[winrm] better os info

Signed-off-by: XiaoliChan <30458572+XiaoliChan@users.noreply.github.com>

Author: XiaoliChan

nxc/protocols/winrm/winrm_ntlm_parser.py nxc/helpers/ntlm_parser.pynxc/protocols/winrm/winrm_ntlm_parser.py renamed to nxc/helpers/ntlm_parser.py

@@ -2,6 +2,8 @@
 
 import datetime
 
+from impacket.smb3 import WIN_VERSIONS
+
 
 def decoder(byte_string, decode_type):
     if decode_type == "byte":
@@ -11,10 +13,8 @@ def decoder(byte_string, decode_type):
 
 
 def parse_version(version_bytes):
-    major_version = version_bytes[0]
-    minor_version = version_bytes[1]
     product_build = decoder(version_bytes[2:4], "int")
-    return f"{major_version}.{minor_version} Build {product_build}"
+    return f"{WIN_VERSIONS[product_build]} Build {product_build}"
 
 
 def parse_target_info(target_info_bytes):

nxc/protocols/winrm.py

@@ -16,8 +16,8 @@
 from nxc.connection import connection
 from nxc.helpers.bloodhound import add_user_bh
 from nxc.helpers.misc import gen_random_string
+from nxc.helpers.ntlm_parser import parse_challenge
 from nxc.logger import NXCAdapter
-from nxc.protocols.winrm.winrm_ntlm_parser import parse_challenge
 
 
 urllib3.disable_warnings()
@@ -54,7 +54,7 @@ def enum_host_info(self):
         ntlm_info = parse_challenge(base64.b64decode(self.challenge_header.split(" ")[1].replace(",", "")))
         self.domain = ntlm_info["target_info"]["MsvAvDnsDomainName"]
         self.hostname = ntlm_info["target_info"]["MsvAvNbComputerName"]
-        self.server_os = f'Windows {ntlm_info["version"]}'
+        self.server_os = ntlm_info["version"]
         self.logger.extra["hostname"] = self.hostname
 
         self.output_filename = os.path.expanduser(f"~/.nxc/logs/{self.hostname}_{self.host}_{datetime.now().strftime('%Y-%m-%d_%H%M%S')}")