Skip to content

Commit

Permalink
Merge pull request #926 from BishopFox/fix/tls1.2
Browse files Browse the repository at this point in the history
Tweak https/tls server compatibility for windows
  • Loading branch information
moloch-- authored Sep 30, 2022
2 parents 0c14621 + e65629e commit 32e4ed6
Show file tree
Hide file tree
Showing 2 changed files with 21 additions and 14 deletions.
31 changes: 19 additions & 12 deletions server/c2/http.go
Original file line number Diff line number Diff line change
Expand Up @@ -255,11 +255,18 @@ func getHTTPSConfig(conf *HTTPServerConfig) *tls.Config {

// Randomize the JARM fingerprint
switch insecureRand.Intn(4) {

// So it turns out that Windows by default
// disables TLS v1.2 because it's horrible.
// So anyways for compatibility we'll specify
// a min of 1.1 or 1.0

case 0:
// tlsConfig.MinVersion = tls.VersionTLS13
fallthrough // For compatibility with winhttp
case 1:
tlsConfig.MinVersion = tls.VersionTLS12
// tlsConfig.MinVersion = tls.VersionTLS12
fallthrough // For compatibility with winhttp
case 2:
tlsConfig.MinVersion = tls.VersionTLS11
default:
Expand All @@ -268,17 +275,17 @@ func getHTTPSConfig(conf *HTTPServerConfig) *tls.Config {

// Randomize the cipher suites
allCipherSuites := []uint16{
// tls.TLS_RSA_WITH_RC4_128_SHA, //uint16 = 0x0005
tls.TLS_RSA_WITH_3DES_EDE_CBC_SHA, //uint16 = 0x000a
tls.TLS_RSA_WITH_AES_128_CBC_SHA, //uint16 = 0x002f
tls.TLS_RSA_WITH_AES_256_CBC_SHA, //uint16 = 0x0035
tls.TLS_RSA_WITH_AES_128_CBC_SHA256, //uint16 = 0x003c
tls.TLS_RSA_WITH_AES_128_GCM_SHA256, //uint16 = 0x009c
tls.TLS_RSA_WITH_AES_256_GCM_SHA384, //uint16 = 0x009d
// tls.TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, //uint16 = 0xc007
tls.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, //uint16 = 0xc009
tls.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, //uint16 = 0xc00a
// tls.TLS_ECDHE_RSA_WITH_RC4_128_SHA, //uint16 = 0xc011
tls.TLS_RSA_WITH_RC4_128_SHA, //uint16 = 0x0005
tls.TLS_RSA_WITH_3DES_EDE_CBC_SHA, //uint16 = 0x000a
tls.TLS_RSA_WITH_AES_128_CBC_SHA, //uint16 = 0x002f
tls.TLS_RSA_WITH_AES_256_CBC_SHA, //uint16 = 0x0035
tls.TLS_RSA_WITH_AES_128_CBC_SHA256, //uint16 = 0x003c
tls.TLS_RSA_WITH_AES_128_GCM_SHA256, //uint16 = 0x009c
tls.TLS_RSA_WITH_AES_256_GCM_SHA384, //uint16 = 0x009d
tls.TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, //uint16 = 0xc007
tls.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, //uint16 = 0xc009
tls.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, //uint16 = 0xc00a
tls.TLS_ECDHE_RSA_WITH_RC4_128_SHA, //uint16 = 0xc011
tls.TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, //uint16 = 0xc012
tls.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, //uint16 = 0xc013
tls.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, //uint16 = 0xc014
Expand Down
4 changes: 2 additions & 2 deletions server/rpc/rpc-tasks.go
Original file line number Diff line number Diff line change
Expand Up @@ -23,7 +23,7 @@ import (
"context"
"encoding/binary"
"fmt"
"io/ioutil"
"os"
"path"
"strings"

Expand Down Expand Up @@ -78,7 +78,7 @@ func (rpc *Server) Migrate(ctx context.Context, req *clientpb.MigrateReq) (*sliv
if err != nil {
return nil, err
}
shellcode, _ = ioutil.ReadFile(shellcodePath)
shellcode, _ = os.ReadFile(shellcodePath)
}
reqData, err := proto.Marshal(&sliverpb.InvokeMigrateReq{
Request: req.Request,
Expand Down

0 comments on commit 32e4ed6

Please sign in to comment.