def run(self): WaitForSingleObject(self.processInformation.hProcess, INFINITE) exitCode = DWORD() if not GetExitCodeProcess( self.processInformation.hProcess, byref(exitCode) ): raise self.Exception(FormatError()) CloseHandle(self.processInformation.hProcess) if hasattr(self.processInformation, "hThread"): CloseHandle(self.processInformation.hThread) if self.pld: try: data = code_open(self.filename, 'r', self.cp) lines = data.readlines() returnValue = "".join(lines) data.close() remove(self.filename) except: returnValue = "" eg.TriggerEvent( self.suffix, prefix = self.prefix, payload = returnValue.rstrip() ) else: eg.TriggerEvent(self.suffix, prefix = self.prefix)
def __call__( self, command='', waitForCompletion=True, triggerEvent=False, additionalSuffix="", disableParsingCommand=True, disableParsingAdditionalSuffix=True, payload=False, disableWOW64=False, runAsAdmin=False, ): if eg.config.refreshEnv: eg.Environment.Refresh() prefix = self.plugin.info.eventPrefix suffix = self.text.eventSuffix if additionalSuffix != "": suffix = "%s.%s" % (suffix, additionalSuffix) if not disableParsingCommand: command = eg.ParseString(command) if not disableParsingAdditionalSuffix: additionalSuffix = eg.ParseString(additionalSuffix) processInformation = self.processInformation = SHELLEXECUTEINFO() processInformation.cbSize = sizeof(processInformation) processInformation.hwnd = 0 processInformation.lpFile = 'cmd.exe' if waitForCompletion or triggerEvent: si = STARTUPINFO() si.dwFlags |= STARTF_USESHOWWINDOW proc = popen("chcp", si) # DOS console codepage data = proc.communicate()[0] if not proc.returncode: cp = "cp" + data.split()[-1].replace(".", "") proc.stdout.close() filename = join(eg.folderPath.TemporaryFiles, "EventGhost-output-%s.txt" % ttime()) processInformation.lpParameters = '/S/C "%s" > %s' % (command, filename) processInformation.fMask = SEE_MASK_NOCLOSEPROCESS else: processInformation.lpParameters = '/S/C "%s"' % command if runAsAdmin: processInformation.lpVerb = "runas" processInformation.nShow = 0 processInformation.hInstApp = 0 disableWOW64 = disableWOW64 and IsWin64() if disableWOW64: prevVal = Wow64DisableWow64FsRedirection() if not windll.shell32.ShellExecuteExW(byref(processInformation)): raise self.Exception(FormatError()) if disableWOW64: Wow64RevertWow64FsRedirection(prevVal) if waitForCompletion: WaitForSingleObject(processInformation.hProcess, INFINITE) exitCode = DWORD() if not GetExitCodeProcess(processInformation.hProcess, byref(exitCode)): raise self.Exception(FormatError()) try: data = code_open(filename, 'r', cp) lines = data.readlines() returnValue = "".join(lines) data.close() remove(filename) except: returnValue = "" if triggerEvent: if payload: eg.TriggerEvent(suffix, prefix=prefix, payload=returnValue.rstrip()) else: eg.TriggerEvent(suffix, prefix=prefix) CloseHandle(processInformation.hProcess) return returnValue.rstrip() elif triggerEvent: te = self.TriggerEvent(processInformation, suffix, prefix, filename, cp, payload) te.start() else: CloseHandle(processInformation.hProcess)
def __call__( self, command = '', waitForCompletion = True, triggerEvent = False, additionalSuffix = "", disableParsingCommand = True, disableParsingAdditionalSuffix = True, payload = False, disableWOW64=False, runAsAdmin = False, ): if eg.config.refreshEnv: eg.Environment.Refresh() prefix = self.plugin.info.eventPrefix suffix = self.text.eventSuffix if additionalSuffix != "": suffix = "%s.%s" % (suffix, additionalSuffix) if not disableParsingCommand: command = eg.ParseString(command) if not disableParsingAdditionalSuffix: additionalSuffix = eg.ParseString(additionalSuffix) processInformation = self.processInformation = SHELLEXECUTEINFO() processInformation.cbSize = sizeof(processInformation) processInformation.hwnd = 0 processInformation.lpFile = 'cmd.exe' if waitForCompletion or triggerEvent: si = STARTUPINFO() si.dwFlags |= STARTF_USESHOWWINDOW proc = popen("chcp", si) # DOS console codepage data = proc.communicate()[0] if not proc.returncode: cp = "cp" + data.split()[-1].replace(".", "") proc.stdout.close() filename = join( eg.folderPath.TemporaryFiles, "EventGhost-output-%s.txt" % ttime() ) processInformation.lpParameters = '/C %s > %s' % (command, filename) processInformation.fMask = SEE_MASK_NOCLOSEPROCESS else: processInformation.lpParameters = '/C %s' % command if runAsAdmin: processInformation.lpVerb = "runas" processInformation.nShow = 0 processInformation.hInstApp = 0 disableWOW64 = disableWOW64 and IsWin64() if disableWOW64: prevVal = Wow64DisableWow64FsRedirection() if not windll.shell32.ShellExecuteExW(byref(processInformation)): raise self.Exception(FormatError()) if disableWOW64: Wow64RevertWow64FsRedirection(prevVal) if waitForCompletion: WaitForSingleObject(processInformation.hProcess, INFINITE) exitCode = DWORD() if not GetExitCodeProcess( processInformation.hProcess, byref(exitCode) ): raise self.Exception(FormatError()) try: data = code_open(filename, 'r', cp) lines = data.readlines() returnValue = "".join(lines) data.close() remove(filename) except: returnValue = "" if triggerEvent: if payload: eg.TriggerEvent( suffix, prefix = prefix, payload = returnValue.rstrip() ) else: eg.TriggerEvent(suffix, prefix = prefix) CloseHandle(processInformation.hProcess) return returnValue.rstrip() elif triggerEvent: te = self.TriggerEvent(processInformation, suffix, prefix, filename, cp, payload) te.start() else: CloseHandle(processInformation.hProcess)