Skip to content

Commit

Permalink
Merge pull request #398 from BishopFox/stage
Browse files Browse the repository at this point in the history
Add WG config to implant profiles
  • Loading branch information
rkervella authored Apr 15, 2021
2 parents 63b90eb + 8bfca6a commit 32a3305
Show file tree
Hide file tree
Showing 4 changed files with 20 additions and 34 deletions.
2 changes: 1 addition & 1 deletion client/command/psexec.go
Original file line number Diff line number Diff line change
Expand Up @@ -69,7 +69,7 @@ func psExec(ctx *grumble.Context, rpc rpcpb.SliverRPCClient) {
fmt.Printf(Warn+"no profile found for name %s\n", profile)
return
}
sliverBinary, err := getSliverBinary(*p, rpc)
sliverBinary, err := getSliverBinary(p, rpc)
filename := randomString(10)
filePath := fmt.Sprintf("%s\\%s.exe", uploadPath, filename)
uploadGzip := new(encoders.Gzip).Encode(sliverBinary)
Expand Down
33 changes: 7 additions & 26 deletions client/command/stager.go
Original file line number Diff line number Diff line change
Expand Up @@ -26,7 +26,6 @@ import (
"strconv"
"strings"

consts "github.com/bishopfox/sliver/client/constants"
"github.com/bishopfox/sliver/client/spin"
"github.com/bishopfox/sliver/protobuf/clientpb"
"github.com/bishopfox/sliver/protobuf/commonpb"
Expand All @@ -36,7 +35,6 @@ import (

// stage-listener --url [tcp://ip:port | http://ip:port ] --profile name
func stageListener(ctx *grumble.Context, rpc rpcpb.SliverRPCClient) {
var implantProfile *clientpb.ImplantProfile
profileName := ctx.Flags.String("profile")
listenerURL := ctx.Flags.String("url")

Expand All @@ -57,29 +55,11 @@ func stageListener(ctx *grumble.Context, rpc rpcpb.SliverRPCClient) {
return
}

// get profile
profiles := getImplantProfiles(rpc)
if len(profiles) == 0 {
return
}

if len(profiles) == 0 {
fmt.Printf(Info+"No profiles, create one with `%s`\n", consts.NewProfileStr)
return
}
profile := getImplantProfileByName(rpc, profileName)
if profile != nil {

for _, profile := range profiles {
if profileName == profile.Name {
implantProfile = profile
}
}

if implantProfile.GetName() == "" {
fmt.Printf(Warn + "could not find the implant name from the profile\n")
return
}

stage2, err := getSliverBinary(*implantProfile, rpc)
stage2, err := getSliverBinary(profile, rpc)
if err != nil {
fmt.Printf(Warn+"Error: %v\n", err)
return
Expand Down Expand Up @@ -149,7 +129,7 @@ func stageListener(ctx *grumble.Context, rpc rpcpb.SliverRPCClient) {
}
}

func getSliverBinary(profile clientpb.ImplantProfile, rpc rpcpb.SliverRPCClient) ([]byte, error) {
func getSliverBinary(profile *clientpb.ImplantProfile, rpc rpcpb.SliverRPCClient) ([]byte, error) {
var data []byte
// get implant builds
builds, err := rpc.ImplantBuilds(context.Background(), &commonpb.Empty{})
Expand All @@ -164,8 +144,9 @@ func getSliverBinary(profile clientpb.ImplantProfile, rpc rpcpb.SliverRPCClient)
fmt.Printf(Info+"No builds found for profile %s, generating a new one\n", profile.GetName())
ctrl := make(chan bool)
go spin.Until("Compiling, please wait ...", ctrl)

generated, err := rpc.Generate(context.Background(), &clientpb.GenerateReq{
Config: profile.GetConfig(),
Config: profile.Config,
})
ctrl <- true
<-ctrl
Expand All @@ -175,7 +156,7 @@ func getSliverBinary(profile clientpb.ImplantProfile, rpc rpcpb.SliverRPCClient)
}
data = generated.GetFile().GetData()
profile.Config.Name = buildImplantName(generated.GetFile().GetName())
_, err = rpc.SaveImplantProfile(context.Background(), &profile)
_, err = rpc.SaveImplantProfile(context.Background(), profile)
if err != nil {
fmt.Println("Error updating implant profile")
return data, err
Expand Down
6 changes: 3 additions & 3 deletions implant/sliver/transports/transports.go
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,7 @@ import (

// {{if or .Config.HTTPc2Enabled .Config.TCPPivotc2Enabled .Config.WGc2Enabled}}
"net"

// {{end}}

// {{if .Config.Debug}}
Expand All @@ -30,8 +31,7 @@ import (

"crypto/x509"
// {{if .Config.WGc2Enabled}}
"fmt"

"errors"
// {{end}}
"io"
"net/url"
Expand Down Expand Up @@ -415,7 +415,7 @@ func wgConnect(uri *url.URL) (*Connection, error) {
return nil, err
}
if len(addrs) == 0 {
return nil, fmt.Errorf("invalid address")
return nil, errors.New("{{if .Config.Debug}}Invalid address{{end}}")
}
hostname := addrs[0]
conn, dev, err := wgSocketConnect(hostname, uint16(lport))
Expand Down
13 changes: 9 additions & 4 deletions server/db/models/implant.go
Original file line number Diff line number Diff line change
Expand Up @@ -140,10 +140,15 @@ func (ic *ImplantConfig) ToProtobuf() *clientpb.ImplantConfig {
LimitUsername: ic.LimitUsername,
LimitFileExists: ic.LimitFileExists,

IsSharedLib: ic.IsSharedLib,
IsService: ic.IsService,
IsShellcode: ic.IsShellcode,
Format: ic.Format,
IsSharedLib: ic.IsSharedLib,
IsService: ic.IsService,
IsShellcode: ic.IsShellcode,
Format: ic.Format,
WGImplantPrivKey: ic.WGImplantPrivKey,
WGServerPubKey: ic.WGServerPubKey,
WGPeerTunIP: ic.WGPeerTunIP,
WGKeyExchangePort: ic.WGKeyExchangePort,
WGTcpCommsPort: ic.WGTcpCommsPort,

FileName: ic.FileName,
}
Expand Down

0 comments on commit 32a3305

Please sign in to comment.