[wmi] self review: remove useless 'try catch'

Signed-off-by: XiaoliChan <2209553467@qq.com>
2023-08-30 11:14:16 +08:00 · 2023-08-30 11:14:16 +08:00 · 98f5ca162e
parent 19f0f7cfe2
commit 98f5ca162e
3 changed files with 13 additions and 33 deletions
--- a/cme/protocols/wmi.py
+++ b/cme/protocols/wmi.py
@ -446,28 +446,14 @@ class wmi(connection):
            return False

        if self.args.exec_method == "wmiexec":
-            try:
-                exec_method = wmiexec.WMIEXEC(self.conn.getRemoteName(), self.username, self.password, self.domain, self.lmhash, self.nthash, self.doKerberos, self.kdcHost, self.aesKey, self.logger, self.args.interval_time, self.args.codec)
-                output = exec_method.execute(command, get_output)
-            except Exception as e:
-                try:
-                    exec_method._WMIEXEC__dcom.disconnect()
-                except:
-                    pass
-                self.logger.fail('Execute command error: {}'.format(str(e)))
-            self.conn.disconnect()
+            exec_method = wmiexec.WMIEXEC(self.conn.getRemoteName(), self.username, self.password, self.domain, self.lmhash, self.nthash, self.doKerberos, self.kdcHost, self.aesKey, self.logger, self.args.interval_time, self.args.codec)
+            output = exec_method.execute(command, get_output)
+            
        elif self.args.exec_method == "wmiexec-event":
-            try:
-                exec_method = wmiexec_event.WMIEXEC_EVENT(self.conn.getRemoteName(), self.username, self.password, self.domain, self.lmhash, self.nthash, self.doKerberos, self.kdcHost, self.aesKey, self.logger, self.args.interval_time, self.args.codec)
-                output = exec_method.execute(command, get_output)
-            except Exception as e:
-                try:
-                    exec_method._WMIEXEC_EVENT__dcom.disconnect()
-                except:
-                    pass
-                self.logger.fail('Execute command error: {}'.format(str(e)))
-            self.conn.disconnect()
-        
+            exec_method = wmiexec_event.WMIEXEC_EVENT(self.conn.getRemoteName(), self.username, self.password, self.domain, self.lmhash, self.nthash, self.doKerberos, self.kdcHost, self.aesKey, self.logger, self.args.interval_time, self.args.codec)
+            output = exec_method.execute(command, get_output)
+
+        self.conn.disconnect()
        if output == "" and get_output:
            self.logger.fail("Execute command failed, probabaly got detection by AV.")
            return False
--- a/cme/protocols/wmi/wmiexec.py
+++ b/cme/protocols/wmi/wmiexec.py
@ -71,10 +71,7 @@ class WMIEXEC:
            command = self.__shell + command
            self.execute_remote(command)

-        try:
-            self.__dcom.disconnect()
-        except:
-            pass
+        self.__dcom.disconnect()

        return self.__outputBuffer

@ -107,10 +104,10 @@ class WMIEXEC:
            retVal = descriptor.GetStringValue(2147483650, self.__registry_Path, keyName)
            self.__outputBuffer = base64.b64decode(retVal.sValue).decode(self.__codec, errors='replace').rstrip('\r\n')
        except Exception as e:
-            self.logger.error(f"Target: {self.__host} getting command result error: {str(e)}")
+            self.logger.fail(f'WMIEXEC-EVENT: Get output file error, maybe command not executed successfully or got detected by AV software, please increase the interval time of command execution with "--interval-time" option. If it\'s still failing maybe something is blocking the schedule job in vbscript, try another exec method')
        
        try:
            self.logger.debug(f"Removing temporary registry path: HKLM\\{self.__registry_Path}")
            retVal = descriptor.DeleteKey(2147483650, self.__registry_Path)
        except Exception as e:
-            self.logger.error(f"Target: {self.__host} removing temporary registry path error: {str(e)}")
+            self.logger.debug(f"Target: {self.__host} removing temporary registry path error: {str(e)}")
--- a/cme/protocols/wmi/wmiexec_event.py
+++ b/cme/protocols/wmi/wmiexec_event.py
@ -66,10 +66,7 @@ class WMIEXEC_EVENT:
        self.__retOutput = output
        self.execute_handler(command)

-        try:
-            self.__dcom.disconnect()
-        except:
-            pass
+        self.__dcom.disconnect()

        return self.__outputBuffer

@ -343,8 +340,8 @@ End Function
            command_ResultObject, _ = self.__iWbemServices.GetObject(f'ActiveScriptEventConsumer.Name="{self.__instanceID_StoreResult}"')
            record = dict(command_ResultObject.getProperties())
            self.__outputBuffer = base64.b64decode(record['ScriptText']['value']).decode(self.__codec, errors='replace')
-        except:
-            pass
+        except Exception as e:
+            self.logger.fail(f'WMIEXEC-EVENT: Get output file error, maybe command not executed successfully or got detected by AV software, please increase the interval time of command execution with "--interval-time" option. If it\'s still failing maybe something is blocking the schedule job in vbscript, try another exec method')

    def remove_Instance(self):
        if self.__retOutput: