def run(self, target, args, smb_con, loggers, config_obj):
logger = loggers['console']
proc_found = False
x = WmiCon(args, loggers, smb_con.ip, smb_con.host)
try:
x.get_netprocess()
except Exception as e:
logger.debug("{} Error: {}".format(self.name, str(e)))
logger.debug("{}: Identified {} processes running on {}".format(
self.name, str(len(x.process_list.keys())), target))
logger.debug("Searching for absence of: {}".format(
self.args['PROCESS']['Value']))
for pid, data in x.process_list.items():
if self.args['PROCESS']['Value'].lower(
) == data['processname'].lower():
logger.fail([
smb_con.host, smb_con.ip,
self.name.upper(),
"PID: {:<6} Name: {:<20} User: {:<17} Host: {:<25} Domain: {}"
.format(pid, data['processname'], data['user'],
data['computername'], data['domain'])
])
return
logger.success([
smb_con.host, smb_con.ip,
self.name.upper(),
"{} NOT found on {}".format(self.args['PROCESS']['Value'],
smb_con.host)
])
def wmi_query(con, args, target, loggers):
q = WmiCon(args, loggers, con.ip, con.host)
loggers[args.mode].info("WMI Query\t{}\t{}\\{}\t{}".format(target, args.domain, args.user, args.wmi_query))
q.wmi_query(args.wmi_namespace, args.wmi_query)
def localgroup_members(smb_obj, args, target, loggers):
q = WmiCon(args, loggers, smb_obj.ip, smb_obj.host)
loggers[args.mode].info(
"WMI Query\t{}\t{}\\{}\tEnumerate Local Groups".format(
target, args.domain, args.user))
q.get_localgroup_members(smb_obj.con.getServerName(), args.local_members)
def tasklist(con, args, loggers):
proc = WmiCon(args, loggers, con.ip, con.host)
proc.get_netprocess(tasklist=True)
def get_netlocalgroups(con, args, target, loggers):
q = WmiCon(args, loggers, con.ip, con.host)
loggers[args.mode].info(
"WMI Query\t{}\t{}\\{}\tEnumerate Local Groups".format(
target, args.domain, args.user))
q.get_netlocalgroups()