forked from nettitude/PoshC2_Old
-
Notifications
You must be signed in to change notification settings - Fork 0
/
C2-Viewer.ps1
95 lines (82 loc) · 4.18 KB
/
C2-Viewer.ps1
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
<#
.Synopsis
C2-Viewer cmdlet for the PowershellC2 to view the db when using the team server
.EXAMPLE
C2-Viewer -FolderPath C:\Temp\PoshC2-031120161055
#>
function C2-Viewer
{
[CmdletBinding(DefaultParameterSetName = "FolderPath")]
Param
(
[Parameter(ParameterSetName = "FolderPath", Mandatory = $false)]
[string]
$FolderPath,
[string]
$PoshPath
)
if (!$FolderPath) {
$FolderPath = Read-Host -Prompt `n'Enter the root folder path of the Database/Project'
# do you want a read-only c2 server window
}
if (!$PoshPath) {
$PoshPath = Read-Host -Prompt `n'Enter the PoshC2 path'
# do you want a read-only c2 server window
}
$slash = $FolderPath -match '.+[^\\]\\$'
if ($slash) {
$FolderPath = $FolderPath.TrimEnd('\')
}
$defaultrows = 10
$prompt = Read-Host -Prompt "How many previous rows do you want to show, Number or ALL? [$($defaultrows)]"
$defaultrows = ($defaultrows,$prompt)[[bool]$prompt]
if ($defaultrows -eq "ALL"){[INT]$defaultrowstotal=99999} else {[INT]$defaultrowstotal=[INT]$defaultrows}
Clear-Host
Write-Host -Object ""
Write-Host -Object "__________ .__. _________ ________ " -ForegroundColor Green
Write-Host -Object "\_______ \____ _____| |__ \_ ___ \ \_____ \ " -ForegroundColor Green
Write-Host -Object " | ___/ _ \/ ___/ | \ / \ \/ / ____/ " -ForegroundColor Green
Write-Host -Object " | | ( <_> )___ \| Y \ \ \____/ \ " -ForegroundColor Green
Write-Host -Object " |____| \____/____ >___| / \______ /\_______ \" -ForegroundColor Green
Write-Host -Object " \/ \/ \/ \/" -ForegroundColor Green
Write-Host "=============== v2.2 www.PoshC2.co.uk ==============" -ForegroundColor Green
Write-Host "====================================================" `n -ForegroundColor Green
# initiate defaults
$Database = "$FolderPath\PowershellC2.SQLite"
$p = $env:PsModulePath
$p += ";$PoshPath"
[Environment]::SetEnvironmentVariable("PSModulePath",$p)
Import-Module -Name PSSQLite
Start-Process powershell.exe -ArgumentList "-exec bypass -c import-module $poshpath\implant-handler.ps1; Implant-Handler -FolderPath '$folderpath' -PoshPath '$poshpath'"
$count = Invoke-SqliteQuery -DataSource $Database -Query "SELECT COUNT() FROM CompletedTasks" -as SingleValue
$resultsdb = Invoke-SqliteQuery -DataSource $Database -Query "SELECT * FROM CompletedTasks ORDER BY CompletedTaskID DESC LIMIT $defaultrowstotal" -as PSObject
foreach ($test in $resultsdb)
{
$ranuri = $test.RandomURI
$im_result = Invoke-SqliteQuery -DataSource $Database -Query "SELECT * FROM Implants WHERE RandomURI='$ranuri'" -as PSObject
$implanthost = $im_result.User
$im = Invoke-SqliteQuery -DataSource $Database -Query "SELECT User FROM Implants WHERE RandomURI='$ranuri'" -as SingleValue
$taskcompledtime = $test.TaskID
Write-Host $test.Command -ForegroundColor Yellow
Write-Host "Command returned against host:" $im_result.Hostname $im_result.Domain "($taskcompledtime)" -ForegroundColor Green
Write-Host -Object $test.Output -ForegroundColor Green
$taskiddb ++
}
$count ++
while ($true) {
$resultsdb = Invoke-SqliteQuery -DataSource $Database -Query "SELECT * FROM CompletedTasks WHERE CompletedTaskID=$count" -as PSObject
if ($resultsdb)
{
$ranuri = $resultsdb.RandomURI
$im_result = Invoke-SqliteQuery -DataSource $Database -Query "SELECT * FROM Implants WHERE RandomURI='$ranuri'" -as PSObject
$implanthost = $im_result.User
$im = Invoke-SqliteQuery -DataSource $Database -Query "SELECT User FROM Implants WHERE RandomURI='$ranuri'" -as SingleValue
$taskcompledtime = $resultsdb.TaskID
Write-Host $resultsdb.Command -ForegroundColor Yellow
Write-Host "Command returned against host:" $im_result.Hostname $im_result.Domain "($taskcompledtime)" -ForegroundColor Green
Write-Host -Object $resultsdb.Output -ForegroundColor Green
$taskiddb ++
$count ++
}
}
}