From 0fc012e8320a252bff47f641623f81a290a1a4bc Mon Sep 17 00:00:00 2001 From: "Mariusz B. / mgeeky" Date: Wed, 24 Mar 2021 04:36:30 +0100 Subject: [PATCH] added channel all clear command --- red-teaming/C3-Client/README.md | 10 ++++++---- red-teaming/C3-Client/c3-client.py | 25 ++++++++++++++++++++++++- 2 files changed, 30 insertions(+), 5 deletions(-) diff --git a/red-teaming/C3-Client/README.md b/red-teaming/C3-Client/README.md index 3026e0f..13bcbdc 100644 --- a/red-teaming/C3-Client/README.md +++ b/red-teaming/C3-Client/README.md @@ -14,7 +14,7 @@ The script offers subcommands-kind of CLI interface, so after every command one ``` PS D:\> py c3-client.py --help - :: C3 Client - a lightweight automated companion with C3 voyages + :: F-Secure's C3 Client - a lightweight automated companion with C3 voyages Mariusz B. / mgeeky, usage: @@ -45,7 +45,7 @@ optional arguments: ``` PS D:\> py c3-client.py -f text http://192.168.0.200:52935 alarm relay --help - :: C3 Client - a lightweight automated companion with C3 voyages + :: F-Secure's C3 Client - a lightweight automated companion with C3 voyages Mariusz B. / mgeeky, usage: Usage: ./c3-client.py [options] [...] alarm relay [-h] [-e EXECUTE] [-x WEBHOOK] [-g gateway_id] @@ -81,6 +81,8 @@ Currently, following commands are supported: - `ping` - ping selected Relays - `channel` - channel-specific commands + - `all` + - `clear` - Clear message queue of every supported channel at once - `mattermost` - `clear` - Clear Mattermost's channel messages to improve bandwidth - `ldap` @@ -105,7 +107,7 @@ This example shows how to keep all of your Relays pinged every 45 seconds: ``` PS D:\> py c3-client.py http://192.168.0.200:52935 ping -k 45 - :: C3 Client - a lightweight automated companion with C3 voyages + :: F-Secure's C3 Client - a lightweight automated companion with C3 voyages Mariusz B. / mgeeky, [.] Sending a ping every 45 seconds. @@ -131,7 +133,7 @@ In this example setup an alarm that triggers upon new Relay checking-in. Wheneve ``` PS D:\> py c3-client.py http://192.168.0.200:52935 alarm relay -g gate4 --execute "powershell -file speak.ps1 -message \`"New C3 Relay Inbound: /, computer: \`"" - :: C3 Client - a lightweight automated companion with C3 voyages + :: F-Secure's C3 Client - a lightweight automated companion with C3 voyages Mariusz B. / mgeeky, [.] Entering infinite-loop awaiting for new Relays... diff --git a/red-teaming/C3-Client/c3-client.py b/red-teaming/C3-Client/c3-client.py index 89a27ce..41255a0 100644 --- a/red-teaming/C3-Client/c3-client.py +++ b/red-teaming/C3-Client/c3-client.py @@ -521,6 +521,21 @@ def getLastGatewayCommandID(gateway, secondOrder = True): return lastId +def onAllChannelsClear(args): + channels = { + 'LDAP' : onLDAPClear, + 'MSSQL' : onMSSQLClearTable, + 'Mattermost' : onMattermostPurge, + 'GoogleDrive' : onGoogleDriveClear, + 'Github' : onGithubClear, + 'Dropbox' : onDropboxClear, + 'UncShareFile' : onUncShareFileClear, + } + + for k, v in channels.items(): + print(f'\n[.] {k}: Clearing messages queue...') + v(args) + def onMattermostPurge(args): data = { 'data' : { @@ -1091,6 +1106,14 @@ def parseArgs(argv): parser_channel.add_argument('-g', '--gateway-id', metavar='gateway_id', help = 'ID (or Name) of the Gateway which Relays should be pinged. If not given, will ping all relays in all gateways.') parser_channel_sub = parser_channel.add_subparsers(help = 'Specify channel', required = True) + + ## All channels + all_channels = parser_channel_sub.add_parser('all', help = 'Commands that are common for all channels.') + all_channels_parser = all_channels.add_subparsers(help = 'Command to send', required = True) + + ### clear + all_channels_clear = all_channels_parser.add_parser('clear', help = 'Clear every channel\'s message queue.') + all_channels_clear.set_defaults(func = onAllChannelsClear) ## Mattermost mattermost = parser_channel_sub.add_parser('mattermost', help = 'Mattermost channel specific commands.') @@ -1171,7 +1194,7 @@ def parseArgs(argv): def main(argv): print(''' - :: C3 Client - a lightweight automated companion with C3 voyages + :: F-Secure's C3 Client - a lightweight automated companion with C3 voyages Mariusz B. / mgeeky, ''') parseArgs(argv)