Beispiel #1
0
 public static void Lsass(int type = 0)
 {
     if (type == 0)
     {
         CredAccessHelper.LsassMemoryDump();
     }
     else
     {
         CredAccessHelper.LsassRead();
     }
 }
Beispiel #2
0
        public static void LsassMemoryDump(string log)
        {
            string currentPath = AppDomain.CurrentDomain.BaseDirectory;

            Lib.Logger logger = new Lib.Logger(currentPath + log);
            logger.SimulationHeader("T1003.001");
            try
            {
                CredAccessHelper.LsassMemoryDump(logger);
                logger.SimulationFinished();
            }
            catch (Exception ex)
            {
                logger.SimulationFailed(ex);
            }
        }
Beispiel #3
0
        public static void Lsass(string log, int type = 0)
        {
            string currentPath = AppDomain.CurrentDomain.BaseDirectory;

            Lib.Logger logger = new Lib.Logger(currentPath + log);
            logger.SimulationHeader("T1003");
            //logger.TimestampInfo(String.Format("Starting T1003 Simulation on {0}", Environment.MachineName));
            //logger.TimestampInfo(String.Format("Simulation agent running as {0} with PID:{1}", System.Reflection.Assembly.GetEntryAssembly().Location, Process.GetCurrentProcess().Id));

            try
            {
                CredAccessHelper.LsassMemoryDump(logger);
                logger.SimulationFinished();
            }
            catch (Exception ex)
            {
                logger.SimulationFailed(ex);
            }
        }