infosecn1nja
/
PoshC2_Python
mirror of https://github.com/infosecn1nja/PoshC2_Python.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Rework imports to improve dependency management

temp
m0rv4i 2019-03-10 17:11:22 +00:00
parent 707dc93fa2
commit 5ab47c5a76
10 changed files with 38 additions and 56 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
AutoLoads.py
View File

@ -1,7 +1,7 @@
#!/usr/bin/python #!/usr/bin/python
from DB import * from DB import update_mods, new_task, select_mods
from Config import * from Config import ModulesDirectory
import os, base64 import os, base64
def check_module_loaded( module_name, randomuri, user, force=False ): def check_module_loaded( module_name, randomuri, user, force=False ):
@ -11,25 +11,17 @@ def check_module_loaded( module_name, randomuri, user, force=False ):
for modname in os.listdir(ModulesDirectory): for modname in os.listdir(ModulesDirectory):
if modname.lower() in module_name.lower(): if modname.lower() in module_name.lower():
module_name = modname module_name = modname
file = open(("%s%s" % (ModulesDirectory,module_name)), "r")
module = file.read()
new_task(("loadmodule %s" % module_name), user, randomuri) new_task(("loadmodule %s" % module_name), user, randomuri)
if modules_loaded: if modules_loaded:
new_modules_loaded = "%s %s" % (modules_loaded, module_name) new_modules_loaded = "%s %s" % (modules_loaded, module_name)
if module_name in modules_loaded: if module_name not in modules_loaded:
loaded = "YES"
else:
for modname in os.listdir(ModulesDirectory): for modname in os.listdir(ModulesDirectory):
if modname.lower() in module_name.lower(): if modname.lower() in module_name.lower():
module_name = modname module_name = modname
file = open(("%s%s" % (ModulesDirectory,module_name)), "r")
module = file.read()
new_task(("loadmodule %s" % module_name), user, randomuri) new_task(("loadmodule %s" % module_name), user, randomuri)
update_mods(new_modules_loaded, randomuri) update_mods(new_modules_loaded, randomuri)
else: else:
new_modules_loaded = "%s" % (module_name) new_modules_loaded = "%s" % (module_name)
file = open(("%s%s" % (ModulesDirectory,module_name)), "r")
module = file.read()
new_task(("loadmodule %s" % module_name), user, randomuri) new_task(("loadmodule %s" % module_name), user, randomuri)
update_mods(new_modules_loaded, randomuri) update_mods(new_modules_loaded, randomuri)
except Exception as e: except Exception as e:

6
CookieDecrypter.py
View File

@ -1,8 +1,8 @@
#!/usr/bin/python #!/usr/bin/python
from DB import * from Colours import Colours
from Colours import * from Core import decrypt
from Core import * from DB import get_keys
import os, sys, re import os, sys, re
file = open(sys.argv[1], "r") file = open(sys.argv[1], "r")

4
Core.py
View File

@ -1,8 +1,8 @@
#!/usr/bin/python #!/usr/bin/python
import zlib, argparse, os, re, datetime, time, base64, string, random, codecs import zlib, argparse, os, re, datetime, time, base64, string, random, codecs
from Config import * from Config import HTTPResponses, POSHDIR
from Utils import * from Utils import randomuri
def default_response(): def default_response():
return (random.choice(HTTPResponses)).replace("#RANDOMDATA#",randomuri()) return (random.choice(HTTPResponses)).replace("#RANDOMDATA#",randomuri())

6
Help.py
View File

@ -1,12 +1,14 @@
#!/usr/bin/python #!/usr/bin/python
logopic = """ __________ .__. _________ ________ logopic = r"""
__________ .__. _________ ________
\_______ \____ _____| |__ \_ ___ \ \_____ \\ \_______ \____ _____| |__ \_ ___ \ \_____ \\
| ___/ _ \/ ___/ | \ / \ \/ / ____/ | ___/ _ \/ ___/ | \ / \ \/ / ____/
| | ( <_> )___ \| Y \ \ \____/ \\ | | ( <_> )___ \| Y \ \ \____/ \\
|____| \____/____ >___| / \______ /\_______ \\ |____| \____/____ >___| / \______ /\_______ \\
\/ \/ \/ \/ \/ \/ \/ \/
=============== v4.8 www.PoshC2.co.uk =============""" =============== v4.8 www.PoshC2.co.uk =============
"""
py_help1 = """ py_help1 = """

22
Implant.py
View File

@ -1,11 +1,12 @@
#!/usr/bin/env python #!/usr/bin/env python
from DB import * from Colours import Colours
from Colours import * from Utils import randomuri, gen_key
from Core import * from Config import PayloadsDirectory, FilesDirectory
from AutoLoads import * from DB import select_item, get_defaultbeacon, get_killdate, get_dfheader, get_otherbeaconurls, get_defaultuseragent, new_implant, new_task, update_mods, get_autoruns
from ImplantHandler import * from Core import get_images
import urllib2
import urllib2, base64, datetime
class Implant(object): class Implant(object):
@ -30,7 +31,7 @@ class Implant(object):
self.ImplantID = "" self.ImplantID = ""
self.Pivot = pivot self.Pivot = pivot
self.KillDate = get_killdate() self.KillDate = get_killdate()
self.ServerURL = new_serverurl = select_item("HostnameIP", "C2Server") self.ServerURL = select_item("HostnameIP", "C2Server")
self.AllBeaconURLs = get_otherbeaconurls() self.AllBeaconURLs = get_otherbeaconurls()
self.AllBeaconImages = get_images() self.AllBeaconImages = get_images()
self.SharpCore = """ self.SharpCore = """
@ -63,13 +64,12 @@ IMGS19459394%s49395491SGMI""" % (self.RandomURI, self.AllBeaconURLs, self.KillDa
import pyttsx3 import pyttsx3
engine = pyttsx3.init() engine = pyttsx3.init()
rate = engine.getProperty('rate') rate = engine.getProperty('rate')
voices = engine.getProperty('voices')
engine.setProperty('voice', "english-us") engine.setProperty('voice', "english-us")
engine.setProperty('rate', rate-30) engine.setProperty('rate', rate-30)
engine.say("Nice, we have an implant") engine.say("Nice, we have an implant")
engine.runAndWait() engine.runAndWait()
except Exception as e: except Exception as e:
EspeakError = "espeak error" pass
try: try:
apikey = select_item("APIKEY","C2Server") apikey = select_item("APIKEY","C2Server")
@ -92,9 +92,9 @@ IMGS19459394%s49395491SGMI""" % (self.RandomURI, self.AllBeaconURLs, self.KillDa
if enotifications == "Yes" and apikey and mobile: if enotifications == "Yes" and apikey and mobile:
for number in mobile.split(","): for number in mobile.split(","):
number = number.replace('"','') number = number.replace('"','')
url = "https://api.clockworksms.com/http/send.aspx?key=%s&to=%s&from=PoshC2&content=NewImplant:%s\%s @ %s" % (apikey, number, self.Domain,self.User,self.Hostname) url = "https://api.clockworksms.com/http/send.aspx?key=%s&to=%s&from=PoshC2&content=NewImplant:%s\\%s @ %s" % (apikey, number, self.Domain,self.User,self.Hostname)
url = url.replace(" ","+") url = url.replace(" ","+")
response = urllib2.urlopen(url) urllib2.urlopen(url)
except Exception as e: except Exception as e:
print "SMS send error: %s" % e print "SMS send error: %s" % e

18
ImplantHandler.py
View File

@ -1,8 +1,6 @@
#!/usr/bin/python #!/usr/bin/python
import os, time, readline, base64, re, traceback, glob, sys, argparse, shlex, signal, subprocess, argparse import os, time, readline, base64, re, traceback, glob, sys, argparse, shlex, signal, subprocess, argparse, datetime
import datetime
from datetime import datetime, timedelta
from sqlite3 import Error from sqlite3 import Error
from Help import * from Help import *
from AutoLoads import * from AutoLoads import *
@ -15,6 +13,7 @@ from Payloads import *
from Core import * from Core import *
from Alias import * from Alias import *
from Opsec import * from Opsec import *
from Utils import validate_sleep_time
def catch_exit(signum, frame): def catch_exit(signum, frame):
sys.exit(0) sys.exit(0)
@ -22,14 +21,11 @@ def catch_exit(signum, frame):
def process_mimikatz(lines): def process_mimikatz(lines):
# code source https://github.com/stufus/parse-mimikatz-log/blob/master/pml.py # code source https://github.com/stufus/parse-mimikatz-log/blob/master/pml.py
main_count = 0 main_count = 0
num_lines = len(lines)
current = {} current = {}
all = [] all = []
for line in lines.split('\n'): for line in lines.split('\n'):
main_count += 1 main_count += 1
percentage_count = "{0:.0f}%".format(float(main_count)/num_lines * 100) val = re.match(r'^\s*\*\s+Username\s+:\s+(.+)\s*$', line.strip())
val = re.match('^\s*\*\s+Username\s+:\s+(.+)\s*$', line.strip())
if val != None: if val != None:
x = process_mimikatzout(current) x = process_mimikatzout(current)
if x not in all: if x not in all:
@ -39,7 +35,7 @@ def process_mimikatz(lines):
current['Username'] = val.group(1).strip() current['Username'] = val.group(1).strip()
continue continue
val = re.match('^\s*\*\s+(Domain|NTLM|SHA1|Password)\s+:\s+(.+)\s*$', line.strip()) val = re.match(r'^\s*\*\s+(Domain|NTLM|SHA1|Password)\s+:\s+(.+)\s*$', line.strip())
if val != None: if val != None:
if val.group(2).count(" ") < 10: if val.group(2).count(" ") < 10:
current[val.group(1).strip()] = val.group(2) current[val.group(1).strip()] = val.group(2)
@ -141,7 +137,7 @@ def argp(cmd):
parser.add_argument('-NotHidden', '-nothidden', action='store', dest='nothidden', required=False) parser.add_argument('-NotHidden', '-nothidden', action='store', dest='nothidden', required=False)
args, unknown = parser.parse_known_args(shlex.split(cmd)) args, unknown = parser.parse_known_args(shlex.split(cmd))
except: except:
error = "error" pass
return args return args
def filecomplete(text, state): def filecomplete(text, state):
@ -298,8 +294,8 @@ def startup(user, printhelp = ""):
else: else:
new_commandhistory(implant_id) new_commandhistory(implant_id)
except Exception as e: except Exception as e:
ExError = e pass
if (implant_id == "") or (implant_id.lower() == "back") or (implant_id.lower() == "clear"): if (implant_id == "") or (implant_id.lower() == "back") or (implant_id.lower() == "clear"):
startup(user) startup(user)

8
Payloads.py
View File

@ -1,8 +1,8 @@
#!/usr/bin/env python #!/usr/bin/env python
from Config import * from Config import PayloadsDirectory, QuickCommand, FilesDirectory
from Colours import * from Colours import Colours
from Utils import * from Utils import gen_key, randomuri
import StringIO, gzip, io, base64, subprocess, os, hashlib, re import StringIO, gzip, io, base64, subprocess, os, hashlib, re
class Payloads(object): class Payloads(object):
@ -32,7 +32,7 @@ class Payloads(object):
with open("%saes.py" % PayloadsDirectory, 'rb') as f: with open("%saes.py" % PayloadsDirectory, 'rb') as f:
content = f.read() content = f.read()
import re import re
m = re.search('#KEY(.+?)#KEY', content); m = re.search('#KEY(.+?)#KEY', content)
if m: keyfound = m.group(1) if m: keyfound = m.group(1)
self.PythonHash = hashlib.sha512(content).hexdigest() self.PythonHash = hashlib.sha512(content).hexdigest()
self.PythonKey = keyfound self.PythonKey = keyfound

7
TabComplete.py
View File

@ -1,9 +1,6 @@
#!/usr/bin/python #!/usr/bin/python
import os import os, sys, readline, glob
import sys
import readline
import glob
class tabCompleter(object): class tabCompleter(object):
""" """
@ -19,8 +16,6 @@ class tabCompleter(object):
This is the tab completer for systems paths. This is the tab completer for systems paths.
Only tested on *nix systems Only tested on *nix systems
""" """
line = readline.get_line_buffer().split()
return [x for x in glob.glob(text+'*')][state] return [x for x in glob.glob(text+'*')][state]

4
Tasks.py
View File

@ -1,7 +1,7 @@
#!/usr/bin/python #!/usr/bin/python
from Colours import * from Colours import Colours
from Core import * from Core import load_module, load_module_sharp, encrypt, default_response
import DB, datetime, hashlib import DB, datetime, hashlib
def newTask(path): def newTask(path):

5
UrlConfig.py
View File

@ -1,8 +1,5 @@
#!/usr/bin/env python #!/usr/bin/env python
import re import re, random, urlparse, os.path
import random
import urlparse
import os.path
class UrlConfig: class UrlConfig:
#urlConfig class represents the necessary URL information for PoshC2. #urlConfig class represents the necessary URL information for PoshC2.