Пример #1
0
def powershell_function(rat: Rat, script_anchor: str,
                        command: PSFunction) -> Job:
    stdin = "[[" + script_anchor + "]] " + command.command.command_line
    return Job.create_rat_command(rat,
                                  Opcodes.EXECUTE,
                                  command_line=powershell.PS_COMMAND,
                                  stdin=stdin)
Пример #2
0
def exfil_network_connection(rat: Rat, addr: str, port: str, file_path: str,
                             method: str) -> Job:
    return Job.create_rat_command(rat,
                                  Opcodes.EXFIL_CONNECTION,
                                  address=addr,
                                  port=port,
                                  file_path=file_path,
                                  method=method)
Пример #3
0
def create_process(host: Host,
                   process_args: str,
                   parent: Union[str, int] = None,
                   hide: bool = True,
                   output: bool = False) -> Job:
    return Job.create_agent_command(host,
                                    'create_process',
                                    process_args=process_args,
                                    parent=parent,
                                    hide=hide,
                                    output=output)
Пример #4
0
 async def get_api_jobs(status, agent_id, wait):
     query = {}
     if status:
         query['status'] = status
     agent = Agent.objects.with_id(agent_id)
     if not agent:
         raise web.HTTPForbidden
     agen = Agent.objects.with_id(agent.id)
     agen.modify(**{'check_in': datetime.now(timezone.utc), 'alive': True})
     query.update({'agent': agent.id})
     jobs = list(Job.objects(**query))
     return jobs
Пример #5
0
    async def put_job_details(json, job):
        if type(job) is not Job:
            job = Job.objects(id=ObjectId(job['id']))[0]
        if 'result' in json['action']:
            # decode stdout from new rat
            try:
                temp = json['action']['result']
                if 'stdout' in temp:
                    core = base64.b64decode(temp['stdout'])
                    encoding = chardet.detect(core)['encoding']
                    if encoding is None:
                        logging.info('No encoding was found')
                        temp['stdout'] = ''
                    else:
                        temp['stdout'] = core.decode(encoding)
                job['action']['result'] = temp
            except TypeError:
                # Contains RAT pid number
                pass
        if 'error' in json['action']:
            job['action']['error'] = json['action']['error']
        if 'exception' in json['action']:
            job['action']['exception'] = json['action']['exception']
        job['status'] = json.get('status', job.status)

        if job['status'] == "failed" and 'error' in job['action'] and job[
                'action']['error'] == "no client":
            # Force update the clients list
            interface.get_clients(job.agent.host)
            # find the rat
            try:
                iv_name = job['action']["rats"]["args"][0]
                iv = Rat.objects(agent=job.agent, name=iv_name)
                iv.modify(**{'active': False})
            except KeyError:
                logging.warning("Could not find rat to remove for failed job")
        j = job.save()
        if job.status in ('success', 'failure'):
            Job.wakeup_job(job.id)
        return j
Пример #6
0
def create_process_as_user(host: Host,
                           process_args: str,
                           user_domain: str,
                           user_name: str,
                           user_pass: str,
                           parent: str = None,
                           hide: bool = True,
                           output: bool = False) -> Job:
    return Job.create_agent_command(host,
                                    'create_process_as_user',
                                    process_args=process_args,
                                    user_domain=user_domain,
                                    user_name=user_name,
                                    user_pass=user_pass,
                                    parent=parent,
                                    hide=hide,
                                    output=output)
Пример #7
0
def send_shell_command(rat: Rat, cmd: str) -> Job:
    return Job.create_rat_command(rat, Opcodes.EXECUTE, command_line=cmd)
Пример #8
0
def agent_shell_command(host: Host, command_line: str) -> Job:
    return Job.create_agent_command(host, 'execute', command_line=command_line)
Пример #9
0
def write_commander(host: Host, path: str) -> Job:
    return Job.create_agent_command(host, "write_commander", path=path)
Пример #10
0
def get_clients(host: Host) -> Job:
    return Job.create_agent_command(host, 'clients')
Пример #11
0
def read_file(rat: Rat, file_path: str):
    return Job.create_rat_command(rat, Opcodes.READ_FILE, file_path=file_path)
Пример #12
0
def drop_file(rat: Rat, file_path: str, contents: bytes):
    return Job.create_rat_command(
        rat,
        Opcodes.WRITE_FILE,
        file_path=file_path,
        contents=base64.encodebytes(contents).decode('utf-8'))