Simplify code

Author: NeffIsBack

nxc/modules/handlekatz.py

@@ -34,10 +34,8 @@ def options(self, context, module_options):
         self.handlekatz_path = "/tmp/"
         self.dir_result = self.handlekatz_path
         self.useembeded = True
-        current_time = datetime.now()
-        time_string = current_time.strftime("%Y%m%d%H%M%S")
-        padding = time_string.encode()
-        self.handlekatz_embeded = self.handlekatz_embeded + padding
+        # Add some random binary data to defeat AVs which check the file hash
+        self.handlekatz_embeded += datetime.now().strftime("%Y%m%d%H%M%S").encode()
 
         if "HANDLEKATZ_PATH" in module_options:
             self.handlekatz_path = module_options["HANDLEKATZ_PATH"]

nxc/modules/impersonate.py

@@ -29,14 +29,12 @@ def options(self, context, module_options):
         self.impersonate = "Impersonate.exe"
         self.useembeded = True
         self.token = self.cmd = ""
-        current_time = datetime.now()
-        time_string = current_time.strftime("%Y%m%d%H%M%S")
 
         with open(path.join(DATA_PATH, ("impersonate_module/impersonate.bs64"))) as impersonate_file:
             self.impersonate_embedded = b64decode(impersonate_file.read())
-        
-        padding = time_string.encode()
-        self.impersonate_embedded = self.impersonate_embedded + padding
+
+        # Add some random binary data to defeat AVs which check the file hash
+        self.impersonate_embedded += datetime.now().strftime("%Y%m%d%H%M%S").encode()
 
         if "EXEC" in module_options:
             self.cmd = module_options["EXEC"]

nxc/modules/nanodump.py

@@ -51,11 +51,10 @@ def options(self, context, module_options):
         self.nano = "nano.exe"
         self.nano_path = ""
         self.useembeded = True
-        current_time = datetime.now()
-        time_string = current_time.strftime("%Y%m%d%H%M%S")
-        padding = time_string.encode()
-        self.nano_embedded64 = self.nano_embedded64 + padding
-        self.nano_embedded32 = self.nano_embedded32 + padding
+        # Add some random binary data to defeat AVs which check the file hash
+        padding = datetime.now().strftime("%Y%m%d%H%M%S").encode()
+        self.nano_embedded64 += padding
+        self.nano_embedded32 += padding
 
         if "NANO_PATH" in module_options:
             self.nano_path = module_options["NANO_PATH"]

nxc/modules/pi.py

@@ -25,14 +25,12 @@ def options(self, context, module_options):
         self.pi = "pi.exe"
         self.useembeded = True
         self.pid = self.cmd = ""
-        current_time = datetime.now()
-        time_string = current_time.strftime("%Y%m%d%H%M%S")
 
         with open(join(DATA_PATH, ("pi_module/pi.bs64"))) as pi_file:
             self.pi_embedded = b64decode(pi_file.read())
 
-        padding = time_string.encode()
-        self.pi_embedded = self.pi_embedded + padding
+        # Add some random binary data to defeat AVs which check the file hash
+        self.pi_embedded += datetime.now().strftime("%Y%m%d%H%M%S").encode()
 
         if "EXEC" in module_options:
             self.cmd = module_options["EXEC"]

nxc/modules/procdump.py

@@ -36,10 +36,8 @@ def options(self, context, module_options):
         self.procdump_path = abspath(TMP_PATH)
         self.dir_result = self.procdump_path
         self.useembeded = True
-        current_time = datetime.now()
-        time_string = current_time.strftime("%Y%m%d%H%M%S")
-        padding = time_string.encode()
-        self.procdump_embeded = self.procdump_embeded + padding
+        # Add some random binary data to defeat AVs which check the file hash
+        self.procdump_embeded += datetime.now().strftime("%Y%m%d%H%M%S").encode()
 
         if "PROCDUMP_PATH" in module_options:
             self.procdump_path = module_options["PROCDUMP_PATH"]