def get_historical_data_as_dict(cls, start="2013-09-01", end=None):
if not end:
end = get_datetime()
data = cls._get_historical_data(start, end)
prices = data["bpi"]
prices = {k: Decimal(str(v)) for (k, v) in prices.iteritems()}
return prices
def get_historical_data_as_dict(start='2013-09-01', end=None):
if not end:
end = get_datetime()
data = _get_historical_data(start, end)
prices = data['bpi']
prices = { k: Decimal(str(v)) for (k,v) in prices.iteritems() }
return prices
def main():
print("+----------------------------------------------------------+")
print("| Modular Integration Platform for Printed Electronics |")
print("| Seiya Ono '20 |")
print("+----------------------------------------------------------+")
scheduler = sched.scheduler(time.time, time.sleep)
serial_port = cereal_port.Cereal()
pst = helpers.get_datetime()
file_name = 'data/' + helpers.rlinput('\nSave data as: \t', 'MIPPE_Data {}.csv'.format(pst))
with open(file_name, 'w') as csvfile:
mippe = MIPPE(serial_port, scheduler, csvfile)
input("\nPress Enter to start, Control+C to stop")
start = time.time()
mippe.start_routine()
try:
scheduler.run(True)
except KeyboardInterrupt:
csvfile.write("{0:.2f}".format(time.time() - start))
if (not scheduler.empty()):
queue = scheduler.queue
for e in queue:
scheduler.cancel(e)
serial_port.close()
raise KeyboardInterrupt
def main():
print("Starting Quadchannel Differential ADC Data Logger")
scheduler = sched.scheduler(time.time, time.sleep)
serial_port = cereal_port.Cereal()
pst = helpers.get_datetime()
file_name = helpers.rlinput('\nSave data as: \t',
'Pas_Pot_Data {}.csv'.format(pst))
with open(file_name, 'w') as csvfile:
pas = pas_pot_module(1, serial_port, scheduler, csvfile)
input("\nPress Enter to start, Control+C to stop\n")
pas.start_routine()
start = time.time()
try:
while (True):
next_ev = scheduler.run(False)
if next_ev is not None:
time.sleep(min(1, next_ev))
else:
pass
except KeyboardInterrupt:
csvfile.write(str(time.time() - start))
if (not scheduler.empty()):
queue = scheduler.queue
for e in queue:
scheduler.cancel(e)
serial_port.close()
raise KeyboardInterrupt
def get_historical_data_as_dict(self, start='2013-09-01', end=None):
if not end:
end = get_datetime()
url = self._get_historical_data_url(start, end)
prices = self.resolve_api_call(url=url, attrs='bpi')
prices = { k: Decimal(str(v)) for (k,v) in prices.iteritems() }
return prices
def get_historical_data_as_list(start='2013-09-01', end=None):
if not end:
end = get_datetime()
data = _get_historical_data(start, end)
dates = data['bpi']
ret = [ {'date': k, 'price': Decimal(str(v))} for (k,v) in dates.iteritems() ]
ret.sort()
return ret
def get_historical_data_as_list(self, start='2013-09-01', end=None):
if not end:
end = get_datetime()
url = self._get_historical_data_url(start, end)
dates = self.resolve_api_call(url=url, attrs='bpi')
ret = [ {'date': k, 'price': Decimal(str(v))} for (k,v) in dates.iteritems() ]
ret.sort()
return ret
def get_historical_data_as_list(cls, start="2013-09-01", end=None):
if not end:
end = get_datetime()
data = cls._get_historical_data(start, end)
dates = data["bpi"]
ret = [{"date": k, "price": Decimal(str(v))} for (k, v) in dates.iteritems()]
ret.sort()
return ret
def update_agent_lastseen(self, sessionID):
"""
Update the agent's last seen timestamp.
"""
# see if we were passed a name instead of an ID
nameid = self.get_agent_id(sessionID)
if nameid : sessionID = nameid
currentTime = helpers.get_datetime()
cur = self.conn.cursor()
cur.execute("UPDATE agents SET lastseen_time=? WHERE session_id=?", [currentTime, sessionID])
cur.close()
def update_agent_lastseen(self, sessionID):
"""
Update the agent's last seen timestamp.
"""
# see if we were passed a name instead of an ID
nameid = self.get_agent_id(sessionID)
if nameid : sessionID = nameid
currentTime = helpers.get_datetime()
cur = self.conn.cursor()
cur.execute("UPDATE agents SET lastseen_time=? WHERE session_id=?", [currentTime, sessionID])
cur.close()
def save_agent_log(self, sessionID, data):
"""
Save the agent console output to the agent's log file.
"""
name = self.get_agent_name(sessionID)
savePath = self.installPath + "/downloads/"+str(name)+"/"
# make the recursive directory structure if it doesn't already exist
if not os.path.exists(savePath):
os.makedirs(savePath)
currentTime = helpers.get_datetime()
f = open(savePath+"/agent.log", 'a')
f.write("\n" + currentTime + " : " + "\n")
f.write(data + "\n")
f.close()
def save_agent_log(self, sessionID, data):
"""
Save the agent console output to the agent's log file.
"""
name = self.get_agent_name(sessionID)
savePath = self.installPath + "/downloads/"+str(name)+"/"
# make the recursive directory structure if it doesn't already exist
if not os.path.exists(savePath):
os.makedirs(savePath)
currentTime = helpers.get_datetime()
f = open(savePath+"/agent.log", 'a')
f.write("\n" + currentTime + " : " + "\n")
f.write(data + "\n")
f.close()
def add_agent(self, sessionID, externalIP, delay, jitter, profile, killDate, workingHours,lostLimit):
"""
Add an agent to the internal cache and database.
"""
cur = self.conn.cursor()
currentTime = helpers.get_datetime()
checkinTime = currentTime
lastSeenTime = currentTime
# generate a new key for this agent
sessionKey = encryption.generate_aes_key()
# config defaults, just in case something doesn't parse
# ...we shouldn't ever hit this...
requestUris = "post.php"
userAgent = "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
additionalHeaders = ""
# profile format -> requestUris|user_agent|additionalHeaders
parts = profile.split("|")
if len(parts) == 2:
requestUris = parts[0]
userAgent = parts[1]
elif len(parts) == 3:
requestUris = parts[0]
userAgent = parts[1]
additionalHeaders = parts[2]
cur.execute("INSERT INTO agents (name,session_id,delay,jitter,external_ip,session_key,checkin_time,lastseen_time,uris,user_agent,headers,kill_date,working_hours,lost_limit) VALUES (?,?,?,?,?,?,?,?,?,?,?,?,?,?)", (sessionID,sessionID,delay,jitter,externalIP,sessionKey,checkinTime,lastSeenTime,requestUris,userAgent,additionalHeaders,killDate,workingHours,lostLimit))
cur.close()
# initialize the tasking/result buffers along with the client session key
sessionKey = self.get_agent_session_key(sessionID)
self.agents[sessionID] = [sessionKey, [],[],[], requestUris, ""]
# report the initial checkin in the reporting database
cur = self.conn.cursor()
cur.execute("INSERT INTO reporting (name,event_type,message,time_stamp) VALUES (?,?,?,?)", (sessionID,"checkin",checkinTime,helpers.get_datetime()))
cur.close()
def add_agent(self, sessionID, externalIP, delay, jitter, profile, killDate, workingHours,lostLimit):
"""
Add an agent to the internal cache and database.
"""
cur = self.conn.cursor()
currentTime = helpers.get_datetime()
checkinTime = currentTime
lastSeenTime = currentTime
# generate a new key for this agent
sessionKey = encryption.generate_aes_key()
# config defaults, just in case something doesn't parse
# ...we shouldn't ever hit this...
requestUris = "post.php"
userAgent = "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
additionalHeaders = ""
# profile format -> requestUris|user_agent|additionalHeaders
parts = profile.split("|")
if len(parts) == 2:
requestUris = parts[0]
userAgent = parts[1]
elif len(parts) == 3:
requestUris = parts[0]
userAgent = parts[1]
additionalHeaders = parts[2]
cur.execute("INSERT INTO agents (name,session_id,delay,jitter,external_ip,session_key,checkin_time,lastseen_time,uris,user_agent,headers,kill_date,working_hours,lost_limit) VALUES (?,?,?,?,?,?,?,?,?,?,?,?,?,?)", (sessionID,sessionID,delay,jitter,externalIP,sessionKey,checkinTime,lastSeenTime,requestUris,userAgent,additionalHeaders,killDate,workingHours,lostLimit))
cur.close()
# initialize the tasking/result buffers along with the client session key
sessionKey = self.get_agent_session_key(sessionID)
self.agents[sessionID] = [sessionKey, [],[],[], requestUris, ""]
# report the initial checkin in the reporting database
cur = self.conn.cursor()
cur.execute("INSERT INTO reporting (name,event_type,message,time_stamp) VALUES (?,?,?,?)", (sessionID,"checkin",checkinTime,helpers.get_datetime()))
cur.close()
def handle_agent_response(self, sessionID, responseName, data):
"""
Handle the result packet based on sessionID and responseName.
"""
agentSessionID = sessionID
agentName = sessionID
# see if we were passed a name instead of an ID
nameid = self.get_agent_name(sessionID)
if nameid : sessionID = nameid
# report the agent result in the reporting database
cur = self.conn.cursor()
cur.execute("INSERT INTO reporting (name,event_type,message,time_stamp) VALUES (?,?,?,?)", (agentSessionID,"result",responseName,helpers.get_datetime()))
cur.close()
# TODO: for heavy traffic packets, check these first (i.e. SOCKS?)
# so this logic is skipped
if responseName == "ERROR":
# error code
dispatcher.send("[!] Received error response from " + str(sessionID), sender="Agents")
self.update_agent_results(sessionID, data)
# update the agent log
self.save_agent_log(sessionID, "[!] Error response: " + data)
elif responseName == "TASK_SYSINFO":
# sys info response -> update the host info
parts = data.split("|")
if len(parts) < 10:
dispatcher.send("[!] Invalid sysinfo response from " + str(sessionID), sender="Agents")
else:
# extract appropriate system information
listener = parts[0].encode('ascii','ignore')
domainname = parts[1].encode('ascii','ignore')
username = parts[2].encode('ascii','ignore')
hostname = parts[3].encode('ascii','ignore')
internal_ip = parts[4].encode('ascii','ignore')
os_details = parts[5].encode('ascii','ignore')
high_integrity = parts[6].encode('ascii','ignore')
process_name = parts[7].encode('ascii','ignore')
process_id = parts[8].encode('ascii','ignore')
ps_version = parts[9].encode('ascii','ignore')
if high_integrity == "True":
high_integrity = 1
else:
high_integrity = 0
username = str(domainname)+"\\"+str(username)
# update the agent with this new information
self.update_agent_sysinfo(sessionID, listener=listener, internal_ip=internal_ip, username=username, hostname=hostname, os_details=os_details, high_integrity=high_integrity,process_name=process_name, process_id=process_id, ps_version=ps_version)
sysinfo = '{0: <18}'.format("Listener:") + listener + "\n"
sysinfo += '{0: <18}'.format("Internal IP:") + internal_ip + "\n"
sysinfo += '{0: <18}'.format("Username:"******"\n"
sysinfo += '{0: <18}'.format("Hostname:") + hostname + "\n"
sysinfo += '{0: <18}'.format("OS:") + os_details + "\n"
sysinfo += '{0: <18}'.format("High Integrity:") + str(high_integrity) + "\n"
sysinfo += '{0: <18}'.format("Process Name:") + process_name + "\n"
sysinfo += '{0: <18}'.format("Process ID:") + process_id + "\n"
sysinfo += '{0: <18}'.format("PSVersion:") + ps_version
self.update_agent_results(sessionID, sysinfo)
# update the agent log
self.save_agent_log(sessionID, sysinfo)
elif responseName == "TASK_EXIT":
# exit command response
# let everyone know this agent exited
dispatcher.send(data, sender="Agents")
# update the agent results and log
# self.update_agent_results(sessionID, data)
self.save_agent_log(sessionID, data)
# remove this agent from the cache/database
self.remove_agent(sessionID)
elif responseName == "TASK_SHELL":
# shell command response
self.update_agent_results(sessionID, data)
# update the agent log
self.save_agent_log(sessionID, data)
elif responseName == "TASK_DOWNLOAD":
# file download
parts = data.split("|")
if len(parts) != 3:
dispatcher.send("[!] Received invalid file download response from " + sessionID, sender="Agents")
else:
index, path, data = parts
# decode the file data and save it off as appropriate
fileData = helpers.decode_base64(data)
name = self.get_agent_name(sessionID)
if index == "0":
self.save_file(name, path, fileData)
else:
self.save_file(name, path, fileData, append=True)
# update the agent log
msg = "file download: " + str(path) + ", part: " + str(index)
self.save_agent_log(sessionID, msg)
elif responseName == "TASK_UPLOAD": pass
elif responseName == "TASK_GETJOBS":
if not data or data.strip().strip() == "":
data = "[*] No active jobs"
# running jobs
self.update_agent_results(sessionID, data)
# update the agent log
self.save_agent_log(sessionID, data)
elif responseName == "TASK_STOPJOB":
# job kill response
self.update_agent_results(sessionID, data)
# update the agent log
self.save_agent_log(sessionID, data)
elif responseName == "TASK_CMD_WAIT":
# dynamic script output -> blocking
self.update_agent_results(sessionID, data)
# see if there are any credentials to parse
time = helpers.get_datetime()
creds = helpers.parse_credentials(data)
if(creds):
for cred in creds:
hostname = cred[4]
if hostname == "":
hostname = self.get_agent_hostname(sessionID)
self.mainMenu.credentials.add_credential(cred[0], cred[1], cred[2], cred[3], hostname, cred[5], time)
# update the agent log
self.save_agent_log(sessionID, data)
elif responseName == "TASK_CMD_WAIT_SAVE":
# dynamic script output -> blocking, save data
name = self.get_agent_name(sessionID)
# extract the file save prefix and extension
prefix = data[0:15].strip()
extension = data[15:20].strip()
fileData = helpers.decode_base64(data[20:])
# save the file off to the appropriate path
savePath = prefix + "/" + helpers.get_file_datetime() + "." + extension
finalSavePath = self.save_module_file(name, savePath, fileData)
# update the agent log
msg = "Output saved to ." + finalSavePath
self.update_agent_results(sessionID, msg)
self.save_agent_log(sessionID, msg)
elif responseName == "TASK_CMD_JOB":
# dynamic script output -> non-blocking
self.update_agent_results(sessionID, data)
# update the agent log
self.save_agent_log(sessionID, data)
# TODO: redo this regex for really large AD dumps
# so a ton of data isn't kept in memory...?
parts = data.split("\n")
if len(parts) > 10:
time = helpers.get_datetime()
if parts[0].startswith("Hostname:"):
# if we get Invoke-Mimikatz output, try to parse it and add
# it to the internal credential store
# cred format: (credType, domain, username, password, hostname, sid, notes)
creds = helpers.parse_mimikatz(data)
for cred in creds:
hostname = cred[4]
if hostname == "":
hostname = self.get_agent_hostname(sessionID)
self.mainMenu.credentials.add_credential(cred[0], cred[1], cred[2], cred[3], hostname, cred[5], time)
elif responseName == "TASK_CMD_JOB_SAVE":
# dynamic script output -> non-blocking, save data
name = self.get_agent_name(sessionID)
# extract the file save prefix and extension
prefix = data[0:15].strip()
extension = data[15:20].strip()
fileData = helpers.decode_base64(data[20:])
# save the file off to the appropriate path
savePath = prefix + "/" + helpers.get_file_datetime() + "." + extension
finalSavePath = self.save_module_file(name, savePath, fileData)
# update the agent log
msg = "Output saved to ." + finalSavePath
self.update_agent_results(sessionID, msg)
self.save_agent_log(sessionID, msg)
elif responseName == "TASK_SCRIPT_IMPORT":
self.update_agent_results(sessionID, data)
# update the agent log
self.save_agent_log(sessionID, data)
elif responseName == "TASK_SCRIPT_COMMAND":
self.update_agent_results(sessionID, data)
# update the agent log
self.save_agent_log(sessionID, data)
else:
print helpers.color("[!] Unknown response " + str(responseName) + " from " +str(sessionID))
def add_agent_task(self, sessionID, taskName, task=""):
"""
Add a task to the specified agent's buffer.
"""
agentName = sessionID
# see if we were passed a name instead of an ID
nameid = self.get_agent_id(sessionID)
if nameid : sessionID = nameid
if sessionID not in self.agents:
print helpers.color("[!] Agent " + str(agentName) + " not active.")
else:
if sessionID:
dispatcher.send("[*] Tasked " + str(sessionID) + " to run " + str(taskName), sender="Agents")
self.agents[sessionID][1].append([taskName, task])
# write out the last tasked script to "LastTask.ps1" if in debug mode
if self.args and self.args.debug:
f = open(self.installPath + '/LastTask.ps1', 'w')
f.write(task)
f.close()
# report the agent tasking in the reporting database
cur = self.conn.cursor()
cur.execute("INSERT INTO reporting (name,event_type,message,time_stamp) VALUES (?,?,?,?)", (sessionID,"task",taskName + " - " + task[0:30],helpers.get_datetime()))
cur.close()
def rename_agent(self, oldname, newname):
"""
Update the agent's last seen timestamp.
"""
# rename the logging/downloads folder
oldPath = self.installPath + "/downloads/"+str(oldname)+"/"
newPath = self.installPath + "/downloads/"+str(newname)+"/"
# check if the folder is already used
if os.path.exists(newPath):
print helpers.color("[!] Name already used by current or past agent.")
return False
else:
# signal in the log that we've renamed the agent
self.save_agent_log(oldname, "[*] Agent renamed from " + str(oldname) + " to " + str(newname))
# move the old folder path to the new one
if os.path.exists(oldPath):
os.rename(oldPath, newPath)
# rename the agent in the database
cur = self.conn.cursor()
cur.execute("UPDATE agents SET name=? WHERE name=?", [newname, oldname])
cur.close()
# report the agent rename in the reporting database
cur = self.conn.cursor()
cur.execute("INSERT INTO reporting (name,event_type,message,time_stamp) VALUES (?,?,?,?)", (oldname,"rename",newname,helpers.get_datetime()))
cur.close()
return True
def rename_agent(self, oldname, newname):
"""
Update the agent's last seen timestamp.
"""
# rename the logging/downloads folder
oldPath = self.installPath + "/downloads/"+str(oldname)+"/"
newPath = self.installPath + "/downloads/"+str(newname)+"/"
# check if the folder is already used
if os.path.exists(newPath):
print helpers.color("[!] Name already used by current or past agent.")
return False
else:
# signal in the log that we've renamed the agent
self.save_agent_log(oldname, "[*] Agent renamed from " + str(oldname) + " to " + str(newname))
# move the old folder path to the new one
if os.path.exists(oldPath):
os.rename(oldPath, newPath)
# rename the agent in the database
cur = self.conn.cursor()
cur.execute("UPDATE agents SET name=? WHERE name=?", [newname, oldname])
cur.close()
# report the agent rename in the reporting database
cur = self.conn.cursor()
cur.execute("INSERT INTO reporting (name,event_type,message,time_stamp) VALUES (?,?,?,?)", (oldname,"rename",newname,helpers.get_datetime()))
cur.close()
return True
def handle_agent_response(self, sessionID, responseName, data):
"""
Handle the result packet based on sessionID and responseName.
"""
agentSessionID = sessionID
agentName = sessionID
# see if we were passed a name instead of an ID
nameid = self.get_agent_name(sessionID)
if nameid : sessionID = nameid
# report the agent result in the reporting database
cur = self.conn.cursor()
cur.execute("INSERT INTO reporting (name,event_type,message,time_stamp) VALUES (?,?,?,?)", (agentSessionID,"result",responseName,helpers.get_datetime()))
cur.close()
# TODO: for heavy traffic packets, check these first (i.e. SOCKS?)
# so this logic is skipped
if responseName == "ERROR":
# error code
dispatcher.send("[!] Received error response from " + str(sessionID), sender="Agents")
self.update_agent_results(sessionID, data)
# update the agent log
self.save_agent_log(sessionID, "[!] Error response: " + data)
elif responseName == "TASK_SYSINFO":
# sys info response -> update the host info
parts = data.split("|")
if len(parts) < 10:
dispatcher.send("[!] Invalid sysinfo response from " + str(sessionID), sender="Agents")
else:
# extract appropriate system information
listener = parts[0].encode('ascii','ignore')
domainname = parts[1].encode('ascii','ignore')
username = parts[2].encode('ascii','ignore')
hostname = parts[3].encode('ascii','ignore')
internal_ip = parts[4].encode('ascii','ignore')
os_details = parts[5].encode('ascii','ignore')
high_integrity = parts[6].encode('ascii','ignore')
process_name = parts[7].encode('ascii','ignore')
process_id = parts[8].encode('ascii','ignore')
ps_version = parts[9].encode('ascii','ignore')
if high_integrity == "True":
high_integrity = 1
else:
high_integrity = 0
username = str(domainname)+"\\"+str(username)
# update the agent with this new information
self.update_agent_sysinfo(sessionID, listener=listener, internal_ip=internal_ip, username=username, hostname=hostname, os_details=os_details, high_integrity=high_integrity,process_name=process_name, process_id=process_id, ps_version=ps_version)
sysinfo = '{0: <18}'.format("Listener:") + listener + "\n"
sysinfo += '{0: <18}'.format("Internal IP:") + internal_ip + "\n"
sysinfo += '{0: <18}'.format("Username:"******"\n"
sysinfo += '{0: <18}'.format("Hostname:") + hostname + "\n"
sysinfo += '{0: <18}'.format("OS:") + os_details + "\n"
sysinfo += '{0: <18}'.format("High Integrity:") + str(high_integrity) + "\n"
sysinfo += '{0: <18}'.format("Process Name:") + process_name + "\n"
sysinfo += '{0: <18}'.format("Process ID:") + process_id + "\n"
sysinfo += '{0: <18}'.format("PSVersion:") + ps_version
self.update_agent_results(sessionID, sysinfo)
# update the agent log
self.save_agent_log(sessionID, sysinfo)
elif responseName == "TASK_EXIT":
# exit command response
# let everyone know this agent exited
dispatcher.send(data, sender="Agents")
# update the agent results and log
# self.update_agent_results(sessionID, data)
self.save_agent_log(sessionID, data)
# remove this agent from the cache/database
self.remove_agent(sessionID)
elif responseName == "TASK_SHELL":
# shell command response
self.update_agent_results(sessionID, data)
# update the agent log
self.save_agent_log(sessionID, data)
elif responseName == "TASK_DOWNLOAD":
# file download
parts = data.split("|")
if len(parts) != 3:
dispatcher.send("[!] Received invalid file download response from " + sessionID, sender="Agents")
else:
index, path, data = parts
# decode the file data and save it off as appropriate
fileData = helpers.decode_base64(data)
name = self.get_agent_name(sessionID)
if index == "0":
self.save_file(name, path, fileData)
else:
self.save_file(name, path, fileData, append=True)
# update the agent log
msg = "file download: " + str(path) + ", part: " + str(index)
self.save_agent_log(sessionID, msg)
elif responseName == "TASK_UPLOAD": pass
elif responseName == "TASK_GETJOBS":
if not data or data.strip().strip() == "":
data = "[*] No active jobs"
# running jobs
self.update_agent_results(sessionID, data)
# update the agent log
self.save_agent_log(sessionID, data)
elif responseName == "TASK_STOPJOB":
# job kill response
self.update_agent_results(sessionID, data)
# update the agent log
self.save_agent_log(sessionID, data)
elif responseName == "TASK_CMD_WAIT":
# dynamic script output -> blocking
self.update_agent_results(sessionID, data)
# see if there are any credentials to parse
time = helpers.get_datetime()
creds = helpers.parse_credentials(data)
if(creds):
for cred in creds:
hostname = cred[4]
if hostname == "":
hostname = self.get_agent_hostname(sessionID)
self.mainMenu.credentials.add_credential(cred[0], cred[1], cred[2], cred[3], hostname, cred[5], time)
# update the agent log
self.save_agent_log(sessionID, data)
elif responseName == "TASK_CMD_WAIT_SAVE":
# dynamic script output -> blocking, save data
name = self.get_agent_name(sessionID)
# extract the file save prefix and extension
prefix = data[0:15].strip()
extension = data[15:20].strip()
fileData = helpers.decode_base64(data[20:])
# save the file off to the appropriate path
savePath = prefix + "/" + helpers.get_file_datetime() + "." + extension
finalSavePath = self.save_module_file(name, savePath, fileData)
# update the agent log
msg = "Output saved to ." + finalSavePath
self.update_agent_results(sessionID, msg)
self.save_agent_log(sessionID, msg)
elif responseName == "TASK_CMD_JOB":
# dynamic script output -> non-blocking
self.update_agent_results(sessionID, data)
# update the agent log
self.save_agent_log(sessionID, data)
# TODO: redo this regex for really large AD dumps
# so a ton of data isn't kept in memory...?
parts = data.split("\n")
if len(parts) > 10:
time = helpers.get_datetime()
if parts[0].startswith("Hostname:"):
# if we get Invoke-Mimikatz output, try to parse it and add
# it to the internal credential store
# cred format: (credType, domain, username, password, hostname, sid, notes)
creds = helpers.parse_mimikatz(data)
for cred in creds:
hostname = cred[4]
if hostname == "":
hostname = self.get_agent_hostname(sessionID)
self.mainMenu.credentials.add_credential(cred[0], cred[1], cred[2], cred[3], hostname, cred[5], time)
elif responseName == "TASK_CMD_JOB_SAVE":
# dynamic script output -> non-blocking, save data
name = self.get_agent_name(sessionID)
# extract the file save prefix and extension
prefix = data[0:15].strip()
extension = data[15:20].strip()
fileData = helpers.decode_base64(data[20:])
# save the file off to the appropriate path
savePath = prefix + "/" + helpers.get_file_datetime() + "." + extension
finalSavePath = self.save_module_file(name, savePath, fileData)
# update the agent log
msg = "Output saved to ." + finalSavePath
self.update_agent_results(sessionID, msg)
self.save_agent_log(sessionID, msg)
elif responseName == "TASK_SCRIPT_IMPORT":
self.update_agent_results(sessionID, data)
# update the agent log
self.save_agent_log(sessionID, data)
elif responseName == "TASK_SCRIPT_COMMAND":
self.update_agent_results(sessionID, data)
# update the agent log
self.save_agent_log(sessionID, data)
else:
print helpers.color("[!] Unknown response " + str(responseName) + " from " +str(sessionID))
def add_agent_task(self, sessionID, taskName, task=""):
"""
Add a task to the specified agent's buffer.
"""
agentName = sessionID
# see if we were passed a name instead of an ID
nameid = self.get_agent_id(sessionID)
if nameid : sessionID = nameid
if sessionID not in self.agents:
print helpers.color("[!] Agent " + str(agentName) + " not active.")
else:
if sessionID:
dispatcher.send("[*] Tasked " + str(sessionID) + " to run " + str(taskName), sender="Agents")
self.agents[sessionID][1].append([taskName, task])
# report the agent tasking in the reporting database
cur = self.conn.cursor()
cur.execute("INSERT INTO reporting (name,event_type,message,time_stamp) VALUES (?,?,?,?)", (sessionID,"task",taskName + " - " + task[0:30],helpers.get_datetime()))
cur.close()