Command tree refactoring for some stuff

BishopFox · Aug 27, 2023 · a7f56eb · a7f56eb
1 parent 0f27771
commit a7f56eb
Show file tree

Hide file tree

Showing 34 changed files with 1,278 additions and 479 deletions.
diff --git a/client/command/dns/commands.go b/client/command/dns/commands.go
@@ -0,0 +1,60 @@
+package dns
+
+/*
+   Sliver Implant Framework
+   Copyright (C) 2019  Bishop Fox
+
+   This program is free software: you can redistribute it and/or modify
+   it under the terms of the GNU General Public License as published by
+   the Free Software Foundation, either version 3 of the License, or
+   (at your option) any later version.
+
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+   GNU General Public License for more details.
+
+   You should have received a copy of the GNU General Public License
+   along with this program.  If not, see <https://www.gnu.org/licenses/>.
+*/
+
+import (
+	"github.com/spf13/cobra"
+	"github.com/spf13/pflag"
+
+	"github.com/bishopfox/sliver/client/command/flags"
+	"github.com/bishopfox/sliver/client/command/generate"
+	"github.com/bishopfox/sliver/client/command/help"
+	"github.com/bishopfox/sliver/client/console"
+	consts "github.com/bishopfox/sliver/client/constants"
+)
+
+// Commands returns the `dns` command and its subcommands.
+func Commands(con *console.SliverClient) []*cobra.Command {
+	dnsCmd := &cobra.Command{
+		Use:     consts.DnsStr,
+		Short:   "DNS handlers management",
+		GroupID: consts.NetworkHelpGroup,
+	}
+
+	listenCmd := &cobra.Command{
+		Use:   consts.ListenStr,
+		Short: "Start a DNS listener",
+		Long:  help.GetHelpFor([]string{consts.DnsStr}),
+		Run: func(cmd *cobra.Command, args []string) {
+			ListenCmd(cmd, con, args)
+		},
+	}
+	dnsCmd.AddCommand(listenCmd)
+
+	flags.Bind("DNS listener", false, listenCmd, func(f *pflag.FlagSet) {
+		f.StringP("domains", "d", "", "parent domain(s) to use for DNS c2")
+		f.BoolP("no-canaries", "c", false, "disable dns canary detection")
+		f.StringP("lhost", "L", "", "interface to bind server to")
+		f.Uint32P("lport", "l", generate.DefaultDNSLPort, "udp listen port")
+		f.BoolP("disable-otp", "D", false, "disable otp authentication")
+		f.BoolP("persistent", "p", false, "make persistent across restarts")
+	})
+
+	return []*cobra.Command{dnsCmd}
+}
diff --git a/client/command/jobs/dns.go → client/command/dns/listen.go b/client/command/jobs/dns.go → client/command/dns/listen.go
@@ -1,4 +1,4 @@
-package jobs
+package dns
 
 /*
 	Sliver Implant Framework
@@ -28,8 +28,8 @@ import (
 	"github.com/bishopfox/sliver/protobuf/clientpb"
 )
 
-// DNSListenerCmd - Start a DNS lisenter.
-func DNSListenerCmd(cmd *cobra.Command, con *console.SliverClient, args []string) {
+// ListenCmd - Start a DNS lisenter.
+func ListenCmd(cmd *cobra.Command, con *console.SliverClient, args []string) {
 	domainsF, _ := cmd.Flags().GetString("domains")
 	domains := strings.Split(domainsF, ",")
 	for index, domain := range domains {

diff --git a/client/command/exec/commands.go b/client/command/exec/commands.go
@@ -179,52 +179,6 @@ func Commands(con *console.SliverClient) []*cobra.Command {
 	})
 	carapace.Gen(migrateCmd).PositionalCompletion(carapace.ActionValues().Usage("PID of process to migrate into"))
 
-	msfCmd := &cobra.Command{
-		Use:   consts.MsfStr,
-		Short: "Execute an MSF payload in the current process",
-		Long:  help.GetHelpFor([]string{consts.MsfStr}),
-		Run: func(cmd *cobra.Command, args []string) {
-			MsfCmd(cmd, con, args)
-		},
-		GroupID: consts.ExecutionHelpGroup,
-	}
-	flags.Bind("", false, msfCmd, func(f *pflag.FlagSet) {
-		f.StringP("payload", "m", "meterpreter_reverse_https", "msf payload")
-		f.StringP("lhost", "L", "", "listen host")
-		f.IntP("lport", "l", 4444, "listen port")
-		f.StringP("encoder", "e", "", "msf encoder")
-		f.IntP("iterations", "i", 1, "iterations of the encoder")
-
-		f.Int64P("timeout", "t", flags.DefaultTimeout, "grpc timeout in seconds")
-	})
-	completers.NewFlagCompsFor(msfCmd, func(comp *carapace.ActionMap) {
-		(*comp)["encoder"] = generate.MsfEncoderCompleter(con)
-		(*comp)["payload"] = generate.MsfPayloadCompleter(con)
-	})
-
-	msfInjectCmd := &cobra.Command{
-		Use:   consts.MsfInjectStr,
-		Short: "Inject an MSF payload into a process",
-		Long:  help.GetHelpFor([]string{consts.MsfInjectStr}),
-		Run: func(cmd *cobra.Command, args []string) {
-			MsfInjectCmd(cmd, con, args)
-		},
-		GroupID: consts.ExecutionHelpGroup,
-	}
-	flags.Bind("", false, msfInjectCmd, func(f *pflag.FlagSet) {
-		f.IntP("pid", "p", -1, "pid to inject into")
-		f.StringP("payload", "m", "meterpreter_reverse_https", "msf payload")
-		f.StringP("lhost", "L", "", "listen host")
-		f.IntP("lport", "l", 4444, "listen port")
-		f.StringP("encoder", "e", "", "msf encoder")
-		f.IntP("iterations", "i", 1, "iterations of the encoder")
-
-		f.Int64P("timeout", "t", flags.DefaultTimeout, "grpc timeout in seconds")
-	})
-	completers.NewFlagCompsFor(msfInjectCmd, func(comp *carapace.ActionMap) {
-		(*comp)["encoder"] = generate.MsfEncoderCompleter(con)
-	})
-
 	psExecCmd := &cobra.Command{
 		Use:   consts.PsExecStr,
 		Short: "Start a sliver service on a remote target",
@@ -283,5 +237,5 @@ func Commands(con *console.SliverClient) []*cobra.Command {
 	carapace.Gen(sshCmd).PositionalCompletion(carapace.ActionValues().Usage("remote host to SSH to (required)"))
 	carapace.Gen(sshCmd).PositionalAnyCompletion(carapace.ActionValues().Usage("command line with arguments"))
 
-	return []*cobra.Command{executeCmd, executeAssemblyCmd, executeShellcodeCmd, sideloadCmd, spawnDllCmd, migrateCmd, msfCmd, msfInjectCmd, psExecCmd, sshCmd}
+	return []*cobra.Command{executeCmd, executeAssemblyCmd, executeShellcodeCmd, sideloadCmd, spawnDllCmd, migrateCmd, psExecCmd, sshCmd}
 }
diff --git a/client/command/generate/commands.go b/client/command/generate/commands.go
@@ -8,6 +8,7 @@ import (
 	"github.com/bishopfox/sliver/client/command/completers"
 	"github.com/bishopfox/sliver/client/command/flags"
 	"github.com/bishopfox/sliver/client/command/help"
+	"github.com/bishopfox/sliver/client/command/transports"
 	"github.com/bishopfox/sliver/client/console"
 	consts "github.com/bishopfox/sliver/client/constants"
 )
@@ -88,44 +89,6 @@ func Commands(con *console.SliverClient) []*cobra.Command {
 	}
 	generateCmd.AddCommand(generateInfoCmd)
 
-	// Traffic Encoder SubCommands
-	trafficEncodersCmd := &cobra.Command{
-		Use:   consts.TrafficEncodersStr,
-		Short: "Manage implant traffic encoders",
-		Long:  help.GetHelpFor([]string{consts.GenerateStr, consts.TrafficEncodersStr}),
-		Run: func(cmd *cobra.Command, args []string) {
-			TrafficEncodersCmd(cmd, con, args)
-		},
-	}
-	generateCmd.AddCommand(trafficEncodersCmd)
-
-	trafficEncodersAddCmd := &cobra.Command{
-		Use:   consts.AddStr,
-		Short: "Add a new traffic encoder to the server from the local file system",
-		Long:  help.GetHelpFor([]string{consts.GenerateStr, consts.TrafficEncodersStr, consts.AddStr}),
-		Args:  cobra.ExactArgs(1),
-		Run: func(cmd *cobra.Command, args []string) {
-			TrafficEncodersAddCmd(cmd, con, args)
-		},
-	}
-	flags.Bind("", false, trafficEncodersAddCmd, func(f *pflag.FlagSet) {
-		f.BoolP("skip-tests", "s", false, "skip testing the traffic encoder (not recommended)")
-	})
-	carapace.Gen(trafficEncodersAddCmd).PositionalCompletion(carapace.ActionFiles("wasm").Tag("wasm files").Usage("local file path (expects .wasm)"))
-	trafficEncodersCmd.AddCommand(trafficEncodersAddCmd)
-
-	trafficEncodersRmCmd := &cobra.Command{
-		Use:   consts.RmStr,
-		Short: "Remove a traffic encoder from the server",
-		Long:  help.GetHelpFor([]string{consts.GenerateStr, consts.TrafficEncodersStr, consts.RmStr}),
-		Args:  cobra.ExactArgs(1),
-		Run: func(cmd *cobra.Command, args []string) {
-			TrafficEncodersRemoveCmd(cmd, con, args)
-		},
-	}
-	carapace.Gen(trafficEncodersRmCmd).PositionalCompletion(TrafficEncodersCompleter(con).Usage("traffic encoder to remove"))
-	trafficEncodersCmd.AddCommand(trafficEncodersRmCmd)
-
 	// [ Regenerate ] --------------------------------------------------------------
 
 	regenerateCmd := &cobra.Command{
@@ -349,7 +312,7 @@ func coreImplantFlagCompletions(cmd *cobra.Command, con *console.SliverClient) {
 		(*comp)["strategy"] = carapace.ActionValuesDescribed([]string{"r", "random", "rd", "random domain", "s", "sequential"}...).Tag("C2 strategy")
 		(*comp)["format"] = FormatCompleter()
 		(*comp)["save"] = carapace.ActionFiles().Tag("directory/file to save implant")
-		(*comp)["traffic-encoders"] = TrafficEncodersCompleter(con).UniqueList(",")
+		(*comp)["traffic-encoders"] = transports.TrafficEncodersCompleter(con).UniqueList(",")
 	})
 }
 

diff --git a/client/command/generate/helpers.go b/client/command/generate/helpers.go
@@ -147,36 +147,6 @@ func FormatCompleter() carapace.Action {
 	})
 }
 
-// TrafficEncoderCompleter - Completes the names of traffic encoders.
-func TrafficEncodersCompleter(con *console.SliverClient) carapace.Action {
-	return carapace.ActionCallback(func(c carapace.Context) carapace.Action {
-		if msg, err := con.PreRunComplete(); err != nil {
-			return msg
-		}
-
-		grpcCtx, cancel := con.GrpcContext(nil)
-		defer cancel()
-		trafficEncoders, err := con.Rpc.TrafficEncoderMap(grpcCtx, &commonpb.Empty{})
-		if err != nil {
-			return carapace.ActionMessage("failed to fetch traffic encoders: %s", con.UnwrapServerErr(err))
-		}
-
-		results := []string{}
-		for _, encoder := range trafficEncoders.Encoders {
-			results = append(results, encoder.Wasm.Name)
-			skipTests := ""
-			if encoder.SkipTests {
-				skipTests = "[skip-tests]"
-			}
-			desc := fmt.Sprintf("(Wasm: %s) %s", encoder.Wasm.Name, skipTests)
-			results = append(results, desc)
-		}
-
-		return carapace.ActionValuesDescribed(results...).Tag("traffic encoders").
-			Invoke(c).Filter(c.Args).ToA()
-	}).Cache(completers.CacheCompilerInfo)
-}
-
 // MsfFormatCompleter completes MsfVenom stager formats.
 func MsfFormatCompleter(con *console.SliverClient) carapace.Action {
 	return carapace.ActionCallback(func(_ carapace.Context) carapace.Action {

diff --git a/client/command/http/commands.go b/client/command/http/commands.go
@@ -0,0 +1,95 @@
+package http
+
+/*
+   Sliver Implant Framework
+   Copyright (C) 2019  Bishop Fox
+
+   This program is free software: you can redistribute it and/or modify
+   it under the terms of the GNU General Public License as published by
+   the Free Software Foundation, either version 3 of the License, or
+   (at your option) any later version.
+
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+   GNU General Public License for more details.
+
+   You should have received a copy of the GNU General Public License
+   along with this program.  If not, see <https://www.gnu.org/licenses/>.
+*/
+
+import (
+	"github.com/rsteube/carapace"
+	"github.com/spf13/cobra"
+	"github.com/spf13/pflag"
+
+	"github.com/bishopfox/sliver/client/command/completers"
+	"github.com/bishopfox/sliver/client/command/flags"
+	"github.com/bishopfox/sliver/client/command/generate"
+	"github.com/bishopfox/sliver/client/command/help"
+	"github.com/bishopfox/sliver/client/console"
+	consts "github.com/bishopfox/sliver/client/constants"
+)
+
+// Commands returns the `http` command and its subcommands.
+func Commands(con *console.SliverClient) []*cobra.Command {
+	httpCmd := &cobra.Command{
+		Use:     consts.HttpStr,
+		Short:   "HTTP handlers management",
+		GroupID: consts.NetworkHelpGroup,
+	}
+
+	// Sliver listeners
+	listenCmd := &cobra.Command{
+		Use:   consts.ListenStr,
+		Short: "Start an HTTP listener",
+		Long:  help.GetHelpFor([]string{consts.HttpStr}),
+		Run: func(cmd *cobra.Command, args []string) {
+			ListenCmd(cmd, con, args)
+		},
+	}
+	httpCmd.AddCommand(listenCmd)
+
+	flags.Bind("HTTP listener", false, listenCmd, func(f *pflag.FlagSet) {
+		f.StringP("domain", "d", "", "limit responses to specific domain")
+		f.StringP("website", "w", "", "website name (see websites cmd)")
+		f.StringP("lhost", "L", "", "interface to bind server to")
+		f.Uint32P("lport", "l", generate.DefaultHTTPLPort, "tcp listen port")
+		f.BoolP("disable-otp", "D", false, "disable otp authentication")
+		f.StringP("long-poll-timeout", "T", "1s", "server-side long poll timeout")
+		f.StringP("long-poll-jitter", "J", "2s", "server-side long poll jitter")
+		f.BoolP("persistent", "p", false, "make persistent across restarts")
+	})
+
+	// Staging listeners
+	stageCmd := &cobra.Command{
+		Use:   consts.ServeStr,
+		Short: "Start a stager listener",
+		Long:  help.GetHelpFor([]string{consts.StageListenerStr}),
+		Run: func(cmd *cobra.Command, args []string) {
+			ServeStageCmd(cmd, con, args)
+		},
+	}
+	httpCmd.AddCommand(stageCmd)
+
+	flags.Bind("stage listener", false, stageCmd, func(f *pflag.FlagSet) {
+		f.StringP("profile", "p", "", "implant profile name to link with the listener")
+		f.StringP("url", "u", "", "URL to which the stager will call back to")
+		f.StringP("cert", "c", "", "path to PEM encoded certificate file (HTTPS only)")
+		f.StringP("key", "k", "", "path to PEM encoded private key file (HTTPS only)")
+		f.BoolP("lets-encrypt", "e", false, "attempt to provision a let's encrypt certificate (HTTPS only)")
+		f.String("aes-encrypt-key", "", "encrypt stage with AES encryption key")
+		f.String("aes-encrypt-iv", "", "encrypt stage with AES encryption iv")
+		f.String("rc4-encrypt-key", "", "encrypt stage with RC4 encryption key")
+		f.StringP("compress", "C", "none", "compress the stage before encrypting (zlib, gzip, deflate9, none)")
+		f.BoolP("prepend-size", "P", false, "prepend the size of the stage to the payload (to use with MSF stagers)")
+	})
+	completers.NewFlagCompsFor(stageCmd, func(comp *carapace.ActionMap) {
+		(*comp)["profile"] = generate.ProfileNameCompleter(con)
+		(*comp)["cert"] = carapace.ActionFiles().Tag("certificate file")
+		(*comp)["key"] = carapace.ActionFiles().Tag("key file")
+		(*comp)["compress"] = carapace.ActionValues([]string{"zlib", "gzip", "deflate9", "none"}...).Tag("compression formats")
+	})
+
+	return []*cobra.Command{httpCmd}
+}
diff --git a/client/command/jobs/http.go → client/command/http/listen.go b/client/command/jobs/http.go → client/command/http/listen.go
@@ -1,4 +1,4 @@
-package jobs
+package http
 
 /*
 	Sliver Implant Framework
@@ -28,8 +28,8 @@ import (
 	"github.com/bishopfox/sliver/protobuf/clientpb"
 )
 
-// HTTPListenerCmd - Start an HTTP listener.
-func HTTPListenerCmd(cmd *cobra.Command, con *console.SliverClient, args []string) {
+// ListenCmd - Start an HTTP listener.
+func ListenCmd(cmd *cobra.Command, con *console.SliverClient, args []string) {
 	domain, _ := cmd.Flags().GetString("domain")
 	lhost, _ := cmd.Flags().GetString("lhost")
 	lport, _ := cmd.Flags().GetUint32("lport")