benpturner
1b76ccfe57
Truncated large output in CSV/HTML to stop this being > 100MB. Re-added Parse-Mimikatz feature. Updated CS dropper to work on Server 2003 with .NET v4.
2019-03-07 09:34:19 +00:00
rolen
8a092df9d6
Use default credentials for the proxy if none provided
...
The UseDefaultCredentials on WebClient (if true) will send creds to the server if requested not the proxy. The Proxy object on WebClient is a IWebProxy which only has a Credentials member (yes could probably cast to WebProxy). This change will send the default creds to the default proxy server
2019-03-06 10:31:02 +00:00
benpturner
5bb677d3d1
Updated install notes
2019-02-28 08:58:16 +00:00
benpturner
bac8cf8d91
added encoding to export to CSV
2019-02-27 13:50:23 +00:00
benpturner
104d8b59e1
Print CSV output
2019-02-26 19:15:04 +00:00
benpturner
26e8446bee
Added CSV output and searching on context in tasks HTML file
2019-02-26 19:12:34 +00:00
benpturner
e55e3df949
Moved Implant-Core.cs to dropper.cs in line with other changes
2019-02-20 16:25:53 +00:00
benpturner
e94f401da6
Added ImplantID to the C2Server window for all new implants
2019-02-20 16:11:27 +00:00
benpturner
2802fac07a
Added * for High Integrity Process on C# and Powershell implants
2019-02-20 15:58:24 +00:00
benpturner
64e5191c8b
Added DaisyChain to autoloads
2019-02-20 15:20:57 +00:00
m0rv4i
7eb6d969ba
Removed C2Viewer.py and added instructions for same functionality to readme just using system commands
2019-02-13 16:38:17 +00:00
m0rv4i
892a3f32f7
Move service instructions to readme so that poshc2.service can just be copied to /lib/systemd/system
2019-02-13 16:38:06 +00:00
m0rv4i
0c8126cdae
Display the username in the task information if it is set
2019-02-13 13:12:27 +00:00
m0rv4i
4e5c8e1fec
Fix loadmodule task output being overwritten in db
2019-02-13 12:56:45 +00:00
m0rv4i
fa3130ded6
If default-beacontime is wrong return to startup after error
2019-02-13 10:19:46 +00:00
m0rv4i
c75016e506
Fix beacon command to support setbeacon set-beacon and beacon again
2019-02-13 09:29:20 +00:00
m0rv4i
543ebc3c15
Rename RandomURI column in html output to Context, and print it as domain\username @ hostname
2019-02-13 08:14:35 +00:00
m0rv4i
d8fdb6c56c
Move Beacon alias to Implant-Core as Beacon has been moved to Implant-Core
2019-02-12 22:36:20 +00:00
m0rv4i
063c5721ce
Push up unsaved file
2019-02-12 22:18:46 +00:00
m0rv4i
18fa7b1767
Update opsec command to show users in same format as elsewhere (domain\user @ host)
2019-02-12 22:14:25 +00:00
m0rv4i
0ab5184cb5
Fix sai command for python implant
2019-02-12 22:06:26 +00:00
m0rv4i
eda146be84
Actually fix beaconing and not just claim to have...
2019-02-12 22:02:09 +00:00
m0rv4i
20dd527367
Setting and viewing beacon time is now consistent across config and implant types - always 50s/10m/1h format
2019-02-12 21:33:46 +00:00
m0rv4i
e6cb404c8a
Implant timeout highlighting is now based on beacon time - yellow if it's not checked in for 3x beacon time and red if not checked in for 10x beacon time
2019-02-12 20:21:19 +00:00
benpturner
ff4cea2795
Updated to fix opsec after DB changes
2019-02-12 19:54:40 +00:00
benpturner
38544e6044
Updated to include opsec as test command
2019-02-12 19:48:56 +00:00
benpturner
d56a8a3436
Updated commands and removed invoke-shellcode
2019-02-12 19:45:33 +00:00
benpturner
7a3a43a1e3
Added netsh and invoke-shellcode to opsec
2019-02-12 19:40:58 +00:00
benpturner
a3f96b3337
Updated HTML for tasks.html
2019-02-12 19:29:17 +00:00
benpturner
c5bb41cee6
Updated spacing for username
2019-02-12 19:12:27 +00:00
m0rv4i
82d676f69a
Minor refactoring and update changelog
2019-02-12 17:34:37 +00:00
m0rv4i
9b2a874415
Fix searchhelp so that it finds commands with caps in the searchterm
2019-02-12 17:34:21 +00:00
m0rv4i
4ee24a785e
Fix Get-ScreenshotAllWindows so that it returns a png
2019-02-12 17:33:42 +00:00
m0rv4i
b2afec601d
Update changelog
2019-02-12 15:35:07 +00:00
m0rv4i
ca7b976a1e
Stage2-Core.ps1 bypasses AMSI again with a daft bypass
2019-02-12 15:34:07 +00:00
m0rv4i
8257420ab8
Add testing checklist in Testing.md
2019-02-12 11:44:35 +00:00
m0rv4i
194344b9f2
Add ImplantID to Tasks table for reference
2019-02-12 11:21:26 +00:00
m0rv4i
59848c36d3
Remove LogUsers option and force usage (though can enter blank username)
2019-02-12 09:13:19 +00:00
m0rv4i
32cc39fa51
Update version
2019-02-12 08:59:14 +00:00
m0rv4i
9a20f1d1e4
Update changelog
2019-02-11 22:49:06 +00:00
m0rv4i
df908b3f06
Truncate shellcode when logging it to the DB
2019-02-11 22:25:03 +00:00
m0rv4i
ca9d6e7f0a
Log task id when issued and returned
2019-02-11 22:06:33 +00:00
m0rv4i
4daebf766c
Fix DB prepared statements
2019-02-11 21:25:03 +00:00
m0rv4i
9e4a464577
Refactoring and start to break up the dependency cycle
2019-02-11 21:00:56 +00:00
m0rv4i
e16e73e629
Remove duplicate Module loaded message in C# and use prepared statements in DB
2019-02-11 17:19:54 +00:00
m0rv4i
72172ba83c
Add config option LogUsers, false by default but it set to true will prompt for a username (or can pass one to ImplantHandler with -u <name> or --u <name>). Tasks run by that user will then be logged as that user.
2019-02-11 17:05:14 +00:00
m0rv4i
2fea962466
* Refactor tasks to insert on run and update on complete
...
* Pull out py and ps cores into files
* Adjust command stored in DB to be user run command (tracking modules
loaded etc)
* Fixed downloading files so subsequent files with the same name will ba
name-1 name-2 etc
* Renamed Implant-Core.ps1 to Core.ps1 to match C#
2019-02-11 14:44:57 +00:00
benpturner
290775ef62
Removed taskid from print statement
2019-02-10 19:24:56 +00:00
benpturner
08f34b6bca
Updated implant seen when command is returned
2019-02-10 19:13:50 +00:00
m0rv4i
58703ada39
Consistently display usernames and domains across logs and fix CreateRawBase to use the core (fixing get-system and the gzip payload etc).
2019-02-06 22:29:11 +00:00