httpservefile

package
v1.9.2 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Feb 22, 2024 License: Apache-2.0 Imports: 12 Imported by: 2

Documentation

Overview

httpservefile c2 spawns an HTTP or HTTPS server and hosts arbitrary user-provided files. The normal use case is for an exploit to curl/wget the file and execute it. This is useful to spawn connections to other tools (e.g. Metasploit, nc, etc.) or to go-exploit. This is not a traditional "c2" but serves as a useful backend that logically plugs into our c2 design.

Files are provided on the command line as a comma delimited string. For example:

-httpServeFile.FilesToServe ./build/reverse_shell_windows-arm64.exe,./build/reverse_shell_linux-amd64

The above will load two files: a windows reverse shell and a linux reverse shell. This c2 will then generate random names for the files and host them on an HTTP / HTTPS server. To interact with the files from an implementing exploit, you can fetch the filename to random name mapping using GetRandomName(). For example:

httpservefile.GetInstance().GetRandomName(linux64)

Where linux64 is a variable that contains "reverse_shell_linux-amd64".

If you are only hosting one file, then GetRandom("") will also return your one file.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type HostedFile added in v1.3.0

type HostedFile struct {
	// The user provided filename
	RealName string
	// A randomly generated filename to serve
	RandomName string
	// The file's data
	FileData []byte
}

type Server

type Server struct {
	// The HTTP address to bind to
	HTTPAddr string
	// The HTTP port to bind to
	HTTPPort int
	// Set to the Server field in HTTP response
	ServerField string
	// Indicates if TLS should be enabled
	TLS bool
	// The file path to the user provided private key (if provided)
	PrivateKeyFile string
	// The file path to the user provided certificate (if provided)
	CertificateFile string
	// Loaded certificate
	Certificate tls.Certificate
	// A map of hosted files
	HostedFiles map[string]HostedFile // RealName -> struct
	// A comma delimited list of all the files to serve
	FilesToServe string
}

func GetInstance

func GetInstance() *Server

A basic singleton interface for the c2.

func (*Server) CreateFlags

func (httpServer *Server) CreateFlags()

User options for serving a file over HTTP as the "c2".

func (*Server) GetRandomName added in v1.3.0

func (httpServer *Server) GetRandomName(filename string) string

Returns the random name of the provided filename. If filename is empty, return the first entry.

func (*Server) Init

func (httpServer *Server) Init(rhostAddr string, rhostPort int, isClient bool) bool

load the provided files into memory, stored in a map, and loads the tls cert if needed.

func (*Server) Run

func (httpServer *Server) Run(timeout int)

start the HTTP server and listen for incoming requests for `httpServer.FileName`.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL