benpturner
bac8cf8d91
added encoding to export to CSV
2019-02-27 13:50:23 +00:00
benpturner
104d8b59e1
Print CSV output
2019-02-26 19:15:04 +00:00
benpturner
26e8446bee
Added CSV output and searching on context in tasks HTML file
2019-02-26 19:12:34 +00:00
benpturner
e55e3df949
Moved Implant-Core.cs to dropper.cs in line with other changes
2019-02-20 16:25:53 +00:00
benpturner
e94f401da6
Added ImplantID to the C2Server window for all new implants
2019-02-20 16:11:27 +00:00
benpturner
2802fac07a
Added * for High Integrity Process on C# and Powershell implants
2019-02-20 15:58:24 +00:00
benpturner
64e5191c8b
Added DaisyChain to autoloads
2019-02-20 15:20:57 +00:00
m0rv4i
7eb6d969ba
Removed C2Viewer.py and added instructions for same functionality to readme just using system commands
2019-02-13 16:38:17 +00:00
m0rv4i
892a3f32f7
Move service instructions to readme so that poshc2.service can just be copied to /lib/systemd/system
2019-02-13 16:38:06 +00:00
m0rv4i
0c8126cdae
Display the username in the task information if it is set
2019-02-13 13:12:27 +00:00
m0rv4i
4e5c8e1fec
Fix loadmodule task output being overwritten in db
2019-02-13 12:56:45 +00:00
m0rv4i
fa3130ded6
If default-beacontime is wrong return to startup after error
2019-02-13 10:19:46 +00:00
m0rv4i
c75016e506
Fix beacon command to support setbeacon set-beacon and beacon again
2019-02-13 09:29:20 +00:00
m0rv4i
543ebc3c15
Rename RandomURI column in html output to Context, and print it as domain\username @ hostname
2019-02-13 08:14:35 +00:00
m0rv4i
d8fdb6c56c
Move Beacon alias to Implant-Core as Beacon has been moved to Implant-Core
2019-02-12 22:36:20 +00:00
m0rv4i
063c5721ce
Push up unsaved file
2019-02-12 22:18:46 +00:00
m0rv4i
18fa7b1767
Update opsec command to show users in same format as elsewhere (domain\user @ host)
2019-02-12 22:14:25 +00:00
m0rv4i
0ab5184cb5
Fix sai command for python implant
2019-02-12 22:06:26 +00:00
m0rv4i
eda146be84
Actually fix beaconing and not just claim to have...
2019-02-12 22:02:09 +00:00
m0rv4i
20dd527367
Setting and viewing beacon time is now consistent across config and implant types - always 50s/10m/1h format
2019-02-12 21:33:46 +00:00
m0rv4i
e6cb404c8a
Implant timeout highlighting is now based on beacon time - yellow if it's not checked in for 3x beacon time and red if not checked in for 10x beacon time
2019-02-12 20:21:19 +00:00
benpturner
ff4cea2795
Updated to fix opsec after DB changes
2019-02-12 19:54:40 +00:00
benpturner
38544e6044
Updated to include opsec as test command
2019-02-12 19:48:56 +00:00
benpturner
d56a8a3436
Updated commands and removed invoke-shellcode
2019-02-12 19:45:33 +00:00
benpturner
7a3a43a1e3
Added netsh and invoke-shellcode to opsec
2019-02-12 19:40:58 +00:00
benpturner
a3f96b3337
Updated HTML for tasks.html
2019-02-12 19:29:17 +00:00
benpturner
c5bb41cee6
Updated spacing for username
2019-02-12 19:12:27 +00:00
m0rv4i
82d676f69a
Minor refactoring and update changelog
2019-02-12 17:34:37 +00:00
m0rv4i
9b2a874415
Fix searchhelp so that it finds commands with caps in the searchterm
2019-02-12 17:34:21 +00:00
m0rv4i
4ee24a785e
Fix Get-ScreenshotAllWindows so that it returns a png
2019-02-12 17:33:42 +00:00
m0rv4i
b2afec601d
Update changelog
2019-02-12 15:35:07 +00:00
m0rv4i
ca7b976a1e
Stage2-Core.ps1 bypasses AMSI again with a daft bypass
2019-02-12 15:34:07 +00:00
m0rv4i
8257420ab8
Add testing checklist in Testing.md
2019-02-12 11:44:35 +00:00
m0rv4i
194344b9f2
Add ImplantID to Tasks table for reference
2019-02-12 11:21:26 +00:00
m0rv4i
59848c36d3
Remove LogUsers option and force usage (though can enter blank username)
2019-02-12 09:13:19 +00:00
m0rv4i
32cc39fa51
Update version
2019-02-12 08:59:14 +00:00
m0rv4i
9a20f1d1e4
Update changelog
2019-02-11 22:49:06 +00:00
m0rv4i
df908b3f06
Truncate shellcode when logging it to the DB
2019-02-11 22:25:03 +00:00
m0rv4i
ca9d6e7f0a
Log task id when issued and returned
2019-02-11 22:06:33 +00:00
m0rv4i
4daebf766c
Fix DB prepared statements
2019-02-11 21:25:03 +00:00
m0rv4i
9e4a464577
Refactoring and start to break up the dependency cycle
2019-02-11 21:00:56 +00:00
m0rv4i
e16e73e629
Remove duplicate Module loaded message in C# and use prepared statements in DB
2019-02-11 17:19:54 +00:00
m0rv4i
72172ba83c
Add config option LogUsers, false by default but it set to true will prompt for a username (or can pass one to ImplantHandler with -u <name> or --u <name>). Tasks run by that user will then be logged as that user.
2019-02-11 17:05:14 +00:00
m0rv4i
2fea962466
* Refactor tasks to insert on run and update on complete
...
* Pull out py and ps cores into files
* Adjust command stored in DB to be user run command (tracking modules
loaded etc)
* Fixed downloading files so subsequent files with the same name will ba
name-1 name-2 etc
* Renamed Implant-Core.ps1 to Core.ps1 to match C#
2019-02-11 14:44:57 +00:00
benpturner
290775ef62
Removed taskid from print statement
2019-02-10 19:24:56 +00:00
benpturner
08f34b6bca
Updated implant seen when command is returned
2019-02-10 19:13:50 +00:00
m0rv4i
58703ada39
Consistently display usernames and domains across logs and fix CreateRawBase to use the core (fixing get-system and the gzip payload etc).
2019-02-06 22:29:11 +00:00
m0rv4i
573209d2dc
Implant handler now lists implants as Domain\Username @ Hostname instead of Domain @ Hostname
2019-02-06 15:05:08 +00:00
benpturner
e7b3842caa
v4.7 - fixes and updates
2019-02-03 19:50:40 +00:00
benpturner
eb6b4319b7
Updated quickcommand on restart with new IP address
2019-01-29 20:02:53 +00:00