def register(self, guid, psk):
if not guid:
guid = uuid.uuid4()
if not psk:
psk = gen_stager_psk()
try:
uuid.UUID(str(guid))
except ValueError:
raise CmdError("Invalid Guid")
with STDatabase() as db:
db.add_session(guid, psk)
self._register(guid, psk)
return {"guid": str(guid), "psk": psk}
def test_database_ops():
guid = uuid.uuid4()
psk = gen_stager_psk()
with STDatabase(db_path=TEST_DB_PATH) as db:
_psk = db.add_session(guid, psk)
assert _psk == psk
# Test to make sure nothing errors out if we try to add a second session with the same guid & psk
_no_psk = db.add_session(guid, psk)
assert _no_psk == None
_psk = db.get_session_psk(guid)
assert _psk == psk
sessions = db.get_sessions()
assert len(sessions) == 1
def __init__(self, teamserver):
self.teamserver = teamserver
self.selected = None
self.sessions = set()
ipc_server.attach(events.KEX, self.kex)
ipc_server.attach(events.ENCRYPT_STAGE, self.gen_encrypted_stage)
ipc_server.attach(events.SESSION_STAGED, self.notify_session_staged)
ipc_server.attach(events.SESSION_REGISTER, self._register)
ipc_server.attach(events.SESSION_CHECKIN, self.session_checked_in)
ipc_server.attach(events.NEW_JOB, self.add_job)
ipc_server.attach(events.JOB_RESULT, self.job_result)
with STDatabase() as db:
for registered_session in db.get_sessions():
_, guid, psk = registered_session
self._register(guid, psk)
def generate(self, listener_name):
if not self.selected:
raise CmdError("No stager selected")
for l in self.teamserver.contexts['listeners'].listeners:
if l['Name'] == listener_name:
guid, psk, generated_stager = self.selected.generate(l)
with STDatabase() as db:
db.add_session(guid, psk)
self.teamserver.contexts['sessions']._register(guid, psk)
return {
"output": generated_stager,
"suggestions": self.selected.suggestions,
"extension": self.selected.extension
}
raise CmdError(f"No listener running with name '{listener_name}'")
def get_session(self, guid, attempt_auto_reg=True):
try:
return list(filter(lambda x: x == guid, self.sessions))[0]
except IndexError:
logging.error(f"Tried to lookup non registered session {guid}")
if attempt_auto_reg:
logging.info("Attempting automatic registration from database")
with STDatabase() as db:
psk = db.get_session_psk(guid)
if psk:
self._register(guid, psk)
logging.info("Automatic registration successful")
return self.get_session(guid)
logging.error(
f"Could not automatically register session {guid}, PSK not in database"
)
logging.warning(
colored(
"This could be an orphaned session or somebody could be messing with the teamserver!",
"red"))
raise SessionNotFoundError(
f"Session with guid {guid} was not found")
def test_database_creation():
'''Create the database'''
STDatabase.create_db_and_schema(db_path=TEST_DB_PATH)
assert os.path.exists(TEST_DB_PATH) == True
def _register(self, guid, psk):
session = Session(guid, psk)
self.sessions.add(session)
with STDatabase() as db:
db.add_session(guid, psk)
logging.info(f"Registering session: {session}")