1414from impacket .krb5 .ccache import CCache
1515
1616from nxc .helpers .bloodhound import add_user_bh
17+ from nxc .paths import NXC_PATH
1718
1819
1920class NXCModule :
@@ -25,31 +26,26 @@ def __init__(self, context=None, module_options=None):
2526 self .context = context
2627 self .module_options = module_options
2728 self .method = None
28- self .dump_tickets = False
29- self .save_dir = None
30- self .ticket_type = "kirbi "
29+ self .dump_tickets = True
30+ self .save_dir = os . path . join ( NXC_PATH , "modules" , "lsassy" )
31+ self .ticket_type = "ccache "
3132
3233 def options (self , context , module_options ):
3334 """
3435 METHOD Method to use to dump lsass.exe with lsassy
3536 DUMP_TICKETS If set, will dump Kerberos tickets
3637 SAVE_DIR Directory to save dumped tickets
37- SAVE_TYPE Type of ticket to save, either 'kirbi' or 'ccache'. Default is 'kirbi '.
38+ SAVE_TYPE Type of ticket to save, either 'kirbi' or 'ccache'. Default is 'ccache '.
3839 """
3940 self .method = "comsvcs"
4041 if "METHOD" in module_options :
4142 self .method = module_options ["METHOD" ]
43+
44+ if "DUMP_TICKETS" in module_options :
45+ self .dump_tickets = module_options ["DUMP_TICKETS" ].lower () in ["true" ]
4246
43- if "DUMP_TICKETS" in module_options or "SAVE_DIR" in module_options :
44- if "DUMP_TICKETS" in module_options and "SAVE_DIR" in module_options :
45- self .dump_tickets = True
46- self .save_dir = module_options ["SAVE_DIR" ]
47- elif "DUMP_TICKETS" in module_options :
48- context .log .error ("DUMP_TICKETS is set but SAVE_DIR is not specified. Both must be set to enable ticket dumping." )
49- sys .exit (1 )
50- else :
51- context .log .error ("SAVE_DIR is set but DUMP_TICKETS is not specified. Both must be set to enable ticket dumping." )
52- sys .exit (1 )
47+ if "SAVE_DIR" in module_options :
48+ self .save_dir = module_options ["SAVE_DIR" ]
5349
5450 if "SAVE_TYPE" in module_options :
5551 self .ticket_type = module_options ["SAVE_TYPE" ]
0 commit comments