wip on external builder cli

BishopFox · Sep 27, 2022 · dd9bb01 · dd9bb01
1 parent 0df56e5
commit dd9bb01
Show file tree

Hide file tree

Showing 6 changed files with 261 additions and 15 deletions.
diff --git a/server/builder/builder.go b/server/builder/builder.go
@@ -0,0 +1,133 @@
+package builder
+
+/*
+	Sliver Implant Framework
+	Copyright (C) 2022  Bishop Fox
+
+	This program is free software: you can redistribute it and/or modify
+	it under the terms of the GNU General Public License as published by
+	the Free Software Foundation, either version 3 of the License, or
+	(at your option) any later version.
+
+	This program is distributed in the hope that it will be useful,
+	but WITHOUT ANY WARRANTY; without even the implied warranty of
+	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+	GNU General Public License for more details.
+
+	You should have received a copy of the GNU General Public License
+	along with this program.  If not, see <https://www.gnu.org/licenses/>.
+*/
+
+import (
+	"context"
+	"io"
+	"os"
+	"os/signal"
+
+	consts "github.com/bishopfox/sliver/client/constants"
+	"github.com/bishopfox/sliver/protobuf/clientpb"
+	"github.com/bishopfox/sliver/protobuf/commonpb"
+	"github.com/bishopfox/sliver/protobuf/rpcpb"
+	"github.com/bishopfox/sliver/server/log"
+)
+
+var (
+	builderLog = log.NamedLogger("builder", "sliver")
+)
+
+type Config struct {
+	GOOSs   []string
+	GOARCHs []string
+	Formats []clientpb.OutputFormat
+}
+
+// StartBuilder - main entry point for the builder
+func StartBuilder(rpc rpcpb.SliverRPCClient, conf Config) {
+
+	sigint := make(chan os.Signal, 1)
+	signal.Notify(sigint, os.Interrupt)
+
+	events := buildEvents(rpc)
+
+	builderLog.Infof("Started process as external builder")
+	builder := sliverBuilder{
+		rpc:    rpc,
+		config: conf,
+	}
+	// Wait for signal or builds
+	for {
+		select {
+		case <-sigint:
+			return
+		case event := <-events:
+			go builder.HandleBuildEvent(event)
+		}
+	}
+}
+
+type sliverBuilder struct {
+	rpc    rpcpb.SliverRPCClient
+	config Config
+}
+
+func buildEvents(rpc rpcpb.SliverRPCClient) <-chan *clientpb.Event {
+	eventStream, err := rpc.Events(context.Background(), &commonpb.Empty{})
+	if err != nil {
+		builderLog.Fatal(err)
+	}
+	events := make(chan *clientpb.Event)
+	go func() {
+		for {
+			event, err := eventStream.Recv()
+			if err == io.EOF || event == nil {
+				return
+			}
+
+			// Trigger event based on type
+			switch event.EventType {
+			case consts.BuildEvent:
+				events <- event
+			}
+		}
+	}()
+	return events
+}
+
+// HandleBuildEvent - Handle an individual build event
+func (b *sliverBuilder) HandleBuildEvent(event *clientpb.Event) {
+	implantConfigID := string(event.Data)
+	builderLog.Infof("Build event for implant config id: %s", implantConfigID)
+	implantConf, err := b.rpc.GenerateExternalGetImplantConfig(context.Background(), &clientpb.ImplantConfig{
+		ID: implantConfigID,
+	})
+	if err != nil {
+		builderLog.Errorf("Failed to get implant config: %s", err)
+		return
+	}
+
+	// check to see if the event matches a target we're configured to build for
+	if !contains(b.config.GOOSs, implantConf.Config.GOOS) {
+		builderLog.Warnf("This builder is not configured to build for goos %s, ignore event", implantConf.Config.GOOS)
+		return
+	}
+	if !contains(b.config.GOARCHs, implantConf.Config.GOARCH) {
+		builderLog.Warnf("This builder is not configured to build for goarch %s, ignore event", implantConf.Config.GOARCH)
+		return
+	}
+	if !contains(b.config.Formats, implantConf.Config.Format) {
+		builderLog.Warnf("This builder is not configured to build for format %s, ignore event", implantConf.Config.Format)
+		return
+	}
+
+	builderLog.Infof("Building for %s/%s (format: %s)", implantConf.Config.GOOS, implantConf.Config.GOARCH, implantConf.Config.Format)
+
+}
+
+func contains[T comparable](elems []T, v T) bool {
+	for _, s := range elems {
+		if v == s {
+			return true
+		}
+	}
+	return false
+}
diff --git a/server/cli/builder.go b/server/cli/builder.go
@@ -0,0 +1,105 @@
+package cli
+
+/*
+	Sliver Implant Framework
+	Copyright (C) 2022  Bishop Fox
+
+	This program is free software: you can redistribute it and/or modify
+	it under the terms of the GNU General Public License as published by
+	the Free Software Foundation, either version 3 of the License, or
+	(at your option) any later version.
+
+	This program is distributed in the hope that it will be useful,
+	but WITHOUT ANY WARRANTY; without even the implied warranty of
+	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+	GNU General Public License for more details.
+
+	You should have received a copy of the GNU General Public License
+	along with this program.  If not, see <https://www.gnu.org/licenses/>.
+*/
+
+import (
+	"os"
+	"runtime/debug"
+	"strings"
+
+	clientAssets "github.com/bishopfox/sliver/client/assets"
+	"github.com/bishopfox/sliver/client/transport"
+	"github.com/bishopfox/sliver/protobuf/clientpb"
+	"github.com/bishopfox/sliver/server/builder"
+	"github.com/bishopfox/sliver/server/log"
+	"github.com/spf13/cobra"
+)
+
+var (
+	builderLog = log.NamedLogger("cli", "builder")
+)
+
+var builderCmd = &cobra.Command{
+	Use:   "builder",
+	Short: "Start the process as an external builder",
+	Long:  ``,
+	Run: func(cmd *cobra.Command, args []string) {
+		defer func() {
+			if r := recover(); r != nil {
+				builderLog.Printf("panic:\n%s", debug.Stack())
+				builderLog.Fatalf("stacktrace from panic: \n" + string(debug.Stack()))
+				os.Exit(99)
+			}
+		}()
+
+		configPath, err := cmd.Flags().GetString(operatorConfigFlagStr)
+		if err != nil {
+			builderLog.Fatalf("Failed to parse --%s flag %s\n", operatorConfigFlagStr, err)
+			return
+		}
+
+		builderConfig := parseBuilderConfigFlags(cmd)
+
+		// load the client configuration from the filesystem
+		config, err := clientAssets.ReadConfig(configPath)
+		if err != nil {
+			builderLog.Fatalf("Invalid config file: %s", err)
+		}
+		// connect to the server
+		rpc, ln, err := transport.MTLSConnect(config)
+		if err != nil {
+			builderLog.Fatalf("Failed to connect to server: %s", err)
+		}
+		defer ln.Close()
+		builder.StartBuilder(rpc, builderConfig)
+	},
+}
+
+func parseBuilderConfigFlags(cmd *cobra.Command) builder.Config {
+	conf := builder.Config{}
+	var err error
+
+	conf.GOOSs, err = cmd.Flags().GetStringSlice(goosFlagStr)
+	if err != nil {
+		builderLog.Fatalf("Failed to parse --%s flag %s\n", goosFlagStr, err)
+	}
+	conf.GOARCHs, err = cmd.Flags().GetStringSlice(goarchFlagStr)
+	if err != nil {
+		builderLog.Fatalf("Failed to parse --%s flag %s\n", goarchFlagStr, err)
+	}
+	rawFormats, err := cmd.Flags().GetStringSlice(formatFlagStr)
+	if err != nil {
+		builderLog.Fatalf("Failed to parse --%s flag %s\n", formatFlagStr, err)
+	}
+
+	for _, rawFormat := range rawFormats {
+		switch strings.ToLower(rawFormat) {
+		case "exe", "executable", "pe":
+			conf.Formats = append(conf.Formats, clientpb.OutputFormat_EXECUTABLE)
+		case "dll", "so", "shared", "dylib", "lib", "library":
+			conf.Formats = append(conf.Formats, clientpb.OutputFormat_SHARED_LIB)
+		case "service":
+			conf.Formats = append(conf.Formats, clientpb.OutputFormat_SERVICE)
+		case "bin", "shellcode":
+			conf.Formats = append(conf.Formats, clientpb.OutputFormat_SHELLCODE)
+		}
+	}
+
+	return conf
+}
diff --git a/server/cli/certs.go b/server/cli/certs.go
@@ -21,7 +21,6 @@ package cli
 import (
 	"encoding/json"
 	"fmt"
-	"io/ioutil"
 	"os"
 	"path/filepath"
 	"strings"
@@ -81,7 +80,7 @@ var cmdImportCA = &cobra.Command{
 			os.Exit(1)
 		}
 
-		data, err := ioutil.ReadFile(load)
+		data, err := os.ReadFile(load)
 		if err != nil {
 			fmt.Printf("Cannot read file %s", err)
 			os.Exit(1)
@@ -147,7 +146,7 @@ var cmdExportCA = &cobra.Command{
 			saveTo = filepath.Join(saveTo, filename)
 		}
 		data, _ := json.Marshal(exportedCA)
-		err = ioutil.WriteFile(saveTo, data, 0600)
+		err = os.WriteFile(saveTo, data, 0600)
 		if err != nil {
 			fmt.Printf("Write failed: %s (%s)\n", saveTo, err)
 			os.Exit(1)

diff --git a/server/cli/cli.go b/server/cli/cli.go
@@ -22,11 +22,11 @@ import (
 	"fmt"
 	"log"
 	"os"
-	"path"
+	"path/filepath"
+	"runtime"
 	"runtime/debug"
 	"strings"
 
-	"github.com/bishopfox/sliver/client/version"
 	"github.com/bishopfox/sliver/server/assets"
 	"github.com/bishopfox/sliver/server/c2"
 	"github.com/bishopfox/sliver/server/certs"
@@ -37,10 +37,6 @@ import (
 	"github.com/spf13/cobra"
 )
 
-var (
-	sliverServerVersion = fmt.Sprintf("v%s", version.FullVersion())
-)
-
 const (
 
 	// Unpack flags
@@ -56,13 +52,20 @@ const (
 	caTypeFlagStr = "type"
 	loadFlagStr   = "load"
 
+	// Builder
+	goosFlagStr           = "os"
+	goarchFlagStr         = "arch"
+	operatorConfigFlagStr = "config"
+	formatFlagStr         = "format"
+
+	// console log file name
 	logFileName = "console.log"
 )
 
 // Initialize logging
-func initLogging(appDir string) *os.File {
+func initConsoleLogging(appDir string) *os.File {
 	log.SetFlags(log.LstdFlags | log.Lshortfile)
-	logFile, err := os.OpenFile(path.Join(appDir, "logs", logFileName), os.O_RDWR|os.O_CREATE|os.O_APPEND, 0600)
+	logFile, err := os.OpenFile(filepath.Join(appDir, "logs", logFileName), os.O_RDWR|os.O_CREATE|os.O_APPEND, 0600)
 	if err != nil {
 		log.Fatalf("Error opening file: %v", err)
 	}
@@ -98,6 +101,13 @@ func init() {
 	daemonCmd.Flags().BoolP(forceFlagStr, "f", false, "force unpack and overwrite static assets")
 	rootCmd.AddCommand(daemonCmd)
 
+	// Builder
+	builderCmd.Flags().StringSliceP(goosFlagStr, "o", []string{runtime.GOOS}, "builder supported os targets")
+	builderCmd.Flags().StringSliceP(goarchFlagStr, "a", []string{runtime.GOARCH}, "builder supported arch targets")
+	builderCmd.Flags().StringSliceP(formatFlagStr, "f", []string{"executable"}, "builder supported formats")
+	builderCmd.Flags().StringP(operatorConfigFlagStr, "c", "", "operator config file path")
+	rootCmd.AddCommand(builderCmd)
+
 	// Version
 	rootCmd.AddCommand(versionCmd)
 }
@@ -111,7 +121,7 @@ var rootCmd = &cobra.Command{
 		// Root command starts the server normally
 
 		appDir := assets.GetRootAppDir()
-		logFile := initLogging(appDir)
+		logFile := initConsoleLogging(appDir)
 		defer logFile.Close()
 
 		defer func() {

diff --git a/server/cli/daemon.go b/server/cli/daemon.go
@@ -37,7 +37,7 @@ var daemonCmd = &cobra.Command{
 		}
 
 		appDir := assets.GetRootAppDir()
-		logFile := initLogging(appDir)
+		logFile := initConsoleLogging(appDir)
 		defer logFile.Close()
 
 		defer func() {

diff --git a/server/cli/operator.go b/server/cli/operator.go
@@ -20,7 +20,6 @@ package cli
 
 import (
 	"fmt"
-	"io/ioutil"
 	"os"
 	"path/filepath"
 
@@ -87,7 +86,7 @@ var operatorCmd = &cobra.Command{
 			filename := fmt.Sprintf("%s_%s.cfg", filepath.Base(name), filepath.Base(lhost))
 			saveTo = filepath.Join(saveTo, filename)
 		}
-		err = ioutil.WriteFile(saveTo, configJSON, 0600)
+		err = os.WriteFile(saveTo, configJSON, 0600)
 		if err != nil {
 			fmt.Printf("Write failed: %s (%s)\n", saveTo, err)
 			os.Exit(1)