def __init__(self):
Utility.__init__(self)
self.result = ""
self.name = NAME
self.filename = "trojan.exe"
self.url = None
self.SSL = False
def __init__(self):
Utility.__init__(self)
self.name = NAME
self.report_type = 'canvas'
self.data_file = DEFAULT_DATA_PATH
self.faraday_rpc = DEFAULT_FARADAY_RPC
def __init__(self):
Utility.__init__(self)
self.name = NAME
self.report_type = 'canvas'
self.data_file = DEFAULT_DATA_PATH
self.faraday_rpc = DEFAULT_FARADAY_RPC
def __init__(self):
Utility.__init__(self)
self.canvas_port = 5555
self.canvas_ip = "127.0.0.1"
self.canvas_sock = {}
self.icmp_sock = None
# Various message headers
self.connect_string = "|connec|"
self.ignore_string = "|ignore|"
self.more_string = "|more..|"
self.last_string = "|last..|"
# For setting up the messages
self.header_field = 8
self.length_field = 4
self.seq_field = 4
self.sess_id_field = 4
self.chunk_size = 512
self.message_size = self.chunk_size - self.header_field - self.length_field - self.seq_field - self.sess_id_field
self.read_bytes = 0
self.seq_num = {}
self.session_ids = {}
self.packet_queue = {}
self.max_seq_distance = 5
self.active_out = {}
self.active_in = {}
self.iptables_command = "iptables -A INPUT -p icmp --icmp-type echo-request -j DROP"
def __init__(self):
Utility.__init__(self)
self.result = ""
self.name = NAME
self.filename = "trojan.exe"
self.proxyaddr = None
self.domain = None
def __init__(self):
Utility.__init__(self)
self.first_time = True
self.server_sock = None
self.server_host = None
self.server_port = 53
self.mosdef_socks = []
self.mosdef_port = 5555
self.mosdef_host = '127.0.0.1'
self.activity = {}
self.clients = {}
self.verbose = False
self.temp_buf = {}
self.temp_rvd = {}
self.temp_len = {}
self.incoming = {}
self.outgoing = {}
self.pong = ""
def __init__(self):
Utility.__init__(self)
self.name = NAME
self.setPort(0)
self.setHost("")
self.setVersion(1)
self.badstring = ""
self.args = ""
self.source = ""
self.dest = "out.exe"
def __init__(self):
Utility.__init__(self)
self.name = NAME
self.report_type = 'canvas'
self.data_file = DEFAULT_DATA_PATH
self.template_file = None
self.output_dir = None
self.output_file = None
self.output_generate = True
def __init__(self):
Utility.__init__(self)
self.result = ""
self.name = NAME
self.filename = ""
self.host = ""
self.universal = False
self.bits64 = False
self.http = False
self.http_ssl = False
self.port = 5555
def __init__(self):
Utility.__init__(self)
self.result = ""
self.name = NAME
self.filename = "psmosdef.ps1"
self.callback_host = None
self.callback_port = 5555
self.OS = "Windows"
self.HTTP = False
self.SSL = False
self.psmosdefcallback = ""
def __init__(self):
Utility.__init__(self)
self.result = ""
self.name = NAME
self.filename = "trojan.bin"
self.callback_host = None
self.callback_port = 5555
self.OS = "Linux"
self.ARCH = "X86"
self.HTTP = False
self.SSL = False
self.Universal = False
self.encrypted = False
self.av_bypass = False
def __init__(self):
Utility.__init__(self)
self.name=NAME
self.savefile = ""
self.savePath = None
self.debug = False
self.domain = ""
self.hostname = ""
self.host = ""
self.tld = ""
self.throttle = 0.00 # Delay time between requests
self.whois = ""
self.do_threaded = True
self.tldDict = {} # {'domain': 'whois server fqdn'}
def __init__(self):
Utility.__init__(self)
self.name = NAME
self.osdetect_mode = OSDETECT_MODE
self.osdetect_lang = OSDETECT_LANG
# Auto-set attributes
self.canvas_config = [
'ssl_mosdef', 'commander', 'commander_bind_ip',
'commander_pub_port', 'commander_pull_port', 'operator_alias',
'operator_uuid'
]
for item in self.canvas_config:
self.__dict__[item] = CanvasConfig[item]
def __init__(self):
Utility.__init__(self)
self.name = NAME
self.callback_host = "127.0.0.1"
self.callback_port = 5555
self.ssl = False
self.encrypted = False
self.respath = os.path.abspath(
os.path.join(os.path.dirname(__file__), "Resources/"))
self.tmppath = None
self.mosdef_type = "UNIVERSAL" # | HTTP | DNS
self.dns_domain = None
self.jsp_filename = "callback.jsp"
self.servlet_name = "mosdef"
self.war_filename = "mosdef.war"
self.setInfo(DESCRIPTION)
def __init__(self):
LocalCommand.__init__(self)
Utility.__init__(self)
self.result = ""
self.ntype = ""
self.event = ""
self.eventTypes = ["At StartUp", "At Logon", "Daily"]
self.dailyEventHour = -1
self.dailyEventMin = -1
self.cbOption = ""
self.pscb = False
self.callback_host = None
self.callback_port = 5555
self.trojanName = ""
self.uninstallScript = False
self.payload = ""
self.wmiClassName = ""
self.wmiFilterName = ""
self.wmiConsumerName = ""
self.rid = ""
self.randomName = ""
return
def __init__(self):
Utility.__init__(self)
self.name = NAME
self.comment = ""
