예제 #1
0
def read_file(query, body, module_data):
    # XXX: The query will be:
    # id=<encrypted computer name>&&mux=<encrypted total file size>
    # So we need to parse those out. Also, the response body should have 'I'm
    # Ready' in it.
    chop.tsprnt("Readfile (not implemented):\n%s\n%s" %
                (hexdump(query), hexdump(body)))
예제 #2
0
def read_file_chunk(query, body, module_data):
    # XXX: The query will be:
    # id=<encoded computer name>&&date=<file chunk data>
    # So we need to parse those out and store it. Also, the response body should
    # have 'OK' in it.
    chop.tsprnt("Readfile chunk (not implemented):\n%s\n%s" %
                (hexdump(query), hexdump(body)))
예제 #3
0
def handleStream(tcp):
    ((src, sport), (dst, dport)) = parse_addr(tcp)
    if tcp.client.count_new > 0:
        data = tcp.client.data[:tcp.client.count_new]
        count = tcp.client.count_new
        if tcp.stream_data['dump']:
            chop.tsprnt("%s:%s -> %s:%s %i bytes" % (
                src,
                sport,
                dst,
                dport,
                count,
            ))
            chop.prnt(hexdump(data))
        if data[:3] in [
                '\x18\x03\x00', '\x18\x03\x01', '\x18\x03\x02', '\x18\x03\x03'
        ]:
            chop.tsprnt("%s:%s -> %s:%s %i bytes" % (
                src,
                sport,
                dst,
                dport,
                count,
            ))
            chop.prnt(hexdump(data[8:]))
            tcp.stream_data['dump'] = True
    if tcp.client.server_new > 0:
        count = tcp.server.count_new

    tcp.discard(count)
def handleStream(tcp):
    ((src, sport), (dst, dport)) = parse_addr(tcp)
    if tcp.client.count_new > 0:
        data = tcp.client.data[: tcp.client.count_new]
        count = tcp.client.count_new
        if tcp.stream_data["dump"]:
            chop.tsprnt("%s:%s -> %s:%s %i bytes" % (src, sport, dst, dport, count))
            chop.prnt(hexdump(data))
        if data[:3] in ["\x18\x03\x00", "\x18\x03\x01", "\x18\x03\x02", "\x18\x03\x03"]:
            chop.tsprnt("%s:%s -> %s:%s %i bytes" % (src, sport, dst, dport, count))
            chop.prnt(hexdump(data[8:]))
            tcp.stream_data["dump"] = True

    tcp.discard(count)
예제 #5
0
def handleStream(tcp):
    ((src, sport), (dst, dport)) = parse_addr(tcp)
    if tcp.client.count_new > 0:
        data = tcp.client.data[:tcp.client.count_new]
        count = tcp.client.count_new
        if tcp.stream_data['dump']:
            chop.tsprnt("%s:%s -> %s:%s %i bytes" % (src, sport, dst, dport, count,))
            chop.prnt(hexdump(data))
        if data[:3] in ['\x18\x03\x00', '\x18\x03\x01', '\x18\x03\x02', '\x18\x03\x03']:
            chop.tsprnt("%s:%s -> %s:%s %i bytes" % (src, sport, dst, dport, count,))
            chop.prnt(hexdump(data[8:]))
            tcp.stream_data['dump'] = True
    if tcp.client.server_new > 0:
        count = tcp.server.count_new

    tcp.discard(count)
예제 #6
0
파일: payloads.py 프로젝트: nsxz/chopshop
def alter_data(module_data, data):
    if 'xor_key' in module_data:
        data = multibyte_xor(data, module_data['xor_key'])

    if module_data['hexdump']:
        data = hexdump(data)

    if module_data['base64']:
        data = b64encode(data)

    return data
예제 #7
0
def alter_data(module_data, data):
    if "xor_key" in module_data:
        data = multibyte_xor(data, module_data["xor_key"])

    if module_data["hexdump"]:
        data = hexdump(data)

    if module_data["base64"]:
        data = b64encode(data)

    return data
예제 #8
0
파일: payloads.py 프로젝트: z0x010/chopshop
def handle_bytes(data, color, direction, module_data):
    if 'xor_key' in module_data:
        data = multibyte_xor(data, module_data['xor_key'])

    if module_data['hexdump']:
        data = hexdump(data)

    if module_data['base64']:
        data = b64encode(data)

    chop.prettyprnt(color, data)
    chop.json({'payload': data, 'direction': direction})
예제 #9
0
def handle_bytes(data, color, direction, module_data):
    if "xor_key" in module_data:
        data = multibyte_xor(data, module_data["xor_key"])

    if module_data["hexdump"]:
        data = hexdump(data)

    if module_data["base64"]:
        data = b64encode(data)

    chop.prettyprnt(color, data)
    chop.json({"payload": data, "direction": direction})
예제 #10
0
파일: payloads.py 프로젝트: nsxz/chopshop
def handleDatagram(udp):
	# collect time and IP metadata
	((src, sport), (dst, dport)) = udp.addr
	# handle client system packets
        if udp.module_data['verbose']:
            chop.tsprettyprnt("RED", "%s:%s -> %s:%s 0x%04X bytes" % (src, sport, dst, dport, len(udp.data)))
        if 'xor_key' in udp.module_data:
            data = multibyte_xor(udp.data, udp.module_data['xor_key'])
        else:
            data = udp.data
        if udp.module_data['hexdump']:
            data = hexdump(data)
        chop.prettyprnt("RED", data)
예제 #11
0
파일: yarashop.py 프로젝트: z0x010/chopshop
def handle_results(tcp):
    """Print and save results."""
    ((src, sport), (dst, dport)) = parse_addr(tcp)
    # print results
    for match in tcp.stream_data['server_processor'].results:
        if not module_data['quiet']:
            chop.tsprnt('Stream: Match found; %s:%s --> %s:%s' %
                        (src, sport, dst, dport))
            chop.prnt(match)

        # Save results
        if tcp.module_data['save']:
            output = 'Match found in server stream; src=%s; sport=%s; dst=%s; dport=%s\n' \
                      % (src, sport, dst, dport)
            output += str(match) + '\n\n'
            output += hexdump(tcp.stream_data['server_buffer']) + '\n'
            chop.appendfile(tcp.module_data['save'], output)

        chop.json(match)
    tcp.stream_data['server_processor'].clear_results()

    # print results
    for match in tcp.stream_data['client_processor'].results:
        if not module_data['quiet']:
            chop.tsprnt('Stream: Match found; %s:%s --> %s:%s' %
                        (dst, dport, src, sport))
            chop.tsprnt(match)

        # Save results
        if tcp.module_data['save']:
            output = 'Match found in client stream; src=%s; sport=%s; dst=%s; dport=%s\n' \
                      % (dst, dport, src, sport)
            output += str(match) + '\n\n'
            output += hexdump(tcp.stream_data['client_buffer']) + '\n'
            chop.appendfile(tcp.module_data['save'], output)

        chop.json(match)
    tcp.stream_data['client_processor'].clear_results()
예제 #12
0
파일: yarashop.py 프로젝트: 7h3rAm/chopshop
def handle_results(tcp):
    """Print and save results."""
    ((src, sport), (dst, dport)) = parse_addr(tcp)
    # print results
    for match in tcp.stream_data['server_processor'].results:
        if not module_data['quiet']:
            chop.tsprnt('Stream: Match found; %s:%s --> %s:%s' % (src, sport, dst, dport))
            chop.prnt(match)

        # Save results
        if tcp.module_data['save']:
            output = 'Match found in server stream; src=%s; sport=%s; dst=%s; dport=%s\n' \
                      % (src, sport, dst, dport)
            output += str(match) + '\n\n'
            output += hexdump(tcp.stream_data['server_buffer']) + '\n'
            chop.appendfile(tcp.module_data['save'], output)

        chop.json(match)
    tcp.stream_data['server_processor'].clear_results()

    # print results
    for match in tcp.stream_data['client_processor'].results:
        if not module_data['quiet']:
            chop.tsprnt('Stream: Match found; %s:%s --> %s:%s' % (dst, dport, src, sport))
            chop.tsprnt(match)

        # Save results
        if tcp.module_data['save']:
            output = 'Match found in client stream; src=%s; sport=%s; dst=%s; dport=%s\n' \
                      % (dst, dport, src, sport)
            output += str(match) + '\n\n'
            output += hexdump(tcp.stream_data['client_buffer']) + '\n'
            chop.appendfile(tcp.module_data['save'], output)

        chop.json(match)
    tcp.stream_data['client_processor'].clear_results()
예제 #13
0
def decode(msg, tcp):
    ((src, sport), (dst, dport)) = parse_addr(tcp)
    #chop.tsprnt("%s:%i->%s:%i" % (src, sport, dst, dport), None)

    # If this is a shell session, just dump the contents.
    if tcp.stream_data['shell'] == True:
        chop.prnt("\n%s" % msg)
        return

    # Grab the token and decode if possible.
    b = struct.unpack('c', msg[:1])[0]
    if b in tcp.module_data['tokens']:
        msg = msg[1:]
        tcp.module_data['tokens'][b](msg, tcp)
    else:
        chop.prnt("Unknown token: 0x%02x" % ord(b))
        chop.prnt("%s" % hexdump(msg))
예제 #14
0
def decode(msg, tcp):
    ((src, sport), (dst, dport)) = parse_addr(tcp)
    # chop.tsprnt("%s:%i->%s:%i" % (src, sport, dst, dport), None)

    # If this is a shell session, just dump the contents.
    if tcp.stream_data["shell"] == True:
        chop.prnt("\n%s" % msg)
        return

    # Grab the token and decode if possible.
    b = struct.unpack("c", msg[:1])[0]
    if b in tcp.module_data["tokens"]:
        msg = msg[1:]
        tcp.module_data["tokens"][b](msg, tcp)
    else:
        chop.prnt("Unknown token: 0x%02x" % ord(b))
        chop.prnt("%s" % hexdump(msg))
예제 #15
0
def decode_command(dest, command, payload, command_list):
    """
    Print out the command info response from command_conversion.
    Args:
        dest: a string containing either 'server' or 'client' to dictate which direction the packet is going.
        command: hex string of the command byte
        payload: hex string of the packet payload data
    
    """

    if (dest == 'server'):

        decoded_text, payload = command_conversion(command, payload,
                                                   command_list)
        chop.tsprnt('server -> client')
        if decoded_text:
            chop.tsprnt('EvilGrab Command: %s => %s' %
                        (binascii.hexlify(command), decoded_text))
            if payload:
                chop.tsprnt('EvilGrab Command Payload:')
                if len(payload) > 32:
                    chop.tsprnt(hexdump(payload[:16]).strip())
                    chop.tsprnt(hexdump(payload[16:32]).strip())
                else:
                    chop.tsprnt(hexdump(payload).strip())
        else:
            #print the hexdump of non-commands
            chop.tsprnt("Unknown command: %x" % ord(command))

    elif dest == 'client':
        decoded_text, payload = command_conversion(command, payload,
                                                   command_list)
        chop.tsprnt('client -> server')
        chop.tsprnt('Exfil Type: %s => %s' %
                    (binascii.hexlify(command), decoded_text))
        ## lets check out the initial system data sent
        #chop.tsprnt("%s" % binascii.hexlify(command).lower())
        if binascii.hexlify(command).lower() == "a0" and payload:
            # the data should be pipe delimited,
            # but its a string so lets split on NULL and write the data portion
            split_payload = payload.split("\x00")
            chop.tsprnt('%r' % split_payload[0])
        elif payload:
            chop.tsprnt('EvilGrab Exfil Payload: ')
            if len(payload) > 32:
                chop.tsprnt(hexdump(payload[:16]).strip())
                chop.tsprnt(hexdump(payload[16:32]).strip())
            else:
                chop.tsprnt(hexdump(payload).strip())
    else:
        chop.tsprnt('unk -> unk')
예제 #16
0
def handleStream(tcp):
    ((src, sport), (dst, dport)) = parse_addr(tcp)
    if tcp.server.count_new > 0:
        data = tcp.server.data[:tcp.server.count_new]
        count = tcp.server.count_new
        color = "RED"
    else:
        data = tcp.client.data[:tcp.client.count_new]
        count = tcp.client.count_new
        color = "GREEN"

    if tcp.module_data['verbose']:
        chop.tsprettyprnt(color, "%s:%s -> %s:%s %i bytes" % (src, sport, dst, dport, count))
    if 'xor_key' in tcp.module_data:
        data = multibyte_xor(data, tcp.module_data['xor_key'])
    if tcp.module_data['hexdump']:
        data = hexdump(data)
    chop.prettyprnt(color, data)
    tcp.discard(count)
예제 #17
0
def handleStream(tcp):
    ((src, sport), (dst, dport)) = parse_addr(tcp)
    if tcp.server.count_new > 0:
        data = tcp.server.data[:tcp.server.count_new]
        count = tcp.server.count_new
        color = "RED"
    else:
        data = tcp.client.data[:tcp.client.count_new]
        count = tcp.client.count_new
        color = "GREEN"

    if tcp.module_data['verbose']:
        chop.tsprettyprnt(
            color, "%s:%s -> %s:%s %i bytes" % (src, sport, dst, dport, count))
    if 'xor_key' in tcp.module_data:
        data = multibyte_xor(data, tcp.module_data['xor_key'])
    if tcp.module_data['hexdump']:
        data = hexdump(data)
    chop.prettyprnt(color, data)
    tcp.discard(count)
예제 #18
0
def handleStream(tcp):
    ((src, sport), (dst, dport)) = parse_addr(tcp)
    if tcp.server.count_new > 0:
        data = tcp.server.data[:tcp.server.count_new]
        count = tcp.server.count_new
        direction = 'to_server'
        color = "RED"
    else:
        data = tcp.client.data[:tcp.client.count_new]
        count = tcp.client.count_new
        direction = 'to_client'
        color = "GREEN"

    if tcp.module_data['verbose']:
        chop.tsprettyprnt(
            color, "%s:%s -> %s:%s %i bytes (H = %0.2f)" %
            (src, sport, dst, dport, count, entropy(data)))

    if tcp.module_data['oneshot']:
        tcp.stream_data['data'] += data

    if tcp.module_data['oneshot_split']:
        tcp.stream_data[direction] += data

    if tcp.module_data['oneshot'] or tcp.module_data['oneshot_split']:
        return

    if 'xor_key' in tcp.module_data:
        data = multibyte_xor(data, tcp.module_data['xor_key'])

    if tcp.module_data['hexdump']:
        data = hexdump(data)

    if module_data['base64']:
        data = b64encode(data)

    chop.prettyprnt(color, data)
    chop.json({'payload': data, 'direction': direction})

    tcp.discard(count)
예제 #19
0
def decode_command( dest, command, payload, command_list):
    """
    Print out the command info response from command_conversion.
    Args:
        dest: a string containing either 'server' or 'client' to dictate which direction the packet is going.
        command: hex string of the command byte
        payload: hex string of the packet payload data
    
    """
    
    if (dest == 'server'):

        decoded_text, payload = command_conversion(command, payload, command_list)
        chop.tsprnt('server -> client')
        if decoded_text:
            chop.tsprnt('EvilGrab Command: %s => %s' % (binascii.hexlify(command), decoded_text))
            if payload:
                chop.tsprnt('EvilGrab Command Payload:')
                if len(payload) > 32:
                    chop.tsprnt(hexdump(payload[:16]).strip())
                    chop.tsprnt(hexdump(payload[16:32]).strip())
                else:
                    chop.tsprnt(hexdump(payload).strip())
        else:
            #print the hexdump of non-commands
            chop.tsprnt("Unknown command: %x" % ord(command))

    elif dest == 'client':
        decoded_text, payload = command_conversion(command, payload, command_list)
        chop.tsprnt('client -> server')
        chop.tsprnt('Exfil Type: %s => %s' % (binascii.hexlify(command), decoded_text))
        ## lets check out the initial system data sent
        #chop.tsprnt("%s" % binascii.hexlify(command).lower())
        if binascii.hexlify(command).lower() == "a0" and payload:
           # the data should be pipe delimited, 
           # but its a string so lets split on NULL and write the data portion
           split_payload = payload.split("\x00") 
           chop.tsprnt('%r' % split_payload[0])
        elif payload:
            chop.tsprnt('EvilGrab Exfil Payload: ')
            if len(payload) > 32:
                chop.tsprnt(hexdump(payload[:16]).strip())
                chop.tsprnt(hexdump(payload[16:32]).strip())
            else:
                chop.tsprnt(hexdump(payload).strip())
    else:
        chop.tsprnt('unk -> unk')
예제 #20
0
def handleDatagram(udp):
    ((src, sport), (dst, dport)) = udp.addr

    chop.tsprnt("UDP %s:%s - %s:%s (%dB)" % (src, sport, dst, dport, len(udp.data)))

    buffer = udp.data
    offset = udp.module_data['emu'].shellcode_getpc_test(buffer)
    if offset >= 0:
        udp.stop
        udp.module_data['emu'].prepare(buffer, offset)
        udp.module_data['emu'].test()
        chop.tsprnt("UDP %s:%s - %s:%s contains shellcode in [0:%d] @ offset %d" % (src, sport, dst, dport, len(udp.data), offset))

        if udp.module_data['cliargs']['hexdump']:
            data = hexdump(buffer[offset:])
            chop.prnt("\n" + data)

        if udp.module_data['cliargs']['shellprofile']:
            buffer_profile = udp.module_data['emu'].emu_profile_output
            chop.prnt("\n" + buffer_profile)

    udp.module_data['emu'].free()
예제 #21
0
파일: payloads.py 프로젝트: 7h3rAm/chopshop
def handleStream(tcp):
    ((src, sport), (dst, dport)) = parse_addr(tcp)
    if tcp.server.count_new > 0:
        data = tcp.server.data[:tcp.server.count_new]
        count = tcp.server.count_new
        direction = 'to_server'
        color = "RED"
    else:
        data = tcp.client.data[:tcp.client.count_new]
        count = tcp.client.count_new
        direction = 'to_client'
        color = "GREEN"

    if tcp.module_data['verbose']:
        chop.tsprettyprnt(color, "%s:%s -> %s:%s %i bytes (H = %0.2f)" % (src, sport, dst, dport, count, entropy(data)))

    if tcp.module_data['oneshot']:
        tcp.stream_data['data'] += data

    if tcp.module_data['oneshot_split']:
        tcp.stream_data[direction] += data

    if tcp.module_data['oneshot'] or tcp.module_data['oneshot_split']:
        return

    if 'xor_key' in tcp.module_data:
        data = multibyte_xor(data, tcp.module_data['xor_key'])

    if tcp.module_data['hexdump']:
        data = hexdump(data)

    if tcp.module_data['base64']:
        data = b64encode(data)

    chop.prettyprnt(color, data)
    chop.json({'payload': data, 'direction': direction})

    tcp.discard(count)
예제 #22
0
파일: etumbot.py 프로젝트: 0rbytal/chopshop
def execution(path, body, module_data):
    key = module_data['key']
    opcodes = module_data['opcodes']
    verbose = module_data['verbose']

    blob = b64decode(path, '_-')
    cryptobj = rc4(key=key)
    decrypted = cryptobj.crypt(blob)
    chop.tsprnt("Command request from %s" % decrypted)
    if body:
        data = b64decode(body, '_-')
        cryptobj = rc4(key=key)
        decrypted = cryptobj.crypt(data)
        if len(decrypted) < 4:
            chop.tsprnt("Command response length invalid.")
            return
        opcode = struct.unpack('<I', decrypted[:4])[0]
        if opcode in opcodes:
            opcodes[opcode](decrypted[4:])
        else:
            chop.tsprnt("Unknown opcode (%i)" % opcode)
            if verbose:
                chop.tsprnt("Data:\n%s" % hexdump(decrypted))
예제 #23
0
def execution(path, body, module_data):
    key = module_data['key']
    opcodes = module_data['opcodes']
    verbose = module_data['verbose']

    blob = b64decode(path, '_-')
    cryptobj = rc4(key=key)
    decrypted = cryptobj.crypt(blob)
    chop.tsprnt("Command request from %s" % decrypted)
    if body:
        data = b64decode(body, '_-')
        cryptobj = rc4(key=key)
        decrypted = cryptobj.crypt(data)
        if len(decrypted) < 4:
            chop.tsprnt("Command response length invalid.")
            return
        opcode = struct.unpack('<I', decrypted[:4])[0]
        if opcode in opcodes:
            opcodes[opcode](decrypted[4:])
        else:
            chop.tsprnt("Unknown opcode (%i)" % opcode)
            if verbose:
                chop.tsprnt("Data:\n%s" % hexdump(decrypted))
예제 #24
0
def handleStream(tcp):
    ((src, sport), (dst, dport)) = tcp.addr

    direction = "NA"
    count = 0

    if tcp.server.count_new > 0:
        buffer = tcp.server.data[:tcp.server.count_new]
        server_count = tcp.server.count_new
        chop.tsprnt("TCP %s:%s -> %s:%s (CTS: %dB)" % (src, sport, dst, dport, server_count))
        tcp.discard(server_count)
        direction = "CTS"
        count = server_count
    else:
        buffer = tcp.client.data[:tcp.client.count_new]
        client_count = tcp.client.count_new
        chop.tsprnt("TCP %s:%s <- %s:%s (STC: %dB)" % (src, sport, dst, dport, client_count))
        tcp.discard(client_count)
        direction = "STC"
        count = client_count

    offset = tcp.module_data['emu'].shellcode_getpc_test(buffer)
    if offset >= 0:
        tcp.stop()
        tcp.module_data['emu'].prepare(buffer, offset)
        tcp.module_data['emu'].test()
        chop.tsprnt("TCP %s:%s - %s:%s contains shellcode in %s[0:%d] @ offset %d" % (src, sport, dst, dport, direction, count, offset))

        if tcp.module_data['cliargs']['hexdump']:
            data = hexdump(buffer[offset:])
            chop.prnt("\n" + data)

        if tcp.module_data['cliargs']['shellprofile']:
            buffer_profile = tcp.module_data['emu'].emu_profile_output
            chop.prnt("\n" + buffer_profile)

    tcp.module_data['emu'].free()
예제 #25
0
파일: etumbot.py 프로젝트: 0rbytal/chopshop
def cmd_exec(data):
    chop.tsprnt("EXEC (not implemented)\n%s" % hexdump(data))
예제 #26
0
파일: etumbot.py 프로젝트: 0rbytal/chopshop
def cmd_putfile(data):
    chop.tsprnt("PUTFILE (not implemented)\n%s" % hexdump(data))
예제 #27
0
def cmd_putfile(data):
    chop.tsprnt("PUTFILE (not implemented)\n%s" % hexdump(data))
예제 #28
0
def token_exception(msg, tcp):
    chop.prnt("token_exception\n%s" % hexdump(msg))
예제 #29
0
def cmd_readfile(data):
    chop.tsprnt("READFILE (not implemented)\n%s" % hexdump(data))
예제 #30
0
def command_fail(data, module_data):
    # XXX: Pretty sure this will be base64 and rc4 like the rest, but I
    # don't have real data to test with yet.
    chop.tsprnt("Command failure (not implemented):\n%s" % hexdump(data))
예제 #31
0
파일: etumbot.py 프로젝트: 0rbytal/chopshop
def read_file_chunk(query, body, module_data):
    # XXX: The query will be:
    # id=<encoded computer name>&&date=<file chunk data>
    # So we need to parse those out and store it. Also, the response body should
    # have 'OK' in it.
    chop.tsprnt("Readfile chunk (not implemented):\n%s\n%s" % (hexdump(query), hexdump(body)))
예제 #32
0
def command_webcam_enablecompress(msg, tcp):
    chop.prnt("command_webcam_enablecompress\n%s" % hexdump(msg))
예제 #33
0
파일: etumbot.py 프로젝트: 0rbytal/chopshop
def cmd_sleep(data):
    chop.tsprnt("SLEEP (not implemented)\n%s" % hexdump(data))
예제 #34
0
파일: etumbot.py 프로젝트: 0rbytal/chopshop
def cmd_uninstall(data):
    chop.tsprnt("UNINSTALL (not implemented)\n%s" % hexdump(data))
예제 #35
0
def token_get_filedata(msg, tcp):
    chop.prnt("token_get_filedata\n%s" % hexdump(msg))
예제 #36
0
def token_auth(msg, tcp):
    chop.prnt("token_auth\n%s" % hexdump(msg))
예제 #37
0
def command_rename_remark(msg, tcp):
    chop.prnt("command_rename_remark\n%s" % hexdump(msg))
예제 #38
0
파일: etumbot.py 프로젝트: 0rbytal/chopshop
def cmd_readfile(data):
    chop.tsprnt("READFILE (not implemented)\n%s" % hexdump(data))
예제 #39
0
def cmd_exec(data):
    chop.tsprnt("EXEC (not implemented)\n%s" % hexdump(data))
예제 #40
0
def token_heartbeat(msg, tcp):
    chop.prnt("token_heartbeat\n%s" % hexdump(msg))
예제 #41
0
def put_file(data, body, module_data):
    # XXX: The actual file contents should be in body, and are likely base64
    # and rc4 like the rest.
    chop.tsprnt("Putfile (not implemented):\n%s" % hexdump(body))
예제 #42
0
def token_get_filedata(msg, tcp):
    chop.prnt("token_get_filedata\n%s" % hexdump(msg))
예제 #43
0
            uncomp_len = struct.unpack('<I', server_data[offset+9:offset+13])[0]

            if tcp.module_data["verbose"]:
                chop.tsprnt(("offset: %i - comp: %i - uncomp: %i - len: %i" % (offset,comp_len, uncomp_len, len(server_data[offset:offset+comp_len]))))

            # If have full zlib bundle decoded it, else buffer
            if comp_len <= len(server_data[offset:]):
                try:
                    decoded = zlib.decompress(server_data[offset+13:offset+comp_len])
                    #hexdump(decoded)
                    # The first byte of most commands is a command flag

                    # List drives
                    if decoded[0] == "\x67":
                        chop.tsprnt("Drive info")
                        chop.tsprnt(hexdump(decoded))

                    # This command returns some system info.  This decode
                    # is a little crude, we're going to replace strings of
                    # '\x00' with a space and then remove individual '\x00'
                    # from unicode strings.
                    elif decoded[0] == "\x66":
                        p = re.compile("\x00\x00+")
                        chop.tsprnt("%s" % p.sub(" ", decoded[1:]).replace("\x00", ""))

                    elif decoded[0] =="\x69":
                        chop.tsprnt("%s" % decoded[1:].replace("\x00", ""))

                    # Response to an 0x03 command to print a file
                    elif decoded[0] == "\x6a":
                        None
예제 #44
0
def cmd_sleep(data):
    chop.tsprnt("SLEEP (not implemented)\n%s" % hexdump(data))
예제 #45
0
def command_rename_remark(msg, tcp):
    chop.prnt("command_rename_remark\n%s" % hexdump(msg))
예제 #46
0
def command_replay_heartbeat(msg, tcp):
    chop.prnt("command_replay_heartbeat\n%s" % hexdump(msg))
예제 #47
0
def command_exception(msg, tcp):
    chop.prnt("command_exception\n%s" % hexdump(msg))
예제 #48
0
def token_auth(msg, tcp):
    chop.prnt("token_auth\n%s" % hexdump(msg))
예제 #49
0
def command_webcam_resize(msg, tcp):
    chop.prnt("command_webcam_resize\n%s" % hexdump(msg))
예제 #50
0
def cmd_uninstall(data):
    chop.tsprnt("UNINSTALL (not implemented)\n%s" % hexdump(data))
예제 #51
0
def command_replay_heartbeat(msg, tcp):
    chop.prnt("command_replay_heartbeat\n%s" % hexdump(msg))
예제 #52
0
def command_exception(msg, tcp):
    chop.prnt("command_exception\n%s" % hexdump(msg))
예제 #53
0
def token_heartbeat(msg, tcp):
    chop.prnt("token_heartbeat\n%s" % hexdump(msg))
예제 #54
0
def command_webcam_enablecompress(msg, tcp):
    chop.prnt("command_webcam_enablecompress\n%s" % hexdump(msg))
예제 #55
0
def token_exception(msg, tcp):
    chop.prnt("token_exception\n%s" % hexdump(msg))
예제 #56
0
def command_webcam_resize(msg, tcp):
    chop.prnt("command_webcam_resize\n%s" % hexdump(msg))