From 31df6f1db8513c37b09a6e55233dce4687af2e54 Mon Sep 17 00:00:00 2001 From: Maxime Meignan Date: Thu, 27 Jan 2022 10:57:22 +0100 Subject: [PATCH] Fixes an error in CLI handling --- EDRSandblast/EDRSandblast.c | 12 ++++-------- EDRSandblast/Utils/LSASSDump.c | 1 - 2 files changed, 4 insertions(+), 9 deletions(-) diff --git a/EDRSandblast/EDRSandblast.c b/EDRSandblast/EDRSandblast.c index 62d5319..ecd7426 100644 --- a/EDRSandblast/EDRSandblast.c +++ b/EDRSandblast/EDRSandblast.c @@ -117,20 +117,16 @@ Other options:\n\ if (_tcsicmp(argv[i], TEXT("dump")) == 0) { startMode = dump; } - else if (_tcsicmp(argv[1], TEXT("cmd")) == 0) { + else if (_tcsicmp(argv[i], TEXT("cmd")) == 0) { startMode = cmd; } - else if (_tcsicmp(argv[1], TEXT("credguard")) == 0) { + else if (_tcsicmp(argv[i], TEXT("credguard")) == 0) { startMode = credguard; } - else if (_tcsicmp(argv[1], TEXT("audit")) == 0) { + else if (_tcsicmp(argv[i], TEXT("audit")) == 0) { startMode = audit; } - else if (_tcsicmp(argv[1], TEXT("-h")) == 0 || _tcsicmp(argv[1], TEXT("--help")) == 0) { - _tprintf(TEXT("%s\n"), usage); - _tprintf(TEXT("%s\n"), extendedUsage); - return EXIT_SUCCESS; - } else if (_tcsicmp(argv[i], TEXT("-h")) == 0 || _tcsicmp(argv[i], TEXT("--help")) == 0) { + else if (_tcsicmp(argv[i], TEXT("-h")) == 0 || _tcsicmp(argv[i], TEXT("--help")) == 0) { _tprintf(TEXT("%s\n"), usage); _tprintf(TEXT("%s\n"), extendedUsage); return EXIT_SUCCESS; diff --git a/EDRSandblast/Utils/LSASSDump.c b/EDRSandblast/Utils/LSASSDump.c index 8188f7e..c1c277d 100644 --- a/EDRSandblast/Utils/LSASSDump.c +++ b/EDRSandblast/Utils/LSASSDump.c @@ -34,7 +34,6 @@ DWORD WINAPI dumpLSASSProcess(void* data) { HANDLE hProcessSnap; HANDLE hProcess; PROCESSENTRY32 pe32; - DWORD dwPriorityClass; TCHAR* outputDump = (TCHAR*)data;