pwncat.facts.windows module¶
Windows-specific facts which are used in multiple places throughout the framework.
-
flag
pwncat.facts.windows.
LuidAttribute
(value)¶ Bases:
enum.IntFlag
An enumeration.
- Member Type
int
Valid values are as follows:
-
DISABLED
= <LuidAttribute.DISABLED: 0>¶
-
SE_PRIVILEGE_ENABLED_BY_DEFAULT
= <LuidAttribute.SE_PRIVILEGE_ENABLED_BY_DEFAULT: 1>¶
-
SE_PRIVILEGE_ENABLED
= <LuidAttribute.SE_PRIVILEGE_ENABLED: 2>¶
-
SE_PRIVILEGE_REMOVED
= <LuidAttribute.SE_PRIVILEGE_REMOVED: 4>¶
-
SE_PRIVILEGE_USED_FOR_ACCESS
= <LuidAttribute.SE_PRIVILEGE_USED_FOR_ACCESS: 2147483648>¶
-
class
pwncat.facts.windows.
ProcessTokenPrivilege
(source: str, name: str, attributes: int, handle: int, pid: int)¶ Bases:
pwncat.db.Fact
Describes a specific privilege
-
title
(session: pwncat.manager.Session)¶ Return a short-form description/title of the object. If not defined, this defaults to the object converted to a string.
-
-
class
pwncat.facts.windows.
UserToken
(source: str, uid: str, token: int)¶ Bases:
pwncat.facts.ability.ExecuteAbility
-
can_impersonate
(session: pwncat.manager.Session)¶ Test if the current session can impersonate tokens
-
shell
(session: pwncat.manager.Session) → Callable[[pwncat.manager.Session], None]¶ Execute a new shell as the specified user. In this case, just impersonate the user.
-
title
(session: pwncat.manager.Session)¶ Return a short-form description/title of the object. If not defined, this defaults to the object converted to a string.
-
-
class
pwncat.facts.windows.
WindowsGroup
(source: str, name: str, gid: str, description: str, principal_source: str, members: List[str], domain: Optional[str] = None)¶ Bases:
pwncat.facts.Group
Windows-specific group. This augments the
Group
class.- Parameters
source (str) – the generating module
name (str) – the group name
gid (str) – the group SID
description (str) – description for this group
principal_source (str) – honestly, again, I have no clue
members (List[str]) – list of SIDs for group members
-
class
pwncat.facts.windows.
WindowsUser
(source: str, name: str, uid: str, account_expires: Optional[datetime.datetime], description: str, enabled: bool, full_name: str, password_changeable_date: Optional[datetime.datetime], password_expires: Optional[datetime.datetime], user_may_change_password: bool, password_required: bool, password_last_set: Optional[datetime.datetime], last_logon: Optional[datetime.datetime], principal_source: str, password: Optional[str] = None, hash: Optional[str] = None, well_known: bool = False)¶ Bases:
pwncat.facts.User
Windows-specific user data. This augments the
User
class.- Parameters
source (str) – the generating module
name (str) – the name of the user
uid (str) – the user identifier
account_expires (Optional[datetime]) – the date/time when the account expires
description (str) – description for this account
enabled (bool) – whether this account is enabled
full_name (str) – the full name of the user
password_changeable_date (Optional[datetime]) – the date/time when the password is changeable
password_expires (Optional[datetime]) – the date/time when the password expires
user_may_change_password (bool) – whether the user can change their own password
password_required (bool) – whether the password is required for login
password_last_set (Optional[datetime]) – when the password was last changed
last_logon (Optional[datetime]) – the last time the user logged in
principal_source (str) – honestly, I’m not sure
password (Optional[str] = None) – the user’s password if known
hash (Optional[str] = None) – the user’s password hash if known