public static void CreateLocalAccountApi(string log, bool cleanup)
        {
            string currentPath = AppDomain.CurrentDomain.BaseDirectory;

            Lib.Logger logger = new Lib.Logger(currentPath + log);
            logger.SimulationHeader("T1136.001");
            logger.TimestampInfo("Using the Win32 API NetUserAdd function to execute the technique");
            try
            {
                PersistenceHelper.CreateUserApi("haxor", logger, cleanup);
                logger.SimulationFinished();
            }
            catch (Exception ex)
            {
                logger.SimulationFailed(ex);
            }
        }
示例#2
0
        public static void CreateAccountApi(string log)
        {
            string currentPath = AppDomain.CurrentDomain.BaseDirectory;

            Lib.Logger logger = new Lib.Logger(currentPath + log);
            logger.SimulationHeader("T1136");
            //logger.TimestampInfo(String.Format("Starting T1136 Simulation on {0}", Environment.MachineName));
            //logger.TimestampInfo(String.Format("Simulation agent running as {0} with PID:{1}", System.Reflection.Assembly.GetEntryAssembly().Location, Process.GetCurrentProcess().Id));
            try
            {
                PersistenceHelper.CreateUser("haxor", logger);
                logger.SimulationFinished();
            }
            catch (Exception ex)
            {
                logger.SimulationFailed(ex);
            }
        }
        public static void CreateRegistryRunKeyNET(string log, bool cleanup)
        {
            string currentPath = AppDomain.CurrentDomain.BaseDirectory;

            Lib.Logger logger = new Lib.Logger(currentPath + log);
            logger.SimulationHeader("T1547.001");
            logger.TimestampInfo("Using the Microsoft.Win32 .NET namespace to execute the technique");

            try
            {
                PersistenceHelper.RegistryRunKey(logger, cleanup);
                logger.SimulationFinished();
            }
            catch (Exception ex)
            {
                logger.SimulationFailed(ex);
            }
        }
        public static void CreateWindowsServiceApi(string log, bool cleanup)
        {
            string currentPath = AppDomain.CurrentDomain.BaseDirectory;

            Lib.Logger logger = new Lib.Logger(currentPath + log);
            logger.SimulationHeader("T1543.003");
            logger.TimestampInfo("Using the Win32 API CreateService function to execute the technique");

            try
            {
                PersistenceHelper.CreateServiceApi(log, logger, cleanup);
                logger.SimulationFinished();
            }
            catch (Exception ex)
            {
                logger.SimulationFailed(ex);
            }
        }