Update masky module (v0.2.0)

2023-02-13 23:20:17 +01:00 · 2023-02-13 23:20:17 +01:00 · a185b7c860
parent 324996c2e1
commit a185b7c860
2 changed files with 13 additions and 4 deletions
--- a/cme/modules/masky.py
+++ b/cme/modules/masky.py
@ -17,10 +17,13 @@ class CMEModule:
        CA              Certificate Authority Name (CA_SERVER\CA_NAME)
        TEMPLATE        Template name allowing users to authenticate with (default: User)
        DC_IP           IP Address of the domain controller
+        AGENT_EXE       Path to a custom executable masky agent to be deployed
        """
        self.template = "User"
        self.ca = None
        self.dc_ip = None
+        self.agent_exe = None
+        self.file_args = False

        if "CA" in module_options:
            self.ca = module_options["CA"]
@ -31,6 +34,10 @@ class CMEModule:
        if "DC_IP" in module_options:
            self.dc_ip = module_options["DC_IP"]

+        if "AGENT_EXE" in module_options:
+            self.agent_exe = module_options["AGENT_EXE"]
+            self.file_args = True
+
    def on_admin_login(self, context, connection):
        if not self.ca:
            context.log.error(
@ -55,6 +62,8 @@ class CMEModule:
            password=password,
            hashes=f"{lmhash}:{nthash}",
            kerberos=kerberos,
+            exe_path=self.agent_exe,
+            file_args=self.file_args,
        )

        context.log.info("Running Masky on the targeted host")
@ -114,8 +123,8 @@ class CMEModule:
            context.log.error("Fail to clean files related to Masky")
            context.log.error(
                (
-                    f"Please remove the files named '{tracker.agent_filename}', '{tracker.error_filename}'"
-                    f" & '{tracker.output_filename}' within the folder '\\Windows\\Temp\\'"
+                    f"Please remove the files named '{tracker.agent_filename}', '{tracker.error_filename}', "
+                    f"'{tracker.output_filename}' & '{tracker.args_filename}' within the folder '\\Windows\\Temp\\'"
                )
            )
            ret = False
--- a/pyproject.toml
+++ b/pyproject.toml
@ -43,9 +43,9 @@ aioconsole = "^0.3.3"
 pywerview = "^0.3.3"
 minikerberos = "0.3.5"
 aardwolf = "0.2.5"
-masky = "^0.1.1"
-bloodhound = { git = "https://github.com/fox-it/BloodHound.py", rev = "815684ba8a06d4e8b5bcc69be9bdc071ea9bf1c4" }
+bloodhound = "^1.6.1"
 asyauth = "^0.0.12"
+masky = "^0.2.0"

 [tool.poetry.dev-dependencies]
 flake8 = "*"