in c2servers/scripts/exportcsdata.py [0:0]
def print_tsv(data_type, data, prefix):
with open(prefix + "_" + data_type + ".tsv", "w") as output_file:
## Cred-it where it's due
if data_type == "credentials":
print("[+] Parsing credentials")
print(
"#User\tPassword/Hash\tExtracted from\tExtracted via", file=output_file
)
for d in data:
print(
"{}\\{}\t{}\t{}\t{}".format(
d["realm"], d["user"], d["password"], d["host"], d["source"]
),
file=output_file,
)
print("[+] Completed parsing credentials")
## Listen here, pal
elif data_type == "listeners":
print("[+] Parsing listeners")
print(
"#Listener name\tHost\tPort\tBeacons\tListener type\tPort bind\tC2 Profile\tProxy",
file=output_file,
)
for d in data:
name = d["name"] if "name" in d else ""
host = d["host"] if "host" in d else ""
port = d["port"] if "port" in d else ""
beacons = d["beacons"] if "beacons" in d else ""
payload = d["payload"] if "payload" in d else ""
bindto = d["bindto"] if "bindto" in d else ""
profile = d["profile"] if "profile" in d else ""
proxy = d["proxy"] if "proxy" in d else ""
print(
"{}\t{}\t{}\t{}\t{}\t{}\t{}\t{}".format(
name, host, port, beacons, payload, bindto, profile, proxy
),
file=output_file,
)
print("[+] Completed parsing listeners")
## (ob)Session. By Calvin Klein.
elif data_type == "sessions":
print("[+] Parsing sessions")
print(
"#Hostname\tInternal IP\tExternal IP\tUser (beacon running as)\tDate/Time session created\tOS Version\tNote",
file=output_file,
)
for d in data:
print(
"{}\t{}\t{}\t{}\t{}\t{} {}\t{}".format(
d["computer"],
d["host"],
d["external"],
d["user"],
d["opened"],
d["os"],
d["ver"],
d["note"],
),
file=output_file,
)
print("[+] Completed parsing sessions")
## Better than Walmart
elif data_type == "targets":
print("[+] Parsing targets")
print("#Hostname\tIP Address\tOS Version", file=output_file)
for d in data:
print(
"{}\t{}\t{} {}".format(
d["name"], d["address"], d["os"], d["version"]
),
file=output_file,
)
print("[+] Completed parsing targets")
## Don't loose control
elif data_type == "c2info":
print("[+] Parsing c2info")
print("#Beacon ID\tDomains\tPort\tProtocol", file=output_file)
for d in data:
bid = d["bid"] if "bid" in d else ""
domains = d["domains"] if "domains" in d else ""
port = d["port"] if "port" in d else ""
proto = d["proto"] if "proto" in d else ""
print(
"{}\t{}\t{}\t{}".format(bid, domains, port, proto), file=output_file
)
print("[+] Completed parsing c2info")
## If you fail this badly, I'm impressed.
else:
print("[!] Invalid data type chosen")