forked from nettitude/PoshC2
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathCore.py
146 lines (115 loc) · 4.11 KB
/
Core.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
import os, base64, random, codecs, glob, readline, re
from Config import HTTPResponses, POSHDIR, PayloadsDirectory
from Utils import randomuri
from TabComplete import tabCompleter
from Help import COMMANDS
from DB import get_cred_by_id
if os.name == 'nt':
import pyreadline.rlmain
def default_response():
return bytes((random.choice(HTTPResponses)).replace("#RANDOMDATA#", randomuri()), "utf-8")
def load_module(module_name):
file = codecs.open(("%sModules/%s" % (POSHDIR, module_name)), 'r', encoding='utf-8-sig')
return file.read()
def load_module_sharp(module_name):
file = open(("%sModules/%s" % (POSHDIR, module_name)), 'r+b')
return base64.b64encode(file.read()).decode("utf-8")
def get_images():
dir_path = os.path.dirname(os.path.realpath(__file__))
rootimagedir = "%s/Images/" % dir_path
images = ""
for root, dirs, filenames in os.walk(rootimagedir):
count = 1
for f in filenames:
if count == 5:
with open(rootimagedir + f, "rb") as image_file:
image = image_file.read()
if len(image) < 1500:
images += "\"%s\"" % (base64.b64encode(image).decode("utf-8"))
if count < 5:
with open(rootimagedir + f, "rb") as image_file:
image = image_file.read()
if len(image) < 1500:
images += "\"%s\"," % (base64.b64encode(image).decode("utf-8"))
count += 1
return images
# Decrypt a string from base64 encoding
def get_encryption(key, iv='0123456789ABCDEF'):
from Crypto.Cipher import AES
iv = os.urandom(AES.block_size)
bkey = base64.b64decode(key)
aes = AES.new(bkey, AES.MODE_CBC, iv)
return aes
# Decrypt a string from base64 encoding
def decrypt(key, data):
iv = data[0:16]
aes = get_encryption(key, iv)
data = aes.decrypt(base64.b64decode(data))
return data[16:].decode("utf-8")
# Decrypt a string from base64 encoding
def decrypt_bytes_gzip(key, data):
iv = data[0:16]
aes = get_encryption(key, iv)
data = aes.decrypt(data)
import gzip
data = gzip.decompress(data[16:])
try:
data = data.decode("utf-8")
except Exception:
data = data
return data
# Encrypt a string and base64 encode it
def encrypt(key, data, gzip=False):
if gzip:
print("Gzipping data - pre-zipped len, " + str(len(data)))
import StringIO
import gzip
out = StringIO.StringIO()
with gzip.GzipFile(fileobj=out, mode="w") as f:
f.write(data)
data = out.getvalue()
# Pad with zeros
mod = len(data) % 16
if mod != 0:
newlen = len(data) + (16 - mod)
data = data.ljust(newlen, '\0')
aes = get_encryption(key, os.urandom(16))
data = aes.IV + aes.encrypt(data)
if not gzip:
data = base64.b64encode(data)
return data
def filecomplete(text, state):
os.chdir(PayloadsDirectory)
return (glob.glob(text + '*') + [None])[state]
def shellcodefilecomplete(text, state):
os.chdir(PayloadsDirectory)
return (glob.glob(text + '*' + ".bin") + [None])[state]
def shellcodereadfile_with_completion(message):
readline.set_completer(shellcodefilecomplete)
path = input(message)
t = tabCompleter()
t.createListCompleter(COMMANDS)
readline.set_completer(t.listCompleter)
return path
def readfile_with_completion(message):
readline.set_completer(filecomplete)
path = input(message)
t = tabCompleter()
t.createListCompleter(COMMANDS)
readline.set_completer(t.listCompleter)
return path
def get_creds(params, startup, user):
if "-credid" in params:
p = re.compile(r"-credid (\w*)")
credId = re.search(p, params)
params = p.sub("", params)
if credId:
credId = credId.group(1)
else:
startup(user, "Please specify a credid")
creds = get_cred_by_id(credId)
if creds is None:
startup(user, "Unrecognised CredID: %s" % credId)
return (creds, params)
else:
startup(user, "Command does not contain -credid")