infosecn1nja
/
C3
mirror of https://github.com/infosecn1nja/C3.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
429 Commits
3 Branches
3 Tags
39 MiB
Commit Graph

204 Commits (master)

Author SHA1 Message Date
Grzegorz Rychlik 2f5a67b63e Make RAII wrappers for Sql enviroment amd connection 2020-05-12 17:27:56 +02:00
Grzegorz Rychlik 8add814656 Trim whitespace 2020-05-12 17:23:09 +02:00
AdminPanda 90feca454e dropbox channel 2020-05-11 17:58:49 -04:00
Pawel Kurowski 74caf37f10 Simplify OneDrive logic 2020-05-11 23:58:31 +02:00
Pawel Kurowski 6bd7e45321 Use Crypto::String and SecureString in OneDrive365RestFile 2020-05-11 19:16:50 +02:00
Pawel Kurowski 6fee68fc28 WIP 2020-05-11 14:01:57 +02:00
tim.carrington 0404a14fb0 Update O365 channels to use the changes from SimplifyOfficeChannels as well as WinHTTP lib 
OneDrive now supports ordering of files - needs more  testing
Outlook works but needs to be commented and cleaned.
 2020-05-11 11:12:26 +02:00
Pawel Kurowski 87151e172d Merge remote-tracking branch 'origin/master' into SimplifyOfficeChannels 2020-05-11 10:39:20 +02:00
Grzegorz Rychlik f01cacf878 Add missing inline 2020-05-08 11:07:28 +02:00
tvgdb e25e5dddb0 Add Asana C2 channel 2020-05-06 22:02:35 +02:00
tvgdb 7610ce6642 Remove unnessecary import from ProxyHelpers.h 2020-05-06 22:01:55 +02:00
Grzegorz Rychlik 2efbdff286 Merge branch 'SlackReplaceHttp' into 'master' 
Slack replace cpprestsdk with our WinHttp wrapper

See merge request C3/C3!180
 2020-05-05 11:06:02 +01:00
Grzegorz Rychlik 2b09522de0 Don't rely on url compotnets to point to null terminated strings 2020-05-04 13:02:28 +02:00
tim.carrington 152c4a58e6 Add update for m_PathWithQuery 2020-05-04 11:12:45 +01:00
tim.carrington c50026f83c updates as per MR comments. 2020-04-29 11:35:07 +01:00
tim.carrington 54f1313f2d Comment and clean 2020-04-28 08:57:53 +01:00
tim.carrington 4e948d344c update 2020-04-23 13:24:25 +01:00
tim.carrington 32f38b5db3 new column for msgid and msg chunking for large messages 2020-04-23 09:12:32 +01:00
tim.carrington 1734d2d56a update 2020-04-22 10:29:41 +01:00
tim.carrington 846d9bb7c6 check if username contains domain element 2020-04-21 15:59:08 +01:00
tim.carrington b7ef0e49cc Added working code for MSSQL Channel. Tested end to end with Cobalt strike using a dockerised mssql server: https://hub.docker.com/_/microsoft-mssql-server 2020-04-21 15:13:25 +01:00
Grzegorz Rychlik 7562963f8f Update WinHttp (Add docs) 2020-04-10 15:09:55 +02:00
Grzegorz Rychlik 64917a5411 Remove unused variables 2020-04-09 17:56:47 +02:00
Grzegorz Rychlik 899d541731 Add missing winhttp.lib to dependencies 2020-04-09 17:56:17 +02:00
Grzegorz Rychlik 397f5e3942 [Slack] Replace cpprestsdk with WinHttp 2020-04-09 15:10:57 +02:00
Pawel Kurowski 849eecb27e Merge branch 'SlackRepliesFix' into 'master' 
Replace deprecated slack replies api

See merge request C3/C3!178
 2020-04-09 13:12:10 +01:00
Grzegorz Rychlik c984b51bda Upload WinHttp wrapper 2020-04-09 13:18:03 +02:00
Pawel Kurowski ca54a19190 Use StringConversions.h in SlackApi.h 2020-04-08 18:07:41 +02:00
Pawel Kurowski 7cd0417ea3 Replace deprecated slack replies api 2020-04-08 17:53:11 +02:00
Grzegorz Rychlik 120aa36504 Remove routes when their outgoing channel is closed 2020-04-07 16:04:05 +02:00
Pawel Kurowski aaac7eeda5 O365 decrypt password before the call 2020-04-06 13:22:41 +02:00
Pawel Kurowski a92154fc6f Merge remote-tracking branch 'origin/SimplifyOfficeChannels' into test 2020-04-06 10:29:08 +02:00
Grzegorz Rychlik 3baed23752 Remove default ctor for HostInfo - force to call static method for gatering info 2020-03-20 11:20:20 +01:00
Grzegorz Rychlik 9e3811450d Remove os version manifest 2020-03-19 18:22:29 +01:00
Grzegorz Rychlik f11fee9304 Replace static GetVersion with dynamically resolved RtlGetVersion 2020-03-19 18:21:28 +01:00
Grzegorz Rychlik 183fa6465b Remove error-inducing ostream& operator << 
HostInfo can be implicitly constructed from ByteView and can be output to ostream so
`ostream << ByteView{};` results in runtime crash'
 2020-03-19 18:13:16 +01:00
Grzegorz Rychlik 73b6f12a4e Merge branch 'ByteVectorUpgrade' into 'master' 
Byte vector upgrade

See merge request C3/C3!174
 2020-03-19 17:07:30 +00:00
Grzegorz Rychlik bb55932227 Merge branch 'SimpifySlack' into 'master' 
Slightly simplify slack code

Closes #6

See merge request C3/C3!160
 2020-03-19 17:06:25 +00:00
Grzegorz Rychlik e543664c6d [Slack] Replace deprecated web API methods 
Resolves #6
 2020-03-19 16:53:00 +01:00
Grzegorz Rychlik 09f431c981 [Slack] Flatten ReadReplies method, remove WriteReplyLarge from header 2020-03-19 16:45:27 +01:00
Grzegorz Rychlik ba11be9fe0 [Slack] Minor optimization to GetMessagesByDirection 2020-03-19 14:58:53 +01:00
Grzegorz Rychlik 2c153ef3e1 [Slack] return only timestamp and text from ReadReplies 2020-03-19 14:44:39 +01:00
Grzegorz Rychlik de4cbd3376 [Slack] Return multiple packtest from OnReceiveFromChannel 2020-03-19 11:25:32 +01:00
Pawel Kurowski 73a9aba7db ByteConverter specialization can write to provided buffer 2020-03-18 13:37:29 +01:00
Pawel Kurowski 83478fa403 Do not send szCSDVersion and wSuiteMask in OSVERSIONINFOEXA 2020-03-17 11:58:04 +01:00
Pawel Kurowski e5a2d3e541 Fix broken Write exceptions handling 2020-03-16 18:06:52 +01:00
Pawel Kurowski 4a7870d0e3 Better exception safety during Read/Write 2020-03-13 18:26:25 +01:00
Grzegorz Rychlik 3d2d44a24c Update versioning header and build script 2020-03-13 15:59:55 +01:00
Pawel Kurowski 16c7753e7c Fix clang build failure 2020-03-13 15:44:27 +01:00
Pawel Kurowski fc53b803ae Upgrade ByteVector to new version. 2020-03-13 14:13:19 +01:00
Grzegorz Rychlik 74a9b053f2 [Slack Channel] Use built in chunking 2020-03-12 16:39:24 +01:00
Grzegorz Rychlik 98b171b06d Slightly simplify slack code 2020-03-12 16:39:24 +01:00
Pawel Kurowski 148f62a03d Remove HasConstructor.h 2020-03-11 16:00:11 +01:00
Grzegorz Rychlik 6b3c6ba46a Add Clang build configurations 2020-03-10 14:26:30 +01:00
Grzegorz Rychlik 0065374c98 Fix post-merge problems for clang-cl 2020-03-06 16:37:14 +01:00
Grzegorz Rychlik ce232a9af6 Merge branch 'ClangMsvcCompat' 2020-03-06 15:23:57 +01:00
Grzegorz Rychlik 304866ca32 Merge branch 'Obfuscation' 2020-03-06 14:38:55 +01:00
Pawel Kurowski 1a894ef5a4 namespace Obfuscator 2020-03-06 13:52:09 +01:00
Pawel Kurowski 5c4af5d770 OBF will support both char and wchar_t 2020-03-06 13:40:15 +01:00
Grzegorz Rychlik 4dc603770a Fix the terminating null character 2020-03-06 10:12:43 +00:00
Grzegorz Rychlik 7769300ef2 Change MWR namespace to FSecure 2020-03-05 16:30:50 +01:00
Grzegorz Rychlik 62985f09e4 Overhaul string obfuscation 
Use a single obfuscation method (xor with variable increment)
 2020-03-05 15:42:15 +01:00
Grzegorz Rychlik 698b3d4ac7 Remove empty string obfuscation 2020-03-05 12:14:07 +01:00
Grzegorz Rychlik 031f3edf7e Fix rwdi lib linking, restore default inlining 2020-03-05 10:02:15 +01:00
Grzegorz Rychlik c43aeb89be Update SecureString 2020-03-04 17:46:01 +01:00
Grzegorz Rychlik 1c4261f717 Fix crash in Debug 2020-03-04 17:43:30 +01:00
Grzegorz Rychlik 781e7f7f78 Change ChannelLinter test data to binary 2020-03-02 17:01:35 +01:00
Pawel Kurowski 94e6186004 Fix compilation warnings 2020-02-28 16:50:45 +01:00
Pawel Kurowski bae365b02c Ensure existence of required channel constructor (only MSVC) 
Declaring constructor = default was allowing aggressive optimization.
Compiler would skip both channel registration, and static asserts.
 2020-02-28 10:59:23 +01:00
Grzegorz Rychlik 91dc3a1163 Update zlib to 1.2.11-f690224aeb (from vcpkg) 2020-02-27 10:28:12 +01:00
Grzegorz Rychlik 66c671c169 Merge branch 'CovenantIntegrationMerge' into RC1.1 2020-02-24 16:01:39 +01:00
Grzegorz Rychlik f9122902bd Remove artifact from Common.vcxitems.filters 2020-02-24 12:50:24 +00:00
Grzegorz Rychlik 0e7925dc6a Declare destructors virtual where applicable 2020-02-24 11:26:05 +01:00
Grzegorz Rychlik 69f1691e9e Fix member lookup 2020-02-24 10:25:28 +01:00
Grzegorz Rychlik 7417140f67 Fix member name qualifacation 2020-02-21 15:56:44 +01:00
Grzegorz Rychlik f43ba11206 Fix some clang compilation waringns 2020-02-21 15:56:43 +01:00
Grzegorz Rychlik 11e07bdf39 Change logger callback to accept string_view instead of pointer 2020-02-21 15:54:16 +01:00
Grzegorz Rychlik 3f2ddcc3e8 Fix ambiguous conversions, unqalified lookup and others 2020-02-21 15:54:16 +01:00
Grzegorz Rychlik d095870f2a [Clang] Fix the overly implicit conversions 2020-02-21 15:54:15 +01:00
Grzegorz Rychlik a5e517f9f2 Fix Query - related compilation warnings and errors 2020-02-21 15:54:15 +01:00
Grzegorz Rychlik 34c73a078a Update Byte containers 2020-02-21 15:54:15 +01:00
Grzegorz Rychlik 53df1570f6 Add inline and noexcept to basic_string specializations 2020-02-21 15:54:15 +01:00
Grzegorz Rychlik 793c6c3449 Update libsodium to 1.0.18 for clang support 2020-02-21 15:54:15 +01:00
tim.carrington 6a7f726f35 Merge branch 'CovenantIntegrationMerge' of git.f-secure.com:C3/C3 into CovenantIntegrationMerge 2020-02-21 09:51:38 +00:00
tim.carrington f9018412be update listening address for use with c2-bridge 2020-02-21 09:50:55 +00:00
Grzegorz Rychlik 727ee98f50 Merge branch 'Shellcode' into RC1.1 2020-02-19 15:20:02 +01:00
Pawel Kurowski 3eb69d9780 Fix crash on shared_from_this 2020-02-07 17:37:32 +01:00
tim.carrington 9a60cabb3c Missing check for HTTP 401 (unauthorised) - this occurs when token refresh is needed so must be handled. Tested 20/1/20: 
Without check - gateway and relays hit constant runtime_error after 30 minutes
With check - gateway and relays working fine for over 2 hours.
 2020-01-20 13:30:58 +00:00
tim.carrington f8fc919b61 Fix socket error on peripheral close 2020-01-20 10:22:25 +00:00
tim.carrington 94bc1b9d16 Removal of redundant listenerId code 2020-01-17 16:13:24 +00:00
tim.carrington 7cf2e0671f Attempt 3 ;) 2020-01-17 13:30:24 +00:00
tim.carrington aea013bb95 missed UpdateListenerId edit 2020-01-17 13:23:07 +00:00
tim.carrington ac52b22c05 removal of redundant else statements and change GetListenerId to UpdateListenerId 2020-01-17 12:53:54 +00:00
tim.carrington 3576a1631b update 2020-01-17 11:48:06 +00:00
tim.carrington 86244b322d update in response to merge comments. Covenant connector now looks for C3Bridge listener before creating one. User now only supplies listener port, url, username and password 2020-01-16 16:40:45 +00:00
Pawel Kurowski 5bcdebceeb Use user/password auth for office channels 2020-01-16 16:17:56 +01:00
Pawel Kurowski 6a7598c814 Use Compression in Covenant.cpp 2020-01-14 17:45:23 +01:00
Pawel Kurowski 8ae59871a8 Merge branch 'zlib' into CovenantIntegrationMerge 2020-01-14 17:42:33 +01:00
Pawel Kurowski 45a8bf9589 Use raw deflate format in Compression.cpp for C# DeflateStream compatibility 2020-01-14 17:40:30 +01:00
Pawel Kurowski 70673b1c49 Use zlib with static CRT 2020-01-14 15:18:37 +01:00