Merge pull request #1454 from BishopFox/v1.6.0/http-c2

V1.6.0/http c2

client/assets/c2profiles.go

@@ -0,0 +1,86 @@
+package assets
+
+/*
+	Sliver Implant Framework
+	Copyright (C) 2019  Bishop Fox
+
+	This program is free software: you can redistribute it and/or modify
+	it under the terms of the GNU General Public License as published by
+	the Free Software Foundation, either version 3 of the License, or
+	(at your option) any later version.
+
+	This program is distributed in the hope that it will be useful,
+	but WITHOUT ANY WARRANTY; without even the implied warranty of
+	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+	GNU General Public License for more details.
+
+	You should have received a copy of the GNU General Public License
+	along with this program.  If not, see <https://www.gnu.org/licenses/>.
+*/
+
+// HTTPC2Config - Parent config file struct for implant/server
+type HTTPC2Config struct {
+	ImplantConfig HTTPC2ImplantConfig `json:"implant_config"`
+	ServerConfig  HTTPC2ServerConfig  `json:"server_config"`
+}
+
+// HTTPC2ServerConfig - Server configuration options
+type HTTPC2ServerConfig struct {
+	RandomVersionHeaders bool                   `json:"random_version_headers"`
+	Headers              []NameValueProbability `json:"headers"`
+	Cookies              []string               `json:"cookies"`
+}
+
+type NameValueProbability struct {
+	Name        string `json:"name"`
+	Value       string `json:"value"`
+	Probability int    `json:"probability"`
+	Methods     []string
+}
+
+// HTTPC2ImplantConfig - Implant configuration options
+// Procedural C2
+// ===============
+// .txt = rsakey
+// .css = start
+// .php = session
+//
+//	.js = poll
+//
+// .png = stop
+// .woff = sliver shellcode
+type HTTPC2ImplantConfig struct {
+	UserAgent         string `json:"user_agent"`
+	ChromeBaseVersion int    `json:"chrome_base_version"`
+	MacOSVersion      string `json:"macos_version"`
+
+	NonceQueryArgChars string                 `json:"nonce_query_args"`
+	URLParameters      []NameValueProbability `json:"url_parameters"`
+	Headers            []NameValueProbability `json:"headers"`
+
+	MaxFiles int `json:"max_files"`
+	MinFiles int `json:"min_files"`
+	MaxPaths int `json:"max_paths"`
+	MinPaths int `json:"min_paths"`
+
+	// Stager files and paths
+	StagerFileExt string   `json:"stager_file_ext"`
+	StagerFiles   []string `json:"stager_files"`
+	StagerPaths   []string `json:"stager_paths"`
+
+	// Poll files and paths
+	PollFileExt string   `json:"poll_file_ext"`
+	PollFiles   []string `json:"poll_files"`
+	PollPaths   []string `json:"poll_paths"`
+
+	// Session files and paths
+	StartSessionFileExt string   `json:"start_session_file_ext"`
+	SessionFileExt      string   `json:"session_file_ext"`
+	SessionFiles        []string `json:"session_files"`
+	SessionPaths        []string `json:"session_paths"`
+
+	// Close session files and paths
+	CloseFileExt string   `json:"close_file_ext"`
+	CloseFiles   []string `json:"close_files"`
+	ClosePaths   []string `json:"close_paths"`
+}

client/command/armory/armory.go

@@ -36,7 +36,7 @@ import (
 	"github.com/bishopfox/sliver/client/command/extensions"
 	"github.com/bishopfox/sliver/client/command/settings"
 	"github.com/bishopfox/sliver/client/console"
-	"github.com/bishopfox/sliver/server/cryptography/minisign"
+	"github.com/bishopfox/sliver/util/minisign"
 )
 
 // ArmoryIndex - Index JSON containing alias/extension/bundle information

client/command/armory/install.go

@@ -32,7 +32,7 @@ import (
 	"github.com/bishopfox/sliver/client/command/extensions"
 	"github.com/bishopfox/sliver/client/console"
 	"github.com/bishopfox/sliver/client/constants"
-	"github.com/bishopfox/sliver/server/cryptography/minisign"
+	"github.com/bishopfox/sliver/util/minisign"
 )
 
 // ErrPackageNotFound - The package was not found

client/command/armory/parsers.go

@@ -33,7 +33,7 @@ import (
 	"time"
 
 	"github.com/bishopfox/sliver/client/assets"
-	"github.com/bishopfox/sliver/server/cryptography/minisign"
+	"github.com/bishopfox/sliver/util/minisign"
 )
 
 // ArmoryIndexParser - Generic interface to fetch armory indexes