From 794db93ec93270b4cb13410952a3d6e128eb6a66 Mon Sep 17 00:00:00 2001 From: moloch-- <875022+moloch--@users.noreply.github.com> Date: Fri, 30 Sep 2022 19:38:19 -0700 Subject: [PATCH] Refactor randomString to randomFileName --- client/command/exec/psexec.go | 35 +++++++++++++++++++++++++++-------- 1 file changed, 27 insertions(+), 8 deletions(-) diff --git a/client/command/exec/psexec.go b/client/command/exec/psexec.go index 34cce6caf9..7165094f6e 100644 --- a/client/command/exec/psexec.go +++ b/client/command/exec/psexec.go @@ -21,17 +21,19 @@ package exec import ( "context" "fmt" - insecureRand "math/rand" "os" "strings" "time" + insecureRand "math/rand" + "github.com/bishopfox/sliver/client/command/generate" "github.com/bishopfox/sliver/client/command/settings" "github.com/bishopfox/sliver/client/console" "github.com/bishopfox/sliver/protobuf/clientpb" "github.com/bishopfox/sliver/protobuf/commonpb" "github.com/bishopfox/sliver/protobuf/sliverpb" + "github.com/bishopfox/sliver/server/codenames" "github.com/bishopfox/sliver/util/encoders" "github.com/desertbit/grumble" ) @@ -101,7 +103,7 @@ func PsExecCmd(ctx *grumble.Context, con *console.SliverConsoleClient) { serviceBinary = fileBytes } - filename := randomString(10) + filename := randomFileName() filePath := fmt.Sprintf("%s\\%s.exe", uploadPath, filename) uploadGzip := new(encoders.Gzip).Encode(serviceBinary) // upload to remote target @@ -172,11 +174,28 @@ func PsExecCmd(ctx *grumble.Context, con *console.SliverConsoleClient) { con.PrintInfof("Successfully removed service %s on %s\n", serviceName, hostname) } -func randomString(length int) string { - var charset = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789" - b := make([]byte, length) - for i := range b { - b[i] = charset[insecureRand.Intn(len(charset))] +func randomFileName() string { + noun, _ := codenames.RandomNoun() + noun = strings.ToLower(noun) + switch insecureRand.Intn(3) { + case 0: + noun = strings.ToUpper(noun) + case 1: + noun = strings.ToTitle(noun) + } + + separators := []string{"", "", "", "", "", ".", "-", "_", "--", "__"} + sep := separators[insecureRand.Intn(len(separators))] + + alphanumeric := "abcdefghijklmnopqrstuvwxyz0123456789" + prefix := "" + for index := 0; index < insecureRand.Intn(3); index++ { + prefix += string(alphanumeric[insecureRand.Intn(len(alphanumeric))]) } - return string(b) + suffix := "" + for index := 0; index < insecureRand.Intn(6); index++ { + suffix += string(alphanumeric[insecureRand.Intn(len(alphanumeric))]) + } + + return fmt.Sprintf("%s%s%s%s%s", prefix, sep, noun, sep, suffix) }