def _(mode): if mode == 'on': engine.enable_debug() elif mode == 'off': engine.disable_debug() else: engine.error('python-debug on|off')
def _(source, out, *args): engine.message('Compiling C# code from: {}'.format(source)) try: sharpgen.compile_file(source, out=out, additional_options=args) engine.message('All finished! Output is in: {}'.format(out)) except RuntimeError as e: engine.error('SharpGen failed. See above for more details')
def alias_callback(*args): # first argument is bid bid = int(args[0]) # see above quote_replacement = quote_replacement_ # check arguments if not utils.check_args(callback, args): syntax = '{} {}'.format(name, utils.signature_command(callback, trim=1)) aggressor.berror(bid, "Syntax: " + syntax) engine.error("Invalid number of arguments passed to alias '{}'. Syntax: {}".format(name, syntax)) return # handle the quote replacement character if not quote_replacement: global _default_quote_replacement quote_replacement = _default_quote_replacement if quote_replacement: args = [arg.replace(quote_replacement, '"') for arg in args] try: # run the alias callback #engine.debug('calling callback for alias {}'.format(name)) callback(*args) except Exception as e: # print exception summaries to the beacon log. raise the # Exception again so the full traceback can get printed to the # Script Console aggressor.berror(bid, "Caught Python exception while executing alias '{}': {}\n See Script Console for more details.".format(name, str(e))) raise e
def error(self, message): if self.bid: # print to beacon console aggressor.berror(self.bid, message) else: # print to script console engine.error(message) raise argparse.ArgumentError('exit')
def _(mode): if mode == 'on': sharpgen.enable_cache_overwrite() engine.message('Enabled SharpGen cache overwrite') elif mode == 'off': sharpgen.disable_cache_overwrite() engine.message('Disabled SharpGen cache overwrite') else: engine.error('Usage: sharpgen-cache-overwrite on|off')
def _(mode): if mode == 'on': sharpgen.set_confuser_protections(config.protections_net35) engine.message('Enabled SharpGen ConfuserEx protections') elif mode == 'off': sharpgen.set_confuser_protections(None) engine.message('Disabled SharpGen ConfuserEx protections') else: engine.error('Usage: sharpgen-confuser on|off')
def _(mode): if mode == 'on': engine.message('Enabled custom powerpick') enable_custom_powerpick() elif mode == 'off': engine.message('Disabled custom powerpick') disable_custom_powerpick() else: engine.error('Usage: custom-powerpick on|off')
def _(source, out=None, *sharpgen_flags): engine.message('Compiling C# code from: {}'.format(source)) try: out, from_cache = sharpgen.compile_file( source, out=out, additional_options=sharpgen_flags, cache=cache) if from_cache: engine.message( 'Build was found in the cache! Output is in: {}'.format(out)) else: engine.message( 'Build was successful! Output is in: {}'.format(out)) except RuntimeError as e: engine.error('SharpGen failed. See above for more details.')
def _(*args): parser = helpers.ArgumentParser(prog='grep-logs', description='Grep beacon logs for a regex') parser.add_argument('-o', '--out', help='Output file') parser.add_argument('-w', '--whole', action='store_true', help='Show whole output') parser.add_argument('regex', action='append', help='Search for regex') try: args = parser.parse_args(args) except: return for regex in args.regex: finds = 0 engine.message("Searching beacon logs for '{}'".format(regex)) for frame in aggressor.data_query('beaconlog'): output_type = frame[0] bid = frame[1] if output_type == 'beacon_input': user = frame[2] data = frame[3] time = convert_time(frame[4]) else: data = frame[2] time = convert_time(frame[3]) for log in split_output(data): if re.search(regex, log, re.IGNORECASE): beacon = '{}@{}'.format(aggressor.beacon_info(bid, 'user'), aggressor.beacon_info(bid, 'computer')) # -w/--whole if args.whole: output = data else: output = log # -o/--out if args.out: with open(args.out, 'a+') as fp: fp.write(output) else: engine.message("Found beacon log matching '{}' from {} at {}:\n{}".format(regex, beacon, time, output)) finds += 1 if finds: if args.out: engine.message("Wrote {} finds containing '{}' to '{}'".format(finds, regex, args.out)) else: engine.message("Found {} logs containing '{}'".format(finds, regex)) else: engine.error("Didn't find any beacon logs containing '{}'".format(regex))
def _(regex): found = False engine.message("Searching keystrokes for '{}'".format(regex)) for frame in aggressor.data_query('keystrokes'): data = frame['data'] bid = frame['bid'] time = convert_time(frame['when']) beacon = '{}@{}'.format(aggressor.beacon_info(bid, 'user'), aggressor.beacon_info(bid, 'computer')) for line in data.splitlines(): if re.search(regex, line, re.IGNORECASE): engine.message("Found keystroke matching '{}' from {} at {}: {}".format(regex, beacon, time, line)) found = True if not found: engine.error("Didn't find any keystrokes containing '{}'".format(regex))
def alias_callback(*args): bid = int(args[0]) if utils.check_args(callback, args): try: engine.debug('calling callback for alias {}'.format(name)) callback(*args) except Exception as e: aggressor.berror( bid, "Caught Python exception while executing alias '{}': {}\n See Script Console for more details." .format(name, str(e))) raise e else: syntax = '{}{}'.format(name, utils.signature(callback, trim=1)) aggressor.berror(bid, "Syntax: " + syntax) engine.error( "Invalid number of arguments passed to alias '{}'. Syntax: {}". format(name, syntax))
def call(name, args): """ Call a function callback by name :param name: Name of callback :param args: Arguments to pass to callback (checked by `utils.check_args` first) """ global _callbacks if name in _callbacks: callback = _callbacks[name] if utils.check_args(callback, args): callback(*args) else: syntax = '{}{}'.format(name, utils.signature(callback)) engine.error("{} is an invalid number of arguments for callback '{}'. syntax: {}".format(len(args), name, syntax)) else: engine.debug('unknown callback {}'.format(name))
def command_callback(*args): # see above quote_replacement = quote_replacement_ # check arguments if not utils.check_args(callback, args): syntax = '{} {}'.format(name, utils.signature_command(callback)) engine.error("Syntax: " + syntax) return # handle the quote replacement character if not quote_replacement: global _default_quote_replacement quote_replacement = _default_quote_replacement if quote_replacement: args = [arg.replace(quote_replacement, '"') for arg in args] #engine.debug('calling callback for command {}'.format(name)) callback(*args)