Skip to content

Commit

Permalink
minor fixes
Browse files Browse the repository at this point in the history
  • Loading branch information
@mvelazc0
mvelazc0 committed Jul 11, 2021
1 parent 897f0b8 commit 7946b06
Show file tree
Hide file tree
Showing 4 changed files with 8 additions and 44 deletions.
10 changes: 5 additions & 5 deletions PurpleSharp/Lib/NamedPipes.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -192,24 +192,24 @@ public static SimulationPlaybook RunSimulationServiceSerialized(string npipe, st
PipeSecurity ps = new PipeSecurity();
ps.SetAccessRule(new PipeAccessRule(new SecurityIdentifier(WellKnownSidType.BuiltinUsersSid, null), PipeAccessRights.ReadWrite, AccessControlType.Allow));

logger.TimestampInfo("starting Simulator!");
//logger.TimestampInfo("starting Simulator!");
using (var pipeServer = new NamedPipeServerStream(npipe, PipeDirection.InOut, 1, PipeTransmissionMode.Message, PipeOptions.Asynchronous, 4028, 4028, ps))

{
SimulationResponse sim_response;
logger.TimestampInfo("Waiting for client connection...");
//logger.TimestampInfo("Waiting for client connection...");
pipeServer.WaitForConnection();
logger.TimestampInfo("Client connected.");
//logger.TimestampInfo("Client connected.");
var messageBytes = ReadMessage(pipeServer);
var line = Encoding.UTF8.GetString(messageBytes);
logger.TimestampInfo("Received from client: " + line);
//logger.TimestampInfo("Received from client: " + line);
SimulationRequest sim_request = JsonConvert.DeserializeObject<SimulationRequest>(line);

playbook = sim_request.playbook;
sim_response = new SimulationResponse("ACK");
byte[] bytes_sim_response = Encoding.UTF8.GetBytes(JsonConvert.SerializeObject(sim_response));
pipeServer.Write(bytes_sim_response, 0, bytes_sim_response.Length);
logger.TimestampInfo("Replied to client: " + Encoding.UTF8.GetString(bytes_sim_response));
//logger.TimestampInfo("Replied to client: " + Encoding.UTF8.GetString(bytes_sim_response));
pipeServer.Disconnect();
return playbook;
}
Expand Down
11 changes: 3 additions & 8 deletions PurpleSharp/Program.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -315,14 +315,13 @@ public static void Main(string[] args)
string json = File.ReadAllText(pb_file);
SimulationExercise engagement = Json.ReadSimulationPlaybook(json);
string currentPath = AppDomain.CurrentDomain.BaseDirectory;
Lib.Logger logger = new Lib.Logger(currentPath + log);
Logger logger = new Logger(currentPath + log);

if (engagement != null)
{
if (engagement.type.Equals("local"))
{
logger.TimestampInfo(String.Format("PurpleSharp will execute up to {0} playbook(s) locally", engagement.playbooks.Count));
//Console.WriteLine("[+] PurpleSharp will execute up to {0} playbook(s) locally", engagement.playbooks.Count);
SimulationPlaybook lastPlaybook = engagement.playbooks.Last();
string results ="";
foreach (SimulationPlaybook playbook in engagement.playbooks)
Expand Down Expand Up @@ -351,10 +350,8 @@ public static void Main(string[] args)
logger.TimestampInfo(String.Format("Sleeping {0} seconds until next playbook...", engagement.sleep));
Thread.Sleep(1000 * engagement.sleep );
}

}
}

logger.TimestampInfo("Writting JSON results...");
results = File.ReadAllText(log);
string output_file = pb_file.Replace(".json", "") + "_results.json";
Expand Down Expand Up @@ -836,14 +833,15 @@ public static SimulationPlaybookResult ExecuteRemoteTechniquesJsonSerialized(Sim
sim_request = new SimulationRequest("ACT");
result = NamedPipes.RunClientSerialized(playbook.remote_host, exercise.domain, exercise.username, exercise.password, scout_np, Encoding.UTF8.GetBytes(JsonConvert.SerializeObject(sim_request)));

System.Threading.Thread.Sleep(5000);
Thread.Sleep(5000);
bool finished = false;
int counter = 1;
string results = RemoteLauncher.readFile(playbook.remote_host, simfolder + log, exercise.username, exercise.password, exercise.domain);
while (finished == false)
{
if (results.Split('\n').Last().Contains("Playbook Finished"))
{

Console.WriteLine("[+] Results:");
Console.WriteLine();
Console.WriteLine(results);
Expand Down Expand Up @@ -1180,9 +1178,6 @@ public static void ExecutePlaybookTask(PlaybookTask playbook_task, string log)
else if (playbook_task.variation == 2) Simulations.LateralMovement.CreateRemoteServiceOnHosts(playbook_task, log);
else if (playbook_task.variation == 3) Simulations.LateralMovement.ModifyRemoteServiceOnHosts(playbook_task, log);
break;



// Collection

// Command and Control
Expand Down
1 change: 0 additions & 1 deletion PurpleSharp/Simulations/CredAccess.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -197,7 +197,6 @@ public static void LsassMemoryDump(string log)
{
logger.SimulationFailed(ex);
}

}

}
Expand Down
30 changes: 0 additions & 30 deletions PurpleSharp/Simulations/LateralMovement.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -248,35 +248,5 @@ static public void CreateSchTaskOnHostsCmdline(PlaybookTask playbook_task, strin
}
}

static public void CreateSchTaskOnHosts_Old(int nhost, int sleep, bool cleanup)
{
/*
var rand = new Random();
int computertype = rand.Next(1, 6);
List<Computer> targethosts = Lib.Targets.GetHostTargets(computertype, nhost);
List<Task> tasklist = new List<Task>();
Console.WriteLine("[*] Starting Scheduled Task based Lateral Movement simulation from {0} running as {1}", Environment.MachineName, WindowsIdentity.GetCurrent().Name);
if (sleep > 0) Console.WriteLine("[*] Sleeping {0} seconds between attempt", sleep);
foreach (Computer computer in targethosts)
{
if (!computer.Fqdn.ToUpper().Contains(Environment.MachineName.ToUpper()))
{
Computer temp = computer;
LateralMovementHelper.CreateRemoteScheduledTask(temp, "powershell.exe", cleanup);
tasklist.Add(Task.Factory.StartNew(() =>
{
LateralMovementHelper.CreateRemoteScheduledTask(computer, command, cleanup);
}));
if (sleep > 0) Thread.Sleep(sleep * 1000);
}
}
//Task.WaitAll(tasklist.ToArray());
*/

}

}
}

0 comments on commit 7946b06

Please sign in to comment.