pwncat.facts.windows module¶
Windows-specific facts which are used in multiple places throughout the framework.
- flag pwncat.facts.windows.LuidAttribute(value)¶
Bases:
enum.IntFlag
An enumeration.
- Member Type
int
Valid values are as follows:
- DISABLED = <LuidAttribute.DISABLED: 0>¶
- SE_PRIVILEGE_ENABLED_BY_DEFAULT = <LuidAttribute.SE_PRIVILEGE_ENABLED_BY_DEFAULT: 1>¶
- SE_PRIVILEGE_ENABLED = <LuidAttribute.SE_PRIVILEGE_ENABLED: 2>¶
- SE_PRIVILEGE_REMOVED = <LuidAttribute.SE_PRIVILEGE_REMOVED: 4>¶
- SE_PRIVILEGE_USED_FOR_ACCESS = <LuidAttribute.SE_PRIVILEGE_USED_FOR_ACCESS: 2147483648>¶
- class pwncat.facts.windows.ProcessTokenPrivilege(source: str, name: str, attributes: int, handle: int, pid: int)¶
Bases:
pwncat.db.Fact
Describes a specific privilege
- title(session: pwncat.manager.Session)¶
Return a short-form description/title of the object. If not defined, this defaults to the object converted to a string.
- class pwncat.facts.windows.UserToken(source: str, uid: str, token: int)¶
Bases:
pwncat.facts.ability.ExecuteAbility
- can_impersonate(session: pwncat.manager.Session)¶
Test if the current session can impersonate tokens
- shell(session: pwncat.manager.Session) Callable[[pwncat.manager.Session], None] ¶
Execute a new shell as the specified user. In this case, just impersonate the user.
- title(session: pwncat.manager.Session)¶
Return a short-form description/title of the object. If not defined, this defaults to the object converted to a string.
- class pwncat.facts.windows.WindowsGroup(source: str, name: str, gid: str, description: str, principal_source: str, members: List[str], domain: Optional[str] = None)¶
Bases:
pwncat.facts.Group
Windows-specific group. This augments the
Group
class.- Parameters
source (str) – the generating module
name (str) – the group name
gid (str) – the group SID
description (str) – description for this group
principal_source (str) – honestly, again, I have no clue
members (List[str]) – list of SIDs for group members
- class pwncat.facts.windows.WindowsUser(source: str, name: str, uid: str, account_expires: Optional[datetime.datetime], description: str, enabled: bool, full_name: str, password_changeable_date: Optional[datetime.datetime], password_expires: Optional[datetime.datetime], user_may_change_password: bool, password_required: bool, password_last_set: Optional[datetime.datetime], last_logon: Optional[datetime.datetime], principal_source: str, password: Optional[str] = None, hash: Optional[str] = None, well_known: bool = False)¶
Bases:
pwncat.facts.User
Windows-specific user data. This augments the
User
class.- Parameters
source (str) – the generating module
name (str) – the name of the user
uid (str) – the user identifier
account_expires (Optional[datetime]) – the date/time when the account expires
description (str) – description for this account
enabled (bool) – whether this account is enabled
full_name (str) – the full name of the user
password_changeable_date (Optional[datetime]) – the date/time when the password is changeable
password_expires (Optional[datetime]) – the date/time when the password expires
user_may_change_password (bool) – whether the user can change their own password
password_required (bool) – whether the password is required for login
password_last_set (Optional[datetime]) – when the password was last changed
last_logon (Optional[datetime]) – the last time the user logged in
principal_source (str) – honestly, I’m not sure
password (Optional[str] = None) – the user’s password if known
hash (Optional[str] = None) – the user’s password hash if known