userlogon-notify/script.py at main · InfinityCurveLabs/userlogon-notify · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
from os.path          import *
from pyhavoc.agent    import *
from pyhavoc.listener import *

@KnRegisterCommand(
    command     = 'userlogon-notify',
    description = 'notify upon any user logon activities' )
class AsyncUserlogonNotify( HcKaineCommand ):

    def __init__( self, *args, **kwargs ):
        super().__init__( *args, **kwargs )

        self.arch        : str = self.agent().agent_meta()[ 'arch' ]
        self.object_path : str = f'{dirname( __file__ )}/dist/userlogon-notify.{self.arch}.obj'

        return

    @staticmethod
    def arguments( parser ):
        parser.add_argument( '--delay', default=10, type=int, help='delay time for each stop job check (default: 10)' )
        return

    async def execute( self, args ):
        task = self.agent().object_execute(
            self.object_path,
            'go',

            object_argv = bof_pack( 'Zi', 'userlogon-notify', args.delay ),
            flag_async  = True,
        )

        self.log_task( task.task_uuid(), 'notify on user logon activities' )

        try:
            await task.result()
        except Exception as e:
            self.log_error( f"({task.task_uuid():x}) failed to start user logon notifier: {e}", task_id = task.task_uuid() )
            return

        self.log_info( f'({task.task_uuid():x}) started execution of user logon notifier', task_id = task.task_uuid() )

        return