Updates
parent
81438329b0
commit
2c54e3857a
|
@ -70,6 +70,7 @@ import helpers
|
|||
import packets
|
||||
import messages
|
||||
import events
|
||||
from files import fetcher
|
||||
|
||||
|
||||
class Agents:
|
||||
|
@ -281,12 +282,12 @@ class Agents:
|
|||
dec_data = d.dec_data(data)
|
||||
print helpers.color("[*] Final size of %s wrote: %s" %(filename, helpers.get_file_size(dec_data['data'])), color="green")
|
||||
if not dec_data['crc32_check']:
|
||||
message = "[!] WARNING: File agent {} failed crc32 check during decompression!\n[!] HEADER: Start crc32: %s -- Received crc32: %s -- Crc32 pass: %s!".format(nameid, dec_data['header_crc32'], dec_data['dec_crc32'], dec_data['crc32_check'])
|
||||
message = "[!] WARNING: File agent {} failed crc32 check during decompression!\n[!] HEADER: Start crc32: {} -- Received crc32: {} -- Crc32 pass: {}!".format(sessionID, dec_data['header_crc32'], dec_data['dec_crc32'], dec_data['crc32_check'])
|
||||
signal = json.dumps({
|
||||
'print': True,
|
||||
'message': message
|
||||
})
|
||||
dispatcher.send(signal, sender="agents/{}".format(nameid))
|
||||
dispatcher.send(signal, sender="agents/{}".format(sessionID))
|
||||
data = dec_data['data']
|
||||
|
||||
f.write(data)
|
||||
|
@ -322,12 +323,12 @@ class Agents:
|
|||
dec_data = d.dec_data(data)
|
||||
print helpers.color("[*] Final size of %s wrote: %s" %(filename, helpers.get_file_size(dec_data['data'])), color="green")
|
||||
if not dec_data['crc32_check']:
|
||||
message = "[!] WARNING: File agent {} failed crc32 check during decompression!\n[!] HEADER: Start crc32: %s -- Received crc32: %s -- Crc32 pass: %s!".format(nameid, dec_data['header_crc32'], dec_data['dec_crc32'], dec_data['crc32_check'])
|
||||
message = "[!] WARNING: File agent {} failed crc32 check during decompression!\n[!] HEADER: Start crc32: {} -- Received crc32: {} -- Crc32 pass: {}!".format(sessionID, dec_data['header_crc32'], dec_data['dec_crc32'], dec_data['crc32_check'])
|
||||
signal = json.dumps({
|
||||
'print': True,
|
||||
'message': message
|
||||
})
|
||||
dispatcher.send(signal, sender="agents/{}".format(nameid))
|
||||
dispatcher.send(signal, sender="agents/{}".format(sessionID))
|
||||
data = dec_data['data']
|
||||
|
||||
try:
|
||||
|
@ -878,7 +879,7 @@ class Agents:
|
|||
finally:
|
||||
self.lock.release()
|
||||
else:
|
||||
message = "[!] Non-existent agent %s returned results".format(sessionID)
|
||||
message = "[!] Non-existent agent {} returned results".format(sessionID)
|
||||
signal = json.dumps({
|
||||
'print': True,
|
||||
'message': message
|
||||
|
@ -1854,6 +1855,7 @@ class Agents:
|
|||
|
||||
if index == "0":
|
||||
self.save_file(name, path, file_data)
|
||||
self.mainMenu.fetcher.add_file(sessionID, path, "download")
|
||||
else:
|
||||
self.save_file(name, path, file_data, append=True)
|
||||
# update the agent log
|
||||
|
@ -1933,6 +1935,7 @@ class Agents:
|
|||
# save the file off to the appropriate path
|
||||
save_path = "%s/%s_%s.%s" % (prefix, self.get_agent_hostname_db(sessionID), helpers.get_file_datetime(), extension)
|
||||
final_save_path = self.save_module_file(name, save_path, file_data)
|
||||
self.mainMenu.fetcher.add_file(sessionID, save_path, "screenshot")
|
||||
|
||||
# update the agent log
|
||||
msg = "Output saved to .%s" % (final_save_path)
|
||||
|
@ -1946,12 +1949,12 @@ class Agents:
|
|||
safePath = os.path.abspath("%sdownloads/" % self.mainMenu.installPath)
|
||||
savePath = "%sdownloads/%s/keystrokes.txt" % (self.mainMenu.installPath,sessionID)
|
||||
if not os.path.abspath(savePath).startswith(safePath):
|
||||
message = "[!] WARNING: agent {} attempted skywalker exploit!".format(self.sessionID)
|
||||
message = "[!] WARNING: agent {} attempted skywalker exploit!".format(sessionID)
|
||||
signal = json.dumps({
|
||||
'print': True,
|
||||
'message': message
|
||||
})
|
||||
dispatcher.send(signal, sender="agents/{}".format(self.sessionID))
|
||||
dispatcher.send(signal, sender="agents/{}".format(sessionID))
|
||||
return
|
||||
|
||||
with open(savePath,"a+") as f:
|
||||
|
|
|
@ -37,6 +37,7 @@ import modules
|
|||
import stagers
|
||||
import credentials
|
||||
import plugins
|
||||
from files import fetcher
|
||||
from events import log_event
|
||||
from zlib_wrapper import compress
|
||||
from zlib_wrapper import decompress
|
||||
|
@ -107,6 +108,7 @@ class MainMenu(cmd.Cmd):
|
|||
self.stagers = stagers.Stagers(self, args=args)
|
||||
self.modules = modules.Modules(self, args=args)
|
||||
self.listeners = listeners.Listeners(self, args=args)
|
||||
self.fetcher = fetcher(self, args=args)
|
||||
self.resourceQueue = []
|
||||
#A hashtable of autruns based on agent language
|
||||
self.autoRuns = {}
|
||||
|
|
|
@ -11,7 +11,7 @@ import base64
|
|||
import threading
|
||||
|
||||
|
||||
class files:
|
||||
class fetcher():
|
||||
"""
|
||||
Main class to handle file download and upload functionality for websocket clients
|
||||
"""
|
||||
|
@ -52,7 +52,7 @@ class files:
|
|||
self.lock.release()
|
||||
|
||||
|
||||
def get_file(self, ID):
|
||||
def get_file(self, fileID):
|
||||
"""
|
||||
Return base64 encoded file contents specified by file ID.
|
||||
"""
|
||||
|
@ -61,14 +61,18 @@ class files:
|
|||
try:
|
||||
self.lock.acquire()
|
||||
cur = conn.cursor()
|
||||
cur.execute("SELECT path FROM files WHERE id=?", [ID])
|
||||
cur.execute("SELECT path FROM files WHERE id=?", [fileID])
|
||||
request_path = cur.fetchone()
|
||||
cur.close()
|
||||
finally:
|
||||
self.lock.release()
|
||||
|
||||
try:
|
||||
contents = open(request_path, 'rb').read()
|
||||
return helpers.encode_base64(contents)
|
||||
except:
|
||||
return None
|
||||
|
||||
|
||||
def get_files_by_type(self, file_type):
|
||||
"""
|
||||
|
|
|
@ -15,7 +15,7 @@ import stagers
|
|||
import credentials
|
||||
import plugins
|
||||
import users
|
||||
import files
|
||||
from files import fetcher
|
||||
from events import log_event
|
||||
from zlib_wrapper import compress
|
||||
from zlib_wrapper import decompress
|
||||
|
@ -62,6 +62,8 @@ class Server():
|
|||
# Agent results cache/buffer
|
||||
self.historyBuffer = {}
|
||||
|
||||
|
||||
|
||||
# empty database object
|
||||
self.conn = self.database_connect()
|
||||
time.sleep(1)
|
||||
|
@ -82,6 +84,7 @@ class Server():
|
|||
self.resourceQueue = []
|
||||
#A hashtable of autruns based on agent language
|
||||
self.autoRuns = {}
|
||||
self.fetcher = fetcher(self, args=args)
|
||||
|
||||
# print the loading menu
|
||||
messages.loading()
|
||||
|
@ -593,8 +596,8 @@ class Server():
|
|||
Handles all client messages for the 'files' events
|
||||
"""
|
||||
if self.users.is_authenticated(request.sid):
|
||||
if data['ACTION'] and data['ACTION'] == 'VIEW':
|
||||
results = files.files.get_files_by_type
|
||||
if data['ACTION'] and data['ACTION'] == 'VIEW' and (data['Arguments']['file_type']):
|
||||
results = self.fetcher.get_files_by_type(file_type=data['Arguments']['file_type'])
|
||||
emit('files',{'Result':results})
|
||||
|
||||
elif (data['ACTION'] and data['ACTION'] == 'UPLOAD') and (data['Arguments']['file_data']):
|
||||
|
@ -635,6 +638,16 @@ class Server():
|
|||
self.agents.add_agent_task_db(sessionID, "TASK_UPLOAD", taskdata)
|
||||
emit('files',{'Result':'Tasked agent to upload file'})
|
||||
|
||||
elif (data['ACTION'] and data['ACTION'] == 'DOWNLOAD') and (data['Arguments']['fileID']):
|
||||
"""
|
||||
Download files shown in the files table from the server. Not directly from agents
|
||||
"""
|
||||
enc_file = self.fetcher.get_file(fileID=data['Arguments']['fileID'])
|
||||
if enc_file != None:
|
||||
emit('files',{'Result':enc_file})
|
||||
else:
|
||||
emit('files',{'Result':""})
|
||||
|
||||
# wrap the Flask connection in SSL and start it
|
||||
certPath = os.path.abspath("./data/")
|
||||
|
||||
|
|
Loading…
Reference in New Issue