Skip to content

Commit 6bee36f

Browse files
NeffIsBackNeffIsBack
committed
Formatting
1 parent f7f343e commit 6bee36f

3 files changed

Lines changed: 18 additions & 26 deletions

File tree

nxc/modules/get_netconnections.py

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -17,7 +17,7 @@ class NXCModule:
1717
multiple_hosts = True
1818

1919
def options(self, context, module_options):
20-
"""No options"""
20+
"""No options available"""
2121

2222
def on_admin_login(self, context, connection):
2323
data = []

nxc/modules/recyclebin.py

Lines changed: 16 additions & 24 deletions
Original file line numberDiff line numberDiff line change
@@ -19,7 +19,7 @@ class NXCModule:
1919
false_positive = [".", "..", "desktop.ini", "Public", "Default", "Default User", "All Users", ".NET v4.5", ".NET v4.5 Classic"]
2020

2121
def options(self, context, module_options):
22-
""""""
22+
"""No options available"""
2323

2424
def on_admin_login(self, context, connection):
2525
found = 0
@@ -30,28 +30,20 @@ def on_admin_login(self, context, connection):
3030
context.log.debug(f"Error connecting to RemoteRegistry {e} on host {connection.host}")
3131
finally:
3232
remote_ops.finish()
33-
33+
3434
if remote_ops._RemoteOperations__rrp:
3535
for sid_directory in connection.conn.listPath("C$", "$Recycle.Bin\\*"):
3636
if sid_directory.get_longname() and sid_directory.get_longname() not in self.false_positive:
37-
37+
3838
# Extracts the username from the SID
3939
if remote_ops._RemoteOperations__rrp:
4040
ans = rrp.hOpenLocalMachine(remote_ops._RemoteOperations__rrp)
4141
reg_handle = ans["phKey"]
42-
ans = rrp.hBaseRegOpenKey(
43-
remote_ops._RemoteOperations__rrp,
44-
reg_handle,
45-
f"SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\ProfileList\\{sid_directory.get_longname()}"
46-
)
42+
ans = rrp.hBaseRegOpenKey(remote_ops._RemoteOperations__rrp, reg_handle, f"SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\ProfileList\\{sid_directory.get_longname()}")
4743
key_handle = ans["phkResult"]
48-
_ = username = profileimagepath = None
44+
username = profileimagepath = None
4945
try:
50-
_, profileimagepath = rrp.hBaseRegQueryValue(
51-
remote_ops._RemoteOperations__rrp,
52-
key_handle,
53-
"ProfileImagePath\x00"
54-
)
46+
_, profileimagepath = rrp.hBaseRegQueryValue(remote_ops._RemoteOperations__rrp, key_handle, "ProfileImagePath\x00")
5547
# Get username and remove embedded null byte
5648
username = profileimagepath.split("\\")[-1].replace("\x00", "")
5749
except rrp.DCERPCSessionError as e:
@@ -60,14 +52,14 @@ def on_admin_login(self, context, connection):
6052
# Lists for any file or directory in the recycle bin
6153
spider_folder = f"$Recycle.Bin\\{sid_directory.get_longname()}\\"
6254
paths = connection.spider(
63-
"C$",
64-
folder=spider_folder,
65-
regex=[r"(.*)"],
55+
"C$",
56+
folder=spider_folder,
57+
regex=[r"(.*)"],
6658
no_print_results=True
6759
)
6860

69-
false_positiv = [".", "..", "desktop.ini"]
70-
filtered_file_paths = [path for path in paths if not path.endswith(tuple(false_positiv))]
61+
false_positiv = (".", "..", "desktop.ini")
62+
filtered_file_paths = [path for path in paths if not path.endswith(false_positiv)]
7163
if filtered_file_paths:
7264
if username is not None:
7365
context.log.highlight(f"CONTENT FOUND {sid_directory.get_longname()} ({username})")
@@ -81,16 +73,16 @@ def on_admin_login(self, context, connection):
8173
# $Recycle.Bin\S-1-5-21-4140170355-2927207985-2497279808-500\/$R87021Q.txt
8274
# $I files are metadata while $R are actual files so we split the path from the SID
8375
# And check that the filename contains $R only to prevent downloading useless stuff
84-
85-
if "$R" in path.split(sid_directory.get_longname())[1] and not path.endswith(tuple([".", "..", "desktop.ini"])):
76+
77+
if "$R" in path.split(sid_directory.get_longname())[1] and not path.endswith(false_positiv):
8678
try:
8779
buf = BytesIO()
8880
connection.conn.getFile("C$", path, buf.write)
8981
context.log.highlight(f"\t{path}")
9082
found += 1
9183
buf.seek(0)
92-
file_path = path.split('$')[-1].replace("/", "_")
93-
if username:
84+
file_path = path.split("$")[-1].replace("/", "_")
85+
if username: # noqa: SIM108
9486
filename = f"{connection.host}_{username}_recyclebin_{file_path}"
9587
else:
9688
filename = f"{connection.host}_{sid_directory.get_longname()}_recyclebin_{file_path}"
@@ -105,5 +97,5 @@ def on_admin_login(self, context, connection):
10597
except Exception as e:
10698
# Probably trying to getFile a directory which won't work
10799
context.log.debug(f"Couldn't open {path} because of {e}")
108-
if found >0:
100+
if found > 0:
109101
context.log.highlight(f"Recycle bin's content downloaded to {export_path}")

nxc/modules/veeam.py

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -25,7 +25,7 @@ def __init__(self):
2525
self.psScriptPostgresql = psFile.read()
2626

2727
def options(self, context, module_options):
28-
"""No options"""
28+
"""No options available"""
2929

3030
def checkVeeamInstalled(self, context, connection):
3131
context.log.display("Looking for Veeam installation...")

0 commit comments

Comments
 (0)