Skip to content

Commit

Permalink
Fixes to socks, Encryption errors, Command response errors, added new…
Browse files Browse the repository at this point in the history 
… options to interact page, fixed various exception errors, added abstraction to help prepare for 3rd party implants, details in v0.1.1-Alpha Release notes.
  • Loading branch information
@DragoQCC
DragoQCC committed Apr 5, 2023
1 parent 59fdd3f commit 009a68d
Show file tree
Hide file tree
Showing 39 changed files with 1,678 additions and 1,069 deletions.
8 changes: 8 additions & 0 deletions ApiModels/Requests/SpawnEngineerRequest.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,8 @@ public class SpawnEngineerRequest

public SleepTypes SleepType { get; set; }

public ImplantType implantType { get; set; } = ImplantType.Engineer; // default to engineer

public enum EngCompileType
{
exe,
Expand All @@ -34,5 +36,11 @@ public enum SleepTypes
Custom_RC4,
// Ekko,
}

public enum ImplantType
{
Engineer,
Constructor,
}
}
}
3 changes: 2 additions & 1 deletion Engineer/Commands/Connect.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -50,7 +50,7 @@ public override async Task Execute(EngineerTask task)
else if (!ParentIsServer)
{

Tasking.FillTaskResults($"starting parent as client\ntrying to connect to {serverip}:{serverport}", task, EngTaskStatus.Running,TaskResponseType.String);
//Tasking.FillTaskResults($"starting parent as client\ntrying to connect to {serverip}:{serverport}", task, EngTaskStatus.Running,TaskResponseType.String);
ParentTCPcommModule = new EngTCPComm(int.Parse(serverport), serverip, true); // parent as client
Task.Run(async () => await ParentTCPcommModule.Start());
}
Expand All @@ -59,6 +59,7 @@ public override async Task Execute(EngineerTask task)
System.Threading.Thread.Sleep(20);
}
Tasking.FillTaskResults(Output, task, EngTaskStatus.Complete,TaskResponseType.String);
Output = null;
}
}
}
1 change: 0 additions & 1 deletion Engineer/Commands/rportForward.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -66,7 +66,6 @@ private static async Task HandleSendRecive(string bindPort, string client)
},
File = dataToSend
};
Program.InboundCommandsRec += 1;
Task.Run(async () => await Tasking.DealWithTask(task));
}
}
Expand Down
33 changes: 19 additions & 14 deletions Engineer/Commands/socks.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,7 @@ namespace Engineer.Commands
{
internal class socks : EngineerCommand
{
public static List<string> SocksClients = new();
public static SynchronizedCollection<string> SocksClients = new();
public static readonly ConcurrentDictionary<string, ConcurrentQueue<byte[]>> SocksClientsData = new();


Expand All @@ -36,7 +36,6 @@ public override async Task Execute(EngineerTask task)
}

Tasking.FillTaskResults($"socks started on team server at port {port}", task, EngTaskStatus.Running,TaskResponseType.String);

}
}
internal class socksConnect : EngineerCommand
Expand Down Expand Up @@ -79,16 +78,17 @@ private async Task ConnectSocks(string address, string port,string client)
try
{
await destination.ConnectAsync(ipAddress, portInt);
//Console.WriteLine($"Connected to {ipAddress}:{portInt}");
while (!socks._tokenSource.IsCancellationRequested)
{

//if destination is not connected remove it from the socks clients list and dictionarys and exit while loop
if (!destination.Connected)
{
socks.SocksClients.Remove(client);
socks.SocksClientsData.TryRemove(client, out var _);
break;
}
////if destination is not connected remove it from the socks clients list and dictionarys and exit while loop
//if (!destination.Connected)
//{
// socks.SocksClients.Remove(client);
// socks.SocksClientsData.TryRemove(client, out var _);
// break;
//}

// send to destination
if (!socks.SocksClientsData[client].IsEmpty)
Expand All @@ -113,11 +113,10 @@ private async Task ConnectSocks(string address, string port,string client)
{"/client",client }
}
};
Program.InboundCommandsRec += 1;
Task.Run(async() => await Tasking.DealWithTask(task));
Task.Run(async() => await Tasking.DealWithTask(task));
}
// rip cpu
await Task.Delay(10);
await Task.Delay(2);
}
}
catch (Exception e)
Expand All @@ -139,7 +138,6 @@ public override async Task Execute(EngineerTask task)
//while the socks client is waiting for data to be sent do not send the data
var req = task.File;
socks.SocksClientsData[client].Enqueue(req);
Tasking.FillTaskResults($"Sending data",task,EngTaskStatus.Complete,TaskResponseType.String);
}
}

Expand All @@ -150,8 +148,15 @@ internal class SocksReceive : EngineerCommand
public override async Task Execute(EngineerTask task)
{
// trygetvalue of task.arguments /data and return that value
var sockContent = task.File;
//set task.FIle to null otherwise we are sending the data in the task object and the result string
task.Arguments.TryGetValue("/client", out var client);
Tasking.FillTaskResults(Convert.ToBase64String(task.File) + "\n" + client, task, EngTaskStatus.Complete,TaskResponseType.String);
byte[] sockClient = client.JsonSerialize();
byte[] socks_client_length = BitConverter.GetBytes(sockClient.Length);
task.File = null;
byte[] finalSocksRec_content = socks_client_length.Concat(sockClient).Concat(sockContent).ToArray();

Tasking.FillTaskResults(finalSocksRec_content, task, EngTaskStatus.Complete, TaskResponseType.None);
}
}

Expand Down
11 changes: 10 additions & 1 deletion Engineer/Extra/Extensions.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -37,7 +37,16 @@ public static byte[] JsonSerialize<T>(this T data)
JSONParameters jsonParameters = new JSONParameters();
jsonParameters.UseValuesOfEnums = true;
string json = JSON.ToJSON(data,jsonParameters);
return Encoding.UTF8.GetBytes(json);
//write the json string to a memory stream and return the byte array
using (MemoryStream ms = new MemoryStream())
{
using (StreamWriter sw = new StreamWriter(ms))
{
sw.Write(json);
sw.Flush();
return ms.ToArray();
}
}
}
catch (Exception e)
{
Expand Down
12 changes: 7 additions & 5 deletions Engineer/Functions/Encryption.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -24,15 +24,17 @@ public static byte[] AES_Encrypt(byte[] bytesToBeEncrypted, string EncodedPasswo
byte[] saltBytes = new byte[] { 1, 2, 3, 4, 5, 6, 7, 8 };
using (MemoryStream ms = new MemoryStream())
{
using (AesCryptoServiceProvider aes = new AesCryptoServiceProvider())


using (Aes aes = Aes.Create())
{
aes.KeySize = 256;
aes.BlockSize = 128;
var key = new Rfc2898DeriveBytes(passwordBytes, saltBytes, 1000);
aes.Key = key.GetBytes(aes.KeySize / 8);
aes.IV = key.GetBytes(aes.BlockSize / 8);
aes.Mode = CipherMode.CBC;
aes.Padding = PaddingMode.ANSIX923;
aes.Padding = PaddingMode.PKCS7;
using (var cs = new CryptoStream(ms, aes.CreateEncryptor(), CryptoStreamMode.Write))
{
cs.Write(bytesToBeEncrypted, 0, bytesToBeEncrypted.Length);
Expand Down Expand Up @@ -66,15 +68,15 @@ public static byte[] AES_Decrypt(byte[] bytesToBeDecrypted, string EncodedPasswo
byte[] saltBytes = new byte[] { 1, 2, 3, 4, 5, 6, 7, 8 };
using (MemoryStream ms = new MemoryStream())
{
using (AesCryptoServiceProvider aes = new AesCryptoServiceProvider())
using (Aes aes = Aes.Create())
{
aes.KeySize = 256;
aes.BlockSize = 128;
var key = new Rfc2898DeriveBytes(passwordBytes, saltBytes, 1000);
aes.Key = key.GetBytes(aes.KeySize / 8);
aes.IV = key.GetBytes(aes.BlockSize / 8);
aes.Mode = CipherMode.CBC;
aes.Padding = PaddingMode.ANSIX923;
aes.Padding = PaddingMode.PKCS7;
using (var cs = new CryptoStream(ms, aes.CreateDecryptor(), CryptoStreamMode.Write))
{
cs.Write(bytesToBeDecrypted, 0, bytesToBeDecrypted.Length);
Expand All @@ -89,7 +91,7 @@ public static byte[] AES_Decrypt(byte[] bytesToBeDecrypted, string EncodedPasswo
catch (System.Exception ex)
{
//Console.WriteLine(ex.Message);
//Console.WriteLine(ex.StackTrace);
// Console.WriteLine(ex.StackTrace);
return null;
}
}
Expand Down
28 changes: 10 additions & 18 deletions Engineer/Functions/Tasking.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,13 +6,14 @@
using System.Text;
using System.Threading.Tasks;
using Engineer.Commands;
using System.Collections.Concurrent;

namespace Engineer.Functions
{
internal class Tasking
{
public static Dictionary<string, EngineerTaskResult> engTaskResultDic = new(); // key is the task id and value is the whole task
public static Dictionary<string, EngineerTask> engTaskDic = new(); // key is the task id and value is the whole task
public static ConcurrentDictionary<string, EngineerTaskResult> engTaskResultDic = new(); // key is the task id and value is the whole task
public static ConcurrentDictionary<string, EngineerTask> engTaskDic = new(); // key is the task id and value is the whole task

public static void DealWithTasks(IEnumerable<EngineerTask> tasks)
{
Expand Down Expand Up @@ -46,7 +47,7 @@ public static async Task DealWithTask(EngineerTask task)
try
{
//add task to engTaskDic
engTaskDic.Add(task.Id, task);
engTaskDic.TryAdd(task.Id, task);

//make an EngineerTaskResult
var taskResult = new EngineerTaskResult
Expand Down Expand Up @@ -88,7 +89,7 @@ public static void AddTaskResult(EngineerTaskResult taskResult)
{
if (!engTaskResultDic.ContainsKey(taskResult.Id))
{
engTaskResultDic.Add(taskResult.Id, taskResult);
engTaskResultDic.TryAdd(taskResult.Id, taskResult);
}
}

Expand All @@ -112,7 +113,7 @@ public static void FillTaskResults(object output, EngineerTask task,EngTaskStatu
}
else
{
engTaskResultDic[task.Id].Result = (output as string).JsonSerialize();
engTaskResultDic[task.Id].Result = (output as byte[]);
}
engTaskResultDic[task.Id].Status = taskStatus;
engTaskResultDic[task.Id].ResponseType = taskResponseType;
Expand Down Expand Up @@ -144,24 +145,18 @@ public static void FillTaskResults(object output, EngineerTask task,EngTaskStatu
}
else if (task.Command.Equals("P2PFirstTimeCheckIn", StringComparison.CurrentCultureIgnoreCase))
{
//Console.WriteLine($"first check in task {task.Id} complete");
engTaskResultDic[task.Id].IsHidden = true;
SendTaskResult(engTaskResultDic[task.Id]);
//Program.SendTaskResult(task.Id, result, true, EngTaskStatus.Complete);
}
else if (task.Command.Equals("CheckIn", StringComparison.CurrentCultureIgnoreCase))
{
//Console.WriteLine($" check in task {task.Id} complete");
engTaskResultDic[task.Id].IsHidden = true;
SendTaskResult(engTaskResultDic[task.Id]);
//Program.SendTaskResult(task.Id, result, true, EngTaskStatus.Complete);
}
else if (task.Command.Equals("rportsend", StringComparison.CurrentCultureIgnoreCase) || task.Command.Equals("rportRecieve", StringComparison.CurrentCultureIgnoreCase) || task.Command.Equals("rportforward", StringComparison.CurrentCultureIgnoreCase))
{
//Console.WriteLine($"task {task.Id} complete");
engTaskResultDic[task.Id].IsHidden = true;
SendTaskResult(engTaskResultDic[task.Id]);
//Program.SendTaskResult(task.Id, result, true, EngTaskStatus.Complete);
}
else if(task.Command.Equals("canceltask",StringComparison.CurrentCultureIgnoreCase))
{
Expand All @@ -175,16 +170,14 @@ public static void FillTaskResults(object output, EngineerTask task,EngTaskStatu
}
else
{
//Console.WriteLine($"{DateTime.Now} task {task.Id} complete");
SendTaskResult(engTaskResultDic[task.Id]);
//Program.SendTaskResult(task.Id, result, false, EngTaskStatus.Complete);
}

if(engTaskResultDic[task.Id].Status != EngTaskStatus.Running)
{
//if task is not running then remove it from the dictionary to save memory
engTaskResultDic.Remove(task.Id);
engTaskDic.Remove(task.Id);
engTaskResultDic.TryRemove(task.Id, out _);
engTaskDic.TryRemove(task.Id, out _);
}

}
Expand All @@ -206,7 +199,8 @@ public static void SendTaskResult(EngineerTaskResult taskResult)
Result = taskResult.Result,
IsHidden = taskResult.IsHidden,
Status = taskResult.Status,
EngineerId = taskResult.EngineerId
EngineerId = taskResult.EngineerId,
ResponseType = taskResult.ResponseType,
};
if (Program.ManagerType.Equals("http", StringComparison.CurrentCultureIgnoreCase))
{
Expand All @@ -216,7 +210,6 @@ public static void SendTaskResult(EngineerTaskResult taskResult)

else if (Program.ManagerType.Equals("tcp", StringComparison.CurrentCultureIgnoreCase))
{
Program.OutboundResponsesSent += 1;
//Console.WriteLine("is tcp seralizing task result");
IEnumerable<EngineerTaskResult> tempResult = new List<EngineerTaskResult> { NewtaskResult };
var SeraliedTaskResult = tempResult.JsonSerialize();
Expand All @@ -227,7 +220,6 @@ public static void SendTaskResult(EngineerTaskResult taskResult)

else if (Program.ManagerType.Equals("smb", StringComparison.CurrentCultureIgnoreCase))
{
Program.OutboundResponsesSent += 1;
IEnumerable<EngineerTaskResult> tempResult = new List<EngineerTaskResult> { NewtaskResult };
var SeraliedTaskResult = tempResult.JsonSerialize();
var encryptedTaskResult = Encryption.AES_Encrypt(SeraliedTaskResult, Program.UniqueTaskKey);
Expand Down
6 changes: 0 additions & 6 deletions Engineer/Models/CommModule.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -29,10 +29,6 @@ internal IEnumerable<EngineerTaskResult> GetOutbound()
while (Outbound.TryDequeue(out var task))
{
outbound.Add(task);
if (task.Status != EngTaskStatus.Running)
{
Program.OutboundResponsesSent += 1;
}
}
return outbound;
}
Expand All @@ -59,11 +55,9 @@ public bool RecvData(out IEnumerable<EngineerTask> tasks)
while (Inbound.TryDequeue(out var task))
{
list.Add(task);
Program.InboundCommandsRec += 1;
}

tasks = list;
//Console.WriteLine("dequeued task");
return true;

}
Expand Down
Loading

0 comments on commit 009a68d

Please sign in to comment.