async def get_transforms_func(ptype, t_type):
try:
payload_type = await db_objects.get(PayloadType, ptype=ptype)
except Exception as e:
print(e)
return {'status': 'error', 'error': 'failed to get payload type specified'}
try:
transforms = await db_objects.execute(Transform.select().where(
(Transform.t_type == t_type) & (Transform.payload_type == payload_type)).order_by(Transform.order))
except Exception as e:
print(e)
return {'status': 'error', 'error': 'failed to get ' + ptype + ' transforms for ' + t_type}
return {'status': 'success', 'transforms': [t.to_json() for t in transforms]}
async def get_transforms_by_type(request, ptype, user):
payload_type = unquote_plus(ptype)
try:
payloadtype = await db_objects.get(PayloadType, ptype=payload_type)
except Exception as e:
print(e)
return json({'status': 'error', 'error': 'failed to find payload type'})
try:
transforms = await db_objects.execute(Transform.select().where(Transform.payload_type == payloadtype).order_by(
Transform.t_type, Transform.order
))
except Exception as e:
print(e)
return json({'status': 'error', 'error': 'failed to get the transforms'})
return json({'status': 'success', 'transforms': [t.to_json() for t in transforms]})
async def export_command_list(request, user, ptype):
payload_type = unquote_plus(ptype)
try:
payload_ptype = await db_objects.get(PayloadType, ptype=payload_type)
operation = await db_objects.get(Operation,
name=user['current_operation'])
except Exception as e:
print(e)
return json({
'status': 'error',
'error': 'unable to find that payload type'
})
cmdlist = []
try:
payloadtype_json = payload_ptype.to_json()
del payloadtype_json['id']
del payloadtype_json['operator']
del payloadtype_json['creation_time']
payloadtype_json['files'] = []
for file in glob.iglob(
"./app/payloads/{}/payload/*".format(payload_type)):
payload_file = open(file, 'rb')
file_dict = {
file.split("/")[-1]:
base64.b64encode(payload_file.read()).decode('utf-8')
}
payloadtype_json['files'].append(file_dict)
commands = await db_objects.execute(
Command.select().where(Command.payload_type == payload_ptype))
for c in commands:
cmd_json = c.to_json()
del cmd_json['id']
del cmd_json['creation_time']
del cmd_json['operator']
del cmd_json['payload_type']
params = await db_objects.execute(CommandParameters.select().where(
CommandParameters.command == c))
params_list = []
for p in params:
p_json = p.to_json()
del p_json['id']
del p_json['command']
del p_json['cmd']
del p_json['operator']
del p_json['payload_type']
params_list.append(p_json)
cmd_json['parameters'] = params_list
attacks = await db_objects.execute(
ATTACKCommand.select().where(ATTACKCommand.command == c))
attack_list = []
for a in attacks:
a_json = a.to_json()
del a_json['command']
del a_json['command_id']
del a_json['id']
attack_list.append(a_json)
cmd_json['attack'] = attack_list
artifacts = await db_objects.execute(
ArtifactTemplate.select().where(ArtifactTemplate.command == c))
artifact_list = []
for a in artifacts:
a_json = {
"command_parameter": a.command_parameter,
"artifact": a.artifact.name,
"artifact_string": a.artifact_string,
"replace_string": a.replace_string
}
artifact_list.append(a_json)
cmd_json['artifacts'] = artifact_list
cmd_file = open(
"./app/payloads/{}/commands/{}".format(payload_type, c.cmd),
'rb')
cmd_json['file'] = base64.b64encode(
cmd_file.read()).decode('utf-8')
cmdlist.append(cmd_json)
# get all the c2 profiles we can that match up with this payload type for the current operation
profiles = await db_objects.execute(
PayloadTypeC2Profile.select().where(
PayloadTypeC2Profile.payload_type == payload_ptype).join(
C2Profile).where(C2Profile.operation == operation))
profiles_dict = {}
for p in profiles:
files = []
for profile_file in glob.iglob(
"./app/c2_profiles/{}/{}/{}/*".format(
operation.name, p.c2_profile.name, payload_type)):
file_contents = open(profile_file, 'rb')
file_dict = {
profile_file.split("/")[-1]:
base64.b64encode(file_contents.read()).decode('utf-8')
}
files.append(file_dict)
profiles_dict[p.c2_profile.name] = files
payloadtype_json['c2_profiles'] = profiles_dict
# get all of the module load transformations
load_transforms = await db_objects.execute(Transform.select().where(
(Transform.t_type == "load")
& (Transform.payload_type == payload_ptype)))
load_transforms_list = []
for lt in load_transforms:
lt_json = lt.to_json()
del lt_json['payload_type']
del lt_json['operator']
del lt_json['timestamp']
del lt_json['t_type']
del lt_json['id']
load_transforms_list.append(lt_json)
payloadtype_json['load_transforms'] = load_transforms_list
# get all of the payload creation transformations
create_transforms = await db_objects.execute(Transform.select().where(
(Transform.t_type == "create")
& (Transform.payload_type == payload_ptype)))
create_transforms_list = []
for ct in create_transforms:
ct_json = ct.to_json()
del ct_json['payload_type']
del ct_json['operator']
del ct_json['timestamp']
del ct_json['t_type']
del ct_json['id']
create_transforms_list.append(ct_json)
payloadtype_json['create_transforms'] = create_transforms_list
except Exception as e:
print(e)
return json({
'status':
'error',
'error':
'failed to get information for that payload type: ' + str(e)
})
return json({"payload_types": [{**payloadtype_json, "commands": cmdlist}]})