From 4ac281b568e492a1ba3261e25495118e461b0ff8 Mon Sep 17 00:00:00 2001 From: Tylous Date: Sat, 19 Feb 2022 14:40:42 -0500 Subject: [PATCH] v2.2 --- Loader/Loader.go | 23 +++++++---------------- Sample.yaml | 5 ++++- SourcePoint.go | 22 +++++++++++++--------- Struct/Struct.go | 4 ++-- 4 files changed, 26 insertions(+), 28 deletions(-) diff --git a/Loader/Loader.go b/Loader/Loader.go index df3b751..d544195 100644 --- a/Loader/Loader.go +++ b/Loader/Loader.go @@ -23,7 +23,6 @@ type FlagOptions struct { Post_EX_Process_Name string metadata string injector string - ansible string Host string outFile string Profile string @@ -65,7 +64,7 @@ type Beacon_SSL struct { var num_Profile int var Post bool -func GenerateOptions(stage, sleeptime, jitter, useragent, uri, customuri, customuriGET, customuriPOST, beacon_PE, processinject_min_alloc, Post_EX_Process_Name, metadata, injector, ansible, Host, Profile, ProfilePath, outFile, custom_cert, cert_password, CDN, CDN_Value, datajitter, Keylogger string, Forwarder bool) { +func GenerateOptions(stage, sleeptime, jitter, useragent, uri, customuri, customuriGET, customuriPOST, beacon_PE, processinject_min_alloc, Post_EX_Process_Name, metadata, injector, Host, Profile, ProfilePath, outFile, custom_cert, cert_password, CDN, CDN_Value, datajitter, Keylogger string, Forwarder bool) { Beacon_Com := &Beacon_Com{} Beacon_Stage_p1 := &Beacon_Stage_p1{} Beacon_Stage_p2 := &Beacon_Stage_p2{} @@ -221,25 +220,17 @@ func GenerateHTTPVaribles(Host, metadata, uri, customuri, customuriGET, customur } else { log.Fatal("Error: Please provide a valid metadata option") } - if customuri != "0" { - if customuriGET != "0" || customuriPOST != "0" { - log.Fatal("Error: Using customuri with either of customuriGET or customuriPOST is not supported") - } - } - if (customuriGET != "0" && customuriPOST == "0") || (customuriGET == "0" && customuriPOST != "0") { - log.Fatal("Error: When using CustomuriGET/CustomuriPOST, both must be sepecified") - } if uri == "" { Post = false uri := customuri - if customuriGET != "0" && customuriPOST != "0" { + if customuriGET != "" && customuriPOST != "" { uri = customuriGET fmt.Println("[*] GET URI base: " + uri) } Beacon_GETPOST.Variables["HTTP_GET_URI"] = Utils.GenerateURIValues(1, num_Profile, Post, uri) Post = true - if customuriGET != "0" && customuriPOST != "0" { + if customuriGET != "" && customuriPOST != "" { uri = customuriPOST fmt.Println("[*] POST URI base: " + uri) } @@ -251,13 +242,13 @@ func GenerateHTTPVaribles(Host, metadata, uri, customuri, customuriGET, customur num_uri, _ := strconv.Atoi(uri) Post = false uri := customuri - if customuriGET != "0" && customuriPOST != "0" { + if customuriGET != "" && customuriPOST != "" { uri = customuriGET fmt.Println("[*] GET URI base: " + uri) } Beacon_GETPOST.Variables["HTTP_GET_URI"] = Utils.GenerateURIValues(num_uri, num_Profile, Post, uri) Post = true - if customuriGET != "0" && customuriPOST != "0" { + if customuriGET != "" && customuriPOST != "" { uri = customuriPOST fmt.Println("[*] POST URI base: " + uri) } @@ -270,8 +261,8 @@ func GenerateHTTPVaribles(Host, metadata, uri, customuri, customuriGET, customur Beacon_GETPOST.Variables["CDN"] = "" } - Beacon_GETPOST.Variables["number64"] = Utils.GenerateNumer(19340, 15360000) - Beacon_GETPOST.Variables["number86"] = Utils.GenerateNumer(19340, 15360000) + Beacon_GETPOST.Variables["number64"] = Utils.GenerateNumer(19340, 15370000) + Beacon_GETPOST.Variables["number86"] = Utils.GenerateNumer(19340, 15370000) Beacon_GETPOST.Variables["namprdnumber"] = Utils.GenerateNumer(2, 8) Beacon_GETPOST.Variables["maxage"] = Utils.GenerateNumer(172800, 31536001) diff --git a/Sample.yaml b/Sample.yaml index 86225d3..a297440 100644 --- a/Sample.yaml +++ b/Sample.yaml @@ -20,4 +20,7 @@ Customuri: CDN: CDN_Value: ProfilePath: -Forwarder: False \ No newline at end of file +Customuri: +CustomuriGET: +CustomuriPOST: +Forwarder: False diff --git a/SourcePoint.go b/SourcePoint.go index 6fac776..cd82661 100644 --- a/SourcePoint.go +++ b/SourcePoint.go @@ -25,7 +25,6 @@ type FlagOptions struct { Post_EX_Process_Name string metadata string injector string - ansible string Host string outFile string Profile string @@ -95,9 +94,9 @@ func options() *FlagOptions { [*] Linux [*] Mac`) uri := flag.String("Uri", "", "The number URIs a profile for beacons to choose from") - customuri := flag.String("Customuri", "0", "The base URI for custom HTTP GET/POST profile - Cannot be used with CustomuriGET or CustomuriPOST") - customuriGET := flag.String("CustomuriGET", "0", "The base URI for custom HTTP GET profile - Must be used with CustomuriPOST") - customuriPOST := flag.String("CustomuriPOST", "0", "The base URI for custom HTTP POST profile - Must be used with CustomuriGET") + customuri := flag.String("Customuri", "", "The base URI for custom HTTP GET/POST profile - Cannot be used with CustomuriGET or CustomuriPOST") + customuriGET := flag.String("CustomuriGET", "", "The base URI for custom HTTP GET profile - Must be used with CustomuriPOST") + customuriPOST := flag.String("CustomuriPOST", "", "The base URI for custom HTTP POST profile - Must be used with CustomuriGET") beacon_PE := flag.String("PE_Clone", "", `PE file beacon will mimic (Use the number): [1] srv.dll [2] ActivationManager.dll @@ -215,8 +214,8 @@ func main() { opt.sleeptime = c.Sleep opt.uri = c.Uri opt.customuri = c.Customuri - opt.customuri = c.CustomuriGET - opt.customuri = c.CustomuriPOST + opt.customuriGET = c.CustomuriGET + opt.customuriPOST = c.CustomuriPOST opt.CDN = c.CDN opt.useragent = c.Useragent opt.ProfilePath = c.ProfilePath @@ -229,9 +228,14 @@ func main() { log.Fatal("Error: Please provide a file name to save the profile into") } if opt.Host == "" { - log.Fatal("Error: Please provide the hostname, IP or enable ansible mode") + log.Fatal("Error: Please provide the hostname or IP") + } + if opt.customuri != "" && (opt.customuriGET != "" || opt.customuriPOST != "") { + log.Fatal("Error: Using Customuri with either of CustomuriGET or CustomuriPOST is not supported") + } + if (opt.customuriGET != "" && opt.customuriPOST == "") || (opt.customuriGET == "" && opt.customuriPOST != "") { + log.Fatal("Error: When using CustomuriGET/CustomuriPOST, both must be sepecified") } - Loader.GenerateOptions(opt.stage, opt.sleeptime, opt.jitter, opt.useragent, opt.uri, opt.customuri, opt.customuriGET, opt.customuriPOST, opt.beacon_PE, opt.processinject_min_alloc, opt.Post_EX_Process_Name, opt.metadata, opt.injector, opt.ansible, opt.Host, opt.Profile, opt.ProfilePath, opt.outFile, opt.custom_cert, opt.cert_password, opt.CDN, opt.CDN_Value, opt.Datajitter, opt.Keylogger, opt.Forwarder) - + Loader.GenerateOptions(opt.stage, opt.sleeptime, opt.jitter, opt.useragent, opt.uri, opt.customuri, opt.customuriGET, opt.customuriPOST, opt.beacon_PE, opt.processinject_min_alloc, opt.Post_EX_Process_Name, opt.metadata, opt.injector, opt.Host, opt.Profile, opt.ProfilePath, opt.outFile, opt.custom_cert, opt.cert_password, opt.CDN, opt.CDN_Value, opt.Datajitter, opt.Keylogger, opt.Forwarder) } diff --git a/Struct/Struct.go b/Struct/Struct.go index f49d1ee..7a2a59e 100644 --- a/Struct/Struct.go +++ b/Struct/Struct.go @@ -57,8 +57,8 @@ var Post_EX_Process_Name = []string{` set spawnto_x86 "%windir%\\syswow64\\mtstocom.exe"; set spawnto_x64 "%windir%\\sysnative\\mtstocom.exe"; `, ` - set spawnto_x86 "%windir%\\syswow64\pcaui.exe"; - set spawnto_x64 "%windir%\\sysnative\pcaui.exe"; + set spawnto_x86 "%windir%\\syswow64\\pcaui.exe"; + set spawnto_x64 "%windir%\\sysnative\\pcaui.exe"; `, ` set spawnto_x86 "%windir%\\syswow64\\powercfg.exe"; set spawnto_x64 "%windir%\\sysnative\\powercfg.exe";