public void UpdateListenerConfig(string listenername, ListenerConfig listenerconfig)
{
try
{
listeners.Remove(listenerconfig.GetName());
Listener res = dbcontext.Listeners.FirstOrDefault <Listener>(s => s.name == listenerconfig.GetName());
res.name = listenerconfig.GetName();
res.lhost = listenerconfig.GetHost();
res.lport = listenerconfig.GetPort();
res.profile = listenerconfig.GetProfileid();
if (listenerconfig.GetSsl())
{
res.ListenerType = ListenerType.Https;
}
else
{
res.ListenerType = ListenerType.Http;
}
dbcontext.Listeners.Update(res);
dbcontext.SaveChanges();
}
catch (Exception)
{
Console.WriteLine("[x] Error removing listener");
}
}
public static string ReplaceAgentShooter(string src, string resourceurl, ListenerConfig config)
{
string source = src
.Replace("#HOST#", config.GetHost())
.Replace("#PORT#", config.GetPort().ToString())
.Replace("#RESURLCEURL#", resourceurl);
return(source);
}
public void RegisterListenerConfig(string listenername, ListenerConfig listenerconfig)
{
try
{
if (!listeners.ContainsKey(listenername))
{
listeners.Add(listenername, listenerconfig);
Listener listener = dbcontext.Listeners.FirstOrDefault <Listener>(s => s.name == listenername);
if (listener == null)
{
listener = new Listener
{
name = listenerconfig.GetName(),
lhost = listenerconfig.GetHost(),
lport = listenerconfig.GetPort(),
profile = listenerconfig.GetProfileid(),
};
if (listenerconfig.GetSsl())
{
listener.ListenerType = ListenerType.Https;
}
else
{
listener.ListenerType = ListenerType.Http;
}
dbcontext.Listeners.Add(listener);
dbcontext.SaveChanges();
}
}
else
{
Console.WriteLine("[x] Listener already exist");
}
}
catch (Exception e)
{
Console.WriteLine("[x] Error adding listener {0}", e.Message);
}
}
public static string ReplaceAgentProfile(string src, string serverkey, int targetframework, ListenerConfig config)
{
string source = src
.Replace("#HOST#", config.GetHost())
.Replace("#PORT#", config.GetPort().ToString())
.Replace("#PARAM#", config.GetProfile().HttpPost.Param)
.Replace("#SERVERKEY#", RedPeanut.Program.GetServerKey())
.Replace("#PAGEGET#", ParseUri(config.GetProfile().HttpGet.ApiPath))
.Replace("#PAGEPOST#", ParseUri(config.GetProfile().HttpPost.ApiPath))
.Replace("#USERAGENT#", config.GetProfile().UserAgent)
.Replace("#PIPENAME#", "")
.Replace("#COVERED#", config.GetProfile().HtmlCovered.ToString().ToLower())
.Replace("#TARGETCLASS#", config.GetProfile().TargetClass)
.Replace("#NUTCLR#", ReadResourceFile(PL_COMMAND_NUTCLR))
.Replace("#SPAWN#", config.GetProfile().Spawn)
.Replace("#FRAMEWORK#", targetframework.ToString())
.Replace("#MANAGED#", config.GetProfile().InjectionManaged.ToString());
string headers = "";
foreach (HttpHeader h in config.GetProfile().HttpGet.Client.Headers)
{
try
{
if (!h.Name.Equals("Connection"))
{
int t = (int)Enum.Parse(typeof(HttpRequestHeader), h.Name.Replace("-", ""), true);
headers += string.Format("webHeaderCollection.Add(HttpRequestHeader.{0}, \"{1}\");" + Environment.NewLine, h.Name.Replace("-", ""), h.Value);
}
}
catch (Exception)
{
Console.WriteLine("[x] Error parsing header {0}", h.Name);
}
}
source = source
.Replace("#HEADERS#", headers);
return(source);
}
public void Execute()
{
//Check ssl setup
X509Certificate2 x509cert = null;
if ((!File.Exists(pfx) || !File.Exists(cert)) && ssl)
{
Console.WriteLine("Building cert...");
if (!Directory.Exists("certs"))
{
Directory.CreateDirectory("certs");
}
BuildSelfSignedServerCertificate("RedPeanut", Lconfig.GetHost(), pfx, cert);
}
try
{
CancellationTokenSource cancellationTokenSource = new CancellationTokenSource();
if (ssl)
{
x509cert = new X509Certificate2(pfx);
CreateWebHostBuilder(new string[] { })
.UseKestrel(options =>
{
options.Listen(new IPEndPoint(IPAddress.Parse(Lconfig.GetHost()), Lconfig.GetPort()), listenOptions =>
{
listenOptions.UseHttps(httpsOptions =>
{
httpsOptions.ServerCertificate = x509cert;
httpsOptions.ClientCertificateMode = ClientCertificateMode.AllowCertificate;
httpsOptions.SslProtocols = SslProtocols.Tls | SslProtocols.Tls11 | SslProtocols.Tls12;
Console.WriteLine("\n[*] Using cert with hash: {0}", httpsOptions.ServerCertificate.GetCertHashString());
});
});
options.AddServerHeader = false;
})
.UseContentRoot(Path.Combine(Directory.GetCurrentDirectory(), WORKSPACE_FOLDER, PAYLOADS_FOLDER))
.ConfigureLogging((hostingContext, logging) =>
{
logging.ClearProviders();
logging.AddConfiguration(hostingContext.Configuration.GetSection("Logging"));
logging.AddConsole();
logging.AddDebug();
logging.AddFilter("System", LogLevel.Error)
.AddFilter("Microsoft", LogLevel.Error);
})
.UseUrls("https://" + Lconfig.GetHost() + ":" + Lconfig.GetPort())
.UseSetting("FrameworkHost", Lconfig.GetHost())
.UseSetting("FrameworkPort", Lconfig.GetPort().ToString())
.UseSetting("FrameworkSSL", ssl.ToString())
.UseSetting("FrameworkProfileid", Lconfig.GetProfileid().ToString())
.Build()
.RunAsync(cancellationTokenSource.Token);
}
else
{
CreateWebHostBuilder(new string[] { })
.UseKestrel(options =>
{
options.Listen(new IPEndPoint(IPAddress.Parse(Lconfig.GetHost()), Lconfig.GetPort()));
options.AddServerHeader = false;
})
.UseContentRoot(Path.Combine(Directory.GetCurrentDirectory(), WORKSPACE_FOLDER, PAYLOADS_FOLDER))
.ConfigureLogging((hostingContext, logging) =>
{
logging.ClearProviders();
logging.AddConfiguration(hostingContext.Configuration.GetSection("Logging"));
logging.AddConsole();
logging.AddDebug();
logging.AddFilter("System", LogLevel.Error)
.AddFilter("Microsoft", LogLevel.Error);
})
.UseUrls("http://" + Lconfig.GetHost() + ":" + Lconfig.GetPort())
.UseSetting("FrameworkHost", Lconfig.GetHost())
.UseSetting("FrameworkPort", Lconfig.GetPort().ToString())
.UseSetting("FrameworkSSL", ssl.ToString())
.UseSetting("FrameworkProfileid", Lconfig.GetProfileid().ToString())
.Build()
.RunAsync(cancellationTokenSource.Token);
}
Lconfig.CancellationTokenSource = cancellationTokenSource;
}
catch (CryptographicException)
{
Console.Error.WriteLine("Error importing certificate.");
}
}
public void ListListeners()
{
if (GetListenersConfig() != null)
{
Console.WriteLine("[*] {0}", new string('-', 66));
Console.WriteLine("[*] | {0,-20} | {1,-15} | {2,-5} | {3,-7} | {4,-5} |", "Name", "IP", "Port", "Profile", "SSL");
Console.WriteLine("[*] {0}", new string('-', 66));
foreach (KeyValuePair <string, ListenerConfig> item in GetListenersConfig())
{
try
{
ListenerConfig listenerConfig = item.Value;
Console.WriteLine("[*] | {0,-20} | {1,-15} | {2,-5} | {3,-7} | {4,-5} |", listenerConfig.GetName(), listenerConfig.GetHost(), listenerConfig.GetPort(), listenerConfig.GetProfileid(), listenerConfig.GetSsl());
}
catch (Exception e)
{
Console.WriteLine("[x] Listener need to be removed {0}", e.Message);
}
}
Console.WriteLine("[*] {0}", new string('-', 66));
}
}
public void ListListeners()
{
if (GetListenersConfig() != null)
{
foreach (KeyValuePair <string, ListenerConfig> item in GetListenersConfig())
{
try
{
ListenerConfig listenerConfig = item.Value;
Console.WriteLine("[*] {0} | Host: {1} | port: {2} | profile: {3}", listenerConfig.GetName(), listenerConfig.GetHost(), listenerConfig.GetPort(), listenerConfig.GetProfileid());
}
catch (Exception e)
{
Console.WriteLine("[x] Listener need to be removed {0}", e.Message);
}
}
}
}
