Fixed some linter issues

author: Bryan McNulty <bryanmcnulty@protonmail.com> 2025-04-26 05:12:13 -0500
committer: Bryan McNulty <bryanmcnulty@protonmail.com> 2025-04-26 05:12:13 -0500
commit: 9d2a16e16d21bcfed1da89001b095776261d790b (patch)
tree: 1a48264072a8fcd0ad2ae78d96db53b7ff91d727 /pkg
parent: e860eced799e64ebff56012a7655155d26b3a2a2 (diff)
download: goexec-9d2a16e16d21bcfed1da89001b095776261d790b.tar.gz
goexec-9d2a16e16d21bcfed1da89001b095776261d790b.zip
3 files changed, 122 insertions, 124 deletions
diff --git a/pkg/goexec/scmr/scmr.go b/pkg/goexec/scmr/scmr.go
index 4831ac7..696415b 100644
--- a/pkg/goexec/scmr/scmr.go
+++ b/pkg/goexec/scmr/scmr.go
@@ -42,10 +42,10 @@ const (
      SERVICE_STOPPED          uint32 = 0x00000001
   */
 
-  ServiceDeleteAccess uint32 = ServiceDelete
-  ServiceModifyAccess uint32 = ServiceQueryConfig | ServiceChangeConfig | ServiceStop | ServiceStart | ServiceDelete
-  ServiceCreateAccess uint32 = ScManagerCreateService | ServiceStart | ServiceStop | ServiceDelete
-  ServiceAllAccess    uint32 = ServiceCreateAccess | ServiceModifyAccess
+  ServiceDeleteAccess = ServiceDelete
+  ServiceModifyAccess = ServiceQueryConfig | ServiceChangeConfig | ServiceStop | ServiceStart | ServiceDelete
+  ServiceCreateAccess = ScManagerCreateService | ServiceStart | ServiceStop | ServiceDelete
+  ServiceAllAccess    = ServiceCreateAccess | ServiceModifyAccess
 )
 
 type service struct {
diff --git a/pkg/goexec/tsch/task/action.go b/pkg/goexec/tsch/task/action.go
index de6c29f..903c633 100644
--- a/pkg/goexec/tsch/task/action.go
+++ b/pkg/goexec/tsch/task/action.go
@@ -85,7 +85,7 @@ type ShowMessageAction struct {
 
 // NamedValues holds zero or more <Value name="…">…</Value> entries.
 type NamedValues struct {
-  XMLName xml.Name     `xml:"HeaderFields"`
+  XMLName xml.Name     //`xml:"HeaderFields"`
   Value   []NamedValue `xml:"Value"`
 }
 
diff --git a/pkg/goexec/wmi/module.go b/pkg/goexec/wmi/module.go
index 90bbaa8..0aedd7e 100644
--- a/pkg/goexec/wmi/module.go
+++ b/pkg/goexec/wmi/module.go
@@ -1,141 +1,139 @@
 package wmiexec
 
 import (
-	"context"
-	"errors"
-	"fmt"
-	"github.com/FalconOpsLLC/goexec/pkg/goexec"
-	"github.com/FalconOpsLLC/goexec/pkg/goexec/dce"
-	"github.com/oiweiwei/go-msrpc/dcerpc"
-	"github.com/oiweiwei/go-msrpc/msrpc/dcom"
-	"github.com/oiweiwei/go-msrpc/msrpc/dcom/iactivation/v0"
-	"github.com/oiweiwei/go-msrpc/msrpc/dcom/wmi"
-	"github.com/oiweiwei/go-msrpc/msrpc/dcom/wmi/iwbemlevel1login/v0"
-	"github.com/oiweiwei/go-msrpc/msrpc/dcom/wmi/iwbemservices/v0"
-	"github.com/oiweiwei/go-msrpc/msrpc/dcom/wmio/query"
-	"github.com/rs/zerolog"
+  "context"
+  "errors"
+  "fmt"
+  "github.com/FalconOpsLLC/goexec/pkg/goexec"
+  "github.com/FalconOpsLLC/goexec/pkg/goexec/dce"
+  "github.com/oiweiwei/go-msrpc/dcerpc"
+  "github.com/oiweiwei/go-msrpc/msrpc/dcom"
+  "github.com/oiweiwei/go-msrpc/msrpc/dcom/iactivation/v0"
+  "github.com/oiweiwei/go-msrpc/msrpc/dcom/wmi"
+  "github.com/oiweiwei/go-msrpc/msrpc/dcom/wmi/iwbemlevel1login/v0"
+  "github.com/oiweiwei/go-msrpc/msrpc/dcom/wmi/iwbemservices/v0"
+  "github.com/oiweiwei/go-msrpc/msrpc/dcom/wmio/query"
+  "github.com/rs/zerolog"
 )
 
 const (
-	ModuleName      = "WMI"
-	DefaultEndpoint = "ncacn_ip_tcp:[135]"
+  ModuleName      = "WMI"
+  DefaultEndpoint = "ncacn_ip_tcp:[135]"
 )
 
 type Wmi struct {
-	goexec.Cleaner
-	Client *dce.Client
+  goexec.Cleaner
+  Client *dce.Client
 
-	Resource string
+  Resource string
 
-	servicesClient iwbemservices.ServicesClient
+  servicesClient iwbemservices.ServicesClient
 }
 
 func (m *Wmi) Connect(ctx context.Context) (err error) {
 
-	if err = m.Client.Connect(ctx); err == nil {
-		m.AddCleaners(m.Client.Close)
-	}
-	return
+  if err = m.Client.Connect(ctx); err == nil {
+    m.AddCleaners(m.Client.Close)
+  }
+  return
 }
 
 func (m *Wmi) Init(ctx context.Context) (err error) {
 
-	log := zerolog.Ctx(ctx).With().
-		Str("module", ModuleName).Logger()
-
-	if m.Client == nil || m.Client.Dce() == nil {
-		return errors.New("DCE connection not initialized")
-	}
-
-	actClient, err := iactivation.NewActivationClient(ctx, m.Client.Dce())
-	if err != nil {
-		log.Error().Err(err).Msg("Failed to initialize IActivation client")
-		return fmt.Errorf("create IActivation client: %w", err)
-	}
-
-	actResponse, err := actClient.RemoteActivation(ctx, &iactivation.RemoteActivationRequest{
-		ORPCThis:                   ORPCThis,
-		ClassID:                    wmi.Level1LoginClassID.GUID(),
-		IIDs:                       []*dcom.IID{iwbemlevel1login.Level1LoginIID},
-		RequestedProtocolSequences: []uint16{ProtocolSequenceRPC}, // FEATURE: Named pipe support?
-	})
-	if err != nil {
-		log.Error().Err(err).Msg("Failed to activate remote object")
-		return fmt.Errorf("request remote activation: %w", err)
-	}
-	if actResponse.HResult != 0 {
-		return fmt.Errorf("remote activation failed with code %d", actResponse.HResult)
-	}
-
-	log.Info().Msg("Remote activation succeeded")
-
-	var newOpts []dcerpc.Option
-
-	for _, bind := range actResponse.OXIDBindings.GetStringBindings() {
-		stringBinding, err := dcerpc.ParseStringBinding("ncacn_ip_tcp:" + bind.NetworkAddr) // TODO: try bind.String()
-
-		if err != nil {
-			log.Debug().Err(err).Msg("Failed to parse string binding")
-			continue
-		}
-		stringBinding.NetworkAddress = m.Client.Target.AddressWithoutPort()
-		newOpts = append(newOpts, dcerpc.WithEndpoint(stringBinding.String()))
-	}
-
-	if err = m.Client.Reconnect(ctx, newOpts...); err != nil {
-		log.Error().Err(err).Msg("Failed to connect to remote instance")
-		return fmt.Errorf("connect remote instance: %w", err)
-	}
-
-	log.Info().Msg("Connected to remote instance")
-
-	ipid := actResponse.InterfaceData[0].GetStandardObjectReference().Std.IPID
-	loginClient, err := iwbemlevel1login.NewLevel1LoginClient(ctx, m.Client.Dce(), dcom.WithIPID(ipid))
-
-	if err != nil {
-		log.Error().Err(err).Msg("Failed to create IWbemLevel1Login client")
-		return fmt.Errorf("create IWbemLevel1Login client: %w", err)
-	}
-
-	login, err := loginClient.NTLMLogin(ctx, &iwbemlevel1login.NTLMLoginRequest{
-		This:            ORPCThis,
-		NetworkResource: m.Resource,
-	})
-
-	log.Info().Msg("Completed NTLMLogin operation")
-
-	if err != nil {
-		log.Error().Err(err).Msg("Failed to login on remote instance")
-		return fmt.Errorf("login: IWbemLevel1Login::NTLMLogin: %w", err)
-	}
-
-	ipid = login.Namespace.InterfacePointer().IPID()
-	m.servicesClient, err = iwbemservices.NewServicesClient(ctx, m.Client.Dce(), dcom.WithIPID(ipid))
-
-	if err != nil {
-		log.Error().Err(err).Msg("Failed to create services client")
-		return fmt.Errorf("create IWbemServices client: %w", err)
-	}
-
-	log.Info().Msg("Initialized services client")
-
-	return
+  log := zerolog.Ctx(ctx).With().
+    Str("module", ModuleName).Logger()
+
+  if m.Client == nil || m.Client.Dce() == nil {
+    return errors.New("DCE connection not initialized")
+  }
+
+  actClient, err := iactivation.NewActivationClient(ctx, m.Client.Dce())
+  if err != nil {
+    log.Error().Err(err).Msg("Failed to initialize IActivation client")
+    return fmt.Errorf("create IActivation client: %w", err)
+  }
+
+  actResponse, err := actClient.RemoteActivation(ctx, &iactivation.RemoteActivationRequest{
+    ORPCThis:                   ORPCThis,
+    ClassID:                    wmi.Level1LoginClassID.GUID(),
+    IIDs:                       []*dcom.IID{iwbemlevel1login.Level1LoginIID},
+    RequestedProtocolSequences: []uint16{ProtocolSequenceRPC}, // FEATURE: Named pipe support?
+  })
+  if err != nil {
+    log.Error().Err(err).Msg("Failed to activate remote object")
+    return fmt.Errorf("request remote activation: %w", err)
+  }
+  if actResponse.HResult != 0 {
+    return fmt.Errorf("remote activation failed with code %d", actResponse.HResult)
+  }
+
+  log.Info().Msg("Remote activation succeeded")
+
+  var newOpts []dcerpc.Option
+
+  for _, bind := range actResponse.OXIDBindings.GetStringBindings() {
+    stringBinding, err := dcerpc.ParseStringBinding("ncacn_ip_tcp:" + bind.NetworkAddr) // TODO: try bind.String()
+
+    if err != nil {
+      log.Debug().Err(err).Msg("Failed to parse string binding")
+      continue
+    }
+    stringBinding.NetworkAddress = m.Client.Target.AddressWithoutPort()
+    newOpts = append(newOpts, dcerpc.WithEndpoint(stringBinding.String()))
+  }
+
+  if err = m.Client.Reconnect(ctx, newOpts...); err != nil {
+    log.Error().Err(err).Msg("Failed to connect to remote instance")
+    return fmt.Errorf("connect remote instance: %w", err)
+  }
+
+  log.Info().Msg("Connected to remote instance")
+
+  ipid := actResponse.InterfaceData[0].GetStandardObjectReference().Std.IPID
+  loginClient, err := iwbemlevel1login.NewLevel1LoginClient(ctx, m.Client.Dce(), dcom.WithIPID(ipid))
+
+  if err != nil {
+    log.Error().Err(err).Msg("Failed to create IWbemLevel1Login client")
+    return fmt.Errorf("create IWbemLevel1Login client: %w", err)
+  }
+
+  login, err := loginClient.NTLMLogin(ctx, &iwbemlevel1login.NTLMLoginRequest{
+    This:            ORPCThis,
+    NetworkResource: m.Resource,
+  })
+
+  log.Info().Msg("Completed NTLMLogin operation")
+
+  if err != nil {
+    log.Error().Err(err).Msg("Failed to login on remote instance")
+    return fmt.Errorf("login: IWbemLevel1Login::NTLMLogin: %w", err)
+  }
+
+  ipid = login.Namespace.InterfacePointer().IPID()
+  m.servicesClient, err = iwbemservices.NewServicesClient(ctx, m.Client.Dce(), dcom.WithIPID(ipid))
+
+  if err != nil {
+    log.Error().Err(err).Msg("Failed to create services client")
+    return fmt.Errorf("create IWbemServices client: %w", err)
+  }
+
+  log.Info().Msg("Initialized services client")
+
+  return
 }
 
-func (m *Wmi) query(ctx context.Context, class, method string, values map[string]any) (outValues map[string]any, err error) {
-	outValues = make(map[string]any)
-
-	if m.servicesClient == nil {
-		return nil, errors.New("module has not been initialized")
-	}
-	if out, err := query.NewBuilder(ctx, m.servicesClient, ComVersion).
-		Spawn(class).   // The class to instantiate (i.e., Win32_Process)
-		Method(method). // The method to call (i.e., Create)
-		Values(values). // The values to pass to method
-		Exec().
-		Object(); err == nil {
-		return out.Values(), err
-	} else {
-		return nil, fmt.Errorf("spawn WMI query: %w", err)
-	}
+func (m *Wmi) query(ctx context.Context, class, method string, values map[string]any) (map[string]any, error) {
+  if m.servicesClient == nil {
+    return nil, errors.New("module has not been initialized")
+  }
+  if out, err := query.NewBuilder(ctx, m.servicesClient, ComVersion).
+    Spawn(class). // The class to instantiate (i.e., Win32_Process)
+    Method(method). // The method to call (i.e., Create)
+    Values(values). // The values to pass to method
+    Exec().
+    Object(); err == nil {
+    return out.Values(), err
+  } else {
+    return nil, fmt.Errorf("spawn WMI query: %w", err)
+  }
 }
author	Bryan McNulty <bryanmcnulty@protonmail.com>	2025-04-26 05:12:13 -0500
committer	Bryan McNulty <bryanmcnulty@protonmail.com>	2025-04-26 05:12:13 -0500
commit	9d2a16e16d21bcfed1da89001b095776261d790b (patch)
tree	1a48264072a8fcd0ad2ae78d96db53b7ff91d727 /pkg
parent	e860eced799e64ebff56012a7655155d26b3a2a2 (diff)
download	goexec-9d2a16e16d21bcfed1da89001b095776261d790b.tar.gz goexec-9d2a16e16d21bcfed1da89001b095776261d790b.zip