Skip to content

Added Download capability#189

Open
Talismancer wants to merge 6 commits intot3l3machus:mainfrom
Talismancer:main
Open

Added Download capability#189
Talismancer wants to merge 6 commits intot3l3machus:mainfrom
Talismancer:main

Conversation

@Talismancer
Copy link

@Talismancer Talismancer commented Feb 26, 2025

Added a secure "download" command for injection into Linux (.sh) & Windows (.ps1) to download files from the target machine to the C2 hub (but not siblings at this stage).

Sample Download command:

download .\winpeas.bat /home/kali/winpeas.bat

@t3l3machus
Copy link
Owner

t3l3machus commented Feb 26, 2025

Ok, I will check it out @Talismancer, thank you. I generally try to add features that are fully functional (sibling servers as well). Let me see how you approached this and maybe we can co-author the complete solution, I'll get back to you.

@Talismancer
Copy link
Author

Talismancer commented Feb 27, 2025

I added a new port (in start_receiver_server() ) to receive the file with a threaded FileReceiverHandler to handle incoming files. A new global ticket variable that can be seen by the new thread is used to compare to the ticket on the incoming file. The injected scripts send headers that include the path that the handler uses to place the file in the correct location.
Appended yesterday: the new Utilities/Shell/download/http/src.sh injected script now operates correctly for Linux targets. I haven't touched src.bat yet.
I haven't looked into how you handle pass-off to siblings so I've yet to actually test across siblings.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@Talismancer @t3l3machus