You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
This repository was archived by the owner on Dec 6, 2023. It is now read-only.
Revert "Stole Empires powershell architecture detection code, arch is now detected and handled automatically"
This reverts commit cd103f5.
This is being reverted due to a bug in wmiexec when executing long
command strings. Falling back to the old method for now until/if fixed.
# strip blank lines, lines starting with #, and verbose/debug statements
25
-
strippedCode="\n".join([lineforlineinstrippedCode.split('\n') if ((line.strip() !='') and (notline.strip().startswith("#")) and (notline.strip().lower().startswith("write-verbose ")) and (notline.strip().lower().startswith("write-debug ")) )])
26
-
27
-
returnstrippedCode
14
+
comments=re.compile('#.+')
15
+
synopsis=re.compile('<#.+#>')
28
16
29
17
classMimikatzServer(BaseHTTPRequestHandler):
30
18
@@ -46,8 +34,9 @@ def do_GET(self):
46
34
ps_script=script.read()
47
35
ifself.path[1:] !='powerview.ps1':
48
36
logging.info('Obfuscating Powershell script')
37
+
ps_script=eval(synopsis.sub('', repr(ps_script))) #Removes the synopsys
49
38
ps_script=func_name.sub(settings.obfs_func_name, ps_script) #Randomizes the function name
50
-
ps_script=strip_powershell_comments(ps_script)
39
+
ps_script=comments.sub('', ps_script)#Removes the comments
51
40
#logging.info('Sending the following modified powershell script: {}'.format(ps_script))
Copy file name to clipboardExpand all lines: crackmapexec.py
+2-3Lines changed: 2 additions & 3 deletions
Original file line number
Diff line number
Diff line change
@@ -71,7 +71,6 @@
71
71
parser.add_argument("--port", dest='port', type=int, choices={139, 445}, default=445, help="SMB port (default: 445)")
72
72
parser.add_argument("--server", choices={'http', 'https'}, default='https', help='Use the selected server (defaults to https)')
73
73
parser.add_argument("--server-port", metavar='PORT', type=int, help='Start the server on the specified port')
74
-
parser.add_argument("--timeout", default=20, type=int, help='Max timeout in seconds of each thread (default: 20)')
75
74
#How much fail can we limit? can we fail at failing to limit? da da da dum
76
75
parser.add_argument("--fail-limit", metavar='LIMIT', type=int, default=None, help='The max number of failed login attempts allowed per host (default: None)')
77
76
parser.add_argument("--gfail-limit", metavar='LIMIT', type=int, default=None, help='The max number of failed login attempts allowed globally (default: None)')
@@ -111,6 +110,7 @@
111
110
112
111
cgroup=parser.add_argument_group("Command Execution", "Options for executing commands")
113
112
cgroup.add_argument('--execm', choices={"wmi", "smbexec", "atexec"}, default="wmi", help="Method to execute the command (default: wmi)")
113
+
cgroup.add_argument('--ps-arch', default='auto', choices={'32', '64', 'auto'}, help='Process architecture all PowerShell code/commands should run in (default: auto)')
114
114
cgroup.add_argument('--no-output', action='store_true', dest='no_output', help='Do not retrieve command output')
115
115
cgroup.add_argument("-x", metavar="COMMAND", dest='command', help="Execute the specified command")
116
116
cgroup.add_argument("-X", metavar="PS_COMMAND", dest='pscommand', help='Excute the specified powershell command')
0 commit comments