From 429c520c7804109cf2bc0cf0076b8e64591030a7 Mon Sep 17 00:00:00 2001 From: Tim Makram Ghatas <47985652+TimBF@users.noreply.github.com> Date: Tue, 30 May 2023 11:44:07 +0200 Subject: [PATCH] add ECCPublicKeyDigest to protobuf and database --- protobuf/clientpb/client.pb.go | 7 ++++--- server/c2/http.go | 13 ++++--------- server/db/models/implant.go | 2 ++ server/generate/binaries.go | 6 ++++-- 4 files changed, 14 insertions(+), 14 deletions(-) diff --git a/protobuf/clientpb/client.pb.go b/protobuf/clientpb/client.pb.go index 73ab788b7a..a7607b7e3f 100644 --- a/protobuf/clientpb/client.pb.go +++ b/protobuf/clientpb/client.pb.go @@ -1972,9 +1972,10 @@ type ImplantConfig struct { MtlsKey string `protobuf:"bytes,22,opt,name=MtlsKey,proto3" json:"MtlsKey,omitempty"` ECCServerPublicKey string `protobuf:"bytes,23,opt,name=ECCServerPublicKey,proto3" json:"ECCServerPublicKey,omitempty"` ECCPublicKey string `protobuf:"bytes,24,opt,name=ECCPublicKey,proto3" json:"ECCPublicKey,omitempty"` - ECCPrivateKey string `protobuf:"bytes,25,opt,name=ECCPrivateKey,proto3" json:"ECCPrivateKey,omitempty"` - ECCPublicKeySignature string `protobuf:"bytes,26,opt,name=ECCPublicKeySignature,proto3" json:"ECCPublicKeySignature,omitempty"` - MinisignServerPublicKey string `protobuf:"bytes,27,opt,name=MinisignServerPublicKey,proto3" json:"MinisignServerPublicKey,omitempty"` + ECCPublicKeyDigest string `protobuf:"bytes,25,opt,name=ECCPublicKeyDigest,proto3" json:"ECCPublicKeyDigest,omitempty"` + ECCPrivateKey string `protobuf:"bytes,26,opt,name=ECCPrivateKey,proto3" json:"ECCPrivateKey,omitempty"` + ECCPublicKeySignature string `protobuf:"bytes,27,opt,name=ECCPublicKeySignature,proto3" json:"ECCPublicKeySignature,omitempty"` + MinisignServerPublicKey string `protobuf:"bytes,28,opt,name=MinisignServerPublicKey,proto3" json:"MinisignServerPublicKey,omitempty"` WGImplantPrivKey string `protobuf:"bytes,30,opt,name=WGImplantPrivKey,proto3" json:"WGImplantPrivKey,omitempty"` WGServerPubKey string `protobuf:"bytes,31,opt,name=WGServerPubKey,proto3" json:"WGServerPubKey,omitempty"` WGPeerTunIP string `protobuf:"bytes,32,opt,name=WGPeerTunIP,proto3" json:"WGPeerTunIP,omitempty"` diff --git a/server/c2/http.go b/server/c2/http.go index e8a892e56b..df8a0b2a76 100644 --- a/server/c2/http.go +++ b/server/c2/http.go @@ -41,7 +41,6 @@ import ( "github.com/bishopfox/sliver/protobuf/clientpb" "github.com/bishopfox/sliver/protobuf/sliverpb" "github.com/bishopfox/sliver/server/certs" - "github.com/bishopfox/sliver/server/configs" "github.com/bishopfox/sliver/server/core" "github.com/bishopfox/sliver/server/cryptography" "github.com/bishopfox/sliver/server/db" @@ -144,7 +143,7 @@ type SliverHTTPC2 struct { SliverStage []byte // Sliver shellcode to serve during staging process Cleanup func() - c2Config *configs.HTTPC2Config // C2 config (from config file) + c2Config *clientpb.HTTPC2Config // C2 config (from config file) } func (s *SliverHTTPC2) getServerHeader() string { @@ -160,15 +159,11 @@ func (s *SliverHTTPC2) getServerHeader() string { } func (s *SliverHTTPC2) getCookieName() string { - cookies := s.getHTTPC2Config().ServerConfig.Cookies + cookies := s.c2Config.ServerConfig.Cookies index := insecureRand.Intn(len(cookies)) return cookies[index].Name } -func (s *SliverHTTPC2) getHTTPC2Config() *clientpb.HTTPC2Config { - return nil -} - // StartHTTPListener - Start an HTTP(S) listener, this can be used to start both // // HTTP/HTTPS depending on the caller's conf @@ -359,6 +354,7 @@ func (s *SliverHTTPC2) loadServerHTTPC2Configs() []*models.HttpC2Config { func (s *SliverHTTPC2) router() *mux.Router { router := mux.NewRouter() c2Configs := s.loadServerHTTPC2Configs() + s.c2Config = c2Configs[0].ToProtobuf() if s.ServerConf.MaxRequestLength < 1024 { s.ServerConf.MaxRequestLength = DefaultMaxBodyLength } @@ -371,7 +367,6 @@ func (s *SliverHTTPC2) router() *mux.Router { httpLog.Debugf("HTTP C2 Implant Config = %v", c2Config.ImplantConfig) httpLog.Debugf("HTTP C2 Server Config = %v", c2Config.ServerConfig) - fmt.Println(c2Config.Name) // Start Session Handler router.HandleFunc( fmt.Sprintf("/{rpath:.*\\.%s$}", c2Config.ImplantConfig.StartSessionFileExtension), @@ -521,7 +516,7 @@ func (s *SliverHTTPC2) DefaultRespHeaders(next http.Handler) http.Handler { for _, header := range s.c2Config.ServerConfig.Headers { if 0 < header.Probability && header.Probability < 100 { roll := insecureRand.Intn(99) + 1 - if header.Probability < roll { + if header.Probability < int32(roll) { continue } } diff --git a/server/db/models/implant.go b/server/db/models/implant.go index 09167c8a08..123eae32aa 100644 --- a/server/db/models/implant.go +++ b/server/db/models/implant.go @@ -174,6 +174,7 @@ func (ic *ImplantConfig) ToProtobuf() *clientpb.ImplantConfig { ECCServerPublicKey: ic.ECCServerPublicKey, ECCPublicKey: ic.ECCPublicKey, ECCPrivateKey: ic.ECCPrivateKey, + ECCPublicKeyDigest: ic.ECCPublicKeyDigest, MtlsCACert: ic.MtlsCACert, MtlsCert: ic.MtlsCert, MtlsKey: ic.MtlsKey, @@ -340,6 +341,7 @@ func ImplantConfigFromProtobuf(pbConfig *clientpb.ImplantConfig) *ImplantConfig cfg.ECCServerPublicKey = pbConfig.ECCServerPublicKey cfg.ECCPrivateKey = pbConfig.ECCPrivateKey cfg.ECCPublicKey = pbConfig.ECCPublicKey + cfg.ECCPublicKeyDigest = pbConfig.ECCPublicKeyDigest cfg.GOOS = pbConfig.GOOS cfg.GOARCH = pbConfig.GOARCH diff --git a/server/generate/binaries.go b/server/generate/binaries.go index c6e6f2dd6e..108f5b01f1 100644 --- a/server/generate/binaries.go +++ b/server/generate/binaries.go @@ -20,6 +20,8 @@ package generate import ( "bytes" + "crypto/sha256" + "encoding/hex" "fmt" "io/fs" insecureRand "math/rand" @@ -678,9 +680,9 @@ func GenerateConfig(implantConfig *clientpb.ImplantConfig, save bool) (*clientpb return nil, err } serverKeyPair := cryptography.ECCServerKeyPair() - // digest := sha256.Sum256((*implantKeyPair.Public)[:]) + digest := sha256.Sum256((*implantKeyPair.Public)[:]) implantConfig.ECCPublicKey = implantKeyPair.PublicBase64() - // config.ECCPublicKeyDigest = hex.EncodeToString(digest[:]) + implantConfig.ECCPublicKeyDigest = hex.EncodeToString(digest[:]) implantConfig.ECCPrivateKey = implantKeyPair.PrivateBase64() implantConfig.ECCPublicKeySignature = cryptography.MinisignServerSign(implantKeyPair.Public[:]) implantConfig.ECCServerPublicKey = serverKeyPair.PublicBase64()