Fix grammar

2021-01-21 05:29:17 -05:00 · 2021-01-21 05:29:17 -05:00 · 2250e5ab36
parent 95aad485fb
commit 2250e5ab36
4 changed files with 21 additions and 3 deletions
--- a/cme/modules/bh_owned.py
+++ b/cme/modules/bh_owned.py
@ -18,7 +18,7 @@ class CMEModule:
    def options(self, context, module_options):
        """
            URI            URI for Neo4j database (default: 127.0.0.1)
-            PORT           Listeninfg port for Neo4j database (default: 7687)
+            PORT           Listening port for Neo4j database (default: 7687)
            USER           Username for Neo4j database (default: 'neo4j')
            PASS           Password for Neo4j database (default: 'neo4j')
        """
--- a/cme/modules/bloodhound.py
+++ b/cme/modules/bloodhound.py
@ -7,7 +7,7 @@ class CMEModule:
    '''
        Executes the BloodHound recon script on the target and retreives the results onto the attackers' machine
        2 supported modes :
-            CSV :           exports data into CSVs on the target file system before retreiving them (NOT opsec safe)
+            CSV :           exports data into CSVs on the target file system before retrieving them (NOT opsec safe)
            Neo4j API :     exports data directly to the Neo4j API (opsec safe)

        Module by Waffle-Wrath
--- a/cme/modules/lsassy.py
+++ b/cme/modules/lsassy.py
@ -25,7 +25,7 @@ class CMEModule:
            DUMPERT_PATH        Path to procdump on attacker host (Required for method 5)
            BLOODHOUND          Enable Bloodhound integration (default: false)
            NEO4JURI            URI for Neo4j database (default: 127.0.0.1)
-            NEO4JPORT           Listeninfg port for Neo4j database (default: 7687)
+            NEO4JPORT           Listening port for Neo4j database (default: 7687)
            NEO4JUSER           Username for Neo4j database (default: 'neo4j')
            NEO4JPASS           Password for Neo4j database (default: 'neo4j')
            WITHOUT_EDGES       List of black listed edges (example: 'SQLAdmin,CanRDP', default: '')
--- a/cme/modules/runasppl.py
+++ b/cme/modules/runasppl.py
@ -0,0 +1,18 @@
+class CMEModule:
+
+    name = 'runasppl'
+    description = "Check if the registry value RunAsPPL is set or not"
+    supported_protocols = ['smb']
+    opsec_safe = True
+    multiple_hosts = True
+
+    def options(self, context, module_options):
+        '''
+        '''
+
+    def on_admin_login(self, context, connection):
+
+        command = 'reg query HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\ /v RunAsPPL'
+        context.log.info('Executing command')
+        p = connection.execute(command, True)
+        context.log.highlight(p)