admin/RmEye
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

修复点bug

Browse Source 
修复点bug
This commit is contained in:
huoji
2022-09-05 17:36:46 +08:00
parent 30880f8aa9
commit c2f44adc2e
2 changed files with 1 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
Server/plugins/mimikazt_detect/mimikatz_detect.py
View File

@@ -42,7 +42,7 @@ def rule_new_process_create(current_process: process.Process, host, raw_log_data
def rule_new_process_action(current_process: process.Process, host, raw_log_data, json_log_data):
global mimikatz_dll_list
# 如果日志的action是imageload(dll加载)
if json_log_data['action'] == 'imageload' and current_process.plugin_var['mimikatz_detected'] == False:
if 'mimikatz_detected' in current_process.plugin_var and json_log_data['action'] == 'imageload' and current_process.plugin_var['mimikatz_detected'] == False:
# 把日志中的dll路径取出来
dll_path = json_log_data['data']['imageloaded']