Rename another payload-templates
Sophie Brun
3 years ago
0 | From: Sophie Brun <[email protected]> | |
1 | Date: Tue, 26 May 2020 10:58:04 +0200 | |
2 | Subject: Rename Implant-Core.py to Implant-Core.py.dat | |
3 | ||
4 | Last-Update: 2020-05-26 | |
5 | ||
6 | Description: the file doesn't contain only Python. dpkg will fail during | |
7 | installation because of syntax errors. | |
8 | --- | |
9 | poshc2/server/Implant.py | 2 +- | |
10 | 1 file changed, 1 insertion(+), 1 deletion(-) | |
11 | ||
12 | diff --git a/poshc2/server/Implant.py b/poshc2/server/Implant.py | |
13 | index abf3d3e..ca0ebe0 100644 | |
14 | --- a/poshc2/server/Implant.py | |
15 | +++ b/poshc2/server/Implant.py | |
16 | @@ -46,7 +46,7 @@ NEWKEY8839394%s4939388YEKWEN | |
17 | IMGS19459394%s49395491SGMI""" % (self.RandomURI, self.AllBeaconURLs, self.KillDate, self.Sleep, self.Jitter, self.Key, self.AllBeaconImages) | |
18 | with open("%spy_dropper.sh" % (PayloadsDirectory), 'rb') as f: | |
19 | self.PythonImplant = base64.b64encode(f.read()).decode("utf-8") | |
20 | - py_implant_core = open("%s/Implant-Core.py" % PayloadTemplatesDirectory, 'r').read() | |
21 | + py_implant_core = open("%s/Implant-Core.py.dat" % PayloadTemplatesDirectory, 'r').read() | |
22 | self.PythonCore = py_implant_core % (self.DomainFrontHeader, self.Sleep, self.AllBeaconImages, self.AllBeaconURLs, self.KillDate, self.PythonImplant, self.Jitter, self.Key, self.RandomURI, self.UserAgent) | |
23 | ps_implant_core = open("%s/Implant-Core.ps1" % PayloadTemplatesDirectory, 'r').read() | |
24 | self.PSCore = ps_implant_core % (self.Key, self.Jitter, self.Sleep, self.AllBeaconImages, self.RandomURI, self.RandomURI, self.KillDate, self.AllBeaconURLs) # Add all db elements def display(self): |
0 | From: Sophie Brun <[email protected]> | |
1 | Date: Tue, 26 May 2020 10:58:04 +0200 | |
2 | Subject: Rename few payload-templates | |
3 | ||
4 | Last-Update: 2020-05-26 | |
5 | ||
6 | Description: the files don't contain only Python. dpkg will fail during | |
7 | installation because of syntax errors. | |
8 | --- | |
9 | poshc2/server/Implant.py | 2 +- | |
10 | poshc2/server/payloads/Payloads.py | 2 +- | |
11 | 2 files changed, 2 insertions(+), 2 deletions(-) | |
12 | ||
13 | diff --git a/poshc2/server/Implant.py b/poshc2/server/Implant.py | |
14 | index abf3d3e..ca0ebe0 100644 | |
15 | --- a/poshc2/server/Implant.py | |
16 | +++ b/poshc2/server/Implant.py | |
17 | @@ -46,7 +46,7 @@ NEWKEY8839394%s4939388YEKWEN | |
18 | IMGS19459394%s49395491SGMI""" % (self.RandomURI, self.AllBeaconURLs, self.KillDate, self.Sleep, self.Jitter, self.Key, self.AllBeaconImages) | |
19 | with open("%spy_dropper.sh" % (PayloadsDirectory), 'rb') as f: | |
20 | self.PythonImplant = base64.b64encode(f.read()).decode("utf-8") | |
21 | - py_implant_core = open("%s/Implant-Core.py" % PayloadTemplatesDirectory, 'r').read() | |
22 | + py_implant_core = open("%s/Implant-Core.py.dat" % PayloadTemplatesDirectory, 'r').read() | |
23 | self.PythonCore = py_implant_core % (self.DomainFrontHeader, self.Sleep, self.AllBeaconImages, self.AllBeaconURLs, self.KillDate, self.PythonImplant, self.Jitter, self.Key, self.RandomURI, self.UserAgent) | |
24 | ps_implant_core = open("%s/Implant-Core.ps1" % PayloadTemplatesDirectory, 'r').read() | |
25 | self.PSCore = ps_implant_core % (self.Key, self.Jitter, self.Sleep, self.AllBeaconImages, self.RandomURI, self.RandomURI, self.KillDate, self.AllBeaconURLs) # Add all db elements def display(self): | |
26 | diff --git a/poshc2/server/payloads/Payloads.py b/poshc2/server/payloads/Payloads.py | |
27 | index b17bb21..57d1cf2 100644 | |
28 | --- a/poshc2/server/payloads/Payloads.py | |
29 | +++ b/poshc2/server/payloads/Payloads.py | |
30 | @@ -357,7 +357,7 @@ class Payloads(object): | |
31 | self.QuickstartLog("Python2 OSX/Unix/Win Dropper written to: %spy_dropper.sh" % self.BaseDirectory) | |
32 | ||
33 | # get the python dropper template | |
34 | - with open("%sdropper.py" % PayloadTemplatesDirectory, 'r') as f: | |
35 | + with open("%sdropper.py.dat" % PayloadTemplatesDirectory, 'r') as f: | |
36 | dropper_file = f.read() | |
37 | ||
38 | # patch the key settings into the file |
2 | 2 | remove-posh-update.patch |
3 | 3 | dont-use-pipenv.patch |
4 | 4 | remove-git-usage.patch |
5 | rename-Implant-Core.py.patch | |
5 | rename-payload-templates.patch | |
6 | 6 | use-cryptodome.patch |
8 | 8 | override_dh_install: |
9 | 9 | dh_install |
10 | 10 | mv debian/poshc2/usr/share/poshc2/resources/payload-templates/Implant-Core.py debian/poshc2/usr/share/poshc2/resources/payload-templates/Implant-Core.py.dat |
11 | mv debian/poshc2/usr/share/poshc2/resources/payload-templates/dropper.py debian/poshc2/usr/share/poshc2/resources/payload-templates/dropper.py.dat |