WinPwn Non-interactive PowerShell Session about winpwn HOT 15 CLOSED

There were two more bugs which should now be fixed. It will take a long time to run now if you have multiple Drives connected to a system. But it should not be nessesary to press enter or anything anytime.

Theese bugs were not only in the noninteractive WinPwn so thank you for the hint. :-)

from winpwn.

I will merge it there but i didn´t have enough time the last days/weeks. Some patience ;-)

from winpwn.

8196cca

I´ll close this now. If you think important checks should be added for the noninteractive switch feel free to comment.

from winpwn.

There is basically no big difference between PowerSharpPack and WinPwn. Both are using functions and can be loaded into memory. If you cant display the menu if WinPwn for example you could use the explicit function for every step.

Its not working if you use an asynchronous C2-Server if you mean that.

from winpwn.

I am using poshc2 which is not interactive session. It loads scripts fine but doesn't display menu. What can I do to load with winpwn and execute functions? Since the menu talks about pressing 1,2,3 for executing commands.

from winpwn.

In powersharppack, I can load the script in memory and call on functions with arguments so it works fine in poshc2 and in my scenario. Does that makes sense?

from winpwn.

I won’t modify the script for this use case because I wanted it to be very easy and fast to use. The Menu and interaction with the user will not be possible with an asynchronous C2.

If you look at the script source code for the menu and for the submenu you will see that for every number there is a switch case statement and a function lying behind it. If you put those function names for example at the very end of the script they will be automatically executed when the script is loaded. This should fit your needs. But if there is a question which needs a “Yes” or “No” the script will hang at this point. So you would have to modify the questions as well.

I’m using Pupy as C2 most times which has an interactive Shell, so I don’t have this problem atm.

Greetings

from winpwn.

Also WinPwn is not meant to be a run and get everything out of it Tool. It’s use case based. If you need Privilege escalation checks you can run those functions. If you need an overview for a domain you can use domainrecon modules and so on.

It would be possible to split the script in many peaces and integrate those peace’s in an asynchronous C2.

from winpwn.

I thought about it one more time. And I will implement a switch for noninteractive shells. This will result in some limitations - but makes it asynchronous C2 ready.

from winpwn.

Thank you.

from winpwn.

Domainreconmodules, LocalReconmodules and Privesc + C#Magic is now noninteractive. Give it a try and feedback! 👍
For Example: WinPwn -Privesc -noninteractive
I will add more options for other functions this week.

d3f7ed0

from winpwn.

i ran the privesc module..works fine..but the localrecon module gets stuck asking for input for sessiongopher. Thank you again for making this possible. makes life easier having all the modules in one place and run them.

from winpwn.

Oh i forgot about sessiongopher. Should be fixed by now :)

from winpwn.

i tried to run it few times...sometimes it would just pause and i have to press enter to continue it running. Also, i am seeing this error in the attached image.

from winpwn.

Can this also be incorporated in your offline version

from winpwn.