`dcom`: new method: `shellbrowserwindow`

1 files changed, 55 insertions, 9 deletions

diff --git a/cmd/dcom.go b/cmd/dcom.go
index 1234b12..30c32bc 100644
--- a/cmd/dcom.go
+++ b/cmd/dcom.go
@@ -16,11 +16,12 @@ func dcomCmdInit() {
 	}
 	dcomMmcCmdInit()
 	dcomShellWindowsCmdInit()
+	dcomShellBrowserWindowCmdInit()
 
 	dcomCmd.PersistentFlags().AddFlagSet(defaultAuthFlags.Flags)
 	dcomCmd.PersistentFlags().AddFlagSet(defaultLogFlags.Flags)
 	dcomCmd.PersistentFlags().AddFlagSet(defaultNetRpcFlags.Flags)
-	dcomCmd.AddCommand(dcomMmcCmd, dcomShellWindowsCmd)
+	dcomCmd.AddCommand(dcomMmcCmd, dcomShellWindowsCmd, dcomShellBrowserWindowCmd)
 }
 
 func dcomMmcCmdInit() {
@@ -41,9 +42,7 @@ func dcomMmcCmdInit() {
 	dcomMmcCmd.Flags().AddFlagSet(dcomMmcExecFlags.Flags)
 
 	// Constraints
-	{
-		dcomMmcCmd.MarkFlagsOneRequired("command", "exec")
-	}
+	dcomMmcCmd.MarkFlagsOneRequired("command", "exec")
 }
 
 func dcomShellWindowsCmdInit() {
@@ -64,14 +63,34 @@ func dcomShellWindowsCmdInit() {
 	dcomShellWindowsCmd.Flags().AddFlagSet(dcomShellWindowsExecFlags.Flags)
 
 	// Constraints
-	{
-		dcomShellWindowsCmd.MarkFlagsOneRequired("command", "exec")
+	dcomShellWindowsCmd.MarkFlagsOneRequired("command", "exec")
+}
+
+func dcomShellBrowserWindowCmdInit() {
+	dcomShellBrowserWindowExecFlags := newFlagSet("Execution")
+
+	registerExecutionFlags(dcomShellBrowserWindowExecFlags.Flags)
+	registerExecutionOutputFlags(dcomShellBrowserWindowExecFlags.Flags)
+
+	dcomShellBrowserWindowExecFlags.Flags.StringVar(&dcomShellBrowserWindow.WorkingDirectory, "directory", `C:\`, "Working `directory`")
+	dcomShellBrowserWindowExecFlags.Flags.StringVar(&dcomShellBrowserWindow.WindowState, "app-window", "0", "Application window state `ID`")
+
+	cmdFlags[dcomShellBrowserWindowCmd] = []*flagSet{
+		dcomShellBrowserWindowExecFlags,
+		defaultAuthFlags,
+		defaultLogFlags,
+		defaultNetRpcFlags,
 	}
+	dcomShellBrowserWindowCmd.Flags().AddFlagSet(dcomShellBrowserWindowExecFlags.Flags)
+
+	// Constraints
+	dcomShellBrowserWindowCmd.MarkFlagsOneRequired("command", "exec")
 }
 
 var (
-	dcomMmc          dcomexec.DcomMmc
-	dcomShellWindows dcomexec.DcomShellWindows
+	dcomMmc                dcomexec.DcomMmc
+	dcomShellWindows       dcomexec.DcomShellWindows
+	dcomShellBrowserWindow dcomexec.DcomShellBrowserWindow
 
 	dcomCmd = &cobra.Command{
 		Use:   "dcom",
@@ -114,7 +133,7 @@ var (
 		Short: "Execute with the ShellWindows DCOM object",
 		Long: `Description:
   The shellwindows method uses the exposed ShellWindows DCOM object on older Windows installations
-  to call Item().Document.Application.ShellExecute, and spawn the specified process.`,
+  to call Item().Document.Application.ShellExecute, and spawn the provided process.`,
 		Args: args(
 			argsRpcClient("host"),
 			argsOutput("smb"),
@@ -135,4 +154,31 @@ var (
 			}
 		},
 	}
+
+	dcomShellBrowserWindowCmd = &cobra.Command{
+		Use:   "shellbrowserwindow [target]",
+		Short: "Execute with the ShellBrowserWindow DCOM object",
+		Long: `Description:
+  The shellbrowserwindow method uses the exposed ShellBrowserWindow DCOM object on older Windows installations
+  to call Document.Application.ShellExecute, and spawn the provided process.`,
+		Args: args(
+			argsRpcClient("host"),
+			argsOutput("smb"),
+			argsAcceptValues("app-window", &dcomShellBrowserWindow.WindowState, "0", "1", "2", "3", "4", "5", "7", "10"),
+		),
+		Run: func(cmd *cobra.Command, args []string) {
+			dcomShellBrowserWindow.Client = &rpcClient
+			dcomShellBrowserWindow.IO = exec
+			dcomShellBrowserWindow.ClassID = dcomexec.ShellBrowserWindowUuid
+
+			ctx := log.With().
+				Str("module", dcomexec.ModuleName).
+				Str("method", dcomexec.MethodShellBrowserWindow).
+				Logger().WithContext(gssapi.NewSecurityContext(context.Background()))
+
+			if err := goexec.ExecuteCleanMethod(ctx, &dcomShellBrowserWindow, &exec); err != nil {
+				log.Fatal().Err(err).Msg("Operation failed")
+			}
+		},
+	}
 )