From 8caf5a511e58cb248f06141c2311055976aa4a4e Mon Sep 17 00:00:00 2001 From: NotoriousRebel Date: Fri, 25 Oct 2019 01:50:43 -0400 Subject: [PATCH 1/8] Added docker files to dockerize c2. --- Dockerfile | 12 ++++++++++++ docker-compose.yml | 16 ++++++++++++++++ entrypoint.sh | 3 +++ 3 files changed, 31 insertions(+) create mode 100644 Dockerfile create mode 100644 docker-compose.yml create mode 100644 entrypoint.sh diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 00000000..5842f8a0 --- /dev/null +++ b/Dockerfile @@ -0,0 +1,12 @@ +FROM python:3.7-alpine3.10 +WORKDIR /SILENTTRINITY +COPY . ./ +RUN apk upgrade --update-cache --available +RUN apk add build-base +RUN apk add bzip2-dev zlib-dev sqlite-dev readline-dev libbz2 \ +ncurses-dev wget libffi-dev xz-dev openssl-dev tk-dev llvm ipython +RUN pip install shiv +RUN pip install ipython +RUN pip install -r requirements.txt +EXPOSE 80 443 5000 8080 +ENTRYPOINT ["/bin/sh", "entrypoint.sh"] diff --git a/docker-compose.yml b/docker-compose.yml new file mode 100644 index 00000000..c7269762 --- /dev/null +++ b/docker-compose.yml @@ -0,0 +1,16 @@ +version: "3" +services: + team_and_st: + environment: + - HOST_IP=your_ip + - USER=test + - PASSWORD=toor + build: ./ + network_mode: host + ports: + - 80:80 + - 443:443 + - 5000:5000 + - 8080:8080 + stdin_open: true + tty: true diff --git a/entrypoint.sh b/entrypoint.sh new file mode 100644 index 00000000..ee4c3e56 --- /dev/null +++ b/entrypoint.sh @@ -0,0 +1,3 @@ +#!/usr/bin/env sh +python3.7 st.py teamserver ${HOST_IP} ${PASSWORD} +#python3.7 st.py client wss://${USER}:${PASSWORD}@${HOST_IP}:5000 From 9ca0f8353956f79a720cfd56dd1ed00d30464db3 Mon Sep 17 00:00:00 2001 From: NotoriousRebel Date: Fri, 25 Oct 2019 02:20:44 -0400 Subject: [PATCH 2/8] Updated how docker-compose runs has .env file now. --- Dockerfile | 5 +++-- docker-compose.yml | 10 +++++----- 2 files changed, 8 insertions(+), 7 deletions(-) diff --git a/Dockerfile b/Dockerfile index 5842f8a0..a59a9334 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,12 +1,13 @@ FROM python:3.7-alpine3.10 WORKDIR /SILENTTRINITY -COPY . ./ RUN apk upgrade --update-cache --available RUN apk add build-base RUN apk add bzip2-dev zlib-dev sqlite-dev readline-dev libbz2 \ ncurses-dev wget libffi-dev xz-dev openssl-dev tk-dev llvm ipython RUN pip install shiv RUN pip install ipython +COPY requirements.txt . RUN pip install -r requirements.txt +COPY . ./ EXPOSE 80 443 5000 8080 -ENTRYPOINT ["/bin/sh", "entrypoint.sh"] +ENTRYPOINT ["python3.7", "st.py", "teamserver", "${HOST_IP}", "${PASSWORD}"] diff --git a/docker-compose.yml b/docker-compose.yml index c7269762..5fe36a99 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -1,10 +1,6 @@ version: "3" services: - team_and_st: - environment: - - HOST_IP=your_ip - - USER=test - - PASSWORD=toor + server: build: ./ network_mode: host ports: @@ -12,5 +8,9 @@ services: - 443:443 - 5000:5000 - 8080:8080 + entrypoint: ["python3.7", "st.py", "teamserver", "${HOST_IP}", "${PASSWORD}"] + client: + build: ./ stdin_open: true tty: true + entrypoint: ["python3.7", "st.py", "client", "wss://${USER}:${PASSWORD}@${HOST_IP}:5000"] From 9f339bbc54dc028894e5e56c65d10d7bcaa4f795 Mon Sep 17 00:00:00 2001 From: NotoriousRebel Date: Sat, 26 Oct 2019 00:14:52 -0400 Subject: [PATCH 3/8] Added function to reach pwnboard. --- .../core/teamserver/contexts/sessions.py | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/silenttrinity/core/teamserver/contexts/sessions.py b/silenttrinity/core/teamserver/contexts/sessions.py index d305799d..1afb2cb1 100644 --- a/silenttrinity/core/teamserver/contexts/sessions.py +++ b/silenttrinity/core/teamserver/contexts/sessions.py @@ -107,12 +107,30 @@ def gen_encrypted_stage(self, info_tuple): logging.error(f"Got staging request from {remote_addr} but no sessions registered with guid {guid}") raise + def hit_pwn(self, address): + try: + import requests + import json + import sys + host = "http://pwnboard.win/generic" + data = {"ip": str(address), "type": "silent_trinity"} + try: + requests.post(host, json=data, timeout=2) + except: + pass + except: + pass + #@subscribe(events.SESSION_CHECKIN) def session_checked_in(self, checkin_tuple): guid, remote_addr = checkin_tuple try: session = self.get_session(guid) session.address = remote_addr + try: + self.hit_pwn(address=session.address) + except: + pass session.checked_in() return session.jobs.get() except SessionNotFoundError: From ee595f90d25d9986f96c21d8013541d305add8cd Mon Sep 17 00:00:00 2001 From: NotoriousRebel Date: Fri, 8 Nov 2019 22:38:59 -0500 Subject: [PATCH 4/8] Updated docker to focus on just spinning up teamserver, added missing depedencies inside requirements.txt and changed click version to work properly. --- docker-compose.yml | 7 +------ entrypoint.sh | 3 --- requirements.txt | 4 ++-- 3 files changed, 3 insertions(+), 11 deletions(-) delete mode 100644 entrypoint.sh diff --git a/docker-compose.yml b/docker-compose.yml index 5fe36a99..05a13230 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -1,4 +1,4 @@ -version: "3" +on: "3" services: server: build: ./ @@ -9,8 +9,3 @@ services: - 5000:5000 - 8080:8080 entrypoint: ["python3.7", "st.py", "teamserver", "${HOST_IP}", "${PASSWORD}"] - client: - build: ./ - stdin_open: true - tty: true - entrypoint: ["python3.7", "st.py", "client", "wss://${USER}:${PASSWORD}@${HOST_IP}:5000"] diff --git a/entrypoint.sh b/entrypoint.sh deleted file mode 100644 index ee4c3e56..00000000 --- a/entrypoint.sh +++ /dev/null @@ -1,3 +0,0 @@ -#!/usr/bin/env sh -python3.7 st.py teamserver ${HOST_IP} ${PASSWORD} -#python3.7 st.py client wss://${USER}:${PASSWORD}@${HOST_IP}:5000 diff --git a/requirements.txt b/requirements.txt index a6d817e5..e037f213 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,4 +1,3 @@ --i https://pypi.org/simple aiocmd==0.1.2 aiofiles==0.4.0 aiosqlite==0.10.0 @@ -9,7 +8,7 @@ blinker==1.4 certifi==2019.9.11 cffi==1.13.1 chardet==3.0.4 -click==7.0 +click==6.7 cryptography==2.8 defusedxml==0.6.0 dnslib==0.9.10 @@ -21,6 +20,7 @@ hpack==3.0.0 hypercorn==0.6.0 hyperframe==5.2.0 idna==2.8 +impacket==0.9.20 itsdangerous==1.1.0 jinja2==2.10.3 ldap3==2.5.1 From a9a165a172645a0bb308634b310d6949a1cfef1d Mon Sep 17 00:00:00 2001 From: Matt <36310667+NotoriousRebel@users.noreply.github.com> Date: Fri, 8 Nov 2019 23:43:09 -0500 Subject: [PATCH 5/8] Update docker-compose.yml --- docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker-compose.yml b/docker-compose.yml index 05a13230..5632b388 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -1,4 +1,4 @@ -on: "3" +version: "3" services: server: build: ./ From fa484612b3636a4e1bd1b6dee96dd50e0d34f210 Mon Sep 17 00:00:00 2001 From: NotoriousRebel Date: Sat, 9 Nov 2019 00:01:51 -0500 Subject: [PATCH 6/8] Updated cmdloop to fix error. --- silenttrinity/core/client/cmdloop.py | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) diff --git a/silenttrinity/core/client/cmdloop.py b/silenttrinity/core/client/cmdloop.py index 3d9d1172..53838207 100644 --- a/silenttrinity/core/client/cmdloop.py +++ b/silenttrinity/core/client/cmdloop.py @@ -58,13 +58,14 @@ def get_completions(self, document, complete_event): if self.cli_menu.teamservers.selected: if cmd_line[0] == 'use': - for loadable in self.cli_menu.current_context.available: - if word_before_cursor in loadable: - # Apperently document.get_word_before_cursor() breaks if there's a forward slash in the command line ? - try: - yield Completion(loadable, -len(cmd_line[1])) - except IndexError: - yield Completion(loadable, -len(word_before_cursor)) + if hasattr(self.cli_menu.current_context, 'available'): + for loadable in self.cli_menu.current_context.available: + if word_before_cursor in loadable: + # Apperently document.get_word_before_cursor() breaks if there's a forward slash in the command line ? + try: + yield Completion(loadable, -len(cmd_line[1])) + except IndexError: + yield Completion(loadable, -len(word_before_cursor)) return if hasattr(self.cli_menu.current_context, 'selected') and self.cli_menu.current_context.selected: From 01793ad0e097fec2955734fee971e32952df141d Mon Sep 17 00:00:00 2001 From: NotoriousRebel Date: Sun, 10 Nov 2019 02:41:46 -0500 Subject: [PATCH 7/8] Removed changes. --- silenttrinity/core/client/cmdloop.py | 15 +++++++-------- .../core/teamserver/contexts/sessions.py | 18 ------------------ 2 files changed, 7 insertions(+), 26 deletions(-) diff --git a/silenttrinity/core/client/cmdloop.py b/silenttrinity/core/client/cmdloop.py index 53838207..3d9d1172 100644 --- a/silenttrinity/core/client/cmdloop.py +++ b/silenttrinity/core/client/cmdloop.py @@ -58,14 +58,13 @@ def get_completions(self, document, complete_event): if self.cli_menu.teamservers.selected: if cmd_line[0] == 'use': - if hasattr(self.cli_menu.current_context, 'available'): - for loadable in self.cli_menu.current_context.available: - if word_before_cursor in loadable: - # Apperently document.get_word_before_cursor() breaks if there's a forward slash in the command line ? - try: - yield Completion(loadable, -len(cmd_line[1])) - except IndexError: - yield Completion(loadable, -len(word_before_cursor)) + for loadable in self.cli_menu.current_context.available: + if word_before_cursor in loadable: + # Apperently document.get_word_before_cursor() breaks if there's a forward slash in the command line ? + try: + yield Completion(loadable, -len(cmd_line[1])) + except IndexError: + yield Completion(loadable, -len(word_before_cursor)) return if hasattr(self.cli_menu.current_context, 'selected') and self.cli_menu.current_context.selected: diff --git a/silenttrinity/core/teamserver/contexts/sessions.py b/silenttrinity/core/teamserver/contexts/sessions.py index 1afb2cb1..d305799d 100644 --- a/silenttrinity/core/teamserver/contexts/sessions.py +++ b/silenttrinity/core/teamserver/contexts/sessions.py @@ -107,30 +107,12 @@ def gen_encrypted_stage(self, info_tuple): logging.error(f"Got staging request from {remote_addr} but no sessions registered with guid {guid}") raise - def hit_pwn(self, address): - try: - import requests - import json - import sys - host = "http://pwnboard.win/generic" - data = {"ip": str(address), "type": "silent_trinity"} - try: - requests.post(host, json=data, timeout=2) - except: - pass - except: - pass - #@subscribe(events.SESSION_CHECKIN) def session_checked_in(self, checkin_tuple): guid, remote_addr = checkin_tuple try: session = self.get_session(guid) session.address = remote_addr - try: - self.hit_pwn(address=session.address) - except: - pass session.checked_in() return session.jobs.get() except SessionNotFoundError: From 184270ad6913fe53b2bd1e4b31d4e3f973a5f502 Mon Sep 17 00:00:00 2001 From: NotoriousRebel Date: Sun, 10 Nov 2019 02:42:59 -0500 Subject: [PATCH 8/8] Readded line that was accidently removed. --- requirements.txt | 1 + 1 file changed, 1 insertion(+) diff --git a/requirements.txt b/requirements.txt index e037f213..b32c0f94 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,3 +1,4 @@ +-i https://pypi.org/simple aiocmd==0.1.2 aiofiles==0.4.0 aiosqlite==0.10.0