CalvinBackup/CyberStrikeAI
1
0
Fork 0
mirror of https://github.com/Ed1s0nZ/CyberStrikeAI.git synced 2026-03-31 00:09:29 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
main
CyberStrikeAI/tools/rpcclient.yaml
公明 832dbb2cd4 Add files via upload
2025-11-21 23:20:41 +08:00

116 lines
2.7 KiB
YAML
Raw Permalink Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
name: "rpcclient"
command: "python3"
args:
- "-c"
- |
import shlex
import subprocess
import sys
if len(sys.argv) < 2:
sys.stderr.write("缺少目标地址\n")
sys.exit(1)
target = sys.argv[1]
username = sys.argv[2] if len(sys.argv) > 2 else ""
password = sys.argv[3] if len(sys.argv) > 3 else ""
domain = sys.argv[4] if len(sys.argv) > 4 else ""
commands = sys.argv[5] if len(sys.argv) > 5 else ""
extra = sys.argv[6] if len(sys.argv) > 6 else ""
cmd = ["rpcclient"]
if username:
cred = username
if password:
cred = f"{username}%{password}"
cmd.extend(["-U", cred])
elif password:
# 如果只提供了密码,仍然尝试以空用户名连接
cmd.extend(["-U", f"%{password}"])
if domain:
cmd.extend(["-W", domain])
if commands:
cmd.extend(["-c", commands])
if extra:
cmd.extend(shlex.split(extra))
cmd.append(target)
proc = subprocess.run(cmd, capture_output=True, text=True)
if proc.stdout:
sys.stdout.write(proc.stdout)
if proc.stderr:
sys.stderr.write(proc.stderr)
sys.exit(proc.returncode)
enabled: true
short_description: "RPC枚举工具"
description: |
Rpcclient是一个RPC客户端工具用于枚举Windows/Samba系统信息。
**主要功能:**
- RPC枚举
- 用户和组枚举
- 域信息查询
- 系统信息收集
**使用场景:**
- Windows系统渗透测试
- Samba枚举
- 域环境侦察
- 安全测试
parameters:
- name: "target"
type: "string"
description: "目标IP地址"
required: true
position: 0
format: "positional"
- name: "username"
type: "string"
description: "用户名"
required: false
default: ""
position: 1
format: "positional"
- name: "password"
type: "string"
description: "密码"
required: false
default: ""
position: 2
format: "positional"
- name: "domain"
type: "string"
description: "域名"
required: false
default: ""
position: 3
format: "positional"
- name: "commands"
type: "string"
description: "RPC命令分号分隔"
required: false
default: "enumdomusers;enumdomgroups;querydominfo"
position: 4
format: "positional"
- name: "additional_args"
type: "string"
description: |
额外的rpcclient参数。用于传递未在参数列表中定义的rpcclient选项。
**示例值:**
- 根据工具特性添加常用参数示例
**注意事项:**
- 多个参数用空格分隔
- 确保参数格式正确,避免命令注入
- 此参数会直接追加到命令末尾
required: false
default: ""
position: 5
format: "positional"
Reference in New Issue View Git Blame Copy Permalink