get_netdomaintrust(domain_controller, domain, user, password=str(), - lmhash=str(), nthash=str(), queried_domain=str()): + lmhash=str(), nthash=str(), queried_domain=str()): requester = NetRequester(domain_controller, domain, user, password, - lmhash, nthash) + lmhash, nthash) return requester.get_netdomaintrust(queried_domain=queried_domain) def get_netgroupmember(domain_controller, domain, user, password=str(), - lmhash=str(), nthash=str(), queried_groupname=str(), queried_sid=str(), - queried_domain=str(), ads_path=str(), recurse=False, use_matching_rule=False, - full_data=False, custom_filter=str()): + lmhash=str(), nthash=str(), queried_groupname=str(), queried_sid=str(), + queried_domain=str(), ads_path=str(), recurse=False, use_matching_rule=False, + full_data=False, custom_filter=str()): requester = NetRequester(domain_controller, domain, user, password, - lmhash, nthash) + lmhash, nthash) return requester.get_netgroupmember(queried_groupname=queried_groupname, - queried_sid=queried_sid, queried_domain=queried_domain, - ads_path=ads_path, recurse=recurse, - use_matching_rule=use_matching_rule, - full_data=full_data, custom_filter=custom_filter) + queried_sid=queried_sid, queried_domain=queried_domain, + ads_path=ads_path, recurse=recurse, + use_matching_rule=use_matching_rule, + full_data=full_data, custom_filter=custom_filter) def get_netsession(target_computername, domain, user, password=str(), - lmhash=str(), nthash=str()): + lmhash=str(), nthash=str()): requester = NetRequester(target_computername, domain, user, password, - lmhash, nthash) + lmhash, nthash) return requester.get_netsession() def get_netshare(target_computername, domain, user, password=str(), - lmhash=str(), nthash=str()): + lmhash=str(), nthash=str()): requester = NetRequester(target_computername, domain, user, password, - lmhash, nthash) + lmhash, nthash) return requester.get_netshare() def get_localdisks(target_computername, domain, user, password=str(), - lmhash=str(), nthash=str()): + lmhash=str(), nthash=str()): requester = NetRequester(target_computername, domain, user, password, - lmhash, nthash) + lmhash, nthash) return requester.get_localdisks() def get_netdomain(domain_controller, domain, user, password=str(), - lmhash=str(), nthash=str()): + lmhash=str(), nthash=str()): requester = NetRequester(domain_controller, domain, user, password, - lmhash, nthash) + lmhash, nthash) return requester.get_netdomain() def get_netloggedon(target_computername, domain, user, password=str(), - lmhash=str(), nthash=str()): + lmhash=str(), nthash=str()): requester = NetRequester(target_computername, domain, user, password, - lmhash, nthash) + lmhash, nthash) return requester.get_netloggedon() def get_netlocalgroup(target_computername, domain_controller, domain, user, - password=str(), lmhash=str(), nthash=str(), queried_groupname=str(), - list_groups=False, recurse=False): + password=str(), lmhash=str(), nthash=str(), queried_groupname=str(), + list_groups=False, recurse=False): requester = NetRequester(target_computername, domain, user, password, - lmhash, nthash, domain_controller) + lmhash, nthash, domain_controller) return requester.get_netlocalgroup(queried_groupname=queried_groupname, - list_groups=list_groups, recurse=recurse) + list_groups=list_groups, recurse=recurse) def get_netprocess(target_computername, domain, user, password=str(), - lmhash=str(), nthash=str()): + lmhash=str(), nthash=str()): requester = NetRequester(target_computername, domain, user, password, - lmhash, nthash) + lmhash, nthash) return requester.get_netprocess() def get_userevent(target_computername, domain, user, password=str(), - lmhash=str(), nthash=str(), event_type=['logon', 'tgt'], - date_start=5): + lmhash=str(), nthash=str(), event_type=['logon', 'tgt'], + date_start=5): requester = NetRequester(target_computername, domain, user, password, - lmhash, nthash) + lmhash, nthash) return requester.get_userevent(event_type=event_type, - date_start=date_start) + date_start=date_start) def get_netgpo(domain_controller, domain, user, password=str(), - lmhash=str(), nthash=str(), queried_gponame='*', - queried_displayname=str(), queried_domain=str(), ads_path=str()): + lmhash=str(), nthash=str(), queried_gponame='*', + queried_displayname=str(), queried_domain=str(), ads_path=str()): requester = GPORequester(domain_controller, domain, user, password, - lmhash, nthash) - return requester.get_netgpo(queried_gponame=queried_gponame, - queried_displayname=queried_displayname, - queried_domain=queried_domain, ads_path=ads_path) + lmhash, nthash) + return requester.get_netgpo(queried_gponame=queried_gponame, + queried_displayname=queried_displayname, + queried_domain=queried_domain, ads_path=ads_path) def get_domainpolicy(domain_controller, domain, user, password=str(), - lmhash=str(), nthash=str(), source='domain', queried_domain=str(), - resolve_sids=False): + lmhash=str(), nthash=str(), source='domain', queried_domain=str(), + resolve_sids=False): requester = GPORequester(domain_controller, domain, user, password, - lmhash, nthash) + lmhash, nthash) - return requester.get_domainpolicy(source=source, queried_domain=queried_domain, - resolve_sids=resolve_sids) + return requester.get_domainpolicy(source=source, queried_domain=queried_domain, + resolve_sids=resolve_sids) def get_gpttmpl(gpttmpl_path, domain_controller, domain, user, password=str(), lmhash=str(), - nthash=str()): + nthash=str()): requester = GPORequester(domain_controller, domain, user, password, - lmhash, nthash) + lmhash, nthash) - return requester.get_gpttmpl(gpttmpl_path) + return requester.get_gpttmpl(gpttmpl_path) def get_netgpogroup(domain_controller, domain, user, password=str(), lmhash=str(), - nthash=str(), queried_gponame='*', queried_displayname=str(), - queried_domain=str(), ads_path=str(), resolve_sids=False): + nthash=str(), queried_gponame='*', queried_displayname=str(), + queried_domain=str(), ads_path=str(), resolve_sids=False): requester = GPORequester(domain_controller, domain, user, password, - lmhash, nthash) + lmhash, nthash) - return requester.get_netgpogroup(queried_gponame=queried_gponame, - queried_displayname=queried_displayname, - queried_domain=queried_domain, - ads_path=ads_path, - resolve_sids=resolve_sids) + return requester.get_netgpogroup(queried_gponame=queried_gponame, + queried_displayname=queried_displayname, + queried_domain=queried_domain, + ads_path=ads_path, + resolve_sids=resolve_sids) def find_gpocomputeradmin(domain_controller, domain, user, password=str(), lmhash=str(), - nthash=str(), queried_computername=str(), - queried_ouname=str(), queried_domain=str(), - recurse=False): + nthash=str(), queried_computername=str(), + queried_ouname=str(), queried_domain=str(), + recurse=False): requester = GPORequester(domain_controller, domain, user, password, - lmhash, nthash) + lmhash, nthash) - return requester.find_gpocomputeradmin(queried_computername=queried_computername, - queried_ouname=queried_ouname, - queried_domain=queried_domain, - recurse=recurse) + return requester.find_gpocomputeradmin(queried_computername=queried_computername, + queried_ouname=queried_ouname, + queried_domain=queried_domain, + recurse=recurse) def find_gpolocation(domain_controller, domain, user, password=str(), lmhash=str(), - nthash=str(), queried_username=str(), queried_groupname=str(), - queried_localgroup=str(), queried_domain=str()): + nthash=str(), queried_username=str(), queried_groupname=str(), + queried_localgroup=str(), queried_domain=str()): requester = GPORequester(domain_controller, domain, user, password, - lmhash, nthash) - - return requester.find_gpolocation(queried_username=queried_username, - queried_groupname=queried_groupname, - queried_localgroup=queried_localgroup, - queried_domain=queried_domain) + lmhash, nthash) + return requester.find_gpolocation(queried_username=queried_username, + queried_groupname=queried_groupname, + queried_localgroup=queried_localgroup, + queried_domain=queried_domain) def invoke_checklocaladminaccess(target_computername, domain, user, password=str(), - lmhash=str(), nthash=str()): - misc = Misc(target_computername, domain, user, password, lmhash, nthash) + lmhash=str(), nthash=str()): + misc = Misc(target_computername, domain, user, password, lmhash, nthash) - return misc.invoke_checklocaladminaccess() + return misc.invoke_checklocaladminaccess() def invoke_userhunter(domain_controller, domain, user, password=str(), - lmhash=str(), nthash=str(), queried_computername=list(), - queried_computerfile=None, queried_computerfilter=str(), - queried_computeradspath=str(), unconstrained=False, - queried_groupname=str(), target_server=str(), - queried_username=str(), queried_useradspath=str(), - queried_userfilter=str(), queried_userfile=None, - threads=1, admin_count=False, allow_delegation=False, - stop_on_success=False, check_access=False, queried_domain=str(), - stealth=False, stealth_source=['dfs', 'dc', 'file'], - show_all=False, foreign_users=False): - user_hunter = UserHunter(domain_controller, domain, user, password, - lmhash, nthash) - - return user_hunter.invoke_userhunter(queried_computername=queried_computername, - queried_computerfile=queried_computerfile, - queried_computerfilter=queried_computerfilter, - queried_computeradspath=queried_computeradspath, - unconstrained=unconstrained, queried_groupname=queried_groupname, - target_server=target_server, queried_username=queried_username, - queried_userfilter=queried_userfilter, - queried_useradspath=queried_useradspath, queried_userfile=queried_userfile, - threads=threads, admin_count=admin_count, - allow_delegation=allow_delegation, stop_on_success=stop_on_success, - check_access=check_access, queried_domain=queried_domain, stealth=stealth, - stealth_source=stealth_source, show_all=show_all, - foreign_users=foreign_users) + lmhash=str(), nthash=str(), queried_computername=list(), + queried_computerfile=None, queried_computerfilter=str(), + queried_computeradspath=str(), unconstrained=False, + queried_groupname=str(), target_server=str(), + queried_username=str(), queried_useradspath=str(), + queried_userfilter=str(), queried_userfile=None, + threads=1, admin_count=False, allow_delegation=False, + stop_on_success=False, check_access=False, queried_domain=str(), + stealth=False, stealth_source=['dfs', 'dc', 'file'], + show_all=False, foreign_users=False): + user_hunter = UserHunter(domain_controller, domain, user, password, + lmhash, nthash) + + return user_hunter.invoke_userhunter(queried_computername=queried_computername, + queried_computerfile=queried_computerfile, + queried_computerfilter=queried_computerfilter, + queried_computeradspath=queried_computeradspath, + unconstrained=unconstrained, queried_groupname=queried_groupname, + target_server=target_server, queried_username=queried_username, + queried_userfilter=queried_userfilter, + queried_useradspath=queried_useradspath, queried_userfile=queried_userfile, + threads=threads, admin_count=admin_count, + allow_delegation=allow_delegation, stop_on_success=stop_on_success, + check_access=check_access, queried_domain=queried_domain, stealth=stealth, + stealth_source=stealth_source, show_all=show_all, + foreign_users=foreign_users) def invoke_processhunter(domain_controller, domain, user, password=str(), - lmhash=str(), nthash=str(), queried_computername=list(), - queried_computerfile=None, queried_computerfilter=str(), - queried_computeradspath=str(), queried_processname=list(), - queried_groupname=str(), target_server=str(), - queried_username=str(), queried_useradspath=str(), - queried_userfilter=str(), queried_userfile=None, threads=1, - stop_on_success=False, queried_domain=str(), show_all=False): - process_hunter = ProcessHunter(domain_controller, domain, user, password, - lmhash, nthash) - - return process_hunter.invoke_processhunter(queried_computername=queried_computername, - queried_computerfile=queried_computerfile, - queried_computerfilter=queried_computerfilter, - queried_computeradspath=queried_computeradspath, - queried_processname=queried_processname, - queried_groupname=queried_groupname, - target_server=target_server, queried_username=queried_username, - queried_userfilter=queried_userfilter, - queried_useradspath=queried_useradspath, queried_userfile=queried_userfile, - threads=threads, stop_on_success=stop_on_success, - queried_domain=queried_domain, show_all=show_all) + lmhash=str(), nthash=str(), queried_computername=list(), + queried_computerfile=None, queried_computerfilter=str(), + queried_computeradspath=str(), queried_processname=list(), + queried_groupname=str(), target_server=str(), + queried_username=str(), queried_useradspath=str(), + queried_userfilter=str(), queried_userfile=None, threads=1, + stop_on_success=False, queried_domain=str(), show_all=False): + process_hunter = ProcessHunter(domain_controller, domain, user, password, + lmhash, nthash) + + return process_hunter.invoke_processhunter(queried_computername=queried_computername, + queried_computerfile=queried_computerfile, + queried_computerfilter=queried_computerfilter, + queried_computeradspath=queried_computeradspath, + queried_processname=queried_processname, + queried_groupname=queried_groupname, + target_server=target_server, queried_username=queried_username, + queried_userfilter=queried_userfilter, + queried_useradspath=queried_useradspath, queried_userfile=queried_userfile, + threads=threads, stop_on_success=stop_on_success, + queried_domain=queried_domain, show_all=show_all) def invoke_eventhunter(domain_controller, domain, user, password=str(), - lmhash=str(), nthash=str(), queried_computername=list(), - queried_computerfile=None, queried_computerfilter=str(), - queried_computeradspath=str(), queried_groupname=str(), - target_server=str(), queried_username=str(), - queried_useradspath=str(), queried_userfilter=str(), - queried_userfile=None, threads=1, queried_domain=str(), - search_days=3): - event_hunter = EventHunter(domain_controller, domain, user, password, - lmhash, nthash) - - return event_hunter.invoke_eventhunter(queried_computername=queried_computername, - queried_computerfile=queried_computerfile, - queried_computerfilter=queried_computerfilter, - queried_computeradspath=queried_computeradspath, - queried_groupname=queried_groupname, - target_server=target_server, - queried_userfilter=queried_userfilter, - queried_username=queried_username, - queried_useradspath=queried_useradspath, - queried_userfile=queried_userfile, - search_days=search_days, - threads=threads, queried_domain=queried_domain) + lmhash=str(), nthash=str(), queried_computername=list(), + queried_computerfile=None, queried_computerfilter=str(), + queried_computeradspath=str(), queried_groupname=str(), + target_server=str(), queried_username=str(), + queried_useradspath=str(), queried_userfilter=str(), + queried_userfile=None, threads=1, queried_domain=str(), + search_days=3): + event_hunter = EventHunter(domain_controller, domain, user, password, + lmhash, nthash) + + return event_hunter.invoke_eventhunter(queried_computername=queried_computername, + queried_computerfile=queried_computerfile, + queried_computerfilter=queried_computerfilter, + queried_computeradspath=queried_computeradspath, + queried_groupname=queried_groupname, + target_server=target_server, + queried_userfilter=queried_userfilter, + queried_username=queried_username, + queried_useradspath=queried_useradspath, + queried_userfile=queried_userfile, + search_days=search_days, + threads=threads, queried_domain=queried_domain) diff --git a/pywerview/cli/main.py b/pywerview/cli/main.py index 7be1663..8ebc55d 100644 --- a/pywerview/cli/main.py +++ b/pywerview/cli/main.py @@ -450,7 +450,7 @@ def main(): args.password = getpass('Password:') parsed_args = dict() - for k, v in vars(args).iteritems(): + for k, v in vars(args).items(): if k not in ('func', 'hashes'): parsed_args[k] = v diff --git a/pywerview/functions/gpo.py b/pywerview/functions/gpo.py index 005967d..8415c11 100644 --- a/pywerview/functions/gpo.py +++ b/pywerview/functions/gpo.py @@ -19,7 +19,7 @@ import codecs from bs4 import BeautifulSoup -from StringIO import StringIO +from io import StringIO from impacket.smbconnection import SMBConnection, SessionError @@ -438,7 +438,7 @@ def find_gpolocation(self, queried_username=str(), queried_groupname=str(), try: member = net_requester.get_adobject(queried_sam_account_name=member, queried_domain=queried_domain)[0].objectsid - except IndexError, AttributeError: + except (IndexError, AttributeError): continue if (member.upper() in target_sid) or (member.lower() in target_sid): if (local_sid.upper() in gpo_group.memberof) or \ diff --git a/pywerview/functions/net.py b/pywerview/functions/net.py index dd4aa56..b7d82e1 100644 --- a/pywerview/functions/net.py +++ b/pywerview/functions/net.py @@ -672,7 +672,7 @@ def get_netprocess(self): result_process = rpcobj.Process(attributes) yield result_process - except Exception, e: + except Exception as e: if str(e).find('S_FALSE') < 0: raise e else: @@ -721,7 +721,7 @@ def get_userevent(self, event_type=['logon', 'tgt'], date_start=5): 'id': wmi_event_type} result_event = rpcobj.Event(attributes) yield result_event - except Exception, e: + except Exception as e: if str(e).find('S_FALSE') < 0: raise e else: diff --git a/pywerview/objects/rpcobjects.py b/pywerview/objects/rpcobjects.py index ebe64ca..482fa27 100644 --- a/pywerview/objects/rpcobjects.py +++ b/pywerview/objects/rpcobjects.py @@ -40,7 +40,7 @@ def add_attributes(self, attributes): value = value.rstrip('\x00') if isinstance(value, str): try: - value = value.decode('utf-8') + value = value except UnicodeDecodeError: pass diff --git a/pywerview/requester.py b/pywerview/requester.py index 343a798..802dd86 100644 --- a/pywerview/requester.py +++ b/pywerview/requester.py @@ -84,7 +84,7 @@ def _create_ldap_connection(self, queried_domain=str(), ads_path=str(), base_dn, self._domain_controller) ldap_connection.login(self._user, self._password, self._domain, self._lmhash, self._nthash) - except ldap.LDAPSessionError, e: + except ldap.LDAPSessionError as e: if str(e).find('strongerAuthRequired') >= 0: # We need to try SSL ldap_connection = ldap.LDAPConnection('ldaps://{}'.format(self._domain_controller), @@ -93,7 +93,7 @@ def _create_ldap_connection(self, queried_domain=str(), ads_path=str(), self._lmhash, self._nthash) else: raise e - except socket.error, e: + except socket.error as e: return self._ldap_connection = ldap_connection @@ -273,7 +273,7 @@ def __init__(self, target_computer, domain=str(), user=(), password=str(), def __enter__(self): try: LDAPRequester.__enter__(self) - except socket.error, IndexError: + except (socket.error, IndexError): pass # This should work every time RPCRequester.__enter__(self) From 2156da6431b278bc60f22cf4b66bd671f7d0a0fe Mon Sep 17 00:00:00 2001 From: mpgn Date: Mon, 11 Nov 2019 06:15:05 -0500 Subject: [PATCH 02/13] Fix printing and xrange for python3 --- pywerview/cli/main.py | 6 +++--- pywerview/functions/hunting.py | 2 +- pywerview/objects/adobjects.py | 2 +- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/pywerview/cli/main.py b/pywerview/cli/main.py index 8ebc55d..96208ff 100644 --- a/pywerview/cli/main.py +++ b/pywerview/cli/main.py @@ -464,9 +464,9 @@ def main(): try: for x in results: x = str(x) - print x + print(x) if '\n' in x: - print '' + print('') except TypeError: - print results + print(results) diff --git a/pywerview/functions/hunting.py b/pywerview/functions/hunting.py index 864984f..3fa1dc9 100644 --- a/pywerview/functions/hunting.py +++ b/pywerview/functions/hunting.py @@ -136,7 +136,7 @@ def _build_target_users(self, queried_groupname=str(), target_server=str(), raise ValueError('No users to search for') def _build_workers(self, threads, worker_class, worker_args): - for i in xrange(threads): + for i in range(threads): parent_pipe, worker_pipe = multiprocessing.Pipe() self._parent_pipes.append(parent_pipe) worker = worker_class(worker_pipe, self._domain, self._user, diff --git a/pywerview/objects/adobjects.py b/pywerview/objects/adobjects.py index 8c69e7a..d63dc40 100644 --- a/pywerview/objects/adobjects.py +++ b/pywerview/objects/adobjects.py @@ -61,7 +61,7 @@ def add_attributes(self, attributes): value = str(attr['vals'][0]).encode('hex') init_value = str(attr['vals'][0]) value = 'S-1-5' - for i in xrange(8, len(init_value), 4): + for i in range(8, len(init_value), 4): value += '-{}'.format(str(struct.unpack(' Date: Tue, 12 Nov 2019 14:18:02 -0500 Subject: [PATCH 03/13] Fix bytes<->str problems on adobject class --- pywerview/objects/adobjects.py | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/pywerview/objects/adobjects.py b/pywerview/objects/adobjects.py index d63dc40..33254df 100644 --- a/pywerview/objects/adobjects.py +++ b/pywerview/objects/adobjects.py @@ -21,6 +21,8 @@ import inspect import struct import pyasn1 +import codecs +import binascii class ADObject: __uac_flags = {0x0000001: 'SCRIPT', @@ -58,19 +60,19 @@ def add_attributes(self, attributes): elif t in ('trustattributes', 'trustdirection', 'trusttype'): value = int(attr['vals'][0]) elif t in ('objectsid', 'ms-ds-creatorsid'): - value = str(attr['vals'][0]).encode('hex') - init_value = str(attr['vals'][0]) + value = binascii.hexlify(bytes(attr['vals'][0])) + init_value = bytes(attr['vals'][0]) value = 'S-1-5' for i in range(8, len(init_value), 4): value += '-{}'.format(str(struct.unpack(' Date: Wed, 13 Nov 2019 08:25:16 -0500 Subject: [PATCH 04/13] Fix encoding problem thx to @ThePirateWhoSmellsOfSunflowers --- pywerview/objects/adobjects.py | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pywerview/objects/adobjects.py b/pywerview/objects/adobjects.py index 33254df..fd24980 100644 --- a/pywerview/objects/adobjects.py +++ b/pywerview/objects/adobjects.py @@ -106,7 +106,7 @@ def __str__(self): for member in members: if not member[0].startswith('_'): if member[0] == 'msmqdigests': - member_value = (',\n' + ' ' * (max_length + 2)).join(x.encode('hex') for x in member[1]) + member_value = (',\n' + ' ' * (max_length + 2)).join(codecs.encode(x,'hex') for x in member[1]) elif member[0] == 'useraccountcontrol': member_value = list() for uac_flag, uac_label in ADObject.__uac_flags.items(): @@ -118,7 +118,7 @@ def __str__(self): elif member[0] in ('usercertificate', 'protocom-sso-entries', 'protocom-sso-security-prefs',): member_value = (',\n' + ' ' * (max_length + 2)).join( - '{}...'.format(x.encode('hex')[:100]) for x in member[1]) + '{}...'.format(codecs.encode(x,'hex'))[:100]) for x in member[1]) else: member_value = (',\n' + ' ' * (max_length + 2)).join(str(x) for x in member[1]) elif member[0] in('msmqsigncertificates', 'userparameters', @@ -127,7 +127,7 @@ def __str__(self): 'msrtcsip-userroutinggroupid', 'msexchumpinchecksum', 'protocom-sso-auth-data', 'protocom-sso-entries-checksum', 'protocom-sso-security-prefs-checksum', ): - member_value = '{}...'.format(member[1].encode('hex')[:100]) + member_value = '{}...'.format(codecs.encode(member[1]'hex'))[:100]) else: member_value = member[1] s += '{}: {}{}\n'.format(member[0], ' ' * (max_length - len(member[0])), member_value) From b3efcda316a7511f286730d2904bf112e0dc4e1e Mon Sep 17 00:00:00 2001 From: mpgn Date: Wed, 13 Nov 2019 08:28:38 -0500 Subject: [PATCH 05/13] Fix parenthesis problem --- pywerview/objects/adobjects.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pywerview/objects/adobjects.py b/pywerview/objects/adobjects.py index fd24980..57881e9 100644 --- a/pywerview/objects/adobjects.py +++ b/pywerview/objects/adobjects.py @@ -118,7 +118,7 @@ def __str__(self): elif member[0] in ('usercertificate', 'protocom-sso-entries', 'protocom-sso-security-prefs',): member_value = (',\n' + ' ' * (max_length + 2)).join( - '{}...'.format(codecs.encode(x,'hex'))[:100]) for x in member[1]) + '{}...'.format(codecs.encode(x,'hex')[:100]) for x in member[1]) else: member_value = (',\n' + ' ' * (max_length + 2)).join(str(x) for x in member[1]) elif member[0] in('msmqsigncertificates', 'userparameters', @@ -127,7 +127,7 @@ def __str__(self): 'msrtcsip-userroutinggroupid', 'msexchumpinchecksum', 'protocom-sso-auth-data', 'protocom-sso-entries-checksum', 'protocom-sso-security-prefs-checksum', ): - member_value = '{}...'.format(codecs.encode(member[1]'hex'))[:100]) + member_value = '{}...'.format(codecs.encode(member[1]'hex')[:100]) else: member_value = member[1] s += '{}: {}{}\n'.format(member[0], ' ' * (max_length - len(member[0])), member_value) From 7a505f5aa2a113a2a681592c62777f4c18795889 Mon Sep 17 00:00:00 2001 From: mpgn Date: Wed, 13 Nov 2019 09:14:06 -0500 Subject: [PATCH 06/13] Codecs with bytes not str --- pywerview/objects/adobjects.py | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/pywerview/objects/adobjects.py b/pywerview/objects/adobjects.py index 57881e9..d84e2af 100644 --- a/pywerview/objects/adobjects.py +++ b/pywerview/objects/adobjects.py @@ -22,7 +22,6 @@ import struct import pyasn1 import codecs -import binascii class ADObject: __uac_flags = {0x0000001: 'SCRIPT', @@ -60,7 +59,7 @@ def add_attributes(self, attributes): elif t in ('trustattributes', 'trustdirection', 'trusttype'): value = int(attr['vals'][0]) elif t in ('objectsid', 'ms-ds-creatorsid'): - value = binascii.hexlify(bytes(attr['vals'][0])) + value = codecs.encode(bytes(attr['vals'][0]),'hex') init_value = bytes(attr['vals'][0]) value = 'S-1-5' for i in range(8, len(init_value), 4): @@ -106,7 +105,7 @@ def __str__(self): for member in members: if not member[0].startswith('_'): if member[0] == 'msmqdigests': - member_value = (',\n' + ' ' * (max_length + 2)).join(codecs.encode(x,'hex') for x in member[1]) + member_value = (',\n' + ' ' * (max_length + 2)).join(codecs.encode(bytes(x),'hex') for x in member[1]) elif member[0] == 'useraccountcontrol': member_value = list() for uac_flag, uac_label in ADObject.__uac_flags.items(): @@ -118,7 +117,7 @@ def __str__(self): elif member[0] in ('usercertificate', 'protocom-sso-entries', 'protocom-sso-security-prefs',): member_value = (',\n' + ' ' * (max_length + 2)).join( - '{}...'.format(codecs.encode(x,'hex')[:100]) for x in member[1]) + '{}...'.format(codecs.encode(bytes(x),'hex')[:100]) for x in member[1]) else: member_value = (',\n' + ' ' * (max_length + 2)).join(str(x) for x in member[1]) elif member[0] in('msmqsigncertificates', 'userparameters', @@ -127,7 +126,7 @@ def __str__(self): 'msrtcsip-userroutinggroupid', 'msexchumpinchecksum', 'protocom-sso-auth-data', 'protocom-sso-entries-checksum', 'protocom-sso-security-prefs-checksum', ): - member_value = '{}...'.format(codecs.encode(member[1]'hex')[:100]) + member_value = '{}...'.format(codecs.encode(bytes(member[1]),'hex')[:100]) else: member_value = member[1] s += '{}: {}{}\n'.format(member[0], ' ' * (max_length - len(member[0])), member_value) From a18d43cbbc22d7485fe62a35715d91e0014023f6 Mon Sep 17 00:00:00 2001 From: mpgn Date: Wed, 13 Nov 2019 11:22:24 -0500 Subject: [PATCH 07/13] Trying to fix encode error --- pywerview/objects/adobjects.py | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pywerview/objects/adobjects.py b/pywerview/objects/adobjects.py index d84e2af..00c1b61 100644 --- a/pywerview/objects/adobjects.py +++ b/pywerview/objects/adobjects.py @@ -105,7 +105,7 @@ def __str__(self): for member in members: if not member[0].startswith('_'): if member[0] == 'msmqdigests': - member_value = (',\n' + ' ' * (max_length + 2)).join(codecs.encode(bytes(x),'hex') for x in member[1]) + member_value = (',\n' + ' ' * (max_length + 2)).join(codecs.encode(bytes(x, encoding='utf8'),'hex') for x in member[1]) elif member[0] == 'useraccountcontrol': member_value = list() for uac_flag, uac_label in ADObject.__uac_flags.items(): @@ -117,7 +117,7 @@ def __str__(self): elif member[0] in ('usercertificate', 'protocom-sso-entries', 'protocom-sso-security-prefs',): member_value = (',\n' + ' ' * (max_length + 2)).join( - '{}...'.format(codecs.encode(bytes(x),'hex')[:100]) for x in member[1]) + '{}...'.format(codecs.encode(bytes(x, encoding='utf8'),'hex')[:100]) for x in member[1]) else: member_value = (',\n' + ' ' * (max_length + 2)).join(str(x) for x in member[1]) elif member[0] in('msmqsigncertificates', 'userparameters', @@ -126,7 +126,7 @@ def __str__(self): 'msrtcsip-userroutinggroupid', 'msexchumpinchecksum', 'protocom-sso-auth-data', 'protocom-sso-entries-checksum', 'protocom-sso-security-prefs-checksum', ): - member_value = '{}...'.format(codecs.encode(bytes(member[1]),'hex')[:100]) + member_value = '{}...'.format(codecs.encode(bytes(member[1], encoding='utf8'),'hex')[:100]) else: member_value = member[1] s += '{}: {}{}\n'.format(member[0], ' ' * (max_length - len(member[0])), member_value) From ccd6206a2656d3de396b411da10e9af4a5d8bbf9 Mon Sep 17 00:00:00 2001 From: mpgn Date: Thu, 14 Nov 2019 05:11:36 -0500 Subject: [PATCH 08/13] Fix bytes encode error --- pywerview/objects/adobjects.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pywerview/objects/adobjects.py b/pywerview/objects/adobjects.py index 00c1b61..aec8771 100644 --- a/pywerview/objects/adobjects.py +++ b/pywerview/objects/adobjects.py @@ -105,7 +105,7 @@ def __str__(self): for member in members: if not member[0].startswith('_'): if member[0] == 'msmqdigests': - member_value = (',\n' + ' ' * (max_length + 2)).join(codecs.encode(bytes(x, encoding='utf8'),'hex') for x in member[1]) + member_value = (b',\n' + b' ' * (max_length + 2)).join(codecs.encode(bytes(x, encoding='utf8'),'hex') for x in member[1]) elif member[0] == 'useraccountcontrol': member_value = list() for uac_flag, uac_label in ADObject.__uac_flags.items(): From 830d46e2c639faaa0776a445859c87a1911151b9 Mon Sep 17 00:00:00 2001 From: mpgn Date: Thu, 14 Nov 2019 05:56:25 -0500 Subject: [PATCH 09/13] Remove codecs encoding --- pywerview/objects/adobjects.py | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pywerview/objects/adobjects.py b/pywerview/objects/adobjects.py index aec8771..385117c 100644 --- a/pywerview/objects/adobjects.py +++ b/pywerview/objects/adobjects.py @@ -105,7 +105,7 @@ def __str__(self): for member in members: if not member[0].startswith('_'): if member[0] == 'msmqdigests': - member_value = (b',\n' + b' ' * (max_length + 2)).join(codecs.encode(bytes(x, encoding='utf8'),'hex') for x in member[1]) + member_value = (',\n' + ' ' * (max_length + 2)).join(x.encode('utf-8').hex() for x in member[1]) elif member[0] == 'useraccountcontrol': member_value = list() for uac_flag, uac_label in ADObject.__uac_flags.items(): @@ -117,7 +117,7 @@ def __str__(self): elif member[0] in ('usercertificate', 'protocom-sso-entries', 'protocom-sso-security-prefs',): member_value = (',\n' + ' ' * (max_length + 2)).join( - '{}...'.format(codecs.encode(bytes(x, encoding='utf8'),'hex')[:100]) for x in member[1]) + '{}...'.format(x.encode('utf-8').hex()[:100]) for x in member[1]) else: member_value = (',\n' + ' ' * (max_length + 2)).join(str(x) for x in member[1]) elif member[0] in('msmqsigncertificates', 'userparameters', @@ -126,7 +126,7 @@ def __str__(self): 'msrtcsip-userroutinggroupid', 'msexchumpinchecksum', 'protocom-sso-auth-data', 'protocom-sso-entries-checksum', 'protocom-sso-security-prefs-checksum', ): - member_value = '{}...'.format(codecs.encode(bytes(member[1], encoding='utf8'),'hex')[:100]) + member_value = '{}...'.format(member[1].encode('utf-8').hex()[:100]) else: member_value = member[1] s += '{}: {}{}\n'.format(member[0], ' ' * (max_length - len(member[0])), member_value) From 0e18889e0961baaa16ca9e5532f9ac472cc73777 Mon Sep 17 00:00:00 2001 From: mpgn Date: Fri, 15 Nov 2019 02:18:03 -0500 Subject: [PATCH 10/13] Convert tab to space --- pywerview/cli/helpers.py | 462 +++++++++++++++++++-------------------- 1 file changed, 231 insertions(+), 231 deletions(-) diff --git a/pywerview/cli/helpers.py b/pywerview/cli/helpers.py index c415e98..b74f520 100644 --- a/pywerview/cli/helpers.py +++ b/pywerview/cli/helpers.py @@ -24,304 +24,304 @@ from pywerview.functions.hunting import UserHunter, ProcessHunter, EventHunter def get_adobject(domain_controller, domain, user, password=str(), - lmhash=str(), nthash=str(), queried_domain=str(), queried_sid=str(), - queried_name=str(), queried_sam_account_name=str(), ads_path=str(), - custom_filter=str()): - requester = NetRequester(domain_controller, domain, user, password, - lmhash, nthash) - return requester.get_adobject(queried_domain=queried_domain, - queried_sid=queried_sid, queried_name=queried_name, - queried_sam_account_name=queried_sam_account_name, - ads_path=ads_path, custom_filter=custom_filter) + lmhash=str(), nthash=str(), queried_domain=str(), queried_sid=str(), + queried_name=str(), queried_sam_account_name=str(), ads_path=str(), + custom_filter=str()): + requester = NetRequester(domain_controller, domain, user, password, + lmhash, nthash) + return requester.get_adobject(queried_domain=queried_domain, + queried_sid=queried_sid, queried_name=queried_name, + queried_sam_account_name=queried_sam_account_name, + ads_path=ads_path, custom_filter=custom_filter) def get_netuser(domain_controller, domain, user, password=str(), lmhash=str(), nthash=str(), queried_username=str(), queried_domain=str(), ads_path=str(), admin_count=False, spn=False, unconstrained=False, allow_delegation=False, preauth_notreq=False, custom_filter=str()): - requester = NetRequester(domain_controller, domain, user, password, - lmhash, nthash) - return requester.get_netuser(queried_username=queried_username, + requester = NetRequester(domain_controller, domain, user, password, + lmhash, nthash) + return requester.get_netuser(queried_username=queried_username, queried_domain=queried_domain, ads_path=ads_path, admin_count=admin_count, spn=spn, unconstrained=unconstrained, allow_delegation=allow_delegation, preauth_notreq=preauth_notreq, custom_filter=custom_filter) def get_netgroup(domain_controller, domain, user, password=str(), - lmhash=str(), nthash=str(), queried_groupname='*', queried_sid=str(), - queried_username=str(), queried_domain=str(), ads_path=str(), - admin_count=False, full_data=False, custom_filter=str()): - requester = NetRequester(domain_controller, domain, user, password, - lmhash, nthash) - return requester.get_netgroup(queried_groupname=queried_groupname, - queried_sid=queried_sid, queried_username=queried_username, - queried_domain=queried_domain, ads_path=ads_path, admin_count=admin_count, - full_data=full_data, custom_filter=custom_filter) + lmhash=str(), nthash=str(), queried_groupname='*', queried_sid=str(), + queried_username=str(), queried_domain=str(), ads_path=str(), + admin_count=False, full_data=False, custom_filter=str()): + requester = NetRequester(domain_controller, domain, user, password, + lmhash, nthash) + return requester.get_netgroup(queried_groupname=queried_groupname, + queried_sid=queried_sid, queried_username=queried_username, + queried_domain=queried_domain, ads_path=ads_path, admin_count=admin_count, + full_data=full_data, custom_filter=custom_filter) def get_netcomputer(domain_controller, domain, user, password=str(), - lmhash=str(), nthash=str(), queried_computername='*', queried_spn=str(), - queried_os=str(), queried_sp=str(), queried_domain=str(), ads_path=str(), - printers=False, unconstrained=False, ping=False, full_data=False, - custom_filter=str()): - requester = NetRequester(domain_controller, domain, user, password, - lmhash, nthash) - return requester.get_netcomputer(queried_computername=queried_computername, - queried_spn=queried_spn, queried_os=queried_os, queried_sp=queried_sp, - queried_domain=queried_domain, ads_path=ads_path, printers=printers, - unconstrained=unconstrained, ping=ping, full_data=full_data, - custom_filter=custom_filter) + lmhash=str(), nthash=str(), queried_computername='*', queried_spn=str(), + queried_os=str(), queried_sp=str(), queried_domain=str(), ads_path=str(), + printers=False, unconstrained=False, ping=False, full_data=False, + custom_filter=str()): + requester = NetRequester(domain_controller, domain, user, password, + lmhash, nthash) + return requester.get_netcomputer(queried_computername=queried_computername, + queried_spn=queried_spn, queried_os=queried_os, queried_sp=queried_sp, + queried_domain=queried_domain, ads_path=ads_path, printers=printers, + unconstrained=unconstrained, ping=ping, full_data=full_data, + custom_filter=custom_filter) def get_netdomaincontroller(domain_controller, domain, user, password=str(), - lmhash=str(), nthash=str(), queried_domain=str()): - requester = NetRequester(domain_controller, domain, user, password, - lmhash, nthash) - return requester.get_netdomaincontroller(queried_domain=queried_domain) + lmhash=str(), nthash=str(), queried_domain=str()): + requester = NetRequester(domain_controller, domain, user, password, + lmhash, nthash) + return requester.get_netdomaincontroller(queried_domain=queried_domain) def get_netfileserver(domain_controller, domain, user, password=str(), - lmhash=str(), nthash=str(), queried_domain=str(), target_users=list()): - requester = NetRequester(domain_controller, domain, user, password, - lmhash, nthash) - return requester.get_netfileserver(queried_domain=queried_domain, - target_users=target_users) + lmhash=str(), nthash=str(), queried_domain=str(), target_users=list()): + requester = NetRequester(domain_controller, domain, user, password, + lmhash, nthash) + return requester.get_netfileserver(queried_domain=queried_domain, + target_users=target_users) def get_dfsshare(domain_controller, domain, user, password=str(), - lmhash=str(), nthash=str(), version=['v1', 'v2'], queried_domain=str(), - ads_path=str()): - requester = NetRequester(domain_controller, domain, user, password, - lmhash, nthash) - return requester.get_dfsshare(version=version, queried_domain=queried_domain, ads_path=ads_path) + lmhash=str(), nthash=str(), version=['v1', 'v2'], queried_domain=str(), + ads_path=str()): + requester = NetRequester(domain_controller, domain, user, password, + lmhash, nthash) + return requester.get_dfsshare(version=version, queried_domain=queried_domain, ads_path=ads_path) def get_netou(domain_controller, domain, user, password=str(), lmhash=str(), - nthash=str(), queried_domain=str(), queried_ouname='*', queried_guid=str(), - ads_path=str(), full_data=False): - requester = NetRequester(domain_controller, domain, user, password, - lmhash, nthash) - return requester.get_netou(queried_domain=queried_domain, - queried_ouname=queried_ouname, queried_guid=queried_guid, ads_path=ads_path, - full_data=full_data) + nthash=str(), queried_domain=str(), queried_ouname='*', queried_guid=str(), + ads_path=str(), full_data=False): + requester = NetRequester(domain_controller, domain, user, password, + lmhash, nthash) + return requester.get_netou(queried_domain=queried_domain, + queried_ouname=queried_ouname, queried_guid=queried_guid, ads_path=ads_path, + full_data=full_data) def get_netsite(domain_controller, domain, user, password=str(), lmhash=str(), - nthash=str(), queried_domain=str(), queried_sitename=str(), - queried_guid=str(), ads_path=str(), full_data=False): - requester = NetRequester(domain_controller, domain, user, password, - lmhash, nthash) - return requester.get_netsite(queried_domain=queried_domain, - queried_sitename=queried_sitename, queried_guid=queried_guid, - ads_path=ads_path, full_data=full_data) + nthash=str(), queried_domain=str(), queried_sitename=str(), + queried_guid=str(), ads_path=str(), full_data=False): + requester = NetRequester(domain_controller, domain, user, password, + lmhash, nthash) + return requester.get_netsite(queried_domain=queried_domain, + queried_sitename=queried_sitename, queried_guid=queried_guid, + ads_path=ads_path, full_data=full_data) def get_netsubnet(domain_controller, domain, user, password=str(), - lmhash=str(), nthash=str(), queried_domain=str(), queried_sitename=str(), - ads_path=str(), full_data=False): - requester = NetRequester(domain_controller, domain, user, password, - lmhash, nthash) - return requester.get_netsubnet(queried_domain=queried_domain, - queried_sitename=queried_sitename, ads_path=ads_path, full_data=full_data) + lmhash=str(), nthash=str(), queried_domain=str(), queried_sitename=str(), + ads_path=str(), full_data=False): + requester = NetRequester(domain_controller, domain, user, password, + lmhash, nthash) + return requester.get_netsubnet(queried_domain=queried_domain, + queried_sitename=queried_sitename, ads_path=ads_path, full_data=full_data) def get_netdomaintrust(domain_controller, domain, user, password=str(), - lmhash=str(), nthash=str(), queried_domain=str()): - requester = NetRequester(domain_controller, domain, user, password, - lmhash, nthash) - return requester.get_netdomaintrust(queried_domain=queried_domain) + lmhash=str(), nthash=str(), queried_domain=str()): + requester = NetRequester(domain_controller, domain, user, password, + lmhash, nthash) + return requester.get_netdomaintrust(queried_domain=queried_domain) def get_netgroupmember(domain_controller, domain, user, password=str(), - lmhash=str(), nthash=str(), queried_groupname=str(), queried_sid=str(), - queried_domain=str(), ads_path=str(), recurse=False, use_matching_rule=False, - full_data=False, custom_filter=str()): - requester = NetRequester(domain_controller, domain, user, password, - lmhash, nthash) - return requester.get_netgroupmember(queried_groupname=queried_groupname, - queried_sid=queried_sid, queried_domain=queried_domain, - ads_path=ads_path, recurse=recurse, - use_matching_rule=use_matching_rule, - full_data=full_data, custom_filter=custom_filter) + lmhash=str(), nthash=str(), queried_groupname=str(), queried_sid=str(), + queried_domain=str(), ads_path=str(), recurse=False, use_matching_rule=False, + full_data=False, custom_filter=str()): + requester = NetRequester(domain_controller, domain, user, password, + lmhash, nthash) + return requester.get_netgroupmember(queried_groupname=queried_groupname, + queried_sid=queried_sid, queried_domain=queried_domain, + ads_path=ads_path, recurse=recurse, + use_matching_rule=use_matching_rule, + full_data=full_data, custom_filter=custom_filter) def get_netsession(target_computername, domain, user, password=str(), - lmhash=str(), nthash=str()): - requester = NetRequester(target_computername, domain, user, password, - lmhash, nthash) - return requester.get_netsession() + lmhash=str(), nthash=str()): + requester = NetRequester(target_computername, domain, user, password, + lmhash, nthash) + return requester.get_netsession() def get_netshare(target_computername, domain, user, password=str(), - lmhash=str(), nthash=str()): - requester = NetRequester(target_computername, domain, user, password, - lmhash, nthash) - return requester.get_netshare() + lmhash=str(), nthash=str()): + requester = NetRequester(target_computername, domain, user, password, + lmhash, nthash) + return requester.get_netshare() def get_localdisks(target_computername, domain, user, password=str(), - lmhash=str(), nthash=str()): - requester = NetRequester(target_computername, domain, user, password, - lmhash, nthash) - return requester.get_localdisks() + lmhash=str(), nthash=str()): + requester = NetRequester(target_computername, domain, user, password, + lmhash, nthash) + return requester.get_localdisks() def get_netdomain(domain_controller, domain, user, password=str(), - lmhash=str(), nthash=str()): - requester = NetRequester(domain_controller, domain, user, password, - lmhash, nthash) - return requester.get_netdomain() + lmhash=str(), nthash=str()): + requester = NetRequester(domain_controller, domain, user, password, + lmhash, nthash) + return requester.get_netdomain() def get_netloggedon(target_computername, domain, user, password=str(), - lmhash=str(), nthash=str()): - requester = NetRequester(target_computername, domain, user, password, - lmhash, nthash) - return requester.get_netloggedon() + lmhash=str(), nthash=str()): + requester = NetRequester(target_computername, domain, user, password, + lmhash, nthash) + return requester.get_netloggedon() def get_netlocalgroup(target_computername, domain_controller, domain, user, - password=str(), lmhash=str(), nthash=str(), queried_groupname=str(), - list_groups=False, recurse=False): - requester = NetRequester(target_computername, domain, user, password, - lmhash, nthash, domain_controller) - return requester.get_netlocalgroup(queried_groupname=queried_groupname, - list_groups=list_groups, recurse=recurse) + password=str(), lmhash=str(), nthash=str(), queried_groupname=str(), + list_groups=False, recurse=False): + requester = NetRequester(target_computername, domain, user, password, + lmhash, nthash, domain_controller) + return requester.get_netlocalgroup(queried_groupname=queried_groupname, + list_groups=list_groups, recurse=recurse) def get_netprocess(target_computername, domain, user, password=str(), - lmhash=str(), nthash=str()): - requester = NetRequester(target_computername, domain, user, password, - lmhash, nthash) - return requester.get_netprocess() + lmhash=str(), nthash=str()): + requester = NetRequester(target_computername, domain, user, password, + lmhash, nthash) + return requester.get_netprocess() def get_userevent(target_computername, domain, user, password=str(), - lmhash=str(), nthash=str(), event_type=['logon', 'tgt'], - date_start=5): - requester = NetRequester(target_computername, domain, user, password, - lmhash, nthash) - return requester.get_userevent(event_type=event_type, - date_start=date_start) + lmhash=str(), nthash=str(), event_type=['logon', 'tgt'], + date_start=5): + requester = NetRequester(target_computername, domain, user, password, + lmhash, nthash) + return requester.get_userevent(event_type=event_type, + date_start=date_start) def get_netgpo(domain_controller, domain, user, password=str(), - lmhash=str(), nthash=str(), queried_gponame='*', - queried_displayname=str(), queried_domain=str(), ads_path=str()): - requester = GPORequester(domain_controller, domain, user, password, - lmhash, nthash) - return requester.get_netgpo(queried_gponame=queried_gponame, - queried_displayname=queried_displayname, - queried_domain=queried_domain, ads_path=ads_path) + lmhash=str(), nthash=str(), queried_gponame='*', + queried_displayname=str(), queried_domain=str(), ads_path=str()): + requester = GPORequester(domain_controller, domain, user, password, + lmhash, nthash) + return requester.get_netgpo(queried_gponame=queried_gponame, + queried_displayname=queried_displayname, + queried_domain=queried_domain, ads_path=ads_path) def get_domainpolicy(domain_controller, domain, user, password=str(), - lmhash=str(), nthash=str(), source='domain', queried_domain=str(), - resolve_sids=False): - requester = GPORequester(domain_controller, domain, user, password, - lmhash, nthash) + lmhash=str(), nthash=str(), source='domain', queried_domain=str(), + resolve_sids=False): + requester = GPORequester(domain_controller, domain, user, password, + lmhash, nthash) - return requester.get_domainpolicy(source=source, queried_domain=queried_domain, - resolve_sids=resolve_sids) + return requester.get_domainpolicy(source=source, queried_domain=queried_domain, + resolve_sids=resolve_sids) def get_gpttmpl(gpttmpl_path, domain_controller, domain, user, password=str(), lmhash=str(), - nthash=str()): - requester = GPORequester(domain_controller, domain, user, password, - lmhash, nthash) + nthash=str()): + requester = GPORequester(domain_controller, domain, user, password, + lmhash, nthash) - return requester.get_gpttmpl(gpttmpl_path) + return requester.get_gpttmpl(gpttmpl_path) def get_netgpogroup(domain_controller, domain, user, password=str(), lmhash=str(), - nthash=str(), queried_gponame='*', queried_displayname=str(), - queried_domain=str(), ads_path=str(), resolve_sids=False): - requester = GPORequester(domain_controller, domain, user, password, - lmhash, nthash) + nthash=str(), queried_gponame='*', queried_displayname=str(), + queried_domain=str(), ads_path=str(), resolve_sids=False): + requester = GPORequester(domain_controller, domain, user, password, + lmhash, nthash) - return requester.get_netgpogroup(queried_gponame=queried_gponame, - queried_displayname=queried_displayname, - queried_domain=queried_domain, - ads_path=ads_path, - resolve_sids=resolve_sids) + return requester.get_netgpogroup(queried_gponame=queried_gponame, + queried_displayname=queried_displayname, + queried_domain=queried_domain, + ads_path=ads_path, + resolve_sids=resolve_sids) def find_gpocomputeradmin(domain_controller, domain, user, password=str(), lmhash=str(), - nthash=str(), queried_computername=str(), - queried_ouname=str(), queried_domain=str(), - recurse=False): - requester = GPORequester(domain_controller, domain, user, password, - lmhash, nthash) + nthash=str(), queried_computername=str(), + queried_ouname=str(), queried_domain=str(), + recurse=False): + requester = GPORequester(domain_controller, domain, user, password, + lmhash, nthash) - return requester.find_gpocomputeradmin(queried_computername=queried_computername, - queried_ouname=queried_ouname, - queried_domain=queried_domain, - recurse=recurse) + return requester.find_gpocomputeradmin(queried_computername=queried_computername, + queried_ouname=queried_ouname, + queried_domain=queried_domain, + recurse=recurse) def find_gpolocation(domain_controller, domain, user, password=str(), lmhash=str(), - nthash=str(), queried_username=str(), queried_groupname=str(), - queried_localgroup=str(), queried_domain=str()): - requester = GPORequester(domain_controller, domain, user, password, - lmhash, nthash) - return requester.find_gpolocation(queried_username=queried_username, - queried_groupname=queried_groupname, - queried_localgroup=queried_localgroup, - queried_domain=queried_domain) + nthash=str(), queried_username=str(), queried_groupname=str(), + queried_localgroup=str(), queried_domain=str()): + requester = GPORequester(domain_controller, domain, user, password, + lmhash, nthash) + return requester.find_gpolocation(queried_username=queried_username, + queried_groupname=queried_groupname, + queried_localgroup=queried_localgroup, + queried_domain=queried_domain) def invoke_checklocaladminaccess(target_computername, domain, user, password=str(), - lmhash=str(), nthash=str()): - misc = Misc(target_computername, domain, user, password, lmhash, nthash) + lmhash=str(), nthash=str()): + misc = Misc(target_computername, domain, user, password, lmhash, nthash) - return misc.invoke_checklocaladminaccess() + return misc.invoke_checklocaladminaccess() def invoke_userhunter(domain_controller, domain, user, password=str(), - lmhash=str(), nthash=str(), queried_computername=list(), - queried_computerfile=None, queried_computerfilter=str(), - queried_computeradspath=str(), unconstrained=False, - queried_groupname=str(), target_server=str(), - queried_username=str(), queried_useradspath=str(), - queried_userfilter=str(), queried_userfile=None, - threads=1, admin_count=False, allow_delegation=False, - stop_on_success=False, check_access=False, queried_domain=str(), - stealth=False, stealth_source=['dfs', 'dc', 'file'], - show_all=False, foreign_users=False): - user_hunter = UserHunter(domain_controller, domain, user, password, - lmhash, nthash) - - return user_hunter.invoke_userhunter(queried_computername=queried_computername, - queried_computerfile=queried_computerfile, - queried_computerfilter=queried_computerfilter, - queried_computeradspath=queried_computeradspath, - unconstrained=unconstrained, queried_groupname=queried_groupname, - target_server=target_server, queried_username=queried_username, - queried_userfilter=queried_userfilter, - queried_useradspath=queried_useradspath, queried_userfile=queried_userfile, - threads=threads, admin_count=admin_count, - allow_delegation=allow_delegation, stop_on_success=stop_on_success, - check_access=check_access, queried_domain=queried_domain, stealth=stealth, - stealth_source=stealth_source, show_all=show_all, - foreign_users=foreign_users) + lmhash=str(), nthash=str(), queried_computername=list(), + queried_computerfile=None, queried_computerfilter=str(), + queried_computeradspath=str(), unconstrained=False, + queried_groupname=str(), target_server=str(), + queried_username=str(), queried_useradspath=str(), + queried_userfilter=str(), queried_userfile=None, + threads=1, admin_count=False, allow_delegation=False, + stop_on_success=False, check_access=False, queried_domain=str(), + stealth=False, stealth_source=['dfs', 'dc', 'file'], + show_all=False, foreign_users=False): + user_hunter = UserHunter(domain_controller, domain, user, password, + lmhash, nthash) + + return user_hunter.invoke_userhunter(queried_computername=queried_computername, + queried_computerfile=queried_computerfile, + queried_computerfilter=queried_computerfilter, + queried_computeradspath=queried_computeradspath, + unconstrained=unconstrained, queried_groupname=queried_groupname, + target_server=target_server, queried_username=queried_username, + queried_userfilter=queried_userfilter, + queried_useradspath=queried_useradspath, queried_userfile=queried_userfile, + threads=threads, admin_count=admin_count, + allow_delegation=allow_delegation, stop_on_success=stop_on_success, + check_access=check_access, queried_domain=queried_domain, stealth=stealth, + stealth_source=stealth_source, show_all=show_all, + foreign_users=foreign_users) def invoke_processhunter(domain_controller, domain, user, password=str(), - lmhash=str(), nthash=str(), queried_computername=list(), - queried_computerfile=None, queried_computerfilter=str(), - queried_computeradspath=str(), queried_processname=list(), - queried_groupname=str(), target_server=str(), - queried_username=str(), queried_useradspath=str(), - queried_userfilter=str(), queried_userfile=None, threads=1, - stop_on_success=False, queried_domain=str(), show_all=False): - process_hunter = ProcessHunter(domain_controller, domain, user, password, - lmhash, nthash) - - return process_hunter.invoke_processhunter(queried_computername=queried_computername, - queried_computerfile=queried_computerfile, - queried_computerfilter=queried_computerfilter, - queried_computeradspath=queried_computeradspath, - queried_processname=queried_processname, - queried_groupname=queried_groupname, - target_server=target_server, queried_username=queried_username, - queried_userfilter=queried_userfilter, - queried_useradspath=queried_useradspath, queried_userfile=queried_userfile, - threads=threads, stop_on_success=stop_on_success, - queried_domain=queried_domain, show_all=show_all) + lmhash=str(), nthash=str(), queried_computername=list(), + queried_computerfile=None, queried_computerfilter=str(), + queried_computeradspath=str(), queried_processname=list(), + queried_groupname=str(), target_server=str(), + queried_username=str(), queried_useradspath=str(), + queried_userfilter=str(), queried_userfile=None, threads=1, + stop_on_success=False, queried_domain=str(), show_all=False): + process_hunter = ProcessHunter(domain_controller, domain, user, password, + lmhash, nthash) + + return process_hunter.invoke_processhunter(queried_computername=queried_computername, + queried_computerfile=queried_computerfile, + queried_computerfilter=queried_computerfilter, + queried_computeradspath=queried_computeradspath, + queried_processname=queried_processname, + queried_groupname=queried_groupname, + target_server=target_server, queried_username=queried_username, + queried_userfilter=queried_userfilter, + queried_useradspath=queried_useradspath, queried_userfile=queried_userfile, + threads=threads, stop_on_success=stop_on_success, + queried_domain=queried_domain, show_all=show_all) def invoke_eventhunter(domain_controller, domain, user, password=str(), - lmhash=str(), nthash=str(), queried_computername=list(), - queried_computerfile=None, queried_computerfilter=str(), - queried_computeradspath=str(), queried_groupname=str(), - target_server=str(), queried_username=str(), - queried_useradspath=str(), queried_userfilter=str(), - queried_userfile=None, threads=1, queried_domain=str(), - search_days=3): - event_hunter = EventHunter(domain_controller, domain, user, password, - lmhash, nthash) - - return event_hunter.invoke_eventhunter(queried_computername=queried_computername, - queried_computerfile=queried_computerfile, - queried_computerfilter=queried_computerfilter, - queried_computeradspath=queried_computeradspath, - queried_groupname=queried_groupname, - target_server=target_server, - queried_userfilter=queried_userfilter, - queried_username=queried_username, - queried_useradspath=queried_useradspath, - queried_userfile=queried_userfile, - search_days=search_days, - threads=threads, queried_domain=queried_domain) + lmhash=str(), nthash=str(), queried_computername=list(), + queried_computerfile=None, queried_computerfilter=str(), + queried_computeradspath=str(), queried_groupname=str(), + target_server=str(), queried_username=str(), + queried_useradspath=str(), queried_userfilter=str(), + queried_userfile=None, threads=1, queried_domain=str(), + search_days=3): + event_hunter = EventHunter(domain_controller, domain, user, password, + lmhash, nthash) + + return event_hunter.invoke_eventhunter(queried_computername=queried_computername, + queried_computerfile=queried_computerfile, + queried_computerfilter=queried_computerfilter, + queried_computeradspath=queried_computeradspath, + queried_groupname=queried_groupname, + target_server=target_server, + queried_userfilter=queried_userfilter, + queried_username=queried_username, + queried_useradspath=queried_useradspath, + queried_userfile=queried_userfile, + search_days=search_days, + threads=threads, queried_domain=queried_domain) From c6531dccff9d01291e4e4778ea5f39d7cc882c9d Mon Sep 17 00:00:00 2001 From: mpgn Date: Thu, 19 Dec 2019 10:48:07 -0500 Subject: [PATCH 11/13] Fix bytes error argument --- pywerview/functions/gpo.py | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/pywerview/functions/gpo.py b/pywerview/functions/gpo.py index 8415c11..f9baba0 100644 --- a/pywerview/functions/gpo.py +++ b/pywerview/functions/gpo.py @@ -19,7 +19,7 @@ import codecs from bs4 import BeautifulSoup -from io import StringIO +from io import BytesIO from impacket.smbconnection import SMBConnection, SessionError @@ -45,7 +45,7 @@ def get_netgpo(self, queried_gponame='*', queried_displayname=str(), return self._ldap_search(gpo_search_filter, GPO) def get_gpttmpl(self, gpttmpl_path): - content_io = StringIO() + content_io = BytesIO() gpttmpl_path_split = gpttmpl_path.split('\\') target = self._domain_controller @@ -59,11 +59,10 @@ def get_gpttmpl(self, gpttmpl_path): smb_connection.connectTree(share) smb_connection.getFile(share, file_name, content_io.write) - try: - content = codecs.decode(content_io.getvalue(), 'utf_16_le')[1:].replace('\r', '') + content = codecs.decode(content_io.getvalue(), 'utf-16le')[1:].replace('\r', '') except UnicodeDecodeError: - content = content_io.getvalue().replace('\r', '') + content = str(content_io.getvalue()).replace('\r', '') gpttmpl_final = GptTmpl(list()) for l in content.split('\n'): From acd8db86c6189c8006b9795e15614479665136c2 Mon Sep 17 00:00:00 2001 From: mpgn Date: Fri, 20 Dec 2019 09:14:15 -0500 Subject: [PATCH 12/13] Fix encoding error from py2 to py3 in LDAP queries --- pywerview/cli/main.py | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/pywerview/cli/main.py b/pywerview/cli/main.py index 96208ff..0849b45 100644 --- a/pywerview/cli/main.py +++ b/pywerview/cli/main.py @@ -435,6 +435,8 @@ def main(): invoke_eventhunter_parser.set_defaults(func=invoke_eventhunter) args = parser.parse_args() + if hasattr(args,'queried_groupname'): + args.queried_groupname = args.queried_groupname.encode('utf-8').decode('latin1') if args.hashes: try: args.lmhash, args.nthash = args.hashes.split(':') @@ -463,7 +465,7 @@ def main(): if results is not None: try: for x in results: - x = str(x) + x = str(x).encode('latin1').decode('utf-8') print(x) if '\n' in x: print('') From 2fd83cf7f048752f8545320cb3d4fa67d71540f8 Mon Sep 17 00:00:00 2001 From: mpgn Date: Tue, 21 Apr 2020 10:31:37 -0400 Subject: [PATCH 13/13] Fix encoding error using custom type in argpars --- pywerview.py | 2 +- pywerview/cli/main.py | 21 +++++++++++---------- requirements.txt | 2 +- setup.py | 1 + 4 files changed, 14 insertions(+), 12 deletions(-) diff --git a/pywerview.py b/pywerview.py index 64b597e..42fdfa1 100755 --- a/pywerview.py +++ b/pywerview.py @@ -1,4 +1,4 @@ -#!/usr/bin/env python +#!/usr/bin/env python3 # -*- coding: utf8 -*- # # This file is part of PywerView. diff --git a/pywerview/cli/main.py b/pywerview/cli/main.py index 0849b45..5ced451 100644 --- a/pywerview/cli/main.py +++ b/pywerview/cli/main.py @@ -1,4 +1,4 @@ -#!/usr/bin/env python +#!/usr/bin/env python3 # -*- coding: utf8 -*- # # This file is part of PywerView. @@ -22,6 +22,9 @@ from pywerview.cli.helpers import * from pywerview.functions.hunting import * +def commandline_arg(str_): + return str_.encode('utf-8').decode('latin1') + def main(): # Main parser parser = argparse.ArgumentParser(description='Rewriting of some PowerView\'s functionalities in Python') @@ -59,12 +62,12 @@ def main(): type=str, default=str(), help='Custom filter used to search computers against the DC') hunter_parser.add_argument('--computer-adspath', dest='queried_computeradspath', type=str, default=str(), help='ADS path used to search computers against the DC') - hunter_parser.add_argument('--groupname', dest='queried_groupname', + hunter_parser.add_argument('--groupname', dest='queried_groupname', type=commandline_arg, help='Group name to query for target users') hunter_parser.add_argument('--targetserver', dest='target_server', help='Hunt for users who are effective local admins on this target server') hunter_parser.add_argument('--username', dest='queried_username', - help='Hunt for a specific user name') + help='Hunt for a specific user name', type=commandline_arg) hunter_parser.add_argument('--user-filter', dest='queried_userfilter', type=str, default=str(), help='Custom filter used to search users against the DC') hunter_parser.add_argument('--user-adspath', dest='queried_useradspath', @@ -117,12 +120,12 @@ def main(): # Parser for the get-netgroup command get_netgroup_parser = subparsers.add_parser('get-netgroup', help='Get a list of all current '\ 'domain groups, or a list of groups a domain user is member of', parents=[ad_parser]) - get_netgroup_parser.add_argument('--groupname', dest='queried_groupname', + get_netgroup_parser.add_argument('--groupname', dest='queried_groupname', type=commandline_arg, default='*', help='Group to query (wildcards accepted)') get_netgroup_parser.add_argument('--sid', dest='queried_sid', help='Group SID to query') get_netgroup_parser.add_argument('--username', dest='queried_username', - help='Username to query: will list the groups this user is a member of (wildcards accepted)') + help='Username to query: will list the groups this user is a member of (wildcards accepted)', type=commandline_arg) get_netgroup_parser.add_argument('-d', '--domain', dest='queried_domain', help='Domain to query') get_netgroup_parser.add_argument('-a', '--ads-path', dest='ads_path', @@ -300,7 +303,7 @@ def main(): 'the computers it has administrative access to via GPO', parents=[ad_parser]) find_gpolocation_parser.add_argument('--username', dest='queried_username', default=str(), help='The username to query for access (no wildcard)') - find_gpolocation_parser.add_argument('--groupname', dest='queried_groupname', + find_gpolocation_parser.add_argument('--groupname', dest='queried_groupname', type=commandline_arg, default=str(), help='The group name to query for access (no wildcard)') find_gpolocation_parser.add_argument('-d', '--domain', dest='queried_domain', help='Domain to query') @@ -311,7 +314,7 @@ def main(): # Parser for the get-netgroup command get_netgroupmember_parser = subparsers.add_parser('get-netgroupmember', help='Return a list of members of a domain group', parents=[ad_parser]) - get_netgroupmember_parser.add_argument('--groupname', dest='queried_groupname', + get_netgroupmember_parser.add_argument('--groupname', dest='queried_groupname', type=commandline_arg, help='Group to query, defaults to the \'Domain Admins\' group (wildcards accepted)') get_netgroupmember_parser.add_argument('--sid', dest='queried_sid', help='SID to query') @@ -359,7 +362,7 @@ def main(): 'members of a local group on a machine, or returns every local group. You can use local '\ 'credentials instead of domain credentials, however, domain credentials are needed to '\ 'resolve domain SIDs.', parents=[target_parser]) - get_netlocalgroup_parser.add_argument('--groupname', dest='queried_groupname', + get_netlocalgroup_parser.add_argument('--groupname', dest='queried_groupname', type=commandline_arg, help='Group to list the members of (defaults to the local \'Administrators\' group') get_netlocalgroup_parser.add_argument('--list-groups', action='store_true', help='If set, returns a list of the local groups on the targets') @@ -435,8 +438,6 @@ def main(): invoke_eventhunter_parser.set_defaults(func=invoke_eventhunter) args = parser.parse_args() - if hasattr(args,'queried_groupname'): - args.queried_groupname = args.queried_groupname.encode('utf-8').decode('latin1') if args.hashes: try: args.lmhash, args.nthash = args.hashes.split(':') diff --git a/requirements.txt b/requirements.txt index a587981..fbf5fbe 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,2 +1,2 @@ -impacket>=0.9.16 +impacket>=0.9.20 bs4 diff --git a/setup.py b/setup.py index dfeb834..d7e9a56 100644 --- a/setup.py +++ b/setup.py @@ -1,3 +1,4 @@ +#!/usr/bin/env python3 # -*- coding: utf8 -*- from setuptools import setup, find_packages