Codebase list fudgec2 / 75831da
Initial release Sophie Brun 4 years ago
13 changed file(s) with 364 addition(s) and 0 deletion(s). Raw diff Collapse all Expand all
+5
-0
debian/changelog less more
0 fudgec2 (0.5.0-0kali1) kali-dev; urgency=medium
1
2 * Initial release (see: 6140)
3
4 -- Sophie Brun <[email protected]> Thu, 12 Mar 2020 11:21:56 +0100
+34
-0
debian/control less more
0 Source: fudgec2
1 Section: utils
2 Priority: optional
3 Maintainer: Kali Developers <[email protected]>
4 Uploaders: Sophie Brun <[email protected]>
5 Build-Depends: debhelper-compat (= 12), dh-python, python3
6 Standards-Version: 4.5.0
7 Homepage: https://github.com/Ziconius/FudgeC2
8 Vcs-Browser: https://gitlab.com/kalilinux/packages/fudgec2
9 Vcs-Git: https://gitlab.com/kalilinux/packages/fudgec2.git
10
11 Package: fudgec2
12 Architecture: all
13 Depends: powershell,
14 python3-bcrypt,
15 python3-cryptography,
16 python3-flask,
17 python3-flask-login,
18 python3-flask-sqlalchemy,
19 python3-requests,
20 ${misc:Depends},
21 ${python3:Depends}
22 Description: framework for team collaboration and post-exploitation activities
23 This package contains a command and control framework designed for team
24 collaboration and post-exploitation activities.
25 .
26 It's a Powershell C2 platform designed to facilitate team collaboration and
27 campaign timelining, released at BlackHat Arsenal USA 2019. This aims to help
28 clients better understand red team activities by presenting them with more
29 granular detail of adversarial techniques.
30 .
31 Built on Python3 with a web frontend, FudgeC2 aims to provide red team
32 operators a simple interface in which to manage active implants across their
33 campaigns.
+27
-0
debian/copyright less more
0 Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
1 Upstream-Name: fudgec2
2 Source: https://github.com/Ziconius/FudgeC2
3
4 Files: *
5 Copyright: Kris
6 License: GPL-3
7
8 Files: debian/*
9 Copyright: 2020 Sophie Brun <[email protected]>
10 License: GPL-3
11
12 License: GPL-3
13 This package is free software; you can redistribute it and/or modify it
14 under the terms of the GNU General Public License version 3 as published
15 by the Free Software Foundation.
16 .
17 This package is distributed in the hope that it will be useful,
18 but WITHOUT ANY WARRANTY; without even the implied warranty of
19 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
20 GNU General Public License for more details.
21 .
22 You should have received a copy of the GNU General Public License
23 along with this program. If not, see <https://www.gnu.org/licenses/>
24 .
25 On Debian systems, the complete text of the GNU General
26 Public License version 3 can be found in "/usr/share/common-licenses/GPL-3".
+1
-0
debian/fudgec2.docs less more
0 README.md
+2
-0
debian/fudgec2.install less more
0 FudgeC2 FudgeC2Viewer usr/share/fudgec2
1 debian/helper-script/* usr/bin
+4
-0
debian/helper-script/fudgec2 less more
0 #!/bin/sh
1
2 cd /usr/share/fudgec2/FudgeC2
3 exec python3 Controller.py "$@"
+50
-0
debian/patches/Don-t-check-for-newer-version-in-github.patch less more
0 From: Sophie Brun <[email protected]>
1 Date: Thu, 12 Mar 2020 15:02:00 +0100
2 Subject: Don't check for newer version in github
3
4 ---
5 FudgeC2/ServerApp/modules/ApplicationManager.py | 26 +++++++++++++------------
6 1 file changed, 14 insertions(+), 12 deletions(-)
7
8 diff --git a/FudgeC2/ServerApp/modules/ApplicationManager.py b/FudgeC2/ServerApp/modules/ApplicationManager.py
9 index 6a3a81e..eb3cabb 100644
10 --- a/FudgeC2/ServerApp/modules/ApplicationManager.py
11 +++ b/FudgeC2/ServerApp/modules/ApplicationManager.py
12 @@ -14,17 +14,19 @@ class AppManager:
13 @staticmethod
14 def check_software_version():
15 # Returns "True" if the software is behind Git Hubs master version file.
16 - url = "https://raw.githubusercontent.com/Ziconius/FudgeC2/master/FudgeC2/Storage/version.txt"
17 - try:
18 - request_result = requests.get(url, timeout=1)
19 - master = request_result.content.decode()
20 - if LooseVersion(master) > LooseVersion(Settings.version):
21 - return True
22 - else:
23 - return False
24 - except Exception as exception_text:
25 - print("check_software_version(): ",exception_text)
26 - return False
27 +# url = "https://raw.githubusercontent.com/Ziconius/FudgeC2/master/FudgeC2/Storage/version.txt"
28 +# try:
29 +# request_result = requests.get(url, timeout=1)
30 +# master = request_result.content.decode()
31 +# if LooseVersion(master) > LooseVersion(Settings.version):
32 +# return True
33 +# else:
34 +# return False
35 +# except Exception as exception_text:
36 +# print("check_software_version(): ",exception_text)
37 +# return False
38 +# Don't check software version. We update the tool with apt
39 + return False
40
41 @staticmethod
42 def get_software_verision_number():
43 @@ -72,4 +74,4 @@ class AppManager:
44 return []
45
46 def get_all_user_campaigns(self, username):
47 - return self.db.campaign.get_all_user_campaigns(username)
48 \ No newline at end of file
49 + return self.db.campaign.get_all_user_campaigns(username)
+22
-0
debian/patches/Fix-import-path.patch less more
0 From: Sophie Brun <[email protected]>
1 Date: Thu, 12 Mar 2020 12:04:07 +0100
2 Subject: Fix import path
3
4 Gbp Pq: Name fix-import-path.patch
5 ---
6 FudgeC2/Implant/implant_core/download_file.py | 2 +-
7 1 file changed, 1 insertion(+), 1 deletion(-)
8
9 diff --git a/FudgeC2/Implant/implant_core/download_file.py b/FudgeC2/Implant/implant_core/download_file.py
10 index 20090ed..8e574be 100644
11 --- a/FudgeC2/Implant/implant_core/download_file.py
12 +++ b/FudgeC2/Implant/implant_core/download_file.py
13 @@ -1,7 +1,7 @@
14 import secrets
15 import base64
16
17 -from FudgeC2.Storage.settings import Settings
18 +from Storage.settings import Settings
19
20
21 class DownloadFile:
+205
-0
debian/patches/Store-generated-files-in-home-user-dir.patch less more
0 From: Sophie Brun <[email protected]>
1 Date: Tue, 17 Mar 2020 16:17:45 +0100
2 Subject: Store generated files in home user dir
3
4 Description: Store the generated files in ~/.local/fudgec2 instead of
5 /usr/share/fudgec2/Storage. settings.py are still in /usr/share/fudgec2/Storage.
6 Last-Update: 2020-03-17
7 ---
8 FudgeC2/Controller.py | 8 ++++++--
9 FudgeC2/Data/Database.py | 2 +-
10 FudgeC2/Data/models.py | 2 +-
11 FudgeC2/Listeners/HttpListener.py | 7 ++++---
12 FudgeC2/Listeners/ListenerManagement.py | 2 +-
13 FudgeC2/ServerApp/ImplantManager.py | 4 ++--
14 FudgeC2/ServerApp/modules/ExportManager.py | 6 +++---
15 FudgeC2/ServerApp/templates/HelpPage.html | 4 ++--
16 FudgeC2/Storage/settings.py | 6 ++++--
17 9 files changed, 24 insertions(+), 17 deletions(-)
18
19 diff --git a/FudgeC2/Controller.py b/FudgeC2/Controller.py
20 index 723c37f..ed94dff 100644
21 --- a/FudgeC2/Controller.py
22 +++ b/FudgeC2/Controller.py
23 @@ -7,10 +7,14 @@ from Storage.settings import Settings
24 from ServerApp import ImplantManager
25 from Listeners import ListenerManagement
26
27 +DB_PATH = os.path.expanduser("~/.local/fudgec2/Storage")
28 +if not os.path.isdir(DB_PATH):
29 + os.makedirs(DB_PATH, exist_ok=True)
30 +
31
32 def check_tls_certificates(cert, key):
33 - cert_result = os.path.isfile(os.getcwd() + "/Storage/" + cert)
34 - key_result = os.path.isfile(os.getcwd() + "/Storage/" + key)
35 + cert_result = os.path.isfile(os.path.expanduser("~/.local/fudgec2/Storage/") + cert)
36 + key_result = os.path.isfile(os.path.expanduser("~/.local/fudgec2/Storage/") + key)
37 if key_result is False or cert_result is False:
38 print("Warning: Missing crypto keys for TLS listeners. These will fail to boot.")
39 return
40 diff --git a/FudgeC2/Data/Database.py b/FudgeC2/Data/Database.py
41 index 7871a22..e6e94d6 100644
42 --- a/FudgeC2/Data/Database.py
43 +++ b/FudgeC2/Data/Database.py
44 @@ -24,7 +24,7 @@ CL = CampaignLoggingDecorator()
45
46 class Database:
47 def __init__(self):
48 - path = os.getcwd() + "/Storage/"
49 + path = os.path.expanduser("~/.local/fudgec2/Storage/")
50 engine = create_engine(f"sqlite:///{path}/{Settings.database_name}?check_same_thread=False")
51
52 self.selectors = {
53 diff --git a/FudgeC2/Data/models.py b/FudgeC2/Data/models.py
54 index 18476f8..e044d6d 100644
55 --- a/FudgeC2/Data/models.py
56 +++ b/FudgeC2/Data/models.py
57 @@ -147,6 +147,6 @@ class Listeners(Base):
58 # -- Generate an empty database if no database is found.
59 # -- additional checks for file existence would be sensible first
60
61 -path = os.getcwd() + "/Storage/"
62 +path = os.path.expanduser("~/.local/fudgec2/Storage/")
63 engine = create_engine(f"sqlite:///{path}/{Settings.database_name}?check_same_thread=False", echo=False)
64 Base.metadata.create_all(engine)
65 diff --git a/FudgeC2/Listeners/HttpListener.py b/FudgeC2/Listeners/HttpListener.py
66 index 7a4bef2..d2e1446 100644
67 --- a/FudgeC2/Listeners/HttpListener.py
68 +++ b/FudgeC2/Listeners/HttpListener.py
69 @@ -15,7 +15,8 @@ app.config['SECRET_KEY'] = str(uuid4())
70
71 # Adding the functions which manage encoding built in commands for transfer
72 def craft_sound_file(value_dict, command_id):
73 - path = f"{os.getcwd()}/Storage/implant_resources/{value_dict['args']}"
74 +
75 + path = f"{os.path.expanduser('~/.local/fudgec2')}/Storage/implant_resources/{value_dict['args']}"
76 with open(path, 'rb') as file:
77 audio = base64.standard_b64encode(file.read()).decode()
78 final_audio = f"{value_dict['type']}{command_id}{audio}"
79 @@ -33,7 +34,7 @@ def craft_file_upload(value_dict, command_id):
80 arg_dict = value_dict['args'].split(" ")
81 local_file = arg_dict[0]
82 target_location = arg_dict[1]
83 - with open (os.getcwd()+"/Storage/implant_resources/"+local_file, 'rb') as file_h:
84 + with open (os.path.expanduser("~/.local/fudgec2/Storage/implant_resources/")+local_file, 'rb') as file_h:
85 a = file_h.read()
86 b = base64.b64encode(a).decode()
87 final_str = base64.b64encode(target_location.encode()).decode()+"::"+b
88 @@ -62,7 +63,7 @@ def craft_export_clipboard(value_dict, command_id):
89
90 def craft_load_module(value_dict, command_id):
91 try:
92 - with open(str(os.getcwd()+"/Storage/implant_resources/modules/"+value_dict['args']+".ps1"), 'r') as fileh:
93 + with open(str(os.path.expanduser("~/.local/fudgec2/Storage/implant_resources/modules/")+value_dict['args']+".ps1"), 'r') as fileh:
94 to_encode = f"{value_dict['args']}::{fileh.read()}"
95 load_module_string = "LM" + command_id + base64.b64encode(to_encode.encode()).decode()
96 return load_module_string
97 diff --git a/FudgeC2/Listeners/ListenerManagement.py b/FudgeC2/Listeners/ListenerManagement.py
98 index 310a8bd..dba7eb5 100644
99 --- a/FudgeC2/Listeners/ListenerManagement.py
100 +++ b/FudgeC2/Listeners/ListenerManagement.py
101 @@ -33,7 +33,7 @@ class HttpListener(Listener):
102 # Read settings before this becomes an issue!
103 tls_key = "server.key"
104 tls_cert = "server.crt"
105 - path = os.getcwd() + "/Storage/"
106 + path = os.path.expanduser("~/.local/fudgec2/Storage/")
107
108 def _create_app(self, listener_type):
109 import Listeners.HttpListener
110 diff --git a/FudgeC2/ServerApp/ImplantManager.py b/FudgeC2/ServerApp/ImplantManager.py
111 index f0c04fe..e4afba4 100644
112 --- a/FudgeC2/ServerApp/ImplantManager.py
113 +++ b/FudgeC2/ServerApp/ImplantManager.py
114 @@ -172,7 +172,7 @@ def help_page():
115 @login_required
116 def GlobalListenerPage():
117 if app.config['listener_management'].check_tls_certificates() is False:
118 - flash('TLS certificates do not exist within the <install dir>/FudgeC2/Storage directory.')
119 + flash('TLS certificates do not exist within the <home dir>/.local/fudgec2/Storage directory.')
120 return render_template("listeners/listeners.html",
121 test_data=app.config['listener_management'].get_active_listeners())
122
123 @@ -302,7 +302,7 @@ def export_campaign_by_cid(cid):
124 if filename is False:
125 return "False"
126 else:
127 - return send_file("../Storage/ExportedCampaigns/"+filename, as_attachment=True, attachment_filename="filename")
128 + return send_file(os.path.expanduser("~/.local/fudgec2/Storage/ExportedCampaigns/")+filename, as_attachment=True, attachment_filename="filename")
129 else:
130 export_result = ExpoManager.export_campaign_database(current_user.user_email, cid)
131 if export_result is not False:
132 diff --git a/FudgeC2/ServerApp/modules/ExportManager.py b/FudgeC2/ServerApp/modules/ExportManager.py
133 index ed8a88d..4a3ed9f 100644
134 --- a/FudgeC2/ServerApp/modules/ExportManager.py
135 +++ b/FudgeC2/ServerApp/modules/ExportManager.py
136 @@ -39,7 +39,7 @@ class DbCreator:
137 def __init__(self, filename):
138 filename = filename
139
140 - path = os.getcwd() + "/Storage/ExportedCampaigns/"
141 + path = os.path.expanduser("~/.local/fudgec2/Storage/ExportedCampaigns/")
142 database_name = filename
143
144 engine = create_engine(f"sqlite:///{path}/{database_name}?check_same_thread=False", echo=False)
145 @@ -52,7 +52,7 @@ class DbCreator:
146 class CampaignExportManager:
147 export_db = None
148 db = Database()
149 - file_dir = "Storage/ExportedCampaigns/"
150 + file_dir = os.path.expanduser("~/.local/fudgec2/Storage/ExportedCampaigns/")
151
152 def test(self, filename, file_dir):
153 # check file name for uniqueness.
154 @@ -114,7 +114,7 @@ class CampaignExportManager:
155
156 campaign_name = self.db.campaign.Get_CampaignNameFromCID(cid)
157 file_name = f"{campaign_name.replace(' ', '_')}_{time.time()}"
158 - file_dir = "Storage/ExportedCampaigns/"
159 + file_dir = os.path.expanduser("~/.local/fudgec2/Storage/ExportedCampaigns/")
160 a = os.listdir(file_dir)
161 database = file_dir + file_name
162 if file_name in a:
163 diff --git a/FudgeC2/ServerApp/templates/HelpPage.html b/FudgeC2/ServerApp/templates/HelpPage.html
164 index 3591447..5c787a8 100644
165 --- a/FudgeC2/ServerApp/templates/HelpPage.html
166 +++ b/FudgeC2/ServerApp/templates/HelpPage.html
167 @@ -62,7 +62,7 @@
168
169 <div class="col-sm-4 p-1 border-bottom"><code>:: upload_file [local filename] [[path] filename ] </code></div>
170 <div class="col-sm-8 p-1 border-bottom">Uploads a target file to the supplied directory. All target upload files should be placed in:<br>
171 - <span class="">{installation dir}/FudgeC2/Storage/implant_resources/</span>
172 + <span class="">{home dir}/.local/fudgec2/Storage/implant_resources/</span>
173 </div>
174
175 <div class="col-sm-12 border-bottom"><pre>Under development:</pre></div>
176 @@ -111,4 +111,4 @@
177 </div>
178 </div>
179 </div>
180 -{% endblock %}
181 \ No newline at end of file
182 +{% endblock %}
183 diff --git a/FudgeC2/Storage/settings.py b/FudgeC2/Storage/settings.py
184 index 4d416a6..52b5c7b 100644
185 --- a/FudgeC2/Storage/settings.py
186 +++ b/FudgeC2/Storage/settings.py
187 @@ -1,3 +1,5 @@
188 +import os
189 +
190 class Settings:
191 version = "0.5.0"
192 version_name = "Goblin Alchemist"
193 @@ -10,8 +12,8 @@ class Settings:
194 # This should be set to False for any non-development/testing deployments.
195 server_app_debug = True
196 # Cert & key file names used for TLS connections. These should be PEM formatted.
197 - # Files will be stored in: '<install dir>/FudgeC2/Storage'.
198 + # Files will be stored in: '<home dir>/.local/fudgec2/Storage'.
199 tls_listener_cert = "server.crt"
200 tls_listener_key = "server.key"
201 # This is the folder in which all implant file download will be sent to.
202 - file_download_folder = "./Storage/campaign_downloads/"
203 \ No newline at end of file
204 + file_download_folder = os.path.expanduser("~/.local/fudgec2/Storage/campaign_downloads/")
+3
-0
debian/patches/series less more
0 Fix-import-path.patch
1 Don-t-check-for-newer-version-in-github.patch
2 Store-generated-files-in-home-user-dir.patch
+6
-0
debian/rules less more
0 #!/usr/bin/make -f
1 # output every command that modifies files on the build system.
2 #export DH_VERBOSE = 1
3
4 %:
5 dh $@ --with python3
+1
-0
debian/source/format less more
0 3.0 (quilt)
+4
-0
debian/watch less more
0 version=4
1 opts="filenamemangle=s%(?:.*?)?v?(\d[\d.]*)\.tar\.gz%fudgec2-$1.tar.gz%" \
2 https://github.com/Ziconius/FudgeC2/tags \
3 (?:.*?/)?v?(\d[\d.]*)\.tar\.gz debian uupdate