PoshC2_Python/changelog.txt

152 lines
6.8 KiB
Plaintext

4.8 (13/02/19)
==============
Insert tasks when first picked up by the implant with start time
Update task when response returned with output and completed time
Log task ID in task sent/received
Add ability to set username and associate username to tasks issued
Print user in task information when the username is not empty
Improved error handling and logging
Rename CompletedTasks table to Tasks table
Method name refactoring around above changes
Pull out implant cores into Implant-Core.py/.cs/.ps1
Rename 2nd stage cores into Stage2-Core.py/.ps1
Stage2-Core.ps1 (previously Implant-Core.ps1) is no longer flagged by AMSI
Use prepared statements in the DB
Refactoring work to start to break up dependency cycle
Rename DB to Database in Config.py to avoid name clashes
Pull some dependency-less functions into Utils.py to aid dependency management
Fix download-file so that if the same file is downloaded multiple times it gets downloaded to name-1.ext name-2.ext etc
Adjust user/host printing to always be domain\user @ host in implants & logs
Fix CreateRawBase payload creation, used in gzip powershell stager and commands like get-system
Added ImplantID to Tasks table as a foreign key, so it's logged in the Tasks report
Added Testing.md for testing checklist/methodology
Fix Get-ScreenshotAllWindows to return correct file extension
Fix searchhelp for commands with caps
Implant timeout highlighting is now based on beacon time - yellow if it's not checked in for 3x beacon time and red if not checked in for 10x beacon time
Setting and viewing beacon time is now consistent across config and implant types - always 50s/10m/1h format
Added validation for beacon time that it matches the correct format
Fix StartAnotherImplant command for python implant
Rename RandomURI column in html output to Context, and print it as domain\username @ hostname
Move service instructions to readme so that poshc2.service can just be copied to /lib/systemd/system
Removed C2Viewer.py and added instructions for same functionality to readme just using system commands
4.7 (03/02/19)
==============
Added Opsec.py to allow users to state various command that they DO NOT want to run
Added Alias.py to allow users to have their own alias for various commands
Fixed HTML output to sort formatting once again
4.6 (26/12/18)
==============
Updated quickcommand on restart with new IP address
re-print quickstart when restarting C2Server.py
Updated migrate command in implant handler & added Escape for HTML output
Major refector of the portscanner by rolen
Fixed proxy payloads for powershell implant
Updated tasks command
Fixed linuxprivchecker to work through a proxy
Fixed config output for Apache rewrite rules by console
Added ability to load and execute LinuxPrivChecker in memory on *nix by pwndexter
Updated Core DLL for Sharp implant
Updated kill-implant options on Sharp implant
Added Sharp Implant and corresponding DLLs/Shellcode
4.5 (19/11/18)
==============
Removed Invoke-Enum
Merged Get-TokenElevationType.ps1 by jmhickman
Added TLS Config to Python Server
Updated README
Updated Get-IPAddress
Merged OfflineReportGenerator.py by skahwah
Updated to latest PowerUp.ps1
Updated INSTALL notes
Updated to work with FIPSAlgorithmPolicy
Updated to latest Invoke-Kerberoast & Invoke-Mimikatz
Removed process start for Netsh.exe on non migrate executable
4.4 (10/11/18)
==============
Inject Shellcode 32bit to 6bit using https://github.com/Coder666/Invoke-CreateRemoteThread64
Added simple Get-IPConfig cmdlet
Updated to include most recent commits
Updated to add option to upload file that is not Hidden & System
Identify if SSL inspection is enabled for web traffic
Obtain a user hash using the methods from 'Internal-Monologue'
Updated to handle accents on hostnames or users
Updated Get-Processfull & Get-Processlist to handle errors on GetOwner()
Updated syntax error in WMIEvent module
Updated Shellcode/DLL to support scriptblock / transcript bypass
Updated default ps command - Now uses Get-ProcessList not Get-ProcessFull
Updated opsec command to add users compromised
Removed sleep as beacon command - set-beacon, beacon or setbeacon
Updated Unhook-AMSI (https://0x00-0x00.github.io/research/2018/10/28/How-to-bypass-AMSI-and-Execute-ANY-malicious-powershell-code.html)
Removed html and replaced with cgi requirement for HTML encoding on output-to-html
Updated print statements in C2Server,ImplantHandler & AutoLoads in preperation for Python3
Updated output-to-html to escape HTML characters
4.3 (27/10/18)
==============
Updated HTML Output for Implants.html
Updated OPSEC command for persistence
Updated Implant Naming Convention to use [Security.Principal.WindowsIdentity]::GetCurrent()).name
Updated ImplantHandler new User Idenfication for Primary Token Use
Updated Invoke-RunAs under SYSTEM with CreateProcessAsUser
Updated Implant-Core process list to use get-processlist function (pinvoke - CreateToolhelp32Snapshot)
Updated autoloads for cmdlets which were missing
Added standalone msbuild.xml output format to payloads.py
Update Msbuild.xml to work with Windows10 64bit (replaced mem.copy to WriteProcessMemory)
Updated Inject-Shellcode to remove processpath and leave procpath
Added Get-ProcessList Module which uses winapi to do ps list (pinvoke - CreateToolhelp32Snapshot)
Added QueueUserAPC to Inject-Shellcode (migrate -Suspended -QueueUserAPC)
Merge pull request #6 from m0rv4i/update-script
Updated Inject-Shellcode base directory to /proj/payloads
Updated output-to-html to Encode HTML Chars
Updated show-serverinfo
Added CSC output format to payloads.py
Added List-URLs Command to DB
Updated CredPopper puts default username and has minimum password limit
Minor changes to documentation
4.2
====
m0rv4i modified update.sh to stash git changes
m0rv4i added laps command from ImplantHandler to autoload
m0rv4i added Get-LAPSPasswords.ps1
4.1
====
Updated Python Implant to Work with createnewpayload
Removed Error on Time
Added WMIEvents and Incorporated Invoke-SMBClient
Added MSBuild Files to PoshC2
Updated to Include Pushover API
Added KillDate to Python Implant
Updated Get-Keystrokes
Added Hide-Implant Mac
Added Hash Verification on Python Downloader
Added Loadodule and Python execution to Mac
Update get-keystrokes
Added get-keystrokes for Mac
Added Error Handling Mac
Updated Opsec for Persistence Files
Updated Persistence Comment
Updated Persistence Status
Added Crontab Persistence and Download-File for Mac
Updated SMBExec/WMIExec Password Options not to use Add-Type
Added Python Downloader
Updated startanotherimplant
Updated Kill Implant OSx
Updated Pbind
Updated OSX for StartAnotherImplant
Updated Help for OSX
Added Domain Fronting for OSx Implant
Updated Posh EXE Downloader
Updated InstallEXE-Persistence
Added Screenshot Mac OSX
Updated to remove requirement for pycrypto for Python implants
Updated Brute-AD to Add Domain Flag
Updated Brute-AD Module
Updated to include AMSI Bypass
Updated PoshC2 to have the AMSI bypass by default in the Shellcode