diff --git a/client/assets/c2profiles.go b/client/assets/c2profiles.go index 04d3784441..63602cb46a 100644 --- a/client/assets/c2profiles.go +++ b/client/assets/c2profiles.go @@ -32,10 +32,10 @@ type HTTPC2ServerConfig struct { } type NameValueProbability struct { - Name string `json:"name"` - Value string `json:"value"` - Probability int `json:"probability"` - Methods []string `json:"methods"` + Name string `json:"name"` + Value string `json:"value"` + Probability int `json:"probability"` + Method string `json:"method"` } // HTTPC2ImplantConfig - Implant configuration options @@ -56,7 +56,7 @@ type HTTPC2ImplantConfig struct { NonceQueryArgChars string `json:"nonce_query_args"` URLParameters []NameValueProbability `json:"url_parameters"` - Headers []NameValueProbability `json:"client_headers"` + Headers []NameValueProbability `json:"headers"` MaxFiles int `json:"max_files"` MinFiles int `json:"min_files"` diff --git a/client/command/c2profiles/c2profiles.go b/client/command/c2profiles/c2profiles.go index a16007230d..ac9d4b6897 100644 --- a/client/command/c2profiles/c2profiles.go +++ b/client/command/c2profiles/c2profiles.go @@ -292,6 +292,7 @@ func C2ConfigToJSON(profileName string, profile *clientpb.HTTPC2Config) (*assets Name: header.Name, Value: header.Value, Probability: int(header.Probability), + Method: header.Method, }) } implantConfig.Headers = headers @@ -358,6 +359,7 @@ func C2ConfigToJSON(profileName string, profile *clientpb.HTTPC2Config) (*assets Name: header.Name, Value: header.Value, Probability: int(header.Probability), + Method: header.Method, }) } @@ -454,14 +456,12 @@ func C2ConfigToProtobuf(profileName string, config *assets.HTTPC2Config) *client } for _, clientHeader := range config.ImplantConfig.Headers { - for _, method := range clientHeader.Methods { - httpC2Headers = append(httpC2Headers, &clientpb.HTTPC2Header{ - Method: method, - Name: clientHeader.Name, - Value: clientHeader.Value, - Probability: int32(clientHeader.Probability), - }) - } + httpC2Headers = append(httpC2Headers, &clientpb.HTTPC2Header{ + Method: clientHeader.Method, + Name: clientHeader.Name, + Value: clientHeader.Value, + Probability: int32(clientHeader.Probability), + }) } implantConfig := &clientpb.HTTPC2ImplantConfig{ @@ -486,14 +486,12 @@ func C2ConfigToProtobuf(profileName string, config *assets.HTTPC2Config) *client // Server Config serverHeaders := []*clientpb.HTTPC2Header{} for _, serverHeader := range config.ServerConfig.Headers { - for _, method := range serverHeader.Methods { - serverHeaders = append(serverHeaders, &clientpb.HTTPC2Header{ - Method: method, - Name: serverHeader.Name, - Value: serverHeader.Value, - Probability: int32(serverHeader.Probability), - }) - } + serverHeaders = append(serverHeaders, &clientpb.HTTPC2Header{ + Method: serverHeader.Method, + Name: serverHeader.Name, + Value: serverHeader.Value, + Probability: int32(serverHeader.Probability), + }) } serverCookies := []*clientpb.HTTPC2Cookie{} @@ -536,7 +534,7 @@ func PrintC2Profiles(profile *clientpb.HTTPC2Config, con *console.SliverClient) var serverHeaders []string for _, header := range profile.ServerConfig.Headers { - serverHeaders = append(serverHeaders, header.Value) + serverHeaders = append(serverHeaders, header.Name) } tw.AppendRow(table.Row{ "Server Headers", @@ -561,7 +559,7 @@ func PrintC2Profiles(profile *clientpb.HTTPC2Config, con *console.SliverClient) var clientHeaders []string for _, header := range profile.ImplantConfig.Headers { - clientHeaders = append(clientHeaders, header.Value) + clientHeaders = append(clientHeaders, header.Name) } tw.AppendRow(table.Row{ "Client Headers", diff --git a/server/configs/http-c2.go b/server/configs/http-c2.go index 1105830d00..669aef77c7 100644 --- a/server/configs/http-c2.go +++ b/server/configs/http-c2.go @@ -60,6 +60,8 @@ var ( ErrDuplicateStageExt = errors.New("stager extension is already used in another C2 profile") ErrDuplicateStartSessionExt = errors.New("start session extension is already used in another C2 profile") ErrDuplicateC2ProfileName = errors.New("C2 Profile name is already in use") + ErrMissingC2ProfileName = errors.New("C2 Profile name is required") + ErrC2ProfileNotFound = errors.New("C2 Profile does not exist") ErrUserAgentIllegalCharacters = errors.New("user agent cannot contain the ` character") fileNameExp = regexp.MustCompile(`[^a-zA-Z0-9\\._-]+`) diff --git a/server/db/helpers.go b/server/db/helpers.go index db256e2252..7a40edd5ae 100644 --- a/server/db/helpers.go +++ b/server/db/helpers.go @@ -471,7 +471,7 @@ func HTTPC2ConfigUpdate(newConf *clientpb.HTTPC2Config, oldConf *clientpb.HTTPC2 } err = Session().Where(&models.HttpC2Header{ - HttpC2ServerConfigID: &clientID, + HttpC2ImplantConfigID: &clientID, }).Delete(&models.HttpC2Header{}) if err.Error != nil { return err.Error diff --git a/server/rpc/rpc-c2profile.go b/server/rpc/rpc-c2profile.go index c4f6cb839f..b2be3e5b51 100644 --- a/server/rpc/rpc-c2profile.go +++ b/server/rpc/rpc-c2profile.go @@ -59,16 +59,15 @@ func (rpc *Server) SaveHTTPC2Profile(ctx context.Context, req *clientpb.HTTPC2Co return nil, err } - profileName := "" - if req.Overwrite { - profileName = req.C2Config.Name + if req.Overwrite && req.C2Config.Name == "" { + return nil, configs.ErrMissingC2ProfileName } - err = db.SearchStageExtensions(req.C2Config.ImplantConfig.StagerFileExtension, profileName) + err = db.SearchStageExtensions(req.C2Config.ImplantConfig.StagerFileExtension, req.C2Config.Name) if err != nil { return nil, err } - err = db.SearchStartSessionExtensions(req.C2Config.ImplantConfig.StartSessionFileExtension, profileName) + err = db.SearchStartSessionExtensions(req.C2Config.ImplantConfig.StartSessionFileExtension, req.C2Config.Name) if err != nil { return nil, err } @@ -81,6 +80,10 @@ func (rpc *Server) SaveHTTPC2Profile(ctx context.Context, req *clientpb.HTTPC2Co return nil, configs.ErrDuplicateC2ProfileName } + if httpC2Config.Name == "" { + return nil, configs.ErrC2ProfileNotFound + } + if req.Overwrite { err = db.HTTPC2ConfigUpdate(req.C2Config, httpC2Config) if err != nil {