def get_monkey_runner_bin_file(self, is_32bit): if is_32bit: return open(get_binary_file_path(self.SAMBACRY_RUNNER_FILENAME_32), "rb") else: return open(get_binary_file_path(self.SAMBACRY_RUNNER_FILENAME_64), "rb")
def init_mimikatz(self): try: with zipfile.ZipFile( get_binary_file_path(MimikatzCollector.MIMIKATZ_ZIP_NAME), 'r') as mimikatz_zip: mimikatz_zip.extract(self.MIMIKATZ_DLL_NAME, path=get_binaries_dir_path(), pwd=self.MIMIKATZ_ZIP_PASSWORD) self._dll = ctypes.WinDLL( get_binary_file_path(self.MIMIKATZ_DLL_NAME)) collect_proto = ctypes.WINFUNCTYPE(ctypes.c_int) get_proto = ctypes.WINFUNCTYPE(MimikatzCollector.LogonData) get_text_output_proto = ctypes.WINFUNCTYPE(ctypes.c_wchar_p) self._collect = collect_proto(("collect", self._dll)) self._get = get_proto(("get", self._dll)) self._get_text_output_proto = get_text_output_proto( ("getTextOutput", self._dll)) self._isInit = True status = ScanStatus.USED except Exception: LOG.exception("Error initializing mimikatz collector") status = ScanStatus.SCANNED T1106Telem(status, UsageEnum.MIMIKATZ_WINAPI).send() T1129Telem(status, UsageEnum.MIMIKATZ).send()
def _get_traceroute_bin_path(): """ Gets the path to the prebuilt traceroute executable This is the traceroute utility from: http://traceroute.sourceforge.net Its been built using the buildroot utility with the following settings: * Statically link to musl and all other required libs * Optimize for size This is done because not all linux distros come with traceroute out-of-the-box, and to ensure it behaves as expected :return: Path to traceroute executable """ return get_binary_file_path("traceroute64" if is_64bit_python() else "traceroute32")