def calculate(self):
addr_space = utils.load_as(self._config)
if not self._config.sys_offset or not self._config.sec_offset:
debug.error("Both SYSTEM and SECURITY offsets must be provided")
secrets = lsasecrets.get_memory_secrets(addr_space, self._config, self._config.sys_offset, self._config.sec_offset)
if not secrets:
debug.error("Unable to read LSA secrets from registry")
return secrets
def calculate(self):
addr_space = utils.load_as(self._config)
if not self._config.sys_offset or not self._config.sec_offset:
debug.error("Both SYSTEM and SECURITY offsets must be provided")
secrets = lsasecrets.get_memory_secrets(addr_space, self._config,
self._config.sys_offset,
self._config.sec_offset)
if not secrets:
debug.error("Unable to read LSA secrets from registry")
return secrets
def calculate(self):
addr_space = utils.load_as(self._config)
# In general it's not recommended to update the global types on the fly,
# but I'm special and I know what I'm doing ;)
# types.update(regtypes)
if not self._config.sys_offset or not self._config.sec_offset:
debug.error("Both SYSTEM and SECURITY offsets must be provided")
secrets = lsasecrets.get_memory_secrets(addr_space, self._config, self._config.sys_offset, self._config.sec_offset)
if not secrets:
debug.error("Unable to read LSA secrets from registry")
return secrets
def calculate(self):
addr_space = utils.load_as(self._config)
if not self._config.sys_offset or not self._config.sec_offset:
regapi = registryapi.RegistryApi(self._config)
for offset in regapi.all_offsets:
name = regapi.all_offsets[offset].lower().split("\\")[-1]
if "system" == name:
self._config.update("SYS_OFFSET", offset)
elif "security" == name:
self._config.update("SEC_OFFSET", offset)
secrets = lsasecrets.get_memory_secrets(addr_space, self._config, self._config.sys_offset, self._config.sec_offset)
if not secrets:
debug.error("Unable to read LSA secrets from registry")
return secrets
