Bug fixes, +`dcom shellwindows` +`dcom shellbrowserwindow` (#17)HEAD main

* Negotiate (not force) highest SMB dialect * Fixed some issues with SMB client * `dcom`: new method: `shellwindows` * Update gitignore * TODO: new feature ideas, check ShellWindows * `dcom`: new method: `shellbrowserwindow` * update README.md with DCOM ShellWindows & ShellBrowserWindow modules. * Tweaks to shellbrowserwindow.go * Bumped adauth to v0.3.0 + other deps
author: Bryan McNulty <bryan@falconops.com> 2025-05-06 17:14:13 -0500
committer: GitHub <noreply@github.com> 2025-05-06 17:14:13 -0500
commit: 19af8d591a224cb104996a50935a8f4b1643a3a1 (patch)
tree: efadc3b5c58820e686b74f49dd01bd9993baf3af /cmd/args.go
parent: 10eee0ed28ecf5f22967a935e3596000e75cd63e (diff)
download: goexec-main.tar.gz
goexec-main.zip
1 files changed, 103 insertions, 87 deletions
diff --git a/cmd/args.go b/cmd/args.go
index 40b9701..f33cc5b 100644
--- a/cmd/args.go
+++ b/cmd/args.go
@@ -1,32 +1,33 @@
 package cmd
 
 import (
-  "context"
-  "errors"
-  "fmt"
-  "github.com/spf13/cobra"
-  "github.com/spf13/pflag"
-  "os"
+	"context"
+	"encoding/json"
+	"errors"
+	"fmt"
+	"github.com/spf13/cobra"
+	"github.com/spf13/pflag"
+	"os"
 )
 
 func registerLoggingFlags(fs *pflag.FlagSet) {
-  fs.SortFlags = false
-  fs.BoolVarP(&logDebug, "debug", "D", false, "Enable debug logging")
-  fs.StringVarP(&logOutput, "log-file", "O", "", "Write JSON logging output to `file`")
-  fs.BoolVarP(&logJson, "json", "j", false, "Write logging output in JSON lines")
-  fs.BoolVarP(&logQuiet, "quiet", "q", false, "Disable info logging")
+	fs.SortFlags = false
+	fs.BoolVarP(&logDebug, "debug", "D", false, "Enable debug logging")
+	fs.StringVarP(&logOutput, "log-file", "O", "", "Write JSON logging output to `file`")
+	fs.BoolVarP(&logJson, "json", "j", false, "Write logging output in JSON lines")
+	fs.BoolVarP(&logQuiet, "quiet", "q", false, "Disable info logging")
 }
 
 func registerNetworkFlags(fs *pflag.FlagSet) {
-  fs.StringVarP(&proxy, "proxy", "x", "", "Proxy `URI`")
-  fs.StringVarP(&rpcClient.Filter, "epm-filter", "F", "", "String binding to filter endpoints returned by the RPC endpoint mapper (EPM)")
-  fs.StringVar(&rpcClient.Endpoint, "endpoint", "", "Explicit RPC endpoint definition")
-  fs.BoolVar(&rpcClient.NoEpm, "no-epm", false, "Do not use EPM to automatically detect RPC endpoints")
-  fs.BoolVar(&rpcClient.NoSign, "no-sign", false, "Disable signing on DCERPC messages")
-  fs.BoolVar(&rpcClient.NoSeal, "no-seal", false, "Disable packet stub encryption on DCERPC messages")
-
-  //cmd.MarkFlagsMutuallyExclusive("endpoint", "epm-filter")
-  //cmd.MarkFlagsMutuallyExclusive("no-epm", "epm-filter")
+	fs.StringVarP(&proxy, "proxy", "x", "", "Proxy `URI`")
+	fs.StringVarP(&rpcClient.Filter, "epm-filter", "F", "", "String binding to filter endpoints returned by the RPC endpoint mapper (EPM)")
+	fs.StringVar(&rpcClient.Endpoint, "endpoint", "", "Explicit RPC endpoint definition")
+	fs.BoolVar(&rpcClient.NoEpm, "no-epm", false, "Do not use EPM to automatically detect RPC endpoints")
+	fs.BoolVar(&rpcClient.NoSign, "no-sign", false, "Disable signing on DCERPC messages")
+	fs.BoolVar(&rpcClient.NoSeal, "no-seal", false, "Disable packet stub encryption on DCERPC messages")
+
+	//cmd.MarkFlagsMutuallyExclusive("endpoint", "epm-filter")
+	//cmd.MarkFlagsMutuallyExclusive("no-epm", "epm-filter")
 }
 
 // FUTURE: automatically stage & execute file
@@ -38,105 +39,120 @@ func registerStageFlags(fs *pflag.FlagSet) {
 */
 
 func registerExecutionFlags(fs *pflag.FlagSet) {
-  fs.StringVarP(&exec.Input.Executable, "exec", "e", "", "Remote Windows executable to invoke")
-  fs.StringVarP(&exec.Input.Arguments, "args", "a", "", "Process command line arguments")
-  fs.StringVarP(&exec.Input.Command, "command", "c", "", "Windows process command line (executable & arguments)")
+	fs.StringVarP(&exec.Input.Executable, "exec", "e", "", "Remote Windows executable to invoke")
+	fs.StringVarP(&exec.Input.Arguments, "args", "a", "", "Process command line arguments")
+	fs.StringVarP(&exec.Input.Command, "command", "c", "", "Windows process command line (executable & arguments)")
 
-  //cmd.MarkFlagsOneRequired("executable", "command")
-  //cmd.MarkFlagsMutuallyExclusive("executable", "command")
+	//cmd.MarkFlagsOneRequired("executable", "command")
+	//cmd.MarkFlagsMutuallyExclusive("executable", "command")
 }
 
 func registerExecutionOutputFlags(fs *pflag.FlagSet) {
-  fs.StringVarP(&outputPath, "out", "o", "", `Fetch execution output to file or "-" for standard output`)
-  fs.StringVarP(&outputMethod, "out-method", "m", "smb", "Method to fetch execution output")
-  //fs.StringVar(&exec.Output.RemotePath, "out-remote", "", "Location to temporarily store output on remote filesystem")
-  fs.BoolVar(&exec.Output.NoDelete, "no-delete-out", false, "Preserve output file on remote filesystem")
+	fs.StringVarP(&outputPath, "out", "o", "", `Fetch execution output to file or "-" for standard output`)
+	fs.StringVarP(&outputMethod, "out-method", "m", "smb", "Method to fetch execution output")
+	//fs.StringVar(&exec.Output.RemotePath, "out-remote", "", "Location to temporarily store output on remote filesystem")
+	fs.BoolVar(&exec.Output.NoDelete, "no-delete-out", false, "Preserve output file on remote filesystem")
 }
 
 func args(reqs ...func(*cobra.Command, []string) error) (fn func(*cobra.Command, []string) error) {
-  return func(cmd *cobra.Command, args []string) (err error) {
-
-    for _, req := range reqs {
-      if err = req(cmd, args); err != nil {
-        return
-      }
-    }
-    return
-  }
+	return func(cmd *cobra.Command, args []string) (err error) {
+
+		for _, req := range reqs {
+			if err = req(cmd, args); err != nil {
+				return
+			}
+		}
+		return
+	}
+}
+
+func argsAcceptValues(name string, in *string, valid ...string) func(*cobra.Command, []string) error {
+	return func(*cobra.Command, []string) error {
+		for _, v := range valid {
+			if *in == v {
+				return nil
+			}
+		}
+		if j, err := json.Marshal(valid); err == nil {
+			return fmt.Errorf("parse %s: %q doesn't match any accepted values: %s", name, *in, string(j))
+		} else {
+			return err
+		}
+	}
 }
 
 func argsTarget(proto string) func(cmd *cobra.Command, args []string) error {
 
-  return func(cmd *cobra.Command, args []string) (err error) {
+	return func(cmd *cobra.Command, args []string) (err error) {
 
-    if len(args) != 1 {
-      return errors.New("command require exactly one positional argument: [target]")
-    }
+		if len(args) != 1 {
+			return errors.New("command require exactly one positional argument: [target]")
+		}
 
-    if credential, target, err = adAuthOpts.WithTarget(context.TODO(), proto, args[0]); err != nil {
-      return fmt.Errorf("failed to parse target: %w", err)
-    }
+		if credential, target, err = adAuthOpts.WithTarget(context.TODO(), proto, args[0]); err != nil {
+			return fmt.Errorf("failed to parse target: %w", err)
+		}
 
-    if credential == nil {
-      return errors.New("no credentials supplied")
-    }
-    if target == nil {
-      return errors.New("no target supplied")
-    }
-    return
-  }
+		if credential == nil {
+			return errors.New("no credentials supplied")
+		}
+		if target == nil {
+			return errors.New("no target supplied")
+		}
+		return
+	}
 }
 
 func argsSmbClient() func(cmd *cobra.Command, args []string) error {
-  return args(
-    argsTarget("cifs"),
+	return args(
+		argsTarget("cifs"),
 
-    func(_ *cobra.Command, _ []string) error {
+		func(_ *cobra.Command, _ []string) error {
 
-      smbClient.Credential = credential
-      smbClient.Target = target
-      smbClient.Proxy = proxy
+			smbClient.Credential = credential
+			smbClient.Target = target
+			smbClient.Proxy = proxy
 
-      return smbClient.Parse(context.TODO())
-    },
-  )
+			return smbClient.Parse(context.TODO())
+		},
+	)
 }
 
 func argsRpcClient(proto string) func(cmd *cobra.Command, args []string) error {
-  return args(
-    argsTarget(proto),
+	return args(
+		argsTarget(proto),
 
-    func(cmd *cobra.Command, args []string) (err error) {
+		func(cmd *cobra.Command, args []string) (err error) {
 
-      rpcClient.Target = target
-      rpcClient.Credential = credential
-      rpcClient.Proxy = proxy
+			rpcClient.Target = target
+			rpcClient.Credential = credential
+			rpcClient.Proxy = proxy
 
-      return rpcClient.Parse(context.TODO())
-    },
-  )
+			return rpcClient.Parse(context.TODO())
+		},
+	)
 }
 
 func argsOutput(methods ...string) func(cmd *cobra.Command, args []string) error {
 
-  var as []func(*cobra.Command, []string) error
+	var as []func(*cobra.Command, []string) error
 
-  for _, method := range methods {
-    if method == "smb" {
-      as = append(as, argsSmbClient())
-    }
-  }
+	for _, method := range methods {
+		if method == "smb" {
+			as = append(as, argsSmbClient())
+		}
+	}
 
-  return args(append(as, func(*cobra.Command, []string) (err error) {
+	return args(append(as, func(*cobra.Command, []string) (err error) {
 
-    if outputPath != "" {
-      if outputPath == "-" {
-        exec.Output.Writer = os.Stdout
+		if outputPath != "" {
+			if outputPath == "-" {
+				exec.Output.Writer = os.Stdout
 
-      } else if exec.Output.Writer, err = os.OpenFile(outputPath, os.O_WRONLY|os.O_CREATE|os.O_TRUNC, 0644); err != nil {
-        log.Fatal().Err(err).Msg("Failed to open output file")
-      }
-    }
-    return
-  })...)
+			} else if exec.Output.Writer, err = os.OpenFile(outputPath, os.O_WRONLY|os.O_CREATE|os.O_TRUNC, 0644); err != nil {
+				log.Fatal().Err(err).Msg("Failed to open output file")
+			}
+		}
+		return
+	})...)
 }
author	Bryan McNulty <bryan@falconops.com>	2025-05-06 17:14:13 -0500
committer	GitHub <noreply@github.com>	2025-05-06 17:14:13 -0500
commit	19af8d591a224cb104996a50935a8f4b1643a3a1 (patch)
tree	efadc3b5c58820e686b74f49dd01bd9993baf3af /cmd/args.go
parent	10eee0ed28ecf5f22967a935e3596000e75cd63e (diff)
download	goexec-main.tar.gz goexec-main.zip