def dump_processes(self):
for p in processes().get_all():
print p.as_text()
# When listing DLLs for a process we need to see the filesystem like they do
if p.is_wow64():
wpc.utils.enable_wow64()
if p.get_exe():
print "Security Descriptor for Exe File %s" % p.get_exe(
).get_name()
if p.get_exe().get_sd():
print p.get_exe().get_sd().as_text()
else:
print "[unknown]"
for dll in p.get_dlls():
print "\nSecurity Descriptor for DLL File %s" % dll.get_name(
)
sd = dll.get_sd()
if sd:
print sd.as_text()
if p.is_wow64():
wpc.utils.disable_wow64()
def dump_processes(self):
for p in processes().get_all():
print p.as_text()
# When listing DLLs for a process we need to see the filesystem like they do
if p.is_wow64():
wpc.utils.enable_wow64()
if p.get_exe():
print "Security Descriptor for Exe File %s" % p.get_exe().get_name()
if p.get_exe().get_sd():
print p.get_exe().get_sd().as_text()
else:
print "[unknown]"
for dll in p.get_dlls():
print "\nSecurity Descriptor for DLL File %s" % dll.get_name()
sd = dll.get_sd()
if sd:
print sd.as_text()
if p.is_wow64():
wpc.utils.disable_wow64()
got_a_hash = 1
print hash
if not got_a_hash:
print "[E] No hashes. Are you running as SYSTEM?"
# credman
if options.do_all or options.do_credman:
section("Dumping Current User's Credentials from Credential Manager")
creds = get_credman_creds()
if creds:
for package in creds:
dump_cred(package)
sid_done = {}
for p in processes().get_all():
for t in p.get_tokens():
x = t.get_token_user().get_fq_name().encode("utf8")
if t.get_token_user().get_fq_name().encode(
"utf8") in sid_done.keys():
pass
else:
sid_done[t.get_token_user().get_fq_name().encode("utf8")] = 1
section("Dumping Credentials from Credential Manager for: %s" %
t.get_token_user().get_fq_name())
win32security.ImpersonateLoggedOnUser(t.get_th())
creds = get_credman_creds()
if creds:
for package in creds:
dump_cred(package)
win32security.RevertToSelf()
def dumptab_processes(self):
for p in processes().get_all():
print p.as_tab()
def dumptab_processes(self):
for p in processes().get_all():
print p.as_tab()
got_a_hash = 1
print hash
if not got_a_hash:
print "[E] No hashes. Are you running as SYSTEM?"
# credman
if options.do_all or options.do_credman:
section("Dumping Current User's Credentials from Credential Manager")
creds = get_credman_creds()
if creds:
for package in creds:
dump_cred(package)
sid_done = {}
for p in processes().get_all():
for t in p.get_tokens():
x = t.get_token_user().get_fq_name().encode("utf8")
if t.get_token_user().get_fq_name().encode("utf8") in sid_done.keys():
pass
else:
sid_done[t.get_token_user().get_fq_name().encode("utf8")] = 1
section("Dumping Credentials from Credential Manager for: %s" % t.get_token_user().get_fq_name())
win32security.ImpersonateLoggedOnUser(t.get_th())
creds = get_credman_creds()
if creds:
for package in creds:
dump_cred(package)
win32security.RevertToSelf()
# lsadump
