enforce unique startsession extensions

BishopFox · May 20, 2024 · 8737bba · 8737bba
1 parent 97716d2
commit 8737bba
Show file tree

Hide file tree

Showing 4 changed files with 32 additions and 0 deletions.
diff --git a/client/command/c2profiles/c2profiles.go b/client/command/c2profiles/c2profiles.go
@@ -215,6 +215,7 @@ func GenerateC2ProfileCmd(cmd *cobra.Command, con *console.SliverClient, args []
 			return
 		}
 		extensions = append(extensions, confProfile.ImplantConfig.StagerFileExtension)
+		extensions = append(extensions, confProfile.ImplantConfig.StartSessionFileExtension)
 	}
 
 	config, err := C2ConfigToJSON(profileName, profile)

diff --git a/server/configs/http-c2.go b/server/configs/http-c2.go
@@ -58,6 +58,7 @@ var (
 	ErrNonUniqueFileExt           = errors.New("implant config must specify unique file extensions")
 	ErrQueryParamNameLen          = errors.New("implant config url query parameter names must be 3 or more characters")
 	ErrDuplicateStageExt          = errors.New("stager extension is already used in another C2 profile")
+	ErrDuplicateStartSessionExt   = errors.New("start session extension is already used in another C2 profile")
 	ErrDuplicateC2ProfileName     = errors.New("C2 Profile name is already in use")
 	ErrUserAgentIllegalCharacters = errors.New("user agent cannot contain the ` character")
 

diff --git a/server/db/helpers.go b/server/db/helpers.go
@@ -333,6 +333,31 @@ func SearchStageExtensions(stagerExtension string, profileName string) error {
 	return nil
 }
 
+// used to prevent duplicate start session extensions
+func SearchStartSessionExtensions(StartSessionFileExt string, profileName string) error {
+	c2Config := models.HttpC2ImplantConfig{}
+	err := Session().Where(&models.HttpC2ImplantConfig{
+		StartSessionFileExtension: StartSessionFileExt,
+	}).Find(&c2Config).Error
+
+	if err != nil {
+		return err
+	}
+
+	if c2Config.StartSessionFileExtension != "" && profileName != "" {
+		httpC2Config := models.HttpC2Config{}
+		err = Session().Where(&models.HttpC2Config{ID: c2Config.HttpC2ConfigID}).Find(&httpC2Config).Error
+		if err != nil {
+			return err
+		}
+		if httpC2Config.Name == profileName {
+			return nil
+		}
+		return configs.ErrDuplicateStartSessionExt
+	}
+	return nil
+}
+
 func LoadHTTPC2ConfigByName(name string) (*clientpb.HTTPC2Config, error) {
 	if len(name) < 1 {
 		return nil, ErrRecordNotFound

diff --git a/server/rpc/rpc-c2profile.go b/server/rpc/rpc-c2profile.go
@@ -68,6 +68,11 @@ func (rpc *Server) SaveHTTPC2Profile(ctx context.Context, req *clientpb.HTTPC2Co
 		return nil, err
 	}
 
+	err = db.SearchStartSessionExtensions(req.C2Config.ImplantConfig.StartSessionFileExtension, profileName)
+	if err != nil {
+		return nil, err
+	}
+
 	httpC2Config, err := db.LoadHTTPC2ConfigByName(req.C2Config.Name)
 	if err != nil {
 		return nil, err
-Original file line number
+Diff line change
@@ Expand Up @@
     			return
     		}
     		extensions = append(extensions, confProfile.ImplantConfig.StagerFileExtension)
+    		extensions = append(extensions, confProfile.ImplantConfig.StartSessionFileExtension)
     	}
     	config, err := C2ConfigToJSON(profileName, profile)
@@ Expand Down @@