From 225ebb713e6ebb477ec4fa4de86492e462236157 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Trym=20Skille=C3=A5s?= <t.skill93@gmail.com>
Date: Thu, 17 Sep 2020 09:26:57 +0200
Subject: [PATCH] FIX: Corrected filepaths for Posh dropper files in database

---
 poshc2/server/C2Server.py | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/poshc2/server/C2Server.py b/poshc2/server/C2Server.py
index 7eaf11dc..59184db0 100644
--- a/poshc2/server/C2Server.py
+++ b/poshc2/server/C2Server.py
@@ -379,8 +379,8 @@ def newdb(db):
     insert_hosted_file("%ss/64/portal" % QuickCommandURI, "%sSharp_v4_x64_Shellcode.bin" % (PayloadsDirectory), "text/html", "Yes", "Yes")
     insert_hosted_file("%sp/86/portal" % QuickCommandURI, "%sPosh_v4_x86_Shellcode.bin" % (PayloadsDirectory), "application/x-msdownload", "No", "Yes")
     insert_hosted_file("%sp/64/portal" % QuickCommandURI, "%sPosh_v4_x64_Shellcode.bin" % (PayloadsDirectory), "application/x-msdownload", "No", "Yes")
-    insert_hosted_file("%s_ex86" % QuickCommandURI, "%sPosh_v4_dropper_32.exe" % (PayloadsDirectory), "application/x-msdownload", "No", "Yes")
-    insert_hosted_file("%s_ex64" % QuickCommandURI, "%sPosh_v4_dropper_64.exe" % (PayloadsDirectory), "application/x-msdownload", "No", "Yes")
+    insert_hosted_file("%s_ex86" % QuickCommandURI, "%sPosh_v4_dropper_x86.exe" % (PayloadsDirectory), "application/x-msdownload", "No", "Yes")
+    insert_hosted_file("%s_ex64" % QuickCommandURI, "%sPosh_v4_dropper_x64.exe" % (PayloadsDirectory), "application/x-msdownload", "No", "Yes")
     insert_hosted_file("%s_bs" % QuickCommandURI, "%spayload.bat" % (PayloadsDirectory), "text/html", "No", "Yes")
     insert_hosted_file("%s_rp" % QuickCommandURI, "%spayload.txt" % (PayloadsDirectory), "text/html", "Yes", "Yes")
     insert_hosted_file("%s_rg" % QuickCommandURI, "%srg_sct.xml" % (PayloadsDirectory), "text/html", "No", "Yes")
@@ -419,8 +419,8 @@ def existingdb(db):
         insert_hosted_file("%ss/64/portal" % QuickCommandURI, "%sSharp_v4_x64_Shellcode.bin" % (PayloadsDirectory), "text/html", "Yes", "Yes")
         insert_hosted_file("%sp/86/portal" % QuickCommandURI, "%sPosh_v4_x86_Shellcode.bin" % (PayloadsDirectory), "application/x-msdownload", "No", "Yes")
         insert_hosted_file("%sp/64/portal" % QuickCommandURI, "%sPosh_v4_x64_Shellcode.bin" % (PayloadsDirectory), "application/x-msdownload", "No", "Yes")
-        insert_hosted_file("%s_ex86" % QuickCommandURI, "%sPosh_v4_dropper_32.exe" % (PayloadsDirectory), "application/x-msdownload", "No", "Yes")
-        insert_hosted_file("%s_ex64" % QuickCommandURI, "%sPosh_v4_dropper_64.exe" % (PayloadsDirectory), "application/x-msdownload", "No", "Yes")
+        insert_hosted_file("%s_ex86" % QuickCommandURI, "%sPosh_v4_dropper_x86.exe" % (PayloadsDirectory), "application/x-msdownload", "No", "Yes")
+        insert_hosted_file("%s_ex64" % QuickCommandURI, "%sPosh_v4_dropper_x64.exe" % (PayloadsDirectory), "application/x-msdownload", "No", "Yes")
         insert_hosted_file("%s_bs" % QuickCommandURI, "%spayload.bat" % (PayloadsDirectory), "text/html", "No", "Yes")
         insert_hosted_file("%s_rp" % QuickCommandURI, "%spayload.txt" % (PayloadsDirectory), "text/html", "Yes", "Yes")
         insert_hosted_file("%s_rg" % QuickCommandURI, "%srg_sct.xml" % (PayloadsDirectory), "text/html", "No", "Yes")