This is the 1st tool that I will be analyzing since its very common to see and use, and I know how it works under the hood. But its a good exercise to get better at impacket, and eventually come up with our own tool!

https://github.com/SecureAuthCorp/impacket/blob/master/examples/psexec.py

Imports

Right off the bat, we see bunch of imports from python modules

import sys
import os
import re
import cmd
import logging
from threading import Thread, Lock
import argparse
import random
import string
import time
from six import PY3

from impacket.examples import logger
from impacket import version, smb
from impacket.smbconnection import SMBConnection
from impacket.dcerpc.v5 import transport
from impacket.structure import Structure
from impacket.examples import remcomsvc, serviceinstall
from impacket.examples.utils import parse_target
from impacket.krb5.keytab import Keytab

we are gonna take a look at the impacket ones real quick

Logger

Source Code Here

From the description, we know that this is the impacket way of printing. This function will be the logging implementation so that we don’t have to use print() on every single stuff we write.

We can see its importing logging, sys in the source and then a class called ImpacketFormatter

ImpacketFormatter & ImpacketFormatterTimeStamp

It takes 1 argument of logging.formatter, according to original doc.

[Formatter](<https://docs.python.org/3/library/logging.html#logging.Formatter>) objects have the following attributes and methods. They are responsible for converting a [LogRecord](<https://docs.python.org/3/library/logging.html#logging.LogRecord>) to (usually) a string which can be interpreted by either a human or an external system. The base [Formatter](<https://docs.python.org/3/library/logging.html#logging.Formatter>) allows a formatting string to be specified. If none is supplied, the default value of '%(message)s' is used, which just includes the message in the logging call. To have additional items of information in the formatted output (such as a timestamp), keep reading.

basically its just taking the records that we give, and output it in a format we want it to be. in this case. its outputting a prefix bullet like [*] + the levelno, which is a numeric value.

Later, we see a class called ImpacketFormatterTimeStamp(ImpacketFormatter) , which just a wrapper around formatTime().

The initiation is also done by creating a handler to sys.stdout. and set level to default INFO when starting

Version, SMB

output the current version of impacket.