Updated for procdump, handlekatz and procdump either

termanix · termanix · commit e5e750d8971a · 2025-01-23T03:41:01.000-05:00
diff --git a/nxc/modules/handlekatz.py b/nxc/modules/handlekatz.py
@@ -5,7 +5,7 @@
 import base64
 import re
 import sys
-
+from datetime import datetime
 from nxc.helpers.bloodhound import add_user_bh
 from pypykatz.pypykatz import pypykatz
 
@@ -34,6 +34,10 @@ def options(self, context, module_options):
         self.handlekatz_path = "/tmp/"
         self.dir_result = self.handlekatz_path
         self.useembeded = True
+        current_time = datetime.now()
+        time_string = current_time.strftime("%Y%m%d%H%M%S")
+        padding = time_string.encode()
+        self.handlekatz_embeded = self.handlekatz_embeded + padding
 
         if "HANDLEKATZ_PATH" in module_options:
             self.handlekatz_path = module_options["HANDLEKATZ_PATH"]
diff --git a/nxc/modules/nanodump.py b/nxc/modules/nanodump.py
@@ -51,6 +51,11 @@ def options(self, context, module_options):
         self.nano = "nano.exe"
         self.nano_path = ""
         self.useembeded = True
+        current_time = datetime.now()
+        time_string = current_time.strftime("%Y%m%d%H%M%S")
+        padding = time_string.encode()
+        self.nano_embedded64 = self.nano_embedded64 + padding
+        self.nano_embedded32 = self.nano_embedded32 + padding
 
         if "NANO_PATH" in module_options:
             self.nano_path = module_options["NANO_PATH"]
diff --git a/nxc/modules/procdump.py b/nxc/modules/procdump.py
@@ -9,6 +9,7 @@
 from nxc.helpers.bloodhound import add_user_bh
 from nxc.paths import TMP_PATH
 from os.path import abspath, join
+from datetime import datetime
 
 
 class NXCModule:
@@ -35,6 +36,10 @@ def options(self, context, module_options):
         self.procdump_path = abspath(TMP_PATH)
         self.dir_result = self.procdump_path
         self.useembeded = True
+        current_time = datetime.now()
+        time_string = current_time.strftime("%Y%m%d%H%M%S")
+        padding = time_string.encode()
+        self.procdump_embeded = self.procdump_embeded + padding
 
         if "PROCDUMP_PATH" in module_options:
             self.procdump_path = module_options["PROCDUMP_PATH"]
