QString TheMagic::fileName() { if( mDownloadToFile ) { sanitizeFileName(); return mFileName; } else { return tr("*Buffer*"); } }
void TheMagic::downloadToFile() { sanitizeFileName(); mpFile = new QFile( mFileName ); if( !Settings::value( Settings::FunkytownOverwrite ) ) { if( mpFile->exists() ) { delete mpFile; mpFile = 0; } } if( mpFile && !(mpFile->open( QIODevice::WriteOnly )) ) { delete mpFile; mpFile = 0; } mDownloadToFile = true; }
void mod_mimikatz_crypto::listAndOrExportKeys(vector<wstring> * arguments, bool exportKeys) { bool isMachine = false; DWORD providerType = PROV_RSA_FULL; wstring provider = MS_ENHANCED_PROV; switch (arguments->size()) { case 1: isMachine = true; case 0: break; case 3: isMachine = true; arguments->erase(arguments->begin()); case 2: mod_cryptoapi::getProviderString(arguments->front(), &provider); mod_cryptoapi::getProviderTypeFromString(arguments->back(), &providerType); break; default : (*outputStream) << L"Erreur d\'arguments, attendu : [machine] [provider providerType]" << endl; return; } wstring type = (isMachine ? L"machine" : L"user"); vector<wstring> * monVectorKeys = new vector<wstring>(); /* CryptoAPI */ (*outputStream) << L"[" << type << L"] Clés CryptoAPI :" << endl; if(mod_cryptoapi::getVectorContainers(monVectorKeys, isMachine)) { DWORD i; vector<wstring>::iterator monContainer; for(i = 0, monContainer = monVectorKeys->begin(); monContainer != monVectorKeys->end(); ++monContainer, ++i) { (*outputStream) << L"\t - " << *monContainer << endl; HCRYPTPROV hCryptKeyProv = NULL; if(CryptAcquireContext(&hCryptKeyProv, monContainer->c_str(), provider.c_str(), providerType, NULL | (isMachine ? CRYPT_MACHINE_KEYSET : NULL))) { HCRYPTKEY maCle = NULL; for(DWORD ks = AT_KEYEXCHANGE; (ks <= AT_SIGNATURE) && !maCle; ks++) { if(CryptGetUserKey(hCryptKeyProv, ks, &maCle)) { (*outputStream) << L"\t\tType : " << mod_crypto::KeyTypeToString(ks) << endl; DWORD param = 0, taille = sizeof(param); if(CryptGetKeyParam(maCle, KP_PERMISSIONS, reinterpret_cast<BYTE *>(¶m), &taille, NULL)) (*outputStream) << L"\t\tExportabilité : " << (param & CRYPT_EXPORT ? L"OUI" : L"NON") << endl; if(CryptGetKeyParam(maCle, KP_KEYLEN, reinterpret_cast<BYTE *>(¶m), &taille, NULL)) (*outputStream) << L"\t\tTaille clé : " << param << endl; if(exportKeys) { bool reussite = false; BYTE * monExport = NULL; DWORD tailleExport = 0; wstringstream monBuff; wstring containerName = *monContainer; sanitizeFileName(&containerName); monBuff << L"capi_" << type << L'_' << i << L'_' << containerName << L".pvk"; if(mod_cryptoapi::getPrivateKey(maCle, &monExport, &tailleExport)) { reussite = mod_crypto::PrivateKeyBlobToPVK(monExport, tailleExport, monBuff.str(), ks); delete[] monExport; } (*outputStream) << L"\t\tExport privé dans \'" << monBuff.str() << L"\' : " << (reussite ? L"OK" : L"KO") << endl; if(!reussite) { (*outputStream) << L"\t\t\tmod_cryptoapi::getPrivateKey/PrivateKeyBlobToPVK : " << mod_system::getWinError() << endl; } } } } if(maCle) CryptDestroyKey(maCle); else (*outputStream) << L"\t\t* Erreur de clé ; " << mod_system::getWinError() << endl; CryptReleaseContext(hCryptKeyProv, 0); } else (*outputStream) << L"\t\t* Erreur d\'acquisition de la clé ; " << mod_system::getWinError() << endl; } } else (*outputStream) << L"mod_cryptoapi::getVectorContainers : " << mod_system::getWinError() << endl; /* CryptoNG */ if(mod_cryptong::isNcrypt) { (*outputStream) << endl; monVectorKeys->clear(); (*outputStream) << L"[" << type << L"] Clés CNG :" << endl; if(mod_cryptong::getVectorContainers(monVectorKeys, isMachine)) { DWORD i; vector<wstring>::iterator monContainer; for(i = 0, monContainer = monVectorKeys->begin(); monContainer != monVectorKeys->end(); ++monContainer, ++i) { (*outputStream) << L"\t - " << *monContainer << endl; NCRYPT_KEY_HANDLE maCle; if(mod_cryptong::getHKeyFromName(*monContainer, &maCle, isMachine)) { bool exportable = false; DWORD size = 0; if(mod_cryptong::isKeyExportable(&maCle, &exportable)) (*outputStream) << L"\t\tExportabilité : " << (exportable ? L"OUI" : L"NON") << endl; if(mod_cryptong::getKeySize(&maCle, &size)) (*outputStream) << L"\t\tTaille clé : " << size << endl; if(exportKeys) { bool reussite = false; BYTE * monExport = NULL; DWORD tailleExport = 0; wstringstream monBuff; monBuff << L"cng_" << type << L'_' << i << L'_' << *monContainer << L".pvk"; if(mod_cryptong::getPrivateKey(maCle, &monExport, &tailleExport)) { reussite = mod_crypto::PrivateKeyBlobToPVK(monExport, tailleExport, monBuff.str()); delete[] monExport; } (*outputStream) << L"\t\tExport privé dans \'" << monBuff.str() << L"\' : " << (reussite ? L"OK" : L"KO") << endl; if(!reussite) { (*outputStream) << L"\t\t\tmod_cryptong::getPrivateKey/PrivateKeyBlobToPVK : " << mod_system::getWinError() << endl; } } mod_cryptong::NCryptFreeObject(maCle); } } } else (*outputStream) << L"mod_cryptong::getVectorContainers : " << mod_system::getWinError() << endl; } delete monVectorKeys; }
bool DccTransferRecv::queue() { kdDebug() << "DccTransferRecv::queue()" << endl; if ( getStatus() != Configuring ) return false; if ( m_partnerIp.isEmpty() || m_partnerPort.isEmpty() ) return false; if (!kapp->authorize("allow_downloading")) { //note we have this after the initialisations so that item looks okay //Do not have the rights to send the file. Shouldn't have gotten this far anyway failed(i18n("The admin has restricted the right to receive files")); return false; } // check if the sender IP is valid if ( m_partnerIp == "0.0.0.0" ) { failed( i18n( "Invalid sender address (%1)" ).arg( m_partnerIp ) ); return false; } // TODO: should we support it? if ( m_fileSize == 0 ) { failed( i18n( "Unsupported negotiation (filesize=0)" ) ); return false; } if ( m_fileName.isEmpty() ) { m_fileName = "unnamed_file"; } if ( m_fileURL.isEmpty() ) { // determine default incoming file URL // set default folder if ( !Preferences::dccPath().isEmpty() ) m_fileURL = KURL( Preferences::dccPath() ); else m_fileURL.setPath( KUser( KUser::UseRealUserID ).homeDir() ); // default folder is *not* specified // add a slash if there is none m_fileURL.adjustPath( 1 ); // Append folder with partner's name if wanted if ( Preferences::dccCreateFolder() ) m_fileURL.addPath( m_partnerNick + '/' ); // Just incase anyone tries to do anything nasty QString fileNameSanitized = sanitizeFileName( m_fileName ); // Append partner's name to file name if wanted if ( Preferences::dccAddPartner() ) m_fileURL.addPath( m_partnerNick + '.' + fileNameSanitized ); else m_fileURL.addPath( fileNameSanitized ); } return DccTransfer::queue(); }
void mod_mimikatz_crypto::listAndOrExportCertificates(vector<wstring> * arguments, bool exportCert) { wstring monEmplacement = L"CERT_SYSTEM_STORE_CURRENT_USER"; wstring monStore = L"My"; if(arguments->size() == 1) { monEmplacement = arguments->front(); } else if(arguments->size() == 2) { monEmplacement = arguments->front(); monStore = arguments->back(); } (*outputStream) << L"Emplacement : \'" << monEmplacement << L'\''; DWORD systemStore; if(mod_crypto::getSystemStoreFromString(monEmplacement, &systemStore)) { (*outputStream) << L"\\" << monStore << endl; if(HCERTSTORE hCertificateStore = CertOpenStore(CERT_STORE_PROV_SYSTEM, NULL, NULL, systemStore | CERT_STORE_OPEN_EXISTING_FLAG | CERT_STORE_READONLY_FLAG, monStore.c_str())) { DWORD i; PCCERT_CONTEXT pCertContext; for (i = 0, pCertContext = CertEnumCertificatesInStore(hCertificateStore, NULL); pCertContext != NULL; pCertContext = CertEnumCertificatesInStore(hCertificateStore, pCertContext), i++) { wstring * certName = new wstring(); bool reussite = false; if(!mod_crypto::getCertNameFromCertCTX(pCertContext, certName)) certName->assign(L"[empty]"); (*outputStream) << L"\t - " << *certName << endl;; sanitizeFileName(certName); wstringstream monBuff; monBuff << monEmplacement << L'_' << monStore << L'_' << i << L'_' << *certName << L'.'; mod_crypto::KIWI_KEY_PROV_INFO keyProvInfo; if(mod_crypto::getKiwiKeyProvInfo(pCertContext, &keyProvInfo)) { (*outputStream) << L"\t\tContainer Clé : " << keyProvInfo.pwszContainerName << endl; (*outputStream) << L"\t\tProvider : " << keyProvInfo.pwszProvName << endl; HCRYPTPROV_OR_NCRYPT_KEY_HANDLE monProv = NULL; DWORD keySpec = 0; BOOL aFermer = false; if(CryptAcquireCertificatePrivateKey(pCertContext, CRYPT_ACQUIRE_ALLOW_NCRYPT_KEY_FLAG /* CRYPT_ACQUIRE_SILENT_FLAG NULL */, NULL, &monProv, &keySpec, &aFermer)) { (*outputStream) << L"\t\tType : " << mod_crypto::KeyTypeToString(keySpec) << endl; DWORD size = 0; bool exportable = false; if(keySpec == CERT_NCRYPT_KEY_SPEC) { if(mod_cryptong::isNcrypt) { reussite = mod_cryptong::getKeySize(&monProv, &size); reussite &=mod_cryptong::isKeyExportable(&monProv, &exportable); if(aFermer) { mod_cryptong::NCryptFreeObject(monProv); } } else (*outputStream) << L"\t\t\tErreur : Clé de type nCrypt, sans nCrypt ?" << endl; } else { DWORD tailleEcrite = 0; DWORD exportability; HCRYPTKEY maCle = NULL; if(reussite = (CryptGetUserKey(monProv, keySpec, &maCle) != 0)) { tailleEcrite = sizeof(DWORD); reussite = (CryptGetKeyParam(maCle, KP_KEYLEN, reinterpret_cast<BYTE *>(&size), &tailleEcrite, NULL) != 0); tailleEcrite = sizeof(DWORD); reussite &= (CryptGetKeyParam(maCle, KP_PERMISSIONS, reinterpret_cast<BYTE *>(&exportability), &tailleEcrite, NULL) != 0); exportable = (exportability & CRYPT_EXPORT) != 0; } if(aFermer) { CryptReleaseContext(monProv, 0); } } if(reussite) { (*outputStream) << L"\t\tExportabilité : " << (exportable ? L"OUI" : L"NON") << endl; (*outputStream) << L"\t\tTaille clé : " << size << endl; } if(exportCert) { wstring PFXFile = monBuff.str(); PFXFile.append(L"pfx"); reussite = mod_crypto::CertCTXtoPFX(pCertContext, PFXFile, L"mimikatz"); (*outputStream) << L"\t\tExport privé dans \'" << PFXFile << L"\' : " << (reussite ? L"OK" : L"KO") << endl; if(!reussite) { (*outputStream) << L"\t\t\t" << mod_system::getWinError() << endl; } } } else (*outputStream) << L"CryptAcquireCertificatePrivateKey : " << mod_system::getWinError() << endl; } if(exportCert) { wstring DERFile = monBuff.str(); DERFile.append(L"der"); reussite = mod_crypto::CertCTXtoDER(pCertContext, DERFile); (*outputStream) << L"\t\tExport public dans \'" << DERFile << L"\' : " << (reussite ? L"OK" : L"KO") << endl; if(!reussite) { (*outputStream) << L"\t\t\t" << mod_system::getWinError() << endl; } } delete certName; } CertCloseStore(hCertificateStore, CERT_CLOSE_STORE_FORCE_FLAG); } else (*outputStream) << L"CertOpenStore : " << mod_system::getWinError() << endl; } else (*outputStream) << L" introuvable !" << endl; }