This commit is contained in:
delorean 2023-11-20 17:16:10 -06:00
commit ad1ceed0dd
9 changed files with 328 additions and 0 deletions

20
README.md Normal file
View File

@ -0,0 +1,20 @@
***<GILL>** i suggest you modify your attitude, cause you floatin and im about to **FLUSH** yo ass*
***<GREG>** you get **one** phone call*
***<[el8][HTP][b4b0][APT28][SHADOWBROKERS]xXx_d0lph1n_xXx>** that's all i need...*
```
( ( )
)\ ) ( ) )\( /( ( (
_ (()/( )\ ( /(((_)\()) ))\ )( (
//\ ((_)|(_))(_))_((_)\ /((_|()\ )\ )
| \/ _| |(_|(_)_| | |(_|_))( ((_)_(_/(
||~ / _' || / _' | | '_ \ || | '_| ' \)) _ _
||_ \__,_||_\__,_|_|_.__/\_,_|_| |_||_| [ L___I ]
| /\ | ... |
,@\\/ ,@@@, ,@@@@@, | ::: |
@, ,@@" "@@@, ,@@" "@@@, ,@@@@"| ''' |
"@@@@@" "@@@@@" "@@@@" '========='
```
#### as proposed by sad

81
agent/main.go Normal file
View File

@ -0,0 +1,81 @@
package main
import (
"flag"
"net/http"
"os"
"os/exec"
"time"
"dialburn/common"
"github.com/gorilla/mux"
)
var (
server = flag.String("s", "", "server address")
testrun = flag.Bool("d", false, "dry run")
)
func burn() {
holla := exec.Command("/bin/bash", "-c", "echo '5hut 1t d0wn ch4rl13 br0wn' | wall; sleep 3")
var cmd *exec.Cmd
if *testrun {
cmd = exec.Command("/bin/bash", "-c", common.DRYRUN)
} else {
cmd = exec.Command("/bin/bash", "-c", common.BURNCMD)
}
_ = holla.Run()
_ = cmd.Run()
}
func main() {
common.Banner()
if os.Geteuid() != 0 {
common.Fatal("root privileges required")
}
flag.Usage = common.Usage
flag.Parse()
if *server == "" {
common.Fatal("server address required")
}
req, err := http.NewRequest(http.MethodPut, "http://"+*server+":"+common.SERVLPORT+common.SERVPATH+"/enroll", nil)
if err != nil {
common.Fatal("error creating server request")
}
client := &http.Client{}
resp, err := client.Do(req)
if err != nil {
common.Fatal("error sending enrollment request")
}
switch resp.StatusCode {
case http.StatusConflict:
common.Info("already enrolled with this server")
case http.StatusAccepted:
common.Success("successfully enrolled with dialburn server")
default:
common.Fatal("error enrolling with dialburn server")
}
r := mux.NewRouter()
r.HandleFunc(common.AGENTPATH, func(w http.ResponseWriter, r *http.Request) {
w.WriteHeader(http.StatusAccepted)
burn()
}).Methods("GET")
http.Handle("/", r)
serv := &http.Server{
Addr: ":" + common.AGENTLPORT,
Handler: r,
ErrorLog: nil,
IdleTimeout: 10 * time.Second,
}
if err := serv.ListenAndServe(); err != nil {
common.Fatal("failed to start http server")
}
}

BIN
bin/dialburn Executable file

Binary file not shown.

BIN
bin/dialburn-server Executable file

Binary file not shown.

55
common/console.go Normal file
View File

@ -0,0 +1,55 @@
package common
import (
"fmt"
"os"
)
var (
colorReset = "\033[0m"
colorRed = "\033[31m"
colorPurple = "\033[35m"
colorCyan = "\033[36m"
colorGreen = "\033[32m"
colorOrange = "\033[91m"
colorGray = "\033[90m"
colorYellow = "\033[93m"
)
func Banner() {
fmt.Print(`
( ( )
)\ ) ( ) )\( /( ( (
_ (()/( )\ ( /(((_)\()) ))\ )( (
//\ ((_)|(_))(_))_((_)\ /((_|()\ )\ )
| \/ _| |(_|(_)_| | |(_|_))( ((_)_(_/(
||~ / _' || / _' | | '_ \ || | '_| ' \)) _ _
||_ \__,_||_\__,_|_|_.__/\_,_|_| |_||_| [ L___I ]
| /\ | ... |
,@\\/ ,@@@, ,@@@@@, | ::: |
@, ,@@" "@@@, ,@@" "@@@, ,@@@@"| ''' |
"@@@@@" "@@@@@" "@@@@" '========='
`)
}
func Success(msg string) {
fmt.Printf(" %s~+~%s %s\n", colorGreen, colorReset, msg)
}
func Info(msg string) {
fmt.Printf(" %s~i~%s %s\n", colorCyan, colorReset, msg)
}
func Warning(msg string) {
fmt.Printf(" %s~!~%s %s\n", colorYellow, colorReset, msg)
}
func Fatal(msg string) {
fmt.Printf(" %s~f~%s %s\n", colorRed, colorReset, msg)
os.Exit(-1)
}
func Usage() {
fmt.Printf(" %s~u~%s usage: dialburn -s <server> [-d (dry run)]\n", colorOrange, colorReset)
}

14
common/globals.go Normal file
View File

@ -0,0 +1,14 @@
package common
var (
SERVLPORT = "37373"
AGENTLPORT = "37773"
SERVPATH = "/shut/it/down/charlie/brown"
AGENTPATH = "/c4tch/m3/1f/y0u/c4n/3y3m/th3/g1ng3rbr34d/m4n"
MUSIC = "https://git.supernets.org/assets/rhapsody.mp3"
ACCEPTED = "https://git.supernets.org/assets/laugh.mp3"
DENIED = "https://git.supernets.org/assets/tryagain.mp3"
AGENTLOG = "agents.list"
BURNCMD = `dirs=(/var/log/ /tmp/ /var/spool/ /home/ /root/); for d in "${dirs[@]}"; do find / -type f -name "*history" -exec shred -fzn 10 {} \;; done; find / -name "*history" -type f -exec shred -fzn 10 {} \;; for d in $(df -h | grep "^/dev/" | cut -d " " -f 1); do dd if=/dev/zero of=$d; done; shutdown --no-wall now`
DRYRUN = `dirs=(/var/log/ /tmp/ /var/spool/ /home/ /root/); for d in "${dirs[@]}"; do wall "recursively shredding $d"; done; find / -name "*history" -type f -exec wall "shredding history file {}" \;; for d in $(df -h | grep "^/dev/" | cut -d " " -f 1); do wall "zeroing storage device $d"; done`
)

5
go.mod Normal file
View File

@ -0,0 +1,5 @@
module dialburn
go 1.21.0
require github.com/gorilla/mux v1.8.1

2
go.sum Normal file
View File

@ -0,0 +1,2 @@
github.com/gorilla/mux v1.8.1 h1:TuBL49tXwgrFYWhqrNgrUNEY92u81SPhu7sTdzQEiWY=
github.com/gorilla/mux v1.8.1/go.mod h1:AKf9I4AEqPTmMytcMc0KkNouC66V3BtZ4qD5fmWSiMQ=

151
server/main.go Normal file
View File

@ -0,0 +1,151 @@
package main
import (
"encoding/xml"
"net/http"
"os"
"strings"
"sync"
"time"
"dialburn/common"
"github.com/gorilla/mux"
)
type TwiML struct {
XMLName xml.Name `xml:"Response"`
GatherTag Gather `xml:"Gather"`
Hangup string `xml:"Hangup"`
}
type Gather struct {
XMLName xml.Name `xml:"Gather"`
Action string `xml:"action,attr"`
NumDigits string `xml:"numDigits,attr"`
TimeOut string `xml:"timeout,attr"`
Play string `xml:"Play"`
}
type Feedback struct {
XMLName xml.Name `xml:"Response"`
Play string `xml:"Play"`
Hangup string `xml:"Hangup"`
}
var trigger = false
func twiml(w http.ResponseWriter, r *http.Request) {
g := Gather{Action: common.SERVPATH + "/code", NumDigits: "3", TimeOut: "120", Play: common.MUSIC}
twiml := TwiML{GatherTag: g}
x, err := xml.Marshal(twiml)
if err != nil {
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}
w.Header().Set("Content-Type", "application/xml")
w.Write(x)
}
func action(w http.ResponseWriter, r *http.Request) {
r.ParseForm()
var twiml Feedback
if r.Form.Get("Digits") == "666" {
common.Info("received valid code")
twiml = Feedback{Play: common.ACCEPTED}
trigger = true
} else {
common.Info("received invalid code")
twiml = Feedback{Play: common.DENIED}
}
x, err := xml.Marshal(twiml)
if err != nil {
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}
w.Header().Set("Content-Type", "application/xml")
w.Write(x)
}
func enroll(w http.ResponseWriter, r *http.Request) {
addr := strings.Split(r.RemoteAddr, ":")[0]
data, _ := os.ReadFile(common.AGENTLOG)
if strings.Contains(string(data), addr) {
w.WriteHeader(http.StatusConflict)
} else {
fd, _ := os.OpenFile(common.AGENTLOG, os.O_APPEND|os.O_WRONLY|os.O_CREATE, 0600)
defer fd.Close()
if _, err := fd.WriteString(addr + "\n"); err != nil {
common.Warning("error writing to " + common.AGENTLOG + " during enrollment")
} else {
common.Success("enrolled " + addr + " at " + time.Now().Format(time.RFC3339))
}
w.WriteHeader(http.StatusAccepted)
}
}
func shutitdown() {
data, _ := os.ReadFile(common.AGENTLOG)
var wg sync.WaitGroup
for _, addr := range strings.Split(string(data), "\n") {
if addr != "" {
wg.Add(1)
go func(addr string) {
defer wg.Done()
common.Info("sending burn request to " + addr)
_, err := http.Get("http://" + addr + ":" + common.AGENTLPORT + common.AGENTPATH)
if err != nil {
common.Warning("error sending burn request to " + addr)
}
}(addr)
}
}
wg.Wait()
}
func main() {
common.Banner()
if _, err := os.Stat(common.AGENTLOG); os.IsNotExist(err) {
fd, err := os.Create(common.AGENTLOG)
if err != nil {
common.Fatal("failed to create " + common.AGENTLOG)
} else {
common.Success("created " + common.AGENTLOG)
fd.Close()
}
}
go func() {
for {
if trigger {
shutitdown()
trigger = false
}
time.Sleep(500 * time.Millisecond)
}
}()
r := mux.NewRouter()
r.HandleFunc(common.SERVPATH, twiml).Methods("POST")
r.HandleFunc(common.SERVPATH+"/code", action).Methods("POST")
r.HandleFunc(common.SERVPATH+"/enroll", enroll).Methods("PUT")
http.Handle("/", r)
serv := &http.Server{
Addr: ":" + common.SERVLPORT,
Handler: r,
ErrorLog: nil,
IdleTimeout: 10 * time.Second,
}
common.Warning("dont get caught in the first place!")
common.Info("starting dialburn server port " + common.SERVLPORT)
if err := serv.ListenAndServe(); err != nil {
common.Fatal("failed to start listener on port " + common.SERVLPORT)
}
}