public override void Command(MenuItem menuItem, string UserInput) { MSBuildLauncherMenuItem msbuildMenuItem = (MSBuildLauncherMenuItem)menuItem; string[] commands = UserInput.Split(" "); if (commands.Length < 1 || commands.Length > 2 || commands[0].ToLower() != "code") { menuItem.PrintInvalidOptionError(UserInput); return; } else if (commands.Length == 2 && (!new List <string> { "stager", "gruntstager", "xml" }.Contains(commands[1].ToLower()))) { EliteConsole.PrintFormattedErrorLine("Type must be one of: \"Stager\"\\\"GruntStager\" or \"XML\""); menuItem.PrintInvalidOptionError(UserInput); return; } msbuildMenuItem.Refresh(); if (msbuildMenuItem.msbuildLauncher.LauncherString == "") { msbuildMenuItem.CovenantClient.ApiLaunchersMsbuildPost(); msbuildMenuItem.Refresh(); EliteConsole.PrintFormattedHighlightLine("Generated MSBuildLauncher: " + msbuildMenuItem.msbuildLauncher.LauncherString); } if (commands.Length == 1 || (commands.Length == 2 && (commands[1].ToLower() == "stager" || commands[1].ToLower() == "gruntstager"))) { EliteConsole.PrintInfoLine(msbuildMenuItem.msbuildLauncher.StagerCode); } else if (commands.Length == 2 && commands[1].ToLower() == "xml") { EliteConsole.PrintInfoLine(msbuildMenuItem.msbuildLauncher.DiskCode); } }
public void PrintEvent(EventModel theEvent, string Context = "*") { lock (_EventLock) { if (this.WillPrintEvent(theEvent, Context)) { switch (theEvent.Level) { case EventLevel.Highlight: EliteConsole.PrintFormattedHighlightLine(theEvent.Message); break; case EventLevel.Info: EliteConsole.PrintInfoLine(theEvent.Message); break; case EventLevel.Warning: EliteConsole.PrintFormattedWarningLine(theEvent.Message); break; case EventLevel.Error: EliteConsole.PrintFormattedErrorLine(theEvent.Message); break; default: EliteConsole.PrintFormattedInfo(theEvent.Message); break; } PrintedEvents.Add(theEvent.Id ?? default); } } }
public override void Command(MenuItem menuItem, string UserInput) { BinaryLauncherMenuItem binaryLauncherMenuItem = (BinaryLauncherMenuItem)menuItem; string[] commands = UserInput.Split(" "); if (commands.Length != 2 || commands[0].ToLower() != "host") { menuItem.PrintInvalidOptionError(UserInput); return; } binaryLauncherMenuItem.binaryLauncher = this.CovenantClient.ApiLaunchersBinaryPost(); HttpListener listener = this.CovenantClient.ApiListenersHttpByIdGet(binaryLauncherMenuItem.binaryLauncher.ListenerId ?? default); if (listener == null) { EliteConsole.PrintFormattedErrorLine("Can only host a file on a valid HttpListener."); menuItem.PrintInvalidOptionError(UserInput); return; } HostedFile fileToHost = new HostedFile { ListenerId = listener.Id, Path = commands[1], Content = binaryLauncherMenuItem.binaryLauncher.LauncherString }; fileToHost = this.CovenantClient.ApiListenersByIdHostedfilesPost(listener.Id ?? default, fileToHost); binaryLauncherMenuItem.binaryLauncher = this.CovenantClient.ApiLaunchersBinaryHostedPost(fileToHost); Uri hostedLocation = new Uri(listener.Url + fileToHost.Path); EliteConsole.PrintFormattedHighlightLine("BinaryLauncher hosted at: " + hostedLocation); }
public override void Command(MenuItem menuItem, string UserInput) { MSBuildLauncherMenuItem msbuildMenuItem = (MSBuildLauncherMenuItem)menuItem; msbuildMenuItem.msbuildLauncher = this.CovenantClient.ApiLaunchersMsbuildPost(); EliteConsole.PrintFormattedHighlightLine("Generated MSBuildLauncher: " + msbuildMenuItem.msbuildLauncher.LauncherString); }
public override void Command(MenuItem menuItem, string UserInput) { Regsvr32LauncherMenuItem regsvr32MenuItem = (Regsvr32LauncherMenuItem)menuItem; string[] commands = UserInput.Split(" "); if (commands.Length != 2 || commands[0].ToLower() != "host") { menuItem.PrintInvalidOptionError(UserInput); return; } regsvr32MenuItem.regsvr32Launcher = this.CovenantClient.ApiLaunchersRegsvr32Post(); HttpListener listener = this.CovenantClient.ApiListenersHttpByIdGet(regsvr32MenuItem.regsvr32Launcher.ListenerId ?? default); if (listener == null) { EliteConsole.PrintFormattedErrorLine("Can only host a file on a valid HttpListener."); menuItem.PrintInvalidOptionError(UserInput); return; } HostedFile fileToHost = new HostedFile { ListenerId = listener.Id, Path = commands[1], Content = Convert.ToBase64String(Common.CovenantEncoding.GetBytes(regsvr32MenuItem.regsvr32Launcher.DiskCode)) }; fileToHost = this.CovenantClient.ApiListenersByIdHostedfilesPost(listener.Id ?? default, fileToHost); regsvr32MenuItem.regsvr32Launcher = this.CovenantClient.ApiLaunchersRegsvr32HostedPost(fileToHost); Uri hostedLocation = new Uri(listener.Url + fileToHost.Path); EliteConsole.PrintFormattedHighlightLine("Regsvr32Launcher hosted at: " + hostedLocation); EliteConsole.PrintFormattedInfoLine("Launcher: " + regsvr32MenuItem.regsvr32Launcher.LauncherString); }
public override void Command(MenuItem menuItem, string UserInput) { try { string[] commands = UserInput.Split(" "); if (commands.Length < 1 || commands.Length > 2 || !commands[0].Equals(this.Name, StringComparison.OrdinalIgnoreCase)) { menuItem.PrintInvalidOptionError(UserInput); return; } if (commands.Length == 2 && !commands[1].Equals("gruntstager", StringComparison.OrdinalIgnoreCase)) { EliteConsole.PrintFormattedErrorLine("Type must be one of: \"GruntStager\""); menuItem.PrintInvalidOptionError(UserInput); return; } BinaryLauncher launcher = ((BinaryLauncherMenuItem)menuItem).BinaryLauncher; if (launcher.LauncherString == "") { this.CovenantClient.ApiLaunchersBinaryPost(); menuItem.Refresh(); launcher = ((BinaryLauncherMenuItem)menuItem).BinaryLauncher; EliteConsole.PrintFormattedHighlightLine("Generated BinaryLauncher: " + launcher.LauncherString); } EliteConsole.PrintInfoLine(launcher.StagerCode); } catch (HttpOperationException e) { EliteConsole.PrintFormattedWarningLine("CovenantException: " + e.Response.Content); } }
public override void Command(MenuItem menuItem, string UserInput) { try { string[] commands = UserInput.Split(" "); if (commands.Length != 2 || commands[0].ToLower() != "write") { menuItem.PrintInvalidOptionError(UserInput); return; } menuItem.Refresh(); PowerShellLauncher launcher = ((PowerShellLauncherMenuItem)menuItem).PowerShellLauncher; if (launcher.LauncherString == "") { this.CovenantClient.ApiLaunchersBinaryPost(); menuItem.Refresh(); EliteConsole.PrintFormattedHighlightLine("Generated PowerShellLauncher: " + launcher.LauncherString); } string OutputFilePath = Common.EliteDataFolder + String.Concat(commands[1].Split(System.IO.Path.GetInvalidFileNameChars())); System.IO.File.WriteAllText(OutputFilePath, launcher.LauncherString); EliteConsole.PrintFormattedHighlightLine("Wrote PowerShellLauncher to: \"" + OutputFilePath + "\""); } catch (HttpOperationException e) { EliteConsole.PrintFormattedWarningLine("CovenantException: " + e.Response.Content); } }
public override void Command(MenuItem menuItem, string UserInput) { MSBuildLauncherMenuItem msbuildMenuItem = (MSBuildLauncherMenuItem)menuItem; string[] commands = UserInput.Split(" "); if (commands.Length != 2 || commands[0].ToLower() != "host") { menuItem.PrintInvalidOptionError(UserInput); return; } msbuildMenuItem.msbuildLauncher = this.CovenantClient.ApiLaunchersMsbuildPost(); HttpListener listener = this.CovenantClient.ApiListenersHttpByIdGet(msbuildMenuItem.msbuildLauncher.ListenerId ?? default); if (listener == null) { EliteConsole.PrintFormattedErrorLine("Can only host a file on a valid HttpListener."); menuItem.PrintInvalidOptionError(UserInput); return; } HostedFile fileToHost = new HostedFile { ListenerId = listener.Id, Path = commands[1], Content = Convert.ToBase64String(Common.CovenantEncoding.GetBytes(msbuildMenuItem.msbuildLauncher.DiskCode)) }; fileToHost = this.CovenantClient.ApiListenersByIdHostedfilesPost(listener.Id ?? default, fileToHost); msbuildMenuItem.msbuildLauncher = this.CovenantClient.ApiLaunchersMsbuildHostedPost(fileToHost); Uri hostedLocation = new Uri(listener.Url + fileToHost.Path); EliteConsole.PrintFormattedHighlightLine("MSBuildLauncher hosted at: " + hostedLocation); EliteConsole.PrintFormattedWarningLine("msbuild.exe cannot execute remotely hosted files, the payload must first be written to disk"); EliteConsole.PrintFormattedInfoLine("Launcher: " + msbuildMenuItem.msbuildLauncher.LauncherString); }
public override void Command(MenuItem menuItem, string UserInput) { try { string[] commands = UserInput.Split(" "); if (commands.Length != 2 || !commands[0].Equals(this.Name, StringComparison.OrdinalIgnoreCase)) { menuItem.PrintInvalidOptionError(UserInput); return; } menuItem.Refresh(); BinaryLauncher launcher = ((BinaryLauncherMenuItem)menuItem).BinaryLauncher; if (launcher.LauncherString == "") { this.CovenantClient.ApiLaunchersBinaryPost(); menuItem.Refresh(); EliteConsole.PrintFormattedHighlightLine("Generated BinaryLauncher: " + launcher.Base64ILByteString); } string OutputFilePath = Common.EliteDataFolder + String.Concat(commands[1].Split(System.IO.Path.GetInvalidFileNameChars())); System.IO.File.WriteAllBytes(OutputFilePath, Convert.FromBase64String(launcher.Base64ILByteString)); EliteConsole.PrintFormattedHighlightLine("Wrote BinaryLauncher to: \"" + OutputFilePath + "\""); } catch (HttpOperationException e) { EliteConsole.PrintFormattedWarningLine("CovenantException: " + e.Response.Content); } }
public override void Command(MenuItem menuItem, string UserInput) { InstallUtilLauncherMenuItem installutilMenuItem = (InstallUtilLauncherMenuItem)menuItem; installutilMenuItem.installutilLauncher = this.CovenantClient.ApiLaunchersInstallutilPost(); EliteConsole.PrintFormattedHighlightLine("Generated InstallUtilLauncher: " + installutilMenuItem.installutilLauncher.LauncherString); }
public override void Command(MenuItem menuItem, string UserInput) { InstallUtilLauncherMenuItem installutilMenuItem = (InstallUtilLauncherMenuItem)menuItem; string[] commands = UserInput.Split(" "); if (commands.Length != 2 || commands[0].ToLower() != "host") { menuItem.PrintInvalidOptionError(UserInput); return; } installutilMenuItem.installutilLauncher = this.CovenantClient.ApiLaunchersInstallutilPost(); HttpListener listener = this.CovenantClient.ApiListenersHttpByIdGet(installutilMenuItem.installutilLauncher.ListenerId ?? default); if (listener == null) { EliteConsole.PrintFormattedErrorLine("Can only host a file on a valid HttpListener."); menuItem.PrintInvalidOptionError(UserInput); return; } HostedFile fileToHost = new HostedFile { ListenerId = listener.Id, Path = commands[1], Content = installutilMenuItem.installutilLauncher.DiskCode }; fileToHost = this.CovenantClient.ApiListenersByIdHostedfilesPost(listener.Id ?? default, fileToHost); installutilMenuItem.installutilLauncher = this.CovenantClient.ApiLaunchersInstallutilHostedPost(fileToHost); Uri hostedLocation = new Uri(listener.Url + fileToHost.Path); EliteConsole.PrintFormattedHighlightLine("InstallUtilLauncher hosted at: " + hostedLocation); EliteConsole.PrintFormattedWarningLine("installutil.exe cannot execute remotely hosted files, the payload must first be written to disk"); EliteConsole.PrintFormattedInfoLine("Launcher: " + installutilMenuItem.installutilLauncher.LauncherString); }
public override void Command(MenuItem menuItem, string UserInput) { CscriptLauncherMenuItem cscriptMenuItem = (CscriptLauncherMenuItem)menuItem; cscriptMenuItem.cscriptLauncher = this.CovenantClient.ApiLaunchersCscriptPost(); EliteConsole.PrintFormattedHighlightLine("Generated CscriptLauncher: " + cscriptMenuItem.cscriptLauncher.LauncherString); }
public override void Command(MenuItem menuItem, string UserInput) { Regsvr32LauncherMenuItem regsvr32MenuItem = (Regsvr32LauncherMenuItem)menuItem; regsvr32MenuItem.regsvr32Launcher = this.CovenantClient.ApiLaunchersRegsvr32Post(); EliteConsole.PrintFormattedHighlightLine(regsvr32MenuItem.regsvr32Launcher.LauncherString); }
public override void Command(MenuItem menuItem, string UserInput) { WmicLauncherMenuItem wmicMenuItem = (WmicLauncherMenuItem)menuItem; wmicMenuItem.wmicLauncher = this.CovenantClient.ApiLaunchersWmicPost(); EliteConsole.PrintFormattedHighlightLine("Generated WmicLauncher: " + wmicMenuItem.wmicLauncher.LauncherString); }
public override void Command(MenuItem menuItem, string UserInput) { PowerShellLauncherMenuItem powershellMenuItem = (PowerShellLauncherMenuItem)menuItem; powershellMenuItem.powerShellLauncher = this.CovenantClient.ApiLaunchersPowershellPost(); EliteConsole.PrintFormattedHighlightLine("Generated PowerShellLauncher: " + powershellMenuItem.powerShellLauncher.LauncherString); }
public override void Command(MenuItem menuItem, string UserInput) { BinaryLauncherMenuItem binaryLauncherMenuItem = (BinaryLauncherMenuItem)menuItem; this.CovenantClient.ApiLaunchersBinaryPost(); binaryLauncherMenuItem.binaryLauncher = this.CovenantClient.ApiLaunchersBinaryGet(); EliteConsole.PrintFormattedHighlightLine("Generated BinaryLauncher: " + binaryLauncherMenuItem.binaryLauncher.LauncherString); }
public override void Command(MenuItem menuItem, string UserInput) { try { this.CovenantClient.ApiLaunchersMsbuildPost(); menuItem.Refresh(); EliteConsole.PrintFormattedHighlightLine("Generated MSBuildLauncher: " + ((MSBuildLauncherMenuItem)menuItem).MSBuildLauncher.LauncherString); } catch (HttpOperationException e) { EliteConsole.PrintFormattedWarningLine("CovenantException: " + e.Response.Content); } }
public override void Command(MenuItem menuItem, string UserInput) { GruntTask task = ((TaskMenuItem)menuItem).task = this.CovenantClient.ApiGruntTasksByIdGet(((TaskMenuItem)menuItem).task.Id ?? default); Grunt grunt = ((TaskMenuItem)menuItem).grunt; GruntTasking gruntTasking = new GruntTasking { TaskId = task.Id, GruntId = grunt.Id }; GruntTasking postedGruntTasking = this.CovenantClient.ApiGruntsByIdTaskingsPost(grunt.Id ?? default, gruntTasking); if (postedGruntTasking != null) { EliteConsole.PrintFormattedHighlightLine("Started Task: " + task.Name + " on Grunt: " + grunt.Name + " as GruntTask: " + postedGruntTasking.Name); } }
public override async void Command(MenuItem menuItem, string UserInput) { try { string[] commands = UserInput.Split(" "); if (commands.Length != 1 || !commands[0].Equals(this.Name, StringComparison.OrdinalIgnoreCase)) { menuItem.PrintInvalidOptionError(UserInput); return; } HttpListener HttpListener = ((HTTPListenerMenuItem)menuItem).HttpListener; if ((HttpListener.UseSSL ?? default) && (string.IsNullOrEmpty(HttpListener.SslCertHash) || string.IsNullOrEmpty(HttpListener.SslCertificate))) { EliteConsole.PrintWarning("No SSLCertificate specified. Would you like to generate and use a self-signed certificate? [y/N] "); string input = EliteConsole.Read(); if (input.StartsWith("y", StringComparison.OrdinalIgnoreCase)) { X509Certificate2 certificate = Utilities.CreateSelfSignedCertificate(HttpListener.BindAddress); string autopath = "httplistener-" + HttpListener.Id + "-certificate.pfx"; File.WriteAllBytes( Path.Combine(Common.EliteDataFolder, autopath), certificate.Export(X509ContentType.Pfx, HttpListener.SslCertificatePassword) ); EliteConsole.PrintFormattedHighlightLine("Certificate written to: " + autopath); EliteConsole.PrintFormattedWarningLine("(Be sure to disable certificate validation on Launchers/Grunts using this self-signed certificate)"); menuItem.AdditionalOptions.FirstOrDefault(O => O.Name == "Set").Command(menuItem, "Set SSLCertPath " + autopath); menuItem.Refresh(); HttpListener = ((HTTPListenerMenuItem)menuItem).HttpListener; } else { EliteConsole.PrintFormattedErrorLine("Must specify an SSLCertfiicate to Start an HTTP Listener with SSL."); return; } } HttpListener.Status = ListenerStatus.Active; await this.CovenantClient.ApiListenersHttpPutAsync(HttpListener); ((HTTPListenerMenuItem)menuItem).RefreshHTTPTemplate(); } catch (HttpOperationException e) { EliteConsole.PrintFormattedWarningLine("CovenantException: " + e.Response.Content); } }
public override void Command(MenuItem menuItem, string UserInput) { try { string[] commands = UserInput.Split(" "); if (commands.Length != 2 || !commands[0].Equals(this.Name, StringComparison.OrdinalIgnoreCase)) { menuItem.PrintInvalidOptionError(UserInput); return; } this.CovenantClient.ApiLaunchersMshtaPost(); WmicLauncher launcher = ((WmicLauncherMenuItem)menuItem).WmicLauncher; HttpListener listener = this.CovenantClient.ApiListenersHttpByIdGet(launcher.ListenerId ?? default); if (listener == null) { EliteConsole.PrintFormattedErrorLine("Can only host a file on a valid HttpListener."); menuItem.PrintInvalidOptionError(UserInput); return; } if (!commands[1].EndsWith(".xsl", StringComparison.Ordinal)) { EliteConsole.PrintFormattedErrorLine("WmicLaunchers must end with the extension: .xsl"); menuItem.PrintInvalidOptionError(UserInput); return; } HostedFile fileToHost = new HostedFile { ListenerId = listener.Id, Path = commands[1], Content = Convert.ToBase64String(Common.CovenantEncoding.GetBytes(launcher.DiskCode)) }; fileToHost = this.CovenantClient.ApiListenersByIdHostedfilesPost(listener.Id ?? default, fileToHost); launcher = this.CovenantClient.ApiLaunchersWmicHostedPost(fileToHost); Uri hostedLocation = new Uri(listener.Url + fileToHost.Path); EliteConsole.PrintFormattedHighlightLine("WmicLauncher hosted at: " + hostedLocation); EliteConsole.PrintFormattedInfoLine("Launcher (cmd.exe): " + launcher.LauncherString); EliteConsole.PrintFormattedInfoLine("Launcher (powershell.exe): " + launcher.LauncherString.Replace("\"", "`\"")); } catch (HttpOperationException e) { EliteConsole.PrintFormattedWarningLine("CovenantException: " + e.Response.Content); } }
public override void Command(MenuItem menuItem, string UserInput) { UsersMenuItem usersMenuItem = (UsersMenuItem)menuItem; usersMenuItem.Refresh(); string[] commands = UserInput.Split(" "); if (commands.Length < 3 || commands.Length > 4 || commands[0].ToLower() != "create") { menuItem.PrintInvalidOptionError(UserInput); EliteConsole.PrintFormattedErrorLine("Usage: Create <username> <password> [<roles>]"); return; } CovenantUser user = this.CovenantClient.ApiUsersPost(new CovenantUserLogin(commands[1], commands[2])); if (user != null) { EliteConsole.PrintFormattedHighlightLine("Created user: \"" + commands[1] + "\""); if (commands.Length == 4) { string[] roleNames = commands[3].Split(","); foreach (string roleName in roleNames) { IdentityRole role = this.CovenantClient.ApiRolesGet().FirstOrDefault(R => R.Name == roleName); if (role != null) { IdentityUserRoleString roleResult = this.CovenantClient.ApiUsersByUidRolesByRidPost(user.Id, role.Id); if (roleResult.UserId == user.Id && roleResult.RoleId == role.Id) { EliteConsole.PrintFormattedHighlightLine("Added user: \"" + commands[1] + "\"" + " to role: \"" + roleName + "\""); } else { EliteConsole.PrintFormattedErrorLine("Failed to add user: \"" + commands[1] + "\" to role: \"" + roleName + "\""); } } } } } else { EliteConsole.PrintFormattedErrorLine("Failed to create user: \"" + commands[1] + "\""); } }
public override void Command(MenuItem menuItem, string UserInput) { try { string[] commands = UserInput.Split(" "); if (commands.Length < 1 || commands.Length > 2 || !commands[0].Equals(this.Name, StringComparison.OrdinalIgnoreCase)) { menuItem.PrintInvalidOptionError(UserInput); return; } if (commands.Length == 2 && (!new List <string> { "stager", "gruntstager", "scriptlet" }.Contains(commands[1].ToLower()))) { EliteConsole.PrintFormattedErrorLine("Type must be one of: \"Stager\"\\\"GruntStager\" or \"Scriptlet\""); menuItem.PrintInvalidOptionError(UserInput); return; } WmicLauncher launcher = ((WmicLauncherMenuItem)menuItem).WmicLauncher; menuItem.Refresh(); if (launcher.LauncherString == "") { this.CovenantClient.ApiLaunchersWmicPost(); menuItem.Refresh(); launcher = ((WmicLauncherMenuItem)menuItem).WmicLauncher; EliteConsole.PrintFormattedHighlightLine("Generated WmicLauncher: " + launcher.LauncherString); } if (commands.Length == 1 || (commands.Length == 2 && commands[1].Equals("gruntstager", StringComparison.OrdinalIgnoreCase))) { EliteConsole.PrintInfoLine(launcher.StagerCode); } else if (commands.Length == 2 && commands[1].Equals("scriptlet", StringComparison.OrdinalIgnoreCase)) { EliteConsole.PrintInfoLine(launcher.DiskCode); } } catch (HttpOperationException e) { EliteConsole.PrintFormattedWarningLine("CovenantException: " + e.Response.Content); } }
public override void Command(MenuItem menuItem, string UserInput) { WmicLauncherMenuItem wmicMenuItem = (WmicLauncherMenuItem)menuItem; string[] commands = UserInput.Split(" "); if (commands.Length != 2 || commands[0].ToLower() != "host") { menuItem.PrintInvalidOptionError(UserInput); return; } wmicMenuItem.wmicLauncher = this.CovenantClient.ApiLaunchersWmicPost(); HttpListener listener = this.CovenantClient.ApiListenersHttpByIdGet(wmicMenuItem.wmicLauncher.ListenerId ?? default); if (listener == null) { EliteConsole.PrintFormattedErrorLine("Can only host a file on a valid HttpListener."); menuItem.PrintInvalidOptionError(UserInput); return; } if (!commands[1].EndsWith(".xsl")) { EliteConsole.PrintFormattedErrorLine("WmicLaunchers must end with the extension: .xsl"); menuItem.PrintInvalidOptionError(UserInput); return; } HostedFile fileToHost = new HostedFile { ListenerId = listener.Id, Path = commands[1], Content = Convert.ToBase64String(Common.CovenantEncoding.GetBytes(wmicMenuItem.wmicLauncher.DiskCode)) }; fileToHost = this.CovenantClient.ApiListenersByIdHostedfilesPost(listener.Id ?? default, fileToHost); wmicMenuItem.wmicLauncher = this.CovenantClient.ApiLaunchersWmicHostedPost(fileToHost); Uri hostedLocation = new Uri(listener.Url + fileToHost.Path); EliteConsole.PrintFormattedHighlightLine("WmicLauncher hosted at: " + hostedLocation); EliteConsole.PrintFormattedInfoLine("Launcher (cmd.exe): " + wmicMenuItem.wmicLauncher.LauncherString); EliteConsole.PrintFormattedInfoLine("Launcher (powershell.exe): " + wmicMenuItem.wmicLauncher.LauncherString.Replace("\"", "`\"")); }
public override void Command(MenuItem menuItem, string UserInput) { try { string[] commands = UserInput.Split(" "); if (commands.Length != 2 || !commands[0].Equals(this.Name, StringComparison.OrdinalIgnoreCase)) { menuItem.PrintInvalidOptionError(UserInput); return; } this.CovenantClient.ApiLaunchersMsbuildPost(); menuItem.Refresh(); MSBuildLauncher launcher = ((MSBuildLauncherMenuItem)menuItem).MSBuildLauncher; HttpListener listener = this.CovenantClient.ApiListenersHttpByIdGet(launcher.ListenerId ?? default); if (listener == null) { EliteConsole.PrintFormattedErrorLine("Can only host a file on a valid HttpListener."); menuItem.PrintInvalidOptionError(UserInput); return; } HostedFile fileToHost = new HostedFile { ListenerId = listener.Id, Path = commands[1], Content = Convert.ToBase64String(Common.CovenantEncoding.GetBytes(launcher.DiskCode)) }; fileToHost = this.CovenantClient.ApiListenersByIdHostedfilesPost(listener.Id ?? default, fileToHost); launcher = this.CovenantClient.ApiLaunchersMsbuildHostedPost(fileToHost); Uri hostedLocation = new Uri(listener.Url + fileToHost.Path); EliteConsole.PrintFormattedHighlightLine("MSBuildLauncher hosted at: " + hostedLocation); EliteConsole.PrintFormattedWarningLine("msbuild.exe cannot execute remotely hosted files, the payload must first be written to disk"); EliteConsole.PrintFormattedInfoLine("Launcher: " + launcher.LauncherString); } catch (HttpOperationException e) { EliteConsole.PrintFormattedWarningLine("CovenantException: " + e.Response.Content); } }
public override void Command(MenuItem menuItem, string UserInput) { try { string[] commands = UserInput.Split(" "); if (commands.Length != 2 || !commands[0].Equals(this.Name, StringComparison.OrdinalIgnoreCase)) { menuItem.PrintInvalidOptionError(UserInput); return; } this.CovenantClient.ApiLaunchersBinaryPost(); menuItem.Refresh(); BinaryLauncher launcher = ((BinaryLauncherMenuItem)menuItem).BinaryLauncher; HttpListener listener = this.CovenantClient.ApiListenersHttpByIdGet(launcher.ListenerId ?? default); if (listener == null) { EliteConsole.PrintFormattedErrorLine("Can only host a file on a valid HttpListener."); menuItem.PrintInvalidOptionError(UserInput); return; } HostedFile fileToHost = new HostedFile { ListenerId = listener.Id, Path = commands[1], Content = launcher.LauncherString }; fileToHost = this.CovenantClient.ApiListenersByIdHostedfilesPost(listener.Id ?? default, fileToHost); launcher = this.CovenantClient.ApiLaunchersBinaryHostedPost(fileToHost); Uri hostedLocation = new Uri(listener.Url + fileToHost.Path); EliteConsole.PrintFormattedHighlightLine("BinaryLauncher hosted at: " + hostedLocation); } catch (HttpOperationException e) { EliteConsole.PrintFormattedWarningLine("CovenantException: " + e.Response.Content); } }
public override void Command(MenuItem menuItem, string UserInput) { WmicLauncherMenuItem wmicLauncherMenuItem = ((WmicLauncherMenuItem)menuItem); string[] commands = UserInput.Split(" "); if (commands.Length != 2 || commands[0].ToLower() != "write") { menuItem.PrintInvalidOptionError(UserInput); } else { wmicLauncherMenuItem.Refresh(); if (wmicLauncherMenuItem.wmicLauncher.LauncherString == "") { wmicLauncherMenuItem.CovenantClient.ApiLaunchersBinaryPost(); wmicLauncherMenuItem.Refresh(); EliteConsole.PrintFormattedHighlightLine("Generated WscriptLauncher: " + wmicLauncherMenuItem.wmicLauncher.LauncherString); } string OutputFilePath = Common.EliteDataFolder + String.Concat(commands[1].Split(System.IO.Path.GetInvalidFileNameChars())); System.IO.File.WriteAllText(OutputFilePath, wmicLauncherMenuItem.wmicLauncher.DiskCode); EliteConsole.PrintFormattedHighlightLine("Wrote WscriptLauncher to: \"" + OutputFilePath + "\""); } }
public override void Command(MenuItem menuItem, string UserInput) { InstallUtilLauncherMenuItem installutilLauncherMenuItem = ((InstallUtilLauncherMenuItem)menuItem); string[] commands = UserInput.Split(" "); if (commands.Length != 2 || commands[0].ToLower() != "write") { menuItem.PrintInvalidOptionError(UserInput); } else { installutilLauncherMenuItem.Refresh(); if (installutilLauncherMenuItem.installutilLauncher.LauncherString == "") { installutilLauncherMenuItem.CovenantClient.ApiLaunchersBinaryPost(); installutilLauncherMenuItem.Refresh(); EliteConsole.PrintFormattedHighlightLine("Generated InstallUtilLauncher: " + installutilLauncherMenuItem.installutilLauncher.LauncherString); } string OutputFilePath = Common.EliteDataFolder + String.Concat(commands[1].Split(System.IO.Path.GetInvalidFileNameChars())); System.IO.File.WriteAllBytes(OutputFilePath, Convert.FromBase64String(installutilLauncherMenuItem.installutilLauncher.DiskCode)); EliteConsole.PrintFormattedHighlightLine("Wrote InstallUtilLauncher to: \"" + OutputFilePath + "\""); } }