C# (CSharp) RDOSession.GetFolderFromPath Beispiele

Beispiel #1

Datei: FlagInjector.cs Projekt: yhoazk/HackTheVote

        static void Main(string[] args)
        {
            // <3 visual studio
            string origpath   = Path.GetFullPath(@"..\..\..\backup.pst");      // Just full of spam
            string targetpath = Path.GetFullPath(@"..\..\..\..\snapshot.pst"); // This will be the challenge

            // Copy over the original pst
            File.Copy(origpath, targetpath, true);

            // Have to use Redemption for this, since outlook is "secure"
            // Open the PST
            RDOSession session = new RDOSession();

            session.LogonPstStore(targetpath);

            // Load the target inbox
            RDOFolder inboxFolder = session.GetFolderFromPath("PRIVATE INBOX");
            RDOItems  inbox       = inboxFolder.Items;

            inbox.Sort("ReceivedTime", false); // Pre-sort them in ascending order
            Console.WriteLine(inbox.Count);

            // Encode the flag in DateTimes, hiding it in the year (2000 + c)
            // e.g. 3/9/2102 12:45:54 AM ==> 102 => 'f'
            var flag = "flag{w1k1L3ak5_g0T_n0tH1ng_0n_m3}".Select(c => EncodeChar(c)).ToList();

            // fun
            var aliases  = Cycle(aliasStrings).GetEnumerator();
            var subjects = Cycle(subjectStrings).GetEnumerator();

            // Approximately space out the emails
            int range = inbox.Count / flag.Count;

            for (int i = 0; i < flag.Count; i++)
            {
                // Copy the delivery time from a random email in this range
                DateTime recvTime = inbox[rand.Next(i * range, (i + 1) * range)].ReceivedTime;
                DateTime flagtime = flag[i];
                Console.WriteLine($"{flagtime} => {recvTime}");

                // Create a fake email with the two times and other fun stuff
                RDOMail flagmail = inbox.Add("IPM.Note");
                flagmail.Importance   = 1;
                flagmail.ReceivedTime = recvTime;
                flagmail.SentOn       = flagtime;
                flagmail.Subject      = subjects.Next();
                flagmail.To           = "*****@*****.**";
                flagmail.Sender       = session.GetAddressEntryFromID(session.AddressBook.CreateOneOffEntryID(aliases.Next(), "SMTP",
                                                                                                              "*****@*****.**",
                                                                                                              false, false));
                flagmail.Save();
            }

            // Sort the emails by delivery time, scattering the spoofed ones (in order) across the dump
            inbox = inboxFolder.Items;
            Console.WriteLine(inbox.Count);
            inbox.Sort("ReceivedTime", false);

            // Guess we're doing it this way -__-
            Console.WriteLine("Flag is in place, moving to inbox...");
            RDOFolder targetInbox = session.GetDefaultFolder(rdoDefaultFolders.olFolderInbox);

            foreach (RDOMail email in inbox)
            {
                email.CopyTo(targetInbox);
            }
            targetInbox.Save();
            Console.WriteLine("Done!");
        }