Implement failed build notifications

BishopFox · Oct 16, 2022 · 3cb0353 · 3cb0353
1 parent 85d2388
commit 3cb0353
Show file tree

Hide file tree

Showing 4 changed files with 64 additions and 14 deletions.
diff --git a/client/command/generate/generate.go b/client/command/generate/generate.go
@@ -111,7 +111,7 @@ func GenerateCmd(ctx *grumble.Context, con *console.SliverConsoleClient) {
 				con.PrintErrorf("Invalid target %s\n", fmt.Sprintf("%s:%s/%s", config.Format, config.GOOS, config.GOARCH))
 				con.PrintErrorf("See 'builders' command for more information\n")
 			} else {
-				con.PrintErrorf("%s", err)
+				con.PrintErrorf("%s\n", err)
 			}
 			return
 		}
@@ -662,6 +662,14 @@ func externalBuild(config *clientpb.ImplantConfig, save string, con *console.Sli
 	}
 	start := time.Now()
 
+	listenerID, listener := con.CreateEventListener()
+
+	waiting := true
+	spinner := spin.New()
+
+	sigint := make(chan os.Signal, 1) // Catch keyboard interrupts
+	signal.Notify(sigint, os.Interrupt)
+
 	con.PrintInfof("Creating external build ... ")
 	externalImplantConfig, err := con.Rpc.GenerateExternal(context.Background(), &clientpb.ExternalGenerateReq{
 		Config:      config,
@@ -673,31 +681,32 @@ func externalBuild(config *clientpb.ImplantConfig, save string, con *console.Sli
 	}
 	con.Printf("done\n")
 
-	listenerID, listener := con.CreateEventListener()
-
-	waiting := true
-	spinner := spin.New()
-
-	sigint := make(chan os.Signal, 1)
-	signal.Notify(sigint, os.Interrupt)
-
-	msgF := "Waiting for external builder to acknowledge build %s (template: %s) ... %s"
-
 	var name string
+	msgF := "Waiting for external builder to acknowledge build (template: %s) ... %s"
 	for waiting {
 		select {
 
 		case <-time.After(100 * time.Millisecond):
 			elapsed := time.Since(start)
-			msg := fmt.Sprintf(msgF, externalImplantConfig.Config.Name, externalImplantConfig.Config.TemplateName, elapsed.Round(time.Second))
+			msg := fmt.Sprintf(msgF, externalImplantConfig.Config.TemplateName, elapsed.Round(time.Second))
 			fmt.Fprintf(con.App.Stdout(), console.Clearln+" %s  %s", spinner.Next(), msg)
 
 		case event := <-listener:
 			switch event.EventType {
 
+			case consts.ExternalBuildFailedEvent:
+				parts := strings.SplitN(string(event.Data), ":", 2)
+				if len(parts) != 2 {
+					continue
+				}
+				if parts[0] == externalImplantConfig.Config.ID {
+					con.RemoveEventListener(listenerID)
+					return nil, fmt.Errorf("external build failed: %s", parts[1])
+				}
+
 			case consts.AcknowledgeBuildEvent:
 				if string(event.Data) == externalImplantConfig.Config.ID {
-					msgF = "External build %s (template: %s) acknowledged by builder ... %s"
+					msgF = "External build acknowledged by builder (template: %s) ... %s"
 				}
 
 			case consts.ExternalBuildCompletedEvent:

diff --git a/client/constants/constants.go b/client/constants/constants.go
@@ -92,6 +92,7 @@ const (
 	// ExternalBuildEvent
 	ExternalBuildEvent          = "external-build"
 	AcknowledgeBuildEvent       = "external-acknowledge"
+	ExternalBuildFailedEvent    = "external-build-failed"
 	ExternalBuildCompletedEvent = "external-build-completed"
 
 	// WireGuardNewPeer - New Wireguard peer added

diff --git a/server/builder/builder.go b/server/builder/builder.go
@@ -117,18 +117,36 @@ func handleBuildEvent(externalBuilder *clientpb.Builder, event *clientpb.Event,
 	})
 	if err != nil {
 		builderLog.Errorf("Failed to get implant config: %s", err)
+		rpc.BuilderTrigger(context.Background(), &clientpb.Event{
+			EventType: consts.ExternalBuildFailedEvent,
+			Data:      []byte(fmt.Sprintf("%s:%s", implantConfigID, err.Error())),
+		})
 		return
 	}
 	if extConfig == nil {
 		builderLog.Errorf("nil extConfig")
+		rpc.BuilderTrigger(context.Background(), &clientpb.Event{
+			EventType: consts.ExternalBuildFailedEvent,
+			Data:      []byte(fmt.Sprintf("%s:%s", implantConfigID, "nil external config")),
+		})
 		return
 	}
 	if !isSupportedTarget(externalBuilder.Targets, extConfig.Config) {
 		builderLog.Warnf("Skipping event, unsupported target %s:%s/%s", extConfig.Config.Format, extConfig.Config.GOOS, extConfig.Config.GOARCH)
+		rpc.BuilderTrigger(context.Background(), &clientpb.Event{
+			EventType: consts.ExternalBuildFailedEvent,
+			Data: []byte(
+				fmt.Sprintf("%s:%s", implantConfigID, fmt.Sprintf("unsupported target %s:%s/%s", extConfig.Config.Format, extConfig.Config.GOOS, extConfig.Config.GOARCH)),
+			),
+		})
 		return
 	}
 	if extConfig.Config.TemplateName != "sliver" {
-		builderLog.Warnf("Skipping event, unsupported template '%s'", extConfig.Config.TemplateName)
+		builderLog.Warnf("Reject event, unsupported template '%s'", extConfig.Config.TemplateName)
+		rpc.BuilderTrigger(context.Background(), &clientpb.Event{
+			EventType: consts.ExternalBuildFailedEvent,
+			Data:      []byte(fmt.Sprintf("%s:%s", implantConfigID, "Unsupported template")),
+		})
 		return
 	}
 
@@ -138,6 +156,10 @@ func handleBuildEvent(externalBuilder *clientpb.Builder, event *clientpb.Event,
 	err = util.AllowedName(extConfig.Config.Name)
 	if err != nil {
 		builderLog.Errorf("Invalid implant name: %s", err)
+		rpc.BuilderTrigger(context.Background(), &clientpb.Event{
+			EventType: consts.ExternalBuildFailedEvent,
+			Data:      []byte(fmt.Sprintf("%s:%s", implantConfigID, err.Error())),
+		})
 		return
 	}
 	_, extModel := generate.ImplantConfigFromProtobuf(extConfig.Config)
@@ -163,17 +185,29 @@ func handleBuildEvent(externalBuilder *clientpb.Builder, event *clientpb.Event,
 		fPath, err = generate.SliverShellcode(extConfig.Config.Name, extConfig.OTPSecret, extModel, false)
 	default:
 		builderLog.Errorf("invalid output format: %s", extConfig.Config.Format)
+		rpc.BuilderTrigger(context.Background(), &clientpb.Event{
+			EventType: consts.ExternalBuildFailedEvent,
+			Data:      []byte(fmt.Sprintf("%s:%s", implantConfigID, err.Error())),
+		})
 		return
 	}
 	if err != nil {
 		builderLog.Errorf("Failed to generate sliver: %s", err)
+		rpc.BuilderTrigger(context.Background(), &clientpb.Event{
+			EventType: consts.ExternalBuildFailedEvent,
+			Data:      []byte(fmt.Sprintf("%s:%s", implantConfigID, err.Error())),
+		})
 		return
 	}
 	builderLog.Infof("Build completed successfully: %s", fPath)
 
 	data, err := os.ReadFile(fPath)
 	if err != nil {
 		builderLog.Errorf("Failed to read generated sliver: %s", err)
+		rpc.BuilderTrigger(context.Background(), &clientpb.Event{
+			EventType: consts.ExternalBuildFailedEvent,
+			Data:      []byte(fmt.Sprintf("%s:%s", implantConfigID, err.Error())),
+		})
 		return
 	}
 
@@ -193,6 +227,10 @@ func handleBuildEvent(externalBuilder *clientpb.Builder, event *clientpb.Event,
 	})
 	if err != nil {
 		builderLog.Errorf("Failed to save build: %s", err)
+		rpc.BuilderTrigger(context.Background(), &clientpb.Event{
+			EventType: consts.ExternalBuildFailedEvent,
+			Data:      []byte(fmt.Sprintf("%s:%s", implantConfigID, err.Error())),
+		})
 		return
 	}
 	rpc.BuilderTrigger(context.Background(), &clientpb.Event{

diff --git a/server/rpc/rpc-generate.go b/server/rpc/rpc-generate.go
@@ -433,6 +433,8 @@ func (rpc *Server) BuilderTrigger(ctx context.Context, req *clientpb.Event) (*co
 	switch req.EventType {
 
 	// Only allow certain event types to be triggered
+	case consts.ExternalBuildFailedEvent:
+		fallthrough
 	case consts.AcknowledgeBuildEvent:
 		fallthrough
 	case consts.ExternalBuildCompletedEvent: