import base64
class TuoniDefaultCommand:
"""
Internal class used by default commands provided
"""
def __init__(self, command_type, command_conf):
self.command_type = command_type
self.command_conf = command_conf
self.execution_conf = None
self.files = None
class TuoniDefaultPluginCommand(TuoniDefaultCommand):
"""
Internal class used by default plugin commands provided
"""
def __init__(self, command_type, command_conf, execution_conf = None):
super().__init__(command_type, command_conf)
if isinstance(execution_conf, ExecutionNew):
self.execution_conf = {
"execType": "NEW",
"executable": execution_conf.proc_name,
"suspended": execution_conf.suspended,
"ppid": execution_conf.ppid,
"username": execution_conf.username,
"password": execution_conf.password
}
elif isinstance(execution_conf, ExecutionExisting):
self.execution_conf = {
"execType": "EXISTING",
"pid": execution_conf.pid
}
else:
self.execution_conf = execution_conf
[docs]
class ExecutionNew:
"""
Execution context 'NEW' helper class
"""
def __init__(self, proc_name="notepad.exe", suspended=True, ppid = None, username = None, password = None):
"""
Constructor
Attributes:
proc_name (str): Executable to use for process creation
suspended (bool): Should the process be suspended
ppid (int): Faked parent PID
username (str): Executing new process as other user
password (str): Password for the user
"""
self.proc_name = proc_name
self.suspended = suspended
self.ppid = ppid
self.username = username
self.password = password
[docs]
class ExecutionExisting:
"""
Execution context 'EXISTING' helper class
"""
def __init__(self, pid):
"""
Constructor
Attributes:
pid (int): PID of the process where injection should happen
suspended (bool): Should the process be suspended
"""
self.pid = pid
#########################
## Native commands
#########################
[docs]
class TuoniCommandBof(TuoniDefaultCommand):
"""
Default command type "bof" helper class
"""
_class_base_type = "bof"
def __init__(self, bof_file, method = "go", inputArgs = None, inputArgsEncoding = None, inputAsBytes = None, pack_format = None, pack_args = None, designated_thread = None, keep_in_memory = None):
super().__init__("bof", {"method": method, "inputArgs": inputArgs, "inputArgsEncoding": inputArgsEncoding, "inputAsBytes": inputAsBytes, "pack_format": pack_format, "pack_args": pack_args, "designated_thread": designated_thread, "keep_in_memory": keep_in_memory})
self.files = {"bofFile": ["filename.bin", bof_file]}
[docs]
class TuoniCommandCd(TuoniDefaultCommand):
"""
Default command type "cd" helper class
"""
_class_base_type = "cd"
def __init__(self, dir):
super().__init__("cd", {"dir": dir})
[docs]
class TuoniCommandDie(TuoniDefaultCommand):
"""
Default command type "die" helper class
"""
_class_base_type = "die"
def __init__(self):
super().__init__("die", {})
[docs]
class TuoniCommandLs(TuoniDefaultCommand):
"""
Default command type "ls" helper class
"""
_class_base_type = "ls"
def __init__(self, dir, depth = 1):
super().__init__("ls", {"dir": dir, "depth": depth})
[docs]
class TuoniCommandCmd(TuoniDefaultPluginCommand):
"""
Default command type "cmd" helper class
"""
_class_base_type = "cmd"
def __init__(self, command, stdin = None, outputEncoding = None):
super().__init__("cmd", {"command": command, "stdin": stdin, "outputEncoding": outputEncoding})
[docs]
class TuoniCommandJobs(TuoniDefaultPluginCommand):
"""
Default command type "jobs" helper class
"""
_class_base_type = "jobs"
def __init__(self):
super().__init__("jobs", {})
[docs]
class TuoniCommandProclist(TuoniDefaultPluginCommand):
"""
Default command type "ps" helper class
"""
_class_base_type = "ps"
def __init__(self):
super().__init__("ps", {})
[docs]
class TuoniCommandRun(TuoniDefaultPluginCommand):
"""
Default command type "run" helper class
"""
_class_base_type = "run"
def __init__(self, cmdline, output = True, stdin = None, unicode = None, outputEncoding = None):
super().__init__("run", {"cmdline": cmdline, "output": output, "stdin": stdin, "unicode": unicode, "outputEncoding": outputEncoding})
class TuoniCommandRunas(TuoniDefaultPluginCommand):
"""
Default command type "runas" helper class
"""
_class_base_type = "run"
def __init__(self, cmdline, username, password, output = True, stdin = None, unicode = None, outputEncoding = None):
super().__init__("run", {"cmdline": cmdline, "username": username, "password": password, "output": output, "stdin": stdin, "unicode": unicode, "outputEncoding": outputEncoding})
[docs]
class TuoniCommandPowershell(TuoniDefaultPluginCommand):
"""
Default command type "powershell" helper class
"""
_class_base_type = "powershell"
def __init__(self, command = None, stdin = None, outputEncoding = None):
super().__init__("powershell", {"command": command, "stdin": stdin, "outputEncoding": outputEncoding})
[docs]
class TuoniCommandSleep(TuoniDefaultPluginCommand):
"""
Default command type "sleep" helper class
"""
_class_base_type = "sleep"
def __init__(self, sleep_time, sleep_random):
super().__init__("sleep", {"sleep": sleep_time, "sleepRandom": sleep_random})
#########################
## Native token commands
#########################
[docs]
class TuoniCommandTokenSteal(TuoniDefaultPluginCommand):
"""
Default command type "token-steal" helper class
"""
_class_base_type = "token-steal"
def __init__(self, pid):
super().__init__("token-steal", {"pid": pid})
[docs]
class TuoniCommandTokenDeleteAll(TuoniDefaultPluginCommand):
"""
Default command type "token-del-all" helper class
"""
_class_base_type = "token-del-all"
def __init__(self):
super().__init__("token-del-all", {})
[docs]
class TuoniCommandTokenDelete(TuoniDefaultPluginCommand):
"""
Default command type "token-del" helper class
"""
_class_base_type = "token-del"
def __init__(self, nr):
super().__init__("token-del", {"nr": nr})
[docs]
class TuoniCommandTokenList(TuoniDefaultPluginCommand):
"""
Default command type "token-list" helper class
"""
_class_base_type = "token-list"
def __init__(self):
super().__init__("token-list", {})
[docs]
class TuoniCommandTokenMake(TuoniDefaultPluginCommand):
"""
Default command type "token-make" helper class
"""
_class_base_type = "token-make"
def __init__(self, username, password):
super().__init__("token-make", {"username": username, "password": password})
[docs]
class TuoniCommandTokenUse(TuoniDefaultPluginCommand):
"""
Default command type "token-use" helper class
"""
_class_base_type = "token-use"
def __init__(self, nr):
super().__init__("token-use", {"nr": nr})
class TuoniCommandTokenFromHandle(TuoniDefaultPluginCommand):
"""
Default command type "token-from-handle" helper class
"""
_class_base_type = "token-from-handle"
def __init__(self, handle):
super().__init__("token-from-handle", {"handle": handle})
#########################
## Plugin FS commands
#########################
[docs]
class TuoniCommandRm(TuoniDefaultPluginCommand):
"""
Default command type "rm" helper class
"""
_class_base_type = "rm"
def __init__(self, filepath, execution_conf = None):
super().__init__("rm", {"filepath": filepath}, execution_conf)
class TuoniCommandRmdir(TuoniDefaultPluginCommand):
"""
Default command type "rmdir" helper class
"""
_class_base_type = "rmdir"
def __init__(self, dirpath, execution_conf = None):
super().__init__("rmdir", {"dirpath": dirpath}, execution_conf)
[docs]
class TuoniCommandDownload(TuoniDefaultPluginCommand):
"""
Default command type "download" helper class
"""
_class_base_type = "download"
def __init__(self, filepath, execution_conf = None):
super().__init__("download", {"filepath": filepath}, execution_conf)
[docs]
class TuoniCommandUpload(TuoniDefaultPluginCommand):
"""
Default command type "upload" helper class
"""
_class_base_type = "upload"
def __init__(self, filepath, data, execution_conf = None):
super().__init__("upload", {"filepath": filepath}, execution_conf)
self.files = {"file": ["filename.bin", data]}
[docs]
class TuoniCommandCp(TuoniDefaultPluginCommand):
"""
Default command type "cp" helper class
"""
_class_base_type = "cp"
def __init__(self, source, destination, execution_conf = None):
super().__init__("cp", {"source": source, "destination": destination}, execution_conf)
[docs]
class TuoniCommandMv(TuoniDefaultPluginCommand):
"""
Default command type "mv" helper class
"""
_class_base_type = "mv"
def __init__(self, source, destination, execution_conf = None):
super().__init__("mv", {"source": source, "destination": destination}, execution_conf)
[docs]
class TuoniCommandMkdir(TuoniDefaultPluginCommand):
"""
Default command type "mkdir" helper class
"""
_class_base_type = "mkdir"
def __init__(self, dirpath, execution_conf = None):
super().__init__("mkdir", {"dirpath": dirpath}, execution_conf)
#########################
## Plugin NET commands
#########################
[docs]
class TuoniCommandSocks5(TuoniDefaultPluginCommand):
"""
Default command type "socks5" helper class
"""
_class_base_type = "socks5"
def __init__(self, port, execution_conf = None):
super().__init__("socks5", {"port": port}, execution_conf)
[docs]
class TuoniCommandConnectTcp(TuoniDefaultPluginCommand):
"""
Default command type "connect-tcp" helper class
"""
_class_base_type = "connect-tcp"
def __init__(self, host, port, execution_conf = None):
super().__init__("connect-tcp", {"host": host, "port": port}, execution_conf)
class TuoniCommandConnectSmb(TuoniDefaultPluginCommand):
"""
Default command type "connect-smb" helper class
"""
_class_base_type = "connect-smb"
def __init__(self, host, pipename, execution_conf = None):
super().__init__("connect-smb", {"host": host, "pipename": pipename}, execution_conf)
class TuoniCommandConnectRportfwd(TuoniDefaultPluginCommand):
"""
Default command type "rportfwd" helper class
"""
_class_base_type = "rportfwd"
def __init__(self, bindPort, forwardHost, forwardPort, bindIp = None, execution_conf = None):
super().__init__("rportfwd", {"bindPort": bindPort, "forwardHost": forwardHost, "forwardPort": forwardPort, "bindIp": bindIp}, execution_conf)
#########################
## Plugin OS commands
#########################
[docs]
class TuoniCommandexecuteAssembly(TuoniDefaultPluginCommand):
"""
Default command type "execute-assembly" helper class
"""
_class_base_type = "execute-assembly"
def __init__(self, executable, parameters, execution_conf = None):
super().__init__("execute-assembly", {"parameters": parameters}, execution_conf)
self.files = {"executable": ["filename.bin", executable]}
[docs]
class TuoniCommandInject(TuoniDefaultPluginCommand):
"""
Default command type "inject" helper class
"""
_class_base_type = "inject"
def __init__(self, shellcode, execution_conf = None):
super().__init__("inject", {}, execution_conf)
self.files = {"shellcode": ["filename.bin", shellcode]}
[docs]
class TuoniCommandProcinfo(TuoniDefaultPluginCommand):
"""
Default command type "procinfo" helper class
"""
_class_base_type = "procinfo"
def __init__(self, execution_conf = None):
super().__init__("procinfo", {}, execution_conf)
[docs]
class TuoniCommandScreenshot(TuoniDefaultPluginCommand):
"""
Default command type "screenshot" helper class
"""
_class_base_type = "screenshot"
def __init__(self, execution_conf = None):
super().__init__("screenshot", {}, execution_conf)
[docs]
class TuoniCommandSpawn(TuoniDefaultPluginCommand):
"""
Default command type "spawn" helper class
"""
_class_base_type = "spawn"
def __init__(self, payloadId, encrypted_communication = True, execution_conf = None):
super().__init__("spawn", {"payloadId": payloadId, "encryptedCommunication": encrypted_communication}, execution_conf)
[docs]
class TuoniCommandJumpService(TuoniDefaultPluginCommand):
"""
Default command type "jump-service" helper class
"""
_class_base_type = "jump-service"
def __init__(self, payloadId = None, copyMethod = None, copyPath = None, target = None, servicePath = None, serviceName = None, serviceDisplayName = None, cleanup = None, username = None, password = None, execution_conf = None):
super().__init__("jump-service", {"payloadId": payloadId, "copyMethod": copyMethod, "copyPath": copyPath, "target": target, "servicePath": servicePath, "serviceName": serviceName, "serviceDisplayName": serviceDisplayName, "cleanup": cleanup, "username": username, "password": password}, execution_conf)
[docs]
class TuoniCommandJumpWinrm(TuoniDefaultPluginCommand):
"""
Default command type "jump-winrm" helper class
"""
_class_base_type = "jump-winrm"
def __init__(self, payloadId = None, copyMethod = None, copyPath = None, target = None, executablePath = None, customPowershell = None, username = None, password = None, execution_conf = None):
super().__init__("jump-winrm", {"payloadId": payloadId, "copyMethod": copyMethod, "copyPath": copyPath, "target": target, "executablePath": executablePath, "customPowershell": customPowershell, "username": username, "password": password}, execution_conf)
[docs]
class TuoniCommandJumpWmi(TuoniDefaultPluginCommand):
"""
Default command type "jump-wmi" helper class
"""
_class_base_type = "jump-wmi"
def __init__(self, payloadId = None, copyMethod = None, copyPath = None, target = None, cmdline = None, username = None, password = None, execution_conf = None):
super().__init__("jump-wmi", {"payloadId": payloadId, "copyMethod": copyMethod, "copyPath": copyPath, "target": target, "cmdline": cmdline, "username": username, "password": password}, execution_conf)
[docs]
class TuoniCommandJumpSsh(TuoniDefaultPluginCommand):
"""
Default command type "jump-ssh" helper class
"""
_class_base_type = "jump-ssh"
def __init__(self, payloadId = None, copyMethod = None, copyPath = None, target = None, cmdline = None, username = None, password = None, privateKeyPEM = None, privateKeyPassword = None, execution_conf = None):
super().__init__("jump-ssh", {"payloadId": payloadId, "copyMethod": copyMethod, "copyPath": copyPath, "target": target, "cmdline": cmdline, "username": username, "password": password, "privateKeyPassword": privateKeyPassword}, execution_conf)
self.files = {"privateKeyPEM": ["private.pem", privateKeyPEM]}
#########################
## Other commands
#########################
[docs]
class TuoniCommandReverseShellCommunication(TuoniDefaultCommand):
"""
Default command type "reverse-shell-communication" helper class
"""
def __init__(self, input):
super().__init__("reverse-shell-communication", {"input": input})
#########################
## Commercial native commands
#########################
class TuoniCommandChmod(TuoniDefaultCommand):
"""
Commercial command type "chmod" helper class
"""
_class_base_type = "chmod"
def __init__(self, path, access):
super().__init__("chmod", {"path": path, "access": access})
class TuoniCommandSh(TuoniDefaultPluginCommand):
"""
Commercial command type "sh" helper class
"""
_class_base_type = "sh"
def __init__(self, command, stdin = None):
super().__init__("sh", {"command": command, "stdin": stdin})
#########################
## Commercial plugin commands
#########################
class TuoniCommandAmsibypass(TuoniDefaultPluginCommand):
"""
Commercial command type "amsi-bypass" helper class
"""
_class_base_type = "amsi-bypass"
def __init__(self, execution_conf = None):
super().__init__("amsi-bypass", {}, execution_conf)
class TuoniCommandEnvvarset(TuoniDefaultPluginCommand):
"""
Commercial command type "env-var-set" helper class
"""
_class_base_type = "env-var-set"
def __init__(self, name, value, envVarScope, execution_conf = None):
super().__init__("env-var-set", {"name": name, "value": value, "envVarScope": envVarScope}, execution_conf)
class TuoniCommandEnvvarunset(TuoniDefaultPluginCommand):
"""
Commercial command type "env-var-unset" helper class
"""
_class_base_type = "env-var-unset"
def __init__(self, name, envVarScope, execution_conf = None):
super().__init__("env-var-unset", {"name": name, "envVarScope": envVarScope}, execution_conf)
class TuoniCommandKeylogger(TuoniDefaultPluginCommand):
"""
Commercial command type "keylogger" helper class
"""
_class_base_type = "keylogger"
def __init__(self, execution_conf = None):
super().__init__("keylogger", {}, execution_conf)
class TuoniCommandKill(TuoniDefaultPluginCommand):
"""
Commercial command type "kill" helper class
"""
_class_base_type = "kill"
def __init__(self, pid, execution_conf = None):
super().__init__("kill", {"pid": pid}, execution_conf)
class TuoniCommandLoaddll(TuoniDefaultPluginCommand):
"""
Commercial command type "load-dll" helper class
"""
_class_base_type = "load-dll"
def __init__(self, methodName, localDllPath = None, parameterTypes = None, parameterValues = None, returnType = None, dll = None, execution_conf = None):
super().__init__("load-dll", {"localDllPath": localDllPath, "methodName": methodName, "parameterTypes": parameterTypes, "parameterValues": parameterValues, "returnType": returnType}, execution_conf)
if dll is not None:
self.files = {"dll": ["filename.dll", dll]}
class TuoniCommandLoadelf(TuoniDefaultPluginCommand):
"""
Commercial command type "load-elf" helper class
"""
_class_base_type = "load-elf"
def __init__(self, localExecutable = None, commandline = None, maxWaitTime = None, executable = None, execution_conf = None):
super().__init__("load-elf", {"localExecutable": localExecutable, "commandline": commandline, "maxWaitTime": maxWaitTime}, execution_conf)
if executable is not None:
self.files = {"executable": ["executable", executable]}
class TuoniCommandLoadpe(TuoniDefaultPluginCommand):
"""
Commercial command type "load-pe" helper class
"""
_class_base_type = "load-pe"
def __init__(self, localExecutable = None, commandline = None, imageName = None, maxWaitTime = None, executable = None, execution_conf = None):
super().__init__("load-pe", {"localExecutable": localExecutable, "commandline": commandline, "imageName": imageName, "maxWaitTime": maxWaitTime}, execution_conf)
if executable is not None:
self.files = {"executable": ["executable.exe", executable]}
class TuoniCommandMemorylayout(TuoniDefaultPluginCommand):
"""
Commercial command type "memory-layout" helper class
"""
_class_base_type = "memory-layout"
def __init__(self, pid = None, execution_conf = None):
super().__init__("memory-layout", {"pid": pid}, execution_conf)
class TuoniCommandMimikatz(TuoniDefaultPluginCommand):
"""
Commercial command type "mimikatz" helper class
"""
_class_base_type = "mimikatz"
def __init__(self, command, execution_conf = None):
super().__init__("mimikatz", {"command": command}, execution_conf)
class TuoniCommandScreentracker(TuoniDefaultPluginCommand):
"""
Commercial command type "screen-tracker" helper class
"""
_class_base_type = "screen-tracker"
def __init__(self, interval = None, timeout = None, difference = None, difference_pixels = None, execution_conf = None):
super().__init__("screen-tracker", {"interval": interval, "timeout": timeout, "difference": difference, "difference_pixels": difference_pixels}, execution_conf)
class TuoniCommandSuspend(TuoniDefaultPluginCommand):
"""
Commercial command type "suspend" helper class
"""
_class_base_type = "suspend"
def __init__(self, pid, execution_conf = None):
super().__init__("suspend", {"pid": pid}, execution_conf)
class TuoniCommandWebcam(TuoniDefaultPluginCommand):
"""
Commercial command type "webcam" helper class
"""
_class_base_type = "webcam"
def __init__(self, deviceNr = 0, execution_conf = None):
super().__init__("webcam", {"deviceNr": deviceNr}, execution_conf)