Add LNK format generation

sevagas · Apr 11, 2018 · fa7ca21 · fa7ca21
1 parent 8311926
commit fa7ca21
Show file tree

Hide file tree

Showing 3 changed files with 64 additions and 1 deletion.
diff --git a/src/macro_pack.py b/src/macro_pack.py
@@ -24,6 +24,7 @@
 from modules.scf_gen import SCFGenerator
 from modules.url_gen import UrlShortcutGenerator
 from modules.glk_gen import GlkGenerator
+from modules.lnk_gen import LNKGenerator
 
 from common import utils, mp_session, help
 from common.utils import MSTypes
@@ -378,7 +379,10 @@ def main(argv):
         if mpSession.outputFileType == MSTypes.GLK:
             generator = GlkGenerator(mpSession)
             generator.run()
-
+
+        if mpSession.outputFileType == MSTypes.LNK:
+            generator = LNKGenerator(mpSession)
+            generator.run()
 
         # Activate Web server
         if mpSession.listen:

diff --git a/src/modules/lnk_gen.py b/src/modules/lnk_gen.py
@@ -0,0 +1,58 @@
+#!/usr/bin/env python
+# encoding: utf-8
+import sys
+import logging
+from modules.mp_generator import Generator
+from collections import OrderedDict
+if sys.platform == "win32":
+    from win32com.client import Dispatch
+
+
+class LNKGenerator(Generator):
+    """ Module used to generate malicious Explorer Command File"""
+
+    def check(self):
+        if sys.platform != "win32":
+            logging.error("  [!] You have to run on Windows OS to build this file format.")
+            return False
+        else:    
+            return True
+
+    def buildLnkWithWscript(self, target, targetArgs=None, iconPath=None):
+        """ Build an lnk shortcut using WScript wrapper """
+        shell = Dispatch("WScript.Shell")
+        shortcut = shell.CreateShortcut(self.outputFilePath)
+        shortcut.Targetpath = target
+        shortcut.WorkingDirectory = r"C:\Windows\System32"
+        if targetArgs:
+            shortcut.Arguments = targetArgs
+        if iconPath:
+            shortcut.IconLocation = iconPath
+        shortcut.save()
+
+
+    def generate(self):
+        """ Generate LNK file """
+        logging.info(" [+] Generating %s file..." % self.outputFileType)
+        paramDict = OrderedDict([("Shortcut_Target",None), ("Shortcut_Icon",None)])      
+        self.fillInputParams(paramDict)
+
+        # Get needed parameters
+        iconPath = paramDict["Shortcut_Icon"]
+        # Extract shortcut arguments
+        CmdLine = paramDict["Shortcut_Target"].split(' ', 1)
+        target = CmdLine[0]
+        if len(CmdLine) == 2:
+            targetArgs = CmdLine[1]
+        else:
+            targetArgs = None
+        # Create lnk file
+        self.buildLnkWithWscript(target, targetArgs, iconPath)
+
+        logging.info("   [-] Generated %s file: %s" % (self.outputFileType, self.outputFilePath))
+        logging.info("   [-] Test with: \nBrowse %s dir to trigger icon resolution. Click on file to trigger shortcut.\n" % self.outputFilePath)
+
+
+
+
+
diff --git a/src/modules/mp_module.py b/src/modules/mp_module.py
@@ -84,6 +84,7 @@ def fillInputParams(self, paramDict):
             f.close()
             os.remove(cmdFile)
             inputValues = shlex.split(valuesFileContent)# split on space but preserve what is between quotes
+            #logging.info(str(inputValues))
             if len(inputValues) == len(paramDict): 
                 i = 0  
                 # Fill entry parameterds