xiao-zhu-zhu / noterce Goto Github PK

View Code? Open in Web Editor NEW

488.0 488.0 58.0 4.54 MB

一种另辟蹊径的免杀执行系统命令的木马

License: MIT License

Go 100.00%

noterce's Introduction

noterce's People

Contributors

Stargazers

Watchers

noterce's Issues

/go/pkg/mod/golang.org/x/[email protected]/html/charset/charset.go:23:2: zip: not a valid zip file
Util/CommonUtil.go:7:2: zip: not a valid zip file
The command '/bin/sh -c cd /var/noterce/ && go build web-client.go' returned a non-zero code: 1
ERROR: Service 'noterce' failed to build : Build failed

idea

各种命名，包乱七八糟的，main包里面居然有cotroller包的文件，还有编译不过的代码，希望能规范一点🤨

大概核心逻辑我看了下
win.ShowWindow(win.GetConsoleWindow(), win.SW_HIDE)隐藏掉窗口后台运行
被控端从第三方服务端拉加密指令，根据指令type来区分执行各种控制

一些idea

被控端更新功能。更新后自启功能（https://github.com/rcrowley/goagain或者https://github.com/fvbock/endless）
不考虑溯源的话，使用mqtt来做通讯，mqtt地址放第三方加密或者域名动态解析用于随时更改

问题太多

结论：My dog poops better than your code!!!

经过排查，已知问题：
1./mode/host.go让你吃了？
2./Util/randUtil.go

ENV:centos8;docker-compose; 尝试dns:114.114.114.114; 223.6.6.6; 8.8.8.8
尝试代理env -w GOPROXY=https://goproxy.cn,https://goproxy.io,direct

权限只读，RUN sudo echo "nameserver 223.5.5.5" > /etc/resolv.conf
docker-compose 不生效
dns:
- 223.6.6.6
- 8.8.8.8

永远卡在：Util/NoteUtil.go:4:2: github.com/antchfx/[email protected]: Get

[root@localhost noterce]# docker-compose up -d
[+] Building 61.8s (10/11)                                                                                                                               
 => [noterce internal] load build definition from dockerfile                                                                                        0.5s
 => => transferring dockerfile: 92B                                                                                                                 0.0s
 => [noterce internal] load .dockerignore                                                                                                           0.3s
 => => transferring context: 2B                                                                                                                     0.1s
 => [noterce internal] load metadata for docker.io/library/golang:latest                                                                            1.7s
 => [noterce internal] load build context                                                                                                           0.5s
 => => transferring context: 5.81kB                                                                                                                 0.2s
 => [noterce 1/7] FROM docker.io/library/golang@sha256:cfc9d1b07b1ef4f7a4571f0b60a99646a92ef76adb7d9943f4cb7b606c6554e2                             0.0s
 => CACHED [noterce 2/7] COPY noterce-server /var/noterce/                                                                                          0.0s
 => CACHED [noterce 3/7] RUN go env -w GO111MODULE=on                                                                                               0.0s
 => CACHED [noterce 4/7] RUN go env -w GOPROXY=https://goproxy.cn,https://goproxy.io,direct                                                         0.0s
 => CACHED [noterce 5/7] RUN go env -w GOSUMDB="sum.golang.google.cn"                                                                               0.0s
 => ERROR [noterce 6/7] RUN cd /var/noterce/ && go build web-client.go                                                                             58.5s
------                                                                                                                                                   
 > [noterce 6/7] RUN cd /var/noterce/ && go build web-client.go:                                                                                         
11.39 go: downloading github.com/gin-gonic/gin v1.9.0                                                                                                    
12.28 go: downloading golang.org/x/text v0.9.0                                                                                                           
13.58 go: downloading github.com/antchfx/htmlquery v1.3.0                                                                                                
13.58 go: downloading github.com/parnurzeal/gorequest v0.2.16                                                                                            
13.60 go: downloading github.com/sirupsen/logrus v1.9.0
17.39 go: downloading golang.org/x/net v0.9.0
57.59 Util/NoteUtil.go:4:2: github.com/antchfx/[email protected]: Get "https://goproxy.cn/github.com/antchfx/htmlquery/@v/v1.3.0.zip": dial tcp: lookup goproxy.cn on 114.114.114.114:53: read udp 172.17.0.2:51544->114.114.114.114:53: i/o timeout
57.59 web-client.go:4:2: github.com/gin-gonic/[email protected]: Get "https://goproxy.cn/github.com/gin-gonic/gin/@v/v1.9.0.zip": dial tcp: lookup goproxy.cn on 114.114.114.114:53: read udp 172.17.0.2:46742->114.114.114.114:53: read: no route to host
57.59 Util/NoteUtil.go:5:2: github.com/parnurzeal/[email protected]: Get "https://goproxy.cn/github.com/parnurzeal/gorequest/@v/v0.2.16.zip": dial tcp: lookup goproxy.cn on 114.114.114.114:53: read udp 172.17.0.2:51544->114.114.114.114:53: i/o timeout
57.59 Util/AesCbcUtil.go:10:2: github.com/sirupsen/[email protected]: Get "https://goproxy.cn/github.com/sirupsen/logrus/@v/v1.9.0.zip": dial tcp: lookup goproxy.cn on 114.114.114.114:53: read udp 172.17.0.2:51544->114.114.114.114:53: i/o timeout
57.59 Util/CommonUtil.go:5:2: golang.org/x/[email protected]: Get "https://goproxy.cn/golang.org/x/net/@v/v0.9.0.zip": dial tcp: lookup goproxy.cn on 114.114.114.114:53: read udp 172.17.0.2:41932->114.114.114.114:53: read: no route to host
57.59 Util/CommonUtil.go:6:2: golang.org/x/[email protected]: Get "https://goproxy.cn/golang.org/x/text/@v/v0.9.0.zip": dial tcp: lookup goproxy.cn on 114.114.114.114:53: read udp 172.17.0.2:51544->114.114.114.114:53: i/o timeout
57.59 cotroller/noteCotrooler.go:6:2: golang.org/x/[email protected]: Get "https://goproxy.cn/golang.org/x/text/@v/v0.9.0.zip": dial tcp: lookup goproxy.cn on 114.114.114.114:53: read udp 172.17.0.2:51544->114.114.114.114:53: i/o timeout
57.59 Util/CommonUtil.go:7:2: golang.org/x/[email protected]: Get "https://goproxy.cn/golang.org/x/text/@v/v0.9.0.zip": dial tcp: lookup goproxy.cn on 114.114.114.114:53: read udp 172.17.0.2:51544->114.114.114.114:53: i/o timeout
------
failed to solve: failed to solve with frontend dockerfile.v0: failed to build LLB: executor failed running [/bin/sh -c cd /var/noterce/ && go build web-client.go]: runc did not terminate sucessfully

ENV:macOS; go1.19

FROM golang
go: downloading golang.org/x/crypto v0.5.0
go: downloading github.com/go-playground/locales v0.14.1
# hack8-note_rce/Util
Util/AdminUtil.go:36:48: undefined: mode.Host
Util/AdminUtil.go:41:18: undefined: mode.Host
Util/AdminUtil.go:50:30: undefined: mode.Host
Util/AdminUtil.go:65:22: undefined: mode.Host
Util/AdminUtil.go:105:15: undefined: mode.Host
Util/AdminUtil.go:109:19: undefined: mode.Host
Util/AdminUtil.go:113:18: undefined: mode.Host
note: module requires Go 1.20

3.自行手动编译
ENV:centos8+go1.20.6

[root@localhost ~]# go env
GO111MODULE=""
GOARCH="amd64"
GOBIN=""
GOCACHE="/root/.cache/go-build"
GOENV="/root/.config/go/env"
GOEXE=""
GOEXPERIMENT=""
GOFLAGS=""
GOHOSTARCH="amd64"
GOHOSTOS="linux"
GOINSECURE=""
GOMODCACHE="/root/go/pkg/mod"
GONOPROXY=""
GONOSUMDB=""
GOOS="linux"
GOPATH="/root/go"
GOPRIVATE=""
GOPROXY="https://goproxy.cn,direct"
GOROOT="/usr/local/go"
GOSUMDB="sum.golang.google.cn"
GOTMPDIR=""
GOTOOLDIR="/usr/local/go/pkg/tool/linux_amd64"
GOVCS=""
GOVERSION="go1.20.6"
GCCGO="gccgo"
GOAMD64="v1"
AR="ar"
CC="gcc"
CXX="g++"
CGO_ENABLED="0"
GOMOD="/dev/null"
GOWORK=""
CGO_CFLAGS="-O2 -g"
CGO_CPPFLAGS=""
CGO_CXXFLAGS="-O2 -g"
CGO_FFLAGS="-O2 -g"
CGO_LDFLAGS="-O2 -g"
PKG_CONFIG="pkg-config"
GOGCCFLAGS="-fPIC -m64 -fno-caret-diagnostics -Qunused-arguments -Wl,--no-gc-sections -fmessage-length=0 -fdebug-prefix-map=/tmp/go-build3828654037=/tmp/go-build -gno-record-gcc-switches"

[root@localhost ~]# cd noterce/noterce-server/
[root@localhost noterce-server]# go version
go version go1.20.6 linux/amd64
[root@localhost noterce-server]# RUN cd /var/noterce/ && go build web-client.go
-bash: RUN: command not found
[root@localhost noterce-server]# go build web-client.go
go: downloading github.com/gin-gonic/gin v1.9.0
go: downloading golang.org/x/text v0.9.0
go: downloading github.com/antchfx/htmlquery v1.3.0
go: downloading github.com/parnurzeal/gorequest v0.2.16
go: downloading github.com/sirupsen/logrus v1.9.0
go: downloading golang.org/x/net v0.9.0
go: downloading github.com/gin-contrib/sse v0.1.0
go: downloading github.com/mattn/go-isatty v0.0.17
go: downloading github.com/pkg/errors v0.9.1
go: downloading moul.io/http2curl v1.0.0
go: downloading github.com/antchfx/xpath v1.2.3
go: downloading github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da
go: downloading golang.org/x/sys v0.7.0
go: downloading github.com/go-playground/validator/v10 v10.11.2
go: downloading github.com/pelletier/go-toml/v2 v2.0.6
go: downloading github.com/ugorji/go/codec v1.2.9
go: downloading google.golang.org/protobuf v1.28.1
go: downloading gopkg.in/yaml.v3 v3.0.1
go: downloading github.com/go-playground/universal-translator v0.18.1
go: downloading github.com/leodido/go-urn v1.2.1
go: downloading golang.org/x/crypto v0.5.0
go: downloading github.com/go-playground/locales v0.14.1

他似乎正常了
然后：。。。。


# hack8-note_rce/Util
Util/AdminUtil.go:36:48: undefined: mode.Host
Util/AdminUtil.go:41:18: undefined: mode.Host
Util/AdminUtil.go:50:30: undefined: mode.Host
Util/AdminUtil.go:65:22: undefined: mode.Host
Util/AdminUtil.go:105:15: undefined: mode.Host
Util/AdminUtil.go:109:19: undefined: mode.Host
Util/AdminUtil.go:113:18: undefined: mode.Host

和老6斗智斗勇，补全代码，来到了这一步

# hack8-note_rce/Util
Util/util.go:48:6: RandString redeclared in this block
	Util/randUtil.go:46:6: other declaration of RandString
note: module requires Go 1.20

---未完再更

[root@localhost noterce-server]# go build -o web-client web-client.go 
[root@localhost noterce-server]# ls
config     crypt   go.mod  middlewares  packet     README.md  services  Util        web-client.go
cotroller  geacon  go.sum  mode         packet.go  server.go  sysinfo   web-client  win-server.go
[root@localhost noterce]# ./web-client 
[GIN-debug] [WARNING] Creating an Engine instance with the Logger and Recovery middleware already attached.

[GIN-debug] [WARNING] Running in "debug" mode. Switch to "release" mode in production.
 - using env:   export GIN_MODE=release
 - using code:  gin.SetMode(gin.ReleaseMode)

[GIN-debug] GET    /down                     --> hack8-note_rce/cotroller.Download (5 handlers)
[GIN-debug] GET    /getNote                  --> hack8-note_rce/cotroller.GetNotes (5 handlers)
[GIN-debug] POST   /shell                    --> hack8-note_rce/cotroller.Shell (5 handlers)
[GIN-debug] GET    /RefreshHost              --> hack8-note_rce/cotroller.RefreshHost (5 handlers)
[GIN-debug] GET    /dir                      --> hack8-note_rce/cotroller.ListDirHandler (5 handlers)
[GIN-debug] POST   /upload                   --> hack8-note_rce/cotroller.Upload (5 handlers)
[GIN-debug] GET    /fileDownload             --> hack8-note_rce/cotroller.FileDownload (5 handlers)
[GIN-debug] POST   /cs                       --> hack8-note_rce/cotroller.Cs (5 handlers)
[GIN-debug] [WARNING] You trusted all proxies, this is NOT safe. We recommend you to set a value.
Please check https://pkg.go.dev/github.com/gin-gonic/gin#readme-don-t-trust-all-proxies for details.
[GIN-debug] Listening and serving HTTP on :8080

取得阶段性胜利

fuck

编译报错

在执行30后报错：panic: runtime error: invalid memory address or nil pointer dereference [signal 0xc0000005 code=0x0 addr=0x28 pc=0xe9bafc]

朱哥yyds

执行命令问题

你好，作者。我测试发现，除了能执行whoami，ipconfig。dir，net user等这些基础命令都无法执行。

如果绕过CF盾连接note.ms？

我发现note.ms使用CF盾，直接请求无法正常访问内容，请问你是如何解决的？

ERROR: Service 'noterce' failed to build : Build failed

└─# docker-compose up -d --build
Building noterce
Sending build context to Docker daemon 13.16MB
Step 1/9 : FROM golang
---> e69c1df674bc
Step 2/9 : MAINTAINER [email protected]
---> Using cache
---> 1aa7cc64c2a7
Step 3/9 : COPY noterce-server /var/noterce/
---> Using cache
---> 65adff104076
Step 4/9 : RUN go env -w GO111MODULE=on
---> Using cache
---> 587043a6b39a
Step 5/9 : RUN go env -w GOPROXY=https://mirrors.aliyun.com/goproxy/
---> Using cache
---> 497d994e8992
Step 6/9 : RUN cd /var/noterce/ && go build web-client.go
---> Running in 1d15fabb0f1f
go: downloading github.com/gin-gonic/gin v1.9.0
go: downloading golang.org/x/text v0.9.0
go: downloading github.com/antchfx/htmlquery v1.3.0
go: downloading github.com/parnurzeal/gorequest v0.2.16
go: downloading github.com/sirupsen/logrus v1.9.0
go: downloading golang.org/x/net v0.9.0
go: downloading github.com/antchfx/xpath v1.2.3
go: downloading github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da
go: downloading github.com/pkg/errors v0.9.1
go: downloading moul.io/http2curl v1.0.0
go: downloading github.com/gin-contrib/sse v0.1.0
go: downloading github.com/mattn/go-isatty v0.0.17
go: downloading golang.org/x/sys v0.7.0
go: downloading github.com/go-playground/validator/v10 v10.11.2
go: downloading github.com/pelletier/go-toml/v2 v2.0.6
go: downloading github.com/ugorji/go/codec v1.2.9
go: downloading google.golang.org/protobuf v1.28.1
go: downloading gopkg.in/yaml.v3 v3.0.1
go: downloading github.com/go-playground/universal-translator v0.18.1
go: downloading github.com/leodido/go-urn v1.2.1
go: downloading golang.org/x/crypto v0.5.0
go: downloading github.com/go-playground/locales v0.14.1

hack8-note_rce/Util

Util/AdminUtil.go:36:48: undefined: mode.Host
Util/AdminUtil.go:41:18: undefined: mode.Host
Util/AdminUtil.go:50:30: undefined: mode.Host
Util/AdminUtil.go:65:22: undefined: mode.Host
Util/AdminUtil.go:105:15: undefined: mode.Host
Util/AdminUtil.go:109:19: undefined: mode.Host
Util/AdminUtil.go:113:18: undefined: mode.Host
The command '/bin/sh -c cd /var/noterce/ && go build web-client.go' returned a non-zero code: 1
ERROR: Service 'noterce' failed to build : Build failed

(base) localhost noterce % docker-compose up -d
[+] Building 24.4s (9/10)
=> [internal] load build definition from dockerfile 0.0s
=> => transferring dockerfile: 246B 0.0s
=> [internal] load .dockerignore 0.0s
=> => transferring context: 2B 0.0s
=> [internal] load metadata for docker.io/library/golang:latest 3.9s
=> [internal] load build context 0.0s
=> => transferring context: 10.95kB 0.0s
=> [1/6] FROM docker.io/library/golang@sha256:685a22e459f9516f27d975c5cc6accc11223ee81fdfbbae60e39cc3b87357306 0.0s
=> CACHED [2/6] COPY noterce-server /var/noterce/ 0.0s
=> CACHED [3/6] RUN go env -w GO111MODULE=on 0.0s
=> CACHED [4/6] RUN go env -w GOPROXY=https://mirrors.aliyun.com/goproxy/ 0.0s
=> ERROR [5/6] RUN cd /var/noterce/ && go build web-client.go 20.3s

[5/6] RUN cd /var/noterce/ && go build web-client.go:
#0 0.210 go: downloading github.com/gin-gonic/gin v1.9.0
#0 0.221 go: downloading golang.org/x/text v0.9.0
#0 0.244 go: downloading github.com/antchfx/htmlquery v1.3.0
#0 0.244 go: downloading github.com/parnurzeal/gorequest v0.2.16
#0 0.553 go: downloading github.com/sirupsen/logrus v1.9.0
#0 0.581 go: downloading golang.org/x/net v0.9.0
#0 3.593 go: downloading github.com/pkg/errors v0.9.1
#0 3.593 go: downloading moul.io/http2curl v1.0.0
#0 3.596 go: downloading github.com/antchfx/xpath v1.2.3
#0 3.600 go: downloading github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da
#0 3.669 go: downloading github.com/gin-contrib/sse v0.1.0
#0 3.705 go: downloading github.com/mattn/go-isatty v0.0.17
#0 3.717 go: downloading golang.org/x/sys v0.7.0
#0 3.741 go: downloading github.com/go-playground/validator/v10 v10.11.2
#0 3.775 go: downloading github.com/pelletier/go-toml/v2 v2.0.6
#0 3.783 go: downloading github.com/ugorji/go/codec v1.2.9
#0 4.511 go: downloading google.golang.org/protobuf v1.28.1
#0 4.519 go: downloading gopkg.in/yaml.v3 v3.0.1
#0 4.923 go: downloading github.com/go-playground/universal-translator v0.18.1
#0 4.924 go: downloading github.com/leodido/go-urn v1.2.1
#0 5.031 go: downloading golang.org/x/crypto v0.5.0
#0 5.412 go: downloading github.com/go-playground/locales v0.14.1
#0 18.89 # hack8-note_rce/Util
#0 18.89 Util/AdminUtil.go:36:48: undefined: mode.Host
#0 18.89 Util/AdminUtil.go:41:18: undefined: mode.Host
#0 18.89 Util/AdminUtil.go:50:30: undefined: mode.Host
#0 18.89 Util/AdminUtil.go:65:22: undefined: mode.Host
#0 18.89 Util/AdminUtil.go:105:15: undefined: mode.Host
#0 18.89 Util/AdminUtil.go:109:19: undefined: mode.Host
#0 18.89 Util/AdminUtil.go:113:18: undefined: mode.Host

failed to solve: executor failed running [/bin/sh -c cd /var/noterce/ && go build web-client.go]: exit code: 1

关于invalid parameter adminaddr报错

对该字段的填写并不是很清楚，使用的是note.ms自生成的url吗

Recommend Projects

React

A declarative, efficient, and flexible JavaScript library for building user interfaces.
Vue.js

🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript

TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
TensorFlow

An Open Source Machine Learning Framework for Everyone
Django

The Web framework for perfectionists with deadlines.
Laravel

A PHP framework for web artisans
D3

Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

javascript

JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
web

Some thing interesting about web. New door for the world.
server

A server is a program made to process requests and deliver data to clients.
Machine learning

Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Visualization

Some thing interesting about visualization, use data art
Game

Some thing interesting about game, make everyone happy.

Recommend Org

Facebook

We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft

Open source projects and samples from Microsoft.
Google

Google ❤️ Open Source for everyone.
Alibaba

Alibaba Open Source for everyone
D3

Data-Driven Documents codes.
Tencent

China tencent open source team.