def __init__(self,
names=None,
command_type=None,
namespace=None,
argument_list=None):
"""
[MS-PSRP] 2.2.2.14 GET_COMMAND_METADATA Message
https://msdn.microsoft.com/en-us/library/ee175985.aspx
:param names:
:param command_type:
:param namespace:
:param argument_list:
"""
super(GetCommandMetadata, self).__init__()
self._extended_properties = (('names',
ListMeta(name="Name",
list_value_meta=ObjectMeta("S"),
list_types=[
"System.String[]",
"System.Array",
"System.Object"
])),
('command_type',
ObjectMeta(name="CommandType",
object=CommandType)),
('namespace',
ObjectMeta(name="Namespace")),
('argument_list',
ListMeta(name="ArgumentList")))
self.names = names
self.command_type = command_type
self.namespace = namespace
self.argument_list = argument_list
def __init__(self,
protocol_version=None,
ps_version=None,
serialization_version=None,
time_zone=None):
"""
[MS-PSRP] 2.2.2.1 SESSION_CAPABILITY Message
https://msdn.microsoft.com/en-us/library/dd340636.aspx
:param protocol_version: The PSRP version
:param ps_version: The PowerShell version
:param serialization_version: The serialization version
:param time_zone: Time Zone information of the host, should be a byte
string
"""
super(SessionCapability, self).__init__()
self._extended_properties = (
('protocol_version', ObjectMeta("Version",
name="protocolversion")),
('ps_version', ObjectMeta("Version", name="PSVersion")),
('serialization_version',
ObjectMeta("Version", name="SerializationVersion")),
('time_zone', ObjectMeta("BA", name="TimeZone", optional=True)),
)
self.protocol_version = protocol_version
self.ps_version = ps_version
self.serialization_version = serialization_version
self.time_zone = time_zone
def __init__(self,
activity=None,
activity_id=None,
description=None,
current_operation=None,
parent_activity_id=None,
percent_complete=None,
progress_type=None,
seconds_remaining=None):
"""
[MS-PSRP] 2.2.2.25 PROGRESS_RECORD Message
https://msdn.microsoft.com/en-us/library/dd340751.aspx
:param kwargs:
"""
super(ProgressRecord, self).__init__()
self._extended_properties = (
('activity', ObjectMeta("S", name="Activity")),
('activity_id', ObjectMeta("I32", name="ActivityId")),
('description', ObjectMeta("S", name="StatusDescription")),
('current_operation', ObjectMeta("S", name="CurrentOperation")),
('parent_activity_id', ObjectMeta("I32", name="ParentActivityId")),
('percent_complete', ObjectMeta("I32", name="PercentComplete")),
('progress_type',
ObjectMeta("Obj", name="Type", object=ProgressRecordType)),
('seconds_remaining', ObjectMeta("I32", name="SecondsRemaining")),
)
self.activity = activity
self.activity_id = activity_id
self.description = description
self.current_operation = current_operation
self.parent_activity_id = parent_activity_id
self.percent_complete = percent_complete
self.progress_type = progress_type
self.seconds_remaining = seconds_remaining
def __init__(
self,
min_runspaces: typing.Optional[int] = None,
max_runspaces: typing.Optional[int] = None,
thread_options: typing.Optional[PSThreadOptions] = None,
apartment_state: typing.Optional[ApartmentState] = None,
host_info: typing.Optional[HostInfo] = None,
application_arguments: typing.Optional[typing.Dict] = None,
) -> None:
"""
[MS-PSRP] 2.2.2.2 INIT_RUNSPACEPOOL Message
https://msdn.microsoft.com/en-us/library/dd359645.aspx
:param min_runspaces: The minimum number of runspaces in the pool
:param max_runspaces: The maximum number of runspaces in the pool
:param thread_options: Thread options provided by the higher layer
:param apartment_state: Apartment state provided by the higher layer
:param host_info: The client's HostInfo details
:param application_arguments: Application arguments provided by a
higher layer, stored in the $PSSenderInfo variable in the pool
"""
super(InitRunspacePool, self).__init__()
self._extended_properties = (
("min_runspaces", ObjectMeta("I32", name="MinRunspaces")),
("max_runspaces", ObjectMeta("I32", name="MaxRunspaces")),
("thread_options",
ObjectMeta("Obj", name="PSThreadOptions",
object=PSThreadOptions)),
("apartment_state",
ObjectMeta("Obj", name="ApartmentState", object=ApartmentState)),
("host_info", ObjectMeta("Obj", name="HostInfo", object=HostInfo)),
(
"application_arguments",
DictionaryMeta(
name="ApplicationArguments",
dict_types=[
"System.Management.Automation.PSPrimitiveDictionary",
"System.Collections.Hashtable",
"System.Object",
],
),
),
)
self.min_runspaces = min_runspaces
self.max_runspaces = max_runspaces
self.thread_options = thread_options
self.apartment_state = apartment_state
self.host_info = host_info
self.application_arguments = application_arguments
def __init__(self, min_runspaces=None, ci=None):
"""
[MS-PSRP] 2.2.2.7 SET_MIN_RUNSPACES Message
https://msdn.microsoft.com/en-us/library/dd340570.aspx
:param max_runspaces: The minimum number of runspaces
:param ci: The ci identifier for the CI table
"""
super(SetMinRunspaces, self).__init__()
self._extended_properties = (
('min_runspaces', ObjectMeta("I32", name="MinRunspaces")),
('ci', ObjectMeta("I64", name="CI")),
)
self.min_runspaces = min_runspaces
self.ci = ci
def __init__(self, response=None, ci=None):
"""
[MS-PSRP] 2.2.2.8 RUNSPACE_AVAILABILITY Message
https://msdn.microsoft.com/en-us/library/dd359229.aspx
:param response: The response from the server
:param ci: The ci identifier for the CI table
"""
super(RunspaceAvailability, self).__init__()
self._extended_properties = (
('response', ObjectMeta(name="SetMinMaxRunspacesResponse")),
('ci', ObjectMeta("I64", name="ci")),
)
self.response = response
self.ci = ci
def __init__(self, min_runspaces=None, max_runspaces=None):
"""
[MS-PSRP] 2.2.2.30 RUNSPACEPOOL_INIT_DATA Message
https://msdn.microsoft.com/en-us/library/hh537788.aspx
:param min_runspaces:
:param max_runspaces:
"""
super(RunspacePoolInitData, self).__init__()
self._extended_properties = (
('min_runspaces', ObjectMeta("I32", name="MinRunspaces")),
('max_runspaces', ObjectMeta("I32", name="MaxRunspaces")),
)
self.min_runspaces = min_runspaces
self.max_runspaces = max_runspaces
def __init__(
self,
message_data=None,
source=None,
time_generated=None,
tags=None,
user=None,
computer=None,
pid=None,
native_thread_id=None,
managed_thread_id=None,
write_information_stream=None,
):
"""
[MS-PSRP] 2.2.2.26 INFORMATION_RECORD Message
https://msdn.microsoft.com/en-us/library/mt224023.aspx
Only in protocol_version 2.3 and above
:param kwargs:
"""
super(InformationRecord, self).__init__()
self._types = [
"System.Management.Automation.InformationRecord", "System.Object"
]
self._extended_properties = (
("message_data", ObjectMeta(name="MessageData")),
("source", ObjectMeta("S", name="Source")),
("time_generated", ObjectMeta("DT", name="TimeGenerated")),
("tags", ListMeta(name="Tags", list_value_meta=ObjectMeta("S"))),
("user", ObjectMeta("S", name="User")),
("computer", ObjectMeta("S", name="Computer")),
("pid", ObjectMeta("U32", name="ProcessId")),
("native_thread_id", ObjectMeta("U32", name="NativeThreadId")),
("managed_thread_id", ObjectMeta("U32", name="ManagedThreadId")),
("write_information_stream",
ObjectMeta("B", name="WriteInformationStream", optional=True)),
)
self.message_data = message_data
self.source = source
self.time_generated = time_generated
self.tags = tags
self.user = user
self.computer = computer
self.pid = pid
self.native_thread_id = native_thread_id
self.managed_thread_id = managed_thread_id
self.write_information_stream = write_information_stream
def __init__(self, **kwargs):
super(SerialObject, self).__init__()
self._types = ["System.Test", "System.Object"]
self._extended_properties = (('man_prop',
ObjectMeta("S",
optional=False)), )
self.man_prop = kwargs.get('man_prop')
def _deserialize_dynamic_obj(
self,
element: ET.Element,
metadata: ObjectMeta,
) -> typing.Any:
obj = metadata.object(
) # type: ignore[misc] # Caller always sets object
self.obj[element.attrib["RefId"]] = obj
for obj_property in element:
if obj_property.tag == "TN":
for obj_type in obj_property:
obj.types.append(obj_type.text)
self.tn[obj_property.attrib["RefId"]] = obj.types
elif obj_property.tag == "TNRef":
obj.types = self.tn[obj_property.attrib["RefId"]]
elif obj_property.tag == "Props":
for adapted_property in obj_property:
key = adapted_property.attrib["N"]
value = self.deserialize(adapted_property, clear=False)
obj.adapted_properties[key] = value
elif obj_property.tag == "MS":
for extended_property in obj_property:
key = extended_property.attrib["N"]
value = self.deserialize(extended_property, clear=False)
obj.extended_properties[key] = value
elif obj_property.tag == "ToString":
value = self.deserialize(obj_property, clear=False)
obj.to_string = value
else:
value = self.deserialize(obj_property, clear=False)
obj.property_sets.append(value)
return obj
def __init__(self, state=None, error_record=None):
"""
[MS-PSRP] 2.2.2.9 RUNSPACEPOOL_STATE Message
https://msdn.microsoft.com/en-us/library/dd303020.aspx
:param state: The state of the runspace pool
:param error_record:
"""
super(RunspacePoolStateMessage, self).__init__()
self._extended_properties = (
('state', ObjectMeta("I32", name="RunspaceState")),
('error_record',
ObjectMeta("Obj", optional=True, object=ErrorRecord)),
)
self.state = state
self.error_record = error_record
def test_psrp(self, functional_transports):
for wsman in functional_transports:
with RunspacePool(wsman) as pool:
pool.exchange_keys()
ps = PowerShell(pool)
ps.add_cmdlet("Get-Item").add_parameter("Path", "C:\\Windows")
ps.add_statement()
sec_string = pool.serialize(u"super secret", ObjectMeta("SS"))
ps.add_cmdlet("Set-Variable")
ps.add_parameter("Name", "password")
ps.add_parameter("Value", sec_string)
ps.add_statement().add_script(
"[System.Runtime.InteropServices.marshal]"
"::PtrToStringAuto([System.Runtime.InteropServices.marshal]"
"::SecureStringToBSTR($password))")
ps.add_statement().add_cmdlet("ConvertTo-SecureString")
ps.add_parameter("String", "host secret")
ps.add_parameter("AsPlainText")
ps.add_parameter("Force")
large_string = "hello world " * 3000
ps.add_statement()
ps.add_script("$VerbosePreference = 'Continue'; "
"Write-Verbose '%s'" % large_string)
actual = ps.invoke()
assert ps.had_errors is False
assert len(actual) == 3
assert str(actual[0]) == "C:\\Windows"
assert actual[1] == u"super secret"
assert actual[2] == u"host secret"
assert str(ps.streams.verbose[0]) == large_string
def test_parse_message(self):
xml = """<Obj RefId="11">
<MS>
<S N="mr">Line read from the host</S>
<I64 N="ci">1</I64>
<Obj N="mi" RefId="12">
<TN RefId="4">
<T>System.Management.Automation.Remoting.RemoteHostMethodId</T>
<T>System.Enum</T>
<T>System.ValueType</T>
<T>System.Object</T>
</TN>
<ToString>ReadLine</ToString>
<I32>11</I32>
</Obj>
</MS>
</Obj>"""
serializer = Serializer()
meta = ObjectMeta("Obj", object=RunspacePoolHostResponse)
actual = serializer.deserialize(xml, meta)
assert actual.ci == 1
assert actual.me is None
assert str(actual.mi) == "ReadLine"
assert isinstance(actual.mi, HostMethodIdentifier)
assert actual.mi.value == 11
assert actual.mr == "Line read from the host"
def __init__(self, state=None, error_record=None):
"""
[MS-PSRP] 2.2.2.21 PIPELINE_STATE Message
https://msdn.microsoft.com/en-us/library/dd304923.aspx
:param state: The state of the pipeline
:param error_record:
"""
super(PipelineState, self).__init__()
self._extended_properties = (
('state', ObjectMeta("I32", name="PipelineState")),
('error_record',
ObjectMeta("Obj", name="ExceptionAsErrorRecord", optional=True)),
)
self.state = state
self.error_record = error_record
def test_parse_message(self):
xml = """<Obj RefId="0">
<MS>
<I64 N="ci">1</I64>
<Obj N="mi" RefId="1">
<TN RefId="0">
<T>System.Management.Automation.Remoting.RemoteHostMethodId</T>
<T>System.Enum</T>
<T>System.ValueType</T>
<T>System.Object</T>
</TN>
<ToString>ReadLine</ToString>
<I32>11</I32>
</Obj>
<Obj N="mp" RefId="2">
<TN RefId="1">
<T>System.Collections.ArrayList</T>
<T>System.Object</T>
</TN>
<LST/>
</Obj>
</MS>
</Obj>"""
serializer = Serializer()
meta = ObjectMeta("Obj", object=RunspacePoolHostCall)
actual = serializer.deserialize(xml, meta)
assert actual.ci == 1
assert str(actual.mi) == "ReadLine"
assert isinstance(actual.mi, HostMethodIdentifier)
assert actual.mi.value == 11
assert actual.mp == []
def test_parse_array(self):
serializer = Serializer()
actual = serializer.deserialize(self.SINGLE_ARRAY,
ObjectMeta("Obj", object=Array))
array = actual.array
assert array == [1, 2, 3]
assert actual.mae == [1, 2, 3]
assert actual.mal == [3]
def test_parse_two_dimensional_array(self):
serializer = Serializer()
actual = serializer.deserialize(self.TWO_ARRAY,
ObjectMeta("Obj", object=Array))
array = actual.array
assert array == [[1, 2, 3], [4, 5, 6], [7, 8, 9]]
assert actual.mae == [1, 2, 3, 4, 5, 6, 7, 8, 9]
assert actual.mal == [3, 3]
def __init__(self, min_runspaces=None, max_runspaces=None):
"""
[MS-PSRP] 2.2.2.29 CONNECT_RUNSPACEPOOL Message
https://msdn.microsoft.com/en-us/library/hh537460.aspx
:param min_runspaces:
:param max_runspaces:
"""
super(ConnectRunspacePool, self).__init__()
self._extended_properties = (
('min_runspaces',
ObjectMeta("I32", name="MinRunspaces", optional=True)),
('max_runspaces',
ObjectMeta("I32", name="MaxRunspaces", optional=True)),
)
self.min_runspaces = min_runspaces
self.max_runspaces = max_runspaces
def test_parse_buffer_cell(self):
serializer = Serializer()
actual = serializer.deserialize(normalise_xml(self.BUFFER_CELL),
ObjectMeta("Obj", object=BufferCell))
assert actual.character == "A"
assert actual.foreground_color.value == Color.CYAN
assert actual.background_color.value == Color.GREEN
assert actual.cell_type == BufferCellType.COMPLETE
def __init__(self, ci=None, mi=None, mp=None):
"""
[MS-PSRP] 2.2.2.15 RUNSPACE_HOST_CALL Message
https://msdn.microsoft.com/en-us/library/dd340830.aspx
:param ci:
:param mi:
:param mp:
"""
super(RunspacePoolHostCall, self).__init__()
self._extended_properties = (
('ci', ObjectMeta("I64", name="ci")),
('mi', ObjectMeta("Obj", name="mi", object=HostMethodIdentifier)),
('mp', ListMeta(name="mp"))
)
self.ci = ci
self.mi = mi
self.mp = mp
def __init__(
self,
max_runspaces: typing.Optional[int] = None,
ci: typing.Optional[int] = None,
) -> None:
"""
[MS-PSRP] 2.2.2.6 SET_MAX_RUNSPACES Message
https://msdn.microsoft.com/en-us/library/dd304870.aspx
:param max_runspaces: The maximum number of runspaces
:param ci: The ci identifier for the CI table
"""
super(SetMaxRunspaces, self).__init__()
self._extended_properties = (
("max_runspaces", ObjectMeta("I32", name="MaxRunspaces")),
("ci", ObjectMeta("I64", name="CI")),
)
self.max_runspaces = max_runspaces
self.ci = ci
def __init__(self, ci=None):
"""
[MS-PSRP] 2.2.2.11 GET_AVAILABLE_RUNSPACES Message
https://msdn.microsoft.com/en-us/library/dd357512.aspx
:param ci: The ci identifier for the CI table
"""
super(GetAvailableRunspaces, self).__init__()
self._extended_properties = (('ci', ObjectMeta("I64", name="ci")), )
self.ci = ci
def __init__(self, ci=None):
"""
[MS-PSRP] 2.2.2.31 RESET_RUNSPACE_STATE Message
https://msdn.microsoft.com/en-us/library/mt224027.aspx
:param ci: The call identifier
"""
super(ResetRunspaceState, self).__init__()
self._extended_properties = (('ci', ObjectMeta("I64", name="ci")), )
self.ci = ci
def test_parse_three_dimensional_array(self):
serializer = Serializer()
actual = serializer.deserialize(self.THREE_ARRAY,
ObjectMeta("Obj", object=Array))
array = actual.array
assert array == [
[[1, 2, 3, 4], [5, 6, 7, 8], [9, 10, 11, 12]],
[[13, 14, 15, 16], [17, 18, 19, 20], [21, 22, 23, 24]]
]
assert actual.mae == [1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12,
13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24]
assert actual.mal == [2, 3, 4]
def _create_obj(self, parent, obj, key=None, meta=None):
if isinstance(obj, ComplexObject):
for ref, value in self.obj.items():
if value == obj:
sub_element = ET.SubElement(parent, "Ref", RefId=ref)
if key is not None:
sub_element.attrib["N"] = key
return
if meta is None:
meta = ObjectMeta(name=key)
self.serialize(obj, metadata=meta, parent=parent, clear=False)
def __init__(self, public_key=None):
"""
[MS-PSRP] 2.2.2.3 PUBLIC_KEY Message
https://msdn.microsoft.com/en-us/library/dd644859.aspx
:param public_key: The Base64 encoding of the public key in the PKCS1
format.
"""
super(PublicKey, self).__init__()
self._extended_properties = (('public_key',
ObjectMeta("S", name="PublicKey")), )
self.public_key = public_key
def GetVersion(self, runspace, pipeline):
"""
MI: 2
SHOULD return the version number of the hosting application.
https://docs.microsoft.com/en-us/dotnet/api/system.management.automation.host.pshost.version
:param runspace: The runspace the host call relates to
:param pipeline: The pipeline (if any) that the call relates to
:return: Version number of the hosting application
"""
meta = ObjectMeta("Version")
value = runspace.serialize(self.version, meta)
return value
def __init__(self, ci=None, mi=None, mr=None, me=None):
"""
[MS-PSRP] 2.2.2.16 RUNSPACEPOOL_HOST_RESPONSE Message
https://msdn.microsoft.com/en-us/library/dd358453.aspx
:param ci:
:param mi:
:param mr:
:param me:
"""
super(RunspacePoolHostResponse, self).__init__()
self._extended_properties = (
('ci', ObjectMeta("I64", name="ci")),
('mi', ObjectMeta("Obj", name="mi", object=HostMethodIdentifier)),
('mr', ObjectMeta(name="mr")),
('me',
ObjectMeta("Obj", name="me", object=ErrorRecord, optional=True)),
)
self.ci = ci
self.mi = mi
self.mr = mr
self.me = me
def __init__(self, session_key=None):
"""
[MS-PSRP] 2.2.2.4 ENCRYPTED_SESSION_KEY Message
https://msdn.microsoft.com/en-us/library/dd644930.aspx
:param session_key: The 256-bit key for AES encryption that has been
encrypted using the public key from the PUBLIC_KEY message using
the RSAES-PKCS-v1_5 encryption scheme and then Base64 formatted.
"""
super(EncryptedSessionKey, self).__init__()
self._extended_properties = (('session_key',
ObjectMeta(
"S", name="EncryptedSessionKey")), )
self.session_key = session_key
def __init__(
self,
names: typing.Optional[typing.List[str]] = None,
command_type: typing.Optional[int] = None,
namespace: typing.Optional[typing.List[str]] = None,
argument_list: typing.Optional[typing.List] = None,
) -> None:
"""
[MS-PSRP] 2.2.2.14 GET_COMMAND_METADATA Message
https://msdn.microsoft.com/en-us/library/ee175985.aspx
:param names:
:param command_type:
:param namespace:
:param argument_list:
"""
super(GetCommandMetadata, self).__init__()
self._extended_properties = (
(
"names",
ListMeta(
name="Name",
list_value_meta=ObjectMeta("S"),
list_types=[
"System.String[]", "System.Array", "System.Object"
],
),
),
("command_type", ObjectMeta(name="CommandType",
object=CommandType)),
("namespace", ObjectMeta(name="Namespace")),
("argument_list", ListMeta(name="ArgumentList")),
)
self.names = names
self.command_type = command_type
self.namespace = namespace
self.argument_list = argument_list
