Merge branch 'master' into ff34dependabot/github_actions/actions/cache-4

.github/workflows/autorelease.yml

@@ -42,10 +42,10 @@ jobs:
     runs-on: ubuntu-latest
     timeout-minutes: 45
     steps:
-      - name: Go 1.21
+      - name: Go 1.22
         uses: actions/setup-go@v5
         with:
-          go-version: "^1.21"
+          go-version: "^1.22"
 
       - name: Check Out Code
         uses: actions/checkout@v4

.github/workflows/codeql-scanning.yml

@@ -16,10 +16,10 @@ jobs:
 
     steps:
       # Setup go environment
-      - name: Go 1.21
+      - name: Go 1.22
         uses: actions/setup-go@v5
         with:
-          go-version: "^1.21"
+          go-version: "^1.22"
 
       - name: Checkout repository
         uses: actions/checkout@v4

.github/workflows/docs.yml

@@ -63,7 +63,7 @@ jobs:
           node-version: "lts/*"
 
       - name: Setup Pages
-        uses: actions/configure-pages@v4
+        uses: actions/configure-pages@v5
 
       - name: Restore cache
         uses: actions/cache@v4

.github/workflows/unit-tests.yml

@@ -23,10 +23,10 @@ jobs:
     runs-on: ubuntu-latest
     timeout-minutes: 90
     steps:
-      - name: Go 1.21
+      - name: Go 1.22
         uses: actions/setup-go@v5
         with:
-          go-version: "^1.21"
+          go-version: "^1.22"
 
       - name: OS Packages
         run: |
@@ -57,10 +57,10 @@ jobs:
     runs-on: macos-latest
     timeout-minutes: 90
     steps:
-      - name: Go 1.21
+      - name: Go 1.22
         uses: actions/setup-go@v5
         with:
-          go-version: "^1.21"
+          go-version: "^1.22"
 
       - name: Mingw
         run: brew install mingw-w64
@@ -88,10 +88,10 @@ jobs:
     runs-on: ubuntu-latest
     timeout-minutes: 90
     steps:
-      - name: Go 1.21
+      - name: Go 1.22
         uses: actions/setup-go@v5
         with:
-          go-version: "^1.21"
+          go-version: "^1.22"
 
       - name: Check Out Code
         uses: actions/checkout@v4

Dockerfile

@@ -9,7 +9,7 @@
 
 # STAGE: base
 ## Compiles Sliver for use
-FROM --platform=linux/amd64 golang:1.21.4 as base
+FROM --platform=linux/amd64 golang:1.22.1 as base
 
 ### Base packages
 RUN apt-get update --fix-missing && apt-get -y install \

client/command/c2profiles/c2profiles.go

@@ -123,6 +123,169 @@ func ImportC2ProfileCmd(cmd *cobra.Command, con *console.SliverClient, args []st
 	}
 }
 
+func ExportC2ProfileCmd(cmd *cobra.Command, con *console.SliverClient, args []string) {
+
+	filepath, _ := cmd.Flags().GetString("file")
+	if filepath == "" {
+		con.PrintErrorf("Missing file path\n")
+		return
+	}
+
+	profileName, _ := cmd.Flags().GetString("name")
+	if profileName == "" {
+		con.PrintErrorf("Invalid c2 profile name\n")
+		return
+	}
+
+	if profileName == constants.DefaultC2Profile {
+		httpC2Profiles, err := con.Rpc.GetHTTPC2Profiles(context.Background(), &commonpb.Empty{})
+		if err != nil {
+			con.PrintErrorf("failed to fetch HTTP C2 profiles: %s", err.Error())
+			return
+		}
+		if len(httpC2Profiles.Configs) != 1 {
+			profileName = selectC2Profile(httpC2Profiles.Configs)
+		}
+	}
+
+	profile, err := con.Rpc.GetHTTPC2ProfileByName(context.Background(), &clientpb.C2ProfileReq{Name: profileName})
+	if err != nil {
+		con.PrintErrorf("%s\n", err)
+		return
+	}
+
+	jsonProfile, err := C2ConfigToJSON(profileName, profile)
+	if err != nil {
+		con.PrintErrorf("%s\n", err)
+		return
+	}
+
+	err = os.WriteFile(filepath, jsonProfile, 0644)
+	if err != nil {
+		con.PrintErrorf("%s\n", err)
+		return
+	}
+
+	con.Println(profileName, "C2 profile exported to ", filepath)
+}
+
+// convert protobuf to json
+func C2ConfigToJSON(profileName string, profile *clientpb.HTTPC2Config) ([]byte, error) {
+	implantConfig := assets.HTTPC2ImplantConfig{
+		UserAgent:           profile.ImplantConfig.UserAgent,
+		ChromeBaseVersion:   int(profile.ImplantConfig.ChromeBaseVersion),
+		MacOSVersion:        profile.ImplantConfig.MacOSVersion,
+		NonceQueryArgChars:  profile.ImplantConfig.NonceQueryArgChars,
+		MaxFiles:            int(profile.ImplantConfig.MaxFiles),
+		MinFiles:            int(profile.ImplantConfig.MinFiles),
+		MaxPaths:            int(profile.ImplantConfig.MaxPaths),
+		MinPaths:            int(profile.ImplantConfig.MinFiles),
+		StagerFileExt:       profile.ImplantConfig.StagerFileExtension,
+		PollFileExt:         profile.ImplantConfig.PollFileExtension,
+		StartSessionFileExt: profile.ImplantConfig.StartSessionFileExtension,
+		SessionFileExt:      profile.ImplantConfig.SessionFileExtension,
+		CloseFileExt:        profile.ImplantConfig.CloseFileExtension,
+	}
+
+	var headers []assets.NameValueProbability
+	for _, header := range profile.ImplantConfig.Headers {
+		headers = append(headers, assets.NameValueProbability{
+			Name:        header.Name,
+			Value:       header.Value,
+			Probability: int(header.Probability),
+		})
+	}
+	implantConfig.Headers = headers
+
+	var urlParameters []assets.NameValueProbability
+	for _, urlParameter := range profile.ImplantConfig.ExtraURLParameters {
+		urlParameters = append(urlParameters, assets.NameValueProbability{
+			Name:        urlParameter.Name,
+			Value:       urlParameter.Value,
+			Probability: int(urlParameter.Probability),
+		})
+	}
+	implantConfig.URLParameters = urlParameters
+
+	var (
+		stagerFiles  []string
+		pollFiles    []string
+		sessionFiles []string
+		closeFiles   []string
+		stagerPaths  []string
+		pollPaths    []string
+		sessionPaths []string
+		closePaths   []string
+	)
+
+	for _, pathSegment := range profile.ImplantConfig.PathSegments {
+		if pathSegment.IsFile {
+			switch pathSegment.SegmentType {
+			case 0:
+				pollFiles = append(pollFiles, pathSegment.Value)
+			case 1:
+				sessionFiles = append(sessionFiles, pathSegment.Value)
+			case 2:
+				closeFiles = append(closeFiles, pathSegment.Value)
+			case 3:
+				stagerFiles = append(stagerFiles, pathSegment.Value)
+			}
+		} else {
+			switch pathSegment.SegmentType {
+			case 0:
+				pollPaths = append(pollPaths, pathSegment.Value)
+			case 1:
+				sessionPaths = append(sessionPaths, pathSegment.Value)
+			case 2:
+				closePaths = append(closePaths, pathSegment.Value)
+			case 3:
+				stagerPaths = append(stagerPaths, pathSegment.Value)
+			}
+		}
+	}
+
+	implantConfig.PollFiles = pollFiles
+	implantConfig.SessionFiles = sessionFiles
+	implantConfig.CloseFiles = closeFiles
+	implantConfig.StagerFiles = stagerFiles
+	implantConfig.PollPaths = pollPaths
+	implantConfig.SessionPaths = sessionPaths
+	implantConfig.ClosePaths = closePaths
+	implantConfig.StagerPaths = stagerPaths
+
+	var serverHeaders []assets.NameValueProbability
+	for _, header := range profile.ServerConfig.Headers {
+		serverHeaders = append(serverHeaders, assets.NameValueProbability{
+			Name:        header.Name,
+			Value:       header.Value,
+			Probability: int(header.Probability),
+		})
+	}
+
+	var serverCookies []string
+	for _, cookie := range profile.ServerConfig.Cookies {
+		serverCookies = append(serverCookies, cookie.Name)
+	}
+
+	serverConfig := assets.HTTPC2ServerConfig{
+		RandomVersionHeaders: profile.ServerConfig.RandomVersionHeaders,
+		Headers:              serverHeaders,
+		Cookies:              serverCookies,
+	}
+
+	config := assets.HTTPC2Config{
+		ImplantConfig: implantConfig,
+		ServerConfig:  serverConfig,
+	}
+
+	jsonConfig, err := json.Marshal(config)
+	if err != nil {
+		return nil, err
+	}
+
+	return jsonConfig, nil
+}
+
 // convert json to protobuf
 func C2ConfigToProtobuf(profileName string, config *assets.HTTPC2Config) *clientpb.HTTPC2Config {
 

client/command/c2profiles/commands.go

@@ -0,0 +1,67 @@
+package c2profiles
+
+import (
+	"github.com/bishopfox/sliver/client/command/flags"
+	"github.com/bishopfox/sliver/client/command/generate"
+	"github.com/bishopfox/sliver/client/command/help"
+	"github.com/bishopfox/sliver/client/console"
+	consts "github.com/bishopfox/sliver/client/constants"
+	"github.com/rsteube/carapace"
+	"github.com/spf13/cobra"
+	"github.com/spf13/pflag"
+)
+
+// Commands returns the “ command and its subcommands.
+func Commands(con *console.SliverClient) []*cobra.Command {
+
+	importC2ProfileCmd := &cobra.Command{
+		Use:   consts.ImportC2ProfileStr,
+		Short: "Import HTTP C2 profile",
+		Long:  help.GetHelpFor([]string{consts.ImportC2ProfileStr}),
+		Run: func(cmd *cobra.Command, args []string) {
+			ImportC2ProfileCmd(cmd, con, args)
+		},
+	}
+	flags.Bind(consts.ImportC2ProfileStr, false, importC2ProfileCmd, func(f *pflag.FlagSet) {
+		f.StringP("name", "n", consts.DefaultC2Profile, "HTTP C2 Profile name")
+		f.StringP("file", "f", "", "Path to C2 configuration file to import")
+		f.BoolP("overwrite", "o", false, "Overwrite profile if it exists")
+	})
+
+	exportC2ProfileCmd := &cobra.Command{
+		Use:   consts.ExportC2ProfileStr,
+		Short: "Export HTTP C2 profile",
+		Long:  help.GetHelpFor([]string{consts.ExportC2ProfileStr}),
+		Run: func(cmd *cobra.Command, args []string) {
+			ExportC2ProfileCmd(cmd, con, args)
+		},
+	}
+	flags.Bind(consts.ExportC2ProfileStr, false, exportC2ProfileCmd, func(f *pflag.FlagSet) {
+		f.StringP("file", "f", "", "Path to file to export C2 configuration to")
+		f.StringP("name", "n", consts.DefaultC2Profile, "HTTP C2 Profile name")
+
+	})
+
+	C2ProfileCmd := &cobra.Command{
+		Use:   consts.C2ProfileStr,
+		Short: "Display C2 profile details",
+		Long:  help.GetHelpFor([]string{consts.C2ProfileStr}),
+		Run: func(cmd *cobra.Command, args []string) {
+			C2ProfileCmd(cmd, con, args)
+		},
+		GroupID: consts.NetworkHelpGroup,
+	}
+	flags.Bind(consts.C2ProfileStr, true, C2ProfileCmd, func(f *pflag.FlagSet) {
+		f.StringP("name", "n", consts.DefaultC2Profile, "HTTP C2 Profile to display")
+	})
+
+	flags.BindFlagCompletions(C2ProfileCmd, func(comp *carapace.ActionMap) {
+		(*comp)["name"] = generate.HTTPC2Completer(con)
+	})
+	C2ProfileCmd.AddCommand(importC2ProfileCmd)
+	C2ProfileCmd.AddCommand(exportC2ProfileCmd)
+
+	return []*cobra.Command{
+		C2ProfileCmd,
+	}
+}

client/command/command.go

@@ -28,8 +28,6 @@ import (
 	"github.com/spf13/pflag"
 )
 
-const defaultTimeout = 60
-
 // Bind is a convenience function to bind flags to a given command.
 // name - The name of the flag set (can be empty).
 // cmd  - The command to which the flags should be bound.
@@ -111,7 +109,7 @@ func makeBind(cmd *cobra.Command, con *client.SliverClient) func(group string, c
 //
 // @group - Name of the group under which the command should be shown. Preferably use a string in the constants package.
 // @ cmds - A list of functions returning a list of root commands to bind. See any package's `commands.go` file and function.
-type commandBinder func(group string, cmds ...func(con *client.SliverClient) []*cobra.Command)
+// type commandBinder func(group string, cmds ...func(con *client.SliverClient) []*cobra.Command)
 
 // [ Core ]
 // [ Sessions ]

client/command/extensions/load.go

@@ -487,16 +487,10 @@ func runExtensionCmd(cmd *cobra.Command, con *console.SliverClient, args []strin
 		entryPoint = loadedExtensions[extName].Entrypoint // should exist at this point
 	} else {
 		// Regular DLL
-		// extArgs := strings.Join(args, " ")
-		//legacy case - single string arg
-		if len(ext.Arguments) == 1 && ext.Arguments[0].Type == "string" {
-			extensionArgs = []byte(strings.Join(args, " "))
-		} else {
-			extensionArgs, err = getExtArgs(cmd, args, binPath, ext)
-			if err != nil {
-				con.PrintErrorf("ext args error: %s\n", err)
-				return
-			}
+		extensionArgs, err = getExtArgs(cmd, args, binPath, ext)
+		if err != nil {
+			con.PrintErrorf("ext args error: %s\n", err)
+			return
 		}
 		extName = ext.CommandName
 		entryPoint = ext.Entrypoint
@@ -558,6 +552,12 @@ func getExtArgs(cmd *cobra.Command, args []string, binPath string, ext *ExtComma
 	// Parse BOF arguments from grumble
 	missingRequiredArgs := make([]string, 0)
 
+	// If we have an extension that expects a single string, but more than one has been parsed, combine them
+	if len(ext.Arguments) == 1 && strings.Contains(ext.Arguments[0].Type, "string") {
+		// The loop below will only read the first element of args because ext.Arguments is 1
+		args[0] = strings.Join(args, " ")
+	}
+
 	for _, arg := range ext.Arguments {
 		// If we don't have any positional words left to consume,
 		// add the remaining required extension arguments in the