WinPwnage
WinPwnage copied to clipboard
rootm0s
The to-do list
The to-do list:
- [x] Update all the "print_" messages so they make more sense
- [x] Update all function descriptions so they are correct
- [x] Update README
- [x] A better way to do cleanup. Right now.. if function returns False in early stage, this prevents the cleanup in most of the functions. (Fixed in: https://github.com/rootm0s/WinPwnage/commit/f8dd0a67e868fe8e8a7fa11dd12ffac2012b2572)
- [x] Restructure winstructures, it's all messy right now
- [x] Convert the code to python3 but keep python2 support so Pupy (https://github.com/n1nj4sec/pupy) can work
- [x] Add automated testing (Travis CI, AppVeyor, etc.)
- [x] Replace all
sys.argv[]calls frommain.pyand use argparse instead (Fixed in: https://github.com/rootm0s/WinPwnage/commit/7de41468b26de7b605b7f70ae33db82d4487793c) - [x] Deprecate py2exe support
- [x] Remove py2exe from README
- [x] Add better way to display the scan results
- [x] Change Syntax
winpwnage.pyin README tomain.py - [x] Deprecate DLL based methods/functions
- [x] Remove Python2 support
- [x] Add automated testing (CircleCI, Travis CI, AppVeyor, etc.)?
I do all the testing manually at the moment. I don't use any of those since there's no version-handling on this project. Is it simular to unittest?
These are automated tools that test each pull request before it is reviewed. One of the tests that they could run could be unittests. They could also run other test frameworks (pytest) and linters (pylint, flake8, mypy, etc).
CPython runs several (click Show all checks):
- https://github.com/python/cpython/pull/12472#partial-pull-merging
Followed your steps and merged the PR @cclauss - let me know if I missed something, im new to Travis Ci.
Nice work! So the rule going forward should be: If Travis is not green, the PR should not be merged.
Nice work! So the rule going forward should be: If Travis is not green, the PR should not be merged.
Alright, good to know. Thanks!
You can check the last box in the list above.
Done!
Is it time to check the second last box above?
It is, going too! Thanks for all the help so far. Really appreciated!
Restructure of winstructures is completed in PR https://github.com/rootm0s/WinPwnage/commit/5cd9c8be20bf6b17249f7297bfcde91d6ac0f7d9
Readme got updated in: https://github.com/rootm0s/WinPwnage/commit/c7d895db77ffc532c50e8bc0459e2344e7d245cb
@cclauss Is it possible for Travis-ci to ignore colorama import if it's not being used? And just only colorama.
https://travis-ci.com/github/rootm0s/WinPwnage/jobs/307519521
Edit: Is now fixed.
Added:
- [x] Deprecate DLL based methods/functions
Reason: Cannot support DLL based methods because I don't have the time to create proxy dll's and test existing functions and new functions. These methods are also quite messy in my opinion, payload can get stuck on disk while using UAC bypass method because the DLL was not unloaded correctly.
#53
Used pyinstaller --onefile main.py to make main.exe
Whn i run it: main.exe -scan
C:\Users\Usuari\Desktop\WinPwnage-master\dist>main.exe -scan
[!] Comparing build number (18363) against 'Fixed In' build numbers
Id: Type: Compatible: Description:
No any scan provided
Thanks for help and congrats )
#53
Used pyinstaller --onefile main.py to make main.exe
Whn i run it: main.exe -scan
C:\Users\Usuari\Desktop\WinPwnage-master\dist>main.exe -scan
[!] Comparing build number (18363) against 'Fixed In' build numbers
Id: Type: Compatible: Description:
No any scan provided
Thanks for help and congrats )
You need to specify if you want to search for uac/persist/elevate methods.
main.exe -scan uac
main.exe -scan persist
main.exe -scan elevate
It would be good if the software would display a clear warning if the user forgets to specify a search. Or it could execute a reasonable default.
#53 Used pyinstaller --onefile main.py to make main.exe Whn i run it: main.exe -scan C:\Users\Usuari\Desktop\WinPwnage-master\dist>main.exe -scan [!] Comparing build number (18363) against 'Fixed In' build numbers Id: Type: Compatible: Description: No any scan provided Thanks for help and congrats )
You need to specify if you want to search for uac/persist/elevate methods.
main.exe -scan uacmain.exe -scan persistmain.exe -scan elevate
Hi ) Thanks for answering Tried whith all, ( uac , persist , elevate) but no any scan.
seems maybe soft don't find the scripts to us or similar ?
thnx again
It would be good if the software would display a clear warning if the user forgets to specify a search. Or it could execute a reasonable default.
Agree, would be more user friendly. Or just add it to the README, some scan arguments so people understand how it works.
It does say it expect one more argument if only passing --scan/-s to main.py.
usage: main.py [-h] [-s SCAN [SCAN ...]] [-u USE [USE ...]] [-i ID [ID ...]] [-p PAYLOAD [PAYLOAD ...]] [-r]
main.py: error: argument -s/--scan: expected at least one argument
#53 Used pyinstaller --onefile main.py to make main.exe Whn i run it: main.exe -scan C:\Users\Usuari\Desktop\WinPwnage-master\dist>main.exe -scan [!] Comparing build number (18363) against 'Fixed In' build numbers Id: Type: Compatible: Description: No any scan provided Thanks for help and congrats )
You need to specify if you want to search for uac/persist/elevate methods.
main.exe -scan uacmain.exe -scan persistmain.exe -scan elevateHi ) Thanks for answering Tried whith all, ( uac , persist , elevate) but no any scan.
seems maybe soft don't find the scripts to us or similar ?
thnx again
Create a separate issue here on Github and provide what python version you run, will try to help you.
It works locally here in 3 different VMs, also Travis CI is able to build and use the scan functions. Don't think it's a WinPwnage bug.
It would be good if the software would display a clear warning if the user forgets to specify a search. Or it could execute a reasonable default.
Added some examples to README for now: https://github.com/rootm0s/WinPwnage/commit/a8ddf8465e6caec37debc4ce9be1782387ca7706