diff --git a/cme/modules/masky.py b/cme/modules/masky.py index 056f9f59..f5362fc4 100644 --- a/cme/modules/masky.py +++ b/cme/modules/masky.py @@ -17,10 +17,13 @@ class CMEModule: CA Certificate Authority Name (CA_SERVER\CA_NAME) TEMPLATE Template name allowing users to authenticate with (default: User) DC_IP IP Address of the domain controller + AGENT_EXE Path to a custom executable masky agent to be deployed """ self.template = "User" self.ca = None self.dc_ip = None + self.agent_exe = None + self.file_args = False if "CA" in module_options: self.ca = module_options["CA"] @@ -31,6 +34,10 @@ class CMEModule: if "DC_IP" in module_options: self.dc_ip = module_options["DC_IP"] + if "AGENT_EXE" in module_options: + self.agent_exe = module_options["AGENT_EXE"] + self.file_args = True + def on_admin_login(self, context, connection): if not self.ca: context.log.error( @@ -55,6 +62,8 @@ class CMEModule: password=password, hashes=f"{lmhash}:{nthash}", kerberos=kerberos, + exe_path=self.agent_exe, + file_args=self.file_args, ) context.log.info("Running Masky on the targeted host") @@ -114,8 +123,8 @@ class CMEModule: context.log.error("Fail to clean files related to Masky") context.log.error( ( - f"Please remove the files named '{tracker.agent_filename}', '{tracker.error_filename}'" - f" & '{tracker.output_filename}' within the folder '\\Windows\\Temp\\'" + f"Please remove the files named '{tracker.agent_filename}', '{tracker.error_filename}', " + f"'{tracker.output_filename}' & '{tracker.args_filename}' within the folder '\\Windows\\Temp\\'" ) ) ret = False diff --git a/pyproject.toml b/pyproject.toml index 0bc6158f..aecca2c9 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -43,9 +43,9 @@ aioconsole = "^0.3.3" pywerview = "^0.3.3" minikerberos = "0.3.5" aardwolf = "0.2.5" -masky = "^0.1.1" -bloodhound = { git = "https://github.com/fox-it/BloodHound.py", rev = "815684ba8a06d4e8b5bcc69be9bdc071ea9bf1c4" } +bloodhound = "^1.6.1" asyauth = "^0.0.12" +masky = "^0.2.0" [tool.poetry.dev-dependencies] flake8 = "*"