Skip to content

Commit 85c4edc

Browse files
Kahvi-0Kahvi-0
authored
Update atexec.py
Signed-off-by: Kahvi-0xFF <46513413+Kahvi-0@users.noreply.github.com>
1 parent 90c206f commit 85c4edc

1 file changed

Lines changed: 7 additions & 7 deletions

File tree

nxc/protocols/smb/atexec.py

Lines changed: 7 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -81,7 +81,7 @@ def get_end_boundary(self):
8181
return end_boundary.strftime("%Y-%m-%dT%H:%M:%S.%f")[:-3]
8282

8383
def gen_xml(self, command):
84-
#Random setting order to help with detection
84+
# Random setting order to help with detection
8585
settings = [
8686
" <DisallowStartIfOnBatteries>false</DisallowStartIfOnBatteries>",
8787
" <MultipleInstancesPolicy>IgnoreNew</MultipleInstancesPolicy>",
@@ -91,7 +91,6 @@ def gen_xml(self, command):
9191
]
9292
random.shuffle(settings)
9393
randomized_settings = "\n".join(settings)
94-
9594
settings2 = [
9695
" <AllowStartOnDemand>true</AllowStartOnDemand>",
9796
" <Hidden>true</Hidden>",
@@ -103,17 +102,18 @@ def gen_xml(self, command):
103102
]
104103
random.shuffle(settings2)
105104
randomized_settings2 = "\n".join(settings2)
106-
107105
idleSettings = [
108106
" <StopOnIdleEnd>true</StopOnIdleEnd>",
109107
" <RestartOnIdle>false</RestartOnIdle>"
110108
]
111109
random.shuffle(idleSettings)
112110
randomized_idleSettings = "\n".join(idleSettings)
113111

114-
cmd_path = 'C:\Windows\System32\cmd'
115-
cmd_args = f"/c {command}"
116-
112+
random_cmd_path = ["C:\\Windows\\System32\\cmd", "C:\\Windows\\System32\\cmd.exe", "C:\\Windows\\System32\\cmd.exe", "cmd.exe", "C:\\Windows\\System32\\..\\System32\\cmd.exe", "C:\\Windows\\System32\\..\\System32\\cmd", "C:\\Windows\\..\\Windows\\System32\\cmd.exe", "C:\\Windows\\..\\Windows\\System32\\cmd"]
113+
random_cmd_arg = ["/c", "/C", "/Q /c", "/F:ON /c", "/T:fg /c", "/T:fg /Q /C", "/F:ON /Q /C"]
114+
cmd_path = random.choice(random_cmd_path)
115+
cmd_args = f"{random.choice(random_cmd_arg)} {command}"
116+
117117
xml = f"""<?xml version="1.0" encoding="UTF-16"?>
118118
<Task version="1.3" xmlns="http://schemas.microsoft.com/windows/2004/02/mit/task">
119119
<Triggers>
@@ -149,7 +149,7 @@ def gen_xml(self, command):
149149

150150
elif self.__retOutput is False:
151151
argument_xml = f" <Arguments>{cmd_args}</Arguments>"
152-
152+
153153
self.logger.debug("Generated argument XML: " + argument_xml)
154154
xml += argument_xml
155155

0 commit comments

Comments
 (0)