Initial

2023-11-20 17:16:10 -06:00 · 2023-11-20 17:16:10 -06:00 · ad1ceed0dd
commit ad1ceed0dd
9 changed files with 328 additions and 0 deletions
--- a/README.md
+++ b/README.md
@ -0,0 +1,20 @@
+***<GILL>** i suggest you modify your attitude, cause you floatin and im about to **FLUSH** yo ass*
+
+***<GREG>** you get **one** phone call*
+
+***<[el8][HTP][b4b0][APT28][SHADOWBROKERS]xXx_d0lph1n_xXx>** that's all i need...*
+```
+                     (            (    )
+                     )\ ) (     ) )\( /(   (  (           
+              _     (()/( )\ ( /(((_)\()) ))\ )(   (      
+             //\     ((_)|(_))(_))_((_)\ /((_|()\  )\ )  
+            | \/     _| |(_|(_)_| | |(_|_))( ((_)_(_/(  
+            ||~    / _' || / _' | | '_ \ || | '_| ' \))     _     _
+            ||_    \__,_||_\__,_|_|_.__/\_,_|_| |_||_|     [ L___I ]
+            | /\                                          |   ...   |
+           ,@\\/    ,@@@,            ,@@@@@,              |   :::   |
+           @,    ,@@"   "@@@,     ,@@"     "@@@,    ,@@@@"|   '''   |
+           "@@@@@"          "@@@@@"            "@@@@"     '========='
+
+```
+#### as proposed by sad
--- a/agent/main.go
+++ b/agent/main.go
@ -0,0 +1,81 @@
+package main
+
+import (
+	"flag"
+	"net/http"
+	"os"
+	"os/exec"
+	"time"
+
+	"dialburn/common"
+
+	"github.com/gorilla/mux"
+)
+
+var (
+	server  = flag.String("s", "", "server address")
+	testrun = flag.Bool("d", false, "dry run")
+)
+
+func burn() {
+	holla := exec.Command("/bin/bash", "-c", "echo '5hut 1t d0wn ch4rl13 br0wn' | wall; sleep 3")
+	var cmd *exec.Cmd
+	if *testrun {
+		cmd = exec.Command("/bin/bash", "-c", common.DRYRUN)
+	} else {
+		cmd = exec.Command("/bin/bash", "-c", common.BURNCMD)
+	}
+	_ = holla.Run()
+	_ = cmd.Run()
+}
+
+func main() {
+	common.Banner()
+
+	if os.Geteuid() != 0 {
+		common.Fatal("root privileges required")
+	}
+
+	flag.Usage = common.Usage
+	flag.Parse()
+	if *server == "" {
+		common.Fatal("server address required")
+	}
+	req, err := http.NewRequest(http.MethodPut, "http://"+*server+":"+common.SERVLPORT+common.SERVPATH+"/enroll", nil)
+	if err != nil {
+		common.Fatal("error creating server request")
+	}
+
+	client := &http.Client{}
+	resp, err := client.Do(req)
+	if err != nil {
+		common.Fatal("error sending enrollment request")
+	}
+
+	switch resp.StatusCode {
+	case http.StatusConflict:
+		common.Info("already enrolled with this server")
+	case http.StatusAccepted:
+		common.Success("successfully enrolled with dialburn server")
+	default:
+		common.Fatal("error enrolling with dialburn server")
+	}
+
+	r := mux.NewRouter()
+	r.HandleFunc(common.AGENTPATH, func(w http.ResponseWriter, r *http.Request) {
+		w.WriteHeader(http.StatusAccepted)
+		burn()
+	}).Methods("GET")
+	http.Handle("/", r)
+
+	serv := &http.Server{
+		Addr:        ":" + common.AGENTLPORT,
+		Handler:     r,
+		ErrorLog:    nil,
+		IdleTimeout: 10 * time.Second,
+	}
+
+	if err := serv.ListenAndServe(); err != nil {
+		common.Fatal("failed to start http server")
+	}
+}
--- a/bin/dialburn
+++ b/bin/dialburn
--- a/bin/dialburn-server
+++ b/bin/dialburn-server
--- a/common/console.go
+++ b/common/console.go
@ -0,0 +1,55 @@
+package common
+
+import (
+	"fmt"
+	"os"
+)
+
+var (
+	colorReset  = "\033[0m"
+	colorRed    = "\033[31m"
+	colorPurple = "\033[35m"
+	colorCyan   = "\033[36m"
+	colorGreen  = "\033[32m"
+	colorOrange = "\033[91m"
+	colorGray   = "\033[90m"
+	colorYellow = "\033[93m"
+)
+
+func Banner() {
+	fmt.Print(`   
+              (            (    )
+              )\ ) (     ) )\( /(   (  (           
+       _     (()/( )\ ( /(((_)\()) ))\ )(   (      
+      //\     ((_)|(_))(_))_((_)\ /((_|()\  )\ )  
+     | \/     _| |(_|(_)_| | |(_|_))( ((_)_(_/(  
+     ||~    / _' || / _' | | '_ \ || | '_| ' \))     _     _
+     ||_    \__,_||_\__,_|_|_.__/\_,_|_| |_||_|     [ L___I ]
+     | /\                                          |   ...   |
+    ,@\\/    ,@@@,            ,@@@@@,              |   :::   |
+    @,    ,@@"   "@@@,     ,@@"     "@@@,    ,@@@@"|   '''   |
+    "@@@@@"          "@@@@@"            "@@@@"     '========='
+
+`)
+}
+
+func Success(msg string) {
+	fmt.Printf(" %s~+~%s %s\n", colorGreen, colorReset, msg)
+}
+
+func Info(msg string) {
+	fmt.Printf(" %s~i~%s %s\n", colorCyan, colorReset, msg)
+}
+
+func Warning(msg string) {
+	fmt.Printf(" %s~!~%s %s\n", colorYellow, colorReset, msg)
+}
+
+func Fatal(msg string) {
+	fmt.Printf(" %s~f~%s %s\n", colorRed, colorReset, msg)
+	os.Exit(-1)
+}
+
+func Usage() {
+	fmt.Printf(" %s~u~%s usage: dialburn -s <server> [-d (dry run)]\n", colorOrange, colorReset)
+}
--- a/common/globals.go
+++ b/common/globals.go
@ -0,0 +1,14 @@
+package common
+
+var (
+	SERVLPORT  = "37373"
+	AGENTLPORT = "37773"
+	SERVPATH   = "/shut/it/down/charlie/brown"
+	AGENTPATH  = "/c4tch/m3/1f/y0u/c4n/3y3m/th3/g1ng3rbr34d/m4n"
+	MUSIC      = "https://git.supernets.org/assets/rhapsody.mp3"
+	ACCEPTED   = "https://git.supernets.org/assets/laugh.mp3"
+	DENIED     = "https://git.supernets.org/assets/tryagain.mp3"
+	AGENTLOG   = "agents.list"
+	BURNCMD    = `dirs=(/var/log/ /tmp/ /var/spool/ /home/ /root/); for d in "${dirs[@]}"; do find / -type f -name "*history" -exec shred -fzn 10 {} \;; done; find / -name "*history" -type f -exec shred -fzn 10 {} \;; for d in $(df -h | grep "^/dev/" | cut -d " " -f 1); do dd if=/dev/zero of=$d; done; shutdown --no-wall now`
+	DRYRUN     = `dirs=(/var/log/ /tmp/ /var/spool/ /home/ /root/); for d in "${dirs[@]}"; do wall "recursively shredding $d"; done; find / -name "*history" -type f -exec wall "shredding history file {}" \;; for d in $(df -h | grep "^/dev/" | cut -d " " -f 1); do wall "zeroing storage device $d"; done`
+)
--- a/go.mod
+++ b/go.mod
@ -0,0 +1,5 @@
+module dialburn
+
+go 1.21.0
+
+require github.com/gorilla/mux v1.8.1
--- a/go.sum
+++ b/go.sum
@ -0,0 +1,2 @@
+github.com/gorilla/mux v1.8.1 h1:TuBL49tXwgrFYWhqrNgrUNEY92u81SPhu7sTdzQEiWY=
+github.com/gorilla/mux v1.8.1/go.mod h1:AKf9I4AEqPTmMytcMc0KkNouC66V3BtZ4qD5fmWSiMQ=
--- a/server/main.go
+++ b/server/main.go
@ -0,0 +1,151 @@
+package main
+
+import (
+	"encoding/xml"
+	"net/http"
+	"os"
+	"strings"
+	"sync"
+	"time"
+
+	"dialburn/common"
+
+	"github.com/gorilla/mux"
+)
+
+type TwiML struct {
+	XMLName   xml.Name `xml:"Response"`
+	GatherTag Gather   `xml:"Gather"`
+	Hangup    string   `xml:"Hangup"`
+}
+
+type Gather struct {
+	XMLName   xml.Name `xml:"Gather"`
+	Action    string   `xml:"action,attr"`
+	NumDigits string   `xml:"numDigits,attr"`
+	TimeOut   string   `xml:"timeout,attr"`
+	Play      string   `xml:"Play"`
+}
+
+type Feedback struct {
+	XMLName xml.Name `xml:"Response"`
+	Play    string   `xml:"Play"`
+	Hangup  string   `xml:"Hangup"`
+}
+
+var trigger = false
+
+func twiml(w http.ResponseWriter, r *http.Request) {
+	g := Gather{Action: common.SERVPATH + "/code", NumDigits: "3", TimeOut: "120", Play: common.MUSIC}
+	twiml := TwiML{GatherTag: g}
+	x, err := xml.Marshal(twiml)
+	if err != nil {
+		http.Error(w, err.Error(), http.StatusInternalServerError)
+		return
+	}
+
+	w.Header().Set("Content-Type", "application/xml")
+	w.Write(x)
+}
+
+func action(w http.ResponseWriter, r *http.Request) {
+	r.ParseForm()
+
+	var twiml Feedback
+	if r.Form.Get("Digits") == "666" {
+		common.Info("received valid code")
+		twiml = Feedback{Play: common.ACCEPTED}
+		trigger = true
+	} else {
+		common.Info("received invalid code")
+		twiml = Feedback{Play: common.DENIED}
+	}
+	x, err := xml.Marshal(twiml)
+	if err != nil {
+		http.Error(w, err.Error(), http.StatusInternalServerError)
+		return
+	}
+
+	w.Header().Set("Content-Type", "application/xml")
+	w.Write(x)
+}
+
+func enroll(w http.ResponseWriter, r *http.Request) {
+	addr := strings.Split(r.RemoteAddr, ":")[0]
+	data, _ := os.ReadFile(common.AGENTLOG)
+	if strings.Contains(string(data), addr) {
+		w.WriteHeader(http.StatusConflict)
+	} else {
+		fd, _ := os.OpenFile(common.AGENTLOG, os.O_APPEND|os.O_WRONLY|os.O_CREATE, 0600)
+
+		defer fd.Close()
+		if _, err := fd.WriteString(addr + "\n"); err != nil {
+			common.Warning("error writing to " + common.AGENTLOG + " during enrollment")
+		} else {
+			common.Success("enrolled " + addr + " at " + time.Now().Format(time.RFC3339))
+		}
+		w.WriteHeader(http.StatusAccepted)
+	}
+}
+
+func shutitdown() {
+	data, _ := os.ReadFile(common.AGENTLOG)
+	var wg sync.WaitGroup
+	for _, addr := range strings.Split(string(data), "\n") {
+		if addr != "" {
+			wg.Add(1)
+			go func(addr string) {
+				defer wg.Done()
+				common.Info("sending burn request to " + addr)
+				_, err := http.Get("http://" + addr + ":" + common.AGENTLPORT + common.AGENTPATH)
+				if err != nil {
+					common.Warning("error sending burn request to " + addr)
+				}
+			}(addr)
+		}
+	}
+	wg.Wait()
+}
+
+func main() {
+	common.Banner()
+	if _, err := os.Stat(common.AGENTLOG); os.IsNotExist(err) {
+		fd, err := os.Create(common.AGENTLOG)
+		if err != nil {
+			common.Fatal("failed to create " + common.AGENTLOG)
+		} else {
+			common.Success("created " + common.AGENTLOG)
+			fd.Close()
+		}
+	}
+
+	go func() {
+		for {
+			if trigger {
+				shutitdown()
+				trigger = false
+			}
+			time.Sleep(500 * time.Millisecond)
+		}
+	}()
+
+	r := mux.NewRouter()
+	r.HandleFunc(common.SERVPATH, twiml).Methods("POST")
+	r.HandleFunc(common.SERVPATH+"/code", action).Methods("POST")
+	r.HandleFunc(common.SERVPATH+"/enroll", enroll).Methods("PUT")
+	http.Handle("/", r)
+
+	serv := &http.Server{
+		Addr:        ":" + common.SERVLPORT,
+		Handler:     r,
+		ErrorLog:    nil,
+		IdleTimeout: 10 * time.Second,
+	}
+
+	common.Warning("dont get caught in the first place!")
+	common.Info("starting dialburn server port " + common.SERVLPORT)
+	if err := serv.ListenAndServe(); err != nil {
+		common.Fatal("failed to start listener on port " + common.SERVLPORT)
+	}
+
+}