infosecn1nja
/
PoshC2_Python
mirror of https://github.com/infosecn1nja/PoshC2_Python.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Remove duplicate Module loaded message in C# and use prepared statements in DB

chunking
m0rv4i 2019-02-11 17:19:54 +00:00
parent 72172ba83c
commit e16e73e629
3 changed files with 7 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
Config.py
View File

@ -17,7 +17,7 @@ QuickCommand = urlConfig.fetchQCUrl()
DownloadURI = urlConfig.fetchConnUrl()
Sounds = "No"
ServerPort = "443"
LogUsers = True
LogUsers = False
EnableNotifications = "No"
# ClockworkSMS - https://www.clockworksms.com

12
DB.py
View File

@ -387,7 +387,7 @@ def update_task(taskId, output):
conn.text_factory = str
conn.row_factory = sqlite3.Row
c = conn.cursor()
c.execute("UPDATE Tasks SET Output=?, CompletedTime=? WHERE TaskID=%s" % taskId, (output, completedTime))
c.execute("UPDATE Tasks SET Output=?, CompletedTime=? WHERE TaskID=?", (output, completedTime, taskId))
conn.commit()
return c.lastrowid
@ -404,7 +404,7 @@ def get_implantbyid(id):
conn = sqlite3.connect(DB)
conn.row_factory = sqlite3.Row
c = conn.cursor()
c.execute("SELECT * FROM Implants WHERE ImplantID=%s" % id)
c.execute("SELECT * FROM Implants WHERE ImplantID=?" , id)
result = c.fetchone()
if result:
return result
@ -426,7 +426,7 @@ def get_tasksbyid(id):
conn = sqlite3.connect(DB)
conn.row_factory = sqlite3.Row
c = conn.cursor()
c.execute("SELECT * FROM Tasks WHERE CompletedTaskID=%s" % id)
c.execute("SELECT * FROM Tasks WHERE CompletedTaskID=?", id)
result = c.fetchone()
if result:
return result
@ -437,7 +437,7 @@ def get_newtasksbyid(taskid):
conn = sqlite3.connect(DB)
conn.row_factory = sqlite3.Row
c = conn.cursor()
c.execute("SELECT * FROM NewTasks WHERE TaskID=%s" % taskid)
c.execute("SELECT * FROM NewTasks WHERE TaskID=?", taskid)
result = c.fetchone()
if result:
return result
@ -448,7 +448,7 @@ def get_seqcount(table):
conn = sqlite3.connect(DB)
conn.row_factory = sqlite3.Row
c = conn.cursor()
c.execute("SELECT seq FROM sqlite_sequence WHERE name=\"%s\"" % table)
c.execute("SELECT seq FROM sqlite_sequence WHERE name=\"?\"", table)
result = int(c.fetchone()[0])
if result:
return result
@ -481,7 +481,7 @@ def get_cmd_from_task_id(taskId):
conn = sqlite3.connect(DB)
conn.row_factory = sqlite3.Row
c = conn.cursor()
c.execute("SELECT Command FROM Tasks WHERE TaskId=%s" % taskId)
c.execute("SELECT Command FROM Tasks WHERE TaskId=?", taskId)
result = str(c.fetchone()[0])
if result:
return result

1
Files/Sharp.cs
View File

@ -388,7 +388,6 @@ public class Program
{
var module = Regex.Replace(cmd, "loadmodule", "", RegexOptions.IgnoreCase);
var assembly = System.Reflection.Assembly.Load(System.Convert.FromBase64String(module));
output.AppendLine("Module loaded sucessfully");
}
else if (cmd.ToLower().StartsWith("upload-file"))
{